From 1c306606ca1a3a09597e9876fee985e20ccc1391 Mon Sep 17 00:00:00 2001 From: Cole Robinson Date: Apr 21 2013 00:10:19 +0000 Subject: Rebased to version 1.4.1 qemu stable release 1.4.1 (bz 952599) CVE-2013-1922: qemu-nbd block format auto-detection vulnerability (bz 952574, bz 923219) --- diff --git a/.gitignore b/.gitignore index 1787608..7641bf6 100644 --- a/.gitignore +++ b/.gitignore @@ -18,3 +18,4 @@ qemu-kvm-0.13.0-25fdf4a.tar.gz /qemu-kvm-1.2.0.tar.gz /qemu-1.3.0.tar.bz2 /qemu-1.4.0.tar.bz2 +/qemu-1.4.1.tar.bz2 diff --git a/0001-char-Split-out-tcp-socket-close-code-in-a-separate-f.patch b/0001-char-Split-out-tcp-socket-close-code-in-a-separate-f.patch index 7dc8a4b..7322db2 100644 --- a/0001-char-Split-out-tcp-socket-close-code-in-a-separate-f.patch +++ b/0001-char-Split-out-tcp-socket-close-code-in-a-separate-f.patch @@ -1,4 +1,4 @@ -From d9ba8b0f4597724179eab2d5c44c3c438bc40617 Mon Sep 17 00:00:00 2001 +From bed754a15e27a3630681959cf1d3161084f29fe9 Mon Sep 17 00:00:00 2001 From: Amit Shah Date: Mon, 21 Mar 2011 21:57:47 +0100 Subject: [PATCH] char: Split out tcp socket close code in a separate function @@ -10,7 +10,7 @@ Signed-off-by: Cole Robinson 1 file changed, 16 insertions(+), 9 deletions(-) diff --git a/qemu-char.c b/qemu-char.c -index e4b0f53..d7fa7e6 100644 +index f4a74ac..ac2abeb 100644 --- a/qemu-char.c +++ b/qemu-char.c @@ -2155,6 +2155,21 @@ typedef struct { @@ -35,7 +35,7 @@ index e4b0f53..d7fa7e6 100644 static int tcp_chr_write(CharDriverState *chr, const uint8_t *buf, int len) { TCPCharDriver *s = chr->opaque; -@@ -2313,15 +2328,7 @@ static void tcp_chr_read(void *opaque) +@@ -2316,15 +2331,7 @@ static void tcp_chr_read(void *opaque) len = s->max_size; size = tcp_chr_recv(chr, (void *)buf, len); if (size == 0) { diff --git a/0002-char-Add-a-QemuChrHandlers-struct-to-initialise-char.patch b/0002-char-Add-a-QemuChrHandlers-struct-to-initialise-char.patch index f379661..e96d513 100644 --- a/0002-char-Add-a-QemuChrHandlers-struct-to-initialise-char.patch +++ b/0002-char-Add-a-QemuChrHandlers-struct-to-initialise-char.patch @@ -1,4 +1,4 @@ -From 88f73511fce36aca2043b95476ad5aff95e75e07 Mon Sep 17 00:00:00 2001 +From de768f74c31d04063889c5dc588d55bc19cf7315 Mon Sep 17 00:00:00 2001 From: Amit Shah Date: Mon, 21 Mar 2011 20:31:45 +0100 Subject: [PATCH] char: Add a QemuChrHandlers struct to initialise chardev @@ -978,7 +978,7 @@ index 4df550f..2868229 100644 return 0; diff --git a/qemu-char.c b/qemu-char.c -index d7fa7e6..5abb8b9 100644 +index ac2abeb..0c97bdf 100644 --- a/qemu-char.c +++ b/qemu-char.c @@ -192,19 +192,26 @@ void qemu_chr_fe_printf(CharDriverState *s, const char *fmt, ...) diff --git a/0003-iohandlers-Add-enable-disable_write_fd_handler-funct.patch b/0003-iohandlers-Add-enable-disable_write_fd_handler-funct.patch index bb3ef65..7c9c131 100644 --- a/0003-iohandlers-Add-enable-disable_write_fd_handler-funct.patch +++ b/0003-iohandlers-Add-enable-disable_write_fd_handler-funct.patch @@ -1,4 +1,4 @@ -From 4dabaa88ce83dbb6ba07e8f8a2e8eeb53604b56f Mon Sep 17 00:00:00 2001 +From 64080f1b8983660b707ed8c0d10ace22e9b46f7a Mon Sep 17 00:00:00 2001 From: Amit Shah Date: Mon, 21 Mar 2011 20:32:58 +0100 Subject: [PATCH] iohandlers: Add enable/disable_write_fd_handler() functions diff --git a/0004-char-Add-framework-for-a-write-unblocked-callback.patch b/0004-char-Add-framework-for-a-write-unblocked-callback.patch index b087816..4a41a18 100644 --- a/0004-char-Add-framework-for-a-write-unblocked-callback.patch +++ b/0004-char-Add-framework-for-a-write-unblocked-callback.patch @@ -1,4 +1,4 @@ -From f4be4da263d4bad7c600d847e13e69cca4ab08b6 Mon Sep 17 00:00:00 2001 +From 84877040f31425a8fecdbee19cb24fcc5a8212df Mon Sep 17 00:00:00 2001 From: Amit Shah Date: Mon, 21 Mar 2011 21:41:42 +0100 Subject: [PATCH] char: Add framework for a 'write unblocked' callback @@ -39,7 +39,7 @@ index 3027cc1..2fee107 100644 }; diff --git a/qemu-char.c b/qemu-char.c -index 5abb8b9..ce2eba8 100644 +index 0c97bdf..ab0c552 100644 --- a/qemu-char.c +++ b/qemu-char.c @@ -211,11 +211,14 @@ void qemu_chr_add_handlers(CharDriverState *s, diff --git a/0005-char-Update-send_all-to-handle-nonblocking-chardev-w.patch b/0005-char-Update-send_all-to-handle-nonblocking-chardev-w.patch index 25d6e62..b8f1f78 100644 --- a/0005-char-Update-send_all-to-handle-nonblocking-chardev-w.patch +++ b/0005-char-Update-send_all-to-handle-nonblocking-chardev-w.patch @@ -1,4 +1,4 @@ -From 8b85c38edae20f5dddb82d7530ca33c2c64be0c4 Mon Sep 17 00:00:00 2001 +From c7e9b2a5b981209f4e77b26562758663cc060900 Mon Sep 17 00:00:00 2001 From: Amit Shah Date: Mon, 21 Mar 2011 22:00:27 +0100 Subject: [PATCH] char: Update send_all() to handle nonblocking chardev write @@ -22,7 +22,7 @@ Signed-off-by: Cole Robinson 2 files changed, 65 insertions(+), 7 deletions(-) diff --git a/include/qemu/sockets.h b/include/qemu/sockets.h -index 803ae17..8ee146c 100644 +index 0ccf32f..42ca690 100644 --- a/include/qemu/sockets.h +++ b/include/qemu/sockets.h @@ -29,6 +29,7 @@ int inet_aton(const char *cp, struct in_addr *ia); @@ -35,15 +35,15 @@ index 803ae17..8ee146c 100644 int qemu_socket(int domain, int type, int protocol); @@ -36,7 +37,7 @@ int qemu_accept(int s, struct sockaddr *addr, socklen_t *addrlen); int socket_set_cork(int fd, int v); - void socket_set_block(int fd); - void socket_set_nonblock(int fd); + void qemu_set_block(int fd); + void qemu_set_nonblock(int fd); -int send_all(int fd, const void *buf, int len1); +int send_all(CharDriverState *chr, int fd, const void *buf, int len1); /* callback function for nonblocking connect * valid fd on success, negative error code on failure diff --git a/qemu-char.c b/qemu-char.c -index ce2eba8..3d6e2f8 100644 +index ab0c552..96fc54e 100644 --- a/qemu-char.c +++ b/qemu-char.c @@ -508,7 +508,7 @@ static CharDriverState *qemu_chr_open_mux(CharDriverState *drv) diff --git a/0006-char-Equip-the-unix-tcp-backend-to-handle-nonblockin.patch b/0006-char-Equip-the-unix-tcp-backend-to-handle-nonblockin.patch index 0b50a27..62bcd1b 100644 --- a/0006-char-Equip-the-unix-tcp-backend-to-handle-nonblockin.patch +++ b/0006-char-Equip-the-unix-tcp-backend-to-handle-nonblockin.patch @@ -1,4 +1,4 @@ -From 9fd3a478a3823258516f06201fa681e07dce1781 Mon Sep 17 00:00:00 2001 +From 6540bebbaa749d405df91516e1ca5a075e354628 Mon Sep 17 00:00:00 2001 From: Amit Shah Date: Mon, 21 Mar 2011 22:02:47 +0100 Subject: [PATCH] char: Equip the unix/tcp backend to handle nonblocking @@ -19,7 +19,7 @@ Signed-off-by: Cole Robinson 1 file changed, 27 insertions(+) diff --git a/qemu-char.c b/qemu-char.c -index 3d6e2f8..18e980d 100644 +index 96fc54e..53d2c13 100644 --- a/qemu-char.c +++ b/qemu-char.c @@ -105,6 +105,19 @@ diff --git a/0007-virtio-console-Enable-port-throttling-when-chardev-i.patch b/0007-virtio-console-Enable-port-throttling-when-chardev-i.patch index 6c0ceaf..3f57b0b 100644 --- a/0007-virtio-console-Enable-port-throttling-when-chardev-i.patch +++ b/0007-virtio-console-Enable-port-throttling-when-chardev-i.patch @@ -1,4 +1,4 @@ -From 2de627bd1e2761e5caf02e975bc6d744e36adc87 Mon Sep 17 00:00:00 2001 +From 33f3874dc760f0960d408be2f916d04373de543b Mon Sep 17 00:00:00 2001 From: Amit Shah Date: Mon, 21 Mar 2011 22:06:41 +0100 Subject: [PATCH] virtio-console: Enable port throttling when chardev is slow diff --git a/0008-spice-qemu-char.c-add-throttling.patch b/0008-spice-qemu-char.c-add-throttling.patch index a5bd9da..b73b620 100644 --- a/0008-spice-qemu-char.c-add-throttling.patch +++ b/0008-spice-qemu-char.c-add-throttling.patch @@ -1,4 +1,4 @@ -From 57a83c6d83b53eb5baae9f006973e7faac52b36b Mon Sep 17 00:00:00 2001 +From aa0a2c94c70ae5ed0fb215328c8ecebbef10cbe9 Mon Sep 17 00:00:00 2001 From: Alon Levy Date: Tue, 22 Mar 2011 12:27:59 +0200 Subject: [PATCH] spice-qemu-char.c: add throttling diff --git a/0009-spice-qemu-char.c-remove-intermediate-buffer.patch b/0009-spice-qemu-char.c-remove-intermediate-buffer.patch index 1c4f803..a5ded75 100644 --- a/0009-spice-qemu-char.c-remove-intermediate-buffer.patch +++ b/0009-spice-qemu-char.c-remove-intermediate-buffer.patch @@ -1,4 +1,4 @@ -From f6239f570a57ba6069ce1033b696365bdfed1b47 Mon Sep 17 00:00:00 2001 +From de979c48aa4b5e7f3f8658f9ac69030f3de3c99c Mon Sep 17 00:00:00 2001 From: Alon Levy Date: Tue, 22 Mar 2011 12:28:00 +0200 Subject: [PATCH] spice-qemu-char.c: remove intermediate buffer diff --git a/0010-usb-redir-Add-flow-control-support.patch b/0010-usb-redir-Add-flow-control-support.patch index 32a2877..5ff7b70 100644 --- a/0010-usb-redir-Add-flow-control-support.patch +++ b/0010-usb-redir-Add-flow-control-support.patch @@ -1,4 +1,4 @@ -From 40a91b44f1dfb7f19f2e3156491d721c62a2c9b3 Mon Sep 17 00:00:00 2001 +From 1e87b85766f9c18a2f9dffd289c0e56d640637c4 Mon Sep 17 00:00:00 2001 From: Hans de Goede Date: Tue, 19 Jul 2011 10:56:19 +0200 Subject: [PATCH] usb-redir: Add flow control support diff --git a/0011-char-Disable-write-callback-if-throttled-chardev-is-.patch b/0011-char-Disable-write-callback-if-throttled-chardev-is-.patch index 093fd2f..b686ccd 100644 --- a/0011-char-Disable-write-callback-if-throttled-chardev-is-.patch +++ b/0011-char-Disable-write-callback-if-throttled-chardev-is-.patch @@ -1,4 +1,4 @@ -From 6ad6a0becf4ef5934273175df5f8810d43266856 Mon Sep 17 00:00:00 2001 +From 42931bebb2856307dcdc9babc5dd9954b60c8094 Mon Sep 17 00:00:00 2001 From: Amit Shah Date: Fri, 2 Dec 2011 15:42:55 +0530 Subject: [PATCH] char: Disable write callback if throttled chardev is detached @@ -16,7 +16,7 @@ Signed-off-by: Cole Robinson 1 file changed, 5 insertions(+) diff --git a/qemu-char.c