From: "Aric Belsito" <lluixhi@gmail.com>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/
Date: Mon, 13 Feb 2017 06:46:11 +0000 (UTC) [thread overview]
Message-ID: <1486968309.b610381e7567e3d26aa70587a1e173de4e1fa48f.lluixhi@gentoo> (raw)
commit: b610381e7567e3d26aa70587a1e173de4e1fa48f
Author: Aric Belsito <lluixhi <AT> gmail <DOT> com>
AuthorDate: Mon Feb 13 06:45:09 2017 +0000
Commit: Aric Belsito <lluixhi <AT> gmail <DOT> com>
CommitDate: Mon Feb 13 06:45:09 2017 +0000
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=b610381e
app-emulation/qemu: version bump to 2.8.0-r1
Drop 2.7.x (no longer in tree.)
app-emulation/qemu/Manifest | 52 +-
.../files/qemu-2.0.0-F_SHLCK-and-F_EXLCK.patch | 23 -
.../qemu/files/qemu-2.7.0-CVE-2016-6836.patch | 27 -
.../qemu/files/qemu-2.7.0-CVE-2016-7155.patch | 81 ---
.../qemu/files/qemu-2.7.0-CVE-2016-7156.patch | 62 --
.../qemu/files/qemu-2.7.0-CVE-2016-7157-1.patch | 28 -
.../qemu/files/qemu-2.7.0-CVE-2016-7157-2.patch | 27 -
.../qemu/files/qemu-2.7.0-CVE-2016-7170.patch | 40 --
.../qemu/files/qemu-2.7.0-CVE-2016-7421.patch | 34 -
.../qemu/files/qemu-2.7.0-CVE-2016-7422.patch | 38 --
.../qemu/files/qemu-2.7.0-CVE-2016-7423.patch | 31 -
.../qemu/files/qemu-2.7.0-CVE-2016-7466.patch | 26 -
.../qemu/files/qemu-2.7.0-CVE-2016-7907.patch | 45 --
.../qemu/files/qemu-2.7.0-CVE-2016-7908.patch | 52 --
.../qemu/files/qemu-2.7.0-CVE-2016-7909.patch | 32 -
.../qemu/files/qemu-2.7.0-CVE-2016-7994-1.patch | 25 -
.../qemu/files/qemu-2.7.0-CVE-2016-7994-2.patch | 26 -
.../qemu/files/qemu-2.7.0-CVE-2016-8576.patch | 61 --
.../qemu/files/qemu-2.7.0-CVE-2016-8577.patch | 34 -
.../qemu/files/qemu-2.7.0-CVE-2016-8578.patch | 58 --
.../qemu/files/qemu-2.7.0-CVE-2016-8668.patch | 30 -
.../qemu/files/qemu-2.7.0-CVE-2016-8669-1.patch | 3 +
.../qemu/files/qemu-2.7.0-CVE-2016-8669-2.patch | 34 -
.../qemu/files/qemu-2.7.0-CVE-2016-8909.patch | 31 -
.../qemu/files/qemu-2.7.0-CVE-2016-8910.patch | 29 -
.../qemu/files/qemu-2.7.0-CVE-2016-9102.patch | 21 -
.../qemu/files/qemu-2.7.0-CVE-2016-9103.patch | 27 -
.../qemu/files/qemu-2.7.0-CVE-2016-9104.patch | 92 ---
.../qemu/files/qemu-2.7.0-CVE-2016-9105.patch | 25 -
.../qemu/files/qemu-2.7.0-CVE-2016-9106.patch | 27 -
.../qemu/files/qemu-2.7.0-configure-ifunc.patch | 13 -
.../qemu/files/qemu-2.8.0-CVE-2016-10155.patch | 46 ++
.../qemu/files/qemu-2.8.0-CVE-2017-2615.patch | 48 ++
.../qemu/files/qemu-2.8.0-CVE-2017-5525-1.patch | 52 ++
.../qemu/files/qemu-2.8.0-CVE-2017-5525-2.patch | 55 ++
.../qemu/files/qemu-2.8.0-CVE-2017-5552.patch | 41 ++
.../qemu/files/qemu-2.8.0-CVE-2017-5578.patch | 35 +
.../qemu/files/qemu-2.8.0-CVE-2017-5579.patch | 40 ++
.../qemu/files/qemu-2.8.0-CVE-2017-5667.patch | 37 ++
.../qemu/files/qemu-2.8.0-CVE-2017-5856.patch | 64 ++
.../qemu/files/qemu-2.8.0-CVE-2017-5857.patch | 38 ++
.../qemu/files/qemu-2.8.0-CVE-2017-5898.patch | 35 +
.../qemu/files/qemu-2.8.0-CVE-2017-5931.patch | 46 ++
app-emulation/qemu/metadata.xml | 1 -
app-emulation/qemu/qemu-2.7.0-r7.ebuild | 713 ---------------------
.../{qemu-2.7.1.ebuild => qemu-2.8.0-r1.ebuild} | 53 +-
app-emulation/qemu/qemu-2.8.0.ebuild | 10 +-
47 files changed, 582 insertions(+), 1866 deletions(-)
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
index 7f02bb3..0acf0b7 100644
--- a/app-emulation/qemu/Manifest
+++ b/app-emulation/qemu/Manifest
@@ -1,48 +1,28 @@
AUX 65-kvm.rules 40 SHA256 c16a8dc7855880b2651f1a3ff488ecc54d4ac1036c71fffd5007021d8d18a7c5 SHA512 98aad2a2f212a7ac0ee5b60a9c92744fa462bce5f26594845c7a31d692aaaca2d52cb57bdbede7dfc60b9862c2a6510665dbb03215d5cf76e62516a283decdd6 WHIRLPOOL 937de93a23930f6b8533f0c3e0dd249c99ddf7d54446dea857607266ac0a4b435c5b4a52b2986b138bace9c0a7ade66f94116b38e2bc4767ead54bd11baf0920
AUX bridge.conf 454 SHA256 a51850dd39923f3482e4c575b48ad9fef9c9ebb2f2176225da399b79ce48c69d SHA512 a907ee86b81a1b61033bb7621ded65112504131ef7b698c53e4014b958ee6fc79e66f63069015a01e41362cb70a7d0ed26dd9a03033cf776f4846f0e1f8f1533 WHIRLPOOL 8fcbd4abf9b8f7ca3d16fe0eaf17196ebf708dfecf85ce0f020e0de22b64905114f7b310f361826c81bb961c6b1bbbf984bff1e595bb949993b8966ccb222c35
-AUX qemu-2.0.0-F_SHLCK-and-F_EXLCK.patch 563 SHA256 99de67d610ad13a1dcf6c67a3c2b5b87fb909220173a956435737f9bea3c371b SHA512 a29e9a889388a6627ed492a79e66514ffb5e64f9479646982091811548fc2a9bf6682104a6c774d83e645e4b1db39e491afd4efce789fe164623442a7f3e5d00 WHIRLPOOL d3aab06099de263c22f4c71810a3b2cb8602d17731ec76674cd1415e539306555a7b96b789f0daad473600dfa04a83224ff603f7b9a9ac63a4902f74d0e9deb5
AUX qemu-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch 930 SHA256 6af6cf9044997710a6d0fbdba30a35c8d775e30d30c032ec97db672f75ec88ac SHA512 ec84b27648c01c6e58781295dcd0c2ff8e5a635f9836ef50c1da5d0ed125db1afc4cb5b01cb97606d6dd8f417acba93e1560d9a32ca29161a4bb730b302440ea WHIRLPOOL 06b9dd5251ac03405c97b1f5a623b4d86bda2f72fbcd52b90ae4d11a0cfb59cae62df2cb6189405fbe53ab05ff2b7ca8165fda239dbfe5f31ed70abb53b3b9f3
AUX qemu-2.2.0-_sigev_un.patch 636 SHA256 f3b9a4d6162c553f3110ad22716305818e2130e2ff5d628faf044fc58a5e3cb5 SHA512 f72b879daede5184904f64cabb276de96299a37a93fce444d09e9068671009e95a5e5d6b815ec41a5db5b3807de14d470a56bba5806ffd4dfec577577b046ccb WHIRLPOOL 9453ad4966e10d504f3e867fd984642a3c1ee3ae847b5ca56196fd1f9e6c0f2d7b52ca07446212af72fef6d0ded1527a5eb306fa6cd915e8dd9ce11523362bac
AUX qemu-2.5.0-cflags.patch 410 SHA256 17f5624dd733f5c80e733cc67ae36a736169ec066024dbf802b416accfed0755 SHA512 0194d28de08b4e51c5bd1c9a2cc7965ba7f66dfddb8fd91de3da93677e6cf2d38ad3270f69aaea8a20cf2533c2980018d6e0fed711be2806fe2053fba7c081f3 WHIRLPOOL 5f5b95d00409fbe03adb64801d30a2fb5f98dded5efa7f0e78b5746776f72917dcbea767e1d0afcb304d8bf8c484adedb8037e6d54e9d34997c2bc3a98b53154
AUX qemu-2.5.0-sysmacros.patch 333 SHA256 a5716fc02da383d455f5cbd76f49e4ee74d84c2d5703319adcbeb145d04875f9 SHA512 329632c5bff846ca3ffcdb4bc94ae62f17c6bdbb566f9bec0784357c943523e8ca7773790b83a9617734cab3b003baa3d636cbd08f7385810a63b0fa0383c4f0 WHIRLPOOL 2a774767d4685545d3ed18e4f5dece99a9007597d73c56197652ff24083550f987ffb69e5c624760dece87def71a7c5c22a694bf999d7309e48ef622f18f0d73
-AUX qemu-2.7.0-CVE-2016-6836.patch 889 SHA256 a94812131e8baa66b81971579ab84b20bf15d544e2698448a5247ac0ddca0b3d SHA512 cf7f327f26aee5b6688eb662ced8aa07775ad9558b4a02db244303f6b7d37be9cd19b18d5725819b4708184105b98830864e0ad3af81373e59e880809036345b WHIRLPOOL df00627ad447162fdcac4b2c965a8cb5c916a7fb66d8c3a4f8f48bb2d869d7805cb3308cd495ff74ebf4840e7bc2d85abf8e666d78b3da9abb4e2bae22697a82
-AUX qemu-2.7.0-CVE-2016-7155.patch 2745 SHA256 addf638a53bfae8556e463e0b78a151eef0fdf171eb395a98dbdf0332ff74131 SHA512 96e9df733c5227899da7d2ecc346139df9830dd16fc16f1f14666f8be60205a43f434fd79e158c2000926656ffa137809f1cb3c57a04cb375011f816e92e2f4b WHIRLPOOL c04c0dda417a70e4acb289c6b296da93f3eb8e51f7cfad62351b7235512e04714fdc169a87f4cbf1ef82bfc6decc8ebb5b3958f23d001795c9ebcd08369185a3
-AUX qemu-2.7.0-CVE-2016-7156.patch 2314 SHA256 7fa0d7f1025a3435b692a6e7ed8fa3be38a918395a8253e8c27f416ff37e041d SHA512 db3009fdf6d85ffd24fd4a2a40b372b0e665274bba1ce01632aef0d583f2830b58f889166a34acd36409944ab3f7e264801bf89a78f55a586b5f43429a1c86dc WHIRLPOOL ce8101b7607612ed7b9c6fbe373f9b5dec07e0ea8af0b4be8e52b4add5dd0ba12c9e5eb7380d68e3d3867988e0cfc1bdd1e8357ce2b71ef19f51e316fac62161
-AUX qemu-2.7.0-CVE-2016-7157-1.patch 888 SHA256 7a1f6199b16c220df51002e1222763d1a7c7b3a08349f664e576a9facc553516 SHA512 5c104464dfa48804d94ccca9a9d881f9e22eba2c3d9a2cbf3a645c3a696e89ea3f4603ea28deba9a1cd800df9bc5ad4894606869eca3e1e9cf95414723846938 WHIRLPOOL af42ec7ca93c92c4df060b4efd61bcc3f7cb5582d00bfe174d81f2393ad3a7f06e27cc2b2186f664860c3ee98f76dd68cd7e6de7ff7e63b778f345c32a62b495
-AUX qemu-2.7.0-CVE-2016-7157-2.patch 812 SHA256 1db3b565b4762abbc1096286c9887400591af76bf422a105e457c6bdcb887b59 SHA512 8d2177adc638d384302ec89de65a0acd4f4069580c40d6c50cb78501f25f4d171f3b92a36464711337e07dbf208f9ad93eb2f86a7361dde52026c1764341e10d WHIRLPOOL e815e165bb23cd42aaba2310e3fa48bba33b0344069e6f54c4b26dddad746516053221969fad855d6c827d42371494c609123b002e1e2a96c366d11131b3243a
-AUX qemu-2.7.0-CVE-2016-7170.patch 1527 SHA256 37d600b5a4ba143f1d6b26acbcf23357fa41a5f852774f68b6b6736a6ecec024 SHA512 c84494ec4ee9607cef7b230a25d10de444a29fecba57566df5394d40b88596ef91fbd5edfb51a58c5ecff7fa7ef39b7d32ba7976dbd011fb1b29a2e46e4e0080 WHIRLPOOL ddd3d94da447556b24257c11068bef360da6cf35e22257869b09057f42ba027636e605db96d9a66253f423f5667814a1f8c551f8eece733fd997b03d6ac81e2b
-AUX qemu-2.7.0-CVE-2016-7421.patch 1183 SHA256 f3996d9d4658fb32a04ce8ae3d3510e6a51a0aa39f64b003a636f68dacef19db SHA512 51d07015e27e4dfbde2c3ffa37d91134374b49c136735845c34155238767483ede8bbc7232ea93b4e4cbcc28195cbe1986d44ac0dd96e914ec29df3a1da9dfcc WHIRLPOOL a4e27d329591b2a3b94a7abed81df1f87509f5a38beb490d7a4ca7c14df2a864f4126c26fc044bb4357467b0f9ed0ca5811d5e85812e318adcb3236c30bef7a1
-AUX qemu-2.7.0-CVE-2016-7422.patch 1125 SHA256 7a3d31031b8ea70be29715e8d384f47ad8758e81b9cfc3768e59dd6c6a00cb2a SHA512 6a08f661cd2b00214297570c8035042544b0e707b2f20f6c59c251a73971f2b7e1920c7242ca09a4684ea58dcb177d11d087ee5e0523792e3c446e70239498ef WHIRLPOOL 82b38aa12e49695c1f0c67c303039afb05cc314d14e5bc8286bafebfbabd3eb3cddd41338d45f9510ea2f5074fd9028b39c251be0e5856e0221232a8b28797a9
-AUX qemu-2.7.0-CVE-2016-7423.patch 925 SHA256 2b9b1102c3c9c54ba2c311661c3222b1df246a519e9eef57d0793951c1249ae0 SHA512 e4401163d15f9ebd9057b8ddf4187f7a0a2f379cb8aea2bd92b20f132f7714a4e386733884be4568eddbd4067b6cad80275ccc101276897c4796117a9b20144f WHIRLPOOL 9bd9f5ed067604f065d3ac7447f8135dd72e178caa6f3c5a5ca7bc531a8008ec46620c4af33bea54a35dfe52e430d48dcf5b59145c4e1efc2a14cb789e38f5bd
-AUX qemu-2.7.0-CVE-2016-7466.patch 830 SHA256 5664c091038185766a54b93495029bbf6de116e8752c2334fa1c71b8387e89c3 SHA512 d158b1f66766f33b1df561956cc3c77d40e1422e44791cfc753d3def2f1851c2c9c0aeb299bcd1ae969dde8f4249f4489ed90776ebb497db4f626217710e4f48 WHIRLPOOL 13112769ecd6420e17d2a3c0e110a2bd479fc09d8a2086d27f0703a4d6c35ded07e003f28ff14579655c5468cd02c77fa514ba7ed6543f61deb60c6de604c99b
-AUX qemu-2.7.0-CVE-2016-7907.patch 1380 SHA256 58aa0af82a88de8967452c06ec229de381494e7ac222273ac5a7aa2c53dc5529 SHA512 5a311dea9554d7225d75fb2c680d2f7a2b151b46802176424f495e792ab4a9a101ad99099ccf2b6250230f23fc1ea804381129cd34eb0e4cd24c1e2442de9b51 WHIRLPOOL 69e7e01bc0b221581a8b1ef1af23eb59a6ad87acbfe821ccf8c23f349c9e31b84e4b8db83f48a849a4c5e9b6229f8d55e671da9f8485ecbc24855a8ab50b02ec
-AUX qemu-2.7.0-CVE-2016-7908.patch 1718 SHA256 3042b5425964c9bdb6ebc17d8f4bc5efd150547a348269d54e0962efc6a658d4 SHA512 441aa4fe46a2d6d425b1759ebadabc12fb1902f80364d351120932a13b9a46030bd2ad8c7faa57d6bcfbf740d9af2a96cec082a0d40b9a7469499ba1f19177bd WHIRLPOOL 6d870c28645e6fcb12e55a4da5f9dffae78d1fcd013ae6fd9727ae46e05103dc8870d548117e7f396af79cf76947ee8d0b5285ec9b4c6aac840aa6d1e1fc9054
-AUX qemu-2.7.0-CVE-2016-7909.patch 975 SHA256 8fb9a27f56c6875f271ac0dc80fd78af8b70d40778ef967019e4a1b0a47ff1ae SHA512 e2793eb18179a7c7276c4d437ea68bb02a6a3963842dd74041fdf3c9f239d6353c7d9e5705c1342fc01b5c7e3bc1bfb882d8094fbe4144ac5f705852579139ca WHIRLPOOL b73aef899c94c9130385dd757b25783b20fce9d32faa245847353766e046bd769789d8b107ef06c726a0e2471a5ef1599716343782c8a82267b79ca53c281414
-AUX qemu-2.7.0-CVE-2016-7994-1.patch 835 SHA256 6b84d2273197bd441761469245991d02b5de8b70c29abf096df301e87b5c2478 SHA512 7a8c1c6ffc654f428485057a31d40a831707e5e6a84e32f722f6fc4c86ed474dcd19bfc8034b3a603362d821e7170f46e25ddc2ca50b60f00f45455241ba9464 WHIRLPOOL 80c5c51535cec848664811d8cf41db9d931e3215522fcaa404fa55f0c3b821bac346129b254b60a72cc09493366d8499882874dcb797e8a81e39157f64539b73
-AUX qemu-2.7.0-CVE-2016-7994-2.patch 896 SHA256 c23fdfb127f60d24c4b56e7745463f5655ace7af9f5fa392544e7ce05a564c5d SHA512 4243d04a573ccee043911645e716a9c6f7e28858163b48ea58e7a9734d817ac9237c4866fce843dbe10fa996cdd5453f3b704509ff4761f2ec4531d9355cc7ce WHIRLPOOL c5f7b605f566f94ad170c4819c378f9a1e3ae2740130000d9bea4c741f29365a1b5a1f1d495646e866c39a18d7da1236d731861005099457e09bead9fffa8105
-AUX qemu-2.7.0-CVE-2016-8576.patch 2092 SHA256 dbe3ee6778cdd802fbd7d7cb2aa991cc73e6be160bad90f2e40de02ab820a865 SHA512 25daaa79f4cb355c5dce639a14c2e265142a0c83bdbc813816789f37e293846f3768f08b9f04f692ce5b8719dadd2dbedb75f314a3f441a70e0789ecc88eb8de WHIRLPOOL 25fc67d9dc8e8d8345778b46b16f9f7c5d6da39ebefea60ef81b20e4685014a019d4c39a6619dbf48411800ae9e9c383a7243fb055ea1f2bd0b2cb7e1a2c8d4e
-AUX qemu-2.7.0-CVE-2016-8577.patch 1020 SHA256 fbe7b6183f019ed6c8c6afeeed4854c23991d3f18501e8f3403df8812cefd420 SHA512 364434deb120856a114a94aaab2edbaf9e5f9246e6393f584949a6b706dbdc5b711f459a48e3825554e2fa9595a1aa78fee3711cfeba3b94219b4f47e269b2de WHIRLPOOL 561f7bd41f0ac439808070757cdff9f69f6a378fe6610269c32d600575ed60b22919f4d3ea08f621648dbf3e5e97290737005e9df5949bdeeba9319901cf427e
-AUX qemu-2.7.0-CVE-2016-8578.patch 2208 SHA256 9b0e7852aefeb3950de38babec7a30f3225342670a72160829baa5e50786bdef SHA512 326ec2112b1cbaa4b4ddcacc02f4accd5b73e78db07e93b229d891f4cbc8d5a2db82c727d920613abd1668402ffeb16a223d8271db569435966aaece271da875 WHIRLPOOL 88ca80aa1883813f1ec9c0802e830f719317130de6959df393188e4e82764125868baec038a1dac94eab33851706838d245b205edcbf8e1864ceb83257648b99
-AUX qemu-2.7.0-CVE-2016-8668.patch 1124 SHA256 26f16376a73bdf9052039d1bd90545b75cc8fb0a89e0bffbf5881b537319b759 SHA512 de4df82297d199cadafefd57bc895cdf21c5acb0e0a6223212272991b652c302475d8662fb013d6a3e949d2e57a14a0ac6d861f486de8b5130fd84d66957c899 WHIRLPOOL 3995164f25accfd5c837c85fbb590acd0b7effb08370a7d4c0cb03c042ee03b2b10ca9892bd50251d17a1ba2ffff1e7a04e918f4d4e1c85406df95a6802c03c2
-AUX qemu-2.7.0-CVE-2016-8669-1.patch 911 SHA256 ad841a34490a02123df31aef5a0b9d31912eec8465e0c5da7cf73dc880ffd8f4 SHA512 23a26716ea554d9af73afb08d3a3d1e668e23bc0710508196039454dfccbe3764feda63d901a9c053c52af92cd069f5a4f078efdc9924f6d3cfe6a21f9d287de WHIRLPOOL 412d7a4be19defa4a098fad6a66cadd7eca9cb5971828636dfd20a57b3eef09f3801660dbf507ac1ef0fa82f9f01583e9c5e2b1e45c016adb535cd951ff16eff
-AUX qemu-2.7.0-CVE-2016-8669-2.patch 1037 SHA256 176a35f5191023ad665cb4019663618d48948b174b16888776245d1a001ec186 SHA512 82a71c9566f37aceffbbaa45547bc686c028353a1845bd63e49550e71201921bc2fb9793077fc1fc74d77417da84dae71e0862243acbb3d900db258a343b8ede WHIRLPOOL f489c52bf2ca6e434695a5ca12af64a83e6534536c07b02c54f82c72e59e3f026e6a9fd9cec5eb62e2cf8d009f878ac1015f58d9f5ba725a03e1e194c4abc96c
-AUX qemu-2.7.0-CVE-2016-8909.patch 980 SHA256 989210bfac97091e67fbe973be7a6d8aa0e6411069904a07f7c57c67e8539bb8 SHA512 23a1cfa4f257e598152d92e11d94e88c52b3702aa585fba3a71340ee16dfbd29234d6e5c81613ea71b64cead8dcdbb536246096b1c374290aa39871daacb25af WHIRLPOOL 9909ed14f5fa4a1d2ea0f8bb13f5a0e08e2f7888078e1f5b4cfaf381ccabeac22c998c9785efee6a307dbeed45801d8354650c18c6920bfb13da030127d9da7e
-AUX qemu-2.7.0-CVE-2016-8910.patch 848 SHA256 919e566e98434486f89ecfc3158ccee59c5bbdf3848b2a668136901871f5f1ab SHA512 1f695ebc2f10b2cda5a9b93c097adb49858af94817c14a406c7d26edd42353c776b0afc4779bc1c6f930dadcf450906924f8080ca5c87eb7c7e6b5694464dc7e WHIRLPOOL 574900ab3eca13429769c7e2b56fd4e4b1220800b2e5bc933eef502c633614eab22cba6af4fdd1fd55e3a7e70d3d5ead1cb1970f8211b5f4fc43e3d782865f1b
-AUX qemu-2.7.0-CVE-2016-9102.patch 739 SHA256 ae425fbbaf6dedcf6eabe3d1f0bd300be70550f7bd77290536617372eed96766 SHA512 dbf40c7f0a055d10fbb5d02b21e8c3f62dc9bb2718639eb3dec007ba610aa0a045c1a449a7b3aa02a21056807a25d6e523eb782d79b2a249df1258af1dadefad WHIRLPOOL 89ea3815b9d744a98ff49df65a514a20966c7ada508e33dbc73704d60c75c48f6f544bf658180a2b73ca612bcc62e2e146b0efdbbc51456ba81518c5b28c80dc
-AUX qemu-2.7.0-CVE-2016-9103.patch 1002 SHA256 009696b3403c0481223fac6bc93976fc85727eeb0716a9e19545e8ac4da95e8d SHA512 0f47c2d13cbda36a7796773150865001060e4b530d76ca6b0c46d1041108a57830939b0dc7cdc960ccc705bcd463dd57505d748edf36610d7de2af2560e62597 WHIRLPOOL 8d4cb500025f59075a1038cefe0c8ccd063282527b35873cdd9d29ba58cdaa3fc285d5191657ecdef2b056a017f89d8f66f4a544f201e5952426d6dd619b23ba
-AUX qemu-2.7.0-CVE-2016-9104.patch 2890 SHA256 7ba38b43519eb8f9c8c70daaa1705c01a331cbb98b4d4f8eeed31da207f3a13b SHA512 7f6d84f12e8372b72fe4db8e47064ecc7ea0698bb7c5dc0285316354461edb35e01ba76a6e16c1bf7e03d5f0070822f4bb61655e44af5536ee81970b4ff937e0 WHIRLPOOL 3f8e973cf28040422d25394b14f3b99894796b64408a3c15957d628d74076bc1e577ea2e2803e428d85b94607c74f81d23219d9487aa0085a80a2e89d78a5829
-AUX qemu-2.7.0-CVE-2016-9105.patch 610 SHA256 f4303796ece1e46f6e622e8cd0c9029daa0a6ed29ef630a0c64a5c595dbeb1b3 SHA512 1ab19ef861b6fe55017d02b7cbf24ad60776ed64e052d6e1b670c9aac7e312207718fcf601e9dba4bdd2c9104b9be25bcf0055b42e080b1f8abf9bc3f7db0b36 WHIRLPOOL 07fe76de2d2d68bcd091e90cc9578b17d5a8ad12ab316683d6e4badea443d08e08060a4e206f555c88b60b0a45f4ba49c9d11f42ee44b5b43200843c37329dad
-AUX qemu-2.7.0-CVE-2016-9106.patch 835 SHA256 594213b4200ae109dfbc6ec8e536d275d798c756a25e130a86972c514730f541 SHA512 6a3249f47fecdbe28eec496eb1284296d04d9e75efab21ab226d6ef2d5254bd85a44aa08879b1922682b65b5bce2e699ccaafa3a2b8b6f60ccbc84432bc599cd WHIRLPOOL b80c2787cbe71f416a7ea2aa39e800922b0a8a410eacb038d0163dfbb91f6a41cc2ae5afb010a7395ef17207e6b1acda34cddd9ff9d1ab035330ade6334e8b8c
-AUX qemu-2.7.0-configure-ifunc.patch 517 SHA256 40f6183f1f490216855e83cf03bf21ec8d23786acf83cda21292fea92776d898 SHA512 e34476b5fc5039091862dc9e93c47b69e203e7e394092e7e0bda467b7523e0b5b743c2c6eaf1f36fad3ee743278e321a50d356b6365e2340280556ca6d9b32ad WHIRLPOOL cb6f92a70f91557f14a0f6719d1b3a4dee9cfcb5c34aa897eee0ad48d13c45255252666d826ce00f3183da86b9b265e0dd93aa9b85210cde2a7ce3de56644e59
+AUX qemu-2.7.0-CVE-2016-8669-1.patch 1010 SHA256 3bc03869bede80013abb94ee029625a382c8059bc9474d9f6fd8e23840cff159 SHA512 53643363a470fba9b82c02b90f2573e45f59f5057993b2c15e1608916ece7f8582b4a84179e8ee70fcb8e3f3eb8a538a058401049ea38242bdb640c14ec54f7e WHIRLPOOL 873ed9b9784bb5757a07c1a494f70603cbe82751222d68a883327424e0d7e87d536400eca5fc7406080cbde2ab0a8fe0b3ee5c6dff81624db5d6d5964fec81be
AUX qemu-2.8.0-CVE-2016-10028.patch 1384 SHA256 25a9f2b2014bbcbb008683211503716a2b4a0e8d96ea001d32b87d451cee1842 SHA512 6cfad99e54cfaea97f5c14fbbfe35768a8ea46196117bf770725e1079f9bccca3b7071416a14e60a36c3c919760ab49663fc8b551026c8cd58c10b3f2d7940b4 WHIRLPOOL 5c0c8350112cb63c8b3db7a15a9090cd2fba879317565b108285fd92c23a8b75a593a65d94b6e448086b126a735056065d07c1877abdb6815ebaa430cf4adabf
+AUX qemu-2.8.0-CVE-2016-10155.patch 1558 SHA256 53c20d983847a716f3f708c50ffbeb9d44fd8718f39d86556ae44394d1b2a624 SHA512 4ebfba87927c9f58fe1a0aa05b5850d391698617ce7c3e002d3adfd981ed8c23d35a6863e14f52264576dda31f84dc25421d2f930547f82ccfde126137d91aea WHIRLPOOL 44366afdf52eed47c28a6e9cec1ee7c613b5bac6441cf4f7bf29b30ef6ec7504e72a2d8c873a949e46f1cfd3055a407b673d6151802ab3c957cde8faaed20903
AUX qemu-2.8.0-CVE-2016-9908.patch 1166 SHA256 22ef4999a3daf3c46a3c90ca20fb131545d4d0befeff7c3ca870585a3e03b7b7 SHA512 c46abda3a5b1a68c7c2e5236f8e424f4569a28ba2aea9b8ec32467e55b535492da6e4702d4758a5721f1bf222f7f2554a5e4c9a190781d60c40202a5291dcf49 WHIRLPOOL aa8087350770ecbb60049e3269ddf9d68258657ef6a088b562e344056689e578a390328dde9c5d2b5024e7fa03995b571295a1d64943d9b3882cf0c5f833dbd8
AUX qemu-2.8.0-CVE-2016-9912.patch 1307 SHA256 e3eac321492a9ef42d88b04877511255c3731a9bb029d7c6ab2da0aa8f09e2d8 SHA512 f9ba4f167334d9b934c37fbed21ded8b3d71e5bdbdb1f15f81d4423b0790bfa127637155d5863b563fa974f1421c4ace1f2a4e3e81e3ae3d6045b2083210b103 WHIRLPOOL 7aa8dab7b6462f142365d274e6131ca1630c396e36c851cb562c081c4243c58e2ae22cf682e51145af08befcaba395254c765cf56112a6c177e1c9a18ffb5926
+AUX qemu-2.8.0-CVE-2017-2615.patch 1720 SHA256 33f3f81ff8e5dacfc4f33dd48bd7833843c209f6d2bd5b3102cc5694ad85a593 SHA512 32063428286a49a12daa481ba87f1b09be6504bf24c5759aacf88ef436312a890dfe44d08457d8b426f86ce7680700d32fb21a255a6db8eb512e612c16770d36 WHIRLPOOL 9f1eed6c6c3eeb1e8991d1aa82e12a004c223bdd635ec48e433ca93d054aa3dfb5986fe01e36df157ef20c685e07595eebdf5fe16ed7cf9034e1c9ddf8304dbb
+AUX qemu-2.8.0-CVE-2017-5525-1.patch 1625 SHA256 88e253c306761017d66dca5b72184f89cebf3b617db7bc0e4b27025757a66181 SHA512 a7f82374ec4e264b065be7ba63c197d93fee230d68819bf68a0a67c84f89182d0cc0a42b9aadf53a8a903d640dacc55392174c7820379e92ad0e35c86c35a2dd WHIRLPOOL 63e192dc0e075139f18aee2d0541c75021852a7d7251321ca8fe7f9b793c72786a6aab878e308931289eab3c07c3cbbc8ad32b67de1193f85b672e16a8372495
+AUX qemu-2.8.0-CVE-2017-5525-2.patch 1664 SHA256 ab03a1cff62164090133f0dbace9724302e806a808b18d64628d12f0bd9abad6 SHA512 ac1d89331c3fc4d0ef7af411a12654329057676e9f016cb9a4a46dc9b4e01092c17af33d095f3104e71094ae585a35a8276a98560dd97f8d045e0b9fd2f0069f WHIRLPOOL 20457d7fe5b3842c0c601068dba410586fc4b4c7fce81ba3ee436a6cfec3b1b950797d6ca9a2a573fef21a29421f8c04a34d1dfefe0b7ade03a6ca51d16d99cb
+AUX qemu-2.8.0-CVE-2017-5552.patch 1481 SHA256 26616f16434b3aff65b1cd1ce82c6abdfbd44da8a047a5a32b1e07755c9a3e1b SHA512 3c3f5027be3bfe56c1445004bd28536e11f606cc6787fcefad3da267eb3e11b61110c8a4700fd9d6f95ce50f10a2678b2bc6f950297b949b837882a68901d6e5 WHIRLPOOL ca93726b8a0567f68fac634eef1e88c997c1e959cafb33bc6ba8871d9021591bb61be6b3635d3fac111e1e177dbbff939c93580d7f0824e752b378dbc38fbc45
+AUX qemu-2.8.0-CVE-2017-5578.patch 1084 SHA256 a7639fc84377b23ebc55dbb1c6d8c53bb2e6230be03b2efba78108257058d8b4 SHA512 8d160d56a94ec9380640badcab29fdd05f2f665377febd1b7e71a9c619d9db963eaa74cf74a2e0287fd2f6e2a7d4bce0f8e4281b3b0292347eece52b7344243b WHIRLPOOL efd3238bf720a1051a41ea621601afeea7546cc7e48d4a7f23bc0b3277bee368bb259a2735e6290b4609e78a1e54e29fe1ba7b088824284787faddc84491d876
+AUX qemu-2.8.0-CVE-2017-5579.patch 1132 SHA256 df32524c24aa4d7d9166bb5e159ba10023c7777b9583e920bd8590feec433580 SHA512 d4669821ae8e06a31b852a31699aa26421ce5fb6c049573cb6613515da486e390d8ddf71adb4e6c1a45a15bb468bbb45df68cbf5e9388660c9c03866becb9edd WHIRLPOOL 0d5ed483c6e3f849fc4b9568a3af4c086258ef1162a4e11baa65bcf35eeb8a505c8b7de935175fdc53e7284e23eb492a95326cdea6c690283085136cb02d3b7a
+AUX qemu-2.8.0-CVE-2017-5667.patch 1497 SHA256 e05e21c45d8c05392215db0bff3e161c68d64b0b9e42add18307346b3a4d4bc3 SHA512 7c518736ac09d6c37fd359a8a503713f1b76d6041038f58e7648bb69251d6039c3449593eb14a5e0f2649d12856964a42d48e4ee0bb9dc664ada2852f9ea3cbd WHIRLPOOL 0e74b2671f148fa9f31674e6dd80634064fb8d24be474eaf9ea1efcb6cf427314da75187a32eed874ea4bde19e8dfc4562d5af06893ce3beeef7de8f902dd698
+AUX qemu-2.8.0-CVE-2017-5856.patch 2224 SHA256 92ddbba8c0d21bdae5b11ae064c21da939cbbb1fd0e6aa10477efced6bf9582f SHA512 7e043d8299d67d33c12bf5591f0881029013852df2243c2ea747fc6c4d1d6c0acffbaef7538634a60f8f875da94bb71db3e3a07972de066b7ac5d49e4d3cb906 WHIRLPOOL b5f38b059e4305b352e3807c2b7762fe856d1067431452fbbf991415ad17f25d152225d9e0ea61b5e8175e42abebbb2abdd85ac37f301ac123f81af822ff2f02
+AUX qemu-2.8.0-CVE-2017-5857.patch 1326 SHA256 e2150a7cc92b72e3f20506b9c76b40599af8d2366d25bd9b245a0bffa66ad8eb SHA512 d6d000b57f1fb194f9554165621109b364ebdb61416bc07e2283f2d493c33e770d1b63002d62565aae1ac19ed0ad9e572c207341aa1ad023581f349f62158d30 WHIRLPOOL cbe84c67ba9bb368baf2b1842e8c7c1ee3fb720630bcd53fdbdef9e8f3efdb25c1a927d0f65c9d1f6def28defe6997943a7867e8225eb12e395a0811ad3e32a1
+AUX qemu-2.8.0-CVE-2017-5898.patch 1412 SHA256 7f44668d51a94d19fcca0f496d8ac798fd654afe25d2998f7d07a148a836ade9 SHA512 2cd9af4957849a5d72dc0f0fbb30852870306ebc0a348cf5951df58d3029d1aae52df9261d2e4a9d7a4f132f78c390af8a049e1f109b324899bccd91e5c10d1f WHIRLPOOL c48e1fe163761880adab990683dc5d54ee31173763f11239ffee7c229bd65a2958a696dede39e7e645860980e2a7c5c6e5873e5db53872ac373d8d2415a167ab
+AUX qemu-2.8.0-CVE-2017-5931.patch 1696 SHA256 cdb1ea1306bf00042f13637eef78d3580e34b88c11716e62fad69931eb3d7ac6 SHA512 5b9a00f0964b153df7630655480b646e6615e831fd981642987d8691e9ddd265f64285d0e70c4f536bb370adb03a75548f7258bee8dbc2b7de15a3984fc8421b WHIRLPOOL c6d9440adf57ad1b560da03a455d9bdc3094c952f3c82a5e88fa6f2d0336ab767f0617b2916b68a5e3f5d30293749be40c12dfe93e8b7525fec9b8a453a65123
AUX qemu-2.8.0-F_SHLCK-and-F_EXLCK.patch 574 SHA256 d02353daa0ecfe161e938a5e54feab641b901f4a35c8f5831133676a6f53f43f SHA512 6b64750335aae1142ca9132fb766ac2aaeacfcdda0aa0cfca19afc4c3ea3806e30ce603fcec3767e40e84efb0ae8b9a23f21d46c807c13bb646be74f99e13389 WHIRLPOOL 7401c3daf162c71a5a5c3729855fddb5df95609b34c86ea0f4d872c8f132d6ac089cfb35a990af70aef8b7b63fe075a1e2be376b6db09bc70e8d51e48aded354
AUX qemu-binfmt.initd-r1 7966 SHA256 5b4b432aa1e44f387c9eb789de0ec6322741fd36dd241f76520f17c6cd6ac49b SHA512 2ba0bff6eb2b6bac4ed440f793771ce9551cad48e38bddb6cf04f804faac2407e80879f66771910344ddcea45f0014095dcc8bfeb0aad5085ef048fd3612dbd8 WHIRLPOOL a2a1fb830a970757d1e203378c7d382b161b1040f3b8aaf0f22bb3b5e46467eff395474ff40d93c9f133bab307b345a6f75d63eae9f8dd8daf67324db41032f9
-DIST qemu-2.7.0.tar.bz2 26867760 SHA256 326e739506ba690daf69fc17bd3913a6c313d9928d743bd8eddb82f403f81e53 SHA512 654acaa7b3724a288e5d7e2a26ab780d9c9ed9f647fba00a906cbaffbe9d58fd666f2d962514aa2c5b391b4c53811ac3170d2eb51727f090bd19dfe45ca9a9db WHIRLPOOL dcb3e5f7da89dd8e14d636d7ebd476e076e0043880bb9ea3fb1c03cb4bcd4e5c7d3c4719da26c3ce521e3a3db5ae671e86f198ac1bc3474e774d75504fef8b8d
-DIST qemu-2.7.1.tar.bz2 26868403 SHA256 68636788eb69bcb0b44ba220b32b50495d6bd5712a934c282217831c4822958f SHA512 16a83946e9064733254c82c961749bf9c56a0a2a8ee46145b4a78e1452ac0e2548d888963d18c80e28f65202890fd643b0011951b5b1c66ef16234767ed91898 WHIRLPOOL ae3d3c2b2a3700613733659847de6187755631cb09e8c3548ea30cd994357c9ff128646edce88dfe4dce53e6c1c0f37f8de3688ee7e22262033b40f3fc706efa
