3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

188 commits

Author SHA1 Message Date
Martin Weinelt c3f268000e
qemu: fix CVE-2020-28916
While receiving packets via e1000e_write_packet_to_guest an infinite
loop could be triggered if the receive descriptor had a NULL buffer
address.

A privileged guest user could use this to induce a DoS Scenario.

Fixes: CVE-2020-28916
2020-12-01 16:54:21 +01:00
Martin Weinelt bd3ce46719
qemu: fix CVE-2020-29129, CVE-2020-29130 in vendored libslirp
Fixes out-of-bounds access in libslirp while processing ARP/NCSI packets.

Fixes: CVE-2020-29129, CVE-2020-29130
2020-11-28 02:47:44 +01:00
Martin Weinelt 0c54b757e9
qemu: apply patch for CVE-2020-27617
An assert(3) failure issue was found in the networking helper functions of QEMU. It could occur in the eth_get_gso_type() routine, if a packet does not have a valid networking L3 protocol (ex. IPv4, IPv6) value. A guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.

Fixes: CVE-2020-27617
2020-11-02 14:01:01 +01:00
Andreas Rammhold 2451796b49
qemu: make ncurses optional for the test runner
This shaves another 3MB off the closure size of QEMU.
2020-10-19 17:49:31 +02:00
Andreas Rammhold e79eed4840
qemu: strip down the features for the test runner
This allows much faster VM-test based systemd testing as the closure of
qemu suddenly shrinks to reasonable sizes again.
2020-10-19 17:39:47 +02:00
Arthur Gautier 4e73ee6a53 qemu: adds tpm support 2020-08-23 17:24:38 -07:00
misuzu 24028674a1 qemu: 5.0.0 -> 5.1.0 2020-08-16 08:12:55 +00:00
worldofpeace bf5fe68ad2
Merge pull request #95203 from alyssais/qemu
qemu-utils: install man pages
2020-08-11 17:10:41 -04:00
Alyssa Ross 1e3d56ec16
qemu-utils: install man pages 2020-08-11 21:02:49 +00:00
Peter Hoeg cde67612b2 qemu: drop invalid and redundant qemu.desktop 2020-07-22 13:38:23 +08:00
Markus Kowalewski 5d87992126
qemu-utils: inherit meta data from qemu 2020-06-11 18:27:34 +02:00
Frederik Rietdijk 08900c0554 Merge master into staging-next 2020-06-04 15:25:54 +02:00
Florian Klink c7eb16cec3 qemu: wrap GTK binaries
Applications using a different GTK version than the user session don't
work well, and people often run NixOS VM tests on different channels.

Wrapping these GTK binaries is a common way to fix this.

Fixes #69158
2020-06-01 23:06:28 +02:00
Scott Worley f2406c602a qemu: 4.2.0 -> 5.0.0 2020-05-19 21:51:33 +02:00
Michael Reilly 84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
Andrew Dunham ef3addb1cb qemu: add patches for CVE-2020-7039 and CVE-2020-7211
Fixes #78762
2020-02-01 16:37:15 -08:00
Robert Scott f5c0d150e7 qemu: add patch for CVE-2019-15890 2019-12-19 00:51:04 +00:00
Robert Scott 8c3a97fa7e qemu: 4.1.0 -> 4.2.0 2019-12-18 22:00:49 +00:00
hyperfekt 4dce5d71c6 qemu: name -> pname 2019-11-05 23:39:12 +00:00
Joachim F 2c117aec37
Merge pull request #58471 from colemickens/cu
cloud-utils: use `qemu-utils` instead of `qemu`
2019-10-02 09:59:52 +00:00
Izorkin a2226d7de5 qemu: 4.0.0 -> 4.1.0 2019-08-17 21:00:40 +03:00
Nikolay Amiantov ef8addb919 qemu: fix documentation 2019-07-03 21:11:59 +03:00
Matthew Bauer 4d6f65b81f
Merge pull request #62167 from matthewbauer/alias-libgl
Add libGL* aliases
2019-06-17 15:18:29 -04:00
Matthew Bauer 263f5891b6 treewide: mesa_noglu, mesa_drivers, libGL_driver -> mesa
Just use mesa for these to be more clear. Move these to aliases.nix
2019-06-17 14:43:18 -04:00
Marek Mahut a4e6261173 qemu: CVE-2019-12155 2019-06-15 23:54:01 +02:00
Will Dietz 35dea87c70
Merge pull request #60133 from dtzWill/update/qemu-4.0.0
qemu: 3.1.0 -> 4.0.0
2019-05-21 03:12:21 -05:00
volth 56b25e7034 qemu: fix cross (#60261) 2019-04-27 09:19:06 +02:00
Will Dietz bf35e8f0ba qemu: drop fix-hda-recording.patch, appears applied upstream
(across multiple commits, maybe?)
2019-04-23 21:44:25 -05:00
Will Dietz b6f020fe51 qemu: fix patch, drop CVE patch included 2019-04-23 21:44:23 -05:00
Will Dietz 9a711ccb8c qemu: 3.1.0 -> 4.0.0 2019-04-23 20:31:13 -05:00
Cole Mickens 23576f225c qemu-utils: init 2019-03-27 20:44:54 -07:00
Andreas Rammhold c7d7c6fc41
qemu: apply CVE-2019-3812 patch 2019-03-20 11:15:41 +01:00
aszlig 4c1ddb3a57
qemu: Apply interim fix for overlayfs + O_NOATIME
Our VM tests and everything related to our virtualisation infrastructure
is currently broken if used with kernel 4.19 or later.

The reason for this is that since 4.19, overlayfs uses the O_NOATIME
flag when opening files in lowerdir and this doesn't play nice with the
way we pass the Nix store to our QEMU guests.

On a NixOS system, paths in the Nix store are typically owned by root
but the QEMU process is usually run by an ordinary user. Using O_NOATIME
on a file where you're not the owner (or superuser) will return with
EPERM (Operation not permitted).

This is exactly what happens in our VM tests, because we're using
overlayfs in the guests to allow writes to the store.

Another implication of this is that the default kernel version for NixOS
19.03 has been reverted to Linux 4.14.

Work on getting this upstream is still ongoing and the patch I posted
previously was incomplete, needs rework and also some more review from
upstream maintainers - in summary: This will take a while.

So instead of rushing in a kernel patch to nixpkgs, which will affect
all users of overlayfs, not just NixOS VM tests, I opted to patch QEMU
for now to ignore the O_NOATIME flag in 9p.

I think this is also the least impacting change, because even if you
care about whether access times are written or not, you get the same
behaviour as with Linux 4.19 in conjunction with QEMU.

Signed-off-by: aszlig <aszlig@nix.build>
Fixes: https://github.com/NixOS/nixpkgs/issues/54509
2019-03-18 13:34:30 +01:00
Marcus Geiger 355d9a6378 qemu: Add support for the Hypervisor framework on Darwin
This provides macOS native hardware acceleration to Qemu.
2019-02-12 22:58:50 +01:00
Daniel Kuehn 3b7713a4d6 qemu: Add argument to enable support for ceph rbd storage 2019-02-06 19:53:23 +01:00
worldofpeace 2c76519900 vte, vte_290, vte-ng: rename frome gnome3.vte* 2018-12-25 20:14:32 -05:00
Jörg Thalheim 1b146a8c6f
treewide: remove paxutils from stdenv
More then one year ago we removed grsecurity kernels from nixpkgs:
https://github.com/NixOS/nixpkgs/pull/25277

This removes now also paxutils from stdenv.
2018-12-22 12:55:05 +01:00
volth b686f38c40
qemu: 3.0.0 -> 3.1.0 2018-12-15 00:22:08 +00:00
Matthew Bauer 9c8fd41224 treewide: add emulator to platform
You can use stdenv.hostPlatform.emulator to get an executable that
runs cross-built binaries. This could be any emulator. For instance,
we use QEMU to emulate Linux targets and Wine to emulate Windows
targets. To work with qemu, we need to support custom targets.

I’ve reworked the cross tests in pkgs/test/cross to use this
functionality.

Also, I’ve used talloc to cross-execute with the emulator. There
appears to be a cross-execute for all waf builds. In the future, it
would be nice to set this for all waf builds.

Adds stdenv.hostPlatform.qemuArch attrbute to get the qemuArch for
each platform.
2018-11-29 19:15:30 -06:00
Yegor Timoshenko 475da25b40
qemu: enable smartcard support 2018-10-12 20:38:55 +00:00
Will Dietz 8fc2799e02 qemu: port musl patch to new version (#46449) 2018-09-10 08:14:37 +02:00
John Ericson 2c2f1e37d4 reewide: Purge all uses stdenv.system and top-level system
It is deprecated and will be removed after 18.09.
2018-08-30 17:20:32 -04:00
volth 341250fa10 qemu: 2.12.1 -> 3.0.0 2018-08-20 22:02:02 +00:00
R. RyanTM f5bd6b8bfe qemu: 2.12.0 -> 2.12.1 (#44711)
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools. This update was made based on information from https://repology.org/metapackage/qemu/versions.
2018-08-16 21:33:50 +02:00
Izorkin e2c98528e9 qemu: add path to bin utilites 2018-08-15 11:17:44 +03:00
Lluís Batlle i Rossell 66d7126255 Take me (viric) out of most maintenance
Since years I'm not maintaining anything of the list below other
than some updates when I needed them for some reason. Other people
is doing that maintenance on my behalf so I better take me out but
for very few packages. Finally!
2018-07-22 21:50:19 +02:00
Ruben Maher 0b3f13d442 pkgs/qemu: tell qemu where to find smbd if smbdSupport is true (#41615) 2018-06-11 00:18:31 +02:00
Matthew Bauer 6748534d83 Merge remote-tracking branch 'upstream/master' into staging 2018-05-08 09:36:00 -05:00
Florian Klink 70c57fe363 qemu: fix spaces in postInstall 2018-05-07 19:23:47 +03:00
Matthew Justin Bauer eeb016e8f0
Merge branch 'staging' into fix-ncurses-darwin-extensions 2018-05-02 15:40:38 -05:00