summaryrefslogtreecommitdiffstats
path: root/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2018-12126_CVE-2018-12127_CVE-2018-12130_CVE-2019-11091_p2.patch
diff options
context:
space:
mode:
Diffstat (limited to 'external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2018-12126_CVE-2018-12127_CVE-2018-12130_CVE-2019-11091_p2.patch')
-rw-r--r--external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2018-12126_CVE-2018-12127_CVE-2018-12130_CVE-2019-11091_p2.patch116
1 files changed, 0 insertions, 116 deletions
diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2018-12126_CVE-2018-12127_CVE-2018-12130_CVE-2019-11091_p2.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2018-12126_CVE-2018-12127_CVE-2018-12130_CVE-2019-11091_p2.patch
deleted file mode 100644
index b39e8662..00000000
--- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2018-12126_CVE-2018-12127_CVE-2018-12130_CVE-2019-11091_p2.patch
+++ /dev/null
@@ -1,116 +0,0 @@
-From c811c618c114c4a6493ede602bdca22d33c1972a Mon Sep 17 00:00:00 2001
-From: Jiri Denemark <jdenemar@redhat.com>
-Date: Tue, 9 Apr 2019 12:35:52 +0200
-Subject: [PATCH 04/11] cpu_map: Define md-clear CPUID bit
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
-
-The bit is set when microcode provides the mechanism to invoke a flush
-of various exploitable CPU buffers by invoking the VERW instruction.
-
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
-Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
-Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
-(cherry picked from commit 538d873571d7a682852dc1d70e5f4478f4d64e85)
-
-Conflicts:
- src/cpu_map/x86_features.xml
- - missing pconfig feature
-
- tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-guest.xml
- tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-host.xml
- - test data missing downstream
-
- tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
- tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
- - intel-pt feature is missing
- - stibp feature is missing
-
-Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
-
-Upstream-Status: Backport
-
-CVE: CVE-2018-12126
-CVE: CVE-2018-12127
-CVE: CVE-2018-12130
-CVE: CVE-2019-11091
-
-Signed-off-by: Armin Kuster <akuster@mvista.com>
-
----
- src/cpu_map/x86_features.xml | 3 +++
- tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml | 2 +-
- tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml | 1 +
- tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml | 1 +
- tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml | 1 +
- 5 files changed, 7 insertions(+), 1 deletion(-)
-
-diff --git a/src/cpu_map/x86_features.xml b/src/cpu_map/x86_features.xml
-index 109c653..c8ae540 100644
---- a/src/cpu_map/x86_features.xml
-+++ b/src/cpu_map/x86_features.xml
-@@ -290,6 +290,9 @@
- <feature name='avx512-4fmaps'>
- <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000008'/>
- </feature>
-+ <feature name='md-clear'> <!-- md_clear -->
-+ <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000400'/>
-+ </feature>
- <feature name='spec-ctrl'>
- <cpuid eax_in='0x07' ecx_in='0x00' edx='0x04000000'/>
- </feature>
-diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml
-index 0deca9f..74763a4 100644
---- a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml
-+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml
-@@ -2,7 +2,7 @@
- <cpudata arch='x86'>
- <cpuid eax_in='0x00000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0xf7fa3203' edx='0x0f8bfbff'/>
- <cpuid eax_in='0x00000006' ecx_in='0x00' eax='0x00000004' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
-- <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x009c4fbb' ecx='0x00000000' edx='0x8c000000'/>
-+ <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x009c4fbb' ecx='0x00000000' edx='0x8c000400'/>
- <cpuid eax_in='0x0000000d' ecx_in='0x01' eax='0x00000007' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
- <cpuid eax_in='0x80000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000121' edx='0x2c100800'/>
- </cpudata>
-diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
-index 993db80..29c1fdb 100644
---- a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
-+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
-@@ -19,6 +19,7 @@
- <feature policy='require' name='osxsave'/>
- <feature policy='require' name='tsc_adjust'/>
- <feature policy='require' name='clflushopt'/>
-+ <feature policy='require' name='md-clear'/>
- <feature policy='require' name='ssbd'/>
- <feature policy='require' name='xsaves'/>
- <feature policy='require' name='pdpe1gb'/>
-diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
-index 074a39b..2003ca9 100644
---- a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
-+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
-@@ -20,6 +20,7 @@
- <feature name='osxsave'/>
- <feature name='tsc_adjust'/>
- <feature name='clflushopt'/>
-+ <feature name='md-clear'/>
- <feature name='ssbd'/>
- <feature name='xsaves'/>
- <feature name='pdpe1gb'/>
-diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml
-index 1984bd4..d6529c5 100644
---- a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml
-+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml
-@@ -5,6 +5,7 @@
- <feature policy='require' name='hypervisor'/>
- <feature policy='require' name='tsc_adjust'/>
- <feature policy='require' name='clflushopt'/>
-+ <feature policy='require' name='md-clear'/>
- <feature policy='require' name='ssbd'/>
- <feature policy='require' name='pdpe1gb'/>
- </cpu>
---
-2.7.4
-