Browse Source

[app-emulation/qemu] version bump

master
Robert Förster 8 years ago
parent
commit
6004e2b78c
  1. 2
      app-emulation/qemu/Manifest
  2. 40
      app-emulation/qemu/files/qemu-2.0.0-CVE-2013-4541.patch
  3. 48
      app-emulation/qemu/files/qemu-2.0.0-CVE-2014-0222.patch
  4. 57
      app-emulation/qemu/files/qemu-2.0.0-CVE-2014-0223.patch
  5. 52
      app-emulation/qemu/files/qemu-2.0.0-qcow-check-max-sizes.patch
  6. 41
      app-emulation/qemu/files/qemu-2.0.0-usb-post-load-checks.patch
  7. 30
      app-emulation/qemu/files/qemu-9999-virtfs-proxy-helper-accept.patch
  8. 54
      app-emulation/qemu/files/qemu-binfmt.initd-r1
  9. 3
      app-emulation/qemu/files/qemu-kvm-1.4
  10. 129
      app-emulation/qemu/qemu-2.1.0.ebuild

2
app-emulation/qemu/Manifest

@ -1 +1 @@
DIST qemu-2.0.0.tar.bz2 12839647 SHA256 60cc1aa0cad39cec891f970bed60ca8a484f071adad4943123599ac223543a3b SHA512 8fe2e8faa66251aaea7d6017ee71675d5b05f93f92be7e2ad3e1d02af185b3d6c4069bd83a13fb1e35a3e8947aff76f22446b395f97ac18b6f7a99744202e3fa WHIRLPOOL 6b39916acdcaa5e22510afec8a972935e71064de9ff0a3f9a698a8142f66b130a24d0a38cc56a7a92dbdc78d5145abe743a9c6933f819ce9e682b7cffdac1508
DIST qemu-2.1.0.tar.bz2 23563306 SHA256 397e23184f4bf613589a8fe0c6542461dc2afdf17ed337e97e6fd2f31e8f8802 SHA512 8c00fd61432420229d762fa2ccf91cb8cec20206e2ec02ab2df13c6b3b9de7605fbfacb0fadd21f20f13c1de4c5216d8b11538738c0d0e5094582ded7c668f2e WHIRLPOOL 9d28aab8e20a5a60e85709d7a192a45425605693e54452f54decd65ecc77b504f1bc6ff60f5e9428314fb04911f966753f39a189adc8aa85776fd3c49b5a6858

40
app-emulation/qemu/files/qemu-2.0.0-CVE-2013-4541.patch

@ -1,40 +0,0 @@
From 9f8e9895c504149d7048e9fc5eb5cbb34b16e49a Mon Sep 17 00:00:00 2001
From: "Michael S. Tsirkin" <mst@redhat.com>
Date: Thu, 3 Apr 2014 19:52:25 +0300
Subject: [PATCH] usb: sanity check setup_index+setup_len in post_load
CVE-2013-4541
s->setup_len and s->setup_index are fed into usb_packet_copy as
size/offset into s->data_buf, it's possible for invalid state to exploit
this to load arbitrary data.
setup_len and setup_index should be checked to make sure
they are not negative.
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
---
hw/usb/bus.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/hw/usb/bus.c b/hw/usb/bus.c
index fe70429..e48b19f 100644
--- a/hw/usb/bus.c
+++ b/hw/usb/bus.c
@@ -49,7 +49,9 @@ static int usb_device_post_load(void *opaque, int version_id)
} else {
dev->attached = 1;
}
- if (dev->setup_index >= sizeof(dev->data_buf) ||
+ if (dev->setup_index < 0 ||
+ dev->setup_len < 0 ||
+ dev->setup_index >= sizeof(dev->data_buf) ||
dev->setup_len >= sizeof(dev->data_buf)) {
return -EINVAL;
}
--
1.9.3

48
app-emulation/qemu/files/qemu-2.0.0-CVE-2014-0222.patch

@ -1,48 +0,0 @@
From 42eb58179b3b215bb507da3262b682b8a2ec10b5 Mon Sep 17 00:00:00 2001
From: Kevin Wolf <kwolf@redhat.com>
Date: Thu, 15 May 2014 16:10:11 +0200
Subject: [PATCH] qcow1: Validate L2 table size (CVE-2014-0222)
Too large L2 table sizes cause unbounded allocations. Images actually
created by qemu-img only have 512 byte or 4k L2 tables.
To keep things consistent with cluster sizes, allow ranges between 512
bytes and 64k (in fact, down to 1 entry = 8 bytes is technically
working, but L2 table sizes smaller than a cluster don't make a lot of
sense).
This also means that the number of bytes on the virtual disk that are
described by the same L2 table is limited to at most 8k * 64k or 2^29,
preventively avoiding any integer overflows.
Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
---
block/qcow.c | 8 ++++++++
tests/qemu-iotests/092 | 15 +++++++++++++++
tests/qemu-iotests/092.out | 11 +++++++++++
3 files changed, 34 insertions(+)
diff --git a/block/qcow.c b/block/qcow.c
index e60df23..e8038e5 100644
--- a/block/qcow.c
+++ b/block/qcow.c
@@ -139,6 +139,14 @@ static int qcow_open(BlockDriverState *bs, QDict *options, int flags,
goto fail;
}
+ /* l2_bits specifies number of entries; storing a uint64_t in each entry,
+ * so bytes = num_entries << 3. */
+ if (header.l2_bits < 9 - 3 || header.l2_bits > 16 - 3) {
+ error_setg(errp, "L2 table size must be between 512 and 64k");
+ ret = -EINVAL;
+ goto fail;
+ }
+
if (header.crypt_method > QCOW_CRYPT_AES) {
error_setg(errp, "invalid encryption method in qcow header");
ret = -EINVAL;
--
1.9.3

57
app-emulation/qemu/files/qemu-2.0.0-CVE-2014-0223.patch

@ -1,57 +0,0 @@
From 46485de0cb357b57373e1ca895adedf1f3ed46ec Mon Sep 17 00:00:00 2001
From: Kevin Wolf <kwolf@redhat.com>
Date: Thu, 8 May 2014 13:08:20 +0200
Subject: [PATCH] qcow1: Validate image size (CVE-2014-0223)
A huge image size could cause s->l1_size to overflow. Make sure that
images never require a L1 table larger than what fits in s->l1_size.
This cannot only cause unbounded allocations, but also the allocation of
a too small L1 table, resulting in out-of-bounds array accesses (both
reads and writes).
Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block/qcow.c | 16 ++++++++++++++--
tests/qemu-iotests/092 | 9 +++++++++
tests/qemu-iotests/092.out | 7 +++++++
3 files changed, 30 insertions(+), 2 deletions(-)
diff --git a/block/qcow.c b/block/qcow.c
index e8038e5..3566c05 100644
--- a/block/qcow.c
+++ b/block/qcow.c
@@ -61,7 +61,7 @@ typedef struct BDRVQcowState {
int cluster_sectors;
int l2_bits;
int l2_size;
- int l1_size;
+ unsigned int l1_size;
uint64_t cluster_offset_mask;
uint64_t l1_table_offset;
uint64_t *l1_table;
@@ -166,7 +166,19 @@ static int qcow_open(BlockDriverState *bs, QDict *options, int flags,
/* read the level 1 table */
shift = s->cluster_bits + s->l2_bits;
- s->l1_size = (header.size + (1LL << shift) - 1) >> shift;
+ if (header.size > UINT64_MAX - (1LL << shift)) {
+ error_setg(errp, "Image too large");
+ ret = -EINVAL;
+ goto fail;
+ } else {
+ uint64_t l1_size = (header.size + (1LL << shift) - 1) >> shift;
+ if (l1_size > INT_MAX / sizeof(uint64_t)) {
+ error_setg(errp, "Image too large");
+ ret = -EINVAL;
+ goto fail;
+ }
+ s->l1_size = l1_size;
+ }
s->l1_table_offset = header.l1_table_offset;
s->l1_table = g_malloc(s->l1_size * sizeof(uint64_t));
--
1.9.3

52
app-emulation/qemu/files/qemu-2.0.0-qcow-check-max-sizes.patch

@ -1,52 +0,0 @@
From 7159a45b2bf2dcb9f49f1e27d1d3d135a0247a2f Mon Sep 17 00:00:00 2001
From: Kevin Wolf <kwolf@redhat.com>
Date: Wed, 7 May 2014 17:30:30 +0200
Subject: [PATCH] qcow1: Check maximum cluster size
Huge values for header.cluster_bits cause unbounded allocations (e.g.
for s->cluster_cache) and crash qemu this way. Less huge values may
survive those allocations, but can cause integer overflows later on.
The only cluster sizes that qemu can create are 4k (for standalone
images) and 512 (for images with backing files), so we can limit it
to 64k.
Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
---
block/qcow.c | 10 ++++++--
tests/qemu-iotests/092 | 63 ++++++++++++++++++++++++++++++++++++++++++++++
tests/qemu-iotests/092.out | 13 ++++++++++
tests/qemu-iotests/group | 1 +
4 files changed, 85 insertions(+), 2 deletions(-)
create mode 100755 tests/qemu-iotests/092
create mode 100644 tests/qemu-iotests/092.out
diff --git a/block/qcow.c b/block/qcow.c
index 3684794..e60df23 100644
--- a/block/qcow.c
+++ b/block/qcow.c
@@ -128,11 +128,17 @@ static int qcow_open(BlockDriverState *bs, QDict *options, int flags,
goto fail;
}
- if (header.size <= 1 || header.cluster_bits < 9) {
- error_setg(errp, "invalid value in qcow header");
+ if (header.size <= 1) {
+ error_setg(errp, "Image size is too small (must be at least 2 bytes)");
ret = -EINVAL;
goto fail;
}
+ if (header.cluster_bits < 9 || header.cluster_bits > 16) {
+ error_setg(errp, "Cluster size must be between 512 and 64k");
+ ret = -EINVAL;
+ goto fail;
+ }
+
if (header.crypt_method > QCOW_CRYPT_AES) {
error_setg(errp, "invalid encryption method in qcow header");
ret = -EINVAL;
--
1.9.3

41
app-emulation/qemu/files/qemu-2.0.0-usb-post-load-checks.patch

@ -1,41 +0,0 @@
https://bugs.gentoo.org/510208
From 719ffe1f5f72b1c7ace4afe9ba2815bcb53a829e Mon Sep 17 00:00:00 2001
From: "Michael S. Tsirkin" <mst@redhat.com>
Date: Tue, 13 May 2014 12:33:16 +0300
Subject: [PATCH] usb: fix up post load checks
Correct post load checks:
1. dev->setup_len == sizeof(dev->data_buf)
seems fine, no need to fail migration
2. When state is DATA, passing index > len
will cause memcpy with negative length,
resulting in heap overflow
First of the issues was reported by dgilbert.
Reported-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
---
hw/usb/bus.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/usb/bus.c b/hw/usb/bus.c
index 699aa10..927a47b 100644
--- a/hw/usb/bus.c
+++ b/hw/usb/bus.c
@@ -51,8 +51,8 @@ static int usb_device_post_load(void *opaque, int version_id)
}
if (dev->setup_index < 0 ||
dev->setup_len < 0 ||
- dev->setup_index >= sizeof(dev->data_buf) ||
- dev->setup_len >= sizeof(dev->data_buf)) {
+ dev->setup_index > dev->setup_len ||
+ dev->setup_len > sizeof(dev->data_buf)) {
return -EINVAL;
}
return 0;
--
1.9.3

30
app-emulation/qemu/files/qemu-9999-virtfs-proxy-helper-accept.patch

@ -1,30 +0,0 @@
From c5970614489e385e69667f1f323421442a7a46c0 Mon Sep 17 00:00:00 2001
From: Tim Comer <comer0@gmail.com>
Date: Sat, 19 Apr 2014 12:51:42 -0400
Subject: [PATCH] virtfs-proxy-helper: fix call to accept
The current code calls accept() without initializing the size parameter
which means the accept call might write too much to the stack.
URL: https://bugs.gentoo.org/486714
Signed-off-by: Tim Comer <comer0@gmail.com>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
---
fsdev/virtfs-proxy-helper.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c
index bfecb87..cd291d3 100644
--- a/fsdev/virtfs-proxy-helper.c
+++ b/fsdev/virtfs-proxy-helper.c
@@ -760,6 +760,7 @@ static int proxy_socket(const char *path, uid_t uid, gid_t gid)
return -1;
}
+ size = sizeof(qemu);
client = accept(sock, (struct sockaddr *)&qemu, &size);
if (client < 0) {
do_perror("accept");
--
1.9.2

54
app-emulation/qemu/files/qemu-binfmt.initd-r1

@ -1,16 +1,22 @@
#!/sbin/runscript
# Copyright 1999-2013 Gentoo Foundation
# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/app-emulation/qemu/files/qemu-binfmt.initd-r1,v 1.3 2013/02/17 22:05:22 vapier Exp $
# $Header: /var/cvsroot/gentoo-x86/app-emulation/qemu/files/qemu-binfmt.initd-r1,v 1.5 2014/08/04 06:47:22 vapier Exp $
# enable automatic i386/ARM/M68K/MIPS/SPARC/PPC/s390 program execution by the kernel
# Defaulting to OC should be safe because it comes down to:
# - do we trust the interp itself to not be malicious? yes; we built it.
# - do we trust the programs we're running? ish; same permission as native
# binaries apply. so if user can do bad stuff natively, cross isn't worse.
: ${QEMU_BINFMT_FLAGS:=OC}
depend() {
after procfs
}
start() {
ebegin "Registering qemu-user binaries"
ebegin "Registering qemu-user binaries (flags: ${QEMU_BINFMT_FLAGS})"
if [ ! -d /proc/sys/fs/binfmt_misc ] ; then
modprobe -q binfmt_misc
@ -50,55 +56,58 @@ start() {
# register the interpreter for each cpu except for the native one
if [ $cpu != "i386" -a -x "/usr/bin/qemu-i386" ] ; then
echo ':i386:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x03\x00:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-i386:P' > /proc/sys/fs/binfmt_misc/register
echo ':i486:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x06\x00:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-i386:P' > /proc/sys/fs/binfmt_misc/register
echo ':i386:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x03\x00:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-i386:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
echo ':i486:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x06\x00:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-i386:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
fi
if [ $cpu != "alpha" -a -x "/usr/bin/qemu-alpha" ] ; then
echo ':alpha:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x26\x90:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-alpha:P' > /proc/sys/fs/binfmt_misc/register
echo ':alpha:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x26\x90:\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-alpha:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
fi
if [ $cpu != "arm" -a -x "/usr/bin/qemu-arm" ] ; then
echo ':arm:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff:/usr/bin/qemu-arm:P' > /proc/sys/fs/binfmt_misc/register
echo ':arm:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff:/usr/bin/qemu-arm:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
fi
if [ $cpu != "arm" -a -x "/usr/bin/qemu-armeb" ] ; then
echo ':armeb:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-armeb:P' > /proc/sys/fs/binfmt_misc/register
echo ':armeb:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-armeb:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
fi
if [ $cpu != "aarch64" -a -x "/usr/bin/qemu-aarch64" ] ; then
echo ':aarch64:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-aarch64:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
fi
if [ $cpu != "sparc" -a -x "/usr/bin/qemu-sparc" ] ; then
echo ':sparc:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x02:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-sparc:P' > /proc/sys/fs/binfmt_misc/register
echo ':sparc:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x02:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-sparc:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
fi
if [ $cpu != "ppc" -a -x "/usr/bin/qemu-ppc" ] ; then
echo ':ppc:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x14:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-ppc:P' > /proc/sys/fs/binfmt_misc/register
echo ':ppc:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x14:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-ppc:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
fi
if [ $cpu != "m68k" -a -x "/usr/bin/qemu-m68k" ] ; then
echo 'Please check cpu value and header information for m68k!'
echo ':m68k:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-m68k:P' > /proc/sys/fs/binfmt_misc/register
#echo 'Please check cpu value and header information for m68k!'
echo ':m68k:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-m68k:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
fi
if [ $cpu != "mips" -a -x "/usr/bin/qemu-mips" ] ; then
# FIXME: We could use the other endianness on a MIPS host.
echo ':mips:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mips:P' > /proc/sys/fs/binfmt_misc/register
echo ':mips:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mips:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
fi
if [ $cpu != "mips" -a -x "/usr/bin/qemu-mipsel" ] ; then
echo ':mipsel:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mipsel:P' > /proc/sys/fs/binfmt_misc/register
echo ':mipsel:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mipsel:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
fi
if [ $cpu != "mips" -a -x "/usr/bin/qemu-mipsn32" ] ; then
echo ':mipsn32:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mipsn32:P' > /proc/sys/fs/binfmt_misc/register
echo ':mipsn32:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mipsn32:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
fi
if [ $cpu != "mips" -a -x "/usr/bin/qemu-mipsn32el" ] ; then
echo ':mipsn32el:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mipsn32el:P' > /proc/sys/fs/binfmt_misc/register
echo ':mipsn32el:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mipsn32el:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
fi
if [ $cpu != "mips" -a -x "/usr/bin/qemu-mips64" ] ; then
echo ':mips64:M::\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mips64:P' > /proc/sys/fs/binfmt_misc/register
echo ':mips64:M::\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-mips64:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
fi
if [ $cpu != "mips" -a -x "/usr/bin/qemu-mips64el" ] ; then
echo ':mips64el:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mips64el:P' > /proc/sys/fs/binfmt_misc/register
echo ':mips64el:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-mips64el:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
fi
if [ $cpu != "sh" -a -x "/usr/bin/qemu-sh4" ] ; then
echo ':sh4:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2a\x00:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-sh4:P' > /proc/sys/fs/binfmt_misc/register
echo ':sh4:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2a\x00:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-sh4:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
fi
if [ $cpu != "sh" -a -x "/usr/bin/qemu-sh4eb" ] ; then
echo ':sh4eb:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2a:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-sh4eb:P' > /proc/sys/fs/binfmt_misc/register
echo ':sh4eb:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2a:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-sh4eb:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
fi
if [ $cpu != "s390x" -a -x "/usr/local/bin/qemu-s390x" ] ; then
echo ':s390x:M::\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x16:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/local/bin/qemu-s390x:P' > /proc/sys/fs/binfmt_misc/register
if [ $cpu != "s390x" -a -x "/usr/bin/qemu-s390x" ] ; then
echo ':s390x:M::\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x16:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-s390x:'"${QEMU_BINFMT_FLAGS}" > /proc/sys/fs/binfmt_misc/register
fi
eend $?
}
@ -110,6 +119,7 @@ stop() {
arches="${arches} i386 i486"
arches="${arches} alpha"
arches="${arches} arm armeb"
arches="${arches} aarch64"
arches="${arches} sparc"
arches="${arches} ppc"
arches="${arches} m68k"

3
app-emulation/qemu/files/qemu-kvm-1.4

@ -1,3 +0,0 @@
#!/bin/sh
exec /usr/bin/qemu-system-x86_64 -machine accel=kvm "$@"

129
app-emulation/qemu/qemu-2.0.0-r1.ebuild → app-emulation/qemu/qemu-2.1.0.ebuild

@ -1,9 +1,11 @@
# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/app-emulation/qemu/qemu-2.0.0-r1.ebuild,v 1.2 2014/05/31 16:14:44 vapier Exp $
# $Header: /var/cvsroot/gentoo-x86/app-emulation/qemu/qemu-2.1.0.ebuild,v 1.1 2014/08/04 06:45:21 vapier Exp $
EAPI=5
#MY_P="${P/_/-}"
PYTHON_COMPAT=( python{2_6,2_7} )
PYTHON_REQ_USE="ncurses,readline"
@ -31,10 +33,10 @@ LICENSE="GPL-2 LGPL-2 BSD-2"
SLOT="0"
IUSE="accessibility +aio alsa bluetooth +caps +curl debug +fdt glusterfs \
gtk iscsi +jpeg \
kernel_linux kernel_FreeBSD ncurses opengl +png pulseaudio python \
rbd sasl +seccomp sdl selinux smartcard spice ssh static static-softmmu \
static-user systemtap tci test +threads tls usb usbredir +uuid vde +vhost-net \
virtfs +vnc xattr xen xfs"
kernel_linux kernel_FreeBSD lzo ncurses nls numa opengl +png pulseaudio python \
rbd sasl +seccomp sdl selinux smartcard snappy spice ssh static static-softmmu \
static-user systemtap tci test +threads tpm tls usb usbredir +uuid vde \
+vhost-net virtfs +vnc xattr xen xfs"
COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel mips
mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc sparc64 unicore32
@ -71,12 +73,14 @@ SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND}
fdt? ( >=sys-apps/dtc-1.4.0[static-libs(+)] )
glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] )
jpeg? ( virtual/jpeg[static-libs(+)] )
lzo? ( dev-libs/lzo[static-libs(+)] )
ncurses? ( sys-libs/ncurses[static-libs(+)] )
png? ( media-libs/libpng[static-libs(+)] )
rbd? ( sys-cluster/ceph[static-libs(+)] )
sasl? ( dev-libs/cyrus-sasl[static-libs(+)] )
sdl? ( >=media-libs/libsdl-1.2.11[static-libs(+)] )
seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] )
snappy? ( app-arch/snappy[static-libs(+)] )
spice? ( >=app-emulation/spice-0.12.0[static-libs(+)] )
ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] )
tls? ( net-libs/gnutls[static-libs(+)] )
@ -123,6 +127,7 @@ DEPEND="${RDEPEND}
sys-apps/texinfo
virtual/pkgconfig
kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 )
gtk? ( nls? ( sys-devel/gettext ) )
static-softmmu? ( ${SOFTMMU_LIB_DEPEND} )
static-user? ( ${USER_LIB_DEPEND} )
test? (
@ -228,19 +233,18 @@ pkg_setup() {
enewgroup kvm 78
}
#S="${WORKDIR}/${MY_P}"
src_prepare() {
# Alter target makefiles to accept CFLAGS set via flag-o
sed -i -r \
-e 's/^(C|OP_C|HELPER_C)FLAGS=/\1FLAGS+=/' \
Makefile Makefile.target || die
# Cheap hack to disable gettext .mo generation.
use nls || rm -f po/*.po
epatch "${FILESDIR}"/qemu-1.7.0-cflags.patch
epatch "${FILESDIR}"/qemu-9999-virtfs-proxy-helper-accept.patch #486714
epatch "${FILESDIR}"/${P}-CVE-2013-4541.patch #510208
epatch "${FILESDIR}"/${P}-usb-post-load-checks.patch #510208
epatch "${FILESDIR}"/${P}-qcow-check-max-sizes.patch #510234
epatch "${FILESDIR}"/${P}-CVE-2014-0222.patch #510234
epatch "${FILESDIR}"/${P}-CVE-2014-0223.patch #510234
[[ -n ${BACKPORTS} ]] && \
EPATCH_FORCE=yes EPATCH_SUFFIX="patch" EPATCH_SOURCE="${S}/patches" \
epatch
@ -301,11 +305,15 @@ qemu_src_configure() {
--disable-curses
--disable-kvm
--disable-libiscsi
--disable-lzo
--disable-glusterfs
--disable-numa
--disable-snappy
--disable-seccomp
--disable-sdl
--disable-smartcard-nss
--disable-tools
--disable-tpm
--disable-vde
--disable-libssh2
--disable-libusb
@ -329,15 +337,19 @@ qemu_src_configure() {
$(use_enable iscsi libiscsi)
$(use_enable jpeg vnc-jpeg)
$(use_enable kernel_linux kvm)
$(use_enable lzo)
$(use_enable ncurses curses)
$(use_enable numa)
$(use_enable opengl glx)
$(use_enable png vnc-png)
$(use_enable rbd)
$(use_enable sasl vnc-sasl)
$(use_enable seccomp)
$(use_enable smartcard smartcard-nss)
$(use_enable snappy)
$(use_enable spice)
$(use_enable ssh libssh2)
$(use_enable tpm)
$(use_enable tls vnc-tls)
$(use_enable tls vnc-ws)
$(use_enable usb libusb)
@ -433,6 +445,7 @@ src_compile() {
src_test() {
if [[ -n ${softmmu_targets} ]]; then
cd "${S}/softmmu-build"
pax-mark m */qemu-system-* #515550
emake -j1 check
emake -j1 check-report.html
fi
@ -490,58 +503,58 @@ src_install() {
dodoc docs/qmp/*.txt
# Remove SeaBIOS since we're using the SeaBIOS packaged ones
rm "${ED}/usr/share/qemu/bios.bin"
rm "${ED}/usr/share/qemu/bios-256k.bin"
rm "${ED}/usr/share/qemu/kvmvapic.bin"
rm "${ED}/usr/share/qemu/linuxboot.bin"
rm "${ED}/usr/share/qemu/multiboot.bin"
rm "${ED}/usr/share/qemu/acpi-dsdt.aml"
rm "${ED}/usr/share/qemu/q35-acpi-dsdt.aml"
if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
dosym ../seabios/bios.bin /usr/share/qemu/bios.bin
dosym ../seabios/bios-256k.bin /usr/share/qemu/bios-256k.bin
dosym ../seabios/kvmvapic.bin /usr/share/qemu/kvmvapic.bin
dosym ../seabios/linuxboot.bin /usr/share/qemu/linuxboot.bin
dosym ../seabios/multiboot.bin /usr/share/qemu/multiboot.bin
dosym ../seabios/acpi-dsdt.aml /usr/share/qemu/acpi-dsdt.aml
dosym ../seabios/q35-acpi-dsdt.aml /usr/share/qemu/q35-acpi-dsdt.aml
fi
if [[ -n ${softmmu_targets} ]]; then
rm "${ED}/usr/share/qemu/bios.bin"
rm "${ED}/usr/share/qemu/bios-256k.bin"
rm "${ED}/usr/share/qemu/kvmvapic.bin"
rm "${ED}/usr/share/qemu/linuxboot.bin"
rm "${ED}/usr/share/qemu/multiboot.bin"
rm "${ED}/usr/share/qemu/acpi-dsdt.aml"
rm "${ED}/usr/share/qemu/q35-acpi-dsdt.aml"
if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
dosym ../seabios/bios.bin /usr/share/qemu/bios.bin
dosym ../seabios/bios-256k.bin /usr/share/qemu/bios-256k.bin
dosym ../seabios/kvmvapic.bin /usr/share/qemu/kvmvapic.bin
dosym ../seabios/linuxboot.bin /usr/share/qemu/linuxboot.bin
dosym ../seabios/multiboot.bin /usr/share/qemu/multiboot.bin
dosym ../seabios/acpi-dsdt.aml /usr/share/qemu/acpi-dsdt.aml
dosym ../seabios/q35-acpi-dsdt.aml /usr/share/qemu/q35-acpi-dsdt.aml
fi
# Remove vgabios since we're using the seabios packaged one
rm "${ED}/usr/share/qemu/vgabios-cirrus.bin"
rm "${ED}/usr/share/qemu/vgabios-qxl.bin"
rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
rm "${ED}/usr/share/qemu/vgabios-vmware.bin"
if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
dosym ../seabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
dosym ../seabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
dosym ../seabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
dosym ../seabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
fi
# Remove vgabios since we're using the seabios packaged one
rm "${ED}/usr/share/qemu/vgabios-cirrus.bin"
rm "${ED}/usr/share/qemu/vgabios-qxl.bin"
rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
rm "${ED}/usr/share/qemu/vgabios-vmware.bin"
if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
dosym ../seabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
dosym ../seabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
dosym ../seabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
dosym ../seabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
fi
# Remove sgabios since we're using the sgabios packaged one
rm "${ED}/usr/share/qemu/sgabios.bin"
if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
dosym ../sgabios/sgabios.bin /usr/share/qemu/sgabios.bin
fi
# Remove sgabios since we're using the sgabios packaged one
rm "${ED}/usr/share/qemu/sgabios.bin"
if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
dosym ../sgabios/sgabios.bin /usr/share/qemu/sgabios.bin
fi
# Remove iPXE since we're using the iPXE packaged one
rm "${ED}"/usr/share/qemu/pxe-*.rom
if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
dosym ../ipxe/8086100e.rom /usr/share/qemu/pxe-e1000.rom
dosym ../ipxe/80861209.rom /usr/share/qemu/pxe-eepro100.rom
dosym ../ipxe/10500940.rom /usr/share/qemu/pxe-ne2k_pci.rom
dosym ../ipxe/10222000.rom /usr/share/qemu/pxe-pcnet.rom
dosym ../ipxe/10ec8139.rom /usr/share/qemu/pxe-rtl8139.rom
dosym ../ipxe/1af41000.rom /usr/share/qemu/pxe-virtio.rom
# Remove iPXE since we're using the iPXE packaged one
rm "${ED}"/usr/share/qemu/pxe-*.rom
if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
dosym ../ipxe/8086100e.rom /usr/share/qemu/pxe-e1000.rom
dosym ../ipxe/80861209.rom /usr/share/qemu/pxe-eepro100.rom
dosym ../ipxe/10500940.rom /usr/share/qemu/pxe-ne2k_pci.rom
dosym ../ipxe/10222000.rom /usr/share/qemu/pxe-pcnet.rom
dosym ../ipxe/10ec8139.rom /usr/share/qemu/pxe-rtl8139.rom
dosym ../ipxe/1af41000.rom /usr/share/qemu/pxe-virtio.rom
fi
fi
qemu_support_kvm && readme.gentoo_create_doc
}
pkg_postinst() {
local virtfs_caps=
if qemu_support_kvm; then
readme.gentoo_print_elog
ewarn "Migration from qemu-kvm instances and loading qemu-kvm created"
@ -561,11 +574,11 @@ pkg_postinst() {
fi
fi
virtfs_caps+="cap_chown,cap_dac_override,cap_fowner,cap_fsetid,"
virtfs_caps+="cap_setgid,cap_mknod,cap_setuid"
fcaps cap_net_admin /usr/libexec/qemu-bridge-helper
use virtfs && fcaps ${virtfs_caps} /usr/bin/virtfs-proxy-helper
if use virtfs && [ -n "${softmmu_targets}" ]; then
local virtfs_caps="cap_chown,cap_dac_override,cap_fowner,cap_fsetid,cap_setgid,cap_mknod,cap_setuid"
fcaps ${virtfs_caps} /usr/bin/virtfs-proxy-helper
fi
}
pkg_info() {
Loading…
Cancel
Save