rpms / libvirt

Clone
Source Code
GIT

Blame 0002-cpu_map-Define-md-clear-CPUID-bit.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-rhel c8-sig-altarch-stream-rhel c8-stream-rhel c8s-sig-hyperscale c8s-stream-rhel c9 c9-beta c9s-sig-hyperscale
  1.   a2be167dfee160d41c874485c5d653fbcc37d821
  2.   0002-cpu_map-Define-md-clear-CPUID-bit.patch
Blob History Raw
Daniel P. Berrangé a2be16 
From 150b8cfaaf49d86f90187cbf071aa3fa55476ac1 Mon Sep 17 00:00:00 2001
Daniel P. Berrangé a2be16 
From: Jiri Denemark <jdenemar@redhat.com>
Daniel P. Berrangé a2be16 
Date: Tue, 9 Apr 2019 12:35:52 +0200
Daniel P. Berrangé a2be16 
Subject: [PATCH 2/2] cpu_map: Define md-clear CPUID bit
Daniel P. Berrangé a2be16 
MIME-Version: 1.0
Daniel P. Berrangé a2be16 
Content-Type: text/plain; charset=UTF-8
Daniel P. Berrangé a2be16 
Content-Transfer-Encoding: 8bit
Daniel P. Berrangé a2be16
Daniel P. Berrangé a2be16 
CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
Daniel P. Berrangé a2be16
Daniel P. Berrangé a2be16 
The bit is set when microcode provides the mechanism to invoke a flush
Daniel P. Berrangé a2be16 
of various exploitable CPU buffers by invoking the VERW instruction.
Daniel P. Berrangé a2be16
Daniel P. Berrangé a2be16 
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Daniel P. Berrangé a2be16 
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Daniel P. Berrangé a2be16 
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Daniel P. Berrangé a2be16 
(cherry picked from commit 538d873571d7a682852dc1d70e5f4478f4d64e85)
Daniel P. Berrangé a2be16 
---
Daniel P. Berrangé a2be16 
 src/cpu_map/x86_features.xml                                | 3 +++
Daniel P. Berrangé a2be16 
 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml  | 2 +-
Daniel P. Berrangé a2be16 
 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml    | 1 +
Daniel P. Berrangé a2be16 
 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml     | 1 +
Daniel P. Berrangé a2be16 
 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml     | 1 +
Daniel P. Berrangé a2be16 
 tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-guest.xml | 1 +
Daniel P. Berrangé a2be16 
 tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-host.xml  | 1 +
Daniel P. Berrangé a2be16 
 7 files changed, 9 insertions(+), 1 deletion(-)
Daniel P. Berrangé a2be16
Daniel P. Berrangé a2be16 
diff --git a/src/cpu_map/x86_features.xml b/src/cpu_map/x86_features.xml
Daniel P. Berrangé a2be16 
index efcc10b1ae..370807f88e 100644
Daniel P. Berrangé a2be16 
--- a/src/cpu_map/x86_features.xml
Daniel P. Berrangé a2be16 
+++ b/src/cpu_map/x86_features.xml
Daniel P. Berrangé a2be16 
@@ -320,6 +320,9 @@
Daniel P. Berrangé a2be16 
   <feature name='avx512-4fmaps'>
Daniel P. Berrangé a2be16 
     <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000008'/>
Daniel P. Berrangé a2be16 
   </feature>
Daniel P. Berrangé a2be16 
+  <feature name='md-clear'>
Daniel P. Berrangé a2be16 
+    <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000400'/>
Daniel P. Berrangé a2be16 
+  </feature>
Daniel P. Berrangé a2be16 
   <feature name='pconfig'>
Daniel P. Berrangé a2be16 
     <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00040000'/>
Daniel P. Berrangé a2be16 
   </feature>
Daniel P. Berrangé a2be16 
diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml
Daniel P. Berrangé a2be16 
index 0deca9fba6..74763a462b 100644
Daniel P. Berrangé a2be16 
--- a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml
Daniel P. Berrangé a2be16 
+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml
Daniel P. Berrangé a2be16 
@@ -2,7 +2,7 @@
Daniel P. Berrangé a2be16 
 <cpudata arch='x86'>
Daniel P. Berrangé a2be16 
   <cpuid eax_in='0x00000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0xf7fa3203' edx='0x0f8bfbff'/>
Daniel P. Berrangé a2be16 
   <cpuid eax_in='0x00000006' ecx_in='0x00' eax='0x00000004' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
Daniel P. Berrangé a2be16 
-  <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x009c4fbb' ecx='0x00000000' edx='0x8c000000'/>
Daniel P. Berrangé a2be16 
+  <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x009c4fbb' ecx='0x00000000' edx='0x8c000400'/>
Daniel P. Berrangé a2be16 
   <cpuid eax_in='0x0000000d' ecx_in='0x01' eax='0x00000007' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
Daniel P. Berrangé a2be16 
   <cpuid eax_in='0x80000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000121' edx='0x2c100800'/>
Daniel P. Berrangé a2be16 
