Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package xen for openSUSE:Factory checked in at 2026-05-16 19:24:31 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/xen (Old) and /work/SRC/openSUSE:Factory/.xen.new.1966 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "xen" Sat May 16 19:24:31 2026 rev:374 rq:1353106 version:4.21.1_06 Changes: -------- --- /work/SRC/openSUSE:Factory/xen/xen.changes 2026-04-29 19:18:55.747748900 +0200 +++ /work/SRC/openSUSE:Factory/.xen.new.1966/xen.changes 2026-05-16 19:25:30.928469410 +0200 @@ -1,0 +2,7 @@ +Tue May 12 13:03:24 MDT 2026 - [email protected] + +- bsc#1264066 - VUL-0: CVE-2025-54518: xen: AMD-SN-7052: CPU OP + Cache Corruption + 6a034fca-x86-mitigate-AMD-SN-7052.patch + +------------------------------------------------------------------- New: ---- 6a034fca-x86-mitigate-AMD-SN-7052.patch ----------(New B)---------- New: Cache Corruption 6a034fca-x86-mitigate-AMD-SN-7052.patch ----------(New E)---------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ xen.spec ++++++ --- /var/tmp/diff_new_pack.DK4RYG/_old 2026-05-16 19:25:33.676582090 +0200 +++ /var/tmp/diff_new_pack.DK4RYG/_new 2026-05-16 19:25:33.680582254 +0200 @@ -125,7 +125,7 @@ BuildRequires: python-rpm-macros Provides: installhint(reboot-needed) -Version: 4.21.1_04 +Version: 4.21.1_06 Release: 0 Summary: Xen Virtualization: Hypervisor (aka VMM aka Microkernel) License: GPL-2.0-only @@ -168,6 +168,7 @@ Patch6: 69e26aca-x86-mitigate-AMD-SN-7053-FP-DSS.patch Patch7: 69f0ab36-gnttab-split-gnttab_map_frame.patch Patch8: 69f0ab36-xenstored-make-conn_delete_all_transactions-idempotent.patch +Patch9: 6a034fca-x86-mitigate-AMD-SN-7052.patch # Our platform specific patches Patch400: xen-destdir.patch Patch401: vif-bridge-no-iptables.patch ++++++ 6a034fca-x86-mitigate-AMD-SN-7052.patch ++++++ Subject: x86/amd: Mitigate AMD-SN-7052 From: Andrew Cooper [email protected] Tue Nov 4 18:08:07 2025 +0000 Date: Wed May 6 15:30:12 2026 +0100: Git: 8af05b49176dc22db12d6743a927899561314ec8 This is XSA-490 / CVE-2025-54518. Signed-off-by: Andrew Cooper <[email protected]> Reviewed-by: Roger Pau Monné <[email protected]> (cherry picked from commit 8070bdfa7220e772fae248abd3cbf5e87fc0fefb) diff --git a/xen/arch/x86/cpu/amd.c b/xen/arch/x86/cpu/amd.c index 1bb0766ebf..b5bf2b732e 100644 --- a/xen/arch/x86/cpu/amd.c +++ b/xen/arch/x86/cpu/amd.c @@ -1116,11 +1116,25 @@ static void amd_check_bp_cfg(void) { uint64_t val, new = 0; - /* - * AMD Erratum #1485. Set bit 5, as instructed. - */ - if (!cpu_has_hypervisor && boot_cpu_data.x86 == 0x19 && is_zen4_uarch()) - new |= (1 << 5); + if (!cpu_has_hypervisor) { + /* + * AMD Erratum #1485. If SMT is enabled and STIBP disabled, + * the CPU may fetch incorrect instruction bytes. + * + * Set bit 5, as instructed. + */ + if (boot_cpu_data.x86 == 0x19 && is_zen4_uarch()) + new |= (1 << 5); + + /* + * AMD SB-7052. CPU OP Cache corruption, causing instructions + * to be executed at a higher privilege. + * + * Set bit 33, as instructed. + */ + if (boot_cpu_data.x86 == 0x17 && is_zen2_uarch()) + new |= (1UL << 33); + } /* * On hardware supporting SRSO_MSR_FIX, activate BP_SPEC_REDUCE by ++++++ xen.bug1026236.suse_vtsc_tolerance.patch ++++++ --- /var/tmp/diff_new_pack.DK4RYG/_old 2026-05-16 19:25:34.008595703 +0200 +++ /var/tmp/diff_new_pack.DK4RYG/_new 2026-05-16 19:25:34.012595867 +0200 @@ -20,7 +20,7 @@ unsigned long __read_mostly cpu_khz; /* CPU clock frequency in kHz. */ DEFINE_SPINLOCK(rtc_lock); unsigned long pit0_ticks; -@@ -2933,6 +2936,8 @@ int tsc_set_info(struct domain *d, +@@ -2941,6 +2944,8 @@ int tsc_set_info(struct domain *d, switch ( tsc_mode ) { @@ -29,7 +29,7 @@ case XEN_CPUID_TSC_MODE_DEFAULT: case XEN_CPUID_TSC_MODE_ALWAYS_EMULATE: d->arch.vtsc_offset = get_s_time() - elapsed_nsec; -@@ -2946,8 +2951,25 @@ int tsc_set_info(struct domain *d, +@@ -2954,8 +2959,25 @@ int tsc_set_info(struct domain *d, * When a guest is created, gtsc_khz is passed in as zero, making * d->arch.tsc_khz == cpu_khz. Thus no need to check incarnation. */
