i386: speculative store buffer bypass mitigation (CVE-2018-3639)

[Qemu-devel] [PATCH 2/3] i386: define the AMD 'virt-ssbd' CPUID feature bit (CVE-2018-3639)

Posted by Daniel P. Berrangé 7 years, 8 months ago

From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>

AMD Zen expose the Intel equivalant to Speculative Store Bypass Disable
via the 0x80000008_EBX[25] CPUID feature bit.

This needs to be exposed to guest OS to allow them to protect
against CVE-2018-3639.

Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 target/i386/cpu.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index a1185b17d1..d95310ffd4 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -836,7 +836,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
             "ibpb", NULL, NULL, NULL,
             NULL, NULL, NULL, NULL,
             NULL, NULL, NULL, NULL,
-            NULL, NULL, NULL, NULL,
+            NULL, "virt-ssbd", NULL, NULL,
             NULL, NULL, NULL, NULL,
         },
         .cpuid_eax = 0x80000008,
-- 
2.17.0

[Qemu-devel] [PATCH 1/3] i386: define the 'ssbd' CPUID feature bit (CVE-2018-3639)
[Qemu-devel] [PATCH 2/3] i386: define the AMD 'virt-ssbd' CPUID feature bit (CVE-2018-3639)
[Qemu-devel] [PATCH 3/3] i386: Define the Virt SSBD MSR and handling of it (CVE-2018-3639)