SHA256
1
0
forked from pool/qemu

Accepting request 520017 from home:bfrogers:branches:Virtualization

A few post v2.10 patches needed to fix issues identified too late to get in. Also enable seccomp for all arch's we build for, and use better package references for rdma support

OBS-URL: https://build.opensuse.org/request/show/520017
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=361
This commit is contained in:
Bruce Rogers 2017-08-31 20:04:54 +00:00 committed by Git OBS Bridge
parent fb7db9270b
commit df8a80613e
11 changed files with 189 additions and 33 deletions

View File

@ -97,13 +97,13 @@ index 67a0a4a58b..1c73e5aeae 100644
+ error_setg(errp, QERR_INVALID_PARAMETER_TYPE, name ? name : "null",
+ "integer");
+ return;
}
+ }
+
+ parse_str(siv, name, true, errp);
+
+ if (!siv->ranges) {
+ goto error;
+ }
}
+
+ if (!siv->cur_range) {
+ Range *r;

View File

@ -17,18 +17,18 @@ diff --git a/tests/test-string-input-visitor.c b/tests/test-string-input-visitor
index 79313a7f7a..e00194a649 100644
--- a/tests/test-string-input-visitor.c
+++ b/tests/test-string-input-visitor.c
@@ -58,6 +58,14 @@ static void test_visitor_in_int(TestInputVisitorData *data,
visit_type_int(v, NULL, &res, &err);
g_assert(!err);
g_assert_cmpint(res, ==, value);
@@ -55,6 +55,14 @@ static void test_visitor_in_int(TestInputVisitorData *data,
v = visitor_input_test_init(data, "-42");
+ visit_type_int(v, NULL, &res, &err);
+ g_assert(!err);
+ g_assert_cmpint(res, ==, value);
+ visitor_input_teardown(data, unused);
+
+ value = INT64_MAX;
+ v = visitor_input_test_init(data, g_strdup_printf("%" PRId64, value));
+
+ visit_type_int(v, NULL, &res, &err);
+ g_assert(!err);
+ g_assert_cmpint(res, ==, value);
v = visitor_input_test_init(data, "not an int");
visit_type_int(v, NULL, &res, &err);
g_assert(!err);
g_assert_cmpint(res, ==, value);

View File

@ -0,0 +1,81 @@
From dc8c3677038bae1bd06dca0167a790776f3e6b3b Mon Sep 17 00:00:00 2001
From: Samuel Thibault <samuel.thibault@ens-lyon.org>
Date: Fri, 25 Aug 2017 01:35:53 +0200
Subject: [PATCH] slirp: fix clearing ifq_so from pending packets
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The if_fastq and if_batchq contain not only packets, but queues of packets
for the same socket. When sofree frees a socket, it thus has to clear ifq_so
from all the packets from the queues, not only the first.
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Cc: qemu-stable@nongnu.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
(cherry picked from commit 1201d308519f1e915866d7583d5136d03cc1d384)
[BR: BSC#1056291 CVE-2017-13711]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
slirp/socket.c | 39 +++++++++++++++++++++++----------------
1 file changed, 23 insertions(+), 16 deletions(-)
diff --git a/slirp/socket.c b/slirp/socket.c
index ecec0295a9..cb7b5b608d 100644
--- a/slirp/socket.c
+++ b/slirp/socket.c
@@ -59,6 +59,27 @@ socreate(Slirp *slirp)
return(so);
}
+/*
+ * Remove references to so from the given message queue.
+ */
+static void
+soqfree(struct socket *so, struct quehead *qh)
+{
+ struct mbuf *ifq;
+
+ for (ifq = (struct mbuf *) qh->qh_link;
+ (struct quehead *) ifq != qh;
+ ifq = ifq->ifq_next) {
+ if (ifq->ifq_so == so) {
+ struct mbuf *ifm;
+ ifq->ifq_so = NULL;
+ for (ifm = ifq->ifs_next; ifm != ifq; ifm = ifm->ifs_next) {
+ ifm->ifq_so = NULL;
+ }
+ }
+ }
+}
+
/*
* remque and free a socket, clobber cache
*/
@@ -66,23 +87,9 @@ void
sofree(struct socket *so)
{
Slirp *slirp = so->slirp;
- struct mbuf *ifm;
- for (ifm = (struct mbuf *) slirp->if_fastq.qh_link;
- (struct quehead *) ifm != &slirp->if_fastq;
- ifm = ifm->ifq_next) {
- if (ifm->ifq_so == so) {
- ifm->ifq_so = NULL;
- }
- }
-
- for (ifm = (struct mbuf *) slirp->if_batchq.qh_link;
- (struct quehead *) ifm != &slirp->if_batchq;
- ifm = ifm->ifq_next) {
- if (ifm->ifq_so == so) {
- ifm->ifq_so = NULL;
- }
- }
+ soqfree(so, &slirp->if_fastq);
+ soqfree(so, &slirp->if_batchq);
if (so->so_emu==EMU_RSH && so->extra) {
sofree(so->extra);

View File

@ -0,0 +1,38 @@
From adee899fc239f9eca87881a7f6c6e1dae346922e Mon Sep 17 00:00:00 2001
From: Farhan Ali <alifm@linux.vnet.ibm.com>
Date: Fri, 25 Aug 2017 09:24:46 -0400
Subject: [PATCH] s390-ccw: Fix alignment for CCW1
The commit 198c0d1f9df8c4 s390x/css: check ccw address validity
exposes an alignment issue in ccw bios.
According to PoP the CCW must be doubleword aligned. Let's fix
this in the bios.
Cc: qemu-stable@nongnu.org
Signed-off-by: Farhan Ali <alifm@linux.vnet.ibm.com>
Reviewed-by: Halil Pasic <pasic@linux.vnet.ibm.com>
Reviewed-by: Eric Farman <farman@linux.vnet.ibm.com>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Message-Id: <3ed8b810b6592daee6a775037ce21f850e40647d.1503667215.git.alifm@linux.vnet.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
(cherry picked from commit 3a1e4561ad63b303b092387ae006bd41468ece63)
[BR: BSC#1056680]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
pc-bios/s390-ccw/cio.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pc-bios/s390-ccw/cio.h b/pc-bios/s390-ccw/cio.h
index f5b4549ea3..55eaeee4b6 100644
--- a/pc-bios/s390-ccw/cio.h
+++ b/pc-bios/s390-ccw/cio.h
@@ -133,7 +133,7 @@ struct ccw1 {
__u8 flags;
__u16 count;
__u32 cda;
-} __attribute__ ((packed));
+} __attribute__ ((packed, aligned(8)));
#define CCW_FLAG_DC 0x80
#define CCW_FLAG_CC 0x40

View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Thu Aug 31 18:48:32 UTC 2017 - brogers@suse.com
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.10
* Patches added:
0034-slirp-fix-clearing-ifq_so-from-pend.patch
0035-s390-ccw-Fix-alignment-for-CCW1.patch
-------------------------------------------------------------------
Wed Aug 30 19:52:36 UTC 2017 - brogers@suse.com

View File

@ -59,6 +59,8 @@ Patch0030: 0030-test-string-input-visitor-Add-int-t.patch
Patch0031: 0031-test-string-input-visitor-Add-uint6.patch
Patch0032: 0032-tests-Add-QOM-property-unit-tests.patch
Patch0033: 0033-tests-Add-scsi-disk-test.patch
Patch0034: 0034-slirp-fix-clearing-ifq_so-from-pend.patch
Patch0035: 0035-s390-ccw-Fix-alignment-for-CCW1.patch
# Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue.
Source400: update_git.sh
@ -145,6 +147,8 @@ run cross-architecture builds.
%patch0031 -p1
%patch0032 -p1
%patch0033 -p1
%patch0034 -p1
%patch0035 -p1
%build
./configure \

View File

@ -1,3 +1,16 @@
-------------------------------------------------------------------
Thu Aug 31 18:48:22 UTC 2017 - brogers@suse.com
- Update BuildRequires packages libibverbs-devel and librdmacm-devel
to the more correct rdma-core-devel
- Enable seccomp for s390x, aarch64, and ppc64le
- Fix OOB issue (use after free) in slirp network stack (CVE-2017-13711
bsc#1056291)
0034-slirp-fix-clearing-ifq_so-from-pend.patch
- Fix a misalignment in the s390 ccw firmware (bsc#1056680)
0035-s390-ccw-Fix-alignment-for-CCW1.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.10
-------------------------------------------------------------------
Thu Aug 31 18:34:27 UTC 2017 - jfehlig@suse.com

View File

@ -87,7 +87,7 @@
%define with_seccomp 1
%endif
%ifarch %ix86 x86_64 s390x
%ifarch %ix86 x86_64 s390x aarch64 ppc64le
%define with_seccomp 1
%endif
@ -165,6 +165,8 @@ Patch0030: 0030-test-string-input-visitor-Add-int-t.patch
Patch0031: 0031-test-string-input-visitor-Add-uint6.patch
Patch0032: 0032-tests-Add-QOM-property-unit-tests.patch
Patch0033: 0033-tests-Add-scsi-disk-test.patch
Patch0034: 0034-slirp-fix-clearing-ifq_so-from-pend.patch
Patch0035: 0035-s390-ccw-Fix-alignment-for-CCW1.patch
# Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue.
@ -247,9 +249,6 @@ BuildRequires: libfdt1-devel
BuildRequires: libgbm-devel
BuildRequires: libgcrypt-devel
BuildRequires: libgnutls-devel
%if 0%{?suse_version} >= 1315
BuildRequires: libibverbs-devel
%endif
%if 0%{?with_rbd}
%if 0%{?is_opensuse} || 0%{?sle_version} > 120100
BuildRequires: librbd-devel
@ -283,9 +282,6 @@ BuildRequires: libpcap-devel
BuildRequires: libpixman-1-0-devel
BuildRequires: libpng-devel
BuildRequires: libpulse-devel
%if 0%{?suse_version} >= 1315
BuildRequires: librdmacm-devel
%endif
%if 0%{?with_seccomp}
BuildRequires: libseccomp-devel
%endif
@ -315,6 +311,9 @@ BuildRequires: ovmf-tools
BuildRequires: pkgconfig
BuildRequires: pwdutils
BuildRequires: python
%if 0%{?suse_version} >= 1315
BuildRequires: rdma-core-devel
%endif
%if 0%{?suse_version} >= 1310
BuildRequires: snappy-devel
%endif
@ -850,6 +849,8 @@ This package provides a service file for starting and stopping KSM.
%patch0031 -p1
%patch0032 -p1
%patch0033 -p1
%patch0034 -p1
%patch0035 -p1
pushd roms/ipxe
%patch1100 -p1

View File

@ -1,3 +1,16 @@
-------------------------------------------------------------------
Thu Aug 31 18:48:22 UTC 2017 - brogers@suse.com
- Update BuildRequires packages libibverbs-devel and librdmacm-devel
to the more correct rdma-core-devel
- Enable seccomp for s390x, aarch64, and ppc64le
- Fix OOB issue (use after free) in slirp network stack (CVE-2017-13711
bsc#1056291)
0034-slirp-fix-clearing-ifq_so-from-pend.patch
- Fix a misalignment in the s390 ccw firmware (bsc#1056680)
0035-s390-ccw-Fix-alignment-for-CCW1.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.10
-------------------------------------------------------------------
Thu Aug 31 18:34:27 UTC 2017 - jfehlig@suse.com

View File

@ -87,7 +87,7 @@
%define with_seccomp 1
%endif
%ifarch %ix86 x86_64 s390x
%ifarch %ix86 x86_64 s390x aarch64 ppc64le
%define with_seccomp 1
%endif
@ -165,6 +165,8 @@ Patch0030: 0030-test-string-input-visitor-Add-int-t.patch
Patch0031: 0031-test-string-input-visitor-Add-uint6.patch
Patch0032: 0032-tests-Add-QOM-property-unit-tests.patch
Patch0033: 0033-tests-Add-scsi-disk-test.patch
Patch0034: 0034-slirp-fix-clearing-ifq_so-from-pend.patch
Patch0035: 0035-s390-ccw-Fix-alignment-for-CCW1.patch
# Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue.
@ -247,9 +249,6 @@ BuildRequires: libfdt1-devel
BuildRequires: libgbm-devel
BuildRequires: libgcrypt-devel
BuildRequires: libgnutls-devel
%if 0%{?suse_version} >= 1315
BuildRequires: libibverbs-devel
%endif
%if 0%{?with_rbd}
%if 0%{?is_opensuse} || 0%{?sle_version} > 120100
BuildRequires: librbd-devel
@ -283,9 +282,6 @@ BuildRequires: libpcap-devel
BuildRequires: libpixman-1-0-devel
BuildRequires: libpng-devel
BuildRequires: libpulse-devel
%if 0%{?suse_version} >= 1315
BuildRequires: librdmacm-devel
%endif
%if 0%{?with_seccomp}
BuildRequires: libseccomp-devel
%endif
@ -315,6 +311,9 @@ BuildRequires: ovmf-tools
BuildRequires: pkgconfig
BuildRequires: pwdutils
BuildRequires: python
%if 0%{?suse_version} >= 1315
BuildRequires: rdma-core-devel
%endif
%if 0%{?suse_version} >= 1310
BuildRequires: snappy-devel
%endif
@ -850,6 +849,8 @@ This package provides a service file for starting and stopping KSM.
%patch0031 -p1
%patch0032 -p1
%patch0033 -p1
%patch0034 -p1
%patch0035 -p1
pushd roms/ipxe
%patch1100 -p1

View File

@ -87,7 +87,7 @@
%define with_seccomp 1
%endif
%ifarch %ix86 x86_64 s390x
%ifarch %ix86 x86_64 s390x aarch64 ppc64le
%define with_seccomp 1
%endif
@ -215,9 +215,6 @@ BuildRequires: libfdt1-devel
BuildRequires: libgbm-devel
BuildRequires: libgcrypt-devel
BuildRequires: libgnutls-devel
%if 0%{?suse_version} >= 1315
BuildRequires: libibverbs-devel
%endif
%if 0%{?with_rbd}
%if 0%{?is_opensuse} || 0%{?sle_version} > 120100
BuildRequires: librbd-devel
@ -251,9 +248,6 @@ BuildRequires: libpcap-devel
BuildRequires: libpixman-1-0-devel
BuildRequires: libpng-devel
BuildRequires: libpulse-devel
%if 0%{?suse_version} >= 1315
BuildRequires: librdmacm-devel
%endif
%if 0%{?with_seccomp}
BuildRequires: libseccomp-devel
%endif
@ -283,6 +277,9 @@ BuildRequires: ovmf-tools
BuildRequires: pkgconfig
BuildRequires: pwdutils
BuildRequires: python
%if 0%{?suse_version} >= 1315
BuildRequires: rdma-core-devel
%endif
%if 0%{?suse_version} >= 1310
BuildRequires: snappy-devel
%endif