commit: 25f63befd303b4029bdd4fbc96bef1cab8b7355c
Author: Aric Belsito <lluixhi <AT> gmail <DOT> com>
AuthorDate: Sat Feb 17 23:48:14 2018 +0000
Commit: Aric Belsito <lluixhi <AT> gmail <DOT> com>
CommitDate: Sat Feb 17 23:49:01 2018 +0000
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=25f63bef
app-emulation/qemu: version bump to 2.11.1
app-emulation/qemu/Manifest | 3 +-
.../qemu/files/qemu-2.10.1-CVE-2017-15268.patch | 54 --------------------
.../qemu/files/qemu-2.10.1-CVE-2017-15289.patch | 58 ----------------------
app-emulation/qemu/qemu-2.11.0.ebuild | 4 +-
.../{qemu-2.10.1-r1.ebuild => qemu-2.11.1.ebuild} | 12 +++--
5 files changed, 12 insertions(+), 119 deletions(-)
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
index 9f60936..218a778 100644
--- a/app-emulation/qemu/Manifest
+++ b/app-emulation/qemu/Manifest
@@ -1,3 +1,4 @@
-DIST qemu-2.10.1.tar.bz2 30821108 BLAKE2B
bb096139f6b387a3cf3933dd3aeb97777479022b1b34ed0212b51d7061f9a19b3e83a4e9a13c6cf81c14718731ddf8646226a5b0d99ebbc9abb387d7eec94238
SHA512
1a4a6ebf700ec6851c83cc2a71eaea8d95f14c685d094eaaa86c740eb9401e49a79074b72385f58681ca7646771a99bb6bbd9bebb39162f7220626d37ed0654f
DIST qemu-2.11.0-patches-r0.tar.xz 16140 BLAKE2B
2e23908075195a7c28df574525a159e171277a2da6d7c0656a341a2db6a622237106d2dd8de5c9d61b5fb62fa5a163e9657406a2996cebc05baa53d42c5f5d15
SHA512
f7d92c2232398565b8cde294d38dc281c13503fb5967cc7871a2233b7fa354799619445e9ec89c285ef051f62ecef0bd38a135b0093bf5528c0b28c6e580c839
DIST qemu-2.11.0.tar.bz2 32816398 BLAKE2B
2014a8246f3cba9069186629d9ec8c221672fcfd3e8cd28a7e57f467add81f7bd84363183ef5cc5d18af91bde9186a4da49c0133c8ead83eae4626b9fc364e99
SHA512
3681700833573c0aa6283af950bfa298970056f1b44489088d8863840a7694512138321f86961ef43b256abf15eddd2612fb9cdbe3d9a358542d4e7037cc2004
+DIST qemu-2.11.1-patches-r0.tar.xz 1640 BLAKE2B
8402a0bd086307413c3f088b7b2523adda5f370e3ce8e9ec39db905a5df495842cc2168b93b57e8516e98703ee1620e7cad77740529959a09a1d4224988829bc
SHA512
2906f9497e61799da8efca0dac4a19addd3bf59770c742e3ed1600143b69397bbc4eecb2c1f64aef0e103447966d47ced1ec6908f78a793b8d06f99a0aa6dc4a
+DIST qemu-2.11.1.tar.bz2 32819412 BLAKE2B
6b6d4e7b8dcf33aeedb0b33bad267da07ad17c2eeeb5fbd2c038d760bc03224e55ba0f03eb248c62bc0e8636c2c660ea76b367eaea96bee16388053f82c8b8a9
SHA512
1b692bbdfc3dc785738c7192aa2a3f9cf53d9f5bf3b3f49fa8692050dc50f7056c8a4d1b527d48ffb2a674a0fd3a46d87addd1eaaa758f35eec1ab5adfe32354
diff --git a/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15268.patch
b/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15268.patch
deleted file mode 100644
index 7d08b32..0000000
--- a/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15268.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-From a7b20a8efa28e5f22c26c06cd06c2f12bc863493 Mon Sep 17 00:00:00 2001
-From: "Daniel P. Berrange" <[email protected]>
-Date: Mon, 9 Oct 2017 14:43:42 +0100
-Subject: [PATCH] io: monitor encoutput buffer size from websocket GSource
-
-The websocket GSource is monitoring the size of the rawoutput
-buffer to determine if the channel can accepts more writes.
-The rawoutput buffer, however, is merely a temporary staging
-buffer before data is copied into the encoutput buffer. Thus
-its size will always be zero when the GSource runs.
-
-This flaw causes the encoutput buffer to grow without bound
-if the other end of the underlying data channel doesn't
-read data being sent. This can be seen with VNC if a client
-is on a slow WAN link and the guest OS is sending many screen
-updates. A malicious VNC client can act like it is on a slow
-link by playing a video in the guest and then reading data
-very slowly, causing QEMU host memory to expand arbitrarily.
-
-This issue is assigned CVE-2017-15268, publically reported in
-
- https://bugs.launchpad.net/qemu/+bug/1718964
-
-Reviewed-by: Eric Blake <[email protected]>
-Signed-off-by: Daniel P. Berrange <[email protected]>
----
- io/channel-websock.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/io/channel-websock.c b/io/channel-websock.c
-index d1d471f86e..04bcc059cd 100644
---- a/io/channel-websock.c
-+++ b/io/channel-websock.c
-@@ -28,7 +28,7 @@
- #include <time.h>
-
-
--/* Max amount to allow in rawinput/rawoutput buffers */
-+/* Max amount to allow in rawinput/encoutput buffers */
- #define QIO_CHANNEL_WEBSOCK_MAX_BUFFER 8192
-
- #define QIO_CHANNEL_WEBSOCK_CLIENT_KEY_LEN 24
-@@ -1208,7 +1208,7 @@ qio_channel_websock_source_check(GSource *source)
- if (wsource->wioc->rawinput.offset || wsource->wioc->io_eof) {
- cond |= G_IO_IN;
- }
-- if (wsource->wioc->rawoutput.offset < QIO_CHANNEL_WEBSOCK_MAX_BUFFER) {
-+ if (wsource->wioc->encoutput.offset < QIO_CHANNEL_WEBSOCK_MAX_BUFFER) {
- cond |= G_IO_OUT;
- }
-
---
-2.13.6
-
diff --git a/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15289.patch
b/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15289.patch
deleted file mode 100644
index a4ad2d5..0000000
--- a/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15289.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-From eb38e1bc3740725ca29a535351de94107ec58d51 Mon Sep 17 00:00:00 2001
-From: Gerd Hoffmann <[email protected]>
-Date: Wed, 11 Oct 2017 10:43:14 +0200
-Subject: [PATCH] cirrus: fix oob access in mode4and5 write functions
-
-Move dst calculation into the loop, so we apply the mask on each
-interation and will not overflow vga memory.
