Accepting request 483217 from Virtualization:Staging

1

OBS-URL: https://build.opensuse.org/request/show/483217
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=331
This commit is contained in:
Bruce Rogers 2017-03-29 04:22:10 +00:00 committed by Git OBS Bridge
parent 70b09a5bad
commit e9354b5825
90 changed files with 844 additions and 2420 deletions

View File

@ -1,4 +1,4 @@
From cf0874f4e213436a13e06cd650cb6addc2abc3bc Mon Sep 17 00:00:00 2001
From 9a439be9ee06d6d254e5350551e7159a31a90aa4 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 21 Nov 2011 23:50:36 +0100
Subject: [PATCH] XXX dont dump core on sigabort
@ -8,7 +8,7 @@ Subject: [PATCH] XXX dont dump core on sigabort
1 file changed, 6 insertions(+)
diff --git a/linux-user/signal.c b/linux-user/signal.c
index c750053edd..cb3bc8fcb3 100644
index a67db04..a11728f 100644
--- a/linux-user/signal.c
+++ b/linux-user/signal.c
@@ -560,6 +560,10 @@ static void QEMU_NORETURN dump_core_and_abort(int target_sig)

View File

@ -1,4 +1,4 @@
From e9b62c0a3fc4fbc6b7feca4ae9e1a336439d9ff3 Mon Sep 17 00:00:00 2001
From 5805a02046a5e706406c29b7e595cb5aa54b4a2c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 10 Aug 2016 19:00:24 +0200
Subject: [PATCH] qemu-binfmt-conf: Modify default path
@ -14,10 +14,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/qemu-binfmt-conf.sh b/scripts/qemu-binfmt-conf.sh
index de4d1c13d4..764025580d 100755
index 0f1aa63..9fcd95a 100755
--- a/scripts/qemu-binfmt-conf.sh
+++ b/scripts/qemu-binfmt-conf.sh
@@ -259,7 +259,7 @@ BINFMT_SET=qemu_register_interpreter
@@ -264,7 +264,7 @@ BINFMT_SET=qemu_register_interpreter
SYSTEMDDIR="/etc/binfmt.d"
DEBIANDIR="/usr/share/binfmts"

View File

@ -1,4 +1,4 @@
From beff0040fcb19dce316f3e07a0c7711cf8545d63 Mon Sep 17 00:00:00 2001
From 0d14edc19f2112a2d61f835c9664c388cbf14246 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 14 Apr 2009 16:20:50 +0200
Subject: [PATCH] qemu-cvs-alsa_bitfield
@ -13,7 +13,7 @@ Signed-off-by: Ulrich Hecht <uli@suse.de>
2 files changed, 24 insertions(+)
diff --git a/include/exec/user/thunk.h b/include/exec/user/thunk.h
index f19ef4b230..b2659e0def 100644
index f19ef4b..b2659e0 100644
--- a/include/exec/user/thunk.h
+++ b/include/exec/user/thunk.h
@@ -37,6 +37,7 @@ typedef enum argtype {
@ -41,7 +41,7 @@ index f19ef4b230..b2659e0def 100644
case TYPE_LONGLONG:
case TYPE_ULONGLONG:
diff --git a/thunk.c b/thunk.c
index 2dac36666d..0eb72861fe 100644
index 2dac366..0eb7286 100644
--- a/thunk.c
+++ b/thunk.c
@@ -37,6 +37,7 @@ static inline const argtype *thunk_type_next(const argtype *type_ptr)

View File

@ -1,4 +1,4 @@
From 8a4092a66e29d360d3371ac7ab9e5087294640b8 Mon Sep 17 00:00:00 2001
From 2764219a17c0d494f2dd66e7b4c1c5b3dd75e5be Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 14 Apr 2009 16:23:27 +0200
Subject: [PATCH] qemu-cvs-alsa_ioctl
@ -11,24 +11,26 @@ Implements ALSA ioctls on PPC hosts.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Ulrich Hecht <uli@suse.de>
[AF: Rebased for v2.7.0-rc2]
[BR: Rebased for v2.9.0-rc0: removed timespec ref. from syscall_types_alsa.h]
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
linux-user/ioctls.h | 5 +
linux-user/ioctls_alsa.h | 467 ++++++++++
linux-user/ioctls_alsa_structs.h | 1740 ++++++++++++++++++++++++++++++++++++++
linux-user/syscall_defs.h | 2 +
linux-user/syscall_types.h | 5 +
linux-user/syscall_types_alsa.h | 1336 +++++++++++++++++++++++++++++
6 files changed, 3555 insertions(+)
linux-user/syscall_types_alsa.h | 1330 +++++++++++++++++++++++++++++
6 files changed, 3549 insertions(+)
create mode 100644 linux-user/ioctls_alsa.h
create mode 100644 linux-user/ioctls_alsa_structs.h
create mode 100644 linux-user/syscall_types_alsa.h
diff --git a/linux-user/ioctls.h b/linux-user/ioctls.h
index 1bad701481..f2d9020c79 100644
index e6997ff..ea335de 100644
--- a/linux-user/ioctls.h
+++ b/linux-user/ioctls.h
@@ -351,6 +351,11 @@
@@ -359,6 +359,11 @@
IOCTL(VFAT_IOCTL_READDIR_BOTH, IOC_R, MK_PTR(MK_ARRAY(MK_STRUCT(STRUCT_dirent), 2)))
IOCTL(VFAT_IOCTL_READDIR_SHORT, IOC_R, MK_PTR(MK_ARRAY(MK_STRUCT(STRUCT_dirent), 2)))
@ -42,7 +44,7 @@ index 1bad701481..f2d9020c79 100644
IOCTL(LOOP_SET_STATUS, IOC_W, MK_PTR(MK_STRUCT(STRUCT_loop_info)))
diff --git a/linux-user/ioctls_alsa.h b/linux-user/ioctls_alsa.h
new file mode 100644
index 0000000000..c2aa542c3b
index 0000000..c2aa542
--- /dev/null
+++ b/linux-user/ioctls_alsa.h
@@ -0,0 +1,467 @@
@ -515,7 +517,7 @@ index 0000000000..c2aa542c3b
+IOCTL( SND_SSCAPE_LOAD_MCODE , IOC_W, MK_PTR(MK_STRUCT(STRUCT_sscape_microcode)) )
diff --git a/linux-user/ioctls_alsa_structs.h b/linux-user/ioctls_alsa_structs.h
new file mode 100644
index 0000000000..e09a30defb
index 0000000..e09a30d
--- /dev/null
+++ b/linux-user/ioctls_alsa_structs.h
@@ -0,0 +1,1740 @@
@ -2260,10 +2262,10 @@ index 0000000000..e09a30defb
+ unsigned char *code;
+};
diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
index 0b15466743..bb3ed3c356 100644
index 40c5027..a34551d 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h
@@ -2640,6 +2640,8 @@ struct target_ucred {
@@ -2802,6 +2802,8 @@ struct target_ucred {
uint32_t gid;
};
@ -2273,10 +2275,10 @@ index 0b15466743..bb3ed3c356 100644
#define TARGET_SIGEV_MAX_SIZE 64
diff --git a/linux-user/syscall_types.h b/linux-user/syscall_types.h
index af79fbf1de..4d99a9dd8b 100644
index 24631b0..80ac53a 100644
--- a/linux-user/syscall_types.h
+++ b/linux-user/syscall_types.h
@@ -83,6 +83,11 @@ STRUCT(buffmem_desc,
@@ -89,6 +89,11 @@ STRUCT(buffmem_desc,
STRUCT(mixer_info,
MK_ARRAY(TYPE_CHAR, 16), MK_ARRAY(TYPE_CHAR, 32), TYPE_INT, MK_ARRAY(TYPE_INT, 10))
@ -2290,10 +2292,10 @@ index af79fbf1de..4d99a9dd8b 100644
TYPE_INT, /* lo_number */
diff --git a/linux-user/syscall_types_alsa.h b/linux-user/syscall_types_alsa.h
new file mode 100644
index 0000000000..72622ae9a2
index 0000000..fa7a18d
--- /dev/null
+++ b/linux-user/syscall_types_alsa.h
@@ -0,0 +1,1336 @@
@@ -0,0 +1,1330 @@
+/*
+ * Advanced Linux Sound Architecture
+ *
@ -2322,12 +2324,6 @@ index 0000000000..72622ae9a2
+STRUCT (sndrv_seq_instr_size, TYPE_INT)
+STRUCT (sndrv_pcm_uframes, TYPE_ULONG)
+
+
+STRUCT (timespec,
+ TYPE_LONG,
+ TYPE_LONG
+ )
+
+STRUCT( fm_operator,
+ TYPE_CHAR,
+ TYPE_CHAR,

View File

@ -1,4 +1,4 @@
From 9ef9e8d6c450c2f5332f9ab82c7fc4750c5b7cb4 Mon Sep 17 00:00:00 2001
From 0262c673779795a2284e961df4c174578385dbe9 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 14 Apr 2009 16:24:15 +0200
Subject: [PATCH] qemu-cvs-alsa_mmap
@ -12,10 +12,10 @@ Signed-off-by: Ulrich Hecht <uli@suse.de>
1 file changed, 14 insertions(+)
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index 61685bf79e..a428eb867f 100644
index 4888f53..a3fcea2 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -360,6 +360,9 @@ abi_ulong mmap_find_vma(abi_ulong start, abi_ulong size)
@@ -357,6 +357,9 @@ abi_ulong mmap_find_vma(abi_ulong start, abi_ulong size)
}
}
@ -25,7 +25,7 @@ index 61685bf79e..a428eb867f 100644
/* NOTE: all the constants are the HOST ones */
abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
int flags, int fd, abi_ulong offset)
@@ -394,6 +397,17 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
@@ -391,6 +394,17 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
}
#endif

View File

@ -1,4 +1,4 @@
From e073096e40ec4d1d2b90e9e289190d9098c44dbb Mon Sep 17 00:00:00 2001
From 269c7c470e1f6202ed68556ac10c743b5d4e1e8c Mon Sep 17 00:00:00 2001
From: Ulrich Hecht <uli@suse.de>
Date: Tue, 14 Apr 2009 16:25:41 +0200
Subject: [PATCH] qemu-cvs-gettimeofday
@ -9,10 +9,10 @@ No clue what this is for.
1 file changed, 2 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 7b77503f94..e6689466a7 100644
index cec8428..03c3576 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -8770,6 +8770,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
@@ -8914,6 +8914,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
case TARGET_NR_gettimeofday:
{
struct timeval tv;

View File

@ -1,4 +1,4 @@
From 34dcc1febe1a4806f5d2d34fad308f8d2890369a Mon Sep 17 00:00:00 2001
From c3db48bec691ea5dea3d7d08208964ae7c5beb10 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 14 Apr 2009 16:26:33 +0200
Subject: [PATCH] qemu-cvs-ioctl_debug
@ -12,10 +12,10 @@ Signed-off-by: Ulrich Hecht <uli@suse.de>
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index e6689466a7..3479be6cd6 100644
index 03c3576..891ee1c 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -5471,7 +5471,12 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
@@ -5611,7 +5611,12 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
ie = ioctl_entries;
for(;;) {
if (ie->target_cmd == 0) {

View File

@ -1,4 +1,4 @@
From 380059e6c4e96538576a198fc771b14186e85112 Mon Sep 17 00:00:00 2001
From 8744f4873ee2eda65d9914c2c5f83bb094220808 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 14 Apr 2009 16:27:36 +0200
Subject: [PATCH] qemu-cvs-ioctl_nodirection
@ -15,10 +15,10 @@ Signed-off-by: Ulrich Hecht <uli@suse.de>
1 file changed, 6 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 3479be6cd6..2660a59897 100644
index 891ee1c..2f82a7d 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -5504,6 +5504,11 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
@@ -5648,6 +5648,11 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
arg_type++;
target_size = thunk_type_size(arg_type, 0);
switch(ie->access) {
@ -30,7 +30,7 @@ index 3479be6cd6..2660a59897 100644
case IOC_R:
ret = get_errno(safe_ioctl(fd, ie->host_cmd, buf_temp));
if (!is_error(ret)) {
@@ -5522,6 +5527,7 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
@@ -5666,6 +5671,7 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
unlock_user(argptr, arg, 0);
ret = get_errno(safe_ioctl(fd, ie->host_cmd, buf_temp));
break;

View File

@ -1,4 +1,4 @@
From fd1e321c4e9f0ed67e559bd830f747c92c60593f Mon Sep 17 00:00:00 2001
From 7cb4f5e2f3a0f9dc7b988dda01fb73aaf306b476 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Fri, 30 Sep 2011 19:40:36 +0200
Subject: [PATCH] linux-user: add binfmt wrapper for argv[0] handling
@ -37,7 +37,7 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
create mode 100644 linux-user/binfmt.c
diff --git a/Makefile.target b/Makefile.target
index 7a5080e94a..aee2c41040 100644
index 7df2b8c..85ae084 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -36,6 +36,10 @@ endif
@ -51,16 +51,16 @@ index 7a5080e94a..aee2c41040 100644
config-target.h: config-target.h-timestamp
config-target.h-timestamp: config-target.mak
@@ -116,6 +120,8 @@ QEMU_CFLAGS+=-I$(SRC_PATH)/linux-user/$(TARGET_ABI_DIR) \
@@ -121,6 +125,8 @@ QEMU_CFLAGS+=-I$(SRC_PATH)/linux-user/$(TARGET_ABI_DIR) \
obj-y += linux-user/
obj-y += gdbstub.o thunk.o user-exec.o
obj-y += gdbstub.o thunk.o user-exec.o user-exec-stub.o
+obj-binfmt-y += linux-user/
+
endif #CONFIG_LINUX_USER
#########################################################
@@ -164,7 +170,11 @@ endif # CONFIG_SOFTMMU
@@ -169,7 +175,11 @@ endif # CONFIG_SOFTMMU
# Workaround for http://gcc.gnu.org/PR55489, see configure.
%/translate.o: QEMU_CFLAGS += $(TRANSLATE_OPT_CFLAGS)
@ -72,7 +72,7 @@ index 7a5080e94a..aee2c41040 100644
all-obj-y := $(obj-y)
target-obj-y :=
@@ -201,6 +211,9 @@ ifdef CONFIG_DARWIN
@@ -211,6 +221,9 @@ ifdef CONFIG_DARWIN
$(call quiet-command,SetFile -a C $@,"SETFILE","$(TARGET_DIR)$@")
endif
@ -83,7 +83,7 @@ index 7a5080e94a..aee2c41040 100644
$(call quiet-command,rm -f $@ && $(SHELL) $(SRC_PATH)/scripts/feature_to_c.sh $@ $(TARGET_XML_FILES),"GEN","$(TARGET_DIR)$@")
diff --git a/linux-user/Makefile.objs b/linux-user/Makefile.objs
index 8c93058100..607ca2dc92 100644
index 8c93058..607ca2d 100644
--- a/linux-user/Makefile.objs
+++ b/linux-user/Makefile.objs
@@ -6,3 +6,5 @@ obj-$(TARGET_HAS_BFLT) += flatload.o
@ -94,7 +94,7 @@ index 8c93058100..607ca2dc92 100644
+obj-binfmt-y = binfmt.o
diff --git a/linux-user/binfmt.c b/linux-user/binfmt.c
new file mode 100644
index 0000000000..cd1f513b33
index 0000000..cd1f513
--- /dev/null
+++ b/linux-user/binfmt.c
@@ -0,0 +1,42 @@

View File

@ -1,4 +1,4 @@
From 74afa369962dfa525f28913e0aaf0678362fc4cf Mon Sep 17 00:00:00 2001
From ec63fe3f838d5c9937ff99aff30d2d18a3e24688 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Fri, 6 Jan 2012 01:05:55 +0100
Subject: [PATCH] PPC: KVM: Disable mmu notifier check
@ -13,10 +13,10 @@ KVM guests work there, even if possibly racy in some odd circumstances.
1 file changed, 2 insertions(+)
diff --git a/exec.c b/exec.c
index 08c558eecf..d55ab5574d 100644
index e57a8a2..ab5f669 100644
--- a/exec.c
+++ b/exec.c
@@ -1240,11 +1240,13 @@ static void *file_ram_alloc(RAMBlock *block,
@@ -1362,11 +1362,13 @@ static void *file_ram_alloc(RAMBlock *block,
int fd = -1;
int64_t file_size;

View File

@ -1,4 +1,4 @@
From 34a749afcf6ad03e116b6cfb59934e0853bda304 Mon Sep 17 00:00:00 2001
From 5537031543a234dba1fdfe7b3b535b9860b2c7db Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Fri, 13 Jan 2012 17:05:41 +0100
Subject: [PATCH] linux-user: fix segfault deadlock
@ -26,10 +26,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 4 insertions(+)
diff --git a/user-exec.c b/user-exec.c
index 6db075884d..a18d626250 100644
index a8f95fa..c262653 100644
--- a/user-exec.c
+++ b/user-exec.c
@@ -65,6 +65,10 @@ static inline int handle_cpu_signal(uintptr_t pc, unsigned long address,
@@ -78,6 +78,10 @@ static inline int handle_cpu_signal(uintptr_t pc, unsigned long address,
printf("qemu: SIGSEGV pc=0x%08lx address=%08lx w=%d oldset=0x%08lx\n",
pc, address, is_write, *(unsigned long *)old_set);
#endif

View File

@ -1,4 +1,4 @@
From 21c11182134222d441f5f1c701f776ac14e10eb8 Mon Sep 17 00:00:00 2001
From 5ab2bfcf900a3c7edaf643680c20004e5d6a8b88 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 2 Feb 2012 18:02:33 +0100
Subject: [PATCH] linux-user: binfmt: support host binaries
@ -12,7 +12,7 @@ Signed-off-by: Alexander Graf <agraf@suse.de>
1 file changed, 26 insertions(+)
diff --git a/linux-user/binfmt.c b/linux-user/binfmt.c
index cd1f513b33..458f136fb4 100644
index cd1f513..458f136 100644
--- a/linux-user/binfmt.c
+++ b/linux-user/binfmt.c
@@ -5,6 +5,9 @@

View File

@ -1,4 +1,4 @@
From 8af212a8fae1e0cdf32df61e5509799495eaa9e6 Mon Sep 17 00:00:00 2001
From 24f3dfda51d8aefb4dfa4324427e93c8151b952c Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 23 Jul 2012 10:24:14 +0200
Subject: [PATCH] linux-user: Fake /proc/cpuinfo
@ -22,10 +22,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 20 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 2660a59897..a348927853 100644
index 2f82a7d..37b49bd 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -7359,6 +7359,25 @@ static int open_self_stat(void *cpu_env, int fd)
@@ -7503,6 +7503,25 @@ static int open_self_stat(void *cpu_env, int fd)
return 0;
}
@ -51,7 +51,7 @@ index 2660a59897..a348927853 100644
static int open_self_auxv(void *cpu_env, int fd)
{
CPUState *cpu = ENV_GET_CPU((CPUArchState *)cpu_env);
@@ -7473,6 +7492,7 @@ static int do_openat(void *cpu_env, int dirfd, const char *pathname, int flags,
@@ -7617,6 +7636,7 @@ static int do_openat(void *cpu_env, int dirfd, const char *pathname, int flags,
#if defined(HOST_WORDS_BIGENDIAN) != defined(TARGET_WORDS_BIGENDIAN)
{ "/proc/net/route", open_net_route, is_proc },
#endif

View File

@ -1,4 +1,4 @@
From 772c86a0d02d6869d7ef06b666ff26824eb9ca3e Mon Sep 17 00:00:00 2001
From 95225537f8eb894d41321962740a0703b6fd5770 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 21 Aug 2012 14:20:40 +0200
Subject: [PATCH] linux-user: XXX disable fiemap
@ -9,10 +9,10 @@ agraf: fiemap breaks in libarchive. Disable it for now.
1 file changed, 5 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index a348927853..b04fade80e 100644
index 37b49bd..983475a 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -4938,6 +4938,11 @@ static abi_long do_ioctl_fs_ioc_fiemap(const IOCTLEntry *ie, uint8_t *buf_temp,
@@ -5076,6 +5076,11 @@ static abi_long do_ioctl_fs_ioc_fiemap(const IOCTLEntry *ie, uint8_t *buf_temp,
uint32_t outbufsz;
int free_fm = 0;

View File

@ -1,4 +1,4 @@
From e69941d829cfb5d63a2c0f1606a4e58e6f33f9f6 Mon Sep 17 00:00:00 2001
From f79d37417fbd003ab5f0b8d35043fd05f80cf940 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 29 Aug 2012 18:42:56 +0200
Subject: [PATCH] slirp: -nooutgoing
@ -12,10 +12,10 @@ TBD (from SUSE Studio team)
4 files changed, 39 insertions(+)
diff --git a/qemu-options.hx b/qemu-options.hx
index c534a2f7f9..7e6d6ecc17 100644
index 99af8ed..4712277 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -3162,6 +3162,16 @@ Store the QEMU process PID in @var{file}. It is useful if you launch QEMU
@@ -3215,6 +3215,16 @@ Store the QEMU process PID in @var{file}. It is useful if you launch QEMU
from a script.
ETEXI
@ -33,7 +33,7 @@ index c534a2f7f9..7e6d6ecc17 100644
"-singlestep always run in singlestep mode\n", QEMU_ARCH_ALL)
STEXI
diff --git a/slirp/socket.c b/slirp/socket.c
index 6c18971368..e39e3a07f0 100644
index 8692772..5c89064 100644
--- a/slirp/socket.c
+++ b/slirp/socket.c
@@ -625,6 +625,8 @@ sorecvfrom(struct socket *so)
@ -59,7 +59,7 @@ index 6c18971368..e39e3a07f0 100644
ret = sendto(so->s, m->m_data, m->m_len, 0,
(struct sockaddr *)&addr, sockaddr_size(&addr));
diff --git a/slirp/tcp_subr.c b/slirp/tcp_subr.c
index ed16e1807f..b2c7a8cba0 100644
index ed16e18..b2c7a8c 100644
--- a/slirp/tcp_subr.c
+++ b/slirp/tcp_subr.c
@@ -391,6 +391,8 @@ tcp_sockclosed(struct tcpcb *tp)
@ -96,10 +96,10 @@ index ed16e1807f..b2c7a8cba0 100644
socket_set_fast_reuse(s);
opt = 1;
diff --git a/vl.c b/vl.c
index d77dd862f9..4427bf5e1a 100644
index 0b4ed52..e0f2ec8 100644
--- a/vl.c
+++ b/vl.c
@@ -162,6 +162,7 @@ int smp_threads = 1;
@@ -168,6 +168,7 @@ int smp_threads = 1;
int acpi_enabled = 1;
int no_hpet = 0;
int fd_bootchk = 1;
@ -107,7 +107,7 @@ index d77dd862f9..4427bf5e1a 100644
static int no_reboot;
int no_shutdown = 0;
int cursor_hide = 1;
@@ -3437,6 +3438,14 @@ int main(int argc, char **argv, char **envp)
@@ -3405,6 +3406,14 @@ int main(int argc, char **argv, char **envp)
case QEMU_OPTION_singlestep:
singlestep = 1;
break;

View File

@ -1,4 +1,4 @@
From 4338d0069c38dddf42e1ac1b66414266d6e9dac7 Mon Sep 17 00:00:00 2001
From 2c5e7c494f9650874da430015a2a99c68efc28fb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 29 Aug 2012 20:06:01 +0200
Subject: [PATCH] vnc: password-file= and incoming-connections=
@ -9,10 +9,10 @@ TBD (from SUSE Studio team)
1 file changed, 55 insertions(+)
diff --git a/ui/vnc.c b/ui/vnc.c
index 2c28a59ff7..8d0c16b23f 100644
index 821acdd..5e0189a 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -58,6 +58,8 @@ static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 };
@@ -59,6 +59,8 @@ static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 };
static QTAILQ_HEAD(, VncDisplay) vnc_displays =
QTAILQ_HEAD_INITIALIZER(vnc_displays);
@ -21,7 +21,7 @@ index 2c28a59ff7..8d0c16b23f 100644
static int vnc_cursor_define(VncState *vs);
static void vnc_release_modifiers(VncState *vs);
@@ -1201,6 +1203,7 @@ static void vnc_disconnect_start(VncState *vs)
@@ -1124,6 +1126,7 @@ static void vnc_disconnect_start(VncState *vs)
void vnc_disconnect_finish(VncState *vs)
{
int i;
@ -29,7 +29,7 @@ index 2c28a59ff7..8d0c16b23f 100644
vnc_jobs_join(vs); /* Wait encoding jobs */
@@ -1251,6 +1254,13 @@ void vnc_disconnect_finish(VncState *vs)
@@ -1172,6 +1175,13 @@ void vnc_disconnect_finish(VncState *vs)
object_unref(OBJECT(vs->sioc));
vs->sioc = NULL;
g_free(vs);
@ -43,7 +43,7 @@ index 2c28a59ff7..8d0c16b23f 100644
}
ssize_t vnc_client_io_error(VncState *vs, ssize_t ret, Error **errp)
@@ -3244,6 +3254,39 @@ static void vnc_display_print_local_addr(VncDisplay *vd)
@@ -3165,6 +3175,39 @@ static void vnc_display_print_local_addr(VncDisplay *vd)
qapi_free_SocketAddress(addr);
}
@ -83,7 +83,7 @@ index 2c28a59ff7..8d0c16b23f 100644
static QemuOptsList qemu_vnc_opts = {
.name = "vnc",
.head = QTAILQ_HEAD_INITIALIZER(qemu_vnc_opts.head),
@@ -3275,6 +3318,9 @@ static QemuOptsList qemu_vnc_opts = {
@@ -3196,6 +3239,9 @@ static QemuOptsList qemu_vnc_opts = {
.name = "connections",
.type = QEMU_OPT_NUMBER,
},{
@ -93,7 +93,7 @@ index 2c28a59ff7..8d0c16b23f 100644
.name = "to",
.type = QEMU_OPT_NUMBER,
},{
@@ -3287,6 +3333,9 @@ static QemuOptsList qemu_vnc_opts = {
@@ -3208,6 +3254,9 @@ static QemuOptsList qemu_vnc_opts = {
.name = "password",
.type = QEMU_OPT_BOOL,
},{
@ -103,15 +103,15 @@ index 2c28a59ff7..8d0c16b23f 100644
.name = "reverse",
.type = QEMU_OPT_BOOL,
},{
@@ -3486,6 +3535,7 @@ void vnc_display_open(const char *id, Error **errp)
@@ -3759,6 +3808,7 @@ void vnc_display_open(const char *id, Error **errp)
const char *share, *device_id;
QemuConsole *con;
bool password = false;
+ const char *password_file;
bool reverse = false;
const char *vnc;
char *h;
@@ -3615,6 +3665,10 @@ void vnc_display_open(const char *id, Error **errp)
const char *credid;
bool sasl = false;
@@ -3806,6 +3856,10 @@ void vnc_display_open(const char *id, Error **errp)
goto fail;
}
}
@ -120,9 +120,9 @@ index 2c28a59ff7..8d0c16b23f 100644
+ read_file_password(id, password_file);
+ }
reverse = qemu_opt_get_bool(opts, "reverse", false);
lock_key_sync = qemu_opt_get_bool(opts, "lock-key-sync", true);
@@ -3704,6 +3758,7 @@ void vnc_display_open(const char *id, Error **errp)
key_delay_ms = qemu_opt_get_number(opts, "key-delay-ms", 1);
@@ -3894,6 +3948,7 @@ void vnc_display_open(const char *id, Error **errp)
vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
}
vd->connections_limit = qemu_opt_get_number(opts, "connections", 32);

View File

@ -1,4 +1,4 @@
From 725c9b6ff408dc7960242751619caeb27560c3e7 Mon Sep 17 00:00:00 2001
From 0e87373394b75fd3db927367b4b456d412f9f9c0 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 9 Oct 2012 09:06:49 +0200
Subject: [PATCH] linux-user: use target_ulong
@ -17,10 +17,10 @@ Signed-off-by: Alexander Graf <agraf@suse.de>
2 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/linux-user/qemu.h b/linux-user/qemu.h
index da73a01106..7d2894d7c0 100644
index 4edd7d0..2520864 100644
--- a/linux-user/qemu.h
+++ b/linux-user/qemu.h
@@ -193,10 +193,10 @@ abi_long memcpy_to_target(abi_ulong dest, const void *src,
@@ -196,10 +196,10 @@ abi_long memcpy_to_target(abi_ulong dest, const void *src,
void target_set_brk(abi_ulong new_brk);
abi_long do_brk(abi_ulong new_brk);
void syscall_init(void);
@ -36,10 +36,10 @@ index da73a01106..7d2894d7c0 100644
extern THREAD CPUState *thread_cpu;
void cpu_loop(CPUArchState *env);
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index b04fade80e..ab3cf24dbb 100644
index 983475a..1472d72 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -7566,10 +7566,10 @@ static target_timer_t get_timer_id(abi_long arg)
@@ -7710,10 +7710,10 @@ static target_timer_t get_timer_id(abi_long arg)
/* do_syscall() should always have a single exit point at the end so
that actions, such as logging of syscall results, can be performed.
All errnos that do_syscall() returns must be -TARGET_<errcode>. */

View File

@ -1,4 +1,4 @@
From 2f2838f6f14d8a7a7d3000fc0d61349ddf3f33b0 Mon Sep 17 00:00:00 2001
From d899092fe4f00c7f9fe922940a8244b4557c9729 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Wed, 5 Aug 2009 09:49:37 +0200
Subject: [PATCH] block: Add support for DictZip enabled gzip files
@ -47,11 +47,11 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
create mode 100644 block/dictzip.c
diff --git a/block/Makefile.objs b/block/Makefile.objs
index 67a036a1df..0417d54e26 100644
index de96f8e..bab24da 100644
--- a/block/Makefile.objs
+++ b/block/Makefile.objs
@@ -21,6 +21,7 @@ block-obj-$(CONFIG_GLUSTERFS) += gluster.o
block-obj-$(CONFIG_ARCHIPELAGO) += archipelago.o
@@ -21,6 +21,7 @@ block-obj-$(CONFIG_RBD) += rbd.o
block-obj-$(CONFIG_GLUSTERFS) += gluster.o
block-obj-$(CONFIG_LIBSSH2) += ssh.o
block-obj-y += accounting.o dirty-bitmap.o
+block-obj-y += dictzip.o
@ -60,7 +60,7 @@ index 67a036a1df..0417d54e26 100644
block-obj-$(CONFIG_REPLICATION) += replication.o
diff --git a/block/dictzip.c b/block/dictzip.c
new file mode 100644
index 0000000000..4b7e2db817
index 0000000..4b7e2db
--- /dev/null
+++ b/block/dictzip.c
@@ -0,0 +1,580 @@

