From patchwork Mon Jul 23 20:16:51 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Michael Roth <mdroth@linux.vnet.ibm.com>
X-Patchwork-Id: 10540955
Return-Path: 
 <qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
 [172.30.200.125])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 54CA517FD
	for <patchwork-qemu-devel@patchwork.kernel.org>;
 Mon, 23 Jul 2018 20:53:26 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 44A11284C5
	for <patchwork-qemu-devel@patchwork.kernel.org>;
 Mon, 23 Jul 2018 20:53:26 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 38D02284EE; Mon, 23 Jul 2018 20:53:26 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-7.8 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham
 version=3.3.1
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17])
	(using TLSv1 with cipher AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id C98BA284ED
	for <patchwork-qemu-devel@patchwork.kernel.org>;
 Mon, 23 Jul 2018 20:53:25 +0000 (UTC)
Received: from localhost ([::1]:36542 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from
 <qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>)
	id 1fhhpc-00061m-VU
	for patchwork-qemu-devel@patchwork.kernel.org;
 Mon, 23 Jul 2018 16:53:25 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:41691)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <flukshun@gmail.com>) id 1fhhJJ-0002Us-Km
	for qemu-devel@nongnu.org; Mon, 23 Jul 2018 16:20:02 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <flukshun@gmail.com>) id 1fhhJI-0004BP-KF
	for qemu-devel@nongnu.org; Mon, 23 Jul 2018 16:20:01 -0400
Received: from mail-oi0-x22e.google.com ([2607:f8b0:4003:c06::22e]:40344)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <flukshun@gmail.com>)
	id 1fhhJI-0004A3-FD; Mon, 23 Jul 2018 16:20:00 -0400
Received: by mail-oi0-x22e.google.com with SMTP id w126-v6so3475030oie.7;
	Mon, 23 Jul 2018 13:20:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=sender:from:to:cc:subject:date:message-id:in-reply-to:references
	:mime-version:content-transfer-encoding;
	bh=G6JoazjMed40MVxyj1L+YCMC0uKoKnoH67yK7zwbZaE=;
	b=Z9k4faswsPaL+Q3hv0Qn0WsN3rRSV3u9I1JYoG9rIgagYoGIG+z75HmQb1WSOyyUHY
	7RnHqBroImGxYOZkXikuChgl+I0cj+l8+qFnQhDbjQY5QTrYKKHaZRnRlv9ODceCGeyo
	7CFh7pgbzAi5BkBkla0UPSJF4H+5nRkgtRYRTSFIUsKYwDYUwsomBJuVE4/x99HrBFa7
	Td2L5b2zppM2nSo/x9u/qaluAWi7GxJfhKBGIdehAvO78InKXkPdhlv5x7vbkOxKUWmM
	OygGZtf+aAlN5TqONcIGLDpZt2eavLE3pfREpXnUIspMMSK1tkeW9A/ZZlCPmNf3Zfji
	Hz7Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:sender:from:to:cc:subject:date:message-id
	:in-reply-to:references:mime-version:content-transfer-encoding;
	bh=G6JoazjMed40MVxyj1L+YCMC0uKoKnoH67yK7zwbZaE=;
	b=gsX8eBwK2vyxFUMUqynWSRLM4gRVhyS/3VU2CAevApYQad/MynssAkBq5S+FIBQSEC
	aUNtn2rs4AzLJp9AsV83+5fwvXx6Jq3af6VFcM0PqbP6a6aGg9yonBY2Jw5IpCK5Cm9V
	7vpvQ9yppe4DJTz9INIFXBv5BCHIy3ffQ1i65vO38Qb4FKRWfzGLUuyySq/kuH2zKo2W
	2dVqgKnR+A3hc6S15HvMhhagzHF5XvkJs8gyVULXX/GtKPpRzr5E01XGUhg7nf4jZD6+
	Kav3qHcbXV2I9EJZDyu8Lu++EJr4A5KRvefP18eSad0FjMs/u1S6JeFBQ7IKqxeD0OFJ
	FRdg==
X-Gm-Message-State: AOUpUlE1ZvhmRXELf7X6E5qm+dWp3JtwaKt/SWn7Kwz9S06kR4xDQ81D
	vurSSBiSTO5oO9EuZOLPPKSGscCVxOQ=
X-Google-Smtp-Source: 
 AAOMgpf1zugu830ldBewTUNYskQiBdPoD1uj79O6iGnq4zn4FFK1q4jDP317N3AFM5yBsSRaghevlg==
X-Received: by 2002:aca:f5d1:: with SMTP id
	t200-v6mr340273oih.12.1532377199227;
	Mon, 23 Jul 2018 13:19:59 -0700 (PDT)
Received: from localhost (76-251-165-188.lightspeed.austtx.sbcglobal.net.
	[76.251.165.188]) by smtp.gmail.com with ESMTPSA id
	d191-v6sm11786229oig.16.2018.07.23.13.19.57
	(version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
	Mon, 23 Jul 2018 13:19:58 -0700 (PDT)
From: Michael Roth <mdroth@linux.vnet.ibm.com>
To: qemu-devel@nongnu.org
Date: Mon, 23 Jul 2018 15:16:51 -0500
Message-Id: <20180723201748.25573-43-mdroth@linux.vnet.ibm.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20180723201748.25573-1-mdroth@linux.vnet.ibm.com>
References: <20180723201748.25573-1-mdroth@linux.vnet.ibm.com>
MIME-Version: 1.0
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 2607:f8b0:4003:c06::22e
Subject: [Qemu-devel] [PATCH 42/99] i386: define the 'ssbd' CPUID feature
 bit (CVE-2018-3639)
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: qemu-stable@nongnu.org, Eduardo Habkost <ehabkost@redhat.com>,
	Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Errors-To: 
 qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org
Sender: "Qemu-devel"
	<qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>
X-Virus-Scanned: ClamAV using ClamSMTP

From: Daniel P. Berrangé <berrange@redhat.com>

New microcode introduces the "Speculative Store Bypass Disable"
CPUID feature bit. This needs to be exposed to guest OS to allow
them to protect against CVE-2018-3639.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Message-Id: <20180521215424.13520-2-berrange@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
(cherry picked from commit d19d1f965904a533998739698020ff4ee8a103da)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
---
 target/i386/cpu.c | 2 +-
 target/i386/cpu.h | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index a20fe26573..2f5263e22f 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -510,7 +510,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
             NULL, NULL, NULL, NULL,
             NULL, NULL, NULL, NULL,
             NULL, NULL, "spec-ctrl", NULL,
-            NULL, NULL, NULL, NULL,
+            NULL, NULL, NULL, "ssbd",
         },
         .cpuid_eax = 7,
         .cpuid_needs_ecx = true, .cpuid_ecx = 0,
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index 1b219fafc4..970ab96e54 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -684,6 +684,7 @@ typedef uint32_t FeatureWordArray[FEATURE_WORDS];
 #define CPUID_7_0_EDX_AVX512_4VNNIW (1U << 2) /* AVX512 Neural Network Instructions */
 #define CPUID_7_0_EDX_AVX512_4FMAPS (1U << 3) /* AVX512 Multiply Accumulation Single Precision */
 #define CPUID_7_0_EDX_SPEC_CTRL     (1U << 26) /* Speculation Control */
+#define CPUID_7_0_EDX_SPEC_CTRL_SSBD  (1U << 31) /* Speculative Store Bypass Disable */
 
 #define KVM_HINTS_DEDICATED (1U << 0)