From 4cd28d3f2984894ad10b69b4cd5880a9c8d0e156 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Jan 04 2018 17:14:52 +0000 Subject: import libvirt-3.2.0-14.el7_4.7 --- diff --git a/SOURCES/libvirt-conf-include-x86-microcode-version-in-virsh-capabiltiies.patch b/SOURCES/libvirt-conf-include-x86-microcode-version-in-virsh-capabiltiies.patch new file mode 100644 index 0000000..7c45cd5 --- /dev/null +++ b/SOURCES/libvirt-conf-include-x86-microcode-version-in-virsh-capabiltiies.patch @@ -0,0 +1,188 @@ +From a2fe4ef20df702070ffec676172c19e6c89b8312 Mon Sep 17 00:00:00 2001 +Message-Id: +From: Paolo Bonzini +Date: Tue, 12 Dec 2017 16:23:40 +0100 +Subject: [PATCH] conf: include x86 microcode version in virsh capabiltiies + +A microcode update can cause the CPUID bits to change; an example +from the past was the update that disabled TSX on several Haswell and +Broadwell machines. + +In order to track the x86 microcode version in the QEMU capabilities, +we have to fetch it and store it in the host CPU. This also makes the +version visible in "virsh capabilities", which is a nice side effect. + +CVE-2017-5715 + +Signed-off-by: Paolo Bonzini +Signed-off-by: Jiri Denemark + +Conflicts: + src/cpu/cpu_x86.c + - context; x86DecodeCPUData has more parameters in 7.4 +--- + src/conf/capabilities.c | 12 ++++++++++++ + src/conf/capabilities.h | 2 ++ + src/conf/cpu_conf.c | 14 ++++++++++++++ + src/conf/cpu_conf.h | 1 + + src/cpu/cpu_x86.c | 9 +++++++++ + src/libvirt_private.syms | 1 + + 6 files changed, 39 insertions(+) + +diff --git a/src/conf/capabilities.c b/src/conf/capabilities.c +index 08907aced1..fad6cc1c07 100644 +--- a/src/conf/capabilities.c ++++ b/src/conf/capabilities.c +@@ -355,6 +355,18 @@ virCapabilitiesAddHostNUMACell(virCapsPtr caps, + } + + ++/** ++ * virCapabilitiesGetMicrocodeVersion: ++ * @caps: capabilities to access ++ * ++ * Get host CPU microcode version, or 0 if unavailable ++ */ ++unsigned int ++virCapabilitiesGetMicrocodeVersion(virCapsPtr caps) ++{ ++ return caps->host.cpu ? caps->host.cpu->microcodeVersion : 0; ++} ++ + /** + * virCapabilitiesSetHostCPU: + * @caps: capabilities to extend +diff --git a/src/conf/capabilities.h b/src/conf/capabilities.h +index d10eef3afd..75e0748e9e 100644 +--- a/src/conf/capabilities.h ++++ b/src/conf/capabilities.h +@@ -299,6 +299,8 @@ virBitmapPtr virCapabilitiesGetCpusForNodemask(virCapsPtr caps, + + int virCapabilitiesGetNodeInfo(virNodeInfoPtr nodeinfo); + ++unsigned int virCapabilitiesGetMicrocodeVersion(virCapsPtr caps); ++ + int virCapabilitiesInitPages(virCapsPtr caps); + + int virCapabilitiesInitNUMA(virCapsPtr caps); +diff --git a/src/conf/cpu_conf.c b/src/conf/cpu_conf.c +index e570dffcd2..239f671fa7 100644 +--- a/src/conf/cpu_conf.c ++++ b/src/conf/cpu_conf.c +@@ -127,6 +127,7 @@ virCPUDefCopyModelFilter(virCPUDefPtr dst, + VIR_STRDUP(dst->vendor_id, src->vendor_id) < 0 || + VIR_ALLOC_N(dst->features, src->nfeatures) < 0) + return -1; ++ dst->microcodeVersion = src->microcodeVersion; + dst->nfeatures_max = src->nfeatures; + dst->nfeatures = 0; + +@@ -178,6 +179,7 @@ virCPUDefStealModel(virCPUDefPtr dst, + + VIR_STEAL_PTR(dst->model, src->model); + VIR_STEAL_PTR(dst->features, src->features); ++ dst->microcodeVersion = src->microcodeVersion; + dst->nfeatures_max = src->nfeatures_max; + src->nfeatures_max = 0; + dst->nfeatures = src->nfeatures; +@@ -379,6 +381,14 @@ virCPUDefParseXML(xmlXPathContextPtr ctxt, + goto cleanup; + } + VIR_FREE(arch); ++ ++ if (virXPathBoolean("boolean(./microcode[1]/@version)", ctxt) > 0 && ++ virXPathUInt("string(./microcode[1]/@version)", ctxt, ++ &def->microcodeVersion) < 0) { ++ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", ++ _("invalid microcode version")); ++ goto cleanup; ++ } + } + + if (!(def->model = virXPathString("string(./model[1])", ctxt)) && +@@ -720,6 +730,10 @@ virCPUDefFormatBuf(virBufferPtr buf, + if (formatModel && def->vendor) + virBufferEscapeString(buf, "%s\n", def->vendor); + ++ if (def->type == VIR_CPU_TYPE_HOST && def->microcodeVersion) ++ virBufferAsprintf(buf, "\n", ++ def->microcodeVersion); ++ + if (def->sockets && def->cores && def->threads) { + virBufferAddLit(buf, "sockets); +diff --git a/src/conf/cpu_conf.h b/src/conf/cpu_conf.h +index 1978814d36..1a13ae6e46 100644 +--- a/src/conf/cpu_conf.h ++++ b/src/conf/cpu_conf.h +@@ -133,6 +133,7 @@ struct _virCPUDef { + char *vendor_id; /* vendor id returned by CPUID in the guest */ + int fallback; /* enum virCPUFallback */ + char *vendor; ++ unsigned int microcodeVersion; + unsigned int sockets; + unsigned int cores; + unsigned int threads; +diff --git a/src/cpu/cpu_x86.c b/src/cpu/cpu_x86.c +index 8af0a1a2b7..efef7f235d 100644 +--- a/src/cpu/cpu_x86.c ++++ b/src/cpu/cpu_x86.c +@@ -33,6 +33,7 @@ + #include "virbuffer.h" + #include "virendian.h" + #include "virstring.h" ++#include "virhostcpu.h" + + #define VIR_FROM_THIS VIR_FROM_CPU + +@@ -153,6 +154,8 @@ struct _virCPUx86Map { + }; + + static virCPUx86MapPtr cpuMap; ++static unsigned int microcodeVersion; ++ + int virCPUx86DriverOnceInit(void); + VIR_ONCE_GLOBAL_INIT(virCPUx86Driver); + +@@ -1391,6 +1394,8 @@ virCPUx86DriverOnceInit(void) + if (!