|
|
c480ed |
From f574d83a57b54248bc1f1c7fd3b25894d579c8e3 Mon Sep 17 00:00:00 2001
|
|
|
c480ed |
Message-Id: <f574d83a57b54248bc1f1c7fd3b25894d579c8e3@dist-git>
|
|
|
e90370 |
From: Jiri Denemark <jdenemar@redhat.com>
|
|
|
e90370 |
Date: Fri, 5 Apr 2019 11:33:32 +0200
|
|
|
e90370 |
Subject: [PATCH] cpu_x86: Do not cache microcode version
|
|
|
e90370 |
MIME-Version: 1.0
|
|
|
e90370 |
Content-Type: text/plain; charset=UTF-8
|
|
|
e90370 |
Content-Transfer-Encoding: 8bit
|
|
|
e90370 |
|
|
|
e90370 |
The microcode version checks are used to invalidate cached CPU data we
|
|
|
e90370 |
get from QEMU. To minimize /proc/cpuinfo parsing the microcode version
|
|
|
e90370 |
was only read when libvirtd started and cached for the daemon's
|
|
|
e90370 |
lifetime. However, the CPU microcode can change anytime (updating the
|
|
|
e90370 |
microcode package can automatically upload it to the CPU) and we need to
|
|
|
e90370 |
stop caching it to avoid using stale CPU model data.
|
|
|
e90370 |
|
|
|
e90370 |
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
|
|
e90370 |
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
|
|
e90370 |
(cherry picked from commit be46f613261d3b655a1f15afd635087e68a9c39b)
|
|
|
e90370 |
|
|
|
c480ed |
CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
|
|
|
e90370 |
|
|
|
e90370 |
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
|
|
e90370 |
---
|
|
|
e90370 |
src/cpu/cpu_x86.c | 5 +----
|
|
|
e90370 |
1 file changed, 1 insertion(+), 4 deletions(-)
|
|
|
e90370 |
|
|
|
e90370 |
diff --git a/src/cpu/cpu_x86.c b/src/cpu/cpu_x86.c
|
|
|
e90370 |
index 7fa84f6014..89baf94d7d 100644
|
|
|
e90370 |
--- a/src/cpu/cpu_x86.c
|
|
|
e90370 |
+++ b/src/cpu/cpu_x86.c
|
|
|
e90370 |
@@ -163,7 +163,6 @@ struct _virCPUx86Map {
|
|
|
e90370 |
};
|
|
|
e90370 |
|
|
|
e90370 |
static virCPUx86MapPtr cpuMap;
|
|
|
e90370 |
-static unsigned int microcodeVersion;
|
|
|
e90370 |
|
|
|
e90370 |
int virCPUx86DriverOnceInit(void);
|
|
|
e90370 |
VIR_ONCE_GLOBAL_INIT(virCPUx86Driver);
|
|
|
e90370 |
@@ -1422,8 +1421,6 @@ virCPUx86DriverOnceInit(void)
|
|
|
e90370 |
if (!(cpuMap = virCPUx86LoadMap()))
|
|
|
e90370 |
return -1;
|
|
|
e90370 |
|
|
|
e90370 |
- microcodeVersion = virHostCPUGetMicrocodeVersion();
|
|
|
e90370 |
-
|
|
|
e90370 |
return 0;
|
|
|
e90370 |
}
|
|
|
e90370 |
|
|
|
e90370 |
@@ -2463,7 +2460,7 @@ virCPUx86GetHost(virCPUDefPtr cpu,
|
|
|
e90370 |
goto cleanup;
|
|
|
e90370 |
|
|
|
e90370 |
ret = x86DecodeCPUData(cpu, cpuData, models);
|
|
|
e90370 |
- cpu->microcodeVersion = microcodeVersion;
|
|
|
e90370 |
+ cpu->microcodeVersion = virHostCPUGetMicrocodeVersion();
|
|
|
e90370 |
|
|
|
e90370 |
cleanup:
|
|
|
e90370 |
virCPUx86DataFree(cpuData);
|
|
|
e90370 |
--
|
|
|
e90370 |
2.21.0
|
|
|
e90370 |
|