Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/app-emulation/libvirt/files
diff options
context:
space:
mode:
Diffstat (limited to 'app-emulation/libvirt/files')
-rw-r--r--app-emulation/libvirt/files/libvirt-5.2.0-md-clear.patch36
1 files changed, 36 insertions, 0 deletions
diff --git a/app-emulation/libvirt/files/libvirt-5.2.0-md-clear.patch b/app-emulation/libvirt/files/libvirt-5.2.0-md-clear.patch
new file mode 100644
index 000000000000..cd14d0d539ae
--- /dev/null
+++ b/app-emulation/libvirt/files/libvirt-5.2.0-md-clear.patch
@@ -0,0 +1,36 @@
+From 538d873571d7a682852dc1d70e5f4478f4d64e85 Mon Sep 17 00:00:00 2001
+From: Jiri Denemark <jdenemar@redhat.com>
+Date: Fri, 5 Apr 2019 15:11:20 +0200
+Subject: [PATCH] cpu_map: Define md-clear CPUID bit
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
+
+The bit is set when microcode provides the mechanism to invoke a flush
+of various exploitable CPU buffers by invoking the VERW instruction.
+
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
+Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
+---
+ src/cpu_map/x86_features.xml | 3 +++
+
+diff --git a/src/cpu_map/x86_features.xml b/src/cpu_map/x86_features.xml
+index efcc10b1ae..370807f88e 100644
+--- a/src/cpu_map/x86_features.xml
++++ b/src/cpu_map/x86_features.xml
+@@ -320,6 +320,9 @@
+ <feature name='avx512-4fmaps'>
+ <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000008'/>
+ </feature>
++ <feature name='md-clear'> <!-- md_clear -->
++ <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000400'/>
++ </feature>
+ <feature name='pconfig'>
+ <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00040000'/>
+ </feature>
+--
+2.21.0
+