git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/commit

author	Eduardo Habkost <ehabkost@redhat.com>
	Wed, 5 Dec 2018 19:19:56 +0000 (17:19 -0200)
committer	Stefan Bader <stefan.bader@canonical.com>
	Mon, 6 May 2019 16:58:11 +0000 (18:58 +0200)
commit	49c2ba6c637d862997db7eead9629497b8a12fde
tree	77bcd8f83d2a22c3258e02b799c4be6a269ff7ce	tree
parent	2811e5d507fb544dd6829aadc818fa830a6dbb0b	commit \| diff

kvm: x86: Report STIBP on GET_SUPPORTED_CPUID

Months ago, we have added code to allow direct access to MSR_IA32_SPEC_CTRL
to the guest, which makes STIBP available to guests. This was implemented
by commits d28b387fb74d ("KVM/VMX: Allow direct access to
MSR_IA32_SPEC_CTRL") and b2ac58f90540 ("KVM/SVM: Allow direct access to
MSR_IA32_SPEC_CTRL").

However, we never updated GET_SUPPORTED_CPUID to let userspace know that
STIBP can be enabled in CPUID. Fix that by updating
kvm_cpuid_8000_0008_ebx_x86_features and kvm_cpuid_7_0_edx_x86_features.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Jim Mattson <jmattson@google.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130

(cherry picked from commit d7b09c827a6cf291f66637a36f46928dd1423184)
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Stefan Bader <stefan.bader@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>