[Qemu-devel] [PATCH 0/7] CPU model updates for CVE-2017-5715 (Spectre variant #2)
This series adds support for the new IA32_SPEC_CTRL MSR on Intel
CPU models. The new MSR and the spec-ctrl CPUID bit
(CPUID[EAX=7,ECX=0].EDX[bit 26]) were introduced by a recent
Intel microcode updated and can be used by OSes to mitigate
CVE-2017-5715.
It also adds a new EPYC-IBPB CPU model that includes
CPUID[0x8008].EBX[bit 12] (IBPB). That patch is a RFC
because I couldn't find any detailed info on the new CPUID bit
and the IA32_PRED_CMD MSR.
Additionally, the last patch on this series changes the new
Westmere-IBRS, SandyBridge-IBRS and IvyBridge-IBRS to include the
PCID feature, because PCID helps to reduce the performance impact
of KPTI on the guest. The patch is also a RFC because we need to
confirm if all Westmere (and newer) CPUs out there have PCID
available.
References:
* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715
* Google Security Blog on Meltdown/Spectre mitigations:
https://security.googleblog.com/2018/01/more-details-about-mitigations-for-cpu_4.html
* Kernel patches to make use of the new MSRs:
https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1578798.html
* KVM kernel patches for the new CPUID bits and MSRs:
https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1580363.html
* Patches adding PCID to the existing CPU models:
https://patchew.org/QEMU/20180108205052.24385-1-vinc...@bernat.im
https://patchew.org/QEMU/20180109070112.30806-1-vinc...@bernat.im
Eduardo Habkost (6):
i386: Change X86CPUDefinition::model_id to const char*
i386: Add spec-ctrl CPUID bit
i386: Add FEAT_8000_0008_EBX CPUID feature word
i386: Add new -IBRS versions of Intel CPU models
[RFC] i386: Add EPYC-IBPB CPU model
[RFC] i386: Add PCID to {Westmere,SandyBridge,IvyBridge}-IBRS
Paolo Bonzini (1):
i386: Add support for SPEC_CTRL MSR
target/i386/cpu.h | 7 +
target/i386/cpu.c | 454 +-
target/i386/kvm.c | 14 ++
target/i386/machine.c | 20 +++
4 files changed, 491 insertions(+), 4 deletions(-)
--
2.14.3
Re: [Qemu-devel] [PATCH 0/7] CPU model updates for CVE-2017-5715 (Spectre variant #2)
Hi,
This series failed automatic build test. Please find the testing commands and
their output below. If you have docker installed, you can probably reproduce it
locally.
Type: series
Message-id: 20180109154519.25634-1-ehabk...@redhat.com
Subject: [Qemu-devel] [PATCH 0/7] CPU model updates for CVE-2017-5715 (Spectre
variant #2)
=== TEST SCRIPT BEGIN ===
#!/bin/bash
set -e
git submodule update --init dtc
# Let docker tests dump environment info
export SHOW_ENV=1
export J=8
time make docker-test-quick@centos6
time make docker-test-build@min-glib
time make docker-test-mingw@fedora
# iotests is broken now, skip
# time make docker-test-block@fedora
=== TEST SCRIPT END ===
Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
From https://github.com/patchew-project/qemu
* [new tag] patchew/20180109154519.25634-1-ehabk...@redhat.com
-> patchew/20180109154519.25634-1-ehabk...@redhat.com
Switched to a new branch 'test'
8abab8209b i386: Add PCID to {Westmere, SandyBridge, IvyBridge}-IBRS
3c1571848a i386: Add EPYC-IBPB CPU model
193b8fb502 i386: Add new -IBRS versions of Intel CPU models
90ca85d76c i386: Add FEAT_8000_0008_EBX CPUID feature word
5ae7849afb i386: Add spec-ctrl CPUID bit
cf28b26d08 i386: Add support for SPEC_CTRL MSR
a2c77c75f7 i386: Change X86CPUDefinition::model_id to const char*
=== OUTPUT BEGIN ===
Submodule 'dtc' (git://git.qemu-project.org/dtc.git) registered for path 'dtc'
Cloning into '/var/tmp/patchew-tester-tmp-rw0u2ys3/src/dtc'...
Submodule path 'dtc': checked out '558cd81bdd432769b59bff01240c44f82cfb1a9d'
BUILD centos6
make[1]: Entering directory '/var/tmp/patchew-tester-tmp-rw0u2ys3/src'
GEN
/var/tmp/patchew-tester-tmp-rw0u2ys3/src/docker-src.2018-01-09-10.55.01.11221/qemu.tar
Cloning into
'/var/tmp/patchew-tester-tmp-rw0u2ys3/src/docker-src.2018-01-09-10.55.01.11221/qemu.tar.vroot'...
done.
Checking out files: 40% (2303/5710)
Checking out files: 41% (2342/5710)
Checking out files: 42% (2399/5710)
Checking out files: 43% (2456/5710)
Checking out files: 44% (2513/5710)
Checking out files: 45% (2570/5710)
Checking out files: 46% (2627/5710)
Checking out files: 47% (2684/5710)
Checking out files: 48% (2741/5710)
Checking out files: 49% (2798/5710)
Checking out files: 50% (2855/5710)
Checking out files: 51% (2913/5710)
Checking out files: 52% (2970/5710)
Checking out files: 53% (3027/5710)
Checking out files: 54% (3084/5710)
Checking out files: 55% (3141/5710)
Checking out files: 56% (3198/5710)
Checking out files: 57% (3255/5710)
Checking out files: 58% (3312/5710)
Checking out files: 59% (3369/5710)
Checking out files: 60% (3426/5710)
Checking out files: 61% (3484/5710)
Checking out files: 62% (3541/5710)
Checking out files: 63% (3598/5710)
Checking out files: 64% (3655/5710)
Checking out files: 65% (3712/5710)
Checking out files: 66% (3769/5710)
Checking out files: 67% (3826/5710)
Checking out files: 68% (3883/5710)
Checking out files: 69% (3940/5710)
Checking out files: 70% (3997/5710)
Checking out files: 71% (4055/5710)
Checking out files: 72% (4112/5710)
Checking out files: 73% (4169/5710)
Checking out files: 74% (4226/5710)
Checking out files: 75% (4283/5710)
Checking out files: 76% (4340/5710)
Checking out files: 77% (4397/5710)
Checking out files: 78% (4454/5710)
Checking out files: 79% (4511/5710)
Checking out files: 80% (4568/5710)
Checking out files: 81% (4626/5710)
Checking out files: 82% (4683/5710)
Checking out files: 83% (4740/5710)
Checking out files: 84% (4797/5710)
Checking out files: 85% (4854/5710)
Checking out files: 86% (4911/5710)
Checking out files: 87% (4968/5710)
Checking out files: 88% (5025/5710)
Checking out files: 89% (5082/5710)
Checking out files: 90% (5139/5710)
Checking out files: 91% (5197/5710)
Checking out files: 92% (5254/5710)
Checking out files: 93% (5311/5710)
Checking out files: 94% (5368/5710)
Checking out files: 95% (5425/5710)
Checking out files: 96% (5482/5710)
Checking out files: 97% (5539/5710)
Checking out files: 98% (5596/5710)
Checking out files: 99% (5653/5710)
Checking out files: 100% (5710/5710)
Checking out files: 100% (5710/5710), done.
Your branch is up-to-date with 'origin/test'.
Submodule 'dtc' (git://git.qemu-project.org/dtc.git) registered for path 'dtc'
Cloning into
'/var/tmp/patchew-tester-tmp-rw0u2ys3/src/docker-src.2018-01-09-10.55.01.11221/qemu.tar.vroot/dtc'...
Submodule path 'dtc': checked out '558cd81bdd432769b59bff01240c44f82cfb1a9d'
Submodule 'ui/keycodemapdb' (git://git.qemu.org/keycodemapdb.git) registered
for path 'ui/keycodemapdb'
Cloning into
'/var/tmp/patchew-tester-tmp-rw0u2
Re: [Qemu-devel] [PATCH 0/7] CPU model updates for CVE-2017-5715 (Spectre variant #2)
I'm queueing patches 1-5 on x86-next.
On Tue, Jan 09, 2018 at 01:45:12PM -0200, Eduardo Habkost wrote:
> This series adds support for the new IA32_SPEC_CTRL MSR on Intel
> CPU models. The new MSR and the spec-ctrl CPUID bit
> (CPUID[EAX=7,ECX=0].EDX[bit 26]) were introduced by a recent
> Intel microcode updated and can be used by OSes to mitigate
> CVE-2017-5715.
>
> It also adds a new EPYC-IBPB CPU model that includes
> CPUID[0x8008].EBX[bit 12] (IBPB). That patch is a RFC
> because I couldn't find any detailed info on the new CPUID bit
> and the IA32_PRED_CMD MSR.
>
> Additionally, the last patch on this series changes the new
> Westmere-IBRS, SandyBridge-IBRS and IvyBridge-IBRS to include the
> PCID feature, because PCID helps to reduce the performance impact
> of KPTI on the guest. The patch is also a RFC because we need to
> confirm if all Westmere (and newer) CPUs out there have PCID
> available.
>
> References:
> * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715
> * Google Security Blog on Meltdown/Spectre mitigations:
>
> https://security.googleblog.com/2018/01/more-details-about-mitigations-for-cpu_4.html
> * Kernel patches to make use of the new MSRs:
> https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1578798.html
> * KVM kernel patches for the new CPUID bits and MSRs:
> https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1580363.html
> * Patches adding PCID to the existing CPU models:
> https://patchew.org/QEMU/20180108205052.24385-1-vinc...@bernat.im
> https://patchew.org/QEMU/20180109070112.30806-1-vinc...@bernat.im
>
> Eduardo Habkost (6):
> i386: Change X86CPUDefinition::model_id to const char*
> i386: Add spec-ctrl CPUID bit
> i386: Add FEAT_8000_0008_EBX CPUID feature word
> i386: Add new -IBRS versions of Intel CPU models
> [RFC] i386: Add EPYC-IBPB CPU model
> [RFC] i386: Add PCID to {Westmere,SandyBridge,IvyBridge}-IBRS
>
> Paolo Bonzini (1):
> i386: Add support for SPEC_CTRL MSR
>
> target/i386/cpu.h | 7 +
> target/i386/cpu.c | 454
> +-
> target/i386/kvm.c | 14 ++
> target/i386/machine.c | 20 +++
> 4 files changed, 491 insertions(+), 4 deletions(-)
>
> --
> 2.14.3
>
>
--
Eduardo
Re: [Qemu-devel] [PATCH 0/7] CPU model updates for CVE-2017-5715 (Spectre variant #2)
On Tue, Jan 09, 2018 at 01:45:12PM -0200, Eduardo Habkost wrote: > This series adds support for the new IA32_SPEC_CTRL MSR on Intel > CPU models. The new MSR and the spec-ctrl CPUID bit > (CPUID[EAX=7,ECX=0].EDX[bit 26]) were introduced by a recent > Intel microcode updated and can be used by OSes to mitigate > CVE-2017-5715. > > It also adds a new EPYC-IBPB CPU model that includes > CPUID[0x8008].EBX[bit 12] (IBPB). That patch is a RFC > because I couldn't find any detailed info on the new CPUID bit > and the IA32_PRED_CMD MSR. > > Additionally, the last patch on this series changes the new > Westmere-IBRS, SandyBridge-IBRS and IvyBridge-IBRS to include the > PCID feature, because PCID helps to reduce the performance impact > of KPTI on the guest. The patch is also a RFC because we need to > confirm if all Westmere (and newer) CPUs out there have PCID > available. > > References: > * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715 > * Google Security Blog on Meltdown/Spectre mitigations: > > https://security.googleblog.com/2018/01/more-details-about-mitigations-for-cpu_4.html > * Kernel patches to make use of the new MSRs: > https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1578798.html > * KVM kernel patches for the new CPUID bits and MSRs: > https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1580363.html > * Patches adding PCID to the existing CPU models: > https://patchew.org/QEMU/20180108205052.24385-1-vinc...@bernat.im > https://patchew.org/QEMU/20180109070112.30806-1-vinc...@bernat.im Intel docs for the new CPUID flags and MSRs were finally published: https://software.intel.com/sites/default/files/managed/c5/63/336996-Speculative-Execution-Side-Channel-Mitigations.pdf -- Eduardo