DIST qemu-2.8.0.tar.bz2 28368517 SHA256 dafd5d7f649907b6b617b822692f4c82e60cf29bc0fc58bc2036219b591e5e62 SHA512 50f2988d822388ba9fd1bf5dbe68359033ed7432d7f0f9790299f32f63faa6dc72979256b5632ba572d47ee3e74ed40e3e8e331dc6303ec1599f1b4367cb78c2 WHIRLPOOL 0ce4e0539657eb832e4039819e7360c792b6aa41c718f0e0d762f4933217f0d370af94b1d6d9776853575b4a6811d8c85db069bf09d21bd15399ac8b50440ff5
-EBUILD qemu-2.7.0-r7.ebuild 22495 SHA256 a606d5b6805d24191245b4191c1f62a09096d8ee283c62629f038851b4c8e6c5 SHA512 c45e516c4c45b5a1eaec06d046cebf129f1422c2d5910699c0a367a4c8c7d49e323a6addc765e1ec57209df12270e196169e52a7618afef28019be06feff70ea WHIRLPOOL 94ae6ab13fc03450ce5b6b0e5840e488401116d6bf60ec411cc01f39f2d10931bd65572f25bdf958e9f94bb4f6582795018039b5b4c988fa3bd5dee928014c65
-EBUILD qemu-2.7.1.ebuild 22161 SHA256 a7d2ff5c706a35a1b2c5610866215a5db04674ce68fb01e3e076b68839dcafd8 SHA512 7d30615832f2fecf89b472c4ea56446335176a330a7d64693ed7cc9becd47a1f40064fca191467deb8603116b4f69307d7968971c9b3845356b8b8d4cf053472 WHIRLPOOL 23bda8ca28ff8620739c604289a0d81ec4d16c1908b8c02df7833f9c0d98f698922650636456ac0bcc285357836af23ffd28bf3b8c2653a690a86fa5ae662a61
-EBUILD qemu-2.8.0.ebuild 20949 SHA256 468944f9506df374711bdc5e87fcd2bcc2b823061b23ab8561642c41755e510a SHA512 d3f7cefab4fe282c72f30e1c2232eca7faac63c2b4d4172cc5b9f8ccb43ee2eb7a5602ba895c4ee5221f8cccfe62b89dc65cedb7e6932b696952be7f2052605b WHIRLPOOL 50c2b17b13715a0750bc48ff24fd71ddc13a5af1a7f2f2de5edde261f4d9c3a7ccc07c665385c444183743610f85bd6cc623e57e322e85e19f8ce3b874ca093e
-MISC metadata.xml 3925 SHA256 d1c219b7da0cbf77919cd1e055acbb3f6788a574fd802c98a43c89a411697b36 SHA512 3ff45d1c8ede12b4eedc7d01f39777b76a1cbd0ba9364299dec99d4b4a05cade5784d6f6e50197d5b5ae1f1b8e831c49da195eb53263c49b7d16aec8ee28b6e6 WHIRLPOOL bc25783fac0f3f13318834cc535404af9af20de16c7aeec222e59dc2ed7740ac5e767b329a5bcd6356d0cbae2428e278515f1446aa8ecb87a873bf4dbe04bf41
+EBUILD qemu-2.8.0-r1.ebuild 21623 SHA256 6e5cf2427f830d730b93ef0526ceaf126af7513ed011d7ee3cf192ba7687e837 SHA512 03f49ad75e1fb4f43811624d7b8cd6b82a012b6a32f74f371421d246962cea88d2a498a664b659bbe1bda6cff9a9da43e550e7d4c71a55a5a2110a4b5b8c7462 WHIRLPOOL 06a247c8306de45b424266661797b4a64339daf4b8177c9eefb707bab06d497cb5410c59c9a89b0693cb14fd5ac293b537e81cf3da24b2be711d9db8fa3a0a9d
+EBUILD qemu-2.8.0.ebuild 20856 SHA256 5cf0517d3327eac95727067f80702639132b87603029951ef2db8086f6fd34ae SHA512 10bcdad90a85786f0d2e4044be010e5d87f54fd0710c889205060e1404e5a24004e0095d7d3ee0f62735e3ab88d2af5986d371769125b13ffc5689edc5a95be8 WHIRLPOOL af455544650a9c0cb4bc2be588e3687dea90d14bbc3dad1aa76bcf65376317b85374151eee761239868b3ce8aaae089e4278b3897e5f013e4652c6801c66c9b6
+MISC metadata.xml 3854 SHA256 326fc14b3867842cc40bc364d91e2ca60ca63651e4a17040254166fa09cec04a SHA512 2e3bbdf84b7b03aedc43621b47e02b8da242fda917dcdf4b2d7532210aaa79c6fbea52a6b8157cdf90cd1e4e282610c0254b96a7a14b285e910d61203acd6461 WHIRLPOOL 539ca48b54055e594e16b76341879540d4f302d502c39d1901ed4fd7cc80b186ba29845759d02c60bf4560b8b14ec4fa40869d341e432a025dc792fb38f8eae1
diff --git a/app-emulation/qemu/files/qemu-2.0.0-F_SHLCK-and-F_EXLCK.patch b/app-emulation/qemu/files/qemu-2.0.0-F_SHLCK-and-F_EXLCK.patch
deleted file mode 100644
index fb5ad59..0000000
--- a/app-emulation/qemu/files/qemu-2.0.0-F_SHLCK-and-F_EXLCK.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-Copied from Alpine Linux
-
-This patch was not upstreamed to qemu as those should probably be
-defined in musl libc.
-
-diff --git a/linux-user/syscall.c b/linux-user/syscall.c
-index c8989b6..00ed747 100644
---- a/linux-user/syscall.c
-+++ b/linux-user/syscall.c
-@@ -114,6 +114,13 @@ int __clone2(int (*fn)(void *), void *child_stack_base,
-
- #include "qemu.h"
-
-+#ifndef F_SHLCK
-+#define F_SHLCK 8
-+#endif
-+#ifndef F_EXLCK
-+#define F_EXLCK 4
-+#endif
-+
- #define CLONE_NPTL_FLAGS2 (CLONE_SETTLS | \
- CLONE_PARENT_SETTID | CLONE_CHILD_SETTID | CLONE_CHILD_CLEARTID)
-
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-6836.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-6836.patch
deleted file mode 100644
index 56f7435..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-6836.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From: Li Qiang <address@hidden>
-
-In Vmxnet3 device emulator while processing transmit(tx) queue,
-when it reaches end of packet, it calls vmxnet3_complete_packet.
-In that local 'txcq_descr' object is not initialised, which could
-leak host memory bytes a guest.
-
-Reported-by: Li Qiang <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/net/vmxnet3.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
-index 90f6943..92f6af9 100644
---- a/hw/net/vmxnet3.c
-+++ b/hw/net/vmxnet3.c
-@@ -531,6 +531,7 @@ static void vmxnet3_complete_packet(VMXNET3State *s, int qidx, uint32_t tx_ridx)
-
- VMXNET3_RING_DUMP(VMW_RIPRN, "TXC", qidx, &s->txq_descr[qidx].comp_ring);
-
-+ memset(&txcq_descr, 0, sizeof(txcq_descr));
- txcq_descr.txdIdx = tx_ridx;
- txcq_descr.gen = vmxnet3_ring_curr_gen(&s->txq_descr[qidx].comp_ring);
-
---
-2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7155.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7155.patch
deleted file mode 100644
index 495faf2..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7155.patch
+++ /dev/null
@@ -1,81 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-Vmware Paravirtual SCSI emulation uses command descriptors to
-process SCSI commands. These descriptors come with their ring
-buffers. A guest could set the page count for these rings to
-an arbitrary value, leading to infinite loop or OOB access.
-Add check to avoid it.
-
-Reported-by: Tom Victor <address@hidden>
-Reported-by: Li Qiang <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/scsi/vmw_pvscsi.c | 21 ++++++++++-----------
- 1 file changed, 10 insertions(+), 11 deletions(-)
-
-Update per review
- -> https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg00019.html
-
-diff --git a/hw/scsi/vmw_pvscsi.c b/hw/scsi/vmw_pvscsi.c
-index 5116f4a..4245c15 100644
---- a/hw/scsi/vmw_pvscsi.c
-+++ b/hw/scsi/vmw_pvscsi.c
-@@ -152,7 +152,7 @@ pvscsi_log2(uint32_t input)
- return log;
- }
-
--static int
-+static void
- pvscsi_ring_init_data(PVSCSIRingInfo *m, PVSCSICmdDescSetupRings *ri)
- {
- int i;
-@@ -160,10 +160,6 @@ pvscsi_ring_init_data(PVSCSIRingInfo *m, PVSCSICmdDescSetupRings *ri)
- uint32_t req_ring_size, cmp_ring_size;
- m->rs_pa = ri->ringsStatePPN << VMW_PAGE_SHIFT;
-
-- if ((ri->reqRingNumPages > PVSCSI_SETUP_RINGS_MAX_NUM_PAGES)
-- || (ri->cmpRingNumPages > PVSCSI_SETUP_RINGS_MAX_NUM_PAGES)) {
-- return -1;
-- }
- req_ring_size = ri->reqRingNumPages * PVSCSI_MAX_NUM_REQ_ENTRIES_PER_PAGE;
- cmp_ring_size = ri->cmpRingNumPages * PVSCSI_MAX_NUM_CMP_ENTRIES_PER_PAGE;
- txr_len_log2 = pvscsi_log2(req_ring_size - 1);
-@@ -195,8 +191,6 @@ pvscsi_ring_init_data(PVSCSIRingInfo *m, PVSCSICmdDescSetupRings *ri)
-
- /* Flush ring state page changes */
- smp_wmb();
--
-- return 0;
- }
-
- static int
-@@ -746,7 +740,7 @@ pvscsi_dbg_dump_tx_rings_config(PVSCSICmdDescSetupRings *rc)
-
- trace_pvscsi_tx_rings_num_pages("Confirm Ring", rc->cmpRingNumPages);
- for (i = 0; i < rc->cmpRingNumPages; i++) {
-- trace_pvscsi_tx_rings_ppn("Confirm Ring", rc->reqRingPPNs[i]);
-+ trace_pvscsi_tx_rings_ppn("Confirm Ring", rc->cmpRingPPNs[i]);
- }
- }
-
-@@ -779,10 +773,15 @@ pvscsi_on_cmd_setup_rings(PVSCSIState *s)
-
- trace_pvscsi_on_cmd_arrived("PVSCSI_CMD_SETUP_RINGS");
-
-+ if (!rc->reqRingNumPages
-+ || rc->reqRingNumPages > PVSCSI_SETUP_RINGS_MAX_NUM_PAGES
-+ || !rc->cmpRingNumPages
-+ || rc->cmpRingNumPages > PVSCSI_SETUP_RINGS_MAX_NUM_PAGES) {
-+ return PVSCSI_COMMAND_PROCESSING_FAILED;
-+ }
-+
- pvscsi_dbg_dump_tx_rings_config(rc);
-- if (pvscsi_ring_init_data(&s->rings, rc) < 0) {
-- return PVSCSI_COMMAND_PROCESSING_FAILED;
-- }
-+ pvscsi_ring_init_data(&s->rings, rc);
-
- s->rings_info_valid = TRUE;
- return PVSCSI_COMMAND_PROCESSING_SUCCEEDED;
---
-2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7156.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7156.patch
deleted file mode 100644
index 9c21a67..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7156.patch
+++ /dev/null
@@ -1,62 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-In PVSCSI paravirtual SCSI bus, pvscsi_convert_sglist can take a very
-long time or go into an infinite loop due to two different bugs:
-
-1) the request descriptor data length is defined to be 64 bit. While
-building SG list from a request descriptor, it gets truncated to 32bit
-in routine 'pvscsi_convert_sglist'. This could lead to an infinite loop
-situation for large 'dataLen' values, when data_length is cast to uint32_t
-and chunk_size becomes always zero. Fix this by removing the incorrect
-cast.
-
-2) pvscsi_get_next_sg_elem can be called arbitrarily many times if the
-element has a zero length. Get out of the loop early when this happens,
-by introducing an upper limit on the number of SG list elements.
-
-Reported-by: Li Qiang <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/scsi/vmw_pvscsi.c | 11 ++++++-----
- 1 file changed, 6 insertions(+), 5 deletions(-)
-
-Update as per:
- -> https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg01172.html
-
-diff --git a/hw/scsi/vmw_pvscsi.c b/hw/scsi/vmw_pvscsi.c
-index 4245c15..babac5a 100644
---- a/hw/scsi/vmw_pvscsi.c
-+++ b/hw/scsi/vmw_pvscsi.c
-@@ -40,6 +40,8 @@
- #define PVSCSI_MAX_DEVS (64)
- #define PVSCSI_MSIX_NUM_VECTORS (1)
-
-+#define PVSCSI_MAX_SG_ELEM 2048
-+
- #define PVSCSI_MAX_CMD_DATA_WORDS \
- (sizeof(PVSCSICmdDescSetupRings)/sizeof(uint32_t))
-
-@@ -628,17 +630,16 @@ pvscsi_queue_pending_descriptor(PVSCSIState *s, SCSIDevice **d,
- static void
- pvscsi_convert_sglist(PVSCSIRequest *r)
- {
-- int chunk_size;
-+ uint32_t chunk_size, elmcnt = 0;
- uint64_t data_length = r->req.dataLen;
- PVSCSISGState sg = r->sg;
-- while (data_length) {
-- while (!sg.resid) {
-+ while (data_length && elmcnt < PVSCSI_MAX_SG_ELEM) {
-+ while (!sg.resid && elmcnt++ < PVSCSI_MAX_SG_ELEM) {
- pvscsi_get_next_sg_elem(&sg);
- trace_pvscsi_convert_sglist(r->req.context, r->sg.dataAddr,
- r->sg.resid);
- }
-- assert(data_length > 0);
-- chunk_size = MIN((unsigned) data_length, sg.resid);
-+ chunk_size = MIN(data_length, sg.resid);
- if (chunk_size) {
- qemu_sglist_add(&r->sgl, sg.dataAddr, chunk_size);
- }
---
-2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7157-1.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7157-1.patch
deleted file mode 100644
index 480de30..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7157-1.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-When LSI SAS1068 Host Bus emulator builds configuration page
-headers, the format string used in 'mptsas_config_manufacturing_1'
-was wrong. It could lead to an invalid memory access.
-
-Reported-by: Tom Victor <address@hidden>
-Fix-suggested-by: Paolo Bonzini <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/scsi/mptconfig.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/hw/scsi/mptconfig.c b/hw/scsi/mptconfig.c
-index 7071854..1ec895b 100644
---- a/hw/scsi/mptconfig.c
-+++ b/hw/scsi/mptconfig.c
-@@ -203,7 +203,7 @@ size_t mptsas_config_manufacturing_1(MPTSASState *s, uint8_t **data, int address
- {
- /* VPD - all zeros */
- return MPTSAS_CONFIG_PACK(1, MPI_CONFIG_PAGETYPE_MANUFACTURING, 0x00,
-- "s256");
-+ "*s256");
- }
-
- static
---
-2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7157-2.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7157-2.patch
deleted file mode 100644
index 5e79608..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7157-2.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-When LSI SAS1068 Host Bus emulator builds configuration page
-headers, mptsas_config_pack() asserts to check returned size
-value is within limit of 256 bytes. Fix that assert expression.
-
-Suggested-by: Paolo Bonzini <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/scsi/mptconfig.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/hw/scsi/mptconfig.c b/hw/scsi/mptconfig.c
-index 1ec895b..531947f 100644
---- a/hw/scsi/mptconfig.c
-+++ b/hw/scsi/mptconfig.c
-@@ -158,7 +158,7 @@ static size_t mptsas_config_pack(uint8_t **data, const char *fmt, ...)
- va_end(ap);
-
- if (data) {
-- assert(ret < 256 && (ret % 4) == 0);
-+ assert(ret / 4 < 256);
- stb_p(*data + 1, ret / 4);
- }
- return ret;
---
-2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7170.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7170.patch
deleted file mode 100644
index 7eb5f76..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7170.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-When processing svga command DEFINE_CURSOR in vmsvga_fifo_run,
-the computed BITMAP and PIXMAP size are checked against the
-'cursor.mask[]' and 'cursor.image[]' array sizes in bytes.
