Define md-clear CPUID bit
CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
Daniel P. Berrangé
parent
af6274808b
commit
70ef327d5f
|
|
@ -0,0 +1,31 @@
|
|||
From de8cb5ded43603937e0e7c341fcd7521822328a6 Mon Sep 17 00:00:00 2001
|
||||
From: Paolo Bonzini <pbonzini@redhat.com>
|
||||
Date: Sat, 2 Mar 2019 00:07:10 +0100
|
||||
Subject: [PATCH] target/i386: define md-clear bit
|
||||
|
||||
md-clear is a new CPUID bit which is set when microcode provides the
|
||||
mechanism to invoke a flush of various exploitable CPU buffers by invoking
|
||||
the VERW instruction.
|
||||
|
||||
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||
(cherry-picked from a private commit)
|
||||
---
|
||||
target/i386/cpu.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
|
||||
index d6bb57d210..4ea78a4939 100644
|
||||
--- a/target/i386/cpu.c
|
||||
+++ b/target/i386/cpu.c
|
||||
@@ -1076,7 +1076,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
|
||||
.feat_names = {
|
||||
NULL, NULL, "avx512-4vnniw", "avx512-4fmaps",
|
||||
NULL, NULL, NULL, NULL,
|
||||
- NULL, NULL, NULL, NULL,
|
||||
+ NULL, NULL, "md-clear", NULL,
|
||||
NULL, NULL, NULL, NULL,
|
||||
NULL, NULL, NULL, NULL,
|
||||
NULL, NULL, NULL, NULL,
|
||||
--
|
||||
2.21.0
|
||||
|
||||
12
qemu.spec
12
qemu.spec
|
|
@ -148,7 +148,7 @@
|
|||
Summary: QEMU is a FAST! processor emulator
|
||||
Name: qemu
|
||||
Version: 4.0.0
|
||||
Release: 1%{?rcrel}%{?dist}
|
||||
Release: 2%{?rcrel}%{?dist}
|
||||
Epoch: 2
|
||||
License: GPLv2 and BSD and MIT and CC-BY
|
||||
URL: http://www.qemu.org/
|
||||
|
|
@ -178,6 +178,9 @@ Source21: 95-kvm-ppc64-memlock.conf
|
|||
Patch0001: 0001-Revert-target-i386-kvm-add-VMX-migration-blocker.patch
|
||||
|
||||
|
||||
# CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
|
||||
Patch1001: 0001-target-i386-define-md-clear-bit.patch
|
||||
|
||||
# documentation deps
|
||||
BuildRequires: texinfo
|
||||
# For /usr/bin/pod2man
|
||||
|
|
@ -1727,7 +1730,12 @@ getent passwd qemu >/dev/null || \
|
|||
|
||||
|
||||
%changelog
|
||||
* Wed Apr 24 2019 Cole Robinson <aintdiscole@gmail.com> - 4.0.0-1
|
||||
* Tue May 14 2019 Daniel P. Berrangé <berrange@redhat.com> - 2:4.0.0-2
|
||||
- Define md-clear CPUID bit
|
||||
- Resolves: rhbz #1710002 (CVE-2018-12126), rhbz #1710004 (CVE-2018-12127),
|
||||
rhbz #1710003 (CVE-2018-12130), rhbz #1710006 (CVE-2019-11091)
|
||||
|
||||
* Wed Apr 24 2019 Cole Robinson <aintdiscole@gmail.com> - 2:4.0.0-1
|
||||
- Update to qemu-4.0.0 GA
|
||||
|
||||
* Tue Apr 16 2019 Cole Robinson <crobinso@redhat.com> - 2:4.0.0-0.7.rc3
|
||||
|
|
|
|||
Loading…
Reference in New Issue