(cpuMap = virCPUx86LoadMap())) + return -1; + ++ microcodeVersion = virHostCPUGetMicrocodeVersion(); ++ + return 0; + } + +@@ -2408,6 +2413,9 @@ virCPUx86GetHost(virCPUDefPtr cpu, + virCPUDataPtr cpuData = NULL; + int ret = -1; + ++ if (virCPUx86DriverInitialize() < 0) ++ goto cleanup; ++ + if (!(cpuData = virCPUDataNew(archs[0]))) + goto cleanup; + +@@ -2416,6 +2424,7 @@ virCPUx86GetHost(virCPUDefPtr cpu, + goto cleanup; + + ret = x86DecodeCPUData(cpu, cpuData, models, nmodels, NULL); ++ cpu->microcodeVersion = microcodeVersion; + + cleanup: + virCPUx86DataFree(cpuData); +diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms +index c50b6c2f77..c7834115fd 100644 +--- a/src/libvirt_private.syms ++++ b/src/libvirt_private.syms +@@ -57,6 +57,7 @@ virCapabilitiesFreeGuest; + virCapabilitiesFreeMachines; + virCapabilitiesFreeNUMAInfo; + virCapabilitiesGetCpusForNodemask; ++virCapabilitiesGetMicrocodeVersion; + virCapabilitiesGetNodeInfo; + virCapabilitiesHostSecModelAddBaseLabel; + virCapabilitiesInitNUMA; +-- +2.15.1 + diff --git a/SOURCES/libvirt-cpu-add-CPU-features-and-model-for-indirect-branch-prediction-protection.patch b/SOURCES/libvirt-cpu-add-CPU-features-and-model-for-indirect-branch-prediction-protection.patch new file mode 100644 index 0000000..d264d5d --- /dev/null +++ b/SOURCES/libvirt-cpu-add-CPU-features-and-model-for-indirect-branch-prediction-protection.patch @@ -0,0 +1,153 @@ +From b3505e6f099cf4af35e254e077bb61cf62f035ed Mon Sep 17 00:00:00 2001 +Message-Id: +From: Paolo Bonzini +Date: Tue, 12 Dec 2017 16:23:42 +0100 +Subject: [PATCH] cpu: add CPU features and model for indirect branch + prediction protection + +CVE-2017-5715 + +Signed-off-by: Paolo Bonzini +Signed-off-by: Jiri Denemark + +Conflicts: + src/cpu/cpu_map.xml + - no Skylake-Server and EPYC CPU models +--- + src/cpu/cpu_map.xml | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 50 insertions(+) + +diff --git a/src/cpu/cpu_map.xml b/src/cpu/cpu_map.xml +index 29b5b596f4..7fbba9f0d8 100644 +--- a/src/cpu/cpu_map.xml ++++ b/src/cpu/cpu_map.xml +@@ -283,6 +283,15 @@ + + + ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +@@ -411,6 +420,11 @@ + + + ++ ++ ++ ++ ++ + + + +@@ -857,6 +871,10 @@ + + + ++ ++ ++ ++ + + + +@@ -894,6 +912,10 @@ + + + ++ ++ ++ ++ + + + +@@ -937,6 +959,10 @@ + + + ++ ++ ++ ++ + + + +@@ -986,6 +1012,10 @@ + + + ++ ++ ++ ++ + + + +@@ -1039,6 +1069,10 @@ + + + ++ ++ ++ ++ + + + +@@ -1094,6 +1128,10 @@ + + + ++ ++ ++ ++ + + + +@@ -1151,6 +1189,10 @@ + + + ++ ++ ++ ++ + + + +@@ -1210,6 +1252,10 @@ + + + ++ ++ ++ ++ + + + +@@ -1278,6 +1324,10 @@ + + + ++ ++ ++ ++ + + + +-- +2.15.1 + diff --git a/SOURCES/libvirt-cpu_x86-Rename-virCPUx86MapInitialize.patch b/SOURCES/libvirt-cpu_x86-Rename-virCPUx86MapInitialize.patch new file mode 100644 index 0000000..1808387 --- /dev/null +++ b/SOURCES/libvirt-cpu_x86-Rename-virCPUx86MapInitialize.patch @@ -0,0 +1,52 @@ +From 3a74e5ae1229d1be6792178e650174f4a740e869 Mon Sep 17 00:00:00 2001 +Message-Id: <3a74e5ae1229d1be6792178e650174f4a740e869@dist-git> +From: Jiri Denemark +Date: Wed, 13 Dec 2017 22:30:31 +0100 +Subject: [PATCH] cpu_x86: Rename virCPUx86MapInitialize + +The function will be used to initialize internal data of the x86 CPU +driver (including the CPU map). + +CVE-2017-5715 + +Signed-off-by: Jiri Denemark +--- + src/cpu/cpu_x86.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/src/cpu/cpu_x86.c b/src/cpu/cpu_x86.c +index 2864454211..8af0a1a2b7 100644 +--- a/src/cpu/cpu_x86.c ++++ b/src/cpu/cpu_x86.c +@@ -153,8 +153,8 @@ struct _virCPUx86Map { + }; + + static virCPUx86MapPtr cpuMap; +-int virCPUx86MapOnceInit(void); +-VIR_ONCE_GLOBAL_INIT(virCPUx86Map); ++int virCPUx86DriverOnceInit(void); ++VIR_ONCE_GLOBAL_INIT(virCPUx86Driver); + + + typedef enum { +@@ -1386,7 +1386,7 @@ virCPUx86LoadMap(void) + + + int +-virCPUx86MapOnceInit(void) ++virCPUx86DriverOnceInit(void) + { + if (!