Accepting request 689150 from home:bfrogers:branches:Virtualization

A tweak was needed to previous submit, and in the interim another security bug came in, so fix that as well.

OBS-URL: https://build.opensuse.org/request/show/689150
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=461
This commit is contained in:
Bruce Rogers 2019-03-27 17:35:55 +00:00 committed by Git OBS Bridge
parent 7f992805eb
commit 433d851e9d
8 changed files with 71 additions and 0 deletions

View File

@ -0,0 +1,34 @@
From: Peter Maydell <peter.maydell@linaro.org>
Date: Fri, 14 Dec 2018 13:30:52 +0000
Subject: device_tree.c: Don't use load_image()
The load_image() function is deprecated, as it does not let the
caller specify how large the buffer to read the file into is.
Instead use load_image_size().
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 20181130151712.2312-9-peter.maydell@linaro.org
(cherry picked from commit da885fe1ee8b4589047484bd7fa05a4905b52b17)
[BR: BSC#1130675 CVE-2018-20815]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
device_tree.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/device_tree.c b/device_tree.c
index 6d9c9726f6..296278e12a 100644
--- a/device_tree.c
+++ b/device_tree.c
@@ -91,7 +91,7 @@ void *load_device_tree(const char *filename_path, int *sizep)
/* First allocate space in qemu for device tree */
fdt = g_malloc0(dt_size);
- dt_file_load_size = load_image(filename_path, fdt);
+ dt_file_load_size = load_image_size(filename_path, fdt, dt_size);
if (dt_file_load_size < 0) {
error_report("Unable to open device tree file '%s'",
filename_path);

View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Wed Mar 27 16:59:53 UTC 2019 - Bruce Rogers <brogers@suse.com>
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1
* Patches added:
0064-device_tree.c-Don-t-use-load_image.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Mar 25 20:45:10 UTC 2019 - Bruce Rogers <brogers@suse.com> Mon Mar 25 20:45:10 UTC 2019 - Bruce Rogers <brogers@suse.com>

View File

@ -95,6 +95,7 @@ Patch0060: 0060-target-i386-sev-Do-not-pin-the-ram-.patch
Patch0061: 0061-slirp-check-sscanf-result-when-emul.patch Patch0061: 0061-slirp-check-sscanf-result-when-emul.patch
Patch0062: 0062-ppc-add-host-serial-and-host-model-.patch Patch0062: 0062-ppc-add-host-serial-and-host-model-.patch
Patch0063: 0063-i2c-ddc-fix-oob-read.patch Patch0063: 0063-i2c-ddc-fix-oob-read.patch
Patch0064: 0064-device_tree.c-Don-t-use-load_image.patch
# Please do not add QEMU patches manually here. # Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue. # Run update_git.sh to regenerate this queue.
ExcludeArch: s390 ExcludeArch: s390
@ -189,6 +190,7 @@ syscall layer occurs on the native hardware and operating system.
%patch0061 -p1 %patch0061 -p1
%patch0062 -p1 %patch0062 -p1
%patch0063 -p1 %patch0063 -p1
%patch0064 -p1
%build %build
./configure \ ./configure \

View File

@ -1,3 +1,12 @@
-------------------------------------------------------------------
Wed Mar 27 16:59:46 UTC 2019 - Bruce Rogers <brogers@suse.com>
- Tweak last spec file change to guard new Requires with conditional
- Fix DOS possibility in device tree processing (CVE-2018-20815
bsc#1130675)
0064-device_tree.c-Don-t-use-load_image.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Mar 25 20:45:08 UTC 2019 - Bruce Rogers <brogers@suse.com> Mon Mar 25 20:45:08 UTC 2019 - Bruce Rogers <brogers@suse.com>

View File

@ -206,6 +206,7 @@ Patch0060: 0060-target-i386-sev-Do-not-pin-the-ram-.patch
Patch0061: 0061-slirp-check-sscanf-result-when-emul.patch Patch0061: 0061-slirp-check-sscanf-result-when-emul.patch
Patch0062: 0062-ppc-add-host-serial-and-host-model-.patch Patch0062: 0062-ppc-add-host-serial-and-host-model-.patch
Patch0063: 0063-i2c-ddc-fix-oob-read.patch Patch0063: 0063-i2c-ddc-fix-oob-read.patch
Patch0064: 0064-device_tree.c-Don-t-use-load_image.patch
# Please do not add QEMU patches manually here. # Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue. # Run update_git.sh to regenerate this queue.
@ -845,7 +846,9 @@ Release: 0
Provides: %name:%_libexecdir/qemu-bridge-helper Provides: %name:%_libexecdir/qemu-bridge-helper
Requires(pre): permissions Requires(pre): permissions
Requires(pre): shadow Requires(pre): shadow
%if 0%{?suse_version} > 1320
Recommends: multipath-tools Recommends: multipath-tools
%endif
Recommends: qemu-block-curl Recommends: qemu-block-curl
%if 0%{?with_rbd} %if 0%{?with_rbd}
Recommends: qemu-block-rbd Recommends: qemu-block-rbd
@ -1007,6 +1010,7 @@ This package provides a service file for starting and stopping KSM.
%patch0061 -p1 %patch0061 -p1
%patch0062 -p1 %patch0062 -p1
%patch0063 -p1 %patch0063 -p1
%patch0064 -p1
pushd roms/seabios pushd roms/seabios
%patch1100 -p1 %patch1100 -p1

View File

@ -1,3 +1,12 @@
-------------------------------------------------------------------
Wed Mar 27 16:59:46 UTC 2019 - Bruce Rogers <brogers@suse.com>
- Tweak last spec file change to guard new Requires with conditional
- Fix DOS possibility in device tree processing (CVE-2018-20815
bsc#1130675)
0064-device_tree.c-Don-t-use-load_image.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Mar 25 20:45:08 UTC 2019 - Bruce Rogers <brogers@suse.com> Mon Mar 25 20:45:08 UTC 2019 - Bruce Rogers <brogers@suse.com>

View File

@ -206,6 +206,7 @@ Patch0060: 0060-target-i386-sev-Do-not-pin-the-ram-.patch
Patch0061: 0061-slirp-check-sscanf-result-when-emul.patch Patch0061: 0061-slirp-check-sscanf-result-when-emul.patch
Patch0062: 0062-ppc-add-host-serial-and-host-model-.patch Patch0062: 0062-ppc-add-host-serial-and-host-model-.patch
Patch0063: 0063-i2c-ddc-fix-oob-read.patch Patch0063: 0063-i2c-ddc-fix-oob-read.patch
Patch0064: 0064-device_tree.c-Don-t-use-load_image.patch
# Please do not add QEMU patches manually here. # Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue. # Run update_git.sh to regenerate this queue.
@ -845,7 +846,9 @@ Release: 0
Provides: %name:%_libexecdir/qemu-bridge-helper Provides: %name:%_libexecdir/qemu-bridge-helper
Requires(pre): permissions Requires(pre): permissions
Requires(pre): shadow Requires(pre): shadow
%if 0%{?suse_version} > 1320
Recommends: multipath-tools Recommends: multipath-tools
%endif
Recommends: qemu-block-curl Recommends: qemu-block-curl
%if 0%{?with_rbd} %if 0%{?with_rbd}
Recommends: qemu-block-rbd Recommends: qemu-block-rbd
@ -1007,6 +1010,7 @@ This package provides a service file for starting and stopping KSM.
%patch0061 -p1 %patch0061 -p1
%patch0062 -p1 %patch0062 -p1
%patch0063 -p1 %patch0063 -p1
%patch0064 -p1
pushd roms/seabios pushd roms/seabios
%patch1100 -p1 %patch1100 -p1

View File

@ -780,7 +780,9 @@ Release: 0
Provides: %name:%_libexecdir/qemu-bridge-helper Provides: %name:%_libexecdir/qemu-bridge-helper
Requires(pre): permissions Requires(pre): permissions
Requires(pre): shadow Requires(pre): shadow
%if 0%{?suse_version} > 1320
Recommends: multipath-tools Recommends: multipath-tools
%endif
Recommends: qemu-block-curl Recommends: qemu-block-curl
%if 0%{?with_rbd} %if 0%{?with_rbd}
Recommends: qemu-block-rbd Recommends: qemu-block-rbd