Overview

File 1dbca2ec-CVE-2018-3639.patch of Package libvirt.16766

commit 1dbca2eccad58d91a5fd33962854f1a653638182
Author: Daniel P. Berrangé <berrange@redhat.com>
Date:   Mon May 21 23:05:07 2018 +0100

    cpu: define the 'ssbd' CPUID feature bit (CVE-2018-3639)
    
    New microcode introduces the "Speculative Store Bypass Disable"
    CPUID feature bit. This needs to be exposed to guest OS to allow
    them to protect against CVE-2018-3639.
    
    Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
    Reviewed-by: Jiri Denemark <jdenemar@redhat.com>

Index: libvirt-4.0.0/src/cpu/cpu_map.xml
===================================================================
--- libvirt-4.0.0.orig/src/cpu/cpu_map.xml
+++ libvirt-4.0.0/src/cpu/cpu_map.xml
@@ -295,6 +295,9 @@
     <feature name='spec-ctrl'>
       <cpuid eax_in='0x07' ecx_in='0x00' edx='0x04000000'/>
     </feature>
+    <feature name='ssbd'>
+      <cpuid eax_in='0x07' ecx_in='0x00' edx='0x80000000'/>
+    </feature>
 
     <!-- Processor Extended State Enumeration sub leaf 1 -->
     <feature name='xsaveopt'>
openSUSE Build Service is sponsored by
Places