Bug#656423: pu: package qemu-kvm/0.12.5+dfsg-5+squeeze7
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: pu
I'd like to upload a new release of qemu-kvm package for squeeze/stable.
This update includes single change which is a fix for an old bug #637990
It is not very important fix (but worth fixing anyway), but now, when a
more recent version of libvirt uploaded to squeeze-backports, this bug
started hiting users, see http://lists.debian.org/debian-backports/2012/01/msg00053.html
for an example.
This very bugfix has been included in qemu-kvm upstream for a very long
time but has never been applied to any upstream stable series. It were
also used in ubuntu qemu-kvm package. The patch adds a forgotten close()
operation.
I prepared this update about half a year ago (17 Aug 2010), wishing to
fix #637990, but a more serious bug has been discovered, and the end
result was that I never went to including this fix in any stable release.
The debdiff against previous 0.12.5+dfsg-5+squeeze6 version is included.
I'd be nice to get in time for the next point release due to the mentioned
issue with squeeze-backports.
Thanks,
/mjt
-- System Information:
Debian Release: 6.0.3
APT prefers stable
APT policy: (990, 'stable'), (500, 'oldstable'), (500, 'testing'), (50, 'unstable'), (1, 'experimental')
Architecture: i386 (x86_64)
----
diff -u qemu-kvm-0.12.5+dfsg/debian/changelog qemu-kvm-0.12.5+dfsg/debian/changelog
--- qemu-kvm-0.12.5+dfsg/debian/changelog
+++ qemu-kvm-0.12.5+dfsg/debian/changelog
@@ -1,3 +1,11 @@
+qemu-kvm (0.12.5+dfsg-5+squeeze7) stable; urgency=low
+
+ * stash-away-SCM_RIGHTS-fd-until-a-getfd-command-arrives-e53f27b9d9.diff
+ patch from upstream (included in 0.13 and up, and also in ubuntu)
+ to fix NIC hotplug from libvirt (Closes: #637990)
+
+ -- Michael Tokarev <mjt@tls.msk.ru> Wed, 17 Aug 2011 13:35:03 +0400
+
qemu-kvm (0.12.5+dfsg-5+squeeze6) stable-security; urgency=low
* virtio-fix-indirect-descriptor-buffer-overflow-CVE-2011-2212
diff -u qemu-kvm-0.12.5+dfsg/debian/patches/series qemu-kvm-0.12.5+dfsg/debian/patches/series
--- qemu-kvm-0.12.5+dfsg/debian/patches/series
+++ qemu-kvm-0.12.5+dfsg/debian/patches/series
@@ -48,0 +49 @@
+stash-away-SCM_RIGHTS-fd-until-a-getfd-command-arrives-e53f27b9d9.diff
only in patch2:
unchanged:
--- qemu-kvm-0.12.5+dfsg.orig/debian/patches/stash-away-SCM_RIGHTS-fd-until-a-getfd-command-arrives-e53f27b9d9.diff
+++ qemu-kvm-0.12.5+dfsg/debian/patches/stash-away-SCM_RIGHTS-fd-until-a-getfd-command-arrives-e53f27b9d9.diff
@@ -0,0 +1,59 @@
+Refreshed for 0.12:
+
+commit e53f27b9d9df73461308618151fa6e6392aebd85
+Author: Paolo Bonzini <pbonzini@redhat.com>
+Date: Fri Apr 16 17:25:23 2010 +0200
+
+ stash away SCM_RIGHTS fd until a getfd command arrives
+
+ If there is already a fd in s->msgfd before recvmsg it is
+ closed by parts that this patch does not touch. So, only
+ one descriptor can be "leaked" by attaching it to a command
+ other than getfd.
+
+ Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+ Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
+
+--- a/qemu-char.c
++++ b/qemu-char.c
+@@ -1954,8 +1954,9 @@ static void tcp_chr_process_IAC_bytes(Ch
+ static int tcp_get_msgfd(CharDriverState *chr)
+ {
+ TCPCharDriver *s = chr->opaque;
+-
+- return s->msgfd;
++ int fd = s->msgfd;
++ s->msgfd = -1;
++ return fd;
+ }
+
+ #ifndef _WIN32
+@@ -2043,10 +2044,6 @@ static void tcp_chr_read(void *opaque)
+ tcp_chr_process_IAC_bytes(chr, s, buf, &size);
+ if (size > 0)
+ qemu_chr_read(chr, buf, size);
+- if (s->msgfd != -1) {
+- close(s->msgfd);
+- s->msgfd = -1;
+- }
+ }
+ }
+
+--- a/monitor.c
++++ b/monitor.c
+@@ -2294,15 +2294,6 @@ static void do_getfd(Monitor *mon, const
+ return;
+ }
+
+- fd = dup(fd);
+- if (fd == -1) {
+- if (errno == EMFILE)
+- qemu_error_new(QERR_TOO_MANY_FILES);
+- else
+- qemu_error_new(QERR_UNDEFINED_ERROR);
+- return;
+- }
+-
+ QLIST_FOREACH(monfd, &mon->fds, next) {
+ if (strcmp(monfd->name, fdname) != 0) {
+ continue;
Reply to: