diff mbox series

[PULL,17/48] target/i386: Export BHI_NO bit to guests

Message ID	20250124094442.13207-18-pbonzini@redhat.com (mailing list archive)
State	New
Headers	show Return-Path: <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org> From: Paolo Bonzini <pbonzini@redhat.com> To: qemu-devel@nongnu.org Cc: Tao Su <tao1.su@linux.intel.com> Subject: [PULL 17/48] target/i386: Export BHI_NO bit to guests Date: Fri, 24 Jan 2025 10:44:11 +0100 Message-ID: <20250124094442.13207-18-pbonzini@redhat.com> In-Reply-To: <20250124094442.13207-1-pbonzini@redhat.com> References: <20250124094442.13207-1-pbonzini@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=170.10.129.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -50 X-Spam_score: -5.1 X-Spam_bar: ----- X-Spam_report: (-5.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-2.996, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action Precedence: list Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Series	[PULL,01/48] rust: pl011: fix repr(C) for PL011Class \| expand [PULL,01/48] rust: pl011: fix repr(C) for PL011Class [PULL,02/48] target/i386: inline gen_jcc into sole caller [PULL,03/48] target/i386: remove trailing 1 from gen_{j, cmov, set}cc1 [PULL,04/48] target/i386: unify REP and REPZ/REPNZ generation [PULL,05/48] target/i386: unify choice between single and repeated string instructions [PULL,06/48] target/i386: reorganize ops emitted by do_gen_rep, drop repz_opt [PULL,07/48] target/i386: tcg: move gen_set/reset_* earlier in the file [PULL,08/48] target/i386: fix RF handling for string instructions [PULL,09/48] target/i386: make cc_op handling more explicit for repeated string instructions. [PULL,10/48] target/i386: do not use gen_op_jz_ecx for repeated string operations [PULL,11/48] target/i386: optimize CX handling in repeated string operations [PULL,12/48] target/i386: execute multiple REP/REPZ iterations without leaving TB [PULL,13/48] target/i386: pull computation of string update value out of loop [PULL,14/48] target/i386: extract common bits of gen_repz/gen_repz_nz [PULL,15/48] target/i386: avoid using s->tmp0 for add to implicit registers [PULL,16/48] target/i386: Introduce SierraForest-v2 model [PULL,17/48] target/i386: Export BHI_NO bit to guests [PULL,18/48] target/i386: Add new CPU model ClearwaterForest [PULL,19/48] docs: Add GNR, SRF and CWF CPU models [PULL,20/48] stub: Fix build failure with --enable-user --disable-system --enable-tools [PULL,21/48] rust/qdev: Make REALIZE safe [PULL,22/48] rust/pl011: Avoid bindings::* [PULL,23/48] memattrs: Convert unspecified member to bool [PULL,24/48] memattrs: Check the size of MemTxAttrs [PULL,25/48] rust: vmstate: add new type safe implementation [PULL,26/48] rust: vmstate: implement VMState for non-leaf types [PULL,27/48] rust: vmstate: add varray support to vmstate_of! [PULL,28/48] rust: vmstate: implement Zeroable for VMStateField [PULL,29/48] rust: vmstate: implement VMState for scalar types [PULL,30/48] rust: vmstate: add public utility macros to implement VMState [PULL,31/48] rust: qemu_api: add vmstate_struct [PULL,32/48] rust: pl011: switch vmstate to new-style macros [PULL,33/48] rust: vmstate: remove translation of C vmstate macros [PULL,34/48] rust: vmstate: make order of parameters consistent in vmstate_clock [PULL,35/48] rust: prefer NonNull::new to assertions [PULL,36/48] rust: pl011: remove unnecessary "extern crate" [PULL,37/48] rust: pl011: hide unnecessarily "pub" items from outside pl011::device [PULL,38/48] rust: pl011: extract conversion to RegisterOffset [PULL,39/48] rust: pl011: extract CharBackend receive logic into a separate function [PULL,40/48] rust: pl011: pull interrupt updates out of read/write ops [PULL,41/48] rust: pl011: extract PL011Registers [PULL,42/48] rust: pl011: wrap registers with BqlRefCell [PULL,43/48] rust: pl011: remove duplicate definitions [PULL,44/48] rust: pl011: pull device-specific code out of MemoryRegionOps callbacks [PULL,45/48] rust: pl011: drop use of ControlFlow [PULL,46/48] rust: qdev: make reset take a shared reference [PULL,47/48] rust/zeroable: Implement Zeroable with const_zero macro [PULL,48/48] rust: qemu-api: add sub-subclass to the integration tests

Commit Message

Paolo Bonzini Jan. 24, 2025, 9:44 a.m. UTC

From: Tao Su <tao1.su@linux.intel.com>

Branch History Injection (BHI) is a CPU side-channel vulnerability, where
an attacker may manipulate branch history before transitioning from user
to supervisor mode or from VMX non-root/guest to root mode. CPUs that set
BHI_NO bit in MSR IA32_ARCH_CAPABILITIES to indicate no additional
mitigation is required to prevent BHI.

Make BHI_NO bit available to guests.

Tested-by: Xuelian Guo <xuelian.guo@intel.com>
Signed-off-by: Tao Su <tao1.su@linux.intel.com>
Reviewed-by: Zhao Liu <zhao1.liu@intel.com>
Link: https://lore.kernel.org/r/20250121020650.1899618-3-tao1.su@linux.intel.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
 target/i386/cpu.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff mbox series

Patch

diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 6db8d6c9bab..33fb27a6119 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -1364,7 +1364,7 @@  FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
             "taa-no", NULL, NULL, NULL,
             NULL, "sbdr-ssdp-no", "fbsdp-no", "psdp-no",
             NULL, "fb-clear", NULL, NULL,
-            NULL, NULL, NULL, NULL,
+            "bhi-no", NULL, NULL, NULL,
             "pbrsb-no", NULL, "gds-no", "rfds-no",
             "rfds-clear", NULL, NULL, NULL,
         },