Overview

File libvirt-conf-include-x86-microcode-version-in-virsh-capabiltiies.patch of Package libvirt.7551

From 8938484e8362f60ac2b890193d0f624a149bdf1b Mon Sep 17 00:00:00 2001
Message-Id: <8938484e8362f60ac2b890193d0f624a149bdf1b@dist-git>
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Tue, 12 Dec 2017 16:23:40 +0100
Subject: [PATCH] conf: include x86 microcode version in virsh capabiltiies

A microcode update can cause the CPUID bits to change; an example
from the past was the update that disabled TSX on several Haswell and
Broadwell machines.

In order to track the x86 microcode version in the QEMU capabilities,
we have to fetch it and store it in the host CPU.  This also makes the
version visible in "virsh capabilities", which is a nice side effect.

CVE-2017-5715

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>

Conflicts:
	src/conf/capabilities.h
	src/libvirt_private.syms
            - context

	src/conf/cpu_conf.c
            - no virCPUDefStealModel API in 7.3

	src/cpu/cpu_x86.c
            - CPU driver was heavily refactored since 7.3; the code had
              to be moved to the caller of cpuNodeData

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
 src/conf/capabilities.c      | 12 ++++++++++++
 src/conf/capabilities.h      |  2 ++
 src/conf/cpu_conf.c          | 13 +++++++++++++
 src/conf/cpu_conf.h          |  1 +
 src/libvirt_private.syms     |  1 +
 src/qemu/qemu_capabilities.c | 13 ++++++++++++-
 tests/testutilsqemu.c        |  2 ++
 7 files changed, 43 insertions(+), 1 deletion(-)

diff --git a/src/conf/capabilities.c b/src/conf/capabilities.c
index 9ab343bc65..1631407d21 100644
--- a/src/conf/capabilities.c
+++ b/src/conf/capabilities.c
@@ -338,6 +338,18 @@ virCapabilitiesAddHostNUMACell(virCapsPtr caps,
 }
 
 
+/**
+ * virCapabilitiesGetMicrocodeVersion:
+ * @caps: capabilities to access
+ *
+ * Get host CPU microcode version, or 0 if unavailable
+ */
+unsigned int
+virCapabilitiesGetMicrocodeVersion(virCapsPtr caps)
+{
+    return caps->host.cpu ? caps->host.cpu->microcodeVersion : 0;
+}
+
 /**
  * virCapabilitiesSetHostCPU:
  * @caps: capabilities to extend
diff --git a/src/conf/capabilities.h b/src/conf/capabilities.h
index cfdc34a66b..e58b95974a 100644
--- a/src/conf/capabilities.h
+++ b/src/conf/capabilities.h
@@ -294,4 +294,6 @@ virCapabilitiesFormatXML(virCapsPtr caps);
 virBitmapPtr virCapabilitiesGetCpusForNodemask(virCapsPtr caps,
                                                virBitmapPtr nodemask);
 
+unsigned int virCapabilitiesGetMicrocodeVersion(virCapsPtr caps);
+
 #endif /* __VIR_CAPABILITIES_H */
diff --git a/src/conf/cpu_conf.c b/src/conf/cpu_conf.c
index d16864a9fd..90bd4db706 100644
--- a/src/conf/cpu_conf.c
+++ b/src/conf/cpu_conf.c
@@ -100,6 +100,7 @@ virCPUDefCopyModel(virCPUDefPtr dst,
         VIR_STRDUP(dst->vendor_id, src->vendor_id) < 0 ||
         VIR_ALLOC_N(dst->features, src->nfeatures) < 0)
         return -1;
+    dst->microcodeVersion = src->microcodeVersion;
     dst->nfeatures_max = dst->nfeatures = src->nfeatures;
 
     for (i = 0; i < dst->nfeatures; i++) {
@@ -254,6 +255,14 @@ virCPUDefParseXML(xmlNodePtr node,
             goto error;
         }
         VIR_FREE(arch);
+
+        if (virXPathBoolean("boolean(./microcode[1]/@version)", ctxt) > 0 &&
+            virXPathUInt("string(./microcode[1]/@version)", ctxt,
+                         &def->microcodeVersion) < 0) {
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                           _("invalid microcode version"));
+            goto cleanup;
+        }
     }
 
     if (!(def->model = virXPathString("string(./model[1])", ctxt)) &&
@@ -598,6 +607,10 @@ virCPUDefFormatBuf(virBufferPtr buf,
     if (formatModel && def->vendor)
         virBufferEscapeString(buf, "<vendor>%s</vendor>\n", def->vendor);
 
