From 78d327b9aa80bcf3ff2b8db05db3d0557b866a180c5726bfafab1b8a4a36e351 Mon Sep 17 00:00:00 2001 From: Bruce Rogers Date: Mon, 7 Aug 2017 18:37:45 +0000 Subject: [PATCH] Accepting request 515068 from home:bfrogers:branches:Virtualization More support doc tweaks. Also, switch one patch with upstream version (header changes only). OBS-URL: https://build.opensuse.org/request/show/515068 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=351 --- ...-slirp-check-len-against-dhcp-option.patch | 12 +-- qemu-testsuite.changes | 5 ++ qemu.changes | 5 ++ supported.arm.txt | 34 ++++---- supported.s390.txt | 77 ++++++++++--------- supported.x86.txt | 29 ++++--- 6 files changed, 98 insertions(+), 64 deletions(-) diff --git a/0072-slirp-check-len-against-dhcp-option.patch b/0072-slirp-check-len-against-dhcp-option.patch index 9df6d832..befa0da7 100644 --- a/0072-slirp-check-len-against-dhcp-option.patch +++ b/0072-slirp-check-len-against-dhcp-option.patch @@ -1,16 +1,18 @@ -From 9ba94af263d7c64137cc748abd9cf3c23e07decc Mon Sep 17 00:00:00 2001 -From: P J P -Date: Tue, 25 Jul 2017 13:34:29 -0600 -Subject: [PATCH] slirp: check len against dhcp options array end - +From 2c4c724d1ad6dfd316ca3941b29d50f52ab625eb Mon Sep 17 00:00:00 2001 From: Prasad J Pandit +Date: Mon, 17 Jul 2017 17:33:26 +0530 +Subject: [PATCH] slirp: check len against dhcp options array end While parsing dhcp options string in 'dhcp_decode', if an options' length 'len' appeared towards the end of 'bp_vend' array, ensuing read could lead to an OOB memory access issue. Add check to avoid it. +This is CVE-2017-11434. + Reported-by: Reno Robert Signed-off-by: Prasad J Pandit +Signed-off-by: Samuel Thibault +(cherry picked from commit 413d463f43fbc4dd3a601e80a5724aa384a265a0) [BR: BSC#1049381 CVE-2017-11434] Signed-off-by: Bruce Rogers --- diff --git a/qemu-testsuite.changes b/qemu-testsuite.changes index 730297d0..9f5a9ced 100644 --- a/qemu-testsuite.changes +++ b/qemu-testsuite.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Mon Aug 7 17:11:59 UTC 2017 - brogers@suse.com + +- Fixed a few more inaccuracies in the support docs. + ------------------------------------------------------------------- Tue Jul 25 19:36:55 UTC 2017 - brogers@suse.com diff --git a/qemu.changes b/qemu.changes index 730297d0..9f5a9ced 100644 --- a/qemu.changes +++ b/qemu.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Mon Aug 7 17:11:59 UTC 2017 - brogers@suse.com + +- Fixed a few more inaccuracies in the support docs. + ------------------------------------------------------------------- Tue Jul 25 19:36:55 UTC 2017 - brogers@suse.com diff --git a/supported.arm.txt b/supported.arm.txt index a68e7a3b..985b8328 100644 --- a/supported.arm.txt +++ b/supported.arm.txt @@ -204,16 +204,18 @@ QEMU Command-Line and Monitor Syntax and Support instead of virt-2.6) if possible. (note: there is no virt-2.9 machine type!) - The following command line options are supported: + -accel ... -add-fd ... -alt-grab -append ... -audio-help -balloon ... -bios ... + -blockdev ... -boot ... -cdrom ... -chardev .. - -clock + -clock ... -cpu host -ctrl-grab -d ... @@ -267,12 +269,12 @@ QEMU Command-Line and Monitor Syntax and Support -nodefconfig -no-frame -nographic - -no-hpet -no-quit -no-reboot -no-shutdown -no-user-config -object ... + -only-migratable -parallel ... -pidfile ... -qmp ... @@ -306,11 +308,11 @@ QEMU Command-Line and Monitor Syntax and Support - The following monitor commands are supported: ? - balloon target ... + balloon ... block_resize ... boot_set ... c - change device ... + change ... chardev-add ... chardev-remove ... client_migrate_info ... @@ -489,6 +491,7 @@ QEMU Command-Line and Monitor Syntax and Support query-version query-vnc query-vnc-servers + query-xen-replication-status quit remove-fd ringbuf-read @@ -552,19 +555,19 @@ QEMU Command-Line and Monitor Syntax and Support mx25l6405d|mx25l8005|n25q032|n25q032a11|n25q032a13|n25q064|n25q064a11| n25q064a13|n25q128|n25q128a11|n25q128a13|n25q256a|n25q256a11| n25q256a13|n25q512a|nand|ne2k_isa|nvdimm|omap2-gpio|omap2-intc| - omap-gpio|omap_i2c|omap-intc|onenand|or-irq|pc-dimm|pc-testdev| - piix3-ide|piix3-ide|piix3-ide-xen|piix3-usb-uhci|pl011|pl011_luminary| - pl022|pl031|pl041|pl050_keyboard|pl050_mouse|pl061|pl061_luminary| - pl080|pl081|pl110|pl110_versatile|pl111|pl181|pl190|pl330| + omap-gpio|omap_i2c|omap-intc|onenand|pc-dimm|pc-testdev|piix3-ide| + piix3-ide|piix3-ide-xen|piix3-usb-uhci|pl011|pl011_luminary|pl022| + pl031|pl041|pl050_keyboard|pl050_mouse|pl061|pl061_luminary|pl080| + pl081|pl110|pl110_versatile|pl111|pl181|pl190|pl330| platform-bus-device|pxa250-arm-cpu|pxa255-arm-cpu|pxa25x-timer| pxa260-arm-cpu|pxa261-arm-cpu|pxa262-arm-cpu|pxa270-a0-arm-cpu| pxa270-a1-arm-cpu|pxa270-arm-cpu|pxa270-b0-arm-cpu|pxa270-b1-arm-cpu| pxa270-c0-arm-cpu|pxa270-c5-arm-cpu|pxa27x-timer|pxa2xx-dma| pxa2xx-fir|pxa2xx-gpio|pxa2xx_i2c|pxa2xx-i2c-slave|pxa2xx-mmci| - pxa2xx-pcmcia|pxa2xx_pic|pxa2xx_rtc|pxa2xx-ssp|qemu,register| - realview_gic|realview_mpcore|realview_pci|realview_sysctl|s25fl016k| - s25fl064k|s25fl129p0|s25fl129p1|s25fl256s0|s25fl256s1|s25fl512s| - s25sl004a|s25sl008a|s25sl016a|s25sl032a|s25sl032p|s25sl064a|s25sl064p| + pxa2xx-pcmcia|pxa2xx_pic|pxa2xx_rtc|pxa2xx-ssp|realview_gic| + realview_mpcore|realview_pci|realview_sysctl|s25fl016k|s25fl064k| + s25fl129p0|s25fl129p1|s25fl256s0|s25fl256s1|s25fl512s|s25sl004a| + s25sl008a|s25sl016a|s25sl032a|s25sl032p|s25sl064a|s25sl064p| s25sl12800|s25sl12801|s70fl01gs|sa1100-arm-cpu|sa1110-arm-cpu|sb16| scoop|sdhci-pci|sga|sl-nand|smbus-eeprom|smc91c111|sp804| spitz-keyboard|spitz-lcdtg|ssd0303|ssd0323|ssi-sd|sst25vf016b| @@ -581,7 +584,8 @@ QEMU Command-Line and Monitor Syntax and Support w25q80|w25q80bl|w25x10|w25x16|w25x20|w25x32|w25x40|w25x64|w25x80| wm8750|*-x86_64-cpu|xen-backend|xen-pci-passthrough|xen-platform| xen-pvdevice|xen-sysdev|xgmac|xilinxzynq_slcr|xlnx.ps7-qspi| - xlnx.ps7-spi|xlnxps7-usb|xlnxzynqmp|xlnxzynq-xadc] + xlnx.ps7-spi|xlnxps7-usb|xlnxzynqmp|xlnxzynq-xadc| + unimplemented-device|vmgenid] (the following are aliases of these unsupported devices: lsi| virtio-input-host|virtio-keyboard|virtio-mouse|virtio-tablet| virtio-gpu|pci-assign|piix-usb-uhci) @@ -591,6 +595,7 @@ QEMU Command-Line and Monitor Syntax and Support -drive ,if=[scsi|mtd|pflash], snapshot=on, format=[anything besides qcow2, qed or raw] -dtb file + -enable-hax -fda/-fdb ... -g ... -hda/-hdb/-hdc/-hdd ... @@ -612,6 +617,7 @@ QEMU Command-Line and Monitor Syntax and Support -net [dump|socket|vde] ... -netdev [dump|hubport|l2tpv3|socket|vde] ... -no-fd-bootchk + -no-hpet -no-kvm -no-kvm-irqchip -no-kvm-pit @@ -689,6 +695,8 @@ QEMU Command-Line and Monitor Syntax and Support x-blockdev-insert-medium x-blockdev-remove-medium x-colo-lost-heartbeat + xen-colo-do-checkpoint xen-load-devices-state xen-save-devices-state xen-set-global-dirty-log + xen-set-replication diff --git a/supported.s390.txt b/supported.s390.txt index 8bbd9f65..9a29cabf 100644 --- a/supported.s390.txt +++ b/supported.s390.txt @@ -205,16 +205,18 @@ QEMU Command-Line and Monitor Syntax and Support s390-ccw-virtio-2.9 instead of s390-ccw-virtio-2.6) if possible. - The following command line options are supported: + -accel ... -add-fd ... -alt-grab -append ... -audio-help -balloon ... -bios ... + -blockdev ... -boot ... -cdrom ... -chardev .. - -clock + -clock ... -cpu host -ctrl-grab -d ... @@ -258,17 +260,16 @@ QEMU Command-Line and Monitor Syntax and Support -net [bridge|l2tpv3|nic|none|tap|user] ... (for model= only e1000, rtl8139, and virtio are supported) -netdev [bridge|tap|user] ... - -no-acpi -nodefaults -nodefconfig -no-frame -nographic - -no-hpet -no-quit -no-reboot -no-shutdown -no-user-config -object ... + -only-migratable -parallel ... -pidfile ... -qmp ... @@ -298,11 +299,11 @@ QEMU Command-Line and Monitor Syntax and Support - The following monitor commands are supported: ? - balloon target ... + balloon ... block_resize ... boot_set ... c - change device ... + change ... chardev-add ... chardev-remove ... client_migrate_info ... @@ -476,6 +477,7 @@ QEMU Command-Line and Monitor Syntax and Support query-version query-vnc query-vnc-servers + query-xen-replication-status quit remove-fd ringbuf-read @@ -514,36 +516,36 @@ QEMU