Hello community,
here is the log from the commit of package qemu for openSUSE:Factory checked in at 2016-06-09 16:00:24
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/qemu (Old)
and /work/SRC/openSUSE:Factory/.qemu.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "qemu"
Changes:
--------
--- /work/SRC/openSUSE:Factory/qemu/qemu-linux-user.changes 2015-12-18 21:52:03.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.qemu.new/qemu-linux-user.changes 2016-06-09 16:02:48.000000000 +0200
@@ -1,0 +2,88 @@
+Thu May 26 16:23:33 UTC 2016 - brogers@suse.com
+
+- Address various security/stability issues
+* Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6
+* Fix OOB access in MIPSnet emulated controller CVE-2016-4002 (bsc#975136)
+ 0042-net-mipsnet-check-packet-length-aga.patch
+* Fix possible host data leakage to guest from TPR access
+ CVE-2016-4020 (bsc#975700)
+ 0043-i386-kvmvapic-initialise-imm32-vari.patch
+* Avoid OOB access in 53C9X emulation CVE-2016-4439 (bsc#980711)
+ 0044-esp-check-command-buffer-length-bef.patch
+* Avoid OOB access in 53C9X emulation CVE-2016-4441 (bsc#980723)
+ 0045-esp-check-dma-length-before-reading.patch
+* Avoid OOB access in Vmware PV SCSI emulation CVE-2016-4952 (bsc#981266)
+ 0046-scsi-pvscsi-check-command-descripto.patch
+* Avoid potential DoS in LSI SAS1068 emulation CVE-2016-4964 (bsc#981399)
+ 0047-scsi-mptsas-infinite-loop-while-fet.patch
+* Fix regression in vga behavior - introduced in v2.6.0 CVE-2016-3712 (bsc#978160)
+ 0048-vga-add-sr_vbe-register-set.patch
+
+-------------------------------------------------------------------
+Wed May 25 21:42:12 UTC 2016 - brogers@suse.com
+
+- Update to v2.6.0: See http://wiki.qemu-project.org/ChangeLog/2.6
+
+-------------------------------------------------------------------
+Thu Apr 28 15:21:54 UTC 2016 - afaerber@suse.de
+
+- Bump copyright in qemu-linux-user.spec.in
+
+-------------------------------------------------------------------
+Fri Apr 22 16:37:37 UTC 2016 - afaerber@suse.de
+
+- Update to v2.6.0-rc3: See http://wiki.qemu-project.org/ChangeLog/2.6
+* Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6
+* Patches dropped:
+ 0041-tests-Use-correct-config-param-for-.patch
+* Patches renamed:
+ 0042-build-link-with-libatomic-on-powerp.patch -> 0041-build-link-with-libatomic-on-powerp.patch
+
+-------------------------------------------------------------------
+Fri Apr 1 11:13:07 UTC 2016 - olaf@aepfle.de
+
+- Update to v2.6.0-rc0: See http://wiki.qemu-project.org/ChangeLog/2.6
+* Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6
+* Accept every size in DISCARD request from a guest (bsc#964427)
+ 0039-block-split-large-discard-requests-.patch
+* Recognize libxl flag to disable flush in block device (bsc#879425)
+ 0040-xen_disk-Add-suse-specific-flush-di.patch
+* Use correct flag for crypto tests
+ 0041-tests-Use-correct-config-param-for-.patch
+* Fix build on powerpc:
+ 0042-build-link-with-libatomic-on-powerp.patch
+* Patches dropped (upstreamed):
+ seabios_checkrom_typo.patch
+ seabios_avoid_smbios_signature_string.patch
+
+-------------------------------------------------------------------
+Fri Jan 8 14:54:26 UTC 2016 - afaerber@suse.de
+
+- Update to v2.5.0: See http://wiki.qemu-project.org/ChangeLog/2.5
+* Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.5
+* Patches dropped:
+ 0039-tests-Fix-check-report-qtest-target.patch
+
+-------------------------------------------------------------------
+Sun Nov 22 18:05:25 UTC 2015 - afaerber@suse.de
+
+- Update to v2.5.0-rc1: See http://wiki.qemu-project.org/ChangeLog/2.5
+* Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.5
+* Patch renamed:
+ 0037-Revert-Revert-seccomp-tests-that-al.patch -> 0037-configure-Enable-libseccomp-for-ppc.patch
+
+-------------------------------------------------------------------
+Thu Nov 19 17:23:34 UTC 2015 - afaerber@suse.de
+
+- Update to v2.5.0-rc0: See http://wiki.qemu-project.org/ChangeLog/2.5
+* Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.5
+* Patches dropped (upstream):
+ 0038-tcg-aarch64-Fix-tcg_out_qemu_-ld-st.patch
+ 0039-tests-Unique-test-path-for-string-v.patch
+* Patch renamed:
+ 0040-dictzip-Fix-on-big-endian-systems.patch -> 0038-dictzip-Fix-on-big-endian-systems.patch
+* Package qemu-tilegx
+* Patches added:
+ 0039-tests-Fix-check-report-qtest-target.patch
+
+-------------------------------------------------------------------
--- /work/SRC/openSUSE:Factory/qemu/qemu-testsuite.changes 2016-01-12 16:11:02.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.qemu.new/qemu-testsuite.changes 2016-06-09 16:02:55.000000000 +0200
@@ -1,0 +2,131 @@
+Fri Jun 3 17:29:41 UTC 2016 - brogers@suse.com
+
+- Adjust to parallel changes in virglrenderer packages - no longer
+ "BuildRequires" virglrenderer directly, just the devel package.
+
+-------------------------------------------------------------------
+Wed Jun 1 17:14:40 UTC 2016 - brogers@suse.com
+
+- Fix build compatibility with gcc6 wrt ipxe rom where compiler
+ warnings are treated as errors.
+ ipxe-ath9k-Fix-buffer-overrun-for-ar9287.patch
+ ipxe-mucurses-Fix-GCC-6-nonnull-compare-errors.patch
+ ipxe-sis190-Fix-building-with-GCC-6.patch
+ ipxe-skge-Fix-building-with-GCC-6.patch
+ ipxe-ath-Fix-building-with-GCC-6.patch
+ ipxe-legacy-Fix-building-with-GCC-6.patch
+- Fix ipxe build script which fails under perl v5.24
+ ipxe-util-v5.24-perl-errors-on-redeclare.patch
+- Specify build time disk space requirements for ppc64 and ppc64le
+
+-------------------------------------------------------------------
+Wed Jun 1 14:31:51 UTC 2016 - agraf@suse.com
+
+- Add sysctl script and %post on s390x to allow kvm usage (bsc#975331)
+
+-------------------------------------------------------------------
+Thu May 26 16:23:33 UTC 2016 - brogers@suse.com
+
+- Address various security/stability issues
+* Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6
+* Fix OOB access in MIPSnet emulated controller CVE-2016-4002 (bsc#975136)
+ 0042-net-mipsnet-check-packet-length-aga.patch
+* Fix possible host data leakage to guest from TPR access
+ CVE-2016-4020 (bsc#975700)
+ 0043-i386-kvmvapic-initialise-imm32-vari.patch
+* Avoid OOB access in 53C9X emulation CVE-2016-4439 (bsc#980711)
+ 0044-esp-check-command-buffer-length-bef.patch
+* Avoid OOB access in 53C9X emulation CVE-2016-4441 (bsc#980723)
+ 0045-esp-check-dma-length-before-reading.patch
+* Avoid OOB access in Vmware PV SCSI emulation CVE-2016-4952 (bsc#981266)
+ 0046-scsi-pvscsi-check-command-descripto.patch
+* Avoid potential DoS in LSI SAS1068 emulation CVE-2016-4964 (bsc#981399)
+ 0047-scsi-mptsas-infinite-loop-while-fet.patch
+* Fix regression in vga behavior - introduced in v2.6.0 CVE-2016-3712 (bsc#978160)
+ 0048-vga-add-sr_vbe-register-set.patch
+
+-------------------------------------------------------------------
+Wed May 25 21:42:12 UTC 2016 - brogers@suse.com
+
+- Update to v2.6.0: See http://wiki.qemu-project.org/ChangeLog/2.6
+- Enable SDL2, virglrenderer (for use with virtio-gpu), xfsctl, and
+ tracing using default log backend
+- Build efi pxe roms on x86_64
+
+-------------------------------------------------------------------
+Thu Apr 28 16:37:10 UTC 2016 - afaerber@suse.de
+
+- Check modules for conflicting release versions
+- Suggest recently added block modules
+
+-------------------------------------------------------------------
+Thu Apr 28 15:12:18 UTC 2016 - afaerber@suse.de
+
+- Bump copyright in qemu.spec.in
+- Enable libiscsi for Factory
+- Enable seccomp for ppc64le as well
+
+-------------------------------------------------------------------
+Fri Apr 22 16:37:33 UTC 2016 - afaerber@suse.de
+
+- Update to v2.6.0-rc3: See http://wiki.qemu-project.org/ChangeLog/2.6
+* Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6
+* Patches dropped (upstreamed):
+ 0041-tests-Use-correct-config-param-for-.patch
+* Patches renamed:
+ 0042-build-link-with-libatomic-on-powerp.patch -> 0041-build-link-with-libatomic-on-powerp.patch
+
+-------------------------------------------------------------------
+Wed Apr 20 16:38:00 UTC 2016 - afaerber@suse.de
+
+- Partially revert the last change's cleanup
+- Indicate SUSE version
+
+-------------------------------------------------------------------
+Fri Apr 1 11:13:07 UTC 2016 - olaf@aepfle.de
+
+- Update to v2.6.0-rc0: See http://wiki.qemu-project.org/ChangeLog/2.6
+* Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6
+* Accept every size in DISCARD request from a guest (bsc#964427)
+ 0039-block-split-large-discard-requests-.patch
+* Recognize libxl flag to disable flush in block device (bsc#879425)
+ 0040-xen_disk-Add-suse-specific-flush-di.patch
+* Use correct flag for crypto tests
+ 0041-tests-Use-correct-config-param-for-.patch
+* Fix build on powerpc:
+ 0042-build-link-with-libatomic-on-powerp.patch
+* Patches dropped (upstreamed):
+ seabios_checkrom_typo.patch
+ seabios_avoid_smbios_signature_string.patch
+
+-------------------------------------------------------------------
+Tue Feb 9 17:08:21 UTC 2016 - afaerber@suse.de
+
+- Disable vte for Leap, fixing build
+
+-------------------------------------------------------------------
+Wed Jan 27 15:10:02 UTC 2016 - afaerber@suse.de
+
+- Don't drop u-boot.e500 yet - breaks testsuite
+
+-------------------------------------------------------------------
+Thu Jan 21 18:02:04 UTC 2016 - afaerber@suse.de
+
+- Re-enable libcacard support
+- Clean up configured features
+
+-------------------------------------------------------------------
+Thu Jan 21 16:07:16 UTC 2016 - afaerber@suse.de
+
+- Clean up qemu-tools libcacard Provides/Obsoletes - separate again
+- Drop u-boot.e500 - being packaged as u-boot-ppce500
+
+-------------------------------------------------------------------
+Fri Jan 8 14:54:22 UTC 2016 - afaerber@suse.de
+
+- Update to v2.5.0: See http://wiki.qemu-project.org/ChangeLog/2.5
+* Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.5
+* Patches dropped (upstreamed):
+ 0039-tests-Fix-check-report-qtest-target.patch
+
+-------------------------------------------------------------------
@@ -11,0 +143,10 @@
+Sun Nov 22 21:48:21 UTC 2015 - afaerber@suse.de
+
+- Update to v2.5.0-rc1: See http://wiki.qemu-project.org/ChangeLog/2.5
+* Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.5
+* Rebase libseccomp enablement:
+ 0037-Revert-Revert-seccomp-tests-that-al.patch -> 0037-configure-Enable-libseccomp-for-ppc.patch
+* Provide qemu-ga and qemu-ipxe for qemu-testsuite
+- Clean up qemu-ksm recommendation
+
+-------------------------------------------------------------------
@@ -14,0 +156,22 @@
+
+-------------------------------------------------------------------
+Thu Nov 19 17:23:29 UTC 2015 - afaerber@suse.de
+
+- Update to v2.5.0-rc0: See http://wiki.qemu-project.org/ChangeLog/2.5
+* Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.5
+* Patches dropped (upstream):
+ 0038-tcg-aarch64-Fix-tcg_out_qemu_-ld-st.patch
+ 0039-tests-Unique-test-path-for-string-v.patch
+ gcc5-ipxe-add-missing-const-qualifiers.patch
+ gcc5-ipxe-ath9k-Remove-confusing-logic-inversion-in-an-ANI-var.patch
+ SLOF_ppc64le.patch
+* Patch renamed:
+ 0040-dictzip-Fix-on-big-endian-systems.patch -> 0038-dictzip-Fix-on-big-endian-systems.patch
+* --enable-smartcard-nss -> --enable-smartcard
+ Needs an external libcacard, so drop it for now.
+* Drop --enable-vnc-tls
+* Require xz-devel for ipxe build
+* Package qemu-ga(8) man page
+* Package ivshmem-{client,server}
+* Patches added:
+ 0039-tests-Fix-check-report-qtest-target.patch
qemu.changes: same change
Old:
----
0037-Revert-Revert-seccomp-tests-that-al.patch
0038-tcg-aarch64-Fix-tcg_out_qemu_-ld-st.patch
0039-tests-Unique-test-path-for-string-v.patch
0040-dictzip-Fix-on-big-endian-systems.patch
SLOF_ppc64le.patch
gcc5-ipxe-add-missing-const-qualifiers.patch
gcc5-ipxe-ath9k-Remove-confusing-logic-inversion-in-an-ANI-var.patch
libcacard.changes
libcacard.spec
libcacard.spec.in
qemu-2.4.0.tar.bz2
qemu-2.4.0.tar.bz2.sig
seabios_avoid_smbios_signature_string.patch
seabios_checkrom_typo.patch
New:
----
0037-configure-Enable-libseccomp-for-ppc.patch
0038-dictzip-Fix-on-big-endian-systems.patch
0039-block-split-large-discard-requests-.patch
0040-xen_disk-Add-suse-specific-flush-di.patch
0041-build-link-with-libatomic-on-powerp.patch
0042-net-mipsnet-check-packet-length-aga.patch
0043-i386-kvmvapic-initialise-imm32-vari.patch
0044-esp-check-command-buffer-length-bef.patch
0045-esp-check-dma-length-before-reading.patch
0046-scsi-pvscsi-check-command-descripto.patch
0047-scsi-mptsas-infinite-loop-while-fet.patch
0048-vga-add-sr_vbe-register-set.patch
ipxe-ath-Fix-building-with-GCC-6.patch
ipxe-ath9k-Fix-buffer-overrun-for-ar9287.patch
ipxe-legacy-Fix-building-with-GCC-6.patch
ipxe-mucurses-Fix-GCC-6-nonnull-compare-errors.patch
ipxe-sis190-Fix-building-with-GCC-6.patch
ipxe-skge-Fix-building-with-GCC-6.patch
ipxe-util-v5.24-perl-errors-on-redeclare.patch
qemu-2.6.0.tar.bz2
qemu-2.6.0.tar.bz2.sig
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ qemu-linux-user.spec ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,7 +1,7 @@
#
# spec file for package qemu-linux-user
#
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -21,9 +21,9 @@
Summary: Universal CPU emulator
License: BSD-3-Clause and GPL-2.0 and GPL-2.0+ and LGPL-2.1+ and MIT
Group: System/Emulators/PC
-Version: 2.4.0
+Version: 2.6.0
Release: 0
-Source: http://wiki.qemu.org/download/qemu-2.4.0.tar.bz2
+Source: http://wiki.qemu.org/download/qemu-2.6.0.tar.bz2
# This patch queue is auto-generated from https://github.com/openSUSE/qemu
Patch0001: 0001-XXX-dont-dump-core-on-sigabort.patch
Patch0002: 0002-XXX-work-around-SA_RESTART-race-wit.patch
@@ -61,10 +61,18 @@
Patch0034: 0034-configure-Enable-PIE-for-ppc-and-pp.patch
Patch0035: 0035-qtest-Increase-socket-timeout.patch
Patch0036: 0036-AIO-Reduce-number-of-threads-for-32.patch
-Patch0037: 0037-Revert-Revert-seccomp-tests-that-al.patch
-Patch0038: 0038-tcg-aarch64-Fix-tcg_out_qemu_-ld-st.patch
-Patch0039: 0039-tests-Unique-test-path-for-string-v.patch
-Patch0040: 0040-dictzip-Fix-on-big-endian-systems.patch
+Patch0037: 0037-configure-Enable-libseccomp-for-ppc.patch
+Patch0038: 0038-dictzip-Fix-on-big-endian-systems.patch
+Patch0039: 0039-block-split-large-discard-requests-.patch
+Patch0040: 0040-xen_disk-Add-suse-specific-flush-di.patch
+Patch0041: 0041-build-link-with-libatomic-on-powerp.patch
+Patch0042: 0042-net-mipsnet-check-packet-length-aga.patch
+Patch0043: 0043-i386-kvmvapic-initialise-imm32-vari.patch
+Patch0044: 0044-esp-check-command-buffer-length-bef.patch
+Patch0045: 0045-esp-check-dma-length-before-reading.patch
+Patch0046: 0046-scsi-pvscsi-check-command-descripto.patch
+Patch0047: 0047-scsi-mptsas-infinite-loop-while-fet.patch
+Patch0048: 0048-vga-add-sr_vbe-register-set.patch
# Please do not add patches manually here, run update_git.sh.
# this is to make lint happy
Source300: qemu-rpmlintrc
@@ -117,7 +125,7 @@
run cross-architecture builds.
%prep
-%setup -q -n qemu-2.4.0
+%setup -q -n qemu-2.6.0
%patch0001 -p1
%patch0002 -p1
%patch0003 -p1
@@ -158,6 +166,14 @@
%patch0038 -p1
%patch0039 -p1
%patch0040 -p1
+%patch0041 -p1
+%patch0042 -p1
+%patch0043 -p1
+%patch0044 -p1
+%patch0045 -p1
+%patch0046 -p1
+%patch0047 -p1
+%patch0048 -p1
%build
./configure --prefix=%_prefix --sysconfdir=%_sysconfdir \
@@ -261,6 +277,7 @@
%_bindir/qemu-sparc32plus
%_bindir/qemu-sparc64
%_bindir/qemu-sparc
+%_bindir/qemu-tilegx
%_bindir/qemu-unicore32
%_bindir/qemu-x86_64
%_bindir/qemu-*-binfmt
++++++ qemu-testsuite.spec ++++++
++++ 603 lines (skipped)
++++ between /work/SRC/openSUSE:Factory/qemu/qemu-testsuite.spec
++++ and /work/SRC/openSUSE:Factory/.qemu.new/qemu-testsuite.spec
qemu.spec: same change
++++++ 0001-XXX-dont-dump-core-on-sigabort.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From 1e556e72ef1334533b0a6ed652c7b00b0382949a Mon Sep 17 00:00:00 2001
+From d1591b68524b12fa4c9cb7d2fd6fcdf021137ede Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Mon, 21 Nov 2011 23:50:36 +0100
Subject: [PATCH] XXX dont dump core on sigabort
@@ -8,11 +8,11 @@
1 file changed, 6 insertions(+)
diff --git a/linux-user/signal.c b/linux-user/signal.c
-index 9d4cef4..42c5681 100644
+index 96e86c0..d422aeb 100644
--- a/linux-user/signal.c
+++ b/linux-user/signal.c
-@@ -448,6 +448,10 @@ static void QEMU_NORETURN force_sig(int target_sig)
- host_sig = target_to_host_signal(target_sig);
+@@ -443,6 +443,10 @@ static void QEMU_NORETURN force_sig(int target_sig)
+ trace_user_force_sig(env, target_sig, host_sig);
gdb_signalled(env, target_sig);
+ if (target_sig == 6) {
@@ -22,7 +22,7 @@
/* dump core if supported by target binary format */
if (core_dump_signal(target_sig) && (ts->bprm->core_dump != NULL)) {
stop_all_tasks();
-@@ -465,6 +469,8 @@ static void QEMU_NORETURN force_sig(int target_sig)
+@@ -460,6 +464,8 @@ static void QEMU_NORETURN force_sig(int target_sig)
target_sig, strsignal(host_sig), "core dumped" );
}
++++++ 0002-XXX-work-around-SA_RESTART-race-wit.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From 5a7aa97bf33ef868052ee97fb8078af791859a5c Mon Sep 17 00:00:00 2001
+From 44e9a6c05ea73441354e54b0029cdf0e835ed735 Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Thu, 1 Dec 2011 19:00:01 +0100
Subject: [PATCH] XXX work around SA_RESTART race with boehm-gc (ARM only)
@@ -13,10 +13,10 @@
4 files changed, 130 insertions(+), 10 deletions(-)
diff --git a/linux-user/main.c b/linux-user/main.c
-index fdee981..c9954fd 100644
+index 5f3ec97..7b28d93 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
-@@ -811,15 +811,22 @@ void cpu_loop(CPUARMState *env)
+@@ -853,15 +853,22 @@ void cpu_loop(CPUARMState *env)
break;
}
} else {
@@ -49,10 +49,10 @@
} else {
goto error;
diff --git a/linux-user/qemu.h b/linux-user/qemu.h
-index 8012cc2..e29c7f3 100644
+index 26b0ba2..b55a9d2 100644
--- a/linux-user/qemu.h
+++ b/linux-user/qemu.h
-@@ -135,6 +135,8 @@ typedef struct TaskState {
+@@ -130,6 +130,8 @@ typedef struct TaskState {
struct sigqueue sigqueue_table[MAX_SIGQUEUE_SIZE]; /* siginfo queue */
struct sigqueue *first_free; /* first free siginfo queue entry */
int signal_pending; /* non zero if a signal may be pending */
@@ -61,7 +61,7 @@
} __attribute__((aligned(16))) TaskState;
extern char *exec_path;
-@@ -200,6 +202,7 @@ int get_osversion(void);
+@@ -188,6 +190,7 @@ int get_osversion(void);
void init_qemu_uname_release(void);
void fork_start(void);
void fork_end(int child);
@@ -70,18 +70,18 @@
/* Creates the initial guest address space in the host memory space using
* the given host start address hint and size. The guest_start parameter
diff --git a/linux-user/signal.c b/linux-user/signal.c
-index 42c5681..4153c99 100644
+index d422aeb..eab88a9 100644
--- a/linux-user/signal.c
+++ b/linux-user/signal.c
-@@ -25,6 +25,7 @@
- #include
+@@ -19,6 +19,7 @@
+ #include "qemu/osdep.h"
#include
#include
+#include
#include "qemu.h"
#include "qemu-common.h"
-@@ -571,6 +572,11 @@ int queue_signal(CPUArchState *env, int sig, target_siginfo_t *info)
+@@ -563,6 +564,11 @@ int queue_signal(CPUArchState *env, int sig, target_siginfo_t *info)
k->pending = 1;
/* signal that a new signal is pending */
ts->signal_pending = 1;
@@ -93,7 +93,7 @@
return 1; /* indicates that the signal was queued */
}
}
-@@ -717,8 +723,24 @@ int do_sigaction(int sig, const struct target_sigaction *act,
+@@ -703,8 +709,24 @@ int do_sigaction(int sig, const struct target_sigaction *act,
if (host_sig != SIGSEGV && host_sig != SIGBUS) {
sigfillset(&act1.sa_mask);
act1.sa_flags = SA_SIGINFO;
@@ -119,10 +119,10 @@
ignore state to avoid getting unexpected interrupted
syscalls */
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
-index f62c698..a53a85f 100644
+index 032d338..fe0dbd6 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
-@@ -5570,6 +5570,87 @@ static target_timer_t get_timer_id(abi_long arg)
+@@ -5847,6 +5847,87 @@ static target_timer_t get_timer_id(abi_long arg)
return timerid;
}
@@ -210,7 +210,7 @@
/* do_syscall() should always have a single exit point at the end so
that actions, such as logging of syscall results, can be performed.
All errnos that do_syscall() returns must be -TARGET_<errcode>. */
-@@ -5583,6 +5664,12 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
+@@ -5860,6 +5941,12 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
struct stat st;
struct statfs stfs;
void *p;
@@ -223,7 +223,7 @@
#ifdef DEBUG
gemu_log("syscall %d", num);
-@@ -8852,7 +8939,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
+@@ -9211,7 +9298,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
cmd = target_to_host_fcntl_cmd(arg2);
if (cmd == -TARGET_EINVAL) {
ret = cmd;
@@ -232,7 +232,7 @@
}
switch(arg2) {
-@@ -9883,6 +9970,7 @@ fail:
+@@ -10255,6 +10342,7 @@ fail:
#endif
if(do_strace)
print_syscall_ret(num, ret);
++++++ 0003-qemu-0.9.0.cvs-binfmt.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From 46a229c08679d4ba67bdf5f43568b08594c2ba8e Mon Sep 17 00:00:00 2001
+From 2d978c9adfe0bb7dadbb21e9f606f33b9f70bf1c Mon Sep 17 00:00:00 2001
From: Ulrich Hecht
Date: Tue, 14 Apr 2009 16:18:44 +0200
Subject: [PATCH] qemu-0.9.0.cvs-binfmt
++++++ 0004-qemu-cvs-alsa_bitfield.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From 30757b11ba37493290f9df04e4f2fdc095463ada Mon Sep 17 00:00:00 2001
+From 68b848ab76ac2d150b4ed899d46dabac85b248a2 Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Tue, 14 Apr 2009 16:20:50 +0200
Subject: [PATCH] qemu-cvs-alsa_bitfield
@@ -13,10 +13,10 @@
2 files changed, 24 insertions(+)
diff --git a/include/exec/user/thunk.h b/include/exec/user/thunk.h
-index 3b67462..f26c7f4 100644
+index ad1d602..4e082a7 100644
--- a/include/exec/user/thunk.h
+++ b/include/exec/user/thunk.h
-@@ -38,6 +38,7 @@ typedef enum argtype {
+@@ -37,6 +37,7 @@ typedef enum argtype {
TYPE_ARRAY,
TYPE_STRUCT,
TYPE_OLDDEVT,
@@ -24,7 +24,7 @@
} argtype;
#define MK_PTR(type) TYPE_PTR, type
-@@ -91,6 +92,7 @@ static inline int thunk_type_size(const argtype *type_ptr, int is_host)
+@@ -90,6 +91,7 @@ static inline int thunk_type_size(const argtype *type_ptr, int is_host)
case TYPE_SHORT:
return 2;
case TYPE_INT:
@@ -32,7 +32,7 @@
return 4;
case TYPE_LONGLONG:
case TYPE_ULONGLONG:
-@@ -153,6 +155,7 @@ static inline int thunk_type_align(const argtype *type_ptr, int is_host)
+@@ -152,6 +154,7 @@ static inline int thunk_type_align(const argtype *type_ptr, int is_host)
case TYPE_SHORT:
return 2;
case TYPE_INT:
@@ -41,10 +41,10 @@
case TYPE_LONGLONG:
case TYPE_ULONGLONG:
diff --git a/thunk.c b/thunk.c
-index f501fd7..b711860 100644
+index f057d86..6db7874 100644
--- a/thunk.c
+++ b/thunk.c
-@@ -39,6 +39,7 @@ static inline const argtype *thunk_type_next(const argtype *type_ptr)
+@@ -37,6 +37,7 @@ static inline const argtype *thunk_type_next(const argtype *type_ptr)
case TYPE_CHAR:
case TYPE_SHORT:
case TYPE_INT:
@@ -52,7 +52,7 @@
case TYPE_LONGLONG:
case TYPE_ULONGLONG:
case TYPE_LONG:
-@@ -141,6 +142,26 @@ const argtype *thunk_convert(void *dst, const void *src,
+@@ -139,6 +140,26 @@ const argtype *thunk_convert(void *dst, const void *src,
case TYPE_INT:
*(uint32_t *)dst = tswap32(*(uint32_t *)src);
break;
++++++ 0005-qemu-cvs-alsa_ioctl.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From 706f125ff6cb4940199af13de0040df33827326d Mon Sep 17 00:00:00 2001
+From 12ea4c0a49f8fd0b3b594f80fa78bf943b7d3c20 Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Tue, 14 Apr 2009 16:23:27 +0200
Subject: [PATCH] qemu-cvs-alsa_ioctl
@@ -2255,10 +2255,10 @@
+ unsigned char *code;
+};
diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
-index edd5f3c..e9f81f3 100644
+index 9e2b3c2..b090cdb 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h
-@@ -2521,6 +2521,8 @@ struct target_ucred {
+@@ -2545,6 +2545,8 @@ struct target_ucred {
uint32_t gid;
};
++++++ 0006-qemu-cvs-alsa_mmap.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From e467d93b8c067719e5f240096d85a2c72f025d8d Mon Sep 17 00:00:00 2001
+From f66983c05b20792b6bf5690bc46a4a60618b0425 Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Tue, 14 Apr 2009 16:24:15 +0200
Subject: [PATCH] qemu-cvs-alsa_mmap
@@ -12,10 +12,10 @@
1 file changed, 14 insertions(+)
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
-index 78e1b2d..5fd32f1 100644
+index 3519147..671889b 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
-@@ -367,6 +367,9 @@ abi_ulong mmap_find_vma(abi_ulong start, abi_ulong size)
+@@ -358,6 +358,9 @@ abi_ulong mmap_find_vma(abi_ulong start, abi_ulong size)
}
}
@@ -25,7 +25,7 @@
/* NOTE: all the constants are the HOST ones */
abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
int flags, int fd, abi_ulong offset)
-@@ -401,6 +404,17 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
+@@ -392,6 +395,17 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
}
#endif
++++++ 0007-qemu-cvs-gettimeofday.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From 33a0ebb46acf6693587ad719646bce324973a1b7 Mon Sep 17 00:00:00 2001
+From cda1328ad68fbb163f786e4ad5dd818c3a54bc4e Mon Sep 17 00:00:00 2001
From: Ulrich Hecht
Date: Tue, 14 Apr 2009 16:25:41 +0200
Subject: [PATCH] qemu-cvs-gettimeofday
@@ -9,10 +9,10 @@
1 file changed, 2 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
-index a53a85f..8e8c92e 100644
+index fe0dbd6..b5e6598 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
-@@ -6742,6 +6742,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
+@@ -7072,6 +7072,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
case TARGET_NR_gettimeofday:
{
struct timeval tv;
++++++ 0008-qemu-cvs-ioctl_debug.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From ea09ea340eecc844351b3f645f4ab1bc83a30209 Mon Sep 17 00:00:00 2001
+From 02d53ba7f7e370b1b67f6adc9b5497b4a262503a Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Tue, 14 Apr 2009 16:26:33 +0200
Subject: [PATCH] qemu-cvs-ioctl_debug
@@ -12,10 +12,10 @@
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
-index 8e8c92e..8270fd0 100644
+index b5e6598..7a589cb 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
-@@ -3917,7 +3917,12 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
+@@ -4022,7 +4022,12 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
ie = ioctl_entries;
for(;;) {
if (ie->target_cmd == 0) {
++++++ 0009-qemu-cvs-ioctl_nodirection.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From 578468f720038a99ae3a0cb8fec3c032aad77f63 Mon Sep 17 00:00:00 2001
+From 720dcded9e7c7ebce002e562644bf0b8896f5869 Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Tue, 14 Apr 2009 16:27:36 +0200
Subject: [PATCH] qemu-cvs-ioctl_nodirection
@@ -15,10 +15,10 @@
1 file changed, 6 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
-index 8270fd0..42fad52 100644
+index 7a589cb..1afd3b9 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
-@@ -3951,6 +3951,11 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
+@@ -4055,6 +4055,11 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
arg_type++;
target_size = thunk_type_size(arg_type, 0);
switch(ie->access) {
@@ -30,7 +30,7 @@
case IOC_R:
ret = get_errno(ioctl(fd, ie->host_cmd, buf_temp));
if (!is_error(ret)) {
-@@ -3969,6 +3974,7 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
+@@ -4073,6 +4078,7 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
unlock_user(argptr, arg, 0);
ret = get_errno(ioctl(fd, ie->host_cmd, buf_temp));
break;
++++++ 0010-block-vmdk-Support-creation-of-SCSI.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From dd09a1efb9aaa88ea67b087046dda700fcc6fd78 Mon Sep 17 00:00:00 2001
+From 592fcd424bad943c37f895f98e873fff69763709 Mon Sep 17 00:00:00 2001
From: Ulrich Hecht
Date: Tue, 14 Apr 2009 16:37:42 +0200
Subject: [PATCH] block/vmdk: Support creation of SCSI VMDK images in qemu-img
@@ -21,12 +21,12 @@
4 files changed, 21 insertions(+), 1 deletion(-)
diff --git a/block.c b/block.c
-index d088ee0..fae98a4 100644
+index d4939b4..b10e0fe 100644
--- a/block.c
+++ b/block.c
-@@ -3871,6 +3871,9 @@ void bdrv_img_create(const char *filename, const char *fmt,
+@@ -3588,6 +3588,9 @@ void bdrv_img_create(const char *filename, const char *fmt,
if (!quiet) {
- printf("Formatting '%s', fmt=%s", filename, fmt);
+ printf("Formatting '%s', fmt=%s ", filename, fmt);
qemu_opts_print(opts, " ");
+ if (qemu_opt_get_bool(opts, BLOCK_OPT_SCSI, false)) {
+ printf(", SCSI");
@@ -35,10 +35,10 @@
}
diff --git a/block/vmdk.c b/block/vmdk.c
-index fbaab67..6029805 100644
+index 45f9d3c..f5c68e0 100644
--- a/block/vmdk.c
+++ b/block/vmdk.c
-@@ -1845,9 +1845,12 @@ static int vmdk_create(const char *filename, QemuOpts *opts, Error **errp)
+@@ -1885,9 +1885,12 @@ static int vmdk_create(const char *filename, QemuOpts *opts, Error **errp)
if (qemu_opt_get_bool_del(opts, BLOCK_OPT_ZEROED_GRAIN, false)) {
zeroed_grain = true;
}
@@ -52,7 +52,7 @@
} else if (strcmp(adapter_type, "ide") &&
strcmp(adapter_type, "buslogic") &&
strcmp(adapter_type, "lsilogic") &&
-@@ -2262,6 +2265,11 @@ static QemuOptsList vmdk_create_opts = {
+@@ -2310,6 +2313,11 @@ static QemuOptsList vmdk_create_opts = {
.help = "Enable efficient zero writes "
"using the zeroed-grain GTE feature"
},
@@ -65,10 +65,10 @@
}
};
diff --git a/include/block/block_int.h b/include/block/block_int.h
-index 14ad4c3..6843176 100644
+index 10d8759..7c0b99c 100644
--- a/include/block/block_int.h
+++ b/include/block/block_int.h
-@@ -39,10 +39,12 @@
+@@ -40,10 +40,12 @@
#define BLOCK_FLAG_ENCRYPT 1
#define BLOCK_FLAG_COMPAT6 4
#define BLOCK_FLAG_LAZY_REFCOUNTS 8
@@ -82,10 +82,10 @@
#define BLOCK_OPT_BACKING_FMT "backing_fmt"
#define BLOCK_OPT_CLUSTER_SIZE "cluster_size"
diff --git a/qemu-img.c b/qemu-img.c
-index 75f4ee4..6610617 100644
+index 46f2a6d..01e6f4a 100644
--- a/qemu-img.c
+++ b/qemu-img.c
-@@ -1806,6 +1806,13 @@ static int img_convert(int argc, char **argv)
+@@ -2027,6 +2027,13 @@ static int img_convert(int argc, char **argv)
}
}
++++++ 0011-linux-user-add-binfmt-wrapper-for-a.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From 3e9916744db0c1ed9d1a7f63c5d473b98db861ab Mon Sep 17 00:00:00 2001
+From d115d3eff851640ed1b6caf43836504fed2bc67f Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Fri, 30 Sep 2011 19:40:36 +0200
Subject: [PATCH] linux-user: add binfmt wrapper for argv[0] handling
@@ -37,7 +37,7 @@
create mode 100644 linux-user/binfmt.c
diff --git a/Makefile.target b/Makefile.target
-index 3e7aafd..8a84d6f 100644
+index 34ddb7e..cba1078 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -36,6 +36,10 @@ endif
@@ -51,7 +51,7 @@
config-target.h: config-target.h-timestamp
config-target.h-timestamp: config-target.mak
-@@ -110,6 +114,8 @@ QEMU_CFLAGS+=-I$(SRC_PATH)/linux-user/$(TARGET_ABI_DIR) -I$(SRC_PATH)/linux-user
+@@ -113,6 +117,8 @@ QEMU_CFLAGS+=-I$(SRC_PATH)/linux-user/$(TARGET_ABI_DIR) -I$(SRC_PATH)/linux-user
obj-y += linux-user/
obj-y += gdbstub.o thunk.o user-exec.o
@@ -60,7 +60,7 @@
endif #CONFIG_LINUX_USER
#########################################################
-@@ -158,7 +164,11 @@ endif # CONFIG_SOFTMMU
+@@ -161,7 +167,11 @@ endif # CONFIG_SOFTMMU
# Workaround for http://gcc.gnu.org/PR55489, see configure.
%/translate.o: QEMU_CFLAGS += $(TRANSLATE_OPT_CFLAGS)
@@ -72,7 +72,7 @@
all-obj-y := $(obj-y)
target-obj-y :=
-@@ -187,6 +197,9 @@ ifdef CONFIG_DARWIN
+@@ -198,6 +208,9 @@ ifdef CONFIG_DARWIN
$(call quiet-command,SetFile -a C $@," SETFILE $(TARGET_DIR)$@")
endif
++++++ 0012-PPC-KVM-Disable-mmu-notifier-check.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From 2fc3bebad0110c2578f4db9e0f4dae1613000843 Mon Sep 17 00:00:00 2001
+From 2c7559dd752daedcfef00a88923a3df6a913dfd8 Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Fri, 6 Jan 2012 01:05:55 +0100
Subject: [PATCH] PPC: KVM: Disable mmu notifier check
@@ -13,20 +13,20 @@
1 file changed, 2 insertions(+)
diff --git a/exec.c b/exec.c
-index 0a4a0c5..03054a8 100644
+index c4f9036..52232dc 100644
--- a/exec.c
+++ b/exec.c
-@@ -1183,11 +1183,13 @@ static void *file_ram_alloc(RAMBlock *block,
- goto error;
- }
+@@ -1242,11 +1242,13 @@ static void *file_ram_alloc(RAMBlock *block,
+ int fd = -1;
+ int64_t page_size;
+#ifndef TARGET_PPC
if (kvm_enabled() && !kvm_has_sync_mmu()) {
error_setg(errp,
"host lacks kvm mmu notifiers, -mem-path unsupported");
- goto error;
+ return NULL;
}
+#endif
- /* Make name safe to use with mkstemp by replacing '/' with '_'. */
- sanitized_name = g_strdup(memory_region_name(block->mr));
+ for (;;) {
+ fd = open(path, O_RDWR);
++++++ 0013-linux-user-fix-segfault-deadlock.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From b3086c4600cb1e8aef85977566df8fee6a20a6a1 Mon Sep 17 00:00:00 2001
+From d308696040ad59d4418b398512bd6ca1a072a215 Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Fri, 13 Jan 2012 17:05:41 +0100
Subject: [PATCH] linux-user: fix segfault deadlock
@@ -19,49 +19,23 @@
Reported-by: Fabio Erculiani
Signed-off-by: Alexander Graf
+[AF: Drop spinlock_safe_unlock() and switch to tb_lock_reset() (bonzini)]
Signed-off-by: Andreas Färber
---
- include/exec/spinlock.h | 10 ++++++++++
- user-exec.c | 4 ++++
- 2 files changed, 14 insertions(+)
+ user-exec.c | 4 ++++
+ 1 file changed, 4 insertions(+)
-diff --git a/include/exec/spinlock.h b/include/exec/spinlock.h
-index a72edda..e460e12 100644
---- a/include/exec/spinlock.h
-+++ b/include/exec/spinlock.h
-@@ -24,6 +24,12 @@
- #include
- #define spin_lock pthread_mutex_lock
- #define spin_unlock pthread_mutex_unlock
-+static inline void spin_unlock_safe(pthread_mutex_t *lock)
-+{
-+ /* unlocking an unlocked mutex results in undefined behavior */
-+ pthread_mutex_trylock(lock);
-+ pthread_mutex_unlock(lock);
-+}
- #define spinlock_t pthread_mutex_t
- #define SPIN_LOCK_UNLOCKED PTHREAD_MUTEX_INITIALIZER
-
-@@ -46,4 +52,8 @@ static inline void spin_unlock(spinlock_t *lock)
- {
- }
-
-+static inline void spin_unlock_safe(spinlock_t *lock)
-+{
-+}
-+
- #endif
diff --git a/user-exec.c b/user-exec.c
-index ed9a07f..38f7baf 100644
+index d8d597b..f8b7752 100644
--- a/user-exec.c
+++ b/user-exec.c
-@@ -95,6 +95,10 @@ static inline int handle_cpu_signal(uintptr_t pc, unsigned long address,
- qemu_printf("qemu: SIGSEGV pc=0x%08lx address=%08lx w=%d oldset=0x%08lx\n",
- pc, address, is_write, *(unsigned long *)old_set);
+@@ -94,6 +94,10 @@ static inline int handle_cpu_signal(uintptr_t pc, unsigned long address,
+ printf("qemu: SIGSEGV pc=0x%08lx address=%08lx w=%d oldset=0x%08lx\n",
+ pc, address, is_write, *(unsigned long *)old_set);
#endif
+
+ /* Maybe we're still holding the TB fiddling lock? */
-+ spin_unlock_safe(&tcg_ctx.tb_ctx.tb_lock);
++ tb_lock_reset();
+
/* XXX: locking issue */
if (is_write && h2g_valid(address)
++++++ 0014-linux-user-binfmt-support-host-bina.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From 9d108fe88813ed9b5c04f27229c335e88d1ee0b5 Mon Sep 17 00:00:00 2001
+From 88f40fc3cbb0608938135e66f84a054e4c71f3e4 Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Thu, 2 Feb 2012 18:02:33 +0100
Subject: [PATCH] linux-user: binfmt: support host binaries
@@ -12,7 +12,7 @@
1 file changed, 26 insertions(+)
diff --git a/linux-user/binfmt.c b/linux-user/binfmt.c
-index cd1f513..c755edc 100644
+index cd1f513..458f136 100644
--- a/linux-user/binfmt.c
+++ b/linux-user/binfmt.c
@@ -5,6 +5,9 @@
@@ -41,7 +41,7 @@
+ }
+ guestarch++;
+ r = asprintf(&hostbin, "/emul/" ARCH_NAME "-for-%s/%s", guestarch, argv[1]);
-+ if (!access(hostbin, X_OK) && (r > 0)) {
++ if ((r > 0) && !access(hostbin, X_OK)) {
+ /*
+ * We found a host binary replacement for the non-host binary. Let's
+ * use that instead!
++++++ 0015-linux-user-Ignore-broken-loop-ioctl.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From c09e4874d845ac6783be16bb560ef4a69f4e24bb Mon Sep 17 00:00:00 2001
+From 338fec615a0deb8c3fced6a0f50fa8df40f136b3 Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Tue, 12 Jun 2012 04:41:10 +0200
Subject: [PATCH] linux-user: Ignore broken loop ioctl
@@ -46,10 +46,10 @@
#endif
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
-index 42fad52..8abe4cd 100644
+index 1afd3b9..32f7290 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
-@@ -3894,6 +3894,13 @@ static abi_long do_ioctl_kdsigaccept(const IOCTLEntry *ie, uint8_t *buf_temp,
+@@ -3999,6 +3999,13 @@ static abi_long do_ioctl_kdsigaccept(const IOCTLEntry *ie, uint8_t *buf_temp,
return get_errno(ioctl(fd, ie->host_cmd, sig));
}
@@ -64,10 +64,10 @@
#define IOCTL(cmd, access, ...) \
{ TARGET_ ## cmd, cmd, #cmd, access, 0, { __VA_ARGS__ } },
diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
-index e9f81f3..9fabee7 100644
+index b090cdb..f820b0b 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h
-@@ -1068,6 +1068,7 @@ struct target_pollfd {
+@@ -1087,6 +1087,7 @@ struct target_pollfd {
#define TARGET_LOOP_SET_STATUS64 0x4C04
#define TARGET_LOOP_GET_STATUS64 0x4C05
#define TARGET_LOOP_CHANGE_FD 0x4C06
++++++ 0016-linux-user-lock-tcg.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From 66d948dc1ca00cf95af18a77f0db061f657956a9 Mon Sep 17 00:00:00 2001
+From f70582028f2a2da536e05f059cb82a6dcdcce2cb Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Thu, 5 Jul 2012 17:31:39 +0200
Subject: [PATCH] linux-user: lock tcg
@@ -12,18 +12,19 @@
Signed-off-by: Alexander Graf
[AF: Rebased onto exec.c/translate-all.c split for 1.4]
[AF: Rebased for v2.1.0-rc0]
+[AF: Rebased onto tcg_gen_code_common() drop for v2.5.0-rc0]
Signed-off-by: Andreas Färber
---
linux-user/mmap.c | 3 +++
- tcg/tcg.c | 36 ++++++++++++++++++++++++++++++++++--
+ tcg/tcg.c | 31 ++++++++++++++++++++++++++++++-
tcg/tcg.h | 6 ++++++
- 3 files changed, 43 insertions(+), 2 deletions(-)
+ 3 files changed, 39 insertions(+), 1 deletion(-)
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
-index 5fd32f1..38f1cdd 100644
+index 671889b..b85905c 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
-@@ -30,6 +30,7 @@
+@@ -23,6 +23,7 @@
#include "qemu.h"
#include "qemu-common.h"
@@ -31,7 +32,7 @@
#include "translate-all.h"
//#define DEBUG_MMAP
-@@ -41,6 +42,7 @@ void mmap_lock(void)
+@@ -34,6 +35,7 @@ void mmap_lock(void)
{
if (mmap_lock_count++ == 0) {
pthread_mutex_lock(&mmap_mutex);
@@ -39,7 +40,7 @@
}
}
-@@ -48,6 +50,7 @@ void mmap_unlock(void)
+@@ -41,6 +43,7 @@ void mmap_unlock(void)
{
if (--mmap_lock_count == 0) {
pthread_mutex_unlock(&mmap_mutex);
@@ -48,11 +49,11 @@
}
diff --git a/tcg/tcg.c b/tcg/tcg.c
-index 0892a9b..f67c38c 100644
+index 796addd..8c511bf 100644
--- a/tcg/tcg.c
+++ b/tcg/tcg.c
-@@ -39,6 +39,8 @@
- #include "qemu-common.h"
+@@ -34,6 +34,8 @@
+ #include "qemu/cutils.h"
#include "qemu/host-utils.h"
#include "qemu/timer.h"
+#include "config-host.h"
@@ -60,7 +61,7 @@
/* Note: the long term plan is to reduce the dependencies on the QEMU
CPU definitions. Currently they are used for qemu_ld/st
-@@ -123,6 +125,29 @@ const size_t tcg_op_defs_max = ARRAY_SIZE(tcg_op_defs);
+@@ -114,6 +116,29 @@ static bool tcg_out_tb_finalize(TCGContext *s);
static TCGRegSet tcg_target_available_regs[2];
static TCGRegSet tcg_target_call_clobber_regs;
@@ -90,7 +91,7 @@
#if TCG_TARGET_INSN_UNIT_SIZE == 1
static __attribute__((unused)) inline void tcg_out8(TCGContext *s, uint8_t v)
{
-@@ -333,7 +358,8 @@ void tcg_context_init(TCGContext *s)
+@@ -326,7 +351,8 @@ void tcg_context_init(TCGContext *s)
memset(s, 0, sizeof(*s));
s->nb_globals = 0;
@@ -100,12 +101,23 @@
/* Count total number of arguments and allocate the corresponding
space */
total_args = 0;
-@@ -2422,10 +2448,12 @@ int tcg_gen_code(TCGContext *s, tcg_insn_unit *gen_code_buf)
+@@ -2353,6 +2379,7 @@ int tcg_gen_code(TCGContext *s, TranslationBlock *tb)
+ qemu_log("\n");
}
#endif
-
+ tcg_lock();
- tcg_gen_code_common(s, gen_code_buf, -1);
+
+ #ifdef CONFIG_PROFILER
+ s->opt_time -= profile_getclock();
+@@ -2457,6 +2484,7 @@ int tcg_gen_code(TCGContext *s, TranslationBlock *tb)
+ the buffer completely. Thus we can test for overflow after
+ generating code without having to check during generation. */
+ if (unlikely((void *)s->code_ptr > s->code_gen_highwater)) {
++ tcg_unlock();
+ return -1;
+ }
+ }
+@@ -2470,6 +2498,7 @@ int tcg_gen_code(TCGContext *s, TranslationBlock *tb)
/* flush instruction cache */
flush_icache_range((uintptr_t)s->code_buf, (uintptr_t)s->code_ptr);
@@ -113,21 +125,8 @@
return tcg_current_code_size(s);
}
-@@ -2437,7 +2465,11 @@ int tcg_gen_code(TCGContext *s, tcg_insn_unit *gen_code_buf)
- int tcg_gen_code_search_pc(TCGContext *s, tcg_insn_unit *gen_code_buf,
- long offset)
- {
-- return tcg_gen_code_common(s, gen_code_buf, offset);
-+ int r;
-+ tcg_lock();
-+ r = tcg_gen_code_common(s, gen_code_buf, offset);
-+ tcg_unlock();
-+ return r;
- }
-
- #ifdef CONFIG_PROFILER
diff --git a/tcg/tcg.h b/tcg/tcg.h
-index 231a781..e0806f9 100644
+index 40c8fbe..6b826af2 100644
--- a/tcg/tcg.h
+++ b/tcg/tcg.h
@@ -27,6 +27,7 @@
@@ -138,16 +137,16 @@
#include "tcg-target.h"
#define CPU_TEMP_BUF_NLONGS 128
-@@ -572,6 +573,8 @@ struct TCGContext {
- target_ulong gen_opc_pc[OPC_BUF_SIZE];
- uint16_t gen_opc_icount[OPC_BUF_SIZE];
- uint8_t gen_opc_instr_start[OPC_BUF_SIZE];
+@@ -591,6 +592,8 @@ struct TCGContext {
+
+ uint16_t gen_insn_end_off[TCG_MAX_INSNS];
+ target_ulong gen_insn_data[TCG_MAX_INSNS][TARGET_INSN_START_WORDS];
+
+ QemuMutex lock;
};
extern TCGContext tcg_ctx;
-@@ -760,6 +763,9 @@ void tcg_gen_callN(TCGContext *s, void *func,
+@@ -798,6 +801,9 @@ void tcg_gen_callN(TCGContext *s, void *func,
void tcg_op_remove(TCGContext *s, TCGOp *op);
void tcg_optimize(TCGContext *s);
++++++ 0017-linux-user-Run-multi-threaded-code-.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From bb2c2983421cc2b39cd7174f9bfdbb0376d5fcb9 Mon Sep 17 00:00:00 2001
+From 63f9ad9031029a99e2207ce13af0c3888bdc3c77 Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Tue, 10 Jul 2012 20:40:55 +0200
Subject: [PATCH] linux-user: Run multi-threaded code on a single core
@@ -19,10 +19,10 @@
1 file changed, 9 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
-index 8abe4cd..72701d4 100644
+index 32f7290..780f760 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
-@@ -4599,6 +4599,15 @@ static int do_fork(CPUArchState *env, unsigned int flags, abi_ulong newsp,
+@@ -4704,6 +4704,15 @@ static int do_fork(CPUArchState *env, unsigned int flags, abi_ulong newsp,
if (nptl_flags & CLONE_SETTLS)
cpu_set_tls (new_env, newtls);
++++++ 0018-linux-user-lock-tb-flushing-too.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From 996083e51b49804d7d9b6fa8c0daa6b2a68fbfee Mon Sep 17 00:00:00 2001
+From 8de35823c9f03e06ce40870e6cd04ce1c0a44be2 Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Wed, 11 Jul 2012 16:47:42 +0200
Subject: [PATCH] linux-user: lock tb flushing too
@@ -8,23 +8,22 @@
Signed-off-by: Alexander Graf
[AF: Rebased onto exec.c/translate-all.c split for 1.4]
+[AF: Rebased onto tb_alloc() changes for v2.5.0-rc0]
Signed-off-by: Andreas Färber
---
translate-all.c | 20 ++++++++++++++++++--
1 file changed, 18 insertions(+), 2 deletions(-)
diff --git a/translate-all.c b/translate-all.c
-index 60a3d8b..6de63cd 100644
+index 8329ea6..12a48c2 100644
--- a/translate-all.c
+++ b/translate-all.c
-@@ -705,19 +705,23 @@ static TranslationBlock *tb_alloc(target_ulong pc)
+@@ -761,17 +761,21 @@ static TranslationBlock *tb_alloc(target_ulong pc)
{
TranslationBlock *tb;
+ tcg_lock();
- if (tcg_ctx.tb_ctx.nb_tbs >= tcg_ctx.code_gen_max_blocks ||
- (tcg_ctx.code_gen_ptr - tcg_ctx.code_gen_buffer) >=
- tcg_ctx.code_gen_buffer_max_size) {
+ if (tcg_ctx.tb_ctx.nb_tbs >= tcg_ctx.code_gen_max_blocks) {
+ tcg_unlock();
return NULL;
}
@@ -41,7 +40,7 @@
/* In practice this is mostly used for single use temporary TB
Ignore the hard cases and just back up if this TB happens to
be the last one generated. */
-@@ -726,6 +730,7 @@ void tb_free(TranslationBlock *tb)
+@@ -780,6 +784,7 @@ void tb_free(TranslationBlock *tb)
tcg_ctx.code_gen_ptr = tb->tc_ptr;
tcg_ctx.tb_ctx.nb_tbs--;
}
@@ -49,7 +48,7 @@
}
static inline void invalidate_page_bitmap(PageDesc *p)
-@@ -781,6 +786,7 @@ void tb_flush(CPUState *cpu)
+@@ -833,6 +838,7 @@ void tb_flush(CPUState *cpu)
((unsigned long)(tcg_ctx.code_gen_ptr - tcg_ctx.code_gen_buffer)) /
tcg_ctx.tb_ctx.nb_tbs : 0);
#endif
@@ -57,7 +56,7 @@
if ((unsigned long)(tcg_ctx.code_gen_ptr - tcg_ctx.code_gen_buffer)
> tcg_ctx.code_gen_buffer_size) {
cpu_abort(cpu, "Internal error: code buffer overflow\n");
-@@ -798,6 +804,7 @@ void tb_flush(CPUState *cpu)
+@@ -850,6 +856,7 @@ void tb_flush(CPUState *cpu)
/* XXX: flush processor icache at this point if cache flush is
expensive */
tcg_ctx.tb_ctx.tb_flush_count++;
@@ -65,7 +64,7 @@
}
#ifdef DEBUG_TB_CHECK
-@@ -1079,8 +1086,10 @@ void tb_invalidate_phys_page_range(tb_page_addr_t start, tb_page_addr_t end,
+@@ -1208,8 +1215,10 @@ void tb_invalidate_phys_page_range(tb_page_addr_t start, tb_page_addr_t end,
int current_flags = 0;
#endif /* TARGET_HAS_PRECISE_SMC */
@@ -76,7 +75,7 @@
return;
}
#if defined(TARGET_HAS_PRECISE_SMC)
-@@ -1165,6 +1174,7 @@ void tb_invalidate_phys_page_range(tb_page_addr_t start, tb_page_addr_t end,
+@@ -1294,6 +1303,7 @@ void tb_invalidate_phys_page_range(tb_page_addr_t start, tb_page_addr_t end,
cpu_resume_from_signal(cpu, NULL);
}
#endif
@@ -84,7 +83,7 @@
}
/* len must be <= 8 and start must be a multiple of len */
-@@ -1379,13 +1389,16 @@ static TranslationBlock *tb_find_pc(uintptr_t tc_ptr)
+@@ -1511,13 +1521,16 @@ static TranslationBlock *tb_find_pc(uintptr_t tc_ptr)
{
int m_min, m_max, m;
uintptr_t v;
@@ -102,7 +101,7 @@
return NULL;
}
/* binary search (cf Knuth) */
-@@ -1396,6 +1409,7 @@ static TranslationBlock *tb_find_pc(uintptr_t tc_ptr)
+@@ -1528,6 +1541,7 @@ static TranslationBlock *tb_find_pc(uintptr_t tc_ptr)
tb = &tcg_ctx.tb_ctx.tbs[m];
v = (uintptr_t)tb->tc_ptr;
if (v == tc_ptr) {
@@ -110,7 +109,7 @@
return tb;
} else if (tc_ptr < v) {
m_max = m - 1;
-@@ -1403,7 +1417,9 @@ static TranslationBlock *tb_find_pc(uintptr_t tc_ptr)
+@@ -1535,7 +1549,9 @@ static TranslationBlock *tb_find_pc(uintptr_t tc_ptr)
m_min = m + 1;
}
}
++++++ 0019-linux-user-Fake-proc-cpuinfo.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From a592905fec06b408000a34046a6e70095214d955 Mon Sep 17 00:00:00 2001
+From e5ecc65e4ae5d85fd0645eacfed60757cef04c1a Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Mon, 23 Jul 2012 10:24:14 +0200
Subject: [PATCH] linux-user: Fake /proc/cpuinfo
@@ -22,10 +22,10 @@
1 file changed, 20 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
-index 72701d4..39dd818 100644
+index 780f760..7350980 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
-@@ -5420,6 +5420,25 @@ static int open_self_stat(void *cpu_env, int fd)
+@@ -5697,6 +5697,25 @@ static int open_self_stat(void *cpu_env, int fd)
return 0;
}
@@ -51,7 +51,7 @@
static int open_self_auxv(void *cpu_env, int fd)
{
CPUState *cpu = ENV_GET_CPU((CPUArchState *)cpu_env);
-@@ -5534,6 +5553,7 @@ static int do_openat(void *cpu_env, int dirfd, const char *pathname, int flags,
+@@ -5811,6 +5830,7 @@ static int do_openat(void *cpu_env, int dirfd, const char *pathname, int flags,
#if defined(HOST_WORDS_BIGENDIAN) != defined(TARGET_WORDS_BIGENDIAN)
{ "/proc/net/route", open_net_route, is_proc },
#endif
++++++ 0020-linux-user-implement-FS_IOC_GETFLAG.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From e5e97946c33a9f96bf2690ef725879412d40b57d Mon Sep 17 00:00:00 2001
+From f2bf40c52ebd8618da52c0ab89e38737170d34ec Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Mon, 20 Aug 2012 00:02:52 +0200
Subject: [PATCH] linux-user: implement FS_IOC_GETFLAGS ioctl
@@ -28,10 +28,10 @@
IOCTL(SIOCATMARK, 0, TYPE_NULL)
IOCTL(SIOCGIFNAME, IOC_RW, MK_PTR(TYPE_INT))
diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
-index 9fabee7..c8e47cf 100644
+index f820b0b..5152e89 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h
-@@ -2436,6 +2436,8 @@ struct target_f_owner_ex {
+@@ -2457,6 +2457,8 @@ struct target_f_owner_ex {
#define TARGET_MTIOCGET TARGET_IOR('m', 2, struct mtget)
#define TARGET_MTIOCPOS TARGET_IOR('m', 3, struct mtpos)
++++++ 0021-linux-user-implement-FS_IOC_SETFLAG.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From 11b3d0e15103565ed1f80e31033f4b8e2ebb456f Mon Sep 17 00:00:00 2001
+From 7e407d22128dac3b6dae0393a2173e6ee4878abd Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Mon, 20 Aug 2012 00:07:13 +0200
Subject: [PATCH] linux-user: implement FS_IOC_SETFLAGS ioctl
@@ -28,10 +28,10 @@
IOCTL(SIOCATMARK, 0, TYPE_NULL)
IOCTL(SIOCGIFNAME, IOC_RW, MK_PTR(TYPE_INT))
diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
-index c8e47cf..1a8816d 100644
+index 5152e89..77be181 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h
-@@ -2437,6 +2437,7 @@ struct target_f_owner_ex {
+@@ -2458,6 +2458,7 @@ struct target_f_owner_ex {
#define TARGET_MTIOCPOS TARGET_IOR('m', 3, struct mtpos)
#define TARGET_FS_IOC_GETFLAGS TARGET_IORU('f', 1)
++++++ 0022-linux-user-XXX-disable-fiemap.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From 12eee45e1110866da047697a46425754c77b2039 Mon Sep 17 00:00:00 2001
+From 416732418f358a876ee8406eb12925e198155e49 Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Tue, 21 Aug 2012 14:20:40 +0200
Subject: [PATCH] linux-user: XXX disable fiemap
@@ -9,10 +9,10 @@
1 file changed, 5 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
-index 39dd818..5bd6f55 100644
+index 7350980..90b1698 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
-@@ -3389,6 +3389,11 @@ static abi_long do_ioctl_fs_ioc_fiemap(const IOCTLEntry *ie, uint8_t *buf_temp,
+@@ -3494,6 +3494,11 @@ static abi_long do_ioctl_fs_ioc_fiemap(const IOCTLEntry *ie, uint8_t *buf_temp,
uint32_t outbufsz;
int free_fm = 0;
++++++ 0023-slirp-nooutgoing.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From 872dda04d480ab7c04830ae7297319ae52d03f65 Mon Sep 17 00:00:00 2001
+From 76603c63b15b71597d8d232d9c8f590598939cb2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?=
Date: Wed, 29 Aug 2012 18:42:56 +0200
Subject: [PATCH] slirp: -nooutgoing
@@ -7,15 +7,15 @@
---
qemu-options.hx | 10 ++++++++++
slirp/socket.c | 8 ++++++++
- slirp/tcp_subr.c | 13 +++++++++++++
+ slirp/tcp_subr.c | 12 ++++++++++++
vl.c | 9 +++++++++
- 4 files changed, 40 insertions(+)
+ 4 files changed, 39 insertions(+)
diff --git a/qemu-options.hx b/qemu-options.hx
-index 77f5853..fed72b0 100644
+index 6106520..32b25a5 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
-@@ -2915,6 +2915,16 @@ Store the QEMU process PID in @var{file}. It is useful if you launch QEMU
+@@ -3102,6 +3102,16 @@ Store the QEMU process PID in @var{file}. It is useful if you launch QEMU
from a script.
ETEXI
@@ -33,10 +33,10 @@
"-singlestep always run in singlestep mode\n", QEMU_ARCH_ALL)
STEXI
diff --git a/slirp/socket.c b/slirp/socket.c
-index 37ac5cf..b64baff 100644
+index a10eff1..fec954e 100644
--- a/slirp/socket.c
+++ b/slirp/socket.c
-@@ -532,6 +532,8 @@ sorecvfrom(struct socket *so)
+@@ -608,6 +608,8 @@ sorecvfrom(struct socket *so)
} /* if ping packet */
}
@@ -45,62 +45,61 @@
/*
* sendto() a socket
*/
-@@ -562,6 +564,12 @@ sosendto(struct socket *so, struct mbuf *m)
-
- DEBUG_MISC((dfd, " sendto()ing, addr.sin_port=%d, addr.sin_addr.s_addr=%.16s\n", ntohs(addr.sin_port), inet_ntoa(addr.sin_addr)));
+@@ -625,6 +627,12 @@ sosendto(struct socket *so, struct mbuf *m)
+ DEBUG_CALL(" sendto()ing)");
+ sotranslate_out(so, &addr);
+ /* Only allow DNS requests */
-+ if (slirp_nooutgoing && ntohs(addr.sin_port) != 53) {
++ if (slirp_nooutgoing && ntohs(((struct sockaddr_in *)&addr)->sin_port) != 53) {
+ errno = EHOSTUNREACH;
+ return -1;
+ }
+
/* Don't care what port we get */
ret = sendto(so->s, m->m_data, m->m_len, 0,
- (struct sockaddr *)&addr, sizeof (struct sockaddr));
+ (struct sockaddr *)&addr, sockaddr_size(&addr));
diff --git a/slirp/tcp_subr.c b/slirp/tcp_subr.c
-index 7571c5a..0555e18 100644
+index 6b9fef2..e712e21 100644
--- a/slirp/tcp_subr.c
+++ b/slirp/tcp_subr.c
-@@ -324,6 +324,9 @@ tcp_sockclosed(struct tcpcb *tp)
+@@ -391,6 +391,8 @@ tcp_sockclosed(struct tcpcb *tp)
* nonblocking. Connect returns after the SYN is sent, and does
* not wait for ACK+SYN.
*/
-+
+extern int slirp_nooutgoing;
+
- int tcp_fconnect(struct socket *so)
+ int tcp_fconnect(struct socket *so, unsigned short af)
{
- Slirp *slirp = so->slirp;
-@@ -332,6 +335,11 @@ int tcp_fconnect(struct socket *so)
+ int ret=0;
+@@ -398,6 +400,11 @@ int tcp_fconnect(struct socket *so, unsigned short af)
DEBUG_CALL("tcp_fconnect");
- DEBUG_ARG("so = %lx", (long )so);
+ DEBUG_ARG("so = %p", so);
+ if (slirp_nooutgoing) {
+ errno = EHOSTUNREACH;
+ return -1;
+ }
+
- if( (ret = so->s = qemu_socket(AF_INET,SOCK_STREAM,0)) >= 0) {
+ ret = so->s = qemu_socket(af, SOCK_STREAM, 0);
+ if (ret >= 0) {
int opt, s=so->s;
- struct sockaddr_in addr;
-@@ -424,6 +432,11 @@ void tcp_connect(struct socket *inso)
+@@ -478,6 +485,11 @@ void tcp_connect(struct socket *inso)
tcp_close(sototcpcb(so)); /* This will sofree() as well */
return;
}
-+ if (slirp_nooutgoing && addr.sin_addr.s_addr != slirp_nooutgoing) {
++ if (slirp_nooutgoing && ((struct sockaddr_in *)&addr)->sin_addr.s_addr != slirp_nooutgoing) {
+ tcp_close(sototcpcb(so)); /* This will sofree() as well */
-+ close(s);
++ closesocket(s);
+ return;
+ }
qemu_set_nonblock(s);
socket_set_fast_reuse(s);
opt = 1;
diff --git a/vl.c b/vl.c
-index 0adbbd6..f876c0b 100644
+index 5fd22cb..18c88ff 100644
--- a/vl.c
+++ b/vl.c
-@@ -165,6 +165,7 @@ int smp_threads = 1;
+@@ -162,6 +162,7 @@ int smp_threads = 1;
int acpi_enabled = 1;
int no_hpet = 0;
int fd_bootchk = 1;
@@ -108,7 +107,7 @@
static int no_reboot;
int no_shutdown = 0;
int cursor_hide = 1;
-@@ -3366,6 +3367,14 @@ int main(int argc, char **argv, char **envp)
+@@ -3382,6 +3383,14 @@ int main(int argc, char **argv, char **envp)
case QEMU_OPTION_singlestep:
singlestep = 1;
break;
++++++ 0024-vnc-password-file-and-incoming-conn.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From e6f0d75af33e57a766e9d21333a55b981f374d4d Mon Sep 17 00:00:00 2001
+From 1e6837a4cf1e2c757a9ee61f99ffd90dc97e3067 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?=
Date: Wed, 29 Aug 2012 20:06:01 +0200
Subject: [PATCH] vnc: password-file= and incoming-connections=
@@ -9,10 +9,10 @@
1 file changed, 55 insertions(+)
diff --git a/ui/vnc.c b/ui/vnc.c
-index e26973a..1545e9b 100644
+index d2ebf1f..ab65db9 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
-@@ -54,6 +54,8 @@ static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 };
+@@ -58,6 +58,8 @@ static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 };
static QTAILQ_HEAD(, VncDisplay) vnc_displays =
QTAILQ_HEAD_INITIALIZER(vnc_displays);
@@ -21,7 +21,7 @@
static int vnc_cursor_define(VncState *vs);
static void vnc_release_modifiers(VncState *vs);
-@@ -1220,6 +1222,7 @@ static void vnc_disconnect_start(VncState *vs)
+@@ -1185,6 +1187,7 @@ static void vnc_disconnect_start(VncState *vs)
void vnc_disconnect_finish(VncState *vs)
{
int i;
@@ -29,9 +29,9 @@
vnc_jobs_join(vs); /* Wait encoding jobs */
-@@ -1266,6 +1269,13 @@ void vnc_disconnect_finish(VncState *vs)
- }
- g_free(vs->lossy_rect);
+@@ -1235,6 +1238,13 @@ void vnc_disconnect_finish(VncState *vs)
+ object_unref(OBJECT(vs->sioc));
+ vs->sioc = NULL;
g_free(vs);
+
+ num_disconnects++;
@@ -42,9 +42,9 @@
+ }
}
- int vnc_client_io_error(VncState *vs, int ret, int last_errno)
-@@ -3233,6 +3243,39 @@ char *vnc_display_local_addr(const char *id)
- return vnc_socket_local_addr("%s:%s", vs->lsock);
+ ssize_t vnc_client_io_error(VncState *vs, ssize_t ret, Error **errp)
+@@ -3200,6 +3210,39 @@ char *vnc_display_local_addr(const char *id)
+ return ret;
}
+static void read_file_password(const char *id, const char *filename)
@@ -83,7 +83,7 @@
static QemuOptsList qemu_vnc_opts = {
.name = "vnc",
.head = QTAILQ_HEAD_INITIALIZER(qemu_vnc_opts.head),
-@@ -3260,6 +3303,9 @@ static QemuOptsList qemu_vnc_opts = {
+@@ -3231,6 +3274,9 @@ static QemuOptsList qemu_vnc_opts = {
.name = "connections",
.type = QEMU_OPT_NUMBER,
},{
@@ -93,7 +93,7 @@
.name = "to",
.type = QEMU_OPT_NUMBER,
},{
-@@ -3272,6 +3318,9 @@ static QemuOptsList qemu_vnc_opts = {
+@@ -3243,6 +3289,9 @@ static QemuOptsList qemu_vnc_opts = {
.name = "password",
.type = QEMU_OPT_BOOL,
},{
@@ -103,15 +103,15 @@
.name = "reverse",
.type = QEMU_OPT_BOOL,
},{
-@@ -3436,6 +3485,7 @@ void vnc_display_open(const char *id, Error **errp)
+@@ -3476,6 +3525,7 @@ void vnc_display_open(const char *id, Error **errp)
const char *share, *device_id;
QemuConsole *con;
bool password = false;
+ const char *password_file;
bool reverse = false;
const char *vnc;
- const char *has_to;
-@@ -3524,6 +3574,10 @@ void vnc_display_open(const char *id, Error **errp)
+ char *h;
+@@ -3601,6 +3651,10 @@ void vnc_display_open(const char *id, Error **errp)
goto fail;
}
}
@@ -122,11 +122,11 @@
reverse = qemu_opt_get_bool(opts, "reverse", false);
lock_key_sync = qemu_opt_get_bool(opts, "lock-key-sync", true);
-@@ -3577,6 +3631,7 @@ void vnc_display_open(const char *id, Error **errp)
+@@ -3689,6 +3743,7 @@ void vnc_display_open(const char *id, Error **errp)
vs->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
}
vs->connections_limit = qemu_opt_get_number(opts, "connections", 32);
+ allowed_connections = qemu_opt_get_number(opts, "allowed-connections", 0);
- websocket = qemu_opt_get(opts, "websocket");
- if (websocket) {
+ #ifdef CONFIG_VNC_JPEG
+ vs->lossy = qemu_opt_get_bool(opts, "lossy", false);
++++++ 0025-linux-user-add-more-blk-ioctls.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From 41e679783a244ca0ea1963e55bd3da5b9a966f24 Mon Sep 17 00:00:00 2001
+From 4910a63b38b4b6cd811d59ccf239423f8f6998fc Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Wed, 10 Oct 2012 10:21:20 +0200
Subject: [PATCH] linux-user: add more blk ioctls
@@ -42,10 +42,10 @@
IOCTL(BLKRASET, 0, TYPE_INT)
IOCTL(BLKRAGET, IOC_R, MK_PTR(TYPE_LONG))
diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
-index 1a8816d..f3ac211 100644
+index 77be181..787ba85 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h
-@@ -937,6 +937,12 @@ struct target_pollfd {
+@@ -956,6 +956,12 @@ struct target_pollfd {
#define TARGET_BLKGETSIZE64 TARGET_IOR(0x12,114,abi_ulong)
/* return device size in bytes
(u64 *arg) */
++++++ 0026-linux-user-use-target_ulong.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From 72d795a02ff3fac05afef692938ab2ec12176795 Mon Sep 17 00:00:00 2001
+From 4a2a102bf012ec39a75498e79d18d7e1cb703bd3 Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Tue, 9 Oct 2012 09:06:49 +0200
Subject: [PATCH] linux-user: use target_ulong
@@ -17,10 +17,10 @@
2 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/linux-user/qemu.h b/linux-user/qemu.h
-index e29c7f3..75b6558 100644
+index b55a9d2..be9c21c 100644
--- a/linux-user/qemu.h
+++ b/linux-user/qemu.h
-@@ -190,10 +190,10 @@ abi_long memcpy_to_target(abi_ulong dest, const void *src,
+@@ -178,10 +178,10 @@ abi_long memcpy_to_target(abi_ulong dest, const void *src,
void target_set_brk(abi_ulong new_brk);
abi_long do_brk(abi_ulong new_brk);
void syscall_init(void);
@@ -36,10 +36,10 @@
extern THREAD CPUState *thread_cpu;
void cpu_loop(CPUArchState *env);
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
-index 5bd6f55..8016256 100644
+index 90b1698..2048082 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
-@@ -5706,10 +5706,10 @@ int syscall_restartable(int syscall_nr)
+@@ -5983,10 +5983,10 @@ int syscall_restartable(int syscall_nr)
/* do_syscall() should always have a single exit point at the end so
that actions, such as logging of syscall results, can be performed.
All errnos that do_syscall() returns must be -TARGET_<errcode>. */
++++++ 0027-block-Add-support-for-DictZip-enabl.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From 3058cb28a3852a02ef20cb5fa6e17f89880bd2cb Mon Sep 17 00:00:00 2001
+From e457395b8a52702b4866234bbe641d6044d725e6 Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Wed, 5 Aug 2009 09:49:37 +0200
Subject: [PATCH] block: Add support for DictZip enabled gzip files
@@ -34,31 +34,33 @@
qemu_aio_release() -> qemu_aio_unref(),
drop dictzip_aio_cancel()]
[AF: common-obj-y -> block-obj-y, drop probe hook (bsc#945778)]
+[AF: Drop bdrv_open() drv parameter for 2.5]
Signed-off-by: Andreas Färber
+Signed-off-by: Bruce Rogers
---
block/Makefile.objs | 1 +
- block/dictzip.c | 578 ++++++++++++++++++++++++++++++++++++++++++++++++++++
- 2 files changed, 579 insertions(+)
+ block/dictzip.c | 580 ++++++++++++++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 581 insertions(+)
create mode 100644 block/dictzip.c
diff --git a/block/Makefile.objs b/block/Makefile.objs
-index 58ef2ef..c7b9294 100644
+index 44a5416..12e0cca 100644
--- a/block/Makefile.objs
+++ b/block/Makefile.objs
-@@ -20,6 +20,7 @@ block-obj-$(CONFIG_RBD) += rbd.o
- block-obj-$(CONFIG_GLUSTERFS) += gluster.o
+@@ -21,6 +21,7 @@ block-obj-$(CONFIG_GLUSTERFS) += gluster.o
block-obj-$(CONFIG_ARCHIPELAGO) += archipelago.o
block-obj-$(CONFIG_LIBSSH2) += ssh.o
+ block-obj-y += accounting.o dirty-bitmap.o
+block-obj-y += dictzip.o
- block-obj-y += accounting.o
block-obj-y += write-threshold.o
+ block-obj-y += crypto.o
diff --git a/block/dictzip.c b/block/dictzip.c
new file mode 100644
-index 0000000..1824971
+index 0000000..717a7d3
--- /dev/null
+++ b/block/dictzip.c
-@@ -0,0 +1,578 @@
+@@ -0,0 +1,580 @@
+/*
+ * DictZip Block driver for dictzip enabled gzip files
+ *
@@ -96,6 +98,8 @@
+ * THE SOFTWARE.
+ */
+
++#include "qemu/osdep.h"
++#include "qapi/error.h"
+#include "qemu-common.h"
+#include "block/block_int.h"
+#include
@@ -242,7 +246,7 @@
+ else if (!strncmp(filename, "dzip:", 5))
+ filename += 5;
+
-+ ret = bdrv_open(&s->hd, filename, NULL, NULL, flags | BDRV_O_PROTOCOL, NULL, &local_err);
++ ret = bdrv_open(&s->hd, filename, NULL, NULL, flags | BDRV_O_PROTOCOL, &local_err);
+ if (ret < 0) {
+ error_propagate(errp, local_err);
+ qemu_opts_del(opts);
++++++ 0028-block-Add-tar-container-format.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From 6492e67a4633bac8d339a8dd171a4560d9b0db6d Mon Sep 17 00:00:00 2001
+From 5e55ea4fdd7fcb2dad3ea1c59889390fe94e38bc Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Wed, 5 Aug 2009 17:28:38 +0200
Subject: [PATCH] block: Add tar container format
@@ -35,31 +35,33 @@
qemu_aio_release() -> qemu_aio_unref(),
drop tar_aio_cancel()]
[AF: common-obj-y -> block-obj-y, drop probe hook (bsc#945778)]
+[AF: Drop bdrv_open() drv parameter for 2.5]
Signed-off-by: Andreas Färber
+Signed-off-by: Bruce Rogers
---
block/Makefile.objs | 1 +
- block/tar.c | 368 ++++++++++++++++++++++++++++++++++++++++++++++++++++
- 2 files changed, 369 insertions(+)
+ block/tar.c | 370 ++++++++++++++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 371 insertions(+)
create mode 100644 block/tar.c
diff --git a/block/Makefile.objs b/block/Makefile.objs
-index c7b9294..0a4b697 100644
+index 12e0cca..34a6fba 100644
--- a/block/Makefile.objs
+++ b/block/Makefile.objs
-@@ -21,6 +21,7 @@ block-obj-$(CONFIG_GLUSTERFS) += gluster.o
- block-obj-$(CONFIG_ARCHIPELAGO) += archipelago.o
+@@ -22,6 +22,7 @@ block-obj-$(CONFIG_ARCHIPELAGO) += archipelago.o
block-obj-$(CONFIG_LIBSSH2) += ssh.o
+ block-obj-y += accounting.o dirty-bitmap.o
block-obj-y += dictzip.o
+block-obj-y += tar.o
- block-obj-y += accounting.o
block-obj-y += write-threshold.o
+ block-obj-y += crypto.o
diff --git a/block/tar.c b/block/tar.c
new file mode 100644
-index 0000000..e612db3
+index 0000000..31da8b9
--- /dev/null
+++ b/block/tar.c
-@@ -0,0 +1,368 @@
+@@ -0,0 +1,370 @@
+/*
+ * Tar block driver
+ *
@@ -84,6 +86,8 @@
+ * THE SOFTWARE.
+ */
+
++#include "qemu/osdep.h"
++#include "qapi/error.h"
+#include "qemu-common.h"
+#include "block/block_int.h"
+
@@ -241,7 +245,7 @@
+ else if (!strncmp(filename, "tar:", 4))
+ filename += 4;
+
-+ ret = bdrv_open(&s->hd, filename, NULL, NULL, flags | BDRV_O_PROTOCOL, NULL, &local_err);
++ ret = bdrv_open(&s->hd, filename, NULL, NULL, flags | BDRV_O_PROTOCOL, &local_err);
+ if (ret < 0) {
+ error_propagate(errp, local_err);
+ qemu_opts_del(opts);
++++++ 0029-Legacy-Patch-kvm-qemu-preXX-dictzip.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From d893ae81b781a53bac6ee988bed2f32453dec3a7 Mon Sep 17 00:00:00 2001
+From e25606c433e170cb966f2ec6a0e88c9160684d54 Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Wed, 12 Dec 2012 19:11:30 +0100
Subject: [PATCH] Legacy Patch kvm-qemu-preXX-dictzip3.patch
@@ -8,10 +8,10 @@
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/block/tar.c b/block/tar.c
-index e612db3..654fcf7 100644
+index 31da8b9..41620fd 100644
--- a/block/tar.c
+++ b/block/tar.c
-@@ -71,7 +71,8 @@ static int str_ends(char *str, const char *end)
+@@ -73,7 +73,8 @@ static int str_ends(char *str, const char *end)
return !strncmp(str + str_len - end_len, end, end_len);
}
@@ -21,7 +21,7 @@
{
int retval = 0;
-@@ -87,10 +88,17 @@ static int is_target_file(BlockDriverState *bs, char *filename)
+@@ -89,10 +90,17 @@ static int is_target_file(BlockDriverState *bs, char *filename)
if (str_ends(filename, ".vmdk"))
retval = 1;
@@ -39,7 +39,7 @@
return retval;
}
-@@ -217,12 +225,13 @@ static int tar_open(BlockDriverState *bs, QDict *options, int flags, Error **err
+@@ -219,12 +227,13 @@ static int tar_open(BlockDriverState *bs, QDict *options, int flags, Error **err
bdrv_pread(s->hd, header_offs - s->file_len, s->longfile,
sizeof(s->longfile));
s->longfile[sizeof(s->longfile)-1] = '\0';
++++++ 0030-console-add-question-mark-escape-op.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From 9ff792a6d58e3966c94dc22167d956df1756aa14 Mon Sep 17 00:00:00 2001
+From 543e99f83c5c7aff0675f430f0b7ff6e9e43472d Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Mon, 6 Jun 2011 06:53:52 +0200
Subject: [PATCH] console: add question-mark escape operator
@@ -16,10 +16,10 @@
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ui/console.c b/ui/console.c
-index 75fc492..827b91e 100644
+index bf38579..0c1b4a3 100644
--- a/ui/console.c
+++ b/ui/console.c
-@@ -854,7 +854,7 @@ static void console_putchar(QemuConsole *s, int ch)
+@@ -868,7 +868,7 @@ static void console_putchar(QemuConsole *s, int ch)
} else {
if (s->nb_esc_params < MAX_ESC_PARAMS)
s->nb_esc_params++;
++++++ 0031-Make-char-muxer-more-robust-wrt-sma.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From 3de38631531f91c85e910e961978a77bd1ef842f Mon Sep 17 00:00:00 2001
+From 7cf495aa2aff024d97b20b87fa87fc17cbbbf5ff Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Thu, 1 Apr 2010 17:36:23 +0200
Subject: [PATCH] Make char muxer more robust wrt small FIFOs
@@ -22,10 +22,10 @@
1 file changed, 16 insertions(+)
diff --git a/qemu-char.c b/qemu-char.c
-index d956f8d..cd301ba 100644
+index b597ee1..eedae4f 100644
--- a/qemu-char.c
+++ b/qemu-char.c
-@@ -404,6 +404,9 @@ typedef struct {
+@@ -512,6 +512,9 @@ typedef struct {
IOEventHandler *chr_event[MAX_MUX];
void *ext_opaque[MAX_MUX];
CharDriverState *drv;
@@ -35,7 +35,7 @@
int focus;
int mux_cnt;
int term_got_escape;
-@@ -563,6 +566,15 @@ static void mux_chr_accept_input(CharDriverState *chr)
+@@ -671,6 +674,15 @@ static void mux_chr_accept_input(CharDriverState *chr)
d->chr_read[m](d->ext_opaque[m],
&d->buffer[m][d->cons[m]++ & MUX_BUFFER_MASK], 1);
}
@@ -51,7 +51,7 @@
}
static int mux_chr_can_read(void *opaque)
-@@ -691,6 +703,10 @@ static CharDriverState *qemu_chr_open_mux(CharDriverState *drv)
+@@ -812,6 +824,10 @@ static CharDriverState *qemu_chr_open_mux(const char *id,
chr->opaque = d;
d->drv = drv;
d->focus = -1;
++++++ 0032-linux-user-lseek-explicitly-cast-no.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From c42944366a1ce036e7baab2ee14b71e2d38754d1 Mon Sep 17 00:00:00 2001
+From 5ac9c6a5e5acfc0ce7b61783533ce3a866d85ec3 Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Thu, 13 Dec 2012 14:29:22 +0100
Subject: [PATCH] linux-user: lseek: explicitly cast non-set offsets to signed
@@ -16,10 +16,10 @@
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
-index 8016256..7c97105 100644
+index 2048082..00c075d 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
-@@ -6017,9 +6017,14 @@ abi_long do_syscall(void *cpu_env, int num, abi_ulong arg1,
+@@ -6320,9 +6320,14 @@ abi_long do_syscall(void *cpu_env, int num, abi_ulong arg1,
case TARGET_NR_oldstat:
goto unimplemented;
#endif
++++++ 0033-virtfs-proxy-helper-Provide-__u64-f.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:07.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:07.000000000 +0200
@@ -1,4 +1,4 @@
-From cd1a94f80e21ef2b5fa584514c032b34c0f85aeb Mon Sep 17 00:00:00 2001
+From 0ae16f3d2670b4bd86595f6b9f2b5bd7b6faa438 Mon Sep 17 00:00:00 2001
From: Bruce Rogers
Date: Thu, 16 May 2013 12:39:10 +0200
Subject: [PATCH] virtfs-proxy-helper: Provide __u64 for broken
@@ -12,7 +12,7 @@
1 file changed, 7 insertions(+)
diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c
-index 9097d15..f73de4e 100644
+index 54f7ad1..b4bf2f4 100644
--- a/fsdev/virtfs-proxy-helper.c
+++ b/fsdev/virtfs-proxy-helper.c
@@ -9,6 +9,13 @@
@@ -26,6 +26,6 @@
+#if defined(__powerpc64__)
+#include
+#endif
+ #include "qemu/osdep.h"
#include
#include
- #include
++++++ 0034-configure-Enable-PIE-for-ppc-and-pp.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:08.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:08.000000000 +0200
@@ -1,4 +1,4 @@
-From c9fbb5972a05e94bbe28bc75441344830a247fe5 Mon Sep 17 00:00:00 2001
+From 96642b20aa9624ffa934c24c22da03b184ee2c9f Mon Sep 17 00:00:00 2001
From: Dinar Valeev
Date: Wed, 2 Oct 2013 17:56:03 +0200
Subject: [PATCH] configure: Enable PIE for ppc and ppc64 hosts
@@ -14,10 +14,10 @@
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure b/configure
-index cd219d8..6ab01bc 100755
+index c37fc5f..94035eb 100755
--- a/configure
+++ b/configure
-@@ -1530,7 +1530,7 @@ fi
+@@ -1537,7 +1537,7 @@ fi
if test "$pie" = ""; then
case "$cpu-$targetos" in
++++++ 0035-qtest-Increase-socket-timeout.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:08.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:08.000000000 +0200
@@ -1,4 +1,4 @@
-From 39b6d2beaf481c85e836a77dede84456c25622ed Mon Sep 17 00:00:00 2001
+From 9aff904100fd11df814e8498cf9dd3d8c7810562 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?=
Date: Thu, 17 Apr 2014 18:39:10 +0200
Subject: [PATCH] qtest: Increase socket timeout
@@ -14,10 +14,10 @@
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/libqtest.c b/tests/libqtest.c
-index e5188e0..e0c5f23 100644
+index b12a9e4..8de01c0 100644
--- a/tests/libqtest.c
+++ b/tests/libqtest.c
-@@ -35,7 +35,7 @@
+@@ -27,7 +27,7 @@
#include "qapi/qmp/qjson.h"
#define MAX_IRQ 256
++++++ 0036-AIO-Reduce-number-of-threads-for-32.patch ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:08.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:08.000000000 +0200
@@ -1,4 +1,4 @@
-From 458ee6dac3863bf420d70cd218f88b60c4de7565 Mon Sep 17 00:00:00 2001
+From b70818ca8b9ca9ea88460c97b59c8e73e0c96bc8 Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Wed, 14 Jan 2015 01:32:11 +0100
Subject: [PATCH] AIO: Reduce number of threads for 32bit hosts
@@ -21,7 +21,7 @@
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/thread-pool.c b/thread-pool.c
-index ac909f4..fc16fc2 100644
+index 03ba0b0..b5b4fd3 100644
--- a/thread-pool.c
+++ b/thread-pool.c
@@ -297,7 +297,12 @@ static void thread_pool_init_one(ThreadPool *pool, AioContext *ctx)
++++++ 0037-configure-Enable-libseccomp-for-ppc.patch ++++++
From b44837ddb7fe9d43d70dc4260e4e9561d68ebc04 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?=
Date: Tue, 14 Apr 2015 18:42:06 +0200
Subject: [PATCH] configure: Enable libseccomp for ppc
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Our Factory libseccomp is patched to support ppc, ppc64 and ppc64le.
Signed-off-by: Andreas Färber
---
configure | 3 +++
1 file changed, 3 insertions(+)
diff --git a/configure b/configure
index 94035eb..4efabe3 100755
--- a/configure
+++ b/configure
@@ -1879,6 +1879,9 @@ if test "$seccomp" != "no" ; then
arm|aarch64)
libseccomp_minver="2.2.3"
;;
+ ppc|ppc64)
+ libseccomp_minver="2.2.0"
+ ;;
*)
libseccomp_minver=""
;;
++++++ 0040-dictzip-Fix-on-big-endian-systems.patch -> 0038-dictzip-Fix-on-big-endian-systems.patch ++++++
--- /work/SRC/openSUSE:Factory/qemu/0040-dictzip-Fix-on-big-endian-systems.patch 2015-12-18 21:52:02.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.qemu.new/0038-dictzip-Fix-on-big-endian-systems.patch 2016-06-09 16:01:59.000000000 +0200
@@ -1,4 +1,4 @@
-From 6daa5dc051e04f528bbe15cb7231a05cf92a072c Mon Sep 17 00:00:00 2001
+From ab4667c328ab637aabd54364658e8d047297eb54 Mon Sep 17 00:00:00 2001
From: Alexander Graf
Date: Mon, 15 Jun 2015 17:36:32 +0200
Subject: [PATCH] dictzip: Fix on big endian systems
@@ -20,10 +20,10 @@
1 file changed, 28 insertions(+), 22 deletions(-)
diff --git a/block/dictzip.c b/block/dictzip.c
-index 1824971..71ffe7b 100644
+index 717a7d3..1a104ac 100644
--- a/block/dictzip.c
+++ b/block/dictzip.c
-@@ -154,6 +154,7 @@ static int dictzip_open(BlockDriverState *bs, QDict *options, int flags, Error *
+@@ -156,6 +156,7 @@ static int dictzip_open(BlockDriverState *bs, QDict *options, int flags, Error *
uint8_t header_flags;
uint16_t chunk_len16;
uint16_t chunk_cnt16;
@@ -31,7 +31,7 @@
uint16_t header_ver;
uint16_t tmp_short;
uint64_t offset;
-@@ -253,11 +254,11 @@ static int dictzip_open(BlockDriverState *bs, QDict *options, int flags, Error *
+@@ -255,11 +256,11 @@ static int dictzip_open(BlockDriverState *bs, QDict *options, int flags, Error *
break;
case 99: /* Special Alex pigz version */
/* number of chunks */
@@ -46,7 +46,7 @@
/* chunk count */
if (bdrv_pread(s->hd, GZ_99_CHUNKCNT, &s->chunk_cnt, 4) != 4)
-@@ -265,7 +266,7 @@ static int dictzip_open(BlockDriverState *bs, QDict *options, int flags, Error *
+@@ -267,7 +268,7 @@ static int dictzip_open(BlockDriverState *bs, QDict *options, int flags, Error *
s->chunk_cnt = le32_to_cpu(s->chunk_cnt);
@@ -55,7 +55,7 @@
/* file size */
if (bdrv_pread(s->hd, GZ_99_FILESIZE, &s->file_len, 8) != 8)
-@@ -336,14 +337,14 @@ static int dictzip_open(BlockDriverState *bs, QDict *options, int flags, Error *
+@@ -338,14 +339,14 @@ static int dictzip_open(BlockDriverState *bs, QDict *options, int flags, Error *
s->offsets[i] = offset;
switch (header_ver) {
case 1:
@@ -73,7 +73,7 @@
}
qemu_opts_del(opts);
-@@ -377,10 +378,26 @@ static void dictzip_read_cb(void *opaque, int ret)
+@@ -379,10 +380,26 @@ static void dictzip_read_cb(void *opaque, int ret)
struct BDRVDictZipState *s = acb->s;
uint8_t *buf;
DictCache *cache;
@@ -101,7 +101,7 @@
/* uncompress the chunk */
acb->zStream->next_in = acb->gzipped;
acb->zStream->avail_in = acb->gz_len;
-@@ -466,17 +483,6 @@ static BlockAIOCB *dictzip_aio_readv(BlockDriverState *bs,
+@@ -468,17 +485,6 @@ static BlockAIOCB *dictzip_aio_readv(BlockDriverState *bs,
}
/* No cache, so let's decode */
@@ -119,7 +119,7 @@
/* We need to read these chunks */
first_chunk = start / s->chunk_len;
first_offset = start - first_chunk * s->chunk_len;
-@@ -486,9 +492,9 @@ static BlockAIOCB *dictzip_aio_readv(BlockDriverState *bs,
+@@ -488,9 +494,9 @@ static BlockAIOCB *dictzip_aio_readv(BlockDriverState *bs,
gz_len = 0;
for (i = first_chunk; i <= last_chunk; i++) {
if (s->chunks32)
@@ -131,7 +131,7 @@
}
gz_sector_num = gz_start / SECTOR_SIZE;
-@@ -509,7 +515,7 @@ static BlockAIOCB *dictzip_aio_readv(BlockDriverState *bs,
+@@ -511,7 +517,7 @@ static BlockAIOCB *dictzip_aio_readv(BlockDriverState *bs,
iov->iov_len = gz_nb_sectors * 512;
qemu_iovec_init_external(qiov_gz, iov, 1);
++++++ 0039-block-split-large-discard-requests-.patch ++++++
From 33fcb26d3770b6ff5019d796595675a3275bfe46 Mon Sep 17 00:00:00 2001
From: Olaf Hering
Date: Thu, 24 Mar 2016 14:32:39 +0100
Subject: [PATCH] block: split large discard requests from block frontend
Large discard requests lead to sign expansion errors in qemu.
Since there is no API to tell a guest about the limitations qmeu
has to split a large request itself.
[bsc#964427]
Signed-off-by: Olaf Hering
---
block/io.c | 22 +++++++++++++++++++++-
1 file changed, 21 insertions(+), 1 deletion(-)
diff --git a/block/io.c b/block/io.c
index a7dbf85..560fa4c 100644
--- a/block/io.c
+++ b/block/io.c
@@ -2487,7 +2487,7 @@ static void coroutine_fn bdrv_discard_co_entry(void *opaque)
rwco->ret = bdrv_co_discard(rwco->bs, rwco->sector_num, rwco->nb_sectors);
}
-int coroutine_fn bdrv_co_discard(BlockDriverState *bs, int64_t sector_num,
+static int __bdrv_co_discard(BlockDriverState *bs, int64_t sector_num,
int nb_sectors)
{
BdrvTrackedRequest req;
@@ -2569,6 +2569,26 @@ out:
return ret;
}
+int coroutine_fn bdrv_co_discard(BlockDriverState *bs, int64_t sector_num,
+ int nb_sectors)
+{
+ int num, ret;
+ int limit = BDRV_REQUEST_MAX_SECTORS;
+ int remaining = nb_sectors;
+ int64_t sector_offset = sector_num;
+
+ do {
+ num = remaining > limit ? limit : remaining;
+ ret = __bdrv_co_discard(bs, sector_offset, num);
+ if (ret < 0)
+ break;
+ remaining -= num;
+ sector_offset += num;
+ } while (remaining > 0);
+
+ return ret;
+}
+
int bdrv_discard(BlockDriverState *bs, int64_t sector_num, int nb_sectors)
{
Coroutine *co;
++++++ 0040-xen_disk-Add-suse-specific-flush-di.patch ++++++
From 529b4b3328e96f55ae0a44d1293616f426077a0b Mon Sep 17 00:00:00 2001
From: Bruce Rogers
Date: Wed, 9 Mar 2016 15:18:11 -0700
Subject: [PATCH] xen_disk: Add suse specific flush disable handling and map to
QEMU equiv
Add code to read the suse specific suse-diskcache-disable-flush flag out
of xenstore, and set the equivalent flag within QEMU.
Patch taken from Xen's patch queue, Olaf Hering being the original author.
[bsc#879425]
Signed-off-by: Bruce Rogers
Signed-off-by: Olaf Hering
---
hw/block/xen_disk.c | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/hw/block/xen_disk.c b/hw/block/xen_disk.c
index d4ce380..9100862 100644
--- a/hw/block/xen_disk.c
+++ b/hw/block/xen_disk.c
@@ -112,6 +112,7 @@ struct XenBlkDev {
int requests_inflight;
int requests_finished;
+ gboolean cache_unsafe;
/* Persistent grants extension */
gboolean feature_discard;
gboolean feature_persistent;
@@ -793,6 +794,16 @@ static void blk_parse_discard(struct XenBlkDev *blkdev)
}
}
+static void blk_parse_cache_unsafe(struct XenBlkDev *blkdev)
+{
+ int enable;
+
+ blkdev->cache_unsafe = false;
+
+ if (xenstore_read_be_int(&blkdev->xendev, "suse-diskcache-disable-flush", &enable) == 0)
+ blkdev->cache_unsafe = !!enable;
+}
+
static int blk_init(struct XenDevice *xendev)
{
struct XenBlkDev *blkdev = container_of(xendev, struct XenBlkDev, xendev);
@@ -864,6 +875,7 @@ static int blk_init(struct XenDevice *xendev)
xenstore_write_be_int(&blkdev->xendev, "info", info);
blk_parse_discard(blkdev);
+ blk_parse_cache_unsafe(blkdev);
g_free(directiosafe);
return 0;
@@ -906,6 +918,9 @@ static int blk_connect(struct XenDevice *xendev)
qflags |= BDRV_O_UNMAP;
}
+ if (blkdev->cache_unsafe)
+ qflags |= BDRV_O_NO_FLUSH;
+
/* init qemu block driver */
index = (blkdev->xendev.dev - 202 * 256) / 16;
blkdev->dinfo = drive_get(IF_XEN, 0, index);
++++++ 0041-build-link-with-libatomic-on-powerp.patch ++++++
From 260d6920548a51e773c2bdca0a2770a3083404a2 Mon Sep 17 00:00:00 2001
From: Olaf Hering
Date: Fri, 1 Apr 2016 12:27:16 +0200
Subject: [PATCH] build: link with libatomic on powerpc-linux
Building on powerpc-linux fails with undefined reference to
__atomic_load_8 in icount_warp_rt(). Force linking to -latomic.
Fixes a0aa44b ("include/qemu/atomic.h: default to __atomic functions")
Signed-off-by: Olaf Hering
---
configure | 27 +++++++++++++++++++++++++++
1 file changed, 27 insertions(+)
diff --git a/configure b/configure
index 4efabe3..b455035 100755
--- a/configure
+++ b/configure
@@ -4032,6 +4032,33 @@ if test "$usb_redir" != "no" ; then
fi
fi
+if test "$linux_user" = "no" -a "$cpu" = "ppc" -a "$targetos" = "Linux" ; then
+ # Do we need libm
+ cat > $TMPC << EOF
+ #include
+ #include
+ #include
+ int64_t val;
+ int main(int argc, char **argv)
+ {
+ val = (int64_t)read(0, NULL, 0);
+ if (atomic_read(&val) == -1) {
+ return 0;
+ }
+ return 1;
+ }
+EOF
+ if compile_prog "-Iinclude" "" ; then
+ :
+ echo "No need to link with -latomic on powerpc-linux"
+ elif compile_prog "-Iinclude" "-latomic" ; then
+ echo "Link with -latomic on powerpc-linux"
+ libs_softmmu="$libs_softmmu -latomic"
+ else
+ error_exit "libatomic check failed"
+ fi
+fi
+
##########################################
# check if we have VSS SDK headers for win
++++++ 0042-net-mipsnet-check-packet-length-aga.patch ++++++
From 53260b0f3e1426185786f5fe45f99ca1ded84062 Mon Sep 17 00:00:00 2001
From: Prasad J Pandit
Date: Thu, 7 Apr 2016 04:27:00 -0600
Subject: [PATCH] net: mipsnet: check packet length against buffer
When receiving packets over MIPSnet network device, it uses
receive buffer of size 1514 bytes. In case the controller
accepts large(MTU) packets, it could lead to memory corruption.
Add check to avoid it.
Reported by: Oleksandr Bazhaniuk
Signed-off-by: Prasad J Pandit
[BR: BSC#975136 CVE-2016-4002]
Signed-off-by: Bruce Rogers
---
hw/net/mipsnet.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/hw/net/mipsnet.c b/hw/net/mipsnet.c
index 740cd98..cf8b823 100644
--- a/hw/net/mipsnet.c
+++ b/hw/net/mipsnet.c
@@ -83,6 +83,9 @@ static ssize_t mipsnet_receive(NetClientState *nc, const uint8_t *buf, size_t si
if (!mipsnet_can_receive(nc))
return 0;
+ if (size >= sizeof(s->rx_buffer)) {
+ return 0;
+ }
s->busy = 1;
/* Just accept everything. */
++++++ 0043-i386-kvmvapic-initialise-imm32-vari.patch ++++++
From 4c2fce28b205a0912f1224bdb8dbba2a0d7bf593 Mon Sep 17 00:00:00 2001
From: Prasad J Pandit
Date: Thu, 7 Apr 2016 12:50:08 +0530
Subject: [PATCH] i386: kvmvapic: initialise imm32 variable
When processing Task Priorty Register(TPR) access, it could leak
automatic stack variable 'imm32' in patch_instruction().
Initialise the variable to avoid it.
Reported by: Donghai Zdh
Cc: qemu-stable@nongnu.org
Signed-off-by: Prasad J Pandit
Message-Id: <1460013608-16670-1-git-send-email-ppandit@redhat.com>
Signed-off-by: Paolo Bonzini
(cherry picked from commit 691a02e2ce0c413236a78dee6f2651c937b09fb0)
[BR: BSC#975700 CVE-2016-4020]
Signed-off-by: Bruce Rogers
---
hw/i386/kvmvapic.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/i386/kvmvapic.c b/hw/i386/kvmvapic.c
index c69f374..ff1e31a 100644
--- a/hw/i386/kvmvapic.c
+++ b/hw/i386/kvmvapic.c
@@ -394,7 +394,7 @@ static void patch_instruction(VAPICROMState *s, X86CPU *cpu, target_ulong ip)
CPUX86State *env = &cpu->env;
VAPICHandlers *handlers;
uint8_t opcode[2];
- uint32_t imm32;
+ uint32_t imm32 = 0;
target_ulong current_pc = 0;
target_ulong current_cs_base = 0;
int current_flags = 0;
++++++ 0044-esp-check-command-buffer-length-bef.patch ++++++
From 4a36592c8982234afc9591adb50684c2daed0fbd Mon Sep 17 00:00:00 2001
From: Prasad J Pandit
Date: Thu, 19 May 2016 16:09:30 +0530
Subject: [PATCH] esp: check command buffer length before write(CVE-2016-4439)
The 53C9X Fast SCSI Controller(FSC) comes with an internal 16-byte
FIFO buffer. It is used to handle command and data transfer. While
writing to this command buffer 's->cmdbuf[TI_BUFSZ=16]', a check
was missing to validate input length. Add check to avoid OOB write
access.
Fixes CVE-2016-4439.
Reported-by: Li Qiang
Cc: qemu-stable@nongnu.org
Signed-off-by: Prasad J Pandit
Message-Id: <1463654371-11169-2-git-send-email-ppandit@redhat.com>
Signed-off-by: Paolo Bonzini
(cherry picked from commit c98c6c105f66f05aa0b7c1d2a4a3f716450907ef)
[BR: CVE-2016-4439 BSC#980711]
Signed-off-by: Bruce Rogers
---
hw/scsi/esp.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/hw/scsi/esp.c b/hw/scsi/esp.c
index 8961be2..01497e6 100644
--- a/hw/scsi/esp.c
+++ b/hw/scsi/esp.c
@@ -448,7 +448,11 @@ void esp_reg_write(ESPState *s, uint32_t saddr, uint64_t val)
break;
case ESP_FIFO:
if (s->do_cmd) {
- s->cmdbuf[s->cmdlen++] = val & 0xff;
+ if (s->cmdlen < TI_BUFSZ) {
+ s->cmdbuf[s->cmdlen++] = val & 0xff;
+ } else {
+ trace_esp_error_fifo_overrun();
+ }
} else if (s->ti_size == TI_BUFSZ - 1) {
trace_esp_error_fifo_overrun();
} else {
++++++ 0045-esp-check-dma-length-before-reading.patch ++++++
From 648083b0e53202c883906a5d57d420a9c6411c89 Mon Sep 17 00:00:00 2001
From: Prasad J Pandit
Date: Thu, 19 May 2016 16:09:31 +0530
Subject: [PATCH] esp: check dma length before reading scsi
command(CVE-2016-4441)
The 53C9X Fast SCSI Controller(FSC) comes with an internal 16-byte
FIFO buffer. It is used to handle command and data transfer.
Routine get_cmd() uses DMA to read scsi commands into this buffer.
Add check to validate DMA length against buffer size to avoid any
overrun.
Fixes CVE-2016-4441.
Reported-by: Li Qiang
Cc: qemu-stable@nongnu.org
Signed-off-by: Prasad J Pandit
Message-Id: <1463654371-11169-3-git-send-email-ppandit@redhat.com>
Signed-off-by: Paolo Bonzini
(cherry picked from commit 6c1fef6b59563cc415f21e03f81539ed4b33ad90)
[BR: CVE-2016-4441 BSC#980723]
Signed-off-by: Bruce Rogers
---
hw/scsi/esp.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/hw/scsi/esp.c b/hw/scsi/esp.c
index 01497e6..591c817 100644
--- a/hw/scsi/esp.c
+++ b/hw/scsi/esp.c
@@ -82,7 +82,7 @@ void esp_request_cancelled(SCSIRequest *req)
}
}
-static uint32_t get_cmd(ESPState *s, uint8_t *buf)
+static uint32_t get_cmd(ESPState *s, uint8_t *buf, uint8_t buflen)
{
uint32_t dmalen;
int target;
@@ -92,6 +92,9 @@ static uint32_t get_cmd(ESPState *s, uint8_t *buf)
dmalen = s->rregs[ESP_TCLO];
dmalen |= s->rregs[ESP_TCMID] << 8;
dmalen |= s->rregs[ESP_TCHI] << 16;
+ if (dmalen > buflen) {
+ return 0;
+ }
s->dma_memory_read(s->dma_opaque, buf, dmalen);
} else {
dmalen = s->ti_size;
@@ -166,7 +169,7 @@ static void handle_satn(ESPState *s)
s->dma_cb = handle_satn;
return;
}
- len = get_cmd(s, buf);
+ len = get_cmd(s, buf, sizeof(buf));
if (len)
do_cmd(s, buf);
}
@@ -180,7 +183,7 @@ static void handle_s_without_atn(ESPState *s)
s->dma_cb = handle_s_without_atn;
return;
}
- len = get_cmd(s, buf);
+ len = get_cmd(s, buf, sizeof(buf));
if (len) {
do_busid_cmd(s, buf, 0);
}
@@ -192,7 +195,7 @@ static void handle_satn_stop(ESPState *s)
s->dma_cb = handle_satn_stop;
return;
}
- s->cmdlen = get_cmd(s, s->cmdbuf);
+ s->cmdlen = get_cmd(s, s->cmdbuf, sizeof(s->cmdbuf));
if (s->cmdlen) {
trace_esp_handle_satn_stop(s->cmdlen);
s->do_cmd = 1;
++++++ 0046-scsi-pvscsi-check-command-descripto.patch ++++++
From 2f492d1dceb93302ae10a97ea799e344e52e1a89 Mon Sep 17 00:00:00 2001
From: Prasad J Pandit
Date: Mon, 23 May 2016 04:49:00 -0600
Subject: [PATCH] scsi: pvscsi: check command descriptor ring buffer size
Vmware Paravirtual SCSI emulation uses command descriptors to
process SCSI commands. These descriptors come with their ring
buffers. A guest could set the ring buffer size to an arbitrary
value leading to OOB access issue. Add check to avoid it.
Reported-by: Li Qiang
Signed-off-by: Prasad J Pandit
[BR: CVE-2016-4952 BSC#981266]
Signed-off-by: Bruce Rogers
---
hw/scsi/vmw_pvscsi.c | 24 ++++++++++++++++++++----
1 file changed, 20 insertions(+), 4 deletions(-)
diff --git a/hw/scsi/vmw_pvscsi.c b/hw/scsi/vmw_pvscsi.c
index e690b4e..e1d6d06 100644
--- a/hw/scsi/vmw_pvscsi.c
+++ b/hw/scsi/vmw_pvscsi.c
@@ -153,7 +153,7 @@ pvscsi_log2(uint32_t input)
return log;
}
-static void
+static int
pvscsi_ring_init_data(PVSCSIRingInfo *m, PVSCSICmdDescSetupRings *ri)
{
int i;
@@ -161,6 +161,10 @@ pvscsi_ring_init_data(PVSCSIRingInfo *m, PVSCSICmdDescSetupRings *ri)
uint32_t req_ring_size, cmp_ring_size;
m->rs_pa = ri->ringsStatePPN << VMW_PAGE_SHIFT;
+ if ((ri->reqRingNumPages > PVSCSI_SETUP_RINGS_MAX_NUM_PAGES)
+ || (ri->cmpRingNumPages > PVSCSI_SETUP_RINGS_MAX_NUM_PAGES)) {
+ return -1;
+ }
req_ring_size = ri->reqRingNumPages * PVSCSI_MAX_NUM_REQ_ENTRIES_PER_PAGE;
cmp_ring_size = ri->cmpRingNumPages * PVSCSI_MAX_NUM_CMP_ENTRIES_PER_PAGE;
txr_len_log2 = pvscsi_log2(req_ring_size - 1);
@@ -192,15 +196,20 @@ pvscsi_ring_init_data(PVSCSIRingInfo *m, PVSCSICmdDescSetupRings *ri)
/* Flush ring state page changes */
smp_wmb();
+
+ return 0;
}
-static void
+static int
pvscsi_ring_init_msg(PVSCSIRingInfo *m, PVSCSICmdDescSetupMsgRing *ri)
{
int i;
uint32_t len_log2;
uint32_t ring_size;
+ if (ri->numPages > PVSCSI_SETUP_MSG_RING_MAX_NUM_PAGES) {
+ return -1;
+ }
ring_size = ri->numPages * PVSCSI_MAX_NUM_MSG_ENTRIES_PER_PAGE;
len_log2 = pvscsi_log2(ring_size - 1);
@@ -220,6 +229,8 @@ pvscsi_ring_init_msg(PVSCSIRingInfo *m, PVSCSICmdDescSetupMsgRing *ri)
/* Flush ring state page changes */
smp_wmb();
+
+ return 0;
}
static void
@@ -770,7 +781,10 @@ pvscsi_on_cmd_setup_rings(PVSCSIState *s)
trace_pvscsi_on_cmd_arrived("PVSCSI_CMD_SETUP_RINGS");
pvscsi_dbg_dump_tx_rings_config(rc);
- pvscsi_ring_init_data(&s->rings, rc);
+ if (pvscsi_ring_init_data(&s->rings, rc) < 0) {
+ return PVSCSI_COMMAND_PROCESSING_FAILED;
+ }
+
s->rings_info_valid = TRUE;
return PVSCSI_COMMAND_PROCESSING_SUCCEEDED;
}
@@ -850,7 +864,9 @@ pvscsi_on_cmd_setup_msg_ring(PVSCSIState *s)
}
if (s->rings_info_valid) {
- pvscsi_ring_init_msg(&s->rings, rc);
+ if (pvscsi_ring_init_msg(&s->rings, rc) < 0) {
+ return PVSCSI_COMMAND_PROCESSING_FAILED;
+ }
s->msg_ring_info_valid = TRUE;
}
return sizeof(PVSCSICmdDescSetupMsgRing) / sizeof(uint32_t);
++++++ 0047-scsi-mptsas-infinite-loop-while-fet.patch ++++++
From 62f461d944c764953299772d72892daca092fe3f Mon Sep 17 00:00:00 2001
From: Prasad J Pandit
Date: Tue, 24 May 2016 02:10:00 -0600
Subject: [PATCH] scsi: mptsas: infinite loop while fetching requests
The LSI SAS1068 Host Bus Adapter emulator in Qemu, periodically
looks for requests and fetches them. A loop doing that in
mptsas_fetch_requests() could run infinitely if 's->state' was
not operational. Move check to avoid such a loop.
Reported-by: Li Qiang
Signed-off-by: Prasad J Pandit
[BR: CVE-2016-4964 BSC#981399]
Signed-off-by: Bruce Rogers
---
hw/scsi/mptsas.c | 9 ++++-----
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/hw/scsi/mptsas.c b/hw/scsi/mptsas.c
index 499c146..be88e16 100644
--- a/hw/scsi/mptsas.c
+++ b/hw/scsi/mptsas.c
@@ -754,11 +754,6 @@ static void mptsas_fetch_request(MPTSASState *s)
hwaddr addr;
int size;
- if (s->state != MPI_IOC_STATE_OPERATIONAL) {
- mptsas_set_fault(s, MPI_IOCSTATUS_INVALID_STATE);
- return;
- }
-
/* Read the message header from the guest first. */
addr = s->host_mfa_high_addr | MPTSAS_FIFO_GET(s, request_post);
pci_dma_read(pci, addr, req, sizeof(hdr));
@@ -789,6 +784,10 @@ static void mptsas_fetch_requests(void *opaque)
{
MPTSASState *s = opaque;
+ if (s->state != MPI_IOC_STATE_OPERATIONAL) {
+ mptsas_set_fault(s, MPI_IOCSTATUS_INVALID_STATE);
+ return;
+ }
while (!MPTSAS_FIFO_EMPTY(s, request_post)) {
mptsas_fetch_request(s);
}
++++++ 0048-vga-add-sr_vbe-register-set.patch ++++++
From b360e87d80afa47ab5e1aaa2d58aac0a83047277 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann
Date: Tue, 17 May 2016 10:54:54 +0200
Subject: [PATCH] vga: add sr_vbe register set
Commit "fd3c136 vga: make sure vga register setup for vbe stays intact
(CVE-2016-3712)." causes a regression. The win7 installer is unhappy
because it can't freely modify vga registers any more while in vbe mode.
This patch introduces a new sr_vbe register set. The vbe_update_vgaregs
will fill sr_vbe[] instead of sr[]. Normal vga register reads and
writes go to sr[]. Any sr register read access happens through a new
sr() helper function which will read from sr_vbe[] with vbe active and
from sr[] otherwise.
This way we can allow guests update sr[] registers as they want, without
allowing them disrupt vbe video modes that way.
Cc: qemu-stable@nongnu.org
Reported-by: Thomas Lamprecht
Signed-off-by: Gerd Hoffmann
Message-id: 1463475294-14119-1-git-send-email-kraxel@redhat.com
(cherry picked from commit 94ef4f337fb614f18b765a8e0e878a4c23cdedcd)
Signed-off-by: Bruce Rogers
---
hw/display/vga.c | 50 ++++++++++++++++++++++++++++----------------------
hw/display/vga_int.h | 1 +
2 files changed, 29 insertions(+), 22 deletions(-)
diff --git a/hw/display/vga.c b/hw/display/vga.c
index 4a55ec6..9ebc54f 100644
--- a/hw/display/vga.c
+++ b/hw/display/vga.c
@@ -149,6 +149,11 @@ static inline bool vbe_enabled(VGACommonState *s)
return s->vbe_regs[VBE_DISPI_INDEX_ENABLE] & VBE_DISPI_ENABLED;
}
+static inline uint8_t sr(VGACommonState *s, int idx)
+{
+ return vbe_enabled(s) ? s->sr_vbe[idx] : s->sr[idx];
+}
+
static void vga_update_memory_access(VGACommonState *s)
{
hwaddr base, offset, size;
@@ -163,8 +168,8 @@ static void vga_update_memory_access(VGACommonState *s)
s->has_chain4_alias = false;
s->plane_updated = 0xf;
}
- if ((s->sr[VGA_SEQ_PLANE_WRITE] & VGA_SR02_ALL_PLANES) ==
- VGA_SR02_ALL_PLANES && s->sr[VGA_SEQ_MEMORY_MODE] & VGA_SR04_CHN_4M) {
+ if ((sr(s, VGA_SEQ_PLANE_WRITE) & VGA_SR02_ALL_PLANES) ==
+ VGA_SR02_ALL_PLANES && sr(s, VGA_SEQ_MEMORY_MODE) & VGA_SR04_CHN_4M) {
offset = 0;
switch ((s->gr[VGA_GFX_MISC] >> 2) & 3) {
case 0:
@@ -234,7 +239,7 @@ static void vga_precise_update_retrace_info(VGACommonState *s)
((s->cr[VGA_CRTC_OVERFLOW] >> 6) & 2)) << 8);
vretr_end_line = s->cr[VGA_CRTC_V_SYNC_END] & 0xf;
- clocking_mode = (s->sr[VGA_SEQ_CLOCK_MODE] >> 3) & 1;
+ clocking_mode = (sr(s, VGA_SEQ_CLOCK_MODE) >> 3) & 1;
clock_sel = (s->msr >> 2) & 3;
dots = (s->msr & 1) ? 8 : 9;
@@ -486,7 +491,6 @@ void vga_ioport_write(void *opaque, uint32_t addr, uint32_t val)
printf("vga: write SR%x = 0x%02x\n", s->sr_index, val);
#endif
s->sr[s->sr_index] = val & sr_mask[s->sr_index];
- vbe_update_vgaregs(s);
if (s->sr_index == VGA_SEQ_CLOCK_MODE) {
s->update_retrace_info(s);
}
@@ -680,13 +684,13 @@ static void vbe_update_vgaregs(VGACommonState *s)
if (s->vbe_regs[VBE_DISPI_INDEX_BPP] == 4) {
shift_control = 0;
- s->sr[VGA_SEQ_CLOCK_MODE] &= ~8; /* no double line */
+ s->sr_vbe[VGA_SEQ_CLOCK_MODE] &= ~8; /* no double line */
} else {
shift_control = 2;
/* set chain 4 mode */
- s->sr[VGA_SEQ_MEMORY_MODE] |= VGA_SR04_CHN_4M;
+ s->sr_vbe[VGA_SEQ_MEMORY_MODE] |= VGA_SR04_CHN_4M;
/* activate all planes */
- s->sr[VGA_SEQ_PLANE_WRITE] |= VGA_SR02_ALL_PLANES;
+ s->sr_vbe[VGA_SEQ_PLANE_WRITE] |= VGA_SR02_ALL_PLANES;
}
s->gr[VGA_GFX_MODE] = (s->gr[VGA_GFX_MODE] & ~0x60) |
(shift_control << 5);
@@ -836,7 +840,7 @@ uint32_t vga_mem_readb(VGACommonState *s, hwaddr addr)
break;
}
- if (s->sr[VGA_SEQ_MEMORY_MODE] & VGA_SR04_CHN_4M) {
+ if (sr(s, VGA_SEQ_MEMORY_MODE) & VGA_SR04_CHN_4M) {
/* chain 4 mode : simplest access */
assert(addr < s->vram_size);
ret = s->vram_ptr[addr];
@@ -904,11 +908,11 @@ void vga_mem_writeb(VGACommonState *s, hwaddr addr, uint32_t val)
break;
}
- if (s->sr[VGA_SEQ_MEMORY_MODE] & VGA_SR04_CHN_4M) {
+ if (sr(s, VGA_SEQ_MEMORY_MODE) & VGA_SR04_CHN_4M) {
/* chain 4 mode : simplest access */
plane = addr & 3;
mask = (1 << plane);
- if (s->sr[VGA_SEQ_PLANE_WRITE] & mask) {
+ if (sr(s, VGA_SEQ_PLANE_WRITE) & mask) {
assert(addr < s->vram_size);
s->vram_ptr[addr] = val;
#ifdef DEBUG_VGA_MEM
@@ -921,7 +925,7 @@ void vga_mem_writeb(VGACommonState *s, hwaddr addr, uint32_t val)
/* odd/even mode (aka text mode mapping) */
plane = (s->gr[VGA_GFX_PLANE_READ] & 2) | (addr & 1);
mask = (1 << plane);
- if (s->sr[VGA_SEQ_PLANE_WRITE] & mask) {
+ if (sr(s, VGA_SEQ_PLANE_WRITE) & mask) {
addr = ((addr & ~1) << 1) | plane;
if (addr >= s->vram_size) {
return;
@@ -996,7 +1000,7 @@ void vga_mem_writeb(VGACommonState *s, hwaddr addr, uint32_t val)
do_write:
/* mask data according to sr[2] */
- mask = s->sr[VGA_SEQ_PLANE_WRITE];
+ mask = sr(s, VGA_SEQ_PLANE_WRITE);
s->plane_updated |= mask; /* only used to detect font change */
write_mask = mask16[mask];
if (addr * sizeof(uint32_t) >= s->vram_size) {
@@ -1152,10 +1156,10 @@ static void vga_get_text_resolution(VGACommonState *s, int *pwidth, int *pheight
/* total width & height */
cheight = (s->cr[VGA_CRTC_MAX_SCAN] & 0x1f) + 1;
cwidth = 8;
- if (!(s->sr[VGA_SEQ_CLOCK_MODE] & VGA_SR01_CHAR_CLK_8DOTS)) {
+ if (!(sr(s, VGA_SEQ_CLOCK_MODE) & VGA_SR01_CHAR_CLK_8DOTS)) {
cwidth = 9;
}
- if (s->sr[VGA_SEQ_CLOCK_MODE] & 0x08) {
+ if (sr(s, VGA_SEQ_CLOCK_MODE) & 0x08) {
cwidth = 16; /* NOTE: no 18 pixel wide */
}
width = (s->cr[VGA_CRTC_H_DISP] + 1);
@@ -1197,7 +1201,7 @@ static void vga_draw_text(VGACommonState *s, int full_update)
int64_t now = qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL);
/* compute font data address (in plane 2) */
- v = s->sr[VGA_SEQ_CHARACTER_MAP];
+ v = sr(s, VGA_SEQ_CHARACTER_MAP);
offset = (((v >> 4) & 1) | ((v << 1) & 6)) * 8192 * 4 + 2;
if (offset != s->font_offsets[0]) {
s->font_offsets[0] = offset;
@@ -1506,11 +1510,11 @@ static void vga_draw_graphic(VGACommonState *s, int full_update)
}
if (shift_control == 0) {
- if (s->sr[VGA_SEQ_CLOCK_MODE] & 8) {
+ if (sr(s, VGA_SEQ_CLOCK_MODE) & 8) {
disp_width <<= 1;
}
} else if (shift_control == 1) {
- if (s->sr[VGA_SEQ_CLOCK_MODE] & 8) {
+ if (sr(s, VGA_SEQ_CLOCK_MODE) & 8) {
disp_width <<= 1;
}
}
@@ -1574,7 +1578,7 @@ static void vga_draw_graphic(VGACommonState *s, int full_update)
if (shift_control == 0) {
full_update |= update_palette16(s);
- if (s->sr[VGA_SEQ_CLOCK_MODE] & 8) {
+ if (sr(s, VGA_SEQ_CLOCK_MODE) & 8) {
v = VGA_DRAW_LINE4D2;
} else {
v = VGA_DRAW_LINE4;
@@ -1582,7 +1586,7 @@ static void vga_draw_graphic(VGACommonState *s, int full_update)
bits = 4;
} else if (shift_control == 1) {
full_update |= update_palette16(s);
- if (s->sr[VGA_SEQ_CLOCK_MODE] & 8) {
+ if (sr(s, VGA_SEQ_CLOCK_MODE) & 8) {
v = VGA_DRAW_LINE2D2;
} else {
v = VGA_DRAW_LINE2;
@@ -1629,7 +1633,7 @@ static void vga_draw_graphic(VGACommonState *s, int full_update)
#if 0
printf("w=%d h=%d v=%d line_offset=%d cr[0x09]=0x%02x cr[0x17]=0x%02x linecmp=%d sr[0x01]=0x%02x\n",
width, height, v, line_offset, s->cr[9], s->cr[VGA_CRTC_MODE],
- s->line_compare, s->sr[VGA_SEQ_CLOCK_MODE]);
+ s->line_compare, sr(s, VGA_SEQ_CLOCK_MODE));
#endif
addr1 = (s->start_addr * 4);
bwidth = (width * bits + 7) / 8;
@@ -1781,6 +1785,7 @@ void vga_common_reset(VGACommonState *s)
{
s->sr_index = 0;
memset(s->sr, '\0', sizeof(s->sr));
+ memset(s->sr_vbe, '\0', sizeof(s->sr_vbe));
s->gr_index = 0;
memset(s->gr, '\0', sizeof(s->gr));
s->ar_index = 0;
@@ -1883,10 +1888,10 @@ static void vga_update_text(void *opaque, console_ch_t *chardata)
/* total width & height */
cheight = (s->cr[VGA_CRTC_MAX_SCAN] & 0x1f) + 1;
cw = 8;
- if (!(s->sr[VGA_SEQ_CLOCK_MODE] & VGA_SR01_CHAR_CLK_8DOTS)) {
+ if (!(sr(s, VGA_SEQ_CLOCK_MODE) & VGA_SR01_CHAR_CLK_8DOTS)) {
cw = 9;
}
- if (s->sr[VGA_SEQ_CLOCK_MODE] & 0x08) {
+ if (sr(s, VGA_SEQ_CLOCK_MODE) & 0x08) {
cw = 16; /* NOTE: no 18 pixel wide */
}
width = (s->cr[VGA_CRTC_H_DISP] + 1);
@@ -2053,6 +2058,7 @@ static int vga_common_post_load(void *opaque, int version_id)
/* force refresh */
s->graphic_mode = -1;
+ vbe_update_vgaregs(s);
return 0;
}
diff --git a/hw/display/vga_int.h b/hw/display/vga_int.h
index bdb43a5..3ce5544 100644
--- a/hw/display/vga_int.h
+++ b/hw/display/vga_int.h
@@ -98,6 +98,7 @@ typedef struct VGACommonState {
MemoryRegion chain4_alias;
uint8_t sr_index;
uint8_t sr[256];
+ uint8_t sr_vbe[256];
uint8_t gr_index;
uint8_t gr[256];
uint8_t ar_index;
++++++ _constraints ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:08.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:08.000000000 +0200
@@ -9,4 +9,16 @@
</physicalmemory>
</hardware>
</overwrite>
+ <overwrite>
+ <conditions>
+ <arch>ppc64</arch>
+ <arch>ppc64le</arch>
+ <package>qemu</package>
+ </conditions>
+ <hardware>
+ <disk>
+ <size unit="G">7</size>
+ </disk>
+ </hardware>
+ </overwrite>
</constraints>
++++++ ipxe-ath-Fix-building-with-GCC-6.patch ++++++
++++ 1003 lines (skipped)
++++++ ipxe-ath9k-Fix-buffer-overrun-for-ar9287.patch ++++++
From 858f56e68b7089a3dc8473bb94dd198554a24eeb Mon Sep 17 00:00:00 2001
From: Christian Hesse
Date: Sat, 7 May 2016 21:20:37 +0200
Subject: [PATCH] [ath9k] Fix buffer overrun for ar9287
This backport is from linux kernel upstream commit 83d6f1f ("ath9k:
fix buffer overrun for ar9287").
Signed-off-by: Christian Hesse
Signed-off-by: Michael Brown
Signed-off-by: Bruce Rogers
---
src/drivers/net/ath/ath9k/ath9k_eeprom.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/src/drivers/net/ath/ath9k/ath9k_eeprom.c b/src/drivers/net/ath/ath9k/ath9k_eeprom.c
index f552aca..a204237 100644
--- a/src/drivers/net/ath/ath9k/ath9k_eeprom.c
+++ b/src/drivers/net/ath/ath9k/ath9k_eeprom.c
@@ -368,10 +368,9 @@ void ath9k_hw_get_gain_boundaries_pdadcs(struct ath_hw *ah,
if (match) {
if (AR_SREV_9287(ah)) {
- /* FIXME: array overrun? */
for (i = 0; i < numXpdGains; i++) {
minPwrT4[i] = data_9287[idxL].pwrPdg[i][0];
- maxPwrT4[i] = data_9287[idxL].pwrPdg[i][4];
+ maxPwrT4[i] = data_9287[idxL].pwrPdg[i][intercepts - 1];
ath9k_hw_fill_vpd_table(minPwrT4[i], maxPwrT4[i],
data_9287[idxL].pwrPdg[i],
data_9287[idxL].vpdPdg[i],
@@ -381,7 +380,7 @@ void ath9k_hw_get_gain_boundaries_pdadcs(struct ath_hw *ah,
} else if (eeprom_4k) {
for (i = 0; i < numXpdGains; i++) {
minPwrT4[i] = data_4k[idxL].pwrPdg[i][0];
- maxPwrT4[i] = data_4k[idxL].pwrPdg[i][4];
+ maxPwrT4[i] = data_4k[idxL].pwrPdg[i][intercepts - 1];
ath9k_hw_fill_vpd_table(minPwrT4[i], maxPwrT4[i],
data_4k[idxL].pwrPdg[i],
data_4k[idxL].vpdPdg[i],
@@ -391,7 +390,7 @@ void ath9k_hw_get_gain_boundaries_pdadcs(struct ath_hw *ah,
} else {
for (i = 0; i < numXpdGains; i++) {
minPwrT4[i] = data_def[idxL].pwrPdg[i][0];
- maxPwrT4[i] = data_def[idxL].pwrPdg[i][4];
+ maxPwrT4[i] = data_def[idxL].pwrPdg[i][intercepts - 1];
ath9k_hw_fill_vpd_table(minPwrT4[i], maxPwrT4[i],
data_def[idxL].pwrPdg[i],
data_def[idxL].vpdPdg[i],
--
1.9.0
++++++ ipxe-legacy-Fix-building-with-GCC-6.patch ++++++
From a5885fbc19c4b60dc1a21624d1a9d1b77a93504e Mon Sep 17 00:00:00 2001
From: Michael Brown
Date: Wed, 4 May 2016 15:58:14 +0100
Subject: [PATCH] [legacy] Fix building with GCC 6
Signed-off-by: Michael Brown
Signed-off-by: Bruce Rogers
---
src/include/nic.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/include/nic.h b/src/include/nic.h
index 4c91f57..8b06e88 100644
--- a/src/include/nic.h
+++ b/src/include/nic.h
@@ -209,7 +209,8 @@ static inline void * legacy_isa_get_drvdata ( void *hwdev ) {
#undef DRIVER
#define DRIVER(_name_text,_unused2,_unused3,_name,_probe,_disable) \
- static const char _name ## _text[] = _name_text; \
+ static __attribute__ (( unused )) const char \
+ _name ## _text[] = _name_text; \
static inline int \
_name ## _probe ( struct nic *nic, void *hwdev ) { \
return _probe ( nic, hwdev ); \
--
1.9.0
++++++ ipxe-mucurses-Fix-GCC-6-nonnull-compare-errors.patch ++++++
From e2f14c2f8c10674dbbd4f1228d79dc4c9be213b5 Mon Sep 17 00:00:00 2001
From: Vinson Lee
Date: Fri, 15 Apr 2016 22:38:35 +0000
Subject: [PATCH] [mucurses] Fix GCC 6 nonnull-compare errors
Remove null checks for arguments declared as nonnull.
Signed-off-by: Vinson Lee
Signed-off-by: Michael Brown
Signed-off-by: Bruce Rogers
---
src/hci/mucurses/windows.c | 11 -----------
1 file changed, 11 deletions(-)
diff --git a/src/hci/mucurses/windows.c b/src/hci/mucurses/windows.c
index 7f39bde..5f5d1f4 100644
--- a/src/hci/mucurses/windows.c
+++ b/src/hci/mucurses/windows.c
@@ -18,9 +18,6 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
* @ret rc return status code
*/
int delwin ( WINDOW *win ) {
- if ( win == NULL )
- return ERR;
-
/* I think we should blank the region covered by the window -
ncurses doesn't do this, but they have a buffer, so they
may just be deleting from an offscreen context whereas we
@@ -51,8 +48,6 @@ int delwin ( WINDOW *win ) {
WINDOW *derwin ( WINDOW *parent, int nlines, int ncols,
int begin_y, int begin_x ) {
WINDOW *child;
- if ( parent == NULL )
- return NULL;
if ( ( child = malloc( sizeof( WINDOW ) ) ) == NULL )
return NULL;
if ( ( (unsigned)ncols > parent->width ) ||
@@ -75,8 +70,6 @@ WINDOW *derwin ( WINDOW *parent, int nlines, int ncols,
*/
WINDOW *dupwin ( WINDOW *orig ) {
WINDOW *copy;
- if ( orig == NULL )
- return NULL;
if ( ( copy = malloc( sizeof( WINDOW ) ) ) == NULL )
return NULL;
copy->scr = orig->scr;
@@ -99,8 +92,6 @@ WINDOW *dupwin ( WINDOW *orig ) {
* @ret rc return status code
*/
int mvwin ( WINDOW *win, int y, int x ) {
- if ( win == NULL )
- return ERR;
if ( ( ( (unsigned)y + win->height ) > LINES ) ||
( ( (unsigned)x + win->width ) > COLS ) )
return ERR;
@@ -149,8 +140,6 @@ WINDOW *newwin ( int nlines, int ncols, int begin_y, int begin_x ) {
WINDOW *subwin ( WINDOW *parent, int nlines, int ncols,
int begin_y, int begin_x ) {
WINDOW *child;
- if ( parent == NULL )
- return NULL;
if ( ( child = malloc( sizeof( WINDOW ) ) ) == NULL )
return NULL;
child = newwin( nlines, ncols, begin_y, begin_x );
--
1.9.0
++++++ ipxe-sis190-Fix-building-with-GCC-6.patch ++++++
From 65b32a0b7000f70a5bb1d33190d40f9b04c93172 Mon Sep 17 00:00:00 2001
From: Michael Brown
Date: Wed, 4 May 2016 15:53:52 +0100
Subject: [PATCH] [sis190] Fix building with GCC 6
Signed-off-by: Michael Brown
Signed-off-by: Bruce Rogers
---
src/drivers/net/sis190.c | 6 ------
src/drivers/net/sis190.h | 7 -------
2 files changed, 13 deletions(-)
diff --git a/src/drivers/net/sis190.c b/src/drivers/net/sis190.c
index 991c30f..81f3d98 100644
--- a/src/drivers/net/sis190.c
+++ b/src/drivers/net/sis190.c
@@ -72,12 +72,6 @@ struct pci_driver sis190_isa_bridge_driver __pci_driver = {
static const u32 sis190_intr_mask =
RxQEmpty | RxQInt | TxQ1Int | TxQ0Int | RxHalt | TxHalt | LinkChange;
-/*
- * Maximum number of multicast addresses to filter (vs. Rx-all-multicast).
- * The chips use a 64 element hash table based on the Ethernet CRC.
- */
-static const int multicast_filter_limit = 32;
-
static void __mdio_cmd(void *ioaddr, u32 ctl)
{
unsigned int i;
diff --git a/src/drivers/net/sis190.h b/src/drivers/net/sis190.h
index 0551333..79f94d2 100644
--- a/src/drivers/net/sis190.h
+++ b/src/drivers/net/sis190.h
@@ -297,13 +297,6 @@ static struct mii_chip_info {
{ NULL, { 0x00, 0x00 }, 0, 0 }
};
-static const struct {
- const char *name;
-} sis_chip_info[] = {
- { "SiS 190 PCI Fast Ethernet adapter" },
- { "SiS 191 PCI Gigabit Ethernet adapter" },
-};
-
static void sis190_phy_task(struct sis190_private *tp);
static void sis190_free(struct net_device *dev);
static inline void sis190_init_rxfilter(struct net_device *dev);
--
1.9.0
++++++ ipxe-skge-Fix-building-with-GCC-6.patch ++++++
From 76ec2a0540b25dbd183b9ce185583a4b24278cf1 Mon Sep 17 00:00:00 2001
From: Michael Brown
Date: Wed, 4 May 2016 15:54:10 +0100
Subject: [PATCH] [skge] Fix building with GCC 6
Signed-off-by: Michael Brown
Signed-off-by: Bruce Rogers
---
src/drivers/net/skge.c | 5 -----
1 file changed, 5 deletions(-)
diff --git a/src/drivers/net/skge.c b/src/drivers/net/skge.c
index 6384e76..c326422 100755
--- a/src/drivers/net/skge.c
+++ b/src/drivers/net/skge.c
@@ -84,9 +84,6 @@ static struct net_device_operations skge_operations = {
/* Avoid conditionals by using array */
static const int txqaddr[] = { Q_XA1, Q_XA2 };
static const int rxqaddr[] = { Q_R1, Q_R2 };
-static const u32 rxirqmask[] = { IS_R1_F, IS_R2_F };
-static const u32 txirqmask[] = { IS_XA1_F, IS_XA2_F };
-static const u32 napimask[] = { IS_R1_F|IS_XA1_F, IS_R2_F|IS_XA2_F };
static const u32 portmask[] = { IS_PORT_1, IS_PORT_2 };
/* Determine supported/advertised modes based on hardware.
@@ -1922,8 +1919,6 @@ static void skge_tx_clean(struct net_device *dev)
skge->tx_ring.to_clean = e;
}
-static const u8 pause_mc_addr[ETH_ALEN] = { 0x1, 0x80, 0xc2, 0x0, 0x0, 0x1 };
-
static inline u16 phy_length(const struct skge_hw *hw, u32 status)
{
if (hw->chip_id == CHIP_ID_GENESIS)
--
1.9.0
++++++ ipxe-util-v5.24-perl-errors-on-redeclare.patch ++++++
From 8eed6cfa2540976fab0e6ce93c82f413cf3f4e5e Mon Sep 17 00:00:00 2001
From: Bruce Rogers
Date: Wed, 1 Jun 2016 13:00:46 -0600
Subject: [PATCH] util: v5.24 perl errors on redeclare
I get this error using perl v5.24:
Can't redeclare "my" in "my" at ./util/parserom.pl
line 160, near ", "
From what I can gather, we don't need those additional
"my"'s in the statement.
Signed-off-by: Bruce Rogers
---
src/util/parserom.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/util/parserom.pl b/src/util/parserom.pl
index 28df606..5a849a5 100755
--- a/src/util/parserom.pl
+++ b/src/util/parserom.pl
@@ -157,7 +157,7 @@ sub process_isa_rom {
# Output Makefile rules for the specified ROM declarations
sub print_make_rules {
- my ( $state, my $image, my $desc, my $vendor, my $device, my $dup ) = @_;
+ my ( $state, $image, $desc, $vendor, $device, $dup ) = @_;
unless ( $state->{'is_header_printed'} ) {
print "# NIC\t\n";
print "# NIC\tfamily\t$state->{family}\n";
--
1.9.0
++++++ qemu-2.4.0.tar.bz2 -> qemu-2.6.0.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/qemu/qemu-2.4.0.tar.bz2 /work/SRC/openSUSE:Factory/.qemu.new/qemu-2.6.0.tar.bz2 differ: char 11, line 1
++++++ qemu-linux-user.spec.in ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:08.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:08.000000000 +0200
@@ -1,7 +1,7 @@
#
# spec file for package qemu-linux-user
#
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -23,7 +23,7 @@
Group: System/Emulators/PC
QEMU_VERSION
Release: 0
-Source: http://wiki.qemu.org/download/qemu-2.4.0.tar.bz2
+Source: http://wiki.qemu.org/download/qemu-2.6.0.tar.bz2
# This patch queue is auto-generated from https://github.com/openSUSE/qemu
PATCH_FILES
# Please do not add patches manually here, run update_git.sh.
@@ -78,7 +78,7 @@
run cross-architecture builds.
%prep
-%setup -q -n qemu-2.4.0
+%setup -q -n qemu-2.6.0
PATCH_EXEC
%build
@@ -183,6 +183,7 @@
%_bindir/qemu-sparc32plus
%_bindir/qemu-sparc64
%_bindir/qemu-sparc
+%_bindir/qemu-tilegx
%_bindir/qemu-unicore32
%_bindir/qemu-x86_64
%_bindir/qemu-*-binfmt
++++++ qemu.spec.in ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:08.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:08.000000000 +0200
@@ -1,7 +1,7 @@
#
# spec file for package qemu
#
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -53,8 +53,8 @@
Group: System/Emulators/PC
QEMU_VERSION
Release: 0
-Source: http://wiki.qemu.org/download/qemu-2.4.0.tar.bz2
-Source99: http://wiki.qemu.org/download/qemu-2.4.0.tar.bz2.sig
+Source: http://wiki.qemu.org/download/qemu-2.6.0.tar.bz2
+Source99: http://wiki.qemu.org/download/qemu-2.6.0.tar.bz2.sig
Source1: 80-kvm.rules
Source2: qemu-ifup
Source3: kvm_stat
@@ -70,17 +70,20 @@
# Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue.
-# SeaBIOS
%if %{build_x86_fw_from_source}
+# SeaBIOS
# PATCH-FIX-OPENSUSE seabios_128kb.patch brogers@suse.com -- make it fit
Patch1000: seabios_128kb.patch
-# PATCH-FIX-UPSTREAM seabios_checkrom_typo.patch afaerber@suse.de -- tidy error message
-Patch1001: seabios_checkrom_typo.patch
-Patch1002: seabios_avoid_smbios_signature_string.patch
-%endif
-Patch1100: gcc5-ipxe-add-missing-const-qualifiers.patch
-Patch1101: gcc5-ipxe-ath9k-Remove-confusing-logic-inversion-in-an-ANI-var.patch
-Patch2000: SLOF_ppc64le.patch
+
+# ipxe
+Patch1100: ipxe-ath9k-Fix-buffer-overrun-for-ar9287.patch
+Patch1101: ipxe-mucurses-Fix-GCC-6-nonnull-compare-errors.patch
+Patch1102: ipxe-sis190-Fix-building-with-GCC-6.patch
+Patch1103: ipxe-skge-Fix-building-with-GCC-6.patch
+Patch1104: ipxe-ath-Fix-building-with-GCC-6.patch
+Patch1105: ipxe-legacy-Fix-building-with-GCC-6.patch
+Patch1106: ipxe-util-v5.24-perl-errors-on-redeclare.patch
+%endif
# this is to make lint happy
Source300: qemu-rpmlintrc
@@ -88,7 +91,13 @@
Source400: update_git.sh
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: SDL-devel
+%if 0%{?suse_version} >= 1320
+BuildRequires: SDL2-devel
+%endif
BuildRequires: alsa-devel
+%if 0%{?build_x86_fw_from_source}
+BuildRequires: binutils-devel
+%endif
BuildRequires: bluez-devel
%if 0%{?suse_version} >= 1130
BuildRequires: brlapi-devel
@@ -114,17 +123,30 @@
BuildRequires: libaio-devel
BuildRequires: libattr-devel
BuildRequires: libbz2-devel
+BuildRequires: libcacard-devel
BuildRequires: libcap-devel
BuildRequires: libcap-ng-devel
+BuildRequires: libdrm-devel
+%if 0%{?suse_version} >= 1320
+BuildRequires: libepoxy-devel
+%endif
%if 0%{?suse_version} >= 1310
# 12.3 and earlier don't ship a compatible libfdt; use the bundled one there
BuildRequires: libfdt1-devel
%endif
+BuildRequires: libgbm-devel
+BuildRequires: libgcrypt-devel
BuildRequires: libgnutls-devel
%if 0%{?suse_version} >= 1315
BuildRequires: libibverbs-devel
%endif
+%if 0%{?suse_version} > 1320
+BuildRequires: libiscsi-devel
+%endif
BuildRequires: libjpeg-devel
+%if 0%{?suse_version} >= 1310
+BuildRequires: libnettle-devel
+%endif
%ifarch %ix86 aarch64
%if 0%{?suse_version} > 1320
BuildRequires: libnuma-devel
@@ -141,11 +163,9 @@
%if 0%{?suse_version} >= 1315
BuildRequires: librdmacm-devel
%endif
-%ifnarch ppc64le
%if 0%{?suse_version} > 1320
BuildRequires: libseccomp-devel
%endif
-%endif
%if 0%{?suse_version} > 1140
BuildRequires: libssh2-devel
%endif
@@ -160,6 +180,9 @@
%endif
BuildRequires: mozilla-nss-devel
BuildRequires: ncurses-devel
+%if 0%{?build_x86_fw_from_source}
+BuildRequires: ovmf-tools
+%endif
BuildRequires: pkgconfig
BuildRequires: pwdutils
BuildRequires: python
@@ -172,7 +195,7 @@
%define with_systemd 1
%endif
%if %{kvm_available}
-BuildRequires: udev
+BuildRequires: pkgconfig(udev)
%if 0%( pkg-config --exists 'udev > 190' && echo '1' ) == 01
%define _udevrulesdir /usr/lib/udev/rules.d
%else
@@ -182,6 +205,9 @@
%if 0%{?sles_version} != 11
BuildRequires: usbredir-devel
%endif
+%if 0%{?suse_version} >= 1320
+BuildRequires: virglrenderer-devel >= 0.4.1
+%endif
%if 0%{?suse_version} >= 1210
%if 0%{?suse_version} >= 1220
BuildRequires: vte-devel
@@ -192,6 +218,10 @@
%ifarch x86_64
BuildRequires: xen-devel
%endif
+BuildRequires: xfsprogs-devel
+%if %{build_x86_fw_from_source}
+BuildRequires: xz-devel
+%endif
BuildRequires: zlib-devel
%if 0%{?suse_version} >= 1140
%ifarch %ix86 x86_64
@@ -203,6 +233,7 @@
BuildRequires: bc
BuildRequires: qemu-arm = %version
BuildRequires: qemu-extra = %version
+BuildRequires: qemu-guest-agent = %version
BuildRequires: qemu-ppc = %version
BuildRequires: qemu-s390 = %version
BuildRequires: qemu-tools = %version
@@ -211,6 +242,12 @@
Requires: /usr/sbin/groupadd
Requires: pwdutils
Requires: timezone
+%if %{kvm_available}
+Requires(post): udev
+%ifarch s390x
+Requires(post): procps
+%endif
+%endif
Recommends: qemu-block-curl
Recommends: qemu-tools
Recommends: qemu-x86
@@ -230,17 +267,30 @@
Suggests: qemu-arm
%endif
Suggests: qemu-block-dmg
+%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
+Suggests: qemu-block-gluster
+%endif
+%if 0%{?suse_version} > 1320
+Suggests: qemu-block-iscsi
+%endif
+%if 0%{?suse_version} > 1140
+Suggests: qemu-block-ssh
+%endif
Suggests: qemu-extra
Suggests: qemu-lang
-%if 0%{?suse_version} >= 1210
+%if 0%{?with_systemd}
Recommends: qemu-ksm = %{version}
%endif
-%define built_firmware_files {acpi-dsdt.aml bios.bin bios-256k.bin \
-q35-acpi-dsdt.aml sgabios.bin vgabios.bin vgabios-cirrus.bin \
+%ifarch x86_64
+%define x86_64_only_b_f_f {efi-e1000.rom efi-eepro100.rom \
+efi-pcnet.rom efi-ne2k_pci.rom efi-rtl8139.rom efi-virtio.rom}
+%endif
+%define built_firmware_files {bios.bin bios-256k.bin \
+sgabios.bin vgabios.bin vgabios-cirrus.bin \
vgabios-stdvga.bin vgabios-virtio.bin vgabios-vmware.bin vgabios-qxl.bin \
optionrom/linuxboot.bin optionrom/multiboot.bin optionrom/kvmvapic.bin \
-pxe-e1000.rom pxe-pcnet.rom pxe-ne2k_pci.rom pxe-rtl8139.rom pxe-eepro100.rom pxe-virtio.rom}
+pxe-e1000.rom pxe-pcnet.rom pxe-ne2k_pci.rom pxe-rtl8139.rom pxe-eepro100.rom pxe-virtio.rom %{?x86_64_only_b_f_f}}
%description
QEMU is an extremely well-performing CPU emulator that allows you to
@@ -368,10 +418,10 @@
# Nor can we have modules require the right version of qemu and qemu-tools
# as Xen reuses our qemu-tools but does not want our qemu and qemu-x86.
%define qemu_module_conflicts \
-Conflicts: qemu < %version \
-Conflicts: qemu > %version \
-Conflicts: qemu-tools < %version \
-Conflicts: qemu-tools > %version
+Conflicts: qemu < %version-%release \
+Conflicts: qemu > %version-%release \
+Conflicts: qemu-tools < %version-%release \
+Conflicts: qemu-tools > %version-%release
%package block-curl
Summary: Universal CPU emulator -- cURL block support
@@ -421,6 +471,23 @@
over a GlusterFS network connection from qemu-img tool and QEMU system emulation.
%endif
+%if 0%{?suse_version} > 1320
+%package block-iscsi
+Summary: Universal CPU emulator -- iSCSI block support
+Group: System/Emulators/PC
+%{qemu_module_conflicts}
+
+%description block-iscsi
+QEMU is an extremely well-performing CPU emulator that allows you to
+choose between simulating an entire system and running userspace
+binaries for different architectures under your native operating
+system. It currently emulates x86, ARM, PowerPC and SPARC CPUs as well
+as PC and PowerMac systems.
+
+This sub-package contains a module for accessing network-based image files
+over an iSCSI network connection from qemu-img tool and QEMU system emulation.
+%endif
+
%if 0%{?suse_version} > 1140
%package block-ssh
Summary: Universal CPU emulator -- SSH block support
@@ -442,8 +509,6 @@
Summary: Universal CPU emulator -- Tools
Group: System/Emulators/PC
Provides: qemu:%_libexecdir/qemu-bridge-helper
-Obsoletes: libcacard <= 0.1.2
-Provides: libcacard
PreReq: permissions
Recommends: qemu-block-curl
@@ -460,6 +525,7 @@
Summary: Universal CPU emulator -- Guest agent
Group: System/Emulators/PC
Provides: qemu:%_bindir/qemu-ga
+Requires(post): udev
%if 0%{?with_systemd}
%{?systemd_requires}
%endif
@@ -548,15 +614,23 @@
%endif # !qemu-testsuite
%prep
-%setup -q -n qemu-2.4.0
+%setup -q -n qemu-2.6.0
PATCH_EXEC
%if %{build_x86_fw_from_source}
pushd roms/seabios
%patch1000 -p1
-%patch1001 -p1
-%patch1002 -p1
popd
+pushd roms/ipxe
+%patch1100 -p1
+%patch1101 -p1
+%patch1102 -p1
+%patch1103 -p1
+%patch1104 -p1
+%patch1105 -p1
+%patch1106 -p1
+popd
+
# as a safeguard, delete the firmware files that we intend to build
for i in %built_firmware_files
@@ -565,25 +639,20 @@
done
%endif
-pushd roms/ipxe
-%patch1100 -p1
-%patch1101 -p1
-popd
-
%if %{build_slof_from_source}
-pushd roms/SLOF
-%patch2000 -p1
-popd
rm -f pc-bios/slof.bin
%endif
%build
-./configure --prefix=%_prefix --sysconfdir=%_sysconfdir \
+./configure \
+ --prefix=%_prefix \
+ --sysconfdir=%_sysconfdir \
--libdir=%_libdir \
--libexecdir=%_libexecdir \
--localstatedir=%_localstatedir \
--extra-cflags="%{optflags}" \
--disable-strip \
+ --with-pkgversion="%(echo '%{distribution}' | sed 's/ (.*)//')" \
--enable-system --disable-linux-user \
--enable-tools --enable-guest-agent \
--enable-modules \
@@ -600,14 +669,21 @@
%endif
--enable-bzip2 \
--enable-cap-ng \
+ --enable-coroutine-pool \
--enable-curl \
--enable-curses \
--enable-fdt \
+%if 0
+# Let it auto-detect these based on gnutls - uses libnettle in Tumbleweed but unavailable in SLE11
+ --enable-gcrypt \
+ --disable-nettle \
+%endif
%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
--enable-glusterfs \
%else
--disable-glusterfs \
%endif
+ --enable-gnutls \
--enable-gtk \
%if 0%{?suse_version} >= 1220
--with-gtkabi=3.0 \
@@ -619,7 +695,11 @@
%else
--disable-kvm \
%endif
+%if 0%{?suse_version} > 1320
+ --enable-libiscsi \
+%else
--disable-libiscsi \
+%endif
--disable-libnfs \
%if 0%{?suse_version} > 1140
--enable-libssh2 \
@@ -654,17 +734,17 @@
--disable-rdma \
%endif
--enable-sdl \
+%if 0%{?suse_version} >= 1320
+ --with-sdlabi=2.0 \
+%else
--with-sdlabi=1.2 \
-%ifnarch ppc64le
+%endif
%if 0%{?suse_version} > 1320
--enable-seccomp \
%else
--disable-seccomp \
%endif
-%else
- --disable-seccomp \
-%endif
- --enable-smartcard-nss \
+ --enable-smartcard \
%if 0%{?suse_version} >= 1310
--enable-snappy \
%else
@@ -680,7 +760,6 @@
--disable-spice \
%endif
--enable-tpm \
- --enable-trace-backends=nop \
%if 0%{?sles_version} != 11
--enable-usb-redir \
%else
@@ -690,18 +769,26 @@
--enable-vde \
--enable-vhdx \
--enable-vhost-net \
+%if 0%{?suse_version} >= 1320
+ --enable-virglrenderer \
+%endif
--enable-virtfs \
--enable-vnc \
--enable-vnc-jpeg \
--enable-vnc-png \
--enable-vnc-sasl \
- --enable-vnc-tls \
+%if 0%{?suse_version} == 1310 || (0%{?suse_version} == 1315 && 0%{?is_opensuse} == 0)
+ --enable-vte \
+%endif
%ifarch x86_64
--enable-xen \
--enable-xen-pci-passthrough \
+ --enable-xen-pv-domain-build \
%else
--disable-xen \
%endif
+ --enable-xfsctl \
+
%if "%{name}" != "qemu-testsuite"
@@ -709,13 +796,16 @@
# Firmware
%if %{build_x86_fw_from_source}
-make -C roms bios
-make -C roms seavgabios
-make -C roms pxerom
-make -C roms sgabios
+make %{?_smp_mflags} -C roms bios
+make %{?_smp_mflags} -C roms seavgabios
+make %{?_smp_mflags} -C roms pxerom
+%ifarch x86_64
+make %{?_smp_mflags} -C roms efirom
+%endif
+make -C roms sgabios
%endif
%if %{build_slof_from_source}
-make -C roms slof
+make %{?_smp_mflags} -C roms slof
%endif
%ifarch s390x
cp pc-bios/s390-ccw/s390-ccw.img pc-bios/s390-ccw.img
@@ -724,6 +814,14 @@
%else # qemu-testsuite
ln -s %{_bindir}/qemu-img qemu-img
+ln -s %{_bindir}/qemu-ga qemu-ga
+
+%if %{build_x86_fw_from_source}
+for i in %built_firmware_files
+do
+ ln -s %{_datadir}/qemu/$i pc-bios/$i
+done
+%endif
for conf in default-configs/*-softmmu.mak; do
arch=`echo "$conf" | sed -e 's|default-configs/\(.*\)-softmmu.mak|\1|g'`
@@ -781,16 +879,14 @@
make install DESTDIR=$RPM_BUILD_ROOT
rm -fr $RPM_BUILD_ROOT/%_datadir/doc
-rm $RPM_BUILD_ROOT/%_libdir/libcacard*
-rm $RPM_BUILD_ROOT/%_libdir/pkgconfig/libcacard.pc
-rm -fr $RPM_BUILD_ROOT/%_prefix/include/cacard
%if ! %{build_x86_fw_from_source}
-for f in acpi-dsdt.aml q35-acpi-dsdt.aml bios-256k.bin bios.bin efi-*.rom pxe-*.rom sgabios.bin \
+for f in acpi-dsdt.aml bios-256k.bin bios.bin efi-*.rom pxe-*.rom sgabios.bin \
vgabios-cirrus.bin vgabios-qxl.bin vgabios-stdvga.bin vgabios-virtio.bin vgabios-vmware.bin \
vgabios.bin; do
rm $RPM_BUILD_ROOT/%_datadir/%name/$f
done
%endif
+# rm -f %{buildroot}%{_datadir}/%{name}/u-boot.e500
install -D -m 644 %{SOURCE302} $RPM_BUILD_ROOT/%{_sysconfdir}/qemu/bridge.conf
%find_lang %name
%if %{legacy_qemu_kvm}
@@ -804,6 +900,14 @@
%endif
EOF
chmod 755 %{buildroot}%{_bindir}/qemu-kvm
+%ifarch s390x
+mkdir -p %{buildroot}%{_sysconfdir}/sysctl.d
+cat > %{buildroot}%{_sysconfdir}/sysctl.d/50-allow-kvm-on-s390x <<- 'EOF'
+ # To allow KVM to run on s390x, we need to set the sysctl below
+ vm.allocate_pgste = 1
+EOF
+chmod 644 %{buildroot}%{_sysconfdir}/sysctl.d/50-allow-kvm-on-s390x
+%endif
install -D -m 755 %{SOURCE2} %{buildroot}/usr/share/qemu/qemu-ifup
install -D -m 755 %{SOURCE3} %{buildroot}%{_bindir}/kvm_stat
install -D -m 644 %{SOURCE4} %{buildroot}%{_mandir}/man1/qemu-kvm.1.gz
@@ -855,6 +959,9 @@
/sbin/udevadm trigger || :
fi
%endif
+%ifarch s390x
+sysctl vm.allocate_pgste=1
+%endif
%endif
%if 0%{?suse_version} >= 1130
@@ -916,6 +1023,9 @@
%else
%{_udevrulesdir}/60-kvm.rules
%endif
+%ifarch s390x
+%{_sysconfdir}/sysctl.d/50-allow-kvm-on-s390x
+%endif
%endif
%files x86
@@ -942,7 +1052,6 @@
%files s390
%defattr(-, root, root)
%_bindir/qemu-system-s390x
-%_datadir/%name/s390-zipl.rom
%_datadir/%name/s390-ccw.img
%files arm
@@ -1002,6 +1111,12 @@
%_libdir/%name/block-gluster.so
%endif
+%if 0%{?suse_version} > 1320
+%files block-iscsi
+%defattr(-, root, root)
+%_libdir/%name/block-iscsi.so
+%endif
+
%if 0%{?suse_version} > 1140
%files block-ssh
%defattr(-, root, root)
@@ -1017,7 +1132,6 @@
%_datadir/%name/bios.bin
%_datadir/%name/bios-256k.bin
%_datadir/%name/acpi-dsdt.aml
-%_datadir/%name/q35-acpi-dsdt.aml
%files vgabios
%defattr(-, root, root)
@@ -1053,11 +1167,13 @@
%doc %_mandir/man1/qemu-img.1.gz
%doc %_mandir/man1/virtfs-proxy-helper.1.gz
%doc %_mandir/man8/qemu-nbd.8.gz
+%_bindir/ivshmem-client
+%_bindir/ivshmem-server
%_bindir/qemu-io
%_bindir/qemu-img
%_bindir/qemu-nbd
%_bindir/virtfs-proxy-helper
-%_bindir/vscclient
+#%_bindir/vscclient
%verify(not mode) %_libexecdir/qemu-bridge-helper
%dir %_sysconfdir/%name
%config %_sysconfdir/%name/bridge.conf
@@ -1065,6 +1181,7 @@
%files guest-agent
%defattr(-, root, root)
+%doc %_mandir/man8/qemu-ga.8.gz
%attr(755,root,kvm) %_bindir/qemu-ga
%if 0%{?with_systemd}
%{_unitdir}/qemu-ga.service
++++++ update_git.sh ++++++
--- /var/tmp/diff_new_pack.rXjPIJ/_old 2016-06-09 16:03:08.000000000 +0200
+++ /var/tmp/diff_new_pack.rXjPIJ/_new 2016-06-09 16:03:08.000000000 +0200
@@ -1,4 +1,4 @@
-#!/bin/bash -e
+#!/bin/bash
#
# Instead of a quilt workflow, we use a git tree that contains
# all the commits on top of a stable tarball.
@@ -9,10 +9,12 @@
# That way we can easily rebase against the next stable release
# when it comes.
+set -e
+
GIT_TREE=git://github.com/openSUSE/qemu.git
GIT_LOCAL_TREE=~/git/qemu-opensuse
-GIT_BRANCH=opensuse-2.4
-GIT_UPSTREAM_TAG=v2.4.0
+GIT_BRANCH=opensuse-2.6
+GIT_UPSTREAM_TAG=v2.6.0
GIT_DIR=/dev/shm/qemu-factory-git-dir
CMP_DIR=/dev/shm/qemu-factory-cmp-dir
@@ -60,7 +62,9 @@
# Process patches to eliminate useless differences: limit file names to 40 chars
# before extension and remove git signature. ('30' below gets us past dir prefix)
for i in $CMP_DIR/*; do
- head -n -3 $i > $CMP_DIR/${i:30:40}.patch
+ # format-patch may append a signature, which per default contains the git version
+ # wipe everything starting from the signature tag
+ sed '/^-- $/Q' $i > $CMP_DIR/${i:30:40}.patch
rm $i
done
@@ -87,7 +91,7 @@
echo " ${i##*/}" >> qemu.changes.added
done
- for package in qemu qemu-linux-user libcacard; do
+ for package in qemu qemu-linux-user; do
while IFS= read -r line; do
if [ "$line" = "PATCH_FILES" ]; then
for i in 0???-*.patch; do