| From fd15cae94fe591c942fdb80e1b5173d51b363327 Mon Sep 17 00:00:00 2001 |
| From: Andi Kleen <ak@linux.intel.com> |
| Date: Fri, 18 Jan 2019 16:50:23 -0800 |
| Subject: [PATCH 08/30] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests |
| |
| commit 6c4dbbd14730c43f4ed808a9c42ca41625925c22 upstream |
| |
| X86_FEATURE_MD_CLEAR is a new CPUID bit which is set when microcode |
| provides the mechanism to invoke a flush of various exploitable CPU buffers |
| by invoking the VERW instruction. |
| |
| Hand it through to guests so they can adjust their mitigations. |
| |
| This also requires corresponding qemu changes, which are available |
| separately. |
| |
| [ tglx: Massaged changelog ] |
| |
| Signed-off-by: Andi Kleen <ak@linux.intel.com> |
| Signed-off-by: Thomas Gleixner <tglx@linutronix.de> |
| Reviewed-by: Borislav Petkov <bp@suse.de> |
| Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| Reviewed-by: Frederic Weisbecker <frederic@kernel.org> |
| Reviewed-by: Jon Masters <jcm@redhat.com> |
| Tested-by: Jon Masters <jcm@redhat.com> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| arch/x86/kvm/cpuid.c | 3 ++- |
| 1 file changed, 2 insertions(+), 1 deletion(-) |
| |
| diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c |
| index fe9907517fb4..b810102a9cfa 100644 |
| --- a/arch/x86/kvm/cpuid.c |
| +++ b/arch/x86/kvm/cpuid.c |
| @@ -412,7 +412,8 @@ static inline int __do_cpuid_ent(struct kvm_cpuid_entry2 *entry, u32 function, |
| /* cpuid 7.0.edx*/ |
| const u32 kvm_cpuid_7_0_edx_x86_features = |
| F(AVX512_4VNNIW) | F(AVX512_4FMAPS) | F(SPEC_CTRL) | |
| - F(SPEC_CTRL_SSBD) | F(ARCH_CAPABILITIES) | F(INTEL_STIBP); |
| + F(SPEC_CTRL_SSBD) | F(ARCH_CAPABILITIES) | F(INTEL_STIBP) | |
| + F(MD_CLEAR); |
| |
| /* all calls to cpuid_count() should be made on the same cpu */ |
| get_cpu(); |
| -- |
| 2.21.0 |
| |
