9be61fa466
fixes for: * CVE-2018-12126 * CVE-2018-12127 * CVE-2018-12130 * CVE-2019-11091 adds the md-clear cpuflag. Not included by default in any Intel CPU model. Must be explicitly turned on for all Intel CPU models. Requires the host CPU microcode to support this feature before it can be used for guest CPUs. Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
55 lines
2.1 KiB
Diff
55 lines
2.1 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Robert Hoo <robert.hu@linux.intel.com>
|
|
Date: Thu, 5 Jul 2018 17:09:55 +0800
|
|
Subject: [PATCH 4/9] i386: Add CPUID bit and feature words for
|
|
IA32_ARCH_CAPABILITIES MSR
|
|
|
|
Support of IA32_PRED_CMD MSR already be enumerated by same CPUID bit as
|
|
SPEC_CTRL.
|
|
|
|
At present, mark CPUID_7_0_EDX_ARCH_CAPABILITIES unmigratable, per Paolo's
|
|
comment.
|
|
|
|
Signed-off-by: Robert Hoo <robert.hu@linux.intel.com>
|
|
Message-Id: <1530781798-183214-3-git-send-email-robert.hu@linux.intel.com>
|
|
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
---
|
|
target/i386/cpu.c | 3 ++-
|
|
target/i386/cpu.h | 1 +
|
|
2 files changed, 3 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
|
|
index 3ac627978f..1d74be02ce 100644
|
|
--- a/target/i386/cpu.c
|
|
+++ b/target/i386/cpu.c
|
|
@@ -1006,12 +1006,13 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
|
|
NULL, NULL, NULL, NULL,
|
|
NULL, NULL, NULL, NULL,
|
|
NULL, NULL, "spec-ctrl", NULL,
|
|
- NULL, NULL, NULL, "ssbd",
|
|
+ NULL, "arch-capabilities", NULL, "ssbd",
|
|
},
|
|
.cpuid_eax = 7,
|
|
.cpuid_needs_ecx = true, .cpuid_ecx = 0,
|
|
.cpuid_reg = R_EDX,
|
|
.tcg_features = TCG_7_0_EDX_FEATURES,
|
|
+ .unmigratable_flags = CPUID_7_0_EDX_ARCH_CAPABILITIES,
|
|
},
|
|
[FEAT_8000_0007_EDX] = {
|
|
.feat_names = {
|
|
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
|
|
index 93ede116d1..58ae637edc 100644
|
|
--- a/target/i386/cpu.h
|
|
+++ b/target/i386/cpu.h
|
|
@@ -688,6 +688,7 @@ typedef uint32_t FeatureWordArray[FEATURE_WORDS];
|
|
#define CPUID_7_0_EDX_AVX512_4VNNIW (1U << 2) /* AVX512 Neural Network Instructions */
|
|
#define CPUID_7_0_EDX_AVX512_4FMAPS (1U << 3) /* AVX512 Multiply Accumulation Single Precision */
|
|
#define CPUID_7_0_EDX_SPEC_CTRL (1U << 26) /* Speculation Control */
|
|
+#define CPUID_7_0_EDX_ARCH_CAPABILITIES (1U << 29) /*Arch Capabilities*/
|
|
#define CPUID_7_0_EDX_SPEC_CTRL_SSBD (1U << 31) /* Speculative Store Bypass Disable */
|
|
|
|
#define CPUID_8000_0008_EBX_IBPB (1U << 12) /* Indirect Branch Prediction Barrier */
|
|
--
|
|
2.20.1
|
|
|