Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Aric Belsito <lluixhi@×××××.com>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/, app-emulation/qemu/files/
Date: Wed, 12 Apr 2017 15:41:31
Message-Id: 1492011654.ddd9689812e829d241100f0e110cac8ef0cf464e.lluixhi@gentoo
1 commit: ddd9689812e829d241100f0e110cac8ef0cf464e
2 Author: Aric Belsito <lluixhi <AT> gmail <DOT> com>
3 AuthorDate: Wed Apr 12 15:40:32 2017 +0000
4 Commit: Aric Belsito <lluixhi <AT> gmail <DOT> com>
5 CommitDate: Wed Apr 12 15:40:54 2017 +0000
6 URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=ddd96898
7
8 app-emulation/qemu: version bump to 2.8.1
9
10 remove 2.8.0-r3
11
12 app-emulation/qemu/Manifest | 9 +-
13 .../qemu/files/qemu-2.8.0-CVE-2017-7377.patch | 49 +++
14 app-emulation/qemu/files/qemu-binfmt.initd-r1 | 138 --------
15 app-emulation/qemu/metadata.xml | 1 -
16 app-emulation/qemu/qemu-2.8.0-r9.ebuild | 3 +-
17 .../{qemu-2.8.0-r3.ebuild => qemu-2.8.1.ebuild} | 390 ++++++++++++---------
18 6 files changed, 282 insertions(+), 308 deletions(-)
19
20 diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
21 index 3e953ef..394f74d 100644
22 --- a/app-emulation/qemu/Manifest
23 +++ b/app-emulation/qemu/Manifest
24 @@ -26,12 +26,13 @@ AUX qemu-2.8.0-CVE-2017-5973.patch 2815 SHA256 206d01053ce678e2c83174b278755e112
25 AUX qemu-2.8.0-CVE-2017-5987.patch 1889 SHA256 c4f2175970deca9b00bf657e66b8df31a02efce469eec02279a9659b9cb18bb0 SHA512 32708f91edbbb61ac444ee71b97a30138380544389f6265d7cb7aec330ebaaa7ca69844a9462c817fbda117e78748fc4fdeb655e70bcd72ddd8b112fd9619b0d WHIRLPOOL 1aa99740495c0d2a577cf13c47669aeba75ad389394736ce16fde31c91931254820accad85a6d6fee9757595bec3f222413a89fe4ca125913be7ecc97f33b365
26 AUX qemu-2.8.0-CVE-2017-6058.patch 3797 SHA256 06c01fcd53dab66af55df164f1616d14847b2a0fd46abe7445b7e3e7b7ee77cf SHA512 1425e7df38cd44903fe78e7728d7eb3df2d8486895f38a87c4e0c63aa5cc4a2b19032d486fcb5676201242039364a1f3d34b256606b5f8ae74028432e6d50286 WHIRLPOOL 9a48c2f00ac146c29163422c10ca62e3065a36752b865b6b9e3408edf019f3585579ac074b5325777e6a405a11d0ce09da33eb6499012377f0c9ef8c52bf2840
27 AUX qemu-2.8.0-CVE-2017-6505.patch 1481 SHA256 55e3b7e65e519caef4fdd28cccb973613759cce0d67eb64c2093b4f0a4e428e1 SHA512 5326f28a9340f392e4f32e4cd5f58cae0769859e10fd4d201983d40ec6b4d094d6a0cad2638e1e6f3e5228b93af26cc4f4a155e0d94bad89d0ea9b866f535aa7 WHIRLPOOL c88312cd5e779a98c905f175d61400ef7bb59795cc1e0392da0018a158a4c435ffa07f1e6a621db6eea925a0dbb986442eab4f79f956dc1955058fc97670f390
28 +AUX qemu-2.8.0-CVE-2017-7377.patch 1554 SHA256 36fbd8ec9fa7d910fde8b6b8905717b322bd23b50c2b2f925e1a2415ae306755 SHA512 195be1a75340c41aa89614aad8d07f2cf630eb10f3160cb8a86d85371ea9d7dcdbe9d49e9752ac3d6765c8d4c99c845408933b57cf21199f77ba09fcf79a02c8 WHIRLPOOL 8d7677ae3cfe18e34072ef23666c4658553a7d3b564d96e480ae432281d403242f2013d9fb189d473ab9c31def515401d22c04ba8e86d93d0369e95b1e371574
29 AUX qemu-2.8.0-F_SHLCK-and-F_EXLCK.patch 574 SHA256 d02353daa0ecfe161e938a5e54feab641b901f4a35c8f5831133676a6f53f43f SHA512 6b64750335aae1142ca9132fb766ac2aaeacfcdda0aa0cfca19afc4c3ea3806e30ce603fcec3767e40e84efb0ae8b9a23f21d46c807c13bb646be74f99e13389 WHIRLPOOL 7401c3daf162c71a5a5c3729855fddb5df95609b34c86ea0f4d872c8f132d6ac089cfb35a990af70aef8b7b63fe075a1e2be376b6db09bc70e8d51e48aded354
30 -AUX qemu-binfmt.initd-r1 7959 SHA256 13c2791fb48080e9f264670dbe1915f03249d87d740f9b0f2c9502fccb056d03 SHA512 8aee19b4a993113ef4fafe3ab8b561edcc0c16782b36947e757233b6d33d26b48c1b9087c0f300be0d21ad19de14c684e8f2032ae2cd28888130a37ca4d6c314 WHIRLPOOL 3d86861fbe66c0a192a5577b7cd83ab01efd184849b25f8a804aace7a1fb46d87363d6417cc21a3447d2ed50c9db4409121dddae297678e3adc7d4c71556b695
31 AUX qemu-binfmt.initd.head 1445 SHA256 a9b4b1d1ffa82d572c01f14ebfbafb4b3a4c2eb5cad5af62c059f603a9f5a277 SHA512 a735268ae9ac84d8f2f2893bf018ee6de33231fa94a823bd8502b529bb456635c1ab5cf9b440df5ede8e414291f8bf45fc53898c2f3939c50d5ec4ffa554396a WHIRLPOOL 3ec0f916d5928d464fa8416c8eac472cfa01b560bba07642ff7929799918d1c8059ac7368ff5551e6aa993027849de08035d856db7981315d8e4ec470a0f785e
32 AUX qemu-binfmt.initd.tail 245 SHA256 1b765f5212946b73b8e4d92f64d34a9d2e358ef541c02164f6d6dd93cb15e1e7 SHA512 bcca16805f8380d52cc591ea3d65a8f6e5de456730618f6aee301510edb75d235a22d4d7aeed224882210392840adb403eb53234b6cb76a4cb24533852a8b737 WHIRLPOOL 41ddd1751101646e700a6fe4ef879bd4149d646a801f97e40534051895697dcbded06a1edda51457a0d624fbf68442c3e57178a3ee8e683e35368b88d10ba4a4
