Add new CPU features for CVE-2017-5715 and CVE-2018-3639
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
parent
7294ce1ae2
commit
ac335adbbc
@ -0,0 +1,74 @@
|
|||||||
|
From e18672ce9a5fff383992fd6e842d1cbe85c141ea Mon Sep 17 00:00:00 2001
|
||||||
|
From: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
Date: Tue, 12 Dec 2017 16:23:40 +0100
|
||||||
|
Subject: [PATCH 10/19] util: add virFileReadHeaderQuiet wrapper around
|
||||||
|
virFileReadHeaderFD
|
||||||
|
|
||||||
|
CVE-2017-5715
|
||||||
|
|
||||||
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||||
|
---
|
||||||
|
src/libvirt_private.syms | 1 +
|
||||||
|
src/util/virfile.c | 19 +++++++++++++++++++
|
||||||
|
src/util/virfile.h | 2 ++
|
||||||
|
3 files changed, 22 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
|
||||||
|
index f30a04b145..29b73fa046 100644
|
||||||
|
--- a/src/libvirt_private.syms
|
||||||
|
+++ b/src/libvirt_private.syms
|
||||||
|
@@ -1703,6 +1703,7 @@ virFileReadAll;
|
||||||
|
virFileReadAllQuiet;
|
||||||
|
virFileReadBufQuiet;
|
||||||
|
virFileReadHeaderFD;
|
||||||
|
+virFileReadHeaderQuiet;
|
||||||
|
virFileReadLimFD;
|
||||||
|
virFileReadLink;
|
||||||
|
virFileReadValueBitmap;
|
||||||
|
diff --git a/src/util/virfile.c b/src/util/virfile.c
|
||||||
|
index 2f28e83f44..269db995ff 100644
|
||||||
|
--- a/src/util/virfile.c
|
||||||
|
+++ b/src/util/virfile.c
|
||||||
|
@@ -1356,6 +1356,25 @@ virFileReadHeaderFD(int fd, int maxlen, char **buf)
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
+int
|
||||||
|
+virFileReadHeaderQuiet(const char *path,
|
||||||
|
+ int maxlen,
|
||||||
|
+ char **buf)
|
||||||
|
+{
|
||||||
|
+ int fd;
|
||||||
|
+ int len;
|
||||||
|
+
|
||||||
|
+ fd = open(path, O_RDONLY);
|
||||||
|
+ if (fd < 0)
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
+ len = virFileReadHeaderFD(fd, maxlen, buf);
|
||||||
|
+ VIR_FORCE_CLOSE(fd);
|
||||||
|
+
|
||||||
|
+ return len;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+
|
||||||
|
/* A wrapper around saferead_lim that maps a failure due to
|
||||||
|
exceeding the maximum size limitation to EOVERFLOW. */
|
||||||
|
int
|
||||||
|
diff --git a/src/util/virfile.h b/src/util/virfile.h
|
||||||
|
index 57ceb80721..657e7216fb 100644
|
||||||
|
--- a/src/util/virfile.h
|
||||||
|
+++ b/src/util/virfile.h
|
||||||
|
@@ -129,6 +129,8 @@ int virFileDeleteTree(const char *dir);
|
||||||
|
|
||||||
|
int virFileReadHeaderFD(int fd, int maxlen, char **buf)
|
||||||
|
ATTRIBUTE_RETURN_CHECK ATTRIBUTE_NONNULL(3);
|
||||||
|
+int virFileReadHeaderQuiet(const char *path, int maxlen, char **buf)
|
||||||
|
+ ATTRIBUTE_RETURN_CHECK ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(3);
|
||||||
|
int virFileReadLimFD(int fd, int maxlen, char **buf)
|
||||||
|
ATTRIBUTE_RETURN_CHECK ATTRIBUTE_NONNULL(3);
|
||||||
|
int virFileReadAll(const char *path, int maxlen, char **buf)
|
||||||
|
--
|
||||||
|
2.17.0
|
||||||
|
|
36
1001-cpu_x86-Copy-CPU-signature-from-ancestor.patch
Normal file
36
1001-cpu_x86-Copy-CPU-signature-from-ancestor.patch
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
From a84e70ad247da5d3ad13615efd70b91951392aa1 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jiri Denemark <jdenemar@redhat.com>
|
||||||
|
Date: Fri, 5 Jan 2018 17:43:03 +0100
|
||||||
|
Subject: [PATCH 12/19] cpu_x86: Copy CPU signature from ancestor
|
||||||
|
|
||||||
|
When specifying a new CPU model in cpu_map.xml as an extension to an
|
||||||
|
existing model, we forgot to copy the signature (family + model) from
|
||||||
|
the original CPU model.
|
||||||
|
|
||||||
|
We don't use this way of specifying CPU models, but it's still supported
|
||||||
|
and it becomes useful when someone wants to quickly hack up a CPU model
|
||||||
|
for testing or when creating additional variants of existing models to
|
||||||
|
help with fixing some spectral issues.
|
||||||
|
|
||||||
|
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||||
|
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
|
||||||
|
(cherry picked from commit b427cf4831d0ea7aac9dd1a3aa7682478356a483)
|
||||||
|
---
|
||||||
|
src/cpu/cpu_x86.c | 1 +
|
||||||
|
1 file changed, 1 insertion(+)
|
||||||
|
|
||||||
|
diff --git a/src/cpu/cpu_x86.c b/src/cpu/cpu_x86.c
|
||||||
|
index 2864454211..3b7a6f95fe 100644
|
||||||
|
--- a/src/cpu/cpu_x86.c
|
||||||
|
+++ b/src/cpu/cpu_x86.c
|
||||||
|
@@ -1206,6 +1206,7 @@ x86ModelParse(xmlXPathContextPtr ctxt,
|
||||||
|
VIR_FREE(name);
|
||||||
|
|
||||||
|
model->vendor = ancestor->vendor;
|
||||||
|
+ model->signature = ancestor->signature;
|
||||||
|
if (x86DataCopy(&model->data, &ancestor->data) < 0)
|
||||||
|
goto error;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.17.0
|
||||||
|
|
97
1002-util-introduce-virHostCPUGetMicrocodeVersion.patch
Normal file
97
1002-util-introduce-virHostCPUGetMicrocodeVersion.patch
Normal file
@ -0,0 +1,97 @@
|
|||||||
|
From de12d97c029d6644bb42afaa38410c4263bef41f Mon Sep 17 00:00:00 2001
|
||||||
|
From: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
Date: Tue, 12 Dec 2017 16:23:41 +0100
|
||||||
|
Subject: [PATCH 13/19] util: introduce virHostCPUGetMicrocodeVersion
|
||||||
|
|
||||||
|
This new API reads host's CPU microcode version from /proc/cpuinfo.
|
||||||
|
|
||||||
|
Unfortunately, there is no other way of reading microcode version which
|
||||||
|
would be usable from both system and session daemon.
|
||||||
|
|
||||||
|
CVE-2017-5715
|
||||||
|
|
||||||
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||||
|
---
|
||||||
|
src/libvirt_private.syms | 1 +
|
||||||
|
src/util/virhostcpu.c | 43 ++++++++++++++++++++++++++++++++++++++++
|
||||||
|
src/util/virhostcpu.h | 2 ++
|
||||||
|
3 files changed, 46 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
|
||||||
|
index 29b73fa046..0ecd58a12c 100644
|
||||||
|
--- a/src/libvirt_private.syms
|
||||||
|
+++ b/src/libvirt_private.syms
|
||||||
|
@@ -1811,6 +1811,7 @@ virHostCPUGetCount;
|
||||||
|
virHostCPUGetInfo;
|
||||||
|
virHostCPUGetKVMMaxVCPUs;
|
||||||
|
virHostCPUGetMap;
|
||||||
|
+virHostCPUGetMicrocodeVersion;
|
||||||
|
virHostCPUGetOnline;
|
||||||
|
virHostCPUGetOnlineBitmap;
|
||||||
|
virHostCPUGetPresentBitmap;
|
||||||
|
diff --git a/src/util/virhostcpu.c b/src/util/virhostcpu.c
|
||||||
|
index c485a97211..713fdec553 100644
|
||||||
|
--- a/src/util/virhostcpu.c
|
||||||
|
+++ b/src/util/virhostcpu.c
|
||||||
|
@@ -1206,3 +1206,46 @@ virHostCPUGetKVMMaxVCPUs(void)
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
#endif /* HAVE_LINUX_KVM_H */
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+#ifdef __linux__
|
||||||
|
+
|
||||||
|
+unsigned int
|
||||||
|
+virHostCPUGetMicrocodeVersion(void)
|
||||||
|
+{
|
||||||
|
+ char *outbuf = NULL;
|
||||||
|
+ char *cur;
|
||||||
|
+ unsigned int version = 0;
|
||||||
|
+
|
||||||
|
+ if (virFileReadHeaderQuiet(CPUINFO_PATH, 4096, &outbuf) < 0) {
|
||||||
|
+ char ebuf[1024];
|
||||||
|
+ VIR_DEBUG("Failed to read microcode version from %s: %s",
|
||||||
|
+ CPUINFO_PATH, virStrerror(errno, ebuf, sizeof(ebuf)));
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ /* Account for format 'microcode : XXXX'*/
|
||||||
|
+ if (!(cur = strstr(outbuf, "microcode")) ||
|
||||||
|
+ !(cur = strchr(cur, ':')))
|
||||||
|
+ goto cleanup;
|
||||||
|
+ cur++;
|
||||||
|
+
|
||||||
|
+ /* Linux places the microcode revision in a 32-bit integer, so
|
||||||
|
+ * ui is fine for us too. */
|
||||||
|
+ if (virStrToLong_ui(cur, &cur, 0, &version) < 0)
|
||||||
|
+ goto cleanup;
|
||||||
|
+
|
||||||
|
+ cleanup:
|
||||||
|
+ VIR_FREE(outbuf);
|
||||||
|
+ return version;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+#else
|
||||||
|
+
|
||||||
|
+unsigned int
|
||||||
|
+virHostCPUGetMicrocodeVersion(void)
|
||||||
|
+{
|
||||||
|
+ return 0;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+#endif
|
||||||
|
diff --git a/src/util/virhostcpu.h b/src/util/virhostcpu.h
|
||||||
|
index 67033de842..f9f3359288 100644
|
||||||
|
--- a/src/util/virhostcpu.h
|
||||||
|
+++ b/src/util/virhostcpu.h
|
||||||
|
@@ -66,4 +66,6 @@ virBitmapPtr virHostCPUGetSiblingsList(unsigned int cpu);
|
||||||
|
|
||||||
|
int virHostCPUGetOnline(unsigned int cpu, bool *online);
|
||||||
|
|
||||||
|
+unsigned int virHostCPUGetMicrocodeVersion(void);
|
||||||
|
+
|
||||||
|
#endif /* __VIR_HOSTCPU_H__*/
|
||||||
|
--
|
||||||
|
2.17.0
|
||||||
|
|
51
1003-cpu_x86-Rename-virCPUx86MapInitialize.patch
Normal file
51
1003-cpu_x86-Rename-virCPUx86MapInitialize.patch
Normal file
@ -0,0 +1,51 @@
|
|||||||
|
From a0ad8c160ed81417e4d5b46adf3118df1b6b1b77 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jiri Denemark <jdenemar@redhat.com>
|
||||||
|
Date: Wed, 13 Dec 2017 22:30:31 +0100
|
||||||
|
Subject: [PATCH 14/19] cpu_x86: Rename virCPUx86MapInitialize
|
||||||
|
|
||||||
|
The function will be used to initialize internal data of the x86 CPU
|
||||||
|
driver (including the CPU map).
|
||||||
|
|
||||||
|
CVE-2017-5715
|
||||||
|
|
||||||
|
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||||
|
---
|
||||||
|
src/cpu/cpu_x86.c | 8 ++++----
|
||||||
|
1 file changed, 4 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/cpu/cpu_x86.c b/src/cpu/cpu_x86.c
|
||||||
|
index 3b7a6f95fe..0cb0dcacb3 100644
|
||||||
|
--- a/src/cpu/cpu_x86.c
|
||||||
|
+++ b/src/cpu/cpu_x86.c
|
||||||
|
@@ -153,8 +153,8 @@ struct _virCPUx86Map {
|
||||||
|
};
|
||||||
|
|
||||||
|
static virCPUx86MapPtr cpuMap;
|
||||||
|
-int virCPUx86MapOnceInit(void);
|
||||||
|
-VIR_ONCE_GLOBAL_INIT(virCPUx86Map);
|
||||||
|
+int virCPUx86DriverOnceInit(void);
|
||||||
|
+VIR_ONCE_GLOBAL_INIT(virCPUx86Driver);
|
||||||
|
|
||||||
|
|
||||||
|
typedef enum {
|
||||||
|
@@ -1387,7 +1387,7 @@ virCPUx86LoadMap(void)
|
||||||
|
|
||||||
|
|
||||||
|
int
|
||||||
|
-virCPUx86MapOnceInit(void)
|
||||||
|
+virCPUx86DriverOnceInit(void)
|
||||||
|
{
|
||||||
|
if (!(cpuMap = virCPUx86LoadMap()))
|
||||||
|
return -1;
|
||||||
|
@@ -1399,7 +1399,7 @@ virCPUx86MapOnceInit(void)
|
||||||
|
static virCPUx86MapPtr
|
||||||
|
virCPUx86GetMap(void)
|
||||||
|
{
|
||||||
|
- if (virCPUx86MapInitialize() < 0)
|
||||||
|
+ if (virCPUx86DriverInitialize() < 0)
|
||||||
|
return NULL;
|
||||||
|
|
||||||
|
return cpuMap;
|
||||||
|
--
|
||||||
|
2.17.0
|
||||||
|
|
133
1004-conf-include-x86-microcode-version-in-virsh-capabilt.patch
Normal file
133
1004-conf-include-x86-microcode-version-in-virsh-capabilt.patch
Normal file
@ -0,0 +1,133 @@
|
|||||||
|
From c628c42493170bfd70f30d9fb56d0067e6e4828a Mon Sep 17 00:00:00 2001
|
||||||
|
From: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
Date: Tue, 19 Jun 2018 16:47:20 +0100
|
||||||
|
Subject: [PATCH 15/19] conf: include x86 microcode version in virsh
|
||||||
|
capabiltiies
|
||||||
|
|
||||||
|
A microcode update can cause the CPUID bits to change; an example
|
||||||
|
from the past was the update that disabled TSX on several Haswell and
|
||||||
|
Broadwell machines.
|
||||||
|
|
||||||
|
In order to track the x86 microcode version in the QEMU capabilities,
|
||||||
|
we have to fetch it and store it in the host CPU. This also makes the
|
||||||
|
version visible in "virsh capabilities", which is a nice side effect.
|
||||||
|
|
||||||
|
CVE-2017-5715
|
||||||
|
|
||||||
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||||
|
---
|
||||||
|
src/conf/cpu_conf.c | 14 ++++++++++++++
|
||||||
|
src/conf/cpu_conf.h | 1 +
|
||||||
|
src/cpu/cpu_x86.c | 9 +++++++++
|
||||||
|
3 files changed, 24 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/conf/cpu_conf.c b/src/conf/cpu_conf.c
|
||||||
|
index c21d11d244..3f3c25320e 100644
|
||||||
|
--- a/src/conf/cpu_conf.c
|
||||||
|
+++ b/src/conf/cpu_conf.c
|
||||||
|
@@ -127,6 +127,7 @@ virCPUDefCopyModelFilter(virCPUDefPtr dst,
|
||||||
|
VIR_STRDUP(dst->vendor_id, src->vendor_id) < 0 ||
|
||||||
|
VIR_ALLOC_N(dst->features, src->nfeatures) < 0)
|
||||||
|
return -1;
|
||||||
|
+ dst->microcodeVersion = src->microcodeVersion;
|
||||||
|
dst->nfeatures_max = src->nfeatures;
|
||||||
|
dst->nfeatures = 0;
|
||||||
|
|
||||||
|
