Ubuntu
qemu package

Merge ~paelzer/ubuntu/+source/qemu:fix-1820291-freeze-hook-and-CVE into ~ubuntu-virt/ubuntu/+source/qemu:ubuntu-disco-3.1

  1. Git
  2. lp:~paelzer/ubuntu/+source/qemu
  3. fix-1820291-freeze-hook-and-CVE
  4. Merge into ubuntu-disco-3.1
Proposed by Christian Ehrhardt 
Status: Merged
Merge reported by: Christian Ehrhardt 
Merged at revision: 6bda69c720794f432abc84bde494e4612cf925e5
Proposed branch: ~paelzer/ubuntu/+source/qemu:fix-1820291-freeze-hook-and-CVE
Merge into: ~ubuntu-virt/ubuntu/+source/qemu:ubuntu-disco-3.1
Diff against target: 279 lines (+227/-1)
7 files modified
debian/changelog (+14/-0)
debian/patches/i2c-ddc-fix-oob-read-CVE-2019-3812.patch (+34/-0)
debian/patches/series (+1/-0)
debian/qemu-guest-agent.install (+1/-1)
debian/qemu-guest-agent.postinst (+59/-0)
debian/qemu-guest-agent.postrm (+56/-0)
debian/qemu-guest-agent.preinst (+62/-0)
Reviewer Review Type Date Requested Status
Robie Basak (community) Approve
Andreas Hasenack (community) Abstain
Ubuntu Virtualisation team Pending
Review via email: mp+364760@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Robie Basak (racb) wrote :

AFAICT the implementation of your conffile rename is necessary and correct.

I am somewhat confused by the approach you took though, which seems to have three different "what to minimise" choices in three different cases. I've left comments inline in an effort to explain what I mean. However, I don't think it's worth worrying about, since this upgrade path code will go away soon anyway, you have tested the different cases with your implementation here carefully, and I don't see any functional problems with your approach as dpkg-maintscript-helper and dpkg are written today.

Separately I suggested one minor changelog fixup (inline), which I leave to your discretion in case I'm missing something.

review: Approve
Revision history for this message
Andreas Hasenack (ahasenack) :
review: Abstain
Revision history for this message
Robie Basak (racb) wrote :

(oh, and I did review the CVE fix, which looks fine, matching upstream, etc)

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Thanks for the review!
I have made quite some cleanups due to that and I think it is better now.
I'll reset and to the testing again, once good I'll ping for a re-review.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

BTW - the PPA to test is:
https://launchpad.net/~paelzer/+archive/ubuntu/bug-1820291-fix-fsfreeze

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

tested and pushed the new version

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

@rbasak - would you mind to do a quick re-review?

Revision history for this message
Robie Basak (racb) :
review: Approve
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Thanks, I proposed it to Debian as well now [1] - and give them a chance to reply so that we handle it similarly.
Likely uploading tomorrow to meet the Beta freeze in time.

