diff options
| author |   Matthias Maier <tamiko@gentoo.org> | 2019-05-19 17:07:45 -0500 |
|---|---|---|
| committer | Matthias Maier <tamiko@gentoo.org> | 2019-05-19 18:42:11 -0500 |
| commit | 24b89b257a1443febe97c8981ff8537f21e8db02 (patch) | |
| tree | a1f7b7d910b4c246d52cf31620bc329022ac4e0d /app-emulation/libvirt | |
| parent | app-emulation/libvirt: drop old (diff) | |
| download | gentoo-24b89b257a1443febe97c8981ff8537f21e8db02.tar.gz gentoo-24b89b257a1443febe97c8981ff8537f21e8db02.tar.bz2 gentoo-24b89b257a1443febe97c8981ff8537f21e8db02.zip | |
app-emulation/libvirt: add support for md-clear
Bug: https://bugs.gentoo.org/686026
Package-Manager: Portage-2.3.66, Repoman-2.3.12
Signed-off-by: Matthias Maier <tamiko@gentoo.org>
Diffstat (limited to 'app-emulation/libvirt')
| -rw-r--r-- | app-emulation/libvirt/files/libvirt-5.2.0-md-clear.patch | 36 | ||||
| -rw-r--r-- | app-emulation/libvirt/libvirt-5.2.0-r2.ebuild (renamed from app-emulation/libvirt/libvirt-5.2.0-r1.ebuild) | 1 |
2 files changed, 37 insertions, 0 deletions
diff --git a/app-emulation/libvirt/files/libvirt-5.2.0-md-clear.patch b/app-emulation/libvirt/files/libvirt-5.2.0-md-clear.patch new file mode 100644 index 000000000000..cd14d0d539ae --- /dev/null +++ b/app-emulation/libvirt/files/libvirt-5.2.0-md-clear.patch @@ -0,0 +1,36 @@ +From 538d873571d7a682852dc1d70e5f4478f4d64e85 Mon Sep 17 00:00:00 2001 +From: Jiri Denemark <jdenemar@redhat.com> +Date: Fri, 5 Apr 2019 15:11:20 +0200 +Subject: [PATCH] cpu_map: Define md-clear CPUID bit +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 + +The bit is set when microcode provides the mechanism to invoke a flush +of various exploitable CPU buffers by invoking the VERW instruction. + +Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> +Signed-off-by: Jiri Denemark <jdenemar@redhat.com> +Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> +--- + src/cpu_map/x86_features.xml | 3 +++ + +diff --git a/src/cpu_map/x86_features.xml b/src/cpu_map/x86_features.xml +index efcc10b1ae..370807f88e 100644 +--- a/src/cpu_map/x86_features.xml ++++ b/src/cpu_map/x86_features.xml +@@ -320,6 +320,9 @@ + <feature name='avx512-4fmaps'> + <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000008'/> + </feature> ++ <feature name='md-clear'> <!-- md_clear --> ++ <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000400'/> ++ </feature> + <feature name='pconfig'> + <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00040000'/> + </feature> +-- +2.21.0 + diff --git a/app-emulation/libvirt/libvirt-5.2.0-r1.ebuild b/app-emulation/libvirt/libvirt-5.2.0-r2.ebuild index 78ac8a38d3dc..fa7ff494b7c1 100644 --- a/app-emulation/libvirt/libvirt-5.2.0-r1.ebuild +++ b/app-emulation/libvirt/libvirt-5.2.0-r2.ebuild @@ -128,6 +128,7 @@ PATCHES=( "${FILESDIR}"/${PN}-5.2.0-do-not-use-sysconf.patch "${FILESDIR}"/${PN}-1.2.16-fix_paths_in_libvirt-guests_sh.patch "${FILESDIR}"/${PN}-5.0.0-fix-paths-for-apparmor.patch + "${FILESDIR}"/${PN}-5.2.0-md-clear.patch ) pkg_setup() { |