[libvirt] [PATCH 1/2] cpu_map: Add TAA_NO bit for IA32_ARCH_CAPABILITIES MSR

Friday, 13 December 2019

CVE-2019-11135

CPUs with TAA_NO bit of IA32_ARCH_CAPABILITIES MSR set to 1 are not
vulnerable to TSX Asynchronous Abort and passing this bit to a guest
may avoid unnecessary mitigations.

Signed-off-by: Jiri Denemark <jdenemar(a)redhat.com&gt;
---
 src/cpu_map/x86_features.xml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/cpu_map/x86_features.xml b/src/cpu_map/x86_features.xml
index 2bed1e0372..d1180ed26d 100644
--- a/src/cpu_map/x86_features.xml
+++ b/src/cpu_map/x86_features.xml
@@ -502,4 +502,7 @@
   <feature name='mds-no'>
     <msr index='0x10a' edx='0x00000000' eax='0x00000020'/>
   </feature>
+  <feature name='taa-no'>
+    <msr index='0x10a' edx='0x00000000' eax='0x00000100'/>
+  </feature>
 </cpus>
-- 
2.24.1


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

[libvirt] [PATCH 1/2] cpu_map: Add TAA_NO bit for IA32_ARCH_CAPABILITIES MSR