From patchwork Thu Mar 21 19:35:57 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eduardo Habkost X-Patchwork-Id: 1060423 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=redhat.com Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 44QHF43NN5z9sR1 for ; Fri, 22 Mar 2019 06:40:07 +1100 (AEDT) Received: from localhost ([127.0.0.1]:45753 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h73Xp-0005dO-9m for incoming@patchwork.ozlabs.org; Thu, 21 Mar 2019 15:40:05 -0400 Received: from eggs.gnu.org ([209.51.188.92]:58767) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h73UE-00034u-G1 for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:23 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1h73UD-0006sf-LI for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:22 -0400 Received: from mx1.redhat.com ([209.132.183.28]:36069) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1h73UD-0006qQ-9s for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:21 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 8CA7C30FE5D1; Thu, 21 Mar 2019 19:36:20 +0000 (UTC) Received: from localhost (ovpn-116-26.gru2.redhat.com [10.97.116.26]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1A64E1001DC1; Thu, 21 Mar 2019 19:36:19 +0000 (UTC) From: Eduardo Habkost To: Peter Maydell , qemu-devel@nongnu.org Date: Thu, 21 Mar 2019 16:35:57 -0300 Message-Id: <20190321193600.15935-3-ehabkost@redhat.com> In-Reply-To: <20190321193600.15935-1-ehabkost@redhat.com> References: <20190321193600.15935-1-ehabkost@redhat.com> X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.47]); Thu, 21 Mar 2019 19:36:20 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 2/5] i386: Make arch_capabilities migratable X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Paolo Bonzini , Eduardo Habkost , Richard Henderson Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" Now that kvm_arch_get_supported_cpuid() will only return arch_capabilities if QEMU is able to initialize the MSR properly, we know that the feature is safely migratable. Signed-off-by: Eduardo Habkost Message-Id: <20190125220606.4864-3-ehabkost@redhat.com> Signed-off-by: Eduardo Habkost --- target/i386/cpu.c | 1 - 1 file changed, 1 deletion(-) diff --git a/target/i386/cpu.c b/target/i386/cpu.c index d90c01a059..9d3a20eac4 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -1089,7 +1089,6 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { .reg = R_EDX, }, .tcg_features = TCG_7_0_EDX_FEATURES, - .unmigratable_flags = CPUID_7_0_EDX_ARCH_CAPABILITIES, }, [FEAT_8000_0007_EDX] = { .type = CPUID_FEATURE_WORD, From patchwork Thu Mar 21 19:35:58 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eduardo Habkost X-Patchwork-Id: 1060424 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=redhat.com Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 44QHFW1Wj7z9sQt for ; Fri, 22 Mar 2019 06:40:31 +1100 (AEDT) Received: from localhost ([127.0.0.1]:45763 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h73YC-00061N-Ul for incoming@patchwork.ozlabs.org; Thu, 21 Mar 2019 15:40:29 -0400 Received: from eggs.gnu.org ([209.51.188.92]:58914) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h73UM-0003C4-IJ for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:31 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1h73UL-00077v-8l for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:30 -0400 Received: from mx1.redhat.com ([209.132.183.28]:41746) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1h73UK-000760-TZ for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:29 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 281C720265; Thu, 21 Mar 2019 19:36:28 +0000 (UTC) Received: from localhost (ovpn-116-26.gru2.redhat.com [10.97.116.26]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9E6885D6A9; Thu, 21 Mar 2019 19:36:27 +0000 (UTC) From: Eduardo Habkost To: Peter Maydell , qemu-devel@nongnu.org Date: Thu, 21 Mar 2019 16:35:58 -0300 Message-Id: <20190321193600.15935-4-ehabkost@redhat.com> In-Reply-To: <20190321193600.15935-1-ehabkost@redhat.com> References: <20190321193600.15935-1-ehabkost@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Thu, 21 Mar 2019 19:36:28 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 3/5] i386: Disable OSPKE on CPU model definitions X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Paolo Bonzini , Tao Xu , Robert Hoo , Eduardo Habkost , Richard Henderson Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" Currently, the Cascadelake-Server, Icelake-Client, and Icelake-Server are always generating the following warning: qemu-system-x86_64: warning: \ host doesn't support requested feature: CPUID.07H:ECX [bit 4] This happens because OSPKE was never returned by GET_SUPPORTED_CPUID or x86_cpu_get_supported_feature_word(). OSPKE is a runtime flag automatically set by the KVM module or by TCG code, was always cleared by x86_cpu_filter_features(), and was not supposed to appear on the CPU model table. Remove the OSPKE flag from the CPU model table entries, to avoid the bogus warning and avoid returning invalid feature data on query-cpu-* QMP commands. As OSPKE was always cleared by x86_cpu_filter_features(), this won't have any guest-visible impact. Include a test case that should detect the problem if we introduce a similar bug again. Fixes: c7a88b52f62b ("i386: Add new model of Cascadelake-Server") Fixes: 8a11c62da914 ("i386: Add new CPU model Icelake-{Server,Client}") Cc: Tao Xu Cc: Robert Hoo Signed-off-by: Eduardo Habkost Message-Id: <20190319200515.14999-1-ehabkost@redhat.com> Signed-off-by: Eduardo Habkost --- target/i386/cpu.c | 6 +++--- tests/acceptance/cpu_queries.py | 33 +++++++++++++++++++++++++++++++++ 2 files changed, 36 insertions(+), 3 deletions(-) create mode 100644 tests/acceptance/cpu_queries.py diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 9d3a20eac4..d6bb57d210 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -2532,7 +2532,7 @@ static X86CPUDefinition builtin_x86_defs[] = { CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD | CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT, .features[FEAT_7_0_ECX] = - CPUID_7_0_ECX_PKU | CPUID_7_0_ECX_OSPKE | + CPUID_7_0_ECX_PKU | CPUID_7_0_ECX_AVX512VNNI, .features[FEAT_7_0_EDX] = CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD, @@ -2585,7 +2585,7 @@ static X86CPUDefinition builtin_x86_defs[] = { CPUID_7_0_EBX_SMAP, .features[FEAT_7_0_ECX] = CPUID_7_0_ECX_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU | - CPUID_7_0_ECX_OSPKE | CPUID_7_0_ECX_VBMI2 | CPUID_7_0_ECX_GFNI | + CPUID_7_0_ECX_VBMI2 | CPUID_7_0_ECX_GFNI | CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ | CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG | CPUID_7_0_ECX_AVX512_VPOPCNTDQ, @@ -2643,7 +2643,7 @@ static X86CPUDefinition builtin_x86_defs[] = { CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT, .features[FEAT_7_0_ECX] = CPUID_7_0_ECX_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU | - CPUID_7_0_ECX_OSPKE | CPUID_7_0_ECX_VBMI2 | CPUID_7_0_ECX_GFNI | + CPUID_7_0_ECX_VBMI2 | CPUID_7_0_ECX_GFNI | CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ | CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG | CPUID_7_0_ECX_AVX512_VPOPCNTDQ | CPUID_7_0_ECX_LA57, diff --git a/tests/acceptance/cpu_queries.py b/tests/acceptance/cpu_queries.py new file mode 100644 index 0000000000..e71edec39f --- /dev/null +++ b/tests/acceptance/cpu_queries.py @@ -0,0 +1,33 @@ +# Sanity check of query-cpu-* results +# +# Copyright (c) 2019 Red Hat, Inc. +# +# Author: +# Eduardo Habkost +# +# This work is licensed under the terms of the GNU GPL, version 2 or +# later. See the COPYING file in the top-level directory. + +import logging + +from avocado_qemu import Test + +class QueryCPUModelExpansion(Test): + """ + Run query-cpu-model-expansion for each CPU model, and validate results + """ + + def test(self): + self.vm.set_machine('none') + self.vm.add_args('-S') + self.vm.launch() + + cpus = self.vm.command('query-cpu-definitions') + for c in cpus: + print(repr(c)) + self.assertNotIn('', c['unavailable-features'], c['name']) + + for c in cpus: + model = {'name': c['name']} + e = self.vm.command('query-cpu-model-expansion', model=model, type='full') + self.assertEquals(e['model']['name'], c['name']) From patchwork Thu Mar 21 19:35:59 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Eduardo Habkost X-Patchwork-Id: 1060420 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=redhat.com Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 44QHB547lMz9sQr for ; Fri, 22 Mar 2019 06:37:33 +1100 (AEDT) Received: from localhost ([127.0.0.1]:45739 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h73VL-0003Jb-Ax for incoming@patchwork.ozlabs.org; Thu, 21 Mar 2019 15:37:31 -0400 Received: from eggs.gnu.org ([209.51.188.92]:59042) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h73UT-0003HP-Bj for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:38 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1h73US-0007Gi-DG for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:37 -0400 Received: from mx1.redhat.com ([209.132.183.28]:47138) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1h73US-0007Fq-4z for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:36 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 66DCA308429D; Thu, 21 Mar 2019 19:36:35 +0000 (UTC) Received: from localhost (ovpn-116-26.gru2.redhat.com [10.97.116.26]) by smtp.corp.redhat.com (Postfix) with ESMTP id E7B9C1001DC1; Thu, 21 Mar 2019 19:36:34 +0000 (UTC) From: Eduardo Habkost To: Peter Maydell , qemu-devel@nongnu.org Date: Thu, 21 Mar 2019 16:35:59 -0300 Message-Id: <20190321193600.15935-5-ehabkost@redhat.com> In-Reply-To: <20190321193600.15935-1-ehabkost@redhat.com> References: <20190321193600.15935-1-ehabkost@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.40]); Thu, 21 Mar 2019 19:36:35 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 4/5] docs: clarify that