* {Ice,Cascade}Lake CPUs + IA32_ARCH_CAPABILITIES support (LP: #1828495)
Needed patches are in d/p/u/lp1828495-:
- 0001-guidance-cpu-models.patch:
docs: add guidance on configuring CPU models for x86
+ d/qemu-system-common.install: include man/man7/qemu-cpu-models.7
- 0002-msr-new-msr-indices.patch:
i386: Add new MSR indices for IA32_PRED_CMD and IA32_ARCH_CAPABILITIES
- 0003-cpuid-feature-ia32-arch-capabilities.patch:
i386: Add CPUID bit and feature words for IA32_ARCH_CAPABILITIES MSR
- 0004-cpuid-bit-for-wbnoinvd.patch:
i386: Add CPUID bit for WBNOINVD
- 0005-new-cpu-model-for-icelake.patch:
i386: Add new CPU model Icelake-{Server,Client}
- 0006-update-headers-to-4.16-rc5.patch:
update Linux headers to 4.16-rc5
- 0007-kvm-get-msr-feature-index_list.patch:
kvm: Add support to KVM_GET_MSR_FEATURE_INDEX_LIST and
- 0008-x86-msr-related-data-structure-changes.patch:
x86: Data structure changes to support MSR based features
- 0009-feature-wordS-arch-capabilities.patch:
x86: define a new MSR based feature word -- FEATURE_WORDS_ARCH
- 0010-use-kvm-get-msr-index-list.patch:
kvm: Use KVM_GET_MSR_INDEX_LIST for MSR_IA32_ARCH_CAPABILITIES support
- 0011-disable-arch-cap-when-no-msr.patch:
i386: kvm: Disable arch_capabilities if MSR can't be set
- 0012-arch-capabilities-migratable.patch:
i386: Make arch_capabilities migratable
- 0013-cascadelake-server.patch:
i386: Add new model of Cascadelake-Server
- 0014-remove-cpuid-pconfig.patch:
i386: remove the new CPUID 'PCONFIG' from Icelake-Server CPU model
- 0015-remove-cpuid-intel_pt.patch:
i386: remove the 'INTEL_PT' CPUID bit from named CPU models
- 0016-no-ospke-on-some.patch:
i386: Disable OSPKE on CPU model definitions
-- Rafael David Tinoco <email address hidden> Wed, 19 Jun 2019 19:48:48 +0000
We need the SRU for the last 2 commits (already pushed in the MR).
=================
For Disco, we're good because of security maintenance you had already done previously:
Okay,
So said in the merge requests, Bionic needed a new version with:
e6891e7... by Rafael David Tinoco <email address hidden> 3 minutes ago
changelog
c27fa94... by Rafael David Tinoco <email address hidden> on 2019-08-02 i386-add- MDS-NO- feature. patch (LP: #1828495): 721-g20140a82c6 )
- 0017-target-
target/i386: add MDS-NO feature
(upstream: 20140a82c674, desc: v4.0.0-
And the changelog stayed:
qemu (1:2.11+ dfsg-1ubuntu7. 17) bionic; urgency=medium
* {Ice,Cascade}Lake IA32_ARCH_ CAPABILITIES support (LP: 1828495) i386-add- MDS-NO- feature. patch:
Needed patch is in d/p/u/lp1828495-:
- 0017-target-
target/i386: add MDS-NO feature
-- Rafael David Tinoco <email address hidden> Mon, 05 Aug 2019 19:12:08 +0000
qemu (1:2.11+ dfsg-1ubuntu7. 16) bionic; urgency=medium
* {Ice,Cascade}Lake CPUs + IA32_ARCH_ CAPABILITIES support (LP: #1828495) cpu-models. patch: system- common. install: include man/man7/ qemu-cpu- models. 7 new-msr- indices. patch: CAPABILITIES feature- ia32-arch- capabilities. patch: CAPABILITIES MSR bit-for- wbnoinvd. patch: cpu-model- for-icelake. patch: {Server, Client} headers- to-4.16- rc5.patch: get-msr- feature- index_list. patch: MSR_FEATURE_ INDEX_LIST and msr-related- data-structure- changes. patch: wordS-arch- capabilities. patch: kvm-get- msr-index- list.patch: MSR_INDEX_ LIST for MSR_IA32_ ARCH_CAPABILITI ES support arch-cap- when-no- msr.patch: capabilities- migratable. patch: e-server. patch: cpuid-pconfig. patch: cpuid-intel_ pt.patch: ospke-on- some.patch:
Needed patches are in d/p/u/lp1828495-:
- 0001-guidance-
docs: add guidance on configuring CPU models for x86
+ d/qemu-
- 0002-msr-
i386: Add new MSR indices for IA32_PRED_CMD and IA32_ARCH_
- 0003-cpuid-
i386: Add CPUID bit and feature words for IA32_ARCH_
- 0004-cpuid-
i386: Add CPUID bit for WBNOINVD
- 0005-new-
i386: Add new CPU model Icelake-
- 0006-update-
update Linux headers to 4.16-rc5
- 0007-kvm-
kvm: Add support to KVM_GET_
- 0008-x86-
x86: Data structure changes to support MSR based features
- 0009-feature-
x86: define a new MSR based feature word -- FEATURE_WORDS_ARCH
- 0010-use-
kvm: Use KVM_GET_
- 0011-disable-
i386: kvm: Disable arch_capabilities if MSR can't be set
- 0012-arch-
i386: Make arch_capabilities migratable
- 0013-cascadelak
i386: Add new model of Cascadelake-Server
- 0014-remove-
i386: remove the new CPUID 'PCONFIG' from Icelake-Server CPU model
- 0015-remove-
i386: remove the 'INTEL_PT' CPUID bit from named CPU models
- 0016-no-
i386: Disable OSPKE on CPU model definitions
-- Rafael David Tinoco <email address hidden> Wed, 19 Jun 2019 19:48:48 +0000
We need the SRU for the last 2 commits (already pushed in the MR).
=================
For Disco, we're good because of security maintenance you had already done previously:
qemu (1:3.1+ dfsg-2ubuntu3. 1) disco-security; urgency=medium
* SECURITY UPDATE: Add support for exposing md-clear functionality enable- md-clear. patch enable- md-no.patch
to guests
- d/p/ubuntu/
- d/p/ubuntu/
...
And enable-md-no.patch made the trick for MDS-NO bit.
So all we need is the verification of the package already in -proposed. I'll do that now.