aboutsummaryrefslogtreecommitdiff
path: root/target
diff options
context:
space:
mode:
authorEduardo Habkost <ehabkost@redhat.com>2019-11-20 13:49:11 -0300
committerPaolo Bonzini <pbonzini@redhat.com>2019-11-21 16:35:05 +0100
commit9ab2237f1979f31de228b2a73b56925dbde938d1 (patch)
tree1565174cc2b327093fa6626b50f4c4e6b5d8793a /target
parent2a9758c51e2c2d13fc3845c3d603c11df98b8823 (diff)
downloadqemu-9ab2237f1979f31de228b2a73b56925dbde938d1.zip
qemu-9ab2237f1979f31de228b2a73b56925dbde938d1.tar.gz
qemu-9ab2237f1979f31de228b2a73b56925dbde938d1.tar.bz2
i386: Add new versions of Skylake/Cascadelake/Icelake without TSX
One of the mitigation methods for TAA[1] is to disable TSX support on the host system. Linux added a mechanism to disable TSX globally through the kernel command line, and many Linux distributions now default to tsx=off. This makes existing CPU models that have HLE and RTM enabled not usable anymore. Add new versions of all CPU models that have the HLE and RTM features enabled, that can be used when TSX is disabled in the host system. References: [1] TAA, TSX asynchronous Abort: https://software.intel.com/security-software-guidance/insights/deep-dive-intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/tsx_async_abort.html Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'target')
-rw-r--r--target/i386/cpu.c47
1 files changed, 47 insertions, 0 deletions
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 9cd9adf..37c023f 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -2902,6 +2902,14 @@ static X86CPUDefinition builtin_x86_defs[] = {
{ /* end of list */ }
}
},
+ {
+ .version = 3,
+ .props = (PropValue[]) {
+ { "hle", "off" },
+ { "rtm", "off" },
+ { /* end of list */ }
+ }
+ },
{ /* end of list */ }
}
},
@@ -3015,6 +3023,14 @@ static X86CPUDefinition builtin_x86_defs[] = {
{ /* end of list */ }
}
},
+ {
+ .version = 3,
+ .props = (PropValue[]) {
+ { "hle", "off" },
+ { "rtm", "off" },
+ { /* end of list */ }
+ }
+ },
{ /* end of list */ }
}
},
@@ -3128,6 +3144,13 @@ static X86CPUDefinition builtin_x86_defs[] = {
{ /* end of list */ }
},
},
+ { .version = 3,
+ .props = (PropValue[]) {
+ { "hle", "off" },
+ { "rtm", "off" },
+ { /* end of list */ }
+ },
+ },
{ /* end of list */ }
}
},
@@ -3230,6 +3253,18 @@ static X86CPUDefinition builtin_x86_defs[] = {
.features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
.xlevel = 0x80000008,
.model_id = "Intel Core Processor (Icelake)",
+ .versions = (X86CPUVersionDefinition[]) {
+ { .version = 1 },
+ {
+ .version = 2,
+ .props = (PropValue[]) {
+ { "hle", "off" },
+ { "rtm", "off" },
+ { /* end of list */ }
+ },
+ },
+ { /* end of list */ }
+ }
},
{
.name = "Icelake-Server",
@@ -3334,6 +3369,18 @@ static X86CPUDefinition builtin_x86_defs[] = {
VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS,
.xlevel = 0x80000008,
.model_id = "Intel Xeon Processor (Icelake)",
+ .versions = (X86CPUVersionDefinition[]) {
+ { .version = 1 },
+ {
+ .version = 2,
+ .props = (PropValue[]) {
+ { "hle", "off" },
+ { "rtm", "off" },
+ { /* end of list */ }
+ },
+ },
+ { /* end of list */ }
+ }
},
{
.name = "Denverton",