 </cpudata>
Daniel P. Berrangé a2be16 
diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
Daniel P. Berrangé a2be16 
index 70a0fc3286..867970d2c7 100644
Daniel P. Berrangé a2be16 
--- a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
Daniel P. Berrangé a2be16 
+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
Daniel P. Berrangé a2be16 
@@ -20,6 +20,7 @@
Daniel P. Berrangé a2be16 
   <feature policy='require' name='tsc_adjust'/>
Daniel P. Berrangé a2be16 
   <feature policy='require' name='clflushopt'/>
Daniel P. Berrangé a2be16 
   <feature policy='require' name='intel-pt'/>
Daniel P. Berrangé a2be16 
+  <feature policy='require' name='md-clear'/>
Daniel P. Berrangé a2be16 
   <feature policy='require' name='stibp'/>
Daniel P. Berrangé a2be16 
   <feature policy='require' name='ssbd'/>
Daniel P. Berrangé a2be16 
   <feature policy='require' name='xsaves'/>
Daniel P. Berrangé a2be16 
diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
Daniel P. Berrangé a2be16 
index bbdfb6aa61..e7ced42797 100644
Daniel P. Berrangé a2be16 
--- a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
Daniel P. Berrangé a2be16 
+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
Daniel P. Berrangé a2be16 
@@ -21,6 +21,7 @@
Daniel P. Berrangé a2be16 
   <feature name='tsc_adjust'/>
Daniel P. Berrangé a2be16 
   <feature name='clflushopt'/>
Daniel P. Berrangé a2be16 
   <feature name='intel-pt'/>
Daniel P. Berrangé a2be16 
+  <feature name='md-clear'/>
Daniel P. Berrangé a2be16 
   <feature name='stibp'/>
Daniel P. Berrangé a2be16 
   <feature name='ssbd'/>
Daniel P. Berrangé a2be16 
   <feature name='xsaves'/>
Daniel P. Berrangé a2be16 
diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml
Daniel P. Berrangé a2be16 
index 1f321db273..a5591278df 100644
Daniel P. Berrangé a2be16 
--- a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml
Daniel P. Berrangé a2be16 
+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml
Daniel P. Berrangé a2be16 
@@ -5,6 +5,7 @@
Daniel P. Berrangé a2be16 
   <feature policy='require' name='hypervisor'/>
Daniel P. Berrangé a2be16 
   <feature policy='require' name='tsc_adjust'/>
Daniel P. Berrangé a2be16 
   <feature policy='require' name='clflushopt'/>
Daniel P. Berrangé a2be16 
+  <feature policy='require' name='md-clear'/>
Daniel P. Berrangé a2be16 
   <feature policy='require' name='stibp'/>
Daniel P. Berrangé a2be16 
   <feature policy='require' name='ssbd'/>
Daniel P. Berrangé a2be16 
   <feature policy='require' name='pdpe1gb'/>
Daniel P. Berrangé a2be16 
diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-guest.xml b/tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-guest.xml
Daniel P. Berrangé a2be16 
index cc1fc90c45..c7e8a1fccf 100644
Daniel P. Berrangé a2be16 
--- a/tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-guest.xml
Daniel P. Berrangé a2be16 
+++ b/tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-guest.xml
Daniel P. Berrangé a2be16 
@@ -23,6 +23,7 @@
Daniel P. Berrangé a2be16 
   <feature policy='require' name='intel-pt'/>
Daniel P. Berrangé a2be16 
   <feature policy='require' name='pku'/>
Daniel P. Berrangé a2be16 
   <feature policy='require' name='ospke'/>
Daniel P. Berrangé a2be16 
+  <feature policy='require' name='md-clear'/>
Daniel P. Berrangé a2be16 
   <feature policy='require' name='stibp'/>
Daniel P. Berrangé a2be16 
   <feature policy='require' name='arch-capabilities'/>
Daniel P. Berrangé a2be16 
   <feature policy='require' name='xsaves'/>
Daniel P. Berrangé a2be16 
diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-host.xml b/tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-host.xml
Daniel P. Berrangé a2be16 
index dfabdc57c7..d7482751b4 100644
Daniel P. Berrangé a2be16 
--- a/tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-host.xml
Daniel P. Berrangé a2be16 
+++ b/tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-host.xml
Daniel P. Berrangé a2be16 
@@ -24,6 +24,7 @@
Daniel P. Berrangé a2be16 
   <feature name='intel-pt'/>
Daniel P. Berrangé a2be16 
   <feature name='pku'/>
Daniel P. Berrangé a2be16 
   <feature name='ospke'/>
Daniel P. Berrangé a2be16 
+  <feature name='md-clear'/>
Daniel P. Berrangé a2be16 
   <feature name='stibp'/>
Daniel P. Berrangé a2be16 
   <feature name='arch-capabilities'/>
Daniel P. Berrangé a2be16 
   <feature name='xsaves'/>
Daniel P. Berrangé a2be16 
--
Daniel P. Berrangé a2be16 
2.21.0
Daniel P. Berrangé a2be16

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation