Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Aric Belsito <lluixhi@×××××.com>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/, app-emulation/qemu/files/
Date: Mon, 31 Oct 2016 23:26:30
Message-Id: 1477956288.8aedcac7a5fbef4e8d4ae23184be1c125a4ca289.lluixhi@gentoo
1 commit: 8aedcac7a5fbef4e8d4ae23184be1c125a4ca289
2 Author: Aric Belsito <lluixhi <AT> gmail <DOT> com>
3 AuthorDate: Mon Oct 31 23:24:48 2016 +0000
4 Commit: Aric Belsito <lluixhi <AT> gmail <DOT> com>
5 CommitDate: Mon Oct 31 23:24:48 2016 +0000
6 URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=8aedcac7
7
8 app-emulation/qemu: Sync with upstream
9
10 Drop the r99 name.
11
12 Add patch from ::musl-extras that disables an ifunc hack causing a segmentation
13 fault on startup when the avx test passes in configure.
14
15 app-emulation/qemu/Manifest | 21 ++++++--
16 .../qemu/files/qemu-2.2.0-_sigev_un.patch | 5 +-
17 .../qemu/files/qemu-2.7.0-CVE-2016-7907.patch | 45 ++++++++++++++++
18 .../qemu/files/qemu-2.7.0-CVE-2016-7908.patch | 52 ++++++++++++++++++
19 .../qemu/files/qemu-2.7.0-CVE-2016-7909.patch | 32 ++++++++++++
20 .../qemu/files/qemu-2.7.0-CVE-2016-7994-1.patch | 25 +++++++++
21 .../qemu/files/qemu-2.7.0-CVE-2016-7994-2.patch | 26 +++++++++
22 .../qemu/files/qemu-2.7.0-CVE-2016-8576.patch | 61 ++++++++++++++++++++++
23 .../qemu/files/qemu-2.7.0-CVE-2016-8577.patch | 34 ++++++++++++
24 .../qemu/files/qemu-2.7.0-CVE-2016-8578.patch | 58 ++++++++++++++++++++
25 .../qemu/files/qemu-2.7.0-CVE-2016-8668.patch | 30 +++++++++++
26 .../qemu/files/qemu-2.7.0-CVE-2016-8669-1.patch | 29 ++++++++++
27 .../qemu/files/qemu-2.7.0-CVE-2016-8669-2.patch | 34 ++++++++++++
28 .../qemu/files/qemu-2.7.0-CVE-2016-8909.patch | 31 +++++++++++
29 .../qemu/files/qemu-2.7.0-CVE-2016-8910.patch | 29 ++++++++++
30 .../qemu/files/qemu-2.7.0-configure-ifunc.patch | 13 +++++
31 app-emulation/qemu/files/qemu-binfmt.initd-r1 | 54 +++++++++++--------
32 app-emulation/qemu/files/qemu-kvm-1.4 | 3 --
33 ...{qemu-2.7.0-r99.ebuild => qemu-2.7.0-r5.ebuild} | 19 ++++++-
34 19 files changed, 568 insertions(+), 33 deletions(-)
35
36 diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
37 index 1eb09a6..3b5e653 100644
38 --- a/app-emulation/qemu/Manifest
39 +++ b/app-emulation/qemu/Manifest
40 @@ -2,7 +2,7 @@ AUX 65-kvm.rules 40 SHA256 c16a8dc7855880b2651f1a3ff488ecc54d4ac1036c71fffd50070
41 AUX bridge.conf 454 SHA256 a51850dd39923f3482e4c575b48ad9fef9c9ebb2f2176225da399b79ce48c69d SHA512 a907ee86b81a1b61033bb7621ded65112504131ef7b698c53e4014b958ee6fc79e66f63069015a01e41362cb70a7d0ed26dd9a03033cf776f4846f0e1f8f1533 WHIRLPOOL 8fcbd4abf9b8f7ca3d16fe0eaf17196ebf708dfecf85ce0f020e0de22b64905114f7b310f361826c81bb961c6b1bbbf984bff1e595bb949993b8966ccb222c35
42 AUX qemu-2.0.0-F_SHLCK-and-F_EXLCK.patch 563 SHA256 99de67d610ad13a1dcf6c67a3c2b5b87fb909220173a956435737f9bea3c371b SHA512 a29e9a889388a6627ed492a79e66514ffb5e64f9479646982091811548fc2a9bf6682104a6c774d83e645e4b1db39e491afd4efce789fe164623442a7f3e5d00 WHIRLPOOL d3aab06099de263c22f4c71810a3b2cb8602d17731ec76674cd1415e539306555a7b96b789f0daad473600dfa04a83224ff603f7b9a9ac63a4902f74d0e9deb5
43 AUX qemu-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch 930 SHA256 6af6cf9044997710a6d0fbdba30a35c8d775e30d30c032ec97db672f75ec88ac SHA512 ec84b27648c01c6e58781295dcd0c2ff8e5a635f9836ef50c1da5d0ed125db1afc4cb5b01cb97606d6dd8f417acba93e1560d9a32ca29161a4bb730b302440ea WHIRLPOOL 06b9dd5251ac03405c97b1f5a623b4d86bda2f72fbcd52b90ae4d11a0cfb59cae62df2cb6189405fbe53ab05ff2b7ca8165fda239dbfe5f31ed70abb53b3b9f3
44 -AUX qemu-2.2.0-_sigev_un.patch 465 SHA256 4d5a1359a1bc25f1f8dcb7f021efc235b9c8f2535258ca65706c5fde15946ebe SHA512 af90b8dcd8b14716df6270436ae1d77c998a04547bf17f961b2d9a594d1abfb573ca25283a633de6bcd3a81a778b88a4c7950dbd39c23ee35191626da14eb802 WHIRLPOOL cf40379cd0c9f3a8f89823a6d9415666a99885711bdde44067d4a3a082a9b33efbe69279c0782b2e84b7586389e82845dd30668240f236266f61ba447abb8241
45 +AUX qemu-2.2.0-_sigev_un.patch 636 SHA256 f3b9a4d6162c553f3110ad22716305818e2130e2ff5d628faf044fc58a5e3cb5 SHA512 f72b879daede5184904f64cabb276de96299a37a93fce444d09e9068671009e95a5e5d6b815ec41a5db5b3807de14d470a56bba5806ffd4dfec577577b046ccb WHIRLPOOL 9453ad4966e10d504f3e867fd984642a3c1ee3ae847b5ca56196fd1f9e6c0f2d7b52ca07446212af72fef6d0ded1527a5eb306fa6cd915e8dd9ce11523362bac
46 AUX qemu-2.5.0-cflags.patch 410 SHA256 17f5624dd733f5c80e733cc67ae36a736169ec066024dbf802b416accfed0755 SHA512 0194d28de08b4e51c5bd1c9a2cc7965ba7f66dfddb8fd91de3da93677e6cf2d38ad3270f69aaea8a20cf2533c2980018d6e0fed711be2806fe2053fba7c081f3 WHIRLPOOL 5f5b95d00409fbe03adb64801d30a2fb5f98dded5efa7f0e78b5746776f72917dcbea767e1d0afcb304d8bf8c484adedb8037e6d54e9d34997c2bc3a98b53154
47 AUX qemu-2.5.0-sysmacros.patch 333 SHA256 a5716fc02da383d455f5cbd76f49e4ee74d84c2d5703319adcbeb145d04875f9 SHA512 329632c5bff846ca3ffcdb4bc94ae62f17c6bdbb566f9bec0784357c943523e8ca7773790b83a9617734cab3b003baa3d636cbd08f7385810a63b0fa0383c4f0 WHIRLPOOL 2a774767d4685545d3ed18e4f5dece99a9007597d73c56197652ff24083550f987ffb69e5c624760dece87def71a7c5c22a694bf999d7309e48ef622f18f0d73
48 AUX qemu-2.7.0-CVE-2016-6836.patch 889 SHA256 a94812131e8baa66b81971579ab84b20bf15d544e2698448a5247ac0ddca0b3d SHA512 cf7f327f26aee5b6688eb662ced8aa07775ad9558b4a02db244303f6b7d37be9cd19b18d5725819b4708184105b98830864e0ad3af81373e59e880809036345b WHIRLPOOL df00627ad447162fdcac4b2c965a8cb5c916a7fb66d8c3a4f8f48bb2d869d7805cb3308cd495ff74ebf4840e7bc2d85abf8e666d78b3da9abb4e2bae22697a82
49 @@ -15,8 +15,21 @@ AUX qemu-2.7.0-CVE-2016-7421.patch 1183 SHA256 f3996d9d4658fb32a04ce8ae3d3510e6a
50 AUX qemu-2.7.0-CVE-2016-7422.patch 1125 SHA256 7a3d31031b8ea70be29715e8d384f47ad8758e81b9cfc3768e59dd6c6a00cb2a SHA512 6a08f661cd2b00214297570c8035042544b0e707b2f20f6c59c251a73971f2b7e1920c7242ca09a4684ea58dcb177d11d087ee5e0523792e3c446e70239498ef WHIRLPOOL 82b38aa12e49695c1f0c67c303039afb05cc314d14e5bc8286bafebfbabd3eb3cddd41338d45f9510ea2f5074fd9028b39c251be0e5856e0221232a8b28797a9
51 AUX qemu-2.7.0-CVE-2016-7423.patch 925 SHA256 2b9b1102c3c9c54ba2c311661c3222b1df246a519e9eef57d0793951c1249ae0 SHA512 e4401163d15f9ebd9057b8ddf4187f7a0a2f379cb8aea2bd92b20f132f7714a4e386733884be4568eddbd4067b6cad80275ccc101276897c4796117a9b20144f WHIRLPOOL 9bd9f5ed067604f065d3ac7447f8135dd72e178caa6f3c5a5ca7bc531a8008ec46620c4af33bea54a35dfe52e430d48dcf5b59145c4e1efc2a14cb789e38f5bd
52 AUX qemu-2.7.0-CVE-2016-7466.patch 830 SHA256 5664c091038185766a54b93495029bbf6de116e8752c2334fa1c71b8387e89c3 SHA512 d158b1f66766f33b1df561956cc3c77d40e1422e44791cfc753d3def2f1851c2c9c0aeb299bcd1ae969dde8f4249f4489ed90776ebb497db4f626217710e4f48 WHIRLPOOL 13112769ecd6420e17d2a3c0e110a2bd479fc09d8a2086d27f0703a4d6c35ded07e003f28ff14579655c5468cd02c77fa514ba7ed6543f61deb60c6de604c99b
53 -AUX qemu-binfmt.initd-r1 6910 SHA256 2886c567589b958f450a87537cdb6c5bf95e8c1e4afbdf59139d16819e79d51d SHA512 09f399b6b559c6dd64d77843f600afad464909e72ae0924e97a5ef2eea55b3fb8abf6fbd57c380ec60e2f9d145ec365fd9a24c2e1b84cc6cef7070e4fb5bd72e WHIRLPOOL 983f6ae733c23c0049321184e1b6738ad5d27a70265945e6b47f3fb317ba3c84918b4929e728081549062fd0bf4a46c0a7e7184911355f3ac75963e1f8b70cd4
54 -AUX qemu-kvm-1.4 68 SHA256 8b1adf198129f001e75a2311fc420c168094d1084d2163cdf6a32b3b23c96137 SHA512 706fab4d155c410acc292e67fb354ce7dcd17f7e33f2ca8c9c44035ea128f8d36f89e27cf87ebe22721f5676be9e7f2ae5484fd000183c8ffd7854e02eb3d120 WHIRLPOOL ef795330b592cef8e3d92f52a77eb77a671e6aa1a47d07531917b5c1c09e72e5df1a44aea939b086e0a3c5ef2a5cea9223556a46ceae73e55300475c42f07067
55 +AUX qemu-2.7.0-CVE-2016-7907.patch 1380 SHA256 58aa0af82a88de8967452c06ec229de381494e7ac222273ac5a7aa2c53dc5529 SHA512 5a311dea9554d7225d75fb2c680d2f7a2b151b46802176424f495e792ab4a9a101ad99099ccf2b6250230f23fc1ea804381129cd34eb0e4cd24c1e2442de9b51 WHIRLPOOL 69e7e01bc0b221581a8b1ef1af23eb59a6ad87acbfe821ccf8c23f349c9e31b84e4b8db83f48a849a4c5e9b6229f8d55e671da9f8485ecbc24855a8ab50b02ec
56 +AUX qemu-2.7.0-CVE-2016-7908.patch 1718 SHA256 3042b5425964c9bdb6ebc17d8f4bc5efd150547a348269d54e0962efc6a658d4 SHA512 441aa4fe46a2d6d425b1759ebadabc12fb1902f80364d351120932a13b9a46030bd2ad8c7faa57d6bcfbf740d9af2a96cec082a0d40b9a7469499ba1f19177bd WHIRLPOOL 6d870c28645e6fcb12e55a4da5f9dffae78d1fcd013ae6fd9727ae46e05103dc8870d548117e7f396af79cf76947ee8d0b5285ec9b4c6aac840aa6d1e1fc9054
57 +AUX qemu-2.7.0-CVE-2016-7909.patch 975 SHA256 8fb9a27f56c6875f271ac0dc80fd78af8b70d40778ef967019e4a1b0a47ff1ae SHA512 e2793eb18179a7c7276c4d437ea68bb02a6a3963842dd74041fdf3c9f239d6353c7d9e5705c1342fc01b5c7e3bc1bfb882d8094fbe4144ac5f705852579139ca WHIRLPOOL b73aef899c94c9130385dd757b25783b20fce9d32faa245847353766e046bd769789d8b107ef06c726a0e2471a5ef1599716343782c8a82267b79ca53c281414
58 +AUX qemu-2.7.0-CVE-2016-7994-1.patch 835 SHA256 6b84d2273197bd441761469245991d02b5de8b70c29abf096df301e87b5c2478 SHA512 7a8c1c6ffc654f428485057a31d40a831707e5e6a84e32f722f6fc4c86ed474dcd19bfc8034b3a603362d821e7170f46e25ddc2ca50b60f00f45455241ba9464 WHIRLPOOL 80c5c51535cec848664811d8cf41db9d931e3215522fcaa404fa55f0c3b821bac346129b254b60a72cc09493366d8499882874dcb797e8a81e39157f64539b73
59 +AUX qemu-2.7.0-CVE-2016-7994-2.patch 896 SHA256 c23fdfb127f60d24c4b56e7745463f5655ace7af9f5fa392544e7ce05a564c5d SHA512 4243d04a573ccee043911645e716a9c6f7e28858163b48ea58e7a9734d817ac9237c4866fce843dbe10fa996cdd5453f3b704509ff4761f2ec4531d9355cc7ce WHIRLPOOL c5f7b605f566f94ad170c4819c378f9a1e3ae2740130000d9bea4c741f29365a1b5a1f1d495646e866c39a18d7da1236d731861005099457e09bead9fffa8105
60 +AUX qemu-2.7.0-CVE-2016-8576.patch 2092 SHA256 dbe3ee6778cdd802fbd7d7cb2aa991cc73e6be160bad90f2e40de02ab820a865 SHA512 25daaa79f4cb355c5dce639a14c2e265142a0c83bdbc813816789f37e293846f3768f08b9f04f692ce5b8719dadd2dbedb75f314a3f441a70e0789ecc88eb8de WHIRLPOOL 25fc67d9dc8e8d8345778b46b16f9f7c5d6da39ebefea60ef81b20e4685014a019d4c39a6619dbf48411800ae9e9c383a7243fb055ea1f2bd0b2cb7e1a2c8d4e
61 +AUX qemu-2.7.0-CVE-2016-8577.patch 1020 SHA256 fbe7b6183f019ed6c8c6afeeed4854c23991d3f18501e8f3403df8812cefd420 SHA512 364434deb120856a114a94aaab2edbaf9e5f9246e6393f584949a6b706dbdc5b711f459a48e3825554e2fa9595a1aa78fee3711cfeba3b94219b4f47e269b2de WHIRLPOOL 561f7bd41f0ac439808070757cdff9f69f6a378fe6610269c32d600575ed60b22919f4d3ea08f621648dbf3e5e97290737005e9df5949bdeeba9319901cf427e
62 +AUX qemu-2.7.0-CVE-2016-8578.patch 2208 SHA256 9b0e7852aefeb3950de38babec7a30f3225342670a72160829baa5e50786bdef SHA512 326ec2112b1cbaa4b4ddcacc02f4accd5b73e78db07e93b229d891f4cbc8d5a2db82c727d920613abd1668402ffeb16a223d8271db569435966aaece271da875 WHIRLPOOL 88ca80aa1883813f1ec9c0802e830f719317130de6959df393188e4e82764125868baec038a1dac94eab33851706838d245b205edcbf8e1864ceb83257648b99
63 +AUX qemu-2.7.0-CVE-2016-8668.patch 1124 SHA256 26f16376a73bdf9052039d1bd90545b75cc8fb0a89e0bffbf5881b537319b759 SHA512 de4df82297d199cadafefd57bc895cdf21c5acb0e0a6223212272991b652c302475d8662fb013d6a3e949d2e57a14a0ac6d861f486de8b5130fd84d66957c899 WHIRLPOOL 3995164f25accfd5c837c85fbb590acd0b7effb08370a7d4c0cb03c042ee03b2b10ca9892bd50251d17a1ba2ffff1e7a04e918f4d4e1c85406df95a6802c03c2
64 +AUX qemu-2.7.0-CVE-2016-8669-1.patch 911 SHA256 ad841a34490a02123df31aef5a0b9d31912eec8465e0c5da7cf73dc880ffd8f4 SHA512 23a26716ea554d9af73afb08d3a3d1e668e23bc0710508196039454dfccbe3764feda63d901a9c053c52af92cd069f5a4f078efdc9924f6d3cfe6a21f9d287de WHIRLPOOL 412d7a4be19defa4a098fad6a66cadd7eca9cb5971828636dfd20a57b3eef09f3801660dbf507ac1ef0fa82f9f01583e9c5e2b1e45c016adb535cd951ff16eff
65 +AUX qemu-2.7.0-CVE-2016-8669-2.patch 1037 SHA256 176a35f5191023ad665cb4019663618d48948b174b16888776245d1a001ec186 SHA512 82a71c9566f37aceffbbaa45547bc686c028353a1845bd63e49550e71201921bc2fb9793077fc1fc74d77417da84dae71e0862243acbb3d900db258a343b8ede WHIRLPOOL f489c52bf2ca6e434695a5ca12af64a83e6534536c07b02c54f82c72e59e3f026e6a9fd9cec5eb62e2cf8d009f878ac1015f58d9f5ba725a03e1e194c4abc96c
66 +AUX qemu-2.7.0-CVE-2016-8909.patch 980 SHA256 989210bfac97091e67fbe973be7a6d8aa0e6411069904a07f7c57c67e8539bb8 SHA512 23a1cfa4f257e598152d92e11d94e88c52b3702aa585fba3a71340ee16dfbd29234d6e5c81613ea71b64cead8dcdbb536246096b1c374290aa39871daacb25af WHIRLPOOL 9909ed14f5fa4a1d2ea0f8bb13f5a0e08e2f7888078e1f5b4cfaf381ccabeac22c998c9785efee6a307dbeed45801d8354650c18c6920bfb13da030127d9da7e
67 +AUX qemu-2.7.0-CVE-2016-8910.patch 848 SHA256 919e566e98434486f89ecfc3158ccee59c5bbdf3848b2a668136901871f5f1ab SHA512 1f695ebc2f10b2cda5a9b93c097adb49858af94817c14a406c7d26edd42353c776b0afc4779bc1c6f930dadcf450906924f8080ca5c87eb7c7e6b5694464dc7e WHIRLPOOL 574900ab3eca13429769c7e2b56fd4e4b1220800b2e5bc933eef502c633614eab22cba6af4fdd1fd55e3a7e70d3d5ead1cb1970f8211b5f4fc43e3d782865f1b
68 +AUX qemu-2.7.0-configure-ifunc.patch 517 SHA256 40f6183f1f490216855e83cf03bf21ec8d23786acf83cda21292fea92776d898 SHA512 e34476b5fc5039091862dc9e93c47b69e203e7e394092e7e0bda467b7523e0b5b743c2c6eaf1f36fad3ee743278e321a50d356b6365e2340280556ca6d9b32ad WHIRLPOOL cb6f92a70f91557f14a0f6719d1b3a4dee9cfcb5c34aa897eee0ad48d13c45255252666d826ce00f3183da86b9b265e0dd93aa9b85210cde2a7ce3de56644e59
69 +AUX qemu-binfmt.initd-r1 7966 SHA256 5b4b432aa1e44f387c9eb789de0ec6322741fd36dd241f76520f17c6cd6ac49b SHA512 2ba0bff6eb2b6bac4ed440f793771ce9551cad48e38bddb6cf04f804faac2407e80879f66771910344ddcea45f0014095dcc8bfeb0aad5085ef048fd3612dbd8 WHIRLPOOL a2a1fb830a970757d1e203378c7d382b161b1040f3b8aaf0f22bb3b5e46467eff395474ff40d93c9f133bab307b345a6f75d63eae9f8dd8daf67324db41032f9
70 DIST qemu-2.7.0.tar.bz2 26867760 SHA256 326e739506ba690daf69fc17bd3913a6c313d9928d743bd8eddb82f403f81e53 SHA512 654acaa7b3724a288e5d7e2a26ab780d9c9ed9f647fba00a906cbaffbe9d58fd666f2d962514aa2c5b391b4c53811ac3170d2eb51727f090bd19dfe45ca9a9db WHIRLPOOL dcb3e5f7da89dd8e14d636d7ebd476e076e0043880bb9ea3fb1c03cb4bcd4e5c7d3c4719da26c3ce521e3a3db5ae671e86f198ac1bc3474e774d75504fef8b8d
71 -EBUILD qemu-2.7.0-r99.ebuild 21332 SHA256 a6d13be36bb59bf53727dba5fe1dd5f397652531d339cf622acd15aef6cd482f SHA512 fd1ef102a4b7d4554a2b864d321419413b967f9f585031f74c600dc350db541588fa98a150329aa1134dbc761933484a2ce2e14979c096fe076cf92f7bdfedee WHIRLPOOL 50e36b66bfd83516ce4003681bcba2327da80c679aad3ab658007a87652c22f7e584eb4fb5d635b570096243abd361075c6c8e35197c2e9bbed34a4d7353537c
72 +EBUILD qemu-2.7.0-r5.ebuild 22219 SHA256 3241db5ffacb81638a3b9dcd01676d59bc5abe87ef374baa44685231d7cb6de2 SHA512 2dbbf9f2a1eab0b9d52dd3609f5bac95f511a5f243c3def7d6b074bda97ef1383c2afc3290261f81a7af25ea7021eed4826da73a244bcad2e9677c7909c38618 WHIRLPOOL 591b38c5bba7b5566dfc2fce30f398153aec9b0986baf8bb82e83b5f68ce20dc4b0fb000e511355dca058ac8c7355b3add2c00e0db9573e6f507ad65ce451d86
73 MISC metadata.xml 3925 SHA256 d1c219b7da0cbf77919cd1e055acbb3f6788a574fd802c98a43c89a411697b36 SHA512 3ff45d1c8ede12b4eedc7d01f39777b76a1cbd0ba9364299dec99d4b4a05cade5784d6f6e50197d5b5ae1f1b8e831c49da195eb53263c49b7d16aec8ee28b6e6 WHIRLPOOL bc25783fac0f3f13318834cc535404af9af20de16c7aeec222e59dc2ed7740ac5e767b329a5bcd6356d0cbae2428e278515f1446aa8ecb87a873bf4dbe04bf41
74
75 diff --git a/app-emulation/qemu/files/qemu-2.2.0-_sigev_un.patch b/app-emulation/qemu/files/qemu-2.2.0-_sigev_un.patch
76 index 588291c..5827c2e 100644
77 --- a/app-emulation/qemu/files/qemu-2.2.0-_sigev_un.patch
78 +++ b/app-emulation/qemu/files/qemu-2.2.0-_sigev_un.patch
79 @@ -1,5 +1,6 @@
80 ---- a/linux-user/syscall.c
81 -+++ b/linux-user/syscall.c
82 +diff -ur a/qemu-2.2.0/linux-user/syscall.c b/qemu-2.2.0/linux-user/syscall.c
83 +--- a/qemu-2.2.0/linux-user/syscall.c 2014-12-09 15:45:43.000000000 -0100
84 ++++ b/qemu-2.2.0/linux-user/syscall.c 2015-03-16 19:09:49.050386155 -0100
85 @@ -5033,7 +5033,7 @@
86 host_sevp->sigev_signo =
87 target_to_host_signal(tswap32(target_sevp->sigev_signo));
88
89 diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7907.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7907.patch
90 new file mode 100644
91 index 0000000..34b095a
92 --- /dev/null
93 +++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7907.patch
94 @@ -0,0 +1,45 @@
95 +From: Prasad J Pandit <address@hidden>
96 +
97 +i.MX Fast Ethernet Controller uses buffer descriptors to manage
98 +data flow to/fro receive & transmit queues. While transmitting
99 +packets, it could continue to read buffer descriptors if a buffer
100 +descriptor has length of zero and has crafted values in bd.flags.
101 +Set an upper limit to number of buffer descriptors.
102 +
103 +Reported-by: Li Qiang <address@hidden>
104 +Signed-off-by: Prasad J Pandit <address@hidden>
105 +---
106 + hw/net/imx_fec.c | 6 ++++--
107 + 1 file changed, 4 insertions(+), 2 deletions(-)
108 +
109 +Update per
110 + -> https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg05284.html
111 +
112 +diff --git a/hw/net/imx_fec.c b/hw/net/imx_fec.c
113 +index 1c415ab..1d74827 100644
114 +--- a/hw/net/imx_fec.c
115 ++++ b/hw/net/imx_fec.c
116 +@@ -220,6 +220,8 @@ static const VMStateDescription vmstate_imx_eth = {
117 + #define PHY_INT_PARFAULT (1 << 2)
118 + #define PHY_INT_AUTONEG_PAGE (1 << 1)
119 +
120 ++#define IMX_MAX_DESC 1024
121 ++
122 + static void imx_eth_update(IMXFECState *s);
123 +
124 + /*
125 +@@ -402,12 +404,12 @@ static void imx_eth_update(IMXFECState *s)
126 +
127 + static void imx_fec_do_tx(IMXFECState *s)
128 + {
129 +- int frame_size = 0;
130 ++ int frame_size = 0, descnt = 0;
131 + uint8_t frame[ENET_MAX_FRAME_SIZE];
132 + uint8_t *ptr = frame;
133 + uint32_t addr = s->tx_descriptor;
134 +
135 +- while (1) {
136 ++ while (descnt++ < IMX_MAX_DESC) {
137 + IMXFECBufDesc bd;
138 + int len;
139 +
140
141 diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7908.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7908.patch
142 new file mode 100644
143 index 0000000..16d072f
144 --- /dev/null
145 +++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7908.patch
146 @@ -0,0 +1,52 @@
147 +From 070c4b92b8cd5390889716677a0b92444d6e087a Mon Sep 17 00:00:00 2001
148 +From: Prasad J Pandit <pjp@×××××××××××××.org>
149 +Date: Thu, 22 Sep 2016 16:02:37 +0530
150 +Subject: [PATCH] net: mcf: limit buffer descriptor count
151 +
152 +ColdFire Fast Ethernet Controller uses buffer descriptors to manage
153 +data flow to/fro receive & transmit queues. While transmitting
154 +packets, it could continue to read buffer descriptors if a buffer
155 +descriptor has length of zero and has crafted values in bd.flags.
156 +Set upper limit to number of buffer descriptors.
157 +
158 +Reported-by: Li Qiang <liqiang6-s@×××.cn>
159 +Signed-off-by: Prasad J Pandit <pjp@×××××××××××××.org>
160 +Reviewed-by: Paolo Bonzini <pbonzini@××××××.com>
161 +Signed-off-by: Jason Wang <jasowang@××××××.com>
162 +---
163 + hw/net/mcf_fec.c | 5 +++--
164 + 1 files changed, 3 insertions(+), 2 deletions(-)
165 +
166 +diff --git a/hw/net/mcf_fec.c b/hw/net/mcf_fec.c
167 +index 0ee8ad9..d31fea1 100644
168 +--- a/hw/net/mcf_fec.c
169 ++++ b/hw/net/mcf_fec.c
170 +@@ -23,6 +23,7 @@ do { printf("mcf_fec: " fmt , ## __VA_ARGS__); } while (0)
171 + #define DPRINTF(fmt, ...) do {} while(0)
172 + #endif
173 +
174 ++#define FEC_MAX_DESC 1024
175 + #define FEC_MAX_FRAME_SIZE 2032
176 +
177 + typedef struct {
178 +@@ -149,7 +150,7 @@ static void mcf_fec_do_tx(mcf_fec_state *s)
179 + uint32_t addr;
180 + mcf_fec_bd bd;
181 + int frame_size;
182 +- int len;
183 ++ int len, descnt = 0;
184 + uint8_t frame[FEC_MAX_FRAME_SIZE];
185 + uint8_t *ptr;
186 +
187 +@@ -157,7 +158,7 @@ static void mcf_fec_do_tx(mcf_fec_state *s)
188 + ptr = frame;
189 + frame_size = 0;
190 + addr = s->tx_descriptor;
191 +- while (1) {
192 ++ while (descnt++ < FEC_MAX_DESC) {
193 + mcf_fec_read_bd(&bd, addr);
194 + DPRINTF("tx_bd %x flags %04x len %d data %08x\n",
195 + addr, bd.flags, bd.length, bd.data);
196 +--
197 +1.7.0.4
198 +
199
200 diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7909.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7909.patch
201 new file mode 100644
202 index 0000000..8e6ecff
203 --- /dev/null
204 +++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7909.patch
205 @@ -0,0 +1,32 @@
206 +From: Prasad J Pandit <address@hidden>
207 +
208 +The AMD PC-Net II emulator has set of control and status(CSR)
209 +registers. Of these, CSR76 and CSR78 hold receive and transmit
210 +descriptor ring length respectively. This ring length could range
211 +from 1 to 65535. Setting ring length to zero leads to an infinite
212 +loop in pcnet_rdra_addr. Add check to avoid it.
213 +
214 +Reported-by: Li Qiang <address@hidden>
215 +Signed-off-by: Prasad J Pandit <address@hidden>
216 +---
217 + hw/net/pcnet.c | 3 +++
218 + 1 file changed, 3 insertions(+)
219 +
220 +diff --git a/hw/net/pcnet.c b/hw/net/pcnet.c
221 +index 198a01f..3078de8 100644
222 +--- a/hw/net/pcnet.c
223 ++++ b/hw/net/pcnet.c
224 +@@ -1429,8 +1429,11 @@ static void pcnet_csr_writew(PCNetState *s, uint32_t rap, uint32_t new_value)
225 + case 47: /* POLLINT */
226 + case 72:
227 + case 74:
228 ++ break;
229 + case 76: /* RCVRL */
230 + case 78: /* XMTRL */
231 ++ val = (val > 0) ? val : 512;
232 ++ break;
233 + case 112:
234 + if (CSR_STOP(s) || CSR_SPND(s))
235 + break;
236 +--
237 +2.5.5
238
239 diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7994-1.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7994-1.patch
240 new file mode 100644
241 index 0000000..6fe77f3
242 --- /dev/null
243 +++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7994-1.patch
244 @@ -0,0 +1,25 @@
245 +From: Li Qiang <address@hidden>
246 +
247 +In virtio gpu resource create dispatch, if the pixman format is zero
248 +it doesn't free the resource object allocated previously. Thus leading
249 +a host memory leak issue. This patch avoid this.
250 +
251 +Signed-off-by: Li Qiang <address@hidden>
252 +---
253 + hw/display/virtio-gpu.c | 1 +
254 + 1 file changed, 1 insertion(+)
255 +
256 +diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c
257 +index 7fe6ed8..5b6d17b 100644
258 +--- a/hw/display/virtio-gpu.c
259 ++++ b/hw/display/virtio-gpu.c
260 +@@ -333,6 +333,7 @@ static void virtio_gpu_resource_create_2d(VirtIOGPU *g,
261 + qemu_log_mask(LOG_GUEST_ERROR,
262 + "%s: host couldn't handle guest format %d\n",
263 + __func__, c2d.format);
264 ++ g_free(res);
265 + cmd->error = VIRTIO_GPU_RESP_ERR_INVALID_PARAMETER;
266 + return;
267 + }
268 +--
269 +1.8.3.1
270
271 diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7994-2.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7994-2.patch
272 new file mode 100644
273 index 0000000..dce1b2b
274 --- /dev/null
275 +++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7994-2.patch
276 @@ -0,0 +1,26 @@
277 +From: Li Qiang <address@hidden>
278 +
279 +While processing isochronous transfer descriptors(iTD), if the page
280 +select(PG) field value is out of bands it will return. In this
281 +situation the ehci's sg list doesn't be freed thus leading a memory
282 +leak issue. This patch avoid this.
283 +
284 +Signed-off-by: Li Qiang <address@hidden>
285 +---
286 + hw/usb/hcd-ehci.c | 1 +
287 + 1 file changed, 1 insertion(+)
288 +
289 +diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
290 +index b093db7..f4ece9a 100644
291 +--- a/hw/usb/hcd-ehci.c
292 ++++ b/hw/usb/hcd-ehci.c
293 +@@ -1426,6 +1426,7 @@ static int ehci_process_itd(EHCIState *ehci,
294 + if (off + len > 4096) {
295 + /* transfer crosses page border */
296 + if (pg == 6) {
297 ++ qemu_sglist_destroy(&ehci->isgl);
298 + return -1; /* avoid page pg + 1 */
299 + }
300 + ptr2 = (itd->bufptr[pg + 1] & ITD_BUFPTR_MASK);
301 +--
302 +1.8.3.1
303
304 diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8576.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8576.patch
305 new file mode 100644
306 index 0000000..9617cd5
307 --- /dev/null
308 +++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8576.patch
309 @@ -0,0 +1,61 @@
310 +From 20009bdaf95d10bf748fa69b104672d3cfaceddf Mon Sep 17 00:00:00 2001
311 +From: Gerd Hoffmann <address@hidden>
312 +Date: Fri, 7 Oct 2016 10:15:29 +0200
313 +Subject: [PATCH] xhci: limit the number of link trbs we are willing to process
314 +
315 +Signed-off-by: Gerd Hoffmann <address@hidden>
316 +---
317 + hw/usb/hcd-xhci.c | 10 ++++++++++
318 + 1 file changed, 10 insertions(+)
319 +
320 +diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
321 +index 726435c..ee4fa48 100644
322 +--- a/hw/usb/hcd-xhci.c
323 ++++ b/hw/usb/hcd-xhci.c
324 +@@ -54,6 +54,8 @@
325 + * to the specs when it gets them */
326 + #define ER_FULL_HACK
327 +
328 ++#define TRB_LINK_LIMIT 4
329 ++
330 + #define LEN_CAP 0x40
331 + #define LEN_OPER (0x400 + 0x10 * MAXPORTS)
332 + #define LEN_RUNTIME ((MAXINTRS + 1) * 0x20)
333 +@@ -1000,6 +1002,7 @@ static TRBType xhci_ring_fetch(XHCIState *xhci, XHCIRing *ring, XHCITRB *trb,
334 + dma_addr_t *addr)
335 + {
336 + PCIDevice *pci_dev = PCI_DEVICE(xhci);
337 ++ uint32_t link_cnt = 0;
338 +
339 + while (1) {
340 + TRBType type;
341 +@@ -1026,6 +1029,9 @@ static TRBType xhci_ring_fetch(XHCIState *xhci, XHCIRing *ring, XHCITRB *trb,
342 + ring->dequeue += TRB_SIZE;
343 + return type;
344 + } else {
345 ++ if (++link_cnt > TRB_LINK_LIMIT) {
346 ++ return 0;
347 ++ }
348 + ring->dequeue = xhci_mask64(trb->parameter);
349 + if (trb->control & TRB_LK_TC) {
350 + ring->ccs = !ring->ccs;
351 +@@ -1043,6 +1049,7 @@ static int xhci_ring_chain_length(XHCIState *xhci, const XHCIRing *ring)
352 + bool ccs = ring->ccs;
353 + /* hack to bundle together the two/three TDs that make a setup transfer */
354 + bool control_td_set = 0;
355 ++ uint32_t link_cnt = 0;
356 +
357 + while (1) {
358 + TRBType type;
359 +@@ -1058,6 +1065,9 @@ static int xhci_ring_chain_length(XHCIState *xhci, const XHCIRing *ring)
360 + type = TRB_TYPE(trb);
361 +
362 + if (type == TR_LINK) {
363 ++ if (++link_cnt > TRB_LINK_LIMIT) {
364 ++ return -length;
365 ++ }
366 + dequeue = xhci_mask64(trb.parameter);
367 + if (trb.control & TRB_LK_TC) {
368 + ccs = !ccs;
369 +--
370 +1.8.3.1
371
372 diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8577.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8577.patch
373 new file mode 100644
374 index 0000000..8c29580
375 --- /dev/null
376 +++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8577.patch
377 @@ -0,0 +1,34 @@
378 +From: Li Qiang <address@hidden>
379 +
380 +In 9pfs read dispatch function, it doesn't free two QEMUIOVector
381 +object thus causing potential memory leak. This patch avoid this.
382 +
383 +Signed-off-by: Li Qiang <address@hidden>
384 +---
385 + hw/9pfs/9p.c | 5 +++--
386 + 1 file changed, 3 insertions(+), 2 deletions(-)
387 +
388 +diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
389 +index 119ee58..543a791 100644
390 +--- a/hw/9pfs/9p.c
391 ++++ b/hw/9pfs/9p.c
392 +@@ -1826,14 +1826,15 @@ static void v9fs_read(void *opaque)
393 + if (len < 0) {
394 + /* IO error return the error */
395 + err = len;
396 +- goto out;
397 ++ goto out_free_iovec;
398 + }
399 + } while (count < max_count && len > 0);
400 + err = pdu_marshal(pdu, offset, "d", count);
401 + if (err < 0) {
402 +- goto out;
403 ++ goto out_free_iovec;
404 + }
405 + err += offset + count;
406 ++out_free_iovec:
407 + qemu_iovec_destroy(&qiov);
408 + qemu_iovec_destroy(&qiov_full);
409 + } else if (fidp->fid_type == P9_FID_XATTR) {
410 +--
411 +1.8.3.1
412
413 diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8578.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8578.patch
414 new file mode 100644
415 index 0000000..74eee7e
416 --- /dev/null
417 +++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8578.patch
418 @@ -0,0 +1,58 @@
419 +From ba42ebb863ab7d40adc79298422ed9596df8f73a Mon Sep 17 00:00:00 2001
420 +From: Li Qiang <liqiang6-s@×××.cn>
421 +Date: Mon, 17 Oct 2016 14:13:58 +0200
422 +Subject: [PATCH] 9pfs: allocate space for guest originated empty strings
423 +
424 +If a guest sends an empty string paramater to any 9P operation, the current
425 +code unmarshals it into a V9fsString equal to { .size = 0, .data = NULL }.
426 +
427 +This is unfortunate because it can cause NULL pointer dereference to happen
428 +at various locations in the 9pfs code. And we don't want to check str->data
429 +everywhere we pass it to strcmp() or any other function which expects a
430 +dereferenceable pointer.
431 +
432 +This patch enforces the allocation of genuine C empty strings instead, so
433 +callers don't have to bother.
434 +
435 +Out of all v9fs_iov_vunmarshal() users, only v9fs_xattrwalk() checks if
436 +the returned string is empty. It now uses v9fs_string_size() since
437 +name.data cannot be NULL anymore.
438 +
439 +Signed-off-by: Li Qiang <liqiang6-s@×××.cn>
440 +[groug, rewritten title and changelog,
441 + fix empty string check in v9fs_xattrwalk()]
442 +Signed-off-by: Greg Kurz <groug@××××.org>
443 +---
444 + fsdev/9p-iov-marshal.c | 2 +-
445 + hw/9pfs/9p.c | 2 +-
446 + 2 files changed, 2 insertions(+), 2 deletions(-)
447 +
448 +diff --git a/fsdev/9p-iov-marshal.c b/fsdev/9p-iov-marshal.c
449 +index 663cad5..1d16f8d 100644
450 +--- a/fsdev/9p-iov-marshal.c
451 ++++ b/fsdev/9p-iov-marshal.c
452 +@@ -125,7 +125,7 @@ ssize_t v9fs_iov_vunmarshal(struct iovec *out_sg, int out_num, size_t offset,
453 + str->data = g_malloc(str->size + 1);
454 + copied = v9fs_unpack(str->data, out_sg, out_num, offset,
455 + str->size);
456 +- if (copied > 0) {
457 ++ if (copied >= 0) {
458 + str->data[str->size] = 0;
459 + } else {
460 + v9fs_string_free(str);
461 +diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
462 +index 119ee58..39a7e1d 100644
463 +--- a/hw/9pfs/9p.c
464 ++++ b/hw/9pfs/9p.c
465 +@@ -3174,7 +3174,7 @@ static void v9fs_xattrwalk(void *opaque)
466 + goto out;
467 + }
468 + v9fs_path_copy(&xattr_fidp->path, &file_fidp->path);
469 +- if (name.data == NULL) {
470 ++ if (!v9fs_string_size(&name)) {
471 + /*
472 + * listxattr request. Get the size first
473 + */
474 +--
475 +2.7.3
476 +
477
478 diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8668.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8668.patch
479 new file mode 100644
480 index 0000000..a27d3a6
481 --- /dev/null
482 +++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8668.patch
483 @@ -0,0 +1,30 @@
484 +From: Prasad J Pandit <address@hidden>
485 +
486 +Rocker network switch emulator has test registers to help debug
487 +DMA operations. While testing host DMA access, a buffer address
488 +is written to register 'TEST_DMA_ADDR' and its size is written to
489 +register 'TEST_DMA_SIZE'. When performing TEST_DMA_CTRL_INVERT
490 +test, if DMA buffer size was greater than 'INT_MAX', it leads to
491 +an invalid buffer access. Limit the DMA buffer size to avoid it.
492 +
493 +Reported-by: Huawei PSIRT <address@hidden>
494 +Signed-off-by: Prasad J Pandit <address@hidden>
495 +---
496 + hw/net/rocker/rocker.c | 2 +-
497 + 1 file changed, 1 insertion(+), 1 deletion(-)
498 +
499 +diff --git a/hw/net/rocker/rocker.c b/hw/net/rocker/rocker.c
500 +index 30f2ce4..e9d215a 100644
501 +--- a/hw/net/rocker/rocker.c
502 ++++ b/hw/net/rocker/rocker.c
503 +@@ -860,7 +860,7 @@ static void rocker_io_writel(void *opaque, hwaddr addr, uint32_t val)
504 + rocker_msix_irq(r, val);
505 + break;
506 + case ROCKER_TEST_DMA_SIZE:
507 +- r->test_dma_size = val;
508 ++ r->test_dma_size = val & 0xFFFF;
509 + break;
510 + case ROCKER_TEST_DMA_ADDR + 4:
511 + r->test_dma_addr = ((uint64_t)val) << 32 | r->lower32;
512 +--
513 +2.5.5
514
515 diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-1.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-1.patch
516 new file mode 100644
517 index 0000000..457f022
518 --- /dev/null
519 +++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-1.patch
520 @@ -0,0 +1,29 @@
521 +From: Prasad J Pandit <address@hidden>
522 +
523 +The JAZZ RC4030 chipset emulator has a periodic timer and
524 +associated interval reload register. The reload value is used
525 +as divider when computing timer's next tick value. If reload
526 +value is large, it could lead to divide by zero error. Limit
527 +the interval reload value to avoid it.
528 +
529 +Reported-by: Huawei PSIRT <address@hidden>
530 +Signed-off-by: Prasad J Pandit <address@hidden>
531 +---
532 + hw/dma/rc4030.c | 2 +-
533 + 1 file changed, 1 insertion(+), 1 deletion(-)
534 +
535 +diff --git a/hw/dma/rc4030.c b/hw/dma/rc4030.c
536 +index 2f2576f..c1b4997 100644
537 +--- a/hw/dma/rc4030.c
538 ++++ b/hw/dma/rc4030.c
539 +@@ -460,7 +460,7 @@ static void rc4030_write(void *opaque, hwaddr addr, uint64_t data,
540 + break;
541 + /* Interval timer reload */
542 + case 0x0228:
543 +- s->itr = val;
544 ++ s->itr = val & 0x01FF;
545 + qemu_irq_lower(s->timer_irq);
546 + set_next_tick(s);
547 + break;
548 +--
549 +2.5.5
550
551 diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-2.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-2.patch
552 new file mode 100644
553 index 0000000..23393b7
554 --- /dev/null
555 +++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-2.patch
556 @@ -0,0 +1,34 @@
557 +From: Prasad J Pandit <address@hidden>
558 +
559 +16550A UART device uses an oscillator to generate frequencies
560 +(baud base), which decide communication speed. This speed could
561 +be changed by dividing it by a divider. If the divider is
562 +greater than the baud base, speed is set to zero, leading to a
563 +divide by zero error. Add check to avoid it.
564 +
565 +Reported-by: Huawei PSIRT <address@hidden>
566 +Signed-off-by: Prasad J Pandit <address@hidden>
567 +---
568 + hw/char/serial.c | 3 ++-
569 + 1 file changed, 2 insertions(+), 1 deletion(-)
570 +
571 +Update per
572 + -> https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02400.html
573 +
574 +diff --git a/hw/char/serial.c b/hw/char/serial.c
575 +index 3442f47..eec72b7 100644
576 +--- a/hw/char/serial.c
577 ++++ b/hw/char/serial.c
578 +@@ -153,8 +153,9 @@ static void serial_update_parameters(SerialState *s)
579 + int speed, parity, data_bits, stop_bits, frame_size;
580 + QEMUSerialSetParams ssp;
581 +
582 +- if (s->divider == 0)
583 ++ if (s->divider == 0 || s->divider > s->baudbase) {
584 + return;
585 ++ }
586 +
587 + /* Start bit. */
588 + frame_size = 1;
589 +--
590 +2.5.5
591
592 diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8909.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8909.patch
593 new file mode 100644
594 index 0000000..ed6613f
595 --- /dev/null
596 +++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8909.patch
597 @@ -0,0 +1,31 @@
598 +From: Prasad J Pandit <address@hidden>
599 +
600 +Intel HDA emulator uses stream of buffers during DMA data
601 +transfers. Each entry has buffer length and buffer pointer
602 +position, which are used to derive bytes to 'copy'. If this
603 +length and buffer pointer were to be same, 'copy' could be
604 +set to zero(0), leading to an infinite loop. Add check to
605 +avoid it.
606 +
607 +Reported-by: Huawei PSIRT <address@hidden>
608 +Signed-off-by: Prasad J Pandit <address@hidden>
609 +---
610 + hw/audio/intel-hda.c | 3 ++-
611 + 1 file changed, 2 insertions(+), 1 deletion(-)
612 +
613 +diff --git a/hw/audio/intel-hda.c b/hw/audio/intel-hda.c
614 +index cd95340..537face 100644
615 +--- a/hw/audio/intel-hda.c
616 ++++ b/hw/audio/intel-hda.c
617 +@@ -416,7 +416,8 @@ static bool intel_hda_xfer(HDACodecDevice *dev, uint32_t stnr, bool output,
618 + }
619 +
620 + left = len;
621 +- while (left > 0) {
622 ++ s = st->bentries;
623 ++ while (left > 0 && s-- > 0) {
624 + copy = left;
625 + if (copy > st->bsize - st->lpib)
626 + copy = st->bsize - st->lpib;
627 +--
628 +2.7.4
629
630 diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8910.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8910.patch
631 new file mode 100644
632 index 0000000..c93f796
633 --- /dev/null
634 +++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8910.patch
635 @@ -0,0 +1,29 @@
636 +From: Prasad J Pandit <address@hidden>
637 +
638 +RTL8139 ethernet controller in C+ mode supports multiple
639 +descriptor rings, each with maximum of 64 descriptors. While
640 +processing transmit descriptor ring in 'rtl8139_cplus_transmit',
641 +it does not limit the descriptor count and runs forever. Add
642 +check to avoid it.
643 +
644 +Reported-by: Andrew Henderson <address@hidden>
645 +Signed-off-by: Prasad J Pandit <address@hidden>
646 +---
647 + hw/net/rtl8139.c | 2 +-
648 + 1 file changed, 1 insertion(+), 1 deletion(-)
649 +
650 +diff --git a/hw/net/rtl8139.c b/hw/net/rtl8139.c
651 +index 3345bc6..f05e59c 100644
652 +--- a/hw/net/rtl8139.c
653 ++++ b/hw/net/rtl8139.c
654 +@@ -2350,7 +2350,7 @@ static void rtl8139_cplus_transmit(RTL8139State *s)
655 + {
656 + int txcount = 0;
657 +
658 +- while (rtl8139_cplus_transmit_one(s))
659 ++ while (txcount < 64 && rtl8139_cplus_transmit_one(s))
660 + {
661 + ++txcount;
662 + }
663 +--
664 +2.7.4
665
666 diff --git a/app-emulation/qemu/files/qemu-2.7.0-configure-ifunc.patch b/app-emulation/qemu/files/qemu-2.7.0-configure-ifunc.patch
667 new file mode 100644
668 index 0000000..d090323
669 --- /dev/null
670 +++ b/app-emulation/qemu/files/qemu-2.7.0-configure-ifunc.patch
671 @@ -0,0 +1,13 @@
672 +diff -Naur qemu-2.7.0.orig/configure qemu-2.7.0/configure
673 +--- qemu-2.7.0.orig/configure 2016-09-05 18:30:41.722529882 -0700
674 ++++ qemu-2.7.0/configure 2016-09-05 18:32:22.473649654 -0700
675 +@@ -1805,7 +1805,8 @@
676 + EOF
677 + if compile_object "" ; then
678 + if has readelf; then
679 +- if readelf --syms $TMPO 2>/dev/null |grep -q "IFUNC.*foo"; then
680 ++ if readelf --syms $TMPO 2>/dev/null |grep -q "IFUNC.*foo" &&
681 ++ ldd $TMPO >dev/null 2>&1; then
682 + avx2_opt="yes"
683 + fi
684 + fi
685
686 diff --git a/app-emulation/qemu/files/qemu-binfmt.initd-r1 b/app-emulation/qemu/files/qemu-binfmt.initd-r1
687 index 84e909f..18adb65 100644
688 --- a/app-emulation/qemu/files/qemu-binfmt.initd-r1
689 +++ b/app-emulation/qemu/files/qemu-binfmt.initd-r1
690 @@ -1,16 +1,22 @@
691 -#!/sbin/runscript
692 -# Copyright 1999-2013 Gentoo Foundation
693 +#!/sbin/openrc-run
694 +# Copyright 1999-2016 Gentoo Foundation
695 # Distributed under the terms of the GNU General Public License v2
696 # $Id$
697
698 # enable automatic i386/ARM/M68K/MIPS/SPARC/PPC/s390 program execution by the kernel
699
700 +# Defaulting to OC should be safe because it comes down to:
701 +# - do we trust the interp itself to not be malicious? yes; we built it.
702 +# - do we trust the programs we're running? ish; same permission as native
703 +# binaries apply. so if user can do bad stuff natively, cross isn't worse.
704 +: ${QEMU_BINFMT_FLAGS:=OC}
705 +
706 depend() {
707 after procfs
708 }
709
710 start() {
711 - ebegin "Registering qemu-user binaries"
712 + ebegin "Registering qemu-user binaries (flags: ${QEMU_BINFMT_FLAGS})"
713
714 if [ ! -d /proc/sys/fs/binfmt_misc ] ; then
715 modprobe -q binfmt_misc
716 @@ -50,55 +56,58 @@ start() {
717
718 # register the interpreter for each cpu except for the native one
719 if [ $cpu != "i386" -a -x "/usr/bin/qemu-i386" ] ; then
720 - echo ':i386:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x03\x00:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-i386:P' > /proc/sys/fs/binfmt_misc/register
721 - echo ':i486:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x06\x00:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-i386:P' > /proc/sys/fs/binfmt_misc/register
722 + echo ':i386:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x03\x00:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-i386:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
723 + echo ':i486:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x06\x00:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-i386:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
724 fi
725 if [ $cpu != "alpha" -a -x "/usr/bin/qemu-alpha" ] ; then
726 - echo ':alpha:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x26\x90:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-alpha:P' > /proc/sys/fs/binfmt_misc/register
727 + echo ':alpha:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x26\x90:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-alpha:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
728 fi
729 if [ $cpu != "arm" -a -x "/usr/bin/qemu-arm" ] ; then
730 - echo ':arm:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff:/usr/bin/qemu-arm:P' > /proc/sys/fs/binfmt_misc/register
731 + echo ':arm:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff:/usr/bin/qemu-arm:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
732 fi
733 if [ $cpu != "arm" -a -x "/usr/bin/qemu-armeb" ] ; then
734 - echo ':armeb:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-armeb:P' > /proc/sys/fs/binfmt_misc/register
735 + echo ':armeb:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-armeb:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
736 + fi
737 + if [ $cpu != "aarch64" -a -x "/usr/bin/qemu-aarch64" ] ; then
738 + echo ':aarch64:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-aarch64:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
739 fi
740 if [ $cpu != "sparc" -a -x "/usr/bin/qemu-sparc" ] ; then
741 - echo ':sparc:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x02:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-sparc:P' > /proc/sys/fs/binfmt_misc/register
742 + echo ':sparc:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x02:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-sparc:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
743 fi
744 if [ $cpu != "ppc" -a -x "/usr/bin/qemu-ppc" ] ; then
745 - echo ':ppc:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x14:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-ppc:P' > /proc/sys/fs/binfmt_misc/register
746 + echo ':ppc:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x14:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-ppc:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
747 fi
748 if [ $cpu != "m68k" -a -x "/usr/bin/qemu-m68k" ] ; then
749 - echo 'Please check cpu value and header information for m68k!'
750 - echo ':m68k:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-m68k:P' > /proc/sys/fs/binfmt_misc/register
751 + #echo 'Please check cpu value and header information for m68k!'
752 + echo ':m68k:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-m68k:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
753 fi
754 if [ $cpu != "mips" -a -x "/usr/bin/qemu-mips" ] ; then
755 # FIXME: We could use the other endianness on a MIPS host.
756 - echo ':mips:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mips:P' > /proc/sys/fs/binfmt_misc/register
757 + echo ':mips:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mips:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
758 fi
759 if [ $cpu != "mips" -a -x "/usr/bin/qemu-mipsel" ] ; then
760 - echo ':mipsel:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mipsel:P' > /proc/sys/fs/binfmt_misc/register
761 + echo ':mipsel:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mipsel:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
762 fi
763 if [ $cpu != "mips" -a -x "/usr/bin/qemu-mipsn32" ] ; then
764 - echo ':mipsn32:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mipsn32:P' > /proc/sys/fs/binfmt_misc/register
765 + echo ':mipsn32:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mipsn32:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
766 fi
767 if [ $cpu != "mips" -a -x "/usr/bin/qemu-mipsn32el" ] ; then
768 - echo ':mipsn32el:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mipsn32el:P' > /proc/sys/fs/binfmt_misc/register
769 + echo ':mipsn32el:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mipsn32el:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
770 fi
771 if [ $cpu != "mips" -a -x "/usr/bin/qemu-mips64" ] ; then
772 - echo ':mips64:M::\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mips64:P' > /proc/sys/fs/binfmt_misc/register
773 + echo ':mips64:M::\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mips64:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
774 fi
775 if [ $cpu != "mips" -a -x "/usr/bin/qemu-mips64el" ] ; then
776 - echo ':mips64el:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mips64el:P' > /proc/sys/fs/binfmt_misc/register
777 + echo ':mips64el:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mips64el:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
778 fi
779 if [ $cpu != "sh" -a -x "/usr/bin/qemu-sh4" ] ; then
780 - echo ':sh4:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2a\x00:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-sh4:P' > /proc/sys/fs/binfmt_misc/register
781 + echo ':sh4:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2a\x00:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-sh4:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
782 fi
783 if [ $cpu != "sh" -a -x "/usr/bin/qemu-sh4eb" ] ; then
784 - echo ':sh4eb:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2a:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-sh4eb:P' > /proc/sys/fs/binfmt_misc/register
785 + echo ':sh4eb:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2a:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-sh4eb:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
786 fi
787 - if [ $cpu != "s390x" -a -x "/usr/local/bin/qemu-s390x" ] ; then
788 - echo ':s390x:M::\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x16:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/local/bin/qemu-s390x:P' > /proc/sys/fs/binfmt_misc/register
789 + if [ $cpu != "s390x" -a -x "/usr/bin/qemu-s390x" ] ; then
790 + echo ':s390x:M::\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x16:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-s390x:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
791 fi
792 eend $?
793 }
794 @@ -110,6 +119,7 @@ stop() {
795 arches="${arches} i386 i486"
796 arches="${arches} alpha"
797 arches="${arches} arm armeb"
798 + arches="${arches} aarch64"
799 arches="${arches} sparc"
800 arches="${arches} ppc"
801 arches="${arches} m68k"
802
803 diff --git a/app-emulation/qemu/files/qemu-kvm-1.4 b/app-emulation/qemu/files/qemu-kvm-1.4
804 deleted file mode 100644
805 index 08da00b..0000000
806 --- a/app-emulation/qemu/files/qemu-kvm-1.4
807 +++ /dev/null
808 @@ -1,3 +0,0 @@
809 -#!/bin/sh
810 -
811 -exec /usr/bin/qemu-system-x86_64 -machine accel=kvm "$@"
812
813 diff --git a/app-emulation/qemu/qemu-2.7.0-r99.ebuild b/app-emulation/qemu/qemu-2.7.0-r5.ebuild
814 similarity index 95%
815 rename from app-emulation/qemu/qemu-2.7.0-r99.ebuild
816 rename to app-emulation/qemu/qemu-2.7.0-r5.ebuild
817 index f8432d3..5872941 100644
818 --- a/app-emulation/qemu/qemu-2.7.0-r99.ebuild
819 +++ b/app-emulation/qemu/qemu-2.7.0-r5.ebuild
820 @@ -18,7 +18,7 @@ if [[ ${PV} = *9999* ]]; then
821 SRC_URI=""
822 else
823 SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
824 - KEYWORDS="amd64 ~ppc x86"
825 + KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd"
826 fi
827
828 DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
829 @@ -337,9 +337,11 @@ src_prepare() {
830 epatch "${FILESDIR}"/${PN}-2.0.0-F_SHLCK-and-F_EXLCK.patch
831 epatch "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
832 epatch "${FILESDIR}"/${PN}-2.2.0-_sigev_un.patch
833 + epatch "${FILESDIR}"/${PN}-2.7.0-configure-ifunc.patch
834
835 epatch "${FILESDIR}"/${PN}-2.5.0-cflags.patch
836 epatch "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
837 +
838 epatch "${FILESDIR}"/${P}-CVE-2016-6836.patch # bug 591242
839 epatch "${FILESDIR}"/${P}-CVE-2016-7155.patch # bug 593034
840 epatch "${FILESDIR}"/${P}-CVE-2016-7156.patch # bug 593036
841 @@ -348,8 +350,21 @@ src_prepare() {
842 epatch "${FILESDIR}"/${P}-CVE-2016-7170.patch # bug 593284
843 epatch "${FILESDIR}"/${P}-CVE-2016-7421.patch # bug 593950
844 epatch "${FILESDIR}"/${P}-CVE-2016-7422.patch # bug 593956
845 - epatch "${FILESDIR}"/${P}-CVE-2016-7466.patch # bug 594520
846 epatch "${FILESDIR}"/${P}-CVE-2016-7423.patch # bug 594368
847 + epatch "${FILESDIR}"/${P}-CVE-2016-7466.patch # bug 594520
848 + epatch "${FILESDIR}"/${P}-CVE-2016-7907.patch # bug 596048
849 + epatch "${FILESDIR}"/${P}-CVE-2016-7908.patch # bug 596049
850 + epatch "${FILESDIR}"/${P}-CVE-2016-7909.patch # bug 596048
851 + epatch "${FILESDIR}"/${P}-CVE-2016-7994-1.patch # bug 596738
852 + epatch "${FILESDIR}"/${P}-CVE-2016-7994-2.patch # bug 596738
853 + epatch "${FILESDIR}"/${P}-CVE-2016-8576.patch # bug 596752
854 + epatch "${FILESDIR}"/${P}-CVE-2016-8577.patch # bug 596776
855 + epatch "${FILESDIR}"/${P}-CVE-2016-8578.patch # bug 596774
856 + epatch "${FILESDIR}"/${P}-CVE-2016-8668.patch # bug 597110
857 + epatch "${FILESDIR}"/${P}-CVE-2016-8669-1.patch # bug 597108
858 + epatch "${FILESDIR}"/${P}-CVE-2016-8669-2.patch # bug 597108
859 + epatch "${FILESDIR}"/${P}-CVE-2016-8909.patch # bug 598044
860 + epatch "${FILESDIR}"/${P}-CVE-2016-8910.patch # bug 598046
861
862 # Fix ld and objcopy being called directly
863 tc-export AR LD OBJCOPY
Report Message
Find on MARC Find on Google Groups