+    if (def->type == VIR_CPU_TYPE_HOST && def->microcodeVersion)
+        virBufferAsprintf(buf, "<microcode version='%u'/>\n",
+                          def->microcodeVersion);
+
     if (def->sockets && def->cores && def->threads) {
         virBufferAddLit(buf, "<topology");
         virBufferAsprintf(buf, " sockets='%u'", def->sockets);
diff --git a/src/conf/cpu_conf.h b/src/conf/cpu_conf.h
index 53541d15fe..7d27f6910e 100644
--- a/src/conf/cpu_conf.h
+++ b/src/conf/cpu_conf.h
@@ -121,6 +121,7 @@ struct _virCPUDef {
     char *vendor_id;    /* vendor id returned by CPUID in the guest */
     int fallback;       /* enum virCPUFallback */
     char *vendor;
+    unsigned int microcodeVersion;
     unsigned int sockets;
     unsigned int cores;
     unsigned int threads;
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 7bd6b81a5e..aac421ef02 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -56,6 +56,7 @@ virCapabilitiesFormatXML;
 virCapabilitiesFreeMachines;
 virCapabilitiesFreeNUMAInfo;
 virCapabilitiesGetCpusForNodemask;
+virCapabilitiesGetMicrocodeVersion;
 virCapabilitiesHostSecModelAddBaseLabel;
 virCapabilitiesNew;
 virCapabilitiesSetHostCPU;
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index e511b8e257..1b6d1e7e23 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -394,6 +394,8 @@ struct virQEMUCapsSearchData {
 static virClassPtr virQEMUCapsClass;
 static void virQEMUCapsDispose(void *obj);
 
+static unsigned int cpuMicrocodeVersion;
+
 static int virQEMUCapsOnceInit(void)
 {
     if (!(virQEMUCapsClass = virClassNew(virClassForObject(),
@@ -402,6 +404,8 @@ static int virQEMUCapsOnceInit(void)
                                          virQEMUCapsDispose)))
         return -1;
 
+    cpuMicrocodeVersion = virHostCPUGetMicrocodeVersion();
+
     return 0;
 }
 
@@ -1013,6 +1017,9 @@ virQEMUCapsInitCPU(virCapsPtr caps,
     virNodeInfo nodeinfo;
     int ret = -1;
 
+    if (virQEMUCapsInitialize() < 0)
+        goto error;
+
     if (VIR_ALLOC(cpu) < 0)
         goto error;
 
@@ -1031,6 +1038,9 @@ virQEMUCapsInitCPU(virCapsPtr caps,
         || cpuDecode(cpu, data, NULL, 0, NULL) < 0)
         goto cleanup;
 
+    if (ARCH_IS_X86(arch))
+        cpu->microcodeVersion = cpuMicrocodeVersion;
+
     ret = 0;
 
  cleanup:
@@ -3203,7 +3213,8 @@ virQEMUCapsReset(virQEMUCapsPtr qemuCaps)
 
 
 static int
-virQEMUCapsInitCached(virQEMUCapsPtr qemuCaps, const char *cacheDir)
+virQEMUCapsInitCached(virQEMUCapsPtr qemuCaps,
+                      const char *cacheDir)
 {
     char *capsdir = NULL;
     char *capsfile = NULL;
diff --git a/tests/testutilsqemu.c b/tests/testutilsqemu.c
index f41b0b692c..8f3fea7b33 100644
--- a/tests/testutilsqemu.c
+++ b/tests/testutilsqemu.c
@@ -41,6 +41,7 @@ static virCPUDef cpuDefaultData = {
     NULL,                   /* vendor_id */
     0,                      /* fallback */
     (char *) "Intel",       /* vendor */
+    0,                      /* microcodeVersion */
     1,                      /* sockets */
     2,                      /* cores */
     1,                      /* threads */
@@ -84,6 +85,7 @@ static virCPUDef cpuHaswellData = {
     NULL,                   /* vendor_id */
     0,                      /* fallback */
     (char *) "Intel",       /* vendor */
+    0,                      /* microcodeVersion */
     1,                      /* sockets */
     2,                      /* cores */
     2,                      /* threads */
-- 
2.15.1
openSUSE Build Service is sponsored by
Places