x86 queue for -rc1

A few fixes that missed -rc0: * CPU model documentation updates (Daniel P. Berrangé) * Fix bogus OSPKE warnings (Eduardo Habkost) * Work around KVM bugs when handing arch_capabilities (Eduardo Habkost) -----BEGIN PGP SIGNATURE----- iQIcBAABCAAGBQJck+ayAAoJECgHk2+YTcWmS6cP/iLbes+eRzkXaTMvRrSvE4h6 xGi55cLUlVQqzklPYimewn7qneCEe+R5gr4g9ajL7MPT9hBYmmcSoe5M3ElaPNHj yWncdNDZR+C/U3egAN4uw6v3pHc0u7hi7cC578aj6RcgP5tKxsxW4dGZDaW2tKKw p01xDPM6+FcrGdlNosE3GYHHB7EC35wdORHPYVjvCjEaXEOwCxndGjZurgzMPANd IR90ag1ZRx9yNDqM9O4Im+nn7MrXuhhQZiwhMlFDP6wIkmxuigxv5RXRx/j77HMg jVXmVTlh4EKP0arGO1LXywYSe2yZIuYChGHnInwkcFHJhduWt4Sq8VZlrvsAmO4u +Eb5Vlfc4nNYN9BN43LENe3V4IhakTVSKZnb+zD6ML14oI0NyItRZTVXtDqjHsB3 RJAgQTgwm05dddeFiFpVe4L//A9kbjenFxutTvOf3N3Qj6tnug6kOBChwyLjl/dV CaPYo+jTRX6KyIpXnVyo9CGgSUjFjSHzSx5C/clIYLZkMFtl8WOKEPPrommgD1WP wTE80mt2avPcdXlX41MvTrKIALKbFI96CBYm8rL7uU4okYmssAKNMPuj2a9oPtKB OuqeXCjVrKKdpk9dmVAjbAUh16xReeB1BJ1y0tv2efx/P/jlhkFSg8g3kIVPSpX8 o1FBZggBdRwjfagVKXoo =Wg+0 -----END PGP SIGNATURE----- Merge remote-tracking branch 'remotes/ehabkost/tags/x86-next-pull-request' into staging x86 queue for -rc1 A few fixes that missed -rc0: * CPU model documentation updates (Daniel P. Berrangé) * Fix bogus OSPKE warnings (Eduardo Habkost) * Work around KVM bugs when handing arch_capabilities (Eduardo Habkost) # gpg: Signature made Thu 21 Mar 2019 19:32:02 GMT # gpg: using RSA key 2807936F984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>" [full] # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/x86-next-pull-request: docs: add note about stibp CPU feature for spectre v2 docs: clarify that spec-ctrl is only needed for Spectre v2 i386: Disable OSPKE on CPU model definitions i386: Make arch_capabilities migratable i386: kvm: Disable arch_capabilities if MSR can't be set Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-03-22 09:37:38 +00:00 · 2019-03-22 09:37:38 +00:00 · d97a39d903
commit d97a39d903
parent c692931cda 21ee4787e5
4 changed files with 69 additions and 8 deletions
--- a/docs/qemu-cpu-models.texi
+++ b/docs/qemu-cpu-models.texi
@ -158,8 +158,7 @@ support this feature.

@item @code{spec-ctrl}

-Required to enable the Spectre (CVE-2017-5753 and CVE-2017-5715) fix,
-in cases where retpolines are not sufficient.
+Required to enable the Spectre v2 (CVE-2017-5715) fix.

 Included by default in Intel CPU models with -IBRS suffix.

@ -169,6 +168,17 @@ Requires the host CPU microcode to support this feature before it
 can be used for guest CPUs.


+@item @code{stibp}
+
+Required to enable stronger Spectre v2 (CVE-2017-5715) fixes in some
+operating systems.
+
+Must be explicitly turned on for all Intel CPU models.
+
+Requires the host CPU microcode to support this feature before it
+can be used for guest CPUs.
+
+
@item @code{ssbd}

 Required to enable the CVE-2018-3639 fix
@ -249,8 +259,7 @@ included if using "Host passthrough" or "Host model".

@item @code{ibpb}

-Required to enable the Spectre (CVE-2017-5753 and CVE-2017-5715) fix,
-in cases where retpolines are not sufficient.
+Required to enable the Spectre v2 (CVE-2017-5715) fix.

 Included by default in AMD CPU models with -IBPB suffix.

