Re: [PATCH 5/7] target/i386: Add few security fix bits in ARCH

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 5/7] target/i386: Add few security fix bits in ARCH_CAPABILIT

From:	Igor Mammedov
Subject:	Re: [PATCH 5/7] target/i386: Add few security fix bits in ARCH_CAPABILITIES into SapphireRapids CPU model
Date:	Tue, 27 Jun 2023 10:29:32 +0200

On Tue, 27 Jun 2023 14:10:17 +0800
Xiaoyao Li <xiaoyao.li@intel.com> wrote:

> On 6/26/2023 9:15 PM, Igor Mammedov wrote:
> > On Fri, 16 Jun 2023 11:23:09 +0800
> > Tao Su <tao1.su@linux.intel.com> wrote:
> >   
> >> From: Lei Wang <lei4.wang@intel.com>
> >>
> >> Latest stepping (8) of SapphireRapids has bit 13, 14 and 15 of
> >> MSR_IA32_ARCH_CAPABILITIES enabled, which are related to some security
> >> fixes.
> >>
> >> Add version 2 of SapphireRapids CPU model with those bits enabled also.  
> > 
> > don't we need to update stepping value to 8 as well?  
> 
> No need.
> 
> The commit message is misleading. There 3 bits and some other bits in 
> MSR_IA32_ARCH_CAPABILITIES are not tied to CPU stepping. Instead, they 
> are enumerated with newer microcode.

It that case fix commit message please.

> 
> >>
> >> Signed-off-by: Lei Wang <lei4.wang@intel.com>
> >> Signed-off-by: Tao Su <tao1.su@linux.intel.com>
> >> ---
> >>   target/i386/cpu.c | 13 +++++++++++--
> >>   1 file changed, 11 insertions(+), 2 deletions(-)
> >>
> >> diff --git a/target/i386/cpu.c b/target/i386/cpu.c
> >> index b5321240c6..f84fd20bb1 100644
> >> --- a/target/i386/cpu.c
> >> +++ b/target/i386/cpu.c
> >> @@ -3854,8 +3854,17 @@ static const X86CPUDefinition builtin_x86_defs[] = {
> >>           .model_id = "Intel Xeon Processor (SapphireRapids)",
> >>           .versions = (X86CPUVersionDefinition[]) {
> >>               { .version = 1 },
> >> -            { /* end of list */ },
> >> -        },
> >> +            {
> >> +                .version = 2,
> >> +                .props = (PropValue[]) {
> >> +                    { "sbdr-ssdp-no", "on" },
> >> +                    { "fbsdp-no", "on" },
> >> +                    { "psdp-no", "on" },
> >> +                    { /* end of list */ }
> >> +                }
> >> +            },
> >> +            { /* end of list */ }
> >> +        }
> >>       },
> >>       {
> >>           .name = "Denverton",  
> >   
>

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH 1/7] target/i386: Add FEAT_7_1_EDX to adjust feature level, (continued)
- [PATCH 2/7] target/i386: Add support for MCDT_NO in CPUID enumeration, Tao Su, 2023/06/15
- [PATCH 3/7] target/i386: Allow MCDT_NO if host supports, Tao Su, 2023/06/15
  - Re: [PATCH 3/7] target/i386: Allow MCDT_NO if host supports, Igor Mammedov, 2023/06/26
    - Re: [PATCH 3/7] target/i386: Allow MCDT_NO if host supports, Tao Su, 2023/06/27
- [PATCH 4/7] target/i386: Add new bit definitions of MSR_IA32_ARCH_CAPABILITIES, Tao Su, 2023/06/15
  - Re: [PATCH 4/7] target/i386: Add new bit definitions of MSR_IA32_ARCH_CAPABILITIES, Igor Mammedov, 2023/06/26
- [PATCH 5/7] target/i386: Add few security fix bits in ARCH_CAPABILITIES into SapphireRapids CPU model, Tao Su, 2023/06/15
  - Re: [PATCH 5/7] target/i386: Add few security fix bits in ARCH_CAPABILITIES into SapphireRapids CPU model, Igor Mammedov, 2023/06/26
    - Re: [PATCH 5/7] target/i386: Add few security fix bits in ARCH_CAPABILITIES into SapphireRapids CPU model, Xiaoyao Li, 2023/06/27
    - Re: [PATCH 5/7] target/i386: Add few security fix bits in ARCH_CAPABILITIES into SapphireRapids CPU model, Igor Mammedov <=
- [PATCH 6/7] target/i386: Add new CPU model EmeraldRapids, Tao Su, 2023/06/15
  - Re: [PATCH 6/7] target/i386: Add new CPU model EmeraldRapids, Igor Mammedov, 2023/06/26
    - Re: [PATCH 6/7] target/i386: Add new CPU model EmeraldRapids, Xiaoyao Li, 2023/06/27
    - Re: [PATCH 6/7] target/i386: Add new CPU model EmeraldRapids, Igor Mammedov, 2023/06/27
    - Re: [PATCH 6/7] target/i386: Add new CPU model EmeraldRapids, Xiaoyao Li, 2023/06/27
    - Re: [PATCH 6/7] target/i386: Add new CPU model EmeraldRapids, Daniel P . Berrangé, 2023/06/27
- [PATCH 7/7] target/i386: Add new CPU model GraniteRapids, Tao Su, 2023/06/15
  - Re: [PATCH 7/7] target/i386: Add new CPU model GraniteRapids, Igor Mammedov, 2023/06/27
    - Re: [PATCH 7/7] target/i386: Add new CPU model GraniteRapids, Tao Su, 2023/06/28
- Re: [PATCH 0/7] Add new CPU model EmeraldRapids and GraniteRapids, Wang, Lei, 2023/06/16

Prev by Date: Re: [PATCH 1/7] target/i386: Add FEAT_7_1_EDX to adjust feature level
Next by Date: Re: [PATCH 0/2] i386: Fix Hyper-V Gen1 guests stuck on boot with 'hv-passthrough'
Previous by thread: Re: [PATCH 5/7] target/i386: Add few security fix bits in ARCH_CAPABILITIES into SapphireRapids CPU model
Next by thread: [PATCH 6/7] target/i386: Add new CPU model EmeraldRapids
Index(es):
- Date
- Thread