1 |
commit: ddd9689812e829d241100f0e110cac8ef0cf464e |
2 |
Author: Aric Belsito <lluixhi <AT> gmail <DOT> com> |
3 |
AuthorDate: Wed Apr 12 15:40:32 2017 +0000 |
4 |
Commit: Aric Belsito <lluixhi <AT> gmail <DOT> com> |
5 |
CommitDate: Wed Apr 12 15:40:54 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=ddd96898 |
7 |
|
8 |
app-emulation/qemu: version bump to 2.8.1 |
9 |
|
10 |
remove 2.8.0-r3 |
11 |
|
12 |
app-emulation/qemu/Manifest | 9 +- |
13 |
.../qemu/files/qemu-2.8.0-CVE-2017-7377.patch | 49 +++ |
14 |
app-emulation/qemu/files/qemu-binfmt.initd-r1 | 138 -------- |
15 |
app-emulation/qemu/metadata.xml | 1 - |
16 |
app-emulation/qemu/qemu-2.8.0-r9.ebuild | 3 +- |
17 |
.../{qemu-2.8.0-r3.ebuild => qemu-2.8.1.ebuild} | 390 ++++++++++++--------- |
18 |
6 files changed, 282 insertions(+), 308 deletions(-) |
19 |
|
20 |
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest |
21 |
index 3e953ef..394f74d 100644 |
22 |
--- a/app-emulation/qemu/Manifest |
23 |
+++ b/app-emulation/qemu/Manifest |
24 |
@@ -26,12 +26,13 @@ AUX qemu-2.8.0-CVE-2017-5973.patch 2815 SHA256 206d01053ce678e2c83174b278755e112 |
25 |
AUX qemu-2.8.0-CVE-2017-5987.patch 1889 SHA256 c4f2175970deca9b00bf657e66b8df31a02efce469eec02279a9659b9cb18bb0 SHA512 32708f91edbbb61ac444ee71b97a30138380544389f6265d7cb7aec330ebaaa7ca69844a9462c817fbda117e78748fc4fdeb655e70bcd72ddd8b112fd9619b0d WHIRLPOOL 1aa99740495c0d2a577cf13c47669aeba75ad389394736ce16fde31c91931254820accad85a6d6fee9757595bec3f222413a89fe4ca125913be7ecc97f33b365 |
26 |
AUX qemu-2.8.0-CVE-2017-6058.patch 3797 SHA256 06c01fcd53dab66af55df164f1616d14847b2a0fd46abe7445b7e3e7b7ee77cf SHA512 1425e7df38cd44903fe78e7728d7eb3df2d8486895f38a87c4e0c63aa5cc4a2b19032d486fcb5676201242039364a1f3d34b256606b5f8ae74028432e6d50286 WHIRLPOOL 9a48c2f00ac146c29163422c10ca62e3065a36752b865b6b9e3408edf019f3585579ac074b5325777e6a405a11d0ce09da33eb6499012377f0c9ef8c52bf2840 |
27 |
AUX qemu-2.8.0-CVE-2017-6505.patch 1481 SHA256 55e3b7e65e519caef4fdd28cccb973613759cce0d67eb64c2093b4f0a4e428e1 SHA512 5326f28a9340f392e4f32e4cd5f58cae0769859e10fd4d201983d40ec6b4d094d6a0cad2638e1e6f3e5228b93af26cc4f4a155e0d94bad89d0ea9b866f535aa7 WHIRLPOOL c88312cd5e779a98c905f175d61400ef7bb59795cc1e0392da0018a158a4c435ffa07f1e6a621db6eea925a0dbb986442eab4f79f956dc1955058fc97670f390 |
28 |
+AUX qemu-2.8.0-CVE-2017-7377.patch 1554 SHA256 36fbd8ec9fa7d910fde8b6b8905717b322bd23b50c2b2f925e1a2415ae306755 SHA512 195be1a75340c41aa89614aad8d07f2cf630eb10f3160cb8a86d85371ea9d7dcdbe9d49e9752ac3d6765c8d4c99c845408933b57cf21199f77ba09fcf79a02c8 WHIRLPOOL 8d7677ae3cfe18e34072ef23666c4658553a7d3b564d96e480ae432281d403242f2013d9fb189d473ab9c31def515401d22c04ba8e86d93d0369e95b1e371574 |
29 |
AUX qemu-2.8.0-F_SHLCK-and-F_EXLCK.patch 574 SHA256 d02353daa0ecfe161e938a5e54feab641b901f4a35c8f5831133676a6f53f43f SHA512 6b64750335aae1142ca9132fb766ac2aaeacfcdda0aa0cfca19afc4c3ea3806e30ce603fcec3767e40e84efb0ae8b9a23f21d46c807c13bb646be74f99e13389 WHIRLPOOL 7401c3daf162c71a5a5c3729855fddb5df95609b34c86ea0f4d872c8f132d6ac089cfb35a990af70aef8b7b63fe075a1e2be376b6db09bc70e8d51e48aded354 |
30 |
-AUX qemu-binfmt.initd-r1 7959 SHA256 13c2791fb48080e9f264670dbe1915f03249d87d740f9b0f2c9502fccb056d03 SHA512 8aee19b4a993113ef4fafe3ab8b561edcc0c16782b36947e757233b6d33d26b48c1b9087c0f300be0d21ad19de14c684e8f2032ae2cd28888130a37ca4d6c314 WHIRLPOOL 3d86861fbe66c0a192a5577b7cd83ab01efd184849b25f8a804aace7a1fb46d87363d6417cc21a3447d2ed50c9db4409121dddae297678e3adc7d4c71556b695 |
31 |
AUX qemu-binfmt.initd.head 1445 SHA256 a9b4b1d1ffa82d572c01f14ebfbafb4b3a4c2eb5cad5af62c059f603a9f5a277 SHA512 a735268ae9ac84d8f2f2893bf018ee6de33231fa94a823bd8502b529bb456635c1ab5cf9b440df5ede8e414291f8bf45fc53898c2f3939c50d5ec4ffa554396a WHIRLPOOL 3ec0f916d5928d464fa8416c8eac472cfa01b560bba07642ff7929799918d1c8059ac7368ff5551e6aa993027849de08035d856db7981315d8e4ec470a0f785e |
32 |
AUX qemu-binfmt.initd.tail 245 SHA256 1b765f5212946b73b8e4d92f64d34a9d2e358ef541c02164f6d6dd93cb15e1e7 SHA512 bcca16805f8380d52cc591ea3d65a8f6e5de456730618f6aee301510edb75d235a22d4d7aeed224882210392840adb403eb53234b6cb76a4cb24533852a8b737 WHIRLPOOL 41ddd1751101646e700a6fe4ef879bd4149d646a801f97e40534051895697dcbded06a1edda51457a0d624fbf68442c3e57178a3ee8e683e35368b88d10ba4a4 |
33 |
DIST qemu-2.8.0-CVE-2016-9602-patches.tar.xz 16264 SHA256 18ac829c6003a3f997db4030a46b422028c58fead158f0c5ffe36ad65acb84e0 SHA512 a56694d1600e4fd1ffd6bbe031a0db226fc5c88306797cc4e42d1dc6127b83d1791cb4e026988b3aad82eab84382e41077ae71e532d1d3489e179730185c0964 WHIRLPOOL 22057b001c478b2b0d97ad70393c973aefc6277d89bb5a1ae03c3c39b5182ddfbe541964761f512ed5735dc442e1f40d0a955ad5b270758e21ce815be86b24bd |
34 |
DIST qemu-2.8.0.tar.bz2 28368517 SHA256 dafd5d7f649907b6b617b822692f4c82e60cf29bc0fc58bc2036219b591e5e62 SHA512 50f2988d822388ba9fd1bf5dbe68359033ed7432d7f0f9790299f32f63faa6dc72979256b5632ba572d47ee3e74ed40e3e8e331dc6303ec1599f1b4367cb78c2 WHIRLPOOL 0ce4e0539657eb832e4039819e7360c792b6aa41c718f0e0d762f4933217f0d370af94b1d6d9776853575b4a6811d8c85db069bf09d21bd15399ac8b50440ff5 |
35 |
-EBUILD qemu-2.8.0-r3.ebuild 21992 SHA256 a2c7a92d214b05e2c6f58fb0d7263472d6a44259de99afc674df713303b432bb SHA512 80699e92ae269cb6ab33b3ec0be164111b68e25d498d8af3624f04bca799174937f1fd2cf49357e0598f6567873cdc8aac3310a1175e328207de8ca5b97856d1 WHIRLPOOL 2079c97d3aa8589c70288cbcca7e1d8591adb1b40a0846b6a683fc6c72f142892e65b6adfac750931e2e63aa33a9d99f31f9659bd5664e6145059f28ecfced1a |
36 |
-EBUILD qemu-2.8.0-r9.ebuild 23468 SHA256 171081a422acc5ecb21cd0400cdb1ea5ad3112379e417aefe37893d1f8ef1575 SHA512 0c4dbb8a03eaf5232819b6482c853d400ffc1c863d5df360a3820a5fa418ea90e204fdf447e72acd5489d8e9294d703be85c58ecabd460f5690c51526c05bad6 WHIRLPOOL 5e8ee3b23f57a62e32f4671c7803880c551b826d0dad357bb587b6ccae4fbf74c2f90b83812c8db9e15b8531150e729bfb7d4b084c702757dc59e22d8b5ee141 |
37 |
-MISC metadata.xml 3890 SHA256 50fd5960fa2280175116b5ee5ff4a9625f02e38f560061a00b2640cde4846d69 SHA512 f19e826a9daba7f2676f0459f97e7bdc752652ccf8b9dd009fd569977015b0656fee21c74529e53b6bc51c2f19e746f417c3dc1e1472e3767cdefa0746b0876c WHIRLPOOL 03e0dafcdc13beffb0044ce5227b83aa272a21e9835fce9ad16d5bdf56ee1a4c3a1ae4b10d1cdaf405502532b84991b150de262f12fa72497052c2377046845f |
38 |
+DIST qemu-2.8.1.tar.bz2 28366270 SHA256 018e4c7ed22c220395cf41f835d01505e49d0e579a548bd3d72b03809442bbcd SHA512 0397b4029cdcb77ed053c44b3579a3f34894038e6fc6b4aa88de14515f5a78bf2f41c5e865f37111529f567c85d2f1c4deefae47dde54f76eac79410e5b2bdda WHIRLPOOL c41f53f18fac44efd1c81ba9d95204d23e9a70dc9c21624177be2fe92a327428fd5704b25bc334229fa36ae395fb4c82ba3955db39719c4458343978a4d3141a |
39 |
+EBUILD qemu-2.8.0-r9.ebuild 23415 SHA256 332494856afccbb1f1347731f97fc9293ededcea348e2227e9c05a0a68cdcea2 SHA512 499730d9913480fd8dd696a2201a7ac8542d046e516756bb58c001be83db043b1b88f7cf34d4c98188b37bc52569034803c1d225a97b2fc02a45eb466486e6fd WHIRLPOOL 9b561abcd59ec05024b3370ff45c05c7d0fcf617bce7a29aece0f9bada3a077ab4700ffeb777ddac9d1c1eda9a80dfe24f36d60110bc34026cb1380e1454ae25 |
40 |
+EBUILD qemu-2.8.1.ebuild 22805 SHA256 fd50a516ec50da69dc8c4dc2ea83c0a3391fcd6087d62650f37183d46c70d933 SHA512 cf05a4725142584b213a1fc03106fc4faa5eeeda5d8e5e1ef020095a2f3b289842537a731a959f628bfd5e36c03786a8404288058514e8057cc1db779b97f6eb WHIRLPOOL ba86ba5234aae044690657585f2f384b0724061e37c74a4b55df50c0c0bce5615abbb1e6566d2e1cb56b51e4e49fc1495c78cae3f25a4741b8dd7eb493d22a8a |
41 |
+MISC metadata.xml 3794 SHA256 149f7bc9927e13bbf7355972e85df6f9f198dd17fb575a7e516817d6a88018fb SHA512 10f130f225b90dacf8262247d795a247abfdcbf3ad5fbe0693e8d4db79f755984f690cb150a7eb5a8e5d669ce404145c4fbb6b200d6362319be74759fd78b6d3 WHIRLPOOL 6a5e88caeb64387f619a19fecb55c39ccf3c8dcd360523e8d61b80051001c02fe81432c55e40b3f360295b35e9f5a1f707c570baf95cad06d18c4cd484da0ceb |
42 |
|
43 |
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-7377.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-7377.patch |
44 |
new file mode 100644 |
45 |
index 0000000..f2d317c |
46 |
--- /dev/null |
47 |
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-7377.patch |
48 |
@@ -0,0 +1,49 @@ |
49 |
+From d63fb193e71644a073b77ff5ac6f1216f2f6cf6e Mon Sep 17 00:00:00 2001 |
50 |
+From: Li Qiang <liq3ea@×××××.com> |
51 |
+Date: Mon, 27 Mar 2017 21:13:19 +0200 |
52 |
+Subject: [PATCH] 9pfs: fix file descriptor leak |
53 |
+ |
54 |
+The v9fs_create() and v9fs_lcreate() functions are used to create a file |
55 |
+on the backend and to associate it to a fid. The fid shouldn't be already |
56 |
+in-use, otherwise both functions may silently leak a file descriptor or |
57 |
+allocated memory. The current code doesn't check that. |
58 |
+ |
59 |
+This patch ensures that the fid isn't already associated to anything |
60 |
+before using it. |
61 |
+ |
62 |
+Signed-off-by: Li Qiang <liqiang6-s@×××.cn> |
63 |
+(reworded the changelog, Greg Kurz) |
64 |
+Signed-off-by: Greg Kurz <groug@××××.org> |
65 |
+--- |
66 |
+ hw/9pfs/9p.c | 8 ++++++++ |
67 |
+ 1 file changed, 8 insertions(+) |
68 |
+ |
69 |
+diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c |
70 |
+index b8c0b99..48babce 100644 |
71 |
+--- a/hw/9pfs/9p.c |
72 |
++++ b/hw/9pfs/9p.c |
73 |
+@@ -1550,6 +1550,10 @@ static void coroutine_fn v9fs_lcreate(void *opaque) |
74 |
+ err = -ENOENT; |
75 |
+ goto out_nofid; |
76 |
+ } |
77 |
++ if (fidp->fid_type != P9_FID_NONE) { |
78 |
++ err = -EINVAL; |
79 |
++ goto out; |
80 |
++ } |
81 |
+ |
82 |
+ flags = get_dotl_openflags(pdu->s, flags); |
83 |
+ err = v9fs_co_open2(pdu, fidp, &name, gid, |
84 |
+@@ -2153,6 +2157,10 @@ static void coroutine_fn v9fs_create(void *opaque) |
85 |
+ err = -EINVAL; |
86 |
+ goto out_nofid; |
87 |
+ } |
88 |
++ if (fidp->fid_type != P9_FID_NONE) { |
89 |
++ err = -EINVAL; |
90 |
++ goto out; |
91 |
++ } |
92 |
+ if (perm & P9_STAT_MODE_DIR) { |
93 |
+ err = v9fs_co_mkdir(pdu, fidp, &name, perm & 0777, |
94 |
+ fidp->uid, -1, &stbuf); |
95 |
+-- |
96 |
+2.10.2 |
97 |
+ |
98 |
|
99 |
diff --git a/app-emulation/qemu/files/qemu-binfmt.initd-r1 b/app-emulation/qemu/files/qemu-binfmt.initd-r1 |
100 |
deleted file mode 100644 |
101 |
index fe62a2a..0000000 |
102 |
--- a/app-emulation/qemu/files/qemu-binfmt.initd-r1 |
103 |
+++ /dev/null |
104 |
@@ -1,138 +0,0 @@ |
105 |
-#!/sbin/openrc-run |
106 |
-# Copyright 1999-2016 Gentoo Foundation |
107 |
-# Distributed under the terms of the GNU General Public License v2 |
108 |
- |
109 |
-# enable automatic i386/ARM/M68K/MIPS/SPARC/PPC/s390 program execution by the kernel |
110 |
- |
111 |
-# Defaulting to OC should be safe because it comes down to: |
112 |
-# - do we trust the interp itself to not be malicious? yes; we built it. |
113 |
-# - do we trust the programs we're running? ish; same permission as native |
114 |
-# binaries apply. so if user can do bad stuff natively, cross isn't worse. |
115 |
-: ${QEMU_BINFMT_FLAGS:=OC} |
116 |
- |
117 |
-depend() { |
118 |
- after procfs |
119 |
-} |
120 |
- |
121 |
-start() { |
122 |
- ebegin "Registering qemu-user binaries (flags: ${QEMU_BINFMT_FLAGS})" |
123 |
- |
124 |
- if [ ! -d /proc/sys/fs/binfmt_misc ] ; then |
125 |
- modprobe -q binfmt_misc |
126 |
- fi |
127 |
- |
128 |
- if [ ! -d /proc/sys/fs/binfmt_misc ] ; then |
129 |
- eend $? "You need support for 'misc binaries' in your kernel!" || return |
130 |
- fi |
131 |
- |
132 |
- if [ ! -f /proc/sys/fs/binfmt_misc/register ] ; then |
133 |
- mount -t binfmt_misc binfmt_misc /proc/sys/fs/binfmt_misc >/dev/null 2>&1 |
134 |
- eend $? || return |
135 |
- fi |
136 |
- |
137 |
- # probe cpu type |
138 |
- cpu=`uname -m` |
139 |
- case "$cpu" in |
140 |
- i386|i486|i586|i686|i86pc|BePC|x86_64) |
141 |
- cpu="i386" |
142 |
- ;; |
143 |
- m68k) |
144 |
- cpu="m68k" |
145 |
- ;; |
146 |
- mips*) |
147 |
- cpu="mips" |
148 |
- ;; |
149 |
- "Power Macintosh"|ppc|ppc64) |
150 |
- cpu="ppc" |
151 |
- ;; |
152 |
- armv[4-9]*) |
153 |
- cpu="arm" |
154 |
- ;; |
155 |
- sparc*) |
156 |
- cpu="sparc" |
157 |
- ;; |
158 |
- esac |
159 |
- |
160 |
- # register the interpreter for each cpu except for the native one |
161 |
- if [ $cpu != "i386" -a -x "/usr/bin/qemu-i386" ] ; then |
162 |
- echo ':i386:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x03\x00:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-i386:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register |
163 |
- echo ':i486:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x06\x00:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-i386:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register |
164 |
- fi |
165 |
- if [ $cpu != "alpha" -a -x "/usr/bin/qemu-alpha" ] ; then |
166 |
- echo ':alpha:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x26\x90:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-alpha:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register |
167 |
- fi |
168 |
- if [ $cpu != "arm" -a -x "/usr/bin/qemu-arm" ] ; then |
169 |
- echo ':arm:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff:/usr/bin/qemu-arm:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register |
170 |
- fi |
171 |
- if [ $cpu != "arm" -a -x "/usr/bin/qemu-armeb" ] ; then |
172 |
- echo ':armeb:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-armeb:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register |
173 |
- fi |
174 |
- if [ $cpu != "aarch64" -a -x "/usr/bin/qemu-aarch64" ] ; then |
175 |
- echo ':aarch64:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-aarch64:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register |
176 |
- fi |
177 |
- if [ $cpu != "sparc" -a -x "/usr/bin/qemu-sparc" ] ; then |
178 |
- echo ':sparc:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x02:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-sparc:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register |
179 |
- fi |
180 |
- if [ $cpu != "ppc" -a -x "/usr/bin/qemu-ppc" ] ; then |
181 |
- echo ':ppc:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x14:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-ppc:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register |
182 |
- fi |
183 |
- if [ $cpu != "m68k" -a -x "/usr/bin/qemu-m68k" ] ; then |
184 |
- #echo 'Please check cpu value and header information for m68k!' |
185 |
- echo ':m68k:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-m68k:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register |
186 |
- fi |
187 |
- if [ $cpu != "mips" -a -x "/usr/bin/qemu-mips" ] ; then |
188 |
- # FIXME: We could use the other endianness on a MIPS host. |
189 |
- echo ':mips:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mips:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register |
190 |
- fi |
191 |
- if [ $cpu != "mips" -a -x "/usr/bin/qemu-mipsel" ] ; then |
192 |
- echo ':mipsel:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mipsel:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register |
193 |
- fi |
194 |
- if [ $cpu != "mips" -a -x "/usr/bin/qemu-mipsn32" ] ; then |
195 |
- echo ':mipsn32:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mipsn32:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register |
196 |
- fi |
197 |
- if [ $cpu != "mips" -a -x "/usr/bin/qemu-mipsn32el" ] ; then |
198 |
- echo ':mipsn32el:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mipsn32el:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register |
199 |
- fi |
200 |
- if [ $cpu != "mips" -a -x "/usr/bin/qemu-mips64" ] ; then |
201 |
- echo ':mips64:M::\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mips64:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register |
202 |
- fi |
203 |
- if [ $cpu != "mips" -a -x "/usr/bin/qemu-mips64el" ] ; then |
204 |
- echo ':mips64el:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mips64el:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register |
205 |
- fi |
206 |
- if [ $cpu != "sh" -a -x "/usr/bin/qemu-sh4" ] ; then |
207 |
- echo ':sh4:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2a\x00:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-sh4:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register |
208 |
- fi |
209 |
- if [ $cpu != "sh" -a -x "/usr/bin/qemu-sh4eb" ] ; then |
210 |
- echo ':sh4eb:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2a:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-sh4eb:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register |
211 |
- fi |
212 |
- if [ $cpu != "s390x" -a -x "/usr/bin/qemu-s390x" ] ; then |
213 |
- echo ':s390x:M::\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x16:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-s390x:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register |
214 |
- fi |
215 |
- eend $? |
216 |
-} |
217 |
- |
218 |
-stop() { |
219 |
- ebegin "Unregistering qemu-user binaries" |
220 |
- local arches |
221 |
- |
222 |
- arches="${arches} i386 i486" |
223 |
- arches="${arches} alpha" |
224 |
- arches="${arches} arm armeb" |
225 |
- arches="${arches} aarch64" |
226 |
- arches="${arches} sparc" |
227 |
- arches="${arches} ppc" |
228 |
- arches="${arches} m68k" |
229 |
- arches="${arches} mips mipsel mipsn32 mipsn32el mips64 mips64el" |
230 |
- arches="${arches} sh4 sh4eb" |
231 |
- arches="${arches} s390x" |
232 |
- |
233 |
- for a in ${arches}; do |
234 |
- if [ -f /proc/sys/fs/binfmt_misc/$a ] ; then |
235 |
- echo '-1' > /proc/sys/fs/binfmt_misc/$a |
236 |
- fi |
237 |
- done |
238 |
- |
239 |
- eend $? |
240 |
-} |
241 |
- |
242 |
-# vim: ts=4 : |
243 |
|
244 |
diff --git a/app-emulation/qemu/metadata.xml b/app-emulation/qemu/metadata.xml |
245 |
index 9a8a1a3..3fe0408 100644 |
246 |
--- a/app-emulation/qemu/metadata.xml |
247 |
+++ b/app-emulation/qemu/metadata.xml |
248 |
@@ -32,7 +32,6 @@ |
249 |
<flag name="sdl2">Use libsdl2 instead of libsdl</flag> |
250 |
<flag name="spice">Enable Spice protocol support via <pkg>app-emulation/spice</pkg></flag> |
251 |
<flag name="ssh">Enable SSH based block device support via <pkg>net-libs/libssh2</pkg></flag> |
252 |
- <flag name="static-softmmu">Build the Software MMU (system) targets as static binaries</flag> |
253 |
<flag name="static-user">Build the User targets as static binaries</flag> |
254 |
<flag name="static">Build the User and Software MMU (system) targets as well as tools as static binaries</flag> |
255 |
<flag name="snappy">Enable support for snappy compression</flag> |
256 |
|
257 |
diff --git a/app-emulation/qemu/qemu-2.8.0-r9.ebuild b/app-emulation/qemu/qemu-2.8.0-r9.ebuild |
258 |
index 8ba8079..97305f1 100644 |
259 |
--- a/app-emulation/qemu/qemu-2.8.0-r9.ebuild |
260 |
+++ b/app-emulation/qemu/qemu-2.8.0-r9.ebuild |
261 |
@@ -17,7 +17,7 @@ if [[ ${PV} = *9999* ]]; then |
262 |
SRC_URI="" |
263 |
else |
264 |
SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2" |
265 |
- KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd" |
266 |
+ KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd" |
267 |
fi |
268 |
|
269 |
# bug #606088 |
270 |
@@ -753,7 +753,6 @@ src_install() { |
271 |
|
272 |
pkg_postinst() { |
273 |
DISABLE_AUTOFORMATTING=true |
274 |
- FORCE_PRINT_ELOG=1 # remove for next version bump |
275 |
readme.gentoo_print_elog |
276 |
|
277 |
if [[ -n ${softmmu_targets} ]] && use kernel_linux; then |
278 |
|
279 |
diff --git a/app-emulation/qemu/qemu-2.8.0-r3.ebuild b/app-emulation/qemu/qemu-2.8.1.ebuild |
280 |
similarity index 69% |
281 |
rename from app-emulation/qemu/qemu-2.8.0-r3.ebuild |
282 |
rename to app-emulation/qemu/qemu-2.8.1.ebuild |
283 |
index 3a161b9..30f278e 100644 |
284 |
--- a/app-emulation/qemu/qemu-2.8.0-r3.ebuild |
285 |
+++ b/app-emulation/qemu/qemu-2.8.1.ebuild |
286 |
@@ -1,7 +1,7 @@ |
287 |
# Copyright 1999-2017 Gentoo Foundation |
288 |
# Distributed under the terms of the GNU General Public License v2 |
289 |
|
290 |
-EAPI="5" |
291 |
+EAPI="6" |
292 |
|
293 |
PYTHON_COMPAT=( python2_7 ) |
294 |
PYTHON_REQ_USE="ncurses,readline" |
295 |
@@ -13,11 +13,11 @@ inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \ |
296 |
|
297 |
if [[ ${PV} = *9999* ]]; then |
298 |
EGIT_REPO_URI="git://git.qemu.org/qemu.git" |
299 |
- inherit git-2 |
300 |
+ inherit git-r3 |
301 |
SRC_URI="" |
302 |
else |
303 |
SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2" |
304 |
- KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd" |
305 |
+ KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd" |
306 |
fi |
307 |
|
308 |
DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools" |
309 |
@@ -25,19 +25,20 @@ HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org" |
310 |
|
311 |
LICENSE="GPL-2 LGPL-2 BSD-2" |
312 |
SLOT="0" |
313 |
-IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt glusterfs \ |
314 |
-gnutls gtk gtk2 infiniband iscsi +jpeg \ |
315 |
-kernel_linux kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs |
316 |
-+png pulseaudio python \ |
317 |
-rbd sasl +seccomp sdl sdl2 selinux smartcard snappy spice ssh static static-softmmu |
318 |
-static-user systemtap tci test +threads usb usbredir vde +vhost-net \ |
319 |
-virgl virtfs +vnc vte xattr xen xfs" |
320 |
- |
321 |
-COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel mips |
322 |
-mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc sparc64 |
323 |
-x86_64" |
324 |
-IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS} lm32 moxie ppcemb tricore unicore32 xtensa xtensaeb" |
325 |
-IUSE_USER_TARGETS="${COMMON_TARGETS} armeb mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx" |
326 |
+IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt |
327 |
+ glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux |
328 |
+ kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png |
329 |
+ pulseaudio python rbd sasl +seccomp sdl sdl2 selinux smartcard snappy |
330 |
+ spice ssh static static-user systemtap tci test +threads usb usbredir |
331 |
+ vde +vhost-net virgl virtfs +vnc vte xattr xen xfs" |
332 |
+ |
333 |
+COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel |
334 |
+ mips mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc |
335 |
+ sparc64 x86_64" |
336 |
+IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS} |
337 |
+ lm32 moxie ppcemb tricore unicore32 xtensa xtensaeb" |
338 |
+IUSE_USER_TARGETS="${COMMON_TARGETS} |
339 |
+ armeb mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx" |
340 |
|
341 |
use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS}) |
342 |
use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS}) |
343 |
@@ -52,32 +53,37 @@ REQUIRED_USE="${PYTHON_REQUIRED_USE} |
344 |
qemu_softmmu_targets_ppc? ( fdt ) |
345 |
qemu_softmmu_targets_ppc64? ( fdt ) |
346 |
sdl2? ( sdl ) |
347 |
- static? ( static-softmmu static-user ) |
348 |
- static-softmmu? ( !alsa !pulseaudio !bluetooth !opengl !gtk !gtk2 ) |
349 |
+ static? ( static-user !alsa !bluetooth !gtk !gtk2 !opengl !pulseaudio ) |
350 |
virtfs? ( xattr ) |
351 |
vte? ( gtk )" |
352 |
|
353 |
+# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...) |
354 |
+# and user/softmmu targets (qemu-*, qemu-system-*). |
355 |
+# |
356 |
# Yep, you need both libcap and libcap-ng since virtfs only uses libcap. |
357 |
# |
358 |
# The attr lib isn't always linked in (although the USE flag is always |
359 |
# respected). This is because qemu supports using the C library's API |
360 |
# when available rather than always using the extranl library. |
361 |
-# |
362 |
-# Older versions of gnutls are supported, but it's simpler to just require |
363 |
-# the latest versions. This is also why we require nettle. |
364 |
-# |
365 |
-# TODO: Split out tools deps into another var. e.g. bzip2 is only used by |
366 |
-# system binaries and tools, not user binaries. |
367 |
-COMMON_LIB_DEPEND=">=dev-libs/glib-2.0[static-libs(+)] |
368 |
+ALL_DEPEND=" |
369 |
+ >=dev-libs/glib-2.0[static-libs(+)] |
370 |
+ >=x11-libs/pixman-0.28.0[static-libs(+)] |
371 |
sys-libs/zlib[static-libs(+)] |
372 |
- bzip2? ( app-arch/bzip2[static-libs(+)] ) |
373 |
+ python? ( ${PYTHON_DEPS} ) |
374 |
+ systemtap? ( dev-util/systemtap ) |
375 |
xattr? ( sys-apps/attr[static-libs(+)] )" |
376 |
-SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND} |
377 |
- >=x11-libs/pixman-0.28.0[static-libs(+)] |
378 |
- accessibility? ( app-accessibility/brltty[static-libs(+)] ) |
379 |
+ |
380 |
+# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...) |
381 |
+# softmmu targets (qemu-system-*). |
382 |
+SOFTMMU_TOOLS_DEPEND=" |
383 |
+ accessibility? ( |
384 |
+ app-accessibility/brltty[api] |
385 |
+ app-accessibility/brltty[static-libs(+)] |
386 |
+ ) |
387 |
aio? ( dev-libs/libaio[static-libs(+)] ) |
388 |
alsa? ( >=media-libs/alsa-lib-1.0.13 ) |
389 |
bluetooth? ( net-wireless/bluez ) |
390 |
+ bzip2? ( app-arch/bzip2[static-libs(+)] ) |
391 |
caps? ( sys-libs/libcap-ng[static-libs(+)] ) |
392 |
curl? ( >=net-misc/curl-7.15.4[static-libs(+)] ) |
393 |
fdt? ( >=sys-apps/dtc-1.4.0[static-libs(+)] ) |
394 |
@@ -139,8 +145,9 @@ SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND} |
395 |
vde? ( net-misc/vde[static-libs(+)] ) |
396 |
virgl? ( media-libs/virglrenderer[static-libs(+)] ) |
397 |
virtfs? ( sys-libs/libcap ) |
398 |
+ xen? ( app-emulation/xen-tools:= ) |
399 |
xfs? ( sys-fs/xfsprogs[static-libs(+)] )" |
400 |
-USER_LIB_DEPEND="${COMMON_LIB_DEPEND}" |
401 |
+ |
402 |
X86_FIRMWARE_DEPEND=" |
403 |
>=sys-firmware/ipxe-1.0.0_p20130624 |
404 |
pin-upstream-blobs? ( |
405 |
@@ -153,14 +160,14 @@ X86_FIRMWARE_DEPEND=" |
406 |
sys-firmware/sgabios |
407 |
sys-firmware/vgabios |
408 |
)" |
409 |
+ |
410 |
CDEPEND=" |
411 |
- !static-softmmu? ( $(printf "%s? ( ${SOFTMMU_LIB_DEPEND//\[static-libs(+)]} ) " ${use_softmmu_targets}) ) |
412 |
- !static-user? ( $(printf "%s? ( ${USER_LIB_DEPEND//\[static-libs(+)]} ) " ${use_user_targets}) ) |
413 |
+ !static? ( |
414 |
+ ${ALL_DEPEND//\[static-libs(+)]} |
415 |
+ ${SOFTMMU_TOOLS_DEPEND//\[static-libs(+)]} |
416 |
+ ) |
417 |
qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} ) |
418 |
- qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} ) |
419 |
- python? ( ${PYTHON_DEPS} ) |
420 |
- systemtap? ( dev-util/systemtap ) |
421 |
- xen? ( app-emulation/xen-tools:= )" |
422 |
+ qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )" |
423 |
DEPEND="${CDEPEND} |
424 |
dev-lang/perl |
425 |
=dev-lang/python-2* |
426 |
@@ -168,15 +175,45 @@ DEPEND="${CDEPEND} |
427 |
virtual/pkgconfig |
428 |
kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 ) |
429 |
gtk? ( nls? ( sys-devel/gettext ) ) |
430 |
- static-softmmu? ( $(printf "%s? ( ${SOFTMMU_LIB_DEPEND} ) " ${use_softmmu_targets}) ) |
431 |
- static-user? ( $(printf "%s? ( ${USER_LIB_DEPEND} ) " ${use_user_targets}) ) |
432 |
+ static? ( |
433 |
+ ${ALL_DEPEND} |
434 |
+ ${SOFTMMU_TOOLS_DEPEND} |
435 |
+ ) |
436 |
+ static-user? ( ${ALL_DEPEND} ) |
437 |
test? ( |
438 |
dev-libs/glib[utils] |
439 |
sys-devel/bc |
440 |
)" |
441 |
RDEPEND="${CDEPEND} |
442 |
- selinux? ( sec-policy/selinux-qemu ) |
443 |
-" |
444 |
+ selinux? ( sec-policy/selinux-qemu )" |
445 |
+ |
446 |
+PATCHES=( |
447 |
+ # musl patches |
448 |
+ "${FILESDIR}"/${PN}-2.8.0-F_SHLCK-and-F_EXLCK.patch |
449 |
+ "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch |
450 |
+ "${FILESDIR}"/${PN}-2.2.0-_sigev_un.patch |
451 |
+ |
452 |
+ # gentoo patches |
453 |
+ "${FILESDIR}"/${PN}-2.5.0-cflags.patch |
454 |
+ "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch |
455 |
+ "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8669-1.patch #597108 |
456 |
+ "${FILESDIR}"/${PN}-2.8.0-CVE-2016-9908.patch #601826 |
457 |
+ "${FILESDIR}"/${PN}-2.8.0-CVE-2016-9912.patch #602630 |
458 |
+ "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10028.patch #603444 |
459 |
+ "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10155.patch #606720 |
460 |
+ "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-1.patch #606264 |
461 |
+ "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-2.patch |
462 |
+ "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5552.patch #606722 |
463 |
+ "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5578.patch #607000 |
464 |
+ "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5579.patch #607100 |
465 |
+ "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5856.patch #608036 |
466 |
+ "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5857.patch #608038 |
467 |
+ "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5898.patch #608520 |
468 |
+ "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5973.patch #609334 |
469 |
+ "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5987.patch #609398 |
470 |
+ "${FILESDIR}"/${PN}-2.8.0-CVE-2017-6505.patch #612220 |
471 |
+ "${FILESDIR}"/${PN}-2.8.0-CVE-2017-7377.patch #614744 |
472 |
+) |
473 |
|
474 |
STRIP_MASK="/usr/share/qemu/palcode-clipper" |
475 |
|
476 |
@@ -186,8 +223,7 @@ QA_PREBUILT=" |
477 |
usr/share/qemu/openbios-sparc32 |
478 |
usr/share/qemu/palcode-clipper |
479 |
usr/share/qemu/s390-ccw.img |
480 |
- usr/share/qemu/u-boot.e500 |
481 |
-" |
482 |
+ usr/share/qemu/u-boot.e500" |
483 |
|
484 |
QA_WX_LOAD="usr/bin/qemu-i386 |
485 |
usr/bin/qemu-x86_64 |
486 |
@@ -212,27 +248,26 @@ QA_WX_LOAD="usr/bin/qemu-i386 |
487 |
usr/bin/qemu-s390x |
488 |
usr/bin/qemu-unicore32" |
489 |
|
490 |
-DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure |
491 |
-you have the kernel module loaded before running kvm. The easiest way to |
492 |
-ensure that the kernel module is loaded is to load it on boot.\n |
493 |
-For AMD CPUs the module is called 'kvm-amd'.\n |
494 |
-For Intel CPUs the module is called 'kvm-intel'.\n |
495 |
-Please review /etc/conf.d/modules for how to load these.\n\n |
496 |
-Make sure your user is in the 'kvm' group\n |
497 |
-Just run 'gpasswd -a <USER> kvm', then have <USER> re-login.\n\n |
498 |
-For brand new installs, the default permissions on /dev/kvm might not let you |
499 |
-access it. You can tell udev to reset ownership/perms:\n |
500 |
-udevadm trigger -c add /dev/kvm" |
501 |
- |
502 |
-qemu_support_kvm() { |
503 |
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386 \ |
504 |
- use qemu_softmmu_targets_ppc || use qemu_softmmu_targets_ppc64 \ |
505 |
- use qemu_softmmu_targets_s390x; then |
506 |
- return 0 |
507 |
- fi |
508 |
+DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure you have the |
509 |
+kernel module loaded before running kvm. The easiest way to ensure that the |
510 |
+kernel module is loaded is to load it on boot. |
511 |
+ For AMD CPUs the module is called 'kvm-amd'. |
512 |
+ For Intel CPUs the module is called 'kvm-intel'. |
513 |
+Please review /etc/conf.d/modules for how to load these. |
514 |
|
515 |
- return 1 |
516 |
-} |
517 |
+Make sure your user is in the 'kvm' group. Just run |
518 |
+ $ gpasswd -a <USER> kvm |
519 |
+then have <USER> re-login. |
520 |
+ |
521 |
+For brand new installs, the default permissions on /dev/kvm might not let |
522 |
+you access it. You can tell udev to reset ownership/perms: |
523 |
+ $ udevadm trigger -c add /dev/kvm |
524 |
+ |
525 |
+If you want to register binfmt handlers for qemu user targets: |
526 |
+For openrc: |
527 |
+ # rc-update add qemu-binfmt |
528 |
+For systemd: |
529 |
+ # ln -s /usr/share/qemu/binfmt.d/qemu.conf /etc/binfmt.d/qemu.conf" |
530 |
|
531 |
pkg_pretend() { |
532 |
if use kernel_linux && kernel_is lt 2 6 25; then |
533 |
@@ -333,34 +368,7 @@ src_prepare() { |
534 |
-e 's/^(C|OP_C|HELPER_C)FLAGS=/\1FLAGS+=/' \ |
535 |
Makefile Makefile.target || die |
536 |
|
537 |
- # Patching for musl |
538 |
- epatch "${FILESDIR}"/${PN}-2.8.0-F_SHLCK-and-F_EXLCK.patch |
539 |
- epatch "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch |
540 |
- epatch "${FILESDIR}"/${PN}-2.2.0-_sigev_un.patch |
541 |
- |
542 |
- epatch "${FILESDIR}"/${PN}-2.5.0-cflags.patch |
543 |
- epatch "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch |
544 |
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8669-1.patch #597108 |
545 |
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2016-9908.patch #601826 |
546 |
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2016-9912.patch #602630 |
547 |
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10028.patch #603444 |
548 |
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10155.patch #606720 |
549 |
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-2615.patch #608034 |
550 |
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-2630.patch #609396 |
551 |
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-1.patch #606264 |
552 |
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-2.patch |
553 |
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5552.patch #606722 |
554 |
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5578.patch #607000 |
555 |
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5579.patch #607100 |
556 |
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5667.patch #607766 |
557 |
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5856.patch #608036 |
558 |
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5857.patch #608038 |
559 |
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5898.patch #608520 |
560 |
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5931.patch #608728 |
561 |
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5973.patch #609334 |
562 |
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5987.patch #609398 |
563 |
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-6058.patch #609638 |
564 |
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-2620.patch #609206 |
565 |
+ default |
566 |
|
567 |
# Fix ld and objcopy being called directly |
568 |
tc-export AR LD OBJCOPY |
569 |
@@ -368,8 +376,6 @@ src_prepare() { |
570 |
# Verbose builds |
571 |
MAKEOPTS+=" V=1" |
572 |
|
573 |
- epatch_user |
574 |
- |
575 |
# Run after we've applied all patches. |
576 |
handle_locales |
577 |
} |
578 |
@@ -383,7 +389,6 @@ qemu_src_configure() { |
579 |
|
580 |
local buildtype=$1 |
581 |
local builddir="${S}/${buildtype}-build" |
582 |
- local static_flag="static-${buildtype}" |
583 |
|
584 |
mkdir "${builddir}" |
585 |
|
586 |
@@ -412,9 +417,9 @@ qemu_src_configure() { |
587 |
$(use_enable xattr attr) |
588 |
) |
589 |
|
590 |
- # Disable options not used by user targets as the default configure |
591 |
- # options will autoprobe and try to link in a bunch of unused junk. |
592 |
- conf_softmmu() { |
593 |
+ # Disable options not used by user targets. This simplifies building |
594 |
+ # static user targets (USE=static-user) considerably. |
595 |
+ conf_notuser() { |
596 |
if [[ ${buildtype} == "user" ]] ; then |
597 |
echo "--disable-${2:-$1}" |
598 |
else |
599 |
@@ -422,48 +427,61 @@ qemu_src_configure() { |
600 |
fi |
601 |
} |
602 |
conf_opts+=( |
603 |
- $(conf_softmmu accessibility brlapi) |
604 |
- $(conf_softmmu aio linux-aio) |
605 |
- $(conf_softmmu bzip2) |
606 |
- $(conf_softmmu bluetooth bluez) |
607 |
- $(conf_softmmu caps cap-ng) |
608 |
- $(conf_softmmu curl) |
609 |
- $(conf_softmmu fdt) |
610 |
- $(conf_softmmu glusterfs) |
611 |
- $(conf_softmmu gnutls) |
612 |
- $(conf_softmmu gnutls nettle) |
613 |
- $(conf_softmmu gtk) |
614 |
- $(conf_softmmu infiniband rdma) |
615 |
- $(conf_softmmu iscsi libiscsi) |
616 |
- $(conf_softmmu jpeg vnc-jpeg) |
617 |
- $(conf_softmmu kernel_linux kvm) |
618 |
- $(conf_softmmu lzo) |
619 |
- $(conf_softmmu ncurses curses) |
620 |
- $(conf_softmmu nfs libnfs) |
621 |
- $(conf_softmmu numa) |
622 |
- $(conf_softmmu opengl) |
623 |
- $(conf_softmmu png vnc-png) |
624 |
- $(conf_softmmu rbd) |
625 |
- $(conf_softmmu sasl vnc-sasl) |
626 |
- $(conf_softmmu sdl) |
627 |
- $(conf_softmmu seccomp) |
628 |
- $(conf_softmmu smartcard) |
629 |
- $(conf_softmmu snappy) |
630 |
- $(conf_softmmu spice) |
631 |
- $(conf_softmmu ssh libssh2) |
632 |
- $(conf_softmmu usb libusb) |
633 |
- $(conf_softmmu usbredir usb-redir) |
634 |
- $(conf_softmmu vde) |
635 |
- $(conf_softmmu vhost-net) |
636 |
- $(conf_softmmu virgl virglrenderer) |
637 |
- $(conf_softmmu virtfs) |
638 |
- $(conf_softmmu vnc) |
639 |
- $(conf_softmmu vte) |
640 |
- $(conf_softmmu xen) |
641 |
- $(conf_softmmu xen xen-pci-passthrough) |
642 |
- $(conf_softmmu xfs xfsctl) |
643 |
+ $(conf_notuser accessibility brlapi) |
644 |
+ $(conf_notuser aio linux-aio) |
645 |
+ $(conf_notuser bzip2) |
646 |
+ $(conf_notuser bluetooth bluez) |
647 |
+ $(conf_notuser caps cap-ng) |
648 |
+ $(conf_notuser curl) |
649 |
+ $(conf_notuser fdt) |
650 |
+ $(conf_notuser glusterfs) |
651 |
+ $(conf_notuser gnutls) |
652 |
+ $(conf_notuser gnutls nettle) |
653 |
+ $(conf_notuser gtk) |
654 |
+ $(conf_notuser infiniband rdma) |
655 |
+ $(conf_notuser iscsi libiscsi) |
656 |
+ $(conf_notuser jpeg vnc-jpeg) |
657 |
+ $(conf_notuser kernel_linux kvm) |
658 |
+ $(conf_notuser lzo) |
659 |
+ $(conf_notuser ncurses curses) |
660 |
+ $(conf_notuser nfs libnfs) |
661 |
+ $(conf_notuser numa) |
662 |
+ $(conf_notuser opengl) |
663 |
+ $(conf_notuser png vnc-png) |
664 |
+ $(conf_notuser rbd) |
665 |
+ $(conf_notuser sasl vnc-sasl) |
666 |
+ $(conf_notuser sdl) |
667 |
+ $(conf_notuser seccomp) |
668 |
+ $(conf_notuser smartcard) |
669 |
+ $(conf_notuser snappy) |
670 |
+ $(conf_notuser spice) |
671 |
+ $(conf_notuser ssh libssh2) |
672 |
+ $(conf_notuser usb libusb) |
673 |
+ $(conf_notuser usbredir usb-redir) |
674 |
+ $(conf_notuser vde) |
675 |
+ $(conf_notuser vhost-net) |
676 |
+ $(conf_notuser virgl virglrenderer) |
677 |
+ $(conf_notuser virtfs) |
678 |
+ $(conf_notuser vnc) |
679 |
+ $(conf_notuser vte) |
680 |
+ $(conf_notuser xen) |
681 |
+ $(conf_notuser xen xen-pci-passthrough) |
682 |
+ $(conf_notuser xfs xfsctl) |
683 |
) |
684 |
|
685 |
+ if [[ ! ${buildtype} == "user" ]] ; then |
686 |
+ # audio options |
687 |
+ local audio_opts="oss" |
688 |
+ use alsa && audio_opts="alsa,${audio_opts}" |
689 |
+ use sdl && audio_opts="sdl,${audio_opts}" |
690 |
+ use pulseaudio && audio_opts="pa,${audio_opts}" |
691 |
+ conf_opts+=( |
692 |
+ --audio-drv-list="${audio_opts}" |
693 |
+ ) |
694 |
+ use gtk && conf_opts+=( --with-gtkabi=$(usex gtk2 2.0 3.0) ) |
695 |
+ use sdl && conf_opts+=( --with-sdlabi=$(usex sdl2 2.0 1.2) ) |
696 |
+ fi |
697 |
+ |
698 |
case ${buildtype} in |
699 |
user) |
700 |
conf_opts+=( |
701 |
@@ -472,31 +490,25 @@ qemu_src_configure() { |
702 |
--disable-blobs |
703 |
--disable-tools |
704 |
) |
705 |
+ local static_flag="static-user" |
706 |
;; |
707 |
softmmu) |
708 |
- # audio options |
709 |
- local audio_opts="oss" |
710 |
- use alsa && audio_opts="alsa,${audio_opts}" |
711 |
- use sdl && audio_opts="sdl,${audio_opts}" |
712 |
- use pulseaudio && audio_opts="pa,${audio_opts}" |
713 |
- |
714 |
conf_opts+=( |
715 |
--disable-linux-user |
716 |
--enable-system |
717 |
+ --disable-tools |
718 |
--with-system-pixman |
719 |
- --audio-drv-list="${audio_opts}" |
720 |
) |
721 |
- use gtk && conf_opts+=( --with-gtkabi=$(usex gtk2 2.0 3.0) ) |
722 |
- use sdl && conf_opts+=( --with-sdlabi=$(usex sdl2 2.0 1.2) ) |
723 |
+ local static_flag="static" |
724 |
;; |
725 |
tools) |
726 |
conf_opts+=( |
727 |
--disable-linux-user |
728 |
--disable-system |
729 |
--disable-blobs |
730 |
- $(use_enable bzip2) |
731 |
+ --enable-tools |
732 |
) |
733 |
- static_flag="static" |
734 |
+ local static_flag="static" |
735 |
;; |
736 |
esac |
737 |
|
738 |
@@ -552,7 +564,7 @@ src_configure() { |
739 |
|
740 |
[[ -n ${softmmu_targets} ]] && qemu_src_configure "softmmu" |
741 |
[[ -n ${user_targets} ]] && qemu_src_configure "user" |
742 |
- [[ -z ${softmmu_targets}${user_targets} ]] && qemu_src_configure "tools" |
743 |
+ qemu_src_configure "tools" |
744 |
} |
745 |
|
746 |
src_compile() { |
747 |
@@ -566,10 +578,8 @@ src_compile() { |
748 |
default |
749 |
fi |
750 |
|
751 |
- if [[ -z ${softmmu_targets}${user_targets} ]]; then |
752 |
- cd "${S}/tools-build" |
753 |
- default |
754 |
- fi |
755 |
+ cd "${S}/tools-build" |
756 |
+ default |
757 |
} |
758 |
|
759 |
src_test() { |
760 |
@@ -589,13 +599,69 @@ qemu_python_install() { |
761 |
python_doscript "${S}/scripts/qmp/qemu-ga-client" |
762 |
} |
763 |
|
764 |
+# Generate binfmt support files. |
765 |
+# - /etc/init.d/qemu-binfmt script which registers the user handlers (openrc) |
766 |
+# - /usr/share/qemu/binfmt.d/qemu.conf (for use with systemd-binfmt) |
767 |
+generate_initd() { |
768 |
+ local out="${T}/qemu-binfmt" |
769 |
+ local out_systemd="${T}/qemu.conf" |
770 |
+ local d="${T}/binfmt.d" |
771 |
+ |
772 |
+ einfo "Generating qemu binfmt scripts and configuration files" |
773 |
+ |
774 |
+ # Generate the debian fragments first. |
775 |
+ mkdir -p "${d}" |
776 |
+ "${S}"/scripts/qemu-binfmt-conf.sh \ |
777 |
+ --debian \ |
778 |
+ --exportdir "${d}" \ |
779 |
+ --qemu-path "${EPREFIX}/usr/bin" \ |
780 |
+ || die |
781 |
+ # Then turn the fragments into a shell script we can source. |
782 |
+ sed -E -i \ |
783 |
+ -e 's:^([^ ]+) (.*)$:\1="\2":' \ |
784 |
+ "${d}"/* || die |
785 |
+ |
786 |
+ # Generate the init.d script by assembling the fragments from above. |
787 |
+ local f qcpu package interpreter magic mask |
788 |
+ cat "${FILESDIR}"/qemu-binfmt.initd.head >"${out}" || die |
789 |
+ for f in "${d}"/qemu-* ; do |
790 |
+ source "${f}" |
791 |
+ |
792 |
+ # Normalize the cpu logic like we do in the init.d for the native cpu. |
793 |
+ qcpu=${package#qemu-} |
794 |
+ case ${qcpu} in |
795 |
+ arm*) qcpu="arm";; |
796 |
+ mips*) qcpu="mips";; |
797 |
+ ppc*) qcpu="ppc";; |
798 |
+ s390*) qcpu="s390";; |
799 |
+ sh*) qcpu="sh";; |
800 |
+ sparc*) qcpu="sparc";; |
801 |
+ esac |
802 |
+ |
803 |
+ cat <<EOF >>"${out}" |
804 |
+ if [ "\${cpu}" != "${qcpu}" -a -x "${interpreter}" ] ; then |
805 |
+ echo ':${package}:M::${magic}:${mask}:${interpreter}:'"\${QEMU_BINFMT_FLAGS}" >/proc/sys/fs/binfmt_misc/register |
806 |
+ fi |
807 |
+EOF |
808 |
+ |
809 |
+ echo ":${package}:M::${magic}:${mask}:${interpreter}:OC" >>"${out_systemd}" |
810 |
+ |
811 |
+ done |
812 |
+ cat "${FILESDIR}"/qemu-binfmt.initd.tail >>"${out}" || die |
813 |
+} |
814 |
+ |
815 |
src_install() { |
816 |
if [[ -n ${user_targets} ]]; then |
817 |
cd "${S}/user-build" |
818 |
emake DESTDIR="${ED}" install |
819 |
|
820 |
- # Install binfmt handler init script for user targets |
821 |
- newinitd "${FILESDIR}/qemu-binfmt.initd-r1" qemu-binfmt |
822 |
+ # Install binfmt handler init script for user targets. |
823 |
+ generate_initd |
824 |
+ doinitd "${T}/qemu-binfmt" |
825 |
+ |
826 |
+ # Install binfmt/qemu.conf. |
827 |
+ insinto "/usr/share/qemu/binfmt.d" |
828 |
+ doins "${T}/qemu.conf" |
829 |
fi |
830 |
|
831 |
if [[ -n ${softmmu_targets} ]]; then |
832 |
@@ -614,14 +680,12 @@ src_install() { |
833 |
fi |
834 |
fi |
835 |
|
836 |
- if [[ -z ${softmmu_targets}${user_targets} ]]; then |
837 |
- cd "${S}/tools-build" |
838 |
- emake DESTDIR="${ED}" install |
839 |
- fi |
840 |
+ cd "${S}/tools-build" |
841 |
+ emake DESTDIR="${ED}" install |
842 |
|
843 |
# Disable mprotect on the qemu binaries as they use JITs to be fast #459348 |
844 |
pushd "${ED}"/usr/bin >/dev/null |
845 |
- pax-mark m "${softmmu_bins[@]}" "${user_bins[@]}" |
846 |
+ pax-mark mr "${softmmu_bins[@]}" "${user_bins[@]}" # bug 575594 |
847 |
popd >/dev/null |
848 |
|
849 |
# Install config file example for qemu-bridge-helper |
850 |
@@ -675,13 +739,13 @@ src_install() { |
851 |
fi |
852 |
fi |
853 |
|
854 |
- qemu_support_kvm && readme.gentoo_create_doc |
855 |
+ DISABLE_AUTOFORMATTING=true |
856 |
+ readme.gentoo_create_doc |
857 |
} |
858 |
|
859 |
pkg_postinst() { |
860 |
- if qemu_support_kvm; then |
861 |
- readme.gentoo_print_elog |
862 |
- fi |
863 |
+ DISABLE_AUTOFORMATTING=true |
864 |
+ readme.gentoo_print_elog |
865 |
|
866 |
if [[ -n ${softmmu_targets} ]] && use kernel_linux; then |
867 |
udev_reload |