merge SPEC_CTRL MSR and -IBRS CPU model patches

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

diff --git a/debian/patches/extra/0001-Revert-target-i386-disable-LINT0-after-reset.patch b/debian/patches/extra/0001-Revert-target-i386-disable-LINT0-after-reset.patch
index abe6034880268ed2805eb7a0e9118b1422ead0ac..09714dde6708c9f37fa063b51445dede4756eceb 100644 (file)
--- a/debian/patches/extra/0001-Revert-target-i386-disable-LINT0-after-reset.patch
+++ b/debian/patches/extra/0001-Revert-target-i386-disable-LINT0-after-reset.patch
@@ -1,7 +1,7 @@
-From c2835302a557437ef22944902da17686247edd35 Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Wolfgang Bumiller <w.bumiller@proxmox.com>
 Date: Mon, 4 Jul 2016 15:02:26 +0200
 From: Wolfgang Bumiller <w.bumiller@proxmox.com>
 Date: Mon, 4 Jul 2016 15:02:26 +0200

-Subject: [PATCH 01/23] Revert "target-i386: disable LINT0 after reset"
+Subject: [PATCH] Revert "target-i386: disable LINT0 after reset"

 
 This reverts commit b8eb5512fd8a115f164edbbe897cdf8884920ccb.
 ---
 
 This reverts commit b8eb5512fd8a115f164edbbe897cdf8884920ccb.
 ---

diff --git a/debian/patches/extra/0002-virtio-serial-fix-segfault-on-disconnect.patch b/debian/patches/extra/0002-virtio-serial-fix-segfault-on-disconnect.patch
index 3f0db7610fff4715c7429b80e8901e6842d69ee2..05ed7e8ad2b1a413cf78b8792454a9f1f949b5f9 100644 (file)
--- a/debian/patches/extra/0002-virtio-serial-fix-segfault-on-disconnect.patch
+++ b/debian/patches/extra/0002-virtio-serial-fix-segfault-on-disconnect.patch
@@ -1,7 +1,7 @@
-From 7ea086a97a09774c9ac8f0df236a0acb01dfc1ef Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Stefan Hajnoczi <stefanha@redhat.com>
 Date: Fri, 2 Jun 2017 10:54:24 +0100
 From: Stefan Hajnoczi <stefanha@redhat.com>
 Date: Fri, 2 Jun 2017 10:54:24 +0100

-Subject: [PATCH 02/23] virtio-serial: fix segfault on disconnect
+Subject: [PATCH] virtio-serial: fix segfault on disconnect

 
 Since commit d4c19cdeeb2f1e474bc426a6da261f1d7346eb5b ("virtio-serial:
 add missing virtio_detach_element() call") the following commands may
 
 Since commit d4c19cdeeb2f1e474bc426a6da261f1d7346eb5b ("virtio-serial:
 add missing virtio_detach_element() call") the following commands may

diff --git a/debian/patches/extra/0003-megasas-always-store-SCSIRequest-into-MegasasCmd.patch b/debian/patches/extra/0003-megasas-always-store-SCSIRequest-into-MegasasCmd.patch
index 2f0eb41db33422f1421ecfcd7af165010a73bb8b..bd2755aca56591c4c5d1571c9c1a4dc2cf3d4b87 100644 (file)
--- a/debian/patches/extra/0003-megasas-always-store-SCSIRequest-into-MegasasCmd.patch
+++ b/debian/patches/extra/0003-megasas-always-store-SCSIRequest-into-MegasasCmd.patch
@@ -1,7 +1,7 @@
-From 8a6382046bb0a71f1deb7b7ca3954662353f3f65 Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Paolo Bonzini <pbonzini@redhat.com>
 Date: Thu, 1 Jun 2017 17:26:14 +0200
 From: Paolo Bonzini <pbonzini@redhat.com>
 Date: Thu, 1 Jun 2017 17:26:14 +0200

-Subject: [PATCH 03/23] megasas: always store SCSIRequest* into MegasasCmd
+Subject: [PATCH] megasas: always store SCSIRequest* into MegasasCmd

 
 This ensures that the request is unref'ed properly, and avoids a
 segmentation fault in the new qtest testcase that is added.
 
 This ensures that the request is unref'ed properly, and avoids a
 segmentation fault in the new qtest testcase that is added.

diff --git a/debian/patches/extra/0004-slirp-check-len-against-dhcp-options-array-end.patch b/debian/patches/extra/0004-slirp-check-len-against-dhcp-options-array-end.patch
index 2af6141be8c79644747057fe014e508c158d1784..2832d63635367d0add9453f60d3fd1e46844132d 100644 (file)
--- a/debian/patches/extra/0004-slirp-check-len-against-dhcp-options-array-end.patch
+++ b/debian/patches/extra/0004-slirp-check-len-against-dhcp-options-array-end.patch
@@ -1,7 +1,7 @@
-From 76d3fb511849efb8bcd8690cd008a46408fac6dd Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Prasad J Pandit <pjp@fedoraproject.org>
 Date: Mon, 17 Jul 2017 17:33:26 +0530
 From: Prasad J Pandit <pjp@fedoraproject.org>
 Date: Mon, 17 Jul 2017 17:33:26 +0530

-Subject: [PATCH 04/23] slirp: check len against dhcp options array end
+Subject: [PATCH] slirp: check len against dhcp options array end

 
 While parsing dhcp options string in 'dhcp_decode', if an options'
 length 'len' appeared towards the end of 'bp_vend' array, ensuing
 
 While parsing dhcp options string in 'dhcp_decode', if an options'
 length 'len' appeared towards the end of 'bp_vend' array, ensuing

diff --git a/debian/patches/extra/0005-IDE-Do-not-flush-empty-CDROM-drives.patch b/debian/patches/extra/0005-IDE-Do-not-flush-empty-CDROM-drives.patch
index 808336f7645bc246b34fa643d8d2935bf266b644..86f970c90e4bda65657d9a4eece3cf3bc73d46cb 100644 (file)
--- a/debian/patches/extra/0005-IDE-Do-not-flush-empty-CDROM-drives.patch
+++ b/debian/patches/extra/0005-IDE-Do-not-flush-empty-CDROM-drives.patch
@@ -1,7 +1,7 @@
-From 1c0ba3702859ca6affc1a3f9cad3d35ccc4773ed Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Stefan Hajnoczi <stefanha@redhat.com>
 Date: Wed, 9 Aug 2017 17:02:11 +0100
 From: Stefan Hajnoczi <stefanha@redhat.com>
 Date: Wed, 9 Aug 2017 17:02:11 +0100

-Subject: [PATCH 05/23] IDE: Do not flush empty CDROM drives
+Subject: [PATCH] IDE: Do not flush empty CDROM drives

 
 The block backend changed in a way that flushing empty CDROM drives now
 crashes.  Amend IDE to avoid doing so until the root problem can be
 
 The block backend changed in a way that flushing empty CDROM drives now
 crashes.  Amend IDE to avoid doing so until the root problem can be

diff --git a/debian/patches/extra/0006-bitmap-add-bitmap_copy_and_clear_atomic.patch b/debian/patches/extra/0006-bitmap-add-bitmap_copy_and_clear_atomic.patch
index b211f243abf43ac4a762e98a7467812b8b9981c5..cd584a2d4ec82bc84c64522b15dda4723c1f10ff 100644 (file)
--- a/debian/patches/extra/0006-bitmap-add-bitmap_copy_and_clear_atomic.patch
+++ b/debian/patches/extra/0006-bitmap-add-bitmap_copy_and_clear_atomic.patch
@@ -1,7 +1,7 @@
-From 14a318bd04ab27f0f8f5dbe5aba53a817f85e016 Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Fri, 21 Apr 2017 11:16:24 +0200
 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Fri, 21 Apr 2017 11:16:24 +0200

-Subject: [PATCH 06/23] bitmap: add bitmap_copy_and_clear_atomic
+Subject: [PATCH] bitmap: add bitmap_copy_and_clear_atomic

 
 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
 Message-id: 20170421091632.30900-2-kraxel@redhat.com
 
 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
 Message-id: 20170421091632.30900-2-kraxel@redhat.com

diff --git a/debian/patches/extra/0007-memory-add-support-getting-and-using-a-dirty-bitmap-.patch b/debian/patches/extra/0007-memory-add-support-getting-and-using-a-dirty-bitmap-.patch
index d6298a8ddfc8291f7d174a10c78cc96f4d2fe80d..8b202fb208bb29ea056772c2032e5b0093027ff1 100644 (file)
--- a/debian/patches/extra/0007-memory-add-support-getting-and-using-a-dirty-bitmap-.patch
+++ b/debian/patches/extra/0007-memory-add-support-getting-and-using-a-dirty-bitmap-.patch
@@ -1,8 +1,7 @@
-From 2628973e5f8a50f3b308395fa8a33b8f4fdc9024 Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Fri, 21 Apr 2017 11:16:25 +0200
 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Fri, 21 Apr 2017 11:16:25 +0200

-Subject: [PATCH 07/23] memory: add support getting and using a dirty bitmap
- copy.
+Subject: [PATCH] memory: add support getting and using a dirty bitmap copy.

 
 This patch adds support for getting and using a local copy of the dirty
 bitmap.
 
 This patch adds support for getting and using a local copy of the dirty
 bitmap.

diff --git a/debian/patches/extra/0008-vga-add-vga_scanline_invalidated-helper.patch b/debian/patches/extra/0008-vga-add-vga_scanline_invalidated-helper.patch
index 98c5a66c9979f2fe17030ddc19d237821d829daa..78227ee2f5d86cf1e6fdf6cbc61da2c3d2ecc8b6 100644 (file)
--- a/debian/patches/extra/0008-vga-add-vga_scanline_invalidated-helper.patch
+++ b/debian/patches/extra/0008-vga-add-vga_scanline_invalidated-helper.patch
@@ -1,7 +1,7 @@
-From 248536e4a93b254fc38aa369f76e828c9ce9b45e Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Fri, 21 Apr 2017 11:16:26 +0200
 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Fri, 21 Apr 2017 11:16:26 +0200

-Subject: [PATCH 08/23] vga: add vga_scanline_invalidated helper
+Subject: [PATCH] vga: add vga_scanline_invalidated helper

 
 Add vga_scanline_invalidated helper to check whenever a scanline was
 invalidated.  Add a sanity check to fix OOB read access for display
 
 Add vga_scanline_invalidated helper to check whenever a scanline was
 invalidated.  Add a sanity check to fix OOB read access for display

diff --git a/debian/patches/extra/0009-vga-make-display-updates-thread-safe.patch b/debian/patches/extra/0009-vga-make-display-updates-thread-safe.patch
index 920bfc215ee620b479ca088b0d120141579d4afe..6c1edf852c030d5ba6c5f9354021a34d4c9b567f 100644 (file)
--- a/debian/patches/extra/0009-vga-make-display-updates-thread-safe.patch
+++ b/debian/patches/extra/0009-vga-make-display-updates-thread-safe.patch
@@ -1,7 +1,7 @@
-From 54b1106d9a24dadae42c4f4c25b4fa2560183f5b Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Fri, 21 Apr 2017 11:16:27 +0200
 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Fri, 21 Apr 2017 11:16:27 +0200

-Subject: [PATCH 09/23] vga: make display updates thread safe.
+Subject: [PATCH] vga: make display updates thread safe.

 
 The vga code clears the dirty bits *after* reading the framebuffer
 memory.  So if the guest framebuffer updates hits the race window
 
 The vga code clears the dirty bits *after* reading the framebuffer
 memory.  So if the guest framebuffer updates hits the race window

diff --git a/debian/patches/extra/0010-vga-fix-display-update-region-calculation.patch b/debian/patches/extra/0010-vga-fix-display-update-region-calculation.patch
index 5c0f5ebf2f93554c2fbdc1be731c041b398f358f..96f35ee0bf5d6165661c4a066933f646e6d73a9d 100644 (file)
--- a/debian/patches/extra/0010-vga-fix-display-update-region-calculation.patch
+++ b/debian/patches/extra/0010-vga-fix-display-update-region-calculation.patch
@@ -1,7 +1,7 @@
-From acd029e2a9b9ea93997fcb19c6cd71d6dd6c9cb6 Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Tue, 9 May 2017 12:48:39 +0200
 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Tue, 9 May 2017 12:48:39 +0200

-Subject: [PATCH 10/23] vga: fix display update region calculation
+Subject: [PATCH] vga: fix display update region calculation

 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit

diff --git a/debian/patches/extra/0011-vga-fix-display-update-region-calculation-split-scre.patch b/debian/patches/extra/0011-vga-fix-display-update-region-calculation-split-scre.patch
index f445eec73e0ea33d376421105df9fc66e8414235..9ad4652ef43c932adcc44682df200363db9a0167 100644 (file)
--- a/debian/patches/extra/0011-vga-fix-display-update-region-calculation-split-scre.patch
+++ b/debian/patches/extra/0011-vga-fix-display-update-region-calculation-split-scre.patch
@@ -1,8 +1,7 @@
-From b8aa853672ab9e94821a43b6cb2a51d24cb2be8c Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Fri, 1 Sep 2017 14:57:38 +0200
 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Fri, 1 Sep 2017 14:57:38 +0200

-Subject: [PATCH 11/23] vga: fix display update region calculation (split
- screen)
+Subject: [PATCH] vga: fix display update region calculation (split screen)

 
 vga display update mis-calculated the region for the dirty bitmap
 snapshot in case split screen mode is used.  This can trigger an
 
 vga display update mis-calculated the region for the dirty bitmap
 snapshot in case split screen mode is used.  This can trigger an

diff --git a/debian/patches/extra/0012-vga-stop-passing-pointers-to-vga_draw_line-functions.patch b/debian/patches/extra/0012-vga-stop-passing-pointers-to-vga_draw_line-functions.patch
index d8de93018ca5076fe52b581f34a401ab8610ceaa..12395c4ff7eb508dcd2f12d21810f040428118f5 100644 (file)
--- a/debian/patches/extra/0012-vga-stop-passing-pointers-to-vga_draw_line-functions.patch
+++ b/debian/patches/extra/0012-vga-stop-passing-pointers-to-vga_draw_line-functions.patch
@@ -1,7 +1,7 @@
-From 51b08381408f248b1149c0177a90f61f703b8432 Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Fri, 1 Sep 2017 14:57:39 +0200
 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Fri, 1 Sep 2017 14:57:39 +0200

-Subject: [PATCH 12/23] vga: stop passing pointers to vga_draw_line* functions
+Subject: [PATCH] vga: stop passing pointers to vga_draw_line* functions

 
 Instead pass around the address (aka offset into vga memory).
 Add vga_read_* helper functions which apply vbe_size_mask to
 
 Instead pass around the address (aka offset into vga memory).
 Add vga_read_* helper functions which apply vbe_size_mask to

diff --git a/debian/patches/extra/0013-multiboot-validate-multiboot-header-address-values.patch b/debian/patches/extra/0013-multiboot-validate-multiboot-header-address-values.patch
index 4930d34f8719d70a36d116c1d729c0872823432c..37d12aff022bc2cfea4b381a324fea0e2aa9ea45 100644 (file)
--- a/debian/patches/extra/0013-multiboot-validate-multiboot-header-address-values.patch
+++ b/debian/patches/extra/0013-multiboot-validate-multiboot-header-address-values.patch
@@ -1,7 +1,7 @@
-From 158e47c5a3ebe4b67d35b7c1e8fecad258e735db Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Prasad J Pandit <pjp@fedoraproject.org>
 Date: Thu, 7 Sep 2017 12:02:56 +0530
 From: Prasad J Pandit <pjp@fedoraproject.org>
 Date: Thu, 7 Sep 2017 12:02:56 +0530

-Subject: [PATCH 13/23] multiboot: validate multiboot header address values
+Subject: [PATCH] multiboot: validate multiboot header address values

 
 While loading kernel via multiboot-v1 image, (flags & 0x00010000)
 indicates that multiboot header contains valid addresses to load
 
 While loading kernel via multiboot-v1 image, (flags & 0x00010000)
 indicates that multiboot header contains valid addresses to load

diff --git a/debian/patches/extra/0014-virtio-fix-descriptor-counting-in-virtqueue_pop.patch b/debian/patches/extra/0014-virtio-fix-descriptor-counting-in-virtqueue_pop.patch
index ba7d35285f496d12cd811ec7addfcb903cdf4890..526e67fa71e5de7a23e8c8e6d4d9e12e883f5441 100644 (file)
--- a/debian/patches/extra/0014-virtio-fix-descriptor-counting-in-virtqueue_pop.patch
+++ b/debian/patches/extra/0014-virtio-fix-descriptor-counting-in-virtqueue_pop.patch
@@ -1,7 +1,7 @@
-From 5cd576814744853a855ab64400e2d8d9c0b7bb0e Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Wolfgang Bumiller <w.bumiller@proxmox.com>
 Date: Wed, 20 Sep 2017 08:09:33 +0200
 From: Wolfgang Bumiller <w.bumiller@proxmox.com>
 Date: Wed, 20 Sep 2017 08:09:33 +0200

-Subject: [PATCH 14/23] virtio: fix descriptor counting in virtqueue_pop
+Subject: [PATCH] virtio: fix descriptor counting in virtqueue_pop

 
 While changing the s/g list allocation, commit 3b3b0628
 also changed the descriptor counting to count iovec entries
 
 While changing the s/g list allocation, commit 3b3b0628
 also changed the descriptor counting to count iovec entries

diff --git a/debian/patches/extra/0015-nbd-server-CVE-2017-15119-Reject-options-larger-than.patch b/debian/patches/extra/0015-nbd-server-CVE-2017-15119-Reject-options-larger-than.patch
index 05eda0e3ac149e773770e670c01bade98364910b..4f966dc4262b11bbda6bba6840de73d32a61d3d3 100644 (file)
--- a/debian/patches/extra/0015-nbd-server-CVE-2017-15119-Reject-options-larger-than.patch
+++ b/debian/patches/extra/0015-nbd-server-CVE-2017-15119-Reject-options-larger-than.patch
@@ -1,8 +1,7 @@
-From 93b7498c9e8adcd51c70f8df88b9228658b43595 Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Wolfgang Bumiller <w.bumiller@proxmox.com>
 Date: Wed, 29 Nov 2017 09:39:55 +0100
 From: Wolfgang Bumiller <w.bumiller@proxmox.com>
 Date: Wed, 29 Nov 2017 09:39:55 +0100

-Subject: [PATCH 15/23] nbd/server: CVE-2017-15119 Reject options larger than
- 32M
+Subject: [PATCH] nbd/server: CVE-2017-15119 Reject options larger than 32M

 
 Backported-from: fdad35ef6c58
 ---
 
 Backported-from: fdad35ef6c58
 ---

diff --git a/debian/patches/extra/0016-vga-migration-Update-memory-map-in-post_load.patch b/debian/patches/extra/0016-vga-migration-Update-memory-map-in-post_load.patch
index 88fdbad8e0df2c35db4ff91ef6aa30f8253de310..5941926b5e401b1f2af4655538252d92dcf928c9 100644 (file)
--- a/debian/patches/extra/0016-vga-migration-Update-memory-map-in-post_load.patch
+++ b/debian/patches/extra/0016-vga-migration-Update-memory-map-in-post_load.patch
@@ -1,7 +1,7 @@
-From 8b2be8e3f9c1ca9f78b1c87ead13f54fbd98198a Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
 Date: Fri, 4 Aug 2017 12:33:29 +0100
 From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
 Date: Fri, 4 Aug 2017 12:33:29 +0100

