|
|
072c97 |
From 1054c2ab4381145ddc9e937a40c109980f15cf69 Mon Sep 17 00:00:00 2001
|
|
|
072c97 |
Message-Id: <1054c2ab4381145ddc9e937a40c109980f15cf69@dist-git>
|
|
|
072c97 |
From: Jiri Denemark <jdenemar@redhat.com>
|
|
|
072c97 |
Date: Fri, 5 Apr 2019 11:33:32 +0200
|
|
|
072c97 |
Subject: [PATCH] cpu_x86: Do not cache microcode version
|
|
|
072c97 |
MIME-Version: 1.0
|
|
|
072c97 |
Content-Type: text/plain; charset=UTF-8
|
|
|
072c97 |
Content-Transfer-Encoding: 8bit
|
|
|
072c97 |
|
|
|
072c97 |
The microcode version checks are used to invalidate cached CPU data we
|
|
|
072c97 |
get from QEMU. To minimize /proc/cpuinfo parsing the microcode version
|
|
|
072c97 |
was only read when libvirtd started and cached for the daemon's
|
|
|
072c97 |
lifetime. However, the CPU microcode can change anytime (updating the
|
|
|
072c97 |
microcode package can automatically upload it to the CPU) and we need to
|
|
|
072c97 |
stop caching it to avoid using stale CPU model data.
|
|
|
072c97 |
|
|
|
072c97 |
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
|
|
072c97 |
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
|
|
072c97 |
(cherry picked from commit be46f613261d3b655a1f15afd635087e68a9c39b)
|
|
|
072c97 |
|
|
|
072c97 |
CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
|
|
|
072c97 |
|
|
|
072c97 |
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
|
|
072c97 |
---
|
|
|
072c97 |
src/cpu/cpu_x86.c | 5 +----
|
|
|
072c97 |
1 file changed, 1 insertion(+), 4 deletions(-)
|
|
|
072c97 |
|
|
|
072c97 |
diff --git a/src/cpu/cpu_x86.c b/src/cpu/cpu_x86.c
|
|
|
072c97 |
index cf3d80eeb5..1acd8c4f49 100644
|
|
|
072c97 |
--- a/src/cpu/cpu_x86.c
|
|
|
072c97 |
+++ b/src/cpu/cpu_x86.c
|
|
|
072c97 |
@@ -155,7 +155,6 @@ struct _virCPUx86Map {
|
|
|
072c97 |
};
|
|
|
072c97 |
|
|
|
072c97 |
static virCPUx86MapPtr cpuMap;
|
|
|
072c97 |
-static unsigned int microcodeVersion;
|
|
|
072c97 |
|
|
|
072c97 |
int virCPUx86DriverOnceInit(void);
|
|
|
072c97 |
VIR_ONCE_GLOBAL_INIT(virCPUx86Driver);
|
|
|
072c97 |
@@ -1469,8 +1468,6 @@ virCPUx86DriverOnceInit(void)
|
|
|
072c97 |
if (!(cpuMap = virCPUx86LoadMap()))
|
|
|
072c97 |
return -1;
|
|
|
072c97 |
|
|
|
072c97 |
- microcodeVersion = virHostCPUGetMicrocodeVersion();
|
|
|
072c97 |
-
|
|
|
072c97 |
return 0;
|
|
|
072c97 |
}
|
|
|
072c97 |
|
|
|
072c97 |
@@ -2553,7 +2550,7 @@ virCPUx86GetHost(virCPUDefPtr cpu,
|
|
|
072c97 |
goto cleanup;
|
|
|
072c97 |
|
|
|
072c97 |
ret = x86DecodeCPUData(cpu, cpuData, models);
|
|
|
072c97 |
- cpu->microcodeVersion = microcodeVersion;
|
|
|
072c97 |
+ cpu->microcodeVersion = virHostCPUGetMicrocodeVersion();
|
|
|
072c97 |
|
|
|
072c97 |
cleanup:
|
|
|
072c97 |
virCPUx86DataFree(cpuData);
|
|
|
072c97 |
--
|
|
|
072c97 |
2.21.0
|
|
|
072c97 |
|