qemu-kvm/kvm-target-i386-add-MDS-NO-feature.patch

From dd19ddadfbabc54415977cd0b9b3f520a87988ad Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Sun, 23 Jun 2019 15:19:17 +0200
Subject: [PATCH 3/6] target/i386: add MDS-NO feature

RH-Author: Paolo Bonzini <pbonzini@redhat.com>
Message-id: <20190623151917.7942-1-pbonzini@redhat.com>
Patchwork-id: 88873
O-Subject: [RHEL-AV-8.1.0 PATCH qemu-kvm] target/i386: add MDS-NO feature
Bugzilla: 1722839
RH-Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
RH-Acked-by: Stefano Garzarella <sgarzare@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>

Bugzilla: 1722839

Brew build: 22317828

Microarchitectural Data Sampling is a hardware vulnerability which allows
unprivileged speculative access to data which is available in various CPU
internal buffers.

Some Intel processors use the ARCH_CAP_MDS_NO bit in the
IA32_ARCH_CAPABILITIES
MSR to report that they are not vulnerable, make it available to guests.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20190516185320.28340-1-pbonzini@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
(cherry picked from commit 20140a82c67467f53814ca197403d5e1b561a5e5)
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
 target/i386/cpu.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 3886464..2e73821 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -1183,7 +1183,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
         .type = MSR_FEATURE_WORD,
         .feat_names = {
             "rdctl-no", "ibrs-all", "rsba", "skip-l1dfl-vmentry",
-            "ssb-no", NULL, NULL, NULL,
+            "ssb-no", "mds-no", NULL, NULL,
             NULL, NULL, NULL, NULL,
             NULL, NULL, NULL, NULL,
             NULL, NULL, NULL, NULL,
-- 
1.8.3.1
* Mon Jul 08 2019 Miroslav Rezanina <mrezanin@redhat.com> - 4.0.0-5.el8 - kvm-qemu-kvm.spec-bump-libseccomp-2.4.0.patch [bz#1720306] - kvm-qxl-check-release-info-object.patch [bz#1712717] - kvm-target-i386-add-MDS-NO-feature.patch [bz#1722839] - kvm-block-file-posix-Unaligned-O_DIRECT-block-status.patch [bz#1588356] - kvm-iotests-Test-unaligned-raw-images-with-O_DIRECT.patch [bz#1588356] - kvm-rh-set-CONFIG_BOCHS_DISPLAY-y-for-x86.patch [bz#1707118] - Resolves: bz#1588356 (qemu crashed on the source host when do storage migration with source qcow2 disk created by 'qemu-img') - Resolves: bz#1707118 (enable device: bochs-display (QEMU)) - Resolves: bz#1712717 (CVE-2019-12155 qemu-kvm: QEMU: qxl: null pointer dereference while releasing spice resources [rhel-av-8]) - Resolves: bz#1720306 (VM failed to start with error "failed to install seccomp syscall filter in the kernel") - Resolves: bz#1722839 ([Intel 8.1 FEAT] MDS_NO exposure to guest - Fast Train) 2019-07-08 12:20:34 +00:00			`From dd19ddadfbabc54415977cd0b9b3f520a87988ad Mon Sep 17 00:00:00 2001`
			`From: Paolo Bonzini <pbonzini@redhat.com>`
			`Date: Sun, 23 Jun 2019 15:19:17 +0200`
			`Subject: [PATCH 3/6] target/i386: add MDS-NO feature`

			`RH-Author: Paolo Bonzini <pbonzini@redhat.com>`
			`Message-id: <20190623151917.7942-1-pbonzini@redhat.com>`
			`Patchwork-id: 88873`
			`O-Subject: [RHEL-AV-8.1.0 PATCH qemu-kvm] target/i386: add MDS-NO feature`
			`Bugzilla: 1722839`
			`RH-Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>`
			`RH-Acked-by: Stefano Garzarella <sgarzare@redhat.com>`
			`RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>`

			`Bugzilla: 1722839`

			`Brew build: 22317828`

			`Microarchitectural Data Sampling is a hardware vulnerability which allows`
			`unprivileged speculative access to data which is available in various CPU`
			`internal buffers.`

			`Some Intel processors use the ARCH_CAP_MDS_NO bit in the`
			`IA32_ARCH_CAPABILITIES`
			`MSR to report that they are not vulnerable, make it available to guests.`

			`Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>`
			`Message-Id: <20190516185320.28340-1-pbonzini@redhat.com>`
			`Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>`
			`(cherry picked from commit 20140a82c67467f53814ca197403d5e1b561a5e5)`
			`Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>`
			`---`
			`target/i386/cpu.c \| 2 +-`
			`1 file changed, 1 insertion(+), 1 deletion(-)`

			`diff --git a/target/i386/cpu.c b/target/i386/cpu.c`
			`index 3886464..2e73821 100644`
			`--- a/target/i386/cpu.c`
			`+++ b/target/i386/cpu.c`
			`@@ -1183,7 +1183,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {`
			`.type = MSR_FEATURE_WORD,`
			`.feat_names = {`
			`"rdctl-no", "ibrs-all", "rsba", "skip-l1dfl-vmentry",`
			`- "ssb-no", NULL, NULL, NULL,`
			`+ "ssb-no", "mds-no", NULL, NULL,`
			`NULL, NULL, NULL, NULL,`
			`NULL, NULL, NULL, NULL,`
			`NULL, NULL, NULL, NULL,`
			`--`
			`1.8.3.1`