80a22cff37
- hw/virtio/virtio-pmem: Replace impossible check by assertion - tests: Fix printf format string in acpi-utils.c - softmmu/dirtylimit: Add parameter check for hmp "set_vcpu_dirty_limit" - disas/riscv: Fix the typo of inverted order of pmpaddr13 and pmpaddr14 - qga: Fix memory leak when output stream is unused - ui/vnc-clipboard: fix infinite loop in inflate_buffer (CVE-2023-3255) - target/i386: Add few security fix bits in ARCH_CAPABILITIES into SapphireRapids CPU model - target/i386: Add new bit definitions of MSR_IA32_ARCH_CAPABILITIES - target/i386: Allow MCDT_NO if host supports - target/i386: Add support for MCDT_NO in CPUID enumeration - target/i386: Export MSR_ARCH_CAPABILITIES bits to guests - target/i386: add support for FB_CLEAR feature - target/i386: add support for FLUSH_L1D feature - crypto: remove shadowed 'ret' variable - hw/i2c/pmbus_device: Fix modifying QOM class internals from instance - hw/arm/xlnx-zynqmp: fix unsigned error when checking the RPUs number Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
48 lines
1.8 KiB
Diff
48 lines
1.8 KiB
Diff
From 93551bb8747ffc9ef26fc3ced7be310d9aa805d6 Mon Sep 17 00:00:00 2001
|
|
From: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
|
|
Date: Fri, 23 Jun 2023 13:26:25 -0700
|
|
Subject: [PATCH] target/i386: Export MSR_ARCH_CAPABILITIES bits to guests
|
|
|
|
commit 5bef742cc4f0e21c80a31611af7881ba811e507f upstream.
|
|
|
|
On Intel CPUs there are certain bits in MSR_ARCH_CAPABILITIES that
|
|
indicates if the CPU is not affected by a vulnerability. Without these
|
|
bits guests may try to deploy the mitigation even if the CPU is not
|
|
affected.
|
|
|
|
Export the bits to guests that indicate immunity to hardware
|
|
vulnerabilities.
|
|
|
|
Intel-SIG: commit 5bef742cc4f0 ("target/i386: Export MSR_ARCH_CAPABILITIES bits to guests")
|
|
Backport exporting MSR_ARCH_CAPABILITIES bits to guests
|
|
|
|
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
|
|
Message-ID: <63d85cc76d4cdc51e6c732478b81d8f13be11e5a.1687551881.git.pawan.kumar.gupta@linux.intel.com>
|
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
[ jason: amend commit log ]
|
|
Signed-off-by: Jason Zeng <jason.zeng@intel.com>
|
|
---
|
|
target/i386/cpu.c | 4 ++--
|
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
|
|
index 8adc84b7f9..b878a1bf20 100644
|
|
--- a/target/i386/cpu.c
|
|
+++ b/target/i386/cpu.c
|
|
@@ -981,10 +981,10 @@ FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
|
|
"rdctl-no", "ibrs-all", "rsba", "skip-l1dfl-vmentry",
|
|
"ssb-no", "mds-no", "pschange-mc-no", "tsx-ctrl",
|
|
"taa-no", NULL, NULL, NULL,
|
|
- NULL, NULL, NULL, NULL,
|
|
+ NULL, "sbdr-ssdp-no", "fbsdp-no", "psdp-no",
|
|
NULL, "fb-clear", NULL, NULL,
|
|
NULL, NULL, NULL, NULL,
|
|
- NULL, NULL, NULL, NULL,
|
|
+ "pbrsb-no", NULL, NULL, NULL,
|
|
NULL, NULL, NULL, NULL,
|
|
},
|
|
.msr = {
|
|
--
|
|
2.41.0.windows.1
|
|
|