[gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/

["Aric Belsito" <lluixhi@gmail.com>]

commit:     9cfda0474418190f9b569496d12a73e0e190c097
Author:     Aric Belsito <lluixhi <AT> gmail <DOT> com>
AuthorDate: Tue Apr 25 16:35:46 2017 +0000
Commit:     Aric Belsito <lluixhi <AT> gmail <DOT> com>
CommitDate: Tue Apr 25 16:35:46 2017 +0000
URL:        https://gitweb.gentoo.org/proj/musl.git/commit/?id=9cfda047

app-emulation/qemu: version bump to 2.9.0

 app-emulation/qemu/Manifest                        |  6 +-
 .../qemu/files/qemu-2.8.1-CVE-2017-7471.patch      | 64 ++++++++++++++++++++++
 .../qemu/files/qemu-2.8.1-CVE-2017-8086.patch      | 28 ++++++++++
 .../{qemu-2.8.1-r1.ebuild => qemu-2.8.1-r2.ebuild} |  6 +-
 .../{qemu-2.8.1-r1.ebuild => qemu-2.9.0.ebuild}    | 30 ++--------
 5 files changed, 106 insertions(+), 28 deletions(-)

diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
index 1b3ada7..412e105 100644
--- a/app-emulation/qemu/Manifest
+++ b/app-emulation/qemu/Manifest
@@ -28,11 +28,15 @@ AUX qemu-2.8.0-CVE-2017-6058.patch 3797 SHA256 06c01fcd53dab66af55df164f1616d148
 AUX qemu-2.8.0-CVE-2017-6505.patch 1481 SHA256 55e3b7e65e519caef4fdd28cccb973613759cce0d67eb64c2093b4f0a4e428e1 SHA512 5326f28a9340f392e4f32e4cd5f58cae0769859e10fd4d201983d40ec6b4d094d6a0cad2638e1e6f3e5228b93af26cc4f4a155e0d94bad89d0ea9b866f535aa7 WHIRLPOOL c88312cd5e779a98c905f175d61400ef7bb59795cc1e0392da0018a158a4c435ffa07f1e6a621db6eea925a0dbb986442eab4f79f956dc1955058fc97670f390
 AUX qemu-2.8.0-CVE-2017-7377.patch 1554 SHA256 36fbd8ec9fa7d910fde8b6b8905717b322bd23b50c2b2f925e1a2415ae306755 SHA512 195be1a75340c41aa89614aad8d07f2cf630eb10f3160cb8a86d85371ea9d7dcdbe9d49e9752ac3d6765c8d4c99c845408933b57cf21199f77ba09fcf79a02c8 WHIRLPOOL 8d7677ae3cfe18e34072ef23666c4658553a7d3b564d96e480ae432281d403242f2013d9fb189d473ab9c31def515401d22c04ba8e86d93d0369e95b1e371574
 AUX qemu-2.8.0-F_SHLCK-and-F_EXLCK.patch 574 SHA256 d02353daa0ecfe161e938a5e54feab641b901f4a35c8f5831133676a6f53f43f SHA512 6b64750335aae1142ca9132fb766ac2aaeacfcdda0aa0cfca19afc4c3ea3806e30ce603fcec3767e40e84efb0ae8b9a23f21d46c807c13bb646be74f99e13389 WHIRLPOOL 7401c3daf162c71a5a5c3729855fddb5df95609b34c86ea0f4d872c8f132d6ac089cfb35a990af70aef8b7b63fe075a1e2be376b6db09bc70e8d51e48aded354
+AUX qemu-2.8.1-CVE-2017-7471.patch 2310 SHA256 ae5129c0f278de155f69e3d306038fa259c28ecb09a623262362163b00de85cc SHA512 dd5c5bc8e5ee9eb27516276d53f78ecde00b4fe5debbbdd8db1c3a2f2ef663667598acbb3b95f220e709ed89e1a0077733ca4fc1cb2fa0eb0f700e9931ddd003 WHIRLPOOL c91ddbdbc685dc76efc417087d680751aaade178593ca96fbff7b8ae1e0d0bdb659faee676d31b606e16c4adf446632a8a9350a57a1ac049b7649bdc0c3b8cf0
+AUX qemu-2.8.1-CVE-2017-8086.patch 751 SHA256 ff6f3bc1a94861da633f9e5517dde6b2719e227773941e7c9651281c77216589 SHA512 84197e80d28322efaa327dc7ad3ffc5e8bf791d89255e8ac7d5c5e9cebba3786c4e21008cbfb704de5323554a9d3f0873068c0a06493d4ca3b7849523eab6212 WHIRLPOOL 73f88468ba89d8384c04ffa3af646c8b628f1fa52f27866095f84ea1241f421763699ae18553d835133de70d7f244d0638d83d15881e5a3858a1128b14a1bcf3
 AUX qemu-binfmt.initd.head 1445 SHA256 a9b4b1d1ffa82d572c01f14ebfbafb4b3a4c2eb5cad5af62c059f603a9f5a277 SHA512 a735268ae9ac84d8f2f2893bf018ee6de33231fa94a823bd8502b529bb456635c1ab5cf9b440df5ede8e414291f8bf45fc53898c2f3939c50d5ec4ffa554396a WHIRLPOOL 3ec0f916d5928d464fa8416c8eac472cfa01b560bba07642ff7929799918d1c8059ac7368ff5551e6aa993027849de08035d856db7981315d8e4ec470a0f785e
 AUX qemu-binfmt.initd.tail 245 SHA256 1b765f5212946b73b8e4d92f64d34a9d2e358ef541c02164f6d6dd93cb15e1e7 SHA512 bcca16805f8380d52cc591ea3d65a8f6e5de456730618f6aee301510edb75d235a22d4d7aeed224882210392840adb403eb53234b6cb76a4cb24533852a8b737 WHIRLPOOL 41ddd1751101646e700a6fe4ef879bd4149d646a801f97e40534051895697dcbded06a1edda51457a0d624fbf68442c3e57178a3ee8e683e35368b88d10ba4a4
