Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:FrontRunner
libvirt.11701
538d8735-cpu_map-Define-md-clear-CPUID-bit.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 538d8735-cpu_map-Define-md-clear-CPUID-bit.patch of Package libvirt.11701
commit 7bde733e906a9eb513448fd58201a333a1793811 Author: Jiri Denemark <jdenemar@redhat.com> Date: Fri Apr 5 15:11:20 2019 +0200 cpu_map: Define md-clear CPUID bit CVE-2018-12126, CVE-2018-12127, CVE-2018-12130 The bit is set when microcode provides the mechanism to invoke a flush of various exploitable CPU buffers by invoking the VERW instruction. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Jiri Denemark <jdenemar@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> (cherry picked from commit 538d873571d7a682852dc1d70e5f4478f4d64e85) Conflicts: src/cpu_map/x86_features.xml - no CPU map split downstream tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-guest.xml tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-host.xml - test data missing downstream tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml - intel-pt feature is missing downstream Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Index: libvirt-4.0.0/src/cpu/cpu_map.xml =================================================================== --- libvirt-4.0.0.orig/src/cpu/cpu_map.xml +++ libvirt-4.0.0/src/cpu/cpu_map.xml @@ -292,6 +292,9 @@ <feature name='avx512-4fmaps'> <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000008'/> </feature> + <feature name='md-clear'> <!-- md_clear --> + <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000400'/> + </feature> <feature name='spec-ctrl'> <cpuid eax_in='0x07' ecx_in='0x00' edx='0x04000000'/> </feature> Index: libvirt-4.0.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml =================================================================== --- libvirt-4.0.0.orig/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml +++ libvirt-4.0.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml @@ -2,7 +2,7 @@ <cpudata arch='x86'> <cpuid eax_in='0x00000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0xf7fa3203' edx='0x0f8bfbff'/> <cpuid eax_in='0x00000006' ecx_in='0x00' eax='0x00000004' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> - <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x009c4fbb' ecx='0x00000000' edx='0x8c000000'/> + <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x009c4fbb' ecx='0x00000000' edx='0x8c000400'/> <cpuid eax_in='0x0000000d' ecx_in='0x01' eax='0x00000007' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> <cpuid eax_in='0x80000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000121' edx='0x2c100800'/> </cpudata> Index: libvirt-4.0.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml =================================================================== --- libvirt-4.0.0.orig/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml +++ libvirt-4.0.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml @@ -19,6 +19,7 @@ <feature policy='require' name='osxsave'/> <feature policy='require' name='tsc_adjust'/> <feature policy='require' name='clflushopt'/> + <feature policy='require' name='md-clear'/> <feature policy='require' name='stibp'/> <feature policy='require' name='ssbd'/> <feature policy='require' name='xsaves'/> Index: libvirt-4.0.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml =================================================================== --- libvirt-4.0.0.orig/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml +++ libvirt-4.0.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml @@ -20,6 +20,7 @@ <feature name='osxsave'/> <feature name='tsc_adjust'/> <feature name='clflushopt'/> + <feature name='md-clear'/> <feature name='stibp'/> <feature name='ssbd'/> <feature name='xsaves'/> Index: libvirt-4.0.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml =================================================================== --- libvirt-4.0.0.orig/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml +++ libvirt-4.0.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml @@ -5,6 +5,7 @@ <feature policy='require' name='hypervisor'/> <feature policy='require' name='tsc_adjust'/> <feature policy='require' name='clflushopt'/> + <feature policy='require' name='md-clear'/> <feature policy='require' name='stibp'/> <feature policy='require' name='ssbd'/> <feature policy='require' name='pdpe1gb'/>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor