2018-01-17 08:51+1100, Paul Mackerras: > On Tue, Jan 16, 2018 at 03:45:11PM +0100, Paolo Bonzini wrote: > > On 16/01/2018 01:59, Paul Mackerras wrote: > > > This adds a new ioctl, KVM_PPC_GET_CPU_CHAR, that gives userspace > > > information about the underlying machine's level of vulnerability > > > to the recently announced vulnerabilities CVE-2017-5715, > > > CVE-2017-5753 and CVE-2017-5754, and whether the machine provides > > > instructions to assist software to work around the vulnerabilities. > > > > > > The ioctl returns two u64 words describing characteristics of the > > > CPU and required software behaviour respectively, plus two mask > > > words which indicate which bits have been filled in by the kernel, > > > for extensibility. The bit definitions are the same as for the > > > new H_GET_CPU_CHARACTERISTICS hypercall. > > > > > > There is also a new capability, KVM_CAP_PPC_GET_CPU_CHAR, which > > > indicates whether the new ioctl is available. > > > > > > Signed-off-by: Paul Mackerras <paulus@xxxxxxxxxx> > > > --- > > > > Thanks, looks good. Would you like this in 4.15? > > Yes please. Will you just apply the patch, or do you want me to put > it in a branch for you to pull? I can apply it directly. Do I understand correctly that the interface is a KVM hypercall because we need to forward this information into guests and other userspace can do nothing with the information? Thanks.