-
-Cc: Prasad J Pandit <[email protected]>
-Reported-by: Niu Guoxiang <[email protected]>
-Signed-off-by: Gerd Hoffmann <[email protected]>
-Message-id: [email protected]
----
- hw/display/cirrus_vga.c | 6 ++----
- 1 file changed, 2 insertions(+), 4 deletions(-)
-
-diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
-index b4d579857a..bc32bf1e39 100644
---- a/hw/display/cirrus_vga.c
-+++ b/hw/display/cirrus_vga.c
-@@ -2038,15 +2038,14 @@ static void
cirrus_mem_writeb_mode4and5_8bpp(CirrusVGAState * s,
- unsigned val = mem_value;
- uint8_t *dst;
-
-- dst = s->vga.vram_ptr + (offset &= s->cirrus_addr_mask);
- for (x = 0; x < 8; x++) {
-+ dst = s->vga.vram_ptr + ((offset + x) & s->cirrus_addr_mask);
- if (val & 0x80) {
- *dst = s->cirrus_shadow_gr1;
- } else if (mode == 5) {
- *dst = s->cirrus_shadow_gr0;
- }
- val <<= 1;
-- dst++;
- }
- memory_region_set_dirty(&s->vga.vram, offset, 8);
- }
-@@ -2060,8 +2059,8 @@ static void
cirrus_mem_writeb_mode4and5_16bpp(CirrusVGAState * s,
- unsigned val = mem_value;
- uint8_t *dst;
-
-- dst = s->vga.vram_ptr + (offset &= s->cirrus_addr_mask);
- for (x = 0; x < 8; x++) {
-+ dst = s->vga.vram_ptr + ((offset + 2 * x) & s->cirrus_addr_mask & ~1);
- if (val & 0x80) {
- *dst = s->cirrus_shadow_gr1;
- *(dst + 1) = s->vga.gr[0x11];
-@@ -2070,7 +2069,6 @@ static void
cirrus_mem_writeb_mode4and5_16bpp(CirrusVGAState * s,
- *(dst + 1) = s->vga.gr[0x10];
- }
- val <<= 1;
-- dst += 2;
- }
- memory_region_set_dirty(&s->vga.vram, offset, 16);
- }
---
-2.13.6
-
diff --git a/app-emulation/qemu/qemu-2.11.0.ebuild
b/app-emulation/qemu/qemu-2.11.0.ebuild
index ee9e6f0..c7f4a5b 100644
--- a/app-emulation/qemu/qemu-2.11.0.ebuild
+++ b/app-emulation/qemu/qemu-2.11.0.ebuild
@@ -25,7 +25,6 @@ else
SRC_URI+="
https://dev.gentoo.org/~tamiko/distfiles/${P}-patches-r0.tar.xz";
fi
-
DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org";
@@ -537,6 +536,9 @@ qemu_src_configure() {
tc-enables-pie && conf_opts+=( --enable-pie )
fi
+ #bug #647570
+ conf_opts+=( --disable-capstone )
+
echo "../configure ${conf_opts[*]}"
cd "${builddir}"
../configure "${conf_opts[@]}" || die "configure failed"
diff --git a/app-emulation/qemu/qemu-2.10.1-r1.ebuild
b/app-emulation/qemu/qemu-2.11.1.ebuild
similarity index 98%
rename from app-emulation/qemu/qemu-2.10.1-r1.ebuild
rename to app-emulation/qemu/qemu-2.11.1.ebuild
index 8b433f6..e52a11f 100644
--- a/app-emulation/qemu/qemu-2.10.1-r1.ebuild
+++ b/app-emulation/qemu/qemu-2.11.1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2017 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI="6"
@@ -20,6 +20,9 @@ if [[ ${PV} = *9999* ]]; then
else
SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2";
KEYWORDS="amd64 ~ppc ~ppc64 x86"
+
+ # Gentoo specific patchsets:
+ SRC_URI+="
https://dev.gentoo.org/~chutzpah/distfiles/${P}-patches-r0.tar.xz";
fi
DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
@@ -113,7 +116,7 @@ SOFTMMU_TOOLS_DEPEND="
sys-libs/ncurses:0=[unicode]
sys-libs/ncurses:0=[static-libs(+)]
)
- nfs? ( >=net-fs/libnfs-1.9.3[static-libs(+)] )
+ nfs? ( >=net-fs/libnfs-1.9.3:=[static-libs(+)] )
numa? ( sys-process/numactl[static-libs(+)] )
opengl? (
virtual/opengl
@@ -210,8 +213,8 @@ PATCHES=(
# gentoo patches
"${FILESDIR}"/${PN}-2.5.0-cflags.patch
"${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
- "${FILESDIR}"/${PN}-2.10.1-CVE-2017-15268.patch
- "${FILESDIR}"/${PN}-2.10.1-CVE-2017-15289.patch
+ "${FILESDIR}"/${PN}-2.11.0-glibc-2.27.patch
+ "${WORKDIR}"/patches
)
STRIP_MASK="/usr/share/qemu/palcode-clipper"
@@ -504,7 +507,6 @@ qemu_src_configure() {
--disable-linux-user
--enable-system
--disable-tools
- --with-system-pixman
)
local static_flag="static"
;;
