1 files changed, 46 insertions, 0 deletions

diff --git a/app-emulation/xen/files/xen-CVE-2013-6885-XSA-82.patch b/app-emulation/xen/files/xen-CVE-2013-6885-XSA-82.patch
new file mode 100644
index 000000000000..22648562283e
--- /dev/null
+++ b/app-emulation/xen/files/xen-CVE-2013-6885-XSA-82.patch
@@ -0,0 +1,46 @@
+http://seclists.org/oss-sec/2013/q4/att-385/xsa82.patch
+x86/AMD: work around erratum 793
+
+The recommendation is to set a bit in an MSR - do this if the firmware
+didn't, considering that otherwise we expose ourselves to a guest
+induced DoS.
+
+This is CVE-2013-6885 / XSA-82.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Acked-by: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>
+
+--- a/xen/arch/x86/cpu/amd.c
++++ b/xen/arch/x86/cpu/amd.c
+@@ -476,6 +476,20 @@ static void __devinit init_amd(struct cp
+ 		       "*** Pass \"allow_unsafe\" if you're trusting"
+ 		       " all your (PV) guest kernels. ***\n");
+ 
++	if (c->x86 == 0x16 && c->x86_model <= 0xf) {
++		rdmsrl(MSR_AMD64_LS_CFG, value);
++		if (!(value & (1 << 15))) {
++			static bool_t warned;
++
++			if (c == &boot_cpu_data || opt_cpu_info ||
++			    !test_and_set_bool(warned))
++				printk(KERN_WARNING
++				       "CPU%u: Applying workaround for erratum 793\n",
++				       smp_processor_id());
++			wrmsrl(MSR_AMD64_LS_CFG, value | (1 << 15));
++		}
++	}
++
+ 	/* AMD CPUs do not support SYSENTER outside of legacy mode. */
+ 	clear_bit(X86_FEATURE_SEP, c->x86_capability);
+ 
+--- a/xen/include/asm-x86/msr-index.h
++++ b/xen/include/asm-x86/msr-index.h
+@@ -213,6 +213,7 @@
+ 
+ /* AMD64 MSRs */
+ #define MSR_AMD64_NB_CFG		0xc001001f
++#define MSR_AMD64_LS_CFG		0xc0011020
+ #define MSR_AMD64_IC_CFG		0xc0011021
+ #define MSR_AMD64_DC_CFG		0xc0011022
+ #define AMD64_NB_CFG_CF8_EXT_ENABLE_BIT	46
+