diff options
Diffstat (limited to 'system/qemu/patches/0003-i386-define-the-AMD-virt-ssbd-CPUID-feature-bit-CVE-.patch')
-rw-r--r-- | system/qemu/patches/0003-i386-define-the-AMD-virt-ssbd-CPUID-feature-bit-CVE-.patch | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/system/qemu/patches/0003-i386-define-the-AMD-virt-ssbd-CPUID-feature-bit-CVE-.patch b/system/qemu/patches/0003-i386-define-the-AMD-virt-ssbd-CPUID-feature-bit-CVE-.patch new file mode 100644 index 0000000000..09f7116d6a --- /dev/null +++ b/system/qemu/patches/0003-i386-define-the-AMD-virt-ssbd-CPUID-feature-bit-CVE-.patch @@ -0,0 +1,41 @@ +From f956cd4aed74d55ecc03d3c33ea66b1d933cb28f Mon Sep 17 00:00:00 2001 +From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> +Date: Mon, 21 May 2018 22:54:23 +0100 +Subject: [PATCH 3/3] i386: define the AMD 'virt-ssbd' CPUID feature bit + (CVE-2018-3639) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +AMD Zen expose the Intel equivalant to Speculative Store Bypass Disable +via the 0x80000008_EBX[25] CPUID feature bit. + +This needs to be exposed to guest OS to allow them to protect +against CVE-2018-3639. + +Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> +Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> +Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> +Message-Id: <20180521215424.13520-3-berrange@redhat.com> +Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> +(cherry picked from commit 403503b162ffc33fb64cfefdf7b880acf41772cd) +--- + target/i386/cpu.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/target/i386/cpu.c b/target/i386/cpu.c +index 2f5263e22f..2e305ab689 100644 +--- a/target/i386/cpu.c ++++ b/target/i386/cpu.c +@@ -541,7 +541,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + "ibpb", NULL, NULL, NULL, + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, +- NULL, NULL, NULL, NULL, ++ NULL, "virt-ssbd", NULL, NULL, + NULL, NULL, NULL, NULL, + }, + .cpuid_eax = 0x80000008, +-- +2.17.0 + |