commit: 40e4d2a3c32609b313962224ee9d2a96075734b8 Author: Matthias Maier <tamiko <AT> gentoo <DOT> org> AuthorDate: Wed Dec 19 21:11:21 2018 +0000 Commit: Matthias Maier <tamiko <AT> gentoo <DOT> org> CommitDate: Wed Dec 19 21:46:41 2018 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=40e4d2a3
app-emulation/qemu: version bump to 3.1.0 - use RESTRICT=strip, bug #651422 - switch to tar.xz, bug #666726 - add missing use constraints, bug #664474 qemu_softmmu_targets_riscv32? ( fdt ) qemu_softmmu_targets_riscv64? ( fdt ) - 3.1.0 already contains patches for CVE-2018-15746 - applied patch for CVE-2018-20123 - disable bt subsystem entirely as a "workaround" for CVE-2018-19665. Upstream deprecated the subsystem in November and states that it had been dysfunctional for years with likely no users. Bug: https://bugs.gentoo.org/664740 Bug: https://bugs.gentoo.org/672346 Bug: https://bugs.gentoo.org/673108 Closes: https://bugs.gentoo.org/651422 Closes: https://bugs.gentoo.org/664474 Closes: https://bugs.gentoo.org/666726 Package-Manager: Portage-2.3.52, Repoman-2.3.12 Signed-off-by: Matthias Maier <tamiko <AT> gentoo.org> app-emulation/qemu/Manifest | 1 + .../qemu/files/qemu-3.1.0-CVE-2018-20123.patch | 35 ++++++++++++++++++++++ app-emulation/qemu/files/qemu-binfmt.initd.head | 2 +- app-emulation/qemu/qemu-2.12.0-r3.ebuild | 2 +- app-emulation/qemu/qemu-2.12.1.ebuild | 2 +- .../{qemu-2.12.0-r3.ebuild => qemu-3.1.0.ebuild} | 28 +++++++++-------- 6 files changed, 54 insertions(+), 16 deletions(-) diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest index 0146a02dfc3..fa80aeeb8bf 100644 --- a/app-emulation/qemu/Manifest +++ b/app-emulation/qemu/Manifest @@ -3,3 +3,4 @@ DIST qemu-2.12.0.tar.bz2 41196232 BLAKE2B f258e570558249ea647c3571908f90b8bacdce DIST qemu-2.12.1-patches-r1.tar.xz 3648 BLAKE2B 07908004d0b56e60274cb59d4163770290d8fa6e31646e7d96db08427a219638ac53bdd988c9557471b95321a72982d740a29778d843652274a126737a0a6c00 SHA512 1c7768c14a8e168053f0322554214ba59932a9fa23c982b06dbb1b8fdcfc280ae1d97b20244600f357485bfbcb9ad8bd7968787550c8a4e5e243ac8502eff05e DIST qemu-2.12.1.tar.bz2 41192583 BLAKE2B ff903a5850e406ab542ad1a84300852599fa9c199e0f3290e4d6ddad5284192577351278a18dd5706463b08e817b49340989a35987a04672f7cede2097d1d18d SHA512 4c85e6180bf7ec61c0bdddb20e104a7c93fe6b1de27f6aa50d75633eb78491cb844798a9e3f536245eff7b4ebe9a6227f5f66b418ced44095b8e59c5cb33d4cd DIST qemu-3.0.0.tar.bz2 41491935 BLAKE2B 715ccca4fced730425eb5c24a78d89d2ab59f64007e0fc199d78c31c6ab72b5a0dbcf1840f214774c711d679c4166996790e93b2416c7d4f323d5b93ffa862ac SHA512 b82b78a063d60fa1372d9400934b47250138c438050d974113b1b2ea433eea0531be6cda1e82d14fcb3bc4ed35657703f62d9aedc095cb8d64badc65c3609ee5 +DIST qemu-3.1.0.tar.xz 36070104 BLAKE2B 9ed7d1b3256d84f2b73d61763e20f5e4bc5b47d56e4e0d56cf4c29cd25669457b0f08e90d7255589c9666400bb310df3dba3b9290232cad18057b20f08013a3b SHA512 7e8dae823937cfac2f0c60406bd3bdcb89df40313dab2a4bed327d5198f7fcc68ac8b31e44692caa09299cc71256ee0b8c17e4f49f78ada8043d424f5daf82fe