View File

@ -1,4 +1,4 @@
From dae0d107e021d65a5029c53229543bca37d21da8 Mon Sep 17 00:00:00 2001
From db57917e50e35b24d8a281429436155725eb1da9 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Wed, 5 Aug 2009 17:28:38 +0200
Subject: [PATCH] block: Add tar container format
@ -48,10 +48,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
create mode 100644 block/tar.c
diff --git a/block/Makefile.objs b/block/Makefile.objs
index 0417d54e26..255b8d7b0f 100644
index bab24da..73c7b55 100644
--- a/block/Makefile.objs
+++ b/block/Makefile.objs
@@ -22,6 +22,7 @@ block-obj-$(CONFIG_ARCHIPELAGO) += archipelago.o
@@ -22,6 +22,7 @@ block-obj-$(CONFIG_GLUSTERFS) += gluster.o
block-obj-$(CONFIG_LIBSSH2) += ssh.o
block-obj-y += accounting.o dirty-bitmap.o
block-obj-y += dictzip.o
@ -61,7 +61,7 @@ index 0417d54e26..255b8d7b0f 100644
block-obj-$(CONFIG_REPLICATION) += replication.o
diff --git a/block/tar.c b/block/tar.c
new file mode 100644
index 0000000000..508265ed5e
index 0000000..508265e
--- /dev/null
+++ b/block/tar.c
@@ -0,0 +1,370 @@

View File

@ -1,4 +1,4 @@
From a4e7e274fa2d1fab3e2a4bfa9ca379252c5aa505 Mon Sep 17 00:00:00 2001
From 1a949de28ecc6685d9b4e6090caf5f927dd1b6a5 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Wed, 12 Dec 2012 19:11:30 +0100
Subject: [PATCH] Legacy Patch kvm-qemu-preXX-dictzip3.patch
@ -8,7 +8,7 @@ Subject: [PATCH] Legacy Patch kvm-qemu-preXX-dictzip3.patch
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/block/tar.c b/block/tar.c
index 508265ed5e..734082a011 100644
index 508265e..734082a 100644
--- a/block/tar.c
+++ b/block/tar.c
@@ -73,7 +73,8 @@ static int str_ends(char *str, const char *end)

View File

@ -1,4 +1,4 @@
From b6dbfd4547ac7a9af8e7a4785d53dc087e613d36 Mon Sep 17 00:00:00 2001
From b5506d1f37450b29113776120dfe0c17b7e264bc Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 6 Jun 2011 06:53:52 +0200
Subject: [PATCH] console: add question-mark escape operator
@ -16,10 +16,10 @@ Signed-off-by: Alexander Graf <agraf@suse.de>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ui/console.c b/ui/console.c
index ed888e55ea..b55d7a5cb3 100644
index 419b098..9688457 100644
--- a/ui/console.c
+++ b/ui/console.c
@@ -869,7 +869,7 @@ static void console_putchar(QemuConsole *s, int ch)
@@ -880,7 +880,7 @@ static void console_putchar(QemuConsole *s, int ch)
} else {
if (s->nb_esc_params < MAX_ESC_PARAMS)
s->nb_esc_params++;

View File

@ -1,4 +1,4 @@
From 047016003be1f8b58e063551d6e890f2616e931e Mon Sep 17 00:00:00 2001
From a1893eb93c3e6a59108e3b2d6db315323b44bb39 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 1 Apr 2010 17:36:23 +0200
Subject: [PATCH] Make char muxer more robust wrt small FIFOs
@ -20,24 +20,15 @@ This patch fixes input when using -nographic on s390 for me.
[AF: Rebased for v2.7.0-rc2]
---
qemu-char.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
chardev/char-mux.c | 13 +++++++++++++
chardev/char-mux.h | 3 +++
2 files changed, 16 insertions(+)
diff --git a/qemu-char.c b/qemu-char.c
index 2c9940cea4..b6a9a32bf4 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -531,6 +531,9 @@ static CharDriverState *qemu_chr_open_null(const char *id,
struct MuxDriver {
CharBackend *backends[MAX_MUX];
CharBackend chr;
+#if defined(TARGET_S390X)
+ QEMUTimer *accept_timer;
+#endif
int focus;
int mux_cnt;
int term_got_escape;
@@ -694,6 +697,15 @@ static void mux_chr_accept_input(CharDriverState *chr)
diff --git a/chardev/char-mux.c b/chardev/char-mux.c
index 5547a36..7b80dc8 100644
--- a/chardev/char-mux.c
+++ b/chardev/char-mux.c
@@ -179,6 +179,15 @@ static void mux_chr_accept_input(Chardev *chr)
be->chr_read(be->opaque,
&d->buffer[m][d->cons[m]++ & MUX_BUFFER_MASK], 1);
}
@ -53,14 +44,28 @@ index 2c9940cea4..b6a9a32bf4 100644
}
static int mux_chr_can_read(void *opaque)
@@ -864,6 +876,10 @@ static CharDriverState *qemu_chr_open_mux(const char *id,
@@ -308,6 +317,10 @@ static void qemu_chr_open_mux(Chardev *chr,
}
chr->opaque = d;
d->focus = -1;
+#if defined(TARGET_S390X)
+ d->accept_timer = qemu_new_timer_ns(vm_clock,
+ (QEMUTimerCB*)mux_chr_accept_input, chr);
+#endif
chr->chr_free = mux_chr_free;
chr->chr_write = mux_chr_write;
chr->chr_accept_input = mux_chr_accept_input;
/* only default to opened state if we've realized the initial
* set of muxes
*/
diff --git a/chardev/char-mux.h b/chardev/char-mux.h
index 9a2fffc..d5f419c 100644
--- a/chardev/char-mux.h
+++ b/chardev/char-mux.h
@@ -35,6 +35,9 @@ typedef struct MuxChardev {
Chardev parent;
CharBackend *backends[MAX_MUX];
CharBackend chr;
+#if defined(TARGET_S390X)
+ QEMUTimer *accept_timer;
+#endif
int focus;
int mux_cnt;
int term_got_escape;

View File

@ -1,4 +1,4 @@
From 2be621021e70d2b86164c8b5e929bc13eca0e055 Mon Sep 17 00:00:00 2001
From a69c5a8d473c9a59f3059279171781752b6cc968 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 13 Dec 2012 14:29:22 +0100
Subject: [PATCH] linux-user: lseek: explicitly cast non-set offsets to signed
@ -16,10 +16,10 @@ Signed-off-by: Alexander Graf <agraf@suse.de>
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index ab3cf24dbb..831d3df19c 100644
index 1472d72..71d4f06 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -7932,9 +7932,14 @@ abi_long do_syscall(void *cpu_env, int num, abi_ulong arg1,
@@ -8076,9 +8076,14 @@ abi_long do_syscall(void *cpu_env, int num, abi_ulong arg1,
case TARGET_NR_oldstat:
goto unimplemented;
#endif

View File

@ -1,4 +1,4 @@
From 1825b6ee2b448261ae1bfde344a8127dbdec1e9a Mon Sep 17 00:00:00 2001
From 9553c9a4140d8fe2140806cb082e19b225cdc88f Mon Sep 17 00:00:00 2001
From: Dinar Valeev <k0da@opensuse.org>
Date: Wed, 2 Oct 2013 17:56:03 +0200
Subject: [PATCH] configure: Enable PIE for ppc and ppc64 hosts
@ -14,10 +14,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure b/configure
index 3770d7c263..9fdf7e7abc 100755
index d1ce33b..64b31aa 100755
--- a/configure
+++ b/configure
@@ -1567,7 +1567,7 @@ fi
@@ -1587,7 +1587,7 @@ fi
if test "$pie" = ""; then
case "$cpu-$targetos" in

View File

@ -1,31 +0,0 @@
From 68cabc26aa994989c71212df1623e159df4e6b01 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Thu, 16 May 2013 12:39:10 +0200
Subject: [PATCH] virtfs-proxy-helper: Provide __u64 for broken
sys/capability.h
Fixes the build on SLE 11 SP2.
[AF: Extend to ppc64]
---
fsdev/virtfs-proxy-helper.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c
index 54f7ad1c48..b4bf2f40c9 100644
--- a/fsdev/virtfs-proxy-helper.c
+++ b/fsdev/virtfs-proxy-helper.c
@@ -9,6 +9,13 @@
* the COPYING file in the top-level directory.
*/
+/* work around a broken sys/capability.h */
+#if defined(__i386__)
+typedef unsigned long long __u64;
+#endif
+#if defined(__powerpc64__)
+#include <asm/types.h>
+#endif
#include "qemu/osdep.h"
#include <sys/resource.h>
#include <getopt.h>

View File

@ -1,4 +1,4 @@
From 9a6dabcb75d6f8d17f3aab2ef4c2c6186e1a8eb1 Mon Sep 17 00:00:00 2001
From ad45d67741788641e8be04db71d364c0f46b5d73 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Wed, 14 Jan 2015 01:32:11 +0100
Subject: [PATCH] AIO: Reduce number of threads for 32bit hosts
@ -17,14 +17,14 @@ on 32bit ARM systems for me.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
thread-pool.c | 7 ++++++-
util/thread-pool.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/thread-pool.c b/thread-pool.c
index 6fba913529..ee0b485f07 100644
--- a/thread-pool.c
+++ b/thread-pool.c
@@ -297,7 +297,12 @@ static void thread_pool_init_one(ThreadPool *pool, AioContext *ctx)
diff --git a/util/thread-pool.c b/util/thread-pool.c
index 610646d..2e34e98 100644
--- a/util/thread-pool.c
+++ b/util/thread-pool.c
@@ -308,7 +308,12 @@ static void thread_pool_init_one(ThreadPool *pool, AioContext *ctx)
qemu_mutex_init(&pool->lock);
qemu_cond_init(&pool->worker_stopped);
qemu_sem_init(&pool->sem, 0);

View File

@ -1,4 +1,4 @@
From 69fae9cfe2d91c07fece069189debaaf47e7d40b Mon Sep 17 00:00:00 2001
From 2a737b7666622c49e849172a57e66e9ffe33fe31 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 15 Jun 2015 17:36:32 +0200
Subject: [PATCH] dictzip: Fix on big endian systems
@ -21,7 +21,7 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 28 insertions(+), 22 deletions(-)
diff --git a/block/dictzip.c b/block/dictzip.c
index 4b7e2db817..3235337164 100644
index 4b7e2db..3235337 100644
--- a/block/dictzip.c
+++ b/block/dictzip.c
@@ -156,6 +156,7 @@ static int dictzip_open(BlockDriverState *bs, QDict *options, int flags, Error *

View File

@ -1,4 +1,4 @@
From 1e4469088f98f8ce31044eb89e76228f07d068a2 Mon Sep 17 00:00:00 2001
From 2d8f077b0bc869de923029f7a789486091b6b00c Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Wed, 9 Mar 2016 15:18:11 -0700
Subject: [PATCH] xen_disk: Add suse specific flush disable handling and map to
@ -17,7 +17,7 @@ Signed-off-by: Olaf Hering <olaf@aepfle.de>
1 file changed, 15 insertions(+)
diff --git a/hw/block/xen_disk.c b/hw/block/xen_disk.c
index 456a2d5694..94e755d3e8 100644
index 456a2d5..94e755d 100644
--- a/hw/block/xen_disk.c
+++ b/hw/block/xen_disk.c
@@ -111,6 +111,7 @@ struct XenBlkDev {

View File

@ -1,4 +1,4 @@
From b05bd879232bb4ac753d72a9c32c489b109e6555 Mon Sep 17 00:00:00 2001
From 582bf7659533dde0ba3274bd5fbc239dcb2341af Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Tue, 2 Aug 2016 11:36:02 -0600
Subject: [PATCH] qemu-bridge-helper: reduce security profile
@ -19,7 +19,7 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 24 insertions(+), 3 deletions(-)
diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c
index 5396fbfbb6..f3710b80a3 100644
index 5396fbf..f3710b8 100644
--- a/qemu-bridge-helper.c
+++ b/qemu-bridge-helper.c
@@ -110,7 +110,12 @@ static int parse_acl_file(const char *filename, ACLList *acl_list)

View File

@ -1,4 +1,4 @@
From 36996f68dc156ab64aec4b149c724ce2b2c7f400 Mon Sep 17 00:00:00 2001
From ef8a949c37e62b108c00b028f2e24652cf4a1391 Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@suse.de>
Date: Fri, 12 Aug 2016 18:20:49 +0200
Subject: [PATCH] qemu-binfmt-conf: use qemu-ARCH-binfmt
@ -13,10 +13,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/scripts/qemu-binfmt-conf.sh b/scripts/qemu-binfmt-conf.sh
index 764025580d..3affcdca1b 100755
index 9fcd95a..f14a6ef 100755
--- a/scripts/qemu-binfmt-conf.sh
+++ b/scripts/qemu-binfmt-conf.sh
@@ -201,7 +201,7 @@ qemu_check_systemd() {
@@ -206,7 +206,7 @@ qemu_check_systemd() {
}
qemu_generate_register() {
@ -25,7 +25,7 @@ index 764025580d..3affcdca1b 100755
}
qemu_register_interpreter() {
@@ -242,9 +242,9 @@ qemu_set_binfmts() {
@@ -247,9 +247,9 @@ qemu_set_binfmts() {
continue
fi

View File

@ -1,4 +1,4 @@
From 6163925a8a53570a007a564c2d86746e589d5ea4 Mon Sep 17 00:00:00 2001
From b1730d9bde196e25b803bc3d5eab4eff946b0afe Mon Sep 17 00:00:00 2001
From: markkp <mpost@suse.com>
Date: Thu, 11 Aug 2016 16:28:39 -0400
Subject: [PATCH] configure: Fix detection of seccomp on s390x
@ -13,10 +13,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 3 insertions(+)
diff --git a/configure b/configure
index 9fdf7e7abc..087d8e2661 100755
index 64b31aa..866cd15 100755
--- a/configure
+++ b/configure
@@ -1928,6 +1928,9 @@ if test "$seccomp" != "no" ; then
@@ -1948,6 +1948,9 @@ if test "$seccomp" != "no" ; then
ppc|ppc64)
libseccomp_minver="2.3.0"
;;

View File

@ -1,4 +1,4 @@
From a420f344cef024cab119609171fb14667666055c Mon Sep 17 00:00:00 2001
From acf69d83c150761a8016e2f68a642b781808a6c6 Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@linux-m68k.org>
Date: Thu, 8 Sep 2016 11:21:05 +0200
Subject: [PATCH] linux-user: properly test for infinite timeout in poll (#8)
@ -16,10 +16,10 @@ Signed-off-by: Andreas Schwab <schwab@suse.de>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 831d3df19c..b5070a0d0e 100644
index 71d4f06..78f0ea4 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -10061,7 +10061,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_ulong arg1,
@@ -10204,7 +10204,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_ulong arg1,
{
struct timespec ts, *pts;

View File

@ -1,4 +1,4 @@
From 667601cdfbeada47ff5f00d6bf5a17c865319a7f Mon Sep 17 00:00:00 2001
From 4503b8396f04c12152cb1249a4d4254af8b39fd5 Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@suse.de>
Date: Wed, 28 Sep 2016 16:36:40 +0200
Subject: [PATCH] linux-user: remove all traces of qemu from /proc/self/cmdline
@ -17,10 +17,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 7 insertions(+), 40 deletions(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index b5070a0d0e..213e8f3c6c 100644
index 78f0ea4..1e56583 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -7230,52 +7230,19 @@ int host_to_target_waitstatus(int status)
@@ -7374,52 +7374,19 @@ int host_to_target_waitstatus(int status)
static int open_self_cmdline(void *cpu_env, int fd)
{

View File

@ -1,4 +1,4 @@
From 235fbffb3f16857462b5256cc731156322b66072 Mon Sep 17 00:00:00 2001
From af6206af2b2f64af4bc0cb371387ec3bfb9db51f Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Sat, 19 Nov 2016 08:06:30 -0700
Subject: [PATCH] roms/Makefile: pass a packaging timestamp to subpackages with
@ -20,7 +20,7 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/roms/Makefile b/roms/Makefile
index b5e5a69e91..89d69eb350 100644
index b5e5a69..89d69eb 100644
--- a/roms/Makefile
+++ b/roms/Makefile
@@ -52,6 +52,12 @@ SEABIOS_EXTRAVERSION="-prebuilt.qemu-project.org"

View File

@ -1,4 +1,4 @@
From a5f88d11e6d846f117d9a6cc3fbf1fb0b2750047 Mon Sep 17 00:00:00 2001
From 78ee8131d8c9e60b92f4799d8732bd47f6ed2d18 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Sun, 15 Jan 2012 19:53:49 +0100
Subject: [PATCH] Raise soft address space limit to hard limit
@ -17,7 +17,7 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
1 file changed, 12 insertions(+)
diff --git a/vl.c b/vl.c
index 4427bf5e1a..501cd28363 100644
index e0f2ec8..caad3f9 100644
--- a/vl.c
+++ b/vl.c
@@ -26,6 +26,7 @@
@ -28,15 +28,15 @@ index 4427bf5e1a..501cd28363 100644
#ifdef CONFIG_SECCOMP
#include "sysemu/seccomp.h"
@@ -3031,6 +3032,7 @@ int main(int argc, char **argv, char **envp)
Error *main_loop_err = NULL;
Error *err = NULL;
bool list_data_dirs = false;
@@ -2984,6 +2985,7 @@ int main(int argc, char **argv, char **envp)
} BlockdevOptions_queue;
QSIMPLEQ_HEAD(, BlockdevOptions_queue) bdo_queue
= QSIMPLEQ_HEAD_INITIALIZER(bdo_queue);
+ struct rlimit rlimit_as;
module_call_init(MODULE_INIT_TRACE);
@@ -3038,6 +3040,16 @@ int main(int argc, char **argv, char **envp)
@@ -2991,6 +2993,16 @@ int main(int argc, char **argv, char **envp)
qemu_init_cpu_loop();
qemu_mutex_lock_iothread();

View File

@ -1,32 +0,0 @@
From 920c90f4344b38242bd01b21f8bef55f11d0748c Mon Sep 17 00:00:00 2001
From: P J P <ppandit@redhat.com>
Date: Mon, 31 Oct 2016 15:55:14 -0600
Subject: [PATCH] dma: rc4030: limit interval timer reload value
The JAZZ RC4030 chipset emulator has a periodic timer and
associated interval reload register. The reload value is used
as divider when computing timer's next tick value. If reload
value is large, it could lead to divide by zero error. Limit
the interval reload value to avoid it.
Reported-by: Huawei PSIRT <psirt@huawei.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
[BR: CVE-2016-8667 BSC#1004702]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/dma/rc4030.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/dma/rc4030.c b/hw/dma/rc4030.c
index 17c8518fea..41fc043464 100644
--- a/hw/dma/rc4030.c
+++ b/hw/dma/rc4030.c
@@ -460,7 +460,7 @@ static void rc4030_write(void *opaque, hwaddr addr, uint64_t data,
break;
/* Interval timer reload */
case 0x0228:
- s->itr = val;
+ s->itr = val & 0x01FF;
qemu_irq_lower(s->timer_irq);
set_next_tick(s);
break;

View File

@ -1,4 +1,4 @@
From 6fef5a1f40ec5dd0c13fabd299929125bafda7d4 Mon Sep 17 00:00:00 2001
From 60a200a500b0e3875cae15343e5ccac88ad07c7d Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Fri, 17 May 2013 16:49:58 -0600
Subject: [PATCH] increase x86_64 physical bits to 42
@ -15,14 +15,14 @@ memory hole.
Signed-off-by: Bruce Rogers <brogers@suse.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
---
target-i386/cpu.h | 2 +-
target/i386/cpu.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target-i386/cpu.h b/target-i386/cpu.h
index c605724022..4c17f17701 100644
--- a/target-i386/cpu.h
+++ b/target-i386/cpu.h
@@ -1465,7 +1465,7 @@ uint64_t cpu_get_tsc(CPUX86State *env);
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index 07401ad..64545b2 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -1486,7 +1486,7 @@ uint64_t cpu_get_tsc(CPUX86State *env);
/* XXX: This value should match the one returned by CPUID
* and in exec.c */
# if defined(TARGET_X86_64)

View File

@ -1,47 +0,0 @@
From 101b933ef85a7520984743bbc35cc244304d94c7 Mon Sep 17 00:00:00 2001
From: P J P <ppandit@redhat.com>
Date: Mon, 31 Oct 2016 15:58:47 -0600
Subject: [PATCH] net: imx: limit buffer descriptor count
i.MX Fast Ethernet Controller uses buffer descriptors to manage
data flow to/fro receive & transmit queues. While transmitting
packets, it could continue to read buffer descriptors if a buffer
descriptor has length of zero and has crafted values in bd.flags.
Set an upper limit to number of buffer descriptors.
Reported-by: Li Qiang <liqiang6-s@360.cn>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
[BR: CVE-2016-7907 BSC#1002549]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/net/imx_fec.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/hw/net/imx_fec.c b/hw/net/imx_fec.c
index 50c75642c6..78d641c2a3 100644
--- a/hw/net/imx_fec.c
+++ b/hw/net/imx_fec.c
@@ -220,6 +220,8 @@ static const VMStateDescription vmstate_imx_eth = {
#define PHY_INT_PARFAULT (1 << 2)
#define PHY_INT_AUTONEG_PAGE (1 << 1)
+#define IMX_MAX_DESC 1024
+
static void imx_eth_update(IMXFECState *s);
/*
@@ -402,12 +404,12 @@ static void imx_eth_update(IMXFECState *s)
static void imx_fec_do_tx(IMXFECState *s)
{
- int frame_size = 0;
+ int frame_size = 0, descnt = 0;
uint8_t frame[ENET_MAX_FRAME_SIZE];
uint8_t *ptr = frame;
uint32_t addr = s->tx_descriptor;
- while (1) {
+ while (descnt++ < IMX_MAX_DESC) {
IMXFECBufDesc bd;
int len;

View File

@ -1,4 +1,4 @@
From f29449e6c1a79238ed317b4e2307ef699e7612bd Mon Sep 17 00:00:00 2001
From 5732f064b36dc13cf47bc25e2dd1d96e9e68e5ff Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 12 Jun 2013 19:26:37 +0200
Subject: [PATCH] vga: Raise VRAM to 16 MiB for pc-0.15 and below
@ -25,10 +25,10 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
1 file changed, 26 insertions(+), 1 deletion(-)
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index a54a468c0a..511d438bdb 100644
index 9f102aa..1c09005 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -770,7 +770,32 @@ DEFINE_I440FX_MACHINE(v1_0, "pc-1.0", pc_compat_1_2,
@@ -779,7 +779,32 @@ DEFINE_I440FX_MACHINE(v1_0, "pc-1.0", pc_compat_1_2,
#define PC_COMPAT_0_15 \

View File

@ -1,4 +1,4 @@
From de2bd411b216f7fa9aacad1e86cbd9c25db8954a Mon Sep 17 00:00:00 2001
From 27917a0843c1130a9caeb15e43fabf7c728e1f21 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 31 Jul 2013 17:05:29 +0200
Subject: [PATCH] i8254: Fix migration from SLE11 SP2
@ -17,7 +17,7 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 7 insertions(+)
diff --git a/hw/timer/i8254_common.c b/hw/timer/i8254_common.c
index e18299a482..bc676c4664 100644
index e18299a..bc676c4 100644
--- a/hw/timer/i8254_common.c
+++ b/hw/timer/i8254_common.c
@@ -258,6 +258,12 @@ static int pit_dispatch_post_load(void *opaque, int version_id)

View File

@ -1,4 +1,4 @@
From 54d95bf6b1053208ce3bf31cad9a9cc8cf29c634 Mon Sep 17 00:00:00 2001
From d4005dc15370486a71c28c3e9b7c933feff84fd7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 31 Jul 2013 17:32:35 +0200
Subject: [PATCH] acpi_piix4: Fix migration from SLE11 SP2
@ -17,7 +17,7 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/acpi/piix4.c b/hw/acpi/piix4.c
index 17d36bd595..f657eb7474 100644
index a553a7e..c34f761 100644
--- a/hw/acpi/piix4.c
+++ b/hw/acpi/piix4.c
@@ -311,7 +311,7 @@ static const VMStateDescription vmstate_cpuhp_state = {

View File

@ -1,4 +1,4 @@
From 87164237f308f856e2429044f88f7fe61243f745 Mon Sep 17 00:00:00 2001
From 59470109fd7b6d5f8e9c5dd62d49f68061fa1756 Mon Sep 17 00:00:00 2001
From: Chunyan Liu <cyliu@suse.com>
Date: Thu, 3 Mar 2016 16:48:17 +0800
Subject: [PATCH] Fix tigervnc long press issue
@ -24,10 +24,10 @@ Signed-off-by: Chunyan Liu <cyliu@suse.com>
1 file changed, 19 insertions(+)
diff --git a/ui/vnc.c b/ui/vnc.c
index 8d0c16b23f..392c466dad 100644
index 5e0189a..a18ccf4 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -1770,6 +1770,25 @@ static void do_key_event(VncState *vs, int down, int keycode, int sym)
@@ -1662,6 +1662,25 @@ static void do_key_event(VncState *vs, int down, int keycode, int sym)
if (down)
vs->modifiers_state[keycode] ^= 1;
break;

View File

@ -1,4 +1,4 @@
From be38f2a0ff94c1c60e51b9d82fdf8d4b038a6c7d Mon Sep 17 00:00:00 2001
From 3373827d428eee5350a210e14b8ba8fda8fc83f4 Mon Sep 17 00:00:00 2001
From: Chunyan Liu <cyliu@suse.com>
Date: Fri, 29 Apr 2016 11:17:08 +0800
Subject: [PATCH] fix xen hvm direct kernel boot
@ -29,7 +29,7 @@ Signed-off-by: Chunyan Liu <cyliu@suse.com>
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/hw/core/loader.c b/hw/core/loader.c
index 45742494e6..306b3ed683 100644
index bf17b42..14dc6e1 100644
--- a/hw/core/loader.c
+++ b/hw/core/loader.c
@@ -55,6 +55,7 @@
@ -40,7 +40,7 @@ index 45742494e6..306b3ed683 100644
#include <zlib.h>
@@ -858,7 +859,10 @@ static void *rom_set_mr(Rom *rom, Object *owner, const char *name)
@@ -866,7 +867,10 @@ static void *rom_set_mr(Rom *rom, Object *owner, const char *name, bool ro)
void *data;
rom->mr = g_malloc(sizeof(*rom->mr));

View File

@ -1,4 +1,4 @@
From 992fa3653d4f6202269df90e32160baf542f058a Mon Sep 17 00:00:00 2001
From afc51239827b010f266a7411981dd3c99014ea49 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 19 Sep 2016 10:02:55 +0200
Subject: [PATCH] ARM: KVM: Enable in-kernel timers with user space gic
@ -18,17 +18,17 @@ Signed-off-by: Alexander Graf <agraf@suse.de>
hw/intc/Makefile.objs | 2 +-
hw/intc/arm_gic.c | 16 ++++++++++++++++
linux-headers/linux/kvm.h | 14 ++++++++++++++
target-arm/kvm.c | 29 ++++++++++++++++++++++++++++-
target-arm/kvm_arm.h | 11 +++++++++++
target/arm/kvm.c | 29 ++++++++++++++++++++++++++++-
target/arm/kvm_arm.h | 11 +++++++++++
6 files changed, 88 insertions(+), 2 deletions(-)
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index d04e4acbd9..2fbba49132 100644
index 5f62a03..44e1170 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -623,6 +623,24 @@ static void create_gic(VirtBoardInfo *vbi, qemu_irq *pic, int type,
@@ -609,6 +609,24 @@ static void create_gic(VirtMachineState *vms, qemu_irq *pic)
} else if (type == 2) {
create_v2m(vbi, pic);
create_v2m(vms, pic);
}
+
+#ifdef CONFIG_KVM
@ -50,9 +50,9 @@ index d04e4acbd9..2fbba49132 100644
+#endif
}
static void create_uart(const VirtBoardInfo *vbi, qemu_irq *pic, int uart,
static void create_uart(const VirtMachineState *vms, qemu_irq *pic, int uart,
diff --git a/hw/intc/Makefile.objs b/hw/intc/Makefile.objs
index 2f44a2da26..73cb694e44 100644
index adedd0d..6434f2c 100644
--- a/hw/intc/Makefile.objs
+++ b/hw/intc/Makefile.objs
@@ -10,7 +10,6 @@ common-obj-$(CONFIG_REALVIEW) += realview_gic.o
@ -72,7 +72,7 @@ index 2f44a2da26..73cb694e44 100644
obj-$(call land,$(CONFIG_ARM_GIC_KVM),$(TARGET_AARCH64)) += arm_gicv3_kvm.o
obj-$(call land,$(CONFIG_ARM_GIC_KVM),$(TARGET_AARCH64)) += arm_gicv3_its_kvm.o
diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c
index 521aac3cc6..21236499f1 100644
index b305d90..396bfab 100644
--- a/hw/intc/arm_gic.c
+++ b/hw/intc/arm_gic.c
@@ -25,6 +25,7 @@
@ -81,9 +81,9 @@ index 521aac3cc6..21236499f1 100644
#include "trace.h"
+#include "kvm_arm.h"
//#define DEBUG_GIC
/* #define DEBUG_GIC */
@@ -557,6 +558,11 @@ static void gic_deactivate_irq(GICState *s, int cpu, int irq, MemTxAttrs attrs)
@@ -549,6 +550,11 @@ static void gic_deactivate_irq(GICState *s, int cpu, int irq, MemTxAttrs attrs)
return;
}
@ -95,7 +95,7 @@ index 521aac3cc6..21236499f1 100644
GIC_CLEAR_ACTIVE(irq, cm);
}
@@ -566,6 +572,12 @@ void gic_complete_irq(GICState *s, int cpu, int irq, MemTxAttrs attrs)
@@ -558,6 +564,12 @@ void gic_complete_irq(GICState *s, int cpu, int irq, MemTxAttrs attrs)
int group;
DPRINTF("EOI %d\n", irq);
@ -108,7 +108,7 @@ index 521aac3cc6..21236499f1 100644
if (irq >= s->num_irq) {
/* This handles two cases:
* 1. If software writes the ID of a spurious interrupt [ie 1023]
@@ -915,6 +927,10 @@ static void gic_dist_writeb(void *opaque, hwaddr offset,
@@ -899,6 +911,10 @@ static void gic_dist_writeb(void *opaque, hwaddr offset,
trace_gic_enable_irq(irq + i);
}
GIC_SET_ENABLED(irq + i, cm);
@ -120,7 +120,7 @@ index 521aac3cc6..21236499f1 100644
is as pending. */
if (GIC_TEST_LEVEL(irq + i, mask)
diff --git a/linux-headers/linux/kvm.h b/linux-headers/linux/kvm.h
index 4806e069e7..ffcacf8f0c 100644
index 4e082a8..41b6296 100644
--- a/linux-headers/linux/kvm.h
+++ b/linux-headers/linux/kvm.h
@@ -205,6 +205,7 @@ struct kvm_hyperv_exit {
@ -131,7 +131,7 @@ index 4806e069e7..ffcacf8f0c 100644
/* For KVM_EXIT_INTERNAL_ERROR */
/* Emulate instruction failed. */
@@ -361,6 +362,10 @@ struct kvm_run {
@@ -362,6 +363,10 @@ struct kvm_run {
} eoi;
/* KVM_EXIT_HYPERV */
struct kvm_hyperv_exit hyperv;
@ -142,15 +142,15 @@ index 4806e069e7..ffcacf8f0c 100644
/* Fix the size of the union. */
char padding[256];
};
@@ -870,6 +875,7 @@ struct kvm_ppc_smmu_info {
#define KVM_CAP_S390_USER_INSTR0 130
#define KVM_CAP_MSI_DEVID 131
#define KVM_CAP_PPC_HTM 132
+#define KVM_CAP_ARM_TIMER 133
@@ -883,6 +888,7 @@ struct kvm_ppc_resize_hpt {
#define KVM_CAP_PPC_MMU_RADIX 134
#define KVM_CAP_PPC_MMU_HASH_V3 135
#define KVM_CAP_IMMEDIATE_EXIT 136
+#define KVM_CAP_ARM_TIMER 137
#ifdef KVM_CAP_IRQ_ROUTING
@@ -1327,4 +1333,12 @@ struct kvm_assigned_msix_entry {
@@ -1354,4 +1360,12 @@ struct kvm_assigned_msix_entry {
#define KVM_X2APIC_API_USE_32BIT_IDS (1ULL << 0)
#define KVM_X2APIC_API_DISABLE_BROADCAST_QUIRK (1ULL << 1)
@ -163,11 +163,11 @@ index 4806e069e7..ffcacf8f0c 100644
+#define KVM_ARM_TIMER_VTIMER (1 << 0)
+
#endif /* __LINUX_KVM_H */
diff --git a/target-arm/kvm.c b/target-arm/kvm.c
index c00b94e42a..a4786a0a0b 100644
--- a/target-arm/kvm.c
+++ b/target-arm/kvm.c
@@ -530,7 +530,6 @@ MemTxAttrs kvm_arch_post_run(CPUState *cs, struct kvm_run *run)
diff --git a/target/arm/kvm.c b/target/arm/kvm.c
index 4555468..15d157c 100644
--- a/target/arm/kvm.c
+++ b/target/arm/kvm.c
@@ -531,7 +531,6 @@ MemTxAttrs kvm_arch_post_run(CPUState *cs, struct kvm_run *run)
return MEMTXATTRS_UNSPECIFIED;
}
@ -175,7 +175,7 @@ index c00b94e42a..a4786a0a0b 100644
int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
{
int ret = 0;
@@ -541,6 +540,23 @@ int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
@@ -542,6 +541,23 @@ int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
ret = EXCP_DEBUG;
} /* otherwise return to guest */
break;
@ -199,7 +199,7 @@ index c00b94e42a..a4786a0a0b 100644
default:
qemu_log_mask(LOG_UNIMP, "%s: un-handled exit reason %d\n",
__func__, run->exit_reason);
@@ -638,3 +654,14 @@ int kvm_arch_msi_data_to_gsi(uint32_t data)
@@ -629,3 +645,14 @@ int kvm_arch_msi_data_to_gsi(uint32_t data)
{
return (data - 32) & 0xffff;
}
@ -214,10 +214,10 @@ index c00b94e42a..a4786a0a0b 100644
+ cs->kvm_run->request_interrupt_window &= ~KVM_ARM_TIMER_VTIMER;
+ qemu_set_irq(ARM_CPU(cs)->gt_timer_outputs[GTIMER_VIRT], 0);
+}
diff --git a/target-arm/kvm_arm.h b/target-arm/kvm_arm.h
index 633d08828a..eeec8c5b20 100644
--- a/target-arm/kvm_arm.h
+++ b/target-arm/kvm_arm.h
diff --git a/target/arm/kvm_arm.h b/target/arm/kvm_arm.h
index 633d088..eeec8c5 100644
--- a/target/arm/kvm_arm.h
+++ b/target/arm/kvm_arm.h
@@ -288,4 +288,15 @@ static inline const char *its_class_name(void)
}
}

View File

@ -1,4 +1,4 @@
From 8e642bbb73b0feb46dde13fa960db59efb8c69ed Mon Sep 17 00:00:00 2001
From 5c82643987fdf900c8fb679e89d5b2807685946a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Thu, 24 Sep 2015 19:21:11 +0200
Subject: [PATCH] string-input-visitor: Fix uint64 parsing
@ -22,7 +22,7 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 50 insertions(+), 13 deletions(-)
diff --git a/qapi/string-input-visitor.c b/qapi/string-input-visitor.c
index 8dfa561252..1fb43909df 100644
index c089491..fedbda7 100644
--- a/qapi/string-input-visitor.c
+++ b/qapi/string-input-visitor.c
@@ -43,7 +43,8 @@ static void free_range(void *range, void *dummy)
@ -35,7 +35,7 @@ index 8dfa561252..1fb43909df 100644
{
char *str = (char *) siv->string;
long long start, end;
@@ -56,7 +57,11 @@ static int parse_str(StringInputVisitor *siv, const char *name, Error **errp)
@@ -60,7 +61,11 @@ static int parse_str(StringInputVisitor *siv, const char *name, Error **errp)
do {
errno = 0;
@ -48,7 +48,7 @@ index 8dfa561252..1fb43909df 100644
if (errno == 0 && endptr > str) {
if (*endptr == '\0') {
cur = g_malloc0(sizeof(*cur));
@@ -67,7 +72,11 @@ static int parse_str(StringInputVisitor *siv, const char *name, Error **errp)
@@ -71,7 +76,11 @@ static int parse_str(StringInputVisitor *siv, const char *name, Error **errp)
} else if (*endptr == '-') {
str = endptr + 1;
errno = 0;
@ -61,7 +61,7 @@ index 8dfa561252..1fb43909df 100644
if (errno == 0 && endptr > str && start <= end &&
(start > INT64_MAX - 65536 ||
end < start + 65536)) {
@@ -123,7 +132,7 @@ start_list(Visitor *v, const char *name, GenericList **list, size_t size,
@@ -127,7 +136,7 @@ start_list(Visitor *v, const char *name, GenericList **list, size_t size,
assert(list);
siv->list = list;
@ -70,16 +70,16 @@ index 8dfa561252..1fb43909df 100644
*list = NULL;
return;
}
@@ -188,7 +197,7 @@ static void parse_type_int64(Visitor *v, const char *name, int64_t *obj,
return;
}
@@ -215,7 +224,7 @@ static void parse_type_int64(Visitor *v, const char *name, int64_t *obj,
{
StringInputVisitor *siv = to_siv(v);
- if (parse_str(siv, name, errp) < 0) {
+ if (parse_str(siv, name, false, errp) < 0) {
return;
}
@@ -224,15 +233,43 @@ error:
@@ -251,15 +260,43 @@ error:
static void parse_type_uint64(Visitor *v, const char *name, uint64_t *obj,
Error **errp)
{

View File

@ -1,4 +1,4 @@
From 70f17e51a9347f19c159e84dc39359e762ca224d Mon Sep 17 00:00:00 2001
From ff8c69fadd0e7eb8a941d0822ce31e8a0ac257a0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Thu, 24 Sep 2015 19:23:50 +0200
Subject: [PATCH] test-string-input-visitor: Add int test case
@ -14,10 +14,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 8 insertions(+)
diff --git a/tests/test-string-input-visitor.c b/tests/test-string-input-visitor.c
index 7f10e2582f..62ddcb1583 100644
index 79313a7..e00194a 100644
--- a/tests/test-string-input-visitor.c
+++ b/tests/test-string-input-visitor.c
@@ -56,6 +56,14 @@ static void test_visitor_in_int(TestInputVisitorData *data,
@@ -58,6 +58,14 @@ static void test_visitor_in_int(TestInputVisitorData *data,
visit_type_int(v, NULL, &res, &err);
g_assert(!err);
g_assert_cmpint(res, ==, value);
@ -30,5 +30,5 @@ index 7f10e2582f..62ddcb1583 100644
+ g_assert(!err);
+ g_assert_cmpint(res, ==, value);
visitor_input_teardown(data, unused);
v = visitor_input_test_init(data, "not an int");

View File

@ -1,4 +1,4 @@
From 6afc22092786abd94108345c608892317aadb27a Mon Sep 17 00:00:00 2001
From 18b870e802add854c6e43f5e8cb1312dad449b89 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Thu, 24 Sep 2015 19:24:23 +0200
Subject: [PATCH] test-string-input-visitor: Add uint64 test
@ -15,10 +15,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 23 insertions(+)
diff --git a/tests/test-string-input-visitor.c b/tests/test-string-input-visitor.c
index 62ddcb1583..214cce2d3b 100644
index e00194a..5587827 100644
--- a/tests/test-string-input-visitor.c
+++ b/tests/test-string-input-visitor.c
@@ -73,6 +73,27 @@ static void test_visitor_in_int(TestInputVisitorData *data,
@@ -78,6 +78,27 @@ static void test_visitor_in_int(TestInputVisitorData *data,
error_free_or_abort(&err);
}
@ -43,10 +43,10 @@ index 62ddcb1583..214cce2d3b 100644
+ g_assert_cmpint(res, ==, value);
+}
+
static void test_visitor_in_intList(TestInputVisitorData *data,
const void *unused)
static void check_ilist(Visitor *v, int64_t *expected, size_t n)
{
@@ -275,6 +296,8 @@ int main(int argc, char **argv)
int64List *res = NULL;
@@ -364,6 +385,8 @@ int main(int argc, char **argv)
input_visitor_test_add("/string-visitor/input/int",
&in_visitor_data, test_visitor_in_int);

View File

@ -1,4 +1,4 @@
From bf1cd7a4b8d686cda17d594edf4739a2a28200b9 Mon Sep 17 00:00:00 2001
From 42e6f0ded433ad82d1d5e816d36e03be247e1daa Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Sun, 6 Sep 2015 20:12:42 +0200
Subject: [PATCH] tests: Add QOM property unit tests
@ -17,10 +17,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
create mode 100644 tests/check-qom-props.c
diff --git a/MAINTAINERS b/MAINTAINERS
index 4a605791fc..f003db2c5c 100644
index c60235e..a023f5d 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1361,6 +1361,7 @@ F: qom/
@@ -1419,6 +1419,7 @@ F: qom/
X: qom/cpu.c
F: tests/check-qom-interface.c
F: tests/check-qom-proplist.c
@ -29,29 +29,29 @@ index 4a605791fc..f003db2c5c 100644
QMP
diff --git a/tests/Makefile.include b/tests/Makefile.include
index e98d3b6bb3..958f768eba 100644
index f3de81f..ca8f859 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -86,6 +86,8 @@ check-unit-y += tests/check-qom-interface$(EXESUF)
@@ -92,6 +92,8 @@ check-unit-y += tests/check-qom-interface$(EXESUF)
gcov-files-check-qom-interface-y = qom/object.c
check-unit-y += tests/check-qom-proplist$(EXESUF)
gcov-files-check-qom-proplist-y = qom/object.c
+check-unit-y += tests/check-qom-props$(EXESUF)
+gcov-files-check-qom-props-y = qom/object.c
check-unit-y += tests/test-qemu-opts$(EXESUF)
gcov-files-test-qemu-opts-y = qom/test-qemu-opts.c
check-unit-y += tests/test-write-threshold$(EXESUF)
@@ -487,6 +489,7 @@ tests/check-qnull$(EXESUF): tests/check-qnull.o $(test-util-obj-y)
gcov-files-test-qemu-opts-y = util/qemu-option.c
check-unit-y += tests/test-keyval$(EXESUF)
@@ -537,6 +539,7 @@ tests/check-qnull$(EXESUF): tests/check-qnull.o $(test-util-obj-y)
tests/check-qjson$(EXESUF): tests/check-qjson.o $(test-util-obj-y)
tests/check-qom-interface$(EXESUF): tests/check-qom-interface.o $(test-qom-obj-y)
tests/check-qom-proplist$(EXESUF): tests/check-qom-proplist.o $(test-qom-obj-y)
+tests/check-qom-props$(EXESUF): tests/check-qom-props.o $(test-qom-obj-y)
tests/test-char$(EXESUF): tests/test-char.o qemu-char.o qemu-timer.o $(test-util-obj-y) $(qtest-obj-y) $(test-io-obj-y)
tests/test-char$(EXESUF): tests/test-char.o $(test-util-obj-y) $(qtest-obj-y) $(test-io-obj-y) $(chardev-obj-y)
tests/test-coroutine$(EXESUF): tests/test-coroutine.o $(test-block-obj-y)
diff --git a/tests/check-qom-props.c b/tests/check-qom-props.c
new file mode 100644
index 0000000000..681e121c07
index 0000000..681e121
--- /dev/null
+++ b/tests/check-qom-props.c
@@ -0,0 +1,122 @@

View File

@ -1,44 +0,0 @@
From 7b6b039ba580ddafdb3a0377f3c39c8d5e57bbc6 Mon Sep 17 00:00:00 2001
From: Li Qiang <liq3ea@gmail.com>
Date: Mon, 28 Nov 2016 21:29:25 -0500
Subject: [PATCH] virtio-gpu: call cleanup mapping function in resource destroy
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
If the guest destroy the resource before detach banking, the 'iov'
and 'addrs' field in resource is not freed thus leading memory
leak issue. This patch avoid this.
Signed-off-by: Li Qiang <liq3ea@gmail.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 1480386565-10077-1-git-send-email-liq3ea@gmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit b8e23926c568f2e963af39028b71c472e3023793)
BR: CVE-2016-9912 BSC#1014112]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/virtio-gpu.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c
index 5f32e1aae9..3eafe495ef 100644
--- a/hw/display/virtio-gpu.c
+++ b/hw/display/virtio-gpu.c
@@ -28,6 +28,8 @@
static struct virtio_gpu_simple_resource*
virtio_gpu_find_resource(VirtIOGPU *g, uint32_t resource_id);
+static void virtio_gpu_cleanup_mapping(struct virtio_gpu_simple_resource *res);
+
#ifdef CONFIG_VIRGL
#include <virglrenderer.h>
#define VIRGL(_g, _virgl, _simple, ...) \
@@ -359,6 +361,7 @@ static void virtio_gpu_resource_destroy(VirtIOGPU *g,
struct virtio_gpu_simple_resource *res)
{
pixman_image_unref(res->image);
+ virtio_gpu_cleanup_mapping(res);
QTAILQ_REMOVE(&g->reslist, res, next);
g_free(res);
}

View File

@ -1,4 +1,4 @@
From e01538b7559d5560be963fc679f51e7441111fc2 Mon Sep 17 00:00:00 2001
From 99cd029413e71606d3cc099ef2edbb2137c988e0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Fri, 25 Sep 2015 12:31:11 +0200
Subject: [PATCH] tests: Add scsi-disk test
@ -20,10 +20,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
create mode 100644 tests/scsi-disk-test.c
diff --git a/MAINTAINERS b/MAINTAINERS
index f003db2c5c..fcf633640e 100644
index a023f5d..9840d5b 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -920,6 +920,7 @@ M: Paolo Bonzini <pbonzini@redhat.com>
@@ -957,6 +957,7 @@ M: Paolo Bonzini <pbonzini@redhat.com>
S: Supported
F: include/hw/scsi/*
F: hw/scsi/*
@ -32,10 +32,10 @@ index f003db2c5c..fcf633640e 100644
T: git git://github.com/bonzini/qemu.git scsi-next
diff --git a/tests/Makefile.include b/tests/Makefile.include
index 958f768eba..5643e8fa64 100644
index ca8f859..85187d4 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -148,6 +148,8 @@ check-qtest-virtio-y += tests/virtio-rng-test$(EXESUF)
@@ -161,6 +161,8 @@ check-qtest-virtio-y += tests/virtio-rng-test$(EXESUF)
gcov-files-virtio-y += hw/virtio/virtio-rng.c
check-qtest-virtio-y += tests/virtio-scsi-test$(EXESUF)
gcov-files-virtio-y += i386-softmmu/hw/scsi/virtio-scsi.c
@ -44,17 +44,17 @@ index 958f768eba..5643e8fa64 100644
ifeq ($(CONFIG_VIRTIO)$(CONFIG_VIRTFS)$(CONFIG_PCI),yyy)
check-qtest-virtio-y += tests/virtio-9p-test$(EXESUF)
gcov-files-virtio-y += hw/9pfs/virtio-9p.c
@@ -682,6 +684,7 @@ tests/usb-hcd-xhci-test$(EXESUF): tests/usb-hcd-xhci-test.o $(libqos-usb-obj-y)
tests/pc-cpu-test$(EXESUF): tests/pc-cpu-test.o
tests/postcopy-test$(EXESUF): tests/postcopy-test.o
tests/vhost-user-test$(EXESUF): tests/vhost-user-test.o qemu-char.o qemu-timer.o $(qtest-obj-y) $(test-io-obj-y) $(libqos-virtio-obj-y) $(libqos-pc-obj-y)
@@ -741,6 +743,7 @@ tests/postcopy-test$(EXESUF): tests/postcopy-test.o
tests/vhost-user-test$(EXESUF): tests/vhost-user-test.o $(test-util-obj-y) \
$(qtest-obj-y) $(test-io-obj-y) $(libqos-virtio-obj-y) $(libqos-pc-obj-y) \
$(chardev-obj-y)
+tests/scsi-disk-test$(EXESUF): tests/scsi-disk-test.o
tests/qemu-iotests/socket_scm_helper$(EXESUF): tests/qemu-iotests/socket_scm_helper.o
tests/test-qemu-opts$(EXESUF): tests/test-qemu-opts.o $(test-util-obj-y)
tests/test-write-threshold$(EXESUF): tests/test-write-threshold.o $(test-block-obj-y)
tests/test-keyval$(EXESUF): tests/test-keyval.o $(test-util-obj-y) $(test-qapi-obj-y)
diff --git a/tests/scsi-disk-test.c b/tests/scsi-disk-test.c
new file mode 100644
index 0000000000..f19f93d97a
index 0000000..f19f93d
--- /dev/null
+++ b/tests/scsi-disk-test.c
@@ -0,0 +1,82 @@

View File

@ -0,0 +1,54 @@
From e46f223e5fadfeaeecc7a4744733184130b5dd0d Mon Sep 17 00:00:00 2001
From: Eric Auger <eric.auger@redhat.com>
Date: Tue, 28 Mar 2017 19:20:40 +0200
Subject: [PATCH] hw/intc/arm_gicv3_kvm: Check KVM_DEV_ARM_VGIC_GRP_CPU_SYSREGS
in reset
KVM_DEV_ARM_VGIC_GRP_CPU_SYSREGS needs to be checked before
attempting to read ICC_CTLR_EL1; otherwise kernel versions not
exposing this kvm device group will be incompatible with qemu 2.9.
Fixes: 07a5628 ("hw/intc/arm_gicv3_kvm: Reset GICv3 cpu interface registers")
Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reported-by: Prakash B <bjsprakash.linux@gmail.com>
(agraf: Fixes gicv3 KVM on SP2 kernel)
Signed-off-by: Alexander Graf <agraf@suse.de>
---
hw/intc/arm_gicv3_kvm.c | 17 +++++++++++------
1 file changed, 11 insertions(+), 6 deletions(-)
diff --git a/hw/intc/arm_gicv3_kvm.c b/hw/intc/arm_gicv3_kvm.c
index 81f0403..19aab56 100644
--- a/hw/intc/arm_gicv3_kvm.c
+++ b/hw/intc/arm_gicv3_kvm.c
@@ -614,12 +614,6 @@ static void arm_gicv3_icc_reset(CPUARMState *env, const ARMCPRegInfo *ri)
s = c->gic;
cpu = ARM_CPU(c->cpu);
- /* Initialize to actual HW supported configuration */
- kvm_device_access(s->dev_fd, KVM_DEV_ARM_VGIC_GRP_CPU_SYSREGS,
- KVM_VGIC_ATTR(ICC_CTLR_EL1, cpu->mp_affinity),
- &c->icc_ctlr_el1[GICV3_NS], false);
-
- c->icc_ctlr_el1[GICV3_S] = c->icc_ctlr_el1[GICV3_NS];
c->icc_pmr_el1 = 0;
c->icc_bpr[GICV3_G0] = GIC_MIN_BPR;
c->icc_bpr[GICV3_G1] = GIC_MIN_BPR;
@@ -628,6 +622,17 @@ static void arm_gicv3_icc_reset(CPUARMState *env, const ARMCPRegInfo *ri)
c->icc_sre_el1 = 0x7;
memset(c->icc_apr, 0, sizeof(c->icc_apr));
memset(c->icc_igrpen, 0, sizeof(c->icc_igrpen));
+
+ if (s->migration_blocker) {
+ return;
+ }
+
+ /* Initialize to actual HW supported configuration */
+ kvm_device_access(s->dev_fd, KVM_DEV_ARM_VGIC_GRP_CPU_SYSREGS,
+ KVM_VGIC_ATTR(ICC_CTLR_EL1, cpu->mp_affinity),
+ &c->icc_ctlr_el1[GICV3_NS], false);
+
+ c->icc_ctlr_el1[GICV3_S] = c->icc_ctlr_el1[GICV3_NS];
}
static void kvm_arm_gicv3_reset(DeviceState *dev)

View File

@ -1,40 +0,0 @@
From 0cfea2b4d63daecfcf05e54e2f1d6755e9158a31 Mon Sep 17 00:00:00 2001
From: Li Qiang <liqiang6-s@360.cn>
Date: Tue, 1 Nov 2016 05:37:57 -0700
Subject: [PATCH] virtio-gpu: fix information leak in capset get dispatch
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
In virgl_cmd_get_capset function, it uses g_malloc to allocate
a response struct to the guest. As the 'resp'struct hasn't been full
initialized it will lead the 'resp->padding' field to the guest.
Use g_malloc0 to avoid this.
Signed-off-by: Li Qiang <liqiang6-s@360.cn>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 58188cae.4a6ec20a.3d2d1.aff2@mx.google.com
[ kraxel: resolved conflict ]
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit 85d9d044471f93c48c5c396f7e217b4ef12f69f8)
[BR: CVE-2016-9908 BSC#1014514]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/virtio-gpu-3d.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c
index 23f39de94d..d98b1404e1 100644
--- a/hw/display/virtio-gpu-3d.c
+++ b/hw/display/virtio-gpu-3d.c
@@ -371,7 +371,7 @@ static void virgl_cmd_get_capset(VirtIOGPU *g,
virgl_renderer_get_cap_set(gc.capset_id, &max_ver,
&max_size);
- resp = g_malloc(sizeof(*resp) + max_size);
+ resp = g_malloc0(sizeof(*resp) + max_size);
resp->hdr.type = VIRTIO_GPU_RESP_OK_CAPSET;
virgl_renderer_fill_caps(gc.capset_id,

View File

@ -1,72 +0,0 @@
From 3b4bf7e1b33e254709c6a3948891f7da4aac63e3 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Mon, 9 Jan 2017 13:35:20 -0700
Subject: [PATCH] display: cirrus: ignore source pitch value as needed in
blit_is_unsafe
Commit 4299b90 added a check which is too broad, given that the source
pitch value is not required to be initialized for solid fill operations.
This patch refines the blit_is_unsafe() check to ignore source pitch in
that case. After applying the above commit as a security patch, we
noticed the SLES 11 SP4 guest gui failed to initialize properly.
Signed-off-by: Bruce Rogers <brogers@suse.com>
Message-id: 20170109203520.5619-1-brogers@suse.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit 913a87885f589d263e682c2eb6637c6e14538061)
[BR: BSC#1016779]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/cirrus_vga.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
index bdb092ee9d..379910db2d 100644
--- a/hw/display/cirrus_vga.c
+++ b/hw/display/cirrus_vga.c
@@ -294,7 +294,7 @@ static bool blit_region_is_unsafe(struct CirrusVGAState *s,
return false;
}
-static bool blit_is_unsafe(struct CirrusVGAState *s)
+static bool blit_is_unsafe(struct CirrusVGAState *s, bool dst_only)
{
/* should be the case, see cirrus_bitblt_start */
assert(s->cirrus_blt_width > 0);
@@ -308,6 +308,9 @@ static bool blit_is_unsafe(struct CirrusVGAState *s)
s->cirrus_blt_dstaddr & s->cirrus_addr_mask)) {
return true;
}
+ if (dst_only) {
+ return false;
+ }
if (blit_region_is_unsafe(s, s->cirrus_blt_srcpitch,
s->cirrus_blt_srcaddr & s->cirrus_addr_mask)) {
return true;
@@ -673,7 +676,7 @@ static int cirrus_bitblt_common_patterncopy(CirrusVGAState * s,
dst = s->vga.vram_ptr + (s->cirrus_blt_dstaddr & s->cirrus_addr_mask);
- if (blit_is_unsafe(s))
+ if (blit_is_unsafe(s, false))
return 0;
(*s->cirrus_rop) (s, dst, src,
@@ -691,7 +694,7 @@ static int cirrus_bitblt_solidfill(CirrusVGAState *s, int blt_rop)
{
cirrus_fill_t rop_func;
- if (blit_is_unsafe(s)) {
+ if (blit_is_unsafe(s, true)) {
return 0;
}
rop_func = cirrus_fill[rop_to_index[blt_rop]][s->cirrus_blt_pixelwidth - 1];
@@ -795,7 +798,7 @@ static int cirrus_do_copy(CirrusVGAState *s, int dst, int src, int w, int h)
static int cirrus_bitblt_videotovideo_copy(CirrusVGAState * s)
{
- if (blit_is_unsafe(s))
+ if (blit_is_unsafe(s, false))
return 0;
return cirrus_do_copy(s, s->cirrus_blt_dstaddr - s->vga.start_addr,

View File

@ -1,34 +0,0 @@
From 65cef1a069623a0cede6b0bbb6ddeaec0fb023b3 Mon Sep 17 00:00:00 2001
From: Christian Borntraeger <borntraeger@de.ibm.com>
Date: Tue, 24 Jan 2017 22:17:47 +0100
Subject: [PATCH] s390x/kvm: fix small race reboot vs. cmma
Right now we reset all devices before we reset the cmma states. This
can result in the host kernel discarding guest pages that were
previously in the unused state but already contain a bios or a -kernel
file before the cmma reset has finished. This race results in random
guest crashes or hangs during very early reboot.
Fixes: 1cd4e0f6f0a6 ("s390x/cmma: clean up cmma reset")
Cc: qemu-stable@nongnu.org
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
(cherry picked from commit 1a0e4c8b02ea510508970c333ee610a90b921cbb)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/s390x/s390-virtio.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/s390x/s390-virtio.c b/hw/s390x/s390-virtio.c
index 0a963473ad..7a3a7fe5fd 100644
--- a/hw/s390x/s390-virtio.c
+++ b/hw/s390x/s390-virtio.c
@@ -204,8 +204,8 @@ void s390_machine_reset(void)
{
S390CPU *ipl_cpu = S390_CPU(qemu_get_cpu(0));
- qemu_devices_reset();
s390_cmma_reset();
+ qemu_devices_reset();
s390_crypto_reset();
/* all cpus are stopped - configure and start the ipl cpu only */

View File

@ -1,32 +0,0 @@
From 52f9cd6fd4943ff0202133646da31788447a2209 Mon Sep 17 00:00:00 2001
From: David Hildenbrand <david@redhat.com>
Date: Mon, 30 Jan 2017 15:50:25 +0100
Subject: [PATCH] target/s390x: use "qemu" cpu model in user mode
"any" does not exist, therefore resulting in a misleading error message.
Reported-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20170130145025.26475-1-david@redhat.com>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Alexander Graf <agraf@suse.de>
Cc: qemu-stable@nongnu.org
(cherry picked from commit d8923bc75479cd3fdcc72b7647f4877f91950b01)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
linux-user/main.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/linux-user/main.c b/linux-user/main.c
index 75b199f274..cc77ec4713 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -4045,6 +4045,8 @@ int main(int argc, char **argv, char **envp)
# endif
#elif defined TARGET_SH4
cpu_model = TYPE_SH7785_CPU;
+#elif defined TARGET_S390X
+ cpu_model = "qemu";
#else
cpu_model = "any";
#endif

View File

@ -1,35 +0,0 @@
From a31edb2865923f478830a2f05e64259ae9841f3c Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Tue, 14 Feb 2017 10:37:59 -0700
Subject: [PATCH] linux-user: exclude cpu model code when building linux-user
A section of s390_realize_cpu_model() needed to be guarded by
CONFIG_USER_ONLY. This omission was causing a segfault when
testing the executable being built for the s390x qemu-linux-user
package.
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
target-s390x/cpu_models.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/target-s390x/cpu_models.c b/target-s390x/cpu_models.c
index c1e729df5e..f2eadd2cfb 100644
--- a/target-s390x/cpu_models.c
+++ b/target-s390x/cpu_models.c
@@ -738,6 +738,7 @@ void s390_realize_cpu_model(CPUState *cs, Error **errp)
return;
}
+#ifndef CONFIG_USER_ONLY
/* copy over properties that can vary */
cpu->model->lowest_ibc = max_model->lowest_ibc;
cpu->model->cpu_id = max_model->cpu_id;
@@ -750,6 +751,7 @@ void s390_realize_cpu_model(CPUState *cs, Error **errp)
}
apply_cpu_model(cpu->model, errp);
+#endif
}
static void get_feature(Object *obj, Visitor *v, const char *name,

View File

@ -1,30 +0,0 @@
From 5525a02cb6f16bf4bd4ba111012457be80e99418 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Fri, 17 Feb 2017 14:59:49 -0700
Subject: [PATCH] tests: check path to avoid a failing qga/get-vcpus test
The qga/get-vcpus test fails in a simple chroot environment, as
used in an openSUSE Build Service local build, so first check
that the sysfs based path exists in order to avoid calling this
test in an environment where it won't work right.
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
tests/test-qga.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/tests/test-qga.c b/tests/test-qga.c
index 868b02a40f..9e6d19a6e1 100644
--- a/tests/test-qga.c
+++ b/tests/test-qga.c
@@ -924,7 +924,9 @@ int main(int argc, char **argv)
g_test_add_data_func("/qga/info", &fix, test_qga_info);
g_test_add_data_func("/qga/network-get-interfaces", &fix,
test_qga_network_get_interfaces);
- g_test_add_data_func("/qga/get-vcpus", &fix, test_qga_get_vcpus);
+ if (!access("/sys/devices/system/cpu/cpu0", F_OK)) {
+ g_test_add_data_func("/qga/get-vcpus", &fix, test_qga_get_vcpus);
+ }
g_test_add_data_func("/qga/get-fsinfo", &fix, test_qga_get_fsinfo);
g_test_add_data_func("/qga/get-memory-block-info", &fix,
test_qga_get_memory_block_info);

View File

@ -1,40 +0,0 @@
From 818182d6045bb5a052b3fd53b995df6510084e83 Mon Sep 17 00:00:00 2001
From: Prasad J Pandit <pjp@fedoraproject.org>
Date: Wed, 14 Dec 2016 12:31:56 +0530
Subject: [PATCH] display: virtio-gpu-3d: check virgl capabilities max_size
Virtio GPU device while processing 'VIRTIO_GPU_CMD_GET_CAPSET'
command, retrieves the maximum capabilities size to fill in the
response object. It continues to fill in capabilities even if
retrieved 'max_size' is zero(0), thus resulting in OOB access.
Add check to avoid it.
Reported-by: Zhenhao Hong <zhenhaohong@gmail.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-id: 20161214070156.23368-1-ppandit@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit abd7f08b2353f43274b785db8c7224f082ef4d31)
[BR: CVE-2016-10028 BSC#1017084 BSC#1016503]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/virtio-gpu-3d.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c
index d98b1404e1..cdd03a47bd 100644
--- a/hw/display/virtio-gpu-3d.c
+++ b/hw/display/virtio-gpu-3d.c
@@ -371,8 +371,12 @@ static void virgl_cmd_get_capset(VirtIOGPU *g,
virgl_renderer_get_cap_set(gc.capset_id, &max_ver,
&max_size);
- resp = g_malloc0(sizeof(*resp) + max_size);
+ if (!max_size) {
+ cmd->error = VIRTIO_GPU_RESP_ERR_INVALID_PARAMETER;
+ return;
+ }
+ resp = g_malloc0(sizeof(*resp) + max_size);
resp->hdr.type = VIRTIO_GPU_RESP_OK_CAPSET;
virgl_renderer_fill_caps(gc.capset_id,
gc.capset_version,

View File

@ -1,46 +0,0 @@
From 56fb083af9f432ec4ab438f016e26025981f3136 Mon Sep 17 00:00:00 2001
From: Li Qiang <liqiang6-s@360.cn>
Date: Mon, 28 Nov 2016 17:49:04 -0800
Subject: [PATCH] watchdog: 6300esb: add exit function
When the Intel 6300ESB watchdog is hot unplug. The timer allocated
in realize isn't freed thus leaking memory leak. This patch avoid
this through adding the exit function.
Signed-off-by: Li Qiang <liqiang6-s@360.cn>
Message-Id: <583cde9c.3223ed0a.7f0c2.886e@mx.google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit eb7a20a3616085d46aa6b4b4224e15587ec67e6e)
[BR: CVE-2016-10155 BSC#1021129]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/watchdog/wdt_i6300esb.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/hw/watchdog/wdt_i6300esb.c b/hw/watchdog/wdt_i6300esb.c
index a83d951213..49b3cd188a 100644
--- a/hw/watchdog/wdt_i6300esb.c
+++ b/hw/watchdog/wdt_i6300esb.c
@@ -428,6 +428,14 @@ static void i6300esb_realize(PCIDevice *dev, Error **errp)
/* qemu_register_coalesced_mmio (addr, 0x10); ? */
}
+static void i6300esb_exit(PCIDevice *dev)
+{
+ I6300State *d = WATCHDOG_I6300ESB_DEVICE(dev);
+
+ timer_del(d->timer);
+ timer_free(d->timer);
+}
+
static WatchdogTimerModel model = {
.wdt_name = "i6300esb",
.wdt_description = "Intel 6300ESB",
@@ -441,6 +449,7 @@ static void i6300esb_class_init(ObjectClass *klass, void *data)
k->config_read = i6300esb_config_read;
k->config_write = i6300esb_config_write;
k->realize = i6300esb_realize;
+ k->exit = i6300esb_exit;
k->vendor_id = PCI_VENDOR_ID_INTEL;
k->device_id = PCI_DEVICE_ID_INTEL_ESB_9;
k->class_id = PCI_CLASS_SYSTEM_OTHER;

View File

@ -1,41 +0,0 @@
From 07cbf6021a6ab8bf3756692379a9942bdfeb7e00 Mon Sep 17 00:00:00 2001
From: Li Qiang <liq3ea@gmail.com>
Date: Thu, 29 Dec 2016 03:11:26 -0500
Subject: [PATCH] virtio-gpu-3d: fix memory leak in resource attach backing
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
If the virgl_renderer_resource_attach_iov function fails the
'res_iovs' will be leaked. Add check of the return value to
free the 'res_iovs' when failing.
Signed-off-by: Li Qiang <liq3ea@gmail.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 1482999086-59795-1-git-send-email-liq3ea@gmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit 33243031dad02d161225ba99d782616da133f689)
[BR: CVE-2017-5552 BSC#1021195]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/virtio-gpu-3d.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c
index cdd03a47bd..f96a0c2e59 100644
--- a/hw/display/virtio-gpu-3d.c
+++ b/hw/display/virtio-gpu-3d.c
@@ -291,8 +291,11 @@ static void virgl_resource_attach_backing(VirtIOGPU *g,
return;
}
- virgl_renderer_resource_attach_iov(att_rb.resource_id,
- res_iovs, att_rb.nr_entries);
+ ret = virgl_renderer_resource_attach_iov(att_rb.resource_id,
+ res_iovs, att_rb.nr_entries);
+
+ if (ret != 0)
+ virtio_gpu_cleanup_mapping_iov(res_iovs, att_rb.nr_entries);
}
static void virgl_resource_detach_backing(VirtIOGPU *g,

View File

@ -1,35 +0,0 @@
From 536ae1665b9302a31932113b1ec7d52cbd7af752 Mon Sep 17 00:00:00 2001
From: Li Qiang <liq3ea@gmail.com>
Date: Thu, 29 Dec 2016 04:28:41 -0500
Subject: [PATCH] virtio-gpu: fix memory leak in resource attach backing
In the resource attach backing function, everytime it will
allocate 'res->iov' thus can leading a memory leak. This
patch avoid this.
Signed-off-by: Li Qiang <liq3ea@gmail.com>
Message-id: 1483003721-65360-1-git-send-email-liq3ea@gmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit 204f01b30975923c64006f8067f0937b91eea68b)
[BR: CVE-2017-5578 BSC#1021481]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/virtio-gpu.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c
index 3eafe495ef..edd8ddaf78 100644
--- a/hw/display/virtio-gpu.c
+++ b/hw/display/virtio-gpu.c
@@ -708,6 +708,11 @@ virtio_gpu_resource_attach_backing(VirtIOGPU *g,
return;
}
+ if (res->iov) {
+ cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC;
+ return;
+ }
+
ret = virtio_gpu_create_mapping_iov(&ab, cmd, &res->addrs, &res->iov);
if (ret != 0) {
cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC;

View File

@ -1,53 +0,0 @@
From d1d06f7db5b44371db5dc1c559c5d8c1bda9d731 Mon Sep 17 00:00:00 2001
From: Halil Pasic <pasic@linux.vnet.ibm.com>
Date: Mon, 19 Dec 2016 16:44:44 +0100
Subject: [PATCH] virtio: fix vq->inuse recalc after migr
Correct recalculation of vq->inuse after migration for the corner case
where the avail_idx has already wrapped but used_idx not yet.
Also change the type of the VirtQueue.inuse to unsigned int. This is
done to be consistent with other members representing sizes (VRing.num),
and because C99 guarantees max ring size < UINT_MAX but does not
guarantee max ring size < INT_MAX.
Signed-off-by: Halil Pasic <pasic@linux.vnet.ibm.com>
Fixes: bccdef6b ("virtio: recalculate vq->inuse after migration")
CC: qemu-stable@nongnu.org
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
(cherry picked from commit e66bcc408146730958d1a840bda85d7ad51e0cd7)
[BR: BSC#1020928]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/virtio/virtio.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
index 1af2de2714..e37641a9c9 100644
--- a/hw/virtio/virtio.c
+++ b/hw/virtio/virtio.c
@@ -92,7 +92,7 @@ struct VirtQueue
uint16_t queue_index;
- int inuse;
+ unsigned int inuse;
uint16_t vector;
VirtIOHandleOutput handle_output;
@@ -1855,9 +1855,11 @@ int virtio_load(VirtIODevice *vdev, QEMUFile *f, int version_id)
/*
* Some devices migrate VirtQueueElements that have been popped
* from the avail ring but not yet returned to the used ring.
+ * Since max ring size < UINT16_MAX it's safe to use modulo
+ * UINT16_MAX + 1 subtraction.
*/
- vdev->vq[i].inuse = vdev->vq[i].last_avail_idx -
- vdev->vq[i].used_idx;
+ vdev->vq[i].inuse = (uint16_t)(vdev->vq[i].last_avail_idx -
+ vdev->vq[i].used_idx);
if (vdev->vq[i].inuse > vdev->vq[i].vring.num) {
error_report("VQ %d size 0x%x < last_avail_idx 0x%x - "
"used_idx 0x%x",

View File

@ -1,55 +0,0 @@
From 6a847bb812fe7946a2d3c457d75ca3db0fe962b0 Mon Sep 17 00:00:00 2001
From: Li Qiang <liqiang6-s@360.cn>
Date: Wed, 14 Dec 2016 18:32:22 -0800
Subject: [PATCH] audio: es1370: add exit function
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Currently the es1370 device emulation doesn't have a exit function,
hot unplug this device will leak some memory. Add a exit function to
avoid this.
Signed-off-by: Li Qiang <liqiang6-s@360.cn>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 585200c9.a968ca0a.1ab80.4c98@mx.google.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit 069eb7b2b8fc47c7cb52e5a4af23ea98d939e3da)
[BR: CVE-2017-5526 BSC#1020589]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/audio/es1370.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/hw/audio/es1370.c b/hw/audio/es1370.c
index 8449b5f436..883ec69b30 100644
--- a/hw/audio/es1370.c
+++ b/hw/audio/es1370.c
@@ -1041,6 +1041,19 @@ static void es1370_realize(PCIDevice *dev, Error **errp)
es1370_reset (s);
}
+static void es1370_exit(PCIDevice *dev)
+{
+ ES1370State *s = ES1370(dev);
+ int i;
+
+ for (i = 0; i < 2; ++i) {
+ AUD_close_out(&s->card, s->dac_voice[i]);
+ }
+
+ AUD_close_in(&s->card, s->adc_voice);
+ AUD_remove_card(&s->card);
+}
+
static int es1370_init (PCIBus *bus)
{
pci_create_simple (bus, -1, TYPE_ES1370);
@@ -1053,6 +1066,7 @@ static void es1370_class_init (ObjectClass *klass, void *data)
PCIDeviceClass *k = PCI_DEVICE_CLASS (klass);
k->realize = es1370_realize;
+ k->exit = es1370_exit;
k->vendor_id = PCI_VENDOR_ID_ENSONIQ;
k->device_id = PCI_DEVICE_ID_ENSONIQ_ES1370;
k->class_id = PCI_CLASS_MULTIMEDIA_AUDIO;

View File

@ -1,52 +0,0 @@
From ebc039becfc5a4506ae0d4962cd87ce1bf5163bc Mon Sep 17 00:00:00 2001
From: Li Qiang <liqiang6-s@360.cn>
Date: Wed, 14 Dec 2016 18:30:21 -0800
Subject: [PATCH] audio: ac97: add exit function
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Currently the ac97 device emulation doesn't have a exit function,
hot unplug this device will leak some memory. Add a exit function to
avoid this.
Signed-off-by: Li Qiang <liqiang6-s@360.cn>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 58520052.4825ed0a.27a71.6cae@mx.google.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit 12351a91da97b414eec8cdb09f1d9f41e535a401)
[BR: CVE-2017-5525 BSC#1020491]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/audio/ac97.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/hw/audio/ac97.c b/hw/audio/ac97.c
index cbd959e0bd..c30657501c 100644
--- a/hw/audio/ac97.c
+++ b/hw/audio/ac97.c
@@ -1387,6 +1387,16 @@ static void ac97_realize(PCIDevice *dev, Error **errp)
ac97_on_reset (&s->dev.qdev);
}
+static void ac97_exit(PCIDevice *dev)
+{
+ AC97LinkState *s = DO_UPCAST(AC97LinkState, dev, dev);
+
+ AUD_close_in(&s->card, s->voice_pi);
+ AUD_close_out(&s->card, s->voice_po);
+ AUD_close_in(&s->card, s->voice_mc);
+ AUD_remove_card(&s->card);
+}
+
static int ac97_init (PCIBus *bus)
{
pci_create_simple (bus, -1, "AC97");
@@ -1404,6 +1414,7 @@ static void ac97_class_init (ObjectClass *klass, void *data)
PCIDeviceClass *k = PCI_DEVICE_CLASS (klass);
k->realize = ac97_realize;
+ k->exit = ac97_exit;
k->vendor_id = PCI_VENDOR_ID_INTEL;
k->device_id = PCI_DEVICE_ID_INTEL_82801AA_5;
k->revision = 0x01;

View File

@ -1,64 +0,0 @@
From 27db53c8bdbb318eef77b9ac01ea02e6b0cd0b02 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Mon, 2 Jan 2017 11:03:33 +0100
Subject: [PATCH] megasas: fix guest-triggered memory leak
If the guest sets the sglist size to a value >=2GB, megasas_handle_dcmd
will return MFI_STAT_MEMORY_NOT_AVAILABLE without freeing the memory.
Avoid this by returning only the status from map_dcmd, and loading
cmd->iov_size in the caller.
Reported-by: Li Qiang <liqiang6-s@360.cn>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 765a707000e838c30b18d712fe6cb3dd8e0435f3)
[BR: CVE-2017-5856 BSC#1023053]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/scsi/megasas.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index 67fc1e7893..6233865494 100644
--- a/hw/scsi/megasas.c
+++ b/hw/scsi/megasas.c
@@ -683,14 +683,14 @@ static int megasas_map_dcmd(MegasasState *s, MegasasCmd *cmd)
trace_megasas_dcmd_invalid_sge(cmd->index,
cmd->frame->header.sge_count);
cmd->iov_size = 0;
- return -1;
+ return -EINVAL;
}
iov_pa = megasas_sgl_get_addr(cmd, &cmd->frame->dcmd.sgl);
iov_size = megasas_sgl_get_len(cmd, &cmd->frame->dcmd.sgl);
pci_dma_sglist_init(&cmd->qsg, PCI_DEVICE(s), 1);
qemu_sglist_add(&cmd->qsg, iov_pa, iov_size);
cmd->iov_size = iov_size;
- return cmd->iov_size;
+ return 0;
}
static void megasas_finish_dcmd(MegasasCmd *cmd, uint32_t iov_size)
@@ -1559,19 +1559,20 @@ static const struct dcmd_cmd_tbl_t {
static int megasas_handle_dcmd(MegasasState *s, MegasasCmd *cmd)
{
- int opcode, len;
+ int opcode;
int retval = 0;
+ size_t len;
const struct dcmd_cmd_tbl_t *cmdptr = dcmd_cmd_tbl;
opcode = le32_to_cpu(cmd->frame->dcmd.opcode);
trace_megasas_handle_dcmd(cmd->index, opcode);
- len = megasas_map_dcmd(s, cmd);
- if (len < 0) {
+ if (megasas_map_dcmd(s, cmd) < 0) {
return MFI_STAT_MEMORY_NOT_AVAILABLE;
}
while (cmdptr->opcode != -1 && cmdptr->opcode != opcode) {
cmdptr++;
}
+ len = cmd->iov_size;
if (cmdptr->opcode == -1) {
trace_megasas_dcmd_unhandled(cmd->index, opcode, len);
retval = megasas_dcmd_dummy(s, cmd);

View File

@ -1,49 +0,0 @@
From 3f442b06232be126e08d9207e4cac3e3afe0e62d Mon Sep 17 00:00:00 2001
From: Wolfgang Bumiller <w.bumiller@proxmox.com>
Date: Wed, 25 Jan 2017 14:48:57 +0100
Subject: [PATCH] cirrus: handle negative pitch in cirrus_invalidate_region()
cirrus_invalidate_region() calls memory_region_set_dirty()
on a per-line basis, always ranging from off_begin to
off_begin+bytesperline. With a negative pitch off_begin
marks the top most used address and thus we need to do an
initial shift backwards by a line for negative pitches of
backward blits, otherwise the first iteration covers the
line going from the start offset forwards instead of
backwards.
Additionally since the start address is inclusive, if we
shift by a full `bytesperline` we move to the first address
*not* included in the blit, so we only shift by one less
than bytesperline.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Message-id: 1485352137-29367-1-git-send-email-w.bumiller@proxmox.com
[ kraxel: codestyle fixes ]
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit f153b563f8cf121aebf5a2fff5f0110faf58ccb3)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/cirrus_vga.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
index 379910db2d..0f05e4596e 100644
--- a/hw/display/cirrus_vga.c
+++ b/hw/display/cirrus_vga.c
@@ -661,9 +661,14 @@ static void cirrus_invalidate_region(CirrusVGAState * s, int off_begin,
int off_cur;
int off_cur_end;
+ if (off_pitch < 0) {
+ off_begin -= bytesperline - 1;
+ }
+
for (y = 0; y < lines; y++) {
off_cur = off_begin;
off_cur_end = (off_cur + bytesperline) & s->cirrus_addr_mask;
+ assert(off_cur_end >= off_cur);
memory_region_set_dirty(&s->vga.vram, off_cur, off_cur_end - off_cur);
off_begin += off_pitch;
}

View File

@ -1,103 +0,0 @@
From 2d9d5517299f47f6cbc208de10cb54d6e0e3971e Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Wed, 25 Jan 2017 11:09:56 +0100
Subject: [PATCH] cirrus: fix blit address mask handling
Apply the cirrus_addr_mask to cirrus_blt_dstaddr and cirrus_blt_srcaddr
right after assigning them, in cirrus_bitblt_start(), instead of having
this all over the place in the cirrus code, and missing a few places.
Reported-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1485338996-17095-1-git-send-email-kraxel@redhat.com
(cherry picked from commit 60cd23e85151525ab26591394c4e7e06fa07d216)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/cirrus_vga.c | 26 +++++++++++++-------------
1 file changed, 13 insertions(+), 13 deletions(-)
diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
index 0f05e4596e..ef5da7acf7 100644
--- a/hw/display/cirrus_vga.c
+++ b/hw/display/cirrus_vga.c
@@ -305,14 +305,15 @@ static bool blit_is_unsafe(struct CirrusVGAState *s, bool dst_only)
}
if (blit_region_is_unsafe(s, s->cirrus_blt_dstpitch,
- s->cirrus_blt_dstaddr & s->cirrus_addr_mask)) {
+ s->cirrus_blt_dstaddr)) {
return true;
}
if (dst_only) {
return false;
}
+
if (blit_region_is_unsafe(s, s->cirrus_blt_srcpitch,
- s->cirrus_blt_srcaddr & s->cirrus_addr_mask)) {
+ s->cirrus_blt_srcaddr)) {
return true;
}
@@ -679,7 +680,7 @@ static int cirrus_bitblt_common_patterncopy(CirrusVGAState * s,
{
uint8_t *dst;
- dst = s->vga.vram_ptr + (s->cirrus_blt_dstaddr & s->cirrus_addr_mask);
+ dst = s->vga.vram_ptr + s->cirrus_blt_dstaddr;
if (blit_is_unsafe(s, false))
return 0;
@@ -703,7 +704,7 @@ static int cirrus_bitblt_solidfill(CirrusVGAState *s, int blt_rop)
return 0;
}
rop_func = cirrus_fill[rop_to_index[blt_rop]][s->cirrus_blt_pixelwidth - 1];
- rop_func(s, s->vga.vram_ptr + (s->cirrus_blt_dstaddr & s->cirrus_addr_mask),
+ rop_func(s, s->vga.vram_ptr + s->cirrus_blt_dstaddr,
s->cirrus_blt_dstpitch,
s->cirrus_blt_width, s->cirrus_blt_height);
cirrus_invalidate_region(s, s->cirrus_blt_dstaddr,
@@ -721,9 +722,8 @@ static int cirrus_bitblt_solidfill(CirrusVGAState *s, int blt_rop)
static int cirrus_bitblt_videotovideo_patterncopy(CirrusVGAState * s)
{
- return cirrus_bitblt_common_patterncopy(s,
- s->vga.vram_ptr + ((s->cirrus_blt_srcaddr & ~7) &
- s->cirrus_addr_mask));
+ return cirrus_bitblt_common_patterncopy(s, s->vga.vram_ptr +
+ (s->cirrus_blt_srcaddr & ~7));
}
static int cirrus_do_copy(CirrusVGAState *s, int dst, int src, int w, int h)
@@ -777,10 +777,8 @@ static int cirrus_do_copy(CirrusVGAState *s, int dst, int src, int w, int h)
if (notify)
graphic_hw_update(s->vga.con);
- (*s->cirrus_rop) (s, s->vga.vram_ptr +
- (s->cirrus_blt_dstaddr & s->cirrus_addr_mask),
- s->vga.vram_ptr +
- (s->cirrus_blt_srcaddr & s->cirrus_addr_mask),
+ (*s->cirrus_rop) (s, s->vga.vram_ptr + s->cirrus_blt_dstaddr,
+ s->vga.vram_ptr + s->cirrus_blt_srcaddr,
s->cirrus_blt_dstpitch, s->cirrus_blt_srcpitch,
s->cirrus_blt_width, s->cirrus_blt_height);
@@ -831,8 +829,7 @@ static void cirrus_bitblt_cputovideo_next(CirrusVGAState * s)
} else {
/* at least one scan line */
do {
- (*s->cirrus_rop)(s, s->vga.vram_ptr +
- (s->cirrus_blt_dstaddr & s->cirrus_addr_mask),
+ (*s->cirrus_rop)(s, s->vga.vram_ptr + s->cirrus_blt_dstaddr,
s->cirrus_bltbuf, 0, 0, s->cirrus_blt_width, 1);
cirrus_invalidate_region(s, s->cirrus_blt_dstaddr, 0,
s->cirrus_blt_width, 1);
@@ -951,6 +948,9 @@ static void cirrus_bitblt_start(CirrusVGAState * s)
s->cirrus_blt_modeext = s->vga.gr[0x33];
blt_rop = s->vga.gr[0x32];
+ s->cirrus_blt_dstaddr &= s->cirrus_addr_mask;
+ s->cirrus_blt_srcaddr &= s->cirrus_addr_mask;
+
#ifdef DEBUG_BITBLT
printf("rop=0x%02x mode=0x%02x modeext=0x%02x w=%d h=%d dpitch=%d spitch=%d daddr=0x%08x saddr=0x%08x writemask=0x%02x\n",
blt_rop,

View File

@ -1,48 +0,0 @@
From 5ac15a00c17d95a440ce99c8154d41a263f96032 Mon Sep 17 00:00:00 2001
From: Li Qiang <liqiang6-s@360.cn>
Date: Wed, 1 Feb 2017 09:35:01 +0100
Subject: [PATCH] cirrus: fix oob access issue (CVE-2017-2615)
When doing bitblt copy in backward mode, we should minus the
blt width first just like the adding in the forward mode. This
can avoid the oob access of the front of vga's vram.
Signed-off-by: Li Qiang <liqiang6-s@360.cn>
{ kraxel: with backward blits (negative pitch) addr is the topmost
address, so check it as-is against vram size ]
Cc: qemu-stable@nongnu.org
Cc: P J P <ppandit@redhat.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Wolfgang Bumiller <w.bumiller@proxmox.com>
Fixes: d3532a0db02296e687711b8cdc7791924efccea0 (CVE-2014-8106)
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1485938101-26602-1-git-send-email-kraxel@redhat.com
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 62d4c6bd5263bb8413a06c80144fc678df6dfb64)
[BR: CVE-2017-2615 BSC#1023004]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/cirrus_vga.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
index ef5da7acf7..aaa46abea4 100644
--- a/hw/display/cirrus_vga.c
+++ b/hw/display/cirrus_vga.c
@@ -277,10 +277,9 @@ static bool blit_region_is_unsafe(struct CirrusVGAState *s,
}
if (pitch < 0) {
int64_t min = addr
- + ((int64_t)s->cirrus_blt_height-1) * pitch;
- int32_t max = addr
- + s->cirrus_blt_width;
- if (min < 0 || max > s->vga.vram_size) {
+ + ((int64_t)s->cirrus_blt_height - 1) * pitch
+ - s->cirrus_blt_width;
+ if (min < -1 || addr >= s->vga.vram_size) {
return true;
}
} else {

View File

@ -1,35 +0,0 @@
From 424bd9dd9c5d6959304faead9e81a0f81435b7d4 Mon Sep 17 00:00:00 2001
From: Prasad J Pandit <pjp@fedoraproject.org>
Date: Fri, 3 Feb 2017 00:52:28 +0530
Subject: [PATCH] usb: ccid: check ccid apdu length
CCID device emulator uses Application Protocol Data Units(APDU)
to exchange command and responses to and from the host.
The length in these units couldn't be greater than 65536. Add
check to ensure the same. It'd also avoid potential integer
overflow in emulated_apdu_from_guest.
Reported-by: Li Qiang <liqiang6-s@360.cn>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-id: 20170202192228.10847-1-ppandit@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit c7dfbf322595ded4e70b626bf83158a9f3807c6a)
[BR: CVE-2017-5898 BSC#1023907]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/usb/dev-smartcard-reader.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/usb/dev-smartcard-reader.c b/hw/usb/dev-smartcard-reader.c
index 89e11b68c4..1325ea1659 100644
--- a/hw/usb/dev-smartcard-reader.c
+++ b/hw/usb/dev-smartcard-reader.c
@@ -967,7 +967,7 @@ static void ccid_on_apdu_from_guest(USBCCIDState *s, CCID_XferBlock *recv)
DPRINTF(s, 1, "%s: seq %d, len %d\n", __func__,
recv->hdr.bSeq, len);
ccid_add_pending_answer(s, (CCID_Header *)recv);
- if (s->card) {
+ if (s->card && len <= BULK_OUT_DATA_SIZE) {
ccid_card_apdu_from_guest(s->card, recv->abData, len);
} else {
DPRINTF(s, D_WARN, "warning: discarded apdu\n");

View File

@ -1,37 +0,0 @@
From f774e0e5e658fb9387c10634e2b880a1657ce2ac Mon Sep 17 00:00:00 2001
From: Prasad J Pandit <pjp@fedoraproject.org>
Date: Tue, 7 Feb 2017 18:29:59 +0000
Subject: [PATCH] sd: sdhci: check data length during dma_memory_read
While doing multi block SDMA transfer in routine
'sdhci_sdma_transfer_multi_blocks', the 's->fifo_buffer' starting
index 'begin' and data length 's->data_count' could end up to be same.
This could lead to an OOB access issue. Correct transfer data length
to avoid it.
Cc: qemu-stable@nongnu.org
Reported-by: Jiang Xin <jiangxin1@huawei.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20170130064736.9236-1-ppandit@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
(cherry picked from commit 42922105beb14c2fc58185ea022b9f72fb5465e9)
[BR: CVE-2017-5667 BSC#1022541]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/sd/sdhci.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c
index 01fbf228be..5bd5ab6319 100644
--- a/hw/sd/sdhci.c
+++ b/hw/sd/sdhci.c
@@ -536,7 +536,7 @@ static void sdhci_sdma_transfer_multi_blocks(SDHCIState *s)
boundary_count -= block_size - begin;
}
dma_memory_read(&address_space_memory, s->sdmasysad,
- &s->fifo_buffer[begin], s->data_count);
+ &s->fifo_buffer[begin], s->data_count - begin);
s->sdmasysad += s->data_count - begin;
if (s->data_count == block_size) {
for (n = 0; n < block_size; n++) {

View File

@ -1,48 +0,0 @@
From cb184e87cf205d6570e5cd34e85dd9a8a72a0afc Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Mon, 23 Jan 2017 11:26:50 +0100
Subject: [PATCH] virtio-gpu: fix resource leak in virgl_cmd_resource_unref
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
When the guest sends VIRTIO_GPU_CMD_RESOURCE_UNREF without detaching the
backing storage beforehand (VIRTIO_GPU_CMD_RESOURCE_DETACH_BACKING)
we'll leak memory.
This patch fixes it for 3d mode, simliar to the 2d mode fix in commit
"b8e2392 virtio-gpu: call cleanup mapping function in resource destroy".
Reported-by: 李强 <liqiang6-s@360.cn>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1485167210-4757-1-git-send-email-kraxel@redhat.com
(cherry picked from commit 5e8e3c4c75c199aa1017db816fca02be2a9f8798)
[BR: CVE-2017-5857 BSC#1023073]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/virtio-gpu-3d.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c
index f96a0c2e59..ecb09d17a1 100644
--- a/hw/display/virtio-gpu-3d.c
+++ b/hw/display/virtio-gpu-3d.c
@@ -77,10 +77,18 @@ static void virgl_cmd_resource_unref(VirtIOGPU *g,
struct virtio_gpu_ctrl_command *cmd)
{
struct virtio_gpu_resource_unref unref;
+ struct iovec *res_iovs = NULL;
+ int num_iovs = 0;
VIRTIO_GPU_FILL_CMD(unref);
trace_virtio_gpu_cmd_res_unref(unref.resource_id);
+ virgl_renderer_resource_detach_iov(unref.resource_id,
+ &res_iovs,
+ &num_iovs);
+ if (res_iovs != NULL && num_iovs != 0) {
+ virtio_gpu_cleanup_mapping_iov(res_iovs, num_iovs);
+ }
virgl_renderer_resource_unref(unref.resource_id);
}