@@ -178,6 +179,7 @@ virCPUDefStealModel(virCPUDefPtr dst,
|
||||||
|
|
||||||
|
VIR_STEAL_PTR(dst->model, src->model);
|
||||||
|
VIR_STEAL_PTR(dst->features, src->features);
|
||||||
|
+ dst->microcodeVersion = src->microcodeVersion;
|
||||||
|
dst->nfeatures_max = src->nfeatures_max;
|
||||||
|
src->nfeatures_max = 0;
|
||||||
|
dst->nfeatures = src->nfeatures;
|
||||||
|
@@ -379,6 +381,14 @@ virCPUDefParseXML(xmlXPathContextPtr ctxt,
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
VIR_FREE(arch);
|
||||||
|
+
|
||||||
|
+ if (virXPathBoolean("boolean(./microcode[1]/@version)", ctxt) > 0 &&
|
||||||
|
+ virXPathUInt("string(./microcode[1]/@version)", ctxt,
|
||||||
|
+ &def->microcodeVersion) < 0) {
|
||||||
|
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
|
||||||
|
+ _("invalid microcode version"));
|
||||||
|
+ goto cleanup;
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!(def->model = virXPathString("string(./model[1])", ctxt)) &&
|
||||||
|
@@ -723,6 +733,10 @@ virCPUDefFormatBuf(virBufferPtr buf,
|
||||||
|
if (formatModel && def->vendor)
|
||||||
|
virBufferEscapeString(buf, "<vendor>%s</vendor>\n", def->vendor);
|
||||||
|
|
||||||
|
+ if (def->type == VIR_CPU_TYPE_HOST && def->microcodeVersion)
|
||||||
|
+ virBufferAsprintf(buf, "<microcode version='%u'/>\n",
|
||||||
|
+ def->microcodeVersion);
|
||||||
|
+
|
||||||
|
if (def->sockets && def->cores && def->threads) {
|
||||||
|
virBufferAddLit(buf, "<topology");
|
||||||
|
virBufferAsprintf(buf, " sockets='%u'", def->sockets);
|
||||||
|
diff --git a/src/conf/cpu_conf.h b/src/conf/cpu_conf.h
|
||||||
|
index b44974f47e..a30ecf8681 100644
|
||||||
|
--- a/src/conf/cpu_conf.h
|
||||||
|
+++ b/src/conf/cpu_conf.h
|
||||||
|
@@ -133,6 +133,7 @@ struct _virCPUDef {
|
||||||
|
char *vendor_id; /* vendor id returned by CPUID in the guest */
|
||||||
|
int fallback; /* enum virCPUFallback */
|
||||||
|
char *vendor;
|
||||||
|
+ unsigned int microcodeVersion;
|
||||||
|
unsigned int sockets;
|
||||||
|
unsigned int cores;
|
||||||
|
unsigned int threads;
|
||||||
|
diff --git a/src/cpu/cpu_x86.c b/src/cpu/cpu_x86.c
|
||||||
|
index 0cb0dcacb3..41aaa61c35 100644
|
||||||
|
--- a/src/cpu/cpu_x86.c
|
||||||
|
+++ b/src/cpu/cpu_x86.c
|
||||||
|
@@ -33,6 +33,7 @@
|
||||||
|
#include "virbuffer.h"
|
||||||
|
#include "virendian.h"
|
||||||
|
#include "virstring.h"
|
||||||
|
+#include "virhostcpu.h"
|
||||||
|
|
||||||
|
#define VIR_FROM_THIS VIR_FROM_CPU
|
||||||
|
|
||||||
|
@@ -153,6 +154,8 @@ struct _virCPUx86Map {
|
||||||
|
};
|
||||||
|
|
||||||
|
static virCPUx86MapPtr cpuMap;
|
||||||
|
+static unsigned int microcodeVersion;
|
||||||
|
+
|
||||||
|
int virCPUx86DriverOnceInit(void);
|
||||||
|
VIR_ONCE_GLOBAL_INIT(virCPUx86Driver);
|
||||||
|
|
||||||
|
@@ -1392,6 +1395,8 @@ virCPUx86DriverOnceInit(void)
|
||||||
|
if (!(cpuMap = virCPUx86LoadMap()))
|
||||||
|
return -1;
|
||||||
|
|
||||||
|
+ microcodeVersion = virHostCPUGetMicrocodeVersion();
|
||||||
|
+
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -2409,6 +2414,9 @@ virCPUx86GetHost(virCPUDefPtr cpu,
|
||||||
|
virCPUDataPtr cpuData = NULL;
|
||||||
|
int ret = -1;
|
||||||
|
|
||||||
|
+ if (virCPUx86DriverInitialize() < 0)
|
||||||
|
+ goto cleanup;
|
||||||
|
+
|
||||||
|
if (!(cpuData = virCPUDataNew(archs[0])))
|
||||||
|
goto cleanup;
|
||||||
|
|
||||||
|
@@ -2417,6 +2425,7 @@ virCPUx86GetHost(virCPUDefPtr cpu,
|
||||||
|
goto cleanup;
|
||||||
|
|
||||||
|
ret = x86DecodeCPUData(cpu, cpuData, models, nmodels, NULL);
|
||||||
|
+ cpu->microcodeVersion = microcodeVersion;
|
||||||
|
|
||||||
|
cleanup:
|
||||||
|
virCPUx86DataFree(cpuData);
|
||||||
|
--
|
||||||
|
2.17.0
|
||||||
|
|
535
1005-qemu-capabilities-force-update-if-the-microcode-vers.patch
Normal file
535
1005-qemu-capabilities-force-update-if-the-microcode-vers.patch
Normal file
@ -0,0 +1,535 @@
|
|||||||
|
From a31edb693bb79f1ad8931db284f1dbceae178f27 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
Date: Tue, 19 Jun 2018 16:50:02 +0100
|
||||||
|
Subject: [PATCH 16/19] qemu: capabilities: force update if the microcode
|
||||||
|
version does not match
|
||||||
|
|
||||||
|
A microcode update can cause the CPUID bits to change; an example
|
||||||
|
from the past was the update that disabled TSX on several Haswell
|
||||||
|
and Broadwell machines.
|
||||||
|
|
||||||
|
Therefore, place microcode version in the virQEMUCaps struct and
|
||||||
|
XML, and rebuild the cache if the versions do not match.
|
||||||
|
|
||||||
|
CVE-2017-5715
|
||||||
|
|
||||||
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||||
|
---
|
||||||
|
src/qemu/qemu_capabilities.c | 40 ++++++++++++++++++-
|
||||||
|
src/qemu/qemu_capabilities.h | 6 ++-
|
||||||
|
src/qemu/qemu_capspriv.h | 6 +++
|
||||||
|
src/qemu/qemu_driver.c | 9 ++++-
|
||||||
|
.../caps_1.2.2.x86_64.xml | 1 +
|
||||||
|
.../caps_1.3.1.x86_64.xml | 1 +
|
||||||
|
.../caps_1.4.2.x86_64.xml | 1 +
|
||||||
|
.../caps_1.5.3.x86_64.xml | 1 +
|
||||||
|
.../caps_1.6.0.x86_64.xml | 1 +
|
||||||
|
.../caps_1.7.0.x86_64.xml | 1 +
|
||||||
|
.../caps_2.1.1.x86_64.xml | 1 +
|
||||||
|
.../caps_2.4.0.x86_64.xml | 1 +
|
||||||
|
.../caps_2.5.0.x86_64.xml | 1 +
|
||||||
|
.../caps_2.6.0-gicv2.aarch64.xml | 1 +
|
||||||
|
.../caps_2.6.0-gicv3.aarch64.xml | 1 +
|
||||||
|
.../caps_2.6.0.ppc64le.xml | 1 +
|
||||||
|
.../caps_2.6.0.x86_64.xml | 1 +
|
||||||
|
.../qemucapabilitiesdata/caps_2.7.0.s390x.xml | 1 +
|
||||||
|
.../caps_2.7.0.x86_64.xml | 1 +
|
||||||
|
.../qemucapabilitiesdata/caps_2.8.0.s390x.xml | 1 +
|
||||||
|
.../caps_2.8.0.x86_64.xml | 1 +
|
||||||
|
.../caps_2.9.0.ppc64le.xml | 1 +
|
||||||
|
.../qemucapabilitiesdata/caps_2.9.0.s390x.xml | 1 +
|
||||||
|
.../caps_2.9.0.x86_64.xml | 1 +
|
||||||
|
tests/qemucapabilitiestest.c | 14 +++++--
|
||||||
|
tests/qemucapsprobe.c | 2 +-
|
||||||
|
tests/testutilsqemu.c | 2 +-
|
||||||
|
27 files changed, 89 insertions(+), 10 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
|
||||||
|
index 2de84715ea..72b70ce750 100644
|
||||||
|
--- a/src/qemu/qemu_capabilities.c
|
||||||
|
+++ b/src/qemu/qemu_capabilities.c
|
||||||
|
@@ -500,6 +500,7 @@ struct _virQEMUCaps {
|
||||||
|
unsigned int version;
|
||||||
|
unsigned int kvmVersion;
|
||||||
|
unsigned int libvirtVersion;
|
||||||
|
+ unsigned int microcodeVersion;
|
||||||
|
char *package;
|
||||||
|
|
||||||
|
virArch arch;
|
||||||
|
@@ -2304,6 +2305,7 @@ virQEMUCapsPtr virQEMUCapsNewCopy(virQEMUCapsPtr qemuCaps)
|
||||||
|
|
||||||
|
ret->version = qemuCaps->version;
|
||||||
|
ret->kvmVersion = qemuCaps->kvmVersion;
|
||||||
|
+ ret->microcodeVersion = qemuCaps->microcodeVersion;
|
||||||
|
|
||||||
|
if (VIR_STRDUP(ret->package, qemuCaps->package) < 0)
|
||||||
|
