From c4025101e71863b28708bca84f17ecec4c897a95 Mon Sep 17 00:00:00 2001 From: Cole Robinson Date: Dec 18 2013 17:11:24 +0000 Subject: Add kill() to seccomp whitelist, fix AC97 with -sandbox on (bz #1043521) Changing streaming mode default to off for spice (bz #1038336) Fix guest scsi verify command (bz #1001617) --- diff --git a/0102-seccomp-add-kill-to-the-syscall-whitelist.patch b/0102-seccomp-add-kill-to-the-syscall-whitelist.patch new file mode 100644 index 0000000..b101332 --- /dev/null +++ b/0102-seccomp-add-kill-to-the-syscall-whitelist.patch @@ -0,0 +1,42 @@ +From cebb1cd8d123360634243ac527c136721fb7fba7 Mon Sep 17 00:00:00 2001 +From: Paul Moore +Date: Thu, 21 Nov 2013 10:40:15 -0500 +Subject: [PATCH] seccomp: add kill() to the syscall whitelist + +The kill() syscall is triggered with the following command: + + # qemu -sandbox on -monitor stdio \ + -device intel-hda -device hda-duplex -vnc :0 + +The resulting syslog/audit message: + + # ausearch -m SECCOMP + ---- + time->Wed Nov 20 09:52:08 2013 + type=SECCOMP msg=audit(1384912328.482:6656): auid=0 uid=0 gid=0 ses=854 + subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 pid=12087 + comm="qemu-kvm" sig=31 syscall=62 compat=0 ip=0x7f7a1d2abc67 code=0x0 + # scmp_sys_resolver 62 + kill + +Reported-by: CongLi +Tested-by: CongLi +Signed-off-by: Paul Moore +Acked-by: Eduardo Otubo +(cherry picked from commit e9eecb5bf82a71564bf018fcbbfc6cda19cab6c2) +--- + qemu-seccomp.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/qemu-seccomp.c b/qemu-seccomp.c +index 69cee44..cf07869 100644 +--- a/qemu-seccomp.c ++++ b/qemu-seccomp.c +@@ -114,6 +114,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { + { SCMP_SYS(write), 244 }, + { SCMP_SYS(fcntl), 243 }, + { SCMP_SYS(tgkill), 242 }, ++ { SCMP_SYS(kill), 242 }, + { SCMP_SYS(rt_sigaction), 242 }, + { SCMP_SYS(pipe2), 242 }, + { SCMP_SYS(munmap), 242 }, diff --git a/0103-spice-flip-streaming-video-mode-to-off-by-default.patch b/0103-spice-flip-streaming-video-mode-to-off-by-default.patch new file mode 100644 index 0000000..afa6ac5 --- /dev/null +++ b/0103-spice-flip-streaming-video-mode-to-off-by-default.patch @@ -0,0 +1,33 @@ +From 200413b505dfc4ae8611d523e87f1dee18a6bf0f Mon Sep 17 00:00:00 2001 +From: Gerd Hoffmann +Date: Mon, 2 Dec 2013 11:17:04 +0100 +Subject: [PATCH] spice: flip streaming video mode to off by default + +Video streaming detection heuristics in spice-server have problems +keeping modern desktop animations (as done by gnome shell) and real +video playback apart. This leads to jpeg compression artefacts on +your desktop, due to spice using mjpeg to send what it thinks is +a video stream. + +Turn off video detection by default to avoid these artifacts. + +Signed-off-by: Gerd Hoffmann +Reviewed-by: Alon Levy +(cherry picked from commit f1d3e586f069e17f83b669842bc02d60d509daca) +--- + ui/spice-core.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/ui/spice-core.c b/ui/spice-core.c +index e4d533d..9fb9544 100644 +--- a/ui/spice-core.c ++++ b/ui/spice-core.c +@@ -776,6 +776,8 @@ void qemu_spice_init(void) + if (str) { + int streaming_video = parse_stream_video(str); + spice_server_set_streaming_video(spice_server, streaming_video); ++ } else { ++ spice_server_set_streaming_video(spice_server, SPICE_STREAM_VIDEO_OFF); + } + + spice_server_set_agent_mouse diff --git a/0104-scsi-bus-fix-transfer-length-and-direction-for-VERIF.patch b/0104-scsi-bus-fix-transfer-length-and-direction-for-VERIF.patch new file