From e3e7aa7c8ad6d687b9605b0da3b46ad0ef171157 Mon Sep 17 00:00:00 2001 Message-Id: From: Jiri Denemark Date: Tue, 19 Dec 2017 08:36:49 +0100 Subject: [PATCH] qemu: Properly store microcode version in QEMU caps cache This fixes a misplaced hunk in the backport of "qemu: capabilities: force update if the microcode version does not match". We need to make sure the microcode version is assigned to QEMU caps object before the caps get stored on a disk. Otherwise QEMU caps cached on a disk would always be considered invalid when libvirtd starts and tries to load them. CVE-2017-5715 Signed-off-by: Jiri Denemark --- src/qemu/qemu_capabilities.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 504e2c9587..8f9b1493a5 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -5210,6 +5210,9 @@ virQEMUCapsNewForBinaryInternal(virCapsPtr caps, goto error; } + if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_KVM)) + qemuCaps->microcodeVersion = microcodeVersion; + if (cacheDir && virQEMUCapsRememberCached(qemuCaps, cacheDir) < 0) goto error; @@ -5218,9 +5221,6 @@ virQEMUCapsNewForBinaryInternal(virCapsPtr caps, virQEMUCapsInitHostCPUModel(qemuCaps, caps, VIR_DOMAIN_VIRT_QEMU); } - if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_KVM)) - qemuCaps->microcodeVersion = microcodeVersion; - cleanup: VIR_FREE(qmperr); return qemuCaps; -- 2.15.1