* [gentoo-commits] proj/hardened-dev:musl commit in: app-emulation/qemu/, app-emulation/qemu/files/
@ 2014-02-22 14:27 Anthony G. Basile
0 siblings, 0 replies; 4+ messages in thread
From: Anthony G. Basile @ 2014-02-22 14:27 UTC (permalink / raw
To: gentoo-commits
commit: 6211e2c38becf2b05e87d8f4cf2c6e5506738f03
Author: Felix Janda <felix.janda <AT> posteo <DOT> de>
AuthorDate: Wed Feb 19 19:19:49 2014 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Sat Feb 22 14:28:08 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-dev.git;a=commit;h=6211e2c3
app-emulation/qemu: add to tree
---
app-emulation/qemu/files/65-kvm.rules | 1 +
app-emulation/qemu/files/bridge.conf | 14 +
app-emulation/qemu/files/qemu-1.5.3-openpty.patch | 12 +
app-emulation/qemu/files/qemu-1.7.0-ffsll.patch | 19 +
app-emulation/qemu/files/qemu-1.7.0-sigset_t.patch | 12 +
app-emulation/qemu/files/qemu-9999-cflags.patch | 13 +
app-emulation/qemu/files/qemu-binfmt.initd-r1 | 129 +++++
app-emulation/qemu/files/qemu-kvm-1.4 | 3 +
app-emulation/qemu/metadata.xml | 52 ++
app-emulation/qemu/qemu-1.5.3-r99.ebuild | 552 +++++++++++++++++++++
10 files changed, 807 insertions(+)
diff --git a/app-emulation/qemu/files/65-kvm.rules b/app-emulation/qemu/files/65-kvm.rules
new file mode 100644
index 0000000..c2f7317
--- /dev/null
+++ b/app-emulation/qemu/files/65-kvm.rules
@@ -0,0 +1 @@
+KERNEL=="kvm", GROUP="kvm", MODE="0660"
diff --git a/app-emulation/qemu/files/bridge.conf b/app-emulation/qemu/files/bridge.conf
new file mode 100644
index 0000000..2bde37e
--- /dev/null
+++ b/app-emulation/qemu/files/bridge.conf
@@ -0,0 +1,14 @@
+# This should have the following permissions: root:qemu 0640
+
+# allow br0
+# Uncommenting the above would allow users in the 'qemu' group
+# to add devices to 'br0'
+
+# allow virbr0
+# Uncommenting the above would allow users in the 'qemu' group
+# to add devices to 'virbr0'
+
+# include /etc/qemu/bob.conf
+# Uncommenting the above would allow users in the 'bob' group
+# to have permissions defined in it, iff it has the following
+# permissions: root:bob 0640
diff --git a/app-emulation/qemu/files/qemu-1.5.3-openpty.patch b/app-emulation/qemu/files/qemu-1.5.3-openpty.patch
new file mode 100644
index 0000000..5c71c5b
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-1.5.3-openpty.patch
@@ -0,0 +1,12 @@
+Patch taken from sabotage linux
+--- qemu-1.7.0.org/util/qemu-openpty.c
++++ qemu-1.7.0/util/qemu-openpty.c
+@@ -47,6 +47,8 @@
+ #elif defined CONFIG_SOLARIS
+ # include <termios.h>
+ # include <stropts.h>
++#else
++# include <termios.h>
+ #endif
+
+ #ifdef __sun__
diff --git a/app-emulation/qemu/files/qemu-1.7.0-ffsll.patch b/app-emulation/qemu/files/qemu-1.7.0-ffsll.patch
new file mode 100644
index 0000000..481bd72
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-1.7.0-ffsll.patch
@@ -0,0 +1,19 @@
+taken from sabotage linux
+--- qemu-1.7.0.org/hw/virtio/vhost.c
++++ qemu-1.7.0/hw/virtio/vhost.c
+@@ -22,6 +22,15 @@
+ #include "exec/address-spaces.h"
+ #include "hw/virtio/virtio-bus.h"
+
++#ifndef HAVE_FFSLL
++static int ffsll(long long i) {
++ unsigned long long x = i & -i;
++ if (x <= 0xffffffff) return ffs (i);
++ else return 32 + ffs (i >> 32);
++}
++#endif
++
++
+ static void vhost_dev_sync_region(struct vhost_dev *dev,
+ MemoryRegionSection *section,
+ uint64_t mfirst, uint64_t mlast,
diff --git a/app-emulation/qemu/files/qemu-1.7.0-sigset_t.patch b/app-emulation/qemu/files/qemu-1.7.0-sigset_t.patch
new file mode 100644
index 0000000..1d5d173
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-1.7.0-sigset_t.patch
@@ -0,0 +1,12 @@
+taken from sabotage linux
+--- qemu-1.7.0.org/linux-user/syscall.c
++++ qemu-1.7.0/linux-user/syscall.c
+@@ -400,7 +400,7 @@
+ #endif
+ #define __NR_sys_ppoll __NR_ppoll
+ _syscall5(int, sys_ppoll, struct pollfd *, fds, nfds_t, nfds,
+- struct timespec *, timeout, const __sigset_t *, sigmask,
++ struct timespec *, timeout, const sigset_t *, sigmask,
+ size_t, sigsetsize)
+ #endif
+
diff --git a/app-emulation/qemu/files/qemu-9999-cflags.patch b/app-emulation/qemu/files/qemu-9999-cflags.patch
new file mode 100644
index 0000000..08a6c9f
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-9999-cflags.patch
@@ -0,0 +1,13 @@
+diff --git a/configure b/configure
+index 82f6e71..7e19aaf 100755
+--- a/configure
++++ b/configure
+@@ -3131,8 +3131,6 @@ fi
+ if test "$gcov" = "yes" ; then
+ CFLAGS="-fprofile-arcs -ftest-coverage -g $CFLAGS"
+ LDFLAGS="-fprofile-arcs -ftest-coverage $LDFLAGS"
+-elif test "$debug" = "no" ; then
+- CFLAGS="-O2 -D_FORTIFY_SOURCE=2 $CFLAGS"
+ fi
+
+
diff --git a/app-emulation/qemu/files/qemu-binfmt.initd-r1 b/app-emulation/qemu/files/qemu-binfmt.initd-r1
new file mode 100644
index 0000000..4b1dba5
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-binfmt.initd-r1
@@ -0,0 +1,129 @@
+#!/sbin/runscript
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/qemu/files/qemu-binfmt.initd-r1,v 1.3 2013/02/17 22:05:22 vapier Exp $
+
+# enable automatic i386/ARM/M68K/MIPS/SPARC/PPC/s390 program execution by the kernel
+
+depend() {
+ after procfs
+}
+
+start() {
+ ebegin "Registering qemu-user binaries"
+
+ if [ ! -d /proc/sys/fs/binfmt_misc ] ; then
+ modprobe -q binfmt_misc
+ fi
+
+ if [ ! -d /proc/sys/fs/binfmt_misc ] ; then
+ eend $? "You need support for 'misc binaries' in your kernel!" || return
+ fi
+
+ if [ ! -f /proc/sys/fs/binfmt_misc/register ] ; then
+ mount -t binfmt_misc binfmt_misc /proc/sys/fs/binfmt_misc >/dev/null 2>&1
+ eend $? || return
+ fi
+
+ # probe cpu type
+ cpu=`uname -m`
+ case "$cpu" in
+ i386|i486|i586|i686|i86pc|BePC|x86_64)
+ cpu="i386"
+ ;;
+ m68k)
+ cpu="m68k"
+ ;;
+ mips*)
+ cpu="mips"
+ ;;
+ "Power Macintosh"|ppc|ppc64)
+ cpu="ppc"
+ ;;
+ armv[4-9]*)
+ cpu="arm"
+ ;;
+ sparc*)
+ cpu="sparc"
+ ;;
+ esac
+
+ # register the interpreter for each cpu except for the native one
+ if [ $cpu != "i386" -a -x "/usr/bin/qemu-i386" ] ; then
+ echo ':i386:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x03\x00:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-i386:P' > /proc/sys/fs/binfmt_misc/register
+ echo ':i486:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x06\x00:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-i386:P' > /proc/sys/fs/binfmt_misc/register
+ fi
+ if [ $cpu != "alpha" -a -x "/usr/bin/qemu-alpha" ] ; then
+ echo ':alpha:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x26\x90:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-alpha:P' > /proc/sys/fs/binfmt_misc/register
+ fi
+ if [ $cpu != "arm" -a -x "/usr/bin/qemu-arm" ] ; then
+ echo ':arm:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff:/usr/bin/qemu-arm:P' > /proc/sys/fs/binfmt_misc/register
+ fi
+ if [ $cpu != "arm" -a -x "/usr/bin/qemu-armeb" ] ; then
+ echo ':armeb:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-armeb:P' > /proc/sys/fs/binfmt_misc/register
+ fi
+ if [ $cpu != "sparc" -a -x "/usr/bin/qemu-sparc" ] ; then
+ echo ':sparc:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x02:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-sparc:P' > /proc/sys/fs/binfmt_misc/register
+ fi
+ if [ $cpu != "ppc" -a -x "/usr/bin/qemu-ppc" ] ; then
+ echo ':ppc:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x14:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-ppc:P' > /proc/sys/fs/binfmt_misc/register
+ fi
+ if [ $cpu != "m68k" -a -x "/usr/bin/qemu-m68k" ] ; then
+ echo 'Please check cpu value and header information for m68k!'
+ echo ':m68k:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-m68k:P' > /proc/sys/fs/binfmt_misc/register
+ fi
+ if [ $cpu != "mips" -a -x "/usr/bin/qemu-mips" ] ; then
+ # FIXME: We could use the other endianness on a MIPS host.
+ echo ':mips:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mips:P' > /proc/sys/fs/binfmt_misc/register
+ fi
+ if [ $cpu != "mips" -a -x "/usr/bin/qemu-mipsel" ] ; then
+ echo ':mipsel:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mipsel:P' > /proc/sys/fs/binfmt_misc/register
+ fi
+ if [ $cpu != "mips" -a -x "/usr/bin/qemu-mipsn32" ] ; then
+ echo ':mipsn32:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mipsn32:P' > /proc/sys/fs/binfmt_misc/register
+ fi
+ if [ $cpu != "mips" -a -x "/usr/bin/qemu-mipsn32el" ] ; then
+ echo ':mipsn32el:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mipsn32el:P' > /proc/sys/fs/binfmt_misc/register
+ fi
+ if [ $cpu != "mips" -a -x "/usr/bin/qemu-mips64" ] ; then
+ echo ':mips64:M::\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mips64:P' > /proc/sys/fs/binfmt_misc/register
+ fi
+ if [ $cpu != "mips" -a -x "/usr/bin/qemu-mips64el" ] ; then
+ echo ':mips64el:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mips64el:P' > /proc/sys/fs/binfmt_misc/register
+ fi
+ if [ $cpu != "sh" -a -x "/usr/bin/qemu-sh4" ] ; then
+ echo ':sh4:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2a\x00:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-sh4:P' > /proc/sys/fs/binfmt_misc/register
+ fi
+ if [ $cpu != "sh" -a -x "/usr/bin/qemu-sh4eb" ] ; then
+ echo ':sh4eb:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2a:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-sh4eb:P' > /proc/sys/fs/binfmt_misc/register
+ fi
+ if [ $cpu != "s390x" -a -x "/usr/local/bin/qemu-s390x" ] ; then
+ echo ':s390x:M::\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x16:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/local/bin/qemu-s390x:P' > /proc/sys/fs/binfmt_misc/register
+ fi
+ eend $?
+}
+
+stop() {
+ ebegin "Unregistering qemu-user binaries"
+ local arches
+
+ arches="${arches} i386 i486"
+ arches="${arches} alpha"
+ arches="${arches} arm armeb"
+ arches="${arches} sparc"
+ arches="${arches} ppc"
+ arches="${arches} m68k"
+ arches="${arches} mips mipsel mipsn32 mipsn32el mips64 mips64el"
+ arches="${arches} sh4 sh4eb"
+ arches="${arches} s390x"
+
+ for a in ${arches}; do
+ if [ -f /proc/sys/fs/binfmt_misc/$a ] ; then
+ echo '-1' > /proc/sys/fs/binfmt_misc/$a
+ fi
+ done
+
+ eend $?
+}
+
+# vim: ts=4 :
diff --git a/app-emulation/qemu/files/qemu-kvm-1.4 b/app-emulation/qemu/files/qemu-kvm-1.4
new file mode 100644
index 0000000..08da00b
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-kvm-1.4
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+exec /usr/bin/qemu-system-x86_64 -machine accel=kvm "$@"
diff --git a/app-emulation/qemu/metadata.xml b/app-emulation/qemu/metadata.xml
new file mode 100644
index 0000000..b80eaf7
--- /dev/null
+++ b/app-emulation/qemu/metadata.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <herd>qemu</herd>
+ <maintainer>
+ <email>cardoe@gentoo.org</email>
+ <name>Doug Goldstein</name>
+ </maintainer>
+ <use>
+ <flag name='accessibility'>Adds support for braille displays using brltty</flag>
+ <flag name='aio'>Enables support for Linux's Async IO</flag>
+ <flag name='alsa'>Enable alsa output for sound emulation</flag>
+ <flag name='curl'>Support ISOs / -cdrom directives vis HTTP or HTTPS.</flag>
+ <flag name='fdt'>Enables firmware device tree support</flag>
+ <flag name='glusterfs'>Enables GlusterFS cluster fileystem via
+ <pkg>sys-cluster/glusterfs</pkg></flag>
+ <flag name='iscsi'>Enable direct iSCSI support via
+ <pkg>net-libs/libiscsi</pkg> instead of indirectly via the Linux
+ block layer that <pkg>sys-block/open-iscsi</pkg> does.</flag>
+ <flag name='mixemu'>Enable audio mixer emulation. On Fedora, known to cause performance problems when using SDL output and ALSA. For OSS, locks the sound device from other applications.</flag>
+ <flag name='ncurses'>Enable the ncurses-based console</flag>
+ <flag name='pulseaudio'>Enable pulseaudio output for sound emulation</flag>
+ <flag name='rbd'>Enable rados block device backend support, see http://ceph.newdream.net/wiki/QEMU-RBD</flag>
+ <flag name='sdl'>Enable the SDL-based console</flag>
+ <flag name='seccomp'>Utilize <pkg>sys-libs/libseccomp</pkg> to enable kernel filtering of system calls to prevent malicious guests from doing damage.</flag>
+ <flag name='spice'>Enable Spice protocol support via <pkg>app-emulation/spice</pkg></flag>
+ <flag name='ssh'>Enable SSH based block device support via <pkg>net-libs/libssh2</pkg></flag>
+ <flag name='static-softmmu'>Builds the Software MMU (system) targets as static binaries</flag>
+ <flag name='static-user'>Build the User targets as static binaries</flag>
+ <flag name='static'>Enables both 'static-softmmu' and 'static-user'</flag>
+ <flag name='systemtap'>Enable SystemTAP/DTrace tracing</flag>
+ <flag name='tci'>Enable the TCG Interpreter which can speed up or slowdown workloads depending on the host and guest CPUs being emulated. In the future it will be a runtime option but for now its compile time.</flag>
+ <flag name='tls'>Enable TLS support for the VNC console server.
