diff options
Diffstat (limited to 'app-emulation/qemu')
-rw-r--r-- | app-emulation/qemu/Manifest | 3 | ||||
-rw-r--r-- | app-emulation/qemu/files/qemu-3.1.0-md-clear-md-no.patch | 61 | ||||
-rw-r--r-- | app-emulation/qemu/qemu-4.0.0-r2.ebuild (renamed from app-emulation/qemu/qemu-4.0.0.ebuild) | 1 |
3 files changed, 64 insertions, 1 deletions
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest index a4b407d8075f..0566dbfdaff5 100644 --- a/app-emulation/qemu/Manifest +++ b/app-emulation/qemu/Manifest @@ -3,6 +3,7 @@ AUX bridge.conf 454 BLAKE2B 2f3e828a001ac77de96c8a11e3fc462149e1c16972c28b836765 AUX qemu-2.11.1-capstone_include_path.patch 264 BLAKE2B 955b498c0ea2657ee4c9d0054a32693ac2096232ae8358848fa8518bcb87c1cce5d9145ccf560320ba53d60ae8ed85f6be801b72707a964b247e8f1f1844f9cd SHA512 ebf1d6450b7c499a8e490b19f87a3b4f8bbc50ea44edaac8c12b0993947513a8b616af2d4cf6240c8e265824a44463f917333ffa510e6ffedf379921e28fc3ab AUX qemu-2.5.0-cflags.patch 410 BLAKE2B 1d072b5dd00369bb565b30c2aa7047de92b441bf103faadb5dd42daf36ad1c5e39c5bdfdc2b5f2bb0bfec2ea1255b4182caeb467614a487f5cfcb341109a4884 SHA512 0194d28de08b4e51c5bd1c9a2cc7965ba7f66dfddb8fd91de3da93677e6cf2d38ad3270f69aaea8a20cf2533c2980018d6e0fed711be2806fe2053fba7c081f3 AUX qemu-2.5.0-sysmacros.patch 333 BLAKE2B 8c38410c6ea789f669d89c7321cdc9e5c734bb3db332272657302977241f157b04fb07e27bda4f67ee560e39a7494344ad79616835e6ff483927f2b72ed9c597 SHA512 329632c5bff846ca3ffcdb4bc94ae62f17c6bdbb566f9bec0784357c943523e8ca7773790b83a9617734cab3b003baa3d636cbd08f7385810a63b0fa0383c4f0 +AUX qemu-3.1.0-md-clear-md-no.patch 2690 BLAKE2B fcf6b7599985da60dcdf873e27c832075cd9c766d10ab3784c0f935965276b8c520005a62fc884a35c78942ce225bbd9a67083ef058e03f1a7c0963b816ae7b4 SHA512 bb452d110353bae4878ec030ef5f2f05c73294cbe08e8fc18267f23f922117e7e295302ac65df8008b5db3ff72bcff2e3eefd2da8b9a53868daea321d10958c1 AUX qemu-4.0.0-sanitize-interp_info.patch 930 BLAKE2B d555dedc493cfa1cf888cfa7ce2a4a7811f3fd12615fa5177f82c421ddd82c2d7ffcf2e5c28ca383aac1fff35d03cae6b4b6c5129c694d9b3986819aa1e12962 SHA512 7783acf1172c4fd935c2b8f5bd76e97cea6bbb3ee33a21b23a17f23933f6053b3a933f378c6eae184c2362cb090b6b2c1966f79f1f130cf7344205ef3df0178d AUX qemu-binfmt.initd.head 1442 BLAKE2B 23aa5338914aa7c47f9b1cc1d28291abd0ea037a33cca81f990decfafac2907c86c042350c9dd45591d16330846d4e11d2c8a2a409a68ad81656d9c2c51964c0 SHA512 3fec8946a37bfbd2089f5d95089ed5987a198fc0139ee7482d4bb38c2ffa0e165667a7853afcf2b458bc3e2a6540f172c929ca5a334a00db47e2d0f881382c0e AUX qemu-binfmt.initd.tail 245 BLAKE2B dd59f2944c6e3f0c4d282b94b687a9b5c51dd77c5103fb9889bd9ce56874495397676ae6c8375d9e9e23094828477240778d9e0f361e68cdd63fdad574851561 SHA512 bcca16805f8380d52cc591ea3d65a8f6e5de456730618f6aee301510edb75d235a22d4d7aeed224882210392840adb403eb53234b6cb76a4cb24533852a8b737 @@ -10,6 +11,6 @@ DIST qemu-3.1.0-patches-r1.tar.xz 2292 BLAKE2B 0861dcf2eebd7f1f6dd495035fc39a14e DIST qemu-3.1.0.tar.xz 36070104 BLAKE2B 9ed7d1b3256d84f2b73d61763e20f5e4bc5b47d56e4e0d56cf4c29cd25669457b0f08e90d7255589c9666400bb310df3dba3b9290232cad18057b20f08013a3b SHA512 7e8dae823937cfac2f0c60406bd3bdcb89df40313dab2a4bed327d5198f7fcc68ac8b31e44692caa09299cc71256ee0b8c17e4f49f78ada8043d424f5daf82fe DIST qemu-4.0.0.tar.xz 55628624 BLAKE2B 8afd1f54aa13d2e61fd36c4f4544b7c4ffb1a7eee5c69d3aa1d40a432ca296ad8abe6cb83d7c66ac4045ca624d2a00e737f51e4e62ed46fef9766ef71f43b98b SHA512 952e94194ce9e64c15388c59035cb31fb9f761d30095c2fb9441012b609c18c9976285727b93bf37b95e15675802d73f8e1c4619ebecd23606675bb503646b13 EBUILD qemu-3.1.0-r4.ebuild 23873 BLAKE2B a16ea397f5da2d3e36edaee9d584fe99366e2b85afe21d83eb906aac58c946ba85789c3430fab4913b8fd9008e2e13fcd13822bf643932988ac999e527311442 SHA512 158917bb98ac88f9d635e928b6397409051ea00269749751d5b0c5aa9d0bb539e7bb50573131e2eba0b6748ddee34a6ffd366c7aa180b2094553bb7b01193223 -EBUILD qemu-4.0.0.ebuild 23707 BLAKE2B b88519c5d0d2cf5e5e7875815ac837fe662a87bb3ad91848305df6e360d9e1b24d944105b857d5272d7d34edb9d94f7b7d24f410c2db57d8dc97e47c438fa525 SHA512 1d1b9772d83af975d79fc1a7f4b7316701883cd9bbeddcf1366f2ff7b82f90c007d0a4c11270242887d7a1aa2e21f801f62ee57b571a3b5ecc5b0c5259f3fb03 +EBUILD qemu-4.0.0-r2.ebuild 23755 BLAKE2B 70c3ec4c3591e2e33a7647c9ee25e9aafe3b5b9a07f6ea53627be19d3fcdd0fa1cd50c644ebc6914b10b52f4193c6db87369e39dfadd7ec1a19160465f22415c SHA512 3f142facc9f173eecf562fe3a47346705879243879b598a5301724104365aea75f571a8207d2d1321593038f1ceecb5029d59f7a4217ae22309fbd9ac2ac74c2 EBUILD qemu-9999.ebuild 23660 BLAKE2B 861d8c176f233dad287abd6624fa50654f7cbbcc6da4803bbc5a23f5af876b843d6570ae857adefc25b603b8c48aed6a45eeafcf873fa7afb4d75a17d033b2d5 SHA512 34c5c6ddb4caef28f0613b3fe7ec4decfb98b54cc519f1cdf3d238dd2307b2005317a3bbd0304c39c894c3f35f0b6bb124aa2670e29b38b482de3df3c601ef44 MISC metadata.xml 3903 BLAKE2B 47538d32d79321c208037c95184ab68dbbcaa2331a561142bbadc01fbc2b7973cc5ae76ac6dfa7faf1c3aa31d1d0b5dfd6a46211e94c17c5a8939b0ae99b227b SHA512 d501ede1f3182e635db02c8bac4381906ac47b8d6db4bb6b0fdeb91b35b440a2a59a5dd23b06462f1d49a6b64ae2f2bcf1f81fd0a898c8f4b67a40ccf2c58341 diff --git a/app-emulation/qemu/files/qemu-3.1.0-md-clear-md-no.patch b/app-emulation/qemu/files/qemu-3.1.0-md-clear-md-no.patch new file mode 100644 index 000000000000..a7b3e8cb8f20 --- /dev/null +++ b/app-emulation/qemu/files/qemu-3.1.0-md-clear-md-no.patch @@ -0,0 +1,61 @@ +From 0fb766134bd97ead71646e13349f93769e536ed9 Mon Sep 17 00:00:00 2001 +From: Matthias Maier <tamiko@43-1.org> +Date: Fri, 17 May 2019 02:21:10 -0500 +Subject: [PATCH] Define md-clear bit, expose md-no CPUID + +Fixes for CVE-2018-121{26|27|30}, CVE-2019-11091 + +See related fixes for Ubuntu: + https://launchpad.net/ubuntu/+source/qemu/1:3.1+dfsg-2ubuntu3.1 +--- + target/i386/cpu.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/target/i386/cpu.c b/target/i386/cpu.c +index d6bb57d2..331a364a 100644 +--- a/target/i386/cpu.c ++++ b/target/i386/cpu.c +@@ -1076,7 +1076,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + .feat_names = { + NULL, NULL, "avx512-4vnniw", "avx512-4fmaps", + NULL, NULL, NULL, NULL, +- NULL, NULL, NULL, NULL, ++ NULL, NULL, "md-clear", NULL, + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, +@@ -1183,7 +1183,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + .type = MSR_FEATURE_WORD, + .feat_names = { + "rdctl-no", "ibrs-all", "rsba", "skip-l1dfl-vmentry", +- "ssb-no", NULL, NULL, NULL, ++ "ssb-no", "mds-no", NULL, NULL, + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, +diff --git a/target/i386/cpu.h b/target/i386/cpu.h +index 83fb5225..d0bab4d7 100644 +--- a/target/i386/cpu.h ++++ b/target/i386/cpu.h +@@ -694,6 +694,7 @@ typedef uint32_t FeatureWordArray[FEATURE_WORDS]; + + #define CPUID_7_0_EDX_AVX512_4VNNIW (1U << 2) /* AVX512 Neural Network Instructions */ + #define CPUID_7_0_EDX_AVX512_4FMAPS (1U << 3) /* AVX512 Multiply Accumulation Single Precision */ ++#define CPUID_7_0_EDX_MD_CLEAR (1U << 10) /* Microarchitectural Data Clear */ + #define CPUID_7_0_EDX_SPEC_CTRL (1U << 26) /* Speculation Control */ + #define CPUID_7_0_EDX_ARCH_CAPABILITIES (1U << 29) /*Arch Capabilities*/ + #define CPUID_7_0_EDX_SPEC_CTRL_SSBD (1U << 31) /* Speculative Store Bypass Disable */ +diff --git a/target/i386/hvf/x86_cpuid.c b/target/i386/hvf/x86_cpuid.c +index 4d957fe8..b453552f 100644 +--- a/target/i386/hvf/x86_cpuid.c ++++ b/target/i386/hvf/x86_cpuid.c +@@ -90,7 +90,8 @@ uint32_t hvf_get_supported_cpuid(uint32_t func, uint32_t idx, + } + + ecx &= CPUID_7_0_ECX_AVX512BMI | CPUID_7_0_ECX_AVX512_VPOPCNTDQ; +- edx &= CPUID_7_0_EDX_AVX512_4VNNIW | CPUID_7_0_EDX_AVX512_4FMAPS; ++ edx &= CPUID_7_0_EDX_AVX512_4VNNIW | CPUID_7_0_EDX_AVX512_4FMAPS | \ ++ CPUID_7_0_EDX_MD_CLEAR; + } else { + ebx = 0; + ecx = 0; diff --git a/app-emulation/qemu/qemu-4.0.0.ebuild b/app-emulation/qemu/qemu-4.0.0-r2.ebuild index 1880553a9742..338b4117ba2a 100644 --- a/app-emulation/qemu/qemu-4.0.0.ebuild +++ b/app-emulation/qemu/qemu-4.0.0-r2.ebuild @@ -205,6 +205,7 @@ PATCHES=( "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch "${FILESDIR}"/${PN}-2.11.1-capstone_include_path.patch "${FILESDIR}"/${P}-sanitize-interp_info.patch + "${FILESDIR}"/${PN}-3.1.0-md-clear-md-no.patch ) QA_PREBUILT=" |