[Qemu-devel] [PULL 0/5] Misc next patches

[Qemu-devel] [PULL 0/5] Misc next patches

[Daniel P. Berrangé]

The following changes since commit 0274f45bdef73283f2c213610f11d4e5dcba43b6:

  Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-4.1-pull-request' into staging (2019-07-19 09:44:43 +0100)

are available in the Git repository at:

  https://github.com/berrange/qemu tags/misc-next-pull-request

for you to fetch changes up to b7cbb8741b40b7cd4de9ad6bdb69baae4d6dadcf:

  crypto: Fix LGPL information in the file headers (2019-07-19 14:21:25 +0100)

----------------------------------------------------------------

 * Fixes crypto function signatures to be compatible with
   both old and new versions of nettle
 * Fixes deprecation warnings on new nettle
 * Fixes GPL license header typos
 * Documents security implications of monitor usage
 * Optimize linking of capstone to avoid it in tools

----------------------------------------------------------------

Daniel P. Berrangé (4):
  crypto: switch to modern nettle AES APIs
  crypto: fix function signatures for nettle 2.7 vs 3
  configure: only link capstone to emulation targets
  doc: document that the monitor console is a privileged control
    interface

Thomas Huth (1):
  crypto: Fix LGPL information in the file headers

 Makefile.target               |   1 +
 configure                     |   6 +-
 crypto/block-luks.c           |   2 +-
 crypto/block-luks.h           |   2 +-
 crypto/block-qcow.c           |   2 +-
 crypto/block-qcow.h           |   2 +-
 crypto/block.c                |   2 +-
 crypto/blockpriv.h            |   2 +-
 crypto/cipher-builtin.c       |   2 +-
 crypto/cipher-gcrypt.c        |   2 +-
 crypto/cipher-nettle.c        | 220 ++++++++++++++++++++++++++++------
 crypto/cipher.c               |   2 +-
 crypto/hash-gcrypt.c          |   2 +-
 crypto/hash-glib.c            |   2 +-
 crypto/hash-nettle.c          |  14 ++-
 crypto/hash.c                 |   2 +-
 crypto/hmac-nettle.c          |  17 ++-
 crypto/init.c                 |   2 +-
 crypto/ivgen-essiv.c          |   2 +-
 crypto/ivgen-essiv.h          |   2 +-
 crypto/ivgen-plain.c          |   2 +-
 crypto/ivgen-plain.h          |   2 +-
 crypto/ivgen-plain64.c        |   2 +-
 crypto/ivgen-plain64.h        |   2 +-
 crypto/ivgen.c                |   2 +-
 crypto/ivgenpriv.h            |   2 +-
 crypto/pbkdf-gcrypt.c         |   2 +-
 crypto/pbkdf-nettle.c         |   2 +-
 crypto/pbkdf-stub.c           |   2 +-
 crypto/pbkdf.c                |   2 +-
 crypto/random-gcrypt.c        |   2 +-
 crypto/random-gnutls.c        |   2 +-
 crypto/random-platform.c      |   2 +-
 crypto/secret.c               |   2 +-
 crypto/tlscreds.c             |   2 +-
 crypto/tlscredsanon.c         |   2 +-
 crypto/tlscredspriv.h         |   2 +-
 crypto/tlscredspsk.c          |   2 +-
 crypto/tlscredsx509.c         |   2 +-
 crypto/tlssession.c           |   2 +-
 crypto/xts.c                  |   2 +-
 docs/security.texi            |  36 ++++++
 include/crypto/block.h        |   2 +-
 include/crypto/cipher.h       |   2 +-
 include/crypto/hash.h         |   2 +-
 include/crypto/init.h         |   2 +-
 include/crypto/ivgen.h        |   2 +-
 include/crypto/pbkdf.h        |   2 +-
 include/crypto/random.h       |   2 +-
 include/crypto/secret.h       |   2 +-
 include/crypto/tlscreds.h     |   2 +-
 include/crypto/tlscredsanon.h |   2 +-
 include/crypto/tlscredspsk.h  |   2 +-
 include/crypto/tlscredsx509.h |   2 +-
 include/crypto/tlssession.h   |   2 +-
 include/crypto/xts.h          |   2 +-
 56 files changed, 298 insertions(+), 96 deletions(-)

-- 
2.21.0

[Qemu-devel] [PULL 1/5] crypto: switch to modern nettle AES APIs

[Daniel P. Berrangé]

The aes_ctx struct and aes_* functions have been deprecated in nettle
3.5, in favour of keysize specific functions which were introduced
first in nettle 3.0.

Switch QEMU code to use the new APIs and add some backcompat defines
such that it still builds on nettle 2.7

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Tested-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 crypto/cipher-nettle.c | 218 ++++++++++++++++++++++++++++++++++-------
 1 file changed, 183 insertions(+), 35 deletions(-)

diff --git a/crypto/cipher-nettle.c b/crypto/cipher-nettle.c
index 3848cb3b3a..115d16dd7b 100644
--- a/crypto/cipher-nettle.c
+++ b/crypto/cipher-nettle.c
@@ -42,29 +42,89 @@ typedef void *       cipher_ctx_t;
 typedef unsigned     cipher_length_t;
 
 #define cast5_set_key cast128_set_key
+
+#define aes128_ctx aes_ctx
+#define aes192_ctx aes_ctx
+#define aes256_ctx aes_ctx
+#define aes128_set_encrypt_key(c, k) \
+    aes_set_encrypt_key(c, 16, k)
+#define aes192_set_encrypt_key(c, k) \
+    aes_set_encrypt_key(c, 24, k)
+#define aes256_set_encrypt_key(c, k) \
+    aes_set_encrypt_key(c, 32, k)
+#define aes128_set_decrypt_key(c, k) \
+    aes_set_decrypt_key(c, 16, k)
+#define aes192_set_decrypt_key(c, k) \
+    aes_set_decrypt_key(c, 24, k)
+#define aes256_set_decrypt_key(c, k) \
+    aes_set_decrypt_key(c, 32, k)
+#define aes128_encrypt aes_encrypt
+#define aes192_encrypt aes_encrypt
+#define aes256_encrypt aes_encrypt
+#define aes128_decrypt aes_decrypt
+#define aes192_decrypt aes_decrypt
+#define aes256_decrypt aes_decrypt
 #else
 typedef nettle_cipher_func * QCryptoCipherNettleFuncNative;
 typedef const void * cipher_ctx_t;
 typedef size_t       cipher_length_t;
 #endif
 
-typedef struct QCryptoNettleAES {
-    struct aes_ctx enc;
-    struct aes_ctx dec;
-} QCryptoNettleAES;
+typedef struct QCryptoNettleAES128 {
+    struct aes128_ctx enc;
+    struct aes128_ctx dec;
+} QCryptoNettleAES128;
+
+typedef struct QCryptoNettleAES192 {
+    struct aes192_ctx enc;
+    struct aes192_ctx dec;
+} QCryptoNettleAES192;
+
+typedef struct QCryptoNettleAES256 {
+    struct aes256_ctx enc;
+    struct aes256_ctx dec;
+} QCryptoNettleAES256;
+
+static void aes128_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
+                                  uint8_t *dst, const uint8_t *src)
+{
+    const QCryptoNettleAES128 *aesctx = ctx;
+    aes128_encrypt(&aesctx->enc, length, dst, src);
+}
+
+static void aes128_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
+                                  uint8_t *dst, const uint8_t *src)
+{
+    const QCryptoNettleAES128 *aesctx = ctx;
+    aes128_decrypt(&aesctx->dec, length, dst, src);
+}
+
+static void aes192_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
+                               uint8_t *dst, const uint8_t *src)
+{
+    const QCryptoNettleAES192 *aesctx = ctx;
+    aes192_encrypt(&aesctx->enc, length, dst, src);
+}
+
+static void aes192_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
+                               uint8_t *dst, const uint8_t *src)
+{
+    const QCryptoNettleAES192 *aesctx = ctx;
+    aes192_decrypt(&aesctx->dec, length, dst, src);
+}
 
-static void aes_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
+static void aes256_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
                                uint8_t *dst, const uint8_t *src)
 {
-    const QCryptoNettleAES *aesctx = ctx;
-    aes_encrypt(&aesctx->enc, length, dst, src);
+    const QCryptoNettleAES256 *aesctx = ctx;
+    aes256_encrypt(&aesctx->enc, length, dst, src);
 }
 
-static void aes_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
+static void aes256_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
                                uint8_t *dst, const uint8_t *src)
 {
-    const QCryptoNettleAES *aesctx = ctx;
-    aes_decrypt(&aesctx->dec, length, dst, src);
+    const QCryptoNettleAES256 *aesctx = ctx;
+    aes256_decrypt(&aesctx->dec, length, dst, src);
 }
 
 static void des_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
@@ -127,18 +187,46 @@ static void twofish_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
     twofish_decrypt(ctx, length, dst, src);
 }
 
-static void aes_encrypt_wrapper(const void *ctx, size_t length,
+static void aes128_encrypt_wrapper(const void *ctx, size_t length,
+                                uint8_t *dst, const uint8_t *src)
+{
+    const QCryptoNettleAES128 *aesctx = ctx;
+    aes128_encrypt(&aesctx->enc, length, dst, src);
+}
+
+static void aes128_decrypt_wrapper(const void *ctx, size_t length,
                                 uint8_t *dst, const uint8_t *src)
 {
-    const QCryptoNettleAES *aesctx = ctx;
-    aes_encrypt(&aesctx->enc, length, dst, src);
+    const QCryptoNettleAES128 *aesctx = ctx;
+    aes128_decrypt(&aesctx->dec, length, dst, src);
 }
 
-static void aes_decrypt_wrapper(const void *ctx, size_t length,
+static void aes192_encrypt_wrapper(const void *ctx, size_t length,
                                 uint8_t *dst, const uint8_t *src)
 {
-    const QCryptoNettleAES *aesctx = ctx;
-    aes_decrypt(&aesctx->dec, length, dst, src);
+    const QCryptoNettleAES192 *aesctx = ctx;
+    aes192_encrypt(&aesctx->enc, length, dst, src);
+}
+
+static void aes192_decrypt_wrapper(const void *ctx, size_t length,
+                                uint8_t *dst, const uint8_t *src)
+{
+    const QCryptoNettleAES192 *aesctx = ctx;
+    aes192_decrypt(&aesctx->dec, length, dst, src);
+}
+
+static void aes256_encrypt_wrapper(const void *ctx, size_t length,
+                                uint8_t *dst, const uint8_t *src)
+{
+    const QCryptoNettleAES256 *aesctx = ctx;
+    aes256_encrypt(&aesctx->enc, length, dst, src);
+}
+
+static void aes256_decrypt_wrapper(const void *ctx, size_t length,
+                                uint8_t *dst, const uint8_t *src)
+{
+    const QCryptoNettleAES256 *aesctx = ctx;
+    aes256_decrypt(&aesctx->dec, length, dst, src);
 }
 
 static void des_encrypt_wrapper(const void *ctx, size_t length,
@@ -319,34 +407,94 @@ static QCryptoCipherNettle *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
         break;
 
     case QCRYPTO_CIPHER_ALG_AES_128:
+        ctx->ctx = g_new0(QCryptoNettleAES128, 1);
+
+        if (mode == QCRYPTO_CIPHER_MODE_XTS) {
+            ctx->ctx_tweak = g_new0(QCryptoNettleAES128, 1);
+
+            nkey /= 2;
+            aes128_set_encrypt_key(&((QCryptoNettleAES128 *)ctx->ctx)->enc,
+                                   key);
+            aes128_set_decrypt_key(&((QCryptoNettleAES128 *)ctx->ctx)->dec,
+                                   key);
+
+            aes128_set_encrypt_key(&((QCryptoNettleAES128 *)ctx->ctx_tweak)->
+                                   enc, key + nkey);
+            aes128_set_decrypt_key(&((QCryptoNettleAES128 *)ctx->ctx_tweak)->
+                                   dec, key + nkey);
+        } else {
+            aes128_set_encrypt_key(&((QCryptoNettleAES128 *)ctx->ctx)->enc,
+                                   key);
+            aes128_set_decrypt_key(&((QCryptoNettleAES128 *)ctx->ctx)->dec,
+                                   key);
+        }
+
+        ctx->alg_encrypt_native = aes128_encrypt_native;
+        ctx->alg_decrypt_native = aes128_decrypt_native;
+        ctx->alg_encrypt_wrapper = aes128_encrypt_wrapper;
+        ctx->alg_decrypt_wrapper = aes128_decrypt_wrapper;
+
+        ctx->blocksize = AES_BLOCK_SIZE;
+        break;
+
     case QCRYPTO_CIPHER_ALG_AES_192:
+        ctx->ctx = g_new0(QCryptoNettleAES192, 1);
+
+        if (mode == QCRYPTO_CIPHER_MODE_XTS) {
+            ctx->ctx_tweak = g_new0(QCryptoNettleAES192, 1);
+
+            nkey /= 2;
+            aes192_set_encrypt_key(&((QCryptoNettleAES192 *)ctx->ctx)->enc,
+                                   key);
+            aes192_set_decrypt_key(&((QCryptoNettleAES192 *)ctx->ctx)->dec,
+                                   key);
+
+            aes192_set_encrypt_key(&((QCryptoNettleAES192 *)ctx->ctx_tweak)->
+                                   enc, key + nkey);
+            aes192_set_decrypt_key(&((QCryptoNettleAES192 *)ctx->ctx_tweak)->
+                                   dec, key + nkey);
+        } else {
+            aes192_set_encrypt_key(&((QCryptoNettleAES192 *)ctx->ctx)->enc,
+                                   key);
+            aes192_set_decrypt_key(&((QCryptoNettleAES192 *)ctx->ctx)->dec,
+                                   key);
+        }
+
+        ctx->alg_encrypt_native = aes192_encrypt_native;
+        ctx->alg_decrypt_native = aes192_decrypt_native;
+        ctx->alg_encrypt_wrapper = aes192_encrypt_wrapper;
+        ctx->alg_decrypt_wrapper = aes192_decrypt_wrapper;
+
+        ctx->blocksize = AES_BLOCK_SIZE;
+        break;
+
     case QCRYPTO_CIPHER_ALG_AES_256:
-        ctx->ctx = g_new0(QCryptoNettleAES, 1);
+        ctx->ctx = g_new0(QCryptoNettleAES256, 1);
 
         if (mode == QCRYPTO_CIPHER_MODE_XTS) {
-            ctx->ctx_tweak = g_new0(QCryptoNettleAES, 1);
+            ctx->ctx_tweak = g_new0(QCryptoNettleAES256, 1);
 
             nkey /= 2;
-            aes_set_encrypt_key(&((QCryptoNettleAES *)ctx->ctx)->enc,
-                                nkey, key);
-            aes_set_decrypt_key(&((QCryptoNettleAES *)ctx->ctx)->dec,
-                                nkey, key);
-
-            aes_set_encrypt_key(&((QCryptoNettleAES *)ctx->ctx_tweak)->enc,
-                                nkey, key + nkey);
-            aes_set_decrypt_key(&((QCryptoNettleAES *)ctx->ctx_tweak)->dec,
-                                nkey, key + nkey);
+            aes256_set_encrypt_key(&((QCryptoNettleAES256 *)ctx->ctx)->enc,
+                                   key);
+            aes256_set_decrypt_key(&((QCryptoNettleAES256 *)ctx->ctx)->dec,
+                                   key);
+
+            aes256_set_encrypt_key(&((QCryptoNettleAES256 *)ctx->ctx_tweak)->
+                                   enc, key + nkey);
+            aes256_set_decrypt_key(&((QCryptoNettleAES256 *)ctx->ctx_tweak)->
+                                   dec, key + nkey);
         } else {
-            aes_set_encrypt_key(&((QCryptoNettleAES *)ctx->ctx)->enc,
-                                nkey, key);
-            aes_set_decrypt_key(&((QCryptoNettleAES *)ctx->ctx)->dec,
-                                nkey, key);
+            aes256_set_encrypt_key(&((QCryptoNettleAES256 *)ctx->ctx)->enc,
+                                   key);
+            aes256_set_decrypt_key(&((QCryptoNettleAES256 *)ctx->ctx)->dec,
+                                   key);
         }
 
-        ctx->alg_encrypt_native = aes_encrypt_native;
-        ctx->alg_decrypt_native = aes_decrypt_native;
-        ctx->alg_encrypt_wrapper = aes_encrypt_wrapper;
-        ctx->alg_decrypt_wrapper = aes_decrypt_wrapper;
+        ctx->alg_encrypt_native = aes256_encrypt_native;
+        ctx->alg_decrypt_native = aes256_decrypt_native;
+        ctx->alg_encrypt_wrapper = aes256_encrypt_wrapper;
+        ctx->alg_decrypt_wrapper = aes256_decrypt_wrapper;
 
         ctx->blocksize = AES_BLOCK_SIZE;
         break;
-- 
2.21.0

[Qemu-devel] [PULL 2/5] crypto: fix function signatures for nettle 2.7 vs 3

[Daniel P. Berrangé]

Nettle version 2.7.x used 'unsigned int' instead of 'size_t' for length
parameters in functions. Use a local typedef so that we can build with
the correct signature depending on nettle version, as we already do in
the cipher code.

Reported-by: Amol Surati <suratiamol@gmail.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Tested-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 crypto/hash-nettle.c | 12 +++++++++---
 crypto/hmac-nettle.c | 17 +++++++++++++----
 2 files changed, 22 insertions(+), 7 deletions(-)

diff --git a/crypto/hash-nettle.c b/crypto/hash-nettle.c
index 96f186f442..6ffb9c3db7 100644
--- a/crypto/hash-nettle.c
+++ b/crypto/hash-nettle.c
@@ -26,12 +26,18 @@
 #include <nettle/sha.h>
 #include <nettle/ripemd160.h>
 
+#if CONFIG_NETTLE_VERSION_MAJOR < 3
+typedef unsigned int     hash_length_t;
+#else
+typedef size_t       hash_length_t;
+#endif
+
 typedef void (*qcrypto_nettle_init)(void *ctx);
 typedef void (*qcrypto_nettle_write)(void *ctx,
-                                     unsigned int len,
+                                     hash_length_t len,
                                      const uint8_t *buf);
 typedef void (*qcrypto_nettle_result)(void *ctx,
-                                      unsigned int len,
+                                      hash_length_t len,
                                       uint8_t *buf);
 
 union qcrypto_hash_ctx {
@@ -112,7 +118,7 @@ qcrypto_nettle_hash_bytesv(QCryptoHashAlgorithm alg,
                            size_t *resultlen,
                            Error **errp)
 {
-    int i;
+    size_t i;
     union qcrypto_hash_ctx ctx;
 
     if (!qcrypto_hash_supports(alg)) {
diff --git a/crypto/hmac-nettle.c b/crypto/hmac-nettle.c
index ec2d61bdde..1152b741fd 100644
--- a/crypto/hmac-nettle.c
+++ b/crypto/hmac-nettle.c
@@ -18,14 +18,23 @@
 #include "hmacpriv.h"
 #include <nettle/hmac.h>
 
+#if CONFIG_NETTLE_VERSION_MAJOR < 3
+typedef unsigned int hmac_length_t;
+#else
+typedef size_t hmac_length_t;
+#endif
+
 typedef void (*qcrypto_nettle_hmac_setkey)(void *ctx,
-              size_t key_length, const uint8_t *key);
+                                           hmac_length_t key_length,
+                                           const uint8_t *key);
 
 typedef void (*qcrypto_nettle_hmac_update)(void *ctx,
-              size_t length, const uint8_t *data);
+                                           hmac_length_t length,
+                                           const uint8_t *data);
 
 typedef void (*qcrypto_nettle_hmac_digest)(void *ctx,
-              size_t length, uint8_t *digest);
+                                           hmac_length_t length,
+                                           uint8_t *digest);
 
 typedef struct QCryptoHmacNettle QCryptoHmacNettle;
 struct QCryptoHmacNettle {
@@ -135,7 +144,7 @@ qcrypto_nettle_hmac_bytesv(QCryptoHmac *hmac,
                            Error **errp)
 {
     QCryptoHmacNettle *ctx;
-    int i;
+    size_t i;
 
     ctx = (QCryptoHmacNettle *)hmac->opaque;
 
-- 
2.21.0

[Qemu-devel] [PULL 3/5] configure: only link capstone to emulation targets

[Daniel P. Berrangé]

Only the emulators link to code that uses capstone, so adding it to the
global LIBs places undesirable dependancies on other binaries, in
particular the tools.

There is no variable that covers both user emulation and machine
emulation, so add a new "$libs_cpu" for this purpose.

In particular this removes the 8 MB capstone dep from the things
qemu-img links against, allowing for a more minimal installation
in scenarios that don't want system emulators installed.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 Makefile.target | 1 +
 configure       | 6 ++++--
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/Makefile.target b/Makefile.target
index 85216cace8..933b27453a 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -120,6 +120,7 @@ obj-$(CONFIG_TCG) += fpu/softfloat.o
 obj-y += target/$(TARGET_BASE_ARCH)/
 obj-y += disas.o
 obj-$(call notempty,$(TARGET_XML_FILES)) += gdbstub-xml.o
+LIBS := $(libs_cpu) $(LIBS)
 
 #########################################################
 # Linux user emulator target
diff --git a/configure b/configure
index eb635c3b9a..99c64be6b7 100755
--- a/configure
+++ b/configure
@@ -294,6 +294,7 @@ audio_drv_list=""
 block_drv_rw_whitelist=""
 block_drv_ro_whitelist=""
 host_cc="cc"
+libs_cpu=""
 libs_softmmu=""
 libs_tools=""
 audio_pt_int=""
@@ -5042,12 +5043,12 @@ case "$capstone" in
     else
       LIBCAPSTONE=libcapstone.a
     fi
-    LIBS="-L\$(BUILD_DIR)/capstone -lcapstone $LIBS"
+    libs_cpu="-L\$(BUILD_DIR)/capstone -lcapstone $libs_cpu"
     ;;
 
   system)
     QEMU_CFLAGS="$QEMU_CFLAGS $($pkg_config --cflags capstone)"
-    LIBS="$($pkg_config --libs capstone) $LIBS"
+    libs_cpu="$($pkg_config --libs capstone) $libs_cpu"
     ;;
 
   no)
@@ -6537,6 +6538,7 @@ echo "qemu_helperdir=$libexecdir" >> $config_host_mak
 echo "qemu_localedir=$qemu_localedir" >> $config_host_mak
 echo "qemu_icondir=$qemu_icondir" >> $config_host_mak
 echo "qemu_desktopdir=$qemu_desktopdir" >> $config_host_mak
+echo "libs_cpu=$libs_cpu" >> $config_host_mak
 echo "libs_softmmu=$libs_softmmu" >> $config_host_mak
 echo "GIT=$git" >> $config_host_mak
 echo "GIT_SUBMODULES=$git_submodules" >> $config_host_mak
-- 
2.21.0

[Qemu-devel] [PULL 4/5] doc: document that the monitor console is a privileged control interface

[Daniel P. Berrangé]

A supposed exploit of QEMU was recently announced as CVE-2019-12928
claiming that the monitor console was insecure because the "migrate"
command enabled arbitrary command execution for a remote attacker.

To be a security risk the user launching QEMU must have configured
the monitor in a way that allows for other users to access it. The
exploit report quoted use of the "tcp" character device backend for
QMP.

This would indeed allow any network user to connect to QEMU and
execute arbitrary commands, however, this is not a flaw in QEMU.
It is the normal expected behaviour of the monitor console and the
commands it supports. Given a monitor connection, there are many
ways to access host file system content besides the migrate command.

The reality is that the monitor console (whether QMP or HMP) is
considered a privileged interface to QEMU and as such must only
be made available to trusted users. IOW, making it available with
no authentication over TCP is simply a, very serious, user
configuration error not a security flaw in QEMU itself.

The one thing this bogus security report highlights though is that
we have not clearly documented the security implications around the
use of the monitor. Add a few paragraphs of text to the security
docs explaining why the monitor is a privileged interface and making
a recommendation to only use the UNIX socket character device backend.

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Prasad J Pandit <pjp@fedoraproject.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 docs/security.texi | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)

diff --git a/docs/security.texi b/docs/security.texi
index 927764f1e6..0d6b30edfc 100644
--- a/docs/security.texi
+++ b/docs/security.texi
@@ -129,3 +129,39 @@ those resources that were granted to it.
 system calls that are not needed by QEMU, thereby reducing the host kernel
 attack surface.
 @end itemize
+
+@section Sensitive configurations
+
+There are aspects of QEMU that can have security implications which users &
+management applications must be aware of.
+
+@subsection Monitor console (QMP and HMP)
+
+The monitor console (whether used with QMP or HMP) provides an interface
+to dynamically control many aspects of QEMU's runtime operation. Many of the
+commands exposed will instruct QEMU to access content on the host file system
+and/or trigger spawning of external processes.
+
+For example, the @code{migrate} command allows for the spawning of arbitrary
+processes for the purpose of tunnelling the migration data stream. The
+@code{blockdev-add} command instructs QEMU to open arbitrary files, exposing
+their content to the guest as a virtual disk.
+
+Unless QEMU is otherwise confined using technologies such as SELinux, AppArmor,
+or Linux namespaces, the monitor console should be considered to have privileges
+equivalent to those of the user account QEMU is running under.
+
+It is further important to consider the security of the character device backend
+over which the monitor console is exposed. It needs to have protection against
+malicious third parties which might try to make unauthorized connections, or
+perform man-in-the-middle attacks. Many of the character device backends do not
+satisfy this requirement and so must not be used for the monitor console.
+
+The general recommendation is that the monitor console should be exposed over
+a UNIX domain socket backend to the local host only. Use of the TCP based
+character device backend is inappropriate unless configured to use both TLS
+encryption and authorization control policy on client connections.
+
+In summary, the monitor console is considered a privileged control interface to
+QEMU and as such should only be made accessible to a trusted management
+application or user.
-- 
2.21.0

[Qemu-devel] [PULL 5/5] crypto: Fix LGPL information in the file headers

[Daniel P. Berrangé]

From: Thomas Huth <thuth@redhat.com>

It's either "GNU *Library* General Public License version 2" or "GNU
Lesser General Public License version *2.1*", but there was no "version
2.0" of the "Lesser" license. So assume that version 2.1 is meant here.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 crypto/block-luks.c           | 2 +-
 crypto/block-luks.h           | 2 +-
 crypto/block-qcow.c           | 2 +-
 crypto/block-qcow.h           | 2 +-
 crypto/block.c                | 2 +-
 crypto/blockpriv.h            | 2 +-
 crypto/cipher-builtin.c       | 2 +-
 crypto/cipher-gcrypt.c        | 2 +-
 crypto/cipher-nettle.c        | 2 +-
 crypto/cipher.c               | 2 +-
 crypto/hash-gcrypt.c          | 2 +-
 crypto/hash-glib.c            | 2 +-
 crypto/hash-nettle.c          | 2 +-
 crypto/hash.c                 | 2 +-
 crypto/init.c                 | 2 +-
 crypto/ivgen-essiv.c          | 2 +-
 crypto/ivgen-essiv.h          | 2 +-
 crypto/ivgen-plain.c          | 2 +-
 crypto/ivgen-plain.h          | 2 +-
 crypto/ivgen-plain64.c        | 2 +-
 crypto/ivgen-plain64.h        | 2 +-
 crypto/ivgen.c                | 2 +-
 crypto/ivgenpriv.h            | 2 +-
 crypto/pbkdf-gcrypt.c         | 2 +-
 crypto/pbkdf-nettle.c         | 2 +-
 crypto/pbkdf-stub.c           | 2 +-
 crypto/pbkdf.c                | 2 +-
 crypto/random-gcrypt.c        | 2 +-
 crypto/random-gnutls.c        | 2 +-
 crypto/random-platform.c      | 2 +-
 crypto/secret.c               | 2 +-
 crypto/tlscreds.c             | 2 +-
 crypto/tlscredsanon.c         | 2 +-
 crypto/tlscredspriv.h         | 2 +-
 crypto/tlscredspsk.c          | 2 +-
 crypto/tlscredsx509.c         | 2 +-
 crypto/tlssession.c           | 2 +-
 crypto/xts.c                  | 2 +-
 include/crypto/block.h        | 2 +-
 include/crypto/cipher.h       | 2 +-
 include/crypto/hash.h         | 2 +-
 include/crypto/init.h         | 2 +-
 include/crypto/ivgen.h        | 2 +-
 include/crypto/pbkdf.h        | 2 +-
 include/crypto/random.h       | 2 +-
 include/crypto/secret.h       | 2 +-
 include/crypto/tlscreds.h     | 2 +-
 include/crypto/tlscredsanon.h | 2 +-
 include/crypto/tlscredspsk.h  | 2 +-
 include/crypto/tlscredsx509.h | 2 +-
 include/crypto/tlssession.h   | 2 +-
 include/crypto/xts.h          | 2 +-
 52 files changed, 52 insertions(+), 52 deletions(-)

diff --git a/crypto/block-luks.c b/crypto/block-luks.c
index 5a69b3ce74..409ab50f20 100644
--- a/crypto/block-luks.c
+++ b/crypto/block-luks.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/block-luks.h b/crypto/block-luks.h
index befd8b2c56..7f094e7e96 100644
--- a/crypto/block-luks.h
+++ b/crypto/block-luks.h
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/block-qcow.c b/crypto/block-qcow.c
index cefb3b2a7b..4d7cf36a8f 100644
--- a/crypto/block-qcow.c
+++ b/crypto/block-qcow.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/block-qcow.h b/crypto/block-qcow.h
index 6988fb210b..340dcfe464 100644
--- a/crypto/block-qcow.h
+++ b/crypto/block-qcow.h
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/block.c b/crypto/block.c
index d70d401f87..ee96759f7d 100644
--- a/crypto/block.c
+++ b/crypto/block.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/blockpriv.h b/crypto/blockpriv.h
index 5438e822fd..71c59cb542 100644
--- a/crypto/blockpriv.h
+++ b/crypto/blockpriv.h
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/cipher-builtin.c b/crypto/cipher-builtin.c
index d8c811fd33..bf8413e71a 100644
--- a/crypto/cipher-builtin.c
+++ b/crypto/cipher-builtin.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/cipher-gcrypt.c b/crypto/cipher-gcrypt.c
index 10d75da75d..5cece9b244 100644
--- a/crypto/cipher-gcrypt.c
+++ b/crypto/cipher-gcrypt.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/cipher-nettle.c b/crypto/cipher-nettle.c
index 115d16dd7b..d7411bb8ff 100644
--- a/crypto/cipher-nettle.c
+++ b/crypto/cipher-nettle.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/cipher.c b/crypto/cipher.c
index b3af57961b..e5adb56271 100644
--- a/crypto/cipher.c
+++ b/crypto/cipher.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/hash-gcrypt.c b/crypto/hash-gcrypt.c
index 972beaa0f9..829e48258d 100644
--- a/crypto/hash-gcrypt.c
+++ b/crypto/hash-gcrypt.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/hash-glib.c b/crypto/hash-glib.c
index a0096c7c47..82de9db705 100644
--- a/crypto/hash-glib.c
+++ b/crypto/hash-glib.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/hash-nettle.c b/crypto/hash-nettle.c
index 6ffb9c3db7..2a6ee7c7d5 100644
--- a/crypto/hash-nettle.c
+++ b/crypto/hash-nettle.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/hash.c b/crypto/hash.c
index b97323cf90..b0f8228bdc 100644
--- a/crypto/hash.c
+++ b/crypto/hash.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/init.c b/crypto/init.c
index c30156405a..b305381ec5 100644
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/ivgen-essiv.c b/crypto/ivgen-essiv.c
index 43e258c6f7..3d5a188795 100644
--- a/crypto/ivgen-essiv.c
+++ b/crypto/ivgen-essiv.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/ivgen-essiv.h b/crypto/ivgen-essiv.h
index 6c35c0b5ab..d6edecf181 100644
--- a/crypto/ivgen-essiv.h
+++ b/crypto/ivgen-essiv.h
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/ivgen-plain.c b/crypto/ivgen-plain.c
index 06f4145fe5..81af198c49 100644
--- a/crypto/ivgen-plain.c
+++ b/crypto/ivgen-plain.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/ivgen-plain.h b/crypto/ivgen-plain.h
index 395501f693..43db898809 100644
--- a/crypto/ivgen-plain.h
+++ b/crypto/ivgen-plain.h
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/ivgen-plain64.c b/crypto/ivgen-plain64.c
index fbb7724b20..b377036c19 100644
--- a/crypto/ivgen-plain64.c
+++ b/crypto/ivgen-plain64.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/ivgen-plain64.h b/crypto/ivgen-plain64.h
index 0a20fd1fd8..f14100947d 100644
--- a/crypto/ivgen-plain64.h
+++ b/crypto/ivgen-plain64.h
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/ivgen.c b/crypto/ivgen.c
index 6a2b3ad01e..12822f8519 100644
--- a/crypto/ivgen.c
+++ b/crypto/ivgen.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/ivgenpriv.h b/crypto/ivgenpriv.h
index 28e5c67383..cecdbedfde 100644
--- a/crypto/ivgenpriv.h
+++ b/crypto/ivgenpriv.h
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/pbkdf-gcrypt.c b/crypto/pbkdf-gcrypt.c
index 54ca0d9c75..a8d8e64f4d 100644
--- a/crypto/pbkdf-gcrypt.c
+++ b/crypto/pbkdf-gcrypt.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/pbkdf-nettle.c b/crypto/pbkdf-nettle.c
index 212b3e816b..d6293c25a1 100644
--- a/crypto/pbkdf-nettle.c
+++ b/crypto/pbkdf-nettle.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/pbkdf-stub.c b/crypto/pbkdf-stub.c
index a15044da42..9c4622e424 100644
--- a/crypto/pbkdf-stub.c
+++ b/crypto/pbkdf-stub.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/pbkdf.c b/crypto/pbkdf.c
index f22e71d183..b7c7c4a59b 100644
--- a/crypto/pbkdf.c
+++ b/crypto/pbkdf.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/random-gcrypt.c b/crypto/random-gcrypt.c
index 7aea4ac81f..8306f16b64 100644
--- a/crypto/random-gcrypt.c
+++ b/crypto/random-gcrypt.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/random-gnutls.c b/crypto/random-gnutls.c
index ed6c9ca12f..96af91aee4 100644
--- a/crypto/random-gnutls.c
+++ b/crypto/random-gnutls.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/random-platform.c b/crypto/random-platform.c
index 66624106fe..f92f96987d 100644
--- a/crypto/random-platform.c
+++ b/crypto/random-platform.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/secret.c b/crypto/secret.c
index 30294b3229..a75d50ae0c 100644
--- a/crypto/secret.c
+++ b/crypto/secret.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/tlscreds.c b/crypto/tlscreds.c
index 50ecb704ee..4e657b850c 100644
--- a/crypto/tlscreds.c
+++ b/crypto/tlscreds.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/tlscredsanon.c b/crypto/tlscredsanon.c
index 3024b17cfd..d2adc7c131 100644
--- a/crypto/tlscredsanon.c
+++ b/crypto/tlscredsanon.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/tlscredspriv.h b/crypto/tlscredspriv.h
index 13e9b6c0b2..39f1a91c41 100644
--- a/crypto/tlscredspriv.h
+++ b/crypto/tlscredspriv.h
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/tlscredspsk.c b/crypto/tlscredspsk.c
index 9c53c6c7b1..4b6cf636ce 100644
--- a/crypto/tlscredspsk.c
+++ b/crypto/tlscredspsk.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/tlscredsx509.c b/crypto/tlscredsx509.c
index 5247dd3b18..56dcef3673 100644
--- a/crypto/tlscredsx509.c
+++ b/crypto/tlscredsx509.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/tlssession.c b/crypto/tlssession.c
index c3a920dfe8..33203e8ca7 100644
--- a/crypto/tlssession.c
+++ b/crypto/tlssession.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/crypto/xts.c b/crypto/xts.c
index 4277ad40de..d4a49fdb70 100644
--- a/crypto/xts.c
+++ b/crypto/xts.c
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/include/crypto/block.h b/include/crypto/block.h
index e729d5bd66..fe12899831 100644
--- a/include/crypto/block.h
+++ b/include/crypto/block.h
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/include/crypto/cipher.h b/include/crypto/cipher.h
index bce2d4c8e4..cac90b410c 100644
--- a/include/crypto/cipher.h
+++ b/include/crypto/cipher.h
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/include/crypto/hash.h b/include/crypto/hash.h
index 077ac7bea0..54d87aa2a1 100644
--- a/include/crypto/hash.h
+++ b/include/crypto/hash.h
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/include/crypto/init.h b/include/crypto/init.h
index f79c02266b..00e0f637ce 100644
--- a/include/crypto/init.h
+++ b/include/crypto/init.h
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/include/crypto/ivgen.h b/include/crypto/ivgen.h
index 0350cd2a93..9b4a62f7bb 100644
--- a/include/crypto/ivgen.h
+++ b/include/crypto/ivgen.h
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/include/crypto/pbkdf.h b/include/crypto/pbkdf.h
index ef209b3e03..2c31a44a27 100644
--- a/include/crypto/pbkdf.h
+++ b/include/crypto/pbkdf.h
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/include/crypto/random.h b/include/crypto/random.h
index c09998894f..325ff075d8 100644
--- a/include/crypto/random.h
+++ b/include/crypto/random.h
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/include/crypto/secret.h b/include/crypto/secret.h
index edd0e13236..5e07e29bae 100644
--- a/include/crypto/secret.h
+++ b/include/crypto/secret.h
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/include/crypto/tlscreds.h b/include/crypto/tlscreds.h
index 6b011e1dbc..fd7a284aa2 100644
--- a/include/crypto/tlscreds.h
+++ b/include/crypto/tlscreds.h
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/include/crypto/tlscredsanon.h b/include/crypto/tlscredsanon.h
index 4d6b7e4d29..9e9a5ce1a8 100644
--- a/include/crypto/tlscredsanon.h
+++ b/include/crypto/tlscredsanon.h
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/include/crypto/tlscredspsk.h b/include/crypto/tlscredspsk.h
index 306d36c67d..907035a29b 100644
--- a/include/crypto/tlscredspsk.h
+++ b/include/crypto/tlscredspsk.h
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/include/crypto/tlscredsx509.h b/include/crypto/tlscredsx509.h
index 66ad6a7486..e1542e5c8c 100644
--- a/include/crypto/tlscredsx509.h
+++ b/include/crypto/tlscredsx509.h
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/include/crypto/tlssession.h b/include/crypto/tlssession.h
index 1c7414e4ff..816300cdcc 100644
--- a/include/crypto/tlssession.h
+++ b/include/crypto/tlssession.h
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
diff --git a/include/crypto/xts.h b/include/crypto/xts.h
index 39ccaed822..f267b7824a 100644
--- a/include/crypto/xts.h
+++ b/include/crypto/xts.h
@@ -6,7 +6,7 @@
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
-- 
2.21.0

Re: [Qemu-devel] [PULL 0/5] Misc next patches

[Peter Maydell]

On Fri, 19 Jul 2019 at 14:26, Daniel P. Berrangé <berrange@redhat.com> wrote:
>
> The following changes since commit 0274f45bdef73283f2c213610f11d4e5dcba43b6:
>
>   Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-4.1-pull-request' into staging (2019-07-19 09:44:43 +0100)
>
> are available in the Git repository at:
>
>   https://github.com/berrange/qemu tags/misc-next-pull-request
>
> for you to fetch changes up to b7cbb8741b40b7cd4de9ad6bdb69baae4d6dadcf:
>
>   crypto: Fix LGPL information in the file headers (2019-07-19 14:21:25 +0100)
>
> ----------------------------------------------------------------
>
>  * Fixes crypto function signatures to be compatible with
>    both old and new versions of nettle
>  * Fixes deprecation warnings on new nettle
>  * Fixes GPL license header typos
>  * Documents security implications of monitor usage
>  * Optimize linking of capstone to avoid it in tools
>


Applied, thanks.

Please update the changelog at https://wiki.qemu.org/ChangeLog/4.1
for any user-visible changes.

-- PMM