Re: [PATCH 00/17] CPU models and features for Spectre, CVE-2017-5715

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Jan 10, 2018 at 11:22:12 +0000, Daniel P. Berrange wrote:
> On Tue, Jan 09, 2018 at 11:45:13PM +0100, Jiri Denemark wrote:
> > This is the libvirt's part of the changes related to CVE-2017-5715. The
> > new models can be used to pass the protective CPU features to guests.
> > But remember, the host CPU microcode, host kernel, QEMU, and libvirt all
> > need to be updated for this to be any useful.
> > 
> > Based on a patch from Paolo Bonzini.
> 
> You likely also want this pre-requisite series for libvirt:
> 
>   https://www.redhat.com/archives/libvir-list/2018-January/msg00114.html
> 
> This ensures libvirt's cache of QEMU CPU model info is updated when the
> host CPU microcode changes. Without that patch, libvirt might not pick
> up the changed QEMU CPU models if the microcode update RPM was installed
> after the updated QEMU RPM.

Oh yes, I wanted to mention this, but I forgot to do so :(

You may also need some patches from another series (which I've just
pushed):

https://www.redhat.com/archives/libvir-list/2018-January/msg00237.html

The first patch is needed for all the new tests to pass.

And the third patch is needed if the new CPU models are defined via
inheritance rather than from scratch. This is not an issue for the
patches in this series, but some downstreams might have decided to do
just that.

Jirka

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list



[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]
  Powered by Linux