[gentoo-commits] repo/gentoo:master commit in: app-emulation/qemu/, app-emulation/qemu/files/

["Matthias Maier" <tamiko@gentoo.org>]

commit:     40e4d2a3c32609b313962224ee9d2a96075734b8
Author:     Matthias Maier <tamiko <AT> gentoo <DOT> org>
AuthorDate: Wed Dec 19 21:11:21 2018 +0000
Commit:     Matthias Maier <tamiko <AT> gentoo <DOT> org>
CommitDate: Wed Dec 19 21:46:41 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=40e4d2a3

app-emulation/qemu: version bump to 3.1.0

 - use RESTRICT=strip, bug #651422

 - switch to tar.xz, bug #666726

 - add missing use constraints, bug #664474

   qemu_softmmu_targets_riscv32? ( fdt )
   qemu_softmmu_targets_riscv64? ( fdt )

 - 3.1.0 already contains patches for CVE-2018-15746

 - applied patch for CVE-2018-20123

 - disable bt subsystem entirely as a "workaround" for CVE-2018-19665.

   Upstream deprecated the subsystem in November and states that it had
   been dysfunctional for years with likely no users.

Bug: https://bugs.gentoo.org/664740
Bug: https://bugs.gentoo.org/672346
Bug: https://bugs.gentoo.org/673108
Closes: https://bugs.gentoo.org/651422
Closes: https://bugs.gentoo.org/664474
Closes: https://bugs.gentoo.org/666726
Package-Manager: Portage-2.3.52, Repoman-2.3.12
Signed-off-by: Matthias Maier <tamiko <AT> gentoo.org>

 app-emulation/qemu/Manifest                        |  1 +
 .../qemu/files/qemu-3.1.0-CVE-2018-20123.patch     | 35 ++++++++++++++++++++++
 app-emulation/qemu/files/qemu-binfmt.initd.head    |  2 +-
 app-emulation/qemu/qemu-2.12.0-r3.ebuild           |  2 +-
 app-emulation/qemu/qemu-2.12.1.ebuild              |  2 +-
 .../{qemu-2.12.0-r3.ebuild => qemu-3.1.0.ebuild}   | 28 +++++++++--------
 6 files changed, 54 insertions(+), 16 deletions(-)

diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
index 0146a02dfc3..fa80aeeb8bf 100644
--- a/app-emulation/qemu/Manifest
+++ b/app-emulation/qemu/Manifest
@@ -3,3 +3,4 @@ DIST qemu-2.12.0.tar.bz2 41196232 BLAKE2B f258e570558249ea647c3571908f90b8bacdce
 DIST qemu-2.12.1-patches-r1.tar.xz 3648 BLAKE2B 07908004d0b56e60274cb59d4163770290d8fa6e31646e7d96db08427a219638ac53bdd988c9557471b95321a72982d740a29778d843652274a126737a0a6c00 SHA512 1c7768c14a8e168053f0322554214ba59932a9fa23c982b06dbb1b8fdcfc280ae1d97b20244600f357485bfbcb9ad8bd7968787550c8a4e5e243ac8502eff05e
 DIST qemu-2.12.1.tar.bz2 41192583 BLAKE2B ff903a5850e406ab542ad1a84300852599fa9c199e0f3290e4d6ddad5284192577351278a18dd5706463b08e817b49340989a35987a04672f7cede2097d1d18d SHA512 4c85e6180bf7ec61c0bdddb20e104a7c93fe6b1de27f6aa50d75633eb78491cb844798a9e3f536245eff7b4ebe9a6227f5f66b418ced44095b8e59c5cb33d4cd
 DIST qemu-3.0.0.tar.bz2 41491935 BLAKE2B 715ccca4fced730425eb5c24a78d89d2ab59f64007e0fc199d78c31c6ab72b5a0dbcf1840f214774c711d679c4166996790e93b2416c7d4f323d5b93ffa862ac SHA512 b82b78a063d60fa1372d9400934b47250138c438050d974113b1b2ea433eea0531be6cda1e82d14fcb3bc4ed35657703f62d9aedc095cb8d64badc65c3609ee5
+DIST qemu-3.1.0.tar.xz 36070104 BLAKE2B 9ed7d1b3256d84f2b73d61763e20f5e4bc5b47d56e4e0d56cf4c29cd25669457b0f08e90d7255589c9666400bb310df3dba3b9290232cad18057b20f08013a3b SHA512 7e8dae823937cfac2f0c60406bd3bdcb89df40313dab2a4bed327d5198f7fcc68ac8b31e44692caa09299cc71256ee0b8c17e4f49f78ada8043d424f5daf82fe

diff --git a/app-emulation/qemu/files/qemu-3.1.0-CVE-2018-20123.patch b/app-emulation/qemu/files/qemu-3.1.0-CVE-2018-20123.patch
new file mode 100644
index 00000000000..a021a6a970d
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-3.1.0-CVE-2018-20123.patch
@@ -0,0 +1,35 @@
+From: Prasad J Pandit <address@hidden>
+
+If during pvrdma device initialisation an error occurs,
+pvrdma_realize() does not release memory resources, leading
+to memory leakage.
+
+Reported-by: Li Qiang <address@hidden>
+Signed-off-by: Prasad J Pandit <address@hidden>
+---
+ hw/rdma/vmw/pvrdma_main.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/hw/rdma/vmw/pvrdma_main.c b/hw/rdma/vmw/pvrdma_main.c
+index 8a03ab4669..b65f8662df 100644
+--- a/hw/rdma/vmw/pvrdma_main.c
++++ b/hw/rdma/vmw/pvrdma_main.c
+@@ -579,7 +579,7 @@ static void pvrdma_shutdown_notifier(Notifier *n, void *opaque)
+ 
+ static void pvrdma_realize(PCIDevice *pdev, Error **errp)
+ {
+-    int rc;
++    int rc = 0;
+     PVRDMADev *dev = PVRDMA_DEV(pdev);
+     Object *memdev_root;
+     bool ram_shared = false;
+@@ -655,6 +655,7 @@ static void pvrdma_realize(PCIDevice *pdev, Error **errp)
+ 
+ out:
+     if (rc) {
++        pvrdma_fini(pdev);
+         error_append_hint(errp, "Device fail to load\n");
+     }
+ }
+-- 
+2.19.2

diff --git a/app-emulation/qemu/files/qemu-binfmt.initd.head b/app-emulation/qemu/files/qemu-binfmt.initd.head
index 858d5d74538..832ddb0b8e5 100644
--- a/app-emulation/qemu/files/qemu-binfmt.initd.head
+++ b/app-emulation/qemu/files/qemu-binfmt.initd.head
@@ -1,5 +1,5 @@
 #!/sbin/openrc-run
-# Copyright 1999-2017 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 # Enable automatic non-native program execution by the kernel.

diff --git a/app-emulation/qemu/qemu-2.12.0-r3.ebuild b/app-emulation/qemu/qemu-2.12.0-r3.ebuild
index e3243c485e2..3fb0b9f307f 100644
--- a/app-emulation/qemu/qemu-2.12.0-r3.ebuild
+++ b/app-emulation/qemu/qemu-2.12.0-r3.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI="6"

diff --git a/app-emulation/qemu/qemu-2.12.1.ebuild b/app-emulation/qemu/qemu-2.12.1.ebuild
index df4ccb5617b..55529b0483c 100644
--- a/app-emulation/qemu/qemu-2.12.1.ebuild
+++ b/app-emulation/qemu/qemu-2.12.1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI="6"

diff --git a/app-emulation/qemu/qemu-2.12.0-r3.ebuild b/app-emulation/qemu/qemu-3.1.0.ebuild
similarity index 97%
copy from app-emulation/qemu/qemu-2.12.0-r3.ebuild
copy to app-emulation/qemu/qemu-3.1.0.ebuild
index e3243c485e2..d95a0da86e9 100644
--- a/app-emulation/qemu/qemu-2.12.0-r3.ebuild
+++ b/app-emulation/qemu/qemu-3.1.0.ebuild
@@ -1,9 +1,9 @@
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI="6"
 
-PYTHON_COMPAT=( python{2_7,3_4,3_5,3_6} )
+PYTHON_COMPAT=( python{2_7,3_4,3_5,3_6,3_7} )
 PYTHON_REQ_USE="ncurses,readline"
 