diff --git a/app-emulation/qemu/files/qemu-3.1.0-CVE-2018-20123.patch b/app-emulation/qemu/files/qemu-3.1.0-CVE-2018-20123.patch new file mode 100644 index 00000000000..a021a6a970d --- /dev/null +++ b/app-emulation/qemu/files/qemu-3.1.0-CVE-2018-20123.patch @@ -0,0 +1,35 @@ +From: Prasad J Pandit <address@hidden> + +If during pvrdma device initialisation an error occurs, +pvrdma_realize() does not release memory resources, leading +to memory leakage. + +Reported-by: Li Qiang <address@hidden> +Signed-off-by: Prasad J Pandit <address@hidden> +--- + hw/rdma/vmw/pvrdma_main.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/hw/rdma/vmw/pvrdma_main.c b/hw/rdma/vmw/pvrdma_main.c +index 8a03ab4669..b65f8662df 100644 +--- a/hw/rdma/vmw/pvrdma_main.c ++++ b/hw/rdma/vmw/pvrdma_main.c +@@ -579,7 +579,7 @@ static void pvrdma_shutdown_notifier(Notifier *n, void *opaque) + + static void pvrdma_realize(PCIDevice *pdev, Error **errp) + { +- int rc; ++ int rc = 0; + PVRDMADev *dev = PVRDMA_DEV(pdev); + Object *memdev_root; + bool ram_shared = false; +@@ -655,6 +655,7 @@ static void pvrdma_realize(PCIDevice *pdev, Error **errp) + + out: + if (rc) { ++ pvrdma_fini(pdev); + error_append_hint(errp, "Device fail to load\n"); + } + } +-- +2.19.2 diff --git a/app-emulation/qemu/files/qemu-binfmt.initd.head b/app-emulation/qemu/files/qemu-binfmt.initd.head index 858d5d74538..832ddb0b8e5 100644 --- a/app-emulation/qemu/files/qemu-binfmt.initd.head +++ b/app-emulation/qemu/files/qemu-binfmt.initd.head @@ -1,5 +1,5 @@ #!/sbin/openrc-run -# Copyright 1999-2017 Gentoo Foundation +# Copyright 1999-2018 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 # Enable automatic non-native program execution by the kernel. diff --git a/app-emulation/qemu/qemu-2.12.0-r3.ebuild b/app-emulation/qemu/qemu-2.12.0-r3.ebuild index e3243c485e2..3fb0b9f307f 100644 --- a/app-emulation/qemu/qemu-2.12.0-r3.ebuild +++ b/app-emulation/qemu/qemu-2.12.0-r3.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2018 Gentoo Foundation +# Copyright 1999-2018 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI="6" diff --git a/app-emulation/qemu/qemu-2.12.1.ebuild b/app-emulation/qemu/qemu-2.12.1.ebuild index df4ccb5617b..55529b0483c 100644 --- a/app-emulation/qemu/qemu-2.12.1.ebuild +++ b/app-emulation/qemu/qemu-2.12.1.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2018 Gentoo Foundation +# Copyright 1999-2018 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI="6" diff --git a/app-emulation/qemu/qemu-2.12.0-r3.ebuild b/app-emulation/qemu/qemu-3.1.0.ebuild similarity index 97% copy from app-emulation/qemu/qemu-2.12.0-r3.ebuild copy to app-emulation/qemu/qemu-3.1.0.ebuild index e3243c485e2..d95a0da86e9 100644 --- a/app-emulation/qemu/qemu-2.12.0-r3.ebuild +++ b/app-emulation/qemu/qemu-3.1.0.ebuild @@ -1,9 +1,9 @@ -# Copyright 1999-2018 Gentoo Foundation +# Copyright 1999-2018 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI="6" -PYTHON_COMPAT=( python{2_7,3_4,3_5,3_6} ) +PYTHON_COMPAT=( python{2_7,3_4,3_5,3_6,3_7} ) PYTHON_REQ_USE="ncurses,readline" PLOCALES="bg de_DE fr_FR hu it tr zh_CN" @@ -18,11 +18,11 @@ if [[ ${PV} = *9999* ]]; then inherit git-r3 SRC_URI="" else - SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"; - KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd" + SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.xz"; + KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd" # Gentoo specific patchsets: - SRC_URI+=" https://dev.gentoo.org/~tamiko/distfiles/${P}-patches-r5.tar.xz"; + #SRC_URI+=" https://dev.gentoo.org/~tamiko/distfiles/${P}-patches-r1.tar.xz"; fi DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools" @@ -30,13 +30,15 @@ HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"; LICENSE="GPL-2 LGPL-2 BSD-2" SLOT="0" -IUSE="accessibility +aio alsa bluetooth bzip2 capstone +caps +curl debug +IUSE="accessibility +aio alsa bzip2 capstone +caps +curl debug +fdt glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png pulseaudio python rbd sasl +seccomp sdl sdl2 selinux smartcard snappy spice ssh static static-user systemtap tci test usb usbredir vde +vhost-net virgl virtfs +vnc vte xattr xen xfs" +RESTRICT=strip + COMMON_TARGETS="aarch64 alpha arm cris hppa i386 m68k microblaze microblazeel mips mips64 mips64el mipsel nios2 or1k ppc ppc64 riscv32 riscv64 s390x sh4 sh4eb sparc sparc64 x86_64 xtensa xtensaeb" @@ -57,10 +59,12 @@ REQUIRED_USE="${PYTHON_REQUIRED_USE} qemu_softmmu_targets_arm? ( fdt ) qemu_softmmu_targets_microblaze? ( fdt ) qemu_softmmu_targets_mips64el? ( fdt ) - qemu_softmmu_targets_ppc? ( fdt ) qemu_softmmu_targets_ppc64? ( fdt ) + qemu_softmmu_targets_ppc? ( fdt ) + qemu_softmmu_targets_riscv32? ( fdt ) + qemu_softmmu_targets_riscv64? ( fdt ) sdl2? ( sdl ) - static? ( static-user !alsa !bluetooth !gtk !gtk2 !opengl !pulseaudio !snappy ) + static? ( static-user !alsa !gtk !gtk2 !opengl !pulseaudio !snappy ) virtfs? ( xattr ) vte? ( gtk )" @@ -91,7 +95,6 @@ SOFTMMU_TOOLS_DEPEND=" ) aio? ( dev-libs/libaio[static-libs(+)] ) alsa? ( >=media-libs/alsa-lib-1.0.13 ) - bluetooth? ( net-wireless/bluez ) bzip2? ( app-arch/bzip2[static-libs(+)] ) capstone? ( dev-libs/capstone ) caps? ( sys-libs/libcap-ng[static-libs(+)] ) @@ -217,11 +220,10 @@ PATCHES=( "${FILESDIR}"/${PN}-2.5.0-cflags.patch "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch "${FILESDIR}"/${PN}-2.11.1-capstone_include_path.patch - "${WORKDIR}"/patches + "${FILESDIR}"/${PN}-3.1.0-CVE-2018-20123.patch + #"${WORKDIR}"/patches ) -STRIP_MASK="/usr/share/qemu/palcode-clipper" - QA_PREBUILT=" usr/share/qemu/hppa-firmware.img usr/share/qemu/openbios-ppc @@ -441,10 +443,10 @@ qemu_src_configure() { fi } conf_opts+=( + --disable-bluez $(conf_notuser accessibility brlapi) $(conf_notuser aio linux-aio) $(conf_notuser bzip2) - $(conf_notuser bluetooth bluez) $(conf_notuser capstone) $(conf_notuser caps cap-ng) $(conf_notuser curl)
