cpu_map: Introduce IA32_ARCH_CAPABILITIES MSR bits for TAA

[libvirt] [PATCH 1/2] cpu_map: Add TAA_NO bit for IA32_ARCH_CAPABILITIES MSR

Posted by Jiri Denemark 6 years, 1 month ago

CVE-2019-11135

CPUs with TAA_NO bit of IA32_ARCH_CAPABILITIES MSR set to 1 are not
vulnerable to TSX Asynchronous Abort and passing this bit to a guest
may avoid unnecessary mitigations.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
 src/cpu_map/x86_features.xml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/cpu_map/x86_features.xml b/src/cpu_map/x86_features.xml
index 2bed1e0372..d1180ed26d 100644
--- a/src/cpu_map/x86_features.xml
+++ b/src/cpu_map/x86_features.xml
@@ -502,4 +502,7 @@
   <feature name='mds-no'>
     <msr index='0x10a' edx='0x00000000' eax='0x00000020'/>
   </feature>
+  <feature name='taa-no'>
+    <msr index='0x10a' edx='0x00000000' eax='0x00000100'/>
+  </feature>
 </cpus>
-- 
2.24.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH 1/2] cpu_map: Add TAA_NO bit for IA32_ARCH_CAPABILITIES MSR
[libvirt] [PATCH 2/2] cpu_map: Add TSX_CTRL bit for IA32_ARCH_CAPABILITIES MSR