From 798ba7e584bd1ec8eef579fe827c43fd003591a7db6d39c5023d9af3d192e0e6 Mon Sep 17 00:00:00 2001 From: Larry Finger Date: Wed, 25 Jan 2017 02:54:58 +0000 Subject: [PATCH 1/2] - The version bump to 5.1.14 also addresses boo#1020856 CVE-2017-3316 CVE-2017-3332 CVE-2017-3290 CVE-2016-5545 - Version bump to 5.1.14 (released 2017-01-17 by Oracle) This is a maintenance release. The following items were fixed and/or added: VMM: fixed emulation of certain instructions for 64-bit guests on 32-bit hosts VMM: properly handle certain MSRs for 64-bit guests on ancient CPUs without VT-x support for MSR bitmaps (bug #13886) GUI: fixed a crash with multimonitor setups under certain conditions GUI: allow cloning of snapshots when the VM is running NVMe: fixed compatibility with the Storage Performance Development Kit (SPDK, bug #16368) VBoxSVC: fixed a crash under rare circumstances VBoxManage: added a sanity check to modifymedium --resize to prevent users from resizing their hard disk from 1GB to 1PB (bug #16311) Windows hosts: another fix for recent Windows 10 hosts Linux hosts: Linux 4.10 fixes Linux Additions: fixed protocol error during certain operations on shared folders (bug #8463) OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=304 --- VirtualBox-5.1.12-patched.tar.bz2 | 3 -- VirtualBox-5.1.14-patched.tar.bz2 | 3 ++ vbox_fix_4.10_api_changes.patch | 67 +++++++++++++++++++++++++++++++ virtualbox.changes | 20 +++++++++ virtualbox.spec | 2 +- 5 files changed, 91 insertions(+), 4 deletions(-) delete mode 100644 VirtualBox-5.1.12-patched.tar.bz2 create mode 100644 VirtualBox-5.1.14-patched.tar.bz2 create mode 100644 vbox_fix_4.10_api_changes.patch diff --git a/VirtualBox-5.1.12-patched.tar.bz2 b/VirtualBox-5.1.12-patched.tar.bz2 deleted file mode 100644 index 58fcc26..0000000 --- a/VirtualBox-5.1.12-patched.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:212ff0b27e892df670be694627a0ad968f3abbebcfa770bebc33cc976a76a9e5 -size 80300379 diff --git a/VirtualBox-5.1.14-patched.tar.bz2 b/VirtualBox-5.1.14-patched.tar.bz2 new file mode 100644 index 0000000..7e71d0f --- /dev/null +++ b/VirtualBox-5.1.14-patched.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:68f9019043e4ae409b357fc65c67dcc41b3afdfc09de4442b988f4d8dfb6e544 +size 80296668 diff --git a/vbox_fix_4.10_api_changes.patch b/vbox_fix_4.10_api_changes.patch new file mode 100644 index 0000000..f1c02af --- /dev/null +++ b/vbox_fix_4.10_api_changes.patch @@ -0,0 +1,67 @@ +Index: VirtualBox-5.1.12/src/VBox/Runtime/r0drv/linux/memobj-r0drv-linux.c +=================================================================== +--- VirtualBox-5.1.12.orig/src/VBox/Runtime/r0drv/linux/memobj-r0drv-linux.c ++++ VirtualBox-5.1.12/src/VBox/Runtime/r0drv/linux/memobj-r0drv-linux.c +@@ -1078,7 +1078,12 @@ DECLHIDDEN(int) rtR0MemObjNativeLockUser + fWrite, /* force write access. */ + # endif + &pMemLnx->apPages[0], /* Page array. */ ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 10, 0) ++ papVMAs, /* vmas */ ++ NULL); ++#else + papVMAs); /* vmas */ ++#endif + #else /* LINUX_VERSION_CODE < KERNEL_VERSION(4, 6, 0) */ + rc = get_user_pages(pTask, /* Task for fault accounting. */ + pTask->mm, /* Whose pages. */ +@@ -1093,7 +1098,12 @@ DECLHIDDEN(int) rtR0MemObjNativeLockUser + fWrite, /* force write access. */ + # endif + &pMemLnx->apPages[0], /* Page array. */ ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 10, 0) ++ papVMAs, /* vmas */ ++ NULL); ++#else + papVMAs); /* vmas */ ++#endif + #endif /* LINUX_VERSION_CODE < KERNEL_VERSION(4, 6, 0) */ + if (rc == cPages) + { +Index: VirtualBox-5.1.12/src/VBox/Runtime/r0drv/linux/mpnotification-r0drv-linux.c +=================================================================== +--- VirtualBox-5.1.12.orig/src/VBox/Runtime/r0drv/linux/mpnotification-r0drv-linux.c ++++ VirtualBox-5.1.12/src/VBox/Runtime/r0drv/linux/mpnotification-r0drv-linux.c +@@ -39,8 +39,32 @@ + + + #if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 5, 71) && defined(CONFIG_SMP) ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 10, 0) ++/* This hack allows VB to build under kernel 4.10 and later, but it ++ * should be replaced with a version that uses the hotplug state machine ++ */ + ++static DEFINE_MUTEX(cpu_add_remove_lock); ++static RAW_NOTIFIER_HEAD(cpu_chain); + ++/* Need to know about CPUs going up/down? */ ++static int register_cpu_notifier(struct notifier_block *nb) ++{ ++ int ret; ++ mutex_lock(&cpu_add_remove_lock); ++ ret = raw_notifier_chain_register(&cpu_chain, nb); ++ mutex_unlock(&cpu_add_remove_lock); ++ return ret; ++} ++ ++/* Need to know about CPUs going up/down? */ ++static void unregister_cpu_notifier(struct notifier_block *nb) ++{ ++ mutex_lock(&cpu_add_remove_lock); ++ raw_notifier_chain_unregister(&cpu_chain, nb); ++ mutex_unlock(&cpu_add_remove_lock); ++} ++#endif + /********************************************************************************************************************************* + * Internal Functions * + *********************************************************************************************************************************/ diff --git a/virtualbox.changes b/virtualbox.changes index 5a6fa55..c0d3454 100644 --- a/virtualbox.changes +++ b/virtualbox.changes @@ -1,3 +1,23 @@ +------------------------------------------------------------------- +Wed Jan 25 02:52:51 UTC 2017 - Larry.Finger@lwfinger.net + +- The version bump to 5.1.14 also addresses boo#1020856 CVE-2017-3316 CVE-2017-3332 CVE-2017-3290 CVE-2016-5545 + +- Version bump to 5.1.14 (released 2017-01-17 by Oracle) + +This is a maintenance release. The following items were fixed and/or added: + + VMM: fixed emulation of certain instructions for 64-bit guests on 32-bit hosts + VMM: properly handle certain MSRs for 64-bit guests on ancient CPUs without VT-x support for MSR bitmaps (bug #13886) + GUI: fixed a crash with multimonitor setups under certain conditions + GUI: allow cloning of snapshots when the VM is running + NVMe: fixed compatibility with the Storage Performance Development Kit (SPDK, bug #16368) + VBoxSVC: fixed a crash under rare circumstances + VBoxManage: added a sanity check to modifymedium --resize to prevent users from resizing their hard disk from 1GB to 1PB (bug #16311) + Windows hosts: another fix for recent Windows 10 hosts + Linux hosts: Linux 4.10 fixes + Linux Additions: fixed protocol error during certain operations on shared folders (bug #8463) + ------------------------------------------------------------------- Sat Jan 14 02:14:27 UTC 2017 - Larry.Finger@lwfinger.net diff --git a/virtualbox.spec b/virtualbox.spec index ed1cb5d..cdba87d 100644 --- a/virtualbox.spec +++ b/virtualbox.spec @@ -19,7 +19,7 @@ %define _vbox_instdir %{_libexecdir}/virtualbox %define _udevrulesdir %{_sysconfdir}/udev/rules.d Name: virtualbox -Version: 5.1.12 +Version: 5.1.14 Release: 0 Summary: VirtualBox is an Emulator License: GPL-2.0+ From 6ae60f24fdcbb9066bd6dd746b4e8749016663a242ce01f47ef34865009128c5 Mon Sep 17 00:00:00 2001 From: Larry Finger Date: Sat, 28 Jan 2017 21:09:26 +0000 Subject: [PATCH 2/2] - Removed "vbox_fix_4.9_api_changes.patch" as changes are upstream. Fixed API changes for kernel 4.10 in "vbox_fix_4.10_api_changes.patch". OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=306 --- vbox_fix_4.10_api_changes.patch | 90 +++++++++++---------------------- vbox_fix_4.9_api_changes.patch | 70 ------------------------- virtualbox.changes | 6 +++ virtualbox.spec | 6 +-- 4 files changed, 39 insertions(+), 133 deletions(-) delete mode 100644 vbox_fix_4.9_api_changes.patch diff --git a/vbox_fix_4.10_api_changes.patch b/vbox_fix_4.10_api_changes.patch index f1c02af..5993884 100644 --- a/vbox_fix_4.10_api_changes.patch +++ b/vbox_fix_4.10_api_changes.patch @@ -1,67 +1,37 @@ -Index: VirtualBox-5.1.12/src/VBox/Runtime/r0drv/linux/memobj-r0drv-linux.c + +Index: VirtualBox-5.1.14/src/VBox/Additions/linux/sharedfolders/lnkops.c =================================================================== ---- VirtualBox-5.1.12.orig/src/VBox/Runtime/r0drv/linux/memobj-r0drv-linux.c -+++ VirtualBox-5.1.12/src/VBox/Runtime/r0drv/linux/memobj-r0drv-linux.c -@@ -1078,7 +1078,12 @@ DECLHIDDEN(int) rtR0MemObjNativeLockUser - fWrite, /* force write access. */ - # endif - &pMemLnx->apPages[0], /* Page array. */ -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 10, 0) -+ papVMAs, /* vmas */ -+ NULL); -+#else - papVMAs); /* vmas */ -+#endif - #else /* LINUX_VERSION_CODE < KERNEL_VERSION(4, 6, 0) */ - rc = get_user_pages(pTask, /* Task for fault accounting. */ - pTask->mm, /* Whose pages. */ -@@ -1093,7 +1098,12 @@ DECLHIDDEN(int) rtR0MemObjNativeLockUser - fWrite, /* force write access. */ - # endif - &pMemLnx->apPages[0], /* Page array. */ -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 10, 0) -+ papVMAs, /* vmas */ -+ NULL); -+#else - papVMAs); /* vmas */ -+#endif - #endif /* LINUX_VERSION_CODE < KERNEL_VERSION(4, 6, 0) */ - if (rc == cPages) - { -Index: VirtualBox-5.1.12/src/VBox/Runtime/r0drv/linux/mpnotification-r0drv-linux.c -=================================================================== ---- VirtualBox-5.1.12.orig/src/VBox/Runtime/r0drv/linux/mpnotification-r0drv-linux.c -+++ VirtualBox-5.1.12/src/VBox/Runtime/r0drv/linux/mpnotification-r0drv-linux.c -@@ -39,8 +39,32 @@ +--- VirtualBox-5.1.14.orig/src/VBox/Additions/linux/sharedfolders/lnkops.c ++++ VirtualBox-5.1.14/src/VBox/Additions/linux/sharedfolders/lnkops.c +@@ -88,6 +88,31 @@ static const char *sf_get_link(struct de + } + # endif /* LINUX_VERSION_CODE < KERNEL_VERSION(4, 5, 0) */ - - #if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 5, 71) && defined(CONFIG_SMP) -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 10, 0) -+/* This hack allows VB to build under kernel 4.10 and later, but it -+ * should be replaced with a version that uses the hotplug state machine ++# if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 10, 0) ++/* ++ * A helper for ->readlink(). This should be used *ONLY* for symlinks that ++ * have ->get_link() not calling nd_jump_link(). Using (or not using) it ++ * for any given inode is up to filesystem. + */ - -+static DEFINE_MUTEX(cpu_add_remove_lock); -+static RAW_NOTIFIER_HEAD(cpu_chain); - -+/* Need to know about CPUs going up/down? */ -+static int register_cpu_notifier(struct notifier_block *nb) ++static int generic_readlink(struct dentry *dentry, char __user *buffer, ++ int buflen) +{ -+ int ret; -+ mutex_lock(&cpu_add_remove_lock); -+ ret = raw_notifier_chain_register(&cpu_chain, nb); -+ mutex_unlock(&cpu_add_remove_lock); -+ return ret; -+} ++ DEFINE_DELAYED_CALL(done); ++ struct inode *inode = d_inode(dentry); ++ const char *link = inode->i_link; ++ int res; + -+/* Need to know about CPUs going up/down? */ -+static void unregister_cpu_notifier(struct notifier_block *nb) -+{ -+ mutex_lock(&cpu_add_remove_lock); -+ raw_notifier_chain_unregister(&cpu_chain, nb); -+ mutex_unlock(&cpu_add_remove_lock); ++ if (!link) { ++ link = inode->i_op->get_link(dentry, inode, &done); ++ if (IS_ERR(link)) ++ return PTR_ERR(link); ++ } ++ res = readlink_copy(buffer, buflen, link); ++ do_delayed_call(&done); ++ return res; +} +#endif - /********************************************************************************************************************************* - * Internal Functions * - *********************************************************************************************************************************/ ++ + struct inode_operations sf_lnk_iops = + { + .readlink = generic_readlink, diff --git a/vbox_fix_4.9_api_changes.patch b/vbox_fix_4.9_api_changes.patch deleted file mode 100644 index 041f5ac..0000000 --- a/vbox_fix_4.9_api_changes.patch +++ /dev/null @@ -1,70 +0,0 @@ -Index: VirtualBox-5.1.10/src/VBox/Additions/linux/sharedfolders/dirops.c -=================================================================== ---- VirtualBox-5.1.10.orig/src/VBox/Additions/linux/sharedfolders/dirops.c -+++ VirtualBox-5.1.10/src/VBox/Additions/linux/sharedfolders/dirops.c -@@ -748,12 +748,18 @@ static int sf_rmdir(struct inode *parent - * @param flags flags - * @returns 0 on success, Linux error code otherwise - */ -+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 9, 0) - static int sf_rename(struct inode *old_parent, struct dentry *old_dentry, - struct inode *new_parent, struct dentry *new_dentry - #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 9, 0) - , unsigned flags - #endif - ) -+#else -+static int sf_rename(struct inode *old_parent, struct dentry *old_dentry, -+ struct inode *new_parent, struct dentry *new_dentry, -+ unsigned int flags) -+#endif - { - int err = 0, rc = VINF_SUCCESS; - struct sf_glob_info *sf_g = GET_GLOB_INFO(old_parent->i_sb); -Index: VirtualBox-5.1.10/src/VBox/Additions/linux/drm/vbox_ttm.c -=================================================================== ---- VirtualBox-5.1.10.orig/src/VBox/Additions/linux/drm/vbox_ttm.c -+++ VirtualBox-5.1.10/src/VBox/Additions/linux/drm/vbox_ttm.c -@@ -221,7 +221,8 @@ static int vbox_bo_move(struct ttm_buffe - struct ttm_mem_reg *new_mem) - { - int r; --#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 8, 0) -+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 8, 0) || \ -+ LINUX_VERSION_CODE >= KERNEL_VERSION(4, 9, 0) - r = ttm_bo_move_memcpy(bo, evict, no_wait_gpu, new_mem); - #elif LINUX_VERSION_CODE < KERNEL_VERSION(4, 9, 0) - r = ttm_bo_move_memcpy(bo, evict, interruptible, no_wait_gpu, new_mem); -Index: VirtualBox-5.1.10/src/VBox/Runtime/r0drv/linux/memobj-r0drv-linux.c -=================================================================== ---- VirtualBox-5.1.10.orig/src/VBox/Runtime/r0drv/linux/memobj-r0drv-linux.c -+++ VirtualBox-5.1.10/src/VBox/Runtime/r0drv/linux/memobj-r0drv-linux.c -@@ -1045,7 +1045,27 @@ DECLHIDDEN(int) rtR0MemObjNativeLockUser - /* - * Get user pages. - */ --#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 6, 0) -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 9, 0) -+ if (R0Process == RTR0ProcHandleSelf()) -+ rc = get_user_pages(R3Ptr, /* Where from. */ -+ cPages, /* How many pages. */ -+ fWrite, /* Write to memory. */ -+ &pMemLnx->apPages[0], /* Page array. */ -+ papVMAs); /* vmas */ -+ /* -+ * Actually this should not happen at the moment as call this function -+ * only for our own process. -+ */ -+ else -+ rc = get_user_pages_remote( -+ pTask, /* Task for fault accounting. */ -+ pTask->mm, /* Whose pages. */ -+ R3Ptr, /* Where from. */ -+ cPages, /* How many pages. */ -+ fWrite, /* Write to memory. */ -+ &pMemLnx->apPages[0], /* Page array. */ -+ papVMAs); /* vmas */ -+#elif LINUX_VERSION_CODE >= KERNEL_VERSION(4, 6, 0) - if (R0Process == RTR0ProcHandleSelf()) - rc = get_user_pages(R3Ptr, /* Where from. */ - cPages, /* How many pages. */ diff --git a/virtualbox.changes b/virtualbox.changes index c0d3454..6dd8e7d 100644 --- a/virtualbox.changes +++ b/virtualbox.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Sat Jan 28 20:37:54 UTC 2017 - Larry.Finger@lwfinger.net + +- Removed "vbox_fix_4.9_api_changes.patch" as changes are upstream. + Fixed API changes for kernel 4.10 in "vbox_fix_4.10_api_changes.patch". + ------------------------------------------------------------------- Wed Jan 25 02:52:51 UTC 2017 - Larry.Finger@lwfinger.net diff --git a/virtualbox.spec b/virtualbox.spec index cdba87d..c6391f1 100644 --- a/virtualbox.spec +++ b/virtualbox.spec @@ -89,11 +89,11 @@ Patch111: vbox_prevent_wrong_SONAME.patch Patch112: modify_for_4_8_bo_move.patch # Remove all mention of _smp_mflags Patch113: vbox_remove_smp_mflags.patch -# Fix build error on kernel 4.9 -Patch114: vbox_fix_4.9_api_changes.patch # Fix for missing include needed for server 1.19 Patch116: Fix_for_server_1.19.patch # +Patch117: vbox_fix_4.10_api_changes.patch +# BuildRequires: LibVNCServer-devel BuildRequires: SDL-devel BuildRequires: acpica @@ -328,8 +328,8 @@ This package contains icons for guest desktop files that were created on the des %patch111 -p1 %patch112 -p1 %patch113 -p1 -%patch114 -p1 %patch116 -p1 +%patch117 -p1 #copy user manual cp %{SOURCE1} UserManual.pdf