Patchwork 01/01: gnu: qemu: Update to 2.7.0 [fixes CVE-2016-7116].

login
register
mail settings
Submitter Leo Famulari
Date Sept. 6, 2016, 7:34 a.m.
Message ID <20160906073421.GA13088@jasmine>
Download mbox | patch
Permalink /patch/15350/
State New
Headers show

Comments

Leo Famulari - Sept. 6, 2016, 7:34 a.m.
On Tue, Sep 06, 2016 at 12:35:29AM +0000, Leo Famulari wrote:
> commit 43bec6d06d8dcc4c0f865e492d370a8724bba2ce
> Author: Leo Famulari <leo@famulari.name>
> Date:   Sun Sep 4 02:53:37 2016 -0400
> 
>     gnu: qemu: Update to 2.7.0 [fixes CVE-2016-7116].
>     
>     * gnu/packages/qemu.scm (qemu): Update to 2.7.0.
>     [arguments]: Adjust path in 'disable-test-qga' phase.

>           (add-before 'check 'disable-test-qga
>             (lambda _
> -             (substitute* "tests/Makefile"
> +             (substitute* "tests/Makefile.include"
>                 ;; Comment out the test-qga test, which needs /sys and

This change broke qemu-for-tests and qemu-2.3.0. In turn, that broke
GRUB, American fuzzy lop, and a bunch of the system tests:
https://hydra.gnu.org/eval/109151

I adjusted the QEMU variants with the attached patch, but the system
test "installed-os" still fails like this:

$ guix environment --pure guix --ad-hoc git
[env]$ make check-system TESTS="installed-os"
Compiling Scheme modules...
Running 1 system tests...
Backtrace:
In ice-9/eval.scm:
 432: 19 [eval # #]
In ice-9/r4rs.scm:
  90: 18 [dynamic-wind #<procedure 4d893c0 at ice-9/boot-9.scm:1133:2 _> ...]
In guix/store.scm:
1182: 17 [run-with-store # #<procedure 4d7f270 at ice-9/eval.scm:416:20 (a)> # ...]
In ice-9/r4rs.scm:
  39: 16 [call-with-values #<procedure 4d7f000 at ice-9/eval.scm:416:20 ()> ...]
In guix/monads.scm:
 371: 15 [#<procedure 4d7f2d0 at guix/monads.scm:368:2 (state)> #]
 371: 14 [#<procedure 4d7f300 at guix/monads.scm:368:2 (state)> #]
 371: 13 [#<procedure 4d7f360 at guix/monads.scm:368:2 (state)> #]
In gnu/tests/install.scm:
 219: 12 [#<procedure 4d72420 at gnu/tests/install.scm:219:4 (state)> #]
 137: 11 [#<procedure 4e2c660 at gnu/tests/install.scm:137:2 (state)> #]
 137: 10 [#<procedure 4d85500 at gnu/tests/install.scm:137:2 (target)> #]
In gnu/system/vm.scm:
 285: 9 [system-disk-image # # "disk-image" ...]
In gnu/system.scm:
 612: 8 [operating-system-derivation # # #f]
In gnu/services.scm:
 585: 7 [loop #]
In srfi/srfi-1.scm:
 578: 6 [map #<procedure loop (sink)> (# # # #)]
In gnu/services.scm:
 585: 5 [loop #<<service> type: #<service-type boot 457cf90> parameters: #t>]
In srfi/srfi-1.scm:
 576: 4 [map #<procedure loop (sink)> (# # #)]
In gnu/services.scm:
 585: 3 [loop #<<service> type: #<service-type activate 457cea0> parameters: #t>]
In srfi/srfi-1.scm:
 578: 2 [map #<procedure 6b73360 at gnu/services.scm:574:4 (service)> (# # # # ...)]
In gnu/services/base.scm:
1106: 1 [guix-activation #]
In unknown file:
   ?: 0 [scm-error wrong-type-arg "map" "Not a list: ~S" (#t) #f]

ERROR: In procedure scm-error:
ERROR: In procedure map: Not a list: #t
make: *** [Makefile:4845: check-system] Error 1
From 94f52fe26898e6d476630dca746531f7cbe8b882 Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Tue, 6 Sep 2016 03:21:45 -0400
Subject: [PATCH] gnu: qemu-2.3.0, qemu-for-tests: Fix path.

This is a followup to commit 43bec6d06d8dcc4c0f865e492d370a8724bba2ce.

* gnu/packages/grub.scm (qemu-for-tests)[arguments]: Replace 'disable-test-qga'
phase.
* gnu/packages/debug.scm (qemu-2.3.0)[arguments]: Likewise.
---
 gnu/packages/debug.scm | 11 ++++++++++-
 gnu/packages/grub.scm  | 12 +++++++++++-
 2 files changed, 21 insertions(+), 2 deletions(-)
Efraim Flashner - Sept. 6, 2016, 5:05 p.m.
On Tue, Sep 06, 2016 at 03:34:21AM -0400, Leo Famulari wrote:
> On Tue, Sep 06, 2016 at 12:35:29AM +0000, Leo Famulari wrote:
> > commit 43bec6d06d8dcc4c0f865e492d370a8724bba2ce
> > Author: Leo Famulari <leo@famulari.name>
> > Date:   Sun Sep 4 02:53:37 2016 -0400
> > 
> >     gnu: qemu: Update to 2.7.0 [fixes CVE-2016-7116].
> >     
> >     * gnu/packages/qemu.scm (qemu): Update to 2.7.0.
> >     [arguments]: Adjust path in 'disable-test-qga' phase.
> 
> >           (add-before 'check 'disable-test-qga
> >             (lambda _
> > -             (substitute* "tests/Makefile"
> > +             (substitute* "tests/Makefile.include"
> >                 ;; Comment out the test-qga test, which needs /sys and
> 
> This change broke qemu-for-tests and qemu-2.3.0. In turn, that broke
> GRUB, American fuzzy lop, and a bunch of the system tests:
> https://hydra.gnu.org/eval/109151
> 
> I adjusted the QEMU variants with the attached patch, but the system
> test "installed-os" still fails like this:
> 
> $ guix environment --pure guix --ad-hoc git
> [env]$ make check-system TESTS="installed-os"
> Compiling Scheme modules...
> Running 1 system tests...
> Backtrace:
> In ice-9/eval.scm:
>  432: 19 [eval # #]
> In ice-9/r4rs.scm:
>   90: 18 [dynamic-wind #<procedure 4d893c0 at ice-9/boot-9.scm:1133:2 _> ...]
> In guix/store.scm:
> 1182: 17 [run-with-store # #<procedure 4d7f270 at ice-9/eval.scm:416:20 (a)> # ...]
> In ice-9/r4rs.scm:
>   39: 16 [call-with-values #<procedure 4d7f000 at ice-9/eval.scm:416:20 ()> ...]
> In guix/monads.scm:
>  371: 15 [#<procedure 4d7f2d0 at guix/monads.scm:368:2 (state)> #]
>  371: 14 [#<procedure 4d7f300 at guix/monads.scm:368:2 (state)> #]
>  371: 13 [#<procedure 4d7f360 at guix/monads.scm:368:2 (state)> #]
> In gnu/tests/install.scm:
>  219: 12 [#<procedure 4d72420 at gnu/tests/install.scm:219:4 (state)> #]
>  137: 11 [#<procedure 4e2c660 at gnu/tests/install.scm:137:2 (state)> #]
>  137: 10 [#<procedure 4d85500 at gnu/tests/install.scm:137:2 (target)> #]
> In gnu/system/vm.scm:
>  285: 9 [system-disk-image # # "disk-image" ...]
> In gnu/system.scm:
>  612: 8 [operating-system-derivation # # #f]
> In gnu/services.scm:
>  585: 7 [loop #]
> In srfi/srfi-1.scm:
>  578: 6 [map #<procedure loop (sink)> (# # # #)]
> In gnu/services.scm:
>  585: 5 [loop #<<service> type: #<service-type boot 457cf90> parameters: #t>]
> In srfi/srfi-1.scm:
>  576: 4 [map #<procedure loop (sink)> (# # #)]
> In gnu/services.scm:
>  585: 3 [loop #<<service> type: #<service-type activate 457cea0> parameters: #t>]
> In srfi/srfi-1.scm:
>  578: 2 [map #<procedure 6b73360 at gnu/services.scm:574:4 (service)> (# # # # ...)]
> In gnu/services/base.scm:
> 1106: 1 [guix-activation #]
> In unknown file:
>    ?: 0 [scm-error wrong-type-arg "map" "Not a list: ~S" (#t) #f]
> 
> ERROR: In procedure scm-error:
> ERROR: In procedure map: Not a list: #t
> make: *** [Makefile:4845: check-system] Error 1

> From 94f52fe26898e6d476630dca746531f7cbe8b882 Mon Sep 17 00:00:00 2001
> From: Leo Famulari <leo@famulari.name>
> Date: Tue, 6 Sep 2016 03:21:45 -0400
> Subject: [PATCH] gnu: qemu-2.3.0, qemu-for-tests: Fix path.
> 
> This is a followup to commit 43bec6d06d8dcc4c0f865e492d370a8724bba2ce.
> 
> * gnu/packages/grub.scm (qemu-for-tests)[arguments]: Replace 'disable-test-qga'
> phase.
> * gnu/packages/debug.scm (qemu-2.3.0)[arguments]: Likewise.
> ---
>  gnu/packages/debug.scm | 11 ++++++++++-
>  gnu/packages/grub.scm  | 12 +++++++++++-
>  2 files changed, 21 insertions(+), 2 deletions(-)
> 
> diff --git a/gnu/packages/debug.scm b/gnu/packages/debug.scm
> index 9da8885..6bcb0f1 100644
> --- a/gnu/packages/debug.scm
> +++ b/gnu/packages/debug.scm
> @@ -161,7 +161,16 @@ tools that process C/C++ code.")
>       ;; XXX: Disable tests because of GTester's rejection of duplicate test
>       ;; names, which wasn't addressed in this version of QEMU.
>       `(#:tests? #f
> -       ,@(package-arguments qemu-minimal)))))
> +       ,@(substitute-keyword-arguments (package-arguments qemu-minimal)
> +           ((#:phases phases)
> +            `(modify-phases ,phases
> +               ;; The filename changed in qemu@2.7.0.
> +               (replace 'disable-test-qga
> +                 (lambda _
> +                   (substitute* "tests/Makefile"
> +                     (("check-unit-.* tests/test-qga" all)
> +                      (string-append "# " all)))
> +                   #t)))))))))
>  
>  (define-public american-fuzzy-lop
>    (let ((machine (match (or (%current-target-system)
> diff --git a/gnu/packages/grub.scm b/gnu/packages/grub.scm
> index 3229b86..298379d 100644
> --- a/gnu/packages/grub.scm
> +++ b/gnu/packages/grub.scm
> @@ -24,6 +24,7 @@
>    #:use-module (guix packages)
>    #:use-module ((guix licenses) #:select (gpl3+))
>    #:use-module (guix build-system gnu)
> +  #:use-module (guix utils)
>    #:use-module (gnu packages)
>    #:use-module (gnu packages flex)
>    #:use-module (gnu packages disk)
> @@ -58,7 +59,16 @@
>      ;;   ERROR:tests/rtc-test.c:176:check_time: assertion failed (ABS(t - s) <= wiggle): (382597824 <= 2)
>      ;; Simply disable the tests.
>      (arguments `(#:tests? #f
> -                 ,@(package-arguments qemu-minimal)))
> +                 ,@(substitute-keyword-arguments (package-arguments qemu-minimal)
> +                     ((#:phases phases)
> +                      `(modify-phases ,phases
> +                         ;; The filename changed in qemu@2.7.0.
> +                         (replace 'disable-test-qga
> +                           (lambda _
> +                             (substitute* "tests/Makefile"
> +                               (("check-unit-.* tests/test-qga" all)
> +                                (string-append "# " all)))
> +                             #t)))))))
>  
>      ;; The manual fails to build with Texinfo 5.x.
>      (native-inputs (alist-delete "texinfo" (package-native-inputs qemu)))))
> -- 
> 2.10.0
> 


I pushed a fix to remove the 'disable-test-qga phase, since in all these
cases we already had #:tests? #f.

At the same time I pushed an update to orc, which caused
gst-plugins-good on i686-linux to be rebuilt, which FTBFS
non-deterministically, and should account for some of the i686 packages
not seeming to be fixed.
Leo Famulari - Sept. 6, 2016, 5:14 p.m.
On Tue, Sep 06, 2016 at 08:05:03PM +0300, Efraim Flashner wrote:

> I pushed a fix to remove the 'disable-test-qga phase, since in all these
> cases we already had #:tests? #f.

Oh, right :)

> At the same time I pushed an update to orc, which caused
> gst-plugins-good on i686-linux to be rebuilt, which FTBFS
> non-deterministically, and should account for some of the i686 packages
> not seeming to be fixed.

Hm, so we should try rebuilding gst-plugins-good on Hydra?

Patch

diff --git a/gnu/packages/debug.scm b/gnu/packages/debug.scm
index 9da8885..6bcb0f1 100644
--- a/gnu/packages/debug.scm
+++ b/gnu/packages/debug.scm
@@ -161,7 +161,16 @@  tools that process C/C++ code.")
      ;; XXX: Disable tests because of GTester's rejection of duplicate test
      ;; names, which wasn't addressed in this version of QEMU.
      `(#:tests? #f
-       ,@(package-arguments qemu-minimal)))))
+       ,@(substitute-keyword-arguments (package-arguments qemu-minimal)
+           ((#:phases phases)
+            `(modify-phases ,phases
+               ;; The filename changed in qemu@2.7.0.
+               (replace 'disable-test-qga
+                 (lambda _
+                   (substitute* "tests/Makefile"
+                     (("check-unit-.* tests/test-qga" all)
+                      (string-append "# " all)))
+                   #t)))))))))
 
 (define-public american-fuzzy-lop
   (let ((machine (match (or (%current-target-system)
diff --git a/gnu/packages/grub.scm b/gnu/packages/grub.scm
index 3229b86..298379d 100644
--- a/gnu/packages/grub.scm
+++ b/gnu/packages/grub.scm
@@ -24,6 +24,7 @@ 
   #:use-module (guix packages)
   #:use-module ((guix licenses) #:select (gpl3+))
   #:use-module (guix build-system gnu)
+  #:use-module (guix utils)
   #:use-module (gnu packages)
   #:use-module (gnu packages flex)
   #:use-module (gnu packages disk)
@@ -58,7 +59,16 @@ 
     ;;   ERROR:tests/rtc-test.c:176:check_time: assertion failed (ABS(t - s) <= wiggle): (382597824 <= 2)
     ;; Simply disable the tests.
     (arguments `(#:tests? #f
-                 ,@(package-arguments qemu-minimal)))
+                 ,@(substitute-keyword-arguments (package-arguments qemu-minimal)
+                     ((#:phases phases)
+                      `(modify-phases ,phases
+                         ;; The filename changed in qemu@2.7.0.
+                         (replace 'disable-test-qga
+                           (lambda _
+                             (substitute* "tests/Makefile"
+                               (("check-unit-.* tests/test-qga" all)
+                                (string-append "# " all)))
+                             #t)))))))
 
     ;; The manual fails to build with Texinfo 5.x.
     (native-inputs (alist-delete "texinfo" (package-native-inputs qemu)))))