Command-Line and Monitor Syntax and Support kvm-pci-assign|lsi53c810|lsi53c810a|megasas|mptsas1068|ne2k_isa| ne2k_pci|nec-usb-xhci|nvdimm|nvme|pc-dimm|pci-testdev|pcnet| pc-testdev|piix3-ide|piix3-ide|piix3-ide-xen|piix4-usb-uhci|pvscsi| - pxb|pxb-host|pxb-pcie|qemu,register|qemuregister|qemu-s390-cpu|rocker| - s390-flic|s390-flic-qemu|s390-ipl|s390-pcihost| - s390-sclp-event-facility|s390-skeys-qemu|sb16|sclp|sclpconsole| - sclp-cpu-hotplug|sclplmconsole|sclp-memory-hotplug-dev|sclpquiesce| - sd-card|sdhci-pci|sdhci-pci|secondary-vga|sga|smbus-eeprom|tpci200| - unimplemented-device|usb-audio|usb-bot|usb-bt-dongle|usb-ccid|usb-mtp| - usb-uas|vfio-amd-xgbe|vfio-calxeda-xgmac|vfio-pci|vhost-scsi-ccw| - vhost-vsock-ccw|virtio-9p-device|virtio-balloon-ccw|virtio-blk-ccw| - virtio-crypto-ccw|virtio-mmio|virtio-net-ccw|virtio-rng-ccw| - virtio-scsi-ccw|virtio-serial-ccw|virtio-vga|virtual-css-bridge| - vmware-svga|vmxnet3|vt82c686b-usb-uhci|x3130-upstream|*-x86_64-cpu| - xen-backend|xen-pci-passthrough|xen-platform|xen-pvdevice|xen-sysdev| - xio3130-downstream|z10BC.2-base-s390-cpu|z10BC.2-s390-cpu| - z10BC-base-s390-cpu|z10BC-s390-cpu|z10EC.2-base-s390-cpu| - z10EC.2-s390-cpu|z10EC.3-base-s390-cpu|z10EC.3-s390-cpu| - z10EC-base-s390-cpu|z10EC-s390-cpu|z114-base-s390-cpu|z114-s390-cpu| - z13.2-base-s390-cpu|z13.2-s390-cpu|z13-base-s390-cpu|z13-s390-cpu| - z13s-base-s390-cpu|z13s-s390-cpu|z196.2-base-s390-cpu|z196.2-s390-cpu| - z196-base-s390-cpu|z196-s390-cpu|z800-base-s390-cpu|z800-s390-cpu| - z890.2-base-s390-cpu|z890.2-s390-cpu|z890.3-base-s390-cpu| - z890.3-s390-cpu|z890-base-s390-cpu|z890-s390-cpu|z900.2-base-s390-cpu| - z900.2-s390-cpu|z900.3-base-s390-cpu|z900.3-s390-cpu| - z900-base-s390-cpu|z900-s390-cpu|z990.2-base-s390-cpu|z990.2-s390-cpu| - z990.3-base-s390-cpu|z990.3-s390-cpu|z990.4-base-s390-cpu| - z990.4-s390-cpu|z990.5-base-s390-cpu|z990.5-s390-cpu| - z990-base-s390-cpu|z990-s390-cpu|z9BC.2-base-s390-cpu|z9BC.2-s390-cpu| - z9BC-base-s390-cpu|z9BC-s390-cpu|z9EC.2-base-s390-cpu|z9EC.2-s390-cpu| - z9EC.3-base-s390-cpu|z9EC.3-s390-cpu|z9EC-base-s390-cpu|z9EC-s390-cpu| - zBC12-base-s390-cpu|zBC12-s390-cpu|zEC12.2-base-s390-cpu| - zEC12.2-s390-cpu|zEC12-base-s390-cpu|zEC12-s390-cpu|zpci] + pxb|pxb-host|pxb-pcie|qemu-s390-cpu|rocker|s390-flic|s390-flic-qemu| + s390-ipl|s390-pcihost|s390-sclp-event-facility|s390-skeys-qemu|sb16| + sclp|sclpconsole|sclp-cpu-hotplug|sclplmconsole| + sclp-memory-hotplug-dev|sclpquiesce|sd-card|sdhci-pci|sdhci-pci| + secondary-vga|sga|smbus-eeprom|tpci200|unimplemented-device| + usb-audio|usb-bot|usb-bt-dongle|usb-ccid|usb-mtp|usb-uas|vfio-pci| + vhost-scsi-ccw|vhost-vsock-ccw|virtio-9p-device|virtio-balloon-ccw| + virtio-blk-ccw|virtio-crypto-ccw|virtio-mmio|virtio-net-ccw| + virtio-rng-ccw|virtio-scsi-ccw|virtio-serial-ccw|virtio-vga| + virtual-css-bridge|vmware-svga|vmxnet3|vt82c686b-usb-uhci| + x3130-upstream|*-x86_64-cpu|xen-backend|xen-pci-passthrough| + xen-platform|xen-pvdevice|xen-sysdev|xio3130-downstream| + z10BC.2-base-s390-cpu|z10BC.2-s390-cpu|z10BC-base-s390-cpu| + z10BC-s390-cpu|z10EC.2-base-s390-cpu|z10EC.2-s390-cpu| + z10EC.3-base-s390-cpu|z10EC.3-s390-cpu|z10EC-base-s390-cpu| + z10EC-s390-cpu|z114-base-s390-cpu|z114-s390-cpu|z13.2-base-s390-cpu| + z13.2-s390-cpu|z13-base-s390-cpu|z13-s390-cpu|z13s-base-s390-cpu| + z13s-s390-cpu|z196.2-base-s390-cpu|z196.2-s390-cpu|z196-base-s390-cpu| + z196-s390-cpu|z800-base-s390-cpu|z800-s390-cpu|z890.2-base-s390-cpu| + z890.2-s390-cpu|z890.3-base-s390-cpu|z890.3-s390-cpu| + z890-base-s390-cpu|z890-s390-cpu|z900.2-base-s390-cpu|z900.2-s390-cpu| + z900.3-base-s390-cpu|z900.3-s390-cpu|z900-base-s390-cpu|z900-s390-cpu| + z990.2-base-s390-cpu|z990.2-s390-cpu|z990.3-base-s390-cpu| + z990.3-s390-cpu|z990.4-base-s390-cpu|z990.4-s390-cpu| + z990.5-base-s390-cpu|z990.5-s390-cpu|z990-base-s390-cpu|z990-s390-cpu| + z9BC.2-base-s390-cpu|z9BC.2-s390-cpu|z9BC-base-s390-cpu|z9BC-s390-cpu| + z9EC.2-base-s390-cpu|z9EC.2-s390-cpu|z9EC.3-base-s390-cpu| + z9EC.3-s390-cpu|z9EC-base-s390-cpu|z9EC-s390-cpu|zBC12-base-s390-cpu| + zBC12-s390-cpu|zEC12.2-base-s390-cpu|zEC12.2-s390-cpu| + zEC12-base-s390-cpu|zEC12-s390-cpu|zpci|vmgenid] (the following are aliases of these unsupported devices: lsi| virtio-input-host|virtio-keyboard|virtio-mouse|virtio-tablet| virtio-gpu|virtio-9p|pci-assign|ahci|e1000-82540em) @@ -553,6 +555,7 @@ QEMU Command-Line and Monitor Syntax and Support -drive ,if=[scsi|mtd|pflash], snapshot=on, format=[anything besides qcow2, qed or raw] -dtb file + -enable-hax -fda/-fdb ... -g ... -hda/-hdb/-hdc/-hdd ... @@ -565,7 +568,9 @@ QEMU Command-Line and Monitor Syntax and Support -mtdblock file -net [dump|socket|vde] ... -netdev [dump|hubport|l2tpv3|socket|vde] ... + -no-acpi -no-fd-bootchk + -no-hpet -no-kvm -no-kvm-irqchip -no-kvm-pit @@ -652,6 +657,8 @@ QEMU Command-Line and Monitor Syntax and Support x-blockdev-insert-medium x-blockdev-remove-medium x-colo-lost-heartbeat + xen-colo-do-checkpoint xen-load-devices-state xen-save-devices-state xen-set-global-dirty-log + xen-set-replication diff --git a/supported.x86.txt b/supported.x86.txt index 9f547d62..a2671a7b 100644 --- a/supported.x86.txt +++ b/supported.x86.txt @@ -299,16 +299,18 @@ QEMU Command-Line and Monitor Syntax and Support instead of pc-i440fx-2.6) if possible. - The following command line options are supported: + -accel ... -add-fd ... -alt-grab -append ... -audio-help -balloon ... -bios ... + -blockdev ... -boot ... -cdrom ... -chardev .. - -clock + -clock ... -cpu ... (all except host) -ctrl-grab -d ... @@ -325,7 +327,7 @@ QEMU Command-Line and Monitor Syntax and Support virtio-rng-pci|i6300esb|ib700|qxl|qxl-vga|pvpanic|vfio-pci|ivshmem| ivshmem-doorbell|ivshmem-plain|pci-bridge|megasas-gen2|pc-dimm| floppy|e1000e|ccid-card-emulated|ccid-card-passthrough|xen-backend| - loader|e1000] + loader|e1000|vmgenid] (the following are aliases of these supported devices: ahci| virtio-blk|virtio-net|virtio-serial|virtio-balloon| virtio-9p| virtio-scsi|virtio-rng|e1000-82540em) @@ -379,6 +381,7 @@ QEMU Command-Line and Monitor Syntax and Support -no-shutdown -no-user-config -object ... + -only-migratable -parallel ... -pidfile ... -qmp ... @@ -415,11 +418,11 @@ QEMU Command-Line and Monitor Syntax and Support - The following monitor commands are supported: ? - balloon target ... + balloon ... block_resize ... boot_set ... c - change device ... + change ... chardev-add ... chardev-remove ... client_migrate_info ... @@ -598,6 +601,7 @@ QEMU Command-Line and Monitor Syntax and Support query-version query-vnc query-vnc-servers + query-xen-replication-status quit remove-fd ringbuf-read @@ -644,13 +648,13 @@ QEMU Command-Line and Monitor Syntax and Support virtio-tablet-pci|virtio-gpu-pci|pci-bridge-seat|pxb|pxb-pcie| allwinner-ahci|sdhci-pci|rocker|virtio-input-host-device| virtio-keyboard-device|virtio-mouse-device|virtio-tablet-device| - virtio-vga|hyperv-testdev|vfio-amd-xgbe|vfio-calxeda-xgmac| - generic-sdhci|igd-passthrough-isa-bridge|ipmi-bmc-extern| - ipmi-bmc-sim|isa-ipmi-bt|isa-ipmi-kcs|mptsas1068|nvdimm|pxb-host| - sd-card|virtio-gpu-device|kvm-pci-assign|xen-sysdev|or-irq|amd-iommu| - AMDVI-PCI|vhost-vsock-device|vhost-vsock-pci|virtio-crypto-device| - virtio-crypto-pci|qemu,register|vfio-pci-igd-lpc-bridge|*-i386-cpu| - *-x86_64-cpu] + virtio-vga|hyperv-testdev|generic-sdhci|igd-passthrough-isa-bridge| + ipmi-bmc-extern|ipmi-bmc-sim|isa-ipmi-bt|isa-ipmi-kcs|mptsas1068| + nvdimm|pxb-host|sd-card|virtio-gpu-device|kvm-pci-assign|xen-sysdev| + amd-iommu|AMDVI-PCI|vhost-vsock-device|vhost-vsock-pci| + virtio-crypto-device|virtio-crypto-pci|vfio-pci-igd-lpc-bridge| + isabus-bridge|pcie-root-port|qemu-xhci|unimplemented-device| + *-i386-cpu|*-x86_64-cpu] (the following are aliases of these unsupported devices: lsi| virtio-input-host|virtio-keyboard|virtio-mouse|virtio-tablet| virtio-gpu|pci-assign) @@ -660,6 +664,7 @@ QEMU Command-Line and Monitor Syntax and Support -drive ,if=[scsi|mtd|pflash], snapshot=on, format=[anything besides qcow2, qed or raw] -dtb file + -enable-hax -g ... -icount ... -L ... @@ -750,3 +755,5 @@ QEMU Command-Line and Monitor Syntax and Support x-blockdev-insert-medium x-blockdev-remove-medium x-colo-lost-heartbeat + xen-colo-do-checkpoint + xen-set-replication