This is the libvirt's part of the changes related to CVE-2017-5715. The new models can be used to pass the protective CPU features to guests. But remember, the host CPU microcode, host kernel, QEMU, and libvirt all need to be updated for this to be any useful. Based on a patch from Paolo Bonzini. See QEMU patches from Eduardo for more details: https://patchew.org/QEMU/20180109154519.25634-1-ehabkost@xxxxxxxxxx/ Jiri Denemark (16): cputest: Add data for Intel(R) Xeon(R) CPU E5-2609 v3 cputest: Add data for Intel(R) Xeon(R) CPU E5-2623 v4 cputest: Add data for Intel(R) Xeon(R) Gold 5115 CPU cputest: Add data for updated AMD EPYC 7601 32-Core Processor cputest: Add data for updated Intel(R) Core(TM) i7-5600U CPU cpu: Add Nehalem-IBRS CPU model cpu: Add Westmere-IBRS CPU model cpu: Add SandyBridge-IBRS CPU model cpu: Add IvyBridge-IBRS CPU model cpu: Add Haswell-noTSX-IBRS CPU model cpu: Add Haswell-IBRS CPU model cpu: Add Broadwell-noTSX-IBRS CPU model cpu: Add Broadwell-IBRS CPU model cpu: Add Skylake-Client-IBRS CPU model cpu: Add Skylake-Server-IBRS CPU model cpu: Add EPYC-IBPB CPU model Paolo Bonzini (1): cpu: add CPU features for indirect branch prediction protection src/cpu/cpu_map.xml | 622 ++++++++++++++++++ tests/cputest.c | 5 + .../x86_64-cpuid-Core-i7-5600U-ibrs-disabled.xml | 6 + .../x86_64-cpuid-Core-i7-5600U-ibrs-enabled.xml | 8 + .../x86_64-cpuid-Core-i7-5600U-ibrs-guest.xml | 29 + .../x86_64-cpuid-Core-i7-5600U-ibrs-host.xml | 30 + .../x86_64-cpuid-Core-i7-5600U-ibrs-json.xml | 15 + .../x86_64-cpuid-Core-i7-5600U-ibrs.json | 525 +++++++++++++++ .../x86_64-cpuid-Core-i7-5600U-ibrs.xml | 41 ++ ...86_64-cpuid-EPYC-7601-32-Core-ibpb-disabled.xml | 7 + ...x86_64-cpuid-EPYC-7601-32-Core-ibpb-enabled.xml | 9 + .../x86_64-cpuid-EPYC-7601-32-Core-ibpb-guest.xml | 17 + .../x86_64-cpuid-EPYC-7601-32-Core-ibpb-host.xml | 17 + .../x86_64-cpuid-EPYC-7601-32-Core-ibpb-json.xml | 12 + .../x86_64-cpuid-EPYC-7601-32-Core-ibpb.json | 722 ++++++++++++++++++++ .../x86_64-cpuid-EPYC-7601-32-Core-ibpb.xml | 54 ++ .../x86_64-cpuid-Xeon-E5-2609-v3-disabled.xml | 6 + .../x86_64-cpuid-Xeon-E5-2609-v3-enabled.xml | 8 + .../x86_64-cpuid-Xeon-E5-2609-v3-guest.xml | 31 + .../x86_64-cpuid-Xeon-E5-2609-v3-host.xml | 32 + .../x86_64-cpuid-Xeon-E5-2609-v3-json.xml | 14 + .../cputestdata/x86_64-cpuid-Xeon-E5-2609-v3.json | 726 +++++++++++++++++++++ tests/cputestdata/x86_64-cpuid-Xeon-E5-2609-v3.xml | 37 ++ .../x86_64-cpuid-Xeon-E5-2623-v4-disabled.xml | 7 + .../x86_64-cpuid-Xeon-E5-2623-v4-enabled.xml | 8 + .../x86_64-cpuid-Xeon-E5-2623-v4-guest.xml | 30 + .../x86_64-cpuid-Xeon-E5-2623-v4-host.xml | 34 + .../x86_64-cpuid-Xeon-E5-2623-v4-json.xml | 11 + .../cputestdata/x86_64-cpuid-Xeon-E5-2623-v4.json | 662 +++++++++++++++++++ tests/cputestdata/x86_64-cpuid-Xeon-E5-2623-v4.xml | 43 ++ .../x86_64-cpuid-Xeon-Gold-5115-disabled.xml | 8 + .../x86_64-cpuid-Xeon-Gold-5115-enabled.xml | 8 + .../x86_64-cpuid-Xeon-Gold-5115-guest.xml | 29 + .../x86_64-cpuid-Xeon-Gold-5115-host.xml | 30 + .../x86_64-cpuid-Xeon-Gold-5115-json.xml | 8 + tests/cputestdata/x86_64-cpuid-Xeon-Gold-5115.json | 614 +++++++++++++++++ tests/cputestdata/x86_64-cpuid-Xeon-Gold-5115.xml | 54 ++ 37 files changed, 4519 insertions(+) create mode 100644 tests/cputestdata/x86_64-cpuid-Core-i7-5600U-ibrs-disabled.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Core-i7-5600U-ibrs-enabled.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Core-i7-5600U-ibrs-guest.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Core-i7-5600U-ibrs-host.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Core-i7-5600U-ibrs-json.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Core-i7-5600U-ibrs.json create mode 100644 tests/cputestdata/x86_64-cpuid-Core-i7-5600U-ibrs.xml create mode 100644 tests/cputestdata/x86_64-cpuid-EPYC-7601-32-Core-ibpb-disabled.xml create mode 100644 tests/cputestdata/x86_64-cpuid-EPYC-7601-32-Core-ibpb-enabled.xml create mode 100644 tests/cputestdata/x86_64-cpuid-EPYC-7601-32-Core-ibpb-guest.xml create mode 100644 tests/cputestdata/x86_64-cpuid-EPYC-7601-32-Core-ibpb-host.xml create mode 100644 tests/cputestdata/x86_64-cpuid-EPYC-7601-32-Core-ibpb-json.xml create mode 100644 tests/cputestdata/x86_64-cpuid-EPYC-7601-32-Core-ibpb.json create mode 100644 tests/cputestdata/x86_64-cpuid-EPYC-7601-32-Core-ibpb.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E5-2609-v3-disabled.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E5-2609-v3-enabled.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E5-2609-v3-guest.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E5-2609-v3-host.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E5-2609-v3-json.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E5-2609-v3.json create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E5-2609-v3.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E5-2623-v4-disabled.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E5-2623-v4-enabled.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E5-2623-v4-guest.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E5-2623-v4-host.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E5-2623-v4-json.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E5-2623-v4.json create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E5-2623-v4.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-Gold-5115-disabled.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-Gold-5115-enabled.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-Gold-5115-guest.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-Gold-5115-host.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-Gold-5115-json.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-Gold-5115.json create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-Gold-5115.xml -- 2.15.1 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
