system/xen: Updated for version 4.15.0.

Signed-off-by: Mario Preksavec <mario@slackware.hr> Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
author: Mario Preksavec <mario@slackware.hr> 2021-08-14 22:19:14 +0200
committer: Willy Sudiarto Raharjo <willysr@slackbuilds.org> 2021-08-19 18:33:51 +0700
commit: b0768026fe3b8de9afc35d95c8958fb61233bfd5 (patch)
tree: 1cb5aadcdac6d5fc322d4fe0764fb20961c046da /system/xen/xsa/xsa377.patch
parent: 25d63828e9ada783c9f7ead2e012b90861a735b3 (diff)
1 files changed, 27 insertions, 0 deletions
diff --git a/system/xen/xsa/xsa377.patch b/system/xen/xsa/xsa377.patch
new file mode 100644
index 0000000000000..1a1887b60e09c
--- /dev/null
+++ b/system/xen/xsa/xsa377.patch
@@ -0,0 +1,27 @@
+From: Andrew Cooper <andrew.cooper3@citrix.com>
+Subject: x86/spec-ctrl: Mitigate TAA after S3 resume
+
+The user chosen setting for MSR_TSX_CTRL needs restoring after S3.
+
+All APs get the correct setting via start_secondary(), but the BSP was missed
+out.
+
+This is XSA-377 / CVE-2021-28690.
+
+Fixes: 8c4330818f6 ("x86/spec-ctrl: Mitigate the TSX Asynchronous Abort sidechannel")
+Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
+Reviewed-by: Jan Beulich <jbeulich@suse.com>
+
+diff --git a/xen/arch/x86/acpi/power.c b/xen/arch/x86/acpi/power.c
+index 91a8c4d0bd..31a56f02d0 100644
+--- a/xen/arch/x86/acpi/power.c
++++ b/xen/arch/x86/acpi/power.c
+@@ -288,6 +288,8 @@ static int enter_state(u32 state)
+ 
+     microcode_update_one();
+ 
++    tsx_init(); /* Needs microcode.  May change HLE/RTM feature bits. */
++
+     if ( !recheck_cpu_features(0) )
+         panic("Missing previously available feature(s)\n");
+
author	Mario Preksavec <mario@slackware.hr>	2021-08-14 22:19:14 +0200
committer	Willy Sudiarto Raharjo <willysr@slackbuilds.org>	2021-08-19 18:33:51 +0700
commit	b0768026fe3b8de9afc35d95c8958fb61233bfd5 (patch)
tree	1cb5aadcdac6d5fc322d4fe0764fb20961c046da /system/xen/xsa/xsa377.patch
parent	25d63828e9ada783c9f7ead2e012b90861a735b3 (diff)