Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Matthias Maier <tamiko@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: app-emulation/qemu/files/, app-emulation/qemu/
Date: Tue, 19 Feb 2019 00:19:44
Message-Id: 1550535543.c5d70adc0520a858f4da5cd0d1161e91140f5347.tamiko@gentoo
1 commit: c5d70adc0520a858f4da5cd0d1161e91140f5347
2 Author: Matthias Maier <tamiko <AT> gentoo <DOT> org>
3 AuthorDate: Tue Feb 19 00:16:24 2019 +0000
4 Commit: Matthias Maier <tamiko <AT> gentoo <DOT> org>
5 CommitDate: Tue Feb 19 00:19:03 2019 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c5d70adc
7
8 app-emulation/qemu: fix vulnerability, bug #678302
9
10 Take over commit
11
12 From b05b267840515730dbf6753495d5b7bd8b04ad1c Mon Sep 17 00:00:00 2001
13 From: Gerd Hoffmann <kraxel <AT> redhat.com>
14 Date: Tue, 8 Jan 2019 11:23:01 +0100
15 Subject: [PATCH] i2c-ddc: fix oob read
16
17 Bug: https://bugs.gentoo.org/678302
18 Package-Manager: Portage-2.3.60, Repoman-2.3.12
19 Signed-off-by: Matthias Maier <tamiko <AT> gentoo.org>
20
21 .../qemu/files/qemu-3.1.0-CVE-2019-3812.patch | 33 +
22 app-emulation/qemu/qemu-3.1.0-r1.ebuild | 810 +++++++++++++++++++++
23 2 files changed, 843 insertions(+)
24
25 diff --git a/app-emulation/qemu/files/qemu-3.1.0-CVE-2019-3812.patch b/app-emulation/qemu/files/qemu-3.1.0-CVE-2019-3812.patch
26 new file mode 100644
27 index 00000000000..03db9e0a1f2
28 --- /dev/null
29 +++ b/app-emulation/qemu/files/qemu-3.1.0-CVE-2019-3812.patch
30 @@ -0,0 +1,33 @@
31 +From b05b267840515730dbf6753495d5b7bd8b04ad1c Mon Sep 17 00:00:00 2001
32 +From: Gerd Hoffmann <kraxel@××××××.com>
33 +Date: Tue, 8 Jan 2019 11:23:01 +0100
34 +Subject: [PATCH] i2c-ddc: fix oob read
35 +MIME-Version: 1.0
36 +Content-Type: text/plain; charset=UTF-8
37 +Content-Transfer-Encoding: 8bit
38 +
39 +Suggested-by: Michael Hanselmann <public@××××××.ch>
40 +Signed-off-by: Gerd Hoffmann <kraxel@××××××.com>
41 +Reviewed-by: Michael Hanselmann <public@××××××.ch>
42 +Reviewed-by: Philippe Mathieu-Daudé <philmd@××××××.com>
43 +Message-id: 20190108102301.1957-1-kraxel@××××××.com
44 +---
45 + hw/i2c/i2c-ddc.c | 2 +-
46 + 1 file changed, 1 insertion(+), 1 deletion(-)
47 +
48 +diff --git a/hw/i2c/i2c-ddc.c b/hw/i2c/i2c-ddc.c
49 +index be34fe072c..0a0367ff38 100644
50 +--- a/hw/i2c/i2c-ddc.c
51 ++++ b/hw/i2c/i2c-ddc.c
52 +@@ -56,7 +56,7 @@ static int i2c_ddc_rx(I2CSlave *i2c)
53 + I2CDDCState *s = I2CDDC(i2c);
54 +
55 + int value;
56 +- value = s->edid_blob[s->reg];
57 ++ value = s->edid_blob[s->reg % sizeof(s->edid_blob)];
58 + s->reg++;
59 + return value;
60 + }
61 +--
62 +2.19.2
63 +
64
65 diff --git a/app-emulation/qemu/qemu-3.1.0-r1.ebuild b/app-emulation/qemu/qemu-3.1.0-r1.ebuild
66 new file mode 100644
67 index 00000000000..1a51e555b08
68 --- /dev/null
69 +++ b/app-emulation/qemu/qemu-3.1.0-r1.ebuild
70 @@ -0,0 +1,810 @@
71 +# Copyright 1999-2019 Gentoo Authors
72 +# Distributed under the terms of the GNU General Public License v2
73 +
74 +EAPI="7"
75 +
76 +PYTHON_COMPAT=( python{2_7,3_4,3_5,3_6,3_7} )
77 +PYTHON_REQ_USE="ncurses,readline"
78 +
79 +PLOCALES="bg de_DE fr_FR hu it tr zh_CN"
80 +
81 +FIRMWARE_ABI_VERSION="2.11.1-r50"
82 +
83 +inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \
84 + user udev fcaps readme.gentoo-r1 pax-utils l10n
85 +
86 +if [[ ${PV} = *9999* ]]; then
87 + EGIT_REPO_URI="git://git.qemu.org/qemu.git"
88 + inherit git-r3
89 + SRC_URI=""
90 +else
91 + SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.xz"
92 + KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd"
93 +
94 + # Gentoo specific patchsets:
95 + #SRC_URI+=" https://dev.gentoo.org/~tamiko/distfiles/${P}-patches-r1.tar.xz"
96 +fi
97 +
98 +DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
99 +HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
100 +
101 +LICENSE="GPL-2 LGPL-2 BSD-2"
102 +SLOT="0"
103 +IUSE="accessibility +aio alsa bzip2 capstone +caps +curl debug
104 + +fdt glusterfs gnutls gtk infiniband iscsi +jpeg kernel_linux
105 + kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png
106 + pulseaudio python rbd sasl +seccomp sdl selinux smartcard snappy
107 + spice ssh static static-user systemtap tci test usb usbredir vde
108 + +vhost-net virgl virtfs +vnc vte xattr xen xfs"
109 +
110 +RESTRICT=strip
111 +
112 +COMMON_TARGETS="aarch64 alpha arm cris hppa i386 m68k microblaze microblazeel
113 + mips mips64 mips64el mipsel nios2 or1k ppc ppc64 riscv32 riscv64 s390x
114 + sh4 sh4eb sparc sparc64 x86_64 xtensa xtensaeb"
115 +IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS}
116 + lm32 moxie tricore unicore32"
117 +IUSE_USER_TARGETS="${COMMON_TARGETS}
118 + aarch64_be armeb mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus
119 + tilegx"
120 +
121 +use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
122 +use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS})
123 +IUSE+=" ${use_softmmu_targets} ${use_user_targets}"
124 +
125 +# Allow no targets to be built so that people can get a tools-only build.
126 +# Block USE flag configurations known to not work.
127 +REQUIRED_USE="${PYTHON_REQUIRED_USE}
128 + qemu_softmmu_targets_arm? ( fdt )
129 + qemu_softmmu_targets_microblaze? ( fdt )
130 + qemu_softmmu_targets_mips64el? ( fdt )
131 + qemu_softmmu_targets_ppc64? ( fdt )
132 + qemu_softmmu_targets_ppc? ( fdt )
133 + qemu_softmmu_targets_riscv32? ( fdt )
134 + qemu_softmmu_targets_riscv64? ( fdt )
135 + static? ( static-user !alsa !gtk !opengl !pulseaudio !snappy )
136 + virtfs? ( xattr )
137 + vte? ( gtk )"
138 +
139 +# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
140 +# and user/softmmu targets (qemu-*, qemu-system-*).
141 +#
142 +# Yep, you need both libcap and libcap-ng since virtfs only uses libcap.
143 +#
144 +# The attr lib isn't always linked in (although the USE flag is always
145 +# respected). This is because qemu supports using the C library's API
146 +# when available rather than always using the external library.
147 +ALL_DEPEND="
148 + >=dev-libs/glib-2.0[static-libs(+)]
149 + sys-libs/zlib[static-libs(+)]
150 + python? ( ${PYTHON_DEPS} )
151 + systemtap? ( dev-util/systemtap )
152 + xattr? ( sys-apps/attr[static-libs(+)] )"
153 +
154 +# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
155 +# softmmu targets (qemu-system-*).
156 +SOFTMMU_TOOLS_DEPEND="
157 + dev-libs/libxml2[static-libs(+)]
158 + x11-libs/libxkbcommon[static-libs(+)]
159 + >=x11-libs/pixman-0.28.0[static-libs(+)]
160 + accessibility? (
161 + app-accessibility/brltty[api]
162 + app-accessibility/brltty[static-libs(+)]
163 + )
164 + aio? ( dev-libs/libaio[static-libs(+)] )
165 + alsa? ( >=media-libs/alsa-lib-1.0.13 )
166 + bzip2? ( app-arch/bzip2[static-libs(+)] )
167 + capstone? ( dev-libs/capstone:= )
168 + caps? ( sys-libs/libcap-ng[static-libs(+)] )
169 + curl? ( >=net-misc/curl-7.15.4[static-libs(+)] )
170 + fdt? ( >=sys-apps/dtc-1.4.2[static-libs(+)] )
171 + glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] )
172 + gnutls? (
173 + dev-libs/nettle:=[static-libs(+)]
174 + >=net-libs/gnutls-3.0:=[static-libs(+)]
175 + )
176 + gtk? (
177 + x11-libs/gtk+:3
178 + vte? ( x11-libs/vte:2.91 )
179 + )
180 + infiniband? (
181 + sys-fabric/libibumad:=[static-libs(+)]
182 + sys-fabric/libibverbs:=[static-libs(+)]
183 + sys-fabric/librdmacm:=[static-libs(+)]
184 + )
185 + iscsi? ( net-libs/libiscsi )
186 + jpeg? ( virtual/jpeg:0=[static-libs(+)] )
187 + lzo? ( dev-libs/lzo:2[static-libs(+)] )
188 + ncurses? (
189 + sys-libs/ncurses:0=[unicode]
190 + sys-libs/ncurses:0=[static-libs(+)]
191 + )
192 + nfs? ( >=net-fs/libnfs-1.9.3:=[static-libs(+)] )
193 + numa? ( sys-process/numactl[static-libs(+)] )
194 + opengl? (
195 + virtual/opengl
196 + media-libs/libepoxy[static-libs(+)]
197 + media-libs/mesa[static-libs(+)]
198 + media-libs/mesa[egl,gbm]