-Correct these checks to avoid OOB memory access.
-
-Reported-by: Qinghao Tang <address@hidden>
-Reported-by: Li Qiang <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/display/vmware_vga.c | 12 +++++++-----
- 1 file changed, 7 insertions(+), 5 deletions(-)
-
-diff --git a/hw/display/vmware_vga.c b/hw/display/vmware_vga.c
-index e51a05e..6599cf0 100644
---- a/hw/display/vmware_vga.c
-+++ b/hw/display/vmware_vga.c
-@@ -676,11 +676,13 @@ static void vmsvga_fifo_run(struct vmsvga_state_s *s)
- cursor.bpp = vmsvga_fifo_read(s);
-
- args = SVGA_BITMAP_SIZE(x, y) + SVGA_PIXMAP_SIZE(x, y, cursor.bpp);
-- if (cursor.width > 256 ||
-- cursor.height > 256 ||
-- cursor.bpp > 32 ||
-- SVGA_BITMAP_SIZE(x, y) > sizeof cursor.mask ||
-- SVGA_PIXMAP_SIZE(x, y, cursor.bpp) > sizeof cursor.image) {
-+ if (cursor.width > 256
-+ || cursor.height > 256
-+ || cursor.bpp > 32
-+ || SVGA_BITMAP_SIZE(x, y)
-+ > sizeof(cursor.mask) / sizeof(cursor.mask[0])
-+ || SVGA_PIXMAP_SIZE(x, y, cursor.bpp)
-+ > sizeof(cursor.image) / sizeof(cursor.image[0])) {
- goto badcmd;
- }
-
---
-2.5.5
-
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7421.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7421.patch
deleted file mode 100644
index b9f3545..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7421.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-Vmware Paravirtual SCSI emulator while processing IO requests
-could run into an infinite loop if 'pvscsi_ring_pop_req_descr'
-always returned positive value. Limit IO loop to the ring size.
-
-Cc: address@hidden
-Reported-by: Li Qiang <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
-Message-Id: <address@hidden>
-Signed-off-by: Paolo Bonzini <address@hidden>
----
- hw/scsi/vmw_pvscsi.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/hw/scsi/vmw_pvscsi.c b/hw/scsi/vmw_pvscsi.c
-index babac5a..a5ce7de 100644
---- a/hw/scsi/vmw_pvscsi.c
-+++ b/hw/scsi/vmw_pvscsi.c
-@@ -247,8 +247,11 @@ static hwaddr
- pvscsi_ring_pop_req_descr(PVSCSIRingInfo *mgr)
- {
- uint32_t ready_ptr = RS_GET_FIELD(mgr, reqProdIdx);
-+ uint32_t ring_size = PVSCSI_MAX_NUM_PAGES_REQ_RING
-+ * PVSCSI_MAX_NUM_REQ_ENTRIES_PER_PAGE;
-
-- if (ready_ptr != mgr->consumed_ptr) {
-+ if (ready_ptr != mgr->consumed_ptr
-+ && ready_ptr - mgr->consumed_ptr < ring_size) {
- uint32_t next_ready_ptr =
- mgr->consumed_ptr++ & mgr->txr_len_mask;
- uint32_t next_ready_page =
---
-1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7422.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7422.patch
deleted file mode 100644
index 6368e7f..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7422.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-virtio back end uses set of buffers to facilitate I/O operations.
-If its size is too large, 'cpu_physical_memory_map' could return
-a null address. This would result in a null dereference
-while un-mapping descriptors. Add check to avoid it.
-
-Reported-by: Qinghao Tang <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/virtio/virtio.c | 10 ++++++----
- 1 file changed, 6 insertions(+), 4 deletions(-)
-
-diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
-index 15ee3a7..0a4c5b6 100644
---- a/hw/virtio/virtio.c
-+++ b/hw/virtio/virtio.c
-@@ -472,12 +472,14 @@ static void virtqueue_map_desc(unsigned int *p_num_sg, hwaddr *addr, struct iove
- }
-
- iov[num_sg].iov_base = cpu_physical_memory_map(pa, &len, is_write);
-- iov[num_sg].iov_len = len;
-- addr[num_sg] = pa;
-+ if (iov[num_sg].iov_base) {
-+ iov[num_sg].iov_len = len;
-+ addr[num_sg] = pa;
-
-+ pa += len;
-+ num_sg++;
-+ }
- sz -= len;
-- pa += len;
-- num_sg++;
- }
- *p_num_sg = num_sg;
- }
---
-2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7423.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7423.patch
deleted file mode 100644
index fdd871b..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7423.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From: Li Qiang <address@hidden>
-
-When processing IO request in mptsas, it uses g_new to allocate
-a 'req' object. If an error occurs before 'req->sreq' is
-allocated, It could lead to an OOB write in mptsas_free_request
-function. Use g_new0 to avoid it.
-
-Reported-by: Li Qiang <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
-Message-Id: <address@hidden>
-Cc: address@hidden
-Signed-off-by: Paolo Bonzini <address@hidden>
----
- hw/scsi/mptsas.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/hw/scsi/mptsas.c b/hw/scsi/mptsas.c
-index 0e0a22f..eaae1bb 100644
---- a/hw/scsi/mptsas.c
-+++ b/hw/scsi/mptsas.c
-@@ -304,7 +304,7 @@ static int mptsas_process_scsi_io_request(MPTSASState *s,
- goto bad;
- }
-
-- req = g_new(MPTSASRequest, 1);
-+ req = g_new0(MPTSASRequest, 1);
- QTAILQ_INSERT_TAIL(&s->pending, req, next);
- req->scsi_io = *scsi_io;
- req->dev = s;
---
-1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7466.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7466.patch
deleted file mode 100644
index d5028bb..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7466.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From: Li Qiang <address@hidden>
-
-If the xhci uses msix, it doesn't free the corresponding
-memory, thus leading a memory leak. This patch avoid this.
-
-Signed-off-by: Li Qiang <address@hidden>
----
- hw/usb/hcd-xhci.c | 3 +--
- 1 file changed, 1 insertion(+), 2 deletions(-)
-
-diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
-index 188f954..281a2a5 100644
---- a/hw/usb/hcd-xhci.c
-+++ b/hw/usb/hcd-xhci.c
-@@ -3709,8 +3709,7 @@ static void usb_xhci_exit(PCIDevice *dev)
- /* destroy msix memory region */
- if (dev->msix_table && dev->msix_pba
- && dev->msix_entry_used) {
-- memory_region_del_subregion(&xhci->mem, &dev->msix_table_mmio);
-- memory_region_del_subregion(&xhci->mem, &dev->msix_pba_mmio);
-+ msix_uninit(dev, &xhci->mem, &xhci->mem);
- }
-
- usb_bus_release(&xhci->bus);
---
-1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7907.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7907.patch
deleted file mode 100644
index 34b095a..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7907.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-i.MX Fast Ethernet Controller uses buffer descriptors to manage
-data flow to/fro receive & transmit queues. While transmitting
-packets, it could continue to read buffer descriptors if a buffer
-descriptor has length of zero and has crafted values in bd.flags.
-Set an upper limit to number of buffer descriptors.
-
-Reported-by: Li Qiang <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/net/imx_fec.c | 6 ++++--
- 1 file changed, 4 insertions(+), 2 deletions(-)
-
-Update per
- -> https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg05284.html
-
-diff --git a/hw/net/imx_fec.c b/hw/net/imx_fec.c
-index 1c415ab..1d74827 100644
---- a/hw/net/imx_fec.c
-+++ b/hw/net/imx_fec.c
-@@ -220,6 +220,8 @@ static const VMStateDescription vmstate_imx_eth = {
- #define PHY_INT_PARFAULT (1 << 2)
- #define PHY_INT_AUTONEG_PAGE (1 << 1)
-
-+#define IMX_MAX_DESC 1024
-+
- static void imx_eth_update(IMXFECState *s);
-
- /*
-@@ -402,12 +404,12 @@ static void imx_eth_update(IMXFECState *s)
-
- static void imx_fec_do_tx(IMXFECState *s)
- {
-- int frame_size = 0;
-+ int frame_size = 0, descnt = 0;
- uint8_t frame[ENET_MAX_FRAME_SIZE];
- uint8_t *ptr = frame;
- uint32_t addr = s->tx_descriptor;
-
-- while (1) {
-+ while (descnt++ < IMX_MAX_DESC) {
- IMXFECBufDesc bd;
- int len;
-
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7908.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7908.patch
deleted file mode 100644
index 16d072f..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7908.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-From 070c4b92b8cd5390889716677a0b92444d6e087a Mon Sep 17 00:00:00 2001
-From: Prasad J Pandit <pjp@fedoraproject.org>
-Date: Thu, 22 Sep 2016 16:02:37 +0530
-Subject: [PATCH] net: mcf: limit buffer descriptor count
-
-ColdFire Fast Ethernet Controller uses buffer descriptors to manage
-data flow to/fro receive & transmit queues. While transmitting
-packets, it could continue to read buffer descriptors if a buffer
-descriptor has length of zero and has crafted values in bd.flags.
-Set upper limit to number of buffer descriptors.
-
-Reported-by: Li Qiang <liqiang6-s@360.cn>
-Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
-Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
-Signed-off-by: Jason Wang <jasowang@redhat.com>
----
- hw/net/mcf_fec.c | 5 +++--
- 1 files changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/hw/net/mcf_fec.c b/hw/net/mcf_fec.c
-index 0ee8ad9..d31fea1 100644
---- a/hw/net/mcf_fec.c
-+++ b/hw/net/mcf_fec.c
-@@ -23,6 +23,7 @@ do { printf("mcf_fec: " fmt , ## __VA_ARGS__); } while (0)
- #define DPRINTF(fmt, ...) do {} while(0)
- #endif
-
-+#define FEC_MAX_DESC 1024
- #define FEC_MAX_FRAME_SIZE 2032
-
- typedef struct {
-@@ -149,7 +150,7 @@ static void mcf_fec_do_tx(mcf_fec_state *s)
- uint32_t addr;
- mcf_fec_bd bd;
- int frame_size;
-- int len;
-+ int len, descnt = 0;
- uint8_t frame[FEC_MAX_FRAME_SIZE];
- uint8_t *ptr;
-
-@@ -157,7 +158,7 @@ static void mcf_fec_do_tx(mcf_fec_state *s)
- ptr = frame;
- frame_size = 0;
- addr = s->tx_descriptor;
-- while (1) {
-+ while (descnt++ < FEC_MAX_DESC) {
- mcf_fec_read_bd(&bd, addr);
- DPRINTF("tx_bd %x flags %04x len %d data %08x\n",
- addr, bd.flags, bd.length, bd.data);
---
-1.7.0.4
-
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7909.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7909.patch
deleted file mode 100644
index 8e6ecff..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7909.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-The AMD PC-Net II emulator has set of control and status(CSR)
-registers. Of these, CSR76 and CSR78 hold receive and transmit
-descriptor ring length respectively. This ring length could range
-from 1 to 65535. Setting ring length to zero leads to an infinite
-loop in pcnet_rdra_addr. Add check to avoid it.
-
-Reported-by: Li Qiang <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/net/pcnet.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/hw/net/pcnet.c b/hw/net/pcnet.c
-index 198a01f..3078de8 100644
---- a/hw/net/pcnet.c
-+++ b/hw/net/pcnet.c
-@@ -1429,8 +1429,11 @@ static void pcnet_csr_writew(PCNetState *s, uint32_t rap, uint32_t new_value)
- case 47: /* POLLINT */
- case 72:
- case 74:
-+ break;
- case 76: /* RCVRL */
- case 78: /* XMTRL */
-+ val = (val > 0) ? val : 512;
-+ break;
- case 112:
- if (CSR_STOP(s) || CSR_SPND(s))
- break;
---
-2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7994-1.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7994-1.patch
deleted file mode 100644
index 6fe77f3..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7994-1.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From: Li Qiang <address@hidden>
-
-In virtio gpu resource create dispatch, if the pixman format is zero
-it doesn't free the resource object allocated previously. Thus leading
-a host memory leak issue. This patch avoid this.
-
-Signed-off-by: Li Qiang <address@hidden>
----
- hw/display/virtio-gpu.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c
-index 7fe6ed8..5b6d17b 100644
---- a/hw/display/virtio-gpu.c
-+++ b/hw/display/virtio-gpu.c
-@@ -333,6 +333,7 @@ static void virtio_gpu_resource_create_2d(VirtIOGPU *g,
- qemu_log_mask(LOG_GUEST_ERROR,
- "%s: host couldn't handle guest format %d\n",
- __func__, c2d.format);
-+ g_free(res);
- cmd->error = VIRTIO_GPU_RESP_ERR_INVALID_PARAMETER;
- return;
- }
---
-1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7994-2.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7994-2.patch
deleted file mode 100644
index dce1b2b..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7994-2.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From: Li Qiang <address@hidden>
-
-While processing isochronous transfer descriptors(iTD), if the page
-select(PG) field value is out of bands it will return. In this
-situation the ehci's sg list doesn't be freed thus leading a memory
-leak issue. This patch avoid this.
-
-Signed-off-by: Li Qiang <address@hidden>
----
- hw/usb/hcd-ehci.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
-index b093db7..f4ece9a 100644
---- a/hw/usb/hcd-ehci.c
-+++ b/hw/usb/hcd-ehci.c
-@@ -1426,6 +1426,7 @@ static int ehci_process_itd(EHCIState *ehci,
- if (off + len > 4096) {
- /* transfer crosses page border */
- if (pg == 6) {
-+ qemu_sglist_destroy(&ehci->isgl);
- return -1; /* avoid page pg + 1 */
- }
- ptr2 = (itd->bufptr[pg + 1] & ITD_BUFPTR_MASK);
---
-1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8576.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8576.patch
deleted file mode 100644
index 9617cd5..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8576.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-From 20009bdaf95d10bf748fa69b104672d3cfaceddf Mon Sep 17 00:00:00 2001
-From: Gerd Hoffmann <address@hidden>
-Date: Fri, 7 Oct 2016 10:15:29 +0200
-Subject: [PATCH] xhci: limit the number of link trbs we are willing to process
-
-Signed-off-by: Gerd Hoffmann <address@hidden>
----
- hw/usb/hcd-xhci.c | 10 ++++++++++
- 1 file changed, 10 insertions(+)
-
-diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
-index 726435c..ee4fa48 100644
---- a/hw/usb/hcd-xhci.c
-+++ b/hw/usb/hcd-xhci.c
-@@ -54,6 +54,8 @@
- * to the specs when it gets them */
- #define ER_FULL_HACK
-
-+#define TRB_LINK_LIMIT 4
-+
- #define LEN_CAP 0x40
- #define LEN_OPER (0x400 + 0x10 * MAXPORTS)
- #define LEN_RUNTIME ((MAXINTRS + 1) * 0x20)
-@@ -1000,6 +1002,7 @@ static TRBType xhci_ring_fetch(XHCIState *xhci, XHCIRing *ring, XHCITRB *trb,
- dma_addr_t *addr)
- {
- PCIDevice *pci_dev = PCI_DEVICE(xhci);
-+ uint32_t link_cnt = 0;
-
- while (1) {
- TRBType type;
-@@ -1026,6 +1029,9 @@ static TRBType xhci_ring_fetch(XHCIState *xhci, XHCIRing *ring, XHCITRB *trb,
- ring->dequeue += TRB_SIZE;
- return type;
- } else {
-+ if (++link_cnt > TRB_LINK_LIMIT) {
-+ return 0;
-+ }
- ring->dequeue = xhci_mask64(trb->parameter);
- if (trb->control & TRB_LK_TC) {
- ring->ccs = !ring->ccs;
-@@ -1043,6 +1049,7 @@ static int xhci_ring_chain_length(XHCIState *xhci, const XHCIRing *ring)
- bool ccs = ring->ccs;
- /* hack to bundle together the two/three TDs that make a setup transfer */
- bool control_td_set = 0;
-+ uint32_t link_cnt = 0;
-
- while (1) {
- TRBType type;
-@@ -1058,6 +1065,9 @@ static int xhci_ring_chain_length(XHCIState *xhci, const XHCIRing *ring)
- type = TRB_TYPE(trb);
-
- if (type == TR_LINK) {
-+ if (++link_cnt > TRB_LINK_LIMIT) {
-+ return -length;
-+ }
- dequeue = xhci_mask64(trb.parameter);
- if (trb.control & TRB_LK_TC) {
- ccs = !ccs;
---
-1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8577.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8577.patch
deleted file mode 100644
index 8c29580..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8577.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From: Li Qiang <address@hidden>
-
-In 9pfs read dispatch function, it doesn't free two QEMUIOVector
-object thus causing potential memory leak. This patch avoid this.
-
-Signed-off-by: Li Qiang <address@hidden>
----
- hw/9pfs/9p.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
-index 119ee58..543a791 100644
---- a/hw/9pfs/9p.c
-+++ b/hw/9pfs/9p.c
-@@ -1826,14 +1826,15 @@ static void v9fs_read(void *opaque)
- if (len < 0) {
- /* IO error return the error */
- err = len;
-- goto out;
-+ goto out_free_iovec;
- }
- } while (count < max_count && len > 0);
- err = pdu_marshal(pdu, offset, "d", count);
- if (err < 0) {
-- goto out;
-+ goto out_free_iovec;
- }
- err += offset + count;
-+out_free_iovec:
- qemu_iovec_destroy(&qiov);
- qemu_iovec_destroy(&qiov_full);
- } else if (fidp->fid_type == P9_FID_XATTR) {
---
-1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8578.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8578.patch
deleted file mode 100644
index 74eee7e..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8578.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-From ba42ebb863ab7d40adc79298422ed9596df8f73a Mon Sep 17 00:00:00 2001
-From: Li Qiang <liqiang6-s@360.cn>
-Date: Mon, 17 Oct 2016 14:13:58 +0200
-Subject: [PATCH] 9pfs: allocate space for guest originated empty strings
-
-If a guest sends an empty string paramater to any 9P operation, the current
-code unmarshals it into a V9fsString equal to { .size = 0, .data = NULL }.
-
-This is unfortunate because it can cause NULL pointer dereference to happen
-at various locations in the 9pfs code. And we don't want to check str->data
-everywhere we pass it to strcmp() or any other function which expects a
-dereferenceable pointer.
-
-This patch enforces the allocation of genuine C empty strings instead, so
-callers don't have to bother.
-
-Out of all v9fs_iov_vunmarshal() users, only v9fs_xattrwalk() checks if
-the returned string is empty. It now uses v9fs_string_size() since
-name.data cannot be NULL anymore.
