On Thu, Jun 14, 2018 at 11:48:41 +0100, Daniel P. Berrangé wrote: > AMD x86 CPUs have two separate ways to mitigate the Speculative Store > Bypass hardware flaw. In current processors only non-architectural MSRs > are available, and so hypervisors must expose a virtualized MSR and CPU > flag "virt-ssbd" (CPUID Function 8000_0008, EBX[25]=1). > > In future processors AMD will provide an architectural MSR, indicated by > existance of the CPUID Function 8000_0008, EBX[24]=1, to which QEMU has > given the name "amd-ssbd". > > The "amd-ssbd" flag should be used in preference to "virt-ssbd", if it > is available, since it provides improved performance. For virtual > machine configuration, both should be exposed when available, to allow > for maximal guest OS compatibility as not all guests yet support both. > > If future processes are not vulnerable to the flaw, this will be > indicated by the existance of CPUID Function 8000_0008, EBX[26]=1, > to which QEMU has given the name "amd-no-ssb". > > See also 124441_AMD64_SpeculativeStoreBypassDisable_Whitepaper_final.pdf > from: > > https://bugzilla.kernel.org/show_bug.cgi?id=199889 > > Note that neither amd-ssbd or amd-no-ssb will be reported by the kernel > in /proc/cpuinfo. It knows about these CPUID bits and does the right thing, > but doesn't report their existance as distinct flags in /proc/cpuinfo. > > Signed-off-by: Daniel P. Berrangé <berrange@xxxxxxxxxx> Eduardo pushed the QEMU part into his x86-next queue, but he didn't send a pull request yet. I think it's a good idea to wait until the patch lands in QEMU master before pushing this patch. Reviewed-by: Jiri Denemark <jdenemar@xxxxxxxxxx> -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list