qemu-7.0.0-1
This commit is contained in:
parent
af7430aef5
commit
0007b37337
@ -1,90 +0,0 @@
|
|||||||
From 8cdb99af45365727ac17f45239a9b8c1d5155c6d Mon Sep 17 00:00:00 2001
|
|
||||||
From: Igor Mammedov <imammedo@redhat.com>
|
|
||||||
Date: Mon, 27 Dec 2021 14:31:17 -0500
|
|
||||||
Subject: [PATCH] acpi: fix QEMU crash when started with SLIC table
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
if QEMU is started with used provided SLIC table blob,
|
|
||||||
|
|
||||||
-acpitable sig=SLIC,oem_id='CRASH ',oem_table_id="ME",oem_rev=00002210,asl_compiler_id="",asl_compiler_rev=00000000,data=/dev/null
|
|
||||||
it will assert with:
|
|
||||||
|
|
||||||
hw/acpi/aml-build.c:61:build_append_padded_str: assertion failed: (len <= maxlen)
|
|
||||||
|
|
||||||
and following backtrace:
|
|
||||||
|
|
||||||
...
|
|
||||||
build_append_padded_str (array=0x555556afe320, str=0x555556afdb2e "CRASH ME", maxlen=0x6, pad=0x20) at hw/acpi/aml-build.c:61
|
|
||||||
acpi_table_begin (desc=0x7fffffffd1b0, array=0x555556afe320) at hw/acpi/aml-build.c:1727
|
|
||||||
build_fadt (tbl=0x555556afe320, linker=0x555557ca3830, f=0x7fffffffd318, oem_id=0x555556afdb2e "CRASH ME", oem_table_id=0x555556afdb34 "ME") at hw/acpi/aml-build.c:2064
|
|
||||||
...
|
|
||||||
|
|
||||||
which happens due to acpi_table_begin() expecting NULL terminated
|
|
||||||
oem_id and oem_table_id strings, which is normally the case, but
|
|
||||||
in case of user provided SLIC table, oem_id points to table's blob
|
|
||||||
directly and as result oem_id became longer than expected.
|
|
||||||
|
|
||||||
Fix issue by handling oem_id consistently and make acpi_get_slic_oem()
|
|
||||||
return NULL terminated strings.
|
|
||||||
|
|
||||||
PS:
|
|
||||||
After [1] refactoring, oem_id semantics became inconsistent, where
|
|
||||||
NULL terminated string was coming from machine and old way pointer
|
|
||||||
into byte array coming from -acpitable option. That used to work
|
|
||||||
since build_header() wasn't expecting NULL terminated string and
|
|
||||||
blindly copied the 1st 6 bytes only.
|
|
||||||
|
|
||||||
However commit [2] broke that by replacing build_header() with
|
|
||||||
acpi_table_begin(), which was expecting NULL terminated string
|
|
||||||
and was checking oem_id size.
|
|
||||||
|
|
||||||
1) 602b45820 ("acpi: Permit OEM ID and OEM table ID fields to be changed")
|
|
||||||
2)
|
|
||||||
Fixes: 4b56e1e4eb08 ("acpi: build_fadt: use acpi_table_begin()/acpi_table_end() instead of build_header()")
|
|
||||||
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/786
|
|
||||||
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
|
|
||||||
Message-Id: <20211227193120.1084176-2-imammedo@redhat.com>
|
|
||||||
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
||||||
Tested-by: Denis Lisov <dennis.lissov@gmail.com>
|
|
||||||
Tested-by: Alexander Tsoy <alexander@tsoy.me>
|
|
||||||
Cc: qemu-stable@nongnu.org
|
|
||||||
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
|
|
||||||
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
|
|
||||||
---
|
|
||||||
hw/acpi/core.c | 4 ++--
|
|
||||||
hw/i386/acpi-build.c | 2 ++
|
|
||||||
2 files changed, 4 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/hw/acpi/core.c b/hw/acpi/core.c
|
|
||||||
index 1e004d0078..3e811bf03c 100644
|
|
||||||
--- a/hw/acpi/core.c
|
|
||||||
+++ b/hw/acpi/core.c
|
|
||||||
@@ -345,8 +345,8 @@ int acpi_get_slic_oem(AcpiSlicOem *oem)
|
|
||||||
struct acpi_table_header *hdr = (void *)(u - sizeof(hdr->_length));
|
|
||||||
|
|
||||||
if (memcmp(hdr->sig, "SLIC", 4) == 0) {
|
|
||||||
- oem->id = hdr->oem_id;
|
|
||||||
- oem->table_id = hdr->oem_table_id;
|
|
||||||
+ oem->id = g_strndup(hdr->oem_id, 6);
|
|
||||||