-
-Signed-off-by: Li Qiang <liqiang6-s@360.cn>
-[groug, rewritten title and changelog,
- fix empty string check in v9fs_xattrwalk()]
-Signed-off-by: Greg Kurz <groug@kaod.org>
----
- fsdev/9p-iov-marshal.c | 2 +-
- hw/9pfs/9p.c | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/fsdev/9p-iov-marshal.c b/fsdev/9p-iov-marshal.c
-index 663cad5..1d16f8d 100644
---- a/fsdev/9p-iov-marshal.c
-+++ b/fsdev/9p-iov-marshal.c
-@@ -125,7 +125,7 @@ ssize_t v9fs_iov_vunmarshal(struct iovec *out_sg, int out_num, size_t offset,
- str->data = g_malloc(str->size + 1);
- copied = v9fs_unpack(str->data, out_sg, out_num, offset,
- str->size);
-- if (copied > 0) {
-+ if (copied >= 0) {
- str->data[str->size] = 0;
- } else {
- v9fs_string_free(str);
-diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
-index 119ee58..39a7e1d 100644
---- a/hw/9pfs/9p.c
-+++ b/hw/9pfs/9p.c
-@@ -3174,7 +3174,7 @@ static void v9fs_xattrwalk(void *opaque)
- goto out;
- }
- v9fs_path_copy(&xattr_fidp->path, &file_fidp->path);
-- if (name.data == NULL) {
-+ if (!v9fs_string_size(&name)) {
- /*
- * listxattr request. Get the size first
- */
---
-2.7.3
-
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8668.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8668.patch
deleted file mode 100644
index a27d3a6..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8668.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-Rocker network switch emulator has test registers to help debug
-DMA operations. While testing host DMA access, a buffer address
-is written to register 'TEST_DMA_ADDR' and its size is written to
-register 'TEST_DMA_SIZE'. When performing TEST_DMA_CTRL_INVERT
-test, if DMA buffer size was greater than 'INT_MAX', it leads to
-an invalid buffer access. Limit the DMA buffer size to avoid it.
-
-Reported-by: Huawei PSIRT <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/net/rocker/rocker.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/hw/net/rocker/rocker.c b/hw/net/rocker/rocker.c
-index 30f2ce4..e9d215a 100644
---- a/hw/net/rocker/rocker.c
-+++ b/hw/net/rocker/rocker.c
-@@ -860,7 +860,7 @@ static void rocker_io_writel(void *opaque, hwaddr addr, uint32_t val)
- rocker_msix_irq(r, val);
- break;
- case ROCKER_TEST_DMA_SIZE:
-- r->test_dma_size = val;
-+ r->test_dma_size = val & 0xFFFF;
- break;
- case ROCKER_TEST_DMA_ADDR + 4:
- r->test_dma_addr = ((uint64_t)val) << 32 | r->lower32;
---
-2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-1.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-1.patch
index 457f022..cea8efc 100644
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-1.patch
+++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-1.patch
@@ -1,3 +1,6 @@
+http://bugs.gentoo.org/597108
+https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02577.html
+
From: Prasad J Pandit <address@hidden>
The JAZZ RC4030 chipset emulator has a periodic timer and
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-2.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-2.patch
deleted file mode 100644
index 23393b7..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-2.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-16550A UART device uses an oscillator to generate frequencies
-(baud base), which decide communication speed. This speed could
-be changed by dividing it by a divider. If the divider is
-greater than the baud base, speed is set to zero, leading to a
-divide by zero error. Add check to avoid it.
-
-Reported-by: Huawei PSIRT <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/char/serial.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-Update per
- -> https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02400.html
-
-diff --git a/hw/char/serial.c b/hw/char/serial.c
-index 3442f47..eec72b7 100644
---- a/hw/char/serial.c
-+++ b/hw/char/serial.c
-@@ -153,8 +153,9 @@ static void serial_update_parameters(SerialState *s)
- int speed, parity, data_bits, stop_bits, frame_size;
- QEMUSerialSetParams ssp;
-
-- if (s->divider == 0)
-+ if (s->divider == 0 || s->divider > s->baudbase) {
- return;
-+ }
-
- /* Start bit. */
- frame_size = 1;
---
-2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8909.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8909.patch
deleted file mode 100644
index ed6613f..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8909.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-Intel HDA emulator uses stream of buffers during DMA data
-transfers. Each entry has buffer length and buffer pointer
-position, which are used to derive bytes to 'copy'. If this
-length and buffer pointer were to be same, 'copy' could be
-set to zero(0), leading to an infinite loop. Add check to
-avoid it.
-
-Reported-by: Huawei PSIRT <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/audio/intel-hda.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/hw/audio/intel-hda.c b/hw/audio/intel-hda.c
-index cd95340..537face 100644
---- a/hw/audio/intel-hda.c
-+++ b/hw/audio/intel-hda.c
-@@ -416,7 +416,8 @@ static bool intel_hda_xfer(HDACodecDevice *dev, uint32_t stnr, bool output,
- }
-
- left = len;
-- while (left > 0) {
-+ s = st->bentries;
-+ while (left > 0 && s-- > 0) {
- copy = left;
- if (copy > st->bsize - st->lpib)
- copy = st->bsize - st->lpib;
---
-2.7.4
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8910.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8910.patch
deleted file mode 100644
index c93f796..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8910.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-RTL8139 ethernet controller in C+ mode supports multiple
-descriptor rings, each with maximum of 64 descriptors. While
-processing transmit descriptor ring in 'rtl8139_cplus_transmit',
-it does not limit the descriptor count and runs forever. Add
-check to avoid it.
-
-Reported-by: Andrew Henderson <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/net/rtl8139.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/hw/net/rtl8139.c b/hw/net/rtl8139.c
-index 3345bc6..f05e59c 100644
---- a/hw/net/rtl8139.c
-+++ b/hw/net/rtl8139.c
-@@ -2350,7 +2350,7 @@ static void rtl8139_cplus_transmit(RTL8139State *s)
- {
- int txcount = 0;
-
-- while (rtl8139_cplus_transmit_one(s))
-+ while (txcount < 64 && rtl8139_cplus_transmit_one(s))
- {
- ++txcount;
- }
---
-2.7.4
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9102.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9102.patch
deleted file mode 100644
index 963eca9..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9102.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-From: Li Qiang <address@hidden>
-
-The 'fs.xattr.value' field in V9fsFidState object doesn't consider the
-situation that this field has been allocated previously. Every time, it
-will be allocated directly. This leads a host memory leak issue. This
-patch fix this.
-
---
-1.8.3.1
-diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
-index 75ba5f1..a4c7109 100644
---- a/hw/9pfs/9p.c
-+++ b/hw/9pfs/9p.c
-@@ -3269,6 +3269,7 @@ static void v9fs_xattrcreate(void *opaque)
- xattr_fidp->fs.xattr.flags = flags;
- v9fs_string_init(&xattr_fidp->fs.xattr.name);
- v9fs_string_copy(&xattr_fidp->fs.xattr.name, &name);
-+ g_free(xattr_fidp->fs.xattr.value);
- xattr_fidp->fs.xattr.value = g_malloc(size);
- err = offset;
- put_fid(pdu, file_fidp);
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9103.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9103.patch
deleted file mode 100644
index 7520863..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9103.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-Author: Li Qiang <liqiang6-s@360.cn>
-Date: Mon Oct 17 14:13:58 2016 +0200
-
- 9pfs: fix information leak in xattr read
-
- 9pfs uses g_malloc() to allocate the xattr memory space, if the guest
- reads this memory before writing to it, this will leak host heap memory
- to the guest. This patch avoid this.
-
- Signed-off-by: Li Qiang <liqiang6-s@360.cn>
- Reviewed-by: Greg Kurz <groug@kaod.org>
- Signed-off-by: Greg Kurz <groug@kaod.org>
-
-diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
-index 26aa7d5..bf23b01 100644
---- a/hw/9pfs/9p.c
-+++ b/hw/9pfs/9p.c
-@@ -3269,8 +3269,8 @@ static void coroutine_fn v9fs_xattrcreate(void *opaque)
- xattr_fidp->fs.xattr.flags = flags;
- v9fs_string_init(&xattr_fidp->fs.xattr.name);
- v9fs_string_copy(&xattr_fidp->fs.xattr.name, &name);
- g_free(xattr_fidp->fs.xattr.value);
-- xattr_fidp->fs.xattr.value = g_malloc(size);
-+ xattr_fidp->fs.xattr.value = g_malloc0(size);
- err = offset;
- put_fid(pdu, file_fidp);
- out_nofid:
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9104.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9104.patch
deleted file mode 100644
index f1aec55..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9104.patch
+++ /dev/null
@@ -1,92 +0,0 @@
-From 7e55d65c56a03dcd2c5d7c49d37c5a74b55d4bd6 Mon Sep 17 00:00:00 2001
-From: Li Qiang <liqiang6-s@360.cn>
-Date: Tue, 1 Nov 2016 12:00:40 +0100
-Subject: [PATCH] 9pfs: fix integer overflow issue in xattr read/write
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The v9fs_xattr_read() and v9fs_xattr_write() are passed a guest
-originated offset: they must ensure this offset does not go beyond
-the size of the extended attribute that was set in v9fs_xattrcreate().
-Unfortunately, the current code implement these checks with unsafe
-calculations on 32 and 64 bit values, which may allow a malicious
-guest to cause OOB access anyway.
-
-Fix this by comparing the offset and the xattr size, which are
-both uint64_t, before trying to compute the effective number of bytes
-to read or write.
-
-Suggested-by: Greg Kurz <groug@kaod.org>
-Signed-off-by: Li Qiang <liqiang6-s@360.cn>
-Reviewed-by: Greg Kurz <groug@kaod.org>
-Reviewed-By: Guido Günther <agx@sigxcpu.org>
-Signed-off-by: Greg Kurz <groug@kaod.org>
----
- hw/9pfs/9p.c | 32 ++++++++++++--------------------
- 1 file changed, 12 insertions(+), 20 deletions(-)
-
-diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
-index ab18ef2..7705ead 100644
---- a/hw/9pfs/9p.c
-+++ b/hw/9pfs/9p.c
-@@ -1637,20 +1637,17 @@ static int v9fs_xattr_read(V9fsState *s, V9fsPDU *pdu, V9fsFidState *fidp,
- {
- ssize_t err;
- size_t offset = 7;
-- int read_count;
-- int64_t xattr_len;
-+ uint64_t read_count;
- V9fsVirtioState *v = container_of(s, V9fsVirtioState, state);
- VirtQueueElement *elem = v->elems[pdu->idx];
-
-- xattr_len = fidp->fs.xattr.len;
-- read_count = xattr_len - off;
-+ if (fidp->fs.xattr.len < off) {
-+ read_count = 0;
-+ } else {
-+ read_count = fidp->fs.xattr.len - off;
-+ }
- if (read_count > max_count) {
- read_count = max_count;
-- } else if (read_count < 0) {
-- /*
-- * read beyond XATTR value
-- */
-- read_count = 0;
- }
- err = pdu_marshal(pdu, offset, "d", read_count);
- if (err < 0) {
-@@ -1979,23 +1976,18 @@ static int v9fs_xattr_write(V9fsState *s, V9fsPDU *pdu, V9fsFidState *fidp,
- {
- int i, to_copy;
- ssize_t err = 0;
-- int write_count;
-- int64_t xattr_len;
-+ uint64_t write_count;
- size_t offset = 7;
-
-
-- xattr_len = fidp->fs.xattr.len;
-- write_count = xattr_len - off;
-- if (write_count > count) {
-- write_count = count;
-- } else if (write_count < 0) {
-- /*
-- * write beyond XATTR value len specified in
-- * xattrcreate
-- */
-+ if (fidp->fs.xattr.len < off) {
- err = -ENOSPC;
- goto out;
- }
-+ write_count = fidp->fs.xattr.len - off;
-+ if (write_count > count) {
-+ write_count = count;
-+ }
- err = pdu_marshal(pdu, offset, "d", write_count);
- if (err < 0) {
- return err;
---
-2.7.3
-
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9105.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9105.patch
deleted file mode 100644
index cddff97..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9105.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From: Li Qiang <address@hidden>
-
-In v9fs_link dispatch function, it doesn't put the 'oldfidp'
-fid object, this will make the 'oldfidp->ref' never reach to 0,
-thus leading a memory leak issue. This patch fix this.
-
-Signed-off-by: Li Qiang <address@hidden>
----
- hw/9pfs/9p.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
-index 8b50bfb..29f8b7a 100644
---- a/hw/9pfs/9p.c
-+++ b/hw/9pfs/9p.c
-@@ -2413,6 +2413,7 @@ static void v9fs_link(void *opaque)
- if (!err) {
- err = offset;
- }
-+ put_fid(pdu, oldfidp);
- out:
- put_fid(pdu, dfidp);
- out_nofid:
---
-1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9106.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9106.patch
deleted file mode 100644
index 137272d..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9106.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-Author: Li Qiang <liqiang6-s@360.cn>
-Date: Mon Oct 17 14:13:58 2016 +0200
-
- 9pfs: fix memory leak in v9fs_write
-
- If an error occurs when marshalling the transfer length to the guest, the
- v9fs_write() function doesn't free an IO vector, thus leading to a memory
- leak. This patch fixes the issue.
-
- Signed-off-by: Li Qiang <liqiang6-s@360.cn>
- Reviewed-by: Greg Kurz <groug@kaod.org>
- [groug, rephrased the changelog]
- Signed-off-by: Greg Kurz <groug@kaod.org>
-
-diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
-index d43a552..e88cf25 100644
---- a/hw/9pfs/9p.c
-+++ b/hw/9pfs/9p.c
-@@ -2090,7 +2090,7 @@ static void coroutine_fn v9fs_write(void *opaque)
- offset = 7;
- err = pdu_marshal(pdu, offset, "d", total);
- if (err < 0) {
-- goto out;
-+ goto out_qiov;
- }
- err += offset;
-
diff --git a/app-emulation/qemu/files/qemu-2.7.0-configure-ifunc.patch b/app-emulation/qemu/files/qemu-2.7.0-configure-ifunc.patch
deleted file mode 100644
index d090323..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-configure-ifunc.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-diff -Naur qemu-2.7.0.orig/configure qemu-2.7.0/configure
---- qemu-2.7.0.orig/configure 2016-09-05 18:30:41.722529882 -0700
-+++ qemu-2.7.0/configure 2016-09-05 18:32:22.473649654 -0700
-@@ -1805,7 +1805,8 @@
- EOF
- if compile_object "" ; then
- if has readelf; then
-- if readelf --syms $TMPO 2>/dev/null |grep -q "IFUNC.*foo"; then
-+ if readelf --syms $TMPO 2>/dev/null |grep -q "IFUNC.*foo" &&
-+ ldd $TMPO >dev/null 2>&1; then
- avx2_opt="yes"
- fi
- fi
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-10155.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-10155.patch
new file mode 100644
index 0000000..c486295
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-10155.patch
@@ -0,0 +1,46 @@
+From eb7a20a3616085d46aa6b4b4224e15587ec67e6e Mon Sep 17 00:00:00 2001
+From: Li Qiang <liqiang6-s@360.cn>
+Date: Mon, 28 Nov 2016 17:49:04 -0800
+Subject: [PATCH] watchdog: 6300esb: add exit function
+
+When the Intel 6300ESB watchdog is hot unplug. The timer allocated
+in realize isn't freed thus leaking memory leak. This patch avoid
+this through adding the exit function.
+
+Signed-off-by: Li Qiang <liqiang6-s@360.cn>
+Message-Id: <583cde9c.3223ed0a.7f0c2.886e@mx.google.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+---
+ hw/watchdog/wdt_i6300esb.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/hw/watchdog/wdt_i6300esb.c b/hw/watchdog/wdt_i6300esb.c
+index a83d951..49b3cd1 100644
+--- a/hw/watchdog/wdt_i6300esb.c
++++ b/hw/watchdog/wdt_i6300esb.c
+@@ -428,6 +428,14 @@ static void i6300esb_realize(PCIDevice *dev, Error **errp)
+ /* qemu_register_coalesced_mmio (addr, 0x10); ? */
+ }
+
++static void i6300esb_exit(PCIDevice *dev)
++{
++ I6300State *d = WATCHDOG_I6300ESB_DEVICE(dev);
++
++ timer_del(d->timer);
++ timer_free(d->timer);
++}
++
+ static WatchdogTimerModel model = {
+ .wdt_name = "i6300esb",
+ .wdt_description = "Intel 6300ESB",
+@@ -441,6 +449,7 @@ static void i6300esb_class_init(ObjectClass *klass, void *data)
+ k->config_read = i6300esb_config_read;
+ k->config_write = i6300esb_config_write;
+ k->realize = i6300esb_realize;
++ k->exit = i6300esb_exit;
+ k->vendor_id = PCI_VENDOR_ID_INTEL;
+ k->device_id = PCI_DEVICE_ID_INTEL_ESB_9;
+ k->class_id = PCI_CLASS_SYSTEM_OTHER;
+--
+2.10.2
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2615.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2615.patch
new file mode 100644
index 0000000..f0bba80
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2615.patch
@@ -0,0 +1,48 @@
+From 62d4c6bd5263bb8413a06c80144fc678df6dfb64 Mon Sep 17 00:00:00 2001
+From: Li Qiang <liqiang6-s@360.cn>
+Date: Wed, 1 Feb 2017 09:35:01 +0100
+Subject: [PATCH] cirrus: fix oob access issue (CVE-2017-2615)
+
+When doing bitblt copy in backward mode, we should minus the
+blt width first just like the adding in the forward mode. This
+can avoid the oob access of the front of vga's vram.
+
+Signed-off-by: Li Qiang <liqiang6-s@360.cn>
+
+{ kraxel: with backward blits (negative pitch) addr is the topmost
+ address, so check it as-is against vram size ]
+
+Cc: qemu-stable@nongnu.org
+Cc: P J P <ppandit@redhat.com>
+Cc: Laszlo Ersek <lersek@redhat.com>
+Cc: Paolo Bonzini <pbonzini@redhat.com>
+Cc: Wolfgang Bumiller <w.bumiller@proxmox.com>
+Fixes: d3532a0db02296e687711b8cdc7791924efccea0 (CVE-2014-8106)
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+Message-id: 1485938101-26602-1-git-send-email-kraxel@redhat.com
+Reviewed-by: Laszlo Ersek <lersek@redhat.com>
+---
+ hw/display/cirrus_vga.c | 7 +++----
+ 1 file changed, 3 insertions(+), 4 deletions(-)
+
+diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
+index 7db6409..16f27e8 100644
+--- a/hw/display/cirrus_vga.c
++++ b/hw/display/cirrus_vga.c
+@@ -274,10 +274,9 @@ static bool blit_region_is_unsafe(struct CirrusVGAState *s,
+ {
+ if (pitch < 0) {
+ int64_t min = addr
+- + ((int64_t)s->cirrus_blt_height-1) * pitch;
+- int32_t max = addr
+- + s->cirrus_blt_width;
+- if (min < 0 || max > s->vga.vram_size) {
++ + ((int64_t)s->cirrus_blt_height - 1) * pitch
++ - s->cirrus_blt_width;
++ if (min < -1 || addr >= s->vga.vram_size) {
+ return true;
+ }
+ } else {
+--
+2.10.2
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-1.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-1.patch
new file mode 100644
index 0000000..24411b4
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-1.patch
@@ -0,0 +1,52 @@
+From 12351a91da97b414eec8cdb09f1d9f41e535a401 Mon Sep 17 00:00:00 2001
+From: Li Qiang <liqiang6-s@360.cn>
+Date: Wed, 14 Dec 2016 18:30:21 -0800
+Subject: [PATCH] audio: ac97: add exit function
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Currently the ac97 device emulation doesn't have a exit function,
+hot unplug this device will leak some memory. Add a exit function to
+avoid this.
+
+Signed-off-by: Li Qiang <liqiang6-s@360.cn>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-id: 58520052.4825ed0a.27a71.6cae@mx.google.com
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ hw/audio/ac97.c | 11 +++++++++++
+ 1 file changed, 11 insertions(+)
+
+diff --git a/hw/audio/ac97.c b/hw/audio/ac97.c
+index cbd959e..c306575 100644
+--- a/hw/audio/ac97.c
++++ b/hw/audio/ac97.c
+@@ -1387,6 +1387,16 @@ static void ac97_realize(PCIDevice *dev, Error **errp)
+ ac97_on_reset (&s->dev.qdev);
+ }
+
++static void ac97_exit(PCIDevice *dev)
++{
++ AC97LinkState *s = DO_UPCAST(AC97LinkState, dev, dev);
++
++ AUD_close_in(&s->card, s->voice_pi);
++ AUD_close_out(&s->card, s->voice_po);
++ AUD_close_in(&s->card, s->voice_mc);
++ AUD_remove_card(&s->card);
++}
++
+ static int ac97_init (PCIBus *bus)
+ {
+ pci_create_simple (bus, -1, "AC97");
+@@ -1404,6 +1414,7 @@ static void ac97_class_init (ObjectClass *klass, void *data)
+ PCIDeviceClass *k = PCI_DEVICE_CLASS (klass);
+
+ k->realize = ac97_realize;
++ k->exit = ac97_exit;
+ k->vendor_id = PCI_VENDOR_ID_INTEL;
+ k->device_id = PCI_DEVICE_ID_INTEL_82801AA_5;
+ k->revision = 0x01;
+--
+2.10.2
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-2.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-2.patch
new file mode 100644
index 0000000..6bbac58
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-2.patch
@@ -0,0 +1,55 @@
+From 069eb7b2b8fc47c7cb52e5a4af23ea98d939e3da Mon Sep 17 00:00:00 2001
+From: Li Qiang <liqiang6-s@360.cn>
+Date: Wed, 14 Dec 2016 18:32:22 -0800
+Subject: [PATCH] audio: es1370: add exit function
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Currently the es1370 device emulation doesn't have a exit function,
+hot unplug this device will leak some memory. Add a exit function to
+avoid this.
+
+Signed-off-by: Li Qiang <liqiang6-s@360.cn>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-id: 585200c9.a968ca0a.1ab80.4c98@mx.google.com
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ hw/audio/es1370.c | 14 ++++++++++++++
+ 1 file changed, 14 insertions(+)
+
+diff --git a/hw/audio/es1370.c b/hw/audio/es1370.c
+index 8449b5f..883ec69 100644
+--- a/hw/audio/es1370.c
++++ b/hw/audio/es1370.c
+@@ -1041,6 +1041,19 @@ static void es1370_realize(PCIDevice *dev, Error **errp)
+ es1370_reset (s);
+ }
+
++static void es1370_exit(PCIDevice *dev)
++{
++ ES1370State *s = ES1370(dev);
++ int i;
++
++ for (i = 0; i < 2; ++i) {
++ AUD_close_out(&s->card, s->dac_voice[i]);
++ }
++
++ AUD_close_in(&s->card, s->adc_voice);
++ AUD_remove_card(&s->card);
++}
++
+ static int es1370_init (PCIBus *bus)
+ {
+ pci_create_simple (bus, -1, TYPE_ES1370);
+@@ -1053,6 +1066,7 @@ static void es1370_class_init (ObjectClass *klass, void *data)
+ PCIDeviceClass *k = PCI_DEVICE_CLASS (klass);
+
+ k->realize = es1370_realize;
++ k->exit = es1370_exit;
+ k->vendor_id = PCI_VENDOR_ID_ENSONIQ;
+ k->device_id = PCI_DEVICE_ID_ENSONIQ_ES1370;
+ k->class_id = PCI_CLASS_MULTIMEDIA_AUDIO;
+--
+2.10.2
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5552.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5552.patch
new file mode 100644
index 0000000..9475f3f
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5552.patch
@@ -0,0 +1,41 @@
+From 33243031dad02d161225ba99d782616da133f689 Mon Sep 17 00:00:00 2001
+From: Li Qiang <liq3ea@gmail.com>
+Date: Thu, 29 Dec 2016 03:11:26 -0500
+Subject: [PATCH] virtio-gpu-3d: fix memory leak in resource attach backing
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+If the virgl_renderer_resource_attach_iov function fails the
+'res_iovs' will be leaked. Add check of the return value to
+free the 'res_iovs' when failing.
+
+Signed-off-by: Li Qiang <liq3ea@gmail.com>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-id: 1482999086-59795-1-git-send-email-liq3ea@gmail.com
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ hw/display/virtio-gpu-3d.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c
+index e29f099..b13ced3 100644
+--- a/hw/display/virtio-gpu-3d.c
++++ b/hw/display/virtio-gpu-3d.c
+@@ -291,8 +291,11 @@ static void virgl_resource_attach_backing(VirtIOGPU *g,
+ return;
+ }
+
+- virgl_renderer_resource_attach_iov(att_rb.resource_id,
+- res_iovs, att_rb.nr_entries);
++ ret = virgl_renderer_resource_attach_iov(att_rb.resource_id,
++ res_iovs, att_rb.nr_entries);
++
++ if (ret != 0)
++ virtio_gpu_cleanup_mapping_iov(res_iovs, att_rb.nr_entries);
+ }
+
+ static void virgl_resource_detach_backing(VirtIOGPU *g,
+--
+2.10.2
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5578.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5578.patch
new file mode 100644
index 0000000..f93d1e7
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5578.patch
@@ -0,0 +1,35 @@
+From 204f01b30975923c64006f8067f0937b91eea68b Mon Sep 17 00:00:00 2001
+From: Li Qiang <liq3ea@gmail.com>
+Date: Thu, 29 Dec 2016 04:28:41 -0500
+Subject: [PATCH] virtio-gpu: fix memory leak in resource attach backing
+
+In the resource attach backing function, everytime it will
+allocate 'res->iov' thus can leading a memory leak. This
+patch avoid this.
+
+Signed-off-by: Li Qiang <liq3ea@gmail.com>
+Message-id: 1483003721-65360-1-git-send-email-liq3ea@gmail.com
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ hw/display/virtio-gpu.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c
+index 6a26258..ca88cf4 100644
+--- a/hw/display/virtio-gpu.c
++++ b/hw/display/virtio-gpu.c
+@@ -714,6 +714,11 @@ virtio_gpu_resource_attach_backing(VirtIOGPU *g,
+ return;
+ }
+
++ if (res->iov) {
++ cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC;
++ return;
++ }
++
+ ret = virtio_gpu_create_mapping_iov(&ab, cmd, &res->addrs, &res->iov);
+ if (ret != 0) {
+ cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC;
+--
+2.10.2
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5579.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5579.patch
new file mode 100644
index 0000000..e4572a8
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5579.patch
@@ -0,0 +1,40 @@
+From 8409dc884a201bf74b30a9d232b6bbdd00cb7e2b Mon Sep 17 00:00:00 2001
+From: Li Qiang <liqiang6-s@360.cn>
+Date: Wed, 4 Jan 2017 00:43:16 -0800
+Subject: [PATCH] serial: fix memory leak in serial exit
+
+The serial_exit_core function doesn't free some resources.
+This can lead memory leak when hotplug and unplug. This
+patch avoid this.
+
+Signed-off-by: Li Qiang <liqiang6-s@360.cn>
+Message-Id: <586cb5ab.f31d9d0a.38ac3.acf2@mx.google.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+---
+ hw/char/serial.c | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/hw/char/serial.c b/hw/char/serial.c
+index ffbacd8..67b18ed 100644
+--- a/hw/char/serial.c
++++ b/hw/char/serial.c
+@@ -906,6 +906,16 @@ void serial_realize_core(SerialState *s, Error **errp)
+ void serial_exit_core(SerialState *s)
+ {
+ qemu_chr_fe_deinit(&s->chr);
++
++ timer_del(s->modem_status_poll);
++ timer_free(s->modem_status_poll);
++
++ timer_del(s->fifo_timeout_timer);
++ timer_free(s->fifo_timeout_timer);
++
++ fifo8_destroy(&s->recv_fifo);
++ fifo8_destroy(&s->xmit_fifo);
++
+ qemu_unregister_reset(serial_reset, s);
+ }
+
+--
+2.10.2
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5667.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5667.patch
new file mode 100644
index 0000000..93e9c94
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5667.patch
@@ -0,0 +1,37 @@
+From 42922105beb14c2fc58185ea022b9f72fb5465e9 Mon Sep 17 00:00:00 2001
+From: Prasad J Pandit <pjp@fedoraproject.org>
+Date: Tue, 7 Feb 2017 18:29:59 +0000
+Subject: [PATCH] sd: sdhci: check data length during dma_memory_read
+
+While doing multi block SDMA transfer in routine
+'sdhci_sdma_transfer_multi_blocks', the 's->fifo_buffer' starting
+index 'begin' and data length 's->data_count' could end up to be same.
+This could lead to an OOB access issue. Correct transfer data length
+to avoid it.
+
+Cc: qemu-stable@nongnu.org
+Reported-by: Jiang Xin <jiangxin1@huawei.com>
+Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
+Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
+Message-id: 20170130064736.9236-1-ppandit@redhat.com
+Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
+---
+ hw/sd/sdhci.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c
+index 01fbf22..5bd5ab6 100644
+--- a/hw/sd/sdhci.c
++++ b/hw/sd/sdhci.c
+@@ -536,7 +536,7 @@ static void sdhci_sdma_transfer_multi_blocks(SDHCIState *s)
+ boundary_count -= block_size - begin;
+ }
+ dma_memory_read(&address_space_memory, s->sdmasysad,
+- &s->fifo_buffer[begin], s->data_count);
++ &s->fifo_buffer[begin], s->data_count - begin);
+ s->sdmasysad += s->data_count - begin;
+ if (s->data_count == block_size) {
+ for (n = 0; n < block_size; n++) {
+--
+2.10.2
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5856.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5856.patch
new file mode 100644
index 0000000..2ebd49f
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5856.patch
@@ -0,0 +1,64 @@
+From 765a707000e838c30b18d712fe6cb3dd8e0435f3 Mon Sep 17 00:00:00 2001
+From: Paolo Bonzini <pbonzini@redhat.com>
+Date: Mon, 2 Jan 2017 11:03:33 +0100
+Subject: [PATCH] megasas: fix guest-triggered memory leak
+
+If the guest sets the sglist size to a value >=2GB, megasas_handle_dcmd
+will return MFI_STAT_MEMORY_NOT_AVAILABLE without freeing the memory.
+Avoid this by returning only the status from map_dcmd, and loading
+cmd->iov_size in the caller.
+
+Reported-by: Li Qiang <liqiang6-s@360.cn>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+---
+ hw/scsi/megasas.c | 11 ++++++-----
+ 1 file changed, 6 insertions(+), 5 deletions(-)
+
+diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
+index 67fc1e7..6233865 100644
+--- a/hw/scsi/megasas.c
++++ b/hw/scsi/megasas.c
+@@ -683,14 +683,14 @@ static int megasas_map_dcmd(MegasasState *s, MegasasCmd *cmd)
+ trace_megasas_dcmd_invalid_sge(cmd->index,
+ cmd->frame->header.sge_count);
+ cmd->iov_size = 0;
+- return -1;
++ return -EINVAL;
+ }
+ iov_pa = megasas_sgl_get_addr(cmd, &cmd->frame->dcmd.sgl);
+ iov_size = megasas_sgl_get_len(cmd, &cmd->frame->dcmd.sgl);
+ pci_dma_sglist_init(&cmd->qsg, PCI_DEVICE(s), 1);
+ qemu_sglist_add(&cmd->qsg, iov_pa, iov_size);
+ cmd->iov_size = iov_size;
+- return cmd->iov_size;
++ return 0;
+ }
+
+ static void megasas_finish_dcmd(MegasasCmd *cmd, uint32_t iov_size)
+@@ -1559,19 +1559,20 @@ static const struct dcmd_cmd_tbl_t {
+
+ static int megasas_handle_dcmd(MegasasState *s, MegasasCmd *cmd)
+ {
+- int opcode, len;
++ int opcode;
+ int retval = 0;
++ size_t len;
+ const struct dcmd_cmd_tbl_t *cmdptr = dcmd_cmd_tbl;
+
+ opcode = le32_to_cpu(cmd->frame->dcmd.opcode);
+ trace_megasas_handle_dcmd(cmd->index, opcode);
+- len = megasas_map_dcmd(s, cmd);
+- if (len < 0) {
++ if (megasas_map_dcmd(s, cmd) < 0) {
+ return MFI_STAT_MEMORY_NOT_AVAILABLE;
+ }
+ while (cmdptr->opcode != -1 && cmdptr->opcode != opcode) {
+ cmdptr++;
+ }
++ len = cmd->iov_size;
+ if (cmdptr->opcode == -1) {
+ trace_megasas_dcmd_unhandled(cmd->index, opcode, len);
+ retval = megasas_dcmd_dummy(s, cmd);
+--
+2.10.2
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5857.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5857.patch
new file mode 100644
index 0000000..664a669
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5857.patch
@@ -0,0 +1,38 @@
+When the guest sends VIRTIO_GPU_CMD_RESOURCE_UNREF without detaching the
+backing storage beforehand (VIRTIO_GPU_CMD_RESOURCE_DETACH_BACKING)
+we'll leak memory.
+
+This patch fixes it for 3d mode, simliar to the 2d mode fix in commit
+"b8e2392 virtio-gpu: call cleanup mapping function in resource destroy".
+
+Reported-by: 李强 <address@hidden>
+Signed-off-by: Gerd Hoffmann <address@hidden>
+---
+ hw/display/virtio-gpu-3d.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c
+index f96a0c2..ecb09d1 100644
+--- a/hw/display/virtio-gpu-3d.c
++++ b/hw/display/virtio-gpu-3d.c
+@@ -77,10 +77,18 @@ static void virgl_cmd_resource_unref(VirtIOGPU *g,
+ struct virtio_gpu_ctrl_command *cmd)
+ {
+ struct virtio_gpu_resource_unref unref;
++ struct iovec *res_iovs = NULL;
++ int num_iovs = 0;
+
+ VIRTIO_GPU_FILL_CMD(unref);
+ trace_virtio_gpu_cmd_res_unref(unref.resource_id);
+
++ virgl_renderer_resource_detach_iov(unref.resource_id,
++ &res_iovs,
++ &num_iovs);
++ if (res_iovs != NULL && num_iovs != 0) {
++ virtio_gpu_cleanup_mapping_iov(res_iovs, num_iovs);
++ }
+ virgl_renderer_resource_unref(unref.resource_id);
+ }
+
+--
+1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5898.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5898.patch
new file mode 100644
index 0000000..9f94477
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5898.patch
@@ -0,0 +1,35 @@
+From c7dfbf322595ded4e70b626bf83158a9f3807c6a Mon Sep 17 00:00:00 2001
+From: Prasad J Pandit <pjp@fedoraproject.org>
+Date: Fri, 3 Feb 2017 00:52:28 +0530
+Subject: [PATCH] usb: ccid: check ccid apdu length
+
+CCID device emulator uses Application Protocol Data Units(APDU)
+to exchange command and responses to and from the host.
+The length in these units couldn't be greater than 65536. Add
+check to ensure the same. It'd also avoid potential integer
+overflow in emulated_apdu_from_guest.
+
+Reported-by: Li Qiang <liqiang6-s@360.cn>
+Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
+Message-id: 20170202192228.10847-1-ppandit@redhat.com
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ hw/usb/dev-smartcard-reader.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/hw/usb/dev-smartcard-reader.c b/hw/usb/dev-smartcard-reader.c
+index 89e11b6..1325ea1 100644
+--- a/hw/usb/dev-smartcard-reader.c
++++ b/hw/usb/dev-smartcard-reader.c
+@@ -967,7 +967,7 @@ static void ccid_on_apdu_from_guest(USBCCIDState *s, CCID_XferBlock *recv)
+ DPRINTF(s, 1, "%s: seq %d, len %d\n", __func__,
+ recv->hdr.bSeq, len);
+ ccid_add_pending_answer(s, (CCID_Header *)recv);
+- if (s->card) {
++ if (s->card && len <= BULK_OUT_DATA_SIZE) {
+ ccid_card_apdu_from_guest(s->card, recv->abData, len);
+ } else {
+ DPRINTF(s, D_WARN, "warning: discarded apdu\n");
+--
+2.10.2
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5931.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5931.patch
new file mode 100644
index 0000000..f24d557
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5931.patch
@@ -0,0 +1,46 @@
+From a08aaff811fb194950f79711d2afe5a892ae03a4 Mon Sep 17 00:00:00 2001
+From: Gonglei <arei.gonglei@huawei.com>
+Date: Tue, 3 Jan 2017 14:50:03 +0800
+Subject: [PATCH] virtio-crypto: fix possible integer and heap overflow
+
+Because the 'size_t' type is 4 bytes in 32-bit platform, which
+is the same with 'int'. It's easy to make 'max_len' to zero when
+integer overflow and then cause heap overflow if 'max_len' is zero.
+
+Using uint_64 instead of size_t to avoid the integer overflow.