goto error;
|
||||||
|
@@ -3809,6 +3811,7 @@ struct _virQEMUCapsCachePriv {
|
||||||
|
uid_t runUid;
|
||||||
|
gid_t runGid;
|
||||||
|
virArch hostArch;
|
||||||
|
+ unsigned int microcodeVersion;
|
||||||
|
};
|
||||||
|
typedef struct _virQEMUCapsCachePriv virQEMUCapsCachePriv;
|
||||||
|
typedef virQEMUCapsCachePriv *virQEMUCapsCachePrivPtr;
|
||||||
|
@@ -3931,6 +3934,13 @@ virQEMUCapsLoadCache(virArch hostArch,
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (virXPathUInt("string(./microcodeVersion)", ctxt,
|
||||||
|
+ &qemuCaps->microcodeVersion) < 0) {
|
||||||
|
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
|
||||||
|
+ _("missing microcode version in QEMU capabilities cache"));
|
||||||
|
+ goto cleanup;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
if (virXPathBoolean("boolean(./package)", ctxt) > 0) {
|
||||||
|
qemuCaps->package = virXPathString("string(./package)", ctxt);
|
||||||
|
if (!qemuCaps->package &&
|
||||||
|
@@ -4195,6 +4205,9 @@ virQEMUCapsFormatCache(virQEMUCapsPtr qemuCaps)
|
||||||
|
virBufferAsprintf(&buf, "<kvmVersion>%d</kvmVersion>\n",
|
||||||
|
qemuCaps->kvmVersion);
|
||||||
|
|
||||||
|
+ virBufferAsprintf(&buf, "<microcodeVersion>%u</microcodeVersion>\n",
|
||||||
|
+ qemuCaps->microcodeVersion);
|
||||||
|
+
|
||||||
|
if (qemuCaps->package)
|
||||||
|
virBufferAsprintf(&buf, "<package>%s</package>\n",
|
||||||
|
qemuCaps->package);
|
||||||
|
@@ -4336,6 +4349,16 @@ virQEMUCapsIsValid(void *data,
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_KVM) &&
|
||||||
|
+ priv->microcodeVersion != qemuCaps->microcodeVersion) {
|
||||||
|
+ VIR_DEBUG("Outdated capabilities for '%s': microcode version changed "
|
||||||
|
+ "(%u vs %u)",
|
||||||
|
+ qemuCaps->binary,
|
||||||
|
+ priv->microcodeVersion,
|
||||||
|
+ qemuCaps->microcodeVersion);
|
||||||
|
+ return false;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -5151,6 +5174,7 @@ virQEMUCapsNewForBinaryInternal(virArch hostArch,
|
||||||
|
const char *libDir,
|
||||||
|
uid_t runUid,
|
||||||
|
gid_t runGid,
|
||||||
|
+ unsigned int microcodeVersion,
|
||||||
|
bool qmpOnly)
|
||||||
|
{
|
||||||
|
virQEMUCapsPtr qemuCaps;
|
||||||
|
@@ -5207,6 +5231,9 @@ virQEMUCapsNewForBinaryInternal(virArch hostArch,
|
||||||
|
virQEMUCapsInitHostCPUModel(qemuCaps, hostArch, VIR_DOMAIN_VIRT_KVM);
|
||||||
|
virQEMUCapsInitHostCPUModel(qemuCaps, hostArch, VIR_DOMAIN_VIRT_QEMU);
|
||||||
|
|
||||||
|
+ if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_KVM))
|
||||||
|
+ qemuCaps->microcodeVersion = microcodeVersion;
|
||||||
|
+
|
||||||
|
cleanup:
|
||||||
|
VIR_FREE(qmperr);
|
||||||
|
return qemuCaps;
|
||||||
|
@@ -5228,6 +5255,7 @@ virQEMUCapsNewData(const char *binary,
|
||||||
|
priv->libDir,
|
||||||
|
priv->runUid,
|
||||||
|
priv->runGid,
|
||||||
|
+ priv->microcodeVersion,
|
||||||
|
false);
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -5310,7 +5338,8 @@ virFileCachePtr
|
||||||
|
virQEMUCapsCacheNew(const char *libDir,
|
||||||
|
const char *cacheDir,
|
||||||
|
uid_t runUid,
|
||||||
|
- gid_t runGid)
|
||||||
|
+ gid_t runGid,
|
||||||
|
+ unsigned int microcodeVersion)
|
||||||
|
{
|
||||||
|
char *capsCacheDir = NULL;
|
||||||
|
virFileCachePtr cache = NULL;
|
||||||
|
@@ -5333,6 +5362,7 @@ virQEMUCapsCacheNew(const char *libDir,
|
||||||
|
|
||||||
|
priv->runUid = runUid;
|
||||||
|
priv->runGid = runGid;
|
||||||
|
+ priv->microcodeVersion = microcodeVersion;
|
||||||
|
|
||||||
|
cleanup:
|
||||||
|
VIR_FREE(capsCacheDir);
|
||||||
|
@@ -5810,3 +5840,11 @@ virQEMUCapsFillDomainCaps(virCapsPtr caps,
|
||||||
|
return -1;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+void
|
||||||
|
+virQEMUCapsSetMicrocodeVersion(virQEMUCapsPtr qemuCaps,
|
||||||
|
+ unsigned int microcodeVersion)
|
||||||
|
+{
|
||||||
|
+ qemuCaps->microcodeVersion = microcodeVersion;
|
||||||
|
+}
|
||||||
|
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
|
||||||
|
index 9c92d6b469..eea296c9c3 100644
|
||||||
|
--- a/src/qemu/qemu_capabilities.h
|
||||||
|
+++ b/src/qemu/qemu_capabilities.h
|
||||||
|
@@ -514,8 +514,10 @@ void virQEMUCapsFilterByMachineType(virQEMUCapsPtr qemuCaps,
|
||||||
|
const char *machineType);
|
||||||
|
|
||||||
|
virFileCachePtr virQEMUCapsCacheNew(const char *libDir,
|
||||||
|
- const char *cacheDir,
|
||||||
|
- uid_t uid, gid_t gid);
|
||||||
|
+ const char *cacheDir,
|
||||||
|
+ uid_t uid,
|
||||||
|
+ gid_t gid,
|
||||||
|
+ unsigned int microcodeVersion);
|
||||||
|
virQEMUCapsPtr virQEMUCapsCacheLookup(virFileCachePtr cache,
|
||||||
|
const char *binary);
|
||||||
|
virQEMUCapsPtr virQEMUCapsCacheLookupCopy(virFileCachePtr cache,
|
||||||
|
diff --git a/src/qemu/qemu_capspriv.h b/src/qemu/qemu_capspriv.h
|
||||||
|
index d05256bd35..38c14ffa01 100644
|
||||||
|
--- a/src/qemu/qemu_capspriv.h
|
||||||
|
+++ b/src/qemu/qemu_capspriv.h
|
||||||
|
@@ -36,6 +36,7 @@ virQEMUCapsNewForBinaryInternal(virArch hostArch,
|
||||||
|
const char *libDir,
|
||||||
|
uid_t runUid,
|
||||||
|
gid_t runGid,
|
||||||
|
+ unsigned int microcodeVersion,
|
||||||
|
bool qmpOnly);
|
||||||
|
|
||||||
|
int virQEMUCapsLoadCache(virArch hostArch,
|
||||||
|
@@ -101,4 +102,9 @@ virQEMUCapsParseHelpStr(const char *qemu,
|
||||||
|
int
|
||||||
|
virQEMUCapsParseDeviceStr(virQEMUCapsPtr qemuCaps,
|
||||||
|
const char *str);
|
||||||
|
+
|
||||||
|
+void
|
||||||
|
+virQEMUCapsSetMicrocodeVersion(virQEMUCapsPtr qemuCaps,
|
||||||
|
+ unsigned int microcodeVersion);
|
||||||
|
+
|
||||||
|
#endif
|
||||||
|
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
|
||||||
|
index 208ccc9bc3..d8dc5388ea 100644
|
||||||
|
--- a/src/qemu/qemu_driver.c
|
||||||
|
+++ b/src/qemu/qemu_driver.c
|
||||||
|
@@ -631,6 +631,8 @@ qemuStateInitialize(bool privileged,
|
||||||
|
gid_t run_gid = -1;
|
||||||
|
char *hugepagePath = NULL;
|
||||||
|
size_t i;
|
||||||
|
+ virCPUDefPtr hostCPU = NULL;
|
||||||
|
+ unsigned int microcodeVersion = 0;
|
||||||
|
|
||||||
|
if (VIR_ALLOC(qemu_driver) < 0)
|
||||||
|
return -1;
|
||||||
|
@@ -853,10 +855,15 @@ qemuStateInitialize(bool privileged,
|
||||||
|
run_gid = cfg->group;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if ((hostCPU = virCPUProbeHost(virArchFromHost())))
|
||||||
|
+ microcodeVersion = hostCPU->microcodeVersion;
|
||||||
|
+ virCPUDefFree(hostCPU);
|
||||||
|
+
|
||||||
|
qemu_driver->qemuCapsCache = virQEMUCapsCacheNew(cfg->libDir,
|
||||||
|
cfg->cacheDir,
|
||||||
|
run_uid,
|
||||||
|
- run_gid);
|
||||||
|
+ run_gid,
|
||||||
|
+ microcodeVersion);
|
||||||
|
if (!qemu_driver->qemuCapsCache)
|
||||||
|
goto error;
|
||||||
|
|
||||||
|
diff --git a/tests/qemucapabilitiesdata/caps_1.2.2.x86_64.xml b/tests/qemucapabilitiesdata/caps_1.2.2.x86_64.xml
