File 0094-i386-Compensate-for-KVM-SPEC_CTRL-f.patch of Package qemu.openSUSE_Leap_42.3_Update

From 0fc0ae89e3981cb6ecbd3a255abeb0022efb6087 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Thu, 22 Feb 2018 04:48:07 -0700
Subject: [PATCH] i386: Compensate for KVM SPEC_CTRL feature availability issue

As we move away from the quick and dirty qemu solution for
Spectre v2, we want to not have a lapse in protection in case
KVM has not yet been updated to include code which exposes the
SPEC_CTRL feature.  This patch compensates for that case by
checking for the feature in QEMU code (like the quick and dirty
solution did), instead of simply relying on KVM for that
information. This patch is intended to be removed when we can
reasonably expect that everyone is running the kernel with the
appropriate KVM support.
[BR: BSC#1082276]

Signed-off-by: Bruce Rogers <brogers@suse.com>
---
 target/i386/cpu.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index a97b61697e..cd3ec1769f 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -2714,6 +2714,14 @@ static uint32_t x86_cpu_get_supported_feature_word(FeatureWord w,
         r = kvm_arch_get_supported_cpuid(kvm_state, wi->cpuid_eax,
                                                     wi->cpuid_ecx,
                                                     wi->cpuid_reg);
+       // As additional protection, compensate for a KVM which doesn't
+       // correctly report support for IBRS (bsc#1082276)
+       // (This is intended to be a temporary measure)
+       if (w == FEAT_7_0_EDX) {
+            uint32_t edx;
+            host_cpuid(7, 0, NULL, NULL, NULL, &edx);
+           r |= edx & CPUID_7_0_EDX_SPEC_CTRL;
+       }
     } else if (tcg_enabled()) {
         r = wi->tcg_features;
     } else {