View File

@ -1,103 +0,0 @@
From f369059a4fcc285174c50981fc3fc0b513301aab Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Thu, 9 Feb 2017 14:02:20 +0100
Subject: [PATCH] cirrus: fix patterncopy checks
The blit_region_is_unsafe checks don't work correctly for the
patterncopy source. It's a fixed-sized region, which doesn't
depend on cirrus_blt_{width,height}. So go do the check in
cirrus_bitblt_common_patterncopy instead, then tell blit_is_unsafe that
it doesn't need to verify the source. Also handle the case where we
blit from cirrus_bitbuf correctly.
This patch replaces 5858dd1801883309bdd208d72ddb81c4e9fee30c.
Security impact: I think for the most part error on the safe side this
time, refusing blits which should have been allowed.
Only exception is placing the blit source at the end of the video ram,
so cirrus_blt_srcaddr + 256 goes beyond the end of video memory. But
even in that case I'm not fully sure this actually allows read access to
host memory. To trick the commit 5858dd18 security checks one has to
pick very small cirrus_blt_{width,height} values, which in turn implies
only a fraction of the blit source will actually be used.
Cc: Wolfgang Bumiller <w.bumiller@proxmox.com>
Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Message-id: 1486645341-5010-1-git-send-email-kraxel@redhat.com
(cherry picked from commit 95280c31cda79bb1d0968afc7b19a220b3a9d986)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/cirrus_vga.c | 36 ++++++++++++++++++++++++++++++------
1 file changed, 30 insertions(+), 6 deletions(-)
diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
index aaa46abea4..d214ef74f9 100644
--- a/hw/display/cirrus_vga.c
+++ b/hw/display/cirrus_vga.c
@@ -674,14 +674,39 @@ static void cirrus_invalidate_region(CirrusVGAState * s, int off_begin,
}
}
-static int cirrus_bitblt_common_patterncopy(CirrusVGAState * s,
- const uint8_t * src)
+static int cirrus_bitblt_common_patterncopy(CirrusVGAState *s, bool videosrc)
{
+ uint32_t patternsize;
uint8_t *dst;
+ uint8_t *src;
dst = s->vga.vram_ptr + s->cirrus_blt_dstaddr;
- if (blit_is_unsafe(s, false))
+ if (videosrc) {
+ switch (s->vga.get_bpp(&s->vga)) {
+ case 8:
+ patternsize = 64;
+ break;
+ case 15:
+ case 16:
+ patternsize = 128;
+ break;
+ case 24:
+ case 32:
+ default:
+ patternsize = 256;
+ break;
+ }
+ s->cirrus_blt_srcaddr &= ~(patternsize - 1);
+ if (s->cirrus_blt_srcaddr + patternsize > s->vga.vram_size) {
+ return 0;
+ }
+ src = s->vga.vram_ptr + s->cirrus_blt_srcaddr;
+ } else {
+ src = s->cirrus_bltbuf;
+ }
+
+ if (blit_is_unsafe(s, true))
return 0;
(*s->cirrus_rop) (s, dst, src,
@@ -721,8 +746,7 @@ static int cirrus_bitblt_solidfill(CirrusVGAState *s, int blt_rop)
static int cirrus_bitblt_videotovideo_patterncopy(CirrusVGAState * s)
{
- return cirrus_bitblt_common_patterncopy(s, s->vga.vram_ptr +
- (s->cirrus_blt_srcaddr & ~7));
+ return cirrus_bitblt_common_patterncopy(s, true);
}
static int cirrus_do_copy(CirrusVGAState *s, int dst, int src, int w, int h)
@@ -821,7 +845,7 @@ static void cirrus_bitblt_cputovideo_next(CirrusVGAState * s)
if (s->cirrus_srccounter > 0) {
if (s->cirrus_blt_mode & CIRRUS_BLTMODE_PATTERNCOPY) {
- cirrus_bitblt_common_patterncopy(s, s->cirrus_bltbuf);
+ cirrus_bitblt_common_patterncopy(s, false);
the_end:
s->cirrus_srccounter = 0;
cirrus_bitblt_reset(s);

View File

@ -1,49 +0,0 @@
From bd4f41a27f8e53e8c8bf958f44afda915b8fec5c Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Wed, 8 Feb 2017 11:18:36 +0100
Subject: [PATCH] cirrus: add blit_is_unsafe call to cirrus_bitblt_cputovideo
(CVE-2017-2620)
CIRRUS_BLTMODE_MEMSYSSRC blits do NOT check blit destination
and blit width, at all. Oops. Fix it.
Security impact: high.
The missing blit destination check allows to write to host memory.
Basically same as CVE-2014-8106 for the other blit variants.
Cc: qemu-stable@nongnu.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit 92f2b88cea48c6aeba8de568a45f2ed958f3c298)
[BR: BSC#1024972]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/cirrus_vga.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
index d214ef74f9..8bf057de82 100644
--- a/hw/display/cirrus_vga.c
+++ b/hw/display/cirrus_vga.c
@@ -899,6 +899,10 @@ static int cirrus_bitblt_cputovideo(CirrusVGAState * s)
{
int w;
+ if (blit_is_unsafe(s, true)) {
+ return 0;
+ }
+
s->cirrus_blt_mode &= ~CIRRUS_BLTMODE_MEMSYSSRC;
s->cirrus_srcptr = &s->cirrus_bltbuf[0];
s->cirrus_srcptr_end = &s->cirrus_bltbuf[0];
@@ -924,6 +928,10 @@ static int cirrus_bitblt_cputovideo(CirrusVGAState * s)
}
s->cirrus_srccounter = s->cirrus_blt_srcpitch * s->cirrus_blt_height;
}
+
+ /* the blit_is_unsafe call above should catch this */
+ assert(s->cirrus_blt_srcpitch <= CIRRUS_BLTBUFSIZE);
+
s->cirrus_srcptr = s->cirrus_bltbuf;
s->cirrus_srcptr_end = s->cirrus_bltbuf + s->cirrus_blt_srcpitch;
cirrus_update_memory_access(s);

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:dafd5d7f649907b6b617b822692f4c82e60cf29bc0fc58bc2036219b591e5e62
size 28368517

Binary file not shown.

3
qemu-2.9.0-rc2.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:1c3e72b6b0aeca5c7dd9b5a788b676e7dfb6486f1256224cd2bda01fae0eace4
size 22821160

BIN
qemu-2.9.0-rc2.tar.xz.sig Normal file

Binary file not shown.

View File

@ -1,3 +1,94 @@
-------------------------------------------------------------------
Tue Mar 28 22:12:56 UTC 2017 - brogers@suse.com
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
* Patches dropped:
0047-linux-user-exclude-cpu-model-code-w.patch
* Patches added:
0047-hw-intc-arm_gicv3_kvm-Check-KVM_DEV.patch
-------------------------------------------------------------------
Tue Mar 21 20:53:50 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc1: See http://wiki.qemu-project.org/ChangeLog/2.9
* Patches dropped (no longer needed based on what we now build for):
0024-virtfs-proxy-helper-Provide-__u64-f.patch
* Patches dropped (included in upstream source archive):
0034-dma-rc4030-limit-interval-timer-rel.patch
* Patches renamed:
0024-configure-Enable-PIE-for-ppc-and-pp.patch -> 0023-configure-Enable-PIE-for-ppc-and-pp.patch
0025-AIO-Reduce-number-of-threads-for-32.patch -> 0024-AIO-Reduce-number-of-threads-for-32.patch
0026-dictzip-Fix-on-big-endian-systems.patch -> 0025-dictzip-Fix-on-big-endian-systems.patch
0027-xen_disk-Add-suse-specific-flush-di.patch -> 0026-xen_disk-Add-suse-specific-flush-di.patch
0028-qemu-bridge-helper-reduce-security-.patch -> 0027-qemu-bridge-helper-reduce-security-.patch
0029-qemu-binfmt-conf-use-qemu-ARCH-binf.patch -> 0028-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
0030-configure-Fix-detection-of-seccomp-.patch -> 0029-configure-Fix-detection-of-seccomp-.patch
0031-linux-user-properly-test-for-infini.patch -> 0030-linux-user-properly-test-for-infini.patch
0032-linux-user-remove-all-traces-of-qem.patch -> 0031-linux-user-remove-all-traces-of-qem.patch
0033-roms-Makefile-pass-a-packaging-time.patch -> 0032-roms-Makefile-pass-a-packaging-time.patch
0035-roms-Makefile-pass-a-packaging-time.patch -> 0033-roms-Makefile-pass-a-packaging-time.patch
0036-Raise-soft-address-space-limit-to-h.patch -> 0034-Raise-soft-address-space-limit-to-h.patch
0037-increase-x86_64-physical-bits-to-42.patch -> 0035-increase-x86_64-physical-bits-to-42.patch
0038-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch -> 0036-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
0039-i8254-Fix-migration-from-SLE11-SP2.patch -> 0037-i8254-Fix-migration-from-SLE11-SP2.patch
0040-acpi_piix4-Fix-migration-from-SLE11.patch -> 0038-acpi_piix4-Fix-migration-from-SLE11.patch
0041-Fix-tigervnc-long-press-issue.patch -> 0039-Fix-tigervnc-long-press-issue.patch
0042-fix-xen-hvm-direct-kernel-boot.patch -> 0040-fix-xen-hvm-direct-kernel-boot.patch
0043-ARM-KVM-Enable-in-kernel-timers-wit.patch -> 0041-ARM-KVM-Enable-in-kernel-timers-wit.patch
0044-string-input-visitor-Fix-uint64-par.patch -> 0042-string-input-visitor-Fix-uint64-par.patch
0045-test-string-input-visitor-Add-int-t.patch -> 0043-test-string-input-visitor-Add-int-t.patch
0046-test-string-input-visitor-Add-uint6.patch -> 0044-test-string-input-visitor-Add-uint6.patch
0047-tests-Add-QOM-property-unit-tests.patch -> 0045-tests-Add-QOM-property-unit-tests.patch
0048-tests-Add-scsi-disk-test.patch -> 0046-tests-Add-scsi-disk-test.patch
0049-linux-user-exclude-cpu-model-code-w.patch -> 0047-linux-user-exclude-cpu-model-code-w.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Mon Mar 20 22:02:08 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc0: See http://wiki.qemu-project.org/ChangeLog/2.9
* Patches dropped (included in upstream source archive):
0035-net-imx-limit-buffer-descriptor-cou.patch
0045-virtio-gpu-call-cleanup-mapping-fun.patch
0051-virtio-gpu-fix-information-leak-in-.patch
0052-display-cirrus-ignore-source-pitch-.patch
0053-s390x-kvm-fix-small-race-reboot-vs..patch
0054-target-s390x-use-qemu-cpu-model-in-.patch
0056-tests-check-path-to-avoid-a-failing.patch
0057-display-virtio-gpu-3d-check-virgl-c.patch
0058-watchdog-6300esb-add-exit-function.patch
0059-virtio-gpu-3d-fix-memory-leak-in-re.patch
0060-virtio-gpu-fix-memory-leak-in-resou.patch
0061-virtio-fix-vq-inuse-recalc-after-mi.patch
0062-audio-es1370-add-exit-function.patch
0063-audio-ac97-add-exit-function.patch
0064-megasas-fix-guest-triggered-memory-.patch
0065-cirrus-handle-negative-pitch-in-cir.patch
0066-cirrus-fix-blit-address-mask-handli.patch
0067-cirrus-fix-oob-access-issue-CVE-201.patch
0068-usb-ccid-check-ccid-apdu-length.patch
0069-sd-sdhci-check-data-length-during-d.patch
0070-virtio-gpu-fix-resource-leak-in-vir.patch
0071-cirrus-fix-patterncopy-checks.patch
0072-cirrus-add-blit_is_unsafe-call-to-c.patch
* Patches renamed:
0036-roms-Makefile-pass-a-packaging-time.patch -> 0035-roms-Makefile-pass-a-packaging-time.patch
0037-Raise-soft-address-space-limit-to-h.patch -> 0036-Raise-soft-address-space-limit-to-h.patch
0038-increase-x86_64-physical-bits-to-42.patch -> 0037-increase-x86_64-physical-bits-to-42.patch
0039-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch -> 0038-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
0040-i8254-Fix-migration-from-SLE11-SP2.patch -> 0039-i8254-Fix-migration-from-SLE11-SP2.patch
0041-acpi_piix4-Fix-migration-from-SLE11.patch -> 0040-acpi_piix4-Fix-migration-from-SLE11.patch
0042-Fix-tigervnc-long-press-issue.patch -> 0041-Fix-tigervnc-long-press-issue.patch
0043-fix-xen-hvm-direct-kernel-boot.patch -> 0042-fix-xen-hvm-direct-kernel-boot.patch
0044-ARM-KVM-Enable-in-kernel-timers-wit.patch -> 0043-ARM-KVM-Enable-in-kernel-timers-wit.patch
0046-string-input-visitor-Fix-uint64-par.patch -> 0044-string-input-visitor-Fix-uint64-par.patch
0047-test-string-input-visitor-Add-int-t.patch -> 0045-test-string-input-visitor-Add-int-t.patch
0048-test-string-input-visitor-Add-uint6.patch -> 0046-test-string-input-visitor-Add-uint6.patch
0049-tests-Add-QOM-property-unit-tests.patch -> 0047-tests-Add-QOM-property-unit-tests.patch
0050-tests-Add-scsi-disk-test.patch -> 0048-tests-Add-scsi-disk-test.patch
0055-linux-user-exclude-cpu-model-code-w.patch -> 0049-linux-user-exclude-cpu-model-code-w.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Wed Mar 1 12:26:56 UTC 2017 - brogers@suse.com

View File

@ -21,9 +21,9 @@ Url: http://www.qemu.org/
Summary: Universal CPU emulator
License: BSD-3-Clause and GPL-2.0 and GPL-2.0+ and LGPL-2.1+ and MIT
Group: System/Emulators/PC
Version: 2.8.0
Version: 2.8.92
Release: 0
Source: qemu-2.8.0.tar.bz2
Source: qemu-2.9.0-rc2.tar.xz
# Upstream First -- http://wiki.qemu-project.org/Contribute/SubmitAPatch
# This patch queue is auto-generated from https://github.com/openSUSE/qemu
Patch0001: 0001-XXX-dont-dump-core-on-sigabort.patch
@ -49,55 +49,30 @@ Patch0020: 0020-Legacy-Patch-kvm-qemu-preXX-dictzip.patch
Patch0021: 0021-console-add-question-mark-escape-op.patch
Patch0022: 0022-Make-char-muxer-more-robust-wrt-sma.patch
Patch0023: 0023-linux-user-lseek-explicitly-cast-no.patch
Patch0024: 0024-virtfs-proxy-helper-Provide-__u64-f.patch
Patch0025: 0025-configure-Enable-PIE-for-ppc-and-pp.patch
Patch0026: 0026-AIO-Reduce-number-of-threads-for-32.patch
Patch0027: 0027-dictzip-Fix-on-big-endian-systems.patch
Patch0028: 0028-xen_disk-Add-suse-specific-flush-di.patch
Patch0029: 0029-qemu-bridge-helper-reduce-security-.patch
Patch0030: 0030-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
Patch0031: 0031-configure-Fix-detection-of-seccomp-.patch
Patch0032: 0032-linux-user-properly-test-for-infini.patch
Patch0033: 0033-linux-user-remove-all-traces-of-qem.patch
Patch0034: 0034-dma-rc4030-limit-interval-timer-rel.patch
Patch0035: 0035-net-imx-limit-buffer-descriptor-cou.patch
Patch0036: 0036-roms-Makefile-pass-a-packaging-time.patch
Patch0037: 0037-Raise-soft-address-space-limit-to-h.patch
Patch0038: 0038-increase-x86_64-physical-bits-to-42.patch
Patch0039: 0039-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
Patch0040: 0040-i8254-Fix-migration-from-SLE11-SP2.patch
Patch0041: 0041-acpi_piix4-Fix-migration-from-SLE11.patch
Patch0042: 0042-Fix-tigervnc-long-press-issue.patch
Patch0043: 0043-fix-xen-hvm-direct-kernel-boot.patch
Patch0044: 0044-ARM-KVM-Enable-in-kernel-timers-wit.patch
Patch0045: 0045-virtio-gpu-call-cleanup-mapping-fun.patch
Patch0046: 0046-string-input-visitor-Fix-uint64-par.patch
Patch0047: 0047-test-string-input-visitor-Add-int-t.patch
Patch0048: 0048-test-string-input-visitor-Add-uint6.patch
Patch0049: 0049-tests-Add-QOM-property-unit-tests.patch
Patch0050: 0050-tests-Add-scsi-disk-test.patch
Patch0051: 0051-virtio-gpu-fix-information-leak-in-.patch
Patch0052: 0052-display-cirrus-ignore-source-pitch-.patch
Patch0053: 0053-s390x-kvm-fix-small-race-reboot-vs..patch
Patch0054: 0054-target-s390x-use-qemu-cpu-model-in-.patch
Patch0055: 0055-linux-user-exclude-cpu-model-code-w.patch
Patch0056: 0056-tests-check-path-to-avoid-a-failing.patch
Patch0057: 0057-display-virtio-gpu-3d-check-virgl-c.patch
Patch0058: 0058-watchdog-6300esb-add-exit-function.patch
Patch0059: 0059-virtio-gpu-3d-fix-memory-leak-in-re.patch
Patch0060: 0060-virtio-gpu-fix-memory-leak-in-resou.patch
Patch0061: 0061-virtio-fix-vq-inuse-recalc-after-mi.patch
Patch0062: 0062-audio-es1370-add-exit-function.patch
Patch0063: 0063-audio-ac97-add-exit-function.patch
Patch0064: 0064-megasas-fix-guest-triggered-memory-.patch
Patch0065: 0065-cirrus-handle-negative-pitch-in-cir.patch
Patch0066: 0066-cirrus-fix-blit-address-mask-handli.patch
Patch0067: 0067-cirrus-fix-oob-access-issue-CVE-201.patch
Patch0068: 0068-usb-ccid-check-ccid-apdu-length.patch
Patch0069: 0069-sd-sdhci-check-data-length-during-d.patch
Patch0070: 0070-virtio-gpu-fix-resource-leak-in-vir.patch
Patch0071: 0071-cirrus-fix-patterncopy-checks.patch
Patch0072: 0072-cirrus-add-blit_is_unsafe-call-to-c.patch
Patch0024: 0024-configure-Enable-PIE-for-ppc-and-pp.patch
Patch0025: 0025-AIO-Reduce-number-of-threads-for-32.patch
Patch0026: 0026-dictzip-Fix-on-big-endian-systems.patch
Patch0027: 0027-xen_disk-Add-suse-specific-flush-di.patch
Patch0028: 0028-qemu-bridge-helper-reduce-security-.patch
Patch0029: 0029-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
Patch0030: 0030-configure-Fix-detection-of-seccomp-.patch
Patch0031: 0031-linux-user-properly-test-for-infini.patch
Patch0032: 0032-linux-user-remove-all-traces-of-qem.patch
Patch0033: 0033-roms-Makefile-pass-a-packaging-time.patch
Patch0034: 0034-Raise-soft-address-space-limit-to-h.patch
Patch0035: 0035-increase-x86_64-physical-bits-to-42.patch
Patch0036: 0036-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
Patch0037: 0037-i8254-Fix-migration-from-SLE11-SP2.patch
Patch0038: 0038-acpi_piix4-Fix-migration-from-SLE11.patch
Patch0039: 0039-Fix-tigervnc-long-press-issue.patch
Patch0040: 0040-fix-xen-hvm-direct-kernel-boot.patch
Patch0041: 0041-ARM-KVM-Enable-in-kernel-timers-wit.patch
Patch0042: 0042-string-input-visitor-Fix-uint64-par.patch
Patch0043: 0043-test-string-input-visitor-Add-int-t.patch
Patch0044: 0044-test-string-input-visitor-Add-uint6.patch
Patch0045: 0045-tests-Add-QOM-property-unit-tests.patch
Patch0046: 0046-tests-Add-scsi-disk-test.patch
Patch0047: 0047-hw-intc-arm_gicv3_kvm-Check-KVM_DEV.patch
# Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue.
Source400: update_git.sh
@ -151,7 +126,7 @@ emulations. This can be used together with the OBS build script to
run cross-architecture builds.
%prep
%setup -q -n qemu-2.8.0
%setup -q -n qemu-2.9.0-rc2
%patch0001 -p1
%patch0002 -p1
%patch0003 -p1
@ -199,31 +174,6 @@ run cross-architecture builds.
%patch0045 -p1
%patch0046 -p1
%patch0047 -p1
%patch0048 -p1
%patch0049 -p1
%patch0050 -p1
%patch0051 -p1
%patch0052 -p1
%patch0053 -p1
%patch0054 -p1
%patch0055 -p1
%patch0056 -p1
%patch0057 -p1
%patch0058 -p1
%patch0059 -p1
%patch0060 -p1
%patch0061 -p1
%patch0062 -p1
%patch0063 -p1
%patch0064 -p1
%patch0065 -p1
%patch0066 -p1
%patch0067 -p1
%patch0068 -p1
%patch0069 -p1
%patch0070 -p1
%patch0071 -p1
%patch0072 -p1
%build
./configure --prefix=%_prefix --sysconfdir=%_sysconfdir \
@ -307,6 +257,7 @@ ln -sf ../../../emul/ia32-linux %{buildroot}%_datadir/qemu/qemu-i386
%_bindir/qemu-arm
%_bindir/qemu-armeb
%_bindir/qemu-cris
%_bindir/qemu-hppa
%_bindir/qemu-i386
%_bindir/qemu-m68k
%_bindir/qemu-microblaze
@ -317,7 +268,8 @@ ln -sf ../../../emul/ia32-linux %{buildroot}%_datadir/qemu/qemu-i386
%_bindir/qemu-mipsn32el
%_bindir/qemu-mips64
%_bindir/qemu-mips64el
%_bindir/qemu-or32
%_bindir/qemu-nios2
%_bindir/qemu-or1k
%_bindir/qemu-ppc64abi32
%_bindir/qemu-ppc64
%_bindir/qemu-ppc64le
@ -339,5 +291,6 @@ ln -sf ../../../emul/ia32-linux %{buildroot}%_datadir/qemu/qemu-i386
%dir %_datadir/qemu
%_datadir/qemu/qemu-i386
%endif
%doc %_mandir/man7/qemu-qmp-ref.7.gz
%changelog

View File

@ -23,7 +23,7 @@ License: BSD-3-Clause and GPL-2.0 and GPL-2.0+ and LGPL-2.1+ and MIT
Group: System/Emulators/PC
QEMU_VERSION
Release: 0
Source: qemu-2.8.0.tar.bz2
Source: qemu-2.9.0-rc2.tar.xz
# Upstream First -- http://wiki.qemu-project.org/Contribute/SubmitAPatch
# This patch queue is auto-generated from https://github.com/openSUSE/qemu
PATCH_FILES
@ -80,7 +80,7 @@ emulations. This can be used together with the OBS build script to
run cross-architecture builds.
%prep
%setup -q -n qemu-2.8.0
%setup -q -n qemu-2.9.0-rc2
PATCH_EXEC
%build
@ -165,6 +165,7 @@ ln -sf ../../../emul/ia32-linux %{buildroot}%_datadir/qemu/qemu-i386
%_bindir/qemu-arm
%_bindir/qemu-armeb
%_bindir/qemu-cris
%_bindir/qemu-hppa
%_bindir/qemu-i386
%_bindir/qemu-m68k
%_bindir/qemu-microblaze
@ -175,7 +176,8 @@ ln -sf ../../../emul/ia32-linux %{buildroot}%_datadir/qemu/qemu-i386
%_bindir/qemu-mipsn32el
%_bindir/qemu-mips64
%_bindir/qemu-mips64el
%_bindir/qemu-or32
%_bindir/qemu-nios2
%_bindir/qemu-or1k
%_bindir/qemu-ppc64abi32
%_bindir/qemu-ppc64
%_bindir/qemu-ppc64le
@ -197,5 +199,6 @@ ln -sf ../../../emul/ia32-linux %{buildroot}%_datadir/qemu/qemu-i386
%dir %_datadir/qemu
%_datadir/qemu/qemu-i386
%endif
%doc %_mandir/man7/qemu-qmp-ref.7.gz
%changelog

View File

@ -1,3 +1,105 @@
-------------------------------------------------------------------
Tue Mar 28 22:12:52 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc2: See http://wiki.qemu-project.org/ChangeLog/2.9
* Includes fix for in guest privilege escalation when using TCG
(bsc#1030624)
* Patches dropped (equivalent included in upstream source archive):
0047-linux-user-exclude-cpu-model-code-w.patch
- Fix failure booting SLE12-SP2 Aarch64 guest (bsc#1031384)
0047-hw-intc-arm_gicv3_kvm-Check-KVM_DEV.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Tue Mar 21 20:53:47 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc1: See http://wiki.qemu-project.org/ChangeLog/2.9
* Patches dropped (no longer needed based on what we now build for):
0024-virtfs-proxy-helper-Provide-__u64-f.patch
* Patches dropped (included in upstream source archive):
0034-dma-rc4030-limit-interval-timer-rel.patch
* Patches renamed:
0024-configure-Enable-PIE-for-ppc-and-pp.patch -> 0023-configure-Enable-PIE-for-ppc-and-pp.patch
0025-AIO-Reduce-number-of-threads-for-32.patch -> 0024-AIO-Reduce-number-of-threads-for-32.patch
0026-dictzip-Fix-on-big-endian-systems.patch -> 0025-dictzip-Fix-on-big-endian-systems.patch
0027-xen_disk-Add-suse-specific-flush-di.patch -> 0026-xen_disk-Add-suse-specific-flush-di.patch
0028-qemu-bridge-helper-reduce-security-.patch -> 0027-qemu-bridge-helper-reduce-security-.patch
0029-qemu-binfmt-conf-use-qemu-ARCH-binf.patch -> 0028-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
0030-configure-Fix-detection-of-seccomp-.patch -> 0029-configure-Fix-detection-of-seccomp-.patch
0031-linux-user-properly-test-for-infini.patch -> 0030-linux-user-properly-test-for-infini.patch
0032-linux-user-remove-all-traces-of-qem.patch -> 0031-linux-user-remove-all-traces-of-qem.patch
0033-roms-Makefile-pass-a-packaging-time.patch -> 0032-roms-Makefile-pass-a-packaging-time.patch
0035-roms-Makefile-pass-a-packaging-time.patch -> 0033-roms-Makefile-pass-a-packaging-time.patch
0036-Raise-soft-address-space-limit-to-h.patch -> 0034-Raise-soft-address-space-limit-to-h.patch
0037-increase-x86_64-physical-bits-to-42.patch -> 0035-increase-x86_64-physical-bits-to-42.patch
0038-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch -> 0036-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
0039-i8254-Fix-migration-from-SLE11-SP2.patch -> 0037-i8254-Fix-migration-from-SLE11-SP2.patch
0040-acpi_piix4-Fix-migration-from-SLE11.patch -> 0038-acpi_piix4-Fix-migration-from-SLE11.patch
0041-Fix-tigervnc-long-press-issue.patch -> 0039-Fix-tigervnc-long-press-issue.patch
0042-fix-xen-hvm-direct-kernel-boot.patch -> 0040-fix-xen-hvm-direct-kernel-boot.patch
0043-ARM-KVM-Enable-in-kernel-timers-wit.patch -> 0041-ARM-KVM-Enable-in-kernel-timers-wit.patch
0044-string-input-visitor-Fix-uint64-par.patch -> 0042-string-input-visitor-Fix-uint64-par.patch
0045-test-string-input-visitor-Add-int-t.patch -> 0043-test-string-input-visitor-Add-int-t.patch
0046-test-string-input-visitor-Add-uint6.patch -> 0044-test-string-input-visitor-Add-uint6.patch
0047-tests-Add-QOM-property-unit-tests.patch -> 0045-tests-Add-QOM-property-unit-tests.patch
0048-tests-Add-scsi-disk-test.patch -> 0046-tests-Add-scsi-disk-test.patch
0049-linux-user-exclude-cpu-model-code-w.patch -> 0047-linux-user-exclude-cpu-model-code-w.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Mon Mar 20 22:02:08 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc0: See http://wiki.qemu-project.org/ChangeLog/2.9
* Updated version carries fixes for the following reported issues:
CVE-2016-9602 bsc#1020427, CVE-2016-9923 bsc#1014703,
CVE-2017-2630 bsc#1025396, CVE-2017-2633 bsc#1026612,
CVE-2017-5579 bsc#1021741, CVE-2017-5931 bsc#1024114,
CVE-2017-5973 bsc#1025109, CVE-2017-5987 bsc#1025311,
CVE-2017-6058 bsc#1025837, CVE-2017-6505 bsc#1028184
* Patches dropped:
seabios_128kb.patch (no longer required)
* Patches dropped (included in upstream source archive):
0035-net-imx-limit-buffer-descriptor-cou.patch
0045-virtio-gpu-call-cleanup-mapping-fun.patch
0051-virtio-gpu-fix-information-leak-in-.patch
0052-display-cirrus-ignore-source-pitch-.patch
0053-s390x-kvm-fix-small-race-reboot-vs..patch
0054-target-s390x-use-qemu-cpu-model-in-.patch
0056-tests-check-path-to-avoid-a-failing.patch
0057-display-virtio-gpu-3d-check-virgl-c.patch
0058-watchdog-6300esb-add-exit-function.patch
0059-virtio-gpu-3d-fix-memory-leak-in-re.patch
0060-virtio-gpu-fix-memory-leak-in-resou.patch
0061-virtio-fix-vq-inuse-recalc-after-mi.patch
0062-audio-es1370-add-exit-function.patch
0063-audio-ac97-add-exit-function.patch
0064-megasas-fix-guest-triggered-memory-.patch
0065-cirrus-handle-negative-pitch-in-cir.patch
0066-cirrus-fix-blit-address-mask-handli.patch
0067-cirrus-fix-oob-access-issue-CVE-201.patch
0068-usb-ccid-check-ccid-apdu-length.patch
0069-sd-sdhci-check-data-length-during-d.patch
0070-virtio-gpu-fix-resource-leak-in-vir.patch
0071-cirrus-fix-patterncopy-checks.patch
0072-cirrus-add-blit_is_unsafe-call-to-c.patch
* Patches renamed:
0036-roms-Makefile-pass-a-packaging-time.patch -> 0035-roms-Makefile-pass-a-packaging-time.patch
0037-Raise-soft-address-space-limit-to-h.patch -> 0036-Raise-soft-address-space-limit-to-h.patch
0038-increase-x86_64-physical-bits-to-42.patch -> 0037-increase-x86_64-physical-bits-to-42.patch
0039-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch -> 0038-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
0040-i8254-Fix-migration-from-SLE11-SP2.patch -> 0039-i8254-Fix-migration-from-SLE11-SP2.patch
0041-acpi_piix4-Fix-migration-from-SLE11.patch -> 0040-acpi_piix4-Fix-migration-from-SLE11.patch
0042-Fix-tigervnc-long-press-issue.patch -> 0041-Fix-tigervnc-long-press-issue.patch
0043-fix-xen-hvm-direct-kernel-boot.patch -> 0042-fix-xen-hvm-direct-kernel-boot.patch
0044-ARM-KVM-Enable-in-kernel-timers-wit.patch -> 0043-ARM-KVM-Enable-in-kernel-timers-wit.patch
0046-string-input-visitor-Fix-uint64-par.patch -> 0044-string-input-visitor-Fix-uint64-par.patch
0047-test-string-input-visitor-Add-int-t.patch -> 0045-test-string-input-visitor-Add-int-t.patch
0048-test-string-input-visitor-Add-uint6.patch -> 0046-test-string-input-visitor-Add-uint6.patch
0049-tests-Add-QOM-property-unit-tests.patch -> 0047-tests-Add-QOM-property-unit-tests.patch
0050-tests-Add-scsi-disk-test.patch -> 0048-tests-Add-scsi-disk-test.patch
0055-linux-user-exclude-cpu-model-code-w.patch -> 0049-linux-user-exclude-cpu-model-code-w.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Wed Mar 1 12:26:56 UTC 2017 - brogers@suse.com

