pool/libvirt
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
20551e5e18
libvirt/1dbca2ec-CVE-2018-3639.patch

28 lines
1022 B
Diff
Raw Normal View History

Accepting request 611362 from home:jfehlig:branches:Virtualization - cpu: add support for 'ssbd' and 'virt-ssbd' CPUID feature bits CVE-2018-3639 1dbca2ec-CVE-2018-3639.patch, 92673422-CVE-2018-3639.patch bsc#1092885 OBS-URL: https://build.opensuse.org/request/show/611362 OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=689
2018-05-22 19:05:48 +02:00
commit 1dbca2eccad58d91a5fd33962854f1a653638182
Author: Daniel P. Berrangé <berrange@redhat.com>
Date: Mon May 21 23:05:07 2018 +0100
cpu: define the 'ssbd' CPUID feature bit (CVE-2018-3639)
New microcode introduces the "Speculative Store Bypass Disable"
CPUID feature bit. This needs to be exposed to guest OS to allow
them to protect against CVE-2018-3639.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Index: libvirt-4.3.0/src/cpu/cpu_map.xml
===================================================================
--- libvirt-4.3.0.orig/src/cpu/cpu_map.xml
+++ libvirt-4.3.0/src/cpu/cpu_map.xml
@@ -298,6 +298,9 @@
<feature name='spec-ctrl'>
<cpuid eax_in='0x07' ecx_in='0x00' edx='0x04000000'/>
</feature>
+ <feature name='ssbd'>
+ <cpuid eax_in='0x07' ecx_in='0x00' edx='0x80000000'/>
+ </feature>
<!-- Processor Extended State Enumeration sub leaf 1 -->
<feature name='xsaveopt'>
Reference in New Issue Copy Permalink