diff options
author | Ian Delaney <idella4@gentoo.org> | 2013-12-06 14:13:04 +0000 |
---|---|---|
committer | Ian Delaney <idella4@gentoo.org> | 2013-12-06 14:13:04 +0000 |
commit | 46ea5722835cf7090351a064f7c0cc835cc6785f (patch) | |
tree | 09b441b3d1a2da3bbbdbae4aeb03a8dca86dbd47 /app-emulation/xen/files | |
parent | Version bump. Cleaned up FILESDIR. Fixed inifinality patchfile source URI (diff) | |
download | gentoo-2-46ea5722835cf7090351a064f7c0cc835cc6785f.tar.gz gentoo-2-46ea5722835cf7090351a064f7c0cc835cc6785f.tar.bz2 gentoo-2-46ea5722835cf7090351a064f7c0cc835cc6785f.zip |
revbumps; add sec XSA-82.patch, remove old
(Portage version: 2.2.0/cvs/Linux x86_64, signed Manifest commit with key 0xB8072B0D)
Diffstat (limited to 'app-emulation/xen/files')
-rw-r--r-- | app-emulation/xen/files/xen-CVE-2013-6885-XSA-82.patch | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/app-emulation/xen/files/xen-CVE-2013-6885-XSA-82.patch b/app-emulation/xen/files/xen-CVE-2013-6885-XSA-82.patch new file mode 100644 index 000000000000..22648562283e --- /dev/null +++ b/app-emulation/xen/files/xen-CVE-2013-6885-XSA-82.patch @@ -0,0 +1,46 @@ +http://seclists.org/oss-sec/2013/q4/att-385/xsa82.patch +x86/AMD: work around erratum 793 + +The recommendation is to set a bit in an MSR - do this if the firmware +didn't, considering that otherwise we expose ourselves to a guest +induced DoS. + +This is CVE-2013-6885 / XSA-82. + +Signed-off-by: Jan Beulich <jbeulich@suse.com> +Acked-by: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com> + +--- a/xen/arch/x86/cpu/amd.c ++++ b/xen/arch/x86/cpu/amd.c +@@ -476,6 +476,20 @@ static void __devinit init_amd(struct cp + "*** Pass \"allow_unsafe\" if you're trusting" + " all your (PV) guest kernels. ***\n"); + ++ if (c->x86 == 0x16 && c->x86_model <= 0xf) { ++ rdmsrl(MSR_AMD64_LS_CFG, value); ++ if (!(value & (1 << 15))) { ++ static bool_t warned; ++ ++ if (c == &boot_cpu_data || opt_cpu_info || ++ !test_and_set_bool(warned)) ++ printk(KERN_WARNING ++ "CPU%u: Applying workaround for erratum 793\n", ++ smp_processor_id()); ++ wrmsrl(MSR_AMD64_LS_CFG, value | (1 << 15)); ++ } ++ } ++ + /* AMD CPUs do not support SYSENTER outside of legacy mode. */ + clear_bit(X86_FEATURE_SEP, c->x86_capability); + +--- a/xen/include/asm-x86/msr-index.h ++++ b/xen/include/asm-x86/msr-index.h +@@ -213,6 +213,7 @@ + + /* AMD64 MSRs */ + #define MSR_AMD64_NB_CFG 0xc001001f ++#define MSR_AMD64_LS_CFG 0xc0011020 + #define MSR_AMD64_IC_CFG 0xc0011021 + #define MSR_AMD64_DC_CFG 0xc0011022 + #define AMD64_NB_CFG_CF8_EXT_ENABLE_BIT 46 + |