[PULL 19/48] docs: Add GNR, SRF and CWF CPU models

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PULL 19/48] docs: Add GNR, SRF and CWF CPU models

From:	Paolo Bonzini
Subject:	[PULL 19/48] docs: Add GNR, SRF and CWF CPU models
Date:	Fri, 24 Jan 2025 10:44:13 +0100

From: Tao Su <tao1.su@linux.intel.com>

Update GraniteRapids, SierraForest and ClearwaterForest CPU models in
section "Preferred CPU models for Intel x86 hosts".

Also introduce bhi-no, gds-no and rfds-no in doc.

Suggested-by: Zhao Liu <zhao1.liu@intel.com>
Signed-off-by: Tao Su <tao1.su@linux.intel.com>
Reviewed-by: Zhao Liu <zhao1.liu@intel.com>
Link: 20250121020650.1899618-5-tao1.su@linux.intel.com">https://lore.kernel.org/r/20250121020650.1899618-5-tao1.su@linux.intel.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
 docs/system/cpu-models-x86.rst.inc | 50 +++++++++++++++++++++++++++---
 1 file changed, 46 insertions(+), 4 deletions(-)

diff --git a/docs/system/cpu-models-x86.rst.inc 
b/docs/system/cpu-models-x86.rst.inc
index ba27b5683fb..6a770ca8351 100644
--- a/docs/system/cpu-models-x86.rst.inc
+++ b/docs/system/cpu-models-x86.rst.inc
@@ -71,6 +71,16 @@ mixture of host CPU models between machines, if live 
migration
 compatibility is required, use the newest CPU model that is compatible
 across all desired hosts.
 
+``ClearwaterForest``
+    Intel Xeon Processor (ClearwaterForest, 2025)
+
+``SierraForest``, ``SierraForest-v2``
+    Intel Xeon Processor (SierraForest, 2024), SierraForest-v2 mitigates
+    the GDS and RFDS vulnerabilities with stepping 3.
+
+``GraniteRapids``, ``GraniteRapids-v2``
+    Intel Xeon Processor (GraniteRapids, 2024)
+
 ``Cascadelake-Server``, ``Cascadelake-Server-noTSX``
     Intel Xeon Processor (Cascade Lake, 2019), with "stepping" levels 6
     or 7 only.  (The Cascade Lake Xeon processor with *stepping 5 is
@@ -181,7 +191,7 @@ features are included if using "Host passthrough" or "Host 
model".
   CVE-2018-12127, [MSBDS] CVE-2018-12126).
 
   This is an MSR (Model-Specific Register) feature rather than a CPUID feature,
-  so it will not appear in the Linux ``/proc/cpuinfo`` in the host or
+  therefore it will not appear in the Linux ``/proc/cpuinfo`` in the host or
   guest.  Instead, the host kernel uses it to populate the MDS
   vulnerability file in ``sysfs``.
 
@@ -189,10 +199,10 @@ features are included if using "Host passthrough" or 
"Host model".
   affected} in the ``/sys/devices/system/cpu/vulnerabilities/mds`` file.
 
 ``taa-no``
-  Recommended to inform that the guest that the host is ``not``
+  Recommended to inform the guest that the host is ``not``
   vulnerable to CVE-2019-11135, TSX Asynchronous Abort (TAA).
 
-  This too is an MSR feature, so it does not show up in the Linux
+  This is also an MSR feature, therefore it does not show up in the Linux
   ``/proc/cpuinfo`` in the host or guest.
 
   It should only be enabled for VMs if the host reports ``Not affected``
@@ -214,7 +224,7 @@ features are included if using "Host passthrough" or "Host 
model".
   By disabling TSX, KVM-based guests can avoid paying the price of
   mitigating TSX-based attacks.
 
-  Note that ``tsx-ctrl`` too is an MSR feature, so it does not show
+  Note that ``tsx-ctrl`` is also an MSR feature, therefore it does not show
   up in the Linux ``/proc/cpuinfo`` in the host or guest.
 
   To validate that Intel TSX is indeed disabled for the guest, there are
@@ -223,6 +233,38 @@ features are included if using "Host passthrough" or "Host 
model".
   ``/sys/devices/system/cpu/vulnerabilities/tsx_async_abort`` file in
   the guest should report ``Mitigation: TSX disabled``.
 
