072c97
From abfcb113bd1200dc91e8d6e3bcbd2084d458f554 Mon Sep 17 00:00:00 2001
072c97
Message-Id: <abfcb113bd1200dc91e8d6e3bcbd2084d458f554@dist-git>
072c97
From: Jiri Denemark <jdenemar@redhat.com>
072c97
Date: Fri, 12 Apr 2019 21:21:05 +0200
072c97
Subject: [PATCH] qemu: Don't cache microcode version
072c97
MIME-Version: 1.0
072c97
Content-Type: text/plain; charset=UTF-8
072c97
Content-Transfer-Encoding: 8bit
072c97
072c97
My earlier commit be46f61326 was incomplete. It removed caching of
072c97
microcode version in the CPU driver, which means the capabilities XML
072c97
will see the correct microcode version. But it is also cached in the
072c97
QEMU capabilities cache where it is used to detect whether we need to
072c97
reprobe QEMU. By missing the second place, the original commit
072c97
be46f61326 made the situation even worse since libvirt would report
072c97
correct microcode version while still using the old host CPU model
072c97
(visible in domain capabilities XML).
072c97
072c97
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
072c97
Reviewed-by: Ján Tomko <jtomko@redhat.com>
072c97
(cherry picked from commit 673c62a3b7855a0685d8f116e227c402720b9ee9)
072c97
072c97
CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
072c97
072c97
Conflicts:
072c97
	src/qemu/qemu_capabilities.c
072c97
            - virQEMUCapsCacheLookupByArch refactoring (commits
072c97
              7948ad4129a and 1a3de67001c) are missing
072c97
072c97
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
072c97
---
072c97
 src/qemu/qemu_capabilities.c | 12 ++++++++----
072c97
 src/qemu/qemu_capabilities.h |  3 +--
072c97
 src/qemu/qemu_driver.c       |  9 +--------
072c97
 tests/testutilsqemu.c        |  2 +-
072c97
 4 files changed, 11 insertions(+), 15 deletions(-)
072c97
072c97
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
072c97
index 4f2051a2bb..96aa1b15e4 100644
072c97
--- a/src/qemu/qemu_capabilities.c
072c97
+++ b/src/qemu/qemu_capabilities.c
072c97
@@ -4625,7 +4625,7 @@ virQEMUCapsNewData(const char *binary,
072c97
                                            priv->libDir,
072c97
                                            priv->runUid,
072c97
                                            priv->runGid,
072c97
-                                           priv->microcodeVersion,
072c97
+                                           virHostCPUGetMicrocodeVersion(),
072c97
                                            priv->kernelVersion);
072c97
 }
072c97
 
072c97
@@ -4708,8 +4708,7 @@ virFileCachePtr
072c97
 virQEMUCapsCacheNew(const char *libDir,
072c97
                     const char *cacheDir,
072c97
                     uid_t runUid,
072c97
-                    gid_t runGid,
072c97
-                    unsigned int microcodeVersion)
072c97
+                    gid_t runGid)
072c97
 {
072c97
     char *capsCacheDir = NULL;
072c97
     virFileCachePtr cache = NULL;
072c97
@@ -4733,7 +4732,6 @@ virQEMUCapsCacheNew(const char *libDir,
072c97
 
072c97
     priv->runUid = runUid;
072c97
     priv->runGid = runGid;
072c97
-    priv->microcodeVersion = microcodeVersion;
072c97
 
072c97
     if (uname(&uts) == 0 &&
072c97
         virAsprintf(&priv->kernelVersion, "%s %s", uts.release, uts.version) < 0)
072c97
@@ -4754,8 +4752,11 @@ virQEMUCapsPtr
072c97
 virQEMUCapsCacheLookup(virFileCachePtr cache,
072c97
                        const char *binary)
072c97
 {
072c97
+    virQEMUCapsCachePrivPtr priv = virFileCacheGetPriv(cache);
072c97
     virQEMUCapsPtr ret = NULL;
072c97
 
072c97
+    priv->microcodeVersion = virHostCPUGetMicrocodeVersion();
072c97
+
072c97
     ret = virFileCacheLookup(cache, binary);
072c97
 
