[libvirt] [PATCH 0/2] cpu: speculative store buffer bypass mitigation (CVE-2018-3639)

Daniel P. Berrangé posted 2 patches 5 years, 10 months ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/libvirt tags/patchew/20180521220508.13895-1-berrange@redhat.com
Test syntax-check passed
src/cpu/cpu_map.xml | 6 ++++++
1 file changed, 6 insertions(+)
[libvirt] [PATCH 0/2] cpu: speculative store buffer bypass mitigation (CVE-2018-3639)
Posted by Daniel P. Berrangé 5 years, 10 months ago
This provides the libvirt part of the mitigations for the speculative
store buffer bypass vulnerabilities on the x86 platform[1], and is
the companion of the kernel patches merged in:

  https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b78ce4a34b761c7fe13520de822984019ff1a8f

And QEMU patches posted at

  https://lists.gnu.org/archive/html/qemu-devel/2018-05/msg04795.html

[1] https://bugs.chromium.org/p/project-zero/issues/detail?id=1528
    https://access.redhat.com/security/vulnerabilities/ssbd

Daniel P. Berrangé (2):
  cpu: define the 'ssbd' CPUID feature bit (CVE-2018-3639)
  cpu: define the 'virt-ssbd' CPUID feature bit (CVE-2018-3639)

 src/cpu/cpu_map.xml | 6 ++++++
 1 file changed, 6 insertions(+)

-- 
2.17.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 0/2] cpu: speculative store buffer bypass mitigation (CVE-2018-3639)
Posted by Jiri Denemark 5 years, 10 months ago
On Mon, May 21, 2018 at 23:05:06 +0100, Daniel P. Berrangé wrote:
> This provides the libvirt part of the mitigations for the speculative
> store buffer bypass vulnerabilities on the x86 platform[1], and is
> the companion of the kernel patches merged in:
> 
>   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b78ce4a34b761c7fe13520de822984019ff1a8f
> 
> And QEMU patches posted at
> 
>   https://lists.gnu.org/archive/html/qemu-devel/2018-05/msg04795.html
> 
> [1] https://bugs.chromium.org/p/project-zero/issues/detail?id=1528
>     https://access.redhat.com/security/vulnerabilities/ssbd
> 
> Daniel P. Berrangé (2):
>   cpu: define the 'ssbd' CPUID feature bit (CVE-2018-3639)
>   cpu: define the 'virt-ssbd' CPUID feature bit (CVE-2018-3639)
> 
>  src/cpu/cpu_map.xml | 6 ++++++
>  1 file changed, 6 insertions(+)

Both patches

Reviewed-by: Jiri Denemark <jdenemar@redhat.com>

I'll push both patches as soon as the QEMU part is merged.

Jirka

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 0/2] cpu: speculative store buffer bypass mitigation (CVE-2018-3639)
Posted by Kashyap Chamarthy 5 years, 10 months ago
On Mon, May 21, 2018 at 11:05:06PM +0100, Daniel P. Berrangé wrote:
> This provides the libvirt part of the mitigations for the speculative
> store buffer bypass vulnerabilities on the x86 platform[1], and is
> the companion of the kernel patches merged in:
> 
>   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b78ce4a34b761c7fe13520de822984019ff1a8f
> 
> And QEMU patches posted at
> 
>   https://lists.gnu.org/archive/html/qemu-devel/2018-05/msg04795.html
> 
> [1] https://bugs.chromium.org/p/project-zero/issues/detail?id=1528
>     https://access.redhat.com/security/vulnerabilities/ssbd
> 
> Daniel P. Berrangé (2):
>   cpu: define the 'ssbd' CPUID feature bit (CVE-2018-3639)
>   cpu: define the 'virt-ssbd' CPUID feature bit (CVE-2018-3639)
> 
>  src/cpu/cpu_map.xml | 6 ++++++
>  1 file changed, 6 insertions(+)

Both changes:

    Reveiwed-by: Kashyap Chamarthy <kchamart@redhat.com>

-- 
/kashyap

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list