38 lines
1.2 KiB
Diff
38 lines
1.2 KiB
Diff
From 9a252992aa81b4873b22f174de9d345f4289051c Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
|
|
Date: Mon, 21 May 2018 23:05:07 +0100
|
|
Subject: [PATCH 18/19] cpu: define the 'ssbd' CPUID feature bit
|
|
(CVE-2018-3639)
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
New microcode introduces the "Speculative Store Bypass Disable"
|
|
CPUID feature bit. This needs to be exposed to guest OS to allow
|
|
them to protect against CVE-2018-3639.
|
|
|
|
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
|
|
(cherry picked from commit 1dbca2eccad58d91a5fd33962854f1a653638182)
|
|
---
|
|
src/cpu/cpu_map.xml | 3 +++
|
|
1 file changed, 3 insertions(+)
|
|
|
|
diff --git a/src/cpu/cpu_map.xml b/src/cpu/cpu_map.xml
|
|
index c31e7ce36a..87301dc0ef 100644
|
|
--- a/src/cpu/cpu_map.xml
|
|
+++ b/src/cpu/cpu_map.xml
|
|
@@ -286,6 +286,9 @@
|
|
<feature name='spec-ctrl'>
|
|
<cpuid eax_in='0x07' ecx_in='0x00' edx='0x04000000'/>
|
|
</feature>
|
|
+ <feature name='ssbd'>
|
|
+ <cpuid eax_in='0x07' ecx_in='0x00' edx='0x80000000'/>
|
|
+ </feature>
|
|
|
|
<!-- Processor Extended State Enumeration sub leaf 1 -->
|
|
<feature name='xsaveopt'>
|
|
--
|
|
2.17.0
|
|
|