commit libvirt for openSUSE:Factory

root Tue, 21 May 2019 01:36:21 -0700

Hello community,

here is the log from the commit of package libvirt for openSUSE:Factory checked 
in at 2019-05-21 10:35:42
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libvirt (Old)
 and      /work/SRC/openSUSE:Factory/.libvirt.new.5148 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "libvirt"

Tue May 21 10:35:42 2019 rev:282 rq:704323 version:5.3.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/libvirt/libvirt.changes  2019-05-10 
09:10:45.291198871 +0200
+++ /work/SRC/openSUSE:Factory/.libvirt.new.5148/libvirt.changes        
2019-05-21 10:35:52.331262918 +0200
@@ -1,0 +2,9 @@
+Mon May 20 21:50:28 UTC 2019 - James Fehlig <[email protected]>
+
+- cpu_map: add cpu feature md-clear. CVE-2018-12126,
+  CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
+  5cd9db3a-cputest-add-data-E3-1225-v5.patch,
+  538d8735-cpu_map-Define-md-clear-CPUID-bit.patch
+  bsc#1111331, bsc#1135273
+
+-------------------------------------------------------------------

New:
----
  538d8735-cpu_map-Define-md-clear-CPUID-bit.patch
  5cd9db3a-cputest-add-data-E3-1225-v5.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ libvirt.spec ++++++
--- /var/tmp/diff_new_pack.tKu1vu/_old  2019-05-21 10:35:54.051261801 +0200
+++ /var/tmp/diff_new_pack.tKu1vu/_new  2019-05-21 10:35:54.055261798 +0200
@@ -337,6 +337,8 @@
 Source99:       baselibs.conf
 Source100:      %{name}-rpmlintrc
 # Upstream patches
+Patch0:         5cd9db3a-cputest-add-data-E3-1225-v5.patch
+Patch1:         538d8735-cpu_map-Define-md-clear-CPUID-bit.patch
 # Patches pending upstream review
 Patch100:       libxl-dom-reset.patch
 Patch101:       network-don-t-use-dhcp-authoritative-on-static-netwo.patch
@@ -870,6 +872,8 @@
 
 %prep
 %setup -q
+%patch0 -p1
+%patch1 -p1
 %patch100 -p1
 %patch101 -p1
 %patch150 -p1

++++++ 538d8735-cpu_map-Define-md-clear-CPUID-bit.patch ++++++
commit 538d873571d7a682852dc1d70e5f4478f4d64e85
Author: Jiri Denemark <[email protected]>
Date:   Fri Apr 5 15:11:20 2019 +0200

    cpu_map: Define md-clear CPUID bit
    
    CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
    
    The bit is set when microcode provides the mechanism to invoke a flush
    of various exploitable CPU buffers by invoking the VERW instruction.
    
    Signed-off-by: Paolo Bonzini <[email protected]>
    Signed-off-by: Jiri Denemark <[email protected]>
    Reviewed-by: Daniel P. Berrangé <[email protected]>

Index: libvirt-5.3.0/src/cpu_map/x86_features.xml
===================================================================
--- libvirt-5.3.0.orig/src/cpu_map/x86_features.xml
+++ libvirt-5.3.0/src/cpu_map/x86_features.xml
@@ -320,6 +320,9 @@
   <feature name='avx512-4fmaps'>
     <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000008'/>
   </feature>
+  <feature name='md-clear'> <!-- md_clear -->
+    <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000400'/>
+  </feature>
   <feature name='pconfig'>
     <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00040000'/>
   </feature>
Index: libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml
===================================================================
--- 
libvirt-5.3.0.orig/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml
+++ libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml
@@ -2,7 +2,7 @@
 <cpudata arch='x86'>
   <cpuid eax_in='0x00000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' 
ecx='0xf7fa3203' edx='0x0f8bfbff'/>
   <cpuid eax_in='0x00000006' ecx_in='0x00' eax='0x00000004' ebx='0x00000000' 
ecx='0x00000000' edx='0x00000000'/>
-  <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x009c4fbb' 
ecx='0x00000000' edx='0x8c000000'/>
+  <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x009c4fbb' 
ecx='0x00000000' edx='0x8c000400'/>
   <cpuid eax_in='0x0000000d' ecx_in='0x01' eax='0x00000007' ebx='0x00000000' 
ecx='0x00000000' edx='0x00000000'/>
   <cpuid eax_in='0x80000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' 
ecx='0x00000121' edx='0x2c100800'/>
 </cpudata>
Index: libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
===================================================================
--- libvirt-5.3.0.orig/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
+++ libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
@@ -20,6 +20,7 @@
   <feature policy='require' name='tsc_adjust'/>
   <feature policy='require' name='clflushopt'/>
   <feature policy='require' name='intel-pt'/>
+  <feature policy='require' name='md-clear'/>
   <feature policy='require' name='stibp'/>
   <feature policy='require' name='ssbd'/>
   <feature policy='require' name='xsaves'/>
Index: libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
===================================================================
--- libvirt-5.3.0.orig/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
+++ libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
@@ -21,6 +21,7 @@
   <feature name='tsc_adjust'/>
   <feature name='clflushopt'/>
   <feature name='intel-pt'/>
+  <feature name='md-clear'/>
   <feature name='stibp'/>
   <feature name='ssbd'/>
   <feature name='xsaves'/>
Index: libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml
===================================================================
--- libvirt-5.3.0.orig/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml
+++ libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml
@@ -5,6 +5,7 @@
   <feature policy='require' name='hypervisor'/>
   <feature policy='require' name='tsc_adjust'/>
   <feature policy='require' name='clflushopt'/>
+  <feature policy='require' name='md-clear'/>
   <feature policy='require' name='stibp'/>
   <feature policy='require' name='ssbd'/>
   <feature policy='require' name='pdpe1gb'/>
Index: libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-guest.xml
===================================================================
--- 
libvirt-5.3.0.orig/tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-guest.xml
+++ libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-guest.xml
@@ -23,6 +23,7 @@
   <feature policy='require' name='intel-pt'/>
   <feature policy='require' name='pku'/>
   <feature policy='require' name='ospke'/>
+  <feature policy='require' name='md-clear'/>
   <feature policy='require' name='stibp'/>
   <feature policy='require' name='arch-capabilities'/>
   <feature policy='require' name='xsaves'/>
Index: libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-host.xml
===================================================================
--- 
libvirt-5.3.0.orig/tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-host.xml
+++ libvirt-5.3.0/tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-host.xml
@@ -24,6 +24,7 @@
   <feature name='intel-pt'/>
   <feature name='pku'/>
   <feature name='ospke'/>
+  <feature name='md-clear'/>
   <feature name='stibp'/>
   <feature name='arch-capabilities'/>
   <feature name='xsaves'/>
++++++ 5cd9db3a-cputest-add-data-E3-1225-v5.patch ++++++
++++ 847 lines (skipped)

commit libvirt for openSUSE:Factory

Reply via email to