From: Daniel P. Berrangé <berra...@redhat.com> New microcode introduces the "Speculative Store Bypass Disable" CPUID feature bit. This needs to be exposed to guest OS to allow them to protect against CVE-2018-3639.
Signed-off-by: Daniel P. Berrangé <berra...@redhat.com> Reviewed-by: Konrad Rzeszutek Wilk <konrad.w...@oracle.com> Signed-off-by: Konrad Rzeszutek Wilk <konrad.w...@oracle.com> Message-Id: <20180521215424.13520-2-berra...@redhat.com> Signed-off-by: Eduardo Habkost <ehabk...@redhat.com> (cherry picked from commit d19d1f965904a533998739698020ff4ee8a103da) Signed-off-by: Michael Roth <mdr...@linux.vnet.ibm.com> --- target/i386/cpu.c | 2 +- target/i386/cpu.h | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 70c8ae82d5..bc087e95c3 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -459,7 +459,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, "spec-ctrl", NULL, - NULL, NULL, NULL, NULL, + NULL, NULL, NULL, "ssbd", }, .cpuid_eax = 7, .cpuid_needs_ecx = true, .cpuid_ecx = 0, diff --git a/target/i386/cpu.h b/target/i386/cpu.h index f3d0ebb673..422d99d80c 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -644,6 +644,7 @@ typedef uint32_t FeatureWordArray[FEATURE_WORDS]; #define CPUID_7_0_EDX_AVX512_4VNNIW (1U << 2) /* AVX512 Neural Network Instructions */ #define CPUID_7_0_EDX_AVX512_4FMAPS (1U << 3) /* AVX512 Multiply Accumulation Single Precision */ #define CPUID_7_0_EDX_SPEC_CTRL (1U << 26) /* Speculation Control */ +#define CPUID_7_0_EDX_SPEC_CTRL_SSBD (1U << 31) /* Speculative Store Bypass Disable */ #define CPUID_8000_0008_EBX_IBPB (1U << 12) /* Indirect Branch Prediction Barrier */ -- 2.11.0