View File

@ -91,10 +91,10 @@ Url: http://www.qemu.org/
Summary: Universal CPU emulator
License: BSD-3-Clause and GPL-2.0 and GPL-2.0+ and LGPL-2.1+ and MIT
Group: System/Emulators/PC
Version: 2.8.0
Version: 2.8.92
Release: 0
Source: http://wiki.qemu.org/download/qemu-2.8.0.tar.bz2
Source99: http://wiki.qemu.org/download/qemu-2.8.0.tar.bz2.sig
Source: http://wiki.qemu.org/download/qemu-2.9.0-rc2.tar.xz
Source99: http://wiki.qemu.org/download/qemu-2.9.0-rc2.tar.xz.sig
Source1: 80-kvm.rules
Source2: qemu-ifup
Source3: kvm_stat
@ -135,62 +135,35 @@ Patch0020: 0020-Legacy-Patch-kvm-qemu-preXX-dictzip.patch
Patch0021: 0021-console-add-question-mark-escape-op.patch
Patch0022: 0022-Make-char-muxer-more-robust-wrt-sma.patch
Patch0023: 0023-linux-user-lseek-explicitly-cast-no.patch
Patch0024: 0024-virtfs-proxy-helper-Provide-__u64-f.patch
Patch0025: 0025-configure-Enable-PIE-for-ppc-and-pp.patch
Patch0026: 0026-AIO-Reduce-number-of-threads-for-32.patch
Patch0027: 0027-dictzip-Fix-on-big-endian-systems.patch
Patch0028: 0028-xen_disk-Add-suse-specific-flush-di.patch
Patch0029: 0029-qemu-bridge-helper-reduce-security-.patch
Patch0030: 0030-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
Patch0031: 0031-configure-Fix-detection-of-seccomp-.patch
Patch0032: 0032-linux-user-properly-test-for-infini.patch
Patch0033: 0033-linux-user-remove-all-traces-of-qem.patch
Patch0034: 0034-dma-rc4030-limit-interval-timer-rel.patch
Patch0035: 0035-net-imx-limit-buffer-descriptor-cou.patch
Patch0036: 0036-roms-Makefile-pass-a-packaging-time.patch
Patch0037: 0037-Raise-soft-address-space-limit-to-h.patch
Patch0038: 0038-increase-x86_64-physical-bits-to-42.patch
Patch0039: 0039-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
Patch0040: 0040-i8254-Fix-migration-from-SLE11-SP2.patch
Patch0041: 0041-acpi_piix4-Fix-migration-from-SLE11.patch
Patch0042: 0042-Fix-tigervnc-long-press-issue.patch
Patch0043: 0043-fix-xen-hvm-direct-kernel-boot.patch
Patch0044: 0044-ARM-KVM-Enable-in-kernel-timers-wit.patch
Patch0045: 0045-virtio-gpu-call-cleanup-mapping-fun.patch
Patch0046: 0046-string-input-visitor-Fix-uint64-par.patch
Patch0047: 0047-test-string-input-visitor-Add-int-t.patch
Patch0048: 0048-test-string-input-visitor-Add-uint6.patch
Patch0049: 0049-tests-Add-QOM-property-unit-tests.patch
Patch0050: 0050-tests-Add-scsi-disk-test.patch
Patch0051: 0051-virtio-gpu-fix-information-leak-in-.patch
Patch0052: 0052-display-cirrus-ignore-source-pitch-.patch
Patch0053: 0053-s390x-kvm-fix-small-race-reboot-vs..patch
Patch0054: 0054-target-s390x-use-qemu-cpu-model-in-.patch
Patch0055: 0055-linux-user-exclude-cpu-model-code-w.patch
Patch0056: 0056-tests-check-path-to-avoid-a-failing.patch
Patch0057: 0057-display-virtio-gpu-3d-check-virgl-c.patch
Patch0058: 0058-watchdog-6300esb-add-exit-function.patch
Patch0059: 0059-virtio-gpu-3d-fix-memory-leak-in-re.patch
Patch0060: 0060-virtio-gpu-fix-memory-leak-in-resou.patch
Patch0061: 0061-virtio-fix-vq-inuse-recalc-after-mi.patch
Patch0062: 0062-audio-es1370-add-exit-function.patch
Patch0063: 0063-audio-ac97-add-exit-function.patch
Patch0064: 0064-megasas-fix-guest-triggered-memory-.patch
Patch0065: 0065-cirrus-handle-negative-pitch-in-cir.patch
Patch0066: 0066-cirrus-fix-blit-address-mask-handli.patch
Patch0067: 0067-cirrus-fix-oob-access-issue-CVE-201.patch
Patch0068: 0068-usb-ccid-check-ccid-apdu-length.patch
Patch0069: 0069-sd-sdhci-check-data-length-during-d.patch
Patch0070: 0070-virtio-gpu-fix-resource-leak-in-vir.patch
Patch0071: 0071-cirrus-fix-patterncopy-checks.patch
Patch0072: 0072-cirrus-add-blit_is_unsafe-call-to-c.patch
Patch0024: 0024-configure-Enable-PIE-for-ppc-and-pp.patch
Patch0025: 0025-AIO-Reduce-number-of-threads-for-32.patch
Patch0026: 0026-dictzip-Fix-on-big-endian-systems.patch
Patch0027: 0027-xen_disk-Add-suse-specific-flush-di.patch
Patch0028: 0028-qemu-bridge-helper-reduce-security-.patch
Patch0029: 0029-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
Patch0030: 0030-configure-Fix-detection-of-seccomp-.patch
Patch0031: 0031-linux-user-properly-test-for-infini.patch
Patch0032: 0032-linux-user-remove-all-traces-of-qem.patch
Patch0033: 0033-roms-Makefile-pass-a-packaging-time.patch
Patch0034: 0034-Raise-soft-address-space-limit-to-h.patch
Patch0035: 0035-increase-x86_64-physical-bits-to-42.patch
Patch0036: 0036-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
Patch0037: 0037-i8254-Fix-migration-from-SLE11-SP2.patch
Patch0038: 0038-acpi_piix4-Fix-migration-from-SLE11.patch
Patch0039: 0039-Fix-tigervnc-long-press-issue.patch
Patch0040: 0040-fix-xen-hvm-direct-kernel-boot.patch
Patch0041: 0041-ARM-KVM-Enable-in-kernel-timers-wit.patch
Patch0042: 0042-string-input-visitor-Fix-uint64-par.patch
Patch0043: 0043-test-string-input-visitor-Add-int-t.patch
Patch0044: 0044-test-string-input-visitor-Add-uint6.patch
Patch0045: 0045-tests-Add-QOM-property-unit-tests.patch
Patch0046: 0046-tests-Add-scsi-disk-test.patch
Patch0047: 0047-hw-intc-arm_gicv3_kvm-Check-KVM_DEV.patch
# Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue.
%if %{build_x86_fw_from_source}
# SeaBIOS / SeaVGABIOS
# PATCH-FIX-OPENSUSE seabios_128kb.patch brogers@suse.com -- make it fit
Patch1000: seabios_128kb.patch
# SeaBIOS / SeaVGABIOS (Currently no patches)
# ipxe
# PATCH-FIX-OPENSUSE ipxe-stable-buildid.patch brogers@suse.com -- reproducible builds
@ -343,9 +316,7 @@ BuildRequires: systemd
%if %{kvm_available}
BuildRequires: pkgconfig(udev)
%endif
%if 0%{?sles_version} != 11
BuildRequires: usbredir-devel
%endif
%if 0%{?suse_version} >= 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
BuildRequires: virglrenderer-devel >= 0.4.1
%endif
@ -711,7 +682,7 @@ This sub-package contains the guest agent.
%package seabios
Summary: X86 BIOS for QEMU
Group: System/Emulators/PC
Version: 1.10.1
Version: 1.10.2
Release: 0
%if 0%{?suse_version} > %{noarch_supported}
BuildArch: noarch
@ -725,7 +696,7 @@ is the default BIOS for QEMU.
%package vgabios
Summary: VGA BIOSes for QEMU
Group: System/Emulators/PC
Version: 1.10.1
Version: 1.10.2
Release: 0
%if 0%{?suse_version} > %{noarch_supported}
BuildArch: noarch
@ -782,7 +753,7 @@ This package provides a service file for starting and stopping KSM.
%endif # !qemu-testsuite
%prep
%setup -q -n qemu-2.8.0
%setup -q -n qemu-2.9.0-rc2
%patch0001 -p1
%patch0002 -p1
%patch0003 -p1
@ -830,36 +801,8 @@ This package provides a service file for starting and stopping KSM.
%patch0045 -p1
%patch0046 -p1
%patch0047 -p1
%patch0048 -p1
%patch0049 -p1
%patch0050 -p1
%patch0051 -p1
%patch0052 -p1
%patch0053 -p1
%patch0054 -p1
%patch0055 -p1
%patch0056 -p1
%patch0057 -p1
%patch0058 -p1
%patch0059 -p1
%patch0060 -p1
%patch0061 -p1
%patch0062 -p1
%patch0063 -p1
%patch0064 -p1
%patch0065 -p1
%patch0066 -p1
%patch0067 -p1
%patch0068 -p1
%patch0069 -p1
%patch0070 -p1
%patch0071 -p1
%patch0072 -p1
%if %{build_x86_fw_from_source}
pushd roms/seabios
%patch1000 -p1
popd
pushd roms/ipxe
%patch1100 -p1
%patch1101 -p1
@ -899,7 +842,6 @@ echo '%{version}' > roms/seabios/.version
--enable-pie \
--enable-docs \
--audio-drv-list="pa alsa sdl oss" \
--disable-archipelago \
--enable-attr \
--enable-bluez \
%if 0%{?suse_version} >= 1130
@ -909,7 +851,6 @@ echo '%{version}' > roms/seabios/.version
%endif
--enable-bzip2 \
--enable-cap-ng \
--disable-colo \
--enable-coroutine-pool \
--enable-curl \
--enable-curses \
@ -931,6 +872,7 @@ echo '%{version}' > roms/seabios/.version
%else
--with-gtkabi=2.0 \
%endif
--disable-hax \
--disable-jemalloc \
%if %{kvm_available}
--enable-kvm \
@ -982,7 +924,7 @@ echo '%{version}' > roms/seabios/.version
%else
--disable-rdma \
%endif
--disable-replication \
--enable-replication \
--enable-sdl \
%if 0%{?suse_version} >= 1320
--with-sdlabi=2.0 \
@ -1011,11 +953,7 @@ echo '%{version}' > roms/seabios/.version
%endif
--disable-tcmalloc \
--enable-tpm \
%if 0%{?sles_version} == 11
--disable-usb-redir \
%else
--enable-usb-redir \
%endif
--enable-vde \
--enable-vhost-net \
%if 0%{?suse_version} >= 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
@ -1317,6 +1255,8 @@ fi
%if "%{name}" != "qemu-testsuite"
%doc COPYING COPYING.LIB Changelog README VERSION qemu-doc.html
%doc %_mandir/man1/qemu.1.gz
%doc %_mandir/man7/qemu-qmp-ref.7.gz
%doc %_mandir/man7/qemu-ga-ref.7.gz
%dir %_datadir/%name
%_datadir/%name/keymaps
%_datadir/%name/trace-events-all
@ -1404,7 +1344,8 @@ fi
%_bindir/qemu-system-mips64
%_bindir/qemu-system-mips64el
%_bindir/qemu-system-moxie
%_bindir/qemu-system-or32
%_bindir/qemu-system-nios2
%_bindir/qemu-system-or1k
%_bindir/qemu-system-sh4
%_bindir/qemu-system-sh4eb
%_bindir/qemu-system-sparc

View File

@ -1,3 +1,105 @@
-------------------------------------------------------------------
Tue Mar 28 22:12:52 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc2: See http://wiki.qemu-project.org/ChangeLog/2.9
* Includes fix for in guest privilege escalation when using TCG
(bsc#1030624)
* Patches dropped (equivalent included in upstream source archive):
0047-linux-user-exclude-cpu-model-code-w.patch
- Fix failure booting SLE12-SP2 Aarch64 guest (bsc#1031384)
0047-hw-intc-arm_gicv3_kvm-Check-KVM_DEV.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Tue Mar 21 20:53:47 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc1: See http://wiki.qemu-project.org/ChangeLog/2.9
* Patches dropped (no longer needed based on what we now build for):
0024-virtfs-proxy-helper-Provide-__u64-f.patch
* Patches dropped (included in upstream source archive):
0034-dma-rc4030-limit-interval-timer-rel.patch
* Patches renamed:
0024-configure-Enable-PIE-for-ppc-and-pp.patch -> 0023-configure-Enable-PIE-for-ppc-and-pp.patch
0025-AIO-Reduce-number-of-threads-for-32.patch -> 0024-AIO-Reduce-number-of-threads-for-32.patch
0026-dictzip-Fix-on-big-endian-systems.patch -> 0025-dictzip-Fix-on-big-endian-systems.patch
0027-xen_disk-Add-suse-specific-flush-di.patch -> 0026-xen_disk-Add-suse-specific-flush-di.patch
0028-qemu-bridge-helper-reduce-security-.patch -> 0027-qemu-bridge-helper-reduce-security-.patch
0029-qemu-binfmt-conf-use-qemu-ARCH-binf.patch -> 0028-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
0030-configure-Fix-detection-of-seccomp-.patch -> 0029-configure-Fix-detection-of-seccomp-.patch
0031-linux-user-properly-test-for-infini.patch -> 0030-linux-user-properly-test-for-infini.patch
0032-linux-user-remove-all-traces-of-qem.patch -> 0031-linux-user-remove-all-traces-of-qem.patch
0033-roms-Makefile-pass-a-packaging-time.patch -> 0032-roms-Makefile-pass-a-packaging-time.patch
0035-roms-Makefile-pass-a-packaging-time.patch -> 0033-roms-Makefile-pass-a-packaging-time.patch
0036-Raise-soft-address-space-limit-to-h.patch -> 0034-Raise-soft-address-space-limit-to-h.patch
0037-increase-x86_64-physical-bits-to-42.patch -> 0035-increase-x86_64-physical-bits-to-42.patch
0038-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch -> 0036-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
0039-i8254-Fix-migration-from-SLE11-SP2.patch -> 0037-i8254-Fix-migration-from-SLE11-SP2.patch
0040-acpi_piix4-Fix-migration-from-SLE11.patch -> 0038-acpi_piix4-Fix-migration-from-SLE11.patch
0041-Fix-tigervnc-long-press-issue.patch -> 0039-Fix-tigervnc-long-press-issue.patch
0042-fix-xen-hvm-direct-kernel-boot.patch -> 0040-fix-xen-hvm-direct-kernel-boot.patch
0043-ARM-KVM-Enable-in-kernel-timers-wit.patch -> 0041-ARM-KVM-Enable-in-kernel-timers-wit.patch
0044-string-input-visitor-Fix-uint64-par.patch -> 0042-string-input-visitor-Fix-uint64-par.patch
0045-test-string-input-visitor-Add-int-t.patch -> 0043-test-string-input-visitor-Add-int-t.patch
0046-test-string-input-visitor-Add-uint6.patch -> 0044-test-string-input-visitor-Add-uint6.patch
0047-tests-Add-QOM-property-unit-tests.patch -> 0045-tests-Add-QOM-property-unit-tests.patch
0048-tests-Add-scsi-disk-test.patch -> 0046-tests-Add-scsi-disk-test.patch
0049-linux-user-exclude-cpu-model-code-w.patch -> 0047-linux-user-exclude-cpu-model-code-w.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Mon Mar 20 22:02:08 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc0: See http://wiki.qemu-project.org/ChangeLog/2.9
* Updated version carries fixes for the following reported issues:
CVE-2016-9602 bsc#1020427, CVE-2016-9923 bsc#1014703,
CVE-2017-2630 bsc#1025396, CVE-2017-2633 bsc#1026612,
CVE-2017-5579 bsc#1021741, CVE-2017-5931 bsc#1024114,
CVE-2017-5973 bsc#1025109, CVE-2017-5987 bsc#1025311,
CVE-2017-6058 bsc#1025837, CVE-2017-6505 bsc#1028184
* Patches dropped:
seabios_128kb.patch (no longer required)
* Patches dropped (included in upstream source archive):
0035-net-imx-limit-buffer-descriptor-cou.patch
0045-virtio-gpu-call-cleanup-mapping-fun.patch
0051-virtio-gpu-fix-information-leak-in-.patch
0052-display-cirrus-ignore-source-pitch-.patch
0053-s390x-kvm-fix-small-race-reboot-vs..patch
0054-target-s390x-use-qemu-cpu-model-in-.patch
0056-tests-check-path-to-avoid-a-failing.patch
0057-display-virtio-gpu-3d-check-virgl-c.patch
0058-watchdog-6300esb-add-exit-function.patch
0059-virtio-gpu-3d-fix-memory-leak-in-re.patch
0060-virtio-gpu-fix-memory-leak-in-resou.patch
0061-virtio-fix-vq-inuse-recalc-after-mi.patch
0062-audio-es1370-add-exit-function.patch
0063-audio-ac97-add-exit-function.patch
0064-megasas-fix-guest-triggered-memory-.patch
0065-cirrus-handle-negative-pitch-in-cir.patch
0066-cirrus-fix-blit-address-mask-handli.patch
0067-cirrus-fix-oob-access-issue-CVE-201.patch
0068-usb-ccid-check-ccid-apdu-length.patch
0069-sd-sdhci-check-data-length-during-d.patch
0070-virtio-gpu-fix-resource-leak-in-vir.patch
0071-cirrus-fix-patterncopy-checks.patch
0072-cirrus-add-blit_is_unsafe-call-to-c.patch
* Patches renamed:
0036-roms-Makefile-pass-a-packaging-time.patch -> 0035-roms-Makefile-pass-a-packaging-time.patch
0037-Raise-soft-address-space-limit-to-h.patch -> 0036-Raise-soft-address-space-limit-to-h.patch
0038-increase-x86_64-physical-bits-to-42.patch -> 0037-increase-x86_64-physical-bits-to-42.patch
0039-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch -> 0038-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
0040-i8254-Fix-migration-from-SLE11-SP2.patch -> 0039-i8254-Fix-migration-from-SLE11-SP2.patch
0041-acpi_piix4-Fix-migration-from-SLE11.patch -> 0040-acpi_piix4-Fix-migration-from-SLE11.patch
0042-Fix-tigervnc-long-press-issue.patch -> 0041-Fix-tigervnc-long-press-issue.patch
0043-fix-xen-hvm-direct-kernel-boot.patch -> 0042-fix-xen-hvm-direct-kernel-boot.patch
0044-ARM-KVM-Enable-in-kernel-timers-wit.patch -> 0043-ARM-KVM-Enable-in-kernel-timers-wit.patch
0046-string-input-visitor-Fix-uint64-par.patch -> 0044-string-input-visitor-Fix-uint64-par.patch
0047-test-string-input-visitor-Add-int-t.patch -> 0045-test-string-input-visitor-Add-int-t.patch
0048-test-string-input-visitor-Add-uint6.patch -> 0046-test-string-input-visitor-Add-uint6.patch
0049-tests-Add-QOM-property-unit-tests.patch -> 0047-tests-Add-QOM-property-unit-tests.patch
0050-tests-Add-scsi-disk-test.patch -> 0048-tests-Add-scsi-disk-test.patch
0055-linux-user-exclude-cpu-model-code-w.patch -> 0049-linux-user-exclude-cpu-model-code-w.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Wed Mar 1 12:26:56 UTC 2017 - brogers@suse.com

133
qemu.spec
View File

@ -91,10 +91,10 @@ Url: http://www.qemu.org/
Summary: Universal CPU emulator
License: BSD-3-Clause and GPL-2.0 and GPL-2.0+ and LGPL-2.1+ and MIT
Group: System/Emulators/PC
Version: 2.8.0
Version: 2.8.92
Release: 0
Source: http://wiki.qemu.org/download/qemu-2.8.0.tar.bz2
Source99: http://wiki.qemu.org/download/qemu-2.8.0.tar.bz2.sig
Source: http://wiki.qemu.org/download/qemu-2.9.0-rc2.tar.xz
Source99: http://wiki.qemu.org/download/qemu-2.9.0-rc2.tar.xz.sig
Source1: 80-kvm.rules
Source2: qemu-ifup
Source3: kvm_stat
@ -135,62 +135,35 @@ Patch0020: 0020-Legacy-Patch-kvm-qemu-preXX-dictzip.patch
Patch0021: 0021-console-add-question-mark-escape-op.patch
Patch0022: 0022-Make-char-muxer-more-robust-wrt-sma.patch
Patch0023: 0023-linux-user-lseek-explicitly-cast-no.patch
Patch0024: 0024-virtfs-proxy-helper-Provide-__u64-f.patch
Patch0025: 0025-configure-Enable-PIE-for-ppc-and-pp.patch
Patch0026: 0026-AIO-Reduce-number-of-threads-for-32.patch
Patch0027: 0027-dictzip-Fix-on-big-endian-systems.patch
Patch0028: 0028-xen_disk-Add-suse-specific-flush-di.patch
Patch0029: 0029-qemu-bridge-helper-reduce-security-.patch
Patch0030: 0030-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
Patch0031: 0031-configure-Fix-detection-of-seccomp-.patch
Patch0032: 0032-linux-user-properly-test-for-infini.patch
Patch0033: 0033-linux-user-remove-all-traces-of-qem.patch
Patch0034: 0034-dma-rc4030-limit-interval-timer-rel.patch
Patch0035: 0035-net-imx-limit-buffer-descriptor-cou.patch
Patch0036: 0036-roms-Makefile-pass-a-packaging-time.patch
Patch0037: 0037-Raise-soft-address-space-limit-to-h.patch
Patch0038: 0038-increase-x86_64-physical-bits-to-42.patch
Patch0039: 0039-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
Patch0040: 0040-i8254-Fix-migration-from-SLE11-SP2.patch
Patch0041: 0041-acpi_piix4-Fix-migration-from-SLE11.patch
Patch0042: 0042-Fix-tigervnc-long-press-issue.patch
Patch0043: 0043-fix-xen-hvm-direct-kernel-boot.patch
Patch0044: 0044-ARM-KVM-Enable-in-kernel-timers-wit.patch
Patch0045: 0045-virtio-gpu-call-cleanup-mapping-fun.patch
Patch0046: 0046-string-input-visitor-Fix-uint64-par.patch
Patch0047: 0047-test-string-input-visitor-Add-int-t.patch
Patch0048: 0048-test-string-input-visitor-Add-uint6.patch
Patch0049: 0049-tests-Add-QOM-property-unit-tests.patch
Patch0050: 0050-tests-Add-scsi-disk-test.patch
Patch0051: 0051-virtio-gpu-fix-information-leak-in-.patch
Patch0052: 0052-display-cirrus-ignore-source-pitch-.patch
Patch0053: 0053-s390x-kvm-fix-small-race-reboot-vs..patch
Patch0054: 0054-target-s390x-use-qemu-cpu-model-in-.patch
Patch0055: 0055-linux-user-exclude-cpu-model-code-w.patch
Patch0056: 0056-tests-check-path-to-avoid-a-failing.patch
Patch0057: 0057-display-virtio-gpu-3d-check-virgl-c.patch
Patch0058: 0058-watchdog-6300esb-add-exit-function.patch
Patch0059: 0059-virtio-gpu-3d-fix-memory-leak-in-re.patch
Patch0060: 0060-virtio-gpu-fix-memory-leak-in-resou.patch
Patch0061: 0061-virtio-fix-vq-inuse-recalc-after-mi.patch
Patch0062: 0062-audio-es1370-add-exit-function.patch
Patch0063: 0063-audio-ac97-add-exit-function.patch
Patch0064: 0064-megasas-fix-guest-triggered-memory-.patch
Patch0065: 0065-cirrus-handle-negative-pitch-in-cir.patch
Patch0066: 0066-cirrus-fix-blit-address-mask-handli.patch
Patch0067: 0067-cirrus-fix-oob-access-issue-CVE-201.patch
Patch0068: 0068-usb-ccid-check-ccid-apdu-length.patch
Patch0069: 0069-sd-sdhci-check-data-length-during-d.patch
Patch0070: 0070-virtio-gpu-fix-resource-leak-in-vir.patch
Patch0071: 0071-cirrus-fix-patterncopy-checks.patch
Patch0072: 0072-cirrus-add-blit_is_unsafe-call-to-c.patch
Patch0024: 0024-configure-Enable-PIE-for-ppc-and-pp.patch
Patch0025: 0025-AIO-Reduce-number-of-threads-for-32.patch
Patch0026: 0026-dictzip-Fix-on-big-endian-systems.patch
Patch0027: 0027-xen_disk-Add-suse-specific-flush-di.patch
Patch0028: 0028-qemu-bridge-helper-reduce-security-.patch
Patch0029: 0029-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
Patch0030: 0030-configure-Fix-detection-of-seccomp-.patch
Patch0031: 0031-linux-user-properly-test-for-infini.patch
Patch0032: 0032-linux-user-remove-all-traces-of-qem.patch
Patch0033: 0033-roms-Makefile-pass-a-packaging-time.patch
Patch0034: 0034-Raise-soft-address-space-limit-to-h.patch
Patch0035: 0035-increase-x86_64-physical-bits-to-42.patch
Patch0036: 0036-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
Patch0037: 0037-i8254-Fix-migration-from-SLE11-SP2.patch
Patch0038: 0038-acpi_piix4-Fix-migration-from-SLE11.patch
Patch0039: 0039-Fix-tigervnc-long-press-issue.patch
Patch0040: 0040-fix-xen-hvm-direct-kernel-boot.patch
Patch0041: 0041-ARM-KVM-Enable-in-kernel-timers-wit.patch
Patch0042: 0042-string-input-visitor-Fix-uint64-par.patch
Patch0043: 0043-test-string-input-visitor-Add-int-t.patch
Patch0044: 0044-test-string-input-visitor-Add-uint6.patch
Patch0045: 0045-tests-Add-QOM-property-unit-tests.patch
Patch0046: 0046-tests-Add-scsi-disk-test.patch
Patch0047: 0047-hw-intc-arm_gicv3_kvm-Check-KVM_DEV.patch
# Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue.
%if %{build_x86_fw_from_source}
# SeaBIOS / SeaVGABIOS
# PATCH-FIX-OPENSUSE seabios_128kb.patch brogers@suse.com -- make it fit
Patch1000: seabios_128kb.patch
# SeaBIOS / SeaVGABIOS (Currently no patches)
# ipxe
# PATCH-FIX-OPENSUSE ipxe-stable-buildid.patch brogers@suse.com -- reproducible builds
@ -343,9 +316,7 @@ BuildRequires: systemd
%if %{kvm_available}
BuildRequires: pkgconfig(udev)
%endif
%if 0%{?sles_version} != 11
BuildRequires: usbredir-devel
%endif
%if 0%{?suse_version} >= 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
BuildRequires: virglrenderer-devel >= 0.4.1
%endif
@ -711,7 +682,7 @@ This sub-package contains the guest agent.
%package seabios
Summary: X86 BIOS for QEMU
Group: System/Emulators/PC
Version: 1.10.1
Version: 1.10.2
Release: 0
%if 0%{?suse_version} > %{noarch_supported}
BuildArch: noarch
@ -725,7 +696,7 @@ is the default BIOS for QEMU.
%package vgabios
Summary: VGA BIOSes for QEMU
Group: System/Emulators/PC
Version: 1.10.1
Version: 1.10.2
Release: 0
%if 0%{?suse_version} > %{noarch_supported}
BuildArch: noarch
@ -782,7 +753,7 @@ This package provides a service file for starting and stopping KSM.
%endif # !qemu-testsuite
%prep
%setup -q -n qemu-2.8.0
%setup -q -n qemu-2.9.0-rc2
%patch0001 -p1
%patch0002 -p1
%patch0003 -p1
@ -830,36 +801,8 @@ This package provides a service file for starting and stopping KSM.
%patch0045 -p1
%patch0046 -p1
%patch0047 -p1
%patch0048 -p1
%patch0049 -p1
%patch0050 -p1
%patch0051 -p1
%patch0052 -p1
%patch0053 -p1
%patch0054 -p1
%patch0055 -p1
%patch0056 -p1
%patch0057 -p1
%patch0058 -p1
%patch0059 -p1
%patch0060 -p1
%patch0061 -p1
%patch0062 -p1
%patch0063 -p1
%patch0064 -p1
%patch0065 -p1
%patch0066 -p1
%patch0067 -p1
%patch0068 -p1
%patch0069 -p1
%patch0070 -p1
%patch0071 -p1
%patch0072 -p1
%if %{build_x86_fw_from_source}
pushd roms/seabios
%patch1000 -p1
popd
pushd roms/ipxe
%patch1100 -p1
%patch1101 -p1
@ -899,7 +842,6 @@ echo '%{version}' > roms/seabios/.version
--enable-pie \
--enable-docs \
--audio-drv-list="pa alsa sdl oss" \
--disable-archipelago \
--enable-attr \
--enable-bluez \
%if 0%{?suse_version} >= 1130
@ -909,7 +851,6 @@ echo '%{version}' > roms/seabios/.version
%endif
--enable-bzip2 \
--enable-cap-ng \
--disable-colo \
--enable-coroutine-pool \
--enable-curl \
--enable-curses \
@ -931,6 +872,7 @@ echo '%{version}' > roms/seabios/.version
%else
--with-gtkabi=2.0 \
%endif
--disable-hax \
--disable-jemalloc \
%if %{kvm_available}
--enable-kvm \
@ -982,7 +924,7 @@ echo '%{version}' > roms/seabios/.version
%else
--disable-rdma \
%endif
--disable-replication \
--enable-replication \
--enable-sdl \
%if 0%{?suse_version} >= 1320
--with-sdlabi=2.0 \
@ -1011,11 +953,7 @@ echo '%{version}' > roms/seabios/.version
%endif
--disable-tcmalloc \
--enable-tpm \
%if 0%{?sles_version} == 11
--disable-usb-redir \
%else
--enable-usb-redir \
%endif
--enable-vde \
--enable-vhost-net \
%if 0%{?suse_version} >= 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
@ -1317,6 +1255,8 @@ fi
%if "%{name}" != "qemu-testsuite"
%doc COPYING COPYING.LIB Changelog README VERSION qemu-doc.html
%doc %_mandir/man1/qemu.1.gz
%doc %_mandir/man7/qemu-qmp-ref.7.gz
%doc %_mandir/man7/qemu-ga-ref.7.gz
%dir %_datadir/%name
%_datadir/%name/keymaps
%_datadir/%name/trace-events-all
@ -1404,7 +1344,8 @@ fi
%_bindir/qemu-system-mips64
%_bindir/qemu-system-mips64el
%_bindir/qemu-system-moxie
%_bindir/qemu-system-or32
%_bindir/qemu-system-nios2
%_bindir/qemu-system-or1k
%_bindir/qemu-system-sh4
%_bindir/qemu-system-sh4eb
%_bindir/qemu-system-sparc

