commit libvirt for openSUSE:Factory
Hello community, here is the log from the commit of package libvirt for openSUSE:Factory checked in at 2019-05-21 10:35:42 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libvirt (Old) and /work/SRC/openSUSE:Factory/.libvirt.new.5148 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "libvirt" Tue May 21 10:35:42 2019 rev:282 rq:704323 version:5.3.0 Changes: -------- --- /work/SRC/openSUSE:Factory/libvirt/libvirt.changes 2019-05-10 09:10:45.291198871 +0200 +++ /work/SRC/openSUSE:Factory/.libvirt.new.5148/libvirt.changes 2019-05-21 10:35:52.331262918 +0200 @@ -1,0 +2,9 @@ +Mon May 20 21:50:28 UTC 2019 - James Fehlig <jfehlig@suse.com> + +- cpu_map: add cpu feature md-clear. CVE-2018-12126, + CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 + 5cd9db3a-cputest-add-data-E3-1225-v5.patch, + 538d8735-cpu_map-Define-md-clear-CPUID-bit.patch + bsc#1111331, bsc#1135273 + +------------------------------------------------------------------- New: ---- 538d8735-cpu_map-Define-md-clear-CPUID-bit.patch 5cd9db3a-cputest-add-data-E3-1225-v5.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libvirt.spec ++++++ --- /var/tmp/diff_new_pack.tKu1vu/_old 2019-05-21 10:35:54.051261801 +0200 +++ /var/tmp/diff_new_pack.tKu1vu/_new 2019-05-21 10:35:54.055261798 +0200 @@ -337,6 +337,8 @@ Source99: baselibs.conf Source100: %{name}-rpmlintrc # Upstream patches +Patch0: 5cd9db3a-cputest-add-data-E3-1225-v5.patch +Patch1: 538d8735-cpu_map-Define-md-clear-CPUID-bit.patch # Patches pending upstream review Patch100: libxl-dom-reset.patch Patch101: network-don-t-use-dhcp-authoritative-on-static-netwo.patch @@ -870,6 +872,8 @@ %prep %setup -q +%patch0 -p1 +%patch1 -p1 %patch100 -p1 %patch101 -p1 %patch150 -p1 ++++++ 538d8735-cpu_map-Define-md-clear-CPUID-bit.patch ++++++ commit 538d873571d7a682852dc1d70e5f4478f4d64e85 Author: Jiri Denemark <jdenemar@redhat.com> Date: Fri Apr 5 15:11:20 2019 +0200 cpu_map: Define md-clear CPUID bit CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 The bit is set when microcode provides the mechanism to invoke a flush of various exploitable CPU buffers by invoking the VERW instruction. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Jiri Denemark <jdenemar@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Index: libvirt-5.3.0/src/cpu_map/x86_features.xml =================================================================== --- libvirt-5.3.0.orig/src/cpu_map/x86_features.xml +++ libvirt-5.3.0/src/cpu_map/x86_features.xml @@ -320,6 +320,9 @@ <feature name='avx512-4fmaps'> <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000008'/> </feature> + <feature name='md-clear'> <!-- md_clear --> + <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000400'/> + </feature> <feature name='pconfig'> <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00040000'/> </feature> Index: libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml =================================================================== --- libvirt-5.3.0.orig/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml +++ libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml @@ -2,7 +2,7 @@ <cpudata arch='x86'> <cpuid eax_in='0x00000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0xf7fa3203' edx='0x0f8bfbff'/> <cpuid eax_in='0x00000006' ecx_in='0x00' eax='0x00000004' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> - <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x009c4fbb' ecx='0x00000000' edx='0x8c000000'/> + <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x009c4fbb' ecx='0x00000000' edx='0x8c000400'/> <cpuid eax_in='0x0000000d' ecx_in='0x01' eax='0x00000007' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> <cpuid eax_in='0x80000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000121' edx='0x2c100800'/> </cpudata> Index: libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml =================================================================== --- libvirt-5.3.0.orig/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml +++ libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml @@ -20,6 +20,7 @@ <feature policy='require' name='tsc_adjust'/> <feature policy='require' name='clflushopt'/> <feature policy='require' name='intel-pt'/> + <feature policy='require' name='md-clear'/> <feature policy='require' name='stibp'/> <feature policy='require' name='ssbd'/> <feature policy='require' name='xsaves'/> Index: libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml =================================================================== --- libvirt-5.3.0.orig/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml +++ libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml @@ -21,6 +21,7 @@ <feature name='tsc_adjust'/> <feature name='clflushopt'/> <feature name='intel-pt'/> + <feature name='md-clear'/> <feature name='stibp'/> <feature name='ssbd'/> <feature name='xsaves'/> Index: libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml =================================================================== --- libvirt-5.3.0.orig/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml +++ libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml @@ -5,6 +5,7 @@ <feature policy='require' name='hypervisor'/> <feature policy='require' name='tsc_adjust'/> <feature policy='require' name='clflushopt'/> + <feature policy='require' name='md-clear'/> <feature policy='require' name='stibp'/> <feature policy='require' name='ssbd'/> <feature policy='require' name='pdpe1gb'/> Index: libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-guest.xml =================================================================== --- libvirt-5.3.0.orig/tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-guest.xml +++ libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-guest.xml @@ -23,6 +23,7 @@ <feature policy='require' name='intel-pt'/> <feature policy='require' name='pku'/> <feature policy='require' name='ospke'/> + <feature policy='require' name='md-clear'/> <feature policy='require' name='stibp'/> <feature policy='require' name='arch-capabilities'/> <feature policy='require' name='xsaves'/> Index: libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-host.xml =================================================================== --- libvirt-5.3.0.orig/tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-host.xml +++ libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-host.xml @@ -24,6 +24,7 @@ <feature name='intel-pt'/> <feature name='pku'/> <feature name='ospke'/> + <feature name='md-clear'/> <feature name='stibp'/> <feature name='arch-capabilities'/> <feature name='xsaves'/> ++++++ 5cd9db3a-cputest-add-data-E3-1225-v5.patch ++++++ ++++ 847 lines (skipped)
participants (1)
-
root