mirror of https://gitee.com/openkylin/libvirt.git
9267342206
Some AMD processors only support a non-architectural means of enabling Speculative Store Bypass Disable. To allow simplified handling in virtual environments, hypervisors will expose an architectural definition through CPUID bit 0x80000008_EBX[25]. This needs to be exposed to guest OS running on AMD x86 hosts to allow them to protect against CVE-2018-3639. Note that since this CPUID bit won't be present in the host CPUID results on physical hosts, it will not be enabled automatically in guests configured with "host-model" CPU unless using QEMU version >= 2.9.0. Thus for older versions of QEMU, this feature must be manually enabled using policy=force. Guests using the "host-passthrough" CPU mode do not need special handling. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Jiri Denemark <jdenemar@redhat.com> |
||
|---|---|---|
| .. | ||
| Makefile.inc.am | ||
| cpu.c | ||
| cpu.h | ||
| cpu_arm.c | ||
| cpu_arm.h | ||
| cpu_map.c | ||
| cpu_map.h | ||
| cpu_map.xml | ||
| cpu_ppc64.c | ||
| cpu_ppc64.h | ||
| cpu_ppc64_data.h | ||
| cpu_s390.c | ||
| cpu_s390.h | ||
| cpu_x86.c | ||
| cpu_x86.h | ||
| cpu_x86_data.h | ||