Hello Ai Lim,
Thanks for your feedback.. indeed we have not backported the following
patch:
commit 20140a82c67467f53814ca197403d5e1b561a5e5
Author: Paolo Bonzini <pbonz...@redhat.com>
Date: Thu May 16 15:53:20 2019
target/i386: add MDS-NO feature
Microarchitectural Data Sampling is a hardware vulnerability which allows
unprivileged speculative access to data which is available in various CPU
internal buffers.
Some Intel processors use the ARCH_CAP_MDS_NO bit in the
IA32_ARCH_CAPABILITIES
MSR to report that they are not vulnerable, make it available to guests.
Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
Message-Id: <20190516185320.28340-1-pbonz...@redhat.com>
Signed-off-by: Eduardo Habkost <ehabk...@redhat.com>
The documentation I had:
336996-Speculative-Execution-Side-Channel-Mitigations.pdf, from Intel,
showed bits 0-4 only, last feature I had documented for
ARCH_CAPABILITIES was SSB_NO. Turns out there is MDS-NO feature, in bit
5, to be backported (Disco & Bionic). Do you know if there is a newer
document from Intel showing specs for MDS-NO + ARCH_CAPABILITIES ?
Nevertheless, I'll provide you the backports in a PPA, for testing,
first thing in my morning.
Sorry for missing this one.
Best Regards
Rafael
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1828495
Title:
[KVM][CLX] CPUID_7_0_EDX_ARCH_CAPABILITIES is not enabled in VM.
To manage notifications about this bug go to:
https://bugs.launchpad.net/intel/+bug/1828495/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
