External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-02-11 14:11:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
libvirt/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml
Jiri Denemark 7bde733e90 cpu_map: Define md-clear CPUID bit 
CVE-2018-12126, CVE-2018-12127, CVE-2018-12130

The bit is set when microcode provides the mechanism to invoke a flush
of various exploitable CPU buffers by invoking the VERW instruction.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit 538d873571d7a682852dc1d70e5f4478f4d64e85)

Conflicts:
	src/cpu_map/x86_features.xml
            - no CPU map split downstream

	tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-guest.xml
	tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-host.xml
            - test data missing downstream

	tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
	tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
            - intel-pt feature is missing downstream

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-05-14 20:09:43 +01:00

13 lines
481 B
XML
Raw Blame History

<cpu mode='custom' match='exact'>
<model fallback='forbid'>Skylake-Client-IBRS</model>
<vendor>Intel</vendor>
<feature policy='require' name='ss'/>
<feature policy='require' name='hypervisor'/>
<feature policy='require' name='tsc_adjust'/>
<feature policy='require' name='clflushopt'/>
<feature policy='require' name='md-clear'/>
<feature policy='require' name='stibp'/>
<feature policy='require' name='ssbd'/>
<feature policy='require' name='pdpe1gb'/>
</cpu>
Reference in New Issue View Git Blame Copy Permalink