-Subject: [PATCH 16/23] vga/migration: Update memory map in post_load
+Subject: [PATCH] vga/migration: Update memory map in post_load

 
 After migration the chain4 alias mapping added by 80763888 (in 2011)
 might be missing, since there's no call to vga_update_memory_access
 
 After migration the chain4 alias mapping added by 80763888 (in 2011)
 might be missing, since there's no call to vga_update_memory_access

diff --git a/debian/patches/extra/0017-vga-drop-line_offset-variable.patch b/debian/patches/extra/0017-vga-drop-line_offset-variable.patch
index d3ac2946143ee28c46855ebc812957ebd31a63c7..d441d02b567c2779d98aaabb63154252a4342f88 100644 (file)
--- a/debian/patches/extra/0017-vga-drop-line_offset-variable.patch
+++ b/debian/patches/extra/0017-vga-drop-line_offset-variable.patch
@@ -1,7 +1,7 @@
-From 3a1728b97f64e3ed4efc827bce7ff917ea5b6dd1 Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Tue, 10 Oct 2017 16:13:21 +0200
 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Tue, 10 Oct 2017 16:13:21 +0200

-Subject: [PATCH 17/23] vga: drop line_offset variable
+Subject: [PATCH] vga: drop line_offset variable

 
 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
 ---
 
 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
 ---

diff --git a/debian/patches/extra/0018-vga-handle-cirrus-vbe-mode-wraparounds.patch b/debian/patches/extra/0018-vga-handle-cirrus-vbe-mode-wraparounds.patch
index 2792925b7f5d3f2673de4987befac1cc203a469e..9fe31bb01f08320f90d0e1346f9d92dbbe75e7eb 100644 (file)
--- a/debian/patches/extra/0018-vga-handle-cirrus-vbe-mode-wraparounds.patch
+++ b/debian/patches/extra/0018-vga-handle-cirrus-vbe-mode-wraparounds.patch
@@ -1,7 +1,7 @@
-From b63830cd6f59a87ef9bdb4f466ce8f4bd2ff5315 Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Tue, 10 Oct 2017 16:13:22 +0200
 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Tue, 10 Oct 2017 16:13:22 +0200

-Subject: [PATCH 18/23] vga: handle cirrus vbe mode wraparounds.
+Subject: [PATCH] vga: handle cirrus vbe mode wraparounds.

 
 Commit "3d90c62548 vga: stop passing pointers to vga_draw_line*
 functions" is incomplete.  It doesn't handle the case that the vga
 
 Commit "3d90c62548 vga: stop passing pointers to vga_draw_line*
 functions" is incomplete.  It doesn't handle the case that the vga

diff --git a/debian/patches/extra/0019-vga-add-ram_addr_t-cast.patch b/debian/patches/extra/0019-vga-add-ram_addr_t-cast.patch
index 85f800b3038b72c611e572cb7e3b7f7b30a907c4..bc89a7e70483587aacd84ea429416ded5def71e2 100644 (file)
--- a/debian/patches/extra/0019-vga-add-ram_addr_t-cast.patch
+++ b/debian/patches/extra/0019-vga-add-ram_addr_t-cast.patch
@@ -1,7 +1,7 @@
-From 918868b77c7a04d3e2aa7bbc7f9255dafe75f709 Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Tue, 10 Oct 2017 16:13:23 +0200
 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Tue, 10 Oct 2017 16:13:23 +0200

-Subject: [PATCH 19/23] vga: add ram_addr_t cast
+Subject: [PATCH] vga: add ram_addr_t cast

 
 Reported by Coverity.
 
 
 Reported by Coverity.
 

diff --git a/debian/patches/extra/0020-vga-fix-region-checks-in-wraparound-case.patch b/debian/patches/extra/0020-vga-fix-region-checks-in-wraparound-case.patch
index c1e1e998946ccafb7f2a0652bed62ecb2eff0ed0..371403d53e52acfedb9bc6231faa5e0023b44814 100644 (file)
--- a/debian/patches/extra/0020-vga-fix-region-checks-in-wraparound-case.patch
+++ b/debian/patches/extra/0020-vga-fix-region-checks-in-wraparound-case.patch
@@ -1,7 +1,7 @@
-From 3c51ccd7bb43dd763a1ff3112b8a0cd7e145ca4f Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Mon, 30 Oct 2017 11:28:30 +0100
 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Mon, 30 Oct 2017 11:28:30 +0100

-Subject: [PATCH 20/23] vga: fix region checks in wraparound case
+Subject: [PATCH] vga: fix region checks in wraparound case

 
 Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
 
 Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

diff --git a/debian/patches/extra/0021-io-monitor-encoutput-buffer-size-from-websocket-GSou.patch b/debian/patches/extra/0021-io-monitor-encoutput-buffer-size-from-websocket-GSou.patch
index 55205440ffb1112f328f24cede493a19cd33aa73..3a9e4987063a7e5b82d649b7b28651634bcda353 100644 (file)
--- a/debian/patches/extra/0021-io-monitor-encoutput-buffer-size-from-websocket-GSou.patch
+++ b/debian/patches/extra/0021-io-monitor-encoutput-buffer-size-from-websocket-GSou.patch
@@ -1,8 +1,7 @@
-From 89a1271a7687018cdbf2b7f92cf3d50d079e100e Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: "Daniel P. Berrange" <berrange@redhat.com>
 Date: Mon, 9 Oct 2017 14:43:42 +0100
 From: "Daniel P. Berrange" <berrange@redhat.com>
 Date: Mon, 9 Oct 2017 14:43:42 +0100

-Subject: [PATCH 21/23] io: monitor encoutput buffer size from websocket
- GSource
+Subject: [PATCH] io: monitor encoutput buffer size from websocket GSource

 
 The websocket GSource is monitoring the size of the rawoutput
 buffer to determine if the channel can accepts more writes.
 
 The websocket GSource is monitoring the size of the rawoutput
 buffer to determine if the channel can accepts more writes.

diff --git a/debian/patches/extra/0022-9pfs-use-g_malloc0-to-allocate-space-for-xattr.patch b/debian/patches/extra/0022-9pfs-use-g_malloc0-to-allocate-space-for-xattr.patch
index 6f8b99d2a3a200dfa3884c1da703260303bf480f..649a77a6f9a85f5542f719153d78d6350e2dd78d 100644 (file)
--- a/debian/patches/extra/0022-9pfs-use-g_malloc0-to-allocate-space-for-xattr.patch
+++ b/debian/patches/extra/0022-9pfs-use-g_malloc0-to-allocate-space-for-xattr.patch
@@ -1,7 +1,7 @@
-From 184640d2552895d967214e90e23e005d6657b145 Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Prasad J Pandit <pjp@fedoraproject.org>
 Date: Mon, 16 Oct 2017 14:21:59 +0200
 From: Prasad J Pandit <pjp@fedoraproject.org>
 Date: Mon, 16 Oct 2017 14:21:59 +0200

-Subject: [PATCH 22/23] 9pfs: use g_malloc0 to allocate space for xattr
+Subject: [PATCH] 9pfs: use g_malloc0 to allocate space for xattr

 
 9p back-end first queries the size of an extended attribute,
 allocates space for it via g_malloc() and then retrieves its
 
 9p back-end first queries the size of an extended attribute,
 allocates space for it via g_malloc() and then retrieves its

diff --git a/debian/patches/extra/0023-cirrus-fix-oob-access-in-mode4and5-write-functions.patch b/debian/patches/extra/0023-cirrus-fix-oob-access-in-mode4and5-write-functions.patch
index d2bad8866c69eaa3063ac06dc465ce0dc55a1e75..789998cbebc85d9b92a260f362aca4c6acf98be1 100644 (file)
--- a/debian/patches/extra/0023-cirrus-fix-oob-access-in-mode4and5-write-functions.patch
+++ b/debian/patches/extra/0023-cirrus-fix-oob-access-in-mode4and5-write-functions.patch
@@ -1,7 +1,7 @@
-From b162e22e5f0c1081efeec646999616ce1a7e3875 Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Wed, 11 Oct 2017 10:43:14 +0200
 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Wed, 11 Oct 2017 10:43:14 +0200

-Subject: [PATCH 23/23] cirrus: fix oob access in mode4and5 write functions
+Subject: [PATCH] cirrus: fix oob access in mode4and5 write functions

 
 Move dst calculation into the loop, so we apply the mask on each
 interation and will not overflow vga memory.
 
 Move dst calculation into the loop, so we apply the mask on each
 interation and will not overflow vga memory.

diff --git a/debian/patches/extra/0024-virtio-check-VirtQueue-Vring-object-is-set.patch b/debian/patches/extra/0024-virtio-check-VirtQueue-Vring-object-is-set.patch
index ae7afc3819267688aaf7b280f18b797119d55e73..84c046ab09867a78d9443502685b019ed7d5d4f2 100644 (file)
--- a/debian/patches/extra/0024-virtio-check-VirtQueue-Vring-object-is-set.patch
+++ b/debian/patches/extra/0024-virtio-check-VirtQueue-Vring-object-is-set.patch
@@ -1,7 +1,7 @@
-From 537048fe17ab94242908536adcb638ec274a3f53 Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Prasad J Pandit <pjp@fedoraproject.org>
 Date: Wed, 29 Nov 2017 23:14:27 +0530
 From: Prasad J Pandit <pjp@fedoraproject.org>
 Date: Wed, 29 Nov 2017 23:14:27 +0530

-Subject: [PATCH 1/2] virtio: check VirtQueue Vring object is set
+Subject: [PATCH] virtio: check VirtQueue Vring object is set

 
 A guest could attempt to use an uninitialised VirtQueue object
 or unset Vring.align leading to a arithmetic exception. Add check
 
 A guest could attempt to use an uninitialised VirtQueue object
 or unset Vring.align leading to a arithmetic exception. Add check

diff --git a/debian/patches/extra/0025-block-gluster-glfs_lseek-workaround.patch b/debian/patches/extra/0025-block-gluster-glfs_lseek-workaround.patch
index 566e00f4d0739ef67c5d3f6334ac7feb99cba8a9..e42c1fd8f7ba612540cfff2371098785b8d4051e 100644 (file)
--- a/debian/patches/extra/0025-block-gluster-glfs_lseek-workaround.patch
+++ b/debian/patches/extra/0025-block-gluster-glfs_lseek-workaround.patch
@@ -1,7 +1,7 @@
-From 3a2be75872e6670a81410ecb175a447be45cfd15 Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Jeff Cody <jcody@redhat.com>
 Date: Tue, 23 May 2017 13:27:50 -0400
 From: Jeff Cody <jcody@redhat.com>
 Date: Tue, 23 May 2017 13:27:50 -0400

-Subject: [PATCH 1/2] block/gluster: glfs_lseek() workaround
+Subject: [PATCH] block/gluster: glfs_lseek() workaround

 
 On current released versions of glusterfs, glfs_lseek() will sometimes
 return invalid values for SEEK_DATA or SEEK_HOLE.  For SEEK_DATA and
 
 On current released versions of glusterfs, glfs_lseek() will sometimes
 return invalid values for SEEK_DATA or SEEK_HOLE.  For SEEK_DATA and

diff --git a/debian/patches/extra/0026-gluster-add-support-for-PREALLOC_MODE_FALLOC.patch b/debian/patches/extra/0026-gluster-add-support-for-PREALLOC_MODE_FALLOC.patch
index d6609bb529869f976ea21ac206d21c85cb0d1af6..f794745a7e5ada9b10e50188a8a1b5053637230c 100644 (file)
--- a/debian/patches/extra/0026-gluster-add-support-for-PREALLOC_MODE_FALLOC.patch
+++ b/debian/patches/extra/0026-gluster-add-support-for-PREALLOC_MODE_FALLOC.patch
@@ -1,7 +1,7 @@
-From ca3e533f0335aa248e10f9f5a715dc5b8ec7e442 Mon Sep 17 00:00:00 2001
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001

 From: Niels de Vos <ndevos@redhat.com>
 Date: Sun, 28 May 2017 12:01:14 +0530
 From: Niels de Vos <ndevos@redhat.com>
 Date: Sun, 28 May 2017 12:01:14 +0530

-Subject: [PATCH 2/2] gluster: add support for PREALLOC_MODE_FALLOC
+Subject: [PATCH] gluster: add support for PREALLOC_MODE_FALLOC

 
 Add missing support for "preallocation=falloc" to the Gluster block
 driver. This change bases its logic on that of block/file-posix.c and
 
 Add missing support for "preallocation=falloc" to the Gluster block
 driver. This change bases its logic on that of block/file-posix.c and

diff --git a/debian/patches/extra/0027-target-i386-Use-host_vendor_fms-in-max_x86_cpu_initf.patch b/debian/patches/extra/0027-target-i386-Use-host_vendor_fms-in-max_x86_cpu_initf.patch
new file mode 100644 (file)
index 0000000..3cc2f0a
--- /dev/null
+++ b/debian/patches/extra/0027-target-i386-Use-host_vendor_fms-in-max_x86_cpu_initf.patch
@@ -0,0 +1,39 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Eduardo Habkost <ehabkost@redhat.com>
+Date: Wed, 12 Jul 2017 13:20:56 -0300
+Subject: [PATCH] target/i386: Use host_vendor_fms() in max_x86_cpu_initfn()
+
+The existing code duplicated the logic in host_vendor_fms(), so
+reuse the helper function instead.
+
+Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
+Message-Id: <20170712162058.10538-3-ehabkost@redhat.com>
+Reviewed-by: Igor Mammedov <imammedo@redhat.com>
+Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
+---
+ target/i386/cpu.c | 9 ++-------
+ 1 file changed, 2 insertions(+), 7 deletions(-)
+
+diff --git a/target/i386/cpu.c b/target/i386/cpu.c
+index 4b3bfb3802..1affd3bb5b 100644
+--- a/target/i386/cpu.c
++++ b/target/i386/cpu.c
+@@ -1592,13 +1592,8 @@ static void max_x86_cpu_initfn(Object *obj)
+         X86CPUDefinition host_cpudef = { };
+         uint32_t eax = 0, ebx = 0, ecx = 0, edx = 0;
+ 
+-        host_cpuid(0x0, 0, &eax, &ebx, &ecx, &edx);
+-        x86_cpu_vendor_words2str(host_cpudef.vendor, ebx, edx, ecx);
+-
+-        host_cpuid(0x1, 0, &eax, &ebx, &ecx, &edx);
+-        host_cpudef.family = ((eax >> 8) & 0x0F) + ((eax >> 20) & 0xFF);
+-        host_cpudef.model = ((eax >> 4) & 0x0F) | ((eax & 0xF0000) >> 12);
+-        host_cpudef.stepping = eax & 0x0F;
++        host_vendor_fms(host_cpudef.vendor, &host_cpudef.family,
++                        &host_cpudef.model, &host_cpudef.stepping);
+ 
+         cpu_x86_fill_model_id(host_cpudef.model_id);
+ 
+-- 
+2.11.0
+

diff --git a/debian/patches/extra/0028-target-i386-Define-CPUID_MODEL_ID_SZ-macro.patch b/debian/patches/extra/0028-target-i386-Define-CPUID_MODEL_ID_SZ-macro.patch
new file mode 100644 (file)
index 0000000..f46cb61
--- /dev/null
+++ b/debian/patches/extra/0028-target-i386-Define-CPUID_MODEL_ID_SZ-macro.patch
@@ -0,0 +1,40 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Eduardo Habkost <ehabkost@redhat.com>
+Date: Wed, 12 Jul 2017 13:20:57 -0300
+Subject: [PATCH] target/i386: Define CPUID_MODEL_ID_SZ macro
+
+Document cpu_x86_fill_model_id() and define CPUID_MODEL_ID_SZ to
+help callers use the right buffer size.
+
+Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
+Message-Id: <20170712162058.10538-4-ehabkost@redhat.com>
+Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
+---
+ target/i386/cpu.c | 11 +++++++++++
+ 1 file changed, 11 insertions(+)
+
+diff --git a/target/i386/cpu.c b/target/i386/cpu.c
+index 1affd3bb5b..54832dd591 100644
+--- a/target/i386/cpu.c
++++ b/target/i386/cpu.c
+@@ -1541,6 +1541,17 @@ static bool lmce_supported(void)
+     return !!(mce_cap & MCG_LMCE_P);
+ }
+ 
++#define CPUID_MODEL_ID_SZ 48
++
++/**
++ * cpu_x86_fill_model_id:
++ * Get CPUID model ID string from host CPU.
++ *
++ * @str should have at least CPUID_MODEL_ID_SZ bytes
++ *
++ * The function does NOT add a null terminator to the string
++ * automatically.
++ */
+ static int cpu_x86_fill_model_id(char *str)
+ {
+     uint32_t eax = 0, ebx = 0, ecx = 0, edx = 0;
+-- 
+2.11.0
+

