Fix guest startup crashes from autotest (bz #1081610)
This commit is contained in:
Cole Robinson
parent
f3a92caa76
commit
0d3567f1ae
30
0207-char-serial-Fix-emptyness-check.patch
Normal file
30
0207-char-serial-Fix-emptyness-check.patch
Normal file
@ -0,0 +1,30 @@
|
||||
From 29952434a3c7b41137241b6905cf4df2f43a357d Mon Sep 17 00:00:00 2001
|
||||
From: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
|
||||
Date: Mon, 10 Feb 2014 22:49:35 -0800
|
||||
Subject: [PATCH] char/serial: Fix emptyness check
|
||||
|
||||
This was guarding against a full fifo rather than an empty fifo when
|
||||
popping. Fix.
|
||||
|
||||
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
|
||||
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
|
||||
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
||||
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
|
||||
(cherry picked from commit 88c1ee73d3231c74ff90bcfc084a7589670ec244)
|
||||
---
|
||||
hw/char/serial.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/hw/char/serial.c b/hw/char/serial.c
|
||||
index 6025592..2989ca2 100644
|
||||
--- a/hw/char/serial.c
|
||||
+++ b/hw/char/serial.c
|
||||
@@ -224,7 +224,7 @@ static gboolean serial_xmit(GIOChannel *chan, GIOCondition cond, void *opaque)
|
||||
|
||||
if (s->tsr_retry <= 0) {
|
||||
if (s->fcr & UART_FCR_FE) {
|
||||
- s->tsr = fifo8_is_full(&s->xmit_fifo) ?
|
||||
+ s->tsr = fifo8_is_empty(&s->xmit_fifo) ?
|
||||
0 : fifo8_pop(&s->xmit_fifo);
|
||||
if (!s->xmit_fifo.num) {
|
||||
s->lsr |= UART_LSR_THRE;
|
||||
38
0208-char-serial-Fix-emptyness-handling.patch
Normal file
38
0208-char-serial-Fix-emptyness-handling.patch
Normal file
@ -0,0 +1,38 @@
|
||||
From d1f1edc49f537fe9043fad52e06d6829cbadabe1 Mon Sep 17 00:00:00 2001
|
||||
From: Don Slutz <dslutz@verizon.com>
|
||||
Date: Tue, 18 Mar 2014 12:29:34 -0400
|
||||
Subject: [PATCH] char/serial: Fix emptyness handling
|
||||
|
||||
The commit 88c1ee73d3231c74ff90bcfc084a7589670ec244
|
||||
char/serial: Fix emptyness check
|
||||
|
||||
Still causes extra NULL byte(s) to be sent.
|
||||
|
||||
So if the fifo is empty, do not send an extra NULL byte.
|
||||
|
||||
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
|
||||
Signed-off-by: Don Slutz <dslutz@verizon.com>
|
||||
Message-id: 1395160174-16006-1-git-send-email-dslutz@verizon.com
|
||||
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
||||
(cherry picked from commit dffacd4654ec8bf2898aed230852154c6ed755ed)
|
||||
---
|
||||
hw/char/serial.c | 6 ++++--
|
||||
1 file changed, 4 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/hw/char/serial.c b/hw/char/serial.c
|
||||
index 2989ca2..6d10747 100644
|
||||
--- a/hw/char/serial.c
|
||||
+++ b/hw/char/serial.c
|
||||
@@ -224,8 +224,10 @@ static gboolean serial_xmit(GIOChannel *chan, GIOCondition cond, void *opaque)
|
||||
|
||||
if (s->tsr_retry <= 0) {
|
||||
if (s->fcr & UART_FCR_FE) {
|
||||
- s->tsr = fifo8_is_empty(&s->xmit_fifo) ?
|
||||
- 0 : fifo8_pop(&s->xmit_fifo);
|
||||
+ if (fifo8_is_empty(&s->xmit_fifo)) {
|
||||
+ return FALSE;
|
||||
+ }
|
||||
+ s->tsr = fifo8_pop(&s->xmit_fifo);
|
||||
if (!s->xmit_fifo.num) {
|
||||
s->lsr |= UART_LSR_THRE;
|
||||
}
|
||||
11
qemu.spec
11
qemu.spec
@ -139,7 +139,7 @@
|
||||
Summary: QEMU is a FAST! processor emulator
|
||||
Name: qemu
|
||||
Version: 1.6.2
|
||||
Release: 2%{?dist}
|
||||
Release: 3%{?dist}
|
||||
Epoch: 2
|
||||
License: GPLv2+ and LGPLv2+ and BSD
|
||||
Group: Development/Tools
|
||||
@ -296,6 +296,9 @@ Patch0205: 0205-vmxnet3-validate-queues-configuration-read-on-migrat.patch
|
||||
# CVE-2014-2894: out of bounds buffer accesses, guest triggerable via
|
||||
# IDE SMART (bz #1087981, bz #1087971)
|
||||
Patch0206: 0206-ide-Correct-improper-smart-self-test-counter-reset-i.patch
|
||||
# Fix guest startup crashes from autotest (bz #1081610)
|
||||
Patch0207: 0207-char-serial-Fix-emptyness-check.patch
|
||||
Patch0208: 0208-char-serial-Fix-emptyness-handling.patch
|
||||
|
||||
BuildRequires: SDL-devel
|
||||
BuildRequires: zlib-devel
|
||||
@ -924,6 +927,9 @@ CAC emulation development files.
|
||||
# CVE-2014-2894: out of bounds buffer accesses, guest triggerable via
|
||||
# IDE SMART (bz #1087981, bz #1087971)
|
||||
%patch0206 -p1
|
||||
# Fix guest startup crashes from autotest (bz #1081610)
|
||||
%patch0207 -p1
|
||||
%patch0208 -p1
|
||||
|
||||
|
||||
%build
|
||||
@ -1631,6 +1637,9 @@ getent passwd qemu >/dev/null || \
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Fri Apr 25 2014 Cole Robinson <crobinso@redhat.com> - 2:1.6.2-3
|
||||
- Fix guest startup crashes from autotest (bz #1081610)
|
||||
|
||||
* Thu Apr 24 2014 Cole Robinson <crobinso@redhat.com> - 2:1.6.2-2
|
||||
- Block/image format validation CVE-2014-0142 - 2014-0148 (bz #1078201, bz
|
||||
#1086710, bz #1079140, bz #1086724, bz #1079240, bz #1086735, bz #1078885, bz
|
||||
|
||||
Loading…
Reference in New Issue
Block a user