pool/qemu
SHA256
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Accepting request 102957 from Virtualization

Browse Source 
Address bnc#740165, CVE-2012-0029.

OBS-URL: https://build.opensuse.org/request/show/102957
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/qemu?expand=0&rev=56
This commit is contained in:
Stephan Kulow 2012-02-10 16:19:09 +00:00 committed by Git OBS Bridge
commit 9ada884d14
59 changed files with 1977 additions and 270 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
0001-Handle-CPU-interrupts-by-inline-checking-of-a-flag.patch
View File

@ -1,7 +1,7 @@
From 4cc09e9530fb08123594be6c72dfc381df5dcddc Mon Sep 17 00:00:00 2001
From: Peter Maydell <peter.maydell@linaro.org>
Date: Wed, 5 Oct 2011 10:04:02 +0100
Subject: [PATCH 01/33] Handle CPU interrupts by inline checking of a flag
Subject: [PATCH] Handle CPU interrupts by inline checking of a flag
Fix the nasty TCG race conditions and crashes by implementing cpu_exit
as setting a flag which is checked at the start of each TB. This is

2
0002-linux-user-fix-QEMU_STRACE-1-segfault.patch
View File

@ -1,7 +1,7 @@
From 0588bc446fd48bdb1965a6773d008c05a4ba16c1 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Sun, 20 Nov 2011 13:02:54 +0100
Subject: [PATCH 02/33] linux-user: fix QEMU_STRACE=1 segfault
Subject: [PATCH] linux-user: fix QEMU_STRACE=1 segfault
While debugging some issues with QEMU_STRACE I stumbled over segmentation
faults that were pretty reproducible. Turns out we tried to treat a

2
0003-linux-user-save-auxv-length.patch
View File

@ -1,7 +1,7 @@
From 67c12998086c44ebef7f92a394154d6aba446178 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Wed, 2 Nov 2011 09:23:22 +0000
Subject: [PATCH 03/33] linux-user: save auxv length
Subject: [PATCH] linux-user: save auxv length
We create our own AUXV segment on stack and save a pointer to it.
However we don't save the length of it, so any code that wants to

2
0004-linux-user-add-open-hijack-infrastructure.patch
View File

@ -1,7 +1,7 @@
From 99590488e94b6b7f10ecf9a99398fd24a69a7039 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Wed, 2 Nov 2011 09:23:23 +0000
Subject: [PATCH 04/33] linux-user: add open() hijack infrastructure
Subject: [PATCH] linux-user: add open() hijack infrastructure
There are a number of files in /proc that expose host information
to the guest program. This patch adds infrastructure to override

2
0005-linux-user-fake-proc-self-maps.patch
View File

@ -1,7 +1,7 @@
From 059e727a9a4be00de949769105e9e0ea876fc64b Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Wed, 2 Nov 2011 09:23:24 +0000
Subject: [PATCH 05/33] linux-user: fake /proc/self/maps
Subject: [PATCH] linux-user: fake /proc/self/maps
glibc's pthread_attr_getstack tries to find the stack range from
/proc/self/maps. Unfortunately, /proc is usually the host's /proc

2
0006-linux-user-fake-proc-self-stat.patch
View File

@ -1,7 +1,7 @@
From 7ee3fd47eed19e4dfa26a8d0176ed3550b8d0ccf Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Wed, 2 Nov 2011 09:23:25 +0000
Subject: [PATCH 06/33] linux-user: fake /proc/self/stat
Subject: [PATCH] linux-user: fake /proc/self/stat
The boehm gc finds the program's stack starting pointer by
checking /proc/self/stat. Unfortunately, so far it reads

2
0007-linux-user-fake-proc-self-auxv.patch
View File

@ -1,7 +1,7 @@
From ddf0d4037b10c07d9e5b168f9f96e60a1601c75b Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Wed, 2 Nov 2011 09:23:26 +0000
Subject: [PATCH 07/33] linux-user: fake /proc/self/auxv
Subject: [PATCH] linux-user: fake /proc/self/auxv
Gtk tries to read /proc/self/auxv to find its auxv table instead of
taking it from its own program memory space.

2
0008-XXX-dont-dump-core-on-sigabort.patch
View File

@ -1,7 +1,7 @@
From 4bc96d88f91417aa2bb029da2e8343456fe86631 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 21 Nov 2011 23:50:36 +0100
Subject: [PATCH 08/33] XXX dont dump core on sigabort
Subject: [PATCH] XXX dont dump core on sigabort
---
linux-user/signal.c | 6 ++++++

2
0009-linux-user-fix-wait-syscall-status-returns.patch
View File

@ -1,7 +1,7 @@
From ee5137d38109fdcb55a58be447c2c27be2b16eb0 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 22 Nov 2011 17:53:40 +0100
Subject: [PATCH 09/33] linux-user: fix wait* syscall status returns
Subject: [PATCH] linux-user: fix wait* syscall status returns
When calling wait4 or waitpid with a status pointer and WNOHANG, the
syscall can potentially not modify the status pointer input. Now if we

2
0010-Revert-linux-user-fix-wait-syscall-status-returns.patch
View File

@ -1,7 +1,7 @@
From 5cfce885dd1b3a229cd2ea7a94dfe2445ec29417 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 24 Nov 2011 00:38:22 +0100
Subject: [PATCH 10/33] Revert "linux-user: fix wait* syscall status returns"
Subject: [PATCH] Revert "linux-user: fix wait* syscall status returns"
This reverts commit 93092792064d880eb91679004b4761639d754081.
---

2
0011-linux-user-fix-wait-syscall-status-returns.patch
View File

@ -1,7 +1,7 @@
From b71ee7a063f7cffdf8a2cf73fcbc1d461fbbb80e Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 24 Nov 2011 00:39:35 +0100
Subject: [PATCH 11/33] linux-user: fix wait* syscall status returns
Subject: [PATCH] linux-user: fix wait* syscall status returns
When calling wait4 or waitpid with a status pointer and WNOHANG, the
syscall can potentially not modify the status pointer input. Now if we

4
0013-XXX-linux-user-fake-proc-self-maps-even-more.patch → 0012-XXX-linux-user-fake-proc-self-maps-even-more.patch
View File

@ -1,7 +1,7 @@
From 7e9ebc1d459247bd91f39a7489f1627874731533 Mon Sep 17 00:00:00 2001
From 146dddbec44c48417f776d54f823093b464e596c Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 28 Nov 2011 17:05:24 +0100
Subject: [PATCH 13/33] XXX linux-user: fake /proc/self/maps even more
Subject: [PATCH] XXX linux-user: fake /proc/self/maps even more
---
linux-user/syscall.c | 40 +++++++++++++++++++++++++++++++++++++++-

124
0012-linux-user-Fix-32-on-64-mmap-for-x86_64.patch
View File

@ -1,124 +0,0 @@
From 52a4e3af8ca37d895bcff2ede1073ebb2cb2dd29 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Sat, 19 Nov 2011 22:57:55 +0100
Subject: [PATCH 12/33] linux-user: Fix 32-on-64 mmap for x86_64
When running a 32 bit guest on a 64 bit host, we can run into trouble while
calling the host's mmap() because it could potentially give us a 64 bit
return value which the guest can't interpret.
There are 2 ways of dealing with this:
1) Only do MAP_FIXED mmap calls and implement our own vm management in QEMU
2) Tell the kernel that we only want mappings in the lower 32 bits
Way 1 is very involved and hard to do. It's been advocated forever now but
nobody sat down to actually implement it.
Way 2 is easy. It's what this patch does. However, it only works on x86_64
because that's the only platform implementing the MAP_32BIT flag. Since most
people are on x86_64 though, I think it's a good enough compromise for now
though
Signed-off-by: Alexander Graf <agraf@suse.de>
---
linux-user/mmap.c | 35 ++++++++++++++++++++++++++---------
1 files changed, 26 insertions(+), 9 deletions(-)
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index 994c02b..7d846f3 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -33,6 +33,22 @@
//#define DEBUG_MMAP
+/*
+ * On x86_64 we can tell mmap that we only want to map within the first 32
+ * bits to not get pointers that potentially exceed the return size. Without
+ * this flag set mmap will eventually break for users when running 32-on-64.
+ *
+ * However, Linux doesn't implement this for non-x86_64 systems. So we have
+ * to safeguard the bit with an empty flag which will be ignore on other
+ * architectures. At least we fixed the "common case" this way :).
+ *
+ * - agraf
+ */
+#if !defined(MAP_32BIT) || !defined(__x86_64__) || (TARGET_LONG_BITS != 32)
+#undef MAP_32BIT
+#define MAP_32BIT 0
+#endif
+
#if defined(CONFIG_USE_NPTL)
static pthread_mutex_t mmap_mutex = PTHREAD_MUTEX_INITIALIZER;
static __thread int mmap_lock_count;
@@ -169,7 +185,7 @@ static int mmap_frag(abi_ulong real_start,
if (prot1 == 0) {
/* no page was there, so we allocate one */
void *p = mmap(host_start, qemu_host_page_size, prot,
- flags | MAP_ANONYMOUS, -1, 0);
+ flags | MAP_ANONYMOUS | MAP_32BIT, -1, 0);
if (p == MAP_FAILED)
return -1;
prot1 = prot;
@@ -292,7 +308,7 @@ abi_ulong mmap_find_vma(abi_ulong start, abi_ulong size)
* - shmat() with SHM_REMAP flag
*/
ptr = mmap(g2h(addr), size, PROT_NONE,
- MAP_ANONYMOUS|MAP_PRIVATE|MAP_NORESERVE, -1, 0);
+ MAP_ANONYMOUS|MAP_PRIVATE|MAP_NORESERVE|MAP_32BIT, -1, 0);
/* ENOMEM, if host address space has no memory */
if (ptr == MAP_FAILED) {
@@ -454,14 +470,15 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
especially important if qemu_host_page_size >
qemu_real_host_page_size */
p = mmap(g2h(mmap_start),
- host_len, prot, flags | MAP_FIXED | MAP_ANONYMOUS, -1, 0);
+ host_len, prot, flags | MAP_FIXED | MAP_ANONYMOUS | MAP_32BIT,
+ -1, 0);
if (p == MAP_FAILED)
goto fail;
/* update start so that it points to the file position at 'offset' */
host_start = (unsigned long)p;
if (!(flags & MAP_ANONYMOUS)) {
p = mmap(g2h(mmap_start), len, prot,
- flags | MAP_FIXED, fd, host_offset);
+ flags | MAP_FIXED | MAP_32BIT, fd, host_offset);
host_start += offset - host_offset;
}
start = h2g(host_start);
@@ -495,8 +512,8 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
goto fail;
}
retaddr = target_mmap(start, len, prot | PROT_WRITE,
- MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS,
- -1, 0);
+ MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS |
+ MAP_32BIT, -1, 0);
if (retaddr == -1)
goto fail;
if (pread(fd, g2h(start), len, offset) == -1)
@@ -547,7 +564,7 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
else
offset1 = offset + real_start - start;
p = mmap(g2h(real_start), real_end - real_start,
- prot, flags, fd, offset1);
+ prot, flags | MAP_32BIT, fd, offset1);
if (p == MAP_FAILED)
goto fail;
}
@@ -603,8 +620,8 @@ static void mmap_reserve(abi_ulong start, abi_ulong size)
}
if (real_start != real_end) {
mmap(g2h(real_start), real_end - real_start, PROT_NONE,
- MAP_FIXED | MAP_ANONYMOUS | MAP_PRIVATE | MAP_NORESERVE,
- -1, 0);
+ MAP_FIXED | MAP_ANONYMOUS | MAP_PRIVATE | MAP_NORESERVE |
+ MAP_32BIT, -1, 0);
}
}
--
1.6.0.2

4
0014-XXX-work-around-SA_RESTART-race-with-boehm-gc-ARM-o.patch → 0013-XXX-work-around-SA_RESTART-race-with-boehm-gc-ARM-o.patch
View File

@ -1,7 +1,7 @@
From e45be60a8f2e6148b40f358922a4f472fa0b2f8b Mon Sep 17 00:00:00 2001
From 79a59902304b66e9270d11901a554e5b22042d6e Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 1 Dec 2011 19:00:01 +0100
Subject: [PATCH 14/33] XXX work around SA_RESTART race with boehm-gc (ARM only)
Subject: [PATCH] XXX work around SA_RESTART race with boehm-gc (ARM only)
---
linux-user/main.c | 25 ++++++++-----

4
0015-XXX-move-qemu-binary-lower-in-address-space-so-we-ha.patch → 0014-XXX-move-qemu-binary-lower-in-address-space-so-we-ha.patch
View File

@ -1,7 +1,7 @@
From bf5ca70551e87671e84a81d103db32ed6918a109 Mon Sep 17 00:00:00 2001
From e534a77a0e1f880d0f74514ac50de5de3dd4811a Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 5 Dec 2011 23:37:52 +0100
Subject: [PATCH 15/33] XXX move qemu binary lower in address space so we have space for guest stuff
Subject: [PATCH] XXX move qemu binary lower in address space so we have space for guest stuff
---
x86_64.ld | 2 +-

8
0016-linux-user-map-lower-in-address-space.patch → 0015-linux-user-map-lower-in-address-space.patch
View File

@ -1,7 +1,7 @@
From a8631179ca4a90670923fd9acce05b0e109eae01 Mon Sep 17 00:00:00 2001
From edda5e8f49b7857379733d652d6b259488bd7b70 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 6 Dec 2011 00:39:50 +0100
Subject: [PATCH 16/33] linux-user: map lower in address space
Subject: [PATCH] linux-user: map lower in address space
While trying to compile Java I can into situations where there was simply
no virtual address space left for a 32-bit guest to take. For example when
@ -17,10 +17,10 @@ Signed-off-by: Alexander Graf <agraf@suse.de>
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index 7d846f3..8453c0d 100644
index 994c02b..505254f 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -226,7 +226,7 @@ static int mmap_frag(abi_ulong real_start,
@@ -210,7 +210,7 @@ static int mmap_frag(abi_ulong real_start,
/* Cygwin doesn't have a whole lot of address space. */
# define TASK_UNMAPPED_BASE 0x18000000
#else

4
0017-XXX-fake-proc-self-maps-also-fclose-real-file.patch → 0016-XXX-fake-proc-self-maps-also-fclose-real-file.patch
View File

@ -1,7 +1,7 @@
From f2bd85fd0ebe444677f22e28ab12b966937207e2 Mon Sep 17 00:00:00 2001
From 3580a90d40df10410b7268f89aae58ce05dd2bed Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 8 Dec 2011 23:19:32 +0100
Subject: [PATCH 17/33] XXX fake /proc/self/maps: also fclose real file
Subject: [PATCH] XXX fake /proc/self/maps: also fclose real file
---
linux-user/syscall.c | 1 +

8
0018-XXX-map-qemu-higher-again-so-we-have-space-for-brk.patch → 0017-XXX-map-qemu-higher-again-so-we-have-space-for-brk.patch
View File

@ -1,7 +1,7 @@
From f8d469421d92e3abe854e565bdf4ee62b86846b6 Mon Sep 17 00:00:00 2001
From 91f12fe177833e0112cd7f7cf5781b26377667a5 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Sat, 10 Dec 2011 00:03:56 +0100
Subject: [PATCH 18/33] XXX map qemu higher again so we have space for brk
Subject: [PATCH] XXX map qemu higher again so we have space for brk
---
linux-user/mmap.c | 2 +-
@ -9,10 +9,10 @@ Subject: [PATCH 18/33] XXX map qemu higher again so we have space for brk
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index 8453c0d..1e8cc38 100644
index 505254f..46e8bf8 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -226,7 +226,7 @@ static int mmap_frag(abi_ulong real_start,
@@ -210,7 +210,7 @@ static int mmap_frag(abi_ulong real_start,
/* Cygwin doesn't have a whole lot of address space. */
# define TASK_UNMAPPED_BASE 0x18000000
#else

4
0019-qemu-0.9.0.cvs-binfmt.patch → 0018-qemu-0.9.0.cvs-binfmt.patch
View File

@ -1,7 +1,7 @@
From 4d016e72b0d6b81115100217614aba990fcb505e Mon Sep 17 00:00:00 2001
From 434801ec78b031170eb0762302b52062e6c27d0e Mon Sep 17 00:00:00 2001
From: Ulrich Hecht <uli@suse.de>
Date: Tue, 14 Apr 2009 16:18:44 +0200
Subject: [PATCH 19/33] qemu-0.9.0.cvs-binfmt
Subject: [PATCH] qemu-0.9.0.cvs-binfmt
Fixes binfmt_misc setup script:
- x86_64 is i386-compatible

4
0020-qemu-cvs-alsa_bitfield.patch → 0019-qemu-cvs-alsa_bitfield.patch
View File

@ -1,7 +1,7 @@
From 923b1531de681940198e2c1d28c735da1efe29e2 Mon Sep 17 00:00:00 2001
From b41a72d0c29f97610dfdd5573b8be383823bc88f Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 14 Apr 2009 16:20:50 +0200
Subject: [PATCH 20/33] qemu-cvs-alsa_bitfield
Subject: [PATCH] qemu-cvs-alsa_bitfield
Implements TYPE_INTBITFIELD partially. (required for ALSA support)

4
0021-qemu-cvs-alsa_ioctl.patch → 0020-qemu-cvs-alsa_ioctl.patch
View File

@ -1,7 +1,7 @@
From b732ecf6a05f837368ab6c2413b206e0e2715e73 Mon Sep 17 00:00:00 2001
From 33f065c217c1921759df12467954eb4638f84a72 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 14 Apr 2009 16:23:27 +0200
Subject: [PATCH 21/33] qemu-cvs-alsa_ioctl
Subject: [PATCH] qemu-cvs-alsa_ioctl
Implements ALSA ioctls on PPC hosts.

10
0022-qemu-cvs-alsa_mmap.patch → 0021-qemu-cvs-alsa_mmap.patch
View File

@ -1,7 +1,7 @@
From 3ea2fa480d730990c427d4a2924168f2b6f42dba Mon Sep 17 00:00:00 2001
From 8b67814c8ab4645ddd43664b1092e78ea6a743d8 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 14 Apr 2009 16:24:15 +0200
Subject: [PATCH 22/33] qemu-cvs-alsa_mmap
Subject: [PATCH] qemu-cvs-alsa_mmap
Hack to prevent ALSA from using mmap() interface to simplify emulation.
@ -12,10 +12,10 @@ Signed-off-by: Ulrich Hecht <uli@suse.de>
1 files changed, 14 insertions(+), 0 deletions(-)
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index 1e8cc38..1e5ba51 100644
index 46e8bf8..e4db455 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -380,6 +380,9 @@ abi_ulong mmap_find_vma(abi_ulong start, abi_ulong size)
@@ -364,6 +364,9 @@ abi_ulong mmap_find_vma(abi_ulong start, abi_ulong size)
}
}
@ -25,7 +25,7 @@ index 1e8cc38..1e5ba51 100644
/* NOTE: all the constants are the HOST ones */
abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
int flags, int fd, abi_ulong offset)
@@ -415,6 +418,17 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
@@ -399,6 +402,17 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
}
#endif

4
0023-qemu-cvs-gettimeofday.patch → 0022-qemu-cvs-gettimeofday.patch
View File

@ -1,7 +1,7 @@
From 2c1ea2bd2c59d70ca63c1d42230588b4bdeed6fd Mon Sep 17 00:00:00 2001
From c0ce4deb6c2ac843e337b7252fbefc190d625ca5 Mon Sep 17 00:00:00 2001
From: Ulrich Hecht <uli@suse.de>
Date: Tue, 14 Apr 2009 16:25:41 +0200
Subject: [PATCH 23/33] qemu-cvs-gettimeofday
Subject: [PATCH] qemu-cvs-gettimeofday
No clue what this is for.
---

4
0024-qemu-cvs-ioctl_debug.patch → 0023-qemu-cvs-ioctl_debug.patch
View File

@ -1,7 +1,7 @@
From 6d6663f77131b1546e55b5b6548d63f7496d6988 Mon Sep 17 00:00:00 2001
From 6232258009a4735d7f4f53b5589e7ebd90a9885d Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 14 Apr 2009 16:26:33 +0200
Subject: [PATCH 24/33] qemu-cvs-ioctl_debug
Subject: [PATCH] qemu-cvs-ioctl_debug
Extends unsupported ioctl debug output.

4
0025-qemu-cvs-ioctl_nodirection.patch → 0024-qemu-cvs-ioctl_nodirection.patch
View File

@ -1,7 +1,7 @@
From 07d1e1618bb9632bad8d4b6928067711781df1d9 Mon Sep 17 00:00:00 2001
From 926d75fa4b4b5d95d4b0111e3e0af4d983a9d46b Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 14 Apr 2009 16:27:36 +0200
Subject: [PATCH 25/33] qemu-cvs-ioctl_nodirection
Subject: [PATCH] qemu-cvs-ioctl_nodirection
the direction given in the ioctl should be correct so we can assume the
communication is uni-directional. The alsa developers did not like this

4
0026-qemu-img-vmdk-scsi.patch → 0025-qemu-img-vmdk-scsi.patch
View File

@ -1,7 +1,7 @@
From a4eebec448c7cd69fcc589912779fc7df6fca4ea Mon Sep 17 00:00:00 2001
From 90b3180677c5615bafc9a1f8252fbc4af1dc1ae4 Mon Sep 17 00:00:00 2001
From: Ulrich Hecht <uli@suse.de>
Date: Tue, 14 Apr 2009 16:37:42 +0200
Subject: [PATCH 26/33] qemu-img-vmdk-scsi
Subject: [PATCH] qemu-img-vmdk-scsi
Support creation of SCSI VMDK images in qemu-img.

4
0027-qemu-nonvoid_return.patch → 0026-qemu-nonvoid_return.patch
View File

@ -1,7 +1,7 @@
From 9b3ae5bebe9635991156b6e87f61ca204b204345 Mon Sep 17 00:00:00 2001
From 7e6479e0d45e45e888cb79759fd44d6c14be19f4 Mon Sep 17 00:00:00 2001
From: Ulrich Hecht <uli@suse.de>
Date: Tue, 14 Apr 2009 16:38:20 +0200
Subject: [PATCH 27/33] qemu-nonvoid_return
Subject: [PATCH] qemu-nonvoid_return
Squelches GCC warnings about undefined return values.

4
0028-fix-mipsn32-linux-user-builds.patch → 0027-fix-mipsn32-linux-user-builds.patch
View File

@ -1,7 +1,7 @@
From 18b54324078105bd5d23241026bdbc92f1fe22b6 Mon Sep 17 00:00:00 2001
From 164cf539481164978d9fa6ad69eb20cda7dc0e12 Mon Sep 17 00:00:00 2001
From: Ulrich Hecht <uli@suse.de>
Date: Wed, 25 Aug 2010 14:23:43 +0200
Subject: [PATCH 28/33] fix mipsn32*-linux-user builds
Subject: [PATCH] fix mipsn32*-linux-user builds
Signed-off-by: Ulrich Hecht <uli@suse.de>
---

4
0029-Integrating-Dynamips-and-GNS3-UDP-tunnels-Patches.patch → 0028-Integrating-Dynamips-and-GNS3-UDP-tunnels-Patches.patch
View File

@ -1,7 +1,7 @@
From b3f9ab3168e50f1dec4835c0df01869ecf848267 Mon Sep 17 00:00:00 2001
From 15d6a32b38abc6c2f8143ebccfcdd05d204f0fcd Mon Sep 17 00:00:00 2001
From: Benjamin <mlspirat42@gmail.com>
Date: Sat, 8 Oct 2011 07:31:33 +0000
Subject: [PATCH 29/33] Integrating Dynamips and GNS3 UDP tunnels (Patches)
Subject: [PATCH] Integrating Dynamips and GNS3 UDP tunnels (Patches)
On 10/07/11 10:35, Jan Kiszka wrote:
>

4
0030-linux-user-add-binfmt-wrapper-for-argv-0-handling.patch → 0029-linux-user-add-binfmt-wrapper-for-argv-0-handling.patch
View File

@ -1,7 +1,7 @@
From 42ca714385588477429c8ac77c810b310854494b Mon Sep 17 00:00:00 2001
From 47ff084e9af71b217e6f842f720d12fe9e12f2fd Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Fri, 30 Sep 2011 19:40:36 +0200
Subject: [PATCH 30/33] linux-user: add binfmt wrapper for argv[0] handling
Subject: [PATCH] linux-user: add binfmt wrapper for argv[0] handling
When using qemu's linux-user binaries through binfmt, argv[0] gets lost
along the execution because qemu only gets passed in the full file name

4
0031-linux-user-Ignore-timer_create-syscall.patch → 0030-linux-user-Ignore-timer_create-syscall.patch
View File

@ -1,7 +1,7 @@
From a9d80d519385d7c659173a7b12461a2099738c02 Mon Sep 17 00:00:00 2001
From 269d801698bf7640dd325cfb4b195c4a207a07ee Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Sun, 11 Dec 2011 01:19:24 +0100
Subject: [PATCH 31/33] linux-user: Ignore timer_create syscall
Subject: [PATCH] linux-user: Ignore timer_create syscall
We don't implement the timer_create syscall, but shouting out loud
about it breaks some %check tests in OBS, so better ignore it silently.

4
0032-linux-user-be-silent-about-capget-failures.patch → 0031-linux-user-be-silent-about-capget-failures.patch
View File

@ -1,7 +1,7 @@
From 0006edd6319648e5a5eac86b6c7c82d67c4b5cb1 Mon Sep 17 00:00:00 2001
From 36f403e159ecb5fcaeda5346c2df762cc904a91b Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Sun, 11 Dec 2011 01:21:51 +0100
Subject: [PATCH 32/33] linux-user: be silent about capget failures
Subject: [PATCH] linux-user: be silent about capget failures
Complaining about capget doesn't buy us anything, but makes %check
fail in certain builds. So better not complain about its missing

4
0033-PPC-Fix-linker-scripts-on-ppc-hosts.patch → 0032-PPC-Fix-linker-scripts-on-ppc-hosts.patch
View File

@ -1,7 +1,7 @@
From 1dd66fa6bb6c616b91626a51d2dff02692e83fe5 Mon Sep 17 00:00:00 2001
From 4fddaa4befeb3ddb1c14d9b2c882474ba4166940 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 12 Dec 2011 23:16:43 +0100
Subject: [PATCH 33/33] PPC: Fix linker scripts on ppc hosts
Subject: [PATCH] PPC: Fix linker scripts on ppc hosts
When compiling qemu statically with multilib on PPC, we hit the
same issue that commit 845f2c2812d9ed24b36c02a3d06ee83aeafe8b49

44
0033-linux-user-reserve-4GB-of-vmem-for-32-on-64.patch Normal file
View File

@ -0,0 +1,44 @@
From ac233b323ad7e498c665e8c74df7e44de4a542c0 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Wed, 14 Dec 2011 00:33:28 +0100
Subject: [PATCH] linux-user: reserve 4GB of vmem for 32-on-64
When running 32-on-64 bit guests, we should always reserve as much
virtual memory as we possibly can for the guest process, so it can
never overlap with QEMU address space.
Fortunately we already have the infrastructure for that. All that's
missing is some sane default value to also make use of it!
Signed-off-by: Alexander Graf <agraf@suse.de>
---
linux-user/main.c | 11 +++++++++++
1 files changed, 11 insertions(+), 0 deletions(-)
diff --git a/linux-user/main.c b/linux-user/main.c
index 788ff98..3ffee40 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -48,8 +48,19 @@ unsigned long mmap_min_addr;
#if defined(CONFIG_USE_GUEST_BASE)
unsigned long guest_base;
int have_guest_base;
+#if (TARGET_LONG_BITS == 32) && (HOST_LONG_BITS == 64)
+/*
+ * When running 32-on-64 we should make sure we can fit all of the possible
+ * guest address space into a contiguous chunk of virtual host memory.
+ *
+ * This way we will never overlap with our own libraries or binaries or stack
+ * or anything else that QEMU maps.
+ */
+unsigned long reserved_va = 0xf7000000;
+#else
unsigned long reserved_va;
#endif
+#endif
static void usage(void);
extern int use_stopflag;
--
1.6.0.2

34
0034-PPC-KVM-Disable-mmu-notifier-check.patch Normal file
View File

@ -0,0 +1,34 @@
From 96ac7aa8753cb2d79121c5a579a6e93160428a40 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Fri, 6 Jan 2012 01:05:55 +0100
Subject: [PATCH] PPC: KVM: Disable mmu notifier check
When using hugetlbfs (which is required for HV mode KVM on 970), we
check for MMU notifiers that on 970 can not be implemented properly.
So disable the check for mmu notifiers on PowerPC guests, making
KVM guests work there, even if possibly racy in some odd circumstances.
---
exec.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/exec.c b/exec.c
index 6c923f2..9f10868 100644
--- a/exec.c
+++ b/exec.c
@@ -2831,10 +2831,12 @@ static void *file_ram_alloc(RAMBlock *block,
return NULL;
}
+#ifndef TARGET_PPC
if (kvm_enabled() && !kvm_has_sync_mmu()) {
fprintf(stderr, "host lacks kvm mmu notifiers, -mem-path unsupported\n");
return NULL;
}
+#endif
if (asprintf(&filename, "%s/qemu_back_mem.XXXXXX", path) == -1) {
return NULL;
--
1.6.0.2

54
0035-linux-user-improve-fake-proc-self-stat-making-ps.patch Normal file
View File

@ -0,0 +1,54 @@
From 872ebeaa24ed1c4b0c1596a7ad37f2bf2275efb0 Mon Sep 17 00:00:00 2001
From: Fabio Erculiani <lxnay@sabayon.org>
Date: Tue, 3 Jan 2012 09:38:34 +0000
Subject: [PATCH] linux-user: improve fake /proc/self/stat making `ps` not segfault.
With the current fake /proc/self/stat implementation `ps` is
segfaulting because it expects to read PID and argv[0] as first and
second field respectively, with the latter being enclosed between
backets.
Reproducing is as easy as running: `ps` inside qemu-user chroot
with /proc mounted.
Signed-off-by: Fabio Erculiani <lxnay@sabayon.org>
Acked-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
---
linux-user/syscall.c | 19 +++++++++++++++----
1 files changed, 15 insertions(+), 4 deletions(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 9ba51bf..3e8e3dd 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -4678,11 +4678,22 @@ static int open_self_stat(void *cpu_env, int fd)
int len;
uint64_t val = 0;
- if (i == 27) {
- /* stack bottom */
- val = start_stack;
+ if (i == 0) {
+ /* pid */
+ val = getpid();
+ snprintf(buf, sizeof(buf), "%"PRId64 " ", val);
+ } else if (i == 1) {
+ /* app name */
+ snprintf(buf, sizeof(buf), "(%s) ", ts->bprm->argv[0]);
+ } else if (i == 27) {
+ /* stack bottom */
+ val = start_stack;
+ snprintf(buf, sizeof(buf), "%"PRId64 " ", val);
+ } else {
+ /* for the rest, there is MasterCard */
+ snprintf(buf, sizeof(buf), "0%c", i == 43 ? '\n' : ' ');
}
- snprintf(buf, sizeof(buf), "%"PRId64 "%c", val, i == 43 ? '\n' : ' ');
+
len = strlen(buf);
if (write(fd, buf, len) != len) {
return -1;
--
1.6.0.2

37
0036-linux-user-target_argv-is-placed-on-ts-bprm-argv.patch Normal file
View File

@ -0,0 +1,37 @@
From 7dc45b21c5ef8a9445463f8d3754e502621192a7 Mon Sep 17 00:00:00 2001
From: Fabio Erculiani <lxnay@sabayon.org>
Date: Tue, 3 Jan 2012 09:38:35 +0000
Subject: [PATCH] linux-user: target_argv is placed on ts->bprm->argv and can't be freed()
TaskState contains linux_bprm struct which encapsulates argv among
other things.
argv might be used around the code and is expected to contain valid
data. Before this patch, ts->bprm->argv was NULL due to it being
freed right after loader_exec().
Signed-off-by: Fabio Erculiani <lxnay@sabayon.org>
Acked-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
---
linux-user/main.c | 5 -----
1 files changed, 0 insertions(+), 5 deletions(-)
diff --git a/linux-user/main.c b/linux-user/main.c
index 3ffee40..6a5dfde 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -3503,11 +3503,6 @@ int main(int argc, char **argv, char **envp)
_exit(1);
}
- for (i = 0; i < target_argc; i++) {
- free(target_argv[i]);
- }
- free(target_argv);
-
for (wrk = target_environ; *wrk; wrk++) {
free(*wrk);
}
--
1.6.0.2

33
0037-PPC-KVM-Ignore-SET_ONE_REG-failures.patch Normal file
View File

@ -0,0 +1,33 @@
From 0d04677df6aabf7404c7bbe454d7be973a773bb0 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 10 Jan 2012 16:25:27 +0100
Subject: [PATCH] PPC: KVM: Ignore SET_ONE_REG failures
The SET_ONE_REG interface didn't make it upstream in the form that is used
in qemu-1.0, so the code won't work. Make the error a warning, so we can
at least use the HV target.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
target-ppc/kvm.c | 5 ++++-
1 files changed, 4 insertions(+), 1 deletions(-)
diff --git a/target-ppc/kvm.c b/target-ppc/kvm.c
index 429349f..a03e99c 100644
--- a/target-ppc/kvm.c
+++ b/target-ppc/kvm.c
@@ -759,7 +759,10 @@ void kvmppc_set_papr(CPUState *env)
reg.u.reg64 = env->spr[SPR_HIOR];
ret = kvm_vcpu_ioctl(env, KVM_SET_ONE_REG, &reg);
if (ret) {
- goto fail;
+ fprintf(stderr, "Couldn't set HIOR. Maybe you're running an old \n"
+ "kernel with support for HV KVM but no PAPR PR \n"
+ "KVM in which case things will work. If they don't \n"
+ "please update your host kernel!\n");
}
/* Set SDR1 so kernel space finds the HTAB */
--
1.6.0.2

29
0038-PPC-KVM-Ignore-ENABLE_PAPR-to-support-very-old-HV.patch Normal file
View File

@ -0,0 +1,29 @@
From 9ef61f2a197f9dbae104fc1d18634c29d91b4a4e Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 10 Jan 2012 17:03:02 +0100
Subject: [PATCH] PPC: KVM: Ignore ENABLE_PAPR to support very old HV KVM kernels
Very old kernels (3.1) didn't expose the PAPR capability yet, but still
did work with HV KVM. Make the error a warning so we can work on them.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
target-ppc/kvm.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/target-ppc/kvm.c b/target-ppc/kvm.c
index a03e99c..923677c 100644
--- a/target-ppc/kvm.c
+++ b/target-ppc/kvm.c
@@ -745,7 +745,7 @@ void kvmppc_set_papr(CPUState *env)
ret = kvm_vcpu_ioctl(env, KVM_ENABLE_CAP, &cap);
if (ret) {
- goto fail;
+ fprintf(stderr, "You're running a very old kernel. Expect breakage!\n");
}
/*
--
1.6.0.2

39
0039-console-Fix-segfault-on-screendump-without-VGA-adap.patch Normal file
View File

@ -0,0 +1,39 @@
From 2b0fc5def570362c27ce526b8a08529a6ae22362 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Fri, 18 Nov 2011 16:41:59 +0100
Subject: [PATCH] console: Fix segfault on screendump without VGA adapter
When trying to create a screen dump without having any VGA adapter
inside the guest, QEMU segfaults.
This is because it's trying to switch back to the "previous" screen
it was on before dumping the VGA screen. Unfortunately, in my case
there simply is no previous screen so it accesses a NULL pointer.
Fix it by checking if previous_active_console is actually available.
This is 1.0 material.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
console.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/console.c b/console.c
index f6fe441..ed6a653 100644
--- a/console.c
+++ b/console.c
@@ -186,7 +186,9 @@ void vga_hw_screen_dump(const char *filename)
consoles[0]->hw_screen_dump(consoles[0]->hw, filename);
}
- console_select(previous_active_console->index);
+ if (previous_active_console) {
+ console_select(previous_active_console->index);
+ }
}
void vga_hw_text_update(console_ch_t *chardata)
--
1.6.0.2

33
0040-pseries-Fix-array-overrun-bug-in-PCI-code.patch Normal file
View File

@ -0,0 +1,33 @@
From 632e46dfa29a19ba656a5580b610fda0003cf3b0 Mon Sep 17 00:00:00 2001
From: David Gibson <david@gibson.dropbear.id.au>
Date: Mon, 28 Nov 2011 20:21:39 +0000
Subject: [PATCH] pseries: Fix array overrun bug in PCI code
spapr_populate_pci_devices() containd a loop with PCI_NUM_REGIONS (7)
iterations. However this overruns the 'bars' global array, which only has
6 elements. In fact we only want to run this loop for things listed in the
bars array, so this patch corrects the loop bounds to reflect that.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
(cherry picked from commit 135712de61dfa22368e98914d65b8b0860ec8505)
---
hw/spapr_pci.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/hw/spapr_pci.c b/hw/spapr_pci.c
index 7162588..9b6a032 100644
--- a/hw/spapr_pci.c
+++ b/hw/spapr_pci.c
@@ -454,7 +454,7 @@ int spapr_populate_pci_devices(sPAPRPHBState *phb,
reg[0].size = 0;
n = 0;
- for (i = 0; i < PCI_NUM_REGIONS; ++i) {
+ for (i = 0; i < ARRAY_SIZE(bars); ++i) {
if (0 == dev->io_regions[i].size) {
continue;
}
--
1.6.0.2

45
0041-kvm-ppc-halt-secondary-cpus-when-guest-reset.patch Normal file
View File

@ -0,0 +1,45 @@
From 0ae672e84c7f722aebdcca35f1573e7b6f83fddd Mon Sep 17 00:00:00 2001
From: Liu Yu-B13201 <Yu.Liu@freescale.com>
Date: Mon, 28 Nov 2011 20:41:18 +0000
Subject: [PATCH] kvm-ppc: halt secondary cpus when guest reset
When guest reset, we need to halt secondary cpus until guest kick them.
This already works for tcg. The patch add the support for kvm.
Signed-off-by: Liu Yu <yu.liu@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
[agraf: remove in-kernel irqchip code]
(cherry picked from commit 157feeadbaec09fe4dca539a24f6f6d327d6eeb6)
---
hw/ppce500_spin.c | 1 +
target-ppc/kvm.c | 2 +-
2 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/hw/ppce500_spin.c b/hw/ppce500_spin.c
index cccd940..2b52728 100644
--- a/hw/ppce500_spin.c
+++ b/hw/ppce500_spin.c
@@ -112,6 +112,7 @@ static void spin_kick(void *data)
env->halted = 0;
env->exception_index = -1;
+ env->stopped = 0;
qemu_cpu_kick(env);
}
diff --git a/target-ppc/kvm.c b/target-ppc/kvm.c
index 923677c..9541626 100644
--- a/target-ppc/kvm.c
+++ b/target-ppc/kvm.c
@@ -504,7 +504,7 @@ void kvm_arch_post_run(CPUState *env, struct kvm_run *run)
int kvm_arch_process_async_events(CPUState *env)
{
- return 0;
+ return env->halted;
}
static int kvmppc_handle_halt(CPUState *env)
--
1.6.0.2

