diff options
Diffstat (limited to 'gnu/packages/patches/qemu-CVE-2017-12809.patch')
-rw-r--r-- | gnu/packages/patches/qemu-CVE-2017-12809.patch | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/gnu/packages/patches/qemu-CVE-2017-12809.patch b/gnu/packages/patches/qemu-CVE-2017-12809.patch new file mode 100644 index 0000000000..e40a14b4e0 --- /dev/null +++ b/gnu/packages/patches/qemu-CVE-2017-12809.patch @@ -0,0 +1,38 @@ +http://openwall.com/lists/oss-security/2017/08/21/2 +https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg01850.html + +The block backend changed in a way that flushing empty CDROM drives now +crashes. Amend IDE to avoid doing so until the root problem can be +addressed for 2.11. + +Original patch by John Snow <address@hidden>. + +Reported-by: Kieron Shorrock <address@hidden> +Signed-off-by: Stefan Hajnoczi <address@hidden> +--- + hw/ide/core.c | 10 +++++++++- + 1 file changed, 9 insertions(+), 1 deletion(-) + +diff --git a/hw/ide/core.c b/hw/ide/core.c +index 0b48b64d3a..bea39536b0 100644 +--- a/hw/ide/core.c ++++ b/hw/ide/core.c +@@ -1063,7 +1063,15 @@ static void ide_flush_cache(IDEState *s) + s->status |= BUSY_STAT; + ide_set_retry(s); + block_acct_start(blk_get_stats(s->blk), &s->acct, 0, BLOCK_ACCT_FLUSH); +- s->pio_aiocb = blk_aio_flush(s->blk, ide_flush_cb, s); ++ ++ if (blk_bs(s->blk)) { ++ s->pio_aiocb = blk_aio_flush(s->blk, ide_flush_cb, s); ++ } else { ++ /* XXX blk_aio_flush() crashes when blk_bs(blk) is NULL, remove this ++ * temporary workaround when blk_aio_*() functions handle NULL blk_bs. ++ */ ++ ide_flush_cb(s, 0); ++ } + } + + static void ide_cfata_metadata_inquiry(IDEState *s) +-- +2.13.3 |