View File

@ -92,8 +92,8 @@ License: BSD-3-Clause and GPL-2.0 and GPL-2.0+ and LGPL-2.1+ and MIT
Group: System/Emulators/PC
QEMU_VERSION
Release: 0
Source: http://wiki.qemu.org/download/qemu-2.8.0.tar.bz2
Source99: http://wiki.qemu.org/download/qemu-2.8.0.tar.bz2.sig
Source: http://wiki.qemu.org/download/qemu-2.9.0-rc2.tar.xz
Source99: http://wiki.qemu.org/download/qemu-2.9.0-rc2.tar.xz.sig
Source1: 80-kvm.rules
Source2: qemu-ifup
Source3: kvm_stat
@ -116,9 +116,7 @@ PATCH_FILES
# Run update_git.sh to regenerate this queue.
%if %{build_x86_fw_from_source}
# SeaBIOS / SeaVGABIOS
# PATCH-FIX-OPENSUSE seabios_128kb.patch brogers@suse.com -- make it fit
Patch1000: seabios_128kb.patch
# SeaBIOS / SeaVGABIOS (Currently no patches)
# ipxe
# PATCH-FIX-OPENSUSE ipxe-stable-buildid.patch brogers@suse.com -- reproducible builds
@ -271,9 +269,7 @@ BuildRequires: systemd
%if %{kvm_available}
BuildRequires: pkgconfig(udev)
%endif
%if 0%{?sles_version} != 11
BuildRequires: usbredir-devel
%endif
%if 0%{?suse_version} >= 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
BuildRequires: virglrenderer-devel >= 0.4.1
%endif
@ -710,13 +706,10 @@ This package provides a service file for starting and stopping KSM.
%endif # !qemu-testsuite
%prep
%setup -q -n qemu-2.8.0
%setup -q -n qemu-2.9.0-rc2
PATCH_EXEC
%if %{build_x86_fw_from_source}
pushd roms/seabios
%patch1000 -p1
popd
pushd roms/ipxe
%patch1100 -p1
%patch1101 -p1
@ -756,7 +749,6 @@ echo '%{version}' > roms/seabios/.version
--enable-pie \
--enable-docs \
--audio-drv-list="pa alsa sdl oss" \
--disable-archipelago \
--enable-attr \
--enable-bluez \
%if 0%{?suse_version} >= 1130
@ -766,7 +758,6 @@ echo '%{version}' > roms/seabios/.version
%endif
--enable-bzip2 \
--enable-cap-ng \
--disable-colo \
--enable-coroutine-pool \
--enable-curl \
--enable-curses \
@ -788,6 +779,7 @@ echo '%{version}' > roms/seabios/.version
%else
--with-gtkabi=2.0 \
%endif
--disable-hax \
--disable-jemalloc \
%if %{kvm_available}
--enable-kvm \
@ -839,7 +831,7 @@ echo '%{version}' > roms/seabios/.version
%else
--disable-rdma \
%endif
--disable-replication \
--enable-replication \
--enable-sdl \
%if 0%{?suse_version} >= 1320
--with-sdlabi=2.0 \
@ -868,11 +860,7 @@ echo '%{version}' > roms/seabios/.version
%endif
--disable-tcmalloc \
--enable-tpm \
%if 0%{?sles_version} == 11
--disable-usb-redir \
%else
--enable-usb-redir \
%endif
--enable-vde \
--enable-vhost-net \
%if 0%{?suse_version} >= 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
@ -1174,6 +1162,8 @@ fi
%if "%{name}" != "qemu-testsuite"
%doc COPYING COPYING.LIB Changelog README VERSION qemu-doc.html
%doc %_mandir/man1/qemu.1.gz
%doc %_mandir/man7/qemu-qmp-ref.7.gz
%doc %_mandir/man7/qemu-ga-ref.7.gz
%dir %_datadir/%name
%_datadir/%name/keymaps
%_datadir/%name/trace-events-all
@ -1261,7 +1251,8 @@ fi
%_bindir/qemu-system-mips64
%_bindir/qemu-system-mips64el
%_bindir/qemu-system-moxie
%_bindir/qemu-system-or32
%_bindir/qemu-system-nios2
%_bindir/qemu-system-or1k
%_bindir/qemu-system-sh4
%_bindir/qemu-system-sh4eb
%_bindir/qemu-system-sparc

View File

@ -1,288 +0,0 @@
From 5fff5f1e79d8bc7ef24d1f8ff42c8021215f23a6 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Thu, 19 Mar 2015 16:34:31 -0600
Subject: [PATCH] Eliminate some duplicate string segments to reduce bios image
size
In some build environments, we are running up against the 128K bios
size limit. This change simply takes larger string segments which are
used in printf style messages and uses a single copy, now referenced
with a %s specifier, resulting in the needed space savings.
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
src/boot.c | 20 +++++++++++---------
src/bootsplash.c | 5 +++--
src/fw/paravirt.c | 8 +++++---
src/fw/pciinit.c | 19 ++++++++++---------
src/hw/usb-hub.c | 9 +++++----
src/hw/usb-msc.c | 6 ++++--
6 files changed, 38 insertions(+), 29 deletions(-)
--- a/src/boot.c
+++ b/src/boot.c
@@ -27,6 +27,8 @@
* Boot priority ordering
****************************************************************/
+static const char *no_boot_dev_str = "No bootable device.";
+static const char *boot_str = "Booting from ";
static char **Bootorder VARVERIFY32INIT;
static int BootorderCount;
@@ -596,7 +598,7 @@ bcv_prepboot(void)
static void
call_boot_entry(struct segoff_s bootsegip, u8 bootdrv)
{
- dprintf(1, "Booting from %04x:%04x\n", bootsegip.seg, bootsegip.offset);
+ dprintf(1, "%s%04x:%04x\n", boot_str, bootsegip.seg, bootsegip.offset);
struct bregs br;
memset(&br, 0, sizeof(br));
br.flags = F_IF;
@@ -652,7 +654,7 @@ boot_cdrom(struct drive_s *drive_g)
{
if (! CONFIG_CDROM_BOOT)
return;
- printf("Booting from DVD/CD...\n");
+ printf("%sDVD/CD...\n", boot_str);
int status = cdrom_boot(drive_g);
if (status) {
@@ -678,7 +680,7 @@ boot_cbfs(struct cbfs_file *file)
{
if (!CONFIG_COREBOOT_FLASH)
return;
- printf("Booting from CBFS...\n");
+ printf("%sCBFS...\n", boot_str);
cbfs_run_payload(file);
}
@@ -686,7 +688,7 @@ boot_cbfs(struct cbfs_file *file)
static void
boot_rom(u32 vector)
{
- printf("Booting from ROM...\n");
+ printf("%sROM...\n", boot_str);
struct segoff_s so;
so.segoff = vector;
call_boot_entry(so, 0);
@@ -697,10 +699,10 @@ static void
boot_fail(void)
{
if (BootRetryTime == (u32)-1)
- printf("No bootable device.\n");
+ printf("%s\n", no_boot_dev_str);
else
- printf("No bootable device. Retrying in %d seconds.\n"
- , BootRetryTime/1000);
+ printf("%s Retrying in %d seconds.\n", no_boot_dev_str,
+ BootRetryTime/1000);
// Wait for 'BootRetryTime' milliseconds and then reboot.
u32 end = irqtimer_calc(BootRetryTime);
for (;;) {
@@ -726,11 +728,11 @@ do_boot(int seq_nr)
struct bev_s *ie = &BEV[seq_nr];
switch (ie->type) {
case IPL_TYPE_FLOPPY:
- printf("Booting from Floppy...\n");
+ printf("%sFloppy...\n", boot_str);
boot_disk(0x00, CheckFloppySig);
break;
case IPL_TYPE_HARDDISK:
- printf("Booting from Hard Disk...\n");
+ printf("%sHard Disk...\n", boot_str);
boot_disk(0x80, 1);
break;
case IPL_TYPE_CDROM:
--- a/src/bootsplash.c
+++ b/src/bootsplash.c
@@ -16,6 +16,7 @@
#include "string.h" // memset
#include "util.h" // enable_bootsplash
+static const char *decode_failed_str = "_decode failed with return code ";
/****************************************************************
* Helper functions
@@ -155,7 +156,7 @@ enable_bootsplash(void)
dprintf(5, "Decoding bootsplash.jpg\n");
ret = jpeg_decode(jpeg, filedata);
if (ret) {
- dprintf(1, "jpeg_decode failed with return code %d...\n", ret);
+ dprintf(1, "jpeg%s%d...\n", decode_failed_str, ret);
goto done;
}
jpeg_get_size(jpeg, &width, &height);
@@ -169,7 +170,7 @@ enable_bootsplash(void)
dprintf(5, "Decoding bootsplash.bmp\n");
ret = bmp_decode(bmp, filedata, filesize);
if (ret) {
- dprintf(1, "bmp_decode failed with return code %d...\n", ret);
+ dprintf(1, "bmp%s%d...\n", decode_failed_str, ret);
goto done;
}
bmp_get_size(bmp, &width, &height);
--- a/src/fw/paravirt.c
+++ b/src/fw/paravirt.c
@@ -45,6 +45,8 @@ inline int qemu_cfg_dma_enabled(void)
*/
#define KVM_CPUID_SIGNATURE 0x40000000
+static const char *running_on_qemu_str = "Running on QEMU (";
+
static void kvm_detect(void)
{
unsigned int eax, ebx, ecx, edx;
@@ -82,13 +84,13 @@ static void qemu_detect(void)
PlatformRunningOn |= PF_QEMU;
switch (d) {
case 0x1237:
- dprintf(1, "Running on QEMU (i440fx)\n");
+ dprintf(1, "%si440fx)\n", running_on_qemu_str);
break;
case 0x29c0:
- dprintf(1, "Running on QEMU (q35)\n");
+ dprintf(1, "%sq35)\n", running_on_qemu_str);
break;
default:
- dprintf(1, "Running on QEMU (unknown nb: %04x:%04x)\n", v, d);
+ dprintf(1, "%sunknown nb: %04x:%04x)\n", running_on_qemu_str, v, d);
break;
}
kvm_detect();
--- a/src/fw/pciinit.c
+++ b/src/fw/pciinit.c
@@ -39,6 +39,10 @@ enum pci_region_type {
PCI_REGION_TYPE_COUNT,
};
+static const char *pri_bus_str = "PCI: primary bus = ";
+static const char *sec_bus_str = "PCI: secondary bus = ";
+static const char *sub_bus_str = "PCI: subordinate bus = ";
+
static const char *region_type_name[] = {
[ PCI_REGION_TYPE_IO ] = "io",
[ PCI_REGION_TYPE_MEM ] = "mem",
@@ -522,7 +526,6 @@ static void pci_bios_init_platform(void)
}
}
-
/****************************************************************
* Bus initialization
****************************************************************/
@@ -553,21 +556,20 @@ pci_bios_init_bus_rec(int bus, u8 *pci_b
u8 pribus = pci_config_readb(bdf, PCI_PRIMARY_BUS);
if (pribus != bus) {
- dprintf(1, "PCI: primary bus = 0x%x -> 0x%x\n", pribus, bus);
+ dprintf(1, "%s0x%x -> 0x%x\n", pri_bus_str, pribus, bus);
pci_config_writeb(bdf, PCI_PRIMARY_BUS, bus);
} else {
- dprintf(1, "PCI: primary bus = 0x%x\n", pribus);
+ dprintf(1, "%s0x%x\n", pri_bus_str, pribus);
}
u8 secbus = pci_config_readb(bdf, PCI_SECONDARY_BUS);
(*pci_bus)++;
if (*pci_bus != secbus) {
- dprintf(1, "PCI: secondary bus = 0x%x -> 0x%x\n",
- secbus, *pci_bus);
+ dprintf(1, "%s0x%x -> 0x%x\n", sec_bus_str, secbus, *pci_bus);
secbus = *pci_bus;
pci_config_writeb(bdf, PCI_SECONDARY_BUS, secbus);
} else {
- dprintf(1, "PCI: secondary bus = 0x%x\n", secbus);
+ dprintf(1, "%s0x%x\n", sec_bus_str, secbus);
}
/* set to max for access to all subordinate buses.
@@ -578,11 +580,10 @@ pci_bios_init_bus_rec(int bus, u8 *pci_b
pci_bios_init_bus_rec(secbus, pci_bus);
if (subbus != *pci_bus) {
- dprintf(1, "PCI: subordinate bus = 0x%x -> 0x%x\n",
- subbus, *pci_bus);
+ dprintf(1, "%s0x%x -> 0x%x\n", sub_bus_str, subbus, *pci_bus);
subbus = *pci_bus;
} else {
- dprintf(1, "PCI: subordinate bus = 0x%x\n", subbus);
+ dprintf(1, "%s0x%x\n", sub_bus_str, subbus);
}
pci_config_writeb(bdf, PCI_SUBORDINATE_BUS, subbus);
}
--- a/src/hw/usb-hub.c
+++ b/src/hw/usb-hub.c
@@ -11,6 +11,8 @@
#include "usb-hub.h" // struct usb_hub_descriptor
#include "util.h" // timer_calc
+static const char *port_hub_fail_str = "Failure on hub port ";
+
static int
get_hub_desc(struct usb_pipe *pipe, struct usb_hub_descriptor *desc)
{
@@ -82,7 +84,6 @@ get_port_status(struct usbhub_s *hub, in
mutex_unlock(&hub->lock);
return ret;
}
-
// Check if device attached to port
static int
usb_hub_detect(struct usbhub_s *hub, u32 port)
@@ -90,7 +91,7 @@ usb_hub_detect(struct usbhub_s *hub, u32
struct usb_port_status sts;
int ret = get_port_status(hub, port, &sts);
if (ret) {
- dprintf(1, "Failure on hub port %d detect\n", port);
+ dprintf(1, "%s%d detect\n", port_hub_fail_str, port);
return -1;
}
return (sts.wPortStatus & USB_PORT_STAT_CONNECTION) ? 1 : 0;
@@ -102,7 +103,7 @@ usb_hub_disconnect(struct usbhub_s *hub,
{
int ret = clear_port_feature(hub, port, USB_PORT_FEAT_ENABLE);
if (ret)
- dprintf(1, "Failure on hub port %d disconnect\n", port);
+ dprintf(1, "%s%d disconnect\n", port_hub_fail_str, port);
}
// Reset device on port
@@ -142,7 +143,7 @@ usb_hub_reset(struct usbhub_s *hub, u32
>> USB_PORT_STAT_SPEED_SHIFT);
fail:
- dprintf(1, "Failure on hub port %d reset\n", port);
+ dprintf(1, "%s%d reset\n", port_hub_fail_str, port);
usb_hub_disconnect(hub, port);
return -1;
}
--- a/src/hw/usb-msc.c
+++ b/src/hw/usb-msc.c
@@ -50,6 +50,8 @@ struct csw_s {
u8 bCSWStatus;
} PACKED;
+static const char *cant_config_str = "Unable to configure USB MSC ";
+
static int
usb_msc_send(struct usbdrive_s *udrive_gf, int dir, void *buf, u32 bytes)
{
@@ -160,7 +162,7 @@ usb_msc_lun_setup(struct usb_pipe *inpip
int prio = bootprio_find_usb(usbdev, lun);
int ret = scsi_drive_setup(&drive->drive, "USB MSC", prio);
if (ret) {
- dprintf(1, "Unable to configure USB MSC drive.\n");
+ dprintf(1, "%sdrive.\n", cant_config_str);
free(drive);
return -1;
}
@@ -215,7 +217,7 @@ usb_msc_setup(struct usbdevice_s *usbdev
return 0;
fail:
- dprintf(1, "Unable to configure USB MSC device.\n");
+ dprintf(1, "%sdevice.\n", cant_config_str);
usb_free_pipe(usbdev, inpipe);
usb_free_pipe(usbdev, outpipe);
return -1;

View File

@ -11,12 +11,12 @@ Overview
virtualization features as well. This document was created to assist the user
in deciding which features can be relied upon to build enterprise class
virtualization solutions. KVM based virtualization for x86 (Intel 64/AMD64)
is offered at the L3 (full support) level. KVM on the IBM System z (s390x)
is in technology preview, and KVM for the ARM64 architecture (AArch64) is L3
supported for certain partner-specific use cases. The bulk of this document
deals with L3 supported features and is primarily x86 centric. This document
should be considered a companion to the standard virtualization documentation
delivered with the product.
and for IBM System z (s390x) are offered at the L3 (full support) level,
while KVM for the ARM64 architecture (AArch64) is L3 supported for certain
partner-specific use cases. The bulk of this document deals with L3 supported
features and is primarily ARM64 centric. This document should be considered a
companion to the standard virtualization documentation delivered with the
product.
KVM is implemented in linux kernel modules which enable the linux kernel to
function as an integral part of the KVM hypervisor. The hypervisor-guest
@ -26,15 +26,10 @@ Overview
devices. Linux memory and cpu management features are used by QEMU/KVM to
enable guests to share those host resources as efficiently as possible.
QEMU is a primary component of KVM based virtualization. The legacy qemu-kvm
program is provided for continuity with pre SLES 12 usage, including in
libvirt domain xml references. The QEMU emulator binaries qemu-system-x86_64
and qemu-system-i386 (x86 host), qemu-system-s390x (System z host), and
qemu-system-aarch64 (ARM64 host) are now the primary programs to use to access
KVM virtualization. When using these programs, the -machine option accel=kvm
(or its alias -enable-kvm) must be specified for KVM acceleration to be
used by the guest. Although Xen uses QEMU for virtualization as well, this
document does not identify Xen supported features.
QEMU is a primary component of KVM based virtualization. The QEMU emulator
binary qemu-system-aarch64 is the program to use to access KVM virtualization.
When using this program, the -machine option accel=kvm (or its alias
-enable-kvm) must be specified for KVM acceleration to be used by the guest.
Libvirt is the preferred means of accessing QEMU/KVM functionality and is
documented elsewhere. This document focuses on the features and direct usage
@ -59,26 +54,25 @@ Major QEMU/KVM Supported Features
configurations set via the monitor interfaces and optional config files. The
runtime control of a VM is effected either through the Human Monitor
"Protocol" (HMP), or the JSON based programmatical QEMU Monitor Protocol (QMP)
interface. For QMP details, see /usr/share/doc/packages/qemu/qmp-commands.txt.
interface. For QMP details, see qemu-qmp-ref man page.
Since a KVM guest runs in the context of a normal linux process, some types
of execution controls are managed with linux tools.
- Various standard vCPU types are available, along with the ability to specify
individual CPU features visible to the guest.
- QEMU incorporates a SEABIOS based system BIOS and iPXE based PXE ROMs, which
allow boot options common to physical systems along with other features
tailored to virtualization. Various VGABIOS ROMs, also from the SEABIOS
project, are also included. A UEFI based guest boot environment is also
now possible by using the firmware provided by the qemu-ovmf-x86_64 package.
- QEMU is compatible with EDK based UEFI firmware available with SLES12-SP3,
which allow boot options common to physical systems along with other features
tailored to virtualization. Various VGABIOS ROMs, from the SEABIOS project,
are also available.
- Some QEMU messages have been localized to various languages. This is provided
by the optional qemu-lang package. Keyboard mappings for various nationalities
is also provided.
- Virtual machine lifecycle controls include startup through the system BIOS or
kernel boot, ACPI or legacy based shutdown, execution pausing, the saving and
restoring of machine state or disk state, VM migration to another host, and
- Virtual machine lifecycle controls include startup through the UEFI BIOS or
kernel boot, ACPI based shutdown, execution pausing, the saving and restoring
of machine state or disk state, VM migration to another host, and
miscellaneous controls available through the "monitors" mentioned above.
- Guest execution state may be "moved" in both time (save/restore) and space
@ -86,15 +80,9 @@ Major QEMU/KVM Supported Features
take place either from certain prior SLES versioned hosts to a SLES 12 SP3
or between hosts of the same version. Certain other restrictions also apply.
- Security considerations include secccomp2 based sandboxing, vTPM, privileged
- Security considerations include seccomp2 based sandboxing, privileged
helpers and a security model which allows running guests as a non-root user.
- QEMU/KVM supports a wide range of operating systems within the VMs. See the
online SUSE documentation for supported OS's. Windows guests can optionally be
accelerated with QEMU/KVM provided Hyper-V hypercalls, or with paravirtual
drivers from the SUSE Virtual Machine Driver Pack. Linux includes a number of
paravirtual drivers as well.
- QEMU provides best effort reuse of existing disk images, including those with
systems installed, through geometry probing. Also disk images produced by
other popular virtualization technologies may be imported into QEMU supported
@ -119,11 +107,6 @@ Major QEMU/KVM Supported Features
clocksource, and options for the various guest clocks for how to handle the
timeslicing of the guest's execution on the host.
- Guest OS's interact with virtualized hardware including a choice of either
older or more recent x86 system chipsets, system devices and buses, and a
variety of common storage and networking emulated devices. SMBIOS and ACPI
table details can be customized.
- In addition to the para-virtualized devices already mentioned, other devices
and infrastructure designed to avoid virtualization "problem areas" are
available such as SPICE graphics, vmmouse emulation, tablet style pointer
@ -140,15 +123,9 @@ Major QEMU/KVM Supported Features
QEMU/KVM Technology Previews
----------------------------
- KVM on System z using the qemu-system-s390x system emulator is not yet fully
supported. KVM on ARM64 (AArch64) usage outside of the supported partner
specific use cases is being evaluated and not yet L3 supported.
- Specifying and placing PCI devices on a PCI bridge allows for a greater number
of devices.
- Nested VMX and SVM virtualization is possible.
- All features indicated as not being supported in this document fall under the
Technology Preview definition contained in the main product's release notes.
@ -162,26 +139,12 @@ Noteworthy QEMU/KVM Unsupported Features
- The TCG "acceleration" mode may be helpful for problem isolation, but
otherwise presents insufficient benefit and stability.
- Use of -cpu host is not supported in all host/guest configurations.
- GlusterFS integration is not enabled.
Deprecated, Superseded, Modified and Dropped Features
-----------------------------------------------------
- When no video adapter is specified, the default used is stdvga. This differs
from the default of prior releases which was cirrus. The cirrus adapter was
considered too outdated to continue to use as the default.
- The deprecated windows drivers (win-virtio-drivers.iso) are no longer provided.
The Virtual Machine Driver Pack is the supported way to get virtio drivers for
Windows guests.
- The use of ",boot=on" for virtio disks is no longer needed since the bios used
supports the virtio block interface directly. In fact, its usage may cause
problems, and is now considered deprecated.
- The use of "?" as a parameter to "-cpu", "-soundhw", "-device", "-M",
"-machine", "-d", and "-clock" is now considered deprecated. Use "help"
instead.
@ -189,8 +152,6 @@ Deprecated, Superseded, Modified and Dropped Features
- The use of "if=scsi" as a parameter to "-drive" does not work anymore with PC
machine types, as it created an obsolete SCSI controller model.
- Passthrough of a host floppy device is now considered deprecated.
- Use of aio=native without direct cache mode also being specified (cache=none,
cache=directsync, or cache.direct=on) is no longer allowed.
@ -203,10 +164,6 @@ Deprecated, Superseded, Modified and Dropped Features
considered deprecated. In the future those names will be standardized to
acpitable, boot, and smp respectively.
- When only a partial SMP topology is provided (ie only some of sockets, cores,
threads) the derived guest ABI is not guaranteed to be equivalent in future
versions.
- These previously supported command line options are now considered deprecated:
-device ivshmem (use ivshmem-doorbell or ivshmem-plain instead)
@ -225,73 +182,17 @@ Deprecated, Superseded, Modified and Dropped Features
- The previously supported blkdev-add QMP command has been flagged as lacking
and could possibly change syntax in the future.
- These previously unsupported command line options are now deprecated:
-no-kvm-irqchip (use -machine kernel_irqchip=off instead)
-no-kvm-pit
-no-kvm-pit-reinjection
-tdf
- The case of specified sockets, cores, and threads not matching the vcpu count
is no longer silently ignored. QEMU now requires that the topology match the
vcpu count.
- These previously unsupported command line options are no longer recognized:
-device ccid-card-passthru
-device cfi.pflash01
-device esp
-device exynos4210-ehci-usb
-device fusbh200-ehci-usb
-device icc-bridge
-device q35-pcihost
-device mch
-device smbus-eeprom
-device SUNW,fdtwo
-device sysbus-ahci
-device sysbus-fdc
-device sysbus-ohci
-device tegra2-ehci-usb
-device testdev (use -device pc-testdev instead)
-device virtio-mmio
-device xln,ps7-usb
-enable-nesting
-kvm-shadow-memory (use -machine kvm_shadow_mem= instead)
-M mac
-nvram
-old-param
-osk
-pcidevice (use -device vfio-pci instead)
-qtest
-semihosting
- These previously supported monitor commands are no longer recognized:
cpu_set
pci_add (use device_add instead)
pci_del (use device_del instead)
- This previously unsupported QMP command is now supported under a new name:
x-input-send-event (use input-send-event instead)
- Due to the lack of migration support (mainly due to ahci interface issues)
and other unstable interface issues, earlier versions of the q35 machine type
are not supported in this release. The current q35 machine type is however now
fully supported.
QEMU Command-Line and Monitor Syntax and Support
------------------------------------------------
- The QEMU program command-line syntax is as follows:
qemu-system-aarch64 [options]
qemu-system-i386 [options] [disk_image]
qemu-system-s390x [options]
qemu-system-x86_64 [options] [disk_image]
Where 'options' are taken from the options listed below, and 'disk_image' is
the file system reference to the the x86 guest's primary IDE based hard disk
image. This image as well as those used with -drive or -cdrom, may be in the
raw (no format), qcow2 or qed storage formats, and may be located in files
within the host filesystem, logical volumes, host physical disks, or network
based storage. Read only media may also be accessed via URL style protocol
specifiers.
Where 'options' are taken from the options listed below.
The images used with -drive or -cdrom, may be in the raw (no format), qcow2
or qed storage formats, and may be located in files within the host
filesystem, logical volumes, host physical disks, or network based storage.
Read only media may also be accessed via URL style protocol specifiers.
Note that as a general rule, as new command line options are added which serve
to replace an older option or interface, you are strongly encouraged to adapt
@ -299,8 +200,8 @@ QEMU Command-Line and Monitor Syntax and Support
better functionality and usability going forward. In some cases existing
problems or even bugs in older interfaces cannot be fixed due to functional
expectations, but are resolved in the newer interface or option.
This advice includes moving to the most recent machine type (eg pc-i440fx-2.8
instead of pc-i440fx-2.6) if possible.
This advice includes moving to the most recent machine type (eg virt-2.9
instead of virt-2.6) if possible. (note: there is no virt-2.9 machine type!)
- The following command line options are supported:
-add-fd ...
@ -313,7 +214,7 @@ QEMU Command-Line and Monitor Syntax and Support
-cdrom ...
-chardev ..
-clock
-cpu ... (all except host)
-cpu host
-ctrl-grab
-d ...
-daemonize
@ -356,12 +257,8 @@ QEMU Command-Line and Monitor Syntax and Support
-kernel ...
-loadvm ...
-m ...
-M [help|?|none|pc|pc-0.12|pc-0.14|pc-0.15|pc-i440fx-1.4|pc-i440fx-1.7|
pc-i440fx-2.0|pc-i440fx-2.3|pc-i440fx-2.6|pc-i440fx-2.8|q35|pc-q35-2.6|
pc-q35-2.8|xenfv|xenpv]
-machine [help|?|none|pc|pc-0.12|pc-0.14|pc-0.15|pc-i440fx-1.4|pc-i440fx-1.7|
pc-i440fx-2.0|pc-i440fx-2.3|pc-440fx-2.6|pc-i440fx-2.8|q35|
pc-q35-2.6|pc-q35-2.8|xenfv|xenpv]
-M [help|?|none|virt|virt-2.6]
-machine [help|?|none|virt|virt-2.6]
-mem-path ...
-mem-prealloc
-mon ...
@ -496,8 +393,11 @@ QEMU Command-Line and Monitor Syntax and Support
add_client
add-fd
balloon
blockdev-add
blockdev-backup
blockdev-change-medium
blockdev-close-tray
blockdev-del
blockdev-mirror
blockdev-open-tray
blockdev-snapshot
@ -623,7 +523,7 @@ QEMU Command-Line and Monitor Syntax and Support
-acpitable ...
-bt ...
-chroot ...
-cpu host
-cpu ... (all except host)
-curses
-device [ipoctal232|i82562|nec-usb-xhci|hda-duplex|hda-output|usb-bot|
lsi53c810a|ich9-usb-uhci2|ich9-usb-uhci6|ich9-usb-uhci5|
@ -664,15 +564,18 @@ QEMU Command-Line and Monitor Syntax and Support
-g ...
-icount ...
-L ...
-M [isapc|pc-0.10|pc-0.11|pc-0.13|pc-1.0|pc-1.1|pc-1.2|pc-1.3|pc-i440fx-1.5|
pc-i440fx-1.6|pc-i440fx-2.1|pc-i440fx-2.2|pc-i440fx-2.4|pc-i440fx-2.5|
pc-i440fx-2.7|pc-q35-1.4|pc-q35-1.5|pc-q35-1.6|pc-q35-1.7|pc-q35-2.0|
pc-q35-2.1|pc-q35-2.2|pc-q35-2.3|pc-q35-2.4|pc-q35-2.5|pc-q35-2.7]
-machine [isapc|pc-0.10|pc-0.11|pc-0.13|pc-1.0|pc-1.1|pc-1.2|pc-1.3|
pc-i440fx-1.5|pc-i440fx-1.6|pc-i440fx-2.1|pc-i440fx-2.2|
pc-i440fx-2.4|pc-i440fx-2.5|pc-i440fx-2.7|pc-q35-1.4|pc-q35-1.5|
pc-q35-1.6|pc-q35-1.7|pc-q35-2.0|pc-q35-2.1|pc-q35-2.2|pc-q35-2.3|
pc-q35-2.4|pc-q35-2.5|pc-q35-2.7]
-M [akita|borzoi|canon-a1100|cheetah|collie|connex|cubieboard|highbank|
imx25-pdk|integratorcp|kzm|lm3s6965evb|lm3s811evb|mainstone|midway|
musicpal|n800|n810|nuri|palmetto-bmc|raspi2|realview-eb|
realview-eb-mpcore|realview-pb-a8|realview-pbx-a9|smdkc210|spitz|sx1|
sx1-v1|terrier|tosa|verdex|versatileab|versatilepb|vexpress-a15|
vexpress-a9|xilinx-zynq-a9|xlnx-ep108|z2]
-machine [akita|borzoi|canon-a1100|cheetah|collie|connex|cubieboard|highbank|
imx25-pdk|integratorcp|kzm|lm3s6965evb|lm3s811evb|mainstone|midway|
musicpal|n800|n810|nuri|palmetto-bmc|raspi2|realview-eb|realview-eb-mpcore|
realview-pb-a8|realview-pbx-a9|smdkc210|spitz|sx1|sx1-v1|terrier|tosa|
verdex|versatileab|versatilepb|vexpress-a15|vexpress-a9|xilinx-zynq-a9|
xlnx-ep108|z2]
-mtdblock file
-net [dump|socket|vde] ...
-netdev [dump|hubport|l2tpv3|socket|vde] ...
@ -732,8 +635,6 @@ QEMU Command-Line and Monitor Syntax and Support
x_colo_lost_heartbeat
- The following QMP commands are unsupported:
blockdev-add
blockdev-backup
block-job-cancel
block-job-complete
block-job-pause
@ -749,7 +650,6 @@ QEMU Command-Line and Monitor Syntax and Support
nbd-server-start
nbd-server-stop
x-blockdev-change
x-blockdev-del
x-blockdev-insert-medium
x-blockdev-remove-medium
x-colo-lost-heartbeat

