Add kill() to seccomp whitelist, fix AC97 with -sandbox on (bz #1043521)
Changing streaming mode default to off for spice (bz #1038336) Fix guest scsi verify command (bz #1001617) Fix performance regression after save/restore (bz #917723)
This commit is contained in:
parent
4b57421a2c
commit
3fa1863e91
42
0108-seccomp-add-kill-to-the-syscall-whitelist.patch
Normal file
42
0108-seccomp-add-kill-to-the-syscall-whitelist.patch
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
From fc585c217f4f999d01695385b9f5bf194a117600 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Paul Moore <pmoore@redhat.com>
|
||||||
|
Date: Thu, 21 Nov 2013 10:40:15 -0500
|
||||||
|
Subject: [PATCH] seccomp: add kill() to the syscall whitelist
|
||||||
|
|
||||||
|
The kill() syscall is triggered with the following command:
|
||||||
|
|
||||||
|
# qemu -sandbox on -monitor stdio \
|
||||||
|
-device intel-hda -device hda-duplex -vnc :0
|
||||||
|
|
||||||
|
The resulting syslog/audit message:
|
||||||
|
|
||||||
|
# ausearch -m SECCOMP
|
||||||
|
----
|
||||||
|
time->Wed Nov 20 09:52:08 2013
|
||||||
|
type=SECCOMP msg=audit(1384912328.482:6656): auid=0 uid=0 gid=0 ses=854
|
||||||
|
subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 pid=12087
|
||||||
|
comm="qemu-kvm" sig=31 syscall=62 compat=0 ip=0x7f7a1d2abc67 code=0x0
|
||||||
|
# scmp_sys_resolver 62
|
||||||
|
kill
|
||||||
|
|
||||||
|
Reported-by: CongLi <coli@redhat.com>
|
||||||
|
Tested-by: CongLi <coli@redhat.com>
|
||||||
|
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
||||||
|
Acked-by: Eduardo Otubo <otubo@linux.vnet.ibm.com>
|
||||||
|
(cherry picked from commit e9eecb5bf82a71564bf018fcbbfc6cda19cab6c2)
|
||||||
|
---
|
||||||
|
qemu-seccomp.c | 1 +
|
||||||
|
1 file changed, 1 insertion(+)
|
||||||
|
|
||||||
|
diff --git a/qemu-seccomp.c b/qemu-seccomp.c
|
||||||
|
index 69cee44..cf07869 100644
|
||||||
|
--- a/qemu-seccomp.c
|
||||||
|
+++ b/qemu-seccomp.c
|
||||||
|
@@ -114,6 +114,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = {
|
||||||
|
{ SCMP_SYS(write), 244 },
|
||||||
|
{ SCMP_SYS(fcntl), 243 },
|
||||||
|
{ SCMP_SYS(tgkill), 242 },
|
||||||
|
+ { SCMP_SYS(kill), 242 },
|
||||||
|
{ SCMP_SYS(rt_sigaction), 242 },
|
||||||
|
{ SCMP_SYS(pipe2), 242 },
|
||||||
|
{ SCMP_SYS(munmap), 242 },
|
33
0109-spice-flip-streaming-video-mode-to-off-by-default.patch
Normal file
33
0109-spice-flip-streaming-video-mode-to-off-by-default.patch
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
From f7944b361fe5220d19680234db250abaad7ce909 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Mon, 2 Dec 2013 11:17:04 +0100
|
||||||
|
Subject: [PATCH] spice: flip streaming video mode to off by default
|
||||||
|
|
||||||
|
Video streaming detection heuristics in spice-server have problems
|
||||||
|
keeping modern desktop animations (as done by gnome shell) and real
|
||||||
|
video playback apart. This leads to jpeg compression artefacts on
|
||||||
|
your desktop, due to spice using mjpeg to send what it thinks is
|
||||||
|
a video stream.
|
||||||
|
|
||||||
|
Turn off video detection by default to avoid these artifacts.
|
||||||
|
|
||||||
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Reviewed-by: Alon Levy <alevy@redhat.com>
|
||||||
|
(cherry picked from commit f1d3e586f069e17f83b669842bc02d60d509daca)
|
||||||
|
---
|
||||||
|
ui/spice-core.c | 2 ++
|
||||||
|
1 file changed, 2 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/ui/spice-core.c b/ui/spice-core.c
|
||||||
|
index bd7a248..3960fa0 100644
|
||||||
|
--- a/ui/spice-core.c
|
||||||
|
+++ b/ui/spice-core.c
|
||||||
|
@@ -778,6 +778,8 @@ void qemu_spice_init(void)
|
||||||
|
if (str) {
|
||||||
|
int streaming_video = parse_stream_video(str);
|
||||||
|
spice_server_set_streaming_video(spice_server, streaming_video);
|
||||||
|
+ } else {
|
||||||
|
+ spice_server_set_streaming_video(spice_server, SPICE_STREAM_VIDEO_OFF);
|
||||||
|
}
|
||||||
|
|
||||||
|
spice_server_set_agent_mouse
|
@ -0,0 +1,59 @@
|
|||||||
|
From f89c33c8092d7cc96d9937ea826c2ac8374779c8 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
Date: Thu, 28 Nov 2013 11:01:13 +0100
|
||||||
|
Subject: [PATCH] scsi-bus: fix transfer length and direction for VERIFY
|
||||||
|
command
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
The amount of bytes to transfer depends on the BYTCHK field.
|
||||||
|
If any data is transferred, it is sent to the device.
|
||||||
|
|
||||||
|
Cc: qemu-stable@nongnu.org
|
||||||
|
Tested-by: Hervé Poussineau <hpoussin@reactos.org>
|
||||||
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
(cherry picked from commit d12ad44cc4cc9142179e64295608611f118b8ad8)
|
||||||
|
---
|
||||||
|
hw/scsi/scsi-bus.c | 14 +++++++++++++-
|
||||||
|
1 file changed, 13 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/hw/scsi/scsi-bus.c b/hw/scsi/scsi-bus.c
|
||||||
|
index ad26c25..c62bfae 100644
|
||||||
|
--- a/hw/scsi/scsi-bus.c
|
||||||
|
+++ b/hw/scsi/scsi-bus.c
|
||||||
|
@@ -885,7 +885,6 @@ static int scsi_req_length(SCSICommand *cmd, SCSIDevice *dev, uint8_t *buf)
|
||||||
|
case RELEASE:
|
||||||
|
case ERASE:
|
||||||
|
case ALLOW_MEDIUM_REMOVAL:
|
||||||
|
- case VERIFY_10:
|
||||||
|
case SEEK_10:
|
||||||
|
case SYNCHRONIZE_CACHE:
|
||||||
|
case SYNCHRONIZE_CACHE_16:
|
||||||
|
@@ -902,6 +901,16 @@ static int scsi_req_length(SCSICommand *cmd, SCSIDevice *dev, uint8_t *buf)
|
||||||
|
case ALLOW_OVERWRITE:
|
||||||
|
cmd->xfer = 0;
|
||||||
|
break;
|
||||||
|
+ case VERIFY_10:
|
||||||
|
+ case VERIFY_12:
|
||||||
|
+ case VERIFY_16:
|
||||||
|
+ if ((buf[1] & 2) == 0) {
|
||||||
|
+ cmd->xfer = 0;
|
||||||
|
+ } else if ((buf[1] & 4) == 1) {
|
||||||
|
+ cmd->xfer = 1;
|
||||||
|
+ }
|
||||||
|
+ cmd->xfer *= dev->blocksize;
|
||||||
|
+ break;
|
||||||
|
case MODE_SENSE:
|
||||||
|
break;
|
||||||
|
case WRITE_SAME_10:
|
||||||
|
@@ -1099,6 +1108,9 @@ static void scsi_cmd_xfer_mode(SCSICommand *cmd)
|
||||||
|
case WRITE_VERIFY_12:
|
||||||
|
case WRITE_16:
|
||||||
|
case WRITE_VERIFY_16:
|
||||||
|
+ case VERIFY_10:
|
||||||
|
+ case VERIFY_12:
|
||||||
|
+ case VERIFY_16:
|
||||||
|
case COPY:
|
||||||
|
case COPY_VERIFY:
|
||||||
|
case COMPARE:
|
90
0111-scsi-disk-fix-VERIFY-emulation.patch
Normal file
90
0111-scsi-disk-fix-VERIFY-emulation.patch
Normal file
@ -0,0 +1,90 @@
|
|||||||
|
From 1de35d38fb04166c0b7f6b87f7e38ae8c73651bb Mon Sep 17 00:00:00 2001
|
||||||
|
From: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
Date: Thu, 28 Nov 2013 11:18:56 +0100
|
||||||
|
Subject: [PATCH] scsi-disk: fix VERIFY emulation
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
VERIFY emulation was completely botched (and remained botched through
|
||||||
|
all the refactorings). The command must be emulated both in check-medium
|
||||||
|
mode (BYTCHK=00, which we implement by doing nothing) and in check-bytes
|
||||||
|
mode (which we do not implement yet). Unlike WRITE AND VERIFY (which we
|
||||||
|
treat simply as WRITE with FUA bit set), VERIFY cannot be handled like
|
||||||
|
READ. In fact the device is _receiving_ data for VERIFY, not _sending_
|
||||||
|
it like READ.
|
||||||
|
|
||||||
|
Cc: qemu-stable@nongnu.org
|
||||||
|
Tested-by: Hervé Poussineau <hpoussin@reactos.org>
|
||||||
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
(cherry picked from commit d97e7730816094a71cd1f19a56d7a73f77cdbf96)
|
||||||
|
|
||||||
|
Conflicts:
|
||||||
|
hw/scsi/scsi-disk.c
|
||||||
|
---
|
||||||
|
hw/scsi/scsi-disk.c | 26 +++++++++++++++++++-------
|
||||||
|
1 file changed, 19 insertions(+), 7 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c
|
||||||
|
index 74e6a14..1fd1c26 100644
|
||||||
|
--- a/hw/scsi/scsi-disk.c
|
||||||
|
+++ b/hw/scsi/scsi-disk.c
|
||||||
|
@@ -1597,6 +1597,14 @@ static void scsi_disk_emulate_write_data(SCSIRequest *req)
|
||||||
|
scsi_disk_emulate_unmap(r, r->iov.iov_base);
|
||||||
|
break;
|
||||||
|
|
||||||
|
+ case VERIFY_10:
|
||||||
|
+ case VERIFY_12:
|
||||||
|
+ case VERIFY_16:
|
||||||
|
+ if (r->req.status == -1) {
|
||||||
|
+ scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
|
||||||
|
+ }
|
||||||
|
+ break;
|
||||||
|
+
|
||||||
|
default:
|
||||||
|
abort();
|
||||||
|
}
|
||||||
|
@@ -1837,6 +1845,14 @@ static int32_t scsi_disk_emulate_command(SCSIRequest *req, uint8_t *buf)
|
||||||
|
case UNMAP:
|
||||||
|
DPRINTF("Unmap (len %lu)\n", (long)r->req.cmd.xfer);
|
||||||
|
break;
|
||||||
|
+ case VERIFY_10:
|
||||||
|
+ case VERIFY_12:
|
||||||
|
+ case VERIFY_16:
|
||||||
|
+ DPRINTF("Verify (bytchk %lu)\n", (r->req.buf[1] >> 1) & 3);
|
||||||
|
+ if (req->cmd.buf[1] & 6) {
|
||||||
|
+ goto illegal_request;
|
||||||
|
+ }
|
||||||
|
+ break;
|
||||||
|
case WRITE_SAME_10:
|
||||||
|
case WRITE_SAME_16:
|
||||||
|
nb_sectors = scsi_data_cdb_length(r->req.cmd.buf);
|
||||||
|
@@ -1936,10 +1952,6 @@ static int32_t scsi_disk_dma_command(SCSIRequest *req, uint8_t *buf)
|
||||||
|
scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
- /* fallthrough */
|
||||||
|
- case VERIFY_10:
|
||||||
|
- case VERIFY_12:
|
||||||
|
- case VERIFY_16:
|
||||||
|
DPRINTF("Write %s(sector %" PRId64 ", count %u)\n",
|
||||||
|
(command & 0xe) == 0xe ? "And Verify " : "",
|
||||||
|
r->req.cmd.lba, len);
|
||||||
|
@@ -2207,14 +2219,14 @@ static const SCSIReqOps *const scsi_disk_reqops_dispatch[256] = {
|
||||||
|
[UNMAP] = &scsi_disk_emulate_reqops,
|
||||||
|
[WRITE_SAME_10] = &scsi_disk_emulate_reqops,
|
||||||
|
[WRITE_SAME_16] = &scsi_disk_emulate_reqops,
|
||||||
|
+ [VERIFY_10] = &scsi_disk_emulate_reqops,
|
||||||
|
+ [VERIFY_12] = &scsi_disk_emulate_reqops,
|
||||||
|
+ [VERIFY_16] = &scsi_disk_emulate_reqops,
|
||||||
|
|
||||||
|
[READ_6] = &scsi_disk_dma_reqops,
|
||||||
|
[READ_10] = &scsi_disk_dma_reqops,
|
||||||
|
[READ_12] = &scsi_disk_dma_reqops,
|
||||||
|
[READ_16] = &scsi_disk_dma_reqops,
|
||||||
|
- [VERIFY_10] = &scsi_disk_dma_reqops,
|
||||||
|
- [VERIFY_12] = &scsi_disk_dma_reqops,
|
||||||
|
- [VERIFY_16] = &scsi_disk_dma_reqops,
|
||||||
|
[WRITE_6] = &scsi_disk_dma_reqops,
|
||||||
|
[WRITE_10] = &scsi_disk_dma_reqops,
|
||||||
|
[WRITE_12] = &scsi_disk_dma_reqops,
|
@ -0,0 +1,47 @@
|
|||||||
|
From b96534d01807de76afa262568e156156c0a6fdd6 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Peter Lieven <pl@kamp.de>
|
||||||
|
Date: Thu, 24 Oct 2013 09:21:29 +0200
|
||||||
|
Subject: [PATCH] migration: drop MADVISE_DONT_NEED for incoming zero pages
|
||||||
|
|
||||||
|
The madvise for zeroed out pages was introduced when every transferred
|
||||||
|
zero page was memset to zero and thus allocated. Since commit
|
||||||
|
211ea740 we check for zeroness of a target page before we memset
|
||||||
|
it to zero. Additionally we memmap target memory so it is essentially
|
||||||
|
zero initialized (except for e.g. option roms and bios which are loaded
|
||||||
|
into target memory although they shouldn't).
|
||||||
|
|
||||||
|
It was reported recently that this madvise causes a performance degradation
|
||||||
|
in some situations. As the madvise should only be called rarely and if it's called
|
||||||
|
it is likely on a busy page (it was non-zero and changed to zero during migration)
|
||||||
|
drop it completely.
|
||||||
|
|
||||||
|
Reported-By: Zhang Haoyu <haoyu.zhang@huawei.com>
|
||||||
|
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
Signed-off-by: Peter Lieven <pl@kamp.de>
|
||||||
|
Signed-off-by: Juan Quintela <quintela@redhat.com>
|
||||||
|
(cherry picked from commit fc1c4a5d32e15a4c40c47945da85ef9c1e0c1b54)
|
||||||
|
|
||||||
|
Conflicts:
|
||||||
|
arch_init.c
|
||||||
|
---
|
||||||
|
arch_init.c | 7 -------
|
||||||
|
1 file changed, 7 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/arch_init.c b/arch_init.c
|
||||||
|
index 68a7ab7..23151b3 100644
|
||||||
|
--- a/arch_init.c
|
||||||
|
+++ b/arch_init.c
|
||||||
|
@@ -845,13 +845,6 @@ void ram_handle_compressed(void *host, uint8_t ch, uint64_t size)
|
||||||
|
{
|
||||||
|
if (ch != 0 || !is_zero_page(host)) {
|
||||||
|
memset(host, ch, size);
|
||||||
|
-#ifndef _WIN32
|
||||||
|
- if (ch == 0 &&
|
||||||
|
- (!kvm_enabled() || kvm_has_sync_mmu()) &&
|
||||||
|
- getpagesize() <= TARGET_PAGE_SIZE) {
|
||||||
|
- qemu_madvise(host, TARGET_PAGE_SIZE, QEMU_MADV_DONTNEED);
|
||||||
|
- }
|
||||||
|
-#endif
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
28
qemu.spec
28
qemu.spec
@ -139,7 +139,7 @@
|
|||||||
Summary: QEMU is a FAST! processor emulator
|
Summary: QEMU is a FAST! processor emulator
|
||||||
Name: qemu
|
Name: qemu
|
||||||
Version: 1.6.1
|
Version: 1.6.1
|
||||||
Release: 2%{?dist}
|
Release: 3%{?dist}
|
||||||
Epoch: 2
|
Epoch: 2
|
||||||
License: GPLv2+ and LGPLv2+ and BSD
|
License: GPLv2+ and LGPLv2+ and BSD
|
||||||
Group: Development/Tools
|
Group: Development/Tools
|
||||||
@ -221,6 +221,16 @@ Patch0105: 0105-audio-honor-QEMU_AUDIO_TIMER_PERIOD-instead-of-wakin.patch
|
|||||||
Patch0106: 0106-qmp-access-the-local-QemuOptsLists-for-drive-option.patch
|
Patch0106: 0106-qmp-access-the-local-QemuOptsLists-for-drive-option.patch
|
||||||
# Fix process exit with -sandbox on (bz #1027421)
|
# Fix process exit with -sandbox on (bz #1027421)
|
||||||
Patch0107: 0107-seccomp-fine-tuning-whitelist-by-adding-times.patch
|
Patch0107: 0107-seccomp-fine-tuning-whitelist-by-adding-times.patch
|
||||||
|
# Add kill() to seccomp whitelist, fix AC97 with -sandbox on (bz
|
||||||
|
# #1043521)
|
||||||
|
Patch0108: 0108-seccomp-add-kill-to-the-syscall-whitelist.patch
|
||||||
|
# Changing streaming mode default to off for spice (bz #1038336)
|
||||||
|
Patch0109: 0109-spice-flip-streaming-video-mode-to-off-by-default.patch
|
||||||
|
# Fix guest scsi verify command (bz #1001617)
|
||||||
|
Patch0110: 0110-scsi-bus-fix-transfer-length-and-direction-for-VERIF.patch
|
||||||
|
Patch0111: 0111-scsi-disk-fix-VERIFY-emulation.patch
|
||||||
|
# Fix performance regression after save/restore (bz #917723)
|
||||||
|
Patch0112: 0112-migration-drop-MADVISE_DONT_NEED-for-incoming-zero-p.patch
|
||||||
|
|
||||||
BuildRequires: SDL-devel
|
BuildRequires: SDL-devel
|
||||||
BuildRequires: zlib-devel
|
BuildRequires: zlib-devel
|
||||||
@ -774,6 +784,16 @@ CAC emulation development files.
|
|||||||
%patch0106 -p1
|
%patch0106 -p1
|
||||||
# Fix process exit with -sandbox on (bz #1027421)
|
# Fix process exit with -sandbox on (bz #1027421)
|
||||||
%patch0107 -p1
|
%patch0107 -p1
|
||||||
|
# Add kill() to seccomp whitelist, fix AC97 with -sandbox on (bz
|
||||||
|
# #1043521)
|
||||||
|
%patch0108 -p1
|
||||||
|
# Changing streaming mode default to off for spice (bz #1038336)
|
||||||
|
%patch0109 -p1
|
||||||
|
# Fix guest scsi verify command (bz #1001617)
|
||||||
|
%patch0110 -p1
|
||||||
|
%patch0111 -p1
|
||||||
|
# Fix performance regression after save/restore (bz #917723)
|
||||||
|
%patch0112 -p1
|
||||||
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
@ -1481,6 +1501,12 @@ getent passwd qemu >/dev/null || \
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Dec 18 2013 Cole Robinson <crobinso@redhat.com> - 2:1.6.1-3
|
||||||
|
- Add kill() to seccomp whitelist, fix AC97 with -sandbox on (bz #1043521)
|
||||||
|
- Changing streaming mode default to off for spice (bz #1038336)
|
||||||
|
- Fix guest scsi verify command (bz #1001617)
|
||||||
|
- Fix performance regression after save/restore (bz #917723)
|
||||||
|
|
||||||
* Sun Nov 17 2013 Cole Robinson <crobinso@redhat.com> - 2:1.6.1-2
|
* Sun Nov 17 2013 Cole Robinson <crobinso@redhat.com> - 2:1.6.1-2
|
||||||
- Fix drive discard options via libvirt (bz #1029953)
|
- Fix drive discard options via libvirt (bz #1029953)
|
||||||
- Fix process exit with -sandbox on (bz #1027421)
|
- Fix process exit with -sandbox on (bz #1027421)
|
||||||
|
Loading…
Reference in New Issue
Block a user