+
+Cc: qemu-stable@nongnu.org
+Reported-by: Li Qiang <liqiang6-s@360.cn>
+Signed-off-by: Gonglei <arei.gonglei@huawei.com>
+Tested-by: Li Qiang <liqiang6-s@360.cn>
+Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
+Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
+---
+ hw/virtio/virtio-crypto.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c
+index 2f2467e..c23e1ad 100644
+--- a/hw/virtio/virtio-crypto.c
++++ b/hw/virtio/virtio-crypto.c
+@@ -416,7 +416,7 @@ virtio_crypto_sym_op_helper(VirtIODevice *vdev,
+ uint32_t hash_start_src_offset = 0, len_to_hash = 0;
+ uint32_t cipher_start_src_offset = 0, len_to_cipher = 0;
+
+- size_t max_len, curr_size = 0;
++ uint64_t max_len, curr_size = 0;
+ size_t s;
+
+ /* Plain cipher */
+@@ -441,7 +441,7 @@ virtio_crypto_sym_op_helper(VirtIODevice *vdev,
+ return NULL;
+ }
+
+- max_len = iv_len + aad_len + src_len + dst_len + hash_result_len;
++ max_len = (uint64_t)iv_len + aad_len + src_len + dst_len + hash_result_len;
+ if (unlikely(max_len > vcrypto->conf.max_size)) {
+ virtio_error(vdev, "virtio-crypto too big length");
+ return NULL;
+--
+2.10.2
+
diff --git a/app-emulation/qemu/metadata.xml b/app-emulation/qemu/metadata.xml
index d036967..1866d8a 100644
--- a/app-emulation/qemu/metadata.xml
+++ b/app-emulation/qemu/metadata.xml
@@ -42,7 +42,6 @@
<flag name="png">Enable png image support for the VNC console server</flag>
<flag name="usb">Enable USB passthrough via <pkg>dev-libs/libusb</pkg></flag>
<flag name="usbredir">Use <pkg>sys-apps/usbredir</pkg> to redirect USB devices to another machine over TCP</flag>
- <flag name="uuid">Enable UUID support in the vdi block driver</flag>
<flag name="vde">Enable VDE-based networking</flag>
<flag name="vhost-net">Enable accelerated networking using vhost-net, see http://www.linux-kvm.org/page/VhostNet</flag>
<flag name="virgl">Enable experimental Virgil 3d (virtual software GPU)</flag>
diff --git a/app-emulation/qemu/qemu-2.7.0-r7.ebuild b/app-emulation/qemu/qemu-2.7.0-r7.ebuild
deleted file mode 100644
index e77efc8..0000000
--- a/app-emulation/qemu/qemu-2.7.0-r7.ebuild
+++ /dev/null
@@ -1,713 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI="5"
-
-PYTHON_COMPAT=( python2_7 )
-PYTHON_REQ_USE="ncurses,readline"
-
-PLOCALES="bg de_DE fr_FR hu it tr zh_CN"
-
-inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \
- user udev fcaps readme.gentoo-r1 pax-utils l10n
-
-if [[ ${PV} = *9999* ]]; then
- EGIT_REPO_URI="git://git.qemu.org/qemu.git"
- inherit git-2
- SRC_URI=""
-else
- SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
- KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd"
-fi
-
-DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
-HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
-
-LICENSE="GPL-2 LGPL-2 BSD-2"
-SLOT="0"
-IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt glusterfs \
-gnutls gtk gtk2 infiniband iscsi +jpeg \
-kernel_linux kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs
-+png pulseaudio python \
-rbd sasl +seccomp sdl sdl2 selinux smartcard snappy spice ssh static static-softmmu
-static-user systemtap tci test +threads usb usbredir +uuid vde +vhost-net \
-virgl virtfs +vnc vte xattr xen xfs"
-
-COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel mips
-mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc sparc64 unicore32
-x86_64"
-IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS} lm32 moxie ppcemb tricore xtensa xtensaeb"
-IUSE_USER_TARGETS="${COMMON_TARGETS} armeb mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx"
-
-use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
-use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS})
-IUSE+=" ${use_softmmu_targets} ${use_user_targets}"
-
-# Allow no targets to be built so that people can get a tools-only build.
-# Block USE flag configurations known to not work.
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- gtk2? ( gtk )
- qemu_softmmu_targets_arm? ( fdt )
- qemu_softmmu_targets_microblaze? ( fdt )
- qemu_softmmu_targets_ppc? ( fdt )
- qemu_softmmu_targets_ppc64? ( fdt )
- sdl2? ( sdl )
- static? ( static-softmmu static-user )
- static-softmmu? ( !alsa !pulseaudio !bluetooth !opengl !gtk !gtk2 )
- virtfs? ( xattr )
- vte? ( gtk )"
-
-# Yep, you need both libcap and libcap-ng since virtfs only uses libcap.
-#
-# The attr lib isn't always linked in (although the USE flag is always
-# respected). This is because qemu supports using the C library's API
-# when available rather than always using the extranl library.
-#
-# Older versions of gnutls are supported, but it's simpler to just require
-# the latest versions. This is also why we require nettle.
-#
-# TODO: Split out tools deps into another var. e.g. bzip2 is only used by
-# system binaries and tools, not user binaries.
-COMMON_LIB_DEPEND=">=dev-libs/glib-2.0[static-libs(+)]
- sys-libs/zlib[static-libs(+)]
- bzip2? ( app-arch/bzip2[static-libs(+)] )
- xattr? ( sys-apps/attr[static-libs(+)] )"
-SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND}
- >=x11-libs/pixman-0.28.0[static-libs(+)]
- accessibility? ( app-accessibility/brltty[static-libs(+)] )
- aio? ( dev-libs/libaio[static-libs(+)] )
- alsa? ( >=media-libs/alsa-lib-1.0.13 )
- bluetooth? ( net-wireless/bluez )
- caps? ( sys-libs/libcap-ng[static-libs(+)] )
- curl? ( >=net-misc/curl-7.15.4[static-libs(+)] )
- fdt? ( >=sys-apps/dtc-1.4.0[static-libs(+)] )
- glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] )
- gnutls? (
- dev-libs/nettle:=[static-libs(+)]
- >=net-libs/gnutls-3.0:=[static-libs(+)]
- )
- gtk? (
- gtk2? (
- x11-libs/gtk+:2
- vte? ( x11-libs/vte:0 )
- )
- !gtk2? (
- x11-libs/gtk+:3
- vte? ( x11-libs/vte:2.91 )
- )
- )
- infiniband? ( sys-fabric/librdmacm:=[static-libs(+)] )
- iscsi? ( net-libs/libiscsi )
- jpeg? ( virtual/jpeg:0=[static-libs(+)] )
- lzo? ( dev-libs/lzo:2[static-libs(+)] )
- ncurses? ( sys-libs/ncurses:0=[static-libs(+)] )
- nfs? ( >=net-fs/libnfs-1.9.3[static-libs(+)] )
- numa? ( sys-process/numactl[static-libs(+)] )
- opengl? (
- virtual/opengl
- media-libs/libepoxy[static-libs(+)]
- media-libs/mesa[static-libs(+)]
- media-libs/mesa[egl,gles2,gbm]
- )
- png? ( media-libs/libpng:0=[static-libs(+)] )
- pulseaudio? ( media-sound/pulseaudio )
- rbd? ( sys-cluster/ceph[static-libs(+)] )
- sasl? ( dev-libs/cyrus-sasl[static-libs(+)] )
- sdl? (
- !sdl2? (
- media-libs/libsdl[X]
- >=media-libs/libsdl-1.2.11[static-libs(+)]
- )
- sdl2? (
- media-libs/libsdl2[X]
- media-libs/libsdl2[static-libs(+)]
- )
- )
- seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] )
- smartcard? ( >=app-emulation/libcacard-2.5.0[static-libs(+)] )
- snappy? ( app-arch/snappy[static-libs(+)] )
- spice? (
- >=app-emulation/spice-protocol-0.12.3
- >=app-emulation/spice-0.12.0[static-libs(+)]
- )
- ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] )
- usb? ( >=virtual/libusb-1-r2[static-libs(+)] )
- usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] )
- uuid? ( >=sys-apps/util-linux-2.16.0[static-libs(+)] )
- vde? ( net-misc/vde[static-libs(+)] )
- virgl? ( media-libs/virglrenderer[static-libs(+)] )
- virtfs? ( sys-libs/libcap )
- xfs? ( sys-fs/xfsprogs[static-libs(+)] )"
-USER_LIB_DEPEND="${COMMON_LIB_DEPEND}"
-X86_FIRMWARE_DEPEND="
- >=sys-firmware/ipxe-1.0.0_p20130624
- pin-upstream-blobs? (
- ~sys-firmware/seabios-1.8.2
- ~sys-firmware/sgabios-0.1_pre8
- ~sys-firmware/vgabios-0.7a
- )
- !pin-upstream-blobs? (
- sys-firmware/seabios
- sys-firmware/sgabios
- sys-firmware/vgabios
- )"
-CDEPEND="
- !static-softmmu? ( $(printf "%s? ( ${SOFTMMU_LIB_DEPEND//\[static-libs(+)]} ) " ${use_softmmu_targets}) )
- !static-user? ( $(printf "%s? ( ${USER_LIB_DEPEND//\[static-libs(+)]} ) " ${use_user_targets}) )
- qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} )
- qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )
- python? ( ${PYTHON_DEPS} )
- systemtap? ( dev-util/systemtap )
- xen? ( app-emulation/xen-tools:= )"
-DEPEND="${CDEPEND}
- dev-lang/perl
- =dev-lang/python-2*
- sys-apps/texinfo
- virtual/pkgconfig
- kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 )
- gtk? ( nls? ( sys-devel/gettext ) )
- static-softmmu? ( $(printf "%s? ( ${SOFTMMU_LIB_DEPEND} ) " ${use_softmmu_targets}) )
- static-user? ( $(printf "%s? ( ${USER_LIB_DEPEND} ) " ${use_user_targets}) )
- test? (
- dev-libs/glib[utils]
- sys-devel/bc
- )"
-RDEPEND="${CDEPEND}
- selinux? ( sec-policy/selinux-qemu )
-"
-
-STRIP_MASK="/usr/share/qemu/palcode-clipper"
-
-QA_PREBUILT="
- usr/share/qemu/openbios-ppc
- usr/share/qemu/openbios-sparc64
- usr/share/qemu/openbios-sparc32
- usr/share/qemu/palcode-clipper
- usr/share/qemu/s390-ccw.img
- usr/share/qemu/u-boot.e500
-"
-
-QA_WX_LOAD="usr/bin/qemu-i386
- usr/bin/qemu-x86_64
- usr/bin/qemu-alpha
- usr/bin/qemu-arm
- usr/bin/qemu-cris
- usr/bin/qemu-m68k
- usr/bin/qemu-microblaze
- usr/bin/qemu-microblazeel
- usr/bin/qemu-mips
- usr/bin/qemu-mipsel
- usr/bin/qemu-or32
- usr/bin/qemu-ppc
- usr/bin/qemu-ppc64
- usr/bin/qemu-ppc64abi32
- usr/bin/qemu-sh4
- usr/bin/qemu-sh4eb
- usr/bin/qemu-sparc
- usr/bin/qemu-sparc64
- usr/bin/qemu-armeb
- usr/bin/qemu-sparc32plus
- usr/bin/qemu-s390x
- usr/bin/qemu-unicore32"
-
-DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure
-you have the kernel module loaded before running kvm. The easiest way to
-ensure that the kernel module is loaded is to load it on boot.\n
-For AMD CPUs the module is called 'kvm-amd'.\n
-For Intel CPUs the module is called 'kvm-intel'.\n
-Please review /etc/conf.d/modules for how to load these.\n\n
-Make sure your user is in the 'kvm' group\n
-Just run 'gpasswd -a <USER> kvm', then have <USER> re-login.\n\n
-For brand new installs, the default permissions on /dev/kvm might not let you
-access it. You can tell udev to reset ownership/perms:\n
-udevadm trigger -c add /dev/kvm"
-
-qemu_support_kvm() {
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386 \
- use qemu_softmmu_targets_ppc || use qemu_softmmu_targets_ppc64 \
- use qemu_softmmu_targets_s390x; then
- return 0
- fi
-
- return 1
-}
-
-pkg_pretend() {
- if use kernel_linux && kernel_is lt 2 6 25; then
- eerror "This version of KVM requres a host kernel of 2.6.25 or higher."
- elif use kernel_linux; then
- if ! linux_config_exists; then
- eerror "Unable to check your kernel for KVM support"
- else
- CONFIG_CHECK="~KVM ~TUN ~BRIDGE"
- ERROR_KVM="You must enable KVM in your kernel to continue"
- ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in"
- ERROR_KVM_AMD+=" your kernel configuration."
- ERROR_KVM_INTEL="If you have an Intel CPU, you must enable"
- ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration."
- ERROR_TUN="You will need the Universal TUN/TAP driver compiled"
- ERROR_TUN+=" into your kernel or loaded as a module to use the"
- ERROR_TUN+=" virtual network device if using -net tap."
- ERROR_BRIDGE="You will also need support for 802.1d"
- ERROR_BRIDGE+=" Ethernet Bridging for some network configurations."
- use vhost-net && CONFIG_CHECK+=" ~VHOST_NET"
- ERROR_VHOST_NET="You must enable VHOST_NET to have vhost-net"
- ERROR_VHOST_NET+=" support"
-
- if use amd64 || use x86 || use amd64-linux || use x86-linux; then
- CONFIG_CHECK+=" ~KVM_AMD ~KVM_INTEL"
- fi
-
- use python && CONFIG_CHECK+=" ~DEBUG_FS"
- ERROR_DEBUG_FS="debugFS support required for kvm_stat"
-
- # Now do the actual checks setup above
- check_extra_config
- fi
- fi
-
- if grep -qs '/usr/bin/qemu-kvm' "${EROOT}"/etc/libvirt/qemu/*.xml; then
- eerror "The kvm/qemu-kvm wrappers no longer exist, but your libvirt"
- eerror "instances are still pointing to it. Please update your"
- eerror "configs in /etc/libvirt/qemu/ to use the -enable-kvm flag"
- eerror "and the right system binary (e.g. qemu-system-x86_64)."
- die "update your virt configs to not use qemu-kvm"
- fi
-}
-
-pkg_setup() {
- enewgroup kvm 78
-}
-
-# Sanity check to make sure target lists are kept up-to-date.
-check_targets() {
- local var=$1 mak=$2
- local detected sorted
-
- pushd "${S}"/default-configs >/dev/null || die
-
- # Force C locale until glibc is updated. #564936
- detected=$(echo $(printf '%s\n' *-${mak}.mak | sed "s:-${mak}.mak::" | LC_COLLATE=C sort -u))
- sorted=$(echo $(printf '%s\n' ${!var} | LC_COLLATE=C sort -u))
- if [[ ${sorted} != "${detected}" ]] ; then
- eerror "The ebuild needs to be kept in sync."
- eerror "${var}: ${sorted}"
- eerror "$(printf '%-*s' ${#var} configure): ${detected}"
- die "sync ${var} to the list of targets"
- fi
-
- popd >/dev/null
-}
-
-handle_locales() {
- # Make sure locale list is kept up-to-date.
- local detected sorted
- detected=$(echo $(cd po && printf '%s\n' *.po | grep -v messages.po | sed 's:.po$::' | sort -u))
- sorted=$(echo $(printf '%s\n' ${PLOCALES} | sort -u))
- if [[ ${sorted} != "${detected}" ]] ; then
- eerror "The ebuild needs to be kept in sync."
- eerror "PLOCALES: ${sorted}"
- eerror " po/*.po: ${detected}"
- die "sync PLOCALES"
- fi
-
- # Deal with selective install of locales.
- if use nls ; then
- # Delete locales the user does not want. #577814
- rm_loc() { rm po/$1.po || die; }
- l10n_for_each_disabled_locale_do rm_loc
- else
- # Cheap hack to disable gettext .mo generation.
- rm -f po/*.po
- fi
-}
-
-src_prepare() {
- check_targets IUSE_SOFTMMU_TARGETS softmmu
- check_targets IUSE_USER_TARGETS linux-user
-
- # Alter target makefiles to accept CFLAGS set via flag-o
- sed -i -r \
- -e 's/^(C|OP_C|HELPER_C)FLAGS=/\1FLAGS+=/' \
- Makefile Makefile.target || die
-
- # Patching for musl
- epatch "${FILESDIR}"/${PN}-2.0.0-F_SHLCK-and-F_EXLCK.patch
- epatch "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
- epatch "${FILESDIR}"/${PN}-2.2.0-_sigev_un.patch
- epatch "${FILESDIR}"/${PN}-2.7.0-configure-ifunc.patch
-
- epatch "${FILESDIR}"/${PN}-2.5.0-cflags.patch
- epatch "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
-
- epatch "${FILESDIR}"/${P}-CVE-2016-6836.patch # bug 591242
- epatch "${FILESDIR}"/${P}-CVE-2016-7155.patch # bug 593034
- epatch "${FILESDIR}"/${P}-CVE-2016-7156.patch # bug 593036
- epatch "${FILESDIR}"/${P}-CVE-2016-7157-1.patch # bug 593038
- epatch "${FILESDIR}"/${P}-CVE-2016-7157-2.patch # bug 593038
- epatch "${FILESDIR}"/${P}-CVE-2016-7170.patch # bug 593284
- epatch "${FILESDIR}"/${P}-CVE-2016-7421.patch # bug 593950
- epatch "${FILESDIR}"/${P}-CVE-2016-7422.patch # bug 593956
- epatch "${FILESDIR}"/${P}-CVE-2016-7423.patch # bug 594368
- epatch "${FILESDIR}"/${P}-CVE-2016-7466.patch # bug 594520
- epatch "${FILESDIR}"/${P}-CVE-2016-7907.patch # bug 596048
- epatch "${FILESDIR}"/${P}-CVE-2016-7908.patch # bug 596049
- epatch "${FILESDIR}"/${P}-CVE-2016-7909.patch # bug 596048
- epatch "${FILESDIR}"/${P}-CVE-2016-7994-1.patch # bug 596738
- epatch "${FILESDIR}"/${P}-CVE-2016-7994-2.patch # bug 596738
- epatch "${FILESDIR}"/${P}-CVE-2016-8576.patch # bug 596752
- epatch "${FILESDIR}"/${P}-CVE-2016-8577.patch # bug 596776
- epatch "${FILESDIR}"/${P}-CVE-2016-8578.patch # bug 596774
- epatch "${FILESDIR}"/${P}-CVE-2016-8668.patch # bug 597110
- epatch "${FILESDIR}"/${P}-CVE-2016-8669-1.patch # bug 597108
- epatch "${FILESDIR}"/${P}-CVE-2016-8669-2.patch # bug 597108
- epatch "${FILESDIR}"/${P}-CVE-2016-8909.patch # bug 598044
- epatch "${FILESDIR}"/${P}-CVE-2016-8910.patch # bug 598046
- epatch "${FILESDIR}"/${P}-CVE-2016-9102.patch # bug 598328
- epatch "${FILESDIR}"/${P}-CVE-2016-9103.patch # bug 598328
- epatch "${FILESDIR}"/${P}-CVE-2016-9104.patch # bug 598328
- epatch "${FILESDIR}"/${P}-CVE-2016-9105.patch # bug 598328
- epatch "${FILESDIR}"/${P}-CVE-2016-9106.patch # bug 598772
-
- # Fix ld and objcopy being called directly
- tc-export AR LD OBJCOPY
-
- # Verbose builds
- MAKEOPTS+=" V=1"
-
- epatch_user
-
- # Run after we've applied all patches.
- handle_locales
-}
-
-##
-# configures qemu based on the build directory and the build type
-# we are using.
-#
-qemu_src_configure() {
- debug-print-function ${FUNCNAME} "$@"
-
- local buildtype=$1
- local builddir="${S}/${buildtype}-build"
- local static_flag="static-${buildtype}"
-
- mkdir "${builddir}"
-
- local conf_opts=(
- --prefix=/usr
- --sysconfdir=/etc
- --libdir=/usr/$(get_libdir)
- --docdir=/usr/share/doc/${PF}/html
- --disable-bsd-user
- --disable-guest-agent
- --disable-strip
- --disable-werror
- # We support gnutls/nettle for crypto operations. It is possible
- # to use gcrypt when gnutls/nettle are disabled (but not when they
- # are enabled), but it's not really worth the hassle. Disable it
- # all the time to avoid automatically detecting it. #568856
- --disable-gcrypt
- --python="${PYTHON}"
- --cc="$(tc-getCC)"
- --cxx="$(tc-getCXX)"
- --host-cc="$(tc-getBUILD_CC)"
- $(use_enable debug debug-info)
- $(use_enable debug debug-tcg)
- --enable-docs
- $(use_enable tci tcg-interpreter)
- $(use_enable xattr attr)
- )
-
- # Disable options not used by user targets as the default configure
- # options will autoprobe and try to link in a bunch of unused junk.
- conf_softmmu() {
- if [[ ${buildtype} == "user" ]] ; then
- echo "--disable-${2:-$1}"
- else
- use_enable "$@"
- fi
- }
- conf_opts+=(
- $(conf_softmmu accessibility brlapi)
- $(conf_softmmu aio linux-aio)
- $(conf_softmmu bzip2)
- $(conf_softmmu bluetooth bluez)
- $(conf_softmmu caps cap-ng)
- $(conf_softmmu curl)
- $(conf_softmmu fdt)
- $(conf_softmmu glusterfs)
- $(conf_softmmu gnutls)
- $(conf_softmmu gnutls nettle)
- $(conf_softmmu gtk)
- $(conf_softmmu infiniband rdma)
- $(conf_softmmu iscsi libiscsi)
- $(conf_softmmu jpeg vnc-jpeg)
- $(conf_softmmu kernel_linux kvm)
- $(conf_softmmu lzo)
- $(conf_softmmu ncurses curses)
- $(conf_softmmu nfs libnfs)
- $(conf_softmmu numa)
- $(conf_softmmu opengl)
- $(conf_softmmu png vnc-png)
- $(conf_softmmu rbd)
- $(conf_softmmu sasl vnc-sasl)
- $(conf_softmmu sdl)
- $(conf_softmmu seccomp)
- $(conf_softmmu smartcard)
- $(conf_softmmu snappy)
- $(conf_softmmu spice)
- $(conf_softmmu ssh libssh2)
- $(conf_softmmu usb libusb)
- $(conf_softmmu usbredir usb-redir)
- $(conf_softmmu uuid)
- $(conf_softmmu vde)
- $(conf_softmmu vhost-net)
- $(conf_softmmu virgl virglrenderer)
- $(conf_softmmu virtfs)
- $(conf_softmmu vnc)
- $(conf_softmmu vte)
- $(conf_softmmu xen)
- $(conf_softmmu xen xen-pci-passthrough)
- $(conf_softmmu xfs xfsctl)
- )
-
- case ${buildtype} in
- user)
- conf_opts+=(
- --enable-linux-user
- --disable-system
- --disable-blobs
- --disable-tools
- )
- ;;
- softmmu)
- # audio options
- local audio_opts="oss"
- use alsa && audio_opts="alsa,${audio_opts}"
- use sdl && audio_opts="sdl,${audio_opts}"
- use pulseaudio && audio_opts="pa,${audio_opts}"
-
- conf_opts+=(
- --disable-linux-user
- --enable-system
- --with-system-pixman
- --audio-drv-list="${audio_opts}"
- )
- use gtk && conf_opts+=( --with-gtkabi=$(usex gtk2 2.0 3.0) )
- use sdl && conf_opts+=( --with-sdlabi=$(usex sdl2 2.0 1.2) )
- ;;
- tools)
- conf_opts+=(
- --disable-linux-user
- --disable-system
- --disable-blobs
- $(use_enable bzip2)
- )
- static_flag="static"
- ;;
- esac
-
- local targets="${buildtype}_targets"
- [[ -n ${targets} ]] && conf_opts+=( --target-list="${!targets}" )
-
- # Add support for SystemTAP
- use systemtap && conf_opts+=( --enable-trace-backend=dtrace )
-
- # We always want to attempt to build with PIE support as it results
- # in a more secure binary. But it doesn't work with static or if
- # the current GCC doesn't have PIE support.
- if use ${static_flag}; then
- conf_opts+=( --static --disable-pie )
- else
- gcc-specs-pie && conf_opts+=( --enable-pie )
- fi
-
- echo "../configure ${conf_opts[*]}"
- cd "${builddir}"
- ../configure "${conf_opts[@]}" || die "configure failed"
-
- # FreeBSD's kernel does not support QEMU assigning/grabbing
- # host USB devices yet
- use kernel_FreeBSD && \
- sed -i -E -e "s|^(HOST_USB=)bsd|\1stub|" "${S}"/config-host.mak
-}
-
-src_configure() {
- local target
-
- python_setup
-
- softmmu_targets= softmmu_bins=()
- user_targets= user_bins=()
-
- for target in ${IUSE_SOFTMMU_TARGETS} ; do
- if use "qemu_softmmu_targets_${target}"; then
- softmmu_targets+=",${target}-softmmu"
- softmmu_bins+=( "qemu-system-${target}" )
- fi
- done
-
- for target in ${IUSE_USER_TARGETS} ; do
- if use "qemu_user_targets_${target}"; then
- user_targets+=",${target}-linux-user"
- user_bins+=( "qemu-${target}" )
- fi
- done
-
- softmmu_targets=${softmmu_targets#,}
- user_targets=${user_targets#,}
-
- [[ -n ${softmmu_targets} ]] && qemu_src_configure "softmmu"
- [[ -n ${user_targets} ]] && qemu_src_configure "user"
- [[ -z ${softmmu_targets}${user_targets} ]] && qemu_src_configure "tools"
-}
-
-src_compile() {
- if [[ -n ${user_targets} ]]; then
- cd "${S}/user-build"
- default
- fi
-
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- default
- fi
-
- if [[ -z ${softmmu_targets}${user_targets} ]]; then
- cd "${S}/tools-build"
- default
- fi
-}
-
-src_test() {
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- pax-mark m */qemu-system-* #515550
- emake -j1 check
- emake -j1 check-report.html
- fi
-}
-
-qemu_python_install() {
- python_domodule "${S}/scripts/qmp/qmp.py"
-
- python_doscript "${S}/scripts/kvm/vmxcap"
- python_doscript "${S}/scripts/qmp/qmp-shell"
- python_doscript "${S}/scripts/qmp/qemu-ga-client"
-}
-
-src_install() {
- if [[ -n ${user_targets} ]]; then
- cd "${S}/user-build"
- emake DESTDIR="${ED}" install
-
- # Install binfmt handler init script for user targets
- newinitd "${FILESDIR}/qemu-binfmt.initd-r1" qemu-binfmt
- fi
-
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- emake DESTDIR="${ED}" install
-
- # This might not exist if the test failed. #512010
- [[ -e check-report.html ]] && dohtml check-report.html
-
- if use kernel_linux; then
- udev_dorules "${FILESDIR}"/65-kvm.rules
- fi
-
- if use python; then
- python_foreach_impl qemu_python_install
- fi
- fi
-
- if [[ -z ${softmmu_targets}${user_targets} ]]; then
- cd "${S}/tools-build"
- emake DESTDIR="${ED}" install
- fi
-
- # Disable mprotect on the qemu binaries as they use JITs to be fast #459348
- pushd "${ED}"/usr/bin >/dev/null
- pax-mark m "${softmmu_bins[@]}" "${user_bins[@]}"
- popd >/dev/null
-
- # Install config file example for qemu-bridge-helper
- insinto "/etc/qemu"
- doins "${FILESDIR}/bridge.conf"
-
- # Remove the docdir placed qmp-commands.txt
- mv "${ED}/usr/share/doc/${PF}/html/qmp-commands.txt" "${S}/docs/" || die
-
- cd "${S}"
- dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt
- newdoc pc-bios/README README.pc-bios
- dodoc docs/qmp-*.txt
-
- if [[ -n ${softmmu_targets} ]]; then
- # Remove SeaBIOS since we're using the SeaBIOS packaged one
- rm "${ED}/usr/share/qemu/bios.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../seabios/bios.bin /usr/share/qemu/bios.bin
- fi
-
- # Remove vgabios since we're using the vgabios packaged one
- rm "${ED}/usr/share/qemu/vgabios.bin"
- rm "${ED}/usr/share/qemu/vgabios-cirrus.bin"
- rm "${ED}/usr/share/qemu/vgabios-qxl.bin"
- rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
- rm "${ED}/usr/share/qemu/vgabios-vmware.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../vgabios/vgabios.bin /usr/share/qemu/vgabios.bin
- dosym ../vgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
- dosym ../vgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
- dosym ../vgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
- dosym ../vgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
- fi
-
- # Remove sgabios since we're using the sgabios packaged one
- rm "${ED}/usr/share/qemu/sgabios.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../sgabios/sgabios.bin /usr/share/qemu/sgabios.bin
- fi
-
- # Remove iPXE since we're using the iPXE packaged one
- rm "${ED}"/usr/share/qemu/pxe-*.rom
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../ipxe/8086100e.rom /usr/share/qemu/pxe-e1000.rom
- dosym ../ipxe/80861209.rom /usr/share/qemu/pxe-eepro100.rom
- dosym ../ipxe/10500940.rom /usr/share/qemu/pxe-ne2k_pci.rom
- dosym ../ipxe/10222000.rom /usr/share/qemu/pxe-pcnet.rom
- dosym ../ipxe/10ec8139.rom /usr/share/qemu/pxe-rtl8139.rom
- dosym ../ipxe/1af41000.rom /usr/share/qemu/pxe-virtio.rom
- fi
- fi
-
- qemu_support_kvm && readme.gentoo_create_doc
-}
-
-pkg_postinst() {
- if qemu_support_kvm; then
- readme.gentoo_print_elog
- fi
-
- if [[ -n ${softmmu_targets} ]] && use kernel_linux; then
- udev_reload
- fi
-
- fcaps cap_net_admin /usr/libexec/qemu-bridge-helper
-}
-
-pkg_info() {
- echo "Using:"
- echo " $(best_version app-emulation/spice-protocol)"
- echo " $(best_version sys-firmware/ipxe)"
- echo " $(best_version sys-firmware/seabios)"
- if has_version 'sys-firmware/seabios[binary]'; then
- echo " USE=binary"
- else
- echo " USE=''"
- fi
- echo " $(best_version sys-firmware/vgabios)"
-}
diff --git a/app-emulation/qemu/qemu-2.7.1.ebuild b/app-emulation/qemu/qemu-2.8.0-r1.ebuild
similarity index 92%
rename from app-emulation/qemu/qemu-2.7.1.ebuild
rename to app-emulation/qemu/qemu-2.8.0-r1.ebuild
index 49087c8..006c657 100644
--- a/app-emulation/qemu/qemu-2.7.1.ebuild
+++ b/app-emulation/qemu/qemu-2.8.0-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2016 Gentoo Foundation
+# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI="5"
@@ -30,13 +30,13 @@ gnutls gtk gtk2 infiniband iscsi +jpeg \
kernel_linux kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs
+png pulseaudio python \
rbd sasl +seccomp sdl sdl2 selinux smartcard snappy spice ssh static static-softmmu
-static-user systemtap tci test +threads usb usbredir +uuid vde +vhost-net \
+static-user systemtap tci test +threads usb usbredir vde +vhost-net \
virgl virtfs +vnc vte xattr xen xfs"
COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel mips
-mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc sparc64 unicore32
+mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc sparc64
x86_64"
-IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS} lm32 moxie ppcemb tricore xtensa xtensaeb"
+IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS} lm32 moxie ppcemb tricore unicore32 xtensa xtensaeb"
IUSE_USER_TARGETS="${COMMON_TARGETS} armeb mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx"
use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
@@ -107,7 +107,7 @@ SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND}
virtual/opengl
media-libs/libepoxy[static-libs(+)]
media-libs/mesa[static-libs(+)]
- media-libs/mesa[egl,gles2,gbm]
+ media-libs/mesa[egl,gbm]
)
png? ( media-libs/libpng:0=[static-libs(+)] )
pulseaudio? ( media-sound/pulseaudio )
@@ -133,7 +133,6 @@ SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND}
ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] )
usb? ( >=virtual/libusb-1-r2[static-libs(+)] )
usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] )
- uuid? ( >=sys-apps/util-linux-2.16.0[static-libs(+)] )
vde? ( net-misc/vde[static-libs(+)] )
virgl? ( media-libs/virglrenderer[static-libs(+)] )
virtfs? ( sys-libs/libcap )
@@ -142,7 +141,7 @@ USER_LIB_DEPEND="${COMMON_LIB_DEPEND}"
X86_FIRMWARE_DEPEND="
>=sys-firmware/ipxe-1.0.0_p20130624
pin-upstream-blobs? (
- ~sys-firmware/seabios-1.8.2
+ ~sys-firmware/seabios-1.10.1
~sys-firmware/sgabios-0.1_pre8
~sys-firmware/vgabios-0.7a
)
@@ -332,35 +331,28 @@ src_prepare() {
Makefile Makefile.target || die
# Patching for musl
- epatch "${FILESDIR}"/${PN}-2.0.0-F_SHLCK-and-F_EXLCK.patch
+ epatch "${FILESDIR}"/${PN}-2.8.0-F_SHLCK-and-F_EXLCK.patch
epatch "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
epatch "${FILESDIR}"/${PN}-2.2.0-_sigev_un.patch
- epatch "${FILESDIR}"/${PN}-2.7.0-configure-ifunc.patch
epatch "${FILESDIR}"/${PN}-2.5.0-cflags.patch
epatch "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-6836.patch #591242
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-7156.patch #593036
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-7170.patch #593284
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-7422.patch #593956
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-7466.patch #594520
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-7907.patch #596048
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-7908.patch #596049
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-7909.patch #596048
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-7994-1.patch #596738
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-7994-2.patch #596738
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8576.patch #596752
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8577.patch #596776
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8578.patch #596774
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8668.patch #597110
epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8669-1.patch #597108
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8669-2.patch #597108
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8909.patch #598044
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-9102.patch #598328
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-9103.patch #598328
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-9104.patch #598328
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-9105.patch #598328
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-9106.patch #598772
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2016-9908.patch #601826
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2016-9912.patch #602630
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10028.patch #603444
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10155.patch #606720
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-2615.patch #608034
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-1.patch #606264
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-2.patch
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5552.patch #606722
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5578.patch #607000
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5579.patch #607100
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5667.patch #607766
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5856.patch #608036
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5857.patch #608038
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5898.patch #608520
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5931.patch #608728
# Fix ld and objcopy being called directly
tc-export AR LD OBJCOPY
@@ -453,7 +445,6 @@ qemu_src_configure() {
$(conf_softmmu ssh libssh2)
$(conf_softmmu usb libusb)
$(conf_softmmu usbredir usb-redir)
- $(conf_softmmu uuid)
$(conf_softmmu vde)
$(conf_softmmu vhost-net)
$(conf_softmmu virgl virglrenderer)
diff --git a/app-emulation/qemu/qemu-2.8.0.ebuild b/app-emulation/qemu/qemu-2.8.0.ebuild
index 4020d7c..2922f9d 100644
--- a/app-emulation/qemu/qemu-2.8.0.ebuild
+++ b/app-emulation/qemu/qemu-2.8.0.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2016 Gentoo Foundation
+# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI="5"
@@ -17,7 +17,7 @@ if [[ ${PV} = *9999* ]]; then
SRC_URI=""
else
SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
- KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd"
+ KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd"
fi
DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
@@ -30,7 +30,7 @@ gnutls gtk gtk2 infiniband iscsi +jpeg \
kernel_linux kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs
+png pulseaudio python \
rbd sasl +seccomp sdl sdl2 selinux smartcard snappy spice ssh static static-softmmu
-static-user systemtap tci test +threads usb usbredir +uuid vde +vhost-net \
+static-user systemtap tci test +threads usb usbredir vde +vhost-net \
virgl virtfs +vnc vte xattr xen xfs"
COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel mips
@@ -107,7 +107,7 @@ SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND}
virtual/opengl
media-libs/libepoxy[static-libs(+)]
media-libs/mesa[static-libs(+)]
- media-libs/mesa[egl,gles2,gbm]
+ media-libs/mesa[egl,gbm]
)
png? ( media-libs/libpng:0=[static-libs(+)] )
pulseaudio? ( media-sound/pulseaudio )
@@ -133,7 +133,6 @@ SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND}
ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] )
usb? ( >=virtual/libusb-1-r2[static-libs(+)] )
usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] )
- uuid? ( >=sys-apps/util-linux-2.16.0[static-libs(+)] )
vde? ( net-misc/vde[static-libs(+)] )
virgl? ( media-libs/virglrenderer[static-libs(+)] )
virtfs? ( sys-libs/libcap )
@@ -434,7 +433,6 @@ qemu_src_configure() {
$(conf_softmmu ssh libssh2)
$(conf_softmmu usb libusb)
$(conf_softmmu usbredir usb-redir)
- $(conf_softmmu uuid)
$(conf_softmmu vde)
$(conf_softmmu vhost-net)
$(conf_softmmu virgl virglrenderer)
next reply other threads:[~2017-02-13 6:46 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-13 6:46 Aric Belsito [this message]
-- strict thread matches above, loose matches on Subject: below --
2021-07-18 15:47 [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/ Jory Pratt
2021-05-17 13:24 Jory Pratt
2020-04-08 18:16 Anthony G. Basile
2019-03-27 1:43 Anthony G. Basile
2018-03-18 21:47 Aric Belsito
2017-12-21 23:25 Aric Belsito
2017-11-13 21:18 Aric Belsito
2017-09-02 20:16 Aric Belsito
2017-07-26 19:11 Aric Belsito
2017-05-06 21:26 Aric Belsito
2017-04-30 2:11 Aric Belsito
2017-04-25 16:36 Aric Belsito
2017-03-27 16:18 Aric Belsito
2017-02-21 18:20 Aric Belsito
2017-02-13 20:04 Aric Belsito
2017-01-03 22:34 Aric Belsito
2016-10-01 19:38 Felix Janda
2015-06-11 23:46 Anthony G. Basile
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1486968309.b610381e7567e3d26aa70587a1e173de4e1fa48f.lluixhi@gentoo \
--to=lluixhi@gmail.com \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox