File libvirt-util-introduce-virHostCPUGetMicrocodeVersion.patch of Package libvirt.11695

From e1b4f285cc8c5e64bcbf5000095bac1e20ed1934 Mon Sep 17 00:00:00 2001
Message-Id: <e1b4f285cc8c5e64bcbf5000095bac1e20ed1934@dist-git>
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Tue, 12 Dec 2017 16:23:41 +0100
Subject: [PATCH] util: introduce virHostCPUGetMicrocodeVersion

This new API reads host's CPU microcode version from /proc/cpuinfo.

Unfortunately, there is no other way of reading microcode version which
would be usable from both system and session daemon.

CVE-2017-5715

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>

Conflicts:
	src/libvirt_private.syms
            - all other virHostCPU* APIs were wrongly exported in
              nodeinfo.h section

	src/util/virhostcpu.c
	src/util/virhostcpu.h
            - several APIs are missing in 7.3

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
 src/libvirt_private.syms |  4 ++++
 src/util/virhostcpu.c    | 43 +++++++++++++++++++++++++++++++++++++++++++
 src/util/virhostcpu.h    |  2 ++
 3 files changed, 49 insertions(+)

Index: libvirt-1.2.5/src/libvirt_private.syms
===================================================================
--- libvirt-1.2.5.orig/src/libvirt_private.syms
+++ libvirt-1.2.5/src/libvirt_private.syms
@@ -1356,6 +1356,10 @@ virHookInitialize;
 virHookPresent;
 
 
+# util/virhostcpu.h
+virHostCPUGetMicrocodeVersion;
+
+
 # util/virhostdev.h
 virHostdevManagerGetDefault;
 virHostdevPCINodeDeviceDetach;
Index: libvirt-1.2.5/src/nodeinfo.c
===================================================================
--- libvirt-1.2.5.orig/src/nodeinfo.c
+++ libvirt-1.2.5/src/nodeinfo.c
@@ -1880,3 +1880,44 @@ nodeGetFreeMemory(void)
 
     return freeMem;
 }
+
+
+#ifdef __linux__
+
+unsigned int
+virHostCPUGetMicrocodeVersion(void)
+{
+    char *outbuf = NULL;
+    char *cur;
+    unsigned int version = 0;
+
+    if (virFileReadHeaderQuiet(CPUINFO_PATH, 4096, &outbuf) < 0) {
+        char ebuf[1024];
+        return 0;
+    }
+
+    /* Account for format 'microcode    : XXXX'*/
+    if (!(cur = strstr(outbuf, "microcode")) ||
+        !(cur = strchr(cur, ':')))
+        goto cleanup;
+    cur++;
+
+    /* Linux places the microcode revision in a 32-bit integer, so
+     * ui is fine for us too.  */
+    if (virStrToLong_ui(cur, &cur, 0, &version) < 0)
+        goto cleanup;
+
+ cleanup:
+    VIR_FREE(outbuf);
+    return version;
+}
+
+#else
+
+unsigned int
+virHostCPUGetMicrocodeVersion(void)
+{
+    return 0;
+}
+
+#endif
Index: libvirt-1.2.5/src/nodeinfo.h
===================================================================
--- libvirt-1.2.5.orig/src/nodeinfo.h
+++ libvirt-1.2.5/src/nodeinfo.h
@@ -57,4 +57,6 @@ int nodeGetCPUMap(unsigned char **cpumap
                   unsigned int *online,
                   unsigned int flags);
 
+unsigned int virHostCPUGetMicrocodeVersion(void);
+
 #endif /* __VIR_NODEINFO_H__*/