Commit Graph

514 Commits

Author SHA1 Message Date
Richard W.M. Jones
c5e57685f9 Fix emulation of various instructions, required by libm in F22 ppc64 guests. 2015-09-20 10:23:16 +01:00
Cole Robinson
8211390ac8 CVE-2015-5255: heap memory corruption in vnc_refresh_server_surface (bz #1255899) 2015-08-31 20:18:31 -04:00
Cole Robinson
74717053dc Rebased to version 2.4.0
Support for virtio-gpu, 2D only
Support for virtio-based keyboard/mouse/tablet emulation
x86 support for memory hot-unplug
ACPI v5.1 table support for 'virt' board
2015-08-11 18:08:40 -04:00
Cole Robinson
d5417f465c Drop perl-Storable requires, texinfo rawhide is fixed now 2015-08-10 10:31:45 -04:00
Cole Robinson
6ac2a80eae Add temporary dep on perl-Storable
see https://bugzilla.redhat.com/show_bug.cgi?id=1251766 for more info
2015-08-09 15:07:58 -04:00
Cole Robinson
4c6dc5b3d6 CVE-2015-3209: pcnet: multi-tmd buffer overflow in the tx path (bz #1230536)
CVE-2015-3214: i8254: out-of-bounds memory access (bz #1243728)
CVE-2015-5158: scsi stack buffer overflow (bz #1246025)
CVE-2015-5154: ide: atapi: heap overflow during I/O buffer memory access (bz #1247141)
CVE-2015-5165: rtl8139 uninitialized heap memory information leakage to guest (bz #1249755)
CVE-2015-5166: BlockBackend object use after free issue (bz #1249758)
CVE-2015-5745: buffer overflow in virtio-serial (bz #1251160)
2015-08-09 13:08:31 -04:00
Cole Robinson
de4550957e Rebased to v2.4.0-rc0 2015-07-14 17:12:37 -04:00
Richard W.M. Jones
61ce511be4 Bump and rebuild. 2015-07-03 19:23:12 +01:00
Richard W.M. Jones
74ab99f1a6 Revert "Enable -fPIC and -fPIE on every architecture (rhbz 1232499)."
This reverts commit 77b7d81b2b.

See https://bugzilla.redhat.com/show_bug.cgi?id=1232499#36
2015-07-03 19:20:51 +01:00
Richard W.M. Jones
77b7d81b2b Enable -fPIC and -fPIE on every architecture (rhbz 1232499). 2015-07-03 18:45:22 +01:00
Daniel P. Berrange
bcb37b2ec0 Fix conditional in previous commit 2015-07-03 17:22:51 +01:00
Daniel P. Berrange
d4803feead Use explicit --(enable,disable)-spice args (rhbz #1239102) 2015-07-03 15:02:57 +01:00
Peter Robinson
1ec8e52bb2 Build aarch64 with -fPIC (rhbz 1232499) 2015-07-02 16:32:23 +01:00
Peter Robinson
806ecbe49c Disable stack protection for AArch64. F23's GCC thinks that it is available but F23's glibc does not support it. 2015-07-01 11:26:59 +01:00
Paolo Bonzini
749c3c43c3 Rebuild for libiscsi soname bump 2015-06-26 11:10:12 +02:00
Paolo Bonzini
260c0ac680 Re-enable tcmalloc on arm 2015-06-19 12:03:04 +02:00
Dennis Gilmore
6626651b28 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild 2015-06-18 21:39:31 +00:00
Dan Horák
94a40ce774 - gperftools not available on s390(x) 2015-06-10 22:28:01 +02:00
Cole Robinson
6fc6504bd8 CVE-2015-4037: insecure temporary file use in /net/slirp.c (bz #1222894) 2015-06-05 19:55:57 -04:00
Cole Robinson
d43799b0b3 spec: Drop now unused kvm_target and kvm_archs globals 2015-06-05 18:21:57 -04:00
Daniel P. Berrange
7bf3158612 Fix conditional enablement of tcmalloc
Opps, cant have comments in the middle of multi-line continuations.
2015-06-01 14:43:36 +01:00
Daniel P. Berrange
aa972b9106 Disable broken tcmalloc on arm and re-enable tests 2015-06-01 14:12:15 +01:00
Cole Robinson
198e142c7d Disable _all_ tests on arm, since they are all currently hanging 2015-05-21 14:07:03 -04:00
Cole Robinson
31085aa400 Temporarily disable hanging test on arm 2015-05-20 16:51:14 -04:00
Cole Robinson
7c5a423647 Remove %autopatch macro from changelog 2015-05-13 23:15:28 -04:00
Cole Robinson
18eddd1631 Backport upstream 2.4 patch to link with tcmalloc, enable it
CVE-2015-3456: (VENOM) fdc: out-of-bounds fifo buffer memory access (bz #1221152)
2015-05-13 18:39:05 -04:00
Paolo Bonzini
af53ec630c Backport upstream 2.4 patch to link with tcmalloc, enable it 2015-05-13 15:33:19 +02:00
poma
343c57952d Fix ksm.service (bz 1218814) 2015-05-06 12:52:09 -04:00
Dan Horák
5059f25c8e - Require libseccomp only when built with it 2015-05-05 17:03:52 +02:00
Cole Robinson
41aca9586f Rebased to version 2.3.0 GA
Another attempt at fixing default /dev/kvm permissions (bz 950436)
2015-04-27 13:33:41 -04:00
Cole Robinson
b26fb5a551 qemu: Drop kvm.modules
Looked into this because recent packaging changes broke kvm.modules
installation, see https://bugzilla.redhat.com/show_bug.cgi?id=1212328

But nowadays this isn't even required I don't think. According to
comments here:

https://bugzilla.redhat.com/show_bug.cgi?id=963198

The reason for shipping it is missing devname:kvm for ppc and s390 kvm
modules. But those have been in upstream kernel.git since late 2013,
so it should be safe to drop entirely.
2015-04-16 09:11:00 -04:00
Cole Robinson
9b9ad7bb74 Rebased to version 2.3.0-rc3 2015-04-14 14:51:42 -04:00
Cole Robinson
c61e67e86b Rebased to version 2.3.0-rc2
Don't install ksm services as executable (bz #1192720)
Skip hanging tests on s390 (bz #1206057)
CVE-2015-1779 vnc: insufficient resource limiting in VNC websockets decoder
(bz #1205051, bz #1199572)
2015-04-03 10:21:46 -04:00
Cole Robinson
c2770435bf Big specfile cleanup
- Drop all the crazy kvmonly and separate_kvm bits
- Drop outdates conditionals
- Drop old style things like defattr and RPM_BUILD_ROOT
- Readability improvements
2015-03-27 17:08:26 -04:00
Cole Robinson
355b03ef5c Rebased to version 2.3.0-rc1 2015-03-25 08:48:20 -04:00
Cole Robinson
8055ee2da9 Rebase to qemu-2.3.0-rc0 2015-03-22 11:06:24 -04:00
Richard W.M. Jones
5a454effcf Revert "- Enable seccomp on ARM (thanks: Peter Robinson)."
This reverts commit 76a74e853f.

The upstream (qemu) configure script hard-codes x86 & x86-64,
so you cannot enable seccomp on arm yet.
2015-02-17 15:07:06 +00:00
Richard W.M. Jones
76a74e853f - Enable seccomp on ARM (thanks: Peter Robinson). 2015-02-17 13:37:05 +00:00
Richard W.M. Jones
6c3741c276 - Add -fPIC flag to build to avoid
'relocation R_X86_64_PC32 against undefined symbol' errors.
- Add a hopefully temporary hack so that -fPIC is used to build
  NSS files in libcacard.
2015-02-17 13:35:59 +00:00
Richard W.M. Jones
391fb81c16 Add UEFI support for aarch64. 2015-02-04 15:54:41 +00:00
Daniel P. Berrange
f287dc5662 Re-enable SPICE after previous build fixes circular dep 2015-02-03 14:05:24 +00:00
Daniel P. Berrange
fc57f44566 Stop libcacard linking against the entire world 2015-02-03 11:36:06 +00:00
Daniel P. Berrange
cad2bcb6a1 Temporarily disable SPICE to break circular build-dep on libcacard 2015-02-03 10:57:50 +00:00
Daniel P. Berrange
0716c2e68a Rebuild for changed xen soname 2015-02-03 09:25:11 +00:00
Daniel P. Berrange
10fa62ffc3 Set pkgversion when running configure 2015-01-28 13:25:27 +00:00
Cole Robinson
c88cc7e403 Rebased to version 2.2.0 2014-12-09 16:25:38 -05:00
Cole Robinson
1be48f0df6 Update to qemu-2.2.0-rc3 2014-11-30 17:19:56 -05:00
Cole Robinson
259393612c Update to qemu-2.2.0-rc1 2014-11-15 20:39:24 -05:00
Cole Robinson
725f84b743 CVE-2014-7815 vnc: insufficient bits_per_pixel from the client sanitization (bz #1157647, bz #1157641)
CVE-2014-3689 vmware_vga: insufficient parameter validation in rectangle functions (bz #1153038, bz #1153035)
2014-10-29 15:58:32 -04:00
Daniel P. Berrange
145f8dccfa Fix dep on numactl-devel to be build time not install time
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-10-24 16:38:01 +01:00
Cole Robinson
fbbbab2c57 Fix PPC virtio regression (bz #1144490) 2014-10-06 12:32:22 -04:00
Dan Horák
215b584050 fix typo 2014-09-30 16:48:14 +02:00
Dan Horák
3a39bf78f1 add ppc64le to KVM arches 2014-09-30 16:46:25 +02:00
Cole Robinson
6c2b2d8a11 Fix date in changelog 2014-09-26 12:51:48 -04:00
Richard W.M. Jones
6ce0be8333 Add Requires seabios >= 1.7.5, otherwise Windows virtio booting does not work. 2014-09-26 16:56:20 +01:00
Cole Robinson
46f3a5c276 Rebased to version 2.1.2
CVE-2014-3640 qemu: slirp: NULL pointer (bz #1144821, bz #1144818)
2014-09-26 10:26:35 -04:00
Cole Robinson
e84b901375 Fix crash on migration/snapshot (bz #1144490) 2014-09-21 12:42:19 -04:00
Ruben Kerkhof
2f5a0ef6e6 qemu: Fix building without usbredir
The comparison checks if have_usbredir is defined, which it always is.
Check if it's defined and set to 1 instead.
2014-09-15 10:51:00 +01:00
Cole Robinson
723d95470d Rebased to version 2.1.1
CVE-2014-5388: out of bounds memory access (bz #1132962, bz #1132956)
CVE-2014-3615 crash when guest sets high resolution (bz #1139121, bz #1139115)
2014-09-11 15:58:04 -04:00
Richard W.M. Jones
87bbaebdd6 Remember to update Release field this time. 2014-09-03 11:28:38 +01:00
Richard W.M. Jones
f2a088a4af Add upstream patches to:
* Fix crash in curl driver.
  * Add curl timeout option.
  * Add curl cookie option.

- Add upstream commit hashes to patches.
2014-09-03 11:27:07 +01:00
Richard W.M. Jones
e144c654aa Forgot to update Release field ... 2014-08-20 22:35:42 +01:00
Richard W.M. Jones
4ced99fb02 Add patch for aarch64 which uncompresses -kernel parameter (in arm.next). 2014-08-20 22:28:16 +01:00
Dan Horák
592e6889a5 - Don't fail build due failing tests on s390 (#1100971) 2014-08-19 08:36:38 +02:00
Peter Robinson
bc6fc976b4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild 2014-08-17 22:22:32 +00:00
Richard W.M. Jones
a6c45000fe Drop optimization flags when compiling on aarch64 (see RHBZ#1126199). 2014-08-03 14:17:35 +01:00
Richard W.M. Jones
bcd9d80d1a Update to qemu 2.1.0 final released version. 2014-08-03 13:27:19 +01:00
Cole Robinson
cc110b43ed Update to qemu-2.1.0-rc3 2014-07-25 15:02:38 -04:00
Cole Robinson
3561d33ea5 Update to qemu 2.1.0-rc2 2014-07-16 13:05:09 -04:00
Peter Robinson
d35cbd0d7e Build qemu-system-aarch64 on all arches, Run check on ARM arches, just don't fail the build ATM 2014-07-15 17:46:17 +01:00
Cole Robinson
b440863c6b Update to qemu-2.1.0-rc1
Enable SDL2 frontend, it's improved recently
Fix drive-mirror segfaults if source size is not cluster-aligned (bz #1114791)
Fix crash with virtio-blk hotunplug (bz #1117181)
2014-07-09 11:53:36 -04:00
Cole Robinson
ad339ad339 Update to qemu 2.1-rc0 2014-07-04 15:08:59 -04:00
Cole Robinson
0410ae29c0 Don't use libtool on dtrace, fixes rawhide build (bz #1106968) 2014-06-15 17:58:34 -04:00
Dennis Gilmore
200da9cdce - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild 2014-06-07 20:00:11 -05:00
Cole Robinson
12cd546161 QCOW1 validation CVEs: CVE-2014-0222, CVE-2014-0223 (bz #1097232, bz #1097238, bz #1097222, bz #1097216)
CVE-2014-3461: Issues in USB post load checks (bz #1097260, bz #1096821)
2014-05-31 20:49:56 -04:00
Dan Horák
660494c491 - Disable tests on s390 (#1100971) 2014-05-24 19:47:47 +02:00
Cole Robinson
70114f9e56 Migration CVEs: CVE-2014-0182 etc. 2014-05-11 19:07:44 -04:00
Peter Robinson
5461c5246c Fix aarch64 build by adding aarch64 to kvm_archs 2014-04-30 22:17:24 +01:00
Cole Robinson
762d9e1463 Re-enable test suite on arm, works with a scratch build now 2014-04-26 13:46:26 -04:00
Cole Robinson
21cd6fac34 Don't use SDL2 API support, it's incomplete
Build qemu-system-aarch64 only on aarch64 for now
2014-04-21 20:35:15 -04:00
Cole Robinson
269942c0fd Update to 2.0.0 GA 2014-04-17 12:25:50 -04:00
Cole Robinson
f03d6d0588 Sigh, fix %setup 2014-04-15 12:33:04 -04:00
Cole Robinson
17908043da Update to qemu 2.0-rc3
Fix crash when restoring from snapshot (bz #1085632)
2014-04-15 11:37:22 -04:00
Cole Robinson
75f0c8715a Change gtk quit accelerator to ctrl+shift+q (bz #1062393)
Fix mouse with spice
Enable xen support for xen 4.4
2014-03-24 13:20:43 -04:00
Cole Robinson
1560ff70e8 spec: Disable check on arm just to get the build out 2014-03-24 13:16:27 -04:00
Cole Robinson
3400e70a32 Enable xen support for xen 4.4 2014-03-24 09:15:34 -04:00
Cole Robinson
ac843bf3ce Update to qemu 2.0 rc0 2014-03-18 14:25:31 -04:00
Richard W.M. Jones
755ac92dbf Better to quote the argument to test. 2014-02-18 17:10:08 +00:00
Richard W.M. Jones
5b4ee6cf96 Run qemu-sanity-check on x86 and armv7 too. The results are still only advisory. 2014-02-18 11:42:46 -05:00
Richard W.M. Jones
aa1e9b6b3f Disable make check on aarch64. 2014-01-13 10:12:15 +00:00
Cole Robinson
e65bbe3b55 spec: Fix some --without conditionals (bz 1048476) 2014-01-06 12:35:34 -05:00
Ville Skyttä
c4896d008b Add libcacard ldconfig %post* scriptlets. 2013-12-21 20:30:28 +02:00
Cole Robinson
c4025101e7 Add kill() to seccomp whitelist, fix AC97 with -sandbox on (bz #1043521)
Changing streaming mode default to off for spice (bz #1038336)
Fix guest scsi verify command (bz #1001617)
2013-12-18 12:11:24 -05:00
Cole Robinson
cf5f9d239e Clarify chrpath comment 2013-12-04 18:13:23 -05:00
Cole Robinson
bacd9b0468 Fix qemu-img create with NBD backing file (bz #1034433)
Rebase to qemu-1.7 GA
New monitor command blockdev-add for full featured block device hotplug.
Performance and functionality improvements for USB 3.0.
Many VFIO improvements
ACPI tables can be generated by QEMU and can be used by firmware directly.
Support creating and writing .vhdx images.
qemu-img map: dump detailed image file metadata
2013-12-03 06:36:52 -05:00
Richard W.M. Jones
dd16baaeb5 Run chrpath on binaries, so qemu can be built using rpmbuild. 2013-11-29 13:36:26 +00:00
Cole Robinson
45bdef1ab0 Update to qemu-1.7.0-rc1 2013-11-21 16:20:05 -05:00
Cole Robinson
4b57421a2c Fix drive discard options via libvirt (bz #1029953)
Fix process exit with -sandbox on (bz #1027421)
2013-11-17 17:32:44 -05:00
Cole Robinson
acbc4a5d3a Reduce CPU usage when audio is playing (bz #1017644)
Base on qemu 1.6.1 tarball
ksmtuned: Fix matching qemu w/o set_process_name (bz #1012604)
ksmtuned: Fix committed_memory when no qemu running (bz #1012610)
Make sure bridge helper is setuid (bz #1017660)
2013-11-05 19:42:39 -05:00
Cole Robinson
0c698d13b9 Fix migration from qemu <= 1.5 2013-10-09 13:38:07 -04:00