Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP5:GA
libvirt.18121
libvirt-cpu-add-CPU-features-and-model-for-indi...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libvirt-cpu-add-CPU-features-and-model-for-indirect-branch-prediction-protection.patch of Package libvirt.18121
From 7cdce91e3e1fc211754fe251d8d76fcfb02e7fe0 Mon Sep 17 00:00:00 2001 Message-Id: <7cdce91e3e1fc211754fe251d8d76fcfb02e7fe0@dist-git> From: Paolo Bonzini <pbonzini@redhat.com> Date: Tue, 12 Dec 2017 16:23:42 +0100 Subject: [PATCH] cpu: add CPU features and model for indirect branch prediction protection CVE-2017-5715 Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Jiri Denemark <jdenemar@redhat.com> Conflicts: src/cpu/cpu_map.xml - several CPU features and Skylake-Server and EPYC CPU models are missing Signed-off-by: Jiri Denemark <jdenemar@redhat.com> --- src/cpu/cpu_map.xml | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) Index: libvirt-2.0.0/src/cpu/cpu_map.xml =================================================================== --- libvirt-2.0.0.orig/src/cpu/cpu_map.xml +++ libvirt-2.0.0/src/cpu/cpu_map.xml @@ -255,6 +255,10 @@ <cpuid eax_in='0x07' ebx='0x10000000'/> </feature> + <feature name='spec-ctrl'> + <cpuid eax_in='0x07' ecx_in='0x00' edx='0x04000000'/> + </feature> + <!-- Processor Extended State Enumeration sub leaf 1 --> <feature name='xsaveopt'> <cpuid eax_in='0x0d' ecx_in='0x01' eax='0x00000001'/> @@ -382,6 +386,11 @@ <cpuid eax_in='0x80000007' edx='0x00000100'/> </feature> + <!-- More AMD-specific features --> + <feature name='ibpb'> + <cpuid eax_in='0x80000008' ebx='0x00001000'/> + </feature> + <!-- models --> <model name='486'> <feature name='fpu'/> @@ -829,6 +838,43 @@ <feature name='tsc'/> </model> + <model name='Nehalem-IBRS'> + <signature family='6' model='26'/> + <vendor name='Intel'/> + <feature name='apic'/> + <feature name='clflush'/> + <feature name='cmov'/> + <feature name='cx16'/> + <feature name='cx8'/> + <feature name='de'/> + <feature name='fpu'/> + <feature name='fxsr'/> + <feature name='lahf_lm'/> + <feature name='lm'/> + <feature name='mca'/> + <feature name='mce'/> + <feature name='mmx'/> + <feature name='msr'/> + <feature name='mtrr'/> + <feature name='nx'/> + <feature name='pae'/> + <feature name='pat'/> + <feature name='pge'/> + <feature name='pni'/> + <feature name='popcnt'/> + <feature name='pse'/> + <feature name='pse36'/> + <feature name='sep'/> + <feature name='sse'/> + <feature name='sse2'/> + <feature name='sse4.1'/> + <feature name='sse4.2'/> + <feature name='ssse3'/> + <feature name='syscall'/> + <feature name='tsc'/> + <feature name='spec-ctrl'/> + </model> + <model name='Westmere'> <signature family='6' model='44'/> <vendor name='Intel'/> @@ -866,6 +912,44 @@ <feature name='tsc'/> </model> + <model name='Westmere-IBRS'> + <signature family='6' model='44'/> + <vendor name='Intel'/> + <feature name='aes'/> + <feature name='apic'/> + <feature name='clflush'/> + <feature name='cmov'/> + <feature name='cx16'/> + <feature name='cx8'/> + <feature name='de'/> + <feature name='fpu'/> + <feature name='fxsr'/> + <feature name='lahf_lm'/> + <feature name='lm'/> + <feature name='mca'/> + <feature name='mce'/> + <feature name='mmx'/> + <feature name='msr'/> + <feature name='mtrr'/> + <feature name='nx'/> + <feature name='pae'/> + <feature name='pat'/> + <feature name='pge'/> + <feature name='pni'/> + <feature name='popcnt'/> + <feature name='pse'/> + <feature name='pse36'/> + <feature name='sep'/> + <feature name='sse'/> + <feature name='sse2'/> + <feature name='sse4.1'/> + <feature name='sse4.2'/> + <feature name='ssse3'/> + <feature name='syscall'/> + <feature name='tsc'/> + <feature name='spec-ctrl'/> + </model> + <model name='SandyBridge'> <signature family='6' model='42'/> <vendor name='Intel'/> @@ -909,6 +993,50 @@ <feature name='xsave'/> </model> + <model name='SandyBridge-IBRS'> + <signature family='6' model='42'/> + <vendor name='Intel'/> + <feature name='aes'/> + <feature name='apic'/> + <feature name='avx'/> + <feature name='clflush'/> + <feature name='cmov'/> + <feature name='cx16'/> + <feature name='cx8'/> + <feature name='de'/> + <feature name='fpu'/> + <feature name='fxsr'/> + <feature name='lahf_lm'/> + <feature name='lm'/> + <feature name='mca'/> + <feature name='mce'/> + <feature name='mmx'/> + <feature name='msr'/> + <feature name='mtrr'/> + <feature name='nx'/> + <feature name='pae'/> + <feature name='pat'/> + <feature name='pclmuldq'/> + <feature name='pge'/> + <feature name='pni'/> + <feature name='popcnt'/> + <feature name='pse'/> + <feature name='pse36'/> + <feature name='rdtscp'/> + <feature name='sep'/> + <feature name='sse'/> + <feature name='sse2'/> + <feature name='sse4.1'/> + <feature name='sse4.2'/> + <feature name='ssse3'/> + <feature name='syscall'/> + <feature name='tsc'/> + <feature name='tsc-deadline'/> + <feature name='x2apic'/> + <feature name='xsave'/> + <feature name='spec-ctrl'/> + </model> + <model name='IvyBridge'> <signature family='6' model='58'/> <vendor name='Intel'/> @@ -958,6 +1086,56 @@ <feature name='xsave'/> </model> + <model name='IvyBridge-IBRS'> + <signature family='6' model='58'/> + <vendor name='Intel'/> + <feature name='aes'/> + <feature name='apic'/> + <feature name='avx'/> + <feature name='clflush'/> + <feature name='cmov'/> + <feature name='cx16'/> + <feature name='cx8'/> + <feature name='de'/> + <feature name='erms'/> + <feature name='f16c'/> + <feature name='fpu'/> + <feature name='fsgsbase'/> + <feature name='fxsr'/> + <feature name='lahf_lm'/> + <feature name='lm'/> + <feature name='mca'/> + <feature name='mce'/> + <feature name='mmx'/> + <feature name='msr'/> + <feature name='mtrr'/> + <feature name='nx'/> + <feature name='pae'/> + <feature name='pat'/> + <feature name='pclmuldq'/> + <feature name='pge'/> + <feature name='pni'/> + <feature name='popcnt'/> + <feature name='pse'/> + <feature name='pse36'/> + <feature name='rdrand'/> + <feature name='rdtscp'/> + <feature name='sep'/> + <feature name='smep'/> + <feature name='sse'/> + <feature name='sse2'/> + <feature name='sse4.1'/> + <feature name='sse4.2'/> + <feature name='ssse3'/> + <feature name='syscall'/> + <feature name='tsc'/> + <feature name='tsc-deadline'/> + <feature name='vme'/> + <feature name='x2apic'/> + <feature name='xsave'/> + <feature name='spec-ctrl'/> + </model> + <model name='Haswell-noTSX'> <signature family='6' model='60'/> <vendor name='Intel'/> @@ -1011,6 +1189,60 @@ <feature name='xsave'/> </model> + <model name='Haswell-noTSX-IBRS'> + <signature family='6' model='60'/> + <vendor name='Intel'/> + <feature name='aes'/> + <feature name='apic'/> + <feature name='avx'/> + <feature name='avx2'/> + <feature name='bmi1'/> + <feature name='bmi2'/> + <feature name='clflush'/> + <feature name='cmov'/> + <feature name='cx16'/> + <feature name='cx8'/> + <feature name='de'/> + <feature name='erms'/> + <feature name='fma'/> + <feature name='fpu'/> + <feature name='fsgsbase'/> + <feature name='fxsr'/> + <feature name='invpcid'/> + <feature name='lahf_lm'/> + <feature name='lm'/> + <feature name='mca'/> + <feature name='mce'/> + <feature name='mmx'/> + <feature name='movbe'/> + <feature name='msr'/> + <feature name='mtrr'/> + <feature name='nx'/> + <feature name='pae'/> + <feature name='pat'/> + <feature name='pcid'/> + <feature name='pclmuldq'/> + <feature name='pge'/> + <feature name='pni'/> + <feature name='popcnt'/> + <feature name='pse'/> + <feature name='pse36'/> + <feature name='rdtscp'/> + <feature name='sep'/> + <feature name='smep'/> + <feature name='sse'/> + <feature name='sse2'/> + <feature name='sse4.1'/> + <feature name='sse4.2'/> + <feature name='ssse3'/> + <feature name='syscall'/> + <feature name='tsc'/> + <feature name='tsc-deadline'/> + <feature name='x2apic'/> + <feature name='xsave'/> + <feature name='spec-ctrl'/> + </model> + <model name='Haswell'> <signature family='6' model='60'/> <vendor name='Intel'/> @@ -1066,6 +1298,62 @@ <feature name='xsave'/> </model> + <model name='Haswell-IBRS'> + <signature family='6' model='60'/> + <vendor name='Intel'/> + <feature name='aes'/> + <feature name='apic'/> + <feature name='avx'/> + <feature name='avx2'/> + <feature name='bmi1'/> + <feature name='bmi2'/> + <feature name='clflush'/> + <feature name='cmov'/> + <feature name='cx16'/> + <feature name='cx8'/> + <feature name='de'/> + <feature name='erms'/> + <feature name='fma'/> + <feature name='fpu'/> + <feature name='fsgsbase'/> + <feature name='fxsr'/> + <feature name='hle'/> + <feature name='invpcid'/> + <feature name='lahf_lm'/> + <feature name='lm'/> + <feature name='mca'/> + <feature name='mce'/> + <feature name='mmx'/> + <feature name='movbe'/> + <feature name='msr'/> + <feature name='mtrr'/> + <feature name='nx'/> + <feature name='pae'/> + <feature name='pat'/> + <feature name='pcid'/> + <feature name='pclmuldq'/> + <feature name='pge'/> + <feature name='pni'/> + <feature name='popcnt'/> + <feature name='pse'/> + <feature name='pse36'/> + <feature name='rdtscp'/> + <feature name='rtm'/> + <feature name='sep'/> + <feature name='smep'/> + <feature name='sse'/> + <feature name='sse2'/> + <feature name='sse4.1'/> + <feature name='sse4.2'/> + <feature name='ssse3'/> + <feature name='syscall'/> + <feature name='tsc'/> + <feature name='tsc-deadline'/> + <feature name='x2apic'/> + <feature name='xsave'/> + <feature name='spec-ctrl'/> + </model> + <model name='Broadwell-noTSX'> <signature family='6' model='61'/> <vendor name='Intel'/> @@ -1123,6 +1411,64 @@ <feature name='xsave'/> </model> + <model name='Broadwell-noTSX-IBRS'> + <signature family='6' model='61'/> + <vendor name='Intel'/> + <feature name='3dnowprefetch'/> + <feature name='adx'/> + <feature name='aes'/> + <feature name='apic'/> + <feature name='avx'/> + <feature name='avx2'/> + <feature name='bmi1'/> + <feature name='bmi2'/> + <feature name='clflush'/> + <feature name='cmov'/> + <feature name='cx16'/> + <feature name='cx8'/> + <feature name='de'/> + <feature name='erms'/> + <feature name='fma'/> + <feature name='fpu'/> + <feature name='fsgsbase'/> + <feature name='fxsr'/> + <feature name='invpcid'/> + <feature name='lahf_lm'/> + <feature name='lm'/> + <feature name='mca'/> + <feature name='mce'/> + <feature name='mmx'/> + <feature name='movbe'/> + <feature name='msr'/> + <feature name='mtrr'/> + <feature name='nx'/> + <feature name='pae'/> + <feature name='pat'/> + <feature name='pcid'/> + <feature name='pclmuldq'/> + <feature name='pge'/> + <feature name='pni'/> + <feature name='popcnt'/> + <feature name='pse'/> + <feature name='pse36'/> + <feature name='rdseed'/> + <feature name='rdtscp'/> + <feature name='sep'/> + <feature name='smap'/> + <feature name='smep'/> + <feature name='sse'/> + <feature name='sse2'/> + <feature name='sse4.1'/> + <feature name='sse4.2'/> + <feature name='ssse3'/> + <feature name='syscall'/> + <feature name='tsc'/> + <feature name='tsc-deadline'/> + <feature name='x2apic'/> + <feature name='xsave'/> + <feature name='spec-ctrl'/> + </model> + <model name='Broadwell'> <signature family='6' model='61'/> <vendor name='Intel'/> @@ -1182,6 +1528,66 @@ <feature name='xsave'/> </model> + <model name='Broadwell-IBRS'> + <signature family='6' model='61'/> + <vendor name='Intel'/> + <feature name='3dnowprefetch'/> + <feature name='adx'/> + <feature name='aes'/> + <feature name='apic'/> + <feature name='avx'/> + <feature name='avx2'/> + <feature name='bmi1'/> + <feature name='bmi2'/> + <feature name='clflush'/> + <feature name='cmov'/> + <feature name='cx16'/> + <feature name='cx8'/> + <feature name='de'/> + <feature name='erms'/> + <feature name='fma'/> + <feature name='fpu'/> + <feature name='fsgsbase'/> + <feature name='fxsr'/> + <feature name='hle'/> + <feature name='invpcid'/> + <feature name='lahf_lm'/> + <feature name='lm'/> + <feature name='mca'/> + <feature name='mce'/> + <feature name='mmx'/> + <feature name='movbe'/> + <feature name='msr'/> + <feature name='mtrr'/> + <feature name='nx'/> + <feature name='pae'/> + <feature name='pat'/> + <feature name='pcid'/> + <feature name='pclmuldq'/> + <feature name='pge'/> + <feature name='pni'/> + <feature name='popcnt'/> + <feature name='pse'/> + <feature name='pse36'/> + <feature name='rdseed'/> + <feature name='rdtscp'/> + <feature name='rtm'/> + <feature name='sep'/> + <feature name='smap'/> + <feature name='smep'/> + <feature name='sse'/> + <feature name='sse2'/> + <feature name='sse4.1'/> + <feature name='sse4.2'/> + <feature name='ssse3'/> + <feature name='syscall'/> + <feature name='tsc'/> + <feature name='tsc-deadline'/> + <feature name='x2apic'/> + <feature name='xsave'/> + <feature name='spec-ctrl'/> + </model> + <model name='Skylake-Client'> <signature family='6' model='94'/> <vendor name='Intel'/> @@ -1250,6 +1656,75 @@ <feature name='xsaveopt'/> </model> + <model name='Skylake-Client-IBRS'> + <signature family='6' model='94'/> + <vendor name='Intel'/> + <feature name='3dnowprefetch'/> + <feature name='abm'/> + <feature name='adx'/> + <feature name='aes'/> + <feature name='apic'/> + <feature name='arat'/> + <feature name='avx'/> + <feature name='avx2'/> + <feature name='bmi1'/> + <feature name='bmi2'/> + <feature name='clflush'/> + <feature name='cmov'/> + <feature name='cx16'/> + <feature name='cx8'/> + <feature name='de'/> + <feature name='erms'/> + <feature name='f16c'/> + <feature name='fma'/> + <feature name='fpu'/> + <feature name='fsgsbase'/> + <feature name='fxsr'/> + <feature name='hle'/> + <feature name='invpcid'/> + <feature name='lahf_lm'/> + <feature name='lm'/> + <feature name='mca'/> + <feature name='mce'/> + <feature name='mmx'/> + <feature name='movbe'/> + <feature name='mpx'/> + <feature name='msr'/> + <feature name='mtrr'/> + <feature name='nx'/> + <feature name='pae'/> + <feature name='pat'/> + <feature name='pcid'/> + <feature name='pclmuldq'/> + <feature name='pge'/> + <feature name='pni'/> + <feature name='popcnt'/> + <feature name='pse'/> + <feature name='pse36'/> + <feature name='rdrand'/> + <feature name='rdseed'/> + <feature name='rdtscp'/> + <feature name='rtm'/> + <feature name='sep'/> + <feature name='smap'/> + <feature name='smep'/> + <feature name='sse'/> + <feature name='sse2'/> + <feature name='sse4.1'/> + <feature name='sse4.2'/> + <feature name='ssse3'/> + <feature name='syscall'/> + <feature name='tsc'/> + <feature name='tsc-deadline'/> + <feature name='vme'/> + <feature name='x2apic'/> + <feature name='xgetbv1'/> + <feature name='xsave'/> + <feature name='xsavec'/> + <feature name='xsaveopt'/> + <feature name='spec-ctrl'/> + </model> + <!-- AMD CPUs --> <model name='athlon'> <vendor name='AMD'/>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor