diff options
Diffstat (limited to 'repo/qemu')
-rw-r--r-- | repo/qemu/0006-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch | 37 | ||||
-rw-r--r-- | repo/qemu/80-kvm.rules | 1 | ||||
-rw-r--r-- | repo/qemu/CVE-2021-20255.patch | 43 | ||||
-rw-r--r-- | repo/qemu/MAP_SYNC-fix.patch | 22 | ||||
-rw-r--r-- | repo/qemu/bridge.conf | 9 | ||||
-rw-r--r-- | repo/qemu/fix-sockios-header.patch | 13 | ||||
-rw-r--r-- | repo/qemu/guest-agent-shutdown.patch | 32 | ||||
-rw-r--r-- | repo/qemu/mips-softfloat.patch | 35 | ||||
-rw-r--r-- | repo/qemu/musl-initialise-msghdr.patch | 16 | ||||
-rw-r--r-- | repo/qemu/qemu-guest-agent.confd | 7 | ||||
-rw-r--r-- | repo/qemu/qemu-guest-agent.initd | 6 | ||||
-rw-r--r-- | repo/qemu/qemu.xibuild | 127 | ||||
-rw-r--r-- | repo/qemu/xattr_size_max.patch | 15 |
13 files changed, 363 insertions, 0 deletions
diff --git a/repo/qemu/0006-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch b/repo/qemu/0006-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch new file mode 100644 index 0000000..528b5d5 --- /dev/null +++ b/repo/qemu/0006-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch @@ -0,0 +1,37 @@ +From 8fbb4e6797ed67310b74cbaaa061269db45a5b71 Mon Sep 17 00:00:00 2001 +From: Natanael Copa <ncopa@alpinelinux.org> +Date: Tue, 29 Apr 2014 15:51:31 +0200 +Subject: [PATCH] linux-user/signal.c: define __SIGRTMIN/MAX for non-GNU + platforms + +The __SIGRTMIN and __SIGRTMAX are glibc internals and are not available +on all platforms, so we define those if they are missing. + +This is needed for musl libc. + +Signed-off-by: Natanael Copa <ncopa@alpinelinux.org> +--- + linux-user/signal.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/linux-user/signal.c b/linux-user/signal.c +index 5ca6d62b15..e917c16d91 100644 +--- a/linux-user/signal.c ++++ b/linux-user/signal.c +@@ -25,6 +25,13 @@ + #include "trace.h" + #include "signal-common.h" + ++#ifndef __SIGRTMIN ++#define __SIGRTMIN 32 ++#endif ++#ifndef __SIGRTMAX ++#define __SIGRTMAX (NSIG-1) ++#endif ++ + static struct target_sigaction sigact_table[TARGET_NSIG]; + + static void host_signal_handler(int host_signum, siginfo_t *info, +-- +2.23.0 + diff --git a/repo/qemu/80-kvm.rules b/repo/qemu/80-kvm.rules new file mode 100644 index 0000000..e61b48f --- /dev/null +++ b/repo/qemu/80-kvm.rules @@ -0,0 +1 @@ +KERNEL=="kvm", GROUP="kvm", MODE="0666" diff --git a/repo/qemu/CVE-2021-20255.patch b/repo/qemu/CVE-2021-20255.patch new file mode 100644 index 0000000..970c00c --- /dev/null +++ b/repo/qemu/CVE-2021-20255.patch @@ -0,0 +1,43 @@ +CVE-2021-20255 patch adapted from QEMU patch by Stefan Weil + +Link: https://bugzilla.redhat.com/show_bug.cgi?id=1930646 + +Signed-off-by: Neha Agarwal <nehaagarwal@microsoft.com> +--- +diff --git a/hw/net/eepro100.c b/hw/net/eepro100.c +index 16e95ef9cc..2474cf3dc2 100644 +--- a/hw/net/eepro100.c ++++ b/hw/net/eepro100.c +@@ -279,6 +279,9 @@ typedef struct { + /* Quasi static device properties (no need to save them). */ + uint16_t stats_size; + bool has_extended_tcb_support; ++ ++ /* Flag to avoid recursions. */ ++ bool busy; + } EEPRO100State; + + /* Word indices in EEPROM. */ +@@ -837,6 +840,14 @@ static void action_command(EEPRO100State *s) + Therefore we limit the number of iterations. */ + unsigned max_loop_count = 16; + ++ if (s->busy) { ++ /* Prevent recursions. */ ++ logout("recursion in %s:%u\n", __FILE__, __LINE__); ++ return; ++ } ++ ++ s->busy = true; ++ + for (;;) { + bool bit_el; + bool bit_s; +@@ -933,6 +944,7 @@ static void action_command(EEPRO100State *s) + } + TRACE(OTHER, logout("CU list empty\n")); + /* List is empty. Now CU is idle or suspended. */ ++ s->busy = false; + } + + static void eepro100_cu_command(EEPRO100State * s, uint8_t val) diff --git a/repo/qemu/MAP_SYNC-fix.patch b/repo/qemu/MAP_SYNC-fix.patch new file mode 100644 index 0000000..e13609d --- /dev/null +++ b/repo/qemu/MAP_SYNC-fix.patch @@ -0,0 +1,22 @@ +diff --git a/util/mmap-alloc.c b/util/mmap-alloc.c +index f7f177d..7598960 100644 +--- a/util/mmap-alloc.c ++++ b/util/mmap-alloc.c +@@ -10,14 +10,16 @@ + * later. See the COPYING file in the top-level directory. + */ + ++#include "qemu/osdep.h" ++ + #ifdef CONFIG_LINUX + #include <linux/mman.h> ++#include <asm-generic/mman.h> /* for ppc64le */ + #else /* !CONFIG_LINUX */ + #define MAP_SYNC 0x0 + #define MAP_SHARED_VALIDATE 0x0 + #endif /* CONFIG_LINUX */ + +-#include "qemu/osdep.h" + #include "qemu/mmap-alloc.h" + #include "qemu/host-utils.h" + diff --git a/repo/qemu/bridge.conf b/repo/qemu/bridge.conf new file mode 100644 index 0000000..27c31c3 --- /dev/null +++ b/repo/qemu/bridge.conf @@ -0,0 +1,9 @@ +# This should have the following permissions: root:qemu 0640 + +# Allow users in the "qemu" group to add devices to "br0". +#allow br0 + +# Uncomment the following line to allow users in the "bob" +# group to have permissions defined in it, iff it has the +# following permissions: root:bob 0640 +#include /etc/qemu/bob.conf diff --git a/repo/qemu/fix-sockios-header.patch b/repo/qemu/fix-sockios-header.patch new file mode 100644 index 0000000..1f3cd76 --- /dev/null +++ b/repo/qemu/fix-sockios-header.patch @@ -0,0 +1,13 @@ +diff --git a/linux-user/syscall.c b/linux-user/syscall.c +index 43d0562..afa0ac4 100644 +--- a/linux-user/syscall.c ++++ b/linux-user/syscall.c +@@ -59,6 +59,7 @@ int __clone2(int (*fn)(void *), void *child_stack_base, + #include <linux/icmp.h> + #include <linux/icmpv6.h> + #include <linux/errqueue.h> ++#include <linux/sockios.h> + #include <linux/random.h> + #include "qemu-common.h" + #ifdef CONFIG_TIMERFD + #include <sys/timerfd.h> diff --git a/repo/qemu/guest-agent-shutdown.patch b/repo/qemu/guest-agent-shutdown.patch new file mode 100644 index 0000000..ddf3fdf --- /dev/null +++ b/repo/qemu/guest-agent-shutdown.patch @@ -0,0 +1,32 @@ +--- a/qga/commands-posix.c 2021-04-30 14:07:31.202337082 +0000 ++++ b/qga/commands-posix.c 2021-04-30 14:10:05.253272361 +0000 +@@ -84,6 +84,7 @@ static void ga_wait_child(pid_t pid, int + void qmp_guest_shutdown(bool has_mode, const char *mode, Error **errp) + { + const char *shutdown_flag; ++ const char *fallback_cmd = NULL; + Error *local_err = NULL; + pid_t pid; + int status; +@@ -91,10 +92,13 @@ void qmp_guest_shutdown(bool has_mode, c + slog("guest-shutdown called, mode: %s", mode); + if (!has_mode || strcmp(mode, "powerdown") == 0) { + shutdown_flag = "-P"; ++ fallback_cmd = "/sbin/poweroff"; + } else if (strcmp(mode, "halt") == 0) { + shutdown_flag = "-H"; ++ fallback_cmd = "/sbin/halt"; + } else if (strcmp(mode, "reboot") == 0) { + shutdown_flag = "-r"; ++ fallback_cmd = "/sbin/reboot"; + } else { + error_setg(errp, + "mode is invalid (valid values are: halt|powerdown|reboot"); +@@ -111,6 +115,7 @@ void qmp_guest_shutdown(bool has_mode, c + + execle("/sbin/shutdown", "shutdown", "-h", shutdown_flag, "+0", + "hypervisor initiated shutdown", (char *)NULL, environ); ++ execle(fallback_cmd, fallback_cmd, (char*)NULL, environ); + _exit(EXIT_FAILURE); + } else if (pid < 0) { + error_setg_errno(errp, errno, "failed to create child process"); diff --git a/repo/qemu/mips-softfloat.patch b/repo/qemu/mips-softfloat.patch new file mode 100644 index 0000000..28c264a --- /dev/null +++ b/repo/qemu/mips-softfloat.patch @@ -0,0 +1,35 @@ +This patch is needed due to our mips64 build uses softfloat. Qemu will not +build without this patch. + +diff --git a/tests/fp/fp-bench.c b/tests/fp/fp-bench.c +index 4ba5e1d..313256c 100644 +--- a/tests/fp/fp-bench.c ++++ b/tests/fp/fp-bench.c +@@ -479,6 +479,7 @@ static void QEMU_NORETURN die_host_rounding(enum rounding rounding) + exit(EXIT_FAILURE); + } + ++#ifndef __mips_soft_float + static void set_host_precision(enum rounding rounding) + { + int rhost; +@@ -507,6 +508,7 @@ static void set_host_precision(enum rounding rounding) + die_host_rounding(rounding); + } + } ++#endif + + static void set_soft_precision(enum rounding rounding) + { +@@ -596,9 +598,11 @@ static void parse_args(int argc, char *argv[]) + + /* set precision and rounding mode based on the tester */ + switch (tester) { ++#ifndef __mips_soft_float + case TESTER_HOST: + set_host_precision(rounding); + break; ++#endif + case TESTER_SOFT: + set_soft_precision(rounding); + switch (precision) { diff --git a/repo/qemu/musl-initialise-msghdr.patch b/repo/qemu/musl-initialise-msghdr.patch new file mode 100644 index 0000000..17b441c --- /dev/null +++ b/repo/qemu/musl-initialise-msghdr.patch @@ -0,0 +1,16 @@ +Patch-Source: https://github.com/void-linux/void-packages/blob/master/srcpkgs/qemu/patches/musl-initialize-msghdr.patch +Ref: https://github.com/void-linux/void-packages/issues/23557 + +diff --git linux-user/syscall.c linux-user/syscall.c +index 945fc25..8d8b68a 100644 +--- a/linux-user/syscall.c ++++ b/linux-user/syscall.c +@@ -3071,7 +3071,7 @@ static abi_long do_sendrecvmsg_locked(int fd, struct target_msghdr *msgp, + int flags, int send) + { + abi_long ret, len; +- struct msghdr msg; ++ struct msghdr msg = {0}; + abi_ulong count; + struct iovec *vec; + abi_ulong target_vec; diff --git a/repo/qemu/qemu-guest-agent.confd b/repo/qemu/qemu-guest-agent.confd new file mode 100644 index 0000000..228c032 --- /dev/null +++ b/repo/qemu/qemu-guest-agent.confd @@ -0,0 +1,7 @@ +# Specifies the transport method used to communicate to QEMU on the host side +# Default: virtio-serial +#GA_METHOD="virtio-serial" + +# Specifies the device path for the communications back to QEMU on the host +# Default: /dev/virtio-ports/org.qemu.guest_agent.0 +#GA_PATH="/dev/virtio-ports/org.qemu.guest_agent.0" diff --git a/repo/qemu/qemu-guest-agent.initd b/repo/qemu/qemu-guest-agent.initd new file mode 100644 index 0000000..aaf7de3 --- /dev/null +++ b/repo/qemu/qemu-guest-agent.initd @@ -0,0 +1,6 @@ +#!/sbin/openrc-run + +name="QEMU Guest Agent" +pidfile="/run/qemu-ga.pid" +command="/usr/bin/qemu-ga" +command_args="-m ${GA_METHOD:-virtio-serial} -p ${GA_PATH:-/dev/virtio-ports/org.qemu.guest_agent.0} -l /var/log/qemu-ga.log -d" diff --git a/repo/qemu/qemu.xibuild b/repo/qemu/qemu.xibuild new file mode 100644 index 0000000..4f9327b --- /dev/null +++ b/repo/qemu/qemu.xibuild @@ -0,0 +1,127 @@ +#!/bin/sh + +NAME="qemu" +DESC="QEMU is a generic machine emulator and virtualizer" + +MAKEDEPS=" meson bash alsa-lib bison curl flex glib glib gnutls gtk3 libaio libcap libcap-ng libjpeg-turbo libnfs libpng libseccomp libssh2 liburing libusb libxml2 linux-headers lzo ncurses numactl perl pulseaudio python python-sphinx sdl2 snappy spice texinfo usbredir util-linux vde2 virglrenderer vte3 xfsprogs zlib zlib zstd zstd ceph" + +PKG_VER=7.0.0 +SOURCE="https://wiki.qemu-project.org/download/qemu-$PKG_VER.tar.xz" + +ADDITIONAL=" +0006-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch +80-kvm.rules +CVE-2021-20255.patch +MAP_SYNC-fix.patch +bridge.conf +fix-sockios-header.patch +guest-agent-shutdown.patch +mips-softfloat.patch +musl-initialise-msghdr.patch +qemu-guest-agent.confd +qemu-guest-agent.initd +qemu.post-install +qemu.pre-install +qemu.pre-upgrade +xattr_size_max.patch +" + +prepare () { + apply_patches +} + +compile_common() { + CFLAGS="$CFLAGS -O2" "$BUILD_ROOT"/configure \ + --prefix=/usr \ + --localstatedir=/var \ + --sysconfdir=/etc \ + --libexecdir=/usr/lib/qemu \ + --python=/usr/bin/python \ + --disable-glusterfs \ + --disable-debug-info \ + --disable-bsd-user \ + --disable-werror \ + --disable-xen \ + --enable-kvm \ + --enable-seccomp \ + --cc="${CC:-gcc}" \ + "$@" + make ARFLAGS="rc" +} + +build() { + mkdir -p "$BUILD_ROOT"/build + cd "$BUILD_ROOT"/build + CFLAGS="$CFLAGS -O2" "$BUILD_ROOT"/configure \ + --prefix=/usr \ + --localstatedir=/var \ + --sysconfdir=/etc \ + --libexecdir=/usr/lib/qemu \ + --python=/usr/bin/python \ + --disable-glusterfs \ + --disable-debug-info \ + --disable-bsd-user \ + --disable-werror \ + --disable-xen \ + --enable-kvm \ + --enable-seccomp \ + --cc="${CC:-gcc}" \ + --disable-linux-user \ + --audio-drv-list=oss,alsa,sdl,pa \ + --enable-cap-ng \ + --enable-curl \ + --enable-curses \ + --enable-docs \ + --enable-gtk \ + --enable-guest-agent \ + --enable-libnfs \ + --enable-libssh \ + --enable-linux-aio \ + --enable-lzo \ + --enable-modules \ + --enable-numa \ + --enable-pie \ + --enable-sdl \ + --enable-snappy \ + --enable-spice \ + --enable-tpm \ + --enable-usb-redir \ + --enable-vde \ + --enable-vhost-net \ + --enable-virglrenderer \ + --enable-virtfs \ + --enable-vnc \ + --enable-vnc-jpeg \ + --enable-vnc-png \ + --enable-zstd \ + --enable-rbd \ + --tls-priority=@QEMU,SYSTEM + make ARFLAGS="rc" +} + +package() { + cd "$BUILD_ROOT"/build + make DESTDIR="$PKG_DEST" install + + install -Dm640 -g qemu "$BUILD_ROOT"/bridge.conf \ + "$PKG_DEST"/etc/qemu/bridge.conf + + install -Dm644 "$BUILD_ROOT"/80-kvm.rules \ + "$PKG_DEST"/lib/udev/rules.d/80-kvm.rules + + # qemu-bridge-helper needs suid to create tunX devices; + # allow only users in the qemu group to run it. + chmod 04710 "$PKG_DEST"/usr/lib/qemu/qemu-bridge-helper + chgrp qemu "$PKG_DEST"/usr/lib/qemu/qemu-bridge-helper + + # Do not install HTML docs. + rm -rf "$PKG_DEST"/usr/share/doc + # remove accel-qtest-* modules, not needed for package + rm -f "$PKG_DEST"/usr/lib/qemu/accel-qtest-* +} + +postinstall () { + addgroup -S -g 34 kvm 2>/dev/null || true + addgroup -S -g 36 qemu 2>/dev/null || true + adduser -S -H -h /dev/null -u 36 -G kvm -s /sbin/nologin qemu 2>/dev/null || true +} diff --git a/repo/qemu/xattr_size_max.patch b/repo/qemu/xattr_size_max.patch new file mode 100644 index 0000000..1a33cbf --- /dev/null +++ b/repo/qemu/xattr_size_max.patch @@ -0,0 +1,15 @@ +diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c +index faebd91..a0f15b6 100644 +--- a/hw/9pfs/9p.c ++++ b/hw/9pfs/9p.c +@@ -25,6 +25,10 @@ + #include "trace.h" + #include "migration/migration.h" + ++#ifdef __linux__ ++#include <linux/limits.h> /* for XATTR_SIZE_MAX */ ++#endif ++ + int open_fd_hw; + int total_open_fd; + static int open_fd_rc; |