Accepting request 721319 from Virtualization
OBS-URL: https://build.opensuse.org/request/show/721319 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/qemu?expand=0&rev=159
This commit is contained in:
commit
9a8c802a3a
@ -1,21 +1,21 @@
|
||||
From: Paolo Bonzini <pbonzini@redhat.com>
|
||||
Date: Fri, 1 Mar 2019 21:40:52 +0100
|
||||
Date: Wed, 15 May 2019 15:10:10 +0100
|
||||
Subject: target/i386: define md-clear bit
|
||||
|
||||
md-clear is a new CPUID bit which is set when microcode provides the
|
||||
mechanism to invoke a flush of various exploitable CPU buffers by invoking
|
||||
the VERW instruction. Add the new feature, and pass it down to
|
||||
Hypervisor.framework guests.
|
||||
the VERW instruction.
|
||||
|
||||
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||
Message-Id: <20190515141011.5315-2-berrange@redhat.com>
|
||||
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
||||
(cherry picked from commit b2ae52101fca7f9547ac2f388085dbc58f8fe1c0)
|
||||
[BR: BSC#1111331 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130
|
||||
CVE-2019-11091]
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
target/i386/cpu.c | 2 +-
|
||||
target/i386/cpu.h | 1 +
|
||||
target/i386/hvf/x86_cpuid.c | 3 ++-
|
||||
3 files changed, 4 insertions(+), 2 deletions(-)
|
||||
target/i386/cpu.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
|
||||
index d6bb57d210..4ea78a4939 100644
|
||||
@ -30,29 +30,3 @@ index d6bb57d210..4ea78a4939 100644
|
||||
NULL, NULL, NULL, NULL,
|
||||
NULL, NULL, NULL, NULL,
|
||||
NULL, NULL, NULL, NULL,
|
||||
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
|
||||
index 572290c3d6..d3bd0943ec 100644
|
||||
--- a/target/i386/cpu.h
|
||||
+++ b/target/i386/cpu.h
|
||||
@@ -694,6 +694,7 @@ typedef uint32_t FeatureWordArray[FEATURE_WORDS];
|
||||
|
||||
#define CPUID_7_0_EDX_AVX512_4VNNIW (1U << 2) /* AVX512 Neural Network Instructions */
|
||||
#define CPUID_7_0_EDX_AVX512_4FMAPS (1U << 3) /* AVX512 Multiply Accumulation Single Precision */
|
||||
+#define CPUID_7_0_EDX_MD_CLEAR (1U << 10) /* Microarchitectural Data Clear */
|
||||
#define CPUID_7_0_EDX_SPEC_CTRL (1U << 26) /* Speculation Control */
|
||||
#define CPUID_7_0_EDX_ARCH_CAPABILITIES (1U << 29) /*Arch Capabilities*/
|
||||
#define CPUID_7_0_EDX_SPEC_CTRL_SSBD (1U << 31) /* Speculative Store Bypass Disable */
|
||||
diff --git a/target/i386/hvf/x86_cpuid.c b/target/i386/hvf/x86_cpuid.c
|
||||
index 4d957fe896..b453552fb4 100644
|
||||
--- a/target/i386/hvf/x86_cpuid.c
|
||||
+++ b/target/i386/hvf/x86_cpuid.c
|
||||
@@ -90,7 +90,8 @@ uint32_t hvf_get_supported_cpuid(uint32_t func, uint32_t idx,
|
||||
}
|
||||
|
||||
ecx &= CPUID_7_0_ECX_AVX512BMI | CPUID_7_0_ECX_AVX512_VPOPCNTDQ;
|
||||
- edx &= CPUID_7_0_EDX_AVX512_4VNNIW | CPUID_7_0_EDX_AVX512_4FMAPS;
|
||||
+ edx &= CPUID_7_0_EDX_AVX512_4VNNIW | CPUID_7_0_EDX_AVX512_4FMAPS | \
|
||||
+ CPUID_7_0_EDX_MD_CLEAR;
|
||||
} else {
|
||||
ebx = 0;
|
||||
ecx = 0;
|
||||
|
33
0049-qxl-check-release-info-object.patch
Normal file
33
0049-qxl-check-release-info-object.patch
Normal file
@ -0,0 +1,33 @@
|
||||
From: Prasad J Pandit <pjp@fedoraproject.org>
|
||||
Date: Thu, 25 Apr 2019 12:05:34 +0530
|
||||
Subject: qxl: check release info object
|
||||
|
||||
When releasing spice resources in release_resource() routine,
|
||||
if release info object 'ext.info' is null, it leads to null
|
||||
pointer dereference. Add check to avoid it.
|
||||
|
||||
Reported-by: Bugs SysSec <bugs-syssec@rub.de>
|
||||
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
|
||||
Message-id: 20190425063534.32747-1-ppandit@redhat.com
|
||||
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||
(cherry picked from commit d52680fc932efb8a2f334cc6993e705ed1e31e99)
|
||||
[LY: BSC#1135902 CVE-2019-12155]
|
||||
Signed-off-by: Liang Yan <lyan@suse.com>
|
||||
---
|
||||
hw/display/qxl.c | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/hw/display/qxl.c b/hw/display/qxl.c
|
||||
index 5c38e6e906..3880a7410b 100644
|
||||
--- a/hw/display/qxl.c
|
||||
+++ b/hw/display/qxl.c
|
||||
@@ -768,6 +768,9 @@ static void interface_release_resource(QXLInstance *sin,
|
||||
uint32_t prod;
|
||||
uint64_t id;
|
||||
|
||||
+ if (!ext.info) {
|
||||
+ return;
|
||||
+ }
|
||||
if (ext.group_id == MEMSLOT_GROUP_HOST) {
|
||||
/* host group -> vga mode update request */
|
||||
QXLCommandExt *cmdext = (void *)(intptr_t)(ext.info->id);
|
48
0050-qemu-bridge-helper-restrict-interfa.patch
Normal file
48
0050-qemu-bridge-helper-restrict-interfa.patch
Normal file
@ -0,0 +1,48 @@
|
||||
From: Liang Yan <lyan@suse.com>
|
||||
Date: Thu, 25 Jul 2019 13:28:26 -0400
|
||||
Subject: qemu-bridge-helper: restrict interface name
|
||||
|
||||
The interface names in qemu-bridge-helper are defined to be
|
||||
of size IFNAMSIZ(=16), including the terminating null('\0') byte.
|
||||
The same is applied to interface names read from 'bridge.conf'
|
||||
file to form ACLs rules. If user supplied '--br=bridge' name
|
||||
is not restricted to the same length, it could lead to ACL bypass
|
||||
issue. Restrict bridge name to IFNAMSIZ, including null byte.
|
||||
|
||||
Reported-by: Riccardo Schirone <rschiron@redhat.com>
|
||||
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
|
||||
[LY: BSC#1140402 CVE-2019-13164]
|
||||
Signed-off-by: Liang Yan <lyan@suse.com>
|
||||
---
|
||||
qemu-bridge-helper.c | 11 +++++++++++
|
||||
1 file changed, 11 insertions(+)
|
||||
|
||||
diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c
|
||||
index cafe2bf27b..8ae6104ec4 100644
|
||||
--- a/qemu-bridge-helper.c
|
||||
+++ b/qemu-bridge-helper.c
|
||||
@@ -109,6 +109,13 @@ static int parse_acl_file(const char *filename, ACLList *acl_list)
|
||||
}
|
||||
*argend = 0;
|
||||
|
||||
+ if (!g_str_equal(cmd, "include") && strlen(arg) >= IFNAMSIZ) {
|
||||
+ fprintf(stderr, "name `%s' too long: %zu\n", arg, strlen(arg));
|
||||
+ fclose(f);
|
||||
+ errno = EINVAL;
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
if (strcmp(cmd, "deny") == 0) {
|
||||
acl_rule = calloc(1, sizeof(*acl_rule));
|
||||
if (!acl_rule) {
|
||||
@@ -264,6 +271,10 @@ int main(int argc, char **argv)
|
||||
return EXIT_FAILURE;
|
||||
}
|
||||
}
|
||||
+ if (strlen(bridge) >= IFNAMSIZ) {
|
||||
+ fprintf(stderr, "name `%s' too long: %zu\n", bridge, strlen(bridge));
|
||||
+ return EXIT_FAILURE;
|
||||
+ }
|
||||
|
||||
if (bridge == NULL || unixfd == -1) {
|
||||
usage();
|
334
0051-linux-user-fix-to-handle-variably-s.patch
Normal file
334
0051-linux-user-fix-to-handle-variably-s.patch
Normal file
@ -0,0 +1,334 @@
|
||||
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
|
||||
Date: Thu, 18 Jul 2019 15:06:41 +0200
|
||||
Subject: linux-user: fix to handle variably sized SIOCGSTAMP with new kernels
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
The SIOCGSTAMP symbol was previously defined in the
|
||||
asm-generic/sockios.h header file. QEMU sees that header
|
||||
indirectly via sys/socket.h
|
||||
|
||||
In linux kernel commit 0768e17073dc527ccd18ed5f96ce85f9985e9115
|
||||
the asm-generic/sockios.h header no longer defines SIOCGSTAMP.
|
||||
Instead it provides only SIOCGSTAMP_OLD, which only uses a
|
||||
32-bit time_t on 32-bit architectures.
|
||||
|
||||
The linux/sockios.h header then defines SIOCGSTAMP using
|
||||
either SIOCGSTAMP_OLD or SIOCGSTAMP_NEW as appropriate. If
|
||||
SIOCGSTAMP_NEW is used, then the tv_sec field is 64-bit even
|
||||
on 32-bit architectures
|
||||
|
||||
To cope with this we must now convert the old and new type from
|
||||
the target to the host one.
|
||||
|
||||
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
||||
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
|
||||
Reviewed-by: Arnd Bergmann <arnd@arndb.de>
|
||||
Message-Id: <20190718130641.15294-1-laurent@vivier.eu>
|
||||
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
|
||||
(cherry picked from commit 6d5d5dde9adb5acb32e6b8e3dfbf47fff0f308d2)
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
linux-user/ioctls.h | 21 +++++-
|
||||
linux-user/syscall.c | 140 +++++++++++++++++++++++++++++--------
|
||||
linux-user/syscall_defs.h | 31 +++++++-
|
||||
linux-user/syscall_types.h | 6 --
|
||||
4 files changed, 160 insertions(+), 38 deletions(-)
|
||||
|
||||
diff --git a/linux-user/ioctls.h b/linux-user/ioctls.h
|
||||
index ae8951625f..e6a27ad9d6 100644
|
||||
--- a/linux-user/ioctls.h
|
||||
+++ b/linux-user/ioctls.h
|
||||
@@ -219,8 +219,25 @@
|
||||
IOCTL(SIOCGRARP, IOC_R, MK_PTR(MK_STRUCT(STRUCT_arpreq)))
|
||||
IOCTL(SIOCGIWNAME, IOC_W | IOC_R, MK_PTR(MK_STRUCT(STRUCT_char_ifreq)))
|
||||
IOCTL(SIOCGPGRP, IOC_R, MK_PTR(TYPE_INT)) /* pid_t */
|
||||
- IOCTL(SIOCGSTAMP, IOC_R, MK_PTR(MK_STRUCT(STRUCT_timeval)))
|
||||
- IOCTL(SIOCGSTAMPNS, IOC_R, MK_PTR(MK_STRUCT(STRUCT_timespec)))
|
||||
+
|
||||
+ /*
|
||||
+ * We can't use IOCTL_SPECIAL() because it will set
|
||||
+ * host_cmd to XXX_OLD and XXX_NEW and these macros
|
||||
+ * are not defined with kernel prior to 5.2.
|
||||
+ * We must set host_cmd to the same value as in target_cmd
|
||||
+ * otherwise the consistency check in syscall_init()
|
||||
+ * will trigger an error.
|
||||
+ * host_cmd is ignored by the do_ioctl_XXX() helpers.
|
||||
+ * FIXME: create a macro to define this kind of entry
|
||||
+ */
|
||||
+ { TARGET_SIOCGSTAMP_OLD, TARGET_SIOCGSTAMP_OLD,
|
||||
+ "SIOCGSTAMP_OLD", IOC_R, do_ioctl_SIOCGSTAMP },
|
||||
+ { TARGET_SIOCGSTAMPNS_OLD, TARGET_SIOCGSTAMPNS_OLD,
|
||||
+ "SIOCGSTAMPNS_OLD", IOC_R, do_ioctl_SIOCGSTAMPNS },
|
||||
+ { TARGET_SIOCGSTAMP_NEW, TARGET_SIOCGSTAMP_NEW,
|
||||
+ "SIOCGSTAMP_NEW", IOC_R, do_ioctl_SIOCGSTAMP },
|
||||
+ { TARGET_SIOCGSTAMPNS_NEW, TARGET_SIOCGSTAMPNS_NEW,
|
||||
+ "SIOCGSTAMPNS_NEW", IOC_R, do_ioctl_SIOCGSTAMPNS },
|
||||
|
||||
IOCTL(RNDGETENTCNT, IOC_R, MK_PTR(TYPE_INT))
|
||||
IOCTL(RNDADDTOENTCNT, IOC_W, MK_PTR(TYPE_INT))
|
||||
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
|
||||
index ed1c76e304..4e94bf6ecf 100644
|
||||
--- a/linux-user/syscall.c
|
||||
+++ b/linux-user/syscall.c
|
||||
@@ -37,6 +37,7 @@
|
||||
#include <sched.h>
|
||||
#include <sys/timex.h>
|
||||
#include <sys/socket.h>
|
||||
+#include <linux/sockios.h>
|
||||
#include <sys/un.h>
|
||||
#include <sys/uio.h>
|
||||
#include <poll.h>
|
||||
@@ -1139,8 +1140,9 @@ static inline abi_long copy_from_user_timeval(struct timeval *tv,
|
||||
{
|
||||
struct target_timeval *target_tv;
|
||||
|
||||
- if (!lock_user_struct(VERIFY_READ, target_tv, target_tv_addr, 1))
|
||||
+ if (!lock_user_struct(VERIFY_READ, target_tv, target_tv_addr, 1)) {
|
||||
return -TARGET_EFAULT;
|
||||
+ }
|
||||
|
||||
__get_user(tv->tv_sec, &target_tv->tv_sec);
|
||||
__get_user(tv->tv_usec, &target_tv->tv_usec);
|
||||
@@ -1155,8 +1157,26 @@ static inline abi_long copy_to_user_timeval(abi_ulong target_tv_addr,
|
||||
{
|
||||
struct target_timeval *target_tv;
|
||||
|
||||
- if (!lock_user_struct(VERIFY_WRITE, target_tv, target_tv_addr, 0))
|
||||
+ if (!lock_user_struct(VERIFY_WRITE, target_tv, target_tv_addr, 0)) {
|
||||
+ return -TARGET_EFAULT;
|
||||
+ }
|
||||
+
|
||||
+ __put_user(tv->tv_sec, &target_tv->tv_sec);
|
||||
+ __put_user(tv->tv_usec, &target_tv->tv_usec);
|
||||
+
|
||||
+ unlock_user_struct(target_tv, target_tv_addr, 1);
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+static inline abi_long copy_to_user_timeval64(abi_ulong target_tv_addr,
|
||||
+ const struct timeval *tv)
|
||||
+{
|
||||
+ struct target__kernel_sock_timeval *target_tv;
|
||||
+
|
||||
+ if (!lock_user_struct(VERIFY_WRITE, target_tv, target_tv_addr, 0)) {
|
||||
return -TARGET_EFAULT;
|
||||
+ }
|
||||
|
||||
__put_user(tv->tv_sec, &target_tv->tv_sec);
|
||||
__put_user(tv->tv_usec, &target_tv->tv_usec);
|
||||
@@ -1166,6 +1186,48 @@ static inline abi_long copy_to_user_timeval(abi_ulong target_tv_addr,
|
||||
return 0;
|
||||
}
|
||||
|
||||
+static inline abi_long target_to_host_timespec(struct timespec *host_ts,
|
||||
+ abi_ulong target_addr)
|
||||
+{
|
||||
+ struct target_timespec *target_ts;
|
||||
+
|
||||
+ if (!lock_user_struct(VERIFY_READ, target_ts, target_addr, 1)) {
|
||||
+ return -TARGET_EFAULT;
|
||||
+ }
|
||||
+ __get_user(host_ts->tv_sec, &target_ts->tv_sec);
|
||||
+ __get_user(host_ts->tv_nsec, &target_ts->tv_nsec);
|
||||
+ unlock_user_struct(target_ts, target_addr, 0);
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+static inline abi_long host_to_target_timespec(abi_ulong target_addr,
|
||||
+ struct timespec *host_ts)
|
||||
+{
|
||||
+ struct target_timespec *target_ts;
|
||||
+
|
||||
+ if (!lock_user_struct(VERIFY_WRITE, target_ts, target_addr, 0)) {
|
||||
+ return -TARGET_EFAULT;
|
||||
+ }
|
||||
+ __put_user(host_ts->tv_sec, &target_ts->tv_sec);
|
||||
+ __put_user(host_ts->tv_nsec, &target_ts->tv_nsec);
|
||||
+ unlock_user_struct(target_ts, target_addr, 1);
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+static inline abi_long host_to_target_timespec64(abi_ulong target_addr,
|
||||
+ struct timespec *host_ts)
|
||||
+{
|
||||
+ struct target__kernel_timespec *target_ts;
|
||||
+
|
||||
+ if (!lock_user_struct(VERIFY_WRITE, target_ts, target_addr, 0)) {
|
||||
+ return -TARGET_EFAULT;
|
||||
+ }
|
||||
+ __put_user(host_ts->tv_sec, &target_ts->tv_sec);
|
||||
+ __put_user(host_ts->tv_nsec, &target_ts->tv_nsec);
|
||||
+ unlock_user_struct(target_ts, target_addr, 1);
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
static inline abi_long copy_from_user_timezone(struct timezone *tz,
|
||||
abi_ulong target_tz_addr)
|
||||
{
|
||||
@@ -4790,6 +4852,54 @@ static abi_long do_ioctl_kdsigaccept(const IOCTLEntry *ie, uint8_t *buf_temp,
|
||||
return get_errno(safe_ioctl(fd, ie->host_cmd, sig));
|
||||
}
|
||||
|
||||
+static abi_long do_ioctl_SIOCGSTAMP(const IOCTLEntry *ie, uint8_t *buf_temp,
|
||||
+ int fd, int cmd, abi_long arg)
|
||||
+{
|
||||
+ struct timeval tv;
|
||||
+ abi_long ret;
|
||||
+
|
||||
+ ret = get_errno(safe_ioctl(fd, SIOCGSTAMP, &tv));
|
||||
+ if (is_error(ret)) {
|
||||
+ return ret;
|
||||
+ }
|
||||
+
|
||||
+ if (cmd == (int)TARGET_SIOCGSTAMP_OLD) {
|
||||
+ if (copy_to_user_timeval(arg, &tv)) {
|
||||
+ return -TARGET_EFAULT;
|
||||
+ }
|
||||
+ } else {
|
||||
+ if (copy_to_user_timeval64(arg, &tv)) {
|
||||
+ return -TARGET_EFAULT;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ return ret;
|
||||
+}
|
||||
+
|
||||
+static abi_long do_ioctl_SIOCGSTAMPNS(const IOCTLEntry *ie, uint8_t *buf_temp,
|
||||
+ int fd, int cmd, abi_long arg)
|
||||
+{
|
||||
+ struct timespec ts;
|
||||
+ abi_long ret;
|
||||
+
|
||||
+ ret = get_errno(safe_ioctl(fd, SIOCGSTAMPNS, &ts));
|
||||
+ if (is_error(ret)) {
|
||||
+ return ret;
|
||||
+ }
|
||||
+
|
||||
+ if (cmd == (int)TARGET_SIOCGSTAMPNS_OLD) {
|
||||
+ if (host_to_target_timespec(arg, &ts)) {
|
||||
+ return -TARGET_EFAULT;
|
||||
+ }
|
||||
+ } else{
|
||||
+ if (host_to_target_timespec64(arg, &ts)) {
|
||||
+ return -TARGET_EFAULT;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ return ret;
|
||||
+}
|
||||
+
|
||||
#ifdef TIOCGPTPEER
|
||||
static abi_long do_ioctl_tiocgptpeer(const IOCTLEntry *ie, uint8_t *buf_temp,
|
||||
int fd, int cmd, abi_long arg)
|
||||
@@ -6180,32 +6290,6 @@ static inline abi_long target_ftruncate64(void *cpu_env, abi_long arg1,
|
||||
}
|
||||
#endif
|
||||
|
||||
-static inline abi_long target_to_host_timespec(struct timespec *host_ts,
|
||||
- abi_ulong target_addr)
|
||||
-{
|
||||
- struct target_timespec *target_ts;
|
||||
-
|
||||
- if (!lock_user_struct(VERIFY_READ, target_ts, target_addr, 1))
|
||||
- return -TARGET_EFAULT;
|
||||
- __get_user(host_ts->tv_sec, &target_ts->tv_sec);
|
||||
- __get_user(host_ts->tv_nsec, &target_ts->tv_nsec);
|
||||
- unlock_user_struct(target_ts, target_addr, 0);
|
||||
- return 0;
|
||||
-}
|
||||
-
|
||||
-static inline abi_long host_to_target_timespec(abi_ulong target_addr,
|
||||
- struct timespec *host_ts)
|
||||
-{
|
||||
- struct target_timespec *target_ts;
|
||||
-
|
||||
- if (!lock_user_struct(VERIFY_WRITE, target_ts, target_addr, 0))
|
||||
- return -TARGET_EFAULT;
|
||||
- __put_user(host_ts->tv_sec, &target_ts->tv_sec);
|
||||
- __put_user(host_ts->tv_nsec, &target_ts->tv_nsec);
|
||||
- unlock_user_struct(target_ts, target_addr, 1);
|
||||
- return 0;
|
||||
-}
|
||||
-
|
||||
static inline abi_long target_to_host_itimerspec(struct itimerspec *host_itspec,
|
||||
abi_ulong target_addr)
|
||||
{
|
||||
diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
|
||||
index 12c8407144..cfb3eeec07 100644
|
||||
--- a/linux-user/syscall_defs.h
|
||||
+++ b/linux-user/syscall_defs.h
|
||||
@@ -208,16 +208,34 @@ struct target_linger {
|
||||
abi_int l_linger; /* How long to linger for */
|
||||
};
|
||||
|
||||
+#if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
|
||||
+struct target_timeval {
|
||||
+ abi_long tv_sec;
|
||||
+ abi_int tv_usec;
|
||||
+};
|
||||
+#define target__kernel_sock_timeval target_timeval
|
||||
+#else
|
||||
struct target_timeval {
|
||||
abi_long tv_sec;
|
||||
abi_long tv_usec;
|
||||
};
|
||||
|
||||
+struct target__kernel_sock_timeval {
|
||||
+ abi_llong tv_sec;
|
||||
+ abi_llong tv_usec;
|
||||
+};
|
||||
+#endif
|
||||
+
|
||||
struct target_timespec {
|
||||
abi_long tv_sec;
|
||||
abi_long tv_nsec;
|
||||
};
|
||||
|
||||
+struct target__kernel_timespec {
|
||||
+ abi_llong tv_sec;
|
||||
+ abi_llong tv_nsec;
|
||||
+};
|
||||
+
|
||||
struct target_timezone {
|
||||
abi_int tz_minuteswest;
|
||||
abi_int tz_dsttime;
|
||||
@@ -743,8 +761,17 @@ struct target_pollfd {
|
||||
#define TARGET_SIOCATMARK 0x8905
|
||||
#define TARGET_SIOCGPGRP 0x8904
|
||||
#endif
|
||||
-#define TARGET_SIOCGSTAMP 0x8906 /* Get stamp (timeval) */
|
||||
-#define TARGET_SIOCGSTAMPNS 0x8907 /* Get stamp (timespec) */
|
||||
+
|
||||
+#if defined(TARGET_SH4)
|
||||
+#define TARGET_SIOCGSTAMP_OLD TARGET_IOR('s', 100, struct target_timeval)
|
||||
+#define TARGET_SIOCGSTAMPNS_OLD TARGET_IOR('s', 101, struct target_timespec)
|
||||
+#else
|
||||
+#define TARGET_SIOCGSTAMP_OLD 0x8906
|
||||
+#define TARGET_SIOCGSTAMPNS_OLD 0x8907
|
||||
+#endif
|
||||
+
|
||||
+#define TARGET_SIOCGSTAMP_NEW TARGET_IOR(0x89, 0x06, abi_llong[2])
|
||||
+#define TARGET_SIOCGSTAMPNS_NEW TARGET_IOR(0x89, 0x07, abi_llong[2])
|
||||
|
||||
/* Networking ioctls */
|
||||
#define TARGET_SIOCADDRT 0x890B /* add routing table entry */
|
||||
diff --git a/linux-user/syscall_types.h b/linux-user/syscall_types.h
|
||||
index b98a23b0f1..4e36983826 100644
|
||||
--- a/linux-user/syscall_types.h
|
||||
+++ b/linux-user/syscall_types.h
|
||||
@@ -14,12 +14,6 @@ STRUCT(serial_icounter_struct,
|
||||
STRUCT(sockaddr,
|
||||
TYPE_SHORT, MK_ARRAY(TYPE_CHAR, 14))
|
||||
|
||||
-STRUCT(timeval,
|
||||
- MK_ARRAY(TYPE_LONG, 2))
|
||||
-
|
||||
-STRUCT(timespec,
|
||||
- MK_ARRAY(TYPE_LONG, 2))
|
||||
-
|
||||
STRUCT(rtentry,
|
||||
TYPE_ULONG, MK_STRUCT(STRUCT_sockaddr), MK_STRUCT(STRUCT_sockaddr), MK_STRUCT(STRUCT_sockaddr),
|
||||
TYPE_SHORT, TYPE_SHORT, TYPE_ULONG, TYPE_PTRVOID, TYPE_SHORT, TYPE_PTRVOID,
|
23
keycodemapdb-make-keycode-gen-output-reproducible.patch
Normal file
23
keycodemapdb-make-keycode-gen-output-reproducible.patch
Normal file
@ -0,0 +1,23 @@
|
||||
--- a/tools/keymap-gen 2019-08-05 21:56:01.731846467 +0200
|
||||
+++ b/tools/keymap-gen 2019-08-05 22:00:14.563720016 +0200
|
||||
@@ -20,6 +20,7 @@
|
||||
sys.path.append(os.path.join(os.path.dirname(__file__), "../thirdparty"))
|
||||
import argparse
|
||||
import hashlib
|
||||
+import os
|
||||
import time
|
||||
import sys
|
||||
|
||||
@@ -317,7 +318,11 @@
|
||||
raise NotImplementedError()
|
||||
|
||||
def generate_header(self, database, args):
|
||||
- today = time.strftime("%Y-%m-%d %H:%M")
|
||||
+ sde = os.getenv("SOURCE_DATE_EPOCH")
|
||||
+ if sde:
|
||||
+ today = time.strftime("%Y-%m-%d %H:%M", time.gmtime(int(sde)))
|
||||
+ else:
|
||||
+ today = time.strftime("%Y-%m-%d %H:%M")
|
||||
self._boilerplate([
|
||||
"This file is auto-generated from keymaps.csv on %s" % today,
|
||||
"Database checksum sha256(%s)" % database.mapchecksum,
|
@ -1,4 +1,20 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 6 14:45:37 UTC 2019 - Bruce Rogers <brogers@suse.com>
|
||||
|
||||
- Adjust to a v5.2 linux kernel change regarding SIOCGSTAMP
|
||||
0051-linux-user-fix-to-handle-variably-s.patch
|
||||
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.0
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 25 20:51:24 UTC 2019 - Liang Yan <lyan@suse.com>
|
||||
|
||||
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.0
|
||||
* Patches added:
|
||||
0049-qxl-check-release-info-object.patch
|
||||
0050-qemu-bridge-helper-restrict-interfa.patch
|
||||
* Patches changed:
|
||||
0043-target-i386-define-md-clear-bit.patch
|
||||
-------------------------------------------------------------------
|
||||
Wed May 29 16:03:58 UTC 2019 - Bruce Rogers <brogers@suse.com>
|
||||
|
||||
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.0
|
||||
|
@ -82,6 +82,9 @@ Patch0045: 0045-kbd-state-fix-autorepeat-handling.patch
|
||||
Patch0046: 0046-target-ppc-ensure-we-get-null-termi.patch
|
||||
Patch0047: 0047-configure-only-populate-roms-if-sof.patch
|
||||
Patch0048: 0048-pc-bios-s390-ccw-net-avoid-warning-.patch
|
||||
Patch0049: 0049-qxl-check-release-info-object.patch
|
||||
Patch0050: 0050-qemu-bridge-helper-restrict-interfa.patch
|
||||
Patch0051: 0051-linux-user-fix-to-handle-variably-s.patch
|
||||
# Please do not add QEMU patches manually here.
|
||||
# Run update_git.sh to regenerate this queue.
|
||||
ExcludeArch: s390
|
||||
@ -160,6 +163,9 @@ syscall layer occurs on the native hardware and operating system.
|
||||
%patch0046 -p1
|
||||
%patch0047 -p1
|
||||
%patch0048 -p1
|
||||
%patch0049 -p1
|
||||
%patch0050 -p1
|
||||
%patch0051 -p1
|
||||
|
||||
%build
|
||||
%define _lto_cflags %{nil}
|
||||
|
@ -1,3 +1,34 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 6 14:45:35 UTC 2019 - Bruce Rogers <brogers@suse.com>
|
||||
|
||||
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.0
|
||||
* Patches added:
|
||||
0051-linux-user-fix-to-handle-variably-s.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Aug 5 20:03:11 UTC 2019 - Stefan Brüns <stefan.bruens@rwth-aachen.de>
|
||||
|
||||
- Make keycode-gen output reproducible (use SOURCE_DATE_EPOCH timestamp)
|
||||
keycodemapdb-make-keycode-gen-output-reproducible.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 25 20:51:23 UTC 2019 - Liang Yan <lyan@suse.com>
|
||||
|
||||
- Security fix for null pointer dereference while releasing spice resources
|
||||
(CVE-2019-12155, bsc#1135902)
|
||||
0049-qxl-check-release-info-object.patch
|
||||
- Security fix for qemu-bridge-helper ACL can be bypassed when names are too long
|
||||
(CVE-2019-13164, bsc#1140402)
|
||||
0050-qemu-bridge-helper-restrict-interfa.patch
|
||||
- Replace patch 0043 with an upstream version
|
||||
0043-target-i386-define-md-clear-bit.patch
|
||||
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.0
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jun 11 09:47:44 UTC 2019 - Christian Goll <cgoll@suse.com>
|
||||
|
||||
- fixed regression for ksm.service was (bsc#1112646)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 10 16:41:24 UTC 2019 - Bruce Rogers <brogers@suse.com>
|
||||
|
||||
|
@ -192,6 +192,9 @@ Patch0045: 0045-kbd-state-fix-autorepeat-handling.patch
|
||||
Patch0046: 0046-target-ppc-ensure-we-get-null-termi.patch
|
||||
Patch0047: 0047-configure-only-populate-roms-if-sof.patch
|
||||
Patch0048: 0048-pc-bios-s390-ccw-net-avoid-warning-.patch
|
||||
Patch0049: 0049-qxl-check-release-info-object.patch
|
||||
Patch0050: 0050-qemu-bridge-helper-restrict-interfa.patch
|
||||
Patch0051: 0051-linux-user-fix-to-handle-variably-s.patch
|
||||
# Please do not add QEMU patches manually here.
|
||||
# Run update_git.sh to regenerate this queue.
|
||||
|
||||
@ -217,6 +220,7 @@ Patch1301: sgabios-fix-cross-build.patch
|
||||
Patch1500: skiboot-gcc9-compat.patch
|
||||
|
||||
# keycodemapdb - path: ui/keycodemapdb (patch range 1600-1699) (Currently no patches)
|
||||
Patch1600: keycodemapdb-make-keycode-gen-output-reproducible.patch
|
||||
|
||||
# openBIOS - path: roms/openbios (patch range 1700-1799) (Currently no patches)
|
||||
|
||||
@ -1009,6 +1013,9 @@ This package provides a service file for starting and stopping KSM.
|
||||
%patch0046 -p1
|
||||
%patch0047 -p1
|
||||
%patch0048 -p1
|
||||
%patch0049 -p1
|
||||
%patch0050 -p1
|
||||
%patch0051 -p1
|
||||
|
||||
pushd roms/seabios
|
||||
%patch1100 -p1
|
||||
@ -1043,6 +1050,7 @@ pushd roms/skiboot
|
||||
popd
|
||||
|
||||
pushd ui/keycodemapdb
|
||||
%patch1600 -p1
|
||||
popd
|
||||
|
||||
pushd roms/openbios
|
||||
|
26
qemu.changes
26
qemu.changes
@ -1,3 +1,29 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 6 14:45:35 UTC 2019 - Bruce Rogers <brogers@suse.com>
|
||||
|
||||
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.0
|
||||
* Patches added:
|
||||
0051-linux-user-fix-to-handle-variably-s.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Aug 5 20:03:11 UTC 2019 - Stefan Brüns <stefan.bruens@rwth-aachen.de>
|
||||
|
||||
- Make keycode-gen output reproducible (use SOURCE_DATE_EPOCH timestamp)
|
||||
keycodemapdb-make-keycode-gen-output-reproducible.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 25 20:51:23 UTC 2019 - Liang Yan <lyan@suse.com>
|
||||
|
||||
- Security fix for null pointer dereference while releasing spice resources
|
||||
(CVE-2019-12155, bsc#1135902)
|
||||
0049-qxl-check-release-info-object.patch
|
||||
- Security fix for qemu-bridge-helper ACL can be bypassed when names are too long
|
||||
(CVE-2019-13164, bsc#1140402)
|
||||
0050-qemu-bridge-helper-restrict-interfa.patch
|
||||
- Replace patch 0043 with an upstream version
|
||||
0043-target-i386-define-md-clear-bit.patch
|
||||
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.0
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jun 11 09:47:44 UTC 2019 - Christian Goll <cgoll@suse.com>
|
||||
|
||||
|
@ -192,6 +192,9 @@ Patch0045: 0045-kbd-state-fix-autorepeat-handling.patch
|
||||
Patch0046: 0046-target-ppc-ensure-we-get-null-termi.patch
|
||||
Patch0047: 0047-configure-only-populate-roms-if-sof.patch
|
||||
Patch0048: 0048-pc-bios-s390-ccw-net-avoid-warning-.patch
|
||||
Patch0049: 0049-qxl-check-release-info-object.patch
|
||||
Patch0050: 0050-qemu-bridge-helper-restrict-interfa.patch
|
||||
Patch0051: 0051-linux-user-fix-to-handle-variably-s.patch
|
||||
# Please do not add QEMU patches manually here.
|
||||
# Run update_git.sh to regenerate this queue.
|
||||
|
||||
@ -217,6 +220,7 @@ Patch1301: sgabios-fix-cross-build.patch
|
||||
Patch1500: skiboot-gcc9-compat.patch
|
||||
|
||||
# keycodemapdb - path: ui/keycodemapdb (patch range 1600-1699) (Currently no patches)
|
||||
Patch1600: keycodemapdb-make-keycode-gen-output-reproducible.patch
|
||||
|
||||
# openBIOS - path: roms/openbios (patch range 1700-1799) (Currently no patches)
|
||||
|
||||
@ -1009,6 +1013,9 @@ This package provides a service file for starting and stopping KSM.
|
||||
%patch0046 -p1
|
||||
%patch0047 -p1
|
||||
%patch0048 -p1
|
||||
%patch0049 -p1
|
||||
%patch0050 -p1
|
||||
%patch0051 -p1
|
||||
|
||||
pushd roms/seabios
|
||||
%patch1100 -p1
|
||||
@ -1043,6 +1050,7 @@ pushd roms/skiboot
|
||||
popd
|
||||
|
||||
pushd ui/keycodemapdb
|
||||
%patch1600 -p1
|
||||
popd
|
||||
|
||||
pushd roms/openbios
|
||||
|
@ -167,6 +167,7 @@ Patch1301: sgabios-fix-cross-build.patch
|
||||
Patch1500: skiboot-gcc9-compat.patch
|
||||
|
||||
# keycodemapdb - path: ui/keycodemapdb (patch range 1600-1699) (Currently no patches)
|
||||
Patch1600: keycodemapdb-make-keycode-gen-output-reproducible.patch
|
||||
|
||||
# openBIOS - path: roms/openbios (patch range 1700-1799) (Currently no patches)
|
||||
|
||||
@ -946,6 +947,7 @@ pushd roms/skiboot
|
||||
popd
|
||||
|
||||
pushd ui/keycodemapdb
|
||||
%patch1600 -p1
|
||||
popd
|
||||
|
||||
pushd roms/openbios
|
||||
|
Loading…
Reference in New Issue
Block a user