Merge remote-tracking branch 'remotes/kraxel/tags/vga-20190628-pull-request' into...

[qemu.git] / docs / qemu-cpu-models.texi

diff --git a/docs/qemu-cpu-models.texi b/docs/qemu-cpu-models.texi
index 475d434d52f3c135d6c15db1fdc1cfd9b999c0bb..ad040cfc981a801594f62bbd907140803ce1aa4d 100644 (file)
--- a/docs/qemu-cpu-models.texi
+++ b/docs/qemu-cpu-models.texi
@@ -49,7 +49,7 @@ live migration safe.
 The information that follows provides recommendations for configuring
 CPU models on x86 hosts. The goals are to maximise performance, while
 protecting guest OS against various CPU hardware flaws, and optionally
-enabling live migration between hosts with hetergeneous CPU models.
+enabling live migration between hosts with heterogeneous CPU models.
 
 @menu
 * preferred_cpu_models_intel_x86::       Preferred CPU models for Intel x86 hosts
@@ -158,8 +158,7 @@ support this feature.
 
 @item @code{spec-ctrl}
 
-Required to enable the Spectre (CVE-2017-5753 and CVE-2017-5715) fix,
-in cases where retpolines are not sufficient.
+Required to enable the Spectre v2 (CVE-2017-5715) fix.
 
 Included by default in Intel CPU models with -IBRS suffix.
 
@@ -169,6 +168,17 @@ Requires the host CPU microcode to support this feature before it
 can be used for guest CPUs.
 
 
+@item @code{stibp}
+
+Required to enable stronger Spectre v2 (CVE-2017-5715) fixes in some
+operating systems.
+
+Must be explicitly turned on for all Intel CPU models.
+
+Requires the host CPU microcode to support this feature before it
+can be used for guest CPUs.
+
+
 @item @code{ssbd}
 
 Required to enable the CVE-2018-3639 fix
@@ -190,6 +200,18 @@ Not included by default in any Intel CPU model.
 Should be explicitly turned on for all Intel CPU models.
 
 Note that not all CPU hardware will support this feature.
+
+@item @code{md-clear}
+
+Required to confirm the MDS (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130,
+CVE-2019-11091) fixes.
+
+Not included by default in any Intel CPU model.
+
+Must be explicitly turned on for all Intel CPU models.
+
+Requires the host CPU microcode to support this feature before it
+can be used for guest CPUs.
 @end table
 
 
@@ -249,8 +271,7 @@ included if using "Host passthrough" or "Host model".
 
 @item @code{ibpb}
 
-Required to enable the Spectre (CVE-2017-5753 and CVE-2017-5715) fix,
-in cases where retpolines are not sufficient.
+Required to enable the Spectre v2 (CVE-2017-5715) fix.
 
 Included by default in AMD CPU models with -IBPB suffix.
 
@@ -260,6 +281,17 @@ Requires the host CPU microcode to support this feature before it
 can be used for guest CPUs.
 
 
+@item @code{stibp}
+
+Required to enable stronger Spectre v2 (CVE-2017-5715) fixes in some
+operating systems.
+
+Must be explicitly turned on for all AMD CPU models.
+
+Requires the host CPU microcode to support this feature before it
+can be used for guest CPUs.
+
+
 @item @code{virt-ssbd}
 
 Required to enable the CVE-2018-3639 fix
@@ -287,7 +319,7 @@ Must be explicitly turned on for all AMD CPU models.
 This provides higher performance than virt-ssbd so should be
 exposed to guests whenever available in the host. virt-ssbd
 should none the less also be exposed for maximum guest
-compatability as some kernels only know about virt-ssbd.
+compatibility as some kernels only know about virt-ssbd.
 
 
 @item @code{amd-no-ssb}
@@ -296,7 +328,7 @@ Recommended to indicate the host is not vulnerable CVE-2018-3639
 
 Not included by default in any AMD CPU model.
 
-Future hardware genarations of CPU will not be vulnerable to
+Future hardware generations of CPU will not be vulnerable to
 CVE-2018-3639, and thus the guest should be told not to enable
 its mitigations, by exposing amd-no-ssb. This is mutually
 exclusive with virt-ssbd and amd-ssbd.
@@ -451,7 +483,7 @@ MIPS64 Processor (Release 6, 2014)
 
 @item @code{Loongson-2F}
 
-MIPS64 Processor (Longsoon 2, 2008)
+MIPS64 Processor (Loongson 2, 2008)
 
 
 @item @code{Loongson-2E}