33 DIST qemu-2.8.0-CVE-2016-9602-patches.tar.xz 16264 SHA256 18ac829c6003a3f997db4030a46b422028c58fead158f0c5ffe36ad65acb84e0 SHA512 a56694d1600e4fd1ffd6bbe031a0db226fc5c88306797cc4e42d1dc6127b83d1791cb4e026988b3aad82eab84382e41077ae71e532d1d3489e179730185c0964 WHIRLPOOL 22057b001c478b2b0d97ad70393c973aefc6277d89bb5a1ae03c3c39b5182ddfbe541964761f512ed5735dc442e1f40d0a955ad5b270758e21ce815be86b24bd
34 DIST qemu-2.8.0.tar.bz2 28368517 SHA256 dafd5d7f649907b6b617b822692f4c82e60cf29bc0fc58bc2036219b591e5e62 SHA512 50f2988d822388ba9fd1bf5dbe68359033ed7432d7f0f9790299f32f63faa6dc72979256b5632ba572d47ee3e74ed40e3e8e331dc6303ec1599f1b4367cb78c2 WHIRLPOOL 0ce4e0539657eb832e4039819e7360c792b6aa41c718f0e0d762f4933217f0d370af94b1d6d9776853575b4a6811d8c85db069bf09d21bd15399ac8b50440ff5
35 -EBUILD qemu-2.8.0-r3.ebuild 21992 SHA256 a2c7a92d214b05e2c6f58fb0d7263472d6a44259de99afc674df713303b432bb SHA512 80699e92ae269cb6ab33b3ec0be164111b68e25d498d8af3624f04bca799174937f1fd2cf49357e0598f6567873cdc8aac3310a1175e328207de8ca5b97856d1 WHIRLPOOL 2079c97d3aa8589c70288cbcca7e1d8591adb1b40a0846b6a683fc6c72f142892e65b6adfac750931e2e63aa33a9d99f31f9659bd5664e6145059f28ecfced1a
36 -EBUILD qemu-2.8.0-r9.ebuild 23468 SHA256 171081a422acc5ecb21cd0400cdb1ea5ad3112379e417aefe37893d1f8ef1575 SHA512 0c4dbb8a03eaf5232819b6482c853d400ffc1c863d5df360a3820a5fa418ea90e204fdf447e72acd5489d8e9294d703be85c58ecabd460f5690c51526c05bad6 WHIRLPOOL 5e8ee3b23f57a62e32f4671c7803880c551b826d0dad357bb587b6ccae4fbf74c2f90b83812c8db9e15b8531150e729bfb7d4b084c702757dc59e22d8b5ee141
37 -MISC metadata.xml 3890 SHA256 50fd5960fa2280175116b5ee5ff4a9625f02e38f560061a00b2640cde4846d69 SHA512 f19e826a9daba7f2676f0459f97e7bdc752652ccf8b9dd009fd569977015b0656fee21c74529e53b6bc51c2f19e746f417c3dc1e1472e3767cdefa0746b0876c WHIRLPOOL 03e0dafcdc13beffb0044ce5227b83aa272a21e9835fce9ad16d5bdf56ee1a4c3a1ae4b10d1cdaf405502532b84991b150de262f12fa72497052c2377046845f
38 +DIST qemu-2.8.1.tar.bz2 28366270 SHA256 018e4c7ed22c220395cf41f835d01505e49d0e579a548bd3d72b03809442bbcd SHA512 0397b4029cdcb77ed053c44b3579a3f34894038e6fc6b4aa88de14515f5a78bf2f41c5e865f37111529f567c85d2f1c4deefae47dde54f76eac79410e5b2bdda WHIRLPOOL c41f53f18fac44efd1c81ba9d95204d23e9a70dc9c21624177be2fe92a327428fd5704b25bc334229fa36ae395fb4c82ba3955db39719c4458343978a4d3141a
39 +EBUILD qemu-2.8.0-r9.ebuild 23415 SHA256 332494856afccbb1f1347731f97fc9293ededcea348e2227e9c05a0a68cdcea2 SHA512 499730d9913480fd8dd696a2201a7ac8542d046e516756bb58c001be83db043b1b88f7cf34d4c98188b37bc52569034803c1d225a97b2fc02a45eb466486e6fd WHIRLPOOL 9b561abcd59ec05024b3370ff45c05c7d0fcf617bce7a29aece0f9bada3a077ab4700ffeb777ddac9d1c1eda9a80dfe24f36d60110bc34026cb1380e1454ae25
40 +EBUILD qemu-2.8.1.ebuild 22805 SHA256 fd50a516ec50da69dc8c4dc2ea83c0a3391fcd6087d62650f37183d46c70d933 SHA512 cf05a4725142584b213a1fc03106fc4faa5eeeda5d8e5e1ef020095a2f3b289842537a731a959f628bfd5e36c03786a8404288058514e8057cc1db779b97f6eb WHIRLPOOL ba86ba5234aae044690657585f2f384b0724061e37c74a4b55df50c0c0bce5615abbb1e6566d2e1cb56b51e4e49fc1495c78cae3f25a4741b8dd7eb493d22a8a
41 +MISC metadata.xml 3794 SHA256 149f7bc9927e13bbf7355972e85df6f9f198dd17fb575a7e516817d6a88018fb SHA512 10f130f225b90dacf8262247d795a247abfdcbf3ad5fbe0693e8d4db79f755984f690cb150a7eb5a8e5d669ce404145c4fbb6b200d6362319be74759fd78b6d3 WHIRLPOOL 6a5e88caeb64387f619a19fecb55c39ccf3c8dcd360523e8d61b80051001c02fe81432c55e40b3f360295b35e9f5a1f707c570baf95cad06d18c4cd484da0ceb
42
43 diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-7377.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-7377.patch
44 new file mode 100644
45 index 0000000..f2d317c
46 --- /dev/null
47 +++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-7377.patch
48 @@ -0,0 +1,49 @@
49 +From d63fb193e71644a073b77ff5ac6f1216f2f6cf6e Mon Sep 17 00:00:00 2001
50 +From: Li Qiang <liq3ea@×××××.com>
51 +Date: Mon, 27 Mar 2017 21:13:19 +0200
52 +Subject: [PATCH] 9pfs: fix file descriptor leak
53 +
54 +The v9fs_create() and v9fs_lcreate() functions are used to create a file
55 +on the backend and to associate it to a fid. The fid shouldn't be already
56 +in-use, otherwise both functions may silently leak a file descriptor or
57 +allocated memory. The current code doesn't check that.
58 +
59 +This patch ensures that the fid isn't already associated to anything
60 +before using it.
61 +
62 +Signed-off-by: Li Qiang <liqiang6-s@×××.cn>
63 +(reworded the changelog, Greg Kurz)
64 +Signed-off-by: Greg Kurz <groug@××××.org>
65 +---
66 + hw/9pfs/9p.c | 8 ++++++++
67 + 1 file changed, 8 insertions(+)
68 +
69 +diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
70 +index b8c0b99..48babce 100644
71 +--- a/hw/9pfs/9p.c
72 ++++ b/hw/9pfs/9p.c
73 +@@ -1550,6 +1550,10 @@ static void coroutine_fn v9fs_lcreate(void *opaque)
74 + err = -ENOENT;
75 + goto out_nofid;
76 + }
77 ++ if (fidp->fid_type != P9_FID_NONE) {
78 ++ err = -EINVAL;
79 ++ goto out;
80 ++ }
81 +
82 + flags = get_dotl_openflags(pdu->s, flags);
83 + err = v9fs_co_open2(pdu, fidp, &name, gid,
84 +@@ -2153,6 +2157,10 @@ static void coroutine_fn v9fs_create(void *opaque)
85 + err = -EINVAL;
86 + goto out_nofid;
87 + }
88 ++ if (fidp->fid_type != P9_FID_NONE) {
89 ++ err = -EINVAL;
90 ++ goto out;
91 ++ }
92 + if (perm & P9_STAT_MODE_DIR) {
93 + err = v9fs_co_mkdir(pdu, fidp, &name, perm & 0777,
94 + fidp->uid, -1, &stbuf);
95 +--
96 +2.10.2
97 +
98
99 diff --git a/app-emulation/qemu/files/qemu-binfmt.initd-r1 b/app-emulation/qemu/files/qemu-binfmt.initd-r1
100 deleted file mode 100644
101 index fe62a2a..0000000
102 --- a/app-emulation/qemu/files/qemu-binfmt.initd-r1
103 +++ /dev/null
104 @@ -1,138 +0,0 @@
105 -#!/sbin/openrc-run
106 -# Copyright 1999-2016 Gentoo Foundation
107 -# Distributed under the terms of the GNU General Public License v2
108 -
109 -# enable automatic i386/ARM/M68K/MIPS/SPARC/PPC/s390 program execution by the kernel
110 -
111 -# Defaulting to OC should be safe because it comes down to:
112 -# - do we trust the interp itself to not be malicious? yes; we built it.
113 -# - do we trust the programs we're running? ish; same permission as native
114 -# binaries apply. so if user can do bad stuff natively, cross isn't worse.
115 -: ${QEMU_BINFMT_FLAGS:=OC}
116 -
117 -depend() {
118 - after procfs
119 -}
120 -
121 -start() {
122 - ebegin "Registering qemu-user binaries (flags: ${QEMU_BINFMT_FLAGS})"
123 -
124 - if [ ! -d /proc/sys/fs/binfmt_misc ] ; then
125 - modprobe -q binfmt_misc
126 - fi
127 -
128 - if [ ! -d /proc/sys/fs/binfmt_misc ] ; then
129 - eend $? "You need support for 'misc binaries' in your kernel!" || return
130 - fi
131 -
132 - if [ ! -f /proc/sys/fs/binfmt_misc/register ] ; then
133 - mount -t binfmt_misc binfmt_misc /proc/sys/fs/binfmt_misc >/dev/null 2>&1
134 - eend $? || return
135 - fi
136 -
137 - # probe cpu type
138 - cpu=`uname -m`
139 - case "$cpu" in
140 - i386|i486|i586|i686|i86pc|BePC|x86_64)
141 - cpu="i386"
142 - ;;
143 - m68k)
144 - cpu="m68k"
145 - ;;
146 - mips*)
147 - cpu="mips"
148 - ;;
149 - "Power Macintosh"|ppc|ppc64)
150 - cpu="ppc"
151 - ;;
152 - armv[4-9]*)
153 - cpu="arm"
154 - ;;
155 - sparc*)
156 - cpu="sparc"
157 - ;;
158 - esac
159 -
160 - # register the interpreter for each cpu except for the native one
161 - if [ $cpu != "i386" -a -x "/usr/bin/qemu-i386" ] ; then
162 - echo ':i386:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x03\x00:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-i386:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
163 - echo ':i486:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x06\x00:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-i386:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
164 - fi
165 - if [ $cpu != "alpha" -a -x "/usr/bin/qemu-alpha" ] ; then
166 - echo ':alpha:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x26\x90:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-alpha:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
167 - fi
168 - if [ $cpu != "arm" -a -x "/usr/bin/qemu-arm" ] ; then
169 - echo ':arm:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff:/usr/bin/qemu-arm:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
170 - fi
171 - if [ $cpu != "arm" -a -x "/usr/bin/qemu-armeb" ] ; then
172 - echo ':armeb:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-armeb:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
173 - fi
174 - if [ $cpu != "aarch64" -a -x "/usr/bin/qemu-aarch64" ] ; then
175 - echo ':aarch64:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-aarch64:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
176 - fi
177 - if [ $cpu != "sparc" -a -x "/usr/bin/qemu-sparc" ] ; then
178 - echo ':sparc:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x02:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-sparc:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
179 - fi
180 - if [ $cpu != "ppc" -a -x "/usr/bin/qemu-ppc" ] ; then
181 - echo ':ppc:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x14:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-ppc:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
182 - fi
183 - if [ $cpu != "m68k" -a -x "/usr/bin/qemu-m68k" ] ; then
184 - #echo 'Please check cpu value and header information for m68k!'
185 - echo ':m68k:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-m68k:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
186 - fi
187 - if [ $cpu != "mips" -a -x "/usr/bin/qemu-mips" ] ; then
188 - # FIXME: We could use the other endianness on a MIPS host.
189 - echo ':mips:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mips:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
190 - fi
191 - if [ $cpu != "mips" -a -x "/usr/bin/qemu-mipsel" ] ; then
192 - echo ':mipsel:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mipsel:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
193 - fi
194 - if [ $cpu != "mips" -a -x "/usr/bin/qemu-mipsn32" ] ; then
195 - echo ':mipsn32:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mipsn32:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
196 - fi
197 - if [ $cpu != "mips" -a -x "/usr/bin/qemu-mipsn32el" ] ; then
198 - echo ':mipsn32el:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mipsn32el:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
199 - fi
200 - if [ $cpu != "mips" -a -x "/usr/bin/qemu-mips64" ] ; then
201 - echo ':mips64:M::\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mips64:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
202 - fi
203 - if [ $cpu != "mips" -a -x "/usr/bin/qemu-mips64el" ] ; then
204 - echo ':mips64el:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mips64el:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
205 - fi
206 - if [ $cpu != "sh" -a -x "/usr/bin/qemu-sh4" ] ; then
207 - echo ':sh4:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2a\x00:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-sh4:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
208 - fi
209 - if [ $cpu != "sh" -a -x "/usr/bin/qemu-sh4eb" ] ; then
210 - echo ':sh4eb:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2a:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-sh4eb:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
211 - fi
212 - if [ $cpu != "s390x" -a -x "/usr/bin/qemu-s390x" ] ; then
213 - echo ':s390x:M::\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x16:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-s390x:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
214 - fi
215 - eend $?
216 -}
217 -
218 -stop() {
219 - ebegin "Unregistering qemu-user binaries"
220 - local arches
221 -
222 - arches="${arches} i386 i486"
223 - arches="${arches} alpha"
224 - arches="${arches} arm armeb"
225 - arches="${arches} aarch64"
226 - arches="${arches} sparc"
227 - arches="${arches} ppc"
228 - arches="${arches} m68k"
229 - arches="${arches} mips mipsel mipsn32 mipsn32el mips64 mips64el"
230 - arches="${arches} sh4 sh4eb"
231 - arches="${arches} s390x"
232 -
233 - for a in ${arches}; do
234 - if [ -f /proc/sys/fs/binfmt_misc/$a ] ; then
235 - echo '-1' > /proc/sys/fs/binfmt_misc/$a
236 - fi
237 - done
238 -
239 - eend $?
240 -}
241 -
242 -# vim: ts=4 :
243
244 diff --git a/app-emulation/qemu/metadata.xml b/app-emulation/qemu/metadata.xml
245 index 9a8a1a3..3fe0408 100644
246 --- a/app-emulation/qemu/metadata.xml
247 +++ b/app-emulation/qemu/metadata.xml
248 @@ -32,7 +32,6 @@
249 <flag name="sdl2">Use libsdl2 instead of libsdl</flag>
250 <flag name="spice">Enable Spice protocol support via <pkg>app-emulation/spice</pkg></flag>
251 <flag name="ssh">Enable SSH based block device support via <pkg>net-libs/libssh2</pkg></flag>
252 - <flag name="static-softmmu">Build the Software MMU (system) targets as static binaries</flag>
253 <flag name="static-user">Build the User targets as static binaries</flag>
254 <flag name="static">Build the User and Software MMU (system) targets as well as tools as static binaries</flag>
255 <flag name="snappy">Enable support for snappy compression</flag>
256
257 diff --git a/app-emulation/qemu/qemu-2.8.0-r9.ebuild b/app-emulation/qemu/qemu-2.8.0-r9.ebuild
258 index 8ba8079..97305f1 100644
259 --- a/app-emulation/qemu/qemu-2.8.0-r9.ebuild
260 +++ b/app-emulation/qemu/qemu-2.8.0-r9.ebuild
261 @@ -17,7 +17,7 @@ if [[ ${PV} = *9999* ]]; then
262 SRC_URI=""
263 else
264 SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
265 - KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd"
266 + KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd"
267 fi
268
269 # bug #606088
270 @@ -753,7 +753,6 @@ src_install() {
271
272 pkg_postinst() {
273 DISABLE_AUTOFORMATTING=true
274 - FORCE_PRINT_ELOG=1 # remove for next version bump
275 readme.gentoo_print_elog
276
277 if [[ -n ${softmmu_targets} ]] && use kernel_linux; then
278
279 diff --git a/app-emulation/qemu/qemu-2.8.0-r3.ebuild b/app-emulation/qemu/qemu-2.8.1.ebuild
280 similarity index 69%
281 rename from app-emulation/qemu/qemu-2.8.0-r3.ebuild
282 rename to app-emulation/qemu/qemu-2.8.1.ebuild
283 index 3a161b9..30f278e 100644
284 --- a/app-emulation/qemu/qemu-2.8.0-r3.ebuild
285 +++ b/app-emulation/qemu/qemu-2.8.1.ebuild
286 @@ -1,7 +1,7 @@
287 # Copyright 1999-2017 Gentoo Foundation
288 # Distributed under the terms of the GNU General Public License v2
289
290 -EAPI="5"
291 +EAPI="6"
292
293 PYTHON_COMPAT=( python2_7 )
294 PYTHON_REQ_USE="ncurses,readline"
295 @@ -13,11 +13,11 @@ inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \
296
297 if [[ ${PV} = *9999* ]]; then
298 EGIT_REPO_URI="git://git.qemu.org/qemu.git"
299 - inherit git-2
300 + inherit git-r3
301 SRC_URI=""
302 else
303 SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
304 - KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd"
305 + KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd"
306 fi
307
308 DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
309 @@ -25,19 +25,20 @@ HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
310
311 LICENSE="GPL-2 LGPL-2 BSD-2"
312 SLOT="0"
313 -IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt glusterfs \
314 -gnutls gtk gtk2 infiniband iscsi +jpeg \
315 -kernel_linux kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs
316 -+png pulseaudio python \
317 -rbd sasl +seccomp sdl sdl2 selinux smartcard snappy spice ssh static static-softmmu
318 -static-user systemtap tci test +threads usb usbredir vde +vhost-net \
319 -virgl virtfs +vnc vte xattr xen xfs"
320 -
321 -COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel mips
322 -mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc sparc64
323 -x86_64"
324 -IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS} lm32 moxie ppcemb tricore unicore32 xtensa xtensaeb"
325 -IUSE_USER_TARGETS="${COMMON_TARGETS} armeb mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx"
326 +IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt
327 + glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux
328 + kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png
329 + pulseaudio python rbd sasl +seccomp sdl sdl2 selinux smartcard snappy
330 + spice ssh static static-user systemtap tci test +threads usb usbredir
331 + vde +vhost-net virgl virtfs +vnc vte xattr xen xfs"
332 +
333 +COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel
334 + mips mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc
335 + sparc64 x86_64"
336 +IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS}
337 + lm32 moxie ppcemb tricore unicore32 xtensa xtensaeb"
338 +IUSE_USER_TARGETS="${COMMON_TARGETS}
339 + armeb mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx"
340
341 use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
342 use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS})
343 @@ -52,32 +53,37 @@ REQUIRED_USE="${PYTHON_REQUIRED_USE}
344 qemu_softmmu_targets_ppc? ( fdt )
345 qemu_softmmu_targets_ppc64? ( fdt )
346 sdl2? ( sdl )
347 - static? ( static-softmmu static-user )
348 - static-softmmu? ( !alsa !pulseaudio !bluetooth !opengl !gtk !gtk2 )
349 + static? ( static-user !alsa !bluetooth !gtk !gtk2 !opengl !pulseaudio )
350 virtfs? ( xattr )
351 vte? ( gtk )"
352
353 +# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
354 +# and user/softmmu targets (qemu-*, qemu-system-*).
355 +#
356 # Yep, you need both libcap and libcap-ng since virtfs only uses libcap.
357 #
358 # The attr lib isn't always linked in (although the USE flag is always
359 # respected). This is because qemu supports using the C library's API
360 # when available rather than always using the extranl library.
361 -#
362 -# Older versions of gnutls are supported, but it's simpler to just require
363 -# the latest versions. This is also why we require nettle.
364 -#
365 -# TODO: Split out tools deps into another var. e.g. bzip2 is only used by
366 -# system binaries and tools, not user binaries.
367 -COMMON_LIB_DEPEND=">=dev-libs/glib-2.0[static-libs(+)]
368 +ALL_DEPEND="
369 + >=dev-libs/glib-2.0[static-libs(+)]
370 + >=x11-libs/pixman-0.28.0[static-libs(+)]
371 sys-libs/zlib[static-libs(+)]
372 - bzip2? ( app-arch/bzip2[static-libs(+)] )
373 + python? ( ${PYTHON_DEPS} )
374 + systemtap? ( dev-util/systemtap )
375 xattr? ( sys-apps/attr[static-libs(+)] )"
376 -SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND}
377 - >=x11-libs/pixman-0.28.0[static-libs(+)]
378 - accessibility? ( app-accessibility/brltty[static-libs(+)] )
379 +
380 +# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
381 +# softmmu targets (qemu-system-*).
382 +SOFTMMU_TOOLS_DEPEND="
383 + accessibility? (
384 + app-accessibility/brltty[api]
385 + app-accessibility/brltty[static-libs(+)]
386 + )
387 aio? ( dev-libs/libaio[static-libs(+)] )
388 alsa? ( >=media-libs/alsa-lib-1.0.13 )
389 bluetooth? ( net-wireless/bluez )
390 + bzip2? ( app-arch/bzip2[static-libs(+)] )
391 caps? ( sys-libs/libcap-ng[static-libs(+)] )
392 curl? ( >=net-misc/curl-7.15.4[static-libs(+)] )
393 fdt? ( >=sys-apps/dtc-1.4.0[static-libs(+)] )
394 @@ -139,8 +145,9 @@ SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND}
395 vde? ( net-misc/vde[static-libs(+)] )
396 virgl? ( media-libs/virglrenderer[static-libs(+)] )
397 virtfs? ( sys-libs/libcap )
398 + xen? ( app-emulation/xen-tools:= )
399 xfs? ( sys-fs/xfsprogs[static-libs(+)] )"
400 -USER_LIB_DEPEND="${COMMON_LIB_DEPEND}"
401 +
402 X86_FIRMWARE_DEPEND="
403 >=sys-firmware/ipxe-1.0.0_p20130624
404 pin-upstream-blobs? (
405 @@ -153,14 +160,14 @@ X86_FIRMWARE_DEPEND="
406 sys-firmware/sgabios
407 sys-firmware/vgabios
408 )"
409 +
410 CDEPEND="
411 - !static-softmmu? ( $(printf "%s? ( ${SOFTMMU_LIB_DEPEND//\[static-libs(+)]} ) " ${use_softmmu_targets}) )
412 - !static-user? ( $(printf "%s? ( ${USER_LIB_DEPEND//\[static-libs(+)]} ) " ${use_user_targets}) )
413 + !static? (
414 + ${ALL_DEPEND//\[static-libs(+)]}
415 + ${SOFTMMU_TOOLS_DEPEND//\[static-libs(+)]}
416 + )
417 qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} )
418 - qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )
419 - python? ( ${PYTHON_DEPS} )
420 - systemtap? ( dev-util/systemtap )
421 - xen? ( app-emulation/xen-tools:= )"
422 + qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )"
423 DEPEND="${CDEPEND}
424 dev-lang/perl
425 =dev-lang/python-2*
426 @@ -168,15 +175,45 @@ DEPEND="${CDEPEND}
427 virtual/pkgconfig
428 kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 )
429 gtk? ( nls? ( sys-devel/gettext ) )
430 - static-softmmu? ( $(printf "%s? ( ${SOFTMMU_LIB_DEPEND} ) " ${use_softmmu_targets}) )
431 - static-user? ( $(printf "%s? ( ${USER_LIB_DEPEND} ) " ${use_user_targets}) )
432 + static? (
433 + ${ALL_DEPEND}
434 + ${SOFTMMU_TOOLS_DEPEND}
435 + )
436 + static-user? ( ${ALL_DEPEND} )
437 test? (
438 dev-libs/glib[utils]
439 sys-devel/bc
440 )"
441 RDEPEND="${CDEPEND}
442 - selinux? ( sec-policy/selinux-qemu )
443 -"
444 + selinux? ( sec-policy/selinux-qemu )"
445 +
446 +PATCHES=(
447 + # musl patches
448 + "${FILESDIR}"/${PN}-2.8.0-F_SHLCK-and-F_EXLCK.patch
449 + "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
450 + "${FILESDIR}"/${PN}-2.2.0-_sigev_un.patch
451 +
452 + # gentoo patches
453 + "${FILESDIR}"/${PN}-2.5.0-cflags.patch
454 + "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
455 + "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8669-1.patch #597108
456 + "${FILESDIR}"/${PN}-2.8.0-CVE-2016-9908.patch #601826
457 + "${FILESDIR}"/${PN}-2.8.0-CVE-2016-9912.patch #602630
458 + "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10028.patch #603444
459 + "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10155.patch #606720
460 + "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-1.patch #606264
461 + "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-2.patch
462 + "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5552.patch #606722
463 + "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5578.patch #607000
464 + "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5579.patch #607100
465 + "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5856.patch #608036
466 + "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5857.patch #608038
467 + "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5898.patch #608520
468 + "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5973.patch #609334
469 + "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5987.patch #609398
470 + "${FILESDIR}"/${PN}-2.8.0-CVE-2017-6505.patch #612220
471 + "${FILESDIR}"/${PN}-2.8.0-CVE-2017-7377.patch #614744
472 +)
473
474 STRIP_MASK="/usr/share/qemu/palcode-clipper"
475
476 @@ -186,8 +223,7 @@ QA_PREBUILT="
477 usr/share/qemu/openbios-sparc32
478 usr/share/qemu/palcode-clipper
479 usr/share/qemu/s390-ccw.img
480 - usr/share/qemu/u-boot.e500
481 -"
482 + usr/share/qemu/u-boot.e500"
483
484 QA_WX_LOAD="usr/bin/qemu-i386
485 usr/bin/qemu-x86_64
486 @@ -212,27 +248,26 @@ QA_WX_LOAD="usr/bin/qemu-i386
487 usr/bin/qemu-s390x
488 usr/bin/qemu-unicore32"
489
490 -DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure
491 -you have the kernel module loaded before running kvm. The easiest way to
492 -ensure that the kernel module is loaded is to load it on boot.\n
493 -For AMD CPUs the module is called 'kvm-amd'.\n
494 -For Intel CPUs the module is called 'kvm-intel'.\n
495 -Please review /etc/conf.d/modules for how to load these.\n\n
496 -Make sure your user is in the 'kvm' group\n
497 -Just run 'gpasswd -a <USER> kvm', then have <USER> re-login.\n\n
498 -For brand new installs, the default permissions on /dev/kvm might not let you
499 -access it. You can tell udev to reset ownership/perms:\n
500 -udevadm trigger -c add /dev/kvm"
501 -
502 -qemu_support_kvm() {
503 - if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386 \
504 - use qemu_softmmu_targets_ppc || use qemu_softmmu_targets_ppc64 \
505 - use qemu_softmmu_targets_s390x; then
506 - return 0
507 - fi
508 +DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure you have the
509 +kernel module loaded before running kvm. The easiest way to ensure that the
510 +kernel module is loaded is to load it on boot.
511 + For AMD CPUs the module is called 'kvm-amd'.
512 + For Intel CPUs the module is called 'kvm-intel'.
513 +Please review /etc/conf.d/modules for how to load these.
514
515 - return 1
516 -}
517 +Make sure your user is in the 'kvm' group. Just run
518 + $ gpasswd -a <USER> kvm
519 +then have <USER> re-login.
520 +
521 +For brand new installs, the default permissions on /dev/kvm might not let
522 +you access it. You can tell udev to reset ownership/perms:
523 + $ udevadm trigger -c add /dev/kvm
524 +
525 +If you want to register binfmt handlers for qemu user targets:
526 +For openrc:
527 + # rc-update add qemu-binfmt
528 +For systemd:
529 + # ln -s /usr/share/qemu/binfmt.d/qemu.conf /etc/binfmt.d/qemu.conf"
530
531 pkg_pretend() {
532 if use kernel_linux && kernel_is lt 2 6 25; then
533 @@ -333,34 +368,7 @@ src_prepare() {
534 -e 's/^(C|OP_C|HELPER_C)FLAGS=/\1FLAGS+=/' \
535 Makefile Makefile.target || die
536
537 - # Patching for musl
538 - epatch "${FILESDIR}"/${PN}-2.8.0-F_SHLCK-and-F_EXLCK.patch
539 - epatch "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
540 - epatch "${FILESDIR}"/${PN}-2.2.0-_sigev_un.patch
541 -
542 - epatch "${FILESDIR}"/${PN}-2.5.0-cflags.patch
543 - epatch "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
544 - epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8669-1.patch #597108
545 - epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2016-9908.patch #601826
546 - epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2016-9912.patch #602630
547 - epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10028.patch #603444
548 - epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10155.patch #606720
549 - epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-2615.patch #608034
550 - epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-2630.patch #609396
551 - epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-1.patch #606264
552 - epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-2.patch
553 - epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5552.patch #606722
554 - epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5578.patch #607000
555 - epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5579.patch #607100
556 - epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5667.patch #607766
557 - epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5856.patch #608036
558 - epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5857.patch #608038
559 - epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5898.patch #608520
560 - epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5931.patch #608728
561 - epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5973.patch #609334
562 - epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5987.patch #609398
563 - epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-6058.patch #609638
564 - epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-2620.patch #609206
565 + default
566
567 # Fix ld and objcopy being called directly
568 tc-export AR LD OBJCOPY
569 @@ -368,8 +376,6 @@ src_prepare() {
570 # Verbose builds
571 MAKEOPTS+=" V=1"
572
573 - epatch_user
574 -
575 # Run after we've applied all patches.
576 handle_locales
577 }
578 @@ -383,7 +389,6 @@ qemu_src_configure() {
579
580 local buildtype=$1
581 local builddir="${S}/${buildtype}-build"
582 - local static_flag="static-${buildtype}"
583
584 mkdir "${builddir}"
585
586 @@ -412,9 +417,9 @@ qemu_src_configure() {
587 $(use_enable xattr attr)
588 )
589
590 - # Disable options not used by user targets as the default configure
591 - # options will autoprobe and try to link in a bunch of unused junk.
592 - conf_softmmu() {
593 + # Disable options not used by user targets. This simplifies building
594 + # static user targets (USE=static-user) considerably.
595 + conf_notuser() {
596 if [[ ${buildtype} == "user" ]] ; then
597 echo "--disable-${2:-$1}"
598 else
599 @@ -422,48 +427,61 @@ qemu_src_configure() {
600 fi
601 }
602 conf_opts+=(
603 - $(conf_softmmu accessibility brlapi)
604 - $(conf_softmmu aio linux-aio)
605 - $(conf_softmmu bzip2)
606 - $(conf_softmmu bluetooth bluez)
607 - $(conf_softmmu caps cap-ng)
608 - $(conf_softmmu curl)
609 - $(conf_softmmu fdt)
610 - $(conf_softmmu glusterfs)
611 - $(conf_softmmu gnutls)
612 - $(conf_softmmu gnutls nettle)
613 - $(conf_softmmu gtk)
614 - $(conf_softmmu infiniband rdma)
615 - $(conf_softmmu iscsi libiscsi)
616 - $(conf_softmmu jpeg vnc-jpeg)
617 - $(conf_softmmu kernel_linux kvm)
618 - $(conf_softmmu lzo)
619 - $(conf_softmmu ncurses curses)
620 - $(conf_softmmu nfs libnfs)
621 - $(conf_softmmu numa)
622 - $(conf_softmmu opengl)
623 - $(conf_softmmu png vnc-png)
624 - $(conf_softmmu rbd)
625 - $(conf_softmmu sasl vnc-sasl)
626 - $(conf_softmmu sdl)
627 - $(conf_softmmu seccomp)
628 - $(conf_softmmu smartcard)
629 - $(conf_softmmu snappy)
630 - $(conf_softmmu spice)
631 - $(conf_softmmu ssh libssh2)
632 - $(conf_softmmu usb libusb)
633 - $(conf_softmmu usbredir usb-redir)
634 - $(conf_softmmu vde)
635 - $(conf_softmmu vhost-net)
636 - $(conf_softmmu virgl virglrenderer)
637 - $(conf_softmmu virtfs)
638 - $(conf_softmmu vnc)
639 - $(conf_softmmu vte)
640 - $(conf_softmmu xen)
641 - $(conf_softmmu xen xen-pci-passthrough)
642 - $(conf_softmmu xfs xfsctl)
643 + $(conf_notuser accessibility brlapi)
644 + $(conf_notuser aio linux-aio)
645 + $(conf_notuser bzip2)
646 + $(conf_notuser bluetooth bluez)
647 + $(conf_notuser caps cap-ng)
648 + $(conf_notuser curl)
649 + $(conf_notuser fdt)
650 + $(conf_notuser glusterfs)
651 + $(conf_notuser gnutls)
652 + $(conf_notuser gnutls nettle)
653 + $(conf_notuser gtk)
654 + $(conf_notuser infiniband rdma)
655 + $(conf_notuser iscsi libiscsi)
656 + $(conf_notuser jpeg vnc-jpeg)
657 + $(conf_notuser kernel_linux kvm)
658 + $(conf_notuser lzo)
659 + $(conf_notuser ncurses curses)
660 + $(conf_notuser nfs libnfs)
661 + $(conf_notuser numa)
662 + $(conf_notuser opengl)
663 + $(conf_notuser png vnc-png)
664 + $(conf_notuser rbd)
665 + $(conf_notuser sasl vnc-sasl)
666 + $(conf_notuser sdl)
667 + $(conf_notuser seccomp)
668 + $(conf_notuser smartcard)
669 + $(conf_notuser snappy)
670 + $(conf_notuser spice)
671 + $(conf_notuser ssh libssh2)
672 + $(conf_notuser usb libusb)
673 + $(conf_notuser usbredir usb-redir)
674 + $(conf_notuser vde)
675 + $(conf_notuser vhost-net)
676 + $(conf_notuser virgl virglrenderer)
677 + $(conf_notuser virtfs)
678 + $(conf_notuser vnc)
679 + $(conf_notuser vte)
680 + $(conf_notuser xen)
681 + $(conf_notuser xen xen-pci-passthrough)
682 + $(conf_notuser xfs xfsctl)
683 )
684
685 + if [[ ! ${buildtype} == "user" ]] ; then
686 + # audio options
687 + local audio_opts="oss"
688 + use alsa && audio_opts="alsa,${audio_opts}"
689 + use sdl && audio_opts="sdl,${audio_opts}"
690 + use pulseaudio && audio_opts="pa,${audio_opts}"
691 + conf_opts+=(
692 + --audio-drv-list="${audio_opts}"
693 + )
694 + use gtk && conf_opts+=( --with-gtkabi=$(usex gtk2 2.0 3.0) )
695 + use sdl && conf_opts+=( --with-sdlabi=$(usex sdl2 2.0 1.2) )
696 + fi
697 +
698 case ${buildtype} in
699 user)
700 conf_opts+=(
701 @@ -472,31 +490,25 @@ qemu_src_configure() {
702 --disable-blobs
703 --disable-tools
704 )
705 + local static_flag="static-user"
706 ;;
707 softmmu)
708 - # audio options
709 - local audio_opts="oss"
710 - use alsa && audio_opts="alsa,${audio_opts}"
711 - use sdl && audio_opts="sdl,${audio_opts}"
712 - use pulseaudio && audio_opts="pa,${audio_opts}"
713 -
714 conf_opts+=(
715 --disable-linux-user
716 --enable-system
717 + --disable-tools
718 --with-system-pixman
719 - --audio-drv-list="${audio_opts}"
720 )
721 - use gtk && conf_opts+=( --with-gtkabi=$(usex gtk2 2.0 3.0) )
722 - use sdl && conf_opts+=( --with-sdlabi=$(usex sdl2 2.0 1.2) )
723 + local static_flag="static"
724 ;;
725 tools)
726 conf_opts+=(
727 --disable-linux-user
728 --disable-system
729 --disable-blobs
730 - $(use_enable bzip2)
731 + --enable-tools
732 )
733 - static_flag="static"
734 + local static_flag="static"
735 ;;
736 esac
737
738 @@ -552,7 +564,7 @@ src_configure() {
739
740 [[ -n ${softmmu_targets} ]] && qemu_src_configure "softmmu"
741 [[ -n ${user_targets} ]] && qemu_src_configure "user"
742 - [[ -z ${softmmu_targets}${user_targets} ]] && qemu_src_configure "tools"
743 + qemu_src_configure "tools"
744 }
745
746 src_compile() {
747 @@ -566,10 +578,8 @@ src_compile() {
748 default
749 fi
750
751 - if [[ -z ${softmmu_targets}${user_targets} ]]; then
752 - cd "${S}/tools-build"
753 - default
754 - fi
755 + cd "${S}/tools-build"
756 + default
757 }
758
759 src_test() {
760 @@ -589,13 +599,69 @@ qemu_python_install() {
761 python_doscript "${S}/scripts/qmp/qemu-ga-client"
762 }
763
764 +# Generate binfmt support files.
765 +# - /etc/init.d/qemu-binfmt script which registers the user handlers (openrc)
766 +# - /usr/share/qemu/binfmt.d/qemu.conf (for use with systemd-binfmt)
767 +generate_initd() {
768 + local out="${T}/qemu-binfmt"
769 + local out_systemd="${T}/qemu.conf"
770 + local d="${T}/binfmt.d"
771 +
772 + einfo "Generating qemu binfmt scripts and configuration files"
773 +
774 + # Generate the debian fragments first.
775 + mkdir -p "${d}"
776 + "${S}"/scripts/qemu-binfmt-conf.sh \
777 + --debian \
778 + --exportdir "${d}" \
779 + --qemu-path "${EPREFIX}/usr/bin" \
780 + || die
781 + # Then turn the fragments into a shell script we can source.
782 + sed -E -i \
783 + -e 's:^([^ ]+) (.*)$:\1="\2":' \
784 + "${d}"/* || die
785 +
786 + # Generate the init.d script by assembling the fragments from above.
787 + local f qcpu package interpreter magic mask
788 + cat "${FILESDIR}"/qemu-binfmt.initd.head >"${out}" || die
789 + for f in "${d}"/qemu-* ; do
790 + source "${f}"
791 +
792 + # Normalize the cpu logic like we do in the init.d for the native cpu.
793 + qcpu=${package#qemu-}
794 + case ${qcpu} in
795 + arm*) qcpu="arm";;
796 + mips*) qcpu="mips";;
797 + ppc*) qcpu="ppc";;
798 + s390*) qcpu="s390";;
799 + sh*) qcpu="sh";;
800 + sparc*) qcpu="sparc";;
801 + esac
802 +
803 + cat <<EOF >>"${out}"
804 + if [ "\${cpu}" != "${qcpu}" -a -x "${interpreter}" ] ; then
805 + echo ':${package}:M::${magic}:${mask}:${interpreter}:'"\${QEMU_BINFMT_FLAGS}" >/proc/sys/fs/binfmt_misc/register
806 + fi
807 +EOF
808 +
809 + echo ":${package}:M::${magic}:${mask}:${interpreter}:OC" >>"${out_systemd}"
810 +
811 + done
812 + cat "${FILESDIR}"/qemu-binfmt.initd.tail >>"${out}" || die
813 +}
814 +
815 src_install() {
816 if [[ -n ${user_targets} ]]; then
817 cd "${S}/user-build"
818 emake DESTDIR="${ED}" install
819
820 - # Install binfmt handler init script for user targets
821 - newinitd "${FILESDIR}/qemu-binfmt.initd-r1" qemu-binfmt
822 + # Install binfmt handler init script for user targets.
823 + generate_initd
824 + doinitd "${T}/qemu-binfmt"
825 +
826 + # Install binfmt/qemu.conf.
827 + insinto "/usr/share/qemu/binfmt.d"
828 + doins "${T}/qemu.conf"
829 fi
830
831 if [[ -n ${softmmu_targets} ]]; then
832 @@ -614,14 +680,12 @@ src_install() {
833 fi
834 fi
835
836 - if [[ -z ${softmmu_targets}${user_targets} ]]; then
837 - cd "${S}/tools-build"
838 - emake DESTDIR="${ED}" install
839 - fi
840 + cd "${S}/tools-build"
841 + emake DESTDIR="${ED}" install
842
843 # Disable mprotect on the qemu binaries as they use JITs to be fast #459348
844 pushd "${ED}"/usr/bin >/dev/null
845 - pax-mark m "${softmmu_bins[@]}" "${user_bins[@]}"
846 + pax-mark mr "${softmmu_bins[@]}" "${user_bins[@]}" # bug 575594
847 popd >/dev/null
848
849 # Install config file example for qemu-bridge-helper
850 @@ -675,13 +739,13 @@ src_install() {
851 fi
852 fi
853
854 - qemu_support_kvm && readme.gentoo_create_doc
855 + DISABLE_AUTOFORMATTING=true
856 + readme.gentoo_create_doc
857 }
858
859 pkg_postinst() {
860 - if qemu_support_kvm; then
861 - readme.gentoo_print_elog
862 - fi
863 + DISABLE_AUTOFORMATTING=true
864 + readme.gentoo_print_elog
865
866 if [[ -n ${softmmu_targets} ]] && use kernel_linux; then
867 udev_reload
Report Message
Find on MARC Find on Google Groups