 DIST qemu-2.8.0-CVE-2016-9602-patches.tar.xz 16264 SHA256 18ac829c6003a3f997db4030a46b422028c58fead158f0c5ffe36ad65acb84e0 SHA512 a56694d1600e4fd1ffd6bbe031a0db226fc5c88306797cc4e42d1dc6127b83d1791cb4e026988b3aad82eab84382e41077ae71e532d1d3489e179730185c0964 WHIRLPOOL 22057b001c478b2b0d97ad70393c973aefc6277d89bb5a1ae03c3c39b5182ddfbe541964761f512ed5735dc442e1f40d0a955ad5b270758e21ce815be86b24bd
 DIST qemu-2.8.0.tar.bz2 28368517 SHA256 dafd5d7f649907b6b617b822692f4c82e60cf29bc0fc58bc2036219b591e5e62 SHA512 50f2988d822388ba9fd1bf5dbe68359033ed7432d7f0f9790299f32f63faa6dc72979256b5632ba572d47ee3e74ed40e3e8e331dc6303ec1599f1b4367cb78c2 WHIRLPOOL 0ce4e0539657eb832e4039819e7360c792b6aa41c718f0e0d762f4933217f0d370af94b1d6d9776853575b4a6811d8c85db069bf09d21bd15399ac8b50440ff5
 DIST qemu-2.8.1.tar.bz2 28366270 SHA256 018e4c7ed22c220395cf41f835d01505e49d0e579a548bd3d72b03809442bbcd SHA512 0397b4029cdcb77ed053c44b3579a3f34894038e6fc6b4aa88de14515f5a78bf2f41c5e865f37111529f567c85d2f1c4deefae47dde54f76eac79410e5b2bdda WHIRLPOOL c41f53f18fac44efd1c81ba9d95204d23e9a70dc9c21624177be2fe92a327428fd5704b25bc334229fa36ae395fb4c82ba3955db39719c4458343978a4d3141a
+DIST qemu-2.9.0.tar.bz2 28720490 SHA256 00bfb217b1bb03c7a6c3261b819cfccbfb5a58e3e2ceff546327d271773c6c14 SHA512 4b28966eec0ca44681e35fcfb64a4eaef7c280b8d65c91d03f2efa37f76278fd8c1680e5798c7a30dbfcc8f3c05f4a803f48b8a2dfec3a4181bac079b2a5e422 WHIRLPOOL d79fe89eb271a56aee0cbd328e5f96999176b711afb5683d164b7b99d91e6dd2bfaf6e2ff4cd820a941c94f28116765cb07ffd5809d75c2f9654a67d56bfc0c1
 EBUILD qemu-2.8.0-r10.ebuild 23278 SHA256 c94a06a16fb45995d37e0bfa62dc742601c169156d30b97456d923856693efd1 SHA512 ebd5ea426efc57bb2eb78489049f212e11eb4ab70d23418ad7c04c3161a749ec638edcdd39355107762915c4f13079a3dc1555c58f3d696cd286a9fd6bd25491 WHIRLPOOL 94c220281705e2d6414a7d52b8f93373ae193f0095c88fd76d9e0b10f7a11266e3350d3b354651f87c094a3cf63e12b9374beefb839a1a9f0d17f92732786a01
-EBUILD qemu-2.8.1-r1.ebuild 22805 SHA256 067a0713f27ed9aa1a44465dc1d1ec7664f2f539cbe6f8b8572423f97b6b5529 SHA512 ddd47ad7f5ee26eb0e60217bcb821bd67d7f6e99700b99a77b3633b76ff68686514d0186c0bc271bcba3343f9afbc70be4543f644ce434bc40c961033b4ad8c5 WHIRLPOOL 458dd42f06f89db818da2eb4817fcaad7b1ed4d25dff863ab6e05523025d61a95fbf6a63fe7ca213334d80178a3705918f0ff4d9318d8fcd11c329edbbd6ab3c
+EBUILD qemu-2.8.1-r2.ebuild 22910 SHA256 69bab6142f0850f44a29f22529f6f9e9bf2423b1fb983df57087f4ca60d35cd0 SHA512 91176de504a48641caa2417bee138ef319917474565243d719322cbc47310c10fc6098029e634a82904badfd7c1a11b1976fc839ef999508531a7c5755fab2d8 WHIRLPOOL 14470c66e8d40ba5e3a92993fcf2c75bb73cb434d511ebee20d649ed367bb3d50f1d5294cb19ba3e19dc0d419f02e06957242648dff958bb6a2fa1746b45e977
+EBUILD qemu-2.9.0.ebuild 21726 SHA256 aafaa57f957ec9b7bb413da091c62fcb09f0573913baae15c53e2e9b15bfc9c9 SHA512 d67884745e6be21a2cdb8611ef818ae5c42aa847721d9b0ba49e8cdfc0d58cfda660ac7befdcef63d80ecd27b9963f7c21aebdb271d1b7271ac63ee46219900b WHIRLPOOL b59ff23f60bd3f82ce48c003718e2d8b35e7d0ffb03670eb3d6bc7833ca00e70117ba3312d7a369cbd169cb1e8fa987c0e91f7948ea25ca6f43be05d48521e0d
 MISC metadata.xml 3794 SHA256 149f7bc9927e13bbf7355972e85df6f9f198dd17fb575a7e516817d6a88018fb SHA512 10f130f225b90dacf8262247d795a247abfdcbf3ad5fbe0693e8d4db79f755984f690cb150a7eb5a8e5d669ce404145c4fbb6b200d6362319be74759fd78b6d3 WHIRLPOOL 6a5e88caeb64387f619a19fecb55c39ccf3c8dcd360523e8d61b80051001c02fe81432c55e40b3f360295b35e9f5a1f707c570baf95cad06d18c4cd484da0ceb

diff --git a/app-emulation/qemu/files/qemu-2.8.1-CVE-2017-7471.patch b/app-emulation/qemu/files/qemu-2.8.1-CVE-2017-7471.patch
new file mode 100644
index 0000000..c5366f5
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.1-CVE-2017-7471.patch
@@ -0,0 +1,64 @@
+From 9c6b899f7a46893ab3b671e341a2234e9c0c060e Mon Sep 17 00:00:00 2001
+From: Greg Kurz <groug@kaod.org>
+Date: Mon, 17 Apr 2017 10:53:23 +0200
+Subject: [PATCH] 9pfs: local: set the path of the export root to "."
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The local backend was recently converted to using "at*()" syscalls in order
+to ensure all accesses happen below the shared directory. This requires that
+we only pass relative paths, otherwise the dirfd argument to the "at*()"
+syscalls is ignored and the path is treated as an absolute path in the host.
+This is actually the case for paths in all fids, with the notable exception
+of the root fid, whose path is "/". This causes the following backend ops to
+act on the "/" directory of the host instead of the virtfs shared directory
+when the export root is involved:
+- lstat
+- chmod
+- chown
+- utimensat
+
+ie, chmod /9p_mount_point in the guest will be converted to chmod / in the
+host for example. This could cause security issues with a privileged QEMU.
+
+All "*at()" syscalls are being passed an open file descriptor. In the case
+of the export root, this file descriptor points to the path in the host that
+was passed to -fsdev.
+
+The fix is thus as simple as changing the path of the export root fid to be
+"." instead of "/".
+
+This is CVE-2017-7471.
+
+Cc: qemu-stable@nongnu.org
+Reported-by: Léo Gaspard <leo@gaspard.io>
+Signed-off-by: Greg Kurz <groug@kaod.org>
+Reviewed-by: Eric Blake <eblake@redhat.com>
+Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
+---
+ hw/9pfs/9p-local.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
+index 45e9a1f..f3ebca4 100644
+--- a/hw/9pfs/9p-local.c
++++ b/hw/9pfs/9p-local.c
+@@ -1098,8 +1098,13 @@ static int local_name_to_path(FsContext *ctx, V9fsPath *dir_path,
+ {
+     if (dir_path) {
+         v9fs_path_sprintf(target, "%s/%s", dir_path->data, name);
+-    } else {
++    } else if (strcmp(name, "/")) {
+         v9fs_path_sprintf(target, "%s", name);
++    } else {
++        /* We want the path of the export root to be relative, otherwise
++         * "*at()" syscalls would treat it as "/" in the host.
++         */
++        v9fs_path_sprintf(target, "%s", ".");
+     }
+     return 0;
+ }
+-- 
+2.10.2
+

