File libvirt-conf-include-x86-microcode-version-in-virsh-capabiltiies.patch of Package libvirt.11695

From 8938484e8362f60ac2b890193d0f624a149bdf1b Mon Sep 17 00:00:00 2001
Message-Id: <8938484e8362f60ac2b890193d0f624a149bdf1b@dist-git>
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Tue, 12 Dec 2017 16:23:40 +0100
Subject: [PATCH] conf: include x86 microcode version in virsh capabiltiies

A microcode update can cause the CPUID bits to change; an example
from the past was the update that disabled TSX on several Haswell and
Broadwell machines.

In order to track the x86 microcode version in the QEMU capabilities,
we have to fetch it and store it in the host CPU.  This also makes the
version visible in "virsh capabilities", which is a nice side effect.

CVE-2017-5715

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>

Conflicts:
	src/conf/capabilities.h
	src/libvirt_private.syms
            - context

	src/conf/cpu_conf.c
            - no virCPUDefStealModel API in 7.3

	src/cpu/cpu_x86.c
            - CPU driver was heavily refactored since 7.3; the code had
              to be moved to the caller of cpuNodeData

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
 src/conf/capabilities.c      | 12 ++++++++++++
 src/conf/capabilities.h      |  2 ++
 src/conf/cpu_conf.c          | 13 +++++++++++++
 src/conf/cpu_conf.h          |  1 +
 src/libvirt_private.syms     |  1 +
 src/qemu/qemu_capabilities.c | 13 ++++++++++++-
 tests/testutilsqemu.c        |  2 ++
 7 files changed, 43 insertions(+), 1 deletion(-)

Index: libvirt-1.2.5/src/conf/capabilities.c
===================================================================
--- libvirt-1.2.5.orig/src/conf/capabilities.c
+++ libvirt-1.2.5/src/conf/capabilities.c
@@ -310,6 +310,18 @@ virCapabilitiesAddHostNUMACell(virCapsPt
 
 
 /**
+ * virCapabilitiesGetMicrocodeVersion:
+ * @caps: capabilities to access
+ *
+ * Get host CPU microcode version, or 0 if unavailable
+ */
+unsigned int
+virCapabilitiesGetMicrocodeVersion(virCapsPtr caps)
+{
+    return caps->host.cpu ? caps->host.cpu->microcodeVersion : 0;
+}
+
+/**
  * virCapabilitiesSetHostCPU:
  * @caps: capabilities to extend
  * @cpu: CPU definition
Index: libvirt-1.2.5/src/conf/capabilities.h
===================================================================
--- libvirt-1.2.5.orig/src/conf/capabilities.h
+++ libvirt-1.2.5/src/conf/capabilities.h
@@ -274,4 +274,6 @@ virCapabilitiesFormatXML(virCapsPtr caps
 virBitmapPtr virCapabilitiesGetCpusForNodemask(virCapsPtr caps,
                                                virBitmapPtr nodemask);
 
+unsigned int virCapabilitiesGetMicrocodeVersion(virCapsPtr caps);
+
 #endif /* __VIR_CAPABILITIES_H */
Index: libvirt-1.2.5/src/conf/cpu_conf.c
===================================================================
--- libvirt-1.2.5.orig/src/conf/cpu_conf.c
+++ libvirt-1.2.5/src/conf/cpu_conf.c
@@ -104,6 +104,7 @@ virCPUDefCopyModel(virCPUDefPtr dst,
         VIR_STRDUP(dst->vendor_id, src->vendor_id) < 0 ||
         VIR_ALLOC_N(dst->features, src->nfeatures) < 0)
         return -1;
+    dst->microcodeVersion = src->microcodeVersion;
     dst->nfeatures_max = dst->nfeatures = src->nfeatures;
 
     for (i = 0; i < dst->nfeatures; i++) {
@@ -271,6 +272,14 @@ virCPUDefParseXML(xmlNodePtr node,
             goto error;
         }
         VIR_FREE(arch);
+
+        if (virXPathBoolean("boolean(./microcode[1]/@version)", ctxt) > 0 &&
+            virXPathUInt("string(./microcode[1]/@version)", ctxt,
+                         &def->microcodeVersion) < 0) {
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                           _("invalid microcode version"));
+            goto cleanup;
+        }
     }
 
     if (!(def->model = virXPathString("string(./model[1])", ctxt)) &&
@@ -607,6 +616,10 @@ virCPUDefFormatBuf(virBufferPtr buf,
     if (formatModel && def->vendor)
         virBufferAsprintf(buf, "<vendor>%s</vendor>\n", def->vendor);
 
+    if (def->type == VIR_CPU_TYPE_HOST && def->microcodeVersion)
+        virBufferAsprintf(buf, "<microcode version='%u'/>\n",
+                          def->microcodeVersion);
+
     if (def->sockets && def->cores && def->threads) {
         virBufferAddLit(buf, "<topology");
         virBufferAsprintf(buf, " sockets='%u'", def->sockets);
Index: libvirt-1.2.5/src/conf/cpu_conf.h
===================================================================
--- libvirt-1.2.5.orig/src/conf/cpu_conf.h
+++ libvirt-1.2.5/src/conf/cpu_conf.h
@@ -110,6 +110,7 @@ struct _virCPUDef {
     char *vendor_id;    /* vendor id returned by CPUID in the guest */
     int fallback;       /* enum virCPUFallback */
     char *vendor;
+    unsigned int microcodeVersion;
     unsigned int sockets;
     unsigned int cores;
     unsigned int threads;
Index: libvirt-1.2.5/src/libvirt_private.syms
===================================================================
--- libvirt-1.2.5.orig/src/libvirt_private.syms
+++ libvirt-1.2.5/src/libvirt_private.syms
@@ -58,6 +58,7 @@ virCapabilitiesFormatXML;
 virCapabilitiesFreeMachines;
 virCapabilitiesFreeNUMAInfo;
 virCapabilitiesGetCpusForNodemask;
+virCapabilitiesGetMicrocodeVersion;
 virCapabilitiesHostSecModelAddBaseLabel;
 virCapabilitiesNew;
 virCapabilitiesSetHostCPU;
Index: libvirt-1.2.5/src/qemu/qemu_capabilities.c
===================================================================
--- libvirt-1.2.5.orig/src/qemu/qemu_capabilities.c
+++ libvirt-1.2.5/src/qemu/qemu_capabilities.c
@@ -303,6 +303,8 @@ struct _virQEMUCapsCache {
 static virClassPtr virQEMUCapsClass;
 static void virQEMUCapsDispose(void *obj);
 
+static unsigned int cpuMicrocodeVersion;
+
 static int virQEMUCapsOnceInit(void)
 {
     if (!(virQEMUCapsClass = virClassNew(virClassForObject(),
@@ -311,6 +313,8 @@ static int virQEMUCapsOnceInit(void)
                                          virQEMUCapsDispose)))
         return -1;
 
+    cpuMicrocodeVersion = virHostCPUGetMicrocodeVersion();
+
     return 0;
 }
 
@@ -889,6 +893,9 @@ virQEMUCapsInitCPU(virCapsPtr caps,
     virNodeInfo nodeinfo;
     int ret = -1;
 
+    if (virQEMUCapsInitialize() < 0)
+        goto error;
+
     if (VIR_ALLOC(cpu) < 0)
         goto error;
 
@@ -907,6 +914,9 @@ virQEMUCapsInitCPU(virCapsPtr caps,
         || cpuDecode(cpu, data, NULL, 0, NULL) < 0)
         goto cleanup;
 
+    if (ARCH_IS_X86(arch))
+        cpu->microcodeVersion = cpuMicrocodeVersion;
+
     ret = 0;
 
  cleanup:
@@ -2748,7 +2758,8 @@ virQEMUCapsReset(virQEMUCapsPtr qemuCaps
 
 
 static int
-virQEMUCapsInitCached(virQEMUCapsPtr qemuCaps, const char *cacheDir)
+virQEMUCapsInitCached(virQEMUCapsPtr qemuCaps,
+                      const char *cacheDir)
 {
     char *capsdir = NULL;
     char *capsfile = NULL;
Index: libvirt-1.2.5/tests/testutilsqemu.c
===================================================================
--- libvirt-1.2.5.orig/tests/testutilsqemu.c
+++ libvirt-1.2.5/tests/testutilsqemu.c
@@ -236,6 +236,7 @@ virCapsPtr testQemuCapsInit(void)
         NULL,                   /* vendor_id */
         0,                      /* fallback */
         (char *) "Intel",       /* vendor */
+        0,                      /* microcodeVersion */
         1,                      /* sockets */
         2,                      /* cores */
         1,                      /* threads */