* [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/
@ 2015-06-11 23:46 Anthony G. Basile
0 siblings, 0 replies; 19+ messages in thread
From: Anthony G. Basile @ 2015-06-11 23:46 UTC (permalink / raw
To: gentoo-commits
commit: 5314bb59863ad9eec55630c1c45b2b52a379e6b3
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Thu Jun 11 23:47:59 2015 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Thu Jun 11 23:47:59 2015 +0000
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=5314bb59
app-emulation/qemu: clean out the older version and patches.
Package-Manager: portage-2.2.18
Manifest-Sign-Key: 0xF52D4BBA
app-emulation/qemu/Manifest | 10 -
app-emulation/qemu/files/qemu-1.5.3-openpty.patch | 12 -
app-emulation/qemu/files/qemu-1.7.0-ffsll.patch | 19 -
app-emulation/qemu/files/qemu-1.7.0-sigset_t.patch | 12 -
.../qemu/files/qemu-2.1.0-CVE-2014-5388.patch | 36 --
.../qemu/files/qemu-2.1.1-readlink-self.patch | 81 ---
.../qemu/files/qemu-2.1.2-vnc-sanitize-bits.patch | 50 --
app-emulation/qemu/files/qemu-9999-cflags.patch | 13 -
.../qemu-9999-virtfs-proxy-helper-accept.patch | 30 --
app-emulation/qemu/qemu-2.1.2-r99.ebuild | 600 ---------------------
10 files changed, 863 deletions(-)
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
index c77f5c3..2ecdb66 100644
--- a/app-emulation/qemu/Manifest
+++ b/app-emulation/qemu/Manifest
@@ -1,24 +1,14 @@
AUX 65-kvm.rules 40 SHA256 c16a8dc7855880b2651f1a3ff488ecc54d4ac1036c71fffd5007021d8d18a7c5 SHA512 98aad2a2f212a7ac0ee5b60a9c92744fa462bce5f26594845c7a31d692aaaca2d52cb57bdbede7dfc60b9862c2a6510665dbb03215d5cf76e62516a283decdd6 WHIRLPOOL 937de93a23930f6b8533f0c3e0dd249c99ddf7d54446dea857607266ac0a4b435c5b4a52b2986b138bace9c0a7ade66f94116b38e2bc4767ead54bd11baf0920
AUX bridge.conf 454 SHA256 a51850dd39923f3482e4c575b48ad9fef9c9ebb2f2176225da399b79ce48c69d SHA512 a907ee86b81a1b61033bb7621ded65112504131ef7b698c53e4014b958ee6fc79e66f63069015a01e41362cb70a7d0ed26dd9a03033cf776f4846f0e1f8f1533 WHIRLPOOL 8fcbd4abf9b8f7ca3d16fe0eaf17196ebf708dfecf85ce0f020e0de22b64905114f7b310f361826c81bb961c6b1bbbf984bff1e595bb949993b8966ccb222c35
-AUX qemu-1.5.3-openpty.patch 256 SHA256 885ff6391fc7a106b41f7d29ff103c083ecc34580ddd68918c0398bacff43aad SHA512 e5e1900d015880977fcad370b79d5030c782edf2a5794d082796714f95b431447e7d38558ffdfae5af5f7d5d5d6dc2ba3af27e0cee644a72b62651a4570009e4 WHIRLPOOL 894593cd57a96a619b53574e5e86ba72b62659e525cb615522e7ee9ff856454b7d0aee5f9c8cf08641efa5245aba3577808ec8858f4ea73f30483313eb315204
AUX qemu-1.7.0-cflags.patch 300 SHA256 8f35e55c4bae93e82f9580eabe2d6a2d4660bd05343e1f4e6c33815deeede91e SHA512 54446cb555b623b2306f8a323713e4dfb1b8b7bbf3af3771d5b62e164e0672cc21cbe44f08ca8b58052523e8d629e16355a44ebb544a999a44d11ac3af671f1c WHIRLPOOL b903b4abefeeb09a2ab2d1ee224de5d3694f99f50aacfe33882fce0c1c87c23dae4d57b001d1c35cc96fffa93d43fac4a8ab30a3e45fe1f380580162c0332e78
-AUX qemu-1.7.0-ffsll.patch 560 SHA256 d211b937e4c50d50c680cf7e4450079a3b3924857849d7a99da4e3adac708aa8 SHA512 00594c276865ae9d3c1b748ebcf3e5d88b8a4b10e1700b215f22de5dbd6ba06bb9ad9b461bc93ba3b8794418d4197d3af45ef5eb46b9c1829afa9ca0b1eacf13 WHIRLPOOL 475307753a39fab1bf2e82602068f9992978cf74f9c3374369d1c0329592248b31830135d07d1386d8a66a7bf539a33551ac9de04478e5a2efe4d8385689e61d
-AUX qemu-1.7.0-sigset_t.patch 403 SHA256 081866f22ed90e9e4bfb91fed7b213d923d369dcfdec229fcc8120074d9ba18a SHA512 65106e0d6f3e0b8bd8623d54d9f8795d422dcae90f682025e0b71aa56e0668c24babbbebddebb0f88227e97447c50b840bcea234d264c58a438e04ea3cfa3095 WHIRLPOOL 32a6c3dc3a967dc0882914b5cf7e10cba3be7925ae0a8ed0e85690d5c12e055544240e44efaf9ab9ce3de6620f12127331d3dd46c6ea03a4bb4d56e17d68e9db
AUX qemu-2.0.0-F_SHLCK-and-F_EXLCK.patch 563 SHA256 99de67d610ad13a1dcf6c67a3c2b5b87fb909220173a956435737f9bea3c371b SHA512 a29e9a889388a6627ed492a79e66514ffb5e64f9479646982091811548fc2a9bf6682104a6c774d83e645e4b1db39e491afd4efce789fe164623442a7f3e5d00 WHIRLPOOL d3aab06099de263c22f4c71810a3b2cb8602d17731ec76674cd1415e539306555a7b96b789f0daad473600dfa04a83224ff603f7b9a9ac63a4902f74d0e9deb5
AUX qemu-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch 930 SHA256 6af6cf9044997710a6d0fbdba30a35c8d775e30d30c032ec97db672f75ec88ac SHA512 ec84b27648c01c6e58781295dcd0c2ff8e5a635f9836ef50c1da5d0ed125db1afc4cb5b01cb97606d6dd8f417acba93e1560d9a32ca29161a4bb730b302440ea WHIRLPOOL 06b9dd5251ac03405c97b1f5a623b4d86bda2f72fbcd52b90ae4d11a0cfb59cae62df2cb6189405fbe53ab05ff2b7ca8165fda239dbfe5f31ed70abb53b3b9f3
-AUX qemu-2.1.0-CVE-2014-5388.patch 1093 SHA256 df7c11ffb519f9a4c0db177359c5fe9772d5463fbd61d29905b8177e598d6887 SHA512 1f0c4b5b306f85a9a796b906cdd79106ea87a07217aee5b84ac45db0235440b55484591eeb4d0c05fbae6011879ac957304e82cb8a7b58ee77c550e32602367f WHIRLPOOL 33a09191ba765f72764ce5396e9a14c8f900efaf7e1707d535cadca38c46bf0dde0e99f6e8f0f37bd58ae512049edf78977976678088a1dc4d26f544e90cfc29
-AUX qemu-2.1.1-readlink-self.patch 2933 SHA256 3133ec1a0f0126d3362c9420602a1fdfc76fafacac8b41f5bd755e7542ee4188 SHA512 7ee06e119007e6dc08f254cbfdcc6de1c914181f60e69434190fe507a80b7d0f9e8682f0213d447481f39e145fcb0be2e118516238addb5c4326533fc0db143f WHIRLPOOL 54edcb4510546c69dedf78a2070f22e7ef2809b35a66dc2e5d356f2f1b22eea8baa5b17ed4a4d9860ee6b864fac92eb9d1bbb6daeb6e2d80e3cc702f32039996
-AUX qemu-2.1.2-vnc-sanitize-bits.patch 1279 SHA256 ef1e748fd9ffa0eb8ef412e6ea3cc96522e0ca91cf7201e6702d260ca50cbac5 SHA512 7e1a744928eb8edb76b18e58cf94da38ad1030f49ceb38f5e081d852573f8f314f998639c8e97fee27a53f51abe495b27406daa02b670a620ab2db165a47429e WHIRLPOOL bc024286739b56038bfebd6c2ad71addd9565a833f21a7a48cadbe7403c3e93c889cb2223d044448634cc93b6dc45a268299ea1b5b18c09b3477bb6e12fb0506
AUX qemu-2.2.0-_sigev_un.patch 636 SHA256 f3b9a4d6162c553f3110ad22716305818e2130e2ff5d628faf044fc58a5e3cb5 SHA512 f72b879daede5184904f64cabb276de96299a37a93fce444d09e9068671009e95a5e5d6b815ec41a5db5b3807de14d470a56bba5806ffd4dfec577577b046ccb WHIRLPOOL 9453ad4966e10d504f3e867fd984642a3c1ee3ae847b5ca56196fd1f9e6c0f2d7b52ca07446212af72fef6d0ded1527a5eb306fa6cd915e8dd9ce11523362bac
AUX qemu-2.2.1-CVE-2015-1779-1.patch 8631 SHA256 17ea04bb0571f3a346eb25ce2d61fd7053515767adedfde567fd39205993c600 SHA512 191dde0754b9466d87cf99a578ac07f0902f373156f4d5ff98540b9099a6fa8e29ba4ca9d4a5a21ae5dbba2b80c36600ea0bd2c31fa0c8734926514015166ab8 WHIRLPOOL 2be2f490eb32857b2b218761df3580bc31eb5a89bf1b289a048e9fd489cdb024869399481345b5ecb09a45c4fbf1ee4639062ae1fdbee9781e66ca6cc8af4cac
AUX qemu-2.2.1-CVE-2015-1779-2.patch 2318 SHA256 4c0966520bf09df25d99c883f94037e765406dd4097dd704e66361bb07f73679 SHA512 7a85bc8e00c60c6c36790d1169f0d84d2c75fe81c1700b4f764ddcb0d0587d4b6d228d80e65fead035e3ab99449aad2f559071edf9145ff7a755506f3ff05b0e WHIRLPOOL 078388c50367d41c810a02aa795b6ad0df381582bdd2725ae125243ee5921aa4057494f063a7de49da6b6f6343f37a3c83d96ef6d92c22e722972c8e4ea968dc
AUX qemu-2.3.0-CVE-2015-3456.patch 2853 SHA256 efac61bf9c20d5d08ef47bc9d51be5c8bd519f1d970ba3c3506c5760bf807e7d SHA512 5fed59ae67a962d187418f4bd57cebe901f9bcba817694b5e2a57daf77c34a406ed7c1f278e12d813304e58c48a24493b4e001a9ee4045bab2608f1730715ac7 WHIRLPOOL 9ad5237aa1bbe46a8493e331bb9c2152c36f9c877582485e1cf811b09430bad97a9f3b6bc52face7e4287f9c9fe4f1891de154a62ba93ea454c3ed9d44e8f729
-AUX qemu-9999-cflags.patch 347 SHA256 fe3bcbe83e81225b2c722578a0a976fcb724419d5208bbd6d02fb543e80b7e12 SHA512 e1b8be744170d61a2155b23a8394db01f8af6dc70ec033e71b2ff46f72975704836d42b96d7904e5d462289c5f8f24317f2fb28698f18a77ab1de02829e585eb WHIRLPOOL 2d972c7e40292f424fd37a4c1af04d2be095c215211ec2e1d15d8457df553342ffc02a7d39985f817fbbf5342e422d30e439c35a925341cf9b852ca7ff15a308
-AUX qemu-9999-virtfs-proxy-helper-accept.patch 973 SHA256 91cc9e024aa09ea3dd23ec52c561047656acc89f0ad0d5ddccce354c1ac4d282 SHA512 031cb1c35b479b18032f56a07fa2fa6d392a7f0919acd3636bf122ab7f75dcfbb5fc0e26e18a8a31a9888409f81c2e08438a1af999232418d940167c5031a92b WHIRLPOOL ea4dc08230289a147fd55d0bd9e32896cd4491130084fc45b4043f41caf611f07d4587cc485e6d25ba3f6fbc66939ed8faf3c2017bf33ab10e1885277fa3f6ff
AUX qemu-binfmt.initd-r1 7023 SHA256 3572c110c6f217754e638796400a5901910a2e61b8818c8569f8258b103ebcc6 SHA512 773af64fef164c00945acf5881e64a10141aa8fdc85491e57bf8dcc7c800a4f81879527998a0896a42f921edcbf5f741beb31ac2a82e45cba506c7b8461733c8 WHIRLPOOL 30382fe347248683e989c2b7fbd804ce26173b313746d80467029b2ad3594f414628f7537120b168a0e700c424d3525528eb632b07e16544c2fd07f418f3187c
AUX qemu-kvm-1.4 68 SHA256 8b1adf198129f001e75a2311fc420c168094d1084d2163cdf6a32b3b23c96137 SHA512 706fab4d155c410acc292e67fb354ce7dcd17f7e33f2ca8c9c44035ea128f8d36f89e27cf87ebe22721f5676be9e7f2ae5484fd000183c8ffd7854e02eb3d120 WHIRLPOOL ef795330b592cef8e3d92f52a77eb77a671e6aa1a47d07531917b5c1c09e72e5df1a44aea939b086e0a3c5ef2a5cea9223556a46ceae73e55300475c42f07067
-DIST qemu-2.1.2.tar.bz2 23563255 SHA256 fd10f5e45cf5a736fa5a3e1c279ae9821534e700beb7d1aab88a07648a394885 SHA512 73ef758c82b23eec649c807bee8937d7fbf267278f7777adbdb22b738672543b826d211a4b523f38cee3e2b01f05ccf40a75756fc19c911362988d8e86d5cd58 WHIRLPOOL 5703d0aa8bb4366bb7aeb44fa4f3d1b54f188de42cd8c82e894584f627802b80a3dde1aa3b15fe8602a1891ec61ac66b3cd44ec031385cca88768f375c15b554
DIST qemu-2.2.1.tar.bz2 24483500 SHA256 4617154c6ef744b83e10b744e392ad111dd351d435d6563ce24d8da75b1335a0 SHA512 970ead0c92fc04502c6d3a8dbfafa5797667b3d276a1a25ddbe991d20d8e17a588905ecbffa77fb3b9d12e481ac3776ca4c38fe89a5e4c96dc2fb045214bfa9f WHIRLPOOL 9226ce4a4f5c7247d6ab34eb8b45c9a91416ee5849dbe25b9d15cddbd6aba2b8da77280f6055d363a81ddec515d28bf501351cb7e21ecfb4bfe42cdb7e349788
-EBUILD qemu-2.1.2-r99.ebuild 18542 SHA256 3e1df3e683e3e0f98abef9d912cccb8292be1d5ac96de4982c16829f209f3451 SHA512 0338892629e480794ecc6201f6eda7259201f9add8f6e1c3f7487826455398d30dd0d78fc794b73bd73bd206b7ae2810f3d5ed74abbc435a9685c3429173fea1 WHIRLPOOL 4167e7c6d0810c93a926c84fd3fa4b46624881205ad2eae3f11e5a03bfb8231c3e265bd986bf24b8e1f7eaf41e6a2f3c8964d416e0ac95ab406383aa4d0c6e28
EBUILD qemu-2.2.1-r99.ebuild 18744 SHA256 15c5267816cbc7798b2aa0c342bd0a0254550d2fdb1497f3237aa33b53c8c59f SHA512 c7c90792a79fbf226e41f8dd61d5f3b1046a1e9c130d3216a0c29d374a09ec5aa8575e2578b843f37fd04645e2804ae91298924d307aff25922d7461bf52fe78 WHIRLPOOL ef73221242451e8772598ee1b0e346f4aa94ec59c1daf58ca9ac35d49e431c687ca5d80155e4e5846a3f76d35330a1043f9ae9018c19e0e1fc828711298aebae
MISC metadata.xml 3774 SHA256 45d220d5c3fedecb5c318e2ab1fa796391f5fd3db09e4ef218b3bc7cb3cb10e1 SHA512 90b16206b5398b4044132d930b417372e1d305a93b062c895bc3b46ae64a19aa96d2471b5838f960cca7c6c30ce58571f332731f02eaeee17e4204469c5d6330 WHIRLPOOL f5498b8cb14aeeacdfd1da30c26ceca282bba3042a6288496d624d91c3c26c1bed34c42374db04e06378c8efd78010d3bef76c41c1aa529ccf17cec513ed1fa8
diff --git a/app-emulation/qemu/files/qemu-1.5.3-openpty.patch b/app-emulation/qemu/files/qemu-1.5.3-openpty.patch
deleted file mode 100644
index 5c71c5b..0000000
--- a/app-emulation/qemu/files/qemu-1.5.3-openpty.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-Patch taken from sabotage linux
---- qemu-1.7.0.org/util/qemu-openpty.c
-+++ qemu-1.7.0/util/qemu-openpty.c
-@@ -47,6 +47,8 @@
- #elif defined CONFIG_SOLARIS
- # include <termios.h>
- # include <stropts.h>
-+#else
-+# include <termios.h>
- #endif
-
- #ifdef __sun__
diff --git a/app-emulation/qemu/files/qemu-1.7.0-ffsll.patch b/app-emulation/qemu/files/qemu-1.7.0-ffsll.patch
deleted file mode 100644
index 481bd72..0000000
--- a/app-emulation/qemu/files/qemu-1.7.0-ffsll.patch
+++ /dev/null
@@ -1,19 +0,0 @@
-taken from sabotage linux
---- qemu-1.7.0.org/hw/virtio/vhost.c
-+++ qemu-1.7.0/hw/virtio/vhost.c
-@@ -22,6 +22,15 @@
- #include "exec/address-spaces.h"
- #include "hw/virtio/virtio-bus.h"
-
-+#ifndef HAVE_FFSLL
-+static int ffsll(long long i) {
-+ unsigned long long x = i & -i;
-+ if (x <= 0xffffffff) return ffs (i);
-+ else return 32 + ffs (i >> 32);
-+}
-+#endif
-+
-+
- static void vhost_dev_sync_region(struct vhost_dev *dev,
- MemoryRegionSection *section,
- uint64_t mfirst, uint64_t mlast,
diff --git a/app-emulation/qemu/files/qemu-1.7.0-sigset_t.patch b/app-emulation/qemu/files/qemu-1.7.0-sigset_t.patch
deleted file mode 100644
index 1d5d173..0000000
--- a/app-emulation/qemu/files/qemu-1.7.0-sigset_t.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-taken from sabotage linux
---- qemu-1.7.0.org/linux-user/syscall.c
-+++ qemu-1.7.0/linux-user/syscall.c
-@@ -400,7 +400,7 @@
- #endif
- #define __NR_sys_ppoll __NR_ppoll
- _syscall5(int, sys_ppoll, struct pollfd *, fds, nfds_t, nfds,
-- struct timespec *, timeout, const __sigset_t *, sigmask,
-+ struct timespec *, timeout, const sigset_t *, sigmask,
- size_t, sigsetsize)
- #endif
-
diff --git a/app-emulation/qemu/files/qemu-2.1.0-CVE-2014-5388.patch b/app-emulation/qemu/files/qemu-2.1.0-CVE-2014-5388.patch
deleted file mode 100644
index 26a012b..0000000
--- a/app-emulation/qemu/files/qemu-2.1.0-CVE-2014-5388.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-https://bugs.gentoo.org/520688
-
-From fa365d7cd11185237471823a5a33d36765454e16 Mon Sep 17 00:00:00 2001
-From: Gonglei <arei.gonglei@huawei.com>
-Date: Wed, 20 Aug 2014 13:52:30 +0800
-Subject: [PATCH] pcihp: fix possible array out of bounds
-
-Prevent out-of-bounds array access on
-acpi_pcihp_pci_status.
-
-Signed-off-by: Gonglei <arei.gonglei@huawei.com>
-Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
-Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
-Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
-Cc: qemu-stable@nongnu.org
-Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
----
- hw/acpi/pcihp.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/hw/acpi/pcihp.c b/hw/acpi/pcihp.c
-index fae663a..34dedf1 100644
---- a/hw/acpi/pcihp.c
-+++ b/hw/acpi/pcihp.c
-@@ -231,7 +231,7 @@ static uint64_t pci_read(void *opaque, hwaddr addr, unsigned int size)
- uint32_t val = 0;
- int bsel = s->hotplug_select;
-
-- if (bsel < 0 || bsel > ACPI_PCIHP_MAX_HOTPLUG_BUS) {
-+ if (bsel < 0 || bsel >= ACPI_PCIHP_MAX_HOTPLUG_BUS) {
- return 0;
- }
-
---
-2.0.0
-
diff --git a/app-emulation/qemu/files/qemu-2.1.1-readlink-self.patch b/app-emulation/qemu/files/qemu-2.1.1-readlink-self.patch
deleted file mode 100644
index 451a968..0000000
--- a/app-emulation/qemu/files/qemu-2.1.1-readlink-self.patch
+++ /dev/null
@@ -1,81 +0,0 @@
-fix already in upstream
-
-From f17f4989fa193fa8279474c5462289a3cfe69aea Mon Sep 17 00:00:00 2001
-From: Mike Frysinger <vapier@chromium.org>
-Date: Fri, 8 Aug 2014 09:40:25 +0900
-Subject: [PATCH] linux-user: fix readlink handling with magic exe symlink
-
-The current code always returns the length of the path when it should
-be returning the number of bytes it wrote to the output string.
-
-Further, readlink is not supposed to append a NUL byte, but the current
-snprintf logic will always do just that.
-
-Even further, if you pass in a length of 0, you're suppoesd to get back
-an error (EINVAL), but the current logic just returns 0.
-
-Further still, if there was an error reading the symlink, we should not
-go ahead and try to read the target buffer as it is garbage.
-
-Simple test for the first two issues:
-$ cat test.c
-int main() {
- char buf[50];
- size_t len;
- for (len = 0; len < 10; ++len) {
- memset(buf, '!', sizeof(buf));
- ssize_t ret = readlink("/proc/self/exe", buf, len);
- buf[20] = '\0';
- printf("readlink(/proc/self/exe, {%s}, %zu) = %zi\n", buf, len, ret);
- }
- return 0;
-}
-
-Now compare the output of the native:
-$ gcc test.c -o /tmp/x
-$ /tmp/x
-$ strace /tmp/x
-
-With what qemu does:
-$ armv7a-cros-linux-gnueabi-gcc test.c -o /tmp/x -static
-$ qemu-arm /tmp/x
-$ qemu-arm -strace /tmp/x
-
-Signed-off-by: Mike Frysinger <vapier@chromium.org>
-Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
----
- linux-user/syscall.c | 15 +++++++++++++--
- 1 file changed, 13 insertions(+), 2 deletions(-)
-
-diff --git a/linux-user/syscall.c b/linux-user/syscall.c
-index fccf9f0..7c108ab 100644
---- a/linux-user/syscall.c
-+++ b/linux-user/syscall.c
-@@ -6636,11 +6636,22 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
- p2 = lock_user(VERIFY_WRITE, arg2, arg3, 0);
- if (!p || !p2) {
- ret = -TARGET_EFAULT;
-+ } else if (!arg3) {
-+ /* Short circuit this for the magic exe check. */
-+ ret = -TARGET_EINVAL;
- } else if (is_proc_myself((const char *)p, "exe")) {
- char real[PATH_MAX], *temp;
- temp = realpath(exec_path, real);
-- ret = temp == NULL ? get_errno(-1) : strlen(real) ;
-- snprintf((char *)p2, arg3, "%s", real);
-+ /* Return value is # of bytes that we wrote to the buffer. */
-+ if (temp == NULL) {
-+ ret = get_errno(-1);
-+ } else {
-+ /* Don't worry about sign mismatch as earlier mapping
-+ * logic would have thrown a bad address error. */
-+ ret = MIN(strlen(real), arg3);
-+ /* We cannot NUL terminate the string. */
-+ memcpy(p2, real, ret);
-+ }
- } else {
- ret = get_errno(readlink(path(p), p2, arg3));
- }
---
-2.0.0
-
diff --git a/app-emulation/qemu/files/qemu-2.1.2-vnc-sanitize-bits.patch b/app-emulation/qemu/files/qemu-2.1.2-vnc-sanitize-bits.patch
deleted file mode 100644
index 34f136f..0000000
--- a/app-emulation/qemu/files/qemu-2.1.2-vnc-sanitize-bits.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-https://bugs.gentoo.org/527088
-
-From e6908bfe8e07f2b452e78e677da1b45b1c0f6829 Mon Sep 17 00:00:00 2001
-From: Petr Matousek <pmatouse@redhat.com>
-Date: Mon, 27 Oct 2014 12:41:44 +0100
-Subject: [PATCH] vnc: sanitize bits_per_pixel from the client
-
-bits_per_pixel that are less than 8 could result in accessing
-non-initialized buffers later in the code due to the expectation
-that bytes_per_pixel value that is used to initialize these buffers is
-never zero.
-
-To fix this check that bits_per_pixel from the client is one of the
-values that the rfb protocol specification allows.
-
-This is CVE-2014-7815.
-
-Signed-off-by: Petr Matousek <pmatouse@redhat.com>
-
-[ kraxel: apply codestyle fix ]
-
-Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
----
- ui/vnc.c | 10 ++++++++++
- 1 file changed, 10 insertions(+)
-
-diff --git a/ui/vnc.c b/ui/vnc.c
-index 0fe6eff..8bca597 100644
---- a/ui/vnc.c
-+++ b/ui/vnc.c
-@@ -2026,6 +2026,16 @@ static void set_pixel_format(VncState *vs,
- return;
- }
-
-+ switch (bits_per_pixel) {
-+ case 8:
-+ case 16:
-+ case 32:
-+ break;
-+ default:
-+ vnc_client_error(vs);
-+ return;
-+ }
-+
- vs->client_pf.rmax = red_max;
- vs->client_pf.rbits = hweight_long(red_max);
- vs->client_pf.rshift = red_shift;
---
-2.1.2
-
diff --git a/app-emulation/qemu/files/qemu-9999-cflags.patch b/app-emulation/qemu/files/qemu-9999-cflags.patch
deleted file mode 100644
index 08a6c9f..0000000
--- a/app-emulation/qemu/files/qemu-9999-cflags.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-diff --git a/configure b/configure
-index 82f6e71..7e19aaf 100755
---- a/configure
-+++ b/configure
-@@ -3131,8 +3131,6 @@ fi
- if test "$gcov" = "yes" ; then
- CFLAGS="-fprofile-arcs -ftest-coverage -g $CFLAGS"
- LDFLAGS="-fprofile-arcs -ftest-coverage $LDFLAGS"
--elif test "$debug" = "no" ; then
-- CFLAGS="-O2 -D_FORTIFY_SOURCE=2 $CFLAGS"
- fi
-
-
diff --git a/app-emulation/qemu/files/qemu-9999-virtfs-proxy-helper-accept.patch b/app-emulation/qemu/files/qemu-9999-virtfs-proxy-helper-accept.patch
deleted file mode 100644
index f8a5249..0000000
--- a/app-emulation/qemu/files/qemu-9999-virtfs-proxy-helper-accept.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From c5970614489e385e69667f1f323421442a7a46c0 Mon Sep 17 00:00:00 2001
-From: Tim Comer <comer0@gmail.com>
-Date: Sat, 19 Apr 2014 12:51:42 -0400
-Subject: [PATCH] virtfs-proxy-helper: fix call to accept
-
-The current code calls accept() without initializing the size parameter
-which means the accept call might write too much to the stack.
-
-URL: https://bugs.gentoo.org/486714
-Signed-off-by: Tim Comer <comer0@gmail.com>
-Signed-off-by: Mike Frysinger <vapier@gentoo.org>
----
- fsdev/virtfs-proxy-helper.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c
-index bfecb87..cd291d3 100644
---- a/fsdev/virtfs-proxy-helper.c
-+++ b/fsdev/virtfs-proxy-helper.c
-@@ -760,6 +760,7 @@ static int proxy_socket(const char *path, uid_t uid, gid_t gid)
- return -1;
- }
-
-+ size = sizeof(qemu);
- client = accept(sock, (struct sockaddr *)&qemu, &size);
- if (client < 0) {
- do_perror("accept");
---
-1.9.2
-
diff --git a/app-emulation/qemu/qemu-2.1.2-r99.ebuild b/app-emulation/qemu/qemu-2.1.2-r99.ebuild
deleted file mode 100644
index 4a1c813..0000000
--- a/app-emulation/qemu/qemu-2.1.2-r99.ebuild
+++ /dev/null
@@ -1,600 +0,0 @@
-# Copyright 1999-2014 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-emulation/qemu/qemu-2.1.2-r1.ebuild,v 1.4 2014/11/08 18:09:33 ago Exp $
-
-EAPI=5
-
-PYTHON_COMPAT=( python{2_6,2_7} )
-PYTHON_REQ_USE="ncurses,readline"
-
-inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \
- user udev fcaps readme.gentoo pax-utils
-
-BACKPORTS=
-
-if [[ ${PV} = *9999* ]]; then
- EGIT_REPO_URI="git://git.qemu.org/qemu.git"
- inherit git-2
- SRC_URI=""
- KEYWORDS=""
-else
- SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2
- ${BACKPORTS:+
- http://dev.gentoo.org/~cardoe/distfiles/${P}-${BACKPORTS}.tar.xz}"
- KEYWORDS="amd64 ~ppc ~ppc64 x86 ~x86-fbsd"
-fi
-
-DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
-HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
-
-LICENSE="GPL-2 LGPL-2 BSD-2"
-SLOT="0"
-IUSE="accessibility +aio alsa bluetooth +caps +curl debug +fdt glusterfs \
-gtk infiniband iscsi +jpeg \
-kernel_linux kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs
-+png pulseaudio python \
-rbd sasl +seccomp sdl selinux smartcard snappy spice ssh static static-softmmu \
-static-user systemtap tci test +threads tls usb usbredir +uuid vde +vhost-net \
-virtfs +vnc xattr xen xfs"
-
-COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel mips
-mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc sparc64 unicore32
-x86_64"
-IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS} lm32 moxie ppcemb xtensa xtensaeb"
-IUSE_USER_TARGETS="${COMMON_TARGETS} armeb mipsn32 mipsn32el ppc64abi32 sparc32plus"
-
-use_targets="
- $(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
- $(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS})
-"
-IUSE+=" ${use_targets}"
-
-# Require at least one softmmu or user target.
-# Block USE flag configurations known to not work.
-REQUIRED_USE="|| ( ${use_targets} )
- ${PYTHON_REQUIRED_USE}
- qemu_softmmu_targets_arm? ( fdt )
- qemu_softmmu_targets_microblaze? ( fdt )
- qemu_softmmu_targets_ppc? ( fdt )
- qemu_softmmu_targets_ppc64? ( fdt )
- static? ( static-softmmu static-user )
- static-softmmu? ( !alsa !pulseaudio !bluetooth !opengl !gtk )
- virtfs? ( xattr )"
-
-# Yep, you need both libcap and libcap-ng since virtfs only uses libcap.
-#
-# The attr lib isn't always linked in (although the USE flag is always
-# respected). This is because qemu supports using the C library's API
-# when available rather than always using the extranl library.
-COMMON_LIB_DEPEND=">=dev-libs/glib-2.0[static-libs(+)]
- sys-libs/zlib[static-libs(+)]
- xattr? ( sys-apps/attr[static-libs(+)] )"
-SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND}
- >=x11-libs/pixman-0.28.0[static-libs(+)]
- aio? ( dev-libs/libaio[static-libs(+)] )
- caps? ( sys-libs/libcap-ng[static-libs(+)] )
- curl? ( >=net-misc/curl-7.15.4[static-libs(+)] )
- fdt? ( >=sys-apps/dtc-1.4.0[static-libs(+)] )
- glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] )
- infiniband? ( sys-infiniband/librdmacm[static-libs(+)] )
- jpeg? ( virtual/jpeg[static-libs(+)] )
- lzo? ( dev-libs/lzo:2[static-libs(+)] )
- ncurses? ( sys-libs/ncurses[static-libs(+)] )
- nfs? ( >=net-fs/libnfs-1.9.3[static-libs(+)] )
- numa? ( sys-process/numactl[static-libs(+)] )
- png? ( media-libs/libpng[static-libs(+)] )
- rbd? ( sys-cluster/ceph[static-libs(+)] )
- sasl? ( dev-libs/cyrus-sasl[static-libs(+)] )
- sdl? ( >=media-libs/libsdl-1.2.11[static-libs(+)] )
- seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] )
- snappy? ( app-arch/snappy[static-libs(+)] )
- spice? ( >=app-emulation/spice-0.12.0[static-libs(+)] )
- ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] )
- tls? ( net-libs/gnutls[static-libs(+)] )
- usb? ( >=dev-libs/libusb-1.0.18[static-libs(+)] )
- uuid? ( >=sys-apps/util-linux-2.16.0[static-libs(+)] )
- vde? ( net-misc/vde[static-libs(+)] )
- xfs? ( sys-fs/xfsprogs[static-libs(+)] )"
-USER_LIB_DEPEND="${COMMON_LIB_DEPEND}"
-X86_FIRMWARE_DEPEND="
- >=sys-firmware/ipxe-1.0.0_p20130624
- pin-upstream-blobs? (
- ~sys-firmware/seabios-1.7.5
- ~sys-firmware/sgabios-0.1_pre8
- ~sys-firmware/vgabios-0.7a
- )
- !pin-upstream-blobs? (
- sys-firmware/seabios
- sys-firmware/sgabios
- sys-firmware/vgabios
- )"
-CDEPEND="!static-softmmu? ( ${SOFTMMU_LIB_DEPEND//\[static-libs(+)]} )
- !static-user? ( ${USER_LIB_DEPEND//\[static-libs(+)]} )
- qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} )
- qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )
- accessibility? ( app-accessibility/brltty )
- alsa? ( >=media-libs/alsa-lib-1.0.13 )
- bluetooth? ( net-wireless/bluez )
- gtk? (
- x11-libs/gtk+:3
- x11-libs/vte:2.90
- )
- iscsi? ( net-libs/libiscsi )
- opengl? ( virtual/opengl )
- pulseaudio? ( media-sound/pulseaudio )
- python? ( ${PYTHON_DEPS} )
- sdl? ( media-libs/libsdl[X] )
- smartcard? ( dev-libs/nss !app-emulation/libcacard )
- spice? ( >=app-emulation/spice-protocol-0.12.3 )
- systemtap? ( dev-util/systemtap )
- usbredir? ( >=sys-apps/usbredir-0.6 )
- virtfs? ( sys-libs/libcap )
- xen? ( app-emulation/xen-tools )"
-DEPEND="${CDEPEND}
- dev-lang/perl
- =dev-lang/python-2*
- sys-apps/texinfo
- virtual/pkgconfig
- kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 )
- gtk? ( nls? ( sys-devel/gettext ) )
- static-softmmu? ( ${SOFTMMU_LIB_DEPEND} )
- static-user? ( ${USER_LIB_DEPEND} )
- test? (
- dev-libs/glib[utils]
- sys-devel/bc
- )"
-RDEPEND="${CDEPEND}
- selinux? ( sec-policy/selinux-qemu )
-"
-
-STRIP_MASK="/usr/share/qemu/palcode-clipper"
-
-QA_PREBUILT="
- usr/share/qemu/openbios-ppc
- usr/share/qemu/openbios-sparc64
- usr/share/qemu/openbios-sparc32
- usr/share/qemu/palcode-clipper
- usr/share/qemu/s390-ccw.img
- usr/share/qemu/u-boot.e500
-"
-
-QA_WX_LOAD="usr/bin/qemu-i386
- usr/bin/qemu-x86_64
- usr/bin/qemu-alpha
- usr/bin/qemu-arm
- usr/bin/qemu-cris
- usr/bin/qemu-m68k
- usr/bin/qemu-microblaze
- usr/bin/qemu-microblazeel
- usr/bin/qemu-mips
- usr/bin/qemu-mipsel
- usr/bin/qemu-or32
- usr/bin/qemu-ppc
- usr/bin/qemu-ppc64
- usr/bin/qemu-ppc64abi32
- usr/bin/qemu-sh4
- usr/bin/qemu-sh4eb
- usr/bin/qemu-sparc
- usr/bin/qemu-sparc64
- usr/bin/qemu-armeb
- usr/bin/qemu-sparc32plus
- usr/bin/qemu-s390x
- usr/bin/qemu-unicore32"
-
-DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure
-you have the kernel module loaded before running kvm. The easiest way to
-ensure that the kernel module is loaded is to load it on boot.\n
-For AMD CPUs the module is called 'kvm-amd'\n
-For Intel CPUs the module is called 'kvm-intel'\n
-Please review /etc/conf.d/modules for how to load these\n\n
-Make sure your user is in the 'kvm' group\n
-Just run 'gpasswd -a <USER> kvm', then have <USER> re-login."
-
-qemu_support_kvm() {
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386 \
- use qemu_softmmu_targets_ppc || use qemu_softmmu_targets_ppc64 \
- use qemu_softmmu_targets_s390x; then
- return 0
- fi
-
- return 1
-}
-
-pkg_pretend() {
- if use kernel_linux && kernel_is lt 2 6 25; then
- eerror "This version of KVM requres a host kernel of 2.6.25 or higher."
- elif use kernel_linux; then
- if ! linux_config_exists; then
- eerror "Unable to check your kernel for KVM support"
- else
- CONFIG_CHECK="~KVM ~TUN ~BRIDGE"
- ERROR_KVM="You must enable KVM in your kernel to continue"
- ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in"
- ERROR_KVM_AMD+=" your kernel configuration."
- ERROR_KVM_INTEL="If you have an Intel CPU, you must enable"
- ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration."
- ERROR_TUN="You will need the Universal TUN/TAP driver compiled"
- ERROR_TUN+=" into your kernel or loaded as a module to use the"
- ERROR_TUN+=" virtual network device if using -net tap."
- ERROR_BRIDGE="You will also need support for 802.1d"
- ERROR_BRIDGE+=" Ethernet Bridging for some network configurations."
- use vhost-net && CONFIG_CHECK+=" ~VHOST_NET"
- ERROR_VHOST_NET="You must enable VHOST_NET to have vhost-net"
- ERROR_VHOST_NET+=" support"
-
- if use amd64 || use x86 || use amd64-linux || use x86-linux; then
- CONFIG_CHECK+=" ~KVM_AMD ~KVM_INTEL"
- fi
-
- use python && CONFIG_CHECK+=" ~DEBUG_FS"
- ERROR_DEBUG_FS="debugFS support required for kvm_stat"
-
- # Now do the actual checks setup above
- check_extra_config
- fi
- fi
-
- if grep -qs '/usr/bin/qemu-kvm' "${EROOT}"/etc/libvirt/qemu/*.xml; then
- eerror "The kvm/qemu-kvm wrappers no longer exist, but your libvirt"
- eerror "instances are still pointing to it. Please update your"
- eerror "configs in /etc/libvirt/qemu/ to use the -enable-kvm flag"
- eerror "and the right system binary (e.g. qemu-system-x86_64)."
- die "update your virt configs to not use qemu-kvm"
- fi
-}
-
-pkg_setup() {
- enewgroup kvm 78
-}
-
-src_prepare() {
- # Alter target makefiles to accept CFLAGS set via flag-o
- sed -i -r \
- -e 's/^(C|OP_C|HELPER_C)FLAGS=/\1FLAGS+=/' \
- Makefile Makefile.target || die
-
- # Cheap hack to disable gettext .mo generation.
- use nls || rm -f po/*.po
-
- epatch "${FILESDIR}"/qemu-1.7.0-cflags.patch
- epatch "${FILESDIR}"/${PN}-2.1.1-readlink-self.patch
- epatch "${FILESDIR}"/${PN}-2.1.2-vnc-sanitize-bits.patch #527088
- epatch "${FILESDIR}"/${PN}-2.0.0-F_SHLCK-and-F_EXLCK.patch #for musl
- epatch "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch #for musl
- [[ -n ${BACKPORTS} ]] && \
- EPATCH_FORCE=yes EPATCH_SUFFIX="patch" EPATCH_SOURCE="${S}/patches" \
- epatch
-
- # Fix ld and objcopy being called directly
- tc-export AR LD OBJCOPY
-
- # Verbose builds
- MAKEOPTS+=" V=1"
-
- epatch_user
-}
-
-##
-# configures qemu based on the build directory and the build type
-# we are using.
-#
-qemu_src_configure() {
- debug-print-function ${FUNCNAME} "$@"
-
- local buildtype=$1
- local builddir=$2
- local static_flag="static-${buildtype}"
-
- # audio options
- local audio_opts="oss"
- use alsa && audio_opts="alsa,${audio_opts}"
- use sdl && audio_opts="sdl,${audio_opts}"
- use pulseaudio && audio_opts="pa,${audio_opts}"
-
- local conf_opts=(
- --prefix=/usr
- --sysconfdir=/etc
- --libdir=/usr/$(get_libdir)
- --docdir=/usr/share/doc/${PF}/html
- --disable-bsd-user
- --disable-guest-agent
- --disable-strip
- --disable-werror
- --python="${PYTHON}"
- --cc="$(tc-getCC)"
- --cxx="$(tc-getCXX)"
- --host-cc="$(tc-getBUILD_CC)"
- $(use_enable debug debug-info)
- $(use_enable debug debug-tcg)
- --enable-docs
- $(use_enable tci tcg-interpreter)
- $(use_enable xattr attr)
- )
-
- # Disable options not used by user targets as the default configure
- # options will autoprobe and try to link in a bunch of unused junk.
- conf_softmmu() {
- if [[ ${buildtype} == "user" ]] ; then
- echo "--disable-${2:-$1}"
- else
- use_enable "$@"
- fi
- }
- conf_opts+=(
- $(conf_softmmu accessibility brlapi)
- $(conf_softmmu aio linux-aio)
- $(conf_softmmu bluetooth bluez)
- $(conf_softmmu caps cap-ng)
- $(conf_softmmu curl)
- $(conf_softmmu fdt)
- $(conf_softmmu glusterfs)
- $(conf_softmmu gtk)
- $(conf_softmmu infiniband rdma)
- $(conf_softmmu iscsi libiscsi)
- $(conf_softmmu jpeg vnc-jpeg)
- $(conf_softmmu kernel_linux kvm)
- $(conf_softmmu lzo)
- $(conf_softmmu ncurses curses)
- $(conf_softmmu nfs libnfs)
- $(conf_softmmu numa)
- $(conf_softmmu opengl glx)
- $(conf_softmmu png vnc-png)
- $(conf_softmmu rbd)
- $(conf_softmmu sasl vnc-sasl)
- $(conf_softmmu sdl)
- $(conf_softmmu seccomp)
- $(conf_softmmu smartcard smartcard-nss)
- $(conf_softmmu snappy)
- $(conf_softmmu spice)
- $(conf_softmmu ssh libssh2)
- $(conf_softmmu tls quorum)
- $(conf_softmmu tls vnc-tls)
- $(conf_softmmu tls vnc-ws)
- $(conf_softmmu usb libusb)
- $(conf_softmmu usbredir usb-redir)
- $(conf_softmmu uuid)
- $(conf_softmmu vde)
- $(conf_softmmu vhost-net)
- $(conf_softmmu virtfs)
- $(conf_softmmu vnc)
- $(conf_softmmu xen)
- $(conf_softmmu xen xen-pci-passthrough)
- $(conf_softmmu xfs xfsctl)
- )
-
- case ${buildtype} in
- user)
- conf_opts+=(
- --enable-linux-user
- --disable-system
- --target-list="${user_targets}"
- --disable-blobs
- --disable-tools
- )
- ;;
- softmmu)
- conf_opts+=(
- --disable-linux-user
- --enable-system
- --target-list="${softmmu_targets}"
- --with-system-pixman
- --audio-drv-list="${audio_opts}"
- )
- use gtk && conf_opts+=( --with-gtkabi=3.0 )
- ;;
- esac
-
- # Add support for SystemTAP
- use systemtap && conf_opts+=( --enable-trace-backend=dtrace )
-
- # We always want to attempt to build with PIE support as it results
- # in a more secure binary. But it doesn't work with static or if
- # the current GCC doesn't have PIE support.
- if use ${static_flag}; then
- conf_opts+=( --static --disable-pie )
- else
- gcc-specs-pie && conf_opts+=( --enable-pie )
- fi
-
- einfo "./configure ${conf_opts[*]}"
- cd "${builddir}"
- ../configure "${conf_opts[@]}" || die "configure failed"
-
- # FreeBSD's kernel does not support QEMU assigning/grabbing
- # host USB devices yet
- use kernel_FreeBSD && \
- sed -i -E -e "s|^(HOST_USB=)bsd|\1stub|" "${S}"/config-host.mak
-}
-
-src_configure() {
- local target
-
- python_export_best
-
- softmmu_targets= softmmu_bins=()
- user_targets= user_bins=()
-
- for target in ${IUSE_SOFTMMU_TARGETS} ; do
- if use "qemu_softmmu_targets_${target}"; then
- softmmu_targets+=",${target}-softmmu"
- softmmu_bins+=( "qemu-system-${target}" )
- fi
- done
-
- for target in ${IUSE_USER_TARGETS} ; do
- if use "qemu_user_targets_${target}"; then
- user_targets+=",${target}-linux-user"
- user_bins+=( "qemu-${target}" )
- fi
- done
-
- [[ -n ${softmmu_targets} ]] && \
- einfo "Building the following softmmu targets: ${softmmu_targets}"
-
- [[ -n ${user_targets} ]] && \
- einfo "Building the following user targets: ${user_targets}"
-
- if [[ -n ${softmmu_targets} ]]; then
- mkdir "${S}/softmmu-build"
- qemu_src_configure "softmmu" "${S}/softmmu-build"
- fi
-
- if [[ -n ${user_targets} ]]; then
- mkdir "${S}/user-build"
- qemu_src_configure "user" "${S}/user-build"
- fi
-}
-
-src_compile() {
- if [[ -n ${user_targets} ]]; then
- cd "${S}/user-build"
- default
- fi
-
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- default
- fi
-}
-
-src_test() {
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- pax-mark m */qemu-system-* #515550
- emake -j1 check
- emake -j1 check-report.html
- fi
-}
-
-qemu_python_install() {
- python_domodule "${S}/scripts/qmp/qmp.py"
-
- python_doscript "${S}/scripts/kvm/kvm_stat"
- python_doscript "${S}/scripts/kvm/vmxcap"
- python_doscript "${S}/scripts/qmp/qmp-shell"
- python_doscript "${S}/scripts/qmp/qemu-ga-client"
-}
-
-src_install() {
- if [[ -n ${user_targets} ]]; then
- cd "${S}/user-build"
- emake DESTDIR="${ED}" install
-
- # Install binfmt handler init script for user targets
- newinitd "${FILESDIR}/qemu-binfmt.initd-r1" qemu-binfmt
- fi
-
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- emake DESTDIR="${ED}" install
-
- # This might not exist if the test failed. #512010
- [[ -e check-report.html ]] && dohtml check-report.html
-
- if use kernel_linux; then
- udev_dorules "${FILESDIR}"/65-kvm.rules
- fi
-
- if use python; then
- python_foreach_impl qemu_python_install
- fi
- fi
-
- # Disable mprotect on the qemu binaries as they use JITs to be fast #459348
- pushd "${ED}"/usr/bin >/dev/null
- pax-mark m "${softmmu_bins[@]}" "${user_bins[@]}"
- popd >/dev/null
-
- # Install config file example for qemu-bridge-helper
- insinto "/etc/qemu"
- doins "${FILESDIR}/bridge.conf"
-
- # Remove the docdir placed qmp-commands.txt
- mv "${ED}/usr/share/doc/${PF}/html/qmp-commands.txt" "${S}/docs/qmp/"
-
- cd "${S}"
- dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt
- newdoc pc-bios/README README.pc-bios
- dodoc docs/qmp/*.txt
-
- # Remove SeaBIOS since we're using the SeaBIOS packaged one
- rm "${ED}/usr/share/qemu/bios.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../seabios/bios.bin /usr/share/qemu/bios.bin
- fi
-
- # Remove vgabios since we're using the vgabios packaged one
- if [[ -n ${softmmu_targets} ]]; then
- rm "${ED}/usr/share/qemu/vgabios.bin"
- rm "${ED}/usr/share/qemu/vgabios-cirrus.bin"
- rm "${ED}/usr/share/qemu/vgabios-qxl.bin"
- rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
- rm "${ED}/usr/share/qemu/vgabios-vmware.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../vgabios/vgabios.bin /usr/share/qemu/vgabios.bin
- dosym ../vgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
- dosym ../vgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
- dosym ../vgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
- dosym ../vgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
- fi
-
- # Remove sgabios since we're using the sgabios packaged one
- rm "${ED}/usr/share/qemu/sgabios.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../sgabios/sgabios.bin /usr/share/qemu/sgabios.bin
- fi
-
- # Remove iPXE since we're using the iPXE packaged one
- rm "${ED}"/usr/share/qemu/pxe-*.rom
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../ipxe/8086100e.rom /usr/share/qemu/pxe-e1000.rom
- dosym ../ipxe/80861209.rom /usr/share/qemu/pxe-eepro100.rom
- dosym ../ipxe/10500940.rom /usr/share/qemu/pxe-ne2k_pci.rom
- dosym ../ipxe/10222000.rom /usr/share/qemu/pxe-pcnet.rom
- dosym ../ipxe/10ec8139.rom /usr/share/qemu/pxe-rtl8139.rom
- dosym ../ipxe/1af41000.rom /usr/share/qemu/pxe-virtio.rom
- fi
- fi
-
- qemu_support_kvm && readme.gentoo_create_doc
-}
-
-pkg_postinst() {
- if qemu_support_kvm; then
- readme.gentoo_print_elog
- ewarn "Migration from qemu-kvm instances and loading qemu-kvm created"
- ewarn "save states has been removed starting with the 1.6.2 release"
- ewarn
- ewarn "It is recommended that you migrate any VMs that may be running"
- ewarn "on qemu-kvm to a host with a newer qemu and regenerate"
- ewarn "any saved states with a newer qemu."
- ewarn
- ewarn "qemu-kvm was the primary qemu provider in Gentoo through 1.2.x"
-
- if use x86 || use amd64; then
- ewarn
- ewarn "The /usr/bin/kvm and /usr/bin/qemu-kvm wrappers are no longer"
- ewarn "installed. In order to use kvm acceleration, pass the flag"
- ewarn "-enable-kvm when running your system target."
- fi
- fi
-
- fcaps cap_net_admin /usr/libexec/qemu-bridge-helper
- if use virtfs && [ -n "${softmmu_targets}" ]; then
- local virtfs_caps="cap_chown,cap_dac_override,cap_fowner,cap_fsetid,cap_setgid,cap_mknod,cap_setuid"
- fcaps ${virtfs_caps} /usr/bin/virtfs-proxy-helper
- fi
-}
-
-pkg_info() {
- echo "Using:"
- echo " $(best_version app-emulation/spice-protocol)"
- echo " $(best_version sys-firmware/ipxe)"
- echo " $(best_version sys-firmware/seabios)"
- if has_version sys-firmware/seabios[binary]; then
- echo " USE=binary"
- else
- echo " USE=''"
- fi
- echo " $(best_version sys-firmware/vgabios)"
-}
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/
@ 2016-10-01 19:38 Felix Janda
0 siblings, 0 replies; 19+ messages in thread
From: Felix Janda @ 2016-10-01 19:38 UTC (permalink / raw
To: gentoo-commits
commit: 8308b5d857fa865e06de75451acbe5c2bc359cf2
Author: Felix Janda <felix.janda <AT> posteo <DOT> de>
AuthorDate: Fri Sep 30 00:07:37 2016 +0000
Commit: Felix Janda <felix.janda <AT> posteo <DOT> de>
CommitDate: Sat Oct 1 19:35:26 2016 +0000
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=8308b5d8
app-emulation/qemu: bump to 2.7.0
app-emulation/qemu/Manifest | 25 +--
.../qemu/files/qemu-2.2.0-_sigev_un.patch | 5 +-
.../qemu/files/qemu-2.5.0-CVE-2016-2198.patch | 46 ------
.../files/qemu-2.5.0-rng-stack-corrupt-0.patch | 98 -----------
.../files/qemu-2.5.0-rng-stack-corrupt-1.patch | 135 ----------------
.../files/qemu-2.5.0-rng-stack-corrupt-2.patch | 155 ------------------
.../files/qemu-2.5.0-rng-stack-corrupt-3.patch | 179 ---------------------
.../qemu/files/qemu-2.5.1-CVE-2015-8558.patch | 107 ------------
.../qemu/files/qemu-2.5.1-CVE-2016-4020.patch | 16 --
.../files/qemu-2.5.1-stellaris_enet-overflow.patch | 47 ------
| 82 ----------
.../qemu/files/qemu-2.7.0-CVE-2016-6836.patch | 27 ++++
.../qemu/files/qemu-2.7.0-CVE-2016-7155.patch | 81 ++++++++++
.../qemu/files/qemu-2.7.0-CVE-2016-7156.patch | 62 +++++++
.../qemu/files/qemu-2.7.0-CVE-2016-7157-1.patch | 28 ++++
.../qemu/files/qemu-2.7.0-CVE-2016-7157-2.patch | 27 ++++
.../qemu/files/qemu-2.7.0-CVE-2016-7170.patch | 40 +++++
.../qemu/files/qemu-2.7.0-CVE-2016-7421.patch | 34 ++++
.../qemu/files/qemu-2.7.0-CVE-2016-7422.patch | 38 +++++
.../qemu/files/qemu-2.7.0-CVE-2016-7423.patch | 31 ++++
.../qemu/files/qemu-2.7.0-CVE-2016-7466.patch | 26 +++
...qemu-2.5.1-r99.ebuild => qemu-2.7.0-r99.ebuild} | 46 +++---
22 files changed, 433 insertions(+), 902 deletions(-)
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
index 5d10f94..1eb09a6 100644
--- a/app-emulation/qemu/Manifest
+++ b/app-emulation/qemu/Manifest
@@ -2,20 +2,21 @@ AUX 65-kvm.rules 40 SHA256 c16a8dc7855880b2651f1a3ff488ecc54d4ac1036c71fffd50070
AUX bridge.conf 454 SHA256 a51850dd39923f3482e4c575b48ad9fef9c9ebb2f2176225da399b79ce48c69d SHA512 a907ee86b81a1b61033bb7621ded65112504131ef7b698c53e4014b958ee6fc79e66f63069015a01e41362cb70a7d0ed26dd9a03033cf776f4846f0e1f8f1533 WHIRLPOOL 8fcbd4abf9b8f7ca3d16fe0eaf17196ebf708dfecf85ce0f020e0de22b64905114f7b310f361826c81bb961c6b1bbbf984bff1e595bb949993b8966ccb222c35
AUX qemu-2.0.0-F_SHLCK-and-F_EXLCK.patch 563 SHA256 99de67d610ad13a1dcf6c67a3c2b5b87fb909220173a956435737f9bea3c371b SHA512 a29e9a889388a6627ed492a79e66514ffb5e64f9479646982091811548fc2a9bf6682104a6c774d83e645e4b1db39e491afd4efce789fe164623442a7f3e5d00 WHIRLPOOL d3aab06099de263c22f4c71810a3b2cb8602d17731ec76674cd1415e539306555a7b96b789f0daad473600dfa04a83224ff603f7b9a9ac63a4902f74d0e9deb5
AUX qemu-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch 930 SHA256 6af6cf9044997710a6d0fbdba30a35c8d775e30d30c032ec97db672f75ec88ac SHA512 ec84b27648c01c6e58781295dcd0c2ff8e5a635f9836ef50c1da5d0ed125db1afc4cb5b01cb97606d6dd8f417acba93e1560d9a32ca29161a4bb730b302440ea WHIRLPOOL 06b9dd5251ac03405c97b1f5a623b4d86bda2f72fbcd52b90ae4d11a0cfb59cae62df2cb6189405fbe53ab05ff2b7ca8165fda239dbfe5f31ed70abb53b3b9f3
-AUX qemu-2.2.0-_sigev_un.patch 636 SHA256 f3b9a4d6162c553f3110ad22716305818e2130e2ff5d628faf044fc58a5e3cb5 SHA512 f72b879daede5184904f64cabb276de96299a37a93fce444d09e9068671009e95a5e5d6b815ec41a5db5b3807de14d470a56bba5806ffd4dfec577577b046ccb WHIRLPOOL 9453ad4966e10d504f3e867fd984642a3c1ee3ae847b5ca56196fd1f9e6c0f2d7b52ca07446212af72fef6d0ded1527a5eb306fa6cd915e8dd9ce11523362bac
-AUX qemu-2.5.0-CVE-2016-2198.patch 1540 SHA256 0d6d81a27ffac1af7c478a050aa690eb007cf9735a1a0c4b398eabeb990d5ab4 SHA512 b0b3131bb2b9b2d3f2a3f3286eeb92b527f0d3366e657cf8bcbabc6426b57893936c5a8ef66697ad1014b4525c09fa4d067195600f96ab2b005fd52b6e77d9a4 WHIRLPOOL f5c56b87f934c573fc71169fcded579b9917285fbfff59fd9288011775f482ead2ac09e1399f325e826305fab2f7bc2cd21d333711c526c1658a069a5ee93491
+AUX qemu-2.2.0-_sigev_un.patch 465 SHA256 4d5a1359a1bc25f1f8dcb7f021efc235b9c8f2535258ca65706c5fde15946ebe SHA512 af90b8dcd8b14716df6270436ae1d77c998a04547bf17f961b2d9a594d1abfb573ca25283a633de6bcd3a81a778b88a4c7950dbd39c23ee35191626da14eb802 WHIRLPOOL cf40379cd0c9f3a8f89823a6d9415666a99885711bdde44067d4a3a082a9b33efbe69279c0782b2e84b7586389e82845dd30668240f236266f61ba447abb8241
AUX qemu-2.5.0-cflags.patch 410 SHA256 17f5624dd733f5c80e733cc67ae36a736169ec066024dbf802b416accfed0755 SHA512 0194d28de08b4e51c5bd1c9a2cc7965ba7f66dfddb8fd91de3da93677e6cf2d38ad3270f69aaea8a20cf2533c2980018d6e0fed711be2806fe2053fba7c081f3 WHIRLPOOL 5f5b95d00409fbe03adb64801d30a2fb5f98dded5efa7f0e78b5746776f72917dcbea767e1d0afcb304d8bf8c484adedb8037e6d54e9d34997c2bc3a98b53154
-AUX qemu-2.5.0-rng-stack-corrupt-0.patch 3125 SHA256 164b155db78a9291b9f8dea71a16b5779e1a9d382a8cb0f5ff380d1f2d811cef SHA512 7da544873dbefbbc7a2ed69bd7cca0053bfe71ef7f5c2faf12cb5dc6e07b8d9104e5bcf329b3355e886edc5805509623234c9fe8fb536544d6285b04ccc59919 WHIRLPOOL f076264ce4bae5be2f34e006e3e4dcc20042313cb6da4977b61529c3100e835952807738d53a86967f98abad68eba1c8dcbb6a04af162b048399e059b5eb9d6b
-AUX qemu-2.5.0-rng-stack-corrupt-1.patch 4110 SHA256 16966eb20072a5d16fec46e5959e32708342af9a7266fe4a90a0abaf68af3529 SHA512 530d6a5f9b6795013bbe197cf0a0d7eddfb06d18c0f8410bcf5bcc2d32c4b72c325b8b0ade2c517bd305fcbdab03124cc527d24d73ce767daf51de65d00920c8 WHIRLPOOL c0b653c67993c6c6ed282f0c86099c8c80a241f10e23ef3fd8e33c6d86fbb5553049550e83954cfc6d3576735c4ce28099f813917966c0a05c84bb46a6bee413
-AUX qemu-2.5.0-rng-stack-corrupt-2.patch 4601 SHA256 c2b4e1ee8ee4bb2f4d42012a847c1da83a9e2349238d37bba1a3b9c440957f7f SHA512 ba299d07c7382f39f177f8094594daf131727d3d28633b426064f7cc6bf75d19b1ae78db248fc70ddbdb43fd2a6b0c5ed7793e6f42aba2763cdb4c12d6816c54 WHIRLPOOL 62b6ab75c32574a4c53193d82c7f51efdaa4789154c2d2f9acee7ede240d2920d92e31dfead7edc17aa12f938919143ce049d2c9ef9733baccc27d382506437f
-AUX qemu-2.5.0-rng-stack-corrupt-3.patch 5519 SHA256 5a3c2ed59bc30f395aee5cd0b77cdb06d868386e5bbe1b392169f8d96ae9474a SHA512 f62713130d3b989b274476a4cc2eafb95dc41de4723fe475e454132817a159eb729bbbe5a29aee755715100095670107c5762271184252e9d0cd43c4b25bc5d1 WHIRLPOOL f8e4aa90b90b03dd6e4dd68734cb16ee5f59a9585697ef3c48e7e861968798cb3c66018ad5a788f99b99e9fddab2ae83d977ec4b1a8599596a5ce03286726e3e
AUX qemu-2.5.0-sysmacros.patch 333 SHA256 a5716fc02da383d455f5cbd76f49e4ee74d84c2d5703319adcbeb145d04875f9 SHA512 329632c5bff846ca3ffcdb4bc94ae62f17c6bdbb566f9bec0784357c943523e8ca7773790b83a9617734cab3b003baa3d636cbd08f7385810a63b0fa0383c4f0 WHIRLPOOL 2a774767d4685545d3ed18e4f5dece99a9007597d73c56197652ff24083550f987ffb69e5c624760dece87def71a7c5c22a694bf999d7309e48ef622f18f0d73
-AUX qemu-2.5.1-CVE-2015-8558.patch 3237 SHA256 3320c5624a33076b36f39566a4c3bbe5f95adae44207512d791175bcfc3959ff SHA512 c6ea0ca7d0ea221e9704001d26dae143861463ec45c7a543f041520874dd6e3a2d4bdb6d1eca25097f265aa2a1600858c9908b59cdd640007ab057cf7b86083f WHIRLPOOL 0c3c683a79f68ab3073a3b5e6afe2b6184d66254bd8278e131d5aa199ff51d52e5b186521ff8799345b1f1977afc112550e1a7d4b684b2a3267e9caddd0f1576
-AUX qemu-2.5.1-CVE-2016-4020.patch 567 SHA256 6c8e933593cfbedc98de81bf01e394d1ca1d016109fcc81e91f6472d2092b1a0 SHA512 90ac43329cbbcc0451470e010a1a1bd32ef8891c1f2d7d7e54e870e740c77ea8dfdec30989d586aaea250de6ca294504bf7e88818bf35e3269cf528ea3e50ce5 WHIRLPOOL 7ea7c7af1f2a3f11bc5bfe7b708021bbcb03c00d354a733c0fad14193110559cd1561939bd5bb6597a84bc01e74a914ef9dc51f28c522473b424919edc17cdb3
-AUX qemu-2.5.1-stellaris_enet-overflow.patch 1569 SHA256 5d20aef8139068eeb63c167856c8f0004e8761227d9bb1fd67240c4b922f704a SHA512 92c015af82eb92bf5f6f4d6fd86b402636a61f0ac9572cc2f002d4c795ce133f7858a38336fd5f4a25c7157dea969d288bb73f00d9a8b3b8f517ba2aea6e4ba8 WHIRLPOOL 94c49f8f78864ac3da247b569d2afc2ee0d801482a00117a7898fb396440118ef3bc54e1b61023496184f37404c893a1ef7725ce6ca9a27ca596cdf38e747603
-AUX qemu-2.5.1-xfs-linux-headers.patch 2634 SHA256 ca1eb8d4593d794541f375cb1425861e145aa036d440b9d29c4cb7b5102d018b SHA512 88b8a6178893e3354d90ad1a7cfc370fc05ffd2e3ea7c9cc8aeda9e129ea93d45838b5816afb46c0594886fbb129e3665a738f4c195183b843caedc0302530c0 WHIRLPOOL 193f1b89710ecbbb5b645a59ac6f3b7bad8191cc3228bad0427cb80c54e1b55d11d25abe1f59173b9669452f57a52f830d074bb106bdc3c05b6659826a4d561d
+AUX qemu-2.7.0-CVE-2016-6836.patch 889 SHA256 a94812131e8baa66b81971579ab84b20bf15d544e2698448a5247ac0ddca0b3d SHA512 cf7f327f26aee5b6688eb662ced8aa07775ad9558b4a02db244303f6b7d37be9cd19b18d5725819b4708184105b98830864e0ad3af81373e59e880809036345b WHIRLPOOL df00627ad447162fdcac4b2c965a8cb5c916a7fb66d8c3a4f8f48bb2d869d7805cb3308cd495ff74ebf4840e7bc2d85abf8e666d78b3da9abb4e2bae22697a82
+AUX qemu-2.7.0-CVE-2016-7155.patch 2745 SHA256 addf638a53bfae8556e463e0b78a151eef0fdf171eb395a98dbdf0332ff74131 SHA512 96e9df733c5227899da7d2ecc346139df9830dd16fc16f1f14666f8be60205a43f434fd79e158c2000926656ffa137809f1cb3c57a04cb375011f816e92e2f4b WHIRLPOOL c04c0dda417a70e4acb289c6b296da93f3eb8e51f7cfad62351b7235512e04714fdc169a87f4cbf1ef82bfc6decc8ebb5b3958f23d001795c9ebcd08369185a3
+AUX qemu-2.7.0-CVE-2016-7156.patch 2314 SHA256 7fa0d7f1025a3435b692a6e7ed8fa3be38a918395a8253e8c27f416ff37e041d SHA512 db3009fdf6d85ffd24fd4a2a40b372b0e665274bba1ce01632aef0d583f2830b58f889166a34acd36409944ab3f7e264801bf89a78f55a586b5f43429a1c86dc WHIRLPOOL ce8101b7607612ed7b9c6fbe373f9b5dec07e0ea8af0b4be8e52b4add5dd0ba12c9e5eb7380d68e3d3867988e0cfc1bdd1e8357ce2b71ef19f51e316fac62161
+AUX qemu-2.7.0-CVE-2016-7157-1.patch 888 SHA256 7a1f6199b16c220df51002e1222763d1a7c7b3a08349f664e576a9facc553516 SHA512 5c104464dfa48804d94ccca9a9d881f9e22eba2c3d9a2cbf3a645c3a696e89ea3f4603ea28deba9a1cd800df9bc5ad4894606869eca3e1e9cf95414723846938 WHIRLPOOL af42ec7ca93c92c4df060b4efd61bcc3f7cb5582d00bfe174d81f2393ad3a7f06e27cc2b2186f664860c3ee98f76dd68cd7e6de7ff7e63b778f345c32a62b495
+AUX qemu-2.7.0-CVE-2016-7157-2.patch 812 SHA256 1db3b565b4762abbc1096286c9887400591af76bf422a105e457c6bdcb887b59 SHA512 8d2177adc638d384302ec89de65a0acd4f4069580c40d6c50cb78501f25f4d171f3b92a36464711337e07dbf208f9ad93eb2f86a7361dde52026c1764341e10d WHIRLPOOL e815e165bb23cd42aaba2310e3fa48bba33b0344069e6f54c4b26dddad746516053221969fad855d6c827d42371494c609123b002e1e2a96c366d11131b3243a
+AUX qemu-2.7.0-CVE-2016-7170.patch 1527 SHA256 37d600b5a4ba143f1d6b26acbcf23357fa41a5f852774f68b6b6736a6ecec024 SHA512 c84494ec4ee9607cef7b230a25d10de444a29fecba57566df5394d40b88596ef91fbd5edfb51a58c5ecff7fa7ef39b7d32ba7976dbd011fb1b29a2e46e4e0080 WHIRLPOOL ddd3d94da447556b24257c11068bef360da6cf35e22257869b09057f42ba027636e605db96d9a66253f423f5667814a1f8c551f8eece733fd997b03d6ac81e2b
+AUX qemu-2.7.0-CVE-2016-7421.patch 1183 SHA256 f3996d9d4658fb32a04ce8ae3d3510e6a51a0aa39f64b003a636f68dacef19db SHA512 51d07015e27e4dfbde2c3ffa37d91134374b49c136735845c34155238767483ede8bbc7232ea93b4e4cbcc28195cbe1986d44ac0dd96e914ec29df3a1da9dfcc WHIRLPOOL a4e27d329591b2a3b94a7abed81df1f87509f5a38beb490d7a4ca7c14df2a864f4126c26fc044bb4357467b0f9ed0ca5811d5e85812e318adcb3236c30bef7a1
+AUX qemu-2.7.0-CVE-2016-7422.patch 1125 SHA256 7a3d31031b8ea70be29715e8d384f47ad8758e81b9cfc3768e59dd6c6a00cb2a SHA512 6a08f661cd2b00214297570c8035042544b0e707b2f20f6c59c251a73971f2b7e1920c7242ca09a4684ea58dcb177d11d087ee5e0523792e3c446e70239498ef WHIRLPOOL 82b38aa12e49695c1f0c67c303039afb05cc314d14e5bc8286bafebfbabd3eb3cddd41338d45f9510ea2f5074fd9028b39c251be0e5856e0221232a8b28797a9
+AUX qemu-2.7.0-CVE-2016-7423.patch 925 SHA256 2b9b1102c3c9c54ba2c311661c3222b1df246a519e9eef57d0793951c1249ae0 SHA512 e4401163d15f9ebd9057b8ddf4187f7a0a2f379cb8aea2bd92b20f132f7714a4e386733884be4568eddbd4067b6cad80275ccc101276897c4796117a9b20144f WHIRLPOOL 9bd9f5ed067604f065d3ac7447f8135dd72e178caa6f3c5a5ca7bc531a8008ec46620c4af33bea54a35dfe52e430d48dcf5b59145c4e1efc2a14cb789e38f5bd
+AUX qemu-2.7.0-CVE-2016-7466.patch 830 SHA256 5664c091038185766a54b93495029bbf6de116e8752c2334fa1c71b8387e89c3 SHA512 d158b1f66766f33b1df561956cc3c77d40e1422e44791cfc753d3def2f1851c2c9c0aeb299bcd1ae969dde8f4249f4489ed90776ebb497db4f626217710e4f48 WHIRLPOOL 13112769ecd6420e17d2a3c0e110a2bd479fc09d8a2086d27f0703a4d6c35ded07e003f28ff14579655c5468cd02c77fa514ba7ed6543f61deb60c6de604c99b
AUX qemu-binfmt.initd-r1 6910 SHA256 2886c567589b958f450a87537cdb6c5bf95e8c1e4afbdf59139d16819e79d51d SHA512 09f399b6b559c6dd64d77843f600afad464909e72ae0924e97a5ef2eea55b3fb8abf6fbd57c380ec60e2f9d145ec365fd9a24c2e1b84cc6cef7070e4fb5bd72e WHIRLPOOL 983f6ae733c23c0049321184e1b6738ad5d27a70265945e6b47f3fb317ba3c84918b4929e728081549062fd0bf4a46c0a7e7184911355f3ac75963e1f8b70cd4
AUX qemu-kvm-1.4 68 SHA256 8b1adf198129f001e75a2311fc420c168094d1084d2163cdf6a32b3b23c96137 SHA512 706fab4d155c410acc292e67fb354ce7dcd17f7e33f2ca8c9c44035ea128f8d36f89e27cf87ebe22721f5676be9e7f2ae5484fd000183c8ffd7854e02eb3d120 WHIRLPOOL ef795330b592cef8e3d92f52a77eb77a671e6aa1a47d07531917b5c1c09e72e5df1a44aea939b086e0a3c5ef2a5cea9223556a46ceae73e55300475c42f07067
-DIST qemu-2.5.1.tar.bz2 25464539 SHA256 028752c33bb786abbfe496ba57315dc5a7d0a33b5a7a767f6d7a29020c525d2c SHA512 66959ad6a2a89f23c5daba245c76f71ddc03a33a1167bca639a042ebbf7329b2e698cd2c0e65c22a9874563a34256a48386aa9df6475b06d38db74187e3e3b3f WHIRLPOOL 32525271574692d56b7794dc63606659f46e6ae19a56dee31b3cec33dab9c4eb74147a65db4940229492d8680f38c2d05bc2a8fbcb4b6887b0c1cbe5fbbe44cf
-EBUILD qemu-2.5.1-r99.ebuild 21104 SHA256 92637c4d36984ff78616a2ca9a1952d453f035608357b2f212cddc4b98bed5de SHA512 0dd1b5d37448371604efb213894bfde17ab08d234affc675dc2474ba395e4b854071711304c30be4a405ed98d6cb2be7f107958487080cd8dbeb15fada2da9f8 WHIRLPOOL cc8ed2d2140b669da67d8a5f15b93651638848f77b853d11b7e235ba37b75d945076266798fff1ccf8d74ba16113cbead260b10e9c8aaed03c07fb5d9d1f1ce3
+DIST qemu-2.7.0.tar.bz2 26867760 SHA256 326e739506ba690daf69fc17bd3913a6c313d9928d743bd8eddb82f403f81e53 SHA512 654acaa7b3724a288e5d7e2a26ab780d9c9ed9f647fba00a906cbaffbe9d58fd666f2d962514aa2c5b391b4c53811ac3170d2eb51727f090bd19dfe45ca9a9db WHIRLPOOL dcb3e5f7da89dd8e14d636d7ebd476e076e0043880bb9ea3fb1c03cb4bcd4e5c7d3c4719da26c3ce521e3a3db5ae671e86f198ac1bc3474e774d75504fef8b8d
+EBUILD qemu-2.7.0-r99.ebuild 21332 SHA256 a6d13be36bb59bf53727dba5fe1dd5f397652531d339cf622acd15aef6cd482f SHA512 fd1ef102a4b7d4554a2b864d321419413b967f9f585031f74c600dc350db541588fa98a150329aa1134dbc761933484a2ce2e14979c096fe076cf92f7bdfedee WHIRLPOOL 50e36b66bfd83516ce4003681bcba2327da80c679aad3ab658007a87652c22f7e584eb4fb5d635b570096243abd361075c6c8e35197c2e9bbed34a4d7353537c
MISC metadata.xml 3925 SHA256 d1c219b7da0cbf77919cd1e055acbb3f6788a574fd802c98a43c89a411697b36 SHA512 3ff45d1c8ede12b4eedc7d01f39777b76a1cbd0ba9364299dec99d4b4a05cade5784d6f6e50197d5b5ae1f1b8e831c49da195eb53263c49b7d16aec8ee28b6e6 WHIRLPOOL bc25783fac0f3f13318834cc535404af9af20de16c7aeec222e59dc2ed7740ac5e767b329a5bcd6356d0cbae2428e278515f1446aa8ecb87a873bf4dbe04bf41
diff --git a/app-emulation/qemu/files/qemu-2.2.0-_sigev_un.patch b/app-emulation/qemu/files/qemu-2.2.0-_sigev_un.patch
index 5827c2e..588291c 100644
--- a/app-emulation/qemu/files/qemu-2.2.0-_sigev_un.patch
+++ b/app-emulation/qemu/files/qemu-2.2.0-_sigev_un.patch
@@ -1,6 +1,5 @@
-diff -ur a/qemu-2.2.0/linux-user/syscall.c b/qemu-2.2.0/linux-user/syscall.c
---- a/qemu-2.2.0/linux-user/syscall.c 2014-12-09 15:45:43.000000000 -0100
-+++ b/qemu-2.2.0/linux-user/syscall.c 2015-03-16 19:09:49.050386155 -0100
+--- a/linux-user/syscall.c
++++ b/linux-user/syscall.c
@@ -5033,7 +5033,7 @@
host_sevp->sigev_signo =
target_to_host_signal(tswap32(target_sevp->sigev_signo));
diff --git a/app-emulation/qemu/files/qemu-2.5.0-CVE-2016-2198.patch b/app-emulation/qemu/files/qemu-2.5.0-CVE-2016-2198.patch
deleted file mode 100644
index d179c33..0000000
--- a/app-emulation/qemu/files/qemu-2.5.0-CVE-2016-2198.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From dff0367cf66f489aa772320fa2937a8cac1ca30d Mon Sep 17 00:00:00 2001
-From: Prasad J Pandit <pjp@fedoraproject.org>
-Date: Fri, 29 Jan 2016 18:30:34 +0530
-Subject: [PATCH] usb: ehci: add capability mmio write function
-
-USB Ehci emulation supports host controller capability registers.
-But its mmio '.write' function was missing, which lead to a null
-pointer dereference issue. Add a do nothing 'ehci_caps_write'
-definition to avoid it; Do nothing because capability registers
-are Read Only(RO).
-
-Reported-by: Zuozhi Fzz <zuozhi.fzz@alibaba-inc.com>
-Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
-Message-id: 1454072434-16045-1-git-send-email-ppandit@redhat.com
-Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
----
- hw/usb/hcd-ehci.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
-index 1b50601..0f95d0d 100644
---- a/hw/usb/hcd-ehci.c
-+++ b/hw/usb/hcd-ehci.c
-@@ -895,6 +895,11 @@ static uint64_t ehci_caps_read(void *ptr, hwaddr addr,
- return s->caps[addr];
- }
-
-+static void ehci_caps_write(void *ptr, hwaddr addr,
-+ uint64_t val, unsigned size)
-+{
-+}
-+
- static uint64_t ehci_opreg_read(void *ptr, hwaddr addr,
- unsigned size)
- {
-@@ -2315,6 +2320,7 @@ static void ehci_frame_timer(void *opaque)
-
- static const MemoryRegionOps ehci_mmio_caps_ops = {
- .read = ehci_caps_read,
-+ .write = ehci_caps_write,
- .valid.min_access_size = 1,
- .valid.max_access_size = 4,
- .impl.min_access_size = 1,
---
-2.7.4
-
diff --git a/app-emulation/qemu/files/qemu-2.5.0-rng-stack-corrupt-0.patch b/app-emulation/qemu/files/qemu-2.5.0-rng-stack-corrupt-0.patch
deleted file mode 100644
index 684f6ad..0000000
--- a/app-emulation/qemu/files/qemu-2.5.0-rng-stack-corrupt-0.patch
+++ /dev/null
@@ -1,98 +0,0 @@
-From 3c52ddcdc548e7fbe65112d8a7bdc9cd105b4750 Mon Sep 17 00:00:00 2001
-From: Ladi Prosek <lprosek@redhat.com>
-Date: Thu, 3 Mar 2016 09:37:15 +0100
-Subject: [PATCH] rng: remove the unused request cancellation code
-
-rng_backend_cancel_requests had no callers and none of the code
-deleted in this commit ever ran.
-
-Signed-off-by: Ladi Prosek <lprosek@redhat.com>
-Reviewed-by: Amit Shah <amit.shah@redhat.com>
-Message-Id: <1456994238-9585-2-git-send-email-lprosek@redhat.com>
-Signed-off-by: Amit Shah <amit.shah@redhat.com>
----
- backends/rng-egd.c | 12 ------------
- backends/rng.c | 9 ---------
- include/sysemu/rng.h | 11 -----------
- 3 files changed, 32 deletions(-)
-
-diff --git a/backends/rng-egd.c b/backends/rng-egd.c
-index 2de5cd5..0b2976a 100644
---- a/backends/rng-egd.c
-+++ b/backends/rng-egd.c
-@@ -125,17 +125,6 @@ static void rng_egd_free_requests(RngEgd *s)
- s->requests = NULL;
- }
-
--static void rng_egd_cancel_requests(RngBackend *b)
--{
-- RngEgd *s = RNG_EGD(b);
--
-- /* We simply delete the list of pending requests. If there is data in the
-- * queue waiting to be read, this is okay, because there will always be
-- * more data than we requested originally
-- */
-- rng_egd_free_requests(s);
--}
--
- static void rng_egd_opened(RngBackend *b, Error **errp)
- {
- RngEgd *s = RNG_EGD(b);
-@@ -213,7 +202,6 @@ static void rng_egd_class_init(ObjectClass *klass, void *data)
- RngBackendClass *rbc = RNG_BACKEND_CLASS(klass);
-
- rbc->request_entropy = rng_egd_request_entropy;
-- rbc->cancel_requests = rng_egd_cancel_requests;
- rbc->opened = rng_egd_opened;
- }
-
-diff --git a/backends/rng.c b/backends/rng.c
-index b7820ef..2f2f3ee 100644
---- a/backends/rng.c
-+++ b/backends/rng.c
-@@ -26,15 +26,6 @@ void rng_backend_request_entropy(RngBackend *s, size_t size,
- }
- }
-
--void rng_backend_cancel_requests(RngBackend *s)
--{
-- RngBackendClass *k = RNG_BACKEND_GET_CLASS(s);
--
-- if (k->cancel_requests) {
-- k->cancel_requests(s);
-- }
--}
--
- static bool rng_backend_prop_get_opened(Object *obj, Error **errp)
- {
- RngBackend *s = RNG_BACKEND(obj);
-diff --git a/include/sysemu/rng.h b/include/sysemu/rng.h
-index 858be8c..87b3ebe 100644
---- a/include/sysemu/rng.h
-+++ b/include/sysemu/rng.h
-@@ -37,7 +37,6 @@ struct RngBackendClass
-
- void (*request_entropy)(RngBackend *s, size_t size,
- EntropyReceiveFunc *receive_entropy, void *opaque);
-- void (*cancel_requests)(RngBackend *s);
-
- void (*opened)(RngBackend *s, Error **errp);
- };
-@@ -68,14 +67,4 @@ struct RngBackend
- void rng_backend_request_entropy(RngBackend *s, size_t size,
- EntropyReceiveFunc *receive_entropy,
- void *opaque);
--
--/**
-- * rng_backend_cancel_requests:
-- * @s: the backend to cancel all pending requests in
-- *
-- * Cancels all pending requests submitted by @rng_backend_request_entropy. This
-- * should be used by a device during reset or in preparation for live migration
-- * to stop tracking any request.
-- */
--void rng_backend_cancel_requests(RngBackend *s);
- #endif
---
-2.7.4
-
diff --git a/app-emulation/qemu/files/qemu-2.5.0-rng-stack-corrupt-1.patch b/app-emulation/qemu/files/qemu-2.5.0-rng-stack-corrupt-1.patch
deleted file mode 100644
index 44ba8a7..0000000
--- a/app-emulation/qemu/files/qemu-2.5.0-rng-stack-corrupt-1.patch
+++ /dev/null
@@ -1,135 +0,0 @@
-From 74074e8a7c60592cf1cc6469dbc2550d24aeded3 Mon Sep 17 00:00:00 2001
-From: Ladi Prosek <lprosek@redhat.com>
-Date: Thu, 3 Mar 2016 09:37:16 +0100
-Subject: [PATCH] rng: move request queue from RngEgd to RngBackend
-
-The 'requests' field now lives in the RngBackend parent class.
-There are no functional changes in this commit.
-
-Signed-off-by: Ladi Prosek <lprosek@redhat.com>
-Reviewed-by: Amit Shah <amit.shah@redhat.com>
-Message-Id: <1456994238-9585-3-git-send-email-lprosek@redhat.com>
-Signed-off-by: Amit Shah <amit.shah@redhat.com>
----
- backends/rng-egd.c | 28 +++++++++-------------------
- include/sysemu/rng.h | 11 +++++++++++
- 2 files changed, 20 insertions(+), 19 deletions(-)
-
-diff --git a/backends/rng-egd.c b/backends/rng-egd.c
-index 0b2976a..b061362 100644
---- a/backends/rng-egd.c
-+++ b/backends/rng-egd.c
-@@ -25,19 +25,8 @@ typedef struct RngEgd
-
- CharDriverState *chr;
- char *chr_name;
--
-- GSList *requests;
- } RngEgd;
-
--typedef struct RngRequest
--{
-- EntropyReceiveFunc *receive_entropy;
-- uint8_t *data;
-- void *opaque;
-- size_t offset;
-- size_t size;
--} RngRequest;
--
- static void rng_egd_request_entropy(RngBackend *b, size_t size,
- EntropyReceiveFunc *receive_entropy,
- void *opaque)
-@@ -66,7 +55,7 @@ static void rng_egd_request_entropy(RngBackend *b, size_t size,
- size -= len;
- }
-
-- s->requests = g_slist_append(s->requests, req);
-+ s->parent.requests = g_slist_append(s->parent.requests, req);
- }
-
- static void rng_egd_free_request(RngRequest *req)
-@@ -81,7 +70,7 @@ static int rng_egd_chr_can_read(void *opaque)
- GSList *i;
- int size = 0;
-
-- for (i = s->requests; i; i = i->next) {
-+ for (i = s->parent.requests; i; i = i->next) {
- RngRequest *req = i->data;
- size += req->size - req->offset;
- }
-@@ -94,8 +83,8 @@ static void rng_egd_chr_read(void *opaque, const uint8_t *buf, int size)
- RngEgd *s = RNG_EGD(opaque);
- size_t buf_offset = 0;
-
-- while (size > 0 && s->requests) {
-- RngRequest *req = s->requests->data;
-+ while (size > 0 && s->parent.requests) {
-+ RngRequest *req = s->parent.requests->data;
- int len = MIN(size, req->size - req->offset);
-
- memcpy(req->data + req->offset, buf + buf_offset, len);
-@@ -104,7 +93,8 @@ static void rng_egd_chr_read(void *opaque, const uint8_t *buf, int size)
- size -= len;
-
- if (req->offset == req->size) {
-- s->requests = g_slist_remove_link(s->requests, s->requests);
-+ s->parent.requests = g_slist_remove_link(s->parent.requests,
-+ s->parent.requests);
-
- req->receive_entropy(req->opaque, req->data, req->size);
-
-@@ -117,12 +107,12 @@ static void rng_egd_free_requests(RngEgd *s)
- {
- GSList *i;
-
-- for (i = s->requests; i; i = i->next) {
-+ for (i = s->parent.requests; i; i = i->next) {
- rng_egd_free_request(i->data);
- }
-
-- g_slist_free(s->requests);
-- s->requests = NULL;
-+ g_slist_free(s->parent.requests);
-+ s->parent.requests = NULL;
- }
-
- static void rng_egd_opened(RngBackend *b, Error **errp)
-diff --git a/include/sysemu/rng.h b/include/sysemu/rng.h
-index 87b3ebe..c744d82 100644
---- a/include/sysemu/rng.h
-+++ b/include/sysemu/rng.h
-@@ -24,6 +24,7 @@
- #define RNG_BACKEND_CLASS(klass) \
- OBJECT_CLASS_CHECK(RngBackendClass, (klass), TYPE_RNG_BACKEND)
-
-+typedef struct RngRequest RngRequest;
- typedef struct RngBackendClass RngBackendClass;
- typedef struct RngBackend RngBackend;
-
-@@ -31,6 +32,15 @@ typedef void (EntropyReceiveFunc)(void *opaque,
- const void *data,
- size_t size);
-
-+struct RngRequest
-+{
-+ EntropyReceiveFunc *receive_entropy;
-+ uint8_t *data;
-+ void *opaque;
-+ size_t offset;
-+ size_t size;
-+};
-+
- struct RngBackendClass
- {
- ObjectClass parent_class;
-@@ -47,6 +57,7 @@ struct RngBackend
-
- /*< protected >*/
- bool opened;
-+ GSList *requests;
- };
-
- /**
---
-2.7.4
-
diff --git a/app-emulation/qemu/files/qemu-2.5.0-rng-stack-corrupt-2.patch b/app-emulation/qemu/files/qemu-2.5.0-rng-stack-corrupt-2.patch
deleted file mode 100644
index 1cffcc5..0000000
--- a/app-emulation/qemu/files/qemu-2.5.0-rng-stack-corrupt-2.patch
+++ /dev/null
@@ -1,155 +0,0 @@
-From 9f14b0add1dcdbfa2ee61051d068211fb0a1fcc9 Mon Sep 17 00:00:00 2001
-From: Ladi Prosek <lprosek@redhat.com>
-Date: Thu, 3 Mar 2016 09:37:17 +0100
-Subject: [PATCH] rng: move request queue cleanup from RngEgd to RngBackend
-
-RngBackend is now in charge of cleaning up the linked list on
-instance finalization. It also exposes a function to finalize
-individual RngRequest instances, called by its child classes.
-
-Signed-off-by: Ladi Prosek <lprosek@redhat.com>
-Reviewed-by: Amit Shah <amit.shah@redhat.com>
-Message-Id: <1456994238-9585-4-git-send-email-lprosek@redhat.com>
-Signed-off-by: Amit Shah <amit.shah@redhat.com>
----
- backends/rng-egd.c | 25 +------------------------
- backends/rng.c | 32 ++++++++++++++++++++++++++++++++
- include/sysemu/rng.h | 12 ++++++++++++
- 3 files changed, 45 insertions(+), 24 deletions(-)
-
-diff --git a/backends/rng-egd.c b/backends/rng-egd.c
-index b061362..8f2bd16 100644
---- a/backends/rng-egd.c
-+++ b/backends/rng-egd.c
-@@ -58,12 +58,6 @@ static void rng_egd_request_entropy(RngBackend *b, size_t size,
- s->parent.requests = g_slist_append(s->parent.requests, req);
- }
-
--static void rng_egd_free_request(RngRequest *req)
--{
-- g_free(req->data);
-- g_free(req);
--}
--
- static int rng_egd_chr_can_read(void *opaque)
- {
- RngEgd *s = RNG_EGD(opaque);
-@@ -93,28 +87,13 @@ static void rng_egd_chr_read(void *opaque, const uint8_t *buf, int size)
- size -= len;
-
- if (req->offset == req->size) {
-- s->parent.requests = g_slist_remove_link(s->parent.requests,
-- s->parent.requests);
--
- req->receive_entropy(req->opaque, req->data, req->size);
-
-- rng_egd_free_request(req);
-+ rng_backend_finalize_request(&s->parent, req);
- }
- }
- }
-
--static void rng_egd_free_requests(RngEgd *s)
--{
-- GSList *i;
--
-- for (i = s->parent.requests; i; i = i->next) {
-- rng_egd_free_request(i->data);
-- }
--
-- g_slist_free(s->parent.requests);
-- s->parent.requests = NULL;
--}
--
- static void rng_egd_opened(RngBackend *b, Error **errp)
- {
- RngEgd *s = RNG_EGD(b);
-@@ -183,8 +162,6 @@ static void rng_egd_finalize(Object *obj)
- }
-
- g_free(s->chr_name);
--
-- rng_egd_free_requests(s);
- }
-
- static void rng_egd_class_init(ObjectClass *klass, void *data)
-diff --git a/backends/rng.c b/backends/rng.c
-index 2f2f3ee..014cb9d 100644
---- a/backends/rng.c
-+++ b/backends/rng.c
-@@ -64,6 +64,30 @@ static void rng_backend_prop_set_opened(Object *obj, bool value, Error **errp)
- s->opened = true;
- }
-
-+static void rng_backend_free_request(RngRequest *req)
-+{
-+ g_free(req->data);
-+ g_free(req);
-+}
-+
-+static void rng_backend_free_requests(RngBackend *s)
-+{
-+ GSList *i;
-+
-+ for (i = s->requests; i; i = i->next) {
-+ rng_backend_free_request(i->data);
-+ }
-+
-+ g_slist_free(s->requests);
-+ s->requests = NULL;
-+}
-+
-+void rng_backend_finalize_request(RngBackend *s, RngRequest *req)
-+{
-+ s->requests = g_slist_remove(s->requests, req);
-+ rng_backend_free_request(req);
-+}
-+
- static void rng_backend_init(Object *obj)
- {
- object_property_add_bool(obj, "opened",
-@@ -72,6 +96,13 @@ static void rng_backend_init(Object *obj)
- NULL);
- }
-
-+static void rng_backend_finalize(Object *obj)
-+{
-+ RngBackend *s = RNG_BACKEND(obj);
-+
-+ rng_backend_free_requests(s);
-+}
-+
- static void rng_backend_class_init(ObjectClass *oc, void *data)
- {
- UserCreatableClass *ucc = USER_CREATABLE_CLASS(oc);
-@@ -84,6 +115,7 @@ static const TypeInfo rng_backend_info = {
- .parent = TYPE_OBJECT,
- .instance_size = sizeof(RngBackend),
- .instance_init = rng_backend_init,
-+ .instance_finalize = rng_backend_finalize,
- .class_size = sizeof(RngBackendClass),
- .class_init = rng_backend_class_init,
- .abstract = true,
-diff --git a/include/sysemu/rng.h b/include/sysemu/rng.h
-index c744d82..08a2eda 100644
---- a/include/sysemu/rng.h
-+++ b/include/sysemu/rng.h
-@@ -78,4 +79,15 @@ struct RngBackend
- void rng_backend_request_entropy(RngBackend *s, size_t size,
- EntropyReceiveFunc *receive_entropy,
- void *opaque);
-+
-+/**
-+ * rng_backend_free_request:
-+ * @s: the backend that created the request
-+ * @req: the request to finalize
-+ *
-+ * Used by child rng backend classes to finalize requests once they've been
-+ * processed. The request is removed from the list of active requests and
-+ * deleted.
-+ */
-+void rng_backend_finalize_request(RngBackend *s, RngRequest *req);
- #endif
---
-2.7.4
-
diff --git a/app-emulation/qemu/files/qemu-2.5.0-rng-stack-corrupt-3.patch b/app-emulation/qemu/files/qemu-2.5.0-rng-stack-corrupt-3.patch
deleted file mode 100644
index ca9340a..0000000
--- a/app-emulation/qemu/files/qemu-2.5.0-rng-stack-corrupt-3.patch
+++ /dev/null
@@ -1,179 +0,0 @@
-From 60253ed1e6ec6d8e5ef2efe7bf755f475dce9956 Mon Sep 17 00:00:00 2001
-From: Ladi Prosek <lprosek@redhat.com>
-Date: Thu, 3 Mar 2016 09:37:18 +0100
-Subject: [PATCH] rng: add request queue support to rng-random
-
-Requests are now created in the RngBackend parent class and the
-code path is shared by both rng-egd and rng-random.
-
-This commit fixes the rng-random implementation which processed
-only one request at a time and simply discarded all but the most
-recent one. In the guest this manifested as delayed completion
-of reads from virtio-rng, i.e. a read was completed only after
-another read was issued.
-
-By switching rng-random to use the same request queue as rng-egd,
-the unsafe stack-based allocation of the entropy buffer is
-eliminated and replaced with g_malloc.
-
-Signed-off-by: Ladi Prosek <lprosek@redhat.com>
-Reviewed-by: Amit Shah <amit.shah@redhat.com>
-Message-Id: <1456994238-9585-5-git-send-email-lprosek@redhat.com>
-Signed-off-by: Amit Shah <amit.shah@redhat.com>
----
- backends/rng-egd.c | 16 ++--------------
- backends/rng-random.c | 43 +++++++++++++++++++------------------------
- backends/rng.c | 13 ++++++++++++-
- include/sysemu/rng.h | 3 +--
- 4 files changed, 34 insertions(+), 41 deletions(-)
-
-diff --git a/backends/rng-egd.c b/backends/rng-egd.c
-index 8f2bd16..30332ed 100644
---- a/backends/rng-egd.c
-+++ b/backends/rng-egd.c
-@@ -27,20 +27,10 @@ typedef struct RngEgd
- char *chr_name;
- } RngEgd;
-
--static void rng_egd_request_entropy(RngBackend *b, size_t size,
-- EntropyReceiveFunc *receive_entropy,
-- void *opaque)
-+static void rng_egd_request_entropy(RngBackend *b, RngRequest *req)
- {
- RngEgd *s = RNG_EGD(b);
-- RngRequest *req;
--
-- req = g_malloc(sizeof(*req));
--
-- req->offset = 0;
-- req->size = size;
-- req->receive_entropy = receive_entropy;
-- req->opaque = opaque;
-- req->data = g_malloc(req->size);
-+ size_t size = req->size;
-
- while (size > 0) {
- uint8_t header[2];
-@@ -54,8 +44,6 @@ static void rng_egd_request_entropy(RngBackend *b, size_t size,
-
- size -= len;
- }
--
-- s->parent.requests = g_slist_append(s->parent.requests, req);
- }
-
- static int rng_egd_chr_can_read(void *opaque)
-diff --git a/backends/rng-random.c b/backends/rng-random.c
-index 8cdad6a..a6cb385 100644
---- a/backends/rng-random.c
-+++ b/backends/rng-random.c
-@@ -22,10 +22,6 @@ struct RndRandom
-
- int fd;
- char *filename;
--
-- EntropyReceiveFunc *receive_func;
-- void *opaque;
-- size_t size;
- };
-
- /**
-@@ -38,36 +34,35 @@ struct RndRandom
- static void entropy_available(void *opaque)
- {
- RndRandom *s = RNG_RANDOM(opaque);
-- uint8_t buffer[s->size];
-- ssize_t len;
-
-- len = read(s->fd, buffer, s->size);
-- if (len < 0 && errno == EAGAIN) {
-- return;
-- }
-- g_assert(len != -1);
-+ while (s->parent.requests != NULL) {
-+ RngRequest *req = s->parent.requests->data;
-+ ssize_t len;
-+
-+ len = read(s->fd, req->data, req->size);
-+ if (len < 0 && errno == EAGAIN) {
-+ return;
-+ }
-+ g_assert(len != -1);
-
-- s->receive_func(s->opaque, buffer, len);
-- s->receive_func = NULL;
-+ req->receive_entropy(req->opaque, req->data, len);
-
-+ rng_backend_finalize_request(&s->parent, req);
-+ }
-+
-+ /* We've drained all requests, the fd handler can be reset. */
- qemu_set_fd_handler(s->fd, NULL, NULL, NULL);
- }
-
--static void rng_random_request_entropy(RngBackend *b, size_t size,
-- EntropyReceiveFunc *receive_entropy,
-- void *opaque)
-+static void rng_random_request_entropy(RngBackend *b, RngRequest *req)
- {
- RndRandom *s = RNG_RANDOM(b);
-
-- if (s->receive_func) {
-- s->receive_func(s->opaque, NULL, 0);
-+ if (s->parent.requests == NULL) {
-+ /* If there are no pending requests yet, we need to
-+ * install our fd handler. */
-+ qemu_set_fd_handler(s->fd, entropy_available, NULL, s);
- }
--
-- s->receive_func = receive_entropy;
-- s->opaque = opaque;
-- s->size = size;
--
-- qemu_set_fd_handler(s->fd, entropy_available, NULL, s);
- }
-
- static void rng_random_opened(RngBackend *b, Error **errp)
-diff --git a/backends/rng.c b/backends/rng.c
-index 014cb9d..277a41b 100644
---- a/backends/rng.c
-+++ b/backends/rng.c
-@@ -20,9 +20,20 @@ void rng_backend_request_entropy(RngBackend *s, size_t size,
- void *opaque)
- {
- RngBackendClass *k = RNG_BACKEND_GET_CLASS(s);
-+ RngRequest *req;
-
- if (k->request_entropy) {
-- k->request_entropy(s, size, receive_entropy, opaque);
-+ req = g_malloc(sizeof(*req));
-+
-+ req->offset = 0;
-+ req->size = size;
-+ req->receive_entropy = receive_entropy;
-+ req->opaque = opaque;
-+ req->data = g_malloc(req->size);
-+
-+ k->request_entropy(s, req);
-+
-+ s->requests = g_slist_append(s->requests, req);
- }
- }
-
-diff --git a/include/sysemu/rng.h b/include/sysemu/rng.h
-index 08a2eda..4fffd68 100644
---- a/include/sysemu/rng.h
-+++ b/include/sysemu/rng.h
-@@ -45,8 +45,7 @@ struct RngBackendClass
- {
- ObjectClass parent_class;
-
-- void (*request_entropy)(RngBackend *s, size_t size,
-- EntropyReceiveFunc *receive_entropy, void *opaque);
-+ void (*request_entropy)(RngBackend *s, RngRequest *req);
-
- void (*opened)(RngBackend *s, Error **errp);
- };
---
-2.7.4
-
diff --git a/app-emulation/qemu/files/qemu-2.5.1-CVE-2015-8558.patch b/app-emulation/qemu/files/qemu-2.5.1-CVE-2015-8558.patch
deleted file mode 100644
index cf1a4c3..0000000
--- a/app-emulation/qemu/files/qemu-2.5.1-CVE-2015-8558.patch
+++ /dev/null
@@ -1,107 +0,0 @@
-https://bugs.gentoo.org/580426
-https://bugs.gentoo.org/568246
-
-From a49923d2837d20510d645d3758f1ad87c32d0730 Mon Sep 17 00:00:00 2001
-From: Gerd Hoffmann <kraxel@redhat.com>
-Date: Mon, 18 Apr 2016 09:20:54 +0200
-Subject: [PATCH] Revert "ehci: make idt processing more robust"
-
-This reverts commit 156a2e4dbffa85997636a7a39ef12da6f1b40254.
-
-Breaks FreeBSD.
-
-Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
----
- hw/usb/hcd-ehci.c | 5 ++---
- 1 file changed, 2 insertions(+), 3 deletions(-)
-
-diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
-index d5c0e1c..43a8f7a 100644
---- a/hw/usb/hcd-ehci.c
-+++ b/hw/usb/hcd-ehci.c
-@@ -1397,7 +1397,7 @@ static int ehci_process_itd(EHCIState *ehci,
- {
- USBDevice *dev;
- USBEndpoint *ep;
-- uint32_t i, len, pid, dir, devaddr, endp, xfers = 0;
-+ uint32_t i, len, pid, dir, devaddr, endp;
- uint32_t pg, off, ptr1, ptr2, max, mult;
-
- ehci->periodic_sched_active = PERIODIC_ACTIVE;
-@@ -1489,10 +1489,9 @@ static int ehci_process_itd(EHCIState *ehci,
- ehci_raise_irq(ehci, USBSTS_INT);
- }
- itd->transact[i] &= ~ITD_XACT_ACTIVE;
-- xfers++;
- }
- }
-- return xfers ? 0 : -1;
-+ return 0;
- }
-
-
---
-2.7.4
-
-From 1ae3f2f178087711f9591350abad133525ba93f2 Mon Sep 17 00:00:00 2001
-From: Gerd Hoffmann <kraxel@redhat.com>
-Date: Mon, 18 Apr 2016 09:11:38 +0200
-Subject: [PATCH] ehci: apply limit to iTD/sidt descriptors
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Commit "156a2e4 ehci: make idt processing more robust" tries to avoid a
-DoS by the guest (create a circular iTD queue and let qemu ehci
-emulation run in circles forever). Unfortunately this has two problems:
-First it misses the case of siTDs, and second it reportedly breaks
-FreeBSD.
-
-So lets go for a different approach: just count the number of iTDs and
-siTDs we have seen per frame and apply a limit. That should really
-catch all cases now.
-
-Reported-by: 杜少博 <dushaobo@360.cn>
-Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
----
- hw/usb/hcd-ehci.c | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
-diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
-index 159f58d..d5c0e1c 100644
---- a/hw/usb/hcd-ehci.c
-+++ b/hw/usb/hcd-ehci.c
-@@ -2011,6 +2011,7 @@ static int ehci_state_writeback(EHCIQueue *q)
- static void ehci_advance_state(EHCIState *ehci, int async)
- {
- EHCIQueue *q = NULL;
-+ int itd_count = 0;
- int again;
-
- do {
-@@ -2035,10 +2036,12 @@ static void ehci_advance_state(EHCIState *ehci, int async)
-
- case EST_FETCHITD:
- again = ehci_state_fetchitd(ehci, async);
-+ itd_count++;
- break;
-
- case EST_FETCHSITD:
- again = ehci_state_fetchsitd(ehci, async);
-+ itd_count++;
- break;
-
- case EST_ADVANCEQUEUE:
-@@ -2087,7 +2090,8 @@ static void ehci_advance_state(EHCIState *ehci, int async)
- break;
- }
-
-- if (again < 0) {
-+ if (again < 0 || itd_count > 16) {
-+ /* TODO: notify guest (raise HSE irq?) */
- fprintf(stderr, "processing error - resetting ehci HC\n");
- ehci_reset(ehci);
- again = 0;
---
-2.7.4
-
diff --git a/app-emulation/qemu/files/qemu-2.5.1-CVE-2016-4020.patch b/app-emulation/qemu/files/qemu-2.5.1-CVE-2016-4020.patch
deleted file mode 100644
index e3115c1..0000000
--- a/app-emulation/qemu/files/qemu-2.5.1-CVE-2016-4020.patch
+++ /dev/null
@@ -1,16 +0,0 @@
-https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01106.html
-https://bugs.gentoo.org/580040
-
-diff --git a/hw/i386/kvmvapic.c b/hw/i386/kvmvapic.c
-index c69f374..ff1e31a 100644
---- a/hw/i386/kvmvapic.c
-+++ b/hw/i386/kvmvapic.c
-@@ -394,7 +394,7 @@ static void patch_instruction(VAPICROMState *s, X86CPU *cpu, target_ulong ip)
- CPUX86State *env = &cpu->env;
- VAPICHandlers *handlers;
- uint8_t opcode[2];
-- uint32_t imm32;
-+ uint32_t imm32 = 0;
- target_ulong current_pc = 0;
- target_ulong current_cs_base = 0;
- int current_flags = 0;
diff --git a/app-emulation/qemu/files/qemu-2.5.1-stellaris_enet-overflow.patch b/app-emulation/qemu/files/qemu-2.5.1-stellaris_enet-overflow.patch
deleted file mode 100644
index ab7d3f3..0000000
--- a/app-emulation/qemu/files/qemu-2.5.1-stellaris_enet-overflow.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From 3a15cc0e1ee7168db0782133d2607a6bfa422d66 Mon Sep 17 00:00:00 2001
-From: Prasad J Pandit <pjp@fedoraproject.org>
-Date: Fri, 8 Apr 2016 11:33:48 +0530
-Subject: [PATCH] net: stellaris_enet: check packet length against receive
- buffer
-
-When receiving packets over Stellaris ethernet controller, it
-uses receive buffer of size 2048 bytes. In case the controller
-accepts large(MTU) packets, it could lead to memory corruption.
-Add check to avoid it.
-
-Reported-by: Oleksandr Bazhaniuk <oleksandr.bazhaniuk@intel.com>
-Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
-Message-id: 1460095428-22698-1-git-send-email-ppandit@redhat.com
-Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
-Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
----
- hw/net/stellaris_enet.c | 12 +++++++++++-
- 1 file changed, 11 insertions(+), 1 deletion(-)
-
-diff --git a/hw/net/stellaris_enet.c b/hw/net/stellaris_enet.c
-index 84cf60b..6880894 100644
---- a/hw/net/stellaris_enet.c
-+++ b/hw/net/stellaris_enet.c
-@@ -236,8 +236,18 @@ static ssize_t stellaris_enet_receive(NetClientState *nc, const uint8_t *buf, si
- n = s->next_packet + s->np;
- if (n >= 31)
- n -= 31;
-- s->np++;
-
-+ if (size >= sizeof(s->rx[n].data) - 6) {
-+ /* If the packet won't fit into the
-+ * emulated 2K RAM, this is reported
-+ * as a FIFO overrun error.
-+ */
-+ s->ris |= SE_INT_FOV;
-+ stellaris_enet_update(s);
-+ return -1;
-+ }
-+
-+ s->np++;
- s->rx[n].len = size + 6;
- p = s->rx[n].data;
- *(p++) = (size + 6);
---
-2.7.4
-
diff --git a/app-emulation/qemu/files/qemu-2.5.1-xfs-linux-headers.patch b/app-emulation/qemu/files/qemu-2.5.1-xfs-linux-headers.patch
deleted file mode 100644
index 743171b..0000000
--- a/app-emulation/qemu/files/qemu-2.5.1-xfs-linux-headers.patch
+++ /dev/null
@@ -1,82 +0,0 @@
-https://bugs.gentoo.org/577810
-
-From 277abf15a60f7653bfb05ffb513ed74ffdaea1b7 Mon Sep 17 00:00:00 2001
-From: Jan Vesely <jano.vesely@gmail.com>
-Date: Fri, 29 Apr 2016 13:15:23 -0400
-Subject: [PATCH] configure: Check if struct fsxattr is available from linux
- header
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Fixes build failure with --enable-xfsctl and
-new linux headers (>=4.5) and older xfsprogs(<4.5):
-In file included from /usr/include/xfs/xfs.h:38:0,
- from /var/tmp/portage/app-emulation/qemu-2.5.0-r1/work/qemu-2.5.0/block/raw-posix.c:97:
-/usr/include/xfs/xfs_fs.h:42:8: error: redefinition of ‘struct fsxattr’
- struct fsxattr {
- ^
-In file included from /var/tmp/portage/app-emulation/qemu-2.5.0-r1/work/qemu-2.5.0/block/raw-posix.c:60:0:
-/usr/include/linux/fs.h:155:8: note: originally defined here
- struct fsxattr {
-
-This is really a bug in the system headers, but we can work around it
-by defining HAVE_FSXATTR in the QEMU headers if linux/fs.h provides
-the struct, so that xfs_fs.h doesn't try to define it as well.
-
-CC: qemu-trivial@nongnu.org
-CC: Markus Armbruster <armbru@redhat.com>
-CC: Peter Maydell <peter.maydell@linaro.org>
-CC: Stefan Weil <sw@weilnetz.de>
-Tested-by: Stefan Weil <sw@weilnetz.de>
-Signed-off-by: Jan Vesely <jano.vesely@gmail.com>
-[PMM: adjusted commit message, comments]
-Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
----
- configure | 23 +++++++++++++++++++++++
- 1 file changed, 23 insertions(+)
-
-diff --git a/configure b/configure
-index ab54f3c..c37fc5f 100755
---- a/configure
-+++ b/configure
-@@ -4494,6 +4494,21 @@ if test "$fortify_source" != "no"; then
- fi
-
- ##########################################
-+# check if struct fsxattr is available via linux/fs.h
-+
-+have_fsxattr=no
-+cat > $TMPC << EOF
-+#include <linux/fs.h>
-+struct fsxattr foo;
-+int main(void) {
-+ return 0;
-+}
-+EOF
-+if compile_prog "" "" ; then
-+ have_fsxattr=yes
-+fi
-+
-+##########################################
- # End of CC checks
- # After here, no more $cc or $ld runs
-
-@@ -5160,6 +5175,14 @@ fi
- if test "$have_ifaddrs_h" = "yes" ; then
- echo "HAVE_IFADDRS_H=y" >> $config_host_mak
- fi
-+
-+# Work around a system header bug with some kernel/XFS header
-+# versions where they both try to define 'struct fsxattr':
-+# xfs headers will not try to redefine structs from linux headers
-+# if this macro is set.
-+if test "$have_fsxattr" = "yes" ; then
-+ echo "HAVE_FSXATTR=y" >> $config_host_mak
-+fi
- if test "$vte" = "yes" ; then
- echo "CONFIG_VTE=y" >> $config_host_mak
- echo "VTE_CFLAGS=$vte_cflags" >> $config_host_mak
---
-2.8.2
-
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-6836.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-6836.patch
new file mode 100644
index 0000000..56f7435
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-6836.patch
@@ -0,0 +1,27 @@
+From: Li Qiang <address@hidden>
+
+In Vmxnet3 device emulator while processing transmit(tx) queue,
+when it reaches end of packet, it calls vmxnet3_complete_packet.
+In that local 'txcq_descr' object is not initialised, which could
+leak host memory bytes a guest.
+
+Reported-by: Li Qiang <address@hidden>
+Signed-off-by: Prasad J Pandit <address@hidden>
+---
+ hw/net/vmxnet3.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
+index 90f6943..92f6af9 100644
+--- a/hw/net/vmxnet3.c
++++ b/hw/net/vmxnet3.c
+@@ -531,6 +531,7 @@ static void vmxnet3_complete_packet(VMXNET3State *s, int qidx, uint32_t tx_ridx)
+
+ VMXNET3_RING_DUMP(VMW_RIPRN, "TXC", qidx, &s->txq_descr[qidx].comp_ring);
+
++ memset(&txcq_descr, 0, sizeof(txcq_descr));
+ txcq_descr.txdIdx = tx_ridx;
+ txcq_descr.gen = vmxnet3_ring_curr_gen(&s->txq_descr[qidx].comp_ring);
+
+--
+2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7155.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7155.patch
new file mode 100644
index 0000000..495faf2
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7155.patch
@@ -0,0 +1,81 @@
+From: Prasad J Pandit <address@hidden>
+
+Vmware Paravirtual SCSI emulation uses command descriptors to
+process SCSI commands. These descriptors come with their ring
+buffers. A guest could set the page count for these rings to
+an arbitrary value, leading to infinite loop or OOB access.
+Add check to avoid it.
+
+Reported-by: Tom Victor <address@hidden>
+Reported-by: Li Qiang <address@hidden>
+Signed-off-by: Prasad J Pandit <address@hidden>
+---
+ hw/scsi/vmw_pvscsi.c | 21 ++++++++++-----------
+ 1 file changed, 10 insertions(+), 11 deletions(-)
+
+Update per review
+ -> https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg00019.html
+
+diff --git a/hw/scsi/vmw_pvscsi.c b/hw/scsi/vmw_pvscsi.c
+index 5116f4a..4245c15 100644
+--- a/hw/scsi/vmw_pvscsi.c
++++ b/hw/scsi/vmw_pvscsi.c
+@@ -152,7 +152,7 @@ pvscsi_log2(uint32_t input)
+ return log;
+ }
+
+-static int
++static void
+ pvscsi_ring_init_data(PVSCSIRingInfo *m, PVSCSICmdDescSetupRings *ri)
+ {
+ int i;
+@@ -160,10 +160,6 @@ pvscsi_ring_init_data(PVSCSIRingInfo *m, PVSCSICmdDescSetupRings *ri)
+ uint32_t req_ring_size, cmp_ring_size;
+ m->rs_pa = ri->ringsStatePPN << VMW_PAGE_SHIFT;
+
+- if ((ri->reqRingNumPages > PVSCSI_SETUP_RINGS_MAX_NUM_PAGES)
+- || (ri->cmpRingNumPages > PVSCSI_SETUP_RINGS_MAX_NUM_PAGES)) {
+- return -1;
+- }
+ req_ring_size = ri->reqRingNumPages * PVSCSI_MAX_NUM_REQ_ENTRIES_PER_PAGE;
+ cmp_ring_size = ri->cmpRingNumPages * PVSCSI_MAX_NUM_CMP_ENTRIES_PER_PAGE;
+ txr_len_log2 = pvscsi_log2(req_ring_size - 1);
+@@ -195,8 +191,6 @@ pvscsi_ring_init_data(PVSCSIRingInfo *m, PVSCSICmdDescSetupRings *ri)
+
+ /* Flush ring state page changes */
+ smp_wmb();
+-
+- return 0;
+ }
+
+ static int
+@@ -746,7 +740,7 @@ pvscsi_dbg_dump_tx_rings_config(PVSCSICmdDescSetupRings *rc)
+
+ trace_pvscsi_tx_rings_num_pages("Confirm Ring", rc->cmpRingNumPages);
+ for (i = 0; i < rc->cmpRingNumPages; i++) {
+- trace_pvscsi_tx_rings_ppn("Confirm Ring", rc->reqRingPPNs[i]);
++ trace_pvscsi_tx_rings_ppn("Confirm Ring", rc->cmpRingPPNs[i]);
+ }
+ }
+
+@@ -779,10 +773,15 @@ pvscsi_on_cmd_setup_rings(PVSCSIState *s)
+
+ trace_pvscsi_on_cmd_arrived("PVSCSI_CMD_SETUP_RINGS");
+
++ if (!rc->reqRingNumPages
++ || rc->reqRingNumPages > PVSCSI_SETUP_RINGS_MAX_NUM_PAGES
++ || !rc->cmpRingNumPages
++ || rc->cmpRingNumPages > PVSCSI_SETUP_RINGS_MAX_NUM_PAGES) {
++ return PVSCSI_COMMAND_PROCESSING_FAILED;
++ }
++
+ pvscsi_dbg_dump_tx_rings_config(rc);
+- if (pvscsi_ring_init_data(&s->rings, rc) < 0) {
+- return PVSCSI_COMMAND_PROCESSING_FAILED;
+- }
++ pvscsi_ring_init_data(&s->rings, rc);
+
+ s->rings_info_valid = TRUE;
+ return PVSCSI_COMMAND_PROCESSING_SUCCEEDED;
+--
+2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7156.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7156.patch
new file mode 100644
index 0000000..9c21a67
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7156.patch
@@ -0,0 +1,62 @@
+From: Prasad J Pandit <address@hidden>
+
+In PVSCSI paravirtual SCSI bus, pvscsi_convert_sglist can take a very
+long time or go into an infinite loop due to two different bugs:
+
+1) the request descriptor data length is defined to be 64 bit. While
+building SG list from a request descriptor, it gets truncated to 32bit
+in routine 'pvscsi_convert_sglist'. This could lead to an infinite loop
+situation for large 'dataLen' values, when data_length is cast to uint32_t
+and chunk_size becomes always zero. Fix this by removing the incorrect
+cast.
+
+2) pvscsi_get_next_sg_elem can be called arbitrarily many times if the
+element has a zero length. Get out of the loop early when this happens,
+by introducing an upper limit on the number of SG list elements.
+
+Reported-by: Li Qiang <address@hidden>
+Signed-off-by: Prasad J Pandit <address@hidden>
+---
+ hw/scsi/vmw_pvscsi.c | 11 ++++++-----
+ 1 file changed, 6 insertions(+), 5 deletions(-)
+
+Update as per:
+ -> https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg01172.html
+
+diff --git a/hw/scsi/vmw_pvscsi.c b/hw/scsi/vmw_pvscsi.c
+index 4245c15..babac5a 100644
+--- a/hw/scsi/vmw_pvscsi.c
++++ b/hw/scsi/vmw_pvscsi.c
+@@ -40,6 +40,8 @@
+ #define PVSCSI_MAX_DEVS (64)
+ #define PVSCSI_MSIX_NUM_VECTORS (1)
+
++#define PVSCSI_MAX_SG_ELEM 2048
++
+ #define PVSCSI_MAX_CMD_DATA_WORDS \
+ (sizeof(PVSCSICmdDescSetupRings)/sizeof(uint32_t))
+
+@@ -628,17 +630,16 @@ pvscsi_queue_pending_descriptor(PVSCSIState *s, SCSIDevice **d,
+ static void
+ pvscsi_convert_sglist(PVSCSIRequest *r)
+ {
+- int chunk_size;
++ uint32_t chunk_size, elmcnt = 0;
+ uint64_t data_length = r->req.dataLen;
+ PVSCSISGState sg = r->sg;
+- while (data_length) {
+- while (!sg.resid) {
++ while (data_length && elmcnt < PVSCSI_MAX_SG_ELEM) {
++ while (!sg.resid && elmcnt++ < PVSCSI_MAX_SG_ELEM) {
+ pvscsi_get_next_sg_elem(&sg);
+ trace_pvscsi_convert_sglist(r->req.context, r->sg.dataAddr,
+ r->sg.resid);
+ }
+- assert(data_length > 0);
+- chunk_size = MIN((unsigned) data_length, sg.resid);
++ chunk_size = MIN(data_length, sg.resid);
+ if (chunk_size) {
+ qemu_sglist_add(&r->sgl, sg.dataAddr, chunk_size);
+ }
+--
+2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7157-1.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7157-1.patch
new file mode 100644
index 0000000..480de30
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7157-1.patch
@@ -0,0 +1,28 @@
+From: Prasad J Pandit <address@hidden>
+
+When LSI SAS1068 Host Bus emulator builds configuration page
+headers, the format string used in 'mptsas_config_manufacturing_1'
+was wrong. It could lead to an invalid memory access.
+
+Reported-by: Tom Victor <address@hidden>
+Fix-suggested-by: Paolo Bonzini <address@hidden>
+Signed-off-by: Prasad J Pandit <address@hidden>
+---
+ hw/scsi/mptconfig.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/hw/scsi/mptconfig.c b/hw/scsi/mptconfig.c
+index 7071854..1ec895b 100644
+--- a/hw/scsi/mptconfig.c
++++ b/hw/scsi/mptconfig.c
+@@ -203,7 +203,7 @@ size_t mptsas_config_manufacturing_1(MPTSASState *s, uint8_t **data, int address
+ {
+ /* VPD - all zeros */
+ return MPTSAS_CONFIG_PACK(1, MPI_CONFIG_PAGETYPE_MANUFACTURING, 0x00,
+- "s256");
++ "*s256");
+ }
+
+ static
+--
+2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7157-2.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7157-2.patch
new file mode 100644
index 0000000..5e79608
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7157-2.patch
@@ -0,0 +1,27 @@
+From: Prasad J Pandit <address@hidden>
+
+When LSI SAS1068 Host Bus emulator builds configuration page
+headers, mptsas_config_pack() asserts to check returned size
+value is within limit of 256 bytes. Fix that assert expression.
+
+Suggested-by: Paolo Bonzini <address@hidden>
+Signed-off-by: Prasad J Pandit <address@hidden>
+---
+ hw/scsi/mptconfig.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/hw/scsi/mptconfig.c b/hw/scsi/mptconfig.c
+index 1ec895b..531947f 100644
+--- a/hw/scsi/mptconfig.c
++++ b/hw/scsi/mptconfig.c
+@@ -158,7 +158,7 @@ static size_t mptsas_config_pack(uint8_t **data, const char *fmt, ...)
+ va_end(ap);
+
+ if (data) {
+- assert(ret < 256 && (ret % 4) == 0);
++ assert(ret / 4 < 256);
+ stb_p(*data + 1, ret / 4);
+ }
+ return ret;
+--
+2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7170.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7170.patch
new file mode 100644
index 0000000..7eb5f76
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7170.patch
@@ -0,0 +1,40 @@
+From: Prasad J Pandit <address@hidden>
+
+When processing svga command DEFINE_CURSOR in vmsvga_fifo_run,
+the computed BITMAP and PIXMAP size are checked against the
+'cursor.mask[]' and 'cursor.image[]' array sizes in bytes.
+Correct these checks to avoid OOB memory access.
+
+Reported-by: Qinghao Tang <address@hidden>
+Reported-by: Li Qiang <address@hidden>
+Signed-off-by: Prasad J Pandit <address@hidden>
+---
+ hw/display/vmware_vga.c | 12 +++++++-----
+ 1 file changed, 7 insertions(+), 5 deletions(-)
+
+diff --git a/hw/display/vmware_vga.c b/hw/display/vmware_vga.c
+index e51a05e..6599cf0 100644
+--- a/hw/display/vmware_vga.c
++++ b/hw/display/vmware_vga.c
+@@ -676,11 +676,13 @@ static void vmsvga_fifo_run(struct vmsvga_state_s *s)
+ cursor.bpp = vmsvga_fifo_read(s);
+
+ args = SVGA_BITMAP_SIZE(x, y) + SVGA_PIXMAP_SIZE(x, y, cursor.bpp);
+- if (cursor.width > 256 ||
+- cursor.height > 256 ||
+- cursor.bpp > 32 ||
+- SVGA_BITMAP_SIZE(x, y) > sizeof cursor.mask ||
+- SVGA_PIXMAP_SIZE(x, y, cursor.bpp) > sizeof cursor.image) {
++ if (cursor.width > 256
++ || cursor.height > 256
++ || cursor.bpp > 32
++ || SVGA_BITMAP_SIZE(x, y)
++ > sizeof(cursor.mask) / sizeof(cursor.mask[0])
++ || SVGA_PIXMAP_SIZE(x, y, cursor.bpp)
++ > sizeof(cursor.image) / sizeof(cursor.image[0])) {
+ goto badcmd;
+ }
+
+--
+2.5.5
+
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7421.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7421.patch
new file mode 100644
index 0000000..b9f3545
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7421.patch
@@ -0,0 +1,34 @@
+From: Prasad J Pandit <address@hidden>
+
+Vmware Paravirtual SCSI emulator while processing IO requests
+could run into an infinite loop if 'pvscsi_ring_pop_req_descr'
+always returned positive value. Limit IO loop to the ring size.
