[oe-commits] [openembedded-core] 01/01: Revert "qemu: CVE-2017-17381"
git at git.openembedded.org
git at git.openembedded.org
Sun Jan 14 11:12:38 UTC 2018
This is an automated email from the git hooks/post-receive script.
rpurdie pushed a commit to branch master-next
in repository openembedded-core.
commit f58fa52e49ec4f7f4bc6022cd2a9e1a0a7738139
Author: Richard Purdie <richard.purdie at linuxfoundation.org>
AuthorDate: Sun Jan 14 09:12:37 2018 +0000
Revert "qemu: CVE-2017-17381"
This reverts commit 92a0513837182e2e9aa6c7d4958e495f4b5b4c47.
---
.../qemu/qemu/CVE-2017-17381.patch | 72 ----------------------
meta/recipes-devtools/qemu/qemu_2.10.1.bb | 1 -
2 files changed, 73 deletions(-)
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2017-17381.patch b/meta/recipes-devtools/qemu/qemu/CVE-2017-17381.patch
deleted file mode 100644
index 416771c..0000000
--- a/meta/recipes-devtools/qemu/qemu/CVE-2017-17381.patch
+++ /dev/null
@@ -1,72 +0,0 @@
-From 758ead31c7e17bf17a9ef2e0ca1c3e86ab296b43 Mon Sep 17 00:00:00 2001
-From: Prasad J Pandit <pjp at fedoraproject.org>
-Date: Wed, 29 Nov 2017 23:14:27 +0530
-Subject: [PATCH] virtio: check VirtQueue Vring object is set
-
-A guest could attempt to use an uninitialised VirtQueue object
-or unset Vring.align leading to a arithmetic exception. Add check
-to avoid it.
-
-Upstream-Status: Backport
-CVE: CVE-2017-17381
-
-Reported-by: Zhangboxian <zhangboxian at huawei.com>
-Signed-off-by: Prasad J Pandit <pjp at fedoraproject.org>
-Reviewed-by: Michael S. Tsirkin <mst at redhat.com>
-Signed-off-by: Michael S. Tsirkin <mst at redhat.com>
-Reviewed-by: Stefan Hajnoczi <stefanha at redhat.com>
-Reviewed-by: Cornelia Huck <cohuck at redhat.com>
-Signed-off-by: Catalin Enache <catalin.enache at windriver.com>
----
- hw/virtio/virtio.c | 14 +++++++++++---
- 1 file changed, 11 insertions(+), 3 deletions(-)
-
-diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
-index 703e672..ad564b0 100644
---- a/hw/virtio/virtio.c
-+++ b/hw/virtio/virtio.c
-@@ -182,7 +182,7 @@ void virtio_queue_update_rings(VirtIODevice *vdev, int n)
- {
- VRing *vring = &vdev->vq[n].vring;
-
-- if (!vring->desc) {
-+ if (!vring->num || !vring->desc || !vring->align) {
- /* not yet setup -> nothing to do */
- return;
- }
-@@ -1414,6 +1414,9 @@ void virtio_config_modern_writel(VirtIODevice *vdev,
-
- void virtio_queue_set_addr(VirtIODevice *vdev, int n, hwaddr addr)
- {
-+ if (!vdev->vq[n].vring.num) {
-+ return;
-+ }
- vdev->vq[n].vring.desc = addr;
- virtio_queue_update_rings(vdev, n);
- }
-@@ -1426,6 +1429,9 @@ hwaddr virtio_queue_get_addr(VirtIODevice *vdev, int n)
- void virtio_queue_set_rings(VirtIODevice *vdev, int n, hwaddr desc,
- hwaddr avail, hwaddr used)
- {
-+ if (!vdev->vq[n].vring.num) {
-+ return;
-+ }
- vdev->vq[n].vring.desc = desc;
- vdev->vq[n].vring.avail = avail;
- vdev->vq[n].vring.used = used;
-@@ -1494,8 +1500,10 @@ void virtio_queue_set_align(VirtIODevice *vdev, int n, int align)
- */
- assert(k->has_variable_vring_alignment);
-
-- vdev->vq[n].vring.align = align;
-- virtio_queue_update_rings(vdev, n);
-+ if (align) {
-+ vdev->vq[n].vring.align = align;
-+ virtio_queue_update_rings(vdev, n);
-+ }
- }
-
- static bool virtio_queue_notify_aio_vq(VirtQueue *vq)
---
-2.10.2
-
diff --git a/meta/recipes-devtools/qemu/qemu_2.10.1.bb b/meta/recipes-devtools/qemu/qemu_2.10.1.bb
index 6c2dd58..71cc74e 100644
--- a/meta/recipes-devtools/qemu/qemu_2.10.1.bb
+++ b/meta/recipes-devtools/qemu/qemu_2.10.1.bb
@@ -34,7 +34,6 @@ SRC_URI = "http://wiki.qemu-project.org/download/${BP}.tar.bz2 \
file://chardev-connect-socket-to-a-spawned-command.patch \
file://apic-fixup-fallthrough-to-PIC.patch \
file://ppc_locking.patch \
- file://CVE-2017-17381.patch \
"
UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+\..*)\.tar"
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list