From 6e9de3f3fa020b351960f4f528f175aa802eb536 Mon Sep 17 00:00:00 2001
From: Eduardo Habkost <ehabkost@redhat.com>
Date: Wed, 26 Sep 2018 18:50:59 +0200
Subject: [PATCH] target-i386: cpu: Add downstream-only STIBP CPUID flag

RH-Author: Eduardo Habkost <ehabkost@redhat.com>
Message-id: <20180926185059.20691-1-ehabkost@redhat.com>
Patchwork-id: 82301
O-Subject: [RHEL-7.6 qemu-kvm-rhev PATCH] target-i386: cpu: Add downstream-only STIBP CPUID flag
Bugzilla: 1638077
RH-Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
RH-Acked-by: Kashyap Chamarthy <kchamart@redhat.com>
RH-Acked-by: Igor Mammedov <imammedo@redhat.com>

From: Paolo Bonzini <pbonzini@redhat.com>

We accidentally dropped the downstream-only STIBP CPUID flag
during the 2.12.0 rebase.

STIBP is a CPUID flag that was considered for the Spectre
(CVE-2017-5715) mitigations, but in the end it was not necessary:
spec-ctrl/IBRS was deemed enough.  The kernel KVM STIBP CPUID
code was never merged upstream, but it's present on RHEL-7.

This means we may have existing VMs created on RHEL-7.5 hosts
with the STIBP flag enabled, and we need to support
live-migration of those VMs to RHEL-7.6.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
 target/i386/cpu.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 6b5acdf..91f5a97 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -1007,7 +1007,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
             NULL, NULL, NULL, NULL,
             NULL, NULL, NULL, NULL,
             NULL, NULL, NULL, NULL,
-            NULL, NULL, "spec-ctrl", NULL,
+            NULL, NULL, "spec-ctrl", "stibp",
             NULL, NULL, NULL, "ssbd",
         },
         .cpuid_eax = 7,
-- 
1.8.3.1