+
+Cc: address@hidden
+Reported-by: Li Qiang <address@hidden>
+Signed-off-by: Prasad J Pandit <address@hidden>
+Message-Id: <address@hidden>
+Signed-off-by: Paolo Bonzini <address@hidden>
+---
+ hw/scsi/vmw_pvscsi.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/hw/scsi/vmw_pvscsi.c b/hw/scsi/vmw_pvscsi.c
+index babac5a..a5ce7de 100644
+--- a/hw/scsi/vmw_pvscsi.c
++++ b/hw/scsi/vmw_pvscsi.c
+@@ -247,8 +247,11 @@ static hwaddr
+ pvscsi_ring_pop_req_descr(PVSCSIRingInfo *mgr)
+ {
+ uint32_t ready_ptr = RS_GET_FIELD(mgr, reqProdIdx);
++ uint32_t ring_size = PVSCSI_MAX_NUM_PAGES_REQ_RING
++ * PVSCSI_MAX_NUM_REQ_ENTRIES_PER_PAGE;
+
+- if (ready_ptr != mgr->consumed_ptr) {
++ if (ready_ptr != mgr->consumed_ptr
++ && ready_ptr - mgr->consumed_ptr < ring_size) {
+ uint32_t next_ready_ptr =
+ mgr->consumed_ptr++ & mgr->txr_len_mask;
+ uint32_t next_ready_page =
+--
+1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7422.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7422.patch
new file mode 100644
index 0000000..6368e7f
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7422.patch
@@ -0,0 +1,38 @@
+From: Prasad J Pandit <address@hidden>
+
+virtio back end uses set of buffers to facilitate I/O operations.
+If its size is too large, 'cpu_physical_memory_map' could return
+a null address. This would result in a null dereference
+while un-mapping descriptors. Add check to avoid it.
+
+Reported-by: Qinghao Tang <address@hidden>
+Signed-off-by: Prasad J Pandit <address@hidden>
+---
+ hw/virtio/virtio.c | 10 ++++++----
+ 1 file changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
+index 15ee3a7..0a4c5b6 100644
+--- a/hw/virtio/virtio.c
++++ b/hw/virtio/virtio.c
+@@ -472,12 +472,14 @@ static void virtqueue_map_desc(unsigned int *p_num_sg, hwaddr *addr, struct iove
+ }
+
+ iov[num_sg].iov_base = cpu_physical_memory_map(pa, &len, is_write);
+- iov[num_sg].iov_len = len;
+- addr[num_sg] = pa;
++ if (iov[num_sg].iov_base) {
++ iov[num_sg].iov_len = len;
++ addr[num_sg] = pa;
+
++ pa += len;
++ num_sg++;
++ }
+ sz -= len;
+- pa += len;
+- num_sg++;
+ }
+ *p_num_sg = num_sg;
+ }
+--
+2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7423.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7423.patch
new file mode 100644
index 0000000..fdd871b
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7423.patch
@@ -0,0 +1,31 @@
+From: Li Qiang <address@hidden>
+
+When processing IO request in mptsas, it uses g_new to allocate
+a 'req' object. If an error occurs before 'req->sreq' is
+allocated, It could lead to an OOB write in mptsas_free_request
+function. Use g_new0 to avoid it.
+
+Reported-by: Li Qiang <address@hidden>
+Signed-off-by: Prasad J Pandit <address@hidden>
+Message-Id: <address@hidden>
+Cc: address@hidden
+Signed-off-by: Paolo Bonzini <address@hidden>
+---
+ hw/scsi/mptsas.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/hw/scsi/mptsas.c b/hw/scsi/mptsas.c
+index 0e0a22f..eaae1bb 100644
+--- a/hw/scsi/mptsas.c
++++ b/hw/scsi/mptsas.c
+@@ -304,7 +304,7 @@ static int mptsas_process_scsi_io_request(MPTSASState *s,
+ goto bad;
+ }
+
+- req = g_new(MPTSASRequest, 1);
++ req = g_new0(MPTSASRequest, 1);
+ QTAILQ_INSERT_TAIL(&s->pending, req, next);
+ req->scsi_io = *scsi_io;
+ req->dev = s;
+--
+1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7466.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7466.patch
new file mode 100644
index 0000000..d5028bb
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7466.patch
@@ -0,0 +1,26 @@
+From: Li Qiang <address@hidden>
+
+If the xhci uses msix, it doesn't free the corresponding
+memory, thus leading a memory leak. This patch avoid this.
+
+Signed-off-by: Li Qiang <address@hidden>
+---
+ hw/usb/hcd-xhci.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
+index 188f954..281a2a5 100644
+--- a/hw/usb/hcd-xhci.c
++++ b/hw/usb/hcd-xhci.c
+@@ -3709,8 +3709,7 @@ static void usb_xhci_exit(PCIDevice *dev)
+ /* destroy msix memory region */
+ if (dev->msix_table && dev->msix_pba
+ && dev->msix_entry_used) {
+- memory_region_del_subregion(&xhci->mem, &dev->msix_table_mmio);
+- memory_region_del_subregion(&xhci->mem, &dev->msix_pba_mmio);
++ msix_uninit(dev, &xhci->mem, &xhci->mem);
+ }
+
+ usb_bus_release(&xhci->bus);
+--
+1.8.3.1
diff --git a/app-emulation/qemu/qemu-2.5.1-r99.ebuild b/app-emulation/qemu/qemu-2.7.0-r99.ebuild
similarity index 94%
rename from app-emulation/qemu/qemu-2.5.1-r99.ebuild
rename to app-emulation/qemu/qemu-2.7.0-r99.ebuild
index 1d169e8..f8432d3 100644
--- a/app-emulation/qemu/qemu-2.5.1-r99.ebuild
+++ b/app-emulation/qemu/qemu-2.7.0-r99.ebuild
@@ -2,26 +2,22 @@
# Distributed under the terms of the GNU General Public License v2
# $Id$
-EAPI=5
+EAPI="5"
PYTHON_COMPAT=( python2_7 )
PYTHON_REQ_USE="ncurses,readline"
-PLOCALES="de_DE fr_FR hu it tr zh_CN"
+PLOCALES="bg de_DE fr_FR hu it tr zh_CN"
inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \
- user udev fcaps readme.gentoo pax-utils l10n
-
-BACKPORTS=
+ user udev fcaps readme.gentoo-r1 pax-utils l10n
if [[ ${PV} = *9999* ]]; then
EGIT_REPO_URI="git://git.qemu.org/qemu.git"
inherit git-2
SRC_URI=""
else
- SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2
- ${BACKPORTS:+
- https://dev.gentoo.org/~cardoe/distfiles/${P}-${BACKPORTS}.tar.xz}"
+ SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
KEYWORDS="amd64 ~ppc x86"
fi
@@ -30,7 +26,7 @@ HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
LICENSE="GPL-2 LGPL-2 BSD-2"
SLOT="0"
-IUSE="accessibility +aio alsa bluetooth +caps +curl debug +fdt glusterfs \
+IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt glusterfs \
gnutls gtk gtk2 infiniband iscsi +jpeg \
kernel_linux kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs
+png pulseaudio python \
@@ -70,8 +66,13 @@ REQUIRED_USE="${PYTHON_REQUIRED_USE}
#
# Older versions of gnutls are supported, but it's simpler to just require
# the latest versions. This is also why we require nettle.
+#
+# TODO: Split out tools deps into another var. e.g. bzip2 is only used by
+# system binaries and tools, not user binaries.
COMMON_LIB_DEPEND=">=dev-libs/glib-2.0[static-libs(+)]
+ dev-libs/libpcre[static-libs(+)]
sys-libs/zlib[static-libs(+)]
+ bzip2? ( app-arch/bzip2[static-libs(+)] )
xattr? ( sys-apps/attr[static-libs(+)] )"
SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND}
>=x11-libs/pixman-0.28.0[static-libs(+)]
@@ -108,7 +109,7 @@ SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND}
virtual/opengl
media-libs/libepoxy[static-libs(+)]
media-libs/mesa[static-libs(+)]
- media-libs/mesa[egl,gles2]
+ media-libs/mesa[egl,gles2,gbm]
)
png? ( media-libs/libpng:0=[static-libs(+)] )
pulseaudio? ( media-sound/pulseaudio )
@@ -337,18 +338,18 @@ src_prepare() {
epatch "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
epatch "${FILESDIR}"/${PN}-2.2.0-_sigev_un.patch
- epatch "${FILESDIR}"/qemu-2.5.0-cflags.patch
- [[ -n ${BACKPORTS} ]] && \
- EPATCH_FORCE=yes EPATCH_SUFFIX="patch" EPATCH_SOURCE="${S}/patches" \
- epatch
-
- epatch "${FILESDIR}"/${PN}-2.5.0-CVE-2016-2198.patch #573314
- epatch "${FILESDIR}"/${PN}-2.5.0-rng-stack-corrupt-{0,1,2,3}.patch #576420
- epatch "${FILESDIR}"/${PN}-2.5.1-stellaris_enet-overflow.patch #579614
- epatch "${FILESDIR}"/${PN}-2.5.1-CVE-2016-4020.patch #580040
- epatch "${FILESDIR}"/${PN}-2.5.1-CVE-2015-8558.patch #568246 #580426
+ epatch "${FILESDIR}"/${PN}-2.5.0-cflags.patch
epatch "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
- epatch "${FILESDIR}"/${PN}-2.5.1-xfs-linux-headers.patch #577810
+ epatch "${FILESDIR}"/${P}-CVE-2016-6836.patch # bug 591242
+ epatch "${FILESDIR}"/${P}-CVE-2016-7155.patch # bug 593034
+ epatch "${FILESDIR}"/${P}-CVE-2016-7156.patch # bug 593036
+ epatch "${FILESDIR}"/${P}-CVE-2016-7157-1.patch # bug 593038
+ epatch "${FILESDIR}"/${P}-CVE-2016-7157-2.patch # bug 593038
+ epatch "${FILESDIR}"/${P}-CVE-2016-7170.patch # bug 593284
+ epatch "${FILESDIR}"/${P}-CVE-2016-7421.patch # bug 593950
+ epatch "${FILESDIR}"/${P}-CVE-2016-7422.patch # bug 593956
+ epatch "${FILESDIR}"/${P}-CVE-2016-7466.patch # bug 594520
+ epatch "${FILESDIR}"/${P}-CVE-2016-7423.patch # bug 594368
# Fix ld and objcopy being called directly
tc-export AR LD OBJCOPY
@@ -412,6 +413,7 @@ qemu_src_configure() {
conf_opts+=(
$(conf_softmmu accessibility brlapi)
$(conf_softmmu aio linux-aio)
+ $(conf_softmmu bzip2)
$(conf_softmmu bluetooth bluez)
$(conf_softmmu caps cap-ng)
$(conf_softmmu curl)
@@ -482,6 +484,7 @@ qemu_src_configure() {
--disable-linux-user
--disable-system
--disable-blobs
+ $(use_enable bzip2)
)
static_flag="static"
;;
@@ -571,7 +574,6 @@ src_test() {
qemu_python_install() {
python_domodule "${S}/scripts/qmp/qmp.py"
- python_doscript "${S}/scripts/kvm/kvm_stat"
python_doscript "${S}/scripts/kvm/vmxcap"
python_doscript "${S}/scripts/qmp/qmp-shell"
python_doscript "${S}/scripts/qmp/qemu-ga-client"
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/
@ 2017-01-03 22:34 Aric Belsito
0 siblings, 0 replies; 19+ messages in thread
From: Aric Belsito @ 2017-01-03 22:34 UTC (permalink / raw
To: gentoo-commits
commit: 2f2ad6f0e67b5a268f764bb03348f68367932c13
Author: Aric Belsito <lluixhi <AT> gmail <DOT> com>
AuthorDate: Tue Jan 3 22:33:36 2017 +0000
Commit: Aric Belsito <lluixhi <AT> gmail <DOT> com>
CommitDate: Tue Jan 3 22:33:36 2017 +0000
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=2f2ad6f0
app-emulation/qemu-2.8.0: Fix patches
The ifunc patch is no longer necessary as of 2.8.x
The F_SHLCK/F_EXLCK patch needed to be refreshed.
app-emulation/qemu/Manifest | 3 ++-
.../qemu/files/qemu-2.8.0-F_SHLCK-and-F_EXLCK.patch | 16 ++++++++++++++++
app-emulation/qemu/qemu-2.8.0.ebuild | 3 +--
3 files changed, 19 insertions(+), 3 deletions(-)
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
index 48d0014..7f02bb3 100644
--- a/app-emulation/qemu/Manifest
+++ b/app-emulation/qemu/Manifest
@@ -37,11 +37,12 @@ AUX qemu-2.7.0-configure-ifunc.patch 517 SHA256 40f6183f1f490216855e83cf03bf21ec
AUX qemu-2.8.0-CVE-2016-10028.patch 1384 SHA256 25a9f2b2014bbcbb008683211503716a2b4a0e8d96ea001d32b87d451cee1842 SHA512 6cfad99e54cfaea97f5c14fbbfe35768a8ea46196117bf770725e1079f9bccca3b7071416a14e60a36c3c919760ab49663fc8b551026c8cd58c10b3f2d7940b4 WHIRLPOOL 5c0c8350112cb63c8b3db7a15a9090cd2fba879317565b108285fd92c23a8b75a593a65d94b6e448086b126a735056065d07c1877abdb6815ebaa430cf4adabf
AUX qemu-2.8.0-CVE-2016-9908.patch 1166 SHA256 22ef4999a3daf3c46a3c90ca20fb131545d4d0befeff7c3ca870585a3e03b7b7 SHA512 c46abda3a5b1a68c7c2e5236f8e424f4569a28ba2aea9b8ec32467e55b535492da6e4702d4758a5721f1bf222f7f2554a5e4c9a190781d60c40202a5291dcf49 WHIRLPOOL aa8087350770ecbb60049e3269ddf9d68258657ef6a088b562e344056689e578a390328dde9c5d2b5024e7fa03995b571295a1d64943d9b3882cf0c5f833dbd8
AUX qemu-2.8.0-CVE-2016-9912.patch 1307 SHA256 e3eac321492a9ef42d88b04877511255c3731a9bb029d7c6ab2da0aa8f09e2d8 SHA512 f9ba4f167334d9b934c37fbed21ded8b3d71e5bdbdb1f15f81d4423b0790bfa127637155d5863b563fa974f1421c4ace1f2a4e3e81e3ae3d6045b2083210b103 WHIRLPOOL 7aa8dab7b6462f142365d274e6131ca1630c396e36c851cb562c081c4243c58e2ae22cf682e51145af08befcaba395254c765cf56112a6c177e1c9a18ffb5926
+AUX qemu-2.8.0-F_SHLCK-and-F_EXLCK.patch 574 SHA256 d02353daa0ecfe161e938a5e54feab641b901f4a35c8f5831133676a6f53f43f SHA512 6b64750335aae1142ca9132fb766ac2aaeacfcdda0aa0cfca19afc4c3ea3806e30ce603fcec3767e40e84efb0ae8b9a23f21d46c807c13bb646be74f99e13389 WHIRLPOOL 7401c3daf162c71a5a5c3729855fddb5df95609b34c86ea0f4d872c8f132d6ac089cfb35a990af70aef8b7b63fe075a1e2be376b6db09bc70e8d51e48aded354
AUX qemu-binfmt.initd-r1 7966 SHA256 5b4b432aa1e44f387c9eb789de0ec6322741fd36dd241f76520f17c6cd6ac49b SHA512 2ba0bff6eb2b6bac4ed440f793771ce9551cad48e38bddb6cf04f804faac2407e80879f66771910344ddcea45f0014095dcc8bfeb0aad5085ef048fd3612dbd8 WHIRLPOOL a2a1fb830a970757d1e203378c7d382b161b1040f3b8aaf0f22bb3b5e46467eff395474ff40d93c9f133bab307b345a6f75d63eae9f8dd8daf67324db41032f9
DIST qemu-2.7.0.tar.bz2 26867760 SHA256 326e739506ba690daf69fc17bd3913a6c313d9928d743bd8eddb82f403f81e53 SHA512 654acaa7b3724a288e5d7e2a26ab780d9c9ed9f647fba00a906cbaffbe9d58fd666f2d962514aa2c5b391b4c53811ac3170d2eb51727f090bd19dfe45ca9a9db WHIRLPOOL dcb3e5f7da89dd8e14d636d7ebd476e076e0043880bb9ea3fb1c03cb4bcd4e5c7d3c4719da26c3ce521e3a3db5ae671e86f198ac1bc3474e774d75504fef8b8d
DIST qemu-2.7.1.tar.bz2 26868403 SHA256 68636788eb69bcb0b44ba220b32b50495d6bd5712a934c282217831c4822958f SHA512 16a83946e9064733254c82c961749bf9c56a0a2a8ee46145b4a78e1452ac0e2548d888963d18c80e28f65202890fd643b0011951b5b1c66ef16234767ed91898 WHIRLPOOL ae3d3c2b2a3700613733659847de6187755631cb09e8c3548ea30cd994357c9ff128646edce88dfe4dce53e6c1c0f37f8de3688ee7e22262033b40f3fc706efa
DIST qemu-2.8.0.tar.bz2 28368517 SHA256 dafd5d7f649907b6b617b822692f4c82e60cf29bc0fc58bc2036219b591e5e62 SHA512 50f2988d822388ba9fd1bf5dbe68359033ed7432d7f0f9790299f32f63faa6dc72979256b5632ba572d47ee3e74ed40e3e8e331dc6303ec1599f1b4367cb78c2 WHIRLPOOL 0ce4e0539657eb832e4039819e7360c792b6aa41c718f0e0d762f4933217f0d370af94b1d6d9776853575b4a6811d8c85db069bf09d21bd15399ac8b50440ff5
EBUILD qemu-2.7.0-r7.ebuild 22495 SHA256 a606d5b6805d24191245b4191c1f62a09096d8ee283c62629f038851b4c8e6c5 SHA512 c45e516c4c45b5a1eaec06d046cebf129f1422c2d5910699c0a367a4c8c7d49e323a6addc765e1ec57209df12270e196169e52a7618afef28019be06feff70ea WHIRLPOOL 94ae6ab13fc03450ce5b6b0e5840e488401116d6bf60ec411cc01f39f2d10931bd65572f25bdf958e9f94bb4f6582795018039b5b4c988fa3bd5dee928014c65
EBUILD qemu-2.7.1.ebuild 22161 SHA256 a7d2ff5c706a35a1b2c5610866215a5db04674ce68fb01e3e076b68839dcafd8 SHA512 7d30615832f2fecf89b472c4ea56446335176a330a7d64693ed7cc9becd47a1f40064fca191467deb8603116b4f69307d7968971c9b3845356b8b8d4cf053472 WHIRLPOOL 23bda8ca28ff8620739c604289a0d81ec4d16c1908b8c02df7833f9c0d98f698922650636456ac0bcc285357836af23ffd28bf3b8c2653a690a86fa5ae662a61
-EBUILD qemu-2.8.0.ebuild 21005 SHA256 5009f688c9c65004640328ad98b007d2b0e33a95daa3cb8958f5968c8109e0b4 SHA512 9d2d86f6df898a19ef3b4a387b6b715b547d387b1995e38e2e4b849fcd184560f6fc543340aa5acd5080823b7ed8db605918bd7e9b860dd170c967d224fe347e WHIRLPOOL 625e49536d32ee8685ec14d8e629ebefb2753e6d43bf33e577aa0e7f30d9144ada724547a28859c75bdd88d178ab9b9b5ee847fb2853f9953cd8a4f74af924d2
+EBUILD qemu-2.8.0.ebuild 20949 SHA256 468944f9506df374711bdc5e87fcd2bcc2b823061b23ab8561642c41755e510a SHA512 d3f7cefab4fe282c72f30e1c2232eca7faac63c2b4d4172cc5b9f8ccb43ee2eb7a5602ba895c4ee5221f8cccfe62b89dc65cedb7e6932b696952be7f2052605b WHIRLPOOL 50c2b17b13715a0750bc48ff24fd71ddc13a5af1a7f2f2de5edde261f4d9c3a7ccc07c665385c444183743610f85bd6cc623e57e322e85e19f8ce3b874ca093e
MISC metadata.xml 3925 SHA256 d1c219b7da0cbf77919cd1e055acbb3f6788a574fd802c98a43c89a411697b36 SHA512 3ff45d1c8ede12b4eedc7d01f39777b76a1cbd0ba9364299dec99d4b4a05cade5784d6f6e50197d5b5ae1f1b8e831c49da195eb53263c49b7d16aec8ee28b6e6 WHIRLPOOL bc25783fac0f3f13318834cc535404af9af20de16c7aeec222e59dc2ed7740ac5e767b329a5bcd6356d0cbae2428e278515f1446aa8ecb87a873bf4dbe04bf41
diff --git a/app-emulation/qemu/files/qemu-2.8.0-F_SHLCK-and-F_EXLCK.patch b/app-emulation/qemu/files/qemu-2.8.0-F_SHLCK-and-F_EXLCK.patch
new file mode 100644
index 0000000..ccfb582
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-F_SHLCK-and-F_EXLCK.patch
@@ -0,0 +1,16 @@
+diff -Naur qemu-2.8.0.orig/linux-user/syscall.c qemu-2.8.0/linux-user/syscall.c
+--- qemu-2.8.0.orig/linux-user/syscall.c 2016-12-20 12:16:48.000000000 -0800
++++ qemu-2.8.0/linux-user/syscall.c 2017-01-03 14:11:45.195429181 -0800
+@@ -117,6 +117,12 @@
+ #ifndef CLONE_IO
+ #define CLONE_IO 0x80000000 /* Clone io context */
+ #endif
++#ifndef F_SHLCK
++#define F_SHLCK 8
++#endif
++#ifndef F_EXLCK
++#define F_EXLCK 4
++#endif
+
+ /* We can't directly call the host clone syscall, because this will
+ * badly confuse libc (breaking mutexes, for example). So we must
diff --git a/app-emulation/qemu/qemu-2.8.0.ebuild b/app-emulation/qemu/qemu-2.8.0.ebuild
index 4fbc9fd..4020d7c 100644
--- a/app-emulation/qemu/qemu-2.8.0.ebuild
+++ b/app-emulation/qemu/qemu-2.8.0.ebuild
@@ -332,10 +332,9 @@ src_prepare() {
Makefile Makefile.target || die
# Patching for musl
- epatch "${FILESDIR}"/${PN}-2.0.0-F_SHLCK-and-F_EXLCK.patch
+ epatch "${FILESDIR}"/${PN}-2.8.0-F_SHLCK-and-F_EXLCK.patch
epatch "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
epatch "${FILESDIR}"/${PN}-2.2.0-_sigev_un.patch
- epatch "${FILESDIR}"/${PN}-2.7.0-configure-ifunc.patch
epatch "${FILESDIR}"/${PN}-2.5.0-cflags.patch
epatch "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/
@ 2017-02-13 6:46 Aric Belsito
0 siblings, 0 replies; 19+ messages in thread
From: Aric Belsito @ 2017-02-13 6:46 UTC (permalink / raw
To: gentoo-commits
commit: b610381e7567e3d26aa70587a1e173de4e1fa48f
Author: Aric Belsito <lluixhi <AT> gmail <DOT> com>
AuthorDate: Mon Feb 13 06:45:09 2017 +0000
Commit: Aric Belsito <lluixhi <AT> gmail <DOT> com>
CommitDate: Mon Feb 13 06:45:09 2017 +0000
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=b610381e
app-emulation/qemu: version bump to 2.8.0-r1
Drop 2.7.x (no longer in tree.)
app-emulation/qemu/Manifest | 52 +-
.../files/qemu-2.0.0-F_SHLCK-and-F_EXLCK.patch | 23 -
.../qemu/files/qemu-2.7.0-CVE-2016-6836.patch | 27 -
.../qemu/files/qemu-2.7.0-CVE-2016-7155.patch | 81 ---
.../qemu/files/qemu-2.7.0-CVE-2016-7156.patch | 62 --
.../qemu/files/qemu-2.7.0-CVE-2016-7157-1.patch | 28 -
.../qemu/files/qemu-2.7.0-CVE-2016-7157-2.patch | 27 -
.../qemu/files/qemu-2.7.0-CVE-2016-7170.patch | 40 --
.../qemu/files/qemu-2.7.0-CVE-2016-7421.patch | 34 -
.../qemu/files/qemu-2.7.0-CVE-2016-7422.patch | 38 --
.../qemu/files/qemu-2.7.0-CVE-2016-7423.patch | 31 -
.../qemu/files/qemu-2.7.0-CVE-2016-7466.patch | 26 -
.../qemu/files/qemu-2.7.0-CVE-2016-7907.patch | 45 --
.../qemu/files/qemu-2.7.0-CVE-2016-7908.patch | 52 --
.../qemu/files/qemu-2.7.0-CVE-2016-7909.patch | 32 -
.../qemu/files/qemu-2.7.0-CVE-2016-7994-1.patch | 25 -
.../qemu/files/qemu-2.7.0-CVE-2016-7994-2.patch | 26 -
.../qemu/files/qemu-2.7.0-CVE-2016-8576.patch | 61 --
.../qemu/files/qemu-2.7.0-CVE-2016-8577.patch | 34 -
.../qemu/files/qemu-2.7.0-CVE-2016-8578.patch | 58 --
.../qemu/files/qemu-2.7.0-CVE-2016-8668.patch | 30 -
.../qemu/files/qemu-2.7.0-CVE-2016-8669-1.patch | 3 +
.../qemu/files/qemu-2.7.0-CVE-2016-8669-2.patch | 34 -
.../qemu/files/qemu-2.7.0-CVE-2016-8909.patch | 31 -
.../qemu/files/qemu-2.7.0-CVE-2016-8910.patch | 29 -
.../qemu/files/qemu-2.7.0-CVE-2016-9102.patch | 21 -
.../qemu/files/qemu-2.7.0-CVE-2016-9103.patch | 27 -
.../qemu/files/qemu-2.7.0-CVE-2016-9104.patch | 92 ---
.../qemu/files/qemu-2.7.0-CVE-2016-9105.patch | 25 -
.../qemu/files/qemu-2.7.0-CVE-2016-9106.patch | 27 -
.../qemu/files/qemu-2.7.0-configure-ifunc.patch | 13 -
.../qemu/files/qemu-2.8.0-CVE-2016-10155.patch | 46 ++
.../qemu/files/qemu-2.8.0-CVE-2017-2615.patch | 48 ++
.../qemu/files/qemu-2.8.0-CVE-2017-5525-1.patch | 52 ++
.../qemu/files/qemu-2.8.0-CVE-2017-5525-2.patch | 55 ++
.../qemu/files/qemu-2.8.0-CVE-2017-5552.patch | 41 ++
.../qemu/files/qemu-2.8.0-CVE-2017-5578.patch | 35 +
.../qemu/files/qemu-2.8.0-CVE-2017-5579.patch | 40 ++
.../qemu/files/qemu-2.8.0-CVE-2017-5667.patch | 37 ++
.../qemu/files/qemu-2.8.0-CVE-2017-5856.patch | 64 ++
.../qemu/files/qemu-2.8.0-CVE-2017-5857.patch | 38 ++
.../qemu/files/qemu-2.8.0-CVE-2017-5898.patch | 35 +
.../qemu/files/qemu-2.8.0-CVE-2017-5931.patch | 46 ++
app-emulation/qemu/metadata.xml | 1 -
app-emulation/qemu/qemu-2.7.0-r7.ebuild | 713 ---------------------
.../{qemu-2.7.1.ebuild => qemu-2.8.0-r1.ebuild} | 53 +-
app-emulation/qemu/qemu-2.8.0.ebuild | 10 +-
47 files changed, 582 insertions(+), 1866 deletions(-)
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
index 7f02bb3..0acf0b7 100644
--- a/app-emulation/qemu/Manifest
+++ b/app-emulation/qemu/Manifest
@@ -1,48 +1,28 @@
AUX 65-kvm.rules 40 SHA256 c16a8dc7855880b2651f1a3ff488ecc54d4ac1036c71fffd5007021d8d18a7c5 SHA512 98aad2a2f212a7ac0ee5b60a9c92744fa462bce5f26594845c7a31d692aaaca2d52cb57bdbede7dfc60b9862c2a6510665dbb03215d5cf76e62516a283decdd6 WHIRLPOOL 937de93a23930f6b8533f0c3e0dd249c99ddf7d54446dea857607266ac0a4b435c5b4a52b2986b138bace9c0a7ade66f94116b38e2bc4767ead54bd11baf0920
AUX bridge.conf 454 SHA256 a51850dd39923f3482e4c575b48ad9fef9c9ebb2f2176225da399b79ce48c69d SHA512 a907ee86b81a1b61033bb7621ded65112504131ef7b698c53e4014b958ee6fc79e66f63069015a01e41362cb70a7d0ed26dd9a03033cf776f4846f0e1f8f1533 WHIRLPOOL 8fcbd4abf9b8f7ca3d16fe0eaf17196ebf708dfecf85ce0f020e0de22b64905114f7b310f361826c81bb961c6b1bbbf984bff1e595bb949993b8966ccb222c35
-AUX qemu-2.0.0-F_SHLCK-and-F_EXLCK.patch 563 SHA256 99de67d610ad13a1dcf6c67a3c2b5b87fb909220173a956435737f9bea3c371b SHA512 a29e9a889388a6627ed492a79e66514ffb5e64f9479646982091811548fc2a9bf6682104a6c774d83e645e4b1db39e491afd4efce789fe164623442a7f3e5d00 WHIRLPOOL d3aab06099de263c22f4c71810a3b2cb8602d17731ec76674cd1415e539306555a7b96b789f0daad473600dfa04a83224ff603f7b9a9ac63a4902f74d0e9deb5
AUX qemu-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch 930 SHA256 6af6cf9044997710a6d0fbdba30a35c8d775e30d30c032ec97db672f75ec88ac SHA512 ec84b27648c01c6e58781295dcd0c2ff8e5a635f9836ef50c1da5d0ed125db1afc4cb5b01cb97606d6dd8f417acba93e1560d9a32ca29161a4bb730b302440ea WHIRLPOOL 06b9dd5251ac03405c97b1f5a623b4d86bda2f72fbcd52b90ae4d11a0cfb59cae62df2cb6189405fbe53ab05ff2b7ca8165fda239dbfe5f31ed70abb53b3b9f3
AUX qemu-2.2.0-_sigev_un.patch 636 SHA256 f3b9a4d6162c553f3110ad22716305818e2130e2ff5d628faf044fc58a5e3cb5 SHA512 f72b879daede5184904f64cabb276de96299a37a93fce444d09e9068671009e95a5e5d6b815ec41a5db5b3807de14d470a56bba5806ffd4dfec577577b046ccb WHIRLPOOL 9453ad4966e10d504f3e867fd984642a3c1ee3ae847b5ca56196fd1f9e6c0f2d7b52ca07446212af72fef6d0ded1527a5eb306fa6cd915e8dd9ce11523362bac
AUX qemu-2.5.0-cflags.patch 410 SHA256 17f5624dd733f5c80e733cc67ae36a736169ec066024dbf802b416accfed0755 SHA512 0194d28de08b4e51c5bd1c9a2cc7965ba7f66dfddb8fd91de3da93677e6cf2d38ad3270f69aaea8a20cf2533c2980018d6e0fed711be2806fe2053fba7c081f3 WHIRLPOOL 5f5b95d00409fbe03adb64801d30a2fb5f98dded5efa7f0e78b5746776f72917dcbea767e1d0afcb304d8bf8c484adedb8037e6d54e9d34997c2bc3a98b53154
AUX qemu-2.5.0-sysmacros.patch 333 SHA256 a5716fc02da383d455f5cbd76f49e4ee74d84c2d5703319adcbeb145d04875f9 SHA512 329632c5bff846ca3ffcdb4bc94ae62f17c6bdbb566f9bec0784357c943523e8ca7773790b83a9617734cab3b003baa3d636cbd08f7385810a63b0fa0383c4f0 WHIRLPOOL 2a774767d4685545d3ed18e4f5dece99a9007597d73c56197652ff24083550f987ffb69e5c624760dece87def71a7c5c22a694bf999d7309e48ef622f18f0d73
-AUX qemu-2.7.0-CVE-2016-6836.patch 889 SHA256 a94812131e8baa66b81971579ab84b20bf15d544e2698448a5247ac0ddca0b3d SHA512 cf7f327f26aee5b6688eb662ced8aa07775ad9558b4a02db244303f6b7d37be9cd19b18d5725819b4708184105b98830864e0ad3af81373e59e880809036345b WHIRLPOOL df00627ad447162fdcac4b2c965a8cb5c916a7fb66d8c3a4f8f48bb2d869d7805cb3308cd495ff74ebf4840e7bc2d85abf8e666d78b3da9abb4e2bae22697a82
-AUX qemu-2.7.0-CVE-2016-7155.patch 2745 SHA256 addf638a53bfae8556e463e0b78a151eef0fdf171eb395a98dbdf0332ff74131 SHA512 96e9df733c5227899da7d2ecc346139df9830dd16fc16f1f14666f8be60205a43f434fd79e158c2000926656ffa137809f1cb3c57a04cb375011f816e92e2f4b WHIRLPOOL c04c0dda417a70e4acb289c6b296da93f3eb8e51f7cfad62351b7235512e04714fdc169a87f4cbf1ef82bfc6decc8ebb5b3958f23d001795c9ebcd08369185a3
-AUX qemu-2.7.0-CVE-2016-7156.patch 2314 SHA256 7fa0d7f1025a3435b692a6e7ed8fa3be38a918395a8253e8c27f416ff37e041d SHA512 db3009fdf6d85ffd24fd4a2a40b372b0e665274bba1ce01632aef0d583f2830b58f889166a34acd36409944ab3f7e264801bf89a78f55a586b5f43429a1c86dc WHIRLPOOL ce8101b7607612ed7b9c6fbe373f9b5dec07e0ea8af0b4be8e52b4add5dd0ba12c9e5eb7380d68e3d3867988e0cfc1bdd1e8357ce2b71ef19f51e316fac62161
-AUX qemu-2.7.0-CVE-2016-7157-1.patch 888 SHA256 7a1f6199b16c220df51002e1222763d1a7c7b3a08349f664e576a9facc553516 SHA512 5c104464dfa48804d94ccca9a9d881f9e22eba2c3d9a2cbf3a645c3a696e89ea3f4603ea28deba9a1cd800df9bc5ad4894606869eca3e1e9cf95414723846938 WHIRLPOOL af42ec7ca93c92c4df060b4efd61bcc3f7cb5582d00bfe174d81f2393ad3a7f06e27cc2b2186f664860c3ee98f76dd68cd7e6de7ff7e63b778f345c32a62b495
-AUX qemu-2.7.0-CVE-2016-7157-2.patch 812 SHA256 1db3b565b4762abbc1096286c9887400591af76bf422a105e457c6bdcb887b59 SHA512 8d2177adc638d384302ec89de65a0acd4f4069580c40d6c50cb78501f25f4d171f3b92a36464711337e07dbf208f9ad93eb2f86a7361dde52026c1764341e10d WHIRLPOOL e815e165bb23cd42aaba2310e3fa48bba33b0344069e6f54c4b26dddad746516053221969fad855d6c827d42371494c609123b002e1e2a96c366d11131b3243a
-AUX qemu-2.7.0-CVE-2016-7170.patch 1527 SHA256 37d600b5a4ba143f1d6b26acbcf23357fa41a5f852774f68b6b6736a6ecec024 SHA512 c84494ec4ee9607cef7b230a25d10de444a29fecba57566df5394d40b88596ef91fbd5edfb51a58c5ecff7fa7ef39b7d32ba7976dbd011fb1b29a2e46e4e0080 WHIRLPOOL ddd3d94da447556b24257c11068bef360da6cf35e22257869b09057f42ba027636e605db96d9a66253f423f5667814a1f8c551f8eece733fd997b03d6ac81e2b
-AUX qemu-2.7.0-CVE-2016-7421.patch 1183 SHA256 f3996d9d4658fb32a04ce8ae3d3510e6a51a0aa39f64b003a636f68dacef19db SHA512 51d07015e27e4dfbde2c3ffa37d91134374b49c136735845c34155238767483ede8bbc7232ea93b4e4cbcc28195cbe1986d44ac0dd96e914ec29df3a1da9dfcc WHIRLPOOL a4e27d329591b2a3b94a7abed81df1f87509f5a38beb490d7a4ca7c14df2a864f4126c26fc044bb4357467b0f9ed0ca5811d5e85812e318adcb3236c30bef7a1
-AUX qemu-2.7.0-CVE-2016-7422.patch 1125 SHA256 7a3d31031b8ea70be29715e8d384f47ad8758e81b9cfc3768e59dd6c6a00cb2a SHA512 6a08f661cd2b00214297570c8035042544b0e707b2f20f6c59c251a73971f2b7e1920c7242ca09a4684ea58dcb177d11d087ee5e0523792e3c446e70239498ef WHIRLPOOL 82b38aa12e49695c1f0c67c303039afb05cc314d14e5bc8286bafebfbabd3eb3cddd41338d45f9510ea2f5074fd9028b39c251be0e5856e0221232a8b28797a9
-AUX qemu-2.7.0-CVE-2016-7423.patch 925 SHA256 2b9b1102c3c9c54ba2c311661c3222b1df246a519e9eef57d0793951c1249ae0 SHA512 e4401163d15f9ebd9057b8ddf4187f7a0a2f379cb8aea2bd92b20f132f7714a4e386733884be4568eddbd4067b6cad80275ccc101276897c4796117a9b20144f WHIRLPOOL 9bd9f5ed067604f065d3ac7447f8135dd72e178caa6f3c5a5ca7bc531a8008ec46620c4af33bea54a35dfe52e430d48dcf5b59145c4e1efc2a14cb789e38f5bd
-AUX qemu-2.7.0-CVE-2016-7466.patch 830 SHA256 5664c091038185766a54b93495029bbf6de116e8752c2334fa1c71b8387e89c3 SHA512 d158b1f66766f33b1df561956cc3c77d40e1422e44791cfc753d3def2f1851c2c9c0aeb299bcd1ae969dde8f4249f4489ed90776ebb497db4f626217710e4f48 WHIRLPOOL 13112769ecd6420e17d2a3c0e110a2bd479fc09d8a2086d27f0703a4d6c35ded07e003f28ff14579655c5468cd02c77fa514ba7ed6543f61deb60c6de604c99b
-AUX qemu-2.7.0-CVE-2016-7907.patch 1380 SHA256 58aa0af82a88de8967452c06ec229de381494e7ac222273ac5a7aa2c53dc5529 SHA512 5a311dea9554d7225d75fb2c680d2f7a2b151b46802176424f495e792ab4a9a101ad99099ccf2b6250230f23fc1ea804381129cd34eb0e4cd24c1e2442de9b51 WHIRLPOOL 69e7e01bc0b221581a8b1ef1af23eb59a6ad87acbfe821ccf8c23f349c9e31b84e4b8db83f48a849a4c5e9b6229f8d55e671da9f8485ecbc24855a8ab50b02ec
-AUX qemu-2.7.0-CVE-2016-7908.patch 1718 SHA256 3042b5425964c9bdb6ebc17d8f4bc5efd150547a348269d54e0962efc6a658d4 SHA512 441aa4fe46a2d6d425b1759ebadabc12fb1902f80364d351120932a13b9a46030bd2ad8c7faa57d6bcfbf740d9af2a96cec082a0d40b9a7469499ba1f19177bd WHIRLPOOL 6d870c28645e6fcb12e55a4da5f9dffae78d1fcd013ae6fd9727ae46e05103dc8870d548117e7f396af79cf76947ee8d0b5285ec9b4c6aac840aa6d1e1fc9054
-AUX qemu-2.7.0-CVE-2016-7909.patch 975 SHA256 8fb9a27f56c6875f271ac0dc80fd78af8b70d40778ef967019e4a1b0a47ff1ae SHA512 e2793eb18179a7c7276c4d437ea68bb02a6a3963842dd74041fdf3c9f239d6353c7d9e5705c1342fc01b5c7e3bc1bfb882d8094fbe4144ac5f705852579139ca WHIRLPOOL b73aef899c94c9130385dd757b25783b20fce9d32faa245847353766e046bd769789d8b107ef06c726a0e2471a5ef1599716343782c8a82267b79ca53c281414
-AUX qemu-2.7.0-CVE-2016-7994-1.patch 835 SHA256 6b84d2273197bd441761469245991d02b5de8b70c29abf096df301e87b5c2478 SHA512 7a8c1c6ffc654f428485057a31d40a831707e5e6a84e32f722f6fc4c86ed474dcd19bfc8034b3a603362d821e7170f46e25ddc2ca50b60f00f45455241ba9464 WHIRLPOOL 80c5c51535cec848664811d8cf41db9d931e3215522fcaa404fa55f0c3b821bac346129b254b60a72cc09493366d8499882874dcb797e8a81e39157f64539b73
-AUX qemu-2.7.0-CVE-2016-7994-2.patch 896 SHA256 c23fdfb127f60d24c4b56e7745463f5655ace7af9f5fa392544e7ce05a564c5d SHA512 4243d04a573ccee043911645e716a9c6f7e28858163b48ea58e7a9734d817ac9237c4866fce843dbe10fa996cdd5453f3b704509ff4761f2ec4531d9355cc7ce WHIRLPOOL c5f7b605f566f94ad170c4819c378f9a1e3ae2740130000d9bea4c741f29365a1b5a1f1d495646e866c39a18d7da1236d731861005099457e09bead9fffa8105
-AUX qemu-2.7.0-CVE-2016-8576.patch 2092 SHA256 dbe3ee6778cdd802fbd7d7cb2aa991cc73e6be160bad90f2e40de02ab820a865 SHA512 25daaa79f4cb355c5dce639a14c2e265142a0c83bdbc813816789f37e293846f3768f08b9f04f692ce5b8719dadd2dbedb75f314a3f441a70e0789ecc88eb8de WHIRLPOOL 25fc67d9dc8e8d8345778b46b16f9f7c5d6da39ebefea60ef81b20e4685014a019d4c39a6619dbf48411800ae9e9c383a7243fb055ea1f2bd0b2cb7e1a2c8d4e
-AUX qemu-2.7.0-CVE-2016-8577.patch 1020 SHA256 fbe7b6183f019ed6c8c6afeeed4854c23991d3f18501e8f3403df8812cefd420 SHA512 364434deb120856a114a94aaab2edbaf9e5f9246e6393f584949a6b706dbdc5b711f459a48e3825554e2fa9595a1aa78fee3711cfeba3b94219b4f47e269b2de WHIRLPOOL 561f7bd41f0ac439808070757cdff9f69f6a378fe6610269c32d600575ed60b22919f4d3ea08f621648dbf3e5e97290737005e9df5949bdeeba9319901cf427e
-AUX qemu-2.7.0-CVE-2016-8578.patch 2208 SHA256 9b0e7852aefeb3950de38babec7a30f3225342670a72160829baa5e50786bdef SHA512 326ec2112b1cbaa4b4ddcacc02f4accd5b73e78db07e93b229d891f4cbc8d5a2db82c727d920613abd1668402ffeb16a223d8271db569435966aaece271da875 WHIRLPOOL 88ca80aa1883813f1ec9c0802e830f719317130de6959df393188e4e82764125868baec038a1dac94eab33851706838d245b205edcbf8e1864ceb83257648b99
-AUX qemu-2.7.0-CVE-2016-8668.patch 1124 SHA256 26f16376a73bdf9052039d1bd90545b75cc8fb0a89e0bffbf5881b537319b759 SHA512 de4df82297d199cadafefd57bc895cdf21c5acb0e0a6223212272991b652c302475d8662fb013d6a3e949d2e57a14a0ac6d861f486de8b5130fd84d66957c899 WHIRLPOOL 3995164f25accfd5c837c85fbb590acd0b7effb08370a7d4c0cb03c042ee03b2b10ca9892bd50251d17a1ba2ffff1e7a04e918f4d4e1c85406df95a6802c03c2
-AUX qemu-2.7.0-CVE-2016-8669-1.patch 911 SHA256 ad841a34490a02123df31aef5a0b9d31912eec8465e0c5da7cf73dc880ffd8f4 SHA512 23a26716ea554d9af73afb08d3a3d1e668e23bc0710508196039454dfccbe3764feda63d901a9c053c52af92cd069f5a4f078efdc9924f6d3cfe6a21f9d287de WHIRLPOOL 412d7a4be19defa4a098fad6a66cadd7eca9cb5971828636dfd20a57b3eef09f3801660dbf507ac1ef0fa82f9f01583e9c5e2b1e45c016adb535cd951ff16eff
-AUX qemu-2.7.0-CVE-2016-8669-2.patch 1037 SHA256 176a35f5191023ad665cb4019663618d48948b174b16888776245d1a001ec186 SHA512 82a71c9566f37aceffbbaa45547bc686c028353a1845bd63e49550e71201921bc2fb9793077fc1fc74d77417da84dae71e0862243acbb3d900db258a343b8ede WHIRLPOOL f489c52bf2ca6e434695a5ca12af64a83e6534536c07b02c54f82c72e59e3f026e6a9fd9cec5eb62e2cf8d009f878ac1015f58d9f5ba725a03e1e194c4abc96c
-AUX qemu-2.7.0-CVE-2016-8909.patch 980 SHA256 989210bfac97091e67fbe973be7a6d8aa0e6411069904a07f7c57c67e8539bb8 SHA512 23a1cfa4f257e598152d92e11d94e88c52b3702aa585fba3a71340ee16dfbd29234d6e5c81613ea71b64cead8dcdbb536246096b1c374290aa39871daacb25af WHIRLPOOL 9909ed14f5fa4a1d2ea0f8bb13f5a0e08e2f7888078e1f5b4cfaf381ccabeac22c998c9785efee6a307dbeed45801d8354650c18c6920bfb13da030127d9da7e
-AUX qemu-2.7.0-CVE-2016-8910.patch 848 SHA256 919e566e98434486f89ecfc3158ccee59c5bbdf3848b2a668136901871f5f1ab SHA512 1f695ebc2f10b2cda5a9b93c097adb49858af94817c14a406c7d26edd42353c776b0afc4779bc1c6f930dadcf450906924f8080ca5c87eb7c7e6b5694464dc7e WHIRLPOOL 574900ab3eca13429769c7e2b56fd4e4b1220800b2e5bc933eef502c633614eab22cba6af4fdd1fd55e3a7e70d3d5ead1cb1970f8211b5f4fc43e3d782865f1b
-AUX qemu-2.7.0-CVE-2016-9102.patch 739 SHA256 ae425fbbaf6dedcf6eabe3d1f0bd300be70550f7bd77290536617372eed96766 SHA512 dbf40c7f0a055d10fbb5d02b21e8c3f62dc9bb2718639eb3dec007ba610aa0a045c1a449a7b3aa02a21056807a25d6e523eb782d79b2a249df1258af1dadefad WHIRLPOOL 89ea3815b9d744a98ff49df65a514a20966c7ada508e33dbc73704d60c75c48f6f544bf658180a2b73ca612bcc62e2e146b0efdbbc51456ba81518c5b28c80dc
-AUX qemu-2.7.0-CVE-2016-9103.patch 1002 SHA256 009696b3403c0481223fac6bc93976fc85727eeb0716a9e19545e8ac4da95e8d SHA512 0f47c2d13cbda36a7796773150865001060e4b530d76ca6b0c46d1041108a57830939b0dc7cdc960ccc705bcd463dd57505d748edf36610d7de2af2560e62597 WHIRLPOOL 8d4cb500025f59075a1038cefe0c8ccd063282527b35873cdd9d29ba58cdaa3fc285d5191657ecdef2b056a017f89d8f66f4a544f201e5952426d6dd619b23ba
-AUX qemu-2.7.0-CVE-2016-9104.patch 2890 SHA256 7ba38b43519eb8f9c8c70daaa1705c01a331cbb98b4d4f8eeed31da207f3a13b SHA512 7f6d84f12e8372b72fe4db8e47064ecc7ea0698bb7c5dc0285316354461edb35e01ba76a6e16c1bf7e03d5f0070822f4bb61655e44af5536ee81970b4ff937e0 WHIRLPOOL 3f8e973cf28040422d25394b14f3b99894796b64408a3c15957d628d74076bc1e577ea2e2803e428d85b94607c74f81d23219d9487aa0085a80a2e89d78a5829
-AUX qemu-2.7.0-CVE-2016-9105.patch 610 SHA256 f4303796ece1e46f6e622e8cd0c9029daa0a6ed29ef630a0c64a5c595dbeb1b3 SHA512 1ab19ef861b6fe55017d02b7cbf24ad60776ed64e052d6e1b670c9aac7e312207718fcf601e9dba4bdd2c9104b9be25bcf0055b42e080b1f8abf9bc3f7db0b36 WHIRLPOOL 07fe76de2d2d68bcd091e90cc9578b17d5a8ad12ab316683d6e4badea443d08e08060a4e206f555c88b60b0a45f4ba49c9d11f42ee44b5b43200843c37329dad
-AUX qemu-2.7.0-CVE-2016-9106.patch 835 SHA256 594213b4200ae109dfbc6ec8e536d275d798c756a25e130a86972c514730f541 SHA512 6a3249f47fecdbe28eec496eb1284296d04d9e75efab21ab226d6ef2d5254bd85a44aa08879b1922682b65b5bce2e699ccaafa3a2b8b6f60ccbc84432bc599cd WHIRLPOOL b80c2787cbe71f416a7ea2aa39e800922b0a8a410eacb038d0163dfbb91f6a41cc2ae5afb010a7395ef17207e6b1acda34cddd9ff9d1ab035330ade6334e8b8c
-AUX qemu-2.7.0-configure-ifunc.patch 517 SHA256 40f6183f1f490216855e83cf03bf21ec8d23786acf83cda21292fea92776d898 SHA512 e34476b5fc5039091862dc9e93c47b69e203e7e394092e7e0bda467b7523e0b5b743c2c6eaf1f36fad3ee743278e321a50d356b6365e2340280556ca6d9b32ad WHIRLPOOL cb6f92a70f91557f14a0f6719d1b3a4dee9cfcb5c34aa897eee0ad48d13c45255252666d826ce00f3183da86b9b265e0dd93aa9b85210cde2a7ce3de56644e59
+AUX qemu-2.7.0-CVE-2016-8669-1.patch 1010 SHA256 3bc03869bede80013abb94ee029625a382c8059bc9474d9f6fd8e23840cff159 SHA512 53643363a470fba9b82c02b90f2573e45f59f5057993b2c15e1608916ece7f8582b4a84179e8ee70fcb8e3f3eb8a538a058401049ea38242bdb640c14ec54f7e WHIRLPOOL 873ed9b9784bb5757a07c1a494f70603cbe82751222d68a883327424e0d7e87d536400eca5fc7406080cbde2ab0a8fe0b3ee5c6dff81624db5d6d5964fec81be
AUX qemu-2.8.0-CVE-2016-10028.patch 1384 SHA256 25a9f2b2014bbcbb008683211503716a2b4a0e8d96ea001d32b87d451cee1842 SHA512 6cfad99e54cfaea97f5c14fbbfe35768a8ea46196117bf770725e1079f9bccca3b7071416a14e60a36c3c919760ab49663fc8b551026c8cd58c10b3f2d7940b4 WHIRLPOOL 5c0c8350112cb63c8b3db7a15a9090cd2fba879317565b108285fd92c23a8b75a593a65d94b6e448086b126a735056065d07c1877abdb6815ebaa430cf4adabf
+AUX qemu-2.8.0-CVE-2016-10155.patch 1558 SHA256 53c20d983847a716f3f708c50ffbeb9d44fd8718f39d86556ae44394d1b2a624 SHA512 4ebfba87927c9f58fe1a0aa05b5850d391698617ce7c3e002d3adfd981ed8c23d35a6863e14f52264576dda31f84dc25421d2f930547f82ccfde126137d91aea WHIRLPOOL 44366afdf52eed47c28a6e9cec1ee7c613b5bac6441cf4f7bf29b30ef6ec7504e72a2d8c873a949e46f1cfd3055a407b673d6151802ab3c957cde8faaed20903
AUX qemu-2.8.0-CVE-2016-9908.patch 1166 SHA256 22ef4999a3daf3c46a3c90ca20fb131545d4d0befeff7c3ca870585a3e03b7b7 SHA512 c46abda3a5b1a68c7c2e5236f8e424f4569a28ba2aea9b8ec32467e55b535492da6e4702d4758a5721f1bf222f7f2554a5e4c9a190781d60c40202a5291dcf49 WHIRLPOOL aa8087350770ecbb60049e3269ddf9d68258657ef6a088b562e344056689e578a390328dde9c5d2b5024e7fa03995b571295a1d64943d9b3882cf0c5f833dbd8
AUX qemu-2.8.0-CVE-2016-9912.patch 1307 SHA256 e3eac321492a9ef42d88b04877511255c3731a9bb029d7c6ab2da0aa8f09e2d8 SHA512 f9ba4f167334d9b934c37fbed21ded8b3d71e5bdbdb1f15f81d4423b0790bfa127637155d5863b563fa974f1421c4ace1f2a4e3e81e3ae3d6045b2083210b103 WHIRLPOOL 7aa8dab7b6462f142365d274e6131ca1630c396e36c851cb562c081c4243c58e2ae22cf682e51145af08befcaba395254c765cf56112a6c177e1c9a18ffb5926
+AUX qemu-2.8.0-CVE-2017-2615.patch 1720 SHA256 33f3f81ff8e5dacfc4f33dd48bd7833843c209f6d2bd5b3102cc5694ad85a593 SHA512 32063428286a49a12daa481ba87f1b09be6504bf24c5759aacf88ef436312a890dfe44d08457d8b426f86ce7680700d32fb21a255a6db8eb512e612c16770d36 WHIRLPOOL 9f1eed6c6c3eeb1e8991d1aa82e12a004c223bdd635ec48e433ca93d054aa3dfb5986fe01e36df157ef20c685e07595eebdf5fe16ed7cf9034e1c9ddf8304dbb
+AUX qemu-2.8.0-CVE-2017-5525-1.patch 1625 SHA256 88e253c306761017d66dca5b72184f89cebf3b617db7bc0e4b27025757a66181 SHA512 a7f82374ec4e264b065be7ba63c197d93fee230d68819bf68a0a67c84f89182d0cc0a42b9aadf53a8a903d640dacc55392174c7820379e92ad0e35c86c35a2dd WHIRLPOOL 63e192dc0e075139f18aee2d0541c75021852a7d7251321ca8fe7f9b793c72786a6aab878e308931289eab3c07c3cbbc8ad32b67de1193f85b672e16a8372495
+AUX qemu-2.8.0-CVE-2017-5525-2.patch 1664 SHA256 ab03a1cff62164090133f0dbace9724302e806a808b18d64628d12f0bd9abad6 SHA512 ac1d89331c3fc4d0ef7af411a12654329057676e9f016cb9a4a46dc9b4e01092c17af33d095f3104e71094ae585a35a8276a98560dd97f8d045e0b9fd2f0069f WHIRLPOOL 20457d7fe5b3842c0c601068dba410586fc4b4c7fce81ba3ee436a6cfec3b1b950797d6ca9a2a573fef21a29421f8c04a34d1dfefe0b7ade03a6ca51d16d99cb
+AUX qemu-2.8.0-CVE-2017-5552.patch 1481 SHA256 26616f16434b3aff65b1cd1ce82c6abdfbd44da8a047a5a32b1e07755c9a3e1b SHA512 3c3f5027be3bfe56c1445004bd28536e11f606cc6787fcefad3da267eb3e11b61110c8a4700fd9d6f95ce50f10a2678b2bc6f950297b949b837882a68901d6e5 WHIRLPOOL ca93726b8a0567f68fac634eef1e88c997c1e959cafb33bc6ba8871d9021591bb61be6b3635d3fac111e1e177dbbff939c93580d7f0824e752b378dbc38fbc45
+AUX qemu-2.8.0-CVE-2017-5578.patch 1084 SHA256 a7639fc84377b23ebc55dbb1c6d8c53bb2e6230be03b2efba78108257058d8b4 SHA512 8d160d56a94ec9380640badcab29fdd05f2f665377febd1b7e71a9c619d9db963eaa74cf74a2e0287fd2f6e2a7d4bce0f8e4281b3b0292347eece52b7344243b WHIRLPOOL efd3238bf720a1051a41ea621601afeea7546cc7e48d4a7f23bc0b3277bee368bb259a2735e6290b4609e78a1e54e29fe1ba7b088824284787faddc84491d876
+AUX qemu-2.8.0-CVE-2017-5579.patch 1132 SHA256 df32524c24aa4d7d9166bb5e159ba10023c7777b9583e920bd8590feec433580 SHA512 d4669821ae8e06a31b852a31699aa26421ce5fb6c049573cb6613515da486e390d8ddf71adb4e6c1a45a15bb468bbb45df68cbf5e9388660c9c03866becb9edd WHIRLPOOL 0d5ed483c6e3f849fc4b9568a3af4c086258ef1162a4e11baa65bcf35eeb8a505c8b7de935175fdc53e7284e23eb492a95326cdea6c690283085136cb02d3b7a
+AUX qemu-2.8.0-CVE-2017-5667.patch 1497 SHA256 e05e21c45d8c05392215db0bff3e161c68d64b0b9e42add18307346b3a4d4bc3 SHA512 7c518736ac09d6c37fd359a8a503713f1b76d6041038f58e7648bb69251d6039c3449593eb14a5e0f2649d12856964a42d48e4ee0bb9dc664ada2852f9ea3cbd WHIRLPOOL 0e74b2671f148fa9f31674e6dd80634064fb8d24be474eaf9ea1efcb6cf427314da75187a32eed874ea4bde19e8dfc4562d5af06893ce3beeef7de8f902dd698
+AUX qemu-2.8.0-CVE-2017-5856.patch 2224 SHA256 92ddbba8c0d21bdae5b11ae064c21da939cbbb1fd0e6aa10477efced6bf9582f SHA512 7e043d8299d67d33c12bf5591f0881029013852df2243c2ea747fc6c4d1d6c0acffbaef7538634a60f8f875da94bb71db3e3a07972de066b7ac5d49e4d3cb906 WHIRLPOOL b5f38b059e4305b352e3807c2b7762fe856d1067431452fbbf991415ad17f25d152225d9e0ea61b5e8175e42abebbb2abdd85ac37f301ac123f81af822ff2f02
+AUX qemu-2.8.0-CVE-2017-5857.patch 1326 SHA256 e2150a7cc92b72e3f20506b9c76b40599af8d2366d25bd9b245a0bffa66ad8eb SHA512 d6d000b57f1fb194f9554165621109b364ebdb61416bc07e2283f2d493c33e770d1b63002d62565aae1ac19ed0ad9e572c207341aa1ad023581f349f62158d30 WHIRLPOOL cbe84c67ba9bb368baf2b1842e8c7c1ee3fb720630bcd53fdbdef9e8f3efdb25c1a927d0f65c9d1f6def28defe6997943a7867e8225eb12e395a0811ad3e32a1
+AUX qemu-2.8.0-CVE-2017-5898.patch 1412 SHA256 7f44668d51a94d19fcca0f496d8ac798fd654afe25d2998f7d07a148a836ade9 SHA512 2cd9af4957849a5d72dc0f0fbb30852870306ebc0a348cf5951df58d3029d1aae52df9261d2e4a9d7a4f132f78c390af8a049e1f109b324899bccd91e5c10d1f WHIRLPOOL c48e1fe163761880adab990683dc5d54ee31173763f11239ffee7c229bd65a2958a696dede39e7e645860980e2a7c5c6e5873e5db53872ac373d8d2415a167ab
+AUX qemu-2.8.0-CVE-2017-5931.patch 1696 SHA256 cdb1ea1306bf00042f13637eef78d3580e34b88c11716e62fad69931eb3d7ac6 SHA512 5b9a00f0964b153df7630655480b646e6615e831fd981642987d8691e9ddd265f64285d0e70c4f536bb370adb03a75548f7258bee8dbc2b7de15a3984fc8421b WHIRLPOOL c6d9440adf57ad1b560da03a455d9bdc3094c952f3c82a5e88fa6f2d0336ab767f0617b2916b68a5e3f5d30293749be40c12dfe93e8b7525fec9b8a453a65123
AUX qemu-2.8.0-F_SHLCK-and-F_EXLCK.patch 574 SHA256 d02353daa0ecfe161e938a5e54feab641b901f4a35c8f5831133676a6f53f43f SHA512 6b64750335aae1142ca9132fb766ac2aaeacfcdda0aa0cfca19afc4c3ea3806e30ce603fcec3767e40e84efb0ae8b9a23f21d46c807c13bb646be74f99e13389 WHIRLPOOL 7401c3daf162c71a5a5c3729855fddb5df95609b34c86ea0f4d872c8f132d6ac089cfb35a990af70aef8b7b63fe075a1e2be376b6db09bc70e8d51e48aded354
AUX qemu-binfmt.initd-r1 7966 SHA256 5b4b432aa1e44f387c9eb789de0ec6322741fd36dd241f76520f17c6cd6ac49b SHA512 2ba0bff6eb2b6bac4ed440f793771ce9551cad48e38bddb6cf04f804faac2407e80879f66771910344ddcea45f0014095dcc8bfeb0aad5085ef048fd3612dbd8 WHIRLPOOL a2a1fb830a970757d1e203378c7d382b161b1040f3b8aaf0f22bb3b5e46467eff395474ff40d93c9f133bab307b345a6f75d63eae9f8dd8daf67324db41032f9
-DIST qemu-2.7.0.tar.bz2 26867760 SHA256 326e739506ba690daf69fc17bd3913a6c313d9928d743bd8eddb82f403f81e53 SHA512 654acaa7b3724a288e5d7e2a26ab780d9c9ed9f647fba00a906cbaffbe9d58fd666f2d962514aa2c5b391b4c53811ac3170d2eb51727f090bd19dfe45ca9a9db WHIRLPOOL dcb3e5f7da89dd8e14d636d7ebd476e076e0043880bb9ea3fb1c03cb4bcd4e5c7d3c4719da26c3ce521e3a3db5ae671e86f198ac1bc3474e774d75504fef8b8d
-DIST qemu-2.7.1.tar.bz2 26868403 SHA256 68636788eb69bcb0b44ba220b32b50495d6bd5712a934c282217831c4822958f SHA512 16a83946e9064733254c82c961749bf9c56a0a2a8ee46145b4a78e1452ac0e2548d888963d18c80e28f65202890fd643b0011951b5b1c66ef16234767ed91898 WHIRLPOOL ae3d3c2b2a3700613733659847de6187755631cb09e8c3548ea30cd994357c9ff128646edce88dfe4dce53e6c1c0f37f8de3688ee7e22262033b40f3fc706efa
DIST qemu-2.8.0.tar.bz2 28368517 SHA256 dafd5d7f649907b6b617b822692f4c82e60cf29bc0fc58bc2036219b591e5e62 SHA512 50f2988d822388ba9fd1bf5dbe68359033ed7432d7f0f9790299f32f63faa6dc72979256b5632ba572d47ee3e74ed40e3e8e331dc6303ec1599f1b4367cb78c2 WHIRLPOOL 0ce4e0539657eb832e4039819e7360c792b6aa41c718f0e0d762f4933217f0d370af94b1d6d9776853575b4a6811d8c85db069bf09d21bd15399ac8b50440ff5
-EBUILD qemu-2.7.0-r7.ebuild 22495 SHA256 a606d5b6805d24191245b4191c1f62a09096d8ee283c62629f038851b4c8e6c5 SHA512 c45e516c4c45b5a1eaec06d046cebf129f1422c2d5910699c0a367a4c8c7d49e323a6addc765e1ec57209df12270e196169e52a7618afef28019be06feff70ea WHIRLPOOL 94ae6ab13fc03450ce5b6b0e5840e488401116d6bf60ec411cc01f39f2d10931bd65572f25bdf958e9f94bb4f6582795018039b5b4c988fa3bd5dee928014c65
-EBUILD qemu-2.7.1.ebuild 22161 SHA256 a7d2ff5c706a35a1b2c5610866215a5db04674ce68fb01e3e076b68839dcafd8 SHA512 7d30615832f2fecf89b472c4ea56446335176a330a7d64693ed7cc9becd47a1f40064fca191467deb8603116b4f69307d7968971c9b3845356b8b8d4cf053472 WHIRLPOOL 23bda8ca28ff8620739c604289a0d81ec4d16c1908b8c02df7833f9c0d98f698922650636456ac0bcc285357836af23ffd28bf3b8c2653a690a86fa5ae662a61
-EBUILD qemu-2.8.0.ebuild 20949 SHA256 468944f9506df374711bdc5e87fcd2bcc2b823061b23ab8561642c41755e510a SHA512 d3f7cefab4fe282c72f30e1c2232eca7faac63c2b4d4172cc5b9f8ccb43ee2eb7a5602ba895c4ee5221f8cccfe62b89dc65cedb7e6932b696952be7f2052605b WHIRLPOOL 50c2b17b13715a0750bc48ff24fd71ddc13a5af1a7f2f2de5edde261f4d9c3a7ccc07c665385c444183743610f85bd6cc623e57e322e85e19f8ce3b874ca093e
-MISC metadata.xml 3925 SHA256 d1c219b7da0cbf77919cd1e055acbb3f6788a574fd802c98a43c89a411697b36 SHA512 3ff45d1c8ede12b4eedc7d01f39777b76a1cbd0ba9364299dec99d4b4a05cade5784d6f6e50197d5b5ae1f1b8e831c49da195eb53263c49b7d16aec8ee28b6e6 WHIRLPOOL bc25783fac0f3f13318834cc535404af9af20de16c7aeec222e59dc2ed7740ac5e767b329a5bcd6356d0cbae2428e278515f1446aa8ecb87a873bf4dbe04bf41
+EBUILD qemu-2.8.0-r1.ebuild 21623 SHA256 6e5cf2427f830d730b93ef0526ceaf126af7513ed011d7ee3cf192ba7687e837 SHA512 03f49ad75e1fb4f43811624d7b8cd6b82a012b6a32f74f371421d246962cea88d2a498a664b659bbe1bda6cff9a9da43e550e7d4c71a55a5a2110a4b5b8c7462 WHIRLPOOL 06a247c8306de45b424266661797b4a64339daf4b8177c9eefb707bab06d497cb5410c59c9a89b0693cb14fd5ac293b537e81cf3da24b2be711d9db8fa3a0a9d
+EBUILD qemu-2.8.0.ebuild 20856 SHA256 5cf0517d3327eac95727067f80702639132b87603029951ef2db8086f6fd34ae SHA512 10bcdad90a85786f0d2e4044be010e5d87f54fd0710c889205060e1404e5a24004e0095d7d3ee0f62735e3ab88d2af5986d371769125b13ffc5689edc5a95be8 WHIRLPOOL af455544650a9c0cb4bc2be588e3687dea90d14bbc3dad1aa76bcf65376317b85374151eee761239868b3ce8aaae089e4278b3897e5f013e4652c6801c66c9b6
+MISC metadata.xml 3854 SHA256 326fc14b3867842cc40bc364d91e2ca60ca63651e4a17040254166fa09cec04a SHA512 2e3bbdf84b7b03aedc43621b47e02b8da242fda917dcdf4b2d7532210aaa79c6fbea52a6b8157cdf90cd1e4e282610c0254b96a7a14b285e910d61203acd6461 WHIRLPOOL 539ca48b54055e594e16b76341879540d4f302d502c39d1901ed4fd7cc80b186ba29845759d02c60bf4560b8b14ec4fa40869d341e432a025dc792fb38f8eae1
diff --git a/app-emulation/qemu/files/qemu-2.0.0-F_SHLCK-and-F_EXLCK.patch b/app-emulation/qemu/files/qemu-2.0.0-F_SHLCK-and-F_EXLCK.patch
deleted file mode 100644
index fb5ad59..0000000
--- a/app-emulation/qemu/files/qemu-2.0.0-F_SHLCK-and-F_EXLCK.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-Copied from Alpine Linux
-
-This patch was not upstreamed to qemu as those should probably be
-defined in musl libc.
-
-diff --git a/linux-user/syscall.c b/linux-user/syscall.c
-index c8989b6..00ed747 100644
---- a/linux-user/syscall.c
-+++ b/linux-user/syscall.c
-@@ -114,6 +114,13 @@ int __clone2(int (*fn)(void *), void *child_stack_base,
-
- #include "qemu.h"
-
-+#ifndef F_SHLCK
-+#define F_SHLCK 8
-+#endif
-+#ifndef F_EXLCK
-+#define F_EXLCK 4
-+#endif
-+
- #define CLONE_NPTL_FLAGS2 (CLONE_SETTLS | \
- CLONE_PARENT_SETTID | CLONE_CHILD_SETTID | CLONE_CHILD_CLEARTID)
-
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-6836.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-6836.patch
deleted file mode 100644
index 56f7435..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-6836.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From: Li Qiang <address@hidden>
-
-In Vmxnet3 device emulator while processing transmit(tx) queue,
-when it reaches end of packet, it calls vmxnet3_complete_packet.
-In that local 'txcq_descr' object is not initialised, which could
-leak host memory bytes a guest.
-
-Reported-by: Li Qiang <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/net/vmxnet3.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
-index 90f6943..92f6af9 100644
---- a/hw/net/vmxnet3.c
-+++ b/hw/net/vmxnet3.c
-@@ -531,6 +531,7 @@ static void vmxnet3_complete_packet(VMXNET3State *s, int qidx, uint32_t tx_ridx)
-
- VMXNET3_RING_DUMP(VMW_RIPRN, "TXC", qidx, &s->txq_descr[qidx].comp_ring);
-
-+ memset(&txcq_descr, 0, sizeof(txcq_descr));
- txcq_descr.txdIdx = tx_ridx;
- txcq_descr.gen = vmxnet3_ring_curr_gen(&s->txq_descr[qidx].comp_ring);
-
---
-2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7155.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7155.patch
deleted file mode 100644
index 495faf2..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7155.patch
+++ /dev/null
@@ -1,81 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-Vmware Paravirtual SCSI emulation uses command descriptors to
-process SCSI commands. These descriptors come with their ring
-buffers. A guest could set the page count for these rings to
-an arbitrary value, leading to infinite loop or OOB access.
-Add check to avoid it.
-
-Reported-by: Tom Victor <address@hidden>
-Reported-by: Li Qiang <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/scsi/vmw_pvscsi.c | 21 ++++++++++-----------
- 1 file changed, 10 insertions(+), 11 deletions(-)
-
-Update per review
- -> https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg00019.html
-
-diff --git a/hw/scsi/vmw_pvscsi.c b/hw/scsi/vmw_pvscsi.c
-index 5116f4a..4245c15 100644
---- a/hw/scsi/vmw_pvscsi.c
-+++ b/hw/scsi/vmw_pvscsi.c
-@@ -152,7 +152,7 @@ pvscsi_log2(uint32_t input)
- return log;
- }
-
--static int
-+static void
- pvscsi_ring_init_data(PVSCSIRingInfo *m, PVSCSICmdDescSetupRings *ri)
- {
- int i;
-@@ -160,10 +160,6 @@ pvscsi_ring_init_data(PVSCSIRingInfo *m, PVSCSICmdDescSetupRings *ri)
- uint32_t req_ring_size, cmp_ring_size;
- m->rs_pa = ri->ringsStatePPN << VMW_PAGE_SHIFT;
-
-- if ((ri->reqRingNumPages > PVSCSI_SETUP_RINGS_MAX_NUM_PAGES)
-- || (ri->cmpRingNumPages > PVSCSI_SETUP_RINGS_MAX_NUM_PAGES)) {
-- return -1;
-- }
- req_ring_size = ri->reqRingNumPages * PVSCSI_MAX_NUM_REQ_ENTRIES_PER_PAGE;
- cmp_ring_size = ri->cmpRingNumPages * PVSCSI_MAX_NUM_CMP_ENTRIES_PER_PAGE;
- txr_len_log2 = pvscsi_log2(req_ring_size - 1);
-@@ -195,8 +191,6 @@ pvscsi_ring_init_data(PVSCSIRingInfo *m, PVSCSICmdDescSetupRings *ri)
-
- /* Flush ring state page changes */
- smp_wmb();
--
-- return 0;
- }
-
- static int
-@@ -746,7 +740,7 @@ pvscsi_dbg_dump_tx_rings_config(PVSCSICmdDescSetupRings *rc)
-
- trace_pvscsi_tx_rings_num_pages("Confirm Ring", rc->cmpRingNumPages);
- for (i = 0; i < rc->cmpRingNumPages; i++) {
-- trace_pvscsi_tx_rings_ppn("Confirm Ring", rc->reqRingPPNs[i]);
-+ trace_pvscsi_tx_rings_ppn("Confirm Ring", rc->cmpRingPPNs[i]);
- }
- }
-
-@@ -779,10 +773,15 @@ pvscsi_on_cmd_setup_rings(PVSCSIState *s)
-
- trace_pvscsi_on_cmd_arrived("PVSCSI_CMD_SETUP_RINGS");
-
-+ if (!rc->reqRingNumPages
-+ || rc->reqRingNumPages > PVSCSI_SETUP_RINGS_MAX_NUM_PAGES
-+ || !rc->cmpRingNumPages
-+ || rc->cmpRingNumPages > PVSCSI_SETUP_RINGS_MAX_NUM_PAGES) {
-+ return PVSCSI_COMMAND_PROCESSING_FAILED;
-+ }
-+
- pvscsi_dbg_dump_tx_rings_config(rc);
-- if (pvscsi_ring_init_data(&s->rings, rc) < 0) {
-- return PVSCSI_COMMAND_PROCESSING_FAILED;
-- }
-+ pvscsi_ring_init_data(&s->rings, rc);
-
- s->rings_info_valid = TRUE;
- return PVSCSI_COMMAND_PROCESSING_SUCCEEDED;
---
-2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7156.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7156.patch
deleted file mode 100644
index 9c21a67..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7156.patch
+++ /dev/null
@@ -1,62 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-In PVSCSI paravirtual SCSI bus, pvscsi_convert_sglist can take a very
-long time or go into an infinite loop due to two different bugs:
-
-1) the request descriptor data length is defined to be 64 bit. While
-building SG list from a request descriptor, it gets truncated to 32bit
-in routine 'pvscsi_convert_sglist'. This could lead to an infinite loop
-situation for large 'dataLen' values, when data_length is cast to uint32_t
-and chunk_size becomes always zero. Fix this by removing the incorrect
-cast.
-
-2) pvscsi_get_next_sg_elem can be called arbitrarily many times if the
-element has a zero length. Get out of the loop early when this happens,
-by introducing an upper limit on the number of SG list elements.
-
-Reported-by: Li Qiang <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/scsi/vmw_pvscsi.c | 11 ++++++-----
- 1 file changed, 6 insertions(+), 5 deletions(-)
-
-Update as per:
- -> https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg01172.html
-
-diff --git a/hw/scsi/vmw_pvscsi.c b/hw/scsi/vmw_pvscsi.c
-index 4245c15..babac5a 100644
---- a/hw/scsi/vmw_pvscsi.c
-+++ b/hw/scsi/vmw_pvscsi.c
-@@ -40,6 +40,8 @@
- #define PVSCSI_MAX_DEVS (64)
- #define PVSCSI_MSIX_NUM_VECTORS (1)
-
-+#define PVSCSI_MAX_SG_ELEM 2048
-+
- #define PVSCSI_MAX_CMD_DATA_WORDS \
- (sizeof(PVSCSICmdDescSetupRings)/sizeof(uint32_t))
-
-@@ -628,17 +630,16 @@ pvscsi_queue_pending_descriptor(PVSCSIState *s, SCSIDevice **d,
- static void
- pvscsi_convert_sglist(PVSCSIRequest *r)
- {
-- int chunk_size;
-+ uint32_t chunk_size, elmcnt = 0;
- uint64_t data_length = r->req.dataLen;
- PVSCSISGState sg = r->sg;
-- while (data_length) {
-- while (!sg.resid) {
-+ while (data_length && elmcnt < PVSCSI_MAX_SG_ELEM) {
-+ while (!sg.resid && elmcnt++ < PVSCSI_MAX_SG_ELEM) {
- pvscsi_get_next_sg_elem(&sg);
- trace_pvscsi_convert_sglist(r->req.context, r->sg.dataAddr,
- r->sg.resid);
- }
-- assert(data_length > 0);
-- chunk_size = MIN((unsigned) data_length, sg.resid);
-+ chunk_size = MIN(data_length, sg.resid);
- if (chunk_size) {
- qemu_sglist_add(&r->sgl, sg.dataAddr, chunk_size);
- }
---
-2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7157-1.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7157-1.patch
deleted file mode 100644
index 480de30..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7157-1.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-When LSI SAS1068 Host Bus emulator builds configuration page
-headers, the format string used in 'mptsas_config_manufacturing_1'
-was wrong. It could lead to an invalid memory access.
-
-Reported-by: Tom Victor <address@hidden>
-Fix-suggested-by: Paolo Bonzini <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/scsi/mptconfig.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/hw/scsi/mptconfig.c b/hw/scsi/mptconfig.c
-index 7071854..1ec895b 100644
---- a/hw/scsi/mptconfig.c
-+++ b/hw/scsi/mptconfig.c
-@@ -203,7 +203,7 @@ size_t mptsas_config_manufacturing_1(MPTSASState *s, uint8_t **data, int address
- {
- /* VPD - all zeros */
- return MPTSAS_CONFIG_PACK(1, MPI_CONFIG_PAGETYPE_MANUFACTURING, 0x00,
-- "s256");
-+ "*s256");
- }
-
- static
---
-2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7157-2.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7157-2.patch
deleted file mode 100644
index 5e79608..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7157-2.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-When LSI SAS1068 Host Bus emulator builds configuration page
-headers, mptsas_config_pack() asserts to check returned size
-value is within limit of 256 bytes. Fix that assert expression.
-
-Suggested-by: Paolo Bonzini <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/scsi/mptconfig.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/hw/scsi/mptconfig.c b/hw/scsi/mptconfig.c
-index 1ec895b..531947f 100644
---- a/hw/scsi/mptconfig.c
-+++ b/hw/scsi/mptconfig.c
-@@ -158,7 +158,7 @@ static size_t mptsas_config_pack(uint8_t **data, const char *fmt, ...)
- va_end(ap);
-
- if (data) {
-- assert(ret < 256 && (ret % 4) == 0);
-+ assert(ret / 4 < 256);
- stb_p(*data + 1, ret / 4);
- }
- return ret;
---
-2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7170.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7170.patch
deleted file mode 100644
index 7eb5f76..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7170.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-When processing svga command DEFINE_CURSOR in vmsvga_fifo_run,
-the computed BITMAP and PIXMAP size are checked against the
-'cursor.mask[]' and 'cursor.image[]' array sizes in bytes.
-Correct these checks to avoid OOB memory access.
-
-Reported-by: Qinghao Tang <address@hidden>
-Reported-by: Li Qiang <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/display/vmware_vga.c | 12 +++++++-----
- 1 file changed, 7 insertions(+), 5 deletions(-)
-
-diff --git a/hw/display/vmware_vga.c b/hw/display/vmware_vga.c
-index e51a05e..6599cf0 100644
---- a/hw/display/vmware_vga.c
-+++ b/hw/display/vmware_vga.c
-@@ -676,11 +676,13 @@ static void vmsvga_fifo_run(struct vmsvga_state_s *s)
- cursor.bpp = vmsvga_fifo_read(s);
-
- args = SVGA_BITMAP_SIZE(x, y) + SVGA_PIXMAP_SIZE(x, y, cursor.bpp);
-- if (cursor.width > 256 ||
-- cursor.height > 256 ||
-- cursor.bpp > 32 ||
-- SVGA_BITMAP_SIZE(x, y) > sizeof cursor.mask ||
-- SVGA_PIXMAP_SIZE(x, y, cursor.bpp) > sizeof cursor.image) {
-+ if (cursor.width > 256
-+ || cursor.height > 256
-+ || cursor.bpp > 32
-+ || SVGA_BITMAP_SIZE(x, y)
-+ > sizeof(cursor.mask) / sizeof(cursor.mask[0])
-+ || SVGA_PIXMAP_SIZE(x, y, cursor.bpp)
-+ > sizeof(cursor.image) / sizeof(cursor.image[0])) {
- goto badcmd;
- }
-
---
-2.5.5
-
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7421.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7421.patch
deleted file mode 100644
index b9f3545..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7421.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-Vmware Paravirtual SCSI emulator while processing IO requests
-could run into an infinite loop if 'pvscsi_ring_pop_req_descr'
-always returned positive value. Limit IO loop to the ring size.
-
-Cc: address@hidden
-Reported-by: Li Qiang <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
-Message-Id: <address@hidden>
-Signed-off-by: Paolo Bonzini <address@hidden>
----
- hw/scsi/vmw_pvscsi.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/hw/scsi/vmw_pvscsi.c b/hw/scsi/vmw_pvscsi.c
-index babac5a..a5ce7de 100644
---- a/hw/scsi/vmw_pvscsi.c
-+++ b/hw/scsi/vmw_pvscsi.c
-@@ -247,8 +247,11 @@ static hwaddr
- pvscsi_ring_pop_req_descr(PVSCSIRingInfo *mgr)
- {
- uint32_t ready_ptr = RS_GET_FIELD(mgr, reqProdIdx);
-+ uint32_t ring_size = PVSCSI_MAX_NUM_PAGES_REQ_RING
-+ * PVSCSI_MAX_NUM_REQ_ENTRIES_PER_PAGE;
-
-- if (ready_ptr != mgr->consumed_ptr) {
-+ if (ready_ptr != mgr->consumed_ptr
-+ && ready_ptr - mgr->consumed_ptr < ring_size) {
- uint32_t next_ready_ptr =
- mgr->consumed_ptr++ & mgr->txr_len_mask;
- uint32_t next_ready_page =
---
-1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7422.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7422.patch
deleted file mode 100644
index 6368e7f..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7422.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-virtio back end uses set of buffers to facilitate I/O operations.
-If its size is too large, 'cpu_physical_memory_map' could return
-a null address. This would result in a null dereference
-while un-mapping descriptors. Add check to avoid it.
-
-Reported-by: Qinghao Tang <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/virtio/virtio.c | 10 ++++++----
- 1 file changed, 6 insertions(+), 4 deletions(-)
-
-diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
-index 15ee3a7..0a4c5b6 100644
---- a/hw/virtio/virtio.c
-+++ b/hw/virtio/virtio.c
-@@ -472,12 +472,14 @@ static void virtqueue_map_desc(unsigned int *p_num_sg, hwaddr *addr, struct iove
- }
-
- iov[num_sg].iov_base = cpu_physical_memory_map(pa, &len, is_write);
-- iov[num_sg].iov_len = len;
-- addr[num_sg] = pa;
-+ if (iov[num_sg].iov_base) {
-+ iov[num_sg].iov_len = len;
-+ addr[num_sg] = pa;
-
-+ pa += len;
-+ num_sg++;
-+ }
- sz -= len;
-- pa += len;
-- num_sg++;
- }
- *p_num_sg = num_sg;
- }
---
-2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7423.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7423.patch
deleted file mode 100644
index fdd871b..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7423.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From: Li Qiang <address@hidden>
-
-When processing IO request in mptsas, it uses g_new to allocate
-a 'req' object. If an error occurs before 'req->sreq' is
-allocated, It could lead to an OOB write in mptsas_free_request
-function. Use g_new0 to avoid it.
-
-Reported-by: Li Qiang <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
-Message-Id: <address@hidden>
-Cc: address@hidden
-Signed-off-by: Paolo Bonzini <address@hidden>
----
- hw/scsi/mptsas.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/hw/scsi/mptsas.c b/hw/scsi/mptsas.c
-index 0e0a22f..eaae1bb 100644
---- a/hw/scsi/mptsas.c
-+++ b/hw/scsi/mptsas.c
-@@ -304,7 +304,7 @@ static int mptsas_process_scsi_io_request(MPTSASState *s,
- goto bad;
- }
-
-- req = g_new(MPTSASRequest, 1);
-+ req = g_new0(MPTSASRequest, 1);
- QTAILQ_INSERT_TAIL(&s->pending, req, next);
- req->scsi_io = *scsi_io;
- req->dev = s;
---
-1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7466.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7466.patch
deleted file mode 100644
index d5028bb..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7466.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From: Li Qiang <address@hidden>
-
-If the xhci uses msix, it doesn't free the corresponding
-memory, thus leading a memory leak. This patch avoid this.
-
-Signed-off-by: Li Qiang <address@hidden>
----
- hw/usb/hcd-xhci.c | 3 +--
- 1 file changed, 1 insertion(+), 2 deletions(-)
-
-diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
-index 188f954..281a2a5 100644
---- a/hw/usb/hcd-xhci.c
-+++ b/hw/usb/hcd-xhci.c
-@@ -3709,8 +3709,7 @@ static void usb_xhci_exit(PCIDevice *dev)
- /* destroy msix memory region */
- if (dev->msix_table && dev->msix_pba
- && dev->msix_entry_used) {
-- memory_region_del_subregion(&xhci->mem, &dev->msix_table_mmio);
-- memory_region_del_subregion(&xhci->mem, &dev->msix_pba_mmio);
-+ msix_uninit(dev, &xhci->mem, &xhci->mem);
- }
-
- usb_bus_release(&xhci->bus);
---
-1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7907.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7907.patch
deleted file mode 100644
index 34b095a..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7907.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-i.MX Fast Ethernet Controller uses buffer descriptors to manage
-data flow to/fro receive & transmit queues. While transmitting
-packets, it could continue to read buffer descriptors if a buffer
-descriptor has length of zero and has crafted values in bd.flags.
-Set an upper limit to number of buffer descriptors.
-
-Reported-by: Li Qiang <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/net/imx_fec.c | 6 ++++--
- 1 file changed, 4 insertions(+), 2 deletions(-)
-
-Update per
- -> https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg05284.html
-
-diff --git a/hw/net/imx_fec.c b/hw/net/imx_fec.c
-index 1c415ab..1d74827 100644
---- a/hw/net/imx_fec.c
-+++ b/hw/net/imx_fec.c
-@@ -220,6 +220,8 @@ static const VMStateDescription vmstate_imx_eth = {
- #define PHY_INT_PARFAULT (1 << 2)
- #define PHY_INT_AUTONEG_PAGE (1 << 1)
-
-+#define IMX_MAX_DESC 1024
-+
- static void imx_eth_update(IMXFECState *s);
-
- /*
-@@ -402,12 +404,12 @@ static void imx_eth_update(IMXFECState *s)
-
- static void imx_fec_do_tx(IMXFECState *s)
- {
-- int frame_size = 0;
-+ int frame_size = 0, descnt = 0;
- uint8_t frame[ENET_MAX_FRAME_SIZE];
- uint8_t *ptr = frame;
- uint32_t addr = s->tx_descriptor;
-
-- while (1) {
-+ while (descnt++ < IMX_MAX_DESC) {
- IMXFECBufDesc bd;
- int len;
-
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7908.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7908.patch
deleted file mode 100644
index 16d072f..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7908.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-From 070c4b92b8cd5390889716677a0b92444d6e087a Mon Sep 17 00:00:00 2001
-From: Prasad J Pandit <pjp@fedoraproject.org>
-Date: Thu, 22 Sep 2016 16:02:37 +0530
-Subject: [PATCH] net: mcf: limit buffer descriptor count
-
-ColdFire Fast Ethernet Controller uses buffer descriptors to manage
-data flow to/fro receive & transmit queues. While transmitting
-packets, it could continue to read buffer descriptors if a buffer
-descriptor has length of zero and has crafted values in bd.flags.
-Set upper limit to number of buffer descriptors.
-
-Reported-by: Li Qiang <liqiang6-s@360.cn>
-Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
-Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
-Signed-off-by: Jason Wang <jasowang@redhat.com>
----
- hw/net/mcf_fec.c | 5 +++--
- 1 files changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/hw/net/mcf_fec.c b/hw/net/mcf_fec.c
-index 0ee8ad9..d31fea1 100644
---- a/hw/net/mcf_fec.c
-+++ b/hw/net/mcf_fec.c
-@@ -23,6 +23,7 @@ do { printf("mcf_fec: " fmt , ## __VA_ARGS__); } while (0)
- #define DPRINTF(fmt, ...) do {} while(0)
- #endif
-
-+#define FEC_MAX_DESC 1024
- #define FEC_MAX_FRAME_SIZE 2032
-
- typedef struct {
-@@ -149,7 +150,7 @@ static void mcf_fec_do_tx(mcf_fec_state *s)
- uint32_t addr;
- mcf_fec_bd bd;
- int frame_size;
-- int len;
-+ int len, descnt = 0;
- uint8_t frame[FEC_MAX_FRAME_SIZE];
- uint8_t *ptr;
-
-@@ -157,7 +158,7 @@ static void mcf_fec_do_tx(mcf_fec_state *s)
- ptr = frame;
- frame_size = 0;
- addr = s->tx_descriptor;
-- while (1) {
-+ while (descnt++ < FEC_MAX_DESC) {
- mcf_fec_read_bd(&bd, addr);
- DPRINTF("tx_bd %x flags %04x len %d data %08x\n",
- addr, bd.flags, bd.length, bd.data);
---
-1.7.0.4
-
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7909.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7909.patch
deleted file mode 100644
index 8e6ecff..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7909.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-The AMD PC-Net II emulator has set of control and status(CSR)
-registers. Of these, CSR76 and CSR78 hold receive and transmit
-descriptor ring length respectively. This ring length could range
-from 1 to 65535. Setting ring length to zero leads to an infinite
-loop in pcnet_rdra_addr. Add check to avoid it.
-
-Reported-by: Li Qiang <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/net/pcnet.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/hw/net/pcnet.c b/hw/net/pcnet.c
-index 198a01f..3078de8 100644
---- a/hw/net/pcnet.c
-+++ b/hw/net/pcnet.c
-@@ -1429,8 +1429,11 @@ static void pcnet_csr_writew(PCNetState *s, uint32_t rap, uint32_t new_value)
- case 47: /* POLLINT */
- case 72:
- case 74:
-+ break;
- case 76: /* RCVRL */
- case 78: /* XMTRL */
-+ val = (val > 0) ? val : 512;
-+ break;
- case 112:
- if (CSR_STOP(s) || CSR_SPND(s))
- break;
---
-2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7994-1.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7994-1.patch
deleted file mode 100644
index 6fe77f3..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7994-1.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From: Li Qiang <address@hidden>
-
-In virtio gpu resource create dispatch, if the pixman format is zero
-it doesn't free the resource object allocated previously. Thus leading
-a host memory leak issue. This patch avoid this.
-
-Signed-off-by: Li Qiang <address@hidden>
----
- hw/display/virtio-gpu.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c
-index 7fe6ed8..5b6d17b 100644
---- a/hw/display/virtio-gpu.c
-+++ b/hw/display/virtio-gpu.c
-@@ -333,6 +333,7 @@ static void virtio_gpu_resource_create_2d(VirtIOGPU *g,
- qemu_log_mask(LOG_GUEST_ERROR,
- "%s: host couldn't handle guest format %d\n",
- __func__, c2d.format);
-+ g_free(res);
- cmd->error = VIRTIO_GPU_RESP_ERR_INVALID_PARAMETER;
- return;
- }
---
-1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7994-2.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7994-2.patch
deleted file mode 100644
index dce1b2b..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-7994-2.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From: Li Qiang <address@hidden>
-
-While processing isochronous transfer descriptors(iTD), if the page
-select(PG) field value is out of bands it will return. In this
-situation the ehci's sg list doesn't be freed thus leading a memory
-leak issue. This patch avoid this.
-
-Signed-off-by: Li Qiang <address@hidden>
----
- hw/usb/hcd-ehci.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
-index b093db7..f4ece9a 100644
---- a/hw/usb/hcd-ehci.c
-+++ b/hw/usb/hcd-ehci.c
-@@ -1426,6 +1426,7 @@ static int ehci_process_itd(EHCIState *ehci,
- if (off + len > 4096) {
- /* transfer crosses page border */
- if (pg == 6) {
-+ qemu_sglist_destroy(&ehci->isgl);
- return -1; /* avoid page pg + 1 */
- }
- ptr2 = (itd->bufptr[pg + 1] & ITD_BUFPTR_MASK);
---
-1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8576.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8576.patch
deleted file mode 100644
index 9617cd5..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8576.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-From 20009bdaf95d10bf748fa69b104672d3cfaceddf Mon Sep 17 00:00:00 2001
-From: Gerd Hoffmann <address@hidden>
-Date: Fri, 7 Oct 2016 10:15:29 +0200
-Subject: [PATCH] xhci: limit the number of link trbs we are willing to process
-
-Signed-off-by: Gerd Hoffmann <address@hidden>
----
- hw/usb/hcd-xhci.c | 10 ++++++++++
- 1 file changed, 10 insertions(+)
-
-diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
-index 726435c..ee4fa48 100644
---- a/hw/usb/hcd-xhci.c
-+++ b/hw/usb/hcd-xhci.c
-@@ -54,6 +54,8 @@
- * to the specs when it gets them */
- #define ER_FULL_HACK
-
-+#define TRB_LINK_LIMIT 4
-+
- #define LEN_CAP 0x40
- #define LEN_OPER (0x400 + 0x10 * MAXPORTS)
- #define LEN_RUNTIME ((MAXINTRS + 1) * 0x20)
-@@ -1000,6 +1002,7 @@ static TRBType xhci_ring_fetch(XHCIState *xhci, XHCIRing *ring, XHCITRB *trb,
- dma_addr_t *addr)
- {
- PCIDevice *pci_dev = PCI_DEVICE(xhci);
-+ uint32_t link_cnt = 0;
-
- while (1) {
- TRBType type;
-@@ -1026,6 +1029,9 @@ static TRBType xhci_ring_fetch(XHCIState *xhci, XHCIRing *ring, XHCITRB *trb,
- ring->dequeue += TRB_SIZE;
- return type;
- } else {
-+ if (++link_cnt > TRB_LINK_LIMIT) {
-+ return 0;
-+ }
- ring->dequeue = xhci_mask64(trb->parameter);
- if (trb->control & TRB_LK_TC) {
- ring->ccs = !ring->ccs;
-@@ -1043,6 +1049,7 @@ static int xhci_ring_chain_length(XHCIState *xhci, const XHCIRing *ring)
- bool ccs = ring->ccs;
- /* hack to bundle together the two/three TDs that make a setup transfer */
- bool control_td_set = 0;
-+ uint32_t link_cnt = 0;
-
- while (1) {
- TRBType type;
-@@ -1058,6 +1065,9 @@ static int xhci_ring_chain_length(XHCIState *xhci, const XHCIRing *ring)
- type = TRB_TYPE(trb);
-
- if (type == TR_LINK) {
-+ if (++link_cnt > TRB_LINK_LIMIT) {
-+ return -length;
-+ }
- dequeue = xhci_mask64(trb.parameter);
- if (trb.control & TRB_LK_TC) {
- ccs = !ccs;
---
-1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8577.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8577.patch
deleted file mode 100644
index 8c29580..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8577.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From: Li Qiang <address@hidden>
-
-In 9pfs read dispatch function, it doesn't free two QEMUIOVector
-object thus causing potential memory leak. This patch avoid this.
-
-Signed-off-by: Li Qiang <address@hidden>
----
- hw/9pfs/9p.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
-index 119ee58..543a791 100644
---- a/hw/9pfs/9p.c
-+++ b/hw/9pfs/9p.c
-@@ -1826,14 +1826,15 @@ static void v9fs_read(void *opaque)
- if (len < 0) {
- /* IO error return the error */
- err = len;
-- goto out;
-+ goto out_free_iovec;
- }
- } while (count < max_count && len > 0);
- err = pdu_marshal(pdu, offset, "d", count);
- if (err < 0) {
-- goto out;
-+ goto out_free_iovec;
- }
- err += offset + count;
-+out_free_iovec:
- qemu_iovec_destroy(&qiov);
- qemu_iovec_destroy(&qiov_full);
- } else if (fidp->fid_type == P9_FID_XATTR) {
---
-1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8578.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8578.patch
deleted file mode 100644
index 74eee7e..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8578.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-From ba42ebb863ab7d40adc79298422ed9596df8f73a Mon Sep 17 00:00:00 2001
-From: Li Qiang <liqiang6-s@360.cn>
-Date: Mon, 17 Oct 2016 14:13:58 +0200
-Subject: [PATCH] 9pfs: allocate space for guest originated empty strings
-
-If a guest sends an empty string paramater to any 9P operation, the current
-code unmarshals it into a V9fsString equal to { .size = 0, .data = NULL }.
-
-This is unfortunate because it can cause NULL pointer dereference to happen
-at various locations in the 9pfs code. And we don't want to check str->data
-everywhere we pass it to strcmp() or any other function which expects a
-dereferenceable pointer.
-
-This patch enforces the allocation of genuine C empty strings instead, so
-callers don't have to bother.
-
-Out of all v9fs_iov_vunmarshal() users, only v9fs_xattrwalk() checks if
-the returned string is empty. It now uses v9fs_string_size() since
-name.data cannot be NULL anymore.
-
-Signed-off-by: Li Qiang <liqiang6-s@360.cn>
-[groug, rewritten title and changelog,
- fix empty string check in v9fs_xattrwalk()]
-Signed-off-by: Greg Kurz <groug@kaod.org>
----
- fsdev/9p-iov-marshal.c | 2 +-
- hw/9pfs/9p.c | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/fsdev/9p-iov-marshal.c b/fsdev/9p-iov-marshal.c
-index 663cad5..1d16f8d 100644
---- a/fsdev/9p-iov-marshal.c
-+++ b/fsdev/9p-iov-marshal.c
-@@ -125,7 +125,7 @@ ssize_t v9fs_iov_vunmarshal(struct iovec *out_sg, int out_num, size_t offset,
- str->data = g_malloc(str->size + 1);
- copied = v9fs_unpack(str->data, out_sg, out_num, offset,
- str->size);
-- if (copied > 0) {
-+ if (copied >= 0) {
- str->data[str->size] = 0;
- } else {
- v9fs_string_free(str);
-diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
-index 119ee58..39a7e1d 100644
---- a/hw/9pfs/9p.c
-+++ b/hw/9pfs/9p.c
-@@ -3174,7 +3174,7 @@ static void v9fs_xattrwalk(void *opaque)
- goto out;
- }
- v9fs_path_copy(&xattr_fidp->path, &file_fidp->path);
-- if (name.data == NULL) {
-+ if (!v9fs_string_size(&name)) {
- /*
- * listxattr request. Get the size first
- */
---
-2.7.3
-
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8668.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8668.patch
deleted file mode 100644
index a27d3a6..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8668.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-Rocker network switch emulator has test registers to help debug
-DMA operations. While testing host DMA access, a buffer address
-is written to register 'TEST_DMA_ADDR' and its size is written to
-register 'TEST_DMA_SIZE'. When performing TEST_DMA_CTRL_INVERT
-test, if DMA buffer size was greater than 'INT_MAX', it leads to
-an invalid buffer access. Limit the DMA buffer size to avoid it.
-
-Reported-by: Huawei PSIRT <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/net/rocker/rocker.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/hw/net/rocker/rocker.c b/hw/net/rocker/rocker.c
-index 30f2ce4..e9d215a 100644
---- a/hw/net/rocker/rocker.c
-+++ b/hw/net/rocker/rocker.c
-@@ -860,7 +860,7 @@ static void rocker_io_writel(void *opaque, hwaddr addr, uint32_t val)
- rocker_msix_irq(r, val);
- break;
- case ROCKER_TEST_DMA_SIZE:
-- r->test_dma_size = val;
-+ r->test_dma_size = val & 0xFFFF;
- break;
- case ROCKER_TEST_DMA_ADDR + 4:
- r->test_dma_addr = ((uint64_t)val) << 32 | r->lower32;
---
-2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-1.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-1.patch
index 457f022..cea8efc 100644
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-1.patch
+++ b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-1.patch
@@ -1,3 +1,6 @@
+http://bugs.gentoo.org/597108
+https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02577.html
+
From: Prasad J Pandit <address@hidden>
The JAZZ RC4030 chipset emulator has a periodic timer and
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-2.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-2.patch
deleted file mode 100644
index 23393b7..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-2.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-16550A UART device uses an oscillator to generate frequencies
-(baud base), which decide communication speed. This speed could
-be changed by dividing it by a divider. If the divider is
-greater than the baud base, speed is set to zero, leading to a
-divide by zero error. Add check to avoid it.
-
-Reported-by: Huawei PSIRT <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/char/serial.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-Update per
- -> https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02400.html
-
-diff --git a/hw/char/serial.c b/hw/char/serial.c
-index 3442f47..eec72b7 100644
---- a/hw/char/serial.c
-+++ b/hw/char/serial.c
-@@ -153,8 +153,9 @@ static void serial_update_parameters(SerialState *s)
- int speed, parity, data_bits, stop_bits, frame_size;
- QEMUSerialSetParams ssp;
-
-- if (s->divider == 0)
-+ if (s->divider == 0 || s->divider > s->baudbase) {
- return;
-+ }
-
- /* Start bit. */
- frame_size = 1;
---
-2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8909.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8909.patch
deleted file mode 100644
index ed6613f..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8909.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-Intel HDA emulator uses stream of buffers during DMA data
-transfers. Each entry has buffer length and buffer pointer
-position, which are used to derive bytes to 'copy'. If this
-length and buffer pointer were to be same, 'copy' could be
-set to zero(0), leading to an infinite loop. Add check to
-avoid it.
-
-Reported-by: Huawei PSIRT <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/audio/intel-hda.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/hw/audio/intel-hda.c b/hw/audio/intel-hda.c
-index cd95340..537face 100644
---- a/hw/audio/intel-hda.c
-+++ b/hw/audio/intel-hda.c
-@@ -416,7 +416,8 @@ static bool intel_hda_xfer(HDACodecDevice *dev, uint32_t stnr, bool output,
- }
-
- left = len;
-- while (left > 0) {
-+ s = st->bentries;
-+ while (left > 0 && s-- > 0) {
- copy = left;
- if (copy > st->bsize - st->lpib)
- copy = st->bsize - st->lpib;
---
-2.7.4
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8910.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8910.patch
deleted file mode 100644
index c93f796..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8910.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-RTL8139 ethernet controller in C+ mode supports multiple
-descriptor rings, each with maximum of 64 descriptors. While
-processing transmit descriptor ring in 'rtl8139_cplus_transmit',
-it does not limit the descriptor count and runs forever. Add
-check to avoid it.
-
-Reported-by: Andrew Henderson <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/net/rtl8139.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/hw/net/rtl8139.c b/hw/net/rtl8139.c
-index 3345bc6..f05e59c 100644
---- a/hw/net/rtl8139.c
-+++ b/hw/net/rtl8139.c
-@@ -2350,7 +2350,7 @@ static void rtl8139_cplus_transmit(RTL8139State *s)
- {
- int txcount = 0;
-
-- while (rtl8139_cplus_transmit_one(s))
-+ while (txcount < 64 && rtl8139_cplus_transmit_one(s))
- {
- ++txcount;
- }
---
-2.7.4
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9102.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9102.patch
deleted file mode 100644
index 963eca9..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9102.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-From: Li Qiang <address@hidden>
-
-The 'fs.xattr.value' field in V9fsFidState object doesn't consider the
-situation that this field has been allocated previously. Every time, it
-will be allocated directly. This leads a host memory leak issue. This
-patch fix this.
-
---
-1.8.3.1
-diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
-index 75ba5f1..a4c7109 100644
---- a/hw/9pfs/9p.c
-+++ b/hw/9pfs/9p.c
-@@ -3269,6 +3269,7 @@ static void v9fs_xattrcreate(void *opaque)
- xattr_fidp->fs.xattr.flags = flags;
- v9fs_string_init(&xattr_fidp->fs.xattr.name);
- v9fs_string_copy(&xattr_fidp->fs.xattr.name, &name);
-+ g_free(xattr_fidp->fs.xattr.value);
- xattr_fidp->fs.xattr.value = g_malloc(size);
- err = offset;
- put_fid(pdu, file_fidp);
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9103.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9103.patch
deleted file mode 100644
index 7520863..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9103.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-Author: Li Qiang <liqiang6-s@360.cn>
-Date: Mon Oct 17 14:13:58 2016 +0200
-
- 9pfs: fix information leak in xattr read
-
- 9pfs uses g_malloc() to allocate the xattr memory space, if the guest
- reads this memory before writing to it, this will leak host heap memory
- to the guest. This patch avoid this.
-
- Signed-off-by: Li Qiang <liqiang6-s@360.cn>
- Reviewed-by: Greg Kurz <groug@kaod.org>
- Signed-off-by: Greg Kurz <groug@kaod.org>
-
-diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
-index 26aa7d5..bf23b01 100644
---- a/hw/9pfs/9p.c
-+++ b/hw/9pfs/9p.c
-@@ -3269,8 +3269,8 @@ static void coroutine_fn v9fs_xattrcreate(void *opaque)
- xattr_fidp->fs.xattr.flags = flags;
- v9fs_string_init(&xattr_fidp->fs.xattr.name);
- v9fs_string_copy(&xattr_fidp->fs.xattr.name, &name);
- g_free(xattr_fidp->fs.xattr.value);
-- xattr_fidp->fs.xattr.value = g_malloc(size);
-+ xattr_fidp->fs.xattr.value = g_malloc0(size);
- err = offset;
- put_fid(pdu, file_fidp);
- out_nofid:
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9104.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9104.patch
deleted file mode 100644
index f1aec55..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9104.patch
+++ /dev/null
@@ -1,92 +0,0 @@
-From 7e55d65c56a03dcd2c5d7c49d37c5a74b55d4bd6 Mon Sep 17 00:00:00 2001
-From: Li Qiang <liqiang6-s@360.cn>
-Date: Tue, 1 Nov 2016 12:00:40 +0100
-Subject: [PATCH] 9pfs: fix integer overflow issue in xattr read/write
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The v9fs_xattr_read() and v9fs_xattr_write() are passed a guest
-originated offset: they must ensure this offset does not go beyond
-the size of the extended attribute that was set in v9fs_xattrcreate().
-Unfortunately, the current code implement these checks with unsafe
-calculations on 32 and 64 bit values, which may allow a malicious
-guest to cause OOB access anyway.
-
-Fix this by comparing the offset and the xattr size, which are
-both uint64_t, before trying to compute the effective number of bytes
-to read or write.
-
-Suggested-by: Greg Kurz <groug@kaod.org>
-Signed-off-by: Li Qiang <liqiang6-s@360.cn>
-Reviewed-by: Greg Kurz <groug@kaod.org>
-Reviewed-By: Guido Günther <agx@sigxcpu.org>
-Signed-off-by: Greg Kurz <groug@kaod.org>
----
- hw/9pfs/9p.c | 32 ++++++++++++--------------------
- 1 file changed, 12 insertions(+), 20 deletions(-)
-
-diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
-index ab18ef2..7705ead 100644
---- a/hw/9pfs/9p.c
-+++ b/hw/9pfs/9p.c
-@@ -1637,20 +1637,17 @@ static int v9fs_xattr_read(V9fsState *s, V9fsPDU *pdu, V9fsFidState *fidp,
- {
- ssize_t err;
- size_t offset = 7;
-- int read_count;
-- int64_t xattr_len;
-+ uint64_t read_count;
- V9fsVirtioState *v = container_of(s, V9fsVirtioState, state);
- VirtQueueElement *elem = v->elems[pdu->idx];
-
-- xattr_len = fidp->fs.xattr.len;
-- read_count = xattr_len - off;
-+ if (fidp->fs.xattr.len < off) {
-+ read_count = 0;
-+ } else {
-+ read_count = fidp->fs.xattr.len - off;
-+ }
- if (read_count > max_count) {
- read_count = max_count;
-- } else if (read_count < 0) {
-- /*
-- * read beyond XATTR value
-- */
-- read_count = 0;
- }
- err = pdu_marshal(pdu, offset, "d", read_count);
- if (err < 0) {
-@@ -1979,23 +1976,18 @@ static int v9fs_xattr_write(V9fsState *s, V9fsPDU *pdu, V9fsFidState *fidp,
- {
- int i, to_copy;
- ssize_t err = 0;
-- int write_count;
-- int64_t xattr_len;
-+ uint64_t write_count;
- size_t offset = 7;
-
-
-- xattr_len = fidp->fs.xattr.len;
-- write_count = xattr_len - off;
-- if (write_count > count) {
-- write_count = count;
-- } else if (write_count < 0) {
-- /*
-- * write beyond XATTR value len specified in
-- * xattrcreate
-- */
-+ if (fidp->fs.xattr.len < off) {
- err = -ENOSPC;
- goto out;
- }
-+ write_count = fidp->fs.xattr.len - off;
-+ if (write_count > count) {
-+ write_count = count;
-+ }
- err = pdu_marshal(pdu, offset, "d", write_count);
- if (err < 0) {
- return err;
---
-2.7.3
-
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9105.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9105.patch
deleted file mode 100644
index cddff97..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9105.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From: Li Qiang <address@hidden>
-
-In v9fs_link dispatch function, it doesn't put the 'oldfidp'
-fid object, this will make the 'oldfidp->ref' never reach to 0,
-thus leading a memory leak issue. This patch fix this.
-
-Signed-off-by: Li Qiang <address@hidden>
----
- hw/9pfs/9p.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
-index 8b50bfb..29f8b7a 100644
---- a/hw/9pfs/9p.c
-+++ b/hw/9pfs/9p.c
-@@ -2413,6 +2413,7 @@ static void v9fs_link(void *opaque)
- if (!err) {
- err = offset;
- }
-+ put_fid(pdu, oldfidp);
- out:
- put_fid(pdu, dfidp);
- out_nofid:
---
-1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9106.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9106.patch
deleted file mode 100644
index 137272d..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-9106.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-Author: Li Qiang <liqiang6-s@360.cn>
-Date: Mon Oct 17 14:13:58 2016 +0200
-
- 9pfs: fix memory leak in v9fs_write
-
- If an error occurs when marshalling the transfer length to the guest, the
- v9fs_write() function doesn't free an IO vector, thus leading to a memory
- leak. This patch fixes the issue.
-
- Signed-off-by: Li Qiang <liqiang6-s@360.cn>
- Reviewed-by: Greg Kurz <groug@kaod.org>
- [groug, rephrased the changelog]
- Signed-off-by: Greg Kurz <groug@kaod.org>
-
-diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
-index d43a552..e88cf25 100644
---- a/hw/9pfs/9p.c
-+++ b/hw/9pfs/9p.c
-@@ -2090,7 +2090,7 @@ static void coroutine_fn v9fs_write(void *opaque)
- offset = 7;
- err = pdu_marshal(pdu, offset, "d", total);
- if (err < 0) {
-- goto out;
-+ goto out_qiov;
- }
- err += offset;
-
diff --git a/app-emulation/qemu/files/qemu-2.7.0-configure-ifunc.patch b/app-emulation/qemu/files/qemu-2.7.0-configure-ifunc.patch
deleted file mode 100644
index d090323..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-configure-ifunc.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-diff -Naur qemu-2.7.0.orig/configure qemu-2.7.0/configure
---- qemu-2.7.0.orig/configure 2016-09-05 18:30:41.722529882 -0700
-+++ qemu-2.7.0/configure 2016-09-05 18:32:22.473649654 -0700
-@@ -1805,7 +1805,8 @@
- EOF
- if compile_object "" ; then
- if has readelf; then
-- if readelf --syms $TMPO 2>/dev/null |grep -q "IFUNC.*foo"; then
-+ if readelf --syms $TMPO 2>/dev/null |grep -q "IFUNC.*foo" &&
-+ ldd $TMPO >dev/null 2>&1; then
- avx2_opt="yes"
- fi
- fi
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-10155.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-10155.patch
new file mode 100644
index 0000000..c486295
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-10155.patch
@@ -0,0 +1,46 @@
+From eb7a20a3616085d46aa6b4b4224e15587ec67e6e Mon Sep 17 00:00:00 2001
+From: Li Qiang <liqiang6-s@360.cn>
+Date: Mon, 28 Nov 2016 17:49:04 -0800
+Subject: [PATCH] watchdog: 6300esb: add exit function
+
+When the Intel 6300ESB watchdog is hot unplug. The timer allocated
+in realize isn't freed thus leaking memory leak. This patch avoid
+this through adding the exit function.
+
+Signed-off-by: Li Qiang <liqiang6-s@360.cn>
+Message-Id: <583cde9c.3223ed0a.7f0c2.886e@mx.google.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+---
+ hw/watchdog/wdt_i6300esb.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/hw/watchdog/wdt_i6300esb.c b/hw/watchdog/wdt_i6300esb.c
+index a83d951..49b3cd1 100644
+--- a/hw/watchdog/wdt_i6300esb.c
++++ b/hw/watchdog/wdt_i6300esb.c
+@@ -428,6 +428,14 @@ static void i6300esb_realize(PCIDevice *dev, Error **errp)
+ /* qemu_register_coalesced_mmio (addr, 0x10); ? */
+ }
+
++static void i6300esb_exit(PCIDevice *dev)
++{
++ I6300State *d = WATCHDOG_I6300ESB_DEVICE(dev);
++
++ timer_del(d->timer);
++ timer_free(d->timer);
++}
++
+ static WatchdogTimerModel model = {
+ .wdt_name = "i6300esb",
+ .wdt_description = "Intel 6300ESB",
+@@ -441,6 +449,7 @@ static void i6300esb_class_init(ObjectClass *klass, void *data)
+ k->config_read = i6300esb_config_read;
+ k->config_write = i6300esb_config_write;
+ k->realize = i6300esb_realize;
++ k->exit = i6300esb_exit;
+ k->vendor_id = PCI_VENDOR_ID_INTEL;
+ k->device_id = PCI_DEVICE_ID_INTEL_ESB_9;
+ k->class_id = PCI_CLASS_SYSTEM_OTHER;
+--
+2.10.2
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2615.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2615.patch
new file mode 100644
index 0000000..f0bba80
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2615.patch
@@ -0,0 +1,48 @@
+From 62d4c6bd5263bb8413a06c80144fc678df6dfb64 Mon Sep 17 00:00:00 2001
+From: Li Qiang <liqiang6-s@360.cn>
+Date: Wed, 1 Feb 2017 09:35:01 +0100
+Subject: [PATCH] cirrus: fix oob access issue (CVE-2017-2615)
+
+When doing bitblt copy in backward mode, we should minus the
+blt width first just like the adding in the forward mode. This
+can avoid the oob access of the front of vga's vram.
+
+Signed-off-by: Li Qiang <liqiang6-s@360.cn>
+
+{ kraxel: with backward blits (negative pitch) addr is the topmost
+ address, so check it as-is against vram size ]
+
+Cc: qemu-stable@nongnu.org
+Cc: P J P <ppandit@redhat.com>
+Cc: Laszlo Ersek <lersek@redhat.com>
+Cc: Paolo Bonzini <pbonzini@redhat.com>
+Cc: Wolfgang Bumiller <w.bumiller@proxmox.com>
+Fixes: d3532a0db02296e687711b8cdc7791924efccea0 (CVE-2014-8106)
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+Message-id: 1485938101-26602-1-git-send-email-kraxel@redhat.com
+Reviewed-by: Laszlo Ersek <lersek@redhat.com>
+---
+ hw/display/cirrus_vga.c | 7 +++----
+ 1 file changed, 3 insertions(+), 4 deletions(-)
+
+diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
+index 7db6409..16f27e8 100644
+--- a/hw/display/cirrus_vga.c
++++ b/hw/display/cirrus_vga.c
+@@ -274,10 +274,9 @@ static bool blit_region_is_unsafe(struct CirrusVGAState *s,
+ {
+ if (pitch < 0) {
+ int64_t min = addr
+- + ((int64_t)s->cirrus_blt_height-1) * pitch;
+- int32_t max = addr
+- + s->cirrus_blt_width;
+- if (min < 0 || max > s->vga.vram_size) {
++ + ((int64_t)s->cirrus_blt_height - 1) * pitch
++ - s->cirrus_blt_width;
++ if (min < -1 || addr >= s->vga.vram_size) {
+ return true;
+ }
+ } else {
+--
+2.10.2
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-1.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-1.patch
new file mode 100644
index 0000000..24411b4
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-1.patch
@@ -0,0 +1,52 @@
+From 12351a91da97b414eec8cdb09f1d9f41e535a401 Mon Sep 17 00:00:00 2001
+From: Li Qiang <liqiang6-s@360.cn>
+Date: Wed, 14 Dec 2016 18:30:21 -0800
+Subject: [PATCH] audio: ac97: add exit function
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Currently the ac97 device emulation doesn't have a exit function,
+hot unplug this device will leak some memory. Add a exit function to
+avoid this.
+
+Signed-off-by: Li Qiang <liqiang6-s@360.cn>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-id: 58520052.4825ed0a.27a71.6cae@mx.google.com
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ hw/audio/ac97.c | 11 +++++++++++
+ 1 file changed, 11 insertions(+)
+
+diff --git a/hw/audio/ac97.c b/hw/audio/ac97.c
+index cbd959e..c306575 100644
+--- a/hw/audio/ac97.c
++++ b/hw/audio/ac97.c
+@@ -1387,6 +1387,16 @@ static void ac97_realize(PCIDevice *dev, Error **errp)
+ ac97_on_reset (&s->dev.qdev);
+ }
+
++static void ac97_exit(PCIDevice *dev)
++{
++ AC97LinkState *s = DO_UPCAST(AC97LinkState, dev, dev);
++
++ AUD_close_in(&s->card, s->voice_pi);
++ AUD_close_out(&s->card, s->voice_po);
++ AUD_close_in(&s->card, s->voice_mc);
++ AUD_remove_card(&s->card);
++}
++
+ static int ac97_init (PCIBus *bus)
+ {
+ pci_create_simple (bus, -1, "AC97");
+@@ -1404,6 +1414,7 @@ static void ac97_class_init (ObjectClass *klass, void *data)
+ PCIDeviceClass *k = PCI_DEVICE_CLASS (klass);
+
+ k->realize = ac97_realize;
++ k->exit = ac97_exit;
+ k->vendor_id = PCI_VENDOR_ID_INTEL;
+ k->device_id = PCI_DEVICE_ID_INTEL_82801AA_5;
+ k->revision = 0x01;
+--
+2.10.2
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-2.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-2.patch
new file mode 100644
index 0000000..6bbac58
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-2.patch
@@ -0,0 +1,55 @@
+From 069eb7b2b8fc47c7cb52e5a4af23ea98d939e3da Mon Sep 17 00:00:00 2001
+From: Li Qiang <liqiang6-s@360.cn>
+Date: Wed, 14 Dec 2016 18:32:22 -0800
+Subject: [PATCH] audio: es1370: add exit function
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Currently the es1370 device emulation doesn't have a exit function,
+hot unplug this device will leak some memory. Add a exit function to
+avoid this.
+
+Signed-off-by: Li Qiang <liqiang6-s@360.cn>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-id: 585200c9.a968ca0a.1ab80.4c98@mx.google.com
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ hw/audio/es1370.c | 14 ++++++++++++++
+ 1 file changed, 14 insertions(+)
+
+diff --git a/hw/audio/es1370.c b/hw/audio/es1370.c
+index 8449b5f..883ec69 100644
+--- a/hw/audio/es1370.c
++++ b/hw/audio/es1370.c
+@@ -1041,6 +1041,19 @@ static void es1370_realize(PCIDevice *dev, Error **errp)
+ es1370_reset (s);
+ }
+
++static void es1370_exit(PCIDevice *dev)
++{
++ ES1370State *s = ES1370(dev);
++ int i;
++
++ for (i = 0; i < 2; ++i) {
++ AUD_close_out(&s->card, s->dac_voice[i]);
++ }
++
++ AUD_close_in(&s->card, s->adc_voice);
++ AUD_remove_card(&s->card);
++}
++
+ static int es1370_init (PCIBus *bus)
+ {
+ pci_create_simple (bus, -1, TYPE_ES1370);
+@@ -1053,6 +1066,7 @@ static void es1370_class_init (ObjectClass *klass, void *data)
+ PCIDeviceClass *k = PCI_DEVICE_CLASS (klass);
+
+ k->realize = es1370_realize;
++ k->exit = es1370_exit;
+ k->vendor_id = PCI_VENDOR_ID_ENSONIQ;
+ k->device_id = PCI_DEVICE_ID_ENSONIQ_ES1370;
+ k->class_id = PCI_CLASS_MULTIMEDIA_AUDIO;
+--
+2.10.2
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5552.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5552.patch
new file mode 100644
index 0000000..9475f3f
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5552.patch
@@ -0,0 +1,41 @@
+From 33243031dad02d161225ba99d782616da133f689 Mon Sep 17 00:00:00 2001
+From: Li Qiang <liq3ea@gmail.com>
+Date: Thu, 29 Dec 2016 03:11:26 -0500
+Subject: [PATCH] virtio-gpu-3d: fix memory leak in resource attach backing
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+If the virgl_renderer_resource_attach_iov function fails the
+'res_iovs' will be leaked. Add check of the return value to
+free the 'res_iovs' when failing.
+
+Signed-off-by: Li Qiang <liq3ea@gmail.com>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-id: 1482999086-59795-1-git-send-email-liq3ea@gmail.com
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ hw/display/virtio-gpu-3d.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c
+index e29f099..b13ced3 100644
+--- a/hw/display/virtio-gpu-3d.c
++++ b/hw/display/virtio-gpu-3d.c
+@@ -291,8 +291,11 @@ static void virgl_resource_attach_backing(VirtIOGPU *g,
+ return;
+ }
+
+- virgl_renderer_resource_attach_iov(att_rb.resource_id,
+- res_iovs, att_rb.nr_entries);
++ ret = virgl_renderer_resource_attach_iov(att_rb.resource_id,
++ res_iovs, att_rb.nr_entries);
++
++ if (ret != 0)
++ virtio_gpu_cleanup_mapping_iov(res_iovs, att_rb.nr_entries);
+ }
+
+ static void virgl_resource_detach_backing(VirtIOGPU *g,
+--
+2.10.2
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5578.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5578.patch
new file mode 100644
index 0000000..f93d1e7
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5578.patch
@@ -0,0 +1,35 @@
+From 204f01b30975923c64006f8067f0937b91eea68b Mon Sep 17 00:00:00 2001
+From: Li Qiang <liq3ea@gmail.com>
+Date: Thu, 29 Dec 2016 04:28:41 -0500
+Subject: [PATCH] virtio-gpu: fix memory leak in resource attach backing
+
+In the resource attach backing function, everytime it will
+allocate 'res->iov' thus can leading a memory leak. This
+patch avoid this.
+
+Signed-off-by: Li Qiang <liq3ea@gmail.com>
+Message-id: 1483003721-65360-1-git-send-email-liq3ea@gmail.com
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ hw/display/virtio-gpu.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c
+index 6a26258..ca88cf4 100644
+--- a/hw/display/virtio-gpu.c
++++ b/hw/display/virtio-gpu.c
+@@ -714,6 +714,11 @@ virtio_gpu_resource_attach_backing(VirtIOGPU *g,
+ return;
+ }
+
++ if (res->iov) {
++ cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC;
++ return;
++ }
++
+ ret = virtio_gpu_create_mapping_iov(&ab, cmd, &res->addrs, &res->iov);
+ if (ret != 0) {
+ cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC;
+--
+2.10.2
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5579.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5579.patch
new file mode 100644
index 0000000..e4572a8
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5579.patch
@@ -0,0 +1,40 @@
+From 8409dc884a201bf74b30a9d232b6bbdd00cb7e2b Mon Sep 17 00:00:00 2001
+From: Li Qiang <liqiang6-s@360.cn>
+Date: Wed, 4 Jan 2017 00:43:16 -0800
+Subject: [PATCH] serial: fix memory leak in serial exit
+
+The serial_exit_core function doesn't free some resources.
+This can lead memory leak when hotplug and unplug. This
+patch avoid this.
+
+Signed-off-by: Li Qiang <liqiang6-s@360.cn>
+Message-Id: <586cb5ab.f31d9d0a.38ac3.acf2@mx.google.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+---
+ hw/char/serial.c | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/hw/char/serial.c b/hw/char/serial.c
+index ffbacd8..67b18ed 100644
+--- a/hw/char/serial.c
++++ b/hw/char/serial.c
+@@ -906,6 +906,16 @@ void serial_realize_core(SerialState *s, Error **errp)
+ void serial_exit_core(SerialState *s)
+ {
+ qemu_chr_fe_deinit(&s->chr);
++
++ timer_del(s->modem_status_poll);
++ timer_free(s->modem_status_poll);
++
++ timer_del(s->fifo_timeout_timer);
++ timer_free(s->fifo_timeout_timer);
++
++ fifo8_destroy(&s->recv_fifo);
++ fifo8_destroy(&s->xmit_fifo);
++
+ qemu_unregister_reset(serial_reset, s);
+ }
+
+--
+2.10.2
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5667.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5667.patch
new file mode 100644
index 0000000..93e9c94
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5667.patch
@@ -0,0 +1,37 @@
+From 42922105beb14c2fc58185ea022b9f72fb5465e9 Mon Sep 17 00:00:00 2001
+From: Prasad J Pandit <pjp@fedoraproject.org>
+Date: Tue, 7 Feb 2017 18:29:59 +0000
+Subject: [PATCH] sd: sdhci: check data length during dma_memory_read
+
+While doing multi block SDMA transfer in routine
+'sdhci_sdma_transfer_multi_blocks', the 's->fifo_buffer' starting
+index 'begin' and data length 's->data_count' could end up to be same.
+This could lead to an OOB access issue. Correct transfer data length
+to avoid it.
+
+Cc: qemu-stable@nongnu.org
+Reported-by: Jiang Xin <jiangxin1@huawei.com>
+Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
+Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
+Message-id: 20170130064736.9236-1-ppandit@redhat.com
+Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
+---
+ hw/sd/sdhci.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c
+index 01fbf22..5bd5ab6 100644
+--- a/hw/sd/sdhci.c
++++ b/hw/sd/sdhci.c
+@@ -536,7 +536,7 @@ static void sdhci_sdma_transfer_multi_blocks(SDHCIState *s)
+ boundary_count -= block_size - begin;
+ }
+ dma_memory_read(&address_space_memory, s->sdmasysad,
+- &s->fifo_buffer[begin], s->data_count);
++ &s->fifo_buffer[begin], s->data_count - begin);
+ s->sdmasysad += s->data_count - begin;
+ if (s->data_count == block_size) {
+ for (n = 0; n < block_size; n++) {
+--
+2.10.2
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5856.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5856.patch
new file mode 100644
index 0000000..2ebd49f
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5856.patch
@@ -0,0 +1,64 @@
+From 765a707000e838c30b18d712fe6cb3dd8e0435f3 Mon Sep 17 00:00:00 2001
+From: Paolo Bonzini <pbonzini@redhat.com>
+Date: Mon, 2 Jan 2017 11:03:33 +0100
+Subject: [PATCH] megasas: fix guest-triggered memory leak
+
+If the guest sets the sglist size to a value >=2GB, megasas_handle_dcmd
+will return MFI_STAT_MEMORY_NOT_AVAILABLE without freeing the memory.
+Avoid this by returning only the status from map_dcmd, and loading
+cmd->iov_size in the caller.
+
+Reported-by: Li Qiang <liqiang6-s@360.cn>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+---
+ hw/scsi/megasas.c | 11 ++++++-----
+ 1 file changed, 6 insertions(+), 5 deletions(-)
+
+diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
+index 67fc1e7..6233865 100644
+--- a/hw/scsi/megasas.c
++++ b/hw/scsi/megasas.c
+@@ -683,14 +683,14 @@ static int megasas_map_dcmd(MegasasState *s, MegasasCmd *cmd)
+ trace_megasas_dcmd_invalid_sge(cmd->index,
+ cmd->frame->header.sge_count);
+ cmd->iov_size = 0;
+- return -1;
++ return -EINVAL;
+ }
+ iov_pa = megasas_sgl_get_addr(cmd, &cmd->frame->dcmd.sgl);
+ iov_size = megasas_sgl_get_len(cmd, &cmd->frame->dcmd.sgl);
+ pci_dma_sglist_init(&cmd->qsg, PCI_DEVICE(s), 1);
+ qemu_sglist_add(&cmd->qsg, iov_pa, iov_size);
+ cmd->iov_size = iov_size;
+- return cmd->iov_size;
++ return 0;
+ }
+
+ static void megasas_finish_dcmd(MegasasCmd *cmd, uint32_t iov_size)
+@@ -1559,19 +1559,20 @@ static const struct dcmd_cmd_tbl_t {
+
+ static int megasas_handle_dcmd(MegasasState *s, MegasasCmd *cmd)
+ {
+- int opcode, len;
++ int opcode;
+ int retval = 0;
++ size_t len;
+ const struct dcmd_cmd_tbl_t *cmdptr = dcmd_cmd_tbl;
+
+ opcode = le32_to_cpu(cmd->frame->dcmd.opcode);
+ trace_megasas_handle_dcmd(cmd->index, opcode);
+- len = megasas_map_dcmd(s, cmd);
+- if (len < 0) {
++ if (megasas_map_dcmd(s, cmd) < 0) {
+ return MFI_STAT_MEMORY_NOT_AVAILABLE;
+ }
+ while (cmdptr->opcode != -1 && cmdptr->opcode != opcode) {
+ cmdptr++;
+ }
++ len = cmd->iov_size;
+ if (cmdptr->opcode == -1) {
+ trace_megasas_dcmd_unhandled(cmd->index, opcode, len);
+ retval = megasas_dcmd_dummy(s, cmd);
+--
+2.10.2
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5857.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5857.patch
new file mode 100644
index 0000000..664a669
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5857.patch
@@ -0,0 +1,38 @@
+When the guest sends VIRTIO_GPU_CMD_RESOURCE_UNREF without detaching the
+backing storage beforehand (VIRTIO_GPU_CMD_RESOURCE_DETACH_BACKING)
+we'll leak memory.
+
+This patch fixes it for 3d mode, simliar to the 2d mode fix in commit
+"b8e2392 virtio-gpu: call cleanup mapping function in resource destroy".
+
+Reported-by: 李强 <address@hidden>
+Signed-off-by: Gerd Hoffmann <address@hidden>
+---
+ hw/display/virtio-gpu-3d.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c
+index f96a0c2..ecb09d1 100644
+--- a/hw/display/virtio-gpu-3d.c
++++ b/hw/display/virtio-gpu-3d.c
+@@ -77,10 +77,18 @@ static void virgl_cmd_resource_unref(VirtIOGPU *g,
+ struct virtio_gpu_ctrl_command *cmd)
+ {
+ struct virtio_gpu_resource_unref unref;
++ struct iovec *res_iovs = NULL;
++ int num_iovs = 0;
+
+ VIRTIO_GPU_FILL_CMD(unref);
+ trace_virtio_gpu_cmd_res_unref(unref.resource_id);
+
++ virgl_renderer_resource_detach_iov(unref.resource_id,
++ &res_iovs,
++ &num_iovs);
++ if (res_iovs != NULL && num_iovs != 0) {
++ virtio_gpu_cleanup_mapping_iov(res_iovs, num_iovs);
++ }
+ virgl_renderer_resource_unref(unref.resource_id);
+ }
+
+--
+1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5898.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5898.patch
new file mode 100644
index 0000000..9f94477
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5898.patch
@@ -0,0 +1,35 @@
+From c7dfbf322595ded4e70b626bf83158a9f3807c6a Mon Sep 17 00:00:00 2001
+From: Prasad J Pandit <pjp@fedoraproject.org>
+Date: Fri, 3 Feb 2017 00:52:28 +0530
+Subject: [PATCH] usb: ccid: check ccid apdu length
+
+CCID device emulator uses Application Protocol Data Units(APDU)
+to exchange command and responses to and from the host.
+The length in these units couldn't be greater than 65536. Add
+check to ensure the same. It'd also avoid potential integer
+overflow in emulated_apdu_from_guest.
+
+Reported-by: Li Qiang <liqiang6-s@360.cn>
+Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
+Message-id: 20170202192228.10847-1-ppandit@redhat.com
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ hw/usb/dev-smartcard-reader.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/hw/usb/dev-smartcard-reader.c b/hw/usb/dev-smartcard-reader.c
+index 89e11b6..1325ea1 100644
+--- a/hw/usb/dev-smartcard-reader.c
++++ b/hw/usb/dev-smartcard-reader.c
+@@ -967,7 +967,7 @@ static void ccid_on_apdu_from_guest(USBCCIDState *s, CCID_XferBlock *recv)
+ DPRINTF(s, 1, "%s: seq %d, len %d\n", __func__,
+ recv->hdr.bSeq, len);
+ ccid_add_pending_answer(s, (CCID_Header *)recv);
+- if (s->card) {
++ if (s->card && len <= BULK_OUT_DATA_SIZE) {
+ ccid_card_apdu_from_guest(s->card, recv->abData, len);
+ } else {
+ DPRINTF(s, D_WARN, "warning: discarded apdu\n");
+--
+2.10.2
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5931.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5931.patch
new file mode 100644
index 0000000..f24d557
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5931.patch
@@ -0,0 +1,46 @@
+From a08aaff811fb194950f79711d2afe5a892ae03a4 Mon Sep 17 00:00:00 2001
+From: Gonglei <arei.gonglei@huawei.com>
+Date: Tue, 3 Jan 2017 14:50:03 +0800
+Subject: [PATCH] virtio-crypto: fix possible integer and heap overflow
+
+Because the 'size_t' type is 4 bytes in 32-bit platform, which
+is the same with 'int'. It's easy to make 'max_len' to zero when
+integer overflow and then cause heap overflow if 'max_len' is zero.
+
+Using uint_64 instead of size_t to avoid the integer overflow.
+
+Cc: qemu-stable@nongnu.org
+Reported-by: Li Qiang <liqiang6-s@360.cn>
+Signed-off-by: Gonglei <arei.gonglei@huawei.com>
+Tested-by: Li Qiang <liqiang6-s@360.cn>
+Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
+Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
+---
+ hw/virtio/virtio-crypto.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c
+index 2f2467e..c23e1ad 100644
+--- a/hw/virtio/virtio-crypto.c
++++ b/hw/virtio/virtio-crypto.c
+@@ -416,7 +416,7 @@ virtio_crypto_sym_op_helper(VirtIODevice *vdev,
+ uint32_t hash_start_src_offset = 0, len_to_hash = 0;
+ uint32_t cipher_start_src_offset = 0, len_to_cipher = 0;
+
+- size_t max_len, curr_size = 0;
++ uint64_t max_len, curr_size = 0;
+ size_t s;
+
+ /* Plain cipher */
+@@ -441,7 +441,7 @@ virtio_crypto_sym_op_helper(VirtIODevice *vdev,
+ return NULL;
+ }
+
+- max_len = iv_len + aad_len + src_len + dst_len + hash_result_len;
++ max_len = (uint64_t)iv_len + aad_len + src_len + dst_len + hash_result_len;
+ if (unlikely(max_len > vcrypto->conf.max_size)) {
+ virtio_error(vdev, "virtio-crypto too big length");
+ return NULL;
+--
+2.10.2
+
diff --git a/app-emulation/qemu/metadata.xml b/app-emulation/qemu/metadata.xml
index d036967..1866d8a 100644
--- a/app-emulation/qemu/metadata.xml
+++ b/app-emulation/qemu/metadata.xml
@@ -42,7 +42,6 @@
<flag name="png">Enable png image support for the VNC console server</flag>
<flag name="usb">Enable USB passthrough via <pkg>dev-libs/libusb</pkg></flag>
<flag name="usbredir">Use <pkg>sys-apps/usbredir</pkg> to redirect USB devices to another machine over TCP</flag>
- <flag name="uuid">Enable UUID support in the vdi block driver</flag>
<flag name="vde">Enable VDE-based networking</flag>
<flag name="vhost-net">Enable accelerated networking using vhost-net, see http://www.linux-kvm.org/page/VhostNet</flag>
<flag name="virgl">Enable experimental Virgil 3d (virtual software GPU)</flag>
diff --git a/app-emulation/qemu/qemu-2.7.0-r7.ebuild b/app-emulation/qemu/qemu-2.7.0-r7.ebuild
deleted file mode 100644
index e77efc8..0000000
--- a/app-emulation/qemu/qemu-2.7.0-r7.ebuild
+++ /dev/null
@@ -1,713 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI="5"
-
-PYTHON_COMPAT=( python2_7 )
-PYTHON_REQ_USE="ncurses,readline"
-
-PLOCALES="bg de_DE fr_FR hu it tr zh_CN"
-
-inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \
- user udev fcaps readme.gentoo-r1 pax-utils l10n
-
-if [[ ${PV} = *9999* ]]; then
- EGIT_REPO_URI="git://git.qemu.org/qemu.git"
- inherit git-2
- SRC_URI=""
-else
- SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
- KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd"
-fi
-
-DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
-HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
-
-LICENSE="GPL-2 LGPL-2 BSD-2"
-SLOT="0"
-IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt glusterfs \
-gnutls gtk gtk2 infiniband iscsi +jpeg \
-kernel_linux kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs
-+png pulseaudio python \
-rbd sasl +seccomp sdl sdl2 selinux smartcard snappy spice ssh static static-softmmu
-static-user systemtap tci test +threads usb usbredir +uuid vde +vhost-net \
-virgl virtfs +vnc vte xattr xen xfs"
-
-COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel mips
-mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc sparc64 unicore32
-x86_64"
-IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS} lm32 moxie ppcemb tricore xtensa xtensaeb"
-IUSE_USER_TARGETS="${COMMON_TARGETS} armeb mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx"
-
-use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
-use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS})
-IUSE+=" ${use_softmmu_targets} ${use_user_targets}"
-
-# Allow no targets to be built so that people can get a tools-only build.
-# Block USE flag configurations known to not work.
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- gtk2? ( gtk )
- qemu_softmmu_targets_arm? ( fdt )
- qemu_softmmu_targets_microblaze? ( fdt )
- qemu_softmmu_targets_ppc? ( fdt )
- qemu_softmmu_targets_ppc64? ( fdt )
- sdl2? ( sdl )
- static? ( static-softmmu static-user )
- static-softmmu? ( !alsa !pulseaudio !bluetooth !opengl !gtk !gtk2 )
- virtfs? ( xattr )
- vte? ( gtk )"
-
-# Yep, you need both libcap and libcap-ng since virtfs only uses libcap.
-#
-# The attr lib isn't always linked in (although the USE flag is always
-# respected). This is because qemu supports using the C library's API
-# when available rather than always using the extranl library.
-#
-# Older versions of gnutls are supported, but it's simpler to just require
-# the latest versions. This is also why we require nettle.
-#
-# TODO: Split out tools deps into another var. e.g. bzip2 is only used by
-# system binaries and tools, not user binaries.
-COMMON_LIB_DEPEND=">=dev-libs/glib-2.0[static-libs(+)]
- sys-libs/zlib[static-libs(+)]
- bzip2? ( app-arch/bzip2[static-libs(+)] )
- xattr? ( sys-apps/attr[static-libs(+)] )"
-SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND}
- >=x11-libs/pixman-0.28.0[static-libs(+)]
- accessibility? ( app-accessibility/brltty[static-libs(+)] )
- aio? ( dev-libs/libaio[static-libs(+)] )
- alsa? ( >=media-libs/alsa-lib-1.0.13 )
- bluetooth? ( net-wireless/bluez )
- caps? ( sys-libs/libcap-ng[static-libs(+)] )
- curl? ( >=net-misc/curl-7.15.4[static-libs(+)] )
- fdt? ( >=sys-apps/dtc-1.4.0[static-libs(+)] )
- glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] )
- gnutls? (
- dev-libs/nettle:=[static-libs(+)]
- >=net-libs/gnutls-3.0:=[static-libs(+)]
- )
- gtk? (
- gtk2? (
- x11-libs/gtk+:2
- vte? ( x11-libs/vte:0 )
- )
- !gtk2? (
- x11-libs/gtk+:3
- vte? ( x11-libs/vte:2.91 )
- )
- )
- infiniband? ( sys-fabric/librdmacm:=[static-libs(+)] )
- iscsi? ( net-libs/libiscsi )
- jpeg? ( virtual/jpeg:0=[static-libs(+)] )
- lzo? ( dev-libs/lzo:2[static-libs(+)] )
- ncurses? ( sys-libs/ncurses:0=[static-libs(+)] )
- nfs? ( >=net-fs/libnfs-1.9.3[static-libs(+)] )
- numa? ( sys-process/numactl[static-libs(+)] )
- opengl? (
- virtual/opengl
- media-libs/libepoxy[static-libs(+)]
- media-libs/mesa[static-libs(+)]
- media-libs/mesa[egl,gles2,gbm]
- )
- png? ( media-libs/libpng:0=[static-libs(+)] )
- pulseaudio? ( media-sound/pulseaudio )
- rbd? ( sys-cluster/ceph[static-libs(+)] )
- sasl? ( dev-libs/cyrus-sasl[static-libs(+)] )
- sdl? (
- !sdl2? (
- media-libs/libsdl[X]
- >=media-libs/libsdl-1.2.11[static-libs(+)]
- )
- sdl2? (
- media-libs/libsdl2[X]
- media-libs/libsdl2[static-libs(+)]
- )
- )
- seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] )
- smartcard? ( >=app-emulation/libcacard-2.5.0[static-libs(+)] )
- snappy? ( app-arch/snappy[static-libs(+)] )
- spice? (
- >=app-emulation/spice-protocol-0.12.3
- >=app-emulation/spice-0.12.0[static-libs(+)]
- )
- ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] )
- usb? ( >=virtual/libusb-1-r2[static-libs(+)] )
- usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] )
- uuid? ( >=sys-apps/util-linux-2.16.0[static-libs(+)] )
- vde? ( net-misc/vde[static-libs(+)] )
- virgl? ( media-libs/virglrenderer[static-libs(+)] )
- virtfs? ( sys-libs/libcap )
- xfs? ( sys-fs/xfsprogs[static-libs(+)] )"
-USER_LIB_DEPEND="${COMMON_LIB_DEPEND}"
-X86_FIRMWARE_DEPEND="
- >=sys-firmware/ipxe-1.0.0_p20130624
- pin-upstream-blobs? (
- ~sys-firmware/seabios-1.8.2
- ~sys-firmware/sgabios-0.1_pre8
- ~sys-firmware/vgabios-0.7a
- )
- !pin-upstream-blobs? (
- sys-firmware/seabios
- sys-firmware/sgabios
- sys-firmware/vgabios
- )"
-CDEPEND="
- !static-softmmu? ( $(printf "%s? ( ${SOFTMMU_LIB_DEPEND//\[static-libs(+)]} ) " ${use_softmmu_targets}) )
- !static-user? ( $(printf "%s? ( ${USER_LIB_DEPEND//\[static-libs(+)]} ) " ${use_user_targets}) )
- qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} )
- qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )
- python? ( ${PYTHON_DEPS} )
- systemtap? ( dev-util/systemtap )
- xen? ( app-emulation/xen-tools:= )"
-DEPEND="${CDEPEND}
- dev-lang/perl
- =dev-lang/python-2*
- sys-apps/texinfo
- virtual/pkgconfig
- kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 )
- gtk? ( nls? ( sys-devel/gettext ) )
- static-softmmu? ( $(printf "%s? ( ${SOFTMMU_LIB_DEPEND} ) " ${use_softmmu_targets}) )
- static-user? ( $(printf "%s? ( ${USER_LIB_DEPEND} ) " ${use_user_targets}) )
- test? (
- dev-libs/glib[utils]
- sys-devel/bc
- )"
-RDEPEND="${CDEPEND}
- selinux? ( sec-policy/selinux-qemu )
-"
-
-STRIP_MASK="/usr/share/qemu/palcode-clipper"
-
-QA_PREBUILT="
- usr/share/qemu/openbios-ppc
- usr/share/qemu/openbios-sparc64
- usr/share/qemu/openbios-sparc32
- usr/share/qemu/palcode-clipper
- usr/share/qemu/s390-ccw.img
- usr/share/qemu/u-boot.e500
-"
-
-QA_WX_LOAD="usr/bin/qemu-i386
- usr/bin/qemu-x86_64
- usr/bin/qemu-alpha
- usr/bin/qemu-arm
- usr/bin/qemu-cris
- usr/bin/qemu-m68k
- usr/bin/qemu-microblaze
- usr/bin/qemu-microblazeel
- usr/bin/qemu-mips
- usr/bin/qemu-mipsel
- usr/bin/qemu-or32
- usr/bin/qemu-ppc
- usr/bin/qemu-ppc64
- usr/bin/qemu-ppc64abi32
- usr/bin/qemu-sh4
- usr/bin/qemu-sh4eb
- usr/bin/qemu-sparc
- usr/bin/qemu-sparc64
- usr/bin/qemu-armeb
- usr/bin/qemu-sparc32plus
- usr/bin/qemu-s390x
- usr/bin/qemu-unicore32"
-
-DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure
-you have the kernel module loaded before running kvm. The easiest way to
-ensure that the kernel module is loaded is to load it on boot.\n
-For AMD CPUs the module is called 'kvm-amd'.\n
-For Intel CPUs the module is called 'kvm-intel'.\n
-Please review /etc/conf.d/modules for how to load these.\n\n
-Make sure your user is in the 'kvm' group\n
-Just run 'gpasswd -a <USER> kvm', then have <USER> re-login.\n\n
-For brand new installs, the default permissions on /dev/kvm might not let you
-access it. You can tell udev to reset ownership/perms:\n
-udevadm trigger -c add /dev/kvm"
-
-qemu_support_kvm() {
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386 \
- use qemu_softmmu_targets_ppc || use qemu_softmmu_targets_ppc64 \
- use qemu_softmmu_targets_s390x; then
- return 0
- fi
-
- return 1
-}
-
-pkg_pretend() {
- if use kernel_linux && kernel_is lt 2 6 25; then
- eerror "This version of KVM requres a host kernel of 2.6.25 or higher."
- elif use kernel_linux; then
- if ! linux_config_exists; then
- eerror "Unable to check your kernel for KVM support"
- else
- CONFIG_CHECK="~KVM ~TUN ~BRIDGE"
- ERROR_KVM="You must enable KVM in your kernel to continue"
- ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in"
- ERROR_KVM_AMD+=" your kernel configuration."
- ERROR_KVM_INTEL="If you have an Intel CPU, you must enable"
- ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration."
- ERROR_TUN="You will need the Universal TUN/TAP driver compiled"
- ERROR_TUN+=" into your kernel or loaded as a module to use the"
- ERROR_TUN+=" virtual network device if using -net tap."
- ERROR_BRIDGE="You will also need support for 802.1d"
- ERROR_BRIDGE+=" Ethernet Bridging for some network configurations."
- use vhost-net && CONFIG_CHECK+=" ~VHOST_NET"
- ERROR_VHOST_NET="You must enable VHOST_NET to have vhost-net"
- ERROR_VHOST_NET+=" support"
-
- if use amd64 || use x86 || use amd64-linux || use x86-linux; then
- CONFIG_CHECK+=" ~KVM_AMD ~KVM_INTEL"
- fi
-
- use python && CONFIG_CHECK+=" ~DEBUG_FS"
- ERROR_DEBUG_FS="debugFS support required for kvm_stat"
-
- # Now do the actual checks setup above
- check_extra_config
- fi
- fi
-
- if grep -qs '/usr/bin/qemu-kvm' "${EROOT}"/etc/libvirt/qemu/*.xml; then
- eerror "The kvm/qemu-kvm wrappers no longer exist, but your libvirt"
- eerror "instances are still pointing to it. Please update your"
- eerror "configs in /etc/libvirt/qemu/ to use the -enable-kvm flag"
- eerror "and the right system binary (e.g. qemu-system-x86_64)."
- die "update your virt configs to not use qemu-kvm"
- fi
-}
-
-pkg_setup() {
- enewgroup kvm 78
-}
-
-# Sanity check to make sure target lists are kept up-to-date.
-check_targets() {
- local var=$1 mak=$2
- local detected sorted
-
- pushd "${S}"/default-configs >/dev/null || die
-
- # Force C locale until glibc is updated. #564936
- detected=$(echo $(printf '%s\n' *-${mak}.mak | sed "s:-${mak}.mak::" | LC_COLLATE=C sort -u))
- sorted=$(echo $(printf '%s\n' ${!var} | LC_COLLATE=C sort -u))
- if [[ ${sorted} != "${detected}" ]] ; then
- eerror "The ebuild needs to be kept in sync."
- eerror "${var}: ${sorted}"
- eerror "$(printf '%-*s' ${#var} configure): ${detected}"
- die "sync ${var} to the list of targets"
- fi
-
- popd >/dev/null
-}
-
-handle_locales() {
- # Make sure locale list is kept up-to-date.
- local detected sorted
- detected=$(echo $(cd po && printf '%s\n' *.po | grep -v messages.po | sed 's:.po$::' | sort -u))
- sorted=$(echo $(printf '%s\n' ${PLOCALES} | sort -u))
- if [[ ${sorted} != "${detected}" ]] ; then
- eerror "The ebuild needs to be kept in sync."
- eerror "PLOCALES: ${sorted}"
- eerror " po/*.po: ${detected}"
- die "sync PLOCALES"
- fi
-
- # Deal with selective install of locales.
- if use nls ; then
- # Delete locales the user does not want. #577814
- rm_loc() { rm po/$1.po || die; }
- l10n_for_each_disabled_locale_do rm_loc
- else
- # Cheap hack to disable gettext .mo generation.
- rm -f po/*.po
- fi
-}
-
-src_prepare() {
- check_targets IUSE_SOFTMMU_TARGETS softmmu
- check_targets IUSE_USER_TARGETS linux-user
-
- # Alter target makefiles to accept CFLAGS set via flag-o
- sed -i -r \
- -e 's/^(C|OP_C|HELPER_C)FLAGS=/\1FLAGS+=/' \
- Makefile Makefile.target || die
-
- # Patching for musl
- epatch "${FILESDIR}"/${PN}-2.0.0-F_SHLCK-and-F_EXLCK.patch
- epatch "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
- epatch "${FILESDIR}"/${PN}-2.2.0-_sigev_un.patch
- epatch "${FILESDIR}"/${PN}-2.7.0-configure-ifunc.patch
-
- epatch "${FILESDIR}"/${PN}-2.5.0-cflags.patch
- epatch "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
-
- epatch "${FILESDIR}"/${P}-CVE-2016-6836.patch # bug 591242
- epatch "${FILESDIR}"/${P}-CVE-2016-7155.patch # bug 593034
- epatch "${FILESDIR}"/${P}-CVE-2016-7156.patch # bug 593036
- epatch "${FILESDIR}"/${P}-CVE-2016-7157-1.patch # bug 593038
- epatch "${FILESDIR}"/${P}-CVE-2016-7157-2.patch # bug 593038
- epatch "${FILESDIR}"/${P}-CVE-2016-7170.patch # bug 593284
- epatch "${FILESDIR}"/${P}-CVE-2016-7421.patch # bug 593950
- epatch "${FILESDIR}"/${P}-CVE-2016-7422.patch # bug 593956
- epatch "${FILESDIR}"/${P}-CVE-2016-7423.patch # bug 594368
- epatch "${FILESDIR}"/${P}-CVE-2016-7466.patch # bug 594520
- epatch "${FILESDIR}"/${P}-CVE-2016-7907.patch # bug 596048
- epatch "${FILESDIR}"/${P}-CVE-2016-7908.patch # bug 596049
- epatch "${FILESDIR}"/${P}-CVE-2016-7909.patch # bug 596048
- epatch "${FILESDIR}"/${P}-CVE-2016-7994-1.patch # bug 596738
- epatch "${FILESDIR}"/${P}-CVE-2016-7994-2.patch # bug 596738
- epatch "${FILESDIR}"/${P}-CVE-2016-8576.patch # bug 596752
- epatch "${FILESDIR}"/${P}-CVE-2016-8577.patch # bug 596776
- epatch "${FILESDIR}"/${P}-CVE-2016-8578.patch # bug 596774
- epatch "${FILESDIR}"/${P}-CVE-2016-8668.patch # bug 597110
- epatch "${FILESDIR}"/${P}-CVE-2016-8669-1.patch # bug 597108
- epatch "${FILESDIR}"/${P}-CVE-2016-8669-2.patch # bug 597108
- epatch "${FILESDIR}"/${P}-CVE-2016-8909.patch # bug 598044
- epatch "${FILESDIR}"/${P}-CVE-2016-8910.patch # bug 598046
- epatch "${FILESDIR}"/${P}-CVE-2016-9102.patch # bug 598328
- epatch "${FILESDIR}"/${P}-CVE-2016-9103.patch # bug 598328
- epatch "${FILESDIR}"/${P}-CVE-2016-9104.patch # bug 598328
- epatch "${FILESDIR}"/${P}-CVE-2016-9105.patch # bug 598328
- epatch "${FILESDIR}"/${P}-CVE-2016-9106.patch # bug 598772
-
- # Fix ld and objcopy being called directly
- tc-export AR LD OBJCOPY
-
- # Verbose builds
- MAKEOPTS+=" V=1"
-
- epatch_user
-
- # Run after we've applied all patches.
- handle_locales
-}
-
-##
-# configures qemu based on the build directory and the build type
-# we are using.
-#
-qemu_src_configure() {
- debug-print-function ${FUNCNAME} "$@"
-
- local buildtype=$1
- local builddir="${S}/${buildtype}-build"
- local static_flag="static-${buildtype}"
-
- mkdir "${builddir}"
-
- local conf_opts=(
- --prefix=/usr
- --sysconfdir=/etc
- --libdir=/usr/$(get_libdir)
- --docdir=/usr/share/doc/${PF}/html
- --disable-bsd-user
- --disable-guest-agent
- --disable-strip
- --disable-werror
- # We support gnutls/nettle for crypto operations. It is possible
- # to use gcrypt when gnutls/nettle are disabled (but not when they
- # are enabled), but it's not really worth the hassle. Disable it
- # all the time to avoid automatically detecting it. #568856
- --disable-gcrypt
- --python="${PYTHON}"
- --cc="$(tc-getCC)"
- --cxx="$(tc-getCXX)"
- --host-cc="$(tc-getBUILD_CC)"
- $(use_enable debug debug-info)
- $(use_enable debug debug-tcg)
- --enable-docs
- $(use_enable tci tcg-interpreter)
- $(use_enable xattr attr)
- )
-
- # Disable options not used by user targets as the default configure
- # options will autoprobe and try to link in a bunch of unused junk.
- conf_softmmu() {
- if [[ ${buildtype} == "user" ]] ; then
- echo "--disable-${2:-$1}"
- else
- use_enable "$@"
- fi
- }
- conf_opts+=(
- $(conf_softmmu accessibility brlapi)
- $(conf_softmmu aio linux-aio)
- $(conf_softmmu bzip2)
- $(conf_softmmu bluetooth bluez)
- $(conf_softmmu caps cap-ng)
- $(conf_softmmu curl)
- $(conf_softmmu fdt)
- $(conf_softmmu glusterfs)
- $(conf_softmmu gnutls)
- $(conf_softmmu gnutls nettle)
- $(conf_softmmu gtk)
- $(conf_softmmu infiniband rdma)
- $(conf_softmmu iscsi libiscsi)
- $(conf_softmmu jpeg vnc-jpeg)
- $(conf_softmmu kernel_linux kvm)
- $(conf_softmmu lzo)
- $(conf_softmmu ncurses curses)
- $(conf_softmmu nfs libnfs)
- $(conf_softmmu numa)
- $(conf_softmmu opengl)
- $(conf_softmmu png vnc-png)
- $(conf_softmmu rbd)
- $(conf_softmmu sasl vnc-sasl)
- $(conf_softmmu sdl)
- $(conf_softmmu seccomp)
- $(conf_softmmu smartcard)
- $(conf_softmmu snappy)
- $(conf_softmmu spice)
- $(conf_softmmu ssh libssh2)
- $(conf_softmmu usb libusb)
- $(conf_softmmu usbredir usb-redir)
- $(conf_softmmu uuid)
- $(conf_softmmu vde)
- $(conf_softmmu vhost-net)
- $(conf_softmmu virgl virglrenderer)
- $(conf_softmmu virtfs)
- $(conf_softmmu vnc)
- $(conf_softmmu vte)
- $(conf_softmmu xen)
- $(conf_softmmu xen xen-pci-passthrough)
- $(conf_softmmu xfs xfsctl)
- )
-
- case ${buildtype} in
- user)
- conf_opts+=(
- --enable-linux-user
- --disable-system
- --disable-blobs
- --disable-tools
- )
- ;;
- softmmu)
- # audio options
- local audio_opts="oss"
- use alsa && audio_opts="alsa,${audio_opts}"
- use sdl && audio_opts="sdl,${audio_opts}"
- use pulseaudio && audio_opts="pa,${audio_opts}"
-
- conf_opts+=(
- --disable-linux-user
- --enable-system
- --with-system-pixman
- --audio-drv-list="${audio_opts}"
- )
- use gtk && conf_opts+=( --with-gtkabi=$(usex gtk2 2.0 3.0) )
- use sdl && conf_opts+=( --with-sdlabi=$(usex sdl2 2.0 1.2) )
- ;;
- tools)
- conf_opts+=(
- --disable-linux-user
- --disable-system
- --disable-blobs
- $(use_enable bzip2)
- )
- static_flag="static"
- ;;
- esac
-
- local targets="${buildtype}_targets"
- [[ -n ${targets} ]] && conf_opts+=( --target-list="${!targets}" )
-
- # Add support for SystemTAP
- use systemtap && conf_opts+=( --enable-trace-backend=dtrace )
-
- # We always want to attempt to build with PIE support as it results
- # in a more secure binary. But it doesn't work with static or if
- # the current GCC doesn't have PIE support.
- if use ${static_flag}; then
- conf_opts+=( --static --disable-pie )
- else
- gcc-specs-pie && conf_opts+=( --enable-pie )
- fi
-
- echo "../configure ${conf_opts[*]}"
- cd "${builddir}"
- ../configure "${conf_opts[@]}" || die "configure failed"
-
- # FreeBSD's kernel does not support QEMU assigning/grabbing
- # host USB devices yet
- use kernel_FreeBSD && \
- sed -i -E -e "s|^(HOST_USB=)bsd|\1stub|" "${S}"/config-host.mak
-}
-
-src_configure() {
- local target
-
- python_setup
-
- softmmu_targets= softmmu_bins=()
- user_targets= user_bins=()
-
- for target in ${IUSE_SOFTMMU_TARGETS} ; do
- if use "qemu_softmmu_targets_${target}"; then
- softmmu_targets+=",${target}-softmmu"
- softmmu_bins+=( "qemu-system-${target}" )
- fi
- done
-
- for target in ${IUSE_USER_TARGETS} ; do
- if use "qemu_user_targets_${target}"; then
- user_targets+=",${target}-linux-user"
- user_bins+=( "qemu-${target}" )
- fi
- done
-
- softmmu_targets=${softmmu_targets#,}
- user_targets=${user_targets#,}
-
- [[ -n ${softmmu_targets} ]] && qemu_src_configure "softmmu"
- [[ -n ${user_targets} ]] && qemu_src_configure "user"
- [[ -z ${softmmu_targets}${user_targets} ]] && qemu_src_configure "tools"
-}
-
-src_compile() {
- if [[ -n ${user_targets} ]]; then
- cd "${S}/user-build"
- default
- fi
-
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- default
- fi
-
- if [[ -z ${softmmu_targets}${user_targets} ]]; then
- cd "${S}/tools-build"
- default
- fi
-}
-
-src_test() {
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- pax-mark m */qemu-system-* #515550
- emake -j1 check
- emake -j1 check-report.html
- fi
-}
-
-qemu_python_install() {
- python_domodule "${S}/scripts/qmp/qmp.py"
-
- python_doscript "${S}/scripts/kvm/vmxcap"
- python_doscript "${S}/scripts/qmp/qmp-shell"
- python_doscript "${S}/scripts/qmp/qemu-ga-client"
-}
-
-src_install() {
- if [[ -n ${user_targets} ]]; then
- cd "${S}/user-build"
- emake DESTDIR="${ED}" install
-
- # Install binfmt handler init script for user targets
- newinitd "${FILESDIR}/qemu-binfmt.initd-r1" qemu-binfmt
- fi
-
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- emake DESTDIR="${ED}" install
-
- # This might not exist if the test failed. #512010
- [[ -e check-report.html ]] && dohtml check-report.html
-
- if use kernel_linux; then
- udev_dorules "${FILESDIR}"/65-kvm.rules
- fi
-
- if use python; then
- python_foreach_impl qemu_python_install
- fi
- fi
-
- if [[ -z ${softmmu_targets}${user_targets} ]]; then
- cd "${S}/tools-build"
- emake DESTDIR="${ED}" install
- fi
-
- # Disable mprotect on the qemu binaries as they use JITs to be fast #459348
- pushd "${ED}"/usr/bin >/dev/null
- pax-mark m "${softmmu_bins[@]}" "${user_bins[@]}"
- popd >/dev/null
-
- # Install config file example for qemu-bridge-helper
- insinto "/etc/qemu"
- doins "${FILESDIR}/bridge.conf"
-
- # Remove the docdir placed qmp-commands.txt
- mv "${ED}/usr/share/doc/${PF}/html/qmp-commands.txt" "${S}/docs/" || die
-
- cd "${S}"
- dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt
- newdoc pc-bios/README README.pc-bios
- dodoc docs/qmp-*.txt
-
- if [[ -n ${softmmu_targets} ]]; then
- # Remove SeaBIOS since we're using the SeaBIOS packaged one
- rm "${ED}/usr/share/qemu/bios.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../seabios/bios.bin /usr/share/qemu/bios.bin
- fi
-
- # Remove vgabios since we're using the vgabios packaged one
- rm "${ED}/usr/share/qemu/vgabios.bin"
- rm "${ED}/usr/share/qemu/vgabios-cirrus.bin"
- rm "${ED}/usr/share/qemu/vgabios-qxl.bin"
- rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
- rm "${ED}/usr/share/qemu/vgabios-vmware.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../vgabios/vgabios.bin /usr/share/qemu/vgabios.bin
- dosym ../vgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
- dosym ../vgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
- dosym ../vgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
- dosym ../vgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
- fi
-
- # Remove sgabios since we're using the sgabios packaged one
- rm "${ED}/usr/share/qemu/sgabios.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../sgabios/sgabios.bin /usr/share/qemu/sgabios.bin
- fi
-
- # Remove iPXE since we're using the iPXE packaged one
- rm "${ED}"/usr/share/qemu/pxe-*.rom
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../ipxe/8086100e.rom /usr/share/qemu/pxe-e1000.rom
- dosym ../ipxe/80861209.rom /usr/share/qemu/pxe-eepro100.rom
- dosym ../ipxe/10500940.rom /usr/share/qemu/pxe-ne2k_pci.rom
- dosym ../ipxe/10222000.rom /usr/share/qemu/pxe-pcnet.rom
- dosym ../ipxe/10ec8139.rom /usr/share/qemu/pxe-rtl8139.rom
- dosym ../ipxe/1af41000.rom /usr/share/qemu/pxe-virtio.rom
- fi
- fi
-
- qemu_support_kvm && readme.gentoo_create_doc
-}
-
-pkg_postinst() {
- if qemu_support_kvm; then
- readme.gentoo_print_elog
- fi
-
- if [[ -n ${softmmu_targets} ]] && use kernel_linux; then
- udev_reload
- fi
-
- fcaps cap_net_admin /usr/libexec/qemu-bridge-helper
-}
-
-pkg_info() {
- echo "Using:"
- echo " $(best_version app-emulation/spice-protocol)"
- echo " $(best_version sys-firmware/ipxe)"
- echo " $(best_version sys-firmware/seabios)"
- if has_version 'sys-firmware/seabios[binary]'; then
- echo " USE=binary"
- else
- echo " USE=''"
- fi
- echo " $(best_version sys-firmware/vgabios)"
-}
diff --git a/app-emulation/qemu/qemu-2.7.1.ebuild b/app-emulation/qemu/qemu-2.8.0-r1.ebuild
similarity index 92%
rename from app-emulation/qemu/qemu-2.7.1.ebuild
rename to app-emulation/qemu/qemu-2.8.0-r1.ebuild
index 49087c8..006c657 100644
--- a/app-emulation/qemu/qemu-2.7.1.ebuild
+++ b/app-emulation/qemu/qemu-2.8.0-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2016 Gentoo Foundation
+# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI="5"
@@ -30,13 +30,13 @@ gnutls gtk gtk2 infiniband iscsi +jpeg \
kernel_linux kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs
+png pulseaudio python \
rbd sasl +seccomp sdl sdl2 selinux smartcard snappy spice ssh static static-softmmu
-static-user systemtap tci test +threads usb usbredir +uuid vde +vhost-net \
+static-user systemtap tci test +threads usb usbredir vde +vhost-net \
virgl virtfs +vnc vte xattr xen xfs"
COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel mips
-mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc sparc64 unicore32
+mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc sparc64
x86_64"
-IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS} lm32 moxie ppcemb tricore xtensa xtensaeb"
+IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS} lm32 moxie ppcemb tricore unicore32 xtensa xtensaeb"
IUSE_USER_TARGETS="${COMMON_TARGETS} armeb mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx"
use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
@@ -107,7 +107,7 @@ SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND}
virtual/opengl
media-libs/libepoxy[static-libs(+)]
media-libs/mesa[static-libs(+)]
- media-libs/mesa[egl,gles2,gbm]
+ media-libs/mesa[egl,gbm]
)
png? ( media-libs/libpng:0=[static-libs(+)] )
pulseaudio? ( media-sound/pulseaudio )
@@ -133,7 +133,6 @@ SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND}
ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] )
usb? ( >=virtual/libusb-1-r2[static-libs(+)] )
usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] )
- uuid? ( >=sys-apps/util-linux-2.16.0[static-libs(+)] )
vde? ( net-misc/vde[static-libs(+)] )
virgl? ( media-libs/virglrenderer[static-libs(+)] )
virtfs? ( sys-libs/libcap )
@@ -142,7 +141,7 @@ USER_LIB_DEPEND="${COMMON_LIB_DEPEND}"
X86_FIRMWARE_DEPEND="
>=sys-firmware/ipxe-1.0.0_p20130624
pin-upstream-blobs? (
- ~sys-firmware/seabios-1.8.2
+ ~sys-firmware/seabios-1.10.1
~sys-firmware/sgabios-0.1_pre8
~sys-firmware/vgabios-0.7a
)
@@ -332,35 +331,28 @@ src_prepare() {
Makefile Makefile.target || die
# Patching for musl
- epatch "${FILESDIR}"/${PN}-2.0.0-F_SHLCK-and-F_EXLCK.patch
+ epatch "${FILESDIR}"/${PN}-2.8.0-F_SHLCK-and-F_EXLCK.patch
epatch "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
epatch "${FILESDIR}"/${PN}-2.2.0-_sigev_un.patch
- epatch "${FILESDIR}"/${PN}-2.7.0-configure-ifunc.patch
epatch "${FILESDIR}"/${PN}-2.5.0-cflags.patch
epatch "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-6836.patch #591242
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-7156.patch #593036
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-7170.patch #593284
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-7422.patch #593956
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-7466.patch #594520
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-7907.patch #596048
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-7908.patch #596049
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-7909.patch #596048
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-7994-1.patch #596738
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-7994-2.patch #596738
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8576.patch #596752
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8577.patch #596776
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8578.patch #596774
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8668.patch #597110
epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8669-1.patch #597108
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8669-2.patch #597108
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8909.patch #598044
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-9102.patch #598328
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-9103.patch #598328
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-9104.patch #598328
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-9105.patch #598328
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-9106.patch #598772
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2016-9908.patch #601826
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2016-9912.patch #602630
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10028.patch #603444
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10155.patch #606720
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-2615.patch #608034
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-1.patch #606264
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-2.patch
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5552.patch #606722
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5578.patch #607000
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5579.patch #607100
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5667.patch #607766
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5856.patch #608036
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5857.patch #608038
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5898.patch #608520
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5931.patch #608728
# Fix ld and objcopy being called directly
tc-export AR LD OBJCOPY
@@ -453,7 +445,6 @@ qemu_src_configure() {
$(conf_softmmu ssh libssh2)
$(conf_softmmu usb libusb)
$(conf_softmmu usbredir usb-redir)
- $(conf_softmmu uuid)
$(conf_softmmu vde)
$(conf_softmmu vhost-net)
$(conf_softmmu virgl virglrenderer)
diff --git a/app-emulation/qemu/qemu-2.8.0.ebuild b/app-emulation/qemu/qemu-2.8.0.ebuild
index 4020d7c..2922f9d 100644
--- a/app-emulation/qemu/qemu-2.8.0.ebuild
+++ b/app-emulation/qemu/qemu-2.8.0.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2016 Gentoo Foundation
+# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI="5"
@@ -17,7 +17,7 @@ if [[ ${PV} = *9999* ]]; then
SRC_URI=""
else
SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
- KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd"
+ KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd"
fi
DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
@@ -30,7 +30,7 @@ gnutls gtk gtk2 infiniband iscsi +jpeg \
kernel_linux kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs
+png pulseaudio python \
rbd sasl +seccomp sdl sdl2 selinux smartcard snappy spice ssh static static-softmmu
-static-user systemtap tci test +threads usb usbredir +uuid vde +vhost-net \
+static-user systemtap tci test +threads usb usbredir vde +vhost-net \
virgl virtfs +vnc vte xattr xen xfs"
COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel mips
@@ -107,7 +107,7 @@ SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND}
virtual/opengl
media-libs/libepoxy[static-libs(+)]
media-libs/mesa[static-libs(+)]
- media-libs/mesa[egl,gles2,gbm]
+ media-libs/mesa[egl,gbm]
)
png? ( media-libs/libpng:0=[static-libs(+)] )
pulseaudio? ( media-sound/pulseaudio )
@@ -133,7 +133,6 @@ SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND}
ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] )
usb? ( >=virtual/libusb-1-r2[static-libs(+)] )
usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] )
- uuid? ( >=sys-apps/util-linux-2.16.0[static-libs(+)] )
vde? ( net-misc/vde[static-libs(+)] )
virgl? ( media-libs/virglrenderer[static-libs(+)] )
virtfs? ( sys-libs/libcap )
@@ -434,7 +433,6 @@ qemu_src_configure() {
$(conf_softmmu ssh libssh2)
$(conf_softmmu usb libusb)
$(conf_softmmu usbredir usb-redir)
- $(conf_softmmu uuid)
$(conf_softmmu vde)
$(conf_softmmu vhost-net)
$(conf_softmmu virgl virglrenderer)
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/
@ 2017-02-13 20:04 Aric Belsito
0 siblings, 0 replies; 19+ messages in thread
From: Aric Belsito @ 2017-02-13 20:04 UTC (permalink / raw
To: gentoo-commits
commit: 4986e583ef659690cfa69d7fdff56b5e5ad5c352
Author: Aric Belsito <lluixhi <AT> gmail <DOT> com>
AuthorDate: Mon Feb 13 20:04:11 2017 +0000
Commit: Aric Belsito <lluixhi <AT> gmail <DOT> com>
CommitDate: Mon Feb 13 20:04:11 2017 +0000
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=4986e583
app-emulation/qemu: version bump to 2.8.0-r2
app-emulation/qemu/Manifest | 4 +++-
app-emulation/qemu/files/65-kvm.rules-r1 | 2 ++
app-emulation/qemu/qemu-2.8.0-r1.ebuild | 2 +-
app-emulation/qemu/{qemu-2.8.0-r1.ebuild => qemu-2.8.0-r2.ebuild} | 7 +++++--
4 files changed, 11 insertions(+), 4 deletions(-)
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
index 0acf0b7..db61483 100644
--- a/app-emulation/qemu/Manifest
+++ b/app-emulation/qemu/Manifest
@@ -1,4 +1,5 @@
AUX 65-kvm.rules 40 SHA256 c16a8dc7855880b2651f1a3ff488ecc54d4ac1036c71fffd5007021d8d18a7c5 SHA512 98aad2a2f212a7ac0ee5b60a9c92744fa462bce5f26594845c7a31d692aaaca2d52cb57bdbede7dfc60b9862c2a6510665dbb03215d5cf76e62516a283decdd6 WHIRLPOOL 937de93a23930f6b8533f0c3e0dd249c99ddf7d54446dea857607266ac0a4b435c5b4a52b2986b138bace9c0a7ade66f94116b38e2bc4767ead54bd11baf0920
+AUX 65-kvm.rules-r1 120 SHA256 2f6b5b2600598fc402850bb7026eab0e5822e7221b584795bd2ed1a0290250df SHA512 4132ec4d3e7c1e3cf5e37224be1a3b864bcc0bfde9109e8fea9c99377289c28a7fdcf9155fbbd6605dbf8ebeb020c2ab575dd35e36bdf69f8ad07c4aa9c7b2f7 WHIRLPOOL 34dce92c0851c7edb5449c7d19e8767b09e61a73b551af90d987519e8e9c8c883e8ff8567d4a222294095bafdb58984347c694fc6ac458c630ed8e2d42438180
AUX bridge.conf 454 SHA256 a51850dd39923f3482e4c575b48ad9fef9c9ebb2f2176225da399b79ce48c69d SHA512 a907ee86b81a1b61033bb7621ded65112504131ef7b698c53e4014b958ee6fc79e66f63069015a01e41362cb70a7d0ed26dd9a03033cf776f4846f0e1f8f1533 WHIRLPOOL 8fcbd4abf9b8f7ca3d16fe0eaf17196ebf708dfecf85ce0f020e0de22b64905114f7b310f361826c81bb961c6b1bbbf984bff1e595bb949993b8966ccb222c35
AUX qemu-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch 930 SHA256 6af6cf9044997710a6d0fbdba30a35c8d775e30d30c032ec97db672f75ec88ac SHA512 ec84b27648c01c6e58781295dcd0c2ff8e5a635f9836ef50c1da5d0ed125db1afc4cb5b01cb97606d6dd8f417acba93e1560d9a32ca29161a4bb730b302440ea WHIRLPOOL 06b9dd5251ac03405c97b1f5a623b4d86bda2f72fbcd52b90ae4d11a0cfb59cae62df2cb6189405fbe53ab05ff2b7ca8165fda239dbfe5f31ed70abb53b3b9f3
AUX qemu-2.2.0-_sigev_un.patch 636 SHA256 f3b9a4d6162c553f3110ad22716305818e2130e2ff5d628faf044fc58a5e3cb5 SHA512 f72b879daede5184904f64cabb276de96299a37a93fce444d09e9068671009e95a5e5d6b815ec41a5db5b3807de14d470a56bba5806ffd4dfec577577b046ccb WHIRLPOOL 9453ad4966e10d504f3e867fd984642a3c1ee3ae847b5ca56196fd1f9e6c0f2d7b52ca07446212af72fef6d0ded1527a5eb306fa6cd915e8dd9ce11523362bac
@@ -23,6 +24,7 @@ AUX qemu-2.8.0-CVE-2017-5931.patch 1696 SHA256 cdb1ea1306bf00042f13637eef78d3580
AUX qemu-2.8.0-F_SHLCK-and-F_EXLCK.patch 574 SHA256 d02353daa0ecfe161e938a5e54feab641b901f4a35c8f5831133676a6f53f43f SHA512 6b64750335aae1142ca9132fb766ac2aaeacfcdda0aa0cfca19afc4c3ea3806e30ce603fcec3767e40e84efb0ae8b9a23f21d46c807c13bb646be74f99e13389 WHIRLPOOL 7401c3daf162c71a5a5c3729855fddb5df95609b34c86ea0f4d872c8f132d6ac089cfb35a990af70aef8b7b63fe075a1e2be376b6db09bc70e8d51e48aded354
AUX qemu-binfmt.initd-r1 7966 SHA256 5b4b432aa1e44f387c9eb789de0ec6322741fd36dd241f76520f17c6cd6ac49b SHA512 2ba0bff6eb2b6bac4ed440f793771ce9551cad48e38bddb6cf04f804faac2407e80879f66771910344ddcea45f0014095dcc8bfeb0aad5085ef048fd3612dbd8 WHIRLPOOL a2a1fb830a970757d1e203378c7d382b161b1040f3b8aaf0f22bb3b5e46467eff395474ff40d93c9f133bab307b345a6f75d63eae9f8dd8daf67324db41032f9
DIST qemu-2.8.0.tar.bz2 28368517 SHA256 dafd5d7f649907b6b617b822692f4c82e60cf29bc0fc58bc2036219b591e5e62 SHA512 50f2988d822388ba9fd1bf5dbe68359033ed7432d7f0f9790299f32f63faa6dc72979256b5632ba572d47ee3e74ed40e3e8e331dc6303ec1599f1b4367cb78c2 WHIRLPOOL 0ce4e0539657eb832e4039819e7360c792b6aa41c718f0e0d762f4933217f0d370af94b1d6d9776853575b4a6811d8c85db069bf09d21bd15399ac8b50440ff5
-EBUILD qemu-2.8.0-r1.ebuild 21623 SHA256 6e5cf2427f830d730b93ef0526ceaf126af7513ed011d7ee3cf192ba7687e837 SHA512 03f49ad75e1fb4f43811624d7b8cd6b82a012b6a32f74f371421d246962cea88d2a498a664b659bbe1bda6cff9a9da43e550e7d4c71a55a5a2110a4b5b8c7462 WHIRLPOOL 06a247c8306de45b424266661797b4a64339daf4b8177c9eefb707bab06d497cb5410c59c9a89b0693cb14fd5ac293b537e81cf3da24b2be711d9db8fa3a0a9d
+EBUILD qemu-2.8.0-r1.ebuild 21622 SHA256 2f4029d16bcac486bbf4fd39ba15506084f6ef0f7e47910b3b6ab5d862041476 SHA512 3c77cdac3ee4417e7b0d1c4c0598372a1da889349148e2efca668a030df1f5e9a69ae6055f12234f7f4e21475b1d44f41170bfccb420fb5a5860172f945740e7 WHIRLPOOL 2e61f6fb672dbb8006ab51ff61754518592b1f5e32678c4789d9339d74d0acc182e45d4a54aaf2b36e52dfdf1a305c09e4c92a5c20c06cf52bd239ebac862e46
+EBUILD qemu-2.8.0-r2.ebuild 21674 SHA256 79e8b82d2901cf9d0e8c9c78c9a261e4a8d95407f81b02986a06fe454390b6b2 SHA512 5e9b760db15db8bfb7cfb14dd8c2957978f15fe143cdd3b80fdc0bae8f9a926c99fb9dfc824679fd340c094f84ff73def9985f17a1bdcaa6d7f826e896670401 WHIRLPOOL 07a84b97c865c11dfe7d763d4ca08afe02b6afcac28872c4bfffb3808d91bbb618d74963ded9d6ffe84bee077b2f0941ac5a93b4482838a1b38e7935ff59e567
EBUILD qemu-2.8.0.ebuild 20856 SHA256 5cf0517d3327eac95727067f80702639132b87603029951ef2db8086f6fd34ae SHA512 10bcdad90a85786f0d2e4044be010e5d87f54fd0710c889205060e1404e5a24004e0095d7d3ee0f62735e3ab88d2af5986d371769125b13ffc5689edc5a95be8 WHIRLPOOL af455544650a9c0cb4bc2be588e3687dea90d14bbc3dad1aa76bcf65376317b85374151eee761239868b3ce8aaae089e4278b3897e5f013e4652c6801c66c9b6
MISC metadata.xml 3854 SHA256 326fc14b3867842cc40bc364d91e2ca60ca63651e4a17040254166fa09cec04a SHA512 2e3bbdf84b7b03aedc43621b47e02b8da242fda917dcdf4b2d7532210aaa79c6fbea52a6b8157cdf90cd1e4e282610c0254b96a7a14b285e910d61203acd6461 WHIRLPOOL 539ca48b54055e594e16b76341879540d4f302d502c39d1901ed4fd7cc80b186ba29845759d02c60bf4560b8b14ec4fa40869d341e432a025dc792fb38f8eae1
diff --git a/app-emulation/qemu/files/65-kvm.rules-r1 b/app-emulation/qemu/files/65-kvm.rules-r1
new file mode 100644
index 0000000..ab3776a
--- /dev/null
+++ b/app-emulation/qemu/files/65-kvm.rules-r1
@@ -0,0 +1,2 @@
+KERNEL=="kvm", GROUP="kvm", MODE="0660"
+KERNEL=="vhost-net", GROUP="kvm", MODE="0660", OPTIONS+="static_node=vhost-net"
diff --git a/app-emulation/qemu/qemu-2.8.0-r1.ebuild b/app-emulation/qemu/qemu-2.8.0-r1.ebuild
index 006c657..16dd327 100644
--- a/app-emulation/qemu/qemu-2.8.0-r1.ebuild
+++ b/app-emulation/qemu/qemu-2.8.0-r1.ebuild
@@ -17,7 +17,7 @@ if [[ ${PV} = *9999* ]]; then
SRC_URI=""
else
SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
- KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd"
+ KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd"
fi
DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
diff --git a/app-emulation/qemu/qemu-2.8.0-r1.ebuild b/app-emulation/qemu/qemu-2.8.0-r2.ebuild
similarity index 99%
copy from app-emulation/qemu/qemu-2.8.0-r1.ebuild
copy to app-emulation/qemu/qemu-2.8.0-r2.ebuild
index 006c657..28498f6 100644
--- a/app-emulation/qemu/qemu-2.8.0-r1.ebuild
+++ b/app-emulation/qemu/qemu-2.8.0-r2.ebuild
@@ -100,7 +100,10 @@ SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND}
iscsi? ( net-libs/libiscsi )
jpeg? ( virtual/jpeg:0=[static-libs(+)] )
lzo? ( dev-libs/lzo:2[static-libs(+)] )
- ncurses? ( sys-libs/ncurses:0=[static-libs(+)] )
+ ncurses? (
+ sys-libs/ncurses:0=[unicode]
+ sys-libs/ncurses:0=[static-libs(+)]
+ )
nfs? ( >=net-fs/libnfs-1.9.3[static-libs(+)] )
numa? ( sys-process/numactl[static-libs(+)] )
opengl? (
@@ -598,7 +601,7 @@ src_install() {
[[ -e check-report.html ]] && dohtml check-report.html
if use kernel_linux; then
- udev_dorules "${FILESDIR}"/65-kvm.rules
+ udev_newrules "${FILESDIR}"/65-kvm.rules-r1 65-kvm.rules
fi
if use python; then
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/
@ 2017-02-21 18:20 Aric Belsito
0 siblings, 0 replies; 19+ messages in thread
From: Aric Belsito @ 2017-02-21 18:20 UTC (permalink / raw
To: gentoo-commits
commit: 8ebff45190124dc7b8430fe4248ae40549aab9b9
Author: Aric Belsito <lluixhi <AT> gmail <DOT> com>
AuthorDate: Tue Feb 21 18:19:58 2017 +0000
Commit: Aric Belsito <lluixhi <AT> gmail <DOT> com>
CommitDate: Tue Feb 21 18:19:58 2017 +0000
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=8ebff451
app-emulation/qemu: version bump to 2.8.0-r3
drop 2.8.0 and 2.8.0-r2: no longer in tree.
app-emulation/qemu/Manifest | 10 +-
.../qemu/files/qemu-2.8.0-CVE-2017-2620.patch | 56 ++
.../qemu/files/qemu-2.8.0-CVE-2017-2630.patch | 22 +
.../qemu/files/qemu-2.8.0-CVE-2017-5973.patch | 87 +++
.../qemu/files/qemu-2.8.0-CVE-2017-5987.patch | 50 ++
.../qemu/files/qemu-2.8.0-CVE-2017-6058.patch | 112 ++++
app-emulation/qemu/qemu-2.8.0-r1.ebuild | 2 +-
.../{qemu-2.8.0-r2.ebuild => qemu-2.8.0-r3.ebuild} | 5 +
app-emulation/qemu/qemu-2.8.0.ebuild | 684 ---------------------
9 files changed, 340 insertions(+), 688 deletions(-)
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
index db61483..45b7c89 100644
--- a/app-emulation/qemu/Manifest
+++ b/app-emulation/qemu/Manifest
@@ -11,6 +11,8 @@ AUX qemu-2.8.0-CVE-2016-10155.patch 1558 SHA256 53c20d983847a716f3f708c50ffbeb9d
AUX qemu-2.8.0-CVE-2016-9908.patch 1166 SHA256 22ef4999a3daf3c46a3c90ca20fb131545d4d0befeff7c3ca870585a3e03b7b7 SHA512 c46abda3a5b1a68c7c2e5236f8e424f4569a28ba2aea9b8ec32467e55b535492da6e4702d4758a5721f1bf222f7f2554a5e4c9a190781d60c40202a5291dcf49 WHIRLPOOL aa8087350770ecbb60049e3269ddf9d68258657ef6a088b562e344056689e578a390328dde9c5d2b5024e7fa03995b571295a1d64943d9b3882cf0c5f833dbd8
AUX qemu-2.8.0-CVE-2016-9912.patch 1307 SHA256 e3eac321492a9ef42d88b04877511255c3731a9bb029d7c6ab2da0aa8f09e2d8 SHA512 f9ba4f167334d9b934c37fbed21ded8b3d71e5bdbdb1f15f81d4423b0790bfa127637155d5863b563fa974f1421c4ace1f2a4e3e81e3ae3d6045b2083210b103 WHIRLPOOL 7aa8dab7b6462f142365d274e6131ca1630c396e36c851cb562c081c4243c58e2ae22cf682e51145af08befcaba395254c765cf56112a6c177e1c9a18ffb5926
AUX qemu-2.8.0-CVE-2017-2615.patch 1720 SHA256 33f3f81ff8e5dacfc4f33dd48bd7833843c209f6d2bd5b3102cc5694ad85a593 SHA512 32063428286a49a12daa481ba87f1b09be6504bf24c5759aacf88ef436312a890dfe44d08457d8b426f86ce7680700d32fb21a255a6db8eb512e612c16770d36 WHIRLPOOL 9f1eed6c6c3eeb1e8991d1aa82e12a004c223bdd635ec48e433ca93d054aa3dfb5986fe01e36df157ef20c685e07595eebdf5fe16ed7cf9034e1c9ddf8304dbb
+AUX qemu-2.8.0-CVE-2017-2620.patch 1879 SHA256 dc898ad08d83b5a904a68513784ec009d4e19373ec9170e58d0695cf733b1bbd SHA512 4c0cba0b7abf4923f8c4720ffe8aad98cf8a4cddfa9fdf1418a5895f107bd186599f4d8a87290e9459a425e4ac464663a6d500bf016f459cb81dbd7fbc8121cb WHIRLPOOL 8c2cb5c6a8cee9c1d44fe0e03b3f8f56de4f8a8515acdda4458610f543f2e2cf6bac2161b9a8128e3aaf0c65716d5a85a9caf7041fdc05ab7e222c87568a4d68
+AUX qemu-2.8.0-CVE-2017-2630.patch 681 SHA256 72c675456d02f188b1ccc680fb237900d32d315272d1b3b6c3caad08bc8130e2 SHA512 1dc5006455a06a83799094afab1ec4f2f3808174530f71d234d165275af3b11160bcf6c041c8e9e3138de7bd6ec4b7810b4532c496c018f0aa71716f2d437faa WHIRLPOOL 27c7835c00f5ad368921ae8c2251cc3eaef3f018242c42517f03102129368f85b99b144f4a3eb53e546352965e6a7f031f7545237e5334ee524059d461d29a8f
AUX qemu-2.8.0-CVE-2017-5525-1.patch 1625 SHA256 88e253c306761017d66dca5b72184f89cebf3b617db7bc0e4b27025757a66181 SHA512 a7f82374ec4e264b065be7ba63c197d93fee230d68819bf68a0a67c84f89182d0cc0a42b9aadf53a8a903d640dacc55392174c7820379e92ad0e35c86c35a2dd WHIRLPOOL 63e192dc0e075139f18aee2d0541c75021852a7d7251321ca8fe7f9b793c72786a6aab878e308931289eab3c07c3cbbc8ad32b67de1193f85b672e16a8372495
AUX qemu-2.8.0-CVE-2017-5525-2.patch 1664 SHA256 ab03a1cff62164090133f0dbace9724302e806a808b18d64628d12f0bd9abad6 SHA512 ac1d89331c3fc4d0ef7af411a12654329057676e9f016cb9a4a46dc9b4e01092c17af33d095f3104e71094ae585a35a8276a98560dd97f8d045e0b9fd2f0069f WHIRLPOOL 20457d7fe5b3842c0c601068dba410586fc4b4c7fce81ba3ee436a6cfec3b1b950797d6ca9a2a573fef21a29421f8c04a34d1dfefe0b7ade03a6ca51d16d99cb
AUX qemu-2.8.0-CVE-2017-5552.patch 1481 SHA256 26616f16434b3aff65b1cd1ce82c6abdfbd44da8a047a5a32b1e07755c9a3e1b SHA512 3c3f5027be3bfe56c1445004bd28536e11f606cc6787fcefad3da267eb3e11b61110c8a4700fd9d6f95ce50f10a2678b2bc6f950297b949b837882a68901d6e5 WHIRLPOOL ca93726b8a0567f68fac634eef1e88c997c1e959cafb33bc6ba8871d9021591bb61be6b3635d3fac111e1e177dbbff939c93580d7f0824e752b378dbc38fbc45
@@ -21,10 +23,12 @@ AUX qemu-2.8.0-CVE-2017-5856.patch 2224 SHA256 92ddbba8c0d21bdae5b11ae064c21da93
AUX qemu-2.8.0-CVE-2017-5857.patch 1326 SHA256 e2150a7cc92b72e3f20506b9c76b40599af8d2366d25bd9b245a0bffa66ad8eb SHA512 d6d000b57f1fb194f9554165621109b364ebdb61416bc07e2283f2d493c33e770d1b63002d62565aae1ac19ed0ad9e572c207341aa1ad023581f349f62158d30 WHIRLPOOL cbe84c67ba9bb368baf2b1842e8c7c1ee3fb720630bcd53fdbdef9e8f3efdb25c1a927d0f65c9d1f6def28defe6997943a7867e8225eb12e395a0811ad3e32a1
AUX qemu-2.8.0-CVE-2017-5898.patch 1412 SHA256 7f44668d51a94d19fcca0f496d8ac798fd654afe25d2998f7d07a148a836ade9 SHA512 2cd9af4957849a5d72dc0f0fbb30852870306ebc0a348cf5951df58d3029d1aae52df9261d2e4a9d7a4f132f78c390af8a049e1f109b324899bccd91e5c10d1f WHIRLPOOL c48e1fe163761880adab990683dc5d54ee31173763f11239ffee7c229bd65a2958a696dede39e7e645860980e2a7c5c6e5873e5db53872ac373d8d2415a167ab
AUX qemu-2.8.0-CVE-2017-5931.patch 1696 SHA256 cdb1ea1306bf00042f13637eef78d3580e34b88c11716e62fad69931eb3d7ac6 SHA512 5b9a00f0964b153df7630655480b646e6615e831fd981642987d8691e9ddd265f64285d0e70c4f536bb370adb03a75548f7258bee8dbc2b7de15a3984fc8421b WHIRLPOOL c6d9440adf57ad1b560da03a455d9bdc3094c952f3c82a5e88fa6f2d0336ab767f0617b2916b68a5e3f5d30293749be40c12dfe93e8b7525fec9b8a453a65123
+AUX qemu-2.8.0-CVE-2017-5973.patch 2815 SHA256 206d01053ce678e2c83174b278755e112099f76350aaa765525d344a87365ded SHA512 31b4bd1b8398d8044ace7660a049c492beda83613818a718477257e0bdf922d63423100fd59f2e8411dc952d282a7c405b916ab437b131b31c21dcf65f98edce WHIRLPOOL ea43efbdd5fdc51e1b8b5057fbe50b3911896cbda8437998ca203d34db82524eb42a77440f2490574a48f15ba1c4bbb7d9c40bfb6e99e96278a1d1912ea210a7
+AUX qemu-2.8.0-CVE-2017-5987.patch 1889 SHA256 c4f2175970deca9b00bf657e66b8df31a02efce469eec02279a9659b9cb18bb0 SHA512 32708f91edbbb61ac444ee71b97a30138380544389f6265d7cb7aec330ebaaa7ca69844a9462c817fbda117e78748fc4fdeb655e70bcd72ddd8b112fd9619b0d WHIRLPOOL 1aa99740495c0d2a577cf13c47669aeba75ad389394736ce16fde31c91931254820accad85a6d6fee9757595bec3f222413a89fe4ca125913be7ecc97f33b365
+AUX qemu-2.8.0-CVE-2017-6058.patch 3797 SHA256 06c01fcd53dab66af55df164f1616d14847b2a0fd46abe7445b7e3e7b7ee77cf SHA512 1425e7df38cd44903fe78e7728d7eb3df2d8486895f38a87c4e0c63aa5cc4a2b19032d486fcb5676201242039364a1f3d34b256606b5f8ae74028432e6d50286 WHIRLPOOL 9a48c2f00ac146c29163422c10ca62e3065a36752b865b6b9e3408edf019f3585579ac074b5325777e6a405a11d0ce09da33eb6499012377f0c9ef8c52bf2840
AUX qemu-2.8.0-F_SHLCK-and-F_EXLCK.patch 574 SHA256 d02353daa0ecfe161e938a5e54feab641b901f4a35c8f5831133676a6f53f43f SHA512 6b64750335aae1142ca9132fb766ac2aaeacfcdda0aa0cfca19afc4c3ea3806e30ce603fcec3767e40e84efb0ae8b9a23f21d46c807c13bb646be74f99e13389 WHIRLPOOL 7401c3daf162c71a5a5c3729855fddb5df95609b34c86ea0f4d872c8f132d6ac089cfb35a990af70aef8b7b63fe075a1e2be376b6db09bc70e8d51e48aded354
AUX qemu-binfmt.initd-r1 7966 SHA256 5b4b432aa1e44f387c9eb789de0ec6322741fd36dd241f76520f17c6cd6ac49b SHA512 2ba0bff6eb2b6bac4ed440f793771ce9551cad48e38bddb6cf04f804faac2407e80879f66771910344ddcea45f0014095dcc8bfeb0aad5085ef048fd3612dbd8 WHIRLPOOL a2a1fb830a970757d1e203378c7d382b161b1040f3b8aaf0f22bb3b5e46467eff395474ff40d93c9f133bab307b345a6f75d63eae9f8dd8daf67324db41032f9
DIST qemu-2.8.0.tar.bz2 28368517 SHA256 dafd5d7f649907b6b617b822692f4c82e60cf29bc0fc58bc2036219b591e5e62 SHA512 50f2988d822388ba9fd1bf5dbe68359033ed7432d7f0f9790299f32f63faa6dc72979256b5632ba572d47ee3e74ed40e3e8e331dc6303ec1599f1b4367cb78c2 WHIRLPOOL 0ce4e0539657eb832e4039819e7360c792b6aa41c718f0e0d762f4933217f0d370af94b1d6d9776853575b4a6811d8c85db069bf09d21bd15399ac8b50440ff5
-EBUILD qemu-2.8.0-r1.ebuild 21622 SHA256 2f4029d16bcac486bbf4fd39ba15506084f6ef0f7e47910b3b6ab5d862041476 SHA512 3c77cdac3ee4417e7b0d1c4c0598372a1da889349148e2efca668a030df1f5e9a69ae6055f12234f7f4e21475b1d44f41170bfccb420fb5a5860172f945740e7 WHIRLPOOL 2e61f6fb672dbb8006ab51ff61754518592b1f5e32678c4789d9339d74d0acc182e45d4a54aaf2b36e52dfdf1a305c09e4c92a5c20c06cf52bd239ebac862e46
-EBUILD qemu-2.8.0-r2.ebuild 21674 SHA256 79e8b82d2901cf9d0e8c9c78c9a261e4a8d95407f81b02986a06fe454390b6b2 SHA512 5e9b760db15db8bfb7cfb14dd8c2957978f15fe143cdd3b80fdc0bae8f9a926c99fb9dfc824679fd340c094f84ff73def9985f17a1bdcaa6d7f826e896670401 WHIRLPOOL 07a84b97c865c11dfe7d763d4ca08afe02b6afcac28872c4bfffb3808d91bbb618d74963ded9d6ffe84bee077b2f0941ac5a93b4482838a1b38e7935ff59e567
-EBUILD qemu-2.8.0.ebuild 20856 SHA256 5cf0517d3327eac95727067f80702639132b87603029951ef2db8086f6fd34ae SHA512 10bcdad90a85786f0d2e4044be010e5d87f54fd0710c889205060e1404e5a24004e0095d7d3ee0f62735e3ab88d2af5986d371769125b13ffc5689edc5a95be8 WHIRLPOOL af455544650a9c0cb4bc2be588e3687dea90d14bbc3dad1aa76bcf65376317b85374151eee761239868b3ce8aaae089e4278b3897e5f013e4652c6801c66c9b6
+EBUILD qemu-2.8.0-r1.ebuild 21621 SHA256 bcf039d34f9bd43b288fd33c38233f115b6b8750989374bc656d6f950358c11a SHA512 d9e718720a4800995919d18b79c735fc7b46d569d4cb82bbe90ae3580eafa8e4e976ab4e34b72ff4a8823c6242cf767c876eecaa46af5d24a6a81918351c376c WHIRLPOOL 9c78a214862bb134df1183bc19cd8eb15cceb0ed7253bc584fc1ce5061e3c33a2c744f5e9175654f182621e410c2302a23a66f393e2e58c0717eff7e212548a8
+EBUILD qemu-2.8.0-r3.ebuild 21994 SHA256 8dd08d6fec72d5665c7e20e1af43d2cf3b40c58fcd37e8334f5bfa032d3e9e14 SHA512 511f271f23fbeb956b9fd67449479119111b50da36687bacee1a3ccf5dee91d4bcfc04349b05845f1c4e528cc7390243a98ba4c76d0b9c51b18e34febbd5e618 WHIRLPOOL c48f0cdb6ca1c13c7c41a949191fd82bb89154c352c8839776096eb9c1273136bbce62b0e2f852ab9f463fa7298804f03dba361bd7fd10dde96c969f53d8a53b
MISC metadata.xml 3854 SHA256 326fc14b3867842cc40bc364d91e2ca60ca63651e4a17040254166fa09cec04a SHA512 2e3bbdf84b7b03aedc43621b47e02b8da242fda917dcdf4b2d7532210aaa79c6fbea52a6b8157cdf90cd1e4e282610c0254b96a7a14b285e910d61203acd6461 WHIRLPOOL 539ca48b54055e594e16b76341879540d4f302d502c39d1901ed4fd7cc80b186ba29845759d02c60bf4560b8b14ec4fa40869d341e432a025dc792fb38f8eae1
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2620.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2620.patch
new file mode 100644
index 0000000..e2a9801
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2620.patch
@@ -0,0 +1,56 @@
+From: Gerd Hoffmann <kraxel@redhat.com>
+Subject: [PATCH 3/3] cirrus: add blit_is_unsafe call to cirrus_bitblt_cputovideo
+
+CIRRUS_BLTMODE_MEMSYSSRC blits do NOT check blit destination
+and blit width, at all. Oops. Fix it.
+
+Security impact: high.
+
+The missing blit destination check allows to write to host memory.
+Basically same as CVE-2014-8106 for the other blit variants.
+
+The missing blit width check allows to overflow cirrus_bltbuf,
+with the attractive target cirrus_srcptr (current cirrus_bltbuf write
+position) being located right after cirrus_bltbuf in CirrusVGAState.
+
+Due to cirrus emulation writing cirrus_bltbuf bytewise the attacker
+hasn't full control over cirrus_srcptr though, only one byte can be
+changed. Once the first byte has been modified further writes land
+elsewhere.
+
+[ This is CVE-2017-2620 / XSA-209 - Ian Jackson ]
+
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ hw/display/cirrus_vga.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
+index 0e47cf8..a093dc8 100644
+--- a/hw/display/cirrus_vga.c
++++ b/hw/display/cirrus_vga.c
+@@ -899,6 +899,10 @@ static int cirrus_bitblt_cputovideo(CirrusVGAState * s)
+ {
+ int w;
+
++ if (blit_is_unsafe(s)) {
++ return 0;
++ }
++
+ s->cirrus_blt_mode &= ~CIRRUS_BLTMODE_MEMSYSSRC;
+ s->cirrus_srcptr = &s->cirrus_bltbuf[0];
+ s->cirrus_srcptr_end = &s->cirrus_bltbuf[0];
+@@ -924,6 +928,10 @@ static int cirrus_bitblt_cputovideo(CirrusVGAState * s)
+ }
+ s->cirrus_srccounter = s->cirrus_blt_srcpitch * s->cirrus_blt_height;
+ }
++
++ /* the blit_is_unsafe call above should catch this */
++ assert(s->cirrus_blt_srcpitch <= CIRRUS_BLTBUFSIZE);
++
+ s->cirrus_srcptr = s->cirrus_bltbuf;
+ s->cirrus_srcptr_end = s->cirrus_bltbuf + s->cirrus_blt_srcpitch;
+ cirrus_update_memory_access(s);
+--
+1.8.3.1
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2630.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2630.patch
new file mode 100644
index 0000000..034b322
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2630.patch
@@ -0,0 +1,22 @@
+Comparison symbol is misused. It may lead to memory corruption.
+
+Signed-off-by: Vladimir Sementsov-Ogievskiy <address@hidden>
+---
+ nbd/client.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/nbd/client.c b/nbd/client.c
+index 6caf6bda6d..351731bc63 100644
+--- a/nbd/client.c
++++ b/nbd/client.c
+@@ -94,7 +94,7 @@ static ssize_t drop_sync(QIOChannel *ioc, size_t size)
+ char small[1024];
+ char *buffer;
+
+- buffer = sizeof(small) < size ? small : g_malloc(MIN(65536, size));
++ buffer = sizeof(small) > size ? small : g_malloc(MIN(65536, size));
+ while (size > 0) {
+ ssize_t count = read_sync(ioc, buffer, MIN(65536, size));
+
+--
+2.11.0
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5973.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5973.patch
new file mode 100644
index 0000000..50ff3c9
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5973.patch
@@ -0,0 +1,87 @@
+Limits should be big enough that normal guest should not hit it.
+Add a tracepoint to log them, just in case. Also, while being
+at it, log the existing link trb limit too.
+
+Reported-by: 李强 <address@hidden>
+Signed-off-by: Gerd Hoffmann <address@hidden>
+---
+ hw/usb/hcd-xhci.c | 15 ++++++++++++++-
+ hw/usb/trace-events | 1 +
+ 2 files changed, 15 insertions(+), 1 deletion(-)
+
+diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
+index fbf8a8b..28dd2f2 100644
+--- a/hw/usb/hcd-xhci.c
++++ b/hw/usb/hcd-xhci.c
+@@ -51,6 +51,8 @@
+ #define EV_QUEUE (((3 * 24) + 16) * MAXSLOTS)
+
+ #define TRB_LINK_LIMIT 4
++#define COMMAND_LIMIT 256
++#define TRANSFER_LIMIT 256
+
+ #define LEN_CAP 0x40
+ #define LEN_OPER (0x400 + 0x10 * MAXPORTS)
+@@ -943,6 +945,7 @@ static TRBType xhci_ring_fetch(XHCIState *xhci, XHCIRing *ring, XHCITRB *trb,
+ return type;
+ } else {
+ if (++link_cnt > TRB_LINK_LIMIT) {
++ trace_usb_xhci_enforced_limit("trb-link");
+ return 0;
+ }
+ ring->dequeue = xhci_mask64(trb->parameter);
+@@ -2060,6 +2063,7 @@ static void xhci_kick_epctx(XHCIEPContext *epctx, unsigned int streamid)
+ XHCIRing *ring;
+ USBEndpoint *ep = NULL;
+ uint64_t mfindex;
++ unsigned int count = 0;
+ int length;
+ int i;
+
+@@ -2172,6 +2176,10 @@ static void xhci_kick_epctx(XHCIEPContext *epctx, unsigned int streamid)
+ epctx->retry = xfer;
+ break;
+ }
++ if (count++ > TRANSFER_LIMIT) {
++ trace_usb_xhci_enforced_limit("transfers");
++ break;
++ }
+ }
+ epctx->kick_active--;
+
+@@ -2618,7 +2626,7 @@ static void xhci_process_commands(XHCIState *xhci)
+ TRBType type;
+ XHCIEvent event = {ER_COMMAND_COMPLETE, CC_SUCCESS};
+ dma_addr_t addr;
+- unsigned int i, slotid = 0;
++ unsigned int i, slotid = 0, count = 0;
+
+ DPRINTF("xhci_process_commands()\n");
+ if (!xhci_running(xhci)) {
+@@ -2735,6 +2743,11 @@ static void xhci_process_commands(XHCIState *xhci)
+ }
+ event.slotid = slotid;
+ xhci_event(xhci, &event, 0);
++
++ if (count++ > COMMAND_LIMIT) {
++ trace_usb_xhci_enforced_limit("commands");
++ return;
++ }
+ }
+ }
+
+diff --git a/hw/usb/trace-events b/hw/usb/trace-events
+index fdd1d29..0c323d4 100644
+--- a/hw/usb/trace-events
++++ b/hw/usb/trace-events
+@@ -174,6 +174,7 @@ usb_xhci_xfer_retry(void *xfer) "%p"
+ usb_xhci_xfer_success(void *xfer, uint32_t bytes) "%p: len %d"
+ usb_xhci_xfer_error(void *xfer, uint32_t ret) "%p: ret %d"
+ usb_xhci_unimplemented(const char *item, int nr) "%s (0x%x)"
++usb_xhci_enforced_limit(const char *item) "%s"
+
+ # hw/usb/desc.c
+ usb_desc_device(int addr, int len, int ret) "dev %d query device, len %d, ret %d"
+--
+1.8.3.1
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5987.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5987.patch
new file mode 100644
index 0000000..bfde2e9
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5987.patch
@@ -0,0 +1,50 @@
+From: Prasad J Pandit <address@hidden>
+
+In the SDHCI protocol, the transfer mode register value
+is used during multi block transfer to check if block count
+register is enabled and should be updated. Transfer mode
+register could be set such that, block count register would
+not be updated, thus leading to an infinite loop. Add check
+to avoid it.
+
+Reported-by: Wjjzhang <address@hidden>
+Reported-by: Jiang Xin <address@hidden>
+Signed-off-by: Prasad J Pandit <address@hidden>
+---
+ hw/sd/sdhci.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+Update: use qemu_log_mask(LOG_UNIMP, ...)
+ -> https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg02354.html
+
+diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c
+index 5bd5ab6..a9c744b 100644
+--- a/hw/sd/sdhci.c
++++ b/hw/sd/sdhci.c
+@@ -486,6 +486,11 @@ static void sdhci_sdma_transfer_multi_blocks(SDHCIState *s)
+ uint32_t boundary_chk = 1 << (((s->blksize & 0xf000) >> 12) + 12);
+ uint32_t boundary_count = boundary_chk - (s->sdmasysad % boundary_chk);
+
++ if (!(s->trnmod & SDHC_TRNS_BLK_CNT_EN) || !s->blkcnt) {
++ qemu_log_mask(LOG_UNIMP, "infinite transfer is not supported\n");
++ return;
++ }
++
+ /* XXX: Some sd/mmc drivers (for example, u-boot-slp) do not account for
+ * possible stop at page boundary if initial address is not page aligned,
+ * allow them to work properly */
+@@ -797,11 +802,6 @@ static void sdhci_data_transfer(void *opaque)
+ if (s->trnmod & SDHC_TRNS_DMA) {
+ switch (SDHC_DMA_TYPE(s->hostctl)) {
+ case SDHC_CTRL_SDMA:
+- if ((s->trnmod & SDHC_TRNS_MULTI) &&
+- (!(s->trnmod & SDHC_TRNS_BLK_CNT_EN) || s->blkcnt == 0)) {
+- break;
+- }
+-
+ if ((s->blkcnt == 1) || !(s->trnmod & SDHC_TRNS_MULTI)) {
+ sdhci_sdma_transfer_single_block(s);
+ } else {
+--
+2.9.3
+
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-6058.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-6058.patch
new file mode 100644
index 0000000..666c18c
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-6058.patch
@@ -0,0 +1,112 @@
+This patch fixed a problem that was introduced in commit eb700029.
+
+When net_rx_pkt_attach_iovec() calls eth_strip_vlan()
+this can result in pkt->ehdr_buf being overflowed, because
+ehdr_buf is only sizeof(struct eth_header) bytes large
+but eth_strip_vlan() can write
+sizeof(struct eth_header) + sizeof(struct vlan_header)
+bytes into it.
+
+Devices affected by this problem: vmxnet3.
+
+Reported-by: Peter Maydell <address@hidden>
+Signed-off-by: Dmitry Fleytman <address@hidden>
+---
+ hw/net/net_rx_pkt.c | 34 +++++++++++++++++-----------------
+ 1 file changed, 17 insertions(+), 17 deletions(-)
+
+diff --git a/hw/net/net_rx_pkt.c b/hw/net/net_rx_pkt.c
+index 1019b50..7c0beac 100644
+--- a/hw/net/net_rx_pkt.c
++++ b/hw/net/net_rx_pkt.c
+@@ -23,13 +23,13 @@
+
+ struct NetRxPkt {
+ struct virtio_net_hdr virt_hdr;
+- uint8_t ehdr_buf[sizeof(struct eth_header)];
++ uint8_t ehdr_buf[sizeof(struct eth_header) + sizeof(struct vlan_header)];
+ struct iovec *vec;
+ uint16_t vec_len_total;
+ uint16_t vec_len;
+ uint32_t tot_len;
+ uint16_t tci;
+- bool vlan_stripped;
++ size_t ehdr_buf_len;
+ bool has_virt_hdr;
+ eth_pkt_types_e packet_type;
+
+@@ -88,15 +88,13 @@ net_rx_pkt_pull_data(struct NetRxPkt *pkt,
+ const struct iovec *iov, int iovcnt,
+ size_t ploff)
+ {
+- if (pkt->vlan_stripped) {
++ if (pkt->ehdr_buf_len) {
+ net_rx_pkt_iovec_realloc(pkt, iovcnt + 1);
+
+ pkt->vec[0].iov_base = pkt->ehdr_buf;
+- pkt->vec[0].iov_len = sizeof(pkt->ehdr_buf);
+-
+- pkt->tot_len =
+- iov_size(iov, iovcnt) - ploff + sizeof(struct eth_header);
++ pkt->vec[0].iov_len = pkt->ehdr_buf_len;
+
++ pkt->tot_len = iov_size(iov, iovcnt) - ploff + pkt->ehdr_buf_len;
+ pkt->vec_len = iov_copy(pkt->vec + 1, pkt->vec_len_total - 1,
+ iov, iovcnt, ploff, pkt->tot_len);
+ } else {
+@@ -123,11 +121,12 @@ void net_rx_pkt_attach_iovec(struct NetRxPkt *pkt,
+ uint16_t tci = 0;
+ uint16_t ploff = iovoff;
+ assert(pkt);
+- pkt->vlan_stripped = false;
+
+ if (strip_vlan) {
+- pkt->vlan_stripped = eth_strip_vlan(iov, iovcnt, iovoff, pkt->ehdr_buf,
+- &ploff, &tci);
++ pkt->ehdr_buf_len = eth_strip_vlan(iov, iovcnt, iovoff, pkt->ehdr_buf,
++ &ploff, &tci);
++ } else {
++ pkt->ehdr_buf_len = 0;
+ }
+
+ pkt->tci = tci;
+@@ -143,12 +142,13 @@ void net_rx_pkt_attach_iovec_ex(struct NetRxPkt *pkt,
+ uint16_t tci = 0;
+ uint16_t ploff = iovoff;
+ assert(pkt);
+- pkt->vlan_stripped = false;
+
+ if (strip_vlan) {
+- pkt->vlan_stripped = eth_strip_vlan_ex(iov, iovcnt, iovoff, vet,
+- pkt->ehdr_buf,
+- &ploff, &tci);
++ pkt->ehdr_buf_len = eth_strip_vlan_ex(iov, iovcnt, iovoff, vet,
++ pkt->ehdr_buf,
++ &ploff, &tci);
++ } else {
++ pkt->ehdr_buf_len = 0;
+ }
+
+ pkt->tci = tci;
+@@ -162,8 +162,8 @@ void net_rx_pkt_dump(struct NetRxPkt *pkt)
+ NetRxPkt *pkt = (NetRxPkt *)pkt;
+ assert(pkt);
+
+- printf("RX PKT: tot_len: %d, vlan_stripped: %d, vlan_tag: %d\n",
+- pkt->tot_len, pkt->vlan_stripped, pkt->tci);
++ printf("RX PKT: tot_len: %d, ehdr_buf_len: %lu, vlan_tag: %d\n",
++ pkt->tot_len, pkt->ehdr_buf_len, pkt->tci);
+ #endif
+ }
+
+@@ -426,7 +426,7 @@ bool net_rx_pkt_is_vlan_stripped(struct NetRxPkt *pkt)
+ {
+ assert(pkt);
+
+- return pkt->vlan_stripped;
++ return pkt->ehdr_buf_len ? true : false;
+ }
+
+ bool net_rx_pkt_has_virt_hdr(struct NetRxPkt *pkt)
+--
+2.7.4
diff --git a/app-emulation/qemu/qemu-2.8.0-r1.ebuild b/app-emulation/qemu/qemu-2.8.0-r1.ebuild
index 16dd327..220ad6f 100644
--- a/app-emulation/qemu/qemu-2.8.0-r1.ebuild
+++ b/app-emulation/qemu/qemu-2.8.0-r1.ebuild
@@ -17,7 +17,7 @@ if [[ ${PV} = *9999* ]]; then
SRC_URI=""
else
SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
- KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd"
+ KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd"
fi
DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
diff --git a/app-emulation/qemu/qemu-2.8.0-r2.ebuild b/app-emulation/qemu/qemu-2.8.0-r3.ebuild
similarity index 98%
rename from app-emulation/qemu/qemu-2.8.0-r2.ebuild
rename to app-emulation/qemu/qemu-2.8.0-r3.ebuild
index 28498f6..6feffe0 100644
--- a/app-emulation/qemu/qemu-2.8.0-r2.ebuild
+++ b/app-emulation/qemu/qemu-2.8.0-r3.ebuild
@@ -346,6 +346,7 @@ src_prepare() {
epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10028.patch #603444
epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10155.patch #606720
epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-2615.patch #608034
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-2630.patch #609396
epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-1.patch #606264
epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-2.patch
epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5552.patch #606722
@@ -356,6 +357,10 @@ src_prepare() {
epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5857.patch #608038
epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5898.patch #608520
epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5931.patch #608728
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5973.patch #609334
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5987.patch #609398
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-6058.patch #609638
+ epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2017-2620.patch #609206
# Fix ld and objcopy being called directly
tc-export AR LD OBJCOPY
diff --git a/app-emulation/qemu/qemu-2.8.0.ebuild b/app-emulation/qemu/qemu-2.8.0.ebuild
deleted file mode 100644
index 2922f9d..0000000
--- a/app-emulation/qemu/qemu-2.8.0.ebuild
+++ /dev/null
@@ -1,684 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="5"
-
-PYTHON_COMPAT=( python2_7 )
-PYTHON_REQ_USE="ncurses,readline"
-
-PLOCALES="bg de_DE fr_FR hu it tr zh_CN"
-
-inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \
- user udev fcaps readme.gentoo-r1 pax-utils l10n
-
-if [[ ${PV} = *9999* ]]; then
- EGIT_REPO_URI="git://git.qemu.org/qemu.git"
- inherit git-2
- SRC_URI=""
-else
- SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
- KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd"
-fi
-
-DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
-HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
-
-LICENSE="GPL-2 LGPL-2 BSD-2"
-SLOT="0"
-IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt glusterfs \
-gnutls gtk gtk2 infiniband iscsi +jpeg \
-kernel_linux kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs
-+png pulseaudio python \
-rbd sasl +seccomp sdl sdl2 selinux smartcard snappy spice ssh static static-softmmu
-static-user systemtap tci test +threads usb usbredir vde +vhost-net \
-virgl virtfs +vnc vte xattr xen xfs"
-
-COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel mips
-mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc sparc64
-x86_64"
-IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS} lm32 moxie ppcemb tricore unicore32 xtensa xtensaeb"
-IUSE_USER_TARGETS="${COMMON_TARGETS} armeb mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx"
-
-use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
-use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS})
-IUSE+=" ${use_softmmu_targets} ${use_user_targets}"
-
-# Allow no targets to be built so that people can get a tools-only build.
-# Block USE flag configurations known to not work.
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- gtk2? ( gtk )
- qemu_softmmu_targets_arm? ( fdt )
- qemu_softmmu_targets_microblaze? ( fdt )
- qemu_softmmu_targets_ppc? ( fdt )
- qemu_softmmu_targets_ppc64? ( fdt )
- sdl2? ( sdl )
- static? ( static-softmmu static-user )
- static-softmmu? ( !alsa !pulseaudio !bluetooth !opengl !gtk !gtk2 )
- virtfs? ( xattr )
- vte? ( gtk )"
-
-# Yep, you need both libcap and libcap-ng since virtfs only uses libcap.
-#
-# The attr lib isn't always linked in (although the USE flag is always
-# respected). This is because qemu supports using the C library's API
-# when available rather than always using the extranl library.
-#
-# Older versions of gnutls are supported, but it's simpler to just require
-# the latest versions. This is also why we require nettle.
-#
-# TODO: Split out tools deps into another var. e.g. bzip2 is only used by
-# system binaries and tools, not user binaries.
-COMMON_LIB_DEPEND=">=dev-libs/glib-2.0[static-libs(+)]
- sys-libs/zlib[static-libs(+)]
- bzip2? ( app-arch/bzip2[static-libs(+)] )
- xattr? ( sys-apps/attr[static-libs(+)] )"
-SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND}
- >=x11-libs/pixman-0.28.0[static-libs(+)]
- accessibility? ( app-accessibility/brltty[static-libs(+)] )
- aio? ( dev-libs/libaio[static-libs(+)] )
- alsa? ( >=media-libs/alsa-lib-1.0.13 )
- bluetooth? ( net-wireless/bluez )
- caps? ( sys-libs/libcap-ng[static-libs(+)] )
- curl? ( >=net-misc/curl-7.15.4[static-libs(+)] )
- fdt? ( >=sys-apps/dtc-1.4.0[static-libs(+)] )
- glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] )
- gnutls? (
- dev-libs/nettle:=[static-libs(+)]
- >=net-libs/gnutls-3.0:=[static-libs(+)]
- )
- gtk? (
- gtk2? (
- x11-libs/gtk+:2
- vte? ( x11-libs/vte:0 )
- )
- !gtk2? (
- x11-libs/gtk+:3
- vte? ( x11-libs/vte:2.91 )
- )
- )
- infiniband? ( sys-fabric/librdmacm:=[static-libs(+)] )
- iscsi? ( net-libs/libiscsi )
- jpeg? ( virtual/jpeg:0=[static-libs(+)] )
- lzo? ( dev-libs/lzo:2[static-libs(+)] )
- ncurses? ( sys-libs/ncurses:0=[static-libs(+)] )
- nfs? ( >=net-fs/libnfs-1.9.3[static-libs(+)] )
- numa? ( sys-process/numactl[static-libs(+)] )
- opengl? (
- virtual/opengl
- media-libs/libepoxy[static-libs(+)]
- media-libs/mesa[static-libs(+)]
- media-libs/mesa[egl,gbm]
- )
- png? ( media-libs/libpng:0=[static-libs(+)] )
- pulseaudio? ( media-sound/pulseaudio )
- rbd? ( sys-cluster/ceph[static-libs(+)] )
- sasl? ( dev-libs/cyrus-sasl[static-libs(+)] )
- sdl? (
- !sdl2? (
- media-libs/libsdl[X]
- >=media-libs/libsdl-1.2.11[static-libs(+)]
- )
- sdl2? (
- media-libs/libsdl2[X]
- media-libs/libsdl2[static-libs(+)]
- )
- )
- seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] )
- smartcard? ( >=app-emulation/libcacard-2.5.0[static-libs(+)] )
- snappy? ( app-arch/snappy[static-libs(+)] )
- spice? (
- >=app-emulation/spice-protocol-0.12.3
- >=app-emulation/spice-0.12.0[static-libs(+)]
- )
- ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] )
- usb? ( >=virtual/libusb-1-r2[static-libs(+)] )
- usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] )
- vde? ( net-misc/vde[static-libs(+)] )
- virgl? ( media-libs/virglrenderer[static-libs(+)] )
- virtfs? ( sys-libs/libcap )
- xfs? ( sys-fs/xfsprogs[static-libs(+)] )"
-USER_LIB_DEPEND="${COMMON_LIB_DEPEND}"
-X86_FIRMWARE_DEPEND="
- >=sys-firmware/ipxe-1.0.0_p20130624
- pin-upstream-blobs? (
- ~sys-firmware/seabios-1.10.1
- ~sys-firmware/sgabios-0.1_pre8
- ~sys-firmware/vgabios-0.7a
- )
- !pin-upstream-blobs? (
- sys-firmware/seabios
- sys-firmware/sgabios
- sys-firmware/vgabios
- )"
-CDEPEND="
- !static-softmmu? ( $(printf "%s? ( ${SOFTMMU_LIB_DEPEND//\[static-libs(+)]} ) " ${use_softmmu_targets}) )
- !static-user? ( $(printf "%s? ( ${USER_LIB_DEPEND//\[static-libs(+)]} ) " ${use_user_targets}) )
- qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} )
- qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )
- python? ( ${PYTHON_DEPS} )
- systemtap? ( dev-util/systemtap )
- xen? ( app-emulation/xen-tools:= )"
-DEPEND="${CDEPEND}
- dev-lang/perl
- =dev-lang/python-2*
- sys-apps/texinfo
- virtual/pkgconfig
- kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 )
- gtk? ( nls? ( sys-devel/gettext ) )
- static-softmmu? ( $(printf "%s? ( ${SOFTMMU_LIB_DEPEND} ) " ${use_softmmu_targets}) )
- static-user? ( $(printf "%s? ( ${USER_LIB_DEPEND} ) " ${use_user_targets}) )
- test? (
- dev-libs/glib[utils]
- sys-devel/bc
- )"
-RDEPEND="${CDEPEND}
- selinux? ( sec-policy/selinux-qemu )
-"
-
-STRIP_MASK="/usr/share/qemu/palcode-clipper"
-
-QA_PREBUILT="
- usr/share/qemu/openbios-ppc
- usr/share/qemu/openbios-sparc64
- usr/share/qemu/openbios-sparc32
- usr/share/qemu/palcode-clipper
- usr/share/qemu/s390-ccw.img
- usr/share/qemu/u-boot.e500
-"
-
-QA_WX_LOAD="usr/bin/qemu-i386
- usr/bin/qemu-x86_64
- usr/bin/qemu-alpha
- usr/bin/qemu-arm
- usr/bin/qemu-cris
- usr/bin/qemu-m68k
- usr/bin/qemu-microblaze
- usr/bin/qemu-microblazeel
- usr/bin/qemu-mips
- usr/bin/qemu-mipsel
- usr/bin/qemu-or32
- usr/bin/qemu-ppc
- usr/bin/qemu-ppc64
- usr/bin/qemu-ppc64abi32
- usr/bin/qemu-sh4
- usr/bin/qemu-sh4eb
- usr/bin/qemu-sparc
- usr/bin/qemu-sparc64
- usr/bin/qemu-armeb
- usr/bin/qemu-sparc32plus
- usr/bin/qemu-s390x
- usr/bin/qemu-unicore32"
-
-DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure
-you have the kernel module loaded before running kvm. The easiest way to
-ensure that the kernel module is loaded is to load it on boot.\n
-For AMD CPUs the module is called 'kvm-amd'.\n
-For Intel CPUs the module is called 'kvm-intel'.\n
-Please review /etc/conf.d/modules for how to load these.\n\n
-Make sure your user is in the 'kvm' group\n
-Just run 'gpasswd -a <USER> kvm', then have <USER> re-login.\n\n
-For brand new installs, the default permissions on /dev/kvm might not let you
-access it. You can tell udev to reset ownership/perms:\n
-udevadm trigger -c add /dev/kvm"
-
-qemu_support_kvm() {
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386 \
- use qemu_softmmu_targets_ppc || use qemu_softmmu_targets_ppc64 \
- use qemu_softmmu_targets_s390x; then
- return 0
- fi
-
- return 1
-}
-
-pkg_pretend() {
- if use kernel_linux && kernel_is lt 2 6 25; then
- eerror "This version of KVM requres a host kernel of 2.6.25 or higher."
- elif use kernel_linux; then
- if ! linux_config_exists; then
- eerror "Unable to check your kernel for KVM support"
- else
- CONFIG_CHECK="~KVM ~TUN ~BRIDGE"
- ERROR_KVM="You must enable KVM in your kernel to continue"
- ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in"
- ERROR_KVM_AMD+=" your kernel configuration."
- ERROR_KVM_INTEL="If you have an Intel CPU, you must enable"
- ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration."
- ERROR_TUN="You will need the Universal TUN/TAP driver compiled"
- ERROR_TUN+=" into your kernel or loaded as a module to use the"
- ERROR_TUN+=" virtual network device if using -net tap."
- ERROR_BRIDGE="You will also need support for 802.1d"
- ERROR_BRIDGE+=" Ethernet Bridging for some network configurations."
- use vhost-net && CONFIG_CHECK+=" ~VHOST_NET"
- ERROR_VHOST_NET="You must enable VHOST_NET to have vhost-net"
- ERROR_VHOST_NET+=" support"
-
- if use amd64 || use x86 || use amd64-linux || use x86-linux; then
- CONFIG_CHECK+=" ~KVM_AMD ~KVM_INTEL"
- fi
-
- use python && CONFIG_CHECK+=" ~DEBUG_FS"
- ERROR_DEBUG_FS="debugFS support required for kvm_stat"
-
- # Now do the actual checks setup above
- check_extra_config
- fi
- fi
-
- if grep -qs '/usr/bin/qemu-kvm' "${EROOT}"/etc/libvirt/qemu/*.xml; then
- eerror "The kvm/qemu-kvm wrappers no longer exist, but your libvirt"
- eerror "instances are still pointing to it. Please update your"
- eerror "configs in /etc/libvirt/qemu/ to use the -enable-kvm flag"
- eerror "and the right system binary (e.g. qemu-system-x86_64)."
- die "update your virt configs to not use qemu-kvm"
- fi
-}
-
-pkg_setup() {
- enewgroup kvm 78
-}
-
-# Sanity check to make sure target lists are kept up-to-date.
-check_targets() {
- local var=$1 mak=$2
- local detected sorted
-
- pushd "${S}"/default-configs >/dev/null || die
-
- # Force C locale until glibc is updated. #564936
- detected=$(echo $(printf '%s\n' *-${mak}.mak | sed "s:-${mak}.mak::" | LC_COLLATE=C sort -u))
- sorted=$(echo $(printf '%s\n' ${!var} | LC_COLLATE=C sort -u))
- if [[ ${sorted} != "${detected}" ]] ; then
- eerror "The ebuild needs to be kept in sync."
- eerror "${var}: ${sorted}"
- eerror "$(printf '%-*s' ${#var} configure): ${detected}"
- die "sync ${var} to the list of targets"
- fi
-
- popd >/dev/null
-}
-
-handle_locales() {
- # Make sure locale list is kept up-to-date.
- local detected sorted
- detected=$(echo $(cd po && printf '%s\n' *.po | grep -v messages.po | sed 's:.po$::' | sort -u))
- sorted=$(echo $(printf '%s\n' ${PLOCALES} | sort -u))
- if [[ ${sorted} != "${detected}" ]] ; then
- eerror "The ebuild needs to be kept in sync."
- eerror "PLOCALES: ${sorted}"
- eerror " po/*.po: ${detected}"
- die "sync PLOCALES"
- fi
-
- # Deal with selective install of locales.
- if use nls ; then
- # Delete locales the user does not want. #577814
- rm_loc() { rm po/$1.po || die; }
- l10n_for_each_disabled_locale_do rm_loc
- else
- # Cheap hack to disable gettext .mo generation.
- rm -f po/*.po
- fi
-}
-
-src_prepare() {
- check_targets IUSE_SOFTMMU_TARGETS softmmu
- check_targets IUSE_USER_TARGETS linux-user
-
- # Alter target makefiles to accept CFLAGS set via flag-o
- sed -i -r \
- -e 's/^(C|OP_C|HELPER_C)FLAGS=/\1FLAGS+=/' \
- Makefile Makefile.target || die
-
- # Patching for musl
- epatch "${FILESDIR}"/${PN}-2.8.0-F_SHLCK-and-F_EXLCK.patch
- epatch "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
- epatch "${FILESDIR}"/${PN}-2.2.0-_sigev_un.patch
-
- epatch "${FILESDIR}"/${PN}-2.5.0-cflags.patch
- epatch "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
- epatch "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8669-1.patch #597108
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2016-9908.patch #601826
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2016-9912.patch #602630
- epatch "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10028.patch #603444
-
- # Fix ld and objcopy being called directly
- tc-export AR LD OBJCOPY
-
- # Verbose builds
- MAKEOPTS+=" V=1"
-
- epatch_user
-
- # Run after we've applied all patches.
- handle_locales
-}
-
-##
-# configures qemu based on the build directory and the build type
-# we are using.
-#
-qemu_src_configure() {
- debug-print-function ${FUNCNAME} "$@"
-
- local buildtype=$1
- local builddir="${S}/${buildtype}-build"
- local static_flag="static-${buildtype}"
-
- mkdir "${builddir}"
-
- local conf_opts=(
- --prefix=/usr
- --sysconfdir=/etc
- --libdir=/usr/$(get_libdir)
- --docdir=/usr/share/doc/${PF}/html
- --disable-bsd-user
- --disable-guest-agent
- --disable-strip
- --disable-werror
- # We support gnutls/nettle for crypto operations. It is possible
- # to use gcrypt when gnutls/nettle are disabled (but not when they
- # are enabled), but it's not really worth the hassle. Disable it
- # all the time to avoid automatically detecting it. #568856
- --disable-gcrypt
- --python="${PYTHON}"
- --cc="$(tc-getCC)"
- --cxx="$(tc-getCXX)"
- --host-cc="$(tc-getBUILD_CC)"
- $(use_enable debug debug-info)
- $(use_enable debug debug-tcg)
- --enable-docs
- $(use_enable tci tcg-interpreter)
- $(use_enable xattr attr)
- )
-
- # Disable options not used by user targets as the default configure
- # options will autoprobe and try to link in a bunch of unused junk.
- conf_softmmu() {
- if [[ ${buildtype} == "user" ]] ; then
- echo "--disable-${2:-$1}"
- else
- use_enable "$@"
- fi
- }
- conf_opts+=(
- $(conf_softmmu accessibility brlapi)
- $(conf_softmmu aio linux-aio)
- $(conf_softmmu bzip2)
- $(conf_softmmu bluetooth bluez)
- $(conf_softmmu caps cap-ng)
- $(conf_softmmu curl)
- $(conf_softmmu fdt)
- $(conf_softmmu glusterfs)
- $(conf_softmmu gnutls)
- $(conf_softmmu gnutls nettle)
- $(conf_softmmu gtk)
- $(conf_softmmu infiniband rdma)
- $(conf_softmmu iscsi libiscsi)
- $(conf_softmmu jpeg vnc-jpeg)
- $(conf_softmmu kernel_linux kvm)
- $(conf_softmmu lzo)
- $(conf_softmmu ncurses curses)
- $(conf_softmmu nfs libnfs)
- $(conf_softmmu numa)
- $(conf_softmmu opengl)
- $(conf_softmmu png vnc-png)
- $(conf_softmmu rbd)
- $(conf_softmmu sasl vnc-sasl)
- $(conf_softmmu sdl)
- $(conf_softmmu seccomp)
- $(conf_softmmu smartcard)
- $(conf_softmmu snappy)
- $(conf_softmmu spice)
- $(conf_softmmu ssh libssh2)
- $(conf_softmmu usb libusb)
- $(conf_softmmu usbredir usb-redir)
- $(conf_softmmu vde)
- $(conf_softmmu vhost-net)
- $(conf_softmmu virgl virglrenderer)
- $(conf_softmmu virtfs)
- $(conf_softmmu vnc)
- $(conf_softmmu vte)
- $(conf_softmmu xen)
- $(conf_softmmu xen xen-pci-passthrough)
- $(conf_softmmu xfs xfsctl)
- )
-
- case ${buildtype} in
- user)
- conf_opts+=(
- --enable-linux-user
- --disable-system
- --disable-blobs
- --disable-tools
- )
- ;;
- softmmu)
- # audio options
- local audio_opts="oss"
- use alsa && audio_opts="alsa,${audio_opts}"
- use sdl && audio_opts="sdl,${audio_opts}"
- use pulseaudio && audio_opts="pa,${audio_opts}"
-
- conf_opts+=(
- --disable-linux-user
- --enable-system
- --with-system-pixman
- --audio-drv-list="${audio_opts}"
- )
- use gtk && conf_opts+=( --with-gtkabi=$(usex gtk2 2.0 3.0) )
- use sdl && conf_opts+=( --with-sdlabi=$(usex sdl2 2.0 1.2) )
- ;;
- tools)
- conf_opts+=(
- --disable-linux-user
- --disable-system
- --disable-blobs
- $(use_enable bzip2)
- )
- static_flag="static"
- ;;
- esac
-
- local targets="${buildtype}_targets"
- [[ -n ${targets} ]] && conf_opts+=( --target-list="${!targets}" )
-
- # Add support for SystemTAP
- use systemtap && conf_opts+=( --enable-trace-backend=dtrace )
-
- # We always want to attempt to build with PIE support as it results
- # in a more secure binary. But it doesn't work with static or if
- # the current GCC doesn't have PIE support.
- if use ${static_flag}; then
- conf_opts+=( --static --disable-pie )
- else
- gcc-specs-pie && conf_opts+=( --enable-pie )
- fi
-
- echo "../configure ${conf_opts[*]}"
- cd "${builddir}"
- ../configure "${conf_opts[@]}" || die "configure failed"
-
- # FreeBSD's kernel does not support QEMU assigning/grabbing
- # host USB devices yet
- use kernel_FreeBSD && \
- sed -i -E -e "s|^(HOST_USB=)bsd|\1stub|" "${S}"/config-host.mak
-}
-
-src_configure() {
- local target
-
- python_setup
-
- softmmu_targets= softmmu_bins=()
- user_targets= user_bins=()
-
- for target in ${IUSE_SOFTMMU_TARGETS} ; do
- if use "qemu_softmmu_targets_${target}"; then
- softmmu_targets+=",${target}-softmmu"
- softmmu_bins+=( "qemu-system-${target}" )
- fi
- done
-
- for target in ${IUSE_USER_TARGETS} ; do
- if use "qemu_user_targets_${target}"; then
- user_targets+=",${target}-linux-user"
- user_bins+=( "qemu-${target}" )
- fi
- done
-
- softmmu_targets=${softmmu_targets#,}
- user_targets=${user_targets#,}
-
- [[ -n ${softmmu_targets} ]] && qemu_src_configure "softmmu"
- [[ -n ${user_targets} ]] && qemu_src_configure "user"
- [[ -z ${softmmu_targets}${user_targets} ]] && qemu_src_configure "tools"
-}
-
-src_compile() {
- if [[ -n ${user_targets} ]]; then
- cd "${S}/user-build"
- default
- fi
-
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- default
- fi
-
- if [[ -z ${softmmu_targets}${user_targets} ]]; then
- cd "${S}/tools-build"
- default
- fi
-}
-
-src_test() {
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- pax-mark m */qemu-system-* #515550
- emake -j1 check
- emake -j1 check-report.html
- fi
-}
-
-qemu_python_install() {
- python_domodule "${S}/scripts/qmp/qmp.py"
-
- python_doscript "${S}/scripts/kvm/vmxcap"
- python_doscript "${S}/scripts/qmp/qmp-shell"
- python_doscript "${S}/scripts/qmp/qemu-ga-client"
-}
-
-src_install() {
- if [[ -n ${user_targets} ]]; then
- cd "${S}/user-build"
- emake DESTDIR="${ED}" install
-
- # Install binfmt handler init script for user targets
- newinitd "${FILESDIR}/qemu-binfmt.initd-r1" qemu-binfmt
- fi
-
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- emake DESTDIR="${ED}" install
-
- # This might not exist if the test failed. #512010
- [[ -e check-report.html ]] && dohtml check-report.html
-
- if use kernel_linux; then
- udev_dorules "${FILESDIR}"/65-kvm.rules
- fi
-
- if use python; then
- python_foreach_impl qemu_python_install
- fi
- fi
-
- if [[ -z ${softmmu_targets}${user_targets} ]]; then
- cd "${S}/tools-build"
- emake DESTDIR="${ED}" install
- fi
-
- # Disable mprotect on the qemu binaries as they use JITs to be fast #459348
- pushd "${ED}"/usr/bin >/dev/null
- pax-mark m "${softmmu_bins[@]}" "${user_bins[@]}"
- popd >/dev/null
-
- # Install config file example for qemu-bridge-helper
- insinto "/etc/qemu"
- doins "${FILESDIR}/bridge.conf"
-
- # Remove the docdir placed qmp-commands.txt
- mv "${ED}/usr/share/doc/${PF}/html/qmp-commands.txt" "${S}/docs/" || die
-
- cd "${S}"
- dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt
- newdoc pc-bios/README README.pc-bios
- dodoc docs/qmp-*.txt
-
- if [[ -n ${softmmu_targets} ]]; then
- # Remove SeaBIOS since we're using the SeaBIOS packaged one
- rm "${ED}/usr/share/qemu/bios.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../seabios/bios.bin /usr/share/qemu/bios.bin
- fi
-
- # Remove vgabios since we're using the vgabios packaged one
- rm "${ED}/usr/share/qemu/vgabios.bin"
- rm "${ED}/usr/share/qemu/vgabios-cirrus.bin"
- rm "${ED}/usr/share/qemu/vgabios-qxl.bin"
- rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
- rm "${ED}/usr/share/qemu/vgabios-vmware.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../vgabios/vgabios.bin /usr/share/qemu/vgabios.bin
- dosym ../vgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
- dosym ../vgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
- dosym ../vgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
- dosym ../vgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
- fi
-
- # Remove sgabios since we're using the sgabios packaged one
- rm "${ED}/usr/share/qemu/sgabios.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../sgabios/sgabios.bin /usr/share/qemu/sgabios.bin
- fi
-
- # Remove iPXE since we're using the iPXE packaged one
- rm "${ED}"/usr/share/qemu/pxe-*.rom
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../ipxe/8086100e.rom /usr/share/qemu/pxe-e1000.rom
- dosym ../ipxe/80861209.rom /usr/share/qemu/pxe-eepro100.rom
- dosym ../ipxe/10500940.rom /usr/share/qemu/pxe-ne2k_pci.rom
- dosym ../ipxe/10222000.rom /usr/share/qemu/pxe-pcnet.rom
- dosym ../ipxe/10ec8139.rom /usr/share/qemu/pxe-rtl8139.rom
- dosym ../ipxe/1af41000.rom /usr/share/qemu/pxe-virtio.rom
- fi
- fi
-
- qemu_support_kvm && readme.gentoo_create_doc
-}
-
-pkg_postinst() {
- if qemu_support_kvm; then
- readme.gentoo_print_elog
- fi
-
- if [[ -n ${softmmu_targets} ]] && use kernel_linux; then
- udev_reload
- fi
-
- fcaps cap_net_admin /usr/libexec/qemu-bridge-helper
-}
-
-pkg_info() {
- echo "Using:"
- echo " $(best_version app-emulation/spice-protocol)"
- echo " $(best_version sys-firmware/ipxe)"
- echo " $(best_version sys-firmware/seabios)"
- if has_version 'sys-firmware/seabios[binary]'; then
- echo " USE=binary"
- else
- echo " USE=''"
- fi
- echo " $(best_version sys-firmware/vgabios)"
-}
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/
@ 2017-03-27 16:18 Aric Belsito
0 siblings, 0 replies; 19+ messages in thread
From: Aric Belsito @ 2017-03-27 16:18 UTC (permalink / raw
To: gentoo-commits
commit: c42fdfd7bcf6b7926612c3ba4c27db0a09a963ca
Author: Aric Belsito <lluixhi <AT> gmail <DOT> com>
AuthorDate: Mon Mar 27 16:18:24 2017 +0000
Commit: Aric Belsito <lluixhi <AT> gmail <DOT> com>
CommitDate: Mon Mar 27 16:18:24 2017 +0000
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=c42fdfd7
app-emulation/qemu: version bump to 2.8.0-r9
app-emulation/qemu/Manifest | 4 +-
.../qemu/files/qemu-2.8.0-CVE-2017-6505.patch | 52 ++++++++++++++++++++++
.../{qemu-2.8.0-r7.ebuild => qemu-2.8.0-r9.ebuild} | 11 ++++-
3 files changed, 65 insertions(+), 2 deletions(-)
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
index b0fc844..3e953ef 100644
--- a/app-emulation/qemu/Manifest
+++ b/app-emulation/qemu/Manifest
@@ -25,11 +25,13 @@ AUX qemu-2.8.0-CVE-2017-5931.patch 1696 SHA256 cdb1ea1306bf00042f13637eef78d3580
AUX qemu-2.8.0-CVE-2017-5973.patch 2815 SHA256 206d01053ce678e2c83174b278755e112099f76350aaa765525d344a87365ded SHA512 31b4bd1b8398d8044ace7660a049c492beda83613818a718477257e0bdf922d63423100fd59f2e8411dc952d282a7c405b916ab437b131b31c21dcf65f98edce WHIRLPOOL ea43efbdd5fdc51e1b8b5057fbe50b3911896cbda8437998ca203d34db82524eb42a77440f2490574a48f15ba1c4bbb7d9c40bfb6e99e96278a1d1912ea210a7
AUX qemu-2.8.0-CVE-2017-5987.patch 1889 SHA256 c4f2175970deca9b00bf657e66b8df31a02efce469eec02279a9659b9cb18bb0 SHA512 32708f91edbbb61ac444ee71b97a30138380544389f6265d7cb7aec330ebaaa7ca69844a9462c817fbda117e78748fc4fdeb655e70bcd72ddd8b112fd9619b0d WHIRLPOOL 1aa99740495c0d2a577cf13c47669aeba75ad389394736ce16fde31c91931254820accad85a6d6fee9757595bec3f222413a89fe4ca125913be7ecc97f33b365
AUX qemu-2.8.0-CVE-2017-6058.patch 3797 SHA256 06c01fcd53dab66af55df164f1616d14847b2a0fd46abe7445b7e3e7b7ee77cf SHA512 1425e7df38cd44903fe78e7728d7eb3df2d8486895f38a87c4e0c63aa5cc4a2b19032d486fcb5676201242039364a1f3d34b256606b5f8ae74028432e6d50286 WHIRLPOOL 9a48c2f00ac146c29163422c10ca62e3065a36752b865b6b9e3408edf019f3585579ac074b5325777e6a405a11d0ce09da33eb6499012377f0c9ef8c52bf2840
+AUX qemu-2.8.0-CVE-2017-6505.patch 1481 SHA256 55e3b7e65e519caef4fdd28cccb973613759cce0d67eb64c2093b4f0a4e428e1 SHA512 5326f28a9340f392e4f32e4cd5f58cae0769859e10fd4d201983d40ec6b4d094d6a0cad2638e1e6f3e5228b93af26cc4f4a155e0d94bad89d0ea9b866f535aa7 WHIRLPOOL c88312cd5e779a98c905f175d61400ef7bb59795cc1e0392da0018a158a4c435ffa07f1e6a621db6eea925a0dbb986442eab4f79f956dc1955058fc97670f390
AUX qemu-2.8.0-F_SHLCK-and-F_EXLCK.patch 574 SHA256 d02353daa0ecfe161e938a5e54feab641b901f4a35c8f5831133676a6f53f43f SHA512 6b64750335aae1142ca9132fb766ac2aaeacfcdda0aa0cfca19afc4c3ea3806e30ce603fcec3767e40e84efb0ae8b9a23f21d46c807c13bb646be74f99e13389 WHIRLPOOL 7401c3daf162c71a5a5c3729855fddb5df95609b34c86ea0f4d872c8f132d6ac089cfb35a990af70aef8b7b63fe075a1e2be376b6db09bc70e8d51e48aded354
AUX qemu-binfmt.initd-r1 7959 SHA256 13c2791fb48080e9f264670dbe1915f03249d87d740f9b0f2c9502fccb056d03 SHA512 8aee19b4a993113ef4fafe3ab8b561edcc0c16782b36947e757233b6d33d26b48c1b9087c0f300be0d21ad19de14c684e8f2032ae2cd28888130a37ca4d6c314 WHIRLPOOL 3d86861fbe66c0a192a5577b7cd83ab01efd184849b25f8a804aace7a1fb46d87363d6417cc21a3447d2ed50c9db4409121dddae297678e3adc7d4c71556b695
AUX qemu-binfmt.initd.head 1445 SHA256 a9b4b1d1ffa82d572c01f14ebfbafb4b3a4c2eb5cad5af62c059f603a9f5a277 SHA512 a735268ae9ac84d8f2f2893bf018ee6de33231fa94a823bd8502b529bb456635c1ab5cf9b440df5ede8e414291f8bf45fc53898c2f3939c50d5ec4ffa554396a WHIRLPOOL 3ec0f916d5928d464fa8416c8eac472cfa01b560bba07642ff7929799918d1c8059ac7368ff5551e6aa993027849de08035d856db7981315d8e4ec470a0f785e
AUX qemu-binfmt.initd.tail 245 SHA256 1b765f5212946b73b8e4d92f64d34a9d2e358ef541c02164f6d6dd93cb15e1e7 SHA512 bcca16805f8380d52cc591ea3d65a8f6e5de456730618f6aee301510edb75d235a22d4d7aeed224882210392840adb403eb53234b6cb76a4cb24533852a8b737 WHIRLPOOL 41ddd1751101646e700a6fe4ef879bd4149d646a801f97e40534051895697dcbded06a1edda51457a0d624fbf68442c3e57178a3ee8e683e35368b88d10ba4a4
+DIST qemu-2.8.0-CVE-2016-9602-patches.tar.xz 16264 SHA256 18ac829c6003a3f997db4030a46b422028c58fead158f0c5ffe36ad65acb84e0 SHA512 a56694d1600e4fd1ffd6bbe031a0db226fc5c88306797cc4e42d1dc6127b83d1791cb4e026988b3aad82eab84382e41077ae71e532d1d3489e179730185c0964 WHIRLPOOL 22057b001c478b2b0d97ad70393c973aefc6277d89bb5a1ae03c3c39b5182ddfbe541964761f512ed5735dc442e1f40d0a955ad5b270758e21ce815be86b24bd
DIST qemu-2.8.0.tar.bz2 28368517 SHA256 dafd5d7f649907b6b617b822692f4c82e60cf29bc0fc58bc2036219b591e5e62 SHA512 50f2988d822388ba9fd1bf5dbe68359033ed7432d7f0f9790299f32f63faa6dc72979256b5632ba572d47ee3e74ed40e3e8e331dc6303ec1599f1b4367cb78c2 WHIRLPOOL 0ce4e0539657eb832e4039819e7360c792b6aa41c718f0e0d762f4933217f0d370af94b1d6d9776853575b4a6811d8c85db069bf09d21bd15399ac8b50440ff5
EBUILD qemu-2.8.0-r3.ebuild 21992 SHA256 a2c7a92d214b05e2c6f58fb0d7263472d6a44259de99afc674df713303b432bb SHA512 80699e92ae269cb6ab33b3ec0be164111b68e25d498d8af3624f04bca799174937f1fd2cf49357e0598f6567873cdc8aac3310a1175e328207de8ca5b97856d1 WHIRLPOOL 2079c97d3aa8589c70288cbcca7e1d8591adb1b40a0846b6a683fc6c72f142892e65b6adfac750931e2e63aa33a9d99f31f9659bd5664e6145059f28ecfced1a
-EBUILD qemu-2.8.0-r7.ebuild 23243 SHA256 50297d1c34059239373a804aa2fc61926800a1f1a2ff9bfff486e35209a5d4c4 SHA512 8a16c952ebd7ce097cb061e9f68b528a61c0da0667b303faa276fe8f9c68e874a2f37f46a04cf6b9dae7ead5fd79716941f083f2af2af59aae7c112857da2a15 WHIRLPOOL 1050f6ae755095d731305b263b77cca66671071acde4952981dc40315f9d810c5f9590da31a6eb9a858e67193c092769d3efc8b28093d74691b017cc1429d31a
+EBUILD qemu-2.8.0-r9.ebuild 23468 SHA256 171081a422acc5ecb21cd0400cdb1ea5ad3112379e417aefe37893d1f8ef1575 SHA512 0c4dbb8a03eaf5232819b6482c853d400ffc1c863d5df360a3820a5fa418ea90e204fdf447e72acd5489d8e9294d703be85c58ecabd460f5690c51526c05bad6 WHIRLPOOL 5e8ee3b23f57a62e32f4671c7803880c551b826d0dad357bb587b6ccae4fbf74c2f90b83812c8db9e15b8531150e729bfb7d4b084c702757dc59e22d8b5ee141
MISC metadata.xml 3890 SHA256 50fd5960fa2280175116b5ee5ff4a9625f02e38f560061a00b2640cde4846d69 SHA512 f19e826a9daba7f2676f0459f97e7bdc752652ccf8b9dd009fd569977015b0656fee21c74529e53b6bc51c2f19e746f417c3dc1e1472e3767cdefa0746b0876c WHIRLPOOL 03e0dafcdc13beffb0044ce5227b83aa272a21e9835fce9ad16d5bdf56ee1a4c3a1ae4b10d1cdaf405502532b84991b150de262f12fa72497052c2377046845f
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-6505.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-6505.patch
new file mode 100644
index 0000000..a15aa96
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-6505.patch
@@ -0,0 +1,52 @@
+From 95ed56939eb2eaa4e2f349fe6dcd13ca4edfd8fb Mon Sep 17 00:00:00 2001
+From: Li Qiang <liqiang6-s@360.cn>
+Date: Tue, 7 Feb 2017 02:23:33 -0800
+Subject: [PATCH] usb: ohci: limit the number of link eds
+
+The guest may builds an infinite loop with link eds. This patch
+limit the number of linked ed to avoid this.
+
+Signed-off-by: Li Qiang <liqiang6-s@360.cn>
+Message-id: 5899a02e.45ca240a.6c373.93c1@mx.google.com
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ hw/usb/hcd-ohci.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/hw/usb/hcd-ohci.c b/hw/usb/hcd-ohci.c
+index 2cba3e3..21c93e0 100644
+--- a/hw/usb/hcd-ohci.c
++++ b/hw/usb/hcd-ohci.c
+@@ -42,6 +42,8 @@
+
+ #define OHCI_MAX_PORTS 15
+
++#define ED_LINK_LIMIT 4
++
+ static int64_t usb_frame_time;
+ static int64_t usb_bit_time;
+
+@@ -1184,7 +1186,7 @@ static int ohci_service_ed_list(OHCIState *ohci, uint32_t head, int completion)
+ uint32_t next_ed;
+ uint32_t cur;
+ int active;
+-
++ uint32_t link_cnt = 0;
+ active = 0;
+
+ if (head == 0)
+@@ -1199,6 +1201,11 @@ static int ohci_service_ed_list(OHCIState *ohci, uint32_t head, int completion)
+
+ next_ed = ed.next & OHCI_DPTR_MASK;
+
++ if (++link_cnt > ED_LINK_LIMIT) {
++ ohci_die(ohci);
++ return 0;
++ }
++
+ if ((ed.head & OHCI_ED_H) || (ed.flags & OHCI_ED_K)) {
+ uint32_t addr;
+ /* Cancel pending packets for ED that have been paused. */
+--
+2.10.2
+
diff --git a/app-emulation/qemu/qemu-2.8.0-r7.ebuild b/app-emulation/qemu/qemu-2.8.0-r9.ebuild
similarity index 98%
rename from app-emulation/qemu/qemu-2.8.0-r7.ebuild
rename to app-emulation/qemu/qemu-2.8.0-r9.ebuild
index d9d2ca3..8ba8079 100644
--- a/app-emulation/qemu/qemu-2.8.0-r7.ebuild
+++ b/app-emulation/qemu/qemu-2.8.0-r9.ebuild
@@ -20,6 +20,10 @@ else
KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd"
fi
+# bug #606088
+SRC_URI+="
+ https://dev.gentoo.org/~tamiko/distfiles/${P}-CVE-2016-9602-patches.tar.xz"
+
DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
@@ -77,7 +81,10 @@ TARGETS_DEPEND="
>=dev-libs/glib-2.0[static-libs(+)]
>=x11-libs/pixman-0.28.0[static-libs(+)]
sys-libs/zlib[static-libs(+)]
- accessibility? ( app-accessibility/brltty[static-libs(+)] )
+ accessibility? (
+ app-accessibility/brltty[api]
+ app-accessibility/brltty[static-libs(+)]
+ )
aio? ( dev-libs/libaio[static-libs(+)] )
alsa? ( >=media-libs/alsa-lib-1.0.13 )
bluetooth? ( net-wireless/bluez )
@@ -212,6 +219,8 @@ PATCHES=(
"${FILESDIR}"/${PN}-2.8.0-CVE-2017-5987.patch #609398
"${FILESDIR}"/${PN}-2.8.0-CVE-2017-6058.patch #609638
"${FILESDIR}"/${PN}-2.8.0-CVE-2017-2620.patch #609206
+ "${FILESDIR}"/${PN}-2.8.0-CVE-2017-6505.patch #612220
+ "${S}-CVE-2016-9602-patches"
)
STRIP_MASK="/usr/share/qemu/palcode-clipper"
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/
@ 2017-04-25 16:36 Aric Belsito
0 siblings, 0 replies; 19+ messages in thread
From: Aric Belsito @ 2017-04-25 16:36 UTC (permalink / raw
To: gentoo-commits
commit: 9cfda0474418190f9b569496d12a73e0e190c097
Author: Aric Belsito <lluixhi <AT> gmail <DOT> com>
AuthorDate: Tue Apr 25 16:35:46 2017 +0000
Commit: Aric Belsito <lluixhi <AT> gmail <DOT> com>
CommitDate: Tue Apr 25 16:35:46 2017 +0000
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=9cfda047
app-emulation/qemu: version bump to 2.9.0
app-emulation/qemu/Manifest | 6 +-
.../qemu/files/qemu-2.8.1-CVE-2017-7471.patch | 64 ++++++++++++++++++++++
.../qemu/files/qemu-2.8.1-CVE-2017-8086.patch | 28 ++++++++++
.../{qemu-2.8.1-r1.ebuild => qemu-2.8.1-r2.ebuild} | 6 +-
.../{qemu-2.8.1-r1.ebuild => qemu-2.9.0.ebuild} | 30 ++--------
5 files changed, 106 insertions(+), 28 deletions(-)
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
index 1b3ada7..412e105 100644
--- a/app-emulation/qemu/Manifest
+++ b/app-emulation/qemu/Manifest
@@ -28,11 +28,15 @@ AUX qemu-2.8.0-CVE-2017-6058.patch 3797 SHA256 06c01fcd53dab66af55df164f1616d148
AUX qemu-2.8.0-CVE-2017-6505.patch 1481 SHA256 55e3b7e65e519caef4fdd28cccb973613759cce0d67eb64c2093b4f0a4e428e1 SHA512 5326f28a9340f392e4f32e4cd5f58cae0769859e10fd4d201983d40ec6b4d094d6a0cad2638e1e6f3e5228b93af26cc4f4a155e0d94bad89d0ea9b866f535aa7 WHIRLPOOL c88312cd5e779a98c905f175d61400ef7bb59795cc1e0392da0018a158a4c435ffa07f1e6a621db6eea925a0dbb986442eab4f79f956dc1955058fc97670f390
AUX qemu-2.8.0-CVE-2017-7377.patch 1554 SHA256 36fbd8ec9fa7d910fde8b6b8905717b322bd23b50c2b2f925e1a2415ae306755 SHA512 195be1a75340c41aa89614aad8d07f2cf630eb10f3160cb8a86d85371ea9d7dcdbe9d49e9752ac3d6765c8d4c99c845408933b57cf21199f77ba09fcf79a02c8 WHIRLPOOL 8d7677ae3cfe18e34072ef23666c4658553a7d3b564d96e480ae432281d403242f2013d9fb189d473ab9c31def515401d22c04ba8e86d93d0369e95b1e371574
AUX qemu-2.8.0-F_SHLCK-and-F_EXLCK.patch 574 SHA256 d02353daa0ecfe161e938a5e54feab641b901f4a35c8f5831133676a6f53f43f SHA512 6b64750335aae1142ca9132fb766ac2aaeacfcdda0aa0cfca19afc4c3ea3806e30ce603fcec3767e40e84efb0ae8b9a23f21d46c807c13bb646be74f99e13389 WHIRLPOOL 7401c3daf162c71a5a5c3729855fddb5df95609b34c86ea0f4d872c8f132d6ac089cfb35a990af70aef8b7b63fe075a1e2be376b6db09bc70e8d51e48aded354
+AUX qemu-2.8.1-CVE-2017-7471.patch 2310 SHA256 ae5129c0f278de155f69e3d306038fa259c28ecb09a623262362163b00de85cc SHA512 dd5c5bc8e5ee9eb27516276d53f78ecde00b4fe5debbbdd8db1c3a2f2ef663667598acbb3b95f220e709ed89e1a0077733ca4fc1cb2fa0eb0f700e9931ddd003 WHIRLPOOL c91ddbdbc685dc76efc417087d680751aaade178593ca96fbff7b8ae1e0d0bdb659faee676d31b606e16c4adf446632a8a9350a57a1ac049b7649bdc0c3b8cf0
+AUX qemu-2.8.1-CVE-2017-8086.patch 751 SHA256 ff6f3bc1a94861da633f9e5517dde6b2719e227773941e7c9651281c77216589 SHA512 84197e80d28322efaa327dc7ad3ffc5e8bf791d89255e8ac7d5c5e9cebba3786c4e21008cbfb704de5323554a9d3f0873068c0a06493d4ca3b7849523eab6212 WHIRLPOOL 73f88468ba89d8384c04ffa3af646c8b628f1fa52f27866095f84ea1241f421763699ae18553d835133de70d7f244d0638d83d15881e5a3858a1128b14a1bcf3
AUX qemu-binfmt.initd.head 1445 SHA256 a9b4b1d1ffa82d572c01f14ebfbafb4b3a4c2eb5cad5af62c059f603a9f5a277 SHA512 a735268ae9ac84d8f2f2893bf018ee6de33231fa94a823bd8502b529bb456635c1ab5cf9b440df5ede8e414291f8bf45fc53898c2f3939c50d5ec4ffa554396a WHIRLPOOL 3ec0f916d5928d464fa8416c8eac472cfa01b560bba07642ff7929799918d1c8059ac7368ff5551e6aa993027849de08035d856db7981315d8e4ec470a0f785e
AUX qemu-binfmt.initd.tail 245 SHA256 1b765f5212946b73b8e4d92f64d34a9d2e358ef541c02164f6d6dd93cb15e1e7 SHA512 bcca16805f8380d52cc591ea3d65a8f6e5de456730618f6aee301510edb75d235a22d4d7aeed224882210392840adb403eb53234b6cb76a4cb24533852a8b737 WHIRLPOOL 41ddd1751101646e700a6fe4ef879bd4149d646a801f97e40534051895697dcbded06a1edda51457a0d624fbf68442c3e57178a3ee8e683e35368b88d10ba4a4
DIST qemu-2.8.0-CVE-2016-9602-patches.tar.xz 16264 SHA256 18ac829c6003a3f997db4030a46b422028c58fead158f0c5ffe36ad65acb84e0 SHA512 a56694d1600e4fd1ffd6bbe031a0db226fc5c88306797cc4e42d1dc6127b83d1791cb4e026988b3aad82eab84382e41077ae71e532d1d3489e179730185c0964 WHIRLPOOL 22057b001c478b2b0d97ad70393c973aefc6277d89bb5a1ae03c3c39b5182ddfbe541964761f512ed5735dc442e1f40d0a955ad5b270758e21ce815be86b24bd
DIST qemu-2.8.0.tar.bz2 28368517 SHA256 dafd5d7f649907b6b617b822692f4c82e60cf29bc0fc58bc2036219b591e5e62 SHA512 50f2988d822388ba9fd1bf5dbe68359033ed7432d7f0f9790299f32f63faa6dc72979256b5632ba572d47ee3e74ed40e3e8e331dc6303ec1599f1b4367cb78c2 WHIRLPOOL 0ce4e0539657eb832e4039819e7360c792b6aa41c718f0e0d762f4933217f0d370af94b1d6d9776853575b4a6811d8c85db069bf09d21bd15399ac8b50440ff5
DIST qemu-2.8.1.tar.bz2 28366270 SHA256 018e4c7ed22c220395cf41f835d01505e49d0e579a548bd3d72b03809442bbcd SHA512 0397b4029cdcb77ed053c44b3579a3f34894038e6fc6b4aa88de14515f5a78bf2f41c5e865f37111529f567c85d2f1c4deefae47dde54f76eac79410e5b2bdda WHIRLPOOL c41f53f18fac44efd1c81ba9d95204d23e9a70dc9c21624177be2fe92a327428fd5704b25bc334229fa36ae395fb4c82ba3955db39719c4458343978a4d3141a
+DIST qemu-2.9.0.tar.bz2 28720490 SHA256 00bfb217b1bb03c7a6c3261b819cfccbfb5a58e3e2ceff546327d271773c6c14 SHA512 4b28966eec0ca44681e35fcfb64a4eaef7c280b8d65c91d03f2efa37f76278fd8c1680e5798c7a30dbfcc8f3c05f4a803f48b8a2dfec3a4181bac079b2a5e422 WHIRLPOOL d79fe89eb271a56aee0cbd328e5f96999176b711afb5683d164b7b99d91e6dd2bfaf6e2ff4cd820a941c94f28116765cb07ffd5809d75c2f9654a67d56bfc0c1
EBUILD qemu-2.8.0-r10.ebuild 23278 SHA256 c94a06a16fb45995d37e0bfa62dc742601c169156d30b97456d923856693efd1 SHA512 ebd5ea426efc57bb2eb78489049f212e11eb4ab70d23418ad7c04c3161a749ec638edcdd39355107762915c4f13079a3dc1555c58f3d696cd286a9fd6bd25491 WHIRLPOOL 94c220281705e2d6414a7d52b8f93373ae193f0095c88fd76d9e0b10f7a11266e3350d3b354651f87c094a3cf63e12b9374beefb839a1a9f0d17f92732786a01
-EBUILD qemu-2.8.1-r1.ebuild 22805 SHA256 067a0713f27ed9aa1a44465dc1d1ec7664f2f539cbe6f8b8572423f97b6b5529 SHA512 ddd47ad7f5ee26eb0e60217bcb821bd67d7f6e99700b99a77b3633b76ff68686514d0186c0bc271bcba3343f9afbc70be4543f644ce434bc40c961033b4ad8c5 WHIRLPOOL 458dd42f06f89db818da2eb4817fcaad7b1ed4d25dff863ab6e05523025d61a95fbf6a63fe7ca213334d80178a3705918f0ff4d9318d8fcd11c329edbbd6ab3c
+EBUILD qemu-2.8.1-r2.ebuild 22910 SHA256 69bab6142f0850f44a29f22529f6f9e9bf2423b1fb983df57087f4ca60d35cd0 SHA512 91176de504a48641caa2417bee138ef319917474565243d719322cbc47310c10fc6098029e634a82904badfd7c1a11b1976fc839ef999508531a7c5755fab2d8 WHIRLPOOL 14470c66e8d40ba5e3a92993fcf2c75bb73cb434d511ebee20d649ed367bb3d50f1d5294cb19ba3e19dc0d419f02e06957242648dff958bb6a2fa1746b45e977
+EBUILD qemu-2.9.0.ebuild 21726 SHA256 aafaa57f957ec9b7bb413da091c62fcb09f0573913baae15c53e2e9b15bfc9c9 SHA512 d67884745e6be21a2cdb8611ef818ae5c42aa847721d9b0ba49e8cdfc0d58cfda660ac7befdcef63d80ecd27b9963f7c21aebdb271d1b7271ac63ee46219900b WHIRLPOOL b59ff23f60bd3f82ce48c003718e2d8b35e7d0ffb03670eb3d6bc7833ca00e70117ba3312d7a369cbd169cb1e8fa987c0e91f7948ea25ca6f43be05d48521e0d
MISC metadata.xml 3794 SHA256 149f7bc9927e13bbf7355972e85df6f9f198dd17fb575a7e516817d6a88018fb SHA512 10f130f225b90dacf8262247d795a247abfdcbf3ad5fbe0693e8d4db79f755984f690cb150a7eb5a8e5d669ce404145c4fbb6b200d6362319be74759fd78b6d3 WHIRLPOOL 6a5e88caeb64387f619a19fecb55c39ccf3c8dcd360523e8d61b80051001c02fe81432c55e40b3f360295b35e9f5a1f707c570baf95cad06d18c4cd484da0ceb
diff --git a/app-emulation/qemu/files/qemu-2.8.1-CVE-2017-7471.patch b/app-emulation/qemu/files/qemu-2.8.1-CVE-2017-7471.patch
new file mode 100644
index 0000000..c5366f5
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.1-CVE-2017-7471.patch
@@ -0,0 +1,64 @@
+From 9c6b899f7a46893ab3b671e341a2234e9c0c060e Mon Sep 17 00:00:00 2001
+From: Greg Kurz <groug@kaod.org>
+Date: Mon, 17 Apr 2017 10:53:23 +0200
+Subject: [PATCH] 9pfs: local: set the path of the export root to "."
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The local backend was recently converted to using "at*()" syscalls in order
+to ensure all accesses happen below the shared directory. This requires that
+we only pass relative paths, otherwise the dirfd argument to the "at*()"
+syscalls is ignored and the path is treated as an absolute path in the host.
+This is actually the case for paths in all fids, with the notable exception
+of the root fid, whose path is "/". This causes the following backend ops to
+act on the "/" directory of the host instead of the virtfs shared directory
+when the export root is involved:
+- lstat
+- chmod
+- chown
+- utimensat
+
+ie, chmod /9p_mount_point in the guest will be converted to chmod / in the
+host for example. This could cause security issues with a privileged QEMU.
+
+All "*at()" syscalls are being passed an open file descriptor. In the case
+of the export root, this file descriptor points to the path in the host that
+was passed to -fsdev.
+
+The fix is thus as simple as changing the path of the export root fid to be
+"." instead of "/".
+
+This is CVE-2017-7471.
+
+Cc: qemu-stable@nongnu.org
+Reported-by: Léo Gaspard <leo@gaspard.io>
+Signed-off-by: Greg Kurz <groug@kaod.org>
+Reviewed-by: Eric Blake <eblake@redhat.com>
+Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
+---
+ hw/9pfs/9p-local.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
+index 45e9a1f..f3ebca4 100644
+--- a/hw/9pfs/9p-local.c
++++ b/hw/9pfs/9p-local.c
+@@ -1098,8 +1098,13 @@ static int local_name_to_path(FsContext *ctx, V9fsPath *dir_path,
+ {
+ if (dir_path) {
+ v9fs_path_sprintf(target, "%s/%s", dir_path->data, name);
+- } else {
++ } else if (strcmp(name, "/")) {
+ v9fs_path_sprintf(target, "%s", name);
++ } else {
++ /* We want the path of the export root to be relative, otherwise
++ * "*at()" syscalls would treat it as "/" in the host.
++ */
++ v9fs_path_sprintf(target, "%s", ".");
+ }
+ return 0;
+ }
+--
+2.10.2
+
diff --git a/app-emulation/qemu/files/qemu-2.8.1-CVE-2017-8086.patch b/app-emulation/qemu/files/qemu-2.8.1-CVE-2017-8086.patch
new file mode 100644
index 0000000..eac72f3
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.8.1-CVE-2017-8086.patch
@@ -0,0 +1,28 @@
+From 4ffcdef4277a91af15a3c09f7d16af072c29f3f2 Mon Sep 17 00:00:00 2001
+From: Li Qiang <liq3ea@gmail.com>
+Date: Fri, 7 Apr 2017 03:48:52 -0700
+Subject: [PATCH] 9pfs: xattr: fix memory leak in v9fs_list_xattr
+
+Free 'orig_value' in error path.
+
+Signed-off-by: Li Qiang <liqiang6-s@360.cn>
+Signed-off-by: Greg Kurz <groug@kaod.org>
+---
+ hw/9pfs/9p-xattr.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/hw/9pfs/9p-xattr.c b/hw/9pfs/9p-xattr.c
+index eec160b..d05c1a1 100644
+--- a/hw/9pfs/9p-xattr.c
++++ b/hw/9pfs/9p-xattr.c
+@@ -108,6 +108,7 @@ ssize_t v9fs_list_xattr(FsContext *ctx, const char *path,
+ g_free(name);
+ close_preserve_errno(dirfd);
+ if (xattr_len < 0) {
++ g_free(orig_value);
+ return -1;
+ }
+
+--
+2.10.2
+
diff --git a/app-emulation/qemu/qemu-2.8.1-r1.ebuild b/app-emulation/qemu/qemu-2.8.1-r2.ebuild
similarity index 99%
copy from app-emulation/qemu/qemu-2.8.1-r1.ebuild
copy to app-emulation/qemu/qemu-2.8.1-r2.ebuild
index d4f9c15..fa8727b 100644
--- a/app-emulation/qemu/qemu-2.8.1-r1.ebuild
+++ b/app-emulation/qemu/qemu-2.8.1-r2.ebuild
@@ -29,8 +29,8 @@ IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt
glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux
kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png
pulseaudio python rbd sasl +seccomp sdl sdl2 selinux smartcard snappy
- spice ssh static static-user systemtap tci test +threads usb usbredir
- vde +vhost-net virgl virtfs +vnc vte xattr xen xfs"
+ spice ssh static static-user systemtap tci test usb usbredir vde
+ +vhost-net virgl virtfs +vnc vte xattr xen xfs"
COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel
mips mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc
@@ -213,6 +213,8 @@ PATCHES=(
"${FILESDIR}"/${PN}-2.8.0-CVE-2017-5987.patch #609398
"${FILESDIR}"/${PN}-2.8.0-CVE-2017-6505.patch #612220
"${FILESDIR}"/${PN}-2.8.0-CVE-2017-7377.patch #614744
+ "${FILESDIR}"/${PN}-2.8.1-CVE-2017-7471.patch #616484
+ "${FILESDIR}"/${PN}-2.8.1-CVE-2017-8086.patch #616460
)
STRIP_MASK="/usr/share/qemu/palcode-clipper"
diff --git a/app-emulation/qemu/qemu-2.8.1-r1.ebuild b/app-emulation/qemu/qemu-2.9.0.ebuild
similarity index 94%
rename from app-emulation/qemu/qemu-2.8.1-r1.ebuild
rename to app-emulation/qemu/qemu-2.9.0.ebuild
index d4f9c15..3da97fe 100644
--- a/app-emulation/qemu/qemu-2.8.1-r1.ebuild
+++ b/app-emulation/qemu/qemu-2.9.0.ebuild
@@ -29,16 +29,16 @@ IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt
glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux
kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png
pulseaudio python rbd sasl +seccomp sdl sdl2 selinux smartcard snappy
- spice ssh static static-user systemtap tci test +threads usb usbredir
- vde +vhost-net virgl virtfs +vnc vte xattr xen xfs"
+ spice ssh static static-user systemtap tci test usb usbredir vde
+ +vhost-net virgl virtfs +vnc vte xattr xen xfs"
COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel
- mips mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc
+ mips mips64 mips64el mipsel nios2 or1k ppc ppc64 s390x sh4 sh4eb sparc
sparc64 x86_64"
IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS}
lm32 moxie ppcemb tricore unicore32 xtensa xtensaeb"
IUSE_USER_TARGETS="${COMMON_TARGETS}
- armeb mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx"
+ armeb hppa mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx"
use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS})
@@ -196,23 +196,6 @@ PATCHES=(
# gentoo patches
"${FILESDIR}"/${PN}-2.5.0-cflags.patch
"${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
- "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8669-1.patch #597108
- "${FILESDIR}"/${PN}-2.8.0-CVE-2016-9908.patch #601826
- "${FILESDIR}"/${PN}-2.8.0-CVE-2016-9912.patch #602630
- "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10028.patch #603444
- "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10155.patch #606720
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-1.patch #606264
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-2.patch
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5552.patch #606722
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5578.patch #607000
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5579.patch #607100
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5856.patch #608036
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5857.patch #608038
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5898.patch #608520
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5973.patch #609334
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5987.patch #609398
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-6505.patch #612220
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-7377.patch #614744
)
STRIP_MASK="/usr/share/qemu/palcode-clipper"
@@ -235,7 +218,7 @@ QA_WX_LOAD="usr/bin/qemu-i386
usr/bin/qemu-microblazeel
usr/bin/qemu-mips
usr/bin/qemu-mipsel
- usr/bin/qemu-or32
+ usr/bin/qemu-or1k
usr/bin/qemu-ppc
usr/bin/qemu-ppc64
usr/bin/qemu-ppc64abi32
@@ -692,9 +675,6 @@ src_install() {
insinto "/etc/qemu"
doins "${FILESDIR}/bridge.conf"
- # Remove the docdir placed qmp-commands.txt
- mv "${ED}/usr/share/doc/${PF}/html/qmp-commands.txt" "${S}/docs/" || die
-
cd "${S}"
dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt
newdoc pc-bios/README README.pc-bios
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/
@ 2017-04-30 2:11 Aric Belsito
0 siblings, 0 replies; 19+ messages in thread
From: Aric Belsito @ 2017-04-30 2:11 UTC (permalink / raw
To: gentoo-commits
commit: d1cef7e3eff520366210692355b9a47ba3909ebe
Author: Aric Belsito <lluixhi <AT> gmail <DOT> com>
AuthorDate: Sun Apr 30 02:11:12 2017 +0000
Commit: Aric Belsito <lluixhi <AT> gmail <DOT> com>
CommitDate: Sun Apr 30 02:11:12 2017 +0000
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=d1cef7e3
app-emulation/qemeu: version bump to 2.9.0-r1
app-emulation/qemu/Manifest | 8 ++-
.../qemu/files/qemu-2.9.0-CVE-2017-8112.patch | 22 +++++++
.../qemu/files/qemu-2.9.0-bug616870.patch | 22 +++++++
.../qemu/files/qemu-2.9.0-bug616872.patch | 76 ++++++++++++++++++++++
.../qemu/files/qemu-2.9.0-bug616874.patch | 34 ++++++++++
app-emulation/qemu/qemu-2.8.1-r2.ebuild | 2 +-
.../{qemu-2.9.0.ebuild => qemu-2.9.0-r1.ebuild} | 4 ++
7 files changed, 165 insertions(+), 3 deletions(-)
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
index 412e105..e305941 100644
--- a/app-emulation/qemu/Manifest
+++ b/app-emulation/qemu/Manifest
@@ -30,6 +30,10 @@ AUX qemu-2.8.0-CVE-2017-7377.patch 1554 SHA256 36fbd8ec9fa7d910fde8b6b8905717b32
AUX qemu-2.8.0-F_SHLCK-and-F_EXLCK.patch 574 SHA256 d02353daa0ecfe161e938a5e54feab641b901f4a35c8f5831133676a6f53f43f SHA512 6b64750335aae1142ca9132fb766ac2aaeacfcdda0aa0cfca19afc4c3ea3806e30ce603fcec3767e40e84efb0ae8b9a23f21d46c807c13bb646be74f99e13389 WHIRLPOOL 7401c3daf162c71a5a5c3729855fddb5df95609b34c86ea0f4d872c8f132d6ac089cfb35a990af70aef8b7b63fe075a1e2be376b6db09bc70e8d51e48aded354
AUX qemu-2.8.1-CVE-2017-7471.patch 2310 SHA256 ae5129c0f278de155f69e3d306038fa259c28ecb09a623262362163b00de85cc SHA512 dd5c5bc8e5ee9eb27516276d53f78ecde00b4fe5debbbdd8db1c3a2f2ef663667598acbb3b95f220e709ed89e1a0077733ca4fc1cb2fa0eb0f700e9931ddd003 WHIRLPOOL c91ddbdbc685dc76efc417087d680751aaade178593ca96fbff7b8ae1e0d0bdb659faee676d31b606e16c4adf446632a8a9350a57a1ac049b7649bdc0c3b8cf0
AUX qemu-2.8.1-CVE-2017-8086.patch 751 SHA256 ff6f3bc1a94861da633f9e5517dde6b2719e227773941e7c9651281c77216589 SHA512 84197e80d28322efaa327dc7ad3ffc5e8bf791d89255e8ac7d5c5e9cebba3786c4e21008cbfb704de5323554a9d3f0873068c0a06493d4ca3b7849523eab6212 WHIRLPOOL 73f88468ba89d8384c04ffa3af646c8b628f1fa52f27866095f84ea1241f421763699ae18553d835133de70d7f244d0638d83d15881e5a3858a1128b14a1bcf3
+AUX qemu-2.9.0-CVE-2017-8112.patch 696 SHA256 a4dcc2a94749a5c20ef38d4c7ce13cd1ffe46017c77eea29ced0bec5c232e6aa SHA512 840f5270332729e0149a4705bae5fcc16e9503a995d6bfa5033904a544add337ca8ccb1d2a36bb57cc198f6354f5253403f1c4f04cbd18c08b4e1a9d6af9e07f WHIRLPOOL 1ba4e75fdd0c767254c85754612da9e8ff9ba2e7ea0811f723844bec190946805cd59db83f347a3dea4296d2b58d2df4a8d99a492335ba818824348bcebdd556
+AUX qemu-2.9.0-bug616870.patch 595 SHA256 8231747fe4d9c97392fe44b117caccd07d320313dc27fad17ac658122113ced9 SHA512 4415c36acb4f0594de7fe0de2b669d03d6b54ae44eb7f1f285c36223a02cca887b57db27a43ab1cc2e7e193ee5bce2748f9d2056aa925e0cc8f2133e67168a74 WHIRLPOOL af4c5e9763a0e114e554a1c8be99ea79da0b634fdc9d87922c7713187f1f904bfcce103648d549bbb190e92443664dbb9bd7592d8137f2337be0f4b22d1f9bd1
+AUX qemu-2.9.0-bug616872.patch 2736 SHA256 f2f8910c8e1ce9fc9804f4fbbe978fee20ccbfccc5efe49f42cdaafa63c511ce SHA512 79e32f75d98ca4a92a5069b65c5b9cff16064255ed4d161e4e292b97373742c25d5ddc12dfffa627197fdb5e0808108b30d0182a9c060cd181723bd90c618d15 WHIRLPOOL 545c00189da3b252c80bb35c6b6d3368a02b36b06f2866838ddd9ebb9ccf2b608ae278ee192b6b3aef2966736afe9bcdd646c80c228ec5daef76b92bd2721bd5
+AUX qemu-2.9.0-bug616874.patch 1048 SHA256 23eb5ae64b064e46785ae4f675fbe7c6a353f6688dd154ce98b78a0b7104a2fb SHA512 872fabc4f6eee48dff292297887b8c4a18aa6f8c2f9b7247e325c96e10ef8d72206f269d89c4a4a40ea6ad3e5082db40866b0f386f31716e749fb3a7db89d2dd WHIRLPOOL ddce30f5b22707938c2ba419264a6b731f292f0748e3891c7aa48daaa7a4b204a8bb1b4110fbd7c1836a02605e49e170a4bda6ee9eccdd2570472ff0f63c8d37
AUX qemu-binfmt.initd.head 1445 SHA256 a9b4b1d1ffa82d572c01f14ebfbafb4b3a4c2eb5cad5af62c059f603a9f5a277 SHA512 a735268ae9ac84d8f2f2893bf018ee6de33231fa94a823bd8502b529bb456635c1ab5cf9b440df5ede8e414291f8bf45fc53898c2f3939c50d5ec4ffa554396a WHIRLPOOL 3ec0f916d5928d464fa8416c8eac472cfa01b560bba07642ff7929799918d1c8059ac7368ff5551e6aa993027849de08035d856db7981315d8e4ec470a0f785e
AUX qemu-binfmt.initd.tail 245 SHA256 1b765f5212946b73b8e4d92f64d34a9d2e358ef541c02164f6d6dd93cb15e1e7 SHA512 bcca16805f8380d52cc591ea3d65a8f6e5de456730618f6aee301510edb75d235a22d4d7aeed224882210392840adb403eb53234b6cb76a4cb24533852a8b737 WHIRLPOOL 41ddd1751101646e700a6fe4ef879bd4149d646a801f97e40534051895697dcbded06a1edda51457a0d624fbf68442c3e57178a3ee8e683e35368b88d10ba4a4
DIST qemu-2.8.0-CVE-2016-9602-patches.tar.xz 16264 SHA256 18ac829c6003a3f997db4030a46b422028c58fead158f0c5ffe36ad65acb84e0 SHA512 a56694d1600e4fd1ffd6bbe031a0db226fc5c88306797cc4e42d1dc6127b83d1791cb4e026988b3aad82eab84382e41077ae71e532d1d3489e179730185c0964 WHIRLPOOL 22057b001c478b2b0d97ad70393c973aefc6277d89bb5a1ae03c3c39b5182ddfbe541964761f512ed5735dc442e1f40d0a955ad5b270758e21ce815be86b24bd
@@ -37,6 +41,6 @@ DIST qemu-2.8.0.tar.bz2 28368517 SHA256 dafd5d7f649907b6b617b822692f4c82e60cf29b
DIST qemu-2.8.1.tar.bz2 28366270 SHA256 018e4c7ed22c220395cf41f835d01505e49d0e579a548bd3d72b03809442bbcd SHA512 0397b4029cdcb77ed053c44b3579a3f34894038e6fc6b4aa88de14515f5a78bf2f41c5e865f37111529f567c85d2f1c4deefae47dde54f76eac79410e5b2bdda WHIRLPOOL c41f53f18fac44efd1c81ba9d95204d23e9a70dc9c21624177be2fe92a327428fd5704b25bc334229fa36ae395fb4c82ba3955db39719c4458343978a4d3141a
DIST qemu-2.9.0.tar.bz2 28720490 SHA256 00bfb217b1bb03c7a6c3261b819cfccbfb5a58e3e2ceff546327d271773c6c14 SHA512 4b28966eec0ca44681e35fcfb64a4eaef7c280b8d65c91d03f2efa37f76278fd8c1680e5798c7a30dbfcc8f3c05f4a803f48b8a2dfec3a4181bac079b2a5e422 WHIRLPOOL d79fe89eb271a56aee0cbd328e5f96999176b711afb5683d164b7b99d91e6dd2bfaf6e2ff4cd820a941c94f28116765cb07ffd5809d75c2f9654a67d56bfc0c1
EBUILD qemu-2.8.0-r10.ebuild 23278 SHA256 c94a06a16fb45995d37e0bfa62dc742601c169156d30b97456d923856693efd1 SHA512 ebd5ea426efc57bb2eb78489049f212e11eb4ab70d23418ad7c04c3161a749ec638edcdd39355107762915c4f13079a3dc1555c58f3d696cd286a9fd6bd25491 WHIRLPOOL 94c220281705e2d6414a7d52b8f93373ae193f0095c88fd76d9e0b10f7a11266e3350d3b354651f87c094a3cf63e12b9374beefb839a1a9f0d17f92732786a01
-EBUILD qemu-2.8.1-r2.ebuild 22910 SHA256 69bab6142f0850f44a29f22529f6f9e9bf2423b1fb983df57087f4ca60d35cd0 SHA512 91176de504a48641caa2417bee138ef319917474565243d719322cbc47310c10fc6098029e634a82904badfd7c1a11b1976fc839ef999508531a7c5755fab2d8 WHIRLPOOL 14470c66e8d40ba5e3a92993fcf2c75bb73cb434d511ebee20d649ed367bb3d50f1d5294cb19ba3e19dc0d419f02e06957242648dff958bb6a2fa1746b45e977
-EBUILD qemu-2.9.0.ebuild 21726 SHA256 aafaa57f957ec9b7bb413da091c62fcb09f0573913baae15c53e2e9b15bfc9c9 SHA512 d67884745e6be21a2cdb8611ef818ae5c42aa847721d9b0ba49e8cdfc0d58cfda660ac7befdcef63d80ecd27b9963f7c21aebdb271d1b7271ac63ee46219900b WHIRLPOOL b59ff23f60bd3f82ce48c003718e2d8b35e7d0ffb03670eb3d6bc7833ca00e70117ba3312d7a369cbd169cb1e8fa987c0e91f7948ea25ca6f43be05d48521e0d
+EBUILD qemu-2.8.1-r2.ebuild 22909 SHA256 3f2ed4696ccc6136bfb5fc003cb462a327eb29a155b11de3a9879b00e360938f SHA512 8f988bed528668188e2b113fc217130916a3f4837daf55ece21d3af7b7fa9d2230456d09d54c34c84cd69a628680196e0e7187a1bf427730e91e7f0aba7f6762 WHIRLPOOL a9b49900e1cfd02d9826d04289453d54411c051dfddeeb36b18dd00e5db4c7b289b2f8e2e0eee2455cda2df421c15c752063e231bcd3ae4fc911e4b9d0099756
+EBUILD qemu-2.9.0-r1.ebuild 21902 SHA256 30d866abeafb142a1aa2993b7461cbd35925034ab59dcd9f42a5a2dbda41824a SHA512 9b6675586947a2ceff1910bbde1017398ff5a835c50d3c1379166674457f554193d6212ac7ed801e14749e1a7e52f2c280d389385da4ef30b678b8341100e516 WHIRLPOOL e0a2d46e2f6ab03f9b384030e945ae991146b41045b3fc260e4871141162f58f80b3d810d2f47333aeeeadfbf6f626984f866c22f9012a002b8359e0d6497998
MISC metadata.xml 3794 SHA256 149f7bc9927e13bbf7355972e85df6f9f198dd17fb575a7e516817d6a88018fb SHA512 10f130f225b90dacf8262247d795a247abfdcbf3ad5fbe0693e8d4db79f755984f690cb150a7eb5a8e5d669ce404145c4fbb6b200d6362319be74759fd78b6d3 WHIRLPOOL 6a5e88caeb64387f619a19fecb55c39ccf3c8dcd360523e8d61b80051001c02fe81432c55e40b3f360295b35e9f5a1f707c570baf95cad06d18c4cd484da0ceb
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8112.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8112.patch
new file mode 100644
index 0000000..31fb69b
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8112.patch
@@ -0,0 +1,22 @@
+CVE-2017-8112
+
+https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg04494.html
+---
+ hw/scsi/vmw_pvscsi.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/hw/scsi/vmw_pvscsi.c b/hw/scsi/vmw_pvscsi.c
+index 7557546..4a106da 100644
+--- a/hw/scsi/vmw_pvscsi.c
++++ b/hw/scsi/vmw_pvscsi.c
+@@ -202,7 +202,7 @@ pvscsi_ring_init_msg(PVSCSIRingInfo *m, PVSCSICmdDescSetupMsgRing *ri)
+ uint32_t len_log2;
+ uint32_t ring_size;
+
+- if (ri->numPages > PVSCSI_SETUP_MSG_RING_MAX_NUM_PAGES) {
++ if (!ri->numPages || ri->numPages > PVSCSI_SETUP_MSG_RING_MAX_NUM_PAGES) {
+ return -1;
+ }
+ ring_size = ri->numPages * PVSCSI_MAX_NUM_MSG_ENTRIES_PER_PAGE;
+--
+2.9.3
diff --git a/app-emulation/qemu/files/qemu-2.9.0-bug616870.patch b/app-emulation/qemu/files/qemu-2.9.0-bug616870.patch
new file mode 100644
index 0000000..4f7f870
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.9.0-bug616870.patch
@@ -0,0 +1,22 @@
+bug #616870
+
+https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg05587.html
+---
+ audio/audio.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/audio/audio.c b/audio/audio.c
+index c8898d8422..beafed209b 100644
+--- a/audio/audio.c
++++ b/audio/audio.c
+@@ -2028,6 +2028,8 @@ void AUD_del_capture (CaptureVoiceOut *cap, void *cb_opaque)
+ sw = sw1;
+ }
+ QLIST_REMOVE (cap, entries);
++ g_free (cap->hw.mix_buf);
++ g_free (cap->buf);
+ g_free (cap);
+ }
+ return;
+--
+2.9.3
diff --git a/app-emulation/qemu/files/qemu-2.9.0-bug616872.patch b/app-emulation/qemu/files/qemu-2.9.0-bug616872.patch
new file mode 100644
index 0000000..0a34dae
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.9.0-bug616872.patch
@@ -0,0 +1,76 @@
+bug #616872
+
+https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg05599.html
+---
+ ui/input.c | 14 +++++++++++---
+ 1 file changed, 11 insertions(+), 3 deletions(-)
+
+diff --git a/ui/input.c b/ui/input.c
+index ed88cda6d6..fb1f404095 100644
+--- a/ui/input.c
++++ b/ui/input.c
+@@ -41,6 +41,8 @@ static QTAILQ_HEAD(QemuInputEventQueueHead, QemuInputEventQueue) kbd_queue =
+ QTAILQ_HEAD_INITIALIZER(kbd_queue);
+ static QEMUTimer *kbd_timer;
+ static uint32_t kbd_default_delay_ms = 10;
++static uint32_t queue_count;
++static uint32_t queue_limit = 1024;
+
+ QemuInputHandlerState *qemu_input_handler_register(DeviceState *dev,
+ QemuInputHandler *handler)
+@@ -268,6 +270,7 @@ static void qemu_input_queue_process(void *opaque)
+ break;
+ }
+ QTAILQ_REMOVE(queue, item, node);
++ queue_count--;
+ g_free(item);
+ }
+ }
+@@ -282,6 +285,7 @@ static void qemu_input_queue_delay(struct QemuInputEventQueueHead *queue,
+ item->delay_ms = delay_ms;
+ item->timer = timer;
+ QTAILQ_INSERT_TAIL(queue, item, node);
++ queue_count++;
+
+ if (start_timer) {
+ timer_mod(item->timer, qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL)
+@@ -298,6 +302,7 @@ static void qemu_input_queue_event(struct QemuInputEventQueueHead *queue,
+ item->src = src;
+ item->evt = evt;
+ QTAILQ_INSERT_TAIL(queue, item, node);
++ queue_count++;
+ }
+
+ static void qemu_input_queue_sync(struct QemuInputEventQueueHead *queue)
+@@ -306,6 +311,7 @@ static void qemu_input_queue_sync(struct QemuInputEventQueueHead *queue)
+
+ item->type = QEMU_INPUT_QUEUE_SYNC;
+ QTAILQ_INSERT_TAIL(queue, item, node);
++ queue_count++;
+ }
+
+ void qemu_input_event_send_impl(QemuConsole *src, InputEvent *evt)
+@@ -381,7 +387,7 @@ void qemu_input_event_send_key(QemuConsole *src, KeyValue *key, bool down)
+ qemu_input_event_send(src, evt);
+ qemu_input_event_sync();
+ qapi_free_InputEvent(evt);
+- } else {
++ } else if (queue_count < queue_limit) {
+ qemu_input_queue_event(&kbd_queue, src, evt);
+ qemu_input_queue_sync(&kbd_queue);
+ }
+@@ -409,8 +415,10 @@ void qemu_input_event_send_key_delay(uint32_t delay_ms)
+ kbd_timer = timer_new_ms(QEMU_CLOCK_VIRTUAL, qemu_input_queue_process,
+ &kbd_queue);
+ }
+- qemu_input_queue_delay(&kbd_queue, kbd_timer,
+- delay_ms ? delay_ms : kbd_default_delay_ms);
++ if (queue_count < queue_limit) {
++ qemu_input_queue_delay(&kbd_queue, kbd_timer,
++ delay_ms ? delay_ms : kbd_default_delay_ms);
++ }
+ }
+
+ InputEvent *qemu_input_event_new_btn(InputButton btn, bool down)
+--
+2.9.3
diff --git a/app-emulation/qemu/files/qemu-2.9.0-bug616874.patch b/app-emulation/qemu/files/qemu-2.9.0-bug616874.patch
new file mode 100644
index 0000000..08911dd
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.9.0-bug616874.patch
@@ -0,0 +1,34 @@
+bug #616874
+
+https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg04147.html
+---
+ hw/scsi/megasas.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
+index 84b8caf..804122a 100644
+--- a/hw/scsi/megasas.c
++++ b/hw/scsi/megasas.c
+@@ -2138,15 +2138,15 @@ static void megasas_mmio_write(void *opaque, hwaddr addr,
+ case MFI_SEQ:
+ trace_megasas_mmio_writel("MFI_SEQ", val);
+ /* Magic sequence to start ADP reset */
+- if (adp_reset_seq[s->adp_reset] == val) {
+- s->adp_reset++;
++ if (adp_reset_seq[s->adp_reset++] == val) {
++ if (s->adp_reset == 6) {
++ s->adp_reset = 0;
++ s->diag = MFI_DIAG_WRITE_ENABLE;
++ }
+ } else {
+ s->adp_reset = 0;
+ s->diag = 0;
+ }
+- if (s->adp_reset == 6) {
+- s->diag = MFI_DIAG_WRITE_ENABLE;
+- }
+ break;
+ case MFI_DIAG:
+ trace_megasas_mmio_writel("MFI_DIAG", val);
+--
+2.9.3
diff --git a/app-emulation/qemu/qemu-2.8.1-r2.ebuild b/app-emulation/qemu/qemu-2.8.1-r2.ebuild
index fa8727b..682ed1c 100644
--- a/app-emulation/qemu/qemu-2.8.1-r2.ebuild
+++ b/app-emulation/qemu/qemu-2.8.1-r2.ebuild
@@ -17,7 +17,7 @@ if [[ ${PV} = *9999* ]]; then
SRC_URI=""
else
SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
- KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd"
+ KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd"
fi
DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
diff --git a/app-emulation/qemu/qemu-2.9.0.ebuild b/app-emulation/qemu/qemu-2.9.0-r1.ebuild
similarity index 99%
rename from app-emulation/qemu/qemu-2.9.0.ebuild
rename to app-emulation/qemu/qemu-2.9.0-r1.ebuild
index 3da97fe..1851ea8 100644
--- a/app-emulation/qemu/qemu-2.9.0.ebuild
+++ b/app-emulation/qemu/qemu-2.9.0-r1.ebuild
@@ -196,6 +196,10 @@ PATCHES=(
# gentoo patches
"${FILESDIR}"/${PN}-2.5.0-cflags.patch
"${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
+ "${FILESDIR}"/${PN}-2.9.0-bug616870.patch
+ "${FILESDIR}"/${PN}-2.9.0-bug616872.patch
+ "${FILESDIR}"/${PN}-2.9.0-bug616874.patch
+ "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8112.patch
)
STRIP_MASK="/usr/share/qemu/palcode-clipper"
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/
@ 2017-05-06 21:26 Aric Belsito
0 siblings, 0 replies; 19+ messages in thread
From: Aric Belsito @ 2017-05-06 21:26 UTC (permalink / raw
To: gentoo-commits
commit: 65b200c42b344d8aba791abea0f568b448fadee1
Author: Aric Belsito <lluixhi <AT> gmail <DOT> com>
AuthorDate: Sat May 6 21:26:01 2017 +0000
Commit: Aric Belsito <lluixhi <AT> gmail <DOT> com>
CommitDate: Sat May 6 21:26:01 2017 +0000
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=65b200c4
app-emulation/qemu: version bump to 2.9.0-r53
app-emulation/qemu/Manifest | 14 +--
.../qemu/files/qemu-2.8.0-CVE-2017-2615.patch | 48 ---------
.../qemu/files/qemu-2.8.0-CVE-2017-2620.patch | 56 ----------
.../qemu/files/qemu-2.8.0-CVE-2017-2630.patch | 22 ----
.../qemu/files/qemu-2.8.0-CVE-2017-5667.patch | 37 -------
.../qemu/files/qemu-2.8.0-CVE-2017-5931.patch | 46 --------
.../qemu/files/qemu-2.8.0-CVE-2017-6058.patch | 112 --------------------
app-emulation/qemu/qemu-2.8.1-r2.ebuild | 2 +-
app-emulation/qemu/qemu-2.9.0-r1.ebuild | 1 +
...qemu-2.8.0-r10.ebuild => qemu-2.9.0-r53.ebuild} | 117 +++++++++++----------
10 files changed, 69 insertions(+), 386 deletions(-)
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
index e305941..2de0792 100644
--- a/app-emulation/qemu/Manifest
+++ b/app-emulation/qemu/Manifest
@@ -9,22 +9,16 @@ AUX qemu-2.8.0-CVE-2016-10028.patch 1384 SHA256 25a9f2b2014bbcbb008683211503716a
AUX qemu-2.8.0-CVE-2016-10155.patch 1558 SHA256 53c20d983847a716f3f708c50ffbeb9d44fd8718f39d86556ae44394d1b2a624 SHA512 4ebfba87927c9f58fe1a0aa05b5850d391698617ce7c3e002d3adfd981ed8c23d35a6863e14f52264576dda31f84dc25421d2f930547f82ccfde126137d91aea WHIRLPOOL 44366afdf52eed47c28a6e9cec1ee7c613b5bac6441cf4f7bf29b30ef6ec7504e72a2d8c873a949e46f1cfd3055a407b673d6151802ab3c957cde8faaed20903
AUX qemu-2.8.0-CVE-2016-9908.patch 1166 SHA256 22ef4999a3daf3c46a3c90ca20fb131545d4d0befeff7c3ca870585a3e03b7b7 SHA512 c46abda3a5b1a68c7c2e5236f8e424f4569a28ba2aea9b8ec32467e55b535492da6e4702d4758a5721f1bf222f7f2554a5e4c9a190781d60c40202a5291dcf49 WHIRLPOOL aa8087350770ecbb60049e3269ddf9d68258657ef6a088b562e344056689e578a390328dde9c5d2b5024e7fa03995b571295a1d64943d9b3882cf0c5f833dbd8
AUX qemu-2.8.0-CVE-2016-9912.patch 1307 SHA256 e3eac321492a9ef42d88b04877511255c3731a9bb029d7c6ab2da0aa8f09e2d8 SHA512 f9ba4f167334d9b934c37fbed21ded8b3d71e5bdbdb1f15f81d4423b0790bfa127637155d5863b563fa974f1421c4ace1f2a4e3e81e3ae3d6045b2083210b103 WHIRLPOOL 7aa8dab7b6462f142365d274e6131ca1630c396e36c851cb562c081c4243c58e2ae22cf682e51145af08befcaba395254c765cf56112a6c177e1c9a18ffb5926
-AUX qemu-2.8.0-CVE-2017-2615.patch 1720 SHA256 33f3f81ff8e5dacfc4f33dd48bd7833843c209f6d2bd5b3102cc5694ad85a593 SHA512 32063428286a49a12daa481ba87f1b09be6504bf24c5759aacf88ef436312a890dfe44d08457d8b426f86ce7680700d32fb21a255a6db8eb512e612c16770d36 WHIRLPOOL 9f1eed6c6c3eeb1e8991d1aa82e12a004c223bdd635ec48e433ca93d054aa3dfb5986fe01e36df157ef20c685e07595eebdf5fe16ed7cf9034e1c9ddf8304dbb
-AUX qemu-2.8.0-CVE-2017-2620.patch 1879 SHA256 dc898ad08d83b5a904a68513784ec009d4e19373ec9170e58d0695cf733b1bbd SHA512 4c0cba0b7abf4923f8c4720ffe8aad98cf8a4cddfa9fdf1418a5895f107bd186599f4d8a87290e9459a425e4ac464663a6d500bf016f459cb81dbd7fbc8121cb WHIRLPOOL 8c2cb5c6a8cee9c1d44fe0e03b3f8f56de4f8a8515acdda4458610f543f2e2cf6bac2161b9a8128e3aaf0c65716d5a85a9caf7041fdc05ab7e222c87568a4d68
-AUX qemu-2.8.0-CVE-2017-2630.patch 681 SHA256 72c675456d02f188b1ccc680fb237900d32d315272d1b3b6c3caad08bc8130e2 SHA512 1dc5006455a06a83799094afab1ec4f2f3808174530f71d234d165275af3b11160bcf6c041c8e9e3138de7bd6ec4b7810b4532c496c018f0aa71716f2d437faa WHIRLPOOL 27c7835c00f5ad368921ae8c2251cc3eaef3f018242c42517f03102129368f85b99b144f4a3eb53e546352965e6a7f031f7545237e5334ee524059d461d29a8f
AUX qemu-2.8.0-CVE-2017-5525-1.patch 1625 SHA256 88e253c306761017d66dca5b72184f89cebf3b617db7bc0e4b27025757a66181 SHA512 a7f82374ec4e264b065be7ba63c197d93fee230d68819bf68a0a67c84f89182d0cc0a42b9aadf53a8a903d640dacc55392174c7820379e92ad0e35c86c35a2dd WHIRLPOOL 63e192dc0e075139f18aee2d0541c75021852a7d7251321ca8fe7f9b793c72786a6aab878e308931289eab3c07c3cbbc8ad32b67de1193f85b672e16a8372495
AUX qemu-2.8.0-CVE-2017-5525-2.patch 1664 SHA256 ab03a1cff62164090133f0dbace9724302e806a808b18d64628d12f0bd9abad6 SHA512 ac1d89331c3fc4d0ef7af411a12654329057676e9f016cb9a4a46dc9b4e01092c17af33d095f3104e71094ae585a35a8276a98560dd97f8d045e0b9fd2f0069f WHIRLPOOL 20457d7fe5b3842c0c601068dba410586fc4b4c7fce81ba3ee436a6cfec3b1b950797d6ca9a2a573fef21a29421f8c04a34d1dfefe0b7ade03a6ca51d16d99cb
AUX qemu-2.8.0-CVE-2017-5552.patch 1481 SHA256 26616f16434b3aff65b1cd1ce82c6abdfbd44da8a047a5a32b1e07755c9a3e1b SHA512 3c3f5027be3bfe56c1445004bd28536e11f606cc6787fcefad3da267eb3e11b61110c8a4700fd9d6f95ce50f10a2678b2bc6f950297b949b837882a68901d6e5 WHIRLPOOL ca93726b8a0567f68fac634eef1e88c997c1e959cafb33bc6ba8871d9021591bb61be6b3635d3fac111e1e177dbbff939c93580d7f0824e752b378dbc38fbc45
AUX qemu-2.8.0-CVE-2017-5578.patch 1084 SHA256 a7639fc84377b23ebc55dbb1c6d8c53bb2e6230be03b2efba78108257058d8b4 SHA512 8d160d56a94ec9380640badcab29fdd05f2f665377febd1b7e71a9c619d9db963eaa74cf74a2e0287fd2f6e2a7d4bce0f8e4281b3b0292347eece52b7344243b WHIRLPOOL efd3238bf720a1051a41ea621601afeea7546cc7e48d4a7f23bc0b3277bee368bb259a2735e6290b4609e78a1e54e29fe1ba7b088824284787faddc84491d876
AUX qemu-2.8.0-CVE-2017-5579.patch 1132 SHA256 df32524c24aa4d7d9166bb5e159ba10023c7777b9583e920bd8590feec433580 SHA512 d4669821ae8e06a31b852a31699aa26421ce5fb6c049573cb6613515da486e390d8ddf71adb4e6c1a45a15bb468bbb45df68cbf5e9388660c9c03866becb9edd WHIRLPOOL 0d5ed483c6e3f849fc4b9568a3af4c086258ef1162a4e11baa65bcf35eeb8a505c8b7de935175fdc53e7284e23eb492a95326cdea6c690283085136cb02d3b7a
-AUX qemu-2.8.0-CVE-2017-5667.patch 1497 SHA256 e05e21c45d8c05392215db0bff3e161c68d64b0b9e42add18307346b3a4d4bc3 SHA512 7c518736ac09d6c37fd359a8a503713f1b76d6041038f58e7648bb69251d6039c3449593eb14a5e0f2649d12856964a42d48e4ee0bb9dc664ada2852f9ea3cbd WHIRLPOOL 0e74b2671f148fa9f31674e6dd80634064fb8d24be474eaf9ea1efcb6cf427314da75187a32eed874ea4bde19e8dfc4562d5af06893ce3beeef7de8f902dd698
AUX qemu-2.8.0-CVE-2017-5856.patch 2224 SHA256 92ddbba8c0d21bdae5b11ae064c21da939cbbb1fd0e6aa10477efced6bf9582f SHA512 7e043d8299d67d33c12bf5591f0881029013852df2243c2ea747fc6c4d1d6c0acffbaef7538634a60f8f875da94bb71db3e3a07972de066b7ac5d49e4d3cb906 WHIRLPOOL b5f38b059e4305b352e3807c2b7762fe856d1067431452fbbf991415ad17f25d152225d9e0ea61b5e8175e42abebbb2abdd85ac37f301ac123f81af822ff2f02
AUX qemu-2.8.0-CVE-2017-5857.patch 1326 SHA256 e2150a7cc92b72e3f20506b9c76b40599af8d2366d25bd9b245a0bffa66ad8eb SHA512 d6d000b57f1fb194f9554165621109b364ebdb61416bc07e2283f2d493c33e770d1b63002d62565aae1ac19ed0ad9e572c207341aa1ad023581f349f62158d30 WHIRLPOOL cbe84c67ba9bb368baf2b1842e8c7c1ee3fb720630bcd53fdbdef9e8f3efdb25c1a927d0f65c9d1f6def28defe6997943a7867e8225eb12e395a0811ad3e32a1
AUX qemu-2.8.0-CVE-2017-5898.patch 1412 SHA256 7f44668d51a94d19fcca0f496d8ac798fd654afe25d2998f7d07a148a836ade9 SHA512 2cd9af4957849a5d72dc0f0fbb30852870306ebc0a348cf5951df58d3029d1aae52df9261d2e4a9d7a4f132f78c390af8a049e1f109b324899bccd91e5c10d1f WHIRLPOOL c48e1fe163761880adab990683dc5d54ee31173763f11239ffee7c229bd65a2958a696dede39e7e645860980e2a7c5c6e5873e5db53872ac373d8d2415a167ab
-AUX qemu-2.8.0-CVE-2017-5931.patch 1696 SHA256 cdb1ea1306bf00042f13637eef78d3580e34b88c11716e62fad69931eb3d7ac6 SHA512 5b9a00f0964b153df7630655480b646e6615e831fd981642987d8691e9ddd265f64285d0e70c4f536bb370adb03a75548f7258bee8dbc2b7de15a3984fc8421b WHIRLPOOL c6d9440adf57ad1b560da03a455d9bdc3094c952f3c82a5e88fa6f2d0336ab767f0617b2916b68a5e3f5d30293749be40c12dfe93e8b7525fec9b8a453a65123
AUX qemu-2.8.0-CVE-2017-5973.patch 2815 SHA256 206d01053ce678e2c83174b278755e112099f76350aaa765525d344a87365ded SHA512 31b4bd1b8398d8044ace7660a049c492beda83613818a718477257e0bdf922d63423100fd59f2e8411dc952d282a7c405b916ab437b131b31c21dcf65f98edce WHIRLPOOL ea43efbdd5fdc51e1b8b5057fbe50b3911896cbda8437998ca203d34db82524eb42a77440f2490574a48f15ba1c4bbb7d9c40bfb6e99e96278a1d1912ea210a7
AUX qemu-2.8.0-CVE-2017-5987.patch 1889 SHA256 c4f2175970deca9b00bf657e66b8df31a02efce469eec02279a9659b9cb18bb0 SHA512 32708f91edbbb61ac444ee71b97a30138380544389f6265d7cb7aec330ebaaa7ca69844a9462c817fbda117e78748fc4fdeb655e70bcd72ddd8b112fd9619b0d WHIRLPOOL 1aa99740495c0d2a577cf13c47669aeba75ad389394736ce16fde31c91931254820accad85a6d6fee9757595bec3f222413a89fe4ca125913be7ecc97f33b365
-AUX qemu-2.8.0-CVE-2017-6058.patch 3797 SHA256 06c01fcd53dab66af55df164f1616d14847b2a0fd46abe7445b7e3e7b7ee77cf SHA512 1425e7df38cd44903fe78e7728d7eb3df2d8486895f38a87c4e0c63aa5cc4a2b19032d486fcb5676201242039364a1f3d34b256606b5f8ae74028432e6d50286 WHIRLPOOL 9a48c2f00ac146c29163422c10ca62e3065a36752b865b6b9e3408edf019f3585579ac074b5325777e6a405a11d0ce09da33eb6499012377f0c9ef8c52bf2840
AUX qemu-2.8.0-CVE-2017-6505.patch 1481 SHA256 55e3b7e65e519caef4fdd28cccb973613759cce0d67eb64c2093b4f0a4e428e1 SHA512 5326f28a9340f392e4f32e4cd5f58cae0769859e10fd4d201983d40ec6b4d094d6a0cad2638e1e6f3e5228b93af26cc4f4a155e0d94bad89d0ea9b866f535aa7 WHIRLPOOL c88312cd5e779a98c905f175d61400ef7bb59795cc1e0392da0018a158a4c435ffa07f1e6a621db6eea925a0dbb986442eab4f79f956dc1955058fc97670f390
AUX qemu-2.8.0-CVE-2017-7377.patch 1554 SHA256 36fbd8ec9fa7d910fde8b6b8905717b322bd23b50c2b2f925e1a2415ae306755 SHA512 195be1a75340c41aa89614aad8d07f2cf630eb10f3160cb8a86d85371ea9d7dcdbe9d49e9752ac3d6765c8d4c99c845408933b57cf21199f77ba09fcf79a02c8 WHIRLPOOL 8d7677ae3cfe18e34072ef23666c4658553a7d3b564d96e480ae432281d403242f2013d9fb189d473ab9c31def515401d22c04ba8e86d93d0369e95b1e371574
AUX qemu-2.8.0-F_SHLCK-and-F_EXLCK.patch 574 SHA256 d02353daa0ecfe161e938a5e54feab641b901f4a35c8f5831133676a6f53f43f SHA512 6b64750335aae1142ca9132fb766ac2aaeacfcdda0aa0cfca19afc4c3ea3806e30ce603fcec3767e40e84efb0ae8b9a23f21d46c807c13bb646be74f99e13389 WHIRLPOOL 7401c3daf162c71a5a5c3729855fddb5df95609b34c86ea0f4d872c8f132d6ac089cfb35a990af70aef8b7b63fe075a1e2be376b6db09bc70e8d51e48aded354
@@ -36,11 +30,9 @@ AUX qemu-2.9.0-bug616872.patch 2736 SHA256 f2f8910c8e1ce9fc9804f4fbbe978fee20ccb
AUX qemu-2.9.0-bug616874.patch 1048 SHA256 23eb5ae64b064e46785ae4f675fbe7c6a353f6688dd154ce98b78a0b7104a2fb SHA512 872fabc4f6eee48dff292297887b8c4a18aa6f8c2f9b7247e325c96e10ef8d72206f269d89c4a4a40ea6ad3e5082db40866b0f386f31716e749fb3a7db89d2dd WHIRLPOOL ddce30f5b22707938c2ba419264a6b731f292f0748e3891c7aa48daaa7a4b204a8bb1b4110fbd7c1836a02605e49e170a4bda6ee9eccdd2570472ff0f63c8d37
AUX qemu-binfmt.initd.head 1445 SHA256 a9b4b1d1ffa82d572c01f14ebfbafb4b3a4c2eb5cad5af62c059f603a9f5a277 SHA512 a735268ae9ac84d8f2f2893bf018ee6de33231fa94a823bd8502b529bb456635c1ab5cf9b440df5ede8e414291f8bf45fc53898c2f3939c50d5ec4ffa554396a WHIRLPOOL 3ec0f916d5928d464fa8416c8eac472cfa01b560bba07642ff7929799918d1c8059ac7368ff5551e6aa993027849de08035d856db7981315d8e4ec470a0f785e
AUX qemu-binfmt.initd.tail 245 SHA256 1b765f5212946b73b8e4d92f64d34a9d2e358ef541c02164f6d6dd93cb15e1e7 SHA512 bcca16805f8380d52cc591ea3d65a8f6e5de456730618f6aee301510edb75d235a22d4d7aeed224882210392840adb403eb53234b6cb76a4cb24533852a8b737 WHIRLPOOL 41ddd1751101646e700a6fe4ef879bd4149d646a801f97e40534051895697dcbded06a1edda51457a0d624fbf68442c3e57178a3ee8e683e35368b88d10ba4a4
-DIST qemu-2.8.0-CVE-2016-9602-patches.tar.xz 16264 SHA256 18ac829c6003a3f997db4030a46b422028c58fead158f0c5ffe36ad65acb84e0 SHA512 a56694d1600e4fd1ffd6bbe031a0db226fc5c88306797cc4e42d1dc6127b83d1791cb4e026988b3aad82eab84382e41077ae71e532d1d3489e179730185c0964 WHIRLPOOL 22057b001c478b2b0d97ad70393c973aefc6277d89bb5a1ae03c3c39b5182ddfbe541964761f512ed5735dc442e1f40d0a955ad5b270758e21ce815be86b24bd
-DIST qemu-2.8.0.tar.bz2 28368517 SHA256 dafd5d7f649907b6b617b822692f4c82e60cf29bc0fc58bc2036219b591e5e62 SHA512 50f2988d822388ba9fd1bf5dbe68359033ed7432d7f0f9790299f32f63faa6dc72979256b5632ba572d47ee3e74ed40e3e8e331dc6303ec1599f1b4367cb78c2 WHIRLPOOL 0ce4e0539657eb832e4039819e7360c792b6aa41c718f0e0d762f4933217f0d370af94b1d6d9776853575b4a6811d8c85db069bf09d21bd15399ac8b50440ff5
DIST qemu-2.8.1.tar.bz2 28366270 SHA256 018e4c7ed22c220395cf41f835d01505e49d0e579a548bd3d72b03809442bbcd SHA512 0397b4029cdcb77ed053c44b3579a3f34894038e6fc6b4aa88de14515f5a78bf2f41c5e865f37111529f567c85d2f1c4deefae47dde54f76eac79410e5b2bdda WHIRLPOOL c41f53f18fac44efd1c81ba9d95204d23e9a70dc9c21624177be2fe92a327428fd5704b25bc334229fa36ae395fb4c82ba3955db39719c4458343978a4d3141a
DIST qemu-2.9.0.tar.bz2 28720490 SHA256 00bfb217b1bb03c7a6c3261b819cfccbfb5a58e3e2ceff546327d271773c6c14 SHA512 4b28966eec0ca44681e35fcfb64a4eaef7c280b8d65c91d03f2efa37f76278fd8c1680e5798c7a30dbfcc8f3c05f4a803f48b8a2dfec3a4181bac079b2a5e422 WHIRLPOOL d79fe89eb271a56aee0cbd328e5f96999176b711afb5683d164b7b99d91e6dd2bfaf6e2ff4cd820a941c94f28116765cb07ffd5809d75c2f9654a67d56bfc0c1
-EBUILD qemu-2.8.0-r10.ebuild 23278 SHA256 c94a06a16fb45995d37e0bfa62dc742601c169156d30b97456d923856693efd1 SHA512 ebd5ea426efc57bb2eb78489049f212e11eb4ab70d23418ad7c04c3161a749ec638edcdd39355107762915c4f13079a3dc1555c58f3d696cd286a9fd6bd25491 WHIRLPOOL 94c220281705e2d6414a7d52b8f93373ae193f0095c88fd76d9e0b10f7a11266e3350d3b354651f87c094a3cf63e12b9374beefb839a1a9f0d17f92732786a01
-EBUILD qemu-2.8.1-r2.ebuild 22909 SHA256 3f2ed4696ccc6136bfb5fc003cb462a327eb29a155b11de3a9879b00e360938f SHA512 8f988bed528668188e2b113fc217130916a3f4837daf55ece21d3af7b7fa9d2230456d09d54c34c84cd69a628680196e0e7187a1bf427730e91e7f0aba7f6762 WHIRLPOOL a9b49900e1cfd02d9826d04289453d54411c051dfddeeb36b18dd00e5db4c7b289b2f8e2e0eee2455cda2df421c15c752063e231bcd3ae4fc911e4b9d0099756
-EBUILD qemu-2.9.0-r1.ebuild 21902 SHA256 30d866abeafb142a1aa2993b7461cbd35925034ab59dcd9f42a5a2dbda41824a SHA512 9b6675586947a2ceff1910bbde1017398ff5a835c50d3c1379166674457f554193d6212ac7ed801e14749e1a7e52f2c280d389385da4ef30b678b8341100e516 WHIRLPOOL e0a2d46e2f6ab03f9b384030e945ae991146b41045b3fc260e4871141162f58f80b3d810d2f47333aeeeadfbf6f626984f866c22f9012a002b8359e0d6497998
+EBUILD qemu-2.8.1-r2.ebuild 22908 SHA256 b21f2820c166fcf91f0be3f8eb323b49d8c8ccebd4c376d9dbcdebbe751bac52 SHA512 3fa48453417e0cfa4d24f11fd5f234ec8790744c65154456328a24641a6f03cffb5b50ecf2bf81388fc18b12b382042e882fa853a09ae2288beb459e8658db5e WHIRLPOOL b5881ff308b91dc53b3115e278d5cd89d5f3f5d69ea7355fea2a048e471da1c4079eb245aa262ab2c19c6d75ddac1770acab3fa1c39d2c6e74cf72d84426e16f
+EBUILD qemu-2.9.0-r1.ebuild 21942 SHA256 2c2274d26f203a2a064c35ccabfa8aab374e9c8748d8724ed1534e7c677236db SHA512 91fae1f84c8fb998caa4bb589cd193329e06dd7f833809f0e3986ebe12a265615598ba3182acea59e3e39253ef5d4b6ed4b87912b7d5835f7a458fccea54070b WHIRLPOOL 32543f228bf261b0abda8052e838cbdebef53b511d7006a150168299cc4f75dc9643d9bc344582413a767228bb6c8c863bce95d358d7901f9d60f470f2d19d2d
+EBUILD qemu-2.9.0-r53.ebuild 23331 SHA256 3c1fdefe7cdc3bb7baf28782da40dc05239b2bacdf39825d084f563070aa5185 SHA512 923c1628bfef5f645972e90ee855a0ce1060217d8b76ffd51f8bbfd3bbf042ad273b781f9a5c8fc64f7a74410bd8bf2ef1fd975d3348a8d55230008be93afcff WHIRLPOOL 1053b25130a2f0d1da4e46c38886defdebaefbc0fb95743abbcfc82b337075c20a7c9fd494909de86ea25d179c65b2766f221cef418c2a06e127db942aa3ac1d
MISC metadata.xml 3794 SHA256 149f7bc9927e13bbf7355972e85df6f9f198dd17fb575a7e516817d6a88018fb SHA512 10f130f225b90dacf8262247d795a247abfdcbf3ad5fbe0693e8d4db79f755984f690cb150a7eb5a8e5d669ce404145c4fbb6b200d6362319be74759fd78b6d3 WHIRLPOOL 6a5e88caeb64387f619a19fecb55c39ccf3c8dcd360523e8d61b80051001c02fe81432c55e40b3f360295b35e9f5a1f707c570baf95cad06d18c4cd484da0ceb
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2615.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2615.patch
deleted file mode 100644
index f0bba80..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2615.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From 62d4c6bd5263bb8413a06c80144fc678df6dfb64 Mon Sep 17 00:00:00 2001
-From: Li Qiang <liqiang6-s@360.cn>
-Date: Wed, 1 Feb 2017 09:35:01 +0100
-Subject: [PATCH] cirrus: fix oob access issue (CVE-2017-2615)
-
-When doing bitblt copy in backward mode, we should minus the
-blt width first just like the adding in the forward mode. This
-can avoid the oob access of the front of vga's vram.
-
-Signed-off-by: Li Qiang <liqiang6-s@360.cn>
-
-{ kraxel: with backward blits (negative pitch) addr is the topmost
- address, so check it as-is against vram size ]
-
-Cc: qemu-stable@nongnu.org
-Cc: P J P <ppandit@redhat.com>
-Cc: Laszlo Ersek <lersek@redhat.com>
-Cc: Paolo Bonzini <pbonzini@redhat.com>
-Cc: Wolfgang Bumiller <w.bumiller@proxmox.com>
-Fixes: d3532a0db02296e687711b8cdc7791924efccea0 (CVE-2014-8106)
-Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
-Message-id: 1485938101-26602-1-git-send-email-kraxel@redhat.com
-Reviewed-by: Laszlo Ersek <lersek@redhat.com>
----
- hw/display/cirrus_vga.c | 7 +++----
- 1 file changed, 3 insertions(+), 4 deletions(-)
-
-diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
-index 7db6409..16f27e8 100644
---- a/hw/display/cirrus_vga.c
-+++ b/hw/display/cirrus_vga.c
-@@ -274,10 +274,9 @@ static bool blit_region_is_unsafe(struct CirrusVGAState *s,
- {
- if (pitch < 0) {
- int64_t min = addr
-- + ((int64_t)s->cirrus_blt_height-1) * pitch;
-- int32_t max = addr
-- + s->cirrus_blt_width;
-- if (min < 0 || max > s->vga.vram_size) {
-+ + ((int64_t)s->cirrus_blt_height - 1) * pitch
-+ - s->cirrus_blt_width;
-+ if (min < -1 || addr >= s->vga.vram_size) {
- return true;
- }
- } else {
---
-2.10.2
-
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2620.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2620.patch
deleted file mode 100644
index e2a9801..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2620.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-From: Gerd Hoffmann <kraxel@redhat.com>
-Subject: [PATCH 3/3] cirrus: add blit_is_unsafe call to cirrus_bitblt_cputovideo
-
-CIRRUS_BLTMODE_MEMSYSSRC blits do NOT check blit destination
-and blit width, at all. Oops. Fix it.
-
-Security impact: high.
-
-The missing blit destination check allows to write to host memory.
-Basically same as CVE-2014-8106 for the other blit variants.
-
-The missing blit width check allows to overflow cirrus_bltbuf,
-with the attractive target cirrus_srcptr (current cirrus_bltbuf write
-position) being located right after cirrus_bltbuf in CirrusVGAState.
-
-Due to cirrus emulation writing cirrus_bltbuf bytewise the attacker
-hasn't full control over cirrus_srcptr though, only one byte can be
-changed. Once the first byte has been modified further writes land
-elsewhere.
-
-[ This is CVE-2017-2620 / XSA-209 - Ian Jackson ]
-
-Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
----
- hw/display/cirrus_vga.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
-index 0e47cf8..a093dc8 100644
---- a/hw/display/cirrus_vga.c
-+++ b/hw/display/cirrus_vga.c
-@@ -899,6 +899,10 @@ static int cirrus_bitblt_cputovideo(CirrusVGAState * s)
- {
- int w;
-
-+ if (blit_is_unsafe(s)) {
-+ return 0;
-+ }
-+
- s->cirrus_blt_mode &= ~CIRRUS_BLTMODE_MEMSYSSRC;
- s->cirrus_srcptr = &s->cirrus_bltbuf[0];
- s->cirrus_srcptr_end = &s->cirrus_bltbuf[0];
-@@ -924,6 +928,10 @@ static int cirrus_bitblt_cputovideo(CirrusVGAState * s)
- }
- s->cirrus_srccounter = s->cirrus_blt_srcpitch * s->cirrus_blt_height;
- }
-+
-+ /* the blit_is_unsafe call above should catch this */
-+ assert(s->cirrus_blt_srcpitch <= CIRRUS_BLTBUFSIZE);
-+
- s->cirrus_srcptr = s->cirrus_bltbuf;
- s->cirrus_srcptr_end = s->cirrus_bltbuf + s->cirrus_blt_srcpitch;
- cirrus_update_memory_access(s);
---
-1.8.3.1
-
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2630.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2630.patch
deleted file mode 100644
index 034b322..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-2630.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-Comparison symbol is misused. It may lead to memory corruption.
-
-Signed-off-by: Vladimir Sementsov-Ogievskiy <address@hidden>
----
- nbd/client.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/nbd/client.c b/nbd/client.c
-index 6caf6bda6d..351731bc63 100644
---- a/nbd/client.c
-+++ b/nbd/client.c
-@@ -94,7 +94,7 @@ static ssize_t drop_sync(QIOChannel *ioc, size_t size)
- char small[1024];
- char *buffer;
-
-- buffer = sizeof(small) < size ? small : g_malloc(MIN(65536, size));
-+ buffer = sizeof(small) > size ? small : g_malloc(MIN(65536, size));
- while (size > 0) {
- ssize_t count = read_sync(ioc, buffer, MIN(65536, size));
-
---
-2.11.0
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5667.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5667.patch
deleted file mode 100644
index 93e9c94..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5667.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From 42922105beb14c2fc58185ea022b9f72fb5465e9 Mon Sep 17 00:00:00 2001
-From: Prasad J Pandit <pjp@fedoraproject.org>
-Date: Tue, 7 Feb 2017 18:29:59 +0000
-Subject: [PATCH] sd: sdhci: check data length during dma_memory_read
-
-While doing multi block SDMA transfer in routine
-'sdhci_sdma_transfer_multi_blocks', the 's->fifo_buffer' starting
-index 'begin' and data length 's->data_count' could end up to be same.
-This could lead to an OOB access issue. Correct transfer data length
-to avoid it.
-
-Cc: qemu-stable@nongnu.org
-Reported-by: Jiang Xin <jiangxin1@huawei.com>
-Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
-Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
-Message-id: 20170130064736.9236-1-ppandit@redhat.com
-Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
----
- hw/sd/sdhci.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c
-index 01fbf22..5bd5ab6 100644
---- a/hw/sd/sdhci.c
-+++ b/hw/sd/sdhci.c
-@@ -536,7 +536,7 @@ static void sdhci_sdma_transfer_multi_blocks(SDHCIState *s)
- boundary_count -= block_size - begin;
- }
- dma_memory_read(&address_space_memory, s->sdmasysad,
-- &s->fifo_buffer[begin], s->data_count);
-+ &s->fifo_buffer[begin], s->data_count - begin);
- s->sdmasysad += s->data_count - begin;
- if (s->data_count == block_size) {
- for (n = 0; n < block_size; n++) {
---
-2.10.2
-
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5931.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5931.patch
deleted file mode 100644
index f24d557..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5931.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From a08aaff811fb194950f79711d2afe5a892ae03a4 Mon Sep 17 00:00:00 2001
-From: Gonglei <arei.gonglei@huawei.com>
-Date: Tue, 3 Jan 2017 14:50:03 +0800
-Subject: [PATCH] virtio-crypto: fix possible integer and heap overflow
-
-Because the 'size_t' type is 4 bytes in 32-bit platform, which
-is the same with 'int'. It's easy to make 'max_len' to zero when
-integer overflow and then cause heap overflow if 'max_len' is zero.
-
-Using uint_64 instead of size_t to avoid the integer overflow.
-
-Cc: qemu-stable@nongnu.org
-Reported-by: Li Qiang <liqiang6-s@360.cn>
-Signed-off-by: Gonglei <arei.gonglei@huawei.com>
-Tested-by: Li Qiang <liqiang6-s@360.cn>
-Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
-Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
----
- hw/virtio/virtio-crypto.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c
-index 2f2467e..c23e1ad 100644
---- a/hw/virtio/virtio-crypto.c
-+++ b/hw/virtio/virtio-crypto.c
-@@ -416,7 +416,7 @@ virtio_crypto_sym_op_helper(VirtIODevice *vdev,
- uint32_t hash_start_src_offset = 0, len_to_hash = 0;
- uint32_t cipher_start_src_offset = 0, len_to_cipher = 0;
-
-- size_t max_len, curr_size = 0;
-+ uint64_t max_len, curr_size = 0;
- size_t s;
-
- /* Plain cipher */
-@@ -441,7 +441,7 @@ virtio_crypto_sym_op_helper(VirtIODevice *vdev,
- return NULL;
- }
-
-- max_len = iv_len + aad_len + src_len + dst_len + hash_result_len;
-+ max_len = (uint64_t)iv_len + aad_len + src_len + dst_len + hash_result_len;
- if (unlikely(max_len > vcrypto->conf.max_size)) {
- virtio_error(vdev, "virtio-crypto too big length");
- return NULL;
---
-2.10.2
-
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-6058.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-6058.patch
deleted file mode 100644
index 666c18c..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-6058.patch
+++ /dev/null
@@ -1,112 +0,0 @@
-This patch fixed a problem that was introduced in commit eb700029.
-
-When net_rx_pkt_attach_iovec() calls eth_strip_vlan()
-this can result in pkt->ehdr_buf being overflowed, because
-ehdr_buf is only sizeof(struct eth_header) bytes large
-but eth_strip_vlan() can write
-sizeof(struct eth_header) + sizeof(struct vlan_header)
-bytes into it.
-
-Devices affected by this problem: vmxnet3.
-
-Reported-by: Peter Maydell <address@hidden>
-Signed-off-by: Dmitry Fleytman <address@hidden>
----
- hw/net/net_rx_pkt.c | 34 +++++++++++++++++-----------------
- 1 file changed, 17 insertions(+), 17 deletions(-)
-
-diff --git a/hw/net/net_rx_pkt.c b/hw/net/net_rx_pkt.c
-index 1019b50..7c0beac 100644
---- a/hw/net/net_rx_pkt.c
-+++ b/hw/net/net_rx_pkt.c
-@@ -23,13 +23,13 @@
-
- struct NetRxPkt {
- struct virtio_net_hdr virt_hdr;
-- uint8_t ehdr_buf[sizeof(struct eth_header)];
-+ uint8_t ehdr_buf[sizeof(struct eth_header) + sizeof(struct vlan_header)];
- struct iovec *vec;
- uint16_t vec_len_total;
- uint16_t vec_len;
- uint32_t tot_len;
- uint16_t tci;
-- bool vlan_stripped;
-+ size_t ehdr_buf_len;
- bool has_virt_hdr;
- eth_pkt_types_e packet_type;
-
-@@ -88,15 +88,13 @@ net_rx_pkt_pull_data(struct NetRxPkt *pkt,
- const struct iovec *iov, int iovcnt,
- size_t ploff)
- {
-- if (pkt->vlan_stripped) {
-+ if (pkt->ehdr_buf_len) {
- net_rx_pkt_iovec_realloc(pkt, iovcnt + 1);
-
- pkt->vec[0].iov_base = pkt->ehdr_buf;
-- pkt->vec[0].iov_len = sizeof(pkt->ehdr_buf);
--
-- pkt->tot_len =
-- iov_size(iov, iovcnt) - ploff + sizeof(struct eth_header);
-+ pkt->vec[0].iov_len = pkt->ehdr_buf_len;
-
-+ pkt->tot_len = iov_size(iov, iovcnt) - ploff + pkt->ehdr_buf_len;
- pkt->vec_len = iov_copy(pkt->vec + 1, pkt->vec_len_total - 1,
- iov, iovcnt, ploff, pkt->tot_len);
- } else {
-@@ -123,11 +121,12 @@ void net_rx_pkt_attach_iovec(struct NetRxPkt *pkt,
- uint16_t tci = 0;
- uint16_t ploff = iovoff;
- assert(pkt);
-- pkt->vlan_stripped = false;
-
- if (strip_vlan) {
-- pkt->vlan_stripped = eth_strip_vlan(iov, iovcnt, iovoff, pkt->ehdr_buf,
-- &ploff, &tci);
-+ pkt->ehdr_buf_len = eth_strip_vlan(iov, iovcnt, iovoff, pkt->ehdr_buf,
-+ &ploff, &tci);
-+ } else {
-+ pkt->ehdr_buf_len = 0;
- }
-
- pkt->tci = tci;
-@@ -143,12 +142,13 @@ void net_rx_pkt_attach_iovec_ex(struct NetRxPkt *pkt,
- uint16_t tci = 0;
- uint16_t ploff = iovoff;
- assert(pkt);
-- pkt->vlan_stripped = false;
-
- if (strip_vlan) {
-- pkt->vlan_stripped = eth_strip_vlan_ex(iov, iovcnt, iovoff, vet,
-- pkt->ehdr_buf,
-- &ploff, &tci);
-+ pkt->ehdr_buf_len = eth_strip_vlan_ex(iov, iovcnt, iovoff, vet,
-+ pkt->ehdr_buf,
-+ &ploff, &tci);
-+ } else {
-+ pkt->ehdr_buf_len = 0;
- }
-
- pkt->tci = tci;
-@@ -162,8 +162,8 @@ void net_rx_pkt_dump(struct NetRxPkt *pkt)
- NetRxPkt *pkt = (NetRxPkt *)pkt;
- assert(pkt);
-
-- printf("RX PKT: tot_len: %d, vlan_stripped: %d, vlan_tag: %d\n",
-- pkt->tot_len, pkt->vlan_stripped, pkt->tci);
-+ printf("RX PKT: tot_len: %d, ehdr_buf_len: %lu, vlan_tag: %d\n",
-+ pkt->tot_len, pkt->ehdr_buf_len, pkt->tci);
- #endif
- }
-
-@@ -426,7 +426,7 @@ bool net_rx_pkt_is_vlan_stripped(struct NetRxPkt *pkt)
- {
- assert(pkt);
-
-- return pkt->vlan_stripped;
-+ return pkt->ehdr_buf_len ? true : false;
- }
-
- bool net_rx_pkt_has_virt_hdr(struct NetRxPkt *pkt)
---
-2.7.4
diff --git a/app-emulation/qemu/qemu-2.8.1-r2.ebuild b/app-emulation/qemu/qemu-2.8.1-r2.ebuild
index 682ed1c..ff24476 100644
--- a/app-emulation/qemu/qemu-2.8.1-r2.ebuild
+++ b/app-emulation/qemu/qemu-2.8.1-r2.ebuild
@@ -17,7 +17,7 @@ if [[ ${PV} = *9999* ]]; then
SRC_URI=""
else
SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
- KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd"
+ KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd"
fi
DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
diff --git a/app-emulation/qemu/qemu-2.9.0-r1.ebuild b/app-emulation/qemu/qemu-2.9.0-r1.ebuild
index 1851ea8..5cd5be6 100644
--- a/app-emulation/qemu/qemu-2.9.0-r1.ebuild
+++ b/app-emulation/qemu/qemu-2.9.0-r1.ebuild
@@ -50,6 +50,7 @@ REQUIRED_USE="${PYTHON_REQUIRED_USE}
gtk2? ( gtk )
qemu_softmmu_targets_arm? ( fdt )
qemu_softmmu_targets_microblaze? ( fdt )
+ qemu_softmmu_targets_mips64el? ( fdt )
qemu_softmmu_targets_ppc? ( fdt )
qemu_softmmu_targets_ppc64? ( fdt )
sdl2? ( sdl )
diff --git a/app-emulation/qemu/qemu-2.8.0-r10.ebuild b/app-emulation/qemu/qemu-2.9.0-r53.ebuild
similarity index 89%
rename from app-emulation/qemu/qemu-2.8.0-r10.ebuild
rename to app-emulation/qemu/qemu-2.9.0-r53.ebuild
index 7a4fa23..0958df4 100644
--- a/app-emulation/qemu/qemu-2.8.0-r10.ebuild
+++ b/app-emulation/qemu/qemu-2.9.0-r53.ebuild
@@ -8,6 +8,8 @@ PYTHON_REQ_USE="ncurses,readline"
PLOCALES="bg de_DE fr_FR hu it tr zh_CN"
+FIRMWARE_ABI_VERSION="2.9.0-r52"
+
inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \
user udev fcaps readme.gentoo-r1 pax-utils l10n
@@ -17,13 +19,9 @@ if [[ ${PV} = *9999* ]]; then
SRC_URI=""
else
SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
- KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd"
+ KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd"
fi
-# bug #606088
-SRC_URI+="
- https://dev.gentoo.org/~tamiko/distfiles/${P}-CVE-2016-9602-patches.tar.xz"
-
DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
@@ -33,16 +31,16 @@ IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt
glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux
kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png
pulseaudio python rbd sasl +seccomp sdl sdl2 selinux smartcard snappy
- spice ssh static static-user systemtap tci test +threads usb usbredir
- vde +vhost-net virgl virtfs +vnc vte xattr xen xfs"
+ spice ssh static static-user systemtap tci test usb usbredir vde
+ +vhost-net virgl virtfs +vnc vte xattr xen xfs"
COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel
- mips mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc
+ mips mips64 mips64el mipsel nios2 or1k ppc ppc64 s390x sh4 sh4eb sparc
sparc64 x86_64"
IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS}
lm32 moxie ppcemb tricore unicore32 xtensa xtensaeb"
IUSE_USER_TARGETS="${COMMON_TARGETS}
- armeb mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx"
+ armeb hppa mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx"
use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS})
@@ -54,6 +52,7 @@ REQUIRED_USE="${PYTHON_REQUIRED_USE}
gtk2? ( gtk )
qemu_softmmu_targets_arm? ( fdt )
qemu_softmmu_targets_microblaze? ( fdt )
+ qemu_softmmu_targets_mips64el? ( fdt )
qemu_softmmu_targets_ppc? ( fdt )
qemu_softmmu_targets_ppc64? ( fdt )
sdl2? ( sdl )
@@ -71,7 +70,6 @@ REQUIRED_USE="${PYTHON_REQUIRED_USE}
# when available rather than always using the extranl library.
ALL_DEPEND="
>=dev-libs/glib-2.0[static-libs(+)]
- >=x11-libs/pixman-0.28.0[static-libs(+)]
sys-libs/zlib[static-libs(+)]
python? ( ${PYTHON_DEPS} )
systemtap? ( dev-util/systemtap )
@@ -80,6 +78,7 @@ ALL_DEPEND="
# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
# softmmu targets (qemu-system-*).
SOFTMMU_TOOLS_DEPEND="
+ >=x11-libs/pixman-0.28.0[static-libs(+)]
accessibility? (
app-accessibility/brltty[api]
app-accessibility/brltty[static-libs(+)]
@@ -153,16 +152,17 @@ SOFTMMU_TOOLS_DEPEND="
xfs? ( sys-fs/xfsprogs[static-libs(+)] )"
X86_FIRMWARE_DEPEND="
- >=sys-firmware/ipxe-1.0.0_p20130624
pin-upstream-blobs? (
- ~sys-firmware/seabios-1.10.1
+ ~sys-firmware/edk2-ovmf-2017_pre20170505[binary]
+ ~sys-firmware/ipxe-1.0.0_p20160620
+ ~sys-firmware/seabios-1.10.2[binary,seavgabios]
~sys-firmware/sgabios-0.1_pre8
- ~sys-firmware/vgabios-0.7a
)
!pin-upstream-blobs? (
- sys-firmware/seabios
+ sys-firmware/edk2-ovmf
+ sys-firmware/ipxe
+ >=sys-firmware/seabios-1.10.2[seavgabios]
sys-firmware/sgabios
- sys-firmware/vgabios
)"
CDEPEND="
@@ -200,30 +200,10 @@ PATCHES=(
# gentoo patches
"${FILESDIR}"/${PN}-2.5.0-cflags.patch
"${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
- "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8669-1.patch #597108
- "${FILESDIR}"/${PN}-2.8.0-CVE-2016-9908.patch #601826
- "${FILESDIR}"/${PN}-2.8.0-CVE-2016-9912.patch #602630
- "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10028.patch #603444
- "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10155.patch #606720
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-2615.patch #608034
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-2630.patch #609396
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-1.patch #606264
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-2.patch
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5552.patch #606722
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5578.patch #607000
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5579.patch #607100
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5667.patch #607766
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5856.patch #608036
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5857.patch #608038
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5898.patch #608520
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5931.patch #608728
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5973.patch #609334
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5987.patch #609398
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-6058.patch #609638
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-2620.patch #609206
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-6505.patch #612220
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-7377.patch #614744
- "${S}-CVE-2016-9602-patches"
+ "${FILESDIR}"/${PN}-2.9.0-bug616870.patch
+ "${FILESDIR}"/${PN}-2.9.0-bug616872.patch
+ "${FILESDIR}"/${PN}-2.9.0-bug616874.patch
+ "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8112.patch
)
STRIP_MASK="/usr/share/qemu/palcode-clipper"
@@ -246,7 +226,7 @@ QA_WX_LOAD="usr/bin/qemu-i386
usr/bin/qemu-microblazeel
usr/bin/qemu-mips
usr/bin/qemu-mipsel
- usr/bin/qemu-or32
+ usr/bin/qemu-or1k
usr/bin/qemu-ppc
usr/bin/qemu-ppc64
usr/bin/qemu-ppc64abi32
@@ -703,9 +683,6 @@ src_install() {
insinto "/etc/qemu"
doins "${FILESDIR}/bridge.conf"
- # Remove the docdir placed qmp-commands.txt
- mv "${ED}/usr/share/doc/${PF}/html/qmp-commands.txt" "${S}/docs/" || die
-
cd "${S}"
dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt
newdoc pc-bios/README README.pc-bios
@@ -714,22 +691,26 @@ src_install() {
if [[ -n ${softmmu_targets} ]]; then
# Remove SeaBIOS since we're using the SeaBIOS packaged one
rm "${ED}/usr/share/qemu/bios.bin"
+ rm "${ED}/usr/share/qemu/bios-256k.bin"
if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
dosym ../seabios/bios.bin /usr/share/qemu/bios.bin
+ dosym ../seabios/bios-256k.bin /usr/share/qemu/bios-256k.bin
fi
- # Remove vgabios since we're using the vgabios packaged one
+ # Remove vgabios since we're using the seavgabios packaged one
rm "${ED}/usr/share/qemu/vgabios.bin"
rm "${ED}/usr/share/qemu/vgabios-cirrus.bin"
rm "${ED}/usr/share/qemu/vgabios-qxl.bin"
rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
+ rm "${ED}/usr/share/qemu/vgabios-virtio.bin"
rm "${ED}/usr/share/qemu/vgabios-vmware.bin"
if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../vgabios/vgabios.bin /usr/share/qemu/vgabios.bin
- dosym ../vgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
- dosym ../vgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
- dosym ../vgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
- dosym ../vgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
+ dosym ../seavgabios/vgabios-isavga.bin /usr/share/qemu/vgabios.bin
+ dosym ../seavgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
+ dosym ../seavgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
+ dosym ../seavgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
+ dosym ../seavgabios/vgabios-virtio.bin /usr/share/qemu/vgabios-virtio.bin
+ dosym ../seavgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
fi
# Remove sgabios since we're using the sgabios packaged one
@@ -754,20 +735,50 @@ src_install() {
readme.gentoo_create_doc
}
-pkg_postinst() {
- DISABLE_AUTOFORMATTING=true
- readme.gentoo_print_elog
+firmware_abi_change() {
+ local pv
+ for pv in ${REPLACING_VERSIONS}; do
+ if ! version_is_at_least ${FIRMWARE_ABI_VERSION} ${pv}; then
+ return 0
+ fi
+ done
+ return 1
+}
+pkg_postinst() {
if [[ -n ${softmmu_targets} ]] && use kernel_linux; then
udev_reload
fi
fcaps cap_net_admin /usr/libexec/qemu-bridge-helper
+
+ DISABLE_AUTOFORMATTING=true
+ readme.gentoo_print_elog
+
+ if use pin-upstream-blobs && firmware_abi_change; then
+ ewarn "This version of qemu pins new versions of firmware blobs:"
+ ewarn " $(best_version sys-firmware/edk2-ovmf)"
+ ewarn " $(best_version sys-firmware/ipxe)"
+ ewarn " $(best_version sys-firmware/seabios)"
+ ewarn " $(best_version sys-firmware/sgabios)"
+ ewarn "This might break resume of hibernated guests (started with a different"
+ ewarn "firmware version) and live migration to/from qemu versions with different"
+ ewarn "firmware. Please (cold) restart all running guests. For functional"
+ ewarn "guest migration ensure that all"
+ ewarn "hosts run at least"
+ ewarn " app-emulation/qemu-${FIRMWARE_ABI_VERSION}."
+ fi
}
pkg_info() {
echo "Using:"
echo " $(best_version app-emulation/spice-protocol)"
+ echo " $(best_version sys-firmware/edk2-ovmf)"
+ if has_version 'sys-firmware/edk2-ovmf[binary]'; then
+ echo " USE=binary"
+ else
+ echo " USE=''"
+ fi
echo " $(best_version sys-firmware/ipxe)"
echo " $(best_version sys-firmware/seabios)"
if has_version 'sys-firmware/seabios[binary]'; then
@@ -775,5 +786,5 @@ pkg_info() {
else
echo " USE=''"
fi
- echo " $(best_version sys-firmware/vgabios)"
+ echo " $(best_version sys-firmware/sgabios)"
}
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/
@ 2017-07-26 19:11 Aric Belsito
0 siblings, 0 replies; 19+ messages in thread
From: Aric Belsito @ 2017-07-26 19:11 UTC (permalink / raw
To: gentoo-commits
commit: 733898218545d7f941e865f69a628b9792ca25ff
Author: Aric Belsito <lluixhi <AT> gmail <DOT> com>
AuthorDate: Wed Jul 26 19:10:10 2017 +0000
Commit: Aric Belsito <lluixhi <AT> gmail <DOT> com>
CommitDate: Wed Jul 26 19:11:09 2017 +0000
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=73389821
app-emulation/qemu: version bump to 2.9.0-r56
Remove qemu-2.8.1-r2
app-emulation/qemu/Manifest | 34 +-
.../qemu/files/qemu-2.7.0-CVE-2016-8669-1.patch | 32 -
.../qemu/files/qemu-2.8.0-CVE-2016-10028.patch | 40 --
.../qemu/files/qemu-2.8.0-CVE-2016-10155.patch | 46 --
.../qemu/files/qemu-2.8.0-CVE-2016-9908.patch | 35 -
.../qemu/files/qemu-2.8.0-CVE-2016-9912.patch | 38 -
.../qemu/files/qemu-2.8.0-CVE-2017-5525-1.patch | 52 --
.../qemu/files/qemu-2.8.0-CVE-2017-5525-2.patch | 55 --
.../qemu/files/qemu-2.8.0-CVE-2017-5552.patch | 41 --
.../qemu/files/qemu-2.8.0-CVE-2017-5578.patch | 35 -
.../qemu/files/qemu-2.8.0-CVE-2017-5579.patch | 40 --
.../qemu/files/qemu-2.8.0-CVE-2017-5856.patch | 64 --
.../qemu/files/qemu-2.8.0-CVE-2017-5857.patch | 38 -
.../qemu/files/qemu-2.8.0-CVE-2017-5898.patch | 35 -
.../qemu/files/qemu-2.8.0-CVE-2017-5973.patch | 87 ---
.../qemu/files/qemu-2.8.0-CVE-2017-5987.patch | 50 --
.../qemu/files/qemu-2.8.0-CVE-2017-6505.patch | 52 --
.../qemu/files/qemu-2.8.0-CVE-2017-7377.patch | 49 --
.../qemu/files/qemu-2.8.1-CVE-2017-7471.patch | 64 --
.../qemu/files/qemu-2.8.1-CVE-2017-8086.patch | 28 -
.../qemu/files/qemu-2.9.0-CVE-2017-10664.patch | 47 ++
.../qemu/files/qemu-2.9.0-CVE-2017-10806.patch | 50 ++
.../qemu/files/qemu-2.9.0-CVE-2017-11334.patch | 40 ++
.../qemu/files/qemu-2.9.0-CVE-2017-11434.patch | 29 +
.../qemu/files/qemu-2.9.0-CVE-2017-7539.patch | 601 ++++++++++++++++
.../qemu/files/qemu-2.9.0-CVE-2017-9503-1.patch | 122 ++++
.../qemu/files/qemu-2.9.0-CVE-2017-9503-2.patch | 114 +++
.../qemu/files/qemu-2.9.0-CVE-2017-9524-1.patch | 80 +++
.../qemu/files/qemu-2.9.0-CVE-2017-9524-2.patch | 197 ++++++
app-emulation/qemu/qemu-2.8.1-r2.ebuild | 770 ---------------------
app-emulation/qemu/qemu-2.9.0-r2.ebuild | 4 +-
...qemu-2.9.0-r54.ebuild => qemu-2.9.0-r56.ebuild} | 23 +-
32 files changed, 1309 insertions(+), 1683 deletions(-)
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
index c719930..5fe223b 100644
--- a/app-emulation/qemu/Manifest
+++ b/app-emulation/qemu/Manifest
@@ -4,36 +4,24 @@ AUX qemu-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch 930 SH
AUX qemu-2.2.0-_sigev_un.patch 638 SHA256 1f66c5a55ec94d73182cd25f3de5490cdb075542246a37d206cfb7b4a99a40a4 SHA512 5a2f9af1b60fd5a088679f3481b8d0317da88d4922b02289265b8d193b3589dd6d498e66531fc37ed86b97f4a648a1068f2da646e381d89c472716ef58190eb1 WHIRLPOOL 8444edaa4e5d59a337a7ebba71807b51941642517e5e762fb3458fde1a53c63c919ca809e5f32b503f1a92e4ccd2d21a057995fec56fcf846246dadccbdc863f
AUX qemu-2.5.0-cflags.patch 410 SHA256 17f5624dd733f5c80e733cc67ae36a736169ec066024dbf802b416accfed0755 SHA512 0194d28de08b4e51c5bd1c9a2cc7965ba7f66dfddb8fd91de3da93677e6cf2d38ad3270f69aaea8a20cf2533c2980018d6e0fed711be2806fe2053fba7c081f3 WHIRLPOOL 5f5b95d00409fbe03adb64801d30a2fb5f98dded5efa7f0e78b5746776f72917dcbea767e1d0afcb304d8bf8c484adedb8037e6d54e9d34997c2bc3a98b53154
AUX qemu-2.5.0-sysmacros.patch 333 SHA256 a5716fc02da383d455f5cbd76f49e4ee74d84c2d5703319adcbeb145d04875f9 SHA512 329632c5bff846ca3ffcdb4bc94ae62f17c6bdbb566f9bec0784357c943523e8ca7773790b83a9617734cab3b003baa3d636cbd08f7385810a63b0fa0383c4f0 WHIRLPOOL 2a774767d4685545d3ed18e4f5dece99a9007597d73c56197652ff24083550f987ffb69e5c624760dece87def71a7c5c22a694bf999d7309e48ef622f18f0d73
-AUX qemu-2.7.0-CVE-2016-8669-1.patch 1010 SHA256 3bc03869bede80013abb94ee029625a382c8059bc9474d9f6fd8e23840cff159 SHA512 53643363a470fba9b82c02b90f2573e45f59f5057993b2c15e1608916ece7f8582b4a84179e8ee70fcb8e3f3eb8a538a058401049ea38242bdb640c14ec54f7e WHIRLPOOL 873ed9b9784bb5757a07c1a494f70603cbe82751222d68a883327424e0d7e87d536400eca5fc7406080cbde2ab0a8fe0b3ee5c6dff81624db5d6d5964fec81be
-AUX qemu-2.8.0-CVE-2016-10028.patch 1384 SHA256 25a9f2b2014bbcbb008683211503716a2b4a0e8d96ea001d32b87d451cee1842 SHA512 6cfad99e54cfaea97f5c14fbbfe35768a8ea46196117bf770725e1079f9bccca3b7071416a14e60a36c3c919760ab49663fc8b551026c8cd58c10b3f2d7940b4 WHIRLPOOL 5c0c8350112cb63c8b3db7a15a9090cd2fba879317565b108285fd92c23a8b75a593a65d94b6e448086b126a735056065d07c1877abdb6815ebaa430cf4adabf
-AUX qemu-2.8.0-CVE-2016-10155.patch 1558 SHA256 53c20d983847a716f3f708c50ffbeb9d44fd8718f39d86556ae44394d1b2a624 SHA512 4ebfba87927c9f58fe1a0aa05b5850d391698617ce7c3e002d3adfd981ed8c23d35a6863e14f52264576dda31f84dc25421d2f930547f82ccfde126137d91aea WHIRLPOOL 44366afdf52eed47c28a6e9cec1ee7c613b5bac6441cf4f7bf29b30ef6ec7504e72a2d8c873a949e46f1cfd3055a407b673d6151802ab3c957cde8faaed20903
-AUX qemu-2.8.0-CVE-2016-9908.patch 1166 SHA256 22ef4999a3daf3c46a3c90ca20fb131545d4d0befeff7c3ca870585a3e03b7b7 SHA512 c46abda3a5b1a68c7c2e5236f8e424f4569a28ba2aea9b8ec32467e55b535492da6e4702d4758a5721f1bf222f7f2554a5e4c9a190781d60c40202a5291dcf49 WHIRLPOOL aa8087350770ecbb60049e3269ddf9d68258657ef6a088b562e344056689e578a390328dde9c5d2b5024e7fa03995b571295a1d64943d9b3882cf0c5f833dbd8
-AUX qemu-2.8.0-CVE-2016-9912.patch 1307 SHA256 e3eac321492a9ef42d88b04877511255c3731a9bb029d7c6ab2da0aa8f09e2d8 SHA512 f9ba4f167334d9b934c37fbed21ded8b3d71e5bdbdb1f15f81d4423b0790bfa127637155d5863b563fa974f1421c4ace1f2a4e3e81e3ae3d6045b2083210b103 WHIRLPOOL 7aa8dab7b6462f142365d274e6131ca1630c396e36c851cb562c081c4243c58e2ae22cf682e51145af08befcaba395254c765cf56112a6c177e1c9a18ffb5926
-AUX qemu-2.8.0-CVE-2017-5525-1.patch 1625 SHA256 88e253c306761017d66dca5b72184f89cebf3b617db7bc0e4b27025757a66181 SHA512 a7f82374ec4e264b065be7ba63c197d93fee230d68819bf68a0a67c84f89182d0cc0a42b9aadf53a8a903d640dacc55392174c7820379e92ad0e35c86c35a2dd WHIRLPOOL 63e192dc0e075139f18aee2d0541c75021852a7d7251321ca8fe7f9b793c72786a6aab878e308931289eab3c07c3cbbc8ad32b67de1193f85b672e16a8372495
-AUX qemu-2.8.0-CVE-2017-5525-2.patch 1664 SHA256 ab03a1cff62164090133f0dbace9724302e806a808b18d64628d12f0bd9abad6 SHA512 ac1d89331c3fc4d0ef7af411a12654329057676e9f016cb9a4a46dc9b4e01092c17af33d095f3104e71094ae585a35a8276a98560dd97f8d045e0b9fd2f0069f WHIRLPOOL 20457d7fe5b3842c0c601068dba410586fc4b4c7fce81ba3ee436a6cfec3b1b950797d6ca9a2a573fef21a29421f8c04a34d1dfefe0b7ade03a6ca51d16d99cb
-AUX qemu-2.8.0-CVE-2017-5552.patch 1481 SHA256 26616f16434b3aff65b1cd1ce82c6abdfbd44da8a047a5a32b1e07755c9a3e1b SHA512 3c3f5027be3bfe56c1445004bd28536e11f606cc6787fcefad3da267eb3e11b61110c8a4700fd9d6f95ce50f10a2678b2bc6f950297b949b837882a68901d6e5 WHIRLPOOL ca93726b8a0567f68fac634eef1e88c997c1e959cafb33bc6ba8871d9021591bb61be6b3635d3fac111e1e177dbbff939c93580d7f0824e752b378dbc38fbc45
-AUX qemu-2.8.0-CVE-2017-5578.patch 1084 SHA256 a7639fc84377b23ebc55dbb1c6d8c53bb2e6230be03b2efba78108257058d8b4 SHA512 8d160d56a94ec9380640badcab29fdd05f2f665377febd1b7e71a9c619d9db963eaa74cf74a2e0287fd2f6e2a7d4bce0f8e4281b3b0292347eece52b7344243b WHIRLPOOL efd3238bf720a1051a41ea621601afeea7546cc7e48d4a7f23bc0b3277bee368bb259a2735e6290b4609e78a1e54e29fe1ba7b088824284787faddc84491d876
-AUX qemu-2.8.0-CVE-2017-5579.patch 1132 SHA256 df32524c24aa4d7d9166bb5e159ba10023c7777b9583e920bd8590feec433580 SHA512 d4669821ae8e06a31b852a31699aa26421ce5fb6c049573cb6613515da486e390d8ddf71adb4e6c1a45a15bb468bbb45df68cbf5e9388660c9c03866becb9edd WHIRLPOOL 0d5ed483c6e3f849fc4b9568a3af4c086258ef1162a4e11baa65bcf35eeb8a505c8b7de935175fdc53e7284e23eb492a95326cdea6c690283085136cb02d3b7a
-AUX qemu-2.8.0-CVE-2017-5856.patch 2224 SHA256 92ddbba8c0d21bdae5b11ae064c21da939cbbb1fd0e6aa10477efced6bf9582f SHA512 7e043d8299d67d33c12bf5591f0881029013852df2243c2ea747fc6c4d1d6c0acffbaef7538634a60f8f875da94bb71db3e3a07972de066b7ac5d49e4d3cb906 WHIRLPOOL b5f38b059e4305b352e3807c2b7762fe856d1067431452fbbf991415ad17f25d152225d9e0ea61b5e8175e42abebbb2abdd85ac37f301ac123f81af822ff2f02
-AUX qemu-2.8.0-CVE-2017-5857.patch 1326 SHA256 e2150a7cc92b72e3f20506b9c76b40599af8d2366d25bd9b245a0bffa66ad8eb SHA512 d6d000b57f1fb194f9554165621109b364ebdb61416bc07e2283f2d493c33e770d1b63002d62565aae1ac19ed0ad9e572c207341aa1ad023581f349f62158d30 WHIRLPOOL cbe84c67ba9bb368baf2b1842e8c7c1ee3fb720630bcd53fdbdef9e8f3efdb25c1a927d0f65c9d1f6def28defe6997943a7867e8225eb12e395a0811ad3e32a1
-AUX qemu-2.8.0-CVE-2017-5898.patch 1412 SHA256 7f44668d51a94d19fcca0f496d8ac798fd654afe25d2998f7d07a148a836ade9 SHA512 2cd9af4957849a5d72dc0f0fbb30852870306ebc0a348cf5951df58d3029d1aae52df9261d2e4a9d7a4f132f78c390af8a049e1f109b324899bccd91e5c10d1f WHIRLPOOL c48e1fe163761880adab990683dc5d54ee31173763f11239ffee7c229bd65a2958a696dede39e7e645860980e2a7c5c6e5873e5db53872ac373d8d2415a167ab
-AUX qemu-2.8.0-CVE-2017-5973.patch 2815 SHA256 206d01053ce678e2c83174b278755e112099f76350aaa765525d344a87365ded SHA512 31b4bd1b8398d8044ace7660a049c492beda83613818a718477257e0bdf922d63423100fd59f2e8411dc952d282a7c405b916ab437b131b31c21dcf65f98edce WHIRLPOOL ea43efbdd5fdc51e1b8b5057fbe50b3911896cbda8437998ca203d34db82524eb42a77440f2490574a48f15ba1c4bbb7d9c40bfb6e99e96278a1d1912ea210a7
-AUX qemu-2.8.0-CVE-2017-5987.patch 1889 SHA256 c4f2175970deca9b00bf657e66b8df31a02efce469eec02279a9659b9cb18bb0 SHA512 32708f91edbbb61ac444ee71b97a30138380544389f6265d7cb7aec330ebaaa7ca69844a9462c817fbda117e78748fc4fdeb655e70bcd72ddd8b112fd9619b0d WHIRLPOOL 1aa99740495c0d2a577cf13c47669aeba75ad389394736ce16fde31c91931254820accad85a6d6fee9757595bec3f222413a89fe4ca125913be7ecc97f33b365
-AUX qemu-2.8.0-CVE-2017-6505.patch 1481 SHA256 55e3b7e65e519caef4fdd28cccb973613759cce0d67eb64c2093b4f0a4e428e1 SHA512 5326f28a9340f392e4f32e4cd5f58cae0769859e10fd4d201983d40ec6b4d094d6a0cad2638e1e6f3e5228b93af26cc4f4a155e0d94bad89d0ea9b866f535aa7 WHIRLPOOL c88312cd5e779a98c905f175d61400ef7bb59795cc1e0392da0018a158a4c435ffa07f1e6a621db6eea925a0dbb986442eab4f79f956dc1955058fc97670f390
-AUX qemu-2.8.0-CVE-2017-7377.patch 1554 SHA256 36fbd8ec9fa7d910fde8b6b8905717b322bd23b50c2b2f925e1a2415ae306755 SHA512 195be1a75340c41aa89614aad8d07f2cf630eb10f3160cb8a86d85371ea9d7dcdbe9d49e9752ac3d6765c8d4c99c845408933b57cf21199f77ba09fcf79a02c8 WHIRLPOOL 8d7677ae3cfe18e34072ef23666c4658553a7d3b564d96e480ae432281d403242f2013d9fb189d473ab9c31def515401d22c04ba8e86d93d0369e95b1e371574
AUX qemu-2.8.0-F_SHLCK-and-F_EXLCK.patch 574 SHA256 d02353daa0ecfe161e938a5e54feab641b901f4a35c8f5831133676a6f53f43f SHA512 6b64750335aae1142ca9132fb766ac2aaeacfcdda0aa0cfca19afc4c3ea3806e30ce603fcec3767e40e84efb0ae8b9a23f21d46c807c13bb646be74f99e13389 WHIRLPOOL 7401c3daf162c71a5a5c3729855fddb5df95609b34c86ea0f4d872c8f132d6ac089cfb35a990af70aef8b7b63fe075a1e2be376b6db09bc70e8d51e48aded354
-AUX qemu-2.8.1-CVE-2017-7471.patch 2310 SHA256 ae5129c0f278de155f69e3d306038fa259c28ecb09a623262362163b00de85cc SHA512 dd5c5bc8e5ee9eb27516276d53f78ecde00b4fe5debbbdd8db1c3a2f2ef663667598acbb3b95f220e709ed89e1a0077733ca4fc1cb2fa0eb0f700e9931ddd003 WHIRLPOOL c91ddbdbc685dc76efc417087d680751aaade178593ca96fbff7b8ae1e0d0bdb659faee676d31b606e16c4adf446632a8a9350a57a1ac049b7649bdc0c3b8cf0
-AUX qemu-2.8.1-CVE-2017-8086.patch 751 SHA256 ff6f3bc1a94861da633f9e5517dde6b2719e227773941e7c9651281c77216589 SHA512 84197e80d28322efaa327dc7ad3ffc5e8bf791d89255e8ac7d5c5e9cebba3786c4e21008cbfb704de5323554a9d3f0873068c0a06493d4ca3b7849523eab6212 WHIRLPOOL 73f88468ba89d8384c04ffa3af646c8b628f1fa52f27866095f84ea1241f421763699ae18553d835133de70d7f244d0638d83d15881e5a3858a1128b14a1bcf3
+AUX qemu-2.9.0-CVE-2017-10664.patch 1613 SHA256 5941cc41f0c02b185be3f6ba450f155dfc42e98f538560a054309066d12e5736 SHA512 19be668bd5847b65a82bd710de062bf1bc16a2b93516cbd6842328a71cd8ef8e97f38fa72bffe603a41f7674652a73b9bc05bc6791d265423490aa6de09738ce WHIRLPOOL f3e436bd5ba9e61473e6a66af4a1c0063445ad616a06cbed1760326435fd391d56d6f084eae4b3465928d995cb426f02ed813747aeda0b535ed7ed4a2a598072
+AUX qemu-2.9.0-CVE-2017-10806.patch 1450 SHA256 ef884e2ed3adb618273af1d036ed0c7e3a09599e3d042080bb4b5014c6bc54d7 SHA512 38fea2c1a2a5a224585a07a028a8c4cfc1bec4d943e85c13e01228062bf306a502b0948270863b226bc974832e3af18158904fbfc08ccdf1f72f06e7830780d5 WHIRLPOOL f02fb957016af684dc894f93ec0b7dcca3febb8d37882aae1e17d2aca9948e200a013ae467cb54c5555e76c73f124a37c95fde189a4492d88322802d8160310c
+AUX qemu-2.9.0-CVE-2017-11334.patch 1362 SHA256 bc2f3a50ad174e5453d0e4d1e14e9723b316e2339dc25ff31e27060ee13242bb SHA512 422296269ec29b3313c984947ac48b7179ce8e169131624d316589a621778f846b883e76cdfba50c62dc63ab5fede0ad0292704c1ca1cc9e1e7b3b01a153b8c8 WHIRLPOOL 504cf6b2ebfb11bf1471f920d101df28df59f1a585eac31ac278a366f2b769386bc7d100aa8386b3f8f45d5f5f700aa6625be3192eb4f1f3b77e69c6684cf74f
+AUX qemu-2.9.0-CVE-2017-11434.patch 912 SHA256 e8be3cb9261f8735ff2a50fb8b79ccfea85456c7a2e5a5702fcc5339463dc05a SHA512 db95d9459b9669e0981195fe15f16c4e74d5f00c03e1ce5e33541e005260e77fa114b1b3f30bc06d80b723a6361b704fb58709b25773c168c8aa8f5f96580ac9 WHIRLPOOL c68e25024ab3c1d01e5b53d0a7b1591110b96d78079bc940ec28da2e2770dac6b1f9bbaaeb97c88ea0e1b46db886f7035d81bde582750e560d136916ecdab8a2
AUX qemu-2.9.0-CVE-2017-7493.patch 5656 SHA256 77462d39e811e58d3761523a6c580485bdfca0e74adbd10cf24c254e0ece262a SHA512 2b01f2878c98e77997b645ba80e69b5db398ef1e8f2b66344818d3c9af35dd66d49041ef9ee8aa152bf3e94970b4db282cf53909cb13b2532bc0a104251b2e81 WHIRLPOOL 23c788c5a78e126a61bd277e9fa1511cc71b8fbdc83a5bf319c5fc424219cbcceefad737844e45c11a76e047f8a49853d0a85b267f24f7b23bb7276d0edf0451
+AUX qemu-2.9.0-CVE-2017-7539.patch 22018 SHA256 523d41e08a2aab888e3e63b4dda6a19e535fe6fba2bf08b6ead06498ca923f29 SHA512 5c81488aeae78307bee551a3a037f3b9cf55971a17c5df17f89f31224bdfa0a5e79141341314546256bffe542b781ad25151c54340a63c766086a578e5465825 WHIRLPOOL 085fc7e7d40c803a3caf15cdee77ce553b385919678ecf4bbcc3f532af5e482ca804a167af43e4f393da93aed88285690d84a3054c7f0df61d603d0046029dbc
AUX qemu-2.9.0-CVE-2017-8112.patch 696 SHA256 a4dcc2a94749a5c20ef38d4c7ce13cd1ffe46017c77eea29ced0bec5c232e6aa SHA512 840f5270332729e0149a4705bae5fcc16e9503a995d6bfa5033904a544add337ca8ccb1d2a36bb57cc198f6354f5253403f1c4f04cbd18c08b4e1a9d6af9e07f WHIRLPOOL 1ba4e75fdd0c767254c85754612da9e8ff9ba2e7ea0811f723844bec190946805cd59db83f347a3dea4296d2b58d2df4a8d99a492335ba818824348bcebdd556
AUX qemu-2.9.0-CVE-2017-8309.patch 595 SHA256 8231747fe4d9c97392fe44b117caccd07d320313dc27fad17ac658122113ced9 SHA512 4415c36acb4f0594de7fe0de2b669d03d6b54ae44eb7f1f285c36223a02cca887b57db27a43ab1cc2e7e193ee5bce2748f9d2056aa925e0cc8f2133e67168a74 WHIRLPOOL af4c5e9763a0e114e554a1c8be99ea79da0b634fdc9d87922c7713187f1f904bfcce103648d549bbb190e92443664dbb9bd7592d8137f2337be0f4b22d1f9bd1
AUX qemu-2.9.0-CVE-2017-8379.patch 2736 SHA256 f2f8910c8e1ce9fc9804f4fbbe978fee20ccbfccc5efe49f42cdaafa63c511ce SHA512 79e32f75d98ca4a92a5069b65c5b9cff16064255ed4d161e4e292b97373742c25d5ddc12dfffa627197fdb5e0808108b30d0182a9c060cd181723bd90c618d15 WHIRLPOOL 545c00189da3b252c80bb35c6b6d3368a02b36b06f2866838ddd9ebb9ccf2b608ae278ee192b6b3aef2966736afe9bcdd646c80c228ec5daef76b92bd2721bd5
AUX qemu-2.9.0-CVE-2017-8380.patch 1048 SHA256 23eb5ae64b064e46785ae4f675fbe7c6a353f6688dd154ce98b78a0b7104a2fb SHA512 872fabc4f6eee48dff292297887b8c4a18aa6f8c2f9b7247e325c96e10ef8d72206f269d89c4a4a40ea6ad3e5082db40866b0f386f31716e749fb3a7db89d2dd WHIRLPOOL ddce30f5b22707938c2ba419264a6b731f292f0748e3891c7aa48daaa7a4b204a8bb1b4110fbd7c1836a02605e49e170a4bda6ee9eccdd2570472ff0f63c8d37
+AUX qemu-2.9.0-CVE-2017-9503-1.patch 5036 SHA256 3831acce5d79ab1ad195ee6a26eb276a08fee00143ef6473ad488a49590c26e8 SHA512 690a43f3b15f10f4c030af761b2fcf873eb72d1ca53dd03f15eb35a30454298bda7ddde2b38ed549b8bad1b3a465ad3c7c9334886e75856794c0beee2dcadc2d WHIRLPOOL 909b90579ba60084bb69d3067e9bde6288011649ecc986d3f520dbce31cc9063cf3b175d62d017bf6bfa6026549250d2f64c06d4f0a411a5e95d7cf2af0062d8
+AUX qemu-2.9.0-CVE-2017-9503-2.patch 4103 SHA256 a08f7f56890e1061d47691181ccdbd4cc2d97b5221d3b438afe8c429427b1e8d SHA512 21ce3255f511c82c7f8848392cb8266d804691a02207f06b950539f025a3bafb3f4c27365956cfa5129a7f0bc1796c006303993a328e72e689b8ff722f71e542 WHIRLPOOL 67bb2f24c2b567855c8f943208c5d4ceacb6df39539cc6ffce3e09fc55052b98aa794d19f70dad4fde515bd3021c46ff53ff374e58f09a802a2222a40eb3bf2d
+AUX qemu-2.9.0-CVE-2017-9524-1.patch 2624 SHA256 f2479f79a81dba79eeee7a333b50bfb6f3d7e23d4cee6a8a65b291744d676b85 SHA512 7b72e492d4f9f38f15e3ec5ba3765b6d86cb726e8581278f1abcc485245f80d7a6ca9a5378dd214a82e230221d1ec650e90a221335beec8cd18567db7f7ce311 WHIRLPOOL 95b0566a9c7712e00e6200a839f449b8367aead31bf18b797193865825123b50d9f8ff11450f540caa94a102637ee5b7075ceaf8f703482296111a7af270f374
+AUX qemu-2.9.0-CVE-2017-9524-2.patch 7016 SHA256 092da49ea1aafd9b94f20127b93c1373b9a83ef127cad1d45fdbd8f5a9d9dbe9 SHA512 de25c5506ae955fb799b2c9952120c9feb51b363f5ee277c9b63882938ce56c44702dcd688ecf65a3d2a089503be938432eb62ffa3df7409f4211bb7fa126f26 WHIRLPOOL b38c3a557be778634d53e7c356fb124e7470ad3e58b426677f3405c10faf76fa88d2f354d66a69b8549a64c480a338c94ed425c768394ad4cdd74ed4479ccc89
AUX qemu-binfmt.initd.head 1445 SHA256 a9b4b1d1ffa82d572c01f14ebfbafb4b3a4c2eb5cad5af62c059f603a9f5a277 SHA512 a735268ae9ac84d8f2f2893bf018ee6de33231fa94a823bd8502b529bb456635c1ab5cf9b440df5ede8e414291f8bf45fc53898c2f3939c50d5ec4ffa554396a WHIRLPOOL 3ec0f916d5928d464fa8416c8eac472cfa01b560bba07642ff7929799918d1c8059ac7368ff5551e6aa993027849de08035d856db7981315d8e4ec470a0f785e
AUX qemu-binfmt.initd.tail 245 SHA256 1b765f5212946b73b8e4d92f64d34a9d2e358ef541c02164f6d6dd93cb15e1e7 SHA512 bcca16805f8380d52cc591ea3d65a8f6e5de456730618f6aee301510edb75d235a22d4d7aeed224882210392840adb403eb53234b6cb76a4cb24533852a8b737 WHIRLPOOL 41ddd1751101646e700a6fe4ef879bd4149d646a801f97e40534051895697dcbded06a1edda51457a0d624fbf68442c3e57178a3ee8e683e35368b88d10ba4a4
-DIST qemu-2.8.1.tar.bz2 28366270 SHA256 018e4c7ed22c220395cf41f835d01505e49d0e579a548bd3d72b03809442bbcd SHA512 0397b4029cdcb77ed053c44b3579a3f34894038e6fc6b4aa88de14515f5a78bf2f41c5e865f37111529f567c85d2f1c4deefae47dde54f76eac79410e5b2bdda WHIRLPOOL c41f53f18fac44efd1c81ba9d95204d23e9a70dc9c21624177be2fe92a327428fd5704b25bc334229fa36ae395fb4c82ba3955db39719c4458343978a4d3141a
DIST qemu-2.9.0.tar.bz2 28720490 SHA256 00bfb217b1bb03c7a6c3261b819cfccbfb5a58e3e2ceff546327d271773c6c14 SHA512 4b28966eec0ca44681e35fcfb64a4eaef7c280b8d65c91d03f2efa37f76278fd8c1680e5798c7a30dbfcc8f3c05f4a803f48b8a2dfec3a4181bac079b2a5e422 WHIRLPOOL d79fe89eb271a56aee0cbd328e5f96999176b711afb5683d164b7b99d91e6dd2bfaf6e2ff4cd820a941c94f28116765cb07ffd5809d75c2f9654a67d56bfc0c1
-EBUILD qemu-2.8.1-r2.ebuild 22908 SHA256 b21f2820c166fcf91f0be3f8eb323b49d8c8ccebd4c376d9dbcdebbe751bac52 SHA512 3fa48453417e0cfa4d24f11fd5f234ec8790744c65154456328a24641a6f03cffb5b50ecf2bf81388fc18b12b382042e882fa853a09ae2288beb459e8658db5e WHIRLPOOL b5881ff308b91dc53b3115e278d5cd89d5f3f5d69ea7355fea2a048e471da1c4079eb245aa262ab2c19c6d75ddac1770acab3fa1c39d2c6e74cf72d84426e16f
-EBUILD qemu-2.9.0-r2.ebuild 22065 SHA256 f722fa40663602c90dc07139580a3bcc5bcae60ce1a3808f2f38adc2d13211b1 SHA512 51822cc9753b27e6fed97bdd1e4845cbcfb0c8a4a9f55256820127994a1b3beda96765b83a8c578637a968b261f1bf6ef4c1d6ae09491e9f5f9d94af5cdb5ce4 WHIRLPOOL 20f5b6786e60eae4260df3bcdfb9f94d128abc03f9458cf3e42ddf5bb1b0749ea26bc18ba58c47c4d131cb5ab02898f7097dd85c3d9d19ac6bc49062d9d8a57b
-EBUILD qemu-2.9.0-r54.ebuild 23455 SHA256 cf27b44542770cf10be0bd69481e13ccdef4d512d4d02f2388eaf441b1b2b9b8 SHA512 e1344e489cb298807c992f257954e28c0c2d24a517bdd907bc60ebf2380cebc26861161e2a5deba8c95da5af700de198951696061ea916ea9c6f1037264e89dc WHIRLPOOL 3b764803988879ef45a1b28f016d0ac732d8aa18c1fab92e52e18677fea7d3777967281c075dcdc3daa7da083c66c423d7d30ffe2d876811a776bcc5e2de63da
+EBUILD qemu-2.9.0-r2.ebuild 22065 SHA256 45015103d32a318241da3d34c7340786571b65dc580f8493853c35e0ad5541ec SHA512 7b69c749172677046a101778ba2d8078bf8f5ccedc2d3c6767a2096838f8b80d0519bb798f23e7229fec04ca0c6c4c96caf7d07983ca2aca8d77e86b4f2ed229 WHIRLPOOL ebbf728a67a6f67ce2d40ac72cc95e27e46133e522d70a0e6d91525df7af048d2d1dfbb3e9534e4871882f5fe01749e3f749662414f802569c2f40ac66450afa
+EBUILD qemu-2.9.0-r56.ebuild 24010 SHA256 4185ac27c271ca09d383907cf914c020ba5f9614d5c3901d12e82d4069e0090f SHA512 fab143169a3c25fcf7b2532ec10c651c8b1c1875ea8cb0daa4ae29e153c9609ebc75184df1584944eadb541db76e931ff121866dcde58f3e25e29ad9eadc0a24 WHIRLPOOL 44d3f1fc2f01e61287508580beeacc9c1e1c709b6d19347f69a33ea3202ad7e8dd035d3df948dec11b3a62564a23a41a5c5a1e6faa1e2bde5f31d0ec9c02eb9b
MISC metadata.xml 3794 SHA256 149f7bc9927e13bbf7355972e85df6f9f198dd17fb575a7e516817d6a88018fb SHA512 10f130f225b90dacf8262247d795a247abfdcbf3ad5fbe0693e8d4db79f755984f690cb150a7eb5a8e5d669ce404145c4fbb6b200d6362319be74759fd78b6d3 WHIRLPOOL 6a5e88caeb64387f619a19fecb55c39ccf3c8dcd360523e8d61b80051001c02fe81432c55e40b3f360295b35e9f5a1f707c570baf95cad06d18c4cd484da0ceb
diff --git a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-1.patch b/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-1.patch
deleted file mode 100644
index cea8efc..0000000
--- a/app-emulation/qemu/files/qemu-2.7.0-CVE-2016-8669-1.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-http://bugs.gentoo.org/597108
-https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02577.html
-
-From: Prasad J Pandit <address@hidden>
-
-The JAZZ RC4030 chipset emulator has a periodic timer and
-associated interval reload register. The reload value is used
-as divider when computing timer's next tick value. If reload
-value is large, it could lead to divide by zero error. Limit
-the interval reload value to avoid it.
-
-Reported-by: Huawei PSIRT <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/dma/rc4030.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/hw/dma/rc4030.c b/hw/dma/rc4030.c
-index 2f2576f..c1b4997 100644
---- a/hw/dma/rc4030.c
-+++ b/hw/dma/rc4030.c
-@@ -460,7 +460,7 @@ static void rc4030_write(void *opaque, hwaddr addr, uint64_t data,
- break;
- /* Interval timer reload */
- case 0x0228:
-- s->itr = val;
-+ s->itr = val & 0x01FF;
- qemu_irq_lower(s->timer_irq);
- set_next_tick(s);
- break;
---
-2.5.5
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-10028.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-10028.patch
deleted file mode 100644
index 466c819..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-10028.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-https://lists.gnu.org/archive/html/qemu-devel/2016-12/msg01903.html
-https://bugs.gentoo.org/603444
-
-From: P J P
-Subject: [Qemu-devel] [PATCH] display: virtio-gpu-3d: check virgl capabilities max_size
-Date: Wed, 14 Dec 2016 12:31:56 +0530
-From: Prasad J Pandit <address@hidden>
-
-Virtio GPU device while processing 'VIRTIO_GPU_CMD_GET_CAPSET'
-command, retrieves the maximum capabilities size to fill in the
-response object. It continues to fill in capabilities even if
-retrieved 'max_size' is zero(0), thus resulting in OOB access.
-Add check to avoid it.
-
-Reported-by: Zhenhao Hong <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/display/virtio-gpu-3d.c | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
-diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c
-index 758d33a..6ceeba3 100644
---- a/hw/display/virtio-gpu-3d.c
-+++ b/hw/display/virtio-gpu-3d.c
-@@ -370,8 +370,12 @@ static void virgl_cmd_get_capset(VirtIOGPU *g,
-
- virgl_renderer_get_cap_set(gc.capset_id, &max_ver,
- &max_size);
-+ if (!max_size) {
-+ cmd->error = VIRTIO_GPU_RESP_ERR_INVALID_PARAMETER;
-+ return;
-+ }
-+
- resp = g_malloc0(sizeof(*resp) + max_size);
--
- resp->hdr.type = VIRTIO_GPU_RESP_OK_CAPSET;
- virgl_renderer_fill_caps(gc.capset_id,
- gc.capset_version,
---
-2.9.3
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-10155.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-10155.patch
deleted file mode 100644
index c486295..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-10155.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From eb7a20a3616085d46aa6b4b4224e15587ec67e6e Mon Sep 17 00:00:00 2001
-From: Li Qiang <liqiang6-s@360.cn>
-Date: Mon, 28 Nov 2016 17:49:04 -0800
-Subject: [PATCH] watchdog: 6300esb: add exit function
-
-When the Intel 6300ESB watchdog is hot unplug. The timer allocated
-in realize isn't freed thus leaking memory leak. This patch avoid
-this through adding the exit function.
-
-Signed-off-by: Li Qiang <liqiang6-s@360.cn>
-Message-Id: <583cde9c.3223ed0a.7f0c2.886e@mx.google.com>
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
----
- hw/watchdog/wdt_i6300esb.c | 9 +++++++++
- 1 file changed, 9 insertions(+)
-
-diff --git a/hw/watchdog/wdt_i6300esb.c b/hw/watchdog/wdt_i6300esb.c
-index a83d951..49b3cd1 100644
---- a/hw/watchdog/wdt_i6300esb.c
-+++ b/hw/watchdog/wdt_i6300esb.c
-@@ -428,6 +428,14 @@ static void i6300esb_realize(PCIDevice *dev, Error **errp)
- /* qemu_register_coalesced_mmio (addr, 0x10); ? */
- }
-
-+static void i6300esb_exit(PCIDevice *dev)
-+{
-+ I6300State *d = WATCHDOG_I6300ESB_DEVICE(dev);
-+
-+ timer_del(d->timer);
-+ timer_free(d->timer);
-+}
-+
- static WatchdogTimerModel model = {
- .wdt_name = "i6300esb",
- .wdt_description = "Intel 6300ESB",
-@@ -441,6 +449,7 @@ static void i6300esb_class_init(ObjectClass *klass, void *data)
- k->config_read = i6300esb_config_read;
- k->config_write = i6300esb_config_write;
- k->realize = i6300esb_realize;
-+ k->exit = i6300esb_exit;
- k->vendor_id = PCI_VENDOR_ID_INTEL;
- k->device_id = PCI_DEVICE_ID_INTEL_ESB_9;
- k->class_id = PCI_CLASS_SYSTEM_OTHER;
---
-2.10.2
-
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-9908.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-9908.patch
deleted file mode 100644
index 841de65..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-9908.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg00059.html
-https://bugs.gentoo.org/601826
-
-From: Li Qiang
-Subject: [Qemu-devel] [PATCH] virtio-gpu: fix information leak in capset get dispatch
-Date: Tue, 1 Nov 2016 05:37:57 -0700
-From: Li Qiang <address@hidden>
-
-In virgl_cmd_get_capset function, it uses g_malloc to allocate
-a response struct to the guest. As the 'resp'struct hasn't been full
-initialized it will lead the 'resp->padding' field to the guest.
-Use g_malloc0 to avoid this.
-
-Signed-off-by: Li Qiang <address@hidden>
----
- hw/display/virtio-gpu-3d.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c
-index 23f39de..d98b140 100644
---- a/hw/display/virtio-gpu-3d.c
-+++ b/hw/display/virtio-gpu-3d.c
-@@ -371,7 +371,7 @@ static void virgl_cmd_get_capset(VirtIOGPU *g,
-
- virgl_renderer_get_cap_set(gc.capset_id, &max_ver,
- &max_size);
-- resp = g_malloc(sizeof(*resp) + max_size);
-+ resp = g_malloc0(sizeof(*resp) + max_size);
-
- resp->hdr.type = VIRTIO_GPU_RESP_OK_CAPSET;
- virgl_renderer_fill_caps(gc.capset_id,
---
-1.8.3.1
-
-
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-9912.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-9912.patch
deleted file mode 100644
index 55963f7..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-CVE-2016-9912.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg05043.html
-https://bugs.gentoo.org/602630
-
-From: Li Qiang
-Subject: [Qemu-devel] [PATCH] virtio-gpu: call cleanup mapping function in resource destroy
-Date: Mon, 28 Nov 2016 21:29:25 -0500
-If the guest destroy the resource before detach banking, the 'iov'
-and 'addrs' field in resource is not freed thus leading memory
-leak issue. This patch avoid this.
-
-Signed-off-by: Li Qiang <address@hidden>
----
- hw/display/virtio-gpu.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c
-index 60bce94..98dadf2 100644
---- a/hw/display/virtio-gpu.c
-+++ b/hw/display/virtio-gpu.c
-@@ -28,6 +28,8 @@
- static struct virtio_gpu_simple_resource*
- virtio_gpu_find_resource(VirtIOGPU *g, uint32_t resource_id);
-
-+static void virtio_gpu_cleanup_mapping(struct virtio_gpu_simple_resource *res);
-+
- #ifdef CONFIG_VIRGL
- #include <virglrenderer.h>
- #define VIRGL(_g, _virgl, _simple, ...) \
-@@ -358,6 +360,7 @@ static void virtio_gpu_resource_destroy(VirtIOGPU *g,
- struct virtio_gpu_simple_resource *res)
- {
- pixman_image_unref(res->image);
-+ virtio_gpu_cleanup_mapping(res);
- QTAILQ_REMOVE(&g->reslist, res, next);
- g_free(res);
- }
---
-1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-1.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-1.patch
deleted file mode 100644
index 24411b4..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-1.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-From 12351a91da97b414eec8cdb09f1d9f41e535a401 Mon Sep 17 00:00:00 2001
-From: Li Qiang <liqiang6-s@360.cn>
-Date: Wed, 14 Dec 2016 18:30:21 -0800
-Subject: [PATCH] audio: ac97: add exit function
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Currently the ac97 device emulation doesn't have a exit function,
-hot unplug this device will leak some memory. Add a exit function to
-avoid this.
-
-Signed-off-by: Li Qiang <liqiang6-s@360.cn>
-Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
-Message-id: 58520052.4825ed0a.27a71.6cae@mx.google.com
-Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
----
- hw/audio/ac97.c | 11 +++++++++++
- 1 file changed, 11 insertions(+)
-
-diff --git a/hw/audio/ac97.c b/hw/audio/ac97.c
-index cbd959e..c306575 100644
---- a/hw/audio/ac97.c
-+++ b/hw/audio/ac97.c
-@@ -1387,6 +1387,16 @@ static void ac97_realize(PCIDevice *dev, Error **errp)
- ac97_on_reset (&s->dev.qdev);
- }
-
-+static void ac97_exit(PCIDevice *dev)
-+{
-+ AC97LinkState *s = DO_UPCAST(AC97LinkState, dev, dev);
-+
-+ AUD_close_in(&s->card, s->voice_pi);
-+ AUD_close_out(&s->card, s->voice_po);
-+ AUD_close_in(&s->card, s->voice_mc);
-+ AUD_remove_card(&s->card);
-+}
-+
- static int ac97_init (PCIBus *bus)
- {
- pci_create_simple (bus, -1, "AC97");
-@@ -1404,6 +1414,7 @@ static void ac97_class_init (ObjectClass *klass, void *data)
- PCIDeviceClass *k = PCI_DEVICE_CLASS (klass);
-
- k->realize = ac97_realize;
-+ k->exit = ac97_exit;
- k->vendor_id = PCI_VENDOR_ID_INTEL;
- k->device_id = PCI_DEVICE_ID_INTEL_82801AA_5;
- k->revision = 0x01;
---
-2.10.2
-
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-2.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-2.patch
deleted file mode 100644
index 6bbac58..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5525-2.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-From 069eb7b2b8fc47c7cb52e5a4af23ea98d939e3da Mon Sep 17 00:00:00 2001
-From: Li Qiang <liqiang6-s@360.cn>
-Date: Wed, 14 Dec 2016 18:32:22 -0800
-Subject: [PATCH] audio: es1370: add exit function
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Currently the es1370 device emulation doesn't have a exit function,
-hot unplug this device will leak some memory. Add a exit function to
-avoid this.
-
-Signed-off-by: Li Qiang <liqiang6-s@360.cn>
-Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
-Message-id: 585200c9.a968ca0a.1ab80.4c98@mx.google.com
-Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
----
- hw/audio/es1370.c | 14 ++++++++++++++
- 1 file changed, 14 insertions(+)
-
-diff --git a/hw/audio/es1370.c b/hw/audio/es1370.c
-index 8449b5f..883ec69 100644
---- a/hw/audio/es1370.c
-+++ b/hw/audio/es1370.c
-@@ -1041,6 +1041,19 @@ static void es1370_realize(PCIDevice *dev, Error **errp)
- es1370_reset (s);
- }
-
-+static void es1370_exit(PCIDevice *dev)
-+{
-+ ES1370State *s = ES1370(dev);
-+ int i;
-+
-+ for (i = 0; i < 2; ++i) {
-+ AUD_close_out(&s->card, s->dac_voice[i]);
-+ }
-+
-+ AUD_close_in(&s->card, s->adc_voice);
-+ AUD_remove_card(&s->card);
-+}
-+
- static int es1370_init (PCIBus *bus)
- {
- pci_create_simple (bus, -1, TYPE_ES1370);
-@@ -1053,6 +1066,7 @@ static void es1370_class_init (ObjectClass *klass, void *data)
- PCIDeviceClass *k = PCI_DEVICE_CLASS (klass);
-
- k->realize = es1370_realize;
-+ k->exit = es1370_exit;
- k->vendor_id = PCI_VENDOR_ID_ENSONIQ;
- k->device_id = PCI_DEVICE_ID_ENSONIQ_ES1370;
- k->class_id = PCI_CLASS_MULTIMEDIA_AUDIO;
---
-2.10.2
-
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5552.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5552.patch
deleted file mode 100644
index 9475f3f..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5552.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From 33243031dad02d161225ba99d782616da133f689 Mon Sep 17 00:00:00 2001
-From: Li Qiang <liq3ea@gmail.com>
-Date: Thu, 29 Dec 2016 03:11:26 -0500
-Subject: [PATCH] virtio-gpu-3d: fix memory leak in resource attach backing
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-If the virgl_renderer_resource_attach_iov function fails the
-'res_iovs' will be leaked. Add check of the return value to
-free the 'res_iovs' when failing.
-
-Signed-off-by: Li Qiang <liq3ea@gmail.com>
-Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
-Message-id: 1482999086-59795-1-git-send-email-liq3ea@gmail.com
-Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
----
- hw/display/virtio-gpu-3d.c | 7 +++++--
- 1 file changed, 5 insertions(+), 2 deletions(-)
-
-diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c
-index e29f099..b13ced3 100644
---- a/hw/display/virtio-gpu-3d.c
-+++ b/hw/display/virtio-gpu-3d.c
-@@ -291,8 +291,11 @@ static void virgl_resource_attach_backing(VirtIOGPU *g,
- return;
- }
-
-- virgl_renderer_resource_attach_iov(att_rb.resource_id,
-- res_iovs, att_rb.nr_entries);
-+ ret = virgl_renderer_resource_attach_iov(att_rb.resource_id,
-+ res_iovs, att_rb.nr_entries);
-+
-+ if (ret != 0)
-+ virtio_gpu_cleanup_mapping_iov(res_iovs, att_rb.nr_entries);
- }
-
- static void virgl_resource_detach_backing(VirtIOGPU *g,
---
-2.10.2
-
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5578.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5578.patch
deleted file mode 100644
index f93d1e7..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5578.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From 204f01b30975923c64006f8067f0937b91eea68b Mon Sep 17 00:00:00 2001
-From: Li Qiang <liq3ea@gmail.com>
-Date: Thu, 29 Dec 2016 04:28:41 -0500
-Subject: [PATCH] virtio-gpu: fix memory leak in resource attach backing
-
-In the resource attach backing function, everytime it will
-allocate 'res->iov' thus can leading a memory leak. This
-patch avoid this.
-
-Signed-off-by: Li Qiang <liq3ea@gmail.com>
-Message-id: 1483003721-65360-1-git-send-email-liq3ea@gmail.com
-Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
----
- hw/display/virtio-gpu.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c
-index 6a26258..ca88cf4 100644
---- a/hw/display/virtio-gpu.c
-+++ b/hw/display/virtio-gpu.c
-@@ -714,6 +714,11 @@ virtio_gpu_resource_attach_backing(VirtIOGPU *g,
- return;
- }
-
-+ if (res->iov) {
-+ cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC;
-+ return;
-+ }
-+
- ret = virtio_gpu_create_mapping_iov(&ab, cmd, &res->addrs, &res->iov);
- if (ret != 0) {
- cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC;
---
-2.10.2
-
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5579.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5579.patch
deleted file mode 100644
index e4572a8..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5579.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 8409dc884a201bf74b30a9d232b6bbdd00cb7e2b Mon Sep 17 00:00:00 2001
-From: Li Qiang <liqiang6-s@360.cn>
-Date: Wed, 4 Jan 2017 00:43:16 -0800
-Subject: [PATCH] serial: fix memory leak in serial exit
-
-The serial_exit_core function doesn't free some resources.
-This can lead memory leak when hotplug and unplug. This
-patch avoid this.
-
-Signed-off-by: Li Qiang <liqiang6-s@360.cn>
-Message-Id: <586cb5ab.f31d9d0a.38ac3.acf2@mx.google.com>
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
----
- hw/char/serial.c | 10 ++++++++++
- 1 file changed, 10 insertions(+)
-
-diff --git a/hw/char/serial.c b/hw/char/serial.c
-index ffbacd8..67b18ed 100644
---- a/hw/char/serial.c
-+++ b/hw/char/serial.c
-@@ -906,6 +906,16 @@ void serial_realize_core(SerialState *s, Error **errp)
- void serial_exit_core(SerialState *s)
- {
- qemu_chr_fe_deinit(&s->chr);
-+
-+ timer_del(s->modem_status_poll);
-+ timer_free(s->modem_status_poll);
-+
-+ timer_del(s->fifo_timeout_timer);
-+ timer_free(s->fifo_timeout_timer);
-+
-+ fifo8_destroy(&s->recv_fifo);
-+ fifo8_destroy(&s->xmit_fifo);
-+
- qemu_unregister_reset(serial_reset, s);
- }
-
---
-2.10.2
-
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5856.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5856.patch
deleted file mode 100644
index 2ebd49f..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5856.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-From 765a707000e838c30b18d712fe6cb3dd8e0435f3 Mon Sep 17 00:00:00 2001
-From: Paolo Bonzini <pbonzini@redhat.com>
-Date: Mon, 2 Jan 2017 11:03:33 +0100
-Subject: [PATCH] megasas: fix guest-triggered memory leak
-
-If the guest sets the sglist size to a value >=2GB, megasas_handle_dcmd
-will return MFI_STAT_MEMORY_NOT_AVAILABLE without freeing the memory.
-Avoid this by returning only the status from map_dcmd, and loading
-cmd->iov_size in the caller.
-
-Reported-by: Li Qiang <liqiang6-s@360.cn>
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
----
- hw/scsi/megasas.c | 11 ++++++-----
- 1 file changed, 6 insertions(+), 5 deletions(-)
-
-diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
-index 67fc1e7..6233865 100644
---- a/hw/scsi/megasas.c
-+++ b/hw/scsi/megasas.c
-@@ -683,14 +683,14 @@ static int megasas_map_dcmd(MegasasState *s, MegasasCmd *cmd)
- trace_megasas_dcmd_invalid_sge(cmd->index,
- cmd->frame->header.sge_count);
- cmd->iov_size = 0;
-- return -1;
-+ return -EINVAL;
- }
- iov_pa = megasas_sgl_get_addr(cmd, &cmd->frame->dcmd.sgl);
- iov_size = megasas_sgl_get_len(cmd, &cmd->frame->dcmd.sgl);
- pci_dma_sglist_init(&cmd->qsg, PCI_DEVICE(s), 1);
- qemu_sglist_add(&cmd->qsg, iov_pa, iov_size);
- cmd->iov_size = iov_size;
-- return cmd->iov_size;
-+ return 0;
- }
-
- static void megasas_finish_dcmd(MegasasCmd *cmd, uint32_t iov_size)
-@@ -1559,19 +1559,20 @@ static const struct dcmd_cmd_tbl_t {
-
- static int megasas_handle_dcmd(MegasasState *s, MegasasCmd *cmd)
- {
-- int opcode, len;
-+ int opcode;
- int retval = 0;
-+ size_t len;
- const struct dcmd_cmd_tbl_t *cmdptr = dcmd_cmd_tbl;
-
- opcode = le32_to_cpu(cmd->frame->dcmd.opcode);
- trace_megasas_handle_dcmd(cmd->index, opcode);
-- len = megasas_map_dcmd(s, cmd);
-- if (len < 0) {
-+ if (megasas_map_dcmd(s, cmd) < 0) {
- return MFI_STAT_MEMORY_NOT_AVAILABLE;
- }
- while (cmdptr->opcode != -1 && cmdptr->opcode != opcode) {
- cmdptr++;
- }
-+ len = cmd->iov_size;
- if (cmdptr->opcode == -1) {
- trace_megasas_dcmd_unhandled(cmd->index, opcode, len);
- retval = megasas_dcmd_dummy(s, cmd);
---
-2.10.2
-
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5857.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5857.patch
deleted file mode 100644
index 664a669..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5857.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-When the guest sends VIRTIO_GPU_CMD_RESOURCE_UNREF without detaching the
-backing storage beforehand (VIRTIO_GPU_CMD_RESOURCE_DETACH_BACKING)
-we'll leak memory.
-
-This patch fixes it for 3d mode, simliar to the 2d mode fix in commit
-"b8e2392 virtio-gpu: call cleanup mapping function in resource destroy".
-
-Reported-by: 李强 <address@hidden>
-Signed-off-by: Gerd Hoffmann <address@hidden>
----
- hw/display/virtio-gpu-3d.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c
-index f96a0c2..ecb09d1 100644
---- a/hw/display/virtio-gpu-3d.c
-+++ b/hw/display/virtio-gpu-3d.c
-@@ -77,10 +77,18 @@ static void virgl_cmd_resource_unref(VirtIOGPU *g,
- struct virtio_gpu_ctrl_command *cmd)
- {
- struct virtio_gpu_resource_unref unref;
-+ struct iovec *res_iovs = NULL;
-+ int num_iovs = 0;
-
- VIRTIO_GPU_FILL_CMD(unref);
- trace_virtio_gpu_cmd_res_unref(unref.resource_id);
-
-+ virgl_renderer_resource_detach_iov(unref.resource_id,
-+ &res_iovs,
-+ &num_iovs);
-+ if (res_iovs != NULL && num_iovs != 0) {
-+ virtio_gpu_cleanup_mapping_iov(res_iovs, num_iovs);
-+ }
- virgl_renderer_resource_unref(unref.resource_id);
- }
-
---
-1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5898.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5898.patch
deleted file mode 100644
index 9f94477..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5898.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From c7dfbf322595ded4e70b626bf83158a9f3807c6a Mon Sep 17 00:00:00 2001
-From: Prasad J Pandit <pjp@fedoraproject.org>
-Date: Fri, 3 Feb 2017 00:52:28 +0530
-Subject: [PATCH] usb: ccid: check ccid apdu length
-
-CCID device emulator uses Application Protocol Data Units(APDU)
-to exchange command and responses to and from the host.
-The length in these units couldn't be greater than 65536. Add
-check to ensure the same. It'd also avoid potential integer
-overflow in emulated_apdu_from_guest.
-
-Reported-by: Li Qiang <liqiang6-s@360.cn>
-Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
-Message-id: 20170202192228.10847-1-ppandit@redhat.com
-Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
----
- hw/usb/dev-smartcard-reader.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/hw/usb/dev-smartcard-reader.c b/hw/usb/dev-smartcard-reader.c
-index 89e11b6..1325ea1 100644
---- a/hw/usb/dev-smartcard-reader.c
-+++ b/hw/usb/dev-smartcard-reader.c
-@@ -967,7 +967,7 @@ static void ccid_on_apdu_from_guest(USBCCIDState *s, CCID_XferBlock *recv)
- DPRINTF(s, 1, "%s: seq %d, len %d\n", __func__,
- recv->hdr.bSeq, len);
- ccid_add_pending_answer(s, (CCID_Header *)recv);
-- if (s->card) {
-+ if (s->card && len <= BULK_OUT_DATA_SIZE) {
- ccid_card_apdu_from_guest(s->card, recv->abData, len);
- } else {
- DPRINTF(s, D_WARN, "warning: discarded apdu\n");
---
-2.10.2
-
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5973.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5973.patch
deleted file mode 100644
index 50ff3c9..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5973.patch
+++ /dev/null
@@ -1,87 +0,0 @@
-Limits should be big enough that normal guest should not hit it.
-Add a tracepoint to log them, just in case. Also, while being
-at it, log the existing link trb limit too.
-
-Reported-by: 李强 <address@hidden>
-Signed-off-by: Gerd Hoffmann <address@hidden>
----
- hw/usb/hcd-xhci.c | 15 ++++++++++++++-
- hw/usb/trace-events | 1 +
- 2 files changed, 15 insertions(+), 1 deletion(-)
-
-diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
-index fbf8a8b..28dd2f2 100644
---- a/hw/usb/hcd-xhci.c
-+++ b/hw/usb/hcd-xhci.c
-@@ -51,6 +51,8 @@
- #define EV_QUEUE (((3 * 24) + 16) * MAXSLOTS)
-
- #define TRB_LINK_LIMIT 4
-+#define COMMAND_LIMIT 256
-+#define TRANSFER_LIMIT 256
-
- #define LEN_CAP 0x40
- #define LEN_OPER (0x400 + 0x10 * MAXPORTS)
-@@ -943,6 +945,7 @@ static TRBType xhci_ring_fetch(XHCIState *xhci, XHCIRing *ring, XHCITRB *trb,
- return type;
- } else {
- if (++link_cnt > TRB_LINK_LIMIT) {
-+ trace_usb_xhci_enforced_limit("trb-link");
- return 0;
- }
- ring->dequeue = xhci_mask64(trb->parameter);
-@@ -2060,6 +2063,7 @@ static void xhci_kick_epctx(XHCIEPContext *epctx, unsigned int streamid)
- XHCIRing *ring;
- USBEndpoint *ep = NULL;
- uint64_t mfindex;
-+ unsigned int count = 0;
- int length;
- int i;
-
-@@ -2172,6 +2176,10 @@ static void xhci_kick_epctx(XHCIEPContext *epctx, unsigned int streamid)
- epctx->retry = xfer;
- break;
- }
-+ if (count++ > TRANSFER_LIMIT) {
-+ trace_usb_xhci_enforced_limit("transfers");
-+ break;
-+ }
- }
- epctx->kick_active--;
-
-@@ -2618,7 +2626,7 @@ static void xhci_process_commands(XHCIState *xhci)
- TRBType type;
- XHCIEvent event = {ER_COMMAND_COMPLETE, CC_SUCCESS};
- dma_addr_t addr;
-- unsigned int i, slotid = 0;
-+ unsigned int i, slotid = 0, count = 0;
-
- DPRINTF("xhci_process_commands()\n");
- if (!xhci_running(xhci)) {
-@@ -2735,6 +2743,11 @@ static void xhci_process_commands(XHCIState *xhci)
- }
- event.slotid = slotid;
- xhci_event(xhci, &event, 0);
-+
-+ if (count++ > COMMAND_LIMIT) {
-+ trace_usb_xhci_enforced_limit("commands");
-+ return;
-+ }
- }
- }
-
-diff --git a/hw/usb/trace-events b/hw/usb/trace-events
-index fdd1d29..0c323d4 100644
---- a/hw/usb/trace-events
-+++ b/hw/usb/trace-events
-@@ -174,6 +174,7 @@ usb_xhci_xfer_retry(void *xfer) "%p"
- usb_xhci_xfer_success(void *xfer, uint32_t bytes) "%p: len %d"
- usb_xhci_xfer_error(void *xfer, uint32_t ret) "%p: ret %d"
- usb_xhci_unimplemented(const char *item, int nr) "%s (0x%x)"
-+usb_xhci_enforced_limit(const char *item) "%s"
-
- # hw/usb/desc.c
- usb_desc_device(int addr, int len, int ret) "dev %d query device, len %d, ret %d"
---
-1.8.3.1
-
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5987.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5987.patch
deleted file mode 100644
index bfde2e9..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-5987.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-From: Prasad J Pandit <address@hidden>
-
-In the SDHCI protocol, the transfer mode register value
-is used during multi block transfer to check if block count
-register is enabled and should be updated. Transfer mode
-register could be set such that, block count register would
-not be updated, thus leading to an infinite loop. Add check
-to avoid it.
-
-Reported-by: Wjjzhang <address@hidden>
-Reported-by: Jiang Xin <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- hw/sd/sdhci.c | 10 +++++-----
- 1 file changed, 5 insertions(+), 5 deletions(-)
-
-Update: use qemu_log_mask(LOG_UNIMP, ...)
- -> https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg02354.html
-
-diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c
-index 5bd5ab6..a9c744b 100644
---- a/hw/sd/sdhci.c
-+++ b/hw/sd/sdhci.c
-@@ -486,6 +486,11 @@ static void sdhci_sdma_transfer_multi_blocks(SDHCIState *s)
- uint32_t boundary_chk = 1 << (((s->blksize & 0xf000) >> 12) + 12);
- uint32_t boundary_count = boundary_chk - (s->sdmasysad % boundary_chk);
-
-+ if (!(s->trnmod & SDHC_TRNS_BLK_CNT_EN) || !s->blkcnt) {
-+ qemu_log_mask(LOG_UNIMP, "infinite transfer is not supported\n");
-+ return;
-+ }
-+
- /* XXX: Some sd/mmc drivers (for example, u-boot-slp) do not account for
- * possible stop at page boundary if initial address is not page aligned,
- * allow them to work properly */
-@@ -797,11 +802,6 @@ static void sdhci_data_transfer(void *opaque)
- if (s->trnmod & SDHC_TRNS_DMA) {
- switch (SDHC_DMA_TYPE(s->hostctl)) {
- case SDHC_CTRL_SDMA:
-- if ((s->trnmod & SDHC_TRNS_MULTI) &&
-- (!(s->trnmod & SDHC_TRNS_BLK_CNT_EN) || s->blkcnt == 0)) {
-- break;
-- }
--
- if ((s->blkcnt == 1) || !(s->trnmod & SDHC_TRNS_MULTI)) {
- sdhci_sdma_transfer_single_block(s);
- } else {
---
-2.9.3
-
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-6505.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-6505.patch
deleted file mode 100644
index a15aa96..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-6505.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-From 95ed56939eb2eaa4e2f349fe6dcd13ca4edfd8fb Mon Sep 17 00:00:00 2001
-From: Li Qiang <liqiang6-s@360.cn>
-Date: Tue, 7 Feb 2017 02:23:33 -0800
-Subject: [PATCH] usb: ohci: limit the number of link eds
-
-The guest may builds an infinite loop with link eds. This patch
-limit the number of linked ed to avoid this.
-
-Signed-off-by: Li Qiang <liqiang6-s@360.cn>
-Message-id: 5899a02e.45ca240a.6c373.93c1@mx.google.com
-Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
----
- hw/usb/hcd-ohci.c | 9 ++++++++-
- 1 file changed, 8 insertions(+), 1 deletion(-)
-
-diff --git a/hw/usb/hcd-ohci.c b/hw/usb/hcd-ohci.c
-index 2cba3e3..21c93e0 100644
---- a/hw/usb/hcd-ohci.c
-+++ b/hw/usb/hcd-ohci.c
-@@ -42,6 +42,8 @@
-
- #define OHCI_MAX_PORTS 15
-
-+#define ED_LINK_LIMIT 4
-+
- static int64_t usb_frame_time;
- static int64_t usb_bit_time;
-
-@@ -1184,7 +1186,7 @@ static int ohci_service_ed_list(OHCIState *ohci, uint32_t head, int completion)
- uint32_t next_ed;
- uint32_t cur;
- int active;
--
-+ uint32_t link_cnt = 0;
- active = 0;
-
- if (head == 0)
-@@ -1199,6 +1201,11 @@ static int ohci_service_ed_list(OHCIState *ohci, uint32_t head, int completion)
-
- next_ed = ed.next & OHCI_DPTR_MASK;
-
-+ if (++link_cnt > ED_LINK_LIMIT) {
-+ ohci_die(ohci);
-+ return 0;
-+ }
-+
- if ((ed.head & OHCI_ED_H) || (ed.flags & OHCI_ED_K)) {
- uint32_t addr;
- /* Cancel pending packets for ED that have been paused. */
---
-2.10.2
-
diff --git a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-7377.patch b/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-7377.patch
deleted file mode 100644
index f2d317c..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-CVE-2017-7377.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From d63fb193e71644a073b77ff5ac6f1216f2f6cf6e Mon Sep 17 00:00:00 2001
-From: Li Qiang <liq3ea@gmail.com>
-Date: Mon, 27 Mar 2017 21:13:19 +0200
-Subject: [PATCH] 9pfs: fix file descriptor leak
-
-The v9fs_create() and v9fs_lcreate() functions are used to create a file
-on the backend and to associate it to a fid. The fid shouldn't be already
-in-use, otherwise both functions may silently leak a file descriptor or
-allocated memory. The current code doesn't check that.
-
-This patch ensures that the fid isn't already associated to anything
-before using it.
-
-Signed-off-by: Li Qiang <liqiang6-s@360.cn>
-(reworded the changelog, Greg Kurz)
-Signed-off-by: Greg Kurz <groug@kaod.org>
----
- hw/9pfs/9p.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
-index b8c0b99..48babce 100644
---- a/hw/9pfs/9p.c
-+++ b/hw/9pfs/9p.c
-@@ -1550,6 +1550,10 @@ static void coroutine_fn v9fs_lcreate(void *opaque)
- err = -ENOENT;
- goto out_nofid;
- }
-+ if (fidp->fid_type != P9_FID_NONE) {
-+ err = -EINVAL;
-+ goto out;
-+ }
-
- flags = get_dotl_openflags(pdu->s, flags);
- err = v9fs_co_open2(pdu, fidp, &name, gid,
-@@ -2153,6 +2157,10 @@ static void coroutine_fn v9fs_create(void *opaque)
- err = -EINVAL;
- goto out_nofid;
- }
-+ if (fidp->fid_type != P9_FID_NONE) {
-+ err = -EINVAL;
-+ goto out;
-+ }
- if (perm & P9_STAT_MODE_DIR) {
- err = v9fs_co_mkdir(pdu, fidp, &name, perm & 0777,
- fidp->uid, -1, &stbuf);
---
-2.10.2
-
diff --git a/app-emulation/qemu/files/qemu-2.8.1-CVE-2017-7471.patch b/app-emulation/qemu/files/qemu-2.8.1-CVE-2017-7471.patch
deleted file mode 100644
index c5366f5..0000000
--- a/app-emulation/qemu/files/qemu-2.8.1-CVE-2017-7471.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-From 9c6b899f7a46893ab3b671e341a2234e9c0c060e Mon Sep 17 00:00:00 2001
-From: Greg Kurz <groug@kaod.org>
-Date: Mon, 17 Apr 2017 10:53:23 +0200
-Subject: [PATCH] 9pfs: local: set the path of the export root to "."
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The local backend was recently converted to using "at*()" syscalls in order
-to ensure all accesses happen below the shared directory. This requires that
-we only pass relative paths, otherwise the dirfd argument to the "at*()"
-syscalls is ignored and the path is treated as an absolute path in the host.
-This is actually the case for paths in all fids, with the notable exception
-of the root fid, whose path is "/". This causes the following backend ops to
-act on the "/" directory of the host instead of the virtfs shared directory
-when the export root is involved:
-- lstat
-- chmod
-- chown
-- utimensat
-
-ie, chmod /9p_mount_point in the guest will be converted to chmod / in the
-host for example. This could cause security issues with a privileged QEMU.
-
-All "*at()" syscalls are being passed an open file descriptor. In the case
-of the export root, this file descriptor points to the path in the host that
-was passed to -fsdev.
-
-The fix is thus as simple as changing the path of the export root fid to be
-"." instead of "/".
-
-This is CVE-2017-7471.
-
-Cc: qemu-stable@nongnu.org
-Reported-by: Léo Gaspard <leo@gaspard.io>
-Signed-off-by: Greg Kurz <groug@kaod.org>
-Reviewed-by: Eric Blake <eblake@redhat.com>
-Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
----
- hw/9pfs/9p-local.c | 7 ++++++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
-index 45e9a1f..f3ebca4 100644
---- a/hw/9pfs/9p-local.c
-+++ b/hw/9pfs/9p-local.c
-@@ -1098,8 +1098,13 @@ static int local_name_to_path(FsContext *ctx, V9fsPath *dir_path,
- {
- if (dir_path) {
- v9fs_path_sprintf(target, "%s/%s", dir_path->data, name);
-- } else {
-+ } else if (strcmp(name, "/")) {
- v9fs_path_sprintf(target, "%s", name);
-+ } else {
-+ /* We want the path of the export root to be relative, otherwise
-+ * "*at()" syscalls would treat it as "/" in the host.
-+ */
-+ v9fs_path_sprintf(target, "%s", ".");
- }
- return 0;
- }
---
-2.10.2
-
diff --git a/app-emulation/qemu/files/qemu-2.8.1-CVE-2017-8086.patch b/app-emulation/qemu/files/qemu-2.8.1-CVE-2017-8086.patch
deleted file mode 100644
index eac72f3..0000000
--- a/app-emulation/qemu/files/qemu-2.8.1-CVE-2017-8086.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From 4ffcdef4277a91af15a3c09f7d16af072c29f3f2 Mon Sep 17 00:00:00 2001
-From: Li Qiang <liq3ea@gmail.com>
-Date: Fri, 7 Apr 2017 03:48:52 -0700
-Subject: [PATCH] 9pfs: xattr: fix memory leak in v9fs_list_xattr
-
-Free 'orig_value' in error path.
-
-Signed-off-by: Li Qiang <liqiang6-s@360.cn>
-Signed-off-by: Greg Kurz <groug@kaod.org>
----
- hw/9pfs/9p-xattr.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/hw/9pfs/9p-xattr.c b/hw/9pfs/9p-xattr.c
-index eec160b..d05c1a1 100644
---- a/hw/9pfs/9p-xattr.c
-+++ b/hw/9pfs/9p-xattr.c
-@@ -108,6 +108,7 @@ ssize_t v9fs_list_xattr(FsContext *ctx, const char *path,
- g_free(name);
- close_preserve_errno(dirfd);
- if (xattr_len < 0) {
-+ g_free(orig_value);
- return -1;
- }
-
---
-2.10.2
-
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-10664.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-10664.patch
new file mode 100644
index 0000000..7db0692
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-10664.patch
@@ -0,0 +1,47 @@
+From 041e32b8d9d076980b4e35317c0339e57ab888f1 Mon Sep 17 00:00:00 2001
+From: Max Reitz <mreitz@redhat.com>
+Date: Sun, 11 Jun 2017 14:37:14 +0200
+Subject: [PATCH] qemu-nbd: Ignore SIGPIPE
+
+qemu proper has done so for 13 years
+(8a7ddc38a60648257dc0645ab4a05b33d6040063), qemu-img and qemu-io have
+done so for four years (526eda14a68d5b3596be715505289b541288ef2a).
+Ignoring this signal is especially important in qemu-nbd because
+otherwise a client can easily take down the qemu-nbd server by dropping
+the connection when the server wants to send something, for example:
+
+$ qemu-nbd -x foo -f raw -t null-co:// &
+[1] 12726
+$ qemu-io -c quit nbd://localhost/bar
+can't open device nbd://localhost/bar: No export with name 'bar' available
+[1] + 12726 broken pipe qemu-nbd -x foo -f raw -t null-co://
+
+In this case, the client sends an NBD_OPT_ABORT and closes the
+connection (because it is not required to wait for a reply), but the
+server replies with an NBD_REP_ACK (because it is required to reply).
+
+Signed-off-by: Max Reitz <mreitz@redhat.com>
+Message-Id: <20170611123714.31292-1-mreitz@redhat.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+---
+ qemu-nbd.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/qemu-nbd.c b/qemu-nbd.c
+index 9464a0461c..4dd3fd4732 100644
+--- a/qemu-nbd.c
++++ b/qemu-nbd.c
+@@ -581,6 +581,10 @@ int main(int argc, char **argv)
+ sa_sigterm.sa_handler = termsig_handler;
+ sigaction(SIGTERM, &sa_sigterm, NULL);
+
++#ifdef CONFIG_POSIX
++ signal(SIGPIPE, SIG_IGN);
++#endif
++
+ module_call_init(MODULE_INIT_TRACE);
+ qcrypto_init(&error_fatal);
+
+--
+2.13.0
+
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-10806.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-10806.patch
new file mode 100644
index 0000000..0074f5f
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-10806.patch
@@ -0,0 +1,50 @@
+From bd4a683505b27adc1ac809f71e918e58573d851d Mon Sep 17 00:00:00 2001
+From: Gerd Hoffmann <kraxel@redhat.com>
+Date: Tue, 9 May 2017 13:01:28 +0200
+Subject: [PATCH] usb-redir: fix stack overflow in usbredir_log_data
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Don't reinvent a broken wheel, just use the hexdump function we have.
+
+Impact: low, broken code doesn't run unless you have debug logging
+enabled.
+
+Reported-by: 李强 <liqiang6-s@360.cn>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+Message-id: 20170509110128.27261-1-kraxel@redhat.com
+---
+ hw/usb/redirect.c | 13 +------------
+ 1 file changed, 1 insertion(+), 12 deletions(-)
+
+diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c
+index b001a27f05..ad5ef783a6 100644
+--- a/hw/usb/redirect.c
++++ b/hw/usb/redirect.c
+@@ -229,21 +229,10 @@ static void usbredir_log(void *priv, int level, const char *msg)
+ static void usbredir_log_data(USBRedirDevice *dev, const char *desc,
+ const uint8_t *data, int len)
+ {
+- int i, j, n;
+-
+ if (dev->debug < usbredirparser_debug_data) {
+ return;
+ }
+-
+- for (i = 0; i < len; i += j) {
+- char buf[128];
+-
+- n = sprintf(buf, "%s", desc);
+- for (j = 0; j < 8 && i + j < len; j++) {
+- n += sprintf(buf + n, " %02X", data[i + j]);
+- }
+- error_report("%s", buf);
+- }
++ qemu_hexdump((char *)data, stderr, desc, len);
+ }
+
+ /*
+--
+2.13.0
+
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-11334.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-11334.patch
new file mode 100644
index 0000000..bfe4c7d
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-11334.patch
@@ -0,0 +1,40 @@
+[Qemu-devel] [PULL 21/41] exec: use qemu_ram_ptr_length to access guest
+From: Prasad J Pandit <address@hidden>
+
+When accessing guest's ram block during DMA operation, use
+'qemu_ram_ptr_length' to get ram block pointer. It ensures
+that DMA operation of given length is possible; And avoids
+any OOB memory access situations.
+
+Reported-by: Alex <address@hidden>
+Signed-off-by: Prasad J Pandit <address@hidden>
+Message-Id: <address@hidden>
+Signed-off-by: Paolo Bonzini <address@hidden>
+---
+ exec.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/exec.c b/exec.c
+index a083ff8..ad103ce 100644
+--- a/exec.c
++++ b/exec.c
+@@ -2929,7 +2929,7 @@ static MemTxResult address_space_write_continue(AddressSpace *as, hwaddr addr,
+ }
+ } else {
+ /* RAM case */
+- ptr = qemu_map_ram_ptr(mr->ram_block, addr1);
++ ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l);
+ memcpy(ptr, buf, l);
+ invalidate_and_set_dirty(mr, addr1, l);
+ }
+@@ -3020,7 +3020,7 @@ MemTxResult address_space_read_continue(AddressSpace *as, hwaddr addr,
+ }
+ } else {
+ /* RAM case */
+- ptr = qemu_map_ram_ptr(mr->ram_block, addr1);
++ ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l);
+ memcpy(buf, ptr, l);
+ }
+
+--
+1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-11434.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-11434.patch
new file mode 100644
index 0000000..5d32067
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-11434.patch
@@ -0,0 +1,29 @@
+[Qemu-devel] [PATCH] slirp: check len against dhcp options array end
+From: Prasad J Pandit <address@hidden>
+
+While parsing dhcp options string in 'dhcp_decode', if an options'
+length 'len' appeared towards the end of 'bp_vend' array, ensuing
+read could lead to an OOB memory access issue. Add check to avoid it.
+
+Reported-by: Reno Robert <address@hidden>
+Signed-off-by: Prasad J Pandit <address@hidden>
+---
+ slirp/bootp.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/slirp/bootp.c b/slirp/bootp.c
+index 5a4646c..5dd1a41 100644
+--- a/slirp/bootp.c
++++ b/slirp/bootp.c
+@@ -123,6 +123,9 @@ static void dhcp_decode(const struct bootp_t *bp, int *pmsg_type,
+ if (p >= p_end)
+ break;
+ len = *p++;
++ if (p + len > p_end) {
++ break;
++ }
+ DPRINTF("dhcp: tag=%d len=%d\n", tag, len);
+
+ switch(tag) {
+--
+2.9.4
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-7539.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-7539.patch
new file mode 100644
index 0000000..3af1697
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-7539.patch
@@ -0,0 +1,601 @@
+From 2b0bbc4f8809c972bad134bc1a2570dbb01dea0b Mon Sep 17 00:00:00 2001
+From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
+Date: Fri, 2 Jun 2017 18:01:41 +0300
+Subject: [PATCH] nbd/server: get rid of nbd_negotiate_read and friends
+
+Functions nbd_negotiate_{read,write,drop_sync} were introduced in
+1a6245a5b, when nbd_rwv (was nbd_wr_sync) was working through
+qemu_co_sendv_recvv (the path is nbd_wr_sync -> qemu_co_{recv/send} ->
+qemu_co_send_recv -> qemu_co_sendv_recvv), which just yields, without
+setting any handlers. But starting from ff82911cd nbd_rwv (was
+nbd_wr_syncv) works through qio_channel_yield() which sets handlers, so
+watchers are redundant in nbd_negotiate_{read,write,drop_sync}, then,
+let's just use nbd_{read,write,drop} functions.
+
+Functions nbd_{read,write,drop} has errp parameter, which is unused in
+this patch. This will be fixed later.
+
+Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
+Reviewed-by: Eric Blake <eblake@redhat.com>
+Message-Id: <20170602150150.258222-4-vsementsov@virtuozzo.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+---
+ nbd/server.c | 107 ++++++++++++-----------------------------------------------
+ 1 file changed, 22 insertions(+), 85 deletions(-)
+
+diff --git a/nbd/client.c b/nbd/client.c
+index a58fb02..6b74a62 100644
+--- a/nbd/client.c
++++ b/nbd/client.c
+@@ -86,9 +86,9 @@ static QTAILQ_HEAD(, NBDExport) exports = QTAILQ_HEAD_INITIALIZER(exports);
+
+ */
+
+-/* Discard length bytes from channel. Return -errno on failure, or
+- * the amount of bytes consumed. */
+-static ssize_t drop_sync(QIOChannel *ioc, size_t size)
++/* Discard length bytes from channel. Return -errno on failure and 0 on
++ * success*/
++static int drop_sync(QIOChannel *ioc, size_t size)
+ {
+ ssize_t ret = 0;
+ char small[1024];
+@@ -96,14 +96,13 @@ static ssize_t drop_sync(QIOChannel *ioc, size_t size)
+
+ buffer = sizeof(small) >= size ? small : g_malloc(MIN(65536, size));
+ while (size > 0) {
+- ssize_t count = read_sync(ioc, buffer, MIN(65536, size));
++ ssize_t count = MIN(65536, size);
++ ret = read_sync(ioc, buffer, MIN(65536, size));
+
+- if (count <= 0) {
++ if (ret < 0) {
+ goto cleanup;
+ }
+- assert(count <= size);
+ size -= count;
+- ret += count;
+ }
+
+ cleanup:
+@@ -136,12 +135,12 @@ static int nbd_send_option_request(QIOChannel *ioc, uint32_t opt,
+ stl_be_p(&req.option, opt);
+ stl_be_p(&req.length, len);
+
+- if (write_sync(ioc, &req, sizeof(req)) != sizeof(req)) {
++ if (write_sync(ioc, &req, sizeof(req)) < 0) {
+ error_setg(errp, "Failed to send option request header");
+ return -1;
+ }
+
+- if (len && write_sync(ioc, (char *) data, len) != len) {
++ if (len && write_sync(ioc, (char *) data, len) < 0) {
+ error_setg(errp, "Failed to send option request data");
+ return -1;
+ }
+@@ -170,7 +169,7 @@ static int nbd_receive_option_reply(QIOChannel *ioc, uint32_t opt,
+ nbd_opt_reply *reply, Error **errp)
+ {
+ QEMU_BUILD_BUG_ON(sizeof(*reply) != 20);
+- if (read_sync(ioc, reply, sizeof(*reply)) != sizeof(*reply)) {
++ if (read_sync(ioc, reply, sizeof(*reply)) < 0) {
+ error_setg(errp, "failed to read option reply");
+ nbd_send_opt_abort(ioc);
+ return -1;
+@@ -219,7 +218,7 @@ static int nbd_handle_reply_err(QIOChannel *ioc, nbd_opt_reply *reply,
+ goto cleanup;
+ }
+ msg = g_malloc(reply->length + 1);
+- if (read_sync(ioc, msg, reply->length) != reply->length) {
++ if (read_sync(ioc, msg, reply->length) < 0) {
+ error_setg(errp, "failed to read option error message");
+ goto cleanup;
+ }
+@@ -321,7 +320,7 @@ static int nbd_receive_list(QIOChannel *ioc, const char *want, bool *match,
+ nbd_send_opt_abort(ioc);
+ return -1;
+ }
+- if (read_sync(ioc, &namelen, sizeof(namelen)) != sizeof(namelen)) {
++ if (read_sync(ioc, &namelen, sizeof(namelen)) < 0) {
+ error_setg(errp, "failed to read option name length");
+ nbd_send_opt_abort(ioc);
+ return -1;
+@@ -334,7 +333,7 @@ static int nbd_receive_list(QIOChannel *ioc, const char *want, bool *match,
+ return -1;
+ }
+ if (namelen != strlen(want)) {
+- if (drop_sync(ioc, len) != len) {
++ if (drop_sync(ioc, len) < 0) {
+ error_setg(errp, "failed to skip export name with wrong length");
+ nbd_send_opt_abort(ioc);
+ return -1;
+@@ -343,14 +342,14 @@ static int nbd_receive_list(QIOChannel *ioc, const char *want, bool *match,
+ }
+
+ assert(namelen < sizeof(name));
+- if (read_sync(ioc, name, namelen) != namelen) {
++ if (read_sync(ioc, name, namelen) < 0) {
+ error_setg(errp, "failed to read export name");
+ nbd_send_opt_abort(ioc);
+ return -1;
+ }
+ name[namelen] = '\0';
+ len -= namelen;
+- if (drop_sync(ioc, len) != len) {
++ if (drop_sync(ioc, len) < 0) {
+ error_setg(errp, "failed to read export description");
+ nbd_send_opt_abort(ioc);
+ return -1;
+@@ -477,7 +476,7 @@ int nbd_receive_negotiate(QIOChannel *ioc, const char *name, uint16_t *flags,
+ goto fail;
+ }
+
+- if (read_sync(ioc, buf, 8) != 8) {
++ if (read_sync(ioc, buf, 8) < 0) {
+ error_setg(errp, "Failed to read data");
+ goto fail;
+ }
+@@ -503,7 +502,7 @@ int nbd_receive_negotiate(QIOChannel *ioc, const char *name, uint16_t *flags,
+ goto fail;
+ }
+
+- if (read_sync(ioc, &magic, sizeof(magic)) != sizeof(magic)) {
++ if (read_sync(ioc, &magic, sizeof(magic)) < 0) {
+ error_setg(errp, "Failed to read magic");
+ goto fail;
+ }
+@@ -515,8 +514,7 @@ int nbd_receive_negotiate(QIOChannel *ioc, const char *name, uint16_t *flags,
+ uint16_t globalflags;
+ bool fixedNewStyle = false;
+
+- if (read_sync(ioc, &globalflags, sizeof(globalflags)) !=
+- sizeof(globalflags)) {
++ if (read_sync(ioc, &globalflags, sizeof(globalflags)) < 0) {
+ error_setg(errp, "Failed to read server flags");
+ goto fail;
+ }
+@@ -534,8 +532,7 @@ int nbd_receive_negotiate(QIOChannel *ioc, const char *name, uint16_t *flags,
+ }
+ /* client requested flags */
+ clientflags = cpu_to_be32(clientflags);
+- if (write_sync(ioc, &clientflags, sizeof(clientflags)) !=
+- sizeof(clientflags)) {
++ if (write_sync(ioc, &clientflags, sizeof(clientflags)) < 0) {
+ error_setg(errp, "Failed to send clientflags field");
+ goto fail;
+ }
+@@ -573,13 +570,13 @@ int nbd_receive_negotiate(QIOChannel *ioc, const char *name, uint16_t *flags,
+ }
+
+ /* Read the response */
+- if (read_sync(ioc, &s, sizeof(s)) != sizeof(s)) {
++ if (read_sync(ioc, &s, sizeof(s)) < 0) {
+ error_setg(errp, "Failed to read export length");
+ goto fail;
+ }
+ *size = be64_to_cpu(s);
+
+- if (read_sync(ioc, flags, sizeof(*flags)) != sizeof(*flags)) {
++ if (read_sync(ioc, flags, sizeof(*flags)) < 0) {
+ error_setg(errp, "Failed to read export flags");
+ goto fail;
+ }
+@@ -596,14 +593,14 @@ int nbd_receive_negotiate(QIOChannel *ioc, const char *name, uint16_t *flags,
+ goto fail;
+ }
+
+- if (read_sync(ioc, &s, sizeof(s)) != sizeof(s)) {
++ if (read_sync(ioc, &s, sizeof(s)) < 0) {
+ error_setg(errp, "Failed to read export length");
+ goto fail;
+ }
+ *size = be64_to_cpu(s);
+ TRACE("Size is %" PRIu64, *size);
+
+- if (read_sync(ioc, &oldflags, sizeof(oldflags)) != sizeof(oldflags)) {
++ if (read_sync(ioc, &oldflags, sizeof(oldflags)) < 0) {
+ error_setg(errp, "Failed to read export flags");
+ goto fail;
+ }
+@@ -619,7 +616,7 @@ int nbd_receive_negotiate(QIOChannel *ioc, const char *name, uint16_t *flags,
+ }
+
+ TRACE("Size is %" PRIu64 ", export flags %" PRIx16, *size, *flags);
+- if (zeroes && drop_sync(ioc, 124) != 124) {
++ if (zeroes && drop_sync(ioc, 124) < 0) {
+ error_setg(errp, "Failed to read reserved block");
+ goto fail;
+ }
+@@ -744,7 +741,6 @@ int nbd_disconnect(int fd)
+ ssize_t nbd_send_request(QIOChannel *ioc, NBDRequest *request)
+ {
+ uint8_t buf[NBD_REQUEST_SIZE];
+- ssize_t ret;
+
+ TRACE("Sending request to server: "
+ "{ .from = %" PRIu64", .len = %" PRIu32 ", .handle = %" PRIu64
+@@ -759,16 +755,7 @@ ssize_t nbd_send_request(QIOChannel *ioc, NBDRequest *request)
+ stq_be_p(buf + 16, request->from);
+ stl_be_p(buf + 24, request->len);
+
+- ret = write_sync(ioc, buf, sizeof(buf));
+- if (ret < 0) {
+- return ret;
+- }
+-
+- if (ret != sizeof(buf)) {
+- LOG("writing to socket failed");
+- return -EINVAL;
+- }
+- return 0;
++ return write_sync(ioc, buf, sizeof(buf));
+ }
+
+ ssize_t nbd_receive_reply(QIOChannel *ioc, NBDReply *reply)
+@@ -777,7 +764,7 @@ ssize_t nbd_receive_reply(QIOChannel *ioc, NBDReply *reply)
+ uint32_t magic;
+ ssize_t ret;
+
+- ret = read_sync(ioc, buf, sizeof(buf));
++ ret = read_sync_eof(ioc, buf, sizeof(buf));
+ if (ret <= 0) {
+ return ret;
+ }
+diff --git a/nbd/nbd-internal.h b/nbd/nbd-internal.h
+index f43d990..e6bbc7c 100644
+--- a/nbd/nbd-internal.h
++++ b/nbd/nbd-internal.h
+@@ -94,7 +94,13 @@
+ #define NBD_ENOSPC 28
+ #define NBD_ESHUTDOWN 108
+
+-static inline ssize_t read_sync(QIOChannel *ioc, void *buffer, size_t size)
++/* read_sync_eof
++ * Tries to read @size bytes from @ioc. Returns number of bytes actually read.
++ * May return a value >= 0 and < size only on EOF, i.e. when iteratively called
++ * qio_channel_readv() returns 0. So, there are no needs to call read_sync_eof
++ * iteratively.
++ */
++static inline ssize_t read_sync_eof(QIOChannel *ioc, void *buffer, size_t size)
+ {
+ struct iovec iov = { .iov_base = buffer, .iov_len = size };
+ /* Sockets are kept in blocking mode in the negotiation phase. After
+@@ -105,12 +111,32 @@ static inline ssize_t read_sync(QIOChannel *ioc, void *buffer, size_t size)
+ return nbd_wr_syncv(ioc, &iov, 1, size, true);
+ }
+
+-static inline ssize_t write_sync(QIOChannel *ioc, const void *buffer,
+- size_t size)
++/* read_sync
++ * Reads @size bytes from @ioc. Returns 0 on success.
++ */
++static inline int read_sync(QIOChannel *ioc, void *buffer, size_t size)
++{
++ ssize_t ret = read_sync_eof(ioc, buffer, size);
++
++ if (ret >= 0 && ret != size) {
++ ret = -EINVAL;
++ }
++
++ return ret < 0 ? ret : 0;
++}
++
++/* write_sync
++ * Writes @size bytes to @ioc. Returns 0 on success.
++ */
++static inline int write_sync(QIOChannel *ioc, const void *buffer, size_t size)
+ {
+ struct iovec iov = { .iov_base = (void *) buffer, .iov_len = size };
+
+- return nbd_wr_syncv(ioc, &iov, 1, size, false);
++ ssize_t ret = nbd_wr_syncv(ioc, &iov, 1, size, false);
++
++ assert(ret < 0 || ret == size);
++
++ return ret < 0 ? ret : 0;
+ }
+
+ struct NBDTLSHandshakeData {
+diff --git a/nbd/server.c b/nbd/server.c
+index 924a1fe..a1f106b 100644
+--- a/nbd/server.c
++++ b/nbd/server.c
+@@ -104,69 +104,6 @@ struct NBDClient {
+
+ static void nbd_client_receive_next_request(NBDClient *client);
+
+-static gboolean nbd_negotiate_continue(QIOChannel *ioc,
+- GIOCondition condition,
+- void *opaque)
+-{
+- qemu_coroutine_enter(opaque);
+- return TRUE;
+-}
+-
+-static ssize_t nbd_negotiate_read(QIOChannel *ioc, void *buffer, size_t size)
+-{
+- ssize_t ret;
+- guint watch;
+-
+- assert(qemu_in_coroutine());
+- /* Negotiation are always in main loop. */
+- watch = qio_channel_add_watch(ioc,
+- G_IO_IN,
+- nbd_negotiate_continue,
+- qemu_coroutine_self(),
+- NULL);
+- ret = read_sync(ioc, buffer, size);
+- g_source_remove(watch);
+- return ret;
+-
+-}
+-
+-static ssize_t nbd_negotiate_write(QIOChannel *ioc, const void *buffer,
+- size_t size)
+-{
+- ssize_t ret;
+- guint watch;
+-
+- assert(qemu_in_coroutine());
+- /* Negotiation are always in main loop. */
+- watch = qio_channel_add_watch(ioc,
+- G_IO_OUT,
+- nbd_negotiate_continue,
+- qemu_coroutine_self(),
+- NULL);
+- ret = write_sync(ioc, buffer, size);
+- g_source_remove(watch);
+- return ret;
+-}
+-
+-static ssize_t nbd_negotiate_drop_sync(QIOChannel *ioc, size_t size)
+-{
+- ssize_t ret, dropped = size;
+- uint8_t *buffer = g_malloc(MIN(65536, size));
+-
+- while (size > 0) {
+- ret = nbd_negotiate_read(ioc, buffer, MIN(65536, size));
+- if (ret < 0) {
+- g_free(buffer);
+- return ret;
+- }
+-
+- assert(ret <= size);
+- size -= ret;
+- }
+-
+- g_free(buffer);
+- return dropped;
+-}
+
+ /* Basic flow for negotiation
+
+@@ -206,22 +143,22 @@ static int nbd_negotiate_send_rep_len(QIOChannel *ioc, uint32_t type,
+ type, opt, len);
+
+ magic = cpu_to_be64(NBD_REP_MAGIC);
+- if (nbd_negotiate_write(ioc, &magic, sizeof(magic)) != sizeof(magic)) {
++ if (nbd_write(ioc, &magic, sizeof(magic), NULL) < 0) {
+ LOG("write failed (rep magic)");
+ return -EINVAL;
+ }
+ opt = cpu_to_be32(opt);
+- if (nbd_negotiate_write(ioc, &opt, sizeof(opt)) != sizeof(opt)) {
++ if (nbd_write(ioc, &opt, sizeof(opt), NULL) < 0) {
+ LOG("write failed (rep opt)");
+ return -EINVAL;
+ }
+ type = cpu_to_be32(type);
+- if (nbd_negotiate_write(ioc, &type, sizeof(type)) != sizeof(type)) {
++ if (nbd_write(ioc, &type, sizeof(type), NULL) < 0) {
+ LOG("write failed (rep type)");
+ return -EINVAL;
+ }
+ len = cpu_to_be32(len);
+- if (nbd_negotiate_write(ioc, &len, sizeof(len)) != sizeof(len)) {
++ if (nbd_write(ioc, &len, sizeof(len), NULL) < 0) {
+ LOG("write failed (rep data length)");
+ return -EINVAL;
+ }
+@@ -256,7 +193,7 @@ nbd_negotiate_send_rep_err(QIOChannel *ioc, uint32_t type,
+ if (ret < 0) {
+ goto out;
+ }
+- if (nbd_negotiate_write(ioc, msg, len) != len) {
++ if (nbd_write(ioc, msg, len, NULL) < 0) {
+ LOG("write failed (error message)");
+ ret = -EIO;
+ } else {
+@@ -287,15 +224,15 @@ static int nbd_negotiate_send_rep_list(QIOChannel *ioc, NBDExport *exp)
+ }
+
+ len = cpu_to_be32(name_len);
+- if (nbd_negotiate_write(ioc, &len, sizeof(len)) != sizeof(len)) {
++ if (nbd_write(ioc, &len, sizeof(len), NULL) < 0) {
+ LOG("write failed (name length)");
+ return -EINVAL;
+ }
+- if (nbd_negotiate_write(ioc, name, name_len) != name_len) {
++ if (nbd_write(ioc, name, name_len, NULL) < 0) {
+ LOG("write failed (name buffer)");
+ return -EINVAL;
+ }
+- if (nbd_negotiate_write(ioc, desc, desc_len) != desc_len) {
++ if (nbd_write(ioc, desc, desc_len, NULL) < 0) {
+ LOG("write failed (description buffer)");
+ return -EINVAL;
+ }
+@@ -309,7 +246,7 @@ static int nbd_negotiate_handle_list(NBDClient *client, uint32_t length)
+ NBDExport *exp;
+
+ if (length) {
+- if (nbd_negotiate_drop_sync(client->ioc, length) != length) {
++ if (nbd_drop(client->ioc, length, NULL) < 0) {
+ return -EIO;
+ }
+ return nbd_negotiate_send_rep_err(client->ioc,
+@@ -340,7 +277,7 @@ static int nbd_negotiate_handle_export_name(NBDClient *client, uint32_t length)
+ LOG("Bad length received");
+ goto fail;
+ }
+- if (nbd_negotiate_read(client->ioc, name, length) != length) {
++ if (nbd_read(client->ioc, name, length, NULL) < 0) {
+ LOG("read failed");
+ goto fail;
+ }
+@@ -373,7 +310,7 @@ static QIOChannel *nbd_negotiate_handle_starttls(NBDClient *client,
+ TRACE("Setting up TLS");
+ ioc = client->ioc;
+ if (length) {
+- if (nbd_negotiate_drop_sync(ioc, length) != length) {
++ if (nbd_drop(ioc, length, NULL) < 0) {
+ return NULL;
+ }
+ nbd_negotiate_send_rep_err(ioc, NBD_REP_ERR_INVALID, NBD_OPT_STARTTLS,
+@@ -437,8 +374,7 @@ static int nbd_negotiate_options(NBDClient *client)
+ ... Rest of request
+ */
+
+- if (nbd_negotiate_read(client->ioc, &flags, sizeof(flags)) !=
+- sizeof(flags)) {
++ if (nbd_read(client->ioc, &flags, sizeof(flags), NULL) < 0) {
+ LOG("read failed");
+ return -EIO;
+ }
+@@ -464,8 +400,7 @@ static int nbd_negotiate_options(NBDClient *client)
+ uint32_t clientflags, length;
+ uint64_t magic;
+
+- if (nbd_negotiate_read(client->ioc, &magic, sizeof(magic)) !=
+- sizeof(magic)) {
++ if (nbd_read(client->ioc, &magic, sizeof(magic), NULL) < 0) {
+ LOG("read failed");
+ return -EINVAL;
+ }
+@@ -475,15 +410,15 @@ static int nbd_negotiate_options(NBDClient *client)
+ return -EINVAL;
+ }
+
+- if (nbd_negotiate_read(client->ioc, &clientflags,
+- sizeof(clientflags)) != sizeof(clientflags)) {
++ if (nbd_read(client->ioc, &clientflags,
++ sizeof(clientflags), NULL) < 0)
++ {
+ LOG("read failed");
+ return -EINVAL;
+ }
+ clientflags = be32_to_cpu(clientflags);
+
+- if (nbd_negotiate_read(client->ioc, &length, sizeof(length)) !=
+- sizeof(length)) {
++ if (nbd_read(client->ioc, &length, sizeof(length), NULL) < 0) {
+ LOG("read failed");
+ return -EINVAL;
+ }
+@@ -513,7 +448,7 @@ static int nbd_negotiate_options(NBDClient *client)
+ return -EINVAL;
+
+ default:
+- if (nbd_negotiate_drop_sync(client->ioc, length) != length) {
++ if (nbd_drop(client->ioc, length, NULL) < 0) {
+ return -EIO;
+ }
+ ret = nbd_negotiate_send_rep_err(client->ioc,
+@@ -551,7 +486,7 @@ static int nbd_negotiate_options(NBDClient *client)
+ return nbd_negotiate_handle_export_name(client, length);
+
+ case NBD_OPT_STARTTLS:
+- if (nbd_negotiate_drop_sync(client->ioc, length) != length) {
++ if (nbd_drop(client->ioc, length, NULL) < 0) {
+ return -EIO;
+ }
+ if (client->tlscreds) {
+@@ -570,7 +505,7 @@ static int nbd_negotiate_options(NBDClient *client)
+ }
+ break;
+ default:
+- if (nbd_negotiate_drop_sync(client->ioc, length) != length) {
++ if (nbd_drop(client->ioc, length, NULL) < 0) {
+ return -EIO;
+ }
+ ret = nbd_negotiate_send_rep_err(client->ioc,
+@@ -659,12 +594,12 @@ static coroutine_fn int nbd_negotiate(NBDClientNewData *data)
+ TRACE("TLS cannot be enabled with oldstyle protocol");
+ goto fail;
+ }
+- if (nbd_negotiate_write(client->ioc, buf, sizeof(buf)) != sizeof(buf)) {
++ if (nbd_write(client->ioc, buf, sizeof(buf), NULL) < 0) {
+ LOG("write failed");
+ goto fail;
+ }
+ } else {
+- if (nbd_negotiate_write(client->ioc, buf, 18) != 18) {
++ if (nbd_write(client->ioc, buf, 18, NULL) < 0) {
+ LOG("write failed");
+ goto fail;
+ }
+@@ -679,7 +614,7 @@ static coroutine_fn int nbd_negotiate(NBDClientNewData *data)
+ stq_be_p(buf + 18, client->exp->size);
+ stw_be_p(buf + 26, client->exp->nbdflags | myflags);
+ len = client->no_zeroes ? 10 : sizeof(buf) - 18;
+- if (nbd_negotiate_write(client->ioc, buf + 18, len) != len) {
++ if (nbd_write(client->ioc, buf + 18, len, NULL) < 0) {
+ LOG("write failed");
+ goto fail;
+ }
+@@ -702,11 +637,6 @@ static ssize_t nbd_receive_request(QIOChannel *ioc, NBDRequest *request)
+ return ret;
+ }
+
+- if (ret != sizeof(buf)) {
+- LOG("read failed");
+- return -EINVAL;
+- }
+-
+ /* Request
+ [ 0 .. 3] magic (NBD_REQUEST_MAGIC)
+ [ 4 .. 5] flags (NBD_CMD_FLAG_FUA, ...)
+@@ -737,7 +667,6 @@ static ssize_t nbd_receive_request(QIOChannel *ioc, NBDRequest *request)
+ static ssize_t nbd_send_reply(QIOChannel *ioc, NBDReply *reply)
+ {
+ uint8_t buf[NBD_REPLY_SIZE];
+- ssize_t ret;
+
+ reply->error = system_errno_to_nbd_errno(reply->error);
+
+@@ -754,16 +683,7 @@ static ssize_t nbd_send_reply(QIOChannel *ioc, NBDReply *reply)
+ stl_be_p(buf + 4, reply->error);
+ stq_be_p(buf + 8, reply->handle);
+
+- ret = write_sync(ioc, buf, sizeof(buf));
+- if (ret < 0) {
+- return ret;
+- }
+-
+- if (ret != sizeof(buf)) {
+- LOG("writing to socket failed");
+- return -EINVAL;
+- }
+- return 0;
++ return write_sync(ioc, buf, sizeof(buf));
+ }
+
+ #define MAX_NBD_REQUESTS 16
+@@ -1067,7 +987,7 @@ static ssize_t nbd_co_send_reply(NBDRequestData *req, NBDReply *reply,
+ rc = nbd_send_reply(client->ioc, reply);
+ if (rc >= 0) {
+ ret = write_sync(client->ioc, req->data, len);
+- if (ret != len) {
++ if (ret < 0) {
+ rc = -EIO;
+ }
+ }
+@@ -1141,7 +1061,7 @@ static ssize_t nbd_co_receive_request(NBDRequestData *req,
+ if (request->type == NBD_CMD_WRITE) {
+ TRACE("Reading %" PRIu32 " byte(s)", request->len);
+
+- if (read_sync(client->ioc, req->data, request->len) != request->len) {
++ if (read_sync(client->ioc, req->data, request->len) < 0) {
+ LOG("reading from socket failed");
+ rc = -EIO;
+ goto out;
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9503-1.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9503-1.patch
new file mode 100644
index 0000000..01c81d1
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9503-1.patch
@@ -0,0 +1,122 @@
+From 87e459a810d7b1ec1638085b5a80ea3d9b43119a Mon Sep 17 00:00:00 2001
+From: Paolo Bonzini <pbonzini@redhat.com>
+Date: Thu, 1 Jun 2017 17:26:14 +0200
+Subject: [PATCH] megasas: always store SCSIRequest* into MegasasCmd
+
+This ensures that the request is unref'ed properly, and avoids a
+segmentation fault in the new qtest testcase that is added.
+This is CVE-2017-9503.
+
+Reported-by: Zhangyanyu <zyy4013@stu.ouc.edu.cn>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+---
+ hw/scsi/megasas.c | 31 ++++++++++++++++---------------
+ 2 files changed, 51 insertions(+), 15 deletions(-)
+
+diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
+index 135662df31..734fdaef90 100644
+--- a/hw/scsi/megasas.c
++++ b/hw/scsi/megasas.c
+@@ -609,6 +609,9 @@ static void megasas_reset_frames(MegasasState *s)
+ static void megasas_abort_command(MegasasCmd *cmd)
+ {
+ /* Never abort internal commands. */
++ if (cmd->dcmd_opcode != -1) {
++ return;
++ }
+ if (cmd->req != NULL) {
+ scsi_req_cancel(cmd->req);
+ }
+@@ -1017,7 +1020,6 @@ static int megasas_pd_get_info_submit(SCSIDevice *sdev, int lun,
+ uint64_t pd_size;
+ uint16_t pd_id = ((sdev->id & 0xFF) << 8) | (lun & 0xFF);
+ uint8_t cmdbuf[6];
+- SCSIRequest *req;
+ size_t len, resid;
+
+ if (!cmd->iov_buf) {
+@@ -1026,8 +1028,8 @@ static int megasas_pd_get_info_submit(SCSIDevice *sdev, int lun,
+ info->inquiry_data[0] = 0x7f; /* Force PQual 0x3, PType 0x1f */
+ info->vpd_page83[0] = 0x7f;
+ megasas_setup_inquiry(cmdbuf, 0, sizeof(info->inquiry_data));
+- req = scsi_req_new(sdev, cmd->index, lun, cmdbuf, cmd);
+- if (!req) {
++ cmd->req = scsi_req_new(sdev, cmd->index, lun, cmdbuf, cmd);
++ if (!cmd->req) {
+ trace_megasas_dcmd_req_alloc_failed(cmd->index,
+ "PD get info std inquiry");
+ g_free(cmd->iov_buf);
+@@ -1036,26 +1038,26 @@ static int megasas_pd_get_info_submit(SCSIDevice *sdev, int lun,
+ }
+ trace_megasas_dcmd_internal_submit(cmd->index,
+ "PD get info std inquiry", lun);
+- len = scsi_req_enqueue(req);
++ len = scsi_req_enqueue(cmd->req);
+ if (len > 0) {
+ cmd->iov_size = len;
+- scsi_req_continue(req);
++ scsi_req_continue(cmd->req);
+ }
+ return MFI_STAT_INVALID_STATUS;
+ } else if (info->inquiry_data[0] != 0x7f && info->vpd_page83[0] == 0x7f) {
+ megasas_setup_inquiry(cmdbuf, 0x83, sizeof(info->vpd_page83));
+- req = scsi_req_new(sdev, cmd->index, lun, cmdbuf, cmd);
+- if (!req) {
++ cmd->req = scsi_req_new(sdev, cmd->index, lun, cmdbuf, cmd);
++ if (!cmd->req) {
+ trace_megasas_dcmd_req_alloc_failed(cmd->index,
+ "PD get info vpd inquiry");
+ return MFI_STAT_FLASH_ALLOC_FAIL;
+ }
+ trace_megasas_dcmd_internal_submit(cmd->index,
+ "PD get info vpd inquiry", lun);
+- len = scsi_req_enqueue(req);
++ len = scsi_req_enqueue(cmd->req);
+ if (len > 0) {
+ cmd->iov_size = len;
+- scsi_req_continue(req);
++ scsi_req_continue(cmd->req);
+ }
+ return MFI_STAT_INVALID_STATUS;
+ }
+@@ -1217,7 +1219,6 @@ static int megasas_ld_get_info_submit(SCSIDevice *sdev, int lun,
+ struct mfi_ld_info *info = cmd->iov_buf;
+ size_t dcmd_size = sizeof(struct mfi_ld_info);
+ uint8_t cdb[6];
+- SCSIRequest *req;
+ ssize_t len, resid;
+ uint16_t sdev_id = ((sdev->id & 0xFF) << 8) | (lun & 0xFF);
+ uint64_t ld_size;
+@@ -1226,8 +1227,8 @@ static int megasas_ld_get_info_submit(SCSIDevice *sdev, int lun,
+ cmd->iov_buf = g_malloc0(dcmd_size);
+ info = cmd->iov_buf;
+ megasas_setup_inquiry(cdb, 0x83, sizeof(info->vpd_page83));
+- req = scsi_req_new(sdev, cmd->index, lun, cdb, cmd);
+- if (!req) {
++ cmd->req = scsi_req_new(sdev, cmd->index, lun, cdb, cmd);
++ if (!cmd->req) {
+ trace_megasas_dcmd_req_alloc_failed(cmd->index,
+ "LD get info vpd inquiry");
+ g_free(cmd->iov_buf);
+@@ -1236,10 +1237,10 @@ static int megasas_ld_get_info_submit(SCSIDevice *sdev, int lun,
+ }
+ trace_megasas_dcmd_internal_submit(cmd->index,
+ "LD get info vpd inquiry", lun);
+- len = scsi_req_enqueue(req);
++ len = scsi_req_enqueue(cmd->req);
+ if (len > 0) {
+ cmd->iov_size = len;
+- scsi_req_continue(req);
++ scsi_req_continue(cmd->req);
+ }
+ return MFI_STAT_INVALID_STATUS;
+ }
+@@ -1851,7 +1852,7 @@ static void megasas_command_complete(SCSIRequest *req, uint32_t status,
+ return;
+ }
+
+- if (cmd->req == NULL) {
++ if (cmd->dcmd_opcode != -1) {
+ /*
+ * Internal command complete
+ */
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9503-2.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9503-2.patch
new file mode 100644
index 0000000..74725a9
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9503-2.patch
@@ -0,0 +1,114 @@
+From 5104fac8539eaf155fc6de93e164be43e1e62242 Mon Sep 17 00:00:00 2001
+From: Paolo Bonzini <pbonzini@redhat.com>
+Date: Thu, 1 Jun 2017 17:18:23 +0200
+Subject: [PATCH] megasas: do not read DCMD opcode more than once from frame
+
+Avoid TOC-TOU bugs by storing the DCMD opcode in the MegasasCmd
+
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+---
+ hw/scsi/megasas.c | 25 +++++++++++--------------
+ 1 file changed, 11 insertions(+), 14 deletions(-)
+
+diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
+index c353118882..a3f75c1650 100644
+--- a/hw/scsi/megasas.c
++++ b/hw/scsi/megasas.c
+@@ -63,6 +63,7 @@ typedef struct MegasasCmd {
+
+ hwaddr pa;
+ hwaddr pa_size;
++ uint32_t dcmd_opcode;
+ union mfi_frame *frame;
+ SCSIRequest *req;
+ QEMUSGList qsg;
+@@ -513,6 +514,7 @@ static MegasasCmd *megasas_enqueue_frame(MegasasState *s,
+ cmd->context &= (uint64_t)0xFFFFFFFF;
+ }
+ cmd->count = count;
++ cmd->dcmd_opcode = -1;
+ s->busy++;
+
+ if (s->consumer_pa) {
+@@ -1562,22 +1564,21 @@ static const struct dcmd_cmd_tbl_t {
+
+ static int megasas_handle_dcmd(MegasasState *s, MegasasCmd *cmd)
+ {
+- int opcode;
+ int retval = 0;
+ size_t len;
+ const struct dcmd_cmd_tbl_t *cmdptr = dcmd_cmd_tbl;
+
+- opcode = le32_to_cpu(cmd->frame->dcmd.opcode);
+- trace_megasas_handle_dcmd(cmd->index, opcode);
++ cmd->dcmd_opcode = le32_to_cpu(cmd->frame->dcmd.opcode);
++ trace_megasas_handle_dcmd(cmd->index, cmd->dcmd_opcode);
+ if (megasas_map_dcmd(s, cmd) < 0) {
+ return MFI_STAT_MEMORY_NOT_AVAILABLE;
+ }
+- while (cmdptr->opcode != -1 && cmdptr->opcode != opcode) {
++ while (cmdptr->opcode != -1 && cmdptr->opcode != cmd->dcmd_opcode) {
+ cmdptr++;
+ }
+ len = cmd->iov_size;
+ if (cmdptr->opcode == -1) {
+- trace_megasas_dcmd_unhandled(cmd->index, opcode, len);
++ trace_megasas_dcmd_unhandled(cmd->index, cmd->dcmd_opcode, len);
+ retval = megasas_dcmd_dummy(s, cmd);
+ } else {
+ trace_megasas_dcmd_enter(cmd->index, cmdptr->desc, len);
+@@ -1592,13 +1593,11 @@ static int megasas_handle_dcmd(MegasasState *s, MegasasCmd *cmd)
+ static int megasas_finish_internal_dcmd(MegasasCmd *cmd,
+ SCSIRequest *req)
+ {
+- int opcode;
+ int retval = MFI_STAT_OK;
+ int lun = req->lun;
+
+- opcode = le32_to_cpu(cmd->frame->dcmd.opcode);
+- trace_megasas_dcmd_internal_finish(cmd->index, opcode, lun);
+- switch (opcode) {
++ trace_megasas_dcmd_internal_finish(cmd->index, cmd->dcmd_opcode, lun);
++ switch (cmd->dcmd_opcode) {
+ case MFI_DCMD_PD_GET_INFO:
+ retval = megasas_pd_get_info_submit(req->dev, lun, cmd);
+ break;
+@@ -1606,7 +1605,7 @@ static int megasas_finish_internal_dcmd(MegasasCmd *cmd,
+ retval = megasas_ld_get_info_submit(req->dev, lun, cmd);
+ break;
+ default:
+- trace_megasas_dcmd_internal_invalid(cmd->index, opcode);
++ trace_megasas_dcmd_internal_invalid(cmd->index, cmd->dcmd_opcode);
+ retval = MFI_STAT_INVALID_DCMD;
+ break;
+ }
+@@ -1827,7 +1826,6 @@ static void megasas_xfer_complete(SCSIRequest *req, uint32_t len)
+ {
+ MegasasCmd *cmd = req->hba_private;
+ uint8_t *buf;
+- uint32_t opcode;
+
+ trace_megasas_io_complete(cmd->index, len);
+
+@@ -1837,8 +1835,7 @@ static void megasas_xfer_complete(SCSIRequest *req, uint32_t len)
+ }
+
+ buf = scsi_req_get_buf(req);
+- opcode = le32_to_cpu(cmd->frame->dcmd.opcode);
+- if (opcode == MFI_DCMD_PD_GET_INFO && cmd->iov_buf) {
++ if (cmd->dcmd_opcode == MFI_DCMD_PD_GET_INFO && cmd->iov_buf) {
+ struct mfi_pd_info *info = cmd->iov_buf;
+
+ if (info->inquiry_data[0] == 0x7f) {
+@@ -1849,7 +1846,7 @@ static void megasas_xfer_complete(SCSIRequest *req, uint32_t len)
+ memcpy(info->vpd_page83, buf, len);
+ }
+ scsi_req_continue(req);
+- } else if (opcode == MFI_DCMD_LD_GET_INFO) {
++ } else if (cmd->dcmd_opcode == MFI_DCMD_LD_GET_INFO) {
+ struct mfi_ld_info *info = cmd->iov_buf;
+
+ if (cmd->iov_buf) {
+--
+2.13.0
+
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9524-1.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9524-1.patch
new file mode 100644
index 0000000..9d77193
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9524-1.patch
@@ -0,0 +1,80 @@
+From df8ad9f128c15aa0a0ebc7b24e9a22c9775b67af Mon Sep 17 00:00:00 2001
+From: Eric Blake <eblake@redhat.com>
+Date: Fri, 26 May 2017 22:04:21 -0500
+Subject: [PATCH] nbd: Fully initialize client in case of failed negotiation
+
+If a non-NBD client connects to qemu-nbd, we would end up with
+a SIGSEGV in nbd_client_put() because we were trying to
+unregister the client's association to the export, even though
+we skipped inserting the client into that list. Easy trigger
+in two terminals:
+
+$ qemu-nbd -p 30001 --format=raw file
+$ nmap 127.0.0.1 -p 30001
+
+nmap claims that it thinks it connected to a pago-services1
+server (which probably means nmap could be updated to learn the
+NBD protocol and give a more accurate diagnosis of the open
+port - but that's not our problem), then terminates immediately,
+so our call to nbd_negotiate() fails. The fix is to reorder
+nbd_co_client_start() to ensure that all initialization occurs
+before we ever try talking to a client in nbd_negotiate(), so
+that the teardown sequence on negotiation failure doesn't fault
+while dereferencing a half-initialized object.
+
+While debugging this, I also noticed that nbd_update_server_watch()
+called by nbd_client_closed() was still adding a channel to accept
+the next client, even when the state was no longer RUNNING. That
+is fixed by making nbd_can_accept() pay attention to the current
+state.
+
+Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1451614
+
+Signed-off-by: Eric Blake <eblake@redhat.com>
+Message-Id: <20170527030421.28366-1-eblake@redhat.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+---
+ nbd/server.c | 8 +++-----
+ qemu-nbd.c | 2 +-
+ 2 files changed, 4 insertions(+), 6 deletions(-)
+
+diff --git a/nbd/server.c b/nbd/server.c
+index ee59e5d234..49b55f6ede 100644
+--- a/nbd/server.c
++++ b/nbd/server.c
+@@ -1358,16 +1358,14 @@ static coroutine_fn void nbd_co_client_start(void *opaque)
+
+ if (exp) {
+ nbd_export_get(exp);
++ QTAILQ_INSERT_TAIL(&exp->clients, client, next);
+ }
++ qemu_co_mutex_init(&client->send_lock);
++
+ if (nbd_negotiate(data)) {
+ client_close(client);
+ goto out;
+ }
+- qemu_co_mutex_init(&client->send_lock);
+-
+- if (exp) {
+- QTAILQ_INSERT_TAIL(&exp->clients, client, next);
+- }
+
+ nbd_client_receive_next_request(client);
+
+diff --git a/qemu-nbd.c b/qemu-nbd.c
+index f60842fd86..651f85ecc1 100644
+--- a/qemu-nbd.c
++++ b/qemu-nbd.c
+@@ -325,7 +325,7 @@ out:
+
+ static int nbd_can_accept(void)
+ {
+- return nb_fds < shared;
++ return state == RUNNING && nb_fds < shared;
+ }
+
+ static void nbd_export_closed(NBDExport *exp)
+--
+2.13.0
+
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9524-2.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9524-2.patch
new file mode 100644
index 0000000..e6934b3
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9524-2.patch
@@ -0,0 +1,197 @@
+From 0c9390d978cbf61e8f16c9f580fa96b305c43568 Mon Sep 17 00:00:00 2001
+From: Eric Blake <eblake@redhat.com>
+Date: Thu, 8 Jun 2017 17:26:17 -0500
+Subject: [PATCH] nbd: Fix regression on resiliency to port scan
+
+Back in qemu 2.5, qemu-nbd was immune to port probes (a transient
+server would not quit, regardless of how many probe connections
+came and went, until a connection actually negotiated). But we
+broke that in commit ee7d7aa when removing the return value to
+nbd_client_new(), although that patch also introduced a bug causing
+an assertion failure on a client that fails negotiation. We then
+made it worse during refactoring in commit 1a6245a (a segfault
+before we could even assert); the (masked) assertion was cleaned
+up in d3780c2 (still in 2.6), and just recently we finally fixed
+the segfault ("nbd: Fully intialize client in case of failed
+negotiation"). But that still means that ever since we added
+TLS support to qemu-nbd, we have been vulnerable to an ill-timed
+port-scan being able to cause a denial of service by taking down
+qemu-nbd before a real client has a chance to connect.
+
+Since negotiation is now handled asynchronously via coroutines,
+we no longer have a synchronous point of return by re-adding a
+return value to nbd_client_new(). So this patch instead wires
+things up to pass the negotiation status through the close_fn
+callback function.
+
+Simple test across two terminals:
+$ qemu-nbd -f raw -p 30001 file
+$ nmap 127.0.0.1 -p 30001 && \
+ qemu-io -c 'r 0 512' -f raw nbd://localhost:30001
+
+Note that this patch does not change what constitutes successful
+negotiation (thus, a client must enter transmission phase before
+that client can be considered as a reason to terminate the server
+when the connection ends). Perhaps we may want to tweak things
+in a later patch to also treat a client that uses NBD_OPT_ABORT
+as being a 'successful' negotiation (the client correctly talked
+the NBD protocol, and informed us it was not going to use our
+export after all), but that's a discussion for another day.
+
+Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1451614
+
+Signed-off-by: Eric Blake <eblake@redhat.com>
+Message-Id: <20170608222617.20376-1-eblake@redhat.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+---
+ blockdev-nbd.c | 6 +++++-
+ include/block/nbd.h | 2 +-
+ nbd/server.c | 24 +++++++++++++++---------
+ qemu-nbd.c | 4 ++--
+ 4 files changed, 23 insertions(+), 13 deletions(-)
+
+diff --git a/blockdev-nbd.c b/blockdev-nbd.c
+index dd0860f4a6..28f551a7b0 100644
+--- a/blockdev-nbd.c
++++ b/blockdev-nbd.c
+@@ -27,6 +27,10 @@ typedef struct NBDServerData {
+
+ static NBDServerData *nbd_server;
+
++static void nbd_blockdev_client_closed(NBDClient *client, bool ignored)
++{
++ nbd_client_put(client);
++}
+
+ static gboolean nbd_accept(QIOChannel *ioc, GIOCondition condition,
+ gpointer opaque)
+@@ -46,7 +50,7 @@ static gboolean nbd_accept(QIOChannel *ioc, GIOCondition condition,
+ qio_channel_set_name(QIO_CHANNEL(cioc), "nbd-server");
+ nbd_client_new(NULL, cioc,
+ nbd_server->tlscreds, NULL,
+- nbd_client_put);
++ nbd_blockdev_client_closed);
+ object_unref(OBJECT(cioc));
+ return TRUE;
+ }
+diff --git a/include/block/nbd.h b/include/block/nbd.h
+index 416257abca..8fa5ce51f3 100644
+--- a/include/block/nbd.h
++++ b/include/block/nbd.h
+@@ -162,7 +162,7 @@ void nbd_client_new(NBDExport *exp,
+ QIOChannelSocket *sioc,
+ QCryptoTLSCreds *tlscreds,
+ const char *tlsaclname,
+- void (*close)(NBDClient *));
++ void (*close_fn)(NBDClient *, bool));
+ void nbd_client_get(NBDClient *client);
+ void nbd_client_put(NBDClient *client);
+
+diff --git a/nbd/server.c b/nbd/server.c
+index 49b55f6ede..f2b1aa47ce 100644
+--- a/nbd/server.c
++++ b/nbd/server.c
+@@ -81,7 +81,7 @@ static QTAILQ_HEAD(, NBDExport) exports = QTAILQ_HEAD_INITIALIZER(exports);
+
+ struct NBDClient {
+ int refcount;
+- void (*close)(NBDClient *client);
++ void (*close_fn)(NBDClient *client, bool negotiated);
+
+ bool no_zeroes;
+ NBDExport *exp;
+@@ -778,7 +778,7 @@ void nbd_client_put(NBDClient *client)
+ }
+ }
+
+-static void client_close(NBDClient *client)
++static void client_close(NBDClient *client, bool negotiated)
+ {
+ if (client->closing) {
+ return;
+@@ -793,8 +793,8 @@ static void client_close(NBDClient *client)
+ NULL);
+
+ /* Also tell the client, so that they release their reference. */
+- if (client->close) {
+- client->close(client);
++ if (client->close_fn) {
++ client->close_fn(client, negotiated);
+ }
+ }
+
+@@ -975,7 +975,7 @@ void nbd_export_close(NBDExport *exp)
+
+ nbd_export_get(exp);
+ QTAILQ_FOREACH_SAFE(client, &exp->clients, next, next) {
+- client_close(client);
++ client_close(client, true);
+ }
+ nbd_export_set_name(exp, NULL);
+ nbd_export_set_description(exp, NULL);
+@@ -1337,7 +1337,7 @@ done:
+
+ out:
+ nbd_request_put(req);
+- client_close(client);
++ client_close(client, true);
+ nbd_client_put(client);
+ }
+
+@@ -1363,7 +1363,7 @@ static coroutine_fn void nbd_co_client_start(void *opaque)
+ qemu_co_mutex_init(&client->send_lock);
+
+ if (nbd_negotiate(data)) {
+- client_close(client);
++ client_close(client, false);
+ goto out;
+ }
+
+@@ -1373,11 +1373,17 @@ out:
+ g_free(data);
+ }
+
++/*
++ * Create a new client listener on the given export @exp, using the
++ * given channel @sioc. Begin servicing it in a coroutine. When the
++ * connection closes, call @close_fn with an indication of whether the
++ * client completed negotiation.
++ */
+ void nbd_client_new(NBDExport *exp,
+ QIOChannelSocket *sioc,
+ QCryptoTLSCreds *tlscreds,
+ const char *tlsaclname,
+- void (*close_fn)(NBDClient *))
++ void (*close_fn)(NBDClient *, bool))
+ {
+ NBDClient *client;
+ NBDClientNewData *data = g_new(NBDClientNewData, 1);
+@@ -1394,7 +1400,7 @@ void nbd_client_new(NBDExport *exp,
+ object_ref(OBJECT(client->sioc));
+ client->ioc = QIO_CHANNEL(sioc);
+ object_ref(OBJECT(client->ioc));
+- client->close = close_fn;
++ client->close_fn = close_fn;
+
+ data->client = client;
+ data->co = qemu_coroutine_create(nbd_co_client_start, data);
+diff --git a/qemu-nbd.c b/qemu-nbd.c
+index 651f85ecc1..9464a0461c 100644
+--- a/qemu-nbd.c
++++ b/qemu-nbd.c
+@@ -336,10 +336,10 @@ static void nbd_export_closed(NBDExport *exp)
+
+ static void nbd_update_server_watch(void);
+
+-static void nbd_client_closed(NBDClient *client)
++static void nbd_client_closed(NBDClient *client, bool negotiated)
+ {
+ nb_fds--;
+- if (nb_fds == 0 && !persistent && state == RUNNING) {
++ if (negotiated && nb_fds == 0 && !persistent && state == RUNNING) {
+ state = TERMINATE;
+ }
+ nbd_update_server_watch();
+--
+2.13.0
+
diff --git a/app-emulation/qemu/qemu-2.8.1-r2.ebuild b/app-emulation/qemu/qemu-2.8.1-r2.ebuild
deleted file mode 100644
index ff24476..0000000
--- a/app-emulation/qemu/qemu-2.8.1-r2.ebuild
+++ /dev/null
@@ -1,770 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="6"
-
-PYTHON_COMPAT=( python2_7 )
-PYTHON_REQ_USE="ncurses,readline"
-
-PLOCALES="bg de_DE fr_FR hu it tr zh_CN"
-
-inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \
- user udev fcaps readme.gentoo-r1 pax-utils l10n
-
-if [[ ${PV} = *9999* ]]; then
- EGIT_REPO_URI="git://git.qemu.org/qemu.git"
- inherit git-r3
- SRC_URI=""
-else
- SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
- KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd"
-fi
-
-DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
-HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
-
-LICENSE="GPL-2 LGPL-2 BSD-2"
-SLOT="0"
-IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt
- glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux
- kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png
- pulseaudio python rbd sasl +seccomp sdl sdl2 selinux smartcard snappy
- spice ssh static static-user systemtap tci test usb usbredir vde
- +vhost-net virgl virtfs +vnc vte xattr xen xfs"
-
-COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel
- mips mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc
- sparc64 x86_64"
-IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS}
- lm32 moxie ppcemb tricore unicore32 xtensa xtensaeb"
-IUSE_USER_TARGETS="${COMMON_TARGETS}
- armeb mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx"
-
-use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
-use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS})
-IUSE+=" ${use_softmmu_targets} ${use_user_targets}"
-
-# Allow no targets to be built so that people can get a tools-only build.
-# Block USE flag configurations known to not work.
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- gtk2? ( gtk )
- qemu_softmmu_targets_arm? ( fdt )
- qemu_softmmu_targets_microblaze? ( fdt )
- qemu_softmmu_targets_ppc? ( fdt )
- qemu_softmmu_targets_ppc64? ( fdt )
- sdl2? ( sdl )
- static? ( static-user !alsa !bluetooth !gtk !gtk2 !opengl !pulseaudio )
- virtfs? ( xattr )
- vte? ( gtk )"
-
-# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
-# and user/softmmu targets (qemu-*, qemu-system-*).
-#
-# Yep, you need both libcap and libcap-ng since virtfs only uses libcap.
-#
-# The attr lib isn't always linked in (although the USE flag is always
-# respected). This is because qemu supports using the C library's API
-# when available rather than always using the extranl library.
-ALL_DEPEND="
- >=dev-libs/glib-2.0[static-libs(+)]
- sys-libs/zlib[static-libs(+)]
- python? ( ${PYTHON_DEPS} )
- systemtap? ( dev-util/systemtap )
- xattr? ( sys-apps/attr[static-libs(+)] )"
-
-# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
-# softmmu targets (qemu-system-*).
-SOFTMMU_TOOLS_DEPEND="
- >=x11-libs/pixman-0.28.0[static-libs(+)]
- accessibility? (
- app-accessibility/brltty[api]
- app-accessibility/brltty[static-libs(+)]
- )
- aio? ( dev-libs/libaio[static-libs(+)] )
- alsa? ( >=media-libs/alsa-lib-1.0.13 )
- bluetooth? ( net-wireless/bluez )
- bzip2? ( app-arch/bzip2[static-libs(+)] )
- caps? ( sys-libs/libcap-ng[static-libs(+)] )
- curl? ( >=net-misc/curl-7.15.4[static-libs(+)] )
- fdt? ( >=sys-apps/dtc-1.4.0[static-libs(+)] )
- glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] )
- gnutls? (
- dev-libs/nettle:=[static-libs(+)]
- >=net-libs/gnutls-3.0:=[static-libs(+)]
- )
- gtk? (
- gtk2? (
- x11-libs/gtk+:2
- vte? ( x11-libs/vte:0 )
- )
- !gtk2? (
- x11-libs/gtk+:3
- vte? ( x11-libs/vte:2.91 )
- )
- )
- infiniband? ( sys-fabric/librdmacm:=[static-libs(+)] )
- iscsi? ( net-libs/libiscsi )
- jpeg? ( virtual/jpeg:0=[static-libs(+)] )
- lzo? ( dev-libs/lzo:2[static-libs(+)] )
- ncurses? (
- sys-libs/ncurses:0=[unicode]
- sys-libs/ncurses:0=[static-libs(+)]
- )
- nfs? ( >=net-fs/libnfs-1.9.3[static-libs(+)] )
- numa? ( sys-process/numactl[static-libs(+)] )
- opengl? (
- virtual/opengl
- media-libs/libepoxy[static-libs(+)]
- media-libs/mesa[static-libs(+)]
- media-libs/mesa[egl,gbm]
- )
- png? ( media-libs/libpng:0=[static-libs(+)] )
- pulseaudio? ( media-sound/pulseaudio )
- rbd? ( sys-cluster/ceph[static-libs(+)] )
- sasl? ( dev-libs/cyrus-sasl[static-libs(+)] )
- sdl? (
- !sdl2? (
- media-libs/libsdl[X]
- >=media-libs/libsdl-1.2.11[static-libs(+)]
- )
- sdl2? (
- media-libs/libsdl2[X]
- media-libs/libsdl2[static-libs(+)]
- )
- )
- seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] )
- smartcard? ( >=app-emulation/libcacard-2.5.0[static-libs(+)] )
- snappy? ( app-arch/snappy[static-libs(+)] )
- spice? (
- >=app-emulation/spice-protocol-0.12.3
- >=app-emulation/spice-0.12.0[static-libs(+)]
- )
- ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] )
- usb? ( >=virtual/libusb-1-r2[static-libs(+)] )
- usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] )
- vde? ( net-misc/vde[static-libs(+)] )
- virgl? ( media-libs/virglrenderer[static-libs(+)] )
- virtfs? ( sys-libs/libcap )
- xen? ( app-emulation/xen-tools:= )
- xfs? ( sys-fs/xfsprogs[static-libs(+)] )"
-
-X86_FIRMWARE_DEPEND="
- >=sys-firmware/ipxe-1.0.0_p20130624
- pin-upstream-blobs? (
- ~sys-firmware/seabios-1.10.1
- ~sys-firmware/sgabios-0.1_pre8
- ~sys-firmware/vgabios-0.7a
- )
- !pin-upstream-blobs? (
- sys-firmware/seabios
- sys-firmware/sgabios
- sys-firmware/vgabios
- )"
-
-CDEPEND="
- !static? (
- ${ALL_DEPEND//\[static-libs(+)]}
- ${SOFTMMU_TOOLS_DEPEND//\[static-libs(+)]}
- )
- qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} )
- qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )"
-DEPEND="${CDEPEND}
- dev-lang/perl
- =dev-lang/python-2*
- sys-apps/texinfo
- virtual/pkgconfig
- kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 )
- gtk? ( nls? ( sys-devel/gettext ) )
- static? (
- ${ALL_DEPEND}
- ${SOFTMMU_TOOLS_DEPEND}
- )
- static-user? ( ${ALL_DEPEND} )
- test? (
- dev-libs/glib[utils]
- sys-devel/bc
- )"
-RDEPEND="${CDEPEND}
- selinux? ( sec-policy/selinux-qemu )"
-
-PATCHES=(
- # musl patches
- "${FILESDIR}"/${PN}-2.8.0-F_SHLCK-and-F_EXLCK.patch
- "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
- "${FILESDIR}"/${PN}-2.2.0-_sigev_un.patch
-
- # gentoo patches
- "${FILESDIR}"/${PN}-2.5.0-cflags.patch
- "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
- "${FILESDIR}"/${PN}-2.7.0-CVE-2016-8669-1.patch #597108
- "${FILESDIR}"/${PN}-2.8.0-CVE-2016-9908.patch #601826
- "${FILESDIR}"/${PN}-2.8.0-CVE-2016-9912.patch #602630
- "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10028.patch #603444
- "${FILESDIR}"/${PN}-2.8.0-CVE-2016-10155.patch #606720
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-1.patch #606264
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5525-2.patch
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5552.patch #606722
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5578.patch #607000
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5579.patch #607100
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5856.patch #608036
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5857.patch #608038
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5898.patch #608520
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5973.patch #609334
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-5987.patch #609398
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-6505.patch #612220
- "${FILESDIR}"/${PN}-2.8.0-CVE-2017-7377.patch #614744
- "${FILESDIR}"/${PN}-2.8.1-CVE-2017-7471.patch #616484
- "${FILESDIR}"/${PN}-2.8.1-CVE-2017-8086.patch #616460
-)
-
-STRIP_MASK="/usr/share/qemu/palcode-clipper"
-
-QA_PREBUILT="
- usr/share/qemu/openbios-ppc
- usr/share/qemu/openbios-sparc64
- usr/share/qemu/openbios-sparc32
- usr/share/qemu/palcode-clipper
- usr/share/qemu/s390-ccw.img
- usr/share/qemu/u-boot.e500"
-
-QA_WX_LOAD="usr/bin/qemu-i386
- usr/bin/qemu-x86_64
- usr/bin/qemu-alpha
- usr/bin/qemu-arm
- usr/bin/qemu-cris
- usr/bin/qemu-m68k
- usr/bin/qemu-microblaze
- usr/bin/qemu-microblazeel
- usr/bin/qemu-mips
- usr/bin/qemu-mipsel
- usr/bin/qemu-or32
- usr/bin/qemu-ppc
- usr/bin/qemu-ppc64
- usr/bin/qemu-ppc64abi32
- usr/bin/qemu-sh4
- usr/bin/qemu-sh4eb
- usr/bin/qemu-sparc
- usr/bin/qemu-sparc64
- usr/bin/qemu-armeb
- usr/bin/qemu-sparc32plus
- usr/bin/qemu-s390x
- usr/bin/qemu-unicore32"
-
-DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure you have the
-kernel module loaded before running kvm. The easiest way to ensure that the
-kernel module is loaded is to load it on boot.
- For AMD CPUs the module is called 'kvm-amd'.
- For Intel CPUs the module is called 'kvm-intel'.
-Please review /etc/conf.d/modules for how to load these.
-
-Make sure your user is in the 'kvm' group. Just run
- $ gpasswd -a <USER> kvm
-then have <USER> re-login.
-
-For brand new installs, the default permissions on /dev/kvm might not let
-you access it. You can tell udev to reset ownership/perms:
- $ udevadm trigger -c add /dev/kvm
-
-If you want to register binfmt handlers for qemu user targets:
-For openrc:
- # rc-update add qemu-binfmt
-For systemd:
- # ln -s /usr/share/qemu/binfmt.d/qemu.conf /etc/binfmt.d/qemu.conf"
-
-pkg_pretend() {
- if use kernel_linux && kernel_is lt 2 6 25; then
- eerror "This version of KVM requres a host kernel of 2.6.25 or higher."
- elif use kernel_linux; then
- if ! linux_config_exists; then
- eerror "Unable to check your kernel for KVM support"
- else
- CONFIG_CHECK="~KVM ~TUN ~BRIDGE"
- ERROR_KVM="You must enable KVM in your kernel to continue"
- ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in"
- ERROR_KVM_AMD+=" your kernel configuration."
- ERROR_KVM_INTEL="If you have an Intel CPU, you must enable"
- ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration."
- ERROR_TUN="You will need the Universal TUN/TAP driver compiled"
- ERROR_TUN+=" into your kernel or loaded as a module to use the"
- ERROR_TUN+=" virtual network device if using -net tap."
- ERROR_BRIDGE="You will also need support for 802.1d"
- ERROR_BRIDGE+=" Ethernet Bridging for some network configurations."
- use vhost-net && CONFIG_CHECK+=" ~VHOST_NET"
- ERROR_VHOST_NET="You must enable VHOST_NET to have vhost-net"
- ERROR_VHOST_NET+=" support"
-
- if use amd64 || use x86 || use amd64-linux || use x86-linux; then
- CONFIG_CHECK+=" ~KVM_AMD ~KVM_INTEL"
- fi
-
- use python && CONFIG_CHECK+=" ~DEBUG_FS"
- ERROR_DEBUG_FS="debugFS support required for kvm_stat"
-
- # Now do the actual checks setup above
- check_extra_config
- fi
- fi
-
- if grep -qs '/usr/bin/qemu-kvm' "${EROOT}"/etc/libvirt/qemu/*.xml; then
- eerror "The kvm/qemu-kvm wrappers no longer exist, but your libvirt"
- eerror "instances are still pointing to it. Please update your"
- eerror "configs in /etc/libvirt/qemu/ to use the -enable-kvm flag"
- eerror "and the right system binary (e.g. qemu-system-x86_64)."
- die "update your virt configs to not use qemu-kvm"
- fi
-}
-
-pkg_setup() {
- enewgroup kvm 78
-}
-
-# Sanity check to make sure target lists are kept up-to-date.
-check_targets() {
- local var=$1 mak=$2
- local detected sorted
-
- pushd "${S}"/default-configs >/dev/null || die
-
- # Force C locale until glibc is updated. #564936
- detected=$(echo $(printf '%s\n' *-${mak}.mak | sed "s:-${mak}.mak::" | LC_COLLATE=C sort -u))
- sorted=$(echo $(printf '%s\n' ${!var} | LC_COLLATE=C sort -u))
- if [[ ${sorted} != "${detected}" ]] ; then
- eerror "The ebuild needs to be kept in sync."
- eerror "${var}: ${sorted}"
- eerror "$(printf '%-*s' ${#var} configure): ${detected}"
- die "sync ${var} to the list of targets"
- fi
-
- popd >/dev/null
-}
-
-handle_locales() {
- # Make sure locale list is kept up-to-date.
- local detected sorted
- detected=$(echo $(cd po && printf '%s\n' *.po | grep -v messages.po | sed 's:.po$::' | sort -u))
- sorted=$(echo $(printf '%s\n' ${PLOCALES} | sort -u))
- if [[ ${sorted} != "${detected}" ]] ; then
- eerror "The ebuild needs to be kept in sync."
- eerror "PLOCALES: ${sorted}"
- eerror " po/*.po: ${detected}"
- die "sync PLOCALES"
- fi
-
- # Deal with selective install of locales.
- if use nls ; then
- # Delete locales the user does not want. #577814
- rm_loc() { rm po/$1.po || die; }
- l10n_for_each_disabled_locale_do rm_loc
- else
- # Cheap hack to disable gettext .mo generation.
- rm -f po/*.po
- fi
-}
-
-src_prepare() {
- check_targets IUSE_SOFTMMU_TARGETS softmmu
- check_targets IUSE_USER_TARGETS linux-user
-
- # Alter target makefiles to accept CFLAGS set via flag-o
- sed -i -r \
- -e 's/^(C|OP_C|HELPER_C)FLAGS=/\1FLAGS+=/' \
- Makefile Makefile.target || die
-
- default
-
- # Fix ld and objcopy being called directly
- tc-export AR LD OBJCOPY
-
- # Verbose builds
- MAKEOPTS+=" V=1"
-
- # Run after we've applied all patches.
- handle_locales
-}
-
-##
-# configures qemu based on the build directory and the build type
-# we are using.
-#
-qemu_src_configure() {
- debug-print-function ${FUNCNAME} "$@"
-
- local buildtype=$1
- local builddir="${S}/${buildtype}-build"
-
- mkdir "${builddir}"
-
- local conf_opts=(
- --prefix=/usr
- --sysconfdir=/etc
- --libdir=/usr/$(get_libdir)
- --docdir=/usr/share/doc/${PF}/html
- --disable-bsd-user
- --disable-guest-agent
- --disable-strip
- --disable-werror
- # We support gnutls/nettle for crypto operations. It is possible
- # to use gcrypt when gnutls/nettle are disabled (but not when they
- # are enabled), but it's not really worth the hassle. Disable it
- # all the time to avoid automatically detecting it. #568856
- --disable-gcrypt
- --python="${PYTHON}"
- --cc="$(tc-getCC)"
- --cxx="$(tc-getCXX)"
- --host-cc="$(tc-getBUILD_CC)"
- $(use_enable debug debug-info)
- $(use_enable debug debug-tcg)
- --enable-docs
- $(use_enable tci tcg-interpreter)
- $(use_enable xattr attr)
- )
-
- # Disable options not used by user targets. This simplifies building
- # static user targets (USE=static-user) considerably.
- conf_notuser() {
- if [[ ${buildtype} == "user" ]] ; then
- echo "--disable-${2:-$1}"
- else
- use_enable "$@"
- fi
- }
- conf_opts+=(
- $(conf_notuser accessibility brlapi)
- $(conf_notuser aio linux-aio)
- $(conf_notuser bzip2)
- $(conf_notuser bluetooth bluez)
- $(conf_notuser caps cap-ng)
- $(conf_notuser curl)
- $(conf_notuser fdt)
- $(conf_notuser glusterfs)
- $(conf_notuser gnutls)
- $(conf_notuser gnutls nettle)
- $(conf_notuser gtk)
- $(conf_notuser infiniband rdma)
- $(conf_notuser iscsi libiscsi)
- $(conf_notuser jpeg vnc-jpeg)
- $(conf_notuser kernel_linux kvm)
- $(conf_notuser lzo)
- $(conf_notuser ncurses curses)
- $(conf_notuser nfs libnfs)
- $(conf_notuser numa)
- $(conf_notuser opengl)
- $(conf_notuser png vnc-png)
- $(conf_notuser rbd)
- $(conf_notuser sasl vnc-sasl)
- $(conf_notuser sdl)
- $(conf_notuser seccomp)
- $(conf_notuser smartcard)
- $(conf_notuser snappy)
- $(conf_notuser spice)
- $(conf_notuser ssh libssh2)
- $(conf_notuser usb libusb)
- $(conf_notuser usbredir usb-redir)
- $(conf_notuser vde)
- $(conf_notuser vhost-net)
- $(conf_notuser virgl virglrenderer)
- $(conf_notuser virtfs)
- $(conf_notuser vnc)
- $(conf_notuser vte)
- $(conf_notuser xen)
- $(conf_notuser xen xen-pci-passthrough)
- $(conf_notuser xfs xfsctl)
- )
-
- if [[ ! ${buildtype} == "user" ]] ; then
- # audio options
- local audio_opts="oss"
- use alsa && audio_opts="alsa,${audio_opts}"
- use sdl && audio_opts="sdl,${audio_opts}"
- use pulseaudio && audio_opts="pa,${audio_opts}"
- conf_opts+=(
- --audio-drv-list="${audio_opts}"
- )
- use gtk && conf_opts+=( --with-gtkabi=$(usex gtk2 2.0 3.0) )
- use sdl && conf_opts+=( --with-sdlabi=$(usex sdl2 2.0 1.2) )
- fi
-
- case ${buildtype} in
- user)
- conf_opts+=(
- --enable-linux-user
- --disable-system
- --disable-blobs
- --disable-tools
- )
- local static_flag="static-user"
- ;;
- softmmu)
- conf_opts+=(
- --disable-linux-user
- --enable-system
- --disable-tools
- --with-system-pixman
- )
- local static_flag="static"
- ;;
- tools)
- conf_opts+=(
- --disable-linux-user
- --disable-system
- --disable-blobs
- --enable-tools
- )
- local static_flag="static"
- ;;
- esac
-
- local targets="${buildtype}_targets"
- [[ -n ${targets} ]] && conf_opts+=( --target-list="${!targets}" )
-
- # Add support for SystemTAP
- use systemtap && conf_opts+=( --enable-trace-backend=dtrace )
-
- # We always want to attempt to build with PIE support as it results
- # in a more secure binary. But it doesn't work with static or if
- # the current GCC doesn't have PIE support.
- if use ${static_flag}; then
- conf_opts+=( --static --disable-pie )
- else
- gcc-specs-pie && conf_opts+=( --enable-pie )
- fi
-
- echo "../configure ${conf_opts[*]}"
- cd "${builddir}"
- ../configure "${conf_opts[@]}" || die "configure failed"
-
- # FreeBSD's kernel does not support QEMU assigning/grabbing
- # host USB devices yet
- use kernel_FreeBSD && \
- sed -i -E -e "s|^(HOST_USB=)bsd|\1stub|" "${S}"/config-host.mak
-}
-
-src_configure() {
- local target
-
- python_setup
-
- softmmu_targets= softmmu_bins=()
- user_targets= user_bins=()
-
- for target in ${IUSE_SOFTMMU_TARGETS} ; do
- if use "qemu_softmmu_targets_${target}"; then
- softmmu_targets+=",${target}-softmmu"
- softmmu_bins+=( "qemu-system-${target}" )
- fi
- done
-
- for target in ${IUSE_USER_TARGETS} ; do
- if use "qemu_user_targets_${target}"; then
- user_targets+=",${target}-linux-user"
- user_bins+=( "qemu-${target}" )
- fi
- done
-
- softmmu_targets=${softmmu_targets#,}
- user_targets=${user_targets#,}
-
- [[ -n ${softmmu_targets} ]] && qemu_src_configure "softmmu"
- [[ -n ${user_targets} ]] && qemu_src_configure "user"
- qemu_src_configure "tools"
-}
-
-src_compile() {
- if [[ -n ${user_targets} ]]; then
- cd "${S}/user-build"
- default
- fi
-
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- default
- fi
-
- cd "${S}/tools-build"
- default
-}
-
-src_test() {
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- pax-mark m */qemu-system-* #515550
- emake -j1 check
- emake -j1 check-report.html
- fi
-}
-
-qemu_python_install() {
- python_domodule "${S}/scripts/qmp/qmp.py"
-
- python_doscript "${S}/scripts/kvm/vmxcap"
- python_doscript "${S}/scripts/qmp/qmp-shell"
- python_doscript "${S}/scripts/qmp/qemu-ga-client"
-}
-
-# Generate binfmt support files.
-# - /etc/init.d/qemu-binfmt script which registers the user handlers (openrc)
-# - /usr/share/qemu/binfmt.d/qemu.conf (for use with systemd-binfmt)
-generate_initd() {
- local out="${T}/qemu-binfmt"
- local out_systemd="${T}/qemu.conf"
- local d="${T}/binfmt.d"
-
- einfo "Generating qemu binfmt scripts and configuration files"
-
- # Generate the debian fragments first.
- mkdir -p "${d}"
- "${S}"/scripts/qemu-binfmt-conf.sh \
- --debian \
- --exportdir "${d}" \
- --qemu-path "${EPREFIX}/usr/bin" \
- || die
- # Then turn the fragments into a shell script we can source.
- sed -E -i \
- -e 's:^([^ ]+) (.*)$:\1="\2":' \
- "${d}"/* || die
-
- # Generate the init.d script by assembling the fragments from above.
- local f qcpu package interpreter magic mask
- cat "${FILESDIR}"/qemu-binfmt.initd.head >"${out}" || die
- for f in "${d}"/qemu-* ; do
- source "${f}"
-
- # Normalize the cpu logic like we do in the init.d for the native cpu.
- qcpu=${package#qemu-}
- case ${qcpu} in
- arm*) qcpu="arm";;
- mips*) qcpu="mips";;
- ppc*) qcpu="ppc";;
- s390*) qcpu="s390";;
- sh*) qcpu="sh";;
- sparc*) qcpu="sparc";;
- esac
-
- cat <<EOF >>"${out}"
- if [ "\${cpu}" != "${qcpu}" -a -x "${interpreter}" ] ; then
- echo ':${package}:M::${magic}:${mask}:${interpreter}:'"\${QEMU_BINFMT_FLAGS}" >/proc/sys/fs/binfmt_misc/register
- fi
-EOF
-
- echo ":${package}:M::${magic}:${mask}:${interpreter}:OC" >>"${out_systemd}"
-
- done
- cat "${FILESDIR}"/qemu-binfmt.initd.tail >>"${out}" || die
-}
-
-src_install() {
- if [[ -n ${user_targets} ]]; then
- cd "${S}/user-build"
- emake DESTDIR="${ED}" install
-
- # Install binfmt handler init script for user targets.
- generate_initd
- doinitd "${T}/qemu-binfmt"
-
- # Install binfmt/qemu.conf.
- insinto "/usr/share/qemu/binfmt.d"
- doins "${T}/qemu.conf"
- fi
-
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- emake DESTDIR="${ED}" install
-
- # This might not exist if the test failed. #512010
- [[ -e check-report.html ]] && dohtml check-report.html
-
- if use kernel_linux; then
- udev_newrules "${FILESDIR}"/65-kvm.rules-r1 65-kvm.rules
- fi
-
- if use python; then
- python_foreach_impl qemu_python_install
- fi
- fi
-
- cd "${S}/tools-build"
- emake DESTDIR="${ED}" install
-
- # Disable mprotect on the qemu binaries as they use JITs to be fast #459348
- pushd "${ED}"/usr/bin >/dev/null
- pax-mark mr "${softmmu_bins[@]}" "${user_bins[@]}" # bug 575594
- popd >/dev/null
-
- # Install config file example for qemu-bridge-helper
- insinto "/etc/qemu"
- doins "${FILESDIR}/bridge.conf"
-
- # Remove the docdir placed qmp-commands.txt
- mv "${ED}/usr/share/doc/${PF}/html/qmp-commands.txt" "${S}/docs/" || die
-
- cd "${S}"
- dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt
- newdoc pc-bios/README README.pc-bios
- dodoc docs/qmp-*.txt
-
- if [[ -n ${softmmu_targets} ]]; then
- # Remove SeaBIOS since we're using the SeaBIOS packaged one
- rm "${ED}/usr/share/qemu/bios.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../seabios/bios.bin /usr/share/qemu/bios.bin
- fi
-
- # Remove vgabios since we're using the vgabios packaged one
- rm "${ED}/usr/share/qemu/vgabios.bin"
- rm "${ED}/usr/share/qemu/vgabios-cirrus.bin"
- rm "${ED}/usr/share/qemu/vgabios-qxl.bin"
- rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
- rm "${ED}/usr/share/qemu/vgabios-vmware.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../vgabios/vgabios.bin /usr/share/qemu/vgabios.bin
- dosym ../vgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
- dosym ../vgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
- dosym ../vgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
- dosym ../vgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
- fi
-
- # Remove sgabios since we're using the sgabios packaged one
- rm "${ED}/usr/share/qemu/sgabios.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../sgabios/sgabios.bin /usr/share/qemu/sgabios.bin
- fi
-
- # Remove iPXE since we're using the iPXE packaged one
- rm "${ED}"/usr/share/qemu/pxe-*.rom
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../ipxe/8086100e.rom /usr/share/qemu/pxe-e1000.rom
- dosym ../ipxe/80861209.rom /usr/share/qemu/pxe-eepro100.rom
- dosym ../ipxe/10500940.rom /usr/share/qemu/pxe-ne2k_pci.rom
- dosym ../ipxe/10222000.rom /usr/share/qemu/pxe-pcnet.rom
- dosym ../ipxe/10ec8139.rom /usr/share/qemu/pxe-rtl8139.rom
- dosym ../ipxe/1af41000.rom /usr/share/qemu/pxe-virtio.rom
- fi
- fi
-
- DISABLE_AUTOFORMATTING=true
- readme.gentoo_create_doc
-}
-
-pkg_postinst() {
- DISABLE_AUTOFORMATTING=true
- readme.gentoo_print_elog
-
- if [[ -n ${softmmu_targets} ]] && use kernel_linux; then
- udev_reload
- fi
-
- fcaps cap_net_admin /usr/libexec/qemu-bridge-helper
-}
-
-pkg_info() {
- echo "Using:"
- echo " $(best_version app-emulation/spice-protocol)"
- echo " $(best_version sys-firmware/ipxe)"
- echo " $(best_version sys-firmware/seabios)"
- if has_version 'sys-firmware/seabios[binary]'; then
- echo " USE=binary"
- else
- echo " USE=''"
- fi
- echo " $(best_version sys-firmware/vgabios)"
-}
diff --git a/app-emulation/qemu/qemu-2.9.0-r2.ebuild b/app-emulation/qemu/qemu-2.9.0-r2.ebuild
index 3efa65c..397b86c 100644
--- a/app-emulation/qemu/qemu-2.9.0-r2.ebuild
+++ b/app-emulation/qemu/qemu-2.9.0-r2.ebuild
@@ -17,7 +17,7 @@ if [[ ${PV} = *9999* ]]; then
SRC_URI=""
else
SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
- KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd"
+ KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd"
fi
DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
@@ -513,7 +513,7 @@ qemu_src_configure() {
if use ${static_flag}; then
conf_opts+=( --static --disable-pie )
else
- gcc-specs-pie && conf_opts+=( --enable-pie )
+ tc-enables-pie && conf_opts+=( --enable-pie )
fi
echo "../configure ${conf_opts[*]}"
diff --git a/app-emulation/qemu/qemu-2.9.0-r54.ebuild b/app-emulation/qemu/qemu-2.9.0-r56.ebuild
similarity index 96%
rename from app-emulation/qemu/qemu-2.9.0-r54.ebuild
rename to app-emulation/qemu/qemu-2.9.0-r56.ebuild
index c36797b..ad2e5f7 100644
--- a/app-emulation/qemu/qemu-2.9.0-r54.ebuild
+++ b/app-emulation/qemu/qemu-2.9.0-r56.ebuild
@@ -137,7 +137,7 @@ SOFTMMU_TOOLS_DEPEND="
)
seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] )
smartcard? ( >=app-emulation/libcacard-2.5.0[static-libs(+)] )
- snappy? ( app-arch/snappy[static-libs(+)] )
+ snappy? ( app-arch/snappy:=[static-libs(+)] )
spice? (
>=app-emulation/spice-protocol-0.12.3
>=app-emulation/spice-0.12.0[static-libs(+)]
@@ -200,11 +200,20 @@ PATCHES=(
# gentoo patches
"${FILESDIR}"/${PN}-2.5.0-cflags.patch
"${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8309.patch # bug 616870
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8379.patch # bug 616872
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8380.patch # bug 616874
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8112.patch # bug 616636
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-7493.patch # bug 618808
+ "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8309.patch # bug 616870
+ "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8379.patch # bug 616872
+ "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8380.patch # bug 616874
+ "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8112.patch # bug 616636
+ "${FILESDIR}"/${PN}-2.9.0-CVE-2017-7493.patch # bug 618808
+ "${FILESDIR}"/${PN}-2.9.0-CVE-2017-11434.patch # bug 625614
+ "${FILESDIR}"/${PN}-2.9.0-CVE-2017-11334.patch # bug 621292
+ "${FILESDIR}"/${PN}-2.9.0-CVE-2017-9524-1.patch # bug 621292
+ "${FILESDIR}"/${PN}-2.9.0-CVE-2017-9524-2.patch
+ "${FILESDIR}"/${PN}-2.9.0-CVE-2017-9503-1.patch # bug 621184
+ "${FILESDIR}"/${PN}-2.9.0-CVE-2017-9503-2.patch
+ "${FILESDIR}"/${PN}-2.9.0-CVE-2017-10664.patch # bug 623016
+ "${FILESDIR}"/${PN}-2.9.0-CVE-2017-10806.patch # bug 624088
+ "${FILESDIR}"/${PN}-2.9.0-CVE-2017-7539.patch # bug 625850
)
STRIP_MASK="/usr/share/qemu/palcode-clipper"
@@ -516,7 +525,7 @@ qemu_src_configure() {
if use ${static_flag}; then
conf_opts+=( --static --disable-pie )
else
- gcc-specs-pie && conf_opts+=( --enable-pie )
+ tc-enables-pie && conf_opts+=( --enable-pie )
fi
echo "../configure ${conf_opts[*]}"
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/
@ 2017-09-02 20:16 Aric Belsito
0 siblings, 0 replies; 19+ messages in thread
From: Aric Belsito @ 2017-09-02 20:16 UTC (permalink / raw
To: gentoo-commits
commit: 9242836366e3326f7c40fa24e424a133625fab43
Author: Aric Belsito <lluixhi <AT> gmail <DOT> com>
AuthorDate: Sat Sep 2 20:15:33 2017 +0000
Commit: Aric Belsito <lluixhi <AT> gmail <DOT> com>
CommitDate: Sat Sep 2 20:15:33 2017 +0000
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=92428363
app-emulation/qemu: version bump to 2.10.0
drop 2.9.0-r2
app-emulation/qemu/Manifest | 6 +-
.../qemu/files/qemu-2.10.0-CVE-2017-13711.patch | 80 ++++++++++++++++++++++
.../{qemu-2.9.0-r2.ebuild => qemu-2.10.0.ebuild} | 78 ++++++++++++++-------
app-emulation/qemu/qemu-2.9.0-r56.ebuild | 2 +-
4 files changed, 140 insertions(+), 26 deletions(-)
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
index e3f4bd2..39a9970 100644
--- a/app-emulation/qemu/Manifest
+++ b/app-emulation/qemu/Manifest
@@ -1,6 +1,7 @@
AUX 65-kvm.rules-r1 120 SHA256 2f6b5b2600598fc402850bb7026eab0e5822e7221b584795bd2ed1a0290250df SHA512 4132ec4d3e7c1e3cf5e37224be1a3b864bcc0bfde9109e8fea9c99377289c28a7fdcf9155fbbd6605dbf8ebeb020c2ab575dd35e36bdf69f8ad07c4aa9c7b2f7 WHIRLPOOL 34dce92c0851c7edb5449c7d19e8767b09e61a73b551af90d987519e8e9c8c883e8ff8567d4a222294095bafdb58984347c694fc6ac458c630ed8e2d42438180
AUX bridge.conf 454 SHA256 a51850dd39923f3482e4c575b48ad9fef9c9ebb2f2176225da399b79ce48c69d SHA512 a907ee86b81a1b61033bb7621ded65112504131ef7b698c53e4014b958ee6fc79e66f63069015a01e41362cb70a7d0ed26dd9a03033cf776f4846f0e1f8f1533 WHIRLPOOL 8fcbd4abf9b8f7ca3d16fe0eaf17196ebf708dfecf85ce0f020e0de22b64905114f7b310f361826c81bb961c6b1bbbf984bff1e595bb949993b8966ccb222c35
AUX qemu-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch 930 SHA256 6af6cf9044997710a6d0fbdba30a35c8d775e30d30c032ec97db672f75ec88ac SHA512 ec84b27648c01c6e58781295dcd0c2ff8e5a635f9836ef50c1da5d0ed125db1afc4cb5b01cb97606d6dd8f417acba93e1560d9a32ca29161a4bb730b302440ea WHIRLPOOL 06b9dd5251ac03405c97b1f5a623b4d86bda2f72fbcd52b90ae4d11a0cfb59cae62df2cb6189405fbe53ab05ff2b7ca8165fda239dbfe5f31ed70abb53b3b9f3
+AUX qemu-2.10.0-CVE-2017-13711.patch 2252 SHA256 0a1b741318920020c2e69312b052ebf6933d7e1ce92e2a0d38de88b3cbee6768 SHA512 3a9145088274e247f86198475bab1e8c3c10705612b0c59ccdf623db5a21f5da73a948ce5362633eb0d817e979cd43a130fe31093c85604590c9bcd37a4912ee WHIRLPOOL e43f833cd3ef88880d9e78732f13087164e0d971df4fc1979ad509f5437bb54d52e34eb0fa05ed09b4b2248f653a65c52e43da65f6bc14ed0c362a74ee93720d
AUX qemu-2.2.0-_sigev_un.patch 638 SHA256 1f66c5a55ec94d73182cd25f3de5490cdb075542246a37d206cfb7b4a99a40a4 SHA512 5a2f9af1b60fd5a088679f3481b8d0317da88d4922b02289265b8d193b3589dd6d498e66531fc37ed86b97f4a648a1068f2da646e381d89c472716ef58190eb1 WHIRLPOOL 8444edaa4e5d59a337a7ebba71807b51941642517e5e762fb3458fde1a53c63c919ca809e5f32b503f1a92e4ccd2d21a057995fec56fcf846246dadccbdc863f
AUX qemu-2.5.0-cflags.patch 410 SHA256 17f5624dd733f5c80e733cc67ae36a736169ec066024dbf802b416accfed0755 SHA512 0194d28de08b4e51c5bd1c9a2cc7965ba7f66dfddb8fd91de3da93677e6cf2d38ad3270f69aaea8a20cf2533c2980018d6e0fed711be2806fe2053fba7c081f3 WHIRLPOOL 5f5b95d00409fbe03adb64801d30a2fb5f98dded5efa7f0e78b5746776f72917dcbea767e1d0afcb304d8bf8c484adedb8037e6d54e9d34997c2bc3a98b53154
AUX qemu-2.5.0-sysmacros.patch 333 SHA256 a5716fc02da383d455f5cbd76f49e4ee74d84c2d5703319adcbeb145d04875f9 SHA512 329632c5bff846ca3ffcdb4bc94ae62f17c6bdbb566f9bec0784357c943523e8ca7773790b83a9617734cab3b003baa3d636cbd08f7385810a63b0fa0383c4f0 WHIRLPOOL 2a774767d4685545d3ed18e4f5dece99a9007597d73c56197652ff24083550f987ffb69e5c624760dece87def71a7c5c22a694bf999d7309e48ef622f18f0d73
@@ -20,7 +21,8 @@ AUX qemu-2.9.0-CVE-2017-9524-1.patch 2624 SHA256 f2479f79a81dba79eeee7a333b50bfb
AUX qemu-2.9.0-CVE-2017-9524-2.patch 7016 SHA256 092da49ea1aafd9b94f20127b93c1373b9a83ef127cad1d45fdbd8f5a9d9dbe9 SHA512 de25c5506ae955fb799b2c9952120c9feb51b363f5ee277c9b63882938ce56c44702dcd688ecf65a3d2a089503be938432eb62ffa3df7409f4211bb7fa126f26 WHIRLPOOL b38c3a557be778634d53e7c356fb124e7470ad3e58b426677f3405c10faf76fa88d2f354d66a69b8549a64c480a338c94ed425c768394ad4cdd74ed4479ccc89
AUX qemu-binfmt.initd.head 1445 SHA256 a9b4b1d1ffa82d572c01f14ebfbafb4b3a4c2eb5cad5af62c059f603a9f5a277 SHA512 a735268ae9ac84d8f2f2893bf018ee6de33231fa94a823bd8502b529bb456635c1ab5cf9b440df5ede8e414291f8bf45fc53898c2f3939c50d5ec4ffa554396a WHIRLPOOL 3ec0f916d5928d464fa8416c8eac472cfa01b560bba07642ff7929799918d1c8059ac7368ff5551e6aa993027849de08035d856db7981315d8e4ec470a0f785e
AUX qemu-binfmt.initd.tail 245 SHA256 1b765f5212946b73b8e4d92f64d34a9d2e358ef541c02164f6d6dd93cb15e1e7 SHA512 bcca16805f8380d52cc591ea3d65a8f6e5de456730618f6aee301510edb75d235a22d4d7aeed224882210392840adb403eb53234b6cb76a4cb24533852a8b737 WHIRLPOOL 41ddd1751101646e700a6fe4ef879bd4149d646a801f97e40534051895697dcbded06a1edda51457a0d624fbf68442c3e57178a3ee8e683e35368b88d10ba4a4
+DIST qemu-2.10.0.tar.bz2 30955656 SHA256 7e9f39e1306e6dcc595494e91c1464d4b03f55ddd2053183e0e1b69f7f776d48 SHA512 ea21c014030f8a902df159641e6ccb45f0850ac5cb1cb8ab6845124c44ea5def54845e7bc66a6e80d624c78069f9baa913ee5119704076ae4ff47ab018ace9f9 WHIRLPOOL 58f846788fdf2b0c90e6d17ce921a1fe02556968d38ffc11be7e32b81ebc723dfeaa790f22d8085d4f388eb01fe0daa3ddbc00630c5ecba083df33cc9709fb39
DIST qemu-2.9.0.tar.bz2 28720490 SHA256 00bfb217b1bb03c7a6c3261b819cfccbfb5a58e3e2ceff546327d271773c6c14 SHA512 4b28966eec0ca44681e35fcfb64a4eaef7c280b8d65c91d03f2efa37f76278fd8c1680e5798c7a30dbfcc8f3c05f4a803f48b8a2dfec3a4181bac079b2a5e422 WHIRLPOOL d79fe89eb271a56aee0cbd328e5f96999176b711afb5683d164b7b99d91e6dd2bfaf6e2ff4cd820a941c94f28116765cb07ffd5809d75c2f9654a67d56bfc0c1
-EBUILD qemu-2.9.0-r2.ebuild 22065 SHA256 45015103d32a318241da3d34c7340786571b65dc580f8493853c35e0ad5541ec SHA512 7b69c749172677046a101778ba2d8078bf8f5ccedc2d3c6767a2096838f8b80d0519bb798f23e7229fec04ca0c6c4c96caf7d07983ca2aca8d77e86b4f2ed229 WHIRLPOOL ebbf728a67a6f67ce2d40ac72cc95e27e46133e522d70a0e6d91525df7af048d2d1dfbb3e9534e4871882f5fe01749e3f749662414f802569c2f40ac66450afa
-EBUILD qemu-2.9.0-r56.ebuild 23949 SHA256 29ec70d1fb1a0bc116b712cb5bad5cdc8039d03bfc10af26d5cb0f15dbac3230 SHA512 6d7c57c85acd8627105e88fdda2ed07ed5a2724b01b31e8fe601eeed74d78197e8e3ae50079688a8c8dd7f771017f45968eff4d1e8e976fae4ce5c7dfec891e0 WHIRLPOOL 7958cc33f46924d50f2790a25a66ec4a3e93326e7b0c1f4625e13bf85060102fa4f4989bcd4814517e1c5b7390df8c3b31b0f045970da7a93cf558cc5411ac5f
+EBUILD qemu-2.10.0.ebuild 23200 SHA256 b6ea9761833b289161b9c85a284d7bcdea5f0e0916886ecd78598771e719244d SHA512 82401fb80d0d692b04c3e37abdb9ccedd9379d71f0812c5afbab57c71f6962f62942296fdb2d0a9bff2474f22b246f15452f4c9793cba10135d5f4f06179d763 WHIRLPOOL df317a5a191e6e127e7cac7ac1efe1fc02d36fd5ea5759010d7dbbc655468c4082906d5f73431498182cf01331fc30abcf1ffd6502770fe0e5b7e9ee0f32ecb3
+EBUILD qemu-2.9.0-r56.ebuild 23947 SHA256 4d5b7dd4c19e0324b14c8890581e9b6b5175feab19240de34d1916709336df2e SHA512 037c64bd8d2dd29ed24ea26368bce4046680d34a3cf106a395e821cb3f46061dfefcf9afea68e40e86dff243948b5e6f99d10340d0e1f0224861119beed03e6c WHIRLPOOL 6315aa22ddd841d861806f58593e13364829ef38bf5db1c0169f855d6a52368b6d5eba57af35ca72f4f98153f8cb2bff54f43124710457f70cfcb61b837d8429
MISC metadata.xml 3794 SHA256 149f7bc9927e13bbf7355972e85df6f9f198dd17fb575a7e516817d6a88018fb SHA512 10f130f225b90dacf8262247d795a247abfdcbf3ad5fbe0693e8d4db79f755984f690cb150a7eb5a8e5d669ce404145c4fbb6b200d6362319be74759fd78b6d3 WHIRLPOOL 6a5e88caeb64387f619a19fecb55c39ccf3c8dcd360523e8d61b80051001c02fe81432c55e40b3f360295b35e9f5a1f707c570baf95cad06d18c4cd484da0ceb
diff --git a/app-emulation/qemu/files/qemu-2.10.0-CVE-2017-13711.patch b/app-emulation/qemu/files/qemu-2.10.0-CVE-2017-13711.patch
new file mode 100644
index 0000000..9d02656
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.10.0-CVE-2017-13711.patch
@@ -0,0 +1,80 @@
+From 1201d308519f1e915866d7583d5136d03cc1d384 Mon Sep 17 00:00:00 2001
+From: Samuel Thibault <samuel.thibault@ens-lyon.org>
+Date: Fri, 25 Aug 2017 01:35:53 +0200
+Subject: [PATCH] slirp: fix clearing ifq_so from pending packets
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The if_fastq and if_batchq contain not only packets, but queues of packets
+for the same socket. When sofree frees a socket, it thus has to clear ifq_so
+from all the packets from the queues, not only the first.
+
+Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
+Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
+Cc: qemu-stable@nongnu.org
+Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
+---
+ slirp/socket.c | 39 +++++++++++++++++++++++----------------
+ 1 file changed, 23 insertions(+), 16 deletions(-)
+
+diff --git a/slirp/socket.c b/slirp/socket.c
+index ecec0295a9..cb7b5b608d 100644
+--- a/slirp/socket.c
++++ b/slirp/socket.c
+@@ -60,29 +60,36 @@ socreate(Slirp *slirp)
+ }
+
+ /*
++ * Remove references to so from the given message queue.
++ */
++static void
++soqfree(struct socket *so, struct quehead *qh)
++{
++ struct mbuf *ifq;
++
++ for (ifq = (struct mbuf *) qh->qh_link;
++ (struct quehead *) ifq != qh;
++ ifq = ifq->ifq_next) {
++ if (ifq->ifq_so == so) {
++ struct mbuf *ifm;
++ ifq->ifq_so = NULL;
++ for (ifm = ifq->ifs_next; ifm != ifq; ifm = ifm->ifs_next) {
++ ifm->ifq_so = NULL;
++ }
++ }
++ }
++}
++
++/*
+ * remque and free a socket, clobber cache
+ */
+ void
+ sofree(struct socket *so)
+ {
+ Slirp *slirp = so->slirp;
+- struct mbuf *ifm;
+
+- for (ifm = (struct mbuf *) slirp->if_fastq.qh_link;
+- (struct quehead *) ifm != &slirp->if_fastq;
+- ifm = ifm->ifq_next) {
+- if (ifm->ifq_so == so) {
+- ifm->ifq_so = NULL;
+- }
+- }
+-
+- for (ifm = (struct mbuf *) slirp->if_batchq.qh_link;
+- (struct quehead *) ifm != &slirp->if_batchq;
+- ifm = ifm->ifq_next) {
+- if (ifm->ifq_so == so) {
+- ifm->ifq_so = NULL;
+- }
+- }
++ soqfree(so, &slirp->if_fastq);
++ soqfree(so, &slirp->if_batchq);
+
+ if (so->so_emu==EMU_RSH && so->extra) {
+ sofree(so->extra);
+--
+2.13.5
+
diff --git a/app-emulation/qemu/qemu-2.9.0-r2.ebuild b/app-emulation/qemu/qemu-2.10.0.ebuild
similarity index 90%
rename from app-emulation/qemu/qemu-2.9.0-r2.ebuild
rename to app-emulation/qemu/qemu-2.10.0.ebuild
index 397b86c..fe5cfb4 100644
--- a/app-emulation/qemu/qemu-2.9.0-r2.ebuild
+++ b/app-emulation/qemu/qemu-2.10.0.ebuild
@@ -8,6 +8,8 @@ PYTHON_REQ_USE="ncurses,readline"
PLOCALES="bg de_DE fr_FR hu it tr zh_CN"
+FIRMWARE_ABI_VERSION="2.9.0-r52"
+
inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \
user udev fcaps readme.gentoo-r1 pax-utils l10n
@@ -17,7 +19,7 @@ if [[ ${PV} = *9999* ]]; then
SRC_URI=""
else
SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
- KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd"
+ KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd"
fi
DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
@@ -135,7 +137,7 @@ SOFTMMU_TOOLS_DEPEND="
)
seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] )
smartcard? ( >=app-emulation/libcacard-2.5.0[static-libs(+)] )
- snappy? ( app-arch/snappy[static-libs(+)] )
+ snappy? ( app-arch/snappy:=[static-libs(+)] )
spice? (
>=app-emulation/spice-protocol-0.12.3
>=app-emulation/spice-0.12.0[static-libs(+)]
@@ -150,16 +152,17 @@ SOFTMMU_TOOLS_DEPEND="
xfs? ( sys-fs/xfsprogs[static-libs(+)] )"
X86_FIRMWARE_DEPEND="
- >=sys-firmware/ipxe-1.0.0_p20130624
pin-upstream-blobs? (
- ~sys-firmware/seabios-1.10.1
+ ~sys-firmware/edk2-ovmf-2017_pre20170505[binary]
+ ~sys-firmware/ipxe-1.0.0_p20160620
+ ~sys-firmware/seabios-1.10.2[binary,seavgabios]
~sys-firmware/sgabios-0.1_pre8
- ~sys-firmware/vgabios-0.7a
)
!pin-upstream-blobs? (
- sys-firmware/seabios
+ sys-firmware/edk2-ovmf
+ sys-firmware/ipxe
+ >=sys-firmware/seabios-1.10.2[seavgabios]
sys-firmware/sgabios
- sys-firmware/vgabios
)"
CDEPEND="
@@ -197,11 +200,7 @@ PATCHES=(
# gentoo patches
"${FILESDIR}"/${PN}-2.5.0-cflags.patch
"${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8309.patch # bug 616870
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8379.patch # bug 616872
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8380.patch # bug 616874
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8112.patch # bug 616636
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-7493.patch # bug 618808
+ "${FILESDIR}"/${PN}-2.10.0-CVE-2017-13711.patch # bug 629350
)
STRIP_MASK="/usr/share/qemu/palcode-clipper"
@@ -684,27 +683,30 @@ src_install() {
cd "${S}"
dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt
newdoc pc-bios/README README.pc-bios
- dodoc docs/qmp-*.txt
if [[ -n ${softmmu_targets} ]]; then
# Remove SeaBIOS since we're using the SeaBIOS packaged one
rm "${ED}/usr/share/qemu/bios.bin"
+ rm "${ED}/usr/share/qemu/bios-256k.bin"
if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
dosym ../seabios/bios.bin /usr/share/qemu/bios.bin
+ dosym ../seabios/bios-256k.bin /usr/share/qemu/bios-256k.bin
fi
- # Remove vgabios since we're using the vgabios packaged one
+ # Remove vgabios since we're using the seavgabios packaged one
rm "${ED}/usr/share/qemu/vgabios.bin"
rm "${ED}/usr/share/qemu/vgabios-cirrus.bin"
rm "${ED}/usr/share/qemu/vgabios-qxl.bin"
rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
+ rm "${ED}/usr/share/qemu/vgabios-virtio.bin"
rm "${ED}/usr/share/qemu/vgabios-vmware.bin"
if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../vgabios/vgabios.bin /usr/share/qemu/vgabios.bin
- dosym ../vgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
- dosym ../vgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
- dosym ../vgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
- dosym ../vgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
+ dosym ../seavgabios/vgabios-isavga.bin /usr/share/qemu/vgabios.bin
+ dosym ../seavgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
+ dosym ../seavgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
+ dosym ../seavgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
+ dosym ../seavgabios/vgabios-virtio.bin /usr/share/qemu/vgabios-virtio.bin
+ dosym ../seavgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
fi
# Remove sgabios since we're using the sgabios packaged one
@@ -729,20 +731,50 @@ src_install() {
readme.gentoo_create_doc
}
-pkg_postinst() {
- DISABLE_AUTOFORMATTING=true
- readme.gentoo_print_elog
+firmware_abi_change() {
+ local pv
+ for pv in ${REPLACING_VERSIONS}; do
+ if ! version_is_at_least ${FIRMWARE_ABI_VERSION} ${pv}; then
+ return 0
+ fi
+ done
+ return 1
+}
+pkg_postinst() {
if [[ -n ${softmmu_targets} ]] && use kernel_linux; then
udev_reload
fi
fcaps cap_net_admin /usr/libexec/qemu-bridge-helper
+
+ DISABLE_AUTOFORMATTING=true
+ readme.gentoo_print_elog
+
+ if use pin-upstream-blobs && firmware_abi_change; then
+ ewarn "This version of qemu pins new versions of firmware blobs:"
+ ewarn " $(best_version sys-firmware/edk2-ovmf)"
+ ewarn " $(best_version sys-firmware/ipxe)"
+ ewarn " $(best_version sys-firmware/seabios)"
+ ewarn " $(best_version sys-firmware/sgabios)"
+ ewarn "This might break resume of hibernated guests (started with a different"
+ ewarn "firmware version) and live migration to/from qemu versions with different"
+ ewarn "firmware. Please (cold) restart all running guests. For functional"
+ ewarn "guest migration ensure that all"
+ ewarn "hosts run at least"
+ ewarn " app-emulation/qemu-${FIRMWARE_ABI_VERSION}."
+ fi
}
pkg_info() {
echo "Using:"
echo " $(best_version app-emulation/spice-protocol)"
+ echo " $(best_version sys-firmware/edk2-ovmf)"
+ if has_version 'sys-firmware/edk2-ovmf[binary]'; then
+ echo " USE=binary"
+ else
+ echo " USE=''"
+ fi
echo " $(best_version sys-firmware/ipxe)"
echo " $(best_version sys-firmware/seabios)"
if has_version 'sys-firmware/seabios[binary]'; then
@@ -750,5 +782,5 @@ pkg_info() {
else
echo " USE=''"
fi
- echo " $(best_version sys-firmware/vgabios)"
+ echo " $(best_version sys-firmware/sgabios)"
}
diff --git a/app-emulation/qemu/qemu-2.9.0-r56.ebuild b/app-emulation/qemu/qemu-2.9.0-r56.ebuild
index 9ccb645..256a811 100644
--- a/app-emulation/qemu/qemu-2.9.0-r56.ebuild
+++ b/app-emulation/qemu/qemu-2.9.0-r56.ebuild
@@ -19,7 +19,7 @@ if [[ ${PV} = *9999* ]]; then
SRC_URI=""
else
SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
- KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd"
+ KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd"
fi
DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/
@ 2017-11-13 21:18 Aric Belsito
0 siblings, 0 replies; 19+ messages in thread
From: Aric Belsito @ 2017-11-13 21:18 UTC (permalink / raw
To: gentoo-commits
commit: 3c163a962cd7f22f3c86a503904df8d813722418
Author: Aric Belsito <lluixhi <AT> gmail <DOT> com>
AuthorDate: Mon Nov 13 21:17:14 2017 +0000
Commit: Aric Belsito <lluixhi <AT> gmail <DOT> com>
CommitDate: Mon Nov 13 21:17:14 2017 +0000
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=3c163a96
app-emulation/qemu: version bump to 2.10.1
remove old versions.
app-emulation/qemu/Manifest | 2 +-
.../qemu/files/qemu-2.10.1-CVE-2017-15268.patch | 54 ++
.../qemu/files/qemu-2.10.1-CVE-2017-15289.patch | 58 ++
.../qemu/files/qemu-2.9.0-CVE-2017-10664.patch | 47 --
.../qemu/files/qemu-2.9.0-CVE-2017-10806.patch | 50 --
.../qemu/files/qemu-2.9.0-CVE-2017-11334.patch | 40 -
.../qemu/files/qemu-2.9.0-CVE-2017-11434.patch | 29 -
.../qemu/files/qemu-2.9.0-CVE-2017-7493.patch | 174 -----
.../qemu/files/qemu-2.9.0-CVE-2017-8112.patch | 22 -
.../qemu/files/qemu-2.9.0-CVE-2017-8309.patch | 22 -
.../qemu/files/qemu-2.9.0-CVE-2017-8379.patch | 76 --
.../qemu/files/qemu-2.9.0-CVE-2017-8380.patch | 34 -
.../qemu/files/qemu-2.9.0-CVE-2017-9503-1.patch | 122 ----
.../qemu/files/qemu-2.9.0-CVE-2017-9503-2.patch | 114 ---
.../qemu/files/qemu-2.9.0-CVE-2017-9524-1.patch | 80 --
.../qemu/files/qemu-2.9.0-CVE-2017-9524-2.patch | 197 -----
.../{qemu-2.10.0-r1.ebuild => qemu-2.10.1.ebuild} | 20 +-
app-emulation/qemu/qemu-2.9.0-r56.ebuild | 799 --------------------
app-emulation/qemu/qemu-2.9.0-r57.ebuild | 802 ---------------------
19 files changed, 129 insertions(+), 2613 deletions(-)
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
index 0c8db49..95c955c 100644
--- a/app-emulation/qemu/Manifest
+++ b/app-emulation/qemu/Manifest
@@ -1,2 +1,2 @@
DIST qemu-2.10.0.tar.bz2 30955656 SHA256 7e9f39e1306e6dcc595494e91c1464d4b03f55ddd2053183e0e1b69f7f776d48 SHA512 ea21c014030f8a902df159641e6ccb45f0850ac5cb1cb8ab6845124c44ea5def54845e7bc66a6e80d624c78069f9baa913ee5119704076ae4ff47ab018ace9f9 WHIRLPOOL 58f846788fdf2b0c90e6d17ce921a1fe02556968d38ffc11be7e32b81ebc723dfeaa790f22d8085d4f388eb01fe0daa3ddbc00630c5ecba083df33cc9709fb39
-DIST qemu-2.9.0.tar.bz2 28720490 SHA256 00bfb217b1bb03c7a6c3261b819cfccbfb5a58e3e2ceff546327d271773c6c14 SHA512 4b28966eec0ca44681e35fcfb64a4eaef7c280b8d65c91d03f2efa37f76278fd8c1680e5798c7a30dbfcc8f3c05f4a803f48b8a2dfec3a4181bac079b2a5e422 WHIRLPOOL d79fe89eb271a56aee0cbd328e5f96999176b711afb5683d164b7b99d91e6dd2bfaf6e2ff4cd820a941c94f28116765cb07ffd5809d75c2f9654a67d56bfc0c1
+DIST qemu-2.10.1.tar.bz2 30821108 SHA256 8e040bc7556401ebb3a347a8f7878e9d4028cf71b2744b1a1699f4e741966ba8 SHA512 1a4a6ebf700ec6851c83cc2a71eaea8d95f14c685d094eaaa86c740eb9401e49a79074b72385f58681ca7646771a99bb6bbd9bebb39162f7220626d37ed0654f WHIRLPOOL 79b1b8c19affc799e1a42c02a7c2fea13bf4ca1f9a2aa6e765d529aa3531f68cca77e92264561b2884314074f3148469f5a2f976c3473beb5ed0568617ce777b
diff --git a/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15268.patch b/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15268.patch
new file mode 100644
index 0000000..7d08b32
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15268.patch
@@ -0,0 +1,54 @@
+From a7b20a8efa28e5f22c26c06cd06c2f12bc863493 Mon Sep 17 00:00:00 2001
+From: "Daniel P. Berrange" <berrange@redhat.com>
+Date: Mon, 9 Oct 2017 14:43:42 +0100
+Subject: [PATCH] io: monitor encoutput buffer size from websocket GSource
+
+The websocket GSource is monitoring the size of the rawoutput
+buffer to determine if the channel can accepts more writes.
+The rawoutput buffer, however, is merely a temporary staging
+buffer before data is copied into the encoutput buffer. Thus
+its size will always be zero when the GSource runs.
+
+This flaw causes the encoutput buffer to grow without bound
+if the other end of the underlying data channel doesn't
+read data being sent. This can be seen with VNC if a client
+is on a slow WAN link and the guest OS is sending many screen
+updates. A malicious VNC client can act like it is on a slow
+link by playing a video in the guest and then reading data
+very slowly, causing QEMU host memory to expand arbitrarily.
+
+This issue is assigned CVE-2017-15268, publically reported in
+
+ https://bugs.launchpad.net/qemu/+bug/1718964
+
+Reviewed-by: Eric Blake <eblake@redhat.com>
+Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
+---
+ io/channel-websock.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/io/channel-websock.c b/io/channel-websock.c
+index d1d471f86e..04bcc059cd 100644
+--- a/io/channel-websock.c
++++ b/io/channel-websock.c
+@@ -28,7 +28,7 @@
+ #include <time.h>
+
+
+-/* Max amount to allow in rawinput/rawoutput buffers */
++/* Max amount to allow in rawinput/encoutput buffers */
+ #define QIO_CHANNEL_WEBSOCK_MAX_BUFFER 8192
+
+ #define QIO_CHANNEL_WEBSOCK_CLIENT_KEY_LEN 24
+@@ -1208,7 +1208,7 @@ qio_channel_websock_source_check(GSource *source)
+ if (wsource->wioc->rawinput.offset || wsource->wioc->io_eof) {
+ cond |= G_IO_IN;
+ }
+- if (wsource->wioc->rawoutput.offset < QIO_CHANNEL_WEBSOCK_MAX_BUFFER) {
++ if (wsource->wioc->encoutput.offset < QIO_CHANNEL_WEBSOCK_MAX_BUFFER) {
+ cond |= G_IO_OUT;
+ }
+
+--
+2.13.6
+
diff --git a/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15289.patch b/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15289.patch
new file mode 100644
index 0000000..a4ad2d5
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.10.1-CVE-2017-15289.patch
@@ -0,0 +1,58 @@
+From eb38e1bc3740725ca29a535351de94107ec58d51 Mon Sep 17 00:00:00 2001
+From: Gerd Hoffmann <kraxel@redhat.com>
+Date: Wed, 11 Oct 2017 10:43:14 +0200
+Subject: [PATCH] cirrus: fix oob access in mode4and5 write functions
+
+Move dst calculation into the loop, so we apply the mask on each
+interation and will not overflow vga memory.
+
+Cc: Prasad J Pandit <pjp@fedoraproject.org>
+Reported-by: Niu Guoxiang <niuguoxiang@huawei.com>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+Message-id: 20171011084314.21752-1-kraxel@redhat.com
+---
+ hw/display/cirrus_vga.c | 6 ++----
+ 1 file changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
+index b4d579857a..bc32bf1e39 100644
+--- a/hw/display/cirrus_vga.c
++++ b/hw/display/cirrus_vga.c
+@@ -2038,15 +2038,14 @@ static void cirrus_mem_writeb_mode4and5_8bpp(CirrusVGAState * s,
+ unsigned val = mem_value;
+ uint8_t *dst;
+
+- dst = s->vga.vram_ptr + (offset &= s->cirrus_addr_mask);
+ for (x = 0; x < 8; x++) {
++ dst = s->vga.vram_ptr + ((offset + x) & s->cirrus_addr_mask);
+ if (val & 0x80) {
+ *dst = s->cirrus_shadow_gr1;
+ } else if (mode == 5) {
+ *dst = s->cirrus_shadow_gr0;
+ }
+ val <<= 1;
+- dst++;
+ }
+ memory_region_set_dirty(&s->vga.vram, offset, 8);
+ }
+@@ -2060,8 +2059,8 @@ static void cirrus_mem_writeb_mode4and5_16bpp(CirrusVGAState * s,
+ unsigned val = mem_value;
+ uint8_t *dst;
+
+- dst = s->vga.vram_ptr + (offset &= s->cirrus_addr_mask);
+ for (x = 0; x < 8; x++) {
++ dst = s->vga.vram_ptr + ((offset + 2 * x) & s->cirrus_addr_mask & ~1);
+ if (val & 0x80) {
+ *dst = s->cirrus_shadow_gr1;
+ *(dst + 1) = s->vga.gr[0x11];
+@@ -2070,7 +2069,6 @@ static void cirrus_mem_writeb_mode4and5_16bpp(CirrusVGAState * s,
+ *(dst + 1) = s->vga.gr[0x10];
+ }
+ val <<= 1;
+- dst += 2;
+ }
+ memory_region_set_dirty(&s->vga.vram, offset, 16);
+ }
+--
+2.13.6
+
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-10664.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-10664.patch
deleted file mode 100644
index 7db0692..0000000
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-10664.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From 041e32b8d9d076980b4e35317c0339e57ab888f1 Mon Sep 17 00:00:00 2001
-From: Max Reitz <mreitz@redhat.com>
-Date: Sun, 11 Jun 2017 14:37:14 +0200
-Subject: [PATCH] qemu-nbd: Ignore SIGPIPE
-
-qemu proper has done so for 13 years
-(8a7ddc38a60648257dc0645ab4a05b33d6040063), qemu-img and qemu-io have
-done so for four years (526eda14a68d5b3596be715505289b541288ef2a).
-Ignoring this signal is especially important in qemu-nbd because
-otherwise a client can easily take down the qemu-nbd server by dropping
-the connection when the server wants to send something, for example:
-
-$ qemu-nbd -x foo -f raw -t null-co:// &
-[1] 12726
-$ qemu-io -c quit nbd://localhost/bar
-can't open device nbd://localhost/bar: No export with name 'bar' available
-[1] + 12726 broken pipe qemu-nbd -x foo -f raw -t null-co://
-
-In this case, the client sends an NBD_OPT_ABORT and closes the
-connection (because it is not required to wait for a reply), but the
-server replies with an NBD_REP_ACK (because it is required to reply).
-
-Signed-off-by: Max Reitz <mreitz@redhat.com>
-Message-Id: <20170611123714.31292-1-mreitz@redhat.com>
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
----
- qemu-nbd.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/qemu-nbd.c b/qemu-nbd.c
-index 9464a0461c..4dd3fd4732 100644
---- a/qemu-nbd.c
-+++ b/qemu-nbd.c
-@@ -581,6 +581,10 @@ int main(int argc, char **argv)
- sa_sigterm.sa_handler = termsig_handler;
- sigaction(SIGTERM, &sa_sigterm, NULL);
-
-+#ifdef CONFIG_POSIX
-+ signal(SIGPIPE, SIG_IGN);
-+#endif
-+
- module_call_init(MODULE_INIT_TRACE);
- qcrypto_init(&error_fatal);
-
---
-2.13.0
-
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-10806.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-10806.patch
deleted file mode 100644
index 0074f5f..0000000
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-10806.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-From bd4a683505b27adc1ac809f71e918e58573d851d Mon Sep 17 00:00:00 2001
-From: Gerd Hoffmann <kraxel@redhat.com>
-Date: Tue, 9 May 2017 13:01:28 +0200
-Subject: [PATCH] usb-redir: fix stack overflow in usbredir_log_data
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Don't reinvent a broken wheel, just use the hexdump function we have.
-
-Impact: low, broken code doesn't run unless you have debug logging
-enabled.
-
-Reported-by: 李强 <liqiang6-s@360.cn>
-Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
-Message-id: 20170509110128.27261-1-kraxel@redhat.com
----
- hw/usb/redirect.c | 13 +------------
- 1 file changed, 1 insertion(+), 12 deletions(-)
-
-diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c
-index b001a27f05..ad5ef783a6 100644
---- a/hw/usb/redirect.c
-+++ b/hw/usb/redirect.c
-@@ -229,21 +229,10 @@ static void usbredir_log(void *priv, int level, const char *msg)
- static void usbredir_log_data(USBRedirDevice *dev, const char *desc,
- const uint8_t *data, int len)
- {
-- int i, j, n;
--
- if (dev->debug < usbredirparser_debug_data) {
- return;
- }
--
-- for (i = 0; i < len; i += j) {
-- char buf[128];
--
-- n = sprintf(buf, "%s", desc);
-- for (j = 0; j < 8 && i + j < len; j++) {
-- n += sprintf(buf + n, " %02X", data[i + j]);
-- }
-- error_report("%s", buf);
-- }
-+ qemu_hexdump((char *)data, stderr, desc, len);
- }
-
- /*
---
-2.13.0
-
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-11334.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-11334.patch
deleted file mode 100644
index bfe4c7d..0000000
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-11334.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-[Qemu-devel] [PULL 21/41] exec: use qemu_ram_ptr_length to access guest
-From: Prasad J Pandit <address@hidden>
-
-When accessing guest's ram block during DMA operation, use
-'qemu_ram_ptr_length' to get ram block pointer. It ensures
-that DMA operation of given length is possible; And avoids
-any OOB memory access situations.
-
-Reported-by: Alex <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
-Message-Id: <address@hidden>
-Signed-off-by: Paolo Bonzini <address@hidden>
----
- exec.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/exec.c b/exec.c
-index a083ff8..ad103ce 100644
---- a/exec.c
-+++ b/exec.c
-@@ -2929,7 +2929,7 @@ static MemTxResult address_space_write_continue(AddressSpace *as, hwaddr addr,
- }
- } else {
- /* RAM case */
-- ptr = qemu_map_ram_ptr(mr->ram_block, addr1);
-+ ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l);
- memcpy(ptr, buf, l);
- invalidate_and_set_dirty(mr, addr1, l);
- }
-@@ -3020,7 +3020,7 @@ MemTxResult address_space_read_continue(AddressSpace *as, hwaddr addr,
- }
- } else {
- /* RAM case */
-- ptr = qemu_map_ram_ptr(mr->ram_block, addr1);
-+ ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l);
- memcpy(buf, ptr, l);
- }
-
---
-1.8.3.1
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-11434.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-11434.patch
deleted file mode 100644
index 5d32067..0000000
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-11434.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-[Qemu-devel] [PATCH] slirp: check len against dhcp options array end
-From: Prasad J Pandit <address@hidden>
-
-While parsing dhcp options string in 'dhcp_decode', if an options'
-length 'len' appeared towards the end of 'bp_vend' array, ensuing
-read could lead to an OOB memory access issue. Add check to avoid it.
-
-Reported-by: Reno Robert <address@hidden>
-Signed-off-by: Prasad J Pandit <address@hidden>
----
- slirp/bootp.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/slirp/bootp.c b/slirp/bootp.c
-index 5a4646c..5dd1a41 100644
---- a/slirp/bootp.c
-+++ b/slirp/bootp.c
-@@ -123,6 +123,9 @@ static void dhcp_decode(const struct bootp_t *bp, int *pmsg_type,
- if (p >= p_end)
- break;
- len = *p++;
-+ if (p + len > p_end) {
-+ break;
-+ }
- DPRINTF("dhcp: tag=%d len=%d\n", tag, len);
-
- switch(tag) {
---
-2.9.4
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-7493.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-7493.patch
deleted file mode 100644
index 346e771..0000000
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-7493.patch
+++ /dev/null
@@ -1,174 +0,0 @@
-From 7a95434e0ca8a037fd8aa1a2e2461f92585eb77b Mon Sep 17 00:00:00 2001
-From: Greg Kurz <groug@kaod.org>
-Date: Fri, 5 May 2017 14:48:08 +0200
-Subject: [PATCH] 9pfs: local: forbid client access to metadata (CVE-2017-7493)
-
-When using the mapped-file security mode, we shouldn't let the client mess
-with the metadata. The current code already tries to hide the metadata dir
-from the client by skipping it in local_readdir(). But the client can still
-access or modify it through several other operations. This can be used to
-escalate privileges in the guest.
-
-Affected backend operations are:
-- local_mknod()
-- local_mkdir()
-- local_open2()
-- local_symlink()
-- local_link()
-- local_unlinkat()
-- local_renameat()
-- local_rename()
-- local_name_to_path()
-
-Other operations are safe because they are only passed a fid path, which
-is computed internally in local_name_to_path().
-
-This patch converts all the functions listed above to fail and return
-EINVAL when being passed the name of the metadata dir. This may look
-like a poor choice for errno, but there's no such thing as an illegal
-path name on Linux and I could not think of anything better.
-
-This fixes CVE-2017-7493.
-
-Reported-by: Leo Gaspard <leo@gaspard.io>
-Signed-off-by: Greg Kurz <groug@kaod.org>
-Reviewed-by: Eric Blake <eblake@redhat.com>
----
- hw/9pfs/9p-local.c | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++++--
- 1 file changed, 56 insertions(+), 2 deletions(-)
-
-diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
-index f3ebca4f7a..a2486566af 100644
---- a/hw/9pfs/9p-local.c
-+++ b/hw/9pfs/9p-local.c
-@@ -452,6 +452,11 @@ static off_t local_telldir(FsContext *ctx, V9fsFidOpenState *fs)
- return telldir(fs->dir.stream);
- }
-
-+static bool local_is_mapped_file_metadata(FsContext *fs_ctx, const char *name)
-+{
-+ return !strcmp(name, VIRTFS_META_DIR);
-+}
-+
- static struct dirent *local_readdir(FsContext *ctx, V9fsFidOpenState *fs)
- {
- struct dirent *entry;
-@@ -465,8 +470,8 @@ again:
- if (ctx->export_flags & V9FS_SM_MAPPED) {
- entry->d_type = DT_UNKNOWN;
- } else if (ctx->export_flags & V9FS_SM_MAPPED_FILE) {
-- if (!strcmp(entry->d_name, VIRTFS_META_DIR)) {
-- /* skp the meta data directory */
-+ if (local_is_mapped_file_metadata(ctx, entry->d_name)) {
-+ /* skip the meta data directory */
- goto again;
- }
- entry->d_type = DT_UNKNOWN;
-@@ -559,6 +564,12 @@ static int local_mknod(FsContext *fs_ctx, V9fsPath *dir_path,
- int err = -1;
- int dirfd;
-
-+ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE &&
-+ local_is_mapped_file_metadata(fs_ctx, name)) {
-+ errno = EINVAL;
-+ return -1;
-+ }
-+
- dirfd = local_opendir_nofollow(fs_ctx, dir_path->data);
- if (dirfd == -1) {
- return -1;
-@@ -605,6 +616,12 @@ static int local_mkdir(FsContext *fs_ctx, V9fsPath *dir_path,
- int err = -1;
- int dirfd;
-
-+ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE &&
-+ local_is_mapped_file_metadata(fs_ctx, name)) {
-+ errno = EINVAL;
-+ return -1;
-+ }
-+
- dirfd = local_opendir_nofollow(fs_ctx, dir_path->data);
- if (dirfd == -1) {
- return -1;
-@@ -694,6 +711,12 @@ static int local_open2(FsContext *fs_ctx, V9fsPath *dir_path, const char *name,
- int err = -1;
- int dirfd;
-
-+ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE &&
-+ local_is_mapped_file_metadata(fs_ctx, name)) {
-+ errno = EINVAL;
-+ return -1;
-+ }
-+
- /*
- * Mark all the open to not follow symlinks
- */
-@@ -752,6 +775,12 @@ static int local_symlink(FsContext *fs_ctx, const char *oldpath,
- int err = -1;
- int dirfd;
-
-+ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE &&
-+ local_is_mapped_file_metadata(fs_ctx, name)) {
-+ errno = EINVAL;
-+ return -1;
-+ }
-+
- dirfd = local_opendir_nofollow(fs_ctx, dir_path->data);
- if (dirfd == -1) {
- return -1;
-@@ -826,6 +855,12 @@ static int local_link(FsContext *ctx, V9fsPath *oldpath,
- int ret = -1;
- int odirfd, ndirfd;
-
-+ if (ctx->export_flags & V9FS_SM_MAPPED_FILE &&
-+ local_is_mapped_file_metadata(ctx, name)) {
-+ errno = EINVAL;
-+ return -1;
-+ }
-+
- odirfd = local_opendir_nofollow(ctx, odirpath);
- if (odirfd == -1) {
- goto out;
-@@ -1096,6 +1131,12 @@ static int local_lremovexattr(FsContext *ctx, V9fsPath *fs_path,
- static int local_name_to_path(FsContext *ctx, V9fsPath *dir_path,
- const char *name, V9fsPath *target)
- {
-+ if (ctx->export_flags & V9FS_SM_MAPPED_FILE &&
-+ local_is_mapped_file_metadata(ctx, name)) {
-+ errno = EINVAL;
-+ return -1;
-+ }
-+
- if (dir_path) {
- v9fs_path_sprintf(target, "%s/%s", dir_path->data, name);
- } else if (strcmp(name, "/")) {
-@@ -1116,6 +1157,13 @@ static int local_renameat(FsContext *ctx, V9fsPath *olddir,
- int ret;
- int odirfd, ndirfd;
-
-+ if (ctx->export_flags & V9FS_SM_MAPPED_FILE &&
-+ (local_is_mapped_file_metadata(ctx, old_name) ||
-+ local_is_mapped_file_metadata(ctx, new_name))) {
-+ errno = EINVAL;
-+ return -1;
-+ }
-+
- odirfd = local_opendir_nofollow(ctx, olddir->data);
- if (odirfd == -1) {
- return -1;
-@@ -1206,6 +1254,12 @@ static int local_unlinkat(FsContext *ctx, V9fsPath *dir,
- int ret;
- int dirfd;
-
-+ if (ctx->export_flags & V9FS_SM_MAPPED_FILE &&
-+ local_is_mapped_file_metadata(ctx, name)) {
-+ errno = EINVAL;
-+ return -1;
-+ }
-+
- dirfd = local_opendir_nofollow(ctx, dir->data);
- if (dirfd == -1) {
- return -1;
---
-2.13.0
-
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8112.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8112.patch
deleted file mode 100644
index 31fb69b..0000000
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8112.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-CVE-2017-8112
-
-https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg04494.html
----
- hw/scsi/vmw_pvscsi.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/hw/scsi/vmw_pvscsi.c b/hw/scsi/vmw_pvscsi.c
-index 7557546..4a106da 100644
---- a/hw/scsi/vmw_pvscsi.c
-+++ b/hw/scsi/vmw_pvscsi.c
-@@ -202,7 +202,7 @@ pvscsi_ring_init_msg(PVSCSIRingInfo *m, PVSCSICmdDescSetupMsgRing *ri)
- uint32_t len_log2;
- uint32_t ring_size;
-
-- if (ri->numPages > PVSCSI_SETUP_MSG_RING_MAX_NUM_PAGES) {
-+ if (!ri->numPages || ri->numPages > PVSCSI_SETUP_MSG_RING_MAX_NUM_PAGES) {
- return -1;
- }
- ring_size = ri->numPages * PVSCSI_MAX_NUM_MSG_ENTRIES_PER_PAGE;
---
-2.9.3
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8309.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8309.patch
deleted file mode 100644
index 4f7f870..0000000
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8309.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-bug #616870
-
-https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg05587.html
----
- audio/audio.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/audio/audio.c b/audio/audio.c
-index c8898d8422..beafed209b 100644
---- a/audio/audio.c
-+++ b/audio/audio.c
-@@ -2028,6 +2028,8 @@ void AUD_del_capture (CaptureVoiceOut *cap, void *cb_opaque)
- sw = sw1;
- }
- QLIST_REMOVE (cap, entries);
-+ g_free (cap->hw.mix_buf);
-+ g_free (cap->buf);
- g_free (cap);
- }
- return;
---
-2.9.3
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8379.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8379.patch
deleted file mode 100644
index 0a34dae..0000000
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8379.patch
+++ /dev/null
@@ -1,76 +0,0 @@
-bug #616872
-
-https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg05599.html
----
- ui/input.c | 14 +++++++++++---
- 1 file changed, 11 insertions(+), 3 deletions(-)
-
-diff --git a/ui/input.c b/ui/input.c
-index ed88cda6d6..fb1f404095 100644
---- a/ui/input.c
-+++ b/ui/input.c
-@@ -41,6 +41,8 @@ static QTAILQ_HEAD(QemuInputEventQueueHead, QemuInputEventQueue) kbd_queue =
- QTAILQ_HEAD_INITIALIZER(kbd_queue);
- static QEMUTimer *kbd_timer;
- static uint32_t kbd_default_delay_ms = 10;
-+static uint32_t queue_count;
-+static uint32_t queue_limit = 1024;
-
- QemuInputHandlerState *qemu_input_handler_register(DeviceState *dev,
- QemuInputHandler *handler)
-@@ -268,6 +270,7 @@ static void qemu_input_queue_process(void *opaque)
- break;
- }
- QTAILQ_REMOVE(queue, item, node);
-+ queue_count--;
- g_free(item);
- }
- }
-@@ -282,6 +285,7 @@ static void qemu_input_queue_delay(struct QemuInputEventQueueHead *queue,
- item->delay_ms = delay_ms;
- item->timer = timer;
- QTAILQ_INSERT_TAIL(queue, item, node);
-+ queue_count++;
-
- if (start_timer) {
- timer_mod(item->timer, qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL)
-@@ -298,6 +302,7 @@ static void qemu_input_queue_event(struct QemuInputEventQueueHead *queue,
- item->src = src;
- item->evt = evt;
- QTAILQ_INSERT_TAIL(queue, item, node);
-+ queue_count++;
- }
-
- static void qemu_input_queue_sync(struct QemuInputEventQueueHead *queue)
-@@ -306,6 +311,7 @@ static void qemu_input_queue_sync(struct QemuInputEventQueueHead *queue)
-
- item->type = QEMU_INPUT_QUEUE_SYNC;
- QTAILQ_INSERT_TAIL(queue, item, node);
-+ queue_count++;
- }
-
- void qemu_input_event_send_impl(QemuConsole *src, InputEvent *evt)
-@@ -381,7 +387,7 @@ void qemu_input_event_send_key(QemuConsole *src, KeyValue *key, bool down)
- qemu_input_event_send(src, evt);
- qemu_input_event_sync();
- qapi_free_InputEvent(evt);
-- } else {
-+ } else if (queue_count < queue_limit) {
- qemu_input_queue_event(&kbd_queue, src, evt);
- qemu_input_queue_sync(&kbd_queue);
- }
-@@ -409,8 +415,10 @@ void qemu_input_event_send_key_delay(uint32_t delay_ms)
- kbd_timer = timer_new_ms(QEMU_CLOCK_VIRTUAL, qemu_input_queue_process,
- &kbd_queue);
- }
-- qemu_input_queue_delay(&kbd_queue, kbd_timer,
-- delay_ms ? delay_ms : kbd_default_delay_ms);
-+ if (queue_count < queue_limit) {
-+ qemu_input_queue_delay(&kbd_queue, kbd_timer,
-+ delay_ms ? delay_ms : kbd_default_delay_ms);
-+ }
- }
-
- InputEvent *qemu_input_event_new_btn(InputButton btn, bool down)
---
-2.9.3
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8380.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8380.patch
deleted file mode 100644
index 08911dd..0000000
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-8380.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-bug #616874
-
-https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg04147.html
----
- hw/scsi/megasas.c | 10 +++++-----
- 1 file changed, 5 insertions(+), 5 deletions(-)
-
-diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
-index 84b8caf..804122a 100644
---- a/hw/scsi/megasas.c
-+++ b/hw/scsi/megasas.c
-@@ -2138,15 +2138,15 @@ static void megasas_mmio_write(void *opaque, hwaddr addr,
- case MFI_SEQ:
- trace_megasas_mmio_writel("MFI_SEQ", val);
- /* Magic sequence to start ADP reset */
-- if (adp_reset_seq[s->adp_reset] == val) {
-- s->adp_reset++;
-+ if (adp_reset_seq[s->adp_reset++] == val) {
-+ if (s->adp_reset == 6) {
-+ s->adp_reset = 0;
-+ s->diag = MFI_DIAG_WRITE_ENABLE;
-+ }
- } else {
- s->adp_reset = 0;
- s->diag = 0;
- }
-- if (s->adp_reset == 6) {
-- s->diag = MFI_DIAG_WRITE_ENABLE;
-- }
- break;
- case MFI_DIAG:
- trace_megasas_mmio_writel("MFI_DIAG", val);
---
-2.9.3
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9503-1.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9503-1.patch
deleted file mode 100644
index 01c81d1..0000000
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9503-1.patch
+++ /dev/null
@@ -1,122 +0,0 @@
-From 87e459a810d7b1ec1638085b5a80ea3d9b43119a Mon Sep 17 00:00:00 2001
-From: Paolo Bonzini <pbonzini@redhat.com>
-Date: Thu, 1 Jun 2017 17:26:14 +0200
-Subject: [PATCH] megasas: always store SCSIRequest* into MegasasCmd
-
-This ensures that the request is unref'ed properly, and avoids a
-segmentation fault in the new qtest testcase that is added.
-This is CVE-2017-9503.
-
-Reported-by: Zhangyanyu <zyy4013@stu.ouc.edu.cn>
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
----
- hw/scsi/megasas.c | 31 ++++++++++++++++---------------
- 2 files changed, 51 insertions(+), 15 deletions(-)
-
-diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
-index 135662df31..734fdaef90 100644
---- a/hw/scsi/megasas.c
-+++ b/hw/scsi/megasas.c
-@@ -609,6 +609,9 @@ static void megasas_reset_frames(MegasasState *s)
- static void megasas_abort_command(MegasasCmd *cmd)
- {
- /* Never abort internal commands. */
-+ if (cmd->dcmd_opcode != -1) {
-+ return;
-+ }
- if (cmd->req != NULL) {
- scsi_req_cancel(cmd->req);
- }
-@@ -1017,7 +1020,6 @@ static int megasas_pd_get_info_submit(SCSIDevice *sdev, int lun,
- uint64_t pd_size;
- uint16_t pd_id = ((sdev->id & 0xFF) << 8) | (lun & 0xFF);
- uint8_t cmdbuf[6];
-- SCSIRequest *req;
- size_t len, resid;
-
- if (!cmd->iov_buf) {
-@@ -1026,8 +1028,8 @@ static int megasas_pd_get_info_submit(SCSIDevice *sdev, int lun,
- info->inquiry_data[0] = 0x7f; /* Force PQual 0x3, PType 0x1f */
- info->vpd_page83[0] = 0x7f;
- megasas_setup_inquiry(cmdbuf, 0, sizeof(info->inquiry_data));
-- req = scsi_req_new(sdev, cmd->index, lun, cmdbuf, cmd);
-- if (!req) {
-+ cmd->req = scsi_req_new(sdev, cmd->index, lun, cmdbuf, cmd);
-+ if (!cmd->req) {
- trace_megasas_dcmd_req_alloc_failed(cmd->index,
- "PD get info std inquiry");
- g_free(cmd->iov_buf);
-@@ -1036,26 +1038,26 @@ static int megasas_pd_get_info_submit(SCSIDevice *sdev, int lun,
- }
- trace_megasas_dcmd_internal_submit(cmd->index,
- "PD get info std inquiry", lun);
-- len = scsi_req_enqueue(req);
-+ len = scsi_req_enqueue(cmd->req);
- if (len > 0) {
- cmd->iov_size = len;
-- scsi_req_continue(req);
-+ scsi_req_continue(cmd->req);
- }
- return MFI_STAT_INVALID_STATUS;
- } else if (info->inquiry_data[0] != 0x7f && info->vpd_page83[0] == 0x7f) {
- megasas_setup_inquiry(cmdbuf, 0x83, sizeof(info->vpd_page83));
-- req = scsi_req_new(sdev, cmd->index, lun, cmdbuf, cmd);
-- if (!req) {
-+ cmd->req = scsi_req_new(sdev, cmd->index, lun, cmdbuf, cmd);
-+ if (!cmd->req) {
- trace_megasas_dcmd_req_alloc_failed(cmd->index,
- "PD get info vpd inquiry");
- return MFI_STAT_FLASH_ALLOC_FAIL;
- }
- trace_megasas_dcmd_internal_submit(cmd->index,
- "PD get info vpd inquiry", lun);
-- len = scsi_req_enqueue(req);
-+ len = scsi_req_enqueue(cmd->req);
- if (len > 0) {
- cmd->iov_size = len;
-- scsi_req_continue(req);
-+ scsi_req_continue(cmd->req);
- }
- return MFI_STAT_INVALID_STATUS;
- }
-@@ -1217,7 +1219,6 @@ static int megasas_ld_get_info_submit(SCSIDevice *sdev, int lun,
- struct mfi_ld_info *info = cmd->iov_buf;
- size_t dcmd_size = sizeof(struct mfi_ld_info);
- uint8_t cdb[6];
-- SCSIRequest *req;
- ssize_t len, resid;
- uint16_t sdev_id = ((sdev->id & 0xFF) << 8) | (lun & 0xFF);
- uint64_t ld_size;
-@@ -1226,8 +1227,8 @@ static int megasas_ld_get_info_submit(SCSIDevice *sdev, int lun,
- cmd->iov_buf = g_malloc0(dcmd_size);
- info = cmd->iov_buf;
- megasas_setup_inquiry(cdb, 0x83, sizeof(info->vpd_page83));
-- req = scsi_req_new(sdev, cmd->index, lun, cdb, cmd);
-- if (!req) {
-+ cmd->req = scsi_req_new(sdev, cmd->index, lun, cdb, cmd);
-+ if (!cmd->req) {
- trace_megasas_dcmd_req_alloc_failed(cmd->index,
- "LD get info vpd inquiry");
- g_free(cmd->iov_buf);
-@@ -1236,10 +1237,10 @@ static int megasas_ld_get_info_submit(SCSIDevice *sdev, int lun,
- }
- trace_megasas_dcmd_internal_submit(cmd->index,
- "LD get info vpd inquiry", lun);
-- len = scsi_req_enqueue(req);
-+ len = scsi_req_enqueue(cmd->req);
- if (len > 0) {
- cmd->iov_size = len;
-- scsi_req_continue(req);
-+ scsi_req_continue(cmd->req);
- }
- return MFI_STAT_INVALID_STATUS;
- }
-@@ -1851,7 +1852,7 @@ static void megasas_command_complete(SCSIRequest *req, uint32_t status,
- return;
- }
-
-- if (cmd->req == NULL) {
-+ if (cmd->dcmd_opcode != -1) {
- /*
- * Internal command complete
- */
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9503-2.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9503-2.patch
deleted file mode 100644
index 74725a9..0000000
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9503-2.patch
+++ /dev/null
@@ -1,114 +0,0 @@
-From 5104fac8539eaf155fc6de93e164be43e1e62242 Mon Sep 17 00:00:00 2001
-From: Paolo Bonzini <pbonzini@redhat.com>
-Date: Thu, 1 Jun 2017 17:18:23 +0200
-Subject: [PATCH] megasas: do not read DCMD opcode more than once from frame
-
-Avoid TOC-TOU bugs by storing the DCMD opcode in the MegasasCmd
-
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
----
- hw/scsi/megasas.c | 25 +++++++++++--------------
- 1 file changed, 11 insertions(+), 14 deletions(-)
-
-diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
-index c353118882..a3f75c1650 100644
---- a/hw/scsi/megasas.c
-+++ b/hw/scsi/megasas.c
-@@ -63,6 +63,7 @@ typedef struct MegasasCmd {
-
- hwaddr pa;
- hwaddr pa_size;
-+ uint32_t dcmd_opcode;
- union mfi_frame *frame;
- SCSIRequest *req;
- QEMUSGList qsg;
-@@ -513,6 +514,7 @@ static MegasasCmd *megasas_enqueue_frame(MegasasState *s,
- cmd->context &= (uint64_t)0xFFFFFFFF;
- }
- cmd->count = count;
-+ cmd->dcmd_opcode = -1;
- s->busy++;
-
- if (s->consumer_pa) {
-@@ -1562,22 +1564,21 @@ static const struct dcmd_cmd_tbl_t {
-
- static int megasas_handle_dcmd(MegasasState *s, MegasasCmd *cmd)
- {
-- int opcode;
- int retval = 0;
- size_t len;
- const struct dcmd_cmd_tbl_t *cmdptr = dcmd_cmd_tbl;
-
-- opcode = le32_to_cpu(cmd->frame->dcmd.opcode);
-- trace_megasas_handle_dcmd(cmd->index, opcode);
-+ cmd->dcmd_opcode = le32_to_cpu(cmd->frame->dcmd.opcode);
-+ trace_megasas_handle_dcmd(cmd->index, cmd->dcmd_opcode);
- if (megasas_map_dcmd(s, cmd) < 0) {
- return MFI_STAT_MEMORY_NOT_AVAILABLE;
- }
-- while (cmdptr->opcode != -1 && cmdptr->opcode != opcode) {
-+ while (cmdptr->opcode != -1 && cmdptr->opcode != cmd->dcmd_opcode) {
- cmdptr++;
- }
- len = cmd->iov_size;
- if (cmdptr->opcode == -1) {
-- trace_megasas_dcmd_unhandled(cmd->index, opcode, len);
-+ trace_megasas_dcmd_unhandled(cmd->index, cmd->dcmd_opcode, len);
- retval = megasas_dcmd_dummy(s, cmd);
- } else {
- trace_megasas_dcmd_enter(cmd->index, cmdptr->desc, len);
-@@ -1592,13 +1593,11 @@ static int megasas_handle_dcmd(MegasasState *s, MegasasCmd *cmd)
- static int megasas_finish_internal_dcmd(MegasasCmd *cmd,
- SCSIRequest *req)
- {
-- int opcode;
- int retval = MFI_STAT_OK;
- int lun = req->lun;
-
-- opcode = le32_to_cpu(cmd->frame->dcmd.opcode);
-- trace_megasas_dcmd_internal_finish(cmd->index, opcode, lun);
-- switch (opcode) {
-+ trace_megasas_dcmd_internal_finish(cmd->index, cmd->dcmd_opcode, lun);
-+ switch (cmd->dcmd_opcode) {
- case MFI_DCMD_PD_GET_INFO:
- retval = megasas_pd_get_info_submit(req->dev, lun, cmd);
- break;
-@@ -1606,7 +1605,7 @@ static int megasas_finish_internal_dcmd(MegasasCmd *cmd,
- retval = megasas_ld_get_info_submit(req->dev, lun, cmd);
- break;
- default:
-- trace_megasas_dcmd_internal_invalid(cmd->index, opcode);
-+ trace_megasas_dcmd_internal_invalid(cmd->index, cmd->dcmd_opcode);
- retval = MFI_STAT_INVALID_DCMD;
- break;
- }
-@@ -1827,7 +1826,6 @@ static void megasas_xfer_complete(SCSIRequest *req, uint32_t len)
- {
- MegasasCmd *cmd = req->hba_private;
- uint8_t *buf;
-- uint32_t opcode;
-
- trace_megasas_io_complete(cmd->index, len);
-
-@@ -1837,8 +1835,7 @@ static void megasas_xfer_complete(SCSIRequest *req, uint32_t len)
- }
-
- buf = scsi_req_get_buf(req);
-- opcode = le32_to_cpu(cmd->frame->dcmd.opcode);
-- if (opcode == MFI_DCMD_PD_GET_INFO && cmd->iov_buf) {
-+ if (cmd->dcmd_opcode == MFI_DCMD_PD_GET_INFO && cmd->iov_buf) {
- struct mfi_pd_info *info = cmd->iov_buf;
-
- if (info->inquiry_data[0] == 0x7f) {
-@@ -1849,7 +1846,7 @@ static void megasas_xfer_complete(SCSIRequest *req, uint32_t len)
- memcpy(info->vpd_page83, buf, len);
- }
- scsi_req_continue(req);
-- } else if (opcode == MFI_DCMD_LD_GET_INFO) {
-+ } else if (cmd->dcmd_opcode == MFI_DCMD_LD_GET_INFO) {
- struct mfi_ld_info *info = cmd->iov_buf;
-
- if (cmd->iov_buf) {
---
-2.13.0
-
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9524-1.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9524-1.patch
deleted file mode 100644
index 9d77193..0000000
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9524-1.patch
+++ /dev/null
@@ -1,80 +0,0 @@
-From df8ad9f128c15aa0a0ebc7b24e9a22c9775b67af Mon Sep 17 00:00:00 2001
-From: Eric Blake <eblake@redhat.com>
-Date: Fri, 26 May 2017 22:04:21 -0500
-Subject: [PATCH] nbd: Fully initialize client in case of failed negotiation
-
-If a non-NBD client connects to qemu-nbd, we would end up with
-a SIGSEGV in nbd_client_put() because we were trying to
-unregister the client's association to the export, even though
-we skipped inserting the client into that list. Easy trigger
-in two terminals:
-
-$ qemu-nbd -p 30001 --format=raw file
-$ nmap 127.0.0.1 -p 30001
-
-nmap claims that it thinks it connected to a pago-services1
-server (which probably means nmap could be updated to learn the
-NBD protocol and give a more accurate diagnosis of the open
-port - but that's not our problem), then terminates immediately,
-so our call to nbd_negotiate() fails. The fix is to reorder
-nbd_co_client_start() to ensure that all initialization occurs
-before we ever try talking to a client in nbd_negotiate(), so
-that the teardown sequence on negotiation failure doesn't fault
-while dereferencing a half-initialized object.
-
-While debugging this, I also noticed that nbd_update_server_watch()
-called by nbd_client_closed() was still adding a channel to accept
-the next client, even when the state was no longer RUNNING. That
-is fixed by making nbd_can_accept() pay attention to the current
-state.
-
-Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1451614
-
-Signed-off-by: Eric Blake <eblake@redhat.com>
-Message-Id: <20170527030421.28366-1-eblake@redhat.com>
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
----
- nbd/server.c | 8 +++-----
- qemu-nbd.c | 2 +-
- 2 files changed, 4 insertions(+), 6 deletions(-)
-
-diff --git a/nbd/server.c b/nbd/server.c
-index ee59e5d234..49b55f6ede 100644
---- a/nbd/server.c
-+++ b/nbd/server.c
-@@ -1358,16 +1358,14 @@ static coroutine_fn void nbd_co_client_start(void *opaque)
-
- if (exp) {
- nbd_export_get(exp);
-+ QTAILQ_INSERT_TAIL(&exp->clients, client, next);
- }
-+ qemu_co_mutex_init(&client->send_lock);
-+
- if (nbd_negotiate(data)) {
- client_close(client);
- goto out;
- }
-- qemu_co_mutex_init(&client->send_lock);
--
-- if (exp) {
-- QTAILQ_INSERT_TAIL(&exp->clients, client, next);
-- }
-
- nbd_client_receive_next_request(client);
-
-diff --git a/qemu-nbd.c b/qemu-nbd.c
-index f60842fd86..651f85ecc1 100644
---- a/qemu-nbd.c
-+++ b/qemu-nbd.c
-@@ -325,7 +325,7 @@ out:
-
- static int nbd_can_accept(void)
- {
-- return nb_fds < shared;
-+ return state == RUNNING && nb_fds < shared;
- }
-
- static void nbd_export_closed(NBDExport *exp)
---
-2.13.0
-
diff --git a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9524-2.patch b/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9524-2.patch
deleted file mode 100644
index e6934b3..0000000
--- a/app-emulation/qemu/files/qemu-2.9.0-CVE-2017-9524-2.patch
+++ /dev/null
@@ -1,197 +0,0 @@
-From 0c9390d978cbf61e8f16c9f580fa96b305c43568 Mon Sep 17 00:00:00 2001
-From: Eric Blake <eblake@redhat.com>
-Date: Thu, 8 Jun 2017 17:26:17 -0500
-Subject: [PATCH] nbd: Fix regression on resiliency to port scan
-
-Back in qemu 2.5, qemu-nbd was immune to port probes (a transient
-server would not quit, regardless of how many probe connections
-came and went, until a connection actually negotiated). But we
-broke that in commit ee7d7aa when removing the return value to
-nbd_client_new(), although that patch also introduced a bug causing
-an assertion failure on a client that fails negotiation. We then
-made it worse during refactoring in commit 1a6245a (a segfault
-before we could even assert); the (masked) assertion was cleaned
-up in d3780c2 (still in 2.6), and just recently we finally fixed
-the segfault ("nbd: Fully intialize client in case of failed
-negotiation"). But that still means that ever since we added
-TLS support to qemu-nbd, we have been vulnerable to an ill-timed
-port-scan being able to cause a denial of service by taking down
-qemu-nbd before a real client has a chance to connect.
-
-Since negotiation is now handled asynchronously via coroutines,
-we no longer have a synchronous point of return by re-adding a
-return value to nbd_client_new(). So this patch instead wires
-things up to pass the negotiation status through the close_fn
-callback function.
-
-Simple test across two terminals:
-$ qemu-nbd -f raw -p 30001 file
-$ nmap 127.0.0.1 -p 30001 && \
- qemu-io -c 'r 0 512' -f raw nbd://localhost:30001
-
-Note that this patch does not change what constitutes successful
-negotiation (thus, a client must enter transmission phase before
-that client can be considered as a reason to terminate the server
-when the connection ends). Perhaps we may want to tweak things
-in a later patch to also treat a client that uses NBD_OPT_ABORT
-as being a 'successful' negotiation (the client correctly talked
-the NBD protocol, and informed us it was not going to use our
-export after all), but that's a discussion for another day.
-
-Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1451614
-
-Signed-off-by: Eric Blake <eblake@redhat.com>
-Message-Id: <20170608222617.20376-1-eblake@redhat.com>
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
----
- blockdev-nbd.c | 6 +++++-
- include/block/nbd.h | 2 +-
- nbd/server.c | 24 +++++++++++++++---------
- qemu-nbd.c | 4 ++--
- 4 files changed, 23 insertions(+), 13 deletions(-)
-
-diff --git a/blockdev-nbd.c b/blockdev-nbd.c
-index dd0860f4a6..28f551a7b0 100644
---- a/blockdev-nbd.c
-+++ b/blockdev-nbd.c
-@@ -27,6 +27,10 @@ typedef struct NBDServerData {
-
- static NBDServerData *nbd_server;
-
-+static void nbd_blockdev_client_closed(NBDClient *client, bool ignored)
-+{
-+ nbd_client_put(client);
-+}
-
- static gboolean nbd_accept(QIOChannel *ioc, GIOCondition condition,
- gpointer opaque)
-@@ -46,7 +50,7 @@ static gboolean nbd_accept(QIOChannel *ioc, GIOCondition condition,
- qio_channel_set_name(QIO_CHANNEL(cioc), "nbd-server");
- nbd_client_new(NULL, cioc,
- nbd_server->tlscreds, NULL,
-- nbd_client_put);
-+ nbd_blockdev_client_closed);
- object_unref(OBJECT(cioc));
- return TRUE;
- }
-diff --git a/include/block/nbd.h b/include/block/nbd.h
-index 416257abca..8fa5ce51f3 100644
---- a/include/block/nbd.h
-+++ b/include/block/nbd.h
-@@ -162,7 +162,7 @@ void nbd_client_new(NBDExport *exp,
- QIOChannelSocket *sioc,
- QCryptoTLSCreds *tlscreds,
- const char *tlsaclname,
-- void (*close)(NBDClient *));
-+ void (*close_fn)(NBDClient *, bool));
- void nbd_client_get(NBDClient *client);
- void nbd_client_put(NBDClient *client);
-
-diff --git a/nbd/server.c b/nbd/server.c
-index 49b55f6ede..f2b1aa47ce 100644
---- a/nbd/server.c
-+++ b/nbd/server.c
-@@ -81,7 +81,7 @@ static QTAILQ_HEAD(, NBDExport) exports = QTAILQ_HEAD_INITIALIZER(exports);
-
- struct NBDClient {
- int refcount;
-- void (*close)(NBDClient *client);
-+ void (*close_fn)(NBDClient *client, bool negotiated);
-
- bool no_zeroes;
- NBDExport *exp;
-@@ -778,7 +778,7 @@ void nbd_client_put(NBDClient *client)
- }
- }
-
--static void client_close(NBDClient *client)
-+static void client_close(NBDClient *client, bool negotiated)
- {
- if (client->closing) {
- return;
-@@ -793,8 +793,8 @@ static void client_close(NBDClient *client)
- NULL);
-
- /* Also tell the client, so that they release their reference. */
-- if (client->close) {
-- client->close(client);
-+ if (client->close_fn) {
-+ client->close_fn(client, negotiated);
- }
- }
-
-@@ -975,7 +975,7 @@ void nbd_export_close(NBDExport *exp)
-
- nbd_export_get(exp);
- QTAILQ_FOREACH_SAFE(client, &exp->clients, next, next) {
-- client_close(client);
-+ client_close(client, true);
- }
- nbd_export_set_name(exp, NULL);
- nbd_export_set_description(exp, NULL);
-@@ -1337,7 +1337,7 @@ done:
-
- out:
- nbd_request_put(req);
-- client_close(client);
-+ client_close(client, true);
- nbd_client_put(client);
- }
-
-@@ -1363,7 +1363,7 @@ static coroutine_fn void nbd_co_client_start(void *opaque)
- qemu_co_mutex_init(&client->send_lock);
-
- if (nbd_negotiate(data)) {
-- client_close(client);
-+ client_close(client, false);
- goto out;
- }
-
-@@ -1373,11 +1373,17 @@ out:
- g_free(data);
- }
-
-+/*
-+ * Create a new client listener on the given export @exp, using the
-+ * given channel @sioc. Begin servicing it in a coroutine. When the
-+ * connection closes, call @close_fn with an indication of whether the
-+ * client completed negotiation.
-+ */
- void nbd_client_new(NBDExport *exp,
- QIOChannelSocket *sioc,
- QCryptoTLSCreds *tlscreds,
- const char *tlsaclname,
-- void (*close_fn)(NBDClient *))
-+ void (*close_fn)(NBDClient *, bool))
- {
- NBDClient *client;
- NBDClientNewData *data = g_new(NBDClientNewData, 1);
-@@ -1394,7 +1400,7 @@ void nbd_client_new(NBDExport *exp,
- object_ref(OBJECT(client->sioc));
- client->ioc = QIO_CHANNEL(sioc);
- object_ref(OBJECT(client->ioc));
-- client->close = close_fn;
-+ client->close_fn = close_fn;
-
- data->client = client;
- data->co = qemu_coroutine_create(nbd_co_client_start, data);
-diff --git a/qemu-nbd.c b/qemu-nbd.c
-index 651f85ecc1..9464a0461c 100644
---- a/qemu-nbd.c
-+++ b/qemu-nbd.c
-@@ -336,10 +336,10 @@ static void nbd_export_closed(NBDExport *exp)
-
- static void nbd_update_server_watch(void);
-
--static void nbd_client_closed(NBDClient *client)
-+static void nbd_client_closed(NBDClient *client, bool negotiated)
- {
- nb_fds--;
-- if (nb_fds == 0 && !persistent && state == RUNNING) {
-+ if (negotiated && nb_fds == 0 && !persistent && state == RUNNING) {
- state = TERMINATE;
- }
- nbd_update_server_watch();
---
-2.13.0
-
diff --git a/app-emulation/qemu/qemu-2.10.0-r1.ebuild b/app-emulation/qemu/qemu-2.10.1.ebuild
similarity index 97%
rename from app-emulation/qemu/qemu-2.10.0-r1.ebuild
rename to app-emulation/qemu/qemu-2.10.1.ebuild
index e7343e3..b448f20 100644
--- a/app-emulation/qemu/qemu-2.10.0-r1.ebuild
+++ b/app-emulation/qemu/qemu-2.10.1.ebuild
@@ -19,7 +19,7 @@ if [[ ${PV} = *9999* ]]; then
SRC_URI=""
else
SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
- KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd"
+ KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd"
fi
DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
@@ -164,6 +164,14 @@ X86_FIRMWARE_DEPEND="
>=sys-firmware/seabios-1.10.2[seavgabios]
sys-firmware/sgabios
)"
+PPC64_FIRMWARE_DEPEND="
+ pin-upstream-blobs? (
+ ~sys-firmware/seabios-1.10.2[binary,seavgabios]
+ )
+ !pin-upstream-blobs? (
+ >=sys-firmware/seabios-1.10.2[seavgabios]
+ )
+"
CDEPEND="
!static? (
@@ -171,7 +179,9 @@ CDEPEND="
${SOFTMMU_TOOLS_DEPEND//\[static-libs(+)]}
)
qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} )
- qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )"
+ qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )
+ qemu_softmmu_targets_ppc64? ( ${PPC64_FIRMWARE_DEPEND} )
+"
DEPEND="${CDEPEND}
dev-lang/perl
=dev-lang/python-2*
@@ -200,7 +210,8 @@ PATCHES=(
# gentoo patches
"${FILESDIR}"/${PN}-2.5.0-cflags.patch
"${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
- "${FILESDIR}"/${PN}-2.10.0-CVE-2017-13711.patch # bug 629350
+ "${FILESDIR}"/${PN}-2.10.1-CVE-2017-15268.patch
+ "${FILESDIR}"/${PN}-2.10.1-CVE-2017-15289.patch
)
STRIP_MASK="/usr/share/qemu/palcode-clipper"
@@ -704,7 +715,8 @@ src_install() {
rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
rm "${ED}/usr/share/qemu/vgabios-virtio.bin"
rm "${ED}/usr/share/qemu/vgabios-vmware.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
+ # PPC64 loads vgabios-stdvga
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386 || use qemu_softmmu_targets_ppc64; then
dosym ../seavgabios/vgabios-isavga.bin /usr/share/qemu/vgabios.bin
dosym ../seavgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
dosym ../seavgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
diff --git a/app-emulation/qemu/qemu-2.9.0-r56.ebuild b/app-emulation/qemu/qemu-2.9.0-r56.ebuild
deleted file mode 100644
index 256a811..0000000
--- a/app-emulation/qemu/qemu-2.9.0-r56.ebuild
+++ /dev/null
@@ -1,799 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="6"
-
-PYTHON_COMPAT=( python2_7 )
-PYTHON_REQ_USE="ncurses,readline"
-
-PLOCALES="bg de_DE fr_FR hu it tr zh_CN"
-
-FIRMWARE_ABI_VERSION="2.9.0-r52"
-
-inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \
- user udev fcaps readme.gentoo-r1 pax-utils l10n
-
-if [[ ${PV} = *9999* ]]; then
- EGIT_REPO_URI="git://git.qemu.org/qemu.git"
- inherit git-r3
- SRC_URI=""
-else
- SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
- KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd"
-fi
-
-DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
-HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
-
-LICENSE="GPL-2 LGPL-2 BSD-2"
-SLOT="0"
-IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt
- glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux
- kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png
- pulseaudio python rbd sasl +seccomp sdl sdl2 selinux smartcard snappy
- spice ssh static static-user systemtap tci test usb usbredir vde
- +vhost-net virgl virtfs +vnc vte xattr xen xfs"
-
-COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel
- mips mips64 mips64el mipsel nios2 or1k ppc ppc64 s390x sh4 sh4eb sparc
- sparc64 x86_64"
-IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS}
- lm32 moxie ppcemb tricore unicore32 xtensa xtensaeb"
-IUSE_USER_TARGETS="${COMMON_TARGETS}
- armeb hppa mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx"
-
-use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
-use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS})
-IUSE+=" ${use_softmmu_targets} ${use_user_targets}"
-
-# Allow no targets to be built so that people can get a tools-only build.
-# Block USE flag configurations known to not work.
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- gtk2? ( gtk )
- qemu_softmmu_targets_arm? ( fdt )
- qemu_softmmu_targets_microblaze? ( fdt )
- qemu_softmmu_targets_mips64el? ( fdt )
- qemu_softmmu_targets_ppc? ( fdt )
- qemu_softmmu_targets_ppc64? ( fdt )
- sdl2? ( sdl )
- static? ( static-user !alsa !bluetooth !gtk !gtk2 !opengl !pulseaudio )
- virtfs? ( xattr )
- vte? ( gtk )"
-
-# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
-# and user/softmmu targets (qemu-*, qemu-system-*).
-#
-# Yep, you need both libcap and libcap-ng since virtfs only uses libcap.
-#
-# The attr lib isn't always linked in (although the USE flag is always
-# respected). This is because qemu supports using the C library's API
-# when available rather than always using the extranl library.
-ALL_DEPEND="
- >=dev-libs/glib-2.0[static-libs(+)]
- sys-libs/zlib[static-libs(+)]
- python? ( ${PYTHON_DEPS} )
- systemtap? ( dev-util/systemtap )
- xattr? ( sys-apps/attr[static-libs(+)] )"
-
-# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
-# softmmu targets (qemu-system-*).
-SOFTMMU_TOOLS_DEPEND="
- >=x11-libs/pixman-0.28.0[static-libs(+)]
- accessibility? (
- app-accessibility/brltty[api]
- app-accessibility/brltty[static-libs(+)]
- )
- aio? ( dev-libs/libaio[static-libs(+)] )
- alsa? ( >=media-libs/alsa-lib-1.0.13 )
- bluetooth? ( net-wireless/bluez )
- bzip2? ( app-arch/bzip2[static-libs(+)] )
- caps? ( sys-libs/libcap-ng[static-libs(+)] )
- curl? ( >=net-misc/curl-7.15.4[static-libs(+)] )
- fdt? ( >=sys-apps/dtc-1.4.0[static-libs(+)] )
- glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] )
- gnutls? (
- dev-libs/nettle:=[static-libs(+)]
- >=net-libs/gnutls-3.0:=[static-libs(+)]
- )
- gtk? (
- gtk2? (
- x11-libs/gtk+:2
- vte? ( x11-libs/vte:0 )
- )
- !gtk2? (
- x11-libs/gtk+:3
- vte? ( x11-libs/vte:2.91 )
- )
- )
- infiniband? ( sys-fabric/librdmacm:=[static-libs(+)] )
- iscsi? ( net-libs/libiscsi )
- jpeg? ( virtual/jpeg:0=[static-libs(+)] )
- lzo? ( dev-libs/lzo:2[static-libs(+)] )
- ncurses? (
- sys-libs/ncurses:0=[unicode]
- sys-libs/ncurses:0=[static-libs(+)]
- )
- nfs? ( >=net-fs/libnfs-1.9.3[static-libs(+)] )
- numa? ( sys-process/numactl[static-libs(+)] )
- opengl? (
- virtual/opengl
- media-libs/libepoxy[static-libs(+)]
- media-libs/mesa[static-libs(+)]
- media-libs/mesa[egl,gbm]
- )
- png? ( media-libs/libpng:0=[static-libs(+)] )
- pulseaudio? ( media-sound/pulseaudio )
- rbd? ( sys-cluster/ceph[static-libs(+)] )
- sasl? ( dev-libs/cyrus-sasl[static-libs(+)] )
- sdl? (
- !sdl2? (
- media-libs/libsdl[X]
- >=media-libs/libsdl-1.2.11[static-libs(+)]
- )
- sdl2? (
- media-libs/libsdl2[X]
- media-libs/libsdl2[static-libs(+)]
- )
- )
- seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] )
- smartcard? ( >=app-emulation/libcacard-2.5.0[static-libs(+)] )
- snappy? ( app-arch/snappy:=[static-libs(+)] )
- spice? (
- >=app-emulation/spice-protocol-0.12.3
- >=app-emulation/spice-0.12.0[static-libs(+)]
- )
- ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] )
- usb? ( >=virtual/libusb-1-r2[static-libs(+)] )
- usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] )
- vde? ( net-misc/vde[static-libs(+)] )
- virgl? ( media-libs/virglrenderer[static-libs(+)] )
- virtfs? ( sys-libs/libcap )
- xen? ( app-emulation/xen-tools:= )
- xfs? ( sys-fs/xfsprogs[static-libs(+)] )"
-
-X86_FIRMWARE_DEPEND="
- pin-upstream-blobs? (
- ~sys-firmware/edk2-ovmf-2017_pre20170505[binary]
- ~sys-firmware/ipxe-1.0.0_p20160620
- ~sys-firmware/seabios-1.10.2[binary,seavgabios]
- ~sys-firmware/sgabios-0.1_pre8
- )
- !pin-upstream-blobs? (
- sys-firmware/edk2-ovmf
- sys-firmware/ipxe
- >=sys-firmware/seabios-1.10.2[seavgabios]
- sys-firmware/sgabios
- )"
-
-CDEPEND="
- !static? (
- ${ALL_DEPEND//\[static-libs(+)]}
- ${SOFTMMU_TOOLS_DEPEND//\[static-libs(+)]}
- )
- qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} )
- qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )"
-DEPEND="${CDEPEND}
- dev-lang/perl
- =dev-lang/python-2*
- sys-apps/texinfo
- virtual/pkgconfig
- kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 )
- gtk? ( nls? ( sys-devel/gettext ) )
- static? (
- ${ALL_DEPEND}
- ${SOFTMMU_TOOLS_DEPEND}
- )
- static-user? ( ${ALL_DEPEND} )
- test? (
- dev-libs/glib[utils]
- sys-devel/bc
- )"
-RDEPEND="${CDEPEND}
- selinux? ( sec-policy/selinux-qemu )"
-
-PATCHES=(
- # musl patches
- "${FILESDIR}"/${PN}-2.8.0-F_SHLCK-and-F_EXLCK.patch
- "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
- "${FILESDIR}"/${PN}-2.2.0-_sigev_un.patch
-
- # gentoo patches
- "${FILESDIR}"/${PN}-2.5.0-cflags.patch
- "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8309.patch # bug 616870
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8379.patch # bug 616872
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8380.patch # bug 616874
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8112.patch # bug 616636
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-7493.patch # bug 618808
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-11434.patch # bug 625614
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-11334.patch # bug 621292
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-9524-1.patch # bug 621292
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-9524-2.patch
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-9503-1.patch # bug 621184
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-9503-2.patch
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-10664.patch # bug 623016
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-10806.patch # bug 624088
-)
-
-STRIP_MASK="/usr/share/qemu/palcode-clipper"
-
-QA_PREBUILT="
- usr/share/qemu/openbios-ppc
- usr/share/qemu/openbios-sparc64
- usr/share/qemu/openbios-sparc32
- usr/share/qemu/palcode-clipper
- usr/share/qemu/s390-ccw.img
- usr/share/qemu/u-boot.e500"
-
-QA_WX_LOAD="usr/bin/qemu-i386
- usr/bin/qemu-x86_64
- usr/bin/qemu-alpha
- usr/bin/qemu-arm
- usr/bin/qemu-cris
- usr/bin/qemu-m68k
- usr/bin/qemu-microblaze
- usr/bin/qemu-microblazeel
- usr/bin/qemu-mips
- usr/bin/qemu-mipsel
- usr/bin/qemu-or1k
- usr/bin/qemu-ppc
- usr/bin/qemu-ppc64
- usr/bin/qemu-ppc64abi32
- usr/bin/qemu-sh4
- usr/bin/qemu-sh4eb
- usr/bin/qemu-sparc
- usr/bin/qemu-sparc64
- usr/bin/qemu-armeb
- usr/bin/qemu-sparc32plus
- usr/bin/qemu-s390x
- usr/bin/qemu-unicore32"
-
-DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure you have the
-kernel module loaded before running kvm. The easiest way to ensure that the
-kernel module is loaded is to load it on boot.
- For AMD CPUs the module is called 'kvm-amd'.
- For Intel CPUs the module is called 'kvm-intel'.
-Please review /etc/conf.d/modules for how to load these.
-
-Make sure your user is in the 'kvm' group. Just run
- $ gpasswd -a <USER> kvm
-then have <USER> re-login.
-
-For brand new installs, the default permissions on /dev/kvm might not let
-you access it. You can tell udev to reset ownership/perms:
- $ udevadm trigger -c add /dev/kvm
-
-If you want to register binfmt handlers for qemu user targets:
-For openrc:
- # rc-update add qemu-binfmt
-For systemd:
- # ln -s /usr/share/qemu/binfmt.d/qemu.conf /etc/binfmt.d/qemu.conf"
-
-pkg_pretend() {
- if use kernel_linux && kernel_is lt 2 6 25; then
- eerror "This version of KVM requres a host kernel of 2.6.25 or higher."
- elif use kernel_linux; then
- if ! linux_config_exists; then
- eerror "Unable to check your kernel for KVM support"
- else
- CONFIG_CHECK="~KVM ~TUN ~BRIDGE"
- ERROR_KVM="You must enable KVM in your kernel to continue"
- ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in"
- ERROR_KVM_AMD+=" your kernel configuration."
- ERROR_KVM_INTEL="If you have an Intel CPU, you must enable"
- ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration."
- ERROR_TUN="You will need the Universal TUN/TAP driver compiled"
- ERROR_TUN+=" into your kernel or loaded as a module to use the"
- ERROR_TUN+=" virtual network device if using -net tap."
- ERROR_BRIDGE="You will also need support for 802.1d"
- ERROR_BRIDGE+=" Ethernet Bridging for some network configurations."
- use vhost-net && CONFIG_CHECK+=" ~VHOST_NET"
- ERROR_VHOST_NET="You must enable VHOST_NET to have vhost-net"
- ERROR_VHOST_NET+=" support"
-
- if use amd64 || use x86 || use amd64-linux || use x86-linux; then
- CONFIG_CHECK+=" ~KVM_AMD ~KVM_INTEL"
- fi
-
- use python && CONFIG_CHECK+=" ~DEBUG_FS"
- ERROR_DEBUG_FS="debugFS support required for kvm_stat"
-
- # Now do the actual checks setup above
- check_extra_config
- fi
- fi
-
- if grep -qs '/usr/bin/qemu-kvm' "${EROOT}"/etc/libvirt/qemu/*.xml; then
- eerror "The kvm/qemu-kvm wrappers no longer exist, but your libvirt"
- eerror "instances are still pointing to it. Please update your"
- eerror "configs in /etc/libvirt/qemu/ to use the -enable-kvm flag"
- eerror "and the right system binary (e.g. qemu-system-x86_64)."
- die "update your virt configs to not use qemu-kvm"
- fi
-}
-
-pkg_setup() {
- enewgroup kvm 78
-}
-
-# Sanity check to make sure target lists are kept up-to-date.
-check_targets() {
- local var=$1 mak=$2
- local detected sorted
-
- pushd "${S}"/default-configs >/dev/null || die
-
- # Force C locale until glibc is updated. #564936
- detected=$(echo $(printf '%s\n' *-${mak}.mak | sed "s:-${mak}.mak::" | LC_COLLATE=C sort -u))
- sorted=$(echo $(printf '%s\n' ${!var} | LC_COLLATE=C sort -u))
- if [[ ${sorted} != "${detected}" ]] ; then
- eerror "The ebuild needs to be kept in sync."
- eerror "${var}: ${sorted}"
- eerror "$(printf '%-*s' ${#var} configure): ${detected}"
- die "sync ${var} to the list of targets"
- fi
-
- popd >/dev/null
-}
-
-handle_locales() {
- # Make sure locale list is kept up-to-date.
- local detected sorted
- detected=$(echo $(cd po && printf '%s\n' *.po | grep -v messages.po | sed 's:.po$::' | sort -u))
- sorted=$(echo $(printf '%s\n' ${PLOCALES} | sort -u))
- if [[ ${sorted} != "${detected}" ]] ; then
- eerror "The ebuild needs to be kept in sync."
- eerror "PLOCALES: ${sorted}"
- eerror " po/*.po: ${detected}"
- die "sync PLOCALES"
- fi
-
- # Deal with selective install of locales.
- if use nls ; then
- # Delete locales the user does not want. #577814
- rm_loc() { rm po/$1.po || die; }
- l10n_for_each_disabled_locale_do rm_loc
- else
- # Cheap hack to disable gettext .mo generation.
- rm -f po/*.po
- fi
-}
-
-src_prepare() {
- check_targets IUSE_SOFTMMU_TARGETS softmmu
- check_targets IUSE_USER_TARGETS linux-user
-
- # Alter target makefiles to accept CFLAGS set via flag-o
- sed -i -r \
- -e 's/^(C|OP_C|HELPER_C)FLAGS=/\1FLAGS+=/' \
- Makefile Makefile.target || die
-
- default
-
- # Fix ld and objcopy being called directly
- tc-export AR LD OBJCOPY
-
- # Verbose builds
- MAKEOPTS+=" V=1"
-
- # Run after we've applied all patches.
- handle_locales
-}
-
-##
-# configures qemu based on the build directory and the build type
-# we are using.
-#
-qemu_src_configure() {
- debug-print-function ${FUNCNAME} "$@"
-
- local buildtype=$1
- local builddir="${S}/${buildtype}-build"
-
- mkdir "${builddir}"
-
- local conf_opts=(
- --prefix=/usr
- --sysconfdir=/etc
- --libdir=/usr/$(get_libdir)
- --docdir=/usr/share/doc/${PF}/html
- --disable-bsd-user
- --disable-guest-agent
- --disable-strip
- --disable-werror
- # We support gnutls/nettle for crypto operations. It is possible
- # to use gcrypt when gnutls/nettle are disabled (but not when they
- # are enabled), but it's not really worth the hassle. Disable it
- # all the time to avoid automatically detecting it. #568856
- --disable-gcrypt
- --python="${PYTHON}"
- --cc="$(tc-getCC)"
- --cxx="$(tc-getCXX)"
- --host-cc="$(tc-getBUILD_CC)"
- $(use_enable debug debug-info)
- $(use_enable debug debug-tcg)
- --enable-docs
- $(use_enable tci tcg-interpreter)
- $(use_enable xattr attr)
- )
-
- # Disable options not used by user targets. This simplifies building
- # static user targets (USE=static-user) considerably.
- conf_notuser() {
- if [[ ${buildtype} == "user" ]] ; then
- echo "--disable-${2:-$1}"
- else
- use_enable "$@"
- fi
- }
- conf_opts+=(
- $(conf_notuser accessibility brlapi)
- $(conf_notuser aio linux-aio)
- $(conf_notuser bzip2)
- $(conf_notuser bluetooth bluez)
- $(conf_notuser caps cap-ng)
- $(conf_notuser curl)
- $(conf_notuser fdt)
- $(conf_notuser glusterfs)
- $(conf_notuser gnutls)
- $(conf_notuser gnutls nettle)
- $(conf_notuser gtk)
- $(conf_notuser infiniband rdma)
- $(conf_notuser iscsi libiscsi)
- $(conf_notuser jpeg vnc-jpeg)
- $(conf_notuser kernel_linux kvm)
- $(conf_notuser lzo)
- $(conf_notuser ncurses curses)
- $(conf_notuser nfs libnfs)
- $(conf_notuser numa)
- $(conf_notuser opengl)
- $(conf_notuser png vnc-png)
- $(conf_notuser rbd)
- $(conf_notuser sasl vnc-sasl)
- $(conf_notuser sdl)
- $(conf_notuser seccomp)
- $(conf_notuser smartcard)
- $(conf_notuser snappy)
- $(conf_notuser spice)
- $(conf_notuser ssh libssh2)
- $(conf_notuser usb libusb)
- $(conf_notuser usbredir usb-redir)
- $(conf_notuser vde)
- $(conf_notuser vhost-net)
- $(conf_notuser virgl virglrenderer)
- $(conf_notuser virtfs)
- $(conf_notuser vnc)
- $(conf_notuser vte)
- $(conf_notuser xen)
- $(conf_notuser xen xen-pci-passthrough)
- $(conf_notuser xfs xfsctl)
- )
-
- if [[ ! ${buildtype} == "user" ]] ; then
- # audio options
- local audio_opts="oss"
- use alsa && audio_opts="alsa,${audio_opts}"
- use sdl && audio_opts="sdl,${audio_opts}"
- use pulseaudio && audio_opts="pa,${audio_opts}"
- conf_opts+=(
- --audio-drv-list="${audio_opts}"
- )
- use gtk && conf_opts+=( --with-gtkabi=$(usex gtk2 2.0 3.0) )
- use sdl && conf_opts+=( --with-sdlabi=$(usex sdl2 2.0 1.2) )
- fi
-
- case ${buildtype} in
- user)
- conf_opts+=(
- --enable-linux-user
- --disable-system
- --disable-blobs
- --disable-tools
- )
- local static_flag="static-user"
- ;;
- softmmu)
- conf_opts+=(
- --disable-linux-user
- --enable-system
- --disable-tools
- --with-system-pixman
- )
- local static_flag="static"
- ;;
- tools)
- conf_opts+=(
- --disable-linux-user
- --disable-system
- --disable-blobs
- --enable-tools
- )
- local static_flag="static"
- ;;
- esac
-
- local targets="${buildtype}_targets"
- [[ -n ${targets} ]] && conf_opts+=( --target-list="${!targets}" )
-
- # Add support for SystemTAP
- use systemtap && conf_opts+=( --enable-trace-backend=dtrace )
-
- # We always want to attempt to build with PIE support as it results
- # in a more secure binary. But it doesn't work with static or if
- # the current GCC doesn't have PIE support.
- if use ${static_flag}; then
- conf_opts+=( --static --disable-pie )
- else
- tc-enables-pie && conf_opts+=( --enable-pie )
- fi
-
- echo "../configure ${conf_opts[*]}"
- cd "${builddir}"
- ../configure "${conf_opts[@]}" || die "configure failed"
-
- # FreeBSD's kernel does not support QEMU assigning/grabbing
- # host USB devices yet
- use kernel_FreeBSD && \
- sed -i -E -e "s|^(HOST_USB=)bsd|\1stub|" "${S}"/config-host.mak
-}
-
-src_configure() {
- local target
-
- python_setup
-
- softmmu_targets= softmmu_bins=()
- user_targets= user_bins=()
-
- for target in ${IUSE_SOFTMMU_TARGETS} ; do
- if use "qemu_softmmu_targets_${target}"; then
- softmmu_targets+=",${target}-softmmu"
- softmmu_bins+=( "qemu-system-${target}" )
- fi
- done
-
- for target in ${IUSE_USER_TARGETS} ; do
- if use "qemu_user_targets_${target}"; then
- user_targets+=",${target}-linux-user"
- user_bins+=( "qemu-${target}" )
- fi
- done
-
- softmmu_targets=${softmmu_targets#,}
- user_targets=${user_targets#,}
-
- [[ -n ${softmmu_targets} ]] && qemu_src_configure "softmmu"
- [[ -n ${user_targets} ]] && qemu_src_configure "user"
- qemu_src_configure "tools"
-}
-
-src_compile() {
- if [[ -n ${user_targets} ]]; then
- cd "${S}/user-build"
- default
- fi
-
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- default
- fi
-
- cd "${S}/tools-build"
- default
-}
-
-src_test() {
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- pax-mark m */qemu-system-* #515550
- emake -j1 check
- emake -j1 check-report.html
- fi
-}
-
-qemu_python_install() {
- python_domodule "${S}/scripts/qmp/qmp.py"
-
- python_doscript "${S}/scripts/kvm/vmxcap"
- python_doscript "${S}/scripts/qmp/qmp-shell"
- python_doscript "${S}/scripts/qmp/qemu-ga-client"
-}
-
-# Generate binfmt support files.
-# - /etc/init.d/qemu-binfmt script which registers the user handlers (openrc)
-# - /usr/share/qemu/binfmt.d/qemu.conf (for use with systemd-binfmt)
-generate_initd() {
- local out="${T}/qemu-binfmt"
- local out_systemd="${T}/qemu.conf"
- local d="${T}/binfmt.d"
-
- einfo "Generating qemu binfmt scripts and configuration files"
-
- # Generate the debian fragments first.
- mkdir -p "${d}"
- "${S}"/scripts/qemu-binfmt-conf.sh \
- --debian \
- --exportdir "${d}" \
- --qemu-path "${EPREFIX}/usr/bin" \
- || die
- # Then turn the fragments into a shell script we can source.
- sed -E -i \
- -e 's:^([^ ]+) (.*)$:\1="\2":' \
- "${d}"/* || die
-
- # Generate the init.d script by assembling the fragments from above.
- local f qcpu package interpreter magic mask
- cat "${FILESDIR}"/qemu-binfmt.initd.head >"${out}" || die
- for f in "${d}"/qemu-* ; do
- source "${f}"
-
- # Normalize the cpu logic like we do in the init.d for the native cpu.
- qcpu=${package#qemu-}
- case ${qcpu} in
- arm*) qcpu="arm";;
- mips*) qcpu="mips";;
- ppc*) qcpu="ppc";;
- s390*) qcpu="s390";;
- sh*) qcpu="sh";;
- sparc*) qcpu="sparc";;
- esac
-
- cat <<EOF >>"${out}"
- if [ "\${cpu}" != "${qcpu}" -a -x "${interpreter}" ] ; then
- echo ':${package}:M::${magic}:${mask}:${interpreter}:'"\${QEMU_BINFMT_FLAGS}" >/proc/sys/fs/binfmt_misc/register
- fi
-EOF
-
- echo ":${package}:M::${magic}:${mask}:${interpreter}:OC" >>"${out_systemd}"
-
- done
- cat "${FILESDIR}"/qemu-binfmt.initd.tail >>"${out}" || die
-}
-
-src_install() {
- if [[ -n ${user_targets} ]]; then
- cd "${S}/user-build"
- emake DESTDIR="${ED}" install
-
- # Install binfmt handler init script for user targets.
- generate_initd
- doinitd "${T}/qemu-binfmt"
-
- # Install binfmt/qemu.conf.
- insinto "/usr/share/qemu/binfmt.d"
- doins "${T}/qemu.conf"
- fi
-
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- emake DESTDIR="${ED}" install
-
- # This might not exist if the test failed. #512010
- [[ -e check-report.html ]] && dohtml check-report.html
-
- if use kernel_linux; then
- udev_newrules "${FILESDIR}"/65-kvm.rules-r1 65-kvm.rules
- fi
-
- if use python; then
- python_foreach_impl qemu_python_install
- fi
- fi
-
- cd "${S}/tools-build"
- emake DESTDIR="${ED}" install
-
- # Disable mprotect on the qemu binaries as they use JITs to be fast #459348
- pushd "${ED}"/usr/bin >/dev/null
- pax-mark mr "${softmmu_bins[@]}" "${user_bins[@]}" # bug 575594
- popd >/dev/null
-
- # Install config file example for qemu-bridge-helper
- insinto "/etc/qemu"
- doins "${FILESDIR}/bridge.conf"
-
- cd "${S}"
- dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt
- newdoc pc-bios/README README.pc-bios
- dodoc docs/qmp-*.txt
-
- if [[ -n ${softmmu_targets} ]]; then
- # Remove SeaBIOS since we're using the SeaBIOS packaged one
- rm "${ED}/usr/share/qemu/bios.bin"
- rm "${ED}/usr/share/qemu/bios-256k.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../seabios/bios.bin /usr/share/qemu/bios.bin
- dosym ../seabios/bios-256k.bin /usr/share/qemu/bios-256k.bin
- fi
-
- # Remove vgabios since we're using the seavgabios packaged one
- rm "${ED}/usr/share/qemu/vgabios.bin"
- rm "${ED}/usr/share/qemu/vgabios-cirrus.bin"
- rm "${ED}/usr/share/qemu/vgabios-qxl.bin"
- rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
- rm "${ED}/usr/share/qemu/vgabios-virtio.bin"
- rm "${ED}/usr/share/qemu/vgabios-vmware.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../seavgabios/vgabios-isavga.bin /usr/share/qemu/vgabios.bin
- dosym ../seavgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
- dosym ../seavgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
- dosym ../seavgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
- dosym ../seavgabios/vgabios-virtio.bin /usr/share/qemu/vgabios-virtio.bin
- dosym ../seavgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
- fi
-
- # Remove sgabios since we're using the sgabios packaged one
- rm "${ED}/usr/share/qemu/sgabios.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../sgabios/sgabios.bin /usr/share/qemu/sgabios.bin
- fi
-
- # Remove iPXE since we're using the iPXE packaged one
- rm "${ED}"/usr/share/qemu/pxe-*.rom
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../ipxe/8086100e.rom /usr/share/qemu/pxe-e1000.rom
- dosym ../ipxe/80861209.rom /usr/share/qemu/pxe-eepro100.rom
- dosym ../ipxe/10500940.rom /usr/share/qemu/pxe-ne2k_pci.rom
- dosym ../ipxe/10222000.rom /usr/share/qemu/pxe-pcnet.rom
- dosym ../ipxe/10ec8139.rom /usr/share/qemu/pxe-rtl8139.rom
- dosym ../ipxe/1af41000.rom /usr/share/qemu/pxe-virtio.rom
- fi
- fi
-
- DISABLE_AUTOFORMATTING=true
- readme.gentoo_create_doc
-}
-
-firmware_abi_change() {
- local pv
- for pv in ${REPLACING_VERSIONS}; do
- if ! version_is_at_least ${FIRMWARE_ABI_VERSION} ${pv}; then
- return 0
- fi
- done
- return 1
-}
-
-pkg_postinst() {
- if [[ -n ${softmmu_targets} ]] && use kernel_linux; then
- udev_reload
- fi
-
- fcaps cap_net_admin /usr/libexec/qemu-bridge-helper
-
- DISABLE_AUTOFORMATTING=true
- readme.gentoo_print_elog
-
- if use pin-upstream-blobs && firmware_abi_change; then
- ewarn "This version of qemu pins new versions of firmware blobs:"
- ewarn " $(best_version sys-firmware/edk2-ovmf)"
- ewarn " $(best_version sys-firmware/ipxe)"
- ewarn " $(best_version sys-firmware/seabios)"
- ewarn " $(best_version sys-firmware/sgabios)"
- ewarn "This might break resume of hibernated guests (started with a different"
- ewarn "firmware version) and live migration to/from qemu versions with different"
- ewarn "firmware. Please (cold) restart all running guests. For functional"
- ewarn "guest migration ensure that all"
- ewarn "hosts run at least"
- ewarn " app-emulation/qemu-${FIRMWARE_ABI_VERSION}."
- fi
-}
-
-pkg_info() {
- echo "Using:"
- echo " $(best_version app-emulation/spice-protocol)"
- echo " $(best_version sys-firmware/edk2-ovmf)"
- if has_version 'sys-firmware/edk2-ovmf[binary]'; then
- echo " USE=binary"
- else
- echo " USE=''"
- fi
- echo " $(best_version sys-firmware/ipxe)"
- echo " $(best_version sys-firmware/seabios)"
- if has_version 'sys-firmware/seabios[binary]'; then
- echo " USE=binary"
- else
- echo " USE=''"
- fi
- echo " $(best_version sys-firmware/sgabios)"
-}
diff --git a/app-emulation/qemu/qemu-2.9.0-r57.ebuild b/app-emulation/qemu/qemu-2.9.0-r57.ebuild
deleted file mode 100644
index ffe6437..0000000
--- a/app-emulation/qemu/qemu-2.9.0-r57.ebuild
+++ /dev/null
@@ -1,802 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="6"
-
-PYTHON_COMPAT=( python2_7 )
-PYTHON_REQ_USE="ncurses,readline"
-
-PLOCALES="bg de_DE fr_FR hu it tr zh_CN"
-
-FIRMWARE_ABI_VERSION="2.9.0-r52"
-
-inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \
- user udev fcaps readme.gentoo-r1 pax-utils l10n
-
-if [[ ${PV} = *9999* ]]; then
- EGIT_REPO_URI="git://git.qemu.org/qemu.git"
- inherit git-r3
- SRC_URI=""
-else
- SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
- KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd"
-fi
-
-DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
-HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
-
-LICENSE="GPL-2 LGPL-2 BSD-2"
-SLOT="0"
-IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt
- glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux
- kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png
- pulseaudio python rbd sasl +seccomp sdl sdl2 selinux smartcard snappy
- spice ssh static static-user systemtap tci test usb usbredir vde
- +vhost-net virgl virtfs +vnc vte xattr xen xfs"
-
-COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel
- mips mips64 mips64el mipsel nios2 or1k ppc ppc64 s390x sh4 sh4eb sparc
- sparc64 x86_64"
-IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS}
- lm32 moxie ppcemb tricore unicore32 xtensa xtensaeb"
-IUSE_USER_TARGETS="${COMMON_TARGETS}
- armeb hppa mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx"
-
-use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
-use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS})
-IUSE+=" ${use_softmmu_targets} ${use_user_targets}"
-
-# Allow no targets to be built so that people can get a tools-only build.
-# Block USE flag configurations known to not work.
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- gtk2? ( gtk )
- qemu_softmmu_targets_arm? ( fdt )
- qemu_softmmu_targets_microblaze? ( fdt )
- qemu_softmmu_targets_mips64el? ( fdt )
- qemu_softmmu_targets_ppc? ( fdt )
- qemu_softmmu_targets_ppc64? ( fdt )
- sdl2? ( sdl )
- static? ( static-user !alsa !bluetooth !gtk !gtk2 !opengl !pulseaudio )
- virtfs? ( xattr )
- vte? ( gtk )"
-
-# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
-# and user/softmmu targets (qemu-*, qemu-system-*).
-#
-# Yep, you need both libcap and libcap-ng since virtfs only uses libcap.
-#
-# The attr lib isn't always linked in (although the USE flag is always
-# respected). This is because qemu supports using the C library's API
-# when available rather than always using the extranl library.
-ALL_DEPEND="
- >=dev-libs/glib-2.0[static-libs(+)]
- sys-libs/zlib[static-libs(+)]
- python? ( ${PYTHON_DEPS} )
- systemtap? ( dev-util/systemtap )
- xattr? ( sys-apps/attr[static-libs(+)] )"
-
-# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
-# softmmu targets (qemu-system-*).
-SOFTMMU_TOOLS_DEPEND="
- >=x11-libs/pixman-0.28.0[static-libs(+)]
- accessibility? (
- app-accessibility/brltty[api]
- app-accessibility/brltty[static-libs(+)]
- )
- aio? ( dev-libs/libaio[static-libs(+)] )
- alsa? ( >=media-libs/alsa-lib-1.0.13 )
- bluetooth? ( net-wireless/bluez )
- bzip2? ( app-arch/bzip2[static-libs(+)] )
- caps? ( sys-libs/libcap-ng[static-libs(+)] )
- curl? ( >=net-misc/curl-7.15.4[static-libs(+)] )
- fdt? ( >=sys-apps/dtc-1.4.2[static-libs(+)] )
- glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] )
- gnutls? (
- dev-libs/nettle:=[static-libs(+)]
- >=net-libs/gnutls-3.0:=[static-libs(+)]
- )
- gtk? (
- gtk2? (
- x11-libs/gtk+:2
- vte? ( x11-libs/vte:0 )
- )
- !gtk2? (
- x11-libs/gtk+:3
- vte? ( x11-libs/vte:2.91 )
- )
- )
- infiniband? ( sys-fabric/librdmacm:=[static-libs(+)] )
- iscsi? ( net-libs/libiscsi )
- jpeg? ( virtual/jpeg:0=[static-libs(+)] )
- lzo? ( dev-libs/lzo:2[static-libs(+)] )
- ncurses? (
- sys-libs/ncurses:0=[unicode]
- sys-libs/ncurses:0=[static-libs(+)]
- )
- nfs? ( >=net-fs/libnfs-1.9.3[static-libs(+)] )
- numa? ( sys-process/numactl[static-libs(+)] )
- opengl? (
- virtual/opengl
- media-libs/libepoxy[static-libs(+)]
- media-libs/mesa[static-libs(+)]
- media-libs/mesa[egl,gbm]
- )
- png? ( media-libs/libpng:0=[static-libs(+)] )
- pulseaudio? ( media-sound/pulseaudio )
- rbd? ( sys-cluster/ceph[static-libs(+)] )
- sasl? ( dev-libs/cyrus-sasl[static-libs(+)] )
- sdl? (
- !sdl2? (
- media-libs/libsdl[X]
- >=media-libs/libsdl-1.2.11[static-libs(+)]
- )
- sdl2? (
- media-libs/libsdl2[X]
- media-libs/libsdl2[static-libs(+)]
- )
- )
- seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] )
- smartcard? ( >=app-emulation/libcacard-2.5.0[static-libs(+)] )
- snappy? ( app-arch/snappy:=[static-libs(+)] )
- spice? (
- >=app-emulation/spice-protocol-0.12.3
- >=app-emulation/spice-0.12.0[static-libs(+)]
- )
- ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] )
- usb? ( >=virtual/libusb-1-r2[static-libs(+)] )
- usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] )
- vde? ( net-misc/vde[static-libs(+)] )
- virgl? ( media-libs/virglrenderer[static-libs(+)] )
- virtfs? ( sys-libs/libcap )
- xen? ( app-emulation/xen-tools:= )
- xfs? ( sys-fs/xfsprogs[static-libs(+)] )"
-
-X86_FIRMWARE_DEPEND="
- pin-upstream-blobs? (
- ~sys-firmware/edk2-ovmf-2017_pre20170505[binary]
- ~sys-firmware/ipxe-1.0.0_p20160620
- ~sys-firmware/seabios-1.10.2[binary,seavgabios]
- ~sys-firmware/sgabios-0.1_pre8
- )
- !pin-upstream-blobs? (
- sys-firmware/edk2-ovmf
- sys-firmware/ipxe
- >=sys-firmware/seabios-1.10.2[seavgabios]
- sys-firmware/sgabios
- )"
-
-CDEPEND="
- !static? (
- ${ALL_DEPEND//\[static-libs(+)]}
- ${SOFTMMU_TOOLS_DEPEND//\[static-libs(+)]}
- )
- qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} )
- qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )"
-DEPEND="${CDEPEND}
- dev-lang/perl
- =dev-lang/python-2*
- sys-apps/texinfo
- virtual/pkgconfig
- kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 )
- gtk? ( nls? ( sys-devel/gettext ) )
- static? (
- ${ALL_DEPEND}
- ${SOFTMMU_TOOLS_DEPEND}
- )
- static-user? ( ${ALL_DEPEND} )
- test? (
- dev-libs/glib[utils]
- sys-devel/bc
- )"
-RDEPEND="${CDEPEND}
- selinux? ( sec-policy/selinux-qemu )"
-
-PATCHES=(
- # musl patches
- "${FILESDIR}"/${PN}-2.8.0-F_SHLCK-and-F_EXLCK.patch
- "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
- "${FILESDIR}"/${PN}-2.2.0-_sigev_un.patch
-
- # gentoo patches
- "${FILESDIR}"/${PN}-2.5.0-cflags.patch
- "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8309.patch # bug 616870
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8379.patch # bug 616872
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8380.patch # bug 616874
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-8112.patch # bug 616636
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-7493.patch # bug 618808
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-11434.patch # bug 625614
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-11334.patch # bug 621292
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-9524-1.patch # bug 621292
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-9524-2.patch
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-9503-1.patch # bug 621184
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-9503-2.patch
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-10664.patch # bug 623016
- "${FILESDIR}"/${PN}-2.9.0-CVE-2017-10806.patch # bug 624088
-)
-
-STRIP_MASK="/usr/share/qemu/palcode-clipper"
-
-QA_PREBUILT="
- usr/share/qemu/openbios-ppc
- usr/share/qemu/openbios-sparc64
- usr/share/qemu/openbios-sparc32
- usr/share/qemu/palcode-clipper
- usr/share/qemu/s390-ccw.img
- usr/share/qemu/u-boot.e500"
-
-QA_WX_LOAD="usr/bin/qemu-i386
- usr/bin/qemu-x86_64
- usr/bin/qemu-alpha
- usr/bin/qemu-arm
- usr/bin/qemu-cris
- usr/bin/qemu-m68k
- usr/bin/qemu-microblaze
- usr/bin/qemu-microblazeel
- usr/bin/qemu-mips
- usr/bin/qemu-mipsel
- usr/bin/qemu-or1k
- usr/bin/qemu-ppc
- usr/bin/qemu-ppc64
- usr/bin/qemu-ppc64abi32
- usr/bin/qemu-sh4
- usr/bin/qemu-sh4eb
- usr/bin/qemu-sparc
- usr/bin/qemu-sparc64
- usr/bin/qemu-armeb
- usr/bin/qemu-sparc32plus
- usr/bin/qemu-s390x
- usr/bin/qemu-unicore32"
-
-DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure you have the
-kernel module loaded before running kvm. The easiest way to ensure that the
-kernel module is loaded is to load it on boot.
- For AMD CPUs the module is called 'kvm-amd'.
- For Intel CPUs the module is called 'kvm-intel'.
-Please review /etc/conf.d/modules for how to load these.
-
-Make sure your user is in the 'kvm' group. Just run
- $ gpasswd -a <USER> kvm
-then have <USER> re-login.
-
-For brand new installs, the default permissions on /dev/kvm might not let
-you access it. You can tell udev to reset ownership/perms:
- $ udevadm trigger -c add /dev/kvm
-
-If you want to register binfmt handlers for qemu user targets:
-For openrc:
- # rc-update add qemu-binfmt
-For systemd:
- # ln -s /usr/share/qemu/binfmt.d/qemu.conf /etc/binfmt.d/qemu.conf"
-
-pkg_pretend() {
- if use kernel_linux && kernel_is lt 2 6 25; then
- eerror "This version of KVM requres a host kernel of 2.6.25 or higher."
- elif use kernel_linux; then
- if ! linux_config_exists; then
- eerror "Unable to check your kernel for KVM support"
- else
- CONFIG_CHECK="~KVM ~TUN ~BRIDGE"
- ERROR_KVM="You must enable KVM in your kernel to continue"
- ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in"
- ERROR_KVM_AMD+=" your kernel configuration."
- ERROR_KVM_INTEL="If you have an Intel CPU, you must enable"
- ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration."
- ERROR_TUN="You will need the Universal TUN/TAP driver compiled"
- ERROR_TUN+=" into your kernel or loaded as a module to use the"
- ERROR_TUN+=" virtual network device if using -net tap."
- ERROR_BRIDGE="You will also need support for 802.1d"
- ERROR_BRIDGE+=" Ethernet Bridging for some network configurations."
- use vhost-net && CONFIG_CHECK+=" ~VHOST_NET"
- ERROR_VHOST_NET="You must enable VHOST_NET to have vhost-net"
- ERROR_VHOST_NET+=" support"
-
- if use amd64 || use x86 || use amd64-linux || use x86-linux; then
- CONFIG_CHECK+=" ~KVM_AMD ~KVM_INTEL"
- fi
-
- use python && CONFIG_CHECK+=" ~DEBUG_FS"
- ERROR_DEBUG_FS="debugFS support required for kvm_stat"
-
- # Now do the actual checks setup above
- check_extra_config
- fi
- fi
-
- if grep -qs '/usr/bin/qemu-kvm' "${EROOT}"/etc/libvirt/qemu/*.xml; then
- eerror "The kvm/qemu-kvm wrappers no longer exist, but your libvirt"
- eerror "instances are still pointing to it. Please update your"
- eerror "configs in /etc/libvirt/qemu/ to use the -enable-kvm flag"
- eerror "and the right system binary (e.g. qemu-system-x86_64)."
- die "update your virt configs to not use qemu-kvm"
- fi
-}
-
-pkg_setup() {
- enewgroup kvm 78
-}
-
-# Sanity check to make sure target lists are kept up-to-date.
-check_targets() {
- local var=$1 mak=$2
- local detected sorted
-
- pushd "${S}"/default-configs >/dev/null || die
-
- # Force C locale until glibc is updated. #564936
- detected=$(echo $(printf '%s\n' *-${mak}.mak | sed "s:-${mak}.mak::" | LC_COLLATE=C sort -u))
- sorted=$(echo $(printf '%s\n' ${!var} | LC_COLLATE=C sort -u))
- if [[ ${sorted} != "${detected}" ]] ; then
- eerror "The ebuild needs to be kept in sync."
- eerror "${var}: ${sorted}"
- eerror "$(printf '%-*s' ${#var} configure): ${detected}"
- die "sync ${var} to the list of targets"
- fi
-
- popd >/dev/null
-}
-
-handle_locales() {
- # Make sure locale list is kept up-to-date.
- local detected sorted
- detected=$(echo $(cd po && printf '%s\n' *.po | grep -v messages.po | sed 's:.po$::' | sort -u))
- sorted=$(echo $(printf '%s\n' ${PLOCALES} | sort -u))
- if [[ ${sorted} != "${detected}" ]] ; then
- eerror "The ebuild needs to be kept in sync."
- eerror "PLOCALES: ${sorted}"
- eerror " po/*.po: ${detected}"
- die "sync PLOCALES"
- fi
-
- # Deal with selective install of locales.
- if use nls ; then
- # Delete locales the user does not want. #577814
- rm_loc() { rm po/$1.po || die; }
- l10n_for_each_disabled_locale_do rm_loc
- else
- # Cheap hack to disable gettext .mo generation.
- rm -f po/*.po
- fi
-}
-
-src_prepare() {
- check_targets IUSE_SOFTMMU_TARGETS softmmu
- check_targets IUSE_USER_TARGETS linux-user
-
- # Alter target makefiles to accept CFLAGS set via flag-o
- sed -i -r \
- -e 's/^(C|OP_C|HELPER_C)FLAGS=/\1FLAGS+=/' \
- Makefile Makefile.target || die
-
- default
-
- # Fix ld and objcopy being called directly
- tc-export AR LD OBJCOPY
-
- # Verbose builds
- MAKEOPTS+=" V=1"
-
- # Run after we've applied all patches.
- handle_locales
-
- #remove bundled copy of libfdt
- rm -r dtc || die
-}
-
-##
-# configures qemu based on the build directory and the build type
-# we are using.
-#
-qemu_src_configure() {
- debug-print-function ${FUNCNAME} "$@"
-
- local buildtype=$1
- local builddir="${S}/${buildtype}-build"
-
- mkdir "${builddir}"
-
- local conf_opts=(
- --prefix=/usr
- --sysconfdir=/etc
- --libdir=/usr/$(get_libdir)
- --docdir=/usr/share/doc/${PF}/html
- --disable-bsd-user
- --disable-guest-agent
- --disable-strip
- --disable-werror
- # We support gnutls/nettle for crypto operations. It is possible
- # to use gcrypt when gnutls/nettle are disabled (but not when they
- # are enabled), but it's not really worth the hassle. Disable it
- # all the time to avoid automatically detecting it. #568856
- --disable-gcrypt
- --python="${PYTHON}"
- --cc="$(tc-getCC)"
- --cxx="$(tc-getCXX)"
- --host-cc="$(tc-getBUILD_CC)"
- $(use_enable debug debug-info)
- $(use_enable debug debug-tcg)
- --enable-docs
- $(use_enable tci tcg-interpreter)
- $(use_enable xattr attr)
- )
-
- # Disable options not used by user targets. This simplifies building
- # static user targets (USE=static-user) considerably.
- conf_notuser() {
- if [[ ${buildtype} == "user" ]] ; then
- echo "--disable-${2:-$1}"
- else
- use_enable "$@"
- fi
- }
- conf_opts+=(
- $(conf_notuser accessibility brlapi)
- $(conf_notuser aio linux-aio)
- $(conf_notuser bzip2)
- $(conf_notuser bluetooth bluez)
- $(conf_notuser caps cap-ng)
- $(conf_notuser curl)
- $(conf_notuser fdt)
- $(conf_notuser glusterfs)
- $(conf_notuser gnutls)
- $(conf_notuser gnutls nettle)
- $(conf_notuser gtk)
- $(conf_notuser infiniband rdma)
- $(conf_notuser iscsi libiscsi)
- $(conf_notuser jpeg vnc-jpeg)
- $(conf_notuser kernel_linux kvm)
- $(conf_notuser lzo)
- $(conf_notuser ncurses curses)
- $(conf_notuser nfs libnfs)
- $(conf_notuser numa)
- $(conf_notuser opengl)
- $(conf_notuser png vnc-png)
- $(conf_notuser rbd)
- $(conf_notuser sasl vnc-sasl)
- $(conf_notuser sdl)
- $(conf_notuser seccomp)
- $(conf_notuser smartcard)
- $(conf_notuser snappy)
- $(conf_notuser spice)
- $(conf_notuser ssh libssh2)
- $(conf_notuser usb libusb)
- $(conf_notuser usbredir usb-redir)
- $(conf_notuser vde)
- $(conf_notuser vhost-net)
- $(conf_notuser virgl virglrenderer)
- $(conf_notuser virtfs)
- $(conf_notuser vnc)
- $(conf_notuser vte)
- $(conf_notuser xen)
- $(conf_notuser xen xen-pci-passthrough)
- $(conf_notuser xfs xfsctl)
- )
-
- if [[ ! ${buildtype} == "user" ]] ; then
- # audio options
- local audio_opts="oss"
- use alsa && audio_opts="alsa,${audio_opts}"
- use sdl && audio_opts="sdl,${audio_opts}"
- use pulseaudio && audio_opts="pa,${audio_opts}"
- conf_opts+=(
- --audio-drv-list="${audio_opts}"
- )
- use gtk && conf_opts+=( --with-gtkabi=$(usex gtk2 2.0 3.0) )
- use sdl && conf_opts+=( --with-sdlabi=$(usex sdl2 2.0 1.2) )
- fi
-
- case ${buildtype} in
- user)
- conf_opts+=(
- --enable-linux-user
- --disable-system
- --disable-blobs
- --disable-tools
- )
- local static_flag="static-user"
- ;;
- softmmu)
- conf_opts+=(
- --disable-linux-user
- --enable-system
- --disable-tools
- --with-system-pixman
- )
- local static_flag="static"
- ;;
- tools)
- conf_opts+=(
- --disable-linux-user
- --disable-system
- --disable-blobs
- --enable-tools
- )
- local static_flag="static"
- ;;
- esac
-
- local targets="${buildtype}_targets"
- [[ -n ${targets} ]] && conf_opts+=( --target-list="${!targets}" )
-
- # Add support for SystemTAP
- use systemtap && conf_opts+=( --enable-trace-backend=dtrace )
-
- # We always want to attempt to build with PIE support as it results
- # in a more secure binary. But it doesn't work with static or if
- # the current GCC doesn't have PIE support.
- if use ${static_flag}; then
- conf_opts+=( --static --disable-pie )
- else
- tc-enables-pie && conf_opts+=( --enable-pie )
- fi
-
- echo "../configure ${conf_opts[*]}"
- cd "${builddir}"
- ../configure "${conf_opts[@]}" || die "configure failed"
-
- # FreeBSD's kernel does not support QEMU assigning/grabbing
- # host USB devices yet
- use kernel_FreeBSD && \
- sed -i -E -e "s|^(HOST_USB=)bsd|\1stub|" "${S}"/config-host.mak
-}
-
-src_configure() {
- local target
-
- python_setup
-
- softmmu_targets= softmmu_bins=()
- user_targets= user_bins=()
-
- for target in ${IUSE_SOFTMMU_TARGETS} ; do
- if use "qemu_softmmu_targets_${target}"; then
- softmmu_targets+=",${target}-softmmu"
- softmmu_bins+=( "qemu-system-${target}" )
- fi
- done
-
- for target in ${IUSE_USER_TARGETS} ; do
- if use "qemu_user_targets_${target}"; then
- user_targets+=",${target}-linux-user"
- user_bins+=( "qemu-${target}" )
- fi
- done
-
- softmmu_targets=${softmmu_targets#,}
- user_targets=${user_targets#,}
-
- [[ -n ${softmmu_targets} ]] && qemu_src_configure "softmmu"
- [[ -n ${user_targets} ]] && qemu_src_configure "user"
- qemu_src_configure "tools"
-}
-
-src_compile() {
- if [[ -n ${user_targets} ]]; then
- cd "${S}/user-build"
- default
- fi
-
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- default
- fi
-
- cd "${S}/tools-build"
- default
-}
-
-src_test() {
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- pax-mark m */qemu-system-* #515550
- emake -j1 check
- emake -j1 check-report.html
- fi
-}
-
-qemu_python_install() {
- python_domodule "${S}/scripts/qmp/qmp.py"
-
- python_doscript "${S}/scripts/kvm/vmxcap"
- python_doscript "${S}/scripts/qmp/qmp-shell"
- python_doscript "${S}/scripts/qmp/qemu-ga-client"
-}
-
-# Generate binfmt support files.
-# - /etc/init.d/qemu-binfmt script which registers the user handlers (openrc)
-# - /usr/share/qemu/binfmt.d/qemu.conf (for use with systemd-binfmt)
-generate_initd() {
- local out="${T}/qemu-binfmt"
- local out_systemd="${T}/qemu.conf"
- local d="${T}/binfmt.d"
-
- einfo "Generating qemu binfmt scripts and configuration files"
-
- # Generate the debian fragments first.
- mkdir -p "${d}"
- "${S}"/scripts/qemu-binfmt-conf.sh \
- --debian \
- --exportdir "${d}" \
- --qemu-path "${EPREFIX}/usr/bin" \
- || die
- # Then turn the fragments into a shell script we can source.
- sed -E -i \
- -e 's:^([^ ]+) (.*)$:\1="\2":' \
- "${d}"/* || die
-
- # Generate the init.d script by assembling the fragments from above.
- local f qcpu package interpreter magic mask
- cat "${FILESDIR}"/qemu-binfmt.initd.head >"${out}" || die
- for f in "${d}"/qemu-* ; do
- source "${f}"
-
- # Normalize the cpu logic like we do in the init.d for the native cpu.
- qcpu=${package#qemu-}
- case ${qcpu} in
- arm*) qcpu="arm";;
- mips*) qcpu="mips";;
- ppc*) qcpu="ppc";;
- s390*) qcpu="s390";;
- sh*) qcpu="sh";;
- sparc*) qcpu="sparc";;
- esac
-
- cat <<EOF >>"${out}"
- if [ "\${cpu}" != "${qcpu}" -a -x "${interpreter}" ] ; then
- echo ':${package}:M::${magic}:${mask}:${interpreter}:'"\${QEMU_BINFMT_FLAGS}" >/proc/sys/fs/binfmt_misc/register
- fi
-EOF
-
- echo ":${package}:M::${magic}:${mask}:${interpreter}:OC" >>"${out_systemd}"
-
- done
- cat "${FILESDIR}"/qemu-binfmt.initd.tail >>"${out}" || die
-}
-
-src_install() {
- if [[ -n ${user_targets} ]]; then
- cd "${S}/user-build"
- emake DESTDIR="${ED}" install
-
- # Install binfmt handler init script for user targets.
- generate_initd
- doinitd "${T}/qemu-binfmt"
-
- # Install binfmt/qemu.conf.
- insinto "/usr/share/qemu/binfmt.d"
- doins "${T}/qemu.conf"
- fi
-
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- emake DESTDIR="${ED}" install
-
- # This might not exist if the test failed. #512010
- [[ -e check-report.html ]] && dohtml check-report.html
-
- if use kernel_linux; then
- udev_newrules "${FILESDIR}"/65-kvm.rules-r1 65-kvm.rules
- fi
-
- if use python; then
- python_foreach_impl qemu_python_install
- fi
- fi
-
- cd "${S}/tools-build"
- emake DESTDIR="${ED}" install
-
- # Disable mprotect on the qemu binaries as they use JITs to be fast #459348
- pushd "${ED}"/usr/bin >/dev/null
- pax-mark mr "${softmmu_bins[@]}" "${user_bins[@]}" # bug 575594
- popd >/dev/null
-
- # Install config file example for qemu-bridge-helper
- insinto "/etc/qemu"
- doins "${FILESDIR}/bridge.conf"
-
- cd "${S}"
- dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt
- newdoc pc-bios/README README.pc-bios
- dodoc docs/qmp-*.txt
-
- if [[ -n ${softmmu_targets} ]]; then
- # Remove SeaBIOS since we're using the SeaBIOS packaged one
- rm "${ED}/usr/share/qemu/bios.bin"
- rm "${ED}/usr/share/qemu/bios-256k.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../seabios/bios.bin /usr/share/qemu/bios.bin
- dosym ../seabios/bios-256k.bin /usr/share/qemu/bios-256k.bin
- fi
-
- # Remove vgabios since we're using the seavgabios packaged one
- rm "${ED}/usr/share/qemu/vgabios.bin"
- rm "${ED}/usr/share/qemu/vgabios-cirrus.bin"
- rm "${ED}/usr/share/qemu/vgabios-qxl.bin"
- rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
- rm "${ED}/usr/share/qemu/vgabios-virtio.bin"
- rm "${ED}/usr/share/qemu/vgabios-vmware.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../seavgabios/vgabios-isavga.bin /usr/share/qemu/vgabios.bin
- dosym ../seavgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
- dosym ../seavgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
- dosym ../seavgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
- dosym ../seavgabios/vgabios-virtio.bin /usr/share/qemu/vgabios-virtio.bin
- dosym ../seavgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
- fi
-
- # Remove sgabios since we're using the sgabios packaged one
- rm "${ED}/usr/share/qemu/sgabios.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../sgabios/sgabios.bin /usr/share/qemu/sgabios.bin
- fi
-
- # Remove iPXE since we're using the iPXE packaged one
- rm "${ED}"/usr/share/qemu/pxe-*.rom
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../ipxe/8086100e.rom /usr/share/qemu/pxe-e1000.rom
- dosym ../ipxe/80861209.rom /usr/share/qemu/pxe-eepro100.rom
- dosym ../ipxe/10500940.rom /usr/share/qemu/pxe-ne2k_pci.rom
- dosym ../ipxe/10222000.rom /usr/share/qemu/pxe-pcnet.rom
- dosym ../ipxe/10ec8139.rom /usr/share/qemu/pxe-rtl8139.rom
- dosym ../ipxe/1af41000.rom /usr/share/qemu/pxe-virtio.rom
- fi
- fi
-
- DISABLE_AUTOFORMATTING=true
- readme.gentoo_create_doc
-}
-
-firmware_abi_change() {
- local pv
- for pv in ${REPLACING_VERSIONS}; do
- if ! version_is_at_least ${FIRMWARE_ABI_VERSION} ${pv}; then
- return 0
- fi
- done
- return 1
-}
-
-pkg_postinst() {
- if [[ -n ${softmmu_targets} ]] && use kernel_linux; then
- udev_reload
- fi
-
- fcaps cap_net_admin /usr/libexec/qemu-bridge-helper
-
- DISABLE_AUTOFORMATTING=true
- readme.gentoo_print_elog
-
- if use pin-upstream-blobs && firmware_abi_change; then
- ewarn "This version of qemu pins new versions of firmware blobs:"
- ewarn " $(best_version sys-firmware/edk2-ovmf)"
- ewarn " $(best_version sys-firmware/ipxe)"
- ewarn " $(best_version sys-firmware/seabios)"
- ewarn " $(best_version sys-firmware/sgabios)"
- ewarn "This might break resume of hibernated guests (started with a different"
- ewarn "firmware version) and live migration to/from qemu versions with different"
- ewarn "firmware. Please (cold) restart all running guests. For functional"
- ewarn "guest migration ensure that all"
- ewarn "hosts run at least"
- ewarn " app-emulation/qemu-${FIRMWARE_ABI_VERSION}."
- fi
-}
-
-pkg_info() {
- echo "Using:"
- echo " $(best_version app-emulation/spice-protocol)"
- echo " $(best_version sys-firmware/edk2-ovmf)"
- if has_version 'sys-firmware/edk2-ovmf[binary]'; then
- echo " USE=binary"
- else
- echo " USE=''"
- fi
- echo " $(best_version sys-firmware/ipxe)"
- echo " $(best_version sys-firmware/seabios)"
- if has_version 'sys-firmware/seabios[binary]'; then
- echo " USE=binary"
- else
- echo " USE=''"
- fi
- echo " $(best_version sys-firmware/sgabios)"
-}
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/
@ 2017-12-21 23:25 Aric Belsito
0 siblings, 0 replies; 19+ messages in thread
From: Aric Belsito @ 2017-12-21 23:25 UTC (permalink / raw
To: gentoo-commits
commit: 63e6f9c259d3323d9ca9a54846afd8d400827dff
Author: Aric Belsito <lluixhi <AT> gmail <DOT> com>
AuthorDate: Thu Dec 21 23:15:33 2017 +0000
Commit: Aric Belsito <lluixhi <AT> gmail <DOT> com>
CommitDate: Thu Dec 21 23:15:33 2017 +0000
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=63e6f9c2
app-emulation/qemu: version bump to 2.10.1-r1
app-emulation/qemu/Manifest | 3 +-
.../qemu/files/qemu-2.10.0-CVE-2017-13711.patch | 80 ---
app-emulation/qemu/qemu-2.10.0.ebuild | 787 ---------------------
.../{qemu-2.10.1.ebuild => qemu-2.10.1-r1.ebuild} | 6 +-
4 files changed, 6 insertions(+), 870 deletions(-)
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
index 95c955c..2aded65 100644
--- a/app-emulation/qemu/Manifest
+++ b/app-emulation/qemu/Manifest
@@ -1,2 +1 @@
-DIST qemu-2.10.0.tar.bz2 30955656 SHA256 7e9f39e1306e6dcc595494e91c1464d4b03f55ddd2053183e0e1b69f7f776d48 SHA512 ea21c014030f8a902df159641e6ccb45f0850ac5cb1cb8ab6845124c44ea5def54845e7bc66a6e80d624c78069f9baa913ee5119704076ae4ff47ab018ace9f9 WHIRLPOOL 58f846788fdf2b0c90e6d17ce921a1fe02556968d38ffc11be7e32b81ebc723dfeaa790f22d8085d4f388eb01fe0daa3ddbc00630c5ecba083df33cc9709fb39
-DIST qemu-2.10.1.tar.bz2 30821108 SHA256 8e040bc7556401ebb3a347a8f7878e9d4028cf71b2744b1a1699f4e741966ba8 SHA512 1a4a6ebf700ec6851c83cc2a71eaea8d95f14c685d094eaaa86c740eb9401e49a79074b72385f58681ca7646771a99bb6bbd9bebb39162f7220626d37ed0654f WHIRLPOOL 79b1b8c19affc799e1a42c02a7c2fea13bf4ca1f9a2aa6e765d529aa3531f68cca77e92264561b2884314074f3148469f5a2f976c3473beb5ed0568617ce777b
+DIST qemu-2.10.1.tar.bz2 30821108 BLAKE2B bb096139f6b387a3cf3933dd3aeb97777479022b1b34ed0212b51d7061f9a19b3e83a4e9a13c6cf81c14718731ddf8646226a5b0d99ebbc9abb387d7eec94238 SHA512 1a4a6ebf700ec6851c83cc2a71eaea8d95f14c685d094eaaa86c740eb9401e49a79074b72385f58681ca7646771a99bb6bbd9bebb39162f7220626d37ed0654f
diff --git a/app-emulation/qemu/files/qemu-2.10.0-CVE-2017-13711.patch b/app-emulation/qemu/files/qemu-2.10.0-CVE-2017-13711.patch
deleted file mode 100644
index 9d02656..0000000
--- a/app-emulation/qemu/files/qemu-2.10.0-CVE-2017-13711.patch
+++ /dev/null
@@ -1,80 +0,0 @@
-From 1201d308519f1e915866d7583d5136d03cc1d384 Mon Sep 17 00:00:00 2001
-From: Samuel Thibault <samuel.thibault@ens-lyon.org>
-Date: Fri, 25 Aug 2017 01:35:53 +0200
-Subject: [PATCH] slirp: fix clearing ifq_so from pending packets
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The if_fastq and if_batchq contain not only packets, but queues of packets
-for the same socket. When sofree frees a socket, it thus has to clear ifq_so
-from all the packets from the queues, not only the first.
-
-Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
-Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
-Cc: qemu-stable@nongnu.org
-Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
----
- slirp/socket.c | 39 +++++++++++++++++++++++----------------
- 1 file changed, 23 insertions(+), 16 deletions(-)
-
-diff --git a/slirp/socket.c b/slirp/socket.c
-index ecec0295a9..cb7b5b608d 100644
---- a/slirp/socket.c
-+++ b/slirp/socket.c
-@@ -60,29 +60,36 @@ socreate(Slirp *slirp)
- }
-
- /*
-+ * Remove references to so from the given message queue.
-+ */
-+static void
-+soqfree(struct socket *so, struct quehead *qh)
-+{
-+ struct mbuf *ifq;
-+
-+ for (ifq = (struct mbuf *) qh->qh_link;
-+ (struct quehead *) ifq != qh;
-+ ifq = ifq->ifq_next) {
-+ if (ifq->ifq_so == so) {
-+ struct mbuf *ifm;
-+ ifq->ifq_so = NULL;
-+ for (ifm = ifq->ifs_next; ifm != ifq; ifm = ifm->ifs_next) {
-+ ifm->ifq_so = NULL;
-+ }
-+ }
-+ }
-+}
-+
-+/*
- * remque and free a socket, clobber cache
- */
- void
- sofree(struct socket *so)
- {
- Slirp *slirp = so->slirp;
-- struct mbuf *ifm;
-
-- for (ifm = (struct mbuf *) slirp->if_fastq.qh_link;
-- (struct quehead *) ifm != &slirp->if_fastq;
-- ifm = ifm->ifq_next) {
-- if (ifm->ifq_so == so) {
-- ifm->ifq_so = NULL;
-- }
-- }
--
-- for (ifm = (struct mbuf *) slirp->if_batchq.qh_link;
-- (struct quehead *) ifm != &slirp->if_batchq;
-- ifm = ifm->ifq_next) {
-- if (ifm->ifq_so == so) {
-- ifm->ifq_so = NULL;
-- }
-- }
-+ soqfree(so, &slirp->if_fastq);
-+ soqfree(so, &slirp->if_batchq);
-
- if (so->so_emu==EMU_RSH && so->extra) {
- sofree(so->extra);
---
-2.13.5
-
diff --git a/app-emulation/qemu/qemu-2.10.0.ebuild b/app-emulation/qemu/qemu-2.10.0.ebuild
deleted file mode 100644
index 9c32a85..0000000
--- a/app-emulation/qemu/qemu-2.10.0.ebuild
+++ /dev/null
@@ -1,787 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="6"
-
-PYTHON_COMPAT=( python2_7 )
-PYTHON_REQ_USE="ncurses,readline"
-
-PLOCALES="bg de_DE fr_FR hu it tr zh_CN"
-
-FIRMWARE_ABI_VERSION="2.9.0-r52"
-
-inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \
- user udev fcaps readme.gentoo-r1 pax-utils l10n
-
-if [[ ${PV} = *9999* ]]; then
- EGIT_REPO_URI="git://git.qemu.org/qemu.git"
- inherit git-r3
- SRC_URI=""
-else
- SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
- KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd"
-fi
-
-DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
-HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
-
-LICENSE="GPL-2 LGPL-2 BSD-2"
-SLOT="0"
-IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt
- glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux
- kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png
- pulseaudio python rbd sasl +seccomp sdl sdl2 selinux smartcard snappy
- spice ssh static static-user systemtap tci test usb usbredir vde
- +vhost-net virgl virtfs +vnc vte xattr xen xfs"
-
-COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel
- mips mips64 mips64el mipsel nios2 or1k ppc ppc64 s390x sh4 sh4eb sparc
- sparc64 x86_64"
-IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS}
- lm32 moxie ppcemb tricore unicore32 xtensa xtensaeb"
-IUSE_USER_TARGETS="${COMMON_TARGETS}
- armeb hppa mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx"
-
-use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
-use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS})
-IUSE+=" ${use_softmmu_targets} ${use_user_targets}"
-
-# Allow no targets to be built so that people can get a tools-only build.
-# Block USE flag configurations known to not work.
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- gtk2? ( gtk )
- qemu_softmmu_targets_arm? ( fdt )
- qemu_softmmu_targets_microblaze? ( fdt )
- qemu_softmmu_targets_mips64el? ( fdt )
- qemu_softmmu_targets_ppc? ( fdt )
- qemu_softmmu_targets_ppc64? ( fdt )
- sdl2? ( sdl )
- static? ( static-user !alsa !bluetooth !gtk !gtk2 !opengl !pulseaudio )
- virtfs? ( xattr )
- vte? ( gtk )"
-
-# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
-# and user/softmmu targets (qemu-*, qemu-system-*).
-#
-# Yep, you need both libcap and libcap-ng since virtfs only uses libcap.
-#
-# The attr lib isn't always linked in (although the USE flag is always
-# respected). This is because qemu supports using the C library's API
-# when available rather than always using the extranl library.
-ALL_DEPEND="
- >=dev-libs/glib-2.0[static-libs(+)]
- sys-libs/zlib[static-libs(+)]
- python? ( ${PYTHON_DEPS} )
- systemtap? ( dev-util/systemtap )
- xattr? ( sys-apps/attr[static-libs(+)] )"
-
-# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
-# softmmu targets (qemu-system-*).
-SOFTMMU_TOOLS_DEPEND="
- >=x11-libs/pixman-0.28.0[static-libs(+)]
- accessibility? (
- app-accessibility/brltty[api]
- app-accessibility/brltty[static-libs(+)]
- )
- aio? ( dev-libs/libaio[static-libs(+)] )
- alsa? ( >=media-libs/alsa-lib-1.0.13 )
- bluetooth? ( net-wireless/bluez )
- bzip2? ( app-arch/bzip2[static-libs(+)] )
- caps? ( sys-libs/libcap-ng[static-libs(+)] )
- curl? ( >=net-misc/curl-7.15.4[static-libs(+)] )
- fdt? ( >=sys-apps/dtc-1.4.0[static-libs(+)] )
- glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] )
- gnutls? (
- dev-libs/nettle:=[static-libs(+)]
- >=net-libs/gnutls-3.0:=[static-libs(+)]
- )
- gtk? (
- gtk2? (
- x11-libs/gtk+:2
- vte? ( x11-libs/vte:0 )
- )
- !gtk2? (
- x11-libs/gtk+:3
- vte? ( x11-libs/vte:2.91 )
- )
- )
- infiniband? ( sys-fabric/librdmacm:=[static-libs(+)] )
- iscsi? ( net-libs/libiscsi )
- jpeg? ( virtual/jpeg:0=[static-libs(+)] )
- lzo? ( dev-libs/lzo:2[static-libs(+)] )
- ncurses? (
- sys-libs/ncurses:0=[unicode]
- sys-libs/ncurses:0=[static-libs(+)]
- )
- nfs? ( >=net-fs/libnfs-1.9.3[static-libs(+)] )
- numa? ( sys-process/numactl[static-libs(+)] )
- opengl? (
- virtual/opengl
- media-libs/libepoxy[static-libs(+)]
- media-libs/mesa[static-libs(+)]
- media-libs/mesa[egl,gbm]
- )
- png? ( media-libs/libpng:0=[static-libs(+)] )
- pulseaudio? ( media-sound/pulseaudio )
- rbd? ( sys-cluster/ceph[static-libs(+)] )
- sasl? ( dev-libs/cyrus-sasl[static-libs(+)] )
- sdl? (
- !sdl2? (
- media-libs/libsdl[X]
- >=media-libs/libsdl-1.2.11[static-libs(+)]
- )
- sdl2? (
- media-libs/libsdl2[X]
- media-libs/libsdl2[static-libs(+)]
- )
- )
- seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] )
- smartcard? ( >=app-emulation/libcacard-2.5.0[static-libs(+)] )
- snappy? ( app-arch/snappy:=[static-libs(+)] )
- spice? (
- >=app-emulation/spice-protocol-0.12.3
- >=app-emulation/spice-0.12.0[static-libs(+)]
- )
- ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] )
- usb? ( >=virtual/libusb-1-r2[static-libs(+)] )
- usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] )
- vde? ( net-misc/vde[static-libs(+)] )
- virgl? ( media-libs/virglrenderer[static-libs(+)] )
- virtfs? ( sys-libs/libcap )
- xen? ( app-emulation/xen-tools:= )
- xfs? ( sys-fs/xfsprogs[static-libs(+)] )"
-
-X86_FIRMWARE_DEPEND="
- pin-upstream-blobs? (
- ~sys-firmware/edk2-ovmf-2017_pre20170505[binary]
- ~sys-firmware/ipxe-1.0.0_p20160620
- ~sys-firmware/seabios-1.10.2[binary,seavgabios]
- ~sys-firmware/sgabios-0.1_pre8
- )
- !pin-upstream-blobs? (
- sys-firmware/edk2-ovmf
- sys-firmware/ipxe
- >=sys-firmware/seabios-1.10.2[seavgabios]
- sys-firmware/sgabios
- )"
-
-CDEPEND="
- !static? (
- ${ALL_DEPEND//\[static-libs(+)]}
- ${SOFTMMU_TOOLS_DEPEND//\[static-libs(+)]}
- )
- qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} )
- qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )"
-DEPEND="${CDEPEND}
- dev-lang/perl
- =dev-lang/python-2*
- sys-apps/texinfo
- virtual/pkgconfig
- kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 )
- gtk? ( nls? ( sys-devel/gettext ) )
- static? (
- ${ALL_DEPEND}
- ${SOFTMMU_TOOLS_DEPEND}
- )
- static-user? ( ${ALL_DEPEND} )
- test? (
- dev-libs/glib[utils]
- sys-devel/bc
- )"
-RDEPEND="${CDEPEND}
- selinux? ( sec-policy/selinux-qemu )"
-
-PATCHES=(
- # musl patches
- "${FILESDIR}"/${PN}-2.8.0-F_SHLCK-and-F_EXLCK.patch
- "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
- "${FILESDIR}"/${PN}-2.2.0-_sigev_un.patch
-
- # gentoo patches
- "${FILESDIR}"/${PN}-2.5.0-cflags.patch
- "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
- "${FILESDIR}"/${PN}-2.10.0-CVE-2017-13711.patch # bug 629350
-)
-
-STRIP_MASK="/usr/share/qemu/palcode-clipper"
-
-QA_PREBUILT="
- usr/share/qemu/openbios-ppc
- usr/share/qemu/openbios-sparc64
- usr/share/qemu/openbios-sparc32
- usr/share/qemu/palcode-clipper
- usr/share/qemu/s390-ccw.img
- usr/share/qemu/s390-netboot.img
- usr/share/qemu/u-boot.e500"
-
-QA_WX_LOAD="usr/bin/qemu-i386
- usr/bin/qemu-x86_64
- usr/bin/qemu-alpha
- usr/bin/qemu-arm
- usr/bin/qemu-cris
- usr/bin/qemu-m68k
- usr/bin/qemu-microblaze
- usr/bin/qemu-microblazeel
- usr/bin/qemu-mips
- usr/bin/qemu-mipsel
- usr/bin/qemu-or1k
- usr/bin/qemu-ppc
- usr/bin/qemu-ppc64
- usr/bin/qemu-ppc64abi32
- usr/bin/qemu-sh4
- usr/bin/qemu-sh4eb
- usr/bin/qemu-sparc
- usr/bin/qemu-sparc64
- usr/bin/qemu-armeb
- usr/bin/qemu-sparc32plus
- usr/bin/qemu-s390x
- usr/bin/qemu-unicore32"
-
-DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure you have the
-kernel module loaded before running kvm. The easiest way to ensure that the
-kernel module is loaded is to load it on boot.
- For AMD CPUs the module is called 'kvm-amd'.
- For Intel CPUs the module is called 'kvm-intel'.
-Please review /etc/conf.d/modules for how to load these.
-
-Make sure your user is in the 'kvm' group. Just run
- $ gpasswd -a <USER> kvm
-then have <USER> re-login.
-
-For brand new installs, the default permissions on /dev/kvm might not let
-you access it. You can tell udev to reset ownership/perms:
- $ udevadm trigger -c add /dev/kvm
-
-If you want to register binfmt handlers for qemu user targets:
-For openrc:
- # rc-update add qemu-binfmt
-For systemd:
- # ln -s /usr/share/qemu/binfmt.d/qemu.conf /etc/binfmt.d/qemu.conf"
-
-pkg_pretend() {
- if use kernel_linux && kernel_is lt 2 6 25; then
- eerror "This version of KVM requres a host kernel of 2.6.25 or higher."
- elif use kernel_linux; then
- if ! linux_config_exists; then
- eerror "Unable to check your kernel for KVM support"
- else
- CONFIG_CHECK="~KVM ~TUN ~BRIDGE"
- ERROR_KVM="You must enable KVM in your kernel to continue"
- ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in"
- ERROR_KVM_AMD+=" your kernel configuration."
- ERROR_KVM_INTEL="If you have an Intel CPU, you must enable"
- ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration."
- ERROR_TUN="You will need the Universal TUN/TAP driver compiled"
- ERROR_TUN+=" into your kernel or loaded as a module to use the"
- ERROR_TUN+=" virtual network device if using -net tap."
- ERROR_BRIDGE="You will also need support for 802.1d"
- ERROR_BRIDGE+=" Ethernet Bridging for some network configurations."
- use vhost-net && CONFIG_CHECK+=" ~VHOST_NET"
- ERROR_VHOST_NET="You must enable VHOST_NET to have vhost-net"
- ERROR_VHOST_NET+=" support"
-
- if use amd64 || use x86 || use amd64-linux || use x86-linux; then
- CONFIG_CHECK+=" ~KVM_AMD ~KVM_INTEL"
- fi
-
- use python && CONFIG_CHECK+=" ~DEBUG_FS"
- ERROR_DEBUG_FS="debugFS support required for kvm_stat"
-
- # Now do the actual checks setup above
- check_extra_config
- fi
- fi
-
- if grep -qs '/usr/bin/qemu-kvm' "${EROOT}"/etc/libvirt/qemu/*.xml; then
- eerror "The kvm/qemu-kvm wrappers no longer exist, but your libvirt"
- eerror "instances are still pointing to it. Please update your"
- eerror "configs in /etc/libvirt/qemu/ to use the -enable-kvm flag"
- eerror "and the right system binary (e.g. qemu-system-x86_64)."
- die "update your virt configs to not use qemu-kvm"
- fi
-}
-
-pkg_setup() {
- enewgroup kvm 78
-}
-
-# Sanity check to make sure target lists are kept up-to-date.
-check_targets() {
- local var=$1 mak=$2
- local detected sorted
-
- pushd "${S}"/default-configs >/dev/null || die
-
- # Force C locale until glibc is updated. #564936
- detected=$(echo $(printf '%s\n' *-${mak}.mak | sed "s:-${mak}.mak::" | LC_COLLATE=C sort -u))
- sorted=$(echo $(printf '%s\n' ${!var} | LC_COLLATE=C sort -u))
- if [[ ${sorted} != "${detected}" ]] ; then
- eerror "The ebuild needs to be kept in sync."
- eerror "${var}: ${sorted}"
- eerror "$(printf '%-*s' ${#var} configure): ${detected}"
- die "sync ${var} to the list of targets"
- fi
-
- popd >/dev/null
-}
-
-handle_locales() {
- # Make sure locale list is kept up-to-date.
- local detected sorted
- detected=$(echo $(cd po && printf '%s\n' *.po | grep -v messages.po | sed 's:.po$::' | sort -u))
- sorted=$(echo $(printf '%s\n' ${PLOCALES} | sort -u))
- if [[ ${sorted} != "${detected}" ]] ; then
- eerror "The ebuild needs to be kept in sync."
- eerror "PLOCALES: ${sorted}"
- eerror " po/*.po: ${detected}"
- die "sync PLOCALES"
- fi
-
- # Deal with selective install of locales.
- if use nls ; then
- # Delete locales the user does not want. #577814
- rm_loc() { rm po/$1.po || die; }
- l10n_for_each_disabled_locale_do rm_loc
- else
- # Cheap hack to disable gettext .mo generation.
- rm -f po/*.po
- fi
-}
-
-src_prepare() {
- check_targets IUSE_SOFTMMU_TARGETS softmmu
- check_targets IUSE_USER_TARGETS linux-user
-
- # Alter target makefiles to accept CFLAGS set via flag-o
- sed -i -r \
- -e 's/^(C|OP_C|HELPER_C)FLAGS=/\1FLAGS+=/' \
- Makefile Makefile.target || die
-
- default
-
- # Fix ld and objcopy being called directly
- tc-export AR LD OBJCOPY
-
- # Verbose builds
- MAKEOPTS+=" V=1"
-
- # Run after we've applied all patches.
- handle_locales
-}
-
-##
-# configures qemu based on the build directory and the build type
-# we are using.
-#
-qemu_src_configure() {
- debug-print-function ${FUNCNAME} "$@"
-
- local buildtype=$1
- local builddir="${S}/${buildtype}-build"
-
- mkdir "${builddir}"
-
- local conf_opts=(
- --prefix=/usr
- --sysconfdir=/etc
- --libdir=/usr/$(get_libdir)
- --docdir=/usr/share/doc/${PF}/html
- --disable-bsd-user
- --disable-guest-agent
- --disable-strip
- --disable-werror
- # We support gnutls/nettle for crypto operations. It is possible
- # to use gcrypt when gnutls/nettle are disabled (but not when they
- # are enabled), but it's not really worth the hassle. Disable it
- # all the time to avoid automatically detecting it. #568856
- --disable-gcrypt
- --python="${PYTHON}"
- --cc="$(tc-getCC)"
- --cxx="$(tc-getCXX)"
- --host-cc="$(tc-getBUILD_CC)"
- $(use_enable debug debug-info)
- $(use_enable debug debug-tcg)
- --enable-docs
- $(use_enable tci tcg-interpreter)
- $(use_enable xattr attr)
- )
-
- # Disable options not used by user targets. This simplifies building
- # static user targets (USE=static-user) considerably.
- conf_notuser() {
- if [[ ${buildtype} == "user" ]] ; then
- echo "--disable-${2:-$1}"
- else
- use_enable "$@"
- fi
- }
- conf_opts+=(
- $(conf_notuser accessibility brlapi)
- $(conf_notuser aio linux-aio)
- $(conf_notuser bzip2)
- $(conf_notuser bluetooth bluez)
- $(conf_notuser caps cap-ng)
- $(conf_notuser curl)
- $(conf_notuser fdt)
- $(conf_notuser glusterfs)
- $(conf_notuser gnutls)
- $(conf_notuser gnutls nettle)
- $(conf_notuser gtk)
- $(conf_notuser infiniband rdma)
- $(conf_notuser iscsi libiscsi)
- $(conf_notuser jpeg vnc-jpeg)
- $(conf_notuser kernel_linux kvm)
- $(conf_notuser lzo)
- $(conf_notuser ncurses curses)
- $(conf_notuser nfs libnfs)
- $(conf_notuser numa)
- $(conf_notuser opengl)
- $(conf_notuser png vnc-png)
- $(conf_notuser rbd)
- $(conf_notuser sasl vnc-sasl)
- $(conf_notuser sdl)
- $(conf_notuser seccomp)
- $(conf_notuser smartcard)
- $(conf_notuser snappy)
- $(conf_notuser spice)
- $(conf_notuser ssh libssh2)
- $(conf_notuser usb libusb)
- $(conf_notuser usbredir usb-redir)
- $(conf_notuser vde)
- $(conf_notuser vhost-net)
- $(conf_notuser virgl virglrenderer)
- $(conf_notuser virtfs)
- $(conf_notuser vnc)
- $(conf_notuser vte)
- $(conf_notuser xen)
- $(conf_notuser xen xen-pci-passthrough)
- $(conf_notuser xfs xfsctl)
- )
-
- if [[ ! ${buildtype} == "user" ]] ; then
- # audio options
- local audio_opts="oss"
- use alsa && audio_opts="alsa,${audio_opts}"
- use sdl && audio_opts="sdl,${audio_opts}"
- use pulseaudio && audio_opts="pa,${audio_opts}"
- conf_opts+=(
- --audio-drv-list="${audio_opts}"
- )
- use gtk && conf_opts+=( --with-gtkabi=$(usex gtk2 2.0 3.0) )
- use sdl && conf_opts+=( --with-sdlabi=$(usex sdl2 2.0 1.2) )
- fi
-
- case ${buildtype} in
- user)
- conf_opts+=(
- --enable-linux-user
- --disable-system
- --disable-blobs
- --disable-tools
- )
- local static_flag="static-user"
- ;;
- softmmu)
- conf_opts+=(
- --disable-linux-user
- --enable-system
- --disable-tools
- --with-system-pixman
- )
- local static_flag="static"
- ;;
- tools)
- conf_opts+=(
- --disable-linux-user
- --disable-system
- --disable-blobs
- --enable-tools
- )
- local static_flag="static"
- ;;
- esac
-
- local targets="${buildtype}_targets"
- [[ -n ${targets} ]] && conf_opts+=( --target-list="${!targets}" )
-
- # Add support for SystemTAP
- use systemtap && conf_opts+=( --enable-trace-backend=dtrace )
-
- # We always want to attempt to build with PIE support as it results
- # in a more secure binary. But it doesn't work with static or if
- # the current GCC doesn't have PIE support.
- if use ${static_flag}; then
- conf_opts+=( --static --disable-pie )
- else
- tc-enables-pie && conf_opts+=( --enable-pie )
- fi
-
- echo "../configure ${conf_opts[*]}"
- cd "${builddir}"
- ../configure "${conf_opts[@]}" || die "configure failed"
-
- # FreeBSD's kernel does not support QEMU assigning/grabbing
- # host USB devices yet
- use kernel_FreeBSD && \
- sed -i -E -e "s|^(HOST_USB=)bsd|\1stub|" "${S}"/config-host.mak
-}
-
-src_configure() {
- local target
-
- python_setup
-
- softmmu_targets= softmmu_bins=()
- user_targets= user_bins=()
-
- for target in ${IUSE_SOFTMMU_TARGETS} ; do
- if use "qemu_softmmu_targets_${target}"; then
- softmmu_targets+=",${target}-softmmu"
- softmmu_bins+=( "qemu-system-${target}" )
- fi
- done
-
- for target in ${IUSE_USER_TARGETS} ; do
- if use "qemu_user_targets_${target}"; then
- user_targets+=",${target}-linux-user"
- user_bins+=( "qemu-${target}" )
- fi
- done
-
- softmmu_targets=${softmmu_targets#,}
- user_targets=${user_targets#,}
-
- [[ -n ${softmmu_targets} ]] && qemu_src_configure "softmmu"
- [[ -n ${user_targets} ]] && qemu_src_configure "user"
- qemu_src_configure "tools"
-}
-
-src_compile() {
- if [[ -n ${user_targets} ]]; then
- cd "${S}/user-build"
- default
- fi
-
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- default
- fi
-
- cd "${S}/tools-build"
- default
-}
-
-src_test() {
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- pax-mark m */qemu-system-* #515550
- emake -j1 check
- emake -j1 check-report.html
- fi
-}
-
-qemu_python_install() {
- python_domodule "${S}/scripts/qmp/qmp.py"
-
- python_doscript "${S}/scripts/kvm/vmxcap"
- python_doscript "${S}/scripts/qmp/qmp-shell"
- python_doscript "${S}/scripts/qmp/qemu-ga-client"
-}
-
-# Generate binfmt support files.
-# - /etc/init.d/qemu-binfmt script which registers the user handlers (openrc)
-# - /usr/share/qemu/binfmt.d/qemu.conf (for use with systemd-binfmt)
-generate_initd() {
- local out="${T}/qemu-binfmt"
- local out_systemd="${T}/qemu.conf"
- local d="${T}/binfmt.d"
-
- einfo "Generating qemu binfmt scripts and configuration files"
-
- # Generate the debian fragments first.
- mkdir -p "${d}"
- "${S}"/scripts/qemu-binfmt-conf.sh \
- --debian \
- --exportdir "${d}" \
- --qemu-path "${EPREFIX}/usr/bin" \
- || die
- # Then turn the fragments into a shell script we can source.
- sed -E -i \
- -e 's:^([^ ]+) (.*)$:\1="\2":' \
- "${d}"/* || die
-
- # Generate the init.d script by assembling the fragments from above.
- local f qcpu package interpreter magic mask
- cat "${FILESDIR}"/qemu-binfmt.initd.head >"${out}" || die
- for f in "${d}"/qemu-* ; do
- source "${f}"
-
- # Normalize the cpu logic like we do in the init.d for the native cpu.
- qcpu=${package#qemu-}
- case ${qcpu} in
- arm*) qcpu="arm";;
- mips*) qcpu="mips";;
- ppc*) qcpu="ppc";;
- s390*) qcpu="s390";;
- sh*) qcpu="sh";;
- sparc*) qcpu="sparc";;
- esac
-
- cat <<EOF >>"${out}"
- if [ "\${cpu}" != "${qcpu}" -a -x "${interpreter}" ] ; then
- echo ':${package}:M::${magic}:${mask}:${interpreter}:'"\${QEMU_BINFMT_FLAGS}" >/proc/sys/fs/binfmt_misc/register
- fi
-EOF
-
- echo ":${package}:M::${magic}:${mask}:${interpreter}:OC" >>"${out_systemd}"
-
- done
- cat "${FILESDIR}"/qemu-binfmt.initd.tail >>"${out}" || die
-}
-
-src_install() {
- if [[ -n ${user_targets} ]]; then
- cd "${S}/user-build"
- emake DESTDIR="${ED}" install
-
- # Install binfmt handler init script for user targets.
- generate_initd
- doinitd "${T}/qemu-binfmt"
-
- # Install binfmt/qemu.conf.
- insinto "/usr/share/qemu/binfmt.d"
- doins "${T}/qemu.conf"
- fi
-
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- emake DESTDIR="${ED}" install
-
- # This might not exist if the test failed. #512010
- [[ -e check-report.html ]] && dohtml check-report.html
-
- if use kernel_linux; then
- udev_newrules "${FILESDIR}"/65-kvm.rules-r1 65-kvm.rules
- fi
-
- if use python; then
- python_foreach_impl qemu_python_install
- fi
- fi
-
- cd "${S}/tools-build"
- emake DESTDIR="${ED}" install
-
- # Disable mprotect on the qemu binaries as they use JITs to be fast #459348
- pushd "${ED}"/usr/bin >/dev/null
- pax-mark mr "${softmmu_bins[@]}" "${user_bins[@]}" # bug 575594
- popd >/dev/null
-
- # Install config file example for qemu-bridge-helper
- insinto "/etc/qemu"
- doins "${FILESDIR}/bridge.conf"
-
- cd "${S}"
- dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt
- newdoc pc-bios/README README.pc-bios
-
- if [[ -n ${softmmu_targets} ]]; then
- # Remove SeaBIOS since we're using the SeaBIOS packaged one
- rm "${ED}/usr/share/qemu/bios.bin"
- rm "${ED}/usr/share/qemu/bios-256k.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../seabios/bios.bin /usr/share/qemu/bios.bin
- dosym ../seabios/bios-256k.bin /usr/share/qemu/bios-256k.bin
- fi
-
- # Remove vgabios since we're using the seavgabios packaged one
- rm "${ED}/usr/share/qemu/vgabios.bin"
- rm "${ED}/usr/share/qemu/vgabios-cirrus.bin"
- rm "${ED}/usr/share/qemu/vgabios-qxl.bin"
- rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
- rm "${ED}/usr/share/qemu/vgabios-virtio.bin"
- rm "${ED}/usr/share/qemu/vgabios-vmware.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../seavgabios/vgabios-isavga.bin /usr/share/qemu/vgabios.bin
- dosym ../seavgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
- dosym ../seavgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
- dosym ../seavgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
- dosym ../seavgabios/vgabios-virtio.bin /usr/share/qemu/vgabios-virtio.bin
- dosym ../seavgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
- fi
-
- # Remove sgabios since we're using the sgabios packaged one
- rm "${ED}/usr/share/qemu/sgabios.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../sgabios/sgabios.bin /usr/share/qemu/sgabios.bin
- fi
-
- # Remove iPXE since we're using the iPXE packaged one
- rm "${ED}"/usr/share/qemu/pxe-*.rom
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../ipxe/8086100e.rom /usr/share/qemu/pxe-e1000.rom
- dosym ../ipxe/80861209.rom /usr/share/qemu/pxe-eepro100.rom
- dosym ../ipxe/10500940.rom /usr/share/qemu/pxe-ne2k_pci.rom
- dosym ../ipxe/10222000.rom /usr/share/qemu/pxe-pcnet.rom
- dosym ../ipxe/10ec8139.rom /usr/share/qemu/pxe-rtl8139.rom
- dosym ../ipxe/1af41000.rom /usr/share/qemu/pxe-virtio.rom
- fi
- fi
-
- DISABLE_AUTOFORMATTING=true
- readme.gentoo_create_doc
-}
-
-firmware_abi_change() {
- local pv
- for pv in ${REPLACING_VERSIONS}; do
- if ! version_is_at_least ${FIRMWARE_ABI_VERSION} ${pv}; then
- return 0
- fi
- done
- return 1
-}
-
-pkg_postinst() {
- if [[ -n ${softmmu_targets} ]] && use kernel_linux; then
- udev_reload
- fi
-
- fcaps cap_net_admin /usr/libexec/qemu-bridge-helper
-
- DISABLE_AUTOFORMATTING=true
- readme.gentoo_print_elog
-
- if use pin-upstream-blobs && firmware_abi_change; then
- ewarn "This version of qemu pins new versions of firmware blobs:"
- ewarn " $(best_version sys-firmware/edk2-ovmf)"
- ewarn " $(best_version sys-firmware/ipxe)"
- ewarn " $(best_version sys-firmware/seabios)"
- ewarn " $(best_version sys-firmware/sgabios)"
- ewarn "This might break resume of hibernated guests (started with a different"
- ewarn "firmware version) and live migration to/from qemu versions with different"
- ewarn "firmware. Please (cold) restart all running guests. For functional"
- ewarn "guest migration ensure that all"
- ewarn "hosts run at least"
- ewarn " app-emulation/qemu-${FIRMWARE_ABI_VERSION}."
- fi
-}
-
-pkg_info() {
- echo "Using:"
- echo " $(best_version app-emulation/spice-protocol)"
- echo " $(best_version sys-firmware/edk2-ovmf)"
- if has_version 'sys-firmware/edk2-ovmf[binary]'; then
- echo " USE=binary"
- else
- echo " USE=''"
- fi
- echo " $(best_version sys-firmware/ipxe)"
- echo " $(best_version sys-firmware/seabios)"
- if has_version 'sys-firmware/seabios[binary]'; then
- echo " USE=binary"
- else
- echo " USE=''"
- fi
- echo " $(best_version sys-firmware/sgabios)"
-}
diff --git a/app-emulation/qemu/qemu-2.10.1.ebuild b/app-emulation/qemu/qemu-2.10.1-r1.ebuild
similarity index 99%
rename from app-emulation/qemu/qemu-2.10.1.ebuild
rename to app-emulation/qemu/qemu-2.10.1-r1.ebuild
index b448f20..51da9cb 100644
--- a/app-emulation/qemu/qemu-2.10.1.ebuild
+++ b/app-emulation/qemu/qemu-2.10.1-r1.ebuild
@@ -292,7 +292,11 @@ pkg_pretend() {
ERROR_VHOST_NET+=" support"
if use amd64 || use x86 || use amd64-linux || use x86-linux; then
- CONFIG_CHECK+=" ~KVM_AMD ~KVM_INTEL"
+ if grep -q AuthenticAMD /proc/cpuinfo; then
+ CONFIG_CHECK+=" ~KVM_AMD"
+ elif grep -q GenuineIntel /proc/cpuinfo; then
+ CONFIG_CHECK+=" ~KVM_INTEL"
+ fi
fi
use python && CONFIG_CHECK+=" ~DEBUG_FS"
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/
@ 2018-03-18 21:47 Aric Belsito
0 siblings, 0 replies; 19+ messages in thread
From: Aric Belsito @ 2018-03-18 21:47 UTC (permalink / raw
To: gentoo-commits
commit: 63fe9bcb752c2b2e47636cd940b18e94bfb9e602
Author: Aric Belsito <lluixhi <AT> gmail <DOT> com>
AuthorDate: Sun Mar 18 21:45:22 2018 +0000
Commit: Aric Belsito <lluixhi <AT> gmail <DOT> com>
CommitDate: Sun Mar 18 21:45:22 2018 +0000
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=63fe9bcb
app-emulation/qemu: version bump to 2.11.1-r1/r51
app-emulation/qemu/Manifest | 2 +-
.../files/qemu-2.11.1-capstone_include_path.patch | 11 +++++++++++
.../{qemu-2.11.1.ebuild => qemu-2.11.1-r1.ebuild} | 5 ++++-
.../{qemu-2.11.1.ebuild => qemu-2.11.1-r51.ebuild} | 22 ++++++++++++----------
4 files changed, 28 insertions(+), 12 deletions(-)
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
index 218a778..64c94d4 100644
--- a/app-emulation/qemu/Manifest
+++ b/app-emulation/qemu/Manifest
@@ -1,4 +1,4 @@
DIST qemu-2.11.0-patches-r0.tar.xz 16140 BLAKE2B 2e23908075195a7c28df574525a159e171277a2da6d7c0656a341a2db6a622237106d2dd8de5c9d61b5fb62fa5a163e9657406a2996cebc05baa53d42c5f5d15 SHA512 f7d92c2232398565b8cde294d38dc281c13503fb5967cc7871a2233b7fa354799619445e9ec89c285ef051f62ecef0bd38a135b0093bf5528c0b28c6e580c839
DIST qemu-2.11.0.tar.bz2 32816398 BLAKE2B 2014a8246f3cba9069186629d9ec8c221672fcfd3e8cd28a7e57f467add81f7bd84363183ef5cc5d18af91bde9186a4da49c0133c8ead83eae4626b9fc364e99 SHA512 3681700833573c0aa6283af950bfa298970056f1b44489088d8863840a7694512138321f86961ef43b256abf15eddd2612fb9cdbe3d9a358542d4e7037cc2004
-DIST qemu-2.11.1-patches-r0.tar.xz 1640 BLAKE2B 8402a0bd086307413c3f088b7b2523adda5f370e3ce8e9ec39db905a5df495842cc2168b93b57e8516e98703ee1620e7cad77740529959a09a1d4224988829bc SHA512 2906f9497e61799da8efca0dac4a19addd3bf59770c742e3ed1600143b69397bbc4eecb2c1f64aef0e103447966d47ced1ec6908f78a793b8d06f99a0aa6dc4a
+DIST qemu-2.11.1-patches-r1.tar.xz 2064 BLAKE2B 533c916b01c014bcfa6c733b76aa6da1f12cdf5f0d4ae33136453705a8aca9fdfeef998747cfdc72d19e08fa40ea97e2fd4c21412c030af314605059282f49ef SHA512 12de7b4777ec98871d0786291534f61b37534feef64b556caeab72e020ff14d61fe19d24cb151ebfdb912df2a7ba72c0d882566b368d88d02c9f1354c2adae4a
DIST qemu-2.11.1.tar.bz2 32819412 BLAKE2B 6b6d4e7b8dcf33aeedb0b33bad267da07ad17c2eeeb5fbd2c038d760bc03224e55ba0f03eb248c62bc0e8636c2c660ea76b367eaea96bee16388053f82c8b8a9 SHA512 1b692bbdfc3dc785738c7192aa2a3f9cf53d9f5bf3b3f49fa8692050dc50f7056c8a4d1b527d48ffb2a674a0fd3a46d87addd1eaaa758f35eec1ab5adfe32354
diff --git a/app-emulation/qemu/files/qemu-2.11.1-capstone_include_path.patch b/app-emulation/qemu/files/qemu-2.11.1-capstone_include_path.patch
new file mode 100644
index 0000000..d79570e
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.11.1-capstone_include_path.patch
@@ -0,0 +1,11 @@
+--- qemu-2.11.1/include/disas/capstone.h 2018-02-14 22:53:22.000000000 +0100
++++ qemu-2.11.1/include/disas/capstone.h 2018-02-17 20:12:12.754703951 +0100
+@@ -3,7 +3,7 @@
+
+ #ifdef CONFIG_CAPSTONE
+
+-#include <capstone.h>
++#include <capstone/capstone.h>
+
+ #else
+
diff --git a/app-emulation/qemu/qemu-2.11.1.ebuild b/app-emulation/qemu/qemu-2.11.1-r1.ebuild
similarity index 99%
copy from app-emulation/qemu/qemu-2.11.1.ebuild
copy to app-emulation/qemu/qemu-2.11.1-r1.ebuild
index 3fae9ad..c35661e 100644
--- a/app-emulation/qemu/qemu-2.11.1.ebuild
+++ b/app-emulation/qemu/qemu-2.11.1-r1.ebuild
@@ -22,7 +22,7 @@ else
KEYWORDS="~amd64 ~ppc ~ppc64 ~x86"
# Gentoo specific patchsets:
- SRC_URI+=" https://dev.gentoo.org/~chutzpah/distfiles/${P}-patches-r0.tar.xz"
+ SRC_URI+=" https://dev.gentoo.org/~tamiko/distfiles/${P}-patches-r1.tar.xz"
fi
DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
@@ -536,6 +536,9 @@ qemu_src_configure() {
tc-enables-pie && conf_opts+=( --enable-pie )
fi
+ #bug #647570
+ conf_opts+=( --disable-capstone )
+
echo "../configure ${conf_opts[*]}"
cd "${builddir}"
../configure "${conf_opts[@]}" || die "configure failed"
diff --git a/app-emulation/qemu/qemu-2.11.1.ebuild b/app-emulation/qemu/qemu-2.11.1-r51.ebuild
similarity index 97%
rename from app-emulation/qemu/qemu-2.11.1.ebuild
rename to app-emulation/qemu/qemu-2.11.1-r51.ebuild
index 3fae9ad..f7a879a 100644
--- a/app-emulation/qemu/qemu-2.11.1.ebuild
+++ b/app-emulation/qemu/qemu-2.11.1-r51.ebuild
@@ -8,7 +8,7 @@ PYTHON_REQ_USE="ncurses,readline"
PLOCALES="bg de_DE fr_FR hu it tr zh_CN"
-FIRMWARE_ABI_VERSION="2.9.0-r52"
+FIRMWARE_ABI_VERSION="2.11.1-r50"
inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \
user udev fcaps readme.gentoo-r1 pax-utils l10n
@@ -22,7 +22,7 @@ else
KEYWORDS="~amd64 ~ppc ~ppc64 ~x86"
# Gentoo specific patchsets:
- SRC_URI+=" https://dev.gentoo.org/~chutzpah/distfiles/${P}-patches-r0.tar.xz"
+ SRC_URI+=" https://dev.gentoo.org/~tamiko/distfiles/${P}-patches-r1.tar.xz"
fi
DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
@@ -30,8 +30,8 @@ HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
LICENSE="GPL-2 LGPL-2 BSD-2"
SLOT="0"
-IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt
- glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux
+IUSE="accessibility +aio alsa bluetooth bzip2 capstone +caps +curl debug
+ +fdt glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux
kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png
pulseaudio python rbd sasl +seccomp sdl sdl2 selinux smartcard snappy
spice ssh static static-user systemtap tci test usb usbredir vde
@@ -70,7 +70,7 @@ REQUIRED_USE="${PYTHON_REQUIRED_USE}
#
# The attr lib isn't always linked in (although the USE flag is always
# respected). This is because qemu supports using the C library's API
-# when available rather than always using the extranl library.
+# when available rather than always using the external library.
ALL_DEPEND="
>=dev-libs/glib-2.0[static-libs(+)]
sys-libs/zlib[static-libs(+)]
@@ -156,10 +156,10 @@ SOFTMMU_TOOLS_DEPEND="
X86_FIRMWARE_DEPEND="
pin-upstream-blobs? (
- ~sys-firmware/edk2-ovmf-2017_pre20170505[binary]
- ~sys-firmware/ipxe-1.0.0_p20160620
- ~sys-firmware/seabios-1.10.2[binary,seavgabios]
- ~sys-firmware/sgabios-0.1_pre8
+ ~sys-firmware/edk2-ovmf-2017_p20180211[binary]
+ ~sys-firmware/ipxe-1.0.0_p20180211[binary]
+ ~sys-firmware/seabios-1.11.0[binary,seavgabios]
+ ~sys-firmware/sgabios-0.1_pre8[binary]
)
!pin-upstream-blobs? (
sys-firmware/edk2-ovmf
@@ -169,7 +169,7 @@ X86_FIRMWARE_DEPEND="
)"
PPC64_FIRMWARE_DEPEND="
pin-upstream-blobs? (
- ~sys-firmware/seabios-1.10.2[binary,seavgabios]
+ ~sys-firmware/seabios-1.11.0[binary,seavgabios]
)
!pin-upstream-blobs? (
>=sys-firmware/seabios-1.10.2[seavgabios]
@@ -214,6 +214,7 @@ PATCHES=(
"${FILESDIR}"/${PN}-2.5.0-cflags.patch
"${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
"${FILESDIR}"/${PN}-2.11.0-glibc-2.27.patch
+ "${FILESDIR}"/${PN}-2.11.1-capstone_include_path.patch
"${WORKDIR}"/patches
)
@@ -441,6 +442,7 @@ qemu_src_configure() {
$(conf_notuser aio linux-aio)
$(conf_notuser bzip2)
$(conf_notuser bluetooth bluez)
+ $(conf_notuser capstone)
$(conf_notuser caps cap-ng)
$(conf_notuser curl)
$(conf_notuser fdt)
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/
@ 2019-03-27 1:43 Anthony G. Basile
0 siblings, 0 replies; 19+ messages in thread
From: Anthony G. Basile @ 2019-03-27 1:43 UTC (permalink / raw
To: gentoo-commits
commit: f1f15dcbe3f28a5e54fd5e5f0b705dc9d127b2a6
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Wed Mar 27 01:42:51 2019 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Wed Mar 27 01:42:51 2019 +0000
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=f1f15dcb
app-emulation/qemu: very out of date, drop
Signed-off-by: Anthony G. Basile <blueness <AT> gentoo.org>
app-emulation/qemu/Manifest | 4 -
app-emulation/qemu/files/65-kvm.rules-r1 | 2 -
app-emulation/qemu/files/bridge.conf | 14 -
...signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch | 37 -
.../qemu/files/qemu-2.11.0-glibc-2.27.patch | 54 --
.../files/qemu-2.11.1-capstone_include_path.patch | 11 -
.../qemu/files/qemu-2.2.0-_sigev_un.patch | 12 -
app-emulation/qemu/files/qemu-2.5.0-cflags.patch | 13 -
.../qemu/files/qemu-2.5.0-sysmacros.patch | 15 -
.../files/qemu-2.8.0-F_SHLCK-and-F_EXLCK.patch | 16 -
app-emulation/qemu/files/qemu-binfmt.initd.head | 64 --
app-emulation/qemu/files/qemu-binfmt.initd.tail | 14 -
app-emulation/qemu/metadata.xml | 61 --
app-emulation/qemu/qemu-2.11.1-r2.ebuild | 811 --------------------
app-emulation/qemu/qemu-2.12.0-r3.ebuild | 823 ---------------------
15 files changed, 1951 deletions(-)
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
deleted file mode 100644
index c93f84b..0000000
--- a/app-emulation/qemu/Manifest
+++ /dev/null
@@ -1,4 +0,0 @@
-DIST qemu-2.11.1-patches-r1.tar.xz 2064 BLAKE2B 533c916b01c014bcfa6c733b76aa6da1f12cdf5f0d4ae33136453705a8aca9fdfeef998747cfdc72d19e08fa40ea97e2fd4c21412c030af314605059282f49ef SHA512 12de7b4777ec98871d0786291534f61b37534feef64b556caeab72e020ff14d61fe19d24cb151ebfdb912df2a7ba72c0d882566b368d88d02c9f1354c2adae4a
-DIST qemu-2.11.1.tar.bz2 32819412 BLAKE2B 6b6d4e7b8dcf33aeedb0b33bad267da07ad17c2eeeb5fbd2c038d760bc03224e55ba0f03eb248c62bc0e8636c2c660ea76b367eaea96bee16388053f82c8b8a9 SHA512 1b692bbdfc3dc785738c7192aa2a3f9cf53d9f5bf3b3f49fa8692050dc50f7056c8a4d1b527d48ffb2a674a0fd3a46d87addd1eaaa758f35eec1ab5adfe32354
-DIST qemu-2.12.0-patches-r4.tar.xz 5376 BLAKE2B 7abc107b7971798c039cb99546dced0807a1904064e8397d93ba35b7b2ea22bdccf0c4f5ff8233ea7932534bd7320b506eff1ff7bb969d67d2752a7d8f81fbea SHA512 71c03ef3d6f9021d775201330ed08ace0bc34c7c3c4632a30486d54872fa457f8256e055034bbe2efcd98d718a7d714f00710961b3819568678444db6b457d92
-DIST qemu-2.12.0.tar.bz2 41196232 BLAKE2B f258e570558249ea647c3571908f90b8bacdcef9a1814009b98571cf0e96406194d44aa041fd0a97c9b673f39a9eaae8d873824745509778a6784cd85f8398b0 SHA512 91d829f44c431e4c1cd335f3efea5afff9da62d832b0296a92417463ea0826d09ce226c2ea8ac167fe7b99b6bb976c7cb1357aaf17735ee57af6602161e46346
diff --git a/app-emulation/qemu/files/65-kvm.rules-r1 b/app-emulation/qemu/files/65-kvm.rules-r1
deleted file mode 100644
index ab3776a..0000000
--- a/app-emulation/qemu/files/65-kvm.rules-r1
+++ /dev/null
@@ -1,2 +0,0 @@
-KERNEL=="kvm", GROUP="kvm", MODE="0660"
-KERNEL=="vhost-net", GROUP="kvm", MODE="0660", OPTIONS+="static_node=vhost-net"
diff --git a/app-emulation/qemu/files/bridge.conf b/app-emulation/qemu/files/bridge.conf
deleted file mode 100644
index 2bde37e..0000000
--- a/app-emulation/qemu/files/bridge.conf
+++ /dev/null
@@ -1,14 +0,0 @@
-# This should have the following permissions: root:qemu 0640
-
-# allow br0
-# Uncommenting the above would allow users in the 'qemu' group
-# to add devices to 'br0'
-
-# allow virbr0
-# Uncommenting the above would allow users in the 'qemu' group
-# to add devices to 'virbr0'
-
-# include /etc/qemu/bob.conf
-# Uncommenting the above would allow users in the 'bob' group
-# to have permissions defined in it, iff it has the following
-# permissions: root:bob 0640
diff --git a/app-emulation/qemu/files/qemu-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch b/app-emulation/qemu/files/qemu-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
deleted file mode 100644
index 7ea1dba..0000000
--- a/app-emulation/qemu/files/qemu-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From 3e231fa7a2dc66e2ef06ac44f4f719b08fc0c67e Mon Sep 17 00:00:00 2001
-From: Natanael Copa <ncopa@alpinelinux.org>
-Date: Tue, 29 Apr 2014 15:51:31 +0200
-Subject: [PATCH 6/6] linux-user/signal.c: define __SIGRTMIN/MAX for non-GNU
- platforms
-
-The __SIGRTMIN and __SIGRTMAX are glibc internals and are not available
-on all platforms, so we define those if they are missing.
-
-This is needed for musl libc.
-
-Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
----
- linux-user/signal.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/linux-user/signal.c b/linux-user/signal.c
-index 7d6246f..6019dbb 100644
---- a/linux-user/signal.c
-+++ b/linux-user/signal.c
-@@ -32,6 +32,13 @@
-
- //#define DEBUG_SIGNAL
-
-+#ifndef __SIGRTMIN
-+#define __SIGRTMIN 32
-+#endif
-+#ifndef __SIGRTMAX
-+#define __SIGRTMAX (NSIG-1)
-+#endif
-+
- static struct target_sigaltstack target_sigaltstack_used = {
- .ss_sp = 0,
- .ss_size = 0,
---
-1.9.2
-
diff --git a/app-emulation/qemu/files/qemu-2.11.0-glibc-2.27.patch b/app-emulation/qemu/files/qemu-2.11.0-glibc-2.27.patch
deleted file mode 100644
index 1562bb3..0000000
--- a/app-emulation/qemu/files/qemu-2.11.0-glibc-2.27.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-From 75e5b70e6b5dcc4f2219992d7cffa462aa406af0 Mon Sep 17 00:00:00 2001
-From: Paolo Bonzini <pbonzini@redhat.com>
-Date: Tue, 28 Nov 2017 11:51:27 +0100
-Subject: [PATCH] memfd: fix configure test
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Recent glibc added memfd_create in sys/mman.h. This conflicts with
-the definition in util/memfd.c:
-
- /builddir/build/BUILD/qemu-2.11.0-rc1/util/memfd.c:40:12: error: static declaration of memfd_create follows non-static declaration
-
-Fix the configure test, and remove the sys/memfd.h inclusion since the
-file actually does not exist---it is a typo in the memfd_create(2) man
-page.
-
-Cc: Marc-André Lureau <marcandre.lureau@redhat.com>
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
----
- configure | 2 +-
- util/memfd.c | 4 +---
- 2 files changed, 2 insertions(+), 4 deletions(-)
-
-diff --git a/configure b/configure
-index 9c8aa5a98b..99ccc1725a 100755
---- a/configure
-+++ b/configure
-@@ -3923,7 +3923,7 @@ fi
- # check if memfd is supported
- memfd=no
- cat > $TMPC << EOF
--#include <sys/memfd.h>
-+#include <sys/mman.h>
-
- int main(void)
- {
-diff --git a/util/memfd.c b/util/memfd.c
-index 4571d1aba8..412e94a405 100644
---- a/util/memfd.c
-+++ b/util/memfd.c
-@@ -31,9 +31,7 @@
-
- #include "qemu/memfd.h"
-
--#ifdef CONFIG_MEMFD
--#include <sys/memfd.h>
--#elif defined CONFIG_LINUX
-+#if defined CONFIG_LINUX && !defined CONFIG_MEMFD
- #include <sys/syscall.h>
- #include <asm/unistd.h>
-
---
-2.11.0
diff --git a/app-emulation/qemu/files/qemu-2.11.1-capstone_include_path.patch b/app-emulation/qemu/files/qemu-2.11.1-capstone_include_path.patch
deleted file mode 100644
index d79570e..0000000
--- a/app-emulation/qemu/files/qemu-2.11.1-capstone_include_path.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- qemu-2.11.1/include/disas/capstone.h 2018-02-14 22:53:22.000000000 +0100
-+++ qemu-2.11.1/include/disas/capstone.h 2018-02-17 20:12:12.754703951 +0100
-@@ -3,7 +3,7 @@
-
- #ifdef CONFIG_CAPSTONE
-
--#include <capstone.h>
-+#include <capstone/capstone.h>
-
- #else
-
diff --git a/app-emulation/qemu/files/qemu-2.2.0-_sigev_un.patch b/app-emulation/qemu/files/qemu-2.2.0-_sigev_un.patch
deleted file mode 100644
index adccdcc..0000000
--- a/app-emulation/qemu/files/qemu-2.2.0-_sigev_un.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -ur qemu-2.2.0.orig/linux-user/syscall.c qemu-2.2.0/linux-user/syscall.c
---- qemu-2.2.0.orig/linux-user/syscall.c 2014-12-09 15:45:43.000000000 -0100
-+++ qemu-2.2.0/linux-user/syscall.c 2015-03-16 19:09:49.050386155 -0100
-@@ -5033,7 +5033,7 @@
- host_sevp->sigev_signo =
- target_to_host_signal(tswap32(target_sevp->sigev_signo));
- host_sevp->sigev_notify = tswap32(target_sevp->sigev_notify);
-- host_sevp->_sigev_un._tid = tswap32(target_sevp->_sigev_un._tid);
-+ ((int*)(&host_sevp->sigev_notify))[1] = tswap32(target_sevp->_sigev_un._tid);
-
- unlock_user_struct(target_sevp, target_addr, 1);
- return 0;
diff --git a/app-emulation/qemu/files/qemu-2.5.0-cflags.patch b/app-emulation/qemu/files/qemu-2.5.0-cflags.patch
deleted file mode 100644
index 173394f..0000000
--- a/app-emulation/qemu/files/qemu-2.5.0-cflags.patch
+++ /dev/null
@@ -1,13 +0,0 @@
---- a/configure
-+++ b/configure
-@@ -4468,10 +4468,6 @@ fi
- if test "$gcov" = "yes" ; then
- CFLAGS="-fprofile-arcs -ftest-coverage -g $CFLAGS"
- LDFLAGS="-fprofile-arcs -ftest-coverage $LDFLAGS"
--elif test "$fortify_source" = "yes" ; then
-- CFLAGS="-O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 $CFLAGS"
--elif test "$debug" = "no"; then
-- CFLAGS="-O2 $CFLAGS"
- fi
-
- ##########################################
diff --git a/app-emulation/qemu/files/qemu-2.5.0-sysmacros.patch b/app-emulation/qemu/files/qemu-2.5.0-sysmacros.patch
deleted file mode 100644
index f2e766d..0000000
--- a/app-emulation/qemu/files/qemu-2.5.0-sysmacros.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-Linux C libs are moving away from implicit header pollution with sys/types.h
-
---- a/include/qemu/osdep.h
-+++ b/include/qemu/osdep.h
-@@ -78,6 +78,10 @@ extern int daemon(int, int);
- #include <assert.h>
- #include <signal.h>
-
-+#ifdef __linux__
-+#include <sys/sysmacros.h>
-+#endif
-+
- #ifdef __OpenBSD__
- #include <sys/signal.h>
- #endif
diff --git a/app-emulation/qemu/files/qemu-2.8.0-F_SHLCK-and-F_EXLCK.patch b/app-emulation/qemu/files/qemu-2.8.0-F_SHLCK-and-F_EXLCK.patch
deleted file mode 100644
index ccfb582..0000000
--- a/app-emulation/qemu/files/qemu-2.8.0-F_SHLCK-and-F_EXLCK.patch
+++ /dev/null
@@ -1,16 +0,0 @@
-diff -Naur qemu-2.8.0.orig/linux-user/syscall.c qemu-2.8.0/linux-user/syscall.c
---- qemu-2.8.0.orig/linux-user/syscall.c 2016-12-20 12:16:48.000000000 -0800
-+++ qemu-2.8.0/linux-user/syscall.c 2017-01-03 14:11:45.195429181 -0800
-@@ -117,6 +117,12 @@
- #ifndef CLONE_IO
- #define CLONE_IO 0x80000000 /* Clone io context */
- #endif
-+#ifndef F_SHLCK
-+#define F_SHLCK 8
-+#endif
-+#ifndef F_EXLCK
-+#define F_EXLCK 4
-+#endif
-
- /* We can't directly call the host clone syscall, because this will
- * badly confuse libc (breaking mutexes, for example). So we must
diff --git a/app-emulation/qemu/files/qemu-binfmt.initd.head b/app-emulation/qemu/files/qemu-binfmt.initd.head
deleted file mode 100644
index 858d5d7..0000000
--- a/app-emulation/qemu/files/qemu-binfmt.initd.head
+++ /dev/null
@@ -1,64 +0,0 @@
-#!/sbin/openrc-run
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-# Enable automatic non-native program execution by the kernel.
-
-# Defaulting to OC should be safe because it comes down to:
-# - do we trust the interp itself to not be malicious? yes; we built it.
-# - do we trust the programs we're running? ish; same permission as native
-# binaries apply. so if user can do bad stuff natively, cross isn't worse.
-: ${QEMU_BINFMT_FLAGS:=OC}
-
-depend() {
- after procfs
-}
-
-start() {
- ebegin "Registering qemu-user binaries (flags: ${QEMU_BINFMT_FLAGS})"
-
- if [ ! -d /proc/sys/fs/binfmt_misc ] ; then
- modprobe -q binfmt_misc
- fi
-
- if [ ! -d /proc/sys/fs/binfmt_misc ] ; then
- eend 1 "You need support for 'misc binaries' in your kernel!"
- return
- fi
-
- if [ ! -f /proc/sys/fs/binfmt_misc/register ] ; then
- mount -t binfmt_misc -o nodev,noexec,nosuid \
- binfmt_misc /proc/sys/fs/binfmt_misc >/dev/null 2>&1
- eend $? || return
- fi
-
- # Probe the native cpu type so we don't try registering them.
- local cpu="$(uname -m)"
- case "${cpu}" in
- armv[4-9]*)
- cpu="arm"
- ;;
- i386|i486|i586|i686|i86pc|BePC|x86_64)
- cpu="i386"
- ;;
- m68k)
- cpu="m68k"
- ;;
- mips*)
- cpu="mips"
- ;;
- "Power Macintosh"|ppc|ppc64)
- cpu="ppc"
- ;;
- s390*)
- cpu="s390"
- ;;
- sh*)
- cpu="sh"
- ;;
- sparc*)
- cpu="sparc"
- ;;
- esac
-
- # Register the interpreter for each cpu except for the native one.
diff --git a/app-emulation/qemu/files/qemu-binfmt.initd.tail b/app-emulation/qemu/files/qemu-binfmt.initd.tail
deleted file mode 100644
index 7679481..0000000
--- a/app-emulation/qemu/files/qemu-binfmt.initd.tail
+++ /dev/null
@@ -1,14 +0,0 @@
- eend 0
-}
-
-stop() {
- # We unregister everything in the "qemu-xxx" namespace.
- ebegin "Unregistering qemu-user binaries"
- local f
- for f in /proc/sys/fs/binfmt_misc/qemu-* ; do
- if [ -f "${f}" ] ; then
- echo '-1' > "${f}"
- fi
- done
- eend 0
-}
diff --git a/app-emulation/qemu/metadata.xml b/app-emulation/qemu/metadata.xml
deleted file mode 100644
index 680e203..0000000
--- a/app-emulation/qemu/metadata.xml
+++ /dev/null
@@ -1,61 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
-<pkgmetadata>
- <maintainer type="person">
- <email>tamiko@gentoo.org</email>
- <name>Matthias Maier</name>
- </maintainer>
- <maintainer type="project">
- <email>virtualization@gentoo.org</email>
- <name>Gentoo Virtualization Project</name>
- </maintainer>
- <use>
- <flag name="accessibility">Adds support for braille displays using brltty</flag>
- <flag name="aio">Enables support for Linux's Async IO</flag>
- <flag name="alsa">Enable alsa output for sound emulation</flag>
- <flag name="capstone">Enable disassembly support with <pkg>dev-libs/capstone</pkg></flag>
- <flag name="curl">Support ISOs / -cdrom directives vis HTTP or HTTPS.</flag>
- <flag name="fdt">Enables firmware device tree support</flag>
- <flag name="glusterfs">Enables GlusterFS cluster fileystem via
- <pkg>sys-cluster/glusterfs</pkg></flag>
- <flag name="gnutls">Enable TLS support for the VNC console server.
- For 1.4 and newer this also enables WebSocket support.
- For 2.0 through 2.3 also enables disk quorum support.</flag>
- <flag name="gtk2">Use gtk-2 instead of gtk-3</flag>
- <flag name="iscsi">Enable direct iSCSI support via
- <pkg>net-libs/libiscsi</pkg> instead of indirectly via the Linux
- block layer that <pkg>sys-block/open-iscsi</pkg> does.</flag>
- <flag name="ncurses">Enable the ncurses-based console</flag>
- <flag name="nfs">Enable NFS support</flag>
- <flag name="numa">Enable NUMA support</flag>
- <flag name="pin-upstream-blobs">Pin the versions of BIOS firmware to the version included in the upstream release.
- This is needed to sanely support migration/suspend/resume/snapshotting/etc... of instances.
- When the blobs are different, random corruption/bugs/crashes/etc... may be observed.</flag>
- <flag name="pulseaudio">Enable pulseaudio output for sound emulation</flag>
- <flag name="rbd">Enable rados block device backend support, see http://ceph.newdream.net/wiki/QEMU-RBD</flag>
- <flag name="sdl">Enable the SDL-based console</flag>
- <flag name="sdl2">Use libsdl2 instead of libsdl</flag>
- <flag name="spice">Enable Spice protocol support via <pkg>app-emulation/spice</pkg></flag>
- <flag name="ssh">Enable SSH based block device support via <pkg>net-libs/libssh2</pkg></flag>
- <flag name="static-user">Build the User targets as static binaries</flag>
- <flag name="static">Build the User and Software MMU (system) targets as well as tools as static binaries</flag>
- <flag name="snappy">Enable support for snappy compression</flag>
- <flag name="systemtap">Enable SystemTAP/DTrace tracing</flag>
- <flag name="tci">Enable the TCG Interpreter which can speed up or slowdown workloads depending on the host and guest CPUs being emulated. In the future it will be a runtime option but for now its compile time.</flag>
- <flag name="jpeg">Enable jpeg image support for the VNC console server</flag>
- <flag name="png">Enable png image support for the VNC console server</flag>
- <flag name="usb">Enable USB passthrough via <pkg>dev-libs/libusb</pkg></flag>
- <flag name="usbredir">Use <pkg>sys-apps/usbredir</pkg> to redirect USB devices to another machine over TCP</flag>
- <flag name="vde">Enable VDE-based networking</flag>
- <flag name="vhost-net">Enable accelerated networking using vhost-net, see http://www.linux-kvm.org/page/VhostNet</flag>
- <flag name="virgl">Enable experimental Virgil 3d (virtual software GPU)</flag>
- <flag name="virtfs">Enable VirtFS via virtio-9p-pci / fsdev. See http://wiki.qemu.org/Documentation/9psetup</flag>
- <flag name="vte">Enable terminal support (<pkg>x11-libs/vte</pkg>) in the GTK+ interface</flag>
- <flag name="xattr">Add support for getting and setting POSIX extended attributes, through
- <pkg>sys-apps/attr</pkg>. Requisite for the virtfs backend.
- </flag>
- <flag name="xen">Enables support for Xen backends</flag>
- <flag name="xfs">Support xfsctl() notification and syncing for XFS backed
- virtual disks.</flag>
- </use>
-</pkgmetadata>
diff --git a/app-emulation/qemu/qemu-2.11.1-r2.ebuild b/app-emulation/qemu/qemu-2.11.1-r2.ebuild
deleted file mode 100644
index ac42356..0000000
--- a/app-emulation/qemu/qemu-2.11.1-r2.ebuild
+++ /dev/null
@@ -1,811 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="6"
-
-PYTHON_COMPAT=( python2_7 )
-PYTHON_REQ_USE="ncurses,readline"
-
-PLOCALES="bg de_DE fr_FR hu it tr zh_CN"
-
-FIRMWARE_ABI_VERSION="2.9.0-r52"
-
-inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \
- user udev fcaps readme.gentoo-r1 pax-utils l10n
-
-if [[ ${PV} = *9999* ]]; then
- EGIT_REPO_URI="git://git.qemu.org/qemu.git"
- inherit git-r3
- SRC_URI=""
-else
- SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
- KEYWORDS="amd64 ~ppc ~ppc64 x86"
-
- # Gentoo specific patchsets:
- SRC_URI+=" https://dev.gentoo.org/~tamiko/distfiles/${P}-patches-r1.tar.xz"
-fi
-
-DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
-HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
-
-LICENSE="GPL-2 LGPL-2 BSD-2"
-SLOT="0"
-IUSE="accessibility +aio alsa bluetooth bzip2 +caps +curl debug +fdt
- glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux
- kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png
- pulseaudio python rbd sasl +seccomp sdl sdl2 selinux smartcard snappy
- spice ssh static static-user systemtap tci test usb usbredir vde
- +vhost-net virgl virtfs +vnc vte xattr xen xfs"
-
-COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel
- mips mips64 mips64el mipsel nios2 or1k ppc ppc64 s390x sh4 sh4eb sparc
- sparc64 x86_64"
-IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS}
- lm32 moxie ppcemb tricore unicore32 xtensa xtensaeb"
-IUSE_USER_TARGETS="${COMMON_TARGETS}
- armeb hppa mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus tilegx"
-
-use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
-use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS})
-IUSE+=" ${use_softmmu_targets} ${use_user_targets}"
-
-# Allow no targets to be built so that people can get a tools-only build.
-# Block USE flag configurations known to not work.
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- gtk2? ( gtk )
- qemu_softmmu_targets_arm? ( fdt )
- qemu_softmmu_targets_microblaze? ( fdt )
- qemu_softmmu_targets_mips64el? ( fdt )
- qemu_softmmu_targets_ppc? ( fdt )
- qemu_softmmu_targets_ppc64? ( fdt )
- sdl2? ( sdl )
- static? ( static-user !alsa !bluetooth !gtk !gtk2 !opengl !pulseaudio !snappy )
- virtfs? ( xattr )
- vte? ( gtk )"
-
-# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
-# and user/softmmu targets (qemu-*, qemu-system-*).
-#
-# Yep, you need both libcap and libcap-ng since virtfs only uses libcap.
-#
-# The attr lib isn't always linked in (although the USE flag is always
-# respected). This is because qemu supports using the C library's API
-# when available rather than always using the extranl library.
-ALL_DEPEND="
- >=dev-libs/glib-2.0[static-libs(+)]
- sys-libs/zlib[static-libs(+)]
- python? ( ${PYTHON_DEPS} )
- systemtap? ( dev-util/systemtap )
- xattr? ( sys-apps/attr[static-libs(+)] )"
-
-# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
-# softmmu targets (qemu-system-*).
-SOFTMMU_TOOLS_DEPEND="
- >=x11-libs/pixman-0.28.0[static-libs(+)]
- accessibility? (
- app-accessibility/brltty[api]
- app-accessibility/brltty[static-libs(+)]
- )
- aio? ( dev-libs/libaio[static-libs(+)] )
- alsa? ( >=media-libs/alsa-lib-1.0.13 )
- bluetooth? ( net-wireless/bluez )
- bzip2? ( app-arch/bzip2[static-libs(+)] )
- caps? ( sys-libs/libcap-ng[static-libs(+)] )
- curl? ( >=net-misc/curl-7.15.4[static-libs(+)] )
- fdt? ( >=sys-apps/dtc-1.4.2[static-libs(+)] )
- glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] )
- gnutls? (
- dev-libs/nettle:=[static-libs(+)]
- >=net-libs/gnutls-3.0:=[static-libs(+)]
- )
- gtk? (
- gtk2? (
- x11-libs/gtk+:2
- vte? ( x11-libs/vte:0 )
- )
- !gtk2? (
- x11-libs/gtk+:3
- vte? ( x11-libs/vte:2.91 )
- )
- )
- infiniband? ( sys-fabric/librdmacm:=[static-libs(+)] )
- iscsi? ( net-libs/libiscsi )
- jpeg? ( virtual/jpeg:0=[static-libs(+)] )
- lzo? ( dev-libs/lzo:2[static-libs(+)] )
- ncurses? (
- sys-libs/ncurses:0=[unicode]
- sys-libs/ncurses:0=[static-libs(+)]
- )
- nfs? ( >=net-fs/libnfs-1.9.3:=[static-libs(+)] )
- numa? ( sys-process/numactl[static-libs(+)] )
- opengl? (
- virtual/opengl
- media-libs/libepoxy[static-libs(+)]
- media-libs/mesa[static-libs(+)]
- media-libs/mesa[egl,gbm]
- )
- png? ( media-libs/libpng:0=[static-libs(+)] )
- pulseaudio? ( media-sound/pulseaudio )
- rbd? ( sys-cluster/ceph[static-libs(+)] )
- sasl? ( dev-libs/cyrus-sasl[static-libs(+)] )
- sdl? (
- !sdl2? (
- media-libs/libsdl[X]
- >=media-libs/libsdl-1.2.11[static-libs(+)]
- )
- sdl2? (
- media-libs/libsdl2[X]
- media-libs/libsdl2[static-libs(+)]
- )
- )
- seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] )
- smartcard? ( >=app-emulation/libcacard-2.5.0[static-libs(+)] )
- snappy? ( app-arch/snappy:= )
- spice? (
- >=app-emulation/spice-protocol-0.12.3
- >=app-emulation/spice-0.12.0[static-libs(+)]
- )
- ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] )
- usb? ( >=virtual/libusb-1-r2[static-libs(+)] )
- usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] )
- vde? ( net-misc/vde[static-libs(+)] )
- virgl? ( media-libs/virglrenderer[static-libs(+)] )
- virtfs? ( sys-libs/libcap )
- xen? ( app-emulation/xen-tools:= )
- xfs? ( sys-fs/xfsprogs[static-libs(+)] )"
-
-X86_FIRMWARE_DEPEND="
- pin-upstream-blobs? (
- ~sys-firmware/edk2-ovmf-2017_pre20170505[binary]
- ~sys-firmware/ipxe-1.0.0_p20160620
- ~sys-firmware/seabios-1.10.2[binary,seavgabios]
- ~sys-firmware/sgabios-0.1_pre8
- )
- !pin-upstream-blobs? (
- sys-firmware/edk2-ovmf
- sys-firmware/ipxe
- >=sys-firmware/seabios-1.10.2[seavgabios]
- sys-firmware/sgabios
- )"
-PPC64_FIRMWARE_DEPEND="
- pin-upstream-blobs? (
- ~sys-firmware/seabios-1.10.2[binary,seavgabios]
- )
- !pin-upstream-blobs? (
- >=sys-firmware/seabios-1.10.2[seavgabios]
- )
-"
-
-CDEPEND="
- !static? (
- ${ALL_DEPEND//\[static-libs(+)]}
- ${SOFTMMU_TOOLS_DEPEND//\[static-libs(+)]}
- )
- qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} )
- qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )
- qemu_softmmu_targets_ppc64? ( ${PPC64_FIRMWARE_DEPEND} )
-"
-DEPEND="${CDEPEND}
- dev-lang/perl
- =dev-lang/python-2*
- sys-apps/texinfo
- virtual/pkgconfig
- kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 )
- gtk? ( nls? ( sys-devel/gettext ) )
- static? (
- ${ALL_DEPEND}
- ${SOFTMMU_TOOLS_DEPEND}
- )
- static-user? ( ${ALL_DEPEND} )
- test? (
- dev-libs/glib[utils]
- sys-devel/bc
- )"
-RDEPEND="${CDEPEND}
- selinux? ( sec-policy/selinux-qemu )"
-
-PATCHES=(
- # musl patches
- "${FILESDIR}"/${PN}-2.8.0-F_SHLCK-and-F_EXLCK.patch
- "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
- "${FILESDIR}"/${PN}-2.2.0-_sigev_un.patch
-
- # gentoo patches
- "${FILESDIR}"/${PN}-2.5.0-cflags.patch
- "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
- "${FILESDIR}"/${PN}-2.11.0-glibc-2.27.patch
- "${WORKDIR}"/patches
-)
-
-STRIP_MASK="/usr/share/qemu/palcode-clipper"
-
-QA_PREBUILT="
- usr/share/qemu/openbios-ppc
- usr/share/qemu/openbios-sparc64
- usr/share/qemu/openbios-sparc32
- usr/share/qemu/palcode-clipper
- usr/share/qemu/s390-ccw.img
- usr/share/qemu/s390-netboot.img
- usr/share/qemu/u-boot.e500"
-
-QA_WX_LOAD="usr/bin/qemu-i386
- usr/bin/qemu-x86_64
- usr/bin/qemu-alpha
- usr/bin/qemu-arm
- usr/bin/qemu-cris
- usr/bin/qemu-m68k
- usr/bin/qemu-microblaze
- usr/bin/qemu-microblazeel
- usr/bin/qemu-mips
- usr/bin/qemu-mipsel
- usr/bin/qemu-or1k
- usr/bin/qemu-ppc
- usr/bin/qemu-ppc64
- usr/bin/qemu-ppc64abi32
- usr/bin/qemu-sh4
- usr/bin/qemu-sh4eb
- usr/bin/qemu-sparc
- usr/bin/qemu-sparc64
- usr/bin/qemu-armeb
- usr/bin/qemu-sparc32plus
- usr/bin/qemu-s390x
- usr/bin/qemu-unicore32"
-
-DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure you have the
-kernel module loaded before running kvm. The easiest way to ensure that the
-kernel module is loaded is to load it on boot.
- For AMD CPUs the module is called 'kvm-amd'.
- For Intel CPUs the module is called 'kvm-intel'.
-Please review /etc/conf.d/modules for how to load these.
-
-Make sure your user is in the 'kvm' group. Just run
- $ gpasswd -a <USER> kvm
-then have <USER> re-login.
-
-For brand new installs, the default permissions on /dev/kvm might not let
-you access it. You can tell udev to reset ownership/perms:
- $ udevadm trigger -c add /dev/kvm
-
-If you want to register binfmt handlers for qemu user targets:
-For openrc:
- # rc-update add qemu-binfmt
-For systemd:
- # ln -s /usr/share/qemu/binfmt.d/qemu.conf /etc/binfmt.d/qemu.conf"
-
-pkg_pretend() {
- if use kernel_linux && kernel_is lt 2 6 25; then
- eerror "This version of KVM requres a host kernel of 2.6.25 or higher."
- elif use kernel_linux; then
- if ! linux_config_exists; then
- eerror "Unable to check your kernel for KVM support"
- else
- CONFIG_CHECK="~KVM ~TUN ~BRIDGE"
- ERROR_KVM="You must enable KVM in your kernel to continue"
- ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in"
- ERROR_KVM_AMD+=" your kernel configuration."
- ERROR_KVM_INTEL="If you have an Intel CPU, you must enable"
- ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration."
- ERROR_TUN="You will need the Universal TUN/TAP driver compiled"
- ERROR_TUN+=" into your kernel or loaded as a module to use the"
- ERROR_TUN+=" virtual network device if using -net tap."
- ERROR_BRIDGE="You will also need support for 802.1d"
- ERROR_BRIDGE+=" Ethernet Bridging for some network configurations."
- use vhost-net && CONFIG_CHECK+=" ~VHOST_NET"
- ERROR_VHOST_NET="You must enable VHOST_NET to have vhost-net"
- ERROR_VHOST_NET+=" support"
-
- if use amd64 || use x86 || use amd64-linux || use x86-linux; then
- if grep -q AuthenticAMD /proc/cpuinfo; then
- CONFIG_CHECK+=" ~KVM_AMD"
- elif grep -q GenuineIntel /proc/cpuinfo; then
- CONFIG_CHECK+=" ~KVM_INTEL"
- fi
- fi
-
- use python && CONFIG_CHECK+=" ~DEBUG_FS"
- ERROR_DEBUG_FS="debugFS support required for kvm_stat"
-
- # Now do the actual checks setup above
- check_extra_config
- fi
- fi
-
- if grep -qs '/usr/bin/qemu-kvm' "${EROOT}"/etc/libvirt/qemu/*.xml; then
- eerror "The kvm/qemu-kvm wrappers no longer exist, but your libvirt"
- eerror "instances are still pointing to it. Please update your"
- eerror "configs in /etc/libvirt/qemu/ to use the -enable-kvm flag"
- eerror "and the right system binary (e.g. qemu-system-x86_64)."
- die "update your virt configs to not use qemu-kvm"
- fi
-}
-
-pkg_setup() {
- enewgroup kvm 78
-}
-
-# Sanity check to make sure target lists are kept up-to-date.
-check_targets() {
- local var=$1 mak=$2
- local detected sorted
-
- pushd "${S}"/default-configs >/dev/null || die
-
- # Force C locale until glibc is updated. #564936
- detected=$(echo $(printf '%s\n' *-${mak}.mak | sed "s:-${mak}.mak::" | LC_COLLATE=C sort -u))
- sorted=$(echo $(printf '%s\n' ${!var} | LC_COLLATE=C sort -u))
- if [[ ${sorted} != "${detected}" ]] ; then
- eerror "The ebuild needs to be kept in sync."
- eerror "${var}: ${sorted}"
- eerror "$(printf '%-*s' ${#var} configure): ${detected}"
- die "sync ${var} to the list of targets"
- fi
-
- popd >/dev/null
-}
-
-handle_locales() {
- # Make sure locale list is kept up-to-date.
- local detected sorted
- detected=$(echo $(cd po && printf '%s\n' *.po | grep -v messages.po | sed 's:.po$::' | sort -u))
- sorted=$(echo $(printf '%s\n' ${PLOCALES} | sort -u))
- if [[ ${sorted} != "${detected}" ]] ; then
- eerror "The ebuild needs to be kept in sync."
- eerror "PLOCALES: ${sorted}"
- eerror " po/*.po: ${detected}"
- die "sync PLOCALES"
- fi
-
- # Deal with selective install of locales.
- if use nls ; then
- # Delete locales the user does not want. #577814
- rm_loc() { rm po/$1.po || die; }
- l10n_for_each_disabled_locale_do rm_loc
- else
- # Cheap hack to disable gettext .mo generation.
- rm -f po/*.po
- fi
-}
-
-src_prepare() {
- check_targets IUSE_SOFTMMU_TARGETS softmmu
- check_targets IUSE_USER_TARGETS linux-user
-
- # Alter target makefiles to accept CFLAGS set via flag-o
- sed -i -r \
- -e 's/^(C|OP_C|HELPER_C)FLAGS=/\1FLAGS+=/' \
- Makefile Makefile.target || die
-
- default
-
- # Fix ld and objcopy being called directly
- tc-export AR LD OBJCOPY
-
- # Verbose builds
- MAKEOPTS+=" V=1"
-
- # Run after we've applied all patches.
- handle_locales
-
- # Remove bundled copy of libfdt
- rm -r dtc || die
-}
-
-##
-# configures qemu based on the build directory and the build type
-# we are using.
-#
-qemu_src_configure() {
- debug-print-function ${FUNCNAME} "$@"
-
- local buildtype=$1
- local builddir="${S}/${buildtype}-build"
-
- mkdir "${builddir}"
-
- local conf_opts=(
- --prefix=/usr
- --sysconfdir=/etc
- --libdir=/usr/$(get_libdir)
- --docdir=/usr/share/doc/${PF}/html
- --disable-bsd-user
- --disable-guest-agent
- --disable-strip
- --disable-werror
- # We support gnutls/nettle for crypto operations. It is possible
- # to use gcrypt when gnutls/nettle are disabled (but not when they
- # are enabled), but it's not really worth the hassle. Disable it
- # all the time to avoid automatically detecting it. #568856
- --disable-gcrypt
- --python="${PYTHON}"
- --cc="$(tc-getCC)"
- --cxx="$(tc-getCXX)"
- --host-cc="$(tc-getBUILD_CC)"
- $(use_enable debug debug-info)
- $(use_enable debug debug-tcg)
- --enable-docs
- $(use_enable tci tcg-interpreter)
- $(use_enable xattr attr)
- )
-
- # Disable options not used by user targets. This simplifies building
- # static user targets (USE=static-user) considerably.
- conf_notuser() {
- if [[ ${buildtype} == "user" ]] ; then
- echo "--disable-${2:-$1}"
- else
- use_enable "$@"
- fi
- }
- conf_opts+=(
- $(conf_notuser accessibility brlapi)
- $(conf_notuser aio linux-aio)
- $(conf_notuser bzip2)
- $(conf_notuser bluetooth bluez)
- $(conf_notuser caps cap-ng)
- $(conf_notuser curl)
- $(conf_notuser fdt)
- $(conf_notuser glusterfs)
- $(conf_notuser gnutls)
- $(conf_notuser gnutls nettle)
- $(conf_notuser gtk)
- $(conf_notuser infiniband rdma)
- $(conf_notuser iscsi libiscsi)
- $(conf_notuser jpeg vnc-jpeg)
- $(conf_notuser kernel_linux kvm)
- $(conf_notuser lzo)
- $(conf_notuser ncurses curses)
- $(conf_notuser nfs libnfs)
- $(conf_notuser numa)
- $(conf_notuser opengl)
- $(conf_notuser png vnc-png)
- $(conf_notuser rbd)
- $(conf_notuser sasl vnc-sasl)
- $(conf_notuser sdl)
- $(conf_notuser seccomp)
- $(conf_notuser smartcard)
- $(conf_notuser snappy)
- $(conf_notuser spice)
- $(conf_notuser ssh libssh2)
- $(conf_notuser usb libusb)
- $(conf_notuser usbredir usb-redir)
- $(conf_notuser vde)
- $(conf_notuser vhost-net)
- $(conf_notuser virgl virglrenderer)
- $(conf_notuser virtfs)
- $(conf_notuser vnc)
- $(conf_notuser vte)
- $(conf_notuser xen)
- $(conf_notuser xen xen-pci-passthrough)
- $(conf_notuser xfs xfsctl)
- )
-
- if [[ ! ${buildtype} == "user" ]] ; then
- # audio options
- local audio_opts="oss"
- use alsa && audio_opts="alsa,${audio_opts}"
- use sdl && audio_opts="sdl,${audio_opts}"
- use pulseaudio && audio_opts="pa,${audio_opts}"
- conf_opts+=(
- --audio-drv-list="${audio_opts}"
- )
- use gtk && conf_opts+=( --with-gtkabi=$(usex gtk2 2.0 3.0) )
- use sdl && conf_opts+=( --with-sdlabi=$(usex sdl2 2.0 1.2) )
- fi
-
- case ${buildtype} in
- user)
- conf_opts+=(
- --enable-linux-user
- --disable-system
- --disable-blobs
- --disable-tools
- )
- local static_flag="static-user"
- ;;
- softmmu)
- conf_opts+=(
- --disable-linux-user
- --enable-system
- --disable-tools
- )
- local static_flag="static"
- ;;
- tools)
- conf_opts+=(
- --disable-linux-user
- --disable-system
- --disable-blobs
- --enable-tools
- )
- local static_flag="static"
- ;;
- esac
-
- local targets="${buildtype}_targets"
- [[ -n ${targets} ]] && conf_opts+=( --target-list="${!targets}" )
-
- # Add support for SystemTAP
- use systemtap && conf_opts+=( --enable-trace-backend=dtrace )
-
- # We always want to attempt to build with PIE support as it results
- # in a more secure binary. But it doesn't work with static or if
- # the current GCC doesn't have PIE support.
- if use ${static_flag}; then
- conf_opts+=( --static --disable-pie )
- else
- tc-enables-pie && conf_opts+=( --enable-pie )
- fi
-
- #bug #647570
- conf_opts+=( --disable-capstone )
-
- echo "../configure ${conf_opts[*]}"
- cd "${builddir}"
- ../configure "${conf_opts[@]}" || die "configure failed"
-
- # FreeBSD's kernel does not support QEMU assigning/grabbing
- # host USB devices yet
- use kernel_FreeBSD && \
- sed -i -E -e "s|^(HOST_USB=)bsd|\1stub|" "${S}"/config-host.mak
-}
-
-src_configure() {
- local target
-
- python_setup
-
- softmmu_targets= softmmu_bins=()
- user_targets= user_bins=()
-
- for target in ${IUSE_SOFTMMU_TARGETS} ; do
- if use "qemu_softmmu_targets_${target}"; then
- softmmu_targets+=",${target}-softmmu"
- softmmu_bins+=( "qemu-system-${target}" )
- fi
- done
-
- for target in ${IUSE_USER_TARGETS} ; do
- if use "qemu_user_targets_${target}"; then
- user_targets+=",${target}-linux-user"
- user_bins+=( "qemu-${target}" )
- fi
- done
-
- softmmu_targets=${softmmu_targets#,}
- user_targets=${user_targets#,}
-
- [[ -n ${softmmu_targets} ]] && qemu_src_configure "softmmu"
- [[ -n ${user_targets} ]] && qemu_src_configure "user"
- qemu_src_configure "tools"
-}
-
-src_compile() {
- if [[ -n ${user_targets} ]]; then
- cd "${S}/user-build"
- default
- fi
-
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- default
- fi
-
- cd "${S}/tools-build"
- default
-}
-
-src_test() {
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- pax-mark m */qemu-system-* #515550
- emake -j1 check
- emake -j1 check-report.html
- fi
-}
-
-qemu_python_install() {
- python_domodule "${S}/scripts/qmp/qmp.py"
-
- python_doscript "${S}/scripts/kvm/vmxcap"
- python_doscript "${S}/scripts/qmp/qmp-shell"
- python_doscript "${S}/scripts/qmp/qemu-ga-client"
-}
-
-# Generate binfmt support files.
-# - /etc/init.d/qemu-binfmt script which registers the user handlers (openrc)
-# - /usr/share/qemu/binfmt.d/qemu.conf (for use with systemd-binfmt)
-generate_initd() {
- local out="${T}/qemu-binfmt"
- local out_systemd="${T}/qemu.conf"
- local d="${T}/binfmt.d"
-
- einfo "Generating qemu binfmt scripts and configuration files"
-
- # Generate the debian fragments first.
- mkdir -p "${d}"
- "${S}"/scripts/qemu-binfmt-conf.sh \
- --debian \
- --exportdir "${d}" \
- --qemu-path "${EPREFIX}/usr/bin" \
- || die
- # Then turn the fragments into a shell script we can source.
- sed -E -i \
- -e 's:^([^ ]+) (.*)$:\1="\2":' \
- "${d}"/* || die
-
- # Generate the init.d script by assembling the fragments from above.
- local f qcpu package interpreter magic mask
- cat "${FILESDIR}"/qemu-binfmt.initd.head >"${out}" || die
- for f in "${d}"/qemu-* ; do
- source "${f}"
-
- # Normalize the cpu logic like we do in the init.d for the native cpu.
- qcpu=${package#qemu-}
- case ${qcpu} in
- arm*) qcpu="arm";;
- mips*) qcpu="mips";;
- ppc*) qcpu="ppc";;
- s390*) qcpu="s390";;
- sh*) qcpu="sh";;
- sparc*) qcpu="sparc";;
- esac
-
- cat <<EOF >>"${out}"
- if [ "\${cpu}" != "${qcpu}" -a -x "${interpreter}" ] ; then
- echo ':${package}:M::${magic}:${mask}:${interpreter}:'"\${QEMU_BINFMT_FLAGS}" >/proc/sys/fs/binfmt_misc/register
- fi
-EOF
-
- echo ":${package}:M::${magic}:${mask}:${interpreter}:OC" >>"${out_systemd}"
-
- done
- cat "${FILESDIR}"/qemu-binfmt.initd.tail >>"${out}" || die
-}
-
-src_install() {
- if [[ -n ${user_targets} ]]; then
- cd "${S}/user-build"
- emake DESTDIR="${ED}" install
-
- # Install binfmt handler init script for user targets.
- generate_initd
- doinitd "${T}/qemu-binfmt"
-
- # Install binfmt/qemu.conf.
- insinto "/usr/share/qemu/binfmt.d"
- doins "${T}/qemu.conf"
- fi
-
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- emake DESTDIR="${ED}" install
-
- # This might not exist if the test failed. #512010
- [[ -e check-report.html ]] && dohtml check-report.html
-
- if use kernel_linux; then
- udev_newrules "${FILESDIR}"/65-kvm.rules-r1 65-kvm.rules
- fi
-
- if use python; then
- python_foreach_impl qemu_python_install
- fi
- fi
-
- cd "${S}/tools-build"
- emake DESTDIR="${ED}" install
-
- # Disable mprotect on the qemu binaries as they use JITs to be fast #459348
- pushd "${ED}"/usr/bin >/dev/null
- pax-mark mr "${softmmu_bins[@]}" "${user_bins[@]}" # bug 575594
- popd >/dev/null
-
- # Install config file example for qemu-bridge-helper
- insinto "/etc/qemu"
- doins "${FILESDIR}/bridge.conf"
-
- cd "${S}"
- dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt
- newdoc pc-bios/README README.pc-bios
-
- if [[ -n ${softmmu_targets} ]]; then
- # Remove SeaBIOS since we're using the SeaBIOS packaged one
- rm "${ED}/usr/share/qemu/bios.bin"
- rm "${ED}/usr/share/qemu/bios-256k.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../seabios/bios.bin /usr/share/qemu/bios.bin
- dosym ../seabios/bios-256k.bin /usr/share/qemu/bios-256k.bin
- fi
-
- # Remove vgabios since we're using the seavgabios packaged one
- rm "${ED}/usr/share/qemu/vgabios.bin"
- rm "${ED}/usr/share/qemu/vgabios-cirrus.bin"
- rm "${ED}/usr/share/qemu/vgabios-qxl.bin"
- rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
- rm "${ED}/usr/share/qemu/vgabios-virtio.bin"
- rm "${ED}/usr/share/qemu/vgabios-vmware.bin"
- # PPC64 loads vgabios-stdvga
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386 || use qemu_softmmu_targets_ppc64; then
- dosym ../seavgabios/vgabios-isavga.bin /usr/share/qemu/vgabios.bin
- dosym ../seavgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
- dosym ../seavgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
- dosym ../seavgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
- dosym ../seavgabios/vgabios-virtio.bin /usr/share/qemu/vgabios-virtio.bin
- dosym ../seavgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
- fi
-
- # Remove sgabios since we're using the sgabios packaged one
- rm "${ED}/usr/share/qemu/sgabios.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../sgabios/sgabios.bin /usr/share/qemu/sgabios.bin
- fi
-
- # Remove iPXE since we're using the iPXE packaged one
- rm "${ED}"/usr/share/qemu/pxe-*.rom
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../ipxe/8086100e.rom /usr/share/qemu/pxe-e1000.rom
- dosym ../ipxe/80861209.rom /usr/share/qemu/pxe-eepro100.rom
- dosym ../ipxe/10500940.rom /usr/share/qemu/pxe-ne2k_pci.rom
- dosym ../ipxe/10222000.rom /usr/share/qemu/pxe-pcnet.rom
- dosym ../ipxe/10ec8139.rom /usr/share/qemu/pxe-rtl8139.rom
- dosym ../ipxe/1af41000.rom /usr/share/qemu/pxe-virtio.rom
- fi
- fi
-
- DISABLE_AUTOFORMATTING=true
- readme.gentoo_create_doc
-}
-
-firmware_abi_change() {
- local pv
- for pv in ${REPLACING_VERSIONS}; do
- if ! version_is_at_least ${FIRMWARE_ABI_VERSION} ${pv}; then
- return 0
- fi
- done
- return 1
-}
-
-pkg_postinst() {
- if [[ -n ${softmmu_targets} ]] && use kernel_linux; then
- udev_reload
- fi
-
- fcaps cap_net_admin /usr/libexec/qemu-bridge-helper
-
- DISABLE_AUTOFORMATTING=true
- readme.gentoo_print_elog
-
- if use pin-upstream-blobs && firmware_abi_change; then
- ewarn "This version of qemu pins new versions of firmware blobs:"
- ewarn " $(best_version sys-firmware/edk2-ovmf)"
- ewarn " $(best_version sys-firmware/ipxe)"
- ewarn " $(best_version sys-firmware/seabios)"
- ewarn " $(best_version sys-firmware/sgabios)"
- ewarn "This might break resume of hibernated guests (started with a different"
- ewarn "firmware version) and live migration to/from qemu versions with different"
- ewarn "firmware. Please (cold) restart all running guests. For functional"
- ewarn "guest migration ensure that all"
- ewarn "hosts run at least"
- ewarn " app-emulation/qemu-${FIRMWARE_ABI_VERSION}."
- fi
-}
-
-pkg_info() {
- echo "Using:"
- echo " $(best_version app-emulation/spice-protocol)"
- echo " $(best_version sys-firmware/edk2-ovmf)"
- if has_version 'sys-firmware/edk2-ovmf[binary]'; then
- echo " USE=binary"
- else
- echo " USE=''"
- fi
- echo " $(best_version sys-firmware/ipxe)"
- echo " $(best_version sys-firmware/seabios)"
- if has_version 'sys-firmware/seabios[binary]'; then
- echo " USE=binary"
- else
- echo " USE=''"
- fi
- echo " $(best_version sys-firmware/sgabios)"
-}
diff --git a/app-emulation/qemu/qemu-2.12.0-r3.ebuild b/app-emulation/qemu/qemu-2.12.0-r3.ebuild
deleted file mode 100644
index 661a04e..0000000
--- a/app-emulation/qemu/qemu-2.12.0-r3.ebuild
+++ /dev/null
@@ -1,823 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="6"
-
-PYTHON_COMPAT=( python{2_7,3_4,3_5,3_6} )
-PYTHON_REQ_USE="ncurses,readline"
-
-PLOCALES="bg de_DE fr_FR hu it tr zh_CN"
-
-FIRMWARE_ABI_VERSION="2.11.1-r50"
-
-inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \
- user udev fcaps readme.gentoo-r1 pax-utils l10n
-
-if [[ ${PV} = *9999* ]]; then
- EGIT_REPO_URI="git://git.qemu.org/qemu.git"
- inherit git-r3
- SRC_URI=""
-else
- SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.bz2"
- KEYWORDS="~amd64 ~ppc ~ppc64 ~x86"
-
- # Gentoo specific patchsets:
- SRC_URI+=" https://dev.gentoo.org/~tamiko/distfiles/${P}-patches-r4.tar.xz"
-fi
-
-DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
-HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
-
-LICENSE="GPL-2 LGPL-2 BSD-2"
-SLOT="0"
-IUSE="accessibility +aio alsa bluetooth bzip2 capstone +caps +curl debug
- +fdt glusterfs gnutls gtk gtk2 infiniband iscsi +jpeg kernel_linux
- kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png
- pulseaudio python rbd sasl +seccomp sdl sdl2 selinux smartcard snappy
- spice ssh static static-user systemtap tci test usb usbredir vde
- +vhost-net virgl virtfs +vnc vte xattr xen xfs"
-
-COMMON_TARGETS="aarch64 alpha arm cris hppa i386 m68k microblaze microblazeel
- mips mips64 mips64el mipsel nios2 or1k ppc ppc64 riscv32 riscv64 s390x
- sh4 sh4eb sparc sparc64 x86_64 xtensa xtensaeb"
-IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS}
- lm32 moxie ppcemb tricore unicore32"
-IUSE_USER_TARGETS="${COMMON_TARGETS}
- aarch64_be armeb mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus
- tilegx"
-
-use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
-use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS})
-IUSE+=" ${use_softmmu_targets} ${use_user_targets}"
-
-# Allow no targets to be built so that people can get a tools-only build.
-# Block USE flag configurations known to not work.
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- gtk2? ( gtk )
- qemu_softmmu_targets_arm? ( fdt )
- qemu_softmmu_targets_microblaze? ( fdt )
- qemu_softmmu_targets_mips64el? ( fdt )
- qemu_softmmu_targets_ppc? ( fdt )
- qemu_softmmu_targets_ppc64? ( fdt )
- sdl2? ( sdl )
- static? ( static-user !alsa !bluetooth !gtk !gtk2 !opengl !pulseaudio !snappy )
- virtfs? ( xattr )
- vte? ( gtk )"
-
-# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
-# and user/softmmu targets (qemu-*, qemu-system-*).
-#
-# Yep, you need both libcap and libcap-ng since virtfs only uses libcap.
-#
-# The attr lib isn't always linked in (although the USE flag is always
-# respected). This is because qemu supports using the C library's API
-# when available rather than always using the external library.
-ALL_DEPEND="
- >=dev-libs/glib-2.0[static-libs(+)]
- sys-libs/zlib[static-libs(+)]
- python? ( ${PYTHON_DEPS} )
- systemtap? ( dev-util/systemtap )
- xattr? ( sys-apps/attr[static-libs(+)] )"
-
-# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
-# softmmu targets (qemu-system-*).
-SOFTMMU_TOOLS_DEPEND="
- dev-libs/libxml2[static-libs(+)]
- x11-libs/libxkbcommon[static-libs(+)]
- >=x11-libs/pixman-0.28.0[static-libs(+)]
- accessibility? (
- app-accessibility/brltty[api]
- app-accessibility/brltty[static-libs(+)]
- )
- aio? ( dev-libs/libaio[static-libs(+)] )
- alsa? ( >=media-libs/alsa-lib-1.0.13 )
- bluetooth? ( net-wireless/bluez )
- bzip2? ( app-arch/bzip2[static-libs(+)] )
- capstone? ( dev-libs/capstone )
- caps? ( sys-libs/libcap-ng[static-libs(+)] )
- curl? ( >=net-misc/curl-7.15.4[static-libs(+)] )
- fdt? ( >=sys-apps/dtc-1.4.2[static-libs(+)] )
- glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] )
- gnutls? (
- dev-libs/nettle:=[static-libs(+)]
- >=net-libs/gnutls-3.0:=[static-libs(+)]
- )
- gtk? (
- gtk2? (
- x11-libs/gtk+:2
- vte? ( x11-libs/vte:0 )
- )
- !gtk2? (
- x11-libs/gtk+:3
- vte? ( x11-libs/vte:2.91 )
- )
- )
- infiniband? (
- sys-fabric/libibumad:=[static-libs(+)]
- sys-fabric/libibverbs:=[static-libs(+)]
- sys-fabric/librdmacm:=[static-libs(+)]
- )
- iscsi? ( net-libs/libiscsi )
- jpeg? ( virtual/jpeg:0=[static-libs(+)] )
- lzo? ( dev-libs/lzo:2[static-libs(+)] )
- ncurses? (
- sys-libs/ncurses:0=[unicode]
- sys-libs/ncurses:0=[static-libs(+)]
- )
- nfs? ( >=net-fs/libnfs-1.9.3:=[static-libs(+)] )
- numa? ( sys-process/numactl[static-libs(+)] )
- opengl? (
- virtual/opengl
- media-libs/libepoxy[static-libs(+)]
- media-libs/mesa[static-libs(+)]
- media-libs/mesa[egl,gbm]
- )
- png? ( media-libs/libpng:0=[static-libs(+)] )
- pulseaudio? ( media-sound/pulseaudio )
- rbd? ( sys-cluster/ceph[static-libs(+)] )
- sasl? ( dev-libs/cyrus-sasl[static-libs(+)] )
- sdl? (
- !sdl2? (
- media-libs/libsdl[X]
- >=media-libs/libsdl-1.2.11[static-libs(+)]
- )
- sdl2? (
- media-libs/libsdl2[X]
- media-libs/libsdl2[static-libs(+)]
- )
- )
- seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] )
- smartcard? ( >=app-emulation/libcacard-2.5.0[static-libs(+)] )
- snappy? ( app-arch/snappy:= )
- spice? (
- >=app-emulation/spice-protocol-0.12.3
- >=app-emulation/spice-0.12.0[static-libs(+)]
- )
- ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] )
- usb? ( >=virtual/libusb-1-r2[static-libs(+)] )
- usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] )
- vde? ( net-misc/vde[static-libs(+)] )
- virgl? ( media-libs/virglrenderer[static-libs(+)] )
- virtfs? ( sys-libs/libcap )
- xen? ( app-emulation/xen-tools:= )
- xfs? ( sys-fs/xfsprogs[static-libs(+)] )"
-
-X86_FIRMWARE_DEPEND="
- pin-upstream-blobs? (
- ~sys-firmware/edk2-ovmf-2017_p20180211[binary]
- ~sys-firmware/ipxe-1.0.0_p20180211[binary]
- ~sys-firmware/seabios-1.11.0[binary,seavgabios]
- ~sys-firmware/sgabios-0.1_pre8[binary]
- )
- !pin-upstream-blobs? (
- sys-firmware/edk2-ovmf
- sys-firmware/ipxe
- >=sys-firmware/seabios-1.10.2[seavgabios]
- sys-firmware/sgabios
- )"
-PPC64_FIRMWARE_DEPEND="
- pin-upstream-blobs? (
- ~sys-firmware/seabios-1.11.0[binary,seavgabios]
- )
- !pin-upstream-blobs? (
- >=sys-firmware/seabios-1.10.2[seavgabios]
- )
-"
-
-CDEPEND="
- !static? (
- ${ALL_DEPEND//\[static-libs(+)]}
- ${SOFTMMU_TOOLS_DEPEND//\[static-libs(+)]}
- )
- qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} )
- qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )
- qemu_softmmu_targets_ppc64? ( ${PPC64_FIRMWARE_DEPEND} )
-"
-DEPEND="${CDEPEND}
- dev-lang/perl
- =dev-lang/python-2*
- sys-apps/texinfo
- virtual/pkgconfig
- kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 )
- gtk? ( nls? ( sys-devel/gettext ) )
- static? (
- ${ALL_DEPEND}
- ${SOFTMMU_TOOLS_DEPEND}
- )
- static-user? ( ${ALL_DEPEND} )
- test? (
- dev-libs/glib[utils]
- sys-devel/bc
- )"
-RDEPEND="${CDEPEND}
- selinux? ( sec-policy/selinux-qemu )"
-
-PATCHES=(
- # musl patches
- "${FILESDIR}"/${PN}-2.8.0-F_SHLCK-and-F_EXLCK.patch
- "${FILESDIR}"/${PN}-2.0.0-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
- "${FILESDIR}"/${PN}-2.2.0-_sigev_un.patch
-
- # gentoo patches
- "${FILESDIR}"/${PN}-2.5.0-cflags.patch
- "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
- "${FILESDIR}"/${PN}-2.11.1-capstone_include_path.patch
- "${WORKDIR}"/patches
-)
-
-STRIP_MASK="/usr/share/qemu/palcode-clipper"
-
-QA_PREBUILT="
- usr/share/qemu/openbios-ppc
- usr/share/qemu/openbios-sparc64
- usr/share/qemu/openbios-sparc32
- usr/share/qemu/palcode-clipper
- usr/share/qemu/s390-ccw.img
- usr/share/qemu/s390-netboot.img
- usr/share/qemu/u-boot.e500"
-
-QA_WX_LOAD="usr/bin/qemu-i386
- usr/bin/qemu-x86_64
- usr/bin/qemu-alpha
- usr/bin/qemu-arm
- usr/bin/qemu-cris
- usr/bin/qemu-m68k
- usr/bin/qemu-microblaze
- usr/bin/qemu-microblazeel
- usr/bin/qemu-mips
- usr/bin/qemu-mipsel
- usr/bin/qemu-or1k
- usr/bin/qemu-ppc
- usr/bin/qemu-ppc64
- usr/bin/qemu-ppc64abi32
- usr/bin/qemu-sh4
- usr/bin/qemu-sh4eb
- usr/bin/qemu-sparc
- usr/bin/qemu-sparc64
- usr/bin/qemu-armeb
- usr/bin/qemu-sparc32plus
- usr/bin/qemu-s390x
- usr/bin/qemu-unicore32"
-
-DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure you have the
-kernel module loaded before running kvm. The easiest way to ensure that the
-kernel module is loaded is to load it on boot.
- For AMD CPUs the module is called 'kvm-amd'.
- For Intel CPUs the module is called 'kvm-intel'.
-Please review /etc/conf.d/modules for how to load these.
-
-Make sure your user is in the 'kvm' group. Just run
- $ gpasswd -a <USER> kvm
-then have <USER> re-login.
-
-For brand new installs, the default permissions on /dev/kvm might not let
-you access it. You can tell udev to reset ownership/perms:
- $ udevadm trigger -c add /dev/kvm
-
-If you want to register binfmt handlers for qemu user targets:
-For openrc:
- # rc-update add qemu-binfmt
-For systemd:
- # ln -s /usr/share/qemu/binfmt.d/qemu.conf /etc/binfmt.d/qemu.conf"
-
-pkg_pretend() {
- if use kernel_linux && kernel_is lt 2 6 25; then
- eerror "This version of KVM requres a host kernel of 2.6.25 or higher."
- elif use kernel_linux; then
- if ! linux_config_exists; then
- eerror "Unable to check your kernel for KVM support"
- else
- CONFIG_CHECK="~KVM ~TUN ~BRIDGE"
- ERROR_KVM="You must enable KVM in your kernel to continue"
- ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in"
- ERROR_KVM_AMD+=" your kernel configuration."
- ERROR_KVM_INTEL="If you have an Intel CPU, you must enable"
- ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration."
- ERROR_TUN="You will need the Universal TUN/TAP driver compiled"
- ERROR_TUN+=" into your kernel or loaded as a module to use the"
- ERROR_TUN+=" virtual network device if using -net tap."
- ERROR_BRIDGE="You will also need support for 802.1d"
- ERROR_BRIDGE+=" Ethernet Bridging for some network configurations."
- use vhost-net && CONFIG_CHECK+=" ~VHOST_NET"
- ERROR_VHOST_NET="You must enable VHOST_NET to have vhost-net"
- ERROR_VHOST_NET+=" support"
-
- if use amd64 || use x86 || use amd64-linux || use x86-linux; then
- if grep -q AuthenticAMD /proc/cpuinfo; then
- CONFIG_CHECK+=" ~KVM_AMD"
- elif grep -q GenuineIntel /proc/cpuinfo; then
- CONFIG_CHECK+=" ~KVM_INTEL"
- fi
- fi
-
- use python && CONFIG_CHECK+=" ~DEBUG_FS"
- ERROR_DEBUG_FS="debugFS support required for kvm_stat"
-
- # Now do the actual checks setup above
- check_extra_config
- fi
- fi
-
- if grep -qs '/usr/bin/qemu-kvm' "${EROOT}"/etc/libvirt/qemu/*.xml; then
- eerror "The kvm/qemu-kvm wrappers no longer exist, but your libvirt"
- eerror "instances are still pointing to it. Please update your"
- eerror "configs in /etc/libvirt/qemu/ to use the -enable-kvm flag"
- eerror "and the right system binary (e.g. qemu-system-x86_64)."
- die "update your virt configs to not use qemu-kvm"
- fi
-}
-
-pkg_setup() {
- enewgroup kvm 78
-}
-
-# Sanity check to make sure target lists are kept up-to-date.
-check_targets() {
- local var=$1 mak=$2
- local detected sorted
-
- pushd "${S}"/default-configs >/dev/null || die
-
- # Force C locale until glibc is updated. #564936
- detected=$(echo $(printf '%s\n' *-${mak}.mak | sed "s:-${mak}.mak::" | LC_COLLATE=C sort -u))
- sorted=$(echo $(printf '%s\n' ${!var} | LC_COLLATE=C sort -u))
- if [[ ${sorted} != "${detected}" ]] ; then
- eerror "The ebuild needs to be kept in sync."
- eerror "${var}: ${sorted}"
- eerror "$(printf '%-*s' ${#var} configure): ${detected}"
- die "sync ${var} to the list of targets"
- fi
-
- popd >/dev/null
-}
-
-handle_locales() {
- # Make sure locale list is kept up-to-date.
- local detected sorted
- detected=$(echo $(cd po && printf '%s\n' *.po | grep -v messages.po | sed 's:.po$::' | sort -u))
- sorted=$(echo $(printf '%s\n' ${PLOCALES} | sort -u))
- if [[ ${sorted} != "${detected}" ]] ; then
- eerror "The ebuild needs to be kept in sync."
- eerror "PLOCALES: ${sorted}"
- eerror " po/*.po: ${detected}"
- die "sync PLOCALES"
- fi
-
- # Deal with selective install of locales.
- if use nls ; then
- # Delete locales the user does not want. #577814
- rm_loc() { rm po/$1.po || die; }
- l10n_for_each_disabled_locale_do rm_loc
- else
- # Cheap hack to disable gettext .mo generation.
- rm -f po/*.po
- fi
-}
-
-src_prepare() {
- check_targets IUSE_SOFTMMU_TARGETS softmmu
- check_targets IUSE_USER_TARGETS linux-user
-
- # Alter target makefiles to accept CFLAGS set via flag-o
- sed -i -r \
- -e 's/^(C|OP_C|HELPER_C)FLAGS=/\1FLAGS+=/' \
- Makefile Makefile.target || die
-
- default
-
- # Fix ld and objcopy being called directly
- tc-export AR LD OBJCOPY
-
- # Verbose builds
- MAKEOPTS+=" V=1"
-
- # Run after we've applied all patches.
- handle_locales
-
- # Remove bundled copy of libfdt
- rm -r dtc || die
-}
-
-##
-# configures qemu based on the build directory and the build type
-# we are using.
-#
-qemu_src_configure() {
- debug-print-function ${FUNCNAME} "$@"
-
- local buildtype=$1
- local builddir="${S}/${buildtype}-build"
-
- mkdir "${builddir}"
-
- local conf_opts=(
- --prefix=/usr
- --sysconfdir=/etc
- --libdir=/usr/$(get_libdir)
- --docdir=/usr/share/doc/${PF}/html
- --disable-bsd-user
- --disable-guest-agent
- --disable-strip
- --disable-werror
- # We support gnutls/nettle for crypto operations. It is possible
- # to use gcrypt when gnutls/nettle are disabled (but not when they
- # are enabled), but it's not really worth the hassle. Disable it
- # all the time to avoid automatically detecting it. #568856
- --disable-gcrypt
- --python="${PYTHON}"
- --cc="$(tc-getCC)"
- --cxx="$(tc-getCXX)"
- --host-cc="$(tc-getBUILD_CC)"
- $(use_enable debug debug-info)
- $(use_enable debug debug-tcg)
- --enable-docs
- $(use_enable tci tcg-interpreter)
- $(use_enable xattr attr)
- )
-
- # Disable options not used by user targets. This simplifies building
- # static user targets (USE=static-user) considerably.
- conf_notuser() {
- if [[ ${buildtype} == "user" ]] ; then
- echo "--disable-${2:-$1}"
- else
- use_enable "$@"
- fi
- }
- conf_opts+=(
- $(conf_notuser accessibility brlapi)
- $(conf_notuser aio linux-aio)
- $(conf_notuser bzip2)
- $(conf_notuser bluetooth bluez)
- $(conf_notuser capstone)
- $(conf_notuser caps cap-ng)
- $(conf_notuser curl)
- $(conf_notuser fdt)
- $(conf_notuser glusterfs)
- $(conf_notuser gnutls)
- $(conf_notuser gnutls nettle)
- $(conf_notuser gtk)
- $(conf_notuser infiniband rdma)
- $(conf_notuser iscsi libiscsi)
- $(conf_notuser jpeg vnc-jpeg)
- $(conf_notuser kernel_linux kvm)
- $(conf_notuser lzo)
- $(conf_notuser ncurses curses)
- $(conf_notuser nfs libnfs)
- $(conf_notuser numa)
- $(conf_notuser opengl)
- $(conf_notuser png vnc-png)
- $(conf_notuser rbd)
- $(conf_notuser sasl vnc-sasl)
- $(conf_notuser sdl)
- $(conf_notuser seccomp)
- $(conf_notuser smartcard)
- $(conf_notuser snappy)
- $(conf_notuser spice)
- $(conf_notuser ssh libssh2)
- $(conf_notuser usb libusb)
- $(conf_notuser usbredir usb-redir)
- $(conf_notuser vde)
- $(conf_notuser vhost-net)
- $(conf_notuser virgl virglrenderer)
- $(conf_notuser virtfs)
- $(conf_notuser vnc)
- $(conf_notuser vte)
- $(conf_notuser xen)
- $(conf_notuser xen xen-pci-passthrough)
- $(conf_notuser xfs xfsctl)
- )
-
- if [[ ${buildtype} == "user" ]] ; then
- conf_opts+=( --disable-libxml2 )
- else
- conf_opts+=( --enable-libxml2 )
- fi
-
- if [[ ! ${buildtype} == "user" ]] ; then
- # audio options
- local audio_opts="oss"
- use alsa && audio_opts="alsa,${audio_opts}"
- use sdl && audio_opts="sdl,${audio_opts}"
- use pulseaudio && audio_opts="pa,${audio_opts}"
- conf_opts+=(
- --audio-drv-list="${audio_opts}"
- )
- use gtk && conf_opts+=( --with-gtkabi=$(usex gtk2 2.0 3.0) )
- use sdl && conf_opts+=( --with-sdlabi=$(usex sdl2 2.0 1.2) )
- fi
-
- case ${buildtype} in
- user)
- conf_opts+=(
- --enable-linux-user
- --disable-system
- --disable-blobs
- --disable-tools
- )
- local static_flag="static-user"
- ;;
- softmmu)
- conf_opts+=(
- --disable-linux-user
- --enable-system
- --disable-tools
- )
- local static_flag="static"
- ;;
- tools)
- conf_opts+=(
- --disable-linux-user
- --disable-system
- --disable-blobs
- --enable-tools
- )
- local static_flag="static"
- ;;
- esac
-
- local targets="${buildtype}_targets"
- [[ -n ${targets} ]] && conf_opts+=( --target-list="${!targets}" )
-
- # Add support for SystemTAP
- use systemtap && conf_opts+=( --enable-trace-backend=dtrace )
-
- # We always want to attempt to build with PIE support as it results
- # in a more secure binary. But it doesn't work with static or if
- # the current GCC doesn't have PIE support.
- if use ${static_flag}; then
- conf_opts+=( --static --disable-pie )
- else
- tc-enables-pie && conf_opts+=( --enable-pie )
- fi
-
- echo "../configure ${conf_opts[*]}"
- cd "${builddir}"
- ../configure "${conf_opts[@]}" || die "configure failed"
-
- # FreeBSD's kernel does not support QEMU assigning/grabbing
- # host USB devices yet
- use kernel_FreeBSD && \
- sed -i -E -e "s|^(HOST_USB=)bsd|\1stub|" "${S}"/config-host.mak
-}
-
-src_configure() {
- local target
-
- python_setup
-
- softmmu_targets= softmmu_bins=()
- user_targets= user_bins=()
-
- for target in ${IUSE_SOFTMMU_TARGETS} ; do
- if use "qemu_softmmu_targets_${target}"; then
- softmmu_targets+=",${target}-softmmu"
- softmmu_bins+=( "qemu-system-${target}" )
- fi
- done
-
- for target in ${IUSE_USER_TARGETS} ; do
- if use "qemu_user_targets_${target}"; then
- user_targets+=",${target}-linux-user"
- user_bins+=( "qemu-${target}" )
- fi
- done
-
- softmmu_targets=${softmmu_targets#,}
- user_targets=${user_targets#,}
-
- [[ -n ${softmmu_targets} ]] && qemu_src_configure "softmmu"
- [[ -n ${user_targets} ]] && qemu_src_configure "user"
- qemu_src_configure "tools"
-}
-
-src_compile() {
- if [[ -n ${user_targets} ]]; then
- cd "${S}/user-build"
- default
- fi
-
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- default
- fi
-
- cd "${S}/tools-build"
- default
-}
-
-src_test() {
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- pax-mark m */qemu-system-* #515550
- emake -j1 check
- emake -j1 check-report.html
- fi
-}
-
-qemu_python_install() {
- python_domodule "${S}/scripts/qmp/qmp.py"
-
- python_doscript "${S}/scripts/kvm/vmxcap"
- python_doscript "${S}/scripts/qmp/qmp-shell"
- python_doscript "${S}/scripts/qmp/qemu-ga-client"
-}
-
-# Generate binfmt support files.
-# - /etc/init.d/qemu-binfmt script which registers the user handlers (openrc)
-# - /usr/share/qemu/binfmt.d/qemu.conf (for use with systemd-binfmt)
-generate_initd() {
- local out="${T}/qemu-binfmt"
- local out_systemd="${T}/qemu.conf"
- local d="${T}/binfmt.d"
-
- einfo "Generating qemu binfmt scripts and configuration files"
-
- # Generate the debian fragments first.
- mkdir -p "${d}"
- "${S}"/scripts/qemu-binfmt-conf.sh \
- --debian \
- --exportdir "${d}" \
- --qemu-path "${EPREFIX}/usr/bin" \
- || die
- # Then turn the fragments into a shell script we can source.
- sed -E -i \
- -e 's:^([^ ]+) (.*)$:\1="\2":' \
- "${d}"/* || die
-
- # Generate the init.d script by assembling the fragments from above.
- local f qcpu package interpreter magic mask
- cat "${FILESDIR}"/qemu-binfmt.initd.head >"${out}" || die
- for f in "${d}"/qemu-* ; do
- source "${f}"
-
- # Normalize the cpu logic like we do in the init.d for the native cpu.
- qcpu=${package#qemu-}
- case ${qcpu} in
- arm*) qcpu="arm";;
- mips*) qcpu="mips";;
- ppc*) qcpu="ppc";;
- s390*) qcpu="s390";;
- sh*) qcpu="sh";;
- sparc*) qcpu="sparc";;
- esac
-
- cat <<EOF >>"${out}"
- if [ "\${cpu}" != "${qcpu}" -a -x "${interpreter}" ] ; then
- echo ':${package}:M::${magic}:${mask}:${interpreter}:'"\${QEMU_BINFMT_FLAGS}" >/proc/sys/fs/binfmt_misc/register
- fi
-EOF
-
- echo ":${package}:M::${magic}:${mask}:${interpreter}:OC" >>"${out_systemd}"
-
- done
- cat "${FILESDIR}"/qemu-binfmt.initd.tail >>"${out}" || die
-}
-
-src_install() {
- if [[ -n ${user_targets} ]]; then
- cd "${S}/user-build"
- emake DESTDIR="${ED}" install
-
- # Install binfmt handler init script for user targets.
- generate_initd
- doinitd "${T}/qemu-binfmt"
-
- # Install binfmt/qemu.conf.
- insinto "/usr/share/qemu/binfmt.d"
- doins "${T}/qemu.conf"
- fi
-
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- emake DESTDIR="${ED}" install
-
- # This might not exist if the test failed. #512010
- [[ -e check-report.html ]] && dohtml check-report.html
-
- if use kernel_linux; then
- udev_newrules "${FILESDIR}"/65-kvm.rules-r1 65-kvm.rules
- fi
-
- if use python; then
- python_foreach_impl qemu_python_install
- fi
- fi
-
- cd "${S}/tools-build"
- emake DESTDIR="${ED}" install
-
- # Disable mprotect on the qemu binaries as they use JITs to be fast #459348
- pushd "${ED}"/usr/bin >/dev/null
- pax-mark mr "${softmmu_bins[@]}" "${user_bins[@]}" # bug 575594
- popd >/dev/null
-
- # Install config file example for qemu-bridge-helper
- insinto "/etc/qemu"
- doins "${FILESDIR}/bridge.conf"
-
- cd "${S}"
- dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt
- newdoc pc-bios/README README.pc-bios
-
- if [[ -n ${softmmu_targets} ]]; then
- # Remove SeaBIOS since we're using the SeaBIOS packaged one
- rm "${ED}/usr/share/qemu/bios.bin"
- rm "${ED}/usr/share/qemu/bios-256k.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../seabios/bios.bin /usr/share/qemu/bios.bin
- dosym ../seabios/bios-256k.bin /usr/share/qemu/bios-256k.bin
- fi
-
- # Remove vgabios since we're using the seavgabios packaged one
- rm "${ED}/usr/share/qemu/vgabios.bin"
- rm "${ED}/usr/share/qemu/vgabios-cirrus.bin"
- rm "${ED}/usr/share/qemu/vgabios-qxl.bin"
- rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
- rm "${ED}/usr/share/qemu/vgabios-virtio.bin"
- rm "${ED}/usr/share/qemu/vgabios-vmware.bin"
- # PPC64 loads vgabios-stdvga
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386 || use qemu_softmmu_targets_ppc64; then
- dosym ../seavgabios/vgabios-isavga.bin /usr/share/qemu/vgabios.bin
- dosym ../seavgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
- dosym ../seavgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
- dosym ../seavgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
- dosym ../seavgabios/vgabios-virtio.bin /usr/share/qemu/vgabios-virtio.bin
- dosym ../seavgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
- fi
-
- # Remove sgabios since we're using the sgabios packaged one
- rm "${ED}/usr/share/qemu/sgabios.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../sgabios/sgabios.bin /usr/share/qemu/sgabios.bin
- fi
-
- # Remove iPXE since we're using the iPXE packaged one
- rm "${ED}"/usr/share/qemu/pxe-*.rom
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../ipxe/8086100e.rom /usr/share/qemu/pxe-e1000.rom
- dosym ../ipxe/80861209.rom /usr/share/qemu/pxe-eepro100.rom
- dosym ../ipxe/10500940.rom /usr/share/qemu/pxe-ne2k_pci.rom
- dosym ../ipxe/10222000.rom /usr/share/qemu/pxe-pcnet.rom
- dosym ../ipxe/10ec8139.rom /usr/share/qemu/pxe-rtl8139.rom
- dosym ../ipxe/1af41000.rom /usr/share/qemu/pxe-virtio.rom
- fi
- fi
-
- DISABLE_AUTOFORMATTING=true
- readme.gentoo_create_doc
-}
-
-firmware_abi_change() {
- local pv
- for pv in ${REPLACING_VERSIONS}; do
- if ! version_is_at_least ${FIRMWARE_ABI_VERSION} ${pv}; then
- return 0
- fi
- done
- return 1
-}
-
-pkg_postinst() {
- if [[ -n ${softmmu_targets} ]] && use kernel_linux; then
- udev_reload
- fi
-
- fcaps cap_net_admin /usr/libexec/qemu-bridge-helper
-
- DISABLE_AUTOFORMATTING=true
- readme.gentoo_print_elog
-
- if use pin-upstream-blobs && firmware_abi_change; then
- ewarn "This version of qemu pins new versions of firmware blobs:"
- ewarn " $(best_version sys-firmware/edk2-ovmf)"
- ewarn " $(best_version sys-firmware/ipxe)"
- ewarn " $(best_version sys-firmware/seabios)"
- ewarn " $(best_version sys-firmware/sgabios)"
- ewarn "This might break resume of hibernated guests (started with a different"
- ewarn "firmware version) and live migration to/from qemu versions with different"
- ewarn "firmware. Please (cold) restart all running guests. For functional"
- ewarn "guest migration ensure that all"
- ewarn "hosts run at least"
- ewarn " app-emulation/qemu-${FIRMWARE_ABI_VERSION}."
- fi
-}
-
-pkg_info() {
- echo "Using:"
- echo " $(best_version app-emulation/spice-protocol)"
- echo " $(best_version sys-firmware/edk2-ovmf)"
- if has_version 'sys-firmware/edk2-ovmf[binary]'; then
- echo " USE=binary"
- else
- echo " USE=''"
- fi
- echo " $(best_version sys-firmware/ipxe)"
- echo " $(best_version sys-firmware/seabios)"
- if has_version 'sys-firmware/seabios[binary]'; then
- echo " USE=binary"
- else
- echo " USE=''"
- fi
- echo " $(best_version sys-firmware/sgabios)"
-}
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/
@ 2020-04-08 18:16 Anthony G. Basile
0 siblings, 0 replies; 19+ messages in thread
From: Anthony G. Basile @ 2020-04-08 18:16 UTC (permalink / raw
To: gentoo-commits
commit: f6cf3da864780099ce075e45136fa1300d721978
Author: g3ngr33n <gengreen <AT> tutanota <DOT> com>
AuthorDate: Wed Apr 8 10:48:03 2020 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Wed Apr 8 18:15:58 2020 +0000
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=f6cf3da8
app-emulation/qemu: Fix virtfs on musl
- qemu-4.2.0-r2 fail to build (missing header)
- Add files/qemu-4.2.0-r2-musl.patch
- Ebuild from main portage
(Only 1 line was add "${FILESDIR}"/${PN}-4.2.0-r2-musl.patch)
Package-Manager: Portage-2.3.89, Repoman-2.3.20
Signed-off-by: Anthony G. Basile <blueness <AT> gentoo.org>
app-emulation/qemu/Manifest | 2 +
app-emulation/qemu/files/65-kvm.rules-r1 | 2 +
app-emulation/qemu/files/bridge.conf | 14 +
.../files/qemu-2.11.1-capstone_include_path.patch | 11 +
app-emulation/qemu/files/qemu-2.5.0-cflags.patch | 13 +
.../qemu/files/qemu-2.5.0-sysmacros.patch | 15 +
.../qemu/files/qemu-4.0.0-mkdir_systemtap.patch | 12 +
.../files/qemu-4.0.0-sanitize-interp_info.patch | 32 +
.../qemu/files/qemu-4.0.0-xkbcommon.patch | 38 +
app-emulation/qemu/files/qemu-4.2.0-cflags.patch | 16 +
app-emulation/qemu/files/qemu-4.2.0-r2-musl.patch | 19 +
app-emulation/qemu/files/qemu-binfmt.initd.head | 64 ++
app-emulation/qemu/files/qemu-binfmt.initd.tail | 14 +
app-emulation/qemu/metadata.xml | 67 ++
app-emulation/qemu/qemu-4.2.0-r2.ebuild | 835 +++++++++++++++++++++
15 files changed, 1154 insertions(+)
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
new file mode 100644
index 0000000..911250c
--- /dev/null
+++ b/app-emulation/qemu/Manifest
@@ -0,0 +1,2 @@
+DIST qemu-4.2.0-patches-r1.tar.xz 14552 BLAKE2B e8832ce5b7ccda02dcd63fa60a458322a36ba754c8bc682839de4ee33cf21a83cde434bdc062916d3c83e81026b68ebf2fbe099dc6c54c191875f830d95c63ae SHA512 7495e4c9ca80fd25a1bc8244b384f88f3bc6d7190e2840b1614e3bc6fd51938e42792c6a4dbdb2d400a45532e558814462647f35d5ab21e175bec84868a4161d
+DIST qemu-4.2.0.tar.xz 62222068 BLAKE2B 27c9fbcd5093af425764674817ab9299224bd03f37b5983786f6f437fff1fab3b7da247c55c4ca8b8c42726b9867005944a2f7f04f2d0d94d753961615f901ef SHA512 2a79973c2b07c53e8c57a808ea8add7b6b2cbca96488ed5d4b669ead8c9318907dec2b6109f180fc8ca8f04c0f73a56e82b3a527b5626b799d7e849f2474ec56
diff --git a/app-emulation/qemu/files/65-kvm.rules-r1 b/app-emulation/qemu/files/65-kvm.rules-r1
new file mode 100644
index 0000000..ab3776a
--- /dev/null
+++ b/app-emulation/qemu/files/65-kvm.rules-r1
@@ -0,0 +1,2 @@
+KERNEL=="kvm", GROUP="kvm", MODE="0660"
+KERNEL=="vhost-net", GROUP="kvm", MODE="0660", OPTIONS+="static_node=vhost-net"
diff --git a/app-emulation/qemu/files/bridge.conf b/app-emulation/qemu/files/bridge.conf
new file mode 100644
index 0000000..2bde37e
--- /dev/null
+++ b/app-emulation/qemu/files/bridge.conf
@@ -0,0 +1,14 @@
+# This should have the following permissions: root:qemu 0640
+
+# allow br0
+# Uncommenting the above would allow users in the 'qemu' group
+# to add devices to 'br0'
+
+# allow virbr0
+# Uncommenting the above would allow users in the 'qemu' group
+# to add devices to 'virbr0'
+
+# include /etc/qemu/bob.conf
+# Uncommenting the above would allow users in the 'bob' group
+# to have permissions defined in it, iff it has the following
+# permissions: root:bob 0640
diff --git a/app-emulation/qemu/files/qemu-2.11.1-capstone_include_path.patch b/app-emulation/qemu/files/qemu-2.11.1-capstone_include_path.patch
new file mode 100644
index 0000000..d79570e
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.11.1-capstone_include_path.patch
@@ -0,0 +1,11 @@
+--- qemu-2.11.1/include/disas/capstone.h 2018-02-14 22:53:22.000000000 +0100
++++ qemu-2.11.1/include/disas/capstone.h 2018-02-17 20:12:12.754703951 +0100
+@@ -3,7 +3,7 @@
+
+ #ifdef CONFIG_CAPSTONE
+
+-#include <capstone.h>
++#include <capstone/capstone.h>
+
+ #else
+
diff --git a/app-emulation/qemu/files/qemu-2.5.0-cflags.patch b/app-emulation/qemu/files/qemu-2.5.0-cflags.patch
new file mode 100644
index 0000000..173394f
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.5.0-cflags.patch
@@ -0,0 +1,13 @@
+--- a/configure
++++ b/configure
+@@ -4468,10 +4468,6 @@ fi
+ if test "$gcov" = "yes" ; then
+ CFLAGS="-fprofile-arcs -ftest-coverage -g $CFLAGS"
+ LDFLAGS="-fprofile-arcs -ftest-coverage $LDFLAGS"
+-elif test "$fortify_source" = "yes" ; then
+- CFLAGS="-O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 $CFLAGS"
+-elif test "$debug" = "no"; then
+- CFLAGS="-O2 $CFLAGS"
+ fi
+
+ ##########################################
diff --git a/app-emulation/qemu/files/qemu-2.5.0-sysmacros.patch b/app-emulation/qemu/files/qemu-2.5.0-sysmacros.patch
new file mode 100644
index 0000000..f2e766d
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.5.0-sysmacros.patch
@@ -0,0 +1,15 @@
+Linux C libs are moving away from implicit header pollution with sys/types.h
+
+--- a/include/qemu/osdep.h
++++ b/include/qemu/osdep.h
+@@ -78,6 +78,10 @@ extern int daemon(int, int);
+ #include <assert.h>
+ #include <signal.h>
+
++#ifdef __linux__
++#include <sys/sysmacros.h>
++#endif
++
+ #ifdef __OpenBSD__
+ #include <sys/signal.h>
+ #endif
diff --git a/app-emulation/qemu/files/qemu-4.0.0-mkdir_systemtap.patch b/app-emulation/qemu/files/qemu-4.0.0-mkdir_systemtap.patch
new file mode 100644
index 0000000..95ccdd7
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-4.0.0-mkdir_systemtap.patch
@@ -0,0 +1,12 @@
+diff --git a/Makefile b/Makefile
+index 04a0d450..e0013a59 100644
+--- a/Makefile
++++ b/Makefile
+@@ -803,6 +802,7 @@
+ $(call install-prog,$(HELPERS-y),$(DESTDIR)$(libexecdir))
+ endif
+ ifdef CONFIG_TRACE_SYSTEMTAP
++ mkdir -p $(DESTDIR)$(bindir)
+ $(INSTALL_PROG) "scripts/qemu-trace-stap" $(DESTDIR)$(bindir)
+ endif
+ ifneq ($(BLOBS),)
diff --git a/app-emulation/qemu/files/qemu-4.0.0-sanitize-interp_info.patch b/app-emulation/qemu/files/qemu-4.0.0-sanitize-interp_info.patch
new file mode 100644
index 0000000..58ff0c7
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-4.0.0-sanitize-interp_info.patch
@@ -0,0 +1,32 @@
+linux-user: Sanitize interp_info and, for mips
+
+Sanitize interp_info structure in load_elf_binary() and, for mips only,
+init its field fp_abi. This fixes appearances of "Unexpected FPU mode"
+message in some MIPS use cases.
+
+Signed-off-by: Daniel Santos <address@hidden>
+Signed-off-by: Aleksandar Markovic <address@hidden>
+---
+ linux-user/elfload.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/linux-user/elfload.c b/linux-user/elfload.c
+index c1a2602..7f09d57 100644
+--- a/linux-user/elfload.c
++++ b/linux-user/elfload.c
+@@ -2698,6 +2698,11 @@ int load_elf_binary(struct linux_binprm *bprm, struct image_info *info)
+ char *elf_interpreter = NULL;
+ char *scratch;
+
++ memset(&interp_info, 0, sizeof(interp_info));
++#ifdef TARGET_MIPS
++ interp_info.fp_abi = MIPS_ABI_FP_UNKNOWN;
++#endif
++
+ info->start_mmap = (abi_ulong)ELF_START_MMAP;
+
+ load_elf_image(bprm->filename, bprm->fd, info,
+--
+2.7.4
+
+
diff --git a/app-emulation/qemu/files/qemu-4.0.0-xkbcommon.patch b/app-emulation/qemu/files/qemu-4.0.0-xkbcommon.patch
new file mode 100644
index 0000000..3d9a516
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-4.0.0-xkbcommon.patch
@@ -0,0 +1,38 @@
+From cef396dc0b11a09ede85b275ed1ceee71b60a4b3 Mon Sep 17 00:00:00 2001
+From: James Le Cuirot <chewi@gentoo.org>
+Date: Sat, 14 Sep 2019 15:47:20 +0100
+Subject: [PATCH] configure: Add xkbcommon configure options
+
+This dependency is currently "automagic", which is bad for distributions.
+
+Signed-off-by: James Le Cuirot <chewi@gentoo.org>
+---
+ configure | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/configure b/configure
+index 30aad233d1..30544f52e6 100755
+--- a/configure
++++ b/configure
+@@ -1521,6 +1521,10 @@ for opt do
+ ;;
+ --disable-libpmem) libpmem=no
+ ;;
++ --enable-xkbcommon) xkbcommon=yes
++ ;;
++ --disable-xkbcommon) xkbcommon=no
++ ;;
+ *)
+ echo "ERROR: unknown option $opt"
+ echo "Try '$0 --help' for more information"
+@@ -1804,6 +1808,7 @@ disabled with --disable-FEATURE, default is enabled if available:
+ capstone capstone disassembler support
+ debug-mutex mutex debugging support
+ libpmem libpmem support
++ xkbcommon xkbcommon support
+
+ NOTE: The object files are built at the place where configure is launched
+ EOF
+--
+2.23.0
+
diff --git a/app-emulation/qemu/files/qemu-4.2.0-cflags.patch b/app-emulation/qemu/files/qemu-4.2.0-cflags.patch
new file mode 100644
index 0000000..1019265
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-4.2.0-cflags.patch
@@ -0,0 +1,16 @@
+diff --git i/configure w/configure
+index a72a5def57..546d757603 100755
+--- i/configure
++++ w/configure
+@@ -6093,10 +6093,6 @@ write_c_skeleton
+ if test "$gcov" = "yes" ; then
+ QEMU_CFLAGS="-fprofile-arcs -ftest-coverage -g $QEMU_CFLAGS"
+ QEMU_LDFLAGS="-fprofile-arcs -ftest-coverage $QEMU_LDFLAGS"
+-elif test "$fortify_source" = "yes" ; then
+- CFLAGS="-O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 $CFLAGS"
+-elif test "$debug" = "no"; then
+- CFLAGS="-O2 $CFLAGS"
+ fi
+
+ if test "$have_asan" = "yes"; then
+
diff --git a/app-emulation/qemu/files/qemu-4.2.0-r2-musl.patch b/app-emulation/qemu/files/qemu-4.2.0-r2-musl.patch
new file mode 100644
index 0000000..70332da
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-4.2.0-r2-musl.patch
@@ -0,0 +1,19 @@
+Build of qemu 4.2.0-r2 with virtfs on musl fail :
+
+qemu-4.2.0-r2/work/qemu-4.2.0/hw/9pfs/9p.c:3821:16: error: ‘XATTR_SIZE_MAX’ undeclared (first use in this function)
+3821 | if (size > XATTR_SIZE_MAX)
+
+Fix : Add limits.h header
+
+---
+
+--- a/hw/9pfs/9p.c
++++ b/hw/9pfs/9p.c
+@@ -13,6 +13,7 @@
+
+ #include "qemu/osdep.h"
+ #include <glib/gprintf.h>
++#include <linux/limits.h>
+ #include "hw/virtio/virtio.h"
+ #include "qapi/error.h"
+ #include "qemu/error-report.h"
diff --git a/app-emulation/qemu/files/qemu-binfmt.initd.head b/app-emulation/qemu/files/qemu-binfmt.initd.head
new file mode 100644
index 0000000..0dcacef
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-binfmt.initd.head
@@ -0,0 +1,64 @@
+#!/sbin/openrc-run
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+# Enable automatic non-native program execution by the kernel.
+
+# Defaulting to OC should be safe because it comes down to:
+# - do we trust the interp itself to not be malicious? yes; we built it.
+# - do we trust the programs we're running? ish; same permission as native
+# binaries apply. so if user can do bad stuff natively, cross isn't worse.
+: ${QEMU_BINFMT_FLAGS:=OC}
+
+depend() {
+ after procfs
+}
+
+start() {
+ ebegin "Registering qemu-user binaries (flags: ${QEMU_BINFMT_FLAGS})"
+
+ if [ ! -d /proc/sys/fs/binfmt_misc ] ; then
+ modprobe -q binfmt_misc
+ fi
+
+ if [ ! -d /proc/sys/fs/binfmt_misc ] ; then
+ eend 1 "You need support for 'misc binaries' in your kernel!"
+ return
+ fi
+
+ if [ ! -f /proc/sys/fs/binfmt_misc/register ] ; then
+ mount -t binfmt_misc -o nodev,noexec,nosuid \
+ binfmt_misc /proc/sys/fs/binfmt_misc >/dev/null 2>&1
+ eend $? || return
+ fi
+
+ # Probe the native cpu type so we don't try registering them.
+ local cpu="$(uname -m)"
+ case "${cpu}" in
+ armv[4-9]*)
+ cpu="arm"
+ ;;
+ i386|i486|i586|i686|i86pc|BePC|x86_64)
+ cpu="i386"
+ ;;
+ m68k)
+ cpu="m68k"
+ ;;
+ mips*)
+ cpu="mips"
+ ;;
+ "Power Macintosh"|ppc|ppc64)
+ cpu="ppc"
+ ;;
+ s390*)
+ cpu="s390"
+ ;;
+ sh*)
+ cpu="sh"
+ ;;
+ sparc*)
+ cpu="sparc"
+ ;;
+ esac
+
+ # Register the interpreter for each cpu except for the native one.
diff --git a/app-emulation/qemu/files/qemu-binfmt.initd.tail b/app-emulation/qemu/files/qemu-binfmt.initd.tail
new file mode 100644
index 0000000..7679481
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-binfmt.initd.tail
@@ -0,0 +1,14 @@
+ eend 0
+}
+
+stop() {
+ # We unregister everything in the "qemu-xxx" namespace.
+ ebegin "Unregistering qemu-user binaries"
+ local f
+ for f in /proc/sys/fs/binfmt_misc/qemu-* ; do
+ if [ -f "${f}" ] ; then
+ echo '-1' > "${f}"
+ fi
+ done
+ eend 0
+}
diff --git a/app-emulation/qemu/metadata.xml b/app-emulation/qemu/metadata.xml
new file mode 100644
index 0000000..07244b5
--- /dev/null
+++ b/app-emulation/qemu/metadata.xml
@@ -0,0 +1,67 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer type="person">
+ <email>tamiko@gentoo.org</email>
+ <name>Matthias Maier</name>
+ </maintainer>
+ <maintainer type="person">
+ <email>slyfox@gentoo.org</email>
+ <name>Sergei Trofimovich</name>
+ </maintainer>
+ <maintainer type="project">
+ <email>virtualization@gentoo.org</email>
+ <name>Gentoo Virtualization Project</name>
+ </maintainer>
+ <use>
+ <flag name="accessibility">Adds support for braille displays using brltty</flag>
+ <flag name="aio">Enables support for Linux's Async IO</flag>
+ <flag name="alsa">Enable alsa output for sound emulation</flag>
+ <flag name="capstone">Enable disassembly support with <pkg>dev-libs/capstone</pkg></flag>
+ <flag name="curl">Support ISOs / -cdrom directives vis HTTP or HTTPS.</flag>
+ <flag name="fdt">Enables firmware device tree support</flag>
+ <flag name="glusterfs">Enables GlusterFS cluster fileystem via
+ <pkg>sys-cluster/glusterfs</pkg></flag>
+ <flag name="gnutls">Enable TLS support for the VNC console server.
+ For 1.4 and newer this also enables WebSocket support.
+ For 2.0 through 2.3 also enables disk quorum support.</flag>
+ <flag name="iscsi">Enable direct iSCSI support via
+ <pkg>net-libs/libiscsi</pkg> instead of indirectly via the Linux
+ block layer that <pkg>sys-block/open-iscsi</pkg> does.</flag>
+ <flag name="ncurses">Enable the ncurses-based console</flag>
+ <flag name="nfs">Enable NFS support</flag>
+ <flag name="numa">Enable NUMA support</flag>
+ <flag name="pin-upstream-blobs">Pin the versions of BIOS firmware to the version included in the upstream release.
+ This is needed to sanely support migration/suspend/resume/snapshotting/etc... of instances.
+ When the blobs are different, random corruption/bugs/crashes/etc... may be observed.</flag>
+ <flag name="plugins">Enable qemu plugin API via shared library loading.</flag>
+ <flag name="pulseaudio">Enable pulseaudio output for sound emulation</flag>
+ <flag name="rbd">Enable rados block device backend support, see http://ceph.newdream.net/wiki/QEMU-RBD</flag>
+ <flag name="sdl">Enable the SDL-based console</flag>
+ <flag name="sdl-image">SDL Image support for icons</flag>
+ <flag name="spice">Enable Spice protocol support via <pkg>app-emulation/spice</pkg></flag>
+ <flag name="ssh">Enable SSH based block device support via <pkg>net-libs/libssh2</pkg></flag>
+ <flag name="static-user">Build the User targets as static binaries</flag>
+ <flag name="static">Build the User and Software MMU (system) targets as well as tools as static binaries</flag>
+ <flag name="systemtap">Enable SystemTAP/DTrace tracing</flag>
+ <flag name="tci">Enable the TCG Interpreter which can speed up or slowdown workloads depending on the host and guest CPUs being emulated. In the future it will be a runtime option but for now its compile time.</flag>
+ <flag name="jemalloc">Enable jemalloc allocator support</flag>
+ <flag name="jpeg">Enable jpeg image support for the VNC console server</flag>
+ <flag name="png">Enable png image support for the VNC console server</flag>
+ <flag name="usb">Enable USB passthrough via <pkg>dev-libs/libusb</pkg></flag>
+ <flag name="usbredir">Use <pkg>sys-apps/usbredir</pkg> to redirect USB devices to another machine over TCP</flag>
+ <flag name="vde">Enable VDE-based networking</flag>
+ <flag name="vhost-net">Enable accelerated networking using vhost-net, see http://www.linux-kvm.org/page/VhostNet</flag>
+ <flag name="vhost-user-fs">Enable shared file system access using the FUSE protocol carried over virtio.</flag>
+ <flag name="virgl">Enable experimental Virgil 3d (virtual software GPU)</flag>
+ <flag name="virtfs">Enable VirtFS via virtio-9p-pci / fsdev. See http://wiki.qemu.org/Documentation/9psetup</flag>
+ <flag name="vte">Enable terminal support (<pkg>x11-libs/vte</pkg>) in the GTK+ interface</flag>
+ <flag name="xattr">Add support for getting and setting POSIX extended attributes, through
+ <pkg>sys-apps/attr</pkg>. Requisite for the virtfs backend.
+ </flag>
+ <flag name="xen">Enables support for Xen backends</flag>
+ <flag name="xfs">Support xfsctl() notification and syncing for XFS backed
+ virtual disks.</flag>
+ <flag name="xkb">Depend on x11-libs/libxkbcommon to build qemu-keymap tool for converting xkb keymaps</flag>
+ </use>
+</pkgmetadata>
diff --git a/app-emulation/qemu/qemu-4.2.0-r2.ebuild b/app-emulation/qemu/qemu-4.2.0-r2.ebuild
new file mode 100644
index 0000000..0d58795
--- /dev/null
+++ b/app-emulation/qemu/qemu-4.2.0-r2.ebuild
@@ -0,0 +1,835 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+
+PYTHON_COMPAT=( python{3_6,3_7} )
+PYTHON_REQ_USE="ncurses,readline"
+
+PLOCALES="bg de_DE fr_FR hu it tr zh_CN"
+
+FIRMWARE_ABI_VERSION="4.0.0-r50"
+
+inherit eutils linux-info toolchain-funcs multilib python-r1 \
+ udev fcaps readme.gentoo-r1 pax-utils l10n xdg-utils
+
+if [[ ${PV} = *9999* ]]; then
+ EGIT_REPO_URI="https://git.qemu.org/git/qemu.git"
+ EGIT_SUBMODULES=(
+ slirp
+ tests/fp/berkeley-{test,soft}float-3
+ ui/keycodemapdb
+ )
+ inherit git-r3
+ SRC_URI=""
+else
+ SRC_URI="https://download.qemu.org/${P}.tar.xz
+ https://dev.gentoo.org/~tamiko/distfiles/${P}-patches-r1.tar.xz"
+ KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86"
+fi
+
+DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
+HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
+
+LICENSE="GPL-2 LGPL-2 BSD-2"
+SLOT="0"
+
+IUSE="accessibility +aio alsa bzip2 capstone +caps +curl debug doc
+ +fdt glusterfs gnutls gtk infiniband iscsi jemalloc +jpeg kernel_linux
+ kernel_FreeBSD lzo ncurses nfs nls numa opengl +oss +pin-upstream-blobs
+ plugins +png pulseaudio python rbd sasl +seccomp sdl sdl-image selinux
+ smartcard snappy spice ssh static static-user systemtap tci test usb
+ usbredir vde +vhost-net vhost-user-fs virgl virtfs +vnc vte xattr xen
+ xfs +xkb"
+
+COMMON_TARGETS="aarch64 alpha arm cris hppa i386 m68k microblaze microblazeel
+ mips mips64 mips64el mipsel nios2 or1k ppc ppc64 riscv32 riscv64 s390x
+ sh4 sh4eb sparc sparc64 x86_64 xtensa xtensaeb"
+IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS}
+ lm32 moxie tricore unicore32"
+IUSE_USER_TARGETS="${COMMON_TARGETS}
+ aarch64_be armeb mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus
+ tilegx"
+
+use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
+use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS})
+IUSE+=" ${use_softmmu_targets} ${use_user_targets}"
+
+RESTRICT="!test? ( test )"
+# Allow no targets to be built so that people can get a tools-only build.
+# Block USE flag configurations known to not work.
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ qemu_softmmu_targets_arm? ( fdt )
+ qemu_softmmu_targets_microblaze? ( fdt )
+ qemu_softmmu_targets_mips64el? ( fdt )
+ qemu_softmmu_targets_ppc64? ( fdt )
+ qemu_softmmu_targets_ppc? ( fdt )
+ qemu_softmmu_targets_riscv32? ( fdt )
+ qemu_softmmu_targets_riscv64? ( fdt )
+ static? ( static-user !alsa !gtk !opengl !pulseaudio !plugins !rbd !snappy )
+ static-user? ( !plugins )
+ virtfs? ( xattr )
+ vte? ( gtk )
+ plugins? ( !static !static-user )
+"
+
+# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
+# and user/softmmu targets (qemu-*, qemu-system-*).
+#
+# Yep, you need both libcap and libcap-ng since virtfs only uses libcap.
+#
+# The attr lib isn't always linked in (although the USE flag is always
+# respected). This is because qemu supports using the C library's API
+# when available rather than always using the external library.
+ALL_DEPEND="
+ >=dev-libs/glib-2.0[static-libs(+)]
+ sys-libs/zlib[static-libs(+)]
+ python? ( ${PYTHON_DEPS} )
+ systemtap? ( dev-util/systemtap )
+ xattr? ( sys-apps/attr[static-libs(+)] )"
+
+# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
+# softmmu targets (qemu-system-*).
+SOFTMMU_TOOLS_DEPEND="
+ dev-libs/libxml2[static-libs(+)]
+ xkb? ( x11-libs/libxkbcommon[static-libs(+)] )
+ >=x11-libs/pixman-0.28.0[static-libs(+)]
+ accessibility? (
+ app-accessibility/brltty[api]
+ app-accessibility/brltty[static-libs(+)]
+ )
+ aio? ( dev-libs/libaio[static-libs(+)] )
+ alsa? ( >=media-libs/alsa-lib-1.0.13 )
+ bzip2? ( app-arch/bzip2[static-libs(+)] )
+ capstone? ( dev-libs/capstone:= )
+ caps? ( sys-libs/libcap-ng[static-libs(+)] )
+ curl? ( >=net-misc/curl-7.15.4[static-libs(+)] )
+ fdt? ( >=sys-apps/dtc-1.5.0[static-libs(+)] )
+ glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] )
+ gnutls? (
+ dev-libs/nettle:=[static-libs(+)]
+ >=net-libs/gnutls-3.0:=[static-libs(+)]
+ )
+ gtk? (
+ x11-libs/gtk+:3
+ vte? ( x11-libs/vte:2.91 )
+ )
+ infiniband? (
+ sys-fabric/libibumad:=[static-libs(+)]
+ sys-fabric/libibverbs:=[static-libs(+)]
+ sys-fabric/librdmacm:=[static-libs(+)]
+ )
+ iscsi? ( net-libs/libiscsi )
+ jemalloc? ( dev-libs/jemalloc )
+ jpeg? ( virtual/jpeg:0=[static-libs(+)] )
+ lzo? ( dev-libs/lzo:2[static-libs(+)] )
+ ncurses? (
+ sys-libs/ncurses:0=[unicode]
+ sys-libs/ncurses:0=[static-libs(+)]
+ )
+ nfs? ( >=net-fs/libnfs-1.9.3:=[static-libs(+)] )
+ numa? ( sys-process/numactl[static-libs(+)] )
+ opengl? (
+ virtual/opengl
+ media-libs/libepoxy[static-libs(+)]
+ media-libs/mesa[static-libs(+)]
+ media-libs/mesa[egl,gbm]
+ )
+ png? ( media-libs/libpng:0=[static-libs(+)] )
+ pulseaudio? ( media-sound/pulseaudio )
+ rbd? ( sys-cluster/ceph )
+ sasl? ( dev-libs/cyrus-sasl[static-libs(+)] )
+ sdl? (
+ media-libs/libsdl2[X]
+ media-libs/libsdl2[static-libs(+)]
+ )
+ sdl-image? ( media-libs/sdl2-image[static-libs(+)] )
+ seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] )
+ smartcard? ( >=app-emulation/libcacard-2.5.0[static-libs(+)] )
+ snappy? ( app-arch/snappy:= )
+ spice? (
+ >=app-emulation/spice-protocol-0.12.3
+ >=app-emulation/spice-0.12.0[static-libs(+)]
+ )
+ ssh? ( >=net-libs/libssh-0.8.6[static-libs(+)] )
+ usb? ( >=virtual/libusb-1-r2[static-libs(+)] )
+ usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] )
+ vde? ( net-misc/vde[static-libs(+)] )
+ virgl? ( media-libs/virglrenderer[static-libs(+)] )
+ virtfs? ( sys-libs/libcap )
+ xen? ( app-emulation/xen-tools:= )
+ xfs? ( sys-fs/xfsprogs[static-libs(+)] )"
+
+X86_FIRMWARE_DEPEND="
+ pin-upstream-blobs? (
+ ~sys-firmware/edk2-ovmf-201905[binary]
+ ~sys-firmware/ipxe-1.0.0_p20190728[binary]
+ ~sys-firmware/seabios-1.12.0[binary,seavgabios]
+ ~sys-firmware/sgabios-0.1_pre8[binary]
+ )
+ !pin-upstream-blobs? (
+ sys-firmware/edk2-ovmf
+ sys-firmware/ipxe
+ >=sys-firmware/seabios-1.10.2[seavgabios]
+ sys-firmware/sgabios
+ )"
+PPC64_FIRMWARE_DEPEND="
+ pin-upstream-blobs? (
+ ~sys-firmware/seabios-1.12.0[binary,seavgabios]
+ )
+ !pin-upstream-blobs? (
+ >=sys-firmware/seabios-1.10.2[seavgabios]
+ )
+"
+
+BDEPEND="
+ $(python_gen_impl_dep)
+ dev-lang/perl
+ sys-apps/texinfo
+ virtual/pkgconfig
+ doc? ( dev-python/sphinx )
+ gtk? ( nls? ( sys-devel/gettext ) )
+ test? (
+ dev-libs/glib[utils]
+ sys-devel/bc
+ )
+"
+CDEPEND="
+ !static? (
+ ${ALL_DEPEND//\[static-libs(+)]}
+ ${SOFTMMU_TOOLS_DEPEND//\[static-libs(+)]}
+ )
+ qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} )
+ qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )
+ qemu_softmmu_targets_ppc64? ( ${PPC64_FIRMWARE_DEPEND} )
+"
+DEPEND="${CDEPEND}
+ kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 )
+ static? (
+ ${ALL_DEPEND}
+ ${SOFTMMU_TOOLS_DEPEND}
+ )
+ static-user? ( ${ALL_DEPEND} )"
+RDEPEND="${CDEPEND}
+ acct-group/kvm
+ selinux? ( sec-policy/selinux-qemu )"
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-2.5.0-cflags.patch
+ "${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
+ "${FILESDIR}"/${PN}-2.11.1-capstone_include_path.patch
+ "${FILESDIR}"/${PN}-4.0.0-sanitize-interp_info.patch
+ "${FILESDIR}"/${PN}-4.0.0-mkdir_systemtap.patch #684902
+ "${WORKDIR}"/patches
+ "${FILESDIR}"/${PN}-4.2.0-r2-musl.patch
+)
+
+QA_PREBUILT="
+ usr/share/qemu/hppa-firmware.img
+ usr/share/qemu/openbios-ppc
+ usr/share/qemu/openbios-sparc64
+ usr/share/qemu/openbios-sparc32
+ usr/share/qemu/palcode-clipper
+ usr/share/qemu/s390-ccw.img
+ usr/share/qemu/s390-netboot.img
+ usr/share/qemu/u-boot.e500"
+
+QA_WX_LOAD="usr/bin/qemu-i386
+ usr/bin/qemu-x86_64
+ usr/bin/qemu-alpha
+ usr/bin/qemu-arm
+ usr/bin/qemu-cris
+ usr/bin/qemu-m68k
+ usr/bin/qemu-microblaze
+ usr/bin/qemu-microblazeel
+ usr/bin/qemu-mips
+ usr/bin/qemu-mipsel
+ usr/bin/qemu-or1k
+ usr/bin/qemu-ppc
+ usr/bin/qemu-ppc64
+ usr/bin/qemu-ppc64abi32
+ usr/bin/qemu-sh4
+ usr/bin/qemu-sh4eb
+ usr/bin/qemu-sparc
+ usr/bin/qemu-sparc64
+ usr/bin/qemu-armeb
+ usr/bin/qemu-sparc32plus
+ usr/bin/qemu-s390x
+ usr/bin/qemu-unicore32"
+
+DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure you have the
+kernel module loaded before running kvm. The easiest way to ensure that the
+kernel module is loaded is to load it on boot.
+ For AMD CPUs the module is called 'kvm-amd'.
+ For Intel CPUs the module is called 'kvm-intel'.
+Please review /etc/conf.d/modules for how to load these.
+
+Make sure your user is in the 'kvm' group. Just run
+ $ gpasswd -a <USER> kvm
+then have <USER> re-login.
+
+For brand new installs, the default permissions on /dev/kvm might not let
+you access it. You can tell udev to reset ownership/perms:
+ $ udevadm trigger -c add /dev/kvm
+
+If you want to register binfmt handlers for qemu user targets:
+For openrc:
+ # rc-update add qemu-binfmt
+For systemd:
+ # ln -s /usr/share/qemu/binfmt.d/qemu.conf /etc/binfmt.d/qemu.conf"
+
+pkg_pretend() {
+ if use kernel_linux && kernel_is lt 2 6 25; then
+ eerror "This version of KVM requres a host kernel of 2.6.25 or higher."
+ elif use kernel_linux; then
+ if ! linux_config_exists; then
+ eerror "Unable to check your kernel for KVM support"
+ else
+ CONFIG_CHECK="~KVM ~TUN ~BRIDGE"
+ ERROR_KVM="You must enable KVM in your kernel to continue"
+ ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in"
+ ERROR_KVM_AMD+=" your kernel configuration."
+ ERROR_KVM_INTEL="If you have an Intel CPU, you must enable"
+ ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration."
+ ERROR_TUN="You will need the Universal TUN/TAP driver compiled"
+ ERROR_TUN+=" into your kernel or loaded as a module to use the"
+ ERROR_TUN+=" virtual network device if using -net tap."
+ ERROR_BRIDGE="You will also need support for 802.1d"
+ ERROR_BRIDGE+=" Ethernet Bridging for some network configurations."
+ use vhost-net && CONFIG_CHECK+=" ~VHOST_NET"
+ ERROR_VHOST_NET="You must enable VHOST_NET to have vhost-net"
+ ERROR_VHOST_NET+=" support"
+
+ if use amd64 || use x86 || use amd64-linux || use x86-linux; then
+ if grep -q AuthenticAMD /proc/cpuinfo; then
+ CONFIG_CHECK+=" ~KVM_AMD"
+ elif grep -q GenuineIntel /proc/cpuinfo; then
+ CONFIG_CHECK+=" ~KVM_INTEL"
+ fi
+ fi
+
+ use python && CONFIG_CHECK+=" ~DEBUG_FS"
+ ERROR_DEBUG_FS="debugFS support required for kvm_stat"
+
+ # Now do the actual checks setup above
+ check_extra_config
+ fi
+ fi
+
+ if grep -qs '/usr/bin/qemu-kvm' "${EROOT}"/etc/libvirt/qemu/*.xml; then
+ eerror "The kvm/qemu-kvm wrappers no longer exist, but your libvirt"
+ eerror "instances are still pointing to it. Please update your"
+ eerror "configs in /etc/libvirt/qemu/ to use the -enable-kvm flag"
+ eerror "and the right system binary (e.g. qemu-system-x86_64)."
+ die "update your virt configs to not use qemu-kvm"
+ fi
+}
+
+# Sanity check to make sure target lists are kept up-to-date.
+check_targets() {
+ local var=$1 mak=$2
+ local detected sorted
+
+ pushd "${S}"/default-configs >/dev/null || die
+
+ # Force C locale until glibc is updated. #564936
+ detected=$(echo $(printf '%s\n' *-${mak}.mak | sed "s:-${mak}.mak::" | LC_COLLATE=C sort -u))
+ sorted=$(echo $(printf '%s\n' ${!var} | LC_COLLATE=C sort -u))
+ if [[ ${sorted} != "${detected}" ]] ; then
+ eerror "The ebuild needs to be kept in sync."
+ eerror "${var}: ${sorted}"
+ eerror "$(printf '%-*s' ${#var} configure): ${detected}"
+ die "sync ${var} to the list of targets"
+ fi
+
+ popd >/dev/null
+}
+
+handle_locales() {
+ # Make sure locale list is kept up-to-date.
+ local detected sorted
+ detected=$(echo $(cd po && printf '%s\n' *.po | grep -v messages.po | sed 's:.po$::' | sort -u))
+ sorted=$(echo $(printf '%s\n' ${PLOCALES} | sort -u))
+ if [[ ${sorted} != "${detected}" ]] ; then
+ eerror "The ebuild needs to be kept in sync."
+ eerror "PLOCALES: ${sorted}"
+ eerror " po/*.po: ${detected}"
+ die "sync PLOCALES"
+ fi
+
+ # Deal with selective install of locales.
+ if use nls ; then
+ # Delete locales the user does not want. #577814
+ rm_loc() { rm po/$1.po || die; }
+ l10n_for_each_disabled_locale_do rm_loc
+ else
+ # Cheap hack to disable gettext .mo generation.
+ rm -f po/*.po
+ fi
+}
+
+src_prepare() {
+ check_targets IUSE_SOFTMMU_TARGETS softmmu
+ check_targets IUSE_USER_TARGETS linux-user
+
+ default
+
+ # Use correct toolchain to fix cross-compiling
+ tc-export AR LD NM OBJCOPY PKG_CONFIG
+ export WINDRES=${CHOST}-windres
+
+ # Verbose builds
+ MAKEOPTS+=" V=1"
+
+ # Run after we've applied all patches.
+ handle_locales
+
+ # Remove bundled copy of libfdt
+ rm -r dtc || die
+}
+
+##
+# configures qemu based on the build directory and the build type
+# we are using.
+#
+qemu_src_configure() {
+ debug-print-function ${FUNCNAME} "$@"
+
+ local buildtype=$1
+ local builddir="${S}/${buildtype}-build"
+
+ mkdir "${builddir}"
+
+ local conf_opts=(
+ --prefix=/usr
+ --sysconfdir=/etc
+ --bindir=/usr/bin
+ --libdir=/usr/$(get_libdir)
+ --datadir=/usr/share
+ --docdir=/usr/share/doc/${PF}/html
+ --mandir=/usr/share/man
+ --with-confsuffix=/qemu
+ --localstatedir=/var
+ --disable-bsd-user
+ --disable-guest-agent
+ --disable-strip
+ --disable-werror
+ # We support gnutls/nettle for crypto operations. It is possible
+ # to use gcrypt when gnutls/nettle are disabled (but not when they
+ # are enabled), but it's not really worth the hassle. Disable it
+ # all the time to avoid automatically detecting it. #568856
+ --disable-gcrypt
+ --python="${PYTHON}"
+ --cc="$(tc-getCC)"
+ --cxx="$(tc-getCXX)"
+ --host-cc="$(tc-getBUILD_CC)"
+ $(use_enable debug debug-info)
+ $(use_enable debug debug-tcg)
+ $(use_enable doc docs)
+ $(use_enable plugins)
+ $(use_enable tci tcg-interpreter)
+ $(use_enable xattr attr)
+ )
+
+ # Disable options not used by user targets. This simplifies building
+ # static user targets (USE=static-user) considerably.
+ conf_notuser() {
+ if [[ ${buildtype} == "user" ]] ; then
+ echo "--disable-${2:-$1}"
+ else
+ use_enable "$@"
+ fi
+ }
+ conf_opts+=(
+ --disable-bluez
+ $(conf_notuser accessibility brlapi)
+ $(conf_notuser aio linux-aio)
+ $(conf_notuser bzip2)
+ $(conf_notuser capstone)
+ $(conf_notuser caps cap-ng)
+ $(conf_notuser curl)
+ $(conf_notuser fdt)
+ $(conf_notuser glusterfs)
+ $(conf_notuser gnutls)
+ $(conf_notuser gnutls nettle)
+ $(conf_notuser gtk)
+ $(conf_notuser infiniband rdma)
+ $(conf_notuser iscsi libiscsi)
+ $(conf_notuser jemalloc jemalloc)
+ $(conf_notuser jpeg vnc-jpeg)
+ $(conf_notuser kernel_linux kvm)
+ $(conf_notuser lzo)
+ $(conf_notuser ncurses curses)
+ $(conf_notuser nfs libnfs)
+ $(conf_notuser numa)
+ $(conf_notuser opengl)
+ $(conf_notuser png vnc-png)
+ $(conf_notuser rbd)
+ $(conf_notuser sasl vnc-sasl)
+ $(conf_notuser sdl)
+ $(conf_notuser sdl-image)
+ $(conf_notuser seccomp)
+ $(conf_notuser smartcard)
+ $(conf_notuser snappy)
+ $(conf_notuser spice)
+ $(conf_notuser ssh libssh)
+ $(conf_notuser usb libusb)
+ $(conf_notuser usbredir usb-redir)
+ $(conf_notuser vde)
+ $(conf_notuser vhost-net)
+ $(conf_notuser vhost-user-fs)
+ $(conf_notuser virgl virglrenderer)
+ $(conf_notuser virtfs)
+ $(conf_notuser vnc)
+ $(conf_notuser vte)
+ $(conf_notuser xen)
+ $(conf_notuser xen xen-pci-passthrough)
+ $(conf_notuser xfs xfsctl)
+ $(conf_notuser xkb xkbcommon)
+ )
+
+ if [[ ${buildtype} == "user" ]] ; then
+ conf_opts+=( --disable-libxml2 )
+ else
+ conf_opts+=( --enable-libxml2 )
+ fi
+
+ if [[ ! ${buildtype} == "user" ]] ; then
+ # audio options
+ local audio_opts=(
+ $(usev alsa)
+ $(usev oss)
+ $(usev sdl)
+ $(usex pulseaudio pa "")
+ )
+ conf_opts+=(
+ --audio-drv-list=$(printf "%s," "${audio_opts[@]}")
+ )
+ fi
+
+ case ${buildtype} in
+ user)
+ conf_opts+=(
+ --enable-linux-user
+ --disable-system
+ --disable-blobs
+ --disable-tools
+ )
+ local static_flag="static-user"
+ ;;
+ softmmu)
+ conf_opts+=(
+ --disable-linux-user
+ --enable-system
+ --disable-tools
+ )
+ local static_flag="static"
+ ;;
+ tools)
+ conf_opts+=(
+ --disable-linux-user
+ --disable-system
+ --disable-blobs
+ --enable-tools
+ )
+ local static_flag="static"
+ ;;
+ esac
+
+ local targets="${buildtype}_targets"
+ [[ -n ${targets} ]] && conf_opts+=( --target-list="${!targets}" )
+
+ # Add support for SystemTAP
+ use systemtap && conf_opts+=( --enable-trace-backend=dtrace )
+
+ # We always want to attempt to build with PIE support as it results
+ # in a more secure binary. But it doesn't work with static or if
+ # the current GCC doesn't have PIE support.
+ if use ${static_flag}; then
+ conf_opts+=( --static --disable-pie )
+ else
+ tc-enables-pie && conf_opts+=( --enable-pie )
+ fi
+
+ echo "../configure ${conf_opts[*]}"
+ cd "${builddir}"
+ ../configure "${conf_opts[@]}" || die "configure failed"
+
+ # FreeBSD's kernel does not support QEMU assigning/grabbing
+ # host USB devices yet
+ use kernel_FreeBSD && \
+ sed -i -E -e "s|^(HOST_USB=)bsd|\1stub|" "${S}"/config-host.mak
+}
+
+src_configure() {
+ local target
+
+ python_setup
+
+ softmmu_targets= softmmu_bins=()
+ user_targets= user_bins=()
+
+ for target in ${IUSE_SOFTMMU_TARGETS} ; do
+ if use "qemu_softmmu_targets_${target}"; then
+ softmmu_targets+=",${target}-softmmu"
+ softmmu_bins+=( "qemu-system-${target}" )
+ fi
+ done
+
+ for target in ${IUSE_USER_TARGETS} ; do
+ if use "qemu_user_targets_${target}"; then
+ user_targets+=",${target}-linux-user"
+ user_bins+=( "qemu-${target}" )
+ fi
+ done
+
+ softmmu_targets=${softmmu_targets#,}
+ user_targets=${user_targets#,}
+
+ [[ -n ${softmmu_targets} ]] && qemu_src_configure "softmmu"
+ [[ -n ${user_targets} ]] && qemu_src_configure "user"
+ qemu_src_configure "tools"
+}
+
+src_compile() {
+ if [[ -n ${user_targets} ]]; then
+ cd "${S}/user-build"
+ default
+ fi
+
+ if [[ -n ${softmmu_targets} ]]; then
+ cd "${S}/softmmu-build"
+ default
+ fi
+
+ cd "${S}/tools-build"
+ default
+}
+
+src_test() {
+ if [[ -n ${softmmu_targets} ]]; then
+ cd "${S}/softmmu-build"
+ pax-mark m */qemu-system-* #515550
+ emake -j1 check
+ emake -j1 check-report.html
+ fi
+}
+
+qemu_python_install() {
+ python_domodule "${S}/python/qemu"
+
+ python_doscript "${S}/scripts/kvm/vmxcap"
+ python_doscript "${S}/scripts/qmp/qmp-shell"
+ python_doscript "${S}/scripts/qmp/qemu-ga-client"
+}
+
+# Generate binfmt support files.
+# - /etc/init.d/qemu-binfmt script which registers the user handlers (openrc)
+# - /usr/share/qemu/binfmt.d/qemu.conf (for use with systemd-binfmt)
+generate_initd() {
+ local out="${T}/qemu-binfmt"
+ local out_systemd="${T}/qemu.conf"
+ local d="${T}/binfmt.d"
+
+ einfo "Generating qemu binfmt scripts and configuration files"
+
+ # Generate the debian fragments first.
+ mkdir -p "${d}"
+ "${S}"/scripts/qemu-binfmt-conf.sh \
+ --debian \
+ --exportdir "${d}" \
+ --qemu-path "${EPREFIX}/usr/bin" \
+ || die
+ # Then turn the fragments into a shell script we can source.
+ sed -E -i \
+ -e 's:^([^ ]+) (.*)$:\1="\2":' \
+ "${d}"/* || die
+
+ # Generate the init.d script by assembling the fragments from above.
+ local f qcpu package interpreter magic mask
+ cat "${FILESDIR}"/qemu-binfmt.initd.head >"${out}" || die
+ for f in "${d}"/qemu-* ; do
+ source "${f}"
+
+ # Normalize the cpu logic like we do in the init.d for the native cpu.
+ qcpu=${package#qemu-}
+ case ${qcpu} in
+ arm*) qcpu="arm";;
+ mips*) qcpu="mips";;
+ ppc*) qcpu="ppc";;
+ s390*) qcpu="s390";;
+ sh*) qcpu="sh";;
+ sparc*) qcpu="sparc";;
+ esac
+
+ # we use 'printf' here to be portable across 'sh'
+ # implementations: #679168
+ cat <<EOF >>"${out}"
+ if [ "\${cpu}" != "${qcpu}" -a -x "${interpreter}" ] ; then
+ printf '%s\n' ':${package}:M::${magic}:${mask}:${interpreter}:'"\${QEMU_BINFMT_FLAGS}" >/proc/sys/fs/binfmt_misc/register
+ fi
+EOF
+
+ echo ":${package}:M::${magic}:${mask}:${interpreter}:OC" >>"${out_systemd}"
+
+ done
+ cat "${FILESDIR}"/qemu-binfmt.initd.tail >>"${out}" || die
+}
+
+src_install() {
+ if [[ -n ${user_targets} ]]; then
+ cd "${S}/user-build"
+ emake DESTDIR="${ED}" install
+
+ # Install binfmt handler init script for user targets.
+ generate_initd
+ doinitd "${T}/qemu-binfmt"
+
+ # Install binfmt/qemu.conf.
+ insinto "/usr/share/qemu/binfmt.d"
+ doins "${T}/qemu.conf"
+ fi
+
+ if [[ -n ${softmmu_targets} ]]; then
+ cd "${S}/softmmu-build"
+ emake DESTDIR="${ED}" install
+
+ # This might not exist if the test failed. #512010
+ [[ -e check-report.html ]] && dodoc check-report.html
+
+ if use kernel_linux; then
+ udev_newrules "${FILESDIR}"/65-kvm.rules-r1 65-kvm.rules
+ fi
+
+ if use python; then
+ python_foreach_impl qemu_python_install
+ fi
+ fi
+
+ cd "${S}/tools-build"
+ emake DESTDIR="${ED}" install
+
+ # Disable mprotect on the qemu binaries as they use JITs to be fast #459348
+ pushd "${ED}"/usr/bin >/dev/null
+ pax-mark mr "${softmmu_bins[@]}" "${user_bins[@]}" # bug 575594
+ popd >/dev/null
+
+ # Install config file example for qemu-bridge-helper
+ insinto "/etc/qemu"
+ doins "${FILESDIR}/bridge.conf"
+
+ cd "${S}"
+ dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt
+ newdoc pc-bios/README README.pc-bios
+
+ # Disallow stripping of prebuilt firmware files.
+ dostrip -x ${QA_PREBUILT}
+
+ if [[ -n ${softmmu_targets} ]]; then
+ # Remove SeaBIOS since we're using the SeaBIOS packaged one
+ rm "${ED}/usr/share/qemu/bios.bin"
+ rm "${ED}/usr/share/qemu/bios-256k.bin"
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
+ dosym ../seabios/bios.bin /usr/share/qemu/bios.bin
+ dosym ../seabios/bios-256k.bin /usr/share/qemu/bios-256k.bin
+ fi
+
+ # Remove vgabios since we're using the seavgabios packaged one
+ rm "${ED}/usr/share/qemu/vgabios.bin"
+ rm "${ED}/usr/share/qemu/vgabios-cirrus.bin"
+ rm "${ED}/usr/share/qemu/vgabios-qxl.bin"
+ rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
+ rm "${ED}/usr/share/qemu/vgabios-virtio.bin"
+ rm "${ED}/usr/share/qemu/vgabios-vmware.bin"
+ # PPC64 loads vgabios-stdvga
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386 || use qemu_softmmu_targets_ppc64; then
+ dosym ../seavgabios/vgabios-isavga.bin /usr/share/qemu/vgabios.bin
+ dosym ../seavgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
+ dosym ../seavgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
+ dosym ../seavgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
+ dosym ../seavgabios/vgabios-virtio.bin /usr/share/qemu/vgabios-virtio.bin
+ dosym ../seavgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
+ fi
+
+ # Remove sgabios since we're using the sgabios packaged one
+ rm "${ED}/usr/share/qemu/sgabios.bin"
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
+ dosym ../sgabios/sgabios.bin /usr/share/qemu/sgabios.bin
+ fi
+
+ # Remove iPXE since we're using the iPXE packaged one
+ rm "${ED}"/usr/share/qemu/pxe-*.rom
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
+ dosym ../ipxe/8086100e.rom /usr/share/qemu/pxe-e1000.rom
+ dosym ../ipxe/80861209.rom /usr/share/qemu/pxe-eepro100.rom
+ dosym ../ipxe/10500940.rom /usr/share/qemu/pxe-ne2k_pci.rom
+ dosym ../ipxe/10222000.rom /usr/share/qemu/pxe-pcnet.rom
+ dosym ../ipxe/10ec8139.rom /usr/share/qemu/pxe-rtl8139.rom
+ dosym ../ipxe/1af41000.rom /usr/share/qemu/pxe-virtio.rom
+ fi
+ fi
+
+ DISABLE_AUTOFORMATTING=true
+ readme.gentoo_create_doc
+}
+
+firmware_abi_change() {
+ local pv
+ for pv in ${REPLACING_VERSIONS}; do
+ if ver_test $pv -lt ${FIRMWARE_ABI_VERSION}; then
+ return 0
+ fi
+ done
+ return 1
+}
+
+pkg_postinst() {
+ if [[ -n ${softmmu_targets} ]] && use kernel_linux; then
+ udev_reload
+ fi
+
+ xdg_icon_cache_update
+
+ [[ -z ${EPREFIX} ]] && [[ -f ${EROOT}/usr/libexec/qemu-bridge-helper ]] && \
+ fcaps cap_net_admin ${EROOT}/usr/libexec/qemu-bridge-helper
+
+ DISABLE_AUTOFORMATTING=true
+ readme.gentoo_print_elog
+
+ if use pin-upstream-blobs && firmware_abi_change; then
+ ewarn "This version of qemu pins new versions of firmware blobs:"
+ ewarn " $(best_version sys-firmware/edk2-ovmf)"
+ ewarn " $(best_version sys-firmware/ipxe)"
+ ewarn " $(best_version sys-firmware/seabios)"
+ ewarn " $(best_version sys-firmware/sgabios)"
+ ewarn "This might break resume of hibernated guests (started with a different"
+ ewarn "firmware version) and live migration to/from qemu versions with different"
+ ewarn "firmware. Please (cold) restart all running guests. For functional"
+ ewarn "guest migration ensure that all"
+ ewarn "hosts run at least"
+ ewarn " app-emulation/qemu-${FIRMWARE_ABI_VERSION}."
+ fi
+}
+
+pkg_info() {
+ echo "Using:"
+ echo " $(best_version app-emulation/spice-protocol)"
+ echo " $(best_version sys-firmware/edk2-ovmf)"
+ if has_version 'sys-firmware/edk2-ovmf[binary]'; then
+ echo " USE=binary"
+ else
+ echo " USE=''"
+ fi
+ echo " $(best_version sys-firmware/ipxe)"
+ echo " $(best_version sys-firmware/seabios)"
+ if has_version 'sys-firmware/seabios[binary]'; then
+ echo " USE=binary"
+ else
+ echo " USE=''"
+ fi
+ echo " $(best_version sys-firmware/sgabios)"
+}
+
+pkg_postrm() {
+ xdg_icon_cache_update
+}
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/
@ 2021-05-17 13:24 Jory Pratt
0 siblings, 0 replies; 19+ messages in thread
From: Jory Pratt @ 2021-05-17 13:24 UTC (permalink / raw
To: gentoo-commits
commit: 2ee29c244773dae16ed79fe702fc737c5b1c6458
Author: Jory Pratt <anarchy <AT> gentoo <DOT> org>
AuthorDate: Mon May 17 13:24:22 2021 +0000
Commit: Jory Pratt <anarchy <AT> gentoo <DOT> org>
CommitDate: Mon May 17 13:24:22 2021 +0000
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=2ee29c24
app-emulation/qemu: sync with ::gentoo
Package-Manager: Portage-3.0.18, Repoman-3.0.2
Signed-off-by: Jory Pratt <anarchy <AT> gentoo.org>
.../qemu/files/qemu-5.2.0-dce-locks.patch | 18 +
app-emulation/qemu/qemu-5.2.0-r2.ebuild | 878 ---------------------
...{qemu-5.2.0-r3.ebuild => qemu-5.2.0-r50.ebuild} | 21 +-
3 files changed, 30 insertions(+), 887 deletions(-)
diff --git a/app-emulation/qemu/files/qemu-5.2.0-dce-locks.patch b/app-emulation/qemu/files/qemu-5.2.0-dce-locks.patch
new file mode 100644
index 0000000..679a9f3
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-5.2.0-dce-locks.patch
@@ -0,0 +1,18 @@
+Fix CFLAGS=-Og build break. -Og fails because gcc does not enable dead
+code elimination (but does set __OPTIMIZE__ define).
+
+The fix avoids DCE reliance downstream entirely.
+
+Reported-by: Luke-Jr
+Bug: https://bugs.gentoo.org/782364
+--- a/include/qemu/lockable.h
++++ b/include/qemu/lockable.h
+@@ -28,7 +28,7 @@ struct QemuLockable {
+ * to QEMU_MAKE_LOCKABLE. For optimized builds, we can rely on dead-code elimination
+ * from the compiler, and give the errors already at link time.
+ */
+-#if defined(__OPTIMIZE__) && !defined(__SANITIZE_ADDRESS__)
++#if defined(__OPTIMIZE__) && !defined(__SANITIZE_ADDRESS__) && defined(VALIDATE_LOCKS_VIA_DCE)
+ void unknown_lock_type(void *);
+ #else
+ static inline void unknown_lock_type(void *unused)
diff --git a/app-emulation/qemu/qemu-5.2.0-r2.ebuild b/app-emulation/qemu/qemu-5.2.0-r2.ebuild
deleted file mode 100644
index 549e0c7..0000000
--- a/app-emulation/qemu/qemu-5.2.0-r2.ebuild
+++ /dev/null
@@ -1,878 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="7"
-
-PYTHON_COMPAT=( python3_{7,8,9} )
-PYTHON_REQ_USE="ncurses,readline"
-
-FIRMWARE_ABI_VERSION="4.0.0-r50"
-
-inherit eutils linux-info toolchain-funcs multilib python-r1 \
- udev fcaps readme.gentoo-r1 pax-utils l10n xdg-utils
-
-if [[ ${PV} = *9999* ]]; then
- EGIT_REPO_URI="https://git.qemu.org/git/qemu.git"
- EGIT_SUBMODULES=(
- meson
- tests/fp/berkeley-softfloat-3
- tests/fp/berkeley-testfloat-3
- ui/keycodemapdb
- )
- inherit git-r3
- SRC_URI=""
-else
- SRC_URI="https://download.qemu.org/${P}.tar.xz"
- KEYWORDS="amd64 arm64 ~ppc ~ppc64 x86"
-fi
-
-DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
-HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
-
-LICENSE="GPL-2 LGPL-2 BSD-2"
-SLOT="0"
-
-IUSE="accessibility +aio alsa bzip2 capstone +caps +curl debug doc
- +fdt glusterfs gnutls gtk infiniband iscsi io-uring
- jack jemalloc +jpeg kernel_linux
- kernel_FreeBSD lzo multipath
- ncurses nfs nls numa opengl +oss +pin-upstream-blobs
- plugins +png pulseaudio python rbd sasl +seccomp sdl sdl-image selinux
- +slirp
- smartcard snappy spice ssh static static-user systemtap test udev usb
- usbredir vde +vhost-net vhost-user-fs virgl virtfs +vnc vte xattr xen
- xfs zstd"
-
-COMMON_TARGETS="aarch64 alpha arm cris hppa i386 m68k microblaze microblazeel
- mips mips64 mips64el mipsel nios2 or1k ppc ppc64 riscv32 riscv64 s390x
- sh4 sh4eb sparc sparc64 x86_64 xtensa xtensaeb"
-IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS}
- avr lm32 moxie rx tricore unicore32"
-IUSE_USER_TARGETS="${COMMON_TARGETS}
- aarch64_be armeb mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus
- tilegx"
-
-use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
-use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS})
-IUSE+=" ${use_softmmu_targets} ${use_user_targets}"
-
-RESTRICT="!test? ( test )"
-# Allow no targets to be built so that people can get a tools-only build.
-# Block USE flag configurations known to not work.
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- qemu_softmmu_targets_arm? ( fdt )
- qemu_softmmu_targets_microblaze? ( fdt )
- qemu_softmmu_targets_mips64el? ( fdt )
- qemu_softmmu_targets_ppc64? ( fdt )
- qemu_softmmu_targets_ppc? ( fdt )
- qemu_softmmu_targets_riscv32? ( fdt )
- qemu_softmmu_targets_riscv64? ( fdt )
- static? ( static-user !alsa !gtk !jack !opengl !pulseaudio !plugins !rbd !snappy )
- static-user? ( !plugins )
- vhost-user-fs? ( caps seccomp )
- virtfs? ( caps xattr )
- vte? ( gtk )
- multipath? ( udev )
- plugins? ( !static !static-user )
-"
-
-# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
-# and user/softmmu targets (qemu-*, qemu-system-*).
-#
-# Yep, you need both libcap and libcap-ng since virtfs only uses libcap.
-#
-# The attr lib isn't always linked in (although the USE flag is always
-# respected). This is because qemu supports using the C library's API
-# when available rather than always using the external library.
-ALL_DEPEND="
- >=dev-libs/glib-2.0[static-libs(+)]
- sys-libs/zlib[static-libs(+)]
- python? ( ${PYTHON_DEPS} )
- systemtap? ( dev-util/systemtap )
- xattr? ( sys-apps/attr[static-libs(+)] )"
-
-# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
-# softmmu targets (qemu-system-*).
-SOFTMMU_TOOLS_DEPEND="
- dev-libs/libxml2[static-libs(+)]
- >=x11-libs/pixman-0.28.0[static-libs(+)]
- accessibility? (
- app-accessibility/brltty[api]
- app-accessibility/brltty[static-libs(+)]
- )
- aio? ( dev-libs/libaio[static-libs(+)] )
- alsa? ( >=media-libs/alsa-lib-1.0.13 )
- bzip2? ( app-arch/bzip2[static-libs(+)] )
- capstone? ( dev-libs/capstone:= )
- caps? ( sys-libs/libcap-ng[static-libs(+)] )
- curl? ( >=net-misc/curl-7.15.4[static-libs(+)] )
- fdt? ( >=sys-apps/dtc-1.5.0[static-libs(+)] )
- glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] )
- gnutls? (
- dev-libs/nettle:=[static-libs(+)]
- >=net-libs/gnutls-3.0:=[static-libs(+)]
- )
- gtk? (
- x11-libs/gtk+:3
- vte? ( x11-libs/vte:2.91 )
- )
- infiniband? (
- sys-fabric/libibumad:=[static-libs(+)]
- sys-fabric/libibverbs:=[static-libs(+)]
- sys-fabric/librdmacm:=[static-libs(+)]
- )
- iscsi? ( net-libs/libiscsi )
- io-uring? ( sys-libs/liburing:=[static-libs(+)] )
- jack? ( virtual/jack )
- jemalloc? ( dev-libs/jemalloc )
- jpeg? ( virtual/jpeg:0=[static-libs(+)] )
- lzo? ( dev-libs/lzo:2[static-libs(+)] )
- multipath? ( sys-fs/multipath-tools )
- ncurses? (
- sys-libs/ncurses:0=[unicode]
- sys-libs/ncurses:0=[static-libs(+)]
- )
- nfs? ( >=net-fs/libnfs-1.9.3:=[static-libs(+)] )
- numa? ( sys-process/numactl[static-libs(+)] )
- opengl? (
- virtual/opengl
- media-libs/libepoxy[static-libs(+)]
- media-libs/mesa[static-libs(+)]
- media-libs/mesa[egl,gbm]
- )
- png? ( media-libs/libpng:0=[static-libs(+)] )
- pulseaudio? ( media-sound/pulseaudio )
- rbd? ( sys-cluster/ceph )
- sasl? ( dev-libs/cyrus-sasl[static-libs(+)] )
- sdl? (
- media-libs/libsdl2[video]
- media-libs/libsdl2[static-libs(+)]
- )
- sdl-image? ( media-libs/sdl2-image[static-libs(+)] )
- seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] )
- slirp? ( net-libs/libslirp[static-libs(+)] )
- smartcard? ( >=app-emulation/libcacard-2.5.0[static-libs(+)] )
- snappy? ( app-arch/snappy:= )
- spice? (
- >=app-emulation/spice-protocol-0.12.3
- >=app-emulation/spice-0.12.0[static-libs(+)]
- )
- ssh? ( >=net-libs/libssh-0.8.6[static-libs(+)] )
- udev? ( virtual/libudev[static-libs(+)] )
- usb? ( >=virtual/libusb-1-r2[static-libs(+)] )
- usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] )
- vde? ( net-misc/vde[static-libs(+)] )
- virgl? ( media-libs/virglrenderer[static-libs(+)] )
- virtfs? ( sys-libs/libcap )
- xen? ( app-emulation/xen-tools:= )
- xfs? ( sys-fs/xfsprogs[static-libs(+)] )
- zstd? ( >=app-arch/zstd-1.4.0[static-libs(+)] )
-"
-
-X86_FIRMWARE_DEPEND="
- pin-upstream-blobs? (
- ~sys-firmware/edk2-ovmf-201905[binary]
- ~sys-firmware/ipxe-1.0.0_p20190728[binary,qemu]
- ~sys-firmware/seabios-1.12.0[binary,seavgabios]
- ~sys-firmware/sgabios-0.1_pre8[binary]
- )
- !pin-upstream-blobs? (
- sys-firmware/edk2-ovmf
- sys-firmware/ipxe[qemu]
- >=sys-firmware/seabios-1.10.2[seavgabios]
- sys-firmware/sgabios
- )"
-PPC_FIRMWARE_DEPEND="
- pin-upstream-blobs? (
- ~sys-firmware/seabios-1.12.0[binary,seavgabios]
- )
- !pin-upstream-blobs? (
- >=sys-firmware/seabios-1.10.2[seavgabios]
- )
-"
-
-BDEPEND="
- $(python_gen_impl_dep)
- dev-lang/perl
- sys-apps/texinfo
- virtual/pkgconfig
- doc? ( dev-python/sphinx )
- gtk? ( nls? ( sys-devel/gettext ) )
- test? (
- dev-libs/glib[utils]
- sys-devel/bc
- )
-"
-CDEPEND="
- !static? (
- ${ALL_DEPEND//\[static-libs(+)]}
- ${SOFTMMU_TOOLS_DEPEND//\[static-libs(+)]}
- )
- qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} )
- qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )
- qemu_softmmu_targets_ppc? ( ${PPC_FIRMWARE_DEPEND} )
- qemu_softmmu_targets_ppc64? ( ${PPC_FIRMWARE_DEPEND} )
-"
-DEPEND="${CDEPEND}
- kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 )
- static? (
- ${ALL_DEPEND}
- ${SOFTMMU_TOOLS_DEPEND}
- )
- static-user? ( ${ALL_DEPEND} )"
-RDEPEND="${CDEPEND}
- acct-group/kvm
- selinux? ( sec-policy/selinux-qemu )"
-
-PATCHES=(
- "${FILESDIR}"/${PN}-2.11.1-capstone_include_path.patch
- "${FILESDIR}"/${PN}-5.2.0-cleaner-werror.patch
- "${FILESDIR}"/${PN}-5.2.0-disable-keymap.patch
- "${FILESDIR}"/${PN}-5.2.0-strings.patch
- "${FILESDIR}"/${PN}-5.2.0-fix-firmware-path.patch
- "${FILESDIR}"/${PN}-5.2.0-no-pie-ld.patch
-)
-
-QA_PREBUILT="
- usr/share/qemu/hppa-firmware.img
- usr/share/qemu/openbios-ppc
- usr/share/qemu/openbios-sparc64
- usr/share/qemu/openbios-sparc32
- usr/share/qemu/opensbi-riscv64-generic-fw_dynamic.elf
- usr/share/qemu/opensbi-riscv32-generic-fw_dynamic.elf
- usr/share/qemu/palcode-clipper
- usr/share/qemu/s390-ccw.img
- usr/share/qemu/s390-netboot.img
- usr/share/qemu/u-boot.e500
-"
-
-QA_WX_LOAD="usr/bin/qemu-i386
- usr/bin/qemu-x86_64
- usr/bin/qemu-alpha
- usr/bin/qemu-arm
- usr/bin/qemu-cris
- usr/bin/qemu-m68k
- usr/bin/qemu-microblaze
- usr/bin/qemu-microblazeel
- usr/bin/qemu-mips
- usr/bin/qemu-mipsel
- usr/bin/qemu-or1k
- usr/bin/qemu-ppc
- usr/bin/qemu-ppc64
- usr/bin/qemu-ppc64abi32
- usr/bin/qemu-sh4
- usr/bin/qemu-sh4eb
- usr/bin/qemu-sparc
- usr/bin/qemu-sparc64
- usr/bin/qemu-armeb
- usr/bin/qemu-sparc32plus
- usr/bin/qemu-s390x
- usr/bin/qemu-unicore32
-"
-
-DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure you have the
-kernel module loaded before running kvm. The easiest way to ensure that the
-kernel module is loaded is to load it on boot.
- For AMD CPUs the module is called 'kvm-amd'.
- For Intel CPUs the module is called 'kvm-intel'.
-Please review /etc/conf.d/modules for how to load these.
-
-Make sure your user is in the 'kvm' group. Just run
- $ gpasswd -a <USER> kvm
-then have <USER> re-login.
-
-For brand new installs, the default permissions on /dev/kvm might not let
-you access it. You can tell udev to reset ownership/perms:
- $ udevadm trigger -c add /dev/kvm
-
-If you want to register binfmt handlers for qemu user targets:
-For openrc:
- # rc-update add qemu-binfmt
-For systemd:
- # ln -s /usr/share/qemu/binfmt.d/qemu.conf /etc/binfmt.d/qemu.conf"
-
-pkg_pretend() {
- if use kernel_linux && kernel_is lt 2 6 25; then
- eerror "This version of KVM requires a host kernel of 2.6.25 or higher."
- elif use kernel_linux; then
- if ! linux_config_exists; then
- eerror "Unable to check your kernel for KVM support"
- else
- CONFIG_CHECK="~KVM ~TUN ~BRIDGE"
- ERROR_KVM="You must enable KVM in your kernel to continue"
- ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in"
- ERROR_KVM_AMD+=" your kernel configuration."
- ERROR_KVM_INTEL="If you have an Intel CPU, you must enable"
- ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration."
- ERROR_TUN="You will need the Universal TUN/TAP driver compiled"
- ERROR_TUN+=" into your kernel or loaded as a module to use the"
- ERROR_TUN+=" virtual network device if using -net tap."
- ERROR_BRIDGE="You will also need support for 802.1d"
- ERROR_BRIDGE+=" Ethernet Bridging for some network configurations."
- use vhost-net && CONFIG_CHECK+=" ~VHOST_NET"
- ERROR_VHOST_NET="You must enable VHOST_NET to have vhost-net"
- ERROR_VHOST_NET+=" support"
-
- if use amd64 || use x86 || use amd64-linux || use x86-linux; then
- if grep -q AuthenticAMD /proc/cpuinfo; then
- CONFIG_CHECK+=" ~KVM_AMD"
- elif grep -q GenuineIntel /proc/cpuinfo; then
- CONFIG_CHECK+=" ~KVM_INTEL"
- fi
- fi
-
- use python && CONFIG_CHECK+=" ~DEBUG_FS"
- ERROR_DEBUG_FS="debugFS support required for kvm_stat"
-
- # Now do the actual checks setup above
- check_extra_config
- fi
- fi
-
- if grep -qs '/usr/bin/qemu-kvm' "${EROOT}"/etc/libvirt/qemu/*.xml; then
- eerror "The kvm/qemu-kvm wrappers no longer exist, but your libvirt"
- eerror "instances are still pointing to it. Please update your"
- eerror "configs in /etc/libvirt/qemu/ to use the -enable-kvm flag"
- eerror "and the right system binary (e.g. qemu-system-x86_64)."
- die "update your virt configs to not use qemu-kvm"
- fi
-}
-
-# Sanity check to make sure target lists are kept up-to-date.
-check_targets() {
- local var=$1 mak=$2
- local detected sorted
-
- pushd "${S}"/default-configs/targets/ >/dev/null || die
-
- # Force C locale until glibc is updated. #564936
- detected=$(echo $(printf '%s\n' *-${mak}.mak | sed "s:-${mak}.mak::" | LC_COLLATE=C sort -u))
- sorted=$(echo $(printf '%s\n' ${!var} | LC_COLLATE=C sort -u))
- if [[ ${sorted} != "${detected}" ]] ; then
- eerror "The ebuild needs to be kept in sync."
- eerror "${var}: ${sorted}"
- eerror "$(printf '%-*s' ${#var} configure): ${detected}"
- die "sync ${var} to the list of targets"
- fi
-
- popd >/dev/null
-}
-
-src_prepare() {
- check_targets IUSE_SOFTMMU_TARGETS softmmu
- check_targets IUSE_USER_TARGETS linux-user
-
- default
-
- # Use correct toolchain to fix cross-compiling
- tc-export AR AS LD NM OBJCOPY PKG_CONFIG RANLIB STRINGS
- export WINDRES=${CHOST}-windres
-
- # Verbose builds
- MAKEOPTS+=" V=1"
-
- # Remove bundled copy of libfdt
- rm -r dtc || die
-
- # conditionally apply patches for musl support
- if use elibc_musl ; then
- eapply "${FILESDIR}"/musl-patches/0001-linux-user-fix-build-with-musl-on-aarch64.patch
- eapply "${FILESDIR}"/musl-patches/0001-linux-user-fix-build-with-musl-on-ppc64le.patch
- eapply "${FILESDIR}"/musl-patches/0001-virtio-host-input-use-safe-64-bit-time-accessors-for.patch
- eapply "${FILESDIR}"/musl-patches/0002-virtio-user-input-use-safe-64-bit-time-accessors-for.patch
- eapply "${FILESDIR}"/musl-patches/0006-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
- eapply "${FILESDIR}"/musl-patches/MAP_SYNC-fix.patch
- eapply "${FILESDIR}"/musl-patches/fix-segevent-and-sigval_t.patch
- eapply "${FILESDIR}"/musl-patches/fix-sendmsg.patch
- eapply "${FILESDIR}"/musl-patches/fix-sockios-header.patch
- eapply "${FILESDIR}"/musl-patches/guest-agent-shutdown.patch
- eapply "${FILESDIR}"/musl-patches/ignore-signals-33-and-64-to-allow-golang-emulation.patch
- eapply "${FILESDIR}"/musl-patches/mips-softfloat.patch
- eapply "${FILESDIR}"/musl-patches/musl-F_SHLCK-and-F_EXLCK.patch
- eapply "${FILESDIR}"/musl-patches/xattr_size_max.patch
- fi
-}
-
-##
-# configures qemu based on the build directory and the build type
-# we are using.
-#
-qemu_src_configure() {
- debug-print-function ${FUNCNAME} "$@"
-
- local buildtype=$1
- local builddir="${S}/${buildtype}-build"
-
- mkdir "${builddir}"
-
- local conf_opts=(
- --prefix=/usr
- --sysconfdir=/etc
- --bindir=/usr/bin
- --libdir=/usr/$(get_libdir)
- --datadir=/usr/share
- --docdir=/usr/share/doc/${PF}/html
- --mandir=/usr/share/man
- --localstatedir=/var
- --disable-bsd-user
- --disable-containers # bug #732972
- --disable-guest-agent
- --disable-strip
-
- # bug #746752: TCG interpreter has a few limitations:
- # - it does not support FPU
- # - it's generally slower on non-self-modifying code
- # It's advantage is support for host architectures
- # where native codegeneration is not implemented.
- # Gentoo has qemu keyworded only on targets with
- # native code generation available. Avoid the interpreter.
- --disable-tcg-interpreter
-
- --disable-werror
- # We support gnutls/nettle for crypto operations. It is possible
- # to use gcrypt when gnutls/nettle are disabled (but not when they
- # are enabled), but it's not really worth the hassle. Disable it
- # all the time to avoid automatically detecting it. #568856
- --disable-gcrypt
- --python="${PYTHON}"
- --cc="$(tc-getCC)"
- --cxx="$(tc-getCXX)"
- --host-cc="$(tc-getBUILD_CC)"
- $(use_enable debug debug-info)
- $(use_enable debug debug-tcg)
- $(use_enable doc docs)
- $(use_enable nls gettext)
- $(use_enable plugins)
- $(use_enable xattr attr)
- )
-
- # Disable options not used by user targets. This simplifies building
- # static user targets (USE=static-user) considerably.
- conf_notuser() {
- if [[ ${buildtype} == "user" ]] ; then
- echo "--disable-${2:-$1}"
- else
- use_enable "$@"
- fi
- }
- # Enable option only for softmmu build, but not 'user' or 'tools'
- conf_softmmu() {
- if [[ ${buildtype} == "softmmu" ]] ; then
- use_enable "$@"
- else
- echo "--disable-${2:-$1}"
- fi
- }
- # Enable option only for tools build, but not 'user' or 'softmmu'
- conf_tools() {
- if [[ ${buildtype} == "tools" ]] ; then
- use_enable "$@"
- else
- echo "--disable-${2:-$1}"
- fi
- }
- conf_opts+=(
- $(conf_notuser accessibility brlapi)
- $(conf_notuser aio linux-aio)
- $(conf_notuser bzip2)
- $(conf_notuser capstone)
- $(conf_notuser caps cap-ng)
- $(conf_notuser curl)
- $(conf_notuser fdt)
- $(conf_notuser glusterfs)
- $(conf_notuser gnutls)
- $(conf_notuser gnutls nettle)
- $(conf_notuser gtk)
- $(conf_notuser infiniband rdma)
- $(conf_notuser iscsi libiscsi)
- $(conf_notuser io-uring linux-io-uring)
- $(conf_notuser jemalloc jemalloc)
- $(conf_notuser jpeg vnc-jpeg)
- $(conf_notuser kernel_linux kvm)
- $(conf_notuser lzo)
- $(conf_notuser multipath mpath)
- $(conf_notuser ncurses curses)
- $(conf_notuser nfs libnfs)
- $(conf_notuser numa)
- $(conf_notuser opengl)
- $(conf_notuser png vnc-png)
- $(conf_notuser rbd)
- $(conf_notuser sasl vnc-sasl)
- $(conf_notuser sdl)
- $(conf_softmmu sdl-image)
- $(conf_notuser seccomp)
- $(conf_notuser slirp slirp system)
- $(conf_notuser smartcard)
- $(conf_notuser snappy)
- $(conf_notuser spice)
- $(conf_notuser ssh libssh)
- $(conf_notuser udev libudev)
- $(conf_notuser usb libusb)
- $(conf_notuser usbredir usb-redir)
- $(conf_notuser vde)
- $(conf_notuser vhost-net)
- $(conf_notuser vhost-user-fs)
- $(conf_tools vhost-user-fs virtiofsd)
- $(conf_notuser virgl virglrenderer)
- $(conf_notuser virtfs)
- $(conf_notuser vnc)
- $(conf_notuser vte)
- $(conf_notuser xen)
- $(conf_notuser xen xen-pci-passthrough)
- $(conf_notuser xfs xfsctl)
- # use prebuilt keymaps, bug #759604
- --disable-xkbcommon
- $(conf_notuser zstd)
- )
-
- if [[ ${buildtype} == "user" ]] ; then
- conf_opts+=( --disable-libxml2 )
- else
- conf_opts+=( --enable-libxml2 )
- fi
-
- if [[ ! ${buildtype} == "user" ]] ; then
- # audio options
- local audio_opts=(
- # Note: backend order matters here: #716202
- # We iterate from higher-level to lower level.
- $(usex pulseaudio pa "")
- $(usev jack)
- $(usev sdl)
- $(usev alsa)
- $(usev oss)
- )
- conf_opts+=(
- --audio-drv-list=$(printf "%s," "${audio_opts[@]}")
- )
- fi
-
- case ${buildtype} in
- user)
- conf_opts+=(
- --enable-linux-user
- --disable-system
- --disable-blobs
- --disable-tools
- )
- local static_flag="static-user"
- ;;
- softmmu)
- conf_opts+=(
- --disable-linux-user
- --enable-system
- --disable-tools
- )
- local static_flag="static"
- ;;
- tools)
- conf_opts+=(
- --disable-linux-user
- --disable-system
- --disable-blobs
- --enable-tools
- )
- local static_flag="static"
- ;;
- esac
-
- local targets="${buildtype}_targets"
- [[ -n ${targets} ]] && conf_opts+=( --target-list="${!targets}" )
-
- # Add support for SystemTAP
- use systemtap && conf_opts+=( --enable-trace-backend=dtrace )
-
- # We always want to attempt to build with PIE support as it results
- # in a more secure binary. But it doesn't work with static or if
- # the current GCC doesn't have PIE support.
- if use ${static_flag}; then
- conf_opts+=( --static --disable-pie )
- else
- tc-enables-pie && conf_opts+=( --enable-pie )
- fi
-
- # Plumb through equivalent of EXTRA_ECONF to allow experiments
- # like bug #747928.
- conf_opts+=( ${EXTRA_CONF_QEMU} )
-
- echo "../configure ${conf_opts[*]}"
- cd "${builddir}"
- ../configure "${conf_opts[@]}" || die "configure failed"
-
- # FreeBSD's kernel does not support QEMU assigning/grabbing
- # host USB devices yet
- use kernel_FreeBSD && \
- sed -i -E -e "s|^(HOST_USB=)bsd|\1stub|" "${S}"/config-host.mak
-}
-
-src_configure() {
- local target
-
- python_setup
-
- softmmu_targets= softmmu_bins=()
- user_targets= user_bins=()
-
- for target in ${IUSE_SOFTMMU_TARGETS} ; do
- if use "qemu_softmmu_targets_${target}"; then
- softmmu_targets+=",${target}-softmmu"
- softmmu_bins+=( "qemu-system-${target}" )
- fi
- done
-
- for target in ${IUSE_USER_TARGETS} ; do
- if use "qemu_user_targets_${target}"; then
- user_targets+=",${target}-linux-user"
- user_bins+=( "qemu-${target}" )
- fi
- done
-
- softmmu_targets=${softmmu_targets#,}
- user_targets=${user_targets#,}
-
- [[ -n ${softmmu_targets} ]] && qemu_src_configure "softmmu"
- [[ -n ${user_targets} ]] && qemu_src_configure "user"
- qemu_src_configure "tools"
-}
-
-src_compile() {
- if [[ -n ${user_targets} ]]; then
- cd "${S}/user-build"
- default
- fi
-
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- default
- fi
-
- cd "${S}/tools-build"
- default
-}
-
-src_test() {
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- pax-mark m */qemu-system-* #515550
- emake check
- fi
-}
-
-qemu_python_install() {
- python_domodule "${S}/python/qemu"
-
- python_doscript "${S}/scripts/kvm/vmxcap"
- python_doscript "${S}/scripts/qmp/qmp-shell"
- python_doscript "${S}/scripts/qmp/qemu-ga-client"
-}
-
-# Generate binfmt support files.
-# - /etc/init.d/qemu-binfmt script which registers the user handlers (openrc)
-# - /usr/share/qemu/binfmt.d/qemu.conf (for use with systemd-binfmt)
-generate_initd() {
- local out="${T}/qemu-binfmt"
- local out_systemd="${T}/qemu.conf"
- local d="${T}/binfmt.d"
-
- einfo "Generating qemu binfmt scripts and configuration files"
-
- # Generate the debian fragments first.
- mkdir -p "${d}"
- "${S}"/scripts/qemu-binfmt-conf.sh \
- --debian \
- --exportdir "${d}" \
- --qemu-path "${EPREFIX}/usr/bin" \
- || die
- # Then turn the fragments into a shell script we can source.
- sed -E -i \
- -e 's:^([^ ]+) (.*)$:\1="\2":' \
- "${d}"/* || die
-
- # Generate the init.d script by assembling the fragments from above.
- local f qcpu package interpreter magic mask
- cat "${FILESDIR}"/qemu-binfmt.initd.head >"${out}" || die
- for f in "${d}"/qemu-* ; do
- source "${f}"
-
- # Normalize the cpu logic like we do in the init.d for the native cpu.
- qcpu=${package#qemu-}
- case ${qcpu} in
- arm*) qcpu="arm";;
- mips*) qcpu="mips";;
- ppc*) qcpu="ppc";;
- s390*) qcpu="s390";;
- sh*) qcpu="sh";;
- sparc*) qcpu="sparc";;
- esac
-
- # we use 'printf' here to be portable across 'sh'
- # implementations: #679168
- cat <<EOF >>"${out}"
- if [ "\${cpu}" != "${qcpu}" -a -x "${interpreter}" ] ; then
- printf '%s\n' ':${package}:M::${magic}:${mask}:${interpreter}:'"\${QEMU_BINFMT_FLAGS}" >/proc/sys/fs/binfmt_misc/register
- fi
-EOF
-
- echo ":${package}:M::${magic}:${mask}:${interpreter}:OC" >>"${out_systemd}"
-
- done
- cat "${FILESDIR}"/qemu-binfmt.initd.tail >>"${out}" || die
-}
-
-src_install() {
- if [[ -n ${user_targets} ]]; then
- cd "${S}/user-build"
- emake DESTDIR="${ED}" install
-
- # Install binfmt handler init script for user targets.
- generate_initd
- doinitd "${T}/qemu-binfmt"
-
- # Install binfmt/qemu.conf.
- insinto "/usr/share/qemu/binfmt.d"
- doins "${T}/qemu.conf"
- fi
-
- if [[ -n ${softmmu_targets} ]]; then
- cd "${S}/softmmu-build"
- emake DESTDIR="${ED}" install
-
- # This might not exist if the test failed. #512010
- [[ -e check-report.html ]] && dodoc check-report.html
-
- if use kernel_linux; then
- udev_newrules "${FILESDIR}"/65-kvm.rules-r1 65-kvm.rules
- fi
-
- if use python; then
- python_foreach_impl qemu_python_install
- fi
- fi
-
- cd "${S}/tools-build"
- emake DESTDIR="${ED}" install
-
- # Disable mprotect on the qemu binaries as they use JITs to be fast #459348
- pushd "${ED}"/usr/bin >/dev/null
- pax-mark mr "${softmmu_bins[@]}" "${user_bins[@]}" # bug 575594
- popd >/dev/null
-
- # Install config file example for qemu-bridge-helper
- insinto "/etc/qemu"
- doins "${FILESDIR}/bridge.conf"
-
- cd "${S}"
- dodoc MAINTAINERS docs/specs/pci-ids.txt
- newdoc pc-bios/README README.pc-bios
-
- # Disallow stripping of prebuilt firmware files.
- dostrip -x ${QA_PREBUILT}
-
- if [[ -n ${softmmu_targets} ]]; then
- # Remove SeaBIOS since we're using the SeaBIOS packaged one
- rm "${ED}/usr/share/qemu/bios.bin"
- rm "${ED}/usr/share/qemu/bios-256k.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../seabios/bios.bin /usr/share/qemu/bios.bin
- dosym ../seabios/bios-256k.bin /usr/share/qemu/bios-256k.bin
- fi
-
- # Remove vgabios since we're using the seavgabios packaged one
- rm "${ED}/usr/share/qemu/vgabios.bin"
- rm "${ED}/usr/share/qemu/vgabios-cirrus.bin"
- rm "${ED}/usr/share/qemu/vgabios-qxl.bin"
- rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
- rm "${ED}/usr/share/qemu/vgabios-virtio.bin"
- rm "${ED}/usr/share/qemu/vgabios-vmware.bin"
- # PPC/PPC64 loads vgabios-stdvga
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386 || use qemu_softmmu_targets_ppc || use qemu_softmmu_targets_ppc64; then
- dosym ../seavgabios/vgabios-isavga.bin /usr/share/qemu/vgabios.bin
- dosym ../seavgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
- dosym ../seavgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
- dosym ../seavgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
- dosym ../seavgabios/vgabios-virtio.bin /usr/share/qemu/vgabios-virtio.bin
- dosym ../seavgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
- fi
-
- # Remove sgabios since we're using the sgabios packaged one
- rm "${ED}/usr/share/qemu/sgabios.bin"
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../sgabios/sgabios.bin /usr/share/qemu/sgabios.bin
- fi
-
- # Remove iPXE since we're using the iPXE packaged one
- rm "${ED}"/usr/share/qemu/pxe-*.rom
- if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
- dosym ../ipxe/8086100e.rom /usr/share/qemu/pxe-e1000.rom
- dosym ../ipxe/80861209.rom /usr/share/qemu/pxe-eepro100.rom
- dosym ../ipxe/10500940.rom /usr/share/qemu/pxe-ne2k_pci.rom
- dosym ../ipxe/10222000.rom /usr/share/qemu/pxe-pcnet.rom
- dosym ../ipxe/10ec8139.rom /usr/share/qemu/pxe-rtl8139.rom
- dosym ../ipxe/1af41000.rom /usr/share/qemu/pxe-virtio.rom
- fi
- fi
-
- DISABLE_AUTOFORMATTING=true
- readme.gentoo_create_doc
-}
-
-firmware_abi_change() {
- local pv
- for pv in ${REPLACING_VERSIONS}; do
- if ver_test $pv -lt ${FIRMWARE_ABI_VERSION}; then
- return 0
- fi
- done
- return 1
-}
-
-pkg_postinst() {
- if [[ -n ${softmmu_targets} ]] && use kernel_linux; then
- udev_reload
- fi
-
- xdg_icon_cache_update
-
- [[ -z ${EPREFIX} ]] && [[ -f ${EROOT}/usr/libexec/qemu-bridge-helper ]] && \
- fcaps cap_net_admin ${EROOT}/usr/libexec/qemu-bridge-helper
-
- DISABLE_AUTOFORMATTING=true
- readme.gentoo_print_elog
-
- if use pin-upstream-blobs && firmware_abi_change; then
- ewarn "This version of qemu pins new versions of firmware blobs:"
- ewarn " $(best_version sys-firmware/edk2-ovmf)"
- ewarn " $(best_version sys-firmware/ipxe)"
- ewarn " $(best_version sys-firmware/seabios)"
- ewarn " $(best_version sys-firmware/sgabios)"
- ewarn "This might break resume of hibernated guests (started with a different"
- ewarn "firmware version) and live migration to/from qemu versions with different"
- ewarn "firmware. Please (cold) restart all running guests. For functional"
- ewarn "guest migration ensure that all"
- ewarn "hosts run at least"
- ewarn " app-emulation/qemu-${FIRMWARE_ABI_VERSION}."
- fi
-}
-
-pkg_info() {
- echo "Using:"
- echo " $(best_version app-emulation/spice-protocol)"
- echo " $(best_version sys-firmware/edk2-ovmf)"
- if has_version 'sys-firmware/edk2-ovmf[binary]'; then
- echo " USE=binary"
- else
- echo " USE=''"
- fi
- echo " $(best_version sys-firmware/ipxe)"
- echo " $(best_version sys-firmware/seabios)"
- if has_version 'sys-firmware/seabios[binary]'; then
- echo " USE=binary"
- else
- echo " USE=''"
- fi
- echo " $(best_version sys-firmware/sgabios)"
-}
-
-pkg_postrm() {
- xdg_icon_cache_update
-}
diff --git a/app-emulation/qemu/qemu-5.2.0-r3.ebuild b/app-emulation/qemu/qemu-5.2.0-r50.ebuild
similarity index 98%
rename from app-emulation/qemu/qemu-5.2.0-r3.ebuild
rename to app-emulation/qemu/qemu-5.2.0-r50.ebuild
index 8234a3c..8984faa 100644
--- a/app-emulation/qemu/qemu-5.2.0-r3.ebuild
+++ b/app-emulation/qemu/qemu-5.2.0-r50.ebuild
@@ -6,7 +6,7 @@ EAPI="7"
PYTHON_COMPAT=( python3_{7,8,9} )
PYTHON_REQ_USE="ncurses,readline"
-FIRMWARE_ABI_VERSION="4.0.0-r50"
+FIRMWARE_ABI_VERSION="5.2.0-r50"
inherit eutils linux-info toolchain-funcs multilib python-r1
inherit udev fcaps readme.gentoo-r1 pax-utils l10n xdg-utils
@@ -24,7 +24,7 @@ if [[ ${PV} = *9999* ]]; then
SRC_URI=""
else
SRC_URI="https://download.qemu.org/${P}.tar.xz"
- KEYWORDS="amd64 arm64 ~ppc ~ppc64 ~x86"
+ KEYWORDS="amd64 arm64 ~ppc ppc64 x86"
fi
DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
@@ -170,25 +170,27 @@ SOFTMMU_TOOLS_DEPEND="
zstd? ( >=app-arch/zstd-1.4.0[static-libs(+)] )
"
+SEABIOS_VERSION="1.14.0"
+
X86_FIRMWARE_DEPEND="
pin-upstream-blobs? (
- ~sys-firmware/edk2-ovmf-201905[binary]
- ~sys-firmware/ipxe-1.0.0_p20190728[binary,qemu]
- ~sys-firmware/seabios-1.12.0[binary,seavgabios]
- ~sys-firmware/sgabios-0.1_pre8[binary]
+ ~sys-firmware/edk2-ovmf-202008[binary]
+ ~sys-firmware/ipxe-1.21.1[binary,qemu]
+ ~sys-firmware/seabios-${SEABIOS_VERSION}[binary,seavgabios]
+ ~sys-firmware/sgabios-0.1_pre10[binary]
)
!pin-upstream-blobs? (
sys-firmware/edk2-ovmf
sys-firmware/ipxe[qemu]
- >=sys-firmware/seabios-1.10.2[seavgabios]
+ >=sys-firmware/seabios-${SEABIOS_VERSION}[seavgabios]
sys-firmware/sgabios
)"
PPC_FIRMWARE_DEPEND="
pin-upstream-blobs? (
- ~sys-firmware/seabios-1.12.0[binary,seavgabios]
+ ~sys-firmware/seabios-${SEABIOS_VERSION}[binary,seavgabios]
)
!pin-upstream-blobs? (
- >=sys-firmware/seabios-1.10.2[seavgabios]
+ >=sys-firmware/seabios-${SEABIOS_VERSION}[seavgabios]
)
"
@@ -232,6 +234,7 @@ PATCHES=(
"${FILESDIR}"/${PN}-5.2.0-strings.patch
"${FILESDIR}"/${PN}-5.2.0-fix-firmware-path.patch
"${FILESDIR}"/${PN}-5.2.0-no-pie-ld.patch
+ "${FILESDIR}"/${PN}-5.2.0-dce-locks.patch
)
QA_PREBUILT="
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/
@ 2021-07-18 15:47 Jory Pratt
0 siblings, 0 replies; 19+ messages in thread
From: Jory Pratt @ 2021-07-18 15:47 UTC (permalink / raw
To: gentoo-commits
commit: 14d1508edf3d4d65da93394799888b628b0766dc
Author: Jory Pratt <anarchy <AT> gentoo <DOT> org>
AuthorDate: Sun Jul 18 15:47:49 2021 +0000
Commit: Jory Pratt <anarchy <AT> gentoo <DOT> org>
CommitDate: Sun Jul 18 15:47:49 2021 +0000
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=14d1508e
app-emulation/qemu: sync with ::gentoo
Package-Manager: Portage-3.0.20, Repoman-3.0.2
Signed-off-by: Jory Pratt <anarchy <AT> gentoo.org>
app-emulation/qemu/files/qemu-6.0.0-make.patch | 14 ++++++++++++++
app-emulation/qemu/metadata.xml | 5 +++--
.../qemu/{qemu-6.0.0.ebuild => qemu-6.0.0-r2.ebuild} | 14 +++++++++-----
3 files changed, 26 insertions(+), 7 deletions(-)
diff --git a/app-emulation/qemu/files/qemu-6.0.0-make.patch b/app-emulation/qemu/files/qemu-6.0.0-make.patch
new file mode 100644
index 0000000..2dac1ca
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-6.0.0-make.patch
@@ -0,0 +1,14 @@
+Allow MAKE='make V=1' and similar.
+
+https://bugs.gentoo.org/795678
+--- a/configure
++++ b/configure
+@@ -1953,7 +1953,7 @@ if test -z "$python"
+ then
+ error_exit "Python not found. Use --python=/path/to/python"
+ fi
+-if ! has "$make"
++if ! has $make
+ then
+ error_exit "GNU make ($make) not found"
+ fi
diff --git a/app-emulation/qemu/metadata.xml b/app-emulation/qemu/metadata.xml
index ec3f45a..4245f6d 100644
--- a/app-emulation/qemu/metadata.xml
+++ b/app-emulation/qemu/metadata.xml
@@ -6,8 +6,8 @@
<name>Matthias Maier</name>
</maintainer>
<maintainer type="person">
- <email>slyfox@gentoo.org</email>
- <name>Sergei Trofimovich</name>
+ <email>zlogene@gentoo.org</email>
+ <name>Mikle Kolyada</name>
</maintainer>
<maintainer type="project">
<email>virtualization@gentoo.org</email>
@@ -20,6 +20,7 @@
<flag name="capstone">Enable disassembly support with <pkg>dev-libs/capstone</pkg></flag>
<flag name="curl">Support ISOs / -cdrom directives via HTTP or HTTPS.</flag>
<flag name="fdt">Enables firmware device tree support</flag>
+ <flag name="fuse">Enables FUSE block device export</flag>
<flag name="glusterfs">Enables GlusterFS cluster fileystem via
<pkg>sys-cluster/glusterfs</pkg></flag>
<flag name="gnutls">Enable TLS support for the VNC console server.
diff --git a/app-emulation/qemu/qemu-6.0.0.ebuild b/app-emulation/qemu/qemu-6.0.0-r2.ebuild
similarity index 98%
rename from app-emulation/qemu/qemu-6.0.0.ebuild
rename to app-emulation/qemu/qemu-6.0.0-r2.ebuild
index 5c2c7c2..0583c6b 100644
--- a/app-emulation/qemu/qemu-6.0.0.ebuild
+++ b/app-emulation/qemu/qemu-6.0.0-r2.ebuild
@@ -9,7 +9,7 @@ PYTHON_REQ_USE="ncurses,readline"
FIRMWARE_ABI_VERSION="5.2.0-r50"
inherit eutils linux-info toolchain-funcs multilib python-r1
-inherit udev fcaps readme.gentoo-r1 pax-utils l10n xdg-utils
+inherit udev fcaps readme.gentoo-r1 pax-utils xdg-utils
if [[ ${PV} = *9999* ]]; then
EGIT_REPO_URI="https://git.qemu.org/git/qemu.git"
@@ -23,7 +23,7 @@ if [[ ${PV} = *9999* ]]; then
SRC_URI=""
else
SRC_URI="https://download.qemu.org/${P}.tar.xz"
- KEYWORDS="amd64 arm64 ~ppc ppc64 ~x86"
+ KEYWORDS="amd64 arm64 ~ppc ppc64 x86"
fi
DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
@@ -33,7 +33,7 @@ LICENSE="GPL-2 LGPL-2 BSD-2"
SLOT="0"
IUSE="accessibility +aio alsa bzip2 capstone +caps +curl debug +doc
- +fdt glusterfs gnutls gtk infiniband iscsi io-uring
+ +fdt fuse glusterfs gnutls gtk infiniband iscsi io-uring
jack jemalloc +jpeg kernel_linux
kernel_FreeBSD lzo multipath
ncurses nfs nls numa opengl +oss +pin-upstream-blobs
@@ -108,6 +108,7 @@ REQUIRED_USE="${PYTHON_REQUIRED_USE}
qemu_softmmu_targets_ppc? ( fdt )
qemu_softmmu_targets_riscv32? ( fdt )
qemu_softmmu_targets_riscv64? ( fdt )
+ sdl-image? ( sdl )
static? ( static-user !alsa !gtk !jack !opengl !pulseaudio !plugins !rbd !snappy )
static-user? ( !plugins )
vhost-user-fs? ( caps seccomp )
@@ -149,6 +150,7 @@ SOFTMMU_TOOLS_DEPEND="
caps? ( sys-libs/libcap-ng[static-libs(+)] )
curl? ( >=net-misc/curl-7.15.4[static-libs(+)] )
fdt? ( >=sys-apps/dtc-1.5.0[static-libs(+)] )
+ fuse? ( >=sys-fs/fuse-3.1:3[static-libs(+)] )
glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] )
gnutls? (
dev-libs/nettle:=[static-libs(+)]
@@ -171,8 +173,8 @@ SOFTMMU_TOOLS_DEPEND="
lzo? ( dev-libs/lzo:2[static-libs(+)] )
multipath? ( sys-fs/multipath-tools )
ncurses? (
- sys-libs/ncurses:0=[unicode]
- sys-libs/ncurses:0=[static-libs(+)]
+ sys-libs/ncurses:=[unicode(+)]
+ sys-libs/ncurses:=[static-libs(+)]
)
nfs? ( >=net-fs/libnfs-1.9.3:=[static-libs(+)] )
numa? ( sys-process/numactl[static-libs(+)] )
@@ -274,6 +276,7 @@ PATCHES=(
"${FILESDIR}"/${PN}-5.2.0-cleaner-werror.patch
"${FILESDIR}"/${PN}-5.2.0-disable-keymap.patch
"${FILESDIR}"/${PN}-5.2.0-dce-locks.patch
+ "${FILESDIR}"/${PN}-6.0.0-make.patch
)
QA_PREBUILT="
@@ -521,6 +524,7 @@ qemu_src_configure() {
$(conf_notuser caps cap-ng)
$(conf_notuser curl)
$(conf_notuser fdt)
+ $(conf_notuser fuse)
$(conf_notuser glusterfs)
$(conf_notuser gnutls)
$(conf_notuser gnutls nettle)
^ permalink raw reply related [flat|nested] 19+ messages in thread
end of thread, other threads:[~2021-07-18 15:48 UTC | newest]
Thread overview: 19+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-04-30 2:11 [gentoo-commits] proj/musl:master commit in: app-emulation/qemu/files/, app-emulation/qemu/ Aric Belsito
-- strict thread matches above, loose matches on Subject: below --
2021-07-18 15:47 Jory Pratt
2021-05-17 13:24 Jory Pratt
2020-04-08 18:16 Anthony G. Basile
2019-03-27 1:43 Anthony G. Basile
2018-03-18 21:47 Aric Belsito
2017-12-21 23:25 Aric Belsito
2017-11-13 21:18 Aric Belsito
2017-09-02 20:16 Aric Belsito
2017-07-26 19:11 Aric Belsito
2017-05-06 21:26 Aric Belsito
2017-04-25 16:36 Aric Belsito
2017-03-27 16:18 Aric Belsito
2017-02-21 18:20 Aric Belsito
2017-02-13 20:04 Aric Belsito
2017-02-13 6:46 Aric Belsito
2017-01-03 22:34 Aric Belsito
2016-10-01 19:38 Felix Janda
2015-06-11 23:46 Anthony G. Basile
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox