cpu: define the 'ssbd' CPUID feature bit (CVE-2018-3639)

New microcode introduces the "Speculative Store Bypass Disable" CPUID feature bit. This needs to be exposed to guest OS to allow them to protect against CVE-2018-3639. Signed-off-by: N Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: N Jiri Denemark <jdenemar@redhat.com>

cpu: define the 'ssbd' CPUID feature bit (CVE-2018-3639)
New microcode introduces the "Speculative Store Bypass Disable" CPUID feature bit. This needs to be exposed to guest OS to allow them to protect against CVE-2018-3639. Signed-off-by: N Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: N Jiri Denemark <jdenemar@redhat.com>
1dbca2ec · Daniel P. Berrangé · Jiri Denemark · 08e190fd · 1dbca2ec
隐藏空白更改
内联并排

Showing with 3 addition and 0 deletion

src/cpu/cpu_map.xml src/cpu/cpu_map.xml +3 -0

未找到文件。
--- a/src/cpu/cpu_map.xml
+++ b/src/cpu/cpu_map.xml
@@ -298,6 +298,9 @@
    <feature name='spec-ctrl'>
      <cpuid eax_in='0x07' ecx_in='0x00' edx='0x04000000'/>
    </feature>
+    <feature name='ssbd'>
+      <cpuid eax_in='0x07' ecx_in='0x00' edx='0x80000000'/>
+    </feature>
    <!-- Processor Extended State Enumeration sub leaf 1 -->
    <feature name='xsaveopt'>