b/qemu-char.c -index 18e980d..04ae28c 100644 +index 53d2c13..fde72ff 100644 --- a/qemu-char.c +++ b/qemu-char.c @@ -223,6 +223,11 @@ void qemu_chr_add_handlers(CharDriverState *s, diff --git a/0012-hw-virtio-serial-bus-replay-guest-open-on-destinatio.patch b/0012-hw-virtio-serial-bus-replay-guest-open-on-destinatio.patch index 6b71111..078cf15 100644 --- a/0012-hw-virtio-serial-bus-replay-guest-open-on-destinatio.patch +++ b/0012-hw-virtio-serial-bus-replay-guest-open-on-destinatio.patch @@ -1,4 +1,4 @@ -From 1183739a4da98952d93b9a3870ce5efea6eedb48 Mon Sep 17 00:00:00 2001 +From 81ab56732f4990c288c88a545925dc4431c313d2 Mon Sep 17 00:00:00 2001 From: Alon Levy Date: Fri, 16 Nov 2012 16:24:47 +0200 Subject: [PATCH] hw/virtio-serial-bus: replay guest open on destination diff --git a/0101-configure-Add-enable-migration-from-qemu-kvm.patch b/0101-configure-Add-enable-migration-from-qemu-kvm.patch index 67846cb..695a659 100644 --- a/0101-configure-Add-enable-migration-from-qemu-kvm.patch +++ b/0101-configure-Add-enable-migration-from-qemu-kvm.patch @@ -1,4 +1,4 @@ -From 4c0c92f91370c1a3279e1488aaf4c979a0ccb1f0 Mon Sep 17 00:00:00 2001 +From c6c153bfd7f9da48eb541d78bf09bc03bcc337e5 Mon Sep 17 00:00:00 2001 From: Cole Robinson Date: Tue, 19 Feb 2013 14:39:05 -0500 Subject: [PATCH] configure: Add --enable-migration-from-qemu-kvm @@ -16,7 +16,7 @@ Signed-off-by: Cole Robinson 1 file changed, 10 insertions(+) diff --git a/configure b/configure -index 8789324..9e7f80f 100755 +index e7468a9..719e348 100755 --- a/configure +++ b/configure @@ -170,6 +170,7 @@ xfs="" @@ -46,7 +46,7 @@ index 8789324..9e7f80f 100755 echo " --enable-tcg-interpreter enable TCG with bytecode interpreter (TCI)" echo " --disable-nptl disable usermode NPTL support" echo " --enable-nptl enable usermode NPTL support" -@@ -3318,6 +3324,7 @@ echo "Linux AIO support $linux_aio" +@@ -3324,6 +3330,7 @@ echo "Linux AIO support $linux_aio" echo "ATTR/XATTR support $attr" echo "Install blobs $blobs" echo "KVM support $kvm" @@ -54,7 +54,7 @@ index 8789324..9e7f80f 100755 echo "TCG interpreter $tcg_interpreter" echo "fdt support $fdt" echo "preadv support $preadv" -@@ -3606,6 +3613,9 @@ fi +@@ -3612,6 +3619,9 @@ fi if test "$signalfd" = "yes" ; then echo "CONFIG_SIGNALFD=y" >> $config_host_mak fi diff --git a/0102-acpi_piix4-Drop-minimum_version_id-to-handle-qemu-kv.patch b/0102-acpi_piix4-Drop-minimum_version_id-to-handle-qemu-kv.patch index 87fb9da..9514db4 100644 --- a/0102-acpi_piix4-Drop-minimum_version_id-to-handle-qemu-kv.patch +++ b/0102-acpi_piix4-Drop-minimum_version_id-to-handle-qemu-kv.patch @@ -1,4 +1,4 @@ -From d83f40ffc3720fd564591ea6b00778d133b22edd Mon Sep 17 00:00:00 2001 +From 75e3acce2d9302a2344b3de381a49f6cd0fa04ad Mon Sep 17 00:00:00 2001 From: Cole Robinson Date: Tue, 19 Feb 2013 14:44:49 -0500 Subject: [PATCH] acpi_piix4: Drop minimum_version_id to handle qemu-kvm @@ -22,7 +22,7 @@ Signed-off-by: Cole Robinson 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/hw/acpi_piix4.c b/hw/acpi_piix4.c -index 65b2601..e3d2e41 100644 +index 1beac21..2abcc9d 100644 --- a/hw/acpi_piix4.c +++ b/hw/acpi_piix4.c @@ -257,16 +257,19 @@ static int acpi_load_old(QEMUFile *f, void *opaque, int version_id) diff --git a/0103-i8254-Fix-migration-from-qemu-kvm-1.1.patch b/0103-i8254-Fix-migration-from-qemu-kvm-1.1.patch index d71676e..317f6ea 100644 --- a/0103-i8254-Fix-migration-from-qemu-kvm-1.1.patch +++ b/0103-i8254-Fix-migration-from-qemu-kvm-1.1.patch @@ -1,4 +1,4 @@ -From 8da856131e3e6b9965a61a987df7ab487e80d1a0 Mon Sep 17 00:00:00 2001 +From c50ed212c0b0814a0edefb2d2a2fc7abc6aed2af Mon Sep 17 00:00:00 2001 From: Cole Robinson Date: Tue, 19 Feb 2013 15:04:59 -0500 Subject: [PATCH] i8254: Fix migration from qemu-kvm < 1.1 diff --git a/0104-pc_piix-Add-compat-handling-for-qemu-kvm-VGA-mem-siz.patch b/0104-pc_piix-Add-compat-handling-for-qemu-kvm-VGA-mem-siz.patch index 30fcb47..1d39ec0 100644 --- a/0104-pc_piix-Add-compat-handling-for-qemu-kvm-VGA-mem-siz.patch +++ b/0104-pc_piix-Add-compat-handling-for-qemu-kvm-VGA-mem-siz.patch @@ -1,4 +1,4 @@ -From a3c975852ea909b93953f53a39ab4c696c595091 Mon Sep 17 00:00:00 2001 +From 271e4d924c39efd716cc3ad86a5f615660b13f22 Mon Sep 17 00:00:00 2001 From: Cole Robinson Date: Tue, 19 Feb 2013 15:35:40 -0500 Subject: [PATCH] pc_piix: Add compat handling for qemu-kvm VGA mem size diff --git a/0105-qxl-Add-rom_size-compat-property-fix-migration-from-.patch b/0105-qxl-Add-rom_size-compat-property-fix-migration-from-.patch index 5a51923..e98bba9 100644 --- a/0105-qxl-Add-rom_size-compat-property-fix-migration-from-.patch +++ b/0105-qxl-Add-rom_size-compat-property-fix-migration-from-.patch @@ -1,4 +1,4 @@ -From 95a59bc743f27d7d3fdcc1b0ff131f240e01e839 Mon Sep 17 00:00:00 2001 +From 66cc6383d6b1d934d22e9a16b432cacacd58c315 Mon Sep 17 00:00:00 2001 From: Cole Robinson Date: Tue, 19 Feb 2013 16:19:02 -0500 Subject: [PATCH] qxl: Add rom_size compat property, fix migration from 1.2 @@ -60,7 +60,7 @@ index e3f8e96..a1a6794 100644 static QEMUMachine pc_machine_v1_1 = { diff --git a/hw/qxl.c b/hw/qxl.c -index 2e1c5e2..436e375 100644 +index ca094e6..80bd92a 100644 --- a/hw/qxl.c +++ b/hw/qxl.c @@ -302,16 +302,14 @@ static inline uint32_t msb_mask(uint32_t val) diff --git a/0106-docs-Fix-generating-qemu-doc.html-with-texinfo-5.patch b/0106-docs-Fix-generating-qemu-doc.html-with-texinfo-5.patch index 690799b..22b31bf 100644 --- a/0106-docs-Fix-generating-qemu-doc.html-with-texinfo-5.patch +++ b/0106-docs-Fix-generating-qemu-doc.html-with-texinfo-5.patch @@ -1,4 +1,4 @@ -From 1b852140f347cbebdceaca44e5ce3cb8e3db702d Mon Sep 17 00:00:00 2001 +From f76e7a03ac948a7649878d7ddbb02ace0f6e3625 Mon Sep 17 00:00:00 2001 From: Cole Robinson Date: Wed, 20 Feb 2013 11:14:45 -0500 Subject: [PATCH] docs: Fix generating qemu-doc.html with texinfo 5 @@ -15,10 +15,10 @@ Signed-off-by: Cole Robinson 1 file changed, 7 insertions(+), 12 deletions(-) diff --git a/qemu-options.hx b/qemu-options.hx -index 9d7131a..1000d49 100644 +index 15dc29e..470c2b4 100644 --- a/qemu-options.hx +++ b/qemu-options.hx -@@ -2075,18 +2075,13 @@ QEMU supports using either local sheepdog devices or remote networked +@@ -2092,18 +2092,13 @@ QEMU supports using either local sheepdog devices or remote networked devices. Syntax for specifying a sheepdog device diff --git a/0107-rtc-test-Fix-test-failures-with-recent-glib.patch b/0107-rtc-test-Fix-test-failures-with-recent-glib.patch deleted file mode 100644 index 40efe04..0000000 --- a/0107-rtc-test-Fix-test-failures-with-recent-glib.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 2e8c33aab214c118fa8a579938f1dbd54397a80d Mon Sep 17 00:00:00 2001 -From: Cole Robinson -Date: Wed, 27 Feb 2013 09:43:54 -0500 -Subject: [PATCH] rtc-test: Fix test failures with recent glib - -As of glib 2.35.4, glib changed its logic for ordering test cases: - -https://bugzilla.gnome.org/show_bug.cgi?id=694487 - -This was causing failures in rtc-test. Group the reordered test -cases into their own suite, which maintains the original ordering. ---- - tests/rtc-test.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/tests/rtc-test.c b/tests/rtc-test.c -index 203c0fc..097cfb4 100644 ---- a/tests/rtc-test.c -+++ b/tests/rtc-test.c -@@ -384,11 +384,11 @@ int main(int argc, char **argv) - - qtest_add_func("/rtc/bcd/check-time", bcd_check_time); - qtest_add_func("/rtc/dec/check-time", dec_check_time); -- qtest_add_func("/rtc/alarm-time", alarm_time); -+ qtest_add_func("/rtc/alarm/alarm-time", alarm_time); - qtest_add_func("/rtc/set-year/20xx", set_year_20xx); - qtest_add_func("/rtc/set-year/1980", set_year_1980); -- qtest_add_func("/rtc/register_b_set_flag", register_b_set_flag); -- qtest_add_func("/rtc/fuzz-registers", fuzz_registers); -+ qtest_add_func("/rtc/misc/register_b_set_flag", register_b_set_flag); -+ qtest_add_func("/rtc/misc/fuzz-registers", fuzz_registers); - ret = g_test_run(); - - if (s) { diff --git a/0108-iscsi-look-for-pkg-config-file-too.patch b/0108-iscsi-look-for-pkg-config-file-too.patch deleted file mode 100644 index 8c60ee3..0000000 --- a/0108-iscsi-look-for-pkg-config-file-too.patch +++ /dev/null @@ -1,36 +0,0 @@ -From: Paolo Bonzini -Subject: [PATCH 3/6] iscsi: look for pkg-config file too -Date: Tue, 5 Mar 2013 18:05:22 +0100 - -Due to library conflicts, Fedora will have to put libiscsi in -/usr/lib/iscsi. Simplify configuration by using a pkg-config -file. The Fedora package will distribute one, and the patch -to add it has been sent to upstream libiscsi as well. - -Cc: qemu-stable@nongnu.org -Signed-off-by: Paolo Bonzini ---- - configure | 8 +++++++- - 1 file changed, 7 insertions(+), 1 deletion(-) - -diff --git a/configure b/configure -index 2f98c5a..a9a7c99 100755 ---- a/configure -+++ b/configure -@@ -2803,7 +2803,13 @@ if test "$libiscsi" != "no" ; then - #include - int main(void) { iscsi_unmap_sync(NULL,0,0,0,NULL,0); return 0; } - EOF -- if compile_prog "" "-liscsi" ; then -+ if $pkg_config --atleast-version=1.7.0 libiscsi --modversion >/dev/null 2>&1; then -+ libiscsi="yes" -+ libiscsi_cflags=$($pkg_config --cflags libiscsi 2>/dev/null) -+ libiscsi_libs=$($pkg_config --libs libiscsi 2>/dev/null) -+ CFLAGS="$CFLAGS $libiscsi_cflags" -+ LIBS="$LIBS $libiscsi_libs" -+ elif compile_prog "" "-liscsi" ; then - libiscsi="yes" - LIBS="$LIBS -liscsi" - else --- -1.8.1.2 diff --git a/0109-tcg-Fix-occasional-TCG-broken-problem-when-ldst-opti.patch b/0109-tcg-Fix-occasional-TCG-broken-problem-when-ldst-opti.patch deleted file mode 100644 index 703e972..0000000 --- a/0109-tcg-Fix-occasional-TCG-broken-problem-when-ldst-opti.patch +++ /dev/null @@ -1,41 +0,0 @@ -From bf18257d85734fc6b116108e7c6511dbd4ad8be8 Mon Sep 17 00:00:00 2001 -From: Yeongkyoon Lee -Date: Fri, 22 Mar 2013 21:50:17 +0900 -Subject: [PATCH] tcg: Fix occasional TCG broken problem when ldst optimization - enabled - -is_tcg_gen_code() checks the upper limit of TCG generated code range wrong, so -that TCG could get broken occasionally only when CONFIG_QEMU_LDST_OPTIMIZATION -enabled. The reason is code_gen_buffer_max_size does not cover the upper range -up to (TCG_MAX_OP_SIZE * OPC_BUF_SIZE), thus code_gen_buffer_max_size should be -modified to code_gen_buffer_size. - -CC: qemu-stable@nongnu.org -Signed-off-by: Yeongkyoon Lee -Reviewed-by: Peter Maydell -Signed-off-by: Aurelien Jarno -(cherry picked from commit 52ae646d4a3ebdcdcc973492c6a56f2c49b6578f) - -Conflicts: - translate-all.c ---- - translate-all.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/translate-all.c b/translate-all.c -index d367fc4..bf1db09 100644 ---- a/translate-all.c -+++ b/translate-all.c -@@ -1310,10 +1310,10 @@ static void tb_link_page(TranslationBlock *tb, tb_page_addr_t phys_pc, - /* check whether the given addr is in TCG generated code buffer or not */ - bool is_tcg_gen_code(uintptr_t tc_ptr) - { -- /* This can be called during code generation, code_gen_buffer_max_size -+ /* This can be called during code generation, code_gen_buffer_size - is used instead of code_gen_ptr for upper boundary checking */ - return (tc_ptr >= (uintptr_t)code_gen_buffer && -- tc_ptr < (uintptr_t)(code_gen_buffer + code_gen_buffer_max_size)); -+ tc_ptr < (uintptr_t)(code_gen_buffer + code_gen_buffer_size)); - } - #endif - diff --git a/0110-qxl-better-vga-init-in-enter_vga_mode.patch b/0110-qxl-better-vga-init-in-enter_vga_mode.patch deleted file mode 100644 index 7d35861..0000000 --- a/0110-qxl-better-vga-init-in-enter_vga_mode.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 73a438802ea86374404df8de9f690589efea3727 Mon Sep 17 00:00:00 2001 -From: Gerd Hoffmann -Date: Thu, 28 Feb 2013 11:08:50 +0100 -Subject: [PATCH] qxl: better vga init in enter_vga_mode - -Ask the vga core to update the display. Will trigger dpy_gfx_resize -if needed. More complete than just calling dpy_gfx_resize. - -Signed-off-by: Gerd Hoffmann -(cherry picked from commit c099e7aa0295678859d58e9e60b7619f6ae3bac8) ---- - hw/qxl.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/hw/qxl.c b/hw/qxl.c -index 436e375..80bd92a 100644 ---- a/hw/qxl.c -+++ b/hw/qxl.c -@@ -1073,8 +1073,8 @@ static void qxl_enter_vga_mode(PCIQXLDevice *d) - trace_qxl_enter_vga_mode(d->id); - qemu_spice_create_host_primary(&d->ssd); - d->mode = QXL_MODE_VGA; -- dpy_gfx_resize(d->ssd.ds); - vga_dirty_log_start(&d->vga); -+ vga_hw_update(); - } - - static void qxl_exit_vga_mode(PCIQXLDevice *d) diff --git a/0111-usb-tablet-Don-t-claim-wakeup-capability-for-USB-2-v.patch b/0111-usb-tablet-Don-t-claim-wakeup-capability-for-USB-2-v.patch deleted file mode 100644 index 905bff0..0000000 --- a/0111-usb-tablet-Don-t-claim-wakeup-capability-for-USB-2-v.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 2d3225f34dbe42d215c7809f5f82186eafe7f4c2 Mon Sep 17 00:00:00 2001 -From: Hans de Goede -Date: Tue, 2 Apr 2013 19:13:06 +0200 -Subject: [PATCH 1/2] usb-tablet: Don't claim wakeup capability for USB-2 - version - -Our ehci code does not implement wakeup support, so claiming support for -it with usb-tablet in USB-2 mode causes all tablet events to get lost. - -http://bugzilla.redhat.com/show_bug.cgi?id=929068 - -Signed-off-by: Hans de Goede ---- - hw/usb/dev-hid.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/hw/usb/dev-hid.c b/hw/usb/dev-hid.c -index 9701048..317b474 100644 ---- a/hw/usb/dev-hid.c -+++ b/hw/usb/dev-hid.c -@@ -236,7 +236,7 @@ static const USBDescDevice desc_device_tablet2 = { - .bNumInterfaces = 1, - .bConfigurationValue = 1, - .iConfiguration = STR_CONFIG_TABLET, -- .bmAttributes = 0xa0, -+ .bmAttributes = 0x80, - .bMaxPower = 50, - .nif = 1, - .ifs = &desc_iface_tablet2, --- -1.8.1.4 - diff --git a/qemu.spec b/qemu.spec index f8bb47b..6be6f2a 100644 --- a/qemu.spec +++ b/qemu.spec @@ -127,8 +127,8 @@ Summary: QEMU is a FAST! processor emulator Name: qemu -Version: 1.4.0 -Release: 11%{?dist} +Version: 1.4.1 +Release: 1%{?dist} # Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped Epoch: 2 License: GPLv2+ and LGPLv2+ and BSD @@ -193,16 +193,6 @@ Patch0104: 0104-pc_piix-Add-compat-handling-for-qemu-kvm-VGA-mem-siz.patch Patch0105: 0105-qxl-Add-rom_size-compat-property-fix-migration-from-.patch # Fix generating docs with texinfo 5 (posted upstream) Patch0106: 0106-docs-Fix-generating-qemu-doc.html-with-texinfo-5.patch -# Fix test ordering with latest glib -Patch0107: 0107-rtc-test-Fix-test-failures-with-recent-glib.patch -# Fixes for iscsi dep -Patch0108: 0108-iscsi-look-for-pkg-config-file-too.patch -# Fix TCG ld/st optimization (lp 1127369) -Patch0109: 0109-tcg-Fix-occasional-TCG-broken-problem-when-ldst-opti.patch -# Fix possible crash with VNC and qxl (bz #919777) -Patch0110: 0110-qxl-better-vga-init-in-enter_vga_mode.patch -# Fix USB-tablet not working with some Linux guests (bz #929068) -Patch0111: 0111-usb-tablet-Don-t-claim-wakeup-capability-for-USB-2-v.patch BuildRequires: SDL-devel BuildRequires: zlib-devel @@ -670,16 +660,6 @@ CAC emulation development files. %patch0105 -p1 # Fix generating docs with texinfo 5 (posted upstream) %patch0106 -p1 -# Fix test ordering with latest glib -%patch0107 -p1 -# Fixes for iscsi dep -%patch0108 -p1 -# Fix TCG ld/st optimization (lp 1127369) -%patch0109 -p1 -# Fix possible crash with VNC and qxl (bz #919777) -%patch0110 -p1 -# Fix USB-tablet not working with some Linux guests (bz #929068) -%patch0111 -p1 %build @@ -1291,6 +1271,12 @@ getent passwd qemu >/dev/null || \ %endif %changelog +* Sat Apr 20 2013 Cole Robinson - 2:1.4.1-1 +- Rebased to version 1.4.1 +- qemu stable release 1.4.1 (bz 952599) +- CVE-2013-1922: qemu-nbd block format auto-detection vulnerability (bz + 952574, bz 923219) + * Thu Apr 04 2013 Richard W.M. Jones - 2:1.4.0-11 - Rebuild to attempt to fix broken dep on libbrlapi.so.0.5 diff --git a/sources b/sources index 91a1a37..fc2703b 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -78f13b774814b6b7ebcaf4f9b9204318 qemu-1.4.0.tar.bz2 +eb2d696956324722b5ecfa46e41f9a75 qemu-1.4.1.tar.bz2