rpms/qemu-kvm
7
0
Fork 0
Code Issues Pull Requests Releases Activity
bd7b93c113
qemu-kvm/kvm-target-i386-Expose-bits-related-to-SRSO-vulnerabilit.patch
Miroslav Rezanina bd7b93c113 * Tue Jul 08 2025 Miroslav Rezanina <mrezanin@redhat.com> - 9.1.0-25 
- kvm-s390x-Fix-leak-in-machine_set_loadparm.patch [RHEL-98554]
- kvm-hw-s390x-ccw-device-Fix-memory-leak-in-loadparm-sett.patch [RHEL-98554]
- kvm-amd_iommu-Rename-variable-mmio-to-mr_mmio.patch [RHEL-66202]
- kvm-amd_iommu-Add-support-for-pass-though-mode.patch [RHEL-66202]
- kvm-amd_iommu-Use-shared-memory-region-for-Interrupt-Rem.patch [RHEL-66202]
- kvm-amd_iommu-Send-notification-when-invalidate-interrup.patch [RHEL-66202]
- kvm-amd_iommu-Check-APIC-ID-255-for-XTSup.patch [RHEL-66202]
- kvm-io-Fix-partial-struct-copy-in-qio_dns_resolver_looku.patch [RHEL-67104]
- kvm-util-qemu-sockets-Refactor-setting-client-sockopts-i.patch [RHEL-67104]
- kvm-util-qemu-sockets-Refactor-success-and-failure-paths.patch [RHEL-67104]
- kvm-util-qemu-sockets-Add-support-for-keep-alive-flag-to.patch [RHEL-67104]
- kvm-util-qemu-sockets-Refactor-inet_parse-to-use-QemuOpt.patch [RHEL-67104]
- kvm-util-qemu-sockets-Introduce-inet-socket-options-cont.patch [RHEL-67104]
- kvm-tests-unit-test-util-sockets-fix-mem-leak-on-error-o.patch [RHEL-67104]
- kvm-target-i386-Expose-bits-related-to-SRSO-vulnerabilit.patch [RHEL-52649]
- kvm-target-i386-Add-PerfMonV2-feature-bit.patch [RHEL-52649]
- kvm-target-i386-Update-EPYC-CPU-model-for-Cache-property.patch [RHEL-52649]
- kvm-target-i386-Update-EPYC-Rome-CPU-model-for-Cache-pro.patch [RHEL-52649]
- kvm-target-i386-Update-EPYC-Milan-CPU-model-for-Cache-pr.patch [RHEL-52649]
- kvm-target-i386-Add-couple-of-feature-bits-in-CPUID_Fn80.patch [RHEL-52649]
- kvm-target-i386-Update-EPYC-Genoa-for-Cache-property-per.patch [RHEL-52649]
- kvm-target-i386-Add-support-for-EPYC-Turin-model.patch [RHEL-52649]
- kvm-hw-i386-amd_iommu-Assign-pci-id-0x1419-for-the-AMD-I.patch [RHEL-70926]
- kvm-hw-i386-amd_iommu-Isolate-AMDVI-PCI-from-amd-iommu-d.patch [RHEL-70925]
- kvm-hw-i386-amd_iommu-Allow-migration-when-explicitly-cr.patch [RHEL-70925]
- kvm-Enable-amd-iommu-device.patch [RHEL-70925]
- kvm-include-qemu-compiler-add-QEMU_UNINITIALIZED-attribu.patch [RHEL-99888]
- kvm-hw-virtio-virtio-avoid-cost-of-ftrivial-auto-var-ini.patch [RHEL-99888]
- kvm-block-skip-automatic-zero-init-of-large-array-in-ioq.patch [RHEL-99888]
- kvm-chardev-char-fd-skip-automatic-zero-init-of-large-ar.patch [RHEL-99888]
- kvm-chardev-char-pty-skip-automatic-zero-init-of-large-a.patch [RHEL-99888]
- kvm-chardev-char-socket-skip-automatic-zero-init-of-larg.patch [RHEL-99888]
- kvm-hw-audio-ac97-skip-automatic-zero-init-of-large-arra.patch [RHEL-99888]
- kvm-hw-audio-cs4231a-skip-automatic-zero-init-of-large-a.patch [RHEL-99888]
- kvm-hw-audio-es1370-skip-automatic-zero-init-of-large-ar.patch [RHEL-99888]
- kvm-hw-audio-gus-skip-automatic-zero-init-of-large-array.patch [RHEL-99888]
- kvm-hw-audio-marvell_88w8618-skip-automatic-zero-init-of.patch [RHEL-99888]
- kvm-hw-audio-sb16-skip-automatic-zero-init-of-large-arra.patch [RHEL-99888]
- kvm-hw-audio-via-ac97-skip-automatic-zero-init-of-large-.patch [RHEL-99888]
- kvm-hw-char-sclpconsole-lm-skip-automatic-zero-init-of-l.patch [RHEL-99888]
- kvm-hw-dma-xlnx_csu_dma-skip-automatic-zero-init-of-larg.patch [RHEL-99888]
- kvm-hw-display-vmware_vga-skip-automatic-zero-init-of-la.patch [RHEL-99888]
- kvm-hw-hyperv-syndbg-skip-automatic-zero-init-of-large-a.patch [RHEL-99888]
- kvm-hw-misc-aspeed_hace-skip-automatic-zero-init-of-larg.patch [RHEL-99888]
- kvm-hw-net-rtl8139-skip-automatic-zero-init-of-large-arr.patch [RHEL-99888]
- kvm-hw-net-tulip-skip-automatic-zero-init-of-large-array.patch [RHEL-99888]
- kvm-hw-net-virtio-net-skip-automatic-zero-init-of-large-.patch [RHEL-99888]
- kvm-hw-net-xgamc-skip-automatic-zero-init-of-large-array.patch [RHEL-99888]
- kvm-hw-nvme-ctrl-skip-automatic-zero-init-of-large-array.patch [RHEL-99888]
- kvm-hw-ppc-spapr_tpm_proxy-skip-automatic-zero-init-of-l.patch [RHEL-99888]
- kvm-hw-usb-hcd-ohci-skip-automatic-zero-init-of-large-ar.patch [RHEL-99888]
- kvm-hw-scsi-lsi53c895a-skip-automatic-zero-init-of-large.patch [RHEL-99888]
- kvm-hw-scsi-megasas-skip-automatic-zero-init-of-large-ar.patch [RHEL-99888]
- kvm-hw-ufs-lu-skip-automatic-zero-init-of-large-array.patch [RHEL-99888]
- kvm-net-socket-skip-automatic-zero-init-of-large-array.patch [RHEL-99888]
- kvm-net-stream-skip-automatic-zero-init-of-large-array.patch [RHEL-99888]
- kvm-ui-vnc-Update-display-update-interval-when-VM-state-.patch [RHEL-100741]
- Resolves: RHEL-98554
  ([s390x][RHEL9.7.0][virtio_block] there would be memory leak with virtio_blk disks)
- Resolves: RHEL-66202
  ([AMDSERVER 9.6 Feature] qemu: Interrupt Remap support for emulated amd viommu)
- Resolves: RHEL-67104
  (postcopy on the destination host can't switch into pause status under the network issue if boot VM with '-S')
- Resolves: RHEL-52649
  ([AMDSERVER 9.6 Feature] Turin: Qemu EPYC-Turin Model)
- Resolves: RHEL-70926
  (Qemu/amd-iommu: Advertise a suitable device id)
- Resolves: RHEL-70925
  (Qemu/amd-iommu: Add ability to manually specify the AMDVI-PCI device)
- Resolves: RHEL-99888
  (-ftrivial-auto-var-init=zero reduced performance [rhel-9])
- Resolves: RHEL-100741
  (Video stuck after switchover phase when play one video during migration [rhel-9])
2025-07-08 02:53:14 -04:00

85 lines
3.8 KiB
Diff
Raw Blame History

From 1d667a354613385b1552fdbae91799882776f908 Mon Sep 17 00:00:00 2001
From: Babu Moger <babu.moger@amd.com>
Date: Thu, 24 Oct 2024 17:18:23 -0500
Subject: [PATCH 15/57] target/i386: Expose bits related to SRSO vulnerability
RH-Author: John Allen <None>
RH-MergeRequest: 378: Update EPYC Models and Feature Bits
RH-Jira: RHEL-52649
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Commit: [1/8] 9a6f4126ab023269e8afb3537aaa94ae60228382 (johnalle/qemu-kvm-fork)
Add following bits related Speculative Return Stack Overflow (SRSO).
