File 0281-i386-Compensate-for-KVM-SPEC_CTRL-f.patch of Package qemu.6838

From b1b68a5f625a45323074dcc1fb089b82f146fef0 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Thu, 22 Feb 2018 04:48:07 -0700
Subject: [PATCH] i386: Compensate for KVM SPEC_CTRL feature availability issue

As we move away from the quick and dirty qemu solution for
Spectre v2, we want to not have a lapse in protection in case
KVM has not yet been updated to include code which exposes the
SPEC_CTRL feature.  This patch compensates for that case by
checking for the feature in QEMU code (like the quick and dirty
solution did), instead of simply relying on KVM for that
information. This patch is intended to be removed when we can
reasonably expect that everyone is running the kernel with the
appropriate KVM support.
[BR: BSC#1082276]

Signed-off-by: Bruce Rogers <brogers@suse.com>
---
 target-i386/cpu.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/target-i386/cpu.c b/target-i386/cpu.c
index b840868c3e..23ecabc1a0 100644
--- a/target-i386/cpu.c
+++ b/target-i386/cpu.c
@@ -2386,6 +2386,14 @@ static uint32_t x86_cpu_get_supported_feature_word(FeatureWord w,
         r = kvm_arch_get_supported_cpuid(kvm_state, wi->cpuid_eax,
                                                     wi->cpuid_ecx,
                                                     wi->cpuid_reg);
+       // As additional protection, compensate for a KVM which doesn't
+       // correctly report support for IBRS (bsc#1082276)
+       // (This is intended to be a temporary measure)
+       if (w == FEAT_7_0_EDX) {
+            uint32_t edx;
+            host_cpuid(7, 0, NULL, NULL, NULL, &edx);
+           r |= edx & CPUID_7_0_EDX_SPEC_CTRL;
+       }
     } else if (tcg_enabled()) {
         r = wi->tcg_features;
     } else {