View File

@ -11,12 +11,12 @@ Overview
virtualization features as well. This document was created to assist the user
in deciding which features can be relied upon to build enterprise class
virtualization solutions. KVM based virtualization for x86 (Intel 64/AMD64)
is offered at the L3 (full support) level. KVM on the IBM System z (s390x)
is in technology preview, and KVM for the ARM64 architecture (AArch64) is L3
supported for certain partner-specific use cases. The bulk of this document
deals with L3 supported features and is primarily x86 centric. This document
should be considered a companion to the standard virtualization documentation
delivered with the product.
and for IBM System z (s390x) are offered at the L3 (full support) level,
while KVM for the ARM64 architecture (AArch64) is L3 supported for certain
partner-specific use cases. The bulk of this document deals with L3 supported
features and is primarily s390x centric. This document should be considered a
companion to the standard virtualization documentation delivered with the
product.
KVM is implemented in linux kernel modules which enable the linux kernel to
function as an integral part of the KVM hypervisor. The hypervisor-guest
@ -28,13 +28,10 @@ Overview
QEMU is a primary component of KVM based virtualization. The legacy qemu-kvm
program is provided for continuity with pre SLES 12 usage, including in
libvirt domain xml references. The QEMU emulator binaries qemu-system-x86_64
and qemu-system-i386 (x86 host), qemu-system-s390x (System z host), and
qemu-system-aarch64 (ARM64 host) are now the primary programs to use to access
KVM virtualization. When using these programs, the -machine option accel=kvm
(or its alias -enable-kvm) must be specified for KVM acceleration to be
used by the guest. Although Xen uses QEMU for virtualization as well, this
document does not identify Xen supported features.
libvirt domain xml references. The QEMU emulator binary qemu-system-s390x is
now the primary programs to use to access KVM virtualization. When using this
programs, the -machine option accel=kvm (or its alias -enable-kvm) must be
specified for KVM acceleration to be used by the guest.
Libvirt is the preferred means of accessing QEMU/KVM functionality and is
documented elsewhere. This document focuses on the features and direct usage
@ -59,25 +56,23 @@ Major QEMU/KVM Supported Features
configurations set via the monitor interfaces and optional config files. The
runtime control of a VM is effected either through the Human Monitor
"Protocol" (HMP), or the JSON based programmatical QEMU Monitor Protocol (QMP)
interface. For QMP details, see /usr/share/doc/packages/qemu/qmp-commands.txt.
interface. For QMP details, see qemu-qmp-ref man page.
Since a KVM guest runs in the context of a normal linux process, some types
of execution controls are managed with linux tools.
- Various standard vCPU types are available, along with the ability to specify
individual CPU features visible to the guest.
- QEMU incorporates a SEABIOS based system BIOS and iPXE based PXE ROMs, which
allow boot options common to physical systems along with other features
tailored to virtualization. Various VGABIOS ROMs, also from the SEABIOS
project, are also included. A UEFI based guest boot environment is also
now possible by using the firmware provided by the qemu-ovmf-x86_64 package.
- QEMU incorporates virtualized, 390 specific, ccw bus based firmware for
booting s390 guests. This firmware is automatically incorporated and
doesn't need to be explicitly referenced.
- Some QEMU messages have been localized to various languages. This is provided
by the optional qemu-lang package. Keyboard mappings for various nationalities
is also provided.
- Virtual machine lifecycle controls include startup through the system BIOS or
kernel boot, ACPI or legacy based shutdown, execution pausing, the saving and
- Virtual machine lifecycle controls include startup through the ccw firmware or
kernel boot, firmware based shutdown, execution pausing, the saving and
restoring of machine state or disk state, VM migration to another host, and
miscellaneous controls available through the "monitors" mentioned above.
@ -86,15 +81,9 @@ Major QEMU/KVM Supported Features
take place either from certain prior SLES versioned hosts to a SLES 12 SP3
or between hosts of the same version. Certain other restrictions also apply.
- Security considerations include secccomp2 based sandboxing, vTPM, privileged
- Security considerations include seccomp2 based sandboxing, privileged
helpers and a security model which allows running guests as a non-root user.
- QEMU/KVM supports a wide range of operating systems within the VMs. See the
online SUSE documentation for supported OS's. Windows guests can optionally be
accelerated with QEMU/KVM provided Hyper-V hypercalls, or with paravirtual
drivers from the SUSE Virtual Machine Driver Pack. Linux includes a number of
paravirtual drivers as well.
- QEMU provides best effort reuse of existing disk images, including those with
systems installed, through geometry probing. Also disk images produced by
other popular virtualization technologies may be imported into QEMU supported
@ -119,11 +108,6 @@ Major QEMU/KVM Supported Features
clocksource, and options for the various guest clocks for how to handle the
timeslicing of the guest's execution on the host.
- Guest OS's interact with virtualized hardware including a choice of either
older or more recent x86 system chipsets, system devices and buses, and a
variety of common storage and networking emulated devices. SMBIOS and ACPI
table details can be customized.
- In addition to the para-virtualized devices already mentioned, other devices
and infrastructure designed to avoid virtualization "problem areas" are
available such as SPICE graphics, vmmouse emulation, tablet style pointer
@ -140,15 +124,9 @@ Major QEMU/KVM Supported Features
QEMU/KVM Technology Previews
----------------------------
- KVM on System z using the qemu-system-s390x system emulator is not yet fully
supported. KVM on ARM64 (AArch64) usage outside of the supported partner
specific use cases is being evaluated and not yet L3 supported.
- Specifying and placing PCI devices on a PCI bridge allows for a greater number
of devices.
- Nested VMX and SVM virtualization is possible.
- All features indicated as not being supported in this document fall under the
Technology Preview definition contained in the main product's release notes.
@ -162,26 +140,12 @@ Noteworthy QEMU/KVM Unsupported Features
- The TCG "acceleration" mode may be helpful for problem isolation, but
otherwise presents insufficient benefit and stability.
- Use of -cpu host is not supported in all host/guest configurations.
- GlusterFS integration is not enabled.
Deprecated, Superseded, Modified and Dropped Features
-----------------------------------------------------
- When no video adapter is specified, the default used is stdvga. This differs
from the default of prior releases which was cirrus. The cirrus adapter was
considered too outdated to continue to use as the default.
- The deprecated windows drivers (win-virtio-drivers.iso) are no longer provided.
The Virtual Machine Driver Pack is the supported way to get virtio drivers for
Windows guests.
- The use of ",boot=on" for virtio disks is no longer needed since the bios used
supports the virtio block interface directly. In fact, its usage may cause
problems, and is now considered deprecated.
- The use of "?" as a parameter to "-cpu", "-soundhw", "-device", "-M",
"-machine", "-d", and "-clock" is now considered deprecated. Use "help"
instead.
@ -189,8 +153,6 @@ Deprecated, Superseded, Modified and Dropped Features
- The use of "if=scsi" as a parameter to "-drive" does not work anymore with PC
machine types, as it created an obsolete SCSI controller model.
- Passthrough of a host floppy device is now considered deprecated.
- Use of aio=native without direct cache mode also being specified (cache=none,
cache=directsync, or cache.direct=on) is no longer allowed.
@ -203,10 +165,6 @@ Deprecated, Superseded, Modified and Dropped Features
considered deprecated. In the future those names will be standardized to
acpitable, boot, and smp respectively.
- When only a partial SMP topology is provided (ie only some of sockets, cores,
threads) the derived guest ABI is not guaranteed to be equivalent in future
versions.
- These previously supported command line options are now considered deprecated:
-device ivshmem (use ivshmem-doorbell or ivshmem-plain instead)
@ -225,73 +183,17 @@ Deprecated, Superseded, Modified and Dropped Features
- The previously supported blkdev-add QMP command has been flagged as lacking
and could possibly change syntax in the future.
- These previously unsupported command line options are now deprecated:
-no-kvm-irqchip (use -machine kernel_irqchip=off instead)
-no-kvm-pit
-no-kvm-pit-reinjection
-tdf
- The case of specified sockets, cores, and threads not matching the vcpu count
is no longer silently ignored. QEMU now requires that the topology match the
vcpu count.
- These previously unsupported command line options are no longer recognized:
-device ccid-card-passthru
-device cfi.pflash01
-device esp
-device exynos4210-ehci-usb
-device fusbh200-ehci-usb
-device icc-bridge
-device q35-pcihost
-device mch
-device smbus-eeprom
-device SUNW,fdtwo
-device sysbus-ahci
-device sysbus-fdc
-device sysbus-ohci
-device tegra2-ehci-usb
-device testdev (use -device pc-testdev instead)
-device virtio-mmio
-device xln,ps7-usb
-enable-nesting
-kvm-shadow-memory (use -machine kvm_shadow_mem= instead)
-M mac
-nvram
-old-param
-osk
-pcidevice (use -device vfio-pci instead)
-qtest
-semihosting
- These previously supported monitor commands are no longer recognized:
cpu_set
pci_add (use device_add instead)
pci_del (use device_del instead)
- This previously unsupported QMP command is now supported under a new name:
x-input-send-event (use input-send-event instead)
- Due to the lack of migration support (mainly due to ahci interface issues)
and other unstable interface issues, earlier versions of the q35 machine type
are not supported in this release. The current q35 machine type is however now
fully supported.
QEMU Command-Line and Monitor Syntax and Support
------------------------------------------------
- The QEMU program command-line syntax is as follows:
qemu-system-aarch64 [options]
qemu-system-i386 [options] [disk_image]
qemu-system-s390x [options]
qemu-system-x86_64 [options] [disk_image]
Where 'options' are taken from the options listed below, and 'disk_image' is
the file system reference to the the x86 guest's primary IDE based hard disk
image. This image as well as those used with -drive or -cdrom, may be in the
raw (no format), qcow2 or qed storage formats, and may be located in files
within the host filesystem, logical volumes, host physical disks, or network
based storage. Read only media may also be accessed via URL style protocol
specifiers.
Where 'options' are taken from the options listed below.
The images used with -drive or -cdrom, may be in the raw (no format), qcow2
or qed storage formats, and may be located in files within the host
filesystem, logical volumes, host physical disks, or network based storage.
Read only media may also be accessed via URL style protocol specifiers.
Note that as a general rule, as new command line options are added which serve
to replace an older option or interface, you are strongly encouraged to adapt
@ -299,8 +201,8 @@ QEMU Command-Line and Monitor Syntax and Support
better functionality and usability going forward. In some cases existing
problems or even bugs in older interfaces cannot be fixed due to functional
expectations, but are resolved in the newer interface or option.
This advice includes moving to the most recent machine type (eg pc-i440fx-2.8
instead of pc-i440fx-2.6) if possible.
This advice includes moving to the most recent machine type (eg
s390-ccw-virtio-2.9 instead of s390-ccw-virtio-2.6) if possible.
- The following command line options are supported:
-add-fd ...
@ -313,7 +215,7 @@ QEMU Command-Line and Monitor Syntax and Support
-cdrom ...
-chardev ..
-clock
-cpu ... (all except host)
-cpu host
-ctrl-grab
-d ...
-daemonize
@ -356,12 +258,8 @@ QEMU Command-Line and Monitor Syntax and Support
-kernel ...
-loadvm ...
-m ...
-M [help|?|none|pc|pc-0.12|pc-0.14|pc-0.15|pc-i440fx-1.4|pc-i440fx-1.7|
pc-i440fx-2.0|pc-i440fx-2.3|pc-i440fx-2.6|pc-i440fx-2.8|q35|pc-q35-2.6|
pc-q35-2.8|xenfv|xenpv]
-machine [help|?|none|pc|pc-0.12|pc-0.14|pc-0.15|pc-i440fx-1.4|pc-i440fx-1.7|
pc-i440fx-2.0|pc-i440fx-2.3|pc-440fx-2.6|pc-i440fx-2.8|q35|
pc-q35-2.6|pc-q35-2.8|xenfv|xenpv]
-M [help|?|none|s390-ccw-virtio|s390-ccw-virtio-2.6|s390-ccw-virtio-2.9]
-machine [help|?|none|s390-ccw-virtio|s390-ccw-virtio-2.6|s390-ccw-virtio-2.9]
-mem-path ...
-mem-prealloc
-mon ...
@ -496,8 +394,11 @@ QEMU Command-Line and Monitor Syntax and Support
add_client
add-fd
balloon
blockdev-add
blockdev-backup
blockdev-change-medium
blockdev-close-tray
blockdev-del
blockdev-mirror
blockdev-open-tray
blockdev-snapshot
@ -623,7 +524,7 @@ QEMU Command-Line and Monitor Syntax and Support
-acpitable ...
-bt ...
-chroot ...
-cpu host
-cpu ... (all except host)
-curses
-device [ipoctal232|i82562|nec-usb-xhci|hda-duplex|hda-output|usb-bot|
lsi53c810a|ich9-usb-uhci2|ich9-usb-uhci6|ich9-usb-uhci5|
@ -650,7 +551,8 @@ QEMU Command-Line and Monitor Syntax and Support
ipmi-bmc-sim|isa-ipmi-bt|isa-ipmi-kcs|mptsas1068|nvdimm|pxb-host|
sd-card|virtio-gpu-device|kvm-pci-assign|xen-sysdev|or-irq|amd-iommu|
AMDVI-PCI|vhost-vsock-device|vhost-vsock-pci|virtio-crypto-device|
virtio-crypto-pci|qemu,register|vfio-pci-igd-lpc-bridge|*-i386-cpu|\ *-x86_64-cpu]
virtio-crypto-pci|qemu,register|vfio-pci-igd-lpc-bridge|*-i386-cpu|
*-x86_64-cpu]
(the following are aliases of these unsupported devices: lsi|
virtio-input-host|virtio-keyboard|virtio-mouse|virtio-tablet|
virtio-gpu|pci-assign)
@ -663,15 +565,10 @@ QEMU Command-Line and Monitor Syntax and Support
-g ...
-icount ...
-L ...
-M [isapc|pc-0.10|pc-0.11|pc-0.13|pc-1.0|pc-1.1|pc-1.2|pc-1.3|pc-i440fx-1.5|
pc-i440fx-1.6|pc-i440fx-2.1|pc-i440fx-2.2|pc-i440fx-2.4|pc-i440fx-2.5|
pc-i440fx-2.7|pc-q35-1.4|pc-q35-1.5|pc-q35-1.6|pc-q35-1.7|pc-q35-2.0|
pc-q35-2.1|pc-q35-2.2|pc-q35-2.3|pc-q35-2.4|pc-q35-2.5|pc-q35-2.7]
-machine [isapc|pc-0.10|pc-0.11|pc-0.13|pc-1.0|pc-1.1|pc-1.2|pc-1.3|
pc-i440fx-1.5|pc-i440fx-1.6|pc-i440fx-2.1|pc-i440fx-2.2|
pc-i440fx-2.4|pc-i440fx-2.5|pc-i440fx-2.7|pc-q35-1.4|pc-q35-1.5|
pc-q35-1.6|pc-q35-1.7|pc-q35-2.0|pc-q35-2.1|pc-q35-2.2|pc-q35-2.3|
pc-q35-2.4|pc-q35-2.5|pc-q35-2.7]
-M [s390-ccw-virtio-2.4|s390-ccw-virtio-2.5|s390-ccw-virtio-2.7|
s390-ccw-virtio-2.8]
-machine [s390-ccw-virtio-2.4|s390-ccw-virtio-2.5|s390-ccw-virtio-2.7|
s390-ccw-virtio-2.8]
-mtdblock file
-net [dump|socket|vde] ...
-netdev [dump|hubport|l2tpv3|socket|vde] ...
@ -731,8 +628,6 @@ QEMU Command-Line and Monitor Syntax and Support
x_colo_lost_heartbeat
- The following QMP commands are unsupported:
blockdev-add
blockdev-backup
block-job-cancel
block-job-complete
block-job-pause
@ -748,7 +643,6 @@ QEMU Command-Line and Monitor Syntax and Support
nbd-server-start
nbd-server-stop
x-blockdev-change
x-blockdev-del
x-blockdev-insert-medium
x-blockdev-remove-medium
x-colo-lost-heartbeat

View File

@ -11,12 +11,12 @@ Overview
virtualization features as well. This document was created to assist the user
in deciding which features can be relied upon to build enterprise class
virtualization solutions. KVM based virtualization for x86 (Intel 64/AMD64)
is offered at the L3 (full support) level. KVM on the IBM System z (s390x)
is in technology preview, and KVM for the ARM64 architecture (AArch64) is L3
supported for certain partner-specific use cases. The bulk of this document
deals with L3 supported features and is primarily x86 centric. This document
should be considered a companion to the standard virtualization documentation
delivered with the product.
and for IBM System z (s390x) are offered at the L3 (full support) level,
while KVM for the ARM64 architecture (AArch64) is L3 supported for certain
partner-specific use cases. The bulk of this document deals with L3 supported
features and is primarily x86 centric. This document should be considered a
companion to the standard virtualization documentation delivered with the
product.
KVM is implemented in linux kernel modules which enable the linux kernel to
function as an integral part of the KVM hypervisor. The hypervisor-guest
@ -29,8 +29,7 @@ Overview
QEMU is a primary component of KVM based virtualization. The legacy qemu-kvm
program is provided for continuity with pre SLES 12 usage, including in
libvirt domain xml references. The QEMU emulator binaries qemu-system-x86_64
and qemu-system-i386 (x86 host), qemu-system-s390x (System z host), and
qemu-system-aarch64 (ARM64 host) are now the primary programs to use to access
and qemu-system-i386 (x86 host) are now the primary programs to use to access
KVM virtualization. When using these programs, the -machine option accel=kvm
(or its alias -enable-kvm) must be specified for KVM acceleration to be
used by the guest. Although Xen uses QEMU for virtualization as well, this
@ -59,7 +58,7 @@ Major QEMU/KVM Supported Features
configurations set via the monitor interfaces and optional config files. The
runtime control of a VM is effected either through the Human Monitor
"Protocol" (HMP), or the JSON based programmatical QEMU Monitor Protocol (QMP)
interface. For QMP details, see /usr/share/doc/packages/qemu/qmp-commands.txt.
interface. For QMP details, see qemu-qmp-ref man page.
Since a KVM guest runs in the context of a normal linux process, some types
of execution controls are managed with linux tools.
@ -86,7 +85,7 @@ Major QEMU/KVM Supported Features
take place either from certain prior SLES versioned hosts to a SLES 12 SP3
or between hosts of the same version. Certain other restrictions also apply.
- Security considerations include secccomp2 based sandboxing, vTPM, privileged
- Security considerations include seccomp2 based sandboxing, vTPM, privileged
helpers and a security model which allows running guests as a non-root user.
- QEMU/KVM supports a wide range of operating systems within the VMs. See the
@ -140,10 +139,6 @@ Major QEMU/KVM Supported Features
QEMU/KVM Technology Previews
----------------------------
- KVM on System z using the qemu-system-s390x system emulator is not yet fully
supported. KVM on ARM64 (AArch64) usage outside of the supported partner
specific use cases is being evaluated and not yet L3 supported.
- Specifying and placing PCI devices on a PCI bridge allows for a greater number
of devices.
@ -280,9 +275,7 @@ QEMU Command-Line and Monitor Syntax and Support
------------------------------------------------
- The QEMU program command-line syntax is as follows:
qemu-system-aarch64 [options]
qemu-system-i386 [options] [disk_image]
qemu-system-s390x [options]
qemu-system-x86_64 [options] [disk_image]
Where 'options' are taken from the options listed below, and 'disk_image' is
@ -299,7 +292,7 @@ QEMU Command-Line and Monitor Syntax and Support
better functionality and usability going forward. In some cases existing
problems or even bugs in older interfaces cannot be fixed due to functional
expectations, but are resolved in the newer interface or option.
This advice includes moving to the most recent machine type (eg pc-i440fx-2.8
This advice includes moving to the most recent machine type (eg pc-i440fx-2.9
instead of pc-i440fx-2.6) if possible.
- The following command line options are supported:
@ -357,11 +350,11 @@ QEMU Command-Line and Monitor Syntax and Support
-loadvm ...
-m ...
-M [help|?|none|pc|pc-0.12|pc-0.14|pc-0.15|pc-i440fx-1.4|pc-i440fx-1.7|
pc-i440fx-2.0|pc-i440fx-2.3|pc-i440fx-2.6|pc-i440fx-2.8|q35|pc-q35-2.6|
pc-q35-2.8|xenfv|xenpv]
pc-i440fx-2.0|pc-i440fx-2.3|pc-i440fx-2.6|pc-i440fx-2.9|q35|pc-q35-2.6|
pc-q35-2.9|xenfv|xenpv]
-machine [help|?|none|pc|pc-0.12|pc-0.14|pc-0.15|pc-i440fx-1.4|pc-i440fx-1.7|
pc-i440fx-2.0|pc-i440fx-2.3|pc-440fx-2.6|pc-i440fx-2.8|q35|
pc-q35-2.6|pc-q35-2.8|xenfv|xenpv]
pc-i440fx-2.0|pc-i440fx-2.3|pc-440fx-2.6|pc-i440fx-2.9|q35|
pc-q35-2.6|pc-q35-2.9|xenfv|xenpv]
-mem-path ...
-mem-prealloc
-mon ...
@ -496,8 +489,11 @@ QEMU Command-Line and Monitor Syntax and Support
add_client
add-fd
balloon
blockdev-add
blockdev-backup
blockdev-change-medium
blockdev-close-tray
blockdev-del
blockdev-mirror
blockdev-open-tray
blockdev-snapshot
@ -666,13 +662,14 @@ QEMU Command-Line and Monitor Syntax and Support
-L ...
-M [isapc|pc-0.10|pc-0.11|pc-0.13|pc-1.0|pc-1.1|pc-1.2|pc-1.3|pc-i440fx-1.5|
pc-i440fx-1.6|pc-i440fx-2.1|pc-i440fx-2.2|pc-i440fx-2.4|pc-i440fx-2.5|
pc-i440fx-2.7|pc-q35-1.4|pc-q35-1.5|pc-q35-1.6|pc-q35-1.7|pc-q35-2.0|
pc-q35-2.1|pc-q35-2.2|pc-q35-2.3|pc-q35-2.4|pc-q35-2.5|pc-q35-2.7]
pc-i440fx-2.7|pc-1440fx-2.8|pc-q35-1.4|pc-q35-1.5|pc-q35-1.6|pc-q35-1.7|
pc-q35-2.0|pc-q35-2.1|pc-q35-2.2|pc-q35-2.3|pc-q35-2.4|pc-q35-2.5|
pc-q35-2.7|pc-q35-2.8]
-machine [isapc|pc-0.10|pc-0.11|pc-0.13|pc-1.0|pc-1.1|pc-1.2|pc-1.3|
pc-i440fx-1.5|pc-i440fx-1.6|pc-i440fx-2.1|pc-i440fx-2.2|
pc-i440fx-2.4|pc-i440fx-2.5|pc-i440fx-2.7|pc-q35-1.4|pc-q35-1.5|
pc-q35-1.6|pc-q35-1.7|pc-q35-2.0|pc-q35-2.1|pc-q35-2.2|pc-q35-2.3|
pc-q35-2.4|pc-q35-2.5|pc-q35-2.7]
pc-i440fx-2.4|pc-i440fx-2.5|pc-i440fx-2.7|pc-i440fx-2.8|pc-q35-1.4|
pc-q35-1.5|pc-q35-1.6|pc-q35-1.7|pc-q35-2.0|pc-q35-2.1|pc-q35-2.2|
pc-q35-2.3|pc-q35-2.4|pc-q35-2.5|pc-q35-2.7|pc-q35-2.8]
-mtdblock file
-net [dump|socket|vde] ...
-netdev [dump|hubport|l2tpv3|socket|vde] ...
@ -732,8 +729,6 @@ QEMU Command-Line and Monitor Syntax and Support
x_colo_lost_heartbeat
- The following QMP commands are unsupported:
blockdev-add
blockdev-backup
block-job-cancel
block-job-complete
block-job-pause
@ -749,7 +744,6 @@ QEMU Command-Line and Monitor Syntax and Support
nbd-server-start
nbd-server-stop
x-blockdev-change
x-blockdev-del
x-blockdev-insert-medium
x-blockdev-remove-medium
x-colo-lost-heartbeat

View File

@ -13,8 +13,8 @@ set -e
GIT_TREE=git://github.com/openSUSE/qemu.git
GIT_LOCAL_TREE=~/git/qemu-opensuse
GIT_BRANCH=opensuse-2.8
GIT_UPSTREAM_TAG=v2.8.0
GIT_BRANCH=opensuse-2.9
GIT_UPSTREAM_TAG=v2.9.0-rc2
GIT_DIR=/dev/shm/qemu-factory-git-dir
CMP_DIR=/dev/shm/qemu-factory-cmp-dir
@ -107,8 +107,8 @@ rm -rf $GIT_DIR
echo "Version: $QEMU_VERSION"
elif [[ "$line" =~ ^Source: ]]; then
QEMU_TARBALL=qemu-`echo "$line" | cut -d '-' -f 2-`
VERSION_FILE=${QEMU_TARBALL%.tar.bz2}/roms/seabios/.version
SEABIOS_VERSION=`tar jxfO "$QEMU_TARBALL" "$VERSION_FILE"`
VERSION_FILE=${QEMU_TARBALL%.tar.xz}/roms/seabios/.version
SEABIOS_VERSION=`tar JxfO "$QEMU_TARBALL" "$VERSION_FILE"`
SEABIOS_VERSION=`echo $SEABIOS_VERSION | cut -d '-' -f 2`
echo "$line"
elif [ "$line" = "SEABIOS_VERSION" ]; then