[app-emulation/qemu] version bump
This commit is contained in:
parent
27473cf3c1
commit
ca5eece1b5
@ -1 +1 @@
|
||||
DIST qemu-2.3.0.tar.bz2 24683085 SHA256 b6bab7f763d5be73e7cb5ee7d4c8365b7a8df2972c52fa5ded18893bd8281588 SHA512 7a40d213c5696b27784abd2a3119e49d42c38c923be431826c73a8f14c19074435d7f1a652686c53baf08e81f5a3005b2ddc92d67c32f6a2b19659ab627e9eaa WHIRLPOOL 9dad6e342027c3be512b4e0b40e810e0a6f1dc84a16847aa5aac74d97f7a347e60d42e770335a090f83e90a1614294f86552a84edc1faafc7093d3e32602f5de
|
||||
DIST qemu-2.4.0.tar.bz2 25070979 SHA256 72b0b991bbcc540663a019e1e8c4f714053b691dda32c9b9ee80b25f367e6620 SHA512 8740e0fb2c654ed897dff4649f1f83d14d57cfa9cbde723899f115982f93253ce9a2bddd60aab379d241027d2044137770efe4c0b3c83d5b20f3a2a06f05a5dc WHIRLPOOL 8c6cfae096624e01f0d5daeb86aa2dccbeaa86d2aeab626cf55cf20b7edace82d0b0f3a1d85eeb2dc1fd53abaaa9dccf8f0d7ddc657a1f5ffd72fd68301648f1
|
||||
|
@ -1,51 +0,0 @@
|
||||
https://bugs.gentoo.org/551752
|
||||
|
||||
From 9f7c594c006289ad41169b854d70f5da6e400a2a Mon Sep 17 00:00:00 2001
|
||||
From: Petr Matousek <pmatouse@redhat.com>
|
||||
Date: Sun, 24 May 2015 10:53:44 +0200
|
||||
Subject: [PATCH] pcnet: force the buffer access to be in bounds during tx
|
||||
|
||||
4096 is the maximum length per TMD and it is also currently the size of
|
||||
the relay buffer pcnet driver uses for sending the packet data to QEMU
|
||||
for further processing. With packet spanning multiple TMDs it can
|
||||
happen that the overall packet size will be bigger than sizeof(buffer),
|
||||
which results in memory corruption.
|
||||
|
||||
Fix this by only allowing to queue maximum sizeof(buffer) bytes.
|
||||
|
||||
This is CVE-2015-3209.
|
||||
|
||||
[Fixed 3-space indentation to QEMU's 4-space coding standard.
|
||||
--Stefan]
|
||||
|
||||
Signed-off-by: Petr Matousek <pmatouse@redhat.com>
|
||||
Reported-by: Matt Tait <matttait@google.com>
|
||||
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
|
||||
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
---
|
||||
hw/net/pcnet.c | 8 ++++++++
|
||||
1 file changed, 8 insertions(+)
|
||||
|
||||
diff --git a/hw/net/pcnet.c b/hw/net/pcnet.c
|
||||
index bdfd38f..68b9981 100644
|
||||
--- a/hw/net/pcnet.c
|
||||
+++ b/hw/net/pcnet.c
|
||||
@@ -1241,6 +1241,14 @@ static void pcnet_transmit(PCNetState *s)
|
||||
}
|
||||
|
||||
bcnt = 4096 - GET_FIELD(tmd.length, TMDL, BCNT);
|
||||
+
|
||||
+ /* if multi-tmd packet outsizes s->buffer then skip it silently.
|
||||
+ Note: this is not what real hw does */
|
||||
+ if (s->xmit_pos + bcnt > sizeof(s->buffer)) {
|
||||
+ s->xmit_pos = -1;
|
||||
+ goto txdone;
|
||||
+ }
|
||||
+
|
||||
s->phys_mem_read(s->dma_opaque, PHYSADDR(s, tmd.tbadr),
|
||||
s->buffer + s->xmit_pos, bcnt, CSR_BSWP(s));
|
||||
s->xmit_pos += bcnt;
|
||||
--
|
||||
2.2.0.rc0.207.ga3a616c
|
||||
|
@ -1,41 +0,0 @@
|
||||
From: Petr Matousek <pmatouse@redhat.com>
|
||||
Date: Wed, 17 Jun 2015 10:46:11 +0000 (+0200)
|
||||
Subject: i8254: fix out-of-bounds memory access in pit_ioport_read()
|
||||
X-Git-Tag: v2.4.0-rc0~43^2~9
|
||||
X-Git-Url: http://git.qemu.org/?p=qemu.git;a=commitdiff_plain;h=d4862a87e31a51de9eb260f25c9e99a75efe3235;hp=9dacf32d2cbd66cbcce7944ebdfd6b2df20e33b8
|
||||
|
||||
i8254: fix out-of-bounds memory access in pit_ioport_read()
|
||||
|
||||
Due converting PIO to the new memory read/write api we no longer provide
|
||||
separate I/O region lenghts for read and write operations. As a result,
|
||||
reading from PIT Mode/Command register will end with accessing
|
||||
pit->channels with invalid index.
|
||||
|
||||
Fix this by ignoring read from the Mode/Command register.
|
||||
|
||||
This is CVE-2015-3214.
|
||||
|
||||
Reported-by: Matt Tait <matttait@google.com>
|
||||
Fixes: 0505bcdec8228d8de39ab1a02644e71999e7c052
|
||||
Cc: qemu-stable@nongnu.org
|
||||
Signed-off-by: Petr Matousek <pmatouse@redhat.com>
|
||||
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||
---
|
||||
|
||||
diff --git a/hw/timer/i8254.c b/hw/timer/i8254.c
|
||||
index 3450c98..9b65a33 100644
|
||||
--- a/hw/timer/i8254.c
|
||||
+++ b/hw/timer/i8254.c
|
||||
@@ -196,6 +196,12 @@ static uint64_t pit_ioport_read(void *opaque, hwaddr addr,
|
||||
PITChannelState *s;
|
||||
|
||||
addr &= 3;
|
||||
+
|
||||
+ if (addr == 3) {
|
||||
+ /* Mode/Command register is write only, read is ignored */
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
s = &pit->channels[addr];
|
||||
if (s->status_latched) {
|
||||
s->status_latched = 0;
|
@ -1,86 +0,0 @@
|
||||
https://bugs.gentoo.org/549404
|
||||
|
||||
From e907746266721f305d67bc0718795fedee2e824c Mon Sep 17 00:00:00 2001
|
||||
From: Petr Matousek <pmatouse@redhat.com>
|
||||
Date: Wed, 6 May 2015 09:48:59 +0200
|
||||
Subject: [PATCH] fdc: force the fifo access to be in bounds of the allocated buffer
|
||||
|
||||
During processing of certain commands such as FD_CMD_READ_ID and
|
||||
FD_CMD_DRIVE_SPECIFICATION_COMMAND the fifo memory access could
|
||||
get out of bounds leading to memory corruption with values coming
|
||||
from the guest.
|
||||
|
||||
Fix this by making sure that the index is always bounded by the
|
||||
allocated memory.
|
||||
|
||||
This is CVE-2015-3456.
|
||||
|
||||
Signed-off-by: Petr Matousek <pmatouse@redhat.com>
|
||||
Reviewed-by: John Snow <jsnow@redhat.com>
|
||||
Signed-off-by: John Snow <jsnow@redhat.com>
|
||||
---
|
||||
hw/block/fdc.c | 17 +++++++++++------
|
||||
1 files changed, 11 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/hw/block/fdc.c b/hw/block/fdc.c
|
||||
index f72a392..d8a8edd 100644
|
||||
--- a/hw/block/fdc.c
|
||||
+++ b/hw/block/fdc.c
|
||||
@@ -1497,7 +1497,7 @@ static uint32_t fdctrl_read_data(FDCtrl *fdctrl)
|
||||
{
|
||||
FDrive *cur_drv;
|
||||
uint32_t retval = 0;
|
||||
- int pos;
|
||||
+ uint32_t pos;
|
||||
|
||||
cur_drv = get_cur_drv(fdctrl);
|
||||
fdctrl->dsr &= ~FD_DSR_PWRDOWN;
|
||||
@@ -1506,8 +1506,8 @@ static uint32_t fdctrl_read_data(FDCtrl *fdctrl)
|
||||
return 0;
|
||||
}
|
||||
pos = fdctrl->data_pos;
|
||||
+ pos %= FD_SECTOR_LEN;
|
||||
if (fdctrl->msr & FD_MSR_NONDMA) {
|
||||
- pos %= FD_SECTOR_LEN;
|
||||
if (pos == 0) {
|
||||
if (fdctrl->data_pos != 0)
|
||||
if (!fdctrl_seek_to_next_sect(fdctrl, cur_drv)) {
|
||||
@@ -1852,10 +1852,13 @@ static void fdctrl_handle_option(FDCtrl *fdctrl, int direction)
|
||||
static void fdctrl_handle_drive_specification_command(FDCtrl *fdctrl, int direction)
|
||||
{
|
||||
FDrive *cur_drv = get_cur_drv(fdctrl);
|
||||
+ uint32_t pos;
|
||||
|
||||
- if (fdctrl->fifo[fdctrl->data_pos - 1] & 0x80) {
|
||||
+ pos = fdctrl->data_pos - 1;
|
||||
+ pos %= FD_SECTOR_LEN;
|
||||
+ if (fdctrl->fifo[pos] & 0x80) {
|
||||
/* Command parameters done */
|
||||
- if (fdctrl->fifo[fdctrl->data_pos - 1] & 0x40) {
|
||||
+ if (fdctrl->fifo[pos] & 0x40) {
|
||||
fdctrl->fifo[0] = fdctrl->fifo[1];
|
||||
fdctrl->fifo[2] = 0;
|
||||
fdctrl->fifo[3] = 0;
|
||||
@@ -1955,7 +1958,7 @@ static uint8_t command_to_handler[256];
|
||||
static void fdctrl_write_data(FDCtrl *fdctrl, uint32_t value)
|
||||
{
|
||||
FDrive *cur_drv;
|
||||
- int pos;
|
||||
+ uint32_t pos;
|
||||
|
||||
/* Reset mode */
|
||||
if (!(fdctrl->dor & FD_DOR_nRESET)) {
|
||||
@@ -2004,7 +2007,9 @@ static void fdctrl_write_data(FDCtrl *fdctrl, uint32_t value)
|
||||
}
|
||||
|
||||
FLOPPY_DPRINTF("%s: %02x\n", __func__, value);
|
||||
- fdctrl->fifo[fdctrl->data_pos++] = value;
|
||||
+ pos = fdctrl->data_pos++;
|
||||
+ pos %= FD_SECTOR_LEN;
|
||||
+ fdctrl->fifo[pos] = value;
|
||||
if (fdctrl->data_pos == fdctrl->data_len) {
|
||||
/* We now have all parameters
|
||||
* and will be able to treat the command
|
||||
--
|
||||
1.7.0.4
|
||||
|
@ -1,75 +0,0 @@
|
||||
From d2ff85854512574e7209f295e87b0835d5b032c6 Mon Sep 17 00:00:00 2001
|
||||
From: Kevin Wolf <kwolf@redhat.com>
|
||||
Date: Sun, 26 Jul 2015 23:42:53 -0400
|
||||
Subject: [PATCH] ide: Check array bounds before writing to io_buffer
|
||||
(CVE-2015-5154)
|
||||
|
||||
If the end_transfer_func of a command is called because enough data has
|
||||
been read or written for the current PIO transfer, and it fails to
|
||||
correctly call the command completion functions, the DRQ bit in the
|
||||
status register and s->end_transfer_func may remain set. This allows the
|
||||
guest to access further bytes in s->io_buffer beyond s->data_end, and
|
||||
eventually overflowing the io_buffer.
|
||||
|
||||
One case where this currently happens is emulation of the ATAPI command
|
||||
START STOP UNIT.
|
||||
|
||||
This patch fixes the problem by adding explicit array bounds checks
|
||||
before accessing the buffer instead of relying on end_transfer_func to
|
||||
function correctly.
|
||||
|
||||
Cc: qemu-stable@nongnu.org
|
||||
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
|
||||
Reviewed-by: John Snow <jsnow@redhat.com>
|
||||
---
|
||||
hw/ide/core.c | 16 ++++++++++++++++
|
||||
1 file changed, 16 insertions(+)
|
||||
|
||||
diff --git a/hw/ide/core.c b/hw/ide/core.c
|
||||
index 122e955..44fcc23 100644
|
||||
--- a/hw/ide/core.c
|
||||
+++ b/hw/ide/core.c
|
||||
@@ -2021,6 +2021,10 @@ void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
|
||||
}
|
||||
|
||||
p = s->data_ptr;
|
||||
+ if (p + 2 > s->data_end) {
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
*(uint16_t *)p = le16_to_cpu(val);
|
||||
p += 2;
|
||||
s->data_ptr = p;
|
||||
@@ -2042,6 +2046,10 @@ uint32_t ide_data_readw(void *opaque, uint32_t addr)
|
||||
}
|
||||
|
||||
p = s->data_ptr;
|
||||
+ if (p + 2 > s->data_end) {
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
ret = cpu_to_le16(*(uint16_t *)p);
|
||||
p += 2;
|
||||
s->data_ptr = p;
|
||||
@@ -2063,6 +2071,10 @@ void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
|
||||
}
|
||||
|
||||
p = s->data_ptr;
|
||||
+ if (p + 4 > s->data_end) {
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
*(uint32_t *)p = le32_to_cpu(val);
|
||||
p += 4;
|
||||
s->data_ptr = p;
|
||||
@@ -2084,6 +2096,10 @@ uint32_t ide_data_readl(void *opaque, uint32_t addr)
|
||||
}
|
||||
|
||||
p = s->data_ptr;
|
||||
+ if (p + 4 > s->data_end) {
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
ret = cpu_to_le32(*(uint32_t *)p);
|
||||
p += 4;
|
||||
s->data_ptr = p;
|
@ -1,26 +0,0 @@
|
||||
From 03441c3a4a42beb25460dd11592539030337d0f8 Mon Sep 17 00:00:00 2001
|
||||
From: Kevin Wolf <kwolf@redhat.com>
|
||||
Date: Sun, 26 Jul 2015 23:42:53 -0400
|
||||
Subject: [PATCH] ide/atapi: Fix START STOP UNIT command completion
|
||||
|
||||
The command must be completed on all code paths. START STOP UNIT with
|
||||
pwrcnd set should succeed without doing anything.
|
||||
|
||||
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
|
||||
Reviewed-by: John Snow <jsnow@redhat.com>
|
||||
---
|
||||
hw/ide/atapi.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/hw/ide/atapi.c b/hw/ide/atapi.c
|
||||
index 950e311..79dd167 100644
|
||||
--- a/hw/ide/atapi.c
|
||||
+++ b/hw/ide/atapi.c
|
||||
@@ -983,6 +983,7 @@ static void cmd_start_stop_unit(IDEState *s, uint8_t* buf)
|
||||
|
||||
if (pwrcnd) {
|
||||
/* eject/load only happens for power condition == 0 */
|
||||
+ ide_atapi_cmd_ok(s);
|
||||
return;
|
||||
}
|
||||
|
@ -1,69 +0,0 @@
|
||||
From cb72cba83021fa42719e73a5249c12096a4d1cfc Mon Sep 17 00:00:00 2001
|
||||
From: Kevin Wolf <kwolf@redhat.com>
|
||||
Date: Sun, 26 Jul 2015 23:42:53 -0400
|
||||
Subject: [PATCH] ide: Clear DRQ after handling all expected accesses
|
||||
|
||||
This is additional hardening against an end_transfer_func that fails to
|
||||
clear the DRQ status bit. The bit must be unset as soon as the PIO
|
||||
transfer has completed, so it's better to do this in a central place
|
||||
instead of duplicating the code in all commands (and forgetting it in
|
||||
some).
|
||||
|
||||
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
|
||||
Reviewed-by: John Snow <jsnow@redhat.com>
|
||||
---
|
||||
hw/ide/core.c | 16 ++++++++++++----
|
||||
1 file changed, 12 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/hw/ide/core.c b/hw/ide/core.c
|
||||
index 44fcc23..50449ca 100644
|
||||
--- a/hw/ide/core.c
|
||||
+++ b/hw/ide/core.c
|
||||
@@ -2028,8 +2028,10 @@ void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
|
||||
*(uint16_t *)p = le16_to_cpu(val);
|
||||
p += 2;
|
||||
s->data_ptr = p;
|
||||
- if (p >= s->data_end)
|
||||
+ if (p >= s->data_end) {
|
||||
+ s->status &= ~DRQ_STAT;
|
||||
s->end_transfer_func(s);
|
||||
+ }
|
||||
}
|
||||
|
||||
uint32_t ide_data_readw(void *opaque, uint32_t addr)
|
||||
@@ -2053,8 +2055,10 @@ uint32_t ide_data_readw(void *opaque, uint32_t addr)
|
||||
ret = cpu_to_le16(*(uint16_t *)p);
|
||||
p += 2;
|
||||
s->data_ptr = p;
|
||||
- if (p >= s->data_end)
|
||||
+ if (p >= s->data_end) {
|
||||
+ s->status &= ~DRQ_STAT;
|
||||
s->end_transfer_func(s);
|
||||
+ }
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -2078,8 +2082,10 @@ void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
|
||||
*(uint32_t *)p = le32_to_cpu(val);
|
||||
p += 4;
|
||||
s->data_ptr = p;
|
||||
- if (p >= s->data_end)
|
||||
+ if (p >= s->data_end) {
|
||||
+ s->status &= ~DRQ_STAT;
|
||||
s->end_transfer_func(s);
|
||||
+ }
|
||||
}
|
||||
|
||||
uint32_t ide_data_readl(void *opaque, uint32_t addr)
|
||||
@@ -2103,8 +2109,10 @@ uint32_t ide_data_readl(void *opaque, uint32_t addr)
|
||||
ret = cpu_to_le32(*(uint32_t *)p);
|
||||
p += 4;
|
||||
s->data_ptr = p;
|
||||
- if (p >= s->data_end)
|
||||
+ if (p >= s->data_end) {
|
||||
+ s->status &= ~DRQ_STAT;
|
||||
s->end_transfer_func(s);
|
||||
+ }
|
||||
return ret;
|
||||
}
|
||||
|
@ -1,40 +0,0 @@
|
||||
commit c170aad8b057223b1139d72e5ce7acceafab4fa9
|
||||
Author: Paolo Bonzini <pbonzini@redhat.com>
|
||||
Date: Tue Jul 21 08:59:39 2015 +0200
|
||||
|
||||
scsi: fix buffer overflow in scsi_req_parse_cdb (CVE-2015-5158)
|
||||
|
||||
This is a guest-triggerable buffer overflow present in QEMU 2.2.0
|
||||
and newer. scsi_cdb_length returns -1 as an error value, but the
|
||||
caller does not check it.
|
||||
|
||||
Luckily, the massive overflow means that QEMU will just SIGSEGV,
|
||||
making the impact much smaller.
|
||||
|
||||
Reported-by: Zhu Donghai (朱东海) <donghai.zdh@alibaba-inc.com>
|
||||
Fixes: 1894df02811f6b79ea3ffbf1084599d96f316173
|
||||
Reviewed-by: Fam Zheng <famz@redhat.com>
|
||||
Cc: qemu-stable@nongnu.org
|
||||
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||
|
||||
diff --git a/hw/scsi/scsi-bus.c b/hw/scsi/scsi-bus.c
|
||||
index f50b2f0..f0ae462 100644
|
||||
--- a/hw/scsi/scsi-bus.c
|
||||
+++ b/hw/scsi/scsi-bus.c
|
||||
@@ -1239,10 +1239,15 @@ int scsi_cdb_length(uint8_t *buf) {
|
||||
int scsi_req_parse_cdb(SCSIDevice *dev, SCSICommand *cmd, uint8_t *buf)
|
||||
{
|
||||
int rc;
|
||||
+ int len;
|
||||
|
||||
cmd->lba = -1;
|
||||
- cmd->len = scsi_cdb_length(buf);
|
||||
+ len = scsi_cdb_length(buf);
|
||||
+ if (len < 0) {
|
||||
+ return -1;
|
||||
+ }
|
||||
|
||||
+ cmd->len = len;
|
||||
switch (dev->type) {
|
||||
case TYPE_TAPE:
|
||||
rc = scsi_req_stream_xfer(cmd, dev, buf);
|
@ -1,82 +0,0 @@
|
||||
From 5e0c290415b9d57077a86e70c8e6a058868334d3 Mon Sep 17 00:00:00 2001
|
||||
From: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
Date: Wed, 15 Jul 2015 18:16:58 +0100
|
||||
Subject: [PATCH 1/7] rtl8139: avoid nested ifs in IP header parsing
|
||||
|
||||
Transmit offload needs to parse packet headers. If header fields have
|
||||
unexpected values the offload processing is skipped.
|
||||
|
||||
The code currently uses nested ifs because there is relatively little
|
||||
input validation. The next patches will add missing input validation
|
||||
and a goto label is more appropriate to avoid deep if statement nesting.
|
||||
|
||||
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
---
|
||||
hw/net/rtl8139.c | 41 ++++++++++++++++++++++-------------------
|
||||
1 file changed, 22 insertions(+), 19 deletions(-)
|
||||
|
||||
diff --git a/hw/net/rtl8139.c b/hw/net/rtl8139.c
|
||||
index 5f0197c..91ba33b 100644
|
||||
--- a/hw/net/rtl8139.c
|
||||
+++ b/hw/net/rtl8139.c
|
||||
@@ -2174,28 +2174,30 @@ static int rtl8139_cplus_transmit_one(RTL8139State *s)
|
||||
size_t eth_payload_len = 0;
|
||||
|
||||
int proto = be16_to_cpu(*(uint16_t *)(saved_buffer + 12));
|
||||
- if (proto == ETH_P_IP)
|
||||
+ if (proto != ETH_P_IP)
|
||||
{
|
||||
- DPRINTF("+++ C+ mode has IP packet\n");
|
||||
-
|
||||
- /* not aligned */
|
||||
- eth_payload_data = saved_buffer + ETH_HLEN;
|
||||
- eth_payload_len = saved_size - ETH_HLEN;
|
||||
-
|
||||
- ip = (ip_header*)eth_payload_data;
|
||||
-
|
||||
- if (IP_HEADER_VERSION(ip) != IP_HEADER_VERSION_4) {
|
||||
- DPRINTF("+++ C+ mode packet has bad IP version %d "
|
||||
- "expected %d\n", IP_HEADER_VERSION(ip),
|
||||
- IP_HEADER_VERSION_4);
|
||||
- ip = NULL;
|
||||
- } else {
|
||||
- hlen = IP_HEADER_LENGTH(ip);
|
||||
- ip_protocol = ip->ip_p;
|
||||
- ip_data_len = be16_to_cpu(ip->ip_len) - hlen;
|
||||
- }
|
||||
+ goto skip_offload;
|
||||
}
|
||||
|
||||
+ DPRINTF("+++ C+ mode has IP packet\n");
|
||||
+
|
||||
+ /* not aligned */
|
||||
+ eth_payload_data = saved_buffer + ETH_HLEN;
|
||||
+ eth_payload_len = saved_size - ETH_HLEN;
|
||||
+
|
||||
+ ip = (ip_header*)eth_payload_data;
|
||||
+
|
||||
+ if (IP_HEADER_VERSION(ip) != IP_HEADER_VERSION_4) {
|
||||
+ DPRINTF("+++ C+ mode packet has bad IP version %d "
|
||||
+ "expected %d\n", IP_HEADER_VERSION(ip),
|
||||
+ IP_HEADER_VERSION_4);
|
||||
+ goto skip_offload;
|
||||
+ }
|
||||
+
|
||||
+ hlen = IP_HEADER_LENGTH(ip);
|
||||
+ ip_protocol = ip->ip_p;
|
||||
+ ip_data_len = be16_to_cpu(ip->ip_len) - hlen;
|
||||
+
|
||||
if (ip)
|
||||
{
|
||||
if (txdw0 & CP_TX_IPCS)
|
||||
@@ -2391,6 +2393,7 @@ static int rtl8139_cplus_transmit_one(RTL8139State *s)
|
||||
}
|
||||
}
|
||||
|
||||
+skip_offload:
|
||||
/* update tally counter */
|
||||
++s->tally_counters.TxOk;
|
||||
|
||||
--
|
||||
2.1.4
|
||||
|
@ -1,373 +0,0 @@
|
||||
From 2d7d80e8dc160904fa7276cc05da26c062a50066 Mon Sep 17 00:00:00 2001
|
||||
From: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
Date: Wed, 15 Jul 2015 18:16:59 +0100
|
||||
Subject: [PATCH 2/7] rtl8139: drop tautologous if (ip) {...} statement
|
||||
|
||||
The previous patch stopped using the ip pointer as an indicator that the
|
||||
IP header is present. When we reach the if (ip) {...} statement we know
|
||||
ip is always non-NULL.
|
||||
|
||||
Remove the if statement to reduce nesting.
|
||||
|
||||
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
---
|
||||
hw/net/rtl8139.c | 305 +++++++++++++++++++++++++++----------------------------
|
||||
1 file changed, 151 insertions(+), 154 deletions(-)
|
||||
|
||||
diff --git a/hw/net/rtl8139.c b/hw/net/rtl8139.c
|
||||
index 91ba33b..2f12d42 100644
|
||||
--- a/hw/net/rtl8139.c
|
||||
+++ b/hw/net/rtl8139.c
|
||||
@@ -2198,198 +2198,195 @@ static int rtl8139_cplus_transmit_one(RTL8139State *s)
|
||||
ip_protocol = ip->ip_p;
|
||||
ip_data_len = be16_to_cpu(ip->ip_len) - hlen;
|
||||
|
||||
- if (ip)
|
||||
+ if (txdw0 & CP_TX_IPCS)
|
||||
{
|
||||
- if (txdw0 & CP_TX_IPCS)
|
||||
- {
|
||||
- DPRINTF("+++ C+ mode need IP checksum\n");
|
||||
+ DPRINTF("+++ C+ mode need IP checksum\n");
|
||||
|
||||
- if (hlen<sizeof(ip_header) || hlen>eth_payload_len) {/* min header length */
|
||||
- /* bad packet header len */
|
||||
- /* or packet too short */
|
||||
- }
|
||||
- else
|
||||
- {
|
||||
- ip->ip_sum = 0;
|
||||
- ip->ip_sum = ip_checksum(ip, hlen);
|
||||
- DPRINTF("+++ C+ mode IP header len=%d checksum=%04x\n",
|
||||
- hlen, ip->ip_sum);
|
||||
- }
|
||||
+ if (hlen<sizeof(ip_header) || hlen>eth_payload_len) {/* min header length */
|
||||
+ /* bad packet header len */
|
||||
+ /* or packet too short */
|
||||
}
|
||||
-
|
||||
- if ((txdw0 & CP_TX_LGSEN) && ip_protocol == IP_PROTO_TCP)
|
||||
+ else
|
||||
{
|
||||
- int large_send_mss = (txdw0 >> 16) & CP_TC_LGSEN_MSS_MASK;
|
||||
+ ip->ip_sum = 0;
|
||||
+ ip->ip_sum = ip_checksum(ip, hlen);
|
||||
+ DPRINTF("+++ C+ mode IP header len=%d checksum=%04x\n",
|
||||
+ hlen, ip->ip_sum);
|
||||
+ }
|
||||
+ }
|
||||
|
||||
- DPRINTF("+++ C+ mode offloaded task TSO MTU=%d IP data %d "
|
||||
- "frame data %d specified MSS=%d\n", ETH_MTU,
|
||||
- ip_data_len, saved_size - ETH_HLEN, large_send_mss);
|
||||
+ if ((txdw0 & CP_TX_LGSEN) && ip_protocol == IP_PROTO_TCP)
|
||||
+ {
|
||||
+ int large_send_mss = (txdw0 >> 16) & CP_TC_LGSEN_MSS_MASK;
|
||||
|
||||
- int tcp_send_offset = 0;
|
||||
- int send_count = 0;
|
||||
+ DPRINTF("+++ C+ mode offloaded task TSO MTU=%d IP data %d "
|
||||
+ "frame data %d specified MSS=%d\n", ETH_MTU,
|
||||
+ ip_data_len, saved_size - ETH_HLEN, large_send_mss);
|
||||
|
||||
- /* maximum IP header length is 60 bytes */
|
||||
- uint8_t saved_ip_header[60];
|
||||
+ int tcp_send_offset = 0;
|
||||
+ int send_count = 0;
|
||||
|
||||
- /* save IP header template; data area is used in tcp checksum calculation */
|
||||
- memcpy(saved_ip_header, eth_payload_data, hlen);
|
||||
+ /* maximum IP header length is 60 bytes */
|
||||
+ uint8_t saved_ip_header[60];
|
||||
|
||||
- /* a placeholder for checksum calculation routine in tcp case */
|
||||
- uint8_t *data_to_checksum = eth_payload_data + hlen - 12;
|
||||
- // size_t data_to_checksum_len = eth_payload_len - hlen + 12;
|
||||
+ /* save IP header template; data area is used in tcp checksum calculation */
|
||||
+ memcpy(saved_ip_header, eth_payload_data, hlen);
|
||||
|
||||
- /* pointer to TCP header */
|
||||
- tcp_header *p_tcp_hdr = (tcp_header*)(eth_payload_data + hlen);
|
||||
+ /* a placeholder for checksum calculation routine in tcp case */
|
||||
+ uint8_t *data_to_checksum = eth_payload_data + hlen - 12;
|
||||
+ // size_t data_to_checksum_len = eth_payload_len - hlen + 12;
|
||||
|
||||
- int tcp_hlen = TCP_HEADER_DATA_OFFSET(p_tcp_hdr);
|
||||
+ /* pointer to TCP header */
|
||||
+ tcp_header *p_tcp_hdr = (tcp_header*)(eth_payload_data + hlen);
|
||||
|
||||
- /* ETH_MTU = ip header len + tcp header len + payload */
|
||||
- int tcp_data_len = ip_data_len - tcp_hlen;
|
||||
- int tcp_chunk_size = ETH_MTU - hlen - tcp_hlen;
|
||||
+ int tcp_hlen = TCP_HEADER_DATA_OFFSET(p_tcp_hdr);
|
||||
|
||||
- DPRINTF("+++ C+ mode TSO IP data len %d TCP hlen %d TCP "
|
||||
- "data len %d TCP chunk size %d\n", ip_data_len,
|
||||
- tcp_hlen, tcp_data_len, tcp_chunk_size);
|
||||
+ /* ETH_MTU = ip header len + tcp header len + payload */
|
||||
+ int tcp_data_len = ip_data_len - tcp_hlen;
|
||||
+ int tcp_chunk_size = ETH_MTU - hlen - tcp_hlen;
|
||||
|
||||
- /* note the cycle below overwrites IP header data,
|
||||
- but restores it from saved_ip_header before sending packet */
|
||||
+ DPRINTF("+++ C+ mode TSO IP data len %d TCP hlen %d TCP "
|
||||
+ "data len %d TCP chunk size %d\n", ip_data_len,
|
||||
+ tcp_hlen, tcp_data_len, tcp_chunk_size);
|
||||
|
||||
- int is_last_frame = 0;
|
||||
+ /* note the cycle below overwrites IP header data,
|
||||
+ but restores it from saved_ip_header before sending packet */
|
||||
|
||||
- for (tcp_send_offset = 0; tcp_send_offset < tcp_data_len; tcp_send_offset += tcp_chunk_size)
|
||||
- {
|
||||
- uint16_t chunk_size = tcp_chunk_size;
|
||||
-
|
||||
- /* check if this is the last frame */
|
||||
- if (tcp_send_offset + tcp_chunk_size >= tcp_data_len)
|
||||
- {
|
||||
- is_last_frame = 1;
|
||||
- chunk_size = tcp_data_len - tcp_send_offset;
|
||||
- }
|
||||
-
|
||||
- DPRINTF("+++ C+ mode TSO TCP seqno %08x\n",
|
||||
- be32_to_cpu(p_tcp_hdr->th_seq));
|
||||
-
|
||||
- /* add 4 TCP pseudoheader fields */
|
||||
- /* copy IP source and destination fields */
|
||||
- memcpy(data_to_checksum, saved_ip_header + 12, 8);
|
||||
-
|
||||
- DPRINTF("+++ C+ mode TSO calculating TCP checksum for "
|
||||
- "packet with %d bytes data\n", tcp_hlen +
|
||||
- chunk_size);
|
||||
-
|
||||
- if (tcp_send_offset)
|
||||
- {
|
||||
- memcpy((uint8_t*)p_tcp_hdr + tcp_hlen, (uint8_t*)p_tcp_hdr + tcp_hlen + tcp_send_offset, chunk_size);
|
||||
- }
|
||||
-
|
||||
- /* keep PUSH and FIN flags only for the last frame */
|
||||
- if (!is_last_frame)
|
||||
- {
|
||||
- TCP_HEADER_CLEAR_FLAGS(p_tcp_hdr, TCP_FLAG_PUSH|TCP_FLAG_FIN);
|
||||
- }
|
||||
-
|
||||
- /* recalculate TCP checksum */
|
||||
- ip_pseudo_header *p_tcpip_hdr = (ip_pseudo_header *)data_to_checksum;
|
||||
- p_tcpip_hdr->zeros = 0;
|
||||
- p_tcpip_hdr->ip_proto = IP_PROTO_TCP;
|
||||
- p_tcpip_hdr->ip_payload = cpu_to_be16(tcp_hlen + chunk_size);
|
||||
-
|
||||
- p_tcp_hdr->th_sum = 0;
|
||||
-
|
||||
- int tcp_checksum = ip_checksum(data_to_checksum, tcp_hlen + chunk_size + 12);
|
||||
- DPRINTF("+++ C+ mode TSO TCP checksum %04x\n",
|
||||
- tcp_checksum);
|
||||
-
|
||||
- p_tcp_hdr->th_sum = tcp_checksum;
|
||||
-
|
||||
- /* restore IP header */
|
||||
- memcpy(eth_payload_data, saved_ip_header, hlen);
|
||||
-
|
||||
- /* set IP data length and recalculate IP checksum */
|
||||
- ip->ip_len = cpu_to_be16(hlen + tcp_hlen + chunk_size);
|
||||
-
|
||||
- /* increment IP id for subsequent frames */
|
||||
- ip->ip_id = cpu_to_be16(tcp_send_offset/tcp_chunk_size + be16_to_cpu(ip->ip_id));
|
||||
-
|
||||
- ip->ip_sum = 0;
|
||||
- ip->ip_sum = ip_checksum(eth_payload_data, hlen);
|
||||
- DPRINTF("+++ C+ mode TSO IP header len=%d "
|
||||
- "checksum=%04x\n", hlen, ip->ip_sum);
|
||||
-
|
||||
- int tso_send_size = ETH_HLEN + hlen + tcp_hlen + chunk_size;
|
||||
- DPRINTF("+++ C+ mode TSO transferring packet size "
|
||||
- "%d\n", tso_send_size);
|
||||
- rtl8139_transfer_frame(s, saved_buffer, tso_send_size,
|
||||
- 0, (uint8_t *) dot1q_buffer);
|
||||
-
|
||||
- /* add transferred count to TCP sequence number */
|
||||
- p_tcp_hdr->th_seq = cpu_to_be32(chunk_size + be32_to_cpu(p_tcp_hdr->th_seq));
|
||||
- ++send_count;
|
||||
- }
|
||||
+ int is_last_frame = 0;
|
||||
|
||||
- /* Stop sending this frame */
|
||||
- saved_size = 0;
|
||||
- }
|
||||
- else if (txdw0 & (CP_TX_TCPCS|CP_TX_UDPCS))
|
||||
+ for (tcp_send_offset = 0; tcp_send_offset < tcp_data_len; tcp_send_offset += tcp_chunk_size)
|
||||
{
|
||||
- DPRINTF("+++ C+ mode need TCP or UDP checksum\n");
|
||||
+ uint16_t chunk_size = tcp_chunk_size;
|
||||
|
||||
- /* maximum IP header length is 60 bytes */
|
||||
- uint8_t saved_ip_header[60];
|
||||
- memcpy(saved_ip_header, eth_payload_data, hlen);
|
||||
+ /* check if this is the last frame */
|
||||
+ if (tcp_send_offset + tcp_chunk_size >= tcp_data_len)
|
||||
+ {
|
||||
+ is_last_frame = 1;
|
||||
+ chunk_size = tcp_data_len - tcp_send_offset;
|
||||
+ }
|
||||
|
||||
- uint8_t *data_to_checksum = eth_payload_data + hlen - 12;
|
||||
- // size_t data_to_checksum_len = eth_payload_len - hlen + 12;
|
||||
+ DPRINTF("+++ C+ mode TSO TCP seqno %08x\n",
|
||||
+ be32_to_cpu(p_tcp_hdr->th_seq));
|
||||
|
||||
/* add 4 TCP pseudoheader fields */
|
||||
/* copy IP source and destination fields */
|
||||
memcpy(data_to_checksum, saved_ip_header + 12, 8);
|
||||
|
||||
- if ((txdw0 & CP_TX_TCPCS) && ip_protocol == IP_PROTO_TCP)
|
||||
+ DPRINTF("+++ C+ mode TSO calculating TCP checksum for "
|
||||
+ "packet with %d bytes data\n", tcp_hlen +
|
||||
+ chunk_size);
|
||||
+
|
||||
+ if (tcp_send_offset)
|
||||
{
|
||||
- DPRINTF("+++ C+ mode calculating TCP checksum for "
|
||||
- "packet with %d bytes data\n", ip_data_len);
|
||||
+ memcpy((uint8_t*)p_tcp_hdr + tcp_hlen, (uint8_t*)p_tcp_hdr + tcp_hlen + tcp_send_offset, chunk_size);
|
||||
+ }
|
||||
|
||||
- ip_pseudo_header *p_tcpip_hdr = (ip_pseudo_header *)data_to_checksum;
|
||||
- p_tcpip_hdr->zeros = 0;
|
||||
- p_tcpip_hdr->ip_proto = IP_PROTO_TCP;
|
||||
- p_tcpip_hdr->ip_payload = cpu_to_be16(ip_data_len);
|
||||
+ /* keep PUSH and FIN flags only for the last frame */
|
||||
+ if (!is_last_frame)
|
||||
+ {
|
||||
+ TCP_HEADER_CLEAR_FLAGS(p_tcp_hdr, TCP_FLAG_PUSH|TCP_FLAG_FIN);
|
||||
+ }
|
||||
|
||||
- tcp_header* p_tcp_hdr = (tcp_header *) (data_to_checksum+12);
|
||||
+ /* recalculate TCP checksum */
|
||||
+ ip_pseudo_header *p_tcpip_hdr = (ip_pseudo_header *)data_to_checksum;
|
||||
+ p_tcpip_hdr->zeros = 0;
|
||||
+ p_tcpip_hdr->ip_proto = IP_PROTO_TCP;
|
||||
+ p_tcpip_hdr->ip_payload = cpu_to_be16(tcp_hlen + chunk_size);
|
||||
|
||||
- p_tcp_hdr->th_sum = 0;
|
||||
+ p_tcp_hdr->th_sum = 0;
|
||||
|
||||
- int tcp_checksum = ip_checksum(data_to_checksum, ip_data_len + 12);
|
||||
- DPRINTF("+++ C+ mode TCP checksum %04x\n",
|
||||
- tcp_checksum);
|
||||
+ int tcp_checksum = ip_checksum(data_to_checksum, tcp_hlen + chunk_size + 12);
|
||||
+ DPRINTF("+++ C+ mode TSO TCP checksum %04x\n",
|
||||
+ tcp_checksum);
|
||||
|
||||
- p_tcp_hdr->th_sum = tcp_checksum;
|
||||
- }
|
||||
- else if ((txdw0 & CP_TX_UDPCS) && ip_protocol == IP_PROTO_UDP)
|
||||
- {
|
||||
- DPRINTF("+++ C+ mode calculating UDP checksum for "
|
||||
- "packet with %d bytes data\n", ip_data_len);
|
||||
+ p_tcp_hdr->th_sum = tcp_checksum;
|
||||
|
||||
- ip_pseudo_header *p_udpip_hdr = (ip_pseudo_header *)data_to_checksum;
|
||||
- p_udpip_hdr->zeros = 0;
|
||||
- p_udpip_hdr->ip_proto = IP_PROTO_UDP;
|
||||
- p_udpip_hdr->ip_payload = cpu_to_be16(ip_data_len);
|
||||
+ /* restore IP header */
|
||||
+ memcpy(eth_payload_data, saved_ip_header, hlen);
|
||||
|
||||
- udp_header *p_udp_hdr = (udp_header *) (data_to_checksum+12);
|
||||
+ /* set IP data length and recalculate IP checksum */
|
||||
+ ip->ip_len = cpu_to_be16(hlen + tcp_hlen + chunk_size);
|
||||
|
||||
- p_udp_hdr->uh_sum = 0;
|
||||
+ /* increment IP id for subsequent frames */
|
||||
+ ip->ip_id = cpu_to_be16(tcp_send_offset/tcp_chunk_size + be16_to_cpu(ip->ip_id));
|
||||
|
||||
- int udp_checksum = ip_checksum(data_to_checksum, ip_data_len + 12);
|
||||
- DPRINTF("+++ C+ mode UDP checksum %04x\n",
|
||||
- udp_checksum);
|
||||
+ ip->ip_sum = 0;
|
||||
+ ip->ip_sum = ip_checksum(eth_payload_data, hlen);
|
||||
+ DPRINTF("+++ C+ mode TSO IP header len=%d "
|
||||
+ "checksum=%04x\n", hlen, ip->ip_sum);
|
||||
|
||||
- p_udp_hdr->uh_sum = udp_checksum;
|
||||
- }
|
||||
+ int tso_send_size = ETH_HLEN + hlen + tcp_hlen + chunk_size;
|
||||
+ DPRINTF("+++ C+ mode TSO transferring packet size "
|
||||
+ "%d\n", tso_send_size);
|
||||
+ rtl8139_transfer_frame(s, saved_buffer, tso_send_size,
|
||||
+ 0, (uint8_t *) dot1q_buffer);
|
||||
|
||||
- /* restore IP header */
|
||||
- memcpy(eth_payload_data, saved_ip_header, hlen);
|
||||
+ /* add transferred count to TCP sequence number */
|
||||
+ p_tcp_hdr->th_seq = cpu_to_be32(chunk_size + be32_to_cpu(p_tcp_hdr->th_seq));
|
||||
+ ++send_count;
|
||||
}
|
||||
+
|
||||
+ /* Stop sending this frame */
|
||||
+ saved_size = 0;
|
||||
+ }
|
||||
+ else if (txdw0 & (CP_TX_TCPCS|CP_TX_UDPCS))
|
||||
+ {
|
||||
+ DPRINTF("+++ C+ mode need TCP or UDP checksum\n");
|
||||
+
|
||||
+ /* maximum IP header length is 60 bytes */
|
||||
+ uint8_t saved_ip_header[60];
|
||||
+ memcpy(saved_ip_header, eth_payload_data, hlen);
|
||||
+
|
||||
+ uint8_t *data_to_checksum = eth_payload_data + hlen - 12;
|
||||
+ // size_t data_to_checksum_len = eth_payload_len - hlen + 12;
|
||||
+
|
||||
+ /* add 4 TCP pseudoheader fields */
|
||||
+ /* copy IP source and destination fields */
|
||||
+ memcpy(data_to_checksum, saved_ip_header + 12, 8);
|
||||
+
|
||||
+ if ((txdw0 & CP_TX_TCPCS) && ip_protocol == IP_PROTO_TCP)
|
||||
+ {
|
||||
+ DPRINTF("+++ C+ mode calculating TCP checksum for "
|
||||
+ "packet with %d bytes data\n", ip_data_len);
|
||||
+
|
||||
+ ip_pseudo_header *p_tcpip_hdr = (ip_pseudo_header *)data_to_checksum;
|
||||
+ p_tcpip_hdr->zeros = 0;
|
||||
+ p_tcpip_hdr->ip_proto = IP_PROTO_TCP;
|
||||
+ p_tcpip_hdr->ip_payload = cpu_to_be16(ip_data_len);
|
||||
+
|
||||
+ tcp_header* p_tcp_hdr = (tcp_header *) (data_to_checksum+12);
|
||||
+
|
||||
+ p_tcp_hdr->th_sum = 0;
|
||||
+
|
||||
+ int tcp_checksum = ip_checksum(data_to_checksum, ip_data_len + 12);
|
||||
+ DPRINTF("+++ C+ mode TCP checksum %04x\n",
|
||||
+ tcp_checksum);
|
||||
+
|
||||
+ p_tcp_hdr->th_sum = tcp_checksum;
|
||||
+ }
|
||||
+ else if ((txdw0 & CP_TX_UDPCS) && ip_protocol == IP_PROTO_UDP)
|
||||
+ {
|
||||
+ DPRINTF("+++ C+ mode calculating UDP checksum for "
|
||||
+ "packet with %d bytes data\n", ip_data_len);
|
||||
+
|
||||
+ ip_pseudo_header *p_udpip_hdr = (ip_pseudo_header *)data_to_checksum;
|
||||
+ p_udpip_hdr->zeros = 0;
|
||||
+ p_udpip_hdr->ip_proto = IP_PROTO_UDP;
|
||||
+ p_udpip_hdr->ip_payload = cpu_to_be16(ip_data_len);
|
||||
+
|
||||
+ udp_header *p_udp_hdr = (udp_header *) (data_to_checksum+12);
|
||||
+
|
||||
+ p_udp_hdr->uh_sum = 0;
|
||||
+
|
||||
+ int udp_checksum = ip_checksum(data_to_checksum, ip_data_len + 12);
|
||||
+ DPRINTF("+++ C+ mode UDP checksum %04x\n",
|
||||
+ udp_checksum);
|
||||
+
|
||||
+ p_udp_hdr->uh_sum = udp_checksum;
|
||||
+ }
|
||||
+
|
||||
+ /* restore IP header */
|
||||
+ memcpy(eth_payload_data, saved_ip_header, hlen);
|
||||
}
|
||||
}
|
||||
|
||||
--
|
||||
2.1.4
|
||||
|
@ -1,39 +0,0 @@
|
||||
From 043d28507ef7c5fdc34866f5e3b27a72bd0cd072 Mon Sep 17 00:00:00 2001
|
||||
From: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
Date: Wed, 15 Jul 2015 18:17:00 +0100
|
||||
Subject: [PATCH 3/7] rtl8139: skip offload on short Ethernet/IP header
|
||||
|
||||
Transmit offload features access Ethernet and IP headers the packet. If
|
||||
the packet is too short we must not attempt to access header fields:
|
||||
|
||||
int proto = be16_to_cpu(*(uint16_t *)(saved_buffer + 12));
|
||||
...
|
||||
eth_payload_data = saved_buffer + ETH_HLEN;
|
||||
...
|
||||
ip = (ip_header*)eth_payload_data;
|
||||
if (IP_HEADER_VERSION(ip) != IP_HEADER_VERSION_4) {
|
||||
|
||||
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
---
|
||||
hw/net/rtl8139.c | 5 +++++
|
||||
1 file changed, 5 insertions(+)
|
||||
|
||||
diff --git a/hw/net/rtl8139.c b/hw/net/rtl8139.c
|
||||
index 2f12d42..d377b6b 100644
|
||||
--- a/hw/net/rtl8139.c
|
||||
+++ b/hw/net/rtl8139.c
|
||||
@@ -2164,6 +2164,11 @@ static int rtl8139_cplus_transmit_one(RTL8139State *s)
|
||||
{
|
||||
DPRINTF("+++ C+ mode offloaded task checksum\n");
|
||||
|
||||
+ /* Large enough for Ethernet and IP headers? */
|
||||
+ if (saved_size < ETH_HLEN + sizeof(ip_header)) {
|
||||
+ goto skip_offload;
|
||||
+ }
|
||||
+
|
||||
/* ip packet header */
|
||||
ip_header *ip = NULL;
|
||||
int hlen = 0;
|
||||
--
|
||||
2.1.4
|
||||
|
@ -1,53 +0,0 @@
|
||||
From 5a75d242fe019d05b46ef9bc330a6892525c84a7 Mon Sep 17 00:00:00 2001
|
||||
From: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
Date: Wed, 15 Jul 2015 18:17:01 +0100
|
||||
Subject: [PATCH 4/7] rtl8139: check IP Header Length field
|
||||
|
||||
The IP Header Length field was only checked in the IP checksum case, but
|
||||
is used in other cases too.
|
||||
|
||||
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
---
|
||||
hw/net/rtl8139.c | 19 ++++++++-----------
|
||||
1 file changed, 8 insertions(+), 11 deletions(-)
|
||||
|
||||
diff --git a/hw/net/rtl8139.c b/hw/net/rtl8139.c
|
||||
index d377b6b..cd5ac05 100644
|
||||
--- a/hw/net/rtl8139.c
|
||||
+++ b/hw/net/rtl8139.c
|
||||
@@ -2200,6 +2200,10 @@ static int rtl8139_cplus_transmit_one(RTL8139State *s)
|
||||
}
|
||||
|
||||
hlen = IP_HEADER_LENGTH(ip);
|
||||
+ if (hlen < sizeof(ip_header) || hlen > eth_payload_len) {
|
||||
+ goto skip_offload;
|
||||
+ }
|
||||
+
|
||||
ip_protocol = ip->ip_p;
|
||||
ip_data_len = be16_to_cpu(ip->ip_len) - hlen;
|
||||
|
||||
@@ -2207,17 +2211,10 @@ static int rtl8139_cplus_transmit_one(RTL8139State *s)
|
||||
{
|
||||
DPRINTF("+++ C+ mode need IP checksum\n");
|
||||
|
||||
- if (hlen<sizeof(ip_header) || hlen>eth_payload_len) {/* min header length */
|
||||
- /* bad packet header len */
|
||||
- /* or packet too short */
|
||||
- }
|
||||
- else
|
||||
- {
|
||||
- ip->ip_sum = 0;
|
||||
- ip->ip_sum = ip_checksum(ip, hlen);
|
||||
- DPRINTF("+++ C+ mode IP header len=%d checksum=%04x\n",
|
||||
- hlen, ip->ip_sum);
|
||||
- }
|
||||
+ ip->ip_sum = 0;
|
||||
+ ip->ip_sum = ip_checksum(ip, hlen);
|
||||
+ DPRINTF("+++ C+ mode IP header len=%d checksum=%04x\n",
|
||||
+ hlen, ip->ip_sum);
|
||||
}
|
||||
|
||||
if ((txdw0 & CP_TX_LGSEN) && ip_protocol == IP_PROTO_TCP)
|
||||
--
|
||||
2.1.4
|
||||
|
@ -1,34 +0,0 @@
|
||||
From 6c79ea275d72bc1fd88bdcf1e7d231b2c9c865de Mon Sep 17 00:00:00 2001
|
||||
From: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
Date: Wed, 15 Jul 2015 18:17:02 +0100
|
||||
Subject: [PATCH 5/7] rtl8139: check IP Total Length field
|
||||
|
||||
The IP Total Length field includes the IP header and data. Make sure it
|
||||
is valid and does not exceed the Ethernet payload size.
|
||||
|
||||
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
---
|
||||
hw/net/rtl8139.c | 7 ++++++-
|
||||
1 file changed, 6 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/hw/net/rtl8139.c b/hw/net/rtl8139.c
|
||||
index cd5ac05..ed2b23b 100644
|
||||
--- a/hw/net/rtl8139.c
|
||||
+++ b/hw/net/rtl8139.c
|
||||
@@ -2205,7 +2205,12 @@ static int rtl8139_cplus_transmit_one(RTL8139State *s)
|
||||
}
|
||||
|
||||
ip_protocol = ip->ip_p;
|
||||
- ip_data_len = be16_to_cpu(ip->ip_len) - hlen;
|
||||
+
|
||||
+ ip_data_len = be16_to_cpu(ip->ip_len);
|
||||
+ if (ip_data_len < hlen || ip_data_len > eth_payload_len) {
|
||||
+ goto skip_offload;
|
||||
+ }
|
||||
+ ip_data_len -= hlen;
|
||||
|
||||
if (txdw0 & CP_TX_IPCS)
|
||||
{
|
||||
--
|
||||
2.1.4
|
||||
|
@ -1,35 +0,0 @@
|
||||
From 30aa7be430e7c982e9163f3bcc745d3aa57b6aa4 Mon Sep 17 00:00:00 2001
|
||||
From: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
Date: Wed, 15 Jul 2015 18:17:03 +0100
|
||||
Subject: [PATCH 6/7] rtl8139: skip offload on short TCP header
|
||||
|
||||
TCP Large Segment Offload accesses the TCP header in the packet. If the
|
||||
packet is too short we must not attempt to access header fields:
|
||||
|
||||
tcp_header *p_tcp_hdr = (tcp_header*)(eth_payload_data + hlen);
|
||||
int tcp_hlen = TCP_HEADER_DATA_OFFSET(p_tcp_hdr);
|
||||
|
||||
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
---
|
||||
hw/net/rtl8139.c | 5 +++++
|
||||
1 file changed, 5 insertions(+)
|
||||
|
||||
diff --git a/hw/net/rtl8139.c b/hw/net/rtl8139.c
|
||||
index ed2b23b..c8f0df9 100644
|
||||
--- a/hw/net/rtl8139.c
|
||||
+++ b/hw/net/rtl8139.c
|
||||
@@ -2224,6 +2224,11 @@ static int rtl8139_cplus_transmit_one(RTL8139State *s)
|
||||
|
||||
if ((txdw0 & CP_TX_LGSEN) && ip_protocol == IP_PROTO_TCP)
|
||||
{
|
||||
+ /* Large enough for the TCP header? */
|
||||
+ if (ip_data_len < sizeof(tcp_header)) {
|
||||
+ goto skip_offload;
|
||||
+ }
|
||||
+
|
||||
int large_send_mss = (txdw0 >> 16) & CP_TC_LGSEN_MSS_MASK;
|
||||
|
||||
DPRINTF("+++ C+ mode offloaded task TSO MTU=%d IP data %d "
|
||||
--
|
||||
2.1.4
|
||||
|
@ -1,32 +0,0 @@
|
||||
From 9a084807bf6ca7c16d997a236d304111894a6539 Mon Sep 17 00:00:00 2001
|
||||
From: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
Date: Wed, 15 Jul 2015 18:17:04 +0100
|
||||
Subject: [PATCH 7/7] rtl8139: check TCP Data Offset field
|
||||
|
||||
The TCP Data Offset field contains the length of the header. Make sure
|
||||
it is valid and does not exceed the IP data length.
|
||||
|
||||
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
---
|
||||
hw/net/rtl8139.c | 5 +++++
|
||||
1 file changed, 5 insertions(+)
|
||||
|
||||
diff --git a/hw/net/rtl8139.c b/hw/net/rtl8139.c
|
||||
index c8f0df9..2df4a51 100644
|
||||
--- a/hw/net/rtl8139.c
|
||||
+++ b/hw/net/rtl8139.c
|
||||
@@ -2253,6 +2253,11 @@ static int rtl8139_cplus_transmit_one(RTL8139State *s)
|
||||
|
||||
int tcp_hlen = TCP_HEADER_DATA_OFFSET(p_tcp_hdr);
|
||||
|
||||
+ /* Invalid TCP data offset? */
|
||||
+ if (tcp_hlen < sizeof(tcp_header) || tcp_hlen > ip_data_len) {
|
||||
+ goto skip_offload;
|
||||
+ }
|
||||
+
|
||||
/* ETH_MTU = ip header len + tcp header len + payload */
|
||||
int tcp_data_len = ip_data_len - tcp_hlen;
|
||||
int tcp_chunk_size = ETH_MTU - hlen - tcp_hlen;
|
||||
--
|
||||
2.1.4
|
||||
|
@ -1,36 +0,0 @@
|
||||
From: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
|
||||
|
||||
Fix release_drive on unplugged devices (pci_piix3_xen_ide_unplug)
|
||||
|
||||
pci_piix3_xen_ide_unplug should completely unhook the unplugged
|
||||
IDEDevice from the corresponding BlockBackend, otherwise the next call
|
||||
to release_drive will try to detach the drive again.
|
||||
|
||||
Suggested-by: Kevin Wolf <kwolf@redhat.com>
|
||||
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
|
||||
|
||||
diff --git a/hw/ide/piix.c b/hw/ide/piix.c
|
||||
index adb6649..5a26c86 100644
|
||||
--- a/hw/ide/piix.c
|
||||
+++ b/hw/ide/piix.c
|
||||
@@ -169,6 +169,7 @@ int pci_piix3_xen_ide_unplug(DeviceState *dev)
|
||||
PCIIDEState *pci_ide;
|
||||
DriveInfo *di;
|
||||
int i;
|
||||
+ IDEDevice *idedev;
|
||||
|
||||
pci_ide = PCI_IDE(dev);
|
||||
|
||||
@@ -181,6 +182,12 @@ int pci_piix3_xen_ide_unplug(DeviceState *dev)
|
||||
blk_detach_dev(blk, ds);
|
||||
}
|
||||
pci_ide->bus[di->bus].ifs[di->unit].blk = NULL;
|
||||
+ if (!(i % 2)) {
|
||||
+ idedev = pci_ide->bus[di->bus].master;
|
||||
+ } else {
|
||||
+ idedev = pci_ide->bus[di->bus].slave;
|
||||
+ }
|
||||
+ idedev->conf.blk = NULL;
|
||||
blk_unref(blk);
|
||||
}
|
||||
}
|
@ -1,6 +1,6 @@
|
||||
# Copyright 1999-2015 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: /var/cvsroot/gentoo-x86/app-emulation/qemu/qemu-2.3.0-r5.ebuild,v 1.1 2015/08/03 15:36:55 cardoe Exp $
|
||||
# $Id$
|
||||
|
||||
EAPI=5
|
||||
|
||||
@ -34,9 +34,9 @@ IUSE="accessibility +aio alsa bluetooth +caps +curl debug +fdt glusterfs \
|
||||
gtk gtk2 infiniband iscsi +jpeg \
|
||||
kernel_linux kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs
|
||||
+png pulseaudio python \
|
||||
rbd sasl +seccomp sdl selinux smartcard snappy spice ssh static static-softmmu \
|
||||
rbd sasl +seccomp sdl sdl2 selinux smartcard snappy spice ssh static static-softmmu
|
||||
static-user systemtap tci test +threads tls usb usbredir +uuid vde +vhost-net \
|
||||
virtfs +vnc xattr xen xfs"
|
||||
virtfs +vnc vte xattr xen xfs"
|
||||
|
||||
COMMON_TARGETS="aarch64 alpha arm cris i386 m68k microblaze microblazeel mips
|
||||
mips64 mips64el mipsel or32 ppc ppc64 s390x sh4 sh4eb sparc sparc64 unicore32
|
||||
@ -48,18 +48,19 @@ use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
|
||||
use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS})
|
||||
IUSE+=" ${use_softmmu_targets} ${use_user_targets}"
|
||||
|
||||
# Require at least one softmmu or user target.
|
||||
# Allow no targets to be built so that people can get a tools-only build.
|
||||
# Block USE flag configurations known to not work.
|
||||
REQUIRED_USE="|| ( ${use_softmmu_targets} ${use_user_targets} )
|
||||
${PYTHON_REQUIRED_USE}
|
||||
REQUIRED_USE="${PYTHON_REQUIRED_USE}
|
||||
gtk2? ( gtk )
|
||||
qemu_softmmu_targets_arm? ( fdt )
|
||||
qemu_softmmu_targets_microblaze? ( fdt )
|
||||
qemu_softmmu_targets_ppc? ( fdt )
|
||||
qemu_softmmu_targets_ppc64? ( fdt )
|
||||
sdl2? ( sdl )
|
||||
static? ( static-softmmu static-user )
|
||||
static-softmmu? ( !alsa !pulseaudio !bluetooth !opengl !gtk !gtk2 )
|
||||
virtfs? ( xattr )"
|
||||
virtfs? ( xattr )
|
||||
vte? ( gtk )"
|
||||
|
||||
# Yep, you need both libcap and libcap-ng since virtfs only uses libcap.
|
||||
#
|
||||
@ -71,29 +72,65 @@ COMMON_LIB_DEPEND=">=dev-libs/glib-2.0[static-libs(+)]
|
||||
xattr? ( sys-apps/attr[static-libs(+)] )"
|
||||
SOFTMMU_LIB_DEPEND="${COMMON_LIB_DEPEND}
|
||||
>=x11-libs/pixman-0.28.0[static-libs(+)]
|
||||
accessibility? ( app-accessibility/brltty[static-libs(+)] )
|
||||
aio? ( dev-libs/libaio[static-libs(+)] )
|
||||
alsa? ( >=media-libs/alsa-lib-1.0.13 )
|
||||
bluetooth? ( net-wireless/bluez )
|
||||
caps? ( sys-libs/libcap-ng[static-libs(+)] )
|
||||
curl? ( >=net-misc/curl-7.15.4[static-libs(+)] )
|
||||
fdt? ( >=sys-apps/dtc-1.4.0[static-libs(+)] )
|
||||
glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] )
|
||||
gtk? (
|
||||
gtk2? (
|
||||
x11-libs/gtk+:2
|
||||
vte? ( x11-libs/vte:0 )
|
||||
)
|
||||
!gtk2? (
|
||||
x11-libs/gtk+:3
|
||||
vte? ( x11-libs/vte:2.90 )
|
||||
)
|
||||
)
|
||||
infiniband? ( sys-infiniband/librdmacm:=[static-libs(+)] )
|
||||
iscsi? ( net-libs/libiscsi )
|
||||
jpeg? ( virtual/jpeg:=[static-libs(+)] )
|
||||
lzo? ( dev-libs/lzo:2[static-libs(+)] )
|
||||
ncurses? ( sys-libs/ncurses[static-libs(+)] )
|
||||
ncurses? ( sys-libs/ncurses:5=[static-libs(+)] )
|
||||
nfs? ( >=net-fs/libnfs-1.9.3[static-libs(+)] )
|
||||
numa? ( sys-process/numactl[static-libs(+)] )
|
||||
opengl? (
|
||||
virtual/opengl
|
||||
media-libs/libepoxy[static-libs(+)]
|
||||
media-libs/mesa[static-libs(+)]
|
||||
media-libs/mesa[gles2]
|
||||
)
|
||||
png? ( media-libs/libpng:0=[static-libs(+)] )
|
||||
pulseaudio? ( media-sound/pulseaudio )
|
||||
rbd? ( sys-cluster/ceph[static-libs(+)] )
|
||||
sasl? ( dev-libs/cyrus-sasl[static-libs(+)] )
|
||||
sdl? ( >=media-libs/libsdl-1.2.11[static-libs(+)] )
|
||||
sdl? (
|
||||
!sdl2? (
|
||||
media-libs/libsdl[X]
|
||||
>=media-libs/libsdl-1.2.11[static-libs(+)]
|
||||
)
|
||||
sdl2? (
|
||||
media-libs/libsdl2[X]
|
||||
media-libs/libsdl2[static-libs(+)]
|
||||
)
|
||||
)
|
||||
seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] )
|
||||
smartcard? ( dev-libs/nss !app-emulation/libcacard )
|
||||
snappy? ( app-arch/snappy[static-libs(+)] )
|
||||
spice? ( >=app-emulation/spice-0.12.0[static-libs(+)] )
|
||||
spice? (
|
||||
>=app-emulation/spice-protocol-0.12.3
|
||||
>=app-emulation/spice-0.12.0[static-libs(+)]
|
||||
)
|
||||
ssh? ( >=net-libs/libssh2-1.2.8[static-libs(+)] )
|
||||
tls? ( net-libs/gnutls[static-libs(+)] )
|
||||
usb? ( >=dev-libs/libusb-1.0.18[static-libs(+)] )
|
||||
usb? ( >=virtual/libusb-1-r2[static-libs(+)] )
|
||||
usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] )
|
||||
uuid? ( >=sys-apps/util-linux-2.16.0[static-libs(+)] )
|
||||
vde? ( net-misc/vde[static-libs(+)] )
|
||||
virtfs? ( sys-libs/libcap )
|
||||
xfs? ( sys-fs/xfsprogs[static-libs(+)] )"
|
||||
USER_LIB_DEPEND="${COMMON_LIB_DEPEND}"
|
||||
X86_FIRMWARE_DEPEND="
|
||||
@ -106,30 +143,15 @@ X86_FIRMWARE_DEPEND="
|
||||
!pin-upstream-blobs? (
|
||||
sys-firmware/seabios
|
||||
sys-firmware/sgabios
|
||||
sys-firmware/vgabios
|
||||
)"
|
||||
CDEPEND="
|
||||
!static-softmmu? ( $(printf "%s? ( ${SOFTMMU_LIB_DEPEND//\[static-libs(+)]} ) " ${use_softmmu_targets}) )
|
||||
!static-user? ( $(printf "%s? ( ${USER_LIB_DEPEND//\[static-libs(+)]} ) " ${use_user_targets}) )
|
||||
qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} )
|
||||
qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )
|
||||
accessibility? ( app-accessibility/brltty )
|
||||
alsa? ( >=media-libs/alsa-lib-1.0.13 )
|
||||
bluetooth? ( net-wireless/bluez )
|
||||
gtk? (
|
||||
gtk2? ( x11-libs/gtk+:2 )
|
||||
!gtk2? ( x11-libs/gtk+:3 )
|
||||
x11-libs/vte:2.90
|
||||
)
|
||||
iscsi? ( net-libs/libiscsi )
|
||||
opengl? ( virtual/opengl )
|
||||
pulseaudio? ( media-sound/pulseaudio )
|
||||
python? ( ${PYTHON_DEPS} )
|
||||
sdl? ( media-libs/libsdl[X] )
|
||||
smartcard? ( dev-libs/nss !app-emulation/libcacard )
|
||||
spice? ( >=app-emulation/spice-protocol-0.12.3 )
|
||||
systemtap? ( dev-util/systemtap )
|
||||
usbredir? ( >=sys-apps/usbredir-0.6 )
|
||||
virtfs? ( sys-libs/libcap )
|
||||
xen? ( app-emulation/xen-tools )"
|
||||
DEPEND="${CDEPEND}
|
||||
dev-lang/perl
|
||||
@ -260,21 +282,6 @@ src_prepare() {
|
||||
use nls || rm -f po/*.po
|
||||
|
||||
epatch "${FILESDIR}"/qemu-1.7.0-cflags.patch
|
||||
epatch "${FILESDIR}"/${P}-CVE-2015-3456.patch #549404
|
||||
epatch "${FILESDIR}"/${P}-CVE-2015-3209.patch #551752
|
||||
epatch "${FILESDIR}"/${P}-CVE-2015-5158.patch #555680
|
||||
epatch "${FILESDIR}"/${P}-CVE-2015-3214.patch #556052
|
||||
epatch "${FILESDIR}"/${P}-CVE-2015-5154-1.patch #556050 / #555532
|
||||
epatch "${FILESDIR}"/${P}-CVE-2015-5154-2.patch #556050 / #555532
|
||||
epatch "${FILESDIR}"/${P}-CVE-2015-5154-3.patch #556050 / #555532
|
||||
epatch "${FILESDIR}"/${P}-CVE-2015-5165-1.patch #556304
|
||||
epatch "${FILESDIR}"/${P}-CVE-2015-5165-2.patch #556304
|
||||
epatch "${FILESDIR}"/${P}-CVE-2015-5165-3.patch #556304
|
||||
epatch "${FILESDIR}"/${P}-CVE-2015-5165-4.patch #556304
|
||||
epatch "${FILESDIR}"/${P}-CVE-2015-5165-5.patch #556304
|
||||
epatch "${FILESDIR}"/${P}-CVE-2015-5165-6.patch #556304
|
||||
epatch "${FILESDIR}"/${P}-CVE-2015-5165-7.patch #556304
|
||||
epatch "${FILESDIR}"/${P}-CVE-2015-5166.patch #556304
|
||||
[[ -n ${BACKPORTS} ]] && \
|
||||
EPATCH_FORCE=yes EPATCH_SUFFIX="patch" EPATCH_SOURCE="${S}/patches" \
|
||||
epatch
|
||||
@ -296,14 +303,10 @@ qemu_src_configure() {
|
||||
debug-print-function ${FUNCNAME} "$@"
|
||||
|
||||
local buildtype=$1
|
||||
local builddir=$2
|
||||
local builddir="${S}/${buildtype}-build"
|
||||
local static_flag="static-${buildtype}"
|
||||
|
||||
# audio options
|
||||
local audio_opts="oss"
|
||||
use alsa && audio_opts="alsa,${audio_opts}"
|
||||
use sdl && audio_opts="sdl,${audio_opts}"
|
||||
use pulseaudio && audio_opts="pa,${audio_opts}"
|
||||
mkdir "${builddir}"
|
||||
|
||||
local conf_opts=(
|
||||
--prefix=/usr
|
||||
@ -361,9 +364,7 @@ qemu_src_configure() {
|
||||
$(conf_softmmu snappy)
|
||||
$(conf_softmmu spice)
|
||||
$(conf_softmmu ssh libssh2)
|
||||
$(conf_softmmu tls quorum)
|
||||
$(conf_softmmu tls vnc-tls)
|
||||
$(conf_softmmu tls vnc-ws)
|
||||
$(conf_softmmu usb libusb)
|
||||
$(conf_softmmu usbredir usb-redir)
|
||||
$(conf_softmmu uuid)
|
||||
@ -371,6 +372,7 @@ qemu_src_configure() {
|
||||
$(conf_softmmu vhost-net)
|
||||
$(conf_softmmu virtfs)
|
||||
$(conf_softmmu vnc)
|
||||
$(conf_softmmu vte)
|
||||
$(conf_softmmu xen)
|
||||
$(conf_softmmu xen xen-pci-passthrough)
|
||||
$(conf_softmmu xfs xfsctl)
|
||||
@ -381,23 +383,39 @@ qemu_src_configure() {
|
||||
conf_opts+=(
|
||||
--enable-linux-user
|
||||
--disable-system
|
||||
--target-list="${user_targets}"
|
||||
--disable-blobs
|
||||
--disable-tools
|
||||
)
|
||||
;;
|
||||
softmmu)
|
||||
# audio options
|
||||
local audio_opts="oss"
|
||||
use alsa && audio_opts="alsa,${audio_opts}"
|
||||
use sdl && audio_opts="sdl,${audio_opts}"
|
||||
use pulseaudio && audio_opts="pa,${audio_opts}"
|
||||
|
||||
conf_opts+=(
|
||||
--disable-linux-user
|
||||
--enable-system
|
||||
--target-list="${softmmu_targets}"
|
||||
--with-system-pixman
|
||||
--audio-drv-list="${audio_opts}"
|
||||
)
|
||||
use gtk && conf_opts+=( --with-gtkabi=$(usex gtk2 2.0 3.0) )
|
||||
use sdl && conf_opts+=( --with-sdlabi=$(usex sdl2 2.0 1.2) )
|
||||
;;
|
||||
tools)
|
||||
conf_opts+=(
|
||||
--disable-linux-user
|
||||
--disable-system
|
||||
--disable-blobs
|
||||
)
|
||||
static_flag="static"
|
||||
;;
|
||||
esac
|
||||
|
||||
local targets="${buildtype}_targets"
|
||||
[[ -n ${targets} ]] && conf_opts+=( --target-list="${!targets}" )
|
||||
|
||||
# Add support for SystemTAP
|
||||
use systemtap && conf_opts+=( --enable-trace-backend=dtrace )
|
||||
|
||||
@ -410,7 +428,7 @@ qemu_src_configure() {
|
||||
gcc-specs-pie && conf_opts+=( --enable-pie )
|
||||
fi
|
||||
|
||||
einfo "../configure ${conf_opts[*]}"
|
||||
echo "../configure ${conf_opts[*]}"
|
||||
cd "${builddir}"
|
||||
../configure "${conf_opts[@]}" || die "configure failed"
|
||||
|
||||
@ -442,21 +460,12 @@ src_configure() {
|
||||
fi
|
||||
done
|
||||
|
||||
[[ -n ${softmmu_targets} ]] && \
|
||||
einfo "Building the following softmmu targets: ${softmmu_targets}"
|
||||
softmmu_targets=${softmmu_targets#,}
|
||||
user_targets=${user_targets#,}
|
||||
|
||||
[[ -n ${user_targets} ]] && \
|
||||
einfo "Building the following user targets: ${user_targets}"
|
||||
|
||||
if [[ -n ${softmmu_targets} ]]; then
|
||||
mkdir "${S}/softmmu-build"
|
||||
qemu_src_configure "softmmu" "${S}/softmmu-build"
|
||||
fi
|
||||
|
||||
if [[ -n ${user_targets} ]]; then
|
||||
mkdir "${S}/user-build"
|
||||
qemu_src_configure "user" "${S}/user-build"
|
||||
fi
|
||||
[[ -n ${softmmu_targets} ]] && qemu_src_configure "softmmu"
|
||||
[[ -n ${user_targets} ]] && qemu_src_configure "user"
|
||||
[[ -z ${softmmu_targets}${user_targets} ]] && qemu_src_configure "tools"
|
||||
}
|
||||
|
||||
src_compile() {
|
||||
@ -469,6 +478,11 @@ src_compile() {
|
||||
cd "${S}/softmmu-build"
|
||||
default
|
||||
fi
|
||||
|
||||
if [[ -z ${softmmu_targets}${user_targets} ]]; then
|
||||
cd "${S}/tools-build"
|
||||
default
|
||||
fi
|
||||
}
|
||||
|
||||
src_test() {
|
||||
@ -514,6 +528,11 @@ src_install() {
|
||||
fi
|
||||
fi
|
||||
|
||||
if [[ -z ${softmmu_targets}${user_targets} ]]; then
|
||||
cd "${S}/tools-build"
|
||||
emake DESTDIR="${ED}" install
|
||||
fi
|
||||
|
||||
# Disable mprotect on the qemu binaries as they use JITs to be fast #459348
|
||||
pushd "${ED}"/usr/bin >/dev/null
|
||||
pax-mark m "${softmmu_bins[@]}" "${user_bins[@]}"
|
||||
@ -531,6 +550,7 @@ src_install() {
|
||||
newdoc pc-bios/README README.pc-bios
|
||||
dodoc docs/qmp/*.txt
|
||||
|
||||
if [[ -n ${softmmu_targets} ]]; then
|
||||
# Remove SeaBIOS since we're using the SeaBIOS packaged one
|
||||
rm "${ED}/usr/share/qemu/bios.bin"
|
||||
rm "${ED}/usr/share/qemu/bios-256k.bin"
|
||||
@ -544,7 +564,6 @@ src_install() {
|
||||
fi
|
||||
|
||||
# Remove vgabios since we're using the seabios packaged one
|
||||
if [[ -n ${softmmu_targets} ]]; then
|
||||
rm "${ED}/usr/share/qemu/vgabios-cirrus.bin"
|
||||
rm "${ED}/usr/share/qemu/vgabios-qxl.bin"
|
||||
rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
|
||||
@ -574,27 +593,13 @@ src_install() {
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
qemu_support_kvm && readme.gentoo_create_doc
|
||||
}
|
||||
|
||||
pkg_postinst() {
|
||||
if qemu_support_kvm; then
|
||||
readme.gentoo_print_elog
|
||||
ewarn "Migration from qemu-kvm instances and loading qemu-kvm created"
|
||||
ewarn "save states has been removed starting with the 1.6.2 release"
|
||||
ewarn
|
||||
ewarn "It is recommended that you migrate any VMs that may be running"
|
||||
ewarn "on qemu-kvm to a host with a newer qemu and regenerate"
|
||||
ewarn "any saved states with a newer qemu."
|
||||
ewarn
|
||||
ewarn "qemu-kvm was the primary qemu provider in Gentoo through 1.2.x"
|
||||
|
||||
if use x86 || use amd64; then
|
||||
ewarn
|
||||
ewarn "The /usr/bin/kvm and /usr/bin/qemu-kvm wrappers are no longer"
|
||||
ewarn "installed. In order to use kvm acceleration, pass the flag"
|
||||
ewarn "-enable-kvm when running your system target."
|
||||
fi
|
||||
fi
|
||||
|
||||
if [[ -n ${softmmu_targets} ]] && use kernel_linux; then
|
||||
@ -613,7 +618,7 @@ pkg_info() {
|
||||
echo " $(best_version app-emulation/spice-protocol)"
|
||||
echo " $(best_version sys-firmware/ipxe)"
|
||||
echo " $(best_version sys-firmware/seabios)"
|
||||
if has_version sys-firmware/seabios[binary]; then
|
||||
if has_version 'sys-firmware/seabios[binary]'; then
|
||||
echo " USE=binary"
|
||||
else
|
||||
echo " USE=''"
|
Loading…
Reference in New Issue
Block a user