101
0042-pseries-Emit-device-tree-nodes-in-reg-order.patch Normal file
View File

@ -0,0 +1,101 @@
From 7fe6b9bf81290f708919ffb6065daa16e5dbe7e3 Mon Sep 17 00:00:00 2001
From: David Gibson <david@gibson.dropbear.id.au>
Date: Mon, 12 Dec 2011 18:24:32 +0000
Subject: [PATCH] pseries: Emit device tree nodes in reg order
Although in theory the device tree has no inherent ordering, in practice
the order of nodes in the device tree does effect the order that devices
are detected by software.
Currently the ordering is determined by the order the devices appear on
the QEMU command line. Although that does give the user control over the
ordering, it is fragile, especially when the user does not generate the
command line manually - eg. when using libvirt etc.
So order the device tree based on the reg value, ie. the address of on
the VIO bus of the devices. This gives us a sane and stable ordering.
Signed-off-by: Michael Ellerman <michael@ellerman.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
[agraf] add braces
(cherry picked from commit 05c194384f836240ea4c2da5fa3be43a54bff021)
---
hw/spapr_vio.c | 50 +++++++++++++++++++++++++++++++++++++++++++++-----
1 files changed, 45 insertions(+), 5 deletions(-)
diff --git a/hw/spapr_vio.c b/hw/spapr_vio.c
index 2dcc036..8bd00ca 100644
--- a/hw/spapr_vio.c
+++ b/hw/spapr_vio.c
@@ -749,21 +749,61 @@ static void spapr_vio_register_devices(void)
device_init(spapr_vio_register_devices)
#ifdef CONFIG_FDT
+static int compare_reg(const void *p1, const void *p2)
+{
+ VIOsPAPRDevice const *dev1, *dev2;
+
+ dev1 = (VIOsPAPRDevice *)*(DeviceState **)p1;
+ dev2 = (VIOsPAPRDevice *)*(DeviceState **)p2;
+
+ if (dev1->reg < dev2->reg) {
+ return -1;
+ }
+ if (dev1->reg == dev2->reg) {
+ return 0;
+ }
+
+ /* dev1->reg > dev2->reg */
+ return 1;
+}
+
int spapr_populate_vdevice(VIOsPAPRBus *bus, void *fdt)
{
- DeviceState *qdev;
- int ret = 0;
+ DeviceState *qdev, **qdevs;
+ int i, num, ret = 0;
+ /* Count qdevs on the bus list */
+ num = 0;
QTAILQ_FOREACH(qdev, &bus->bus.children, sibling) {
- VIOsPAPRDevice *dev = (VIOsPAPRDevice *)qdev;
+ num++;
+ }
+
+ /* Copy out into an array of pointers */
+ qdevs = g_malloc(sizeof(qdev) * num);
+ num = 0;
+ QTAILQ_FOREACH(qdev, &bus->bus.children, sibling) {
+ qdevs[num++] = qdev;
+ }
+
+ /* Sort the array */
+ qsort(qdevs, num, sizeof(qdev), compare_reg);
+
+ /* Hack alert. Give the devices to libfdt in reverse order, we happen
+ * to know that will mean they are in forward order in the tree. */
+ for (i = num - 1; i >= 0; i--) {
+ VIOsPAPRDevice *dev = (VIOsPAPRDevice *)(qdevs[i]);
ret = vio_make_devnode(dev, fdt);
if (ret < 0) {
- return ret;
+ goto out;
}
}
- return 0;
+ ret = 0;
+out:
+ free(qdevs);
+
+ return ret;
}
#endif /* CONFIG_FDT */
--
1.6.0.2

97
0043-pseries-Add-a-routine-to-find-a-stable-default-vt.patch Normal file
View File

@ -0,0 +1,97 @@
From 2f5760ec14a8f595c347f8a6ad2f8b6adfc20bc2 Mon Sep 17 00:00:00 2001
From: David Gibson <david@gibson.dropbear.id.au>
Date: Mon, 12 Dec 2011 18:24:33 +0000
Subject: [PATCH] pseries: Add a routine to find a stable "default" vty and use it
In vty_lookup() we have a special case for supporting early debug in
the kernel. This accepts reg == 0 as a special case to mean "any vty".
We implement this by searching the vtys on the bus and returning the
first we find. This means that the vty we chose depends on the order
the vtys are specified on the QEMU command line - because that determines
the order of the vtys on the bus.
We'd rather the command line order was irrelevant, so instead return
the vty with the lowest reg value. This is still a guess as to what the
user really means, but it is at least stable WRT command line ordering.
Signed-off-by: Michael Ellerman <michael@ellerman.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
[agraf] fix braces
(cherry picked from commit 98331f8ad6a3e2cfbb402d72e6be47eac7706251)
---
hw/spapr_vty.c | 47 ++++++++++++++++++++++++++++++++++++++---------
1 files changed, 38 insertions(+), 9 deletions(-)
diff --git a/hw/spapr_vty.c b/hw/spapr_vty.c
index f23cc36..e2fec58 100644
--- a/hw/spapr_vty.c
+++ b/hw/spapr_vty.c
@@ -156,24 +156,53 @@ static VIOsPAPRDeviceInfo spapr_vty = {
},
};
+static VIOsPAPRDevice *spapr_vty_get_default(VIOsPAPRBus *bus)
+{
+ VIOsPAPRDevice *sdev, *selected;
+ DeviceState *iter;
+
+ /*
+ * To avoid the console bouncing around we want one VTY to be
+ * the "default". We haven't really got anything to go on, so
+ * arbitrarily choose the one with the lowest reg value.
+ */
+
+ selected = NULL;
+ QTAILQ_FOREACH(iter, &bus->bus.children, sibling) {
+ /* Only look at VTY devices */
+ if (iter->info != &spapr_vty.qdev) {
+ continue;
+ }
+
+ sdev = DO_UPCAST(VIOsPAPRDevice, qdev, iter);
+
+ /* First VTY we've found, so it is selected for now */
+ if (!selected) {
+ selected = sdev;
+ continue;
+ }
+
+ /* Choose VTY with lowest reg value */
+ if (sdev->reg < selected->reg) {
+ selected = sdev;
+ }
+ }
+
+ return selected;
+}
+
static VIOsPAPRDevice *vty_lookup(sPAPREnvironment *spapr, target_ulong reg)
{
VIOsPAPRDevice *sdev;
sdev = spapr_vio_find_by_reg(spapr->vio_bus, reg);
if (!sdev && reg == 0) {
- DeviceState *qdev;
-
/* Hack for kernel early debug, which always specifies reg==0.
- * We search all VIO devices, and grab the first available vty
- * device. This attempts to mimic existing PowerVM behaviour
+ * We search all VIO devices, and grab the vty with the lowest
+ * reg. This attempts to mimic existing PowerVM behaviour
* (early debug does work there, despite having no vty with
* reg==0. */
- QTAILQ_FOREACH(qdev, &spapr->vio_bus->bus.children, sibling) {
- if (qdev->info == &spapr_vty.qdev) {
- return DO_UPCAST(VIOsPAPRDevice, qdev, qdev);
- }
- }
+ return spapr_vty_get_default(spapr->vio_bus);
}
return sdev;
--
1.6.0.2

119
0044-pseries-Populate-chosen-linux-stdout-path-in-the.patch Normal file
View File

@ -0,0 +1,119 @@
From cdec03dc7bb33b4ebf5bd286338e5c50be77a055 Mon Sep 17 00:00:00 2001
From: David Gibson <david@gibson.dropbear.id.au>
Date: Tue, 13 Dec 2011 15:24:34 +1100
Subject: [PATCH] pseries: Populate "/chosen/linux,stdout-path" in the FDT
There is a device tree property "/chosen/linux,stdout-path" which indicates
which device should be used as stdout - ie. "the console".
Currently we don't specify anything, which means both firmware and Linux
choose something arbitrarily. Use the routine we added in the last patch
to pick a default vty and specify it as stdout.
Currently SLOF doesn't use the property, but we are hoping to update it
to do so.
Signed-off-by: Michael Ellerman <michael@ellerman.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
(cherry picked from commit 68f3a94c64bbaaf8c7f2daa70de1b5d87a432f86)
---
hw/spapr.c | 2 ++
hw/spapr_vio.c | 34 ++++++++++++++++++++++++++++++++++
hw/spapr_vio.h | 3 +++
hw/spapr_vty.c | 2 +-
4 files changed, 40 insertions(+), 1 deletions(-)
diff --git a/hw/spapr.c b/hw/spapr.c
index 2b901f1..5a98d86 100644
--- a/hw/spapr.c
+++ b/hw/spapr.c
@@ -351,6 +351,8 @@ static void spapr_finalize_fdt(sPAPREnvironment *spapr,
fprintf(stderr, "Couldn't set up RTAS device tree properties\n");
}
+ spapr_populate_chosen_stdout(fdt, spapr->vio_bus);
+
_FDT((fdt_pack(fdt)));
cpu_physical_memory_write(fdt_addr, fdt, fdt_totalsize(fdt));
diff --git a/hw/spapr_vio.c b/hw/spapr_vio.c
index 8bd00ca..464fe87 100644
--- a/hw/spapr_vio.c
+++ b/hw/spapr_vio.c
@@ -806,4 +806,38 @@ out:
return ret;
}
+
+int spapr_populate_chosen_stdout(void *fdt, VIOsPAPRBus *bus)
+{
+ VIOsPAPRDevice *dev;
+ char *name, *path;
+ int ret, offset;
+
+ dev = spapr_vty_get_default(bus);
+ if (!dev)
+ return 0;
+
+ offset = fdt_path_offset(fdt, "/chosen");
+ if (offset < 0) {
+ return offset;
+ }
+
+ name = vio_format_dev_name(dev);
+ if (!name) {
+ return -ENOMEM;
+ }
+
+ if (asprintf(&path, "/vdevice/%s", name) < 0) {
+ path = NULL;
+ ret = -ENOMEM;
+ goto out;
+ }
+
+ ret = fdt_setprop_string(fdt, offset, "linux,stdout-path", path);
+out:
+ free(name);
+ free(path);
+
+ return ret;
+}
#endif /* CONFIG_FDT */
diff --git a/hw/spapr_vio.h b/hw/spapr_vio.h
index a325a5f..9fcd304 100644
--- a/hw/spapr_vio.h
+++ b/hw/spapr_vio.h
@@ -83,6 +83,7 @@ extern VIOsPAPRBus *spapr_vio_bus_init(void);
extern VIOsPAPRDevice *spapr_vio_find_by_reg(VIOsPAPRBus *bus, uint32_t reg);
extern void spapr_vio_bus_register_withprop(VIOsPAPRDeviceInfo *info);
extern int spapr_populate_vdevice(VIOsPAPRBus *bus, void *fdt);
+extern int spapr_populate_chosen_stdout(void *fdt, VIOsPAPRBus *bus);
extern int spapr_vio_signal(VIOsPAPRDevice *dev, target_ulong mode);
@@ -108,6 +109,8 @@ void spapr_vty_create(VIOsPAPRBus *bus, uint32_t reg, CharDriverState *chardev);
void spapr_vlan_create(VIOsPAPRBus *bus, uint32_t reg, NICInfo *nd);
void spapr_vscsi_create(VIOsPAPRBus *bus, uint32_t reg);
+VIOsPAPRDevice *spapr_vty_get_default(VIOsPAPRBus *bus);
+
int spapr_tce_set_bypass(uint32_t unit, uint32_t enable);
void spapr_vio_quiesce(void);
diff --git a/hw/spapr_vty.c b/hw/spapr_vty.c
index e2fec58..386ccf7 100644
--- a/hw/spapr_vty.c
+++ b/hw/spapr_vty.c
@@ -156,7 +156,7 @@ static VIOsPAPRDeviceInfo spapr_vty = {
},
};
-static VIOsPAPRDevice *spapr_vty_get_default(VIOsPAPRBus *bus)
+VIOsPAPRDevice *spapr_vty_get_default(VIOsPAPRBus *bus)
{
VIOsPAPRDevice *sdev, *selected;
DeviceState *iter;
--
1.6.0.2

67
0045-linux-user-fix-segfault-deadlock.patch Normal file
View File

@ -0,0 +1,67 @@
From 8be1f86952a0239c1d9e89e47bc25831b1804570 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Fri, 13 Jan 2012 17:05:41 +0100
Subject: [PATCH] linux-user: fix segfault deadlock
When entering the guest we take a lock to ensure that nobody else messes
with our TB chaining while we're doing it. If we get a segfault inside that
code, we manage to work on, but will not unlock the lock.
This patch forces unlocking of that lock in the segv handler. I'm not sure
this is the right approach though. Maybe we should rather make sure we don't
segfault in the code? I would greatly appreciate someone more intelligible
than me to look at this :).
Example code to trigger this is at: http://csgraf.de/tmp/conftest.c
Reported-by: Fabio Erculiani <lxnay@sabayon.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
---
qemu-lock.h | 10 ++++++++++
user-exec.c | 4 ++++
2 files changed, 14 insertions(+), 0 deletions(-)
diff --git a/qemu-lock.h b/qemu-lock.h
index a72edda..e460e12 100644
--- a/qemu-lock.h
+++ b/qemu-lock.h
@@ -24,6 +24,12 @@
#include <pthread.h>
#define spin_lock pthread_mutex_lock
#define spin_unlock pthread_mutex_unlock
+static inline void spin_unlock_safe(pthread_mutex_t *lock)
+{
+ /* unlocking an unlocked mutex results in undefined behavior */
+ pthread_mutex_trylock(lock);
+ pthread_mutex_unlock(lock);
+}
#define spinlock_t pthread_mutex_t
#define SPIN_LOCK_UNLOCKED PTHREAD_MUTEX_INITIALIZER
@@ -46,4 +52,8 @@ static inline void spin_unlock(spinlock_t *lock)
{
}
+static inline void spin_unlock_safe(spinlock_t *lock)
+{
+}
+
#endif
diff --git a/user-exec.c b/user-exec.c
index abf6885..2826bd1 100644
--- a/user-exec.c
+++ b/user-exec.c
@@ -96,6 +96,10 @@ static inline int handle_cpu_signal(unsigned long pc, unsigned long address,
qemu_printf("qemu: SIGSEGV pc=0x%08lx address=%08lx w=%d oldset=0x%08lx\n",
pc, address, is_write, *(unsigned long *)old_set);
#endif
+
+ /* Maybe we're still holding the TB fiddling lock? */
+ spin_unlock_safe(&tb_lock);
+
/* XXX: locking issue */
if (is_write && page_unprotect(h2g(address), pc, puc)) {
return 1;
--
1.6.0.2

380
0046-linux-user-implement-device-mapper-ioctls.patch Normal file
View File

@ -0,0 +1,380 @@
From df8bec1f09754015f3b43591e1b8e9de70910c9a Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 31 Jan 2012 18:42:06 +0100
Subject: [PATCH] linux-user: implement device mapper ioctls
This patch implements all ioctls currently implemented by device mapper,
enabling us to run dmsetup and kpartx inside of linux-user.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
linux-user/ioctls.h | 33 +++++++
linux-user/syscall.c | 226 ++++++++++++++++++++++++++++++++++++++++++++
linux-user/syscall_defs.h | 18 ++++
linux-user/syscall_types.h | 36 +++++++
4 files changed, 313 insertions(+), 0 deletions(-)
diff --git a/linux-user/ioctls.h b/linux-user/ioctls.h
index 224dbc6..05b7290 100644
--- a/linux-user/ioctls.h
+++ b/linux-user/ioctls.h
@@ -350,3 +350,36 @@
IOCTL(VT_SETMODE, IOC_RW, MK_PTR(MK_STRUCT(STRUCT_vt_mode)))
IOCTL(VT_RELDISP, 0, TYPE_INT)
IOCTL(VT_DISALLOCATE, 0, TYPE_INT)
+
+ IOCTL(DM_VERSION, IOC_RW, MK_PTR(MK_STRUCT(STRUCT_dm_ioctl)))
+ IOCTL_SPECIAL(DM_REMOVE_ALL, IOC_RW, do_ioctl_dm,
+ MK_PTR(MK_STRUCT(STRUCT_dm_ioctl)))
+ IOCTL_SPECIAL(DM_LIST_DEVICES, IOC_RW, do_ioctl_dm,
+ MK_PTR(MK_STRUCT(STRUCT_dm_ioctl)))
+ IOCTL_SPECIAL(DM_DEV_CREATE, IOC_RW, do_ioctl_dm,
+ MK_PTR(MK_STRUCT(STRUCT_dm_ioctl)))
+ IOCTL_SPECIAL(DM_DEV_REMOVE, IOC_RW, do_ioctl_dm,
+ MK_PTR(MK_STRUCT(STRUCT_dm_ioctl)))
+ IOCTL_SPECIAL(DM_DEV_RENAME, IOC_RW, do_ioctl_dm,
+ MK_PTR(MK_STRUCT(STRUCT_dm_ioctl)))
+ IOCTL_SPECIAL(DM_DEV_SUSPEND, IOC_RW, do_ioctl_dm,
+ MK_PTR(MK_STRUCT(STRUCT_dm_ioctl)))
+ IOCTL_SPECIAL(DM_DEV_STATUS, IOC_RW, do_ioctl_dm,
+ MK_PTR(MK_STRUCT(STRUCT_dm_ioctl)))
+ IOCTL_SPECIAL(DM_DEV_WAIT, IOC_RW, do_ioctl_dm,
+ MK_PTR(MK_STRUCT(STRUCT_dm_ioctl)))
+ IOCTL_SPECIAL(DM_TABLE_LOAD, IOC_RW, do_ioctl_dm,
+ MK_PTR(MK_STRUCT(STRUCT_dm_ioctl)))
+ IOCTL_SPECIAL(DM_TABLE_CLEAR, IOC_RW, do_ioctl_dm,
+ MK_PTR(MK_STRUCT(STRUCT_dm_ioctl)))
+ IOCTL_SPECIAL(DM_TABLE_DEPS, IOC_RW, do_ioctl_dm,
+ MK_PTR(MK_STRUCT(STRUCT_dm_ioctl)))
+ IOCTL_SPECIAL(DM_TABLE_STATUS, IOC_RW, do_ioctl_dm,
+ MK_PTR(MK_STRUCT(STRUCT_dm_ioctl)))
+ IOCTL_SPECIAL(DM_LIST_VERSIONS,IOC_RW, do_ioctl_dm,
+ MK_PTR(MK_STRUCT(STRUCT_dm_ioctl)))
+ IOCTL_SPECIAL(DM_TARGET_MSG, IOC_RW, do_ioctl_dm,
+ MK_PTR(MK_STRUCT(STRUCT_dm_ioctl)))
+ IOCTL_SPECIAL(DM_DEV_SET_GEOMETRY, IOC_RW, do_ioctl_dm,
+ MK_PTR(MK_STRUCT(STRUCT_dm_ioctl)))
+
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 3e8e3dd..7a20af4 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -95,6 +95,7 @@ int __clone2(int (*fn)(void *), void *child_stack_base,
#endif
#include <linux/fb.h>
#include <linux/vt.h>
+#include <linux/dm-ioctl.h>
#include "linux_loop.h"
#include "cpu-uname.h"
@@ -3320,6 +3321,231 @@ static abi_long do_ioctl_ifconf(const IOCTLEntry *ie, uint8_t *buf_temp,
return ret;
}
+static abi_long do_ioctl_dm(const IOCTLEntry *ie, uint8_t *buf_temp, int fd,
+ abi_long cmd, abi_long arg)
+{
+ void *argptr;
+ struct dm_ioctl *host_dm;
+ abi_long guest_data;
+ uint32_t guest_data_size;
+ int target_size;
+ const argtype *arg_type = ie->arg_type;
+ abi_long ret;
+ void *big_buf = NULL;
+ char *host_data;
+
+ arg_type++;
+ target_size = thunk_type_size(arg_type, 0);
+ argptr = lock_user(VERIFY_READ, arg, target_size, 1);
+ if (!argptr) {
+ ret = -TARGET_EFAULT;
+ goto out;
+ }
+ thunk_convert(buf_temp, argptr, arg_type, THUNK_HOST);
+ unlock_user(argptr, arg, 0);
+
+ /* buf_temp is too small, so fetch things into a bigger buffer */
+ big_buf = g_malloc0(((struct dm_ioctl*)buf_temp)->data_size * 2);
+ memcpy(big_buf, buf_temp, target_size);
+ buf_temp = big_buf;
+ host_dm = big_buf;
+
+ guest_data = arg + host_dm->data_start;
+ if ((guest_data - arg) < 0) {
+ ret = -EINVAL;
+ goto out;
+ }
+ guest_data_size = host_dm->data_size - host_dm->data_start;
+ host_data = (char*)host_dm + host_dm->data_start;
+
+ argptr = lock_user(VERIFY_READ, guest_data, guest_data_size, 1);
+ switch (ie->host_cmd) {
+ case DM_REMOVE_ALL:
+ case DM_LIST_DEVICES:
+ case DM_DEV_CREATE:
+ case DM_DEV_REMOVE:
+ case DM_DEV_SUSPEND:
+ case DM_DEV_STATUS:
+ case DM_DEV_WAIT:
+ case DM_TABLE_STATUS:
+ case DM_TABLE_CLEAR:
+ case DM_TABLE_DEPS:
+ case DM_LIST_VERSIONS:
+ /* no input data */
+ break;
+ case DM_DEV_RENAME:
+ case DM_DEV_SET_GEOMETRY:
+ /* data contains only strings */
+ memcpy(host_data, argptr, guest_data_size);
+ break;
+ case DM_TARGET_MSG:
+ memcpy(host_data, argptr, guest_data_size);
+ *(uint64_t*)host_data = tswap64(*(uint64_t*)argptr);
+ break;
+ case DM_TABLE_LOAD:
+ {
+ void *gspec = argptr;
+ void *cur_data = host_data;
+ const argtype arg_type[] = { MK_STRUCT(STRUCT_dm_target_spec) };
+ int spec_size = thunk_type_size(arg_type, 0);
+ int i;
+
+ for (i = 0; i < host_dm->target_count; i++) {
+ struct dm_target_spec *spec = cur_data;
+ uint32_t next;
+ int slen;
+
+ thunk_convert(spec, gspec, arg_type, THUNK_HOST);
+ slen = strlen((char*)gspec + spec_size) + 1;
+ next = spec->next;
+ spec->next = sizeof(*spec) + slen;
+ strcpy((char*)&spec[1], gspec + spec_size);
+ gspec += next;
+ cur_data += spec->next;
+ }
+ break;
+ }
+ default:
+ ret = -TARGET_EINVAL;
+ goto out;
+ }
+ unlock_user(argptr, guest_data, 0);
+
+ ret = get_errno(ioctl(fd, ie->host_cmd, buf_temp));
+ if (!is_error(ret)) {
+ guest_data = arg + host_dm->data_start;
+ guest_data_size = host_dm->data_size - host_dm->data_start;
+ argptr = lock_user(VERIFY_WRITE, guest_data, guest_data_size, 0);
+ switch (ie->host_cmd) {
+ case DM_REMOVE_ALL:
+ case DM_DEV_CREATE:
+ case DM_DEV_REMOVE:
+ case DM_DEV_RENAME:
+ case DM_DEV_SUSPEND:
+ case DM_DEV_STATUS:
+ case DM_TABLE_LOAD:
+ case DM_TABLE_CLEAR:
+ case DM_TARGET_MSG:
+ case DM_DEV_SET_GEOMETRY:
+ /* no return data */
+ break;
+ case DM_LIST_DEVICES:
+ {
+ struct dm_name_list *nl = (void*)host_dm + host_dm->data_start;
+ uint32_t remaining_data = guest_data_size;
+ void *cur_data = argptr;
+ const argtype arg_type[] = { MK_STRUCT(STRUCT_dm_name_list) };
+ int nl_size = 12; /* can't use thunk_size due to alignment */
+
+ while (1) {
+ uint32_t next = nl->next;
+ if (next) {
+ nl->next = nl_size + (strlen(nl->name) + 1);
+ }
+ if (remaining_data < nl->next) {
+ host_dm->flags |= DM_BUFFER_FULL_FLAG;
+ break;
+ }
+ thunk_convert(cur_data, nl, arg_type, THUNK_TARGET);
+ strcpy(cur_data + nl_size, nl->name);
+ cur_data += nl->next;
+ remaining_data -= nl->next;
+ if (!next) {
+ break;
+ }
+ nl = (void*)nl + next;
+ }
+ break;
+ }
+ case DM_DEV_WAIT:
+ case DM_TABLE_STATUS:
+ {
+ struct dm_target_spec *spec = (void*)host_dm + host_dm->data_start;
+ void *cur_data = argptr;
+ const argtype arg_type[] = { MK_STRUCT(STRUCT_dm_target_spec) };
+ int spec_size = thunk_type_size(arg_type, 0);
+ int i;
+
+ for (i = 0; i < host_dm->target_count; i++) {
+ uint32_t next = spec->next;
+ int slen = strlen((char*)&spec[1]) + 1;
+ spec->next = (cur_data - argptr) + spec_size + slen;
+ if (guest_data_size < spec->next) {
+ host_dm->flags |= DM_BUFFER_FULL_FLAG;
+ break;
+ }
+ thunk_convert(cur_data, spec, arg_type, THUNK_TARGET);
+ strcpy(cur_data + spec_size, (char*)&spec[1]);
+ cur_data = argptr + spec->next;
+ spec = (void*)host_dm + host_dm->data_start + next;
+ }
+ break;
+ }
+ case DM_TABLE_DEPS:
+ {
+ void *hdata = (void*)host_dm + host_dm->data_start;
+ int count = *(uint32_t*)hdata;
+ uint64_t *hdev = hdata + 8;
+ uint64_t *gdev = argptr + 8;
+ int i;
+
+ *(uint32_t*)argptr = tswap32(count);
+ for (i = 0; i < count; i++) {
+ *gdev = tswap64(*hdev);
+ gdev++;
+ hdev++;
+ }
+ break;
+ }
+ case DM_LIST_VERSIONS:
+ {
+ struct dm_target_versions *vers = (void*)host_dm + host_dm->data_start;
+ uint32_t remaining_data = guest_data_size;
+ void *cur_data = argptr;
+ const argtype arg_type[] = { MK_STRUCT(STRUCT_dm_target_versions) };
+ int vers_size = thunk_type_size(arg_type, 0);
+
+ while (1) {
+ uint32_t next = vers->next;
+ if (next) {
+ vers->next = vers_size + (strlen(vers->name) + 1);
+ }
+ if (remaining_data < vers->next) {
+ host_dm->flags |= DM_BUFFER_FULL_FLAG;
+ break;
+ }
+ thunk_convert(cur_data, vers, arg_type, THUNK_TARGET);
+ strcpy(cur_data + vers_size, vers->name);
+ cur_data += vers->next;
+ remaining_data -= vers->next;
+ if (!next) {
+ break;
+ }
+ vers = (void*)vers + next;
+ }
+ break;
+ }
+ default:
+ ret = -TARGET_EINVAL;
+ goto out;
+ }
+ unlock_user(argptr, guest_data, guest_data_size);
+
+ argptr = lock_user(VERIFY_WRITE, arg, target_size, 0);
+ if (!argptr) {
+ ret = -TARGET_EFAULT;
+ goto out;
+ }
+ thunk_convert(argptr, buf_temp, arg_type, THUNK_TARGET);
+ unlock_user(argptr, arg, target_size);
+ }
+out:
+ if (big_buf) {
+ free(big_buf);
+ }
+ return ret;
+}
+
static IOCTLEntry ioctl_entries[] = {
#define IOCTL(cmd, access, ...) \
{ TARGET_ ## cmd, cmd, #cmd, access, 0, { __VA_ARGS__ } },
diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
index f0acc72..c8b57c9 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h
@@ -989,6 +989,24 @@ struct target_pollfd {
#define TARGET_VT_RELDISP 0x5605
#define TARGET_VT_DISALLOCATE 0x5608
+/* device mapper */
+#define TARGET_DM_VERSION TARGET_IOWRU(0xfd, 0x00)
+#define TARGET_DM_REMOVE_ALL TARGET_IOWRU(0xfd, 0x01)
+#define TARGET_DM_LIST_DEVICES TARGET_IOWRU(0xfd, 0x02)
+#define TARGET_DM_DEV_CREATE TARGET_IOWRU(0xfd, 0x03)
+#define TARGET_DM_DEV_REMOVE TARGET_IOWRU(0xfd, 0x04)
+#define TARGET_DM_DEV_RENAME TARGET_IOWRU(0xfd, 0x05)
+#define TARGET_DM_DEV_SUSPEND TARGET_IOWRU(0xfd, 0x06)
+#define TARGET_DM_DEV_STATUS TARGET_IOWRU(0xfd, 0x07)
+#define TARGET_DM_DEV_WAIT TARGET_IOWRU(0xfd, 0x08)
+#define TARGET_DM_TABLE_LOAD TARGET_IOWRU(0xfd, 0x09)
+#define TARGET_DM_TABLE_CLEAR TARGET_IOWRU(0xfd, 0x0a)
+#define TARGET_DM_TABLE_DEPS TARGET_IOWRU(0xfd, 0x0b)
+#define TARGET_DM_TABLE_STATUS TARGET_IOWRU(0xfd, 0x0c)
+#define TARGET_DM_LIST_VERSIONS TARGET_IOWRU(0xfd, 0x0d)
+#define TARGET_DM_TARGET_MSG TARGET_IOWRU(0xfd, 0x0e)
+#define TARGET_DM_DEV_SET_GEOMETRY TARGET_IOWRU(0xfd, 0x0f)
+
/* from asm/termbits.h */
#define TARGET_NCC 8
diff --git a/linux-user/syscall_types.h b/linux-user/syscall_types.h
index 8fde25c..dea520e 100644
--- a/linux-user/syscall_types.h
+++ b/linux-user/syscall_types.h
@@ -191,6 +191,42 @@ STRUCT(vt_mode,
TYPE_SHORT, /* acqsig */
TYPE_SHORT) /* frsig */
+STRUCT(dm_ioctl,
+ MK_ARRAY(TYPE_INT, 3), /* version */
+ TYPE_INT, /* data_size */
+ TYPE_INT, /* data_start */
+ TYPE_INT, /* target_count*/
+ TYPE_INT, /* open_count */
+ TYPE_INT, /* flags */
+ TYPE_INT, /* event_nr */
+ TYPE_INT, /* padding */
+ TYPE_ULONGLONG, /* dev */
+ MK_ARRAY(TYPE_CHAR, 128), /* name */
+ MK_ARRAY(TYPE_CHAR, 129), /* uuid */
+ MK_ARRAY(TYPE_CHAR, 7)) /* data */
+
+STRUCT(dm_target_spec,
+ TYPE_ULONGLONG, /* sector_start */
+ TYPE_ULONGLONG, /* length */
+ TYPE_INT, /* status */
+ TYPE_INT, /* next */
+ MK_ARRAY(TYPE_CHAR, 16)) /* target_type */
+
+STRUCT(dm_target_deps,
+ TYPE_INT, /* count */
+ TYPE_INT) /* padding */
+
+STRUCT(dm_name_list,
+ TYPE_ULONGLONG, /* dev */
+ TYPE_INT) /* next */
+
+STRUCT(dm_target_versions,
+ TYPE_INT, /* next */
+ MK_ARRAY(TYPE_INT, 3)) /* version*/
+
+STRUCT(dm_target_msg,
+ TYPE_ULONGLONG) /* sector */
+
STRUCT(fiemap_extent,
TYPE_ULONGLONG, /* fe_logical */
TYPE_ULONGLONG, /* fe_physical */
--
1.6.0.2

136
0047-linux-user-add-struct-old_dev_t-compat.patch Normal file
View File

@ -0,0 +1,136 @@
From 79df307311156580da72aff94e73ad54c73bc4e7 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 31 Jan 2012 19:44:41 +0100
Subject: [PATCH] linux-user: add struct old_dev_t compat
The compat LOOP_SET_STATUS ioctl uses struct old_dev_t in its passed
struct. That variable type is vastly different between different
architectures. Implement wrapping around it so we can use it.
This fixes running arm kpartx on an x86_64 host for me.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
linux-user/syscall_types.h | 4 ++--
thunk.c | 28 ++++++++++++++++++++++++++++
thunk.h | 28 ++++++++++++++++++++++++++++
3 files changed, 58 insertions(+), 2 deletions(-)
diff --git a/linux-user/syscall_types.h b/linux-user/syscall_types.h
index dea520e..ad2ee7e 100644
--- a/linux-user/syscall_types.h
+++ b/linux-user/syscall_types.h
@@ -88,9 +88,9 @@ STRUCT(mixer_info,
/* loop device ioctls */
STRUCT(loop_info,
TYPE_INT, /* lo_number */
- TYPE_SHORT, /* lo_device */
+ TYPE_OLDDEVT, /* lo_device */
TYPE_ULONG, /* lo_inode */
- TYPE_SHORT, /* lo_rdevice */
+ TYPE_OLDDEVT, /* lo_rdevice */
TYPE_INT, /* lo_offset */
TYPE_INT, /* lo_encrypt_type */
TYPE_INT, /* lo_encrypt_key_size */
diff --git a/thunk.c b/thunk.c
index 34bc7d1..bf43985 100644
--- a/thunk.c
+++ b/thunk.c
@@ -47,6 +47,7 @@ static inline const argtype *thunk_type_next(const argtype *type_ptr)
case TYPE_LONG:
case TYPE_ULONG:
case TYPE_PTRVOID:
+ case TYPE_OLDDEVT:
return type_ptr;
case TYPE_PTR:
return thunk_type_next_ptr(type_ptr);
@@ -209,6 +210,33 @@ const argtype *thunk_convert(void *dst, const void *src,
#else
#warning unsupported conversion
#endif
+ case TYPE_OLDDEVT:
+ {
+ uint64_t val = 0;
+ switch (thunk_type_size(type_ptr - 1, !to_host)) {
+ case 2:
+ val = *(uint16_t *)src;
+ break;
+ case 4:
+ val = *(uint32_t *)src;
+ break;
+ case 8:
+ val = *(uint64_t *)src;
+ break;
+ }
+ switch (thunk_type_size(type_ptr - 1, to_host)) {
+ case 2:
+ *(uint16_t *)dst = tswap16(val);
+ break;
+ case 4:
+ *(uint32_t *)dst = tswap32(val);
+ break;
+ case 8:
+ *(uint64_t *)dst = tswap64(val);
+ break;
+ }
+ break;
+ }
case TYPE_ARRAY:
{
int array_length, i, dst_size, src_size;
diff --git a/thunk.h b/thunk.h
index 55890f3..ed65121 100644
--- a/thunk.h
+++ b/thunk.h
@@ -38,6 +38,7 @@ typedef enum argtype {
TYPE_ARRAY,
TYPE_STRUCT,
TYPE_INTBITFIELD,
+ TYPE_OLDDEVT,
} argtype;
#define MK_PTR(type) TYPE_PTR, type
@@ -106,6 +107,31 @@ static inline int thunk_type_size(const argtype *type_ptr, int is_host)
return TARGET_ABI_BITS / 8;
}
break;
+ case TYPE_OLDDEVT:
+ if (is_host) {
+#if defined(HOST_X86_64)
+ return 8;
+#elif defined(HOST_ALPHA) || defined(HOST_IA64) || defined(HOST_MIPS) || \
+ defined(HOST_PARISC) || defined(HOST_SPARC64)
+ return 4;
+#elif defined(HOST_PPC)
+ return HOST_LONG_SIZE;
+#else
+ return 2;
+#endif
+ } else {
+#if defined(TARGET_X86_64)
+ return 8;
+#elif defined(TARGET_ALPHA) || defined(TARGET_IA64) || defined(TARGET_MIPS) || \
+ defined(TARGET_PARISC) || defined(TARGET_SPARC64)
+ return 4;
+#elif defined(TARGET_PPC)
+ return TARGET_ABI_BITS / 8;
+#else
+ return 2;
+#endif
+ }
+ break;
case TYPE_ARRAY:
size = type_ptr[1];
return size * thunk_type_size_array(type_ptr + 2, is_host);
@@ -144,6 +170,8 @@ static inline int thunk_type_align(const argtype *type_ptr, int is_host)
return TARGET_ABI_BITS / 8;
}
break;
+ case TYPE_OLDDEVT:
+ return thunk_type_size(type_ptr, is_host);
case TYPE_ARRAY:
return thunk_type_align_array(type_ptr + 2, is_host);
case TYPE_STRUCT:
--
1.6.0.2

36
0048-linux-user-fix-BLK-ioctl-arguments.patch Normal file
View File

@ -0,0 +1,36 @@
From 8563ceced36263dbc91af9d6941e18626bd9f488 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 31 Jan 2012 20:10:20 +0100
Subject: [PATCH] linux-user: fix BLK ioctl arguments
Some BLK ioctls passed sizeof(x) into a macro that already did sizeof() on
the passed in argument, rendering the size information inside the ioctl be
the size of the host default integer type.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
linux-user/syscall_defs.h | 8 +++++---
1 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
index c8b57c9..21b054c 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h
@@ -832,9 +832,11 @@ struct target_pollfd {
#define TARGET_BLKSECTGET TARGET_IO(0x12,103)/* get max sectors per request (ll_rw_blk.c) */
#define TARGET_BLKSSZGET TARGET_IO(0x12,104)/* get block device sector size */
/* A jump here: 108-111 have been used for various private purposes. */
-#define TARGET_BLKBSZGET TARGET_IOR(0x12,112,sizeof(int))
-#define TARGET_BLKBSZSET TARGET_IOW(0x12,113,sizeof(int))
-#define TARGET_BLKGETSIZE64 TARGET_IOR(0x12,114,sizeof(uint64_t)) /* return device size in bytes (u64 *arg) */
+#define TARGET_BLKBSZGET TARGET_IOR(0x12,112,int)
+#define TARGET_BLKBSZSET TARGET_IOW(0x12,113,int)
+#define TARGET_BLKGETSIZE64 TARGET_IOR(0x12,114,abi_ulong)
+ /* return device size in bytes
+ (u64 *arg) */
#define TARGET_FIBMAP TARGET_IO(0x00,1) /* bmap access */
#define TARGET_FIGETBSZ TARGET_IO(0x00,2) /* get the block size used for bmap */
#define TARGET_FS_IOC_FIEMAP TARGET_IOWR('f',11,struct fiemap)
--
1.6.0.2

27
0049-linux-user-add-BLKSSZGET-ioctl-wrapper.patch Normal file
View File

@ -0,0 +1,27 @@
From 3977eaddfd8aad7fcab30dab3c9bab52bd79bdeb Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 31 Jan 2012 20:11:37 +0100
Subject: [PATCH] linux-user: add BLKSSZGET ioctl wrapper
This patch adds an ioctl definition for BLKSSZGET.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
linux-user/ioctls.h | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/linux-user/ioctls.h b/linux-user/ioctls.h
index 05b7290..f938050 100644
--- a/linux-user/ioctls.h
+++ b/linux-user/ioctls.h
@@ -74,6 +74,7 @@
IOCTL(BLKFLSBUF, 0, TYPE_NULL)
IOCTL(BLKRASET, 0, TYPE_INT)
IOCTL(BLKRAGET, IOC_R, MK_PTR(TYPE_LONG))
+ IOCTL(BLKSSZGET, IOC_R, MK_PTR(TYPE_LONG))
#ifdef FIBMAP
IOCTL(FIBMAP, IOC_W | IOC_R, MK_PTR(TYPE_LONG))
#endif
--
1.6.0.2

27
0050-linux-user-Add-ioctl-for-BLKBSZGET.patch Normal file
View File

@ -0,0 +1,27 @@
From 3f2fdae967bb91a2c02020369c0af53c9cafd8b5 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 2 Feb 2012 02:22:34 +0100
Subject: [PATCH] linux-user: Add ioctl for BLKBSZGET
This patch adds the ioctl wrapper definition for BLKBSZGET.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
linux-user/ioctls.h | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/linux-user/ioctls.h b/linux-user/ioctls.h
index f938050..c261063 100644
--- a/linux-user/ioctls.h
+++ b/linux-user/ioctls.h
@@ -75,6 +75,7 @@
IOCTL(BLKRASET, 0, TYPE_INT)
IOCTL(BLKRAGET, IOC_R, MK_PTR(TYPE_LONG))
IOCTL(BLKSSZGET, IOC_R, MK_PTR(TYPE_LONG))
+ IOCTL(BLKBSZGET, IOC_R, MK_PTR(TYPE_INT))
#ifdef FIBMAP
IOCTL(FIBMAP, IOC_W | IOC_R, MK_PTR(TYPE_LONG))
#endif
--
1.6.0.2

34
0051-linux-user-take-RESERVED_VA-into-account-for-g2h_va.patch Normal file
View File

@ -0,0 +1,34 @@
From 63ad8e6ca106981bc18f2d49cf0bed79a7b2cbfe Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 2 Feb 2012 03:14:18 +0100
Subject: [PATCH] linux-user: take RESERVED_VA into account for g2h_valid()
When running with -R (RESERVED_VA > 0) all guest virtual addresses
are within the [0..RESERVED_VA] range. Reflect this with g2h_valid()
too so we can safely check for boundaries of our guest address space.
This is required to have the /proc/self/maps code not show maps that
aren't accessible from the guest process's point of view.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
cpu-all.h | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/cpu-all.h b/cpu-all.h
index 5f47ab8..ce3e78f 100644
--- a/cpu-all.h
+++ b/cpu-all.h
@@ -204,7 +204,8 @@ extern unsigned long reserved_va;
#else
#define h2g_valid(x) ({ \
unsigned long __guest = (unsigned long)(x) - GUEST_BASE; \
- __guest < (1ul << TARGET_VIRT_ADDR_SPACE_BITS); \
+ (__guest < (1ul << TARGET_VIRT_ADDR_SPACE_BITS)) && \
+ (!RESERVED_VA || (__guest < RESERVED_VA)); \
})
#endif
--
1.6.0.2

59
0052-linux-user-binfmt-support-host-binaries.patch Normal file
View File

@ -0,0 +1,59 @@
From 20d9c73417a401a79a3c5ae9aa07d635a06e9519 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 2 Feb 2012 18:02:33 +0100
Subject: [PATCH] linux-user: binfmt: support host binaries
When we have a working host binary equivalent for the guest binary we're
trying to run, let's just use that instead as it will be a lot faster.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
linux-user/binfmt.c | 25 +++++++++++++++++++++++++
1 files changed, 25 insertions(+), 0 deletions(-)
diff --git a/linux-user/binfmt.c b/linux-user/binfmt.c
index cd1f513..87dc4c6 100644
--- a/linux-user/binfmt.c
+++ b/linux-user/binfmt.c
@@ -5,6 +5,9 @@
#include <string.h>
#include <stdlib.h>
+#ifdef __x86_64__
+#define ARCH_NAME "x86_64"
+#endif
int main(int argc, char **argv, char **envp)
{
@@ -28,6 +31,28 @@ int main(int argc, char **argv, char **envp)
binfmt[0] = '\0';
/* Now argv[0] is the real qemu binary name */
+#ifdef ARCH_NAME
+ {
+ char *hostbin;
+ char *guestarch;
+
+ guestarch = strrchr(argv[0], '-') ;
+ if (!guestarch) {
+ goto skip;
+ }
+ guestarch++;
+ asprintf(&hostbin, "/emul/" ARCH_NAME "-for-%s/%s", guestarch, argv[1]);
+ if (!access(hostbin, X_OK)) {
+ /*
+ * We found a host binary replacement for the non-host binary. Let's
+ * use that instead!
+ */
+ return execve(hostbin, &argv[2], envp);
+ }
+ }
+skip:
+#endif
+
new_argv = (char **)malloc((argc + 2) * sizeof(*new_argv));
if (argc > 3) {
memcpy(&new_argv[4], &argv[3], (argc - 3) * sizeof(*new_argv));
--
1.6.0.2

39
0053-linux-user-fix-fallocate.patch Normal file
View File

@ -0,0 +1,39 @@
From 3ed04f86397af1b58f67e449df558370d5125e27 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 6 Feb 2012 21:37:07 +0100
Subject: [PATCH] linux-user: fix fallocate
Fallocate gets off_t parameters passed in, so we should also read them out
accordingly.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
v1 -> v2:
- unbreak 64-bit guests
---
linux-user/syscall.c | 5 +++++
1 files changed, 5 insertions(+), 0 deletions(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 7a20af4..cbd37f6 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -8479,7 +8479,12 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
#endif /* CONFIG_EVENTFD */
#if defined(CONFIG_FALLOCATE) && defined(TARGET_NR_fallocate)
case TARGET_NR_fallocate:
+#if TARGET_ABI_BITS == 32
+ ret = get_errno(fallocate(arg1, arg2, target_offset64(arg3, arg4),
+ target_offset64(arg5, arg6)));
+#else
ret = get_errno(fallocate(arg1, arg2, arg3, arg4));
+#endif
break;
#endif
#if defined(CONFIG_SYNC_FILE_RANGE)
--
1.6.0.2

37
0054-e1000-bounds-packet-size-against-buffer-size.patch Normal file
View File

@ -0,0 +1,37 @@
From 2335c9428ecb8066cf354bd6f2b21998941e8518 Mon Sep 17 00:00:00 2001
From: Anthony Liguori <aliguori@us.ibm.com>
Date: Mon, 23 Jan 2012 07:30:43 -0600
Subject: [PATCH 53/53] e1000: bounds packet size against buffer size
Otherwise we can write beyond the buffer and corrupt memory. This is tracked
as CVE-2012-0029.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
---
hw/e1000.c | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/hw/e1000.c b/hw/e1000.c
index 19ca5bf..22a601a 100644
--- a/hw/e1000.c
+++ b/hw/e1000.c
@@ -466,6 +466,8 @@ process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
bytes = split_size;
if (tp->size + bytes > msh)
bytes = msh - tp->size;
+
+ bytes = MIN(sizeof(tp->data) - tp->size, bytes);
pci_dma_read(&s->dev, addr, tp->data + tp->size, bytes);
if ((sz = tp->size + bytes) >= hdr && tp->size < hdr)
memmove(tp->header, tp->data, hdr);
@@ -481,6 +483,7 @@ process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
// context descriptor TSE is not set, while data descriptor TSE is set
DBGOUT(TXERR, "TCP segmentaion Error\n");
} else {
+ split_size = MIN(sizeof(tp->data) - tp->size, split_size);
pci_dma_read(&s->dev, addr, tp->data + tp->size, split_size);
tp->size += split_size;
}
--
1.7.7

60
qemu.changes
View File

@ -1,3 +1,63 @@
-------------------------------------------------------------------
Mon Feb 6 22:24:27 UTC 2012 - brogers@suse.com
- avoid buffer overflow in e1000 device emulation (bnc#740165)
-------------------------------------------------------------------
Mon Feb 6 19:29:33 UTC 2012 - agraf@suse.de
- qemu-user: fix fallocate
-------------------------------------------------------------------
Fri Feb 3 11:49:24 UTC 2012 - agraf@suse.de
- qemu-user: fix previous patch
-------------------------------------------------------------------
Thu Feb 2 15:28:42 UTC 2012 - agraf@suse.de
- qemu-user: add host binary support for binfmt
-------------------------------------------------------------------
Thu Feb 2 00:41:21 UTC 2012 - agraf@suse.de
- qemu-user: add fix for /proc/self/maps to only show mappable regions
-------------------------------------------------------------------
Wed Feb 1 23:48:53 UTC 2012 - agraf@suse.de
- qemu-user: add wrapper for BLKBSZGET
-------------------------------------------------------------------
Tue Jan 31 21:36:02 UTC 2012 - agraf@suse.de
- qemu-user: add fix for deadloop with ulimit constraints
- qemu-user: add device mapper and loopback ioctls, enabling kpatkx
-------------------------------------------------------------------
Tue Jan 10 16:08:35 UTC 2012 - agraf@suse.de
- backport all ppc-1.0 stable patches to our package
- add fix for PPC HV KVM on 3.1
-------------------------------------------------------------------
Tue Jan 10 15:26:21 UTC 2012 - agraf@suse.de
- add fix for PPC in HV KVM mode
-------------------------------------------------------------------
Thu Jan 6 01:18:00 UTC 2012 - agraf@suse.de
- add workaround for KVM on PPC to support hugetlbfs
- add upstream patches to fake $0 in /proc/self/maps (fixes ps)
-------------------------------------------------------------------
Wed Dec 14 00:16:28 UTC 2011 - agraf@suse.com
- add update_git.sh to simplify maintenance of the tree
- use -R automatically in linux-user to gain more address space
- drop MAP_32BIT patch (deprecated by the one above)
-------------------------------------------------------------------
Mon Dec 12 22:05:24 CET 2011 - agraf@suse.com

203
qemu.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package qemu
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -15,52 +15,71 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# norootforbuild
Name: qemu
Url: http://fabrice.bellard.free.fr/qemu/
License: BSD3c(or similar) ; GPLv2+ ; LGPLv2.1+ ; MIT License (or similar)
Group: System/Emulators/PC
Summary: Universal CPU emulator
License: BSD-3-Clause ; GPL-2.0+ ; LGPL-2.1+ ; MIT
Group: System/Emulators/PC
Version: 1.0
Release: 0
Source: %name-%version.tar.bz2
Patch1: 0001-Handle-CPU-interrupts-by-inline-checking-of-a-flag.patch
Patch2: 0002-linux-user-fix-QEMU_STRACE-1-segfault.patch
Patch3: 0003-linux-user-save-auxv-length.patch
Patch4: 0004-linux-user-add-open-hijack-infrastructure.patch
Patch5: 0005-linux-user-fake-proc-self-maps.patch
Patch6: 0006-linux-user-fake-proc-self-stat.patch
Patch7: 0007-linux-user-fake-proc-self-auxv.patch
Patch8: 0008-XXX-dont-dump-core-on-sigabort.patch
Patch9: 0009-linux-user-fix-wait-syscall-status-returns.patch
Patch10: 0010-Revert-linux-user-fix-wait-syscall-status-returns.patch
Patch11: 0011-linux-user-fix-wait-syscall-status-returns.patch
Patch12: 0012-linux-user-Fix-32-on-64-mmap-for-x86_64.patch
Patch13: 0013-XXX-linux-user-fake-proc-self-maps-even-more.patch
Patch14: 0014-XXX-work-around-SA_RESTART-race-with-boehm-gc-ARM-o.patch
Patch15: 0015-XXX-move-qemu-binary-lower-in-address-space-so-we-ha.patch
Patch16: 0016-linux-user-map-lower-in-address-space.patch
Patch17: 0017-XXX-fake-proc-self-maps-also-fclose-real-file.patch
Patch18: 0018-XXX-map-qemu-higher-again-so-we-have-space-for-brk.patch
Patch19: 0019-qemu-0.9.0.cvs-binfmt.patch
Patch20: 0020-qemu-cvs-alsa_bitfield.patch
Patch21: 0021-qemu-cvs-alsa_ioctl.patch
Patch22: 0022-qemu-cvs-alsa_mmap.patch
Patch23: 0023-qemu-cvs-gettimeofday.patch
Patch24: 0024-qemu-cvs-ioctl_debug.patch
Patch25: 0025-qemu-cvs-ioctl_nodirection.patch
Patch26: 0026-qemu-img-vmdk-scsi.patch
Patch27: 0027-qemu-nonvoid_return.patch
Patch28: 0028-fix-mipsn32-linux-user-builds.patch
Patch29: 0029-Integrating-Dynamips-and-GNS3-UDP-tunnels-Patches.patch
Patch30: 0030-linux-user-add-binfmt-wrapper-for-argv-0-handling.patch
Patch31: 0031-linux-user-Ignore-timer_create-syscall.patch
Patch32: 0032-linux-user-be-silent-about-capget-failures.patch
Patch33: 0033-PPC-Fix-linker-scripts-on-ppc-hosts.patch
Patch0001: 0001-Handle-CPU-interrupts-by-inline-checking-of-a-flag.patch
Patch0002: 0002-linux-user-fix-QEMU_STRACE-1-segfault.patch
Patch0003: 0003-linux-user-save-auxv-length.patch
Patch0004: 0004-linux-user-add-open-hijack-infrastructure.patch
Patch0005: 0005-linux-user-fake-proc-self-maps.patch
Patch0006: 0006-linux-user-fake-proc-self-stat.patch
Patch0007: 0007-linux-user-fake-proc-self-auxv.patch
Patch0008: 0008-XXX-dont-dump-core-on-sigabort.patch
Patch0009: 0009-linux-user-fix-wait-syscall-status-returns.patch
Patch0010: 0010-Revert-linux-user-fix-wait-syscall-status-returns.patch
Patch0011: 0011-linux-user-fix-wait-syscall-status-returns.patch
Patch0012: 0012-XXX-linux-user-fake-proc-self-maps-even-more.patch
Patch0013: 0013-XXX-work-around-SA_RESTART-race-with-boehm-gc-ARM-o.patch
Patch0014: 0014-XXX-move-qemu-binary-lower-in-address-space-so-we-ha.patch
Patch0015: 0015-linux-user-map-lower-in-address-space.patch
Patch0016: 0016-XXX-fake-proc-self-maps-also-fclose-real-file.patch
Patch0017: 0017-XXX-map-qemu-higher-again-so-we-have-space-for-brk.patch
Patch0018: 0018-qemu-0.9.0.cvs-binfmt.patch
Patch0019: 0019-qemu-cvs-alsa_bitfield.patch
Patch0020: 0020-qemu-cvs-alsa_ioctl.patch
Patch0021: 0021-qemu-cvs-alsa_mmap.patch
Patch0022: 0022-qemu-cvs-gettimeofday.patch
Patch0023: 0023-qemu-cvs-ioctl_debug.patch
Patch0024: 0024-qemu-cvs-ioctl_nodirection.patch
Patch0025: 0025-qemu-img-vmdk-scsi.patch
Patch0026: 0026-qemu-nonvoid_return.patch
Patch0027: 0027-fix-mipsn32-linux-user-builds.patch
Patch0028: 0028-Integrating-Dynamips-and-GNS3-UDP-tunnels-Patches.patch
Patch0029: 0029-linux-user-add-binfmt-wrapper-for-argv-0-handling.patch
Patch0030: 0030-linux-user-Ignore-timer_create-syscall.patch
Patch0031: 0031-linux-user-be-silent-about-capget-failures.patch
Patch0032: 0032-PPC-Fix-linker-scripts-on-ppc-hosts.patch
Patch0033: 0033-linux-user-reserve-4GB-of-vmem-for-32-on-64.patch
Patch0034: 0034-PPC-KVM-Disable-mmu-notifier-check.patch
Patch0035: 0035-linux-user-improve-fake-proc-self-stat-making-ps.patch
Patch0036: 0036-linux-user-target_argv-is-placed-on-ts-bprm-argv.patch
Patch0037: 0037-PPC-KVM-Ignore-SET_ONE_REG-failures.patch
Patch0038: 0038-PPC-KVM-Ignore-ENABLE_PAPR-to-support-very-old-HV.patch
Patch0039: 0039-console-Fix-segfault-on-screendump-without-VGA-adap.patch
Patch0040: 0040-pseries-Fix-array-overrun-bug-in-PCI-code.patch
Patch0041: 0041-kvm-ppc-halt-secondary-cpus-when-guest-reset.patch
Patch0042: 0042-pseries-Emit-device-tree-nodes-in-reg-order.patch
Patch0043: 0043-pseries-Add-a-routine-to-find-a-stable-default-vt.patch
Patch0044: 0044-pseries-Populate-chosen-linux-stdout-path-in-the.patch
Patch0045: 0045-linux-user-fix-segfault-deadlock.patch
Patch0046: 0046-linux-user-implement-device-mapper-ioctls.patch
Patch0047: 0047-linux-user-add-struct-old_dev_t-compat.patch
Patch0048: 0048-linux-user-fix-BLK-ioctl-arguments.patch
Patch0049: 0049-linux-user-add-BLKSSZGET-ioctl-wrapper.patch
Patch0050: 0050-linux-user-Add-ioctl-for-BLKBSZGET.patch
Patch0051: 0051-linux-user-take-RESERVED_VA-into-account-for-g2h_va.patch
Patch0052: 0052-linux-user-binfmt-support-host-binaries.patch
Patch0053: 0053-linux-user-fix-fallocate.patch
Patch0054: 0054-e1000-bounds-packet-size-against-buffer-size.patch
# this is to make lint happy
Source300: rpmlintrc
Source400: update_git.sh
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: SDL-devel
BuildRequires: bison
@ -101,8 +120,8 @@ system. It currently emulates x86, ARM, PowerPC and SPARC CPUs as well
as PC and PowerMac systems.
%package linux-user
Group: System/Emulators/PC
Summary: Universal CPU emulator -- Linux User binaries
Group: System/Emulators/PC
Provides: qemu:%_bindir/qemu-arm
%description linux-user
@ -113,54 +132,71 @@ system. It currently emulates x86, ARM, PowerPC and SPARC CPUs as well
as PC and PowerMac systems.
This sub package contains static linked binaries for runnign linux-user
emulations. This can be used together with the OBS build script to
emulations. This can be used together with the OBS build script to
run cross architectures builds
%prep
%setup -q
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
%patch17 -p1
%patch18 -p1
%patch19 -p1
%patch20 -p1
%patch21 -p1
%patch22 -p1
%patch23 -p1
%patch24 -p1
%patch25 -p1
%patch26 -p1
%patch27 -p1
%patch28 -p1
%patch29 -p1
%patch30 -p1
%patch31 -p1
%patch32 -p1
%patch33 -p1
%setup -q
%patch0001 -p1
%patch0002 -p1
%patch0003 -p1
%patch0004 -p1
%patch0005 -p1
%patch0006 -p1
%patch0007 -p1
%patch0008 -p1
%patch0009 -p1
%patch0010 -p1
%patch0011 -p1
%patch0012 -p1
%patch0013 -p1
%patch0014 -p1
%patch0015 -p1
%patch0016 -p1
%patch0017 -p1
%patch0018 -p1
%patch0019 -p1
%patch0020 -p1
%patch0021 -p1
%patch0022 -p1
%patch0023 -p1
%patch0024 -p1
%patch0025 -p1
%patch0026 -p1
%patch0027 -p1
%patch0028 -p1
%patch0029 -p1
%patch0030 -p1
%patch0031 -p1
%patch0032 -p1
%patch0033 -p1
%patch0034 -p1
%patch0035 -p1
%patch0036 -p1
%patch0037 -p1
%patch0038 -p1
%patch0039 -p1
%patch0040 -p1
%patch0041 -p1
%patch0042 -p1
%patch0043 -p1
%patch0044 -p1
%patch0045 -p1
%patch0046 -p1
%patch0047 -p1
%patch0048 -p1
%patch0049 -p1
%patch0050 -p1
%patch0051 -p1
%patch0052 -p1
%patch0053 -p1
%patch0054 -p1
%build
# build QEMU
mkdir -p dynamic
# build qemu-system
./configure --prefix=%_prefix --sysconfdir=%_sysconfdir \
--interp-prefix=%_datadir/%name/qemu-i386 \
--audio-card-list="ac97 es1370 sb16 cs4231a adlib gus" \
--audio-drv-list="alsa sdl" --enable-mixemu --enable-vde \
--extra-cflags="$QEMU_OPT_FLAGS" --enable-system --disable-linux-user
./configure --prefix=%_prefix --sysconfdir=%_sysconfdir --interp-prefix=%_datadir/%name/qemu-i386 --audio-card-list="ac97 es1370 sb16 cs4231a adlib gus" --audio-drv-list="alsa sdl" --enable-mixemu --enable-vde --extra-cflags="$QEMU_OPT_FLAGS" --enable-system --disable-linux-user
# curl test fails for no reason in build system
echo "CONFIG_CURL=y" >> config-host.mak
echo "CURL_LIBS=-lcurl" >> config-host.mak
@ -170,12 +206,7 @@ make qemu-img V=1
mv */qemu */qemu-* qemu-io dynamic || true
make clean
# build userland emus
./configure --prefix=%_prefix --sysconfdir=%_sysconfdir \
--interp-prefix=%_datadir/%name/qemu-i386 \
--enable-linux-user \
--disable-system \
--static --disable-linux-aio \
--extra-cflags="$QEMU_OPT_FLAGS"
./configure --prefix=%_prefix --sysconfdir=%_sysconfdir --interp-prefix=%_datadir/%name/qemu-i386 --enable-linux-user --disable-system --static --disable-linux-aio --extra-cflags="$QEMU_OPT_FLAGS"
make %{?jobs:-j%jobs} V=1
%install

