From c86ff7a09638fc1c0c4e94e36b45697c3ee35811 Mon Sep 17 00:00:00 2001 From: David Michael Date: Fri, 16 Jun 2017 11:45:35 -0700 Subject: [PATCH 1/6] app-emulation/qemu: sync with upstream The only CoreOS changes are to add the vpc patch and stabilize arm64, despite not actually using it anywhere yet. --- .../app-emulation/qemu/Manifest | 3 +- .../app-emulation/qemu/files/65-kvm.rules | 1 - .../files/qemu-2.7.0-CVE-2016-8669-1.patch | 32 ---- .../files/qemu-2.8.0-CVE-2016-10028.patch | 40 ---- .../files/qemu-2.8.0-CVE-2016-10155.patch | 46 ----- .../qemu/files/qemu-2.8.0-CVE-2016-9908.patch | 35 ---- .../qemu/files/qemu-2.8.0-CVE-2016-9912.patch | 38 ---- .../qemu/files/qemu-2.8.0-CVE-2017-2615.patch | 48 ----- .../qemu/files/qemu-2.8.0-CVE-2017-2620.patch | 56 ------ .../qemu/files/qemu-2.8.0-CVE-2017-2630.patch | 22 --- .../files/qemu-2.8.0-CVE-2017-5525-1.patch | 52 ------ .../files/qemu-2.8.0-CVE-2017-5525-2.patch | 55 ------ .../qemu/files/qemu-2.8.0-CVE-2017-5552.patch | 41 ----- .../qemu/files/qemu-2.8.0-CVE-2017-5578.patch | 35 ---- .../qemu/files/qemu-2.8.0-CVE-2017-5579.patch | 40 ---- .../qemu/files/qemu-2.8.0-CVE-2017-5667.patch | 37 ---- .../qemu/files/qemu-2.8.0-CVE-2017-5856.patch | 64 ------- .../qemu/files/qemu-2.8.0-CVE-2017-5857.patch | 38 ---- .../qemu/files/qemu-2.8.0-CVE-2017-5898.patch | 35 ---- .../qemu/files/qemu-2.8.0-CVE-2017-5931.patch | 46 ----- .../qemu/files/qemu-2.8.0-CVE-2017-5973.patch | 87 --------- .../qemu/files/qemu-2.8.0-CVE-2017-5987.patch | 50 ----- .../qemu/files/qemu-2.8.0-CVE-2017-6058.patch | 112 ----------- .../qemu/files/qemu-2.8.0-CVE-2017-6505.patch | 52 ------ .../qemu/files/qemu-2.9.0-CVE-2017-7493.patch | 174 ++++++++++++++++++ .../qemu/files/qemu-2.9.0-CVE-2017-8112.patch | 22 +++ .../qemu/files/qemu-2.9.0-CVE-2017-8309.patch | 22 +++ .../qemu/files/qemu-2.9.0-CVE-2017-8379.patch | 76 ++++++++ .../qemu/files/qemu-2.9.0-CVE-2017-8380.patch | 34 ++++ .../qemu/files/qemu-binfmt.initd-r1 | 138 -------------- ...u-2.8.0-r9.ebuild => qemu-2.9.0-r2.ebuild} | 85 ++++----- 31 files changed, 360 insertions(+), 1256 deletions(-) delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/65-kvm.rules delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-1.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-10028.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-10155.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-9908.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-9912.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2615.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2620.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2630.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-1.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-2.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5552.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5578.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5579.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5667.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5856.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5857.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5898.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5931.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5973.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5987.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-6058.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-6505.patch create mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-7493.patch create mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8112.patch create mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8309.patch create mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8379.patch create mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8380.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-binfmt.initd-r1 rename sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/{qemu-2.8.0-r9.ebuild => qemu-2.9.0-r2.ebuild} (89%) diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/Manifest b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/Manifest index 411c33e179..fb4bf04409 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/Manifest +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/Manifest @@ -1,2 +1 @@ -DIST qemu-2.8.0-CVE-2016-9602-patches.tar.xz 16264 SHA256 18ac829c6003a3f997db4030a46b422028c58fead158f0c5ffe36ad65acb84e0 SHA512 a56694d1600e4fd1ffd6bbe031a0db226fc5c88306797cc4e42d1dc6127b83d1791cb4e026988b3aad82eab84382e41077ae71e532d1d3489e179730185c0964 WHIRLPOOL 22057b001c478b2b0d97ad70393c973aefc6277d89bb5a1ae03c3c39b5182ddfbe541964761f512ed5735dc442e1f40d0a955ad5b270758e21ce815be86b24bd -DIST qemu-2.8.0.tar.bz2 28368517 SHA256 dafd5d7f649907b6b617b822692f4c82e60cf29bc0fc58bc2036219b591e5e62 SHA512 50f2988d822388ba9fd1bf5dbe68359033ed7432d7f0f9790299f32f63faa6dc72979256b5632ba572d47ee3e74ed40e3e8e331dc6303ec1599f1b4367cb78c2 WHIRLPOOL 0ce4e0539657eb832e4039819e7360c792b6aa41c718f0e0d762f4933217f0d370af94b1d6d9776853575b4a6811d8c85db069bf09d21bd15399ac8b50440ff5 +DIST qemu-2.9.0.tar.bz2 28720490 SHA256 00bfb217b1bb03c7a6c3261b819cfccbfb5a58e3e2ceff546327d271773c6c14 SHA512 4b28966eec0ca44681e35fcfb64a4eaef7c280b8d65c91d03f2efa37f76278fd8c1680e5798c7a30dbfcc8f3c05f4a803f48b8a2dfec3a4181bac079b2a5e422 WHIRLPOOL d79fe89eb271a56aee0cbd328e5f96999176b711afb5683d164b7b99d91e6dd2bfaf6e2ff4cd820a941c94f28116765cb07ffd5809d75c2f9654a67d56bfc0c1 diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/65-kvm.rules b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/65-kvm.rules deleted file mode 100644 index c2f7317aac..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/65-kvm.rules +++ /dev/null @@ -1 +0,0 @@ -KERNEL=="kvm", GROUP="kvm", MODE="0660" diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-1.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-1.patch deleted file mode 100644 index cea8efc068..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-1.patch +++ /dev/null @@ -1,32 +0,0 @@ -http://bugs.gentoo.org/597108 -https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02577.html - -From: Prasad J Pandit - -The JAZZ RC4030 chipset emulator has a periodic timer and -associated interval reload register. The reload value is used -as divider when computing timer's next tick value. If reload -value is large, it could lead to divide by zero error. Limit -the interval reload value to avoid it. - -Reported-by: Huawei PSIRT -Signed-off-by: Prasad J Pandit ---- - hw/dma/rc4030.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/hw/dma/rc4030.c b/hw/dma/rc4030.c -index 2f2576f..c1b4997 100644 ---- a/hw/dma/rc4030.c -+++ b/hw/dma/rc4030.c -@@ -460,7 +460,7 @@ static void rc4030_write(void *opaque, hwaddr addr, uint64_t data, - break; - /* Interval timer reload */ - case 0x0228: -- s->itr = val; -+ s->itr = val & 0x01FF; - qemu_irq_lower(s->timer_irq); - set_next_tick(s); - break; --- -2.5.5 diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-10028.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-10028.patch deleted file mode 100644 index 466c819e78..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-10028.patch +++ /dev/null @@ -1,40 +0,0 @@ -https://lists.gnu.org/archive/html/qemu-devel/2016-12/msg01903.html -https://bugs.gentoo.org/603444 - -From: P J P -Subject: [Qemu-devel] [PATCH] display: virtio-gpu-3d: check virgl capabilities max_size -Date: Wed, 14 Dec 2016 12:31:56 +0530 -From: Prasad J Pandit - -Virtio GPU device while processing 'VIRTIO_GPU_CMD_GET_CAPSET' -command, retrieves the maximum capabilities size to fill in the -response object. It continues to fill in capabilities even if -retrieved 'max_size' is zero(0), thus resulting in OOB access. -Add check to avoid it. - -Reported-by: Zhenhao Hong -Signed-off-by: Prasad J Pandit ---- - hw/display/virtio-gpu-3d.c | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c -index 758d33a..6ceeba3 100644 ---- a/hw/display/virtio-gpu-3d.c -+++ b/hw/display/virtio-gpu-3d.c -@@ -370,8 +370,12 @@ static void virgl_cmd_get_capset(VirtIOGPU *g, - - virgl_renderer_get_cap_set(gc.capset_id, &max_ver, - &max_size); -+ if (!max_size) { -+ cmd->error = VIRTIO_GPU_RESP_ERR_INVALID_PARAMETER; -+ return; -+ } -+ - resp = g_malloc0(sizeof(*resp) + max_size); -- - resp->hdr.type = VIRTIO_GPU_RESP_OK_CAPSET; - virgl_renderer_fill_caps(gc.capset_id, - gc.capset_version, --- -2.9.3 diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-10155.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-10155.patch deleted file mode 100644 index c486295d06..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-10155.patch +++ /dev/null @@ -1,46 +0,0 @@ -From eb7a20a3616085d46aa6b4b4224e15587ec67e6e Mon Sep 17 00:00:00 2001 -From: Li Qiang -Date: Mon, 28 Nov 2016 17:49:04 -0800 -Subject: [PATCH] watchdog: 6300esb: add exit function - -When the Intel 6300ESB watchdog is hot unplug. The timer allocated -in realize isn't freed thus leaking memory leak. This patch avoid -this through adding the exit function. - -Signed-off-by: Li Qiang -Message-Id: <583cde9c.3223ed0a.7f0c2.886e@mx.google.com> -Signed-off-by: Paolo Bonzini ---- - hw/watchdog/wdt_i6300esb.c | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff --git a/hw/watchdog/wdt_i6300esb.c b/hw/watchdog/wdt_i6300esb.c -index a83d951..49b3cd1 100644 ---- a/hw/watchdog/wdt_i6300esb.c -+++ b/hw/watchdog/wdt_i6300esb.c -@@ -428,6 +428,14 @@ static void i6300esb_realize(PCIDevice *dev, Error **errp) - /* qemu_register_coalesced_mmio (addr, 0x10); ? */ - } - -+static void i6300esb_exit(PCIDevice *dev) -+{ -+ I6300State *d = WATCHDOG_I6300ESB_DEVICE(dev); -+ -+ timer_del(d->timer); -+ timer_free(d->timer); -+} -+ - static WatchdogTimerModel model = { - .wdt_name = "i6300esb", - .wdt_description = "Intel 6300ESB", -@@ -441,6 +449,7 @@ static void i6300esb_class_init(ObjectClass *klass, void *data) - k->config_read = i6300esb_config_read; - k->config_write = i6300esb_config_write; - k->realize = i6300esb_realize; -+ k->exit = i6300esb_exit; - k->vendor_id = PCI_VENDOR_ID_INTEL; - k->device_id = PCI_DEVICE_ID_INTEL_ESB_9; - k->class_id = PCI_CLASS_SYSTEM_OTHER; --- -2.10.2 - diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-9908.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-9908.patch deleted file mode 100644 index 841de65d48..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-9908.patch +++ /dev/null @@ -1,35 +0,0 @@ -https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg00059.html -https://bugs.gentoo.org/601826 - -From: Li Qiang -Subject: [Qemu-devel] [PATCH] virtio-gpu: fix information leak in capset get dispatch -Date: Tue, 1 Nov 2016 05:37:57 -0700 -From: Li Qiang - -In virgl_cmd_get_capset function, it uses g_malloc to allocate -a response struct to the guest. As the 'resp'struct hasn't been full -initialized it will lead the 'resp->padding' field to the guest. -Use g_malloc0 to avoid this. - -Signed-off-by: Li Qiang ---- - hw/display/virtio-gpu-3d.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c -index 23f39de..d98b140 100644 ---- a/hw/display/virtio-gpu-3d.c -+++ b/hw/display/virtio-gpu-3d.c -@@ -371,7 +371,7 @@ static void virgl_cmd_get_capset(VirtIOGPU *g, - - virgl_renderer_get_cap_set(gc.capset_id, &max_ver, - &max_size); -- resp = g_malloc(sizeof(*resp) + max_size); -+ resp = g_malloc0(sizeof(*resp) + max_size); - - resp->hdr.type = VIRTIO_GPU_RESP_OK_CAPSET; - virgl_renderer_fill_caps(gc.capset_id, --- -1.8.3.1 - - diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-9912.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-9912.patch deleted file mode 100644 index 55963f70b9..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-9912.patch +++ /dev/null @@ -1,38 +0,0 @@ -https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg05043.html -https://bugs.gentoo.org/602630 - -From: Li Qiang -Subject: [Qemu-devel] [PATCH] virtio-gpu: call cleanup mapping function in resource destroy -Date: Mon, 28 Nov 2016 21:29:25 -0500 -If the guest destroy the resource before detach banking, the 'iov' -and 'addrs' field in resource is not freed thus leading memory -leak issue. This patch avoid this. - -Signed-off-by: Li Qiang ---- - hw/display/virtio-gpu.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c -index 60bce94..98dadf2 100644 ---- a/hw/display/virtio-gpu.c -+++ b/hw/display/virtio-gpu.c -@@ -28,6 +28,8 @@ - static struct virtio_gpu_simple_resource* - virtio_gpu_find_resource(VirtIOGPU *g, uint32_t resource_id); - -+static void virtio_gpu_cleanup_mapping(struct virtio_gpu_simple_resource *res); -+ - #ifdef CONFIG_VIRGL - #include - #define VIRGL(_g, _virgl, _simple, ...) \ -@@ -358,6 +360,7 @@ static void virtio_gpu_resource_destroy(VirtIOGPU *g, - struct virtio_gpu_simple_resource *res) - { - pixman_image_unref(res->image); -+ virtio_gpu_cleanup_mapping(res); - QTAILQ_REMOVE(&g->reslist, res, next); - g_free(res); - } --- -1.8.3.1 diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2615.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2615.patch deleted file mode 100644 index f0bba80165..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2615.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 62d4c6bd5263bb8413a06c80144fc678df6dfb64 Mon Sep 17 00:00:00 2001 -From: Li Qiang -Date: Wed, 1 Feb 2017 09:35:01 +0100 -Subject: [PATCH] cirrus: fix oob access issue (CVE-2017-2615) - -When doing bitblt copy in backward mode, we should minus the -blt width first just like the adding in the forward mode. This -can avoid the oob access of the front of vga's vram. - -Signed-off-by: Li Qiang - -{ kraxel: with backward blits (negative pitch) addr is the topmost - address, so check it as-is against vram size ] - -Cc: qemu-stable@nongnu.org -Cc: P J P -Cc: Laszlo Ersek -Cc: Paolo Bonzini -Cc: Wolfgang Bumiller -Fixes: d3532a0db02296e687711b8cdc7791924efccea0 (CVE-2014-8106) -Signed-off-by: Gerd Hoffmann -Message-id: 1485938101-26602-1-git-send-email-kraxel@redhat.com -Reviewed-by: Laszlo Ersek ---- - hw/display/cirrus_vga.c | 7 +++---- - 1 file changed, 3 insertions(+), 4 deletions(-) - -diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c -index 7db6409..16f27e8 100644 ---- a/hw/display/cirrus_vga.c -+++ b/hw/display/cirrus_vga.c -@@ -274,10 +274,9 @@ static bool blit_region_is_unsafe(struct CirrusVGAState *s, - { - if (pitch < 0) { - int64_t min = addr -- + ((int64_t)s->cirrus_blt_height-1) * pitch; -- int32_t max = addr -- + s->cirrus_blt_width; -- if (min < 0 || max > s->vga.vram_size) { -+ + ((int64_t)s->cirrus_blt_height - 1) * pitch -+ - s->cirrus_blt_width; -+ if (min < -1 || addr >= s->vga.vram_size) { - return true; - } - } else { --- -2.10.2 - diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2620.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2620.patch deleted file mode 100644 index e2a98012d7..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2620.patch +++ /dev/null @@ -1,56 +0,0 @@ -From: Gerd Hoffmann -Subject: [PATCH 3/3] cirrus: add blit_is_unsafe call to cirrus_bitblt_cputovideo - -CIRRUS_BLTMODE_MEMSYSSRC blits do NOT check blit destination -and blit width, at all. Oops. Fix it. - -Security impact: high. - -The missing blit destination check allows to write to host memory. -Basically same as CVE-2014-8106 for the other blit variants. - -The missing blit width check allows to overflow cirrus_bltbuf, -with the attractive target cirrus_srcptr (current cirrus_bltbuf write -position) being located right after cirrus_bltbuf in CirrusVGAState. - -Due to cirrus emulation writing cirrus_bltbuf bytewise the attacker -hasn't full control over cirrus_srcptr though, only one byte can be -changed. Once the first byte has been modified further writes land -elsewhere. - -[ This is CVE-2017-2620 / XSA-209 - Ian Jackson ] - -Signed-off-by: Gerd Hoffmann ---- - hw/display/cirrus_vga.c | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c -index 0e47cf8..a093dc8 100644 ---- a/hw/display/cirrus_vga.c -+++ b/hw/display/cirrus_vga.c -@@ -899,6 +899,10 @@ static int cirrus_bitblt_cputovideo(CirrusVGAState * s) - { - int w; - -+ if (blit_is_unsafe(s)) { -+ return 0; -+ } -+ - s->cirrus_blt_mode &= ~CIRRUS_BLTMODE_MEMSYSSRC; - s->cirrus_srcptr = &s->cirrus_bltbuf[0]; - s->cirrus_srcptr_end = &s->cirrus_bltbuf[0]; -@@ -924,6 +928,10 @@ static int cirrus_bitblt_cputovideo(CirrusVGAState * s) - } - s->cirrus_srccounter = s->cirrus_blt_srcpitch * s->cirrus_blt_height; - } -+ -+ /* the blit_is_unsafe call above should catch this */ -+ assert(s->cirrus_blt_srcpitch <= CIRRUS_BLTBUFSIZE); -+ - s->cirrus_srcptr = s->cirrus_bltbuf; - s->cirrus_srcptr_end = s->cirrus_bltbuf + s->cirrus_blt_srcpitch; - cirrus_update_memory_access(s); --- -1.8.3.1 - diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2630.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2630.patch deleted file mode 100644 index 034b322de5..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2630.patch +++ /dev/null @@ -1,22 +0,0 @@ -Comparison symbol is misused. It may lead to memory corruption. - -Signed-off-by: Vladimir Sementsov-Ogievskiy ---- - nbd/client.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/nbd/client.c b/nbd/client.c -index 6caf6bda6d..351731bc63 100644 ---- a/nbd/client.c -+++ b/nbd/client.c -@@ -94,7 +94,7 @@ static ssize_t drop_sync(QIOChannel *ioc, size_t size) - char small[1024]; - char *buffer; - -- buffer = sizeof(small) < size ? small : g_malloc(MIN(65536, size)); -+ buffer = sizeof(small) > size ? small : g_malloc(MIN(65536, size)); - while (size > 0) { - ssize_t count = read_sync(ioc, buffer, MIN(65536, size)); - --- -2.11.0 diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-1.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-1.patch deleted file mode 100644 index 24411b4dca..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-1.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 12351a91da97b414eec8cdb09f1d9f41e535a401 Mon Sep 17 00:00:00 2001 -From: Li Qiang -Date: Wed, 14 Dec 2016 18:30:21 -0800 -Subject: [PATCH] audio: ac97: add exit function -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Currently the ac97 device emulation doesn't have a exit function, -hot unplug this device will leak some memory. Add a exit function to -avoid this. - -Signed-off-by: Li Qiang -Reviewed-by: Marc-André Lureau -Message-id: 58520052.4825ed0a.27a71.6cae@mx.google.com -Signed-off-by: Gerd Hoffmann ---- - hw/audio/ac97.c | 11 +++++++++++ - 1 file changed, 11 insertions(+) - -diff --git a/hw/audio/ac97.c b/hw/audio/ac97.c -index cbd959e..c306575 100644 ---- a/hw/audio/ac97.c -+++ b/hw/audio/ac97.c -@@ -1387,6 +1387,16 @@ static void ac97_realize(PCIDevice *dev, Error **errp) - ac97_on_reset (&s->dev.qdev); - } - -+static void ac97_exit(PCIDevice *dev) -+{ -+ AC97LinkState *s = DO_UPCAST(AC97LinkState, dev, dev); -+ -+ AUD_close_in(&s->card, s->voice_pi); -+ AUD_close_out(&s->card, s->voice_po); -+ AUD_close_in(&s->card, s->voice_mc); -+ AUD_remove_card(&s->card); -+} -+ - static int ac97_init (PCIBus *bus) - { - pci_create_simple (bus, -1, "AC97"); -@@ -1404,6 +1414,7 @@ static void ac97_class_init (ObjectClass *klass, void *data) - PCIDeviceClass *k = PCI_DEVICE_CLASS (klass); - - k->realize = ac97_realize; -+ k->exit = ac97_exit; - k->vendor_id = PCI_VENDOR_ID_INTEL; - k->device_id = PCI_DEVICE_ID_INTEL_82801AA_5; - k->revision = 0x01; --- -2.10.2 - diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-2.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-2.patch deleted file mode 100644 index 6bbac580c3..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-2.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 069eb7b2b8fc47c7cb52e5a4af23ea98d939e3da Mon Sep 17 00:00:00 2001 -From: Li Qiang -Date: Wed, 14 Dec 2016 18:32:22 -0800 -Subject: [PATCH] audio: es1370: add exit function -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Currently the es1370 device emulation doesn't have a exit function, -hot unplug this device will leak some memory. Add a exit function to -avoid this. - -Signed-off-by: Li Qiang -Reviewed-by: Marc-André Lureau -Message-id: 585200c9.a968ca0a.1ab80.4c98@mx.google.com -Signed-off-by: Gerd Hoffmann ---- - hw/audio/es1370.c | 14 ++++++++++++++ - 1 file changed, 14 insertions(+) - -diff --git a/hw/audio/es1370.c b/hw/audio/es1370.c -index 8449b5f..883ec69 100644 ---- a/hw/audio/es1370.c -+++ b/hw/audio/es1370.c -@@ -1041,6 +1041,19 @@ static void es1370_realize(PCIDevice *dev, Error **errp) - es1370_reset (s); - } - -+static void es1370_exit(PCIDevice *dev) -+{ -+ ES1370State *s = ES1370(dev); -+ int i; -+ -+ for (i = 0; i < 2; ++i) { -+ AUD_close_out(&s->card, s->dac_voice[i]); -+ } -+ -+ AUD_close_in(&s->card, s->adc_voice); -+ AUD_remove_card(&s->card); -+} -+ - static int es1370_init (PCIBus *bus) - { - pci_create_simple (bus, -1, TYPE_ES1370); -@@ -1053,6 +1066,7 @@ static void es1370_class_init (ObjectClass *klass, void *data) - PCIDeviceClass *k = PCI_DEVICE_CLASS (klass); - - k->realize = es1370_realize; -+ k->exit = es1370_exit; - k->vendor_id = PCI_VENDOR_ID_ENSONIQ; - k->device_id = PCI_DEVICE_ID_ENSONIQ_ES1370; - k->class_id = PCI_CLASS_MULTIMEDIA_AUDIO; --- -2.10.2 - diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5552.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5552.patch deleted file mode 100644 index 9475f3fd2a..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5552.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 33243031dad02d161225ba99d782616da133f689 Mon Sep 17 00:00:00 2001 -From: Li Qiang -Date: Thu, 29 Dec 2016 03:11:26 -0500 -Subject: [PATCH] virtio-gpu-3d: fix memory leak in resource attach backing -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -If the virgl_renderer_resource_attach_iov function fails the -'res_iovs' will be leaked. Add check of the return value to -free the 'res_iovs' when failing. - -Signed-off-by: Li Qiang -Reviewed-by: Marc-André Lureau -Message-id: 1482999086-59795-1-git-send-email-liq3ea@gmail.com -Signed-off-by: Gerd Hoffmann ---- - hw/display/virtio-gpu-3d.c | 7 +++++-- - 1 file changed, 5 insertions(+), 2 deletions(-) - -diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c -index e29f099..b13ced3 100644 ---- a/hw/display/virtio-gpu-3d.c -+++ b/hw/display/virtio-gpu-3d.c -@@ -291,8 +291,11 @@ static void virgl_resource_attach_backing(VirtIOGPU *g, - return; - } - -- virgl_renderer_resource_attach_iov(att_rb.resource_id, -- res_iovs, att_rb.nr_entries); -+ ret = virgl_renderer_resource_attach_iov(att_rb.resource_id, -+ res_iovs, att_rb.nr_entries); -+ -+ if (ret != 0) -+ virtio_gpu_cleanup_mapping_iov(res_iovs, att_rb.nr_entries); - } - - static void virgl_resource_detach_backing(VirtIOGPU *g, --- -2.10.2 - diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5578.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5578.patch deleted file mode 100644 index f93d1e7f9e..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5578.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 204f01b30975923c64006f8067f0937b91eea68b Mon Sep 17 00:00:00 2001 -From: Li Qiang -Date: Thu, 29 Dec 2016 04:28:41 -0500 -Subject: [PATCH] virtio-gpu: fix memory leak in resource attach backing - -In the resource attach backing function, everytime it will -allocate 'res->iov' thus can leading a memory leak. This -patch avoid this. - -Signed-off-by: Li Qiang -Message-id: 1483003721-65360-1-git-send-email-liq3ea@gmail.com -Signed-off-by: Gerd Hoffmann ---- - hw/display/virtio-gpu.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c -index 6a26258..ca88cf4 100644 ---- a/hw/display/virtio-gpu.c -+++ b/hw/display/virtio-gpu.c -@@ -714,6 +714,11 @@ virtio_gpu_resource_attach_backing(VirtIOGPU *g, - return; - } - -+ if (res->iov) { -+ cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC; -+ return; -+ } -+ - ret = virtio_gpu_create_mapping_iov(&ab, cmd, &res->addrs, &res->iov); - if (ret != 0) { - cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC; --- -2.10.2 - diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5579.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5579.patch deleted file mode 100644 index e4572a8d57..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5579.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 8409dc884a201bf74b30a9d232b6bbdd00cb7e2b Mon Sep 17 00:00:00 2001 -From: Li Qiang -Date: Wed, 4 Jan 2017 00:43:16 -0800 -Subject: [PATCH] serial: fix memory leak in serial exit - -The serial_exit_core function doesn't free some resources. -This can lead memory leak when hotplug and unplug. This -patch avoid this. - -Signed-off-by: Li Qiang -Message-Id: <586cb5ab.f31d9d0a.38ac3.acf2@mx.google.com> -Signed-off-by: Paolo Bonzini ---- - hw/char/serial.c | 10 ++++++++++ - 1 file changed, 10 insertions(+) - -diff --git a/hw/char/serial.c b/hw/char/serial.c -index ffbacd8..67b18ed 100644 ---- a/hw/char/serial.c -+++ b/hw/char/serial.c -@@ -906,6 +906,16 @@ void serial_realize_core(SerialState *s, Error **errp) - void serial_exit_core(SerialState *s) - { - qemu_chr_fe_deinit(&s->chr); -+ -+ timer_del(s->modem_status_poll); -+ timer_free(s->modem_status_poll); -+ -+ timer_del(s->fifo_timeout_timer); -+ timer_free(s->fifo_timeout_timer); -+ -+ fifo8_destroy(&s->recv_fifo); -+ fifo8_destroy(&s->xmit_fifo); -+ - qemu_unregister_reset(serial_reset, s); - } - --- -2.10.2 - diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5667.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5667.patch deleted file mode 100644 index 93e9c9406c..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5667.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 42922105beb14c2fc58185ea022b9f72fb5465e9 Mon Sep 17 00:00:00 2001 -From: Prasad J Pandit -Date: Tue, 7 Feb 2017 18:29:59 +0000 -Subject: [PATCH] sd: sdhci: check data length during dma_memory_read - -While doing multi block SDMA transfer in routine -'sdhci_sdma_transfer_multi_blocks', the 's->fifo_buffer' starting -index 'begin' and data length 's->data_count' could end up to be same. -This could lead to an OOB access issue. Correct transfer data length -to avoid it. - -Cc: qemu-stable@nongnu.org -Reported-by: Jiang Xin -Signed-off-by: Prasad J Pandit -Reviewed-by: Peter Maydell -Message-id: 20170130064736.9236-1-ppandit@redhat.com -Signed-off-by: Peter Maydell ---- - hw/sd/sdhci.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c -index 01fbf22..5bd5ab6 100644 ---- a/hw/sd/sdhci.c -+++ b/hw/sd/sdhci.c -@@ -536,7 +536,7 @@ static void sdhci_sdma_transfer_multi_blocks(SDHCIState *s) - boundary_count -= block_size - begin; - } - dma_memory_read(&address_space_memory, s->sdmasysad, -- &s->fifo_buffer[begin], s->data_count); -+ &s->fifo_buffer[begin], s->data_count - begin); - s->sdmasysad += s->data_count - begin; - if (s->data_count == block_size) { - for (n = 0; n < block_size; n++) { --- -2.10.2 - diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5856.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5856.patch deleted file mode 100644 index 2ebd49fa54..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5856.patch +++ /dev/null @@ -1,64 +0,0 @@ -From 765a707000e838c30b18d712fe6cb3dd8e0435f3 Mon Sep 17 00:00:00 2001 -From: Paolo Bonzini -Date: Mon, 2 Jan 2017 11:03:33 +0100 -Subject: [PATCH] megasas: fix guest-triggered memory leak - -If the guest sets the sglist size to a value >=2GB, megasas_handle_dcmd -will return MFI_STAT_MEMORY_NOT_AVAILABLE without freeing the memory. -Avoid this by returning only the status from map_dcmd, and loading -cmd->iov_size in the caller. - -Reported-by: Li Qiang -Signed-off-by: Paolo Bonzini ---- - hw/scsi/megasas.c | 11 ++++++----- - 1 file changed, 6 insertions(+), 5 deletions(-) - -diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c -index 67fc1e7..6233865 100644 ---- a/hw/scsi/megasas.c -+++ b/hw/scsi/megasas.c -@@ -683,14 +683,14 @@ static int megasas_map_dcmd(MegasasState *s, MegasasCmd *cmd) - trace_megasas_dcmd_invalid_sge(cmd->index, - cmd->frame->header.sge_count); - cmd->iov_size = 0; -- return -1; -+ return -EINVAL; - } - iov_pa = megasas_sgl_get_addr(cmd, &cmd->frame->dcmd.sgl); - iov_size = megasas_sgl_get_len(cmd, &cmd->frame->dcmd.sgl); - pci_dma_sglist_init(&cmd->qsg, PCI_DEVICE(s), 1); - qemu_sglist_add(&cmd->qsg, iov_pa, iov_size); - cmd->iov_size = iov_size; -- return cmd->iov_size; -+ return 0; - } - - static void megasas_finish_dcmd(MegasasCmd *cmd, uint32_t iov_size) -@@ -1559,19 +1559,20 @@ static const struct dcmd_cmd_tbl_t { - - static int megasas_handle_dcmd(MegasasState *s, MegasasCmd *cmd) - { -- int opcode, len; -+ int opcode; - int retval = 0; -+ size_t len; - const struct dcmd_cmd_tbl_t *cmdptr = dcmd_cmd_tbl; - - opcode = le32_to_cpu(cmd->frame->dcmd.opcode); - trace_megasas_handle_dcmd(cmd->index, opcode); -- len = megasas_map_dcmd(s, cmd); -- if (len < 0) { -+ if (megasas_map_dcmd(s, cmd) < 0) { - return MFI_STAT_MEMORY_NOT_AVAILABLE; - } - while (cmdptr->opcode != -1 && cmdptr->opcode != opcode) { - cmdptr++; - } -+ len = cmd->iov_size; - if (cmdptr->opcode == -1) { - trace_megasas_dcmd_unhandled(cmd->index, opcode, len); - retval = megasas_dcmd_dummy(s, cmd); --- -2.10.2 - diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5857.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5857.patch deleted file mode 100644 index 664a669ffa..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5857.patch +++ /dev/null @@ -1,38 +0,0 @@ -When the guest sends VIRTIO_GPU_CMD_RESOURCE_UNREF without detaching the -backing storage beforehand (VIRTIO_GPU_CMD_RESOURCE_DETACH_BACKING) -we'll leak memory. - -This patch fixes it for 3d mode, simliar to the 2d mode fix in commit -"b8e2392 virtio-gpu: call cleanup mapping function in resource destroy". - -Reported-by: 李强 -Signed-off-by: Gerd Hoffmann ---- - hw/display/virtio-gpu-3d.c | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c -index f96a0c2..ecb09d1 100644 ---- a/hw/display/virtio-gpu-3d.c -+++ b/hw/display/virtio-gpu-3d.c -@@ -77,10 +77,18 @@ static void virgl_cmd_resource_unref(VirtIOGPU *g, - struct virtio_gpu_ctrl_command *cmd) - { - struct virtio_gpu_resource_unref unref; -+ struct iovec *res_iovs = NULL; -+ int num_iovs = 0; - - VIRTIO_GPU_FILL_CMD(unref); - trace_virtio_gpu_cmd_res_unref(unref.resource_id); - -+ virgl_renderer_resource_detach_iov(unref.resource_id, -+ &res_iovs, -+ &num_iovs); -+ if (res_iovs != NULL && num_iovs != 0) { -+ virtio_gpu_cleanup_mapping_iov(res_iovs, num_iovs); -+ } - virgl_renderer_resource_unref(unref.resource_id); - } - --- -1.8.3.1 diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5898.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5898.patch deleted file mode 100644 index 9f94477a46..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5898.patch +++ /dev/null @@ -1,35 +0,0 @@ -From c7dfbf322595ded4e70b626bf83158a9f3807c6a Mon Sep 17 00:00:00 2001 -From: Prasad J Pandit -Date: Fri, 3 Feb 2017 00:52:28 +0530 -Subject: [PATCH] usb: ccid: check ccid apdu length - -CCID device emulator uses Application Protocol Data Units(APDU) -to exchange command and responses to and from the host. -The length in these units couldn't be greater than 65536. Add -check to ensure the same. It'd also avoid potential integer -overflow in emulated_apdu_from_guest. - -Reported-by: Li Qiang -Signed-off-by: Prasad J Pandit -Message-id: 20170202192228.10847-1-ppandit@redhat.com -Signed-off-by: Gerd Hoffmann ---- - hw/usb/dev-smartcard-reader.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/hw/usb/dev-smartcard-reader.c b/hw/usb/dev-smartcard-reader.c -index 89e11b6..1325ea1 100644 ---- a/hw/usb/dev-smartcard-reader.c -+++ b/hw/usb/dev-smartcard-reader.c -@@ -967,7 +967,7 @@ static void ccid_on_apdu_from_guest(USBCCIDState *s, CCID_XferBlock *recv) - DPRINTF(s, 1, "%s: seq %d, len %d\n", __func__, - recv->hdr.bSeq, len); - ccid_add_pending_answer(s, (CCID_Header *)recv); -- if (s->card) { -+ if (s->card && len <= BULK_OUT_DATA_SIZE) { - ccid_card_apdu_from_guest(s->card, recv->abData, len); - } else { - DPRINTF(s, D_WARN, "warning: discarded apdu\n"); --- -2.10.2 - diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5931.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5931.patch deleted file mode 100644 index f24d557c96..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5931.patch +++ /dev/null @@ -1,46 +0,0 @@ -From a08aaff811fb194950f79711d2afe5a892ae03a4 Mon Sep 17 00:00:00 2001 -From: Gonglei -Date: Tue, 3 Jan 2017 14:50:03 +0800 -Subject: [PATCH] virtio-crypto: fix possible integer and heap overflow - -Because the 'size_t' type is 4 bytes in 32-bit platform, which -is the same with 'int'. It's easy to make 'max_len' to zero when -integer overflow and then cause heap overflow if 'max_len' is zero. - -Using uint_64 instead of size_t to avoid the integer overflow. - -Cc: qemu-stable@nongnu.org -Reported-by: Li Qiang -Signed-off-by: Gonglei -Tested-by: Li Qiang -Reviewed-by: Michael S. Tsirkin -Signed-off-by: Michael S. Tsirkin ---- - hw/virtio/virtio-crypto.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c -index 2f2467e..c23e1ad 100644 ---- a/hw/virtio/virtio-crypto.c -+++ b/hw/virtio/virtio-crypto.c -@@ -416,7 +416,7 @@ virtio_crypto_sym_op_helper(VirtIODevice *vdev, - uint32_t hash_start_src_offset = 0, len_to_hash = 0; - uint32_t cipher_start_src_offset = 0, len_to_cipher = 0; - -- size_t max_len, curr_size = 0; -+ uint64_t max_len, curr_size = 0; - size_t s; - - /* Plain cipher */ -@@ -441,7 +441,7 @@ virtio_crypto_sym_op_helper(VirtIODevice *vdev, - return NULL; - } - -- max_len = iv_len + aad_len + src_len + dst_len + hash_result_len; -+ max_len = (uint64_t)iv_len + aad_len + src_len + dst_len + hash_result_len; - if (unlikely(max_len > vcrypto->conf.max_size)) { - virtio_error(vdev, "virtio-crypto too big length"); - return NULL; --- -2.10.2 - diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5973.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5973.patch deleted file mode 100644 index 50ff3c9979..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5973.patch +++ /dev/null @@ -1,87 +0,0 @@ -Limits should be big enough that normal guest should not hit it. -Add a tracepoint to log them, just in case. Also, while being -at it, log the existing link trb limit too. - -Reported-by: 李强 -Signed-off-by: Gerd Hoffmann ---- - hw/usb/hcd-xhci.c | 15 ++++++++++++++- - hw/usb/trace-events | 1 + - 2 files changed, 15 insertions(+), 1 deletion(-) - -diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c -index fbf8a8b..28dd2f2 100644 ---- a/hw/usb/hcd-xhci.c -+++ b/hw/usb/hcd-xhci.c -@@ -51,6 +51,8 @@ - #define EV_QUEUE (((3 * 24) + 16) * MAXSLOTS) - - #define TRB_LINK_LIMIT 4 -+#define COMMAND_LIMIT 256 -+#define TRANSFER_LIMIT 256 - - #define LEN_CAP 0x40 - #define LEN_OPER (0x400 + 0x10 * MAXPORTS) -@@ -943,6 +945,7 @@ static TRBType xhci_ring_fetch(XHCIState *xhci, XHCIRing *ring, XHCITRB *trb, - return type; - } else { - if (++link_cnt > TRB_LINK_LIMIT) { -+ trace_usb_xhci_enforced_limit("trb-link"); - return 0; - } - ring->dequeue = xhci_mask64(trb->parameter); -@@ -2060,6 +2063,7 @@ static void xhci_kick_epctx(XHCIEPContext *epctx, unsigned int streamid) - XHCIRing *ring; - USBEndpoint *ep = NULL; - uint64_t mfindex; -+ unsigned int count = 0; - int length; - int i; - -@@ -2172,6 +2176,10 @@ static void xhci_kick_epctx(XHCIEPContext *epctx, unsigned int streamid) - epctx->retry = xfer; - break; - } -+ if (count++ > TRANSFER_LIMIT) { -+ trace_usb_xhci_enforced_limit("transfers"); -+ break; -+ } - } - epctx->kick_active--; - -@@ -2618,7 +2626,7 @@ static void xhci_process_commands(XHCIState *xhci) - TRBType type; - XHCIEvent event = {ER_COMMAND_COMPLETE, CC_SUCCESS}; - dma_addr_t addr; -- unsigned int i, slotid = 0; -+ unsigned int i, slotid = 0, count = 0; - - DPRINTF("xhci_process_commands()\n"); - if (!xhci_running(xhci)) { -@@ -2735,6 +2743,11 @@ static void xhci_process_commands(XHCIState *xhci) - } - event.slotid = slotid; - xhci_event(xhci, &event, 0); -+ -+ if (count++ > COMMAND_LIMIT) { -+ trace_usb_xhci_enforced_limit("commands"); -+ return; -+ } - } - } - -diff --git a/hw/usb/trace-events b/hw/usb/trace-events -index fdd1d29..0c323d4 100644 ---- a/hw/usb/trace-events -+++ b/hw/usb/trace-events -@@ -174,6 +174,7 @@ usb_xhci_xfer_retry(void *xfer) "%p" - usb_xhci_xfer_success(void *xfer, uint32_t bytes) "%p: len %d" - usb_xhci_xfer_error(void *xfer, uint32_t ret) "%p: ret %d" - usb_xhci_unimplemented(const char *item, int nr) "%s (0x%x)" -+usb_xhci_enforced_limit(const char *item) "%s" - - # hw/usb/desc.c - usb_desc_device(int addr, int len, int ret) "dev %d query device, len %d, ret %d" --- -1.8.3.1 - diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5987.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5987.patch deleted file mode 100644 index bfde2e9d4b..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5987.patch +++ /dev/null @@ -1,50 +0,0 @@ -From: Prasad J Pandit - -In the SDHCI protocol, the transfer mode register value -is used during multi block transfer to check if block count -register is enabled and should be updated. Transfer mode -register could be set such that, block count register would -not be updated, thus leading to an infinite loop. Add check -to avoid it. - -Reported-by: Wjjzhang -Reported-by: Jiang Xin -Signed-off-by: Prasad J Pandit ---- - hw/sd/sdhci.c | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -Update: use qemu_log_mask(LOG_UNIMP, ...) - -> https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg02354.html - -diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c -index 5bd5ab6..a9c744b 100644 ---- a/hw/sd/sdhci.c -+++ b/hw/sd/sdhci.c -@@ -486,6 +486,11 @@ static void sdhci_sdma_transfer_multi_blocks(SDHCIState *s) - uint32_t boundary_chk = 1 << (((s->blksize & 0xf000) >> 12) + 12); - uint32_t boundary_count = boundary_chk - (s->sdmasysad % boundary_chk); - -+ if (!(s->trnmod & SDHC_TRNS_BLK_CNT_EN) || !s->blkcnt) { -+ qemu_log_mask(LOG_UNIMP, "infinite transfer is not supported\n"); -+ return; -+ } -+ - /* XXX: Some sd/mmc drivers (for example, u-boot-slp) do not account for - * possible stop at page boundary if initial address is not page aligned, - * allow them to work properly */ -@@ -797,11 +802,6 @@ static void sdhci_data_transfer(void *opaque) - if (s->trnmod & SDHC_TRNS_DMA) { - switch (SDHC_DMA_TYPE(s->hostctl)) { - case SDHC_CTRL_SDMA: -- if ((s->trnmod & SDHC_TRNS_MULTI) && -- (!(s->trnmod & SDHC_TRNS_BLK_CNT_EN) || s->blkcnt == 0)) { -- break; -- } -- - if ((s->blkcnt == 1) || !(s->trnmod & SDHC_TRNS_MULTI)) { - sdhci_sdma_transfer_single_block(s); - } else { --- -2.9.3 - diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-6058.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-6058.patch deleted file mode 100644 index 666c18ccea..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-6058.patch +++ /dev/null @@ -1,112 +0,0 @@ -This patch fixed a problem that was introduced in commit eb700029. - -When net_rx_pkt_attach_iovec() calls eth_strip_vlan() -this can result in pkt->ehdr_buf being overflowed, because -ehdr_buf is only sizeof(struct eth_header) bytes large -but eth_strip_vlan() can write -sizeof(struct eth_header) + sizeof(struct vlan_header) -bytes into it. - -Devices affected by this problem: vmxnet3. - -Reported-by: Peter Maydell -Signed-off-by: Dmitry Fleytman ---- - hw/net/net_rx_pkt.c | 34 +++++++++++++++++----------------- - 1 file changed, 17 insertions(+), 17 deletions(-) - -diff --git a/hw/net/net_rx_pkt.c b/hw/net/net_rx_pkt.c -index 1019b50..7c0beac 100644 ---- a/hw/net/net_rx_pkt.c -+++ b/hw/net/net_rx_pkt.c -@@ -23,13 +23,13 @@ - - struct NetRxPkt { - struct virtio_net_hdr virt_hdr; -- uint8_t ehdr_buf[sizeof(struct eth_header)]; -+ uint8_t ehdr_buf[sizeof(struct eth_header) + sizeof(struct vlan_header)]; - struct iovec *vec; - uint16_t vec_len_total; - uint16_t vec_len; - uint32_t tot_len; - uint16_t tci; -- bool vlan_stripped; -+ size_t ehdr_buf_len; - bool has_virt_hdr; - eth_pkt_types_e packet_type; - -@@ -88,15 +88,13 @@ net_rx_pkt_pull_data(struct NetRxPkt *pkt, - const struct iovec *iov, int iovcnt, - size_t ploff) - { -- if (pkt->vlan_stripped) { -+ if (pkt->ehdr_buf_len) { - net_rx_pkt_iovec_realloc(pkt, iovcnt + 1); - - pkt->vec[0].iov_base = pkt->ehdr_buf; -- pkt->vec[0].iov_len = sizeof(pkt->ehdr_buf); -- -- pkt->tot_len = -- iov_size(iov, iovcnt) - ploff + sizeof(struct eth_header); -+ pkt->vec[0].iov_len = pkt->ehdr_buf_len; - -+ pkt->tot_len = iov_size(iov, iovcnt) - ploff + pkt->ehdr_buf_len; - pkt->vec_len = iov_copy(pkt->vec + 1, pkt->vec_len_total - 1, - iov, iovcnt, ploff, pkt->tot_len); - } else { -@@ -123,11 +121,12 @@ void net_rx_pkt_attach_iovec(struct NetRxPkt *pkt, - uint16_t tci = 0; - uint16_t ploff = iovoff; - assert(pkt); -- pkt->vlan_stripped = false; - - if (strip_vlan) { -- pkt->vlan_stripped = eth_strip_vlan(iov, iovcnt, iovoff, pkt->ehdr_buf, -- &ploff, &tci); -+ pkt->ehdr_buf_len = eth_strip_vlan(iov, iovcnt, iovoff, pkt->ehdr_buf, -+ &ploff, &tci); -+ } else { -+ pkt->ehdr_buf_len = 0; - } - - pkt->tci = tci; -@@ -143,12 +142,13 @@ void net_rx_pkt_attach_iovec_ex(struct NetRxPkt *pkt, - uint16_t tci = 0; - uint16_t ploff = iovoff; - assert(pkt); -- pkt->vlan_stripped = false; - - if (strip_vlan) { -- pkt->vlan_stripped = eth_strip_vlan_ex(iov, iovcnt, iovoff, vet, -- pkt->ehdr_buf, -- &ploff, &tci); -+ pkt->ehdr_buf_len = eth_strip_vlan_ex(iov, iovcnt, iovoff, vet, -+ pkt->ehdr_buf, -+ &ploff, &tci); -+ } else { -+ pkt->ehdr_buf_len = 0; - } - - pkt->tci = tci; -@@ -162,8 +162,8 @@ void net_rx_pkt_dump(struct NetRxPkt *pkt) - NetRxPkt *pkt = (NetRxPkt *)pkt; - assert(pkt); - -- printf("RX PKT: tot_len: %d, vlan_stripped: %d, vlan_tag: %d\n", -- pkt->tot_len, pkt->vlan_stripped, pkt->tci); -+ printf("RX PKT: tot_len: %d, ehdr_buf_len: %lu, vlan_tag: %d\n", -+ pkt->tot_len, pkt->ehdr_buf_len, pkt->tci); - #endif - } - -@@ -426,7 +426,7 @@ bool net_rx_pkt_is_vlan_stripped(struct NetRxPkt *pkt) - { - assert(pkt); - -- return pkt->vlan_stripped; -+ return pkt->ehdr_buf_len ? true : false; - } - - bool net_rx_pkt_has_virt_hdr(struct NetRxPkt *pkt) --- -2.7.4 diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-6505.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-6505.patch deleted file mode 100644 index a15aa96bd5..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-6505.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 95ed56939eb2eaa4e2f349fe6dcd13ca4edfd8fb Mon Sep 17 00:00:00 2001 -From: Li Qiang -Date: Tue, 7 Feb 2017 02:23:33 -0800 -Subject: [PATCH] usb: ohci: limit the number of link eds - -The guest may builds an infinite loop with link eds. This patch -limit the number of linked ed to avoid this. - -Signed-off-by: Li Qiang -Message-id: 5899a02e.45ca240a.6c373.93c1@mx.google.com -Signed-off-by: Gerd Hoffmann ---- - hw/usb/hcd-ohci.c | 9 ++++++++- - 1 file changed, 8 insertions(+), 1 deletion(-) - -diff --git a/hw/usb/hcd-ohci.c b/hw/usb/hcd-ohci.c -index 2cba3e3..21c93e0 100644 ---- a/hw/usb/hcd-ohci.c -+++ b/hw/usb/hcd-ohci.c -@@ -42,6 +42,8 @@ - - #define OHCI_MAX_PORTS 15 - -+#define ED_LINK_LIMIT 4 -+ - static int64_t usb_frame_time; - static int64_t usb_bit_time; - -@@ -1184,7 +1186,7 @@ static int ohci_service_ed_list(OHCIState *ohci, uint32_t head, int completion) - uint32_t next_ed; - uint32_t cur; - int active; -- -+ uint32_t link_cnt = 0; - active = 0; - - if (head == 0) -@@ -1199,6 +1201,11 @@ static int ohci_service_ed_list(OHCIState *ohci, uint32_t head, int completion) - - next_ed = ed.next & OHCI_DPTR_MASK; - -+ if (++link_cnt > ED_LINK_LIMIT) { -+ ohci_die(ohci); -+ return 0; -+ } -+ - if ((ed.head & OHCI_ED_H) || (ed.flags & OHCI_ED_K)) { - uint32_t addr; - /* Cancel pending packets for ED that have been paused. */ --- -2.10.2 - diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-7493.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-7493.patch new file mode 100644 index 0000000000..346e7713f7 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-7493.patch @@ -0,0 +1,174 @@ +From 7a95434e0ca8a037fd8aa1a2e2461f92585eb77b Mon Sep 17 00:00:00 2001 +From: Greg Kurz +Date: Fri, 5 May 2017 14:48:08 +0200 +Subject: [PATCH] 9pfs: local: forbid client access to metadata (CVE-2017-7493) + +When using the mapped-file security mode, we shouldn't let the client mess +with the metadata. The current code already tries to hide the metadata dir +from the client by skipping it in local_readdir(). But the client can still +access or modify it through several other operations. This can be used to +escalate privileges in the guest. + +Affected backend operations are: +- local_mknod() +- local_mkdir() +- local_open2() +- local_symlink() +- local_link() +- local_unlinkat() +- local_renameat() +- local_rename() +- local_name_to_path() + +Other operations are safe because they are only passed a fid path, which +is computed internally in local_name_to_path(). + +This patch converts all the functions listed above to fail and return +EINVAL when being passed the name of the metadata dir. This may look +like a poor choice for errno, but there's no such thing as an illegal +path name on Linux and I could not think of anything better. + +This fixes CVE-2017-7493. + +Reported-by: Leo Gaspard +Signed-off-by: Greg Kurz +Reviewed-by: Eric Blake +--- + hw/9pfs/9p-local.c | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++++-- + 1 file changed, 56 insertions(+), 2 deletions(-) + +diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c +index f3ebca4f7a..a2486566af 100644 +--- a/hw/9pfs/9p-local.c ++++ b/hw/9pfs/9p-local.c +@@ -452,6 +452,11 @@ static off_t local_telldir(FsContext *ctx, V9fsFidOpenState *fs) + return telldir(fs->dir.stream); + } + ++static bool local_is_mapped_file_metadata(FsContext *fs_ctx, const char *name) ++{ ++ return !strcmp(name, VIRTFS_META_DIR); ++} ++ + static struct dirent *local_readdir(FsContext *ctx, V9fsFidOpenState *fs) + { + struct dirent *entry; +@@ -465,8 +470,8 @@ again: + if (ctx->export_flags & V9FS_SM_MAPPED) { + entry->d_type = DT_UNKNOWN; + } else if (ctx->export_flags & V9FS_SM_MAPPED_FILE) { +- if (!strcmp(entry->d_name, VIRTFS_META_DIR)) { +- /* skp the meta data directory */ ++ if (local_is_mapped_file_metadata(ctx, entry->d_name)) { ++ /* skip the meta data directory */ + goto again; + } + entry->d_type = DT_UNKNOWN; +@@ -559,6 +564,12 @@ static int local_mknod(FsContext *fs_ctx, V9fsPath *dir_path, + int err = -1; + int dirfd; + ++ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ local_is_mapped_file_metadata(fs_ctx, name)) { ++ errno = EINVAL; ++ return -1; ++ } ++ + dirfd = local_opendir_nofollow(fs_ctx, dir_path->data); + if (dirfd == -1) { + return -1; +@@ -605,6 +616,12 @@ static int local_mkdir(FsContext *fs_ctx, V9fsPath *dir_path, + int err = -1; + int dirfd; + ++ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ local_is_mapped_file_metadata(fs_ctx, name)) { ++ errno = EINVAL; ++ return -1; ++ } ++ + dirfd = local_opendir_nofollow(fs_ctx, dir_path->data); + if (dirfd == -1) { + return -1; +@@ -694,6 +711,12 @@ static int local_open2(FsContext *fs_ctx, V9fsPath *dir_path, const char *name, + int err = -1; + int dirfd; + ++ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ local_is_mapped_file_metadata(fs_ctx, name)) { ++ errno = EINVAL; ++ return -1; ++ } ++ + /* + * Mark all the open to not follow symlinks + */ +@@ -752,6 +775,12 @@ static int local_symlink(FsContext *fs_ctx, const char *oldpath, + int err = -1; + int dirfd; + ++ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ local_is_mapped_file_metadata(fs_ctx, name)) { ++ errno = EINVAL; ++ return -1; ++ } ++ + dirfd = local_opendir_nofollow(fs_ctx, dir_path->data); + if (dirfd == -1) { + return -1; +@@ -826,6 +855,12 @@ static int local_link(FsContext *ctx, V9fsPath *oldpath, + int ret = -1; + int odirfd, ndirfd; + ++ if (ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ local_is_mapped_file_metadata(ctx, name)) { ++ errno = EINVAL; ++ return -1; ++ } ++ + odirfd = local_opendir_nofollow(ctx, odirpath); + if (odirfd == -1) { + goto out; +@@ -1096,6 +1131,12 @@ static int local_lremovexattr(FsContext *ctx, V9fsPath *fs_path, + static int local_name_to_path(FsContext *ctx, V9fsPath *dir_path, + const char *name, V9fsPath *target) + { ++ if (ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ local_is_mapped_file_metadata(ctx, name)) { ++ errno = EINVAL; ++ return -1; ++ } ++ + if (dir_path) { + v9fs_path_sprintf(target, "%s/%s", dir_path->data, name); + } else if (strcmp(name, "/")) { +@@ -1116,6 +1157,13 @@ static int local_renameat(FsContext *ctx, V9fsPath *olddir, + int ret; + int odirfd, ndirfd; + ++ if (ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ (local_is_mapped_file_metadata(ctx, old_name) || ++ local_is_mapped_file_metadata(ctx, new_name))) { ++ errno = EINVAL; ++ return -1; ++ } ++ + odirfd = local_opendir_nofollow(ctx, olddir->data); + if (odirfd == -1) { + return -1; +@@ -1206,6 +1254,12 @@ static int local_unlinkat(FsContext *ctx, V9fsPath *dir, + int ret; + int dirfd; + ++ if (ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ local_is_mapped_file_metadata(ctx, name)) { ++ errno = EINVAL; ++ return -1; ++ } ++ + dirfd = local_opendir_nofollow(ctx, dir->data); + if (dirfd == -1) { + return -1; +-- +2.13.0 + diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8112.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8112.patch new file mode 100644 index 0000000000..31fb69bf89 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8112.patch @@ -0,0 +1,22 @@ +CVE-2017-8112 + +https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg04494.html +--- + hw/scsi/vmw_pvscsi.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/scsi/vmw_pvscsi.c b/hw/scsi/vmw_pvscsi.c +index 7557546..4a106da 100644 +--- a/hw/scsi/vmw_pvscsi.c ++++ b/hw/scsi/vmw_pvscsi.c +@@ -202,7 +202,7 @@ pvscsi_ring_init_msg(PVSCSIRingInfo *m, PVSCSICmdDescSetupMsgRing *ri) + uint32_t len_log2; + uint32_t ring_size; + +- if (ri->numPages > PVSCSI_SETUP_MSG_RING_MAX_NUM_PAGES) { ++ if (!ri->numPages || ri->numPages > PVSCSI_SETUP_MSG_RING_MAX_NUM_PAGES) { + return -1; + } + ring_size = ri->numPages * PVSCSI_MAX_NUM_MSG_ENTRIES_PER_PAGE; +-- +2.9.3 diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8309.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8309.patch new file mode 100644 index 0000000000..4f7f870210 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8309.patch @@ -0,0 +1,22 @@ +bug #616870 + +https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg05587.html +--- + audio/audio.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/audio/audio.c b/audio/audio.c +index c8898d8422..beafed209b 100644 +--- a/audio/audio.c ++++ b/audio/audio.c +@@ -2028,6 +2028,8 @@ void AUD_del_capture (CaptureVoiceOut *cap, void *cb_opaque) + sw = sw1; + } + QLIST_REMOVE (cap, entries); ++ g_free (cap->hw.mix_buf); ++ g_free (cap->buf); + g_free (cap); + } + return; +-- +2.9.3 diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8379.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8379.patch new file mode 100644 index 0000000000..0a34dae671 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8379.patch @@ -0,0 +1,76 @@ +bug #616872 + +https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg05599.html +--- + ui/input.c | 14 +++++++++++--- + 1 file changed, 11 insertions(+), 3 deletions(-) + +diff --git a/ui/input.c b/ui/input.c +index ed88cda6d6..fb1f404095 100644 +--- a/ui/input.c ++++ b/ui/input.c +@@ -41,6 +41,8 @@ static QTAILQ_HEAD(QemuInputEventQueueHead, QemuInputEventQueue) kbd_queue = + QTAILQ_HEAD_INITIALIZER(kbd_queue); + static QEMUTimer *kbd_timer; + static uint32_t kbd_default_delay_ms = 10; ++static uint32_t queue_count; ++static uint32_t queue_limit = 1024; + + QemuInputHandlerState *qemu_input_handler_register(DeviceState *dev, + QemuInputHandler *handler) +@@ -268,6 +270,7 @@ static void qemu_input_queue_process(void *opaque) + break; + } + QTAILQ_REMOVE(queue, item, node); ++ queue_count--; + g_free(item); + } + } +@@ -282,6 +285,7 @@ static void qemu_input_queue_delay(struct QemuInputEventQueueHead *queue, + item->delay_ms = delay_ms; + item->timer = timer; + QTAILQ_INSERT_TAIL(queue, item, node); ++ queue_count++; + + if (start_timer) { + timer_mod(item->timer, qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL) +@@ -298,6 +302,7 @@ static void qemu_input_queue_event(struct QemuInputEventQueueHead *queue, + item->src = src; + item->evt = evt; + QTAILQ_INSERT_TAIL(queue, item, node); ++ queue_count++; + } + + static void qemu_input_queue_sync(struct QemuInputEventQueueHead *queue) +@@ -306,6 +311,7 @@ static void qemu_input_queue_sync(struct QemuInputEventQueueHead *queue) + + item->type = QEMU_INPUT_QUEUE_SYNC; + QTAILQ_INSERT_TAIL(queue, item, node); ++ queue_count++; + } + + void qemu_input_event_send_impl(QemuConsole *src, InputEvent *evt) +@@ -381,7 +387,7 @@ void qemu_input_event_send_key(QemuConsole *src, KeyValue *key, bool down) + qemu_input_event_send(src, evt); + qemu_input_event_sync(); + qapi_free_InputEvent(evt); +- } else { ++ } else if (queue_count < queue_limit) { + qemu_input_queue_event(&kbd_queue, src, evt); + qemu_input_queue_sync(&kbd_queue); + } +@@ -409,8 +415,10 @@ void qemu_input_event_send_key_delay(uint32_t delay_ms) + kbd_timer = timer_new_ms(QEMU_CLOCK_VIRTUAL, qemu_input_queue_process, + &kbd_queue); + } +- qemu_input_queue_delay(&kbd_queue, kbd_timer, +- delay_ms ? delay_ms : kbd_default_delay_ms); ++ if (queue_count < queue_limit) { ++ qemu_input_queue_delay(&kbd_queue, kbd_timer, ++ delay_ms ? delay_ms : kbd_default_delay_ms); ++ } + } + + InputEvent *qemu_input_event_new_btn(InputButton btn, bool down) +-- +2.9.3 diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8380.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8380.patch new file mode 100644 index 0000000000..08911dd0bf --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8380.patch @@ -0,0 +1,34 @@ +bug #616874 + +https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg04147.html +--- + hw/scsi/megasas.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c +index 84b8caf..804122a 100644 +--- a/hw/scsi/megasas.c ++++ b/hw/scsi/megasas.c +@@ -2138,15 +2138,15 @@ static void megasas_mmio_write(void *opaque, hwaddr addr, + case MFI_SEQ: + trace_megasas_mmio_writel("MFI_SEQ", val); + /* Magic sequence to start ADP reset */ +- if (adp_reset_seq[s->adp_reset] == val) { +- s->adp_reset++; ++ if (adp_reset_seq[s->adp_reset++] == val) { ++ if (s->adp_reset == 6) { ++ s->adp_reset = 0; ++ s->diag = MFI_DIAG_WRITE_ENABLE; ++ } + } else { + s->adp_reset = 0; + s->diag = 0; + } +- if (s->adp_reset == 6) { +- s->diag = MFI_DIAG_WRITE_ENABLE; +- } + break; + case MFI_DIAG: + trace_megasas_mmio_writel("MFI_DIAG", val); +-- +2.9.3 diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-binfmt.initd-r1 b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-binfmt.initd-r1 deleted file mode 100644 index fe62a2a211..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-binfmt.initd-r1 +++ /dev/null @@ -1,138 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2016 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -# enable automatic i386/ARM/M68K/MIPS/SPARC/PPC/s390 program execution by the kernel - -# Defaulting to OC should be safe because it comes down to: -# - do we trust the interp itself to not be malicious? yes; we built it. -# - do we trust the programs we're running? ish; same permission as native -# binaries apply. so if user can do bad stuff natively, cross isn't worse. -: ${QEMU_BINFMT_FLAGS:=OC} - -depend() { - after procfs -} - -start() { - ebegin "Registering qemu-user binaries (flags: ${QEMU_BINFMT_FLAGS})" - - if [ ! -d /proc/sys/fs/binfmt_misc ] ; then - modprobe -q binfmt_misc - fi - - if [ ! -d /proc/sys/fs/binfmt_misc ] ; then - eend $? "You need support for 'misc binaries' in your kernel!" || return - fi - - if [ ! -f /proc/sys/fs/binfmt_misc/register ] ; then - mount -t binfmt_misc binfmt_misc /proc/sys/fs/binfmt_misc >/dev/null 2>&1 - eend $? || return - fi - - # probe cpu type - cpu=`uname -m` - case "$cpu" in - i386|i486|i586|i686|i86pc|BePC|x86_64) - cpu="i386" - ;; - m68k) - cpu="m68k" - ;; - mips*) - cpu="mips" - ;; - "Power Macintosh"|ppc|ppc64) - cpu="ppc" - ;; - armv[4-9]*) - cpu="arm" - ;; - sparc*) - cpu="sparc" - ;; - esac - - # register the interpreter for each cpu except for the native one - if [ $cpu != "i386" -a -x "/usr/bin/qemu-i386" ] ; then - echo ':i386:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x03\x00:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-i386:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register - echo ':i486:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x06\x00:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-i386:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register - fi - if [ $cpu != "alpha" -a -x "/usr/bin/qemu-alpha" ] ; then - echo ':alpha:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x26\x90:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-alpha:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register - fi - if [ $cpu != "arm" -a -x "/usr/bin/qemu-arm" ] ; then - echo ':arm:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff:/usr/bin/qemu-arm:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register - fi - if [ $cpu != "arm" -a -x "/usr/bin/qemu-armeb" ] ; then - echo ':armeb:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-armeb:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register - fi - if [ $cpu != "aarch64" -a -x "/usr/bin/qemu-aarch64" ] ; then - echo ':aarch64:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-aarch64:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register - fi - if [ $cpu != "sparc" -a -x "/usr/bin/qemu-sparc" ] ; then - echo ':sparc:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x02:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-sparc:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register - fi - if [ $cpu != "ppc" -a -x "/usr/bin/qemu-ppc" ] ; then - echo ':ppc:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x14:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-ppc:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register - fi - if [ $cpu != "m68k" -a -x "/usr/bin/qemu-m68k" ] ; then - #echo 'Please check cpu value and header information for m68k!' - echo ':m68k:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-m68k:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register - fi - if [ $cpu != "mips" -a -x "/usr/bin/qemu-mips" ] ; then - # FIXME: We could use the other endianness on a MIPS host. - echo ':mips:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mips:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register - fi - if [ $cpu != "mips" -a -x "/usr/bin/qemu-mipsel" ] ; then - echo ':mipsel:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mipsel:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register - fi - if [ $cpu != "mips" -a -x "/usr/bin/qemu-mipsn32" ] ; then - echo ':mipsn32:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mipsn32:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register - fi - if [ $cpu != "mips" -a -x "/usr/bin/qemu-mipsn32el" ] ; then - echo ':mipsn32el:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mipsn32el:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register - fi - if [ $cpu != "mips" -a -x "/usr/bin/qemu-mips64" ] ; then - echo ':mips64:M::\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mips64:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register - fi - if [ $cpu != "mips" -a -x "/usr/bin/qemu-mips64el" ] ; then - echo ':mips64el:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mips64el:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register - fi - if [ $cpu != "sh" -a -x "/usr/bin/qemu-sh4" ] ; then - echo ':sh4:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2a\x00:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-sh4:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register - fi - if [ $cpu != "sh" -a -x "/usr/bin/qemu-sh4eb" ] ; then - echo ':sh4eb:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2a:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-sh4eb:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register - fi - if [ $cpu != "s390x" -a -x "/usr/bin/qemu-s390x" ] ; then - echo ':s390x:M::\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x16:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-s390x:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register - fi - eend $? -} - -stop() { - ebegin "Unregistering qemu-user binaries" - local arches - - arches="${arches} i386 i486" - arches="${arches} alpha" - arches="${arches} arm armeb" - arches="${arches} aarch64" - arches="${arches} sparc" - arches="${arches} ppc" - arches="${arches} m68k" - arches="${arches} mips mipsel mipsn32 mipsn32el mips64 mips64el" - arches="${arches} sh4 sh4eb" - arches="${arches} s390x" - - for a in ${arches}; do - if [ -f /proc/sys/fs/binfmt_misc/$a ] ; then - echo '-1' > /proc/sys/fs/binfmt_misc/$a - fi - done - - eend $? -} - -# vim: ts=4 : diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/qemu-2.8.0-r9.ebuild b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/qemu-2.9.0-r2.ebuild similarity index 89% rename from sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/qemu-2.8.0-r9.ebuild rename to sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/qemu-2.9.0-r2.ebuild index f46ff08320..3bcf97ea40 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/qemu-2.8.0-r9.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/qemu-2.9.0-r2.ebuild @@ -20,10 +20,6 @@ else KEYWORDS="amd64 arm64 ~ppc ~ppc64 x86 ~x86-fbsd" fi -# bug #606088 -SRC_URI+=" - https://dev.gentoo.org/~tamiko/distfiles/${P}-CVE-2016-9602-patches.tar.xz" - DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools" HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org" @@ -33,16 +29,16 @@ IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png pulseaudio python rbd sasl +seccomp sdl sdl2 selinux smartcard snappy - spice ssh static static-user systemtap tci test +threads usb usbredir - vde +vhost-net virgl virtfs +vnc vte xattr xen xfs" + spice ssh static static-user systemtap tci test usb usbredir vde + +vhost-net virgl virtfs +vnc vte xattr xen xfs" COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel - mips mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc + mips mips64 mips64el mipsel nios2 or1k ppc ppc64 s390x sh4 sh4eb sparc sparc64 x86_64" IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS} lm32 moxie ppcemb tricore unicore32 xtensa xtensaeb" IUSE_USER_TARGETS="${COMMON_TARGETS} - armeb mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx" + armeb hppa mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx" use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS}) use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS}) @@ -54,6 +50,7 @@ REQUIRED_USE="${PYTHON_REQUIRED_USE} gtk2? ( gtk ) qemu_softmmu_targets_arm? ( fdt ) qemu_softmmu_targets_microblaze? ( fdt ) + qemu_softmmu_targets_mips64el? ( fdt ) qemu_softmmu_targets_ppc? ( fdt ) qemu_softmmu_targets_ppc64? ( fdt ) sdl2? ( sdl ) @@ -69,18 +66,17 @@ REQUIRED_USE="${PYTHON_REQUIRED_USE} # The attr lib isn't always linked in (although the USE flag is always # respected). This is because qemu supports using the C library's API # when available rather than always using the extranl library. -# -# To configure and compile qemu user targets or tools alone the following -# dependencies are not strictly necessary: -# alsa? ( >=media-libs/alsa-lib-1.0.13 ) -# fdt? ( >=sys-apps/dtc-1.4.0[static-libs(+)] ) -# pulseaudio? ( media-sound/pulseaudio ) -# seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] ) -# but these are so few it is not worth the effort to separate this list. -TARGETS_DEPEND=" +ALL_DEPEND=" >=dev-libs/glib-2.0[static-libs(+)] - >=x11-libs/pixman-0.28.0[static-libs(+)] sys-libs/zlib[static-libs(+)] + python? ( ${PYTHON_DEPS} ) + systemtap? ( dev-util/systemtap ) + xattr? ( sys-apps/attr[static-libs(+)] )" + +# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...) +# softmmu targets (qemu-system-*). +SOFTMMU_TOOLS_DEPEND=" + >=x11-libs/pixman-0.28.0[static-libs(+)] accessibility? ( app-accessibility/brltty[api] app-accessibility/brltty[static-libs(+)] @@ -125,7 +121,6 @@ TARGETS_DEPEND=" ) png? ( media-libs/libpng:0=[static-libs(+)] ) pulseaudio? ( media-sound/pulseaudio ) - python? ( ${PYTHON_DEPS} ) rbd? ( sys-cluster/ceph[static-libs(+)] ) sasl? ( dev-libs/cyrus-sasl[static-libs(+)] ) sdl? ( @@ -146,13 +141,11 @@ TARGETS_DEPEND=" >=app-emulation/spice-0.12.0[static-libs(+)] ) ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] ) - systemtap? ( dev-util/systemtap ) - usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] ) usb? ( >=virtual/libusb-1-r2[static-libs(+)] ) + usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] ) vde? ( net-misc/vde[static-libs(+)] ) virgl? ( media-libs/virglrenderer[static-libs(+)] ) virtfs? ( sys-libs/libcap ) - xattr? ( sys-apps/attr[static-libs(+)] ) xen? ( app-emulation/xen-tools:= ) xfs? ( sys-fs/xfsprogs[static-libs(+)] )" @@ -170,7 +163,10 @@ X86_FIRMWARE_DEPEND=" )" CDEPEND=" - !static? ( ${TARGETS_DEPEND//\[static-libs(+)]} ) + !static? ( + ${ALL_DEPEND//\[static-libs(+)]} + ${SOFTMMU_TOOLS_DEPEND//\[static-libs(+)]} + ) qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} ) qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )" DEPEND="${CDEPEND} @@ -180,8 +176,11 @@ DEPEND="${CDEPEND} virtual/pkgconfig kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 ) gtk? ( nls? ( sys-devel/gettext ) ) - static? ( ${TARGETS_DEPEND} ) - static-user? ( ${TARGETS_DEPEND} ) + static? ( + ${ALL_DEPEND} + ${SOFTMMU_TOOLS_DEPEND} + ) + static-user? ( ${ALL_DEPEND} ) test? ( dev-libs/glib[utils] sys-devel/bc @@ -192,29 +191,11 @@ RDEPEND="${CDEPEND} PATCHES=( "${FILESDIR}"/${PN}-2.5.0-cflags.patch "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch - "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8669-1.patch #597108 - "${FILESDIR}"/${PN}-2.8.0-CVE-2016-9908.patch #601826 - "${FILESDIR}"/${PN}-2.8.0-CVE-2016-9912.patch #602630 - "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10028.patch #603444 - "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10155.patch #606720 - "${FILESDIR}"/${PN}-2.8.0-CVE-2017-2615.patch #608034 - "${FILESDIR}"/${PN}-2.8.0-CVE-2017-2630.patch #609396 - "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-1.patch #606264 - "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-2.patch - "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5552.patch #606722 - "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5578.patch #607000 - "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5579.patch #607100 - "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5667.patch #607766 - "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5856.patch #608036 - "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5857.patch #608038 - "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5898.patch #608520 - "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5931.patch #608728 - "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5973.patch #609334 - "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5987.patch #609398 - "${FILESDIR}"/${PN}-2.8.0-CVE-2017-6058.patch #609638 - "${FILESDIR}"/${PN}-2.8.0-CVE-2017-2620.patch #609206 - "${FILESDIR}"/${PN}-2.8.0-CVE-2017-6505.patch #612220 - "${S}-CVE-2016-9602-patches" + "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8309.patch # bug 616870 + "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8379.patch # bug 616872 + "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8380.patch # bug 616874 + "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8112.patch # bug 616636 + "${FILESDIR}"/${PN}-2.9.0-CVE-2017-7493.patch # bug 618808 # fix for vpc creation in qemu-img "${FILESDIR}"/0001-block-fix-vpc-max_table_entries-computation.patch @@ -240,7 +221,7 @@ QA_WX_LOAD="usr/bin/qemu-i386 usr/bin/qemu-microblazeel usr/bin/qemu-mips usr/bin/qemu-mipsel - usr/bin/qemu-or32 + usr/bin/qemu-or1k usr/bin/qemu-ppc usr/bin/qemu-ppc64 usr/bin/qemu-ppc64abi32 @@ -529,7 +510,7 @@ qemu_src_configure() { if use ${static_flag}; then conf_opts+=( --static --disable-pie ) else - gcc-specs-pie && conf_opts+=( --enable-pie ) + tc-enables-pie && conf_opts+=( --enable-pie ) fi echo "../configure ${conf_opts[*]}" @@ -697,9 +678,6 @@ src_install() { insinto "/etc/qemu" doins "${FILESDIR}/bridge.conf" - # Remove the docdir placed qmp-commands.txt - mv "${ED}/usr/share/doc/${PF}/html/qmp-commands.txt" "${S}/docs/" || die - cd "${S}" dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt newdoc pc-bios/README README.pc-bios @@ -750,7 +728,6 @@ src_install() { pkg_postinst() { DISABLE_AUTOFORMATTING=true - FORCE_PRINT_ELOG=1 # remove for next version bump readme.gentoo_print_elog if [[ -n ${softmmu_targets} ]] && use kernel_linux; then From 07809cf23686b5aef8f05b31baf14089b5ad474d Mon Sep 17 00:00:00 2001 From: David Michael Date: Fri, 16 Jun 2017 12:00:31 -0700 Subject: [PATCH 2/6] sys-apps/dbus: sync with upstream The only CoreOS changes are to drop the SELinux policy dependency and machine-id generation. (Is that last one still needed?) --- .../coreos-overlay/sys-apps/dbus/Manifest | 2 +- ...bus-1.10.12.ebuild => dbus-1.10.18.ebuild} | 14 +++- .../dbus/files/dbus-enable-elogind.patch | 73 +++++++++++++++++++ .../sys-apps/dbus/files/dbus.initd-r1 | 1 - .../coreos-overlay/sys-apps/dbus/metadata.xml | 1 + 5 files changed, 85 insertions(+), 6 deletions(-) rename sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/{dbus-1.10.12.ebuild => dbus-1.10.18.ebuild} (94%) create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/files/dbus-enable-elogind.patch diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/Manifest b/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/Manifest index 8f2ee0be3c..f6df01184c 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/Manifest +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/Manifest @@ -1 +1 @@ -DIST dbus-1.10.12.tar.gz 1984805 SHA256 210a79430b276eafc6406c71705e9140d25b9956d18068df98a70156dc0e475d SHA512 6616c7b2926a6fb6158d0a0a24d1b887173ca215a2f3185b95cc5f08df64fed1977e16c86c6ae530960453b6c585ae24ea4c9976e7537a45f9c6366c43baa52d WHIRLPOOL 9bd9ed70c4d9890dad09b2bcd07ee40ef472f1436cefe3bc89aaddbb183532939d6ce19da721a673a39f2e6b07e634b179190cec00e1a48fa2d9be6c830cc696 +DIST dbus-1.10.18.tar.gz 1986589 SHA256 6049ddd5f3f3e2618f615f1faeda0a115104423a7996b7aa73e2f36e38cc514a SHA512 726f97d0a2016f4f0625ba332e93e2d33bb16857cd35cb6c79da0f44fff297df948c3df62c31ffbec34713a7b85b3ff5b65f31517fe3511ddbd3bf18bd4748ed WHIRLPOOL ee164e1f6de80595fbfbcbad65d78dab4b91b5ec4e1ce88e1c4015f1c1b531f09796d54db163b2c2eceb3b92261f8a57852d2e0b29f71d9c65f9b91684433d9e diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/dbus-1.10.12.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/dbus-1.10.18.ebuild similarity index 94% rename from sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/dbus-1.10.12.ebuild rename to sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/dbus-1.10.18.ebuild index a1770d88fa..267008a43e 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/dbus-1.10.12.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/dbus-1.10.18.ebuild @@ -1,6 +1,5 @@ -# Copyright 1999-2016 Gentoo Foundation +# Copyright 1999-2017 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Id$ EAPI=6 PYTHON_COMPAT=( python2_7 ) @@ -13,16 +12,19 @@ SRC_URI="https://dbus.freedesktop.org/releases/dbus/${P}.tar.gz" LICENSE="|| ( AFL-2.1 GPL-2 )" SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~x86-solaris" -IUSE="debug doc selinux static-libs systemd test user-session X" +KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~x86-solaris" +IUSE="debug doc elogind selinux static-libs systemd test user-session X" RESTRICT="test" +REQUIRED_USE="?? ( elogind systemd )" + CDEPEND=" >=dev-libs/expat-2 selinux? ( sys-libs/libselinux ) + elogind? ( sys-auth/elogind ) systemd? ( sys-apps/systemd:0= ) X? ( x11-libs/libX11 @@ -72,6 +74,8 @@ src_prepare() { -e '/"dispatch"/d' \ bus/test-main.c || die + eapply "${FILESDIR}/${PN}-enable-elogind.patch" + eapply_user # required for asneeded patch but also for bug 263909, cross-compile so @@ -107,6 +111,7 @@ multilib_src_configure() { --disable-apparmor $(use_enable kernel_linux inotify) $(use_enable kernel_FreeBSD kqueue) + $(use_enable elogind) $(use_enable systemd) $(use_enable user-session) --disable-embedded-tests @@ -140,6 +145,7 @@ multilib_src_configure() { myconf+=( --disable-selinux --disable-libaudit + --disable-elogind --disable-systemd --without-x diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/files/dbus-enable-elogind.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/files/dbus-enable-elogind.patch new file mode 100644 index 0000000000..5cb5d649cd --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/files/dbus-enable-elogind.patch @@ -0,0 +1,73 @@ +--- a/dbus/dbus-userdb-util.c 2015-09-30 16:48:40.000000000 +0200 ++++ b/dbus/dbus-userdb-util.c 2016-11-03 11:09:42.550520587 +0100 +@@ -32,6 +32,9 @@ + #if HAVE_SYSTEMD + #include + #endif ++#if HAVE_ELOGIND ++#include ++#endif + + /** + * @addtogroup DBusInternalsUtils +@@ -54,7 +57,7 @@ + const DBusUserInfo *info; + dbus_bool_t result = FALSE; + +-#ifdef HAVE_SYSTEMD ++#if defined(HAVE_SYSTEMD) || defined(HAVE_ELOGIND) + /* check if we have logind */ + if (access ("/run/systemd/seats/", F_OK) >= 0) + { +--- a/configure.ac 2016-11-03 11:13:58.286528265 +0100 ++++ b/configure.ac 2016-11-03 11:22:11.210543063 +0100 +@@ -185,6 +185,7 @@ + AC_ARG_ENABLE(kqueue, AS_HELP_STRING([--enable-kqueue],[build with kqueue support]),enable_kqueue=$enableval,enable_kqueue=auto) + AC_ARG_ENABLE(console-owner-file, AS_HELP_STRING([--enable-console-owner-file],[enable console owner file]),enable_console_owner_file=$enableval,enable_console_owner_file=auto) + AC_ARG_ENABLE(launchd, AS_HELP_STRING([--enable-launchd],[build with launchd auto-launch support]),enable_launchd=$enableval,enable_launchd=auto) ++AC_ARG_ENABLE(elogind, AS_HELP_STRING([--enable-elogind],[build with elogind user seat support]),enable_elogind=$enableval,enable_elogind=auto) + AC_ARG_ENABLE(systemd, AS_HELP_STRING([--enable-systemd],[build with systemd at_console support]),enable_systemd=$enableval,enable_systemd=auto) + + AC_ARG_WITH(init-scripts, AS_HELP_STRING([--with-init-scripts=[redhat]],[Style of init scripts to install])) +@@ -1184,6 +1185,24 @@ + + AM_CONDITIONAL(HAVE_CONSOLE_OWNER_FILE, test x$have_console_owner_file = xyes) + ++dnl elogind detection ++if test x$enable_elogind = xno ; then ++ have_elogind=no; ++else ++ PKG_CHECK_MODULES([ELOGIND], ++ [libelogind >= 209], ++ [have_elogind=yes], ++ [have_elogind=no]) ++fi ++ ++if test x$have_elogind = xyes; then ++ AC_DEFINE(HAVE_ELOGIND,1,[Have elogind]) ++fi ++ ++if test x$enable_elogind = xyes -a x$have_elogind != xyes ; then ++ AC_MSG_ERROR([Explicitly requested elogind support, but libelogind not found]) ++fi ++ + dnl systemd detection + if test x$enable_systemd = xno ; then + have_systemd=no; +@@ -1290,7 +1309,7 @@ + fi + + #### Set up final flags +-LIBDBUS_LIBS="$THREAD_LIBS $NETWORK_libs $SYSTEMD_LIBS" ++LIBDBUS_LIBS="$THREAD_LIBS $NETWORK_libs $SYSTEMD_LIBS $ELOGIND_LIBS" + AC_SUBST([LIBDBUS_LIBS]) + + ### X11 detection +@@ -1949,6 +1968,7 @@ + Building AppArmor support: ${have_apparmor} + Building inotify support: ${have_inotify} + Building kqueue support: ${have_kqueue} ++ Building elogind support: ${have_elogind} + Building systemd support: ${have_systemd} + Building X11 code: ${have_x11} + Building Doxygen docs: ${enable_doxygen_docs} diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/files/dbus.initd-r1 b/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/files/dbus.initd-r1 index 977dfffba3..bd3542381a 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/files/dbus.initd-r1 +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/files/dbus.initd-r1 @@ -1,7 +1,6 @@ #!/sbin/openrc-run # Copyright 1999-2016 Gentoo Foundation # Distributed under the terms of the GNU General Public License, v2 or later -# $Id$ extra_started_commands="reload" diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/metadata.xml b/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/metadata.xml index 169ff1a1a2..a8736a7781 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/metadata.xml +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/metadata.xml @@ -5,6 +5,7 @@ freedesktop-bugs@gentoo.org + Use sys-auth/elogind for session tracking. Build with sys-apps/systemd at_console support Enable user-session semantics for session bus under systemd From 36a59d0c9eb5f7c3de6089c8a0cb39291f1ed3de Mon Sep 17 00:00:00 2001 From: David Michael Date: Fri, 16 Jun 2017 12:07:23 -0700 Subject: [PATCH 3/6] profiles: sync minicom on arm64 --- .../coreos-overlay/profiles/coreos/arm64/package.accept_keywords | 1 + 1 file changed, 1 insertion(+) diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.accept_keywords b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.accept_keywords index 832b1cf1a0..29e33c0099 100644 --- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.accept_keywords +++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.accept_keywords @@ -23,6 +23,7 @@ =media-libs/libpng-1.6.27 ~arm64 =net-analyzer/nmap-7.12 ~arm64 =net-analyzer/tcpdump-4.9.0 ~arm64 +=net-dialup/minicom-2.7.1 ~arm64 =net-firewall/ebtables-2.0.10.4-r1 ~arm64 =net-firewall/ipset-6.29 ~arm64 =net-libs/libmicrohttpd-0.9.50 ** From e167a8d75a1d90748e8e7bd1154970af28f41bba Mon Sep 17 00:00:00 2001 From: David Michael Date: Fri, 16 Jun 2017 13:12:23 -0700 Subject: [PATCH 4/6] sys-apps/shadow: bump to the upstream 4.5 ebuild --- .../coreos-overlay/sys-apps/shadow/Manifest | 2 +- .../sys-apps/shadow/files/login_defs_pam.sed | 24 ---- .../files/shadow-4.4-fix-root-defaults.patch | 39 ------- .../files/shadow-4.4-load_defaults.patch | 37 ------ .../shadow/files/shadow-4.4-prototypes.patch | 42 ------- .../shadow/files/shadow-4.4-su-snprintf.patch | 29 ----- .../sys-apps/shadow/metadata.xml | 23 ++-- ...shadow-4.4-r2.ebuild => shadow-4.5.ebuild} | 107 +++++++++--------- 8 files changed, 71 insertions(+), 232 deletions(-) delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login_defs_pam.sed delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-fix-root-defaults.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-load_defaults.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-prototypes.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-su-snprintf.patch rename sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/{shadow-4.4-r2.ebuild => shadow-4.5.ebuild} (63%) diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/Manifest b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/Manifest index df4f7606de..0cc0147e82 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/Manifest +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/Manifest @@ -1 +1 @@ -DIST shadow-4.4.tar.gz 3706812 SHA256 2398fe436e548786c17ec387b4c41f5339f72ec9ee2f3f7a6e0cc2cb240bb482 SHA512 c1e0f65a4fbd0f9d8de38e488b4a374cac5c476180e233269fc666988d9201c0dcc694605c5e54d54f81039c2e30c95b14c12f10adef749a45cc31f0b4b5d5a6 WHIRLPOOL a22fc0f90ec0623cbbcef253378a16ad605cf71345074880e3fd12fb5914058d3e721f378730c9684497cc597595b7defc7e710206268ae320a090c8c35fd41e +DIST shadow-4.5.tar.gz 3804933 SHA256 ed2d53bd0e80cf32261e82b8d93684334e8809266dba1ec7a42bfa747605989e SHA512 02d6482a1159689e404dd49a68b4e2db85e9ffdcdfbacc8efcbd9043f14a1ec3fc4d749700df915d375df67d589219b6b0f57a6cfd9fb5b197012888a608913b WHIRLPOOL 73552aff621cf34ef977095a05d9b679b7b6ffa78979d69eeb43089564aca5cc1d841dc9cbb6f0fba4c4f712f0e89f6cc683b733ea1041e4633b5d9fe58b5499 diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login_defs_pam.sed b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login_defs_pam.sed deleted file mode 100644 index ba308ba9ab..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login_defs_pam.sed +++ /dev/null @@ -1,24 +0,0 @@ -/^FAILLOG_ENAB/b comment -/^LASTLOG_ENAB/b comment -/^MAIL_CHECK_ENAB/b comment -/^OBSCURE_CHECKS_ENAB/b comment -/^PORTTIME_CHECKS_ENAB/b comment -/^QUOTAS_ENAB/b comment -/^MOTD_FILE/b comment -/^FTMP_FILE/b comment -/^NOLOGINS_FILE/b comment -/^ENV_HZ/b comment -/^PASS_MIN_LEN/b comment -/^SU_WHEEL_ONLY/b comment -/^CRACKLIB_DICTPATH/b comment -/^PASS_CHANGE_TRIES/b comment -/^PASS_ALWAYS_WARN/b comment -/^CHFN_AUTH/b comment -/^ENVIRON_FILE/b comment - -b exit - -: comment - s:^:#: - -: exit diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-fix-root-defaults.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-fix-root-defaults.patch deleted file mode 100644 index af7b8f409f..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-fix-root-defaults.patch +++ /dev/null @@ -1,39 +0,0 @@ -From c6b0664f529673e83c24243edd985803b9791631 Mon Sep 17 00:00:00 2001 -From: David Michael -Date: Wed, 8 Feb 2017 15:48:36 -0800 -Subject: [PATCH] useradd: Read defaults after changing root directories - -This reverts the behavior of "useradd --root" to using the settings -from login.defs in the target root directory, not the root of the -executed useradd command. ---- - src/useradd.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/src/useradd.c b/src/useradd.c -index 1797229..d973ca3 100644 ---- a/src/useradd.c -+++ b/src/useradd.c -@@ -2047,8 +2047,8 @@ int main (int argc, char **argv) - #endif /* ACCT_TOOLS_SETUID */ - - #ifdef ENABLE_SUBIDS -- uid_t uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL); -- uid_t uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL); -+ uid_t uid_min; -+ uid_t uid_max; - #endif - - /* -@@ -2085,6 +2085,8 @@ int main (int argc, char **argv) - process_flags (argc, argv); - - #ifdef ENABLE_SUBIDS -+ uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL); -+ uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL); - is_sub_uid = sub_uid_file_present () && !rflg && - (!user_id || (user_id <= uid_max && user_id >= uid_min)); - is_sub_gid = sub_gid_file_present () && !rflg && --- -2.7.4 - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-load_defaults.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-load_defaults.patch deleted file mode 100644 index 4c0b84f680..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-load_defaults.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 507f96cdeb54079fb636c7ce21e371f7a16a520e Mon Sep 17 00:00:00 2001 -From: Tomas Mraz -Date: Thu, 25 Aug 2016 11:20:34 +0200 -Subject: [PATCH] Fix regression in useradd not loading defaults properly. -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The get_defaults() has to be called before processing the flags. - -Signed-off-by: Tomáš Mráz ---- - src/useradd.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/useradd.c b/src/useradd.c -index fefa234..6c43e7e 100644 ---- a/src/useradd.c -+++ b/src/useradd.c -@@ -2027,6 +2027,8 @@ int main (int argc, char **argv) - is_shadow_grp = sgr_file_present (); - #endif - -+ get_defaults (); -+ - process_flags (argc, argv); - - #ifdef ENABLE_SUBIDS -@@ -2036,8 +2038,6 @@ int main (int argc, char **argv) - (!user_id || (user_id <= uid_max && user_id >= uid_min)); - #endif /* ENABLE_SUBIDS */ - -- get_defaults (); -- - #ifdef ACCT_TOOLS_SETUID - #ifdef USE_PAM - { diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-prototypes.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-prototypes.patch deleted file mode 100644 index 5209a2988f..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-prototypes.patch +++ /dev/null @@ -1,42 +0,0 @@ -https://github.com/shadow-maint/shadow/pull/53 - -From 32c0b283ef5d68b63e4ec05fb22ed0db938fea67 Mon Sep 17 00:00:00 2001 -From: Mike Frysinger -Date: Mon, 5 Dec 2016 17:15:29 -0500 -Subject: [PATCH] include getdef.h for getdef_bool prototype - -Otherwise we get build warnings like: -sgroupio.c:255:6: warning: implicit declaration of function 'getdef_bool' [-Wimplicit-function-declaration] -shadowio.c:131:6: warning: implicit declaration of function 'getdef_bool' [-Wimplicit-function-declaration] ---- - lib/sgroupio.c | 1 + - lib/shadowio.c | 1 + - 2 files changed, 2 insertions(+) - -diff --git a/lib/sgroupio.c b/lib/sgroupio.c -index f2685779a12b..5423626a01da 100644 ---- a/lib/sgroupio.c -+++ b/lib/sgroupio.c -@@ -40,6 +40,7 @@ - #include "prototypes.h" - #include "defines.h" - #include "commonio.h" -+#include "getdef.h" - #include "sgroupio.h" - - /*@null@*/ /*@only@*/struct sgrp *__sgr_dup (const struct sgrp *sgent) -diff --git a/lib/shadowio.c b/lib/shadowio.c -index 6e44ab24d69c..5fa3d312bbf9 100644 ---- a/lib/shadowio.c -+++ b/lib/shadowio.c -@@ -40,6 +40,7 @@ - #include - #include - #include "commonio.h" -+#include "getdef.h" - #include "shadowio.h" - #ifdef WITH_TCB - #include --- -2.11.0.rc2 - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-su-snprintf.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-su-snprintf.patch deleted file mode 100644 index 45667c8e4b..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-su-snprintf.patch +++ /dev/null @@ -1,29 +0,0 @@ -fix from upstream - -From 67d2bb6e0a5ac124ce1f026dd5723217b1493194 Mon Sep 17 00:00:00 2001 -From: Serge Hallyn -Date: Sun, 18 Sep 2016 21:31:18 -0500 -Subject: [PATCH] su.c: fix missing length argument to snprintf - ---- - src/su.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/su.c b/src/su.c -index 0c50a9456afd..93ffd2fbe2b4 100644 ---- a/src/su.c -+++ b/src/su.c -@@ -373,8 +373,8 @@ static void prepare_pam_close_session (void) - stderr); - (void) kill (-pid_child, caught); - -- snprintf (kill_msg, _(" ...killed.\n")); -- snprintf (wait_msg, _(" ...waiting for child to terminate.\n")); -+ snprintf (kill_msg, 256, _(" ...killed.\n")); -+ snprintf (wait_msg, 256, _(" ...waiting for child to terminate.\n")); - - (void) signal (SIGALRM, kill_child); - (void) alarm (2); --- -2.11.0.rc2 - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/metadata.xml b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/metadata.xml index 59792273c6..2cabe8fe4f 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/metadata.xml +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/metadata.xml @@ -1,12 +1,17 @@ - + -base-system -pam - - Enable support for sys-process/audit - - - cpe:/a:debian:shadow - + + base-system@gentoo.org + Gentoo Base System + + + pam-bugs@gentoo.org + Pluggable Authentication Method maintenance + + + + cpe:/a:debian:shadow + shadow-maint/shadow + diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.4-r2.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.5.ebuild similarity index 63% rename from sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.4-r2.ebuild rename to sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.5.ebuild index bda02f49e4..8bda863b17 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.4-r2.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.5.ebuild @@ -1,10 +1,9 @@ -# Copyright 1999-2016 Gentoo Foundation +# Copyright 1999-2017 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Id$ EAPI="5" -inherit eutils libtool pam multilib systemd +inherit eutils libtool pam multilib DESCRIPTION="Utilities to deal with user accounts" HOMEPAGE="https://github.com/shadow-maint/shadow http://pkg-shadow.alioth.debian.org/" @@ -12,20 +11,23 @@ SRC_URI="https://github.com/shadow-maint/shadow/releases/download/${PV}/${P}.tar LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" IUSE="acl audit cracklib nls pam selinux skey xattr" +# Taken from the man/Makefile.am file. +LANGS=( cs da de es fi fr hu id it ja ko pl pt_BR ru sv tr zh_CN zh_TW ) +IUSE+=" $(printf 'linguas_%s ' ${LANGS[*]})" -RDEPEND="acl? ( sys-apps/acl ) - audit? ( sys-process/audit ) - cracklib? ( >=sys-libs/cracklib-2.7-r3 ) - pam? ( virtual/pam ) - skey? ( sys-auth/skey ) +RDEPEND="acl? ( sys-apps/acl:0= ) + audit? ( >=sys-process/audit-2.6:0= ) + cracklib? ( >=sys-libs/cracklib-2.7-r3:0= ) + pam? ( virtual/pam:0= ) + skey? ( sys-auth/skey:0= ) selinux? ( - >=sys-libs/libselinux-1.28 - sys-libs/libsemanage + >=sys-libs/libselinux-1.28:0= + sys-libs/libsemanage:0= ) nls? ( virtual/libintl ) - xattr? ( sys-apps/attr )" + xattr? ( sys-apps/attr:0= )" DEPEND="${RDEPEND} app-arch/xz-utils nls? ( sys-devel/gettext )" @@ -34,20 +36,16 @@ RDEPEND="${RDEPEND} PATCHES=( "${FILESDIR}"/${PN}-4.1.3-dots-in-usernames.patch - "${FILESDIR}"/${P}-su-snprintf.patch - "${FILESDIR}"/${P}-prototypes.patch - "${FILESDIR}"/${P}-load_defaults.patch - "${FILESDIR}"/${P}-fix-root-defaults.patch ) src_prepare() { epatch "${PATCHES[@]}" epatch_user + #eautoreconf elibtoolize } src_configure() { - tc-is-cross-compiler && export ac_cv_func_setpgrp_void=yes econf \ --without-group-name-max-length \ --without-tcb \ @@ -63,6 +61,14 @@ src_configure() { $(use_with elibc_glibc nscd) \ $(use_with xattr attr) has_version 'sys-libs/uclibc[-rpc]' && sed -i '/RLOGIN/d' config.h #425052 + + if use nls ; then + local l langs="po" # These are the pot files. + for l in ${LANGS[*]} ; do + use linguas_${l} && langs+=" ${l}" + done + sed -i "/^SUBDIRS = /s:=.*:= ${langs}:" man/Makefile || die + fi } set_login_opt() { @@ -71,14 +77,14 @@ set_login_opt() { comment="#" sed -i \ -e "/^${opt}\>/s:^:#:" \ - "${ED}"/usr/share/shadow/login.defs || die + "${ED}"/etc/login.defs || die else sed -i -r \ -e "/^#?${opt}\>/s:.*:${opt} ${val}:" \ - "${ED}"/usr/share/shadow/login.defs || die + "${ED}"/etc/login.defs fi - local res=$(grep "^${comment}${opt}\>" "${ED}"/usr/share/shadow/login.defs) - einfo ${res:-Unable to find ${opt} in /usr/share/shadow/login.defs} + local res=$(grep "^${comment}${opt}\>" "${ED}"/etc/login.defs) + einfo "${res:-Unable to find ${opt} in /etc/login.defs}" } src_install() { @@ -91,46 +97,25 @@ src_install() { # remove it. rm -f "${ED}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la} - # Remove files from /etc, they will be symlinks to /usr instead. - rm -f "${ED}"/etc/{limits,login.access,login.defs,securetty,default/useradd} - - # CoreOS: break shadow.conf into two files so that we only have to apply - # etc-shadow.conf in the initrd. - systemd_dotmpfilesd "${FILESDIR}"/tmpfiles.d/etc-shadow.conf - systemd_dotmpfilesd "${FILESDIR}"/tmpfiles.d/var-shadow.conf - - insinto /usr/share/shadow - # Using a securetty with devfs device names added - # (compat names kept for non-devfs compatibility) - insopts -m0600 ; doins "${FILESDIR}"/securetty - dosym ../usr/share/shadow/securetty /etc/securetty + insinto /etc if ! use pam ; then insopts -m0600 doins etc/login.access etc/limits - dosym ../usr/share/shadow/login.access /etc/login.access - dosym ../usr/share/shadow/limits /etc/limits - fi - # Output arch-specific cruft - local devs - case $(tc-arch) in - ppc*) devs="hvc0 hvsi0 ttyPSC0";; - hppa) devs="ttyB0";; - arm) devs="ttyFB0 ttySAC0 ttySAC1 ttySAC2 ttySAC3 ttymxc0 ttymxc1 ttymxc2 ttymxc3 ttyO0 ttyO1 ttyO2";; - sh) devs="ttySC0 ttySC1";; - amd64|x86) devs="hvc0";; - esac - if [[ -n ${devs} ]]; then - printf '%s\n' ${devs} >> "${ED}"/usr/share/shadow/securetty fi # needed for 'useradd -D' + insinto /etc/default insopts -m0600 doins "${FILESDIR}"/default/useradd - dosym ../../usr/share/shadow/useradd /etc/default/useradd + # move passwd to / to help recover broke systems #64441 + mv "${ED}"/usr/bin/passwd "${ED}"/bin/ || die + dosym /bin/passwd /usr/bin/passwd + + cd "${S}" + insinto /etc insopts -m0644 newins etc/login.defs login.defs - dosym ../usr/share/shadow/login.defs /etc/login.defs set_login_opt CREATE_HOME yes if ! use pam ; then @@ -181,7 +166,7 @@ src_install() { -e 'b exit' \ -e ': pamnote; i# NOTE: This setting should be configured via /etc/pam.d/ and not in this file.' \ -e ': exit' \ - "${ED}"/usr/share/shadow/login.defs || die + "${ED}"/etc/login.defs || die # remove manpages that pam will install for us # and/or don't apply when using pam @@ -198,8 +183,28 @@ src_install() { '(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \ -delete + cd "${S}" dodoc ChangeLog NEWS TODO newdoc README README.download cd doc dodoc HOWTO README* WISHLIST *.txt } + +pkg_preinst() { + rm -f "${EROOT}"/etc/pam.d/system-auth.new \ + "${EROOT}/etc/login.defs.new" +} + +pkg_postinst() { + # Enable shadow groups. + if [ ! -f "${EROOT}"/etc/gshadow ] ; then + if grpck -r -R "${EROOT}" 2>/dev/null ; then + grpconv -R "${EROOT}" + else + ewarn "Running 'grpck' returned errors. Please run it by hand, and then" + ewarn "run 'grpconv' afterwards!" + fi + fi + + einfo "The 'adduser' symlink to 'useradd' has been dropped." +} From ae4f74c1af926214896915fbd7198ca2acd0b732 Mon Sep 17 00:00:00 2001 From: David Michael Date: Fri, 16 Jun 2017 14:32:21 -0700 Subject: [PATCH 5/6] sys-apps/shadow: apply CoreOS changes This just copies most of the previous ebuild's changes. It drops a bunch of redundant symlinks in /etc since tmpfiles creates them, and it drops a passwd move out of /usr since our bindirs are linked into /usr. --- .../sys-apps/shadow/shadow-4.5.ebuild | 60 ++++++++++--------- 1 file changed, 31 insertions(+), 29 deletions(-) diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.5.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.5.ebuild index 8bda863b17..8662bbe977 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.5.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.5.ebuild @@ -3,7 +3,7 @@ EAPI="5" -inherit eutils libtool pam multilib +inherit eutils libtool pam multilib systemd DESCRIPTION="Utilities to deal with user accounts" HOMEPAGE="https://github.com/shadow-maint/shadow http://pkg-shadow.alioth.debian.org/" @@ -11,7 +11,7 @@ SRC_URI="https://github.com/shadow-maint/shadow/releases/download/${PV}/${P}.tar LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" IUSE="acl audit cracklib nls pam selinux skey xattr" # Taken from the man/Makefile.am file. LANGS=( cs da de es fi fr hu id it ja ko pl pt_BR ru sv tr zh_CN zh_TW ) @@ -77,14 +77,14 @@ set_login_opt() { comment="#" sed -i \ -e "/^${opt}\>/s:^:#:" \ - "${ED}"/etc/login.defs || die + "${ED}"/usr/share/shadow/login.defs || die else sed -i -r \ -e "/^#?${opt}\>/s:.*:${opt} ${val}:" \ - "${ED}"/etc/login.defs + "${ED}"/usr/share/shadow/login.defs fi - local res=$(grep "^${comment}${opt}\>" "${ED}"/etc/login.defs) - einfo "${res:-Unable to find ${opt} in /etc/login.defs}" + local res=$(grep "^${comment}${opt}\>" "${ED}"/usr/share/shadow/login.defs) + einfo "${res:-Unable to find ${opt} in /usr/share/shadow/login.defs}" } src_install() { @@ -97,23 +97,39 @@ src_install() { # remove it. rm -f "${ED}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la} - insinto /etc + # Remove files from /etc, they will be symlinks to /usr instead. + rm -f "${ED}"/etc/{limits,login.access,login.defs,securetty,default/useradd} + + # CoreOS: break shadow.conf into two files so that we only have to apply + # etc-shadow.conf in the initrd. + systemd_dotmpfilesd "${FILESDIR}"/tmpfiles.d/etc-shadow.conf + systemd_dotmpfilesd "${FILESDIR}"/tmpfiles.d/var-shadow.conf + + insinto /usr/share/shadow + # Using a securetty with devfs device names added + # (compat names kept for non-devfs compatibility) + insopts -m0600 ; doins "${FILESDIR}"/securetty if ! use pam ; then insopts -m0600 doins etc/login.access etc/limits fi + # Output arch-specific cruft + local devs + case $(tc-arch) in + ppc*) devs="hvc0 hvsi0 ttyPSC0";; + hppa) devs="ttyB0";; + arm) devs="ttyFB0 ttySAC0 ttySAC1 ttySAC2 ttySAC3 ttymxc0 ttymxc1 ttymxc2 ttymxc3 ttyO0 ttyO1 ttyO2";; + sh) devs="ttySC0 ttySC1";; + amd64|x86) devs="hvc0";; + esac + if [[ -n ${devs} ]]; then + printf '%s\n' ${devs} >> "${ED}"/usr/share/shadow/securetty + fi # needed for 'useradd -D' - insinto /etc/default insopts -m0600 doins "${FILESDIR}"/default/useradd - # move passwd to / to help recover broke systems #64441 - mv "${ED}"/usr/bin/passwd "${ED}"/bin/ || die - dosym /bin/passwd /usr/bin/passwd - - cd "${S}" - insinto /etc insopts -m0644 newins etc/login.defs login.defs @@ -166,7 +182,7 @@ src_install() { -e 'b exit' \ -e ': pamnote; i# NOTE: This setting should be configured via /etc/pam.d/ and not in this file.' \ -e ': exit' \ - "${ED}"/etc/login.defs || die + "${ED}"/usr/share/shadow/login.defs || die # remove manpages that pam will install for us # and/or don't apply when using pam @@ -194,17 +210,3 @@ pkg_preinst() { rm -f "${EROOT}"/etc/pam.d/system-auth.new \ "${EROOT}/etc/login.defs.new" } - -pkg_postinst() { - # Enable shadow groups. - if [ ! -f "${EROOT}"/etc/gshadow ] ; then - if grpck -r -R "${EROOT}" 2>/dev/null ; then - grpconv -R "${EROOT}" - else - ewarn "Running 'grpck' returned errors. Please run it by hand, and then" - ewarn "run 'grpconv' afterwards!" - fi - fi - - einfo "The 'adduser' symlink to 'useradd' has been dropped." -} From 1a5b4e1e1266e2fcbe26c2bc71e6c51d5f87511d Mon Sep 17 00:00:00 2001 From: David Michael Date: Fri, 16 Jun 2017 15:00:01 -0700 Subject: [PATCH 6/6] chore(metadata): Regenerate cache --- .../{etcd-wrapper-3.1.6-r2 => etcd-wrapper-3.1.8} | 0 .../md5-cache/app-admin/flannel-wrapper-0.7.1-r1 | 4 ++-- .../md5-cache/app-admin/kubelet-wrapper-0.0.2-r1 | 4 ++-- .../md5-cache/app-emulation/qemu-2.8.0-r9 | 14 -------------- .../md5-cache/app-emulation/qemu-2.9.0-r2 | 14 ++++++++++++++ .../metadata/md5-cache/coreos-base/coreos-0.0.1 | 4 ++-- .../{coreos-0.0.1-r281 => coreos-0.0.1-r283} | 4 ++-- .../metadata/md5-cache/sys-apps/dbus-1.10.12 | 14 -------------- .../metadata/md5-cache/sys-apps/dbus-1.10.18 | 15 +++++++++++++++ .../metadata/md5-cache/sys-apps/shadow-4.4-r2 | 13 ------------- .../metadata/md5-cache/sys-apps/shadow-4.5 | 13 +++++++++++++ .../{bootengine-0.0.15 => bootengine-0.0.16} | 4 ++-- .../metadata/md5-cache/sys-kernel/bootengine-9999 | 2 +- ...{coreos-kernel-4.11.2 => coreos-kernel-4.11.3} | 8 ++++---- ...oreos-modules-4.11.2 => coreos-modules-4.11.3} | 4 ++-- ...oreos-sources-4.11.2 => coreos-sources-4.11.3} | 4 ++-- 16 files changed, 61 insertions(+), 60 deletions(-) rename sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-admin/{etcd-wrapper-3.1.6-r2 => etcd-wrapper-3.1.8} (100%) delete mode 100644 sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-emulation/qemu-2.8.0-r9 create mode 100644 sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-emulation/qemu-2.9.0-r2 rename sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/coreos-base/{coreos-0.0.1-r281 => coreos-0.0.1-r283} (69%) delete mode 100644 sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-apps/dbus-1.10.12 create mode 100644 sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-apps/dbus-1.10.18 delete mode 100644 sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-apps/shadow-4.4-r2 create mode 100644 sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-apps/shadow-4.5 rename sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/{bootengine-0.0.15 => bootengine-0.0.16} (92%) rename sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/{coreos-kernel-4.11.2 => coreos-kernel-4.11.3} (63%) rename sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/{coreos-modules-4.11.2 => coreos-modules-4.11.3} (93%) rename sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/{coreos-sources-4.11.2 => coreos-sources-4.11.3} (92%) diff --git a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-admin/etcd-wrapper-3.1.6-r2 b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-admin/etcd-wrapper-3.1.8 similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-admin/etcd-wrapper-3.1.6-r2 rename to sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-admin/etcd-wrapper-3.1.8 diff --git a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-admin/flannel-wrapper-0.7.1-r1 b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-admin/flannel-wrapper-0.7.1-r1 index 302c673a18..3e323d1630 100644 --- a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-admin/flannel-wrapper-0.7.1-r1 +++ b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-admin/flannel-wrapper-0.7.1-r1 @@ -3,9 +3,9 @@ DEPEND=virtual/pkgconfig DESCRIPTION=flannel (System Application Container) EAPI=6 HOMEPAGE=https://github.com/coreos/flannel -KEYWORDS=amd64 +KEYWORDS=amd64 arm64 LICENSE=Apache-2.0 RDEPEND=!app-admin/flannel >=app-emulation/rkt-1.9.1[rkt_stage1_fly] SLOT=0 _eclasses_=multilib 0236be304ee52e7f179ed2f337075515 systemd ec2e9154031d942186c75c0aabb41900 toolchain-funcs 6eb35f81556258a4bc9182ad3dfd58ee -_md5_=93fb3143e1c75f03c34141c1593f52cb +_md5_=57e014e99d444d5a7afc7336511db223 diff --git a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-admin/kubelet-wrapper-0.0.2-r1 b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-admin/kubelet-wrapper-0.0.2-r1 index a7f86147cc..d0d9df65ab 100644 --- a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-admin/kubelet-wrapper-0.0.2-r1 +++ b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-admin/kubelet-wrapper-0.0.2-r1 @@ -2,8 +2,8 @@ DEFINED_PHASES=install DESCRIPTION=Kubernetes Container Manager EAPI=6 HOMEPAGE=http://kubernetes.io/ -KEYWORDS=amd64 +KEYWORDS=amd64 arm64 LICENSE=Apache-2.0 RDEPEND=>=app-emulation/rkt-1.9.1[rkt_stage1_fly] SLOT=0 -_md5_=0cc2a2b909d4890ffaf33f981e502d79 +_md5_=3a757cf456f609324a3a9888a78264ae diff --git a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-emulation/qemu-2.8.0-r9 b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-emulation/qemu-2.8.0-r9 deleted file mode 100644 index 250929a457..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-emulation/qemu-2.8.0-r9 +++ /dev/null @@ -1,14 +0,0 @@ -DEFINED_PHASES=compile configure info install postinst prepare pretend setup test -DEPEND=!static? ( >=dev-libs/glib-2.0 >=x11-libs/pixman-0.28.0 sys-libs/zlib accessibility? ( app-accessibility/brltty[api] app-accessibility/brltty ) aio? ( dev-libs/libaio ) alsa? ( >=media-libs/alsa-lib-1.0.13 ) bluetooth? ( net-wireless/bluez ) bzip2? ( app-arch/bzip2 ) caps? ( sys-libs/libcap-ng ) curl? ( >=net-misc/curl-7.15.4 ) fdt? ( >=sys-apps/dtc-1.4.0 ) glusterfs? ( >=sys-cluster/glusterfs-3.4.0 ) gnutls? ( dev-libs/nettle:= >=net-libs/gnutls-3.0:= ) gtk? ( gtk2? ( x11-libs/gtk+:2 vte? ( x11-libs/vte:0 ) ) !gtk2? ( x11-libs/gtk+:3 vte? ( x11-libs/vte:2.91 ) ) ) infiniband? ( sys-fabric/librdmacm:= ) iscsi? ( net-libs/libiscsi ) jpeg? ( virtual/jpeg:0= ) lzo? ( dev-libs/lzo:2 ) ncurses? ( sys-libs/ncurses:0=[unicode] sys-libs/ncurses:0= ) nfs? ( >=net-fs/libnfs-1.9.3 ) numa? ( sys-process/numactl ) opengl? ( virtual/opengl media-libs/libepoxy media-libs/mesa media-libs/mesa[egl,gbm] ) png? ( media-libs/libpng:0= ) pulseaudio? ( media-sound/pulseaudio ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[ncurses,readline] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,-python_single_target_python2_7(-)] ) rbd? ( sys-cluster/ceph ) sasl? ( dev-libs/cyrus-sasl ) sdl? ( !sdl2? ( media-libs/libsdl[X] >=media-libs/libsdl-1.2.11 ) sdl2? ( media-libs/libsdl2[X] media-libs/libsdl2 ) ) seccomp? ( >=sys-libs/libseccomp-2.1.0 ) smartcard? ( >=app-emulation/libcacard-2.5.0 ) snappy? ( app-arch/snappy ) spice? ( >=app-emulation/spice-protocol-0.12.3 >=app-emulation/spice-0.12.0 ) ssh? ( >=net-libs/libssh2-1.2.8 ) systemtap? ( dev-util/systemtap ) usbredir? ( >=sys-apps/usbredir-0.6 ) usb? ( >=virtual/libusb-1-r2 ) vde? ( net-misc/vde ) virgl? ( media-libs/virglrenderer ) virtfs? ( sys-libs/libcap ) xattr? ( sys-apps/attr ) xen? ( app-emulation/xen-tools:= ) xfs? ( sys-fs/xfsprogs ) ) qemu_softmmu_targets_i386? ( >=sys-firmware/ipxe-1.0.0_p20130624 pin-upstream-blobs? ( ~sys-firmware/seabios-1.10.1 ~sys-firmware/sgabios-0.1_pre8 ~sys-firmware/vgabios-0.7a ) !pin-upstream-blobs? ( sys-firmware/seabios sys-firmware/sgabios sys-firmware/vgabios ) ) qemu_softmmu_targets_x86_64? ( >=sys-firmware/ipxe-1.0.0_p20130624 pin-upstream-blobs? ( ~sys-firmware/seabios-1.10.1 ~sys-firmware/sgabios-0.1_pre8 ~sys-firmware/vgabios-0.7a ) !pin-upstream-blobs? ( sys-firmware/seabios sys-firmware/sgabios sys-firmware/vgabios ) ) dev-lang/perl =dev-lang/python-2* sys-apps/texinfo virtual/pkgconfig kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 ) gtk? ( nls? ( sys-devel/gettext ) ) static? ( >=dev-libs/glib-2.0[static-libs(+)] >=x11-libs/pixman-0.28.0[static-libs(+)] sys-libs/zlib[static-libs(+)] accessibility? ( app-accessibility/brltty[api] app-accessibility/brltty[static-libs(+)] ) aio? ( dev-libs/libaio[static-libs(+)] ) alsa? ( >=media-libs/alsa-lib-1.0.13 ) bluetooth? ( net-wireless/bluez ) bzip2? ( app-arch/bzip2[static-libs(+)] ) caps? ( sys-libs/libcap-ng[static-libs(+)] ) curl? ( >=net-misc/curl-7.15.4[static-libs(+)] ) fdt? ( >=sys-apps/dtc-1.4.0[static-libs(+)] ) glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] ) gnutls? ( dev-libs/nettle:=[static-libs(+)] >=net-libs/gnutls-3.0:=[static-libs(+)] ) gtk? ( gtk2? ( x11-libs/gtk+:2 vte? ( x11-libs/vte:0 ) ) !gtk2? ( x11-libs/gtk+:3 vte? ( x11-libs/vte:2.91 ) ) ) infiniband? ( sys-fabric/librdmacm:=[static-libs(+)] ) iscsi? ( net-libs/libiscsi ) jpeg? ( virtual/jpeg:0=[static-libs(+)] ) lzo? ( dev-libs/lzo:2[static-libs(+)] ) ncurses? ( sys-libs/ncurses:0=[unicode] sys-libs/ncurses:0=[static-libs(+)] ) nfs? ( >=net-fs/libnfs-1.9.3[static-libs(+)] ) numa? ( sys-process/numactl[static-libs(+)] ) opengl? ( virtual/opengl media-libs/libepoxy[static-libs(+)] media-libs/mesa[static-libs(+)] media-libs/mesa[egl,gbm] ) png? ( media-libs/libpng:0=[static-libs(+)] ) pulseaudio? ( media-sound/pulseaudio ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[ncurses,readline] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,-python_single_target_python2_7(-)] ) rbd? ( sys-cluster/ceph[static-libs(+)] ) sasl? ( dev-libs/cyrus-sasl[static-libs(+)] ) sdl? ( !sdl2? ( media-libs/libsdl[X] >=media-libs/libsdl-1.2.11[static-libs(+)] ) sdl2? ( media-libs/libsdl2[X] media-libs/libsdl2[static-libs(+)] ) ) seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] ) smartcard? ( >=app-emulation/libcacard-2.5.0[static-libs(+)] ) snappy? ( app-arch/snappy[static-libs(+)] ) spice? ( >=app-emulation/spice-protocol-0.12.3 >=app-emulation/spice-0.12.0[static-libs(+)] ) ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] ) systemtap? ( dev-util/systemtap ) usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] ) usb? ( >=virtual/libusb-1-r2[static-libs(+)] ) vde? ( net-misc/vde[static-libs(+)] ) virgl? ( media-libs/virglrenderer[static-libs(+)] ) virtfs? ( sys-libs/libcap ) xattr? ( sys-apps/attr[static-libs(+)] ) xen? ( app-emulation/xen-tools:= ) xfs? ( sys-fs/xfsprogs[static-libs(+)] ) ) static-user? ( >=dev-libs/glib-2.0[static-libs(+)] >=x11-libs/pixman-0.28.0[static-libs(+)] sys-libs/zlib[static-libs(+)] accessibility? ( app-accessibility/brltty[api] app-accessibility/brltty[static-libs(+)] ) aio? ( dev-libs/libaio[static-libs(+)] ) alsa? ( >=media-libs/alsa-lib-1.0.13 ) bluetooth? ( net-wireless/bluez ) bzip2? ( app-arch/bzip2[static-libs(+)] ) caps? ( sys-libs/libcap-ng[static-libs(+)] ) curl? ( >=net-misc/curl-7.15.4[static-libs(+)] ) fdt? ( >=sys-apps/dtc-1.4.0[static-libs(+)] ) glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] ) gnutls? ( dev-libs/nettle:=[static-libs(+)] >=net-libs/gnutls-3.0:=[static-libs(+)] ) gtk? ( gtk2? ( x11-libs/gtk+:2 vte? ( x11-libs/vte:0 ) ) !gtk2? ( x11-libs/gtk+:3 vte? ( x11-libs/vte:2.91 ) ) ) infiniband? ( sys-fabric/librdmacm:=[static-libs(+)] ) iscsi? ( net-libs/libiscsi ) jpeg? ( virtual/jpeg:0=[static-libs(+)] ) lzo? ( dev-libs/lzo:2[static-libs(+)] ) ncurses? ( sys-libs/ncurses:0=[unicode] sys-libs/ncurses:0=[static-libs(+)] ) nfs? ( >=net-fs/libnfs-1.9.3[static-libs(+)] ) numa? ( sys-process/numactl[static-libs(+)] ) opengl? ( virtual/opengl media-libs/libepoxy[static-libs(+)] media-libs/mesa[static-libs(+)] media-libs/mesa[egl,gbm] ) png? ( media-libs/libpng:0=[static-libs(+)] ) pulseaudio? ( media-sound/pulseaudio ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[ncurses,readline] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,-python_single_target_python2_7(-)] ) rbd? ( sys-cluster/ceph[static-libs(+)] ) sasl? ( dev-libs/cyrus-sasl[static-libs(+)] ) sdl? ( !sdl2? ( media-libs/libsdl[X] >=media-libs/libsdl-1.2.11[static-libs(+)] ) sdl2? ( media-libs/libsdl2[X] media-libs/libsdl2[static-libs(+)] ) ) seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] ) smartcard? ( >=app-emulation/libcacard-2.5.0[static-libs(+)] ) snappy? ( app-arch/snappy[static-libs(+)] ) spice? ( >=app-emulation/spice-protocol-0.12.3 >=app-emulation/spice-0.12.0[static-libs(+)] ) ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] ) systemtap? ( dev-util/systemtap ) usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] ) usb? ( >=virtual/libusb-1-r2[static-libs(+)] ) vde? ( net-misc/vde[static-libs(+)] ) virgl? ( media-libs/virglrenderer[static-libs(+)] ) virtfs? ( sys-libs/libcap ) xattr? ( sys-apps/attr[static-libs(+)] ) xen? ( app-emulation/xen-tools:= ) xfs? ( sys-fs/xfsprogs[static-libs(+)] ) ) test? ( dev-libs/glib[utils] sys-devel/bc ) virtual/pkgconfig filecaps? ( sys-libs/libcap ) -DESCRIPTION=QEMU + Kernel-based Virtual Machine userland tools -EAPI=6 -HOMEPAGE=http://www.qemu.org http://www.linux-kvm.org -IUSE=accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png pulseaudio python rbd sasl +seccomp sdl sdl2 selinux smartcard snappy spice ssh static static-user systemtap tci test +threads usb usbredir vde +vhost-net virgl virtfs +vnc vte xattr xen xfs qemu_softmmu_targets_aarch64 qemu_softmmu_targets_alpha qemu_softmmu_targets_arm qemu_softmmu_targets_cris qemu_softmmu_targets_i386 qemu_softmmu_targets_m68k qemu_softmmu_targets_microblaze qemu_softmmu_targets_microblazeel qemu_softmmu_targets_mips qemu_softmmu_targets_mips64 qemu_softmmu_targets_mips64el qemu_softmmu_targets_mipsel qemu_softmmu_targets_or32 qemu_softmmu_targets_ppc qemu_softmmu_targets_ppc64 qemu_softmmu_targets_s390x qemu_softmmu_targets_sh4 qemu_softmmu_targets_sh4eb qemu_softmmu_targets_sparc qemu_softmmu_targets_sparc64 qemu_softmmu_targets_x86_64 qemu_softmmu_targets_lm32 qemu_softmmu_targets_moxie qemu_softmmu_targets_ppcemb qemu_softmmu_targets_tricore qemu_softmmu_targets_unicore32 qemu_softmmu_targets_xtensa qemu_softmmu_targets_xtensaeb qemu_user_targets_aarch64 qemu_user_targets_alpha qemu_user_targets_arm qemu_user_targets_cris qemu_user_targets_i386 qemu_user_targets_m68k qemu_user_targets_microblaze qemu_user_targets_microblazeel qemu_user_targets_mips qemu_user_targets_mips64 qemu_user_targets_mips64el qemu_user_targets_mipsel qemu_user_targets_or32 qemu_user_targets_ppc qemu_user_targets_ppc64 qemu_user_targets_s390x qemu_user_targets_sh4 qemu_user_targets_sh4eb qemu_user_targets_sparc qemu_user_targets_sparc64 qemu_user_targets_x86_64 qemu_user_targets_armeb qemu_user_targets_mipsn32 qemu_user_targets_mipsn32el qemu_user_targets_ppc64abi32 qemu_user_targets_ppc64le qemu_user_targets_sparc32plus qemu_user_targets_tilegx python_targets_python2_7 +filecaps linguas_bg linguas_de_DE linguas_fr_FR linguas_hu linguas_it linguas_tr linguas_zh_CN -KEYWORDS=amd64 arm64 ~ppc ~ppc64 x86 ~x86-fbsd -LICENSE=GPL-2 LGPL-2 BSD-2 -RDEPEND=!static? ( >=dev-libs/glib-2.0 >=x11-libs/pixman-0.28.0 sys-libs/zlib accessibility? ( app-accessibility/brltty[api] app-accessibility/brltty ) aio? ( dev-libs/libaio ) alsa? ( >=media-libs/alsa-lib-1.0.13 ) bluetooth? ( net-wireless/bluez ) bzip2? ( app-arch/bzip2 ) caps? ( sys-libs/libcap-ng ) curl? ( >=net-misc/curl-7.15.4 ) fdt? ( >=sys-apps/dtc-1.4.0 ) glusterfs? ( >=sys-cluster/glusterfs-3.4.0 ) gnutls? ( dev-libs/nettle:= >=net-libs/gnutls-3.0:= ) gtk? ( gtk2? ( x11-libs/gtk+:2 vte? ( x11-libs/vte:0 ) ) !gtk2? ( x11-libs/gtk+:3 vte? ( x11-libs/vte:2.91 ) ) ) infiniband? ( sys-fabric/librdmacm:= ) iscsi? ( net-libs/libiscsi ) jpeg? ( virtual/jpeg:0= ) lzo? ( dev-libs/lzo:2 ) ncurses? ( sys-libs/ncurses:0=[unicode] sys-libs/ncurses:0= ) nfs? ( >=net-fs/libnfs-1.9.3 ) numa? ( sys-process/numactl ) opengl? ( virtual/opengl media-libs/libepoxy media-libs/mesa media-libs/mesa[egl,gbm] ) png? ( media-libs/libpng:0= ) pulseaudio? ( media-sound/pulseaudio ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[ncurses,readline] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,-python_single_target_python2_7(-)] ) rbd? ( sys-cluster/ceph ) sasl? ( dev-libs/cyrus-sasl ) sdl? ( !sdl2? ( media-libs/libsdl[X] >=media-libs/libsdl-1.2.11 ) sdl2? ( media-libs/libsdl2[X] media-libs/libsdl2 ) ) seccomp? ( >=sys-libs/libseccomp-2.1.0 ) smartcard? ( >=app-emulation/libcacard-2.5.0 ) snappy? ( app-arch/snappy ) spice? ( >=app-emulation/spice-protocol-0.12.3 >=app-emulation/spice-0.12.0 ) ssh? ( >=net-libs/libssh2-1.2.8 ) systemtap? ( dev-util/systemtap ) usbredir? ( >=sys-apps/usbredir-0.6 ) usb? ( >=virtual/libusb-1-r2 ) vde? ( net-misc/vde ) virgl? ( media-libs/virglrenderer ) virtfs? ( sys-libs/libcap ) xattr? ( sys-apps/attr ) xen? ( app-emulation/xen-tools:= ) xfs? ( sys-fs/xfsprogs ) ) qemu_softmmu_targets_i386? ( >=sys-firmware/ipxe-1.0.0_p20130624 pin-upstream-blobs? ( ~sys-firmware/seabios-1.10.1 ~sys-firmware/sgabios-0.1_pre8 ~sys-firmware/vgabios-0.7a ) !pin-upstream-blobs? ( sys-firmware/seabios sys-firmware/sgabios sys-firmware/vgabios ) ) qemu_softmmu_targets_x86_64? ( >=sys-firmware/ipxe-1.0.0_p20130624 pin-upstream-blobs? ( ~sys-firmware/seabios-1.10.1 ~sys-firmware/sgabios-0.1_pre8 ~sys-firmware/vgabios-0.7a ) !pin-upstream-blobs? ( sys-firmware/seabios sys-firmware/sgabios sys-firmware/vgabios ) ) selinux? ( sec-policy/selinux-qemu ) -REQUIRED_USE=|| ( python_targets_python2_7 ) gtk2? ( gtk ) qemu_softmmu_targets_arm? ( fdt ) qemu_softmmu_targets_microblaze? ( fdt ) qemu_softmmu_targets_ppc? ( fdt ) qemu_softmmu_targets_ppc64? ( fdt ) sdl2? ( sdl ) static? ( static-user !alsa !bluetooth !gtk !gtk2 !opengl !pulseaudio ) virtfs? ( xattr ) vte? ( gtk ) -SLOT=0 -SRC_URI=http://wiki.qemu-project.org/download/qemu-2.8.0.tar.bz2 https://dev.gentoo.org/~tamiko/distfiles/qemu-2.8.0-CVE-2016-9602-patches.tar.xz -_eclasses_=epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 9c113d6a64826c40154cad7be15d95ea fcaps e80204189039ecc03f24151c518375f0 flag-o-matic 61cad4fb5d800b29d484b27cb033f59b l10n 8f52d9ce1814aca2ed1a46920084ea66 linux-info ca370deef9d44125d829f2eb6ebc83e0 ltprune 2770eed66a9b8ef944714cd0e968182e multibuild 72647e255187a1fadc81097b3657e5c3 multilib 0236be304ee52e7f179ed2f337075515 pax-utils 4f95120230a315c8caaabeb2307b7eee python-r1 0c067f080a047742ffac024b16895b45 python-utils-r1 c11fc374357e6ad9ddfe2e9f931e4d29 readme.gentoo-r1 6f03e110529650f57fc7d1fb908b8986 toolchain-funcs 6eb35f81556258a4bc9182ad3dfd58ee udev d91cac2c73b94629cad2daea66e0d182 user e4b567c44272a719fabf53f0f885d3f7 versionator c80ccf29e90adea7c5cae94b42eb76d0 -_md5_=e152d386fd32dd339663b884b827bb13 diff --git a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-emulation/qemu-2.9.0-r2 b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-emulation/qemu-2.9.0-r2 new file mode 100644 index 0000000000..9904ad4878 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-emulation/qemu-2.9.0-r2 @@ -0,0 +1,14 @@ +DEFINED_PHASES=compile configure info install postinst prepare pretend setup test +DEPEND=!static? ( >=dev-libs/glib-2.0 sys-libs/zlib python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[ncurses,readline] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,-python_single_target_python2_7(-)] ) systemtap? ( dev-util/systemtap ) xattr? ( sys-apps/attr ) >=x11-libs/pixman-0.28.0 accessibility? ( app-accessibility/brltty[api] app-accessibility/brltty ) aio? ( dev-libs/libaio ) alsa? ( >=media-libs/alsa-lib-1.0.13 ) bluetooth? ( net-wireless/bluez ) bzip2? ( app-arch/bzip2 ) caps? ( sys-libs/libcap-ng ) curl? ( >=net-misc/curl-7.15.4 ) fdt? ( >=sys-apps/dtc-1.4.0 ) glusterfs? ( >=sys-cluster/glusterfs-3.4.0 ) gnutls? ( dev-libs/nettle:= >=net-libs/gnutls-3.0:= ) gtk? ( gtk2? ( x11-libs/gtk+:2 vte? ( x11-libs/vte:0 ) ) !gtk2? ( x11-libs/gtk+:3 vte? ( x11-libs/vte:2.91 ) ) ) infiniband? ( sys-fabric/librdmacm:= ) iscsi? ( net-libs/libiscsi ) jpeg? ( virtual/jpeg:0= ) lzo? ( dev-libs/lzo:2 ) ncurses? ( sys-libs/ncurses:0=[unicode] sys-libs/ncurses:0= ) nfs? ( >=net-fs/libnfs-1.9.3 ) numa? ( sys-process/numactl ) opengl? ( virtual/opengl media-libs/libepoxy media-libs/mesa media-libs/mesa[egl,gbm] ) png? ( media-libs/libpng:0= ) pulseaudio? ( media-sound/pulseaudio ) rbd? ( sys-cluster/ceph ) sasl? ( dev-libs/cyrus-sasl ) sdl? ( !sdl2? ( media-libs/libsdl[X] >=media-libs/libsdl-1.2.11 ) sdl2? ( media-libs/libsdl2[X] media-libs/libsdl2 ) ) seccomp? ( >=sys-libs/libseccomp-2.1.0 ) smartcard? ( >=app-emulation/libcacard-2.5.0 ) snappy? ( app-arch/snappy ) spice? ( >=app-emulation/spice-protocol-0.12.3 >=app-emulation/spice-0.12.0 ) ssh? ( >=net-libs/libssh2-1.2.8 ) usb? ( >=virtual/libusb-1-r2 ) usbredir? ( >=sys-apps/usbredir-0.6 ) vde? ( net-misc/vde ) virgl? ( media-libs/virglrenderer ) virtfs? ( sys-libs/libcap ) xen? ( app-emulation/xen-tools:= ) xfs? ( sys-fs/xfsprogs ) ) qemu_softmmu_targets_i386? ( >=sys-firmware/ipxe-1.0.0_p20130624 pin-upstream-blobs? ( ~sys-firmware/seabios-1.10.1 ~sys-firmware/sgabios-0.1_pre8 ~sys-firmware/vgabios-0.7a ) !pin-upstream-blobs? ( sys-firmware/seabios sys-firmware/sgabios sys-firmware/vgabios ) ) qemu_softmmu_targets_x86_64? ( >=sys-firmware/ipxe-1.0.0_p20130624 pin-upstream-blobs? ( ~sys-firmware/seabios-1.10.1 ~sys-firmware/sgabios-0.1_pre8 ~sys-firmware/vgabios-0.7a ) !pin-upstream-blobs? ( sys-firmware/seabios sys-firmware/sgabios sys-firmware/vgabios ) ) dev-lang/perl =dev-lang/python-2* sys-apps/texinfo virtual/pkgconfig kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 ) gtk? ( nls? ( sys-devel/gettext ) ) static? ( >=dev-libs/glib-2.0[static-libs(+)] sys-libs/zlib[static-libs(+)] python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[ncurses,readline] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,-python_single_target_python2_7(-)] ) systemtap? ( dev-util/systemtap ) xattr? ( sys-apps/attr[static-libs(+)] ) >=x11-libs/pixman-0.28.0[static-libs(+)] accessibility? ( app-accessibility/brltty[api] app-accessibility/brltty[static-libs(+)] ) aio? ( dev-libs/libaio[static-libs(+)] ) alsa? ( >=media-libs/alsa-lib-1.0.13 ) bluetooth? ( net-wireless/bluez ) bzip2? ( app-arch/bzip2[static-libs(+)] ) caps? ( sys-libs/libcap-ng[static-libs(+)] ) curl? ( >=net-misc/curl-7.15.4[static-libs(+)] ) fdt? ( >=sys-apps/dtc-1.4.0[static-libs(+)] ) glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] ) gnutls? ( dev-libs/nettle:=[static-libs(+)] >=net-libs/gnutls-3.0:=[static-libs(+)] ) gtk? ( gtk2? ( x11-libs/gtk+:2 vte? ( x11-libs/vte:0 ) ) !gtk2? ( x11-libs/gtk+:3 vte? ( x11-libs/vte:2.91 ) ) ) infiniband? ( sys-fabric/librdmacm:=[static-libs(+)] ) iscsi? ( net-libs/libiscsi ) jpeg? ( virtual/jpeg:0=[static-libs(+)] ) lzo? ( dev-libs/lzo:2[static-libs(+)] ) ncurses? ( sys-libs/ncurses:0=[unicode] sys-libs/ncurses:0=[static-libs(+)] ) nfs? ( >=net-fs/libnfs-1.9.3[static-libs(+)] ) numa? ( sys-process/numactl[static-libs(+)] ) opengl? ( virtual/opengl media-libs/libepoxy[static-libs(+)] media-libs/mesa[static-libs(+)] media-libs/mesa[egl,gbm] ) png? ( media-libs/libpng:0=[static-libs(+)] ) pulseaudio? ( media-sound/pulseaudio ) rbd? ( sys-cluster/ceph[static-libs(+)] ) sasl? ( dev-libs/cyrus-sasl[static-libs(+)] ) sdl? ( !sdl2? ( media-libs/libsdl[X] >=media-libs/libsdl-1.2.11[static-libs(+)] ) sdl2? ( media-libs/libsdl2[X] media-libs/libsdl2[static-libs(+)] ) ) seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] ) smartcard? ( >=app-emulation/libcacard-2.5.0[static-libs(+)] ) snappy? ( app-arch/snappy[static-libs(+)] ) spice? ( >=app-emulation/spice-protocol-0.12.3 >=app-emulation/spice-0.12.0[static-libs(+)] ) ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] ) usb? ( >=virtual/libusb-1-r2[static-libs(+)] ) usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] ) vde? ( net-misc/vde[static-libs(+)] ) virgl? ( media-libs/virglrenderer[static-libs(+)] ) virtfs? ( sys-libs/libcap ) xen? ( app-emulation/xen-tools:= ) xfs? ( sys-fs/xfsprogs[static-libs(+)] ) ) static-user? ( >=dev-libs/glib-2.0[static-libs(+)] sys-libs/zlib[static-libs(+)] python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[ncurses,readline] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,-python_single_target_python2_7(-)] ) systemtap? ( dev-util/systemtap ) xattr? ( sys-apps/attr[static-libs(+)] ) ) test? ( dev-libs/glib[utils] sys-devel/bc ) virtual/pkgconfig filecaps? ( sys-libs/libcap ) +DESCRIPTION=QEMU + Kernel-based Virtual Machine userland tools +EAPI=6 +HOMEPAGE=http://www.qemu.org http://www.linux-kvm.org +IUSE=accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png pulseaudio python rbd sasl +seccomp sdl sdl2 selinux smartcard snappy spice ssh static static-user systemtap tci test usb usbredir vde +vhost-net virgl virtfs +vnc vte xattr xen xfs qemu_softmmu_targets_aarch64 qemu_softmmu_targets_alpha qemu_softmmu_targets_arm qemu_softmmu_targets_cris qemu_softmmu_targets_i386 qemu_softmmu_targets_m68k qemu_softmmu_targets_microblaze qemu_softmmu_targets_microblazeel qemu_softmmu_targets_mips qemu_softmmu_targets_mips64 qemu_softmmu_targets_mips64el qemu_softmmu_targets_mipsel qemu_softmmu_targets_nios2 qemu_softmmu_targets_or1k qemu_softmmu_targets_ppc qemu_softmmu_targets_ppc64 qemu_softmmu_targets_s390x qemu_softmmu_targets_sh4 qemu_softmmu_targets_sh4eb qemu_softmmu_targets_sparc qemu_softmmu_targets_sparc64 qemu_softmmu_targets_x86_64 qemu_softmmu_targets_lm32 qemu_softmmu_targets_moxie qemu_softmmu_targets_ppcemb qemu_softmmu_targets_tricore qemu_softmmu_targets_unicore32 qemu_softmmu_targets_xtensa qemu_softmmu_targets_xtensaeb qemu_user_targets_aarch64 qemu_user_targets_alpha qemu_user_targets_arm qemu_user_targets_cris qemu_user_targets_i386 qemu_user_targets_m68k qemu_user_targets_microblaze qemu_user_targets_microblazeel qemu_user_targets_mips qemu_user_targets_mips64 qemu_user_targets_mips64el qemu_user_targets_mipsel qemu_user_targets_nios2 qemu_user_targets_or1k qemu_user_targets_ppc qemu_user_targets_ppc64 qemu_user_targets_s390x qemu_user_targets_sh4 qemu_user_targets_sh4eb qemu_user_targets_sparc qemu_user_targets_sparc64 qemu_user_targets_x86_64 qemu_user_targets_armeb qemu_user_targets_hppa qemu_user_targets_mipsn32 qemu_user_targets_mipsn32el qemu_user_targets_ppc64abi32 qemu_user_targets_ppc64le qemu_user_targets_sparc32plus qemu_user_targets_tilegx python_targets_python2_7 +filecaps linguas_bg linguas_de_DE linguas_fr_FR linguas_hu linguas_it linguas_tr linguas_zh_CN +KEYWORDS=amd64 arm64 ~ppc ~ppc64 x86 ~x86-fbsd +LICENSE=GPL-2 LGPL-2 BSD-2 +RDEPEND=!static? ( >=dev-libs/glib-2.0 sys-libs/zlib python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[ncurses,readline] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,-python_single_target_python2_7(-)] ) systemtap? ( dev-util/systemtap ) xattr? ( sys-apps/attr ) >=x11-libs/pixman-0.28.0 accessibility? ( app-accessibility/brltty[api] app-accessibility/brltty ) aio? ( dev-libs/libaio ) alsa? ( >=media-libs/alsa-lib-1.0.13 ) bluetooth? ( net-wireless/bluez ) bzip2? ( app-arch/bzip2 ) caps? ( sys-libs/libcap-ng ) curl? ( >=net-misc/curl-7.15.4 ) fdt? ( >=sys-apps/dtc-1.4.0 ) glusterfs? ( >=sys-cluster/glusterfs-3.4.0 ) gnutls? ( dev-libs/nettle:= >=net-libs/gnutls-3.0:= ) gtk? ( gtk2? ( x11-libs/gtk+:2 vte? ( x11-libs/vte:0 ) ) !gtk2? ( x11-libs/gtk+:3 vte? ( x11-libs/vte:2.91 ) ) ) infiniband? ( sys-fabric/librdmacm:= ) iscsi? ( net-libs/libiscsi ) jpeg? ( virtual/jpeg:0= ) lzo? ( dev-libs/lzo:2 ) ncurses? ( sys-libs/ncurses:0=[unicode] sys-libs/ncurses:0= ) nfs? ( >=net-fs/libnfs-1.9.3 ) numa? ( sys-process/numactl ) opengl? ( virtual/opengl media-libs/libepoxy media-libs/mesa media-libs/mesa[egl,gbm] ) png? ( media-libs/libpng:0= ) pulseaudio? ( media-sound/pulseaudio ) rbd? ( sys-cluster/ceph ) sasl? ( dev-libs/cyrus-sasl ) sdl? ( !sdl2? ( media-libs/libsdl[X] >=media-libs/libsdl-1.2.11 ) sdl2? ( media-libs/libsdl2[X] media-libs/libsdl2 ) ) seccomp? ( >=sys-libs/libseccomp-2.1.0 ) smartcard? ( >=app-emulation/libcacard-2.5.0 ) snappy? ( app-arch/snappy ) spice? ( >=app-emulation/spice-protocol-0.12.3 >=app-emulation/spice-0.12.0 ) ssh? ( >=net-libs/libssh2-1.2.8 ) usb? ( >=virtual/libusb-1-r2 ) usbredir? ( >=sys-apps/usbredir-0.6 ) vde? ( net-misc/vde ) virgl? ( media-libs/virglrenderer ) virtfs? ( sys-libs/libcap ) xen? ( app-emulation/xen-tools:= ) xfs? ( sys-fs/xfsprogs ) ) qemu_softmmu_targets_i386? ( >=sys-firmware/ipxe-1.0.0_p20130624 pin-upstream-blobs? ( ~sys-firmware/seabios-1.10.1 ~sys-firmware/sgabios-0.1_pre8 ~sys-firmware/vgabios-0.7a ) !pin-upstream-blobs? ( sys-firmware/seabios sys-firmware/sgabios sys-firmware/vgabios ) ) qemu_softmmu_targets_x86_64? ( >=sys-firmware/ipxe-1.0.0_p20130624 pin-upstream-blobs? ( ~sys-firmware/seabios-1.10.1 ~sys-firmware/sgabios-0.1_pre8 ~sys-firmware/vgabios-0.7a ) !pin-upstream-blobs? ( sys-firmware/seabios sys-firmware/sgabios sys-firmware/vgabios ) ) selinux? ( sec-policy/selinux-qemu ) +REQUIRED_USE=|| ( python_targets_python2_7 ) gtk2? ( gtk ) qemu_softmmu_targets_arm? ( fdt ) qemu_softmmu_targets_microblaze? ( fdt ) qemu_softmmu_targets_mips64el? ( fdt ) qemu_softmmu_targets_ppc? ( fdt ) qemu_softmmu_targets_ppc64? ( fdt ) sdl2? ( sdl ) static? ( static-user !alsa !bluetooth !gtk !gtk2 !opengl !pulseaudio ) virtfs? ( xattr ) vte? ( gtk ) +SLOT=0 +SRC_URI=http://wiki.qemu-project.org/download/qemu-2.9.0.tar.bz2 +_eclasses_=epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 9c113d6a64826c40154cad7be15d95ea fcaps e80204189039ecc03f24151c518375f0 flag-o-matic 61cad4fb5d800b29d484b27cb033f59b l10n 8f52d9ce1814aca2ed1a46920084ea66 linux-info ca370deef9d44125d829f2eb6ebc83e0 ltprune 2770eed66a9b8ef944714cd0e968182e multibuild 72647e255187a1fadc81097b3657e5c3 multilib 0236be304ee52e7f179ed2f337075515 pax-utils 4f95120230a315c8caaabeb2307b7eee python-r1 0c067f080a047742ffac024b16895b45 python-utils-r1 c11fc374357e6ad9ddfe2e9f931e4d29 readme.gentoo-r1 6f03e110529650f57fc7d1fb908b8986 toolchain-funcs 6eb35f81556258a4bc9182ad3dfd58ee udev d91cac2c73b94629cad2daea66e0d182 user e4b567c44272a719fabf53f0f885d3f7 versionator c80ccf29e90adea7c5cae94b42eb76d0 +_md5_=f092c188ea72a74ead4ad39d79c77b68 diff --git a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/coreos-base/coreos-0.0.1 b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/coreos-base/coreos-0.0.1 index 0aa2159612..23cb22c55b 100644 --- a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/coreos-base/coreos-0.0.1 +++ b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/coreos-base/coreos-0.0.1 @@ -5,6 +5,6 @@ HOMEPAGE=http://coreos.com IUSE=selinux KEYWORDS=amd64 arm arm64 x86 LICENSE=GPL-2 -RDEPEND=>=sys-apps/baselayout-3.0.0 sys-apps/dbus[selinux?] sys-apps/systemd[selinux?] selinux? ( sec-policy/selinux-virt ) amd64? ( app-admin/adcli app-admin/kubelet-wrapper app-crypt/go-tspi app-emulation/xenserver-pv-version app-emulation/xenstore sys-auth/realmd sys-auth/sssd app-admin/flannel-wrapper ) app-admin/etcd-wrapper app-admin/fleet app-admin/locksmith app-admin/mayday app-admin/sdnotify-proxy app-admin/sudo app-admin/toolbox app-arch/gzip app-arch/tar app-arch/torcx app-arch/unzip app-arch/zip app-crypt/gnupg app-crypt/tpmpolicy app-editors/vim app-emulation/docker app-emulation/rkt app-emulation/actool app-misc/ca-certificates app-misc/jq app-shells/bash coreos-base/coreos-cloudinit coreos-base/coreos-init coreos-base/coreos-metadata coreos-base/update_engine dev-db/etcd:2 dev-util/strace dev-vcs/git net-analyzer/nmap net-dns/bind-tools net-firewall/ebtables net-firewall/ipset net-firewall/iptables net-fs/nfs-utils net-misc/bridge-utils net-misc/dhcpcd net-misc/iputils net-misc/ntp net-misc/rsync net-misc/wget net-misc/whois sys-apps/coreutils sys-apps/dbus sys-apps/ethtool sys-apps/findutils sys-apps/gawk sys-apps/grep sys-apps/iproute2 sys-apps/kexec-tools sys-apps/less sys-apps/lshw sys-apps/net-tools sys-apps/nvme-cli sys-apps/pciutils sys-apps/rng-tools sys-apps/sed sys-apps/seismograph sys-apps/shadow sys-apps/usbutils sys-apps/util-linux sys-apps/which sys-block/open-iscsi sys-fs/btrfs-progs sys-fs/e2fsprogs sys-fs/mdadm sys-fs/multipath-tools sys-fs/quota sys-fs/xfsprogs sys-kernel/coreos-firmware sys-kernel/coreos-kernel sys-libs/glibc sys-libs/nss-usrfiles sys-libs/timezone-data sys-process/lsof sys-process/procps +RDEPEND=>=sys-apps/baselayout-3.0.0 sys-apps/dbus[selinux?] sys-apps/systemd[selinux?] selinux? ( sec-policy/selinux-virt ) amd64? ( app-admin/adcli app-crypt/go-tspi app-emulation/xenserver-pv-version app-emulation/xenstore sys-auth/realmd sys-auth/sssd ) app-admin/etcd-wrapper app-admin/flannel-wrapper app-admin/fleet app-admin/kubelet-wrapper app-admin/locksmith app-admin/mayday app-admin/sdnotify-proxy app-admin/sudo app-admin/toolbox app-arch/gzip app-arch/tar app-arch/torcx app-arch/unzip app-arch/zip app-crypt/gnupg app-crypt/tpmpolicy app-editors/vim app-emulation/docker app-emulation/rkt app-emulation/actool app-misc/ca-certificates app-misc/jq app-shells/bash coreos-base/coreos-cloudinit coreos-base/coreos-init coreos-base/coreos-metadata coreos-base/update_engine dev-db/etcd:2 dev-util/strace dev-vcs/git net-analyzer/nmap net-dns/bind-tools net-firewall/ebtables net-firewall/ipset net-firewall/iptables net-fs/nfs-utils net-misc/bridge-utils net-misc/dhcpcd net-misc/iputils net-misc/ntp net-misc/rsync net-misc/wget net-misc/whois sys-apps/coreutils sys-apps/dbus sys-apps/ethtool sys-apps/findutils sys-apps/gawk sys-apps/grep sys-apps/iproute2 sys-apps/kexec-tools sys-apps/less sys-apps/lshw sys-apps/net-tools sys-apps/nvme-cli sys-apps/pciutils sys-apps/rng-tools sys-apps/sed sys-apps/seismograph sys-apps/shadow sys-apps/usbutils sys-apps/util-linux sys-apps/which sys-block/open-iscsi sys-fs/btrfs-progs sys-fs/dosfstools sys-fs/e2fsprogs sys-fs/mdadm sys-fs/multipath-tools sys-fs/quota sys-fs/xfsprogs sys-kernel/coreos-firmware sys-kernel/coreos-kernel sys-libs/glibc sys-libs/nss-usrfiles sys-libs/timezone-data sys-process/lsof sys-process/procps SLOT=0 -_md5_=1ea1be0d2cc2339167a72009c92c181e +_md5_=6a15f6f8ca3eddba99bd700498f9ff03 diff --git a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/coreos-base/coreos-0.0.1-r281 b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/coreos-base/coreos-0.0.1-r283 similarity index 69% rename from sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/coreos-base/coreos-0.0.1-r281 rename to sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/coreos-base/coreos-0.0.1-r283 index 0aa2159612..23cb22c55b 100644 --- a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/coreos-base/coreos-0.0.1-r281 +++ b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/coreos-base/coreos-0.0.1-r283 @@ -5,6 +5,6 @@ HOMEPAGE=http://coreos.com IUSE=selinux KEYWORDS=amd64 arm arm64 x86 LICENSE=GPL-2 -RDEPEND=>=sys-apps/baselayout-3.0.0 sys-apps/dbus[selinux?] sys-apps/systemd[selinux?] selinux? ( sec-policy/selinux-virt ) amd64? ( app-admin/adcli app-admin/kubelet-wrapper app-crypt/go-tspi app-emulation/xenserver-pv-version app-emulation/xenstore sys-auth/realmd sys-auth/sssd app-admin/flannel-wrapper ) app-admin/etcd-wrapper app-admin/fleet app-admin/locksmith app-admin/mayday app-admin/sdnotify-proxy app-admin/sudo app-admin/toolbox app-arch/gzip app-arch/tar app-arch/torcx app-arch/unzip app-arch/zip app-crypt/gnupg app-crypt/tpmpolicy app-editors/vim app-emulation/docker app-emulation/rkt app-emulation/actool app-misc/ca-certificates app-misc/jq app-shells/bash coreos-base/coreos-cloudinit coreos-base/coreos-init coreos-base/coreos-metadata coreos-base/update_engine dev-db/etcd:2 dev-util/strace dev-vcs/git net-analyzer/nmap net-dns/bind-tools net-firewall/ebtables net-firewall/ipset net-firewall/iptables net-fs/nfs-utils net-misc/bridge-utils net-misc/dhcpcd net-misc/iputils net-misc/ntp net-misc/rsync net-misc/wget net-misc/whois sys-apps/coreutils sys-apps/dbus sys-apps/ethtool sys-apps/findutils sys-apps/gawk sys-apps/grep sys-apps/iproute2 sys-apps/kexec-tools sys-apps/less sys-apps/lshw sys-apps/net-tools sys-apps/nvme-cli sys-apps/pciutils sys-apps/rng-tools sys-apps/sed sys-apps/seismograph sys-apps/shadow sys-apps/usbutils sys-apps/util-linux sys-apps/which sys-block/open-iscsi sys-fs/btrfs-progs sys-fs/e2fsprogs sys-fs/mdadm sys-fs/multipath-tools sys-fs/quota sys-fs/xfsprogs sys-kernel/coreos-firmware sys-kernel/coreos-kernel sys-libs/glibc sys-libs/nss-usrfiles sys-libs/timezone-data sys-process/lsof sys-process/procps +RDEPEND=>=sys-apps/baselayout-3.0.0 sys-apps/dbus[selinux?] sys-apps/systemd[selinux?] selinux? ( sec-policy/selinux-virt ) amd64? ( app-admin/adcli app-crypt/go-tspi app-emulation/xenserver-pv-version app-emulation/xenstore sys-auth/realmd sys-auth/sssd ) app-admin/etcd-wrapper app-admin/flannel-wrapper app-admin/fleet app-admin/kubelet-wrapper app-admin/locksmith app-admin/mayday app-admin/sdnotify-proxy app-admin/sudo app-admin/toolbox app-arch/gzip app-arch/tar app-arch/torcx app-arch/unzip app-arch/zip app-crypt/gnupg app-crypt/tpmpolicy app-editors/vim app-emulation/docker app-emulation/rkt app-emulation/actool app-misc/ca-certificates app-misc/jq app-shells/bash coreos-base/coreos-cloudinit coreos-base/coreos-init coreos-base/coreos-metadata coreos-base/update_engine dev-db/etcd:2 dev-util/strace dev-vcs/git net-analyzer/nmap net-dns/bind-tools net-firewall/ebtables net-firewall/ipset net-firewall/iptables net-fs/nfs-utils net-misc/bridge-utils net-misc/dhcpcd net-misc/iputils net-misc/ntp net-misc/rsync net-misc/wget net-misc/whois sys-apps/coreutils sys-apps/dbus sys-apps/ethtool sys-apps/findutils sys-apps/gawk sys-apps/grep sys-apps/iproute2 sys-apps/kexec-tools sys-apps/less sys-apps/lshw sys-apps/net-tools sys-apps/nvme-cli sys-apps/pciutils sys-apps/rng-tools sys-apps/sed sys-apps/seismograph sys-apps/shadow sys-apps/usbutils sys-apps/util-linux sys-apps/which sys-block/open-iscsi sys-fs/btrfs-progs sys-fs/dosfstools sys-fs/e2fsprogs sys-fs/mdadm sys-fs/multipath-tools sys-fs/quota sys-fs/xfsprogs sys-kernel/coreos-firmware sys-kernel/coreos-kernel sys-libs/glibc sys-libs/nss-usrfiles sys-libs/timezone-data sys-process/lsof sys-process/procps SLOT=0 -_md5_=1ea1be0d2cc2339167a72009c92c181e +_md5_=6a15f6f8ca3eddba99bd700498f9ff03 diff --git a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-apps/dbus-1.10.12 b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-apps/dbus-1.10.12 deleted file mode 100644 index f4f44130f1..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-apps/dbus-1.10.12 +++ /dev/null @@ -1,14 +0,0 @@ -DEFINED_PHASES=compile configure install postinst prepare setup test -DEPEND=>=dev-libs/expat-2 selinux? ( sys-libs/libselinux ) systemd? ( sys-apps/systemd:0= ) X? ( x11-libs/libX11 x11-libs/libXt ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20131008-r4 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) app-text/xmlto app-text/docbook-xml-dtd:4.4 virtual/pkgconfig doc? ( app-doc/doxygen ) test? ( >=dev-libs/glib-2.36:2 || ( >=dev-lang/python-2.7.5-r2:2.7 ) ) >=app-portage/elt-patches-20170317 !=sys-devel/automake-1.15:1.15 ) >=sys-devel/autoconf-2.69 >=sys-devel/libtool-2.4 virtual/pkgconfig test? ( !prefix? ( x11-base/xorg-server[xvfb] ) x11-apps/xhost ) -DESCRIPTION=A message bus system, a simple way for applications to talk to each other -EAPI=6 -HOMEPAGE=https://dbus.freedesktop.org/ -IUSE=debug doc selinux static-libs systemd test user-session X test abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 -KEYWORDS=alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~x86-solaris -LICENSE=|| ( AFL-2.1 GPL-2 ) -RDEPEND=>=dev-libs/expat-2 selinux? ( sys-libs/libselinux ) systemd? ( sys-apps/systemd:0= ) X? ( x11-libs/libX11 x11-libs/libXt ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20131008-r4 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) -RESTRICT=test -SLOT=0 -SRC_URI=https://dbus.freedesktop.org/releases/dbus/dbus-1.10.12.tar.gz -_eclasses_=autotools 7027963e8e8cc12c91117bdb9225dc26 epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 9c113d6a64826c40154cad7be15d95ea flag-o-matic 61cad4fb5d800b29d484b27cb033f59b libtool e32ea84bf82cf8987965b574672dba93 linux-info ca370deef9d44125d829f2eb6ebc83e0 ltprune 2770eed66a9b8ef944714cd0e968182e multibuild 72647e255187a1fadc81097b3657e5c3 multilib 0236be304ee52e7f179ed2f337075515 multilib-build eed53a6313267c9fbcd35fc384bd0087 multilib-minimal 9139c3a57e077cb8e0d0f73ceb080b89 python-any-r1 be89e882151ba4b847089b860d79729c python-utils-r1 c11fc374357e6ad9ddfe2e9f931e4d29 readme.gentoo-r1 6f03e110529650f57fc7d1fb908b8986 systemd ec2e9154031d942186c75c0aabb41900 toolchain-funcs 6eb35f81556258a4bc9182ad3dfd58ee user e4b567c44272a719fabf53f0f885d3f7 versionator c80ccf29e90adea7c5cae94b42eb76d0 virtualx 171580f737f5aaf18fcb456548588066 -_md5_=3be955fa316e2834a53620047b9684e8 diff --git a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-apps/dbus-1.10.18 b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-apps/dbus-1.10.18 new file mode 100644 index 0000000000..cafc10ba91 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-apps/dbus-1.10.18 @@ -0,0 +1,15 @@ +DEFINED_PHASES=compile configure install postinst prepare setup test +DEPEND=>=dev-libs/expat-2 selinux? ( sys-libs/libselinux ) elogind? ( sys-auth/elogind ) systemd? ( sys-apps/systemd:0= ) X? ( x11-libs/libX11 x11-libs/libXt ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20131008-r4 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) app-text/xmlto app-text/docbook-xml-dtd:4.4 virtual/pkgconfig doc? ( app-doc/doxygen ) test? ( >=dev-libs/glib-2.36:2 || ( >=dev-lang/python-2.7.5-r2:2.7 ) ) >=app-portage/elt-patches-20170317 !=sys-devel/automake-1.15:1.15 ) >=sys-devel/autoconf-2.69 >=sys-devel/libtool-2.4 virtual/pkgconfig test? ( !prefix? ( x11-base/xorg-server[xvfb] ) x11-apps/xhost ) +DESCRIPTION=A message bus system, a simple way for applications to talk to each other +EAPI=6 +HOMEPAGE=https://dbus.freedesktop.org/ +IUSE=debug doc elogind selinux static-libs systemd test user-session X test abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 +KEYWORDS=alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~x86-solaris +LICENSE=|| ( AFL-2.1 GPL-2 ) +RDEPEND=>=dev-libs/expat-2 selinux? ( sys-libs/libselinux ) elogind? ( sys-auth/elogind ) systemd? ( sys-apps/systemd:0= ) X? ( x11-libs/libX11 x11-libs/libXt ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20131008-r4 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) +REQUIRED_USE=?? ( elogind systemd ) +RESTRICT=test +SLOT=0 +SRC_URI=https://dbus.freedesktop.org/releases/dbus/dbus-1.10.18.tar.gz +_eclasses_=autotools 7027963e8e8cc12c91117bdb9225dc26 epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 9c113d6a64826c40154cad7be15d95ea flag-o-matic 61cad4fb5d800b29d484b27cb033f59b libtool e32ea84bf82cf8987965b574672dba93 linux-info ca370deef9d44125d829f2eb6ebc83e0 ltprune 2770eed66a9b8ef944714cd0e968182e multibuild 72647e255187a1fadc81097b3657e5c3 multilib 0236be304ee52e7f179ed2f337075515 multilib-build eed53a6313267c9fbcd35fc384bd0087 multilib-minimal 9139c3a57e077cb8e0d0f73ceb080b89 python-any-r1 be89e882151ba4b847089b860d79729c python-utils-r1 c11fc374357e6ad9ddfe2e9f931e4d29 readme.gentoo-r1 6f03e110529650f57fc7d1fb908b8986 systemd ec2e9154031d942186c75c0aabb41900 toolchain-funcs 6eb35f81556258a4bc9182ad3dfd58ee user e4b567c44272a719fabf53f0f885d3f7 versionator c80ccf29e90adea7c5cae94b42eb76d0 virtualx 171580f737f5aaf18fcb456548588066 +_md5_=d4bb980317490d7bee5f325bfb162312 diff --git a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-apps/shadow-4.4-r2 b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-apps/shadow-4.4-r2 deleted file mode 100644 index dfc062238c..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-apps/shadow-4.4-r2 +++ /dev/null @@ -1,13 +0,0 @@ -DEFINED_PHASES=configure install prepare -DEPEND=acl? ( sys-apps/acl ) audit? ( sys-process/audit ) cracklib? ( >=sys-libs/cracklib-2.7-r3 ) pam? ( virtual/pam ) skey? ( sys-auth/skey ) selinux? ( >=sys-libs/libselinux-1.28 sys-libs/libsemanage ) nls? ( virtual/libintl ) xattr? ( sys-apps/attr ) app-arch/xz-utils nls? ( sys-devel/gettext ) >=app-portage/elt-patches-20170317 virtual/pkgconfig -DESCRIPTION=Utilities to deal with user accounts -EAPI=5 -HOMEPAGE=https://github.com/shadow-maint/shadow http://pkg-shadow.alioth.debian.org/ -IUSE=acl audit cracklib nls pam selinux skey xattr -KEYWORDS=alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 -LICENSE=BSD GPL-2 -RDEPEND=acl? ( sys-apps/acl ) audit? ( sys-process/audit ) cracklib? ( >=sys-libs/cracklib-2.7-r3 ) pam? ( virtual/pam ) skey? ( sys-auth/skey ) selinux? ( >=sys-libs/libselinux-1.28 sys-libs/libsemanage ) nls? ( virtual/libintl ) xattr? ( sys-apps/attr ) pam? ( >=sys-auth/pambase-20150213 ) -SLOT=0 -SRC_URI=https://github.com/shadow-maint/shadow/releases/download/4.4/shadow-4.4.tar.gz -_eclasses_=epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 9c113d6a64826c40154cad7be15d95ea flag-o-matic 61cad4fb5d800b29d484b27cb033f59b libtool e32ea84bf82cf8987965b574672dba93 ltprune 2770eed66a9b8ef944714cd0e968182e multilib 0236be304ee52e7f179ed2f337075515 pam 3e788d86170dfcd5b06824d898315e18 systemd ec2e9154031d942186c75c0aabb41900 toolchain-funcs 6eb35f81556258a4bc9182ad3dfd58ee -_md5_=20a0bbbc68cb802230f530dac77f8f20 diff --git a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-apps/shadow-4.5 b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-apps/shadow-4.5 new file mode 100644 index 0000000000..f8445480b2 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-apps/shadow-4.5 @@ -0,0 +1,13 @@ +DEFINED_PHASES=configure install preinst prepare +DEPEND=acl? ( sys-apps/acl:0= ) audit? ( >=sys-process/audit-2.6:0= ) cracklib? ( >=sys-libs/cracklib-2.7-r3:0= ) pam? ( virtual/pam:0= ) skey? ( sys-auth/skey:0= ) selinux? ( >=sys-libs/libselinux-1.28:0= sys-libs/libsemanage:0= ) nls? ( virtual/libintl ) xattr? ( sys-apps/attr:0= ) app-arch/xz-utils nls? ( sys-devel/gettext ) >=app-portage/elt-patches-20170317 virtual/pkgconfig +DESCRIPTION=Utilities to deal with user accounts +EAPI=5 +HOMEPAGE=https://github.com/shadow-maint/shadow http://pkg-shadow.alioth.debian.org/ +IUSE=acl audit cracklib nls pam selinux skey xattr linguas_cs linguas_da linguas_de linguas_es linguas_fi linguas_fr linguas_hu linguas_id linguas_it linguas_ja linguas_ko linguas_pl linguas_pt_BR linguas_ru linguas_sv linguas_tr linguas_zh_CN linguas_zh_TW +KEYWORDS=~alpha amd64 ~arm arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 +LICENSE=BSD GPL-2 +RDEPEND=acl? ( sys-apps/acl:0= ) audit? ( >=sys-process/audit-2.6:0= ) cracklib? ( >=sys-libs/cracklib-2.7-r3:0= ) pam? ( virtual/pam:0= ) skey? ( sys-auth/skey:0= ) selinux? ( >=sys-libs/libselinux-1.28:0= sys-libs/libsemanage:0= ) nls? ( virtual/libintl ) xattr? ( sys-apps/attr:0= ) pam? ( >=sys-auth/pambase-20150213 ) +SLOT=0 +SRC_URI=https://github.com/shadow-maint/shadow/releases/download/4.5/shadow-4.5.tar.gz +_eclasses_=epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 9c113d6a64826c40154cad7be15d95ea flag-o-matic 61cad4fb5d800b29d484b27cb033f59b libtool e32ea84bf82cf8987965b574672dba93 ltprune 2770eed66a9b8ef944714cd0e968182e multilib 0236be304ee52e7f179ed2f337075515 pam 3e788d86170dfcd5b06824d898315e18 systemd ec2e9154031d942186c75c0aabb41900 toolchain-funcs 6eb35f81556258a4bc9182ad3dfd58ee +_md5_=3d6dd32a45959af66379a7d47c6974d5 diff --git a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/bootengine-0.0.15 b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/bootengine-0.0.16 similarity index 92% rename from sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/bootengine-0.0.15 rename to sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/bootengine-0.0.16 index ab2561699b..b8728eeb49 100644 --- a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/bootengine-0.0.15 +++ b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/bootengine-0.0.16 @@ -5,6 +5,6 @@ EAPI=5 IUSE=cros_workon_tree_* profiling cros-debug KEYWORDS=amd64 arm arm64 x86 LICENSE=BSD -SLOT=0/0.0.15 +SLOT=0/0.0.16 _eclasses_=cros-au f9ae34f03ddcc4a8450e4f603ffef8f8 cros-debug deb4c0b1259db4d092692c4c46fe072b cros-workon 4ad6e6491a1010ad7c875302b3be18ba epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 9c113d6a64826c40154cad7be15d95ea flag-o-matic 61cad4fb5d800b29d484b27cb033f59b git-r3 cbafa3261c37c7e3af44bb16a34ea390 ltprune 2770eed66a9b8ef944714cd0e968182e multilib 0236be304ee52e7f179ed2f337075515 toolchain-funcs 6eb35f81556258a4bc9182ad3dfd58ee -_md5_=56523c3d2265adcde481a0d818b36658 +_md5_=b787554889c284e938b23a131ff999b2 diff --git a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/bootengine-9999 b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/bootengine-9999 index 844e0a84d6..61fdf6e059 100644 --- a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/bootengine-9999 +++ b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/bootengine-9999 @@ -7,4 +7,4 @@ KEYWORDS=~amd64 ~arm ~arm64 ~x86 LICENSE=BSD SLOT=0/9999 _eclasses_=cros-au f9ae34f03ddcc4a8450e4f603ffef8f8 cros-debug deb4c0b1259db4d092692c4c46fe072b cros-workon 4ad6e6491a1010ad7c875302b3be18ba epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 9c113d6a64826c40154cad7be15d95ea flag-o-matic 61cad4fb5d800b29d484b27cb033f59b git-r3 cbafa3261c37c7e3af44bb16a34ea390 ltprune 2770eed66a9b8ef944714cd0e968182e multilib 0236be304ee52e7f179ed2f337075515 toolchain-funcs 6eb35f81556258a4bc9182ad3dfd58ee -_md5_=56523c3d2265adcde481a0d818b36658 +_md5_=b787554889c284e938b23a131ff999b2 diff --git a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/coreos-kernel-4.11.2 b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/coreos-kernel-4.11.3 similarity index 63% rename from sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/coreos-kernel-4.11.2 rename to sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/coreos-kernel-4.11.3 index f96cf81a12..afa3c226c1 100644 --- a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/coreos-kernel-4.11.2 +++ b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/coreos-kernel-4.11.3 @@ -1,12 +1,12 @@ DEFINED_PHASES=compile configure install prepare pretend setup unpack -DEPEND==sys-kernel/coreos-modules-4.11.2 app-arch/gzip app-shells/bash sys-apps/coreutils sys-apps/findutils sys-apps/grep sys-apps/ignition:= sys-apps/less sys-apps/sed sys-apps/shadow sys-apps/systemd sys-apps/seismograph sys-apps/util-linux sys-fs/btrfs-progs sys-fs/e2fsprogs sys-fs/mdadm sys-fs/xfsprogs >=sys-kernel/coreos-firmware-20160331-r1:= >=sys-kernel/bootengine-0.0.4:= sys-kernel/dracut virtual/udev =sys-kernel/coreos-sources-4.11.2 +DEPEND==sys-kernel/coreos-modules-4.11.3 app-arch/gzip app-shells/bash sys-apps/coreutils sys-apps/findutils sys-apps/grep sys-apps/ignition:= sys-apps/less sys-apps/sed sys-apps/shadow sys-apps/systemd[cryptsetup] sys-apps/seismograph sys-apps/util-linux sys-fs/btrfs-progs sys-fs/e2fsprogs sys-fs/mdadm sys-fs/xfsprogs >=sys-kernel/coreos-firmware-20160331-r1:= >=sys-kernel/bootengine-0.0.4:= sys-kernel/dracut virtual/udev =sys-kernel/coreos-sources-4.11.3 DESCRIPTION=CoreOS Linux kernel EAPI=5 HOMEPAGE=http://www.kernel.org KEYWORDS=amd64 arm64 LICENSE=GPL-2 freedist -RDEPEND==sys-kernel/coreos-modules-4.11.2 +RDEPEND==sys-kernel/coreos-modules-4.11.3 RESTRICT=binchecks strip -SLOT=0/4.11.2 +SLOT=0/4.11.3 _eclasses_=coreos-kernel a7d8c01479b7bbc753349eaebba79268 epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 9c113d6a64826c40154cad7be15d95ea linux-info ca370deef9d44125d829f2eb6ebc83e0 ltprune 2770eed66a9b8ef944714cd0e968182e multilib 0236be304ee52e7f179ed2f337075515 toolchain-funcs 6eb35f81556258a4bc9182ad3dfd58ee versionator c80ccf29e90adea7c5cae94b42eb76d0 -_md5_=b531fd02cfd892c89a08def456fd29dd +_md5_=97a87eab60d056190b8aa25e2601d2e2 diff --git a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/coreos-modules-4.11.2 b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/coreos-modules-4.11.3 similarity index 93% rename from sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/coreos-modules-4.11.2 rename to sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/coreos-modules-4.11.3 index 570c7a4908..9f4edcbffe 100644 --- a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/coreos-modules-4.11.2 +++ b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-kernel/coreos-modules-4.11.3 @@ -1,5 +1,5 @@ DEFINED_PHASES=compile configure install postinst prepare pretend setup unpack -DEPEND==sys-kernel/coreos-sources-4.11.2 +DEPEND==sys-kernel/coreos-sources-4.11.3 DESCRIPTION=CoreOS Linux kernel modules EAPI=5 HOMEPAGE=http://www.kernel.org @@ -8,6 +8,6 @@ KEYWORDS=amd64 arm64 LICENSE=GPL-2 freedist RDEPEND=!=sys-libs/ncurses-5.2 sys-devel/make dev-lang/perl sys-devel/bc ) RESTRICT=binchecks strip -SLOT=4.11.2 -SRC_URI=mirror://kernel/linux/kernel/v4.x/patch-4.11.2.xz mirror://kernel/linux/kernel/v4.x/linux-4.11.tar.xz +SLOT=4.11.3 +SRC_URI=mirror://kernel/linux/kernel/v4.x/patch-4.11.3.xz mirror://kernel/linux/kernel/v4.x/linux-4.11.tar.xz _eclasses_=epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 9c113d6a64826c40154cad7be15d95ea kernel-2 7cc211cb9f869927ca267873f54d8fd5 ltprune 2770eed66a9b8ef944714cd0e968182e multilib 0236be304ee52e7f179ed2f337075515 python-any-r1 be89e882151ba4b847089b860d79729c python-utils-r1 c11fc374357e6ad9ddfe2e9f931e4d29 toolchain-funcs 6eb35f81556258a4bc9182ad3dfd58ee versionator c80ccf29e90adea7c5cae94b42eb76d0 _md5_=0ddd24ae375858f7982c46c4594e9973