|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH for-4.6] amend "x86/spec-ctrl: CPUID/MSR definitions for L1D_FLUSH"
This is part of XSA-273 / CVE-2018-3646.
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
--- a/tools/libxc/xc_cpufeature.h
+++ b/tools/libxc/xc_cpufeature.h
@@ -147,6 +147,7 @@
/* Intel-defined CPU features, CPUID level 0x00000007:0 (edx) */
#define X86_FEATURE_IBRSB 26 /* IBRS and IBPB support (used by Intel) */
#define X86_FEATURE_STIBP 27 /* STIBP */
+#define X86_FEATURE_L1D_FLUSH 28 /* MSR_FLUSH_CMD and L1D flush. */
#define X86_FEATURE_SSBD 31 /* MSR_SPEC_CTRL.SSBD available */
#endif /* __LIBXC_CPUFEATURE_H */
--- 2016-02-12e.orig/tools/libxc/xc_cpuid_x86.c
+++ 2016-02-12e/tools/libxc/xc_cpuid_x86.c
@@ -370,6 +370,7 @@ static void xc_cpuid_hvm_policy(
bitmaskof(X86_FEATURE_FSGSBASE));
regs[3] &= (bitmaskof(X86_FEATURE_IBRSB) |
bitmaskof(X86_FEATURE_STIBP) |
+ bitmaskof(X86_FEATURE_L1D_FLUSH) |
bitmaskof(X86_FEATURE_SSBD));
} else
regs[1] = regs[3] = 0;
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -4627,6 +4627,8 @@ void hvm_cpuid(unsigned int input, unsig
if ( !boot_cpu_has(X86_FEATURE_SC_MSR_HVM) )
*edx &= ~(cpufeat_mask(X86_FEATURE_IBRSB) |
cpufeat_mask(X86_FEATURE_SSBD));
+ if ( !boot_cpu_has(X86_FEATURE_L1D_FLUSH) )
+ *edx &= ~cpufeat_mask(X86_FEATURE_L1D_FLUSH);
/*
* Override STIBP to match IBRS. Guests can safely use STIBP
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -882,6 +882,7 @@ void pv_cpuid(struct cpu_user_regs *regs
if ( !boot_cpu_has(X86_FEATURE_SC_MSR_PV) )
d &= ~(cpufeat_mask(X86_FEATURE_IBRSB) |
cpufeat_mask(X86_FEATURE_SSBD));
+ d &= ~cpufeat_mask(X86_FEATURE_L1D_FLUSH);
/*
* Override STIBP to match IBRS. Guests can safely use STIBP
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |