cpu: define the 'ssbd' CPUID feature bit (CVE-2018-3639)

New microcode introduces the "Speculative Store Bypass Disable"
CPUID feature bit. This needs to be exposed to guest OS to allow
them to protect against CVE-2018-3639.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
This commit is contained in:
Daniel P. Berrangé 2018-05-21 23:05:07 +01:00 committed by Jiri Denemark
parent 08e190fdda
commit 1dbca2ecca

View File

@ -298,6 +298,9 @@
<feature name='spec-ctrl'> <feature name='spec-ctrl'>
<cpuid eax_in='0x07' ecx_in='0x00' edx='0x04000000'/> <cpuid eax_in='0x07' ecx_in='0x00' edx='0x04000000'/>
</feature> </feature>
<feature name='ssbd'>
<cpuid eax_in='0x07' ecx_in='0x00' edx='0x80000000'/>
</feature>
<!-- Processor Extended State Enumeration sub leaf 1 --> <!-- Processor Extended State Enumeration sub leaf 1 -->
<feature name='xsaveopt'> <feature name='xsaveopt'>