From bc88b0d69c0e81626e5c246cae83e499bfa3dccb Mon Sep 17 00:00:00 2001

From: Paolo Bonzini <pbonzini@redhat.com>

Date: Wed, 13 Dec 2017 15:47:37 -0200

Subject: [PATCH 2/3] target-i386: cpu: add new CPUID bits for indirect branch

 predictor restrictions

RH-Author: Eduardo Habkost <ehabkost@redhat.com>

Message-id: <20171213174738.20852-3-ehabkost@redhat.com>

Patchwork-id: n/a

O-Subject: [CONFIDENTIAL][RHEL-7.5 qemu-kvm-rhev PATCH v2 2/3] target-i386: add

 support for SPEC_CTRL MSR

Bugzilla: CVE-2017-5715

RH-Acked-by: Paolo Bonzini <pbonzini@redhat.com>

RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>

Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>

---

 target/i386/cpu.c | 23 ++++++++++++++++++++---

 target/i386/cpu.h |  1 +

 2 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/target/i386/cpu.c b/target/i386/cpu.c

index c2dee60..364e52e 100644

--- a/target/i386/cpu.c

+++ b/target/i386/cpu.c

@@ -456,8 +456,8 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {

             NULL, NULL, NULL, NULL,

             NULL, NULL, NULL, NULL,

             NULL, NULL, NULL, NULL,

-            NULL, NULL, NULL, NULL,

-            NULL, NULL, NULL, NULL,

+            NULL, NULL, "spec-ctrl", "stibp",

+            NULL, "arch-facilities", NULL, NULL,

         },

         .cpuid_eax = 7,

         .cpuid_needs_ecx = true, .cpuid_ecx = 0,

@@ -480,6 +480,22 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {

         .tcg_features = TCG_APM_FEATURES,

         .unmigratable_flags = CPUID_APM_INVTSC,

     },

+    [FEAT_8000_0008_EBX] = {

+        .feat_names = {

+            NULL, NULL, NULL, NULL,

+            NULL, NULL, NULL, NULL,

+            NULL, NULL, NULL, NULL,

+            "ibpb", NULL, NULL, NULL,

+            NULL, NULL, NULL, NULL,

+            NULL, NULL, NULL, NULL,

+            NULL, NULL, NULL, NULL,

+            NULL, NULL, NULL, NULL,

+        },

+        .cpuid_eax = 0x80000008,

+        .cpuid_reg = R_EBX,

+        .tcg_features = 0,

+        .unmigratable_flags = 0,

+    },

     [FEAT_XSAVE] = {

         .feat_names = {

             "xsaveopt", "xsavec", "xgetbv1", "xsaves",

@@ -3122,7 +3138,7 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,

         } else {

             *eax = cpu->phys_bits;

         }

-        *ebx = 0;

+        *ebx = env->features[FEAT_8000_0008_EBX];

         *ecx = 0;

         *edx = 0;

         if (cs->nr_cores * cs->nr_threads > 1) {

@@ -3578,6 +3594,7 @@ static void x86_cpu_expand_features(X86CPU *cpu, Error **errp)

         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0001_EDX);

         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0001_ECX);

         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0007_EDX);

+        x86_cpu_adjust_feat_level(cpu, FEAT_8000_0008_EBX);

         x86_cpu_adjust_feat_level(cpu, FEAT_C000_0001_EDX);

         x86_cpu_adjust_feat_level(cpu, FEAT_SVM);

         x86_cpu_adjust_feat_level(cpu, FEAT_XSAVE);

diff --git a/target/i386/cpu.h b/target/i386/cpu.h

index 4dfb859..f2686d5 100644

--- a/target/i386/cpu.h

+++ b/target/i386/cpu.h

@@ -454,6 +454,7 @@ typedef enum FeatureWord {

     FEAT_8000_0001_EDX, /* CPUID[8000_0001].EDX */

     FEAT_8000_0001_ECX, /* CPUID[8000_0001].ECX */

     FEAT_8000_0007_EDX, /* CPUID[8000_0007].EDX */

+    FEAT_8000_0008_EBX, /* CPUID[8000_0008].EBX */

     FEAT_C000_0001_EDX, /* CPUID[C000_0001].EDX */

     FEAT_KVM,           /* CPUID[4000_0001].EAX (KVM_CPUID_FEATURES) */

     FEAT_HYPERV_EAX,    /* CPUID[4000_0003].EAX */

-- 

1.8.3.1