(cpuMap = virCPUx86LoadMap())) + return -1; +@@ -1398,7 +1398,7 @@ virCPUx86MapOnceInit(void) + static virCPUx86MapPtr + virCPUx86GetMap(void) + { +- if (virCPUx86MapInitialize() < 0) ++ if (virCPUx86DriverInitialize() < 0) + return NULL; + + return cpuMap; +-- +2.15.1 + diff --git a/SOURCES/libvirt-qemu-Properly-store-microcode-version-in-QEMU-caps-cache.patch b/SOURCES/libvirt-qemu-Properly-store-microcode-version-in-QEMU-caps-cache.patch new file mode 100644 index 0000000..3ff4a58 --- /dev/null +++ b/SOURCES/libvirt-qemu-Properly-store-microcode-version-in-QEMU-caps-cache.patch @@ -0,0 +1,47 @@ +From e3e7aa7c8ad6d687b9605b0da3b46ad0ef171157 Mon Sep 17 00:00:00 2001 +Message-Id: +From: Jiri Denemark +Date: Tue, 19 Dec 2017 08:36:49 +0100 +Subject: [PATCH] qemu: Properly store microcode version in QEMU caps cache + +This fixes a misplaced hunk in the backport of "qemu: capabilities: +force update if the microcode version does not match". We need to make +sure the microcode version is assigned to QEMU caps object before the +caps get stored on a disk. Otherwise QEMU caps cached on a disk would +always be considered invalid when libvirtd starts and tries to load +them. + +CVE-2017-5715 + +Signed-off-by: Jiri Denemark +--- + src/qemu/qemu_capabilities.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c +index 504e2c9587..8f9b1493a5 100644 +--- a/src/qemu/qemu_capabilities.c ++++ b/src/qemu/qemu_capabilities.c +@@ -5210,6 +5210,9 @@ virQEMUCapsNewForBinaryInternal(virCapsPtr caps, + goto error; + } + ++ if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_KVM)) ++ qemuCaps->microcodeVersion = microcodeVersion; ++ + if (cacheDir && + virQEMUCapsRememberCached(qemuCaps, cacheDir) < 0) + goto error; +@@ -5218,9 +5221,6 @@ virQEMUCapsNewForBinaryInternal(virCapsPtr caps, + virQEMUCapsInitHostCPUModel(qemuCaps, caps, VIR_DOMAIN_VIRT_QEMU); + } + +- if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_KVM)) +- qemuCaps->microcodeVersion = microcodeVersion; +- + cleanup: + VIR_FREE(qmperr); + return qemuCaps; +-- +2.15.1 + diff --git a/SOURCES/libvirt-qemu-capabilities-force-update-if-the-microcode-version-does-not-match.patch b/SOURCES/libvirt-qemu-capabilities-force-update-if-the-microcode-version-does-not-match.patch new file mode 100644 index 0000000..d993f7d --- /dev/null +++ b/SOURCES/libvirt-qemu-capabilities-force-update-if-the-microcode-version-does-not-match.patch @@ -0,0 +1,588 @@ +From ac08fdc6dcbdc6e9fdb976fd2143c663d3748752 Mon Sep 17 00:00:00 2001 +Message-Id: +From: Paolo Bonzini +Date: Tue, 12 Dec 2017 16:23:41 +0100 +Subject: [PATCH] qemu: capabilities: force update if the microcode version + does not match + +A microcode update can cause the CPUID bits to change; an example +from the past was the update that disabled TSX on several Haswell +and Broadwell machines. + +Therefore, place microcode version in the virQEMUCaps struct and +XML, and rebuild the cache if the versions do not match. + +CVE-2017-5715 + +Signed-off-by: Paolo Bonzini +Signed-off-by: Jiri Denemark + +Conflicts: + src/qemu/qemu_capabilities.c + src/qemu/qemu_capabilities.h + - virQEMUCapsCache is based on virFileCache in 7.5 + + src/qemu/qemu_capspriv.h + - context; more functions were added in 7.5 + + tests/qemucapabilitiesdata/caps_2.10.0-gicv2.aarch64.xml + tests/qemucapabilitiesdata/caps_2.10.0-gicv3.aarch64.xml + tests/qemucapabilitiesdata/caps_2.10.0.ppc64.xml + tests/qemucapabilitiesdata/caps_2.10.0.s390x.xml + tests/qemucapabilitiesdata/caps_2.10.0.x86_64.xml + tests/qemucapabilitiesdata/caps_2.9.0.ppc64.xml + tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml + - missing in 7.4 + + tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml + - context; different package version in 7.4 + + tests/qemucapsprobe.c + - virQEMUCapsNewForBinaryInternal has fewer parameters + in 7.5 +--- + src/qemu/qemu_capabilities.c | 56 +++++++++++++++++++--- + src/qemu/qemu_capabilities.h | 7 ++- + src/qemu/qemu_capspriv.h | 6 +++ + src/qemu/qemu_driver.c | 9 +++- + tests/qemucapabilitiesdata/caps_1.2.2.x86_64.xml | 1 + + tests/qemucapabilitiesdata/caps_1.3.1.x86_64.xml | 1 + + tests/qemucapabilitiesdata/caps_1.4.2.x86_64.xml | 1 + + tests/qemucapabilitiesdata/caps_1.5.3.x86_64.xml | 1 + + tests/qemucapabilitiesdata/caps_1.6.0.x86_64.xml | 1 + + tests/qemucapabilitiesdata/caps_1.7.0.x86_64.xml | 1 + + tests/qemucapabilitiesdata/caps_2.1.1.x86_64.xml | 1 + + tests/qemucapabilitiesdata/caps_2.4.0.x86_64.xml | 1 + + tests/qemucapabilitiesdata/caps_2.5.0.x86_64.xml | 1 + + .../caps_2.6.0-gicv2.aarch64.xml | 1 + + .../caps_2.6.0-gicv3.aarch64.xml | 1 + + tests/qemucapabilitiesdata/caps_2.6.0.ppc64le.xml | 1 + + tests/qemucapabilitiesdata/caps_2.6.0.x86_64.xml | 1 + + tests/qemucapabilitiesdata/caps_2.7.0.s390x.xml | 1 + + tests/qemucapabilitiesdata/caps_2.7.0.x86_64.xml | 1 + + tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml | 1 + + tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml | 1 + + tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml | 1 + + tests/qemucapabilitiestest.c | 14 ++++-- + tests/qemucapsprobe.c | 2 +- + tests/testutilsqemu.c | 2 +- + 25 files changed, 98 insertions(+), 16 deletions(-) + +diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c +index a42f8d9988..504e2c9587 100644 +--- a/src/qemu/qemu_capabilities.c ++++ b/src/qemu/qemu_capabilities.c +@@ -426,6 +426,7 @@ struct _virQEMUCaps { + + unsigned int version; + unsigned int kvmVersion; ++ unsigned int microcodeVersion; + char *package; + + virArch arch; +@@ -2217,6 +2218,7 @@ virQEMUCapsPtr virQEMUCapsNewCopy(virQEMUCapsPtr qemuCaps) + + ret->version = qemuCaps->version; + ret->kvmVersion = qemuCaps->kvmVersion; ++ ret->microcodeVersion = qemuCaps->microcodeVersion; + + if (VIR_STRDUP(ret->package, qemuCaps->package) < 0) + goto error; +@@ -3817,6 +3819,13 @@ virQEMUCapsLoadCache(virCapsPtr caps, + goto cleanup; + } + ++ if (virXPathUInt("string(./microcodeVersion)", ctxt, ++ &qemuCaps->microcodeVersion) < 0) { ++ virReportError(VIR_ERR_INTERNAL_ERROR, "%s", ++ _("missing microcode version in QEMU capabilities cache")); ++ goto cleanup; ++ } ++ + if (virXPathBoolean("boolean(./package)", ctxt) > 0) { + qemuCaps->package = virXPathString("string(./package)", ctxt); + if (!qemuCaps->package && +@@ -4083,6 +4092,9 @@ virQEMUCapsFormatCache(virQEMUCapsPtr qemuCaps, + virBufferAsprintf(&buf, "%d\n", + qemuCaps->kvmVersion); + ++ virBufferAsprintf(&buf, "%u\n", ++ qemuCaps->microcodeVersion); ++ + if (qemuCaps->package) + virBufferAsprintf(&buf, "%s\n", + qemuCaps->package); +@@ -4286,7 +4298,8 @@ virQEMUCapsInitCached(virCapsPtr caps, + goto discard; + } + +- if (!virQEMUCapsIsValid(qemuCaps, qemuctime, runUid, runGid)) ++ if (!virQEMUCapsIsValid(qemuCaps, qemuctime, runUid, runGid, ++ virCapabilitiesGetMicrocodeVersion(caps))) + goto discard; + + /* Discard cache if QEMU binary or libvirtd changed */ +@@ -5138,6 +5151,7 @@ virQEMUCapsNewForBinaryInternal(virCapsPtr caps, + const char *cacheDir, + uid_t runUid, + gid_t runGid, ++ unsigned int microcodeVersion, + bool qmpOnly) + { + virQEMUCapsPtr qemuCaps; +@@ -5204,6 +5218,9 @@ virQEMUCapsNewForBinaryInternal(virCapsPtr caps, + virQEMUCapsInitHostCPUModel(qemuCaps, caps, VIR_DOMAIN_VIRT_QEMU); + } + ++ if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_KVM)) ++ qemuCaps->microcodeVersion = microcodeVersion; ++ + cleanup: + VIR_FREE(qmperr); + return qemuCaps; +@@ -5220,10 +5237,12 @@ virQEMUCapsNewForBinary(virCapsPtr caps, + const char *libDir, + const char *cacheDir, + uid_t runUid, +- gid_t runGid) ++ gid_t runGid, ++ unsigned int microcodeVersion) + { + return virQEMUCapsNewForBinaryInternal(caps, binary, libDir, cacheDir, +- runUid, runGid, false); ++ runUid, runGid, microcodeVersion, ++ false); + } + + +@@ -5231,7 +5250,8 @@ bool + virQEMUCapsIsValid(virQEMUCapsPtr qemuCaps, + time_t qemuctime, + uid_t runUid, +- gid_t runGid) ++ gid_t runGid, ++ unsigned int microcodeVersion) + { + bool kvmUsable; + +@@ -5279,6 +5299,16 @@ virQEMUCapsIsValid(virQEMUCapsPtr qemuCaps, + return false; + } + ++ if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_KVM) && ++ microcodeVersion != qemuCaps->microcodeVersion) { ++ VIR_DEBUG("Outdated capabilities for '%s': microcode version changed " ++ "(%u vs %u)", ++ qemuCaps->binary, ++ microcodeVersion, ++ qemuCaps->microcodeVersion); ++ return false; ++ } ++ + return true; + } + +@@ -5325,7 +5355,8 @@ virQEMUCapsCachePtr + virQEMUCapsCacheNew(const char *libDir, + const char *cacheDir, + uid_t runUid, +- gid_t runGid) ++ gid_t runGid, ++ unsigned int microcodeVersion) + { + virQEMUCapsCachePtr cache; + +@@ -5348,6 +5379,7 @@ virQEMUCapsCacheNew(const char *libDir, + + cache->runUid = runUid; + cache->runGid = runGid; ++ cache->microcodeVersion = microcodeVersion; + + return cache; + +@@ -5364,7 +5396,8 @@ virQEMUCapsCacheValidate(virQEMUCapsCachePtr cache, + virQEMUCapsPtr *qemuCaps) + { + if (*qemuCaps && +- !virQEMUCapsIsValid(*qemuCaps, 0, cache->runUid, cache->runGid)) { ++ !virQEMUCapsIsValid(*qemuCaps, 0, cache->runUid, cache->runGid, ++ virCapabilitiesGetMicrocodeVersion(caps))) { + VIR_DEBUG("Cached capabilities %p no longer valid for %s", + *qemuCaps, binary); + virHashRemoveEntry(cache->binaries, binary); +@@ -5375,7 +5408,8 @@ virQEMUCapsCacheValidate(virQEMUCapsCachePtr cache, + VIR_DEBUG("Creating capabilities for %s", binary); + *qemuCaps = virQEMUCapsNewForBinary(caps, binary, + cache->libDir, cache->cacheDir, +- cache->runUid, cache->runGid); ++ cache->runUid, cache->runGid, ++ virCapabilitiesGetMicrocodeVersion(caps)); + if (*qemuCaps) { + VIR_DEBUG("Caching capabilities %p for %s", *qemuCaps, binary); + if (virHashAddEntry(cache->binaries, binary, *qemuCaps) < 0) { +@@ -5926,3 +5960,11 @@ virQEMUCapsFillDomainCaps(virCapsPtr caps, + return -1; + return 0; + } ++ ++ ++void ++virQEMUCapsSetMicrocodeVersion(virQEMUCapsPtr qemuCaps, ++ unsigned int microcodeVersion) ++{ ++ qemuCaps->microcodeVersion = microcodeVersion; ++} +diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h +index bc4ad44496..d1a1d46b5a 100644 +--- a/src/qemu/qemu_capabilities.h ++++ b/src/qemu/qemu_capabilities.h +@@ -497,7 +497,8 @@ int virQEMUCapsGetMachineTypesCaps(virQEMUCapsPtr qemuCaps, + bool virQEMUCapsIsValid(virQEMUCapsPtr qemuCaps, + time_t ctime, + uid_t runUid, +- gid_t runGid); ++ gid_t runGid, ++ unsigned int microcodeVersion); + + void virQEMUCapsFilterByMachineType(virQEMUCapsPtr qemuCaps, + const char *machineType); +@@ -509,7 +510,9 @@ void virQEMUCapsSetGICCapabilities(virQEMUCapsPtr qemuCaps, + + virQEMUCapsCachePtr virQEMUCapsCacheNew(const char *libDir, + const char *cacheDir, +- uid_t uid, gid_t gid); ++ uid_t uid, ++ gid_t gid, ++ unsigned int microcodeVersion); + virQEMUCapsPtr virQEMUCapsCacheLookup(virCapsPtr caps, + virQEMUCapsCachePtr cache, + const char *binary); +diff --git a/src/qemu/qemu_capspriv.h b/src/qemu/qemu_capspriv.h +index 1baaaf3340..d39a71a2f8 100644 +--- a/src/qemu/qemu_capspriv.h ++++ b/src/qemu/qemu_capspriv.h +@@ -35,6 +35,7 @@ struct _virQEMUCapsCache { + char *cacheDir; + uid_t runUid; + gid_t runGid; ++ unsigned int microcodeVersion; + }; + + virQEMUCapsPtr virQEMUCapsNewCopy(virQEMUCapsPtr qemuCaps); +@@ -46,6 +47,7 @@ virQEMUCapsNewForBinaryInternal(virCapsPtr caps, + const char *cacheDir, + uid_t runUid, + gid_t runGid, ++ unsigned int microcodeVersion, + bool qmpOnly); + + int virQEMUCapsLoadCache(virCapsPtr caps, +@@ -93,4 +95,8 @@ virCPUDefPtr + virQEMUCapsProbeHostCPUForEmulator(virCapsPtr caps, + virQEMUCapsPtr qemuCaps, + virDomainVirtType type); ++ ++void ++virQEMUCapsSetMicrocodeVersion(virQEMUCapsPtr qemuCaps, ++ unsigned int microcodeVersion); + #endif +diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c +index 498f787ad3..0943d222b4 100644 +--- a/src/qemu/qemu_driver.c ++++ b/src/qemu/qemu_driver.c +@@ -628,6 +628,8 @@ qemuStateInitialize(bool privileged, + gid_t run_gid = -1; + char *hugepagePath = NULL; + size_t i; ++ virCPUDefPtr hostCPU = NULL; ++ unsigned int microcodeVersion = 0; + + if (VIR_ALLOC(qemu_driver) < 0) + return -1; +@@ -847,10 +849,15 @@ qemuStateInitialize(bool privileged, + run_gid = cfg->group; + } + ++ if ((hostCPU = virCPUProbeHost(virArchFromHost()))) ++ microcodeVersion = hostCPU->microcodeVersion; ++ virCPUDefFree(hostCPU); ++ + qemu_driver->qemuCapsCache = virQEMUCapsCacheNew(cfg->libDir, + cfg->cacheDir, + run_uid, +- run_gid); ++ run_gid, ++ microcodeVersion); + if (!qemu_driver->qemuCapsCache) + goto error; + +diff --git a/tests/qemucapabilitiesdata/caps_1.2.2.x86_64.xml b/tests/qemucapabilitiesdata/caps_1.2.2.x86_64.xml +index 5ad406ce1b..12d5873251 100644 +--- a/tests/qemucapabilitiesdata/caps_1.2.2.x86_64.xml ++++ b/tests/qemucapabilitiesdata/caps_1.2.2.x86_64.xml +@@ -112,6 +112,7 @@ + + 1002002 + 0 ++ 26900 + + x86_64 + +diff --git a/tests/qemucapabilitiesdata/caps_1.3.1.x86_64.xml b/tests/qemucapabilitiesdata/caps_1.3.1.x86_64.xml +index 4ec731d655..8bfbf79a74 100644 +--- a/tests/qemucapabilitiesdata/caps_1.3.1.x86_64.xml ++++ b/tests/qemucapabilitiesdata/caps_1.3.1.x86_64.xml +@@ -130,6 +130,7 @@ + + 1003001 + 0 ++ 30198 + + x86_64 + +diff --git a/tests/qemucapabilitiesdata/caps_1.4.2.x86_64.xml b/tests/qemucapabilitiesdata/caps_1.4.2.x86_64.xml +index 601c62e65a..19925d0f29 100644 +--- a/tests/qemucapabilitiesdata/caps_1.4.2.x86_64.xml ++++ b/tests/qemucapabilitiesdata/caps_1.4.2.x86_64.xml +@@ -131,6 +131,7 @@ + + 1004002 + 0 ++ 30915 + + x86_64 + +diff --git a/tests/qemucapabilitiesdata/caps_1.5.3.x86_64.xml b/tests/qemucapabilitiesdata/caps_1.5.3.x86_64.xml +index 14f34b2771..df3c2d87b6 100644 +--- a/tests/qemucapabilitiesdata/caps_1.5.3.x86_64.xml ++++ b/tests/qemucapabilitiesdata/caps_1.5.3.x86_64.xml +@@ -143,6 +143,7 @@ + + 1005003 + 0 ++ 47019 + + x86_64 + +diff --git a/tests/qemucapabilitiesdata/caps_1.6.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_1.6.0.x86_64.xml +index 8fc23d6aad..889cd96dde 100644 +--- a/tests/qemucapabilitiesdata/caps_1.6.0.x86_64.xml ++++ b/tests/qemucapabilitiesdata/caps_1.6.0.x86_64.xml +@@ -148,6 +148,7 @@ + + 1006000 + 0 ++ 45248 + + x86_64 + +diff --git a/tests/qemucapabilitiesdata/caps_1.7.