+ oem->table_id = g_strndup(hdr->oem_table_id, 8);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
|
|
||||||
index 8383b83ee3..0234fe7588 100644
|
|
||||||
--- a/hw/i386/acpi-build.c
|
|
||||||
+++ b/hw/i386/acpi-build.c
|
|
||||||
@@ -2723,6 +2723,8 @@ void acpi_build(AcpiBuildTables *tables, MachineState *machine)
|
|
||||||
|
|
||||||
/* Cleanup memory that's no longer used. */
|
|
||||||
g_array_free(table_offsets, true);
|
|
||||||
+ g_free(slic_oem.id);
|
|
||||||
+ g_free(slic_oem.table_id);
|
|
||||||
}
|
|
||||||
|
|
||||||
static void acpi_ram_update(MemoryRegion *mr, GArray *data)
|
|
||||||
--
|
|
||||||
2.35.1
|
|
||||||
|
|
@ -1,58 +0,0 @@
|
|||||||
From 7b223e38603de3a75602e14914d26f9d4baf52eb Mon Sep 17 00:00:00 2001
|
|
||||||
From: Christian Ehrhardt <christian.ehrhardt@canonical.com>
|
|
||||||
Date: Wed, 9 Feb 2022 12:14:56 +0100
|
|
||||||
Subject: [PATCH 1/2] tools/virtiofsd: Add rseq syscall to the seccomp
|
|
||||||
allowlist
|
|
||||||
|
|
||||||
The virtiofsd currently crashes when used with glibc 2.35.
|
|
||||||
That is due to the rseq system call being added to every thread
|
|
||||||
creation [1][2].
|
|
||||||
|
|
||||||
[1]: https://www.efficios.com/blog/2019/02/08/linux-restartable-sequences/
|
|
||||||
[2]: https://sourceware.org/pipermail/libc-alpha/2022-February/136040.html
|
|
||||||
|
|
||||||
This happens not at daemon start, but when a guest connects
|
|
||||||
|
|
||||||
/usr/lib/qemu/virtiofsd -f --socket-path=/tmp/testvfsd -o sandbox=chroot \
|
|
||||||
-o source=/var/guests/j-virtiofs --socket-group=kvm
|
|
||||||
virtio_session_mount: Waiting for vhost-user socket connection...
|
|
||||||
# start ok, now guest will connect
|
|
||||||
virtio_session_mount: Received vhost-user socket connection
|
|
||||||
virtio_loop: Entry
|
|
||||||
fv_queue_set_started: qidx=0 started=1
|
|
||||||
fv_queue_set_started: qidx=1 started=1
|
|
||||||
Bad system call (core dumped)
|
|
||||||
|
|
||||||
We have to put rseq on the seccomp allowlist to avoid that the daemon
|
|
||||||
is crashing in this case.
|
|
||||||
|
|
||||||
Reported-by: Michael Hudson-Doyle <michael.hudson@canonical.com>
|
|
||||||
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
|
|
||||||
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
|
||||||
Message-id: 20220209111456.3328420-1-christian.ehrhardt@canonical.com
|
|
||||||
|
|
||||||
[Moved rseq to its alphabetically ordered position in the seccomp
|
|
||||||
allowlist.
|
|
||||||
--Stefan]
|
|
||||||
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
|
|
||||||
---
|
|
||||||
tools/virtiofsd/passthrough_seccomp.c | 3 +++
|
|
||||||
1 file changed, 3 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c
|
|
||||||
index a3ce9f898d..2bc0127b69 100644
|
|
||||||
--- a/tools/virtiofsd/passthrough_seccomp.c
|
|
||||||
+++ b/tools/virtiofsd/passthrough_seccomp.c
|
|
||||||
@@ -91,6 +91,9 @@ static const int syscall_allowlist[] = {
|
|
||||||
SCMP_SYS(renameat2),
|
|
||||||
SCMP_SYS(removexattr),
|
|
||||||
SCMP_SYS(restart_syscall),
|
|
||||||
+#ifdef __NR_rseq
|
|
||||||
+ SCMP_SYS(rseq), /* required since glibc 2.35 */
|
|
||||||
+#endif
|
|
||||||
SCMP_SYS(rt_sigaction),
|
|
||||||
SCMP_SYS(rt_sigprocmask),
|
|
||||||
SCMP_SYS(rt_sigreturn),
|
|
||||||
--
|
|
||||||
2.35.1
|
|
||||||
|
|
@ -1,101 +0,0 @@
|
|||||||
From 449e8171f96a6a944d1f3b7d3627ae059eae21ca Mon Sep 17 00:00:00 2001
|
|
||||||
From: Vivek Goyal <vgoyal@redhat.com>
|
|
||||||
Date: Tue, 25 Jan 2022 13:51:14 -0500
|
|
||||||
Subject: [PATCH] virtiofsd: Drop membership of all supplementary groups
|
|
||||||
(CVE-2022-0358)
|
|
||||||
|
|
||||||
At the start, drop membership of all supplementary groups. This is
|
|
||||||
not required.
|
|
||||||
|
|
||||||
If we have membership of "root" supplementary group and when we switch
|
|
||||||
uid/gid using setresuid/setsgid, we still retain membership of existing
|
|
||||||
supplemntary groups. And that can allow some operations which are not
|
|
||||||
normally allowed.
|
|
||||||
|
|
||||||
For example, if root in guest creates a dir as follows.
|
|
||||||
|
|
||||||
$ mkdir -m 03777 test_dir
|
|
||||||
|
|
||||||
This sets SGID on dir as well as allows unprivileged users to write into
|
|
||||||
this dir.
|
|
||||||
|
|
||||||
And now as unprivileged user open file as follows.
|
|
||||||
|
|
||||||
$ su test
|
|
||||||
$ fd = open("test_dir/priviledge_id", O_RDWR|O_CREAT|O_EXCL, 02755);
|
|
||||||
|
|
||||||
This will create SGID set executable in test_dir/.
|
|
||||||
|
|
||||||
And that's a problem because now an unpriviliged user can execute it,
|
|
||||||
get egid=0 and get access to resources owned by "root" group. This is
|
|
||||||
privilege escalation.
|
|
||||||
|
|
||||||
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2044863
|
|
||||||
Fixes: CVE-2022-0358
|
|
||||||
Reported-by: JIETAO XIAO <shawtao1125@gmail.com>
|
|
||||||
Suggested-by: Miklos Szeredi <mszeredi@redhat.com>
|
|
||||||
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
|
|
||||||
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
|
||||||
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
|
|
||||||
Message-Id: <YfBGoriS38eBQrAb@redhat.com>
|
|
||||||
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
|
||||||
dgilbert: Fixed missing {}'s style nit
|
|
||||||
---
|
|
||||||
tools/virtiofsd/passthrough_ll.c | 27 +++++++++++++++++++++++++++
|
|
||||||
1 file changed, 27 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
|
|
||||||
index 64b5b4fbb1..b3d0674f6d 100644
|
|
||||||
--- a/tools/virtiofsd/passthrough_ll.c
|
|
||||||
+++ b/tools/virtiofsd/passthrough_ll.c
|
|
||||||
@@ -54,6 +54,7 @@
|
|
||||||
#include <sys/wait.h>
|
|
||||||
#include <sys/xattr.h>
|
|
||||||
#include <syslog.h>
|
|
||||||
+#include <grp.h>
|
|
||||||
|
|
||||||
#include "qemu/cutils.h"
|
|
||||||
#include "passthrough_helpers.h"
|
|
||||||
@@ -1161,6 +1162,30 @@ static void lo_lookup(fuse_req_t req, fuse_ino_t parent, const char *name)
|
|
||||||
#define OURSYS_setresuid SYS_setresuid
|
|
||||||
#endif
|
|
||||||
|
|
||||||
+static void drop_supplementary_groups(void)
|
|
||||||
+{
|
|
||||||
+ int ret;
|
|
||||||
+
|
|
||||||
+ ret = getgroups(0, NULL);
|
|
||||||
+ if (ret == -1) {
|
|
||||||
+ fuse_log(FUSE_LOG_ERR, "getgroups() failed with error=%d:%s\n",
|
|
||||||
+ errno, strerror(errno));
|
|
||||||
+ exit(1);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if (!ret) {
|
|
||||||
+ return;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ /* Drop all supplementary groups. We should not need it */
|
|
||||||
+ ret = setgroups(0, NULL);
|
|
||||||
+ if (ret == -1) {
|
|
||||||
+ fuse_log(FUSE_LOG_ERR, "setgroups() failed with error=%d:%s\n",
|
|
||||||
+ errno, strerror(errno));
|
|
||||||
+ exit(1);
|
|
||||||
+ }
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
/*
|
|
||||||
* Change to uid/gid of caller so that file is created with
|
|
||||||
* ownership of caller.
|
|
||||||
@@ -3926,6 +3951,8 @@ int main(int argc, char *argv[])
|
|
||||||
|
|
||||||
qemu_init_exec_dir(argv[0]);
|
|
||||||
|
|
||||||
+ drop_supplementary_groups();
|
|
||||||
+
|
|
||||||
pthread_mutex_init(&lo.mutex, NULL);
|
|
||||||
lo.inodes = g_hash_table_new(lo_key_hash, lo_key_equal);
|
|
||||||
lo.root.fd = -1;
|
|
||||||
--
|
|
||||||
GitLab
|
|
||||||
|
|
@ -1,41 +0,0 @@
|
|||||||
From 41af4459ac47e107093c3f54b6875d54723aa613 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Sebastian Hasler <sebastian.hasler@stuvus.uni-stuttgart.de>
|
|
||||||
Date: Thu, 13 Jan 2022 16:32:49 +0100
|
|
||||||
Subject: [PATCH 2/2] virtiofsd: Do not support blocking flock
|
|
||||||
|
|
||||||
With the current implementation, blocking flock can lead to
|
|
||||||
deadlock. Thus, it's better to return EOPNOTSUPP if a user attempts
|
|
||||||
to perform a blocking flock request.
|
|
||||||
|
|
||||||
Signed-off-by: Sebastian Hasler <sebastian.hasler@stuvus.uni-stuttgart.de>
|
|
||||||
Message-Id: <20220113153249.710216-1-sebastian.hasler@stuvus.uni-stuttgart.de>
|
|
||||||
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
|
||||||
Reviewed-by: Vivek Goyal <vgoyal@redhat.com>
|
|
||||||
Reviewed-by: Greg Kurz <groug@kaod.org>
|
|
||||||
---
|
|
||||||
tools/virtiofsd/passthrough_ll.c | 9 +++++++++
|
|
||||||
1 file changed, 9 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
|
|
||||||
index b3d0674f6d..3e56d1cd95 100644
|
|
||||||
--- a/tools/virtiofsd/passthrough_ll.c
|
|
||||||
+++ b/tools/virtiofsd/passthrough_ll.c
|
|
||||||
@@ -2467,6 +2467,15 @@ static void lo_flock(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi,
|
|
||||||
int res;
|
|
||||||
(void)ino;
|
|
||||||
|
|
||||||
+ if (!(op & LOCK_NB)) {
|
|
||||||
+ /*
|
|
||||||
+ * Blocking flock can deadlock as there is only one thread
|
|
||||||
+ * serving the queue.
|
|
||||||
+ */
|
|
||||||
+ fuse_reply_err(req, EOPNOTSUPP);
|
|
||||||
+ return;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
res = flock(lo_fi_fd(req, fi), op);
|
|
||||||
|
|
||||||
fuse_reply_err(req, res == -1 ? errno : 0);
|
|
||||||
--
|
|
||||||
2.35.1
|
|
||||||
|
|
64
qemu.spec
64
qemu.spec
@ -195,6 +195,7 @@
|
|||||||
%endif
|
%endif
|
||||||
%define requires_block_ssh Requires: %{name}-block-ssh = %{evr}
|
%define requires_block_ssh Requires: %{name}-block-ssh = %{evr}
|
||||||
%define requires_audio_alsa Requires: %{name}-audio-alsa = %{evr}
|
%define requires_audio_alsa Requires: %{name}-audio-alsa = %{evr}
|
||||||
|
%define requires_audio_dbus Requires: %{name}-audio-dbus = %{evr}
|
||||||
%define requires_audio_oss Requires: %{name}-audio-oss = %{evr}
|
%define requires_audio_oss Requires: %{name}-audio-oss = %{evr}
|
||||||
%define requires_audio_pa Requires: %{name}-audio-pa = %{evr}
|
%define requires_audio_pa Requires: %{name}-audio-pa = %{evr}
|
||||||
%define requires_audio_sdl Requires: %{name}-audio-sdl = %{evr}
|
%define requires_audio_sdl Requires: %{name}-audio-sdl = %{evr}
|
||||||
@ -202,6 +203,7 @@
|
|||||||
%define requires_device_usb_host Requires: %{name}-device-usb-host = %{evr}
|
%define requires_device_usb_host Requires: %{name}-device-usb-host = %{evr}
|
||||||
%define requires_device_usb_redirect Requires: %{name}-device-usb-redirect = %{evr}
|
%define requires_device_usb_redirect Requires: %{name}-device-usb-redirect = %{evr}
|
||||||
%define requires_ui_curses Requires: %{name}-ui-curses = %{evr}
|
%define requires_ui_curses Requires: %{name}-ui-curses = %{evr}
|
||||||
|
%define requires_ui_dbus Requires: %{name}-ui-dbus = %{evr}
|
||||||
