- Fix uninitialized variable in ipxe driver code (boo#1181922)
ath5k-Add-missing-AR5K_EEPROM_READ-in-at.patch
- Add a few improvements to the git-based package workflow scripts
- Include additional upstream patches designated as stable material
and reviewed for applicability to include here
blockjob-Fix-crash-with-IOthread-when-bl.patch
monitor-Fix-assertion-failure-on-shutdow.patch
qemu-nbd-Use-SOMAXCONN-for-socket-listen.patch
qemu-storage-daemon-Enable-object-add.patch
OBS-URL: https://build.opensuse.org/request/show/873002
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=617
- Switch the modules qemu-ui-display-gpu and qemu-ui-display-gpu-pci
from being an x86 only Recommends, to a Recommends for all arch's
except s390x (boo#1181350)
- Fix qemu-hw-usb-smartcard to not be a Recommends for s390x
- Minor spec file tweaks for compatibility with upcoming spec file
formatter
- Make note that this patch takes care of an OOB access in ARM
interrupt handling (CVE-2021-20221 bsc#1181933)
hw-intc-arm_gic-Fix-interrupt-ID-in-GICD.patch
OBS-URL: https://build.opensuse.org/request/show/870726
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=615
- Include upstream patches designated as stable material and
reviewed for applicability to include here
block-Separate-blk_is_writable-and-blk_s.patch
hw-intc-arm_gic-Fix-interrupt-ID-in-GICD.patch
hw-net-lan9118-Fix-RX-Status-FIFO-PEEK-v.patch
hw-timer-slavio_timer-Allow-64-bit-acces.patch
net-Fix-handling-of-id-in-netdev_add-and.patch
target-arm-Don-t-decode-insns-in-the-XSc.patch
target-arm-Fix-MTE0_ACTIVE.patch
target-arm-Introduce-PREDDESC-field-defi.patch
target-arm-Update-PFIRST-PNEXT-for-pred_.patch
target-arm-Update-REV-PUNPK-for-pred_des.patch
target-arm-Update-ZIP-UZP-TRN-for-pred_d.patch
tcg-Use-memset-for-large-vector-byte-rep.patch
ui-vnc-Add-missing-lock-for-send_color_m.patch
virtio-move-use-disabled-flag-property-t.patch
- binutils v2.36 has changed the handling of the assembler's
-mx86-used-note, resulting in a build failure. To compensate, we
now explicitly specify -mx86-used-note=no in the seabios Makefile
(boo#1181775)
build-be-explicit-about-mx86-used-note-n.patch
OBS-URL: https://build.opensuse.org/request/show/869843
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=614
- Fix issue of qemu crashing (abort called) when virtio-gpu device
is asked for and the qemu-hw-display-virtio-gpu package isn't
installed. (bsc#1181103)
module-for-virtio-gpu-pre-load-module-to.patch
- Add additional inter-module package dependencies, to reflect the
current module dependencies (see qemu source file: util/module.c)
- As of v3.1.0 virt-manager, new VM's are created by default with
audio/sound enabled, so it's time to reflect the need, at least
in the spice case, by having spice-audio available when spice in
general is used (boo#1180210 boo#1181132)
- Further refine package Recommends/Suggests based on architecture
- Remove no longer needed dependency on pwdutils (boo#1181235)
OBS-URL: https://build.opensuse.org/request/show/866169
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=605
- Convert qemu-kvm from a script to a symlink. This method of
invoking the QEMU emulator has been deprecated for some time,
but is still provided. It has as it's origins a version of QEMU
which had KVM acceleration enabled by default. In it's recent
incarnation it is a script which adds '-machine accel=kvm' to the
beginning of the list of command line options passed to the
emulator. This method collides with the now preferred method of
specifying acceleration options by using -accel. qemu-kvm is now
changed to simply be a symlink to the same QEMU binary which the
prior script exec'd. This new approach takes advantage of a built
in QEMU feature where if QEMU is invoked using a program name
ending in 'kvm', KVM emulation is enabled. This approach is
better in that it is more compatible with any other command line
option that may be added for specifying acceleration (not that
you should do that).
For those who have taken advantage of the fact that you can add
additional command line options to the qemu-kvm script, or doing
other things in that script you will just need to create an
alternate script "emulator" to achieve the same. It's possible
that there may be some very subtle behavioral difference in the
switch from a script to a symlink, but given that qemu-kvm is a
deprecated package, we're not going to worry about that.
OBS-URL: https://build.opensuse.org/request/show/862991
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=601
- Fix crash when spice used and the qemu-audio-spice package isn't
installed (boo#1180210)
audio-add-sanity-check.patch
- Add some stable patches from upstream
block-Fix-deadlock-in-bdrv_co_yield_to_d.patch
block-Fix-locking-in-qmp_block_resize.patch
block-nfs-fix-int-overflow-in-nfs_client.patch
block-Simplify-qmp_block_resize-error-pa.patch
build-no-pie-is-no-functional-linker-fla.patch
OBS-URL: https://build.opensuse.org/request/show/860516
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=599
- Update to v5.2.0: See http://wiki.qemu.org/ChangeLog/5.2
Take note that ongoing feature deprecation is tracked at both
http://wiki.qemu-project.org/Features/LegacyRemoval and in
the deprecated.html file installed with the qemu package
Some noteworthy changes:
* Dropped system emulators: qemu-system-lm32, qemu-system-unicore32
* Dropped linux user emulator: qemu-ppc64abi32
* Added linux user emulator: qemu-extensaeb
* Unicore32 and lm32 guest support dropped
* New sub-packages (most due to ongoing modularization of QEMU):
qemu-audio-spice, qemu-hw-chardev-spice, qemu-hw-display-virtio-vga,
qemu-hw-display-virtio-gpu, qemu-hw-display-virtio-gpu-pci,
qemu-ui-spice-core, qemu-ui-opengl, qemu-ivshmem-tools
* x86: A new KVM feature which improves the handling of asynchronous page
faults is available with -cpu ...,kvm-async-pf-int (requires Linux 5.8)
* s390: More instructions emulated under TCG
* PowerPC: nvdimm= machine option now functions correctly; misc improvements
* ARM: new boards: mps2-an386 (Cortex-M4 based) and mps2-an500
(Cortex-M7 based), raspi3ap (the Pi 3 model A+), raspi0 (the Pi Zero)
and raspi1ap (the Pi A+)
* RISC-V: OpenSBI v0.8 included by default; Generic OpenSBI platform used
when no -bios argument is supplied; Support for NUMA sockets on Virt
and Spike Machines; Support for migrating machines; misc improvements
* Misc NVMe improvements
* The 'vhost-user-blk' export type has been added, allowing
qemu-storage-daemon to act as a vhost-user-blk device backend
* The SMBIOS OEM strings can now come from a file
* 9pfs - misc performance related improvements
* virtiofs - misc improvements
* migration: The default migration bandwidth has been increased to 1Gbps
(users are still encouraged to tune it to their own hardware); The new
'calc-dirty-rate' and 'query-dirty-rate' QMP commands can help determine
the likelihood of precopy migration success; TLS+multifd now supported
for higher bandwidth encrypted migration; misc minor features added
* Misc minor block features added
* Misc doc improvements
* qemu-microvm subpackage change: the bios-microvm.bin is now SeaBIOS based,
and the qboot based on is now qboot.rom
* elf2dmp is no longer part of qemu-tools (it was never intended to be
a packaged binary)
* Some subpackages which were 'Requires' are now 'Recommends', allowing for
a smaller qemu packaging footprint if needed
* Patches dropped (included in release tarball, unless otherwise noted):
docs-fix-trace-docs-build-with-sphinx-3..patch (fixed differently)
hw-hyperv-vmbus-Fix-32bit-compilation.patch
linux-user-properly-test-for-infinite-ti.patch
Switch-order-of-libraries-for-mpath-supp.patch (fixed differently)
Conditionalize-ui-bitmap-installation-be.patch (fixed differently)
hw-usb-hcd-xhci-Fix-GCC-9-build-warning.patch (no longer using gcc9)
hw-usb-dev-mtp-Fix-GCC-9-build-warning.patch (no longer using gcc9)
roms-Makefile-enable-cross-compile-for-b.patch (fixed with different patch)
libvhost-user-handle-endianness-as-manda.patch
virtio-add-vhost-user-fs-ccw-device.patch
Fix-s-directive-argument-is-null-error.patch
build-Workaround-compilation-error-with-.patch
build-Be-explicit-about-fcommon-compiler.patch
intel-Avoid-spurious-compiler-warning-on.patch
golan-Add-explicit-type-casts-for-nodnic.patch
Do-not-apply-WORKAROUND_CFLAGS-for-host-.patch
ensure-headers-included-are-compatible-w.patch
Enable-cross-compile-prefix-for-C-compil.patch (fixed differently)
hw-net-net_tx_pkt-fix-assertion-failure-.patch
hw-net-xgmac-Fix-buffer-overflow-in-xgma.patch
s390x-protvirt-allow-to-IPL-secure-guest.patch
usb-fix-setup_len-init-CVE-2020-14364.patch
* Patches added:
meson-install-ivshmem-client-and-ivshmem.patch
Revert-roms-efirom-tests-uefi-test-tools.patch
Makefile-Don-t-check-pc-bios-as-pre-requ.patch
roms-Makefile-add-cross-file-to-qboot-me.patch
qboot-add-cross.ini-file-to-handle-aarch.patch
usb-Help-compiler-out-to-avoid-a-warning.patch
- In spec file, where reasonable, switch BuildRequires: XXX-devel
to be pkgconfig(XXX') instead
- No longer disable link time optimization for qemu for x86. It looks like
either the build service, qemu code changes and/or the switch to meson
have resolved issues previously seen there. We still see problems for
other architectures however.
- For the record, the following issues reported for SUSE SLE15-SP2
are either fixed in this current package, or are otherwise no longer
an issue: bsc#1172384 bsc#1174386 bsc#1174641 bsc#1174863 bsc#1175370
bsc#1175441 bsc#1176494 CVE-2020-13361 CVE-2020-14364 CVE-2020-15863
CVE-2020-16092 CVE-2020-24352
and the following feature requests are satisfied by this package:
jsc#SLE-13689 jsc#SEL-13780 jsc#SLE-13840
- To be more accurate, and to align with other qemu packaging
practices, rename the qemu-s390 package to qemu-s390x. The old
name (in the rpm namespace) is provided with a "Provides"
directive, and an "Obsoletes" done against that name for prior
qemu versions, as is standard practice (boo#1177764 jsc#SLE-17060)
- Take this opportunity to remove some ancient Split-Provides
mechanisms which can't conceivably be needed any more:
qemu-block-curl provided: qemu:%_libdir/%name/block-curl.so
qemu-guest-agent provided: qemu:%_bindir/qemu-ga
qemu-tools provided: qemu:%_libexecdir/qemu-bridge-helper
- Disable linux-user 'ls' test on 32 bit arm. It's failing with
"Allocating guest commpage: Cannot allocate memory" error, which
we should hunt down, but for now we don't want it to prevent the
package from being built
OBS-URL: https://build.opensuse.org/request/show/854151
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=597
- A patch has been applied to virt-manager to handle qemu spice
related modules not being present, so undo the change from Sep
30, 2020. Once again qemu-hw-display-qxl and qemu-hw-usb-redirect
are Recommends and not Required by the qemu package
(boo#1157320 boo#1176517, boo#1178141)
- For jsc#SLE-11629, change qemu, qemu-tools, and qemu-guest-agent
to rely on system-user-qemu and system-group-kvm to provide now
static system UIDs and GID's for qemu user and group, and kvm
group. This will make guest migration more seamless for new
installations since there is no chance of having required ID's
differ in value.
OBS-URL: https://build.opensuse.org/request/show/849129
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=589
- Note: As part of the "Close the Leap Gap" effort, it's been
decided that our SDL2 support in qemu is not worth trying
to maintain. Long ago SLE qemu stopped including SDL2 support and
now we will do the same for the openSUSE releases going forward.
Accordingly SDL2 options are now configured out, and the two sub-
packages which are SDL2 specific, namely qemu-audio-sdl and
qemu-ui-sdl, are no longer generated, and due to the rpm package
conflicts used for those packages, they will be uninstalled from
systems as qemu updates move forward
- Drop e2fsprogs-devel and libpcap-devel as BuildRequires packages.
They have not actually been needed to build qemu for a very long
time
- Add more forsplits files
OBS-URL: https://build.opensuse.org/request/show/843243
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=583
- In an effort to "Close the Leap Gap", remove use of is_opensuse
from the spec file, so that the same packages built for SLE can
be reused for Leap. Some sub-packages will not be included for
SLE which are included for Leap. They wil be provided in Package
Hub for SLE users as unsupported packages.
- Add infrastructure to do package splits when split-off package
isn't required and doesn't (otherwise) include any previously
installed files. This version of qemu has split out non-essential
functionality into loadable modules, as noted in Aug 20, 2020 log
entry, which describes the emergency Split-Provides. That approach
will be superseded by this planned approach, and those dummy doc
files will be removed in time
Here is the new mapping:
subpackage continuity file provided (files are dummies)
========== ============================================
qemu-chardev-baum /usr/share/qemu/forsplits/00
qemu-hw-display-qxl /usr/share/qemu/forsplits/01
qemu-hw-usb-redirect /usr/share/qemu/forsplits/02
qemu-hw-usb-smartcard /usr/share/qemu/forsplits/03
- Fix path of qemu-pr-helper. It was a mistake to move it from
%_bindir to _libexecdir. In more recent qemu code it's been moved
back, so undo this mistake by providing it at the same location
as it has been all along
OBS-URL: https://build.opensuse.org/request/show/833587
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=570
- Fix OOB access while processing USB packets (CVE-2020-14364
bsc#1175441)
usb-fix-setup_len-init-CVE-2020-14364.patch
- Re-sync openSUSE and SUSE SLE qemu packages. This changes file
is the openSUSE one with this entry providing the intervening
SLE CVE, JIRA, and bugzilla references, which are still addressed
in this package, and not yet called out in this changes file.
* CVE-2020-1983 CVE-2020-10761 CVE-2020-13361 CVE-2020-13362
CVE-2020-13659 CVE-2020-13800
* bsc#1167816 bsc#1170940 boo#1171712 bsc#1172383 bsc#1172384
bsc#1172386 bsc#1172495 bsc#1172710
* Patches dropped (SLE) (included in current release tarball):
exec-set-map-length-to-zero-when-returni.patch
i386-acpi-Remove-_HID-from-the-SMBus-ACP.patch
megasas-use-unsigned-type-for-reply_queu.patch
OBS-URL: https://build.opensuse.org/request/show/829656
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=566
- Fix OOB access while processing USB packets (CVE-2020-14364
bsc#1175441)
(somehow our script processing the patches stripped the first
character "u" - will address later)
sb-fix-setup_len-init-CVE-2020-14364.patch
- Re-sync openSUSE and SUSE SLE qemu packages. This changes file
is the openSUSE one with this entry providing the intervening
SLE CVE, JIRA, and bugzilla references, which are still addressed
in this package, and not yet called out in this changes file.
* CVE-2020-1983 CVE-2020-10761 CVE-2020-13361 CVE-2020-13362
CVE-2020-13659 CVE-2020-13800
* bsc#1167816 bsc#1170940 boo#1171712 bsc#1172383 bsc#1172384
bsc#1172386 bsc#1172495 bsc#1172710
* Patches dropped (SLE) (included in current release tarball):
exec-set-map-length-to-zero-when-returni.patch
i386-acpi-Remove-_HID-from-the-SMBus-ACP.patch
megasas-use-unsigned-type-for-reply_queu.patch
OBS-URL: https://build.opensuse.org/request/show/829654
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=565
- Fix compilation errors seen with pre-release gcc 11
atomic.h-change-method-for-removing-C-qu.patch
help-compiler-out-by-initializing-array.patch
s390x-Fix-stringop-truncation-issue-repo.patch
(also tweak needed to previous submission)
(also minor tweak to update_git.sh, which is needed to correctly handle the state of git repo sitting on actual release commit.
OBS-URL: https://build.opensuse.org/request/show/827680
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=560
- Updating to Sphinx v3.1.2 in Factory is exposing an issue in
qemu doc sources. Fix it
docs-fix-trace-docs-build-with-sphinx-3..patch
- Fix DoS possibility in ati-vga emulation (CVE-2020-13800
bsc#1172495)
ati-vga-check-mm_index-before-recursive-.patch
- Fix DoS possibility in Network Block Device (nbd) support
infrastructure (CVE-2020-10761 bsc#1172710)
nbd-server-Avoid-long-error-message-asse.patch
- Fix null pointer dereference possibility (DoS) in MegaRAID SAS
8708EM2 emulation (CVE-2020-13659 bsc#1172386)
exec-set-map-length-to-zero-when-returni.patch
- Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation
(CVE-2020-13362 bsc#1172383)
megasas-use-unsigned-type-for-reply_queu.patch
- Fix legacy IGD passthrough
hw-vfio-pci-quirks-Fix-broken-legacy-IGD.patch
- The latest gcc10 available in Factory has the fix for the
issue this patch was created to avoid, so drop it
build-Work-around-gcc10-bug-by-not-using.patch
- Switch to upstream versions of some patches we carry
add-enum-cast-to-avoid-gcc10-warning.patch
-> golan-Add-explicit-type-casts-for-nodnic.patch
Be-explicit-about-fcommon-compiler-direc.patch
-> build-Be-explicit-about-fcommon-compiler.patch
Do-not-apply-WORKAROUND_CFLAGS-for-host-.patch
-> build-Do-not-apply-WORKAROUND_CFLAGS-for.patch
Fix-s-directive-argument-is-null-error.patch
-> build-Fix-s-directive-argument-is-null-e.patch
Workaround-compilation-error-with-gcc-9..patch
-> build-Workaround-compilation-error-with-.patch
work-around-gcc10-problem-with-zero-leng.patch
-> intel-Avoid-spurious-compiler-warning-on.patch
- Fix vgabios issue for cirrus graphics emulation, which
effectively downgraded it to standard VGA behavior
vga-fix-cirrus-bios.patch
- Fix OOB access possibility in ES1370 audio device emulation
(CVE-2020-13361 bsc#1172384)
es1370-check-total-frame-count-against-c.patch
OBS-URL: https://build.opensuse.org/request/show/822154
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=553
- Fix DoS in virtiofsd, where a FUSE client could exhaust the
number of available open files on the host (CVE-2020-10717
bsc#1171110)
virtiofsd-add-rlimit-nofile-NUM-option.patch
virtiofsd-stay-below-fs.file-max-sysctl-.patch
- Add more fixes for gcc10 compatibility: Use NO_WERROR=1 when
building ipxe sources, at least until we get gcc10 compatibility
figured out. Also add patch for explicitly using -fcommon
(boo#1171140)
Be-explicit-about-fcommon-compiler-direc.patch
and fix for tighter enum compatibility checking (boo#1171139)
add-enum-cast-to-avoid-gcc10-warning.patch
and a work around for what seems to be a compiler regression
(boo#1171123)
work-around-gcc10-problem-with-zero-leng.patch
OBS-URL: https://build.opensuse.org/request/show/800526
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=549
- Include upstream patches targeted for the next stable release
(bug fixes only)
spapr-Fix-failure-path-for-attempting-to.patch
target-i386-do-not-set-unsupported-VMX-s.patch
target-xtensa-fix-pasto-in-pfwait.r-opco.patch
tcg-i386-Fix-INDEX_op_dup2_vec.patch
tcg-mips-mips-sync-encode-error.patch
vhost-user-gpu-Release-memory-returned-b.patch
vpc-Don-t-round-up-already-aligned-BAT-s.patch
xen-block-Fix-double-qlist-remove-and-re.patch
- Fix bug causing weak encryption in PAuth for ARM
(CVE-2020-10702 bsc#1168681)
target-arm-Fix-PAuth-sbox-functions.patch
- Fix OOB in tulip NIC emulation (CVE-2020-11102 bsc#1168713
net-tulip-check-frame-size-and-r-w-data-.patch
- Note that previously included patch addresses CVE-2020-1711
and bsc#1166240
iscsi-Cap-block-count-from-GET-LBA-STATU.patch
- Include performance improvement (and related?) patch
aio-wait-delegate-polling-of-main-AioCon.patch
async-use-explicit-memory-barriers.patch
- Rework previous patch at Olaf H.'s direction
hw-i386-disable-smbus-migration-for-xenf.patch
- Eliminate is_opensuse usage in producing seabios version string
what we are doing here is just replacing the upstream string
with one indicating that the openSUSE build service built it,
and so just leave it as "-rebuilt.opensuse.org"
- Alter algorithm used to produce "unique" symbol for coordinating
qemu with the optional modules it may load. This is a reasonable
relaxation for broader compatibility
configure-remove-pkgversion-from-CONFIG_.patch
- Tweak supported.*.txt for latest deprecations, and other fixes
- Tweak update_git.sh, config.sh
- One more fix is needed for: s390x Protected Virtualization support
- start and control guest in secure mode (bsc#1167075 jsc#SLE-7407)
s390x-s390-virtio-ccw-Fix-build-on-syste.patch
OBS-URL: https://build.opensuse.org/request/show/795118
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=542
- Include upstream patches targeted for the next stable release
(bug fixes only)
audio-oss-fix-buffer-pos-calculation.patch
blkdebug-Allow-taking-unsharing-permissi.patch
block-Add-bdrv_qapi_perm_to_blk_perm.patch
block-backup-top-fix-failure-path.patch
block-block-copy-fix-progress-calculatio.patch
block-fix-crash-on-zero-length-unaligned.patch
block-fix-memleaks-in-bdrv_refresh_filen.patch
block-Fix-VM-size-field-width-in-snapsho.patch
block-nbd-extract-the-common-cleanup-cod.patch
block-nbd-fix-memory-leak-in-nbd_open.patch
block-qcow2-threads-fix-qcow2_decompress.patch
hw-arm-cubieboard-use-ARM-Cortex-A8-as-t.patch
hw-intc-arm_gicv3_kvm-Stop-wrongly-progr.patch
iotests-add-test-for-backup-top-failure-.patch
iotests-Fix-nonportable-use-of-od-endian.patch
job-refactor-progress-to-separate-object.patch
target-arm-Correct-definition-of-PMCRDP.patch
target-arm-fix-TCG-leak-for-fcvt-half-do.patch
tpm-ppi-page-align-PPI-RAM.patch
vhost-user-blk-delete-virtioqueues-in-un.patch
virtio-add-ability-to-delete-vq-through-.patch
virtio-crypto-do-delete-ctrl_vq-in-virti.patch
virtio-pmem-do-delete-rq_vq-in-virtio_pm.patch
- Add Obsoletes directive for qemu-audio-sdl and qemu-ui-sdl since
for a qemu package upgrade from SLE12-SP5, support for SDL is
dropped
OBS-URL: https://build.opensuse.org/request/show/784401
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=534