 PLOCALES="bg de_DE fr_FR hu it tr zh_CN"
@@ -18,11 +18,11 @@ if [[ ${PV} = *9999* ]]; then
 	inherit git-r3
 	SRC_URI=""
 else
-	SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
-	KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd"
+	SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.xz"
+	KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd"
 
 	# Gentoo specific patchsets:
-	SRC_URI+=" https://dev.gentoo.org/~tamiko/distfiles/${P}-patches-r5.tar.xz"
+	#SRC_URI+=" https://dev.gentoo.org/~tamiko/distfiles/${P}-patches-r1.tar.xz"
 fi
 
 DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
@@ -30,13 +30,15 @@ HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
 
 LICENSE="GPL-2 LGPL-2 BSD-2"
 SLOT="0"
-IUSE="accessibility +aio alsa bluetooth bzip2 capstone +caps +curl debug
+IUSE="accessibility +aio alsa bzip2 capstone +caps +curl debug
 	+fdt glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux
 	kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png
 	pulseaudio python rbd sasl +seccomp sdl sdl2 selinux smartcard snappy
 	spice ssh static static-user systemtap tci test usb usbredir vde
 	+vhost-net virgl virtfs +vnc vte xattr xen xfs"
 
+RESTRICT=strip
+
 COMMON_TARGETS="aarch64 alpha arm cris hppa i386 m68k microblaze microblazeel
 	mips mips64 mips64el mipsel nios2 or1k ppc ppc64 riscv32 riscv64 s390x
 	sh4 sh4eb sparc sparc64 x86_64 xtensa xtensaeb"
@@ -57,10 +59,12 @@ REQUIRED_USE="${PYTHON_REQUIRED_USE}
 	qemu_softmmu_targets_arm? ( fdt )
 	qemu_softmmu_targets_microblaze? ( fdt )
 	qemu_softmmu_targets_mips64el? ( fdt )
-	qemu_softmmu_targets_ppc? ( fdt )
 	qemu_softmmu_targets_ppc64? ( fdt )
+	qemu_softmmu_targets_ppc? ( fdt )
+	qemu_softmmu_targets_riscv32? ( fdt )
+	qemu_softmmu_targets_riscv64? ( fdt )
 	sdl2? ( sdl )
-	static? ( static-user !alsa !bluetooth !gtk !gtk2 !opengl !pulseaudio !snappy )
+	static? ( static-user !alsa !gtk !gtk2 !opengl !pulseaudio !snappy )
 	virtfs? ( xattr )
 	vte? ( gtk )"
 
@@ -91,7 +95,6 @@ SOFTMMU_TOOLS_DEPEND="
 	)
 	aio? ( dev-libs/libaio[static-libs(+)] )
 	alsa? ( >=media-libs/alsa-lib-1.0.13 )
-	bluetooth? ( net-wireless/bluez )
 	bzip2? ( app-arch/bzip2[static-libs(+)] )
 	capstone? ( dev-libs/capstone )
 	caps? ( sys-libs/libcap-ng[static-libs(+)] )
@@ -217,11 +220,10 @@ PATCHES=(
 	"${FILESDIR}"/${PN}-2.5.0-cflags.patch
 	"${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
 	"${FILESDIR}"/${PN}-2.11.1-capstone_include_path.patch
-	"${WORKDIR}"/patches
+	"${FILESDIR}"/${PN}-3.1.0-CVE-2018-20123.patch
+	#"${WORKDIR}"/patches
 )
 
-STRIP_MASK="/usr/share/qemu/palcode-clipper"
-
 QA_PREBUILT="
 	usr/share/qemu/hppa-firmware.img
 	usr/share/qemu/openbios-ppc
@@ -441,10 +443,10 @@ qemu_src_configure() {
 		fi
 	}
 	conf_opts+=(
+		--disable-bluez
 		$(conf_notuser accessibility brlapi)
 		$(conf_notuser aio linux-aio)
 		$(conf_notuser bzip2)
-		$(conf_notuser bluetooth bluez)
 		$(conf_notuser capstone)
 		$(conf_notuser caps cap-ng)
 		$(conf_notuser curl)