[OE-core] qemu: backport patches to fix cves breaks qemu-system-native
richard.purdie at linuxfoundation.org
richard.purdie at linuxfoundation.org
Wed Mar 20 12:08:42 UTC 2019
On Wed, 2019-03-20 at 12:07 +0000, Alexey Brodkin wrote:
> Hi Richard,
>
> > -----Original Message-----
> > From: richard.purdie at linuxfoundation.org <
> > richard.purdie at linuxfoundation.org>
> > Sent: Wednesday, March 20, 2019 3:04 PM
> > To: Alexey Brodkin <alexey.brodkin at synopsys.com>; Kai Kang <
> > kai.kang at windriver.com>
> > Cc: Patches and discussions about the oe-core layer <
> > openembedded-core at lists.openembedded.org>
> > Subject: Re: qemu: backport patches to fix cves breaks qemu-system-
> > native
> >
> > On Wed, 2019-03-20 at 07:42 +0000, Alexey Brodkin wrote:
> > > Hello Kai Kang,
> > >
> > > You recent changes in QEMU [1] lead to build failure:
> > > -------------------------------------->8-------------------------
> > > ----
> > > --------
> > > # bitbake qemu-system-native
> > > ...
> > > > .../build/tmp-glibc/work/x86_64-linux/qemu-system-native/3.1.0-
> > > > r0/qemu-3.1.0/hw/rdma/rdma_backend.c:316:42: error:
> > > > 'VENDOR_ERR_INV_NUM_SGE' undeclared (first use in this
> > > > function)
> > > > comp_handler(IBV_WC_GENERAL_ERR,
> > > > VENDOR_ERR_INV_NUM_SGE,
> > > > ctx);
> > > > ^
> > > -------------------------------------->8-------------------------
> > > ----
> > > --------
> > >
> > > That's obviously because of meta/recipes-devtools/qemu/qemu/0015-
> > > fix-
> > > CVE-2018-20124.patch.
> > >
> > > I'm wondering if you tried to build QEMU yourself?
> >
> > We're not seeing this on the autobuilder, is this gated by some
> > non-
> > default config option?
>
> Maybe.
>
> But if you grep by qemu sources you may notice that indeed
> VENDOR_ERR_INV_NUM_SGE is not defined anywhere. So regardless of my
> setup
> that looks like a valid and expected build failure.
>
> At least that was the case after I fetched OE-core changes this
> morning.
I don't doubt it, I'm just wondering why our testing didn't highlight
it...
Cheers,
Richard
More information about the Openembedded-core
mailing list