From 367937cadb55d5597c8f351ae92c4296974dd95cff54f5404fc6cc4d6625c84e Mon Sep 17 00:00:00 2001 From: Dario Faggioli Date: Wed, 23 Mar 2022 16:26:18 +0000 Subject: [PATCH] Accepting request 964331 from home:dfaggioli:experimental:Virtualization - Fix virtiofs crashing with glibc >= 2.35, due to rseq syscall (bsc#1196924) * Patches added: tools-virtiofsd-Add-rseq-syscall-to-the-.patch - Avoid warnings caused by a GCC 12 bug, see https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98503 (bsc#1197018) * Patches added: hw-i386-amd_iommu-Fix-maybe-uninitialize.patch Silence-GCC-12-spurious-warnings.patch Ignore-spurious-GCC-12-warning.patch OBS-URL: https://build.opensuse.org/request/show/964331 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=696 --- Ignore-spurious-GCC-12-warning.patch | 97 +++++++++++++++++++ Silence-GCC-12-spurious-warnings.patch | 62 ++++++++++++ bundles.tar.xz | 4 +- ...386-amd_iommu-Fix-maybe-uninitialize.patch | 64 ++++++++++++ qemu.changes | 18 ++++ qemu.spec | 45 +++++---- qemu.spec.in | 36 +++---- ...s-virtiofsd-Add-rseq-syscall-to-the-.patch | 57 +++++++++++ 8 files changed, 345 insertions(+), 38 deletions(-) create mode 100644 Ignore-spurious-GCC-12-warning.patch create mode 100644 Silence-GCC-12-spurious-warnings.patch create mode 100644 hw-i386-amd_iommu-Fix-maybe-uninitialize.patch create mode 100644 tools-virtiofsd-Add-rseq-syscall-to-the-.patch diff --git a/Ignore-spurious-GCC-12-warning.patch b/Ignore-spurious-GCC-12-warning.patch new file mode 100644 index 00000000..53aebc6a --- /dev/null +++ b/Ignore-spurious-GCC-12-warning.patch @@ -0,0 +1,97 @@ +From: =?UTF-8?q?Martin=20Li=C5=A1ka?= +Date: Tue, 22 Mar 2022 11:40:17 +0100 +Subject: Ignore spurious GCC 12 warning +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Git-commit: 0000000000000000000000000000000000000000 +References: bsc#1197018 + +Building with GCC 12 fails producing errors. This is an example (but +there are others): + +[ 1051s] Sdk/C/LzmaEnc.c: In function 'LzmaEnc_CodeOneMemBlock': +[ 1051s] Sdk/C/LzmaEnc.c:2641:19: error: storing the address of local +variable 'outStream' in '*p.rc.outStream' [-Werror=dangling-pointer=] +[ 1051s] 2641 | p->rc.outStream = &outStream.vt; +[ 1051s] | ~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~ +[ 1051s] Sdk/C/LzmaEnc.c:2624:28: note: 'outStream' declared here +[ 1051s] 2624 | CLzmaEnc_SeqOutStreamBuf outStream; +[ 1051s] | ^~~~~~~~~ +[ 1051s] Sdk/C/LzmaEnc.c:2624:28: note: 'pp' declared here + +Which is a false positive reported by GCC compiler: +https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98503 + +Work it around by silencing the warning. + +Signed-off-by: Martin Liška +Signed-off-by: Dario Faggioli +--- + BaseTools/Source/C/DevicePath/DevicePathUtilities.c | 4 ++++ + BaseTools/Source/C/GenFfs/GenFfs.c | 4 ++++ + BaseTools/Source/C/GenSec/GenSec.c | 4 ++++ + BaseTools/Source/C/LzmaCompress/Sdk/C/LzmaEnc.c | 4 ++++ + 4 files changed, 16 insertions(+) + +diff --git a/roms/edk2/BaseTools/Source/C/DevicePath/DevicePathUtilities.c b/roms/edk2/BaseTools/Source/C/DevicePath/DevicePathUtilities.c +index 2ffefa8ceeeff9a1d0504ad71918..c9fb4329843a8fc34e596b506571 100644 +--- a/roms/edk2/BaseTools/Source/C/DevicePath/DevicePathUtilities.c ++++ b/roms/edk2/BaseTools/Source/C/DevicePath/DevicePathUtilities.c +@@ -16,6 +16,10 @@ + #include "UefiDevicePathLib.h" + #include + ++#if __GNUC__ >= 12 ++# pragma GCC diagnostic ignored "-Wstringop-overflow" ++#endif ++ + // + // Template for an end-of-device path node. + // +diff --git a/roms/edk2/BaseTools/Source/C/GenFfs/GenFfs.c b/roms/edk2/BaseTools/Source/C/GenFfs/GenFfs.c +index fcb911f4fc34e560fd06001f91dd..589ffe94982ccfa3651216d0571f 100644 +--- a/roms/edk2/BaseTools/Source/C/GenFfs/GenFfs.c ++++ b/roms/edk2/BaseTools/Source/C/GenFfs/GenFfs.c +@@ -36,6 +36,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent + #define UTILITY_MAJOR_VERSION 0 + #define UTILITY_MINOR_VERSION 1 + ++#if __GNUC__ >= 12 ++# pragma GCC diagnostic ignored "-Wuse-after-free" ++#endif ++ + STATIC CHAR8 *mFfsFileType[] = { + NULL, // 0x00 + "EFI_FV_FILETYPE_RAW", // 0x01 +diff --git a/roms/edk2/BaseTools/Source/C/GenSec/GenSec.c b/roms/edk2/BaseTools/Source/C/GenSec/GenSec.c +index d54a4f9e0a7d67b7c8494ab37011..fb40ad36584c1cd53cc7ca4a9d4f 100644 +--- a/roms/edk2/BaseTools/Source/C/GenSec/GenSec.c ++++ b/roms/edk2/BaseTools/Source/C/GenSec/GenSec.c +@@ -37,6 +37,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent + #define UTILITY_MAJOR_VERSION 0 + #define UTILITY_MINOR_VERSION 1 + ++#if __GNUC__ >= 12 ++# pragma GCC diagnostic ignored "-Wuse-after-free" ++#endif ++ + STATIC CHAR8 *mSectionTypeName[] = { + NULL, // 0x00 - reserved + "EFI_SECTION_COMPRESSION", // 0x01 +diff --git a/roms/edk2/BaseTools/Source/C/LzmaCompress/Sdk/C/LzmaEnc.c b/roms/edk2/BaseTools/Source/C/LzmaCompress/Sdk/C/LzmaEnc.c +index e281716fee1bfb5eb236c9e38dbd..773114584add6e1f0f6e966e26e5 100644 +--- a/roms/edk2/BaseTools/Source/C/LzmaCompress/Sdk/C/LzmaEnc.c ++++ b/roms/edk2/BaseTools/Source/C/LzmaCompress/Sdk/C/LzmaEnc.c +@@ -38,6 +38,10 @@ static unsigned g_STAT_OFFSET = 0; + #define kNumBitPriceShiftBits 4 + #define kBitPrice (1 << kNumBitPriceShiftBits) + ++#if __GNUC__ >= 12 ++# pragma GCC diagnostic ignored "-Wdangling-pointer" ++#endif ++ + void LzmaEncProps_Init(CLzmaEncProps *p) + { + p->level = 5; diff --git a/Silence-GCC-12-spurious-warnings.patch b/Silence-GCC-12-spurious-warnings.patch new file mode 100644 index 00000000..e79191d9 --- /dev/null +++ b/Silence-GCC-12-spurious-warnings.patch @@ -0,0 +1,62 @@ +From: =?UTF-8?q?Martin=20Li=C5=A1ka?= +Date: Tue, 22 Mar 2022 10:52:19 +0100 +Subject: Silence GCC 12 spurious warnings +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Git-commit: 0000000000000000000000000000000000000000 +References: bsc#1197018 + +With GCC 12, build fails like this: + +[ 6245s] inlined from 'memcpy_user' at +arch/x86/include/librm.h:155:2, +[ 6245s] inlined from 'copy_from_user' at +include/ipxe/uaccess.h:338:2, +[ 6245s] inlined from 'acpi_sx_zsdt' at core/acpi.c:217:3: +[ 6245s] arch/x86/include/bits/string.h:79:32: error: array subscript +'union [0]' is partly outside array bounds of 'union +[1]' [-Werror=array-bounds] +[ 6245s] 79 | dest_u->u32[0] = src_u->u32[0]; +[ 6245s] | ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~ +[ 6245s] core/acpi.c: In function 'acpi_sx_zsdt': +[ 6245s] core/acpi.c:191:11: note: object 'buf' of size 4 +[ 6245s] 191 | } buf; +[ 6245s] | ^~~ + +Which is a false positive reported by GCC compiler: +https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98503 + +Silence the watning. + +Signed-off-by: Martin Liška +Signed-off-by: Dario Faggioli +--- + src/Makefile.housekeeping | 13 +++++++++++++ + 1 file changed, 13 insertions(+) + +diff --git a/roms/ipxe/src/Makefile.housekeeping b/roms/ipxe/src/Makefile.housekeeping +index 36cfb950e014914232f254b7edbb..cad327d31dbe0bd69d956c32d28d 100644 +--- a/roms/ipxe/src/Makefile.housekeeping ++++ b/roms/ipxe/src/Makefile.housekeeping +@@ -183,6 +183,19 @@ WNAPM_TEST = $(CC) -Wno-address-of-packed-member -x c -c /dev/null \ + WNAPM_FLAGS := $(shell $(WNAPM_TEST) && \ + $(ECHO) '-Wno-address-of-packed-member') + WORKAROUND_CFLAGS += $(WNAPM_FLAGS) ++ ++# gcc 12.1 generates false positive warnings. Inhibit the warnings. ++WNAB_TEST = $(CC) -Wno-array-bounds -x c -c /dev/null \ ++ -o /dev/null >/dev/null 2>&1 ++WNAB_FLAGS := $(shell $(WNAB_TEST) && \ ++ $(ECHO) '-Wno-array-bounds') ++WORKAROUND_CFLAGS += $(WNAB_FLAGS) ++ ++WNDP_TEST = $(CC) -Wno-dangling-pointer-x c -c /dev/null \ ++ -o /dev/null >/dev/null 2>&1 ++WNDP_FLAGS := $(shell $(WNAB_TEST) && \ ++ $(ECHO) '-Wno-dangling-pointer') ++WORKAROUND_CFLAGS += $(WNDP_FLAGS) + endif + + # Some versions of gas choke on division operators, treating them as diff --git a/bundles.tar.xz b/bundles.tar.xz index be946154..7c65ccb2 100644 --- a/bundles.tar.xz +++ b/bundles.tar.xz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:593a0eac10d5084f791cd4723ec9508b04d67c936369f8f83db7ccd4ccdb04d5 -size 78808 +oid sha256:29f01672b01bdb2faf4fafe05c4f46f722be2e8b373e66dea35172397c9bcf83 +size 84340 diff --git a/hw-i386-amd_iommu-Fix-maybe-uninitialize.patch b/hw-i386-amd_iommu-Fix-maybe-uninitialize.patch new file mode 100644 index 00000000..9f8a40e1 --- /dev/null +++ b/hw-i386-amd_iommu-Fix-maybe-uninitialize.patch @@ -0,0 +1,64 @@ +From: Paolo Bonzini +Date: Mon, 21 Mar 2022 15:33:46 +0100 +Subject: hw/i386/amd_iommu: Fix maybe-uninitialized error with GCC 12 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Git-commit: 00000000000000000000000000000000000000000000 +References: bsc#1197018 + +Be more explicit that the loop must roll at least once. Avoids the +following warning: + + FAILED: libqemu-x86_64-softmmu.fa.p/hw_i386_amd_iommu.c.o + In function 'pte_get_page_mask', + inlined from 'amdvi_page_walk' at hw/i386/amd_iommu.c:945:25, + inlined from 'amdvi_do_translate' at hw/i386/amd_iommu.c:989:5, + inlined from 'amdvi_translate' at hw/i386/amd_iommu.c:1038:5: + hw/i386/amd_iommu.c:877:38: error: 'oldlevel' may be used uninitialized [-Werror=maybe-uninitialized] + 877 | return ~((1UL << ((oldlevel * 9) + 3)) - 1); + | ~~~~~~~~~~~~~~~~^~~~ + hw/i386/amd_iommu.c: In function 'amdvi_translate': + hw/i386/amd_iommu.c:906:41: note: 'oldlevel' was declared here + 906 | unsigned level, present, pte_perms, oldlevel; + | ^~~~~~~~ + cc1: all warnings being treated as errors + +Having: + + $ gcc --version + gcc (Debian 12-20220313-1) 12.0.1 20220314 (experimental) + +Reported-by: Philippe Mathieu-Daudé +Signed-off-by: Paolo Bonzini +Signed-off-by: Dario Faggioli +--- + hw/i386/amd_iommu.c | 7 ++----- + 1 file changed, 2 insertions(+), 5 deletions(-) + +diff --git a/hw/i386/amd_iommu.c b/hw/i386/amd_iommu.c +index 91fe34ae5899339e4114a6e0cac6..f2960a0f381298c8c64009043ab2 100644 +--- a/hw/i386/amd_iommu.c ++++ b/hw/i386/amd_iommu.c +@@ -911,7 +911,7 @@ static void