gentoo resync : 15.02.2018

4 files changed, 78 insertions, 112 deletions

diff --git a/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15268.patch b/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15268.patch
deleted file mode 100644
index 7d08b32b0272..000000000000
--- a/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15268.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-From a7b20a8efa28e5f22c26c06cd06c2f12bc863493 Mon Sep 17 00:00:00 2001
-From: "Daniel P. Berrange" <berrange@redhat.com>
-Date: Mon, 9 Oct 2017 14:43:42 +0100
-Subject: [PATCH] io: monitor encoutput buffer size from websocket GSource
-
-The websocket GSource is monitoring the size of the rawoutput
-buffer to determine if the channel can accepts more writes.
-The rawoutput buffer, however, is merely a temporary staging
-buffer before data is copied into the encoutput buffer. Thus
-its size will always be zero when the GSource runs.
-
-This flaw causes the encoutput buffer to grow without bound
-if the other end of the underlying data channel doesn't
-read data being sent. This can be seen with VNC if a client
-is on a slow WAN link and the guest OS is sending many screen
-updates. A malicious VNC client can act like it is on a slow
-link by playing a video in the guest and then reading data
-very slowly, causing QEMU host memory to expand arbitrarily.
-
-This issue is assigned CVE-2017-15268, publically reported in
-
-  https://bugs.launchpad.net/qemu/+bug/1718964
-
-Reviewed-by: Eric Blake <eblake@redhat.com>
-Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
----
- io/channel-websock.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/io/channel-websock.c b/io/channel-websock.c
-index d1d471f86e..04bcc059cd 100644
---- a/io/channel-websock.c
-+++ b/io/channel-websock.c
-@@ -28,7 +28,7 @@
- #include <time.h>
- 
- 
--/* Max amount to allow in rawinput/rawoutput buffers */
-+/* Max amount to allow in rawinput/encoutput buffers */
- #define QIO_CHANNEL_WEBSOCK_MAX_BUFFER 8192
- 
- #define QIO_CHANNEL_WEBSOCK_CLIENT_KEY_LEN 24
-@@ -1208,7 +1208,7 @@ qio_channel_websock_source_check(GSource *source)
-     if (wsource->wioc->rawinput.offset || wsource->wioc->io_eof) {
-         cond |= G_IO_IN;
-     }
--    if (wsource->wioc->rawoutput.offset < QIO_CHANNEL_WEBSOCK_MAX_BUFFER) {
-+    if (wsource->wioc->encoutput.offset < QIO_CHANNEL_WEBSOCK_MAX_BUFFER) {
-         cond |= G_IO_OUT;
-     }
- 
--- 
-2.13.6
-
diff --git a/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15289.patch b/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15289.patch
deleted file mode 100644
index a4ad2d5e4359..000000000000
--- a/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15289.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-From eb38e1bc3740725ca29a535351de94107ec58d51 Mon Sep 17 00:00:00 2001
-From: Gerd Hoffmann <kraxel@redhat.com>
-Date: Wed, 11 Oct 2017 10:43:14 +0200
-Subject: [PATCH] cirrus: fix oob access in mode4and5 write functions
-
-Move dst calculation into the loop, so we apply the mask on each
-interation and will not overflow vga memory.
-
-Cc: Prasad J Pandit <pjp@fedoraproject.org>
-Reported-by: Niu Guoxiang <niuguoxiang@huawei.com>
-Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
-Message-id: 20171011084314.21752-1-kraxel@redhat.com
----
- hw/display/cirrus_vga.c | 6 ++----
- 1 file changed, 2 insertions(+), 4 deletions(-)
-
-diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
-index b4d579857a..bc32bf1e39 100644
---- a/hw/display/cirrus_vga.c
-+++ b/hw/display/cirrus_vga.c
-@@ -2038,15 +2038,14 @@ static void cirrus_mem_writeb_mode4and5_8bpp(CirrusVGAState * s,
-     unsigned val = mem_value;
-     uint8_t *dst;
- 
--    dst = s->vga.vram_ptr + (offset &= s->cirrus_addr_mask);
-     for (x = 0; x < 8; x++) {
-+        dst = s->vga.vram_ptr + ((offset + x) & s->cirrus_addr_mask);
- 	if (val & 0x80) {
- 	    *dst = s->cirrus_shadow_gr1;
- 	} else if (mode == 5) {
- 	    *dst = s->cirrus_shadow_gr0;
- 	}
- 	val <<= 1;
--	dst++;
-     }
-     memory_region_set_dirty(&s->vga.vram, offset, 8);
- }
-@@ -2060,8 +2059,8 @@ static void cirrus_mem_writeb_mode4and5_16bpp(CirrusVGAState * s,
-     unsigned val = mem_value;
-     uint8_t *dst;
- 
--    dst = s->vga.vram_ptr + (offset &= s->cirrus_addr_mask);
-     for (x = 0; x < 8; x++) {
-+        dst = s->vga.vram_ptr + ((offset + 2 * x) & s->cirrus_addr_mask & ~1);
- 	if (val & 0x80) {
- 	    *dst = s->cirrus_shadow_gr1;
- 	    *(dst + 1) = s->vga.gr[0x11];
-@@ -2070,7 +2069,6 @@ static void cirrus_mem_writeb_mode4and5_16bpp(CirrusVGAState * s,
- 	    *(dst + 1) = s->vga.gr[0x10];
- 	}
- 	val <<= 1;
--	dst += 2;
-     }
-     memory_region_set_dirty(&s->vga.vram, offset, 16);
- }
--- 
-2.13.6
-
diff --git a/app-emulation/qemu/files/qemu-2.11.0-glibc-2.27.patch b/app-emulation/qemu/files/qemu-2.11.0-glibc-2.27.patch
new file mode 100644
index 000000000000..1562bb3c64a1
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.11.0-glibc-2.27.patch
@@ -0,0 +1,54 @@
+From 75e5b70e6b5dcc4f2219992d7cffa462aa406af0 Mon Sep 17 00:00:00 2001
+From: Paolo Bonzini <pbonzini@redhat.com>
+Date: Tue, 28 Nov 2017 11:51:27 +0100
+Subject: [PATCH] memfd: fix configure test
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Recent glibc added memfd_create in sys/mman.h.  This conflicts with
+the definition in util/memfd.c:
+
+    /builddir/build/BUILD/qemu-2.11.0-rc1/util/memfd.c:40:12: error: static declaration of memfd_create follows non-static declaration
+
+Fix the configure test, and remove the sys/memfd.h inclusion since the
+file actually does not exist---it is a typo in the memfd_create(2) man
+page.
+
+Cc: Marc-André Lureau <marcandre.lureau@redhat.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+---
+ configure    | 2 +-
+ util/memfd.c | 4 +---
+ 2 files changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/configure b/configure
+index 9c8aa5a98b..99ccc1725a 100755
+--- a/configure
++++ b/configure
+@@ -3923,7 +3923,7 @@ fi
+ # check if memfd is supported
+ memfd=no
+ cat > $TMPC << EOF
+-#include <sys/memfd.h>
++#include <sys/mman.h>
+ 
+ int main(void)
+ {
+diff --git a/util/memfd.c b/util/memfd.c
+index 4571d1aba8..412e94a405 100644
+--- a/util/memfd.c
++++ b/util/memfd.c
+@@ -31,9 +31,7 @@
+ 
+ #include "qemu/memfd.h"
+ 
+-#ifdef CONFIG_MEMFD
+-#include <sys/memfd.h>
+-#elif defined CONFIG_LINUX
++#if defined CONFIG_LINUX && !defined CONFIG_MEMFD
+ #include <sys/syscall.h>
+ #include <asm/unistd.h>
+ 
+-- 
+2.11.0
diff --git a/app-emulation/qemu/files/qemu-2.11.9999-cflags.patch b/app-emulation/qemu/files/qemu-2.11.9999-cflags.patch
new file mode 100644
index 000000000000..8d7c387851a5
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.11.9999-cflags.patch
@@ -0,0 +1,24 @@
+--- a/configure	2018-02-01 22:51:53.068467555 +0000
++++ b/configure	2018-02-01 22:52:23.965041387 +0000
+@@ -5212,21 +5212,12 @@ fi
+ if test "$gcov" = "yes" ; then
+   CFLAGS="-fprofile-arcs -ftest-coverage -g $CFLAGS"
+   LDFLAGS="-fprofile-arcs -ftest-coverage $LDFLAGS"
+-elif test "$fortify_source" = "yes" ; then
+-  CFLAGS="-O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 $CFLAGS"
+ elif test "$debug" = "yes"; then
+-  if compile_prog "-Og" ""; then
+-      CFLAGS="-Og $CFLAGS"
+-  elif compile_prog "-O1" ""; then
+-      CFLAGS="-O1 $CFLAGS"
+-  fi
+   # Workaround GCC false-positive Wuninitialized bugs with Og or O1:
+   # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=24639
+   if cc_has_warning_flag "-Wno-maybe-uninitialized"; then
+       CFLAGS="-Wno-maybe-uninitialized $CFLAGS"
+   fi
+-else
+-    CFLAGS="-O2 $CFLAGS"
+ fi
+ 
+ ##########################################