diff --git a/debian/patches/extra/0029-target-i386-Don-t-use-x86_cpu_load_def-on-max-CPU-mo.patch b/debian/patches/extra/0029-target-i386-Don-t-use-x86_cpu_load_def-on-max-CPU-mo.patch
new file mode 100644 (file)
index 0000000..d8f9bfa
--- /dev/null
+++ b/debian/patches/extra/0029-target-i386-Don-t-use-x86_cpu_load_def-on-max-CPU-mo.patch
@@ -0,0 +1,92 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Eduardo Habkost <ehabkost@redhat.com>
+Date: Wed, 12 Jul 2017 13:20:58 -0300
+Subject: [PATCH] target/i386: Don't use x86_cpu_load_def() on "max" CPU model
+
+When commit 0bacd8b3046f ('i386: Don't set CPUClass::cpu_def on
+"max" model') removed the CPUClass::cpu_def field, we kept using
+the x86_cpu_load_def() helper directly in max_x86_cpu_initfn(),
+emulating the previous behavior when CPUClass::cpu_def was set.
+
+However, x86_cpu_load_def() is intended to help initialization of
+CPU models from the builtin_x86_defs table, and does lots of
+other steps that are not necessary for "max".
+
+One of the things x86_cpu_load_def() do is to set the properties
+listed at tcg_default_props/kvm_default_props.  We must not do
+that on the "max" CPU model, otherwise under KVM we will
+incorrectly report all KVM features as always available, and the
+"svm" feature as always unavailable.  The latter caused the bug
+reported at:
+
+  https://bugzilla.redhat.com/show_bug.cgi?id=1467599
+  ("Unable to start domain: the CPU is incompatible with host CPU:
+  Host CPU does not provide required features: svm")
+
+Replace x86_cpu_load_def() with simple object_property_set*()
+calls.  In addition to fixing the above bug, this makes the KVM
+branch in max_x86_cpu_initfn() very similar to the existing TCG
+branch.
+
+For reference, the full list of steps performed by
+x86_cpu_load_def() is:
+
+* Setting min-level and min-xlevel.  Already done by
+  max_x86_cpu_initfn().
+* Setting family/model/stepping/model-id.  Done by the code added
+  to max_x86_cpu_initfn() in this patch.
+* Copying def->features.  Wrong because "-cpu max" features need to
+  be calculated at realize time.  This was not a problem in the
+  current code because host_cpudef.features was all zeroes.
+* x86_cpu_apply_props() calls.  This causes the bug above, and
+  shouldn't be done.
+* Setting CPUID_EXT_HYPERVISOR.  Not needed because it is already
+  reported by x86_cpu_get_supported_feature_word(), and because
+  "-cpu max" features need to be calculated at realize time.
+* Setting CPU vendor to host CPU vendor if on KVM mode.
+  Redundant, because max_x86_cpu_initfn() already sets it to the
+  host CPU vendor.
+
+Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
+Message-Id: <20170712162058.10538-5-ehabkost@redhat.com>
+Reviewed-by: Igor Mammedov <imammedo@redhat.com>
+Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
+---
+ target/i386/cpu.c | 18 ++++++++++++------
+ 1 file changed, 12 insertions(+), 6 deletions(-)
+
+diff --git a/target/i386/cpu.c b/target/i386/cpu.c
+index 54832dd591..3d53cb4c86 100644
+--- a/target/i386/cpu.c
++++ b/target/i386/cpu.c
+@@ -1600,15 +1600,21 @@ static void max_x86_cpu_initfn(Object *obj)
+     cpu->max_features = true;
+ 
+     if (kvm_enabled()) {
+-        X86CPUDefinition host_cpudef = { };
+-        uint32_t eax = 0, ebx = 0, ecx = 0, edx = 0;
++        char vendor[CPUID_VENDOR_SZ + 1] = { 0 };
++        char model_id[CPUID_MODEL_ID_SZ + 1] = { 0 };
++        int family, model, stepping;
+ 
+-        host_vendor_fms(host_cpudef.vendor, &host_cpudef.family,
+-                        &host_cpudef.model, &host_cpudef.stepping);
++        host_vendor_fms(vendor, &family, &model, &stepping);
+ 
+-        cpu_x86_fill_model_id(host_cpudef.model_id);
++        cpu_x86_fill_model_id(model_id);
+ 
+-        x86_cpu_load_def(cpu, &host_cpudef, &error_abort);
++        object_property_set_str(OBJECT(cpu), vendor, "vendor", &error_abort);
++        object_property_set_int(OBJECT(cpu), family, "family", &error_abort);
++        object_property_set_int(OBJECT(cpu), model, "model", &error_abort);
++        object_property_set_int(OBJECT(cpu), stepping, "stepping",
++                                &error_abort);
++        object_property_set_str(OBJECT(cpu), model_id, "model-id",
++                                &error_abort);
+ 
+         env->cpuid_min_level =
+             kvm_arch_get_supported_cpuid(s, 0x0, 0, R_EAX);
+-- 
+2.11.0
+

diff --git a/debian/patches/extra/0030-i386-Change-X86CPUDefinition-model_id-to-const-char.patch b/debian/patches/extra/0030-i386-Change-X86CPUDefinition-model_id-to-const-char.patch
new file mode 100644 (file)
index 0000000..0db5d5d
--- /dev/null
+++ b/debian/patches/extra/0030-i386-Change-X86CPUDefinition-model_id-to-const-char.patch
@@ -0,0 +1,85 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Eduardo Habkost <ehabkost@redhat.com>
+Date: Tue, 9 Jan 2018 13:45:13 -0200
+Subject: [PATCH] i386: Change X86CPUDefinition::model_id to const char*
+
+It is valid to have a 48-character model ID on CPUID, however the
+definition of X86CPUDefinition::model_id is char[48], which can
+make the compiler drop the null terminator from the string.
+
+If a CPU model happens to have 48 bytes on model_id, "-cpu help"
+will print garbage and the object_property_set_str() call at
+x86_cpu_load_def() will read data outside the model_id array.
+
+We could increase the array size to 49, but this would mean the
+compiler would not issue a warning if a 49-char string is used by
+mistake for model_id.
+
+To make things simpler, simply change model_id to be const char*,
+and validate the string length using an assert() on
+x86_cpu_cpudef_class_init.
+
+Reported-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
+Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
+---
+ target/i386/cpu.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/target/i386/cpu.c b/target/i386/cpu.c
+index 3d53cb4c86..c673521016 100644
+--- a/target/i386/cpu.c
++++ b/target/i386/cpu.c
+@@ -753,7 +753,7 @@ struct X86CPUDefinition {
+     int model;
+     int stepping;
+     FeatureWordArray features;
+-    char model_id[48];
++    const char *model_id;
+ };
+ 
+ static X86CPUDefinition builtin_x86_defs[] = {
+@@ -922,6 +922,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
+         .features[FEAT_1_EDX] =
+             I486_FEATURES,
+         .xlevel = 0,
++        .model_id = "",
+     },
+     {
+         .name = "pentium",
+@@ -933,6 +934,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
+         .features[FEAT_1_EDX] =
+             PENTIUM_FEATURES,
+         .xlevel = 0,
++        .model_id = "",
+     },
+     {
+         .name = "pentium2",
+@@ -944,6 +946,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
+         .features[FEAT_1_EDX] =
+             PENTIUM2_FEATURES,
+         .xlevel = 0,
++        .model_id = "",
+     },
+     {
+         .name = "pentium3",
+@@ -955,6 +958,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
+         .features[FEAT_1_EDX] =
+             PENTIUM3_FEATURES,
+         .xlevel = 0,
++        .model_id = "",
+     },
+     {
+         .name = "athlon",
+@@ -2617,6 +2621,9 @@ static void x86_register_cpudef_type(X86CPUDefinition *def)
+      * they shouldn't be set on the CPU model table.
+      */
+     assert(!(def->features[FEAT_8000_0001_EDX] & CPUID_EXT2_AMD_ALIASES));
++    /* catch mistakes instead of silently truncating model_id when too long */
++    assert(def->model_id && strlen(def->model_id) <= 48);
++
+ 
+     type_register(&ti);
+     g_free(typename);
+-- 
+2.11.0
+

diff --git a/debian/patches/extra/0031-i386-Add-support-for-SPEC_CTRL-MSR.patch b/debian/patches/extra/0031-i386-Add-support-for-SPEC_CTRL-MSR.patch
new file mode 100644 (file)
index 0000000..2a6f6d6
--- /dev/null
+++ b/debian/patches/extra/0031-i386-Add-support-for-SPEC_CTRL-MSR.patch
@@ -0,0 +1,135 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Paolo Bonzini <pbonzini@redhat.com>
+Date: Tue, 9 Jan 2018 13:45:14 -0200
+Subject: [PATCH] i386: Add support for SPEC_CTRL MSR
+
+Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
+---
+ target/i386/cpu.h     |  3 +++
+ target/i386/kvm.c     | 15 +++++++++++++++
+ target/i386/machine.c | 20 ++++++++++++++++++++
+ 3 files changed, 38 insertions(+)
+
+diff --git a/target/i386/cpu.h b/target/i386/cpu.h
+index c4602ca80d..cc322d6b39 100644
+--- a/target/i386/cpu.h
++++ b/target/i386/cpu.h
+@@ -333,6 +333,7 @@
+ #define MSR_IA32_APICBASE_BASE          (0xfffffU<<12)
+ #define MSR_IA32_FEATURE_CONTROL        0x0000003a
+ #define MSR_TSC_ADJUST                  0x0000003b
++#define MSR_IA32_SPEC_CTRL              0x48
+ #define MSR_IA32_TSCDEADLINE            0x6e0
+ 
+ #define FEATURE_CONTROL_LOCKED                    (1<<0)
+@@ -1080,6 +1081,8 @@ typedef struct CPUX86State {
+ 
+     uint32_t pkru;
+ 
++    uint64_t spec_ctrl;
++
+     /* End of state preserved by INIT (dummy marker).  */
+     struct {} end_init_save;
+ 
+diff --git a/target/i386/kvm.c b/target/i386/kvm.c
+index 55865dbee0..9f83c79338 100644
+--- a/target/i386/kvm.c
++++ b/target/i386/kvm.c
+@@ -89,6 +89,7 @@ static bool has_msr_hv_runtime;
+ static bool has_msr_hv_synic;
+ static bool has_msr_hv_stimer;
+ static bool has_msr_xss;
++static bool has_msr_spec_ctrl;
+ 
+ static bool has_msr_architectural_pmu;
+ static uint32_t num_architectural_pmu_counters;
+@@ -1140,6 +1141,10 @@ static int kvm_get_supported_msrs(KVMState *s)
+                     has_msr_hv_stimer = true;
+                     continue;
+                 }
++                if (kvm_msr_list->indices[i] == MSR_IA32_SPEC_CTRL) {
++                    has_msr_spec_ctrl = true;
++                    continue;
++                }
+             }
+         }
+ 
+@@ -1667,6 +1672,9 @@ static int kvm_put_msrs(X86CPU *cpu, int level)
+     if (has_msr_xss) {
+         kvm_msr_entry_add(cpu, MSR_IA32_XSS, env->xss);
+     }
++    if (has_msr_spec_ctrl) {
++        kvm_msr_entry_add(cpu, MSR_IA32_SPEC_CTRL, env->spec_ctrl);
++    }
+ #ifdef TARGET_X86_64
+     if (lm_capable_kernel) {
+         kvm_msr_entry_add(cpu, MSR_CSTAR, env->cstar);
+@@ -1675,6 +1683,7 @@ static int kvm_put_msrs(X86CPU *cpu, int level)
+         kvm_msr_entry_add(cpu, MSR_LSTAR, env->lstar);
+     }
+ #endif
++
+     /*
+      * The following MSRs have side effects on the guest or are too heavy
+      * for normal writeback. Limit them to reset or full state updates.
+@@ -2081,6 +2090,9 @@ static int kvm_get_msrs(X86CPU *cpu)
+     if (has_msr_xss) {
+         kvm_msr_entry_add(cpu, MSR_IA32_XSS, 0);
+     }
++    if (has_msr_spec_ctrl) {
++        kvm_msr_entry_add(cpu, MSR_IA32_SPEC_CTRL, 0);
++    }
+ 
+ 
+     if (!env->tsc_valid) {
+@@ -2430,6 +2442,9 @@ static int kvm_get_msrs(X86CPU *cpu)
+                 env->mtrr_var[MSR_MTRRphysIndex(index)].base = msrs[i].data;
+             }
+             break;
++        case MSR_IA32_SPEC_CTRL:
++            env->spec_ctrl = msrs[i].data;
++            break;
+         }
+     }
+ 
+diff --git a/target/i386/machine.c b/target/i386/machine.c
+index 78ae2f986b..8c0d5437fa 100644
+--- a/target/i386/machine.c
++++ b/target/i386/machine.c
+@@ -927,6 +927,25 @@ static const VMStateDescription vmstate_mcg_ext_ctl = {
+     }
+ };
+ 
++static bool spec_ctrl_needed(void *opaque)
++{
++    X86CPU *cpu = opaque;
++    CPUX86State *env = &cpu->env;
++
++    return env->spec_ctrl != 0;
++}
++
++static const VMStateDescription vmstate_spec_ctrl = {
++    .name = "cpu/spec_ctrl",
++    .version_id = 1,
++    .minimum_version_id = 1,
++    .needed = spec_ctrl_needed,
++    .fields = (VMStateField[]){
++        VMSTATE_UINT64(env.spec_ctrl, X86CPU),
++        VMSTATE_END_OF_LIST()
++    }
++};
++
+ VMStateDescription vmstate_x86_cpu = {
+     .name = "cpu",
+     .version_id = 12,
+@@ -1053,6 +1072,7 @@ VMStateDescription vmstate_x86_cpu = {
+ #ifdef TARGET_X86_64
+         &vmstate_pkru,
+ #endif
++        &vmstate_spec_ctrl,
+         &vmstate_mcg_ext_ctl,
+         NULL
+     }
+-- 
+2.11.0
+

diff --git a/debian/patches/extra/0032-i386-Add-spec-ctrl-CPUID-bit.patch b/debian/patches/extra/0032-i386-Add-spec-ctrl-CPUID-bit.patch
new file mode 100644 (file)
index 0000000..254d17a
--- /dev/null
+++ b/debian/patches/extra/0032-i386-Add-spec-ctrl-CPUID-bit.patch
@@ -0,0 +1,41 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Eduardo Habkost <ehabkost@redhat.com>
+Date: Tue, 9 Jan 2018 13:45:15 -0200
+Subject: [PATCH] i386: Add spec-ctrl CPUID bit
+
+Add the feature name and a CPUID_7_0_EDX_SPEC_CTRL macro.
+
+Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
+---
+ target/i386/cpu.c | 2 +-
+ target/i386/cpu.h | 1 +
+ 2 files changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/target/i386/cpu.c b/target/i386/cpu.c
+index c673521016..faf1ff6dcc 100644
+--- a/target/i386/cpu.c
++++ b/target/i386/cpu.c
+@@ -460,7 +460,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
+             NULL, NULL, NULL, NULL,
+             NULL, NULL, NULL, NULL,
+             NULL, NULL, NULL, NULL,
+-            NULL, NULL, NULL, NULL,
++            NULL, NULL, "spec-ctrl", NULL,
+             NULL, NULL, NULL, NULL,
+         },
+         .cpuid_eax = 7,
+diff --git a/target/i386/cpu.h b/target/i386/cpu.h
+index cc322d6b39..71261f4819 100644
+--- a/target/i386/cpu.h
++++ b/target/i386/cpu.h
+@@ -640,6 +640,7 @@ typedef uint32_t FeatureWordArray[FEATURE_WORDS];
+ 
+ #define CPUID_7_0_EDX_AVX512_4VNNIW (1U << 2) /* AVX512 Neural Network Instructions */
+ #define CPUID_7_0_EDX_AVX512_4FMAPS (1U << 3) /* AVX512 Multiply Accumulation Single Precision */
++#define CPUID_7_0_EDX_SPEC_CTRL     (1U << 26) /* Speculation Control */
+ 
+ #define CPUID_XSAVE_XSAVEOPT   (1U << 0)
+ #define CPUID_XSAVE_XSAVEC     (1U << 1)
+-- 
+2.11.0
+

diff --git a/debian/patches/extra/0033-i386-Add-FEAT_8000_0008_EBX-CPUID-feature-word.patch b/debian/patches/extra/0033-i386-Add-FEAT_8000_0008_EBX-CPUID-feature-word.patch
new file mode 100644 (file)
index 0000000..27b98fe
--- /dev/null
+++ b/debian/patches/extra/0033-i386-Add-FEAT_8000_0008_EBX-CPUID-feature-word.patch
@@ -0,0 +1,83 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Eduardo Habkost <ehabkost@redhat.com>
+Date: Tue, 9 Jan 2018 13:45:16 -0200
+Subject: [PATCH] i386: Add FEAT_8000_0008_EBX CPUID feature word
+
+Add the new feature word and the "ibpb" feature flag.
+
+Based on a patch by Paolo Bonzini.
+
+Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
+---
+ target/i386/cpu.c | 19 ++++++++++++++++++-
+ target/i386/cpu.h |  3 +++
+ 2 files changed, 21 insertions(+), 1 deletion(-)
+
+diff --git a/target/i386/cpu.c b/target/i386/cpu.c
+index faf1ff6dcc..eee365b78d 100644
+--- a/target/i386/cpu.c
++++ b/target/i386/cpu.c
+@@ -484,6 +484,22 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
+         .tcg_features = TCG_APM_FEATURES,
+         .unmigratable_flags = CPUID_APM_INVTSC,
+     },
++    [FEAT_8000_0008_EBX] = {
++        .feat_names = {
++            NULL, NULL, NULL, NULL,
++            NULL, NULL, NULL, NULL,
++            NULL, NULL, NULL, NULL,
++            "ibpb", NULL, NULL, NULL,
++            NULL, NULL, NULL, NULL,
++            NULL, NULL, NULL, NULL,
++            NULL, NULL, NULL, NULL,
++            NULL, NULL, NULL, NULL,
++        },
++        .cpuid_eax = 0x80000008,
++        .cpuid_reg = R_EBX,
++        .tcg_features = 0,
++        .unmigratable_flags = 0,
++    },
+     [FEAT_XSAVE] = {
+         .feat_names = {
+             "xsaveopt", "xsavec", "xgetbv1", "xsaves",
+@@ -2984,7 +3000,7 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
+         } else {
+             *eax = cpu->phys_bits;
+         }
+-        *ebx = 0;
++        *ebx = env->features[FEAT_8000_0008_EBX];
+         *ecx = 0;
+         *edx = 0;
+         if (cs->nr_cores * cs->nr_threads > 1) {
+@@ -3440,6 +3456,7 @@ static void x86_cpu_expand_features(X86CPU *cpu, Error **errp)
+         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0001_EDX);
+         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0001_ECX);
+         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0007_EDX);
++        x86_cpu_adjust_feat_level(cpu, FEAT_8000_0008_EBX);
+         x86_cpu_adjust_feat_level(cpu, FEAT_C000_0001_EDX);
+         x86_cpu_adjust_feat_level(cpu, FEAT_SVM);
+         x86_cpu_adjust_feat_level(cpu, FEAT_XSAVE);
+diff --git a/target/i386/cpu.h b/target/i386/cpu.h
+index 71261f4819..1ebee91930 100644
+--- a/target/i386/cpu.h
++++ b/target/i386/cpu.h
+@@ -452,6 +452,7 @@ typedef enum FeatureWord {
+     FEAT_8000_0001_EDX, /* CPUID[8000_0001].EDX */
+     FEAT_8000_0001_ECX, /* CPUID[8000_0001].ECX */
+     FEAT_8000_0007_EDX, /* CPUID[8000_0007].EDX */
++    FEAT_8000_0008_EBX, /* CPUID[8000_0008].EBX */
+     FEAT_C000_0001_EDX, /* CPUID[C000_0001].EDX */
+     FEAT_KVM,           /* CPUID[4000_0001].EAX (KVM_CPUID_FEATURES) */
+     FEAT_HYPERV_EAX,    /* CPUID[4000_0003].EAX */
+@@ -642,6 +643,8 @@ typedef uint32_t FeatureWordArray[FEATURE_WORDS];
+ #define CPUID_7_0_EDX_AVX512_4FMAPS (1U << 3) /* AVX512 Multiply Accumulation Single Precision */
+ #define CPUID_7_0_EDX_SPEC_CTRL     (1U << 26) /* Speculation Control */
+ 
++#define CPUID_8000_0008_EBX_IBPB    (1U << 12) /* Indirect Branch Prediction Barrier */
++
+ #define CPUID_XSAVE_XSAVEOPT   (1U << 0)
+ #define CPUID_XSAVE_XSAVEC     (1U << 1)
+ #define CPUID_XSAVE_XGETBV1    (1U << 2)
+-- 
+2.11.0
+

diff --git a/debian/patches/extra/0034-i386-Add-new-IBRS-versions-of-Intel-CPU-models.patch b/debian/patches/extra/0034-i386-Add-new-IBRS-versions-of-Intel-CPU-models.patch
new file mode 100644 (file)
index 0000000..54e2835
--- /dev/null
+++ b/debian/patches/extra/0034-i386-Add-new-IBRS-versions-of-Intel-CPU-models.patch
@@ -0,0 +1,518 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Eduardo Habkost <ehabkost@redhat.com>
+Date: Tue, 9 Jan 2018 13:45:17 -0200
+Subject: [PATCH] i386: Add new -IBRS versions of Intel CPU models
+
+The new MSR IA32_SPEC_CTRL MSR was introduced by a recent Intel
+microcode updated and can be used by OSes to mitigate
+CVE-2017-5715.  Unfortunately we can't change the existing CPU
+models without breaking existing setups, so users need to
+explicitly update their VM configuration to use the new *-IBRS
+CPU model if they want to expose IBRS to guests.
+
+The new CPU models are simple copies of the existing CPU models,
+with just CPUID_7_0_EDX_SPEC_CTRL added and model_id updated.
+
+Cc: Jiri Denemark <jdenemar@redhat.com>
+Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
+---
+ target/i386/cpu.c | 427 +++++++++++++++++++++++++++++++++++++++++++++++++++++-
+ 1 file changed, 426 insertions(+), 1 deletion(-)
+
+diff --git a/target/i386/cpu.c b/target/i386/cpu.c
+index eee365b78d..e4a2d5a012 100644
+--- a/target/i386/cpu.c
++++ b/target/i386/cpu.c
+@@ -1085,6 +1085,31 @@ static X86CPUDefinition builtin_x86_defs[] = {
+         .model_id = "Intel Core i7 9xx (Nehalem Class Core i7)",
+     },
+     {
++        .name = "Nehalem-IBRS",
++        .level = 11,
++        .vendor = CPUID_VENDOR_INTEL,
++        .family = 6,
++        .model = 26,
++        .stepping = 3,
++        .features[FEAT_1_EDX] =
++            CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
++            CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
++            CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
++            CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
++            CPUID_DE | CPUID_FP87,
++        .features[FEAT_1_ECX] =
++            CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
++            CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_SSE3,
++        .features[FEAT_7_0_EDX] =
++            CPUID_7_0_EDX_SPEC_CTRL,
++        .features[FEAT_8000_0001_EDX] =
++            CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
++        .features[FEAT_8000_0001_ECX] =
++            CPUID_EXT3_LAHF_LM,
++        .xlevel = 0x80000008,
++        .model_id = "Intel Core i7 9xx (Nehalem Core i7, IBRS update)",
++    },
++    {
+         .name = "Westmere",
+         .level = 11,
+         .vendor = CPUID_VENDOR_INTEL,
+@@ -1111,6 +1136,34 @@ static X86CPUDefinition builtin_x86_defs[] = {
+         .model_id = "Westmere E56xx/L56xx/X56xx (Nehalem-C)",
+     },
+     {
++        .name = "Westmere-IBRS",
++        .level = 11,
++        .vendor = CPUID_VENDOR_INTEL,
++        .family = 6,
++        .model = 44,
++        .stepping = 1,
++        .features[FEAT_1_EDX] =
++            CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
++            CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
++            CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
++            CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
++            CPUID_DE | CPUID_FP87,
++        .features[FEAT_1_ECX] =
++            CPUID_EXT_AES | CPUID_EXT_POPCNT | CPUID_EXT_SSE42 |
++            CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
++            CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
++        .features[FEAT_8000_0001_EDX] =
++            CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
++        .features[FEAT_8000_0001_ECX] =
++            CPUID_EXT3_LAHF_LM,
++        .features[FEAT_7_0_EDX] =
++            CPUID_7_0_EDX_SPEC_CTRL,
++        .features[FEAT_6_EAX] =
++            CPUID_6_EAX_ARAT,
++        .xlevel = 0x80000008,
++        .model_id = "Westmere E56xx/L56xx/X56xx (IBRS update)",
++    },
++    {
+         .name = "SandyBridge",
+         .level = 0xd,
+         .vendor = CPUID_VENDOR_INTEL,
+@@ -1142,6 +1195,39 @@ static X86CPUDefinition builtin_x86_defs[] = {
+         .model_id = "Intel Xeon E312xx (Sandy Bridge)",
+     },
+     {
++        .name = "SandyBridge-IBRS",
++        .level = 0xd,
++        .vendor = CPUID_VENDOR_INTEL,
++        .family = 6,
++        .model = 42,
++        .stepping = 1,
++        .features[FEAT_1_EDX] =
++            CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
++            CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
++            CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
++            CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
++            CPUID_DE | CPUID_FP87,
++        .features[FEAT_1_ECX] =
++            CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
++            CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT |
++            CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
++            CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
++            CPUID_EXT_SSE3,
++        .features[FEAT_8000_0001_EDX] =
++            CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
++            CPUID_EXT2_SYSCALL,
++        .features[FEAT_8000_0001_ECX] =
++            CPUID_EXT3_LAHF_LM,
++        .features[FEAT_7_0_EDX] =
++            CPUID_7_0_EDX_SPEC_CTRL,
++        .features[FEAT_XSAVE] =
++            CPUID_XSAVE_XSAVEOPT,
++        .features[FEAT_6_EAX] =
++            CPUID_6_EAX_ARAT,
++        .xlevel = 0x80000008,
++        .model_id = "Intel Xeon E312xx (Sandy Bridge, IBRS update)",
++    },
++    {
+         .name = "IvyBridge",
+         .level = 0xd,
+         .vendor = CPUID_VENDOR_INTEL,
+@@ -1176,6 +1262,42 @@ static X86CPUDefinition builtin_x86_defs[] = {
+         .model_id = "Intel Xeon E3-12xx v2 (Ivy Bridge)",
+     },
+     {
++        .name = "IvyBridge-IBRS",
++        .level = 0xd,
++        .vendor = CPUID_VENDOR_INTEL,
++        .family = 6,
++        .model = 58,
++        .stepping = 9,
++        .features[FEAT_1_EDX] =
++            CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
++            CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
++            CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
++            CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
++            CPUID_DE | CPUID_FP87,
++        .features[FEAT_1_ECX] =
++            CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
++            CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT |
++            CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
++            CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
++            CPUID_EXT_SSE3 | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
++        .features[FEAT_7_0_EBX] =
++            CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_SMEP |
++            CPUID_7_0_EBX_ERMS,
++        .features[FEAT_8000_0001_EDX] =
++            CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
++            CPUID_EXT2_SYSCALL,
++        .features[FEAT_8000_0001_ECX] =
++            CPUID_EXT3_LAHF_LM,
++        .features[FEAT_7_0_EDX] =
++            CPUID_7_0_EDX_SPEC_CTRL,
++        .features[FEAT_XSAVE] =
++            CPUID_XSAVE_XSAVEOPT,
++        .features[FEAT_6_EAX] =
++            CPUID_6_EAX_ARAT,
++        .xlevel = 0x80000008,
++        .model_id = "Intel Xeon E3-12xx v2 (Ivy Bridge, IBRS)",
++    },
++    {
+         .name = "Haswell-noTSX",
+         .level = 0xd,
+         .vendor = CPUID_VENDOR_INTEL,
+@@ -1210,7 +1332,46 @@ static X86CPUDefinition builtin_x86_defs[] = {
+             CPUID_6_EAX_ARAT,
+         .xlevel = 0x80000008,
+         .model_id = "Intel Core Processor (Haswell, no TSX)",
+-    },    {
++    },
++    {
++        .name = "Haswell-noTSX-IBRS",
++        .level = 0xd,
++        .vendor = CPUID_VENDOR_INTEL,
++        .family = 6,
++        .model = 60,
++        .stepping = 1,
++        .features[FEAT_1_EDX] =
++            CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
++            CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
++            CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
++            CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
++            CPUID_DE | CPUID_FP87,
++        .features[FEAT_1_ECX] =
++            CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
++            CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
++            CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
++            CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
++            CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
++            CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
++        .features[FEAT_8000_0001_EDX] =
++            CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
++            CPUID_EXT2_SYSCALL,
++        .features[FEAT_8000_0001_ECX] =
++            CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM,
++        .features[FEAT_7_0_EDX] =
++            CPUID_7_0_EDX_SPEC_CTRL,
++        .features[FEAT_7_0_EBX] =
++            CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
++            CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
++            CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID,
++        .features[FEAT_XSAVE] =
++            CPUID_XSAVE_XSAVEOPT,
++        .features[FEAT_6_EAX] =
++            CPUID_6_EAX_ARAT,
++        .xlevel = 0x80000008,
++        .model_id = "Intel Core Processor (Haswell, no TSX, IBRS)",
++    },
++    {
+         .name = "Haswell",
+         .level = 0xd,
+         .vendor = CPUID_VENDOR_INTEL,
+@@ -1248,6 +1409,45 @@ static X86CPUDefinition builtin_x86_defs[] = {
+         .model_id = "Intel Core Processor (Haswell)",
+     },
+     {
++        .name = "Haswell-IBRS",
++        .level = 0xd,
++        .vendor = CPUID_VENDOR_INTEL,
++        .family = 6,
++        .model = 60,
++        .stepping = 4,
++        .features[FEAT_1_EDX] =
++            CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
++            CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
++            CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
++            CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
++            CPUID_DE | CPUID_FP87,
++        .features[FEAT_1_ECX] =
++            CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
++            CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
++            CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
++            CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
++            CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
++            CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
++        .features[FEAT_8000_0001_EDX] =
++            CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
++            CPUID_EXT2_SYSCALL,
++        .features[FEAT_8000_0001_ECX] =
++            CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM,
++        .features[FEAT_7_0_EDX] =
++            CPUID_7_0_EDX_SPEC_CTRL,
++        .features[FEAT_7_0_EBX] =
++            CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
++            CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
++            CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
++            CPUID_7_0_EBX_RTM,
++        .features[FEAT_XSAVE] =
++            CPUID_XSAVE_XSAVEOPT,
++        .features[FEAT_6_EAX] =
++            CPUID_6_EAX_ARAT,
++        .xlevel = 0x80000008,
++        .model_id = "Intel Core Processor (Haswell, IBRS)",
++    },
++    {
+         .name = "Broadwell-noTSX",
+         .level = 0xd,
+         .vendor = CPUID_VENDOR_INTEL,
+@@ -1286,6 +1486,46 @@ static X86CPUDefinition builtin_x86_defs[] = {
+         .model_id = "Intel Core Processor (Broadwell, no TSX)",
+     },
+     {
++        .name = "Broadwell-noTSX-IBRS",
++        .level = 0xd,
++        .vendor = CPUID_VENDOR_INTEL,
++        .family = 6,
++        .model = 61,
++        .stepping = 2,
++        .features[FEAT_1_EDX] =
++            CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
++            CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
++            CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
++            CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
++            CPUID_DE | CPUID_FP87,
++        .features[FEAT_1_ECX] =
++            CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
++            CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
++            CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
++            CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
++            CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
++            CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
++        .features[FEAT_8000_0001_EDX] =
++            CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
++            CPUID_EXT2_SYSCALL,
++        .features[FEAT_8000_0001_ECX] =
++            CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
++        .features[FEAT_7_0_EDX] =
++            CPUID_7_0_EDX_SPEC_CTRL,
++        .features[FEAT_7_0_EBX] =
++            CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
++            CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
++            CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
++            CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
++            CPUID_7_0_EBX_SMAP,
++        .features[FEAT_XSAVE] =
++            CPUID_XSAVE_XSAVEOPT,
++        .features[FEAT_6_EAX] =
++            CPUID_6_EAX_ARAT,
++        .xlevel = 0x80000008,
++        .model_id = "Intel Core Processor (Broadwell, no TSX, IBRS)",
++    },
++    {
+         .name = "Broadwell",
+         .level = 0xd,
+         .vendor = CPUID_VENDOR_INTEL,
+@@ -1324,6 +1564,46 @@ static X86CPUDefinition builtin_x86_defs[] = {
+         .model_id = "Intel Core Processor (Broadwell)",
+     },
+     {
++        .name = "Broadwell-IBRS",
++        .level = 0xd,
++        .vendor = CPUID_VENDOR_INTEL,
++        .family = 6,
++        .model = 61,
++        .stepping = 2,
++        .features[FEAT_1_EDX] =
++            CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
++            CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
++            CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
++            CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
++            CPUID_DE | CPUID_FP87,
++        .features[FEAT_1_ECX] =
++            CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
++            CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
++            CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
++            CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
++            CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
++            CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
++        .features[FEAT_8000_0001_EDX] =
++            CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
++            CPUID_EXT2_SYSCALL,
++        .features[FEAT_8000_0001_ECX] =
++            CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
++        .features[FEAT_7_0_EDX] =
++            CPUID_7_0_EDX_SPEC_CTRL,
++        .features[FEAT_7_0_EBX] =
++            CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
++            CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
++            CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
++            CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
++            CPUID_7_0_EBX_SMAP,
++        .features[FEAT_XSAVE] =
++            CPUID_XSAVE_XSAVEOPT,
++        .features[FEAT_6_EAX] =
++            CPUID_6_EAX_ARAT,
++        .xlevel = 0x80000008,
++        .model_id = "Intel Core Processor (Broadwell, IBRS)",
++    },
++    {
+         .name = "Skylake-Client",
+         .level = 0xd,
+         .vendor = CPUID_VENDOR_INTEL,
+@@ -1369,6 +1649,151 @@ static X86CPUDefinition builtin_x86_defs[] = {
+         .model_id = "Intel Core Processor (Skylake)",
+     },
+     {
++        .name = "Skylake-Client-IBRS",
++        .level = 0xd,
++        .vendor = CPUID_VENDOR_INTEL,
++        .family = 6,
++        .model = 94,
++        .stepping = 3,
++        .features[FEAT_1_EDX] =
++            CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
++            CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
++            CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
++            CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
++            CPUID_DE | CPUID_FP87,
++        .features[FEAT_1_ECX] =
++            CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
++            CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
++            CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
++            CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
++            CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
++            CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
++        .features[FEAT_8000_0001_EDX] =
++            CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
++            CPUID_EXT2_SYSCALL,
++        .features[FEAT_8000_0001_ECX] =
++            CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
++        .features[FEAT_7_0_EDX] =
++            CPUID_7_0_EDX_SPEC_CTRL,
++        .features[FEAT_7_0_EBX] =
++            CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
++            CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
++            CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
++            CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
++            CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_MPX,
++        /* Missing: XSAVES (not supported by some Linux versions,
++         * including v4.1 to v4.12).
++         * KVM doesn't yet expose any XSAVES state save component,
++         * and the only one defined in Skylake (processor tracing)
++         * probably will block migration anyway.
++         */
++        .features[FEAT_XSAVE] =
++            CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
++            CPUID_XSAVE_XGETBV1,
++        .features[FEAT_6_EAX] =
++            CPUID_6_EAX_ARAT,
++        .xlevel = 0x80000008,
++        .model_id = "Intel Core Processor (Skylake, IBRS)",
++    },
++    {
++        .name = "Skylake-Server",
++        .level = 0xd,
++        .vendor = CPUID_VENDOR_INTEL,
++        .family = 6,
++        .model = 85,
++        .stepping = 4,
++        .features[FEAT_1_EDX] =
++            CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
++            CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
++            CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
++            CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
++            CPUID_DE | CPUID_FP87,
++        .features[FEAT_1_ECX] =
++            CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
++            CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
++            CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
++            CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
++            CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
++            CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
++        .features[FEAT_8000_0001_EDX] =
++            CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
++            CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
++        .features[FEAT_8000_0001_ECX] =
++            CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
++        .features[FEAT_7_0_EBX] =
++            CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
++            CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
++            CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
++            CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
++            CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_CLWB |
++            CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
++            CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
++            CPUID_7_0_EBX_AVX512VL,
++        /* Missing: XSAVES (not supported by some Linux versions,
++         * including v4.1 to v4.12).
++         * KVM doesn't yet expose any XSAVES state save component,
++         * and the only one defined in Skylake (processor tracing)
++         * probably will block migration anyway.
++         */
++        .features[FEAT_XSAVE] =
++            CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
++            CPUID_XSAVE_XGETBV1,
++        .features[FEAT_6_EAX] =
++            CPUID_6_EAX_ARAT,
++        .xlevel = 0x80000008,
++        .model_id = "Intel Xeon Processor (Skylake)",
++    },
++    {
++        .name = "Skylake-Server-IBRS",
++        .level = 0xd,
++        .vendor = CPUID_VENDOR_INTEL,
++        .family = 6,
++        .model = 85,
++        .stepping = 4,
++        .features[FEAT_1_EDX] =
++            CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
++            CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
++            CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
++            CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
++            CPUID_DE | CPUID_FP87,
++        .features[FEAT_1_ECX] =
++            CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
++            CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
++            CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
++            CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
++            CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
++            CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
++        .features[FEAT_8000_0001_EDX] =
++            CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
++            CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
++        .features[FEAT_8000_0001_ECX] =
++            CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
++        .features[FEAT_7_0_EDX] =
++            CPUID_7_0_EDX_SPEC_CTRL,
++        .features[FEAT_7_0_EBX] =
++            CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
++            CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
++            CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
++            CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
++            CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_CLWB |
++            CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
++            CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
++            CPUID_7_0_EBX_AVX512VL,
++        /* Missing: XSAVES (not supported by some Linux versions,
++         * including v4.1 to v4.12).
++         * KVM doesn't yet expose any XSAVES state save component,
++         * and the only one defined in Skylake (processor tracing)
++         * probably will block migration anyway.
++         */
++        .features[FEAT_XSAVE] =
++            CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
++            CPUID_XSAVE_XGETBV1,
++        .features[FEAT_6_EAX] =
++            CPUID_6_EAX_ARAT,
++        .xlevel = 0x80000008,
++        .model_id = "Intel Xeon Processor (Skylake, IBRS)",
++    },
++    {
+         .name = "Opteron_G1",
+         .level = 5,
+         .vendor = CPUID_VENDOR_AMD,
+-- 
+2.11.0
+

