[qemu] Add kill() to seccomp whitelist, fix AC97 with -sandbox on (bz #1043521) Changing streaming mode def
Cole Robinson
crobinso at fedoraproject.org
Wed Dec 18 17:11:16 UTC 2013
commit c4025101e71863b28708bca84f17ecec4c897a95
Author: Cole Robinson <crobinso at redhat.com>
Date: Wed Dec 18 12:11:24 2013 -0500
Add kill() to seccomp whitelist, fix AC97 with -sandbox on (bz #1043521)
Changing streaming mode default to off for spice (bz #1038336)
Fix guest scsi verify command (bz #1001617)
...seccomp-add-kill-to-the-syscall-whitelist.patch | 42 +++++++++
...ip-streaming-video-mode-to-off-by-default.patch | 33 +++++++
...x-transfer-length-and-direction-for-VERIF.patch | 59 +++++++++++++
0105-scsi-disk-fix-VERIFY-emulation.patch | 90 ++++++++++++++++++++
qemu.spec | 23 +++++-
5 files changed, 246 insertions(+), 1 deletions(-)
---
diff --git a/0102-seccomp-add-kill-to-the-syscall-whitelist.patch b/0102-seccomp-add-kill-to-the-syscall-whitelist.patch
new file mode 100644
index 0000000..b101332
--- /dev/null
+++ b/0102-seccomp-add-kill-to-the-syscall-whitelist.patch
@@ -0,0 +1,42 @@
+From cebb1cd8d123360634243ac527c136721fb7fba7 Mon Sep 17 00:00:00 2001
+From: Paul Moore <pmoore at redhat.com>
+Date: Thu, 21 Nov 2013 10:40:15 -0500
+Subject: [PATCH] seccomp: add kill() to the syscall whitelist
+
+The kill() syscall is triggered with the following command:
+
+ # qemu -sandbox on -monitor stdio \
+ -device intel-hda -device hda-duplex -vnc :0
+
+The resulting syslog/audit message:
+
+ # ausearch -m SECCOMP
+ ----
+ time->Wed Nov 20 09:52:08 2013
+ type=SECCOMP msg=audit(1384912328.482:6656): auid=0 uid=0 gid=0 ses=854
+ subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 pid=12087
+ comm="qemu-kvm" sig=31 syscall=62 compat=0 ip=0x7f7a1d2abc67 code=0x0
+ # scmp_sys_resolver 62
+ kill
+
+Reported-by: CongLi <coli at redhat.com>
+Tested-by: CongLi <coli at redhat.com>
+Signed-off-by: Paul Moore <pmoore at redhat.com>
+Acked-by: Eduardo Otubo <otubo at linux.vnet.ibm.com>
+(cherry picked from commit e9eecb5bf82a71564bf018fcbbfc6cda19cab6c2)
+---
+ qemu-seccomp.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/qemu-seccomp.c b/qemu-seccomp.c
+index 69cee44..cf07869 100644
+--- a/qemu-seccomp.c
++++ b/qemu-seccomp.c
+@@ -114,6 +114,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = {
+ { SCMP_SYS(write), 244 },
+ { SCMP_SYS(fcntl), 243 },
+ { SCMP_SYS(tgkill), 242 },
++ { SCMP_SYS(kill), 242 },
+ { SCMP_SYS(rt_sigaction), 242 },
+ { SCMP_SYS(pipe2), 242 },
+ { SCMP_SYS(munmap), 242 },
diff --git a/0103-spice-flip-streaming-video-mode-to-off-by-default.patch b/0103-spice-flip-streaming-video-mode-to-off-by-default.patch
new file mode 100644
index 0000000..afa6ac5
--- /dev/null
+++ b/0103-spice-flip-streaming-video-mode-to-off-by-default.patch
@@ -0,0 +1,33 @@
+From 200413b505dfc4ae8611d523e87f1dee18a6bf0f Mon Sep 17 00:00:00 2001
+From: Gerd Hoffmann <kraxel at redhat.com>
+Date: Mon, 2 Dec 2013 11:17:04 +0100
+Subject: [PATCH] spice: flip streaming video mode to off by default
+
+Video streaming detection heuristics in spice-server have problems
+keeping modern desktop animations (as done by gnome shell) and real
+video playback apart. This leads to jpeg compression artefacts on
+your desktop, due to spice using mjpeg to send what it thinks is
+a video stream.
+
+Turn off video detection by default to avoid these artifacts.
+
+Signed-off-by: Gerd Hoffmann <kraxel at redhat.com>
+Reviewed-by: Alon Levy <alevy at redhat.com>
+(cherry picked from commit f1d3e586f069e17f83b669842bc02d60d509daca)
+---
+ ui/spice-core.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/ui/spice-core.c b/ui/spice-core.c
+index e4d533d..9fb9544 100644
+--- a/ui/spice-core.c
++++ b/ui/spice-core.c
+@@ -776,6 +776,8 @@ void qemu_spice_init(void)
+ if (str) {
+ int streaming_video = parse_stream_video(str);
+ spice_server_set_streaming_video(spice_server, streaming_video);
++ } else {
++ spice_server_set_streaming_video(spice_server, SPICE_STREAM_VIDEO_OFF);
+ }
+
+ spice_server_set_agent_mouse
diff --git a/0104-scsi-bus-fix-transfer-length-and-direction-for-VERIF.patch b/0104-scsi-bus-fix-transfer-length-and-direction-for-VERIF.patch
new file mode 100644
index 0000000..a204453
--- /dev/null
+++ b/0104-scsi-bus-fix-transfer-length-and-direction-for-VERIF.patch
@@ -0,0 +1,59 @@
+From 3b1f248f3f8ff06ed4a4269871138db66e336ec5 Mon Sep 17 00:00:00 2001
+From: Paolo Bonzini <pbonzini at redhat.com>
+Date: Thu, 28 Nov 2013 11:01:13 +0100
+Subject: [PATCH] scsi-bus: fix transfer length and direction for VERIFY
+ command
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The amount of bytes to transfer depends on the BYTCHK field.
+If any data is transferred, it is sent to the device.
+
+Cc: qemu-stable at nongnu.org
+Tested-by: Hervé Poussineau <hpoussin at reactos.org>
+Signed-off-by: Paolo Bonzini <pbonzini at redhat.com>
+(cherry picked from commit d12ad44cc4cc9142179e64295608611f118b8ad8)
+---
+ hw/scsi/scsi-bus.c | 14 +++++++++++++-
+ 1 file changed, 13 insertions(+), 1 deletion(-)
+
+diff --git a/hw/scsi/scsi-bus.c b/hw/scsi/scsi-bus.c
+index ea916d1..2d6ce4d 100644
+--- a/hw/scsi/scsi-bus.c
++++ b/hw/scsi/scsi-bus.c
+@@ -886,7 +886,6 @@ static int scsi_req_length(SCSICommand *cmd, SCSIDevice *dev, uint8_t *buf)
+ case RELEASE:
+ case ERASE:
+ case ALLOW_MEDIUM_REMOVAL:
+- case VERIFY_10:
+ case SEEK_10:
+ case SYNCHRONIZE_CACHE:
+ case SYNCHRONIZE_CACHE_16:
+@@ -903,6 +902,16 @@ static int scsi_req_length(SCSICommand *cmd, SCSIDevice *dev, uint8_t *buf)
+ case ALLOW_OVERWRITE:
+ cmd->xfer = 0;
+ break;
++ case VERIFY_10:
++ case VERIFY_12:
++ case VERIFY_16:
++ if ((buf[1] & 2) == 0) {
++ cmd->xfer = 0;
++ } else if ((buf[1] & 4) == 1) {
++ cmd->xfer = 1;
++ }
++ cmd->xfer *= dev->blocksize;
++ break;
+ case MODE_SENSE:
+ break;
+ case WRITE_SAME_10:
+@@ -1100,6 +1109,9 @@ static void scsi_cmd_xfer_mode(SCSICommand *cmd)
+ case WRITE_VERIFY_12:
+ case WRITE_16:
+ case WRITE_VERIFY_16:
++ case VERIFY_10:
++ case VERIFY_12:
++ case VERIFY_16:
+ case COPY:
+ case COPY_VERIFY:
+ case COMPARE:
diff --git a/0105-scsi-disk-fix-VERIFY-emulation.patch b/0105-scsi-disk-fix-VERIFY-emulation.patch
new file mode 100644
index 0000000..ba8f28e
--- /dev/null
+++ b/0105-scsi-disk-fix-VERIFY-emulation.patch
@@ -0,0 +1,90 @@
+From ddc0dda3d6352e4c28e0bd11cce1d90734dce0db Mon Sep 17 00:00:00 2001
+From: Paolo Bonzini <pbonzini at redhat.com>
+Date: Thu, 28 Nov 2013 11:18:56 +0100
+Subject: [PATCH] scsi-disk: fix VERIFY emulation
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+VERIFY emulation was completely botched (and remained botched through
+all the refactorings). The command must be emulated both in check-medium
+mode (BYTCHK=00, which we implement by doing nothing) and in check-bytes
+mode (which we do not implement yet). Unlike WRITE AND VERIFY (which we
+treat simply as WRITE with FUA bit set), VERIFY cannot be handled like
+READ. In fact the device is _receiving_ data for VERIFY, not _sending_
+it like READ.
+
+Cc: qemu-stable at nongnu.org
+Tested-by: Hervé Poussineau <hpoussin at reactos.org>
+Signed-off-by: Paolo Bonzini <pbonzini at redhat.com>
+(cherry picked from commit d97e7730816094a71cd1f19a56d7a73f77cdbf96)
+
+Conflicts:
+ hw/scsi/scsi-disk.c
+---
+ hw/scsi/scsi-disk.c | 26 +++++++++++++++++++-------
+ 1 file changed, 19 insertions(+), 7 deletions(-)
+
+diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c
+index 74e6a14..1fd1c26 100644
+--- a/hw/scsi/scsi-disk.c
++++ b/hw/scsi/scsi-disk.c
+@@ -1597,6 +1597,14 @@ static void scsi_disk_emulate_write_data(SCSIRequest *req)
+ scsi_disk_emulate_unmap(r, r->iov.iov_base);
+ break;
+
++ case VERIFY_10:
++ case VERIFY_12:
++ case VERIFY_16:
++ if (r->req.status == -1) {
++ scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
++ }
++ break;
++
+ default:
+ abort();
+ }
+@@ -1837,6 +1845,14 @@ static int32_t scsi_disk_emulate_command(SCSIRequest *req, uint8_t *buf)
+ case UNMAP:
+ DPRINTF("Unmap (len %lu)\n", (long)r->req.cmd.xfer);
+ break;
++ case VERIFY_10:
++ case VERIFY_12:
++ case VERIFY_16:
++ DPRINTF("Verify (bytchk %lu)\n", (r->req.buf[1] >> 1) & 3);
++ if (req->cmd.buf[1] & 6) {
++ goto illegal_request;
++ }
++ break;
+ case WRITE_SAME_10:
+ case WRITE_SAME_16:
+ nb_sectors = scsi_data_cdb_length(r->req.cmd.buf);
+@@ -1936,10 +1952,6 @@ static int32_t scsi_disk_dma_command(SCSIRequest *req, uint8_t *buf)
+ scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
+ return 0;
+ }
+- /* fallthrough */
+- case VERIFY_10:
+- case VERIFY_12:
+- case VERIFY_16:
+ DPRINTF("Write %s(sector %" PRId64 ", count %u)\n",
+ (command & 0xe) == 0xe ? "And Verify " : "",
+ r->req.cmd.lba, len);
+@@ -2207,14 +2219,14 @@ static const SCSIReqOps *const scsi_disk_reqops_dispatch[256] = {
+ [UNMAP] = &scsi_disk_emulate_reqops,
+ [WRITE_SAME_10] = &scsi_disk_emulate_reqops,
+ [WRITE_SAME_16] = &scsi_disk_emulate_reqops,
++ [VERIFY_10] = &scsi_disk_emulate_reqops,
++ [VERIFY_12] = &scsi_disk_emulate_reqops,
++ [VERIFY_16] = &scsi_disk_emulate_reqops,
+
+ [READ_6] = &scsi_disk_dma_reqops,
+ [READ_10] = &scsi_disk_dma_reqops,
+ [READ_12] = &scsi_disk_dma_reqops,
+ [READ_16] = &scsi_disk_dma_reqops,
+- [VERIFY_10] = &scsi_disk_dma_reqops,
+- [VERIFY_12] = &scsi_disk_dma_reqops,
+- [VERIFY_16] = &scsi_disk_dma_reqops,
+ [WRITE_6] = &scsi_disk_dma_reqops,
+ [WRITE_10] = &scsi_disk_dma_reqops,
+ [WRITE_12] = &scsi_disk_dma_reqops,
diff --git a/qemu.spec b/qemu.spec
index 5b20dad..03a6307 100644
--- a/qemu.spec
+++ b/qemu.spec
@@ -139,7 +139,7 @@
Summary: QEMU is a FAST! processor emulator
Name: qemu
Version: 1.7.0
-Release: 1%{?dist}
+Release: 2%{?dist}
Epoch: 2
License: GPLv2+ and LGPLv2+ and BSD
Group: Development/Tools
@@ -202,6 +202,14 @@ Patch0014: 0014-virtio-pci-add-device_unplugged-callback.patch
# Fix qemu-img create with NBD backing file (bz #1034433)
# Patch posted upstream
Patch0101: 0101-block-Close-backing-file-early-in-bdrv_img_create.patch
+# Add kill() to seccomp whitelist, fix AC97 with -sandbox on (bz
+# #1043521)
+Patch0102: 0102-seccomp-add-kill-to-the-syscall-whitelist.patch
+# Changing streaming mode default to off for spice (bz #1038336)
+Patch0103: 0103-spice-flip-streaming-video-mode-to-off-by-default.patch
+# Fix guest scsi verify command (bz #1001617)
+Patch0104: 0104-scsi-bus-fix-transfer-length-and-direction-for-VERIF.patch
+Patch0105: 0105-scsi-disk-fix-VERIFY-emulation.patch
BuildRequires: SDL-devel
BuildRequires: zlib-devel
@@ -726,6 +734,14 @@ CAC emulation development files.
# Fix qemu-img create with NBD backing file (bz #1034433)
# Patch posted upstream
%patch0101 -p1
+# Add kill() to seccomp whitelist, fix AC97 with -sandbox on (bz
+# #1043521)
+%patch0102 -p1
+# Changing streaming mode default to off for spice (bz #1038336)
+%patch0103 -p1
+# Fix guest scsi verify command (bz #1001617)
+%patch0104 -p1
+%patch0105 -p1
%build
@@ -1449,6 +1465,11 @@ getent passwd qemu >/dev/null || \
%endif
%changelog
+* Wed Dec 18 2013 Cole Robinson <crobinso at redhat.com> - 2:1.7.0-2
+- Add kill() to seccomp whitelist, fix AC97 with -sandbox on (bz #1043521)
+- Changing streaming mode default to off for spice (bz #1038336)
+- Fix guest scsi verify command (bz #1001617)
+
* Mon Dec 02 2013 Cole Robinson <crobinso at redhat.com> - 2:1.7.0-1
- Fix qemu-img create with NBD backing file (bz #1034433)
- Rebase to qemu-1.7 GA
More information about the scm-commits
mailing list