From dc1b3b4d862e00d45875a58684f0cd4a2dd9446f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
 <marmarek@invisiblethingslab.com>
Date: Wed, 10 Jun 2020 05:47:53 +0200
Subject: [PATCH] Do not announce RDRAND instruction on Ivy Bridge

XSA-320 / CVE-2020-0543 affects Ivy Bridge and later platforms, but a
fix (microcode update) won't be available for Ivy Bridge. Disable
affected instruction (do not announce it in CPUID - complying software
should not use it then).
---
 qubes/app.py               | 23 +++++++++++++++++++++++
 qubes/tests/vm/__init__.py |  1 +
 templates/libvirt/xen.xml  |  3 +++
 3 files changed, 27 insertions(+)

diff --git a/qubes/app.py b/qubes/app.py
index 183a092c..539abcee 100644
--- a/qubes/app.py
+++ b/qubes/app.py
@@ -265,6 +265,8 @@ class QubesHost:
         self._no_cpus = None
         self._total_mem = None
         self._physinfo = None
+        self._cpu_family = None
+        self._cpu_model = None
 
     def _fetch(self):
         if self._no_cpus is not None:
@@ -303,6 +305,27 @@ class QubesHost:
         self._fetch()
         return self._no_cpus
 
+    @property
+    def cpu_family_model(self):
+        """Get CPU family and model"""
+        if self._cpu_family is None or self._cpu_model is None:
+            family = None
+            model = None
+            with open('/proc/cpuinfo') as cpuinfo:
+                for line in cpuinfo.readlines():
+                    line = line.strip()
+                    if not line:
+                        # take info from the first core
+                        break
+                    field, value = line.split(':', 1)
+                    if field.strip() == 'model':
+                        model = int(value.strip())
+                    elif field.strip() == 'cpu family':
+                        family = int(value.strip())
+            self._cpu_family = family
+            self._cpu_model = model
+        return self._cpu_family, self._cpu_model
+
     def get_free_xen_memory(self):
         """Get free memory from Xen's physinfo.
 
diff --git a/qubes/tests/vm/__init__.py b/qubes/tests/vm/__init__.py
index 9850a459..880503a9 100644
--- a/qubes/tests/vm/__init__.py
+++ b/qubes/tests/vm/__init__.py
@@ -46,6 +46,7 @@ class TestHost(object):
     def __init__(self):
         self.memory_total = 1000 * 1024
         self.no_cpus = 4
+        self.cpu_family_model = (6, 6)
 
 class TestVMsCollection(dict):
     def get_vms_connected_to(self, vm):
diff --git a/templates/libvirt/xen.xml b/templates/libvirt/xen.xml
index 61343905..055e109c 100644
--- a/templates/libvirt/xen.xml
+++ b/templates/libvirt/xen.xml
@@ -19,6 +19,9 @@
             <feature name='svm' policy='disable'/>
             <!-- disable SMAP inside VM, because of Linux bug -->
             <feature name='smap' policy='disable'/>
+            {% if vm.app.host.cpu_family_model in [(6, 58), (6, 62)] -%}
+                <feature name='rdrand' policy='disable'/>
+            {% endif -%}
         </cpu>
     {% endif %}
     {% endblock %}