072c97
     VIR_DEBUG("Returning caps %p for %s", ret, binary);
072c97
@@ -4801,10 +4802,13 @@ virQEMUCapsPtr
072c97
 virQEMUCapsCacheLookupByArch(virFileCachePtr cache,
072c97
                              virArch arch)
072c97
 {
072c97
+    virQEMUCapsCachePrivPtr priv = virFileCacheGetPriv(cache);
072c97
     virQEMUCapsPtr ret = NULL;
072c97
     virArch target;
072c97
     struct virQEMUCapsSearchData data = { .arch = arch };
072c97
 
072c97
+    priv->microcodeVersion = virHostCPUGetMicrocodeVersion();
072c97
+
072c97
     ret = virFileCacheLookupByFunc(cache, virQEMUCapsCompareArch, &data);
072c97
     if (!ret) {
072c97
         /* If the first attempt at finding capabilities has failed, try
072c97
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
072c97
index 9e8ad5f5c3..7a91b7da62 100644
072c97
--- a/src/qemu/qemu_capabilities.h
072c97
+++ b/src/qemu/qemu_capabilities.h
072c97
@@ -572,8 +572,7 @@ void virQEMUCapsFilterByMachineType(virQEMUCapsPtr qemuCaps,
072c97
 virFileCachePtr virQEMUCapsCacheNew(const char *libDir,
072c97
                                     const char *cacheDir,
072c97
                                     uid_t uid,
072c97
-                                    gid_t gid,
072c97
-                                    unsigned int microcodeVersion);
072c97
+                                    gid_t gid);
072c97
 virQEMUCapsPtr virQEMUCapsCacheLookup(virFileCachePtr cache,
072c97
                                       const char *binary);
072c97
 virQEMUCapsPtr virQEMUCapsCacheLookupCopy(virFileCachePtr cache,
072c97
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
072c97
index 295613ba3c..21d836a540 100644
072c97
--- a/src/qemu/qemu_driver.c
072c97
+++ b/src/qemu/qemu_driver.c
072c97
@@ -592,8 +592,6 @@ qemuStateInitialize(bool privileged,
072c97
     char *hugepagePath = NULL;
072c97
     char *memoryBackingPath = NULL;
072c97
     size_t i;
072c97
-    virCPUDefPtr hostCPU = NULL;
072c97
-    unsigned int microcodeVersion = 0;
072c97
 
072c97
     if (VIR_ALLOC(qemu_driver) < 0)
072c97
         return -1;
072c97
@@ -813,15 +811,10 @@ qemuStateInitialize(bool privileged,
072c97
         run_gid = cfg->group;
072c97
     }
072c97
 
072c97
-    if ((hostCPU = virCPUProbeHost(virArchFromHost())))
072c97
-        microcodeVersion = hostCPU->microcodeVersion;
072c97
-    virCPUDefFree(hostCPU);
072c97
-
072c97
     qemu_driver->qemuCapsCache = virQEMUCapsCacheNew(cfg->libDir,
072c97
                                                      cfg->cacheDir,
072c97
                                                      run_uid,
072c97
-                                                     run_gid,
072c97
-                                                     microcodeVersion);
072c97
+                                                     run_gid);
072c97
     if (!qemu_driver->qemuCapsCache)
072c97
         goto error;
072c97
 
072c97
diff --git a/tests/testutilsqemu.c b/tests/testutilsqemu.c
072c97
index dc7e90b952..3e0b753549 100644
072c97
--- a/tests/testutilsqemu.c
072c97
+++ b/tests/testutilsqemu.c
072c97
@@ -617,7 +617,7 @@ int qemuTestDriverInit(virQEMUDriver *driver)
072c97
 
072c97
     /* Using /dev/null for libDir and cacheDir automatically produces errors
072c97
      * upon attempt to use any of them */
072c97
-    driver->qemuCapsCache = virQEMUCapsCacheNew("/dev/null", "/dev/null", 0, 0, 0);
072c97
+    driver->qemuCapsCache = virQEMUCapsCacheNew("/dev/null", "/dev/null", 0, 0);
072c97
     if (!driver->qemuCapsCache)
072c97
         goto error;
072c97
 
072c97
-- 
072c97
2.21.0
072c97