summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/qemu
Commit message (Collapse)AuthorAgeFilesLines
* qemu: Avoid accidental libvdeplug linkageSteve Sakoman2022-10-271-0/+1
| | | | | | | | | | | | | Avoid accidentally linking to the vde library from the host by adding a PACKAGECONFIG for the option. (From OE-Core rev: cc979908beec8a40a636d00a1fdcf2769358377f) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8839e9540528b0b46c4fb4f95e508f038bcef8b9) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: CVE-2021-3750 hcd-ehci: DMA reentrancy issue leads to use-after-freeHitendra Prajapati2022-10-272-0/+181
| | | | | | | | | | | | | | | | Source: https://git.qemu.org/?p=qemu.git MR: 117886 Type: Security Fix Disposition: Backport from https://git.qemu.org/?p=qemu.git;a=commit;h=b9d383ab797f54ae5fa8746117770709921dc529 && https://git.qemu.org/?p=qemu.git;a=commit;h=3ab6fdc91b72e156da22848f0003ff4225690ced && https://git.qemu.org/?p=qemu.git;a=commit;h=58e74682baf4e1ad26b064d8c02e5bc99c75c5d9 ChangeID: 3af901d20ad8ff389468eda2c53b4943e3a77bb8 Description: CVE-2021-3750 QEMU: hcd-ehci: DMA reentrancy issue leads to use-after-free. (From OE-Core rev: 0f4b1db4fdc655e880ec66525eb7642978529e82) Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Add PACKAGECONFIG for brlapiRichard Purdie2022-09-231-0/+1
| | | | | | | | | (From OE-Core rev: f547c9610f8c17c3da9ca3f7a79902d2ffbfca49) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 482471a617e5f682416b7ec1a920dfaeac65f1a3) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Define libnfs PACKAGECONFIGAndrei Gherzan2022-09-231-0/+2
| | | | | | | | | | | | | | | | | | | | The upstream qemu recipe uses host's pkg-config files as a solution to detecting host's SDL. This has a side effect of using other host libraries that are later queried by the configure script. This can get into a situation when the host provides libnfs (for example) and because later this dependency is not in place anymore, qemu will fail at runtime. This change adds a PACKAGECONFIG definition for libnfs that is disabled by default, in turn disabling the pkgconfig autodetection in configure. (From OE-Core rev: 9badcf0261f6b735d65a5498bb8fbb9979d7a07f) Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 42b364a25fdbc987c85dd46b8427045033924d99) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix and ignore several CVEsChee Yang Lee2022-09-2312-0/+748
| | | | | | | | | | | | | | | | | | | | | | | backport fixes: CVE-2020-13754, backport patches as debian security tracker notes https://security-tracker.debian.org/tracker/CVE-2020-13754 CVE-2021-3713 CVE-2021-3748 CVE-2021-3930 CVE-2021-4206 CVE-2021-4207 CVE-2022-0216, does not include qtest in patches, the qtest code were not available in v4.2. Ignore: CVE-2020-27661, issue introduced in v5.1.0-rc0 https://security-tracker.debian.org/tracker/CVE-2020-27661 (From OE-Core rev: 16a6e8530c4820f070973a1b4d64764c20706087) Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: CVE-2020-27821 heap buffer overflow in msix_table_mmio_writeHitendra Prajapati2022-08-222-0/+74
| | | | | | | | | | | | | | | | Source: https://git.qemu.org/?p=qemu.git; MR: 107558 Type: Security Fix Disposition: Backport from https://git.qemu.org/?p=qemu.git;a=commit;h=4bfb024bc76973d40a359476dc0291f46e435442 ChangeID: c5d25422f43edb7d8728118eb482eba09474ef2c Description: CVE-2020-27821 qemu: heap buffer overflow in msix_table_mmio_write() in hw/pci/msix.c. (From OE-Core rev: 198bd53bdc77d2b01dae19993bde79f03f4dd02c) Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: CVE-2022-35414 can perform an uninitialized read on the translate_fail ↵Hitendra Prajapati2022-08-082-0/+54
| | | | | | | | | | | | | | | | | | path, leading to an io_readx or io_writex crash Source: https://github.com/qemu/qemu MR: 119832 Type: Security Fix Disposition: Backport from https://github.com/qemu/qemu/commit/418ade7849ce7641c0f7333718caf5091a02fd4c ChangeID: 1246afd7bb950d2d5fe2e198961797c0fa14ac00 Description: CVE-2022-35414 qemu: can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash. (From OE-Core rev: 7c3043df56b3090138fe56f8c06df5ca08cafd26) Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: add PACKAGECONFIG for capstoneSteve Sakoman2022-07-151-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | Autobuilder workers were non-deterministically enabling capstone depending on whether the worker had libcapstone installed. Add PACKAGECONFIG for capstone with default off, since qemu does not require capstone support. Qemu version in dunfell has capstone in the source tree as a submodule and has configure options to enable it using that source code or using the system libcapstone. Qemu versions in master and kirkstone have removed the capstone submodule and configure options, but added libcapstone autodetection to meson. In all cases using PACKAGECONFIG will allow a deterministic build. (From OE-Core rev: af25fff399fa623b4fd6efbca21e01ea6b4d1fd7) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 052ef1f14d1e6a5ee34f742f65e51b20b416f79f) Signed-off-by: Steve Sakoman <steve@sakoman.com Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: backport patch fix for CVE-2020-13791Davide Gardenal2022-03-312-0/+45
| | | | | | | | | | | | | Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg00979.html CVE: CVE-2020-13791 (From OE-Core rev: 6d4e6302fa21b1c663b94b05088ecf9b9d544c0a) Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: backport fix for CVE-2020-13253Davide Gardenal2022-03-236-0/+446
| | | | | | | | | | | | | | | | Backport commits from the following MR: https://git.qemu.org/?p=qemu.git;a=commit;h=3a9163af4e3dd61795a35d47b702e302f98f81d6 Two other commits have been backported in order to be able to correctly apply the patches. CVE: CVE-2020-13253 (From OE-Core rev: b258b0deccde2d8fd2c4372dd0f376c7b95945f5) Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-3682Sakib Sajal2021-09-302-0/+42
| | | | | | | | | | | | | | | | | | | | Source: https://git.yoctoproject.org/git/poky MR: 112369 Type: Security Fix Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?id=48960ce56265e9ec7ec352c0d0fcde6ed44569be ChangeID: 799afc7adf3f2c915751744b618e38cccb01d854 Description: (From OE-Core rev: e16cd155c5ef7cfe8b4d3a94485cb7b13fd95036) (From OE-Core rev: f515c00c995b90a6d583f0e6162aa8fba8005a67) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 48960ce56265e9ec7ec352c0d0fcde6ed44569be) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix for CVE-2020-28916Armin Kuster2021-09-302-0/+49
| | | | | | | | | | | | | | | | | Source: qemu.org MR: 107262 Type: Security Fix Disposition: Backport from https://git.qemu.org/?p=qemu.git;a=commit;h=c2cb511634012344e3d0fe49a037a33b12d8a98a ChangeID: 3024b894ab045c1a74ab2276359d5e599ec9e822 Description: Affects qemu < 5.0.0 (From OE-Core rev: 55aa94e9185ecd93612c64cdd982a89d633284e2) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix for CVE-2020-27617Armin Kuster2021-09-302-0/+50
| | | | | | | | | | | | | | | | | Source: qemu.org MR: 106462 Type: Security Fix Disposition: Backport from https://git.qemu.org/?p=qemu.git;a=commit;h=7564bf7701f00214cdc8a678a9f7df765244def1 ChangeID: b9dc1b656c07d6a0aecaf7680ed33801bd5f6352 Description: Affects qemu < 5.2.0 (From OE-Core rev: be31eb87299b883306c1823ad632d6ada237dc05) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix CVE-2020-12829Armin Kuster2021-09-306-0/+721
| | | | | | | | | | | | | | | | | Source: qemu.org MR: 105490 Type: Security Fix Disposition: Backport from https://git.qemu.org/?p=qemu.git;a=commit;h=b15a22bbcbe6a78dc3d88fe3134985e4cdd87de4 ChangeID: 6e222b766fc67c76cdc311d02cc47801992d0e66 Description: Affect qemu < 5.0.0 (From OE-Core rev: 7cd5c38b6d078c22519ad6b6e89caa9c1aa5ecd4) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-3608Sakib Sajal2021-09-012-0/+41
| | | | | | | | | | | | | | | | | | | | | | Source: http://git.yoctoproject.org/cgit/poky.git MR: 112749 Type: Security Fix Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?h=hardknott&id=f5e77d70e2eb35751f5bad5572b6eb8a3ab14422 ChangeID: 4496341da3af9126c9c67170e1a2cce929c29828 Description: (From OE-Core rev: 5e05ee8ff363eac84edec568039b86bcd716c6ce) (From OE-Core rev: f8d34ef74dafcf14e07f9322254465d03490bd60) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit f5e77d70e2eb35751f5bad5572b6eb8a3ab14422) [Refreshed patch] Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-3607Sakib Sajal2021-09-012-0/+44
| | | | | | | | | | | | | | | | | | | | | Source: http://git.yoctoproject.org/cgit/poky.git MR: 112749 Type: Security Fix Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?h=hardknott&id=460485d774480cd89cadf3b068f5197f44d86f25 ChangeID: 4e40dee2e6ce0b5b4de971f2c2b336929e7f22c3 Description: (From OE-Core rev: 764bca67650da9df439527796879dda767c8c008) (From OE-Core rev: cc541da4d67a9afa86a6ac37d5470d4dc77ea922) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 460485d774480cd89cadf3b068f5197f44d86f25) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-3582Sakib Sajal2021-09-012-0/+48
| | | | | | | | | | | | | | | | | | | | | Source: http://git.yoctoproject.org/cgit/poky.git MR: 112743 Type: Security Fix Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?h=hardknott&id=e11384737ed489ea02800d545432b9ded82bf1bb ChangeID: a2ff7112354349e8cf8960f30499f61e545d7f8e Description: (From OE-Core rev: fb2634922db91e5b877dd10021dafec7b5c6e565) (From OE-Core rev: 942d936524d3948d74c7240038ce81d859f68cab) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e11384737ed489ea02800d545432b9ded82bf1bb) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-3527Lee Chee Yang2021-09-013-0/+103
| | | | | | | | | | | | | | | | | | | | | | | | | Source: http://git.yoctoproject.org/cgit/poky.git MR: 111827 Type: Security Fix Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?h=hardknott&id=45e06a2e02cb01540d3970bd8ab5771014a031f9 ChangeID: 33bb20f503888abc346ae1a6f590f57ebdd0f1f9 Description: (cherry picked from commit 6774efd1e3d0bd5c8c34f84dcf4f698d7eafb36a) (From OE-Core rev: fcbcd27a1c97668af9634143376f75ab32fffd68) (From OE-Core rev: 1c7e9099b5f417a7e7664ce3572b2098e2ebbbf7) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 45e06a2e02cb01540d3970bd8ab5771014a031f9) [Fixup for Dunfell context] Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fixes CVE-2021-3545/6Armin Kuster2021-09-013-0/+90
| | | | | | | | | | | | | | | | | Source: qemu.org MR: 111845, 111839 Type: Security Fix Disposition: Backport from https://gitlab.com/qemu-project/qemu/-/commit/9f22893a & 121841b2 ChangeID: 111b168e0fe4d2a722158c6bfdaceb06a8789e69 Description: Fixes: CVE-2021-3545 and CVE-2021-3546 (From OE-Core rev: e066967a306292cd0ce5ef2cd5aa0ee80fde1041) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix CVE-2021-3544Armin Kuster2021-09-016-0/+205
| | | | | | | | | | | | | | | | | | | | | | | Source: qemu.org MR: 111833 Type: Security Fix Disposition: Backport from https://gitlab.com/qemu-project/qemu/-/commit/86dd8fac..63736af5 ChangeID: 7f301e939cf9d1fdb826ac47d1fc96430086a68e Description: https://gitlab.com/qemu-project/qemu/-/commit/86dd8fac https://gitlab.com/qemu-project/qemu/-/commit/b9f79858 https://gitlab.com/qemu-project/qemu/-/commit/b7afebcf Tweeked the above patches as vhost-user-gpu.c does not exist. https://gitlab.com/qemu-project/qemu/-/commit/f6091d86 https://gitlab.com/qemu-project/qemu/-/commit/63736af5 (From OE-Core rev: eca0abf120709fab20da1a2c190d04191733f5ed) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-20257Sakib Sajal2021-09-012-0/+56
| | | | | | | | | | | | | | | | | | | | | | | Source: https://git.yoctoproject.org/git/poky MR: 110290 Type: Security Fix Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?h=hardknott&id=5c1a29e6deec8f92ac43363bd72439aec7e27721 ChangeID: 7f301e939cf9d1fdb826ac47d1fc96430086a68e Description: (From OE-Core rev: 5b66ff7972951db973d12f3dae6ccecf3bc29e56) (From OE-Core rev: 1317053b23e1a4c1e5c7331a97f248e042415bea) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 547ac986a74cfcae39b691ebb92aadc8436443ea) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 5c1a29e6deec8f92ac43363bd72439aec7e27721) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-3416Sakib Sajal2021-09-0110-0/+521
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: poky.org MR: 109686 Type: Security Fix Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?h=hardknott&id=381aebe82f1f6fcc26b47966bc8520dbb1476961 ChangeID: 50b1589249cc3c595d224e3a8347da2b54339ef8 Description: Drop CVE-2021-3416_4.patch as hw/net/msf2-emac.c does not exist in 4.2.0 (From OE-Core rev: 7a3ce8a79a6c682e1b38f757eb68534e0ce5589d) (From OE-Core rev: 44bb99fdd1a7eee78078f7d48b9b8aad729f84ec) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e2b5bc11d1b26b73b62e1a63cb75572793282dcb) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 381aebe82f1f6fcc26b47966bc8520dbb1476961) [Drop CVE-2021-3416_4.patch, affected file does not exist in 4.2.0] Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-20181Sakib Sajal2021-09-012-0/+82
| | | | | | | | | | | | | | | | | | | | | | | Source: Poky.org MR: 111631 Type: Security Fix Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?h=hardknott&id=53390d2261d2d35cdd637cf12a0fb4dc63f0f88c ChangeID: 0c660a9ef3637d847c0880283df05d8696221308 Description: (From OE-Core rev: a993a379bb490efbbf507f5dccda5ab358e8afea) (From OE-Core rev: 743fc49c98361baaa9ca9414bfe21220b63dbdca) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c2f79065ef0684f2c0bdb92f1b03e690ab730b8c) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 53390d2261d2d35cdd637cf12a0fb4dc63f0f88c) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix CVE-2021-20221Armin Kuster2021-09-012-0/+68
| | | | | | | | | | | | | | | Source: Qemu.org MR: 111643 Type: Security Fix Disposition: Backport from https://gitlab.com/qemu-project/qemu/-/commit/edfe2eb4360cde4ed5d95bda7777edcb3510f76a ChangeID: b3ca1aa4b772a5f27f327250c5b0b988375c86a9 Description: (From OE-Core rev: 4adf675e3d4ccdcee055a3c4b539f4ddc15b033d) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix for CVE-2020-29443Armin Kuster2021-09-012-0/+46
| | | | | | | | | | | | | | | Source: Qemu.org MR: 109315 Type: Security Fix Disposition: Backport from https://git.qemu.org/?p=qemu.git;a=commit;h=813212288970c39b1800f63e83ac6e96588095c6 ChangeID: c0296e285169cc937cc9758c9d84ac690297ee54 Description: (From OE-Core rev: 1765005f73303d9857f9fde93efb1cc8534964f1) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Qemu: Security fix for CVE-2020-25625/2021-3409/2020-17380Armin Kuster2021-09-012-0/+43
| | | | | | | | | | | | | | | | | | | | | Source: Qemu.org MR: 105781, 109964, 108621 Type: Security Fix Disposition: Backport from https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05905.html ChangeID: 0acf082885e7ab3ac2fb41d6e503449869dd46a8 Description: This address: CVE-2020-25625 and its two fixes address an incomplete fix for CVE-2020-25625 CVE-2021-3409 CVE-2020-17380 (From OE-Core rev: 721a14f13005dc0b5bddaac131c444b97be700a8) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix CVE-2020-25624Armin Kuster2021-09-013-0/+190