diff --git a/debian/patches/series b/debian/patches/series
index c44620c11e3fb9f4d0800c6c8f4b79af32898c40..167bd80fd90272c764a43c25e60e734777c628c1 100644 (file)
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -53,3 +53,11 @@ extra/0023-cirrus-fix-oob-access-in-mode4and5-write-functions.patch
 extra/0024-virtio-check-VirtQueue-Vring-object-is-set.patch
 extra/0025-block-gluster-glfs_lseek-workaround.patch
 extra/0026-gluster-add-support-for-PREALLOC_MODE_FALLOC.patch
 extra/0024-virtio-check-VirtQueue-Vring-object-is-set.patch
 extra/0025-block-gluster-glfs_lseek-workaround.patch
 extra/0026-gluster-add-support-for-PREALLOC_MODE_FALLOC.patch

+extra/0027-target-i386-Use-host_vendor_fms-in-max_x86_cpu_initf.patch
+extra/0028-target-i386-Define-CPUID_MODEL_ID_SZ-macro.patch
+extra/0029-target-i386-Don-t-use-x86_cpu_load_def-on-max-CPU-mo.patch
+extra/0030-i386-Change-X86CPUDefinition-model_id-to-const-char.patch
+extra/0031-i386-Add-support-for-SPEC_CTRL-MSR.patch
+extra/0032-i386-Add-spec-ctrl-CPUID-bit.patch
+extra/0033-i386-Add-FEAT_8000_0008_EBX-CPUID-feature-word.patch
+extra/0034-i386-Add-new-IBRS-versions-of-Intel-CPU-models.patch