This series introduces the libvirt side of mitigations for Microarchitectural Data Sampling microprocessor flaws (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091) which were published earlier today. To protect your system against possible attacks exploiting these flaws updates to the CPU microcode, Linux kernel, and virtualization stack (QEMU, libvirt, and higher management apps) are required. See https://access.redhat.com/security/vulnerabilities/mds for more details and additional links. Both patches have already been pushed. Jiri Denemark (2): cputest: Add data for Intel(R) Xeon(R) CPU E3-1225 v5 cpu_map: Define md-clear CPUID bit src/cpu_map/x86_features.xml | 3 + tests/cputest.c | 1 + .../x86_64-cpuid-Xeon-E3-1225-v5-disabled.xml | 7 + .../x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml | 8 + .../x86_64-cpuid-Xeon-E3-1225-v5-guest.xml | 29 + .../x86_64-cpuid-Xeon-E3-1225-v5-host.xml | 30 + .../x86_64-cpuid-Xeon-E3-1225-v5-json.xml | 12 + .../x86_64-cpuid-Xeon-E3-1225-v5.json | 652 ++++++++++++++++++ .../x86_64-cpuid-Xeon-E3-1225-v5.sig | 4 + .../x86_64-cpuid-Xeon-E3-1225-v5.xml | 47 ++ .../x86_64-cpuid-Xeon-Platinum-8268-guest.xml | 1 + .../x86_64-cpuid-Xeon-Platinum-8268-host.xml | 1 + 12 files changed, 795 insertions(+) create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-disabled.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.json create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.sig create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.xml -- 2.21.0 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