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_1.7.0.x86_64.xml +index 47c8956b44..426fcfc139 100644 +--- a/tests/qemucapabilitiesdata/caps_1.7.0.x86_64.xml ++++ b/tests/qemucapabilitiesdata/caps_1.7.0.x86_64.xml +@@ -150,6 +150,7 @@ + + 1007000 + 0 ++ 50692 + + x86_64 + +diff --git a/tests/qemucapabilitiesdata/caps_2.1.1.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.1.1.x86_64.xml +index afe7d53ff4..82737b2a7f 100644 +--- a/tests/qemucapabilitiesdata/caps_2.1.1.x86_64.xml ++++ b/tests/qemucapabilitiesdata/caps_2.1.1.x86_64.xml +@@ -166,6 +166,7 @@ + + 2001001 + 0 ++ 59488 + + x86_64 + +diff --git a/tests/qemucapabilitiesdata/caps_2.4.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.4.0.x86_64.xml +index 5bdc1a2bdd..dca3452861 100644 +--- a/tests/qemucapabilitiesdata/caps_2.4.0.x86_64.xml ++++ b/tests/qemucapabilitiesdata/caps_2.4.0.x86_64.xml +@@ -188,6 +188,7 @@ + + 2004000 + 0 ++ 75653 + + x86_64 + +diff --git a/tests/qemucapabilitiesdata/caps_2.5.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.5.0.x86_64.xml +index 36bc1342bb..03bc558c18 100644 +--- a/tests/qemucapabilitiesdata/caps_2.5.0.x86_64.xml ++++ b/tests/qemucapabilitiesdata/caps_2.5.0.x86_64.xml +@@ -194,6 +194,7 @@ + + 2005000 + 0 ++ 216775 + + x86_64 + +diff --git a/tests/qemucapabilitiesdata/caps_2.6.0-gicv2.aarch64.xml b/tests/qemucapabilitiesdata/caps_2.6.0-gicv2.aarch64.xml +index 33bc462084..c78719c778 100644 +--- a/tests/qemucapabilitiesdata/caps_2.6.0-gicv2.aarch64.xml ++++ b/tests/qemucapabilitiesdata/caps_2.6.0-gicv2.aarch64.xml +@@ -172,6 +172,7 @@ + + 2006000 + 0 ++ 228838 + + aarch64 + +diff --git a/tests/qemucapabilitiesdata/caps_2.6.0-gicv3.aarch64.xml b/tests/qemucapabilitiesdata/caps_2.6.0-gicv3.aarch64.xml +index a8ce6b03b1..314b9407c0 100644 +--- a/tests/qemucapabilitiesdata/caps_2.6.0-gicv3.aarch64.xml ++++ b/tests/qemucapabilitiesdata/caps_2.6.0-gicv3.aarch64.xml +@@ -172,6 +172,7 @@ + + 2006000 + 0 ++ 228838 + + aarch64 + +diff --git a/tests/qemucapabilitiesdata/caps_2.6.0.ppc64le.xml b/tests/qemucapabilitiesdata/caps_2.6.0.ppc64le.xml +index 425992f0d5..f09d0f74d1 100644 +--- a/tests/qemucapabilitiesdata/caps_2.6.0.ppc64le.xml ++++ b/tests/qemucapabilitiesdata/caps_2.6.0.ppc64le.xml +@@ -166,6 +166,7 @@ + + 2006000 + 0 ++ 262913 + + ppc64 + +diff --git a/tests/qemucapabilitiesdata/caps_2.6.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.6.0.x86_64.xml +index 97e71ec4f4..4dadf178bd 100644 +--- a/tests/qemucapabilitiesdata/caps_2.6.0.x86_64.xml ++++ b/tests/qemucapabilitiesdata/caps_2.6.0.x86_64.xml +@@ -204,6 +204,7 @@ + + 2006000 + 0 ++ 227579 + + x86_64 + +diff --git a/tests/qemucapabilitiesdata/caps_2.7.0.s390x.xml b/tests/qemucapabilitiesdata/caps_2.7.0.s390x.xml +index 70cce64179..75d77ccd13 100644 +--- a/tests/qemucapabilitiesdata/caps_2.7.0.s390x.xml ++++ b/tests/qemucapabilitiesdata/caps_2.7.0.s390x.xml +@@ -134,6 +134,7 @@ + + 2007000 + 0 ++ 217559 + + s390x + +diff --git a/tests/qemucapabilitiesdata/caps_2.7.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.7.0.x86_64.xml +index 49c046212b..b9531ad2d2 100644 +--- a/tests/qemucapabilitiesdata/caps_2.7.0.x86_64.xml ++++ b/tests/qemucapabilitiesdata/caps_2.7.0.x86_64.xml +@@ -207,6 +207,7 @@ + + 2007000 + 0 ++ 239276 + (v2.7.0) + x86_64 + +diff --git a/tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml b/tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml +index 51be9bce4d..a707d76bc3 100644 +--- a/tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml ++++ b/tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml +@@ -136,6 +136,7 @@ + + 2007093 + 0 ++ 242460 + + s390x + +diff --git a/tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml +index 01edbc88da..d3bce6b15c 100644 +--- a/tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml ++++ b/tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml +@@ -209,6 +209,7 @@ + + 2008000 + 0 ++ 255931 + (v2.8.0) + x86_64 + +diff --git a/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml +index 2140eab398..34dd9353d8 100644 +--- a/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml ++++ b/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml +@@ -219,6 +219,7 @@ + + 2008090 + 0 ++ 317985 + (v2.9.0-rc0-142-g940a8ce) + x86_64 + +diff --git a/tests/qemucapabilitiestest.c b/tests/qemucapabilitiestest.c +index 2918ff4695..c817478e49 100644 +--- a/tests/qemucapabilitiestest.c ++++ b/tests/qemucapabilitiestest.c +@@ -61,10 +61,16 @@ testQemuCaps(const void *opaque) + qemuMonitorTestGetMonitor(mon)) < 0) + goto cleanup; + +- if (virQEMUCapsGet(capsActual, QEMU_CAPS_KVM) && +- virQEMUCapsInitQMPMonitorTCG(capsActual, +- qemuMonitorTestGetMonitor(mon)) < 0) +- goto cleanup; ++ if (virQEMUCapsGet(capsActual, QEMU_CAPS_KVM)) { ++ if (virQEMUCapsInitQMPMonitorTCG(capsActual, ++ qemuMonitorTestGetMonitor(mon)) < 0) ++ goto cleanup; ++ ++ /* Fill microcodeVersion with a "random" value which is the file ++ * length to provide a reproducible number for testing. ++ */ ++ virQEMUCapsSetMicrocodeVersion(capsActual, virFileLength(repliesFile, -1)); ++ } + + if (!(actual = virQEMUCapsFormatCache(capsActual, 0, 0))) + goto cleanup; +diff --git a/tests/qemucapsprobe.c b/tests/qemucapsprobe.c +index 561c5d7c14..03bf81d3bd 100644 +--- a/tests/qemucapsprobe.c ++++ b/tests/qemucapsprobe.c +@@ -71,7 +71,7 @@ main(int argc, char **argv) + return EXIT_FAILURE; + + if (!(caps = virQEMUCapsNewForBinaryInternal(NULL, argv[1], "/tmp", NULL, +- -1, -1, true))) ++ -1, -1, 0, true))) + return EXIT_FAILURE; + + virObjectUnref(caps); +diff --git a/tests/testutilsqemu.c b/tests/testutilsqemu.c +index 4cc482dfb0..e0fb97fba1 100644 +--- a/tests/testutilsqemu.c ++++ b/tests/testutilsqemu.c +@@ -600,7 +600,7 @@ int qemuTestDriverInit(virQEMUDriver *driver) + + /* Using /dev/null for libDir and cacheDir automatically produces errors + * upon attempt to use any of them */ +- driver->qemuCapsCache = virQEMUCapsCacheNew("/dev/null", "/dev/null", 0, 0); ++ driver->qemuCapsCache = virQEMUCapsCacheNew("/dev/null", "/dev/null", 0, 0, 0); + if (!driver->qemuCapsCache) + goto error; + +-- +2.15.1 + diff --git a/SOURCES/libvirt-util-add-virFileReadHeaderQuiet-wrapper-around-virFileReadHeaderFD.patch b/SOURCES/libvirt-util-add-virFileReadHeaderQuiet-wrapper-around-virFileReadHeaderFD.patch new file mode 100644 index 0000000..038c84a --- /dev/null +++ b/SOURCES/libvirt-util-add-virFileReadHeaderQuiet-wrapper-around-virFileReadHeaderFD.patch @@ -0,0 +1,75 @@ +From da15d67c5cf0b6c0c1974d8ca251dbeec3d6a964 Mon Sep 17 00:00:00 2001 +Message-Id: +From: Paolo Bonzini +Date: Tue, 12 Dec 2017 16:23:40 +0100 +Subject: [PATCH] util: add virFileReadHeaderQuiet wrapper around + virFileReadHeaderFD + +CVE-2017-5715 + +Signed-off-by: Paolo Bonzini +Signed-off-by: Jiri Denemark +--- + src/libvirt_private.syms | 1 + + src/util/virfile.c | 19 +++++++++++++++++++ + src/util/virfile.h | 2 ++ + 3 files changed, 22 insertions(+) + +diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms +index 62ebb8180e..0c972d1861 100644 +--- a/src/libvirt_private.syms ++++ b/src/libvirt_private.syms +@@ -1646,6 +1646,7 @@ virFileReadAll; + virFileReadAllQuiet; + virFileReadBufQuiet; + virFileReadHeaderFD; ++virFileReadHeaderQuiet; + virFileReadLimFD; + virFileReadLink; + virFileReadValueBitmap; +diff --git a/src/util/virfile.c b/src/util/virfile.c +index a91c2c3495..51d1f5ce66 100644 +--- a/src/util/virfile.c ++++ b/src/util/virfile.c +@@ -1356,6 +1356,25 @@ virFileReadHeaderFD(int fd, int maxlen, char **buf) + } + + ++int ++virFileReadHeaderQuiet(const char *path, ++ int maxlen, ++ char **buf) ++{ ++ int fd; ++ int len; ++ ++ fd = open(path, O_RDONLY); ++ if (fd < 0) ++ return -1; ++ ++ len = virFileReadHeaderFD(fd, maxlen, buf); ++ VIR_FORCE_CLOSE(fd); ++ ++ return len; ++} ++ ++ + /* A wrapper around saferead_lim that maps a failure due to + exceeding the maximum size limitation to EOVERFLOW. */ + int +diff --git a/src/util/virfile.h b/src/util/virfile.h +index ba1c57c06a..38cc23ecaa 100644 +--- a/src/util/virfile.h ++++ b/src/util/virfile.h +@@ -129,6 +129,8 @@ int virFileDeleteTree(const char *dir); + + int virFileReadHeaderFD(int fd, int maxlen, char **buf) + ATTRIBUTE_RETURN_CHECK ATTRIBUTE_NONNULL(3); ++int virFileReadHeaderQuiet(const char *path, int maxlen, char **buf) ++ ATTRIBUTE_RETURN_CHECK ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(3); + int virFileReadLimFD(int fd, int maxlen, char **buf) + ATTRIBUTE_RETURN_CHECK ATTRIBUTE_NONNULL(3); + int virFileReadAll(const char *path, int maxlen, char **buf) +-- +2.15.1 + diff --git a/SOURCES/libvirt-util-introduce-virHostCPUGetMicrocodeVersion.patch b/SOURCES/libvirt-util-introduce-virHostCPUGetMicrocodeVersion.patch new file mode 100644 index 0000000..e20bc64 --- /dev/null +++ b/SOURCES/libvirt-util-introduce-virHostCPUGetMicrocodeVersion.patch @@ -0,0 +1,98 @@ +From 7de4d78e69462ddea11864732e5cd38290a94016 Mon Sep 17 00:00:00 2001 +Message-Id: <7de4d78e69462ddea11864732e5cd38290a94016@dist-git> +From: Paolo Bonzini +Date: Tue, 12 Dec 2017 16:23:41 +0100 +Subject: [PATCH] util: introduce virHostCPUGetMicrocodeVersion + +This new API reads host's CPU microcode version from /proc/cpuinfo. + +Unfortunately, there is no other way of reading microcode version