diff options
| author | drochner <drochner@pkgsrc.org> | 2014-02-20 17:37:25 +0000 |
|---|---|---|
| committer | drochner <drochner@pkgsrc.org> | 2014-02-20 17:37:25 +0000 |
| commit | e6c7ff077a978f04cb3e0bb078f3abc9a9d7e036 (patch) | |
| tree | 071575cabdd4d42af89bc9eb1f5b25f493426d28 /sysutils | |
| parent | fe62eb8ac731d06745d1c37919adec63d4bed9d5 (diff) | |
| download | pkgsrc-e6c7ff077a978f04cb3e0bb078f3abc9a9d7e036.tar.gz | |
from upstream: fix the fix for CVE-2013-6885
makes the workaround for AMD CPU erratum 793 work not only on
64-bit hypervisors but also for 32bit
bump PKGREV
(compile tested only)
Diffstat (limited to 'sysutils')
| -rw-r--r-- | sysutils/xenkernel41/Makefile | 4 | ||||
| -rw-r--r-- | sysutils/xenkernel41/distinfo | 4 | ||||
| -rw-r--r-- | sysutils/xenkernel41/patches/patch-CVE-2013-6885_1 | 17 |
3 files changed, 13 insertions, 12 deletions
diff --git a/sysutils/xenkernel41/Makefile b/sysutils/xenkernel41/Makefile index 783721da9b5..9343a79407f 100644 --- a/sysutils/xenkernel41/Makefile +++ b/sysutils/xenkernel41/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.32 2014/01/25 10:30:22 wiz Exp $ +# $NetBSD: Makefile,v 1.33 2014/02/20 17:37:25 drochner Exp $ VERSION= 4.1.6.1 DISTNAME= xen-${VERSION} PKGNAME= xenkernel41-${VERSION} -PKGREVISION= 6 +PKGREVISION= 7 CATEGORIES= sysutils MASTER_SITES= http://bits.xensource.com/oss-xen/release/${VERSION}/ diff --git a/sysutils/xenkernel41/distinfo b/sysutils/xenkernel41/distinfo index 6bf3ee6311a..06c49cd85d4 100644 --- a/sysutils/xenkernel41/distinfo +++ b/sysutils/xenkernel41/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.25 2014/01/24 17:07:35 drochner Exp $ +$NetBSD: distinfo,v 1.26 2014/02/20 17:37:25 drochner Exp $ SHA1 (xen-4.1.6.1.tar.gz) = e5f15feb0821578817a65ede16110c6eac01abd0 RMD160 (xen-4.1.6.1.tar.gz) = bff11421fc44a26f2cc3156713267abcb36d7a19 @@ -12,7 +12,7 @@ SHA1 (patch-CVE-2013-4361) = b9074af976ba98c02aeb84288a10527bf7693241 SHA1 (patch-CVE-2013-4368) = 77caf392b472e5586eb2fa6a37d173cd856f6f15 SHA1 (patch-CVE-2013-4494) = d74dfc898d1128f3c205bd178c8cf663935711e3 SHA1 (patch-CVE-2013-4553) = 6708dcef1737b119a3fcf2e3414c22c115cbacc1 -SHA1 (patch-CVE-2013-6885_1) = 6fc88c8c98393e90dd895c160108ff2ee17cee2e +SHA1 (patch-CVE-2013-6885_1) = 18d155b2c76119988be32cfd43e3c4aa6a507b9d SHA1 (patch-CVE-2013-6885_2) = be3c99ba3e349492d45cd4f2fce0acc26ac1a96d SHA1 (patch-CVE-2014-1666) = acf27080799d4aae6a03b556caadb01081d5314e SHA1 (patch-Config.mk) = a43ed1b3304d6383dc093acd128a7f373d0ca266 diff --git a/sysutils/xenkernel41/patches/patch-CVE-2013-6885_1 b/sysutils/xenkernel41/patches/patch-CVE-2013-6885_1 index 66c7f88fd68..9befecfc20f 100644 --- a/sysutils/xenkernel41/patches/patch-CVE-2013-6885_1 +++ b/sysutils/xenkernel41/patches/patch-CVE-2013-6885_1 @@ -1,12 +1,13 @@ -$NetBSD: patch-CVE-2013-6885_1,v 1.1 2013/12/04 10:35:01 drochner Exp $ +$NetBSD: patch-CVE-2013-6885_1,v 1.2 2014/02/20 17:37:25 drochner Exp $ http://lists.xenproject.org/archives/html/xen-devel/2013-12/msg00235.html +http://lists.xenproject.org/archives/html/xen-devel/2014-02/msg01800.html --- xen/arch/x86/cpu/amd.c.orig 2013-09-10 06:42:18.000000000 +0000 -+++ xen/arch/x86/cpu/amd.c 2013-12-03 16:43:52.000000000 +0000 -@@ -649,6 +649,20 @@ static void __devinit init_amd(struct cp - "*** Pass \"allow_unsafe\" if you're trusting" - " all your (PV) guest kernels. ***\n"); ++++ xen/arch/x86/cpu/amd.c +@@ -661,6 +661,20 @@ static void __devinit init_amd(struct cp + } + #endif + if (c->x86 == 0x16 && c->x86_model <= 0xf) { + rdmsrl(MSR_AMD64_LS_CFG, value); @@ -22,6 +23,6 @@ http://lists.xenproject.org/archives/html/xen-devel/2013-12/msg00235.html + } + } + - /* AMD CPUs do not support SYSENTER outside of legacy mode. */ - clear_bit(X86_FEATURE_SEP, c->x86_capability); - + if (c->x86 == 0x10) { + /* + * On family 10h BIOS may not have properly enabled WC+ |