diff --git a/app-emulation/qemu/files/qemu-2.8.1-CVE-2017-8086.patch b/app-emulation/qemu/files/qemu-2.8.1-CVE-2017-8086.patch
new file mode 100644
index 0000000..eac72f3
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.1-CVE-2017-8086.patch
@@ -0,0 +1,28 @@
+From 4ffcdef4277a91af15a3c09f7d16af072c29f3f2 Mon Sep 17 00:00:00 2001
+From: Li Qiang <liq3ea@gmail.com>
+Date: Fri, 7 Apr 2017 03:48:52 -0700
+Subject: [PATCH] 9pfs: xattr: fix memory leak in v9fs_list_xattr
+
+Free 'orig_value' in error path.
+
+Signed-off-by: Li Qiang <liqiang6-s@360.cn>
+Signed-off-by: Greg Kurz <groug@kaod.org>
+---
+ hw/9pfs/9p-xattr.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/hw/9pfs/9p-xattr.c b/hw/9pfs/9p-xattr.c
+index eec160b..d05c1a1 100644
+--- a/hw/9pfs/9p-xattr.c
++++ b/hw/9pfs/9p-xattr.c
+@@ -108,6 +108,7 @@ ssize_t v9fs_list_xattr(FsContext *ctx, const char *path,
+     g_free(name);
+     close_preserve_errno(dirfd);
+     if (xattr_len < 0) {
++        g_free(orig_value);
+         return -1;
+     }
+ 
+-- 
+2.10.2
+

diff --git a/app-emulation/qemu/qemu-2.8.1-r1.ebuild b/app-emulation/qemu/qemu-2.8.1-r2.ebuild
similarity index 99%
copy from app-emulation/qemu/qemu-2.8.1-r1.ebuild
copy to app-emulation/qemu/qemu-2.8.1-r2.ebuild
index d4f9c15..fa8727b 100644
--- a/app-emulation/qemu/qemu-2.8.1-r1.ebuild
+++ b/app-emulation/qemu/qemu-2.8.1-r2.ebuild
@@ -29,8 +29,8 @@ IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt
 	glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux
 	kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png
 	pulseaudio python rbd sasl +seccomp sdl sdl2 selinux smartcard snappy
-	spice ssh static static-user systemtap tci test +threads usb usbredir
-	vde +vhost-net virgl virtfs +vnc vte xattr xen xfs"
+	spice ssh static static-user systemtap tci test usb usbredir vde
+	+vhost-net virgl virtfs +vnc vte xattr xen xfs"
 
 COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel
 	mips mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc
@@ -213,6 +213,8 @@ PATCHES=(
 	"${FILESDIR}"/${PN}-2.8.0-CVE-2017-5987.patch   #609398
 	"${FILESDIR}"/${PN}-2.8.0-CVE-2017-6505.patch   #612220
 	"${FILESDIR}"/${PN}-2.8.0-CVE-2017-7377.patch   #614744
+	"${FILESDIR}"/${PN}-2.8.1-CVE-2017-7471.patch   #616484
+	"${FILESDIR}"/${PN}-2.8.1-CVE-2017-8086.patch   #616460
 )
 
 STRIP_MASK="/usr/share/qemu/palcode-clipper"

diff --git a/app-emulation/qemu/qemu-2.8.1-r1.ebuild b/app-emulation/qemu/qemu-2.9.0.ebuild
similarity index 94%
rename from app-emulation/qemu/qemu-2.8.1-r1.ebuild
rename to app-emulation/qemu/qemu-2.9.0.ebuild
index d4f9c15..3da97fe 100644
--- a/app-emulation/qemu/qemu-2.8.1-r1.ebuild
+++ b/app-emulation/qemu/qemu-2.9.0.ebuild
@@ -29,16 +29,16 @@ IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt
 	glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux
 	kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png
 	pulseaudio python rbd sasl +seccomp sdl sdl2 selinux smartcard snappy
-	spice ssh static static-user systemtap tci test +threads usb usbredir
-	vde +vhost-net virgl virtfs +vnc vte xattr xen xfs"
+	spice ssh static static-user systemtap tci test usb usbredir vde
+	+vhost-net virgl virtfs +vnc vte xattr xen xfs"
 
 COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel
-	mips mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc
+	mips mips64 mips64el mipsel nios2 or1k ppc ppc64 s390x sh4 sh4eb sparc
 	sparc64 x86_64"
 IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS}
 	lm32 moxie ppcemb tricore unicore32 xtensa xtensaeb"
 IUSE_USER_TARGETS="${COMMON_TARGETS}
-	armeb mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx"
+	armeb hppa mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx"
 
 use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
 use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS})
@@ -196,23 +196,6 @@ PATCHES=(
 	# gentoo patches
 	"${FILESDIR}"/${PN}-2.5.0-cflags.patch
 	"${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
-	"${FILESDIR}"/${PN}-2.7.0-CVE-2016-8669-1.patch #597108
-	"${FILESDIR}"/${PN}-2.8.0-CVE-2016-9908.patch   #601826
-	"${FILESDIR}"/${PN}-2.8.0-CVE-2016-9912.patch   #602630
-	"${FILESDIR}"/${PN}-2.8.0-CVE-2016-10028.patch  #603444
-	"${FILESDIR}"/${PN}-2.8.0-CVE-2016-10155.patch  #606720
-	"${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-1.patch #606264
-	"${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-2.patch
-	"${FILESDIR}"/${PN}-2.8.0-CVE-2017-5552.patch   #606722
-	"${FILESDIR}"/${PN}-2.8.0-CVE-2017-5578.patch   #607000
-	"${FILESDIR}"/${PN}-2.8.0-CVE-2017-5579.patch   #607100
-	"${FILESDIR}"/${PN}-2.8.0-CVE-2017-5856.patch   #608036
-	"${FILESDIR}"/${PN}-2.8.0-CVE-2017-5857.patch   #608038
-	"${FILESDIR}"/${PN}-2.8.0-CVE-2017-5898.patch   #608520
-	"${FILESDIR}"/${PN}-2.8.0-CVE-2017-5973.patch   #609334
-	"${FILESDIR}"/${PN}-2.8.0-CVE-2017-5987.patch   #609398
-	"${FILESDIR}"/${PN}-2.8.0-CVE-2017-6505.patch   #612220
-	"${FILESDIR}"/${PN}-2.8.0-CVE-2017-7377.patch   #614744
 )
 
 STRIP_MASK="/usr/share/qemu/palcode-clipper"
@@ -235,7 +218,7 @@ QA_WX_LOAD="usr/bin/qemu-i386
 	usr/bin/qemu-microblazeel
 	usr/bin/qemu-mips
 	usr/bin/qemu-mipsel
-	usr/bin/qemu-or32
+	usr/bin/qemu-or1k
 	usr/bin/qemu-ppc
 	usr/bin/qemu-ppc64
 	usr/bin/qemu-ppc64abi32
@@ -692,9 +675,6 @@ src_install() {
 	insinto "/etc/qemu"
 	doins "${FILESDIR}/bridge.conf"
 
-	# Remove the docdir placed qmp-commands.txt
-	mv "${ED}/usr/share/doc/${PF}/html/qmp-commands.txt" "${S}/docs/" || die
-
 	cd "${S}"
 	dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt
 	newdoc pc-bios/README README.pc-bios