diff --git a/config.sh b/config.sh index fc40e0f2..0042873a 100644 --- a/config.sh +++ b/config.sh @@ -14,6 +14,11 @@ GIT_UPSTREAM_COMMIT_ISH=v4.1.1 # This is used to choose the version number when LATEST processing is active NEXT_RELEASE_IS_MAJOR=0 +# Unfortunately, SeaBIOS doesn't always follow an "always increasing" version +# model, so there may be times we should overide the automated version setting. +# We can do so by specifing the value here: +# SEABIOS_VERSION=1.12.1+ + # The shared openSUSE specific git repo, on which $GIT_LOCAL_TREE is based GIT_TREE=git://github.com/openSUSE/qemu.git diff --git a/qemu.changes b/qemu.changes index 121aff49..c6b000ee 100644 --- a/qemu.changes +++ b/qemu.changes @@ -1,3 +1,15 @@ +------------------------------------------------------------------- +Tue Nov 19 19:13:41 UTC 2019 - Bruce Rogers + +- Expose pschange-mc-no "feature", indicating CPU does not have + the page size change machine check vulnerability (CVE-2018-12207 + bsc#1155812) + target-i386-add-PSCHANGE_NO-bit-for-the-.patch +- Expose taa-no "feature", indicating CPU does not have the + TSX Async Abort vulnerability. (CVE-2019-11135 bsc#1152506) + target-i386-Export-TAA_NO-bit-to-guests.patch +Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.1 + ------------------------------------------------------------------- Fri Nov 15 15:45:45 UTC 2019 - Bruce Rogers diff --git a/qemu.spec b/qemu.spec index 5a52a5c9..6597e923 100644 --- a/qemu.spec +++ b/qemu.spec @@ -87,14 +87,15 @@ %define summary_string Machine emulator and virtualizer %endif +%define qemuver 4.1.1 +%define srcver 4.1.1 +%define sbver 1.12.1 %define srcname qemu Name: qemu%{name_suffix} URL: https://www.qemu.org/ Summary: %{summary_string} License: BSD-2-Clause AND BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT Group: System/Emulators/PC -%define qemuver 4.1.1 -%define srcver 4.1.1 Version: %qemuver Release: 0 Source: https://wiki.qemu.org/download/%{srcname}-%{srcver}.tar.xz @@ -122,46 +123,48 @@ Source303: README.PACKAGING # This patch queue is auto-generated - see README.PACKAGING for process # Patches applied in base project: -Patch00000: XXX-dont-dump-core-on-sigabort.patch -Patch00001: qemu-binfmt-conf-Modify-default-path.patch -Patch00002: qemu-cvs-gettimeofday.patch -Patch00003: qemu-cvs-ioctl_debug.patch -Patch00004: qemu-cvs-ioctl_nodirection.patch -Patch00005: linux-user-add-binfmt-wrapper-for-argv-0.patch -Patch00006: PPC-KVM-Disable-mmu-notifier-check.patch -Patch00007: linux-user-binfmt-support-host-binaries.patch -Patch00008: linux-user-Fake-proc-cpuinfo.patch -Patch00009: linux-user-use-target_ulong.patch -Patch00010: Make-char-muxer-more-robust-wrt-small-FI.patch -Patch00011: linux-user-lseek-explicitly-cast-non-set.patch -Patch00012: AIO-Reduce-number-of-threads-for-32bit-h.patch -Patch00013: xen_disk-Add-suse-specific-flush-disable.patch -Patch00014: qemu-bridge-helper-reduce-security-profi.patch -Patch00015: qemu-binfmt-conf-use-qemu-ARCH-binfmt.patch -Patch00016: linux-user-properly-test-for-infinite-ti.patch -Patch00017: roms-Makefile-pass-a-packaging-timestamp.patch -Patch00018: Raise-soft-address-space-limit-to-hard-l.patch -Patch00019: increase-x86_64-physical-bits-to-42.patch -Patch00020: vga-Raise-VRAM-to-16-MiB-for-pc-0.15-and.patch -Patch00021: i8254-Fix-migration-from-SLE11-SP2.patch -Patch00022: acpi_piix4-Fix-migration-from-SLE11-SP2.patch -Patch00023: Switch-order-of-libraries-for-mpath-supp.patch -Patch00024: Make-installed-scripts-explicitly-python.patch -Patch00025: hw-smbios-handle-both-file-formats-regar.patch -Patch00026: xen-add-block-resize-support-for-xen-dis.patch -Patch00027: tests-qemu-iotests-Triple-timeout-of-i-o.patch -Patch00028: tests-Fix-block-tests-to-be-compatible-w.patch -Patch00029: xen-ignore-live-parameter-from-xen-save-.patch -Patch00030: Conditionalize-ui-bitmap-installation-be.patch -Patch00031: tests-change-error-message-in-test-162.patch -Patch00032: hw-usb-hcd-xhci-Fix-GCC-9-build-warning.patch -Patch00033: hw-usb-dev-mtp-Fix-GCC-9-build-warning.patch -Patch00034: hw-intc-exynos4210_gic-provide-more-room.patch -Patch00035: configure-only-populate-roms-if-softmmu.patch -Patch00036: pc-bios-s390-ccw-net-avoid-warning-about.patch -Patch00037: roms-change-cross-compiler-naming-to-be-.patch -Patch00038: tests-Disable-some-block-tests-for-now.patch -Patch00039: test-add-mapping-from-arch-of-i686-to-qe.patch +Patch00000: target-i386-add-PSCHANGE_NO-bit-for-the-.patch +Patch00001: target-i386-Export-TAA_NO-bit-to-guests.patch +Patch00002: XXX-dont-dump-core-on-sigabort.patch +Patch00003: qemu-binfmt-conf-Modify-default-path.patch +Patch00004: qemu-cvs-gettimeofday.patch +Patch00005: qemu-cvs-ioctl_debug.patch +Patch00006: qemu-cvs-ioctl_nodirection.patch +Patch00007: linux-user-add-binfmt-wrapper-for-argv-0.patch +Patch00008: PPC-KVM-Disable-mmu-notifier-check.patch +Patch00009: linux-user-binfmt-support-host-binaries.patch +Patch00010: linux-user-Fake-proc-cpuinfo.patch +Patch00011: linux-user-use-target_ulong.patch +Patch00012: Make-char-muxer-more-robust-wrt-small-FI.patch +Patch00013: linux-user-lseek-explicitly-cast-non-set.patch +Patch00014: AIO-Reduce-number-of-threads-for-32bit-h.patch +Patch00015: xen_disk-Add-suse-specific-flush-disable.patch +Patch00016: qemu-bridge-helper-reduce-security-profi.patch +Patch00017: qemu-binfmt-conf-use-qemu-ARCH-binfmt.patch +Patch00018: linux-user-properly-test-for-infinite-ti.patch +Patch00019: roms-Makefile-pass-a-packaging-timestamp.patch +Patch00020: Raise-soft-address-space-limit-to-hard-l.patch +Patch00021: increase-x86_64-physical-bits-to-42.patch +Patch00022: vga-Raise-VRAM-to-16-MiB-for-pc-0.15-and.patch +Patch00023: i8254-Fix-migration-from-SLE11-SP2.patch +Patch00024: acpi_piix4-Fix-migration-from-SLE11-SP2.patch +Patch00025: Switch-order-of-libraries-for-mpath-supp.patch +Patch00026: Make-installed-scripts-explicitly-python.patch +Patch00027: hw-smbios-handle-both-file-formats-regar.patch +Patch00028: xen-add-block-resize-support-for-xen-dis.patch +Patch00029: tests-qemu-iotests-Triple-timeout-of-i-o.patch +Patch00030: tests-Fix-block-tests-to-be-compatible-w.patch +Patch00031: xen-ignore-live-parameter-from-xen-save-.patch +Patch00032: Conditionalize-ui-bitmap-installation-be.patch +Patch00033: tests-change-error-message-in-test-162.patch +Patch00034: hw-usb-hcd-xhci-Fix-GCC-9-build-warning.patch +Patch00035: hw-usb-dev-mtp-Fix-GCC-9-build-warning.patch +Patch00036: hw-intc-exynos4210_gic-provide-more-room.patch +Patch00037: configure-only-populate-roms-if-softmmu.patch +Patch00038: pc-bios-s390-ccw-net-avoid-warning-about.patch +Patch00039: roms-change-cross-compiler-naming-to-be-.patch +Patch00040: tests-Disable-some-block-tests-for-now.patch +Patch00041: test-add-mapping-from-arch-of-i686-to-qe.patch # Patches applied in roms/seabios/: Patch01000: seabios-use-python2-explicitly-as-needed.patch Patch01001: seabios-switch-to-python3-as-needed.patch @@ -373,7 +376,7 @@ BuildRequires: qemu-ksm = %{qemuver} BuildRequires: qemu-lang = %{qemuver} BuildRequires: qemu-ppc = %{qemuver} BuildRequires: qemu-s390 = %{qemuver} -BuildRequires: qemu-seabios = 1.12.1 +BuildRequires: qemu-seabios = %{sbver} BuildRequires: qemu-sgabios = 8 BuildRequires: qemu-tools = %{qemuver} BuildRequires: qemu-ui-curses = %{qemuver} @@ -381,7 +384,7 @@ BuildRequires: qemu-ui-gtk = %{qemuver} %if 0%{?is_opensuse} BuildRequires: qemu-ui-sdl = %{qemuver} %endif -BuildRequires: qemu-vgabios = 1.12.1 +BuildRequires: qemu-vgabios = %{sbver} BuildRequires: qemu-x86 = %{qemuver} %endif Requires(pre): shadow @@ -769,7 +772,7 @@ to provide information and control at the guest OS level. %package seabios Summary: x86 Legacy BIOS for QEMU Group: System/Emulators/PC -Version: 1.12.1 +Version: %{sbver} Release: 0 BuildArch: noarch Conflicts: %name < 1.6.0 @@ -781,7 +784,7 @@ is the default and legacy BIOS for QEMU. %package vgabios Summary: VGA BIOSes for QEMU Group: System/Emulators/PC -Version: 1.12.1 +Version: %{sbver} Release: 0 BuildArch: noarch Conflicts: %name < 1.6.0 @@ -891,6 +894,8 @@ This package provides a service file for starting and stopping KSM. %patch00037 -p1 %patch00038 -p1 %patch00039 -p1 +%patch00040 -p1 +%patch00041 -p1 %patch01000 -p1 %patch01001 -p1 %patch01002 -p1 diff --git a/qemu.spec.in b/qemu.spec.in index 5dd373fd..a5741507 100644 --- a/qemu.spec.in +++ b/qemu.spec.in @@ -87,13 +87,14 @@ %define summary_string Machine emulator and virtualizer %endif +INSERT_VERSIONING %define srcname qemu Name: qemu%{name_suffix} URL: https://www.qemu.org/ Summary: %{summary_string} License: BSD-2-Clause AND BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT Group: System/Emulators/PC -QEMU_VERSION +Version: %qemuver Release: 0 Source: https://wiki.qemu.org/download/%{srcname}-%{srcver}.tar.xz Source100: %{srcname}.keyring @@ -301,7 +302,7 @@ BuildRequires: qemu-ksm = %{qemuver} BuildRequires: qemu-lang = %{qemuver} BuildRequires: qemu-ppc = %{qemuver} BuildRequires: qemu-s390 = %{qemuver} -BuildRequires: qemu-seabios = 1.12.1 +BuildRequires: qemu-seabios = %{sbver} BuildRequires: qemu-sgabios = 8 BuildRequires: qemu-tools = %{qemuver} BuildRequires: qemu-ui-curses = %{qemuver} @@ -309,7 +310,7 @@ BuildRequires: qemu-ui-gtk = %{qemuver} %if 0%{?is_opensuse} BuildRequires: qemu-ui-sdl = %{qemuver} %endif -BuildRequires: qemu-vgabios = 1.12.1 +BuildRequires: qemu-vgabios = %{sbver} BuildRequires: qemu-x86 = %{qemuver} %endif Requires(pre): shadow @@ -697,7 +698,7 @@ to provide information and control at the guest OS level. %package seabios Summary: x86 Legacy BIOS for QEMU Group: System/Emulators/PC -SEABIOS_VERSION +Version: %{sbver} Release: 0 BuildArch: noarch Conflicts: %name < 1.6.0 @@ -709,7 +710,7 @@ is the default and legacy BIOS for QEMU. %package vgabios Summary: VGA BIOSes for QEMU Group: System/Emulators/PC -SEABIOS_VERSION +Version: %{sbver} Release: 0 BuildArch: noarch Conflicts: %name < 1.6.0 diff --git a/target-i386-Export-TAA_NO-bit-to-guests.patch b/target-i386-Export-TAA_NO-bit-to-guests.patch new file mode 100644 index 00000000..72153e3a --- /dev/null +++ b/target-i386-Export-TAA_NO-bit-to-guests.patch @@ -0,0 +1,34 @@ +From: Pawan Gupta +Date: Mon, 18 Nov 2019 23:23:27 -0800 +Subject: target/i386: Export TAA_NO bit to guests + +Git-commit: 7fac38635e1cc5ebae34eb6530da1009bd5808e4 +Reference: bsc#1152506 CVE-2019-11135 + +TSX Async Abort (TAA) is a side channel attack on internal buffers in +some Intel processors similar to Microachitectural Data Sampling (MDS). + +Some future Intel processors will use the ARCH_CAP_TAA_NO bit in the +IA32_ARCH_CAPABILITIES MSR to report that they are not vulnerable to +TAA. Make this bit available to guests. + +Signed-off-by: Pawan Gupta +Signed-off-by: Paolo Bonzini +Signed-off-by: Bruce Rogers +--- + target/i386/cpu.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/target/i386/cpu.c b/target/i386/cpu.c +index 5191367f89ee4d1131c4309633de..530942baed87c5ff76beaf36df14 100644 +--- a/target/i386/cpu.c ++++ b/target/i386/cpu.c +@@ -1189,7 +1189,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + .feat_names = { + "rdctl-no", "ibrs-all", "rsba", "skip-l1dfl-vmentry", + "ssb-no", "mds-no", "pschange-mc-no", NULL, +- NULL, NULL, NULL, NULL, ++ "taa-no", NULL, NULL, NULL, + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, diff --git a/target-i386-add-PSCHANGE_NO-bit-for-the-.patch b/target-i386-add-PSCHANGE_NO-bit-for-the-.patch new file mode 100644 index 00000000..9c926f22 --- /dev/null +++ b/target-i386-add-PSCHANGE_NO-bit-for-the-.patch @@ -0,0 +1,29 @@ +From: Paolo Bonzini +Date: Wed, 13 Nov 2019 15:54:35 +0100 +Subject: target/i386: add PSCHANGE_NO bit for the ARCH_CAPABILITIES MSR + +Git-commit: 7f7a585d5bd3c7f1275d28c77d9d67513c1de36c +Reference: bsc#1155812 CVE-2018-12207 + +This is required to disable ITLB multihit mitigations in nested +hypervisors. + +Signed-off-by: Paolo Bonzini +Signed-off-by: Bruce Rogers +--- + target/i386/cpu.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/target/i386/cpu.c b/target/i386/cpu.c +index 19751e37a71fee27944526fe507c..5191367f89ee4d1131c4309633de 100644 +--- a/target/i386/cpu.c ++++ b/target/i386/cpu.c +@@ -1188,7 +1188,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + .type = MSR_FEATURE_WORD, + .feat_names = { + "rdctl-no", "ibrs-all", "rsba", "skip-l1dfl-vmentry", +- "ssb-no", "mds-no", NULL, NULL, ++ "ssb-no", "mds-no", "pschange-mc-no", NULL, + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, diff --git a/update_git.sh b/update_git.sh index 21802bf6..6e38ce64 100644 --- a/update_git.sh +++ b/update_git.sh @@ -462,8 +462,8 @@ rm -rf $BUNDLE_DIR echo "QEMU source version: $SOURCE_VERSION" echo "QEMU version extra: $VERSION_EXTRA" - SEABIOS_VERSION=$(tar JxfO qemu-$SOURCE_VERSION$VERSION_EXTRA.tar.xz \ - qemu-$SOURCE_VERSION/roms/seabios/.version | cut -d '-' -f 2) + SEABIOS_VERSION=${SEABIOS_VERSION:-$(tar JxfO qemu-$SOURCE_VERSION$VERSION_EXTRA.tar.xz \ + qemu-$SOURCE_VERSION/roms/seabios/.version | cut -d '-' -f 2)} for package in qemu; do while IFS= read -r line; do @@ -507,18 +507,16 @@ rm -rf $BUNDLE_DIR echo "%patch$NUM -p1" fi done - elif [ "$line" = "QEMU_VERSION" ]; then + elif [ "$line" = "INSERT_VERSIONING" ]; then echo "%define qemuver $QEMU_VERSION$VERSION_EXTRA" echo "%define srcver $SOURCE_VERSION$VERSION_EXTRA" - echo "Version: %qemuver" + echo "%define sbver $SEABIOS_VERSION" elif [[ "$line" =~ ^Source: ]]; then echo "$line" if [ ${#QEMU_TARBALL_SIG[@]} -eq 1 ]; then # We assume the signature file corresponds - just add .sig echo "$line.sig"|sed 's/^Source: /Source99:/' fi - elif [ "$line" = "SEABIOS_VERSION" ]; then - echo "Version: $SEABIOS_VERSION" else echo "$line" fi