diff options
| author | Pawan Gupta <[email protected]> | 2019-10-23 12:23:33 +0200 |
|---|---|---|
| committer | Thomas Gleixner <[email protected]> | 2019-10-28 08:36:59 +0100 |
| commit | e1d38b63acd843cfdd4222bf19a26700fd5c699e (patch) | |
| tree | 628b58426dbd6b25dc4200409ac19a3e079ba4e8 /scripts/bpf_helpers_doc.py | |
| parent | 6608b45ac5ecb56f9e171252229c39580cc85f0f (diff) | |
kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
Export the IA32_ARCH_CAPABILITIES MSR bit MDS_NO=0 to guests on TSX
Async Abort(TAA) affected hosts that have TSX enabled and updated
microcode. This is required so that the guests don't complain,
"Vulnerable: Clear CPU buffers attempted, no microcode"
when the host has the updated microcode to clear CPU buffers.
Microcode update also adds support for MSR_IA32_TSX_CTRL which is
enumerated by the ARCH_CAP_TSX_CTRL bit in IA32_ARCH_CAPABILITIES MSR.
Guests can't do this check themselves when the ARCH_CAP_TSX_CTRL bit is
not exported to the guests.
In this case export MDS_NO=0 to the guests. When guests have
CPUID.MD_CLEAR=1, they deploy MDS mitigation which also mitigates TAA.
Signed-off-by: Pawan Gupta <[email protected]>
Signed-off-by: Borislav Petkov <[email protected]>
Signed-off-by: Thomas Gleixner <[email protected]>
Tested-by: Neelima Krishnan <[email protected]>
Reviewed-by: Tony Luck <[email protected]>
Reviewed-by: Josh Poimboeuf <[email protected]>
Diffstat (limited to 'scripts/bpf_helpers_doc.py')
0 files changed, 0 insertions, 0 deletions