diff options
| author | Peter Maydell <peter.maydell@linaro.org> | 2019-03-22 09:37:38 +0000 |
|---|---|---|
| committer | Peter Maydell <peter.maydell@linaro.org> | 2019-03-22 09:37:38 +0000 |
| commit | d97a39d903fe33c45be83ac6943a2f82a3649a11 (patch) | |
| tree | 8ea0570b32d20bea33ea6977f44b838613f5f0f3 /docs/qemu-cpu-models.texi | |
| parent | c692931cda9dc6cbc16b89d5094a725a10dbb641 (diff) | |
| parent | 21ee4787e53367590f284915bf4c30c684e65bdf (diff) | |
| download | focaccia-qemu-d97a39d903fe33c45be83ac6943a2f82a3649a11.tar.gz focaccia-qemu-d97a39d903fe33c45be83ac6943a2f82a3649a11.zip | |
Merge remote-tracking branch 'remotes/ehabkost/tags/x86-next-pull-request' into staging
x86 queue for -rc1 A few fixes that missed -rc0: * CPU model documentation updates (Daniel P. Berrangé) * Fix bogus OSPKE warnings (Eduardo Habkost) * Work around KVM bugs when handing arch_capabilities (Eduardo Habkost) # gpg: Signature made Thu 21 Mar 2019 19:32:02 GMT # gpg: using RSA key 2807936F984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>" [full] # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/x86-next-pull-request: docs: add note about stibp CPU feature for spectre v2 docs: clarify that spec-ctrl is only needed for Spectre v2 i386: Disable OSPKE on CPU model definitions i386: Make arch_capabilities migratable i386: kvm: Disable arch_capabilities if MSR can't be set Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Diffstat (limited to 'docs/qemu-cpu-models.texi')
| -rw-r--r-- | docs/qemu-cpu-models.texi | 28 |
1 files changed, 24 insertions, 4 deletions
diff --git a/docs/qemu-cpu-models.texi b/docs/qemu-cpu-models.texi index 1b72584161..23c11dc86f 100644 --- a/docs/qemu-cpu-models.texi +++ b/docs/qemu-cpu-models.texi @@ -158,8 +158,7 @@ support this feature. @item @code{spec-ctrl} -Required to enable the Spectre (CVE-2017-5753 and CVE-2017-5715) fix, -in cases where retpolines are not sufficient. +Required to enable the Spectre v2 (CVE-2017-5715) fix. Included by default in Intel CPU models with -IBRS suffix. @@ -169,6 +168,17 @@ Requires the host CPU microcode to support this feature before it can be used for guest CPUs. +@item @code{stibp} + +Required to enable stronger Spectre v2 (CVE-2017-5715) fixes in some +operating systems. + +Must be explicitly turned on for all Intel CPU models. + +Requires the host CPU microcode to support this feature before it +can be used for guest CPUs. + + @item @code{ssbd} Required to enable the CVE-2018-3639 fix @@ -249,8 +259,7 @@ included if using "Host passthrough" or "Host model". @item @code{ibpb} -Required to enable the Spectre (CVE-2017-5753 and CVE-2017-5715) fix, -in cases where retpolines are not sufficient. +Required to enable the Spectre v2 (CVE-2017-5715) fix. Included by default in AMD CPU models with -IBPB suffix. @@ -260,6 +269,17 @@ Requires the host CPU microcode to support this feature before it can be used for guest CPUs. +@item @code{stibp} + +Required to enable stronger Spectre v2 (CVE-2017-5715) fixes in some +operating systems. + +Must be explicitly turned on for all AMD CPU models. + +Requires the host CPU microcode to support this feature before it +can be used for guest CPUs. + + @item @code{virt-ssbd} Required to enable the CVE-2018-3639 fix |