File 538d8735-cpu_map-Define-md-clear-CPUID-bit.patch of Package libvirt.22293

commit 7bde733e906a9eb513448fd58201a333a1793811
Author: Jiri Denemark <jdenemar@redhat.com>
Date:   Fri Apr 5 15:11:20 2019 +0200

    cpu_map: Define md-clear CPUID bit
    
    CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
    
    The bit is set when microcode provides the mechanism to invoke a flush
    of various exploitable CPU buffers by invoking the VERW instruction.
    
    Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
    Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
    Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
    (cherry picked from commit 538d873571d7a682852dc1d70e5f4478f4d64e85)
    
    Conflicts:
            src/cpu_map/x86_features.xml
                - no CPU map split downstream
    
            tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-guest.xml
            tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-host.xml
                - test data missing downstream
    
            tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
            tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
                - intel-pt feature is missing downstream
    
    Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

Index: libvirt-4.0.0/src/cpu/cpu_map.xml
===================================================================
--- libvirt-4.0.0.orig/src/cpu/cpu_map.xml
+++ libvirt-4.0.0/src/cpu/cpu_map.xml
@@ -292,6 +292,9 @@
     <feature name='avx512-4fmaps'>
       <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000008'/>
     </feature>
+    <feature name='md-clear'> <!-- md_clear -->
+      <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000400'/>
+    </feature>
     <feature name='spec-ctrl'>
       <cpuid eax_in='0x07' ecx_in='0x00' edx='0x04000000'/>
     </feature>
Index: libvirt-4.0.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml
===================================================================
--- libvirt-4.0.0.orig/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml
+++ libvirt-4.0.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml
@@ -2,7 +2,7 @@
 <cpudata arch='x86'>
   <cpuid eax_in='0x00000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0xf7fa3203' edx='0x0f8bfbff'/>
   <cpuid eax_in='0x00000006' ecx_in='0x00' eax='0x00000004' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
-  <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x009c4fbb' ecx='0x00000000' edx='0x8c000000'/>
+  <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x009c4fbb' ecx='0x00000000' edx='0x8c000400'/>
   <cpuid eax_in='0x0000000d' ecx_in='0x01' eax='0x00000007' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
   <cpuid eax_in='0x80000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000121' edx='0x2c100800'/>
 </cpudata>
Index: libvirt-4.0.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
===================================================================
--- libvirt-4.0.0.orig/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
+++ libvirt-4.0.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
@@ -19,6 +19,7 @@
   <feature policy='require' name='osxsave'/>
   <feature policy='require' name='tsc_adjust'/>
   <feature policy='require' name='clflushopt'/>
+  <feature policy='require' name='md-clear'/>
   <feature policy='require' name='stibp'/>
   <feature policy='require' name='ssbd'/>
   <feature policy='require' name='xsaves'/>
Index: libvirt-4.0.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
===================================================================
--- libvirt-4.0.0.orig/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
+++ libvirt-4.0.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
@@ -20,6 +20,7 @@
   <feature name='osxsave'/>
   <feature name='tsc_adjust'/>
   <feature name='clflushopt'/>
+  <feature name='md-clear'/>
   <feature name='stibp'/>
   <feature name='ssbd'/>
   <feature name='xsaves'/>
Index: libvirt-4.0.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml
===================================================================
--- libvirt-4.0.0.orig/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml
+++ libvirt-4.0.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml
@@ -5,6 +5,7 @@
   <feature policy='require' name='hypervisor'/>
   <feature policy='require' name='tsc_adjust'/>
   <feature policy='require' name='clflushopt'/>
+  <feature policy='require' name='md-clear'/>
   <feature policy='require' name='stibp'/>
   <feature policy='require' name='ssbd'/>
   <feature policy='require' name='pdpe1gb'/>
Places

File 538d8735-cpu_map-Define-md-clear-CPUID-bit.patch of Package libvirt.22293

Places
