From: Daniel P. Berrangé <[email protected]> Update x86 CPU model guidance to recommend that the md-clear feature is manually enabled with all Intel CPU models, when supported by the host microcode.
Signed-off-by: Daniel P. Berrangé <[email protected]> Message-Id: <[email protected]> Signed-off-by: Eduardo Habkost <[email protected]> (cherry picked from commit 2c7e82a30774730100da9dbe68d2360459030d91) Signed-off-by: Oguz Bektas <[email protected]> Signed-off-by: Michael Roth <[email protected]> --- docs/qemu-cpu-models.texi | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/docs/qemu-cpu-models.texi b/docs/qemu-cpu-models.texi index 23c11dc86f..ad040cfc98 100644 --- a/docs/qemu-cpu-models.texi +++ b/docs/qemu-cpu-models.texi @@ -200,6 +200,18 @@ Not included by default in any Intel CPU model. Should be explicitly turned on for all Intel CPU models. Note that not all CPU hardware will support this feature. + +@item @code{md-clear} + +Required to confirm the MDS (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, +CVE-2019-11091) fixes. + +Not included by default in any Intel CPU model. + +Must be explicitly turned on for all Intel CPU models. + +Requires the host CPU microcode to support this feature before it +can be used for guest CPUs. @end table -- 2.17.1