@ -260,6 +269,17 @@ Requires the host CPU microcode to support this feature before it
 can be used for guest CPUs.


+@item @code{stibp}
+
+Required to enable stronger Spectre v2 (CVE-2017-5715) fixes in some
+operating systems.
+
+Must be explicitly turned on for all AMD CPU models.
+
+Requires the host CPU microcode to support this feature before it
+can be used for guest CPUs.
+
+
@item @code{virt-ssbd}

 Required to enable the CVE-2018-3639 fix
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@ -1089,7 +1089,6 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
            .reg = R_EDX,
        },
        .tcg_features = TCG_7_0_EDX_FEATURES,
-        .unmigratable_flags = CPUID_7_0_EDX_ARCH_CAPABILITIES,
    },
    [FEAT_8000_0007_EDX] = {
        .type = CPUID_FEATURE_WORD,
@ -2533,7 +2532,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
            CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
            CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
        .features[FEAT_7_0_ECX] =
-            CPUID_7_0_ECX_PKU | CPUID_7_0_ECX_OSPKE |
+            CPUID_7_0_ECX_PKU |
            CPUID_7_0_ECX_AVX512VNNI,
        .features[FEAT_7_0_EDX] =
            CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
@ -2586,7 +2585,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
            CPUID_7_0_EBX_SMAP,
        .features[FEAT_7_0_ECX] =
            CPUID_7_0_ECX_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU |
-            CPUID_7_0_ECX_OSPKE | CPUID_7_0_ECX_VBMI2 | CPUID_7_0_ECX_GFNI |
+            CPUID_7_0_ECX_VBMI2 | CPUID_7_0_ECX_GFNI |
            CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
            CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG |
            CPUID_7_0_ECX_AVX512_VPOPCNTDQ,
@ -2644,7 +2643,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
            CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
        .features[FEAT_7_0_ECX] =
            CPUID_7_0_ECX_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU |
-            CPUID_7_0_ECX_OSPKE | CPUID_7_0_ECX_VBMI2 | CPUID_7_0_ECX_GFNI |
+            CPUID_7_0_ECX_VBMI2 | CPUID_7_0_ECX_GFNI |
            CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
            CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG |
            CPUID_7_0_ECX_AVX512_VPOPCNTDQ | CPUID_7_0_ECX_LA57,
--- a/target/i386/kvm.c
+++ b/target/i386/kvm.c
@ -389,6 +389,15 @@ uint32_t kvm_arch_get_supported_cpuid(KVMState *s, uint32_t function,
        if (host_tsx_blacklisted()) {
            ret &= ~(CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_HLE);
        }
+    } else if (function == 7 && index == 0 && reg == R_EDX) {
+        /*
+         * Linux v4.17-v4.20 incorrectly return ARCH_CAPABILITIES on SVM hosts.
+         * We can detect the bug by checking if MSR_IA32_ARCH_CAPABILITIES is
+         * returned by KVM_GET_MSR_INDEX_LIST.
+         */
+        if (!has_msr_arch_capabs) {
+            ret &= ~CPUID_7_0_EDX_ARCH_CAPABILITIES;
+        }
    } else if (function == 0x80000001 && reg == R_ECX) {
        /*
         * It's safe to enable TOPOEXT even if it's not returned by
--- a/tests/acceptance/cpu_queries.py
+++ b/tests/acceptance/cpu_queries.py
@ -0,0 +1,33 @@
+# Sanity check of query-cpu-* results
+#
+# Copyright (c) 2019 Red Hat, Inc.
+#
+# Author:
+#  Eduardo Habkost <ehabkost@redhat.com>
+#
+# This work is licensed under the terms of the GNU GPL, version 2 or
+# later.  See the COPYING file in the top-level directory.
+
+import logging
+
+from avocado_qemu import Test
+
+class QueryCPUModelExpansion(Test):
+    """
+    Run query-cpu-model-expansion for each CPU model, and validate results
+    """
+
+    def test(self):
+        self.vm.set_machine('none')
+        self.vm.add_args('-S')
+        self.vm.launch()
+
+        cpus = self.vm.command('query-cpu-definitions')
+        for c in cpus:
+            print(repr(c))
+            self.assertNotIn('', c['unavailable-features'], c['name'])
+
+        for c in cpus:
+            model = {'name': c['name']}
+            e = self.vm.command('query-cpu-model-expansion', model=model, type='full')
+            self.assertEquals(e['model']['name'], c['name'])