Commit Graph

529 Commits

Author SHA1 Message Date
Cole Robinson
6f55752c5f Depend on vte291, not vte3
vte3 is stuck at a certain version, vte291 is actually where new vte
versions are packaged. Yes, that's confusing.
2016-12-05 10:45:56 -05:00
Paolo Bonzini
b68b5fed43 Do not build aarch64 with -fPIC anymore (rhbz 1232499)
This seems to be unnecessary now (tested with kvm-unit-tests on aarch64
F25).
2016-11-28 15:47:34 +01:00
Nathaniel McCallum
0583426e3d Clean up binfmt.d configuration files
In particular, I performed the following changes:

1. Add the (missing) aarch64 configuration.

2. Mask out e_ident[EI_OSABI]. A single OS can have multiple values
   here. We just pass them all to qemu. I personally ran into this issue
   (where filtering was too strict) on ppc64.

3. Mask out e_ident[EI_ABIVERSION]. On Linux, this value is ignored.

4. Mask out e_ident[EI_PAD]. The current check insists they are zero
   when they are, in fact, undefined.

5. Don't mask any bits for e_ident[EI_VERSION]. We want an exact match
   on this since there has only ever been one version. However, alpha, i386
   and i486 were masking out the least significant bit.

6. Don't mask any bits for e_ident[EI_DATA]. You can't mask out bits for
   endianness because it controls the byte order of later bytes in the
   binfmt match (starting at offset 0x10). So you can never have a rule
   which works with bits masked out on this field. However, alpha, i386 and
   i486 were masking out the least significant bit.
2016-11-15 10:33:03 -05:00
Richard W.M. Jones
820948cb49 Fix qemu-sanity-check. 2016-11-14 14:37:49 +00:00
Richard W.M. Jones
ecbe006bda Create subpackages for modularized qemu block drivers (RHBZ#1393688). 2016-11-14 14:37:15 +00:00
Cole Robinson
8a588691e2 Fix PPC64 build with memlock file (bz #1387601) 2016-10-25 10:18:57 -04:00
Bastien Nocera
b8878c0ca6 Add "F" flag to static user emulators' binfmt, to make them
available in containers (#1384615)
- Also fixes the path of those emulators in the binfmt configurations
2016-10-19 19:19:36 +02:00
Cole Robinson
cf816402f7 Fix nested PPC 'Unknown MMU model' error (bz #1374749)
Fix flickering display with boxes + wayland VM (bz #1266484)
Add ppc64 kvm memlock file (bz #1293024)
2016-10-19 13:17:38 -04:00
Cole Robinson
d19693d908 Add ppc64 kvm memlock file (bz 1293024) 2016-10-19 12:23:45 -04:00
Cole Robinson
8dd6b5e9c8 spec: Use power64 macro consistently 2016-10-19 12:17:47 -04:00
Cole Robinson
3a13ddd514 CVE-2016-7155: pvscsi: OOB read and infinite loop (bz #1373463)
CVE-2016-7156: pvscsi: infinite loop when building SG list (bz #1373480)
CVE-2016-7156: pvscsi: infinite loop when processing IO requests (bz #1373480)
CVE-2016-7170: vmware_vga: OOB stack memory access (bz #1374709)
CVE-2016-7157: mptsas: invalid memory access (bz #1373505)
CVE-2016-7466: usb: xhci memory leakage during device unplug (bz #1377838)
CVE-2016-7423: scsi: mptsas: OOB access (bz #1376777)
CVE-2016-7422: virtio: null pointer dereference (bz #1376756)
CVE-2016-7908: net: Infinite loop in mcf_fec_do_tx (bz #1381193)
CVE-2016-8576: usb: xHCI: infinite loop vulnerability (bz #1382322)
CVE-2016-7995: usb: hcd-ehci: memory leak (bz #1382669)
2016-10-15 22:24:48 -04:00
Hans de Goede
a2729a240b Fix interrupt endpoints not working with network/spice USB redirection
on guest with an emulated xhci controller (rhbz#1382331)
2016-10-10 10:50:30 +02:00
Michal Toman
504e25420b Fix build on MIPS 2016-09-21 09:29:36 +01:00
Cole Robinson
57dbb7a5be Don't depend on edk2 roms where they aren't available (bz 1373576) 2016-09-08 15:56:28 -04:00
Cole Robinson
435be3635e Rebase to qemu 2.7.0 GA 2016-09-08 15:52:09 -04:00
Cole Robinson
94ddf1cc6a Rebase to qemu 2.7.0-rc3 2016-08-19 09:20:37 -04:00
Daniel P. Berrange
d52607ebe6 Also disable static builds on ppc64 due to glibc fubarness 2016-08-17 09:47:57 +01:00
Cole Robinson
ef34be9e72 Rebase to qemu 2.7.0-rc2
* kvm_stat was moved to the kernel tree
* trace-events renamed to trace-events-all
* several new pxe roms added
2016-08-08 20:05:39 -04:00
Richard W.M. Jones
84e6ecadd9 Rebuild to attempt to fix '2:qemu-system-xtensa-2.6.0-5.fc25.x86_64 requires libxenctrl.so.4.6()(64bit)' 2016-07-23 16:37:42 +01:00
Daniel P. Berrange
d0bc223280 Add skip for s390x as well as s390 2016-07-15 14:28:04 +01:00
Daniel P. Berrange
9868109a5e Disable qemu-user-static on s390 too 2016-07-14 11:20:48 +01:00
Daniel P. Berrange
ecee1eccfe Add explicit BR on alsa-lib-devel
Previously we'd get alsa-lib-devel pulled in by accident due to
dep from another package. Latest rawhide doesn't get this so we
must add the dep explicitly in QEMU.
2016-07-13 15:08:58 +01:00
Daniel P. Berrange
a8a5dc38f8 Cat config.log when configure fails during build
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-07-13 15:08:17 +01:00
Daniel P. Berrange
9e71574671 Use precise version in obsoletes line
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-07-13 13:49:06 +01:00
Daniel P. Berrange
0835325a86 Introduce qemu-user-static sub-RPM
The i686 build of this is temp disabled due to fubar
glibc-static on i686

The hardended build macro is disabled due to fubar
rpm macros for static linking while hardened, but
the equivalent hardening is turned on manually.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-07-13 13:42:21 +01:00
Cole Robinson
cf91b1dfd9 CVE-2016-4002: net: buffer overflow in MIPSnet (bz #1326083)
CVE-2016-4952 scsi: pvscsi: out-of-bounds access issue
CVE-2016-4964: scsi: mptsas infinite loop (bz #1339157)
CVE-2016-5106: scsi: megasas: out-of-bounds write (bz #1339581)
CVE-2016-5105: scsi: megasas: stack information leakage (bz #1339585)
CVE-2016-5107: scsi: megasas: out-of-bounds read (bz #1339573)
CVE-2016-4454: display: vmsvga: out-of-bounds read (bz #1340740)
CVE-2016-4453: display: vmsvga: infinite loop (bz #1340744)
CVE-2016-5126: block: iscsi: buffer overflow (bz #1340925)
CVE-2016-5238: scsi: esp: OOB write (bz #1341932)
CVE-2016-5338: scsi: esp: OOB r/w access (bz #1343325)
CVE-2016-5337: scsi: megasas: information leakage (bz #1343910)
Fix crash with -nodefaults -sdl (bz #1340931)
Add deps on edk2-ovmf and edk2-aarch64
2016-06-22 09:40:57 -04:00
Cole Robinson
f9730dab94 Add deps on fedora edk2-ovmf and edk2-aarch64 2016-06-22 08:22:36 -04:00
Cole Robinson
f0208c9e42 CVE-2016-4020: memory leak in kvmvapic.c (bz #1326904)
CVE-2016-4439: scsi: esb: OOB write #1 (bz #1337503)
CVE-2016-4441: scsi: esb: OOB write #2 (bz #1337506)
Fix regression installing windows 7 with qxl/vga (bz #1339267)
Fix crash with aarch64 gic-version=host and accel=tcg (bz #1339977)
2016-05-26 11:32:16 -04:00
Cole Robinson
f8dc431e37 Explicitly error if spice GL setup fails
Fix monitor resizing with virgl (bz #1337564)
Fix libvirt noise when introspecting qemu-kvm without hw virt
2016-05-20 16:36:01 -04:00
Cole Robinson
837eb7efa2 qemu: Clean up BuildRequires
Drop outdated:
    nss-devel (old libcacard)
    rsync (no longer used)
    which (no longer used)
    pciutils-devel (no longer used)

Add libcap-ng-devel for extra qemu-bridge-helper restrictions
Document all BuildRequires
Separate buildsystem bits vs feature bits
2016-05-15 14:52:29 -04:00
Cole Robinson
e200903264 Rebase to v2.6.0 GA 2016-05-13 14:18:07 -04:00
Cole Robinson
35faab4c45 Fix gtk UI crash when switching to monitor (bz #1333424)
Fix sdl2 UI lockup lockup when switching to monitor
Rebased to qemu-2.6.0-rc5
2016-05-09 13:36:06 -04:00
Cole Robinson
bc7ce050b0 Rebased to version 2.6.0-rc4
Fix test suite on big endian hosts (bz 1330174)
2016-05-02 16:08:20 -04:00
Cole Robinson
b455e4b103 Rebuild to pick up spice GL support 2016-04-25 09:01:59 -04:00
Cole Robinson
b0b55fdca8 Rebased to version 2.6.0-rc3
Fix s390 sysctl file install (bz 1327870)
Adjust spice gl version check to expect F24 backported version
2016-04-22 08:03:02 -04:00
Cole Robinson
6138a983a3 - Rebased to version 2.6.0-rc2
- Fix GL deps (bz 1325966)
- Ship sysctl file to fix s390x kvm (bz 1290589)
- Fix FTBFS on s390 (bz 1326247)
2016-04-14 18:48:51 -04:00
Cole Robinson
c752245c96 Ship sysctl file to fix s390x kvm (bz 1290589) 2016-04-14 18:46:31 -04:00
Cole Robinson
fa6cd1dad5 Fix GL deps (bz 1325966) 2016-04-14 18:34:08 -04:00
Cole Robinson
4097206ab3 Rebased to version 2.6.0-rc1 2016-04-07 13:00:29 -04:00
Cole Robinson
54cb1301c6 CVE-2016-2857: net: out of bounds read (bz #1309564)
CVE-2016-2392: usb: null pointer dereference (bz #1307115)
2016-03-17 13:45:47 -04:00
Peter Robinson
ae11374147 Rebuild for tcmalloc ifunc issues on non x86 arches (see rhbz 1312462) 2016-03-09 15:12:12 +00:00
Paolo Bonzini
43821749cc Disable xfsctl, fallocate works fine in newer kernels (bz #1305512) 2016-03-01 13:14:39 +01:00
Peter Robinson
73731f9ecd All Fedora arches have libseccomp support (ARMv7, aarch64, Power64, s390(x)) 2016-03-01 11:46:16 +00:00
Cole Robinson
7d975d9810 CVE-2015-8619: Fix sendkey out of bounds (bz #1292757)
CVE-2016-1981: infinite loop in e1000 (bz #1299995)
Fix Out-of-bounds read in usb-ehci (bz #1300234, bz #1299455)
CVE-2016-2197: ahci: null pointer dereference (bz #1302952)
Fix gdbstub for VSX registers for ppc64 (bz #1304377)
Fix qemu-img vmdk images to work with VMware (bz #1299185)
2016-02-15 17:05:41 -05:00
Fedora Release Engineering
95a588650f - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild 2016-02-04 21:38:06 +00:00
Cole Robinson
b24b7f1644 CVE-2015-8567: net: vmxnet3: host memory leakage (bz #1289818)
CVE-2016-1922: i386: avoid null pointer dereference (bz #1292766)
CVE-2015-8613: buffer overflow in megasas_ctrl_get_info (bz #1284008)
CVE-2015-8701: Buffer overflow in tx_consume in rocker.c (bz #1293720)
CVE-2015-8743: ne2000: OOB memory access in ioport r/w functions (bz #1294787)
CVE-2016-1568: Use-after-free vulnerability in ahci (bz #1297023)
Fix modules.d/kvm.conf example syntax (bz #1298823)
2016-01-20 20:17:04 -05:00
Cole Robinson
78f4db5d1d Fix virtio 9p thread pool usage
CVE-2015-8558: DoS by infinite loop in ehci_advance_state (bz #1291309)
Re-add dist tag
2016-01-09 12:35:08 -05:00
Cole Robinson
2a77992272 spec: Re-add dist tag 2016-01-09 11:18:17 -05:00
Cole Robinson
e8a6e4f833 Replace %define usage with %global 2016-01-09 11:16:52 -05:00
Paolo Bonzini
c9396159e8 oops, it is now 2016 2016-01-07 21:07:39 +01:00