amdvi_page_walk(AMDVIAddressSpace *as, uint64_t *dte, + } + + /* we are at the leaf page table or page table encodes a huge page */ +- while (level > 0) { ++ do { + pte_perms = amdvi_get_perms(pte); + present = pte & 1; + if (!present || perms != (perms & pte_perms)) { +@@ -930,10 +930,7 @@ static void amdvi_page_walk(AMDVIAddressSpace *as, uint64_t *dte, + } + oldlevel = level; + level = get_pte_translation_mode(pte); +- if (level == 0x7) { +- break; +- } +- } ++ } while (level > 0 && level < 7); + + if (level == 0x7) { + page_mask = pte_override_page_mask(pte); diff --git a/qemu.changes b/qemu.changes index 0ac7ee41..008906d3 100644 --- a/qemu.changes +++ b/qemu.changes @@ -1,3 +1,21 @@ +------------------------------------------------------------------- +Wed Mar 23 07:46:11 UTC 2022 - Dario Faggioli + +- Fix virtiofs crashing with glibc >= 2.35, due to rseq syscall + (bsc#1196924) +* Patches added: + tools-virtiofsd-Add-rseq-syscall-to-the-.patch + +------------------------------------------------------------------- +Tue Mar 22 09:58:56 UTC 2022 - Dario Faggioli + +- Avoid warnings caused by a GCC 12 bug, see https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98503 + (bsc#1197018) +* Patches added: + hw-i386-amd_iommu-Fix-maybe-uninitialize.patch + Silence-GCC-12-spurious-warnings.patch + Ignore-spurious-GCC-12-warning.patch + ------------------------------------------------------------------- Tue Mar 15 09:58:18 UTC 2022 - Li Zhang Fix bsc#1189702 CVE-2021-3713 diff --git a/qemu.spec b/qemu.spec index 187da0ee..be22404c 100644 --- a/qemu.spec +++ b/qemu.spec @@ -216,6 +216,8 @@ Patch00069: block-backend-Retain-permissions-after-m.patch Patch00070: virtiofsd-Drop-membership-of-all-supplem.patch Patch00071: hw-scsi-megasas-check-for-NULL-frame-in-.patch Patch00072: hw-nvram-at24-return-0xff-if-1-byte-addr.patch +Patch00073: hw-i386-amd_iommu-Fix-maybe-uninitialize.patch +Patch00074: tools-virtiofsd-Add-rseq-syscall-to-the-.patch # Patches applied in roms/seabios/: Patch01000: seabios-use-python2-explicitly-as-needed.patch Patch01001: seabios-switch-to-python3-as-needed.patch @@ -226,9 +228,12 @@ Patch02000: ath5k-Add-missing-AR5K_EEPROM_READ-in-at.patch Patch02001: stub-out-the-SAN-req-s-in-int13.patch Patch02002: ipxe-Makefile-fix-issues-of-build-reprod.patch Patch02003: help-compiler-out-by-initializing-array.patch +Patch02004: Silence-GCC-12-spurious-warnings.patch # Patches applied in roms/sgabios/: Patch03000: sgabios-Makefile-fix-issues-of-build-rep.patch Patch03001: roms-sgabios-Fix-csum8-to-be-built-by-ho.patch +# Patches applied in roms/edk2/: +Patch04000: Ignore-spurious-GCC-12-warning.patch # Patches applied in roms/skiboot/: Patch05000: Makefile-define-endianess-for-cross-buil.patch # Patches applied in roms/qboot/: @@ -1208,6 +1213,8 @@ This package records qemu testsuite results and represents successful testing. %patch00070 -p1 %patch00071 -p1 %patch00072 -p1 +%patch00073 -p1 +%patch00074 -p1 %patch01000 -p1 %patch01001 -p1 %patch01002 -p1 @@ -1218,8 +1225,10 @@ This package records qemu testsuite results and represents successful testing. %endif %patch02002 -p1 %patch02003 -p1 +%patch02004 -p1 %patch03000 -p1 %patch03001 -p1 +%patch04000 -p1 %patch05000 -p1 %patch11000 -p1 %patch13000 -p1 @@ -1534,7 +1543,7 @@ do unlink %srcdir/pc-bios/$i done -make %{?_smp_mflags} V=1 +%make_build # ... And then, reinstate the firmwares that have been built already for i in %{?s390x_default_built_firmware} @@ -1553,31 +1562,31 @@ done %if %{build_ppc_firmware} # FIXME: check if we can upstream: Makefile-define-endianess-for-cross-buil.patch -make %{?_smp_mflags} -C %srcdir/roms skiboot +%make_build -C %srcdir/roms skiboot -make %{?_smp_mflags} -C %srcdir/roms slof +%make_build -C %srcdir/roms slof %endif %if %{build_opensbi_firmware} -make %{?_smp_mflags} -C %srcdir/roms opensbi64-generic +%make_build -C %srcdir/roms opensbi64-generic %endif %if %{build_x86_firmware} -make %{?_smp_mflags} -C %srcdir/roms bios \ +%make_build %{?_smp_mflags} -C %srcdir/roms bios \ SEABIOS_EXTRAVERSION="-rebuilt.opensuse.org" \ # FIXME: check if we can upstream: roms-Makefile-add-cross-file-to-qboot-me.patch # and qboot-add-cross.ini-file-to-handle-aarch.patch -make %{?_smp_mflags} -C %srcdir/roms qboot +%make_build -C %srcdir/roms qboot -make %{?_smp_mflags} -C %srcdir/roms seavgabios \ +%make_build -C %srcdir/roms seavgabios \ -make %{?_smp_mflags} -C %srcdir/roms seavgabios-ati \ +%make_build -C %srcdir/roms seavgabios-ati \ -make %{?_smp_mflags} -C %srcdir/roms pxerom +%make_build -C %srcdir/roms pxerom -make %{?_smp_mflags} -C %srcdir/roms efirom \ +%make_build -C %srcdir/roms efirom \ EDK2_BASETOOLS_OPTFLAGS='-fPIE' # We're currently not building firmware on ix86, but let's make sure this works @@ -1592,7 +1601,7 @@ make -C %srcdir/roms sgabios HOSTCC=cc \ pushd %srcdir patch -p1 < %_sourcedir/stub-out-the-SAN-req-s-in-int13.patch popd -make %{?_smp_mflags} -C %srcdir/roms pxerom_variants=virtio pxerom_targets=1af41000 pxerom +%make_build -C %srcdir/roms pxerom_variants=virtio pxerom_targets=1af41000 pxerom %endif # enforce pxe rom sizes for migration compatability from SLE 11 SP3 forward @@ -1658,15 +1667,15 @@ for conf in %{_builddir}/%buildsubdir/configs/targets/*-softmmu.mak; do done # Compile the QOM test binary first, so that ... -make %{?_smp_mflags} tests/qtest/qom-test V=1 +%make_build tests/qtest/qom-test V=1 # ... make comes in fresh and has lots of address space (needed for 32bit, bsc#957379) -make %{?_smp_mflags} check-report.tap V=1 +%make_build check-report.tap V=1 %endif # ------------------------------------------------------------------------ %if "%{name}" == "qemu-linux-user" -make %{?_smp_mflags} V=1 +%make_build %ifarch %ix86 %define qemu_arch i386 @@ -1705,7 +1714,7 @@ export QEMU_PROG=%_bindir/qemu-system-x86_64 export QEMU_IMG_PROG=%_bindir/qemu-img export QEMU_IO_PROG=%_bindir/qemu-io export QEMU_NBD_PROG=%_bindir/qemu-nbd -make %{?_smp_mflags} check-block V=1 +%make_build check-block V=1 %endif # ------------------------------------------------------------------------ @@ -1715,7 +1724,7 @@ make %{?_smp_mflags} check-block V=1 %ifnarch %arm %{qemu_arch}-linux-user/qemu-%{qemu_arch} %_bindir/ls > /dev/null %endif -make %{?_smp_mflags} check-softfloat +%make_build check-softfloat %endif %endif @@ -1733,7 +1742,7 @@ install -D -m 0644 check-report.tap %{buildroot}%_datadir/qemu/check-report.tap # ------------------------------------------------------------------------ %if "%{name}" == "qemu-linux-user" -make %{?_smp_mflags} install DESTDIR=%{buildroot} +%make_build install DESTDIR=%{buildroot} rm -rf %{buildroot}%_datadir/qemu/keymaps unlink %{buildroot}%_datadir/qemu/trace-events-all install -d -m 755 %{buildroot}%_sbindir @@ -1778,7 +1787,7 @@ ln -s qemu-binfmt %{buildroot}%_bindir/qemu-xtensaeb-binfmt # ------------------------------------------------------------------------ %if "%{name}" == "qemu" -make %{?_smp_mflags} install DESTDIR=%{buildroot} +%make_build install DESTDIR=%{buildroot} %find_lang %name install -d -m 0755 %{buildroot}%_datadir/%name/firmware diff --git a/qemu.spec.in b/qemu.spec.in index dece40ed..7adcbfcc 100644 --- a/qemu.spec.in +++ b/qemu.spec.in @@ -1343,7 +1343,7 @@ do unlink %srcdir/pc-bios/$i done -make %{?_smp_mflags} V=1 +%make_build # ... And then, reinstate the firmwares that have been built already for i in %{?s390x_default_built_firmware} @@ -1362,31 +1362,31 @@ done %if %{build_ppc_firmware} # FIXME: check if we can upstream: Makefile-define-endianess-for-cross-buil.patch -make %{?_smp_mflags} -C %srcdir/roms skiboot +%make_build -C %srcdir/roms skiboot -make %{?_smp_mflags} -C %srcdir/roms slof +%make_build -C %srcdir/roms slof %endif %if %{build_opensbi_firmware} -make %{?_smp_mflags} -C %srcdir/roms opensbi64-generic +%make_build -C %srcdir/roms opensbi64-generic %endif %if %{build_x86_firmware} -make %{?_smp_mflags} -C %srcdir/roms bios \ +%make_build %{?_smp_mflags} -C %srcdir/roms bios \ SEABIOS_EXTRAVERSION="-rebuilt.opensuse.org" \ # FIXME: check if we can upstream: roms-Makefile-add-cross-file-to-qboot-me.patch # and qboot-add-cross.ini-file-to-handle-aarch.patch -make %{?_smp_mflags} -C %srcdir/roms qboot +%make_build -C %srcdir/roms qboot -make %{?_smp_mflags} -C %srcdir/roms seavgabios \ +%make_build -C %srcdir/roms seavgabios \ -make %{?_smp_mflags} -C %srcdir/roms seavgabios-ati \ +%make_build -C %srcdir/roms seavgabios-ati \ -make %{?_smp_mflags} -C %srcdir/roms pxerom +%make_build -C %srcdir/roms pxerom -make %{?_smp_mflags} -C %srcdir/roms efirom \ +%make_build -C %srcdir/roms efirom \ EDK2_BASETOOLS_OPTFLAGS='-fPIE' # We're currently not building firmware on ix86, but let's make sure this works @@ -1401,7 +1401,7 @@ make -C %srcdir/roms sgabios HOSTCC=cc \ pushd %srcdir patch -p1 < %_sourcedir/stub-out-the-SAN-req-s-in-int13.patch popd -make %{?_smp_mflags} -C %srcdir/roms pxerom_variants=virtio pxerom_targets=1af41000 pxerom +%make_build -C %srcdir/roms pxerom_variants=virtio pxerom_targets=1af41000 pxerom %endif # enforce pxe rom sizes for migration compatability from SLE 11 SP3 forward @@ -1467,15 +1467,15 @@ for conf in %{_builddir}/%buildsubdir/configs/targets/*-softmmu.mak; do done # Compile the QOM test binary first, so that ... -make %{?_smp_mflags} tests/qtest/qom-test V=1 +%make_build tests/qtest/qom-test V=1 # ... make comes in fresh and has lots of address space (needed for 32bit, bsc#957379) -make %{?_smp_mflags} check-report.tap V=1 +%make_build check-report.tap V=1 %endif # ------------------------------------------------------------------------ %if "%{name}" == "qemu-linux-user" -make %{?_smp_mflags} V=1 +%make_build %ifarch %ix86 %define qemu_arch i386 @@ -1514,7 +1514,7 @@ export QEMU_PROG=%_bindir/qemu-system-x86_64 export QEMU_IMG_PROG=%_bindir/qemu-img export QEMU_IO_PROG=%_bindir/qemu-io export QEMU_NBD_PROG=%_bindir/qemu-nbd -make %{?_smp_mflags} check-block V=1 +%make_build check-block V=1 %endif # ------------------------------------------------------------------------ @@ -1524,7 +1524,7 @@ make %{?_smp_mflags} check-block V=1 %ifnarch %arm %{qemu_arch}-linux-user/qemu-%{qemu_arch} %_bindir/ls > /dev/null %endif -make %{?_smp_mflags} check-softfloat +%make_build check-softfloat %endif %endif @@ -1542,7 +1542,7 @@ install -D -m 0644 check-report.tap %{buildroot}%_datadir/qemu/check-report.tap # ------------------------------------------------------------------------ %if "%{name}" == "qemu-linux-user" -make %{?_smp_mflags} install DESTDIR=%{buildroot} +%make_build install DESTDIR=%{buildroot} rm -rf %{buildroot}%_datadir/qemu/keymaps unlink %{buildroot}%_datadir/qemu/trace-events-all install -d -m 755 %{buildroot}%_sbindir @@ -1587,7 +1587,7 @@ ln -s qemu-binfmt %{buildroot}%_bindir/qemu-xtensaeb-binfmt # ------------------------------------------------------------------------ %if "%{name}" == "qemu" -make %{?_smp_mflags} install DESTDIR=%{buildroot} +%make_build install DESTDIR=%{buildroot} %find_lang %name install -d -m 0755 %{buildroot}%_datadir/%name/firmware diff --git a/tools-virtiofsd-Add-rseq-syscall-to-the-.patch b/tools-virtiofsd-Add-rseq-syscall-to-the-.patch new file mode 100644 index 00000000..8f5d795f --- /dev/null +++ b/tools-virtiofsd-Add-rseq-syscall-to-the-.patch @@ -0,0 +1,57 @@ +From: Christian Ehrhardt +Date: Wed, 9 Feb 2022 12:14:56 +0100 +Subject: tools/virtiofsd: Add rseq syscall to the seccomp allowlist + +Git-commit: 7b223e38603de3a75602e14914d26f9d4baf52eb +References: bsc#1196924 + +The virtiofsd currently crashes when used with glibc 2.35. +That is due to the rseq system call being added to every thread +creation [1][2]. + +[1]: https://www.efficios.com/blog/2019/02/08/linux-restartable-sequences/ +[2]: https://sourceware.org/pipermail/libc-alpha/2022-February/136040.html + +This happens not at daemon start, but when a guest connects + + /usr/lib/qemu/virtiofsd -f --socket-path=/tmp/testvfsd -o sandbox=chroot \ + -o source=/var/guests/j-virtiofs --socket-group=kvm + virtio_session_mount: Waiting for vhost-user socket connection... + # start ok, now guest will connect + virtio_session_mount: Received vhost-user socket connection + virtio_loop: Entry + fv_queue_set_started: qidx=0 started=1 + fv_queue_set_started: qidx=1 started=1 + Bad system call (core dumped) + +We have to put rseq on the seccomp allowlist to avoid that the daemon +is crashing in this case. + +Reported-by: Michael Hudson-Doyle +Signed-off-by: Christian Ehrhardt +Reviewed-by: Dr. David Alan Gilbert +Message-id: 20220209111456.3328420-1-christian.ehrhardt@canonical.com + +[Moved rseq to its alphabetically ordered position in the seccomp +allowlist. +--Stefan] +Signed-off-by: Stefan Hajnoczi +Signed-off-by: Dario Faggioli +--- + tools/virtiofsd/passthrough_seccomp.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c +index a3ce9f898d2d5cb30153b9301c1c..2bc0127b69ad72a0505bb45c1fcd 100644 +--- a/tools/virtiofsd/passthrough_seccomp.c ++++ b/tools/virtiofsd/passthrough_seccomp.c +@@ -91,6 +91,9 @@ static const int syscall_allowlist[] = { + SCMP_SYS(renameat2), + SCMP_SYS(removexattr), + SCMP_SYS(restart_syscall), ++#ifdef __NR_rseq ++ SCMP_SYS(rseq), /* required since glibc 2.35 */ ++#endif + SCMP_SYS(rt_sigaction), + SCMP_SYS(rt_sigprocmask), + SCMP_SYS(rt_sigreturn),