[virt-tools-list] [virt-manager PATCH] domcapabilities: add md-clear to automatically enabled security features

[Daniel P. Berrangé]

The bit is set when microcode provides the mechanism to invoke a flush
of various exploitable CPU buffers by invoking the VERW instruction.

CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091

Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>
---
 virtinst/domcapabilities.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/virtinst/domcapabilities.py b/virtinst/domcapabilities.py
index 8993822e..acc91f81 100644
--- a/virtinst/domcapabilities.py
+++ b/virtinst/domcapabilities.py
@@ -281,7 +281,8 @@ class DomainCapabilities(XMLBuilder):
                 'spec-ctrl',
                 'ssbd',
                 'ibpb',
-                'virt-ssbd']
+                'virt-ssbd',
+                'md-clear']
 
         if self._features:
             return self._features
-- 
2.21.0