[libvirt] [PATCH 0/2] cpu: speculative store buffer bypass mitigation (CVE-2018-3639)
This provides the libvirt part of the mitigations for the speculative store buffer bypass vulnerabilities on the x86 platform[1], and is the companion of the kernel patches merged in: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i... And QEMU patches posted at https://lists.gnu.org/archive/html/qemu-devel/2018-05/msg04795.html [1] https://bugs.chromium.org/p/project-zero/issues/detail?id=1528 https://access.redhat.com/security/vulnerabilities/ssbd Daniel P. Berrangé (2): cpu: define the 'ssbd' CPUID feature bit (CVE-2018-3639) cpu: define the 'virt-ssbd' CPUID feature bit (CVE-2018-3639) src/cpu/cpu_map.xml | 6 ++++++ 1 file changed, 6 insertions(+) -- 2.17.0
New microcode introduces the "Speculative Store Bypass Disable" CPUID feature bit. This needs to be exposed to guest OS to allow them to protect against CVE-2018-3639. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/cpu/cpu_map.xml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/cpu/cpu_map.xml b/src/cpu/cpu_map.xml index 00a43b172c..245aec3309 100644 --- a/src/cpu/cpu_map.xml +++ b/src/cpu/cpu_map.xml @@ -298,6 +298,9 @@ <feature name='spec-ctrl'> <cpuid eax_in='0x07' ecx_in='0x00' edx='0x04000000'/> </feature> + <feature name='ssbd'> + <cpuid eax_in='0x07' ecx_in='0x00' edx='0x80000000'/> + </feature> <!-- Processor Extended State Enumeration sub leaf 1 --> <feature name='xsaveopt'> -- 2.17.0
Some AMD processors only support a non-architectural means of enabling Speculative Store Bypass Disable. To allow simplified handling in virtual environments, hypervisors will expose an architectural definition through CPUID bit 0x80000008_EBX[25]. This needs to be exposed to guest OS running on AMD x86 hosts to allow them to protect against CVE-2018-3639. Note that since this CPUID bit won't be present in the host CPUID results on physical hosts, it will not be enabled automatically in guests configured with "host-model" CPU unless using QEMU version >= 2.9.0. Thus for older versions of QEMU, this feature must be manually enabled using policy=force. Guests using the "host-passthrough" CPU mode do not need special handling. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/cpu/cpu_map.xml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/cpu/cpu_map.xml b/src/cpu/cpu_map.xml index 245aec3309..96daa0f9af 100644 --- a/src/cpu/cpu_map.xml +++ b/src/cpu/cpu_map.xml @@ -433,6 +433,9 @@ <feature name='ibpb'> <cpuid eax_in='0x80000008' ebx='0x00001000'/> </feature> + <feature name='virt-ssbd'> + <cpuid eax_in='0x80000008' ebx='0x02000000'/> + </feature> <!-- models --> <model name='486'> -- 2.17.0
On Mon, May 21, 2018 at 23:05:06 +0100, Daniel P. Berrangé wrote:
This provides the libvirt part of the mitigations for the speculative store buffer bypass vulnerabilities on the x86 platform[1], and is the companion of the kernel patches merged in:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...
And QEMU patches posted at
https://lists.gnu.org/archive/html/qemu-devel/2018-05/msg04795.html
[1] https://bugs.chromium.org/p/project-zero/issues/detail?id=1528 https://access.redhat.com/security/vulnerabilities/ssbd
Daniel P. Berrangé (2): cpu: define the 'ssbd' CPUID feature bit (CVE-2018-3639) cpu: define the 'virt-ssbd' CPUID feature bit (CVE-2018-3639)
src/cpu/cpu_map.xml | 6 ++++++ 1 file changed, 6 insertions(+)
Both patches Reviewed-by: Jiri Denemark <jdenemar@redhat.com> I'll push both patches as soon as the QEMU part is merged. Jirka
On Mon, May 21, 2018 at 11:05:06PM +0100, Daniel P. Berrangé wrote:
This provides the libvirt part of the mitigations for the speculative store buffer bypass vulnerabilities on the x86 platform[1], and is the companion of the kernel patches merged in:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...
And QEMU patches posted at
https://lists.gnu.org/archive/html/qemu-devel/2018-05/msg04795.html
[1] https://bugs.chromium.org/p/project-zero/issues/detail?id=1528 https://access.redhat.com/security/vulnerabilities/ssbd
Daniel P. Berrangé (2): cpu: define the 'ssbd' CPUID feature bit (CVE-2018-3639) cpu: define the 'virt-ssbd' CPUID feature bit (CVE-2018-3639)
src/cpu/cpu_map.xml | 6 ++++++ 1 file changed, 6 insertions(+)
Both changes: Reveiwed-by: Kashyap Chamarthy <kchamart@redhat.com> -- /kashyap
participants (3)
-
Daniel P. Berrangé -
Jiri Denemark -
Kashyap Chamarthy