Merge branch 'master' into gnome-updates

This commit is contained in:
Mark H Weaver 2016-05-11 13:37:47 -04:00
commit 9f5e796753
No known key found for this signature in database
GPG key ID: 7CEF29847562C516
43 changed files with 402 additions and 902 deletions

View file

@ -166,6 +166,11 @@ Display package(s) located in the specified file. These files usually
have the following form: @file{gnu/packages/emacs.scm}, but don't type
them manually! Press @key{TAB} to complete the file name.
@item M-x guix-package-from-file
Display package that the code within the specified file evaluates to.
@xref{Invoking guix package, @code{--install-from-file}}, for an example
of what such a file may look like.
@item M-x guix-search-by-regexp
Search for packages by a specified regexp. By default ``name'',
``synopsis'' and ``description'' of the packages will be searched. This

View file

@ -375,7 +375,7 @@ If that command fails because you do not have the required public key,
then run this command to import it:
@example
$ gpg --keyserver keys.gnupg.net --recv-keys 3D9AEBB5
$ gpg --keyserver keys.gnupg.net --recv-keys 090B11993D9AEBB5
@end example
@noindent
@ -7331,7 +7331,7 @@ See @code{man loadkeys} for details.
@end deffn
@deffn {Scheme Procedure} gpm-service-type [#:gpm @var{gpm}] @
@deffn {Scheme Procedure} gpm-service [#:gpm @var{gpm}] @
[#:options]
Run @var{gpm}, the general-purpose mouse daemon, with the given
command-line @var{options}. GPM allows users to use the mouse in the console,

37
emacs/guix-about.el Normal file
View file

@ -0,0 +1,37 @@
;;; guix-about.el --- Various info about Guix
;; Copyright © 2016 Alex Kost <alezost@gmail.com>
;; This file is part of GNU Guix.
;; GNU Guix is free software; you can redistribute it and/or modify
;; it under the terms of the GNU General Public Location as published by
;; the Free Software Foundation, either version 3 of the Location, or
;; (at your option) any later version.
;; GNU Guix is distributed in the hope that it will be useful,
;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;; GNU General Public Location for more details.
;; You should have received a copy of the GNU General Public Location
;; along with this program. If not, see <http://www.gnu.org/locations/>.
;;; Commentary:
;; This file provides the code to display various info about Guix (e.g., its
;; version).
;;; Code:
(require 'guix-config)
;;;###autoload
(defun guix-version ()
"Display Guix version in the echo area."
(interactive)
(message "%s %s" guix-config-name guix-config-version))
(provide 'guix-about)
;;; guix-about.el ends here

View file

@ -1,7 +1,7 @@
;;; guix-config.el --- Compile-time configuration of Guix.
;; Copyright © 2015 Mathieu Lirzin <mthl@openmailbox.org>
;; Copyright © 2015 Alex Kost <alezost@gmail.com>
;; Copyright © 2015, 2016 Alex Kost <alezost@gmail.com>
;; This file is part of GNU Guix.
@ -20,6 +20,12 @@
;;; Code:
(defconst guix-config-name "@PACKAGE_NAME@"
"Guix full name.")
(defconst guix-config-version "@PACKAGE_VERSION@"
"Guix version.")
(defconst guix-config-emacs-interface-directory
(replace-regexp-in-string "${prefix}" "@prefix@" "@emacsuidir@"))

View file

@ -57,7 +57,7 @@ Return nil, if current buffer does not define a module."
(defun guix-guile-boolean (arg)
"Return a string with guile boolean value.
Transform elisp ARG (nil or non-nil) to the guile boolean (#f or #t)."
(concat "#" (prin1-to-string (if arg 't 'f))))
(if arg "#t" "#f"))
(defun guix-guile-keyword-regexp (keyword)
"Return regexp to find guile KEYWORD."

View file

@ -32,14 +32,6 @@
;; still "name-version" string. So id package parameter in the code
;; below is either an object-address number or a full-name string.
;; To speed-up the process of getting information, the following
;; auxiliary variables are used:
;;
;; - `%packages' - VHash of "package address"/"package" pairs.
;;
;; - `%package-table' - Hash table of
;; "name+version key"/"list of packages" pairs.
;;; Code:
(use-modules
@ -101,38 +93,6 @@ (define* (make-package-specification name #:optional version output)
(string-append full-name ":" output)
full-name)))
(define name+version->key cons)
(define key->name+version car+cdr)
(define %package-vhash
(delay
(fold-packages (lambda (pkg res)
(vhash-consq (object-address pkg) pkg res))
vlist-null)))
(define (package-vhash)
"Return vhash of 'package ID (address)'/'package' pairs."
(force %package-vhash))
(define %package-table
(delay
(let ((table (make-hash-table (vlist-length (package-vhash)))))
(vlist-for-each
(lambda (elem)
(match elem
((address . pkg)
(let* ((key (name+version->key (package-name pkg)
(package-version pkg)))
(ref (hash-ref table key)))
(hash-set! table key
(if ref (cons pkg ref) (list pkg)))))))
(package-vhash))
table)))
(define (package-table)
"Return hash table of 'name+version key'/'list of packages' pairs."
(force %package-table))
(define (manifest-entry->name+version+output entry)
(values
(manifest-entry-name entry)
@ -340,15 +300,39 @@ (define (package-param package param)
;;; Finding packages.
(define (package-by-address address)
(match (vhash-assq address (package-vhash))
(define-values (package-by-address
register-package)
(let ((table (delay (fold-packages
(lambda (package table)
(vhash-consq (object-address package)
package table))
vlist-null))))
(values
(lambda (address)
"Return package by its object ADDRESS."
(match (vhash-assq address (force table))
((_ . package) package)
(_ #f)))
(lambda (package)
"Register PACKAGE by its 'object-address', so that later
'package-by-address' can be used to access it."
(let ((table* (force table)))
(set! table
(delay (vhash-consq (object-address package)
package table*))))))))
(define (packages-by-name+version name version)
(or (hash-ref (package-table)
(name+version->key name version))
'()))
(define packages-by-name+version
(let ((table (delay (fold-packages
(lambda (package table)
(let ((file (location-file
(package-location package))))
(vhash-cons (cons (package-name package)
(package-version package))
package table)))
vlist-null))))
(lambda (name version)
"Return packages matching NAME and VERSION."
(vhash-fold* cons '() (cons name version) (force table)))))
(define (packages-by-full-name full-name)
(call-with-values
@ -435,6 +419,15 @@ (define (newest-available-packages)
'()
(find-newest-available-packages)))
(define (packages-from-file file)
"Return a list of packages from FILE."
(let ((package (load (canonicalize-path file))))
(if (package? package)
(begin
(register-package package)
(list package))
'())))
;;; Making package/output patterns.
@ -687,6 +680,8 @@ (define %patterns-makers
(lookup-license license-name))))
(location-proc (lambda (_ location)
(packages-by-location-file location)))
(file-proc (lambda (_ file)
(packages-from-file file)))
(all-proc (lambda _ (all-available-packages)))
(newest-proc (lambda _ (newest-available-packages))))
`((package
@ -697,6 +692,7 @@ (define %patterns-makers
(regexp . ,regexp-proc)
(license . ,license-proc)
(location . ,location-proc)
(from-file . ,file-proc)
(all-available . ,all-proc)
(newest-available . ,newest-proc))
(output
@ -707,6 +703,7 @@ (define %patterns-makers
(regexp . ,regexp-proc)
(license . ,license-proc)
(location . ,location-proc)
(from-file . ,file-proc)
(all-available . ,all-proc)
(newest-available . ,newest-proc)))))

View file

@ -44,6 +44,9 @@
,(lambda (_ entries locations)
(apply #'guix-message-packages-by-location
entries 'package locations)))
(from-file
(0 "No package in file '%s'." val)
(1 "Package from file '%s'." val))
(regexp
(0 "No packages matching '%s'." val)
(1 "A single package matching '%s'." val)
@ -80,6 +83,10 @@
,(lambda (_ entries locations)
(apply #'guix-message-packages-by-location
entries 'output locations)))
(from-file
(0 "No package in file '%s'." val)
(1 "Package from file '%s'." val)
(many "Package outputs from file '%s'." val))
(regexp
(0 "No package outputs matching '%s'." val)
(1 "A single package output matching '%s'." val)

View file

@ -393,6 +393,8 @@ formatted with this string, an action button is inserted.")
(guix-format-insert nil)
(let ((location-file (car (split-string location ":"))))
(guix-info-insert-value-indent location 'guix-package-location)
;; Do not show "Packages" button if a package 'from file' is displayed.
(unless (eq (guix-ui-current-search-type) 'from-file)
(guix-info-insert-indent)
(guix-info-insert-action-button
"Packages"
@ -401,7 +403,7 @@ formatted with this string, an action button is inserted.")
'location
(button-get btn 'location)))
(format "Display packages from location '%s'" location-file)
'location location-file))))
'location location-file)))))
(defun guix-package-info-insert-systems (systems entry)
"Insert supported package SYSTEMS at point."
@ -1000,6 +1002,19 @@ Interactively with prefix, prompt for PROFILE."
(guix-ui-read-profile)))
(guix-package-get-display profile 'location location))
;;;###autoload
(defun guix-package-from-file (file &optional profile)
"Display Guix package that the code from FILE evaluates to.
If PROFILE is nil, use `guix-current-profile'.
Interactively with prefix, prompt for PROFILE."
(interactive
(list (read-file-name "File with package: ")
(guix-ui-read-profile)))
(guix-buffer-get-display-entries
'info 'package
(list (or profile guix-current-profile) 'from-file file)
'add))
;;;###autoload
(defun guix-search-by-regexp (regexp &optional params profile)
"Search for Guix packages by REGEXP.

View file

@ -20,6 +20,7 @@
AUTOLOADS = emacs/guix-autoloads.el
ELFILES = \
emacs/guix-about.el \
emacs/guix-backend.el \
emacs/guix-base.el \
emacs/guix-build-log.el \

View file

@ -108,6 +108,7 @@ GNU_SYSTEM_MODULES = \
gnu/packages/enchant.scm \
gnu/packages/engineering.scm \
gnu/packages/enlightenment.scm \
gnu/packages/entr.scm \
gnu/packages/fcitx.scm \
gnu/packages/feh.scm \
gnu/packages/figlet.scm \
@ -708,18 +709,6 @@ dist_patch_DATA = \
gnu/packages/patches/python-paste-remove-timing-test.patch \
gnu/packages/patches/python2-pygobject-2-gi-info-type-error-domain.patch \
gnu/packages/patches/python-pandas-fix-tslib-test-failure.patch \
gnu/packages/patches/qemu-CVE-2015-8558.patch \
gnu/packages/patches/qemu-CVE-2015-8567.patch \
gnu/packages/patches/qemu-CVE-2015-8613.patch \
gnu/packages/patches/qemu-CVE-2015-8619.patch \
gnu/packages/patches/qemu-CVE-2015-8701.patch \
gnu/packages/patches/qemu-CVE-2015-8743.patch \
gnu/packages/patches/qemu-CVE-2016-1568.patch \
gnu/packages/patches/qemu-CVE-2016-1922.patch \
gnu/packages/patches/qemu-CVE-2016-1981.patch \
gnu/packages/patches/qemu-CVE-2016-2197.patch \
gnu/packages/patches/qemu-usb-ehci-oob-read.patch \
gnu/packages/patches/qemu-virtio-9p-use-accessor-to-get-thread-pool.patch \
gnu/packages/patches/qt4-ldflags.patch \
gnu/packages/patches/ratpoison-shell.patch \
gnu/packages/patches/readline-link-ncurses.patch \

View file

@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 David Thompson <davet@gnu.org>
;;; Copyright © 2015, 2016 Leo Famulari <leo@famulari.name>
;;; Copyright © 2016 Kei Yamashita <kei@openmailbox.org>
;;;
;;; This file is part of GNU Guix.
;;;
@ -47,11 +48,23 @@ (define-public libical
"14lmjj63zyx88rf1z71l0v9ms4c2vpdhmixksjjxgywp5p2f7708"))))
(build-system cmake-build-system)
(arguments
'(#:tests? #f)) ; test suite appears broken
'(#:tests? #f ; test suite appears broken
#:phases
(modify-phases %standard-phases
(add-before 'configure 'patch-paths
(lambda _
(let ((tzdata (assoc-ref %build-inputs "tzdata")))
(substitute* "src/libical/icaltz-util.c"
(("char \\*search_paths \\[\\] =.*$")
(string-append
"char *search_paths [] = "
"{\"" tzdata "/share/zoneinfo\"};\n"))))
#t)))))
(native-inputs
`(("perl" ,perl)))
(inputs
`(("icu4c" ,icu4c)))
`(("icu4c" ,icu4c)
("tzdata" ,tzdata)))
(home-page "https://libical.github.io/libical/")
(synopsis "iCalendar protocols and data formats implementation")
(description

View file

@ -40,7 +40,7 @@ (define-public connman
(source
(origin
(method url-fetch)
(uri (string-append "mirror://kernel.org/pub/linux/network/connman/"
(uri (string-append "mirror://kernel.org/linux/network/connman/"
name "-" version ".tar.xz"))
(sha256
(base32

66
gnu/packages/entr.scm Normal file
View file

@ -0,0 +1,66 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2016 Matthew Jordan <matthewjordandevops@yandex.com>
;;; Copyright © 2016 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages entr)
#:use-module (guix licenses)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix build-system gnu))
(define-public entr
(package
(name "entr")
(version "3.5")
(source (origin
(method url-fetch)
(uri (string-append "http://entrproject.org/code/entr-"
version ".tar.gz"))
(sha256
(base32
"05k4jyjna0pr2dalwc1l1dhrcyk6pw7hbss7jl4ykwfadcs5br73"))))
(build-system gnu-build-system)
(arguments
`(#:test-target "test"
#:phases (modify-phases %standard-phases
(replace 'configure
(lambda* (#:key outputs #:allow-other-keys)
(let ((out (assoc-ref outputs "out")))
(setenv "CONFIG_SHELL" (which "bash"))
(setenv "CC" (which "gcc"))
(setenv "DESTDIR" (string-append out "/"))
(setenv "PREFIX" "")
(setenv "MANPREFIX" "man")
(zero? (system* "./configure")))))
(add-before 'build 'remove-fhs-file-names
(lambda _
;; Use the tools available in $PATH.
(substitute* "entr.c"
(("/bin/cat") "cat")
(("/usr/bin/clear") "clear")))))))
(home-page "http://entrproject.org/")
(synopsis "Run arbitrary commands when files change")
(description
"entr is a zero-configuration tool with no external build- or run-time
dependencies. The interface to entr is not only minimal, it aims to be simple
enough to create a new category of ad hoc automation. These micro-tests
reduce keystrokes, but more importantly they emphasize the utility of
automated checks.")
;; Per 'LICENSE', portability code under missing/ is under BSD-2.
(license isc)))

View file

@ -129,7 +129,7 @@ (define-public gzochi
(define-public tiled
(package
(name "tiled")
(version "0.15.1")
(version "0.16.1")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/bjorn/tiled/archive/v"
@ -137,7 +137,7 @@ (define-public tiled
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"10bbjdv5r36229r1dqg32bxcj9yvpkx9jgs9v4s1qb71v856b15h"))))
"0s1i6yhm1z9ayzjh8cprcc9jvj5m87l9snyqg6w7zlj3q9zn4rn6"))))
(build-system gnu-build-system)
(inputs `(("qt" ,qt)
("zlib" ,zlib)))

View file

@ -93,6 +93,7 @@ (define-module (gnu packages games)
#:use-module (gnu packages xml)
#:use-module (gnu packages tcl)
#:use-module (gnu packages fribidi)
#:use-module (gnu packages xdisorg)
#:use-module (guix build-system trivial)
#:use-module (guix build-system gnu)
#:use-module (guix build-system haskell)

View file

@ -93,7 +93,6 @@ (define-module (gnu packages gnome)
#:use-module (gnu packages xml)
#:use-module (gnu packages geeqie)
#:use-module (gnu packages gl)
#:use-module (gnu packages qt) ; for libxkbcommon
#:use-module (gnu packages compression)
#:use-module (gnu packages texlive)
#:use-module (gnu packages tls)

View file

@ -148,7 +148,7 @@ (define-public libassuan
(define-public libksba
(package
(name "libksba")
(version "1.3.3")
(version "1.3.4")
(source
(origin
(method url-fetch)
@ -157,7 +157,7 @@ (define-public libksba
version ".tar.bz2"))
(sha256
(base32
"11kp3h9l3b8ikydkcdkwgx45r662zi30m26ra5llyhfh6kz5yzqc"))))
"0kxdb02z41cwm1xbwfwj9nbc0dzjhwyq8c475mlhhmpcxcy8ihpn"))))
(build-system gnu-build-system)
(propagated-inputs
`(("libgpg-error" ,libgpg-error)))

View file

@ -24,6 +24,7 @@ (define-module (gnu packages gnustep)
#:use-module (guix licenses)
#:use-module (gnu packages xorg)
#:use-module (gnu packages gnome)
#:use-module (gnu packages gtk)
#:use-module (gnu packages texinfo)
#:use-module (gnu packages autotools)
#:use-module (gnu packages glib)
@ -216,3 +217,31 @@ (define-public wmclock
a dockable tile. It features multiple language support, 24h or 12h time
display, and can run a user-specified program on mouse click.")
(license gpl2+)))
(define-public wmfire
(package
(name "wmfire")
(version "1.2.4")
(source (origin
(method url-fetch)
(uri (string-append "http://www.improbability.net/"
name "/" name "-" version ".tar.gz"))
(sha256
(base32
"101grahd80n97y2dczb629clmcgiavdpbbwy78kk5wgs362m12z3"))))
(build-system gnu-build-system)
(inputs
`(("gtk+" ,gtk+-2)
("libgtop" ,libgtop)))
(native-inputs
`(("pkg-config" ,pkg-config)))
(home-page "http://www.improbability.net/")
(synopsis "Display flames to represent CPU usage, memory usage, etc.")
(description
"wmfire is an applet for Window Maker that can monitor the average cpu
load, or individual cpu load on SMP computers. Additionally it can monitor the
memory, network load, a file or just be set to show a pretty flame. On
entering the dock a burning spot replaces the cursor, and after two seconds
symbols to represent the current monitor are \"burnt\" onscreen. The flame
colour can also be changed.")
(license gpl2+)))

View file

@ -25,6 +25,7 @@ (define-module (gnu packages graphviz)
#:use-module (gnu packages gtk)
#:use-module (gnu packages xml)
#:use-module (gnu packages glib)
#:use-module (gnu packages guile)
#:use-module (gnu packages bison)
#:use-module (gnu packages image)
#:use-module (gnu packages autotools)
@ -32,6 +33,7 @@ (define-module (gnu packages graphviz)
#:use-module (gnu packages fontutils)
#:use-module (gnu packages compression)
#:use-module (gnu packages gd)
#:use-module (gnu packages swig)
#:use-module ((guix licenses) #:select (lgpl2.0+ epl1.0)))
(define-public graphviz
@ -69,12 +71,26 @@ (define-public graphviz
(rename-file (string-append out "/share/graphviz/doc")
(string-append doc "/share/graphviz/doc"))
#t))
%standard-phases))))
(alist-cons-after
'move-docs 'move-guile-bindings
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
(lib (string-append out "/lib"))
(extdir (string-append lib
"/guile/2.0/extensions")))
(mkdir-p extdir)
(rename-file (string-append
lib "/graphviz/guile/libgv_guile.so")
(string-append extdir
"/libgv_guile.so"))))
%standard-phases)))))
(inputs
`(("libXrender" ,libxrender)
("libX11" ,libx11)
("gts" ,gts)
("gd" ,gd) ; FIXME: Our GD is too old
("guile" ,guile-2.0) ;Guile bindings
("swig" ,swig)
("pango" ,pango)
("fontconfig" ,fontconfig)
("freetype" ,freetype)

View file

@ -5,6 +5,7 @@
;;; Copyright © 2016 Alex Sassmannshausen <alex@pompo.co>
;;; Copyright © 2016 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2016 Erik Edrosa <erik.edrosa@gmail.com>
;;; Copyright © 2016 Eraim Flashner <efraim@flashner.co.il>
;;;
;;; This file is part of GNU Guix.
;;;
@ -362,14 +363,14 @@ (define-public guile-reader
(define-public guile-ncurses
(package
(name "guile-ncurses")
(version "1.6")
(version "1.7")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/guile-ncurses/guile-ncurses-"
version ".tar.gz"))
(sha256
(base32
"0wmk681zzi1wxw543r2s2r84ndnzxp69kr7pc01aw4l55hg7jn73"))))
"153vv75gb7l62sp3666rc97i63rnaqbx2rjar7d9b5w81fhwv4r5"))))
(build-system gnu-build-system)
(inputs `(("ncurses" ,ncurses)
("guile" ,guile-2.0)))
@ -378,12 +379,9 @@ (define-public guile-ncurses
(string-append "--with-guilesitedir="
(assoc-ref %outputs "out")
"/share/guile/site/2.0"))
;; Work around <http://bugs.gnu.org/21677>.
#:make-flags '("XFAIL_TESTS=curses_034_util.test")
#:phases (alist-cons-after
'install 'post-install
#:phases
(modify-phases %standard-phases
(add-after 'install 'post-install
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
(dir (string-append out "/share/guile/site/"))
@ -391,8 +389,7 @@ (define-public guile-ncurses
(substitute* files
(("\"libguile-ncurses\"")
(format #f "\"~a/lib/libguile-ncurses\""
out)))))
%standard-phases)))
out)))))))))
(home-page "http://www.gnu.org/software/guile-ncurses/")
(synopsis "Guile bindings to ncurses")
(description

View file

@ -2622,15 +2622,20 @@ (define-public thinkfan
`("-DUSE_ATASMART:BOOL=ON")
#:phases
(modify-phases %standard-phases
;; Install scripts for various foreign init systems.
;; Install scripts for various foreign init systems. Also fix
;; hard-coded path for daemon.
(add-after 'install 'install-rc-scripts
(lambda* (#:key outputs #:allow-other-keys)
(let ((out (assoc-ref outputs "out"))
(files (find-files
(string-append "../thinkfan-" ,version "/rcscripts")
".*")))
(substitute* files
(("/usr/sbin/(\\$NAME|thinkfan)" _ name)
(string-append out "/sbin/" name)))
(for-each (cute install-file <>
(string-append (assoc-ref outputs "out")
"/share/thinkfan"))
(find-files (string-append "../thinkfan-" ,version
"/rcscripts")
".*"))
(string-append out "/share/thinkfan"))
files))
#t)))))
(inputs
`(("libatasmart" ,libatasmart)))

View file

@ -667,7 +667,7 @@ (define-public msmtp
(define-public exim
(package
(name "exim")
(version "4.86.2")
(version "4.87")
(source
(origin
(method url-fetch)
@ -677,7 +677,7 @@ (define-public exim
version ".tar.bz2")))
(sha256
(base32
"1cvfcc1hi60lydv8h3a2rxlfc0v2nflwpvzjj7h7cdsqs2pxwmkp"))))
"1jbxn13shq90kpn0s73qpjnx5xm8jrpwhcwwgqw5s6sdzw6iwsbl"))))
(build-system gnu-build-system)
(inputs
`(("bdb" ,bdb)

View file

@ -3,6 +3,7 @@
;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com>
;;; Copyright © 2015 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;;
;;; This file is part of GNU Guix.
;;;
@ -92,7 +93,7 @@ (define-public ntp
(define-public openntpd
(package
(name "openntpd")
(version "5.7p3")
(version "5.9p1")
(source (origin
(method url-fetch)
;; XXX Use mirror://openbsd
@ -101,7 +102,7 @@ (define-public openntpd
version ".tar.gz"))
(sha256
(base32
"0filjmb3b8rc39bvhm8q2azzj10ljfgq41qih71pxv919j57qhag"))))
"1cwp6vxv7nj039kgbf0mgfm06f8zc4axawdc7ijl2r2ddl2h8310"))))
(build-system gnu-build-system)
(home-page "http://www.openntpd.org/")
(synopsis "NTP client and server by the OpenBSD Project")

View file

@ -1,48 +0,0 @@
From 156a2e4dbffa85997636a7a39ef12da6f1b40254 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Mon, 14 Dec 2015 09:21:23 +0100
Subject: [PATCH] ehci: make idt processing more robust
Make ehci_process_itd return an error in case we didn't do any actual
iso transfer because we've found no active transaction. That'll avoid
ehci happily run in circles forever if the guest builds a loop out of
idts.
This is CVE-2015-8558.
Cc: qemu-stable@nongnu.org
Reported-by: Qinghao Tang <luodalongde@gmail.com>
Tested-by: P J P <ppandit@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hw/usb/hcd-ehci.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
index 4e2161b..d07f228 100644
--- a/hw/usb/hcd-ehci.c
+++ b/hw/usb/hcd-ehci.c
@@ -1389,7 +1389,7 @@ static int ehci_process_itd(EHCIState *ehci,
{
USBDevice *dev;
USBEndpoint *ep;
- uint32_t i, len, pid, dir, devaddr, endp;
+ uint32_t i, len, pid, dir, devaddr, endp, xfers = 0;
uint32_t pg, off, ptr1, ptr2, max, mult;
ehci->periodic_sched_active = PERIODIC_ACTIVE;
@@ -1479,9 +1479,10 @@ static int ehci_process_itd(EHCIState *ehci,
ehci_raise_irq(ehci, USBSTS_INT);
}
itd->transact[i] &= ~ITD_XACT_ACTIVE;
+ xfers++;
}
}
- return 0;
+ return xfers ? 0 : -1;
}
--
2.6.3

View file

@ -1,93 +0,0 @@
From aa4a3dce1c88ed51b616806b8214b7c8428b7470 Mon Sep 17 00:00:00 2001
From: P J P <ppandit@redhat.com>
Date: Tue, 15 Dec 2015 12:27:54 +0530
Subject: [PATCH] net: vmxnet3: avoid memory leakage in activate_device
Vmxnet3 device emulator does not check if the device is active
before activating it, also it did not free the transmit & receive
buffers while deactivating the device, thus resulting in memory
leakage on the host. This patch fixes both these issues to avoid
host memory leakage.
Reported-by: Qinghao Tang <luodalongde@gmail.com>
Reviewed-by: Dmitry Fleytman <dmitry@daynix.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Cc: qemu-stable@nongnu.org
Signed-off-by: Jason Wang <jasowang@redhat.com>
---
hw/net/vmxnet3.c | 24 ++++++++++++++++--------
1 file changed, 16 insertions(+), 8 deletions(-)
diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
index a5dd79a..9c1adfc 100644
--- a/hw/net/vmxnet3.c
+++ b/hw/net/vmxnet3.c
@@ -1194,8 +1194,13 @@ static void vmxnet3_reset_mac(VMXNET3State *s)
static void vmxnet3_deactivate_device(VMXNET3State *s)
{
- VMW_CBPRN("Deactivating vmxnet3...");
- s->device_active = false;
+ if (s->device_active) {
+ VMW_CBPRN("Deactivating vmxnet3...");
+ vmxnet_tx_pkt_reset(s->tx_pkt);
+ vmxnet_tx_pkt_uninit(s->tx_pkt);
+ vmxnet_rx_pkt_uninit(s->rx_pkt);
+ s->device_active = false;
+ }
}
static void vmxnet3_reset(VMXNET3State *s)
@@ -1204,7 +1209,6 @@ static void vmxnet3_reset(VMXNET3State *s)
vmxnet3_deactivate_device(s);
vmxnet3_reset_interrupt_states(s);
- vmxnet_tx_pkt_reset(s->tx_pkt);
s->drv_shmem = 0;
s->tx_sop = true;
s->skip_current_tx_pkt = false;
@@ -1431,6 +1435,12 @@ static void vmxnet3_activate_device(VMXNET3State *s)
return;
}
+ /* Verify if device is active */
+ if (s->device_active) {
+ VMW_CFPRN("Vmxnet3 device is active");
+ return;
+ }
+
vmxnet3_adjust_by_guest_type(s);
vmxnet3_update_features(s);
vmxnet3_update_pm_state(s);
@@ -1627,7 +1637,7 @@ static void vmxnet3_handle_command(VMXNET3State *s, uint64_t cmd)
break;
case VMXNET3_CMD_QUIESCE_DEV:
- VMW_CBPRN("Set: VMXNET3_CMD_QUIESCE_DEV - pause the device");
+ VMW_CBPRN("Set: VMXNET3_CMD_QUIESCE_DEV - deactivate the device");
vmxnet3_deactivate_device(s);
break;
@@ -1741,7 +1751,7 @@ vmxnet3_io_bar1_write(void *opaque,
* shared address only after we get the high part
*/
if (val == 0) {
- s->device_active = false;
+ vmxnet3_deactivate_device(s);
}
s->temp_shared_guest_driver_memory = val;
s->drv_shmem = 0;
@@ -2021,9 +2031,7 @@ static bool vmxnet3_peer_has_vnet_hdr(VMXNET3State *s)
static void vmxnet3_net_uninit(VMXNET3State *s)
{
g_free(s->mcast_list);
- vmxnet_tx_pkt_reset(s->tx_pkt);
- vmxnet_tx_pkt_uninit(s->tx_pkt);
- vmxnet_rx_pkt_uninit(s->rx_pkt);
+ vmxnet3_deactivate_device(s);
qemu_del_nic(s->nic);
}
--
2.6.3

View file

@ -1,35 +0,0 @@
From 36fef36b91f7ec0435215860f1458b5342ce2811 Mon Sep 17 00:00:00 2001
From: P J P <ppandit@redhat.com>
Date: Mon, 21 Dec 2015 15:13:13 +0530
Subject: [PATCH] scsi: initialise info object with appropriate size
While processing controller 'CTRL_GET_INFO' command, the routine
'megasas_ctrl_get_info' overflows the '&info' object size. Use its
appropriate size to null initialise it.
Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <alpine.LFD.2.20.1512211501420.22471@wniryva>
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: P J P <ppandit@redhat.com>
---
hw/scsi/megasas.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index d7dc667..576f56c 100644
--- a/hw/scsi/megasas.c
+++ b/hw/scsi/megasas.c
@@ -718,7 +718,7 @@ static int megasas_ctrl_get_info(MegasasState *s, MegasasCmd *cmd)
BusChild *kid;
int num_pd_disks = 0;
- memset(&info, 0x0, cmd->iov_size);
+ memset(&info, 0x0, dcmd_size);
if (cmd->iov_size < dcmd_size) {
trace_megasas_dcmd_invalid_xfer_len(cmd->index, cmd->iov_size,
dcmd_size);
--
2.6.3

View file

@ -1,119 +0,0 @@
From: Wolfgang Bumiller <w.bumiller@proxmox.com>
Date: Wed, 13 Jan 2016 09:09:58 +0100
Subject: [PATCH] hmp: fix sendkey out of bounds write (CVE-2015-8619)
When processing 'sendkey' command, hmp_sendkey routine null
terminates the 'keyname_buf' array. This results in an OOB
write issue, if 'keyname_len' was to fall outside of
'keyname_buf' array.
Since the keyname's length is known the keyname_buf can be
removed altogether by adding a length parameter to
index_from_key() and using it for the error output as well.
Reported-by: Ling Liu <liuling-it@360.cn>
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Message-Id: <20160113080958.GA18934@olga>
[Comparison with "<" dumbed down, test for junk after strtoul()
tweaked]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
(cherry picked from commit 64ffbe04eaafebf4045a3ace52a360c14959d196)
---
hmp.c | 18 ++++++++----------
include/ui/console.h | 2 +-
ui/input-legacy.c | 5 +++--
3 files changed, 12 insertions(+), 13 deletions(-)
diff --git a/hmp.c b/hmp.c
index 2140605..1904203 100644
--- a/hmp.c
+++ b/hmp.c
@@ -1734,21 +1734,18 @@ void hmp_sendkey(Monitor *mon, const QDict *qdict)
int has_hold_time = qdict_haskey(qdict, "hold-time");
int hold_time = qdict_get_try_int(qdict, "hold-time", -1);
Error *err = NULL;
- char keyname_buf[16];
char *separator;
int keyname_len;
while (1) {
separator = strchr(keys, '-');
keyname_len = separator ? separator - keys : strlen(keys);
- pstrcpy(keyname_buf, sizeof(keyname_buf), keys);
/* Be compatible with old interface, convert user inputted "<" */
- if (!strncmp(keyname_buf, "<", 1) && keyname_len == 1) {
- pstrcpy(keyname_buf, sizeof(keyname_buf), "less");
+ if (keys[0] == '<' && keyname_len == 1) {
+ keys = "less";
keyname_len = 4;
}
- keyname_buf[keyname_len] = 0;
keylist = g_malloc0(sizeof(*keylist));
keylist->value = g_malloc0(sizeof(*keylist->value));
@@ -1761,16 +1758,17 @@ void hmp_sendkey(Monitor *mon, const QDict *qdict)
}
tmp = keylist;
- if (strstart(keyname_buf, "0x", NULL)) {
+ if (strstart(keys, "0x", NULL)) {
char *endp;
- int value = strtoul(keyname_buf, &endp, 0);
- if (*endp != '\0') {
+ int value = strtoul(keys, &endp, 0);
+ assert(endp <= keys + keyname_len);
+ if (endp != keys + keyname_len) {
goto err_out;
}
keylist->value->type = KEY_VALUE_KIND_NUMBER;
keylist->value->u.number = value;
} else {
- int idx = index_from_key(keyname_buf);
+ int idx = index_from_key(keys, keyname_len);
if (idx == Q_KEY_CODE_MAX) {
goto err_out;
}
@@ -1792,7 +1790,7 @@ out:
return;
err_out:
- monitor_printf(mon, "invalid parameter: %s\n", keyname_buf);
+ monitor_printf(mon, "invalid parameter: %.*s\n", keyname_len, keys);
goto out;
}
diff --git a/include/ui/console.h b/include/ui/console.h
index c249db4..5739bdd 100644
--- a/include/ui/console.h
+++ b/include/ui/console.h
@@ -433,7 +433,7 @@ static inline int vnc_display_pw_expire(const char *id, time_t expires)
void curses_display_init(DisplayState *ds, int full_screen);
/* input.c */
-int index_from_key(const char *key);
+int index_from_key(const char *key, size_t key_length);
/* gtk.c */
void early_gtk_display_init(int opengl);
diff --git a/ui/input-legacy.c b/ui/input-legacy.c
index e0a39f0..3f28bbc 100644
--- a/ui/input-legacy.c
+++ b/ui/input-legacy.c
@@ -57,12 +57,13 @@ struct QEMUPutLEDEntry {
static QTAILQ_HEAD(, QEMUPutLEDEntry) led_handlers =
QTAILQ_HEAD_INITIALIZER(led_handlers);
-int index_from_key(const char *key)
+int index_from_key(const char *key, size_t key_length)
{
int i;
for (i = 0; QKeyCode_lookup[i] != NULL; i++) {
- if (!strcmp(key, QKeyCode_lookup[i])) {
+ if (!strncmp(key, QKeyCode_lookup[i], key_length) &&
+ !QKeyCode_lookup[i][key_length]) {
break;
}
}

View file

@ -1,47 +0,0 @@
From 007cd223de527b5f41278f2d886c1a4beb3e67aa Mon Sep 17 00:00:00 2001
From: Prasad J Pandit <pjp@fedoraproject.org>
Date: Mon, 28 Dec 2015 16:24:08 +0530
Subject: [PATCH] net: rocker: fix an incorrect array bounds check
While processing transmit(tx) descriptors in 'tx_consume' routine
the switch emulator suffers from an off-by-one error, if a
descriptor was to have more than allowed(ROCKER_TX_FRAGS_MAX=16)
fragments. Fix an incorrect bounds check to avoid it.
Reported-by: Qinghao Tang <luodalongde@gmail.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Signed-off-by: Jason Wang <jasowang@redhat.com>
---
hw/net/rocker/rocker.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/hw/net/rocker/rocker.c b/hw/net/rocker/rocker.c
index c57f1a6..2e77e50 100644
--- a/hw/net/rocker/rocker.c
+++ b/hw/net/rocker/rocker.c
@@ -232,6 +232,9 @@ static int tx_consume(Rocker *r, DescInfo *info)
frag_addr = rocker_tlv_get_le64(tlvs[ROCKER_TLV_TX_FRAG_ATTR_ADDR]);
frag_len = rocker_tlv_get_le16(tlvs[ROCKER_TLV_TX_FRAG_ATTR_LEN]);
+ if (iovcnt >= ROCKER_TX_FRAGS_MAX) {
+ goto err_too_many_frags;
+ }
iov[iovcnt].iov_len = frag_len;
iov[iovcnt].iov_base = g_malloc(frag_len);
if (!iov[iovcnt].iov_base) {
@@ -244,10 +247,7 @@ static int tx_consume(Rocker *r, DescInfo *info)
err = -ROCKER_ENXIO;
goto err_bad_io;
}
-
- if (++iovcnt > ROCKER_TX_FRAGS_MAX) {
- goto err_too_many_frags;
- }
+ iovcnt++;
}
if (iovcnt) {
--
2.6.3

View file

@ -1,48 +0,0 @@
From aa7f9966dfdff500bbbf1956d9e115b1fa8987a6 Mon Sep 17 00:00:00 2001
From: Prasad J Pandit <pjp@fedoraproject.org>
Date: Thu, 31 Dec 2015 17:05:27 +0530
Subject: [PATCH] net: ne2000: fix bounds check in ioport operations
While doing ioport r/w operations, ne2000 device emulation suffers
from OOB r/w errors. Update respective array bounds check to avoid
OOB access.
Reported-by: Ling Liu <liuling-it@360.cn>
Cc: qemu-stable@nongnu.org
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Signed-off-by: Jason Wang <jasowang@redhat.com>
---
hw/net/ne2000.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/hw/net/ne2000.c b/hw/net/ne2000.c
index 010f9ef..a3dffff 100644
--- a/hw/net/ne2000.c
+++ b/hw/net/ne2000.c
@@ -467,8 +467,9 @@ static inline void ne2000_mem_writel(NE2000State *s, uint32_t addr,
uint32_t val)
{
addr &= ~1; /* XXX: check exact behaviour if not even */
- if (addr < 32 ||
- (addr >= NE2000_PMEM_START && addr < NE2000_MEM_SIZE)) {
+ if (addr < 32
+ || (addr >= NE2000_PMEM_START
+ && addr + sizeof(uint32_t) <= NE2000_MEM_SIZE)) {
stl_le_p(s->mem + addr, val);
}
}
@@ -497,8 +498,9 @@ static inline uint32_t ne2000_mem_readw(NE2000State *s, uint32_t addr)
static inline uint32_t ne2000_mem_readl(NE2000State *s, uint32_t addr)
{
addr &= ~1; /* XXX: check exact behaviour if not even */
- if (addr < 32 ||
- (addr >= NE2000_PMEM_START && addr < NE2000_MEM_SIZE)) {
+ if (addr < 32
+ || (addr >= NE2000_PMEM_START
+ && addr + sizeof(uint32_t) <= NE2000_MEM_SIZE)) {
return ldl_le_p(s->mem + addr);
} else {
return 0xffffffff;
--
2.6.3

View file

@ -1,39 +0,0 @@
From 4ab0359a8ae182a7ac5c99609667273167703fab Mon Sep 17 00:00:00 2001
From: Prasad J Pandit <pjp@fedoraproject.org>
Date: Mon, 11 Jan 2016 14:10:42 -0500
Subject: [PATCH] ide: ahci: reset ncq object to unused on error
When processing NCQ commands, AHCI device emulation prepares a
NCQ transfer object; To which an aio control block(aiocb) object
is assigned in 'execute_ncq_command'. In case, when the NCQ
command is invalid, the 'aiocb' object is not assigned, and NCQ
transfer object is left as 'used'. This leads to a use after
free kind of error in 'bdrv_aio_cancel_async' via 'ahci_reset_port'.
Reset NCQ transfer object to 'unused' to avoid it.
[Maintainer edit: s/ACHI/AHCI/ in the commit message. --js]
Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Reviewed-by: John Snow <jsnow@redhat.com>
Message-id: 1452282511-4116-1-git-send-email-ppandit@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
---
hw/ide/ahci.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/hw/ide/ahci.c b/hw/ide/ahci.c
index dd1912e..17f1cbd 100644
--- a/hw/ide/ahci.c
+++ b/hw/ide/ahci.c
@@ -910,6 +910,7 @@ static void ncq_err(NCQTransferState *ncq_tfs)
ide_state->error = ABRT_ERR;
ide_state->status = READY_STAT | ERR_STAT;
ncq_tfs->drive->port_regs.scr_err |= (1 << ncq_tfs->tag);
+ ncq_tfs->used = 0;
}
static void ncq_finish(NCQTransferState *ncq_tfs)
--
2.6.3

View file

@ -1,65 +0,0 @@
From 4c1396cb576c9b14425558b73de1584c7a9735d7 Mon Sep 17 00:00:00 2001
From: P J P <ppandit@redhat.com>
Date: Fri, 18 Dec 2015 11:35:07 +0530
Subject: [PATCH] i386: avoid null pointer dereference
Hello,
A null pointer dereference issue was reported by Mr Ling Liu, CC'd here. It
occurs while doing I/O port write operations via hmp interface. In that,
'current_cpu' remains null as it is not called from cpu_exec loop, which
results in the said issue.
Below is a proposed (tested)patch to fix this issue; Does it look okay?
===
From ae88a4947fab9a148cd794f8ad2d812e7f5a1d0f Mon Sep 17 00:00:00 2001
From: Prasad J Pandit <pjp@fedoraproject.org>
Date: Fri, 18 Dec 2015 11:16:07 +0530
Subject: [PATCH] i386: avoid null pointer dereference
When I/O port write operation is called from hmp interface,
'current_cpu' remains null, as it is not called from cpu_exec()
loop. This leads to a null pointer dereference in vapic_write
routine. Add check to avoid it.
Reported-by: Ling Liu <liuling-it@360.cn>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <alpine.LFD.2.20.1512181129320.9805@wniryva>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: P J P <ppandit@redhat.com>
---
hw/i386/kvmvapic.c | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/hw/i386/kvmvapic.c b/hw/i386/kvmvapic.c
index c6d34b2..f0922da 100644
--- a/hw/i386/kvmvapic.c
+++ b/hw/i386/kvmvapic.c
@@ -634,13 +634,18 @@ static int vapic_prepare(VAPICROMState *s)
static void vapic_write(void *opaque, hwaddr addr, uint64_t data,
unsigned int size)
{
- CPUState *cs = current_cpu;
- X86CPU *cpu = X86_CPU(cs);
- CPUX86State *env = &cpu->env;
- hwaddr rom_paddr;
VAPICROMState *s = opaque;
+ X86CPU *cpu;
+ CPUX86State *env;
+ hwaddr rom_paddr;
- cpu_synchronize_state(cs);
+ if (!current_cpu) {
+ return;
+ }
+
+ cpu_synchronize_state(current_cpu);
+ cpu = X86_CPU(current_cpu);
+ env = &cpu->env;
/*
* The VAPIC supports two PIO-based hypercalls, both via port 0x7E.
--
2.6.3

View file

@ -1,95 +0,0 @@
From: Laszlo Ersek <lersek@redhat.com>
Date: Tue, 19 Jan 2016 14:17:20 +0100
Subject: [PATCH] e1000: eliminate infinite loops on out-of-bounds transfer
start
The start_xmit() and e1000_receive_iov() functions implement DMA transfers
iterating over a set of descriptors that the guest's e1000 driver
prepares:
- the TDLEN and RDLEN registers store the total size of the descriptor
area,
- while the TDH and RDH registers store the offset (in whole tx / rx
descriptors) into the area where the transfer is supposed to start.
Each time a descriptor is processed, the TDH and RDH register is bumped
(as appropriate for the transfer direction).
QEMU already contains logic to deal with bogus transfers submitted by the
guest:
- Normally, the transmit case wants to increase TDH from its initial value
to TDT. (TDT is allowed to be numerically smaller than the initial TDH
value; wrapping at or above TDLEN bytes to zero is normal.) The failsafe
that QEMU currently has here is a check against reaching the original
TDH value again -- a complete wraparound, which should never happen.
- In the receive case RDH is increased from its initial value until
"total_size" bytes have been received; preferably in a single step, or
in "s->rxbuf_size" byte steps, if the latter is smaller. However, null
RX descriptors are skipped without receiving data, while RDH is
incremented just the same. QEMU tries to prevent an infinite loop
(processing only null RX descriptors) by detecting whether RDH assumes
its original value during the loop. (Again, wrapping from RDLEN to 0 is
normal.)
What both directions miss is that the guest could program TDLEN and RDLEN
so low, and the initial TDH and RDH so high, that these registers will
immediately be truncated to zero, and then never reassume their initial
values in the loop -- a full wraparound will never occur.
The condition that expresses this is:
xdh_start >= s->mac_reg[XDLEN] / sizeof(desc)
i.e., TDH or RDH start out after the last whole rx or tx descriptor that
fits into the TDLEN or RDLEN sized area.
This condition could be checked before we enter the loops, but
pci_dma_read() / pci_dma_write() knows how to fill in buffers safely for
bogus DMA addresses, so we just extend the existing failsafes with the
above condition.
This is CVE-2016-1981.
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Petr Matousek <pmatouse@redhat.com>
Cc: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Cc: Prasad Pandit <ppandit@redhat.com>
Cc: Michael Roth <mdroth@linux.vnet.ibm.com>
Cc: Jason Wang <jasowang@redhat.com>
Cc: qemu-stable@nongnu.org
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1296044
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
(cherry picked from commit dd793a74882477ca38d49e191110c17dfee51dcc)
---
hw/net/e1000.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/hw/net/e1000.c b/hw/net/e1000.c
index bec06e9..34d0823 100644
--- a/hw/net/e1000.c
+++ b/hw/net/e1000.c
@@ -908,7 +908,8 @@ start_xmit(E1000State *s)
* bogus values to TDT/TDLEN.
* there's nothing too intelligent we could do about this.
*/
- if (s->mac_reg[TDH] == tdh_start) {
+ if (s->mac_reg[TDH] == tdh_start ||
+ tdh_start >= s->mac_reg[TDLEN] / sizeof(desc)) {
DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]);
break;
@@ -1165,7 +1166,8 @@ e1000_receive_iov(NetClientState *nc, const struct iovec *iov, int iovcnt)
if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
s->mac_reg[RDH] = 0;
/* see comment in start_xmit; same here */
- if (s->mac_reg[RDH] == rdh_start) {
+ if (s->mac_reg[RDH] == rdh_start ||
+ rdh_start >= s->mac_reg[RDLEN] / sizeof(desc)) {
DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]);
set_ics(s, 0, E1000_ICS_RXO);

View file

@ -1,40 +0,0 @@
From: John Snow <jsnow@redhat.com>
Date: Wed, 10 Feb 2016 13:29:40 -0500
Subject: [PATCH] ahci: Do not unmap NULL addresses
Definitely don't try to unmap a garbage address.
Reported-by: Zuozhi fzz <zuozhi.fzz@alibaba-inc.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 1454103689-13042-2-git-send-email-jsnow@redhat.com
(cherry picked from commit 99b4cb71069f109b79b27bc629fc0cf0886dbc4b)
---
hw/ide/ahci.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/hw/ide/ahci.c b/hw/ide/ahci.c
index 17f1cbd..cdc9299 100644
--- a/hw/ide/ahci.c
+++ b/hw/ide/ahci.c
@@ -661,6 +661,10 @@ static bool ahci_map_fis_address(AHCIDevice *ad)
static void ahci_unmap_fis_address(AHCIDevice *ad)
{
+ if (ad->res_fis == NULL) {
+ DPRINTF(ad->port_no, "Attempt to unmap NULL FIS address\n");
+ return;
+ }
dma_memory_unmap(ad->hba->as, ad->res_fis, 256,
DMA_DIRECTION_FROM_DEVICE, 256);
ad->res_fis = NULL;
@@ -677,6 +681,10 @@ static bool ahci_map_clb_address(AHCIDevice *ad)
static void ahci_unmap_clb_address(AHCIDevice *ad)
{
+ if (ad->lst == NULL) {
+ DPRINTF(ad->port_no, "Attempt to unmap NULL CLB address\n");
+ return;
+ }
dma_memory_unmap(ad->hba->as, ad->lst, 1024,
DMA_DIRECTION_FROM_DEVICE, 1024);
ad->lst = NULL;

View file

@ -1,49 +0,0 @@
From: Prasad J Pandit <pjp@fedoraproject.org>
Date: Wed, 20 Jan 2016 01:26:46 +0530
Subject: [PATCH] usb: check page select value while processing iTD
While processing isochronous transfer descriptors(iTD), the page
select(PG) field value could lead to an OOB read access. Add
check to avoid it.
Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-id: 1453233406-12165-1-git-send-email-ppandit@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit 49d925ce50383a286278143c05511d30ec41a36e)
---
hw/usb/hcd-ehci.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
index d07f228..c40013e 100644
--- a/hw/usb/hcd-ehci.c
+++ b/hw/usb/hcd-ehci.c
@@ -1404,21 +1404,23 @@ static int ehci_process_itd(EHCIState *ehci,
if (itd->transact[i] & ITD_XACT_ACTIVE) {
pg = get_field(itd->transact[i], ITD_XACT_PGSEL);
off = itd->transact[i] & ITD_XACT_OFFSET_MASK;
- ptr1 = (itd->bufptr[pg] & ITD_BUFPTR_MASK);
- ptr2 = (itd->bufptr[pg+1] & ITD_BUFPTR_MASK);
len = get_field(itd->transact[i], ITD_XACT_LENGTH);
if (len > max * mult) {
len = max * mult;
}
-
- if (len > BUFF_SIZE) {
+ if (len > BUFF_SIZE || pg > 6) {
return -1;
}
+ ptr1 = (itd->bufptr[pg] & ITD_BUFPTR_MASK);
qemu_sglist_init(&ehci->isgl, ehci->device, 2, ehci->as);
if (off + len > 4096) {
/* transfer crosses page border */
+ if (pg == 6) {
+ return -1; /* avoid page pg + 1 */
+ }
+ ptr2 = (itd->bufptr[pg + 1] & ITD_BUFPTR_MASK);
uint32_t len2 = off + len - 4096;
uint32_t len1 = len - len2;
qemu_sglist_add(&ehci->isgl, ptr1 + off, len1);

View file

@ -1,34 +0,0 @@
From 4b3a4f2d458ca5a7c6c16ac36a8d9ac22cc253d6 Mon Sep 17 00:00:00 2001
From: Greg Kurz <gkurz@linux.vnet.ibm.com>
Date: Wed, 23 Dec 2015 10:56:58 +0100
Subject: [PATCH] virtio-9p: use accessor to get thread_pool
The aio_context_new() function does not allocate a thread pool. This is
deferred to the first call to the aio_get_thread_pool() accessor. It is
hence forbidden to access the thread_pool field directly, as it may be
NULL. The accessor *must* be used always.
Fixes: ebac1202c95a4f1b76b6ef3f0f63926fa76e753e
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Tested-by: Michael Tokarev <mjt@tls.msk.ru>
Cc: qemu-stable@nongnu.org
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
---
hw/9pfs/virtio-9p-coth.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/9pfs/virtio-9p-coth.c b/hw/9pfs/virtio-9p-coth.c
index fb6e8f8..ab9425c 100644
--- a/hw/9pfs/virtio-9p-coth.c
+++ b/hw/9pfs/virtio-9p-coth.c
@@ -36,6 +36,6 @@ static int coroutine_enter_func(void *arg)
void co_run_in_worker_bh(void *opaque)
{
Coroutine *co = opaque;
- thread_pool_submit_aio(qemu_get_aio_context()->thread_pool,
+ thread_pool_submit_aio(aio_get_thread_pool(qemu_get_aio_context()),
coroutine_enter_func, co, coroutine_enter_cb, co);
}
--
2.6.3

View file

@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2015, 2016 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;;
;;; This file is part of GNU Guix.
;;;
@ -54,30 +55,20 @@ (define (qemu-patch commit file-name sha256)
(define-public qemu
(package
(name "qemu")
(version "2.5.0")
(version "2.5.1.1")
(source (origin
(method url-fetch)
(uri (string-append "http://wiki.qemu-project.org/download/qemu-"
version ".tar.bz2"))
(sha256
(base32
"1m3j6xl7msrniidkvr5pw9d44yba5m7hm42xz8xy77v105s8hhrl"))
(patches (search-patches
"qemu-virtio-9p-use-accessor-to-get-thread-pool.patch"
"qemu-CVE-2015-8558.patch"
"qemu-CVE-2015-8567.patch"
"qemu-CVE-2016-1922.patch"
"qemu-CVE-2015-8613.patch"
"qemu-CVE-2015-8701.patch"
"qemu-CVE-2015-8743.patch"
"qemu-CVE-2016-1568.patch"
"qemu-CVE-2015-8619.patch"
"qemu-CVE-2016-1981.patch"
"qemu-usb-ehci-oob-read.patch"
"qemu-CVE-2016-2197.patch"))))
"1rpgr1v6gnsdb4bcxwn1krsz4d4h9xgvlg6ark648nkn8dp99n98"))))
(build-system gnu-build-system)
(arguments
'(#:phases (alist-replace
'(;; FIXME: On x86_64, the test 'check-qtest-x86_64' sometimes fails when
;; parallel builds are enabled.
#:parallel-tests? #f
#:phases (alist-replace
'configure
(lambda* (#:key inputs outputs (configure-flags '())
#:allow-other-keys)

View file

@ -56,44 +56,6 @@ (define-module (gnu packages qt)
#:use-module (gnu packages xorg)
#:use-module (gnu packages xml))
(define-public libxkbcommon
(package
(name "libxkbcommon")
(version "0.5.0")
(source (origin
(method url-fetch)
(uri (string-append "http://xkbcommon.org/download/" name "-"
version ".tar.xz"))
(sha256
(base32
"176ii5dn2wh74q48sd8ac37ljlvgvp5f506glr96z6ibfhj7igch"))))
(build-system gnu-build-system)
(inputs
`(("libx11" ,libx11)
("libxcb" ,libxcb)
("xkeyboard-config" ,xkeyboard-config)))
(native-inputs
`(("bison" ,bison)
("pkg-config" ,pkg-config)))
(arguments
`(#:configure-flags
(list (string-append "--with-xkb-config-root="
(assoc-ref %build-inputs "xkeyboard-config")
"/share/X11/xkb")
(string-append "--with-x-locale-root="
(assoc-ref %build-inputs "libx11")
"/share/X11/locale"))))
(home-page "http://xkbcommon.org/")
(synopsis "Library to handle keyboard descriptions")
(description "Xkbcommon is a library to handle keyboard descriptions,
including loading them from disk, parsing them and handling their
state. It is mainly meant for client toolkits, window systems, and other
system applications; currently that includes Wayland, kmscon, GTK+, Qt,
Clutter, and more. Despite the name, it is not currently used by anything
X11 (yet).")
(license (x11-style "file://COPYING"
"See 'COPYING' in the distribution."))))
(define-public qt
(package
(name "qt")

View file

@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013 Cyril Roelandt <tipecaml@gmail.com>
;;; Copyright © 2015 Amirouche Boubekki <amirouche@hypermove.net>
;;; Copyright © 2016 Al McElrath <hello@yrns.org>
;;;
;;; This file is part of GNU Guix.
;;;
@ -22,10 +23,13 @@ (define-module (gnu packages suckless)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix build-system gnu)
#:use-module (guix build-system glib-or-gtk)
#:use-module (gnu packages)
#:use-module (gnu packages gnome)
#:use-module (gnu packages xorg)
#:use-module (gnu packages fonts)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages webkit)
#:use-module (gnu packages fontutils))
(define-public dwm
@ -189,3 +193,38 @@ (define-public st
antialiased fonts (using fontconfig), fallback fonts, resizing, and line
drawing.")
(license license:x11)))
(define-public surf
(package
(name "surf")
(version "0.7")
(source
(origin
(method url-fetch)
(uri (string-append "http://dl.suckless.org/surf/surf-"
version ".tar.gz"))
(sha256
(base32
"0jj93izd8fizxfa6ln9w1h9bwki81sz5dhskh5x1rl34zd38aq4m"))))
(build-system glib-or-gtk-build-system)
(arguments
'(#:tests? #f ; no tests
#:make-flags (list "CC=gcc"
(string-append "PREFIX=" %output))
#:phases
(modify-phases %standard-phases
(delete 'configure))))
(inputs
`(("glib-networking" ,glib-networking)
("gsettings-desktop-schemas" ,gsettings-desktop-schemas)
("webkitgtk" ,webkitgtk/gtk+-2)))
(native-inputs
`(("pkg-config" ,pkg-config)))
(home-page "http://surf.suckless.org/")
(synopsis "Simple web browser")
(description
"Surf is a simple web browser based on WebKit/GTK+. It is able to
display websites and follow links. It supports the XEmbed protocol which
makes it possible to embed it in another application. Furthermore, one can
point surf to another URI by setting its XProperties.")
(license license:x11)))

View file

@ -373,14 +373,14 @@ (define-public libva
(define-public ffmpeg
(package
(name "ffmpeg")
(version "3.0")
(version "3.0.2")
(source (origin
(method url-fetch)
(uri (string-append "https://ffmpeg.org/releases/ffmpeg-"
version ".tar.xz"))
(sha256
(base32
"0w74b165l4ry4y72f4xmgd357pvbc7yr61y313v3ai6787p2rwqj"))))
"08sjp4dxgcinmv9ly7nm24swmn2cnbbhvph44ihlplf4n33kr542"))))
(build-system gnu-build-system)
(inputs
`(("fontconfig" ,fontconfig)
@ -529,7 +529,7 @@ (define-public ffmpeg
(format #t "setting LD_LIBRARY_PATH to ~s~%" path)
(setenv "LD_LIBRARY_PATH" path)
#t))))))
(home-page "http://www.ffmpeg.org/")
(home-page "https://www.ffmpeg.org/")
(synopsis "Audio and video framework")
(description "FFmpeg is a complete, cross-platform solution to record,
convert and stream audio and video. It includes the libavcodec
@ -860,7 +860,7 @@ (define-public libvpx
(define-public youtube-dl
(package
(name "youtube-dl")
(version "2016.04.06")
(version "2016.05.01")
(source (origin
(method url-fetch)
(uri (string-append "http://youtube-dl.org/downloads/"
@ -868,7 +868,7 @@ (define-public youtube-dl
version ".tar.gz"))
(sha256
(base32
"1kdrjwrn0x1wmvansvd2222gfqnld4zdihf2jwnz36112r1p8nhi"))))
"1w04afmwq5pjvp3nl2k59q0cigqrj9n8fwkydcfldwpq83l15j5d"))))
(build-system python-build-system)
(home-page "http://youtube-dl.org")
(arguments
@ -1266,14 +1266,15 @@ (define-public livestreamer
(define-public mlt
(package
(name "mlt")
(version "0.9.8")
(version "6.2.0")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/mlt/mlt/mlt-"
version ".tar.gz"))
(uri (string-append "https://github.com/mltframework/mlt/"
"archive/v" version ".tar.gz"))
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"0rmrkj7z9g3nr4099f3ff0r14l3ixcfnlx2cdbkqa6pxin0pv9bz"))))
"1zwzfgxrcbwkxnkiwv0a1rzxdnnaly90yyarl9wdw84nx11ffbnx"))))
(build-system gnu-build-system)
(arguments
`(#:tests? #f ; no tests
@ -1299,11 +1300,12 @@ (define-public mlt
("jack" ,jack-1)
("ladspa" ,ladspa)
("libsamplerate" ,libsamplerate)
("pulseaudio" ,pulseaudio)
("sdl" ,sdl)
("sox" ,sox)))
(native-inputs
`(("pkg-config" ,pkg-config)))
(home-page "http://www.mltframework.org/")
(home-page "https://www.mltframework.org/")
(synopsis "Author, manage, and run multitrack audio/video compositions")
(description
"MLT is a multimedia framework, designed and developed for television
@ -1316,14 +1318,14 @@ (define-public mlt
(define-public v4l-utils
(package
(name "v4l-utils")
(version "1.8.1")
(version "1.10.0")
(source (origin
(method url-fetch)
(uri (string-append "http://linuxtv.org/downloads/v4l-utils"
(uri (string-append "https://linuxtv.org/downloads/v4l-utils"
"/v4l-utils-" version ".tar.bz2"))
(sha256
(base32
"0cqv8drw0z0kfmz4f50a8kzbrz6vbj6j6q78030hgshr7yq1jqig"))))
"0srkwh3r6f0bkb4kp0d7i0mlmp8babs3qc22cdy1sw4awmzd5skq"))))
(build-system gnu-build-system)
(arguments
'(#:configure-flags
@ -1349,7 +1351,7 @@ (define-public v4l-utils
(define-public obs
(package
(name "obs")
(version "0.13.2")
(version "0.14.1")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/jp9000/obs-studio"
@ -1357,7 +1359,7 @@ (define-public obs
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"1awaqlhlzlqqnwqixw54z40hqcnr3fwlclq4vlsy2kvsfyqjfr2b"))))
"1w07ign2swfigmsjd2jyaqqdnj2zpzs8hzsjzzk5l377jbx3ml5g"))))
(build-system cmake-build-system)
(arguments '(#:tests? #f)) ; no tests
(native-inputs

View file

@ -37,7 +37,6 @@ (define-module (gnu packages wm)
#:use-module (gnu packages pulseaudio)
#:use-module (gnu packages xorg)
#:use-module (gnu packages xdisorg)
#:use-module (gnu packages qt)
#:use-module (gnu packages asciidoc)
#:use-module (gnu packages xml)
#:use-module (gnu packages m4)

View file

@ -54,8 +54,8 @@ (define-module (gnu packages xdisorg)
#:use-module (gnu packages guile)
#:use-module (gnu packages xml)
#:use-module (gnu packages gtk)
#:use-module (gnu packages qt)
#:use-module (gnu packages xorg))
#:use-module (gnu packages xorg)
#:use-module (gnu packages bison))
;; packages outside the x.org system proper
@ -122,6 +122,44 @@ (define-public xclip
avoiding password prompts when X11 forwarding has already been setup.")
(license license:gpl2+)))
(define-public libxkbcommon
(package
(name "libxkbcommon")
(version "0.5.0")
(source (origin
(method url-fetch)
(uri (string-append "http://xkbcommon.org/download/" name "-"
version ".tar.xz"))
(sha256
(base32
"176ii5dn2wh74q48sd8ac37ljlvgvp5f506glr96z6ibfhj7igch"))))
(build-system gnu-build-system)
(inputs
`(("libx11" ,libx11)
("libxcb" ,libxcb)
("xkeyboard-config" ,xkeyboard-config)))
(native-inputs
`(("bison" ,bison)
("pkg-config" ,pkg-config)))
(arguments
`(#:configure-flags
(list (string-append "--with-xkb-config-root="
(assoc-ref %build-inputs "xkeyboard-config")
"/share/X11/xkb")
(string-append "--with-x-locale-root="
(assoc-ref %build-inputs "libx11")
"/share/X11/locale"))))
(home-page "http://xkbcommon.org/")
(synopsis "Library to handle keyboard descriptions")
(description "Xkbcommon is a library to handle keyboard descriptions,
including loading them from disk, parsing them and handling their
state. It is mainly meant for client toolkits, window systems, and other
system applications; currently that includes Wayland, kmscon, GTK+, Qt,
Clutter, and more. Despite the name, it is not currently used by anything
X11 (yet).")
(license (license:x11-style "file://COPYING"
"See 'COPYING' in the distribution."))))
(define-public xdotool
(package
(name "xdotool")

View file

@ -128,17 +128,13 @@ (define marionette
"root\n"
(begin
(marionette-control "sendkey ctrl-alt-f1" marionette)
;; Wait for the 'term-tty1' service to be running
;; Wait for the 'term-tty1' service to be running (using
;; 'start-service' is the simplest and most reliable way to do
;; that.)
(marionette-eval
'(begin
(use-modules (gnu services herd))
(let loop ((i 0))
(when (> i 10)
(error "terminal service not running" (current-services)))
(unless (memq 'term-tty1 (current-services))
(sleep 1)
(loop (+ i 1)))))
(start-service 'term-tty1))
marionette)
;; Now we can type.

View file

@ -44,6 +44,7 @@ (define-module (guix utils)
#:use-module (ice-9 format)
#:use-module ((ice-9 iconv) #:select (bytevector->string))
#:use-module (system foreign)
#:re-export (memoize) ; for backwards compatibility
#:export (bytevector->base16-string
base16-string->bytevector