199 + )
200 + png? ( media-libs/libpng:0=[static-libs(+)] )
201 + pulseaudio? ( media-sound/pulseaudio )
202 + rbd? ( sys-cluster/ceph[static-libs(+)] )
203 + sasl? ( dev-libs/cyrus-sasl[static-libs(+)] )
204 + sdl? (
205 + media-libs/libsdl2[X]
206 + media-libs/libsdl2[static-libs(+)]
207 + )
208 + seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] )
209 + smartcard? ( >=app-emulation/libcacard-2.5.0[static-libs(+)] )
210 + snappy? ( app-arch/snappy:= )
211 + spice? (
212 + >=app-emulation/spice-protocol-0.12.3
213 + >=app-emulation/spice-0.12.0[static-libs(+)]
214 + )
215 + ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] )
216 + usb? ( >=virtual/libusb-1-r2[static-libs(+)] )
217 + usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] )
218 + vde? ( net-misc/vde[static-libs(+)] )
219 + virgl? ( media-libs/virglrenderer[static-libs(+)] )
220 + virtfs? ( sys-libs/libcap )
221 + xen? ( app-emulation/xen-tools:= )
222 + xfs? ( sys-fs/xfsprogs[static-libs(+)] )"
223 +
224 +X86_FIRMWARE_DEPEND="
225 + pin-upstream-blobs? (
226 + ~sys-firmware/edk2-ovmf-2017_p20180211[binary]
227 + ~sys-firmware/ipxe-1.0.0_p20180211[binary]
228 + ~sys-firmware/seabios-1.11.0[binary,seavgabios]
229 + ~sys-firmware/sgabios-0.1_pre8[binary]
230 + )
231 + !pin-upstream-blobs? (
232 + sys-firmware/edk2-ovmf
233 + sys-firmware/ipxe
234 + >=sys-firmware/seabios-1.10.2[seavgabios]
235 + sys-firmware/sgabios
236 + )"
237 +PPC64_FIRMWARE_DEPEND="
238 + pin-upstream-blobs? (
239 + ~sys-firmware/seabios-1.11.0[binary,seavgabios]
240 + )
241 + !pin-upstream-blobs? (
242 + >=sys-firmware/seabios-1.10.2[seavgabios]
243 + )
244 +"
245 +
246 +CDEPEND="
247 + !static? (
248 + ${ALL_DEPEND//\[static-libs(+)]}
249 + ${SOFTMMU_TOOLS_DEPEND//\[static-libs(+)]}
250 + )
251 + qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} )
252 + qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )
253 + qemu_softmmu_targets_ppc64? ( ${PPC64_FIRMWARE_DEPEND} )
254 +"
255 +DEPEND="${CDEPEND}
256 + ${PYTHON_DEPS}
257 + dev-lang/perl
258 + sys-apps/texinfo
259 + virtual/pkgconfig
260 + kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 )
261 + gtk? ( nls? ( sys-devel/gettext ) )
262 + static? (
263 + ${ALL_DEPEND}
264 + ${SOFTMMU_TOOLS_DEPEND}
265 + )
266 + static-user? ( ${ALL_DEPEND} )
267 + test? (
268 + dev-libs/glib[utils]
269 + sys-devel/bc
270 + )"
271 +RDEPEND="${CDEPEND}
272 + selinux? ( sec-policy/selinux-qemu )"
273 +
274 +PATCHES=(
275 + "${FILESDIR}"/${PN}-2.5.0-cflags.patch
276 + "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
277 + "${FILESDIR}"/${PN}-2.11.1-capstone_include_path.patch
278 + "${FILESDIR}"/${PN}-3.1.0-CVE-2018-20123.patch
279 + "${FILESDIR}"/${PN}-3.1.0-CVE-2019-3812.patch
280 + #"${WORKDIR}"/patches
281 +)
282 +
283 +QA_PREBUILT="
284 + usr/share/qemu/hppa-firmware.img
285 + usr/share/qemu/openbios-ppc
286 + usr/share/qemu/openbios-sparc64
287 + usr/share/qemu/openbios-sparc32
288 + usr/share/qemu/palcode-clipper
289 + usr/share/qemu/s390-ccw.img
290 + usr/share/qemu/s390-netboot.img
291 + usr/share/qemu/u-boot.e500"
292 +
293 +QA_WX_LOAD="usr/bin/qemu-i386
294 + usr/bin/qemu-x86_64
295 + usr/bin/qemu-alpha
296 + usr/bin/qemu-arm
297 + usr/bin/qemu-cris
298 + usr/bin/qemu-m68k
299 + usr/bin/qemu-microblaze
300 + usr/bin/qemu-microblazeel
301 + usr/bin/qemu-mips
302 + usr/bin/qemu-mipsel
303 + usr/bin/qemu-or1k
304 + usr/bin/qemu-ppc
305 + usr/bin/qemu-ppc64
306 + usr/bin/qemu-ppc64abi32
307 + usr/bin/qemu-sh4
308 + usr/bin/qemu-sh4eb
309 + usr/bin/qemu-sparc
310 + usr/bin/qemu-sparc64
311 + usr/bin/qemu-armeb
312 + usr/bin/qemu-sparc32plus
313 + usr/bin/qemu-s390x
314 + usr/bin/qemu-unicore32"
315 +
316 +DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure you have the
317 +kernel module loaded before running kvm. The easiest way to ensure that the
318 +kernel module is loaded is to load it on boot.
319 + For AMD CPUs the module is called 'kvm-amd'.
320 + For Intel CPUs the module is called 'kvm-intel'.
321 +Please review /etc/conf.d/modules for how to load these.
322 +
323 +Make sure your user is in the 'kvm' group. Just run
324 + $ gpasswd -a <USER> kvm
325 +then have <USER> re-login.
326 +
327 +For brand new installs, the default permissions on /dev/kvm might not let
328 +you access it. You can tell udev to reset ownership/perms:
329 + $ udevadm trigger -c add /dev/kvm
330 +
331 +If you want to register binfmt handlers for qemu user targets:
332 +For openrc:
333 + # rc-update add qemu-binfmt
334 +For systemd:
335 + # ln -s /usr/share/qemu/binfmt.d/qemu.conf /etc/binfmt.d/qemu.conf"
336 +
337 +pkg_pretend() {
338 + if use kernel_linux && kernel_is lt 2 6 25; then
339 + eerror "This version of KVM requres a host kernel of 2.6.25 or higher."
340 + elif use kernel_linux; then
341 + if ! linux_config_exists; then
342 + eerror "Unable to check your kernel for KVM support"
343 + else
344 + CONFIG_CHECK="~KVM ~TUN ~BRIDGE"
345 + ERROR_KVM="You must enable KVM in your kernel to continue"
346 + ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in"
347 + ERROR_KVM_AMD+=" your kernel configuration."
348 + ERROR_KVM_INTEL="If you have an Intel CPU, you must enable"
349 + ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration."
350 + ERROR_TUN="You will need the Universal TUN/TAP driver compiled"
351 + ERROR_TUN+=" into your kernel or loaded as a module to use the"
352 + ERROR_TUN+=" virtual network device if using -net tap."
353 + ERROR_BRIDGE="You will also need support for 802.1d"
354 + ERROR_BRIDGE+=" Ethernet Bridging for some network configurations."
355 + use vhost-net && CONFIG_CHECK+=" ~VHOST_NET"
356 + ERROR_VHOST_NET="You must enable VHOST_NET to have vhost-net"
357 + ERROR_VHOST_NET+=" support"
358 +
359 + if use amd64 || use x86 || use amd64-linux || use x86-linux; then
360 + if grep -q AuthenticAMD /proc/cpuinfo; then
361 + CONFIG_CHECK+=" ~KVM_AMD"
362 + elif grep -q GenuineIntel /proc/cpuinfo; then
363 + CONFIG_CHECK+=" ~KVM_INTEL"
364 + fi
365 + fi
366 +
367 + use python && CONFIG_CHECK+=" ~DEBUG_FS"
368 + ERROR_DEBUG_FS="debugFS support required for kvm_stat"
369 +
370 + # Now do the actual checks setup above
371 + check_extra_config
372 + fi
373 + fi
374 +
375 + if grep -qs '/usr/bin/qemu-kvm' "${EROOT}"/etc/libvirt/qemu/*.xml; then
376 + eerror "The kvm/qemu-kvm wrappers no longer exist, but your libvirt"
377 + eerror "instances are still pointing to it. Please update your"
378 + eerror "configs in /etc/libvirt/qemu/ to use the -enable-kvm flag"
379 + eerror "and the right system binary (e.g. qemu-system-x86_64)."
380 + die "update your virt configs to not use qemu-kvm"
381 + fi
382 +}
383 +
384 +pkg_setup() {
385 + enewgroup kvm 78
386 +}
387 +
388 +# Sanity check to make sure target lists are kept up-to-date.
389 +check_targets() {
390 + local var=$1 mak=$2
391 + local detected sorted
392 +
393 + pushd "${S}"/default-configs >/dev/null || die
394 +
395 + # Force C locale until glibc is updated. #564936
396 + detected=$(echo $(printf '%s\n' *-${mak}.mak | sed "s:-${mak}.mak::" | LC_COLLATE=C sort -u))
397 + sorted=$(echo $(printf '%s\n' ${!var} | LC_COLLATE=C sort -u))
398 + if [[ ${sorted} != "${detected}" ]] ; then
399 + eerror "The ebuild needs to be kept in sync."
400 + eerror "${var}: ${sorted}"
401 + eerror "$(printf '%-*s' ${#var} configure): ${detected}"
402 + die "sync ${var} to the list of targets"
403 + fi
404 +
405 + popd >/dev/null
406 +}
407 +
408 +handle_locales() {
409 + # Make sure locale list is kept up-to-date.
410 + local detected sorted
411 + detected=$(echo $(cd po && printf '%s\n' *.po | grep -v messages.po | sed 's:.po$::' | sort -u))
412 + sorted=$(echo $(printf '%s\n' ${PLOCALES} | sort -u))
413 + if [[ ${sorted} != "${detected}" ]] ; then
414 + eerror "The ebuild needs to be kept in sync."
415 + eerror "PLOCALES: ${sorted}"
416 + eerror " po/*.po: ${detected}"
417 + die "sync PLOCALES"
418 + fi
419 +
420 + # Deal with selective install of locales.
421 + if use nls ; then
422 + # Delete locales the user does not want. #577814
423 + rm_loc() { rm po/$1.po || die; }
424 + l10n_for_each_disabled_locale_do rm_loc
425 + else
426 + # Cheap hack to disable gettext .mo generation.
427 + rm -f po/*.po
428 + fi
429 +}
430 +
431 +src_prepare() {
432 + check_targets IUSE_SOFTMMU_TARGETS softmmu
433 + check_targets IUSE_USER_TARGETS linux-user
434 +
435 + # Alter target makefiles to accept CFLAGS set via flag-o
436 + sed -i -r \
437 + -e 's/^(C|OP_C|HELPER_C)FLAGS=/\1FLAGS+=/' \
438 + Makefile Makefile.target || die
439 +
440 + default
441 +
442 + # Fix ld and objcopy being called directly
443 + tc-export AR LD OBJCOPY
444 +
445 + # Verbose builds
446 + MAKEOPTS+=" V=1"
447 +
448 + # Run after we've applied all patches.
449 + handle_locales
450 +
451 + # Remove bundled copy of libfdt
452 + rm -r dtc || die
453 +}
454 +
455 +##
456 +# configures qemu based on the build directory and the build type
457 +# we are using.
458 +#
459 +qemu_src_configure() {
460 + debug-print-function ${FUNCNAME} "$@"
461 +
462 + local buildtype=$1
463 + local builddir="${S}/${buildtype}-build"
464 +
465 + mkdir "${builddir}"
466 +
467 + local conf_opts=(
468 + --prefix=/usr
469 + --sysconfdir=/etc
470 + --libdir=/usr/$(get_libdir)
471 + --docdir=/usr/share/doc/${PF}/html
472 + --disable-bsd-user
473 + --disable-guest-agent
474 + --disable-strip
475 + --disable-werror
476 + # We support gnutls/nettle for crypto operations. It is possible
477 + # to use gcrypt when gnutls/nettle are disabled (but not when they
478 + # are enabled), but it's not really worth the hassle. Disable it
479 + # all the time to avoid automatically detecting it. #568856
480 + --disable-gcrypt
481 + --python="${PYTHON}"
482 + --cc="$(tc-getCC)"
483 + --cxx="$(tc-getCXX)"
484 + --host-cc="$(tc-getBUILD_CC)"
485 + $(use_enable debug debug-info)
486 + $(use_enable debug debug-tcg)
487 + --enable-docs
488 + $(use_enable tci tcg-interpreter)
489 + $(use_enable xattr attr)
490 + )
491 +
492 + # Disable options not used by user targets. This simplifies building
493 + # static user targets (USE=static-user) considerably.
494 + conf_notuser() {
495 + if [[ ${buildtype} == "user" ]] ; then
496 + echo "--disable-${2:-$1}"
497 + else
498 + use_enable "$@"
499 + fi
500 + }
501 + conf_opts+=(
502 + --disable-bluez
503 + $(conf_notuser accessibility brlapi)
504 + $(conf_notuser aio linux-aio)
505 + $(conf_notuser bzip2)
506 + $(conf_notuser capstone)
507 + $(conf_notuser caps cap-ng)
508 + $(conf_notuser curl)
509 + $(conf_notuser fdt)
510 + $(conf_notuser glusterfs)
511 + $(conf_notuser gnutls)
512 + $(conf_notuser gnutls nettle)
513 + $(conf_notuser gtk)
514 + $(conf_notuser infiniband rdma)
515 + $(conf_notuser iscsi libiscsi)
516 + $(conf_notuser jpeg vnc-jpeg)
517 + $(conf_notuser kernel_linux kvm)
518 + $(conf_notuser lzo)
519 + $(conf_notuser ncurses curses)
520 + $(conf_notuser nfs libnfs)
521 + $(conf_notuser numa)
522 + $(conf_notuser opengl)
523 + $(conf_notuser png vnc-png)
524 + $(conf_notuser rbd)
525 + $(conf_notuser sasl vnc-sasl)
526 + $(conf_notuser sdl)
527 + $(conf_notuser seccomp)
528 + $(conf_notuser smartcard)
529 + $(conf_notuser snappy)
530 + $(conf_notuser spice)
531 + $(conf_notuser ssh libssh2)
532 + $(conf_notuser usb libusb)
533 + $(conf_notuser usbredir usb-redir)
534 + $(conf_notuser vde)
535 + $(conf_notuser vhost-net)
536 + $(conf_notuser virgl virglrenderer)
537 + $(conf_notuser virtfs)
538 + $(conf_notuser vnc)
539 + $(conf_notuser vte)
540 + $(conf_notuser xen)
541 + $(conf_notuser xen xen-pci-passthrough)
542 + $(conf_notuser xfs xfsctl)
543 + )
544 +
545 + if [[ ${buildtype} == "user" ]] ; then
546 + conf_opts+=( --disable-libxml2 )
547 + else
548 + conf_opts+=( --enable-libxml2 )
549 + fi
550 +
551 + if [[ ! ${buildtype} == "user" ]] ; then
552 + # audio options
553 + local audio_opts="oss"
554 + use alsa && audio_opts="alsa,${audio_opts}"
555 + use sdl && audio_opts="sdl,${audio_opts}"
556 + use pulseaudio && audio_opts="pa,${audio_opts}"
557 + conf_opts+=(
558 + --audio-drv-list="${audio_opts}"
559 + )
560 + use sdl && conf_opts+=( --with-sdlabi=2.0 )
561 + fi
562 +
563 + case ${buildtype} in
564 + user)
565 + conf_opts+=(
566 + --enable-linux-user
567 + --disable-system
568 + --disable-blobs
569 + --disable-tools
570 + )
571 + local static_flag="static-user"
572 + ;;
573 + softmmu)
574 + conf_opts+=(
575 + --disable-linux-user
576 + --enable-system
577 + --disable-tools
578 + )
579 + local static_flag="static"
580 + ;;
581 + tools)
582 + conf_opts+=(
583 + --disable-linux-user
584 + --disable-system
585 + --disable-blobs
586 + --enable-tools
587 + )
588 + local static_flag="static"
589 + ;;
590 + esac
591 +
592 + local targets="${buildtype}_targets"
593 + [[ -n ${targets} ]] && conf_opts+=( --target-list="${!targets}" )
594 +
595 + # Add support for SystemTAP
596 + use systemtap && conf_opts+=( --enable-trace-backend=dtrace )
597 +
598 + # We always want to attempt to build with PIE support as it results
599 + # in a more secure binary. But it doesn't work with static or if
600 + # the current GCC doesn't have PIE support.
601 + if use ${static_flag}; then
602 + conf_opts+=( --static --disable-pie )
603 + else
604 + tc-enables-pie && conf_opts+=( --enable-pie )
605 + fi
606 +
607 + echo "../configure ${conf_opts[*]}"
608 + cd "${builddir}"
609 + ../configure "${conf_opts[@]}" || die "configure failed"
610 +
611 + # FreeBSD's kernel does not support QEMU assigning/grabbing
612 + # host USB devices yet
613 + use kernel_FreeBSD && \
614 + sed -i -E -e "s|^(HOST_USB=)bsd|\1stub|" "${S}"/config-host.mak
615 +}
616 +
617 +src_configure() {
618 + local target
619 +
620 + python_setup
621 +
622 + softmmu_targets= softmmu_bins=()
623 + user_targets= user_bins=()
624 +
625 + for target in ${IUSE_SOFTMMU_TARGETS} ; do
626 + if use "qemu_softmmu_targets_${target}"; then
627 + softmmu_targets+=",${target}-softmmu"
628 + softmmu_bins+=( "qemu-system-${target}" )
629 + fi
630 + done
631 +
632 + for target in ${IUSE_USER_TARGETS} ; do
633 + if use "qemu_user_targets_${target}"; then
634 + user_targets+=",${target}-linux-user"
635 + user_bins+=( "qemu-${target}" )
636 + fi
637 + done
638 +
639 + softmmu_targets=${softmmu_targets#,}
640 + user_targets=${user_targets#,}
641 +
642 + [[ -n ${softmmu_targets} ]] && qemu_src_configure "softmmu"
643 + [[ -n ${user_targets} ]] && qemu_src_configure "user"
644 + qemu_src_configure "tools"
645 +}
646 +
647 +src_compile() {
648 + if [[ -n ${user_targets} ]]; then
649 + cd "${S}/user-build"
650 + default
651 + fi
652 +
653 + if [[ -n ${softmmu_targets} ]]; then
654 + cd "${S}/softmmu-build"
655 + default
656 + fi
657 +
658 + cd "${S}/tools-build"
659 + default
660 +}
661 +
662 +src_test() {
663 + if [[ -n ${softmmu_targets} ]]; then
664 + cd "${S}/softmmu-build"
665 + pax-mark m */qemu-system-* #515550
666 + emake -j1 check
667 + emake -j1 check-report.html
668 + fi
669 +}
670 +
671 +qemu_python_install() {
672 + python_domodule "${S}/scripts/qmp/qmp.py"
673 +
674 + python_doscript "${S}/scripts/kvm/vmxcap"
675 + python_doscript "${S}/scripts/qmp/qmp-shell"
676 + python_doscript "${S}/scripts/qmp/qemu-ga-client"
677 +}
678 +
679 +# Generate binfmt support files.
680 +# - /etc/init.d/qemu-binfmt script which registers the user handlers (openrc)
681 +# - /usr/share/qemu/binfmt.d/qemu.conf (for use with systemd-binfmt)
682 +generate_initd() {
683 + local out="${T}/qemu-binfmt"
684 + local out_systemd="${T}/qemu.conf"
685 + local d="${T}/binfmt.d"
686 +
687 + einfo "Generating qemu binfmt scripts and configuration files"
688 +
689 + # Generate the debian fragments first.
690 + mkdir -p "${d}"
691 + "${S}"/scripts/qemu-binfmt-conf.sh \
692 + --debian \
693 + --exportdir "${d}" \
694 + --qemu-path "${EPREFIX}/usr/bin" \
695 + || die
696 + # Then turn the fragments into a shell script we can source.
697 + sed -E -i \
698 + -e 's:^([^ ]+) (.*)$:\1="\2":' \
699 + "${d}"/* || die
700 +
701 + # Generate the init.d script by assembling the fragments from above.
702 + local f qcpu package interpreter magic mask
703 + cat "${FILESDIR}"/qemu-binfmt.initd.head >"${out}" || die
704 + for f in "${d}"/qemu-* ; do
705 + source "${f}"
706 +
707 + # Normalize the cpu logic like we do in the init.d for the native cpu.
708 + qcpu=${package#qemu-}
709 + case ${qcpu} in
710 + arm*) qcpu="arm";;
711 + mips*) qcpu="mips";;
712 + ppc*) qcpu="ppc";;
713 + s390*) qcpu="s390";;
714 + sh*) qcpu="sh";;
715 + sparc*) qcpu="sparc";;
716 + esac
717 +
718 + cat <<EOF >>"${out}"
719 + if [ "\${cpu}" != "${qcpu}" -a -x "${interpreter}" ] ; then
720 + echo ':${package}:M::${magic}:${mask}:${interpreter}:'"\${QEMU_BINFMT_FLAGS}" >/proc/sys/fs/binfmt_misc/register
721 + fi
722 +EOF
723 +
724 + echo ":${package}:M::${magic}:${mask}:${interpreter}:OC" >>"${out_systemd}"
725 +
726 + done
727 + cat "${FILESDIR}"/qemu-binfmt.initd.tail >>"${out}" || die
728 +}
729 +
730 +src_install() {
731 + if [[ -n ${user_targets} ]]; then
732 + cd "${S}/user-build"
733 + emake DESTDIR="${ED}" install
734 +
735 + # Install binfmt handler init script for user targets.
736 + generate_initd
737 + doinitd "${T}/qemu-binfmt"
738 +
739 + # Install binfmt/qemu.conf.
740 + insinto "/usr/share/qemu/binfmt.d"
741 + doins "${T}/qemu.conf"
742 + fi
743 +
744 + if [[ -n ${softmmu_targets} ]]; then
745 + cd "${S}/softmmu-build"
746 + emake DESTDIR="${ED}" install
747 +
748 + # This might not exist if the test failed. #512010
749 + if [[ -e check-report.html ]]; then
750 + docinto html
751 + dodoc check-report.html
752 + fi
753 +
754 + if use kernel_linux; then
755 + udev_newrules "${FILESDIR}"/65-kvm.rules-r1 65-kvm.rules
756 + fi
757 +
758 + if use python; then
759 + python_foreach_impl qemu_python_install
760 + fi
761 + fi
762 +
763 + cd "${S}/tools-build"
764 + emake DESTDIR="${ED}" install
765 +
766 + # Disable mprotect on the qemu binaries as they use JITs to be fast #459348
767 + pushd "${ED}"/usr/bin >/dev/null
768 + pax-mark mr "${softmmu_bins[@]}" "${user_bins[@]}" # bug 575594
769 + popd >/dev/null
770 +
771 + # Install config file example for qemu-bridge-helper
772 + insinto "/etc/qemu"
773 + doins "${FILESDIR}/bridge.conf"
774 +
775 + cd "${S}"
776 + dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt
777 + newdoc pc-bios/README README.pc-bios
778 +
779 + if [[ -n ${softmmu_targets} ]]; then
780 + # Remove SeaBIOS since we're using the SeaBIOS packaged one
781 + rm "${ED}/usr/share/qemu/bios.bin"
782 + rm "${ED}/usr/share/qemu/bios-256k.bin"
783 + if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
784 + dosym ../seabios/bios.bin /usr/share/qemu/bios.bin
785 + dosym ../seabios/bios-256k.bin /usr/share/qemu/bios-256k.bin
786 + fi
787 +
788 + # Remove vgabios since we're using the seavgabios packaged one
789 + rm "${ED}/usr/share/qemu/vgabios.bin"
790 + rm "${ED}/usr/share/qemu/vgabios-cirrus.bin"
791 + rm "${ED}/usr/share/qemu/vgabios-qxl.bin"
792 + rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
793 + rm "${ED}/usr/share/qemu/vgabios-virtio.bin"
794 + rm "${ED}/usr/share/qemu/vgabios-vmware.bin"
795 + # PPC64 loads vgabios-stdvga
796 + if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386 || use qemu_softmmu_targets_ppc64; then
797 + dosym ../seavgabios/vgabios-isavga.bin /usr/share/qemu/vgabios.bin
798 + dosym ../seavgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
799 + dosym ../seavgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
800 + dosym ../seavgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
801 + dosym ../seavgabios/vgabios-virtio.bin /usr/share/qemu/vgabios-virtio.bin
802 + dosym ../seavgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
803 + fi
804 +
805 + # Remove sgabios since we're using the sgabios packaged one
806 + rm "${ED}/usr/share/qemu/sgabios.bin"
807 + if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
808 + dosym ../sgabios/sgabios.bin /usr/share/qemu/sgabios.bin
809 + fi
810 +
811 + # Remove iPXE since we're using the iPXE packaged one
812 + rm "${ED}"/usr/share/qemu/pxe-*.rom
813 + if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
814 + dosym ../ipxe/8086100e.rom /usr/share/qemu/pxe-e1000.rom
815 + dosym ../ipxe/80861209.rom /usr/share/qemu/pxe-eepro100.rom
816 + dosym ../ipxe/10500940.rom /usr/share/qemu/pxe-ne2k_pci.rom
817 + dosym ../ipxe/10222000.rom /usr/share/qemu/pxe-pcnet.rom
818 + dosym ../ipxe/10ec8139.rom /usr/share/qemu/pxe-rtl8139.rom
819 + dosym ../ipxe/1af41000.rom /usr/share/qemu/pxe-virtio.rom
820 + fi
821 + fi
822 +
823 + DISABLE_AUTOFORMATTING=true
824 + readme.gentoo_create_doc
825 +}
826 +
827 +firmware_abi_change() {
828 + local pv
829 + for pv in ${REPLACING_VERSIONS}; do
830 + if ver_test $pv -lt ${FIRMWARE_ABI_VERSION}; then
831 + return 0
832 + fi
833 + done
834 + return 1
835 +}
836 +
837 +pkg_postinst() {
838 + if [[ -n ${softmmu_targets} ]] && use kernel_linux; then
839 + udev_reload
840 + fi
841 +
842 + [[ -f ${D}/usr/libexec/qemu-bridge-helper ]] && \
843 + fcaps cap_net_admin /usr/libexec/qemu-bridge-helper
844 +
845 + DISABLE_AUTOFORMATTING=true
846 + readme.gentoo_print_elog
847 +
848 + if use pin-upstream-blobs && firmware_abi_change; then
849 + ewarn "This version of qemu pins new versions of firmware blobs:"
850 + ewarn " $(best_version sys-firmware/edk2-ovmf)"
851 + ewarn " $(best_version sys-firmware/ipxe)"
852 + ewarn " $(best_version sys-firmware/seabios)"
853 + ewarn " $(best_version sys-firmware/sgabios)"
854 + ewarn "This might break resume of hibernated guests (started with a different"
855 + ewarn "firmware version) and live migration to/from qemu versions with different"
856 + ewarn "firmware. Please (cold) restart all running guests. For functional"
857 + ewarn "guest migration ensure that all"
858 + ewarn "hosts run at least"
859 + ewarn " app-emulation/qemu-${FIRMWARE_ABI_VERSION}."
860 + fi
861 +}
862 +
863 +pkg_info() {
864 + echo "Using:"
865 + echo " $(best_version app-emulation/spice-protocol)"
866 + echo " $(best_version sys-firmware/edk2-ovmf)"
867 + if has_version 'sys-firmware/edk2-ovmf[binary]'; then
868 + echo " USE=binary"
869 + else
870 + echo " USE=''"
871 + fi
872 + echo " $(best_version sys-firmware/ipxe)"
873 + echo " $(best_version sys-firmware/seabios)"
874 + if has_version 'sys-firmware/seabios[binary]'; then
875 + echo " USE=binary"
876 + else
877 + echo " USE=''"
878 + fi
879 + echo " $(best_version sys-firmware/sgabios)"
880 +}
Report Message
Find on MARC Find on Google Groups