Bug#742386: wheezy-pu: package qemu/1.1.2+dfsg-6a+deb7u1
On Sun, Mar 23, 2014 at 01:48:34PM +0400, Michael Tokarev wrote:
> Please note that the same changes should be done for qemu-kvm package on wheezy.
>
> Also note that the names of patches does not reflect reality.
> These are fixing real bugs in qemu, not hurd-specific issues.
Renamed patches, attached qemu-kvm one too.
Thanks,
--
G..e
diff -Nru qemu-1.1.2+dfsg/debian/changelog qemu-1.1.2+dfsg/debian/changelog
--- qemu-1.1.2+dfsg/debian/changelog 2013-03-18 07:10:11.000000000 +0100
+++ qemu-1.1.2+dfsg/debian/changelog 2014-03-23 01:38:39.000000000 +0100
@@ -1,3 +1,11 @@
+qemu (1.1.2+dfsg-6a+deb7u1) stable; urgency=medium
+
+ * Fix crash booting GNU/Hurd on both hwaccel systems without --enable-kvm
+ option and on non-hwaccel ones (Closes: #719633).
+ * Fix crash booting GNU/Hurd with QEMU multiboot options (Closes: #741873).
+
+ -- Gabriele Giacone <1o5g4r8o@gmail.com> Mon, 17 Mar 2014 00:36:36 +0100
+
qemu (1.1.2+dfsg-6a) unstable; urgency=low
* reupload to remove two unrelated files slipped in debian/
diff -Nru qemu-1.1.2+dfsg/debian/patches/fix-entry-pointer-for-ELF-kernels-loaded-with--kernel-option.patch qemu-1.1.2+dfsg/debian/patches/fix-entry-pointer-for-ELF-kernels-loaded-with--kernel-option.patch
--- qemu-1.1.2+dfsg/debian/patches/fix-entry-pointer-for-ELF-kernels-loaded-with--kernel-option.patch 1970-01-01 01:00:00.000000000 +0100
+++ qemu-1.1.2+dfsg/debian/patches/fix-entry-pointer-for-ELF-kernels-loaded-with--kernel-option.patch 2014-03-23 01:41:09.000000000 +0100
@@ -0,0 +1,27 @@
+Description: fix entry pointer for ELF kernels loaded with -kernel option
+Author: Henning Schild <henning@hennsch.de>
+Origin: upstream, http://git.qemu.org/?p=qemu.git;a=commitdiff;h=4de6467cbc8f3ddff7f2dcb63f427b0e92de0e9d
+Bug-Debian: https://bugs.debian.org/741873
+
+diff --git a/hw/elf_ops.h b/hw/elf_ops.h
+index fa65ce2..731a983 100644
+--- a/hw/elf_ops.h
++++ b/hw/elf_ops.h
+@@ -269,6 +269,17 @@ static int glue(load_elf, SZ)(const char *name, int fd,
+ addr = ph->p_paddr;
+ }
+
++ /* the entry pointer in the ELF header is a virtual
++ * address, if the text segments paddr and vaddr differ
++ * we need to adjust the entry */
++ if (pentry && !translate_fn &&
++ ph->p_vaddr != ph->p_paddr &&
++ ehdr.e_entry >= ph->p_vaddr &&
++ ehdr.e_entry < ph->p_vaddr + ph->p_filesz &&
++ ph->p_flags & PF_X) {
++ *pentry = ehdr.e_entry - ph->p_vaddr + ph->p_paddr;
++ }
++
+ snprintf(label, sizeof(label), "phdr #%d: %s", i, name);
+ rom_add_blob_fixed(label, data, mem_size, addr);
+
diff -Nru qemu-1.1.2+dfsg/debian/patches/series qemu-1.1.2+dfsg/debian/patches/series
--- qemu-1.1.2+dfsg/debian/patches/series 2013-03-18 06:05:54.000000000 +0100
+++ qemu-1.1.2+dfsg/debian/patches/series 2014-03-23 12:23:23.000000000 +0100
@@ -21,3 +21,5 @@
vmdk-fix-data-corruption-bug-in-WRITE-and-READ-handling.patch
uhci-don-t-queue-up-packets-after-one-with-the-SPD-flag-set.patch
usb-split-endpoint-init-and-reset.patch
+x86-only-allow-real-mode-to-access-32bit-without-LMA.patch
+fix-entry-pointer-for-ELF-kernels-loaded-with--kernel-option.patch
diff -Nru qemu-1.1.2+dfsg/debian/patches/x86-only-allow-real-mode-to-access-32bit-without-LMA.patch qemu-1.1.2+dfsg/debian/patches/x86-only-allow-real-mode-to-access-32bit-without-LMA.patch
--- qemu-1.1.2+dfsg/debian/patches/x86-only-allow-real-mode-to-access-32bit-without-LMA.patch 1970-01-01 01:00:00.000000000 +0100
+++ qemu-1.1.2+dfsg/debian/patches/x86-only-allow-real-mode-to-access-32bit-without-LMA.patch 2014-03-23 01:39:02.000000000 +0100
@@ -0,0 +1,33 @@
+Description: x86: only allow real mode to access 32bit without LMA
+ When we're running in non-64bit mode with qemu-system-x86_64 we can
+ still end up with virtual addresses that are above the 32bit boundary
+ if a segment offset is set up.
+ .
+ GNU Hurd does exactly that. It sets the segment offset to 0x80000000 and
+ puts its EIP value to 0x8xxxxxxx to access low memory.
+ .
+ This doesn't hit us when we enable paging, as there we just mask away the
+ unused bits. But with real mode, we assume that vaddr == paddr which is
+ wrong in this case. Real hardware wraps the virtual address around at the
+ 32bit boundary. So let's do the same.
+ .
+ This fixes booting GNU Hurd in qemu-system-x86_64 for me.
+Author: Alexander Graf <agraf@suse.de>
+Origin: upstream, http://git.qemu.org/?p=qemu.git;a=commitdiff;h=33dfdb56f2f3c8686d218395b871ec12fd5bf30b
+Bug-Debian: https://bugs.debian.org/719633
+
+--- a/target-i386/helper.c
++++ b/target-i386/helper.c
+@@ -512,6 +512,12 @@ int cpu_x86_handle_mmu_fault(CPUX86State
+
+ if (!(env->cr[0] & CR0_PG_MASK)) {
+ pte = addr;
++#ifdef TARGET_X86_64
++ if (!(env->hflags & HF_LMA_MASK)) {
++ /* Without long mode we can only address 32bits in real mode */
++ pte = (uint32_t)pte;
++ }
++#endif
+ virt_addr = addr & TARGET_PAGE_MASK;
+ prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
+ page_size = 4096;
diff -Nru qemu-kvm-1.1.2+dfsg/debian/changelog qemu-kvm-1.1.2+dfsg/debian/changelog
--- qemu-kvm-1.1.2+dfsg/debian/changelog 2013-03-18 06:03:51.000000000 +0100
+++ qemu-kvm-1.1.2+dfsg/debian/changelog 2014-03-23 12:28:43.000000000 +0100
@@ -1,3 +1,11 @@
+qemu-kvm (1.1.2+dfsg-6+deb7u1) stable; urgency=medium
+
+ * Fix crash booting GNU/Hurd on both hwaccel systems without --enable-kvm
+ option and on non-hwaccel ones (Closes: #719633).
+ * Fix crash booting GNU/Hurd with QEMU multiboot options (Closes: #741873).
+
+ -- Gabriele Giacone <1o5g4r8o@gmail.com> Sun, 23 Mar 2014 12:28:19 +0100
+
qemu-kvm (1.1.2+dfsg-6) unstable; urgency=low
* another bugfix for USB, upstream from early days of past-1.1.
diff -Nru qemu-kvm-1.1.2+dfsg/debian/patches/fix-entry-pointer-for-ELF-kernels-loaded-with--kernel-option.patch qemu-kvm-1.1.2+dfsg/debian/patches/fix-entry-pointer-for-ELF-kernels-loaded-with--kernel-option.patch
--- qemu-kvm-1.1.2+dfsg/debian/patches/fix-entry-pointer-for-ELF-kernels-loaded-with--kernel-option.patch 1970-01-01 01:00:00.000000000 +0100
+++ qemu-kvm-1.1.2+dfsg/debian/patches/fix-entry-pointer-for-ELF-kernels-loaded-with--kernel-option.patch 2014-03-23 12:26:38.000000000 +0100
@@ -0,0 +1,27 @@
+Description: fix entry pointer for ELF kernels loaded with -kernel option
+Author: Henning Schild <henning@hennsch.de>
+Origin: upstream, http://git.qemu.org/?p=qemu.git;a=commitdiff;h=4de6467cbc8f3ddff7f2dcb63f427b0e92de0e9d
+Bug-Debian: https://bugs.debian.org/741873
+
+diff --git a/hw/elf_ops.h b/hw/elf_ops.h
+index fa65ce2..731a983 100644
+--- a/hw/elf_ops.h
++++ b/hw/elf_ops.h
+@@ -269,6 +269,17 @@ static int glue(load_elf, SZ)(const char *name, int fd,
+ addr = ph->p_paddr;
+ }
+
++ /* the entry pointer in the ELF header is a virtual
++ * address, if the text segments paddr and vaddr differ
++ * we need to adjust the entry */
++ if (pentry && !translate_fn &&
++ ph->p_vaddr != ph->p_paddr &&
++ ehdr.e_entry >= ph->p_vaddr &&
++ ehdr.e_entry < ph->p_vaddr + ph->p_filesz &&
++ ph->p_flags & PF_X) {
++ *pentry = ehdr.e_entry - ph->p_vaddr + ph->p_paddr;
++ }
++
+ snprintf(label, sizeof(label), "phdr #%d: %s", i, name);
+ rom_add_blob_fixed(label, data, mem_size, addr);
+
diff -Nru qemu-kvm-1.1.2+dfsg/debian/patches/series qemu-kvm-1.1.2+dfsg/debian/patches/series
--- qemu-kvm-1.1.2+dfsg/debian/patches/series 2013-02-28 17:55:11.000000000 +0100
+++ qemu-kvm-1.1.2+dfsg/debian/patches/series 2014-03-23 12:26:51.000000000 +0100
@@ -23,3 +23,5 @@
vmdk-fix-data-corruption-bug-in-WRITE-and-READ-handling.patch
uhci-don-t-queue-up-packets-after-one-with-the-SPD-flag-set.patch
usb-split-endpoint-init-and-reset.patch
+x86-only-allow-real-mode-to-access-32bit-without-LMA.patch
+fix-entry-pointer-for-ELF-kernels-loaded-with--kernel-option.patch
diff -Nru qemu-kvm-1.1.2+dfsg/debian/patches/x86-only-allow-real-mode-to-access-32bit-without-LMA.patch qemu-kvm-1.1.2+dfsg/debian/patches/x86-only-allow-real-mode-to-access-32bit-without-LMA.patch
--- qemu-kvm-1.1.2+dfsg/debian/patches/x86-only-allow-real-mode-to-access-32bit-without-LMA.patch 1970-01-01 01:00:00.000000000 +0100
+++ qemu-kvm-1.1.2+dfsg/debian/patches/x86-only-allow-real-mode-to-access-32bit-without-LMA.patch 2014-03-23 12:26:28.000000000 +0100
@@ -0,0 +1,33 @@
+Description: x86: only allow real mode to access 32bit without LMA
+ When we're running in non-64bit mode with qemu-system-x86_64 we can
+ still end up with virtual addresses that are above the 32bit boundary
+ if a segment offset is set up.
+ .
+ GNU Hurd does exactly that. It sets the segment offset to 0x80000000 and
+ puts its EIP value to 0x8xxxxxxx to access low memory.
+ .
+ This doesn't hit us when we enable paging, as there we just mask away the
+ unused bits. But with real mode, we assume that vaddr == paddr which is
+ wrong in this case. Real hardware wraps the virtual address around at the
+ 32bit boundary. So let's do the same.
+ .
+ This fixes booting GNU Hurd in qemu-system-x86_64 for me.
+Author: Alexander Graf <agraf@suse.de>
+Origin: upstream, http://git.qemu.org/?p=qemu.git;a=commitdiff;h=33dfdb56f2f3c8686d218395b871ec12fd5bf30b
+Bug-Debian: https://bugs.debian.org/719633
+
+--- a/target-i386/helper.c
++++ b/target-i386/helper.c
+@@ -512,6 +512,12 @@ int cpu_x86_handle_mmu_fault(CPUX86State
+
+ if (!(env->cr[0] & CR0_PG_MASK)) {
+ pte = addr;
++#ifdef TARGET_X86_64
++ if (!(env->hflags & HF_LMA_MASK)) {
++ /* Without long mode we can only address 32bits in real mode */
++ pte = (uint32_t)pte;
++ }
++#endif
+ virt_addr = addr & TARGET_PAGE_MASK;
+ prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
+ page_size = 4096;
Reply to: