qemu: uprev v4.2.0 -> v5.0.0

Major update after v4.2. Changes: - os_find_datadir() was changed after the v4.2 release causing v5.0 to not find the bios and not boot the image. Fix is sent to upstream qemu. See: qemu/find_datadir.patch - v5.0 binary had host contamination for dynamically linked libraries, "--extra-ldflags='${LDFLAGS}'" in EXTRA_OECONF resolved the issue - bluetooth code was removed: qemu.git$ git show 1d4ffe8dc7 hence removed PACKAGECONFIG[bluez] - -show-cursor qemu option is now deprecated, updated scripts/runqemu to use updated option instead - added PACKAGECONFIG definitions - added qemu-ptest to conf/distro/include/ptest-packagelists.inc - increased support for ARM architecture, cpu and board - removed patches merged upstream and refreshed existing ones Testing: Build core-image-minimal against the machines in openembedded-core/meta/conf/machine and succesfully booted with qemu v5.0 Ran qemu-ptest on x86-64 and arm64 with identical results: PASS: 1166 SKIP: 0 FAIL: 0 (From OE-Core rev: ee9ec9e344541c1ccd9b9b8e3b8c1e00d008ad85) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Sakib Sajal <sakib.sajal@windriver.com> 2020-06-19 14:12:59 -0400
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2020-06-23 12:31:03 +0100
commit: a3102471e4e789d77040f5ed0da1b8e438328b5f (patch)
tree: 083c7ac42e426047f32ba8de41d0a9b24615593f /meta/recipes-devtools/qemu/qemu/CVE-2020-7211.patch
parent: f5bbb3ba2d65ba7911b7ede5fb32b54b5b904a07 (diff)
download: poky-a3102471e4e789d77040f5ed0da1b8e438328b5f.tar.gz
1 files changed, 0 insertions, 46 deletions
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-7211.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-7211.patch
deleted file mode 100644
index 11be4c92e7..0000000000
--- a/meta/recipes-devtools/qemu/qemu/CVE-2020-7211.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From 14ec36e107a8c9af7d0a80c3571fe39b291ff1d4 Mon Sep 17 00:00:00 2001
-From: Prasad J Pandit <pjp@fedoraproject.org>
-Date: Mon, 13 Jan 2020 17:44:31 +0530
-Subject: [PATCH] slirp: tftp: restrict relative path access
-tftp restricts relative or directory path access on Linux systems.
-Apply same restrictions on Windows systems too. It helps to avoid
-directory traversal issue.
-Fixes: https://bugs.launchpad.net/qemu/+bug/1812451
-Reported-by: Peter Maydell <peter.maydell@linaro.org>
-Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
-Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
-Message-Id: <20200113121431.156708-1-ppandit@redhat.com>
-Upstream-Status: Backport [https://gitlab.freedesktop.org/slirp/libslirp/-/commit/14ec36e107a8c9af7d0a80c3571fe39b291ff1d4.patch]
-CVE: CVE-2020-7211
-Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
---
- slirp/src/tftp.c | 9 +++++++--
- 1 file changed, 7 insertions(+), 2 deletions(-)
-diff --git a/slirp/src/tftp.c b/slirp/src/tftp.c
-index 093c2e0..e52e71b 100644
--- a/slirp/src/tftp.c
-+++ b/slirp/src/tftp.c
-@@ -344,8 +344,13 @@ static void tftp_handle_rrq(Slirp *slirp, struct sockaddr_storage *srcsas,
-     k += 6; /* skipping octet */
- 
-     /* do sanity checks on the filename */
-    if (!strncmp(req_fname, "../", 3) ||
-        req_fname[strlen(req_fname) - 1] == '/' || strstr(req_fname, "/../")) {
-+    if (
-+#ifdef G_OS_WIN32
-+        strstr(req_fname, "..\\") ||
-+        req_fname[strlen(req_fname) - 1] == '\\' ||
-+#endif
-+        strstr(req_fname, "../") ||
-+        req_fname[strlen(req_fname) - 1] == '/') {
-         tftp_send_error(spt, 2, "Access violation", tp);
-         return;
-     }
-- 
-2.24.1
author	Sakib Sajal <sakib.sajal@windriver.com>	2020-06-19 14:12:59 -0400
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2020-06-23 12:31:03 +0100
commit	a3102471e4e789d77040f5ed0da1b8e438328b5f (patch)
tree	083c7ac42e426047f32ba8de41d0a9b24615593f /meta/recipes-devtools/qemu/qemu/CVE-2020-7211.patch
parent	f5bbb3ba2d65ba7911b7ede5fb32b54b5b904a07 (diff)
download	poky-a3102471e4e789d77040f5ed0da1b8e438328b5f.tar.gz

diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-7211.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-7211.patch deleted file mode 100644 index 11be4c92e7..0000000000 --- a/meta/recipes-devtools/qemu/qemu/CVE-2020-7211.patch +++ /dev/null
@@ -1,46 +0,0 @@
1	From 14ec36e107a8c9af7d0a80c3571fe39b291ff1d4 Mon Sep 17 00:00:00 2001
2	From: Prasad J Pandit <pjp@fedoraproject.org>
3	Date: Mon, 13 Jan 2020 17:44:31 +0530
4	Subject: [PATCH] slirp: tftp: restrict relative path access
5
6	tftp restricts relative or directory path access on Linux systems.
7	Apply same restrictions on Windows systems too. It helps to avoid
8	directory traversal issue.
9
10	Fixes: https://bugs.launchpad.net/qemu/+bug/1812451
11	Reported-by: Peter Maydell <peter.maydell@linaro.org>
12	Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
13	Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
14	Message-Id: <20200113121431.156708-1-ppandit@redhat.com>
15
16	Upstream-Status: Backport [https://gitlab.freedesktop.org/slirp/libslirp/-/commit/14ec36e107a8c9af7d0a80c3571fe39b291ff1d4.patch]
17	CVE: CVE-2020-7211
18	Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
19
20	---
21	slirp/src/tftp.c \| 9 +++++++--
22	1 file changed, 7 insertions(+), 2 deletions(-)
23
24	diff --git a/slirp/src/tftp.c b/slirp/src/tftp.c
25	index 093c2e0..e52e71b 100644
26	--- a/slirp/src/tftp.c
27	+++ b/slirp/src/tftp.c
28	@@ -344,8 +344,13 @@ static void tftp_handle_rrq(Slirp slirp, struct sockaddr_storage srcsas,
29	k += 6; /* skipping octet */
30
31	/* do sanity checks on the filename */
32	- if (!strncmp(req_fname, "../", 3) \|\|
33	- req_fname[strlen(req_fname) - 1] == '/' \|\| strstr(req_fname, "/../")) {
34	+ if (
35	+#ifdef G_OS_WIN32
36	+ strstr(req_fname, "..\\") \|\|
37	+ req_fname[strlen(req_fname) - 1] == '\\' \|\|
38	+#endif
39	+ strstr(req_fname, "../") \|\|
40	+ req_fname[strlen(req_fname) - 1] == '/') {
41	tftp_send_error(spt, 2, "Access violation", tp);
42	return;
43	}
44	--
45	2.24.1
46