pool/qemu
SHA256
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Accepting request 500485 from Virtualization

Browse Source 
Update to v2.9.0, and include latest known security fixes and other improvements.

OBS-URL: https://build.opensuse.org/request/show/500485
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/qemu?expand=0&rev=123
This commit is contained in:
Dominique Leuenberger 2017-06-03 23:49:38 +00:00 committed by Git OBS Bridge
commit eb7234ac9a
104 changed files with 3172 additions and 2930 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
0001-XXX-dont-dump-core-on-sigabort.patch
View File

@ -1,4 +1,4 @@
From cf0874f4e213436a13e06cd650cb6addc2abc3bc Mon Sep 17 00:00:00 2001
From c033f8e4e487f2b1a09c86351f33c116464509af Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 21 Nov 2011 23:50:36 +0100
Subject: [PATCH] XXX dont dump core on sigabort
@ -8,7 +8,7 @@ Subject: [PATCH] XXX dont dump core on sigabort
1 file changed, 6 insertions(+)
diff --git a/linux-user/signal.c b/linux-user/signal.c
index c750053edd..cb3bc8fcb3 100644
index a67db04e1a..a11728f6e0 100644
--- a/linux-user/signal.c
+++ b/linux-user/signal.c
@@ -560,6 +560,10 @@ static void QEMU_NORETURN dump_core_and_abort(int target_sig)

6
0002-qemu-binfmt-conf-Modify-default-pat.patch
View File

@ -1,4 +1,4 @@
From e9b62c0a3fc4fbc6b7feca4ae9e1a336439d9ff3 Mon Sep 17 00:00:00 2001
From 70b4b47993dbbae58b80e504f4bc373e75a4acfb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 10 Aug 2016 19:00:24 +0200
Subject: [PATCH] qemu-binfmt-conf: Modify default path
@ -14,10 +14,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/qemu-binfmt-conf.sh b/scripts/qemu-binfmt-conf.sh
index de4d1c13d4..764025580d 100755
index 0f1aa63872..9fcd95a435 100755
--- a/scripts/qemu-binfmt-conf.sh
+++ b/scripts/qemu-binfmt-conf.sh
@@ -259,7 +259,7 @@ BINFMT_SET=qemu_register_interpreter
@@ -264,7 +264,7 @@ BINFMT_SET=qemu_register_interpreter
SYSTEMDDIR="/etc/binfmt.d"
DEBIANDIR="/usr/share/binfmts"

2
0003-qemu-cvs-alsa_bitfield.patch
View File

@ -1,4 +1,4 @@
From beff0040fcb19dce316f3e07a0c7711cf8545d63 Mon Sep 17 00:00:00 2001
From d1c07c5e280a5ca62d3019792049038a53476248 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 14 Apr 2009 16:20:50 +0200
Subject: [PATCH] qemu-cvs-alsa_bitfield

30
0004-qemu-cvs-alsa_ioctl.patch
View File

@ -1,4 +1,4 @@
From 8a4092a66e29d360d3371ac7ab9e5087294640b8 Mon Sep 17 00:00:00 2001
From d7f885cf41b62c5b8168aaeadb4e30849c55a871 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 14 Apr 2009 16:23:27 +0200
Subject: [PATCH] qemu-cvs-alsa_ioctl
@ -11,24 +11,26 @@ Implements ALSA ioctls on PPC hosts.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Ulrich Hecht <uli@suse.de>
[AF: Rebased for v2.7.0-rc2]
[BR: Rebased for v2.9.0-rc0: removed timespec ref. from syscall_types_alsa.h]
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
linux-user/ioctls.h | 5 +
linux-user/ioctls_alsa.h | 467 ++++++++++
linux-user/ioctls_alsa_structs.h | 1740 ++++++++++++++++++++++++++++++++++++++
linux-user/syscall_defs.h | 2 +
linux-user/syscall_types.h | 5 +
linux-user/syscall_types_alsa.h | 1336 +++++++++++++++++++++++++++++
6 files changed, 3555 insertions(+)
linux-user/syscall_types_alsa.h | 1330 +++++++++++++++++++++++++++++
6 files changed, 3549 insertions(+)
create mode 100644 linux-user/ioctls_alsa.h
create mode 100644 linux-user/ioctls_alsa_structs.h
create mode 100644 linux-user/syscall_types_alsa.h
diff --git a/linux-user/ioctls.h b/linux-user/ioctls.h
index 1bad701481..f2d9020c79 100644
index e6997ff230..ea335de680 100644
--- a/linux-user/ioctls.h
+++ b/linux-user/ioctls.h
@@ -351,6 +351,11 @@
@@ -359,6 +359,11 @@
IOCTL(VFAT_IOCTL_READDIR_BOTH, IOC_R, MK_PTR(MK_ARRAY(MK_STRUCT(STRUCT_dirent), 2)))
IOCTL(VFAT_IOCTL_READDIR_SHORT, IOC_R, MK_PTR(MK_ARRAY(MK_STRUCT(STRUCT_dirent), 2)))
@ -2260,10 +2262,10 @@ index 0000000000..e09a30defb
+ unsigned char *code;
+};
diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
index 0b15466743..bb3ed3c356 100644
index 40c5027e93..a34551debc 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h
@@ -2640,6 +2640,8 @@ struct target_ucred {
@@ -2802,6 +2802,8 @@ struct target_ucred {
uint32_t gid;
};
@ -2273,10 +2275,10 @@ index 0b15466743..bb3ed3c356 100644
#define TARGET_SIGEV_MAX_SIZE 64
diff --git a/linux-user/syscall_types.h b/linux-user/syscall_types.h
index af79fbf1de..4d99a9dd8b 100644
index 24631b09be..80ac53a8ed 100644
--- a/linux-user/syscall_types.h
+++ b/linux-user/syscall_types.h
@@ -83,6 +83,11 @@ STRUCT(buffmem_desc,
@@ -89,6 +89,11 @@ STRUCT(buffmem_desc,
STRUCT(mixer_info,
MK_ARRAY(TYPE_CHAR, 16), MK_ARRAY(TYPE_CHAR, 32), TYPE_INT, MK_ARRAY(TYPE_INT, 10))
@ -2290,10 +2292,10 @@ index af79fbf1de..4d99a9dd8b 100644
TYPE_INT, /* lo_number */
diff --git a/linux-user/syscall_types_alsa.h b/linux-user/syscall_types_alsa.h
new file mode 100644
index 0000000000..72622ae9a2
index 0000000000..fa7a18d755
--- /dev/null
+++ b/linux-user/syscall_types_alsa.h
@@ -0,0 +1,1336 @@
@@ -0,0 +1,1330 @@
+/*
+ * Advanced Linux Sound Architecture
+ *
@ -2322,12 +2324,6 @@ index 0000000000..72622ae9a2
+STRUCT (sndrv_seq_instr_size, TYPE_INT)
+STRUCT (sndrv_pcm_uframes, TYPE_ULONG)
+
+
+STRUCT (timespec,
+ TYPE_LONG,
+ TYPE_LONG
+ )
+
+STRUCT( fm_operator,
+ TYPE_CHAR,
+ TYPE_CHAR,

8
0005-qemu-cvs-alsa_mmap.patch
View File

@ -1,4 +1,4 @@
From 9ef9e8d6c450c2f5332f9ab82c7fc4750c5b7cb4 Mon Sep 17 00:00:00 2001
From 60ce6f53311146b52cd81ddd0aa964a1afa5bd5f Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 14 Apr 2009 16:24:15 +0200
Subject: [PATCH] qemu-cvs-alsa_mmap
@ -12,10 +12,10 @@ Signed-off-by: Ulrich Hecht <uli@suse.de>
1 file changed, 14 insertions(+)
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index 61685bf79e..a428eb867f 100644
index 4888f53139..a3fcea263f 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -360,6 +360,9 @@ abi_ulong mmap_find_vma(abi_ulong start, abi_ulong size)
@@ -357,6 +357,9 @@ abi_ulong mmap_find_vma(abi_ulong start, abi_ulong size)
}
}
@ -25,7 +25,7 @@ index 61685bf79e..a428eb867f 100644
/* NOTE: all the constants are the HOST ones */
abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
int flags, int fd, abi_ulong offset)
@@ -394,6 +397,17 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
@@ -391,6 +394,17 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
}
#endif

6
0006-qemu-cvs-gettimeofday.patch
View File

@ -1,4 +1,4 @@
From e073096e40ec4d1d2b90e9e289190d9098c44dbb Mon Sep 17 00:00:00 2001
From cc91b17c96a16f1fccdbe4f7ab534816b4ff5e77 Mon Sep 17 00:00:00 2001
From: Ulrich Hecht <uli@suse.de>
Date: Tue, 14 Apr 2009 16:25:41 +0200
Subject: [PATCH] qemu-cvs-gettimeofday
@ -9,10 +9,10 @@ No clue what this is for.
1 file changed, 2 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 7b77503f94..e6689466a7 100644
index cec8428589..03c3576dab 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -8770,6 +8770,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
@@ -8914,6 +8914,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
case TARGET_NR_gettimeofday:
{
struct timeval tv;

6
0007-qemu-cvs-ioctl_debug.patch
View File

@ -1,4 +1,4 @@
From 34dcc1febe1a4806f5d2d34fad308f8d2890369a Mon Sep 17 00:00:00 2001
From a047a2ecf689e8f70d09ad3804b1c1fe8bca4406 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 14 Apr 2009 16:26:33 +0200
Subject: [PATCH] qemu-cvs-ioctl_debug
@ -12,10 +12,10 @@ Signed-off-by: Ulrich Hecht <uli@suse.de>
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index e6689466a7..3479be6cd6 100644
index 03c3576dab..891ee1c6ea 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -5471,7 +5471,12 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
@@ -5611,7 +5611,12 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
ie = ioctl_entries;
for(;;) {
if (ie->target_cmd == 0) {

8
0008-qemu-cvs-ioctl_nodirection.patch
View File

@ -1,4 +1,4 @@
From 380059e6c4e96538576a198fc771b14186e85112 Mon Sep 17 00:00:00 2001
From 82f268e91d5582f5bf7c327abe2ba6c4ff527f7b Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 14 Apr 2009 16:27:36 +0200
Subject: [PATCH] qemu-cvs-ioctl_nodirection
@ -15,10 +15,10 @@ Signed-off-by: Ulrich Hecht <uli@suse.de>
1 file changed, 6 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 3479be6cd6..2660a59897 100644
index 891ee1c6ea..2f82a7d1a6 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -5504,6 +5504,11 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
@@ -5648,6 +5648,11 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
arg_type++;
target_size = thunk_type_size(arg_type, 0);
switch(ie->access) {
@ -30,7 +30,7 @@ index 3479be6cd6..2660a59897 100644
case IOC_R:
ret = get_errno(safe_ioctl(fd, ie->host_cmd, buf_temp));
if (!is_error(ret)) {
@@ -5522,6 +5527,7 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
@@ -5666,6 +5671,7 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
unlock_user(argptr, arg, 0);
ret = get_errno(safe_ioctl(fd, ie->host_cmd, buf_temp));
break;

12
0009-linux-user-add-binfmt-wrapper-for-a.patch
View File

@ -1,4 +1,4 @@
From fd1e321c4e9f0ed67e559bd830f747c92c60593f Mon Sep 17 00:00:00 2001
From c1f6c6bbb68c9ceb462cb3f8f4a2abd719f67bd5 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Fri, 30 Sep 2011 19:40:36 +0200
Subject: [PATCH] linux-user: add binfmt wrapper for argv[0] handling
@ -37,7 +37,7 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
create mode 100644 linux-user/binfmt.c
diff --git a/Makefile.target b/Makefile.target
index 7a5080e94a..aee2c41040 100644
index 7df2b8c149..85ae084545 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -36,6 +36,10 @@ endif
@ -51,16 +51,16 @@ index 7a5080e94a..aee2c41040 100644
config-target.h: config-target.h-timestamp
config-target.h-timestamp: config-target.mak
@@ -116,6 +120,8 @@ QEMU_CFLAGS+=-I$(SRC_PATH)/linux-user/$(TARGET_ABI_DIR) \
@@ -121,6 +125,8 @@ QEMU_CFLAGS+=-I$(SRC_PATH)/linux-user/$(TARGET_ABI_DIR) \
obj-y += linux-user/
obj-y += gdbstub.o thunk.o user-exec.o
obj-y += gdbstub.o thunk.o user-exec.o user-exec-stub.o
+obj-binfmt-y += linux-user/
+
endif #CONFIG_LINUX_USER
#########################################################
@@ -164,7 +170,11 @@ endif # CONFIG_SOFTMMU
@@ -169,7 +175,11 @@ endif # CONFIG_SOFTMMU
# Workaround for http://gcc.gnu.org/PR55489, see configure.
%/translate.o: QEMU_CFLAGS += $(TRANSLATE_OPT_CFLAGS)
@ -72,7 +72,7 @@ index 7a5080e94a..aee2c41040 100644
all-obj-y := $(obj-y)
target-obj-y :=
@@ -201,6 +211,9 @@ ifdef CONFIG_DARWIN
@@ -211,6 +221,9 @@ ifdef CONFIG_DARWIN
$(call quiet-command,SetFile -a C $@,"SETFILE","$(TARGET_DIR)$@")
endif

6
0010-PPC-KVM-Disable-mmu-notifier-check.patch
View File

@ -1,4 +1,4 @@
From 74afa369962dfa525f28913e0aaf0678362fc4cf Mon Sep 17 00:00:00 2001
From 5af3522f9a43395d9445806b150c0b9f5a7d107e Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Fri, 6 Jan 2012 01:05:55 +0100
Subject: [PATCH] PPC: KVM: Disable mmu notifier check
@ -13,10 +13,10 @@ KVM guests work there, even if possibly racy in some odd circumstances.
1 file changed, 2 insertions(+)
diff --git a/exec.c b/exec.c
index 08c558eecf..d55ab5574d 100644
index c97ef4a8da..b47b3f9096 100644
--- a/exec.c
+++ b/exec.c
@@ -1240,11 +1240,13 @@ static void *file_ram_alloc(RAMBlock *block,
@@ -1362,11 +1362,13 @@ static void *file_ram_alloc(RAMBlock *block,
int fd = -1;
int64_t file_size;

6
0011-linux-user-fix-segfault-deadlock.patch
View File

@ -1,4 +1,4 @@
From 34a749afcf6ad03e116b6cfb59934e0853bda304 Mon Sep 17 00:00:00 2001
From ebdfb6b8345badf51e6da5f56abcb069de29ebfe Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Fri, 13 Jan 2012 17:05:41 +0100
Subject: [PATCH] linux-user: fix segfault deadlock
@ -26,10 +26,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 4 insertions(+)
diff --git a/user-exec.c b/user-exec.c
index 6db075884d..a18d626250 100644
index a8f95fa1e1..c262653604 100644
--- a/user-exec.c
+++ b/user-exec.c
@@ -65,6 +65,10 @@ static inline int handle_cpu_signal(uintptr_t pc, unsigned long address,
@@ -78,6 +78,10 @@ static inline int handle_cpu_signal(uintptr_t pc, unsigned long address,
printf("qemu: SIGSEGV pc=0x%08lx address=%08lx w=%d oldset=0x%08lx\n",
pc, address, is_write, *(unsigned long *)old_set);
#endif

2
0012-linux-user-binfmt-support-host-bina.patch
View File

@ -1,4 +1,4 @@
From 21c11182134222d441f5f1c701f776ac14e10eb8 Mon Sep 17 00:00:00 2001
From 8a8e7f00c3028d2f07a8afd4dabf20b634654637 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 2 Feb 2012 18:02:33 +0100
Subject: [PATCH] linux-user: binfmt: support host binaries

8
0013-linux-user-Fake-proc-cpuinfo.patch
View File

@ -1,4 +1,4 @@
From 8af212a8fae1e0cdf32df61e5509799495eaa9e6 Mon Sep 17 00:00:00 2001
From fd25a10cf311c732589a131c107b0dd61a845ecf Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 23 Jul 2012 10:24:14 +0200
Subject: [PATCH] linux-user: Fake /proc/cpuinfo
@ -22,10 +22,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 20 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 2660a59897..a348927853 100644
index 2f82a7d1a6..37b49bd406 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -7359,6 +7359,25 @@ static int open_self_stat(void *cpu_env, int fd)
@@ -7503,6 +7503,25 @@ static int open_self_stat(void *cpu_env, int fd)
return 0;
}
@ -51,7 +51,7 @@ index 2660a59897..a348927853 100644
static int open_self_auxv(void *cpu_env, int fd)
{
CPUState *cpu = ENV_GET_CPU((CPUArchState *)cpu_env);
@@ -7473,6 +7492,7 @@ static int do_openat(void *cpu_env, int dirfd, const char *pathname, int flags,
@@ -7617,6 +7636,7 @@ static int do_openat(void *cpu_env, int dirfd, const char *pathname, int flags,
#if defined(HOST_WORDS_BIGENDIAN) != defined(TARGET_WORDS_BIGENDIAN)
{ "/proc/net/route", open_net_route, is_proc },
#endif

6
0014-linux-user-XXX-disable-fiemap.patch
View File

@ -1,4 +1,4 @@
From 772c86a0d02d6869d7ef06b666ff26824eb9ca3e Mon Sep 17 00:00:00 2001
From be8989734d0f8f83659186495cca577e3844a310 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 21 Aug 2012 14:20:40 +0200
Subject: [PATCH] linux-user: XXX disable fiemap
@ -9,10 +9,10 @@ agraf: fiemap breaks in libarchive. Disable it for now.
1 file changed, 5 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index a348927853..b04fade80e 100644
index 37b49bd406..983475a0b9 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -4938,6 +4938,11 @@ static abi_long do_ioctl_fs_ioc_fiemap(const IOCTLEntry *ie, uint8_t *buf_temp,
@@ -5076,6 +5076,11 @@ static abi_long do_ioctl_fs_ioc_fiemap(const IOCTLEntry *ie, uint8_t *buf_temp,
uint32_t outbufsz;
int free_fm = 0;

14
0015-slirp-nooutgoing.patch
View File

@ -1,4 +1,4 @@
From e69941d829cfb5d63a2c0f1606a4e58e6f33f9f6 Mon Sep 17 00:00:00 2001
From 83cb2267f51dd9240a9c7940205e65373a7665c3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 29 Aug 2012 18:42:56 +0200
Subject: [PATCH] slirp: -nooutgoing
@ -12,10 +12,10 @@ TBD (from SUSE Studio team)
4 files changed, 39 insertions(+)
diff --git a/qemu-options.hx b/qemu-options.hx
index c534a2f7f9..7e6d6ecc17 100644
index 99af8edf5f..4712277d7c 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -3162,6 +3162,16 @@ Store the QEMU process PID in @var{file}. It is useful if you launch QEMU
@@ -3215,6 +3215,16 @@ Store the QEMU process PID in @var{file}. It is useful if you launch QEMU
from a script.
ETEXI
@ -33,7 +33,7 @@ index c534a2f7f9..7e6d6ecc17 100644
"-singlestep always run in singlestep mode\n", QEMU_ARCH_ALL)
STEXI
diff --git a/slirp/socket.c b/slirp/socket.c
index 6c18971368..e39e3a07f0 100644
index 86927722e1..5c89064e15 100644
--- a/slirp/socket.c
+++ b/slirp/socket.c
@@ -625,6 +625,8 @@ sorecvfrom(struct socket *so)
@ -96,10 +96,10 @@ index ed16e1807f..b2c7a8cba0 100644
socket_set_fast_reuse(s);
opt = 1;
diff --git a/vl.c b/vl.c
index d77dd862f9..4427bf5e1a 100644
index 0b4ed5241c..e0f2ec86a9 100644
--- a/vl.c
+++ b/vl.c
@@ -162,6 +162,7 @@ int smp_threads = 1;
@@ -168,6 +168,7 @@ int smp_threads = 1;
int acpi_enabled = 1;
int no_hpet = 0;
int fd_bootchk = 1;
@ -107,7 +107,7 @@ index d77dd862f9..4427bf5e1a 100644
static int no_reboot;
int no_shutdown = 0;
int cursor_hide = 1;
@@ -3437,6 +3438,14 @@ int main(int argc, char **argv, char **envp)
@@ -3405,6 +3406,14 @@ int main(int argc, char **argv, char **envp)
case QEMU_OPTION_singlestep:
singlestep = 1;
break;

28
0016-vnc-password-file-and-incoming-conn.patch
View File

@ -1,4 +1,4 @@
From 4338d0069c38dddf42e1ac1b66414266d6e9dac7 Mon Sep 17 00:00:00 2001
From 1e4392f3e2e1641b7ed570da630a9e86cb23710d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 29 Aug 2012 20:06:01 +0200
Subject: [PATCH] vnc: password-file= and incoming-connections=
@ -9,10 +9,10 @@ TBD (from SUSE Studio team)
1 file changed, 55 insertions(+)
diff --git a/ui/vnc.c b/ui/vnc.c
index 2c28a59ff7..8d0c16b23f 100644
index 349cfc9d86..486d2759e4 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -58,6 +58,8 @@ static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 };
@@ -59,6 +59,8 @@ static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 };
static QTAILQ_HEAD(, VncDisplay) vnc_displays =
QTAILQ_HEAD_INITIALIZER(vnc_displays);
@ -21,7 +21,7 @@ index 2c28a59ff7..8d0c16b23f 100644
static int vnc_cursor_define(VncState *vs);
static void vnc_release_modifiers(VncState *vs);
@@ -1201,6 +1203,7 @@ static void vnc_disconnect_start(VncState *vs)
@@ -1130,6 +1132,7 @@ static void vnc_disconnect_start(VncState *vs)
void vnc_disconnect_finish(VncState *vs)
{
int i;
@ -29,7 +29,7 @@ index 2c28a59ff7..8d0c16b23f 100644
vnc_jobs_join(vs); /* Wait encoding jobs */
@@ -1251,6 +1254,13 @@ void vnc_disconnect_finish(VncState *vs)
@@ -1178,6 +1181,13 @@ void vnc_disconnect_finish(VncState *vs)
object_unref(OBJECT(vs->sioc));
vs->sioc = NULL;
g_free(vs);
@ -43,7 +43,7 @@ index 2c28a59ff7..8d0c16b23f 100644
}
ssize_t vnc_client_io_error(VncState *vs, ssize_t ret, Error **errp)
@@ -3244,6 +3254,39 @@ static void vnc_display_print_local_addr(VncDisplay *vd)
@@ -3171,6 +3181,39 @@ static void vnc_display_print_local_addr(VncDisplay *vd)
qapi_free_SocketAddress(addr);
}
@ -83,7 +83,7 @@ index 2c28a59ff7..8d0c16b23f 100644
static QemuOptsList qemu_vnc_opts = {
.name = "vnc",
.head = QTAILQ_HEAD_INITIALIZER(qemu_vnc_opts.head),
@@ -3275,6 +3318,9 @@ static QemuOptsList qemu_vnc_opts = {
@@ -3202,6 +3245,9 @@ static QemuOptsList qemu_vnc_opts = {
.name = "connections",
.type = QEMU_OPT_NUMBER,
},{
@ -93,7 +93,7 @@ index 2c28a59ff7..8d0c16b23f 100644
.name = "to",
.type = QEMU_OPT_NUMBER,
},{
@@ -3287,6 +3333,9 @@ static QemuOptsList qemu_vnc_opts = {
@@ -3214,6 +3260,9 @@ static QemuOptsList qemu_vnc_opts = {
.name = "password",
.type = QEMU_OPT_BOOL,
},{
@ -103,15 +103,15 @@ index 2c28a59ff7..8d0c16b23f 100644
.name = "reverse",
.type = QEMU_OPT_BOOL,
},{
@@ -3486,6 +3535,7 @@ void vnc_display_open(const char *id, Error **errp)
@@ -3766,6 +3815,7 @@ void vnc_display_open(const char *id, Error **errp)
const char *share, *device_id;
QemuConsole *con;
bool password = false;
+ const char *password_file;
bool reverse = false;
const char *vnc;
char *h;
@@ -3615,6 +3665,10 @@ void vnc_display_open(const char *id, Error **errp)
const char *credid;
bool sasl = false;
@@ -3809,6 +3859,10 @@ void vnc_display_open(const char *id, Error **errp)
goto fail;
}
}
@ -120,9 +120,9 @@ index 2c28a59ff7..8d0c16b23f 100644
+ read_file_password(id, password_file);
+ }
reverse = qemu_opt_get_bool(opts, "reverse", false);
lock_key_sync = qemu_opt_get_bool(opts, "lock-key-sync", true);
@@ -3704,6 +3758,7 @@ void vnc_display_open(const char *id, Error **errp)
key_delay_ms = qemu_opt_get_number(opts, "key-delay-ms", 1);
@@ -3897,6 +3951,7 @@ void vnc_display_open(const char *id, Error **errp)
vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
}
vd->connections_limit = qemu_opt_get_number(opts, "connections", 32);

10
0017-linux-user-use-target_ulong.patch
View File

@ -1,4 +1,4 @@
From 725c9b6ff408dc7960242751619caeb27560c3e7 Mon Sep 17 00:00:00 2001
From 86cc99ea8d1648c0e2388cde261e8349d7f235b8 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 9 Oct 2012 09:06:49 +0200
Subject: [PATCH] linux-user: use target_ulong
@ -17,10 +17,10 @@ Signed-off-by: Alexander Graf <agraf@suse.de>
2 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/linux-user/qemu.h b/linux-user/qemu.h
index da73a01106..7d2894d7c0 100644
index 4edd7d0c08..25208645e9 100644
--- a/linux-user/qemu.h
+++ b/linux-user/qemu.h
@@ -193,10 +193,10 @@ abi_long memcpy_to_target(abi_ulong dest, const void *src,
@@ -196,10 +196,10 @@ abi_long memcpy_to_target(abi_ulong dest, const void *src,
void target_set_brk(abi_ulong new_brk);
abi_long do_brk(abi_ulong new_brk);
void syscall_init(void);
@ -36,10 +36,10 @@ index da73a01106..7d2894d7c0 100644
extern THREAD CPUState *thread_cpu;
void cpu_loop(CPUArchState *env);
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index b04fade80e..ab3cf24dbb 100644
index 983475a0b9..1472d72f27 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -7566,10 +7566,10 @@ static target_timer_t get_timer_id(abi_long arg)
@@ -7710,10 +7710,10 @@ static target_timer_t get_timer_id(abi_long arg)
/* do_syscall() should always have a single exit point at the end so
that actions, such as logging of syscall results, can be performed.
All errnos that do_syscall() returns must be -TARGET_<errcode>. */

8
0018-block-Add-support-for-DictZip-enabl.patch
View File

@ -1,4 +1,4 @@
From 2f2838f6f14d8a7a7d3000fc0d61349ddf3f33b0 Mon Sep 17 00:00:00 2001
From 9f1a253507537ec3fd31fb6bf9d9ad3278f1cd46 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Wed, 5 Aug 2009 09:49:37 +0200
Subject: [PATCH] block: Add support for DictZip enabled gzip files
@ -47,11 +47,11 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
create mode 100644 block/dictzip.c
diff --git a/block/Makefile.objs b/block/Makefile.objs
index 67a036a1df..0417d54e26 100644
index de96f8ee80..bab24da2fb 100644
--- a/block/Makefile.objs
+++ b/block/Makefile.objs
@@ -21,6 +21,7 @@ block-obj-$(CONFIG_GLUSTERFS) += gluster.o
block-obj-$(CONFIG_ARCHIPELAGO) += archipelago.o
@@ -21,6 +21,7 @@ block-obj-$(CONFIG_RBD) += rbd.o
block-obj-$(CONFIG_GLUSTERFS) += gluster.o
block-obj-$(CONFIG_LIBSSH2) += ssh.o
block-obj-y += accounting.o dirty-bitmap.o
+block-obj-y += dictzip.o

6
0019-block-Add-tar-container-format.patch
View File

@ -1,4 +1,4 @@
From dae0d107e021d65a5029c53229543bca37d21da8 Mon Sep 17 00:00:00 2001
From 9bab09a016d850caba2bffe818d9696bd8c165c3 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Wed, 5 Aug 2009 17:28:38 +0200
Subject: [PATCH] block: Add tar container format
@ -48,10 +48,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
create mode 100644 block/tar.c
diff --git a/block/Makefile.objs b/block/Makefile.objs
index 0417d54e26..255b8d7b0f 100644
index bab24da2fb..73c7b55871 100644
--- a/block/Makefile.objs
+++ b/block/Makefile.objs
@@ -22,6 +22,7 @@ block-obj-$(CONFIG_ARCHIPELAGO) += archipelago.o
@@ -22,6 +22,7 @@ block-obj-$(CONFIG_GLUSTERFS) += gluster.o
block-obj-$(CONFIG_LIBSSH2) += ssh.o
block-obj-y += accounting.o dirty-bitmap.o
block-obj-y += dictzip.o

2
0020-Legacy-Patch-kvm-qemu-preXX-dictzip.patch
View File

@ -1,4 +1,4 @@
From a4e7e274fa2d1fab3e2a4bfa9ca379252c5aa505 Mon Sep 17 00:00:00 2001
From d9f090d7d5e9ddefc29e3e0b3ead5b408fefaff3 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Wed, 12 Dec 2012 19:11:30 +0100
Subject: [PATCH] Legacy Patch kvm-qemu-preXX-dictzip3.patch

6
0021-console-add-question-mark-escape-op.patch
View File

@ -1,4 +1,4 @@
From b6dbfd4547ac7a9af8e7a4785d53dc087e613d36 Mon Sep 17 00:00:00 2001
From 0e5cce67ba0aafd9cf0bc3c31a3b24706bee26f4 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 6 Jun 2011 06:53:52 +0200
Subject: [PATCH] console: add question-mark escape operator
@ -16,10 +16,10 @@ Signed-off-by: Alexander Graf <agraf@suse.de>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ui/console.c b/ui/console.c
index ed888e55ea..b55d7a5cb3 100644
index 419b098c11..9688457480 100644
--- a/ui/console.c
+++ b/ui/console.c
@@ -869,7 +869,7 @@ static void console_putchar(QemuConsole *s, int ch)
@@ -880,7 +880,7 @@ static void console_putchar(QemuConsole *s, int ch)
} else {
if (s->nb_esc_params < MAX_ESC_PARAMS)
s->nb_esc_params++;

51
0022-Make-char-muxer-more-robust-wrt-sma.patch
View File

@ -1,4 +1,4 @@
From 047016003be1f8b58e063551d6e890f2616e931e Mon Sep 17 00:00:00 2001
From dafee8907bcaa3ee580ebef4f76e7d62c14cd5c3 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 1 Apr 2010 17:36:23 +0200
Subject: [PATCH] Make char muxer more robust wrt small FIFOs
@ -20,24 +20,15 @@ This patch fixes input when using -nographic on s390 for me.
[AF: Rebased for v2.7.0-rc2]
---
qemu-char.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
chardev/char-mux.c | 13 +++++++++++++
chardev/char-mux.h | 3 +++
2 files changed, 16 insertions(+)
diff --git a/qemu-char.c b/qemu-char.c
index 2c9940cea4..b6a9a32bf4 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -531,6 +531,9 @@ static CharDriverState *qemu_chr_open_null(const char *id,
struct MuxDriver {
CharBackend *backends[MAX_MUX];
CharBackend chr;
+#if defined(TARGET_S390X)
+ QEMUTimer *accept_timer;
+#endif
int focus;
int mux_cnt;
int term_got_escape;
@@ -694,6 +697,15 @@ static void mux_chr_accept_input(CharDriverState *chr)
diff --git a/chardev/char-mux.c b/chardev/char-mux.c
index 5547a36a0a..7b80dc8ad7 100644
--- a/chardev/char-mux.c
+++ b/chardev/char-mux.c
@@ -179,6 +179,15 @@ static void mux_chr_accept_input(Chardev *chr)
be->chr_read(be->opaque,
&d->buffer[m][d->cons[m]++ & MUX_BUFFER_MASK], 1);
}
@ -53,14 +44,28 @@ index 2c9940cea4..b6a9a32bf4 100644
}
static int mux_chr_can_read(void *opaque)
@@ -864,6 +876,10 @@ static CharDriverState *qemu_chr_open_mux(const char *id,
@@ -308,6 +317,10 @@ static void qemu_chr_open_mux(Chardev *chr,
}
chr->opaque = d;
d->focus = -1;
+#if defined(TARGET_S390X)
+ d->accept_timer = qemu_new_timer_ns(vm_clock,
+ (QEMUTimerCB*)mux_chr_accept_input, chr);
+#endif
chr->chr_free = mux_chr_free;
chr->chr_write = mux_chr_write;
chr->chr_accept_input = mux_chr_accept_input;
/* only default to opened state if we've realized the initial
* set of muxes
*/
diff --git a/chardev/char-mux.h b/chardev/char-mux.h
index 9a2fffce91..d5f419c8a9 100644
--- a/chardev/char-mux.h
+++ b/chardev/char-mux.h
@@ -35,6 +35,9 @@ typedef struct MuxChardev {
Chardev parent;
CharBackend *backends[MAX_MUX];
CharBackend chr;
+#if defined(TARGET_S390X)
+ QEMUTimer *accept_timer;
+#endif
int focus;
int mux_cnt;
int term_got_escape;

6
0023-linux-user-lseek-explicitly-cast-no.patch
View File

@ -1,4 +1,4 @@
From 2be621021e70d2b86164c8b5e929bc13eca0e055 Mon Sep 17 00:00:00 2001
From 53b09a6f91e505d68429e5e67002fcd476d5e4ee Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 13 Dec 2012 14:29:22 +0100
Subject: [PATCH] linux-user: lseek: explicitly cast non-set offsets to signed
@ -16,10 +16,10 @@ Signed-off-by: Alexander Graf <agraf@suse.de>
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index ab3cf24dbb..831d3df19c 100644
index 1472d72f27..71d4f06bdb 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -7932,9 +7932,14 @@ abi_long do_syscall(void *cpu_env, int num, abi_ulong arg1,
@@ -8076,9 +8076,14 @@ abi_long do_syscall(void *cpu_env, int num, abi_ulong arg1,
case TARGET_NR_oldstat:
goto unimplemented;
#endif

6
0025-configure-Enable-PIE-for-ppc-and-pp.patch → 0024-configure-Enable-PIE-for-ppc-and-pp.patch
View File

@ -1,4 +1,4 @@
From 1825b6ee2b448261ae1bfde344a8127dbdec1e9a Mon Sep 17 00:00:00 2001
From e374a2f8d62eaba772ef5da1deede30b5a3b6868 Mon Sep 17 00:00:00 2001
From: Dinar Valeev <k0da@opensuse.org>
Date: Wed, 2 Oct 2013 17:56:03 +0200
Subject: [PATCH] configure: Enable PIE for ppc and ppc64 hosts
@ -14,10 +14,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure b/configure
index 3770d7c263..9fdf7e7abc 100755
index be4d326ae0..3308560f78 100755
--- a/configure
+++ b/configure
@@ -1567,7 +1567,7 @@ fi
@@ -1600,7 +1600,7 @@ fi
if test "$pie" = ""; then
case "$cpu-$targetos" in

31
0024-virtfs-proxy-helper-Provide-__u64-f.patch
View File

@ -1,31 +0,0 @@
From 68cabc26aa994989c71212df1623e159df4e6b01 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Thu, 16 May 2013 12:39:10 +0200
Subject: [PATCH] virtfs-proxy-helper: Provide __u64 for broken
sys/capability.h
Fixes the build on SLE 11 SP2.
[AF: Extend to ppc64]
---
fsdev/virtfs-proxy-helper.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c
index 54f7ad1c48..b4bf2f40c9 100644
--- a/fsdev/virtfs-proxy-helper.c
+++ b/fsdev/virtfs-proxy-helper.c
@@ -9,6 +9,13 @@
* the COPYING file in the top-level directory.
*/
+/* work around a broken sys/capability.h */
+#if defined(__i386__)
+typedef unsigned long long __u64;
+#endif
+#if defined(__powerpc64__)
+#include <asm/types.h>
+#endif
#include "qemu/osdep.h"
#include <sys/resource.h>
#include <getopt.h>

14
0026-AIO-Reduce-number-of-threads-for-32.patch → 0025-AIO-Reduce-number-of-threads-for-32.patch
View File

@ -1,4 +1,4 @@
From 9a6dabcb75d6f8d17f3aab2ef4c2c6186e1a8eb1 Mon Sep 17 00:00:00 2001
From 5d3ffee948660539ebe7dc51595986d18ae3701b Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Wed, 14 Jan 2015 01:32:11 +0100
Subject: [PATCH] AIO: Reduce number of threads for 32bit hosts
@ -17,14 +17,14 @@ on 32bit ARM systems for me.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
thread-pool.c | 7 ++++++-
util/thread-pool.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/thread-pool.c b/thread-pool.c
index 6fba913529..ee0b485f07 100644
--- a/thread-pool.c
+++ b/thread-pool.c
@@ -297,7 +297,12 @@ static void thread_pool_init_one(ThreadPool *pool, AioContext *ctx)
diff --git a/util/thread-pool.c b/util/thread-pool.c
index 610646d131..2e34e9846d 100644
--- a/util/thread-pool.c
+++ b/util/thread-pool.c
@@ -308,7 +308,12 @@ static void thread_pool_init_one(ThreadPool *pool, AioContext *ctx)
qemu_mutex_init(&pool->lock);
qemu_cond_init(&pool->worker_stopped);
qemu_sem_init(&pool->sem, 0);

2
0027-dictzip-Fix-on-big-endian-systems.patch → 0026-dictzip-Fix-on-big-endian-systems.patch
View File

@ -1,4 +1,4 @@
From 69fae9cfe2d91c07fece069189debaaf47e7d40b Mon Sep 17 00:00:00 2001
From 86965fe480a4bf416e69617166b4f9f8ee7044bd Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 15 Jun 2015 17:36:32 +0200
Subject: [PATCH] dictzip: Fix on big endian systems

2
0028-xen_disk-Add-suse-specific-flush-di.patch → 0027-xen_disk-Add-suse-specific-flush-di.patch
View File

@ -1,4 +1,4 @@
From 1e4469088f98f8ce31044eb89e76228f07d068a2 Mon Sep 17 00:00:00 2001
From e583a3cabe6667f8446d6ba35bd1f730d3ac991f Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Wed, 9 Mar 2016 15:18:11 -0700
Subject: [PATCH] xen_disk: Add suse specific flush disable handling and map to

2
0029-qemu-bridge-helper-reduce-security-.patch → 0028-qemu-bridge-helper-reduce-security-.patch
View File

@ -1,4 +1,4 @@
From b05bd879232bb4ac753d72a9c32c489b109e6555 Mon Sep 17 00:00:00 2001
From 2818c2f6840a0169068d390e5756a79ad1f2fb08 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Tue, 2 Aug 2016 11:36:02 -0600
Subject: [PATCH] qemu-bridge-helper: reduce security profile

8
0030-qemu-binfmt-conf-use-qemu-ARCH-binf.patch → 0029-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
View File

@ -1,4 +1,4 @@
From 36996f68dc156ab64aec4b149c724ce2b2c7f400 Mon Sep 17 00:00:00 2001
From 108e17b16aa8372c04ec13ddeb566794ae336cf5 Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@suse.de>
Date: Fri, 12 Aug 2016 18:20:49 +0200
Subject: [PATCH] qemu-binfmt-conf: use qemu-ARCH-binfmt
@ -13,10 +13,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/scripts/qemu-binfmt-conf.sh b/scripts/qemu-binfmt-conf.sh
index 764025580d..3affcdca1b 100755
index 9fcd95a435..f14a6ef37b 100755
--- a/scripts/qemu-binfmt-conf.sh
+++ b/scripts/qemu-binfmt-conf.sh
@@ -201,7 +201,7 @@ qemu_check_systemd() {
@@ -206,7 +206,7 @@ qemu_check_systemd() {
}
qemu_generate_register() {
@ -25,7 +25,7 @@ index 764025580d..3affcdca1b 100755
}
qemu_register_interpreter() {
@@ -242,9 +242,9 @@ qemu_set_binfmts() {
@@ -247,9 +247,9 @@ qemu_set_binfmts() {
continue
fi

6
0031-configure-Fix-detection-of-seccomp-.patch → 0030-configure-Fix-detection-of-seccomp-.patch
View File

@ -1,4 +1,4 @@
From 6163925a8a53570a007a564c2d86746e589d5ea4 Mon Sep 17 00:00:00 2001
From eebe76eeffb2166f2ce71bd3445498e989235aa2 Mon Sep 17 00:00:00 2001
From: markkp <mpost@suse.com>
Date: Thu, 11 Aug 2016 16:28:39 -0400
Subject: [PATCH] configure: Fix detection of seccomp on s390x
@ -13,10 +13,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 3 insertions(+)
diff --git a/configure b/configure
index 9fdf7e7abc..087d8e2661 100755
index 3308560f78..cb7589a8e7 100755
--- a/configure
+++ b/configure
@@ -1928,6 +1928,9 @@ if test "$seccomp" != "no" ; then
@@ -1961,6 +1961,9 @@ if test "$seccomp" != "no" ; then
ppc|ppc64)
libseccomp_minver="2.3.0"
;;

6
0032-linux-user-properly-test-for-infini.patch → 0031-linux-user-properly-test-for-infini.patch
View File

@ -1,4 +1,4 @@
From a420f344cef024cab119609171fb14667666055c Mon Sep 17 00:00:00 2001
From 158de49a5e5ae6f0e90f3e3f381acf769e063988 Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@linux-m68k.org>
Date: Thu, 8 Sep 2016 11:21:05 +0200
Subject: [PATCH] linux-user: properly test for infinite timeout in poll (#8)
@ -16,10 +16,10 @@ Signed-off-by: Andreas Schwab <schwab@suse.de>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 831d3df19c..b5070a0d0e 100644
index 71d4f06bdb..78f0ea4c58 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -10061,7 +10061,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_ulong arg1,
@@ -10204,7 +10204,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_ulong arg1,
{
struct timespec ts, *pts;

6
0033-linux-user-remove-all-traces-of-qem.patch → 0032-linux-user-remove-all-traces-of-qem.patch
View File

@ -1,4 +1,4 @@
From 667601cdfbeada47ff5f00d6bf5a17c865319a7f Mon Sep 17 00:00:00 2001
From 0206a322d7067b3b74c868f2d80e8dfb4c24de97 Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@suse.de>
Date: Wed, 28 Sep 2016 16:36:40 +0200
Subject: [PATCH] linux-user: remove all traces of qemu from /proc/self/cmdline
@ -17,10 +17,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 7 insertions(+), 40 deletions(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index b5070a0d0e..213e8f3c6c 100644
index 78f0ea4c58..1e56583d63 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -7230,52 +7230,19 @@ int host_to_target_waitstatus(int status)
@@ -7374,52 +7374,19 @@ int host_to_target_waitstatus(int status)
static int open_self_cmdline(void *cpu_env, int fd)
{

2
0036-roms-Makefile-pass-a-packaging-time.patch → 0033-roms-Makefile-pass-a-packaging-time.patch
View File

@ -1,4 +1,4 @@
From 235fbffb3f16857462b5256cc731156322b66072 Mon Sep 17 00:00:00 2001
From efc73d004696dada76a417cb2797593493e94f66 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Sat, 19 Nov 2016 08:06:30 -0700
Subject: [PATCH] roms/Makefile: pass a packaging timestamp to subpackages with

14
0037-Raise-soft-address-space-limit-to-h.patch → 0034-Raise-soft-address-space-limit-to-h.patch
View File

@ -1,4 +1,4 @@
From a5f88d11e6d846f117d9a6cc3fbf1fb0b2750047 Mon Sep 17 00:00:00 2001
From 0b4661283cb4ea49967dd1a9b1f977a4fbc9e804 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Sun, 15 Jan 2012 19:53:49 +0100
Subject: [PATCH] Raise soft address space limit to hard limit
@ -17,7 +17,7 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
1 file changed, 12 insertions(+)
diff --git a/vl.c b/vl.c
index 4427bf5e1a..501cd28363 100644
index e0f2ec86a9..caad3f93b3 100644
--- a/vl.c
+++ b/vl.c
@@ -26,6 +26,7 @@
@ -28,15 +28,15 @@ index 4427bf5e1a..501cd28363 100644
#ifdef CONFIG_SECCOMP
#include "sysemu/seccomp.h"
@@ -3031,6 +3032,7 @@ int main(int argc, char **argv, char **envp)
Error *main_loop_err = NULL;
Error *err = NULL;
bool list_data_dirs = false;
@@ -2984,6 +2985,7 @@ int main(int argc, char **argv, char **envp)
} BlockdevOptions_queue;
QSIMPLEQ_HEAD(, BlockdevOptions_queue) bdo_queue
= QSIMPLEQ_HEAD_INITIALIZER(bdo_queue);
+ struct rlimit rlimit_as;
module_call_init(MODULE_INIT_TRACE);
@@ -3038,6 +3040,16 @@ int main(int argc, char **argv, char **envp)
@@ -2991,6 +2993,16 @@ int main(int argc, char **argv, char **envp)
qemu_init_cpu_loop();
qemu_mutex_lock_iothread();

32
0034-dma-rc4030-limit-interval-timer-rel.patch
View File

@ -1,32 +0,0 @@
From 920c90f4344b38242bd01b21f8bef55f11d0748c Mon Sep 17 00:00:00 2001
From: P J P <ppandit@redhat.com>
Date: Mon, 31 Oct 2016 15:55:14 -0600
Subject: [PATCH] dma: rc4030: limit interval timer reload value
The JAZZ RC4030 chipset emulator has a periodic timer and
associated interval reload register. The reload value is used
as divider when computing timer's next tick value. If reload
value is large, it could lead to divide by zero error. Limit
the interval reload value to avoid it.
Reported-by: Huawei PSIRT <psirt@huawei.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
[BR: CVE-2016-8667 BSC#1004702]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/dma/rc4030.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/dma/rc4030.c b/hw/dma/rc4030.c
index 17c8518fea..41fc043464 100644
--- a/hw/dma/rc4030.c
+++ b/hw/dma/rc4030.c
@@ -460,7 +460,7 @@ static void rc4030_write(void *opaque, hwaddr addr, uint64_t data,
break;
/* Interval timer reload */
case 0x0228:
- s->itr = val;
+ s->itr = val & 0x01FF;
qemu_irq_lower(s->timer_irq);
set_next_tick(s);
break;

14
0038-increase-x86_64-physical-bits-to-42.patch → 0035-increase-x86_64-physical-bits-to-42.patch
View File

@ -1,4 +1,4 @@
From 6fef5a1f40ec5dd0c13fabd299929125bafda7d4 Mon Sep 17 00:00:00 2001
From 28085d5db9376007294f5189c559d3182a2a98f4 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Fri, 17 May 2013 16:49:58 -0600
Subject: [PATCH] increase x86_64 physical bits to 42
@ -15,14 +15,14 @@ memory hole.
Signed-off-by: Bruce Rogers <brogers@suse.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
---
target-i386/cpu.h | 2 +-
target/i386/cpu.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target-i386/cpu.h b/target-i386/cpu.h
index c605724022..4c17f17701 100644
--- a/target-i386/cpu.h
+++ b/target-i386/cpu.h
@@ -1465,7 +1465,7 @@ uint64_t cpu_get_tsc(CPUX86State *env);
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index c4602ca80d..81c02c5a3b 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -1488,7 +1488,7 @@ uint64_t cpu_get_tsc(CPUX86State *env);
/* XXX: This value should match the one returned by CPUID
* and in exec.c */
# if defined(TARGET_X86_64)

47
0035-net-imx-limit-buffer-descriptor-cou.patch
View File

@ -1,47 +0,0 @@
From 101b933ef85a7520984743bbc35cc244304d94c7 Mon Sep 17 00:00:00 2001
From: P J P <ppandit@redhat.com>
Date: Mon, 31 Oct 2016 15:58:47 -0600
Subject: [PATCH] net: imx: limit buffer descriptor count
i.MX Fast Ethernet Controller uses buffer descriptors to manage
data flow to/fro receive & transmit queues. While transmitting
packets, it could continue to read buffer descriptors if a buffer
descriptor has length of zero and has crafted values in bd.flags.
Set an upper limit to number of buffer descriptors.
Reported-by: Li Qiang <liqiang6-s@360.cn>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
[BR: CVE-2016-7907 BSC#1002549]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/net/imx_fec.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/hw/net/imx_fec.c b/hw/net/imx_fec.c
index 50c75642c6..78d641c2a3 100644
--- a/hw/net/imx_fec.c
+++ b/hw/net/imx_fec.c
@@ -220,6 +220,8 @@ static const VMStateDescription vmstate_imx_eth = {
#define PHY_INT_PARFAULT (1 << 2)
#define PHY_INT_AUTONEG_PAGE (1 << 1)
+#define IMX_MAX_DESC 1024
+
static void imx_eth_update(IMXFECState *s);
/*
@@ -402,12 +404,12 @@ static void imx_eth_update(IMXFECState *s)
static void imx_fec_do_tx(IMXFECState *s)
{
- int frame_size = 0;
+ int frame_size = 0, descnt = 0;
uint8_t frame[ENET_MAX_FRAME_SIZE];
uint8_t *ptr = frame;
uint32_t addr = s->tx_descriptor;
- while (1) {
+ while (descnt++ < IMX_MAX_DESC) {
IMXFECBufDesc bd;
int len;

6
0039-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch → 0036-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
View File

@ -1,4 +1,4 @@
From f29449e6c1a79238ed317b4e2307ef699e7612bd Mon Sep 17 00:00:00 2001
From dec5ed741c369aed84b47752e43ad0eace76b75b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 12 Jun 2013 19:26:37 +0200
Subject: [PATCH] vga: Raise VRAM to 16 MiB for pc-0.15 and below
@ -25,10 +25,10 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
1 file changed, 26 insertions(+), 1 deletion(-)
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index a54a468c0a..511d438bdb 100644
index 9f102aa388..1c09005293 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -770,7 +770,32 @@ DEFINE_I440FX_MACHINE(v1_0, "pc-1.0", pc_compat_1_2,
@@ -779,7 +779,32 @@ DEFINE_I440FX_MACHINE(v1_0, "pc-1.0", pc_compat_1_2,
#define PC_COMPAT_0_15 \

2
0040-i8254-Fix-migration-from-SLE11-SP2.patch → 0037-i8254-Fix-migration-from-SLE11-SP2.patch
View File

@ -1,4 +1,4 @@
From de2bd411b216f7fa9aacad1e86cbd9c25db8954a Mon Sep 17 00:00:00 2001
From 5013ff917f276a6d9edc2ca0ab93fed93a7ac653 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 31 Jul 2013 17:05:29 +0200
Subject: [PATCH] i8254: Fix migration from SLE11 SP2

4
0041-acpi_piix4-Fix-migration-from-SLE11.patch → 0038-acpi_piix4-Fix-migration-from-SLE11.patch
View File

@ -1,4 +1,4 @@
From 54d95bf6b1053208ce3bf31cad9a9cc8cf29c634 Mon Sep 17 00:00:00 2001
From e681140d293caba3f27ccadfd872473725021aa2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 31 Jul 2013 17:32:35 +0200
Subject: [PATCH] acpi_piix4: Fix migration from SLE11 SP2
@ -17,7 +17,7 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/acpi/piix4.c b/hw/acpi/piix4.c
index 17d36bd595..f657eb7474 100644
index a553a7e110..c34f761175 100644
--- a/hw/acpi/piix4.c
+++ b/hw/acpi/piix4.c
@@ -311,7 +311,7 @@ static const VMStateDescription vmstate_cpuhp_state = {

6
0042-Fix-tigervnc-long-press-issue.patch → 0039-Fix-tigervnc-long-press-issue.patch
View File

@ -1,4 +1,4 @@
From 87164237f308f856e2429044f88f7fe61243f745 Mon Sep 17 00:00:00 2001
From 76e9783f2f222d9650e620082cf1741002d9fd88 Mon Sep 17 00:00:00 2001
From: Chunyan Liu <cyliu@suse.com>
Date: Thu, 3 Mar 2016 16:48:17 +0800
Subject: [PATCH] Fix tigervnc long press issue
@ -24,10 +24,10 @@ Signed-off-by: Chunyan Liu <cyliu@suse.com>
1 file changed, 19 insertions(+)
diff --git a/ui/vnc.c b/ui/vnc.c
index 8d0c16b23f..392c466dad 100644
index 486d2759e4..51d6f2353f 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -1770,6 +1770,25 @@ static void do_key_event(VncState *vs, int down, int keycode, int sym)
@@ -1668,6 +1668,25 @@ static void do_key_event(VncState *vs, int down, int keycode, int sym)
if (down)
vs->modifiers_state[keycode] ^= 1;
break;

6
0043-fix-xen-hvm-direct-kernel-boot.patch → 0040-fix-xen-hvm-direct-kernel-boot.patch
View File

@ -1,4 +1,4 @@
From be38f2a0ff94c1c60e51b9d82fdf8d4b038a6c7d Mon Sep 17 00:00:00 2001
From 301054b84a2e3b31768ec107f549e4742c4a15d6 Mon Sep 17 00:00:00 2001
From: Chunyan Liu <cyliu@suse.com>
Date: Fri, 29 Apr 2016 11:17:08 +0800
Subject: [PATCH] fix xen hvm direct kernel boot
@ -29,7 +29,7 @@ Signed-off-by: Chunyan Liu <cyliu@suse.com>
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/hw/core/loader.c b/hw/core/loader.c
index 45742494e6..306b3ed683 100644
index bf17b42cbe..14dc6e116f 100644
--- a/hw/core/loader.c
+++ b/hw/core/loader.c
@@ -55,6 +55,7 @@
@ -40,7 +40,7 @@ index 45742494e6..306b3ed683 100644
#include <zlib.h>
@@ -858,7 +859,10 @@ static void *rom_set_mr(Rom *rom, Object *owner, const char *name)
@@ -866,7 +867,10 @@ static void *rom_set_mr(Rom *rom, Object *owner, const char *name, bool ro)
void *data;
rom->mr = g_malloc(sizeof(*rom->mr));

18
0046-string-input-visitor-Fix-uint64-par.patch → 0041-string-input-visitor-Fix-uint64-par.patch
View File

@ -1,4 +1,4 @@
From 8e642bbb73b0feb46dde13fa960db59efb8c69ed Mon Sep 17 00:00:00 2001
From b6acefe54f39380e601ea553b8d2109c92427143 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Thu, 24 Sep 2015 19:21:11 +0200
Subject: [PATCH] string-input-visitor: Fix uint64 parsing
@ -22,7 +22,7 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 50 insertions(+), 13 deletions(-)
diff --git a/qapi/string-input-visitor.c b/qapi/string-input-visitor.c
index 8dfa561252..1fb43909df 100644
index c089491c24..fedbda7895 100644
--- a/qapi/string-input-visitor.c
+++ b/qapi/string-input-visitor.c
@@ -43,7 +43,8 @@ static void free_range(void *range, void *dummy)
@ -35,7 +35,7 @@ index 8dfa561252..1fb43909df 100644
{
char *str = (char *) siv->string;
long long start, end;
@@ -56,7 +57,11 @@ static int parse_str(StringInputVisitor *siv, const char *name, Error **errp)
@@ -60,7 +61,11 @@ static int parse_str(StringInputVisitor *siv, const char *name, Error **errp)
do {
errno = 0;
@ -48,7 +48,7 @@ index 8dfa561252..1fb43909df 100644
if (errno == 0 && endptr > str) {
if (*endptr == '\0') {
cur = g_malloc0(sizeof(*cur));
@@ -67,7 +72,11 @@ static int parse_str(StringInputVisitor *siv, const char *name, Error **errp)
@@ -71,7 +76,11 @@ static int parse_str(StringInputVisitor *siv, const char *name, Error **errp)
} else if (*endptr == '-') {
str = endptr + 1;
errno = 0;
@ -61,7 +61,7 @@ index 8dfa561252..1fb43909df 100644
if (errno == 0 && endptr > str && start <= end &&
(start > INT64_MAX - 65536 ||
end < start + 65536)) {
@@ -123,7 +132,7 @@ start_list(Visitor *v, const char *name, GenericList **list, size_t size,
@@ -127,7 +136,7 @@ start_list(Visitor *v, const char *name, GenericList **list, size_t size,
assert(list);
siv->list = list;
@ -70,16 +70,16 @@ index 8dfa561252..1fb43909df 100644
*list = NULL;
return;
}
@@ -188,7 +197,7 @@ static void parse_type_int64(Visitor *v, const char *name, int64_t *obj,
return;
}
@@ -215,7 +224,7 @@ static void parse_type_int64(Visitor *v, const char *name, int64_t *obj,
{
StringInputVisitor *siv = to_siv(v);
- if (parse_str(siv, name, errp) < 0) {
+ if (parse_str(siv, name, false, errp) < 0) {
return;
}
@@ -224,15 +233,43 @@ error:
@@ -251,15 +260,43 @@ error:
static void parse_type_uint64(Visitor *v, const char *name, uint64_t *obj,
Error **errp)
{

8
0047-test-string-input-visitor-Add-int-t.patch → 0042-test-string-input-visitor-Add-int-t.patch
View File

@ -1,4 +1,4 @@
From 70f17e51a9347f19c159e84dc39359e762ca224d Mon Sep 17 00:00:00 2001
From 610feec09278e8f2112c77c32d9c2e6633859730 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Thu, 24 Sep 2015 19:23:50 +0200
Subject: [PATCH] test-string-input-visitor: Add int test case
@ -14,10 +14,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 8 insertions(+)
diff --git a/tests/test-string-input-visitor.c b/tests/test-string-input-visitor.c
index 7f10e2582f..62ddcb1583 100644
index 79313a7f7a..e00194a649 100644
--- a/tests/test-string-input-visitor.c
+++ b/tests/test-string-input-visitor.c
@@ -56,6 +56,14 @@ static void test_visitor_in_int(TestInputVisitorData *data,
@@ -58,6 +58,14 @@ static void test_visitor_in_int(TestInputVisitorData *data,
visit_type_int(v, NULL, &res, &err);
g_assert(!err);
g_assert_cmpint(res, ==, value);
@ -30,5 +30,5 @@ index 7f10e2582f..62ddcb1583 100644
+ g_assert(!err);
+ g_assert_cmpint(res, ==, value);
visitor_input_teardown(data, unused);
v = visitor_input_test_init(data, "not an int");

12
0048-test-string-input-visitor-Add-uint6.patch → 0043-test-string-input-visitor-Add-uint6.patch
View File

@ -1,4 +1,4 @@
From 6afc22092786abd94108345c608892317aadb27a Mon Sep 17 00:00:00 2001
From c22b22f0d807e8dc81c94dfbea4d95864bd79586 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Thu, 24 Sep 2015 19:24:23 +0200
Subject: [PATCH] test-string-input-visitor: Add uint64 test
@ -15,10 +15,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 23 insertions(+)
diff --git a/tests/test-string-input-visitor.c b/tests/test-string-input-visitor.c
index 62ddcb1583..214cce2d3b 100644
index e00194a649..558782796a 100644
--- a/tests/test-string-input-visitor.c
+++ b/tests/test-string-input-visitor.c
@@ -73,6 +73,27 @@ static void test_visitor_in_int(TestInputVisitorData *data,
@@ -78,6 +78,27 @@ static void test_visitor_in_int(TestInputVisitorData *data,
error_free_or_abort(&err);
}
@ -43,10 +43,10 @@ index 62ddcb1583..214cce2d3b 100644
+ g_assert_cmpint(res, ==, value);
+}
+
static void test_visitor_in_intList(TestInputVisitorData *data,
const void *unused)
static void check_ilist(Visitor *v, int64_t *expected, size_t n)
{
@@ -275,6 +296,8 @@ int main(int argc, char **argv)
int64List *res = NULL;
@@ -364,6 +385,8 @@ int main(int argc, char **argv)
input_visitor_test_add("/string-visitor/input/int",
&in_visitor_data, test_visitor_in_int);

236
0044-ARM-KVM-Enable-in-kernel-timers-wit.patch
View File

@ -1,236 +0,0 @@
From 992fa3653d4f6202269df90e32160baf542f058a Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 19 Sep 2016 10:02:55 +0200
Subject: [PATCH] ARM: KVM: Enable in-kernel timers with user space gic
When running with KVM enabled, you can choose between emulating the
gic in kernel or user space. If the kernel supports in-kernel virtualization
of the interrupt controller, it will default to that. If not, if will
default to user space emulation.
Unfortunately when running in user mode gic emulation, we miss out on
timer events which are only available from kernel space. This patch leverages
the new kernel/user space notification mechanism for those timer events.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
hw/arm/virt.c | 18 ++++++++++++++++++
hw/intc/Makefile.objs | 2 +-
hw/intc/arm_gic.c | 16 ++++++++++++++++
linux-headers/linux/kvm.h | 14 ++++++++++++++
target-arm/kvm.c | 29 ++++++++++++++++++++++++++++-
target-arm/kvm_arm.h | 11 +++++++++++
6 files changed, 88 insertions(+), 2 deletions(-)
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index d04e4acbd9..2fbba49132 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -623,6 +623,24 @@ static void create_gic(VirtBoardInfo *vbi, qemu_irq *pic, int type,
} else if (type == 2) {
create_v2m(vbi, pic);
}
+
+#ifdef CONFIG_KVM
+ if (kvm_enabled() && !kvm_irqchip_in_kernel()) {
+ for (i = 0; i < smp_cpus; i++) {
+ CPUState *cs = qemu_get_cpu(i);
+ int ret;
+
+ ret = kvm_vcpu_enable_cap(cs, KVM_CAP_ARM_TIMER, 0,
+ KVM_ARM_TIMER_VTIMER);
+
+ if (ret) {
+ error_report("KVM with user space irqchip only works when the "
+ "host kernel supports KVM_CAP_ARM_TIMER");
+ exit(1);
+ }
+ }
+ }
+#endif
}
static void create_uart(const VirtBoardInfo *vbi, qemu_irq *pic, int uart,
diff --git a/hw/intc/Makefile.objs b/hw/intc/Makefile.objs
index 2f44a2da26..73cb694e44 100644
--- a/hw/intc/Makefile.objs
+++ b/hw/intc/Makefile.objs
@@ -10,7 +10,6 @@ common-obj-$(CONFIG_REALVIEW) += realview_gic.o
common-obj-$(CONFIG_SLAVIO) += slavio_intctl.o
common-obj-$(CONFIG_IOAPIC) += ioapic_common.o
common-obj-$(CONFIG_ARM_GIC) += arm_gic_common.o
-common-obj-$(CONFIG_ARM_GIC) += arm_gic.o
common-obj-$(CONFIG_ARM_GIC) += arm_gicv2m.o
common-obj-$(CONFIG_ARM_GIC) += arm_gicv3_common.o
common-obj-$(CONFIG_ARM_GIC) += arm_gicv3.o
@@ -21,6 +20,7 @@ common-obj-$(CONFIG_OPENPIC) += openpic.o
common-obj-y += intc.o
obj-$(CONFIG_APIC) += apic.o apic_common.o
+obj-$(CONFIG_ARM_GIC) += arm_gic.o
obj-$(CONFIG_ARM_GIC_KVM) += arm_gic_kvm.o
obj-$(call land,$(CONFIG_ARM_GIC_KVM),$(TARGET_AARCH64)) += arm_gicv3_kvm.o
obj-$(call land,$(CONFIG_ARM_GIC_KVM),$(TARGET_AARCH64)) += arm_gicv3_its_kvm.o
diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c
index 521aac3cc6..21236499f1 100644
--- a/hw/intc/arm_gic.c
+++ b/hw/intc/arm_gic.c
@@ -25,6 +25,7 @@
#include "qom/cpu.h"
#include "qemu/log.h"
#include "trace.h"
+#include "kvm_arm.h"
//#define DEBUG_GIC
@@ -557,6 +558,11 @@ static void gic_deactivate_irq(GICState *s, int cpu, int irq, MemTxAttrs attrs)
return;
}
+ /* Tell KVM that we want to know about timer IRQs again */
+ if (kvm_enabled()) {
+ kvm_arm_eoi_notify(cpu);
+ }
+
GIC_CLEAR_ACTIVE(irq, cm);
}
@@ -566,6 +572,12 @@ void gic_complete_irq(GICState *s, int cpu, int irq, MemTxAttrs attrs)
int group;
DPRINTF("EOI %d\n", irq);
+
+ /* Tell KVM that we want to know about timer IRQs again */
+ if (kvm_enabled()) {
+ kvm_arm_eoi_notify(cpu);
+ }
+
if (irq >= s->num_irq) {
/* This handles two cases:
* 1. If software writes the ID of a spurious interrupt [ie 1023]
@@ -915,6 +927,10 @@ static void gic_dist_writeb(void *opaque, hwaddr offset,
trace_gic_enable_irq(irq + i);
}
GIC_SET_ENABLED(irq + i, cm);
+ /* Tell KVM that we want to know about timer IRQs again */
+ if (kvm_enabled()) {
+ kvm_arm_eoi_notify(cpu);
+ }
/* If a raised level triggered IRQ enabled then mark
is as pending. */
if (GIC_TEST_LEVEL(irq + i, mask)
diff --git a/linux-headers/linux/kvm.h b/linux-headers/linux/kvm.h
index 4806e069e7..ffcacf8f0c 100644
--- a/linux-headers/linux/kvm.h
+++ b/linux-headers/linux/kvm.h
@@ -205,6 +205,7 @@ struct kvm_hyperv_exit {
#define KVM_EXIT_S390_STSI 25
#define KVM_EXIT_IOAPIC_EOI 26
#define KVM_EXIT_HYPERV 27
+#define KVM_EXIT_ARM_TIMER 28
/* For KVM_EXIT_INTERNAL_ERROR */
/* Emulate instruction failed. */
@@ -361,6 +362,10 @@ struct kvm_run {
} eoi;
/* KVM_EXIT_HYPERV */
struct kvm_hyperv_exit hyperv;
+ /* KVM_EXIT_ARM_TIMER */
+ struct {
+ __u8 timesource;
+ } arm_timer;
/* Fix the size of the union. */
char padding[256];
};
@@ -870,6 +875,7 @@ struct kvm_ppc_smmu_info {
#define KVM_CAP_S390_USER_INSTR0 130
#define KVM_CAP_MSI_DEVID 131
#define KVM_CAP_PPC_HTM 132
+#define KVM_CAP_ARM_TIMER 133
#ifdef KVM_CAP_IRQ_ROUTING
@@ -1327,4 +1333,12 @@ struct kvm_assigned_msix_entry {
#define KVM_X2APIC_API_USE_32BIT_IDS (1ULL << 0)
#define KVM_X2APIC_API_DISABLE_BROADCAST_QUIRK (1ULL << 1)
+/* Available with KVM_CAP_ARM_TIMER */
+
+/* Bits for run->request_interrupt_window */
+#define KVM_IRQWINDOW_VTIMER (1 << 0)
+
+/* Bits for run->arm_timer.timesource */
+#define KVM_ARM_TIMER_VTIMER (1 << 0)
+
#endif /* __LINUX_KVM_H */
diff --git a/target-arm/kvm.c b/target-arm/kvm.c
index c00b94e42a..a4786a0a0b 100644
--- a/target-arm/kvm.c
+++ b/target-arm/kvm.c
@@ -530,7 +530,6 @@ MemTxAttrs kvm_arch_post_run(CPUState *cs, struct kvm_run *run)
return MEMTXATTRS_UNSPECIFIED;
}
-
int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
{
int ret = 0;
@@ -541,6 +540,23 @@ int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
ret = EXCP_DEBUG;
} /* otherwise return to guest */
break;
+ case KVM_EXIT_ARM_TIMER:
+ /* We only support the vtimer today */
+ if (run->arm_timer.timesource != KVM_ARM_TIMER_VTIMER) {
+ return -EINVAL;
+ }
+
+ /*
+ * We ask the kernel to not tell us about pending virtual timer irqs,
+ * so that we can process the IRQ until we get an EOI for it. Once the
+ * EOI hits, we unset and unmask the interrupt again and if it is still
+ * pending, we set the line high again
+ */
+ run->request_interrupt_window = KVM_IRQWINDOW_VTIMER;
+
+ /* Internally trigger virtual timer IRQ */
+ qemu_set_irq(ARM_CPU(cs)->gt_timer_outputs[GTIMER_VIRT], 1);
+ break;
default:
qemu_log_mask(LOG_UNIMP, "%s: un-handled exit reason %d\n",
__func__, run->exit_reason);
@@ -638,3 +654,14 @@ int kvm_arch_msi_data_to_gsi(uint32_t data)
{
return (data - 32) & 0xffff;
}
+
+void kvm_arm_eoi_notify(int cpu)
+{
+ CPUState *cs;
+
+ cs = qemu_get_cpu(cpu);
+
+ /* Disable vtimer - if it's still pending we get notified again */
+ cs->kvm_run->request_interrupt_window &= ~KVM_ARM_TIMER_VTIMER;
+ qemu_set_irq(ARM_CPU(cs)->gt_timer_outputs[GTIMER_VIRT], 0);
+}
diff --git a/target-arm/kvm_arm.h b/target-arm/kvm_arm.h
index 633d08828a..eeec8c5b20 100644
--- a/target-arm/kvm_arm.h
+++ b/target-arm/kvm_arm.h
@@ -288,4 +288,15 @@ static inline const char *its_class_name(void)
}
}
+/**
+ * kvm_arm_eoi_notify:
+ *
+ * @cpu: CPU index the EOI is for
+ *
+ * Notify KVM that we're done processing an interrupt. This is
+ * used to unmask any pending timer interrupts and potentially
+ * learn about the fact that the level is still high.
+ */
+void kvm_arm_eoi_notify(int cpu);
+
#endif

18
0049-tests-Add-QOM-property-unit-tests.patch → 0044-tests-Add-QOM-property-unit-tests.patch
View File

@ -1,4 +1,4 @@
From bf1cd7a4b8d686cda17d594edf4739a2a28200b9 Mon Sep 17 00:00:00 2001
From 1c4096e92b45e128c7b10d7eb03c64b1f6437152 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Sun, 6 Sep 2015 20:12:42 +0200
Subject: [PATCH] tests: Add QOM property unit tests
@ -17,10 +17,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
create mode 100644 tests/check-qom-props.c
diff --git a/MAINTAINERS b/MAINTAINERS
index 4a605791fc..f003db2c5c 100644
index c60235eaf6..a023f5d70e 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1361,6 +1361,7 @@ F: qom/
@@ -1419,6 +1419,7 @@ F: qom/
X: qom/cpu.c
F: tests/check-qom-interface.c
F: tests/check-qom-proplist.c
@ -29,25 +29,25 @@ index 4a605791fc..f003db2c5c 100644
QMP
diff --git a/tests/Makefile.include b/tests/Makefile.include
index e98d3b6bb3..958f768eba 100644
index f3de81fcfb..ca8f859f79 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -86,6 +86,8 @@ check-unit-y += tests/check-qom-interface$(EXESUF)
@@ -92,6 +92,8 @@ check-unit-y += tests/check-qom-interface$(EXESUF)
gcov-files-check-qom-interface-y = qom/object.c
check-unit-y += tests/check-qom-proplist$(EXESUF)
gcov-files-check-qom-proplist-y = qom/object.c
+check-unit-y += tests/check-qom-props$(EXESUF)
+gcov-files-check-qom-props-y = qom/object.c
check-unit-y += tests/test-qemu-opts$(EXESUF)
gcov-files-test-qemu-opts-y = qom/test-qemu-opts.c
check-unit-y += tests/test-write-threshold$(EXESUF)
@@ -487,6 +489,7 @@ tests/check-qnull$(EXESUF): tests/check-qnull.o $(test-util-obj-y)
gcov-files-test-qemu-opts-y = util/qemu-option.c
check-unit-y += tests/test-keyval$(EXESUF)
@@ -537,6 +539,7 @@ tests/check-qnull$(EXESUF): tests/check-qnull.o $(test-util-obj-y)
tests/check-qjson$(EXESUF): tests/check-qjson.o $(test-util-obj-y)
tests/check-qom-interface$(EXESUF): tests/check-qom-interface.o $(test-qom-obj-y)
tests/check-qom-proplist$(EXESUF): tests/check-qom-proplist.o $(test-qom-obj-y)
+tests/check-qom-props$(EXESUF): tests/check-qom-props.o $(test-qom-obj-y)
tests/test-char$(EXESUF): tests/test-char.o qemu-char.o qemu-timer.o $(test-util-obj-y) $(qtest-obj-y) $(test-io-obj-y)
tests/test-char$(EXESUF): tests/test-char.o $(test-util-obj-y) $(qtest-obj-y) $(test-io-obj-y) $(chardev-obj-y)
tests/test-coroutine$(EXESUF): tests/test-coroutine.o $(test-block-obj-y)
diff --git a/tests/check-qom-props.c b/tests/check-qom-props.c
new file mode 100644

20
0050-tests-Add-scsi-disk-test.patch → 0045-tests-Add-scsi-disk-test.patch
View File

@ -1,4 +1,4 @@
From e01538b7559d5560be963fc679f51e7441111fc2 Mon Sep 17 00:00:00 2001
From 5739c0d7a8ddc5aeb056aee239b2339df4d22189 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Fri, 25 Sep 2015 12:31:11 +0200
Subject: [PATCH] tests: Add scsi-disk test
@ -20,10 +20,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
create mode 100644 tests/scsi-disk-test.c
diff --git a/MAINTAINERS b/MAINTAINERS
index f003db2c5c..fcf633640e 100644
index a023f5d70e..9840d5bb68 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -920,6 +920,7 @@ M: Paolo Bonzini <pbonzini@redhat.com>
@@ -957,6 +957,7 @@ M: Paolo Bonzini <pbonzini@redhat.com>
S: Supported
F: include/hw/scsi/*
F: hw/scsi/*
@ -32,10 +32,10 @@ index f003db2c5c..fcf633640e 100644
T: git git://github.com/bonzini/qemu.git scsi-next
diff --git a/tests/Makefile.include b/tests/Makefile.include
index 958f768eba..5643e8fa64 100644
index ca8f859f79..85187d4b8c 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -148,6 +148,8 @@ check-qtest-virtio-y += tests/virtio-rng-test$(EXESUF)
@@ -161,6 +161,8 @@ check-qtest-virtio-y += tests/virtio-rng-test$(EXESUF)
gcov-files-virtio-y += hw/virtio/virtio-rng.c
check-qtest-virtio-y += tests/virtio-scsi-test$(EXESUF)
gcov-files-virtio-y += i386-softmmu/hw/scsi/virtio-scsi.c
@ -44,14 +44,14 @@ index 958f768eba..5643e8fa64 100644
ifeq ($(CONFIG_VIRTIO)$(CONFIG_VIRTFS)$(CONFIG_PCI),yyy)
check-qtest-virtio-y += tests/virtio-9p-test$(EXESUF)
gcov-files-virtio-y += hw/9pfs/virtio-9p.c
@@ -682,6 +684,7 @@ tests/usb-hcd-xhci-test$(EXESUF): tests/usb-hcd-xhci-test.o $(libqos-usb-obj-y)
tests/pc-cpu-test$(EXESUF): tests/pc-cpu-test.o
tests/postcopy-test$(EXESUF): tests/postcopy-test.o
tests/vhost-user-test$(EXESUF): tests/vhost-user-test.o qemu-char.o qemu-timer.o $(qtest-obj-y) $(test-io-obj-y) $(libqos-virtio-obj-y) $(libqos-pc-obj-y)
@@ -741,6 +743,7 @@ tests/postcopy-test$(EXESUF): tests/postcopy-test.o
tests/vhost-user-test$(EXESUF): tests/vhost-user-test.o $(test-util-obj-y) \
$(qtest-obj-y) $(test-io-obj-y) $(libqos-virtio-obj-y) $(libqos-pc-obj-y) \
$(chardev-obj-y)
+tests/scsi-disk-test$(EXESUF): tests/scsi-disk-test.o
tests/qemu-iotests/socket_scm_helper$(EXESUF): tests/qemu-iotests/socket_scm_helper.o
tests/test-qemu-opts$(EXESUF): tests/test-qemu-opts.o $(test-util-obj-y)
tests/test-write-threshold$(EXESUF): tests/test-write-threshold.o $(test-block-obj-y)
tests/test-keyval$(EXESUF): tests/test-keyval.o $(test-util-obj-y) $(test-qapi-obj-y)
diff --git a/tests/scsi-disk-test.c b/tests/scsi-disk-test.c
new file mode 100644
index 0000000000..f19f93d97a

44
0045-virtio-gpu-call-cleanup-mapping-fun.patch
View File

@ -1,44 +0,0 @@
From 7b6b039ba580ddafdb3a0377f3c39c8d5e57bbc6 Mon Sep 17 00:00:00 2001
From: Li Qiang <liq3ea@gmail.com>
Date: Mon, 28 Nov 2016 21:29:25 -0500
Subject: [PATCH] virtio-gpu: call cleanup mapping function in resource destroy
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
If the guest destroy the resource before detach banking, the 'iov'
and 'addrs' field in resource is not freed thus leading memory
leak issue. This patch avoid this.
Signed-off-by: Li Qiang <liq3ea@gmail.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 1480386565-10077-1-git-send-email-liq3ea@gmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit b8e23926c568f2e963af39028b71c472e3023793)
BR: CVE-2016-9912 BSC#1014112]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/virtio-gpu.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c
index 5f32e1aae9..3eafe495ef 100644
--- a/hw/display/virtio-gpu.c
+++ b/hw/display/virtio-gpu.c
@@ -28,6 +28,8 @@
static struct virtio_gpu_simple_resource*
virtio_gpu_find_resource(VirtIOGPU *g, uint32_t resource_id);
+static void virtio_gpu_cleanup_mapping(struct virtio_gpu_simple_resource *res);
+
#ifdef CONFIG_VIRGL
#include <virglrenderer.h>
#define VIRGL(_g, _virgl, _simple, ...) \
@@ -359,6 +361,7 @@ static void virtio_gpu_resource_destroy(VirtIOGPU *g,
struct virtio_gpu_simple_resource *res)
{
pixman_image_unref(res->image);
+ virtio_gpu_cleanup_mapping(res);
QTAILQ_REMOVE(&g->reslist, res, next);
g_free(res);
}

66
0046-RFC-update-Linux-headers-from-irqs-.patch Normal file
View File

@ -0,0 +1,66 @@
From bc9b2977224fcea4131448ade1e122c36411435d Mon Sep 17 00:00:00 2001
From: Christoffer Dall <cdall@linaro.org>
Date: Tue, 28 Mar 2017 16:12:03 +0200
Subject: [PATCH] RFC: update Linux headers from irqs-to-user-v3
Get ioctl number and definitions for KVM_CAP_ARM_USER_IRQ.
Signed-off-by: Christoffer Dall <cdall@linaro.org>
[agraf: change cap to indicate downstream status]
Signed-off-by: Alexander Graf <agraf@suse.de>
---
linux-headers/asm-arm/kvm.h | 2 ++
linux-headers/asm-arm64/kvm.h | 2 ++
linux-headers/linux/kvm.h | 8 ++++++++
3 files changed, 12 insertions(+)
diff --git a/linux-headers/asm-arm/kvm.h b/linux-headers/asm-arm/kvm.h
index 1101d55d2f..8a1654a55b 100644
--- a/linux-headers/asm-arm/kvm.h
+++ b/linux-headers/asm-arm/kvm.h
@@ -114,6 +114,8 @@ struct kvm_debug_exit_arch {
};
struct kvm_sync_regs {
+ /* Used with KVM_CAP_ARM_USER_IRQ */
+ __u64 device_irq_level;
};
struct kvm_arch_memory_slot {
diff --git a/linux-headers/asm-arm64/kvm.h b/linux-headers/asm-arm64/kvm.h
index 651ec30040..1bc8346f0d 100644
--- a/linux-headers/asm-arm64/kvm.h
+++ b/linux-headers/asm-arm64/kvm.h
@@ -143,6 +143,8 @@ struct kvm_debug_exit_arch {
#define KVM_GUESTDBG_USE_HW (1 << 17)
struct kvm_sync_regs {
+ /* Used with KVM_CAP_ARM_USER_IRQ */
+ __u64 device_irq_level;
};
struct kvm_arch_memory_slot {
diff --git a/linux-headers/linux/kvm.h b/linux-headers/linux/kvm.h
index 4e082a81b4..72f0d21103 100644
--- a/linux-headers/linux/kvm.h
+++ b/linux-headers/linux/kvm.h
@@ -883,6 +883,7 @@ struct kvm_ppc_resize_hpt {
#define KVM_CAP_PPC_MMU_RADIX 134
#define KVM_CAP_PPC_MMU_HASH_V3 135
#define KVM_CAP_IMMEDIATE_EXIT 136
+#define KVM_CAP_ARM_USER_IRQ (0x1000 | 137)
#ifdef KVM_CAP_IRQ_ROUTING
@@ -1354,4 +1355,11 @@ struct kvm_assigned_msix_entry {
#define KVM_X2APIC_API_USE_32BIT_IDS (1ULL << 0)
#define KVM_X2APIC_API_DISABLE_BROADCAST_QUIRK (1ULL << 1)
+/* Available with KVM_CAP_ARM_USER_IRQ */
+
+/* Bits for run->s.regs.device_irq_level */
+#define KVM_ARM_DEV_EL1_VTIMER (1 << 0)
+#define KVM_ARM_DEV_EL1_PTIMER (1 << 1)
+#define KVM_ARM_DEV_PMU (1 << 2)
+
#endif /* __LINUX_KVM_H */

108
0047-ARM-KVM-Enable-in-kernel-timers-wit.patch Normal file
View File

@ -0,0 +1,108 @@
From 3227a2bdc7a494194a6a4f7d5653ff178ecb1b2f Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 19 Sep 2016 10:02:55 +0200
Subject: [PATCH] ARM: KVM: Enable in-kernel timers with user space gic
When running with KVM enabled, you can choose between emulating the
gic in kernel or user space. If the kernel supports in-kernel virtualization
of the interrupt controller, it will default to that. If not, if will
default to user space emulation.
Unfortunately when running in user mode gic emulation, we miss out on
timer events which are only available from kernel space. This patch leverages
the new kernel/user space pending line synchronization for those timer events.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
hw/arm/virt.c | 10 ++++++++++
target/arm/cpu.h | 3 +++
target/arm/kvm.c | 31 ++++++++++++++++++++++++++++++-
3 files changed, 43 insertions(+), 1 deletion(-)
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index 5f62a0321e..a1d24a4db6 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -609,6 +609,16 @@ static void create_gic(VirtMachineState *vms, qemu_irq *pic)
} else if (type == 2) {
create_v2m(vms, pic);
}
+
+#ifdef CONFIG_KVM
+ if (kvm_enabled() && !kvm_irqchip_in_kernel()) {
+ if (!kvm_check_extension(kvm_state, KVM_CAP_ARM_USER_IRQ)) {
+ error_report("KVM with user space irqchip only works when the "
+ "host kernel supports KVM_CAP_ARM_USER_IRQ");
+ exit(1);
+ }
+ }
+#endif
}
static void create_uart(const VirtMachineState *vms, qemu_irq *pic, int uart,
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index a8aabce7dd..19cb596449 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -702,6 +702,9 @@ struct ARMCPU {
ARMELChangeHook *el_change_hook;
void *el_change_hook_opaque;
+
+ /* Used to synchronize KVM and QEMU timer levels */
+ uint64_t device_irq_level;
};
static inline ARMCPU *arm_env_get_cpu(CPUARMState *env)
diff --git a/target/arm/kvm.c b/target/arm/kvm.c
index 45554682f2..dccb326615 100644
--- a/target/arm/kvm.c
+++ b/target/arm/kvm.c
@@ -174,6 +174,12 @@ int kvm_arch_init(MachineState *ms, KVMState *s)
*/
kvm_async_interrupts_allowed = true;
+ /*
+ * PSCI wakes up secondary cores, so we always need to
+ * have vCPUs waiting in kernel space
+ */
+ kvm_halt_in_kernel_allowed = true;
+
cap_has_mp_state = kvm_check_extension(s, KVM_CAP_MP_STATE);
type_register_static(&host_arm_cpu_type_info);
@@ -528,10 +534,33 @@ void kvm_arch_pre_run(CPUState *cs, struct kvm_run *run)
MemTxAttrs kvm_arch_post_run(CPUState *cs, struct kvm_run *run)
{
+ ARMCPU *cpu;
+
+ if (kvm_irqchip_in_kernel()) {
+ /*
+ * We only need to sync timer states with user-space interrupt
+ * controllers, so return early and save cycles if we don't.
+ */
+ return MEMTXATTRS_UNSPECIFIED;
+ }
+
+ cpu = ARM_CPU(cs);
+
+ /* Synchronize our internal vtimer irq line with the kvm one */
+ if (run->s.regs.device_irq_level != cpu->device_irq_level) {
+ qemu_mutex_lock_iothread();
+ qemu_set_irq(cpu->gt_timer_outputs[GTIMER_VIRT],
+ run->s.regs.device_irq_level & KVM_ARM_DEV_EL1_VTIMER);
+ qemu_set_irq(cpu->gt_timer_outputs[GTIMER_PHYS],
+ run->s.regs.device_irq_level & KVM_ARM_DEV_EL1_PTIMER);
+ /* TODO: Handle changes in PMU as well */
+ cpu->device_irq_level = run->s.regs.device_irq_level;
+ qemu_mutex_unlock_iothread();
+ }
+
return MEMTXATTRS_UNSPECIFIED;
}
-
int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
{
int ret = 0;

50
0048-input-Add-trace-event-for-empty-key.patch Normal file
View File

@ -0,0 +1,50 @@
From 99ce69e23c7154ccaee85137c121bb6b8bab8275 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 30 Mar 2017 16:22:55 +0200
Subject: [PATCH] input: Add trace event for empty keyboard queue
When driving QEMU from the outside, we have basically no chance to
determine how quickly the guest OS picks up key events, so we usually
have to limit ourselves to very slow keyboard presses to make sure
the guest always has enough chance to pick them up.
This patch adds a trace events when the keyboarde queue is drained.
An external driver can use that as hint that new keys can be pressed.
Signed-off-by: Alexander Graf <agraf@suse.de>
Message-id: 1490883775-94658-1-git-send-email-agraf@suse.de
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
[BR: BSC#1031692]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/input/hid.c | 4 ++++
hw/input/trace-events | 1 +
2 files changed, 5 insertions(+)
diff --git a/hw/input/hid.c b/hw/input/hid.c
index fa9cc4c616..93887ecc43 100644
--- a/hw/input/hid.c
+++ b/hw/input/hid.c
@@ -256,6 +256,10 @@ static void hid_keyboard_process_keycode(HIDState *hs)
slot = hs->head & QUEUE_MASK; QUEUE_INCR(hs->head); hs->n--;
keycode = hs->kbd.keycodes[slot];
+ if (!hs->n) {
+ trace_hid_kbd_queue_empty();
+ }
+
key = keycode & 0x7f;
index = key | ((hs->kbd.modifiers & (1 << 8)) >> 1);
hid_code = hid_usage_keys[index];
diff --git a/hw/input/trace-events b/hw/input/trace-events
index f3bfbede5c..5a87818b49 100644
--- a/hw/input/trace-events
+++ b/hw/input/trace-events
@@ -24,6 +24,7 @@ milkymist_softusb_pulse_irq(void) "Pulse IRQ"
# hw/input/hid.c
hid_kbd_queue_full(void) "queue full"
+hid_kbd_queue_empty(void) "queue empty"
# hw/input/virtio
virtio_input_queue_full(void) "queue full"

47
0049-ACPI-don-t-call-acpi_pcihp_device_p.patch Normal file
View File

@ -0,0 +1,47 @@
From e4733da636cf6a2b53ae1fdfc5c934576e1970a6 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Thu, 27 Apr 2017 13:43:58 -0600
Subject: [PATCH] ACPI: don't call acpi_pcihp_device_plug_cb on xen
Commit f0c9d64a exposed the issue that with a xenfv machine using
pci passthrough, acpi cpi hotplug code was being executed by mistake.
Guard calls to acpi_pcihp_device_plug_cb (and corresponding
acpi_pcihp_device_unplug_cb) with a check for xen_enabled(). Without
this check I am seeing an error that the bus doesn't have the
acpi-pcihp-bsel property set.
[BR: BSC#1034131]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/acpi/piix4.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/hw/acpi/piix4.c b/hw/acpi/piix4.c
index c34f761175..ae1cb26a82 100644
--- a/hw/acpi/piix4.c
+++ b/hw/acpi/piix4.c
@@ -385,7 +385,10 @@ static void piix4_device_plug_cb(HotplugHandler *hotplug_dev,
dev, errp);
}
} else if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
- acpi_pcihp_device_plug_cb(hotplug_dev, &s->acpi_pci_hotplug, dev, errp);
+ if (!xen_enabled()) {
+ acpi_pcihp_device_plug_cb(hotplug_dev, &s->acpi_pci_hotplug, dev,
+ errp);
+ }
} else if (object_dynamic_cast(OBJECT(dev), TYPE_CPU)) {
if (s->cpu_hotplug_legacy) {
legacy_acpi_cpu_plug_cb(hotplug_dev, &s->gpe_cpu, dev, errp);
@@ -408,8 +411,10 @@ static void piix4_device_unplug_request_cb(HotplugHandler *hotplug_dev,
acpi_memory_unplug_request_cb(hotplug_dev, &s->acpi_memory_hotplug,
dev, errp);
} else if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
- acpi_pcihp_device_unplug_cb(hotplug_dev, &s->acpi_pci_hotplug, dev,
- errp);
+ if (!xen_enabled()) {
+ acpi_pcihp_device_unplug_cb(hotplug_dev, &s->acpi_pci_hotplug, dev,
+ errp);
+ }
} else if (object_dynamic_cast(OBJECT(dev), TYPE_CPU) &&
!s->cpu_hotplug_legacy) {
acpi_cpu_unplug_request_cb(hotplug_dev, &s->cpuhp_state, dev, errp);

102
0050-i386-Allow-cpuid-bit-override.patch Normal file
View File

@ -0,0 +1,102 @@
From 5cff035804d92d336b27c368754b63e2dccbba90 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 28 Mar 2017 05:27:00 -0600
Subject: [PATCH] i386: Allow cpuid bit override
KVM has a feature bitmap of CPUID bits that it knows works for guests.
QEMU removes bits that are not part of that bitmap automatically on VM
start.
However, some times we just don't list features in that list because
they don't make sense for normal scenarios, but may be useful in specific,
targeted workloads.
For that purpose, add a new =force option to all CPUID feature flags in
the CPU property. With that we can override the accel filtering and give
users full control over the CPUID feature bits exposed into guests.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
target/i386/cpu.c | 25 ++++++++++++++++++++++---
target/i386/cpu.h | 3 +++
2 files changed, 25 insertions(+), 3 deletions(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 13c0985f11..6105fc513e 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -2229,7 +2229,7 @@ void x86_cpu_list(FILE *f, fprintf_function cpu_fprintf)
g_slist_foreach(list, x86_cpu_list_entry, &s);
g_slist_free(list);
- (*cpu_fprintf)(f, "\nRecognized CPUID flags:\n");
+ (*cpu_fprintf)(f, "\nRecognized CPUID flags (=on|=off|=force):\n");
for (i = 0; i < ARRAY_SIZE(feature_word_info); i++) {
FeatureWordInfo *fw = &feature_word_info[i];
@@ -3464,6 +3464,7 @@ static int x86_cpu_filter_features(X86CPU *cpu)
x86_cpu_get_supported_feature_word(w, false);
uint32_t requested_features = env->features[w];
env->features[w] &= host_feat;
+ env->features[w] |= cpu->forced_features[w];
cpu->filtered_features[w] = requested_features & ~env->features[w];
if (cpu->filtered_features[w]) {
rv = 1;
@@ -3706,8 +3707,17 @@ static void x86_cpu_get_bit_prop(Object *obj, Visitor *v, const char *name,
X86CPU *cpu = X86_CPU(obj);
BitProperty *fp = opaque;
uint32_t f = cpu->env.features[fp->w];
+ uint32_t ff = cpu->forced_features[fp->w];
bool value = (f & fp->mask) == fp->mask;
- visit_type_bool(v, name, &value, errp);
+ bool forced = (ff & fp->mask) == fp->mask;
+ char str[] = "force";
+ char *strval = str;
+
+ if (forced) {
+ visit_type_str(v, name, &strval, errp);
+ } else {
+ visit_type_bool(v, name, &value, errp);
+ }
}
static void x86_cpu_set_bit_prop(Object *obj, Visitor *v, const char *name,
@@ -3717,6 +3727,7 @@ static void x86_cpu_set_bit_prop(Object *obj, Visitor *v, const char *name,
X86CPU *cpu = X86_CPU(obj);
BitProperty *fp = opaque;
Error *local_err = NULL;
+ char *strval = NULL;
bool value;
if (dev->realized) {
@@ -3724,7 +3735,15 @@ static void x86_cpu_set_bit_prop(Object *obj, Visitor *v, const char *name,
return;
}
- visit_type_bool(v, name, &value, &local_err);
+ visit_type_str(v, name, &strval, &local_err);
+ if (!local_err && !strcmp(strval, "force")) {
+ value = true;
+ cpu->forced_features[fp->w] |= fp->mask;
+ } else {
+ local_err = NULL;
+ visit_type_bool(v, name, &value, &local_err);
+ }
+
if (local_err) {
error_propagate(errp, local_err);
return;
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index 81c02c5a3b..a458c3af9b 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -1230,6 +1230,9 @@ struct X86CPU {
/* Features that were filtered out because of missing host capabilities */
uint32_t filtered_features[FEATURE_WORDS];
+ /* Features that are force enabled despite incompatible accel */
+ uint32_t forced_features[FEATURE_WORDS];
+
/* Enable PMU CPUID bits. This can't be enabled by default yet because
* it doesn't have ABI stability guarantees, as it passes all PMU CPUID
* bits returned by GET_SUPPORTED_CPUID (that depend on host CPU and kernel

90
0051-input-limit-kbd-queue-depth.patch Normal file
View File

@ -0,0 +1,90 @@
From 60f3bfde84c98a31a1de4542fbab456ae83c4cbb Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Fri, 28 Apr 2017 10:42:37 +0200
Subject: [PATCH] input: limit kbd queue depth
Apply a limit to the number of items we accept into the keyboard queue.
Impact: Without this limit vnc clients can exhaust host memory by
sending keyboard events faster than qemu feeds them to the guest.
Fixes: CVE-2017-8379
Cc: P J P <ppandit@redhat.com>
Cc: Huawei PSIRT <PSIRT@huawei.com>
Reported-by: jiangxin1@huawei.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20170428084237.23960-1-kraxel@redhat.com
(cherry picked from commit fa18f36a461984eae50ab957e47ec78dae3c14fc)
[BR: BSC#1037334]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
ui/input.c | 14 +++++++++++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/ui/input.c b/ui/input.c
index ed88cda6d6..fb1f404095 100644
--- a/ui/input.c
+++ b/ui/input.c
@@ -41,6 +41,8 @@ static QTAILQ_HEAD(QemuInputEventQueueHead, QemuInputEventQueue) kbd_queue =
QTAILQ_HEAD_INITIALIZER(kbd_queue);
static QEMUTimer *kbd_timer;
static uint32_t kbd_default_delay_ms = 10;
+static uint32_t queue_count;
+static uint32_t queue_limit = 1024;
QemuInputHandlerState *qemu_input_handler_register(DeviceState *dev,
QemuInputHandler *handler)
@@ -268,6 +270,7 @@ static void qemu_input_queue_process(void *opaque)
break;
}
QTAILQ_REMOVE(queue, item, node);
+ queue_count--;
g_free(item);
}
}
@@ -282,6 +285,7 @@ static void qemu_input_queue_delay(struct QemuInputEventQueueHead *queue,
item->delay_ms = delay_ms;
item->timer = timer;
QTAILQ_INSERT_TAIL(queue, item, node);
+ queue_count++;
if (start_timer) {
timer_mod(item->timer, qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL)
@@ -298,6 +302,7 @@ static void qemu_input_queue_event(struct QemuInputEventQueueHead *queue,
item->src = src;
item->evt = evt;
QTAILQ_INSERT_TAIL(queue, item, node);
+ queue_count++;
}
static void qemu_input_queue_sync(struct QemuInputEventQueueHead *queue)
@@ -306,6 +311,7 @@ static void qemu_input_queue_sync(struct QemuInputEventQueueHead *queue)
item->type = QEMU_INPUT_QUEUE_SYNC;
QTAILQ_INSERT_TAIL(queue, item, node);
+ queue_count++;
}
void qemu_input_event_send_impl(QemuConsole *src, InputEvent *evt)
@@ -381,7 +387,7 @@ void qemu_input_event_send_key(QemuConsole *src, KeyValue *key, bool down)
qemu_input_event_send(src, evt);
qemu_input_event_sync();
qapi_free_InputEvent(evt);
- } else {
+ } else if (queue_count < queue_limit) {
qemu_input_queue_event(&kbd_queue, src, evt);
qemu_input_queue_sync(&kbd_queue);
}
@@ -409,8 +415,10 @@ void qemu_input_event_send_key_delay(uint32_t delay_ms)
kbd_timer = timer_new_ms(QEMU_CLOCK_VIRTUAL, qemu_input_queue_process,
&kbd_queue);
}
- qemu_input_queue_delay(&kbd_queue, kbd_timer,
- delay_ms ? delay_ms : kbd_default_delay_ms);
+ if (queue_count < queue_limit) {
+ qemu_input_queue_delay(&kbd_queue, kbd_timer,
+ delay_ms ? delay_ms : kbd_default_delay_ms);
+ }
}
InputEvent *qemu_input_event_new_btn(InputButton btn, bool down)

40
0051-virtio-gpu-fix-information-leak-in-.patch
View File

@ -1,40 +0,0 @@
From 0cfea2b4d63daecfcf05e54e2f1d6755e9158a31 Mon Sep 17 00:00:00 2001
From: Li Qiang <liqiang6-s@360.cn>
Date: Tue, 1 Nov 2016 05:37:57 -0700
Subject: [PATCH] virtio-gpu: fix information leak in capset get dispatch
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
In virgl_cmd_get_capset function, it uses g_malloc to allocate
a response struct to the guest. As the 'resp'struct hasn't been full
initialized it will lead the 'resp->padding' field to the guest.
Use g_malloc0 to avoid this.
Signed-off-by: Li Qiang <liqiang6-s@360.cn>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 58188cae.4a6ec20a.3d2d1.aff2@mx.google.com
[ kraxel: resolved conflict ]
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit 85d9d044471f93c48c5c396f7e217b4ef12f69f8)
[BR: CVE-2016-9908 BSC#1014514]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/virtio-gpu-3d.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c
index 23f39de94d..d98b1404e1 100644
--- a/hw/display/virtio-gpu-3d.c
+++ b/hw/display/virtio-gpu-3d.c
@@ -371,7 +371,7 @@ static void virgl_cmd_get_capset(VirtIOGPU *g,
virgl_renderer_get_cap_set(gc.capset_id, &max_ver,
&max_size);
- resp = g_malloc(sizeof(*resp) + max_size);
+ resp = g_malloc0(sizeof(*resp) + max_size);
resp->hdr.type = VIRTIO_GPU_RESP_OK_CAPSET;
virgl_renderer_fill_caps(gc.capset_id,

38
0052-audio-release-capture-buffers.patch Normal file
View File

@ -0,0 +1,38 @@
From f612e97b6af1cb18d66d70ede8c65faab8c21a5a Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Fri, 28 Apr 2017 09:56:12 +0200
Subject: [PATCH] audio: release capture buffers
AUD_add_capture() allocates two buffers which are never released.
Add the missing calls to AUD_del_capture().
Impact: Allows vnc clients to exhaust host memory by repeatedly
starting and stopping audio capture.
Fixes: CVE-2017-8309
Cc: P J P <ppandit@redhat.com>
Cc: Huawei PSIRT <PSIRT@huawei.com>
Reported-by: "Jiangxin (hunter, SCC)" <jiangxin1@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-id: 20170428075612.9997-1-kraxel@redhat.com
(cherry picked from commit 3268a845f41253fb55852a8429c32b50f36f349a)
[BR: BSC#1037242]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
audio/audio.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/audio/audio.c b/audio/audio.c
index c8898d8422..beafed209b 100644
--- a/audio/audio.c
+++ b/audio/audio.c
@@ -2028,6 +2028,8 @@ void AUD_del_capture (CaptureVoiceOut *cap, void *cb_opaque)
sw = sw1;
}
QLIST_REMOVE (cap, entries);
+ g_free (cap->hw.mix_buf);
+ g_free (cap->buf);
g_free (cap);
}
return;

72
0052-display-cirrus-ignore-source-pitch-.patch
View File

@ -1,72 +0,0 @@
From 3b4bf7e1b33e254709c6a3948891f7da4aac63e3 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Mon, 9 Jan 2017 13:35:20 -0700
Subject: [PATCH] display: cirrus: ignore source pitch value as needed in
blit_is_unsafe
Commit 4299b90 added a check which is too broad, given that the source
pitch value is not required to be initialized for solid fill operations.
This patch refines the blit_is_unsafe() check to ignore source pitch in
that case. After applying the above commit as a security patch, we
noticed the SLES 11 SP4 guest gui failed to initialize properly.
Signed-off-by: Bruce Rogers <brogers@suse.com>
Message-id: 20170109203520.5619-1-brogers@suse.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit 913a87885f589d263e682c2eb6637c6e14538061)
[BR: BSC#1016779]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/cirrus_vga.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
index bdb092ee9d..379910db2d 100644
--- a/hw/display/cirrus_vga.c
+++ b/hw/display/cirrus_vga.c
@@ -294,7 +294,7 @@ static bool blit_region_is_unsafe(struct CirrusVGAState *s,
return false;
}
-static bool blit_is_unsafe(struct CirrusVGAState *s)
+static bool blit_is_unsafe(struct CirrusVGAState *s, bool dst_only)
{
/* should be the case, see cirrus_bitblt_start */
assert(s->cirrus_blt_width > 0);
@@ -308,6 +308,9 @@ static bool blit_is_unsafe(struct CirrusVGAState *s)
s->cirrus_blt_dstaddr & s->cirrus_addr_mask)) {
return true;
}
+ if (dst_only) {
+ return false;
+ }
if (blit_region_is_unsafe(s, s->cirrus_blt_srcpitch,
s->cirrus_blt_srcaddr & s->cirrus_addr_mask)) {
return true;
@@ -673,7 +676,7 @@ static int cirrus_bitblt_common_patterncopy(CirrusVGAState * s,
dst = s->vga.vram_ptr + (s->cirrus_blt_dstaddr & s->cirrus_addr_mask);
- if (blit_is_unsafe(s))
+ if (blit_is_unsafe(s, false))
return 0;
(*s->cirrus_rop) (s, dst, src,
@@ -691,7 +694,7 @@ static int cirrus_bitblt_solidfill(CirrusVGAState *s, int blt_rop)
{
cirrus_fill_t rop_func;
- if (blit_is_unsafe(s)) {
+ if (blit_is_unsafe(s, true)) {
return 0;
}
rop_func = cirrus_fill[rop_to_index[blt_rop]][s->cirrus_blt_pixelwidth - 1];
@@ -795,7 +798,7 @@ static int cirrus_do_copy(CirrusVGAState *s, int dst, int src, int w, int h)
static int cirrus_bitblt_videotovideo_copy(CirrusVGAState * s)
{
- if (blit_is_unsafe(s))
+ if (blit_is_unsafe(s, false))
return 0;
return cirrus_do_copy(s, s->cirrus_blt_dstaddr - s->vga.start_addr,

34
0053-s390x-kvm-fix-small-race-reboot-vs..patch
View File

@ -1,34 +0,0 @@
From 65cef1a069623a0cede6b0bbb6ddeaec0fb023b3 Mon Sep 17 00:00:00 2001
From: Christian Borntraeger <borntraeger@de.ibm.com>
Date: Tue, 24 Jan 2017 22:17:47 +0100
Subject: [PATCH] s390x/kvm: fix small race reboot vs. cmma
Right now we reset all devices before we reset the cmma states. This
can result in the host kernel discarding guest pages that were
previously in the unused state but already contain a bios or a -kernel
file before the cmma reset has finished. This race results in random
guest crashes or hangs during very early reboot.
Fixes: 1cd4e0f6f0a6 ("s390x/cmma: clean up cmma reset")
Cc: qemu-stable@nongnu.org
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
(cherry picked from commit 1a0e4c8b02ea510508970c333ee610a90b921cbb)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/s390x/s390-virtio.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/s390x/s390-virtio.c b/hw/s390x/s390-virtio.c
index 0a963473ad..7a3a7fe5fd 100644
--- a/hw/s390x/s390-virtio.c
+++ b/hw/s390x/s390-virtio.c
@@ -204,8 +204,8 @@ void s390_machine_reset(void)
{
S390CPU *ipl_cpu = S390_CPU(qemu_get_cpu(0));
- qemu_devices_reset();
s390_cmma_reset();
+ qemu_devices_reset();
s390_crypto_reset();
/* all cpus are stopped - configure and start the ipl cpu only */

45
0053-scsi-avoid-an-off-by-one-error-in-m.patch Normal file
View File

@ -0,0 +1,45 @@
From 7b1991173de44443e24a82f6a52f3977e5f66bc7 Mon Sep 17 00:00:00 2001
From: Prasad J Pandit <pjp@fedoraproject.org>
Date: Mon, 24 Apr 2017 17:36:34 +0530
Subject: [PATCH] scsi: avoid an off-by-one error in megasas_mmio_write
While reading magic sequence(MFI_SEQ) in megasas_mmio_write,
an off-by-one error could occur as 's->adp_reset' index is not
reset after reading the last sequence.
Reported-by: YY Z <bigbird475958471@gmail.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <20170424120634.12268-1-ppandit@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 24dfa9fa2f90a95ac33c7372de4f4f2c8a2c141f)
[BR: BSC#1037336 CVE-2017-8380]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/scsi/megasas.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index 84b8caf901..804122ab05 100644
--- a/hw/scsi/megasas.c
+++ b/hw/scsi/megasas.c
@@ -2138,15 +2138,15 @@ static void megasas_mmio_write(void *opaque, hwaddr addr,
case MFI_SEQ:
trace_megasas_mmio_writel("MFI_SEQ", val);
/* Magic sequence to start ADP reset */
- if (adp_reset_seq[s->adp_reset] == val) {
- s->adp_reset++;
+ if (adp_reset_seq[s->adp_reset++] == val) {
+ if (s->adp_reset == 6) {
+ s->adp_reset = 0;
+ s->diag = MFI_DIAG_WRITE_ENABLE;
+ }
} else {
s->adp_reset = 0;
s->diag = 0;
}
- if (s->adp_reset == 6) {
- s->diag = MFI_DIAG_WRITE_ENABLE;
- }
break;
case MFI_DIAG:
trace_megasas_mmio_writel("MFI_DIAG", val);

32
0054-target-s390x-use-qemu-cpu-model-in-.patch
View File

@ -1,32 +0,0 @@
From 52f9cd6fd4943ff0202133646da31788447a2209 Mon Sep 17 00:00:00 2001
From: David Hildenbrand <david@redhat.com>
Date: Mon, 30 Jan 2017 15:50:25 +0100
Subject: [PATCH] target/s390x: use "qemu" cpu model in user mode
"any" does not exist, therefore resulting in a misleading error message.
Reported-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20170130145025.26475-1-david@redhat.com>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Alexander Graf <agraf@suse.de>
Cc: qemu-stable@nongnu.org
(cherry picked from commit d8923bc75479cd3fdcc72b7647f4877f91950b01)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
linux-user/main.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/linux-user/main.c b/linux-user/main.c
index 75b199f274..cc77ec4713 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -4045,6 +4045,8 @@ int main(int argc, char **argv, char **envp)
# endif
#elif defined TARGET_SH4
cpu_model = TYPE_SH7785_CPU;
+#elif defined TARGET_S390X
+ cpu_model = "qemu";
#else
cpu_model = "any";
#endif

33
0054-vmw_pvscsi-check-message-ring-page-.patch Normal file
View File

@ -0,0 +1,33 @@
From 4e1c19fe60bb27e1a8b44878b40e59c0c324af56 Mon Sep 17 00:00:00 2001
From: P J P <ppandit@redhat.com>
Date: Tue, 25 Apr 2017 18:36:23 +0530
Subject: [PATCH] vmw_pvscsi: check message ring page count at initialisation
A guest could set the message ring page count to zero, resulting in
infinite loop. Add check to avoid it.
Reported-by: YY Z <bigbird475958471@gmail.com>
Signed-off-by: P J P <ppandit@redhat.com>
Message-Id: <20170425130623.3649-1-ppandit@redhat.com>
Reviewed-by: Dmitry Fleytman <dmitry@daynix.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit f68826989cd4d1217797251339579c57b3c0934e)
[BR: BSC#1036211 CVE-2017-8112]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/scsi/vmw_pvscsi.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/scsi/vmw_pvscsi.c b/hw/scsi/vmw_pvscsi.c
index 75575461e2..4a106da856 100644
--- a/hw/scsi/vmw_pvscsi.c
+++ b/hw/scsi/vmw_pvscsi.c
@@ -202,7 +202,7 @@ pvscsi_ring_init_msg(PVSCSIRingInfo *m, PVSCSICmdDescSetupMsgRing *ri)
uint32_t len_log2;
uint32_t ring_size;
- if (ri->numPages > PVSCSI_SETUP_MSG_RING_MAX_NUM_PAGES) {
+ if (!ri->numPages || ri->numPages > PVSCSI_SETUP_MSG_RING_MAX_NUM_PAGES) {
return -1;
}
ring_size = ri->numPages * PVSCSI_MAX_NUM_MSG_ENTRIES_PER_PAGE;

174
0055-9pfs-local-forbid-client-access-to-.patch Normal file
View File

@ -0,0 +1,174 @@
From 385fd07f1627cb73ed2ad266e23923cb7eae30f7 Mon Sep 17 00:00:00 2001
From: Greg Kurz <groug@kaod.org>
Date: Fri, 5 May 2017 14:48:08 +0200
Subject: [PATCH] 9pfs: local: forbid client access to metadata (CVE-2017-7493)
When using the mapped-file security mode, we shouldn't let the client mess
with the metadata. The current code already tries to hide the metadata dir
from the client by skipping it in local_readdir(). But the client can still
access or modify it through several other operations. This can be used to
escalate privileges in the guest.
Affected backend operations are:
- local_mknod()
- local_mkdir()
- local_open2()
- local_symlink()
- local_link()
- local_unlinkat()
- local_renameat()
- local_rename()
- local_name_to_path()
Other operations are safe because they are only passed a fid path, which
is computed internally in local_name_to_path().
This patch converts all the functions listed above to fail and return
EINVAL when being passed the name of the metadata dir. This may look
like a poor choice for errno, but there's no such thing as an illegal
path name on Linux and I could not think of anything better.
This fixes CVE-2017-7493.
Reported-by: Leo Gaspard <leo@gaspard.io>
Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
(cherry picked from commit 7a95434e0ca8a037fd8aa1a2e2461f92585eb77b)
[BR: BSC#1039495]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/9pfs/9p-local.c | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 56 insertions(+), 2 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index f3ebca4f7a..a2486566af 100644
--- a/hw/9pfs/9p-local.c
+++ b/hw/9pfs/9p-local.c
@@ -452,6 +452,11 @@ static off_t local_telldir(FsContext *ctx, V9fsFidOpenState *fs)
return telldir(fs->dir.stream);
}
+static bool local_is_mapped_file_metadata(FsContext *fs_ctx, const char *name)
+{
+ return !strcmp(name, VIRTFS_META_DIR);
+}
+
static struct dirent *local_readdir(FsContext *ctx, V9fsFidOpenState *fs)
{
struct dirent *entry;
@@ -465,8 +470,8 @@ again:
if (ctx->export_flags & V9FS_SM_MAPPED) {
entry->d_type = DT_UNKNOWN;
} else if (ctx->export_flags & V9FS_SM_MAPPED_FILE) {
- if (!strcmp(entry->d_name, VIRTFS_META_DIR)) {
- /* skp the meta data directory */
+ if (local_is_mapped_file_metadata(ctx, entry->d_name)) {
+ /* skip the meta data directory */
goto again;
}
entry->d_type = DT_UNKNOWN;
@@ -559,6 +564,12 @@ static int local_mknod(FsContext *fs_ctx, V9fsPath *dir_path,
int err = -1;
int dirfd;
+ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE &&
+ local_is_mapped_file_metadata(fs_ctx, name)) {
+ errno = EINVAL;
+ return -1;
+ }
+
dirfd = local_opendir_nofollow(fs_ctx, dir_path->data);
if (dirfd == -1) {
return -1;
@@ -605,6 +616,12 @@ static int local_mkdir(FsContext *fs_ctx, V9fsPath *dir_path,
int err = -1;
int dirfd;
+ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE &&
+ local_is_mapped_file_metadata(fs_ctx, name)) {
+ errno = EINVAL;
+ return -1;
+ }
+
dirfd = local_opendir_nofollow(fs_ctx, dir_path->data);
if (dirfd == -1) {
return -1;
@@ -694,6 +711,12 @@ static int local_open2(FsContext *fs_ctx, V9fsPath *dir_path, const char *name,
int err = -1;
int dirfd;
+ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE &&
+ local_is_mapped_file_metadata(fs_ctx, name)) {
+ errno = EINVAL;
+ return -1;
+ }
+
/*
* Mark all the open to not follow symlinks
*/
@@ -752,6 +775,12 @@ static int local_symlink(FsContext *fs_ctx, const char *oldpath,
int err = -1;
int dirfd;
+ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE &&
+ local_is_mapped_file_metadata(fs_ctx, name)) {
+ errno = EINVAL;
+ return -1;
+ }
+
dirfd = local_opendir_nofollow(fs_ctx, dir_path->data);
if (dirfd == -1) {
return -1;
@@ -826,6 +855,12 @@ static int local_link(FsContext *ctx, V9fsPath *oldpath,
int ret = -1;
int odirfd, ndirfd;
+ if (ctx->export_flags & V9FS_SM_MAPPED_FILE &&
+ local_is_mapped_file_metadata(ctx, name)) {
+ errno = EINVAL;
+ return -1;
+ }
+
odirfd = local_opendir_nofollow(ctx, odirpath);
if (odirfd == -1) {
goto out;
@@ -1096,6 +1131,12 @@ static int local_lremovexattr(FsContext *ctx, V9fsPath *fs_path,
static int local_name_to_path(FsContext *ctx, V9fsPath *dir_path,
const char *name, V9fsPath *target)
{
+ if (ctx->export_flags & V9FS_SM_MAPPED_FILE &&
+ local_is_mapped_file_metadata(ctx, name)) {
+ errno = EINVAL;
+ return -1;
+ }
+
if (dir_path) {
v9fs_path_sprintf(target, "%s/%s", dir_path->data, name);
} else if (strcmp(name, "/")) {
@@ -1116,6 +1157,13 @@ static int local_renameat(FsContext *ctx, V9fsPath *olddir,
int ret;
int odirfd, ndirfd;
+ if (ctx->export_flags & V9FS_SM_MAPPED_FILE &&
+ (local_is_mapped_file_metadata(ctx, old_name) ||
+ local_is_mapped_file_metadata(ctx, new_name))) {
+ errno = EINVAL;
+ return -1;
+ }
+
odirfd = local_opendir_nofollow(ctx, olddir->data);
if (odirfd == -1) {
return -1;
@@ -1206,6 +1254,12 @@ static int local_unlinkat(FsContext *ctx, V9fsPath *dir,
int ret;
int dirfd;
+ if (ctx->export_flags & V9FS_SM_MAPPED_FILE &&
+ local_is_mapped_file_metadata(ctx, name)) {
+ errno = EINVAL;
+ return -1;
+ }
+
dirfd = local_opendir_nofollow(ctx, dir->data);
if (dirfd == -1) {
return -1;

35
0055-linux-user-exclude-cpu-model-code-w.patch
View File

@ -1,35 +0,0 @@
From a31edb2865923f478830a2f05e64259ae9841f3c Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Tue, 14 Feb 2017 10:37:59 -0700
Subject: [PATCH] linux-user: exclude cpu model code when building linux-user
A section of s390_realize_cpu_model() needed to be guarded by
CONFIG_USER_ONLY. This omission was causing a segfault when
testing the executable being built for the s390x qemu-linux-user
package.
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
target-s390x/cpu_models.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/target-s390x/cpu_models.c b/target-s390x/cpu_models.c
index c1e729df5e..f2eadd2cfb 100644
--- a/target-s390x/cpu_models.c
+++ b/target-s390x/cpu_models.c
@@ -738,6 +738,7 @@ void s390_realize_cpu_model(CPUState *cs, Error **errp)
return;
}
+#ifndef CONFIG_USER_ONLY
/* copy over properties that can vary */
cpu->model->lowest_ibc = max_model->lowest_ibc;
cpu->model->cpu_id = max_model->cpu_id;
@@ -750,6 +751,7 @@ void s390_realize_cpu_model(CPUState *cs, Error **errp)
}
apply_cpu_model(cpu->model, errp);
+#endif
}
static void get_feature(Object *obj, Visitor *v, const char *name,

41
0056-jazz_led-fix-bad-snprintf.patch Normal file
View File

@ -0,0 +1,41 @@
From 5369a4b1932f7c298ae360789fd182c24e14c569 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Wed, 3 May 2017 12:44:41 +0200
Subject: [PATCH] jazz_led: fix bad snprintf
Detected by GCC 7's -Wformat-truncation. snprintf writes at most
2 bytes here including the terminating NUL, so the result is
truncated. In addition, the newline at the end is pointless.
Fix the buffer size and the format string.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
(cherry picked from commit e9c6ab62c760e333a6cf0f3f9ab021633723434c)
[LY: BSC#1040228]
Signed-off-by: Liang Yan <lyan@suse.com>
---
hw/display/jazz_led.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/display/jazz_led.c b/hw/display/jazz_led.c
index b72fdb1717..3c97d56434 100644
--- a/hw/display/jazz_led.c
+++ b/hw/display/jazz_led.c
@@ -227,13 +227,13 @@ static void jazz_led_invalidate_display(void *opaque)
static void jazz_led_text_update(void *opaque, console_ch_t *chardata)
{
LedState *s = opaque;
- char buf[2];
+ char buf[3];
dpy_text_cursor(s->con, -1, -1);
qemu_console_resize(s->con, 2, 1);
/* TODO: draw the segments */
- snprintf(buf, 2, "%02hhx\n", s->segments);
+ snprintf(buf, 3, "%02hhx", s->segments);
console_write_ch(chardata++, ATTR2CHTYPE(buf[0], QEMU_COLOR_BLUE,
QEMU_COLOR_BLACK, 1));
console_write_ch(chardata++, ATTR2CHTYPE(buf[1], QEMU_COLOR_BLUE,

30
0056-tests-check-path-to-avoid-a-failing.patch
View File

@ -1,30 +0,0 @@
From 5525a02cb6f16bf4bd4ba111012457be80e99418 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Fri, 17 Feb 2017 14:59:49 -0700
Subject: [PATCH] tests: check path to avoid a failing qga/get-vcpus test
The qga/get-vcpus test fails in a simple chroot environment, as
used in an openSUSE Build Service local build, so first check
that the sysfs based path exists in order to avoid calling this
test in an environment where it won't work right.
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
tests/test-qga.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/tests/test-qga.c b/tests/test-qga.c
index 868b02a40f..9e6d19a6e1 100644
--- a/tests/test-qga.c
+++ b/tests/test-qga.c
@@ -924,7 +924,9 @@ int main(int argc, char **argv)
g_test_add_data_func("/qga/info", &fix, test_qga_info);
g_test_add_data_func("/qga/network-get-interfaces", &fix,
test_qga_network_get_interfaces);
- g_test_add_data_func("/qga/get-vcpus", &fix, test_qga_get_vcpus);
+ if (!access("/sys/devices/system/cpu/cpu0", F_OK)) {
+ g_test_add_data_func("/qga/get-vcpus", &fix, test_qga_get_vcpus);
+ }
g_test_add_data_func("/qga/get-fsinfo", &fix, test_qga_get_fsinfo);
g_test_add_data_func("/qga/get-memory-block-info", &fix,
test_qga_get_memory_block_info);

40
0057-display-virtio-gpu-3d-check-virgl-c.patch
View File

@ -1,40 +0,0 @@
From 818182d6045bb5a052b3fd53b995df6510084e83 Mon Sep 17 00:00:00 2001
From: Prasad J Pandit <pjp@fedoraproject.org>
Date: Wed, 14 Dec 2016 12:31:56 +0530
Subject: [PATCH] display: virtio-gpu-3d: check virgl capabilities max_size
Virtio GPU device while processing 'VIRTIO_GPU_CMD_GET_CAPSET'
command, retrieves the maximum capabilities size to fill in the
response object. It continues to fill in capabilities even if
retrieved 'max_size' is zero(0), thus resulting in OOB access.
Add check to avoid it.
Reported-by: Zhenhao Hong <zhenhaohong@gmail.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-id: 20161214070156.23368-1-ppandit@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit abd7f08b2353f43274b785db8c7224f082ef4d31)
[BR: CVE-2016-10028 BSC#1017084 BSC#1016503]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/virtio-gpu-3d.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c
index d98b1404e1..cdd03a47bd 100644
--- a/hw/display/virtio-gpu-3d.c
+++ b/hw/display/virtio-gpu-3d.c
@@ -371,8 +371,12 @@ static void virgl_cmd_get_capset(VirtIOGPU *g,
virgl_renderer_get_cap_set(gc.capset_id, &max_ver,
&max_size);
- resp = g_malloc0(sizeof(*resp) + max_size);
+ if (!max_size) {
+ cmd->error = VIRTIO_GPU_RESP_ERR_INVALID_PARAMETER;
+ return;
+ }
+ resp = g_malloc0(sizeof(*resp) + max_size);
resp->hdr.type = VIRTIO_GPU_RESP_OK_CAPSET;
virgl_renderer_fill_caps(gc.capset_id,
gc.capset_version,

117
0057-slirp-smb-Replace-constant-strings-.patch Normal file
View File

@ -0,0 +1,117 @@
From 94cc81bb7e1655b2b8ce0f1c996877ffb156bfb2 Mon Sep 17 00:00:00 2001
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Fri, 7 Apr 2017 15:32:54 +0100
Subject: [PATCH] slirp/smb: Replace constant strings by glib string
gcc 7 (on fedora 26) objects to many of the snprintf's
in the smb path and command creation because it can't
figure out that the smb_dir (i.e. the /tmp dir for the configuration)
is known to be short.
Replace all these fixed length buffers by g_str* functions that dynamically
allocate and use g_dir_make_tmp to make the directory.
(It's fairly new glib but we have a compat function for it).
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
(cherry picked from commit f95cc8b6cc3ad8c4b687f305a978d67091c28138)
[LY: BSC#1040228]
Signed-off-by: Liang Yan <lyan@suse.com>
---
net/slirp.c | 30 +++++++++++++++++-------------
1 file changed, 17 insertions(+), 13 deletions(-)
diff --git a/net/slirp.c b/net/slirp.c
index f97ec23345..9f6521190b 100644
--- a/net/slirp.c
+++ b/net/slirp.c
@@ -80,7 +80,7 @@ typedef struct SlirpState {
Slirp *slirp;
Notifier exit_notifier;
#ifndef _WIN32
- char smb_dir[128];
+ gchar *smb_dir;
#endif
} SlirpState;
@@ -558,11 +558,10 @@ int net_slirp_redir(const char *redir_str)
/* automatic user mode samba server configuration */
static void slirp_smb_cleanup(SlirpState *s)
{
- char cmd[128];
int ret;
- if (s->smb_dir[0] != '\0') {
- snprintf(cmd, sizeof(cmd), "rm -rf %s", s->smb_dir);
+ if (s->smb_dir) {
+ gchar *cmd = g_strdup_printf("rm -rf %s", s->smb_dir);
ret = system(cmd);
if (ret == -1 || !WIFEXITED(ret)) {
error_report("'%s' failed.", cmd);
@@ -570,15 +569,17 @@ static void slirp_smb_cleanup(SlirpState *s)
error_report("'%s' failed. Error code: %d",
cmd, WEXITSTATUS(ret));
}
- s->smb_dir[0] = '\0';
+ g_free(cmd);
+ g_free(s->smb_dir);
+ s->smb_dir = NULL;
}
}
static int slirp_smb(SlirpState* s, const char *exported_dir,
struct in_addr vserver_addr)
{
- char smb_conf[128];
- char smb_cmdline[128];
+ char *smb_conf;
+ char *smb_cmdline;
struct passwd *passwd;
FILE *f;
@@ -600,19 +601,19 @@ static int slirp_smb(SlirpState* s, const char *exported_dir,
return -1;
}
- snprintf(s->smb_dir, sizeof(s->smb_dir), "/tmp/qemu-smb.XXXXXX");
- if (!mkdtemp(s->smb_dir)) {
- error_report("could not create samba server dir '%s'", s->smb_dir);
- s->smb_dir[0] = 0;
+ s->smb_dir = g_dir_make_tmp("qemu-smb.XXXXXX", NULL);
+ if (!s->smb_dir) {
+ error_report("could not create samba server dir");
return -1;
}
- snprintf(smb_conf, sizeof(smb_conf), "%s/%s", s->smb_dir, "smb.conf");
+ smb_conf = g_strdup_printf("%s/%s", s->smb_dir, "smb.conf");
f = fopen(smb_conf, "w");
if (!f) {
slirp_smb_cleanup(s);
error_report("could not create samba server configuration file '%s'",
smb_conf);
+ g_free(smb_conf);
return -1;
}
fprintf(f,
@@ -651,15 +652,18 @@ static int slirp_smb(SlirpState* s, const char *exported_dir,
);
fclose(f);
- snprintf(smb_cmdline, sizeof(smb_cmdline), "%s -l %s -s %s",
+ smb_cmdline = g_strdup_printf("%s -l %s -s %s",
CONFIG_SMBD_COMMAND, s->smb_dir, smb_conf);
+ g_free(smb_conf);
if (slirp_add_exec(s->slirp, 0, smb_cmdline, &vserver_addr, 139) < 0 ||
slirp_add_exec(s->slirp, 0, smb_cmdline, &vserver_addr, 445) < 0) {
slirp_smb_cleanup(s);
+ g_free(smb_cmdline);
error_report("conflicting/invalid smbserver address");
return -1;
}
+ g_free(smb_cmdline);
return 0;
}

28
0058-altera_timer-fix-incorrect-memset.patch Normal file
View File

@ -0,0 +1,28 @@
From 355047e16c0834b88d7df8ef86efef8b0d3b6adc Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Mon, 22 May 2017 17:46:40 -0600
Subject: [PATCH] altera_timer: fix incorrect memset
Use sizeof instead of ARRAY_SIZE, fixing -Wmemset-elt-size with recent
GCC versions.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
[LY: BSC#1040228]
Signed-off-by: Liang Yan <lyan@suse.com>
---
hw/timer/altera_timer.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/timer/altera_timer.c b/hw/timer/altera_timer.c
index 6d4862661d..c9a0fc5dca 100644
--- a/hw/timer/altera_timer.c
+++ b/hw/timer/altera_timer.c
@@ -204,7 +204,7 @@ static void altera_timer_reset(DeviceState *dev)
ptimer_stop(t->ptimer);
ptimer_set_limit(t->ptimer, 0xffffffff, 1);
- memset(t->regs, 0, ARRAY_SIZE(t->regs));
+ memset(t->regs, 0, sizeof(t->regs));
}
static Property altera_timer_properties[] = {

46
0058-watchdog-6300esb-add-exit-function.patch
View File

@ -1,46 +0,0 @@
From 56fb083af9f432ec4ab438f016e26025981f3136 Mon Sep 17 00:00:00 2001
From: Li Qiang <liqiang6-s@360.cn>
Date: Mon, 28 Nov 2016 17:49:04 -0800
Subject: [PATCH] watchdog: 6300esb: add exit function
When the Intel 6300ESB watchdog is hot unplug. The timer allocated
in realize isn't freed thus leaking memory leak. This patch avoid
this through adding the exit function.
Signed-off-by: Li Qiang <liqiang6-s@360.cn>
Message-Id: <583cde9c.3223ed0a.7f0c2.886e@mx.google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit eb7a20a3616085d46aa6b4b4224e15587ec67e6e)
[BR: CVE-2016-10155 BSC#1021129]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/watchdog/wdt_i6300esb.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/hw/watchdog/wdt_i6300esb.c b/hw/watchdog/wdt_i6300esb.c
index a83d951213..49b3cd188a 100644
--- a/hw/watchdog/wdt_i6300esb.c
+++ b/hw/watchdog/wdt_i6300esb.c
@@ -428,6 +428,14 @@ static void i6300esb_realize(PCIDevice *dev, Error **errp)
/* qemu_register_coalesced_mmio (addr, 0x10); ? */
}
+static void i6300esb_exit(PCIDevice *dev)
+{
+ I6300State *d = WATCHDOG_I6300ESB_DEVICE(dev);
+
+ timer_del(d->timer);
+ timer_free(d->timer);
+}
+
static WatchdogTimerModel model = {
.wdt_name = "i6300esb",
.wdt_description = "Intel 6300ESB",
@@ -441,6 +449,7 @@ static void i6300esb_class_init(ObjectClass *klass, void *data)
k->config_read = i6300esb_config_read;
k->config_write = i6300esb_config_write;
k->realize = i6300esb_realize;
+ k->exit = i6300esb_exit;
k->vendor_id = PCI_VENDOR_ID_INTEL;
k->device_id = PCI_DEVICE_ID_INTEL_ESB_9;
k->class_id = PCI_CLASS_SYSTEM_OTHER;

133
0059-Hacks-for-building-on-gcc-7-Fedora-.patch Normal file
View File

@ -0,0 +1,133 @@
From 694037b618e2d331c38c287857da993fdab1f011 Mon Sep 17 00:00:00 2001
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 22 May 2017 17:48:13 -0600
Subject: [PATCH] Hacks for building on gcc 7 / Fedora 26
Hi,
Fedora 26 has gcc 7.0.1 which has the normal compliment
of new fussy warnings; so far I've posted :
tests/check-qdict: Fix missing brackets
slirp/smb: Replace constant strings by glib string
that fix one actual mistake and work around something it's being
fussy over.
But I've also got a pile of hacks, attached below that I'm
not too sure what I'll do with them yet, but they're attached
for anyone else trying to build. Note they're smoke-only-tested.
I also have gcc bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80346
filed for what I reckon is a couple of overly pessimistic warnings.
Enjoy,
Dave
From 15353ce59e35e1d85927138982241491ea65cee2 Mon Sep 17 00:00:00 2001
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Thu, 6 Apr 2017 15:44:50 +0100
Subject: [HACK!] Hacks for f26 build
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
[LY: BSC#1040228]
Signed-off-by: Liang Yan <lyan@suse.com>
---
block/blkdebug.c | 4 ++--
block/blkverify.c | 4 ++--
hw/usb/bus.c | 5 +++--
include/qemu/iov.h | 4 ++--
tests/bios-tables-test.c | 2 +-
5 files changed, 10 insertions(+), 9 deletions(-)
diff --git a/block/blkdebug.c b/block/blkdebug.c
index 67e8024e36..34c645d095 100644
--- a/block/blkdebug.c
+++ b/block/blkdebug.c
@@ -689,9 +689,9 @@ static void blkdebug_refresh_filename(BlockDriverState *bs, QDict *options)
}
if (!force_json && bs->file->bs->exact_filename[0]) {
- snprintf(bs->exact_filename, sizeof(bs->exact_filename),
+ g_assert_cmpint(snprintf(bs->exact_filename, sizeof(bs->exact_filename),
"blkdebug:%s:%s", s->config_file ?: "",
- bs->file->bs->exact_filename);
+ bs->file->bs->exact_filename), <, sizeof(bs->exact_filename));
}
opts = qdict_new();
diff --git a/block/blkverify.c b/block/blkverify.c
index 9a1e21c6ad..d038947a5a 100644
--- a/block/blkverify.c
+++ b/block/blkverify.c
@@ -305,10 +305,10 @@ static void blkverify_refresh_filename(BlockDriverState *bs, QDict *options)
if (bs->file->bs->exact_filename[0]
&& s->test_file->bs->exact_filename[0])
{
- snprintf(bs->exact_filename, sizeof(bs->exact_filename),
+ g_assert_cmpint(snprintf(bs->exact_filename, sizeof(bs->exact_filename),
"blkverify:%s:%s",
bs->file->bs->exact_filename,
- s->test_file->bs->exact_filename);
+ s->test_file->bs->exact_filename), <, sizeof(bs->exact_filename));
}
}
diff --git a/hw/usb/bus.c b/hw/usb/bus.c
index 24f1608b4b..6023f3b419 100644
--- a/hw/usb/bus.c
+++ b/hw/usb/bus.c
@@ -8,6 +8,7 @@
#include "monitor/monitor.h"
#include "trace.h"
#include "qemu/cutils.h"
+#include <glib.h>
static void usb_bus_dev_print(Monitor *mon, DeviceState *qdev, int indent);
@@ -407,8 +408,8 @@ void usb_register_companion(const char *masterbus, USBPort *ports[],
void usb_port_location(USBPort *downstream, USBPort *upstream, int portnr)
{
if (upstream) {
- snprintf(downstream->path, sizeof(downstream->path), "%s.%d",
- upstream->path, portnr);
+ g_assert_cmpint(snprintf(downstream->path, sizeof(downstream->path), "%s.%d",
+ upstream->path, portnr), <, sizeof(downstream->path));
downstream->hubcount = upstream->hubcount + 1;
} else {
snprintf(downstream->path, sizeof(downstream->path), "%d", portnr);
diff --git a/include/qemu/iov.h b/include/qemu/iov.h
index bd9fd55b0a..ebb0221140 100644
--- a/include/qemu/iov.h
+++ b/include/qemu/iov.h
@@ -46,7 +46,7 @@ static inline size_t
iov_from_buf(const struct iovec *iov, unsigned int iov_cnt,
size_t offset, const void *buf, size_t bytes)
{
- if (__builtin_constant_p(bytes) && iov_cnt &&
+ if (__builtin_constant_p(bytes) && iov_cnt && bytes <= INT_MAX &&
offset <= iov[0].iov_len && bytes <= iov[0].iov_len - offset) {
memcpy(iov[0].iov_base + offset, buf, bytes);
return bytes;
@@ -59,7 +59,7 @@ static inline size_t
iov_to_buf(const struct iovec *iov, const unsigned int iov_cnt,
size_t offset, void *buf, size_t bytes)
{
- if (__builtin_constant_p(bytes) && iov_cnt &&
+ if (__builtin_constant_p(bytes) && iov_cnt && bytes <= INT_MAX &&
offset <= iov[0].iov_len && bytes <= iov[0].iov_len - offset) {
memcpy(buf, iov[0].iov_base + offset, bytes);
return bytes;
diff --git a/tests/bios-tables-test.c b/tests/bios-tables-test.c
index 88dbf97853..c55de4f65b 100644
--- a/tests/bios-tables-test.c
+++ b/tests/bios-tables-test.c
@@ -98,7 +98,7 @@ static void test_acpi_rsdt_table(test_data *data)
AcpiRsdtDescriptorRev1 *rsdt_table = &data->rsdt_table;
uint32_t addr = data->rsdp_table.rsdt_physical_address;
uint32_t *tables;
- int tables_nr;
+ unsigned int tables_nr;
uint8_t checksum;
/* read the header */

41
0059-virtio-gpu-3d-fix-memory-leak-in-re.patch
View File

@ -1,41 +0,0 @@
From 07cbf6021a6ab8bf3756692379a9942bdfeb7e00 Mon Sep 17 00:00:00 2001
From: Li Qiang <liq3ea@gmail.com>
Date: Thu, 29 Dec 2016 03:11:26 -0500
Subject: [PATCH] virtio-gpu-3d: fix memory leak in resource attach backing
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
If the virgl_renderer_resource_attach_iov function fails the
'res_iovs' will be leaked. Add check of the return value to
free the 'res_iovs' when failing.
Signed-off-by: Li Qiang <liq3ea@gmail.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 1482999086-59795-1-git-send-email-liq3ea@gmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit 33243031dad02d161225ba99d782616da133f689)
[BR: CVE-2017-5552 BSC#1021195]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/virtio-gpu-3d.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c
index cdd03a47bd..f96a0c2e59 100644
--- a/hw/display/virtio-gpu-3d.c
+++ b/hw/display/virtio-gpu-3d.c
@@ -291,8 +291,11 @@ static void virgl_resource_attach_backing(VirtIOGPU *g,
return;
}
- virgl_renderer_resource_attach_iov(att_rb.resource_id,
- res_iovs, att_rb.nr_entries);
+ ret = virgl_renderer_resource_attach_iov(att_rb.resource_id,
+ res_iovs, att_rb.nr_entries);
+
+ if (ret != 0)
+ virtio_gpu_cleanup_mapping_iov(res_iovs, att_rb.nr_entries);
}
static void virgl_resource_detach_backing(VirtIOGPU *g,

35
0060-virtio-gpu-fix-memory-leak-in-resou.patch
View File

@ -1,35 +0,0 @@
From 536ae1665b9302a31932113b1ec7d52cbd7af752 Mon Sep 17 00:00:00 2001
From: Li Qiang <liq3ea@gmail.com>
Date: Thu, 29 Dec 2016 04:28:41 -0500
Subject: [PATCH] virtio-gpu: fix memory leak in resource attach backing
In the resource attach backing function, everytime it will
allocate 'res->iov' thus can leading a memory leak. This
patch avoid this.
Signed-off-by: Li Qiang <liq3ea@gmail.com>
Message-id: 1483003721-65360-1-git-send-email-liq3ea@gmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit 204f01b30975923c64006f8067f0937b91eea68b)
[BR: CVE-2017-5578 BSC#1021481]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/virtio-gpu.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c
index 3eafe495ef..edd8ddaf78 100644
--- a/hw/display/virtio-gpu.c
+++ b/hw/display/virtio-gpu.c
@@ -708,6 +708,11 @@ virtio_gpu_resource_attach_backing(VirtIOGPU *g,
return;
}
+ if (res->iov) {
+ cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC;
+ return;
+ }
+
ret = virtio_gpu_create_mapping_iov(&ab, cmd, &res->addrs, &res->iov);
if (ret != 0) {
cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC;

53
0061-virtio-fix-vq-inuse-recalc-after-mi.patch
View File

@ -1,53 +0,0 @@
From d1d06f7db5b44371db5dc1c559c5d8c1bda9d731 Mon Sep 17 00:00:00 2001
From: Halil Pasic <pasic@linux.vnet.ibm.com>
Date: Mon, 19 Dec 2016 16:44:44 +0100
Subject: [PATCH] virtio: fix vq->inuse recalc after migr
Correct recalculation of vq->inuse after migration for the corner case
where the avail_idx has already wrapped but used_idx not yet.
Also change the type of the VirtQueue.inuse to unsigned int. This is
done to be consistent with other members representing sizes (VRing.num),
and because C99 guarantees max ring size < UINT_MAX but does not
guarantee max ring size < INT_MAX.
Signed-off-by: Halil Pasic <pasic@linux.vnet.ibm.com>
Fixes: bccdef6b ("virtio: recalculate vq->inuse after migration")
CC: qemu-stable@nongnu.org
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
(cherry picked from commit e66bcc408146730958d1a840bda85d7ad51e0cd7)
[BR: BSC#1020928]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/virtio/virtio.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
index 1af2de2714..e37641a9c9 100644
--- a/hw/virtio/virtio.c
+++ b/hw/virtio/virtio.c
@@ -92,7 +92,7 @@ struct VirtQueue
uint16_t queue_index;
- int inuse;
+ unsigned int inuse;
uint16_t vector;
VirtIOHandleOutput handle_output;
@@ -1855,9 +1855,11 @@ int virtio_load(VirtIODevice *vdev, QEMUFile *f, int version_id)
/*
* Some devices migrate VirtQueueElements that have been popped
* from the avail ring but not yet returned to the used ring.
+ * Since max ring size < UINT16_MAX it's safe to use modulo
+ * UINT16_MAX + 1 subtraction.
*/
- vdev->vq[i].inuse = vdev->vq[i].last_avail_idx -
- vdev->vq[i].used_idx;
+ vdev->vq[i].inuse = (uint16_t)(vdev->vq[i].last_avail_idx -
+ vdev->vq[i].used_idx);
if (vdev->vq[i].inuse > vdev->vq[i].vring.num) {
error_report("VQ %d size 0x%x < last_avail_idx 0x%x - "
"used_idx 0x%x",

55
0062-audio-es1370-add-exit-function.patch
View File

@ -1,55 +0,0 @@
From 6a847bb812fe7946a2d3c457d75ca3db0fe962b0 Mon Sep 17 00:00:00 2001
From: Li Qiang <liqiang6-s@360.cn>
Date: Wed, 14 Dec 2016 18:32:22 -0800
Subject: [PATCH] audio: es1370: add exit function
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Currently the es1370 device emulation doesn't have a exit function,
hot unplug this device will leak some memory. Add a exit function to
avoid this.
Signed-off-by: Li Qiang <liqiang6-s@360.cn>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 585200c9.a968ca0a.1ab80.4c98@mx.google.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit 069eb7b2b8fc47c7cb52e5a4af23ea98d939e3da)
[BR: CVE-2017-5526 BSC#1020589]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/audio/es1370.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/hw/audio/es1370.c b/hw/audio/es1370.c
index 8449b5f436..883ec69b30 100644
--- a/hw/audio/es1370.c
+++ b/hw/audio/es1370.c
@@ -1041,6 +1041,19 @@ static void es1370_realize(PCIDevice *dev, Error **errp)
es1370_reset (s);
}
+static void es1370_exit(PCIDevice *dev)
+{
+ ES1370State *s = ES1370(dev);
+ int i;
+
+ for (i = 0; i < 2; ++i) {
+ AUD_close_out(&s->card, s->dac_voice[i]);
+ }
+
+ AUD_close_in(&s->card, s->adc_voice);
+ AUD_remove_card(&s->card);
+}
+
static int es1370_init (PCIBus *bus)
{
pci_create_simple (bus, -1, TYPE_ES1370);
@@ -1053,6 +1066,7 @@ static void es1370_class_init (ObjectClass *klass, void *data)
PCIDeviceClass *k = PCI_DEVICE_CLASS (klass);
k->realize = es1370_realize;
+ k->exit = es1370_exit;
k->vendor_id = PCI_VENDOR_ID_ENSONIQ;
k->device_id = PCI_DEVICE_ID_ENSONIQ_ES1370;
k->class_id = PCI_CLASS_MULTIMEDIA_AUDIO;

52
0063-audio-ac97-add-exit-function.patch
View File

@ -1,52 +0,0 @@
From ebc039becfc5a4506ae0d4962cd87ce1bf5163bc Mon Sep 17 00:00:00 2001
From: Li Qiang <liqiang6-s@360.cn>
Date: Wed, 14 Dec 2016 18:30:21 -0800
Subject: [PATCH] audio: ac97: add exit function
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Currently the ac97 device emulation doesn't have a exit function,
hot unplug this device will leak some memory. Add a exit function to
avoid this.
Signed-off-by: Li Qiang <liqiang6-s@360.cn>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 58520052.4825ed0a.27a71.6cae@mx.google.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit 12351a91da97b414eec8cdb09f1d9f41e535a401)
[BR: CVE-2017-5525 BSC#1020491]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/audio/ac97.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/hw/audio/ac97.c b/hw/audio/ac97.c
index cbd959e0bd..c30657501c 100644
--- a/hw/audio/ac97.c
+++ b/hw/audio/ac97.c
@@ -1387,6 +1387,16 @@ static void ac97_realize(PCIDevice *dev, Error **errp)
ac97_on_reset (&s->dev.qdev);
}
+static void ac97_exit(PCIDevice *dev)
+{
+ AC97LinkState *s = DO_UPCAST(AC97LinkState, dev, dev);
+
+ AUD_close_in(&s->card, s->voice_pi);
+ AUD_close_out(&s->card, s->voice_po);
+ AUD_close_in(&s->card, s->voice_mc);
+ AUD_remove_card(&s->card);
+}
+
static int ac97_init (PCIBus *bus)
{
pci_create_simple (bus, -1, "AC97");
@@ -1404,6 +1414,7 @@ static void ac97_class_init (ObjectClass *klass, void *data)
PCIDeviceClass *k = PCI_DEVICE_CLASS (klass);
k->realize = ac97_realize;
+ k->exit = ac97_exit;
k->vendor_id = PCI_VENDOR_ID_INTEL;
k->device_id = PCI_DEVICE_ID_INTEL_82801AA_5;
k->revision = 0x01;

64
0064-megasas-fix-guest-triggered-memory-.patch
View File

@ -1,64 +0,0 @@
From 27db53c8bdbb318eef77b9ac01ea02e6b0cd0b02 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Mon, 2 Jan 2017 11:03:33 +0100
Subject: [PATCH] megasas: fix guest-triggered memory leak
If the guest sets the sglist size to a value >=2GB, megasas_handle_dcmd
will return MFI_STAT_MEMORY_NOT_AVAILABLE without freeing the memory.
Avoid this by returning only the status from map_dcmd, and loading
cmd->iov_size in the caller.
Reported-by: Li Qiang <liqiang6-s@360.cn>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 765a707000e838c30b18d712fe6cb3dd8e0435f3)
[BR: CVE-2017-5856 BSC#1023053]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/scsi/megasas.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index 67fc1e7893..6233865494 100644
--- a/hw/scsi/megasas.c
+++ b/hw/scsi/megasas.c
@@ -683,14 +683,14 @@ static int megasas_map_dcmd(MegasasState *s, MegasasCmd *cmd)
trace_megasas_dcmd_invalid_sge(cmd->index,
cmd->frame->header.sge_count);
cmd->iov_size = 0;
- return -1;
+ return -EINVAL;
}
iov_pa = megasas_sgl_get_addr(cmd, &cmd->frame->dcmd.sgl);
iov_size = megasas_sgl_get_len(cmd, &cmd->frame->dcmd.sgl);
pci_dma_sglist_init(&cmd->qsg, PCI_DEVICE(s), 1);
qemu_sglist_add(&cmd->qsg, iov_pa, iov_size);
cmd->iov_size = iov_size;
- return cmd->iov_size;
+ return 0;
}
static void megasas_finish_dcmd(MegasasCmd *cmd, uint32_t iov_size)
@@ -1559,19 +1559,20 @@ static const struct dcmd_cmd_tbl_t {
static int megasas_handle_dcmd(MegasasState *s, MegasasCmd *cmd)
{
- int opcode, len;
+ int opcode;
int retval = 0;
+ size_t len;
const struct dcmd_cmd_tbl_t *cmdptr = dcmd_cmd_tbl;
opcode = le32_to_cpu(cmd->frame->dcmd.opcode);
trace_megasas_handle_dcmd(cmd->index, opcode);
- len = megasas_map_dcmd(s, cmd);
- if (len < 0) {
+ if (megasas_map_dcmd(s, cmd) < 0) {
return MFI_STAT_MEMORY_NOT_AVAILABLE;
}
while (cmdptr->opcode != -1 && cmdptr->opcode != opcode) {
cmdptr++;
}
+ len = cmd->iov_size;
if (cmdptr->opcode == -1) {
trace_megasas_dcmd_unhandled(cmd->index, opcode, len);
retval = megasas_dcmd_dummy(s, cmd);

49
0065-cirrus-handle-negative-pitch-in-cir.patch
View File

@ -1,49 +0,0 @@
From 3f442b06232be126e08d9207e4cac3e3afe0e62d Mon Sep 17 00:00:00 2001
From: Wolfgang Bumiller <w.bumiller@proxmox.com>
Date: Wed, 25 Jan 2017 14:48:57 +0100
Subject: [PATCH] cirrus: handle negative pitch in cirrus_invalidate_region()
cirrus_invalidate_region() calls memory_region_set_dirty()
on a per-line basis, always ranging from off_begin to
off_begin+bytesperline. With a negative pitch off_begin
marks the top most used address and thus we need to do an
initial shift backwards by a line for negative pitches of
backward blits, otherwise the first iteration covers the
line going from the start offset forwards instead of
backwards.
Additionally since the start address is inclusive, if we
shift by a full `bytesperline` we move to the first address
*not* included in the blit, so we only shift by one less
than bytesperline.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Message-id: 1485352137-29367-1-git-send-email-w.bumiller@proxmox.com
[ kraxel: codestyle fixes ]
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit f153b563f8cf121aebf5a2fff5f0110faf58ccb3)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/cirrus_vga.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
index 379910db2d..0f05e4596e 100644
--- a/hw/display/cirrus_vga.c
+++ b/hw/display/cirrus_vga.c
@@ -661,9 +661,14 @@ static void cirrus_invalidate_region(CirrusVGAState * s, int off_begin,
int off_cur;
int off_cur_end;
+ if (off_pitch < 0) {
+ off_begin -= bytesperline - 1;
+ }
+
for (y = 0; y < lines; y++) {
off_cur = off_begin;
off_cur_end = (off_cur + bytesperline) & s->cirrus_addr_mask;
+ assert(off_cur_end >= off_cur);
memory_region_set_dirty(&s->vga.vram, off_cur, off_cur_end - off_cur);
off_begin += off_pitch;
}

103
0066-cirrus-fix-blit-address-mask-handli.patch
View File

@ -1,103 +0,0 @@
From 2d9d5517299f47f6cbc208de10cb54d6e0e3971e Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Wed, 25 Jan 2017 11:09:56 +0100
Subject: [PATCH] cirrus: fix blit address mask handling
Apply the cirrus_addr_mask to cirrus_blt_dstaddr and cirrus_blt_srcaddr
right after assigning them, in cirrus_bitblt_start(), instead of having
this all over the place in the cirrus code, and missing a few places.
Reported-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1485338996-17095-1-git-send-email-kraxel@redhat.com
(cherry picked from commit 60cd23e85151525ab26591394c4e7e06fa07d216)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/cirrus_vga.c | 26 +++++++++++++-------------
1 file changed, 13 insertions(+), 13 deletions(-)
diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
index 0f05e4596e..ef5da7acf7 100644
--- a/hw/display/cirrus_vga.c
+++ b/hw/display/cirrus_vga.c
@@ -305,14 +305,15 @@ static bool blit_is_unsafe(struct CirrusVGAState *s, bool dst_only)
}
if (blit_region_is_unsafe(s, s->cirrus_blt_dstpitch,
- s->cirrus_blt_dstaddr & s->cirrus_addr_mask)) {
+ s->cirrus_blt_dstaddr)) {
return true;
}
if (dst_only) {
return false;
}
+
if (blit_region_is_unsafe(s, s->cirrus_blt_srcpitch,
- s->cirrus_blt_srcaddr & s->cirrus_addr_mask)) {
+ s->cirrus_blt_srcaddr)) {
return true;
}
@@ -679,7 +680,7 @@ static int cirrus_bitblt_common_patterncopy(CirrusVGAState * s,
{
uint8_t *dst;
- dst = s->vga.vram_ptr + (s->cirrus_blt_dstaddr & s->cirrus_addr_mask);
+ dst = s->vga.vram_ptr + s->cirrus_blt_dstaddr;
if (blit_is_unsafe(s, false))
return 0;
@@ -703,7 +704,7 @@ static int cirrus_bitblt_solidfill(CirrusVGAState *s, int blt_rop)
return 0;
}
rop_func = cirrus_fill[rop_to_index[blt_rop]][s->cirrus_blt_pixelwidth - 1];
- rop_func(s, s->vga.vram_ptr + (s->cirrus_blt_dstaddr & s->cirrus_addr_mask),
+ rop_func(s, s->vga.vram_ptr + s->cirrus_blt_dstaddr,
s->cirrus_blt_dstpitch,
s->cirrus_blt_width, s->cirrus_blt_height);
cirrus_invalidate_region(s, s->cirrus_blt_dstaddr,
@@ -721,9 +722,8 @@ static int cirrus_bitblt_solidfill(CirrusVGAState *s, int blt_rop)
static int cirrus_bitblt_videotovideo_patterncopy(CirrusVGAState * s)
{
- return cirrus_bitblt_common_patterncopy(s,
- s->vga.vram_ptr + ((s->cirrus_blt_srcaddr & ~7) &
- s->cirrus_addr_mask));
+ return cirrus_bitblt_common_patterncopy(s, s->vga.vram_ptr +
+ (s->cirrus_blt_srcaddr & ~7));
}
static int cirrus_do_copy(CirrusVGAState *s, int dst, int src, int w, int h)
@@ -777,10 +777,8 @@ static int cirrus_do_copy(CirrusVGAState *s, int dst, int src, int w, int h)
if (notify)
graphic_hw_update(s->vga.con);
- (*s->cirrus_rop) (s, s->vga.vram_ptr +
- (s->cirrus_blt_dstaddr & s->cirrus_addr_mask),
- s->vga.vram_ptr +
- (s->cirrus_blt_srcaddr & s->cirrus_addr_mask),
+ (*s->cirrus_rop) (s, s->vga.vram_ptr + s->cirrus_blt_dstaddr,
+ s->vga.vram_ptr + s->cirrus_blt_srcaddr,
s->cirrus_blt_dstpitch, s->cirrus_blt_srcpitch,
s->cirrus_blt_width, s->cirrus_blt_height);
@@ -831,8 +829,7 @@ static void cirrus_bitblt_cputovideo_next(CirrusVGAState * s)
} else {
/* at least one scan line */
do {
- (*s->cirrus_rop)(s, s->vga.vram_ptr +
- (s->cirrus_blt_dstaddr & s->cirrus_addr_mask),
+ (*s->cirrus_rop)(s, s->vga.vram_ptr + s->cirrus_blt_dstaddr,
s->cirrus_bltbuf, 0, 0, s->cirrus_blt_width, 1);
cirrus_invalidate_region(s, s->cirrus_blt_dstaddr, 0,
s->cirrus_blt_width, 1);
@@ -951,6 +948,9 @@ static void cirrus_bitblt_start(CirrusVGAState * s)
s->cirrus_blt_modeext = s->vga.gr[0x33];
blt_rop = s->vga.gr[0x32];
+ s->cirrus_blt_dstaddr &= s->cirrus_addr_mask;
+ s->cirrus_blt_srcaddr &= s->cirrus_addr_mask;
+
#ifdef DEBUG_BITBLT
printf("rop=0x%02x mode=0x%02x modeext=0x%02x w=%d h=%d dpitch=%d spitch=%d daddr=0x%08x saddr=0x%08x writemask=0x%02x\n",
blt_rop,

48
0067-cirrus-fix-oob-access-issue-CVE-201.patch
View File

@ -1,48 +0,0 @@
From 5ac15a00c17d95a440ce99c8154d41a263f96032 Mon Sep 17 00:00:00 2001
From: Li Qiang <liqiang6-s@360.cn>
Date: Wed, 1 Feb 2017 09:35:01 +0100
Subject: [PATCH] cirrus: fix oob access issue (CVE-2017-2615)
When doing bitblt copy in backward mode, we should minus the
blt width first just like the adding in the forward mode. This
can avoid the oob access of the front of vga's vram.
Signed-off-by: Li Qiang <liqiang6-s@360.cn>
{ kraxel: with backward blits (negative pitch) addr is the topmost
address, so check it as-is against vram size ]
Cc: qemu-stable@nongnu.org
Cc: P J P <ppandit@redhat.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Wolfgang Bumiller <w.bumiller@proxmox.com>
Fixes: d3532a0db02296e687711b8cdc7791924efccea0 (CVE-2014-8106)
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1485938101-26602-1-git-send-email-kraxel@redhat.com
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 62d4c6bd5263bb8413a06c80144fc678df6dfb64)
[BR: CVE-2017-2615 BSC#1023004]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/cirrus_vga.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
index ef5da7acf7..aaa46abea4 100644
--- a/hw/display/cirrus_vga.c
+++ b/hw/display/cirrus_vga.c
@@ -277,10 +277,9 @@ static bool blit_region_is_unsafe(struct CirrusVGAState *s,
}
if (pitch < 0) {
int64_t min = addr
- + ((int64_t)s->cirrus_blt_height-1) * pitch;
- int32_t max = addr
- + s->cirrus_blt_width;
- if (min < 0 || max > s->vga.vram_size) {
+ + ((int64_t)s->cirrus_blt_height - 1) * pitch
+ - s->cirrus_blt_width;
+ if (min < -1 || addr >= s->vga.vram_size) {
return true;
}
} else {

35
0068-usb-ccid-check-ccid-apdu-length.patch
View File

@ -1,35 +0,0 @@
From 424bd9dd9c5d6959304faead9e81a0f81435b7d4 Mon Sep 17 00:00:00 2001
From: Prasad J Pandit <pjp@fedoraproject.org>
Date: Fri, 3 Feb 2017 00:52:28 +0530
Subject: [PATCH] usb: ccid: check ccid apdu length
CCID device emulator uses Application Protocol Data Units(APDU)
to exchange command and responses to and from the host.
The length in these units couldn't be greater than 65536. Add
check to ensure the same. It'd also avoid potential integer
overflow in emulated_apdu_from_guest.
Reported-by: Li Qiang <liqiang6-s@360.cn>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-id: 20170202192228.10847-1-ppandit@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit c7dfbf322595ded4e70b626bf83158a9f3807c6a)
[BR: CVE-2017-5898 BSC#1023907]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/usb/dev-smartcard-reader.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/usb/dev-smartcard-reader.c b/hw/usb/dev-smartcard-reader.c
index 89e11b68c4..1325ea1659 100644
--- a/hw/usb/dev-smartcard-reader.c
+++ b/hw/usb/dev-smartcard-reader.c
@@ -967,7 +967,7 @@ static void ccid_on_apdu_from_guest(USBCCIDState *s, CCID_XferBlock *recv)
DPRINTF(s, 1, "%s: seq %d, len %d\n", __func__,
recv->hdr.bSeq, len);
ccid_add_pending_answer(s, (CCID_Header *)recv);
- if (s->card) {
+ if (s->card && len <= BULK_OUT_DATA_SIZE) {
ccid_card_apdu_from_guest(s->card, recv->abData, len);
} else {
DPRINTF(s, D_WARN, "warning: discarded apdu\n");

37
0069-sd-sdhci-check-data-length-during-d.patch
View File

@ -1,37 +0,0 @@
From f774e0e5e658fb9387c10634e2b880a1657ce2ac Mon Sep 17 00:00:00 2001
From: Prasad J Pandit <pjp@fedoraproject.org>
Date: Tue, 7 Feb 2017 18:29:59 +0000
Subject: [PATCH] sd: sdhci: check data length during dma_memory_read
While doing multi block SDMA transfer in routine
'sdhci_sdma_transfer_multi_blocks', the 's->fifo_buffer' starting
index 'begin' and data length 's->data_count' could end up to be same.
This could lead to an OOB access issue. Correct transfer data length
to avoid it.
Cc: qemu-stable@nongnu.org
Reported-by: Jiang Xin <jiangxin1@huawei.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20170130064736.9236-1-ppandit@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
(cherry picked from commit 42922105beb14c2fc58185ea022b9f72fb5465e9)
[BR: CVE-2017-5667 BSC#1022541]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/sd/sdhci.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c
index 01fbf228be..5bd5ab6319 100644
--- a/hw/sd/sdhci.c
+++ b/hw/sd/sdhci.c
@@ -536,7 +536,7 @@ static void sdhci_sdma_transfer_multi_blocks(SDHCIState *s)
boundary_count -= block_size - begin;
}
dma_memory_read(&address_space_memory, s->sdmasysad,
- &s->fifo_buffer[begin], s->data_count);
+ &s->fifo_buffer[begin], s->data_count - begin);
s->sdmasysad += s->data_count - begin;
if (s->data_count == block_size) {
for (n = 0; n < block_size; n++) {

48
0070-virtio-gpu-fix-resource-leak-in-vir.patch
View File

@ -1,48 +0,0 @@
From cb184e87cf205d6570e5cd34e85dd9a8a72a0afc Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Mon, 23 Jan 2017 11:26:50 +0100
Subject: [PATCH] virtio-gpu: fix resource leak in virgl_cmd_resource_unref
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
When the guest sends VIRTIO_GPU_CMD_RESOURCE_UNREF without detaching the
backing storage beforehand (VIRTIO_GPU_CMD_RESOURCE_DETACH_BACKING)
we'll leak memory.
This patch fixes it for 3d mode, simliar to the 2d mode fix in commit
"b8e2392 virtio-gpu: call cleanup mapping function in resource destroy".
Reported-by: 李强 <liqiang6-s@360.cn>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1485167210-4757-1-git-send-email-kraxel@redhat.com
(cherry picked from commit 5e8e3c4c75c199aa1017db816fca02be2a9f8798)
[BR: CVE-2017-5857 BSC#1023073]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/virtio-gpu-3d.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c
index f96a0c2e59..ecb09d17a1 100644
--- a/hw/display/virtio-gpu-3d.c
+++ b/hw/display/virtio-gpu-3d.c
@@ -77,10 +77,18 @@ static void virgl_cmd_resource_unref(VirtIOGPU *g,
struct virtio_gpu_ctrl_command *cmd)
{
struct virtio_gpu_resource_unref unref;
+ struct iovec *res_iovs = NULL;
+ int num_iovs = 0;
VIRTIO_GPU_FILL_CMD(unref);
trace_virtio_gpu_cmd_res_unref(unref.resource_id);
+ virgl_renderer_resource_detach_iov(unref.resource_id,
+ &res_iovs,
+ &num_iovs);
+ if (res_iovs != NULL && num_iovs != 0) {
+ virtio_gpu_cleanup_mapping_iov(res_iovs, num_iovs);
+ }
virgl_renderer_resource_unref(unref.resource_id);
}

103
0071-cirrus-fix-patterncopy-checks.patch
View File

@ -1,103 +0,0 @@
From f369059a4fcc285174c50981fc3fc0b513301aab Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Thu, 9 Feb 2017 14:02:20 +0100
Subject: [PATCH] cirrus: fix patterncopy checks
The blit_region_is_unsafe checks don't work correctly for the
patterncopy source. It's a fixed-sized region, which doesn't
depend on cirrus_blt_{width,height}. So go do the check in
cirrus_bitblt_common_patterncopy instead, then tell blit_is_unsafe that
it doesn't need to verify the source. Also handle the case where we
blit from cirrus_bitbuf correctly.
This patch replaces 5858dd1801883309bdd208d72ddb81c4e9fee30c.
Security impact: I think for the most part error on the safe side this
time, refusing blits which should have been allowed.
Only exception is placing the blit source at the end of the video ram,
so cirrus_blt_srcaddr + 256 goes beyond the end of video memory. But
even in that case I'm not fully sure this actually allows read access to
host memory. To trick the commit 5858dd18 security checks one has to
pick very small cirrus_blt_{width,height} values, which in turn implies
only a fraction of the blit source will actually be used.
Cc: Wolfgang Bumiller <w.bumiller@proxmox.com>
Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Message-id: 1486645341-5010-1-git-send-email-kraxel@redhat.com
(cherry picked from commit 95280c31cda79bb1d0968afc7b19a220b3a9d986)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/cirrus_vga.c | 36 ++++++++++++++++++++++++++++++------
1 file changed, 30 insertions(+), 6 deletions(-)
diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
index aaa46abea4..d214ef74f9 100644
--- a/hw/display/cirrus_vga.c
+++ b/hw/display/cirrus_vga.c
@@ -674,14 +674,39 @@ static void cirrus_invalidate_region(CirrusVGAState * s, int off_begin,
}
}
-static int cirrus_bitblt_common_patterncopy(CirrusVGAState * s,
- const uint8_t * src)
+static int cirrus_bitblt_common_patterncopy(CirrusVGAState *s, bool videosrc)
{
+ uint32_t patternsize;
uint8_t *dst;
+ uint8_t *src;
dst = s->vga.vram_ptr + s->cirrus_blt_dstaddr;
- if (blit_is_unsafe(s, false))
+ if (videosrc) {
+ switch (s->vga.get_bpp(&s->vga)) {
+ case 8:
+ patternsize = 64;
+ break;
+ case 15:
+ case 16:
+ patternsize = 128;
+ break;
+ case 24:
+ case 32:
+ default:
+ patternsize = 256;
+ break;
+ }
+ s->cirrus_blt_srcaddr &= ~(patternsize - 1);
+ if (s->cirrus_blt_srcaddr + patternsize > s->vga.vram_size) {
+ return 0;
+ }
+ src = s->vga.vram_ptr + s->cirrus_blt_srcaddr;
+ } else {
+ src = s->cirrus_bltbuf;
+ }
+
+ if (blit_is_unsafe(s, true))
return 0;
(*s->cirrus_rop) (s, dst, src,
@@ -721,8 +746,7 @@ static int cirrus_bitblt_solidfill(CirrusVGAState *s, int blt_rop)
static int cirrus_bitblt_videotovideo_patterncopy(CirrusVGAState * s)
{
- return cirrus_bitblt_common_patterncopy(s, s->vga.vram_ptr +
- (s->cirrus_blt_srcaddr & ~7));
+ return cirrus_bitblt_common_patterncopy(s, true);
}
static int cirrus_do_copy(CirrusVGAState *s, int dst, int src, int w, int h)
@@ -821,7 +845,7 @@ static void cirrus_bitblt_cputovideo_next(CirrusVGAState * s)
if (s->cirrus_srccounter > 0) {
if (s->cirrus_blt_mode & CIRRUS_BLTMODE_PATTERNCOPY) {
- cirrus_bitblt_common_patterncopy(s, s->cirrus_bltbuf);
+ cirrus_bitblt_common_patterncopy(s, false);
the_end:
s->cirrus_srccounter = 0;
cirrus_bitblt_reset(s);

49
0072-cirrus-add-blit_is_unsafe-call-to-c.patch
View File

@ -1,49 +0,0 @@
From bd4f41a27f8e53e8c8bf958f44afda915b8fec5c Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Wed, 8 Feb 2017 11:18:36 +0100
Subject: [PATCH] cirrus: add blit_is_unsafe call to cirrus_bitblt_cputovideo
(CVE-2017-2620)
CIRRUS_BLTMODE_MEMSYSSRC blits do NOT check blit destination
and blit width, at all. Oops. Fix it.
Security impact: high.
The missing blit destination check allows to write to host memory.
Basically same as CVE-2014-8106 for the other blit variants.
Cc: qemu-stable@nongnu.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit 92f2b88cea48c6aeba8de568a45f2ed958f3c298)
[BR: BSC#1024972]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/cirrus_vga.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
index d214ef74f9..8bf057de82 100644
--- a/hw/display/cirrus_vga.c
+++ b/hw/display/cirrus_vga.c
@@ -899,6 +899,10 @@ static int cirrus_bitblt_cputovideo(CirrusVGAState * s)
{
int w;
+ if (blit_is_unsafe(s, true)) {
+ return 0;
+ }
+
s->cirrus_blt_mode &= ~CIRRUS_BLTMODE_MEMSYSSRC;
s->cirrus_srcptr = &s->cirrus_bltbuf[0];
s->cirrus_srcptr_end = &s->cirrus_bltbuf[0];
@@ -924,6 +928,10 @@ static int cirrus_bitblt_cputovideo(CirrusVGAState * s)
}
s->cirrus_srccounter = s->cirrus_blt_srcpitch * s->cirrus_blt_height;
}
+
+ /* the blit_is_unsafe call above should catch this */
+ assert(s->cirrus_blt_srcpitch <= CIRRUS_BLTBUFSIZE);
+
s->cirrus_srcptr = s->cirrus_bltbuf;
s->cirrus_srcptr_end = s->cirrus_bltbuf + s->cirrus_blt_srcpitch;
cirrus_update_memory_access(s);

168
ipxe-build-Avoid-implicit-fallthrough-warnings-on-GCC-7.patch Normal file
View File

@ -0,0 +1,168 @@
From 5f85cbb9ee1c00cec81a848a9e871ad5d1e7f53f Mon Sep 17 00:00:00 2001
From: Michael Brown <mcb30@ipxe.org>
Date: Wed, 29 Mar 2017 10:36:03 +0300
Subject: [PATCH] [build] Avoid implicit-fallthrough warnings on GCC 7
Reported-by: Vinson Lee <vlee@freedesktop.org>
Reported-by: Liang Yan <lyan@suse.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
[BR: BSC#1031340]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
src/arch/x86/image/bzimage.c | 2 ++
src/drivers/infiniband/golan.c | 1 +
src/drivers/net/ath/ath9k/ath9k_ar5008_phy.c | 2 ++
src/drivers/net/ath/ath9k/ath9k_ar9002_phy.c | 1 +
src/drivers/net/ath/ath9k/ath9k_ar9003_phy.c | 1 +
src/drivers/net/igbvf/igbvf_vf.c | 1 +
src/drivers/net/tg3/tg3_hw.c | 12 ++++++++++++
src/tests/setjmp_test.c | 5 +++--
8 files changed, 23 insertions(+), 2 deletions(-)
diff --git a/src/arch/x86/image/bzimage.c b/src/arch/x86/image/bzimage.c
index e3c4cb83..51498bf9 100644
--- a/src/arch/x86/image/bzimage.c
+++ b/src/arch/x86/image/bzimage.c
@@ -282,9 +282,11 @@ static int bzimage_parse_cmdline ( struct image *image,
case 'G':
case 'g':
bzimg->mem_limit <<= 10;
+ /* Fall through */
case 'M':
case 'm':
bzimg->mem_limit <<= 10;
+ /* Fall through */
case 'K':
case 'k':
bzimg->mem_limit <<= 10;
diff --git a/src/drivers/infiniband/golan.c b/src/drivers/infiniband/golan.c
index 30eaabab..61331d4c 100755
--- a/src/drivers/infiniband/golan.c
+++ b/src/drivers/infiniband/golan.c
@@ -1956,6 +1956,7 @@ static inline void golan_handle_port_event(struct golan *golan, struct golan_eqe
case GOLAN_PORT_CHANGE_SUBTYPE_CLIENT_REREG:
case GOLAN_PORT_CHANGE_SUBTYPE_ACTIVE:
golan_ib_update ( ibdev );
+ /* Fall through */
case GOLAN_PORT_CHANGE_SUBTYPE_DOWN:
case GOLAN_PORT_CHANGE_SUBTYPE_LID:
case GOLAN_PORT_CHANGE_SUBTYPE_PKEY:
diff --git a/src/drivers/net/ath/ath9k/ath9k_ar5008_phy.c b/src/drivers/net/ath/ath9k/ath9k_ar5008_phy.c
index 2b6c133c..a98e4bb6 100644
--- a/src/drivers/net/ath/ath9k/ath9k_ar5008_phy.c
+++ b/src/drivers/net/ath/ath9k/ath9k_ar5008_phy.c
@@ -640,12 +640,14 @@ static void ar5008_hw_init_chain_masks(struct ath_hw *ah)
case 0x5:
REG_SET_BIT(ah, AR_PHY_ANALOG_SWAP,
AR_PHY_SWAP_ALT_CHAIN);
+ /* Fall through */
case 0x3:
if (ah->hw_version.macVersion == AR_SREV_REVISION_5416_10) {
REG_WRITE(ah, AR_PHY_RX_CHAINMASK, 0x7);
REG_WRITE(ah, AR_PHY_CAL_CHAINMASK, 0x7);
break;
}
+ /* Fall through */
case 0x1:
case 0x2:
case 0x7:
diff --git a/src/drivers/net/ath/ath9k/ath9k_ar9002_phy.c b/src/drivers/net/ath/ath9k/ath9k_ar9002_phy.c
index 72203ba4..65cfad59 100644
--- a/src/drivers/net/ath/ath9k/ath9k_ar9002_phy.c
+++ b/src/drivers/net/ath/ath9k/ath9k_ar9002_phy.c
@@ -122,6 +122,7 @@ static int ar9002_hw_set_channel(struct ath_hw *ah, struct ath9k_channel *chan)
aModeRefSel = 2;
if (aModeRefSel)
break;
+ /* Fall through */
case 1:
default:
aModeRefSel = 0;
diff --git a/src/drivers/net/ath/ath9k/ath9k_ar9003_phy.c b/src/drivers/net/ath/ath9k/ath9k_ar9003_phy.c
index 2244b775..b66358b9 100644
--- a/src/drivers/net/ath/ath9k/ath9k_ar9003_phy.c
+++ b/src/drivers/net/ath/ath9k/ath9k_ar9003_phy.c
@@ -539,6 +539,7 @@ void ar9003_hw_set_chain_masks(struct ath_hw *ah, u8 rx, u8 tx)
case 0x5:
REG_SET_BIT(ah, AR_PHY_ANALOG_SWAP,
AR_PHY_SWAP_ALT_CHAIN);
+ /* Fall through */
case 0x3:
case 0x1:
case 0x2:
diff --git a/src/drivers/net/igbvf/igbvf_vf.c b/src/drivers/net/igbvf/igbvf_vf.c
index f2dac8be..f841d5e3 100644
--- a/src/drivers/net/igbvf/igbvf_vf.c
+++ b/src/drivers/net/igbvf/igbvf_vf.c
@@ -357,6 +357,7 @@ s32 igbvf_promisc_set_vf(struct e1000_hw *hw, enum e1000_promisc_type type)
break;
case e1000_promisc_enabled:
msgbuf |= E1000_VF_SET_PROMISC_MULTICAST;
+ /* Fall through */
case e1000_promisc_unicast:
msgbuf |= E1000_VF_SET_PROMISC_UNICAST;
case e1000_promisc_disabled:
diff --git a/src/drivers/net/tg3/tg3_hw.c b/src/drivers/net/tg3/tg3_hw.c
index 50353cf3..798f8519 100644
--- a/src/drivers/net/tg3/tg3_hw.c
+++ b/src/drivers/net/tg3/tg3_hw.c
@@ -2518,28 +2518,40 @@ static int tg3_reset_hw(struct tg3 *tp, int reset_phy)
switch (limit) {
case 16:
tw32(MAC_RCV_RULE_15, 0); tw32(MAC_RCV_VALUE_15, 0);
+ /* Fall through */
case 15:
tw32(MAC_RCV_RULE_14, 0); tw32(MAC_RCV_VALUE_14, 0);
+ /* Fall through */
case 14:
tw32(MAC_RCV_RULE_13, 0); tw32(MAC_RCV_VALUE_13, 0);
+ /* Fall through */
case 13:
tw32(MAC_RCV_RULE_12, 0); tw32(MAC_RCV_VALUE_12, 0);
+ /* Fall through */
case 12:
tw32(MAC_RCV_RULE_11, 0); tw32(MAC_RCV_VALUE_11, 0);
+ /* Fall through */
case 11:
tw32(MAC_RCV_RULE_10, 0); tw32(MAC_RCV_VALUE_10, 0);
+ /* Fall through */
case 10:
tw32(MAC_RCV_RULE_9, 0); tw32(MAC_RCV_VALUE_9, 0);
+ /* Fall through */
case 9:
tw32(MAC_RCV_RULE_8, 0); tw32(MAC_RCV_VALUE_8, 0);
+ /* Fall through */
case 8:
tw32(MAC_RCV_RULE_7, 0); tw32(MAC_RCV_VALUE_7, 0);
+ /* Fall through */
case 7:
tw32(MAC_RCV_RULE_6, 0); tw32(MAC_RCV_VALUE_6, 0);
+ /* Fall through */
case 6:
tw32(MAC_RCV_RULE_5, 0); tw32(MAC_RCV_VALUE_5, 0);
+ /* Fall through */
case 5:
tw32(MAC_RCV_RULE_4, 0); tw32(MAC_RCV_VALUE_4, 0);
+ /* Fall through */
case 4:
/* tw32(MAC_RCV_RULE_3, 0); tw32(MAC_RCV_VALUE_3, 0); */
case 3:
diff --git a/src/tests/setjmp_test.c b/src/tests/setjmp_test.c
index 50ad13f3..deafcee0 100644
--- a/src/tests/setjmp_test.c
+++ b/src/tests/setjmp_test.c
@@ -111,8 +111,9 @@ static void setjmp_return_ok ( struct setjmp_test *test, int value ) {
* @v file Test code file
* @v line Test code line
*/
-static void longjmp_okx ( struct setjmp_test *test, int value,
- const char *file, unsigned int line ) {
+static void __attribute__ (( noreturn ))
+longjmp_okx ( struct setjmp_test *test, int value,
+ const char *file, unsigned int line ) {
/* Record expected value. A zero passed to longjmp() should
* result in setjmp() returning a value of one.
--
2.12.2

3
qemu-2.8.0.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:dafd5d7f649907b6b617b822692f4c82e60cf29bc0fc58bc2036219b591e5e62
size 28368517

BIN
qemu-2.8.0.tar.bz2.sig
View File

Binary file not shown.

3
qemu-2.9.0.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f01cc33e3c5fd5fd2534ce14e369b6b111d7e54e4a4977f8c37eae668176b022
size 22830688

BIN
qemu-2.9.0.tar.xz.sig Normal file
View File

Binary file not shown.

179
qemu-linux-user.changes
View File

@ -1,3 +1,182 @@
-------------------------------------------------------------------
Mon May 22 23:52:15 UTC 2017 - brogers@suse.com
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
* Patches added:
0056-jazz_led-fix-bad-snprintf.patch
0057-slirp-smb-Replace-constant-strings-.patch
0058-altera_timer-fix-incorrect-memset.patch
0059-Hacks-for-building-on-gcc-7-Fedora-.patch
-------------------------------------------------------------------
Mon May 22 19:06:25 UTC 2017 - brogers@suse.com
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
* Patches added:
0055-9pfs-local-forbid-client-access-to-.patch
-------------------------------------------------------------------
Thu May 11 20:55:59 UTC 2017 - brogers@suse.com
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
* Patches added:
0051-input-limit-kbd-queue-depth.patch
0052-audio-release-capture-buffers.patch
0053-scsi-avoid-an-off-by-one-error-in-m.patch
0054-vmw_pvscsi-check-message-ring-page-.patch
-------------------------------------------------------------------
Thu Apr 27 20:09:41 UTC 2017 - brogers@suse.com
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
* Patches added:
0049-ACPI-don-t-call-acpi_pcihp_device_p.patch
0050-i386-Allow-cpuid-bit-override.patch
-------------------------------------------------------------------
Thu Apr 20 16:34:21 UTC 2017 - brogers@suse.com
- Updated to v2.9.0: See http://wiki.qemu-project.org/ChangeLog/2.9
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Tue Apr 18 18:03:16 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc5: See http://wiki.qemu-project.org/ChangeLog/2.9
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Wed Apr 12 15:15:28 UTC 2017 - brogers@suse.com
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
* Patches added:
0048-input-Add-trace-event-for-empty-key.patch
-------------------------------------------------------------------
Tue Apr 11 19:32:00 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc4: See http://wiki.qemu-project.org/ChangeLog/2.9
* Patches renamed:
0041-ARM-KVM-Enable-in-kernel-timers-wit.patch -> 0047-ARM-KVM-Enable-in-kernel-timers-wit.patch
0042-string-input-visitor-Fix-uint64-par.patch -> 0041-string-input-visitor-Fix-uint64-par.patch
0043-test-string-input-visitor-Add-int-t.patch -> 0042-test-string-input-visitor-Add-int-t.patch
0044-test-string-input-visitor-Add-uint6.patch -> 0043-test-string-input-visitor-Add-uint6.patch
0045-tests-Add-QOM-property-unit-tests.patch -> 0044-tests-Add-QOM-property-unit-tests.patch
0046-tests-Add-scsi-disk-test.patch -> 0045-tests-Add-scsi-disk-test.patch
* Patches added:
0046-RFC-update-Linux-headers-from-irqs-.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Wed Apr 5 16:50:51 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc3: See http://wiki.qemu-project.org/ChangeLog/2.9
* Patches dropped:
0047-hw-intc-arm_gicv3_kvm-Check-KVM_DEV.patch
0048-i386-Replace-uint32_t-with-FeatureW.patch
0049-i386-Don-t-override-cpu-options-on-.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
- Made miscellaneous spec file refinements
-------------------------------------------------------------------
Thu Mar 30 22:46:47 UTC 2017 - brogers@suse.com
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
* Patches added:
0048-i386-Replace-uint32_t-with-FeatureW.patch
0049-i386-Don-t-override-cpu-options-on-.patch
-------------------------------------------------------------------
Tue Mar 28 22:12:56 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc2: See http://wiki.qemu-project.org/ChangeLog/2.9
* Patches dropped:
0047-linux-user-exclude-cpu-model-code-w.patch
* Patches added:
0047-hw-intc-arm_gicv3_kvm-Check-KVM_DEV.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Tue Mar 21 20:53:50 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc1: See http://wiki.qemu-project.org/ChangeLog/2.9
* Patches dropped (no longer needed based on what we now build for):
0024-virtfs-proxy-helper-Provide-__u64-f.patch
* Patches dropped (included in upstream source archive):
0034-dma-rc4030-limit-interval-timer-rel.patch
* Patches renamed:
0025-configure-Enable-PIE-for-ppc-and-pp.patch -> 0024-configure-Enable-PIE-for-ppc-and-pp.patch
0026-AIO-Reduce-number-of-threads-for-32.patch -> 0025-AIO-Reduce-number-of-threads-for-32.patch
0027-dictzip-Fix-on-big-endian-systems.patch -> 0026-dictzip-Fix-on-big-endian-systems.patch
0028-xen_disk-Add-suse-specific-flush-di.patch -> 0027-xen_disk-Add-suse-specific-flush-di.patch
0029-qemu-bridge-helper-reduce-security-.patch -> 0028-qemu-bridge-helper-reduce-security-.patch
0030-qemu-binfmt-conf-use-qemu-ARCH-binf.patch -> 0029-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
0031-configure-Fix-detection-of-seccomp-.patch -> 0030-configure-Fix-detection-of-seccomp-.patch
0032-linux-user-properly-test-for-infini.patch -> 0031-linux-user-properly-test-for-infini.patch
0033-linux-user-remove-all-traces-of-qem.patch -> 0032-linux-user-remove-all-traces-of-qem.patch
0035-roms-Makefile-pass-a-packaging-time.patch -> 0033-roms-Makefile-pass-a-packaging-time.patch
0036-Raise-soft-address-space-limit-to-h.patch -> 0034-Raise-soft-address-space-limit-to-h.patch
0037-increase-x86_64-physical-bits-to-42.patch -> 0035-increase-x86_64-physical-bits-to-42.patch
0038-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch -> 0036-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
0039-i8254-Fix-migration-from-SLE11-SP2.patch -> 0037-i8254-Fix-migration-from-SLE11-SP2.patch
0040-acpi_piix4-Fix-migration-from-SLE11.patch -> 0038-acpi_piix4-Fix-migration-from-SLE11.patch
0041-Fix-tigervnc-long-press-issue.patch -> 0039-Fix-tigervnc-long-press-issue.patch
0042-fix-xen-hvm-direct-kernel-boot.patch -> 0040-fix-xen-hvm-direct-kernel-boot.patch
0043-ARM-KVM-Enable-in-kernel-timers-wit.patch -> 0041-ARM-KVM-Enable-in-kernel-timers-wit.patch
0044-string-input-visitor-Fix-uint64-par.patch -> 0042-string-input-visitor-Fix-uint64-par.patch
0045-test-string-input-visitor-Add-int-t.patch -> 0043-test-string-input-visitor-Add-int-t.patch
0046-test-string-input-visitor-Add-uint6.patch -> 0044-test-string-input-visitor-Add-uint6.patch
0047-tests-Add-QOM-property-unit-tests.patch -> 0045-tests-Add-QOM-property-unit-tests.patch
0048-tests-Add-scsi-disk-test.patch -> 0046-tests-Add-scsi-disk-test.patch
0049-linux-user-exclude-cpu-model-code-w.patch -> 0047-linux-user-exclude-cpu-model-code-w.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Mon Mar 20 22:02:08 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc0: See http://wiki.qemu-project.org/ChangeLog/2.9
* Patches dropped (included in upstream source archive):
0035-net-imx-limit-buffer-descriptor-cou.patch
0045-virtio-gpu-call-cleanup-mapping-fun.patch
0051-virtio-gpu-fix-information-leak-in-.patch
0052-display-cirrus-ignore-source-pitch-.patch
0053-s390x-kvm-fix-small-race-reboot-vs..patch
0054-target-s390x-use-qemu-cpu-model-in-.patch
0056-tests-check-path-to-avoid-a-failing.patch
0057-display-virtio-gpu-3d-check-virgl-c.patch
0058-watchdog-6300esb-add-exit-function.patch
0059-virtio-gpu-3d-fix-memory-leak-in-re.patch
0060-virtio-gpu-fix-memory-leak-in-resou.patch
0061-virtio-fix-vq-inuse-recalc-after-mi.patch
0062-audio-es1370-add-exit-function.patch
0063-audio-ac97-add-exit-function.patch
0064-megasas-fix-guest-triggered-memory-.patch
0065-cirrus-handle-negative-pitch-in-cir.patch
0066-cirrus-fix-blit-address-mask-handli.patch
0067-cirrus-fix-oob-access-issue-CVE-201.patch
0068-usb-ccid-check-ccid-apdu-length.patch
0069-sd-sdhci-check-data-length-during-d.patch
0070-virtio-gpu-fix-resource-leak-in-vir.patch
0071-cirrus-fix-patterncopy-checks.patch
0072-cirrus-add-blit_is_unsafe-call-to-c.patch
* Patches renamed:
0036-roms-Makefile-pass-a-packaging-time.patch -> 0035-roms-Makefile-pass-a-packaging-time.patch
0037-Raise-soft-address-space-limit-to-h.patch -> 0036-Raise-soft-address-space-limit-to-h.patch
0038-increase-x86_64-physical-bits-to-42.patch -> 0037-increase-x86_64-physical-bits-to-42.patch
0039-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch -> 0038-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
0040-i8254-Fix-migration-from-SLE11-SP2.patch -> 0039-i8254-Fix-migration-from-SLE11-SP2.patch
0041-acpi_piix4-Fix-migration-from-SLE11.patch -> 0040-acpi_piix4-Fix-migration-from-SLE11.patch
0042-Fix-tigervnc-long-press-issue.patch -> 0041-Fix-tigervnc-long-press-issue.patch
0043-fix-xen-hvm-direct-kernel-boot.patch -> 0042-fix-xen-hvm-direct-kernel-boot.patch
0044-ARM-KVM-Enable-in-kernel-timers-wit.patch -> 0043-ARM-KVM-Enable-in-kernel-timers-wit.patch
0046-string-input-visitor-Fix-uint64-par.patch -> 0044-string-input-visitor-Fix-uint64-par.patch
0047-test-string-input-visitor-Add-int-t.patch -> 0045-test-string-input-visitor-Add-int-t.patch
0048-test-string-input-visitor-Add-uint6.patch -> 0046-test-string-input-visitor-Add-uint6.patch
0049-tests-Add-QOM-property-unit-tests.patch -> 0047-tests-Add-QOM-property-unit-tests.patch
0050-tests-Add-scsi-disk-test.patch -> 0048-tests-Add-scsi-disk-test.patch
0055-linux-user-exclude-cpu-model-code-w.patch -> 0049-linux-user-exclude-cpu-model-code-w.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Wed Mar 1 12:26:56 UTC 2017 - brogers@suse.com

207
qemu-linux-user.spec
View File

@ -21,9 +21,9 @@ Url: http://www.qemu.org/
Summary: Universal CPU emulator
License: BSD-3-Clause and GPL-2.0 and GPL-2.0+ and LGPL-2.1+ and MIT
Group: System/Emulators/PC
Version: 2.8.0
Version: 2.9.0
Release: 0
Source: qemu-2.8.0.tar.bz2
Source: qemu-2.9.0.tar.xz
# Upstream First -- http://wiki.qemu-project.org/Contribute/SubmitAPatch
# This patch queue is auto-generated from https://github.com/openSUSE/qemu
Patch0001: 0001-XXX-dont-dump-core-on-sigabort.patch
@ -49,55 +49,42 @@ Patch0020: 0020-Legacy-Patch-kvm-qemu-preXX-dictzip.patch
Patch0021: 0021-console-add-question-mark-escape-op.patch
Patch0022: 0022-Make-char-muxer-more-robust-wrt-sma.patch
Patch0023: 0023-linux-user-lseek-explicitly-cast-no.patch
Patch0024: 0024-virtfs-proxy-helper-Provide-__u64-f.patch
Patch0025: 0025-configure-Enable-PIE-for-ppc-and-pp.patch
Patch0026: 0026-AIO-Reduce-number-of-threads-for-32.patch
Patch0027: 0027-dictzip-Fix-on-big-endian-systems.patch
Patch0028: 0028-xen_disk-Add-suse-specific-flush-di.patch
Patch0029: 0029-qemu-bridge-helper-reduce-security-.patch
Patch0030: 0030-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
Patch0031: 0031-configure-Fix-detection-of-seccomp-.patch
Patch0032: 0032-linux-user-properly-test-for-infini.patch
Patch0033: 0033-linux-user-remove-all-traces-of-qem.patch
Patch0034: 0034-dma-rc4030-limit-interval-timer-rel.patch
Patch0035: 0035-net-imx-limit-buffer-descriptor-cou.patch
Patch0036: 0036-roms-Makefile-pass-a-packaging-time.patch
Patch0037: 0037-Raise-soft-address-space-limit-to-h.patch
Patch0038: 0038-increase-x86_64-physical-bits-to-42.patch
Patch0039: 0039-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
Patch0040: 0040-i8254-Fix-migration-from-SLE11-SP2.patch
Patch0041: 0041-acpi_piix4-Fix-migration-from-SLE11.patch
Patch0042: 0042-Fix-tigervnc-long-press-issue.patch
Patch0043: 0043-fix-xen-hvm-direct-kernel-boot.patch
Patch0044: 0044-ARM-KVM-Enable-in-kernel-timers-wit.patch
Patch0045: 0045-virtio-gpu-call-cleanup-mapping-fun.patch
Patch0046: 0046-string-input-visitor-Fix-uint64-par.patch
Patch0047: 0047-test-string-input-visitor-Add-int-t.patch
Patch0048: 0048-test-string-input-visitor-Add-uint6.patch
Patch0049: 0049-tests-Add-QOM-property-unit-tests.patch
Patch0050: 0050-tests-Add-scsi-disk-test.patch
Patch0051: 0051-virtio-gpu-fix-information-leak-in-.patch
Patch0052: 0052-display-cirrus-ignore-source-pitch-.patch
Patch0053: 0053-s390x-kvm-fix-small-race-reboot-vs..patch
Patch0054: 0054-target-s390x-use-qemu-cpu-model-in-.patch
Patch0055: 0055-linux-user-exclude-cpu-model-code-w.patch
Patch0056: 0056-tests-check-path-to-avoid-a-failing.patch
Patch0057: 0057-display-virtio-gpu-3d-check-virgl-c.patch
Patch0058: 0058-watchdog-6300esb-add-exit-function.patch
Patch0059: 0059-virtio-gpu-3d-fix-memory-leak-in-re.patch
Patch0060: 0060-virtio-gpu-fix-memory-leak-in-resou.patch
Patch0061: 0061-virtio-fix-vq-inuse-recalc-after-mi.patch
Patch0062: 0062-audio-es1370-add-exit-function.patch
Patch0063: 0063-audio-ac97-add-exit-function.patch
Patch0064: 0064-megasas-fix-guest-triggered-memory-.patch
Patch0065: 0065-cirrus-handle-negative-pitch-in-cir.patch
Patch0066: 0066-cirrus-fix-blit-address-mask-handli.patch
Patch0067: 0067-cirrus-fix-oob-access-issue-CVE-201.patch
Patch0068: 0068-usb-ccid-check-ccid-apdu-length.patch
Patch0069: 0069-sd-sdhci-check-data-length-during-d.patch
Patch0070: 0070-virtio-gpu-fix-resource-leak-in-vir.patch
Patch0071: 0071-cirrus-fix-patterncopy-checks.patch
Patch0072: 0072-cirrus-add-blit_is_unsafe-call-to-c.patch
Patch0024: 0024-configure-Enable-PIE-for-ppc-and-pp.patch
Patch0025: 0025-AIO-Reduce-number-of-threads-for-32.patch
Patch0026: 0026-dictzip-Fix-on-big-endian-systems.patch
Patch0027: 0027-xen_disk-Add-suse-specific-flush-di.patch
Patch0028: 0028-qemu-bridge-helper-reduce-security-.patch
Patch0029: 0029-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
Patch0030: 0030-configure-Fix-detection-of-seccomp-.patch
Patch0031: 0031-linux-user-properly-test-for-infini.patch
Patch0032: 0032-linux-user-remove-all-traces-of-qem.patch
Patch0033: 0033-roms-Makefile-pass-a-packaging-time.patch
Patch0034: 0034-Raise-soft-address-space-limit-to-h.patch
Patch0035: 0035-increase-x86_64-physical-bits-to-42.patch
Patch0036: 0036-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
Patch0037: 0037-i8254-Fix-migration-from-SLE11-SP2.patch
Patch0038: 0038-acpi_piix4-Fix-migration-from-SLE11.patch
Patch0039: 0039-Fix-tigervnc-long-press-issue.patch
Patch0040: 0040-fix-xen-hvm-direct-kernel-boot.patch
Patch0041: 0041-string-input-visitor-Fix-uint64-par.patch
Patch0042: 0042-test-string-input-visitor-Add-int-t.patch
Patch0043: 0043-test-string-input-visitor-Add-uint6.patch
Patch0044: 0044-tests-Add-QOM-property-unit-tests.patch
Patch0045: 0045-tests-Add-scsi-disk-test.patch
Patch0046: 0046-RFC-update-Linux-headers-from-irqs-.patch
Patch0047: 0047-ARM-KVM-Enable-in-kernel-timers-wit.patch
Patch0048: 0048-input-Add-trace-event-for-empty-key.patch
Patch0049: 0049-ACPI-don-t-call-acpi_pcihp_device_p.patch
Patch0050: 0050-i386-Allow-cpuid-bit-override.patch
Patch0051: 0051-input-limit-kbd-queue-depth.patch
Patch0052: 0052-audio-release-capture-buffers.patch
Patch0053: 0053-scsi-avoid-an-off-by-one-error-in-m.patch
Patch0054: 0054-vmw_pvscsi-check-message-ring-page-.patch
Patch0055: 0055-9pfs-local-forbid-client-access-to-.patch
Patch0056: 0056-jazz_led-fix-bad-snprintf.patch
Patch0057: 0057-slirp-smb-Replace-constant-strings-.patch
Patch0058: 0058-altera_timer-fix-incorrect-memset.patch
Patch0059: 0059-Hacks-for-building-on-gcc-7-Fedora-.patch
# Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue.
Source400: update_git.sh
@ -123,7 +110,6 @@ BuildRequires: libattr-devel
%if 0%{?suse_version} > 1220
BuildRequires: makeinfo
%endif
BuildRequires: ncurses-devel
%if 0%{?suse_version} >= 1220
BuildRequires: pcre-devel-static
%endif
@ -151,7 +137,7 @@ emulations. This can be used together with the OBS build script to
run cross-architecture builds.
%prep
%setup -q -n qemu-2.8.0
%setup -q -n qemu-2.9.0
%patch0001 -p1
%patch0002 -p1
%patch0003 -p1
@ -211,34 +197,74 @@ run cross-architecture builds.
%patch0057 -p1
%patch0058 -p1
%patch0059 -p1
%patch0060 -p1
%patch0061 -p1
%patch0062 -p1
%patch0063 -p1
%patch0064 -p1
%patch0065 -p1
%patch0066 -p1
%patch0067 -p1
%patch0068 -p1
%patch0069 -p1
%patch0070 -p1
%patch0071 -p1
%patch0072 -p1
%build
./configure --prefix=%_prefix --sysconfdir=%_sysconfdir \
./configure \
--prefix=%_prefix \
--sysconfdir=%_sysconfdir \
--libdir=%_libdir \
--libexecdir=%_libexecdir \
--enable-linux-user \
--localstatedir=%_localstatedir \
--extra-cflags="%{optflags}" \
--disable-stack-protector \
--disable-system \
--disable-tools \
--disable-guest-agent \
--static --disable-linux-aio \
--disable-fdt \
--without-pixman \
--disable-blobs \
--disable-strip \
--extra-cflags="%{optflags}"
--disable-system --enable-linux-user \
--disable-tools --disable-guest-agent \
--static \
--disable-modules \
--disable-pie \
--disable-docs \
--audio-drv-list="" \
--enable-attr \
--disable-blobs \
--disable-bluez \
--disable-brlapi \
--disable-bzip2 \
--disable-cap-ng \
--enable-coroutine-pool \
--disable-curl \
--disable-curses \
--disable-fdt \
--disable-gcrypt \
--disable-glusterfs \
--disable-gnutls \
--disable-gtk \
--disable-hax \
--disable-jemalloc \
--disable-kvm \
--disable-libiscsi \
--disable-linux-aio \
--disable-lzo \
--disable-netmap \
--disable-nettle \
--disable-numa \
--disable-opengl \
--without-pixman \
--disable-rbd \
--disable-rdma \
--disable-replication \
--disable-sdl \
--disable-seccomp \
--disable-smartcard \
--disable-snappy \
--disable-spice \
--disable-tcmalloc \
--disable-tpm \
--disable-usb-redir \
--disable-vde \
--disable-vhost-net \
--disable-virglrenderer \
--disable-virtfs \
--disable-vnc \
--disable-vnc-jpeg \
--disable-vnc-png \
--disable-vnc-sasl \
--disable-vte \
--disable-xen \
--disable-xen-pci-passthrough \
--disable-xen-pv-domain-build \
--disable-xfsctl \
%if 0%{?suse_version} == 1140
# -lrt needs to come after -lglib-2.0 to avoid undefined clock_gettime
sed -i "s/-lglib-2.0/-lglib-2.0 -lrt/" config-host.mak
@ -279,26 +305,19 @@ make %{?_smp_mflags} V=1
%install
make install DESTDIR=%{buildroot}
%{__rm} -rf %{buildroot}%_datadir/doc
%{__rm} -rf %{buildroot}%_mandir/man1/qemu.1
%{__rm} -rf %{buildroot}%_mandir/man1/qemu-img.1
%{__rm} -rf %{buildroot}%_mandir/man8/qemu-nbd.8
%{__rm} -rf %{buildroot}%_datadir/qemu/keymaps
%{__rm} -rf %{buildroot}%_datadir/qemu/trace-events-all
%{__rm} -rf %{buildroot}%_sysconfdir/qemu/target-x86_64.conf
%{__rm} -rf %{buildroot}%_libexecdir/qemu-bridge-helper
%{__install} -d -m 755 %{buildroot}%_sbindir
%{__install} -m 755 scripts/qemu-binfmt-conf.sh %{buildroot}%_sbindir
rm -rf %{buildroot}%_datadir/qemu/keymaps
unlink %{buildroot}%_datadir/qemu/trace-events-all
unlink %{buildroot}%_libexecdir/qemu-bridge-helper
install -d -m 755 %{buildroot}%_sbindir
install -m 755 scripts/qemu-binfmt-conf.sh %{buildroot}%_sbindir
%ifnarch %ix86 x86_64
ln -sf ../../../emul/ia32-linux %{buildroot}%_datadir/qemu/qemu-i386
%endif
%ifnarch ia64
%{__mkdir} -p %{buildroot}/emul/ia32-linux
%endif
mkdir -p %{buildroot}/emul/ia32-linux
%fdupes -s %{buildroot}
%clean
%{__rm} -rf %{buildroot}
rm -rf %{buildroot}
%files
%defattr(-, root, root)
@ -307,6 +326,7 @@ ln -sf ../../../emul/ia32-linux %{buildroot}%_datadir/qemu/qemu-i386
%_bindir/qemu-arm
%_bindir/qemu-armeb
%_bindir/qemu-cris
%_bindir/qemu-hppa
%_bindir/qemu-i386
%_bindir/qemu-m68k
%_bindir/qemu-microblaze
@ -317,7 +337,8 @@ ln -sf ../../../emul/ia32-linux %{buildroot}%_datadir/qemu/qemu-i386
%_bindir/qemu-mipsn32el
%_bindir/qemu-mips64
%_bindir/qemu-mips64el
%_bindir/qemu-or32
%_bindir/qemu-nios2
%_bindir/qemu-or1k
%_bindir/qemu-ppc64abi32
%_bindir/qemu-ppc64
%_bindir/qemu-ppc64le
@ -332,10 +353,8 @@ ln -sf ../../../emul/ia32-linux %{buildroot}%_datadir/qemu/qemu-i386
%_bindir/qemu-x86_64
%_bindir/qemu-*-binfmt
%_sbindir/qemu-binfmt-conf.sh
%ifnarch %ix86 x86_64 ia64
%dir /emul/ia32-linux
%endif
%ifnarch %ix86 x86_64
%dir /emul/ia32-linux
%dir %_datadir/qemu
%_datadir/qemu/qemu-i386
%endif

109
qemu-linux-user.spec.in
View File

@ -1,7 +1,7 @@
#
# spec file for package qemu-linux-user
#
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -23,7 +23,7 @@ License: BSD-3-Clause and GPL-2.0 and GPL-2.0+ and LGPL-2.1+ and MIT
Group: System/Emulators/PC
QEMU_VERSION
Release: 0
Source: qemu-2.8.0.tar.bz2
Source: qemu-2.9.0.tar.xz
# Upstream First -- http://wiki.qemu-project.org/Contribute/SubmitAPatch
# This patch queue is auto-generated from https://github.com/openSUSE/qemu
PATCH_FILES
@ -52,7 +52,6 @@ BuildRequires: libattr-devel
%if 0%{?suse_version} > 1220
BuildRequires: makeinfo
%endif
BuildRequires: ncurses-devel
%if 0%{?suse_version} >= 1220
BuildRequires: pcre-devel-static
%endif
@ -80,23 +79,76 @@ emulations. This can be used together with the OBS build script to
run cross-architecture builds.
%prep
%setup -q -n qemu-2.8.0
%setup -q -n qemu-2.9.0
PATCH_EXEC
%build
./configure --prefix=%_prefix --sysconfdir=%_sysconfdir \
./configure \
--prefix=%_prefix \
--sysconfdir=%_sysconfdir \
--libdir=%_libdir \
--libexecdir=%_libexecdir \
--enable-linux-user \
--localstatedir=%_localstatedir \
--extra-cflags="%{optflags}" \
--disable-stack-protector \
--disable-system \
--disable-tools \
--disable-guest-agent \
--static --disable-linux-aio \
--disable-fdt \
--without-pixman \
--disable-blobs \
--disable-strip \
--extra-cflags="%{optflags}"
--disable-system --enable-linux-user \
--disable-tools --disable-guest-agent \
--static \
--disable-modules \
--disable-pie \
--disable-docs \
--audio-drv-list="" \
--enable-attr \
--disable-blobs \
--disable-bluez \
--disable-brlapi \
--disable-bzip2 \
--disable-cap-ng \
--enable-coroutine-pool \
--disable-curl \
--disable-curses \
--disable-fdt \
--disable-gcrypt \
--disable-glusterfs \
--disable-gnutls \
--disable-gtk \
--disable-hax \
--disable-jemalloc \
--disable-kvm \
--disable-libiscsi \
--disable-linux-aio \
--disable-lzo \
--disable-netmap \
--disable-nettle \
--disable-numa \
--disable-opengl \
--without-pixman \
--disable-rbd \
--disable-rdma \
--disable-replication \
--disable-sdl \
--disable-seccomp \
--disable-smartcard \
--disable-snappy \
--disable-spice \
--disable-tcmalloc \
--disable-tpm \
--disable-usb-redir \
--disable-vde \
--disable-vhost-net \
--disable-virglrenderer \
--disable-virtfs \
--disable-vnc \
--disable-vnc-jpeg \
--disable-vnc-png \
--disable-vnc-sasl \
--disable-vte \
--disable-xen \
--disable-xen-pci-passthrough \
--disable-xen-pv-domain-build \
--disable-xfsctl \
%if 0%{?suse_version} == 1140
# -lrt needs to come after -lglib-2.0 to avoid undefined clock_gettime
sed -i "s/-lglib-2.0/-lglib-2.0 -lrt/" config-host.mak
@ -137,26 +189,19 @@ make %{?_smp_mflags} V=1
%install
make install DESTDIR=%{buildroot}
%{__rm} -rf %{buildroot}%_datadir/doc
%{__rm} -rf %{buildroot}%_mandir/man1/qemu.1
%{__rm} -rf %{buildroot}%_mandir/man1/qemu-img.1
%{__rm} -rf %{buildroot}%_mandir/man8/qemu-nbd.8
%{__rm} -rf %{buildroot}%_datadir/qemu/keymaps
%{__rm} -rf %{buildroot}%_datadir/qemu/trace-events-all
%{__rm} -rf %{buildroot}%_sysconfdir/qemu/target-x86_64.conf
%{__rm} -rf %{buildroot}%_libexecdir/qemu-bridge-helper
%{__install} -d -m 755 %{buildroot}%_sbindir
%{__install} -m 755 scripts/qemu-binfmt-conf.sh %{buildroot}%_sbindir
rm -rf %{buildroot}%_datadir/qemu/keymaps
unlink %{buildroot}%_datadir/qemu/trace-events-all
unlink %{buildroot}%_libexecdir/qemu-bridge-helper
install -d -m 755 %{buildroot}%_sbindir
install -m 755 scripts/qemu-binfmt-conf.sh %{buildroot}%_sbindir
%ifnarch %ix86 x86_64
ln -sf ../../../emul/ia32-linux %{buildroot}%_datadir/qemu/qemu-i386
%endif
%ifnarch ia64
%{__mkdir} -p %{buildroot}/emul/ia32-linux
%endif
mkdir -p %{buildroot}/emul/ia32-linux
%fdupes -s %{buildroot}
%clean
%{__rm} -rf %{buildroot}
rm -rf %{buildroot}
%files
%defattr(-, root, root)
@ -165,6 +210,7 @@ ln -sf ../../../emul/ia32-linux %{buildroot}%_datadir/qemu/qemu-i386
%_bindir/qemu-arm
%_bindir/qemu-armeb
%_bindir/qemu-cris
%_bindir/qemu-hppa
%_bindir/qemu-i386
%_bindir/qemu-m68k
%_bindir/qemu-microblaze
@ -175,7 +221,8 @@ ln -sf ../../../emul/ia32-linux %{buildroot}%_datadir/qemu/qemu-i386
%_bindir/qemu-mipsn32el
%_bindir/qemu-mips64
%_bindir/qemu-mips64el
%_bindir/qemu-or32
%_bindir/qemu-nios2
%_bindir/qemu-or1k
%_bindir/qemu-ppc64abi32
%_bindir/qemu-ppc64
%_bindir/qemu-ppc64le
@ -190,10 +237,8 @@ ln -sf ../../../emul/ia32-linux %{buildroot}%_datadir/qemu/qemu-i386
%_bindir/qemu-x86_64
%_bindir/qemu-*-binfmt
%_sbindir/qemu-binfmt-conf.sh
%ifnarch %ix86 x86_64 ia64
%dir /emul/ia32-linux
%endif
%ifnarch %ix86 x86_64
%dir /emul/ia32-linux
%dir %_datadir/qemu
%_datadir/qemu/qemu-i386
%endif

220
qemu-testsuite.changes
View File

@ -1,3 +1,223 @@
-------------------------------------------------------------------
Mon May 22 23:52:12 UTC 2017 - brogers@suse.com
- Fixes for gcc7 compatability (bsc#1040228) (in behalf of Liang Yan)
0056-jazz_led-fix-bad-snprintf.patch
0057-slirp-smb-Replace-constant-strings-.patch
0058-altera_timer-fix-incorrect-memset.patch
0059-Hacks-for-building-on-gcc-7-Fedora-.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Mon May 22 19:06:22 UTC 2017 - brogers@suse.com
- Protect access to metadata in virtio-9pfs (CVE-2017-7493 bsc#1039495)
0055-9pfs-local-forbid-client-access-to-.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Thu May 11 20:55:57 UTC 2017 - brogers@suse.com
- Address various security/stability issues
* Fix DOS potential in vnc interface (CVE-2017-8379 bsc#1037334)
0051-input-limit-kbd-queue-depth.patch
* Fix DOS potential in vnc interface (CVE-2017-8309 bsc#1037242)
0052-audio-release-capture-buffers.patch
* Fix OOB access in megasas device emulation (CVE-2017-8380
bsc#1037336)
0053-scsi-avoid-an-off-by-one-error-in-m.patch
* Fix DOS in Vmware pv scsi emulation (CVE-2017-8112 bsc#1036211)
0054-vmw_pvscsi-check-message-ring-page-.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Thu May 4 20:14:25 UTC 2017 - brogers@suse.com
- Fix building packages for some older distros.
- Further refine our handling of building firmware (or not) for
the various arch's and distro versions we build for. Note that
if we don't build x86 firmware, (eg: x86 Leap 42.1) the upstream
binary blobs are used, which may have migration incompatibilities
with previous versions of qemu provided.
-------------------------------------------------------------------
Thu Apr 27 20:09:38 UTC 2017 - brogers@suse.com
- Fix issue in shipping qemu v2.9.0, where pci-passthrough for Xen
HVM guests got broken (bsc#1034131)
0049-ACPI-don-t-call-acpi_pcihp_device_p.patch
- Include experimental, unsupported feature to assist in some
performance analysis work.
0050-i386-Allow-cpuid-bit-override.patch
-------------------------------------------------------------------
Thu Apr 20 16:30:38 UTC 2017 - brogers@suse.com
- Updated to v2.9.0: See http://wiki.qemu-project.org/ChangeLog/2.9
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Tue Apr 18 18:03:16 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc5: See http://wiki.qemu-project.org/ChangeLog/2.9
* Includes fix for CVE-2017-7471, a virtfs security issue.
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Wed Apr 12 15:15:25 UTC 2017 - brogers@suse.com
- Add empty keyboard queue tracepoint to help openQA testing work
better (bsc#1031692)
0048-input-Add-trace-event-for-empty-key.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Tue Apr 11 19:32:00 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc4: See http://wiki.qemu-project.org/ChangeLog/2.9
- Enable ceph/rbd support for s390x (bsc#1030068)
- Enable ceph/rbd support for ppc* as available
- Update ARM in-kernel-timers patch (bsc#1033416)
* Patches renamed:
0041-ARM-KVM-Enable-in-kernel-timers-wit.patch -> 0047-ARM-KVM-Enable-in-kernel-timers-wit.patch
0042-string-input-visitor-Fix-uint64-par.patch -> 0041-string-input-visitor-Fix-uint64-par.patch
0043-test-string-input-visitor-Add-int-t.patch -> 0042-test-string-input-visitor-Add-int-t.patch
0044-test-string-input-visitor-Add-uint6.patch -> 0043-test-string-input-visitor-Add-uint6.patch
0045-tests-Add-QOM-property-unit-tests.patch -> 0044-tests-Add-QOM-property-unit-tests.patch
0046-tests-Add-scsi-disk-test.patch -> 0045-tests-Add-scsi-disk-test.patch
* Patches added (support patch):
0046-RFC-update-Linux-headers-from-irqs-.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Wed Apr 5 16:50:48 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc3: See http://wiki.qemu-project.org/ChangeLog/2.9
* Patches dropped (included in upstream source archive):
0047-hw-intc-arm_gicv3_kvm-Check-KVM_DEV.patch
0048-i386-Replace-uint32_t-with-FeatureW.patch
0049-i386-Don-t-override-cpu-options-on-.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
- Added additional documentation provided with v2.9.0
- Fix build failure with gcc7 (bsc#1031340)
ipxe-build-Avoid-implicit-fallthrough-warnings-on-GCC-7.patch
- Made miscellaneous spec file refinements
-------------------------------------------------------------------
Thu Mar 30 22:46:43 UTC 2017 - brogers@suse.com
- The support documents included are now fairly accurate for the
arm and s390 world, and the x86 version also received a few
tweaks. Also included in those docs is a url reference to upstream
qemu deprecation plans and discussions.
(fate#321146)
- Add post v2.9.0-rc2 upstream patches which fix -cpu host and -cpu
max feature overrides for libvirt compatability.
0048-i386-Replace-uint32_t-with-FeatureW.patch
0049-i386-Don-t-override-cpu-options-on-.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Tue Mar 28 22:12:52 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc2: See http://wiki.qemu-project.org/ChangeLog/2.9
* Includes fix for in guest privilege escalation when using TCG
(bsc#1030624)
* Patches dropped (equivalent included in upstream source archive):
0047-linux-user-exclude-cpu-model-code-w.patch
- Fix failure booting SLE12-SP2 Aarch64 guest (bsc#1031384)
0047-hw-intc-arm_gicv3_kvm-Check-KVM_DEV.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Tue Mar 21 20:53:47 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc1: See http://wiki.qemu-project.org/ChangeLog/2.9
* Patches dropped (no longer needed based on what we now build for):
0024-virtfs-proxy-helper-Provide-__u64-f.patch
* Patches dropped (included in upstream source archive):
0034-dma-rc4030-limit-interval-timer-rel.patch
* Patches renamed:
0025-configure-Enable-PIE-for-ppc-and-pp.patch -> 0024-configure-Enable-PIE-for-ppc-and-pp.patch
0026-AIO-Reduce-number-of-threads-for-32.patch -> 0025-AIO-Reduce-number-of-threads-for-32.patch
0027-dictzip-Fix-on-big-endian-systems.patch -> 0026-dictzip-Fix-on-big-endian-systems.patch
0028-xen_disk-Add-suse-specific-flush-di.patch -> 0027-xen_disk-Add-suse-specific-flush-di.patch
0029-qemu-bridge-helper-reduce-security-.patch -> 0028-qemu-bridge-helper-reduce-security-.patch
0030-qemu-binfmt-conf-use-qemu-ARCH-binf.patch -> 0029-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
0031-configure-Fix-detection-of-seccomp-.patch -> 0030-configure-Fix-detection-of-seccomp-.patch
0032-linux-user-properly-test-for-infini.patch -> 0031-linux-user-properly-test-for-infini.patch
0033-linux-user-remove-all-traces-of-qem.patch -> 0032-linux-user-remove-all-traces-of-qem.patch
0035-roms-Makefile-pass-a-packaging-time.patch -> 0033-roms-Makefile-pass-a-packaging-time.patch
0036-Raise-soft-address-space-limit-to-h.patch -> 0034-Raise-soft-address-space-limit-to-h.patch
0037-increase-x86_64-physical-bits-to-42.patch -> 0035-increase-x86_64-physical-bits-to-42.patch
0038-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch -> 0036-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
0039-i8254-Fix-migration-from-SLE11-SP2.patch -> 0037-i8254-Fix-migration-from-SLE11-SP2.patch
0040-acpi_piix4-Fix-migration-from-SLE11.patch -> 0038-acpi_piix4-Fix-migration-from-SLE11.patch
0041-Fix-tigervnc-long-press-issue.patch -> 0039-Fix-tigervnc-long-press-issue.patch
0042-fix-xen-hvm-direct-kernel-boot.patch -> 0040-fix-xen-hvm-direct-kernel-boot.patch
0043-ARM-KVM-Enable-in-kernel-timers-wit.patch -> 0041-ARM-KVM-Enable-in-kernel-timers-wit.patch
0044-string-input-visitor-Fix-uint64-par.patch -> 0042-string-input-visitor-Fix-uint64-par.patch
0045-test-string-input-visitor-Add-int-t.patch -> 0043-test-string-input-visitor-Add-int-t.patch
0046-test-string-input-visitor-Add-uint6.patch -> 0044-test-string-input-visitor-Add-uint6.patch
0047-tests-Add-QOM-property-unit-tests.patch -> 0045-tests-Add-QOM-property-unit-tests.patch
0048-tests-Add-scsi-disk-test.patch -> 0046-tests-Add-scsi-disk-test.patch
0049-linux-user-exclude-cpu-model-code-w.patch -> 0047-linux-user-exclude-cpu-model-code-w.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Mon Mar 20 22:02:08 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc0: See http://wiki.qemu-project.org/ChangeLog/2.9
* Updated version carries fixes for the following reported issues:
CVE-2016-9602 bsc#1020427, CVE-2016-9923 bsc#1014703,
CVE-2017-2630 bsc#1025396, CVE-2017-2633 bsc#1026612,
CVE-2017-5579 bsc#1021741, CVE-2017-5931 bsc#1024114,
CVE-2017-5973 bsc#1025109, CVE-2017-5987 bsc#1025311,
CVE-2017-6058 bsc#1025837, CVE-2017-6505 bsc#1028184
* Patches dropped:
seabios_128kb.patch (no longer required)
* Patches dropped (included in upstream source archive):
0035-net-imx-limit-buffer-descriptor-cou.patch
0045-virtio-gpu-call-cleanup-mapping-fun.patch
0051-virtio-gpu-fix-information-leak-in-.patch
0052-display-cirrus-ignore-source-pitch-.patch
0053-s390x-kvm-fix-small-race-reboot-vs..patch
0054-target-s390x-use-qemu-cpu-model-in-.patch
0056-tests-check-path-to-avoid-a-failing.patch
0057-display-virtio-gpu-3d-check-virgl-c.patch
0058-watchdog-6300esb-add-exit-function.patch
0059-virtio-gpu-3d-fix-memory-leak-in-re.patch
0060-virtio-gpu-fix-memory-leak-in-resou.patch
0061-virtio-fix-vq-inuse-recalc-after-mi.patch
0062-audio-es1370-add-exit-function.patch
0063-audio-ac97-add-exit-function.patch
0064-megasas-fix-guest-triggered-memory-.patch
0065-cirrus-handle-negative-pitch-in-cir.patch
0066-cirrus-fix-blit-address-mask-handli.patch
0067-cirrus-fix-oob-access-issue-CVE-201.patch
0068-usb-ccid-check-ccid-apdu-length.patch
0069-sd-sdhci-check-data-length-during-d.patch
0070-virtio-gpu-fix-resource-leak-in-vir.patch
0071-cirrus-fix-patterncopy-checks.patch
0072-cirrus-add-blit_is_unsafe-call-to-c.patch
* Patches renamed:
0036-roms-Makefile-pass-a-packaging-time.patch -> 0035-roms-Makefile-pass-a-packaging-time.patch
0037-Raise-soft-address-space-limit-to-h.patch -> 0036-Raise-soft-address-space-limit-to-h.patch
0038-increase-x86_64-physical-bits-to-42.patch -> 0037-increase-x86_64-physical-bits-to-42.patch
0039-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch -> 0038-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
0040-i8254-Fix-migration-from-SLE11-SP2.patch -> 0039-i8254-Fix-migration-from-SLE11-SP2.patch
0041-acpi_piix4-Fix-migration-from-SLE11.patch -> 0040-acpi_piix4-Fix-migration-from-SLE11.patch
0042-Fix-tigervnc-long-press-issue.patch -> 0041-Fix-tigervnc-long-press-issue.patch
0043-fix-xen-hvm-direct-kernel-boot.patch -> 0042-fix-xen-hvm-direct-kernel-boot.patch
0044-ARM-KVM-Enable-in-kernel-timers-wit.patch -> 0043-ARM-KVM-Enable-in-kernel-timers-wit.patch
0046-string-input-visitor-Fix-uint64-par.patch -> 0044-string-input-visitor-Fix-uint64-par.patch
0047-test-string-input-visitor-Add-int-t.patch -> 0045-test-string-input-visitor-Add-int-t.patch
0048-test-string-input-visitor-Add-uint6.patch -> 0046-test-string-input-visitor-Add-uint6.patch
0049-tests-Add-QOM-property-unit-tests.patch -> 0047-tests-Add-QOM-property-unit-tests.patch
0050-tests-Add-scsi-disk-test.patch -> 0048-tests-Add-scsi-disk-test.patch
0055-linux-user-exclude-cpu-model-code-w.patch -> 0049-linux-user-exclude-cpu-model-code-w.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Wed Mar 1 12:26:56 UTC 2017 - brogers@suse.com

358
qemu-testsuite.spec
View File

@ -18,15 +18,15 @@
%define noarch_supported 1110
%define build_x86_fw_from_source 0
%define build_x86_firmware_from_source 0
%define build_slof_from_source 0
%define kvm_available 0
%define legacy_qemu_kvm 0
%ifarch %ix86 x86_64
# choice of building all from source or using provided binary x86 blobs
%if 0%{?suse_version} >= 1310
%define build_x86_fw_from_source 1
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
%define build_x86_firmware_from_source 1
%endif
%endif
@ -64,6 +64,24 @@
%endif
%endif
%ifarch ppc64le
%if 0%{?suse_version} > 1320 || ( 0%{?is_opensuse} == 0 && 0%{?sle_version} > 120200 )
%define with_rbd 1
%endif
%endif
%ifarch s390x
%if 0%{?is_opensuse} == 0 && 0%{?sle_version} > 120200
%define with_rbd 1
%endif
%endif
%ifarch ppc64
%if 0%{?is_opensuse} && 0%{?sle_version} > 120200
%define with_rbd 1
%endif
%endif
%if 0%{?suse_version} > 1320
%define with_seccomp 1
%endif
@ -91,10 +109,10 @@ Url: http://www.qemu.org/
Summary: Universal CPU emulator
License: BSD-3-Clause and GPL-2.0 and GPL-2.0+ and LGPL-2.1+ and MIT
Group: System/Emulators/PC
Version: 2.8.0
Version: 2.9.0
Release: 0
Source: http://wiki.qemu.org/download/qemu-2.8.0.tar.bz2
Source99: http://wiki.qemu.org/download/qemu-2.8.0.tar.bz2.sig
Source: http://wiki.qemu.org/download/qemu-2.9.0.tar.xz
Source99: http://wiki.qemu.org/download/qemu-2.9.0.tar.xz.sig
Source1: 80-kvm.rules
Source2: qemu-ifup
Source3: kvm_stat
@ -135,76 +153,58 @@ Patch0020: 0020-Legacy-Patch-kvm-qemu-preXX-dictzip.patch
Patch0021: 0021-console-add-question-mark-escape-op.patch
Patch0022: 0022-Make-char-muxer-more-robust-wrt-sma.patch
Patch0023: 0023-linux-user-lseek-explicitly-cast-no.patch
Patch0024: 0024-virtfs-proxy-helper-Provide-__u64-f.patch
Patch0025: 0025-configure-Enable-PIE-for-ppc-and-pp.patch
Patch0026: 0026-AIO-Reduce-number-of-threads-for-32.patch
Patch0027: 0027-dictzip-Fix-on-big-endian-systems.patch
Patch0028: 0028-xen_disk-Add-suse-specific-flush-di.patch
Patch0029: 0029-qemu-bridge-helper-reduce-security-.patch
Patch0030: 0030-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
Patch0031: 0031-configure-Fix-detection-of-seccomp-.patch
Patch0032: 0032-linux-user-properly-test-for-infini.patch
Patch0033: 0033-linux-user-remove-all-traces-of-qem.patch
Patch0034: 0034-dma-rc4030-limit-interval-timer-rel.patch
Patch0035: 0035-net-imx-limit-buffer-descriptor-cou.patch
Patch0036: 0036-roms-Makefile-pass-a-packaging-time.patch
Patch0037: 0037-Raise-soft-address-space-limit-to-h.patch
Patch0038: 0038-increase-x86_64-physical-bits-to-42.patch
Patch0039: 0039-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
Patch0040: 0040-i8254-Fix-migration-from-SLE11-SP2.patch
Patch0041: 0041-acpi_piix4-Fix-migration-from-SLE11.patch
Patch0042: 0042-Fix-tigervnc-long-press-issue.patch
Patch0043: 0043-fix-xen-hvm-direct-kernel-boot.patch
Patch0044: 0044-ARM-KVM-Enable-in-kernel-timers-wit.patch
Patch0045: 0045-virtio-gpu-call-cleanup-mapping-fun.patch
Patch0046: 0046-string-input-visitor-Fix-uint64-par.patch
Patch0047: 0047-test-string-input-visitor-Add-int-t.patch
Patch0048: 0048-test-string-input-visitor-Add-uint6.patch
Patch0049: 0049-tests-Add-QOM-property-unit-tests.patch
Patch0050: 0050-tests-Add-scsi-disk-test.patch
Patch0051: 0051-virtio-gpu-fix-information-leak-in-.patch
Patch0052: 0052-display-cirrus-ignore-source-pitch-.patch
Patch0053: 0053-s390x-kvm-fix-small-race-reboot-vs..patch
Patch0054: 0054-target-s390x-use-qemu-cpu-model-in-.patch
Patch0055: 0055-linux-user-exclude-cpu-model-code-w.patch
Patch0056: 0056-tests-check-path-to-avoid-a-failing.patch
Patch0057: 0057-display-virtio-gpu-3d-check-virgl-c.patch
Patch0058: 0058-watchdog-6300esb-add-exit-function.patch
Patch0059: 0059-virtio-gpu-3d-fix-memory-leak-in-re.patch
Patch0060: 0060-virtio-gpu-fix-memory-leak-in-resou.patch
Patch0061: 0061-virtio-fix-vq-inuse-recalc-after-mi.patch
Patch0062: 0062-audio-es1370-add-exit-function.patch
Patch0063: 0063-audio-ac97-add-exit-function.patch
Patch0064: 0064-megasas-fix-guest-triggered-memory-.patch
Patch0065: 0065-cirrus-handle-negative-pitch-in-cir.patch
Patch0066: 0066-cirrus-fix-blit-address-mask-handli.patch
Patch0067: 0067-cirrus-fix-oob-access-issue-CVE-201.patch
Patch0068: 0068-usb-ccid-check-ccid-apdu-length.patch
Patch0069: 0069-sd-sdhci-check-data-length-during-d.patch
Patch0070: 0070-virtio-gpu-fix-resource-leak-in-vir.patch
Patch0071: 0071-cirrus-fix-patterncopy-checks.patch
Patch0072: 0072-cirrus-add-blit_is_unsafe-call-to-c.patch
Patch0024: 0024-configure-Enable-PIE-for-ppc-and-pp.patch
Patch0025: 0025-AIO-Reduce-number-of-threads-for-32.patch
Patch0026: 0026-dictzip-Fix-on-big-endian-systems.patch
Patch0027: 0027-xen_disk-Add-suse-specific-flush-di.patch
Patch0028: 0028-qemu-bridge-helper-reduce-security-.patch
Patch0029: 0029-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
Patch0030: 0030-configure-Fix-detection-of-seccomp-.patch
Patch0031: 0031-linux-user-properly-test-for-infini.patch
Patch0032: 0032-linux-user-remove-all-traces-of-qem.patch
Patch0033: 0033-roms-Makefile-pass-a-packaging-time.patch
Patch0034: 0034-Raise-soft-address-space-limit-to-h.patch
Patch0035: 0035-increase-x86_64-physical-bits-to-42.patch
Patch0036: 0036-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
Patch0037: 0037-i8254-Fix-migration-from-SLE11-SP2.patch
Patch0038: 0038-acpi_piix4-Fix-migration-from-SLE11.patch
Patch0039: 0039-Fix-tigervnc-long-press-issue.patch
Patch0040: 0040-fix-xen-hvm-direct-kernel-boot.patch
Patch0041: 0041-string-input-visitor-Fix-uint64-par.patch
Patch0042: 0042-test-string-input-visitor-Add-int-t.patch
Patch0043: 0043-test-string-input-visitor-Add-uint6.patch
Patch0044: 0044-tests-Add-QOM-property-unit-tests.patch
Patch0045: 0045-tests-Add-scsi-disk-test.patch
Patch0046: 0046-RFC-update-Linux-headers-from-irqs-.patch
Patch0047: 0047-ARM-KVM-Enable-in-kernel-timers-wit.patch
Patch0048: 0048-input-Add-trace-event-for-empty-key.patch
Patch0049: 0049-ACPI-don-t-call-acpi_pcihp_device_p.patch
Patch0050: 0050-i386-Allow-cpuid-bit-override.patch
Patch0051: 0051-input-limit-kbd-queue-depth.patch
Patch0052: 0052-audio-release-capture-buffers.patch
Patch0053: 0053-scsi-avoid-an-off-by-one-error-in-m.patch
Patch0054: 0054-vmw_pvscsi-check-message-ring-page-.patch
Patch0055: 0055-9pfs-local-forbid-client-access-to-.patch
Patch0056: 0056-jazz_led-fix-bad-snprintf.patch
Patch0057: 0057-slirp-smb-Replace-constant-strings-.patch
Patch0058: 0058-altera_timer-fix-incorrect-memset.patch
Patch0059: 0059-Hacks-for-building-on-gcc-7-Fedora-.patch
# Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue.
%if %{build_x86_fw_from_source}
# SeaBIOS / SeaVGABIOS
# PATCH-FIX-OPENSUSE seabios_128kb.patch brogers@suse.com -- make it fit
Patch1000: seabios_128kb.patch
# SeaBIOS / SeaVGABIOS (Currently no patches)
# ipxe
# PATCH-FIX-OPENSUSE ipxe-stable-buildid.patch brogers@suse.com -- reproducible builds
Patch1100: ipxe-stable-buildid.patch
Patch1101: ipxe-use-gcc6-for-more-compact-code.patch
Patch1102: ipxe-build-Avoid-implicit-fallthrough-warnings-on-GCC-7.patch
# sgabios
# PATCH-FIX-OPENSUSE sgabios-stable-buildid.patch brogers@suse.com -- reproducible builds
Patch1200: sgabios-stable-buildid.patch
%endif
%if %{build_slof_from_source}
# SLOF (Currently no patches)
%endif
# this is to make lint happy
Source300: qemu-rpmlintrc
@ -221,7 +221,7 @@ BuildRequires: SDL-devel
BuildRequires: SDL2-devel
%endif
BuildRequires: alsa-devel
%if %{?build_x86_fw_from_source}
%if %{build_x86_firmware_from_source}
BuildRequires: binutils-devel
%endif
BuildRequires: bluez-devel
@ -230,13 +230,13 @@ BuildRequires: brlapi-devel
%endif
BuildRequires: curl-devel
BuildRequires: cyrus-sasl-devel
%if %{build_x86_fw_from_source}
%if %{build_x86_firmware_from_source}
BuildRequires: iasl
%endif
BuildRequires: e2fsprogs-devel
BuildRequires: fdupes
BuildRequires: gcc-c++
%if %{build_x86_fw_from_source}
%if %{build_x86_firmware_from_source}
BuildRequires: gcc6
%endif
BuildRequires: glib2-devel
@ -289,11 +289,17 @@ BuildRequires: libjpeg-devel
%if 0%{?suse_version} >= 1310
BuildRequires: libnettle-devel
%endif
%ifarch %ix86 aarch64
%ifarch %ix86 x86_64
%if 0%{?suse_version} > 1320 || 0%{?suse_version} == 1315
BuildRequires: libnuma-devel
%endif
%else
%ifarch aarch64
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
BuildRequires: libnuma-devel
%endif
%endif
%else
%ifnarch %arm s390x
BuildRequires: libnuma-devel
%endif
@ -324,7 +330,7 @@ BuildRequires: makeinfo
%endif
BuildRequires: Mesa-devel
BuildRequires: ncurses-devel
%if %{?build_x86_fw_from_source}
%if %{build_x86_firmware_from_source}
BuildRequires: ovmf-tools
%endif
BuildRequires: pkgconfig
@ -343,9 +349,7 @@ BuildRequires: systemd
%if %{kvm_available}
BuildRequires: pkgconfig(udev)
%endif
%if 0%{?sles_version} != 11
BuildRequires: usbredir-devel
%endif
%if 0%{?suse_version} >= 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
BuildRequires: virglrenderer-devel >= 0.4.1
%endif
@ -360,19 +364,33 @@ BuildRequires: vte2-devel
BuildRequires: xen-devel
%endif
BuildRequires: xfsprogs-devel
%if %{build_x86_fw_from_source}
%if %{build_x86_firmware_from_source}
BuildRequires: xz-devel
%endif
BuildRequires: zlib-devel
%if "%{name}" == "qemu-testsuite"
BuildRequires: bc
BuildRequires: qemu-arm = %version
BuildRequires: qemu-block-curl = %version
BuildRequires: qemu-block-dmg = %version
BuildRequires: qemu-extra = %version
BuildRequires: qemu-guest-agent = %version
BuildRequires: qemu-ppc = %version
BuildRequires: qemu-s390 = %version
BuildRequires: qemu-tools = %version
BuildRequires: qemu-x86 = %version
%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
BuildRequires: qemu-block-gluster = %version
%endif
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
BuildRequires: qemu-block-iscsi = %version
%endif
%if 0%{?with_rbd}
BuildRequires: qemu-block-rbd = %version
%endif
%if 0%{?suse_version} > 1140
BuildRequires: qemu-block-ssh = %version
%endif
%endif
Requires(pre): pwdutils
Requires(post): coreutils
@ -424,16 +442,50 @@ Suggests: qemu-lang
Recommends: qemu-ksm = %{version}
%endif
%ifarch x86_64
%define x86_64_only_b_f_f {efi-e1000.rom efi-e1000e.rom efi-eepro100.rom \
efi-pcnet.rom efi-ne2k_pci.rom efi-rtl8139.rom efi-virtio.rom efi-vmxnet3.rom}
%if %{build_slof_from_source}
%define ppc_default_built_firmware {%nil}
%define ppc_extra_built_firmware {slof.bin}
%endif
%define built_firmware_files {bios.bin bios-256k.bin sgabios.bin vgabios.bin \
vgabios-cirrus.bin vgabios-stdvga.bin vgabios-virtio.bin vgabios-vmware.bin \
vgabios-qxl.bin optionrom/linuxboot.bin optionrom/linuxboot_dma.bin \
optionrom/multiboot.bin optionrom/kvmvapic.bin pxe-e1000.rom pxe-pcnet.rom \
pxe-ne2k_pci.rom pxe-rtl8139.rom pxe-eepro100.rom pxe-virtio.rom \
%{?x86_64_only_b_f_f}}
%ifarch ppc64
%define ppc64_only_default_built_firmware {spapr-rtas.bin}
%define ppc64_only_extra_built_firmware {%nil}
%endif
%ifarch s390x
%define s390x_default_built_firmware {s390-ccw.img}
%define s390x_extra_built_firmware {%nil}
%endif
%ifarch %ix86 x86_64
%define x86_default_built_firmware {linuxboot.bin linuxboot_dma.bin \
multiboot.bin kvmvapic.bin}
%ifarch x86_64
%define x86_64_only_default_built_firmware {%nil}
%endif
%endif
%define x86_extra_built_firmware_list {bios.bin bios-256k.bin sgabios.bin \
vgabios.bin vgabios-cirrus.bin vgabios-stdvga.bin vgabios-virtio.bin \
vgabios-vmware.bin vgabios-qxl.bin pxe-e1000.rom pxe-pcnet.rom \
pxe-ne2k_pci.rom pxe-rtl8139.rom pxe-eepro100.rom pxe-virtio.rom}
%define x86_64_only_extra_built_firmware_list {efi-e1000.rom efi-e1000e.rom \
efi-eepro100.rom efi-pcnet.rom efi-ne2k_pci.rom efi-rtl8139.rom efi-virtio.rom \
efi-vmxnet3.rom}
%if %{build_x86_firmware_from_source}
%define x86_extra_built_firmware %{x86_extra_built_firmware_list}
%ifarch x86_64
%define x86_64_only_extra_built_firmware %{x86_64_only_extra_built_firmware_list}
%endif
%endif
%define built_firmware { \
%{?ppc_default_built_firmware} %{?ppc_extra_built_firmware} \
%{?ppc64_only_default_built_firmware} %{?ppc64_only_extra_built_firmware} \
%{?s390x_default_built_firmware} %{?s390x_extra_built_firmware} \
%{?x86_default_built_firmware} %{?x86_extra_built_firmware} \
%{?x86_64_only_default_built_firmware} %{?x86_64_only_extra_built_firmware} }
%description
QEMU is an extremely well-performing CPU emulator that allows you to
@ -711,7 +763,7 @@ This sub-package contains the guest agent.
%package seabios
Summary: X86 BIOS for QEMU
Group: System/Emulators/PC
Version: 1.10.1
Version: 1.10.2
Release: 0
%if 0%{?suse_version} > %{noarch_supported}
BuildArch: noarch
@ -725,7 +777,7 @@ is the default BIOS for QEMU.
%package vgabios
Summary: VGA BIOSes for QEMU
Group: System/Emulators/PC
Version: 1.10.1
Version: 1.10.2
Release: 0
%if 0%{?suse_version} > %{noarch_supported}
BuildArch: noarch
@ -782,7 +834,7 @@ This package provides a service file for starting and stopping KSM.
%endif # !qemu-testsuite
%prep
%setup -q -n qemu-2.8.0
%setup -q -n qemu-2.9.0
%patch0001 -p1
%patch0002 -p1
%patch0003 -p1
@ -842,44 +894,25 @@ This package provides a service file for starting and stopping KSM.
%patch0057 -p1
%patch0058 -p1
%patch0059 -p1
%patch0060 -p1
%patch0061 -p1
%patch0062 -p1
%patch0063 -p1
%patch0064 -p1
%patch0065 -p1
%patch0066 -p1
%patch0067 -p1
%patch0068 -p1
%patch0069 -p1
%patch0070 -p1
%patch0071 -p1
%patch0072 -p1
%if %{build_x86_fw_from_source}
pushd roms/seabios
%patch1000 -p1
popd
pushd roms/ipxe
%patch1100 -p1
%patch1101 -p1
%patch1102 -p1
popd
pushd roms/sgabios
%patch1200 -p1
popd
# as a safeguard, delete the firmware files that we intend to build
for i in %built_firmware_files
do
rm -f pc-bios/$i
done
%endif
%if %{build_slof_from_source}
pushd roms/SLOF
popd
rm -f pc-bios/slof.bin
%endif
# as a safeguard, delete the firmware files that we intend to build
for i in %built_firmware
do
unlink pc-bios/$i
done
%build
echo '%{version}' > roms/seabios/.version
@ -889,6 +922,7 @@ echo '%{version}' > roms/seabios/.version
--libdir=%_libdir \
--libexecdir=%_libexecdir \
--localstatedir=%_localstatedir \
--docdir=%_docdir/qemu \
--extra-cflags="%{optflags}" \
--disable-stack-protector \
--disable-strip \
@ -899,7 +933,6 @@ echo '%{version}' > roms/seabios/.version
--enable-pie \
--enable-docs \
--audio-drv-list="pa alsa sdl oss" \
--disable-archipelago \
--enable-attr \
--enable-bluez \
%if 0%{?suse_version} >= 1130
@ -909,7 +942,6 @@ echo '%{version}' > roms/seabios/.version
%endif
--enable-bzip2 \
--enable-cap-ng \
--disable-colo \
--enable-coroutine-pool \
--enable-curl \
--enable-curses \
@ -931,6 +963,7 @@ echo '%{version}' > roms/seabios/.version
%else
--with-gtkabi=2.0 \
%endif
--disable-hax \
--disable-jemalloc \
%if %{kvm_available}
--enable-kvm \
@ -956,13 +989,21 @@ echo '%{version}' > roms/seabios/.version
--enable-linux-aio \
--enable-lzo \
--disable-netmap \
%ifarch %ix86 aarch64
%ifarch %ix86 x86_64
%if 0%{?suse_version} > 1320 || 0%{?suse_version} == 1315
--enable-numa \
%else
--disable-numa \
%endif
%else
%ifarch aarch64
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
--enable-numa \
%endif
%else
--disable-numa \
%endif
%else
%ifarch %arm s390x
--disable-numa \
%else
@ -972,6 +1013,7 @@ echo '%{version}' > roms/seabios/.version
%if 0%{?suse_version} >= 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
--enable-opengl \
%endif
--with-system-pixman \
%if 0%{?with_rbd}
--enable-rbd \
%else
@ -982,7 +1024,7 @@ echo '%{version}' > roms/seabios/.version
%else
--disable-rdma \
%endif
--disable-replication \
--enable-replication \
--enable-sdl \
%if 0%{?suse_version} >= 1320
--with-sdlabi=2.0 \
@ -1011,11 +1053,7 @@ echo '%{version}' > roms/seabios/.version
%endif
--disable-tcmalloc \
--enable-tpm \
%if 0%{?sles_version} == 11
--disable-usb-redir \
%else
--enable-usb-redir \
%endif
--enable-vde \
--enable-vhost-net \
%if 0%{?suse_version} >= 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
@ -1045,8 +1083,37 @@ echo '%{version}' > roms/seabios/.version
make %{?_smp_mflags} V=1
# Firmware
%if %{build_x86_fw_from_source}
%ifarch s390x
for i in %s390x_default_built_firmware
do
cp pc-bios/s390-ccw/$i pc-bios/
done
%endif
%ifarch ppc64
for i in %ppc64_only_default_built_firmware
do
cp pc-bios/spapr-rtas/$i pc-bios/
done
%endif
%ifarch %ix86 x86_64
for i in %x86_default_built_firmware
do
cp pc-bios/optionrom/$i pc-bios/
done
%ifarch x86_64
for i in %x86_64_only_default_built_firmware
do
cp pc-bios/optionrom/$i pc-bios/
done
%endif
%endif
%if %{build_x86_firmware_from_source}
make %{?_smp_mflags} -C roms bios
make %{?_smp_mflags} -C roms seavgabios
make %{?_smp_mflags} -C roms pxerom
%ifarch x86_64
@ -1080,24 +1147,21 @@ for i in %supported_nics_small
fi
done
%endif
%if %{build_slof_from_source}
make %{?_smp_mflags} -C roms slof
%endif
%ifarch s390x
cp pc-bios/s390-ccw/s390-ccw.img pc-bios/s390-ccw.img
%endif
%else # qemu-testsuite
ln -s %{_bindir}/qemu-img qemu-img
ln -s %{_bindir}/qemu-ga qemu-ga
ln -s %{_bindir}/qemu-io qemu-io
%if %{build_x86_fw_from_source}
for i in %built_firmware_files
for i in %built_firmware
do
ln -s %{_datadir}/qemu/$i pc-bios/$i
done
%endif
for conf in default-configs/*-softmmu.mak; do
arch=`echo "$conf" | sed -e 's|default-configs/\(.*\)-softmmu.mak|\1|g'`
@ -1105,7 +1169,10 @@ for conf in default-configs/*-softmmu.mak; do
done
# Compile the QOM test binary first, so that ...
touch -r config-host.mak pc-bios
make tests/qom-test %{?_smp_mflags} V=1
# Firmware
# ... make comes in fresh and has lots of address space (needed for 32bit, bsc#957379)
%if 0%{?suse_version} >= 1310
make check-report.html V=1
@ -1152,16 +1219,14 @@ format=`qemu-img info test.tar | grep "file format:" | cut -d ':' -f 2 | tr -d '
%install
%if "%{name}" != "qemu-testsuite"
touch -r config-host.mak pc-bios
make install DESTDIR=%{buildroot}
rm -fr %{buildroot}%{_datadir}/doc
%if ! %{build_x86_fw_from_source}
for f in acpi-dsdt.aml bios-256k.bin bios.bin efi-*.rom pxe-*.rom sgabios.bin \
vgabios-cirrus.bin vgabios-qxl.bin vgabios-stdvga.bin vgabios-virtio.bin vgabios-vmware.bin \
vgabios.bin; do
rm %{buildroot}%{_datadir}/%name/$f
%ifnarch %ix86 x86_64
for f in acpi-dsdt.aml %{x86_extra_built_firmware_list} \
%{x86_64_only_extra_built_firmware_list}; do
unlink %{buildroot}%{_datadir}/%name/$f
done
%endif
# rm -f %{buildroot}%{_datadir}/%{name}/u-boot.e500
%find_lang %name
install -D -m 644 %{SOURCE302} %{buildroot}%{_sysconfdir}/qemu/bridge.conf
install -D -m 755 %{SOURCE2} %{buildroot}/usr/share/qemu/qemu-ifup
@ -1315,8 +1380,16 @@ fi
%files
%defattr(-, root, root)
%if "%{name}" != "qemu-testsuite"
%doc COPYING COPYING.LIB Changelog README VERSION qemu-doc.html
%doc %_mandir/man1/qemu.1.gz
%doc COPYING COPYING.LIB Changelog README VERSION
%_docdir/%name/qemu-doc.txt
%_docdir/%name/qemu-doc.html
%_docdir/%name/qemu-qmp-ref.txt
%_docdir/%name/qemu-qmp-ref.html
%_docdir/%name/qemu-ga-ref.txt
%_docdir/%name/qemu-ga-ref.html
%_mandir/man1/qemu.1.gz
%_mandir/man7/qemu-qmp-ref.7.gz
%_mandir/man7/qemu-ga-ref.7.gz
%dir %_datadir/%name
%_datadir/%name/keymaps
%_datadir/%name/trace-events-all
@ -1404,7 +1477,8 @@ fi
%_bindir/qemu-system-mips64
%_bindir/qemu-system-mips64el
%_bindir/qemu-system-moxie
%_bindir/qemu-system-or32
%_bindir/qemu-system-nios2
%_bindir/qemu-system-or1k
%_bindir/qemu-system-sh4
%_bindir/qemu-system-sh4eb
%_bindir/qemu-system-sparc
@ -1424,7 +1498,7 @@ fi
%files kvm
%defattr(-,root,root)
%_bindir/qemu-kvm
%doc %_mandir/man1/qemu-kvm.1.gz
%_mandir/man1/qemu-kvm.1.gz
%if 0%{?is_opensuse} == 0
%dir %_docdir/qemu-kvm
%_docdir/qemu-kvm/kvm-supported.txt
@ -1472,7 +1546,7 @@ fi
%files lang -f %name.lang
%defattr(-, root, root)
%if %{build_x86_fw_from_source}
%ifarch %ix86 x86_64
%files seabios
%defattr(-, root, root)
%dir %_datadir/%name
@ -1516,9 +1590,9 @@ fi
%files tools
%defattr(-, root, root)
%doc %_mandir/man1/qemu-img.1.gz
%doc %_mandir/man1/virtfs-proxy-helper.1.gz
%doc %_mandir/man8/qemu-nbd.8.gz
%_mandir/man1/qemu-img.1.gz
%_mandir/man1/virtfs-proxy-helper.1.gz
%_mandir/man8/qemu-nbd.8.gz
%_bindir/ivshmem-client
%_bindir/ivshmem-server
%_bindir/qemu-io
@ -1532,7 +1606,7 @@ fi
%files guest-agent
%defattr(-, root, root)
%doc %_mandir/man8/qemu-ga.8.gz
%_mandir/man8/qemu-ga.8.gz
%attr(755,root,kvm) %_bindir/qemu-ga
%if 0%{?with_systemd}
%{_unitdir}/qemu-ga.service
@ -1546,9 +1620,9 @@ fi
%endif
%else # qemu-testsuite
%doc %_datadir/qemu/check-report.xml
%_datadir/qemu/check-report.xml
%if 0%{?suse_version} >= 1310
%doc %_datadir/qemu/check-report.html
%_datadir/qemu/check-report.html
%endif
%endif

220
qemu.changes
View File

@ -1,3 +1,223 @@
-------------------------------------------------------------------
Mon May 22 23:52:12 UTC 2017 - brogers@suse.com
- Fixes for gcc7 compatability (bsc#1040228) (in behalf of Liang Yan)
0056-jazz_led-fix-bad-snprintf.patch
0057-slirp-smb-Replace-constant-strings-.patch
0058-altera_timer-fix-incorrect-memset.patch
0059-Hacks-for-building-on-gcc-7-Fedora-.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Mon May 22 19:06:22 UTC 2017 - brogers@suse.com
- Protect access to metadata in virtio-9pfs (CVE-2017-7493 bsc#1039495)
0055-9pfs-local-forbid-client-access-to-.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Thu May 11 20:55:57 UTC 2017 - brogers@suse.com
- Address various security/stability issues
* Fix DOS potential in vnc interface (CVE-2017-8379 bsc#1037334)
0051-input-limit-kbd-queue-depth.patch
* Fix DOS potential in vnc interface (CVE-2017-8309 bsc#1037242)
0052-audio-release-capture-buffers.patch
* Fix OOB access in megasas device emulation (CVE-2017-8380
bsc#1037336)
0053-scsi-avoid-an-off-by-one-error-in-m.patch
* Fix DOS in Vmware pv scsi emulation (CVE-2017-8112 bsc#1036211)
0054-vmw_pvscsi-check-message-ring-page-.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Thu May 4 20:14:25 UTC 2017 - brogers@suse.com
- Fix building packages for some older distros.
- Further refine our handling of building firmware (or not) for
the various arch's and distro versions we build for. Note that
if we don't build x86 firmware, (eg: x86 Leap 42.1) the upstream
binary blobs are used, which may have migration incompatibilities
with previous versions of qemu provided.
-------------------------------------------------------------------
Thu Apr 27 20:09:38 UTC 2017 - brogers@suse.com
- Fix issue in shipping qemu v2.9.0, where pci-passthrough for Xen
HVM guests got broken (bsc#1034131)
0049-ACPI-don-t-call-acpi_pcihp_device_p.patch
- Include experimental, unsupported feature to assist in some
performance analysis work.
0050-i386-Allow-cpuid-bit-override.patch
-------------------------------------------------------------------
Thu Apr 20 16:30:38 UTC 2017 - brogers@suse.com
- Updated to v2.9.0: See http://wiki.qemu-project.org/ChangeLog/2.9
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Tue Apr 18 18:03:16 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc5: See http://wiki.qemu-project.org/ChangeLog/2.9
* Includes fix for CVE-2017-7471, a virtfs security issue.
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Wed Apr 12 15:15:25 UTC 2017 - brogers@suse.com
- Add empty keyboard queue tracepoint to help openQA testing work
better (bsc#1031692)
0048-input-Add-trace-event-for-empty-key.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Tue Apr 11 19:32:00 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc4: See http://wiki.qemu-project.org/ChangeLog/2.9
- Enable ceph/rbd support for s390x (bsc#1030068)
- Enable ceph/rbd support for ppc* as available
- Update ARM in-kernel-timers patch (bsc#1033416)
* Patches renamed:
0041-ARM-KVM-Enable-in-kernel-timers-wit.patch -> 0047-ARM-KVM-Enable-in-kernel-timers-wit.patch
0042-string-input-visitor-Fix-uint64-par.patch -> 0041-string-input-visitor-Fix-uint64-par.patch
0043-test-string-input-visitor-Add-int-t.patch -> 0042-test-string-input-visitor-Add-int-t.patch
0044-test-string-input-visitor-Add-uint6.patch -> 0043-test-string-input-visitor-Add-uint6.patch
0045-tests-Add-QOM-property-unit-tests.patch -> 0044-tests-Add-QOM-property-unit-tests.patch
0046-tests-Add-scsi-disk-test.patch -> 0045-tests-Add-scsi-disk-test.patch
* Patches added (support patch):
0046-RFC-update-Linux-headers-from-irqs-.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Wed Apr 5 16:50:48 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc3: See http://wiki.qemu-project.org/ChangeLog/2.9
* Patches dropped (included in upstream source archive):
0047-hw-intc-arm_gicv3_kvm-Check-KVM_DEV.patch
0048-i386-Replace-uint32_t-with-FeatureW.patch
0049-i386-Don-t-override-cpu-options-on-.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
- Added additional documentation provided with v2.9.0
- Fix build failure with gcc7 (bsc#1031340)
ipxe-build-Avoid-implicit-fallthrough-warnings-on-GCC-7.patch
- Made miscellaneous spec file refinements
-------------------------------------------------------------------
Thu Mar 30 22:46:43 UTC 2017 - brogers@suse.com
- The support documents included are now fairly accurate for the
arm and s390 world, and the x86 version also received a few
tweaks. Also included in those docs is a url reference to upstream
qemu deprecation plans and discussions.
(fate#321146)
- Add post v2.9.0-rc2 upstream patches which fix -cpu host and -cpu
max feature overrides for libvirt compatability.
0048-i386-Replace-uint32_t-with-FeatureW.patch
0049-i386-Don-t-override-cpu-options-on-.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Tue Mar 28 22:12:52 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc2: See http://wiki.qemu-project.org/ChangeLog/2.9
* Includes fix for in guest privilege escalation when using TCG
(bsc#1030624)
* Patches dropped (equivalent included in upstream source archive):
0047-linux-user-exclude-cpu-model-code-w.patch
- Fix failure booting SLE12-SP2 Aarch64 guest (bsc#1031384)
0047-hw-intc-arm_gicv3_kvm-Check-KVM_DEV.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Tue Mar 21 20:53:47 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc1: See http://wiki.qemu-project.org/ChangeLog/2.9
* Patches dropped (no longer needed based on what we now build for):
0024-virtfs-proxy-helper-Provide-__u64-f.patch
* Patches dropped (included in upstream source archive):
0034-dma-rc4030-limit-interval-timer-rel.patch
* Patches renamed:
0025-configure-Enable-PIE-for-ppc-and-pp.patch -> 0024-configure-Enable-PIE-for-ppc-and-pp.patch
0026-AIO-Reduce-number-of-threads-for-32.patch -> 0025-AIO-Reduce-number-of-threads-for-32.patch
0027-dictzip-Fix-on-big-endian-systems.patch -> 0026-dictzip-Fix-on-big-endian-systems.patch
0028-xen_disk-Add-suse-specific-flush-di.patch -> 0027-xen_disk-Add-suse-specific-flush-di.patch
0029-qemu-bridge-helper-reduce-security-.patch -> 0028-qemu-bridge-helper-reduce-security-.patch
0030-qemu-binfmt-conf-use-qemu-ARCH-binf.patch -> 0029-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
0031-configure-Fix-detection-of-seccomp-.patch -> 0030-configure-Fix-detection-of-seccomp-.patch
0032-linux-user-properly-test-for-infini.patch -> 0031-linux-user-properly-test-for-infini.patch
0033-linux-user-remove-all-traces-of-qem.patch -> 0032-linux-user-remove-all-traces-of-qem.patch
0035-roms-Makefile-pass-a-packaging-time.patch -> 0033-roms-Makefile-pass-a-packaging-time.patch
0036-Raise-soft-address-space-limit-to-h.patch -> 0034-Raise-soft-address-space-limit-to-h.patch
0037-increase-x86_64-physical-bits-to-42.patch -> 0035-increase-x86_64-physical-bits-to-42.patch
0038-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch -> 0036-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
0039-i8254-Fix-migration-from-SLE11-SP2.patch -> 0037-i8254-Fix-migration-from-SLE11-SP2.patch
0040-acpi_piix4-Fix-migration-from-SLE11.patch -> 0038-acpi_piix4-Fix-migration-from-SLE11.patch
0041-Fix-tigervnc-long-press-issue.patch -> 0039-Fix-tigervnc-long-press-issue.patch
0042-fix-xen-hvm-direct-kernel-boot.patch -> 0040-fix-xen-hvm-direct-kernel-boot.patch
0043-ARM-KVM-Enable-in-kernel-timers-wit.patch -> 0041-ARM-KVM-Enable-in-kernel-timers-wit.patch
0044-string-input-visitor-Fix-uint64-par.patch -> 0042-string-input-visitor-Fix-uint64-par.patch
0045-test-string-input-visitor-Add-int-t.patch -> 0043-test-string-input-visitor-Add-int-t.patch
0046-test-string-input-visitor-Add-uint6.patch -> 0044-test-string-input-visitor-Add-uint6.patch
0047-tests-Add-QOM-property-unit-tests.patch -> 0045-tests-Add-QOM-property-unit-tests.patch
0048-tests-Add-scsi-disk-test.patch -> 0046-tests-Add-scsi-disk-test.patch
0049-linux-user-exclude-cpu-model-code-w.patch -> 0047-linux-user-exclude-cpu-model-code-w.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Mon Mar 20 22:02:08 UTC 2017 - brogers@suse.com
- Updated to v2.9.0-rc0: See http://wiki.qemu-project.org/ChangeLog/2.9
* Updated version carries fixes for the following reported issues:
CVE-2016-9602 bsc#1020427, CVE-2016-9923 bsc#1014703,
CVE-2017-2630 bsc#1025396, CVE-2017-2633 bsc#1026612,
CVE-2017-5579 bsc#1021741, CVE-2017-5931 bsc#1024114,
CVE-2017-5973 bsc#1025109, CVE-2017-5987 bsc#1025311,
CVE-2017-6058 bsc#1025837, CVE-2017-6505 bsc#1028184
* Patches dropped:
seabios_128kb.patch (no longer required)
* Patches dropped (included in upstream source archive):
0035-net-imx-limit-buffer-descriptor-cou.patch
0045-virtio-gpu-call-cleanup-mapping-fun.patch
0051-virtio-gpu-fix-information-leak-in-.patch
0052-display-cirrus-ignore-source-pitch-.patch
0053-s390x-kvm-fix-small-race-reboot-vs..patch
0054-target-s390x-use-qemu-cpu-model-in-.patch
0056-tests-check-path-to-avoid-a-failing.patch
0057-display-virtio-gpu-3d-check-virgl-c.patch
0058-watchdog-6300esb-add-exit-function.patch
0059-virtio-gpu-3d-fix-memory-leak-in-re.patch
0060-virtio-gpu-fix-memory-leak-in-resou.patch
0061-virtio-fix-vq-inuse-recalc-after-mi.patch
0062-audio-es1370-add-exit-function.patch
0063-audio-ac97-add-exit-function.patch
0064-megasas-fix-guest-triggered-memory-.patch
0065-cirrus-handle-negative-pitch-in-cir.patch
0066-cirrus-fix-blit-address-mask-handli.patch
0067-cirrus-fix-oob-access-issue-CVE-201.patch
0068-usb-ccid-check-ccid-apdu-length.patch
0069-sd-sdhci-check-data-length-during-d.patch
0070-virtio-gpu-fix-resource-leak-in-vir.patch
0071-cirrus-fix-patterncopy-checks.patch
0072-cirrus-add-blit_is_unsafe-call-to-c.patch
* Patches renamed:
0036-roms-Makefile-pass-a-packaging-time.patch -> 0035-roms-Makefile-pass-a-packaging-time.patch
0037-Raise-soft-address-space-limit-to-h.patch -> 0036-Raise-soft-address-space-limit-to-h.patch
0038-increase-x86_64-physical-bits-to-42.patch -> 0037-increase-x86_64-physical-bits-to-42.patch
0039-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch -> 0038-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
0040-i8254-Fix-migration-from-SLE11-SP2.patch -> 0039-i8254-Fix-migration-from-SLE11-SP2.patch
0041-acpi_piix4-Fix-migration-from-SLE11.patch -> 0040-acpi_piix4-Fix-migration-from-SLE11.patch
0042-Fix-tigervnc-long-press-issue.patch -> 0041-Fix-tigervnc-long-press-issue.patch
0043-fix-xen-hvm-direct-kernel-boot.patch -> 0042-fix-xen-hvm-direct-kernel-boot.patch
0044-ARM-KVM-Enable-in-kernel-timers-wit.patch -> 0043-ARM-KVM-Enable-in-kernel-timers-wit.patch
0046-string-input-visitor-Fix-uint64-par.patch -> 0044-string-input-visitor-Fix-uint64-par.patch
0047-test-string-input-visitor-Add-int-t.patch -> 0045-test-string-input-visitor-Add-int-t.patch
0048-test-string-input-visitor-Add-uint6.patch -> 0046-test-string-input-visitor-Add-uint6.patch
0049-tests-Add-QOM-property-unit-tests.patch -> 0047-tests-Add-QOM-property-unit-tests.patch
0050-tests-Add-scsi-disk-test.patch -> 0048-tests-Add-scsi-disk-test.patch
0055-linux-user-exclude-cpu-model-code-w.patch -> 0049-linux-user-exclude-cpu-model-code-w.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
-------------------------------------------------------------------
Wed Mar 1 12:26:56 UTC 2017 - brogers@suse.com

358
qemu.spec
View File

@ -18,15 +18,15 @@
%define noarch_supported 1110
%define build_x86_fw_from_source 0
%define build_x86_firmware_from_source 0
%define build_slof_from_source 0
%define kvm_available 0
%define legacy_qemu_kvm 0
%ifarch %ix86 x86_64
# choice of building all from source or using provided binary x86 blobs
%if 0%{?suse_version} >= 1310
%define build_x86_fw_from_source 1
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
%define build_x86_firmware_from_source 1
%endif
%endif
@ -64,6 +64,24 @@
%endif
%endif
%ifarch ppc64le
%if 0%{?suse_version} > 1320 || ( 0%{?is_opensuse} == 0 && 0%{?sle_version} > 120200 )
%define with_rbd 1
%endif
%endif
%ifarch s390x
%if 0%{?is_opensuse} == 0 && 0%{?sle_version} > 120200
%define with_rbd 1
%endif
%endif
%ifarch ppc64
%if 0%{?is_opensuse} && 0%{?sle_version} > 120200
%define with_rbd 1
%endif
%endif
%if 0%{?suse_version} > 1320
%define with_seccomp 1
%endif
@ -91,10 +109,10 @@ Url: http://www.qemu.org/
Summary: Universal CPU emulator
License: BSD-3-Clause and GPL-2.0 and GPL-2.0+ and LGPL-2.1+ and MIT
Group: System/Emulators/PC
Version: 2.8.0
Version: 2.9.0
Release: 0
Source: http://wiki.qemu.org/download/qemu-2.8.0.tar.bz2
Source99: http://wiki.qemu.org/download/qemu-2.8.0.tar.bz2.sig
Source: http://wiki.qemu.org/download/qemu-2.9.0.tar.xz
Source99: http://wiki.qemu.org/download/qemu-2.9.0.tar.xz.sig
Source1: 80-kvm.rules
Source2: qemu-ifup
Source3: kvm_stat
@ -135,76 +153,58 @@ Patch0020: 0020-Legacy-Patch-kvm-qemu-preXX-dictzip.patch
Patch0021: 0021-console-add-question-mark-escape-op.patch
Patch0022: 0022-Make-char-muxer-more-robust-wrt-sma.patch
Patch0023: 0023-linux-user-lseek-explicitly-cast-no.patch
Patch0024: 0024-virtfs-proxy-helper-Provide-__u64-f.patch
Patch0025: 0025-configure-Enable-PIE-for-ppc-and-pp.patch
Patch0026: 0026-AIO-Reduce-number-of-threads-for-32.patch
Patch0027: 0027-dictzip-Fix-on-big-endian-systems.patch
Patch0028: 0028-xen_disk-Add-suse-specific-flush-di.patch
Patch0029: 0029-qemu-bridge-helper-reduce-security-.patch
Patch0030: 0030-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
Patch0031: 0031-configure-Fix-detection-of-seccomp-.patch
Patch0032: 0032-linux-user-properly-test-for-infini.patch
Patch0033: 0033-linux-user-remove-all-traces-of-qem.patch
Patch0034: 0034-dma-rc4030-limit-interval-timer-rel.patch
Patch0035: 0035-net-imx-limit-buffer-descriptor-cou.patch
Patch0036: 0036-roms-Makefile-pass-a-packaging-time.patch
Patch0037: 0037-Raise-soft-address-space-limit-to-h.patch
Patch0038: 0038-increase-x86_64-physical-bits-to-42.patch
Patch0039: 0039-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
Patch0040: 0040-i8254-Fix-migration-from-SLE11-SP2.patch
Patch0041: 0041-acpi_piix4-Fix-migration-from-SLE11.patch
Patch0042: 0042-Fix-tigervnc-long-press-issue.patch
Patch0043: 0043-fix-xen-hvm-direct-kernel-boot.patch
Patch0044: 0044-ARM-KVM-Enable-in-kernel-timers-wit.patch
Patch0045: 0045-virtio-gpu-call-cleanup-mapping-fun.patch
Patch0046: 0046-string-input-visitor-Fix-uint64-par.patch
Patch0047: 0047-test-string-input-visitor-Add-int-t.patch
Patch0048: 0048-test-string-input-visitor-Add-uint6.patch
Patch0049: 0049-tests-Add-QOM-property-unit-tests.patch
Patch0050: 0050-tests-Add-scsi-disk-test.patch
Patch0051: 0051-virtio-gpu-fix-information-leak-in-.patch
Patch0052: 0052-display-cirrus-ignore-source-pitch-.patch
Patch0053: 0053-s390x-kvm-fix-small-race-reboot-vs..patch
Patch0054: 0054-target-s390x-use-qemu-cpu-model-in-.patch
Patch0055: 0055-linux-user-exclude-cpu-model-code-w.patch
Patch0056: 0056-tests-check-path-to-avoid-a-failing.patch
Patch0057: 0057-display-virtio-gpu-3d-check-virgl-c.patch
Patch0058: 0058-watchdog-6300esb-add-exit-function.patch
Patch0059: 0059-virtio-gpu-3d-fix-memory-leak-in-re.patch
Patch0060: 0060-virtio-gpu-fix-memory-leak-in-resou.patch
Patch0061: 0061-virtio-fix-vq-inuse-recalc-after-mi.patch
Patch0062: 0062-audio-es1370-add-exit-function.patch
Patch0063: 0063-audio-ac97-add-exit-function.patch
Patch0064: 0064-megasas-fix-guest-triggered-memory-.patch
Patch0065: 0065-cirrus-handle-negative-pitch-in-cir.patch
Patch0066: 0066-cirrus-fix-blit-address-mask-handli.patch
Patch0067: 0067-cirrus-fix-oob-access-issue-CVE-201.patch
Patch0068: 0068-usb-ccid-check-ccid-apdu-length.patch
Patch0069: 0069-sd-sdhci-check-data-length-during-d.patch
Patch0070: 0070-virtio-gpu-fix-resource-leak-in-vir.patch
Patch0071: 0071-cirrus-fix-patterncopy-checks.patch
Patch0072: 0072-cirrus-add-blit_is_unsafe-call-to-c.patch
Patch0024: 0024-configure-Enable-PIE-for-ppc-and-pp.patch
Patch0025: 0025-AIO-Reduce-number-of-threads-for-32.patch
Patch0026: 0026-dictzip-Fix-on-big-endian-systems.patch
Patch0027: 0027-xen_disk-Add-suse-specific-flush-di.patch
Patch0028: 0028-qemu-bridge-helper-reduce-security-.patch
Patch0029: 0029-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
Patch0030: 0030-configure-Fix-detection-of-seccomp-.patch
Patch0031: 0031-linux-user-properly-test-for-infini.patch
Patch0032: 0032-linux-user-remove-all-traces-of-qem.patch
Patch0033: 0033-roms-Makefile-pass-a-packaging-time.patch
Patch0034: 0034-Raise-soft-address-space-limit-to-h.patch
Patch0035: 0035-increase-x86_64-physical-bits-to-42.patch
Patch0036: 0036-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
Patch0037: 0037-i8254-Fix-migration-from-SLE11-SP2.patch
Patch0038: 0038-acpi_piix4-Fix-migration-from-SLE11.patch
Patch0039: 0039-Fix-tigervnc-long-press-issue.patch
Patch0040: 0040-fix-xen-hvm-direct-kernel-boot.patch
Patch0041: 0041-string-input-visitor-Fix-uint64-par.patch
Patch0042: 0042-test-string-input-visitor-Add-int-t.patch
Patch0043: 0043-test-string-input-visitor-Add-uint6.patch
Patch0044: 0044-tests-Add-QOM-property-unit-tests.patch
Patch0045: 0045-tests-Add-scsi-disk-test.patch
Patch0046: 0046-RFC-update-Linux-headers-from-irqs-.patch
Patch0047: 0047-ARM-KVM-Enable-in-kernel-timers-wit.patch
Patch0048: 0048-input-Add-trace-event-for-empty-key.patch
Patch0049: 0049-ACPI-don-t-call-acpi_pcihp_device_p.patch
Patch0050: 0050-i386-Allow-cpuid-bit-override.patch
Patch0051: 0051-input-limit-kbd-queue-depth.patch
Patch0052: 0052-audio-release-capture-buffers.patch
Patch0053: 0053-scsi-avoid-an-off-by-one-error-in-m.patch
Patch0054: 0054-vmw_pvscsi-check-message-ring-page-.patch
Patch0055: 0055-9pfs-local-forbid-client-access-to-.patch
Patch0056: 0056-jazz_led-fix-bad-snprintf.patch
Patch0057: 0057-slirp-smb-Replace-constant-strings-.patch
Patch0058: 0058-altera_timer-fix-incorrect-memset.patch
Patch0059: 0059-Hacks-for-building-on-gcc-7-Fedora-.patch
# Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue.
%if %{build_x86_fw_from_source}
# SeaBIOS / SeaVGABIOS
# PATCH-FIX-OPENSUSE seabios_128kb.patch brogers@suse.com -- make it fit
Patch1000: seabios_128kb.patch
# SeaBIOS / SeaVGABIOS (Currently no patches)
# ipxe
# PATCH-FIX-OPENSUSE ipxe-stable-buildid.patch brogers@suse.com -- reproducible builds
Patch1100: ipxe-stable-buildid.patch
Patch1101: ipxe-use-gcc6-for-more-compact-code.patch
Patch1102: ipxe-build-Avoid-implicit-fallthrough-warnings-on-GCC-7.patch
# sgabios
# PATCH-FIX-OPENSUSE sgabios-stable-buildid.patch brogers@suse.com -- reproducible builds
Patch1200: sgabios-stable-buildid.patch
%endif
%if %{build_slof_from_source}
# SLOF (Currently no patches)
%endif
# this is to make lint happy
Source300: qemu-rpmlintrc
@ -221,7 +221,7 @@ BuildRequires: SDL-devel
BuildRequires: SDL2-devel
%endif
BuildRequires: alsa-devel
%if %{?build_x86_fw_from_source}
%if %{build_x86_firmware_from_source}
BuildRequires: binutils-devel
%endif
BuildRequires: bluez-devel
@ -230,13 +230,13 @@ BuildRequires: brlapi-devel
%endif
BuildRequires: curl-devel
BuildRequires: cyrus-sasl-devel
%if %{build_x86_fw_from_source}
%if %{build_x86_firmware_from_source}
BuildRequires: iasl
%endif
BuildRequires: e2fsprogs-devel
BuildRequires: fdupes
BuildRequires: gcc-c++
%if %{build_x86_fw_from_source}
%if %{build_x86_firmware_from_source}
BuildRequires: gcc6
%endif
BuildRequires: glib2-devel
@ -289,11 +289,17 @@ BuildRequires: libjpeg-devel
%if 0%{?suse_version} >= 1310
BuildRequires: libnettle-devel
%endif
%ifarch %ix86 aarch64
%ifarch %ix86 x86_64
%if 0%{?suse_version} > 1320 || 0%{?suse_version} == 1315
BuildRequires: libnuma-devel
%endif
%else
%ifarch aarch64
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
BuildRequires: libnuma-devel
%endif
%endif
%else
%ifnarch %arm s390x
BuildRequires: libnuma-devel
%endif
@ -324,7 +330,7 @@ BuildRequires: makeinfo
%endif
BuildRequires: Mesa-devel
BuildRequires: ncurses-devel
%if %{?build_x86_fw_from_source}
%if %{build_x86_firmware_from_source}
BuildRequires: ovmf-tools
%endif
BuildRequires: pkgconfig
@ -343,9 +349,7 @@ BuildRequires: systemd
%if %{kvm_available}
BuildRequires: pkgconfig(udev)
%endif
%if 0%{?sles_version} != 11
BuildRequires: usbredir-devel
%endif
%if 0%{?suse_version} >= 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
BuildRequires: virglrenderer-devel >= 0.4.1
%endif
@ -360,19 +364,33 @@ BuildRequires: vte2-devel
BuildRequires: xen-devel
%endif
BuildRequires: xfsprogs-devel
%if %{build_x86_fw_from_source}
%if %{build_x86_firmware_from_source}
BuildRequires: xz-devel
%endif
BuildRequires: zlib-devel
%if "%{name}" == "qemu-testsuite"
BuildRequires: bc
BuildRequires: qemu-arm = %version
BuildRequires: qemu-block-curl = %version
BuildRequires: qemu-block-dmg = %version
BuildRequires: qemu-extra = %version
BuildRequires: qemu-guest-agent = %version
BuildRequires: qemu-ppc = %version
BuildRequires: qemu-s390 = %version
BuildRequires: qemu-tools = %version
BuildRequires: qemu-x86 = %version
%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
BuildRequires: qemu-block-gluster = %version
%endif
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
BuildRequires: qemu-block-iscsi = %version
%endif
%if 0%{?with_rbd}
BuildRequires: qemu-block-rbd = %version
%endif
%if 0%{?suse_version} > 1140
BuildRequires: qemu-block-ssh = %version
%endif
%endif
Requires(pre): pwdutils
Requires(post): coreutils
@ -424,16 +442,50 @@ Suggests: qemu-lang
Recommends: qemu-ksm = %{version}
%endif
%ifarch x86_64
%define x86_64_only_b_f_f {efi-e1000.rom efi-e1000e.rom efi-eepro100.rom \
efi-pcnet.rom efi-ne2k_pci.rom efi-rtl8139.rom efi-virtio.rom efi-vmxnet3.rom}
%if %{build_slof_from_source}
%define ppc_default_built_firmware {%nil}
%define ppc_extra_built_firmware {slof.bin}
%endif
%define built_firmware_files {bios.bin bios-256k.bin sgabios.bin vgabios.bin \
vgabios-cirrus.bin vgabios-stdvga.bin vgabios-virtio.bin vgabios-vmware.bin \
vgabios-qxl.bin optionrom/linuxboot.bin optionrom/linuxboot_dma.bin \
optionrom/multiboot.bin optionrom/kvmvapic.bin pxe-e1000.rom pxe-pcnet.rom \
pxe-ne2k_pci.rom pxe-rtl8139.rom pxe-eepro100.rom pxe-virtio.rom \
%{?x86_64_only_b_f_f}}
%ifarch ppc64
%define ppc64_only_default_built_firmware {spapr-rtas.bin}
%define ppc64_only_extra_built_firmware {%nil}
%endif
%ifarch s390x
%define s390x_default_built_firmware {s390-ccw.img}
%define s390x_extra_built_firmware {%nil}
%endif
%ifarch %ix86 x86_64
%define x86_default_built_firmware {linuxboot.bin linuxboot_dma.bin \
multiboot.bin kvmvapic.bin}
%ifarch x86_64
%define x86_64_only_default_built_firmware {%nil}
%endif
%endif
%define x86_extra_built_firmware_list {bios.bin bios-256k.bin sgabios.bin \
vgabios.bin vgabios-cirrus.bin vgabios-stdvga.bin vgabios-virtio.bin \
vgabios-vmware.bin vgabios-qxl.bin pxe-e1000.rom pxe-pcnet.rom \
pxe-ne2k_pci.rom pxe-rtl8139.rom pxe-eepro100.rom pxe-virtio.rom}
%define x86_64_only_extra_built_firmware_list {efi-e1000.rom efi-e1000e.rom \
efi-eepro100.rom efi-pcnet.rom efi-ne2k_pci.rom efi-rtl8139.rom efi-virtio.rom \
efi-vmxnet3.rom}
%if %{build_x86_firmware_from_source}
%define x86_extra_built_firmware %{x86_extra_built_firmware_list}
%ifarch x86_64
%define x86_64_only_extra_built_firmware %{x86_64_only_extra_built_firmware_list}
%endif
%endif
%define built_firmware { \
%{?ppc_default_built_firmware} %{?ppc_extra_built_firmware} \
%{?ppc64_only_default_built_firmware} %{?ppc64_only_extra_built_firmware} \
%{?s390x_default_built_firmware} %{?s390x_extra_built_firmware} \
%{?x86_default_built_firmware} %{?x86_extra_built_firmware} \
%{?x86_64_only_default_built_firmware} %{?x86_64_only_extra_built_firmware} }
%description
QEMU is an extremely well-performing CPU emulator that allows you to
@ -711,7 +763,7 @@ This sub-package contains the guest agent.
%package seabios
Summary: X86 BIOS for QEMU
Group: System/Emulators/PC
Version: 1.10.1
Version: 1.10.2
Release: 0
%if 0%{?suse_version} > %{noarch_supported}
BuildArch: noarch
@ -725,7 +777,7 @@ is the default BIOS for QEMU.
%package vgabios
Summary: VGA BIOSes for QEMU
Group: System/Emulators/PC
Version: 1.10.1
Version: 1.10.2
Release: 0
%if 0%{?suse_version} > %{noarch_supported}
BuildArch: noarch
@ -782,7 +834,7 @@ This package provides a service file for starting and stopping KSM.
%endif # !qemu-testsuite
%prep
%setup -q -n qemu-2.8.0
%setup -q -n qemu-2.9.0
%patch0001 -p1
%patch0002 -p1
%patch0003 -p1
@ -842,44 +894,25 @@ This package provides a service file for starting and stopping KSM.
%patch0057 -p1
%patch0058 -p1
%patch0059 -p1
%patch0060 -p1
%patch0061 -p1
%patch0062 -p1
%patch0063 -p1
%patch0064 -p1
%patch0065 -p1
%patch0066 -p1
%patch0067 -p1
%patch0068 -p1
%patch0069 -p1
%patch0070 -p1
%patch0071 -p1
%patch0072 -p1
%if %{build_x86_fw_from_source}
pushd roms/seabios
%patch1000 -p1
popd
pushd roms/ipxe
%patch1100 -p1
%patch1101 -p1
%patch1102 -p1
popd
pushd roms/sgabios
%patch1200 -p1
popd
# as a safeguard, delete the firmware files that we intend to build
for i in %built_firmware_files
do
rm -f pc-bios/$i
done
%endif
%if %{build_slof_from_source}
pushd roms/SLOF
popd
rm -f pc-bios/slof.bin
%endif
# as a safeguard, delete the firmware files that we intend to build
for i in %built_firmware
do
unlink pc-bios/$i
done
%build
echo '%{version}' > roms/seabios/.version
@ -889,6 +922,7 @@ echo '%{version}' > roms/seabios/.version
--libdir=%_libdir \
--libexecdir=%_libexecdir \
--localstatedir=%_localstatedir \
--docdir=%_docdir/qemu \
--extra-cflags="%{optflags}" \
--disable-stack-protector \
--disable-strip \
@ -899,7 +933,6 @@ echo '%{version}' > roms/seabios/.version
--enable-pie \
--enable-docs \
--audio-drv-list="pa alsa sdl oss" \
--disable-archipelago \
--enable-attr \
--enable-bluez \
%if 0%{?suse_version} >= 1130
@ -909,7 +942,6 @@ echo '%{version}' > roms/seabios/.version
%endif
--enable-bzip2 \
--enable-cap-ng \
--disable-colo \
--enable-coroutine-pool \
--enable-curl \
--enable-curses \
@ -931,6 +963,7 @@ echo '%{version}' > roms/seabios/.version
%else
--with-gtkabi=2.0 \
%endif
--disable-hax \
--disable-jemalloc \
%if %{kvm_available}
--enable-kvm \
@ -956,13 +989,21 @@ echo '%{version}' > roms/seabios/.version
--enable-linux-aio \
--enable-lzo \
--disable-netmap \
%ifarch %ix86 aarch64
%ifarch %ix86 x86_64
%if 0%{?suse_version} > 1320 || 0%{?suse_version} == 1315
--enable-numa \
%else
--disable-numa \
%endif
%else
%ifarch aarch64
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
--enable-numa \
%endif
%else
--disable-numa \
%endif
%else
%ifarch %arm s390x
--disable-numa \
%else
@ -972,6 +1013,7 @@ echo '%{version}' > roms/seabios/.version
%if 0%{?suse_version} >= 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
--enable-opengl \
%endif
--with-system-pixman \
%if 0%{?with_rbd}
--enable-rbd \
%else
@ -982,7 +1024,7 @@ echo '%{version}' > roms/seabios/.version
%else
--disable-rdma \
%endif
--disable-replication \
--enable-replication \
--enable-sdl \
%if 0%{?suse_version} >= 1320
--with-sdlabi=2.0 \
@ -1011,11 +1053,7 @@ echo '%{version}' > roms/seabios/.version
%endif
--disable-tcmalloc \
--enable-tpm \
%if 0%{?sles_version} == 11
--disable-usb-redir \
%else
--enable-usb-redir \
%endif
--enable-vde \
--enable-vhost-net \
%if 0%{?suse_version} >= 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
@ -1045,8 +1083,37 @@ echo '%{version}' > roms/seabios/.version
make %{?_smp_mflags} V=1
# Firmware
%if %{build_x86_fw_from_source}
%ifarch s390x
for i in %s390x_default_built_firmware
do
cp pc-bios/s390-ccw/$i pc-bios/
done
%endif
%ifarch ppc64
for i in %ppc64_only_default_built_firmware
do
cp pc-bios/spapr-rtas/$i pc-bios/
done
%endif
%ifarch %ix86 x86_64
for i in %x86_default_built_firmware
do
cp pc-bios/optionrom/$i pc-bios/
done
%ifarch x86_64
for i in %x86_64_only_default_built_firmware
do
cp pc-bios/optionrom/$i pc-bios/
done
%endif
%endif
%if %{build_x86_firmware_from_source}
make %{?_smp_mflags} -C roms bios
make %{?_smp_mflags} -C roms seavgabios
make %{?_smp_mflags} -C roms pxerom
%ifarch x86_64
@ -1080,24 +1147,21 @@ for i in %supported_nics_small
fi
done
%endif
%if %{build_slof_from_source}
make %{?_smp_mflags} -C roms slof
%endif
%ifarch s390x
cp pc-bios/s390-ccw/s390-ccw.img pc-bios/s390-ccw.img
%endif
%else # qemu-testsuite
ln -s %{_bindir}/qemu-img qemu-img
ln -s %{_bindir}/qemu-ga qemu-ga
ln -s %{_bindir}/qemu-io qemu-io
%if %{build_x86_fw_from_source}
for i in %built_firmware_files
for i in %built_firmware
do
ln -s %{_datadir}/qemu/$i pc-bios/$i
done
%endif
for conf in default-configs/*-softmmu.mak; do
arch=`echo "$conf" | sed -e 's|default-configs/\(.*\)-softmmu.mak|\1|g'`
@ -1105,7 +1169,10 @@ for conf in default-configs/*-softmmu.mak; do
done
# Compile the QOM test binary first, so that ...
touch -r config-host.mak pc-bios
make tests/qom-test %{?_smp_mflags} V=1
# Firmware
# ... make comes in fresh and has lots of address space (needed for 32bit, bsc#957379)
%if 0%{?suse_version} >= 1310
make check-report.html V=1
@ -1152,16 +1219,14 @@ format=`qemu-img info test.tar | grep "file format:" | cut -d ':' -f 2 | tr -d '
%install
%if "%{name}" != "qemu-testsuite"
touch -r config-host.mak pc-bios
make install DESTDIR=%{buildroot}
rm -fr %{buildroot}%{_datadir}/doc
%if ! %{build_x86_fw_from_source}
for f in acpi-dsdt.aml bios-256k.bin bios.bin efi-*.rom pxe-*.rom sgabios.bin \
vgabios-cirrus.bin vgabios-qxl.bin vgabios-stdvga.bin vgabios-virtio.bin vgabios-vmware.bin \
vgabios.bin; do
rm %{buildroot}%{_datadir}/%name/$f
%ifnarch %ix86 x86_64
for f in acpi-dsdt.aml %{x86_extra_built_firmware_list} \
%{x86_64_only_extra_built_firmware_list}; do
unlink %{buildroot}%{_datadir}/%name/$f
done
%endif
# rm -f %{buildroot}%{_datadir}/%{name}/u-boot.e500
%find_lang %name
install -D -m 644 %{SOURCE302} %{buildroot}%{_sysconfdir}/qemu/bridge.conf
install -D -m 755 %{SOURCE2} %{buildroot}/usr/share/qemu/qemu-ifup
@ -1315,8 +1380,16 @@ fi
%files
%defattr(-, root, root)
%if "%{name}" != "qemu-testsuite"
%doc COPYING COPYING.LIB Changelog README VERSION qemu-doc.html
%doc %_mandir/man1/qemu.1.gz
%doc COPYING COPYING.LIB Changelog README VERSION
%_docdir/%name/qemu-doc.txt
%_docdir/%name/qemu-doc.html
%_docdir/%name/qemu-qmp-ref.txt
%_docdir/%name/qemu-qmp-ref.html
%_docdir/%name/qemu-ga-ref.txt
%_docdir/%name/qemu-ga-ref.html
%_mandir/man1/qemu.1.gz
%_mandir/man7/qemu-qmp-ref.7.gz
%_mandir/man7/qemu-ga-ref.7.gz
%dir %_datadir/%name
%_datadir/%name/keymaps
%_datadir/%name/trace-events-all
@ -1404,7 +1477,8 @@ fi
%_bindir/qemu-system-mips64
%_bindir/qemu-system-mips64el
%_bindir/qemu-system-moxie
%_bindir/qemu-system-or32
%_bindir/qemu-system-nios2
%_bindir/qemu-system-or1k
%_bindir/qemu-system-sh4
%_bindir/qemu-system-sh4eb
%_bindir/qemu-system-sparc
@ -1424,7 +1498,7 @@ fi
%files kvm
%defattr(-,root,root)
%_bindir/qemu-kvm
%doc %_mandir/man1/qemu-kvm.1.gz
%_mandir/man1/qemu-kvm.1.gz
%if 0%{?is_opensuse} == 0
%dir %_docdir/qemu-kvm
%_docdir/qemu-kvm/kvm-supported.txt
@ -1472,7 +1546,7 @@ fi
%files lang -f %name.lang
%defattr(-, root, root)
%if %{build_x86_fw_from_source}
%ifarch %ix86 x86_64
%files seabios
%defattr(-, root, root)
%dir %_datadir/%name
@ -1516,9 +1590,9 @@ fi
%files tools
%defattr(-, root, root)
%doc %_mandir/man1/qemu-img.1.gz
%doc %_mandir/man1/virtfs-proxy-helper.1.gz
%doc %_mandir/man8/qemu-nbd.8.gz
%_mandir/man1/qemu-img.1.gz
%_mandir/man1/virtfs-proxy-helper.1.gz
%_mandir/man8/qemu-nbd.8.gz
%_bindir/ivshmem-client
%_bindir/ivshmem-server
%_bindir/qemu-io
@ -1532,7 +1606,7 @@ fi
%files guest-agent
%defattr(-, root, root)
%doc %_mandir/man8/qemu-ga.8.gz
%_mandir/man8/qemu-ga.8.gz
%attr(755,root,kvm) %_bindir/qemu-ga
%if 0%{?with_systemd}
%{_unitdir}/qemu-ga.service
@ -1546,9 +1620,9 @@ fi
%endif
%else # qemu-testsuite
%doc %_datadir/qemu/check-report.xml
%_datadir/qemu/check-report.xml
%if 0%{?suse_version} >= 1310
%doc %_datadir/qemu/check-report.html
%_datadir/qemu/check-report.html
%endif
%endif

255
qemu.spec.in
View File

@ -17,15 +17,15 @@
%define noarch_supported 1110
%define build_x86_fw_from_source 0
%define build_x86_firmware_from_source 0
%define build_slof_from_source 0
%define kvm_available 0
%define legacy_qemu_kvm 0
%ifarch %ix86 x86_64
# choice of building all from source or using provided binary x86 blobs
%if 0%{?suse_version} >= 1310
%define build_x86_fw_from_source 1
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
%define build_x86_firmware_from_source 1
%endif
%endif
@ -63,6 +63,25 @@
%endif
%endif
%ifarch ppc64le
%if 0%{?suse_version} > 1320 || ( 0%{?is_opensuse} == 0 && 0%{?sle_version} > 120200 )
%define with_rbd 1
%endif
%endif
%ifarch s390x
%if 0%{?is_opensuse} == 0 && 0%{?sle_version} > 120200
%define with_rbd 1
%endif
%endif
%ifarch ppc64
%if 0%{?is_opensuse} && 0%{?sle_version} > 120200
%define with_rbd 1
%endif
%endif
%if 0%{?suse_version} > 1320
%define with_seccomp 1
%endif
@ -92,8 +111,8 @@ License: BSD-3-Clause and GPL-2.0 and GPL-2.0+ and LGPL-2.1+ and MIT
Group: System/Emulators/PC
QEMU_VERSION
Release: 0
Source: http://wiki.qemu.org/download/qemu-2.8.0.tar.bz2
Source99: http://wiki.qemu.org/download/qemu-2.8.0.tar.bz2.sig
Source: http://wiki.qemu.org/download/qemu-2.9.0.tar.xz
Source99: http://wiki.qemu.org/download/qemu-2.9.0.tar.xz.sig
Source1: 80-kvm.rules
Source2: qemu-ifup
Source3: kvm_stat
@ -115,24 +134,19 @@ PATCH_FILES
# Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue.
%if %{build_x86_fw_from_source}
# SeaBIOS / SeaVGABIOS
# PATCH-FIX-OPENSUSE seabios_128kb.patch brogers@suse.com -- make it fit
Patch1000: seabios_128kb.patch
# SeaBIOS / SeaVGABIOS (Currently no patches)
# ipxe
# PATCH-FIX-OPENSUSE ipxe-stable-buildid.patch brogers@suse.com -- reproducible builds
Patch1100: ipxe-stable-buildid.patch
Patch1101: ipxe-use-gcc6-for-more-compact-code.patch
Patch1102: ipxe-build-Avoid-implicit-fallthrough-warnings-on-GCC-7.patch
# sgabios
# PATCH-FIX-OPENSUSE sgabios-stable-buildid.patch brogers@suse.com -- reproducible builds
Patch1200: sgabios-stable-buildid.patch
%endif
%if %{build_slof_from_source}
# SLOF (Currently no patches)
%endif
# this is to make lint happy
Source300: qemu-rpmlintrc
@ -149,7 +163,7 @@ BuildRequires: SDL-devel
BuildRequires: SDL2-devel
%endif
BuildRequires: alsa-devel
%if %{?build_x86_fw_from_source}
%if %{build_x86_firmware_from_source}
BuildRequires: binutils-devel
%endif
BuildRequires: bluez-devel
@ -158,13 +172,13 @@ BuildRequires: brlapi-devel
%endif
BuildRequires: curl-devel
BuildRequires: cyrus-sasl-devel
%if %{build_x86_fw_from_source}
%if %{build_x86_firmware_from_source}
BuildRequires: iasl
%endif
BuildRequires: e2fsprogs-devel
BuildRequires: fdupes
BuildRequires: gcc-c++
%if %{build_x86_fw_from_source}
%if %{build_x86_firmware_from_source}
BuildRequires: gcc6
%endif
BuildRequires: glib2-devel
@ -217,11 +231,17 @@ BuildRequires: libjpeg-devel
%if 0%{?suse_version} >= 1310
BuildRequires: libnettle-devel
%endif
%ifarch %ix86 aarch64
%ifarch %ix86 x86_64
%if 0%{?suse_version} > 1320 || 0%{?suse_version} == 1315
BuildRequires: libnuma-devel
%endif
%else
%ifarch aarch64
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
BuildRequires: libnuma-devel
%endif
%endif
%else
%ifnarch %arm s390x
BuildRequires: libnuma-devel
%endif
@ -252,7 +272,7 @@ BuildRequires: makeinfo
%endif
BuildRequires: Mesa-devel
BuildRequires: ncurses-devel
%if %{?build_x86_fw_from_source}
%if %{build_x86_firmware_from_source}
BuildRequires: ovmf-tools
%endif
BuildRequires: pkgconfig
@ -271,9 +291,7 @@ BuildRequires: systemd
%if %{kvm_available}
BuildRequires: pkgconfig(udev)
%endif
%if 0%{?sles_version} != 11
BuildRequires: usbredir-devel
%endif
%if 0%{?suse_version} >= 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
BuildRequires: virglrenderer-devel >= 0.4.1
%endif
@ -288,7 +306,7 @@ BuildRequires: vte2-devel
BuildRequires: xen-devel
%endif
BuildRequires: xfsprogs-devel
%if %{build_x86_fw_from_source}
%if %{build_x86_firmware_from_source}
BuildRequires: xz-devel
%endif
BuildRequires: zlib-devel
@ -301,6 +319,20 @@ BuildRequires: qemu-ppc = %version
BuildRequires: qemu-s390 = %version
BuildRequires: qemu-tools = %version
BuildRequires: qemu-x86 = %version
BuildRequires: qemu-block-curl = %version
BuildRequires: qemu-block-dmg = %version
%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
BuildRequires: qemu-block-gluster = %version
%endif
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
BuildRequires: qemu-block-iscsi = %version
%endif
%if 0%{?with_rbd}
BuildRequires: qemu-block-rbd = %version
%endif
%if 0%{?suse_version} > 1140
BuildRequires: qemu-block-ssh = %version
%endif
%endif
Requires(pre): pwdutils
Requires(post): coreutils
@ -352,16 +384,50 @@ Suggests: qemu-lang
Recommends: qemu-ksm = %{version}
%endif
%ifarch x86_64
%define x86_64_only_b_f_f {efi-e1000.rom efi-e1000e.rom efi-eepro100.rom \
efi-pcnet.rom efi-ne2k_pci.rom efi-rtl8139.rom efi-virtio.rom efi-vmxnet3.rom}
%if %{build_slof_from_source}
%define ppc_default_built_firmware {%nil}
%define ppc_extra_built_firmware {slof.bin}
%endif
%define built_firmware_files {bios.bin bios-256k.bin sgabios.bin vgabios.bin \
vgabios-cirrus.bin vgabios-stdvga.bin vgabios-virtio.bin vgabios-vmware.bin \
vgabios-qxl.bin optionrom/linuxboot.bin optionrom/linuxboot_dma.bin \
optionrom/multiboot.bin optionrom/kvmvapic.bin pxe-e1000.rom pxe-pcnet.rom \
pxe-ne2k_pci.rom pxe-rtl8139.rom pxe-eepro100.rom pxe-virtio.rom \
%{?x86_64_only_b_f_f}}
%ifarch ppc64
%define ppc64_only_default_built_firmware {spapr-rtas.bin}
%define ppc64_only_extra_built_firmware {%nil}
%endif
%ifarch s390x
%define s390x_default_built_firmware {s390-ccw.img}
%define s390x_extra_built_firmware {%nil}
%endif
%ifarch %ix86 x86_64
%define x86_default_built_firmware {linuxboot.bin linuxboot_dma.bin \
multiboot.bin kvmvapic.bin}
%ifarch x86_64
%define x86_64_only_default_built_firmware {%nil}
%endif
%endif
%define x86_extra_built_firmware_list {bios.bin bios-256k.bin sgabios.bin \
vgabios.bin vgabios-cirrus.bin vgabios-stdvga.bin vgabios-virtio.bin \
vgabios-vmware.bin vgabios-qxl.bin pxe-e1000.rom pxe-pcnet.rom \
pxe-ne2k_pci.rom pxe-rtl8139.rom pxe-eepro100.rom pxe-virtio.rom}
%define x86_64_only_extra_built_firmware_list {efi-e1000.rom efi-e1000e.rom \
efi-eepro100.rom efi-pcnet.rom efi-ne2k_pci.rom efi-rtl8139.rom efi-virtio.rom \
efi-vmxnet3.rom}
%if %{build_x86_firmware_from_source}
%define x86_extra_built_firmware %{x86_extra_built_firmware_list}
%ifarch x86_64
%define x86_64_only_extra_built_firmware %{x86_64_only_extra_built_firmware_list}
%endif
%endif
%define built_firmware { \
%{?ppc_default_built_firmware} %{?ppc_extra_built_firmware} \
%{?ppc64_only_default_built_firmware} %{?ppc64_only_extra_built_firmware} \
%{?s390x_default_built_firmware} %{?s390x_extra_built_firmware} \
%{?x86_default_built_firmware} %{?x86_extra_built_firmware} \
%{?x86_64_only_default_built_firmware} %{?x86_64_only_extra_built_firmware} }
%description
QEMU is an extremely well-performing CPU emulator that allows you to
@ -710,33 +776,27 @@ This package provides a service file for starting and stopping KSM.
%endif # !qemu-testsuite
%prep
%setup -q -n qemu-2.8.0
%setup -q -n qemu-2.9.0
PATCH_EXEC
%if %{build_x86_fw_from_source}
pushd roms/seabios
%patch1000 -p1
popd
pushd roms/ipxe
%patch1100 -p1
%patch1101 -p1
%patch1102 -p1
popd
pushd roms/sgabios
%patch1200 -p1
popd
# as a safeguard, delete the firmware files that we intend to build
for i in %built_firmware_files
do
rm -f pc-bios/$i
done
%endif
%if %{build_slof_from_source}
pushd roms/SLOF
popd
rm -f pc-bios/slof.bin
%endif
# as a safeguard, delete the firmware files that we intend to build
for i in %built_firmware
do
unlink pc-bios/$i
done
%build
echo '%{version}' > roms/seabios/.version
@ -746,6 +806,7 @@ echo '%{version}' > roms/seabios/.version
--libdir=%_libdir \
--libexecdir=%_libexecdir \
--localstatedir=%_localstatedir \
--docdir=%_docdir/qemu \
--extra-cflags="%{optflags}" \
--disable-stack-protector \
--disable-strip \
@ -756,7 +817,6 @@ echo '%{version}' > roms/seabios/.version
--enable-pie \
--enable-docs \
--audio-drv-list="pa alsa sdl oss" \
--disable-archipelago \
--enable-attr \
--enable-bluez \
%if 0%{?suse_version} >= 1130
@ -766,7 +826,6 @@ echo '%{version}' > roms/seabios/.version
%endif
--enable-bzip2 \
--enable-cap-ng \
--disable-colo \
--enable-coroutine-pool \
--enable-curl \
--enable-curses \
@ -788,6 +847,7 @@ echo '%{version}' > roms/seabios/.version
%else
--with-gtkabi=2.0 \
%endif
--disable-hax \
--disable-jemalloc \
%if %{kvm_available}
--enable-kvm \
@ -813,13 +873,21 @@ echo '%{version}' > roms/seabios/.version
--enable-linux-aio \
--enable-lzo \
--disable-netmap \
%ifarch %ix86 aarch64
%ifarch %ix86 x86_64
%if 0%{?suse_version} > 1320 || 0%{?suse_version} == 1315
--enable-numa \
%else
--disable-numa \
%endif
%else
%ifarch aarch64
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
--enable-numa \
%endif
%else
--disable-numa \
%endif
%else
%ifarch %arm s390x
--disable-numa \
%else
@ -829,6 +897,7 @@ echo '%{version}' > roms/seabios/.version
%if 0%{?suse_version} >= 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
--enable-opengl \
%endif
--with-system-pixman \
%if 0%{?with_rbd}
--enable-rbd \
%else
@ -839,7 +908,7 @@ echo '%{version}' > roms/seabios/.version
%else
--disable-rdma \
%endif
--disable-replication \
--enable-replication \
--enable-sdl \
%if 0%{?suse_version} >= 1320
--with-sdlabi=2.0 \
@ -868,11 +937,7 @@ echo '%{version}' > roms/seabios/.version
%endif
--disable-tcmalloc \
--enable-tpm \
%if 0%{?sles_version} == 11
--disable-usb-redir \
%else
--enable-usb-redir \
%endif
--enable-vde \
--enable-vhost-net \
%if 0%{?suse_version} >= 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
@ -902,8 +967,37 @@ echo '%{version}' > roms/seabios/.version
make %{?_smp_mflags} V=1
# Firmware
%if %{build_x86_fw_from_source}
%ifarch s390x
for i in %s390x_default_built_firmware
do
cp pc-bios/s390-ccw/$i pc-bios/
done
%endif
%ifarch ppc64
for i in %ppc64_only_default_built_firmware
do
cp pc-bios/spapr-rtas/$i pc-bios/
done
%endif
%ifarch %ix86 x86_64
for i in %x86_default_built_firmware
do
cp pc-bios/optionrom/$i pc-bios/
done
%ifarch x86_64
for i in %x86_64_only_default_built_firmware
do
cp pc-bios/optionrom/$i pc-bios/
done
%endif
%endif
%if %{build_x86_firmware_from_source}
make %{?_smp_mflags} -C roms bios
make %{?_smp_mflags} -C roms seavgabios
make %{?_smp_mflags} -C roms pxerom
%ifarch x86_64
@ -937,24 +1031,21 @@ for i in %supported_nics_small
fi
done
%endif
%if %{build_slof_from_source}
make %{?_smp_mflags} -C roms slof
%endif
%ifarch s390x
cp pc-bios/s390-ccw/s390-ccw.img pc-bios/s390-ccw.img
%endif
%else # qemu-testsuite
ln -s %{_bindir}/qemu-img qemu-img
ln -s %{_bindir}/qemu-ga qemu-ga
ln -s %{_bindir}/qemu-io qemu-io
%if %{build_x86_fw_from_source}
for i in %built_firmware_files
for i in %built_firmware
do
ln -s %{_datadir}/qemu/$i pc-bios/$i
done
%endif
for conf in default-configs/*-softmmu.mak; do
arch=`echo "$conf" | sed -e 's|default-configs/\(.*\)-softmmu.mak|\1|g'`
@ -962,7 +1053,10 @@ for conf in default-configs/*-softmmu.mak; do
done
# Compile the QOM test binary first, so that ...
touch -r config-host.mak pc-bios
make tests/qom-test %{?_smp_mflags} V=1
# Firmware
# ... make comes in fresh and has lots of address space (needed for 32bit, bsc#957379)
%if 0%{?suse_version} >= 1310
make check-report.html V=1
@ -1009,16 +1103,14 @@ format=`qemu-img info test.tar | grep "file format:" | cut -d ':' -f 2 | tr -d '
%install
%if "%{name}" != "qemu-testsuite"
touch -r config-host.mak pc-bios
make install DESTDIR=%{buildroot}
rm -fr %{buildroot}%{_datadir}/doc
%if ! %{build_x86_fw_from_source}
for f in acpi-dsdt.aml bios-256k.bin bios.bin efi-*.rom pxe-*.rom sgabios.bin \
vgabios-cirrus.bin vgabios-qxl.bin vgabios-stdvga.bin vgabios-virtio.bin vgabios-vmware.bin \
vgabios.bin; do
rm %{buildroot}%{_datadir}/%name/$f
%ifnarch %ix86 x86_64
for f in acpi-dsdt.aml %{x86_extra_built_firmware_list} \
%{x86_64_only_extra_built_firmware_list}; do
unlink %{buildroot}%{_datadir}/%name/$f
done
%endif
# rm -f %{buildroot}%{_datadir}/%{name}/u-boot.e500
%find_lang %name
install -D -m 644 %{SOURCE302} %{buildroot}%{_sysconfdir}/qemu/bridge.conf
install -D -m 755 %{SOURCE2} %{buildroot}/usr/share/qemu/qemu-ifup
@ -1172,8 +1264,16 @@ fi
%files
%defattr(-, root, root)
%if "%{name}" != "qemu-testsuite"
%doc COPYING COPYING.LIB Changelog README VERSION qemu-doc.html
%doc %_mandir/man1/qemu.1.gz
%doc COPYING COPYING.LIB Changelog README VERSION
%_docdir/%name/qemu-doc.txt
%_docdir/%name/qemu-doc.html
%_docdir/%name/qemu-qmp-ref.txt
%_docdir/%name/qemu-qmp-ref.html
%_docdir/%name/qemu-ga-ref.txt
%_docdir/%name/qemu-ga-ref.html
%_mandir/man1/qemu.1.gz
%_mandir/man7/qemu-qmp-ref.7.gz
%_mandir/man7/qemu-ga-ref.7.gz
%dir %_datadir/%name
%_datadir/%name/keymaps
%_datadir/%name/trace-events-all
@ -1261,7 +1361,8 @@ fi
%_bindir/qemu-system-mips64
%_bindir/qemu-system-mips64el
%_bindir/qemu-system-moxie
%_bindir/qemu-system-or32
%_bindir/qemu-system-nios2
%_bindir/qemu-system-or1k
%_bindir/qemu-system-sh4
%_bindir/qemu-system-sh4eb
%_bindir/qemu-system-sparc
@ -1281,7 +1382,7 @@ fi
%files kvm
%defattr(-,root,root)
%_bindir/qemu-kvm
%doc %_mandir/man1/qemu-kvm.1.gz
%_mandir/man1/qemu-kvm.1.gz
%if 0%{?is_opensuse} == 0
%dir %_docdir/qemu-kvm
%_docdir/qemu-kvm/kvm-supported.txt
@ -1329,7 +1430,7 @@ fi
%files lang -f %name.lang
%defattr(-, root, root)
%if %{build_x86_fw_from_source}
%ifarch %ix86 x86_64
%files seabios
%defattr(-, root, root)
%dir %_datadir/%name
@ -1373,9 +1474,9 @@ fi
%files tools
%defattr(-, root, root)
%doc %_mandir/man1/qemu-img.1.gz
%doc %_mandir/man1/virtfs-proxy-helper.1.gz
%doc %_mandir/man8/qemu-nbd.8.gz
%_mandir/man1/qemu-img.1.gz
%_mandir/man1/virtfs-proxy-helper.1.gz
%_mandir/man8/qemu-nbd.8.gz
%_bindir/ivshmem-client
%_bindir/ivshmem-server
%_bindir/qemu-io
@ -1389,7 +1490,7 @@ fi
%files guest-agent
%defattr(-, root, root)
%doc %_mandir/man8/qemu-ga.8.gz
%_mandir/man8/qemu-ga.8.gz
%attr(755,root,kvm) %_bindir/qemu-ga
%if 0%{?with_systemd}
%{_unitdir}/qemu-ga.service
@ -1403,9 +1504,9 @@ fi
%endif
%else # qemu-testsuite
%doc %_datadir/qemu/check-report.xml
%_datadir/qemu/check-report.xml
%if 0%{?suse_version} >= 1310
%doc %_datadir/qemu/check-report.html
%_datadir/qemu/check-report.html
%endif
%endif

288
seabios_128kb.patch
View File

@ -1,288 +0,0 @@
From 5fff5f1e79d8bc7ef24d1f8ff42c8021215f23a6 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Thu, 19 Mar 2015 16:34:31 -0600
Subject: [PATCH] Eliminate some duplicate string segments to reduce bios image
size
In some build environments, we are running up against the 128K bios
size limit. This change simply takes larger string segments which are
used in printf style messages and uses a single copy, now referenced
with a %s specifier, resulting in the needed space savings.
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
src/boot.c | 20 +++++++++++---------
src/bootsplash.c | 5 +++--
src/fw/paravirt.c | 8 +++++---
src/fw/pciinit.c | 19 ++++++++++---------
src/hw/usb-hub.c | 9 +++++----
src/hw/usb-msc.c | 6 ++++--
6 files changed, 38 insertions(+), 29 deletions(-)
--- a/src/boot.c
+++ b/src/boot.c
@@ -27,6 +27,8 @@
* Boot priority ordering
****************************************************************/
+static const char *no_boot_dev_str = "No bootable device.";
+static const char *boot_str = "Booting from ";
static char **Bootorder VARVERIFY32INIT;
static int BootorderCount;
@@ -596,7 +598,7 @@ bcv_prepboot(void)
static void
call_boot_entry(struct segoff_s bootsegip, u8 bootdrv)
{
- dprintf(1, "Booting from %04x:%04x\n", bootsegip.seg, bootsegip.offset);
+ dprintf(1, "%s%04x:%04x\n", boot_str, bootsegip.seg, bootsegip.offset);
struct bregs br;
memset(&br, 0, sizeof(br));
br.flags = F_IF;
@@ -652,7 +654,7 @@ boot_cdrom(struct drive_s *drive_g)
{
if (! CONFIG_CDROM_BOOT)
return;
- printf("Booting from DVD/CD...\n");
+ printf("%sDVD/CD...\n", boot_str);
int status = cdrom_boot(drive_g);
if (status) {
@@ -678,7 +680,7 @@ boot_cbfs(struct cbfs_file *file)
{
if (!CONFIG_COREBOOT_FLASH)
return;
- printf("Booting from CBFS...\n");
+ printf("%sCBFS...\n", boot_str);
cbfs_run_payload(file);
}
@@ -686,7 +688,7 @@ boot_cbfs(struct cbfs_file *file)
static void
boot_rom(u32 vector)
{
- printf("Booting from ROM...\n");
+ printf("%sROM...\n", boot_str);
struct segoff_s so;
so.segoff = vector;
call_boot_entry(so, 0);
@@ -697,10 +699,10 @@ static void
boot_fail(void)
{
if (BootRetryTime == (u32)-1)
- printf("No bootable device.\n");
+ printf("%s\n", no_boot_dev_str);
else
- printf("No bootable device. Retrying in %d seconds.\n"
- , BootRetryTime/1000);
+ printf("%s Retrying in %d seconds.\n", no_boot_dev_str,
+ BootRetryTime/1000);
// Wait for 'BootRetryTime' milliseconds and then reboot.
u32 end = irqtimer_calc(BootRetryTime);
for (;;) {
@@ -726,11 +728,11 @@ do_boot(int seq_nr)
struct bev_s *ie = &BEV[seq_nr];
switch (ie->type) {
case IPL_TYPE_FLOPPY:
- printf("Booting from Floppy...\n");
+ printf("%sFloppy...\n", boot_str);
boot_disk(0x00, CheckFloppySig);
break;
case IPL_TYPE_HARDDISK:
- printf("Booting from Hard Disk...\n");
+ printf("%sHard Disk...\n", boot_str);
boot_disk(0x80, 1);
break;
case IPL_TYPE_CDROM:
--- a/src/bootsplash.c
+++ b/src/bootsplash.c
@@ -16,6 +16,7 @@
#include "string.h" // memset
#include "util.h" // enable_bootsplash
+static const char *decode_failed_str = "_decode failed with return code ";
/****************************************************************
* Helper functions
@@ -155,7 +156,7 @@ enable_bootsplash(void)
dprintf(5, "Decoding bootsplash.jpg\n");
ret = jpeg_decode(jpeg, filedata);
if (ret) {
- dprintf(1, "jpeg_decode failed with return code %d...\n", ret);
+ dprintf(1, "jpeg%s%d...\n", decode_failed_str, ret);
goto done;
}
jpeg_get_size(jpeg, &width, &height);
@@ -169,7 +170,7 @@ enable_bootsplash(void)
dprintf(5, "Decoding bootsplash.bmp\n");
ret = bmp_decode(bmp, filedata, filesize);
if (ret) {
- dprintf(1, "bmp_decode failed with return code %d...\n", ret);
+ dprintf(1, "bmp%s%d...\n", decode_failed_str, ret);
goto done;
}
bmp_get_size(bmp, &width, &height);
--- a/src/fw/paravirt.c
+++ b/src/fw/paravirt.c
@@ -45,6 +45,8 @@ inline int qemu_cfg_dma_enabled(void)
*/
#define KVM_CPUID_SIGNATURE 0x40000000
+static const char *running_on_qemu_str = "Running on QEMU (";
+
static void kvm_detect(void)
{
unsigned int eax, ebx, ecx, edx;
@@ -82,13 +84,13 @@ static void qemu_detect(void)
PlatformRunningOn |= PF_QEMU;
switch (d) {
case 0x1237:
- dprintf(1, "Running on QEMU (i440fx)\n");
+ dprintf(1, "%si440fx)\n", running_on_qemu_str);
break;
case 0x29c0:
- dprintf(1, "Running on QEMU (q35)\n");
+ dprintf(1, "%sq35)\n", running_on_qemu_str);
break;
default:
- dprintf(1, "Running on QEMU (unknown nb: %04x:%04x)\n", v, d);
+ dprintf(1, "%sunknown nb: %04x:%04x)\n", running_on_qemu_str, v, d);
break;
}
kvm_detect();
--- a/src/fw/pciinit.c
+++ b/src/fw/pciinit.c
@@ -39,6 +39,10 @@ enum pci_region_type {
PCI_REGION_TYPE_COUNT,
};
+static const char *pri_bus_str = "PCI: primary bus = ";
+static const char *sec_bus_str = "PCI: secondary bus = ";
+static const char *sub_bus_str = "PCI: subordinate bus = ";
+
static const char *region_type_name[] = {
[ PCI_REGION_TYPE_IO ] = "io",
[ PCI_REGION_TYPE_MEM ] = "mem",
@@ -522,7 +526,6 @@ static void pci_bios_init_platform(void)
}
}
-
/****************************************************************
* Bus initialization
****************************************************************/
@@ -553,21 +556,20 @@ pci_bios_init_bus_rec(int bus, u8 *pci_b
u8 pribus = pci_config_readb(bdf, PCI_PRIMARY_BUS);
if (pribus != bus) {
- dprintf(1, "PCI: primary bus = 0x%x -> 0x%x\n", pribus, bus);
+ dprintf(1, "%s0x%x -> 0x%x\n", pri_bus_str, pribus, bus);
pci_config_writeb(bdf, PCI_PRIMARY_BUS, bus);
} else {
- dprintf(1, "PCI: primary bus = 0x%x\n", pribus);
+ dprintf(1, "%s0x%x\n", pri_bus_str, pribus);
}
u8 secbus = pci_config_readb(bdf, PCI_SECONDARY_BUS);
(*pci_bus)++;
if (*pci_bus != secbus) {
- dprintf(1, "PCI: secondary bus = 0x%x -> 0x%x\n",
- secbus, *pci_bus);
+ dprintf(1, "%s0x%x -> 0x%x\n", sec_bus_str, secbus, *pci_bus);
secbus = *pci_bus;
pci_config_writeb(bdf, PCI_SECONDARY_BUS, secbus);
} else {
- dprintf(1, "PCI: secondary bus = 0x%x\n", secbus);
+ dprintf(1, "%s0x%x\n", sec_bus_str, secbus);
}
/* set to max for access to all subordinate buses.
@@ -578,11 +580,10 @@ pci_bios_init_bus_rec(int bus, u8 *pci_b
pci_bios_init_bus_rec(secbus, pci_bus);
if (subbus != *pci_bus) {
- dprintf(1, "PCI: subordinate bus = 0x%x -> 0x%x\n",
- subbus, *pci_bus);
+ dprintf(1, "%s0x%x -> 0x%x\n", sub_bus_str, subbus, *pci_bus);
subbus = *pci_bus;
} else {
- dprintf(1, "PCI: subordinate bus = 0x%x\n", subbus);
+ dprintf(1, "%s0x%x\n", sub_bus_str, subbus);
}
pci_config_writeb(bdf, PCI_SUBORDINATE_BUS, subbus);
}
--- a/src/hw/usb-hub.c
+++ b/src/hw/usb-hub.c
@@ -11,6 +11,8 @@
#include "usb-hub.h" // struct usb_hub_descriptor
#include "util.h" // timer_calc
+static const char *port_hub_fail_str = "Failure on hub port ";
+
static int
get_hub_desc(struct usb_pipe *pipe, struct usb_hub_descriptor *desc)
{
@@ -82,7 +84,6 @@ get_port_status(struct usbhub_s *hub, in
mutex_unlock(&hub->lock);
return ret;
}
-
// Check if device attached to port
static int
usb_hub_detect(struct usbhub_s *hub, u32 port)
@@ -90,7 +91,7 @@ usb_hub_detect(struct usbhub_s *hub, u32
struct usb_port_status sts;
int ret = get_port_status(hub, port, &sts);
if (ret) {
- dprintf(1, "Failure on hub port %d detect\n", port);
+ dprintf(1, "%s%d detect\n", port_hub_fail_str, port);
return -1;
}
return (sts.wPortStatus & USB_PORT_STAT_CONNECTION) ? 1 : 0;
@@ -102,7 +103,7 @@ usb_hub_disconnect(struct usbhub_s *hub,
{
int ret = clear_port_feature(hub, port, USB_PORT_FEAT_ENABLE);
if (ret)
- dprintf(1, "Failure on hub port %d disconnect\n", port);
+ dprintf(1, "%s%d disconnect\n", port_hub_fail_str, port);
}
// Reset device on port
@@ -142,7 +143,7 @@ usb_hub_reset(struct usbhub_s *hub, u32
>> USB_PORT_STAT_SPEED_SHIFT);
fail:
- dprintf(1, "Failure on hub port %d reset\n", port);
+ dprintf(1, "%s%d reset\n", port_hub_fail_str, port);
usb_hub_disconnect(hub, port);
return -1;
}
--- a/src/hw/usb-msc.c
+++ b/src/hw/usb-msc.c
@@ -50,6 +50,8 @@ struct csw_s {
u8 bCSWStatus;
} PACKED;
+static const char *cant_config_str = "Unable to configure USB MSC ";
+
static int
usb_msc_send(struct usbdrive_s *udrive_gf, int dir, void *buf, u32 bytes)
{
@@ -160,7 +162,7 @@ usb_msc_lun_setup(struct usb_pipe *inpip
int prio = bootprio_find_usb(usbdev, lun);
int ret = scsi_drive_setup(&drive->drive, "USB MSC", prio);
if (ret) {
- dprintf(1, "Unable to configure USB MSC drive.\n");
+ dprintf(1, "%sdrive.\n", cant_config_str);
free(drive);
return -1;
}
@@ -215,7 +217,7 @@ usb_msc_setup(struct usbdevice_s *usbdev
return 0;
fail:
- dprintf(1, "Unable to configure USB MSC device.\n");
+ dprintf(1, "%sdevice.\n", cant_config_str);
usb_free_pipe(usbdev, inpipe);
usb_free_pipe(usbdev, outpipe);
return -1;

Some files were not shown because too many files have changed in this diff Show More