+ For 1.4 and newer this also enables WebSocket support.</flag>
+ <flag name='jpeg'>Enable jpeg image support for the VNC console server</flag>
+ <flag name='png'>Enable png image support for the VNC console server</flag>
+ <flag name='usb'>Enable USB passthrough via <pkg>dev-libs/libusbx</pkg></flag>
+ <flag name="usbredir">Use <pkg>sys-apps/usbredir</pkg> to redirect USB
+ devices to another machine over TCP</flag>
+ <flag name='uuid'>Enable UUID support in the vdi block driver</flag>
+ <flag name='vde'>Enable VDE-based networking</flag>
+ <flag name='vhost-net'>Enable accelerated networking using vhost-net, see http://www.linux-kvm.org/page/VhostNet</flag>
+ <flag name='virtfs'>Enable VirtFS via virtio-9p-pci / fsdev. See http://wiki.qemu.org/Documentation/9psetup</flag>
+ <flag name='xattr'>
+ Add support for getting and setting POSIX extended attributes, through
+ <pkg>sys-apps/attr</pkg>. Requisite for the virtfs backend.
+ </flag>
+ <flag name='xen'>Enables support for Xen backends</flag>
+ <flag name='xfs'>Support xfsctl() notification and syncing for XFS backed
+ virtual disks.</flag>
+ </use>
+</pkgmetadata>
diff --git a/app-emulation/qemu/qemu-1.5.3-r99.ebuild b/app-emulation/qemu/qemu-1.5.3-r99.ebuild
new file mode 100644
index 0000000..e6adfb1
--- /dev/null
+++ b/app-emulation/qemu/qemu-1.5.3-r99.ebuild
@@ -0,0 +1,552 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/qemu/qemu-1.5.3.ebuild,v 1.3 2013/09/15 09:29:18 ago Exp $
+
+EAPI=5
+
+PYTHON_COMPAT=( python{2_6,2_7} )
+PYTHON_REQ_USE="ncurses,readline"
+
+inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \
+ user udev fcaps readme.gentoo
+
+BACKPORTS=25d93791
+
+if [[ ${PV} = *9999* ]]; then
+ EGIT_REPO_URI="git://git.qemu.org/qemu.git"
+ inherit git-2
+ SRC_URI=""
+ KEYWORDS=""
+else
+ SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2
+ ${BACKPORTS:+
+ http://dev.gentoo.org/~cardoe/distfiles/${P}-${BACKPORTS}.tar.xz}"
+ KEYWORDS="amd64 x86"
+fi
+
+DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
+HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
+
+LICENSE="GPL-2 LGPL-2 BSD-2"
+SLOT="0"
+IUSE="accessibility +aio alsa bluetooth +caps +curl debug fdt glusterfs \
+gtk iscsi +jpeg \
+kernel_linux kernel_FreeBSD mixemu ncurses opengl +png pulseaudio python \
+rbd sasl +seccomp sdl selinux smartcard spice static static-softmmu \
+static-user systemtap tci test +threads tls usbredir +uuid vde +vhost-net \
+virtfs +vnc xattr xen xfs"
+
+COMMON_TARGETS="i386 x86_64 alpha arm cris m68k microblaze microblazeel mips
+mipsel mips64 mips64el or32 ppc ppc64 sh4 sh4eb sparc sparc64 s390x unicore32"
+IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS} lm32 moxie ppcemb xtensa xtensaeb"
+IUSE_USER_TARGETS="${COMMON_TARGETS} armeb mipsn32 mipsn32el ppc64abi32 sparc32plus"
+
+# Setup the default SoftMMU targets, while using the loops
+# below to setup the other targets.
+REQUIRED_USE="|| ("
+
+for target in ${IUSE_SOFTMMU_TARGETS}; do
+ IUSE="${IUSE} qemu_softmmu_targets_${target}"
+ REQUIRED_USE="${REQUIRED_USE} qemu_softmmu_targets_${target}"
+done
+
+for target in ${IUSE_USER_TARGETS}; do
+ IUSE="${IUSE} qemu_user_targets_${target}"
+ REQUIRED_USE="${REQUIRED_USE} qemu_user_targets_${target}"
+done
+REQUIRED_USE="${REQUIRED_USE} )"
+
+# Block USE flag configurations known to not work
+REQUIRED_USE="${REQUIRED_USE}
+ python? ( ${PYTHON_REQUIRED_USE} )
+ static? ( static-softmmu static-user )
+ static-softmmu? ( !alsa !pulseaudio !bluetooth !opengl !gtk )
+ virtfs? ( xattr )"
+
+# Yep, you need both libcap and libcap-ng since virtfs only uses libcap.
+LIB_DEPEND=">=dev-libs/glib-2.0[static-libs(+)]
+ sys-apps/pciutils[static-libs(+)]
+ sys-libs/zlib[static-libs(+)]
+ >=x11-libs/pixman-0.28.0[static-libs(+)]
+ aio? ( dev-libs/libaio[static-libs(+)] )
+ caps? ( sys-libs/libcap-ng[static-libs(+)] )
+ curl? ( >=net-misc/curl-7.15.4[static-libs(+)] )
+ fdt? ( >=sys-apps/dtc-1.2.0[static-libs(+)] <sys-apps/dtc-1.4.0[static-libs(+)] )
+ glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] )
+ jpeg? ( virtual/jpeg[static-libs(+)] )
+ ncurses? ( sys-libs/ncurses[static-libs(+)] )
+ png? ( media-libs/libpng[static-libs(+)] )
+ rbd? ( sys-cluster/ceph[static-libs(+)] )
+ sasl? ( dev-libs/cyrus-sasl[static-libs(+)] )
+ sdl? ( >=media-libs/libsdl-1.2.11[static-libs(+)] )
+ seccomp? ( >=sys-libs/libseccomp-1.0.1[static-libs(+)] )
+ spice? ( >=app-emulation/spice-0.12.0[static-libs(+)] )
+ tls? ( net-libs/gnutls[static-libs(+)] )
+ uuid? ( >=sys-apps/util-linux-2.16.0[static-libs(+)] )
+ vde? ( net-misc/vde[static-libs(+)] )
+ xattr? ( sys-apps/attr[static-libs(+)] )
+ xfs? ( sys-fs/xfsprogs[static-libs(+)] )"
+RDEPEND="!static-softmmu? ( ${LIB_DEPEND//\[static-libs(+)]} )
+ static-user? ( >=dev-libs/glib-2.0[static-libs(+)] )
+ qemu_softmmu_targets_i386? (
+ >=sys-firmware/ipxe-1.0.0_p20130624
+ ~sys-firmware/seabios-1.7.2.2
+ ~sys-firmware/sgabios-0.1_pre8
+ ~sys-firmware/vgabios-0.7a
+ )
+ qemu_softmmu_targets_x86_64? (
+ >=sys-firmware/ipxe-1.0.0_p20130624
+ ~sys-firmware/seabios-1.7.2.2
+ ~sys-firmware/sgabios-0.1_pre8
+ ~sys-firmware/vgabios-0.7a
+ )
+ accessibility? ( app-accessibility/brltty )
+ alsa? ( >=media-libs/alsa-lib-1.0.13 )
+ bluetooth? ( net-wireless/bluez )
+ gtk? (
+ x11-libs/gtk+:3
+ x11-libs/vte:2.90
+ )
+ iscsi? ( net-libs/libiscsi )
+ opengl? ( virtual/opengl )
+ pulseaudio? ( media-sound/pulseaudio )
+ python? ( ${PYTHON_DEPS} )
+ sdl? ( media-libs/libsdl[X] )
+ selinux? ( sec-policy/selinux-qemu )
+ smartcard? ( dev-libs/nss !app-emulation/libcacard )
+ spice? ( >=app-emulation/spice-protocol-0.12.3 )
+ systemtap? ( dev-util/systemtap )
+ usbredir? ( >=sys-apps/usbredir-0.6 )
+ virtfs? ( sys-libs/libcap )
+ xen? ( app-emulation/xen-tools )"
+
+DEPEND="${RDEPEND}
+ dev-lang/perl
+ =dev-lang/python-2*
+ sys-apps/texinfo
+ virtual/pkgconfig
+ kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 )
+ static-softmmu? ( ${LIB_DEPEND} )
+ test? (
+ dev-libs/glib[utils]
+ sys-devel/bc
+ )"
+
+STRIP_MASK="/usr/share/qemu/palcode-clipper"
+
+QA_PREBUILT="
+ usr/share/qemu/openbios-ppc
+ usr/share/qemu/openbios-sparc64
+ usr/share/qemu/openbios-sparc32
+ usr/share/qemu/palcode-clipper
+ usr/share/qemu/s390-ccw.img"
+
+QA_WX_LOAD="usr/bin/qemu-i386
+ usr/bin/qemu-x86_64
+ usr/bin/qemu-alpha
+ usr/bin/qemu-arm
+ usr/bin/qemu-cris
+ usr/bin/qemu-m68k
+ usr/bin/qemu-microblaze
+ usr/bin/qemu-microblazeel
+ usr/bin/qemu-mips
+ usr/bin/qemu-mipsel
+ usr/bin/qemu-or32
+ usr/bin/qemu-ppc
+ usr/bin/qemu-ppc64
+ usr/bin/qemu-ppc64abi32
+ usr/bin/qemu-sh4
+ usr/bin/qemu-sh4eb
+ usr/bin/qemu-sparc
+ usr/bin/qemu-sparc64
+ usr/bin/qemu-armeb
+ usr/bin/qemu-sparc32plus
+ usr/bin/qemu-s390x
+ usr/bin/qemu-unicore32"
+
+DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure
+you have the kernel module loaded before running kvm. The easiest way to
+ensure that the kernel module is loaded is to load it on boot.\n
+For AMD CPUs the module is called 'kvm-amd'\n
+For Intel CPUs the module is called 'kvm-intel'\n
+Please review /etc/conf.d/modules for how to load these\n\n
+Make sure your user is in the 'kvm' group\n
+Just run 'gpasswd -a <USER> kvm', then have <USER> re-login."
+
+qemu_support_kvm() {
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386 \
+ use qemu_softmmu_targets_ppc || use qemu_softmmu_targets_ppc64 \
+ use qemu_softmmu_targets_s390x; then
+ return 0
+ fi
+
+ return 1
+}
+
+pkg_pretend() {
+ if use kernel_linux && kernel_is lt 2 6 25; then
+ eerror "This version of KVM requres a host kernel of 2.6.25 or higher."
+ elif use kernel_linux; then
+ if ! linux_config_exists; then
+ eerror "Unable to check your kernel for KVM support"
+ else
+ CONFIG_CHECK="~KVM ~TUN ~BRIDGE"
+ ERROR_KVM="You must enable KVM in your kernel to continue"
+ ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in"
+ ERROR_KVM_AMD+=" your kernel configuration."
+ ERROR_KVM_INTEL="If you have an Intel CPU, you must enable"
+ ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration."
+ ERROR_TUN="You will need the Universal TUN/TAP driver compiled"
+ ERROR_TUN+=" into your kernel or loaded as a module to use the"
+ ERROR_TUN+=" virtual network device if using -net tap."
+ ERROR_BRIDGE="You will also need support for 802.1d"
+ ERROR_BRIDGE+=" Ethernet Bridging for some network configurations."
+ use vhost-net && CONFIG_CHECK+=" ~VHOST_NET"
+ ERROR_VHOST_NET="You must enable VHOST_NET to have vhost-net"
+ ERROR_VHOST_NET+=" support"
+
+ if use amd64 || use x86 || use amd64-linux || use x86-linux; then
+ CONFIG_CHECK+=" ~KVM_AMD ~KVM_INTEL"
+ fi
+
+ use python && CONFIG_CHECK+=" ~DEBUG_FS"
+ ERROR_DEBUG_FS="debugFS support required for kvm_stat"
+
+ # Now do the actual checks setup above
+ check_extra_config
+ fi
+ fi
+}
+
+pkg_setup() {
+ enewgroup kvm 78
+
+ python_export_best
+}
+
+src_prepare() {
+ # Alter target makefiles to accept CFLAGS set via flag-o
+ sed -i 's/^\(C\|OP_C\|HELPER_C\)FLAGS=/\1FLAGS+=/' \
+ Makefile Makefile.target || die
+
+ epatch "${FILESDIR}"/qemu-9999-cflags.patch
+ epatch "${FILESDIR}"/qemu-1.5.3-openpty.patch
+ epatch "${FILESDIR}"/qemu-1.7.0-sigset_t.patch
+ epatch "${FILESDIR}"/qemu-1.7.0-ffsll.patch
+ [[ -n ${BACKPORTS} ]] && \
+ EPATCH_FORCE=yes EPATCH_SUFFIX="patch" EPATCH_SOURCE="${S}/patches" \
+ epatch
+
+ append-flags "-Dflock64=flock -D__SIGRTMIN=32 -D__SIGRTMAX=\(NSIG-1\)"
+ append-flags "-DF_EXLCK=4 -DF_SHLCK=8"
+
+ # Fix ld and objcopy being called directly
+ tc-export LD OBJCOPY
+
+ # Verbose builds
+ MAKEOPTS+=" V=1"
+
+ epatch_user
+}
+
+##
+# configures qemu based on the build directory and the build type
+# we are using.
+#
+qemu_src_configure() {
+ debug-print-function $FUNCNAME "$@"
+
+ local buildtype=$1
+ local builddir=$2
+ local conf_opts audio_opts
+ local static_flag="static-${buildtype}"
+
+ conf_opts="--prefix=/usr"
+ conf_opts+=" --sysconfdir=/etc"
+ conf_opts+=" --libdir=/usr/$(get_libdir)"
+ conf_opts+=" --docdir=/usr/share/doc/${PF}/html"
+ conf_opts+=" --disable-bsd-user"
+ conf_opts+=" --disable-guest-agent"
+ conf_opts+=" --disable-strip"
+ conf_opts+=" --disable-werror"
+ conf_opts+=" --python=${PYTHON}"
+
+ # audio options
+ audio_opts="oss"
+ use alsa && audio_opts="alsa,${audio_opts}"
+ use sdl && audio_opts="sdl,${audio_opts}"
+ use pulseaudio && audio_opts="pa,${audio_opts}"
+
+ if [[ ${buildtype} == "user" ]]; then
+ conf_opts+=" --enable-linux-user"
+ conf_opts+=" --disable-system"
+ conf_opts+=" --target-list=${user_targets}"
+ conf_opts+=" --disable-blobs"
+ conf_opts+=" --disable-bluez"
+ conf_opts+=" --disable-curses"
+ conf_opts+=" --disable-kvm"
+ conf_opts+=" --disable-libiscsi"
+ conf_opts+=" --disable-glusterfs"
+ conf_opts+=" $(use_enable seccomp)"
+ conf_opts+=" --disable-sdl"
+ conf_opts+=" --disable-smartcard-nss"
+ conf_opts+=" --disable-tools"
+ conf_opts+=" --disable-vde"
+ fi
+
+ if [[ ${buildtype} == "softmmu" ]]; then
+ conf_opts+=" --disable-linux-user"
+ conf_opts+=" --enable-system"
+ conf_opts+=" --with-system-pixman"
+ conf_opts+=" --target-list=${softmmu_targets}"
+ conf_opts+=" $(use_enable bluetooth bluez)"
+ conf_opts+=" $(use_enable gtk)"
+ use gtk && conf_opts+=" --with-gtkabi=3.0"
+ conf_opts+=" $(use_enable sdl)"
+ conf_opts+=" $(use_enable aio linux-aio)"
+ conf_opts+=" $(use_enable accessibility brlapi)"
+ conf_opts+=" $(use_enable caps cap-ng)"
+ conf_opts+=" $(use_enable curl)"
+ conf_opts+=" $(use_enable fdt)"
+ conf_opts+=" $(use_enable glusterfs)"
+ conf_opts+=" $(use_enable iscsi libiscsi)"
+ conf_opts+=" $(use_enable jpeg vnc-jpeg)"
+ conf_opts+=" $(use_enable kernel_linux kvm)"
+ conf_opts+=" $(use_enable kernel_linux nptl)"
+ conf_opts+=" $(use_enable ncurses curses)"
+ conf_opts+=" $(use_enable opengl glx)"
+ conf_opts+=" $(use_enable png vnc-png)"
+ conf_opts+=" $(use_enable rbd)"
+ conf_opts+=" $(use_enable sasl vnc-sasl)"
+ conf_opts+=" $(use_enable seccomp)"
+ conf_opts+=" $(use_enable smartcard smartcard-nss)"
+ conf_opts+=" $(use_enable spice)"
+ conf_opts+=" $(use_enable tls vnc-tls)"
+ conf_opts+=" $(use_enable tls vnc-ws)"
+ conf_opts+=" $(use_enable usbredir usb-redir)"
+ conf_opts+=" $(use_enable uuid)"
+ conf_opts+=" $(use_enable vde)"
+ conf_opts+=" $(use_enable vhost-net)"
+ conf_opts+=" $(use_enable virtfs)"
+ conf_opts+=" $(use_enable vnc)"
+ conf_opts+=" $(use_enable xattr attr)"
+ conf_opts+=" $(use_enable xen)"
+ conf_opts+=" $(use_enable xen xen-pci-passthrough)"
+ conf_opts+=" $(use_enable xfs xfsctl)"
+ use mixemu && conf_opts+=" --enable-mixemu"
+ conf_opts+=" --audio-drv-list=${audio_opts}"
+ conf_opts+=" --enable-migration-from-qemu-kvm"
+ fi
+
+ conf_opts+=" $(use_enable debug debug-info)"
+ conf_opts+=" $(use_enable debug debug-tcg)"
+ conf_opts+=" --enable-docs"
+ conf_opts+=" $(use_enable tci tcg-interpreter)"
+
+ # Add support for SystemTAP
+ use systemtap && conf_opts="${conf_opts} --enable-trace-backend=dtrace"
+
+ # Add support for static builds
+ use ${static_flag} && conf_opts="${conf_opts} --static --disable-pie"
+
+ # We always want to attempt to build with PIE support as it results
+ # in a more secure binary. But it doesn't work with static or if
+ # the current GCC doesn't have PIE support.
+ if ! use ${static_flag} && gcc-specs-pie; then
+ conf_opts="${conf_opts} --enable-pie"
+ fi
+
+ einfo "./configure ${conf_opts}"
+ cd ${builddir}
+ ../configure \
+ --cc="$(tc-getCC)" \
+ --host-cc="$(tc-getBUILD_CC)" \
+ ${conf_opts} \
+ || die "configure failed"
+
+ # FreeBSD's kernel does not support QEMU assigning/grabbing
+ # host USB devices yet
+ use kernel_FreeBSD && \
+ sed -E -e "s|^(HOST_USB=)bsd|\1stub|" -i "${S}"/config-host.mak
+}
+
+src_configure() {
+ softmmu_targets=
+ user_targets=
+
+ for target in ${IUSE_SOFTMMU_TARGETS} ; do
+ use "qemu_softmmu_targets_${target}" && \
+ softmmu_targets="${softmmu_targets},${target}-softmmu"
+ done
+
+ for target in ${IUSE_USER_TARGETS} ; do
+ use "qemu_user_targets_${target}" && \
+ user_targets="${user_targets},${target}-linux-user"
+ done
+
+ [[ -n ${softmmu_targets} ]] && \
+ einfo "Building the following softmmu targets: ${softmmu_targets}"
+
+ [[ -n ${user_targets} ]] && \
+ einfo "Building the following user targets: ${user_targets}"
+
+ if [[ -n ${softmmu_targets} ]]; then
+ mkdir "${S}/softmmu-build"
+ qemu_src_configure "softmmu" "${S}/softmmu-build"
+ fi
+
+ if [[ -n ${user_targets} ]]; then
+ mkdir "${S}/user-build"
+ qemu_src_configure "user" "${S}/user-build"
+ fi
+}
+
+src_compile() {
+ if [[ -n ${user_targets} ]]; then
+ cd "${S}/user-build"
+ default
+ fi
+
+ if [[ -n ${softmmu_targets} ]]; then
+ cd "${S}/softmmu-build"
+ default
+ fi
+}
+
+src_test() {
+ cd "${S}/softmmu-build"
+ emake -j1 check
+ emake -j1 check-report.html
+}
+
+qemu_python_install() {
+ python_domodule "${S}/QMP/qmp.py"
+
+ python_doscript "${S}/scripts/kvm/kvm_stat"
+ python_doscript "${S}/scripts/kvm/vmxcap"
+ python_doscript "${S}/QMP/qmp-shell"
+ python_doscript "${S}/QMP/qemu-ga-client"
+}
+
+src_install() {
+ if [[ -n ${user_targets} ]]; then
+ cd "${S}/user-build"
+ emake DESTDIR="${ED}" install
+
+ # Install binfmt handler init script for user targets
+ newinitd "${FILESDIR}/qemu-binfmt.initd-r1" qemu-binfmt
+ fi
+
+ if [[ -n ${softmmu_targets} ]]; then
+ cd "${S}/softmmu-build"
+ emake DESTDIR="${ED}" install
+
+ if use test; then
+ dohtml check-report.html
+ fi
+
+ if use kernel_linux; then
+ udev_dorules "${FILESDIR}"/65-kvm.rules
+ fi
+
+ if use qemu_softmmu_targets_x86_64 ; then
+ newbin "${FILESDIR}/qemu-kvm-1.4" qemu-kvm
+ ewarn "The deprecated '/usr/bin/kvm' symlink is no longer installed"
+ ewarn "You should use '/usr/bin/qemu-kvm', you may need to edit"
+ ewarn "your libvirt configs or other wrappers for ${PN}"
+ elif use x86 || use amd64; then
+ elog "You disabled QEMU_SOFTMMU_TARGETS=x86_64, this disables install"
+ elog "of the /usr/bin/qemu-kvm script."
+ fi
+
+ if use python; then
+ python_foreach_impl qemu_python_install
+ fi
+ fi
+
+ # Install config file example for qemu-bridge-helper
+ insinto "/etc/qemu"
+ doins "${FILESDIR}/bridge.conf"
+
+ # Remove the docdir placed qmp-commands.txt
+ mv "${ED}/usr/share/doc/${PF}/html/qmp-commands.txt" "${S}/QMP/"
+
+ cd "${S}"
+ dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt
+ newdoc pc-bios/README README.pc-bios
+ dodoc QMP/qmp-commands.txt QMP/qmp-events.txt QMP/qmp-spec.txt
+
+ # Remove SeaBIOS since we're using the SeaBIOS packaged one
+ rm "${ED}/usr/share/qemu/bios.bin"
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
+ dosym ../seabios/bios.bin /usr/share/qemu/bios.bin
+ fi
+
+ # Remove vgabios since we're using the vgabios packaged one
+ rm "${ED}/usr/share/qemu/vgabios.bin"
+ rm "${ED}/usr/share/qemu/vgabios-cirrus.bin"
+ rm "${ED}/usr/share/qemu/vgabios-qxl.bin"
+ rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
+ rm "${ED}/usr/share/qemu/vgabios-vmware.bin"
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
+ dosym ../vgabios/vgabios.bin /usr/share/qemu/vgabios.bin
+ dosym ../vgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
+ dosym ../vgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
+ dosym ../vgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
+ dosym ../vgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
+ fi
+
+ # Remove sgabios since we're using the sgabios packaged one
+ rm "${ED}/usr/share/qemu/sgabios.bin"
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
+ dosym ../sgabios/sgabios.bin /usr/share/qemu/sgabios.bin
+ fi
+
+ # Remove iPXE since we're using the iPXE packaged one
+ rm "${ED}"/usr/share/qemu/pxe-*.rom
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
+ dosym ../ipxe/8086100e.rom /usr/share/qemu/pxe-e1000.rom
+ dosym ../ipxe/80861209.rom /usr/share/qemu/pxe-eepro100.rom
+ dosym ../ipxe/10500940.rom /usr/share/qemu/pxe-ne2k_pci.rom
+ dosym ../ipxe/10222000.rom /usr/share/qemu/pxe-pcnet.rom
+ dosym ../ipxe/10ec8139.rom /usr/share/qemu/pxe-rtl8139.rom
+ dosym ../ipxe/1af41000.rom /usr/share/qemu/pxe-virtio.rom
+ fi
+
+ qemu_support_kvm && readme.gentoo_create_doc
+}
+
+pkg_postinst() {
+ local virtfs_caps=
+
+ if qemu_support_kvm; then
+ readme.gentoo_print_elog
+ ewarn "Migration from qemu-kvm instances and loading qemu-kvm created"
+ ewarn "save states will be removed in the next release (1.6.x)"
+ ewarn
+ ewarn "It is recommended that you migrate any VMs that may be running"
+ ewarn "on qemu-kvm to a host with a newer qemu and regenerate"
+ ewarn "any saved states with a newer qemu."
+ ewarn
+ ewarn "qemu-kvm was the primary qemu provider in Gentoo through 1.2.x"
+ fi
+
+ virtfs_caps+="cap_chown,cap_dac_override,cap_fowner,cap_fsetid,"
+ virtfs_caps+="cap_setgid,cap_mknod,cap_setuid"
+
+ fcaps cap_net_admin /usr/libexec/qemu-bridge-helper
+ use virtfs && fcaps ${virtfs_caps} /usr/bin/virtfs-proxy-helper
+}
+
+pkg_info() {
+ echo "Using:"
+ echo " $(best_version app-emulation/spice-protocol)"
+ echo " $(best_version sys-firmware/ipxe)"
+ echo " $(best_version sys-firmware/seabios)"
+ if has_version sys-firmware/seabios[binary]; then
+ echo " USE=binary"
+ else
+ echo " USE=''"
+ fi
+ echo " $(best_version sys-firmware/vgabios)"
+}
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [gentoo-commits] proj/hardened-dev:musl commit in: app-emulation/qemu/, app-emulation/qemu/files/
@ 2014-06-14 18:05 Anthony G. Basile
0 siblings, 0 replies; 4+ messages in thread
From: Anthony G. Basile @ 2014-06-14 18:05 UTC (permalink / raw
To: gentoo-commits
commit: 64e03cf95236f42727ac71051044955f878e8f57
Author: Felix Janda <felix.janda <AT> posteo <DOT> de>
AuthorDate: Sat Jun 14 05:42:37 2014 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Sat Jun 14 18:05:44 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-dev.git;a=commit;h=64e03cf9
app-emulation/qemu: bump to 2.0.0
---
app-emulation/qemu/files/qemu-1.7.0-cflags.patch | 11 +
.../qemu/files/qemu-2.0.0-CVE-2013-4541.patch | 40 ++
.../qemu/files/qemu-2.0.0-CVE-2014-0222.patch | 48 ++
.../qemu/files/qemu-2.0.0-CVE-2014-0223.patch | 57 ++
.../files/qemu-2.0.0-F_SHLCK-and-F_EXLCK.patch | 23 +
...signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch | 37 ++
.../files/qemu-2.0.0-qcow-check-max-sizes.patch | 52 ++
app-emulation/qemu/files/qemu-2.0.0-sigset.patch | 63 +++
.../files/qemu-2.0.0-usb-post-load-checks.patch | 41 ++
.../qemu-9999-virtfs-proxy-helper-accept.patch | 30 ++
app-emulation/qemu/qemu-2.0.0-r99.ebuild | 578 +++++++++++++++++++++
11 files changed, 980 insertions(+)
diff --git a/app-emulation/qemu/files/qemu-1.7.0-cflags.patch b/app-emulation/qemu/files/qemu-1.7.0-cflags.patch
new file mode 100644
index 0000000..cd003f6
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-1.7.0-cflags.patch
@@ -0,0 +1,11 @@
+--- a/configure
++++ b/configure
+@@ -3131,8 +3131,6 @@ fi
+ if test "$gcov" = "yes" ; then
+ CFLAGS="-fprofile-arcs -ftest-coverage -g $CFLAGS"
+ LDFLAGS="-fprofile-arcs -ftest-coverage $LDFLAGS"
+-elif test "$debug" = "no" ; then
+- CFLAGS="-O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 $CFLAGS"
+ fi
+
+
diff --git a/app-emulation/qemu/files/qemu-2.0.0-CVE-2013-4541.patch b/app-emulation/qemu/files/qemu-2.0.0-CVE-2013-4541.patch
new file mode 100644
index 0000000..c4e0d81
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.0.0-CVE-2013-4541.patch
@@ -0,0 +1,40 @@
+From 9f8e9895c504149d7048e9fc5eb5cbb34b16e49a Mon Sep 17 00:00:00 2001
+From: "Michael S. Tsirkin" <mst@redhat.com>
+Date: Thu, 3 Apr 2014 19:52:25 +0300
+Subject: [PATCH] usb: sanity check setup_index+setup_len in post_load
+
+CVE-2013-4541
+
+s->setup_len and s->setup_index are fed into usb_packet_copy as
+size/offset into s->data_buf, it's possible for invalid state to exploit
+this to load arbitrary data.
+
+setup_len and setup_index should be checked to make sure
+they are not negative.
+
+Cc: Gerd Hoffmann <kraxel@redhat.com>
+Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
+Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
+Signed-off-by: Juan Quintela <quintela@redhat.com>
+---
+ hw/usb/bus.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/hw/usb/bus.c b/hw/usb/bus.c
+index fe70429..e48b19f 100644
+--- a/hw/usb/bus.c
++++ b/hw/usb/bus.c
+@@ -49,7 +49,9 @@ static int usb_device_post_load(void *opaque, int version_id)
+ } else {
+ dev->attached = 1;
+ }
+- if (dev->setup_index >= sizeof(dev->data_buf) ||
++ if (dev->setup_index < 0 ||
++ dev->setup_len < 0 ||
++ dev->setup_index >= sizeof(dev->data_buf) ||
+ dev->setup_len >= sizeof(dev->data_buf)) {
+ return -EINVAL;
+ }
+--
+1.9.3
+
diff --git a/app-emulation/qemu/files/qemu-2.0.0-CVE-2014-0222.patch b/app-emulation/qemu/files/qemu-2.0.0-CVE-2014-0222.patch
new file mode 100644
index 0000000..754ad48
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.0.0-CVE-2014-0222.patch
@@ -0,0 +1,48 @@
+From 42eb58179b3b215bb507da3262b682b8a2ec10b5 Mon Sep 17 00:00:00 2001
+From: Kevin Wolf <kwolf@redhat.com>
+Date: Thu, 15 May 2014 16:10:11 +0200
+Subject: [PATCH] qcow1: Validate L2 table size (CVE-2014-0222)
+
+Too large L2 table sizes cause unbounded allocations. Images actually
+created by qemu-img only have 512 byte or 4k L2 tables.
+
+To keep things consistent with cluster sizes, allow ranges between 512
+bytes and 64k (in fact, down to 1 entry = 8 bytes is technically
+working, but L2 table sizes smaller than a cluster don't make a lot of
+sense).
+
+This also means that the number of bytes on the virtual disk that are
+described by the same L2 table is limited to at most 8k * 64k or 2^29,
+preventively avoiding any integer overflows.
+
+Cc: qemu-stable@nongnu.org
+Signed-off-by: Kevin Wolf <kwolf@redhat.com>
+Reviewed-by: Benoit Canet <benoit@irqsave.net>
+---
+ block/qcow.c | 8 ++++++++
+ tests/qemu-iotests/092 | 15 +++++++++++++++
+ tests/qemu-iotests/092.out | 11 +++++++++++
+ 3 files changed, 34 insertions(+)
+
+diff --git a/block/qcow.c b/block/qcow.c
+index e60df23..e8038e5 100644
+--- a/block/qcow.c
++++ b/block/qcow.c
+@@ -139,6 +139,14 @@ static int qcow_open(BlockDriverState *bs, QDict *options, int flags,
+ goto fail;
+ }
+
++ /* l2_bits specifies number of entries; storing a uint64_t in each entry,
++ * so bytes = num_entries << 3. */
++ if (header.l2_bits < 9 - 3 || header.l2_bits > 16 - 3) {
++ error_setg(errp, "L2 table size must be between 512 and 64k");
++ ret = -EINVAL;
++ goto fail;
++ }
++
+ if (header.crypt_method > QCOW_CRYPT_AES) {
+ error_setg(errp, "invalid encryption method in qcow header");
+ ret = -EINVAL;
+--
+1.9.3
+
diff --git a/app-emulation/qemu/files/qemu-2.0.0-CVE-2014-0223.patch b/app-emulation/qemu/files/qemu-2.0.0-CVE-2014-0223.patch
new file mode 100644
index 0000000..a5b20a4
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.0.0-CVE-2014-0223.patch
@@ -0,0 +1,57 @@
+From 46485de0cb357b57373e1ca895adedf1f3ed46ec Mon Sep 17 00:00:00 2001
+From: Kevin Wolf <kwolf@redhat.com>
+Date: Thu, 8 May 2014 13:08:20 +0200
+Subject: [PATCH] qcow1: Validate image size (CVE-2014-0223)
+
+A huge image size could cause s->l1_size to overflow. Make sure that
+images never require a L1 table larger than what fits in s->l1_size.
+
+This cannot only cause unbounded allocations, but also the allocation of
+a too small L1 table, resulting in out-of-bounds array accesses (both
+reads and writes).
+
+Cc: qemu-stable@nongnu.org
+Signed-off-by: Kevin Wolf <kwolf@redhat.com>
+---
+ block/qcow.c | 16 ++++++++++++++--
+ tests/qemu-iotests/092 | 9 +++++++++
+ tests/qemu-iotests/092.out | 7 +++++++
+ 3 files changed, 30 insertions(+), 2 deletions(-)
+
+diff --git a/block/qcow.c b/block/qcow.c
+index e8038e5..3566c05 100644
+--- a/block/qcow.c
++++ b/block/qcow.c
+@@ -61,7 +61,7 @@ typedef struct BDRVQcowState {
+ int cluster_sectors;
+ int l2_bits;
+ int l2_size;
+- int l1_size;
++ unsigned int l1_size;
+ uint64_t cluster_offset_mask;
+ uint64_t l1_table_offset;
+ uint64_t *l1_table;
+@@ -166,7 +166,19 @@ static int qcow_open(BlockDriverState *bs, QDict *options, int flags,
+
+ /* read the level 1 table */
+ shift = s->cluster_bits + s->l2_bits;
+- s->l1_size = (header.size + (1LL << shift) - 1) >> shift;
++ if (header.size > UINT64_MAX - (1LL << shift)) {
++ error_setg(errp, "Image too large");
++ ret = -EINVAL;
++ goto fail;
++ } else {
++ uint64_t l1_size = (header.size + (1LL << shift) - 1) >> shift;
++ if (l1_size > INT_MAX / sizeof(uint64_t)) {
++ error_setg(errp, "Image too large");
++ ret = -EINVAL;
++ goto fail;
++ }
++ s->l1_size = l1_size;
++ }
+
+ s->l1_table_offset = header.l1_table_offset;
+ s->l1_table = g_malloc(s->l1_size * sizeof(uint64_t));
+--
+1.9.3
+
diff --git a/app-emulation/qemu/files/qemu-2.0.0-F_SHLCK-and-F_EXLCK.patch b/app-emulation/qemu/files/qemu-2.0.0-F_SHLCK-and-F_EXLCK.patch
new file mode 100644
index 0000000..fb5ad59
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.0.0-F_SHLCK-and-F_EXLCK.patch
@@ -0,0 +1,23 @@
+Copied from Alpine Linux
+
+This patch was not upstreamed to qemu as those should probably be
+defined in musl libc.
+
+diff --git a/linux-user/syscall.c b/linux-user/syscall.c
+index c8989b6..00ed747 100644
+--- a/linux-user/syscall.c
++++ b/linux-user/syscall.c
+@@ -114,6 +114,13 @@ int __clone2(int (*fn)(void *), void *child_stack_base,
+
+ #include "qemu.h"
+
++#ifndef F_SHLCK
++#define F_SHLCK 8
++#endif
++#ifndef F_EXLCK
++#define F_EXLCK 4
++#endif
++
+ #define CLONE_NPTL_FLAGS2 (CLONE_SETTLS | \
+ CLONE_PARENT_SETTID | CLONE_CHILD_SETTID | CLONE_CHILD_CLEARTID)
+
diff --git a/app-emulation/qemu/files/qemu-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch b/app-emulation/qemu/files/qemu-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
new file mode 100644
index 0000000..7ea1dba
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
@@ -0,0 +1,37 @@
+From 3e231fa7a2dc66e2ef06ac44f4f719b08fc0c67e Mon Sep 17 00:00:00 2001
+From: Natanael Copa <ncopa@alpinelinux.org>
+Date: Tue, 29 Apr 2014 15:51:31 +0200
+Subject: [PATCH 6/6] linux-user/signal.c: define __SIGRTMIN/MAX for non-GNU
+ platforms
+
+The __SIGRTMIN and __SIGRTMAX are glibc internals and are not available
+on all platforms, so we define those if they are missing.
+
+This is needed for musl libc.
+
+Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
+---
+ linux-user/signal.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/linux-user/signal.c b/linux-user/signal.c
+index 7d6246f..6019dbb 100644
+--- a/linux-user/signal.c
++++ b/linux-user/signal.c
+@@ -32,6 +32,13 @@
+
+ //#define DEBUG_SIGNAL
+
++#ifndef __SIGRTMIN
++#define __SIGRTMIN 32
++#endif
++#ifndef __SIGRTMAX
++#define __SIGRTMAX (NSIG-1)
++#endif
++
+ static struct target_sigaltstack target_sigaltstack_used = {
+ .ss_sp = 0,
+ .ss_size = 0,
+--
+1.9.2
+
diff --git a/app-emulation/qemu/files/qemu-2.0.0-qcow-check-max-sizes.patch b/app-emulation/qemu/files/qemu-2.0.0-qcow-check-max-sizes.patch
new file mode 100644
index 0000000..54fdd79
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.0.0-qcow-check-max-sizes.patch
@@ -0,0 +1,52 @@
+From 7159a45b2bf2dcb9f49f1e27d1d3d135a0247a2f Mon Sep 17 00:00:00 2001
+From: Kevin Wolf <kwolf@redhat.com>
+Date: Wed, 7 May 2014 17:30:30 +0200
+Subject: [PATCH] qcow1: Check maximum cluster size
+
+Huge values for header.cluster_bits cause unbounded allocations (e.g.
+for s->cluster_cache) and crash qemu this way. Less huge values may
+survive those allocations, but can cause integer overflows later on.
+
+The only cluster sizes that qemu can create are 4k (for standalone
+images) and 512 (for images with backing files), so we can limit it
+to 64k.
+
+Cc: qemu-stable@nongnu.org
+Signed-off-by: Kevin Wolf <kwolf@redhat.com>
+Reviewed-by: Benoit Canet <benoit@irqsave.net>
+---
+ block/qcow.c | 10 ++++++--
+ tests/qemu-iotests/092 | 63 ++++++++++++++++++++++++++++++++++++++++++++++
+ tests/qemu-iotests/092.out | 13 ++++++++++
+ tests/qemu-iotests/group | 1 +
+ 4 files changed, 85 insertions(+), 2 deletions(-)
+ create mode 100755 tests/qemu-iotests/092
+ create mode 100644 tests/qemu-iotests/092.out
+
+diff --git a/block/qcow.c b/block/qcow.c
+index 3684794..e60df23 100644
+--- a/block/qcow.c
++++ b/block/qcow.c
+@@ -128,11 +128,17 @@ static int qcow_open(BlockDriverState *bs, QDict *options, int flags,
+ goto fail;
+ }
+
+- if (header.size <= 1 || header.cluster_bits < 9) {
+- error_setg(errp, "invalid value in qcow header");
++ if (header.size <= 1) {
++ error_setg(errp, "Image size is too small (must be at least 2 bytes)");
+ ret = -EINVAL;
+ goto fail;
+ }
++ if (header.cluster_bits < 9 || header.cluster_bits > 16) {
++ error_setg(errp, "Cluster size must be between 512 and 64k");
++ ret = -EINVAL;
++ goto fail;
++ }
++
+ if (header.crypt_method > QCOW_CRYPT_AES) {
+ error_setg(errp, "invalid encryption method in qcow header");
+ ret = -EINVAL;
+--
+1.9.3
+
diff --git a/app-emulation/qemu/files/qemu-2.0.0-sigset.patch b/app-emulation/qemu/files/qemu-2.0.0-sigset.patch
new file mode 100644
index 0000000..e335b67
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.0.0-sigset.patch
@@ -0,0 +1,63 @@
+commit 34d6086236baeb59f4b46e2380f2b271acd6f6cf
+Author: Natanael Copa <ncopa@alpinelinux.org>
+Date: Tue Apr 29 13:11:20 2014 +0200
+
+ linux-user: avoid using glibc internals in _syscall5 and in definition of target_sigevent struct
+
+ Use the public sigset_t instead of the glibc specific internal
+ __sigset_t in _syscall.
+
+ Calculate the sigevent pad size is calculated in similar way as kernel
+ does it instead of using glibc internal field _pad.
+
+ This is needed for building with musl libc.
+
+ Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
+ Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
+ Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
+
+diff --git a/linux-user/syscall.c b/linux-user/syscall.c
+index 15de6f8..af0bb35 100644
+--- a/linux-user/syscall.c
++++ b/linux-user/syscall.c
+@@ -411,7 +411,7 @@ static int sys_inotify_init1(int flags)
+ #endif
+ #define __NR_sys_ppoll __NR_ppoll
+ _syscall5(int, sys_ppoll, struct pollfd *, fds, nfds_t, nfds,
+- struct timespec *, timeout, const __sigset_t *, sigmask,
++ struct timespec *, timeout, const sigset_t *, sigmask,
+ size_t, sigsetsize)
+ #endif
+
+diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
+index fdf9a47..69c3982 100644
+--- a/linux-user/syscall_defs.h
++++ b/linux-user/syscall_defs.h
+@@ -2552,12 +2552,26 @@ struct target_timer_t {
+ abi_ulong ptr;
+ };
+
++#define TARGET_SIGEV_MAX_SIZE 64
++
++/* This is architecture-specific but most architectures use the default */
++#ifdef TARGET_MIPS
++#define TARGET_SIGEV_PREAMBLE_SIZE (sizeof(int32_t) * 2 + sizeof(abi_long))
++#else
++#define TARGET_SIGEV_PREAMBLE_SIZE (sizeof(int32_t) * 2 \
++ + sizeof(target_sigval_t))
++#endif
++
++#define TARGET_SIGEV_PAD_SIZE ((TARGET_SIGEV_MAX_SIZE \
++ - TARGET_SIGEV_PREAMBLE_SIZE) \
++ / sizeof(int32_t))
++
+ struct target_sigevent {
+ target_sigval_t sigev_value;
+ int32_t sigev_signo;
+ int32_t sigev_notify;
+ union {
+- int32_t _pad[ARRAY_SIZE(((struct sigevent *)0)->_sigev_un._pad)];
++ int32_t _pad[TARGET_SIGEV_PAD_SIZE];
+ int32_t _tid;
+
+ struct {
diff --git a/app-emulation/qemu/files/qemu-2.0.0-usb-post-load-checks.patch b/app-emulation/qemu/files/qemu-2.0.0-usb-post-load-checks.patch
new file mode 100644
index 0000000..4e85c59
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.0.0-usb-post-load-checks.patch
@@ -0,0 +1,41 @@
+https://bugs.gentoo.org/510208
+
+From 719ffe1f5f72b1c7ace4afe9ba2815bcb53a829e Mon Sep 17 00:00:00 2001
+From: "Michael S. Tsirkin" <mst@redhat.com>
+Date: Tue, 13 May 2014 12:33:16 +0300
+Subject: [PATCH] usb: fix up post load checks
+
+Correct post load checks:
+1. dev->setup_len == sizeof(dev->data_buf)
+ seems fine, no need to fail migration
+2. When state is DATA, passing index > len
+ will cause memcpy with negative length,
+ resulting in heap overflow
+
+First of the issues was reported by dgilbert.