[1]: https://salsa.debian.org/qemu-team/qemu/merge_requests/5

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Building at https://launchpad.net/ubuntu/+source/qemu/1:3.1+dfsg-2ubuntu3
Setting merged.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/debian/changelog b/debian/changelog
index 4652669..6430822 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,17 @@
1qemu (1:3.1+dfsg-2ubuntu3) disco; urgency=medium
2
3 * qemu-guest-agent: fix path of fsfreeze-hook (LP: #1820291)
4 - d/qemu-guest-agent.install: use correct path for fsfreeze-hook
5 - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for
6 mv_conffile since the new path is a directory in the old package
7 version which can not be handled by mv_conffile.
8 * i2c-ddc-fix-oob-read-CVE-2019-3812.patch fixes
9 OOB read in hw/i2c/i2c-ddc.c which allows for memory disclosure.
10 Closes: #922635 (Thanks to Gerd Hoffmann and Michael Tokarev)
11 CVE-2019-3812
12
13 -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 18 Mar 2019 09:20:07 +0100
14
1qemu (1:3.1+dfsg-2ubuntu2) disco; urgency=medium15qemu (1:3.1+dfsg-2ubuntu2) disco; urgency=medium
216
3 * disable pvrdma - besides several security holes there are many other17 * disable pvrdma - besides several security holes there are many other
diff --git a/debian/patches/i2c-ddc-fix-oob-read-CVE-2019-3812.patch b/debian/patches/i2c-ddc-fix-oob-read-CVE-2019-3812.patch
4new file mode 10064418new file mode 100644
index 0000000..628696b
--- /dev/null
+++ b/debian/patches/i2c-ddc-fix-oob-read-CVE-2019-3812.patch
@@ -0,0 +1,34 @@
1From: Gerd Hoffmann <kraxel@redhat.com>
2Date: Tue, 8 Jan 2019 11:23:01 +0100
3Subject: i2c-ddc: fix oob read
4Commit-Id: b05b267840515730dbf6753495d5b7bd8b04ad1c
5Bug-Debian: https://bugs.debian.org/922635
6MIME-Version: 1.0
7Content-Type: text/plain; charset=UTF-8
8Content-Transfer-Encoding: 8bit
9
10Suggested-by: Michael Hanselmann <public@hansmi.ch>
11Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
12Reviewed-by: Michael Hanselmann <public@hansmi.ch>
13Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
14Message-id: 20190108102301.1957-1-kraxel@redhat.com
15---
16 hw/i2c/i2c-ddc.c | 2 +-
17 1 file changed, 1 insertion(+), 1 deletion(-)
18
19diff --git a/hw/i2c/i2c-ddc.c b/hw/i2c/i2c-ddc.c
20index be34fe072c..0a0367ff38 100644
21--- a/hw/i2c/i2c-ddc.c
22+++ b/hw/i2c/i2c-ddc.c
23@@ -56,7 +56,7 @@ static int i2c_ddc_rx(I2CSlave *i2c)
24 I2CDDCState *s = I2CDDC(i2c);
25
26 int value;
27- value = s->edid_blob[s->reg];
28+ value = s->edid_blob[s->reg % sizeof(s->edid_blob)];
29 s->reg++;
30 return value;
31 }
32--
332.11.0
34
diff --git a/debian/patches/series b/debian/patches/series
index fbe83e2..54769a7 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -5,6 +5,7 @@ bt-use-size_t-type-for-length-parameters-instead-of-int-CVE-2018-19665.patch
5hw_usb-fix-mistaken-de-initialization-of-CCID-state.patch5hw_usb-fix-mistaken-de-initialization-of-CCID-state.patch
6scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch6scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch
7slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778.patch7slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778.patch
8i2c-ddc-fix-oob-read-CVE-2019-3812.patch
89
9# ubuntu patches10# ubuntu patches
10ubuntu/expose-vmx_qemu64cpu.patch11ubuntu/expose-vmx_qemu64cpu.patch
diff --git a/debian/qemu-guest-agent.install b/debian/qemu-guest-agent.install
index 8bf0389..7049413 100644
--- a/debian/qemu-guest-agent.install
+++ b/debian/qemu-guest-agent.install
@@ -3,4 +3,4 @@ debian/tmp/usr/share/man/man8/qemu-ga.8 /usr/share/man/man8
3debian/tmp/usr/share/man/man7/qemu-ga-ref.7 /usr/share/man/man73debian/tmp/usr/share/man/man7/qemu-ga-ref.7 /usr/share/man/man7
4debian/tmp/usr/share/doc/qemu/qemu-ga-ref.* /usr/share/doc/qemu-guest-agent4debian/tmp/usr/share/doc/qemu/qemu-ga-ref.* /usr/share/doc/qemu-guest-agent
5qga/qapi-schema.json /usr/share/doc/qemu-guest-agent5qga/qapi-schema.json /usr/share/doc/qemu-guest-agent
6scripts/qemu-guest-agent/fsfreeze-hook /etc/qemu/fsfreeze-hook6scripts/qemu-guest-agent/fsfreeze-hook /etc/qemu/
diff --git a/debian/qemu-guest-agent.postinst b/debian/qemu-guest-agent.postinst
7new file mode 1006447new file mode 100644
index 0000000..925b748
--- /dev/null
+++ b/debian/qemu-guest-agent.postinst
@@ -0,0 +1,59 @@
1#!/bin/sh
2# postinst script for qemu-guest-agent
3#
4# see: dh_installdeb(1)
5
6set -e
7
8# summary of how this script can be called:
9# * <postinst> `configure' <most-recently-configured-version>
10# * <old-postinst> `abort-upgrade' <new version>
11# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
12# <new-version>
13# * <postinst> `abort-remove'
14# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
15# <failed-install-package> <version> `removing'
16# <conflicting-package> <version>
17# for details, see https://www.debian.org/doc/debian-policy/ or
18# the debian-policy package
19
20
21case "$1" in
22 configure)
23 ;;
24
25 abort-upgrade|abort-remove|abort-deconfigure)
26 ;;
27
28 *)
29 echo "postinst called with unknown argument \`$1'" >&2
30 exit 1
31 ;;
32esac
33
34# dh_installdeb will replace this with shell code automatically
35# generated by other debhelper scripts.
36
37#DEBHELPER#
38
39# Normal mv_conffile alone would fail due to the new path being a DIR in the old package version (LP: 1820291)
40case "$1" in
41 configure)
42 # From /usr/bin/dpkg-maintscript-helper modified to be able to cope with this edge case
43 if [ -n "$2" ] && dpkg --compare-versions -- "$2" le-nl "1:3.1+dfsg-2ubuntu3~"; then
44 TMPCONFFILE="/etc/qemu/fsfreeze-hook.old"
45 NEWCONFFILE="/etc/qemu/fsfreeze-hook"
46 ORIGCONFFILE="/etc/qemu/fsfreeze-hook/fsfreeze-hook"
47 rm -f "$TMPCONFFILE.dpkg-remove"
48 if [ -e "$TMPCONFFILE" ]; then
49 echo "Preserving user changes to $NEWCONFFILE (renamed from $ORIGCONFFILE)..."
50 if [ -e "$NEWCONFFILE" ]; then
51 mv -f "$NEWCONFFILE" "$NEWCONFFILE.dpkg-new"
52 fi
53 mv -f "$TMPCONFFILE" "$NEWCONFFILE"
54 fi
55 fi
56 ;;
57esac
58
59exit 0
diff --git a/debian/qemu-guest-agent.postrm b/debian/qemu-guest-agent.postrm
0new file mode 10064460new file mode 100644
index 0000000..14abbb8
--- /dev/null
+++ b/debian/qemu-guest-agent.postrm
@@ -0,0 +1,56 @@
1#!/bin/sh
2# postrm script for qemu-guest-agent
3#
4# see: dh_installdeb(1)
5
6set -e
7
8# summary of how this script can be called:
9# * <postrm> `remove'
10# * <postrm> `purge'
11# * <old-postrm> `upgrade' <new-version>
12# * <new-postrm> `failed-upgrade' <old-version>
13# * <new-postrm> `abort-install'
14# * <new-postrm> `abort-install' <old-version>
15# * <new-postrm> `abort-upgrade' <old-version>
16# * <disappearer's-postrm> `disappear' <overwriter>
17# <overwriter-version>
18# for details, see https://www.debian.org/doc/debian-policy/ or
19# the debian-policy package
20
21
22case "$1" in
23 purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
24 ;;
25
26 *)
27 echo "postrm called with unknown argument \`$1'" >&2
28 exit 1
29 ;;
30esac
31
32# dh_installdeb will replace this with shell code automatically
33# generated by other debhelper scripts.
34
35#DEBHELPER#
36
37# If needed revert the move we have made in preinst to compensate the new path being a DIR in the old package version (LP: 1820291)
38case "$1" in
39 abort-install|abort-upgrade)
40 # From /usr/bin/dpkg-maintscript-helper modified to be able to cope with this edge case
41 if [ -n "$2" ] && dpkg --compare-versions -- "$2" le-nl "1:3.1+dfsg-2ubuntu3~"; then
42 TMPCONFFILE="/etc/qemu/fsfreeze-hook.old"
43 NEWCONFFILE="/etc/qemu/fsfreeze-hook"
44 ORIGCONFFILE="/etc/qemu/fsfreeze-hook/fsfreeze-hook"
45 if [ -e "$TMPCONFFILE.dpkg-remove" ]; then
46 echo "Reinstalling $ORIGCONFFILE that was moved away"
47 if [ -f "$NEWCONFFILE" ]; then
48 rm -f "$NEWCONFFILE"
49 fi
50 mkdir -p "$NEWCONFFILE"
51 mv "$TMPCONFFILE.dpkg-remove" "$ORIGCONFFILE"
52 fi
53 fi
54esac
55
56exit 0
diff --git a/debian/qemu-guest-agent.preinst b/debian/qemu-guest-agent.preinst
0new file mode 10064457new file mode 100644
index 0000000..4f47675
--- /dev/null
+++ b/debian/qemu-guest-agent.preinst
@@ -0,0 +1,62 @@
1#!/bin/sh
2# preinst script for qemu-guest-agent
3#
4# see: dh_installdeb(1)
5
6set -e
7
8# summary of how this script can be called:
9# * <new-preinst> `install'
10# * <new-preinst> `install' <old-version>
11# * <new-preinst> `upgrade' <old-version>
12# * <old-preinst> `abort-upgrade' <new-version>
13# for details, see https://www.debian.org/doc/debian-policy/ or
14# the debian-policy package
15
16
17case "$1" in
18 install|upgrade)
19 ;;
20
21 abort-upgrade)
22 ;;
23
24 *)
25 echo "preinst called with unknown argument \`$1'" >&2
26 exit 1
27 ;;
28esac
29
30# dh_installdeb will replace this with shell code automatically
31# generated by other debhelper scripts.
32
33# Normal mv_conffile alone would fail due to the new path being a DIR in the old package version (LP: 1820291)
34case "$1" in
35 install|upgrade)
36 # From /usr/bin/dpkg-maintscript-helper modified to be able to cope with this edge case
37 if [ -n "$2" ] && dpkg --compare-versions -- "$2" le-nl "1:3.1+dfsg-2ubuntu3~"; then
38 TMPCONFFILE="/etc/qemu/fsfreeze-hook.old"
39 NEWCONFFILE="/etc/qemu/fsfreeze-hook"
40 ORIGCONFFILE="/etc/qemu/fsfreeze-hook/fsfreeze-hook"
41 if [ -f "$ORIGCONFFILE" ]; then
42 disk_md5sum="$(md5sum "$ORIGCONFFILE" | sed -e 's/ .*//')"
43 pkg_md5sum="$(dpkg-query -W -f='${Conffiles}' "qemu-guest-agent" | \
44 sed -n -e "\'^ $ORIGCONFFILE ' { s/ obsolete$//; s/.* //; p }")"
45 if [ "$disk_md5sum" = "$pkg_md5sum" ]; then
46 # mark as having no custom content
47 mv -f "$ORIGCONFFILE" "${TMPCONFFILE}.dpkg-remove"
48 else
49 # keep the "old" name to reflect there is content to be preserved
50 mv -f "$ORIGCONFFILE" "$TMPCONFFILE"
51 fi
52 # In any case the old directory blocking the new conffile
53 # has to be removed before unpack happens
54 rmdir "$NEWCONFFILE" || echo "failed to remove $NEWCONFFILE"
55 fi
56 fi
57 ;;
58esac
59
60#DEBHELPER#
61
62exit 0

Subscribers

People subscribed via source and target branches