- Fix bsc#1204001. Patches are not upstream, and have been picked up
and backported from the ML. This is something we usually prefer to
avoid, but this is urgent, and the patches looks fine, with high
chances for them to be included as they are (and if they're not, we
will revisit this, i.e., drop them and re-include the ones that are
actually committed)
* Patches added:
linux-user-add-more-compat-ioctl-definit.patch
linux-user-drop-conditionals-for-obsolet.patch
linux-user-remove-conditionals-for-many-.patch
meson-enforce-a-minimum-Linux-kernel-hea.patch
- Improve the output of update_git.sh, by including the list of
repos to which we have downstream patches.
- Fix: bsc#1202665, CVE-2022-2962
* Patches added:
net-tulip-Restrict-DMA-engine-to-memorie.patch
OBS-URL: https://build.opensuse.org/request/show/1007904
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=735
- Runs of the test-suite seem much more stable now, in this version
of QEMU. (bsc#1203610) We are also fine re-enabling running them
in parallel.
- Switch QEMU Linux user to emulate the same CPU as the one of the
host by default. This is a bit conrtoversial and tricky, when
thinking about system emulation/virtualization. But for linux-user,
it should be just fine. (bsc#1203684)
* Patches added:
linux-user-use-max-as-default-CPU-model-.patch
- Be less verbose when packaging documentation. In fact, with just
a couple of (minor) re-arrangements, we can get rid of having to
list all the files all the time
- Package /etc/qemu/bridge.conf as '%config(noreplace). Next step
will probably be to move it to /usr/etc/qemu (bsc#1201944)
- Switch to %autosetup for all products (this required some changes
in update_git.sh)
- Run check-qtest sequentially, as it's more reliable, when in OBS
- Build with libbpf, fdt and capstone support
- Drop the patch adding our support document, and deal with that
in the spec file directly
* Patches dropped:
doc-add-our-support-doc-to-the-main-proj.patch
- Updated to latest upstream version 7.1
* https://wiki.qemu.org/ChangeLog/7.1
Be sure to also check the following pages:
* https://qemu-project.gitlab.io/qemu/about/removed-features.html
* https://qemu-project.gitlab.io/qemu/about/deprecated.html
Some notable changes:
* [x86] Support for architectural LBRs on KVM virtual machines
* [x86] The libopcode-based disassembler has been removed. Use
Capstone instead
* [LoongArch] Add initial support for the LoongArch64 architecture.
* [ARM] The emulated SMMUv3 now advertises support for SMMUv3.2-BBML2
* [ARM] The xlnx-zynqmp SoC model now implements the 4 TTC timers
* [ARM] The versal machine now models the Cortex-R5s in the Real-Time
Processing Unit (RPU) subsystem
* [ARM] The virt board now supports emulation of the GICv4.0
* [ARM] New emulated CPU types: Cortex-A76, Neoverse-N1
* [HPPA] Fix serial port pass-through from host to guest
* [HPPA] Lots of general code improvements and tidy-ups
* [RISC-V] RISC-V
* [RISC-V] Add support for privileged spec version 1.12.0
* [RISC-V] Use privileged spec version 1.12.0 for virt machine by default
* [RISC-V] Allow software access to MIP SEIP
* [RISC-V] Add initial support for the Sdtrig extension
* [RISC-V] Optimisations and improvements for the vector extension
* [VFIO] Experimental support for exposing emulated PCI devices over the
new vfio-user protocol (a vfio-user client is not yet available
in QEMU, though)
* [QMP] The on-cbw-error option for copy-before-write filter, to specify
behavior on CBW (copy before write) operation failure.
* [QMP] The cbw-timeout option for copy-before-write filter, to specify
timeout for CBW operation.
* [QMP] New commands query-stats and query-stats-schema to retrieve
statistics from various QEMU subsystems (right now only from
KVM).
* [QMP] The PanicAction can now be configured to report an exit-failure
(useful for automated testing)
* [Networking] QEMU can be compiled with the system slirp library even
when using CFI. This requires libslirp 4.7.
* [Migration] Support for zero-copy-send on Linux, which reduces CPU
usage on the source host. Note that locked memory is needed
to support this
* Patches added:
Revert-tests-qtest-enable-more-vhost-use.patch
meson-remove-pkgversion-from-CONFIG_STAM.patch
* Patches dropped:
AIO-Reduce-number-of-threads-for-32bit-h.patch
Makefile-Don-t-check-pc-bios-as-pre-requ.patch
Revert-8dcb404bff6d9147765d7dd3e9c849337.patch
Revert-qht-constify-qht_statistics_init.patch
XXX-dont-dump-core-on-sigabort.patch
acpi_piix4-Fix-migration-from-SLE11-SP2.patch
configure-only-populate-roms-if-softmmu.patch
configure-remove-pkgversion-from-CONFIG_.patch
coroutine-ucontext-use-QEMU_DEFINE_STATI.patch
coroutine-use-QEMU_DEFINE_STATIC_CO_TLS.patch
coroutine-win32-use-QEMU_DEFINE_STATIC_C.patch
hostmem-default-the-amount-of-prealloc-t.patch
hw-usb-hcd-ehci-fix-writeback-order.patch
i8254-Fix-migration-from-SLE11-SP2.patch
intc-exynos4210_gic-replace-snprintf-wit.patch
modules-generates-per-target-modinfo.patch
modules-introduces-module_kconfig-direct.patch
pc-bios-s390-ccw-net-avoid-warning-about.patch
pci-fix-overflow-in-snprintf-string-form.patch
qemu-cvs-gettimeofday.patch
qemu-cvs-ioctl_debug.patch
qemu-cvs-ioctl_nodirection.patch
qht-Revert-some-constification-in-qht.c.patch
qom-handle-case-of-chardev-spice-module-.patch
scsi-lsi53c895a-fix-use-after-free-in-ls.patch
scsi-lsi53c895a-really-fix-use-after-fre.patch
softmmu-Always-initialize-xlat-in-addres.patch
sphinx-change-default-language-to-en.patch
test-add-mapping-from-arch-of-i686-to-qe.patch
tests-Fix-block-tests-to-be-compatible-w.patch
tests-qtest-Move-the-fuzz-tests-to-x86-o.patch
usb-Help-compiler-out-to-avoid-a-warning.patch
OBS-URL: https://build.opensuse.org/request/show/1006734
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=732
- Substantial rework of the spec file:
* the 'make check' testsuite now runs in the %check section of
the main package, not in a subpackage
* switched from %setup to %autosetup
* rearranged the content in order to minimize the use of %if,
%ifarch, etc
- Properly fix bsc#1198038, CVE-2022-0216
* Patches added:
scsi-lsi53c895a-really-fix-use-after-fre.patch
tests-qtest-Move-the-fuzz-tests-to-x86-o.patch
- Make temp dir (for update_git.sh) configurable
- Added new subpackages (audio-dbus, ui-dbus)
- bsc#1199018 was never fixed in Factory's QEMU 6.2. It is
now (since the patches are already in SeaBIOS 1.16.0)
- Some tests are having issues when run in OBS. They seem to be
due to race conditions, triggered by resource constraints of
OBS workers. Let's disable them for now, while looking for a fix
- Update to v7.0.0. For full release notese, see:
* https://wiki.qemu.org/ChangeLog/7.0
Be sure to also check the following pages:
* https://qemu-project.gitlab.io/qemu/about/removed-features.html
* https://qemu-project.gitlab.io/qemu/about/deprecated.html
Some notable changes:
* [ARM] The virt board has gained a new control knob to disable passing a RNG seed in the DTB (dtb-kaslr-seed)
* [ARM] The AST2600 SoC now supports a dummy version of the i3c device
* [ARM] The virt board can now run guests with KVM on hosts with restricted IPA ranges
* [ARM] The virt board now supports virtio-mem-pci
* [ARM] The virt board now supports specifying the guest CPU topology
* [ARM] On the virt board, we now enable PAuth when using KVM or hvf and the host CPU supports it
* [RISC-V] Add support for ratified 1.0 Vector extension
* [RISC-V] Support for the Zve64f and Zve32f extensions
* [RISC-V] Drop support for draft 0.7.1 Vector extension
* [RISC-V] Support Zfhmin and Zfh extensions
* [RISC-V] RISC-V KVM support
* [RISC-V] Mark Hypervisor extension as non experimental
* [RISC-V] Enable Hypervisor extension by default
* [x86] Support for Intel AMX.
* [PCI/PCIe] Q35: fix PCIe device becoming disabled after migration when ACPI based PCI hotplug is used (6b0969f1ec)
* [PCI/PCIe] initial bits of SR/IOV support (250346169)
* [PCI/PCIe] arm/virt: fixed PXB interrupt routing (e609301b45)
* [PCI/PCIe] arm/virt: support for virtio-mem-pci (b1b87327a9)
* [virtiofs] Fix for CVE-2022-0358 - behaviour with supplementary groups and SGID directories
* [virtiofs] Improved security label support
* [virtiofs] The virtiofsd in qemu is now starting to be deprecated; please start using and contributing to Rust virtiofsd
* Patches dropped:
acpi-validate-hotplug-selector-on-access.patch
block-backend-Retain-permissions-after-m.patch
block-qdict-Fix-Werror-maybe-uninitializ.patch
brotli-fix-actual-variable-array-paramet.patch
display-qxl-render-fix-race-condition-in.patch
doc-Add-the-SGX-numa-description.patch
hw-i386-amd_iommu-Fix-maybe-uninitialize.patch
hw-intc-exynos4210_gic-provide-more-room.patch
hw-nvme-fix-CVE-2021-3929.patch
hw-nvram-at24-return-0xff-if-1-byte-addr.patch
iotest-065-explicit-compression-type.patch
iotest-214-explicit-compression-type.patch
iotest-302-use-img_info_log-helper.patch
iotest-303-explicit-compression-type.patch
iotest-39-use-_qcow2_dump_header.patch
iotests-60-more-accurate-set-dirty-bit-i.patch
iotests-bash-tests-filter-compression-ty.patch
iotests-common.rc-introduce-_qcow2_dump_.patch
iotests-declare-lack-of-support-for-comp.patch
iotests-drop-qemu_img_verbose-helper.patch
iotests-massive-use-_qcow2_dump_header.patch
iotests-MRCE-Write-data-to-source.patch
iotests.py-filter-out-successful-output-.patch
iotests.py-img_info_log-rename-imgopts-a.patch
iotests.py-implement-unsupported_imgopts.patch
iotests.py-qemu_img-create-support-IMGOP.patch
iotests.py-rewrite-default-luks-support-.patch
iotests-specify-some-unsupported_imgopts.patch
meson-build-all-modules-by-default.patch
numa-Enable-numa-for-SGX-EPC-sections.patch
numa-Support-SGX-numa-in-the-monitor-and.patch
python-aqmp-add-__del__-method-to-legacy.patch
python-aqmp-add-_session_guard.patch
python-aqmp-add-SocketAddrT-to-package-r.patch
python-aqmp-add-socket-bind-step-to-lega.patch
python-aqmp-add-start_server-and-accept-.patch
python-aqmp-copy-type-definitions-from-q.patch
python-aqmp-drop-_bind_hack.patch
python-aqmp-fix-docstring-typo.patch
python-aqmp-Fix-negotiation-with-pre-oob.patch
python-aqmp-fix-race-condition-in-legacy.patch
Python-aqmp-fix-type-definitions-for-myp.patch
python-aqmp-handle-asyncio.TimeoutError-.patch
python-aqmp-refactor-_do_accept-into-two.patch
python-aqmp-remove-_new_session-and-_est.patch
python-aqmp-rename-accept-to-start_serve.patch
python-aqmp-rename-AQMPError-to-QMPError.patch
python-aqmp-split-_client_connected_cb-o.patch
python-aqmp-squelch-pylint-warning-for-t.patch
python-aqmp-stop-the-server-during-disco.patch
python-introduce-qmp-shell-wrap-convenie.patch
python-machine-raise-VMLaunchFailure-exc.patch
python-move-qmp-shell-under-the-AQMP-pac.patch
python-move-qmp-utilities-to-python-qemu.patch
python-qmp-switch-qmp-shell-to-AQMP.patch
python-support-recording-QMP-session-to-.patch
python-upgrade-mypy-to-0.780.patch
qcow2-simple-case-support-for-downgradin.patch
qemu-binfmt-conf.sh-should-use-F-as-shor.patch
tests-qemu-iotests-040-Skip-TestCommitWi.patch
tests-qemu-iotests-Fix-051-for-binaries-.patch
tests-qemu-iotests-testrunner-Quote-case.patch
tools-virtiofsd-Add-rseq-syscall-to-the-.patch
ui-cursor-fix-integer-overflow-in-cursor.patch
vhost-vsock-detach-the-virqueue-element-.patch
virtiofsd-Drop-membership-of-all-supplem.patch
virtio-net-fix-map-leaking-on-error-duri.patch
Disable-some-tests-that-have-problems-in.patch
* Patches added:
intc-exynos4210_gic-replace-snprintf-wit.patch
Revert-8dcb404bff6d9147765d7dd3e9c849337.patch
------------------------------------------------------------------
- Fix bsc#1197084
* Patches added:
hostmem-default-the-amount-of-prealloc-t.patch
- Get rid of downstream patches breaking s390 modules. Replace
them with the upstream proposed and Acked (but never committed)
solution (bsc#1199015)
* Patches added:
modules-generates-per-target-modinfo.patch
modules-introduces-module_kconfig-direct.patch
* Patches dropped:
Fix-the-module-building-problem-for-s390.patch
modules-quick-fix-a-fundamental-error-in.patch
- backport patches for having coroutine work well when LTO is used
* Patches added:
coroutine-ucontext-use-QEMU_DEFINE_STATI.patch
coroutine-use-QEMU_DEFINE_STATIC_CO_TLS.patch
coroutine-win32-use-QEMU_DEFINE_STATIC_C.patch
- seabios: drop patch that changes python in python2.
Just go to python3 directly.
* Patches dropped:
seabios-use-python2-explicitly-as-needed.patch
OBS-URL: https://build.opensuse.org/request/show/990667
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=726
- Substantial rework of the spec file:
* the 'make check' testsuite now runs in the %check section of
the main package, not in a subpackage
* switched from %setup to %autosetup
* rearranged the content in order to minimize the use of %if,
%ifarch, etc
- Some tests are having issues when run in OBS. They seem to be due to
race conditions, triggered by resource constraints on the OBS workers.
Let's disable them for now, while we investigate and try to fix them.
* Patches added:
Disable-some-tests-that-have-problems-in.patch
- Revert an upstream commit that add some qtests that are problematic
for GCC12+LTO
* Patches added:
Revert-8dcb404bff6d9147765d7dd3e9c849337.patch
- _multibuild: disable the build of qemu-testsuite. We are going
to run 'make check' as part of the %check phase of the main (qemu)
package, so we do not need a dedicated build any longer.
- Get rid of downstream patches breaking s390 modules. Replace
them with the upstream proposed and Acked (but never committed)
solution (bsc#1199015)
* Patches added:
modules-generates-per-target-modinfo.patch
modules-introduces-module_kconfig-direct.patch
* Patches dropped:
Fix-the-module-building-problem-for-s390.patch
modules-quick-fix-a-fundamental-error-in.patch
- backport patches for having coroutine work well when LTO is used
* Patches added:
coroutine-ucontext-use-QEMU_DEFINE_STATI.patch
coroutine-use-QEMU_DEFINE_STATIC_CO_TLS.patch
coroutine-win32-use-QEMU_DEFINE_STATIC_C.patch
- seabios: drop patch that changes python in python2. Just
go to python3 directly.
* Patches dropped:
seabios-use-python2-explicitly-as-needed.patch
- Make temp dir (for update_git.sh) configurable
- Added new subpackages (audio-dbus, ui-dbus)
- Update to v7.0.0. For full release notese, see:
* https://wiki.qemu.org/ChangeLog/7.0
Be sure to also check the following pages:
* https://qemu-project.gitlab.io/qemu/about/removed-features.html
* https://qemu-project.gitlab.io/qemu/about/deprecated.html
Some notable changes:
* [ARM] The virt board has gained a new control knob to disable passing a RNG seed in the DTB (dtb-kaslr-seed)
* [ARM] The AST2600 SoC now supports a dummy version of the i3c device
* [ARM] The virt board can now run guests with KVM on hosts with restricted IPA ranges
* [ARM] The virt board now supports virtio-mem-pci
* [ARM] The virt board now supports specifying the guest CPU topology
* [ARM] On the virt board, we now enable PAuth when using KVM or hvf and the host CPU supports it
* [RISC-V] Add support for ratified 1.0 Vector extension
* [RISC-V] Support for the Zve64f and Zve32f extensions
* [RISC-V] Drop support for draft 0.7.1 Vector extension
* [RISC-V] Support Zfhmin and Zfh extensions
* [RISC-V] RISC-V KVM support
* [RISC-V] Mark Hypervisor extension as non experimental
* [RISC-V] Enable Hypervisor extension by default
* [x86] Support for Intel AMX.
* [PCI/PCIe] Q35: fix PCIe device becoming disabled after migration when ACPI based PCI hotplug is used (6b0969f1ec)
* [PCI/PCIe] initial bits of SR/IOV support (250346169)
* [PCI/PCIe] arm/virt: fixed PXB interrupt routing (e609301b45)
* [PCI/PCIe] arm/virt: support for virtio-mem-pci (b1b87327a9)
* [virtiofs] Fix for CVE-2022-0358 - behaviour with supplementary groups and SGID directories
* [virtiofs] Improved security label support
* [virtiofs] The virtiofsd in qemu is now starting to be deprecated; please start using and contributing to Rust virtiofsd
* Patches Added:
intc-exynos4210_gic-replace-snprintf-wit.patch
* Patches dropped:
Python-aqmp-fix-type-definitions-for-myp.patch
acpi-validate-hotplug-selector-on-access.patch
block-backend-Retain-permissions-after-m.patch
brotli-fix-actual-variable-array-paramet.patch
doc-Add-the-SGX-numa-description.patch
hw-i386-amd_iommu-Fix-maybe-uninitialize.patch
hw-intc-exynos4210_gic-provide-more-room.patch
hw-nvme-fix-CVE-2021-3929.patch
hw-nvram-at24-return-0xff-if-1-byte-addr.patch
iotest-065-explicit-compression-type.patch
iotest-214-explicit-compression-type.patch
iotest-302-use-img_info_log-helper.patch
iotest-303-explicit-compression-type.patch
iotest-39-use-_qcow2_dump_header.patch
iotests-60-more-accurate-set-dirty-bit-i.patch
iotests-MRCE-Write-data-to-source.patch
iotests-bash-tests-filter-compression-ty.patch
iotests-common.rc-introduce-_qcow2_dump_.patch
iotests-declare-lack-of-support-for-comp.patch
iotests-drop-qemu_img_verbose-helper.patch
iotests-massive-use-_qcow2_dump_header.patch
iotests-specify-some-unsupported_imgopts.patch
iotests.py-filter-out-successful-output-.patch
iotests.py-img_info_log-rename-imgopts-a.patch
iotests.py-implement-unsupported_imgopts.patch
iotests.py-qemu_img-create-support-IMGOP.patch
iotests.py-rewrite-default-luks-support-.patch
meson-build-all-modules-by-default.patch
numa-Enable-numa-for-SGX-EPC-sections.patch
numa-Support-SGX-numa-in-the-monitor-and.patch
python-aqmp-Fix-negotiation-with-pre-oob.patch
python-aqmp-add-SocketAddrT-to-package-r.patch
python-aqmp-add-__del__-method-to-legacy.patch
python-aqmp-add-_session_guard.patch
python-aqmp-add-socket-bind-step-to-lega.patch
python-aqmp-add-start_server-and-accept-.patch
python-aqmp-copy-type-definitions-from-q.patch
python-aqmp-drop-_bind_hack.patch
python-aqmp-fix-docstring-typo.patch
python-aqmp-fix-race-condition-in-legacy.patch
python-aqmp-handle-asyncio.TimeoutError-.patch
python-aqmp-refactor-_do_accept-into-two.patch
python-aqmp-remove-_new_session-and-_est.patch
python-aqmp-rename-AQMPError-to-QMPError.patch
python-aqmp-rename-accept-to-start_serve.patch
python-aqmp-split-_client_connected_cb-o.patch
python-aqmp-squelch-pylint-warning-for-t.patch
python-aqmp-stop-the-server-during-disco.patch
python-introduce-qmp-shell-wrap-convenie.patch
python-machine-raise-VMLaunchFailure-exc.patch
python-move-qmp-shell-under-the-AQMP-pac.patch
python-move-qmp-utilities-to-python-qemu.patch
python-qmp-switch-qmp-shell-to-AQMP.patch
python-support-recording-QMP-session-to-.patch
python-upgrade-mypy-to-0.780.patch
qcow2-simple-case-support-for-downgradin.patch
qemu-binfmt-conf.sh-should-use-F-as-shor.patch
tests-qemu-iotests-040-Skip-TestCommitWi.patch
tests-qemu-iotests-Fix-051-for-binaries-.patch
tests-qemu-iotests-testrunner-Quote-case.patch
tools-virtiofsd-Add-rseq-syscall-to-the-.patch
virtiofsd-Drop-membership-of-all-supplem.patch
block-qdict-Fix-Werror-maybe-uninitializ.patch
OBS-URL: https://build.opensuse.org/request/show/979381
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=717
- Build PPC firmwares from sources on non-PPC builds as well (bsc#1193545)
- Build RiscV firmwares on non-RiscV builds as well
- While there, refactor (and simplify!) the firmware building logic and code
* Patches added:
Makefile-define-endianess-for-cross-buil.patch
- Include vmxcap in the qemu-tools package (is being very useful for debugging bsc#1193364)
- The qemu package should require qemu-x86, qemu-arm, etc, as there's no point installing it without _any_ of them. Additionally, right now, the user does not get a working qemu, if recommended packages are disabled (e.g., on MicroOS or SLE Micro). bsc#1196087
- Give clearer instructions on how to modify the package patches from the output of update_git.sh (docs change only, no functional change)
- qemu,kvm: potential privilege escalation via virtiofsd (bsc#1195161, CVE-2022-0358)
* Patches added:
virtiofsd-Drop-membership-of-all-supplem.patch
OBS-URL: https://build.opensuse.org/request/show/959502
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=691
- 6.0.0 qemu is about to be released. Add comments to the in-
package support documents (supported.<arch>.txt) about the new
deprecations as of that release as an early head's up for qemu
users. These deprecations include these command-line options:
-M option: kernel-irq-chip=off
-chardev tty
-chardev paraport
-enable-fips
-writeconfig
-spice password=string
OBS-URL: https://build.opensuse.org/request/show/886076
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=635
- Include upstream patches designated as stable material and
reviewed for applicability to include here. NOTE that the
PIIX4 patch has migration implications: the change will also be
applied to the SLE-15-SP2 qemu, and a live migration from that
version to this SLE-15-SP3 qemu would require this patch to be
applied for a successful migration if PIIX4 southbridge is used
in the machine emulation (x86 i440fx)
block-rbd-fix-memory-leak-in-qemu_rbd_co.patch
block-rbd-Fix-memory-leak-in-qemu_rbd_co.patch
cpu-core-Fix-help-of-CPU-core-device-typ.patch
hw-arm-virt-acpi-build-Fix-GSIV-values-o.patch
hw-block-fdc-Fix-fallback-property-on-sy.patch
hw-isa-Kconfig-Add-missing-dependency-VI.patch
hw-isa-piix4-Migrate-Reset-Control-Regis.patch
hw-virtio-pci-Added-AER-capability.patch
hw-virtio-pci-Added-counter-for-pcie-cap.patch
s390x-css-report-errors-from-ccw_dstream.patch
target-xtensa-fix-meson.build-rule-for-x.patch
util-fix-use-after-free-in-module_load_o.patch
virtio-pci-compat-page-aligned-ATS.patch
OBS-URL: https://build.opensuse.org/request/show/885459
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=634
- Switch method of splitting off hw-s390x-virtio-gpu-ccw.so as a
module to what was accepted upstream (bsc#1181103)
* Patches dropped:
hw-s390x-modularize-virtio-gpu-ccw.patch
* Patches added:
s390x-add-have_virtio_ccw.patch
s390x-modularize-virtio-gpu-ccw.patch
s390x-move-S390_ADAPTER_SUPPRESSIBLE.patch
- Fix OOB access in sdhci interface (CVE-2020-17380, bsc#1175144,
CVE-2020-25085, bsc#1176681, CVE-2021-3409, bsc#1182282)
hw-sd-sd-Actually-perform-the-erase-oper.patch
hw-sd-sd-Fix-build-error-when-DEBUG_SD-i.patch
hw-sd-sdhci-Correctly-set-the-controller.patch
hw-sd-sdhci-Don-t-transfer-any-data-when.patch
hw-sd-sdhci-Don-t-write-to-SDHC_SYSAD-re.patch
hw-sd-sdhci-Limit-block-size-only-when-S.patch
hw-sd-sdhci-Reset-the-data-pointer-of-s-.patch
hw-sd-sd-Move-the-sd_block_-read-write-a.patch
hw-sd-sd-Skip-write-protect-groups-check.patch
- Fix potential privilege escalation in virtiofsd tool
(CVE-2021-20263, bsc#1183373)
tools-virtiofsd-Replace-the-word-whiteli.patch
viriofsd-Add-support-for-FUSE_HANDLE_KIL.patch
virtiofsd-extract-lo_do_open-from-lo_ope.patch
virtiofsd-optionally-return-inode-pointe.patch
virtiofsd-prevent-opening-of-special-fil.patch
virtiofs-drop-remapped-security.capabili.patch
virtiofsd-Save-error-code-early-at-the-f.patch
- Fix OOB access (stack overflow) in rtl8139 NIC emulation
(CVE-2021-3416, bsc#1182968)
net-introduce-qemu_receive_packet.patch
rtl8139-switch-to-use-qemu_receive_packe.patch
- Fix OOB access (stack overflow) in other NIC emulations
(CVE-2021-3416)
cadence_gem-switch-to-use-qemu_receive_p.patch
dp8393x-switch-to-use-qemu_receive_packe.patch
e1000-switch-to-use-qemu_receive_packet-.patch
lan9118-switch-to-use-qemu_receive_packe.patch
msf2-mac-switch-to-use-qemu_receive_pack.patch
pcnet-switch-to-use-qemu_receive_packet-.patch
sungem-switch-to-use-qemu_receive_packet.patch
tx_pkt-switch-to-use-qemu_receive_packet.patch
- Fix heap overflow in MSIx emulation (CVE-2020-27821, bsc#1179686)
memory-clamp-cached-translation-in-case-.patch
- Include upstream patches designated as stable material and
reviewed for applicability to include here
hw-arm-virt-Disable-pl011-clock-migratio.patch
xen-block-Fix-removal-of-backend-instanc.patch
- Fix package scripts to not use hard coded paths for temporary
working directories and log files (bsc#1182425)
OBS-URL: https://build.opensuse.org/request/show/882222
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=632
- Fix DoS in e1000 emulated device (CVE-2021-20257 bsc#1182577)
e1000-fail-early-for-evil-descriptor.patch
- Fix incorrect guest data in s390x PCI passthrough (bsc#1183372)
s390x-pci-restore-missing-Query-PCI-Func.patch
- Include upstream patches designated as stable material and
reviewed for applicability to include here
lsilogic-Use-PCIDevice-exit-instead-of-D.patch
vhost-user-blk-fix-blkcfg-num_queues-end.patch
- Fix potential privilege escalation in virtfs (CVE-2021-20181
bsc#1182137)
9pfs-Fully-restart-unreclaim-loop-CVE-20.patch
- Fix OOB access in vmxnet3 emulation (CVE-2021-20203 bsc#1181639)
net-vmxnet3-validate-configuration-value.patch
OBS-URL: https://build.opensuse.org/request/show/879536
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=629
- Fix issue of virtio-9p-ccw having been mistakenly dropped from
qemu (bsc#1182496)
hw-s390x-fix-build-for-virtio-9p-ccw.patch
- Tweaked some spec file details to be again compatible with quilt
setup using the spec file as input
- Remove BuildRequires that were added in anticipation of building
ovmf within this package. We have not taken that route
OBS-URL: https://build.opensuse.org/request/show/874876
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=619
- Fix uninitialized variable in ipxe driver code (boo#1181922)
ath5k-Add-missing-AR5K_EEPROM_READ-in-at.patch
- Add a few improvements to the git-based package workflow scripts
- Include additional upstream patches designated as stable material
and reviewed for applicability to include here
blockjob-Fix-crash-with-IOthread-when-bl.patch
monitor-Fix-assertion-failure-on-shutdow.patch
qemu-nbd-Use-SOMAXCONN-for-socket-listen.patch
qemu-storage-daemon-Enable-object-add.patch
OBS-URL: https://build.opensuse.org/request/show/873002
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=617
- Switch the modules qemu-ui-display-gpu and qemu-ui-display-gpu-pci
from being an x86 only Recommends, to a Recommends for all arch's
except s390x (boo#1181350)
- Fix qemu-hw-usb-smartcard to not be a Recommends for s390x
- Minor spec file tweaks for compatibility with upcoming spec file
formatter
- Make note that this patch takes care of an OOB access in ARM
interrupt handling (CVE-2021-20221 bsc#1181933)
hw-intc-arm_gic-Fix-interrupt-ID-in-GICD.patch
OBS-URL: https://build.opensuse.org/request/show/870726
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=615
- Include upstream patches designated as stable material and
reviewed for applicability to include here
block-Separate-blk_is_writable-and-blk_s.patch
hw-intc-arm_gic-Fix-interrupt-ID-in-GICD.patch
hw-net-lan9118-Fix-RX-Status-FIFO-PEEK-v.patch
hw-timer-slavio_timer-Allow-64-bit-acces.patch
net-Fix-handling-of-id-in-netdev_add-and.patch
target-arm-Don-t-decode-insns-in-the-XSc.patch
target-arm-Fix-MTE0_ACTIVE.patch
target-arm-Introduce-PREDDESC-field-defi.patch
target-arm-Update-PFIRST-PNEXT-for-pred_.patch
target-arm-Update-REV-PUNPK-for-pred_des.patch
target-arm-Update-ZIP-UZP-TRN-for-pred_d.patch
tcg-Use-memset-for-large-vector-byte-rep.patch
ui-vnc-Add-missing-lock-for-send_color_m.patch
virtio-move-use-disabled-flag-property-t.patch
- binutils v2.36 has changed the handling of the assembler's
-mx86-used-note, resulting in a build failure. To compensate, we
now explicitly specify -mx86-used-note=no in the seabios Makefile
(boo#1181775)
build-be-explicit-about-mx86-used-note-n.patch
OBS-URL: https://build.opensuse.org/request/show/869843
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=614
- Update to v5.2.0: See http://wiki.qemu.org/ChangeLog/5.2
Take note that ongoing feature deprecation is tracked at both
http://wiki.qemu-project.org/Features/LegacyRemoval and in
the deprecated.html file installed with the qemu package
Some noteworthy changes:
* Dropped system emulators: qemu-system-lm32, qemu-system-unicore32
* Dropped linux user emulator: qemu-ppc64abi32
* Added linux user emulator: qemu-extensaeb
* Unicore32 and lm32 guest support dropped
* New sub-packages (most due to ongoing modularization of QEMU):
qemu-audio-spice, qemu-hw-chardev-spice, qemu-hw-display-virtio-vga,
qemu-hw-display-virtio-gpu, qemu-hw-display-virtio-gpu-pci,
qemu-ui-spice-core, qemu-ui-opengl, qemu-ivshmem-tools
* x86: A new KVM feature which improves the handling of asynchronous page
faults is available with -cpu ...,kvm-async-pf-int (requires Linux 5.8)
* s390: More instructions emulated under TCG
* PowerPC: nvdimm= machine option now functions correctly; misc improvements
* ARM: new boards: mps2-an386 (Cortex-M4 based) and mps2-an500
(Cortex-M7 based), raspi3ap (the Pi 3 model A+), raspi0 (the Pi Zero)
and raspi1ap (the Pi A+)
* RISC-V: OpenSBI v0.8 included by default; Generic OpenSBI platform used
when no -bios argument is supplied; Support for NUMA sockets on Virt
and Spike Machines; Support for migrating machines; misc improvements
* Misc NVMe improvements
* The 'vhost-user-blk' export type has been added, allowing
qemu-storage-daemon to act as a vhost-user-blk device backend
* The SMBIOS OEM strings can now come from a file
* 9pfs - misc performance related improvements
* virtiofs - misc improvements
* migration: The default migration bandwidth has been increased to 1Gbps
(users are still encouraged to tune it to their own hardware); The new
'calc-dirty-rate' and 'query-dirty-rate' QMP commands can help determine
the likelihood of precopy migration success; TLS+multifd now supported
for higher bandwidth encrypted migration; misc minor features added
* Misc minor block features added
* Misc doc improvements
* qemu-microvm subpackage change: the bios-microvm.bin is now SeaBIOS based,
and the qboot based on is now qboot.rom
* elf2dmp is no longer part of qemu-tools (it was never intended to be
a packaged binary)
* Some subpackages which were 'Requires' are now 'Recommends', allowing for
a smaller qemu packaging footprint if needed
* Patches dropped (included in release tarball, unless otherwise noted):
docs-fix-trace-docs-build-with-sphinx-3..patch (fixed differently)
hw-hyperv-vmbus-Fix-32bit-compilation.patch
linux-user-properly-test-for-infinite-ti.patch
Switch-order-of-libraries-for-mpath-supp.patch (fixed differently)
Conditionalize-ui-bitmap-installation-be.patch (fixed differently)
hw-usb-hcd-xhci-Fix-GCC-9-build-warning.patch (no longer using gcc9)
hw-usb-dev-mtp-Fix-GCC-9-build-warning.patch (no longer using gcc9)
roms-Makefile-enable-cross-compile-for-b.patch (fixed with different patch)
libvhost-user-handle-endianness-as-manda.patch
virtio-add-vhost-user-fs-ccw-device.patch
Fix-s-directive-argument-is-null-error.patch
build-Workaround-compilation-error-with-.patch
build-Be-explicit-about-fcommon-compiler.patch
intel-Avoid-spurious-compiler-warning-on.patch
golan-Add-explicit-type-casts-for-nodnic.patch
Do-not-apply-WORKAROUND_CFLAGS-for-host-.patch
ensure-headers-included-are-compatible-w.patch
Enable-cross-compile-prefix-for-C-compil.patch (fixed differently)
hw-net-net_tx_pkt-fix-assertion-failure-.patch
hw-net-xgmac-Fix-buffer-overflow-in-xgma.patch
s390x-protvirt-allow-to-IPL-secure-guest.patch
usb-fix-setup_len-init-CVE-2020-14364.patch
* Patches added:
meson-install-ivshmem-client-and-ivshmem.patch
Revert-roms-efirom-tests-uefi-test-tools.patch
Makefile-Don-t-check-pc-bios-as-pre-requ.patch
roms-Makefile-add-cross-file-to-qboot-me.patch
qboot-add-cross.ini-file-to-handle-aarch.patch
usb-Help-compiler-out-to-avoid-a-warning.patch
- In spec file, where reasonable, switch BuildRequires: XXX-devel
to be pkgconfig(XXX') instead
- No longer disable link time optimization for qemu for x86. It looks like
either the build service, qemu code changes and/or the switch to meson
have resolved issues previously seen there. We still see problems for
other architectures however.
- For the record, the following issues reported for SUSE SLE15-SP2
are either fixed in this current package, or are otherwise no longer
an issue: bsc#1172384 bsc#1174386 bsc#1174641 bsc#1174863 bsc#1175370
bsc#1175441 bsc#1176494 CVE-2020-13361 CVE-2020-14364 CVE-2020-15863
CVE-2020-16092 CVE-2020-24352
and the following feature requests are satisfied by this package:
jsc#SLE-13689 jsc#SEL-13780 jsc#SLE-13840
- To be more accurate, and to align with other qemu packaging
practices, rename the qemu-s390 package to qemu-s390x. The old
name (in the rpm namespace) is provided with a "Provides"
directive, and an "Obsoletes" done against that name for prior
qemu versions, as is standard practice (boo#1177764 jsc#SLE-17060)
- Take this opportunity to remove some ancient Split-Provides
mechanisms which can't conceivably be needed any more:
qemu-block-curl provided: qemu:%_libdir/%name/block-curl.so
qemu-guest-agent provided: qemu:%_bindir/qemu-ga
qemu-tools provided: qemu:%_libexecdir/qemu-bridge-helper
- Disable linux-user 'ls' test on 32 bit arm. It's failing with
"Allocating guest commpage: Cannot allocate memory" error, which
we should hunt down, but for now we don't want it to prevent the
package from being built
OBS-URL: https://build.opensuse.org/request/show/854151
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=597
- In an effort to "Close the Leap Gap", remove use of is_opensuse
from the spec file, so that the same packages built for SLE can
be reused for Leap. Some sub-packages will not be included for
SLE which are included for Leap. They wil be provided in Package
Hub for SLE users as unsupported packages.
- Add infrastructure to do package splits when split-off package
isn't required and doesn't (otherwise) include any previously
installed files. This version of qemu has split out non-essential
functionality into loadable modules, as noted in Aug 20, 2020 log
entry, which describes the emergency Split-Provides. That approach
will be superseded by this planned approach, and those dummy doc
files will be removed in time
Here is the new mapping:
subpackage continuity file provided (files are dummies)
========== ============================================
qemu-chardev-baum /usr/share/qemu/forsplits/00
qemu-hw-display-qxl /usr/share/qemu/forsplits/01
qemu-hw-usb-redirect /usr/share/qemu/forsplits/02
qemu-hw-usb-smartcard /usr/share/qemu/forsplits/03
- Fix path of qemu-pr-helper. It was a mistake to move it from
%_bindir to _libexecdir. In more recent qemu code it's been moved
back, so undo this mistake by providing it at the same location
as it has been all along
OBS-URL: https://build.opensuse.org/request/show/833587
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=570
- Fix compilation errors seen with pre-release gcc 11
atomic.h-change-method-for-removing-C-qu.patch
help-compiler-out-by-initializing-array.patch
s390x-Fix-stringop-truncation-issue-repo.patch
(also tweak needed to previous submission)
(also minor tweak to update_git.sh, which is needed to correctly handle the state of git repo sitting on actual release commit.
OBS-URL: https://build.opensuse.org/request/show/827680
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=560
- Include upstream patches targeted for the next stable release
(bug fixes only)
spapr-Fix-failure-path-for-attempting-to.patch
target-i386-do-not-set-unsupported-VMX-s.patch
target-xtensa-fix-pasto-in-pfwait.r-opco.patch
tcg-i386-Fix-INDEX_op_dup2_vec.patch
tcg-mips-mips-sync-encode-error.patch
vhost-user-gpu-Release-memory-returned-b.patch
vpc-Don-t-round-up-already-aligned-BAT-s.patch
xen-block-Fix-double-qlist-remove-and-re.patch
- Fix bug causing weak encryption in PAuth for ARM
(CVE-2020-10702 bsc#1168681)
target-arm-Fix-PAuth-sbox-functions.patch
- Fix OOB in tulip NIC emulation (CVE-2020-11102 bsc#1168713
net-tulip-check-frame-size-and-r-w-data-.patch
- Note that previously included patch addresses CVE-2020-1711
and bsc#1166240
iscsi-Cap-block-count-from-GET-LBA-STATU.patch
- Include performance improvement (and related?) patch
aio-wait-delegate-polling-of-main-AioCon.patch
async-use-explicit-memory-barriers.patch
- Rework previous patch at Olaf H.'s direction
hw-i386-disable-smbus-migration-for-xenf.patch
- Eliminate is_opensuse usage in producing seabios version string
what we are doing here is just replacing the upstream string
with one indicating that the openSUSE build service built it,
and so just leave it as "-rebuilt.opensuse.org"
- Alter algorithm used to produce "unique" symbol for coordinating
qemu with the optional modules it may load. This is a reasonable
relaxation for broader compatibility
configure-remove-pkgversion-from-CONFIG_.patch
- Tweak supported.*.txt for latest deprecations, and other fixes
- Tweak update_git.sh, config.sh
- One more fix is needed for: s390x Protected Virtualization support
- start and control guest in secure mode (bsc#1167075 jsc#SLE-7407)
s390x-s390-virtio-ccw-Fix-build-on-syste.patch
OBS-URL: https://build.opensuse.org/request/show/795118
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=542
- Expose pschange-mc-no "feature", indicating CPU does not have
the page size change machine check vulnerability (CVE-2018-12207
bsc#1155812)
target-i386-add-PSCHANGE_NO-bit-for-the-.patch
- Expose taa-no "feature", indicating CPU does not have the
TSX Async Abort vulnerability. (CVE-2019-11135 bsc#1152506)
target-i386-Export-TAA_NO-bit-to-guests.patch
Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.1
OBS-URL: https://build.opensuse.org/request/show/749743
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=512
Update to v4.1.0. Also includes other major packaging changes as follows:
There is a new package maintenance workflow - see README.PACKAGING for details.
The sibling packages qemu-linux-user and qemu-testsuite are now created with the Build Service's MultiBuild feature. This also necessitates combining the qemu-linux-user changelog content back into qemu's. Luckily the delta there is quite small. Note that the qemu spec file is now that much busier, but added section markers should help reduce the confusion. Also qemu is being enabled for RISCV host compatibility, so some changes are related to that as well.
OBS-URL: https://build.opensuse.org/request/show/730437
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=487
- Modify update_git.sh script:
pass --zero-commit to format-patch
This removes needless noise in the buildservice when the same set
of patches is imported/exported at different times by different users.
pass --no-signature to format-patch
Remove sed call which used to remove the signature, use mv instead
This SR does no include the noise of the all-zero hashes.
OBS-URL: https://build.opensuse.org/request/show/662675
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=442