| | | | | | | | | | | | | | | Source: qemu.org MR: 106958 Type: Security Fix Disposition: Backport from qemu.org ChangeID: 9d0c21c4ff5dc12ba623685cd7ae4d4bc294f519 Description: (From OE-Core rev: 853f4a4755d053cc4defa65cda5e317e3e28bc3f) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix CVE-2020-25085Armin Kuster2021-09-012-20/+67
| | | | | | | | | | | | | | | Source: qemu.org MR: 105773 Type: Security Fix Disposition: Backport from https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg00733.html ChangeID: 77c8a9e75b94da3c03c64c95d9e6ab9d45037572 Description: (From OE-Core rev: 6b4c58a31ec11e557d40c31f2532985dd53e61eb) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Enable seccomp if FEATURE is setArmin Kuster2021-08-101-0/+1
| | | | | | | | | | (From OE-Core rev: 10aace6034e4ca3d09d97c4e2046d8eef3078164) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Ruslan Babayev <fib@cisco.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu.inc: Add seccomp PACKAGECONFIG optionNathan Rossi2021-08-101-0/+1
| | | | | | | | | | | | | | | | | | | Add the seccomp PACKAGECONFIG option to allow building seccomp features in QEMU. The libseccomp library is available in additional layers (e.g. meta-security). Additionally this serves as a way to disable seccomp by default to avoid the configure of QEMU automatically finding it (via pkg-config) on the build host when building qemu-system-native and auto enabling the feature. (From OE-Core rev: 80d79ca651b03a3a7d65d25065af3fa5d85925b3) Signed-off-by: Nathan Rossi <nathan@nathanrossi.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Ruslan Babayev <fib@cisco.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Exclude CVE-2018-18438 from cve-checkRichard Purdie2021-05-201-0/+4
| | | | | | | | | | | | The issues were investigated and found not to be an issue therefore exclude from checks. (From OE-Core rev: 05f39301ab19a968916163b2d8f65beda7c09852) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit ee6ee9bd489c126b99d15c1011560df2f840a6e9) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Exclude CVE-2007-0998 from cve-checkRichard Purdie2021-05-201-0/+4
| | | | | | | | | | | The CVE applies to the built-in VNC server but we don't enable this by default. (From OE-Core rev: f0e0787265d9d8bd01629f2b56a0eb57d950c037) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d62b9974a5f3a0f462434ce2763c28a4b4bbcfc6) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Exclude CVE-2017-5957 from cve-checkRichard Purdie2021-05-201-0/+3
| | | | | | | | | | | The CVE applies to virglrender before 0.6.0 which we don't have. (From OE-Core rev: 559ed3e62e542b7a4456a9a4eef8742ce8521dfb) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 9b5355375d028577de0b98e05992de6a088cb972) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-3392Lee Chee Yang2021-05-202-0/+93
| | | | | | | | (From OE-Core rev: fe872d2edc160f48e57d3bdc82e5fc72f6dcbb72) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-20203Minjae Kim2021-03-182-0/+75
| | | | | | | | | | | | net: vmxnet3: validate configuration values during activate Upstream-Status: Acepted [https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg07935.html] CVE: CVE-2021-20203 (From OE-Core rev: c65a671d7af64a19bebd45b1c4d02fdf124a1c5a) Signed-off-by: Minjae Kim <flowergom@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Backport patch to avoid assertion fails on icache line sizeAndrei Gherzan2021-03-042-0/+49
| | | | | | | | | | | | | | | | | | | Due to a bug in glibc 2.33, the value of the icache line size is now reported as unsupported option. This breaks qemu at runtime with: cacheinfo.c:182: init_cache_info: Assertion `(isize & (isize - 1)) == 0' failed. Aborted (core dumped) We haven't caught this one yet because we were already on qemu 5.2.0 when we started to play with glibc 2.33 so it was only reproducible on dunfell. (From OE-Core rev: fdb3ff363c6f8408058f362f3bfdeee4e18150fa) Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2020-25723Lee Chee Yang2020-12-182-0/+53
| | | | | | | | (From OE-Core rev: 3c85df8f4bcbdb75c3258a76402dd6039fbc73ca) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2020-24352Lee Chee Yang2020-11-242-0/+53
| | | | | | | | (From OE-Core rev: 7610ffec71e20556bde32f00a08c4c5a40cd31ce) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2019-20175Steve Sakoman2020-11-032-0/+95
| | | | | | | | | CVE: CVE-2019-20175 (From OE-Core rev: dc91e39e6a5c117a2fec7afc2bab683ff0ab096a) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: change TLBs number to 64 in 34Kf mips cpu modelVictor Kamensky2020-10-272-0/+60
| | | | | | | | | | | | | | | Replace OE private qemu patch with one that got upstreamed and solves the same problem: increase qemumips CI performance by increasing number of TLBs in CPU model and reduce need to run software TLB refill code. (From OE-Core rev: 89e6fc44a378cb3489376d7193672cdf94c504b6) Signed-off-by: Victor Kamensky <kamensky@cisco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit a99dace7463d310688f4098a51316dc0743651e2) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: add/fix invalid Upstream-Status tagsRoss Burton2020-10-061-1/+1
| | | | | | | | | | (From OE-Core rev: 4dbae5c7c28a2cd6ebb601f984a54ca33d19afaf) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 630ce8130598e2bca7231ac28a7cc18b5b942544) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu : fix CVE-2020-16092Chee Yang Lee2020-10-062-0/+46
| | | | | | | | (From OE-Core rev: 6007398a0ff468c0b15c4982d7f04e6186d6d700) Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2020-14364 CVE-2020-14415Lee Chee Yang2020-09-173-0/+132
| | | | | | | | (From OE-Core rev: 1a150f0df36892283686e3e1afb30a7742c8e252) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2020-15863Lee Chee Yang2020-08-122-0/+64
| | | | | | | | (From OE-Core rev: d6eb50dfe66838e6bea061cbd1a120981777b700) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2020-10702/10761/13362/13659/13800Lee Chee Yang2020-07-076-0/+374
| | | | | | | | | | | | | | | fix these CVE: CVE-2020-10702 CVE-2020-10761 CVE-2020-13362 CVE-2020-13659 CVE-2020-13800 (From OE-Core rev: 98c4642c526259fc664723145a1d6026b491032d) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2020-13361Lee Chee Yang2020-06-262-0/+62
| | | | | | | | | | (From OE-Core rev: 0e4985236dd7d2e92576fb30b70bc434a7ecd367) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2dcef5dfb5c4c57fd793d04ac936a9ff73aae844) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: force build type to productionJoe Slater2020-06-181-0/+5
| | | | | | | | | | | | | qemu will not build for -Og optimization because macros in lockable.h expect dead-code elimination. Override DEBUG_BUILD. (From OE-Core rev: dce2315ea2e0f14854fa43994eede04848cd624c) Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit ad404b2e51223625bd95f9a7da4c7a690c37bdfb) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2020-11869Lee Chee Yang2020-05-282-0/+98
| | | | | | | | | | | (From OE-Core rev: 1af607d9e635e7cf2f6cf3e4c6d05f1e2cb6acc9) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> (cherry picked from commit 5f01d45266bbc0d0f1a32d10c0841326193cc9c1) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu-system-native: Fix commented out PACKAGECONFIGJeremy Puhlman2020-05-051-1/+1
| | | | | | | | | (From OE-Core rev: 2797779cb8b821d8bec8df999c6ebb86384c9686) Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2020-11102Lee Chee Yang2020-04-072-0/+149
| | | | | | | (From OE-Core rev: 47f8d0da838c59ab419f0cbae941f84693cb53c0) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-13 15:30:41 +0000