xen: patch with XSA-462

pkgs/applications/virtualization/xen/4.17/default.nix

@@ -16,6 +16,7 @@ let
     with upstreamPatches;
     [
       QUBES_REPRODUCIBLE_BUILDS
+      XSA_462
     ]
   );
 in

pkgs/applications/virtualization/xen/4.18/default.nix

@@ -16,6 +16,7 @@ let
     with upstreamPatches;
     [
       QUBES_REPRODUCIBLE_BUILDS
+      XSA_462
     ]
   );
 in

pkgs/applications/virtualization/xen/4.19/default.nix

@@ -18,6 +18,7 @@ let
       QUBES_REPRODUCIBLE_BUILDS
       XSA_460
       XSA_461
+      XSA_462
     ]
   );
 in

pkgs/applications/virtualization/xen/generic/patches.nix

@@ -134,4 +134,26 @@ in
     cve = [ "CVE-2024-31146" ];
     hash = "sha256-JQWoqf47hy9WXNkVC/LgmjUhkxN0SBF6w8PF4aFZxhM=";
   };
+  # Xen Security Advisory #462: (4.16.6 - 4.19.0)
+  "XSA_462" = xsaPatch {
+    id = "462";
+    title = "x86: Deadlock in vlapic_error()";
+    description = ''
+      In x86's APIC (Advanced Programmable Interrupt Controller) architecture,
+      error conditions are reported in a status register.  Furthermore, the OS
+      can opt to receive an interrupt when a new error occurs.
+
+      It is possible to configure the error interrupt with an illegal vector,
+      which generates an error when an error interrupt is raised.
+
+      This case causes Xen to recurse through vlapic_error().  The recursion
+      itself is bounded; errors accumulate in the the status register and only
+      generate an interrupt when a new status bit becomes set.
+
+      However, the lock protecting this state in Xen will try to be taken
+      recursively, and deadlock.
+    '';
+    cve = [ "CVE-2024-45817" ];
+    hash = "sha256-01lzjaT2f69UfEdTUCkm92DDOmd+Mo8sNPZsHJfgJEM=";
+  };
 }