[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH for-4.6] amend "x86/spec-ctrl: CPUID/MSR definitions for L1D_FLUSH"



This is part of XSA-273 / CVE-2018-3646.

Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>

--- a/tools/libxc/xc_cpufeature.h
+++ b/tools/libxc/xc_cpufeature.h
@@ -147,6 +147,7 @@
 /* Intel-defined CPU features, CPUID level 0x00000007:0 (edx) */
 #define X86_FEATURE_IBRSB       26 /* IBRS and IBPB support (used by Intel) */
 #define X86_FEATURE_STIBP       27 /* STIBP */
+#define X86_FEATURE_L1D_FLUSH   28 /* MSR_FLUSH_CMD and L1D flush. */
 #define X86_FEATURE_SSBD        31 /* MSR_SPEC_CTRL.SSBD available */
 
 #endif /* __LIBXC_CPUFEATURE_H */
--- 2016-02-12e.orig/tools/libxc/xc_cpuid_x86.c
+++ 2016-02-12e/tools/libxc/xc_cpuid_x86.c
@@ -370,6 +370,7 @@ static void xc_cpuid_hvm_policy(
                         bitmaskof(X86_FEATURE_FSGSBASE));
             regs[3] &= (bitmaskof(X86_FEATURE_IBRSB) |
                         bitmaskof(X86_FEATURE_STIBP) |
+                        bitmaskof(X86_FEATURE_L1D_FLUSH) |
                         bitmaskof(X86_FEATURE_SSBD));
         } else
             regs[1] = regs[3] = 0;
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -4627,6 +4627,8 @@ void hvm_cpuid(unsigned int input, unsig
             if ( !boot_cpu_has(X86_FEATURE_SC_MSR_HVM) )
                 *edx &= ~(cpufeat_mask(X86_FEATURE_IBRSB) |
                           cpufeat_mask(X86_FEATURE_SSBD));
+            if ( !boot_cpu_has(X86_FEATURE_L1D_FLUSH) )
+                *edx &= ~cpufeat_mask(X86_FEATURE_L1D_FLUSH);
 
             /*
              * Override STIBP to match IBRS.  Guests can safely use STIBP
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -882,6 +882,7 @@ void pv_cpuid(struct cpu_user_regs *regs
                 if ( !boot_cpu_has(X86_FEATURE_SC_MSR_PV) )
                     d &= ~(cpufeat_mask(X86_FEATURE_IBRSB) |
                            cpufeat_mask(X86_FEATURE_SSBD));
+                d &= ~cpufeat_mask(X86_FEATURE_L1D_FLUSH);
 
                 /*
                  * Override STIBP to match IBRS.  Guests can safely use STIBP



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.