1 |
commit: 3c163a962cd7f22f3c86a503904df8d813722418 |
2 |
Author: Aric Belsito <lluixhi <AT> gmail <DOT> com> |
3 |
AuthorDate: Mon Nov 13 21:17:14 2017 +0000 |
4 |
Commit: Aric Belsito <lluixhi <AT> gmail <DOT> com> |
5 |
CommitDate: Mon Nov 13 21:17:14 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=3c163a96 |
7 |
|
8 |
app-emulation/qemu: version bump to 2.10.1 |
9 |
|
10 |
remove old versions. |
11 |
|
12 |
app-emulation/qemu/Manifest | 2 +- |
13 |
.../qemu/files/qemu-2.10.1-CVE-2017-15268.patch | 54 ++ |
14 |
.../qemu/files/qemu-2.10.1-CVE-2017-15289.patch | 58 ++ |
15 |
.../qemu/files/qemu-2.9.0-CVE-2017-10664.patch | 47 -- |
16 |
.../qemu/files/qemu-2.9.0-CVE-2017-10806.patch | 50 -- |
17 |
.../qemu/files/qemu-2.9.0-CVE-2017-11334.patch | 40 - |
18 |
.../qemu/files/qemu-2.9.0-CVE-2017-11434.patch | 29 - |
19 |
.../qemu/files/qemu-2.9.0-CVE-2017-7493.patch | 174 ----- |
20 |
.../qemu/files/qemu-2.9.0-CVE-2017-8112.patch | 22 - |
21 |
.../qemu/files/qemu-2.9.0-CVE-2017-8309.patch | 22 - |
22 |
.../qemu/files/qemu-2.9.0-CVE-2017-8379.patch | 76 -- |
23 |
.../qemu/files/qemu-2.9.0-CVE-2017-8380.patch | 34 - |
24 |
.../qemu/files/qemu-2.9.0-CVE-2017-9503-1.patch | 122 ---- |
25 |
.../qemu/files/qemu-2.9.0-CVE-2017-9503-2.patch | 114 --- |
26 |
.../qemu/files/qemu-2.9.0-CVE-2017-9524-1.patch | 80 -- |
27 |
.../qemu/files/qemu-2.9.0-CVE-2017-9524-2.patch | 197 ----- |
28 |
.../{qemu-2.10.0-r1.ebuild => qemu-2.10.1.ebuild} | 20 +- |
29 |
app-emulation/qemu/qemu-2.9.0-r56.ebuild | 799 -------------------- |
30 |
app-emulation/qemu/qemu-2.9.0-r57.ebuild | 802 --------------------- |
31 |
19 files changed, 129 insertions(+), 2613 deletions(-) |
32 |
|
33 |
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest |
34 |
index 0c8db49..95c955c 100644 |
35 |
--- a/app-emulation/qemu/Manifest |
36 |
+++ b/app-emulation/qemu/Manifest |
37 |
@@ -1,2 +1,2 @@ |
38 |
DIST qemu-2.10.0.tar.bz2 30955656 SHA256 7e9f39e1306e6dcc595494e91c1464d4b03f55ddd2053183e0e1b69f7f776d48 SHA512 ea21c014030f8a902df159641e6ccb45f0850ac5cb1cb8ab6845124c44ea5def54845e7bc66a6e80d624c78069f9baa913ee5119704076ae4ff47ab018ace9f9 WHIRLPOOL 58f846788fdf2b0c90e6d17ce921a1fe02556968d38ffc11be7e32b81ebc723dfeaa790f22d8085d4f388eb01fe0daa3ddbc00630c5ecba083df33cc9709fb39 |
39 |
-DIST qemu-2.9.0.tar.bz2 28720490 SHA256 00bfb217b1bb03c7a6c3261b819cfccbfb5a58e3e2ceff546327d271773c6c14 SHA512 4b28966eec0ca44681e35fcfb64a4eaef7c280b8d65c91d03f2efa37f76278fd8c1680e5798c7a30dbfcc8f3c05f4a803f48b8a2dfec3a4181bac079b2a5e422 WHIRLPOOL d79fe89eb271a56aee0cbd328e5f96999176b711afb5683d164b7b99d91e6dd2bfaf6e2ff4cd820a941c94f28116765cb07ffd5809d75c2f9654a67d56bfc0c1 |
40 |
+DIST qemu-2.10.1.tar.bz2 30821108 SHA256 8e040bc7556401ebb3a347a8f7878e9d4028cf71b2744b1a1699f4e741966ba8 SHA512 1a4a6ebf700ec6851c83cc2a71eaea8d95f14c685d094eaaa86c740eb9401e49a79074b72385f58681ca7646771a99bb6bbd9bebb39162f7220626d37ed0654f WHIRLPOOL 79b1b8c19affc799e1a42c02a7c2fea13bf4ca1f9a2aa6e765d529aa3531f68cca77e92264561b2884314074f3148469f5a2f976c3473beb5ed0568617ce777b |
41 |
|
42 |
diff --git a/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15268.patch b/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15268.patch |
43 |
new file mode 100644 |
44 |
index 0000000..7d08b32 |
45 |
--- /dev/null |
46 |
+++ b/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15268.patch |
47 |
@@ -0,0 +1,54 @@ |
48 |
+From a7b20a8efa28e5f22c26c06cd06c2f12bc863493 Mon Sep 17 00:00:00 2001 |
49 |
+From: "Daniel P. Berrange" <berrange@××××××.com> |
50 |
+Date: Mon, 9 Oct 2017 14:43:42 +0100 |
51 |
+Subject: [PATCH] io: monitor encoutput buffer size from websocket GSource |
52 |
+ |
53 |
+The websocket GSource is monitoring the size of the rawoutput |
54 |
+buffer to determine if the channel can accepts more writes. |
55 |
+The rawoutput buffer, however, is merely a temporary staging |
56 |
+buffer before data is copied into the encoutput buffer. Thus |
57 |
+its size will always be zero when the GSource runs. |
58 |
+ |
59 |
+This flaw causes the encoutput buffer to grow without bound |
60 |
+if the other end of the underlying data channel doesn't |
61 |
+read data being sent. This can be seen with VNC if a client |
62 |
+is on a slow WAN link and the guest OS is sending many screen |
63 |
+updates. A malicious VNC client can act like it is on a slow |
64 |
+link by playing a video in the guest and then reading data |
65 |
+very slowly, causing QEMU host memory to expand arbitrarily. |
66 |
+ |
67 |
+This issue is assigned CVE-2017-15268, publically reported in |
68 |
+ |
69 |
+ https://bugs.launchpad.net/qemu/+bug/1718964 |
70 |
+ |
71 |
+Reviewed-by: Eric Blake <eblake@××××××.com> |
72 |
+Signed-off-by: Daniel P. Berrange <berrange@××××××.com> |
73 |
+--- |
74 |
+ io/channel-websock.c | 4 ++-- |
75 |
+ 1 file changed, 2 insertions(+), 2 deletions(-) |
76 |
+ |
77 |
+diff --git a/io/channel-websock.c b/io/channel-websock.c |
78 |
+index d1d471f86e..04bcc059cd 100644 |
79 |
+--- a/io/channel-websock.c |
80 |
++++ b/io/channel-websock.c |
81 |
+@@ -28,7 +28,7 @@ |
82 |
+ #include <time.h> |
83 |
+ |
84 |
+ |
85 |
+-/* Max amount to allow in rawinput/rawoutput buffers */ |
86 |
++/* Max amount to allow in rawinput/encoutput buffers */ |
87 |
+ #define QIO_CHANNEL_WEBSOCK_MAX_BUFFER 8192 |
88 |
+ |
89 |
+ #define QIO_CHANNEL_WEBSOCK_CLIENT_KEY_LEN 24 |
90 |
+@@ -1208,7 +1208,7 @@ qio_channel_websock_source_check(GSource *source) |
91 |
+ if (wsource->wioc->rawinput.offset || wsource->wioc->io_eof) { |
92 |
+ cond |= G_IO_IN; |
93 |
+ } |
94 |
+- if (wsource->wioc->rawoutput.offset < QIO_CHANNEL_WEBSOCK_MAX_BUFFER) { |
95 |
++ if (wsource->wioc->encoutput.offset < QIO_CHANNEL_WEBSOCK_MAX_BUFFER) { |
96 |
+ cond |= G_IO_OUT; |
97 |
+ } |
98 |
+ |
99 |
+-- |
100 |
+2.13.6 |
101 |
+ |
102 |
|
103 |
diff --git a/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15289.patch b/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15289.patch |
104 |
new file mode 100644 |
105 |
index 0000000..a4ad2d5 |
106 |
--- /dev/null |
107 |
+++ b/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15289.patch |
108 |
@@ -0,0 +1,58 @@ |
109 |
+From eb38e1bc3740725ca29a535351de94107ec58d51 Mon Sep 17 00:00:00 2001 |
110 |
+From: Gerd Hoffmann <kraxel@××××××.com> |
111 |
+Date: Wed, 11 Oct 2017 10:43:14 +0200 |
112 |
+Subject: [PATCH] cirrus: fix oob access in mode4and5 write functions |
113 |
+ |
114 |
+Move dst calculation into the loop, so we apply the mask on each |
115 |
+interation and will not overflow vga memory. |
116 |
+ |
117 |
+Cc: Prasad J Pandit <pjp@×××××××××××××.org> |
118 |
+Reported-by: Niu Guoxiang <niuguoxiang@××××××.com> |
119 |
+Signed-off-by: Gerd Hoffmann <kraxel@××××××.com> |
120 |
+Message-id: 20171011084314.21752-1-kraxel@××××××.com |
121 |
+--- |
122 |
+ hw/display/cirrus_vga.c | 6 ++---- |
123 |
+ 1 file changed, 2 insertions(+), 4 deletions(-) |
124 |
+ |
125 |
+diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c |
126 |
+index b4d579857a..bc32bf1e39 100644 |
127 |
+--- a/hw/display/cirrus_vga.c |
128 |
++++ b/hw/display/cirrus_vga.c |
129 |
+@@ -2038,15 +2038,14 @@ static void cirrus_mem_writeb_mode4and5_8bpp(CirrusVGAState * s, |
130 |
+ unsigned val = mem_value; |
131 |
+ uint8_t *dst; |
132 |
+ |
133 |
+- dst = s->vga.vram_ptr + (offset &= s->cirrus_addr_mask); |
134 |
+ for (x = 0; x < 8; x++) { |
135 |
++ dst = s->vga.vram_ptr + ((offset + x) & s->cirrus_addr_mask); |
136 |
+ if (val & 0x80) { |
137 |
+ *dst = s->cirrus_shadow_gr1; |
138 |
+ } else if (mode == 5) { |
139 |
+ *dst = s->cirrus_shadow_gr0; |
140 |
+ } |
141 |
+ val <<= 1; |
142 |
+- dst++; |
143 |
+ } |
144 |
+ memory_region_set_dirty(&s->vga.vram, offset, 8); |
145 |
+ } |
146 |
+@@ -2060,8 +2059,8 @@ static void cirrus_mem_writeb_mode4and5_16bpp(CirrusVGAState * s, |
147 |
+ unsigned val = mem_value; |
148 |
+ uint8_t *dst; |
149 |
+ |
150 |
+- dst = s->vga.vram_ptr + (offset &= s->cirrus_addr_mask); |
151 |
+ for (x = 0; x < 8; x++) { |
152 |
++ dst = s->vga.vram_ptr + ((offset + 2 * x) & s->cirrus_addr_mask & ~1); |
153 |
+ if (val & 0x80) { |
154 |
+ *dst = s->cirrus_shadow_gr1; |
155 |
+ *(dst + 1) = s->vga.gr[0x11]; |
156 |
+@@ -2070,7 +2069,6 @@ static void cirrus_mem_writeb_mode4and5_16bpp(CirrusVGAState * s, |
157 |
+ *(dst + 1) = s->vga.gr[0x10]; |
158 |
+ } |
159 |
+ val <<= 1; |
160 |
+- dst += 2; |
161 |
+ } |
162 |
+ memory_region_set_dirty(&s->vga.vram, offset, 16); |
163 |
+ } |
164 |
+-- |
165 |
+2.13.6 |
166 |
+ |
167 |
|
168 |
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-10664.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-10664.patch |
169 |
deleted file mode 100644 |
170 |
index 7db0692..0000000 |
171 |
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-10664.patch |
172 |
+++ /dev/null |
173 |
@@ -1,47 +0,0 @@ |
174 |
-From 041e32b8d9d076980b4e35317c0339e57ab888f1 Mon Sep 17 00:00:00 2001 |
175 |
-From: Max Reitz <mreitz@××××××.com> |
176 |
-Date: Sun, 11 Jun 2017 14:37:14 +0200 |
177 |
-Subject: [PATCH] qemu-nbd: Ignore SIGPIPE |
178 |
- |
179 |
-qemu proper has done so for 13 years |
180 |
-(8a7ddc38a60648257dc0645ab4a05b33d6040063), qemu-img and qemu-io have |
181 |
-done so for four years (526eda14a68d5b3596be715505289b541288ef2a). |
182 |
-Ignoring this signal is especially important in qemu-nbd because |
183 |
-otherwise a client can easily take down the qemu-nbd server by dropping |
184 |
-the connection when the server wants to send something, for example: |
185 |
- |
186 |
-$ qemu-nbd -x foo -f raw -t null-co:// & |
187 |
-[1] 12726 |
188 |
-$ qemu-io -c quit nbd://localhost/bar |
189 |
-can't open device nbd://localhost/bar: No export with name 'bar' available |
190 |
-[1] + 12726 broken pipe qemu-nbd -x foo -f raw -t null-co:// |
191 |
- |
192 |
-In this case, the client sends an NBD_OPT_ABORT and closes the |
193 |
-connection (because it is not required to wait for a reply), but the |
194 |
-server replies with an NBD_REP_ACK (because it is required to reply). |
195 |
- |
196 |
-Signed-off-by: Max Reitz <mreitz@××××××.com> |
197 |
-Message-Id: <20170611123714.31292-1-mreitz@××××××.com> |
198 |
-Signed-off-by: Paolo Bonzini <pbonzini@××××××.com> |
199 |
---- |
200 |
- qemu-nbd.c | 4 ++++ |
201 |
- 1 file changed, 4 insertions(+) |
202 |
- |
203 |
-diff --git a/qemu-nbd.c b/qemu-nbd.c |
204 |
-index 9464a0461c..4dd3fd4732 100644 |
205 |
---- a/qemu-nbd.c |
206 |
-+++ b/qemu-nbd.c |
207 |
-@@ -581,6 +581,10 @@ int main(int argc, char **argv) |
208 |
- sa_sigterm.sa_handler = termsig_handler; |
209 |
- sigaction(SIGTERM, &sa_sigterm, NULL); |
210 |
- |
211 |
-+#ifdef CONFIG_POSIX |
212 |
-+ signal(SIGPIPE, SIG_IGN); |
213 |
-+#endif |
214 |
-+ |
215 |
- module_call_init(MODULE_INIT_TRACE); |
216 |
- qcrypto_init(&error_fatal); |
217 |
- |
218 |
--- |
219 |
-2.13.0 |
220 |
- |
221 |
|
222 |
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-10806.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-10806.patch |
223 |
deleted file mode 100644 |
224 |
index 0074f5f..0000000 |
225 |
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-10806.patch |
226 |
+++ /dev/null |
227 |
@@ -1,50 +0,0 @@ |
228 |
-From bd4a683505b27adc1ac809f71e918e58573d851d Mon Sep 17 00:00:00 2001 |
229 |
-From: Gerd Hoffmann <kraxel@××××××.com> |
230 |
-Date: Tue, 9 May 2017 13:01:28 +0200 |
231 |
-Subject: [PATCH] usb-redir: fix stack overflow in usbredir_log_data |
232 |
-MIME-Version: 1.0 |
233 |
-Content-Type: text/plain; charset=UTF-8 |
234 |
-Content-Transfer-Encoding: 8bit |
235 |
- |
236 |
-Don't reinvent a broken wheel, just use the hexdump function we have. |
237 |
- |
238 |
-Impact: low, broken code doesn't run unless you have debug logging |
239 |
-enabled. |
240 |
- |
241 |
-Reported-by: 李强 <liqiang6-s@×××.cn> |
242 |
-Signed-off-by: Gerd Hoffmann <kraxel@××××××.com> |
243 |
-Message-id: 20170509110128.27261-1-kraxel@××××××.com |
244 |
---- |
245 |
- hw/usb/redirect.c | 13 +------------ |
246 |
- 1 file changed, 1 insertion(+), 12 deletions(-) |
247 |
- |
248 |
-diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c |
249 |
-index b001a27f05..ad5ef783a6 100644 |
250 |
---- a/hw/usb/redirect.c |
251 |
-+++ b/hw/usb/redirect.c |
252 |
-@@ -229,21 +229,10 @@ static void usbredir_log(void *priv, int level, const char *msg) |
253 |
- static void usbredir_log_data(USBRedirDevice *dev, const char *desc, |
254 |
- const uint8_t *data, int len) |
255 |
- { |
256 |
-- int i, j, n; |
257 |
-- |
258 |
- if (dev->debug < usbredirparser_debug_data) { |
259 |
- return; |
260 |
- } |
261 |
-- |
262 |
-- for (i = 0; i < len; i += j) { |
263 |
-- char buf[128]; |
264 |
-- |
265 |
-- n = sprintf(buf, "%s", desc); |
266 |
-- for (j = 0; j < 8 && i + j < len; j++) { |
267 |
-- n += sprintf(buf + n, " %02X", data[i + j]); |
268 |
-- } |
269 |
-- error_report("%s", buf); |
270 |
-- } |
271 |
-+ qemu_hexdump((char *)data, stderr, desc, len); |
272 |
- } |
273 |
- |
274 |
- /* |
275 |
--- |
276 |
-2.13.0 |
277 |
- |
278 |
|
279 |
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-11334.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-11334.patch |
280 |
deleted file mode 100644 |
281 |
index bfe4c7d..0000000 |
282 |
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-11334.patch |
283 |
+++ /dev/null |
284 |
@@ -1,40 +0,0 @@ |
285 |
-[Qemu-devel] [PULL 21/41] exec: use qemu_ram_ptr_length to access guest |
286 |
-From: Prasad J Pandit <address@hidden> |
287 |
- |
288 |
-When accessing guest's ram block during DMA operation, use |
289 |
-'qemu_ram_ptr_length' to get ram block pointer. It ensures |
290 |
-that DMA operation of given length is possible; And avoids |
291 |
-any OOB memory access situations. |
292 |
- |
293 |
-Reported-by: Alex <address@hidden> |
294 |
-Signed-off-by: Prasad J Pandit <address@hidden> |
295 |
-Message-Id: <address@hidden> |
296 |
-Signed-off-by: Paolo Bonzini <address@hidden> |
297 |
---- |
298 |
- exec.c | 4 ++-- |
299 |
- 1 file changed, 2 insertions(+), 2 deletions(-) |
300 |
- |
301 |
-diff --git a/exec.c b/exec.c |
302 |
-index a083ff8..ad103ce 100644 |
303 |
---- a/exec.c |
304 |
-+++ b/exec.c |
305 |
-@@ -2929,7 +2929,7 @@ static MemTxResult address_space_write_continue(AddressSpace *as, hwaddr addr, |
306 |
- } |
307 |
- } else { |
308 |
- /* RAM case */ |
309 |
-- ptr = qemu_map_ram_ptr(mr->ram_block, addr1); |
310 |
-+ ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l); |
311 |
- memcpy(ptr, buf, l); |
312 |
- invalidate_and_set_dirty(mr, addr1, l); |
313 |
- } |
314 |
-@@ -3020,7 +3020,7 @@ MemTxResult address_space_read_continue(AddressSpace *as, hwaddr addr, |
315 |
- } |
316 |
- } else { |
317 |
- /* RAM case */ |
318 |
-- ptr = qemu_map_ram_ptr(mr->ram_block, addr1); |
319 |
-+ ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l); |
320 |
- memcpy(buf, ptr, l); |
321 |
- } |
322 |
- |
323 |
--- |
324 |
-1.8.3.1 |
325 |
|
326 |
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-11434.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-11434.patch |
327 |
deleted file mode 100644 |
328 |
index 5d32067..0000000 |
329 |
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-11434.patch |
330 |
+++ /dev/null |
331 |
@@ -1,29 +0,0 @@ |
332 |
-[Qemu-devel] [PATCH] slirp: check len against dhcp options array end |
333 |
-From: Prasad J Pandit <address@hidden> |
334 |
- |
335 |
-While parsing dhcp options string in 'dhcp_decode', if an options' |
336 |
-length 'len' appeared towards the end of 'bp_vend' array, ensuing |
337 |
-read could lead to an OOB memory access issue. Add check to avoid it. |
338 |
- |
339 |
-Reported-by: Reno Robert <address@hidden> |
340 |
-Signed-off-by: Prasad J Pandit <address@hidden> |
341 |
---- |
342 |
- slirp/bootp.c | 3 +++ |
343 |
- 1 file changed, 3 insertions(+) |
344 |
- |
345 |
-diff --git a/slirp/bootp.c b/slirp/bootp.c |
346 |
-index 5a4646c..5dd1a41 100644 |
347 |
---- a/slirp/bootp.c |
348 |
-+++ b/slirp/bootp.c |
349 |
-@@ -123,6 +123,9 @@ static void dhcp_decode(const struct bootp_t *bp, int *pmsg_type, |
350 |
- if (p >= p_end) |
351 |
- break; |
352 |
- len = *p++; |
353 |
-+ if (p + len > p_end) { |
354 |
-+ break; |
355 |
-+ } |
356 |
- DPRINTF("dhcp: tag=%d len=%d\n", tag, len); |
357 |
- |
358 |
- switch(tag) { |
359 |
--- |
360 |
-2.9.4 |
361 |
|
362 |
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-7493.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-7493.patch |
363 |
deleted file mode 100644 |
364 |
index 346e771..0000000 |
365 |
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-7493.patch |
366 |
+++ /dev/null |
367 |
@@ -1,174 +0,0 @@ |
368 |
-From 7a95434e0ca8a037fd8aa1a2e2461f92585eb77b Mon Sep 17 00:00:00 2001 |
369 |
-From: Greg Kurz <groug@××××.org> |
370 |
-Date: Fri, 5 May 2017 14:48:08 +0200 |
371 |
-Subject: [PATCH] 9pfs: local: forbid client access to metadata (CVE-2017-7493) |
372 |
- |
373 |
-When using the mapped-file security mode, we shouldn't let the client mess |
374 |
-with the metadata. The current code already tries to hide the metadata dir |
375 |
-from the client by skipping it in local_readdir(). But the client can still |
376 |
-access or modify it through several other operations. This can be used to |
377 |
-escalate privileges in the guest. |
378 |
- |
379 |
-Affected backend operations are: |
380 |
-- local_mknod() |
381 |
-- local_mkdir() |
382 |
-- local_open2() |
383 |
-- local_symlink() |
384 |
-- local_link() |
385 |
-- local_unlinkat() |
386 |
-- local_renameat() |
387 |
-- local_rename() |
388 |
-- local_name_to_path() |
389 |
- |
390 |
-Other operations are safe because they are only passed a fid path, which |
391 |
-is computed internally in local_name_to_path(). |
392 |
- |
393 |
-This patch converts all the functions listed above to fail and return |
394 |
-EINVAL when being passed the name of the metadata dir. This may look |
395 |
-like a poor choice for errno, but there's no such thing as an illegal |
396 |
-path name on Linux and I could not think of anything better. |
397 |
- |
398 |
-This fixes CVE-2017-7493. |
399 |
- |
400 |
-Reported-by: Leo Gaspard <leo@×××××××.io> |
401 |
-Signed-off-by: Greg Kurz <groug@××××.org> |
402 |
-Reviewed-by: Eric Blake <eblake@××××××.com> |
403 |
---- |
404 |
- hw/9pfs/9p-local.c | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++++-- |
405 |
- 1 file changed, 56 insertions(+), 2 deletions(-) |
406 |
- |
407 |
-diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c |
408 |
-index f3ebca4f7a..a2486566af 100644 |
409 |
---- a/hw/9pfs/9p-local.c |
410 |
-+++ b/hw/9pfs/9p-local.c |
411 |
-@@ -452,6 +452,11 @@ static off_t local_telldir(FsContext *ctx, V9fsFidOpenState *fs) |
412 |
- return telldir(fs->dir.stream); |
413 |
- } |
414 |
- |
415 |
-+static bool local_is_mapped_file_metadata(FsContext *fs_ctx, const char *name) |
416 |
-+{ |
417 |
-+ return !strcmp(name, VIRTFS_META_DIR); |
418 |
-+} |
419 |
-+ |
420 |
- static struct dirent *local_readdir(FsContext *ctx, V9fsFidOpenState *fs) |
421 |
- { |
422 |
- struct dirent *entry; |
423 |
-@@ -465,8 +470,8 @@ again: |
424 |
- if (ctx->export_flags & V9FS_SM_MAPPED) { |
425 |
- entry->d_type = DT_UNKNOWN; |
426 |
- } else if (ctx->export_flags & V9FS_SM_MAPPED_FILE) { |
427 |
-- if (!strcmp(entry->d_name, VIRTFS_META_DIR)) { |
428 |
-- /* skp the meta data directory */ |
429 |
-+ if (local_is_mapped_file_metadata(ctx, entry->d_name)) { |
430 |
-+ /* skip the meta data directory */ |
431 |
- goto again; |
432 |
- } |
433 |
- entry->d_type = DT_UNKNOWN; |
434 |
-@@ -559,6 +564,12 @@ static int local_mknod(FsContext *fs_ctx, V9fsPath *dir_path, |
435 |
- int err = -1; |
436 |
- int dirfd; |
437 |
- |
438 |
-+ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE && |
439 |
-+ local_is_mapped_file_metadata(fs_ctx, name)) { |
440 |
-+ errno = EINVAL; |
441 |
-+ return -1; |
442 |
-+ } |
443 |
-+ |
444 |
- dirfd = local_opendir_nofollow(fs_ctx, dir_path->data); |
445 |
- if (dirfd == -1) { |
446 |
- return -1; |
447 |
-@@ -605,6 +616,12 @@ static int local_mkdir(FsContext *fs_ctx, V9fsPath *dir_path, |
448 |
- int err = -1; |
449 |
- int dirfd; |
450 |
- |
451 |
-+ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE && |
452 |
-+ local_is_mapped_file_metadata(fs_ctx, name)) { |
453 |
-+ errno = EINVAL; |
454 |
-+ return -1; |
455 |
-+ } |
456 |
-+ |
457 |
- dirfd = local_opendir_nofollow(fs_ctx, dir_path->data); |
458 |
- if (dirfd == -1) { |
459 |
- return -1; |
460 |
-@@ -694,6 +711,12 @@ static int local_open2(FsContext *fs_ctx, V9fsPath *dir_path, const char *name, |
461 |
- int err = -1; |
462 |
- int dirfd; |
463 |
- |
464 |
-+ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE && |
465 |
-+ local_is_mapped_file_metadata(fs_ctx, name)) { |
466 |
-+ errno = EINVAL; |
467 |
-+ return -1; |
468 |
-+ } |
469 |
-+ |
470 |
- /* |
471 |
- * Mark all the open to not follow symlinks |
472 |
- */ |
473 |
-@@ -752,6 +775,12 @@ static int local_symlink(FsContext *fs_ctx, const char *oldpath, |
474 |
- int err = -1; |
475 |
- int dirfd; |
476 |
- |
477 |
-+ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE && |
478 |
-+ local_is_mapped_file_metadata(fs_ctx, name)) { |
479 |
-+ errno = EINVAL; |
480 |
-+ return -1; |
481 |
-+ } |
482 |
-+ |
483 |
- dirfd = local_opendir_nofollow(fs_ctx, dir_path->data); |
484 |
- if (dirfd == -1) { |
485 |
- return -1; |
486 |
-@@ -826,6 +855,12 @@ static int local_link(FsContext *ctx, V9fsPath *oldpath, |
487 |
- int ret = -1; |
488 |
- int odirfd, ndirfd; |
489 |
- |
490 |
-+ if (ctx->export_flags & V9FS_SM_MAPPED_FILE && |
491 |
-+ local_is_mapped_file_metadata(ctx, name)) { |
492 |
-+ errno = EINVAL; |
493 |
-+ return -1; |
494 |
-+ } |
495 |
-+ |
496 |
- odirfd = local_opendir_nofollow(ctx, odirpath); |
497 |
- if (odirfd == -1) { |
498 |
- goto out; |
499 |
-@@ -1096,6 +1131,12 @@ static int local_lremovexattr(FsContext *ctx, V9fsPath *fs_path, |
500 |
- static int local_name_to_path(FsContext *ctx, V9fsPath *dir_path, |
501 |
- const char *name, V9fsPath *target) |
502 |
- { |
503 |
-+ if (ctx->export_flags & V9FS_SM_MAPPED_FILE && |
504 |
-+ local_is_mapped_file_metadata(ctx, name)) { |
505 |
-+ errno = EINVAL; |
506 |
-+ return -1; |
507 |
-+ } |
508 |
-+ |
509 |
- if (dir_path) { |
510 |
- v9fs_path_sprintf(target, "%s/%s", dir_path->data, name); |
511 |
- } else if (strcmp(name, "/")) { |
512 |
-@@ -1116,6 +1157,13 @@ static int local_renameat(FsContext *ctx, V9fsPath *olddir, |
513 |
- int ret; |
514 |
- int odirfd, ndirfd; |
515 |
- |
516 |
-+ if (ctx->export_flags & V9FS_SM_MAPPED_FILE && |
517 |
-+ (local_is_mapped_file_metadata(ctx, old_name) || |
518 |
-+ local_is_mapped_file_metadata(ctx, new_name))) { |
519 |
-+ errno = EINVAL; |
520 |
-+ return -1; |
521 |
-+ } |
522 |
-+ |
523 |
- odirfd = local_opendir_nofollow(ctx, olddir->data); |
524 |
- if (odirfd == -1) { |
525 |
- return -1; |
526 |
-@@ -1206,6 +1254,12 @@ static int local_unlinkat(FsContext *ctx, V9fsPath *dir, |
527 |
- int ret; |
528 |
- int dirfd; |
529 |
- |
530 |
-+ if (ctx->export_flags & V9FS_SM_MAPPED_FILE && |
531 |
-+ local_is_mapped_file_metadata(ctx, name)) { |
532 |
-+ errno = EINVAL; |
533 |
-+ return -1; |
534 |
-+ } |
535 |
-+ |
536 |
- dirfd = local_opendir_nofollow(ctx, dir->data); |
537 |
- if (dirfd == -1) { |
538 |
- return -1; |
539 |
--- |
540 |
-2.13.0 |
541 |
- |
542 |
|
543 |
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8112.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8112.patch |
544 |
deleted file mode 100644 |
545 |
index 31fb69b..0000000 |
546 |
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8112.patch |
547 |
+++ /dev/null |
548 |
@@ -1,22 +0,0 @@ |
549 |
-CVE-2017-8112 |
550 |
- |
551 |
-https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg04494.html |
552 |
---- |
553 |
- hw/scsi/vmw_pvscsi.c | 2 +- |
554 |
- 1 file changed, 1 insertion(+), 1 deletion(-) |
555 |
- |
556 |
-diff --git a/hw/scsi/vmw_pvscsi.c b/hw/scsi/vmw_pvscsi.c |
557 |
-index 7557546..4a106da 100644 |
558 |
---- a/hw/scsi/vmw_pvscsi.c |
559 |
-+++ b/hw/scsi/vmw_pvscsi.c |
560 |
-@@ -202,7 +202,7 @@ pvscsi_ring_init_msg(PVSCSIRingInfo *m, PVSCSICmdDescSetupMsgRing *ri) |
561 |
- uint32_t len_log2; |
562 |
- uint32_t ring_size; |
563 |
- |
564 |
-- if (ri->numPages > PVSCSI_SETUP_MSG_RING_MAX_NUM_PAGES) { |
565 |
-+ if (!ri->numPages || ri->numPages > PVSCSI_SETUP_MSG_RING_MAX_NUM_PAGES) { |
566 |
- return -1; |
567 |
- } |
568 |
- ring_size = ri->numPages * PVSCSI_MAX_NUM_MSG_ENTRIES_PER_PAGE; |
569 |
--- |
570 |
-2.9.3 |
571 |
|
572 |
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8309.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8309.patch |
573 |
deleted file mode 100644 |
574 |
index 4f7f870..0000000 |
575 |
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8309.patch |
576 |
+++ /dev/null |
577 |
@@ -1,22 +0,0 @@ |
578 |
-bug #616870 |
579 |
- |
580 |
-https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg05587.html |
581 |
---- |
582 |
- audio/audio.c | 2 ++ |
583 |
- 1 file changed, 2 insertions(+) |
584 |
- |
585 |
-diff --git a/audio/audio.c b/audio/audio.c |
586 |
-index c8898d8422..beafed209b 100644 |
587 |
---- a/audio/audio.c |
588 |
-+++ b/audio/audio.c |
589 |
-@@ -2028,6 +2028,8 @@ void AUD_del_capture (CaptureVoiceOut *cap, void *cb_opaque) |
590 |
- sw = sw1; |
591 |
- } |
592 |
- QLIST_REMOVE (cap, entries); |
593 |
-+ g_free (cap->hw.mix_buf); |
594 |
-+ g_free (cap->buf); |
595 |
- g_free (cap); |
596 |
- } |
597 |
- return; |
598 |
--- |
599 |
-2.9.3 |
600 |
|
601 |
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8379.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8379.patch |
602 |
deleted file mode 100644 |
603 |
index 0a34dae..0000000 |
604 |
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8379.patch |
605 |
+++ /dev/null |
606 |
@@ -1,76 +0,0 @@ |
607 |
-bug #616872 |
608 |
- |
609 |
-https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg05599.html |
610 |
---- |
611 |
- ui/input.c | 14 +++++++++++--- |
612 |
- 1 file changed, 11 insertions(+), 3 deletions(-) |
613 |
- |
614 |
-diff --git a/ui/input.c b/ui/input.c |
615 |
-index ed88cda6d6..fb1f404095 100644 |
616 |
---- a/ui/input.c |
617 |
-+++ b/ui/input.c |
618 |
-@@ -41,6 +41,8 @@ static QTAILQ_HEAD(QemuInputEventQueueHead, QemuInputEventQueue) kbd_queue = |
619 |
- QTAILQ_HEAD_INITIALIZER(kbd_queue); |
620 |
- static QEMUTimer *kbd_timer; |
621 |
- static uint32_t kbd_default_delay_ms = 10; |
622 |
-+static uint32_t queue_count; |
623 |
-+static uint32_t queue_limit = 1024; |
624 |
- |
625 |
- QemuInputHandlerState *qemu_input_handler_register(DeviceState *dev, |
626 |
- QemuInputHandler *handler) |
627 |
-@@ -268,6 +270,7 @@ static void qemu_input_queue_process(void *opaque) |
628 |
- break; |
629 |
- } |
630 |
- QTAILQ_REMOVE(queue, item, node); |
631 |
-+ queue_count--; |
632 |
- g_free(item); |
633 |
- } |
634 |
- } |
635 |
-@@ -282,6 +285,7 @@ static void qemu_input_queue_delay(struct QemuInputEventQueueHead *queue, |
636 |
- item->delay_ms = delay_ms; |
637 |
- item->timer = timer; |
638 |
- QTAILQ_INSERT_TAIL(queue, item, node); |
639 |
-+ queue_count++; |
640 |
- |
641 |
- if (start_timer) { |
642 |
- timer_mod(item->timer, qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL) |
643 |
-@@ -298,6 +302,7 @@ static void qemu_input_queue_event(struct QemuInputEventQueueHead *queue, |
644 |
- item->src = src; |
645 |
- item->evt = evt; |
646 |
- QTAILQ_INSERT_TAIL(queue, item, node); |
647 |
-+ queue_count++; |
648 |
- } |
649 |
- |
650 |
- static void qemu_input_queue_sync(struct QemuInputEventQueueHead *queue) |
651 |
-@@ -306,6 +311,7 @@ static void qemu_input_queue_sync(struct QemuInputEventQueueHead *queue) |
652 |
- |
653 |
- item->type = QEMU_INPUT_QUEUE_SYNC; |
654 |
- QTAILQ_INSERT_TAIL(queue, item, node); |
655 |
-+ queue_count++; |
656 |
- } |
657 |
- |
658 |
- void qemu_input_event_send_impl(QemuConsole *src, InputEvent *evt) |
659 |
-@@ -381,7 +387,7 @@ void qemu_input_event_send_key(QemuConsole *src, KeyValue *key, bool down) |
660 |
- qemu_input_event_send(src, evt); |
661 |
- qemu_input_event_sync(); |
662 |
- qapi_free_InputEvent(evt); |
663 |
-- } else { |
664 |
-+ } else if (queue_count < queue_limit) { |
665 |
- qemu_input_queue_event(&kbd_queue, src, evt); |
666 |
- qemu_input_queue_sync(&kbd_queue); |
667 |
- } |
668 |
-@@ -409,8 +415,10 @@ void qemu_input_event_send_key_delay(uint32_t delay_ms) |
669 |
- kbd_timer = timer_new_ms(QEMU_CLOCK_VIRTUAL, qemu_input_queue_process, |
670 |
- &kbd_queue); |
671 |
- } |
672 |
-- qemu_input_queue_delay(&kbd_queue, kbd_timer, |
673 |
-- delay_ms ? delay_ms : kbd_default_delay_ms); |
674 |
-+ if (queue_count < queue_limit) { |
675 |
-+ qemu_input_queue_delay(&kbd_queue, kbd_timer, |
676 |
-+ delay_ms ? delay_ms : kbd_default_delay_ms); |
677 |
-+ } |
678 |
- } |
679 |
- |
680 |
- InputEvent *qemu_input_event_new_btn(InputButton btn, bool down) |
681 |
--- |
682 |
-2.9.3 |
683 |
|
684 |
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8380.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8380.patch |
685 |
deleted file mode 100644 |
686 |
index 08911dd..0000000 |
687 |
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8380.patch |
688 |
+++ /dev/null |
689 |
@@ -1,34 +0,0 @@ |
690 |
-bug #616874 |
691 |
- |
692 |
-https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg04147.html |
693 |
---- |
694 |
- hw/scsi/megasas.c | 10 +++++----- |
695 |
- 1 file changed, 5 insertions(+), 5 deletions(-) |
696 |
- |
697 |
-diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c |
698 |
-index 84b8caf..804122a 100644 |
699 |
---- a/hw/scsi/megasas.c |
700 |
-+++ b/hw/scsi/megasas.c |
701 |
-@@ -2138,15 +2138,15 @@ static void megasas_mmio_write(void *opaque, hwaddr addr, |
702 |
- case MFI_SEQ: |
703 |
- trace_megasas_mmio_writel("MFI_SEQ", val); |
704 |
- /* Magic sequence to start ADP reset */ |
705 |
-- if (adp_reset_seq[s->adp_reset] == val) { |
706 |
-- s->adp_reset++; |
707 |
-+ if (adp_reset_seq[s->adp_reset++] == val) { |
708 |
-+ if (s->adp_reset == 6) { |
709 |
-+ s->adp_reset = 0; |
710 |
-+ s->diag = MFI_DIAG_WRITE_ENABLE; |
711 |
-+ } |
712 |
- } else { |
713 |
- s->adp_reset = 0; |
714 |
- s->diag = 0; |
715 |
- } |
716 |
-- if (s->adp_reset == 6) { |
717 |
-- s->diag = MFI_DIAG_WRITE_ENABLE; |
718 |
-- } |
719 |
- break; |
720 |
- case MFI_DIAG: |
721 |
- trace_megasas_mmio_writel("MFI_DIAG", val); |
722 |
--- |
723 |
-2.9.3 |
724 |
|
725 |
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9503-1.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9503-1.patch |
726 |
deleted file mode 100644 |
727 |
index 01c81d1..0000000 |
728 |
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9503-1.patch |
729 |
+++ /dev/null |
730 |
@@ -1,122 +0,0 @@ |
731 |
-From 87e459a810d7b1ec1638085b5a80ea3d9b43119a Mon Sep 17 00:00:00 2001 |
732 |
-From: Paolo Bonzini <pbonzini@××××××.com> |
733 |
-Date: Thu, 1 Jun 2017 17:26:14 +0200 |
734 |
-Subject: [PATCH] megasas: always store SCSIRequest* into MegasasCmd |
735 |
- |
736 |
-This ensures that the request is unref'ed properly, and avoids a |
737 |
-segmentation fault in the new qtest testcase that is added. |
738 |
-This is CVE-2017-9503. |
739 |
- |
740 |
-Reported-by: Zhangyanyu <zyy4013@×××××××××××.cn> |
741 |
-Signed-off-by: Paolo Bonzini <pbonzini@××××××.com> |
742 |
---- |
743 |
- hw/scsi/megasas.c | 31 ++++++++++++++++--------------- |
744 |
- 2 files changed, 51 insertions(+), 15 deletions(-) |
745 |
- |
746 |
-diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c |
747 |
-index 135662df31..734fdaef90 100644 |
748 |
---- a/hw/scsi/megasas.c |
749 |
-+++ b/hw/scsi/megasas.c |
750 |
-@@ -609,6 +609,9 @@ static void megasas_reset_frames(MegasasState *s) |
751 |
- static void megasas_abort_command(MegasasCmd *cmd) |
752 |
- { |
753 |
- /* Never abort internal commands. */ |
754 |
-+ if (cmd->dcmd_opcode != -1) { |
755 |
-+ return; |
756 |
-+ } |
757 |
- if (cmd->req != NULL) { |
758 |
- scsi_req_cancel(cmd->req); |
759 |
- } |
760 |
-@@ -1017,7 +1020,6 @@ static int megasas_pd_get_info_submit(SCSIDevice *sdev, int lun, |
761 |
- uint64_t pd_size; |
762 |
- uint16_t pd_id = ((sdev->id & 0xFF) << 8) | (lun & 0xFF); |
763 |
- uint8_t cmdbuf[6]; |
764 |
-- SCSIRequest *req; |
765 |
- size_t len, resid; |
766 |
- |
767 |
- if (!cmd->iov_buf) { |
768 |
-@@ -1026,8 +1028,8 @@ static int megasas_pd_get_info_submit(SCSIDevice *sdev, int lun, |
769 |
- info->inquiry_data[0] = 0x7f; /* Force PQual 0x3, PType 0x1f */ |
770 |
- info->vpd_page83[0] = 0x7f; |
771 |
- megasas_setup_inquiry(cmdbuf, 0, sizeof(info->inquiry_data)); |
772 |
-- req = scsi_req_new(sdev, cmd->index, lun, cmdbuf, cmd); |
773 |
-- if (!req) { |
774 |
-+ cmd->req = scsi_req_new(sdev, cmd->index, lun, cmdbuf, cmd); |
775 |
-+ if (!cmd->req) { |
776 |
- trace_megasas_dcmd_req_alloc_failed(cmd->index, |
777 |
- "PD get info std inquiry"); |
778 |
- g_free(cmd->iov_buf); |
779 |
-@@ -1036,26 +1038,26 @@ static int megasas_pd_get_info_submit(SCSIDevice *sdev, int lun, |
780 |
- } |
781 |
- trace_megasas_dcmd_internal_submit(cmd->index, |
782 |
- "PD get info std inquiry", lun); |
783 |
-- len = scsi_req_enqueue(req); |
784 |
-+ len = scsi_req_enqueue(cmd->req); |
785 |
- if (len > 0) { |
786 |
- cmd->iov_size = len; |
787 |
-- scsi_req_continue(req); |
788 |
-+ scsi_req_continue(cmd->req); |
789 |
- } |
790 |
- return MFI_STAT_INVALID_STATUS; |
791 |
- } else if (info->inquiry_data[0] != 0x7f && info->vpd_page83[0] == 0x7f) { |
792 |
- megasas_setup_inquiry(cmdbuf, 0x83, sizeof(info->vpd_page83)); |
793 |
-- req = scsi_req_new(sdev, cmd->index, lun, cmdbuf, cmd); |
794 |
-- if (!req) { |
795 |
-+ cmd->req = scsi_req_new(sdev, cmd->index, lun, cmdbuf, cmd); |
796 |
-+ if (!cmd->req) { |
797 |
- trace_megasas_dcmd_req_alloc_failed(cmd->index, |
798 |
- "PD get info vpd inquiry"); |
799 |
- return MFI_STAT_FLASH_ALLOC_FAIL; |
800 |
- } |
801 |
- trace_megasas_dcmd_internal_submit(cmd->index, |
802 |
- "PD get info vpd inquiry", lun); |
803 |
-- len = scsi_req_enqueue(req); |
804 |
-+ len = scsi_req_enqueue(cmd->req); |
805 |
- if (len > 0) { |
806 |
- cmd->iov_size = len; |
807 |
-- scsi_req_continue(req); |
808 |
-+ scsi_req_continue(cmd->req); |
809 |
- } |
810 |
- return MFI_STAT_INVALID_STATUS; |
811 |
- } |
812 |
-@@ -1217,7 +1219,6 @@ static int megasas_ld_get_info_submit(SCSIDevice *sdev, int lun, |
813 |
- struct mfi_ld_info *info = cmd->iov_buf; |
814 |
- size_t dcmd_size = sizeof(struct mfi_ld_info); |
815 |
- uint8_t cdb[6]; |
816 |
-- SCSIRequest *req; |
817 |
- ssize_t len, resid; |
818 |
- uint16_t sdev_id = ((sdev->id & 0xFF) << 8) | (lun & 0xFF); |
819 |
- uint64_t ld_size; |
820 |
-@@ -1226,8 +1227,8 @@ static int megasas_ld_get_info_submit(SCSIDevice *sdev, int lun, |
821 |
- cmd->iov_buf = g_malloc0(dcmd_size); |
822 |
- info = cmd->iov_buf; |
823 |
- megasas_setup_inquiry(cdb, 0x83, sizeof(info->vpd_page83)); |
824 |
-- req = scsi_req_new(sdev, cmd->index, lun, cdb, cmd); |
825 |
-- if (!req) { |
826 |
-+ cmd->req = scsi_req_new(sdev, cmd->index, lun, cdb, cmd); |
827 |
-+ if (!cmd->req) { |
828 |
- trace_megasas_dcmd_req_alloc_failed(cmd->index, |
829 |
- "LD get info vpd inquiry"); |
830 |
- g_free(cmd->iov_buf); |
831 |
-@@ -1236,10 +1237,10 @@ static int megasas_ld_get_info_submit(SCSIDevice *sdev, int lun, |
832 |
- } |
833 |
- trace_megasas_dcmd_internal_submit(cmd->index, |
834 |
- "LD get info vpd inquiry", lun); |
835 |
-- len = scsi_req_enqueue(req); |
836 |
-+ len = scsi_req_enqueue(cmd->req); |
837 |
- if (len > 0) { |
838 |
- cmd->iov_size = len; |
839 |
-- scsi_req_continue(req); |
840 |
-+ scsi_req_continue(cmd->req); |
841 |
- } |
842 |
- return MFI_STAT_INVALID_STATUS; |
843 |
- } |
844 |
-@@ -1851,7 +1852,7 @@ static void megasas_command_complete(SCSIRequest *req, uint32_t status, |
845 |
- return; |
846 |
- } |
847 |
- |
848 |
-- if (cmd->req == NULL) { |
849 |
-+ if (cmd->dcmd_opcode != -1) { |
850 |
- /* |
851 |
- * Internal command complete |
852 |
- */ |
853 |
|
854 |
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9503-2.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9503-2.patch |
855 |
deleted file mode 100644 |
856 |
index 74725a9..0000000 |
857 |
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9503-2.patch |
858 |
+++ /dev/null |
859 |
@@ -1,114 +0,0 @@ |
860 |
-From 5104fac8539eaf155fc6de93e164be43e1e62242 Mon Sep 17 00:00:00 2001 |
861 |
-From: Paolo Bonzini <pbonzini@××××××.com> |
862 |
-Date: Thu, 1 Jun 2017 17:18:23 +0200 |
863 |
-Subject: [PATCH] megasas: do not read DCMD opcode more than once from frame |
864 |
- |
865 |
-Avoid TOC-TOU bugs by storing the DCMD opcode in the MegasasCmd |
866 |
- |
867 |
-Signed-off-by: Paolo Bonzini <pbonzini@××××××.com> |
868 |
---- |
869 |
- hw/scsi/megasas.c | 25 +++++++++++-------------- |
870 |
- 1 file changed, 11 insertions(+), 14 deletions(-) |
871 |
- |
872 |
-diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c |
873 |
-index c353118882..a3f75c1650 100644 |
874 |
---- a/hw/scsi/megasas.c |
875 |
-+++ b/hw/scsi/megasas.c |
876 |
-@@ -63,6 +63,7 @@ typedef struct MegasasCmd { |
877 |
- |
878 |
- hwaddr pa; |
879 |
- hwaddr pa_size; |
880 |
-+ uint32_t dcmd_opcode; |
881 |
- union mfi_frame *frame; |
882 |
- SCSIRequest *req; |
883 |
- QEMUSGList qsg; |
884 |
-@@ -513,6 +514,7 @@ static MegasasCmd *megasas_enqueue_frame(MegasasState *s, |
885 |
- cmd->context &= (uint64_t)0xFFFFFFFF; |
886 |
- } |
887 |
- cmd->count = count; |
888 |
-+ cmd->dcmd_opcode = -1; |
889 |
- s->busy++; |
890 |
- |
891 |
- if (s->consumer_pa) { |
892 |
-@@ -1562,22 +1564,21 @@ static const struct dcmd_cmd_tbl_t { |
893 |
- |
894 |
- static int megasas_handle_dcmd(MegasasState *s, MegasasCmd *cmd) |
895 |
- { |
896 |
-- int opcode; |
897 |
- int retval = 0; |
898 |
- size_t len; |
899 |
- const struct dcmd_cmd_tbl_t *cmdptr = dcmd_cmd_tbl; |
900 |
- |
901 |
-- opcode = le32_to_cpu(cmd->frame->dcmd.opcode); |
902 |
-- trace_megasas_handle_dcmd(cmd->index, opcode); |
903 |
-+ cmd->dcmd_opcode = le32_to_cpu(cmd->frame->dcmd.opcode); |
904 |
-+ trace_megasas_handle_dcmd(cmd->index, cmd->dcmd_opcode); |
905 |
- if (megasas_map_dcmd(s, cmd) < 0) { |
906 |
- return MFI_STAT_MEMORY_NOT_AVAILABLE; |
907 |
- } |
908 |
-- while (cmdptr->opcode != -1 && cmdptr->opcode != opcode) { |
909 |
-+ while (cmdptr->opcode != -1 && cmdptr->opcode != cmd->dcmd_opcode) { |
910 |
- cmdptr++; |
911 |
- } |
912 |
- len = cmd->iov_size; |
913 |
- if (cmdptr->opcode == -1) { |
914 |
-- trace_megasas_dcmd_unhandled(cmd->index, opcode, len); |
915 |
-+ trace_megasas_dcmd_unhandled(cmd->index, cmd->dcmd_opcode, len); |
916 |
- retval = megasas_dcmd_dummy(s, cmd); |
917 |
- } else { |
918 |
- trace_megasas_dcmd_enter(cmd->index, cmdptr->desc, len); |
919 |
-@@ -1592,13 +1593,11 @@ static int megasas_handle_dcmd(MegasasState *s, MegasasCmd *cmd) |
920 |
- static int megasas_finish_internal_dcmd(MegasasCmd *cmd, |
921 |
- SCSIRequest *req) |
922 |
- { |
923 |
-- int opcode; |
924 |
- int retval = MFI_STAT_OK; |
925 |
- int lun = req->lun; |
926 |
- |
927 |
-- opcode = le32_to_cpu(cmd->frame->dcmd.opcode); |
928 |
-- trace_megasas_dcmd_internal_finish(cmd->index, opcode, lun); |
929 |
-- switch (opcode) { |
930 |
-+ trace_megasas_dcmd_internal_finish(cmd->index, cmd->dcmd_opcode, lun); |
931 |
-+ switch (cmd->dcmd_opcode) { |
932 |
- case MFI_DCMD_PD_GET_INFO: |
933 |
- retval = megasas_pd_get_info_submit(req->dev, lun, cmd); |
934 |
- break; |
935 |
-@@ -1606,7 +1605,7 @@ static int megasas_finish_internal_dcmd(MegasasCmd *cmd, |
936 |
- retval = megasas_ld_get_info_submit(req->dev, lun, cmd); |
937 |
- break; |
938 |
- default: |
939 |
-- trace_megasas_dcmd_internal_invalid(cmd->index, opcode); |
940 |
-+ trace_megasas_dcmd_internal_invalid(cmd->index, cmd->dcmd_opcode); |
941 |
- retval = MFI_STAT_INVALID_DCMD; |
942 |
- break; |
943 |
- } |
944 |
-@@ -1827,7 +1826,6 @@ static void megasas_xfer_complete(SCSIRequest *req, uint32_t len) |
945 |
- { |
946 |
- MegasasCmd *cmd = req->hba_private; |
947 |
- uint8_t *buf; |
948 |
-- uint32_t opcode; |
949 |
- |
950 |
- trace_megasas_io_complete(cmd->index, len); |
951 |
- |
952 |
-@@ -1837,8 +1835,7 @@ static void megasas_xfer_complete(SCSIRequest *req, uint32_t len) |
953 |
- } |
954 |
- |
955 |
- buf = scsi_req_get_buf(req); |
956 |
-- opcode = le32_to_cpu(cmd->frame->dcmd.opcode); |
957 |
-- if (opcode == MFI_DCMD_PD_GET_INFO && cmd->iov_buf) { |
958 |
-+ if (cmd->dcmd_opcode == MFI_DCMD_PD_GET_INFO && cmd->iov_buf) { |
959 |
- struct mfi_pd_info *info = cmd->iov_buf; |
960 |
- |
961 |
- if (info->inquiry_data[0] == 0x7f) { |
962 |
-@@ -1849,7 +1846,7 @@ static void megasas_xfer_complete(SCSIRequest *req, uint32_t len) |
963 |
- memcpy(info->vpd_page83, buf, len); |
964 |
- } |
965 |
- scsi_req_continue(req); |
966 |
-- } else if (opcode == MFI_DCMD_LD_GET_INFO) { |
967 |
-+ } else if (cmd->dcmd_opcode == MFI_DCMD_LD_GET_INFO) { |
968 |
- struct mfi_ld_info *info = cmd->iov_buf; |
969 |
- |
970 |
- if (cmd->iov_buf) { |
971 |
--- |
972 |
-2.13.0 |
973 |
- |
974 |
|
975 |
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9524-1.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9524-1.patch |
976 |
deleted file mode 100644 |
977 |
index 9d77193..0000000 |
978 |
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9524-1.patch |
979 |
+++ /dev/null |
980 |
@@ -1,80 +0,0 @@ |
981 |
-From df8ad9f128c15aa0a0ebc7b24e9a22c9775b67af Mon Sep 17 00:00:00 2001 |
982 |
-From: Eric Blake <eblake@××××××.com> |
983 |
-Date: Fri, 26 May 2017 22:04:21 -0500 |
984 |
-Subject: [PATCH] nbd: Fully initialize client in case of failed negotiation |
985 |
- |
986 |
-If a non-NBD client connects to qemu-nbd, we would end up with |
987 |
-a SIGSEGV in nbd_client_put() because we were trying to |
988 |
-unregister the client's association to the export, even though |
989 |
-we skipped inserting the client into that list. Easy trigger |
990 |
-in two terminals: |
991 |
- |
992 |
-$ qemu-nbd -p 30001 --format=raw file |
993 |
-$ nmap 127.0.0.1 -p 30001 |
994 |
- |
995 |
-nmap claims that it thinks it connected to a pago-services1 |
996 |
-server (which probably means nmap could be updated to learn the |
997 |
-NBD protocol and give a more accurate diagnosis of the open |
998 |
-port - but that's not our problem), then terminates immediately, |
999 |
-so our call to nbd_negotiate() fails. The fix is to reorder |
1000 |
-nbd_co_client_start() to ensure that all initialization occurs |
1001 |
-before we ever try talking to a client in nbd_negotiate(), so |
1002 |
-that the teardown sequence on negotiation failure doesn't fault |
1003 |
-while dereferencing a half-initialized object. |
1004 |
- |
1005 |
-While debugging this, I also noticed that nbd_update_server_watch() |
1006 |
-called by nbd_client_closed() was still adding a channel to accept |
1007 |
-the next client, even when the state was no longer RUNNING. That |
1008 |
-is fixed by making nbd_can_accept() pay attention to the current |
1009 |
-state. |
1010 |
- |
1011 |
-Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1451614 |
1012 |
- |
1013 |
-Signed-off-by: Eric Blake <eblake@××××××.com> |
1014 |
-Message-Id: <20170527030421.28366-1-eblake@××××××.com> |
1015 |
-Signed-off-by: Paolo Bonzini <pbonzini@××××××.com> |
1016 |
---- |
1017 |
- nbd/server.c | 8 +++----- |
1018 |
- qemu-nbd.c | 2 +- |
1019 |
- 2 files changed, 4 insertions(+), 6 deletions(-) |
1020 |
- |
1021 |
-diff --git a/nbd/server.c b/nbd/server.c |
1022 |
-index ee59e5d234..49b55f6ede 100644 |
1023 |
---- a/nbd/server.c |
1024 |
-+++ b/nbd/server.c |
1025 |
-@@ -1358,16 +1358,14 @@ static coroutine_fn void nbd_co_client_start(void *opaque) |
1026 |
- |
1027 |
- if (exp) { |
1028 |
- nbd_export_get(exp); |
1029 |
-+ QTAILQ_INSERT_TAIL(&exp->clients, client, next); |
1030 |
- } |
1031 |
-+ qemu_co_mutex_init(&client->send_lock); |
1032 |
-+ |
1033 |
- if (nbd_negotiate(data)) { |
1034 |
- client_close(client); |
1035 |
- goto out; |
1036 |
- } |
1037 |
-- qemu_co_mutex_init(&client->send_lock); |
1038 |
-- |
1039 |
-- if (exp) { |
1040 |
-- QTAILQ_INSERT_TAIL(&exp->clients, client, next); |
1041 |
-- } |
1042 |
- |
1043 |
- nbd_client_receive_next_request(client); |
1044 |
- |
1045 |
-diff --git a/qemu-nbd.c b/qemu-nbd.c |
1046 |
-index f60842fd86..651f85ecc1 100644 |
1047 |
---- a/qemu-nbd.c |
1048 |
-+++ b/qemu-nbd.c |
1049 |
-@@ -325,7 +325,7 @@ out: |
1050 |
- |
1051 |
- static int nbd_can_accept(void) |
1052 |
- { |
1053 |
-- return nb_fds < shared; |
1054 |
-+ return state == RUNNING && nb_fds < shared; |
1055 |
- } |
1056 |
- |
1057 |
- static void nbd_export_closed(NBDExport *exp) |
1058 |
--- |
1059 |
-2.13.0 |
1060 |
- |
1061 |
|
1062 |
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9524-2.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9524-2.patch |
1063 |
deleted file mode 100644 |
1064 |
index e6934b3..0000000 |
1065 |
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9524-2.patch |
1066 |
+++ /dev/null |
1067 |
@@ -1,197 +0,0 @@ |
1068 |
-From 0c9390d978cbf61e8f16c9f580fa96b305c43568 Mon Sep 17 00:00:00 2001 |
1069 |
-From: Eric Blake <eblake@××××××.com> |
1070 |
-Date: Thu, 8 Jun 2017 17:26:17 -0500 |
1071 |
-Subject: [PATCH] nbd: Fix regression on resiliency to port scan |
1072 |
- |
1073 |
-Back in qemu 2.5, qemu-nbd was immune to port probes (a transient |
1074 |
-server would not quit, regardless of how many probe connections |
1075 |
-came and went, until a connection actually negotiated). But we |
1076 |
-broke that in commit ee7d7aa when removing the return value to |
1077 |
-nbd_client_new(), although that patch also introduced a bug causing |
1078 |
-an assertion failure on a client that fails negotiation. We then |
1079 |
-made it worse during refactoring in commit 1a6245a (a segfault |
1080 |
-before we could even assert); the (masked) assertion was cleaned |
1081 |
-up in d3780c2 (still in 2.6), and just recently we finally fixed |
1082 |
-the segfault ("nbd: Fully intialize client in case of failed |
1083 |
-negotiation"). But that still means that ever since we added |
1084 |
-TLS support to qemu-nbd, we have been vulnerable to an ill-timed |
1085 |
-port-scan being able to cause a denial of service by taking down |
1086 |
-qemu-nbd before a real client has a chance to connect. |
1087 |
- |
1088 |
-Since negotiation is now handled asynchronously via coroutines, |
1089 |
-we no longer have a synchronous point of return by re-adding a |
1090 |
-return value to nbd_client_new(). So this patch instead wires |
1091 |
-things up to pass the negotiation status through the close_fn |
1092 |
-callback function. |
1093 |
- |
1094 |
-Simple test across two terminals: |
1095 |
-$ qemu-nbd -f raw -p 30001 file |
1096 |
-$ nmap 127.0.0.1 -p 30001 && \ |
1097 |
- qemu-io -c 'r 0 512' -f raw nbd://localhost:30001 |
1098 |
- |
1099 |
-Note that this patch does not change what constitutes successful |
1100 |
-negotiation (thus, a client must enter transmission phase before |
1101 |
-that client can be considered as a reason to terminate the server |
1102 |
-when the connection ends). Perhaps we may want to tweak things |
1103 |
-in a later patch to also treat a client that uses NBD_OPT_ABORT |
1104 |
-as being a 'successful' negotiation (the client correctly talked |
1105 |
-the NBD protocol, and informed us it was not going to use our |
1106 |
-export after all), but that's a discussion for another day. |
1107 |
- |
1108 |
-Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1451614 |
1109 |
- |
1110 |
-Signed-off-by: Eric Blake <eblake@××××××.com> |
1111 |
-Message-Id: <20170608222617.20376-1-eblake@××××××.com> |
1112 |
-Signed-off-by: Paolo Bonzini <pbonzini@××××××.com> |
1113 |
---- |
1114 |
- blockdev-nbd.c | 6 +++++- |
1115 |
- include/block/nbd.h | 2 +- |
1116 |
- nbd/server.c | 24 +++++++++++++++--------- |
1117 |
- qemu-nbd.c | 4 ++-- |
1118 |
- 4 files changed, 23 insertions(+), 13 deletions(-) |
1119 |
- |
1120 |
-diff --git a/blockdev-nbd.c b/blockdev-nbd.c |
1121 |
-index dd0860f4a6..28f551a7b0 100644 |
1122 |
---- a/blockdev-nbd.c |
1123 |
-+++ b/blockdev-nbd.c |
1124 |
-@@ -27,6 +27,10 @@ typedef struct NBDServerData { |
1125 |
- |
1126 |
- static NBDServerData *nbd_server; |
1127 |
- |
1128 |
-+static void nbd_blockdev_client_closed(NBDClient *client, bool ignored) |
1129 |
-+{ |
1130 |
-+ nbd_client_put(client); |
1131 |
-+} |
1132 |
- |
1133 |
- static gboolean nbd_accept(QIOChannel *ioc, GIOCondition condition, |
1134 |
- gpointer opaque) |
1135 |
-@@ -46,7 +50,7 @@ static gboolean nbd_accept(QIOChannel *ioc, GIOCondition condition, |
1136 |
- qio_channel_set_name(QIO_CHANNEL(cioc), "nbd-server"); |
1137 |
- nbd_client_new(NULL, cioc, |
1138 |
- nbd_server->tlscreds, NULL, |
1139 |
-- nbd_client_put); |
1140 |
-+ nbd_blockdev_client_closed); |
1141 |
- object_unref(OBJECT(cioc)); |
1142 |
- return TRUE; |
1143 |
- } |
1144 |
-diff --git a/include/block/nbd.h b/include/block/nbd.h |
1145 |
-index 416257abca..8fa5ce51f3 100644 |
1146 |
---- a/include/block/nbd.h |
1147 |
-+++ b/include/block/nbd.h |
1148 |
-@@ -162,7 +162,7 @@ void nbd_client_new(NBDExport *exp, |
1149 |
- QIOChannelSocket *sioc, |
1150 |
- QCryptoTLSCreds *tlscreds, |
1151 |
- const char *tlsaclname, |
1152 |
-- void (*close)(NBDClient *)); |
1153 |
-+ void (*close_fn)(NBDClient *, bool)); |
1154 |
- void nbd_client_get(NBDClient *client); |
1155 |
- void nbd_client_put(NBDClient *client); |
1156 |
- |
1157 |
-diff --git a/nbd/server.c b/nbd/server.c |
1158 |
-index 49b55f6ede..f2b1aa47ce 100644 |
1159 |
---- a/nbd/server.c |
1160 |
-+++ b/nbd/server.c |
1161 |
-@@ -81,7 +81,7 @@ static QTAILQ_HEAD(, NBDExport) exports = QTAILQ_HEAD_INITIALIZER(exports); |
1162 |
- |
1163 |
- struct NBDClient { |
1164 |
- int refcount; |
1165 |
-- void (*close)(NBDClient *client); |
1166 |
-+ void (*close_fn)(NBDClient *client, bool negotiated); |
1167 |
- |
1168 |
- bool no_zeroes; |
1169 |
- NBDExport *exp; |
1170 |
-@@ -778,7 +778,7 @@ void nbd_client_put(NBDClient *client) |
1171 |
- } |
1172 |
- } |
1173 |
- |
1174 |
--static void client_close(NBDClient *client) |
1175 |
-+static void client_close(NBDClient *client, bool negotiated) |
1176 |
- { |
1177 |
- if (client->closing) { |
1178 |
- return; |
1179 |
-@@ -793,8 +793,8 @@ static void client_close(NBDClient *client) |
1180 |
- NULL); |
1181 |
- |
1182 |
- /* Also tell the client, so that they release their reference. */ |
1183 |
-- if (client->close) { |
1184 |
-- client->close(client); |
1185 |
-+ if (client->close_fn) { |
1186 |
-+ client->close_fn(client, negotiated); |
1187 |
- } |
1188 |
- } |
1189 |
- |
1190 |
-@@ -975,7 +975,7 @@ void nbd_export_close(NBDExport *exp) |
1191 |
- |
1192 |
- nbd_export_get(exp); |
1193 |
- QTAILQ_FOREACH_SAFE(client, &exp->clients, next, next) { |
1194 |
-- client_close(client); |
1195 |
-+ client_close(client, true); |
1196 |
- } |
1197 |
- nbd_export_set_name(exp, NULL); |
1198 |
- nbd_export_set_description(exp, NULL); |
1199 |
-@@ -1337,7 +1337,7 @@ done: |
1200 |
- |
1201 |
- out: |
1202 |
- nbd_request_put(req); |
1203 |
-- client_close(client); |
1204 |
-+ client_close(client, true); |
1205 |
- nbd_client_put(client); |
1206 |
- } |
1207 |
- |
1208 |
-@@ -1363,7 +1363,7 @@ static coroutine_fn void nbd_co_client_start(void *opaque) |
1209 |
- qemu_co_mutex_init(&client->send_lock); |
1210 |
- |
1211 |
- if (nbd_negotiate(data)) { |
1212 |
-- client_close(client); |
1213 |
-+ client_close(client, false); |
1214 |
- goto out; |
1215 |
- } |
1216 |
- |
1217 |
-@@ -1373,11 +1373,17 @@ out: |
1218 |
- g_free(data); |
1219 |
- } |
1220 |
- |
1221 |
-+/* |
1222 |
-+ * Create a new client listener on the given export @exp, using the |
1223 |
-+ * given channel @sioc. Begin servicing it in a coroutine. When the |
1224 |
-+ * connection closes, call @close_fn with an indication of whether the |
1225 |
-+ * client completed negotiation. |
1226 |
-+ */ |
1227 |
- void nbd_client_new(NBDExport *exp, |
1228 |
- QIOChannelSocket *sioc, |
1229 |
- QCryptoTLSCreds *tlscreds, |
1230 |
- const char *tlsaclname, |
1231 |
-- void (*close_fn)(NBDClient *)) |
1232 |
-+ void (*close_fn)(NBDClient *, bool)) |
1233 |
- { |
1234 |
- NBDClient *client; |
1235 |
- NBDClientNewData *data = g_new(NBDClientNewData, 1); |
1236 |
-@@ -1394,7 +1400,7 @@ void nbd_client_new(NBDExport *exp, |
1237 |
- object_ref(OBJECT(client->sioc)); |
1238 |
- client->ioc = QIO_CHANNEL(sioc); |
1239 |
- object_ref(OBJECT(client->ioc)); |
1240 |
-- client->close = close_fn; |
1241 |
-+ client->close_fn = close_fn; |
1242 |
- |
1243 |
- data->client = client; |
1244 |
- data->co = qemu_coroutine_create(nbd_co_client_start, data); |
1245 |
-diff --git a/qemu-nbd.c b/qemu-nbd.c |
1246 |
-index 651f85ecc1..9464a0461c 100644 |
1247 |
---- a/qemu-nbd.c |
1248 |
-+++ b/qemu-nbd.c |
1249 |
-@@ -336,10 +336,10 @@ static void nbd_export_closed(NBDExport *exp) |
1250 |
- |
1251 |
- static void nbd_update_server_watch(void); |
1252 |
- |
1253 |
--static void nbd_client_closed(NBDClient *client) |
1254 |
-+static void nbd_client_closed(NBDClient *client, bool negotiated) |
1255 |
- { |
1256 |
- nb_fds--; |
1257 |
-- if (nb_fds == 0 && !persistent && state == RUNNING) { |
1258 |
-+ if (negotiated && nb_fds == 0 && !persistent && state == RUNNING) { |
1259 |
- state = TERMINATE; |
1260 |
- } |
1261 |
- nbd_update_server_watch(); |
1262 |
--- |
1263 |
-2.13.0 |
1264 |
- |
1265 |
|
1266 |
diff --git a/app-emulation/qemu/qemu-2.10.0-r1.ebuild b/app-emulation/qemu/qemu-2.10.1.ebuild |
1267 |
similarity index 97% |
1268 |
rename from app-emulation/qemu/qemu-2.10.0-r1.ebuild |
1269 |
rename to app-emulation/qemu/qemu-2.10.1.ebuild |
1270 |
index e7343e3..b448f20 100644 |
1271 |
--- a/app-emulation/qemu/qemu-2.10.0-r1.ebuild |
1272 |
+++ b/app-emulation/qemu/qemu-2.10.1.ebuild |
1273 |
@@ -19,7 +19,7 @@ if [[ ${PV} = *9999* ]]; then |
1274 |
SRC_URI="" |
1275 |
else |
1276 |
SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2" |
1277 |
- KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd" |
1278 |
+ KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd" |
1279 |
fi |
1280 |
|
1281 |
DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools" |
1282 |
@@ -164,6 +164,14 @@ X86_FIRMWARE_DEPEND=" |
1283 |
>=sys-firmware/seabios-1.10.2[seavgabios] |
1284 |
sys-firmware/sgabios |
1285 |
)" |
1286 |
+PPC64_FIRMWARE_DEPEND=" |
1287 |
+ pin-upstream-blobs? ( |
1288 |
+ ~sys-firmware/seabios-1.10.2[binary,seavgabios] |
1289 |
+ ) |
1290 |
+ !pin-upstream-blobs? ( |
1291 |
+ >=sys-firmware/seabios-1.10.2[seavgabios] |
1292 |
+ ) |
1293 |
+" |
1294 |
|
1295 |
CDEPEND=" |
1296 |
!static? ( |
1297 |
@@ -171,7 +179,9 @@ CDEPEND=" |
1298 |
${SOFTMMU_TOOLS_DEPEND//\[static-libs(+)]} |
1299 |
) |
1300 |
qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} ) |
1301 |
- qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )" |
1302 |
+ qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} ) |
1303 |
+ qemu_softmmu_targets_ppc64? ( ${PPC64_FIRMWARE_DEPEND} ) |
1304 |
+" |
1305 |
DEPEND="${CDEPEND} |
1306 |
dev-lang/perl |
1307 |
=dev-lang/python-2* |
1308 |
@@ -200,7 +210,8 @@ PATCHES=( |
1309 |
# gentoo patches |
1310 |
"${FILESDIR}"/${PN}-2.5.0-cflags.patch |
1311 |
"${FILESDIR}"/${PN}-2.5.0-sysmacros.patch |
1312 |
- "${FILESDIR}"/${PN}-2.10.0-CVE-2017-13711.patch # bug 629350 |
1313 |
+ "${FILESDIR}"/${PN}-2.10.1-CVE-2017-15268.patch |
1314 |
+ "${FILESDIR}"/${PN}-2.10.1-CVE-2017-15289.patch |
1315 |
) |
1316 |
|
1317 |
STRIP_MASK="/usr/share/qemu/palcode-clipper" |
1318 |
@@ -704,7 +715,8 @@ src_install() { |
1319 |
rm "${ED}/usr/share/qemu/vgabios-stdvga.bin" |
1320 |
rm "${ED}/usr/share/qemu/vgabios-virtio.bin" |
1321 |
rm "${ED}/usr/share/qemu/vgabios-vmware.bin" |
1322 |
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then |
1323 |
+ # PPC64 loads vgabios-stdvga |
1324 |
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386 || use qemu_softmmu_targets_ppc64; then |
1325 |
dosym ../seavgabios/vgabios-isavga.bin /usr/share/qemu/vgabios.bin |
1326 |
dosym ../seavgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin |
1327 |
dosym ../seavgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin |
1328 |
|
1329 |
diff --git a/app-emulation/qemu/qemu-2.9.0-r56.ebuild b/app-emulation/qemu/qemu-2.9.0-r56.ebuild |
1330 |
deleted file mode 100644 |
1331 |
index 256a811..0000000 |
1332 |
--- a/app-emulation/qemu/qemu-2.9.0-r56.ebuild |
1333 |
+++ /dev/null |
1334 |
@@ -1,799 +0,0 @@ |
1335 |
-# Copyright 1999-2017 Gentoo Foundation |
1336 |
-# Distributed under the terms of the GNU General Public License v2 |
1337 |
- |
1338 |
-EAPI="6" |
1339 |
- |
1340 |
-PYTHON_COMPAT=( python2_7 ) |
1341 |
-PYTHON_REQ_USE="ncurses,readline" |
1342 |
- |
1343 |
-PLOCALES="bg de_DE fr_FR hu it tr zh_CN" |
1344 |
- |
1345 |
-FIRMWARE_ABI_VERSION="2.9.0-r52" |
1346 |
- |
1347 |
-inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \ |
1348 |
- user udev fcaps readme.gentoo-r1 pax-utils l10n |
1349 |
- |
1350 |
-if [[ ${PV} = *9999* ]]; then |
1351 |
- EGIT_REPO_URI="git://git.qemu.org/qemu.git" |
1352 |
- inherit git-r3 |
1353 |
- SRC_URI="" |
1354 |
-else |
1355 |
- SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2" |
1356 |
- KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd" |
1357 |
-fi |
1358 |
- |
1359 |
-DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools" |
1360 |
-HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org" |
1361 |
- |
1362 |
-LICENSE="GPL-2 LGPL-2 BSD-2" |
1363 |
-SLOT="0" |
1364 |
-IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt |
1365 |
- glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux |
1366 |
- kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png |
1367 |
- pulseaudio python rbd sasl +seccomp sdl sdl2 selinux smartcard snappy |
1368 |
- spice ssh static static-user systemtap tci test usb usbredir vde |
1369 |
- +vhost-net virgl virtfs +vnc vte xattr xen xfs" |
1370 |
- |
1371 |
-COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel |
1372 |
- mips mips64 mips64el mipsel nios2 or1k ppc ppc64 s390x sh4 sh4eb sparc |
1373 |
- sparc64 x86_64" |
1374 |
-IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS} |
1375 |
- lm32 moxie ppcemb tricore unicore32 xtensa xtensaeb" |
1376 |
-IUSE_USER_TARGETS="${COMMON_TARGETS} |
1377 |
- armeb hppa mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx" |
1378 |
- |
1379 |
-use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS}) |
1380 |
-use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS}) |
1381 |
-IUSE+=" ${use_softmmu_targets} ${use_user_targets}" |
1382 |
- |
1383 |
-# Allow no targets to be built so that people can get a tools-only build. |
1384 |
-# Block USE flag configurations known to not work. |
1385 |
-REQUIRED_USE="${PYTHON_REQUIRED_USE} |
1386 |
- gtk2? ( gtk ) |
1387 |
- qemu_softmmu_targets_arm? ( fdt ) |
1388 |
- qemu_softmmu_targets_microblaze? ( fdt ) |
1389 |
- qemu_softmmu_targets_mips64el? ( fdt ) |
1390 |
- qemu_softmmu_targets_ppc? ( fdt ) |
1391 |
- qemu_softmmu_targets_ppc64? ( fdt ) |
1392 |
- sdl2? ( sdl ) |
1393 |
- static? ( static-user !alsa !bluetooth !gtk !gtk2 !opengl !pulseaudio ) |
1394 |
- virtfs? ( xattr ) |
1395 |
- vte? ( gtk )" |
1396 |
- |
1397 |
-# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...) |
1398 |
-# and user/softmmu targets (qemu-*, qemu-system-*). |
1399 |
-# |
1400 |
-# Yep, you need both libcap and libcap-ng since virtfs only uses libcap. |
1401 |
-# |
1402 |
-# The attr lib isn't always linked in (although the USE flag is always |
1403 |
-# respected). This is because qemu supports using the C library's API |
1404 |
-# when available rather than always using the extranl library. |
1405 |
-ALL_DEPEND=" |
1406 |
- >=dev-libs/glib-2.0[static-libs(+)] |
1407 |
- sys-libs/zlib[static-libs(+)] |
1408 |
- python? ( ${PYTHON_DEPS} ) |
1409 |
- systemtap? ( dev-util/systemtap ) |
1410 |
- xattr? ( sys-apps/attr[static-libs(+)] )" |
1411 |
- |
1412 |
-# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...) |
1413 |
-# softmmu targets (qemu-system-*). |
1414 |
-SOFTMMU_TOOLS_DEPEND=" |
1415 |
- >=x11-libs/pixman-0.28.0[static-libs(+)] |
1416 |
- accessibility? ( |
1417 |
- app-accessibility/brltty[api] |
1418 |
- app-accessibility/brltty[static-libs(+)] |
1419 |
- ) |
1420 |
- aio? ( dev-libs/libaio[static-libs(+)] ) |
1421 |
- alsa? ( >=media-libs/alsa-lib-1.0.13 ) |
1422 |
- bluetooth? ( net-wireless/bluez ) |
1423 |
- bzip2? ( app-arch/bzip2[static-libs(+)] ) |
1424 |
- caps? ( sys-libs/libcap-ng[static-libs(+)] ) |
1425 |
- curl? ( >=net-misc/curl-7.15.4[static-libs(+)] ) |
1426 |
- fdt? ( >=sys-apps/dtc-1.4.0[static-libs(+)] ) |
1427 |
- glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] ) |
1428 |
- gnutls? ( |
1429 |
- dev-libs/nettle:=[static-libs(+)] |
1430 |
- >=net-libs/gnutls-3.0:=[static-libs(+)] |
1431 |
- ) |
1432 |
- gtk? ( |
1433 |
- gtk2? ( |
1434 |
- x11-libs/gtk+:2 |
1435 |
- vte? ( x11-libs/vte:0 ) |
1436 |
- ) |
1437 |
- !gtk2? ( |
1438 |
- x11-libs/gtk+:3 |
1439 |
- vte? ( x11-libs/vte:2.91 ) |
1440 |
- ) |
1441 |
- ) |
1442 |
- infiniband? ( sys-fabric/librdmacm:=[static-libs(+)] ) |
1443 |
- iscsi? ( net-libs/libiscsi ) |
1444 |
- jpeg? ( virtual/jpeg:0=[static-libs(+)] ) |
1445 |
- lzo? ( dev-libs/lzo:2[static-libs(+)] ) |
1446 |
- ncurses? ( |
1447 |
- sys-libs/ncurses:0=[unicode] |
1448 |
- sys-libs/ncurses:0=[static-libs(+)] |
1449 |
- ) |
1450 |
- nfs? ( >=net-fs/libnfs-1.9.3[static-libs(+)] ) |
1451 |
- numa? ( sys-process/numactl[static-libs(+)] ) |
1452 |
- opengl? ( |
1453 |
- virtual/opengl |
1454 |
- media-libs/libepoxy[static-libs(+)] |
1455 |
- media-libs/mesa[static-libs(+)] |
1456 |
- media-libs/mesa[egl,gbm] |
1457 |
- ) |
1458 |
- png? ( media-libs/libpng:0=[static-libs(+)] ) |
1459 |
- pulseaudio? ( media-sound/pulseaudio ) |
1460 |
- rbd? ( sys-cluster/ceph[static-libs(+)] ) |
1461 |
- sasl? ( dev-libs/cyrus-sasl[static-libs(+)] ) |
1462 |
- sdl? ( |
1463 |
- !sdl2? ( |
1464 |
- media-libs/libsdl[X] |
1465 |
- >=media-libs/libsdl-1.2.11[static-libs(+)] |
1466 |
- ) |
1467 |
- sdl2? ( |
1468 |
- media-libs/libsdl2[X] |
1469 |
- media-libs/libsdl2[static-libs(+)] |
1470 |
- ) |
1471 |
- ) |
1472 |
- seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] ) |
1473 |
- smartcard? ( >=app-emulation/libcacard-2.5.0[static-libs(+)] ) |
1474 |
- snappy? ( app-arch/snappy:=[static-libs(+)] ) |
1475 |
- spice? ( |
1476 |
- >=app-emulation/spice-protocol-0.12.3 |
1477 |
- >=app-emulation/spice-0.12.0[static-libs(+)] |
1478 |
- ) |
1479 |
- ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] ) |
1480 |
- usb? ( >=virtual/libusb-1-r2[static-libs(+)] ) |
1481 |
- usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] ) |
1482 |
- vde? ( net-misc/vde[static-libs(+)] ) |
1483 |
- virgl? ( media-libs/virglrenderer[static-libs(+)] ) |
1484 |
- virtfs? ( sys-libs/libcap ) |
1485 |
- xen? ( app-emulation/xen-tools:= ) |
1486 |
- xfs? ( sys-fs/xfsprogs[static-libs(+)] )" |
1487 |
- |
1488 |
-X86_FIRMWARE_DEPEND=" |
1489 |
- pin-upstream-blobs? ( |
1490 |
- ~sys-firmware/edk2-ovmf-2017_pre20170505[binary] |
1491 |
- ~sys-firmware/ipxe-1.0.0_p20160620 |
1492 |
- ~sys-firmware/seabios-1.10.2[binary,seavgabios] |
1493 |
- ~sys-firmware/sgabios-0.1_pre8 |
1494 |
- ) |
1495 |
- !pin-upstream-blobs? ( |
1496 |
- sys-firmware/edk2-ovmf |
1497 |
- sys-firmware/ipxe |
1498 |
- >=sys-firmware/seabios-1.10.2[seavgabios] |
1499 |
- sys-firmware/sgabios |
1500 |
- )" |
1501 |
- |
1502 |
-CDEPEND=" |
1503 |
- !static? ( |
1504 |
- ${ALL_DEPEND//\[static-libs(+)]} |
1505 |
- ${SOFTMMU_TOOLS_DEPEND//\[static-libs(+)]} |
1506 |
- ) |
1507 |
- qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} ) |
1508 |
- qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )" |
1509 |
-DEPEND="${CDEPEND} |
1510 |
- dev-lang/perl |
1511 |
- =dev-lang/python-2* |
1512 |
- sys-apps/texinfo |
1513 |
- virtual/pkgconfig |
1514 |
- kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 ) |
1515 |
- gtk? ( nls? ( sys-devel/gettext ) ) |
1516 |
- static? ( |
1517 |
- ${ALL_DEPEND} |
1518 |
- ${SOFTMMU_TOOLS_DEPEND} |
1519 |
- ) |
1520 |
- static-user? ( ${ALL_DEPEND} ) |
1521 |
- test? ( |
1522 |
- dev-libs/glib[utils] |
1523 |
- sys-devel/bc |
1524 |
- )" |
1525 |
-RDEPEND="${CDEPEND} |
1526 |
- selinux? ( sec-policy/selinux-qemu )" |
1527 |
- |
1528 |
-PATCHES=( |
1529 |
- # musl patches |
1530 |
- "${FILESDIR}"/${PN}-2.8.0-F_SHLCK-and-F_EXLCK.patch |
1531 |
- "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch |
1532 |
- "${FILESDIR}"/${PN}-2.2.0-_sigev_un.patch |
1533 |
- |
1534 |
- # gentoo patches |
1535 |
- "${FILESDIR}"/${PN}-2.5.0-cflags.patch |
1536 |
- "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch |
1537 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8309.patch # bug 616870 |
1538 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8379.patch # bug 616872 |
1539 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8380.patch # bug 616874 |
1540 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8112.patch # bug 616636 |
1541 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-7493.patch # bug 618808 |
1542 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-11434.patch # bug 625614 |
1543 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-11334.patch # bug 621292 |
1544 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-9524-1.patch # bug 621292 |
1545 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-9524-2.patch |
1546 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-9503-1.patch # bug 621184 |
1547 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-9503-2.patch |
1548 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-10664.patch # bug 623016 |
1549 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-10806.patch # bug 624088 |
1550 |
-) |
1551 |
- |
1552 |
-STRIP_MASK="/usr/share/qemu/palcode-clipper" |
1553 |
- |
1554 |
-QA_PREBUILT=" |
1555 |
- usr/share/qemu/openbios-ppc |
1556 |
- usr/share/qemu/openbios-sparc64 |
1557 |
- usr/share/qemu/openbios-sparc32 |
1558 |
- usr/share/qemu/palcode-clipper |
1559 |
- usr/share/qemu/s390-ccw.img |
1560 |
- usr/share/qemu/u-boot.e500" |
1561 |
- |
1562 |
-QA_WX_LOAD="usr/bin/qemu-i386 |
1563 |
- usr/bin/qemu-x86_64 |
1564 |
- usr/bin/qemu-alpha |
1565 |
- usr/bin/qemu-arm |
1566 |
- usr/bin/qemu-cris |
1567 |
- usr/bin/qemu-m68k |
1568 |
- usr/bin/qemu-microblaze |
1569 |
- usr/bin/qemu-microblazeel |
1570 |
- usr/bin/qemu-mips |
1571 |
- usr/bin/qemu-mipsel |
1572 |
- usr/bin/qemu-or1k |
1573 |
- usr/bin/qemu-ppc |
1574 |
- usr/bin/qemu-ppc64 |
1575 |
- usr/bin/qemu-ppc64abi32 |
1576 |
- usr/bin/qemu-sh4 |
1577 |
- usr/bin/qemu-sh4eb |
1578 |
- usr/bin/qemu-sparc |
1579 |
- usr/bin/qemu-sparc64 |
1580 |
- usr/bin/qemu-armeb |
1581 |
- usr/bin/qemu-sparc32plus |
1582 |
- usr/bin/qemu-s390x |
1583 |
- usr/bin/qemu-unicore32" |
1584 |
- |
1585 |
-DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure you have the |
1586 |
-kernel module loaded before running kvm. The easiest way to ensure that the |
1587 |
-kernel module is loaded is to load it on boot. |
1588 |
- For AMD CPUs the module is called 'kvm-amd'. |
1589 |
- For Intel CPUs the module is called 'kvm-intel'. |
1590 |
-Please review /etc/conf.d/modules for how to load these. |
1591 |
- |
1592 |
-Make sure your user is in the 'kvm' group. Just run |
1593 |
- $ gpasswd -a <USER> kvm |
1594 |
-then have <USER> re-login. |
1595 |
- |
1596 |
-For brand new installs, the default permissions on /dev/kvm might not let |
1597 |
-you access it. You can tell udev to reset ownership/perms: |
1598 |
- $ udevadm trigger -c add /dev/kvm |
1599 |
- |
1600 |
-If you want to register binfmt handlers for qemu user targets: |
1601 |
-For openrc: |
1602 |
- # rc-update add qemu-binfmt |
1603 |
-For systemd: |
1604 |
- # ln -s /usr/share/qemu/binfmt.d/qemu.conf /etc/binfmt.d/qemu.conf" |
1605 |
- |
1606 |
-pkg_pretend() { |
1607 |
- if use kernel_linux && kernel_is lt 2 6 25; then |
1608 |
- eerror "This version of KVM requres a host kernel of 2.6.25 or higher." |
1609 |
- elif use kernel_linux; then |
1610 |
- if ! linux_config_exists; then |
1611 |
- eerror "Unable to check your kernel for KVM support" |
1612 |
- else |
1613 |
- CONFIG_CHECK="~KVM ~TUN ~BRIDGE" |
1614 |
- ERROR_KVM="You must enable KVM in your kernel to continue" |
1615 |
- ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in" |
1616 |
- ERROR_KVM_AMD+=" your kernel configuration." |
1617 |
- ERROR_KVM_INTEL="If you have an Intel CPU, you must enable" |
1618 |
- ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration." |
1619 |
- ERROR_TUN="You will need the Universal TUN/TAP driver compiled" |
1620 |
- ERROR_TUN+=" into your kernel or loaded as a module to use the" |
1621 |
- ERROR_TUN+=" virtual network device if using -net tap." |
1622 |
- ERROR_BRIDGE="You will also need support for 802.1d" |
1623 |
- ERROR_BRIDGE+=" Ethernet Bridging for some network configurations." |
1624 |
- use vhost-net && CONFIG_CHECK+=" ~VHOST_NET" |
1625 |
- ERROR_VHOST_NET="You must enable VHOST_NET to have vhost-net" |
1626 |
- ERROR_VHOST_NET+=" support" |
1627 |
- |
1628 |
- if use amd64 || use x86 || use amd64-linux || use x86-linux; then |
1629 |
- CONFIG_CHECK+=" ~KVM_AMD ~KVM_INTEL" |
1630 |
- fi |
1631 |
- |
1632 |
- use python && CONFIG_CHECK+=" ~DEBUG_FS" |
1633 |
- ERROR_DEBUG_FS="debugFS support required for kvm_stat" |
1634 |
- |
1635 |
- # Now do the actual checks setup above |
1636 |
- check_extra_config |
1637 |
- fi |
1638 |
- fi |
1639 |
- |
1640 |
- if grep -qs '/usr/bin/qemu-kvm' "${EROOT}"/etc/libvirt/qemu/*.xml; then |
1641 |
- eerror "The kvm/qemu-kvm wrappers no longer exist, but your libvirt" |
1642 |
- eerror "instances are still pointing to it. Please update your" |
1643 |
- eerror "configs in /etc/libvirt/qemu/ to use the -enable-kvm flag" |
1644 |
- eerror "and the right system binary (e.g. qemu-system-x86_64)." |
1645 |
- die "update your virt configs to not use qemu-kvm" |
1646 |
- fi |
1647 |
-} |
1648 |
- |
1649 |
-pkg_setup() { |
1650 |
- enewgroup kvm 78 |
1651 |
-} |
1652 |
- |
1653 |
-# Sanity check to make sure target lists are kept up-to-date. |
1654 |
-check_targets() { |
1655 |
- local var=$1 mak=$2 |
1656 |
- local detected sorted |
1657 |
- |
1658 |
- pushd "${S}"/default-configs >/dev/null || die |
1659 |
- |
1660 |
- # Force C locale until glibc is updated. #564936 |
1661 |
- detected=$(echo $(printf '%s\n' *-${mak}.mak | sed "s:-${mak}.mak::" | LC_COLLATE=C sort -u)) |
1662 |
- sorted=$(echo $(printf '%s\n' ${!var} | LC_COLLATE=C sort -u)) |
1663 |
- if [[ ${sorted} != "${detected}" ]] ; then |
1664 |
- eerror "The ebuild needs to be kept in sync." |
1665 |
- eerror "${var}: ${sorted}" |
1666 |
- eerror "$(printf '%-*s' ${#var} configure): ${detected}" |
1667 |
- die "sync ${var} to the list of targets" |
1668 |
- fi |
1669 |
- |
1670 |
- popd >/dev/null |
1671 |
-} |
1672 |
- |
1673 |
-handle_locales() { |
1674 |
- # Make sure locale list is kept up-to-date. |
1675 |
- local detected sorted |
1676 |
- detected=$(echo $(cd po && printf '%s\n' *.po | grep -v messages.po | sed 's:.po$::' | sort -u)) |
1677 |
- sorted=$(echo $(printf '%s\n' ${PLOCALES} | sort -u)) |
1678 |
- if [[ ${sorted} != "${detected}" ]] ; then |
1679 |
- eerror "The ebuild needs to be kept in sync." |
1680 |
- eerror "PLOCALES: ${sorted}" |
1681 |
- eerror " po/*.po: ${detected}" |
1682 |
- die "sync PLOCALES" |
1683 |
- fi |
1684 |
- |
1685 |
- # Deal with selective install of locales. |
1686 |
- if use nls ; then |
1687 |
- # Delete locales the user does not want. #577814 |
1688 |
- rm_loc() { rm po/$1.po || die; } |
1689 |
- l10n_for_each_disabled_locale_do rm_loc |
1690 |
- else |
1691 |
- # Cheap hack to disable gettext .mo generation. |
1692 |
- rm -f po/*.po |
1693 |
- fi |
1694 |
-} |
1695 |
- |
1696 |
-src_prepare() { |
1697 |
- check_targets IUSE_SOFTMMU_TARGETS softmmu |
1698 |
- check_targets IUSE_USER_TARGETS linux-user |
1699 |
- |
1700 |
- # Alter target makefiles to accept CFLAGS set via flag-o |
1701 |
- sed -i -r \ |
1702 |
- -e 's/^(C|OP_C|HELPER_C)FLAGS=/\1FLAGS+=/' \ |
1703 |
- Makefile Makefile.target || die |
1704 |
- |
1705 |
- default |
1706 |
- |
1707 |
- # Fix ld and objcopy being called directly |
1708 |
- tc-export AR LD OBJCOPY |
1709 |
- |
1710 |
- # Verbose builds |
1711 |
- MAKEOPTS+=" V=1" |
1712 |
- |
1713 |
- # Run after we've applied all patches. |
1714 |
- handle_locales |
1715 |
-} |
1716 |
- |
1717 |
-## |
1718 |
-# configures qemu based on the build directory and the build type |
1719 |
-# we are using. |
1720 |
-# |
1721 |
-qemu_src_configure() { |
1722 |
- debug-print-function ${FUNCNAME} "$@" |
1723 |
- |
1724 |
- local buildtype=$1 |
1725 |
- local builddir="${S}/${buildtype}-build" |
1726 |
- |
1727 |
- mkdir "${builddir}" |
1728 |
- |
1729 |
- local conf_opts=( |
1730 |
- --prefix=/usr |
1731 |
- --sysconfdir=/etc |
1732 |
- --libdir=/usr/$(get_libdir) |
1733 |
- --docdir=/usr/share/doc/${PF}/html |
1734 |
- --disable-bsd-user |
1735 |
- --disable-guest-agent |
1736 |
- --disable-strip |
1737 |
- --disable-werror |
1738 |
- # We support gnutls/nettle for crypto operations. It is possible |
1739 |
- # to use gcrypt when gnutls/nettle are disabled (but not when they |
1740 |
- # are enabled), but it's not really worth the hassle. Disable it |
1741 |
- # all the time to avoid automatically detecting it. #568856 |
1742 |
- --disable-gcrypt |
1743 |
- --python="${PYTHON}" |
1744 |
- --cc="$(tc-getCC)" |
1745 |
- --cxx="$(tc-getCXX)" |
1746 |
- --host-cc="$(tc-getBUILD_CC)" |
1747 |
- $(use_enable debug debug-info) |
1748 |
- $(use_enable debug debug-tcg) |
1749 |
- --enable-docs |
1750 |
- $(use_enable tci tcg-interpreter) |
1751 |
- $(use_enable xattr attr) |
1752 |
- ) |
1753 |
- |
1754 |
- # Disable options not used by user targets. This simplifies building |
1755 |
- # static user targets (USE=static-user) considerably. |
1756 |
- conf_notuser() { |
1757 |
- if [[ ${buildtype} == "user" ]] ; then |
1758 |
- echo "--disable-${2:-$1}" |
1759 |
- else |
1760 |
- use_enable "$@" |
1761 |
- fi |
1762 |
- } |
1763 |
- conf_opts+=( |
1764 |
- $(conf_notuser accessibility brlapi) |
1765 |
- $(conf_notuser aio linux-aio) |
1766 |
- $(conf_notuser bzip2) |
1767 |
- $(conf_notuser bluetooth bluez) |
1768 |
- $(conf_notuser caps cap-ng) |
1769 |
- $(conf_notuser curl) |
1770 |
- $(conf_notuser fdt) |
1771 |
- $(conf_notuser glusterfs) |
1772 |
- $(conf_notuser gnutls) |
1773 |
- $(conf_notuser gnutls nettle) |
1774 |
- $(conf_notuser gtk) |
1775 |
- $(conf_notuser infiniband rdma) |
1776 |
- $(conf_notuser iscsi libiscsi) |
1777 |
- $(conf_notuser jpeg vnc-jpeg) |
1778 |
- $(conf_notuser kernel_linux kvm) |
1779 |
- $(conf_notuser lzo) |
1780 |
- $(conf_notuser ncurses curses) |
1781 |
- $(conf_notuser nfs libnfs) |
1782 |
- $(conf_notuser numa) |
1783 |
- $(conf_notuser opengl) |
1784 |
- $(conf_notuser png vnc-png) |
1785 |
- $(conf_notuser rbd) |
1786 |
- $(conf_notuser sasl vnc-sasl) |
1787 |
- $(conf_notuser sdl) |
1788 |
- $(conf_notuser seccomp) |
1789 |
- $(conf_notuser smartcard) |
1790 |
- $(conf_notuser snappy) |
1791 |
- $(conf_notuser spice) |
1792 |
- $(conf_notuser ssh libssh2) |
1793 |
- $(conf_notuser usb libusb) |
1794 |
- $(conf_notuser usbredir usb-redir) |
1795 |
- $(conf_notuser vde) |
1796 |
- $(conf_notuser vhost-net) |
1797 |
- $(conf_notuser virgl virglrenderer) |
1798 |
- $(conf_notuser virtfs) |
1799 |
- $(conf_notuser vnc) |
1800 |
- $(conf_notuser vte) |
1801 |
- $(conf_notuser xen) |
1802 |
- $(conf_notuser xen xen-pci-passthrough) |
1803 |
- $(conf_notuser xfs xfsctl) |
1804 |
- ) |
1805 |
- |
1806 |
- if [[ ! ${buildtype} == "user" ]] ; then |
1807 |
- # audio options |
1808 |
- local audio_opts="oss" |
1809 |
- use alsa && audio_opts="alsa,${audio_opts}" |
1810 |
- use sdl && audio_opts="sdl,${audio_opts}" |
1811 |
- use pulseaudio && audio_opts="pa,${audio_opts}" |
1812 |
- conf_opts+=( |
1813 |
- --audio-drv-list="${audio_opts}" |
1814 |
- ) |
1815 |
- use gtk && conf_opts+=( --with-gtkabi=$(usex gtk2 2.0 3.0) ) |
1816 |
- use sdl && conf_opts+=( --with-sdlabi=$(usex sdl2 2.0 1.2) ) |
1817 |
- fi |
1818 |
- |
1819 |
- case ${buildtype} in |
1820 |
- user) |
1821 |
- conf_opts+=( |
1822 |
- --enable-linux-user |
1823 |
- --disable-system |
1824 |
- --disable-blobs |
1825 |
- --disable-tools |
1826 |
- ) |
1827 |
- local static_flag="static-user" |
1828 |
- ;; |
1829 |
- softmmu) |
1830 |
- conf_opts+=( |
1831 |
- --disable-linux-user |
1832 |
- --enable-system |
1833 |
- --disable-tools |
1834 |
- --with-system-pixman |
1835 |
- ) |
1836 |
- local static_flag="static" |
1837 |
- ;; |
1838 |
- tools) |
1839 |
- conf_opts+=( |
1840 |
- --disable-linux-user |
1841 |
- --disable-system |
1842 |
- --disable-blobs |
1843 |
- --enable-tools |
1844 |
- ) |
1845 |
- local static_flag="static" |
1846 |
- ;; |
1847 |
- esac |
1848 |
- |
1849 |
- local targets="${buildtype}_targets" |
1850 |
- [[ -n ${targets} ]] && conf_opts+=( --target-list="${!targets}" ) |
1851 |
- |
1852 |
- # Add support for SystemTAP |
1853 |
- use systemtap && conf_opts+=( --enable-trace-backend=dtrace ) |
1854 |
- |
1855 |
- # We always want to attempt to build with PIE support as it results |
1856 |
- # in a more secure binary. But it doesn't work with static or if |
1857 |
- # the current GCC doesn't have PIE support. |
1858 |
- if use ${static_flag}; then |
1859 |
- conf_opts+=( --static --disable-pie ) |
1860 |
- else |
1861 |
- tc-enables-pie && conf_opts+=( --enable-pie ) |
1862 |
- fi |
1863 |
- |
1864 |
- echo "../configure ${conf_opts[*]}" |
1865 |
- cd "${builddir}" |
1866 |
- ../configure "${conf_opts[@]}" || die "configure failed" |
1867 |
- |
1868 |
- # FreeBSD's kernel does not support QEMU assigning/grabbing |
1869 |
- # host USB devices yet |
1870 |
- use kernel_FreeBSD && \ |
1871 |
- sed -i -E -e "s|^(HOST_USB=)bsd|\1stub|" "${S}"/config-host.mak |
1872 |
-} |
1873 |
- |
1874 |
-src_configure() { |
1875 |
- local target |
1876 |
- |
1877 |
- python_setup |
1878 |
- |
1879 |
- softmmu_targets= softmmu_bins=() |
1880 |
- user_targets= user_bins=() |
1881 |
- |
1882 |
- for target in ${IUSE_SOFTMMU_TARGETS} ; do |
1883 |
- if use "qemu_softmmu_targets_${target}"; then |
1884 |
- softmmu_targets+=",${target}-softmmu" |
1885 |
- softmmu_bins+=( "qemu-system-${target}" ) |
1886 |
- fi |
1887 |
- done |
1888 |
- |
1889 |
- for target in ${IUSE_USER_TARGETS} ; do |
1890 |
- if use "qemu_user_targets_${target}"; then |
1891 |
- user_targets+=",${target}-linux-user" |
1892 |
- user_bins+=( "qemu-${target}" ) |
1893 |
- fi |
1894 |
- done |
1895 |
- |
1896 |
- softmmu_targets=${softmmu_targets#,} |
1897 |
- user_targets=${user_targets#,} |
1898 |
- |
1899 |
- [[ -n ${softmmu_targets} ]] && qemu_src_configure "softmmu" |
1900 |
- [[ -n ${user_targets} ]] && qemu_src_configure "user" |
1901 |
- qemu_src_configure "tools" |
1902 |
-} |
1903 |
- |
1904 |
-src_compile() { |
1905 |
- if [[ -n ${user_targets} ]]; then |
1906 |
- cd "${S}/user-build" |
1907 |
- default |
1908 |
- fi |
1909 |
- |
1910 |
- if [[ -n ${softmmu_targets} ]]; then |
1911 |
- cd "${S}/softmmu-build" |
1912 |
- default |
1913 |
- fi |
1914 |
- |
1915 |
- cd "${S}/tools-build" |
1916 |
- default |
1917 |
-} |
1918 |
- |
1919 |
-src_test() { |
1920 |
- if [[ -n ${softmmu_targets} ]]; then |
1921 |
- cd "${S}/softmmu-build" |
1922 |
- pax-mark m */qemu-system-* #515550 |
1923 |
- emake -j1 check |
1924 |
- emake -j1 check-report.html |
1925 |
- fi |
1926 |
-} |
1927 |
- |
1928 |
-qemu_python_install() { |
1929 |
- python_domodule "${S}/scripts/qmp/qmp.py" |
1930 |
- |
1931 |
- python_doscript "${S}/scripts/kvm/vmxcap" |
1932 |
- python_doscript "${S}/scripts/qmp/qmp-shell" |
1933 |
- python_doscript "${S}/scripts/qmp/qemu-ga-client" |
1934 |
-} |
1935 |
- |
1936 |
-# Generate binfmt support files. |
1937 |
-# - /etc/init.d/qemu-binfmt script which registers the user handlers (openrc) |
1938 |
-# - /usr/share/qemu/binfmt.d/qemu.conf (for use with systemd-binfmt) |
1939 |
-generate_initd() { |
1940 |
- local out="${T}/qemu-binfmt" |
1941 |
- local out_systemd="${T}/qemu.conf" |
1942 |
- local d="${T}/binfmt.d" |
1943 |
- |
1944 |
- einfo "Generating qemu binfmt scripts and configuration files" |
1945 |
- |
1946 |
- # Generate the debian fragments first. |
1947 |
- mkdir -p "${d}" |
1948 |
- "${S}"/scripts/qemu-binfmt-conf.sh \ |
1949 |
- --debian \ |
1950 |
- --exportdir "${d}" \ |
1951 |
- --qemu-path "${EPREFIX}/usr/bin" \ |
1952 |
- || die |
1953 |
- # Then turn the fragments into a shell script we can source. |
1954 |
- sed -E -i \ |
1955 |
- -e 's:^([^ ]+) (.*)$:\1="\2":' \ |
1956 |
- "${d}"/* || die |
1957 |
- |
1958 |
- # Generate the init.d script by assembling the fragments from above. |
1959 |
- local f qcpu package interpreter magic mask |
1960 |
- cat "${FILESDIR}"/qemu-binfmt.initd.head >"${out}" || die |
1961 |
- for f in "${d}"/qemu-* ; do |
1962 |
- source "${f}" |
1963 |
- |
1964 |
- # Normalize the cpu logic like we do in the init.d for the native cpu. |
1965 |
- qcpu=${package#qemu-} |
1966 |
- case ${qcpu} in |
1967 |
- arm*) qcpu="arm";; |
1968 |
- mips*) qcpu="mips";; |
1969 |
- ppc*) qcpu="ppc";; |
1970 |
- s390*) qcpu="s390";; |
1971 |
- sh*) qcpu="sh";; |
1972 |
- sparc*) qcpu="sparc";; |
1973 |
- esac |
1974 |
- |
1975 |
- cat <<EOF >>"${out}" |
1976 |
- if [ "\${cpu}" != "${qcpu}" -a -x "${interpreter}" ] ; then |
1977 |
- echo ':${package}:M::${magic}:${mask}:${interpreter}:'"\${QEMU_BINFMT_FLAGS}" >/proc/sys/fs/binfmt_misc/register |
1978 |
- fi |
1979 |
-EOF |
1980 |
- |
1981 |
- echo ":${package}:M::${magic}:${mask}:${interpreter}:OC" >>"${out_systemd}" |
1982 |
- |
1983 |
- done |
1984 |
- cat "${FILESDIR}"/qemu-binfmt.initd.tail >>"${out}" || die |
1985 |
-} |
1986 |
- |
1987 |
-src_install() { |
1988 |
- if [[ -n ${user_targets} ]]; then |
1989 |
- cd "${S}/user-build" |
1990 |
- emake DESTDIR="${ED}" install |
1991 |
- |
1992 |
- # Install binfmt handler init script for user targets. |
1993 |
- generate_initd |
1994 |
- doinitd "${T}/qemu-binfmt" |
1995 |
- |
1996 |
- # Install binfmt/qemu.conf. |
1997 |
- insinto "/usr/share/qemu/binfmt.d" |
1998 |
- doins "${T}/qemu.conf" |
1999 |
- fi |
2000 |
- |
2001 |
- if [[ -n ${softmmu_targets} ]]; then |
2002 |
- cd "${S}/softmmu-build" |
2003 |
- emake DESTDIR="${ED}" install |
2004 |
- |
2005 |
- # This might not exist if the test failed. #512010 |
2006 |
- [[ -e check-report.html ]] && dohtml check-report.html |
2007 |
- |
2008 |
- if use kernel_linux; then |
2009 |
- udev_newrules "${FILESDIR}"/65-kvm.rules-r1 65-kvm.rules |
2010 |
- fi |
2011 |
- |
2012 |
- if use python; then |
2013 |
- python_foreach_impl qemu_python_install |
2014 |
- fi |
2015 |
- fi |
2016 |
- |
2017 |
- cd "${S}/tools-build" |
2018 |
- emake DESTDIR="${ED}" install |
2019 |
- |
2020 |
- # Disable mprotect on the qemu binaries as they use JITs to be fast #459348 |
2021 |
- pushd "${ED}"/usr/bin >/dev/null |
2022 |
- pax-mark mr "${softmmu_bins[@]}" "${user_bins[@]}" # bug 575594 |
2023 |
- popd >/dev/null |
2024 |
- |
2025 |
- # Install config file example for qemu-bridge-helper |
2026 |
- insinto "/etc/qemu" |
2027 |
- doins "${FILESDIR}/bridge.conf" |
2028 |
- |
2029 |
- cd "${S}" |
2030 |
- dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt |
2031 |
- newdoc pc-bios/README README.pc-bios |
2032 |
- dodoc docs/qmp-*.txt |
2033 |
- |
2034 |
- if [[ -n ${softmmu_targets} ]]; then |
2035 |
- # Remove SeaBIOS since we're using the SeaBIOS packaged one |
2036 |
- rm "${ED}/usr/share/qemu/bios.bin" |
2037 |
- rm "${ED}/usr/share/qemu/bios-256k.bin" |
2038 |
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then |
2039 |
- dosym ../seabios/bios.bin /usr/share/qemu/bios.bin |
2040 |
- dosym ../seabios/bios-256k.bin /usr/share/qemu/bios-256k.bin |
2041 |
- fi |
2042 |
- |
2043 |
- # Remove vgabios since we're using the seavgabios packaged one |
2044 |
- rm "${ED}/usr/share/qemu/vgabios.bin" |
2045 |
- rm "${ED}/usr/share/qemu/vgabios-cirrus.bin" |
2046 |
- rm "${ED}/usr/share/qemu/vgabios-qxl.bin" |
2047 |
- rm "${ED}/usr/share/qemu/vgabios-stdvga.bin" |
2048 |
- rm "${ED}/usr/share/qemu/vgabios-virtio.bin" |
2049 |
- rm "${ED}/usr/share/qemu/vgabios-vmware.bin" |
2050 |
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then |
2051 |
- dosym ../seavgabios/vgabios-isavga.bin /usr/share/qemu/vgabios.bin |
2052 |
- dosym ../seavgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin |
2053 |
- dosym ../seavgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin |
2054 |
- dosym ../seavgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin |
2055 |
- dosym ../seavgabios/vgabios-virtio.bin /usr/share/qemu/vgabios-virtio.bin |
2056 |
- dosym ../seavgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin |
2057 |
- fi |
2058 |
- |
2059 |
- # Remove sgabios since we're using the sgabios packaged one |
2060 |
- rm "${ED}/usr/share/qemu/sgabios.bin" |
2061 |
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then |
2062 |
- dosym ../sgabios/sgabios.bin /usr/share/qemu/sgabios.bin |
2063 |
- fi |
2064 |
- |
2065 |
- # Remove iPXE since we're using the iPXE packaged one |
2066 |
- rm "${ED}"/usr/share/qemu/pxe-*.rom |
2067 |
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then |
2068 |
- dosym ../ipxe/8086100e.rom /usr/share/qemu/pxe-e1000.rom |
2069 |
- dosym ../ipxe/80861209.rom /usr/share/qemu/pxe-eepro100.rom |
2070 |
- dosym ../ipxe/10500940.rom /usr/share/qemu/pxe-ne2k_pci.rom |
2071 |
- dosym ../ipxe/10222000.rom /usr/share/qemu/pxe-pcnet.rom |
2072 |
- dosym ../ipxe/10ec8139.rom /usr/share/qemu/pxe-rtl8139.rom |
2073 |
- dosym ../ipxe/1af41000.rom /usr/share/qemu/pxe-virtio.rom |
2074 |
- fi |
2075 |
- fi |
2076 |
- |
2077 |
- DISABLE_AUTOFORMATTING=true |
2078 |
- readme.gentoo_create_doc |
2079 |
-} |
2080 |
- |
2081 |
-firmware_abi_change() { |
2082 |
- local pv |
2083 |
- for pv in ${REPLACING_VERSIONS}; do |
2084 |
- if ! version_is_at_least ${FIRMWARE_ABI_VERSION} ${pv}; then |
2085 |
- return 0 |
2086 |
- fi |
2087 |
- done |
2088 |
- return 1 |
2089 |
-} |
2090 |
- |
2091 |
-pkg_postinst() { |
2092 |
- if [[ -n ${softmmu_targets} ]] && use kernel_linux; then |
2093 |
- udev_reload |
2094 |
- fi |
2095 |
- |
2096 |
- fcaps cap_net_admin /usr/libexec/qemu-bridge-helper |
2097 |
- |
2098 |
- DISABLE_AUTOFORMATTING=true |
2099 |
- readme.gentoo_print_elog |
2100 |
- |
2101 |
- if use pin-upstream-blobs && firmware_abi_change; then |
2102 |
- ewarn "This version of qemu pins new versions of firmware blobs:" |
2103 |
- ewarn " $(best_version sys-firmware/edk2-ovmf)" |
2104 |
- ewarn " $(best_version sys-firmware/ipxe)" |
2105 |
- ewarn " $(best_version sys-firmware/seabios)" |
2106 |
- ewarn " $(best_version sys-firmware/sgabios)" |
2107 |
- ewarn "This might break resume of hibernated guests (started with a different" |
2108 |
- ewarn "firmware version) and live migration to/from qemu versions with different" |
2109 |
- ewarn "firmware. Please (cold) restart all running guests. For functional" |
2110 |
- ewarn "guest migration ensure that all" |
2111 |
- ewarn "hosts run at least" |
2112 |
- ewarn " app-emulation/qemu-${FIRMWARE_ABI_VERSION}." |
2113 |
- fi |
2114 |
-} |
2115 |
- |
2116 |
-pkg_info() { |
2117 |
- echo "Using:" |
2118 |
- echo " $(best_version app-emulation/spice-protocol)" |
2119 |
- echo " $(best_version sys-firmware/edk2-ovmf)" |
2120 |
- if has_version 'sys-firmware/edk2-ovmf[binary]'; then |
2121 |
- echo " USE=binary" |
2122 |
- else |
2123 |
- echo " USE=''" |
2124 |
- fi |
2125 |
- echo " $(best_version sys-firmware/ipxe)" |
2126 |
- echo " $(best_version sys-firmware/seabios)" |
2127 |
- if has_version 'sys-firmware/seabios[binary]'; then |
2128 |
- echo " USE=binary" |
2129 |
- else |
2130 |
- echo " USE=''" |
2131 |
- fi |
2132 |
- echo " $(best_version sys-firmware/sgabios)" |
2133 |
-} |
2134 |
|
2135 |
diff --git a/app-emulation/qemu/qemu-2.9.0-r57.ebuild b/app-emulation/qemu/qemu-2.9.0-r57.ebuild |
2136 |
deleted file mode 100644 |
2137 |
index ffe6437..0000000 |
2138 |
--- a/app-emulation/qemu/qemu-2.9.0-r57.ebuild |
2139 |
+++ /dev/null |
2140 |
@@ -1,802 +0,0 @@ |
2141 |
-# Copyright 1999-2017 Gentoo Foundation |
2142 |
-# Distributed under the terms of the GNU General Public License v2 |
2143 |
- |
2144 |
-EAPI="6" |
2145 |
- |
2146 |
-PYTHON_COMPAT=( python2_7 ) |
2147 |
-PYTHON_REQ_USE="ncurses,readline" |
2148 |
- |
2149 |
-PLOCALES="bg de_DE fr_FR hu it tr zh_CN" |
2150 |
- |
2151 |
-FIRMWARE_ABI_VERSION="2.9.0-r52" |
2152 |
- |
2153 |
-inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \ |
2154 |
- user udev fcaps readme.gentoo-r1 pax-utils l10n |
2155 |
- |
2156 |
-if [[ ${PV} = *9999* ]]; then |
2157 |
- EGIT_REPO_URI="git://git.qemu.org/qemu.git" |
2158 |
- inherit git-r3 |
2159 |
- SRC_URI="" |
2160 |
-else |
2161 |
- SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2" |
2162 |
- KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd" |
2163 |
-fi |
2164 |
- |
2165 |
-DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools" |
2166 |
-HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org" |
2167 |
- |
2168 |
-LICENSE="GPL-2 LGPL-2 BSD-2" |
2169 |
-SLOT="0" |
2170 |
-IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt |
2171 |
- glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux |
2172 |
- kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png |
2173 |
- pulseaudio python rbd sasl +seccomp sdl sdl2 selinux smartcard snappy |
2174 |
- spice ssh static static-user systemtap tci test usb usbredir vde |
2175 |
- +vhost-net virgl virtfs +vnc vte xattr xen xfs" |
2176 |
- |
2177 |
-COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel |
2178 |
- mips mips64 mips64el mipsel nios2 or1k ppc ppc64 s390x sh4 sh4eb sparc |
2179 |
- sparc64 x86_64" |
2180 |
-IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS} |
2181 |
- lm32 moxie ppcemb tricore unicore32 xtensa xtensaeb" |
2182 |
-IUSE_USER_TARGETS="${COMMON_TARGETS} |
2183 |
- armeb hppa mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx" |
2184 |
- |
2185 |
-use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS}) |
2186 |
-use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS}) |
2187 |
-IUSE+=" ${use_softmmu_targets} ${use_user_targets}" |
2188 |
- |
2189 |
-# Allow no targets to be built so that people can get a tools-only build. |
2190 |
-# Block USE flag configurations known to not work. |
2191 |
-REQUIRED_USE="${PYTHON_REQUIRED_USE} |
2192 |
- gtk2? ( gtk ) |
2193 |
- qemu_softmmu_targets_arm? ( fdt ) |
2194 |
- qemu_softmmu_targets_microblaze? ( fdt ) |
2195 |
- qemu_softmmu_targets_mips64el? ( fdt ) |
2196 |
- qemu_softmmu_targets_ppc? ( fdt ) |
2197 |
- qemu_softmmu_targets_ppc64? ( fdt ) |
2198 |
- sdl2? ( sdl ) |
2199 |
- static? ( static-user !alsa !bluetooth !gtk !gtk2 !opengl !pulseaudio ) |
2200 |
- virtfs? ( xattr ) |
2201 |
- vte? ( gtk )" |
2202 |
- |
2203 |
-# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...) |
2204 |
-# and user/softmmu targets (qemu-*, qemu-system-*). |
2205 |
-# |
2206 |
-# Yep, you need both libcap and libcap-ng since virtfs only uses libcap. |
2207 |
-# |
2208 |
-# The attr lib isn't always linked in (although the USE flag is always |
2209 |
-# respected). This is because qemu supports using the C library's API |
2210 |
-# when available rather than always using the extranl library. |
2211 |
-ALL_DEPEND=" |
2212 |
- >=dev-libs/glib-2.0[static-libs(+)] |
2213 |
- sys-libs/zlib[static-libs(+)] |
2214 |
- python? ( ${PYTHON_DEPS} ) |
2215 |
- systemtap? ( dev-util/systemtap ) |
2216 |
- xattr? ( sys-apps/attr[static-libs(+)] )" |
2217 |
- |
2218 |
-# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...) |
2219 |
-# softmmu targets (qemu-system-*). |
2220 |
-SOFTMMU_TOOLS_DEPEND=" |
2221 |
- >=x11-libs/pixman-0.28.0[static-libs(+)] |
2222 |
- accessibility? ( |
2223 |
- app-accessibility/brltty[api] |
2224 |
- app-accessibility/brltty[static-libs(+)] |
2225 |
- ) |
2226 |
- aio? ( dev-libs/libaio[static-libs(+)] ) |
2227 |
- alsa? ( >=media-libs/alsa-lib-1.0.13 ) |
2228 |
- bluetooth? ( net-wireless/bluez ) |
2229 |
- bzip2? ( app-arch/bzip2[static-libs(+)] ) |
2230 |
- caps? ( sys-libs/libcap-ng[static-libs(+)] ) |
2231 |
- curl? ( >=net-misc/curl-7.15.4[static-libs(+)] ) |
2232 |
- fdt? ( >=sys-apps/dtc-1.4.2[static-libs(+)] ) |
2233 |
- glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] ) |
2234 |
- gnutls? ( |
2235 |
- dev-libs/nettle:=[static-libs(+)] |
2236 |
- >=net-libs/gnutls-3.0:=[static-libs(+)] |
2237 |
- ) |
2238 |
- gtk? ( |
2239 |
- gtk2? ( |
2240 |
- x11-libs/gtk+:2 |
2241 |
- vte? ( x11-libs/vte:0 ) |
2242 |
- ) |
2243 |
- !gtk2? ( |
2244 |
- x11-libs/gtk+:3 |
2245 |
- vte? ( x11-libs/vte:2.91 ) |
2246 |
- ) |
2247 |
- ) |
2248 |
- infiniband? ( sys-fabric/librdmacm:=[static-libs(+)] ) |
2249 |
- iscsi? ( net-libs/libiscsi ) |
2250 |
- jpeg? ( virtual/jpeg:0=[static-libs(+)] ) |
2251 |
- lzo? ( dev-libs/lzo:2[static-libs(+)] ) |
2252 |
- ncurses? ( |
2253 |
- sys-libs/ncurses:0=[unicode] |
2254 |
- sys-libs/ncurses:0=[static-libs(+)] |
2255 |
- ) |
2256 |
- nfs? ( >=net-fs/libnfs-1.9.3[static-libs(+)] ) |
2257 |
- numa? ( sys-process/numactl[static-libs(+)] ) |
2258 |
- opengl? ( |
2259 |
- virtual/opengl |
2260 |
- media-libs/libepoxy[static-libs(+)] |
2261 |
- media-libs/mesa[static-libs(+)] |
2262 |
- media-libs/mesa[egl,gbm] |
2263 |
- ) |
2264 |
- png? ( media-libs/libpng:0=[static-libs(+)] ) |
2265 |
- pulseaudio? ( media-sound/pulseaudio ) |
2266 |
- rbd? ( sys-cluster/ceph[static-libs(+)] ) |
2267 |
- sasl? ( dev-libs/cyrus-sasl[static-libs(+)] ) |
2268 |
- sdl? ( |
2269 |
- !sdl2? ( |
2270 |
- media-libs/libsdl[X] |
2271 |
- >=media-libs/libsdl-1.2.11[static-libs(+)] |
2272 |
- ) |
2273 |
- sdl2? ( |
2274 |
- media-libs/libsdl2[X] |
2275 |
- media-libs/libsdl2[static-libs(+)] |
2276 |
- ) |
2277 |
- ) |
2278 |
- seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] ) |
2279 |
- smartcard? ( >=app-emulation/libcacard-2.5.0[static-libs(+)] ) |
2280 |
- snappy? ( app-arch/snappy:=[static-libs(+)] ) |
2281 |
- spice? ( |
2282 |
- >=app-emulation/spice-protocol-0.12.3 |
2283 |
- >=app-emulation/spice-0.12.0[static-libs(+)] |
2284 |
- ) |
2285 |
- ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] ) |
2286 |
- usb? ( >=virtual/libusb-1-r2[static-libs(+)] ) |
2287 |
- usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] ) |
2288 |
- vde? ( net-misc/vde[static-libs(+)] ) |
2289 |
- virgl? ( media-libs/virglrenderer[static-libs(+)] ) |
2290 |
- virtfs? ( sys-libs/libcap ) |
2291 |
- xen? ( app-emulation/xen-tools:= ) |
2292 |
- xfs? ( sys-fs/xfsprogs[static-libs(+)] )" |
2293 |
- |
2294 |
-X86_FIRMWARE_DEPEND=" |
2295 |
- pin-upstream-blobs? ( |
2296 |
- ~sys-firmware/edk2-ovmf-2017_pre20170505[binary] |
2297 |
- ~sys-firmware/ipxe-1.0.0_p20160620 |
2298 |
- ~sys-firmware/seabios-1.10.2[binary,seavgabios] |
2299 |
- ~sys-firmware/sgabios-0.1_pre8 |
2300 |
- ) |
2301 |
- !pin-upstream-blobs? ( |
2302 |
- sys-firmware/edk2-ovmf |
2303 |
- sys-firmware/ipxe |
2304 |
- >=sys-firmware/seabios-1.10.2[seavgabios] |
2305 |
- sys-firmware/sgabios |
2306 |
- )" |
2307 |
- |
2308 |
-CDEPEND=" |
2309 |
- !static? ( |
2310 |
- ${ALL_DEPEND//\[static-libs(+)]} |
2311 |
- ${SOFTMMU_TOOLS_DEPEND//\[static-libs(+)]} |
2312 |
- ) |
2313 |
- qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} ) |
2314 |
- qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )" |
2315 |
-DEPEND="${CDEPEND} |
2316 |
- dev-lang/perl |
2317 |
- =dev-lang/python-2* |
2318 |
- sys-apps/texinfo |
2319 |
- virtual/pkgconfig |
2320 |
- kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 ) |
2321 |
- gtk? ( nls? ( sys-devel/gettext ) ) |
2322 |
- static? ( |
2323 |
- ${ALL_DEPEND} |
2324 |
- ${SOFTMMU_TOOLS_DEPEND} |
2325 |
- ) |
2326 |
- static-user? ( ${ALL_DEPEND} ) |
2327 |
- test? ( |
2328 |
- dev-libs/glib[utils] |
2329 |
- sys-devel/bc |
2330 |
- )" |
2331 |
-RDEPEND="${CDEPEND} |
2332 |
- selinux? ( sec-policy/selinux-qemu )" |
2333 |
- |
2334 |
-PATCHES=( |
2335 |
- # musl patches |
2336 |
- "${FILESDIR}"/${PN}-2.8.0-F_SHLCK-and-F_EXLCK.patch |
2337 |
- "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch |
2338 |
- "${FILESDIR}"/${PN}-2.2.0-_sigev_un.patch |
2339 |
- |
2340 |
- # gentoo patches |
2341 |
- "${FILESDIR}"/${PN}-2.5.0-cflags.patch |
2342 |
- "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch |
2343 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8309.patch # bug 616870 |
2344 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8379.patch # bug 616872 |
2345 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8380.patch # bug 616874 |
2346 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8112.patch # bug 616636 |
2347 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-7493.patch # bug 618808 |
2348 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-11434.patch # bug 625614 |
2349 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-11334.patch # bug 621292 |
2350 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-9524-1.patch # bug 621292 |
2351 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-9524-2.patch |
2352 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-9503-1.patch # bug 621184 |
2353 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-9503-2.patch |
2354 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-10664.patch # bug 623016 |
2355 |
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-10806.patch # bug 624088 |
2356 |
-) |
2357 |
- |
2358 |
-STRIP_MASK="/usr/share/qemu/palcode-clipper" |
2359 |
- |
2360 |
-QA_PREBUILT=" |
2361 |
- usr/share/qemu/openbios-ppc |
2362 |
- usr/share/qemu/openbios-sparc64 |
2363 |
- usr/share/qemu/openbios-sparc32 |
2364 |
- usr/share/qemu/palcode-clipper |
2365 |
- usr/share/qemu/s390-ccw.img |
2366 |
- usr/share/qemu/u-boot.e500" |
2367 |
- |
2368 |
-QA_WX_LOAD="usr/bin/qemu-i386 |
2369 |
- usr/bin/qemu-x86_64 |
2370 |
- usr/bin/qemu-alpha |
2371 |
- usr/bin/qemu-arm |
2372 |
- usr/bin/qemu-cris |
2373 |
- usr/bin/qemu-m68k |
2374 |
- usr/bin/qemu-microblaze |
2375 |
- usr/bin/qemu-microblazeel |
2376 |
- usr/bin/qemu-mips |
2377 |
- usr/bin/qemu-mipsel |
2378 |
- usr/bin/qemu-or1k |
2379 |
- usr/bin/qemu-ppc |
2380 |
- usr/bin/qemu-ppc64 |
2381 |
- usr/bin/qemu-ppc64abi32 |
2382 |
- usr/bin/qemu-sh4 |
2383 |
- usr/bin/qemu-sh4eb |
2384 |
- usr/bin/qemu-sparc |
2385 |
- usr/bin/qemu-sparc64 |
2386 |
- usr/bin/qemu-armeb |
2387 |
- usr/bin/qemu-sparc32plus |
2388 |
- usr/bin/qemu-s390x |
2389 |
- usr/bin/qemu-unicore32" |
2390 |
- |
2391 |
-DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure you have the |
2392 |
-kernel module loaded before running kvm. The easiest way to ensure that the |
2393 |
-kernel module is loaded is to load it on boot. |
2394 |
- For AMD CPUs the module is called 'kvm-amd'. |
2395 |
- For Intel CPUs the module is called 'kvm-intel'. |
2396 |
-Please review /etc/conf.d/modules for how to load these. |
2397 |
- |
2398 |
-Make sure your user is in the 'kvm' group. Just run |
2399 |
- $ gpasswd -a <USER> kvm |
2400 |
-then have <USER> re-login. |
2401 |
- |
2402 |
-For brand new installs, the default permissions on /dev/kvm might not let |
2403 |
-you access it. You can tell udev to reset ownership/perms: |
2404 |
- $ udevadm trigger -c add /dev/kvm |
2405 |
- |
2406 |
-If you want to register binfmt handlers for qemu user targets: |
2407 |
-For openrc: |
2408 |
- # rc-update add qemu-binfmt |
2409 |
-For systemd: |
2410 |
- # ln -s /usr/share/qemu/binfmt.d/qemu.conf /etc/binfmt.d/qemu.conf" |
2411 |
- |
2412 |
-pkg_pretend() { |
2413 |
- if use kernel_linux && kernel_is lt 2 6 25; then |
2414 |
- eerror "This version of KVM requres a host kernel of 2.6.25 or higher." |
2415 |
- elif use kernel_linux; then |
2416 |
- if ! linux_config_exists; then |
2417 |
- eerror "Unable to check your kernel for KVM support" |
2418 |
- else |
2419 |
- CONFIG_CHECK="~KVM ~TUN ~BRIDGE" |
2420 |
- ERROR_KVM="You must enable KVM in your kernel to continue" |
2421 |
- ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in" |
2422 |
- ERROR_KVM_AMD+=" your kernel configuration." |
2423 |
- ERROR_KVM_INTEL="If you have an Intel CPU, you must enable" |
2424 |
- ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration." |
2425 |
- ERROR_TUN="You will need the Universal TUN/TAP driver compiled" |
2426 |
- ERROR_TUN+=" into your kernel or loaded as a module to use the" |
2427 |
- ERROR_TUN+=" virtual network device if using -net tap." |
2428 |
- ERROR_BRIDGE="You will also need support for 802.1d" |
2429 |
- ERROR_BRIDGE+=" Ethernet Bridging for some network configurations." |
2430 |
- use vhost-net && CONFIG_CHECK+=" ~VHOST_NET" |
2431 |
- ERROR_VHOST_NET="You must enable VHOST_NET to have vhost-net" |
2432 |
- ERROR_VHOST_NET+=" support" |
2433 |
- |
2434 |
- if use amd64 || use x86 || use amd64-linux || use x86-linux; then |
2435 |
- CONFIG_CHECK+=" ~KVM_AMD ~KVM_INTEL" |
2436 |
- fi |
2437 |
- |
2438 |
- use python && CONFIG_CHECK+=" ~DEBUG_FS" |
2439 |
- ERROR_DEBUG_FS="debugFS support required for kvm_stat" |
2440 |
- |
2441 |
- # Now do the actual checks setup above |
2442 |
- check_extra_config |
2443 |
- fi |
2444 |
- fi |
2445 |
- |
2446 |
- if grep -qs '/usr/bin/qemu-kvm' "${EROOT}"/etc/libvirt/qemu/*.xml; then |
2447 |
- eerror "The kvm/qemu-kvm wrappers no longer exist, but your libvirt" |
2448 |
- eerror "instances are still pointing to it. Please update your" |
2449 |
- eerror "configs in /etc/libvirt/qemu/ to use the -enable-kvm flag" |
2450 |
- eerror "and the right system binary (e.g. qemu-system-x86_64)." |
2451 |
- die "update your virt configs to not use qemu-kvm" |
2452 |
- fi |
2453 |
-} |
2454 |
- |
2455 |
-pkg_setup() { |
2456 |
- enewgroup kvm 78 |
2457 |
-} |
2458 |
- |
2459 |
-# Sanity check to make sure target lists are kept up-to-date. |
2460 |
-check_targets() { |
2461 |
- local var=$1 mak=$2 |
2462 |
- local detected sorted |
2463 |
- |
2464 |
- pushd "${S}"/default-configs >/dev/null || die |
2465 |
- |
2466 |
- # Force C locale until glibc is updated. #564936 |
2467 |
- detected=$(echo $(printf '%s\n' *-${mak}.mak | sed "s:-${mak}.mak::" | LC_COLLATE=C sort -u)) |
2468 |
- sorted=$(echo $(printf '%s\n' ${!var} | LC_COLLATE=C sort -u)) |
2469 |
- if [[ ${sorted} != "${detected}" ]] ; then |
2470 |
- eerror "The ebuild needs to be kept in sync." |
2471 |
- eerror "${var}: ${sorted}" |
2472 |
- eerror "$(printf '%-*s' ${#var} configure): ${detected}" |
2473 |
- die "sync ${var} to the list of targets" |
2474 |
- fi |
2475 |
- |
2476 |
- popd >/dev/null |
2477 |
-} |
2478 |
- |
2479 |
-handle_locales() { |
2480 |
- # Make sure locale list is kept up-to-date. |
2481 |
- local detected sorted |
2482 |
- detected=$(echo $(cd po && printf '%s\n' *.po | grep -v messages.po | sed 's:.po$::' | sort -u)) |
2483 |
- sorted=$(echo $(printf '%s\n' ${PLOCALES} | sort -u)) |
2484 |
- if [[ ${sorted} != "${detected}" ]] ; then |
2485 |
- eerror "The ebuild needs to be kept in sync." |
2486 |
- eerror "PLOCALES: ${sorted}" |
2487 |
- eerror " po/*.po: ${detected}" |
2488 |
- die "sync PLOCALES" |
2489 |
- fi |
2490 |
- |
2491 |
- # Deal with selective install of locales. |
2492 |
- if use nls ; then |
2493 |
- # Delete locales the user does not want. #577814 |
2494 |
- rm_loc() { rm po/$1.po || die; } |
2495 |
- l10n_for_each_disabled_locale_do rm_loc |
2496 |
- else |
2497 |
- # Cheap hack to disable gettext .mo generation. |
2498 |
- rm -f po/*.po |
2499 |
- fi |
2500 |
-} |
2501 |
- |
2502 |
-src_prepare() { |
2503 |
- check_targets IUSE_SOFTMMU_TARGETS softmmu |
2504 |
- check_targets IUSE_USER_TARGETS linux-user |
2505 |
- |
2506 |
- # Alter target makefiles to accept CFLAGS set via flag-o |
2507 |
- sed -i -r \ |
2508 |
- -e 's/^(C|OP_C|HELPER_C)FLAGS=/\1FLAGS+=/' \ |
2509 |
- Makefile Makefile.target || die |
2510 |
- |
2511 |
- default |
2512 |
- |
2513 |
- # Fix ld and objcopy being called directly |
2514 |
- tc-export AR LD OBJCOPY |
2515 |
- |
2516 |
- # Verbose builds |
2517 |
- MAKEOPTS+=" V=1" |
2518 |
- |
2519 |
- # Run after we've applied all patches. |
2520 |
- handle_locales |
2521 |
- |
2522 |
- #remove bundled copy of libfdt |
2523 |
- rm -r dtc || die |
2524 |
-} |
2525 |
- |
2526 |
-## |
2527 |
-# configures qemu based on the build directory and the build type |
2528 |
-# we are using. |
2529 |
-# |
2530 |
-qemu_src_configure() { |
2531 |
- debug-print-function ${FUNCNAME} "$@" |
2532 |
- |
2533 |
- local buildtype=$1 |
2534 |
- local builddir="${S}/${buildtype}-build" |
2535 |
- |
2536 |
- mkdir "${builddir}" |
2537 |
- |
2538 |
- local conf_opts=( |
2539 |
- --prefix=/usr |
2540 |
- --sysconfdir=/etc |
2541 |
- --libdir=/usr/$(get_libdir) |
2542 |
- --docdir=/usr/share/doc/${PF}/html |
2543 |
- --disable-bsd-user |
2544 |
- --disable-guest-agent |
2545 |
- --disable-strip |
2546 |
- --disable-werror |
2547 |
- # We support gnutls/nettle for crypto operations. It is possible |
2548 |
- # to use gcrypt when gnutls/nettle are disabled (but not when they |
2549 |
- # are enabled), but it's not really worth the hassle. Disable it |
2550 |
- # all the time to avoid automatically detecting it. #568856 |
2551 |
- --disable-gcrypt |
2552 |
- --python="${PYTHON}" |
2553 |
- --cc="$(tc-getCC)" |
2554 |
- --cxx="$(tc-getCXX)" |
2555 |
- --host-cc="$(tc-getBUILD_CC)" |
2556 |
- $(use_enable debug debug-info) |
2557 |
- $(use_enable debug debug-tcg) |
2558 |
- --enable-docs |
2559 |
- $(use_enable tci tcg-interpreter) |
2560 |
- $(use_enable xattr attr) |
2561 |
- ) |
2562 |
- |
2563 |
- # Disable options not used by user targets. This simplifies building |
2564 |
- # static user targets (USE=static-user) considerably. |
2565 |
- conf_notuser() { |
2566 |
- if [[ ${buildtype} == "user" ]] ; then |
2567 |
- echo "--disable-${2:-$1}" |
2568 |
- else |
2569 |
- use_enable "$@" |
2570 |
- fi |
2571 |
- } |
2572 |
- conf_opts+=( |
2573 |
- $(conf_notuser accessibility brlapi) |
2574 |
- $(conf_notuser aio linux-aio) |
2575 |
- $(conf_notuser bzip2) |
2576 |
- $(conf_notuser bluetooth bluez) |
2577 |
- $(conf_notuser caps cap-ng) |
2578 |
- $(conf_notuser curl) |
2579 |
- $(conf_notuser fdt) |
2580 |
- $(conf_notuser glusterfs) |
2581 |
- $(conf_notuser gnutls) |
2582 |
- $(conf_notuser gnutls nettle) |
2583 |
- $(conf_notuser gtk) |
2584 |
- $(conf_notuser infiniband rdma) |
2585 |
- $(conf_notuser iscsi libiscsi) |
2586 |
- $(conf_notuser jpeg vnc-jpeg) |
2587 |
- $(conf_notuser kernel_linux kvm) |
2588 |
- $(conf_notuser lzo) |
2589 |
- $(conf_notuser ncurses curses) |
2590 |
- $(conf_notuser nfs libnfs) |
2591 |
- $(conf_notuser numa) |
2592 |
- $(conf_notuser opengl) |
2593 |
- $(conf_notuser png vnc-png) |
2594 |
- $(conf_notuser rbd) |
2595 |
- $(conf_notuser sasl vnc-sasl) |
2596 |
- $(conf_notuser sdl) |
2597 |
- $(conf_notuser seccomp) |
2598 |
- $(conf_notuser smartcard) |
2599 |
- $(conf_notuser snappy) |
2600 |
- $(conf_notuser spice) |
2601 |
- $(conf_notuser ssh libssh2) |
2602 |
- $(conf_notuser usb libusb) |
2603 |
- $(conf_notuser usbredir usb-redir) |
2604 |
- $(conf_notuser vde) |
2605 |
- $(conf_notuser vhost-net) |
2606 |
- $(conf_notuser virgl virglrenderer) |
2607 |
- $(conf_notuser virtfs) |
2608 |
- $(conf_notuser vnc) |
2609 |
- $(conf_notuser vte) |
2610 |
- $(conf_notuser xen) |
2611 |
- $(conf_notuser xen xen-pci-passthrough) |
2612 |
- $(conf_notuser xfs xfsctl) |
2613 |
- ) |
2614 |
- |
2615 |
- if [[ ! ${buildtype} == "user" ]] ; then |
2616 |
- # audio options |
2617 |
- local audio_opts="oss" |
2618 |
- use alsa && audio_opts="alsa,${audio_opts}" |
2619 |
- use sdl && audio_opts="sdl,${audio_opts}" |
2620 |
- use pulseaudio && audio_opts="pa,${audio_opts}" |
2621 |
- conf_opts+=( |
2622 |
- --audio-drv-list="${audio_opts}" |
2623 |
- ) |
2624 |
- use gtk && conf_opts+=( --with-gtkabi=$(usex gtk2 2.0 3.0) ) |
2625 |
- use sdl && conf_opts+=( --with-sdlabi=$(usex sdl2 2.0 1.2) ) |
2626 |
- fi |
2627 |
- |
2628 |
- case ${buildtype} in |
2629 |
- user) |
2630 |
- conf_opts+=( |
2631 |
- --enable-linux-user |
2632 |
- --disable-system |
2633 |
- --disable-blobs |
2634 |
- --disable-tools |
2635 |
- ) |
2636 |
- local static_flag="static-user" |
2637 |
- ;; |
2638 |
- softmmu) |
2639 |
- conf_opts+=( |
2640 |
- --disable-linux-user |
2641 |
- --enable-system |
2642 |
- --disable-tools |
2643 |
- --with-system-pixman |
2644 |
- ) |
2645 |
- local static_flag="static" |
2646 |
- ;; |
2647 |
- tools) |
2648 |
- conf_opts+=( |
2649 |
- --disable-linux-user |
2650 |
- --disable-system |
2651 |
- --disable-blobs |
2652 |
- --enable-tools |
2653 |
- ) |
2654 |
- local static_flag="static" |
2655 |
- ;; |
2656 |
- esac |
2657 |
- |
2658 |
- local targets="${buildtype}_targets" |
2659 |
- [[ -n ${targets} ]] && conf_opts+=( --target-list="${!targets}" ) |
2660 |
- |
2661 |
- # Add support for SystemTAP |
2662 |
- use systemtap && conf_opts+=( --enable-trace-backend=dtrace ) |
2663 |
- |
2664 |
- # We always want to attempt to build with PIE support as it results |
2665 |
- # in a more secure binary. But it doesn't work with static or if |
2666 |
- # the current GCC doesn't have PIE support. |
2667 |
- if use ${static_flag}; then |
2668 |
- conf_opts+=( --static --disable-pie ) |
2669 |
- else |
2670 |
- tc-enables-pie && conf_opts+=( --enable-pie ) |
2671 |
- fi |
2672 |
- |
2673 |
- echo "../configure ${conf_opts[*]}" |
2674 |
- cd "${builddir}" |
2675 |
- ../configure "${conf_opts[@]}" || die "configure failed" |
2676 |
- |
2677 |
- # FreeBSD's kernel does not support QEMU assigning/grabbing |
2678 |
- # host USB devices yet |
2679 |
- use kernel_FreeBSD && \ |
2680 |
- sed -i -E -e "s|^(HOST_USB=)bsd|\1stub|" "${S}"/config-host.mak |
2681 |
-} |
2682 |
- |
2683 |
-src_configure() { |
2684 |
- local target |
2685 |
- |
2686 |
- python_setup |
2687 |
- |
2688 |
- softmmu_targets= softmmu_bins=() |
2689 |
- user_targets= user_bins=() |
2690 |
- |
2691 |
- for target in ${IUSE_SOFTMMU_TARGETS} ; do |
2692 |
- if use "qemu_softmmu_targets_${target}"; then |
2693 |
- softmmu_targets+=",${target}-softmmu" |
2694 |
- softmmu_bins+=( "qemu-system-${target}" ) |
2695 |
- fi |
2696 |
- done |
2697 |
- |
2698 |
- for target in ${IUSE_USER_TARGETS} ; do |
2699 |
- if use "qemu_user_targets_${target}"; then |
2700 |
- user_targets+=",${target}-linux-user" |
2701 |
- user_bins+=( "qemu-${target}" ) |
2702 |
- fi |
2703 |
- done |
2704 |
- |
2705 |
- softmmu_targets=${softmmu_targets#,} |
2706 |
- user_targets=${user_targets#,} |
2707 |
- |
2708 |
- [[ -n ${softmmu_targets} ]] && qemu_src_configure "softmmu" |
2709 |
- [[ -n ${user_targets} ]] && qemu_src_configure "user" |
2710 |
- qemu_src_configure "tools" |
2711 |
-} |
2712 |
- |
2713 |
-src_compile() { |
2714 |
- if [[ -n ${user_targets} ]]; then |
2715 |
- cd "${S}/user-build" |
2716 |
- default |
2717 |
- fi |
2718 |
- |
2719 |
- if [[ -n ${softmmu_targets} ]]; then |
2720 |
- cd "${S}/softmmu-build" |
2721 |
- default |
2722 |
- fi |
2723 |
- |
2724 |
- cd "${S}/tools-build" |
2725 |
- default |
2726 |
-} |
2727 |
- |
2728 |
-src_test() { |
2729 |
- if [[ -n ${softmmu_targets} ]]; then |
2730 |
- cd "${S}/softmmu-build" |
2731 |
- pax-mark m */qemu-system-* #515550 |
2732 |
- emake -j1 check |
2733 |
- emake -j1 check-report.html |
2734 |
- fi |
2735 |
-} |
2736 |
- |
2737 |
-qemu_python_install() { |
2738 |
- python_domodule "${S}/scripts/qmp/qmp.py" |
2739 |
- |
2740 |
- python_doscript "${S}/scripts/kvm/vmxcap" |
2741 |
- python_doscript "${S}/scripts/qmp/qmp-shell" |
2742 |
- python_doscript "${S}/scripts/qmp/qemu-ga-client" |
2743 |
-} |
2744 |
- |
2745 |
-# Generate binfmt support files. |
2746 |
-# - /etc/init.d/qemu-binfmt script which registers the user handlers (openrc) |
2747 |
-# - /usr/share/qemu/binfmt.d/qemu.conf (for use with systemd-binfmt) |
2748 |
-generate_initd() { |
2749 |
- local out="${T}/qemu-binfmt" |
2750 |
- local out_systemd="${T}/qemu.conf" |
2751 |
- local d="${T}/binfmt.d" |
2752 |
- |
2753 |
- einfo "Generating qemu binfmt scripts and configuration files" |
2754 |
- |
2755 |
- # Generate the debian fragments first. |
2756 |
- mkdir -p "${d}" |
2757 |
- "${S}"/scripts/qemu-binfmt-conf.sh \ |
2758 |
- --debian \ |
2759 |
- --exportdir "${d}" \ |
2760 |
- --qemu-path "${EPREFIX}/usr/bin" \ |
2761 |
- || die |
2762 |
- # Then turn the fragments into a shell script we can source. |
2763 |
- sed -E -i \ |
2764 |
- -e 's:^([^ ]+) (.*)$:\1="\2":' \ |
2765 |
- "${d}"/* || die |
2766 |
- |
2767 |
- # Generate the init.d script by assembling the fragments from above. |
2768 |
- local f qcpu package interpreter magic mask |
2769 |
- cat "${FILESDIR}"/qemu-binfmt.initd.head >"${out}" || die |
2770 |
- for f in "${d}"/qemu-* ; do |
2771 |
- source "${f}" |
2772 |
- |
2773 |
- # Normalize the cpu logic like we do in the init.d for the native cpu. |
2774 |
- qcpu=${package#qemu-} |
2775 |
- case ${qcpu} in |
2776 |
- arm*) qcpu="arm";; |
2777 |
- mips*) qcpu="mips";; |
2778 |
- ppc*) qcpu="ppc";; |
2779 |
- s390*) qcpu="s390";; |
2780 |
- sh*) qcpu="sh";; |
2781 |
- sparc*) qcpu="sparc";; |
2782 |
- esac |
2783 |
- |
2784 |
- cat <<EOF >>"${out}" |
2785 |
- if [ "\${cpu}" != "${qcpu}" -a -x "${interpreter}" ] ; then |
2786 |
- echo ':${package}:M::${magic}:${mask}:${interpreter}:'"\${QEMU_BINFMT_FLAGS}" >/proc/sys/fs/binfmt_misc/register |
2787 |
- fi |
2788 |
-EOF |
2789 |
- |
2790 |
- echo ":${package}:M::${magic}:${mask}:${interpreter}:OC" >>"${out_systemd}" |
2791 |
- |
2792 |
- done |
2793 |
- cat "${FILESDIR}"/qemu-binfmt.initd.tail >>"${out}" || die |
2794 |
-} |
2795 |
- |
2796 |
-src_install() { |
2797 |
- if [[ -n ${user_targets} ]]; then |
2798 |
- cd "${S}/user-build" |
2799 |
- emake DESTDIR="${ED}" install |
2800 |
- |
2801 |
- # Install binfmt handler init script for user targets. |
2802 |
- generate_initd |
2803 |
- doinitd "${T}/qemu-binfmt" |
2804 |
- |
2805 |
- # Install binfmt/qemu.conf. |
2806 |
- insinto "/usr/share/qemu/binfmt.d" |
2807 |
- doins "${T}/qemu.conf" |
2808 |
- fi |
2809 |
- |
2810 |
- if [[ -n ${softmmu_targets} ]]; then |
2811 |
- cd "${S}/softmmu-build" |
2812 |
- emake DESTDIR="${ED}" install |
2813 |
- |
2814 |
- # This might not exist if the test failed. #512010 |
2815 |
- [[ -e check-report.html ]] && dohtml check-report.html |
2816 |
- |
2817 |
- if use kernel_linux; then |
2818 |
- udev_newrules "${FILESDIR}"/65-kvm.rules-r1 65-kvm.rules |
2819 |
- fi |
2820 |
- |
2821 |
- if use python; then |
2822 |
- python_foreach_impl qemu_python_install |
2823 |
- fi |
2824 |
- fi |
2825 |
- |
2826 |
- cd "${S}/tools-build" |
2827 |
- emake DESTDIR="${ED}" install |
2828 |
- |
2829 |
- # Disable mprotect on the qemu binaries as they use JITs to be fast #459348 |
2830 |
- pushd "${ED}"/usr/bin >/dev/null |
2831 |
- pax-mark mr "${softmmu_bins[@]}" "${user_bins[@]}" # bug 575594 |
2832 |
- popd >/dev/null |
2833 |
- |
2834 |
- # Install config file example for qemu-bridge-helper |
2835 |
- insinto "/etc/qemu" |
2836 |
- doins "${FILESDIR}/bridge.conf" |
2837 |
- |
2838 |
- cd "${S}" |
2839 |
- dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt |
2840 |
- newdoc pc-bios/README README.pc-bios |
2841 |
- dodoc docs/qmp-*.txt |
2842 |
- |
2843 |
- if [[ -n ${softmmu_targets} ]]; then |
2844 |
- # Remove SeaBIOS since we're using the SeaBIOS packaged one |
2845 |
- rm "${ED}/usr/share/qemu/bios.bin" |
2846 |
- rm "${ED}/usr/share/qemu/bios-256k.bin" |
2847 |
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then |
2848 |
- dosym ../seabios/bios.bin /usr/share/qemu/bios.bin |
2849 |
- dosym ../seabios/bios-256k.bin /usr/share/qemu/bios-256k.bin |
2850 |
- fi |
2851 |
- |
2852 |
- # Remove vgabios since we're using the seavgabios packaged one |
2853 |
- rm "${ED}/usr/share/qemu/vgabios.bin" |
2854 |
- rm "${ED}/usr/share/qemu/vgabios-cirrus.bin" |
2855 |
- rm "${ED}/usr/share/qemu/vgabios-qxl.bin" |
2856 |
- rm "${ED}/usr/share/qemu/vgabios-stdvga.bin" |
2857 |
- rm "${ED}/usr/share/qemu/vgabios-virtio.bin" |
2858 |
- rm "${ED}/usr/share/qemu/vgabios-vmware.bin" |
2859 |
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then |
2860 |
- dosym ../seavgabios/vgabios-isavga.bin /usr/share/qemu/vgabios.bin |
2861 |
- dosym ../seavgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin |
2862 |
- dosym ../seavgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin |
2863 |
- dosym ../seavgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin |
2864 |
- dosym ../seavgabios/vgabios-virtio.bin /usr/share/qemu/vgabios-virtio.bin |
2865 |
- dosym ../seavgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin |
2866 |
- fi |
2867 |
- |
2868 |
- # Remove sgabios since we're using the sgabios packaged one |
2869 |
- rm "${ED}/usr/share/qemu/sgabios.bin" |
2870 |
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then |
2871 |
- dosym ../sgabios/sgabios.bin /usr/share/qemu/sgabios.bin |
2872 |
- fi |
2873 |
- |
2874 |
- # Remove iPXE since we're using the iPXE packaged one |
2875 |
- rm "${ED}"/usr/share/qemu/pxe-*.rom |
2876 |
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then |
2877 |
- dosym ../ipxe/8086100e.rom /usr/share/qemu/pxe-e1000.rom |
2878 |
- dosym ../ipxe/80861209.rom /usr/share/qemu/pxe-eepro100.rom |
2879 |
- dosym ../ipxe/10500940.rom /usr/share/qemu/pxe-ne2k_pci.rom |
2880 |
- dosym ../ipxe/10222000.rom /usr/share/qemu/pxe-pcnet.rom |
2881 |
- dosym ../ipxe/10ec8139.rom /usr/share/qemu/pxe-rtl8139.rom |
2882 |
- dosym ../ipxe/1af41000.rom /usr/share/qemu/pxe-virtio.rom |
2883 |
- fi |
2884 |
- fi |
2885 |
- |
2886 |
- DISABLE_AUTOFORMATTING=true |
2887 |
- readme.gentoo_create_doc |
2888 |
-} |
2889 |
- |
2890 |
-firmware_abi_change() { |
2891 |
- local pv |
2892 |
- for pv in ${REPLACING_VERSIONS}; do |
2893 |
- if ! version_is_at_least ${FIRMWARE_ABI_VERSION} ${pv}; then |
2894 |
- return 0 |
2895 |
- fi |
2896 |
- done |
2897 |
- return 1 |
2898 |
-} |
2899 |
- |
2900 |
-pkg_postinst() { |
2901 |
- if [[ -n ${softmmu_targets} ]] && use kernel_linux; then |
2902 |
- udev_reload |
2903 |
- fi |
2904 |
- |
2905 |
- fcaps cap_net_admin /usr/libexec/qemu-bridge-helper |
2906 |
- |
2907 |
- DISABLE_AUTOFORMATTING=true |
2908 |
- readme.gentoo_print_elog |
2909 |
- |
2910 |
- if use pin-upstream-blobs && firmware_abi_change; then |
2911 |
- ewarn "This version of qemu pins new versions of firmware blobs:" |
2912 |
- ewarn " $(best_version sys-firmware/edk2-ovmf)" |
2913 |
- ewarn " $(best_version sys-firmware/ipxe)" |
2914 |
- ewarn " $(best_version sys-firmware/seabios)" |
2915 |
- ewarn " $(best_version sys-firmware/sgabios)" |
2916 |
- ewarn "This might break resume of hibernated guests (started with a different" |
2917 |
- ewarn "firmware version) and live migration to/from qemu versions with different" |
2918 |
- ewarn "firmware. Please (cold) restart all running guests. For functional" |
2919 |
- ewarn "guest migration ensure that all" |
2920 |
- ewarn "hosts run at least" |
2921 |
- ewarn " app-emulation/qemu-${FIRMWARE_ABI_VERSION}." |
2922 |
- fi |
2923 |
-} |
2924 |
- |
2925 |
-pkg_info() { |
2926 |
- echo "Using:" |
2927 |
- echo " $(best_version app-emulation/spice-protocol)" |
2928 |
- echo " $(best_version sys-firmware/edk2-ovmf)" |
2929 |
- if has_version 'sys-firmware/edk2-ovmf[binary]'; then |
2930 |
- echo " USE=binary" |
2931 |
- else |
2932 |
- echo " USE=''" |
2933 |
- fi |
2934 |
- echo " $(best_version sys-firmware/ipxe)" |
2935 |
- echo " $(best_version sys-firmware/seabios)" |
2936 |
- if has_version 'sys-firmware/seabios[binary]'; then |
2937 |
- echo " USE=binary" |
2938 |
- else |
2939 |
- echo " USE=''" |
2940 |
- fi |
2941 |
- echo " $(best_version sys-firmware/sgabios)" |
2942 |
-} |