Age | Commit message (Collapse) | Author | Files |
|
--enable-uuid no longer exists: There's a uuid implementation in
libqemuutil.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
virtio-gpu: memory leakage when destroying gpu resource
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9912
Reference to upstream patch:
http://git.qemu-project.org/?p=qemu.git;a=patch;h=b8e23926c568f2e963af39028b71c472e3023793
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
virtio-gpu: information leakage in virgl_cmd_get_capset
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9908
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Move all the version specific patches, overrides and configuration that
are in qemu.inc to the versioned QEMU recipe.
This includes moving patches that target the versioned recipe, ptest
configuration (which is not available in QEMU by default) and the
installing of the powerpc_rom.bin. All these patches/files are also
only located in the FILESEXTRAPATHS that is valid from the recipe file
and not from qemu.inc itself.
The purpose of this change is to make the qemu.inc re-usable for
multiple versions of QEMU as well as forks and recipes that intend to
provide custom patches.
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
|
|
Move the KVMOPTS configuration checks and option setting to a
PACKAGECONFIG option.
This also changes the checking of KVM support on the host build machine
so that it is processed as a PACKAGECONFIG _remove for class-native
only. The darwin/mingw32 overrides are kept and applied as _remove
overrides.
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
|
|
Consolidate the configure options into the EXTRA_OECONF variable,
including merging any native(sdk) specific options.
This consolidation also makes the use of 'system' pixman in the
nativesdk case, this is desirable as the QEMU internal pixman may not be
available (using QEMU git as opposed to tarball) and pixman is already
in DEPENDS. Additionally the QEMU configure recommends to use the system
pixman if available.
Additionally move the options specified in the do_configure into the
EXTRA_OECONF variable. And flesh out all the target directories.
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
|
|
Move the '--disable-bluez' and '--disable-iscsi' options to
PACKAGECONFIG. And added the ${BLUEZ} dependency.
Fix up the 'gcrypt' option to depend on 'libgcrypt' instead of gcrypt.
This is the expected dependency as noted in the QEMU configure help.
Handle the '--audio-drv-list' option inside the PACKAGECONFIG[alsa]
args. The previous setting uses a ',' to denote the options for the arg
however a space inside quotes is also acceptable and allows the arg to
be used into the PACKAGECONFIG flag.
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
|
|
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This enables the use of swtpm (from meta-security) as a virtual TPM in
qemu. These patches extend the existing support in qemu for TPM
passthrough so that a swtpm daemon can be accessed via CUSE (character
device in user space).
To use this:
- add the meta-security layer including the swtpm enhancements for qemu
- bitbake swtpm-native
- create a TPM instance and initialize it with:
$ mkdir -p my-machine/myvtpm0
$ tmp-glibc/sysroots/x86_64-linux/usr/bin/swtpm_setup_oe.sh --tpm-state my-machine/myvtpm0 --createek
Starting vTPM manufacturing as root:root @ Fri 20 Jan 2017 08:56:18 AM CET
TPM is listening on TCP port 52167.
Successfully created EK.
Successfully authored TPM state.
Ending vTPM manufacturing @ Fri 20 Jan 2017 08:56:19 AM CET
- run swtpm *before each runqemu invocation* (it shuts down after use) and
do it as root (required to set up the /dev/vtpm0 CUSE device):
$ sudo sh -c 'PATH=`pwd`/tmp-glibc/sysroots/x86_64-linux/usr/bin/:`pwd`/tmp-glibc/sysroots/x86_64-linux/usr/sbin/:$PATH; export TPM_PATH=`pwd`/my-machine/myvtpm0; swtpm_cuse -n vtpm0' && sudo chmod a+rw /dev/vtpm0
- run qemu:
$ runqemu 'qemuparams=-tpmdev cuse-tpm,id=tpm0,path=/dev/vtpm0 -device tpm-tis,tpmdev=tpm0' ...
The guest kernel has to have TPM support enabled, which can be done with:
KERNEL_FEATURES_append = " features/tpm/tpm.scc"
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
|
|
On buildhosts where default python has switched to using python3
qemu-native fails configure like this
| ERROR: Cannot use 'python', Python 2.6 or later is required.
| Note that Python 3 or later is not yet supported.
| Use --python=/path/to/python to specify a supported Python.
|
we still expect build host to have python2 pre-installed
and is always available.
(From OE-Core rev: 2cac9544752775262fa87517ed49fcac2fb3a574)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
By default these pull in binutils-cross since they're a cross tool
and pull in any native tool requirements. In reality they don't
need such tools at build time or runtime since they're scripts.
Therefore clear the dependency and save on some processing time.
(From OE-Core rev: 63796765122e2eee2b78930797d571acb5c244d1)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The monster configure file does call pkg-config somewhere in there.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Added patches:
- target-ppc-fix-user-mode.patch
Rebased patches:
- exclude-some-arm-EABI-obsolete-syscalls.patc
Removed patches (already in upstream):
- 0003-fix-CVE-2016-7908.patch
- 0004-fix-CVE-2016-7909.patch
- 0001-target-mips-add-24KEc-CPU-definition.patch
Changelog,
http://wiki.qemu.org/ChangeLog/2.8
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Minor upgrade contains fixes from 2.7.0.
Removed patches (already in upstream):
- 0001-pci-assign-sync-MSI-MSI-X-cap-and-table-with-PCIDevi.patch
- 0001-virtio-zero-vq-inuse-in-virtio_reset.patch
- 0002-fix-CVE-2016-7423.patch
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This patch is comparatively large and invasive. It does only do one thing, switching the
system to build using recipe specific sysroots and where changes could be isolated from it,
that has been done.
With the current single sysroot approach, its possible for software to find things which
aren't in their dependencies. This leads to a determinism problem and is a growing issue in
several of the market segments where OE makes sense. The way to solve this problem for OE is
to have seperate sysroots for each recipe and these will only contain the dependencies for
that recipe.
Its worth noting that this is not task specific sysroots and that OE's dependencies do vary
enormously by task. This did result in some implementation challenges. There is nothing stopping
the implementation of task specific sysroots at some later point based on this work but
that as deemed a bridge too far right now.
Implementation details:
* Rather than installing the sysroot artefacts into a combined sysroots, they are now placed in
TMPDIR/sysroot-components/PACKAGE_ARCH/PN.
* WORKDIR/recipe-sysroot and WORKDIR/recipe-sysroot-native are built by hardlinking in files
from the sysroot-component trees. These new directories are known as RECIPE_SYSROOT and
RECIPE_SYSROOT_NATIVE.
* This construction is primarily done by a new do_prepare_recipe_sysroot task which runs
before do_configure and consists of a call to the extend_recipe_sysroot function.
* Other tasks need things in the sysroot before/after this, e.g. do_patch needs quilt-native
and do_package_write_deb needs dpkg-native. The code therefore inspects the dependencies
for each task and adds extend_recipe_sysroot as a prefunc if it has populate_sysroot
dependencies.
* We have to do a search/replace 'fixme' operation on the files installed into the sysroot to
change hardcoded paths into the correct ones. We create a fixmepath file in the component
directory which lists the files which need this operation.
* Some files have "postinstall" commands which need to run against them, e.g. gdk-pixbuf each
time a new loader is added. These are handled by adding files in bindir with the name
prefixed by "postinst-" and are run in each sysroot as its created if they're present.
This did mean most sstate postinstalls have to be rewritten but there shouldn't be many of them.
* Since a recipe can have multiple tasks and these tasks can run against each other at the same
time we have to have a lock when we perform write operations against the sysroot. We also have
to maintain manifests of what we install against a task checksum of the dependency. If the
checksum changes, we remove its files and then add the new ones.
* The autotools logic for filtering the view of m4 files is no longer needed (and was the model
for the way extend_recipe_sysroot works).
* For autotools, we used to build a combined m4 macros directory which had both the native and
target m4 files. We can no longer do this so we use the target sysroot as the default and add
the native sysroot as an extra backup include path. If we don't do this, we'd have to build
target pkg-config before we could built anything using pkg-config for example (ditto gettext).
Such dependencies would be painful so we haven't required that.
* PKDDATA_DIR was moved out the sysroot and works as before using sstate to build a hybrid copy
for each machine. The paths therefore changed, the behaviour did not.
* The ccache class had to be reworked to function with rss.
* The TCBOOTSTRAP sysroot for compiler bootstrap is no longer needed but the -initial data
does have to be filtered out from the main recipe sysroots. Putting "-initial" in a normal
recipe name therefore remains a bad idea.
* The logic in insane needed tweaks to deal with the new path layout, as did the debug source
file extraction code in package.bbclass.
* The logic in sstate.bbclass had to be rewritten since it previously only performed search and
replace on extracted sstate and we now need this to happen even if the compiled path was
"correct". This in theory could cause a mild performance issue but since the sysroot data
was the main data that needed this and we'd have to do it there regardless with rss, I've opted
just to change the way the class for everything. The built output used to build the sstate output
is now retained and installed rather than deleted.
* The search and replace logic used in sstate objects also seemed weak/incorrect and didn't hold
up against testing. This has been rewritten too. There are some assumptions made about paths, we
save the 'proper' search and replace operations to fixmepath.cmd but then ignore this. What is
here works but is a little hardcoded and an area for future improvement.
* In order to work with eSDK we need a way to build something that looks like the old style sysroot.
"bitbake build-sysroots" will construct such a sysroot based on everything in the components
directory that matches the current MACHINE. It will allow transition of external tools and can
built target or native variants or both. It also supports a clean task. I'd suggest not relying on
this for anything other than transitional purposes though. To see XXX in that sysroot, you'd have
to have built that in a previous bitbake invocation.
* pseudo is run out of its components directory. This is fine as its statically linked.
* The hacks for wayland to see allarch dependencies in the multilib case are no longer needed
and can be dropped.
* wic needed more extensive changes to work with rss and the fixes are in a separate commit series
* Various oe-selftest tweaks were needed since tests did assume the location to binaries and the
combined sysroot in several cases.
* Most missing dependencies this work found have been sent out as separate patches as they were found
but a few tweaks are still included here.
* A late addition is that extend_recipe_sysroot became multilib aware and able to populate multilib
sysroots. I had hoped not to have to add that complexity but the meta-environment recipe forced my
hand. That implementation can probably be neater but this is on the list of things to cleanup later
at this point.
In summary, the impact people will likely see after this change:
* Recipes may fail with missing dependencies, particularly native tools like gettext-native,
glib-2.0-native and libxml2.0-native. Some hosts have these installed and will mask these errors
* Any recipe/class using SSTATEPOSTINSTFUNCS will need that code rewriting into a postinst
* There was a separate patch series dealing with roots postinst native dependency issues. Any postinst
which expects native tools at rootfs time will need to mark that dependency with PACKAGE_WRITE_DEPS.
There could well be other issues. This has been tested repeatedly against our autobuilders and oe-selftest
and issues found have been fixed. We believe at least OE-Core is in good shape but that doesn't mean
we've found all the issues.
Also, the logging is a bit chatty at the moment. It does help if something goes wrong and goes to the
task logfiles, not the console so I've intentionally left this like that for now. We can turn it down
easily enough in due course.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix iommu pci device assignment failure.
"qemu-system-x86_64: -device pci-assign,host=02:00.0: No IOMMU found.
Unable to assign device "(null)""
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
getVar() now defaults to expanding by default, thus remove the True
option from getVar() calls with a regex search and replace.
Search made with the following regex: getVar ?\(( ?[^,()]*), True\)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Disable building qemu on MIPS N64 and N32.
Signed-off-by: Zubair Lutfullah Kakakhel <Zubair.Kakakhel@imgtec.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The Makefile in directory tests has been renamed, then update script
run-ptest to follow the change.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Backport patch to fix CVE-2016-7909 of qemu.
Ref:
https://security-tracker.debian.org/tracker/CVE-2016-7909
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Backport patches to fix CVE-2016-7423 and CVE-2016-7908 of qemu.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
It is reported in qemu community that VM always exits with:
| 2016-10-17T07:33:40.393592Z qemu-kvm: Virtqueue size exceede
when VM is suspend and resume. Solution from the maintainer of virtio
is to merge following 3 commits:
http://git.qemu.org/?p=qemu.git;a=commit;h=bccdef6
http://git.qemu.org/?p=qemu.git;a=commit;h=58a83c6
http://git.qemu.org/?p=qemu.git;a=commit;h=4b7f91e
The first 2 commits have been merged in qemu 2.7.0. Then apply the
third one.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
LICENSE and LIC_FILES_CHKSUM apply to the sources specified by SRC_URI,
not to the recipe itself. As such a license declaration for a source-less
recipe makes little sense. The LICENSE declaration is mandatory, but
LIC_FILES_CHKSUM can be removed in such cases.
Remove the LIC_FILES_CHKSUM declarations from all recipes that do not
need it.
CC: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Olaf Mandel <o.mandel@menlosystems.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
These tools are relics of an earlier time when the Zaurus devices were
reference platforms - these days they are no longer needed. It seems
amazing that they survived earlier purges.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There is no runqemu-internal anymore, and it is a python script now
which requires several python modules.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
bitbake qemu
This error shows up:
ERROR: qemu-2.7.0-r1 do_install_ptest_base: Function failed:
do_install_ptest_base
...
cp: cannot stat '...tmp/work/core2-64-poky-linux/qemu/2.7.0-r1
/qemu-2.7.0/tests/Makefile: No such file or directory
...
Commit 46e7b70699d8bf4db08c8bb5111974318dd5416d in qemu project
renamed tests/Makefile to tests/Makefile.include, we apply the
same change in recipe accordingly to fix this issue.
Fixes [YOCTO #10245]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This upgrade can fix a qemuppc + openssh bug, the ssh connection maybe
refused or closed randomly, and it's not easy to reproduce. RP pointed
that this upgrade can fix the problem, and it does work in my local
testing.
* Update add-ptest-in-makefile.patch
* Drop backported patch 0001-configure-support-vte-2.91.patch
Here is the Changlog:
http://wiki.qemu.org/ChangeLog/2.7
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch has been accepted upstream:
http://lists.nongnu.org/archive/html/qemu-devel/2016-07/msg05778.html
Signed-off-by: André Draszik <git@andred.net>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Enforce the correct tag names across all of oe-core for consistency.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This is just for reading bzip-compressed DMG files, so disable it by default.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The main thing is build failures with gold linker, but qemu is also a
little too aggressive at finding random tools on the build host, so we
also set the build env for qemu-native and make sure it doesn't reset
its own (hard-coded) cflags when we don't want it to.
Signed-off-by: Stephen Arnold <sarnold@vctlabs.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Nothing seems to require it.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
|
|
Signed-off-by: Marek Vasut <marex@denx.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This is a minor upgrade only comes with security fixes in qemu VGA
and UART code to avoid corruptions.
For review details,
http://git.qemu.org/?p=qemu.git;a=log;h=v2.5.1.1
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This upgrade includes several worthwhile fixes, security and otherwise, including
a complete fix for CVE-2016-2857.
* drop CVE-2016-2857.patch as it's included in this release, along with several
related patches which complete the fixes for CVE-2016-2857:
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=9bddb45dbc010cd8ee4d48bd501fa5d18dcec00c
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=e3a2cdfcb5e282139217924044ec5af00c7f8eed
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=fe90bdc25bcf9954ee286cd51de94776a17d04f6
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=d0ee85b4e4c6cc2c8fac311d6df2ed412ed0df5f
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=80b6e5723fac428ea6c08c821078286f43975df8
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=a375e0b03ee3438924b24a45e61ee189ec9361db
* drop CVE-2016-2197.patch as an equivalent fix is included in this release
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=aaf4fb6afb4653c86059255811886a5c4ea271f3
* drop CVE-2016-1568.patch as it's included in this release
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=4f046a6ba1d558eb043dc13a80d40cf7cb62ef95
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
qemu-native was optionally depending on libxext-native if the DISTRO_FEATURES
included x11. This dependency was required back when we didn't build
libsdl-native and causes an undesirable relationship between DISTRO_FEATURES and
qemu-native.
As the dependency isn't required anymore, remove it.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
By default qemu builds a complete list of directories within the user
emulation sysroot (-L option). The OE sysroot directory is large and
this is confusing, for example it indexes all pkgdata. In particular this
confuses strace of qemu binaries with tons of irrelevant paths.
This patch stops the code indexing up front and instead only indexes
things if/as/when it needs to. This drastically reduces the files it
reads and reduces memory usage and cleans up strace.
It would also avoid the infinite directory traversal bug in [YOCTO #6996]
although the code could still be vulnerable if it parsed those specific
paths.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2016-2198 Qemu: usb: ehci null pointer dereference in ehci_caps_write
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2016-2197 Qemu: ide: ahci null pointer dereference when using FIS CLB engines
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2016-1568 Qemu: ide: ahci use-after-free vulnerability in aio port commands
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
- cpus.c-qemu_mutex_lock_iothread-fix-race-condition-a.patch removed,
included upstream;
- smc91c111_fix*.patch patches removed, included upstream;
- trace-remove-malloc-tracing.patch patch removed, included upstream;
- some configure options disappeared or changed name, updated.
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Allocation tracing has been removed from GLib 2.46 and trying to use
it results in an ugly warning: Backport patch to not use it in Qemu.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This release is just security fixes:
- CVE-2015-5225
- CVE-2015-6815
- CVE-2015-5278
- CVE-2015-5279
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
- remove mips64 and mips64el from softmmuonly list
to enable user mode, they have been supported
since 2012.
- keep the softmmuonly list and for loop although
there is only one for now in case more supported
arches added.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|