%define requires_ui_gtk Requires: %{name}-ui-gtk = %{evr}
|
%define requires_ui_gtk Requires: %{name}-ui-gtk = %{evr}
|
||||||
%define requires_ui_sdl Requires: %{name}-ui-sdl = %{evr}
|
%define requires_ui_sdl Requires: %{name}-ui-sdl = %{evr}
|
||||||
%define requires_ui_egl_headless Requires: %{name}-ui-egl-headless = %{evr}
|
%define requires_ui_egl_headless Requires: %{name}-ui-egl-headless = %{evr}
|
||||||
@ -256,6 +258,7 @@
|
|||||||
%{requires_block_rbd} \
|
%{requires_block_rbd} \
|
||||||
%{requires_block_ssh} \
|
%{requires_block_ssh} \
|
||||||
%{requires_audio_alsa} \
|
%{requires_audio_alsa} \
|
||||||
|
%{requires_audio_dbus} \
|
||||||
%{requires_audio_oss} \
|
%{requires_audio_oss} \
|
||||||
%{requires_audio_pa} \
|
%{requires_audio_pa} \
|
||||||
%{requires_audio_sdl} \
|
%{requires_audio_sdl} \
|
||||||
@ -302,11 +305,11 @@ Obsoletes: %{name}-system-unicore32-core <= %{epoch}:%{version}-%{release}
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
# To prevent rpmdev-bumpspec breakage
|
# To prevent rpmdev-bumpspec breakage
|
||||||
%global baserelease 8
|
%global baserelease 1
|
||||||
|
|
||||||
Summary: QEMU is a FAST! processor emulator
|
Summary: QEMU is a FAST! processor emulator
|
||||||
Name: qemu
|
Name: qemu
|
||||||
Version: 6.2.0
|
Version: 7.0.0
|
||||||
Release: %{baserelease}%{?rcrel}%{?dist}
|
Release: %{baserelease}%{?rcrel}%{?dist}
|
||||||
Epoch: 2
|
Epoch: 2
|
||||||
License: GPLv2 and BSD and MIT and CC-BY
|
License: GPLv2 and BSD and MIT and CC-BY
|
||||||
@ -327,19 +330,6 @@ Source36: README.tests
|
|||||||
|
|
||||||
Patch0001: 0001-sgx-stub-fix.patch
|
Patch0001: 0001-sgx-stub-fix.patch
|
||||||
|
|
||||||
# CVE-2022-0358
|
|
||||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2046202
|
|
||||||
Patch0002: 0001-virtiofsd-Drop-membership-of-all-supplementary-groups.patch
|
|
||||||
|
|
||||||
# Fix various crashes with virtiofsd on F36+
|
|
||||||
# https://bugzilla.redhat.com/2070066
|
|
||||||
Patch0003: 0001-tools-virtiofsd-Add-rseq-syscall-to-the-seccomp-allo.patch
|
|
||||||
Patch0004: 0002-virtiofsd-Do-not-support-blocking-flock.patch
|
|
||||||
|
|
||||||
# acpi: fix QEMU crash when started with SLIC table
|
|
||||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2072303
|
|
||||||
Patch0005: 0001-acpi-fix-QEMU-crash-when-started-with-SLIC-table.patch
|
|
||||||
|
|
||||||
BuildRequires: meson >= %{meson_version}
|
BuildRequires: meson >= %{meson_version}
|
||||||
BuildRequires: zlib-devel
|
BuildRequires: zlib-devel
|
||||||
BuildRequires: glib2-devel
|
BuildRequires: glib2-devel
|
||||||
@ -461,8 +451,6 @@ BuildRequires: virglrenderer-devel
|
|||||||
# preferred disassembler for TCG
|
# preferred disassembler for TCG
|
||||||
BuildRequires: capstone-devel
|
BuildRequires: capstone-devel
|
||||||
%endif
|
%endif
|
||||||
# parallels disk images require libxml2
|
|
||||||
BuildRequires: libxml2-devel
|
|
||||||
# qemu-ga
|
# qemu-ga
|
||||||
BuildRequires: libudev-devel
|
BuildRequires: libudev-devel
|
||||||
# qauth infrastructure
|
# qauth infrastructure
|
||||||
@ -697,6 +685,12 @@ Requires: %{name}-common%{?_isa} = %{epoch}:%{version}-%{release}
|
|||||||
%description audio-alsa
|
%description audio-alsa
|
||||||
This package provides the additional ALSA audio driver for QEMU.
|
This package provides the additional ALSA audio driver for QEMU.
|
||||||
|
|
||||||
|
%package audio-dbus
|
||||||
|
Summary: QEMU D-Bus audio driver
|
||||||
|
Requires: %{name}-common%{?_isa} = %{epoch}:%{version}-%{release}
|
||||||
|
%description audio-dbus
|
||||||
|
This package provides the additional D-Bus audio driver for QEMU.
|
||||||
|
|
||||||
%package audio-oss
|
%package audio-oss
|
||||||
Summary: QEMU OSS audio driver
|
Summary: QEMU OSS audio driver
|
||||||
Requires: %{name}-common%{?_isa} = %{epoch}:%{version}-%{release}
|
Requires: %{name}-common%{?_isa} = %{epoch}:%{version}-%{release}
|
||||||
@ -730,6 +724,12 @@ Requires: %{name}-common%{?_isa} = %{epoch}:%{version}-%{release}
|
|||||||
%description ui-curses
|
%description ui-curses
|
||||||
This package provides the additional curses UI for QEMU.
|
This package provides the additional curses UI for QEMU.
|
||||||
|
|
||||||
|
%package ui-dbus
|
||||||
|
Summary: QEMU D-Bus UI driver
|
||||||
|
Requires: %{name}-common%{?_isa} = %{epoch}:%{version}-%{release}
|
||||||
|
%description ui-dbus
|
||||||
|
This package provides the additional D-Bus UI for QEMU.
|
||||||
|
|
||||||
%package ui-gtk
|
%package ui-gtk
|
||||||
Summary: QEMU GTK UI driver
|
Summary: QEMU GTK UI driver
|
||||||
Requires: %{name}-common%{?_isa} = %{epoch}:%{version}-%{release}
|
Requires: %{name}-common%{?_isa} = %{epoch}:%{version}-%{release}
|
||||||
@ -1247,8 +1247,8 @@ mkdir -p %{static_builddir}
|
|||||||
--disable-avx2 \\\
|
--disable-avx2 \\\
|
||||||
--disable-avx512f \\\
|
--disable-avx512f \\\
|
||||||
--disable-block-drv-whitelist-in-tools \\\
|
--disable-block-drv-whitelist-in-tools \\\
|
||||||
--disable-bpf \\\
|
|
||||||
--disable-bochs \\\
|
--disable-bochs \\\
|
||||||
|
--disable-bpf \\\
|
||||||
--disable-brlapi \\\
|
--disable-brlapi \\\
|
||||||
--disable-bsd-user \\\
|
--disable-bsd-user \\\
|
||||||
--disable-bzip2 \\\
|
--disable-bzip2 \\\
|
||||||
@ -1258,6 +1258,7 @@ mkdir -p %{static_builddir}
|
|||||||
--disable-cfi-debug \\\
|
--disable-cfi-debug \\\
|
||||||
--disable-cloop \\\
|
--disable-cloop \\\
|
||||||
--disable-cocoa \\\
|
--disable-cocoa \\\
|
||||||
|
--disable-coreaudio \\\
|
||||||
--disable-coroutine-pool \\\
|
--disable-coroutine-pool \\\
|
||||||
--disable-crypto-afalg \\\
|
--disable-crypto-afalg \\\
|
||||||
--disable-curl \\\
|
--disable-curl \\\
|
||||||
@ -1267,10 +1268,12 @@ mkdir -p %{static_builddir}
|
|||||||
--disable-debug-tcg \\\
|
--disable-debug-tcg \\\
|
||||||
--disable-dmg \\\
|
--disable-dmg \\\
|
||||||
--disable-docs \\\
|
--disable-docs \\\
|
||||||
|
--disable-dsound \\\
|
||||||
--disable-fdt \\\
|
--disable-fdt \\\
|
||||||
--disable-fuse \\\
|
--disable-fuse \\\
|
||||||
--disable-fuse-lseek \\\
|
--disable-fuse-lseek \\\
|
||||||
--disable-gcrypt \\\
|
--disable-gcrypt \\\
|
||||||
|
--disable-gettext \\\
|
||||||
--disable-gio \\\
|
--disable-gio \\\
|
||||||
--disable-glusterfs \\\
|
--disable-glusterfs \\\
|
||||||
--disable-gnutls \\\
|
--disable-gnutls \\\
|
||||||
@ -1280,7 +1283,9 @@ mkdir -p %{static_builddir}
|
|||||||
--disable-hax \\\
|
--disable-hax \\\
|
||||||
--disable-hvf \\\
|
--disable-hvf \\\
|
||||||
--disable-iconv \\\
|
--disable-iconv \\\
|
||||||
|
--disable-jack \\\
|
||||||
--disable-kvm \\\
|
--disable-kvm \\\
|
||||||
|
--disable-l2tpv3 \\\
|
||||||
--disable-libdaxctl \\\
|
--disable-libdaxctl \\\
|
||||||
--disable-libiscsi \\\
|
--disable-libiscsi \\\
|
||||||
--disable-libnfs \\\
|
--disable-libnfs \\\
|
||||||
@ -1288,7 +1293,6 @@ mkdir -p %{static_builddir}
|
|||||||
--disable-libssh \\\
|
--disable-libssh \\\
|
||||||
--disable-libudev \\\
|
--disable-libudev \\\
|
||||||
--disable-libusb \\\
|
--disable-libusb \\\
|
||||||
--disable-libxml2 \\\
|
|
||||||
--disable-linux-aio \\\
|
--disable-linux-aio \\\
|
||||||
--disable-linux-io-uring \\\
|
--disable-linux-io-uring \\\
|
||||||
--disable-linux-user \\\
|
--disable-linux-user \\\
|
||||||
@ -1305,7 +1309,10 @@ mkdir -p %{static_builddir}
|
|||||||
--disable-netmap \\\
|
--disable-netmap \\\
|
||||||
--disable-nettle \\\
|
--disable-nettle \\\
|
||||||
--disable-numa \\\
|
--disable-numa \\\
|
||||||
|
--disable-nvmm \\\
|
||||||
--disable-opengl \\\
|
--disable-opengl \\\
|
||||||
|
--disable-oss \\\
|
||||||
|
--disable-pa \\\
|
||||||
--disable-parallels \\\
|
--disable-parallels \\\
|
||||||
--disable-pie \\\
|
--disable-pie \\\
|
||||||
--disable-pvrdma \\\
|
--disable-pvrdma \\\
|
||||||
@ -1321,6 +1328,7 @@ mkdir -p %{static_builddir}
|
|||||||
--disable-sdl \\\
|
--disable-sdl \\\
|
||||||
--disable-sdl-image \\\
|
--disable-sdl-image \\\
|
||||||
--disable-seccomp \\\
|
--disable-seccomp \\\
|
||||||
|
--disable-selinux \\\
|
||||||
--disable-slirp \\\
|
--disable-slirp \\\
|
||||||
--disable-slirp-smbd \\\
|
--disable-slirp-smbd \\\
|
||||||
--disable-smartcard \\\
|
--disable-smartcard \\\
|
||||||
@ -1359,7 +1367,6 @@ mkdir -p %{static_builddir}
|
|||||||
--disable-whpx \\\
|
--disable-whpx \\\
|
||||||
--disable-xen \\\
|
--disable-xen \\\
|
||||||
--disable-xen-pci-passthrough \\\
|
--disable-xen-pci-passthrough \\\
|
||||||
--disable-xfsctl \\\
|
|
||||||
--disable-xkbcommon \\\
|
--disable-xkbcommon \\\
|
||||||
--disable-zstd \\\
|
--disable-zstd \\\
|
||||||
--with-git-submodules=ignore \\\
|
--with-git-submodules=ignore \\\
|
||||||
@ -1426,10 +1433,13 @@ run_configure \
|
|||||||
%if %{have_fdt}
|
%if %{have_fdt}
|
||||||
--enable-fdt=system \
|
--enable-fdt=system \
|
||||||
%endif
|
%endif
|
||||||
|
--enable-gettext \
|
||||||
--enable-gnutls \
|
--enable-gnutls \
|
||||||
--enable-guest-agent \
|
--enable-guest-agent \
|
||||||
--enable-iconv \
|
--enable-iconv \
|
||||||
|
--enable-jack \
|
||||||
--enable-kvm \
|
--enable-kvm \
|
||||||
|
--enable-l2tpv3 \
|
||||||
--enable-libiscsi \
|
--enable-libiscsi \
|
||||||
%if %{have_pmem}
|
%if %{have_pmem}
|
||||||
--enable-libpmem \
|
--enable-libpmem \
|
||||||
@ -1451,6 +1461,8 @@ run_configure \
|
|||||||
%if %{have_opengl}
|
%if %{have_opengl}
|
||||||
--enable-opengl \
|
--enable-opengl \
|
||||||
%endif
|
%endif
|
||||||
|
--enable-oss \
|
||||||
|
--enable-pa \
|
||||||
--enable-pie \
|
--enable-pie \
|
||||||
%if %{have_block_rbd}
|
%if %{have_block_rbd}
|
||||||
--enable-rbd \
|
--enable-rbd \
|
||||||
@ -1459,9 +1471,7 @@ run_configure \
|
|||||||
--enable-rdma \
|
--enable-rdma \
|
||||||
%endif
|
%endif
|
||||||
--enable-seccomp \
|
--enable-seccomp \
|
||||||
%if 0%{?must_remember_to_add_this_in_qemu_6_2}
|
|
||||||
--enable-selinux \
|
--enable-selinux \
|
||||||
%endif
|
|
||||||
--enable-slirp=system \
|
--enable-slirp=system \
|
||||||
--enable-slirp-smbd \
|
--enable-slirp-smbd \
|
||||||
--enable-snappy \
|
--enable-snappy \
|
||||||
@ -1509,7 +1519,6 @@ run_configure \
|
|||||||
--enable-libnfs \
|
--enable-libnfs \
|
||||||
%endif
|
%endif
|
||||||
--enable-libudev \
|
--enable-libudev \
|
||||||
--enable-libxml2 \
|
|
||||||
%if %{have_liburing}
|
%if %{have_liburing}
|
||||||
--enable-linux-io-uring \
|
--enable-linux-io-uring \
|
||||||
%endif
|
%endif
|
||||||
@ -1963,6 +1972,8 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \
|
|||||||
|
|
||||||
%files audio-alsa
|
%files audio-alsa
|
||||||
%{_libdir}/%{name}/audio-alsa.so
|
%{_libdir}/%{name}/audio-alsa.so
|
||||||
|
%files audio-dbus
|
||||||
|
%{_libdir}/%{name}/audio-dbus.so
|
||||||
%files audio-oss
|
%files audio-oss
|
||||||
%{_libdir}/%{name}/audio-oss.so
|
%{_libdir}/%{name}/audio-oss.so
|
||||||
%files audio-pa
|
%files audio-pa
|
||||||
@ -1977,6 +1988,8 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \
|
|||||||
|
|
||||||
%files ui-curses
|
%files ui-curses
|
||||||
%{_libdir}/%{name}/ui-curses.so
|
%{_libdir}/%{name}/ui-curses.so
|
||||||
|
%files ui-dbus
|
||||||
|
%{_libdir}/%{name}/ui-dbus.so
|
||||||
%files ui-gtk
|
%files ui-gtk
|
||||||
%{_libdir}/%{name}/ui-gtk.so
|
%{_libdir}/%{name}/ui-gtk.so
|
||||||
%files ui-sdl
|
%files ui-sdl
|
||||||
@ -2213,6 +2226,7 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \
|
|||||||
%{_datadir}/%{name}/skiboot.lid
|
%{_datadir}/%{name}/skiboot.lid
|
||||||
%{_datadir}/%{name}/u-boot.e500
|
%{_datadir}/%{name}/u-boot.e500
|
||||||
%{_datadir}/%{name}/u-boot-sam460-20100605.bin
|
%{_datadir}/%{name}/u-boot-sam460-20100605.bin
|
||||||
|
%{_datadir}/%{name}/vof*.bin
|
||||||
%if %{have_memlock_limits}
|
%if %{have_memlock_limits}
|
||||||
%{_sysconfdir}/security/limits.d/95-kvm-memlock.conf
|
%{_sysconfdir}/security/limits.d/95-kvm-memlock.conf
|
||||||
%endif
|
%endif
|
||||||
@ -2223,7 +2237,6 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \
|
|||||||
%{_bindir}/qemu-system-riscv32
|
%{_bindir}/qemu-system-riscv32
|
||||||
%{_bindir}/qemu-system-riscv64
|
%{_bindir}/qemu-system-riscv64
|
||||||
%{_datadir}/%{name}/opensbi-riscv*.bin
|
%{_datadir}/%{name}/opensbi-riscv*.bin
|
||||||
%{_datadir}/%{name}/opensbi-riscv*.elf
|
|
||||||
%{_datadir}/systemtap/tapset/qemu-system-riscv*.stp
|
%{_datadir}/systemtap/tapset/qemu-system-riscv*.stp
|
||||||
%{_mandir}/man1/qemu-system-riscv*.1*
|
%{_mandir}/man1/qemu-system-riscv*.1*
|
||||||
|
|
||||||
@ -2305,6 +2318,9 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Apr 08 2022 Eduardo Lima (Etrunko) <etrunko@redhat.com> - 7.0.0-1
|
||||||
|
- Rebase to qemu 7.0.0-1
|
||||||
|
|
||||||
* Wed Apr 06 2022 Richard W.M. Jones <rjones@redhat.com> - 2:6.2.0-8
|
* Wed Apr 06 2022 Richard W.M. Jones <rjones@redhat.com> - 2:6.2.0-8
|
||||||
- acpi: fix QEMU crash when started with SLIC table (RHBZ#2072303)
|
- acpi: fix QEMU crash when started with SLIC table (RHBZ#2072303)
|
||||||
|
|
||||||
|
2
sources
2
sources
@ -1 +1 @@
|
|||||||
SHA512 (qemu-6.2.0.tar.xz) = e9f8231c9e1cfcc41cb47f10a55d63f6b8aee307af00cf6acf64acb7aa4f49fa7e9d6330703a2abea15d8b7bbaba7d3cb08c83edd98d82642367b527df730817
|
SHA512 (qemu-7.0.0.tar.xz) = 44ecd10c018a3763e1bc87d1d35b98890d0d5636acd69fe9b5cadf5024d5af6a31684d60cbe1c3370e02986434c1fb0ad99224e0e6f6fe7eda169992508157b1
|
||||||
|
Loading…
Reference in New Issue
Block a user