Hello community, here is the log from the commit of package qemu for openSUSE:Factory checked in at 2018-08-03 12:30:27 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/qemu (Old) and /work/SRC/openSUSE:Factory/.qemu.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "qemu" Fri Aug 3 12:30:27 2018 rev:143 rq:626736 version:2.12.0 Changes: -------- --- /work/SRC/openSUSE:Factory/qemu/qemu-linux-user.changes 2018-07-13 10:16:11.266086977 +0200 +++ /work/SRC/openSUSE:Factory/.qemu.new/qemu-linux-user.changes 2018-08-03 12:30:30.914967893 +0200 @@ -1,0 +2,7 @@ +Wed Jul 25 22:26:19 UTC 2018 - [email protected] + +- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.12 +* Patches added: + 0067-seccomp-allow-sched_setscheduler-wi.patch + +------------------------------------------------------------------- --- /work/SRC/openSUSE:Factory/qemu/qemu-testsuite.changes 2018-07-13 10:16:11.722087516 +0200 +++ /work/SRC/openSUSE:Factory/.qemu.new/qemu-testsuite.changes 2018-08-03 12:30:31.150968240 +0200 @@ -1,0 +2,13 @@ +Wed Jul 25 22:26:16 UTC 2018 - [email protected] +- Fixing seccomp resourcecontrol defunct issue (bsc#1102627) +- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.12 +* Patches added: + 0067-seccomp-allow-sched_setscheduler-wi.patch + +------------------------------------------------------------------- +Wed Jul 25 13:24:50 UTC 2018 - [email protected] + +- Add ipxe-fix-build.patch to not error out with + binutils >= 2.31 . + +------------------------------------------------------------------- qemu.changes: same change New: ---- 0067-seccomp-allow-sched_setscheduler-wi.patch ipxe-fix-build.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ qemu-linux-user.spec ++++++ --- /var/tmp/diff_new_pack.AeDFa7/_old 2018-08-03 12:30:34.598973310 +0200 +++ /var/tmp/diff_new_pack.AeDFa7/_new 2018-08-03 12:30:34.602973315 +0200 @@ -92,6 +92,7 @@ Patch0064: 0064-ahci-fix-PxCI-register-race.patch Patch0065: 0065-ccid-card-passthru-fix-regression-i.patch Patch0066: 0066-xen-add-block-resize-support-for-xe.patch +Patch0067: 0067-seccomp-allow-sched_setscheduler-wi.patch # Please do not add QEMU patches manually here. # Run update_git.sh to regenerate this queue. Source400: update_git.sh @@ -191,6 +192,7 @@ %patch0064 -p1 %patch0065 -p1 %patch0066 -p1 +%patch0067 -p1 %build ./configure \ ++++++ qemu-testsuite.spec ++++++ --- /var/tmp/diff_new_pack.AeDFa7/_old 2018-08-03 12:30:34.622973345 +0200 +++ /var/tmp/diff_new_pack.AeDFa7/_new 2018-08-03 12:30:34.626973351 +0200 @@ -196,6 +196,7 @@ Patch0064: 0064-ahci-fix-PxCI-register-race.patch Patch0065: 0065-ccid-card-passthru-fix-regression-i.patch Patch0066: 0066-xen-add-block-resize-support-for-xe.patch +Patch0067: 0067-seccomp-allow-sched_setscheduler-wi.patch # Please do not add QEMU patches manually here. # Run update_git.sh to regenerate this queue. @@ -212,6 +213,7 @@ Patch1200: ipxe-stable-buildid.patch Patch1201: ipxe-use-gcc6-for-more-compact-code.patch Patch1202: ipxe-efi-guard-strncpy-with-gcc-warning-ignore-pragma.patch +Patch1203: ipxe-fix-build.patch # sgabios # PATCH-FIX-OPENSUSE sgabios-stable-buildid.patch [email protected] -- reproducible builds @@ -931,6 +933,7 @@ %patch0064 -p1 %patch0065 -p1 %patch0066 -p1 +%patch0067 -p1 %if 0%{?suse_version} > 1320 %patch1000 -p1 @@ -949,6 +952,7 @@ %patch1201 -p1 %endif %patch1202 -p1 +%patch1203 -p1 popd pushd roms/sgabios qemu.spec: same change ++++++ 0067-seccomp-allow-sched_setscheduler-wi.patch ++++++ >From 88a1488c572c681f9737bd3e3ae24e9a3c936212 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <[email protected]> Date: Tue, 10 Jul 2018 16:55:57 +0200 Subject: [PATCH] seccomp: allow sched_setscheduler() with SCHED_IDLE policy MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Current and upcoming mesa releases rely on a shader disk cash. It uses a thread job queue with low priority, set with sched_setscheduler(SCHED_IDLE). However, that syscall is rejected by the "resourcecontrol" seccomp qemu filter. Since it should be safe to allow lowering thread priority, let's allow scheduling thread to idle policy. Related to: https://bugzilla.redhat.com/show_bug.cgi?id=1594456 Signed-off-by: Marc-André Lureau <[email protected]> Acked-by: Eduardo Otubo <[email protected]> (cherry picked from commit 056de1e894155fbb99e7b43c1c4382d4920cf437) [LD: BSD#1102627] Signed-off-by: Larry Dewey <[email protected]> --- qemu-seccomp.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/qemu-seccomp.c b/qemu-seccomp.c index b770a77d33..845a3330df 100644 --- a/qemu-seccomp.c +++ b/qemu-seccomp.c @@ -29,6 +29,12 @@ struct QemuSeccompSyscall { int32_t num; uint8_t set; + uint8_t narg; + const struct scmp_arg_cmp *arg_cmp; +}; + +const struct scmp_arg_cmp sched_setscheduler_arg[] = { + SCMP_A1(SCMP_CMP_NE, SCHED_IDLE) }; static const struct QemuSeccompSyscall blacklist[] = { @@ -87,7 +93,8 @@ static const struct QemuSeccompSyscall blacklist[] = { { SCMP_SYS(setpriority), QEMU_SECCOMP_SET_RESOURCECTL }, { SCMP_SYS(sched_setparam), QEMU_SECCOMP_SET_RESOURCECTL }, { SCMP_SYS(sched_getparam), QEMU_SECCOMP_SET_RESOURCECTL }, - { SCMP_SYS(sched_setscheduler), QEMU_SECCOMP_SET_RESOURCECTL }, + { SCMP_SYS(sched_setscheduler), QEMU_SECCOMP_SET_RESOURCECTL, + ARRAY_SIZE(sched_setscheduler_arg), sched_setscheduler_arg }, { SCMP_SYS(sched_getscheduler), QEMU_SECCOMP_SET_RESOURCECTL }, { SCMP_SYS(sched_setaffinity), QEMU_SECCOMP_SET_RESOURCECTL }, { SCMP_SYS(sched_getaffinity), QEMU_SECCOMP_SET_RESOURCECTL }, @@ -113,7 +120,8 @@ int seccomp_start(uint32_t seccomp_opts) continue; } - rc = seccomp_rule_add(ctx, SCMP_ACT_KILL, blacklist[i].num, 0); + rc = seccomp_rule_add_array(ctx, SCMP_ACT_KILL, blacklist[i].num, + blacklist[i].narg, blacklist[i].arg_cmp); if (rc < 0) { goto seccomp_return; } ++++++ ipxe-fix-build.patch ++++++ Newer binutils (>= 2.31) will emit PLT32 relocs for call/jmp instructions on x86_64 in some cases, instead of PC32 relocs as before. This can only be done because on x86-64 the PLT doesn't need any special setup, and in turn this means that for post-processing/after-link purposes PLT32 and PC32 relocs can be handled the same. elf2efi simply ignores all PC-relative relocs (as the code is already fully final for them) and PLT32 is one of them, so add it to the list. (Otherwise an "Unrecognized relocation type 4" error occurs when building some of the EFI images for IPXE). --- a/src/util/elf2efi.c.mm 2018-07-25 12:19:10.647661846 +0000 +++ b/src/util/elf2efi.c 2018-07-25 13:18:18.609633494 +0000 @@ -637,6 +637,7 @@ static void process_reloc ( struct elf_f case ELF_MREL ( EM_ARM, R_ARM_THM_PC22 ) : case ELF_MREL ( EM_ARM, R_ARM_THM_JUMP24 ) : case ELF_MREL ( EM_X86_64, R_X86_64_PC32 ) : + case ELF_MREL ( EM_X86_64, R_X86_64_PLT32 ) : case ELF_MREL ( EM_AARCH64, R_AARCH64_CALL26 ) : case ELF_MREL ( EM_AARCH64, R_AARCH64_JUMP26 ) : case ELF_MREL ( EM_AARCH64, R_AARCH64_ADR_PREL_LO21 ) : ++++++ qemu.spec.in ++++++ --- /var/tmp/diff_new_pack.AeDFa7/_old 2018-08-03 12:30:35.010973915 +0200 +++ /var/tmp/diff_new_pack.AeDFa7/_new 2018-08-03 12:30:35.014973921 +0200 @@ -148,6 +148,7 @@ Patch1200: ipxe-stable-buildid.patch Patch1201: ipxe-use-gcc6-for-more-compact-code.patch Patch1202: ipxe-efi-guard-strncpy-with-gcc-warning-ignore-pragma.patch +Patch1203: ipxe-fix-build.patch # sgabios # PATCH-FIX-OPENSUSE sgabios-stable-buildid.patch [email protected] -- reproducible builds @@ -820,6 +821,7 @@ %patch1201 -p1 %endif %patch1202 -p1 +%patch1203 -p1 popd pushd roms/sgabios