mode 100644 index 0000000..a204453 --- /dev/null +++ b/0104-scsi-bus-fix-transfer-length-and-direction-for-VERIF.patch @@ -0,0 +1,59 @@ +From 3b1f248f3f8ff06ed4a4269871138db66e336ec5 Mon Sep 17 00:00:00 2001 +From: Paolo Bonzini +Date: Thu, 28 Nov 2013 11:01:13 +0100 +Subject: [PATCH] scsi-bus: fix transfer length and direction for VERIFY + command +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The amount of bytes to transfer depends on the BYTCHK field. +If any data is transferred, it is sent to the device. + +Cc: qemu-stable@nongnu.org +Tested-by: Hervé Poussineau +Signed-off-by: Paolo Bonzini +(cherry picked from commit d12ad44cc4cc9142179e64295608611f118b8ad8) +--- + hw/scsi/scsi-bus.c | 14 +++++++++++++- + 1 file changed, 13 insertions(+), 1 deletion(-) + +diff --git a/hw/scsi/scsi-bus.c b/hw/scsi/scsi-bus.c +index ea916d1..2d6ce4d 100644 +--- a/hw/scsi/scsi-bus.c ++++ b/hw/scsi/scsi-bus.c +@@ -886,7 +886,6 @@ static int scsi_req_length(SCSICommand *cmd, SCSIDevice *dev, uint8_t *buf) + case RELEASE: + case ERASE: + case ALLOW_MEDIUM_REMOVAL: +- case VERIFY_10: + case SEEK_10: + case SYNCHRONIZE_CACHE: + case SYNCHRONIZE_CACHE_16: +@@ -903,6 +902,16 @@ static int scsi_req_length(SCSICommand *cmd, SCSIDevice *dev, uint8_t *buf) + case ALLOW_OVERWRITE: + cmd->xfer = 0; + break; ++ case VERIFY_10: ++ case VERIFY_12: ++ case VERIFY_16: ++ if ((buf[1] & 2) == 0) { ++ cmd->xfer = 0; ++ } else if ((buf[1] & 4) == 1) { ++ cmd->xfer = 1; ++ } ++ cmd->xfer *= dev->blocksize; ++ break; + case MODE_SENSE: + break; + case WRITE_SAME_10: +@@ -1100,6 +1109,9 @@ static void scsi_cmd_xfer_mode(SCSICommand *cmd) + case WRITE_VERIFY_12: + case WRITE_16: + case WRITE_VERIFY_16: ++ case VERIFY_10: ++ case VERIFY_12: ++ case VERIFY_16: + case COPY: + case COPY_VERIFY: + case COMPARE: diff --git a/0105-scsi-disk-fix-VERIFY-emulation.patch b/0105-scsi-disk-fix-VERIFY-emulation.patch new file mode 100644 index 0000000..ba8f28e --- /dev/null +++ b/0105-scsi-disk-fix-VERIFY-emulation.patch @@ -0,0 +1,90 @@ +From ddc0dda3d6352e4c28e0bd11cce1d90734dce0db Mon Sep 17 00:00:00 2001 +From: Paolo Bonzini +Date: Thu, 28 Nov 2013 11:18:56 +0100 +Subject: [PATCH] scsi-disk: fix VERIFY emulation +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +VERIFY emulation was completely botched (and remained botched through +all the refactorings). The command must be emulated both in check-medium +mode (BYTCHK=00, which we implement by doing nothing) and in check-bytes +mode (which we do not implement yet). Unlike WRITE AND VERIFY (which we +treat simply as WRITE with FUA bit set), VERIFY cannot be handled like +READ. In fact the device is _receiving_ data for VERIFY, not _sending_ +it like READ. + +Cc: qemu-stable@nongnu.org +Tested-by: Hervé Poussineau +Signed-off-by: Paolo Bonzini +(cherry picked from commit d97e7730816094a71cd1f19a56d7a73f77cdbf96) + +Conflicts: + hw/scsi/scsi-disk.c +--- + hw/scsi/scsi-disk.c | 26 +++++++++++++++++++------- + 1 file changed, 19 insertions(+), 7 deletions(-) + +diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c +index 74e6a14..1fd1c26 100644 +--- a/hw/scsi/scsi-disk.c ++++ b/hw/scsi/scsi-disk.c +@@ -1597,6 +1597,14 @@ static void scsi_disk_emulate_write_data(SCSIRequest *req) + scsi_disk_emulate_unmap(r, r->iov.iov_base); + break; + ++ case VERIFY_10: ++ case VERIFY_12: ++ case VERIFY_16: ++ if (r->req.status == -1) { ++ scsi_check_condition(r, SENSE_CODE(INVALID_FIELD)); ++ } ++ break; ++ + default: + abort(); + } +@@ -1837,6 +1845,14 @@ static int32_t scsi_disk_emulate_command(SCSIRequest *req, uint8_t *buf) + case UNMAP: + DPRINTF("Unmap (len %lu)\n", (long)r->req.cmd.xfer); + break; ++ case VERIFY_10: ++ case VERIFY_12: ++ case VERIFY_16: ++ DPRINTF("Verify (bytchk %lu)\n", (r->req.buf[1] >> 1) & 3); ++ if (req->cmd.buf[1] & 6) { ++ goto illegal_request; ++ } ++ break; + case WRITE_SAME_10: + case WRITE_SAME_16: + nb_sectors = scsi_data_cdb_length(r->req.cmd.buf); +@@ -1936,10 +1952,6 @@ static int32_t scsi_disk_dma_command(SCSIRequest *req, uint8_t *buf) + scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED)); + return 0; + } +- /* fallthrough */ +- case VERIFY_10: +- case VERIFY_12: +- case VERIFY_16: + DPRINTF("Write %s(sector %" PRId64 ", count %u)\n", + (command & 0xe) == 0xe ? "And Verify " : "", + r->req.cmd.lba, len); +@@ -2207,14 +2219,14 @@ static const SCSIReqOps *const scsi_disk_reqops_dispatch[256] = { + [UNMAP] = &scsi_disk_emulate_reqops, + [WRITE_SAME_10] = &scsi_disk_emulate_reqops, + [WRITE_SAME_16] = &scsi_disk_emulate_reqops, ++ [VERIFY_10] = &scsi_disk_emulate_reqops, ++ [VERIFY_12] = &scsi_disk_emulate_reqops, ++ [VERIFY_16] = &scsi_disk_emulate_reqops, + + [READ_6] = &scsi_disk_dma_reqops, + [READ_10] = &scsi_disk_dma_reqops, + [READ_12] = &scsi_disk_dma_reqops, + [READ_16] = &scsi_disk_dma_reqops, +- [VERIFY_10] = &scsi_disk_dma_reqops, +- [VERIFY_12] = &scsi_disk_dma_reqops, +- [VERIFY_16] = &scsi_disk_dma_reqops, + [WRITE_6] = &scsi_disk_dma_reqops, + [WRITE_10] = &scsi_disk_dma_reqops, + [WRITE_12] = &scsi_disk_dma_reqops, diff --git a/qemu.spec b/qemu.spec index 5b20dad..03a6307 100644 --- a/qemu.spec +++ b/qemu.spec @@ -139,7 +139,7 @@ Summary: QEMU is a FAST! processor emulator Name: qemu Version: 1.7.0 -Release: 1%{?dist} +Release: 2%{?dist} Epoch: 2 License: GPLv2+ and LGPLv2+ and BSD Group: Development/Tools @@ -202,6 +202,14 @@ Patch0014: 0014-virtio-pci-add-device_unplugged-callback.patch # Fix qemu-img create with NBD backing file (bz #1034433) # Patch posted upstream Patch0101: 0101-block-Close-backing-file-early-in-bdrv_img_create.patch +# Add kill() to seccomp whitelist, fix AC97 with -sandbox on (bz +# #1043521) +Patch0102: 0102-seccomp-add-kill-to-the-syscall-whitelist.patch +# Changing streaming mode default to off for spice (bz #1038336) +Patch0103: 0103-spice-flip-streaming-video-mode-to-off-by-default.patch +# Fix guest scsi verify command (bz #1001617) +Patch0104: 0104-scsi-bus-fix-transfer-length-and-direction-for-VERIF.patch +Patch0105: 0105-scsi-disk-fix-VERIFY-emulation.patch BuildRequires: SDL-devel BuildRequires: zlib-devel @@ -726,6 +734,14 @@ CAC emulation development files. # Fix qemu-img create with NBD backing file (bz #1034433) # Patch posted upstream %patch0101 -p1 +# Add kill() to seccomp whitelist, fix AC97 with -sandbox on (bz +# #1043521) +%patch0102 -p1 +# Changing streaming mode default to off for spice (bz #1038336) +%patch0103 -p1 +# Fix guest scsi verify command (bz #1001617) +%patch0104 -p1 +%patch0105 -p1 %build @@ -1449,6 +1465,11 @@ getent passwd qemu >/dev/null || \ %endif %changelog +* Wed Dec 18 2013 Cole Robinson - 2:1.7.0-2 +- Add kill() to seccomp whitelist, fix AC97 with -sandbox on (bz #1043521) +- Changing streaming mode default to off for spice (bz #1038336) +- Fix guest scsi verify command (bz #1001617) + * Mon Dec 02 2013 Cole Robinson - 2:1.7.0-1 - Fix qemu-img create with NBD backing file (bz #1034433) - Rebase to qemu-1.7 GA