|
Daniel P. Berrangé |
b91dae |
From 7920d78dc80e7206e07f2a35f942e9f33174d251 Mon Sep 17 00:00:00 2001
|
|
Daniel P. Berrangé |
b91dae |
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
|
|
Daniel P. Berrangé |
b91dae |
Date: Mon, 21 May 2018 22:54:22 +0100
|
|
Daniel P. Berrangé |
b91dae |
Subject: [PATCH 1/3] i386: define the 'ssbd' CPUID feature bit (CVE-2018-3639)
|
|
Daniel P. Berrangé |
b91dae |
MIME-Version: 1.0
|
|
Daniel P. Berrangé |
b91dae |
Content-Type: text/plain; charset=UTF-8
|
|
Daniel P. Berrangé |
b91dae |
Content-Transfer-Encoding: 8bit
|
|
Daniel P. Berrangé |
b91dae |
|
|
Daniel P. Berrangé |
b91dae |
New microcode introduces the "Speculative Store Bypass Disable"
|
|
Daniel P. Berrangé |
b91dae |
CPUID feature bit. This needs to be exposed to guest OS to allow
|
|
Daniel P. Berrangé |
b91dae |
them to protect against CVE-2018-3639.
|
|
Daniel P. Berrangé |
b91dae |
|
|
Daniel P. Berrangé |
b91dae |
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
Daniel P. Berrangé |
b91dae |
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
|
|
Daniel P. Berrangé |
b91dae |
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
|
|
Daniel P. Berrangé |
b91dae |
Message-Id: <20180521215424.13520-2-berrange@redhat.com>
|
|
Daniel P. Berrangé |
b91dae |
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
Daniel P. Berrangé |
b91dae |
(cherry picked from commit d19d1f965904a533998739698020ff4ee8a103da)
|
|
Daniel P. Berrangé |
b91dae |
---
|
|
Daniel P. Berrangé |
b91dae |
target/i386/cpu.c | 2 +-
|
|
Daniel P. Berrangé |
b91dae |
target/i386/cpu.h | 1 +
|
|
Daniel P. Berrangé |
b91dae |
2 files changed, 2 insertions(+), 1 deletion(-)
|
|
Daniel P. Berrangé |
b91dae |
|
|
Daniel P. Berrangé |
b91dae |
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
|
|
Daniel P. Berrangé |
b91dae |
index a20fe26573..2f5263e22f 100644
|
|
Daniel P. Berrangé |
b91dae |
--- a/target/i386/cpu.c
|
|
Daniel P. Berrangé |
b91dae |
+++ b/target/i386/cpu.c
|
|
Daniel P. Berrangé |
b91dae |
@@ -510,7 +510,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
|
|
Daniel P. Berrangé |
b91dae |
NULL, NULL, NULL, NULL,
|
|
Daniel P. Berrangé |
b91dae |
NULL, NULL, NULL, NULL,
|
|
Daniel P. Berrangé |
b91dae |
NULL, NULL, "spec-ctrl", NULL,
|
|
Daniel P. Berrangé |
b91dae |
- NULL, NULL, NULL, NULL,
|
|
Daniel P. Berrangé |
b91dae |
+ NULL, NULL, NULL, "ssbd",
|
|
Daniel P. Berrangé |
b91dae |
},
|
|
Daniel P. Berrangé |
b91dae |
.cpuid_eax = 7,
|
|
Daniel P. Berrangé |
b91dae |
.cpuid_needs_ecx = true, .cpuid_ecx = 0,
|
|
Daniel P. Berrangé |
b91dae |
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
|
|
Daniel P. Berrangé |
b91dae |
index 1b219fafc4..970ab96e54 100644
|
|
Daniel P. Berrangé |
b91dae |
--- a/target/i386/cpu.h
|
|
Daniel P. Berrangé |
b91dae |
+++ b/target/i386/cpu.h
|
|
Daniel P. Berrangé |
b91dae |
@@ -684,6 +684,7 @@ typedef uint32_t FeatureWordArray[FEATURE_WORDS];
|
|
Daniel P. Berrangé |
b91dae |
#define CPUID_7_0_EDX_AVX512_4VNNIW (1U << 2) /* AVX512 Neural Network Instructions */
|
|
Daniel P. Berrangé |
b91dae |
#define CPUID_7_0_EDX_AVX512_4FMAPS (1U << 3) /* AVX512 Multiply Accumulation Single Precision */
|
|
Daniel P. Berrangé |
b91dae |
#define CPUID_7_0_EDX_SPEC_CTRL (1U << 26) /* Speculation Control */
|
|
Daniel P. Berrangé |
b91dae |
+#define CPUID_7_0_EDX_SPEC_CTRL_SSBD (1U << 31) /* Speculative Store Bypass Disable */
|
|
Daniel P. Berrangé |
b91dae |
|
|
Daniel P. Berrangé |
b91dae |
#define KVM_HINTS_DEDICATED (1U << 0)
|
|
Daniel P. Berrangé |
b91dae |
|
|
Daniel P. Berrangé |
b91dae |
--
|
|
Daniel P. Berrangé |
b91dae |
2.17.0
|
|
Daniel P. Berrangé |
b91dae |
|