From: "Daniel P. Berrangé" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Konrad Rzeszutek Wilk" <konrad.wilk@oracle.com>,
"Richard Henderson" <rth@twiddle.net>,
kvm@vger.kernel.org, "Eduardo Habkost" <ehabkost@redhat.com>,
"Marcelo Tosatti" <mtosatti@redhat.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Daniel P. Berrangé" <berrange@redhat.com>
Subject: [Qemu-devel] [PATCH 1/3] i386: define the 'ssbd' CPUID feature bit (CVE-2018-3639)
Date: Mon, 21 May 2018 22:54:22 +0100 [thread overview]
Message-ID: <20180521215424.13520-2-berrange@redhat.com> (raw)
In-Reply-To: <20180521215424.13520-1-berrange@redhat.com>
New microcode introduces the "Speculative Store Bypass Disable"
CPUID feature bit. This needs to be exposed to guest OS to allow
them to protect against CVE-2018-3639.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
---
target/i386/cpu.c | 2 +-
target/i386/cpu.h | 1 +
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index e5e66a75d4..a1185b17d1 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -805,7 +805,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
NULL, NULL, "spec-ctrl", NULL,
- NULL, NULL, NULL, NULL,
+ NULL, NULL, NULL, "ssbd",
},
.cpuid_eax = 7,
.cpuid_needs_ecx = true, .cpuid_ecx = 0,
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index 8bc54d70bf..f0b68905de 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -685,6 +685,7 @@ typedef uint32_t FeatureWordArray[FEATURE_WORDS];
#define CPUID_7_0_EDX_AVX512_4VNNIW (1U << 2) /* AVX512 Neural Network Instructions */
#define CPUID_7_0_EDX_AVX512_4FMAPS (1U << 3) /* AVX512 Multiply Accumulation Single Precision */
#define CPUID_7_0_EDX_SPEC_CTRL (1U << 26) /* Speculation Control */
+#define CPUID_7_0_EDX_SPEC_CTRL_SSBD (1U << 31) /* Speculative Store Bypass Disable */
#define KVM_HINTS_DEDICATED (1U << 0)
--
2.17.0
next prev parent reply other threads:[~2018-05-21 21:54 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-21 21:54 [Qemu-devel] [PATCH 0/3] i386: speculative store buffer bypass mitigation (CVE-2018-3639) Daniel P. Berrangé
2018-05-21 21:54 ` Daniel P. Berrangé [this message]
2018-05-21 21:54 ` [Qemu-devel] [PATCH 2/3] i386: define the AMD 'virt-ssbd' CPUID feature bit (CVE-2018-3639) Daniel P. Berrangé
2018-05-21 21:54 ` [Qemu-devel] [PATCH 3/3] i386: Define the Virt SSBD MSR and handling of it (CVE-2018-3639) Daniel P. Berrangé
2018-05-21 21:59 ` [Qemu-devel] [PATCH 0/3] i386: speculative store buffer bypass mitigation (CVE-2018-3639) Eduardo Habkost
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180521215424.13520-2-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=ehabkost@redhat.com \
--cc=konrad.wilk@oracle.com \
--cc=kvm@vger.kernel.org \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=rth@twiddle.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).