180
qemu.spec.in Normal file
View File

@ -0,0 +1,180 @@
#
# spec file for package qemu
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# norootforbuild
Name: qemu
Url: http://fabrice.bellard.free.fr/qemu/
License: BSD3c(or similar) ; GPLv2+ ; LGPLv2.1+ ; MIT License (or similar)
Group: System/Emulators/PC
Summary: Universal CPU emulator
Version: 1.0
Release: 0
Source: %name-%version.tar.bz2
PATCH_FILES
# this is to make lint happy
Source300: rpmlintrc
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: SDL-devel
BuildRequires: bison
BuildRequires: bluez-devel
BuildRequires: curl-devel
BuildRequires: cyrus-sasl-devel
BuildRequires: e2fsprogs-devel
BuildRequires: libaio
BuildRequires: libaio-devel
BuildRequires: libattr-devel
BuildRequires: libgnutls-devel
BuildRequires: libpcap-devel
BuildRequires: ncurses-devel
%if 0%{?suse_version} >= 1120
BuildRequires: zlib-devel-static
%else
BuildRequires: zlib-devel
%endif
%if 0%{?suse_version} >= 1210
BuildRequires: libattr-devel-static
BuildRequires: glibc-devel-static
BuildRequires: libfdt1-devel
%endif
%if 0%{?suse_version} >= 1140
BuildRequires: glib2-devel-static
%endif
BuildRequires: libvdeplug3-devel
BuildRequires: glib2-devel
BuildRequires: python
BuildRequires: fdupes
Requires: timezone virt-utils
%description
QEMU is an extremely well-performing CPU emulator that allows you to
choose between simulating an entire system and running userspace
binaries for different architectures under your native operating
system. It currently emulates x86, ARM, PowerPC and SPARC CPUs as well
as PC and PowerMac systems.
%package linux-user
Group: System/Emulators/PC
Summary: Universal CPU emulator -- Linux User binaries
Provides: qemu:%_bindir/qemu-arm
%description linux-user
QEMU is an extremely well-performing CPU emulator that allows you to
choose between simulating an entire system and running userspace
binaries for different architectures under your native operating
system. It currently emulates x86, ARM, PowerPC and SPARC CPUs as well
as PC and PowerMac systems.
This sub package contains static linked binaries for runnign linux-user
emulations. This can be used together with the OBS build script to
run cross architectures builds
%prep
%setup -q
PATCH_EXEC
%build
# build QEMU
mkdir -p dynamic
# build qemu-system
./configure --prefix=%_prefix --sysconfdir=%_sysconfdir \
--interp-prefix=%_datadir/%name/qemu-i386 \
--audio-card-list="ac97 es1370 sb16 cs4231a adlib gus" \
--audio-drv-list="alsa sdl" --enable-mixemu --enable-vde \
--extra-cflags="$QEMU_OPT_FLAGS" --enable-system --disable-linux-user
# curl test fails for no reason in build system
echo "CONFIG_CURL=y" >> config-host.mak
echo "CURL_LIBS=-lcurl" >> config-host.mak
echo "#define CONFIG_CURL 1" >> config-host.h
make %{?jobs:-j%jobs} V=1
make qemu-img V=1
mv */qemu */qemu-* qemu-io dynamic || true
make clean
# build userland emus
./configure --prefix=%_prefix --sysconfdir=%_sysconfdir \
--interp-prefix=%_datadir/%name/qemu-i386 \
--enable-linux-user \
--disable-system \
--static --disable-linux-aio \
--extra-cflags="$QEMU_OPT_FLAGS"
make %{?jobs:-j%jobs} V=1
%install
make install DESTDIR=$RPM_BUILD_ROOT
rm -f $RPM_BUILD_ROOT/%_mandir/man1/qemu-img.1
rm -f $RPM_BUILD_ROOT/%_mandir/man8/qemu-nbd.8
rm -fr $RPM_BUILD_ROOT/%_datadir/doc
# otherwise we get: install: omitting directory `dynamic/qemu-palcode'
rm -fr dynamic/qemu-palcode
install -m 755 */qemu-*[^.]? $RPM_BUILD_ROOT/%_bindir
install -d -m 755 $RPM_BUILD_ROOT/%_sbindir
install -m 755 dynamic/qemu-binfmt-conf.sh $RPM_BUILD_ROOT/%_sbindir
%ifnarch %ix86 x86_64
ln -sf ../../../emul/ia32-linux $RPM_BUILD_ROOT/usr/share/qemu/qemu-i386
%endif
%ifnarch ia64
mkdir -p $RPM_BUILD_ROOT/emul/ia32-linux
%endif
%fdupes -s $RPM_BUILD_ROOT
%clean
rm -rf ${RPM_BUILD_ROOT}
%files
%defattr(-, root, root)
%doc COPYING COPYING.LIB Changelog README TODO VERSION qemu-doc.html qemu-tech.html
%_bindir/qemu-io
%_bindir/qemu-system-*
%doc %_mandir/man[18]/qemu*.[18].gz
%_datadir/%name
%ifnarch %ix86 x86_64 ia64
%dir /emul/ia32-linux
%endif
%dir %_sysconfdir/%name
%config %_sysconfdir/%name/target-x86_64.conf
%files linux-user
%defattr(-, root, root)
%_bindir/qemu-alpha
%_bindir/qemu-arm
%_bindir/qemu-armeb
%_bindir/qemu-cris
%_bindir/qemu-i386
%_bindir/qemu-m68k
%_bindir/qemu-microblaze
%_bindir/qemu-microblazeel
%_bindir/qemu-mips
%_bindir/qemu-mipsel
%_bindir/qemu-mipsn32
%_bindir/qemu-mipsn32el
%_bindir/qemu-ppc64abi32
%_bindir/qemu-ppc64
%_bindir/qemu-ppc
%_bindir/qemu-s390x
%_bindir/qemu-sh4
%_bindir/qemu-sh4eb
%_bindir/qemu-sparc32plus
%_bindir/qemu-sparc64
%_bindir/qemu-sparc
%_bindir/qemu-unicore32
%_bindir/qemu-x86_64
%_bindir/qemu-*-binfmt
%_bindir/qemu-binfmt-conf.sh
%_sbindir/qemu-binfmt-conf.sh
%changelog

53
update_git.sh Normal file
View File

@ -0,0 +1,53 @@
#!/bin/bash -e
#
# While updating versions of QEMU to 1.0 I got fed up with the
# quilt workflow and just put up a git tree that contains all
# the commits on top of a stable tarball.
#
# When updating this package, just either update the git tree
# below (use rebase!) or change the tree path and use your own
#
# That way we can easily rebase against the next stable release
# when it comes.
GIT_TREE=git://repo.or.cz/qemu/agraf.git
GIT_LOCAL_TREE=/suse/agraf/git/qemu
GIT_BRANCH=suse-1.0
GIT_UPSTREAM_TAG=v1.0
# clean up
if [ -e 0001-* ]; then
osc rm --force 0*
fi
rm -f qemu.spec
# fetch all patches
if [ -d "$GIT_LOCAL_TREE" ]; then
git clone -ls $GIT_LOCAL_TREE qemu-tmp
else
git clone $GIT_TREE qemu-tmp
fi
cd qemu-tmp
git checkout $GIT_BRANCH
git format-patch $GIT_UPSTREAM_TAG -o ..
cd ..
rm -rf qemu-tmp
# we have all patches as files now - generate the spec file!
while read line; do
if [ "$line" = "PATCH_FILES" ]; then
for i in 0*; do
NUM=${i%%-*}
echo "Patch$NUM: $i"
done
elif [ "$line" = "PATCH_EXEC" ]; then
for i in 0*; do
NUM=${i%%-*}
echo "%patch$NUM -p1"
done
else
echo "$line"
fi
done < qemu.spec.in > qemu.spec
osc add 0*