Bug 1533418

Summary: Libvirt may prefer $CPUModel over $CPUModel-IBRS when reporting host CPU model [rhel-7.4.z]
Product: Red Hat Enterprise Linux 7 Reporter: Oneata Mircea Teodor <toneata>
Component: libvirtAssignee: Jiri Denemark <jdenemar>
Status: CLOSED ERRATA QA Contact: Luyao Huang <lhuang>
Severity: high Docs Contact:
Priority: high    
Version: 7.5CC: anrussel, dyuan, jdenemar, klaas, lhuang, mtessun, rbalakri, xuzhang, yalzhang
Target Milestone: rcKeywords: ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: libvirt-3.2.0-14.el7_4.8 Doc Type: Bug Fix
Doc Text:
After applying all security patches for CVE-2017-5715 libvirt is supposed to report the host CPU as a model with "-IBRS" suffix (such as Westmere-IBRS). However, on some hosts the original model (without "-IBRS" suffix, such as Westmere) was reported by libvirt. This didn't have any effect on the actual availability of the security measures to virtual machines started on the host, but the incorrect CPU model could falsely indicate that the host was not secured yet. This update fixes the issue and the correct CPU model with "-IBRS" suffix should be reported on all updated hosts.
 Story Points: ---
Clone Of: 1533125 Environment:
Last Closed: 2018-03-06 21:41:17 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1533125    
Bug Blocks:    

Description Oneata Mircea Teodor 2018-01-11 10:05:47 UTC 
This bug has been copied from bug #1533125 and has been proposed to be backported to 7.4 z-stream (EUS).
Comment 5 Luyao Huang 2018-01-17 02:49:48 UTC 
verify this bug with libvirt-3.2.0-14.el7_4.8.x86_64, the steps the same with bug 1533415 comment 5
Comment 9 errata-xmlrpc 2018-03-06 21:41:17 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:0403