qemu: update to 7.0.0.

2025-06-07 15:43:49 +02:00 · 2022-04-21 23:15:24 +11:00 · 2022-04-21 23:15:24 +11:00 · d1743caf44
commit d1743caf44
parent 8c6220cd17
6 changed files with 24 additions and 258 deletions
--- a/srcpkgs/qemu/patches/0006-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
+++ b/srcpkgs/qemu/patches/0006-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
@ -1,37 +0,0 @@
 From 8fbb4e6797ed67310b74cbaaa061269db45a5b71 Mon Sep 17 00:00:00 2001
 From: Natanael Copa <ncopa@alpinelinux.org>
 Date: Tue, 29 Apr 2014 15:51:31 +0200
 Subject: [PATCH] linux-user/signal.c: define __SIGRTMIN/MAX for non-GNU
 platforms
 The __SIGRTMIN and __SIGRTMAX are glibc internals and are not available
 on all platforms, so we define those if they are missing.
 This is needed for musl libc.
 Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
 ---
 linux-user/signal.c | 7 +++++++
 1 file changed, 7 insertions(+)
 diff --git a/linux-user/signal.c b/linux-user/signal.c
 index 5ca6d62b15..e917c16d91 100644
 --- a/linux-user/signal.c
 +++ b/linux-user/signal.c
@@ -25,6 +25,13 @@
 #include "trace.h"
 #include "signal-common.h"
 +#ifndef __SIGRTMIN
 +#define __SIGRTMIN 32
 +#endif
 +#ifndef __SIGRTMAX
 +#define __SIGRTMAX (NSIG-1)
 +#endif
 +
 static struct target_sigaction sigact_table[TARGET_NSIG];
 static void host_signal_handler(int host_signum, siginfo_t *info,
 -- 
 2.23.0
--- a/srcpkgs/qemu/patches/cve-2022-0358.patch
+++ b/srcpkgs/qemu/patches/cve-2022-0358.patch
@ -1,101 +0,0 @@
 From 449e8171f96a6a944d1f3b7d3627ae059eae21ca Mon Sep 17 00:00:00 2001
 From: Vivek Goyal <vgoyal@redhat.com>
 Date: Tue, 25 Jan 2022 13:51:14 -0500
 Subject: [PATCH] virtiofsd: Drop membership of all supplementary groups
 (CVE-2022-0358)
 At the start, drop membership of all supplementary groups. This is
 not required.
 If we have membership of "root" supplementary group and when we switch
 uid/gid using setresuid/setsgid, we still retain membership of existing
 supplemntary groups. And that can allow some operations which are not
 normally allowed.
 For example, if root in guest creates a dir as follows.
 $ mkdir -m 03777 test_dir
 This sets SGID on dir as well as allows unprivileged users to write into
 this dir.
 And now as unprivileged user open file as follows.
 $ su test
 $ fd = open("test_dir/priviledge_id", O_RDWR|O_CREAT|O_EXCL, 02755);
 This will create SGID set executable in test_dir/.
 And that's a problem because now an unpriviliged user can execute it,
 get egid=0 and get access to resources owned by "root" group. This is
 privilege escalation.
 Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2044863
 Fixes: CVE-2022-0358
 Reported-by: JIETAO XIAO <shawtao1125@gmail.com>
 Suggested-by: Miklos Szeredi <mszeredi@redhat.com>
 Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
 Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
 Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
 Message-Id: <YfBGoriS38eBQrAb@redhat.com>
 Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
  dgilbert: Fixed missing {}'s style nit
 ---
 tools/virtiofsd/passthrough_ll.c | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
 index 64b5b4fbb1..b3d0674f6d 100644
 --- a/tools/virtiofsd/passthrough_ll.c
 +++ b/tools/virtiofsd/passthrough_ll.c
@@ -54,6 +54,7 @@
 #include <sys/wait.h>
 #include <sys/xattr.h>
 #include <syslog.h>
 +#include <grp.h>
 #include "qemu/cutils.h"
 #include "passthrough_helpers.h"
@@ -1161,6 +1162,30 @@ static void lo_lookup(fuse_req_t req, fuse_ino_t parent, const char *name)
 #define OURSYS_setresuid SYS_setresuid
 #endif
 +static void drop_supplementary_groups(void)
 +{
 +    int ret;
 +
 +    ret = getgroups(0, NULL);
 +    if (ret == -1) {
 +        fuse_log(FUSE_LOG_ERR, "getgroups() failed with error=%d:%s\n",
 +                 errno, strerror(errno));
 +        exit(1);
 +    }
 +
 +    if (!ret) {
 +        return;
 +    }
 +
 +    /* Drop all supplementary groups. We should not need it */
 +    ret = setgroups(0, NULL);
 +    if (ret == -1) {
 +        fuse_log(FUSE_LOG_ERR, "setgroups() failed with error=%d:%s\n",
 +                 errno, strerror(errno));
 +        exit(1);
 +    }
 +}
 +
 /*
  * Change to uid/gid of caller so that file is created with
  * ownership of caller.
@@ -3926,6 +3951,8 @@ int main(int argc, char *argv[])
     qemu_init_exec_dir(argv[0]);
 +    drop_supplementary_groups();
 +
     pthread_mutex_init(&lo.mutex, NULL);
     lo.inodes = g_hash_table_new(lo_key_hash, lo_key_equal);
     lo.root.fd = -1;
 -- 
 2.35.0
--- a/srcpkgs/qemu/patches/fix-acpi-slic-table.patch
+++ b/srcpkgs/qemu/patches/fix-acpi-slic-table.patch
@ -1,90 +0,0 @@
 From 8cdb99af45365727ac17f45239a9b8c1d5155c6d Mon Sep 17 00:00:00 2001
 From: Igor Mammedov <imammedo@redhat.com>
 Date: Mon, 27 Dec 2021 14:31:17 -0500
 Subject: [PATCH] acpi: fix QEMU crash when started with SLIC table
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 if QEMU is started with used provided SLIC table blob,
  -acpitable sig=SLIC,oem_id='CRASH ',oem_table_id="ME",oem_rev=00002210,asl_compiler_id="",asl_compiler_rev=00000000,data=/dev/null
 it will assert with:
  hw/acpi/aml-build.c:61:build_append_padded_str: assertion failed: (len <= maxlen)
 and following backtrace:
  ...
  build_append_padded_str (array=0x555556afe320, str=0x555556afdb2e "CRASH ME", maxlen=0x6, pad=0x20) at hw/acpi/aml-build.c:61
  acpi_table_begin (desc=0x7fffffffd1b0, array=0x555556afe320) at hw/acpi/aml-build.c:1727
  build_fadt (tbl=0x555556afe320, linker=0x555557ca3830, f=0x7fffffffd318, oem_id=0x555556afdb2e "CRASH ME", oem_table_id=0x555556afdb34 "ME") at hw/acpi/aml-build.c:2064
  ...
 which happens due to acpi_table_begin() expecting NULL terminated
 oem_id and oem_table_id strings, which is normally the case, but
 in case of user provided SLIC table, oem_id points to table's blob
 directly and as result oem_id became longer than expected.
 Fix issue by handling oem_id consistently and make acpi_get_slic_oem()
 return NULL terminated strings.
 PS:
 After [1] refactoring, oem_id semantics became inconsistent, where
 NULL terminated string was coming from machine and old way pointer
 into byte array coming from -acpitable option. That used to work
 since build_header() wasn't expecting NULL terminated string and
 blindly copied the 1st 6 bytes only.
 However commit [2] broke that by replacing build_header() with
 acpi_table_begin(), which was expecting NULL terminated string
 and was checking oem_id size.
 1) 602b45820 ("acpi: Permit OEM ID and OEM table ID fields to be changed")
 2)
 Fixes: 4b56e1e4eb08 ("acpi: build_fadt: use acpi_table_begin()/acpi_table_end() instead of build_header()")
 Resolves: https://gitlab.com/qemu-project/qemu/-/issues/786
 Signed-off-by: Igor Mammedov <imammedo@redhat.com>
 Message-Id: <20211227193120.1084176-2-imammedo@redhat.com>
 Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
 Tested-by: Denis Lisov <dennis.lissov@gmail.com>
 Tested-by: Alexander Tsoy <alexander@tsoy.me>
 Cc: qemu-stable@nongnu.org
 Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 ---
 hw/acpi/core.c       | 4 ++--
 hw/i386/acpi-build.c | 2 ++
 2 files changed, 4 insertions(+), 2 deletions(-)
 diff --git a/hw/acpi/core.c b/hw/acpi/core.c
 index 1e004d0078..3e811bf03c 100644
 --- a/hw/acpi/core.c
 +++ b/hw/acpi/core.c
@@ -345,8 +345,8 @@ int acpi_get_slic_oem(AcpiSlicOem *oem)
         struct acpi_table_header *hdr = (void *)(u - sizeof(hdr->_length));
         if (memcmp(hdr->sig, "SLIC", 4) == 0) {
 -            oem->id = hdr->oem_id;
 -            oem->table_id = hdr->oem_table_id;
 +            oem->id = g_strndup(hdr->oem_id, 6);
 +            oem->table_id = g_strndup(hdr->oem_table_id, 8);
             return 0;
         }
     }
 diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
 index 8383b83ee3..0234fe7588 100644
 --- a/hw/i386/acpi-build.c
 +++ b/hw/i386/acpi-build.c
@@ -2723,6 +2723,8 @@ void acpi_build(AcpiBuildTables *tables, MachineState *machine)
     /* Cleanup memory that's no longer used. */
     g_array_free(table_offsets, true);
 +    g_free(slic_oem.id);
 +    g_free(slic_oem.table_id);
 }
 static void acpi_ram_update(MemoryRegion *mr, GArray *data)
 -- 
 GitLab
--- a/srcpkgs/qemu/patches/musl-rlimit-rttime.patch
+++ b/srcpkgs/qemu/patches/musl-rlimit-rttime.patch
@ -0,0 +1,13 @@
 --- a/linux-user/syscall.c
 +++ b/linux-user/syscall.c
@@ -141,6 +141,10 @@
 #include "fd-trans.h"
 #include "tcg/tcg.h"
 +#ifndef RLIMIT_RTTIME
 +#define RLIMIT_RTTIME 15
 +#endif
 +
 #ifndef CLONE_IO
 #define CLONE_IO                0x80000000      /* Clone io context */
 #endif
--- a/srcpkgs/qemu/patches/xxx-ppcle.patch
+++ b/srcpkgs/qemu/patches/xxx-ppcle.patch
@ -29,35 +29,16 @@ index 18c26e0..03d3e18 100755
   fi
 elif check_define __mips__ ; then
   cpu="mips"
-@@ -683,6 +687,9 @@ ARCH=
+@@ -638,6 +642,9 @@
- case "$cpu" in
+ 
-   ppc|ppc64|s390x|sparc64|x32|riscv32|riscv64)
+   ppc)
-   ;;
+     CPU_CFLAGS="-m32" ;;
 +  ppcle)
-+    ARCH="ppc"
+    cpu="ppc"
-+  ;;
+    CPU_CFLAGS="-m32 -mlittle-endian" ;;
   ppc64)
     CPU_CFLAGS="-m64 -mbig-endian" ;;
   ppc64le)
     ARCH="ppc64"
   ;;
@@ -6783,7 +6790,7 @@ if test "$linux" = "yes" ; then
   i386|x86_64|x32)
     linux_arch=x86
     ;;
 -  ppc|ppc64|ppc64le)
 +  ppc|ppcle|ppc64|ppc64le)
     linux_arch=powerpc
     ;;
   s390x)
@@ -6960,6 +6967,9 @@ if test -n "$cross_prefix"; then
         x86_64|x32)
             echo "cpu_family = 'x86_64'" >> $cross
             ;;
 +        ppcle)
 +            echo "cpu_family = 'ppc'" >> $cross
 +            ;;
         ppc64le)
             echo "cpu_family = 'ppc64'" >> $cross
             ;;
 diff --git a/configs/targets/ppcle-linux-user.mak b/configs/targets/ppcle-linux-user.mak
 new file mode 100644
 index 0000000..2259243
--- a/srcpkgs/qemu/template
+++ b/srcpkgs/qemu/template
@ -1,8 +1,8 @@
 # Template file for 'qemu'
 # This package should be updated together with qemu-user-static
 pkgname=qemu
-version=6.2.0
+version=7.0.0
-revision=3
+revision=1
 build_style=configure
 configure_args="--prefix=/usr --sysconfdir=/etc --libexecdir=/usr/libexec --localstatedir=/var
 --disable-glusterfs --disable-xen --enable-docs --enable-kvm --enable-libusb --enable-pie
@ -28,7 +28,7 @@ maintainer="Orphaned <orphan@voidlinux.org>"
 license="GPL-2.0-or-later, LGPL-2.1-or-later"
 homepage="https://www.qemu.org"
 distfiles="https://wiki.qemu.org/download/qemu-${version}.tar.bz2"
-checksum=2fde1a30a7dcc15dde0875319ecaf3dc249072dee46ba7ad1f7c8df1faece93f
+checksum=a83032c6ce0dba35479610a4e11a7d8c4a6dffb17152653c183eec3c58616d4e
 ignore_elf_dirs="/usr/share/qemu"
 nostrip_files="hppa-firmware.img openbios-ppc openbios-sparc32 openbios-sparc64
 palcode-clipper s390-ccw.img s390-netboot.img u-boot.e500 opensbi-riscv32-generic-fw_dynamic.elf