spec-ctrl is only needed for Spectre v2 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Paolo Bonzini , Eduardo Habkost , Richard Henderson Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" From: Daniel P. Berrangé The docs currently say that the spec-ctrl feature is needed for both Spectre variants, but it is only used to address Spectre v2. Also remove the note about retpolines. The guest OS is usually treated as a blackbox from host mgmt pov, so it won't have knowledge about use of retpolines and thus should unconditionally expose spec-ctrl, allowing the guest to decide whether to use it or not. Signed-off-by: Daniel P. Berrangé Message-Id: <20190307121838.6345-2-berrange@redhat.com> Signed-off-by: Eduardo Habkost --- docs/qemu-cpu-models.texi | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/docs/qemu-cpu-models.texi b/docs/qemu-cpu-models.texi index 1b72584161..0ce528806d 100644 --- a/docs/qemu-cpu-models.texi +++ b/docs/qemu-cpu-models.texi @@ -158,8 +158,7 @@ support this feature. @item @code{spec-ctrl} -Required to enable the Spectre (CVE-2017-5753 and CVE-2017-5715) fix, -in cases where retpolines are not sufficient. +Required to enable the Spectre v2 (CVE-2017-5715) fix. Included by default in Intel CPU models with -IBRS suffix. @@ -249,8 +248,7 @@ included if using "Host passthrough" or "Host model". @item @code{ibpb} -Required to enable the Spectre (CVE-2017-5753 and CVE-2017-5715) fix, -in cases where retpolines are not sufficient. +Required to enable the Spectre v2 (CVE-2017-5715) fix. Included by default in AMD CPU models with -IBPB suffix. From patchwork Thu Mar 21 19:36:00 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Eduardo Habkost X-Patchwork-Id: 1060425 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=redhat.com Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 44QHKg3hlJz9sQr for ; Fri, 22 Mar 2019 06:44:07 +1100 (AEDT) Received: from localhost ([127.0.0.1]:45840 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h73be-0000uc-KW for incoming@patchwork.ozlabs.org; Thu, 21 Mar 2019 15:44:02 -0400 Received: from eggs.gnu.org ([209.51.188.92]:59080) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h73Ua-0003KX-Nn for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:45 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1h73UZ-0007M9-M6 for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:44 -0400 Received: from mx1.redhat.com ([209.132.183.28]:43960) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1h73UZ-0007LM-Ay for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:43 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 8D8F73082B43; Thu, 21 Mar 2019 19:36:42 +0000 (UTC) Received: from localhost (ovpn-116-26.gru2.redhat.com [10.97.116.26]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1F98360857; Thu, 21 Mar 2019 19:36:41 +0000 (UTC) From: Eduardo Habkost To: Peter Maydell , qemu-devel@nongnu.org Date: Thu, 21 Mar 2019 16:36:00 -0300 Message-Id: <20190321193600.15935-6-ehabkost@redhat.com> In-Reply-To: <20190321193600.15935-1-ehabkost@redhat.com> References: <20190321193600.15935-1-ehabkost@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.45]); Thu, 21 Mar 2019 19:36:42 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 5/5] docs: add note about stibp CPU feature for spectre v2 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Paolo Bonzini , Eduardo Habkost , Richard Henderson Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" From: Daniel P. Berrangé While the stibp CPU feature is not commonly used by guest OS for spectre mitigation due to its performance impact, it is none the less best practice to expose it to all guest OS. This allows the guest OS to decide whether to make use or it. Signed-off-by: Daniel P. Berrangé Message-Id: <20190307121838.6345-3-berrange@redhat.com> Signed-off-by: Eduardo Habkost --- docs/qemu-cpu-models.texi | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/docs/qemu-cpu-models.texi b/docs/qemu-cpu-models.texi index 0ce528806d..23c11dc86f 100644 --- a/docs/qemu-cpu-models.texi +++ b/docs/qemu-cpu-models.texi @@ -168,6 +168,17 @@ Requires the host CPU microcode to support this feature before it can be used for guest CPUs. +@item @code{stibp} + +Required to enable stronger Spectre v2 (CVE-2017-5715) fixes in some +operating systems. + +Must be explicitly turned on for all Intel CPU models. + +Requires the host CPU microcode to support this feature before it +can be used for guest CPUs. + + @item @code{ssbd} Required to enable the CVE-2018-3639 fix @@ -258,6 +269,17 @@ Requires the host CPU microcode to support this feature before it can be used for guest CPUs. +@item @code{stibp} + +Required to enable stronger Spectre v2 (CVE-2017-5715) fixes in some +operating systems. + +Must be explicitly turned on for all AMD CPU models. + +Requires the host CPU microcode to support this feature before it +can be used for guest CPUs. + + @item @code{virt-ssbd} Required to enable the CVE-2018-3639 fix