+``bhi-no``
+  Recommended to inform the guest that the host is ``not``
+  vulnerable to CVE-2022-0001, Branch History Injection (BHI).
+
+  This is also an MSR feature, therefore it does not show up in the Linux
+  ``/proc/cpuinfo`` in the host or guest.
+
+  It should only be enabled for VMs if the host reports
+  ``BHI: Not affected`` in the
+  ``/sys/devices/system/cpu/vulnerabilities/spectre_v2`` file.
+
+``gds-no``
+  Recommended to inform the guest that the host is ``not``
+  vulnerable to CVE-2022-40982, Gather Data Sampling (GDS).
+
+  This is also an MSR feature, therefore it does not show up in the Linux
+  ``/proc/cpuinfo`` in the host or guest.
+
+  It should only be enabled for VMs if the host reports ``Not affected``
+  in the ``/sys/devices/system/cpu/vulnerabilities/gather_data_sampling``
+  file.
+
+``rfds-no``
+  Recommended to inform the guest that the host is ``not``
+  vulnerable to CVE-2023-28746, Register File Data Sampling (RFDS).
+
+  This is also an MSR feature, therefore it does not show up in the Linux
+  ``/proc/cpuinfo`` in the host or guest.
+
+  It should only be enabled for VMs if the host reports ``Not affected``
+  in the ``/sys/devices/system/cpu/vulnerabilities/reg_file_data_sampling``
+  file.
 
 Preferred CPU models for AMD x86 hosts
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-- 
2.48.1

[Prev in Thread]

Current Thread

[Next in Thread]

[PULL 26/48] rust: vmstate: implement VMState for non-leaf types, (continued)
- [PULL 26/48] rust: vmstate: implement VMState for non-leaf types, Paolo Bonzini, 2025/01/24
- [PULL 18/48] target/i386: Add new CPU model ClearwaterForest, Paolo Bonzini, 2025/01/24
- [PULL 20/48] stub: Fix build failure with --enable-user --disable-system --enable-tools, Paolo Bonzini, 2025/01/24
- [PULL 35/48] rust: prefer NonNull::new to assertions, Paolo Bonzini, 2025/01/24
- [PULL 25/48] rust: vmstate: add new type safe implementation, Paolo Bonzini, 2025/01/24
- [PULL 29/48] rust: vmstate: implement VMState for scalar types, Paolo Bonzini, 2025/01/24
- [PULL 42/48] rust: pl011: wrap registers with BqlRefCell, Paolo Bonzini, 2025/01/24
- [PULL 43/48] rust: pl011: remove duplicate definitions, Paolo Bonzini, 2025/01/24
- [PULL 24/48] memattrs: Check the size of MemTxAttrs, Paolo Bonzini, 2025/01/24
- [PULL 34/48] rust: vmstate: make order of parameters consistent in vmstate_clock, Paolo Bonzini, 2025/01/24
- [PULL 19/48] docs: Add GNR, SRF and CWF CPU models, Paolo Bonzini <=
- [PULL 30/48] rust: vmstate: add public utility macros to implement VMState, Paolo Bonzini, 2025/01/24
- [PULL 36/48] rust: pl011: remove unnecessary "extern crate", Paolo Bonzini, 2025/01/24
- [PULL 37/48] rust: pl011: hide unnecessarily "pub" items from outside pl011::device, Paolo Bonzini, 2025/01/24
- [PULL 48/48] rust: qemu-api: add sub-subclass to the integration tests, Paolo Bonzini, 2025/01/24
- [PULL 21/48] rust/qdev: Make REALIZE safe, Paolo Bonzini, 2025/01/24
- [PULL 45/48] rust: pl011: drop use of ControlFlow, Paolo Bonzini, 2025/01/24
- [PULL 40/48] rust: pl011: pull interrupt updates out of read/write ops, Paolo Bonzini, 2025/01/24
- [PULL 32/48] rust: pl011: switch vmstate to new-style macros, Paolo Bonzini, 2025/01/24
- [PULL 38/48] rust: pl011: extract conversion to RegisterOffset, Paolo Bonzini, 2025/01/24
- [PULL 47/48] rust/zeroable: Implement Zeroable with const_zero macro, Paolo Bonzini, 2025/01/24

Prev by Date: [PULL 34/48] rust: vmstate: make order of parameters consistent in vmstate_clock
Next by Date: [PULL 30/48] rust: vmstate: add public utility macros to implement VMState
Previous by thread: [PULL 34/48] rust: vmstate: make order of parameters consistent in vmstate_clock
Next by thread: [PULL 30/48] rust: vmstate: add public utility macros to implement VMState
Index(es):
- Date
- Thread