|
||||||
|
index 956284d5d3..f3f66cd8f5 100644
|
||||||
|
--- a/tests/qemucapabilitiesdata/caps_1.2.2.x86_64.xml
|
||||||
|
+++ b/tests/qemucapabilitiesdata/caps_1.2.2.x86_64.xml
|
||||||
|
@@ -111,6 +111,7 @@
|
||||||
|
<flag name='query-cpu-definitions'/>
|
||||||
|
<version>1002002</version>
|
||||||
|
<kvmVersion>0</kvmVersion>
|
||||||
|
+ <microcodeVersion>26900</microcodeVersion>
|
||||||
|
<package></package>
|
||||||
|
<arch>x86_64</arch>
|
||||||
|
<cpu type='kvm' name='qemu64'/>
|
||||||
|
diff --git a/tests/qemucapabilitiesdata/caps_1.3.1.x86_64.xml b/tests/qemucapabilitiesdata/caps_1.3.1.x86_64.xml
|
||||||
|
index 99384ce5e6..1c4d5ff4a4 100644
|
||||||
|
--- a/tests/qemucapabilitiesdata/caps_1.3.1.x86_64.xml
|
||||||
|
+++ b/tests/qemucapabilitiesdata/caps_1.3.1.x86_64.xml
|
||||||
|
@@ -129,6 +129,7 @@
|
||||||
|
<flag name='query-cpu-definitions'/>
|
||||||
|
<version>1003001</version>
|
||||||
|
<kvmVersion>0</kvmVersion>
|
||||||
|
+ <microcodeVersion>30198</microcodeVersion>
|
||||||
|
<package></package>
|
||||||
|
<arch>x86_64</arch>
|
||||||
|
<cpu type='kvm' name='qemu64'/>
|
||||||
|
diff --git a/tests/qemucapabilitiesdata/caps_1.4.2.x86_64.xml b/tests/qemucapabilitiesdata/caps_1.4.2.x86_64.xml
|
||||||
|
index aea043c57d..a50383c259 100644
|
||||||
|
--- a/tests/qemucapabilitiesdata/caps_1.4.2.x86_64.xml
|
||||||
|
+++ b/tests/qemucapabilitiesdata/caps_1.4.2.x86_64.xml
|
||||||
|
@@ -130,6 +130,7 @@
|
||||||
|
<flag name='query-cpu-definitions'/>
|
||||||
|
<version>1004002</version>
|
||||||
|
<kvmVersion>0</kvmVersion>
|
||||||
|
+ <microcodeVersion>30915</microcodeVersion>
|
||||||
|
<package></package>
|
||||||
|
<arch>x86_64</arch>
|
||||||
|
<cpu type='kvm' name='Opteron_G5'/>
|
||||||
|
diff --git a/tests/qemucapabilitiesdata/caps_1.5.3.x86_64.xml b/tests/qemucapabilitiesdata/caps_1.5.3.x86_64.xml
|
||||||
|
index 6f860e4f25..ad3e122775 100644
|
||||||
|
--- a/tests/qemucapabilitiesdata/caps_1.5.3.x86_64.xml
|
||||||
|
+++ b/tests/qemucapabilitiesdata/caps_1.5.3.x86_64.xml
|
||||||
|
@@ -142,6 +142,7 @@
|
||||||
|
<flag name='kernel-irqchip'/>
|
||||||
|
<version>1005003</version>
|
||||||
|
<kvmVersion>0</kvmVersion>
|
||||||
|
+ <microcodeVersion>47019</microcodeVersion>
|
||||||
|
<package></package>
|
||||||
|
<arch>x86_64</arch>
|
||||||
|
<cpu type='kvm' name='Opteron_G5'/>
|
||||||
|
diff --git a/tests/qemucapabilitiesdata/caps_1.6.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_1.6.0.x86_64.xml
|
||||||
|
index e5dc8360de..7b2324d697 100644
|
||||||
|
--- a/tests/qemucapabilitiesdata/caps_1.6.0.x86_64.xml
|
||||||
|
+++ b/tests/qemucapabilitiesdata/caps_1.6.0.x86_64.xml
|
||||||
|
@@ -147,6 +147,7 @@
|
||||||
|
<flag name='kernel-irqchip'/>
|
||||||
|
<version>1006000</version>
|
||||||
|
<kvmVersion>0</kvmVersion>
|
||||||
|
+ <microcodeVersion>45248</microcodeVersion>
|
||||||
|
<package></package>
|
||||||
|
<arch>x86_64</arch>
|
||||||
|
<cpu type='kvm' name='Opteron_G5'/>
|
||||||
|
diff --git a/tests/qemucapabilitiesdata/caps_1.7.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_1.7.0.x86_64.xml
|
||||||
|
index 86d87eaf0c..4ba509a753 100644
|
||||||
|
--- a/tests/qemucapabilitiesdata/caps_1.7.0.x86_64.xml
|
||||||
|
+++ b/tests/qemucapabilitiesdata/caps_1.7.0.x86_64.xml
|
||||||
|
@@ -149,6 +149,7 @@
|
||||||
|
<flag name='kernel-irqchip'/>
|
||||||
|
<version>1007000</version>
|
||||||
|
<kvmVersion>0</kvmVersion>
|
||||||
|
+ <microcodeVersion>50692</microcodeVersion>
|
||||||
|
<package></package>
|
||||||
|
<arch>x86_64</arch>
|
||||||
|
<cpu type='kvm' name='Opteron_G5'/>
|
||||||
|
diff --git a/tests/qemucapabilitiesdata/caps_2.1.1.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.1.1.x86_64.xml
|
||||||
|
index 2fa551b1a0..416703ac89 100644
|
||||||
|
--- a/tests/qemucapabilitiesdata/caps_2.1.1.x86_64.xml
|
||||||
|
+++ b/tests/qemucapabilitiesdata/caps_2.1.1.x86_64.xml
|
||||||
|
@@ -165,6 +165,7 @@
|
||||||
|
<flag name='kernel-irqchip'/>
|
||||||
|
<version>2001001</version>
|
||||||
|
<kvmVersion>0</kvmVersion>
|
||||||
|
+ <microcodeVersion>59488</microcodeVersion>
|
||||||
|
<package></package>
|
||||||
|
<arch>x86_64</arch>
|
||||||
|
<cpu type='kvm' name='Opteron_G5'/>
|
||||||
|
diff --git a/tests/qemucapabilitiesdata/caps_2.4.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.4.0.x86_64.xml
|
||||||
|
index f97e4cb813..4550139e0c 100644
|
||||||
|
--- a/tests/qemucapabilitiesdata/caps_2.4.0.x86_64.xml
|
||||||
|
+++ b/tests/qemucapabilitiesdata/caps_2.4.0.x86_64.xml
|
||||||
|
@@ -190,6 +190,7 @@
|
||||||
|
<flag name='virtio-gpu.max_outputs'/>
|
||||||
|
<version>2004000</version>
|
||||||
|
<kvmVersion>0</kvmVersion>
|
||||||
|
+ <microcodeVersion>75653</microcodeVersion>
|
||||||
|
<package></package>
|
||||||
|
<arch>x86_64</arch>
|
||||||
|
<cpu type='kvm' name='Opteron_G5'/>
|
||||||
|
diff --git a/tests/qemucapabilitiesdata/caps_2.5.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.5.0.x86_64.xml
|
||||||
|
index 2ba40fc494..6072438688 100644
|
||||||
|
--- a/tests/qemucapabilitiesdata/caps_2.5.0.x86_64.xml
|
||||||
|
+++ b/tests/qemucapabilitiesdata/caps_2.5.0.x86_64.xml
|
||||||
|
@@ -196,6 +196,7 @@
|
||||||
|
<flag name='virtio-gpu.max_outputs'/>
|
||||||
|
<version>2005000</version>
|
||||||
|
<kvmVersion>0</kvmVersion>
|
||||||
|
+ <microcodeVersion>216775</microcodeVersion>
|
||||||
|
<package></package>
|
||||||
|
<arch>x86_64</arch>
|
||||||
|
<cpu type='kvm' name='Opteron_G5'/>
|
||||||
|
diff --git a/tests/qemucapabilitiesdata/caps_2.6.0-gicv2.aarch64.xml b/tests/qemucapabilitiesdata/caps_2.6.0-gicv2.aarch64.xml
|
||||||
|
index 0b34fa30d4..6fc0ab25e0 100644
|
||||||
|
--- a/tests/qemucapabilitiesdata/caps_2.6.0-gicv2.aarch64.xml
|
||||||
|
+++ b/tests/qemucapabilitiesdata/caps_2.6.0-gicv2.aarch64.xml
|
||||||
|
@@ -174,6 +174,7 @@
|
||||||
|
<flag name='virtio-gpu.max_outputs'/>
|
||||||
|
<version>2006000</version>
|
||||||
|
<kvmVersion>0</kvmVersion>
|
||||||
|
+ <microcodeVersion>228838</microcodeVersion>
|
||||||
|
<package></package>
|
||||||
|
<arch>aarch64</arch>
|
||||||
|
<cpu type='kvm' name='pxa262'/>
|
||||||
|
diff --git a/tests/qemucapabilitiesdata/caps_2.6.0-gicv3.aarch64.xml b/tests/qemucapabilitiesdata/caps_2.6.0-gicv3.aarch64.xml
|
||||||
|
index d41d578c7e..1846bf6a7c 100644
|
||||||
|
--- a/tests/qemucapabilitiesdata/caps_2.6.0-gicv3.aarch64.xml
|
||||||
|
+++ b/tests/qemucapabilitiesdata/caps_2.6.0-gicv3.aarch64.xml
|
||||||
|
@@ -174,6 +174,7 @@
|
||||||
|
<flag name='virtio-gpu.max_outputs'/>
|
||||||
|
<version>2006000</version>
|
||||||
|
<kvmVersion>0</kvmVersion>
|
||||||
|
+ <microcodeVersion>228838</microcodeVersion>
|
||||||
|
<package></package>
|
||||||
|
<arch>aarch64</arch>
|
||||||
|
<cpu type='kvm' name='pxa262'/>
|
||||||
|
diff --git a/tests/qemucapabilitiesdata/caps_2.6.0.ppc64le.xml b/tests/qemucapabilitiesdata/caps_2.6.0.ppc64le.xml
|
||||||
|
index f1c9fc98a4..199fc2cd22 100644
|
||||||
|
--- a/tests/qemucapabilitiesdata/caps_2.6.0.ppc64le.xml
|
||||||
|
+++ b/tests/qemucapabilitiesdata/caps_2.6.0.ppc64le.xml
|
||||||
|
@@ -169,6 +169,7 @@
|
||||||
|
<flag name='virtio-gpu.max_outputs'/>
|
||||||
|
<version>2006000</version>
|
||||||
|
<kvmVersion>0</kvmVersion>
|
||||||
|
+ <microcodeVersion>263602</microcodeVersion>
|
||||||
|
<package></package>
|
||||||
|
<arch>ppc64</arch>
|
||||||
|
<cpu type='kvm' name='default'/>
|
||||||
|
diff --git a/tests/qemucapabilitiesdata/caps_2.6.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.6.0.x86_64.xml
|
||||||
|
index bdf006f6be..5897fbc0c9 100644
|
||||||
|
--- a/tests/qemucapabilitiesdata/caps_2.6.0.x86_64.xml
|
||||||
|
+++ b/tests/qemucapabilitiesdata/caps_2.6.0.x86_64.xml
|
||||||
|
@@ -206,6 +206,7 @@
|
||||||
|
<flag name='virtio-gpu.max_outputs'/>
|
||||||
|
<version>2006000</version>
|
||||||
|
<kvmVersion>0</kvmVersion>
|
||||||
|
+ <microcodeVersion>227579</microcodeVersion>
|
||||||
|
<package></package>
|
||||||
|
<arch>x86_64</arch>
|
||||||
|
<cpu type='kvm' name='Opteron_G5'/>
|
||||||
|
diff --git a/tests/qemucapabilitiesdata/caps_2.7.0.s390x.xml b/tests/qemucapabilitiesdata/caps_2.7.0.s390x.xml
|
||||||
|
index fe7bca93b9..4c208008be 100644
|
||||||
|
--- a/tests/qemucapabilitiesdata/caps_2.7.0.s390x.xml
|
||||||
|
+++ b/tests/qemucapabilitiesdata/caps_2.7.0.s390x.xml
|
||||||
|
@@ -136,6 +136,7 @@
|
||||||
|
<flag name='virtio-gpu.max_outputs'/>
|
||||||
|
<version>2007000</version>
|
||||||
|
<kvmVersion>0</kvmVersion>
|
||||||
|
+ <microcodeVersion>217559</microcodeVersion>
|
||||||
|
<package></package>
|
||||||
|
<arch>s390x</arch>
|
||||||
|
<cpu type='kvm' name='host'/>
|
||||||
|
diff --git a/tests/qemucapabilitiesdata/caps_2.7.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.7.0.x86_64.xml
|
||||||
|
index 3fd28f09fe..e3a154806c 100644
|
||||||
|
--- a/tests/qemucapabilitiesdata/caps_2.7.0.x86_64.xml
|
||||||
|
+++ b/tests/qemucapabilitiesdata/caps_2.7.0.x86_64.xml
|
||||||
|
@@ -209,6 +209,7 @@
|
||||||
|
<flag name='virtio-gpu.max_outputs'/>
|
||||||
|
<version>2007000</version>
|
||||||
|
<kvmVersion>0</kvmVersion>
|
||||||
|
+ <microcodeVersion>239276</microcodeVersion>
|
||||||
|
<package> (v2.7.0)</package>
|
||||||
|
<arch>x86_64</arch>
|
||||||
|
<cpu type='kvm' name='Opteron_G5'/>
|
||||||
|
diff --git a/tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml b/tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml
|
||||||
|
index 21bbb820d0..f13c783d44 100644
|
||||||
|
--- a/tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml
|
||||||
|
+++ b/tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml
|
||||||
|
@@ -138,6 +138,7 @@
|
||||||
|
<flag name='virtio-gpu.max_outputs'/>
|
||||||
|
<version>2007093</version>
|
||||||
|
<kvmVersion>0</kvmVersion>
|
||||||
|
+ <microcodeVersion>242460</microcodeVersion>
|
||||||
|
<package></package>
|
||||||
|
<arch>s390x</arch>
|
||||||
|
<hostCPU type='kvm' model='zEC12.2-base' migratability='no'>
|
||||||
|
diff --git a/tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml
|
||||||
|
index 761f9d1415..f5bd1d7272 100644
|
||||||
|
--- a/tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml
|
||||||
|
+++ b/tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml
|
||||||
|
@@ -211,6 +211,7 @@
|
||||||
|
<flag name='virtio-gpu.max_outputs'/>
|
||||||
|
<version>2008000</version>
|
||||||
|
<kvmVersion>0</kvmVersion>
|
||||||
|
+ <microcodeVersion>255931</microcodeVersion>
|
||||||
|
<package> (v2.8.0)</package>
|
||||||
|
<arch>x86_64</arch>
|
||||||
|
<cpu type='kvm' name='host' usable='yes'/>
|
||||||
|
diff --git a/tests/qemucapabilitiesdata/caps_2.9.0.ppc64le.xml b/tests/qemucapabilitiesdata/caps_2.9.0.ppc64le.xml
|
||||||
|
index 9551907c66..2d1d0f9a89 100644
|
||||||
|
--- a/tests/qemucapabilitiesdata/caps_2.9.0.ppc64le.xml
|
||||||
|
+++ b/tests/qemucapabilitiesdata/caps_2.9.0.ppc64le.xml
|
||||||
|
@@ -175,6 +175,7 @@
|
||||||
|
<flag name='disk-share-rw'/>
|
||||||
|
<version>2009000</version>
|
||||||
|
<kvmVersion>0</kvmVersion>
|
||||||
|
+ <microcodeVersion>347135</microcodeVersion>
|
||||||
|
<package> (v2.9.0)</package>
|
||||||
|
<arch>ppc64</arch>
|
||||||
|
<cpu type='kvm' name='default'/>
|
||||||
|
diff --git a/tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml b/tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml
|
||||||
|
index 0a6fbd0776..3b733801f8 100644
|
||||||
|
--- a/tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml
|
||||||
|
+++ b/tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml
|
||||||
|
@@ -140,6 +140,7 @@
|
||||||
|
<flag name='disk-share-rw'/>
|
||||||
|
<version>2009000</version>
|
||||||
|
<kvmVersion>0</kvmVersion>
|
||||||
|
+ <microcodeVersion>265878</microcodeVersion>
|
||||||
|
<package></package>
|
||||||
|
<arch>s390x</arch>
|
||||||
|
<hostCPU type='kvm' model='z13.2-base' migratability='no'>
|
||||||
|
diff --git a/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml
|
||||||
|
index 1294ebdb31..086594def5 100644
|
||||||
|
--- a/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml
|
||||||
|
+++ b/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml
|
||||||
|
@@ -223,6 +223,7 @@
|
||||||
|
<flag name='disk-share-rw'/>
|
||||||
|
<version>2009000</version>
|
||||||
|
<kvmVersion>0</kvmVersion>
|
||||||
|
+ <microcodeVersion>321194</microcodeVersion>
|
||||||
|
<package> (v2.9.0)</package>
|
||||||
|
<arch>x86_64</arch>
|
||||||
|
<hostCPU type='kvm' model='base' migratability='yes'>
|
||||||
|
diff --git a/tests/qemucapabilitiestest.c b/tests/qemucapabilitiestest.c
|
||||||
|
index 3ae55fc62f..4608fffbb2 100644
|
||||||
|
--- a/tests/qemucapabilitiestest.c
|
||||||
|
+++ b/tests/qemucapabilitiestest.c
|
||||||
|
@@ -61,10 +61,16 @@ testQemuCaps(const void *opaque)
|
||||||
|
qemuMonitorTestGetMonitor(mon)) < 0)
|
||||||
|
goto cleanup;
|
||||||
|
|
||||||
|
- if (virQEMUCapsGet(capsActual, QEMU_CAPS_KVM) &&
|
||||||
|
- virQEMUCapsInitQMPMonitorTCG(capsActual,
|
||||||
|
- qemuMonitorTestGetMonitor(mon)) < 0)
|
||||||
|
- goto cleanup;
|
||||||
|
+ if (virQEMUCapsGet(capsActual, QEMU_CAPS_KVM)) {
|
||||||
|
+ if (virQEMUCapsInitQMPMonitorTCG(capsActual,
|
||||||
|
+ qemuMonitorTestGetMonitor(mon)) < 0)
|
||||||
|
+ goto cleanup;
|
||||||
|
+
|
||||||
|
+ /* Fill microcodeVersion with a "random" value which is the file
|
||||||
|
+ * length to provide a reproducible number for testing.
|
||||||
|
+ */
|
||||||
|
+ virQEMUCapsSetMicrocodeVersion(capsActual, virFileLength(repliesFile, -1));
|
||||||
|
+ }
|
||||||
|
|
||||||
|
if (!(actual = virQEMUCapsFormatCache(capsActual)))
|
||||||
|
goto cleanup;
|
||||||
|
diff --git a/tests/qemucapsprobe.c b/tests/qemucapsprobe.c
|
||||||
|
index 4b8d6229b4..a5f5a38b16 100644
|
||||||
|
--- a/tests/qemucapsprobe.c
|
||||||
|
+++ b/tests/qemucapsprobe.c
|
||||||
|
@@ -72,7 +72,7 @@ main(int argc, char **argv)
|
||||||
|
return EXIT_FAILURE;
|
||||||
|
|
||||||
|
if (!(caps = virQEMUCapsNewForBinaryInternal(VIR_ARCH_NONE, argv[1], "/tmp",
|
||||||
|
- -1, -1, true)))
|
||||||
|
+ -1, -1, 0, true)))
|
||||||
|
return EXIT_FAILURE;
|
||||||
|
|
||||||
|
virObjectUnref(caps);
|
||||||
|
diff --git a/tests/testutilsqemu.c b/tests/testutilsqemu.c
|
||||||
|
index 2c7124bf26..f8182033fc 100644
|
||||||
|
--- a/tests/testutilsqemu.c
|
||||||
|
+++ b/tests/testutilsqemu.c
|
||||||
|
@@ -603,7 +603,7 @@ int qemuTestDriverInit(virQEMUDriver *driver)
|
||||||
|
|
||||||
|
/* Using /dev/null for libDir and cacheDir automatically produces errors
|
||||||
|
* upon attempt to use any of them */
|
||||||
|
- driver->qemuCapsCache = virQEMUCapsCacheNew("/dev/null", "/dev/null", 0, 0);
|
||||||
|
+ driver->qemuCapsCache = virQEMUCapsCacheNew("/dev/null", "/dev/null", 0, 0, 0);
|
||||||
|
if (!driver->qemuCapsCache)
|
||||||
|
goto error;
|
||||||
|
|
||||||
|
--
|
||||||
|
2.17.0
|
||||||
|
|
142
1006-cpu-add-CPU-features-and-model-for-indirect-branch-p.patch
Normal file
142
1006-cpu-add-CPU-features-and-model-for-indirect-branch-p.patch
Normal file
@ -0,0 +1,142 @@
|
|||||||
|
From ac0e85360cd8f25160b67ee9fb45663d20f82c1d Mon Sep 17 00:00:00 2001
|
||||||
|
From: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
Date: Tue, 19 Jun 2018 16:51:13 +0100
|
||||||
|
Subject: [PATCH 17/19] cpu: add CPU features and model for indirect branch
|
||||||
|
prediction protection
|
||||||
|
|
||||||
|
CVE-2017-5715
|
||||||
|
|
||||||
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||||
|
---
|
||||||
|
src/cpu/cpu_map.xml | 44 ++++++++++++++++++++++++++++++++++++++++++++
|
||||||
|
1 file changed, 44 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/cpu/cpu_map.xml b/src/cpu/cpu_map.xml
|
||||||
|
index 8e7ac4973d..c31e7ce36a 100644
|
||||||
|
--- a/src/cpu/cpu_map.xml
|
||||||
|
+++ b/src/cpu/cpu_map.xml
|
||||||
|
@@ -283,6 +283,9 @@
|
||||||
|
<feature name='avx512-4fmaps'>
|
||||||
|
<cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000008'/>
|
||||||
|
</feature>
|
||||||
|
+ <feature name='spec-ctrl'>
|
||||||
|
+ <cpuid eax_in='0x07' ecx_in='0x00' edx='0x04000000'/>
|
||||||
|
+ </feature>
|
||||||
|
|
||||||
|
<!-- Processor Extended State Enumeration sub leaf 1 -->
|
||||||
|
<feature name='xsaveopt'>
|
||||||
|
@@ -411,6 +414,11 @@
|
||||||
|
<cpuid eax_in='0x80000007' edx='0x00000100'/>
|
||||||
|
</feature>
|
||||||
|
|
||||||
|
+ <!-- More AMD-specific features -->
|
||||||
|
+ <feature name='ibpb'>
|
||||||
|
+ <cpuid eax_in='0x80000008' ebx='0x00001000'/>
|
||||||
|
+ </feature>
|
||||||
|
+
|
||||||
|
<!-- models -->
|
||||||
|
<model name='486'>
|
||||||
|
<feature name='fpu'/>
|
||||||
|
@@ -857,6 +865,10 @@
|
||||||
|
<feature name='syscall'/>
|
||||||
|
<feature name='tsc'/>
|
||||||
|
</model>
|
||||||
|
+ <model name='Nehalem-IBRS'>
|
||||||
|
+ <model name='Nehalem'/>
|
||||||
|
+ <feature name='spec-ctrl'/>
|
||||||
|
+ </model>
|
||||||
|
|
||||||
|
<model name='Westmere'>
|
||||||
|
<signature family='6' model='44'/>
|
||||||
|
@@ -894,6 +906,10 @@
|
||||||
|
<feature name='syscall'/>
|
||||||
|
<feature name='tsc'/>
|
||||||
|
</model>
|
||||||
|
+ <model name='Westmere-IBRS'>
|
||||||
|
+ <model name='Westmere'/>
|
||||||
|
+ <feature name='spec-ctrl'/>
|
||||||
|
+ </model>
|
||||||
|
|
||||||
|
<model name='SandyBridge'>
|
||||||
|
<signature family='6' model='42'/>
|
||||||
|
@@ -937,6 +953,10 @@
|
||||||
|
<feature name='x2apic'/>
|
||||||
|
<feature name='xsave'/>
|
||||||
|
</model>
|
||||||
|
+ <model name='SandyBridge-IBRS'>
|
||||||
|
+ <model name='SandyBridge'/>
|
||||||
|
+ <feature name='spec-ctrl'/>
|
||||||
|
+ </model>
|
||||||
|
|
||||||
|
<model name='IvyBridge'>
|
||||||
|
<signature family='6' model='58'/>
|
||||||
|
@@ -986,6 +1006,10 @@
|
||||||
|
<feature name='x2apic'/>
|
||||||
|
<feature name='xsave'/>
|
||||||
|
</model>
|
||||||
|
+ <model name='IvyBridge-IBRS'>
|
||||||
|
+ <model name='IvyBridge'/>
|
||||||
|
+ <feature name='spec-ctrl'/>
|
||||||
|
+ </model>
|
||||||
|
|
||||||
|
<model name='Haswell-noTSX'>
|
||||||
|
<signature family='6' model='60'/>
|
||||||
|
@@ -1039,6 +1063,10 @@
|
||||||
|
<feature name='x2apic'/>
|
||||||
|
<feature name='xsave'/>
|
||||||
|
</model>
|
||||||
|
+ <model name='Haswell-noTSX-IBRS'>
|
||||||
|
+ <model name='Haswell-noTSX'/>
|
||||||
|
+ <feature name='spec-ctrl'/>
|
||||||
|
+ </model>
|
||||||
|
|
||||||
|
<model name='Haswell'>
|
||||||
|
<signature family='6' model='60'/>
|
||||||
|
@@ -1094,6 +1122,10 @@
|
||||||
|
<feature name='x2apic'/>
|
||||||
|
<feature name='xsave'/>
|
||||||
|
</model>
|
||||||
|
+ <model name='Haswell-IBRS'>
|
||||||
|
+ <model name='Haswell'/>
|
||||||
|
+ <feature name='spec-ctrl'/>
|
||||||
|
+ </model>
|
||||||
|
|
||||||
|
<model name='Broadwell-noTSX'>
|
||||||
|
<signature family='6' model='61'/>
|
||||||
|
@@ -1151,6 +1183,10 @@
|
||||||
|
<feature name='x2apic'/>
|
||||||
|
<feature name='xsave'/>
|
||||||
|
</model>
|
||||||
|
+ <model name='Broadwell-noTSX-IBRS'>
|
||||||
|
+ <model name='Broadwell-noTSX'/>
|
||||||
|
+ <feature name='spec-ctrl'/>
|
||||||
|
+ </model>
|
||||||
|
|
||||||
|
<model name='Broadwell'>
|
||||||
|
<signature family='6' model='61'/>
|
||||||
|
@@ -1210,6 +1246,10 @@
|
||||||
|
<feature name='x2apic'/>
|
||||||
|
<feature name='xsave'/>
|
||||||
|
</model>
|
||||||
|
+ <model name='Broadwell-IBRS'>
|
||||||
|
+ <model name='Broadwell'/>
|
||||||
|
+ <feature name='spec-ctrl'/>
|
||||||
|
+ </model>
|
||||||
|
|
||||||
|
<model name='Skylake-Client'>
|
||||||
|
<signature family='6' model='94'/>
|
||||||
|
@@ -1278,6 +1318,10 @@
|
||||||
|
<feature name='xsavec'/>
|
||||||
|
<feature name='xsaveopt'/>
|
||||||
|
</model>
|
||||||
|
+ <model name='Skylake-Client-IBRS'>
|
||||||
|
+ <model name='Skylake-Client'/>
|
||||||
|
+ <feature name='spec-ctrl'/>
|
||||||
|
+ </model>
|
||||||
|
|
||||||
|
<!-- AMD CPUs -->
|
||||||
|
<model name='athlon'>
|
||||||
|
--
|
||||||
|
2.17.0
|
||||||
|
|
@ -0,0 +1,37 @@
|
|||||||
|
From 9a252992aa81b4873b22f174de9d345f4289051c Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
|
||||||
|
Date: Mon, 21 May 2018 23:05:07 +0100
|
||||||
|
Subject: [PATCH 18/19] cpu: define the 'ssbd' CPUID feature bit
|
||||||
|
(CVE-2018-3639)
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
New microcode introduces the "Speculative Store Bypass Disable"
|
||||||
|
CPUID feature bit. This needs to be exposed to guest OS to allow
|
||||||
|
them to protect against CVE-2018-3639.
|
||||||
|
|
||||||
|
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
||||||
|
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
|
||||||
|
(cherry picked from commit 1dbca2eccad58d91a5fd33962854f1a653638182)
|
||||||
|
---
|
||||||
|
src/cpu/cpu_map.xml | 3 +++
|
||||||
|
1 file changed, 3 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/cpu/cpu_map.xml b/src/cpu/cpu_map.xml
|
||||||
|
index c31e7ce36a..87301dc0ef 100644
|
||||||
|
--- a/src/cpu/cpu_map.xml
|
||||||
|
+++ b/src/cpu/cpu_map.xml
|
||||||
|
@@ -286,6 +286,9 @@
|
||||||
|
<feature name='spec-ctrl'>
|
||||||
|
<cpuid eax_in='0x07' ecx_in='0x00' edx='0x04000000'/>
|
||||||
|
</feature>
|
||||||
|
+ <feature name='ssbd'>
|
||||||
|
+ <cpuid eax_in='0x07' ecx_in='0x00' edx='0x80000000'/>
|
||||||
|
+ </feature>
|
||||||
|
|
||||||
|
<!-- Processor Extended State Enumeration sub leaf 1 -->
|
||||||
|
<feature name='xsaveopt'>
|
||||||
|
--
|
||||||
|
2.17.0
|
||||||
|
|
@ -0,0 +1,46 @@
|
|||||||
|
From 7774fbbda1c886633eaf0015d6211fc0ad703bc7 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
|
||||||
|
Date: Mon, 21 May 2018 23:05:08 +0100
|
||||||
|
Subject: [PATCH 19/19] cpu: define the 'virt-ssbd' CPUID feature bit
|
||||||
|
(CVE-2018-3639)
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
Some AMD processors only support a non-architectural means of
|
||||||
|
enabling Speculative Store Bypass Disable. To allow simplified
|
||||||
|
handling in virtual environments, hypervisors will expose an
|
||||||
|
architectural definition through CPUID bit 0x80000008_EBX[25].
|
||||||
|
This needs to be exposed to guest OS running on AMD x86 hosts to
|
||||||
|
allow them to protect against CVE-2018-3639.
|
||||||
|
|
||||||
|
Note that since this CPUID bit won't be present in the host CPUID
|
||||||
|
results on physical hosts, it will not be enabled automatically
|
||||||
|
in guests configured with "host-model" CPU unless using QEMU
|
||||||
|
version >= 2.9.0. Thus for older versions of QEMU, this feature
|
||||||
|
must be manually enabled using policy=force. Guests using the
|
||||||
|
"host-passthrough" CPU mode do not need special handling.
|
||||||
|
|
||||||
|
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
||||||
|
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
|
||||||
|
---
|
||||||
|
src/cpu/cpu_map.xml | 3 +++
|
||||||
|
1 file changed, 3 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/cpu/cpu_map.xml b/src/cpu/cpu_map.xml
|
||||||
|
index 87301dc0ef..e31c9ae86c 100644
|
||||||
|
--- a/src/cpu/cpu_map.xml
|
||||||
|
+++ b/src/cpu/cpu_map.xml
|
||||||
|
@@ -421,6 +421,9 @@
|
||||||
|
<feature name='ibpb'>
|
||||||
|
<cpuid eax_in='0x80000008' ebx='0x00001000'/>
|
||||||
|
</feature>
|
||||||
|
+ <feature name='virt-ssbd'>
|
||||||
|
+ <cpuid eax_in='0x80000008' ebx='0x02000000'/>
|
||||||
|
+ </feature>
|
||||||
|
|
||||||
|
<!-- models -->
|
||||||
|
<model name='486'>
|
||||||
|
--
|
||||||
|
2.17.0
|
||||||
|
|
18
libvirt.spec
18
libvirt.spec
@ -13,7 +13,7 @@
|
|||||||
# Default to skipping autoreconf. Distros can change just this one line
|
# Default to skipping autoreconf. Distros can change just this one line
|
||||||
# (or provide a command-line override) if they backport any patches that
|
# (or provide a command-line override) if they backport any patches that
|
||||||
# touch configure.ac or Makefile.am.
|
# touch configure.ac or Makefile.am.
|
||||||
%{!?enable_autotools:%global enable_autotools 0}
|
%{!?enable_autotools:%global enable_autotools 1}
|
||||||
|
|
||||||
|
|
||||||
# The hypervisor drivers that run in libvirtd
|
# The hypervisor drivers that run in libvirtd
|
||||||
@ -240,7 +240,7 @@
|
|||||||
Summary: Library providing a simple virtualization API
|
Summary: Library providing a simple virtualization API
|
||||||
Name: libvirt
|
Name: libvirt
|
||||||
Version: 3.7.0
|
Version: 3.7.0
|
||||||
Release: 4%{?dist}%{?extra_release}
|
Release: 5%{?dist}%{?extra_release}
|
||||||
License: LGPLv2+
|
License: LGPLv2+
|
||||||
Group: Development/Libraries
|
Group: Development/Libraries
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
|
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
|
||||||
@ -278,6 +278,17 @@ Patch0105: 0105-log-fix-deadlock-obtaining-hostname-related-CVE-2018.patch
|
|||||||
# Fix hotplug disk failure (bz #1540872)
|
# Fix hotplug disk failure (bz #1540872)
|
||||||
Patch0106: 0106-qemuDomainAttachDeviceMknodHelper-Remove-symlink-bef.patch
|
Patch0106: 0106-qemuDomainAttachDeviceMknodHelper-Remove-symlink-bef.patch
|
||||||
|
|
||||||
|
# Spectre / SSBD
|
||||||
|
Patch1000: 1000-util-add-virFileReadHeaderQuiet-wrapper-around-virFi.patch
|
||||||
|
Patch1001: 1001-cpu_x86-Copy-CPU-signature-from-ancestor.patch
|
||||||
|
Patch1002: 1002-util-introduce-virHostCPUGetMicrocodeVersion.patch
|
||||||
|
Patch1003: 1003-cpu_x86-Rename-virCPUx86MapInitialize.patch
|
||||||
|
Patch1004: 1004-conf-include-x86-microcode-version-in-virsh-capabilt.patch
|
||||||
|
Patch1005: 1005-qemu-capabilities-force-update-if-the-microcode-vers.patch
|
||||||
|
Patch1006: 1006-cpu-add-CPU-features-and-model-for-indirect-branch-p.patch
|
||||||
|
Patch1007: 1007-cpu-define-the-ssbd-CPUID-feature-bit-CVE-2018-3639.patch
|
||||||
|
Patch1008: 1008-cpu-define-the-virt-ssbd-CPUID-feature-bit-CVE-2018-.patch
|
||||||
|
|
||||||
Requires: libvirt-daemon = %{version}-%{release}
|
Requires: libvirt-daemon = %{version}-%{release}
|
||||||
Requires: libvirt-daemon-config-network = %{version}-%{release}
|
Requires: libvirt-daemon-config-network = %{version}-%{release}
|
||||||
Requires: libvirt-daemon-config-nwfilter = %{version}-%{release}
|
Requires: libvirt-daemon-config-nwfilter = %{version}-%{release}
|
||||||
@ -2148,6 +2159,9 @@ exit 0
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Jun 20 2018 Daniel P. Berrangé <berrange@redhat.com> - 3.7.0-5
|
||||||
|
- Add new CPU features for CVE-2017-5715 and CVE-2018-3639
|
||||||
|
|
||||||
* Tue Feb 13 2018 Cole Robinson <crobinso@redhat.com> - 3.7.0-4
|
* Tue Feb 13 2018 Cole Robinson <crobinso@redhat.com> - 3.7.0-4
|
||||||
- CVE-2018-5748: resource exhaustion via qemuMonitorIORead() (bz #1535785)
|
- CVE-2018-5748: resource exhaustion via qemuMonitorIORead() (bz #1535785)
|
||||||
- CVE-2018-6764: code injection via libvirt_lxc (bz #1542815)
|
- CVE-2018-6764: code injection via libvirt_lxc (bz #1542815)
|
||||||
|
Loading…
Reference in New Issue
Block a user