Overview

File Spectre-v4-3.patch of Package xen.openSUSE_Leap_42.3_Update

From 8d4c69d4119d2d45908a555136ae2d559d189f71 Mon Sep 17 00:00:00 2001
From: Andrew Cooper <andrew.cooper3@citrix.com>
Date: Fri, 13 Apr 2018 15:42:34 +0000
Subject: [PATCH 16/16] x86/msr: Virtualise MSR_SPEC_CTRL.SSBD for guests to
 use

Almost all infrastructure is already in place.  Update the reserved bits
calculation in guest_wrmsr(), and offer SSBD to guests by default.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
---
 xen/arch/x86/domctl.c                       | 3 ++-
 xen/arch/x86/hvm/hvm.c                      | 3 ++-
 xen/arch/x86/traps.c                        | 3 ++-
 xen/include/public/arch-x86/cpufeatureset.h | 2 +-
 4 files changed, 7 insertions(+), 4 deletions(-)

--- a/xen/arch/x86/domctl.c
+++ b/xen/arch/x86/domctl.c
@@ -1408,7 +1408,8 @@ long arch_do_domctl(
                      * ignored) when STIBP isn't enumerated in hardware.
                      */
 
-                    if ( msr.value & ~(SPEC_CTRL_IBRS | SPEC_CTRL_STIBP) )
+                    if ( msr.value & ~(SPEC_CTRL_IBRS | SPEC_CTRL_STIBP |
+                                       (d->arch.cpuid->feat.ssbd ? SPEC_CTRL_SSBD : 0)) )
                         break;
                     v->arch.spec_ctrl = msr.value;
                     continue;
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -3619,7 +3619,8 @@ int hvm_msr_write_intercept(unsigned int
          * when STIBP isn't enumerated in hardware.
          */
 
-        if ( msr_content & ~(SPEC_CTRL_IBRS | SPEC_CTRL_STIBP) )
+        if ( msr_content & ~(SPEC_CTRL_IBRS | SPEC_CTRL_STIBP |
+                             (d->arch.cpuid->feat.ssbd ? SPEC_CTRL_SSBD : 0)) )
             goto gp_fault; /* Rsvd bit set? */
 
         v->arch.spec_ctrl = msr_content;
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -2851,7 +2851,8 @@ static int priv_op_write_msr(unsigned in
          * when STIBP isn't enumerated in hardware.
          */
 
-        if ( val & ~(SPEC_CTRL_IBRS | SPEC_CTRL_STIBP) )
+        if ( val & ~(SPEC_CTRL_IBRS | SPEC_CTRL_STIBP |
+                     (currd->arch.cpuid->feat.ssbd ? SPEC_CTRL_SSBD : 0)) )
             break; /* Rsvd bit set? */
 
         curr->arch.spec_ctrl = val;
--- a/xen/include/public/arch-x86/cpufeatureset.h
+++ b/xen/include/public/arch-x86/cpufeatureset.h
@@ -244,7 +244,7 @@ XEN_CPUFEATURE(AVX512_4FMAPS, 9*32+ 3) /
 XEN_CPUFEATURE(IBRSB,         9*32+26) /*A  IBRS and IBPB support (used by Intel) */
 XEN_CPUFEATURE(STIBP,         9*32+27) /*A! STIBP */
 XEN_CPUFEATURE(ARCH_CAPS,     9*32+29) /*   IA32_ARCH_CAPABILITIES MSR */
-XEN_CPUFEATURE(SSBD,          9*32+31) /*   MSR_SPEC_CTRL.SSBD available */
+XEN_CPUFEATURE(SSBD,          9*32+31) /*A  MSR_SPEC_CTRL.SSBD available */
 
 #endif /* XEN_CPUFEATURE */
openSUSE Build Service is sponsored by
Places