jonathan/libvirt
1
0
Fork 0
forked from rpms/libvirt
Code Pull Requests Activity
d954e5c2e6
libvirt/SOURCES/libvirt-qemu-Don-t-cache-microcode-version.patch
CentOS Sources abe0c88101 import libvirt-4.5.0-24.module+el8.1.0+3205+41ff0a42
2021-10-08 13:11:11 +00:00

155 lines
6.1 KiB
Diff
Raw Blame History

From 6832d9d8dd0963f4865801a29e848ff3256b3282 Mon Sep 17 00:00:00 2001
Message-Id: <6832d9d8dd0963f4865801a29e848ff3256b3282@dist-git>
From: Jiri Denemark <jdenemar@redhat.com>
Date: Fri, 12 Apr 2019 21:21:05 +0200
Subject: [PATCH] qemu: Don't cache microcode version
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
My earlier commit be46f61326 was incomplete. It removed caching of
microcode version in the CPU driver, which means the capabilities XML
will see the correct microcode version. But it is also cached in the
QEMU capabilities cache where it is used to detect whether we need to
reprobe QEMU. By missing the second place, the original commit
be46f61326 made the situation even worse since libvirt would report
correct microcode version while still using the old host CPU model
(visible in domain capabilities XML).
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
(cherry picked from commit 673c62a3b7855a0685d8f116e227c402720b9ee9)
CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
Conflicts:
src/qemu/qemu_capabilities.c
- virQEMUCapsCacheLookupByArch refactoring (commits
7948ad4129a and 1a3de67001c) are missing
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
src/qemu/qemu_capabilities.c | 12 ++++++++----
src/qemu/qemu_capabilities.h | 3 +--
src/qemu/qemu_driver.c | 9 +--------
tests/testutilsqemu.c | 2 +-
4 files changed, 11 insertions(+), 15 deletions(-)
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index 912f758bcd..0d6fa02560 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -4684,7 +4684,7 @@ virQEMUCapsNewData(const char *binary,
priv->libDir,
priv->runUid,
priv->runGid,
- priv->microcodeVersion,
+ virHostCPUGetMicrocodeVersion(),
priv->kernelVersion);
}
@@ -4767,8 +4767,7 @@ virFileCachePtr
virQEMUCapsCacheNew(const char *libDir,
const char *cacheDir,
uid_t runUid,
- gid_t runGid,
- unsigned int microcodeVersion)
+ gid_t runGid)
{
char *capsCacheDir = NULL;
virFileCachePtr cache = NULL;
@@ -4792,7 +4791,6 @@ virQEMUCapsCacheNew(const char *libDir,
priv->runUid = runUid;
priv->runGid = runGid;
- priv->microcodeVersion = microcodeVersion;
if (uname(&uts) == 0 &&
virAsprintf(&priv->kernelVersion, "%s %s", uts.release, uts.version) < 0)
@@ -4813,8 +4811,11 @@ virQEMUCapsPtr
virQEMUCapsCacheLookup(virFileCachePtr cache,
const char *binary)
{
+ virQEMUCapsCachePrivPtr priv = virFileCacheGetPriv(cache);
virQEMUCapsPtr ret = NULL;
+ priv->microcodeVersion = virHostCPUGetMicrocodeVersion();
+
ret = virFileCacheLookup(cache, binary);
VIR_DEBUG("Returning caps %p for %s", ret, binary);
@@ -4860,10 +4861,13 @@ virQEMUCapsPtr
virQEMUCapsCacheLookupByArch(virFileCachePtr cache,
virArch arch)
{
+ virQEMUCapsCachePrivPtr priv = virFileCacheGetPriv(cache);
virQEMUCapsPtr ret = NULL;
virArch target;
struct virQEMUCapsSearchData data = { .arch = arch };
+ priv->microcodeVersion = virHostCPUGetMicrocodeVersion();
+
ret = virFileCacheLookupByFunc(cache, virQEMUCapsCompareArch, &data);
if (!ret) {
/* If the first attempt at finding capabilities has failed, try
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
index 0c06081107..9550df2cd5 100644
--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
@@ -574,8 +574,7 @@ void virQEMUCapsFilterByMachineType(virQEMUCapsPtr qemuCaps,
virFileCachePtr virQEMUCapsCacheNew(const char *libDir,
const char *cacheDir,
uid_t uid,
- gid_t gid,
- unsigned int microcodeVersion);
+ gid_t gid);
virQEMUCapsPtr virQEMUCapsCacheLookup(virFileCachePtr cache,
const char *binary);
virQEMUCapsPtr virQEMUCapsCacheLookupCopy(virFileCachePtr cache,
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index bafef1e3b5..88c08f88ee 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -592,8 +592,6 @@ qemuStateInitialize(bool privileged,
char *hugepagePath = NULL;
char *memoryBackingPath = NULL;
size_t i;
- virCPUDefPtr hostCPU = NULL;
- unsigned int microcodeVersion = 0;
if (VIR_ALLOC(qemu_driver) < 0)
return -1;
@@ -813,15 +811,10 @@ qemuStateInitialize(bool privileged,
run_gid = cfg->group;
}
- if ((hostCPU = virCPUProbeHost(virArchFromHost())))
- microcodeVersion = hostCPU->microcodeVersion;
- virCPUDefFree(hostCPU);
-
qemu_driver->qemuCapsCache = virQEMUCapsCacheNew(cfg->libDir,
cfg->cacheDir,
run_uid,
- run_gid,
- microcodeVersion);
+ run_gid);
if (!qemu_driver->qemuCapsCache)
goto error;
diff --git a/tests/testutilsqemu.c b/tests/testutilsqemu.c
index dc7e90b952..3e0b753549 100644
--- a/tests/testutilsqemu.c
+++ b/tests/testutilsqemu.c
@@ -617,7 +617,7 @@ int qemuTestDriverInit(virQEMUDriver *driver)
/* Using /dev/null for libDir and cacheDir automatically produces errors
* upon attempt to use any of them */
- driver->qemuCapsCache = virQEMUCapsCacheNew("/dev/null", "/dev/null", 0, 0, 0);
+ driver->qemuCapsCache = virQEMUCapsCacheNew("/dev/null", "/dev/null", 0, 0);
if (!driver->qemuCapsCache)
goto error;
--
2.21.0
View Git Blame Copy Permalink