Overview

File libvirt-cpu-add-CPU-features-and-model-for-indirect-branch-prediction-protection.patch of Package libvirt.11411

From 7cdce91e3e1fc211754fe251d8d76fcfb02e7fe0 Mon Sep 17 00:00:00 2001
Message-Id: <7cdce91e3e1fc211754fe251d8d76fcfb02e7fe0@dist-git>
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Tue, 12 Dec 2017 16:23:42 +0100
Subject: [PATCH] cpu: add CPU features and model for indirect branch
 prediction protection

CVE-2017-5715

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>

Conflicts:
	src/cpu/cpu_map.xml
            - several CPU features and Skylake-Server and EPYC CPU
              models are missing

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
 src/cpu/cpu_map.xml | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 51 insertions(+)

Index: libvirt-1.2.5/src/cpu/cpu_map.xml
===================================================================
--- libvirt-1.2.5.orig/src/cpu/cpu_map.xml
+++ libvirt-1.2.5/src/cpu/cpu_map.xml
@@ -327,6 +327,15 @@
       <cpuid function='0x00000007' ebx='0x00100000'/>
     </feature>
 
+    <feature name='spec-ctrl'>
+      <cpuid function='0x07' edx='0x04000000'/>
+    </feature>
+
+    <!-- More AMD-specific features -->
+    <feature name='ibpb'>
+      <cpuid function='0x80000008' ebx='0x00001000'/>
+    </feature>
+
     <!-- models -->
     <model name='486'>
       <feature name='fpu'/>
@@ -483,12 +492,22 @@
       <feature name='popcnt'/>
     </model>
 
+    <model name='Nehalem-IBRS'>
+      <model name='Nehalem'/>
+      <feature name='spec-ctrl'/>
+    </model>
+
     <model name='Westmere'>
       <model name='Nehalem'/>
       <signature family='6' model='44'/>
       <feature name='aes'/>
     </model>
 
+    <model name='Westmere-IBRS'>
+      <model name='Westmere'/>
+      <feature name='spec-ctrl'/>
+    </model>
+
     <model name='SandyBridge'>
       <model name='Westmere'/>
       <signature family='6' model='42'/>
@@ -500,6 +519,11 @@
       <feature name='rdtscp'/>
     </model>
 
+    <model name='SandyBridge-IBRS'>
+      <model name='SandyBridge'/>
+      <feature name='spec-ctrl'/>
+    </model>
+
     <model name='Haswell'>
       <model name='SandyBridge'/>
       <signature family='6' model='60'/>
@@ -517,6 +541,11 @@
       <feature name='rtm'/>
     </model>
 
+    <model name='Haswell-IBRS'>
+      <model name='Haswell'/>
+      <feature name='spec-ctrl'/>
+    </model>
+
     <!-- AMD CPUs -->
     <model name='athlon'>
       <model name='pentiumpro'/>
openSUSE Build Service is sponsored by
Places