Guests can make use of these bits if supported.
These bits are reported via CPUID Fn8000_0021_EAX.
===================================================================
Bit Feature Description
===================================================================
27 SBPB Indicates support for the Selective Branch Predictor Barrier.
28 IBPB_BRTYPE MSR_PRED_CMD[IBPB] flushes all branch type predictions.
29 SRSO_NO Not vulnerable to SRSO.
30 SRSO_USER_KERNEL_NO Not vulnerable to SRSO at the user-kernel boundary.
===================================================================
Link: https://www.amd.com/content/dam/amd/en/documents/corporate/cr/speculative-return-stack-overflow-whitepaper.pdf
Link: https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/programmer-references/57238.zip
Signed-off-by: Babu Moger <babu.moger@amd.com>
Link: https://lore.kernel.org/r/dadbd70c38f4e165418d193918a3747bd715c5f4.1729807947.git.babu.moger@amd.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 2ec282b8eaaddf5c136f7566b5f61d80288a2065)
JIRA: https://issues.redhat.com/browse/RHEL-52649
Signed-off-by: John Allen <johnalle@redhat.com>
---
target/i386/cpu.c | 2 +-
target/i386/cpu.h | 14 +++++++++++---
2 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 0a955b1c45..53069a460c 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -1240,7 +1240,7 @@ FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
- NULL, NULL, NULL, NULL,
+ "ibpb-brtype", "srso-no", "srso-user-kernel-no", NULL,
},
.cpuid = { .eax = 0x80000021, .reg = R_EAX, },
.tcg_features = 0,
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index 4da9ed5930..9a16239b8e 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -1028,13 +1028,21 @@ uint64_t x86_cpu_get_supported_feature_word(X86CPU *cpu, FeatureWord w);
#define CPUID_8000_0008_EBX_AMD_PSFD (1U << 28)
/* Processor ignores nested data breakpoints */
-#define CPUID_8000_0021_EAX_No_NESTED_DATA_BP (1U << 0)
+#define CPUID_8000_0021_EAX_NO_NESTED_DATA_BP (1U << 0)
/* LFENCE is always serializing */
#define CPUID_8000_0021_EAX_LFENCE_ALWAYS_SERIALIZING (1U << 2)
/* Null Selector Clears Base */
-#define CPUID_8000_0021_EAX_NULL_SEL_CLR_BASE (1U << 6)
+#define CPUID_8000_0021_EAX_NULL_SEL_CLR_BASE (1U << 6)
/* Automatic IBRS */
-#define CPUID_8000_0021_EAX_AUTO_IBRS (1U << 8)
+#define CPUID_8000_0021_EAX_AUTO_IBRS (1U << 8)
+/* Selective Branch Predictor Barrier */
+#define CPUID_8000_0021_EAX_SBPB (1U << 27)
+/* IBPB includes branch type prediction flushing */
+#define CPUID_8000_0021_EAX_IBPB_BRTYPE (1U << 28)
+/* Not vulnerable to Speculative Return Stack Overflow */
+#define CPUID_8000_0021_EAX_SRSO_NO (1U << 29)
+/* Not vulnerable to SRSO at the user-kernel boundary */
+#define CPUID_8000_0021_EAX_SRSO_USER_KERNEL_NO (1U << 30)
#define CPUID_XSAVE_XSAVEOPT (1U << 0)
#define CPUID_XSAVE_XSAVEC (1U << 1)
--
2.39.3
Reference in New Issue View Git Blame Copy Permalink