File libvirt-cpu-define-the-ssbd-CPUID-feature-bit-CVE-2018-3639.patch of Package libvirt

From 01a642034ffe77f22044ea7707574daf81d5c9f7 Mon Sep 17 00:00:00 2001
Message-Id: <01a642034ffe77f22044ea7707574daf81d5c9f7@dist-git>
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Thu, 10 May 2018 09:06:09 +0200
Subject: [PATCH] cpu: define the 'ssbd' CPUID feature bit (CVE-2018-3639)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

New microcode introduces the "Speculative Store Bypass Disable"
CPUID feature bit. This needs to be exposed to guest OS to allow
them to protect against CVE-2018-3639.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
(cherry picked from commit 1dbca2eccad58d91a5fd33962854f1a653638182)

Conflicts:
	src/cpu/cpu_map.xml
            - stibp and arch-facilities features pushed for Spectre do
              not exist upstream
            - ecx_in does not exist in RHEL-6 and eax_in is called
              function

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
---
 src/cpu/cpu_map.xml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/cpu/cpu_map.xml b/src/cpu/cpu_map.xml
index 2f744b3c4e..d21989ceb7 100644
--- a/src/cpu/cpu_map.xml
+++ b/src/cpu/cpu_map.xml
@@ -197,6 +197,9 @@
     <feature name='arch-facilities'>
       <cpuid function='0x07' edx='0x20000000'/>
     </feature>
+    <feature name='ssbd'>
+      <cpuid function='0x07' edx='0x80000000'/>
+    </feature>
 
     <!-- extended features, EDX -->
     <feature name='syscall'> <!-- CPUID_EXT2_SYSCALL -->
-- 
2.17.0