Commit 174a78a8 authored Mar 07, 2019 by Daniel P. Berrangé Committed by Eduardo Habkost Mar 20, 2019

docs: clarify that spec-ctrl is only needed for Spectre v2



The docs currently say that the spec-ctrl feature is needed for both
Spectre variants, but it is only used to address Spectre v2. Also
remove the note about retpolines. The guest OS is usually treated
as a blackbox from host mgmt pov, so it won't have knowledge about
use of retpolines and thus should unconditionally expose spec-ctrl,
allowing the guest to decide whether to use it or not.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20190307121838.6345-2-berrange@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>

parent bb4928c7

docs/qemu-cpu-models.texi

+2 −4

Original line number	Diff line number	Diff line
		@@ -158,8 +158,7 @@ support this feature.

		@item @code{spec-ctrl}

		Required to enable the Spectre (CVE-2017-5753 and CVE-2017-5715) fix,
		in cases where retpolines are not sufficient.
		Required to enable the Spectre v2 (CVE-2017-5715) fix.

		Included by default in Intel CPU models with -IBRS suffix.

		@@ -249,8 +248,7 @@ included if using "Host passthrough" or "Host model".

		@item @code{ibpb}

		Required to enable the Spectre (CVE-2017-5753 and CVE-2017-5715) fix,
		in cases where retpolines are not sufficient.
		Required to enable the Spectre v2 (CVE-2017-5715) fix.

		Included by default in AMD CPU models with -IBPB suffix.