commit ba3709feaab44631315e02cd793cfccae4c6bd2a
author Tao Su <tao1.su@linux.intel.com> Thu Jul 06 13:49:46 2023 +0800
committer Paolo Bonzini <pbonzini@redhat.com> Fri Jul 07 12:52:27 2023 +0200
tree 3fd259f2cfcc7fad3fc40ae002bf16783230d1f7
parent 9dd8b71091f47bac395f543779269c14d8d93c60

target/i386: Allow MCDT_NO if host supports

MCDT_NO bit indicates HW contains the security fix and doesn't need to
be mitigated to avoid data-dependent behaviour for certain instructions.
It needs no hypervisor support. Treat it as supported regardless of what
KVM reports.

Signed-off-by: Tao Su <tao1.su@linux.intel.com>
Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com>
Message-ID: <20230706054949.66556-4-tao1.su@linux.intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

target/i386/kvm/kvm.c

diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index de53184..ebfaf3d 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -432,6 +432,10 @@
         uint32_t eax;
         host_cpuid(7, 1, &eax, &unused, &unused, &unused);
         ret |= eax & (CPUID_7_1_EAX_FZRM | CPUID_7_1_EAX_FSRS | CPUID_7_1_EAX_FSRC);
+    } else if (function == 7 && index == 2 && reg == R_EDX) {
+        uint32_t edx;
+        host_cpuid(7, 2, &unused, &unused, &unused, &edx);
+        ret |= edx & CPUID_7_2_EDX_MCDT_NO;
     } else if (function == 0xd && index == 0 &&
                (reg == R_EAX || reg == R_EDX)) {
         /*