Define md-clear CPUID bit.

Assuming an updated host kernel and microcode, the md-clear bit will be automatically exposed to guests using the QEMU "-cpu host" arg, or libvirt "host-model" or "host-passthrough" configurations.

Guests using a named CPU model it must be manually updated to add this extra CPU feature.

Resolves CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091

How to install

sudo dnf upgrade --advisory=FEDORA-2019-0332a96d31

This update has been submitted for testing by berrange.

a year ago

This update has been pushed to testing.

a year ago
User Icon besser82 commented & provided feedback a year ago
karma

Works great! LGTM! =)

User Icon kashyapc commented & provided feedback a year ago
karma

Works for me.

I tested with these on the host:

$> uname -r; rpm -q libvirt-daemon-kvm qemu-system-x86 microcode_ctl
5.0.16-200.fc29.x86_64
libvirt-daemon-kvm-4.7.0-3.fc29.x86_64
qemu-system-x86-3.0.1-3.fc29.x86_64
microcode_ctl-2.1-29.fc29.x86_64

$> cat /sys/devices/system/cpu/vulnerabilities/mds
Mitigation: Clear CPU buffers; SMT vulnerable

And created a fresh F29 guest (also running the same kernel as the host):

# cat /sys/devices/system/cpu/vulnerabilities/mds
Mitigation: Clear CPU buffers; SMT Host state unknown

The guest is running with CPU mode 'host-model'.

And I do see the 'md_clear' visible in /proc/cpuinfo in the guest:

# grep md_clear /proc/cpuinfo | awk '{print $93}'
md_clear
md_clear

This update has been submitted for batched by berrange.

a year ago

This update has been submitted for stable by berrange.

a year ago

This update has been pushed to stable.

a year ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
2
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
a year ago
in testing
a year ago
in stable
a year ago
BZ#1646781 CVE-2018-12126 hardware: Microarchitectural Store Buffer Data Sampling (MSBDS)
0
0
BZ#1646784 CVE-2018-12130 hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS)
0
0
BZ#1667782 CVE-2018-12127 hardware: Micro-architectural Load Port Data Sampling - Information Leak (MLPDS)
0
0
BZ#1705312 CVE-2019-11091 hardware: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
0
0
BZ#1709977 CVE-2018-12126 libvirt: hardware: Microarchitectural Store Buffer Data Sampling (MSBDS) [fedora-all]
0
0
BZ#1709979 CVE-2018-12127 libvirt: hardware: Micro-architectural Load Port Data Sampling - Information Leak (MLPDS) [fedora-all]
0
0
BZ#1709984 CVE-2019-11091 libvirt: hardware: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) [fedora-all]
0
0
BZ#1709997 CVE-2018-12130 libvirt: hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS) [fedora-all]
0
0
BZ#1710002 CVE-2018-12126 qemu: hardware: Microarchitectural Store Buffer Data Sampling (MSBDS) [fedora-all]
0
0
BZ#1710003 CVE-2018-12130 qemu: hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS) [fedora-all]
0
0
BZ#1710004 CVE-2018-12127 qemu: hardware: Micro-architectural Load Port Data Sampling - Information Leak (MLPDS) [fedora-all]
0
0
BZ#1710006 CVE-2019-11091 qemu: hardware: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) [fedora-all]
0
0

Automated Test Results