which +would be usable from both system and session daemon. + +CVE-2017-5715 + +Signed-off-by: Paolo Bonzini +Signed-off-by: Jiri Denemark +--- + src/libvirt_private.syms | 1 + + src/util/virhostcpu.c | 43 +++++++++++++++++++++++++++++++++++++++++++ + src/util/virhostcpu.h | 2 ++ + 3 files changed, 46 insertions(+) + +diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms +index 0c972d1861..c50b6c2f77 100644 +--- a/src/libvirt_private.syms ++++ b/src/libvirt_private.syms +@@ -1739,6 +1739,7 @@ virHostCPUGetCount; + virHostCPUGetInfo; + virHostCPUGetKVMMaxVCPUs; + virHostCPUGetMap; ++virHostCPUGetMicrocodeVersion; + virHostCPUGetOnline; + virHostCPUGetOnlineBitmap; + virHostCPUGetPresentBitmap; +diff --git a/src/util/virhostcpu.c b/src/util/virhostcpu.c +index 67daace890..8135365d08 100644 +--- a/src/util/virhostcpu.c ++++ b/src/util/virhostcpu.c +@@ -1199,3 +1199,46 @@ virHostCPUGetKVMMaxVCPUs(void) + return -1; + } + #endif /* HAVE_LINUX_KVM_H */ ++ ++ ++#ifdef __linux__ ++ ++unsigned int ++virHostCPUGetMicrocodeVersion(void) ++{ ++ char *outbuf = NULL; ++ char *cur; ++ unsigned int version = 0; ++ ++ if (virFileReadHeaderQuiet(CPUINFO_PATH, 4096, &outbuf) < 0) { ++ char ebuf[1024]; ++ VIR_DEBUG("Failed to read microcode version from %s: %s", ++ CPUINFO_PATH, virStrerror(errno, ebuf, sizeof(ebuf))); ++ return 0; ++ } ++ ++ /* Account for format 'microcode : XXXX'*/ ++ if (!(cur = strstr(outbuf, "microcode")) || ++ !(cur = strchr(cur, ':'))) ++ goto cleanup; ++ cur++; ++ ++ /* Linux places the microcode revision in a 32-bit integer, so ++ * ui is fine for us too. */ ++ if (virStrToLong_ui(cur, &cur, 0, &version) < 0) ++ goto cleanup; ++ ++ cleanup: ++ VIR_FREE(outbuf); ++ return version; ++} ++ ++#else ++ ++unsigned int ++virHostCPUGetMicrocodeVersion(void) ++{ ++ return 0; ++} ++ ++#endif +diff --git a/src/util/virhostcpu.h b/src/util/virhostcpu.h +index e9c22eecc9..7d77392454 100644 +--- a/src/util/virhostcpu.h ++++ b/src/util/virhostcpu.h +@@ -66,4 +66,6 @@ virBitmapPtr virHostCPUGetSiblingsList(unsigned int cpu); + + int virHostCPUGetOnline(unsigned int cpu, bool *online); + ++unsigned int virHostCPUGetMicrocodeVersion(void); ++ + #endif /* __VIR_HOSTCPU_H__*/ +-- +2.15.1 + diff --git a/SPECS/libvirt.spec b/SPECS/libvirt.spec index 722b4c6..128b841 100644 --- a/SPECS/libvirt.spec +++ b/SPECS/libvirt.spec @@ -228,7 +228,7 @@ Summary: Library providing a simple virtualization API Name: libvirt Version: 3.2.0 -Release: 14%{?dist}.5%{?extra_release} +Release: 14%{?dist}.7%{?extra_release} License: LGPLv2+ Group: Development/Libraries BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root @@ -491,6 +491,13 @@ Patch248: libvirt-qemu-Fix-CPU-model-broken-by-older-libvirt.patch Patch249: libvirt-qemu-block-commit-Don-t-overwrite-error-when-rolling-back-disk-labels.patch Patch250: libvirt-qemu-block-commit-Determine-relative-path-of-images-before-initializing.patch Patch251: libvirt-qemu-domain-Don-t-call-namespace-setup-for-storage-already-accessed-by-vm.patch +Patch252: libvirt-util-add-virFileReadHeaderQuiet-wrapper-around-virFileReadHeaderFD.patch +Patch253: libvirt-util-introduce-virHostCPUGetMicrocodeVersion.patch +Patch254: libvirt-cpu_x86-Rename-virCPUx86MapInitialize.patch +Patch255: libvirt-conf-include-x86-microcode-version-in-virsh-capabiltiies.patch +Patch256: libvirt-qemu-capabilities-force-update-if-the-microcode-version-does-not-match.patch +Patch257: libvirt-cpu-add-CPU-features-and-model-for-indirect-branch-prediction-protection.patch +Patch258: libvirt-qemu-Properly-store-microcode-version-in-QEMU-caps-cache.patch Requires: libvirt-daemon = %{version}-%{release} Requires: libvirt-daemon-config-network = %{version}-%{release} @@ -2339,6 +2346,17 @@ exit 0 %changelog +* Tue Dec 19 2017 Jiri Denemark - 3.2.0-14.el7_4.7 +- qemu: Properly store microcode version in QEMU caps cache (CVE-2017-5715) + +* Thu Dec 14 2017 Jiri Denemark - 3.2.0-14.el7_4.6 +- util: add virFileReadHeaderQuiet wrapper around virFileReadHeaderFD (CVE-2017-5715) +- util: introduce virHostCPUGetMicrocodeVersion (CVE-2017-5715) +- cpu_x86: Rename virCPUx86MapInitialize (CVE-2017-5715) +- conf: include x86 microcode version in virsh capabiltiies (CVE-2017-5715) +- qemu: capabilities: force update if the microcode version does not match (CVE-2017-5715) +- cpu: add CPU features and model for indirect branch prediction protection (CVE-2017-5715) + * Fri Dec 1 2017 Jiri Denemark - 3.2.0-14.el7_4.5 - qemu: block commit: Don't overwrite error when rolling back disk labels (rhbz#1516717) - qemu: block commit: Determine relative path of images before initializing (rhbz#1516717)