1 |
commit: 23224f9e55bfc2ec41c8a8906a44e60791de07b5 |
2 |
Author: Matthias Maier <tamiko <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sun Nov 12 20:10:34 2017 +0000 |
4 |
Commit: Matthias Maier <tamiko <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Nov 12 20:22:03 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=23224f9e |
7 |
|
8 |
app-emulation/qemu: Version bump to 2.10.1, various security fixes |
9 |
|
10 |
Bug: https://bugs.gentoo.org/630432 |
11 |
Bug: https://bugs.gentoo.org/633822 |
12 |
Bug: https://bugs.gentoo.org/634070 |
13 |
Bug: https://bugs.gentoo.org/634148 |
14 |
Package-Manager: Portage-2.3.8, Repoman-2.3.4 |
15 |
|
16 |
app-emulation/qemu/Manifest | 1 + |
17 |
.../qemu/files/qemu-2.10.0-CVE-2017-13711.patch | 80 --- |
18 |
.../qemu/files/qemu-2.10.1-CVE-2017-15268.patch | 54 ++ |
19 |
.../qemu/files/qemu-2.10.1-CVE-2017-15289.patch | 58 ++ |
20 |
app-emulation/qemu/qemu-2.10.1.ebuild | 796 +++++++++++++++++++++ |
21 |
5 files changed, 909 insertions(+), 80 deletions(-) |
22 |
|
23 |
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest |
24 |
index 156b9a616ac..95c955ceb92 100644 |
25 |
--- a/app-emulation/qemu/Manifest |
26 |
+++ b/app-emulation/qemu/Manifest |
27 |
@@ -1 +1,2 @@ |
28 |
DIST qemu-2.10.0.tar.bz2 30955656 SHA256 7e9f39e1306e6dcc595494e91c1464d4b03f55ddd2053183e0e1b69f7f776d48 SHA512 ea21c014030f8a902df159641e6ccb45f0850ac5cb1cb8ab6845124c44ea5def54845e7bc66a6e80d624c78069f9baa913ee5119704076ae4ff47ab018ace9f9 WHIRLPOOL 58f846788fdf2b0c90e6d17ce921a1fe02556968d38ffc11be7e32b81ebc723dfeaa790f22d8085d4f388eb01fe0daa3ddbc00630c5ecba083df33cc9709fb39 |
29 |
+DIST qemu-2.10.1.tar.bz2 30821108 SHA256 8e040bc7556401ebb3a347a8f7878e9d4028cf71b2744b1a1699f4e741966ba8 SHA512 1a4a6ebf700ec6851c83cc2a71eaea8d95f14c685d094eaaa86c740eb9401e49a79074b72385f58681ca7646771a99bb6bbd9bebb39162f7220626d37ed0654f WHIRLPOOL 79b1b8c19affc799e1a42c02a7c2fea13bf4ca1f9a2aa6e765d529aa3531f68cca77e92264561b2884314074f3148469f5a2f976c3473beb5ed0568617ce777b |
30 |
|
31 |
diff --git a/app-emulation/qemu/files/qemu-2.10.0-CVE-2017-13711.patch b/app-emulation/qemu/files/qemu-2.10.0-CVE-2017-13711.patch |
32 |
deleted file mode 100644 |
33 |
index 9d026568492..00000000000 |
34 |
--- a/app-emulation/qemu/files/qemu-2.10.0-CVE-2017-13711.patch |
35 |
+++ /dev/null |
36 |
@@ -1,80 +0,0 @@ |
37 |
-From 1201d308519f1e915866d7583d5136d03cc1d384 Mon Sep 17 00:00:00 2001 |
38 |
-From: Samuel Thibault <samuel.thibault@××××××××.org> |
39 |
-Date: Fri, 25 Aug 2017 01:35:53 +0200 |
40 |
-Subject: [PATCH] slirp: fix clearing ifq_so from pending packets |
41 |
-MIME-Version: 1.0 |
42 |
-Content-Type: text/plain; charset=UTF-8 |
43 |
-Content-Transfer-Encoding: 8bit |
44 |
- |
45 |
-The if_fastq and if_batchq contain not only packets, but queues of packets |
46 |
-for the same socket. When sofree frees a socket, it thus has to clear ifq_so |
47 |
-from all the packets from the queues, not only the first. |
48 |
- |
49 |
-Signed-off-by: Samuel Thibault <samuel.thibault@××××××××.org> |
50 |
-Reviewed-by: Philippe Mathieu-Daudé <f4bug@×××××.org> |
51 |
-Cc: qemu-stable@××××××.org |
52 |
-Signed-off-by: Peter Maydell <peter.maydell@××××××.org> |
53 |
---- |
54 |
- slirp/socket.c | 39 +++++++++++++++++++++++---------------- |
55 |
- 1 file changed, 23 insertions(+), 16 deletions(-) |
56 |
- |
57 |
-diff --git a/slirp/socket.c b/slirp/socket.c |
58 |
-index ecec0295a9..cb7b5b608d 100644 |
59 |
---- a/slirp/socket.c |
60 |
-+++ b/slirp/socket.c |
61 |
-@@ -60,29 +60,36 @@ socreate(Slirp *slirp) |
62 |
- } |
63 |
- |
64 |
- /* |
65 |
-+ * Remove references to so from the given message queue. |
66 |
-+ */ |
67 |
-+static void |
68 |
-+soqfree(struct socket *so, struct quehead *qh) |
69 |
-+{ |
70 |
-+ struct mbuf *ifq; |
71 |
-+ |
72 |
-+ for (ifq = (struct mbuf *) qh->qh_link; |
73 |
-+ (struct quehead *) ifq != qh; |
74 |
-+ ifq = ifq->ifq_next) { |
75 |
-+ if (ifq->ifq_so == so) { |
76 |
-+ struct mbuf *ifm; |
77 |
-+ ifq->ifq_so = NULL; |
78 |
-+ for (ifm = ifq->ifs_next; ifm != ifq; ifm = ifm->ifs_next) { |
79 |
-+ ifm->ifq_so = NULL; |
80 |
-+ } |
81 |
-+ } |
82 |
-+ } |
83 |
-+} |
84 |
-+ |
85 |
-+/* |
86 |
- * remque and free a socket, clobber cache |
87 |
- */ |
88 |
- void |
89 |
- sofree(struct socket *so) |
90 |
- { |
91 |
- Slirp *slirp = so->slirp; |
92 |
-- struct mbuf *ifm; |
93 |
- |
94 |
-- for (ifm = (struct mbuf *) slirp->if_fastq.qh_link; |
95 |
-- (struct quehead *) ifm != &slirp->if_fastq; |
96 |
-- ifm = ifm->ifq_next) { |
97 |
-- if (ifm->ifq_so == so) { |
98 |
-- ifm->ifq_so = NULL; |
99 |
-- } |
100 |
-- } |
101 |
-- |
102 |
-- for (ifm = (struct mbuf *) slirp->if_batchq.qh_link; |
103 |
-- (struct quehead *) ifm != &slirp->if_batchq; |
104 |
-- ifm = ifm->ifq_next) { |
105 |
-- if (ifm->ifq_so == so) { |
106 |
-- ifm->ifq_so = NULL; |
107 |
-- } |
108 |
-- } |
109 |
-+ soqfree(so, &slirp->if_fastq); |
110 |
-+ soqfree(so, &slirp->if_batchq); |
111 |
- |
112 |
- if (so->so_emu==EMU_RSH && so->extra) { |
113 |
- sofree(so->extra); |
114 |
--- |
115 |
-2.13.5 |
116 |
- |
117 |
|
118 |
diff --git a/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15268.patch b/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15268.patch |
119 |
new file mode 100644 |
120 |
index 00000000000..7d08b32b027 |
121 |
--- /dev/null |
122 |
+++ b/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15268.patch |
123 |
@@ -0,0 +1,54 @@ |
124 |
+From a7b20a8efa28e5f22c26c06cd06c2f12bc863493 Mon Sep 17 00:00:00 2001 |
125 |
+From: "Daniel P. Berrange" <berrange@××××××.com> |
126 |
+Date: Mon, 9 Oct 2017 14:43:42 +0100 |
127 |
+Subject: [PATCH] io: monitor encoutput buffer size from websocket GSource |
128 |
+ |
129 |
+The websocket GSource is monitoring the size of the rawoutput |
130 |
+buffer to determine if the channel can accepts more writes. |
131 |
+The rawoutput buffer, however, is merely a temporary staging |
132 |
+buffer before data is copied into the encoutput buffer. Thus |
133 |
+its size will always be zero when the GSource runs. |
134 |
+ |
135 |
+This flaw causes the encoutput buffer to grow without bound |
136 |
+if the other end of the underlying data channel doesn't |
137 |
+read data being sent. This can be seen with VNC if a client |
138 |
+is on a slow WAN link and the guest OS is sending many screen |
139 |
+updates. A malicious VNC client can act like it is on a slow |
140 |
+link by playing a video in the guest and then reading data |
141 |
+very slowly, causing QEMU host memory to expand arbitrarily. |
142 |
+ |
143 |
+This issue is assigned CVE-2017-15268, publically reported in |
144 |
+ |
145 |
+ https://bugs.launchpad.net/qemu/+bug/1718964 |
146 |
+ |
147 |
+Reviewed-by: Eric Blake <eblake@××××××.com> |
148 |
+Signed-off-by: Daniel P. Berrange <berrange@××××××.com> |
149 |
+--- |
150 |
+ io/channel-websock.c | 4 ++-- |
151 |
+ 1 file changed, 2 insertions(+), 2 deletions(-) |
152 |
+ |
153 |
+diff --git a/io/channel-websock.c b/io/channel-websock.c |
154 |
+index d1d471f86e..04bcc059cd 100644 |
155 |
+--- a/io/channel-websock.c |
156 |
++++ b/io/channel-websock.c |
157 |
+@@ -28,7 +28,7 @@ |
158 |
+ #include <time.h> |
159 |
+ |
160 |
+ |
161 |
+-/* Max amount to allow in rawinput/rawoutput buffers */ |
162 |
++/* Max amount to allow in rawinput/encoutput buffers */ |
163 |
+ #define QIO_CHANNEL_WEBSOCK_MAX_BUFFER 8192 |
164 |
+ |
165 |
+ #define QIO_CHANNEL_WEBSOCK_CLIENT_KEY_LEN 24 |
166 |
+@@ -1208,7 +1208,7 @@ qio_channel_websock_source_check(GSource *source) |
167 |
+ if (wsource->wioc->rawinput.offset || wsource->wioc->io_eof) { |
168 |
+ cond |= G_IO_IN; |
169 |
+ } |
170 |
+- if (wsource->wioc->rawoutput.offset < QIO_CHANNEL_WEBSOCK_MAX_BUFFER) { |
171 |
++ if (wsource->wioc->encoutput.offset < QIO_CHANNEL_WEBSOCK_MAX_BUFFER) { |
172 |
+ cond |= G_IO_OUT; |
173 |
+ } |
174 |
+ |
175 |
+-- |
176 |
+2.13.6 |
177 |
+ |
178 |
|
179 |
diff --git a/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15289.patch b/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15289.patch |
180 |
new file mode 100644 |
181 |
index 00000000000..a4ad2d5e435 |
182 |
--- /dev/null |
183 |
+++ b/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15289.patch |
184 |
@@ -0,0 +1,58 @@ |
185 |
+From eb38e1bc3740725ca29a535351de94107ec58d51 Mon Sep 17 00:00:00 2001 |
186 |
+From: Gerd Hoffmann <kraxel@××××××.com> |
187 |
+Date: Wed, 11 Oct 2017 10:43:14 +0200 |
188 |
+Subject: [PATCH] cirrus: fix oob access in mode4and5 write functions |
189 |
+ |
190 |
+Move dst calculation into the loop, so we apply the mask on each |
191 |
+interation and will not overflow vga memory. |
192 |
+ |
193 |
+Cc: Prasad J Pandit <pjp@×××××××××××××.org> |
194 |
+Reported-by: Niu Guoxiang <niuguoxiang@××××××.com> |
195 |
+Signed-off-by: Gerd Hoffmann <kraxel@××××××.com> |
196 |
+Message-id: 20171011084314.21752-1-kraxel@××××××.com |
197 |
+--- |
198 |
+ hw/display/cirrus_vga.c | 6 ++---- |
199 |
+ 1 file changed, 2 insertions(+), 4 deletions(-) |
200 |
+ |
201 |
+diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c |
202 |
+index b4d579857a..bc32bf1e39 100644 |
203 |
+--- a/hw/display/cirrus_vga.c |
204 |
++++ b/hw/display/cirrus_vga.c |
205 |
+@@ -2038,15 +2038,14 @@ static void cirrus_mem_writeb_mode4and5_8bpp(CirrusVGAState * s, |
206 |
+ unsigned val = mem_value; |
207 |
+ uint8_t *dst; |
208 |
+ |
209 |
+- dst = s->vga.vram_ptr + (offset &= s->cirrus_addr_mask); |
210 |
+ for (x = 0; x < 8; x++) { |
211 |
++ dst = s->vga.vram_ptr + ((offset + x) & s->cirrus_addr_mask); |
212 |
+ if (val & 0x80) { |
213 |
+ *dst = s->cirrus_shadow_gr1; |
214 |
+ } else if (mode == 5) { |
215 |
+ *dst = s->cirrus_shadow_gr0; |
216 |
+ } |
217 |
+ val <<= 1; |
218 |
+- dst++; |
219 |
+ } |
220 |
+ memory_region_set_dirty(&s->vga.vram, offset, 8); |
221 |
+ } |
222 |
+@@ -2060,8 +2059,8 @@ static void cirrus_mem_writeb_mode4and5_16bpp(CirrusVGAState * s, |
223 |
+ unsigned val = mem_value; |
224 |
+ uint8_t *dst; |
225 |
+ |
226 |
+- dst = s->vga.vram_ptr + (offset &= s->cirrus_addr_mask); |
227 |
+ for (x = 0; x < 8; x++) { |
228 |
++ dst = s->vga.vram_ptr + ((offset + 2 * x) & s->cirrus_addr_mask & ~1); |
229 |
+ if (val & 0x80) { |
230 |
+ *dst = s->cirrus_shadow_gr1; |
231 |
+ *(dst + 1) = s->vga.gr[0x11]; |
232 |
+@@ -2070,7 +2069,6 @@ static void cirrus_mem_writeb_mode4and5_16bpp(CirrusVGAState * s, |
233 |
+ *(dst + 1) = s->vga.gr[0x10]; |
234 |
+ } |
235 |
+ val <<= 1; |
236 |
+- dst += 2; |
237 |
+ } |
238 |
+ memory_region_set_dirty(&s->vga.vram, offset, 16); |
239 |
+ } |
240 |
+-- |
241 |
+2.13.6 |
242 |
+ |
243 |
|
244 |
diff --git a/app-emulation/qemu/qemu-2.10.1.ebuild b/app-emulation/qemu/qemu-2.10.1.ebuild |
245 |
new file mode 100644 |
246 |
index 00000000000..e5aec863641 |
247 |
--- /dev/null |
248 |
+++ b/app-emulation/qemu/qemu-2.10.1.ebuild |
249 |
@@ -0,0 +1,796 @@ |
250 |
+# Copyright 1999-2017 Gentoo Foundation |
251 |
+# Distributed under the terms of the GNU General Public License v2 |
252 |
+ |
253 |
+EAPI="6" |
254 |
+ |
255 |
+PYTHON_COMPAT=( python2_7 ) |
256 |
+PYTHON_REQ_USE="ncurses,readline" |
257 |
+ |
258 |
+PLOCALES="bg de_DE fr_FR hu it tr zh_CN" |
259 |
+ |
260 |
+FIRMWARE_ABI_VERSION="2.9.0-r52" |
261 |
+ |
262 |
+inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \ |
263 |
+ user udev fcaps readme.gentoo-r1 pax-utils l10n |
264 |
+ |
265 |
+if [[ ${PV} = *9999* ]]; then |
266 |
+ EGIT_REPO_URI="git://git.qemu.org/qemu.git" |
267 |
+ inherit git-r3 |
268 |
+ SRC_URI="" |
269 |
+else |
270 |
+ SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2" |
271 |
+ KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd" |
272 |
+fi |
273 |
+ |
274 |
+DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools" |
275 |
+HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org" |
276 |
+ |
277 |
+LICENSE="GPL-2 LGPL-2 BSD-2" |
278 |
+SLOT="0" |
279 |
+IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt |
280 |
+ glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux |
281 |
+ kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png |
282 |
+ pulseaudio python rbd sasl +seccomp sdl sdl2 selinux smartcard snappy |
283 |
+ spice ssh static static-user systemtap tci test usb usbredir vde |
284 |
+ +vhost-net virgl virtfs +vnc vte xattr xen xfs" |
285 |
+ |
286 |
+COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel |
287 |
+ mips mips64 mips64el mipsel nios2 or1k ppc ppc64 s390x sh4 sh4eb sparc |
288 |
+ sparc64 x86_64" |
289 |
+IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS} |
290 |
+ lm32 moxie ppcemb tricore unicore32 xtensa xtensaeb" |
291 |
+IUSE_USER_TARGETS="${COMMON_TARGETS} |
292 |
+ armeb hppa mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx" |
293 |
+ |
294 |
+use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS}) |
295 |
+use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS}) |
296 |
+IUSE+=" ${use_softmmu_targets} ${use_user_targets}" |
297 |
+ |
298 |
+# Allow no targets to be built so that people can get a tools-only build. |
299 |
+# Block USE flag configurations known to not work. |
300 |
+REQUIRED_USE="${PYTHON_REQUIRED_USE} |
301 |
+ gtk2? ( gtk ) |
302 |
+ qemu_softmmu_targets_arm? ( fdt ) |
303 |
+ qemu_softmmu_targets_microblaze? ( fdt ) |
304 |
+ qemu_softmmu_targets_mips64el? ( fdt ) |
305 |
+ qemu_softmmu_targets_ppc? ( fdt ) |
306 |
+ qemu_softmmu_targets_ppc64? ( fdt ) |
307 |
+ sdl2? ( sdl ) |
308 |
+ static? ( static-user !alsa !bluetooth !gtk !gtk2 !opengl !pulseaudio ) |
309 |
+ virtfs? ( xattr ) |
310 |
+ vte? ( gtk )" |
311 |
+ |
312 |
+# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...) |
313 |
+# and user/softmmu targets (qemu-*, qemu-system-*). |
314 |
+# |
315 |
+# Yep, you need both libcap and libcap-ng since virtfs only uses libcap. |
316 |
+# |
317 |
+# The attr lib isn't always linked in (although the USE flag is always |
318 |
+# respected). This is because qemu supports using the C library's API |
319 |
+# when available rather than always using the extranl library. |
320 |
+ALL_DEPEND=" |
321 |
+ >=dev-libs/glib-2.0[static-libs(+)] |
322 |
+ sys-libs/zlib[static-libs(+)] |
323 |
+ python? ( ${PYTHON_DEPS} ) |
324 |
+ systemtap? ( dev-util/systemtap ) |
325 |
+ xattr? ( sys-apps/attr[static-libs(+)] )" |
326 |
+ |
327 |
+# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...) |
328 |
+# softmmu targets (qemu-system-*). |
329 |
+SOFTMMU_TOOLS_DEPEND=" |
330 |
+ >=x11-libs/pixman-0.28.0[static-libs(+)] |
331 |
+ accessibility? ( |
332 |
+ app-accessibility/brltty[api] |
333 |
+ app-accessibility/brltty[static-libs(+)] |
334 |
+ ) |
335 |
+ aio? ( dev-libs/libaio[static-libs(+)] ) |
336 |
+ alsa? ( >=media-libs/alsa-lib-1.0.13 ) |
337 |
+ bluetooth? ( net-wireless/bluez ) |
338 |
+ bzip2? ( app-arch/bzip2[static-libs(+)] ) |
339 |
+ caps? ( sys-libs/libcap-ng[static-libs(+)] ) |
340 |
+ curl? ( >=net-misc/curl-7.15.4[static-libs(+)] ) |
341 |
+ fdt? ( >=sys-apps/dtc-1.4.2[static-libs(+)] ) |
342 |
+ glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] ) |
343 |
+ gnutls? ( |
344 |
+ dev-libs/nettle:=[static-libs(+)] |
345 |
+ >=net-libs/gnutls-3.0:=[static-libs(+)] |
346 |
+ ) |
347 |
+ gtk? ( |
348 |
+ gtk2? ( |
349 |
+ x11-libs/gtk+:2 |
350 |
+ vte? ( x11-libs/vte:0 ) |
351 |
+ ) |
352 |
+ !gtk2? ( |
353 |
+ x11-libs/gtk+:3 |
354 |
+ vte? ( x11-libs/vte:2.91 ) |
355 |
+ ) |
356 |
+ ) |
357 |
+ infiniband? ( sys-fabric/librdmacm:=[static-libs(+)] ) |
358 |
+ iscsi? ( net-libs/libiscsi ) |
359 |
+ jpeg? ( virtual/jpeg:0=[static-libs(+)] ) |
360 |
+ lzo? ( dev-libs/lzo:2[static-libs(+)] ) |
361 |
+ ncurses? ( |
362 |
+ sys-libs/ncurses:0=[unicode] |
363 |
+ sys-libs/ncurses:0=[static-libs(+)] |
364 |
+ ) |
365 |
+ nfs? ( >=net-fs/libnfs-1.9.3[static-libs(+)] ) |
366 |
+ numa? ( sys-process/numactl[static-libs(+)] ) |
367 |
+ opengl? ( |
368 |
+ virtual/opengl |
369 |
+ media-libs/libepoxy[static-libs(+)] |
370 |
+ media-libs/mesa[static-libs(+)] |
371 |
+ media-libs/mesa[egl,gbm] |
372 |
+ ) |
373 |
+ png? ( media-libs/libpng:0=[static-libs(+)] ) |
374 |
+ pulseaudio? ( media-sound/pulseaudio ) |
375 |
+ rbd? ( sys-cluster/ceph[static-libs(+)] ) |
376 |
+ sasl? ( dev-libs/cyrus-sasl[static-libs(+)] ) |
377 |
+ sdl? ( |
378 |
+ !sdl2? ( |
379 |
+ media-libs/libsdl[X] |
380 |
+ >=media-libs/libsdl-1.2.11[static-libs(+)] |
381 |
+ ) |
382 |
+ sdl2? ( |
383 |
+ media-libs/libsdl2[X] |
384 |
+ media-libs/libsdl2[static-libs(+)] |
385 |
+ ) |
386 |
+ ) |
387 |
+ seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] ) |
388 |
+ smartcard? ( >=app-emulation/libcacard-2.5.0[static-libs(+)] ) |
389 |
+ snappy? ( app-arch/snappy:=[static-libs(+)] ) |
390 |
+ spice? ( |
391 |
+ >=app-emulation/spice-protocol-0.12.3 |
392 |
+ >=app-emulation/spice-0.12.0[static-libs(+)] |
393 |
+ ) |
394 |
+ ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] ) |
395 |
+ usb? ( >=virtual/libusb-1-r2[static-libs(+)] ) |
396 |
+ usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] ) |
397 |
+ vde? ( net-misc/vde[static-libs(+)] ) |
398 |
+ virgl? ( media-libs/virglrenderer[static-libs(+)] ) |
399 |
+ virtfs? ( sys-libs/libcap ) |
400 |
+ xen? ( app-emulation/xen-tools:= ) |
401 |
+ xfs? ( sys-fs/xfsprogs[static-libs(+)] )" |
402 |
+ |
403 |
+X86_FIRMWARE_DEPEND=" |
404 |
+ pin-upstream-blobs? ( |
405 |
+ ~sys-firmware/edk2-ovmf-2017_pre20170505[binary] |
406 |
+ ~sys-firmware/ipxe-1.0.0_p20160620 |
407 |
+ ~sys-firmware/seabios-1.10.2[binary,seavgabios] |
408 |
+ ~sys-firmware/sgabios-0.1_pre8 |
409 |
+ ) |
410 |
+ !pin-upstream-blobs? ( |
411 |
+ sys-firmware/edk2-ovmf |
412 |
+ sys-firmware/ipxe |
413 |
+ >=sys-firmware/seabios-1.10.2[seavgabios] |
414 |
+ sys-firmware/sgabios |
415 |
+ )" |
416 |
+PPC64_FIRMWARE_DEPEND=" |
417 |
+ pin-upstream-blobs? ( |
418 |
+ ~sys-firmware/seabios-1.10.2[binary,seavgabios] |
419 |
+ ) |
420 |
+ !pin-upstream-blobs? ( |
421 |
+ >=sys-firmware/seabios-1.10.2[seavgabios] |
422 |
+ ) |
423 |
+" |
424 |
+ |
425 |
+CDEPEND=" |
426 |
+ !static? ( |
427 |
+ ${ALL_DEPEND//\[static-libs(+)]} |
428 |
+ ${SOFTMMU_TOOLS_DEPEND//\[static-libs(+)]} |
429 |
+ ) |
430 |
+ qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} ) |
431 |
+ qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} ) |
432 |
+ qemu_softmmu_targets_ppc64? ( ${PPC64_FIRMWARE_DEPEND} ) |
433 |
+" |
434 |
+DEPEND="${CDEPEND} |
435 |
+ dev-lang/perl |
436 |
+ =dev-lang/python-2* |
437 |
+ sys-apps/texinfo |
438 |
+ virtual/pkgconfig |
439 |
+ kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 ) |
440 |
+ gtk? ( nls? ( sys-devel/gettext ) ) |
441 |
+ static? ( |
442 |
+ ${ALL_DEPEND} |
443 |
+ ${SOFTMMU_TOOLS_DEPEND} |
444 |
+ ) |
445 |
+ static-user? ( ${ALL_DEPEND} ) |
446 |
+ test? ( |
447 |
+ dev-libs/glib[utils] |
448 |
+ sys-devel/bc |
449 |
+ )" |
450 |
+RDEPEND="${CDEPEND} |
451 |
+ selinux? ( sec-policy/selinux-qemu )" |
452 |
+ |
453 |
+PATCHES=( |
454 |
+ "${FILESDIR}"/${PN}-2.5.0-cflags.patch |
455 |
+ "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch |
456 |
+ "${FILESDIR}"/${PN}-2.10.1-CVE-2017-15268.patch |
457 |
+ "${FILESDIR}"/${PN}-2.10.1-CVE-2017-15289.patch |
458 |
+) |
459 |
+ |
460 |
+STRIP_MASK="/usr/share/qemu/palcode-clipper" |
461 |
+ |
462 |
+QA_PREBUILT=" |
463 |
+ usr/share/qemu/openbios-ppc |
464 |
+ usr/share/qemu/openbios-sparc64 |
465 |
+ usr/share/qemu/openbios-sparc32 |
466 |
+ usr/share/qemu/palcode-clipper |
467 |
+ usr/share/qemu/s390-ccw.img |
468 |
+ usr/share/qemu/s390-netboot.img |
469 |
+ usr/share/qemu/u-boot.e500" |
470 |
+ |
471 |
+QA_WX_LOAD="usr/bin/qemu-i386 |
472 |
+ usr/bin/qemu-x86_64 |
473 |
+ usr/bin/qemu-alpha |
474 |
+ usr/bin/qemu-arm |
475 |
+ usr/bin/qemu-cris |
476 |
+ usr/bin/qemu-m68k |
477 |
+ usr/bin/qemu-microblaze |
478 |
+ usr/bin/qemu-microblazeel |
479 |
+ usr/bin/qemu-mips |
480 |
+ usr/bin/qemu-mipsel |
481 |
+ usr/bin/qemu-or1k |
482 |
+ usr/bin/qemu-ppc |
483 |
+ usr/bin/qemu-ppc64 |
484 |
+ usr/bin/qemu-ppc64abi32 |
485 |
+ usr/bin/qemu-sh4 |
486 |
+ usr/bin/qemu-sh4eb |
487 |
+ usr/bin/qemu-sparc |
488 |
+ usr/bin/qemu-sparc64 |
489 |
+ usr/bin/qemu-armeb |
490 |
+ usr/bin/qemu-sparc32plus |
491 |
+ usr/bin/qemu-s390x |
492 |
+ usr/bin/qemu-unicore32" |
493 |
+ |
494 |
+DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure you have the |
495 |
+kernel module loaded before running kvm. The easiest way to ensure that the |
496 |
+kernel module is loaded is to load it on boot. |
497 |
+ For AMD CPUs the module is called 'kvm-amd'. |
498 |
+ For Intel CPUs the module is called 'kvm-intel'. |
499 |
+Please review /etc/conf.d/modules for how to load these. |
500 |
+ |
501 |
+Make sure your user is in the 'kvm' group. Just run |
502 |
+ $ gpasswd -a <USER> kvm |
503 |
+then have <USER> re-login. |
504 |
+ |
505 |
+For brand new installs, the default permissions on /dev/kvm might not let |
506 |
+you access it. You can tell udev to reset ownership/perms: |
507 |
+ $ udevadm trigger -c add /dev/kvm |
508 |
+ |
509 |
+If you want to register binfmt handlers for qemu user targets: |
510 |
+For openrc: |
511 |
+ # rc-update add qemu-binfmt |
512 |
+For systemd: |
513 |
+ # ln -s /usr/share/qemu/binfmt.d/qemu.conf /etc/binfmt.d/qemu.conf" |
514 |
+ |
515 |
+pkg_pretend() { |
516 |
+ if use kernel_linux && kernel_is lt 2 6 25; then |
517 |
+ eerror "This version of KVM requres a host kernel of 2.6.25 or higher." |
518 |
+ elif use kernel_linux; then |
519 |
+ if ! linux_config_exists; then |
520 |
+ eerror "Unable to check your kernel for KVM support" |
521 |
+ else |
522 |
+ CONFIG_CHECK="~KVM ~TUN ~BRIDGE" |
523 |
+ ERROR_KVM="You must enable KVM in your kernel to continue" |
524 |
+ ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in" |
525 |
+ ERROR_KVM_AMD+=" your kernel configuration." |
526 |
+ ERROR_KVM_INTEL="If you have an Intel CPU, you must enable" |
527 |
+ ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration." |
528 |
+ ERROR_TUN="You will need the Universal TUN/TAP driver compiled" |
529 |
+ ERROR_TUN+=" into your kernel or loaded as a module to use the" |
530 |
+ ERROR_TUN+=" virtual network device if using -net tap." |
531 |
+ ERROR_BRIDGE="You will also need support for 802.1d" |
532 |
+ ERROR_BRIDGE+=" Ethernet Bridging for some network configurations." |
533 |
+ use vhost-net && CONFIG_CHECK+=" ~VHOST_NET" |
534 |
+ ERROR_VHOST_NET="You must enable VHOST_NET to have vhost-net" |
535 |
+ ERROR_VHOST_NET+=" support" |
536 |
+ |
537 |
+ if use amd64 || use x86 || use amd64-linux || use x86-linux; then |
538 |
+ CONFIG_CHECK+=" ~KVM_AMD ~KVM_INTEL" |
539 |
+ fi |
540 |
+ |
541 |
+ use python && CONFIG_CHECK+=" ~DEBUG_FS" |
542 |
+ ERROR_DEBUG_FS="debugFS support required for kvm_stat" |
543 |
+ |
544 |
+ # Now do the actual checks setup above |
545 |
+ check_extra_config |
546 |
+ fi |
547 |
+ fi |
548 |
+ |
549 |
+ if grep -qs '/usr/bin/qemu-kvm' "${EROOT}"/etc/libvirt/qemu/*.xml; then |
550 |
+ eerror "The kvm/qemu-kvm wrappers no longer exist, but your libvirt" |
551 |
+ eerror "instances are still pointing to it. Please update your" |
552 |
+ eerror "configs in /etc/libvirt/qemu/ to use the -enable-kvm flag" |
553 |
+ eerror "and the right system binary (e.g. qemu-system-x86_64)." |
554 |
+ die "update your virt configs to not use qemu-kvm" |
555 |
+ fi |
556 |
+} |
557 |
+ |
558 |
+pkg_setup() { |
559 |
+ enewgroup kvm 78 |
560 |
+} |
561 |
+ |
562 |
+# Sanity check to make sure target lists are kept up-to-date. |
563 |
+check_targets() { |
564 |
+ local var=$1 mak=$2 |
565 |
+ local detected sorted |
566 |
+ |
567 |
+ pushd "${S}"/default-configs >/dev/null || die |
568 |
+ |
569 |
+ # Force C locale until glibc is updated. #564936 |
570 |
+ detected=$(echo $(printf '%s\n' *-${mak}.mak | sed "s:-${mak}.mak::" | LC_COLLATE=C sort -u)) |
571 |
+ sorted=$(echo $(printf '%s\n' ${!var} | LC_COLLATE=C sort -u)) |
572 |
+ if [[ ${sorted} != "${detected}" ]] ; then |
573 |
+ eerror "The ebuild needs to be kept in sync." |
574 |
+ eerror "${var}: ${sorted}" |
575 |
+ eerror "$(printf '%-*s' ${#var} configure): ${detected}" |
576 |
+ die "sync ${var} to the list of targets" |
577 |
+ fi |
578 |
+ |
579 |
+ popd >/dev/null |
580 |
+} |
581 |
+ |
582 |
+handle_locales() { |
583 |
+ # Make sure locale list is kept up-to-date. |
584 |
+ local detected sorted |
585 |
+ detected=$(echo $(cd po && printf '%s\n' *.po | grep -v messages.po | sed 's:.po$::' | sort -u)) |
586 |
+ sorted=$(echo $(printf '%s\n' ${PLOCALES} | sort -u)) |
587 |
+ if [[ ${sorted} != "${detected}" ]] ; then |
588 |
+ eerror "The ebuild needs to be kept in sync." |
589 |
+ eerror "PLOCALES: ${sorted}" |
590 |
+ eerror " po/*.po: ${detected}" |
591 |
+ die "sync PLOCALES" |
592 |
+ fi |
593 |
+ |
594 |
+ # Deal with selective install of locales. |
595 |
+ if use nls ; then |
596 |
+ # Delete locales the user does not want. #577814 |
597 |
+ rm_loc() { rm po/$1.po || die; } |
598 |
+ l10n_for_each_disabled_locale_do rm_loc |
599 |
+ else |
600 |
+ # Cheap hack to disable gettext .mo generation. |
601 |
+ rm -f po/*.po |
602 |
+ fi |
603 |
+} |
604 |
+ |
605 |
+src_prepare() { |
606 |
+ check_targets IUSE_SOFTMMU_TARGETS softmmu |
607 |
+ check_targets IUSE_USER_TARGETS linux-user |
608 |
+ |
609 |
+ # Alter target makefiles to accept CFLAGS set via flag-o |
610 |
+ sed -i -r \ |
611 |
+ -e 's/^(C|OP_C|HELPER_C)FLAGS=/\1FLAGS+=/' \ |
612 |
+ Makefile Makefile.target || die |
613 |
+ |
614 |
+ default |
615 |
+ |
616 |
+ # Fix ld and objcopy being called directly |
617 |
+ tc-export AR LD OBJCOPY |
618 |
+ |
619 |
+ # Verbose builds |
620 |
+ MAKEOPTS+=" V=1" |
621 |
+ |
622 |
+ # Run after we've applied all patches. |
623 |
+ handle_locales |
624 |
+ |
625 |
+ # Remove bundled copy of libfdt |
626 |
+ rm -r dtc || die |
627 |
+} |
628 |
+ |
629 |
+## |
630 |
+# configures qemu based on the build directory and the build type |
631 |
+# we are using. |
632 |
+# |
633 |
+qemu_src_configure() { |
634 |
+ debug-print-function ${FUNCNAME} "$@" |
635 |
+ |
636 |
+ local buildtype=$1 |
637 |
+ local builddir="${S}/${buildtype}-build" |
638 |
+ |
639 |
+ mkdir "${builddir}" |
640 |
+ |
641 |
+ local conf_opts=( |
642 |
+ --prefix=/usr |
643 |
+ --sysconfdir=/etc |
644 |
+ --libdir=/usr/$(get_libdir) |
645 |
+ --docdir=/usr/share/doc/${PF}/html |
646 |
+ --disable-bsd-user |
647 |
+ --disable-guest-agent |
648 |
+ --disable-strip |
649 |
+ --disable-werror |
650 |
+ # We support gnutls/nettle for crypto operations. It is possible |
651 |
+ # to use gcrypt when gnutls/nettle are disabled (but not when they |
652 |
+ # are enabled), but it's not really worth the hassle. Disable it |
653 |
+ # all the time to avoid automatically detecting it. #568856 |
654 |
+ --disable-gcrypt |
655 |
+ --python="${PYTHON}" |
656 |
+ --cc="$(tc-getCC)" |
657 |
+ --cxx="$(tc-getCXX)" |
658 |
+ --host-cc="$(tc-getBUILD_CC)" |
659 |
+ $(use_enable debug debug-info) |
660 |
+ $(use_enable debug debug-tcg) |
661 |
+ --enable-docs |
662 |
+ $(use_enable tci tcg-interpreter) |
663 |
+ $(use_enable xattr attr) |
664 |
+ ) |
665 |
+ |
666 |
+ # Disable options not used by user targets. This simplifies building |
667 |
+ # static user targets (USE=static-user) considerably. |
668 |
+ conf_notuser() { |
669 |
+ if [[ ${buildtype} == "user" ]] ; then |
670 |
+ echo "--disable-${2:-$1}" |
671 |
+ else |
672 |
+ use_enable "$@" |
673 |
+ fi |
674 |
+ } |
675 |
+ conf_opts+=( |
676 |
+ $(conf_notuser accessibility brlapi) |
677 |
+ $(conf_notuser aio linux-aio) |
678 |
+ $(conf_notuser bzip2) |
679 |
+ $(conf_notuser bluetooth bluez) |
680 |
+ $(conf_notuser caps cap-ng) |
681 |
+ $(conf_notuser curl) |
682 |
+ $(conf_notuser fdt) |
683 |
+ $(conf_notuser glusterfs) |
684 |
+ $(conf_notuser gnutls) |
685 |
+ $(conf_notuser gnutls nettle) |
686 |
+ $(conf_notuser gtk) |
687 |
+ $(conf_notuser infiniband rdma) |
688 |
+ $(conf_notuser iscsi libiscsi) |
689 |
+ $(conf_notuser jpeg vnc-jpeg) |
690 |
+ $(conf_notuser kernel_linux kvm) |
691 |
+ $(conf_notuser lzo) |
692 |
+ $(conf_notuser ncurses curses) |
693 |
+ $(conf_notuser nfs libnfs) |
694 |
+ $(conf_notuser numa) |
695 |
+ $(conf_notuser opengl) |
696 |
+ $(conf_notuser png vnc-png) |
697 |
+ $(conf_notuser rbd) |
698 |
+ $(conf_notuser sasl vnc-sasl) |
699 |
+ $(conf_notuser sdl) |
700 |
+ $(conf_notuser seccomp) |
701 |
+ $(conf_notuser smartcard) |
702 |
+ $(conf_notuser snappy) |
703 |
+ $(conf_notuser spice) |
704 |
+ $(conf_notuser ssh libssh2) |
705 |
+ $(conf_notuser usb libusb) |
706 |
+ $(conf_notuser usbredir usb-redir) |
707 |
+ $(conf_notuser vde) |
708 |
+ $(conf_notuser vhost-net) |
709 |
+ $(conf_notuser virgl virglrenderer) |
710 |
+ $(conf_notuser virtfs) |
711 |
+ $(conf_notuser vnc) |
712 |
+ $(conf_notuser vte) |
713 |
+ $(conf_notuser xen) |
714 |
+ $(conf_notuser xen xen-pci-passthrough) |
715 |
+ $(conf_notuser xfs xfsctl) |
716 |
+ ) |
717 |
+ |
718 |
+ if [[ ! ${buildtype} == "user" ]] ; then |
719 |
+ # audio options |
720 |
+ local audio_opts="oss" |
721 |
+ use alsa && audio_opts="alsa,${audio_opts}" |
722 |
+ use sdl && audio_opts="sdl,${audio_opts}" |
723 |
+ use pulseaudio && audio_opts="pa,${audio_opts}" |
724 |
+ conf_opts+=( |
725 |
+ --audio-drv-list="${audio_opts}" |
726 |
+ ) |
727 |
+ use gtk && conf_opts+=( --with-gtkabi=$(usex gtk2 2.0 3.0) ) |
728 |
+ use sdl && conf_opts+=( --with-sdlabi=$(usex sdl2 2.0 1.2) ) |
729 |
+ fi |
730 |
+ |
731 |
+ case ${buildtype} in |
732 |
+ user) |
733 |
+ conf_opts+=( |
734 |
+ --enable-linux-user |
735 |
+ --disable-system |
736 |
+ --disable-blobs |
737 |
+ --disable-tools |
738 |
+ ) |
739 |
+ local static_flag="static-user" |
740 |
+ ;; |
741 |
+ softmmu) |
742 |
+ conf_opts+=( |
743 |
+ --disable-linux-user |
744 |
+ --enable-system |
745 |
+ --disable-tools |
746 |
+ --with-system-pixman |
747 |
+ ) |
748 |
+ local static_flag="static" |
749 |
+ ;; |
750 |
+ tools) |
751 |
+ conf_opts+=( |
752 |
+ --disable-linux-user |
753 |
+ --disable-system |
754 |
+ --disable-blobs |
755 |
+ --enable-tools |
756 |
+ ) |
757 |
+ local static_flag="static" |
758 |
+ ;; |
759 |
+ esac |
760 |
+ |
761 |
+ local targets="${buildtype}_targets" |
762 |
+ [[ -n ${targets} ]] && conf_opts+=( --target-list="${!targets}" ) |
763 |
+ |
764 |
+ # Add support for SystemTAP |
765 |
+ use systemtap && conf_opts+=( --enable-trace-backend=dtrace ) |
766 |
+ |
767 |
+ # We always want to attempt to build with PIE support as it results |
768 |
+ # in a more secure binary. But it doesn't work with static or if |
769 |
+ # the current GCC doesn't have PIE support. |
770 |
+ if use ${static_flag}; then |
771 |
+ conf_opts+=( --static --disable-pie ) |
772 |
+ else |
773 |
+ tc-enables-pie && conf_opts+=( --enable-pie ) |
774 |
+ fi |
775 |
+ |
776 |
+ echo "../configure ${conf_opts[*]}" |
777 |
+ cd "${builddir}" |
778 |
+ ../configure "${conf_opts[@]}" || die "configure failed" |
779 |
+ |
780 |
+ # FreeBSD's kernel does not support QEMU assigning/grabbing |
781 |
+ # host USB devices yet |
782 |
+ use kernel_FreeBSD && \ |
783 |
+ sed -i -E -e "s|^(HOST_USB=)bsd|\1stub|" "${S}"/config-host.mak |
784 |
+} |
785 |
+ |
786 |
+src_configure() { |
787 |
+ local target |
788 |
+ |
789 |
+ python_setup |
790 |
+ |
791 |
+ softmmu_targets= softmmu_bins=() |
792 |
+ user_targets= user_bins=() |
793 |
+ |
794 |
+ for target in ${IUSE_SOFTMMU_TARGETS} ; do |
795 |
+ if use "qemu_softmmu_targets_${target}"; then |
796 |
+ softmmu_targets+=",${target}-softmmu" |
797 |
+ softmmu_bins+=( "qemu-system-${target}" ) |
798 |
+ fi |
799 |
+ done |
800 |
+ |
801 |
+ for target in ${IUSE_USER_TARGETS} ; do |
802 |
+ if use "qemu_user_targets_${target}"; then |
803 |
+ user_targets+=",${target}-linux-user" |
804 |
+ user_bins+=( "qemu-${target}" ) |
805 |
+ fi |
806 |
+ done |
807 |
+ |
808 |
+ softmmu_targets=${softmmu_targets#,} |
809 |
+ user_targets=${user_targets#,} |
810 |
+ |
811 |
+ [[ -n ${softmmu_targets} ]] && qemu_src_configure "softmmu" |
812 |
+ [[ -n ${user_targets} ]] && qemu_src_configure "user" |
813 |
+ qemu_src_configure "tools" |
814 |
+} |
815 |
+ |
816 |
+src_compile() { |
817 |
+ if [[ -n ${user_targets} ]]; then |
818 |
+ cd "${S}/user-build" |
819 |
+ default |
820 |
+ fi |
821 |
+ |
822 |
+ if [[ -n ${softmmu_targets} ]]; then |
823 |
+ cd "${S}/softmmu-build" |
824 |
+ default |
825 |
+ fi |
826 |
+ |
827 |
+ cd "${S}/tools-build" |
828 |
+ default |
829 |
+} |
830 |
+ |
831 |
+src_test() { |
832 |
+ if [[ -n ${softmmu_targets} ]]; then |
833 |
+ cd "${S}/softmmu-build" |
834 |
+ pax-mark m */qemu-system-* #515550 |
835 |
+ emake -j1 check |
836 |
+ emake -j1 check-report.html |
837 |
+ fi |
838 |
+} |
839 |
+ |
840 |
+qemu_python_install() { |
841 |
+ python_domodule "${S}/scripts/qmp/qmp.py" |
842 |
+ |
843 |
+ python_doscript "${S}/scripts/kvm/vmxcap" |
844 |
+ python_doscript "${S}/scripts/qmp/qmp-shell" |
845 |
+ python_doscript "${S}/scripts/qmp/qemu-ga-client" |
846 |
+} |
847 |
+ |
848 |
+# Generate binfmt support files. |
849 |
+# - /etc/init.d/qemu-binfmt script which registers the user handlers (openrc) |
850 |
+# - /usr/share/qemu/binfmt.d/qemu.conf (for use with systemd-binfmt) |
851 |
+generate_initd() { |
852 |
+ local out="${T}/qemu-binfmt" |
853 |
+ local out_systemd="${T}/qemu.conf" |
854 |
+ local d="${T}/binfmt.d" |
855 |
+ |
856 |
+ einfo "Generating qemu binfmt scripts and configuration files" |
857 |
+ |
858 |
+ # Generate the debian fragments first. |
859 |
+ mkdir -p "${d}" |
860 |
+ "${S}"/scripts/qemu-binfmt-conf.sh \ |
861 |
+ --debian \ |
862 |
+ --exportdir "${d}" \ |
863 |
+ --qemu-path "${EPREFIX}/usr/bin" \ |
864 |
+ || die |
865 |
+ # Then turn the fragments into a shell script we can source. |
866 |
+ sed -E -i \ |
867 |
+ -e 's:^([^ ]+) (.*)$:\1="\2":' \ |
868 |
+ "${d}"/* || die |
869 |
+ |
870 |
+ # Generate the init.d script by assembling the fragments from above. |
871 |
+ local f qcpu package interpreter magic mask |
872 |
+ cat "${FILESDIR}"/qemu-binfmt.initd.head >"${out}" || die |
873 |
+ for f in "${d}"/qemu-* ; do |
874 |
+ source "${f}" |
875 |
+ |
876 |
+ # Normalize the cpu logic like we do in the init.d for the native cpu. |
877 |
+ qcpu=${package#qemu-} |
878 |
+ case ${qcpu} in |
879 |
+ arm*) qcpu="arm";; |
880 |
+ mips*) qcpu="mips";; |
881 |
+ ppc*) qcpu="ppc";; |
882 |
+ s390*) qcpu="s390";; |
883 |
+ sh*) qcpu="sh";; |
884 |
+ sparc*) qcpu="sparc";; |
885 |
+ esac |
886 |
+ |
887 |
+ cat <<EOF >>"${out}" |
888 |
+ if [ "\${cpu}" != "${qcpu}" -a -x "${interpreter}" ] ; then |
889 |
+ echo ':${package}:M::${magic}:${mask}:${interpreter}:'"\${QEMU_BINFMT_FLAGS}" >/proc/sys/fs/binfmt_misc/register |
890 |
+ fi |
891 |
+EOF |
892 |
+ |
893 |
+ echo ":${package}:M::${magic}:${mask}:${interpreter}:OC" >>"${out_systemd}" |
894 |
+ |
895 |
+ done |
896 |
+ cat "${FILESDIR}"/qemu-binfmt.initd.tail >>"${out}" || die |
897 |
+} |
898 |
+ |
899 |
+src_install() { |
900 |
+ if [[ -n ${user_targets} ]]; then |
901 |
+ cd "${S}/user-build" |
902 |
+ emake DESTDIR="${ED}" install |
903 |
+ |
904 |
+ # Install binfmt handler init script for user targets. |
905 |
+ generate_initd |
906 |
+ doinitd "${T}/qemu-binfmt" |
907 |
+ |
908 |
+ # Install binfmt/qemu.conf. |
909 |
+ insinto "/usr/share/qemu/binfmt.d" |
910 |
+ doins "${T}/qemu.conf" |
911 |
+ fi |
912 |
+ |
913 |
+ if [[ -n ${softmmu_targets} ]]; then |
914 |
+ cd "${S}/softmmu-build" |
915 |
+ emake DESTDIR="${ED}" install |
916 |
+ |
917 |
+ # This might not exist if the test failed. #512010 |
918 |
+ [[ -e check-report.html ]] && dohtml check-report.html |
919 |
+ |
920 |
+ if use kernel_linux; then |
921 |
+ udev_newrules "${FILESDIR}"/65-kvm.rules-r1 65-kvm.rules |
922 |
+ fi |
923 |
+ |
924 |
+ if use python; then |
925 |
+ python_foreach_impl qemu_python_install |
926 |
+ fi |
927 |
+ fi |
928 |
+ |
929 |
+ cd "${S}/tools-build" |
930 |
+ emake DESTDIR="${ED}" install |
931 |
+ |
932 |
+ # Disable mprotect on the qemu binaries as they use JITs to be fast #459348 |
933 |
+ pushd "${ED}"/usr/bin >/dev/null |
934 |
+ pax-mark mr "${softmmu_bins[@]}" "${user_bins[@]}" # bug 575594 |
935 |
+ popd >/dev/null |
936 |
+ |
937 |
+ # Install config file example for qemu-bridge-helper |
938 |
+ insinto "/etc/qemu" |
939 |
+ doins "${FILESDIR}/bridge.conf" |
940 |
+ |
941 |
+ cd "${S}" |
942 |
+ dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt |
943 |
+ newdoc pc-bios/README README.pc-bios |
944 |
+ |
945 |
+ if [[ -n ${softmmu_targets} ]]; then |
946 |
+ # Remove SeaBIOS since we're using the SeaBIOS packaged one |
947 |
+ rm "${ED}/usr/share/qemu/bios.bin" |
948 |
+ rm "${ED}/usr/share/qemu/bios-256k.bin" |
949 |
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then |
950 |
+ dosym ../seabios/bios.bin /usr/share/qemu/bios.bin |
951 |
+ dosym ../seabios/bios-256k.bin /usr/share/qemu/bios-256k.bin |
952 |
+ fi |
953 |
+ |
954 |
+ # Remove vgabios since we're using the seavgabios packaged one |
955 |
+ rm "${ED}/usr/share/qemu/vgabios.bin" |
956 |
+ rm "${ED}/usr/share/qemu/vgabios-cirrus.bin" |
957 |
+ rm "${ED}/usr/share/qemu/vgabios-qxl.bin" |
958 |
+ rm "${ED}/usr/share/qemu/vgabios-stdvga.bin" |
959 |
+ rm "${ED}/usr/share/qemu/vgabios-virtio.bin" |
960 |
+ rm "${ED}/usr/share/qemu/vgabios-vmware.bin" |
961 |
+ # PPC64 loads vgabios-stdvga |
962 |
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386 || use qemu_softmmu_targets_ppc64; then |
963 |
+ dosym ../seavgabios/vgabios-isavga.bin /usr/share/qemu/vgabios.bin |
964 |
+ dosym ../seavgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin |
965 |
+ dosym ../seavgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin |
966 |
+ dosym ../seavgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin |
967 |
+ dosym ../seavgabios/vgabios-virtio.bin /usr/share/qemu/vgabios-virtio.bin |
968 |
+ dosym ../seavgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin |
969 |
+ fi |
970 |
+ |
971 |
+ # Remove sgabios since we're using the sgabios packaged one |
972 |
+ rm "${ED}/usr/share/qemu/sgabios.bin" |
973 |
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then |
974 |
+ dosym ../sgabios/sgabios.bin /usr/share/qemu/sgabios.bin |
975 |
+ fi |
976 |
+ |
977 |
+ # Remove iPXE since we're using the iPXE packaged one |
978 |
+ rm "${ED}"/usr/share/qemu/pxe-*.rom |
979 |
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then |
980 |
+ dosym ../ipxe/8086100e.rom /usr/share/qemu/pxe-e1000.rom |
981 |
+ dosym ../ipxe/80861209.rom /usr/share/qemu/pxe-eepro100.rom |
982 |
+ dosym ../ipxe/10500940.rom /usr/share/qemu/pxe-ne2k_pci.rom |
983 |
+ dosym ../ipxe/10222000.rom /usr/share/qemu/pxe-pcnet.rom |
984 |
+ dosym ../ipxe/10ec8139.rom /usr/share/qemu/pxe-rtl8139.rom |
985 |
+ dosym ../ipxe/1af41000.rom /usr/share/qemu/pxe-virtio.rom |
986 |
+ fi |
987 |
+ fi |
988 |
+ |
989 |
+ DISABLE_AUTOFORMATTING=true |
990 |
+ readme.gentoo_create_doc |
991 |
+} |
992 |
+ |
993 |
+firmware_abi_change() { |
994 |
+ local pv |
995 |
+ for pv in ${REPLACING_VERSIONS}; do |
996 |
+ if ! version_is_at_least ${FIRMWARE_ABI_VERSION} ${pv}; then |
997 |
+ return 0 |
998 |
+ fi |
999 |
+ done |
1000 |
+ return 1 |
1001 |
+} |
1002 |
+ |
1003 |
+pkg_postinst() { |
1004 |
+ if [[ -n ${softmmu_targets} ]] && use kernel_linux; then |
1005 |
+ udev_reload |
1006 |
+ fi |
1007 |
+ |
1008 |
+ fcaps cap_net_admin /usr/libexec/qemu-bridge-helper |
1009 |
+ |
1010 |
+ DISABLE_AUTOFORMATTING=true |
1011 |
+ readme.gentoo_print_elog |
1012 |
+ |
1013 |
+ if use pin-upstream-blobs && firmware_abi_change; then |
1014 |
+ ewarn "This version of qemu pins new versions of firmware blobs:" |
1015 |
+ ewarn " $(best_version sys-firmware/edk2-ovmf)" |
1016 |
+ ewarn " $(best_version sys-firmware/ipxe)" |
1017 |
+ ewarn " $(best_version sys-firmware/seabios)" |
1018 |
+ ewarn " $(best_version sys-firmware/sgabios)" |
1019 |
+ ewarn "This might break resume of hibernated guests (started with a different" |
1020 |
+ ewarn "firmware version) and live migration to/from qemu versions with different" |
1021 |
+ ewarn "firmware. Please (cold) restart all running guests. For functional" |
1022 |
+ ewarn "guest migration ensure that all" |
1023 |
+ ewarn "hosts run at least" |
1024 |
+ ewarn " app-emulation/qemu-${FIRMWARE_ABI_VERSION}." |
1025 |
+ fi |
1026 |
+} |
1027 |
+ |
1028 |
+pkg_info() { |
1029 |
+ echo "Using:" |
1030 |
+ echo " $(best_version app-emulation/spice-protocol)" |
1031 |
+ echo " $(best_version sys-firmware/edk2-ovmf)" |
1032 |
+ if has_version 'sys-firmware/edk2-ovmf[binary]'; then |
1033 |
+ echo " USE=binary" |
1034 |
+ else |
1035 |
+ echo " USE=''" |
1036 |
+ fi |
1037 |
+ echo " $(best_version sys-firmware/ipxe)" |
1038 |
+ echo " $(best_version sys-firmware/seabios)" |
1039 |
+ if has_version 'sys-firmware/seabios[binary]'; then |
1040 |
+ echo " USE=binary" |
1041 |
+ else |
1042 |
+ echo " USE=''" |
1043 |
+ fi |
1044 |
+ echo " $(best_version sys-firmware/sgabios)" |
1045 |
+} |