+
+Reported-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
+Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
+Signed-off-by: Juan Quintela <quintela@redhat.com>
+---
+ hw/usb/bus.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/hw/usb/bus.c b/hw/usb/bus.c
+index 699aa10..927a47b 100644
+--- a/hw/usb/bus.c
++++ b/hw/usb/bus.c
+@@ -51,8 +51,8 @@ static int usb_device_post_load(void *opaque, int version_id)
+ }
+ if (dev->setup_index < 0 ||
+ dev->setup_len < 0 ||
+- dev->setup_index >= sizeof(dev->data_buf) ||
+- dev->setup_len >= sizeof(dev->data_buf)) {
++ dev->setup_index > dev->setup_len ||
++ dev->setup_len > sizeof(dev->data_buf)) {
+ return -EINVAL;
+ }
+ return 0;
+--
+1.9.3
+
diff --git a/app-emulation/qemu/files/qemu-9999-virtfs-proxy-helper-accept.patch b/app-emulation/qemu/files/qemu-9999-virtfs-proxy-helper-accept.patch
new file mode 100644
index 0000000..f8a5249
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-9999-virtfs-proxy-helper-accept.patch
@@ -0,0 +1,30 @@
+From c5970614489e385e69667f1f323421442a7a46c0 Mon Sep 17 00:00:00 2001
+From: Tim Comer <comer0@gmail.com>
+Date: Sat, 19 Apr 2014 12:51:42 -0400
+Subject: [PATCH] virtfs-proxy-helper: fix call to accept
+
+The current code calls accept() without initializing the size parameter
+which means the accept call might write too much to the stack.
+
+URL: https://bugs.gentoo.org/486714
+Signed-off-by: Tim Comer <comer0@gmail.com>
+Signed-off-by: Mike Frysinger <vapier@gentoo.org>
+---
+ fsdev/virtfs-proxy-helper.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c
+index bfecb87..cd291d3 100644
+--- a/fsdev/virtfs-proxy-helper.c
++++ b/fsdev/virtfs-proxy-helper.c
+@@ -760,6 +760,7 @@ static int proxy_socket(const char *path, uid_t uid, gid_t gid)
+ return -1;
+ }
+
++ size = sizeof(qemu);
+ client = accept(sock, (struct sockaddr *)&qemu, &size);
+ if (client < 0) {
+ do_perror("accept");
+--
+1.9.2
+
diff --git a/app-emulation/qemu/qemu-2.0.0-r99.ebuild b/app-emulation/qemu/qemu-2.0.0-r99.ebuild
new file mode 100644
index 0000000..efbdd23
--- /dev/null
+++ b/app-emulation/qemu/qemu-2.0.0-r99.ebuild
@@ -0,0 +1,578 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/qemu/qemu-2.0.0-r1.ebuild,v 1.5 2014/06/06 01:42:41 vapier Exp $
+
+EAPI=5
+
+PYTHON_COMPAT=( python{2_6,2_7} )
+PYTHON_REQ_USE="ncurses,readline"
+
+inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \
+ user udev fcaps readme.gentoo pax-utils
+
+BACKPORTS=
+
+if [[ ${PV} = *9999* ]]; then
+ EGIT_REPO_URI="git://git.qemu.org/qemu.git"
+ inherit git-2
+ SRC_URI=""
+ KEYWORDS=""
+else
+ SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2
+ ${BACKPORTS:+
+ http://dev.gentoo.org/~cardoe/distfiles/${P}-${BACKPORTS}.tar.xz}"
+ KEYWORDS="amd64 x86"
+fi
+
+DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
+HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
+
+LICENSE="GPL-2 LGPL-2 BSD-2"
+SLOT="0"
+IUSE="accessibility +aio alsa bluetooth +caps +curl debug +fdt glusterfs \
+gtk iscsi +jpeg \
+kernel_linux kernel_FreeBSD ncurses opengl +png pulseaudio python \
+rbd sasl +seccomp sdl selinux smartcard spice ssh static static-softmmu \
+static-user systemtap tci test +threads tls usb usbredir +uuid vde +vhost-net \
+virtfs +vnc xattr xen xfs"
+
+COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel mips
+mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc sparc64 unicore32
+x86_64"
+IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS} lm32 moxie ppcemb xtensa xtensaeb"
+IUSE_USER_TARGETS="${COMMON_TARGETS} armeb mipsn32 mipsn32el ppc64abi32 sparc32plus"
+
+use_targets="
+ $(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
+ $(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS})
+"
+IUSE+=" ${use_targets}"
+
+# Require at least one softmmu or user target.
+# Block USE flag configurations known to not work.
+REQUIRED_USE="|| ( ${use_targets} )
+ python? ( ${PYTHON_REQUIRED_USE} )
+ qemu_softmmu_targets_arm? ( fdt )
+ qemu_softmmu_targets_microblaze? ( fdt )
+ qemu_softmmu_targets_ppc? ( fdt )
+ qemu_softmmu_targets_ppc64? ( fdt )
+ static? ( static-softmmu static-user )
+ static-softmmu? ( !alsa !pulseaudio !bluetooth !opengl !gtk )
+ virtfs? ( xattr )"
+
+# Yep, you need both libcap and libcap-ng since virtfs only uses libcap.
+COMMON_LIB_DEPEND=">=dev-libs/glib-2.0[static-libs(+)]
+ sys-libs/zlib[static-libs(+)]"
+SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND}
+ >=x11-libs/pixman-0.28.0[static-libs(+)]
+ aio? ( dev-libs/libaio[static-libs(+)] )
+ caps? ( sys-libs/libcap-ng[static-libs(+)] )
+ curl? ( >=net-misc/curl-7.15.4[static-libs(+)] )
+ fdt? ( >=sys-apps/dtc-1.4.0[static-libs(+)] )
+ glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] )
+ jpeg? ( virtual/jpeg[static-libs(+)] )
+ ncurses? ( sys-libs/ncurses[static-libs(+)] )
+ png? ( media-libs/libpng[static-libs(+)] )
+ rbd? ( sys-cluster/ceph[static-libs(+)] )
+ sasl? ( dev-libs/cyrus-sasl[static-libs(+)] )
+ sdl? ( >=media-libs/libsdl-1.2.11[static-libs(+)] )
+ seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] )
+ spice? ( >=app-emulation/spice-0.12.0[static-libs(+)] )
+ ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] )
+ tls? ( net-libs/gnutls[static-libs(+)] )
+ usb? ( >=dev-libs/libusb-1.0.18[static-libs(+)] )
+ uuid? ( >=sys-apps/util-linux-2.16.0[static-libs(+)] )
+ vde? ( net-misc/vde[static-libs(+)] )
+ xattr? ( sys-apps/attr[static-libs(+)] )
+ xfs? ( sys-fs/xfsprogs[static-libs(+)] )"
+USER_LIB_DEPEND="${COMMON_LIB_DEPEND}"
+RDEPEND="!static-softmmu? ( ${SOFTMMU_LIB_DEPEND//\[static-libs(+)]} )
+ !static-user? ( ${USER_LIB_DEPEND//\[static-libs(+)]} )
+ qemu_softmmu_targets_i386? (
+ >=sys-firmware/ipxe-1.0.0_p20130624
+ ~sys-firmware/seabios-1.7.4
+ ~sys-firmware/sgabios-0.1_pre8
+ ~sys-firmware/vgabios-0.7a
+ )
+ qemu_softmmu_targets_x86_64? (
+ >=sys-firmware/ipxe-1.0.0_p20130624
+ ~sys-firmware/seabios-1.7.4
+ ~sys-firmware/sgabios-0.1_pre8
+ ~sys-firmware/vgabios-0.7a
+ )
+ accessibility? ( app-accessibility/brltty )
+ alsa? ( >=media-libs/alsa-lib-1.0.13 )
+ bluetooth? ( net-wireless/bluez )
+ gtk? (
+ x11-libs/gtk+:3
+ x11-libs/vte:2.90
+ )
+ iscsi? ( net-libs/libiscsi )
+ opengl? ( virtual/opengl )
+ pulseaudio? ( media-sound/pulseaudio )
+ python? ( ${PYTHON_DEPS} )
+ sdl? ( media-libs/libsdl[X] )
+ selinux? ( sec-policy/selinux-qemu )
+ smartcard? ( dev-libs/nss !app-emulation/libcacard )
+ spice? ( >=app-emulation/spice-protocol-0.12.3 )
+ systemtap? ( dev-util/systemtap )
+ usbredir? ( >=sys-apps/usbredir-0.6 )
+ virtfs? ( sys-libs/libcap )
+ xen? ( app-emulation/xen-tools )"
+DEPEND="${RDEPEND}
+ dev-lang/perl
+ =dev-lang/python-2*
+ sys-apps/texinfo
+ virtual/pkgconfig
+ kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 )
+ static-softmmu? ( ${SOFTMMU_LIB_DEPEND} )
+ static-user? ( ${USER_LIB_DEPEND} )
+ test? (
+ dev-libs/glib[utils]
+ sys-devel/bc
+ )"
+
+STRIP_MASK="/usr/share/qemu/palcode-clipper"
+
+QA_PREBUILT="
+ usr/share/qemu/openbios-ppc
+ usr/share/qemu/openbios-sparc64
+ usr/share/qemu/openbios-sparc32
+ usr/share/qemu/palcode-clipper
+ usr/share/qemu/s390-ccw.img"
+
+QA_WX_LOAD="usr/bin/qemu-i386
+ usr/bin/qemu-x86_64
+ usr/bin/qemu-alpha
+ usr/bin/qemu-arm
+ usr/bin/qemu-cris
+ usr/bin/qemu-m68k
+ usr/bin/qemu-microblaze
+ usr/bin/qemu-microblazeel
+ usr/bin/qemu-mips
+ usr/bin/qemu-mipsel
+ usr/bin/qemu-or32
+ usr/bin/qemu-ppc
+ usr/bin/qemu-ppc64
+ usr/bin/qemu-ppc64abi32
+ usr/bin/qemu-sh4
+ usr/bin/qemu-sh4eb
+ usr/bin/qemu-sparc
+ usr/bin/qemu-sparc64
+ usr/bin/qemu-armeb
+ usr/bin/qemu-sparc32plus
+ usr/bin/qemu-s390x
+ usr/bin/qemu-unicore32"
+
+DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure
+you have the kernel module loaded before running kvm. The easiest way to
+ensure that the kernel module is loaded is to load it on boot.\n
+For AMD CPUs the module is called 'kvm-amd'\n
+For Intel CPUs the module is called 'kvm-intel'\n
+Please review /etc/conf.d/modules for how to load these\n\n
+Make sure your user is in the 'kvm' group\n
+Just run 'gpasswd -a <USER> kvm', then have <USER> re-login."
+
+qemu_support_kvm() {
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386 \
+ use qemu_softmmu_targets_ppc || use qemu_softmmu_targets_ppc64 \
+ use qemu_softmmu_targets_s390x; then
+ return 0
+ fi
+
+ return 1
+}
+
+pkg_pretend() {
+ if use kernel_linux && kernel_is lt 2 6 25; then
+ eerror "This version of KVM requres a host kernel of 2.6.25 or higher."
+ elif use kernel_linux; then
+ if ! linux_config_exists; then
+ eerror "Unable to check your kernel for KVM support"
+ else
+ CONFIG_CHECK="~KVM ~TUN ~BRIDGE"
+ ERROR_KVM="You must enable KVM in your kernel to continue"
+ ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in"
+ ERROR_KVM_AMD+=" your kernel configuration."
+ ERROR_KVM_INTEL="If you have an Intel CPU, you must enable"
+ ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration."
+ ERROR_TUN="You will need the Universal TUN/TAP driver compiled"
+ ERROR_TUN+=" into your kernel or loaded as a module to use the"
+ ERROR_TUN+=" virtual network device if using -net tap."
+ ERROR_BRIDGE="You will also need support for 802.1d"
+ ERROR_BRIDGE+=" Ethernet Bridging for some network configurations."
+ use vhost-net && CONFIG_CHECK+=" ~VHOST_NET"
+ ERROR_VHOST_NET="You must enable VHOST_NET to have vhost-net"
+ ERROR_VHOST_NET+=" support"
+
+ if use amd64 || use x86 || use amd64-linux || use x86-linux; then
+ CONFIG_CHECK+=" ~KVM_AMD ~KVM_INTEL"
+ fi
+
+ use python && CONFIG_CHECK+=" ~DEBUG_FS"
+ ERROR_DEBUG_FS="debugFS support required for kvm_stat"
+
+ # Now do the actual checks setup above
+ check_extra_config
+ fi
+ fi
+
+ if grep -qs '/usr/bin/qemu-kvm' "${EROOT}"/etc/libvirt/qemu/*.xml; then
+ eerror "The kvm/qemu-kvm wrappers no longer exist, but your libvirt"
+ eerror "instances are still pointing to it. Please update your"
+ eerror "configs in /etc/libvirt/qemu/ to use the -enable-kvm flag"
+ eerror "and the right system binary (e.g. qemu-system-x86_64)."
+ die "update your virt configs to not use qemu-kvm"
+ fi
+}
+
+pkg_setup() {
+ enewgroup kvm 78
+}
+
+src_prepare() {
+ # Alter target makefiles to accept CFLAGS set via flag-o
+ sed -i -r \
+ -e 's/^(C|OP_C|HELPER_C)FLAGS=/\1FLAGS+=/' \
+ Makefile Makefile.target || die
+
+ epatch "${FILESDIR}"/qemu-1.7.0-cflags.patch
+ epatch "${FILESDIR}"/qemu-9999-virtfs-proxy-helper-accept.patch #486714
+ epatch "${FILESDIR}"/${P}-CVE-2013-4541.patch #510208
+ epatch "${FILESDIR}"/${P}-usb-post-load-checks.patch #510208
+ epatch "${FILESDIR}"/${P}-qcow-check-max-sizes.patch #510234
+ epatch "${FILESDIR}"/${P}-CVE-2014-0222.patch #510234
+ epatch "${FILESDIR}"/${P}-CVE-2014-0223.patch #510234
+ epatch "${FILESDIR}"/${PN}-1.5.3-openpty.patch #musl
+ epatch "${FILESDIR}"/${P}-sigset.patch #musl
+ epatch "${FILESDIR}"/${P}-F_SHLCK-and-F_EXLCK.patch #musl
+ epatch "${FILESDIR}"/${P}-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch #musl
+ [[ -n ${BACKPORTS} ]] && \
+ EPATCH_FORCE=yes EPATCH_SUFFIX="patch" EPATCH_SOURCE="${S}/patches" \
+ epatch
+
+ # Fix ld and objcopy being called directly
+ tc-export AR LD OBJCOPY
+
+ # Verbose builds
+ MAKEOPTS+=" V=1"
+
+ epatch_user
+}
+
+##
+# configures qemu based on the build directory and the build type
+# we are using.
+#
+qemu_src_configure() {
+ debug-print-function ${FUNCNAME} "$@"
+
+ local buildtype=$1
+ local builddir=$2
+ local static_flag="static-${buildtype}"
+
+ # audio options
+ local audio_opts="oss"
+ use alsa && audio_opts="alsa,${audio_opts}"
+ use sdl && audio_opts="sdl,${audio_opts}"
+ use pulseaudio && audio_opts="pa,${audio_opts}"
+
+ local conf_opts=(
+ --prefix=/usr
+ --sysconfdir=/etc
+ --libdir=/usr/$(get_libdir)
+ --docdir=/usr/share/doc/${PF}/html
+ --disable-bsd-user
+ --disable-guest-agent
+ --disable-strip
+ --disable-werror
+ --python="${PYTHON}"
+ --cc="$(tc-getCC)"
+ --cxx="$(tc-getCXX)"
+ --host-cc="$(tc-getBUILD_CC)"
+ $(use_enable debug debug-info)
+ $(use_enable debug debug-tcg)
+ --enable-docs
+ $(use_enable tci tcg-interpreter)
+ )
+
+ case ${buildtype} in
+ user)
+ conf_opts+=(
+ --enable-linux-user
+ --disable-system
+ --target-list="${user_targets}"
+ --disable-blobs
+ --disable-bluez
+ --disable-curses
+ --disable-kvm
+ --disable-libiscsi
+ --disable-glusterfs
+ --disable-seccomp
+ --disable-sdl
+ --disable-smartcard-nss
+ --disable-tools
+ --disable-vde
+ --disable-libssh2
+ --disable-libusb
+ )
+ ;;
+ softmmu)
+ conf_opts+=(
+ --disable-linux-user
+ --enable-system
+ --with-system-pixman
+ --target-list="${softmmu_targets}"
+ $(use_enable bluetooth bluez)
+ $(use_enable gtk)
+ $(use_enable sdl)
+ $(use_enable aio linux-aio)
+ $(use_enable accessibility brlapi)
+ $(use_enable caps cap-ng)
+ $(use_enable curl)
+ $(use_enable fdt)
+ $(use_enable glusterfs)
+ $(use_enable iscsi libiscsi)
+ $(use_enable jpeg vnc-jpeg)
+ $(use_enable kernel_linux kvm)
+ $(use_enable ncurses curses)
+ $(use_enable opengl glx)
+ $(use_enable png vnc-png)
+ $(use_enable rbd)
+ $(use_enable sasl vnc-sasl)
+ $(use_enable seccomp)
+ $(use_enable smartcard smartcard-nss)
+ $(use_enable spice)
+ $(use_enable ssh libssh2)
+ $(use_enable tls vnc-tls)
+ $(use_enable tls vnc-ws)
+ $(use_enable usb libusb)
+ $(use_enable usbredir usb-redir)
+ $(use_enable uuid)
+ $(use_enable vde)
+ $(use_enable vhost-net)
+ $(use_enable virtfs)
+ $(use_enable vnc)
+ $(use_enable xattr attr)
+ $(use_enable xen)
+ $(use_enable xen xen-pci-passthrough)
+ $(use_enable xfs xfsctl)
+ --audio-drv-list="${audio_opts}"
+ )
+ use gtk && conf_opts+=( --with-gtkabi=3.0 )
+ ;;
+ esac
+
+ # Add support for SystemTAP
+ use systemtap && conf_opts+=( --enable-trace-backend=dtrace )
+
+ # We always want to attempt to build with PIE support as it results
+ # in a more secure binary. But it doesn't work with static or if
+ # the current GCC doesn't have PIE support.
+ if use ${static_flag}; then
+ conf_opts+=( --static --disable-pie )
+ else
+ gcc-specs-pie && conf_opts+=( --enable-pie )
+ fi
+
+ einfo "./configure ${conf_opts[*]}"
+ cd "${builddir}"
+ ../configure "${conf_opts[@]}" || die "configure failed"
+
+ # FreeBSD's kernel does not support QEMU assigning/grabbing
+ # host USB devices yet
+ use kernel_FreeBSD && \
+ sed -i -E -e "s|^(HOST_USB=)bsd|\1stub|" "${S}"/config-host.mak
+}
+
+src_configure() {
+ local target
+
+ python_export_best
+
+ softmmu_targets= softmmu_bins=()
+ user_targets= user_bins=()
+
+ for target in ${IUSE_SOFTMMU_TARGETS} ; do
+ if use "qemu_softmmu_targets_${target}"; then
+ softmmu_targets+=",${target}-softmmu"
+ softmmu_bins+=( "qemu-system-${target}" )
+ fi
+ done
+
+ for target in ${IUSE_USER_TARGETS} ; do
+ if use "qemu_user_targets_${target}"; then
+ user_targets+=",${target}-linux-user"
+ user_bins+=( "qemu-${target}" )
+ fi
+ done
+
+ [[ -n ${softmmu_targets} ]] && \
+ einfo "Building the following softmmu targets: ${softmmu_targets}"
+
+ [[ -n ${user_targets} ]] && \
+ einfo "Building the following user targets: ${user_targets}"
+
+ if [[ -n ${softmmu_targets} ]]; then
+ mkdir "${S}/softmmu-build"
+ qemu_src_configure "softmmu" "${S}/softmmu-build"
+ fi
+
+ if [[ -n ${user_targets} ]]; then
+ mkdir "${S}/user-build"
+ qemu_src_configure "user" "${S}/user-build"
+ fi
+}
+
+src_compile() {
+ if [[ -n ${user_targets} ]]; then
+ cd "${S}/user-build"
+ default
+ fi
+
+ if [[ -n ${softmmu_targets} ]]; then
+ cd "${S}/softmmu-build"
+ default
+ fi
+}
+
+src_test() {
+ if [[ -n ${softmmu_targets} ]]; then
+ cd "${S}/softmmu-build"
+ emake -j1 check
+ emake -j1 check-report.html
+ fi
+}
+
+qemu_python_install() {
+ python_domodule "${S}/scripts/qmp/qmp.py"
+
+ python_doscript "${S}/scripts/kvm/kvm_stat"
+ python_doscript "${S}/scripts/kvm/vmxcap"
+ python_doscript "${S}/scripts/qmp/qmp-shell"
+ python_doscript "${S}/scripts/qmp/qemu-ga-client"
+}
+
+src_install() {
+ if [[ -n ${user_targets} ]]; then
+ cd "${S}/user-build"
+ emake DESTDIR="${ED}" install
+
+ # Install binfmt handler init script for user targets
+ newinitd "${FILESDIR}/qemu-binfmt.initd-r1" qemu-binfmt
+ fi
+
+ if [[ -n ${softmmu_targets} ]]; then
+ cd "${S}/softmmu-build"
+ emake DESTDIR="${ED}" install
+
+ # This might not exist if the test failed. #512010
+ [[ -e check-report.html ]] && dohtml check-report.html
+
+ if use kernel_linux; then
+ udev_dorules "${FILESDIR}"/65-kvm.rules
+ fi
+
+ if use python; then
+ python_foreach_impl qemu_python_install
+ fi
+ fi
+
+ # Disable mprotect on the qemu binaries as they use JITs to be fast #459348
+ pushd "${ED}"/usr/bin >/dev/null
+ pax-mark m "${softmmu_bins[@]}" "${user_bins[@]}"
+ popd >/dev/null
+
+ # Install config file example for qemu-bridge-helper
+ insinto "/etc/qemu"
+ doins "${FILESDIR}/bridge.conf"
+
+ # Remove the docdir placed qmp-commands.txt
+ mv "${ED}/usr/share/doc/${PF}/html/qmp-commands.txt" "${S}/docs/qmp/"
+
+ cd "${S}"
+ dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt
+ newdoc pc-bios/README README.pc-bios
+ dodoc docs/qmp/*.txt
+
+ # Remove SeaBIOS since we're using the SeaBIOS packaged one
+ rm "${ED}/usr/share/qemu/bios.bin"
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
+ dosym ../seabios/bios.bin /usr/share/qemu/bios.bin
+ fi
+
+ # Remove vgabios since we're using the vgabios packaged one
+ rm "${ED}/usr/share/qemu/vgabios.bin"
+ rm "${ED}/usr/share/qemu/vgabios-cirrus.bin"
+ rm "${ED}/usr/share/qemu/vgabios-qxl.bin"
+ rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
+ rm "${ED}/usr/share/qemu/vgabios-vmware.bin"
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
+ dosym ../vgabios/vgabios.bin /usr/share/qemu/vgabios.bin
+ dosym ../vgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
+ dosym ../vgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
+ dosym ../vgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
+ dosym ../vgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
+ fi
+
+ # Remove sgabios since we're using the sgabios packaged one
+ rm "${ED}/usr/share/qemu/sgabios.bin"
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
+ dosym ../sgabios/sgabios.bin /usr/share/qemu/sgabios.bin
+ fi
+
+ # Remove iPXE since we're using the iPXE packaged one
+ rm "${ED}"/usr/share/qemu/pxe-*.rom
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
+ dosym ../ipxe/8086100e.rom /usr/share/qemu/pxe-e1000.rom
+ dosym ../ipxe/80861209.rom /usr/share/qemu/pxe-eepro100.rom
+ dosym ../ipxe/10500940.rom /usr/share/qemu/pxe-ne2k_pci.rom
+ dosym ../ipxe/10222000.rom /usr/share/qemu/pxe-pcnet.rom
+ dosym ../ipxe/10ec8139.rom /usr/share/qemu/pxe-rtl8139.rom
+ dosym ../ipxe/1af41000.rom /usr/share/qemu/pxe-virtio.rom
+ fi
+
+ qemu_support_kvm && readme.gentoo_create_doc
+}
+
+pkg_postinst() {
+ local virtfs_caps=
+
+ if qemu_support_kvm; then
+ readme.gentoo_print_elog
+ ewarn "Migration from qemu-kvm instances and loading qemu-kvm created"
+ ewarn "save states has been removed starting with the 1.6.2 release"
+ ewarn
+ ewarn "It is recommended that you migrate any VMs that may be running"
+ ewarn "on qemu-kvm to a host with a newer qemu and regenerate"
+ ewarn "any saved states with a newer qemu."
+ ewarn
+ ewarn "qemu-kvm was the primary qemu provider in Gentoo through 1.2.x"
+
+ if use x86 || use amd64; then
+ ewarn
+ ewarn "The /usr/bin/kvm and /usr/bin/qemu-kvm wrappers are no longer"
+ ewarn "installed. In order to use kvm acceleration, pass the flag"
+ ewarn "-enable-kvm when running your system target."
+ fi
+ fi
+
+ virtfs_caps+="cap_chown,cap_dac_override,cap_fowner,cap_fsetid,"
+ virtfs_caps+="cap_setgid,cap_mknod,cap_setuid"
+
+ fcaps cap_net_admin /usr/libexec/qemu-bridge-helper
+ use virtfs && fcaps ${virtfs_caps} /usr/bin/virtfs-proxy-helper
+}
+
+pkg_info() {
+ echo "Using:"
+ echo " $(best_version app-emulation/spice-protocol)"
+ echo " $(best_version sys-firmware/ipxe)"
+ echo " $(best_version sys-firmware/seabios)"
+ if has_version sys-firmware/seabios[binary]; then
+ echo " USE=binary"
+ else
+ echo " USE=''"
+ fi
+ echo " $(best_version sys-firmware/vgabios)"
+}
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [gentoo-commits] proj/hardened-dev:musl commit in: app-emulation/qemu/, app-emulation/qemu/files/
@ 2014-11-01 16:14 Anthony G. Basile
0 siblings, 0 replies; 4+ messages in thread
From: Anthony G. Basile @ 2014-11-01 16:14 UTC (permalink / raw
To: gentoo-commits
commit: cb62f9fd061fbf7feed13831bd12d19e8636b0af
Author: Felix Janda <felix.janda <AT> posteo <DOT> de>
AuthorDate: Thu Oct 30 21:02:28 2014 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Sat Nov 1 16:15:20 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-dev.git;a=commit;h=cb62f9fd
app-emulation/qemu: bump to 2.1.1
Signed-off-by: Anthony G. Basile <blueness <AT> gentoo.org>
---
.../qemu/files/qemu-2.1.1-readlink-self.patch | 81 ++++++++++++++++++++++
...qemu-2.1.0-r99.ebuild => qemu-2.1.1-r99.ebuild} | 8 +--
2 files changed, 85 insertions(+), 4 deletions(-)
diff --git a/app-emulation/qemu/files/qemu-2.1.1-readlink-self.patch b/app-emulation/qemu/files/qemu-2.1.1-readlink-self.patch
new file mode 100644
index 0000000..451a968
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.1.1-readlink-self.patch
@@ -0,0 +1,81 @@
+fix already in upstream
+
+From f17f4989fa193fa8279474c5462289a3cfe69aea Mon Sep 17 00:00:00 2001
+From: Mike Frysinger <vapier@chromium.org>
+Date: Fri, 8 Aug 2014 09:40:25 +0900
+Subject: [PATCH] linux-user: fix readlink handling with magic exe symlink
+
+The current code always returns the length of the path when it should
+be returning the number of bytes it wrote to the output string.
+
+Further, readlink is not supposed to append a NUL byte, but the current
+snprintf logic will always do just that.
+
+Even further, if you pass in a length of 0, you're suppoesd to get back
+an error (EINVAL), but the current logic just returns 0.
+
+Further still, if there was an error reading the symlink, we should not
+go ahead and try to read the target buffer as it is garbage.
+
+Simple test for the first two issues:
+$ cat test.c
+int main() {
+ char buf[50];
+ size_t len;
+ for (len = 0; len < 10; ++len) {
+ memset(buf, '!', sizeof(buf));
+ ssize_t ret = readlink("/proc/self/exe", buf, len);
+ buf[20] = '\0';
+ printf("readlink(/proc/self/exe, {%s}, %zu) = %zi\n", buf, len, ret);
+ }
+ return 0;
+}
+
+Now compare the output of the native:
+$ gcc test.c -o /tmp/x
+$ /tmp/x
+$ strace /tmp/x
+
+With what qemu does:
+$ armv7a-cros-linux-gnueabi-gcc test.c -o /tmp/x -static
+$ qemu-arm /tmp/x
+$ qemu-arm -strace /tmp/x
+
+Signed-off-by: Mike Frysinger <vapier@chromium.org>
+Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
+---
+ linux-user/syscall.c | 15 +++++++++++++--
+ 1 file changed, 13 insertions(+), 2 deletions(-)
+
+diff --git a/linux-user/syscall.c b/linux-user/syscall.c
+index fccf9f0..7c108ab 100644
+--- a/linux-user/syscall.c
++++ b/linux-user/syscall.c
+@@ -6636,11 +6636,22 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
+ p2 = lock_user(VERIFY_WRITE, arg2, arg3, 0);
+ if (!p || !p2) {
+ ret = -TARGET_EFAULT;
++ } else if (!arg3) {
++ /* Short circuit this for the magic exe check. */
++ ret = -TARGET_EINVAL;
+ } else if (is_proc_myself((const char *)p, "exe")) {
+ char real[PATH_MAX], *temp;
+ temp = realpath(exec_path, real);
+- ret = temp == NULL ? get_errno(-1) : strlen(real) ;
+- snprintf((char *)p2, arg3, "%s", real);
++ /* Return value is # of bytes that we wrote to the buffer. */
++ if (temp == NULL) {
++ ret = get_errno(-1);
++ } else {
++ /* Don't worry about sign mismatch as earlier mapping
++ * logic would have thrown a bad address error. */
++ ret = MIN(strlen(real), arg3);
++ /* We cannot NUL terminate the string. */
++ memcpy(p2, real, ret);
++ }
+ } else {
+ ret = get_errno(readlink(path(p), p2, arg3));
+ }
+--
+2.0.0
+
diff --git a/app-emulation/qemu/qemu-2.1.0-r99.ebuild b/app-emulation/qemu/qemu-2.1.1-r99.ebuild
similarity index 98%
rename from app-emulation/qemu/qemu-2.1.0-r99.ebuild
rename to app-emulation/qemu/qemu-2.1.1-r99.ebuild
index d885d11..8509734 100644
--- a/app-emulation/qemu/qemu-2.1.0-r99.ebuild
+++ b/app-emulation/qemu/qemu-2.1.1-r99.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-emulation/qemu/qemu-2.1.0-r1.ebuild,v 1.6 2014/09/13 17:07:04 ago Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/qemu/qemu-2.1.1.ebuild,v 1.4 2014/10/23 14:53:45 ago Exp $
EAPI=5
@@ -52,7 +52,7 @@ IUSE+=" ${use_targets}"
# Require at least one softmmu or user target.
# Block USE flag configurations known to not work.
REQUIRED_USE="|| ( ${use_targets} )
- python? ( ${PYTHON_REQUIRED_USE} )
+ ${PYTHON_REQUIRED_USE}
qemu_softmmu_targets_arm? ( fdt )
qemu_softmmu_targets_microblaze? ( fdt )
qemu_softmmu_targets_ppc? ( fdt )
@@ -255,9 +255,9 @@ src_prepare() {
use nls || rm -f po/*.po
epatch "${FILESDIR}"/qemu-1.7.0-cflags.patch
- epatch "${FILESDIR}"/${P}-CVE-2014-5388.patch #520688
+ epatch "${FILESDIR}"/${PN}-2.1.1-readlink-self.patch
epatch "${FILESDIR}"/${PN}-2.0.0-F_SHLCK-and-F_EXLCK.patch #for musl
- epatch "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch #for musl
+ epatch "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch #for musl
[[ -n ${BACKPORTS} ]] && \
EPATCH_FORCE=yes EPATCH_SUFFIX="patch" EPATCH_SOURCE="${S}/patches" \
epatch
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [gentoo-commits] proj/hardened-dev:musl commit in: app-emulation/qemu/, app-emulation/qemu/files/
@ 2015-03-22 20:27 Anthony G. Basile
0 siblings, 0 replies; 4+ messages in thread
From: Anthony G. Basile @ 2015-03-22 20:27 UTC (permalink / raw
To: gentoo-commits
commit: a92c270e060cd9a5afb47585739e40caf58e12a3
Author: Felix Janda <felix.janda <AT> posteo <DOT> de>
AuthorDate: Sun Mar 22 08:56:30 2015 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Sun Mar 22 20:28:02 2015 +0000
URL: https://gitweb.gentoo.org/proj/hardened-dev.git/commit/?id=a92c270e
app-emulation/qemu: bump to 2.2.0
.../qemu/files/qemu-2.2.0-_sigev_un.patch | 12 +
app-emulation/qemu/qemu-2.2.0-r99.ebuild | 607 +++++++++++++++++++++
2 files changed, 619 insertions(+)
diff --git a/app-emulation/qemu/files/qemu-2.2.0-_sigev_un.patch b/app-emulation/qemu/files/qemu-2.2.0-_sigev_un.patch
new file mode 100644
index 0000000..5827c2e
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.2.0-_sigev_un.patch
@@ -0,0 +1,12 @@
+diff -ur a/qemu-2.2.0/linux-user/syscall.c b/qemu-2.2.0/linux-user/syscall.c
+--- a/qemu-2.2.0/linux-user/syscall.c 2014-12-09 15:45:43.000000000 -0100
++++ b/qemu-2.2.0/linux-user/syscall.c 2015-03-16 19:09:49.050386155 -0100
+@@ -5033,7 +5033,7 @@
+ host_sevp->sigev_signo =
+ target_to_host_signal(tswap32(target_sevp->sigev_signo));
+ host_sevp->sigev_notify = tswap32(target_sevp->sigev_notify);
+- host_sevp->_sigev_un._tid = tswap32(target_sevp->_sigev_un._tid);
++ ((int*)(&host_sevp->sigev_notify))[1] = tswap32(target_sevp->_sigev_un._tid);
+
+ unlock_user_struct(target_sevp, target_addr, 1);
+ return 0;
diff --git a/app-emulation/qemu/qemu-2.2.0-r99.ebuild b/app-emulation/qemu/qemu-2.2.0-r99.ebuild
new file mode 100644
index 0000000..8bdbc95
--- /dev/null
+++ b/app-emulation/qemu/qemu-2.2.0-r99.ebuild
@@ -0,0 +1,607 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/qemu/qemu-2.2.0.ebuild,v 1.3 2015/03/12 10:06:51 ago Exp $
+
+EAPI=5
+
+PYTHON_COMPAT=( python{2_6,2_7} )
+PYTHON_REQ_USE="ncurses,readline"
+
+inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \
+ user udev fcaps readme.gentoo pax-utils
+
+BACKPORTS=
+
+if [[ ${PV} = *9999* ]]; then
+ EGIT_REPO_URI="git://git.qemu.org/qemu.git"
+ inherit git-2
+ SRC_URI=""
+ KEYWORDS=""
+else
+ SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2
+ ${BACKPORTS:+
+ http://dev.gentoo.org/~cardoe/distfiles/${P}-${BACKPORTS}.tar.xz
+ http://dev.gentoo.org/~tamiko/distfiles/${P}-${BACKPORTS}.tar.xz}"
+ KEYWORDS="amd64 ~ppc ~x86"
+fi
+
+DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
+HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
+
+LICENSE="GPL-2 LGPL-2 BSD-2"
+SLOT="0"
+IUSE="accessibility +aio alsa bluetooth +caps +curl debug +fdt glusterfs \
+gtk infiniband iscsi +jpeg \
+kernel_linux kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs
++png pulseaudio python \
+rbd sasl +seccomp sdl selinux smartcard snappy spice ssh static static-softmmu \
+static-user systemtap tci test +threads tls usb usbredir +uuid vde +vhost-net \
+virtfs +vnc xattr xen xfs"
+
+COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel mips
+mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc sparc64 unicore32
+x86_64"
+IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS} lm32 moxie ppcemb xtensa xtensaeb"
+IUSE_USER_TARGETS="${COMMON_TARGETS} armeb mipsn32 mipsn32el ppc64abi32 sparc32plus"
+
+use_targets="
+ $(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
+ $(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS})
+"
+IUSE+=" ${use_targets}"
+
+# Require at least one softmmu or user target.
+# Block USE flag configurations known to not work.
+REQUIRED_USE="|| ( ${use_targets} )
+ ${PYTHON_REQUIRED_USE}
+ qemu_softmmu_targets_arm? ( fdt )
+ qemu_softmmu_targets_microblaze? ( fdt )
+ qemu_softmmu_targets_ppc? ( fdt )
+ qemu_softmmu_targets_ppc64? ( fdt )
+ static? ( static-softmmu static-user )
+ static-softmmu? ( !alsa !pulseaudio !bluetooth !opengl !gtk )
+ virtfs? ( xattr )"
+
+# Yep, you need both libcap and libcap-ng since virtfs only uses libcap.
+#
+# The attr lib isn't always linked in (although the USE flag is always
+# respected). This is because qemu supports using the C library's API
+# when available rather than always using the extranl library.
+COMMON_LIB_DEPEND=">=dev-libs/glib-2.0[static-libs(+)]
+ sys-libs/zlib[static-libs(+)]
+ xattr? ( sys-apps/attr[static-libs(+)] )"
+SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND}
+ >=x11-libs/pixman-0.28.0[static-libs(+)]
+ aio? ( dev-libs/libaio[static-libs(+)] )
+ caps? ( sys-libs/libcap-ng[static-libs(+)] )
+ curl? ( >=net-misc/curl-7.15.4[static-libs(+)] )
+ fdt? ( >=sys-apps/dtc-1.4.0[static-libs(+)] )
+ glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] )
+ infiniband? ( sys-infiniband/librdmacm[static-libs(+)] )
+ jpeg? ( virtual/jpeg[static-libs(+)] )
+ lzo? ( dev-libs/lzo:2[static-libs(+)] )
+ ncurses? ( sys-libs/ncurses[static-libs(+)] )
+ nfs? ( >=net-fs/libnfs-1.9.3[static-libs(+)] )
+ numa? ( sys-process/numactl[static-libs(+)] )
+ png? ( media-libs/libpng[static-libs(+)] )
+ rbd? ( sys-cluster/ceph[static-libs(+)] )
+ sasl? ( dev-libs/cyrus-sasl[static-libs(+)] )
+ sdl? ( >=media-libs/libsdl-1.2.11[static-libs(+)] )
+ seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] )
+ snappy? ( app-arch/snappy[static-libs(+)] )
+ spice? ( >=app-emulation/spice-0.12.0[static-libs(+)] )
+ ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] )
+ tls? ( net-libs/gnutls[static-libs(+)] )
+ usb? ( >=dev-libs/libusb-1.0.18[static-libs(+)] )
+ uuid? ( >=sys-apps/util-linux-2.16.0[static-libs(+)] )
+ vde? ( net-misc/vde[static-libs(+)] )
+ xfs? ( sys-fs/xfsprogs[static-libs(+)] )"
+USER_LIB_DEPEND="${COMMON_LIB_DEPEND}"
+X86_FIRMWARE_DEPEND="
+ >=sys-firmware/ipxe-1.0.0_p20130624
+ pin-upstream-blobs? (
+ ~sys-firmware/seabios-1.7.5
+ ~sys-firmware/sgabios-0.1_pre8
+ ~sys-firmware/vgabios-0.7a
+ )
+ !pin-upstream-blobs? (
+ sys-firmware/seabios
+ sys-firmware/sgabios
+ sys-firmware/vgabios
+ )"
+CDEPEND="!static-softmmu? ( ${SOFTMMU_LIB_DEPEND//\[static-libs(+)]} )
+ !static-user? ( ${USER_LIB_DEPEND//\[static-libs(+)]} )
+ qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} )
+ qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )
+ accessibility? ( app-accessibility/brltty )
+ alsa? ( >=media-libs/alsa-lib-1.0.13 )
+ bluetooth? ( net-wireless/bluez )
+ gtk? (
+ x11-libs/gtk+:3
+ x11-libs/vte:2.90
+ )
+ iscsi? ( net-libs/libiscsi )
+ opengl? ( virtual/opengl )
+ pulseaudio? ( media-sound/pulseaudio )
+ python? ( ${PYTHON_DEPS} )
+ sdl? ( media-libs/libsdl[X] )
+ smartcard? ( dev-libs/nss !app-emulation/libcacard )
+ spice? ( >=app-emulation/spice-protocol-0.12.3 )
+ systemtap? ( dev-util/systemtap )
+ usbredir? ( >=sys-apps/usbredir-0.6 )
+ virtfs? ( sys-libs/libcap )
+ xen? ( app-emulation/xen-tools )"
+DEPEND="${CDEPEND}
+ dev-lang/perl
+ =dev-lang/python-2*
+ sys-apps/texinfo
+ virtual/pkgconfig
+ kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 )
+ gtk? ( nls? ( sys-devel/gettext ) )
+ static-softmmu? ( ${SOFTMMU_LIB_DEPEND} )
+ static-user? ( ${USER_LIB_DEPEND} )
+ test? (
+ dev-libs/glib[utils]
+ sys-devel/bc
+ )"
+RDEPEND="${CDEPEND}
+ selinux? ( sec-policy/selinux-qemu )
+"
+
+STRIP_MASK="/usr/share/qemu/palcode-clipper"
+
+QA_PREBUILT="
+ usr/share/qemu/openbios-ppc
+ usr/share/qemu/openbios-sparc64
+ usr/share/qemu/openbios-sparc32
+ usr/share/qemu/palcode-clipper
+ usr/share/qemu/s390-ccw.img
+ usr/share/qemu/u-boot.e500
+"
+
+QA_WX_LOAD="usr/bin/qemu-i386
+ usr/bin/qemu-x86_64
+ usr/bin/qemu-alpha
+ usr/bin/qemu-arm
+ usr/bin/qemu-cris
+ usr/bin/qemu-m68k
+ usr/bin/qemu-microblaze
+ usr/bin/qemu-microblazeel
+ usr/bin/qemu-mips
+ usr/bin/qemu-mipsel
+ usr/bin/qemu-or32
+ usr/bin/qemu-ppc
+ usr/bin/qemu-ppc64
+ usr/bin/qemu-ppc64abi32
+ usr/bin/qemu-sh4
+ usr/bin/qemu-sh4eb
+ usr/bin/qemu-sparc
+ usr/bin/qemu-sparc64
+ usr/bin/qemu-armeb
+ usr/bin/qemu-sparc32plus
+ usr/bin/qemu-s390x
+ usr/bin/qemu-unicore32"
+
+DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure
+you have the kernel module loaded before running kvm. The easiest way to
+ensure that the kernel module is loaded is to load it on boot.\n
+For AMD CPUs the module is called 'kvm-amd'\n
+For Intel CPUs the module is called 'kvm-intel'\n
+Please review /etc/conf.d/modules for how to load these\n\n
+Make sure your user is in the 'kvm' group\n
+Just run 'gpasswd -a <USER> kvm', then have <USER> re-login."
+
+qemu_support_kvm() {
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386 \
+ use qemu_softmmu_targets_ppc || use qemu_softmmu_targets_ppc64 \
+ use qemu_softmmu_targets_s390x; then
+ return 0
+ fi
+
+ return 1
+}
+
+pkg_pretend() {
+ if use kernel_linux && kernel_is lt 2 6 25; then
+ eerror "This version of KVM requres a host kernel of 2.6.25 or higher."
+ elif use kernel_linux; then
+ if ! linux_config_exists; then
+ eerror "Unable to check your kernel for KVM support"
+ else
+ CONFIG_CHECK="~KVM ~TUN ~BRIDGE"
+ ERROR_KVM="You must enable KVM in your kernel to continue"
+ ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in"
+ ERROR_KVM_AMD+=" your kernel configuration."
+ ERROR_KVM_INTEL="If you have an Intel CPU, you must enable"
+ ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration."
+ ERROR_TUN="You will need the Universal TUN/TAP driver compiled"
+ ERROR_TUN+=" into your kernel or loaded as a module to use the"
+ ERROR_TUN+=" virtual network device if using -net tap."
+ ERROR_BRIDGE="You will also need support for 802.1d"
+ ERROR_BRIDGE+=" Ethernet Bridging for some network configurations."
+ use vhost-net && CONFIG_CHECK+=" ~VHOST_NET"
+ ERROR_VHOST_NET="You must enable VHOST_NET to have vhost-net"
+ ERROR_VHOST_NET+=" support"
+
+ if use amd64 || use x86 || use amd64-linux || use x86-linux; then
+ CONFIG_CHECK+=" ~KVM_AMD ~KVM_INTEL"
+ fi
+
+ use python && CONFIG_CHECK+=" ~DEBUG_FS"
+ ERROR_DEBUG_FS="debugFS support required for kvm_stat"
+
+ # Now do the actual checks setup above
+ check_extra_config
+ fi
+ fi
+
+ if grep -qs '/usr/bin/qemu-kvm' "${EROOT}"/etc/libvirt/qemu/*.xml; then
+ eerror "The kvm/qemu-kvm wrappers no longer exist, but your libvirt"
+ eerror "instances are still pointing to it. Please update your"
+ eerror "configs in /etc/libvirt/qemu/ to use the -enable-kvm flag"
+ eerror "and the right system binary (e.g. qemu-system-x86_64)."
+ die "update your virt configs to not use qemu-kvm"
+ fi
+}
+
+pkg_setup() {
+ enewgroup kvm 78
+}
+
+src_prepare() {
+ # Alter target makefiles to accept CFLAGS set via flag-o
+ sed -i -r \
+ -e 's/^(C|OP_C|HELPER_C)FLAGS=/\1FLAGS+=/' \
+ Makefile Makefile.target || die
+
+ # Cheap hack to disable gettext .mo generation.
+ use nls || rm -f po/*.po
+
+ epatch "${FILESDIR}"/qemu-1.7.0-cflags.patch
+
+ # Patching for musl
+ epatch "${FILESDIR}"/${PN}-2.0.0-F_SHLCK-and-F_EXLCK.patch
+ epatch "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
+ epatch "${FILESDIR}"/${PN}-2.2.0-_sigev_un.patch
+
+ [[ -n ${BACKPORTS} ]] && \
+ EPATCH_FORCE=yes EPATCH_SUFFIX="patch" EPATCH_SOURCE="${S}/patches" \
+ epatch
+
+ # Fix ld and objcopy being called directly
+ tc-export AR LD OBJCOPY
+
+ # Verbose builds
+ MAKEOPTS+=" V=1"
+
+ epatch_user
+}
+
+##
+# configures qemu based on the build directory and the build type
+# we are using.
+#
+qemu_src_configure() {
+ debug-print-function ${FUNCNAME} "$@"
+
+ local buildtype=$1
+ local builddir=$2
+ local static_flag="static-${buildtype}"
+
+ # audio options
+ local audio_opts="oss"
+ use alsa && audio_opts="alsa,${audio_opts}"
+ use sdl && audio_opts="sdl,${audio_opts}"
+ use pulseaudio && audio_opts="pa,${audio_opts}"
+
+ local conf_opts=(
+ --prefix=/usr
+ --sysconfdir=/etc
+ --libdir=/usr/$(get_libdir)
+ --docdir=/usr/share/doc/${PF}/html
+ --disable-bsd-user
+ --disable-guest-agent
+ --disable-strip
+ --disable-werror
+ --python="${PYTHON}"
+ --cc="$(tc-getCC)"
+ --cxx="$(tc-getCXX)"
+ --host-cc="$(tc-getBUILD_CC)"
+ $(use_enable debug debug-info)
+ $(use_enable debug debug-tcg)
+ --enable-docs
+ $(use_enable tci tcg-interpreter)
+ $(use_enable xattr attr)
+ )
+
+ # Disable options not used by user targets as the default configure
+ # options will autoprobe and try to link in a bunch of unused junk.
+ conf_softmmu() {
+ if [[ ${buildtype} == "user" ]] ; then
+ echo "--disable-${2:-$1}"
+ else
+ use_enable "$@"
+ fi
+ }
+ conf_opts+=(
+ $(conf_softmmu accessibility brlapi)
+ $(conf_softmmu aio linux-aio)
+ $(conf_softmmu bluetooth bluez)
+ $(conf_softmmu caps cap-ng)
+ $(conf_softmmu curl)
+ $(conf_softmmu fdt)
+ $(conf_softmmu glusterfs)
+ $(conf_softmmu gtk)
+ $(conf_softmmu infiniband rdma)
+ $(conf_softmmu iscsi libiscsi)
+ $(conf_softmmu jpeg vnc-jpeg)
+ $(conf_softmmu kernel_linux kvm)
+ $(conf_softmmu lzo)
+ $(conf_softmmu ncurses curses)
+ $(conf_softmmu nfs libnfs)
+ $(conf_softmmu numa)
+ $(conf_softmmu opengl glx)
+ $(conf_softmmu png vnc-png)
+ $(conf_softmmu rbd)
+ $(conf_softmmu sasl vnc-sasl)
+ $(conf_softmmu sdl)
+ $(conf_softmmu seccomp)
+ $(conf_softmmu smartcard smartcard-nss)
+ $(conf_softmmu snappy)
+ $(conf_softmmu spice)
+ $(conf_softmmu ssh libssh2)
+ $(conf_softmmu tls quorum)
+ $(conf_softmmu tls vnc-tls)
+ $(conf_softmmu tls vnc-ws)
+ $(conf_softmmu usb libusb)
+ $(conf_softmmu usbredir usb-redir)
+ $(conf_softmmu uuid)
+ $(conf_softmmu vde)
+ $(conf_softmmu vhost-net)
+ $(conf_softmmu virtfs)
+ $(conf_softmmu vnc)
+ $(conf_softmmu xen)
+ $(conf_softmmu xen xen-pci-passthrough)
+ $(conf_softmmu xfs xfsctl)
+ )
+
+ case ${buildtype} in
+ user)
+ conf_opts+=(
+ --enable-linux-user
+ --disable-system
+ --target-list="${user_targets}"
+ --disable-blobs
+ --disable-tools
+ )
+ ;;
+ softmmu)
+ conf_opts+=(
+ --disable-linux-user
+ --enable-system
+ --target-list="${softmmu_targets}"
+ --with-system-pixman
+ --audio-drv-list="${audio_opts}"
+ )
+ use gtk && conf_opts+=( --with-gtkabi=3.0 )
+ ;;
+ esac
+
+ # Add support for SystemTAP
+ use systemtap && conf_opts+=( --enable-trace-backend=dtrace )
+
+ # We always want to attempt to build with PIE support as it results
+ # in a more secure binary. But it doesn't work with static or if
+ # the current GCC doesn't have PIE support.
+ if use ${static_flag}; then
+ conf_opts+=( --static --disable-pie )
+ else
+ gcc-specs-pie && conf_opts+=( --enable-pie )
+ fi
+
+ einfo "./configure ${conf_opts[*]}"
+ cd "${builddir}"
+ ../configure "${conf_opts[@]}" || die "configure failed"
+
+ # FreeBSD's kernel does not support QEMU assigning/grabbing
+ # host USB devices yet
+ use kernel_FreeBSD && \
+ sed -i -E -e "s|^(HOST_USB=)bsd|\1stub|" "${S}"/config-host.mak
+}
+
+src_configure() {
+ local target
+
+ python_export_best
+
+ softmmu_targets= softmmu_bins=()
+ user_targets= user_bins=()
+
+ for target in ${IUSE_SOFTMMU_TARGETS} ; do
+ if use "qemu_softmmu_targets_${target}"; then
+ softmmu_targets+=",${target}-softmmu"
+ softmmu_bins+=( "qemu-system-${target}" )
+ fi
+ done
+
+ for target in ${IUSE_USER_TARGETS} ; do
+ if use "qemu_user_targets_${target}"; then
+ user_targets+=",${target}-linux-user"
+ user_bins+=( "qemu-${target}" )
+ fi
+ done
+
+ [[ -n ${softmmu_targets} ]] && \
+ einfo "Building the following softmmu targets: ${softmmu_targets}"
+
+ [[ -n ${user_targets} ]] && \
+ einfo "Building the following user targets: ${user_targets}"
+
+ if [[ -n ${softmmu_targets} ]]; then
+ mkdir "${S}/softmmu-build"
+ qemu_src_configure "softmmu" "${S}/softmmu-build"
+ fi
+
+ if [[ -n ${user_targets} ]]; then
+ mkdir "${S}/user-build"
+ qemu_src_configure "user" "${S}/user-build"
+ fi
+}
+
+src_compile() {
+ if [[ -n ${user_targets} ]]; then
+ cd "${S}/user-build"
+ default
+ fi
+
+ if [[ -n ${softmmu_targets} ]]; then
+ cd "${S}/softmmu-build"
+ default
+ fi
+}
+
+src_test() {
+ if [[ -n ${softmmu_targets} ]]; then
+ cd "${S}/softmmu-build"
+ pax-mark m */qemu-system-* #515550
+ emake -j1 check
+ emake -j1 check-report.html
+ fi
+}
+
+qemu_python_install() {
+ python_domodule "${S}/scripts/qmp/qmp.py"
+
+ python_doscript "${S}/scripts/kvm/kvm_stat"
+ python_doscript "${S}/scripts/kvm/vmxcap"
+ python_doscript "${S}/scripts/qmp/qmp-shell"
+ python_doscript "${S}/scripts/qmp/qemu-ga-client"
+}
+
+src_install() {
+ if [[ -n ${user_targets} ]]; then
+ cd "${S}/user-build"
+ emake DESTDIR="${ED}" install
+
+ # Install binfmt handler init script for user targets
+ newinitd "${FILESDIR}/qemu-binfmt.initd-r1" qemu-binfmt
+ fi
+
+ if [[ -n ${softmmu_targets} ]]; then
+ cd "${S}/softmmu-build"
+ emake DESTDIR="${ED}" install
+
+ # This might not exist if the test failed. #512010
+ [[ -e check-report.html ]] && dohtml check-report.html
+
+ if use kernel_linux; then
+ udev_dorules "${FILESDIR}"/65-kvm.rules
+ fi
+
+ if use python; then
+ python_foreach_impl qemu_python_install
+ fi
+ fi
+
+ # Disable mprotect on the qemu binaries as they use JITs to be fast #459348
+ pushd "${ED}"/usr/bin >/dev/null
+ pax-mark m "${softmmu_bins[@]}" "${user_bins[@]}"
+ popd >/dev/null
+
+ # Install config file example for qemu-bridge-helper
+ insinto "/etc/qemu"
+ doins "${FILESDIR}/bridge.conf"
+
+ # Remove the docdir placed qmp-commands.txt
+ mv "${ED}/usr/share/doc/${PF}/html/qmp-commands.txt" "${S}/docs/qmp/"
+
+ cd "${S}"
+ dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt
+ newdoc pc-bios/README README.pc-bios
+ dodoc docs/qmp/*.txt
+
+ # Remove SeaBIOS since we're using the SeaBIOS packaged one
+ rm "${ED}/usr/share/qemu/bios.bin"
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
+ dosym ../seabios/bios.bin /usr/share/qemu/bios.bin
+ fi
+
+ # Remove vgabios since we're using the vgabios packaged one
+ if [[ -n ${softmmu_targets} ]]; then
+ rm "${ED}/usr/share/qemu/vgabios.bin"
+ rm "${ED}/usr/share/qemu/vgabios-cirrus.bin"
+ rm "${ED}/usr/share/qemu/vgabios-qxl.bin"
+ rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
+ rm "${ED}/usr/share/qemu/vgabios-vmware.bin"
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
+ dosym ../vgabios/vgabios.bin /usr/share/qemu/vgabios.bin
+ dosym ../vgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
+ dosym ../vgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
+ dosym ../vgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
+ dosym ../vgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
+ fi
+
+ # Remove sgabios since we're using the sgabios packaged one
+ rm "${ED}/usr/share/qemu/sgabios.bin"
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
+ dosym ../sgabios/sgabios.bin /usr/share/qemu/sgabios.bin
+ fi
+
+ # Remove iPXE since we're using the iPXE packaged one
+ rm "${ED}"/usr/share/qemu/pxe-*.rom
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
+ dosym ../ipxe/8086100e.rom /usr/share/qemu/pxe-e1000.rom
+ dosym ../ipxe/80861209.rom /usr/share/qemu/pxe-eepro100.rom
+ dosym ../ipxe/10500940.rom /usr/share/qemu/pxe-ne2k_pci.rom
+ dosym ../ipxe/10222000.rom /usr/share/qemu/pxe-pcnet.rom
+ dosym ../ipxe/10ec8139.rom /usr/share/qemu/pxe-rtl8139.rom
+ dosym ../ipxe/1af41000.rom /usr/share/qemu/pxe-virtio.rom
+ fi
+ fi
+
+ qemu_support_kvm && readme.gentoo_create_doc
+}
+
+pkg_postinst() {
+ if qemu_support_kvm; then
+ readme.gentoo_print_elog
+ ewarn "Migration from qemu-kvm instances and loading qemu-kvm created"
+ ewarn "save states has been removed starting with the 1.6.2 release"
+ ewarn
+ ewarn "It is recommended that you migrate any VMs that may be running"
+ ewarn "on qemu-kvm to a host with a newer qemu and regenerate"
+ ewarn "any saved states with a newer qemu."
+ ewarn
+ ewarn "qemu-kvm was the primary qemu provider in Gentoo through 1.2.x"
+
+ if use x86 || use amd64; then
+ ewarn
+ ewarn "The /usr/bin/kvm and /usr/bin/qemu-kvm wrappers are no longer"
+ ewarn "installed. In order to use kvm acceleration, pass the flag"
+ ewarn "-enable-kvm when running your system target."
+ fi
+ fi
+
+ if [[ -n ${softmmu_targets} ]] && use kernel_linux; then
+ udev_reload
+ fi
+
+ fcaps cap_net_admin /usr/libexec/qemu-bridge-helper
+ if use virtfs && [ -n "${softmmu_targets}" ]; then
+ local virtfs_caps="cap_chown,cap_dac_override,cap_fowner,cap_fsetid,cap_setgid,cap_mknod,cap_setuid"
+ fcaps ${virtfs_caps} /usr/bin/virtfs-proxy-helper
+ fi
+}
+
+pkg_info() {
+ echo "Using:"
+ echo " $(best_version app-emulation/spice-protocol)"
+ echo " $(best_version sys-firmware/ipxe)"
+ echo " $(best_version sys-firmware/seabios)"
+ if has_version sys-firmware/seabios[binary]; then
+ echo " USE=binary"
+ else
+ echo " USE=''"
+ fi
+ echo " $(best_version sys-firmware/vgabios)"
+}
^ permalink raw reply related [flat|nested] 4+ messages in thread
end of thread, other threads:[~2015-03-22 20:27 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-11-01 16:14 [gentoo-commits] proj/hardened-dev:musl commit in: app-emulation/qemu/, app-emulation/qemu/files/ Anthony G. Basile
-- strict thread matches above, loose matches on Subject: below --
2015-03-22 20:27 Anthony G. Basile
2014-06-14 18:05 Anthony G. Basile
2014-02-22 14:27 Anthony G. Basile
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox