diff options
Diffstat (limited to 'meta/recipes-devtools/qemu/qemu.inc')
-rw-r--r-- | meta/recipes-devtools/qemu/qemu.inc | 59 |
1 files changed, 15 insertions, 44 deletions
diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index 4501f84c2b..fb38fb44de 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc | |||
@@ -22,62 +22,31 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ | |||
22 | file://powerpc_rom.bin \ | 22 | file://powerpc_rom.bin \ |
23 | file://run-ptest \ | 23 | file://run-ptest \ |
24 | file://0001-qemu-Add-addition-environment-space-to-boot-loader-q.patch \ | 24 | file://0001-qemu-Add-addition-environment-space-to-boot-loader-q.patch \ |
25 | file://0003-apic-fixup-fallthrough-to-PIC.patch \ | 25 | file://0002-apic-fixup-fallthrough-to-PIC.patch \ |
26 | file://0004-configure-Add-pkg-config-handling-for-libgcrypt.patch \ | 26 | file://0003-configure-Add-pkg-config-handling-for-libgcrypt.patch \ |
27 | file://0005-qemu-Do-not-include-file-if-not-exists.patch \ | 27 | file://0004-qemu-Do-not-include-file-if-not-exists.patch \ |
28 | file://0006-qemu-Add-some-user-space-mmap-tweaks-to-address-musl.patch \ | 28 | file://0005-qemu-Add-some-user-space-mmap-tweaks-to-address-musl.patch \ |
29 | file://0007-qemu-Determinism-fixes.patch \ | 29 | file://0006-qemu-Determinism-fixes.patch \ |
30 | file://0008-tests-meson.build-use-relative-path-to-refer-to-file.patch \ | 30 | file://0007-tests-meson.build-use-relative-path-to-refer-to-file.patch \ |
31 | file://0009-Define-MAP_SYNC-and-MAP_SHARED_VALIDATE-on-needed-li.patch \ | 31 | file://0008-Define-MAP_SYNC-and-MAP_SHARED_VALIDATE-on-needed-li.patch \ |
32 | file://0010-hw-pvrdma-Protect-against-buggy-or-malicious-guest-d.patch \ | 32 | file://0009-linux-user-Replace-use-of-lfs64-related-functions-an.patch \ |
33 | file://0002-linux-user-Replace-use-of-lfs64-related-functions-an.patch \ | 33 | file://0010-configure-lookup-meson-exutable-from-PATH.patch \ |
34 | file://fixedmeson.patch \ | 34 | file://0011-qemu-Ensure-pip-and-the-python-venv-aren-t-used-for-.patch \ |
35 | file://no-pip.patch \ | ||
36 | file://4a8579ad8629b57a43daa62e46cc7af6e1078116.patch \ | ||
37 | file://0001-linux-user-x86_64-Handle-the-vsyscall-page-in-open_s.patch \ | ||
38 | file://0002-linux-user-loongarch64-Remove-TARGET_FORCE_SHMLBA.patch \ | ||
39 | file://0003-linux-user-Add-strace-for-shmat.patch \ | ||
40 | file://0004-linux-user-Rewrite-target_shmat.patch \ | ||
41 | file://0005-tests-tcg-Check-that-shmat-does-not-break-proc-self-.patch \ | ||
42 | file://CVE-2023-6683.patch \ | ||
43 | file://qemu-guest-agent.init \ | 35 | file://qemu-guest-agent.init \ |
44 | file://qemu-guest-agent.udev \ | 36 | file://qemu-guest-agent.udev \ |
45 | " | 37 | " |
46 | UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar" | 38 | UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar" |
47 | 39 | ||
48 | # SDK_OLDEST_KERNEL is set below 4.17, which is the minimum version required by QEMU >= 8.1 | 40 | SRC_URI[sha256sum] = "32708ac66c30d8c892633ea968c771c1c76d597d70ddead21a0d22ccf386da69" |
49 | # This is due to two MMAP flags being used at certain points | ||
50 | SRC_URI:append:class-nativesdk = " \ | ||
51 | file://0011-linux-user-workaround-for-missing-MAP_FIXED_NOREPLAC.patch \ | ||
52 | file://0012-linux-user-workaround-for-missing-MAP_SHARED_VALIDAT.patch \ | ||
53 | " | ||
54 | |||
55 | # Support building and using native version on pre 4.17 kernels | ||
56 | SRC_URI:append:class-native = " \ | ||
57 | file://0011-linux-user-workaround-for-missing-MAP_FIXED_NOREPLAC.patch \ | ||
58 | file://0012-linux-user-workaround-for-missing-MAP_SHARED_VALIDAT.patch \ | ||
59 | " | ||
60 | |||
61 | SRC_URI[sha256sum] = "8562751158175f9d187c5f22b57555abe3c870f0325c8ced12c34c6d987729be" | ||
62 | 41 | ||
63 | CVE_STATUS[CVE-2007-0998] = "not-applicable-config: The VNC server can expose host files uder some circumstances. We don't enable it by default." | 42 | CVE_STATUS[CVE-2007-0998] = "not-applicable-config: The VNC server can expose host files uder some circumstances. We don't enable it by default." |
64 | 43 | ||
65 | # https://bugzilla.redhat.com/show_bug.cgi?id=1609015#c11 | 44 | # https://bugzilla.redhat.com/show_bug.cgi?id=1609015#c11 |
66 | CVE_STATUS[CVE-2018-18438] = "disputed: The issues identified by this CVE were determined to not constitute a vulnerability." | 45 | CVE_STATUS[CVE-2018-18438] = "disputed: The issues identified by this CVE were determined to not constitute a vulnerability." |
67 | 46 | ||
68 | # As per https://nvd.nist.gov/vuln/detail/CVE-2023-0664 | ||
69 | # https://bugzilla.redhat.com/show_bug.cgi?id=2167423 | ||
70 | CVE_STATUS[CVE-2023-0664] = "not-applicable-platform: Issue only applies on Windows" | ||
71 | |||
72 | # As per https://bugzilla.redhat.com/show_bug.cgi?id=2203387 | 47 | # As per https://bugzilla.redhat.com/show_bug.cgi?id=2203387 |
73 | CVE_STATUS[CVE-2023-2680] = "not-applicable-platform: RHEL specific issue." | 48 | CVE_STATUS[CVE-2023-2680] = "not-applicable-platform: RHEL specific issue." |
74 | 49 | ||
75 | CVE_STATUS[CVE-2023-3019] = "cpe-incorrect: Applies only against versions before 8.2.0" | ||
76 | |||
77 | CVE_STATUS[CVE-2023-5088] = "cpe-incorrect: Applies only against version 8.2.0 and earlier" | ||
78 | |||
79 | CVE_STATUS[CVE-2023-6693] = "cpe-incorrect: Applies only against version 8.2.0 and earlier" | ||
80 | |||
81 | COMPATIBLE_HOST:mipsarchn32 = "null" | 50 | COMPATIBLE_HOST:mipsarchn32 = "null" |
82 | COMPATIBLE_HOST:mipsarchn64 = "null" | 51 | COMPATIBLE_HOST:mipsarchn64 = "null" |
83 | COMPATIBLE_HOST:riscv32 = "null" | 52 | COMPATIBLE_HOST:riscv32 = "null" |
@@ -168,11 +137,11 @@ do_install () { | |||
168 | # If we built the guest agent, also install startup/udev rules | 137 | # If we built the guest agent, also install startup/udev rules |
169 | if [ -e "${D}${bindir}/qemu-ga" ]; then | 138 | if [ -e "${D}${bindir}/qemu-ga" ]; then |
170 | install -d ${D}${sysconfdir}/init.d/ | 139 | install -d ${D}${sysconfdir}/init.d/ |
171 | install -m 0755 ${WORKDIR}/qemu-guest-agent.init ${D}${sysconfdir}/init.d/qemu-guest-agent | 140 | install -m 0755 ${UNPACKDIR}/qemu-guest-agent.init ${D}${sysconfdir}/init.d/qemu-guest-agent |
172 | sed -i 's:@bindir@:${bindir}:' ${D}${sysconfdir}/init.d/qemu-guest-agent | 141 | sed -i 's:@bindir@:${bindir}:' ${D}${sysconfdir}/init.d/qemu-guest-agent |
173 | 142 | ||
174 | install -d ${D}${sysconfdir}/udev/rules.d/ | 143 | install -d ${D}${sysconfdir}/udev/rules.d/ |
175 | install -m 0644 ${WORKDIR}/qemu-guest-agent.udev ${D}${sysconfdir}/udev/rules.d/60-qemu-guest-agent.rules | 144 | install -m 0644 ${UNPACKDIR}/qemu-guest-agent.udev ${D}${sysconfdir}/udev/rules.d/60-qemu-guest-agent.rules |
176 | 145 | ||
177 | install -d ${D}${systemd_unitdir}/system/ | 146 | install -d ${D}${systemd_unitdir}/system/ |
178 | install -m 0644 ${S}/contrib/systemd/qemu-guest-agent.service ${D}${systemd_unitdir}/system | 147 | install -m 0644 ${S}/contrib/systemd/qemu-guest-agent.service ${D}${systemd_unitdir}/system |
@@ -182,6 +151,8 @@ do_install () { | |||
182 | rm ${D}${datadir}/qemu/s390-netboot.img -f | 151 | rm ${D}${datadir}/qemu/s390-netboot.img -f |
183 | # ELF binary /usr/share/qemu/s390-ccw.img has relocations in .text [textrel] | 152 | # ELF binary /usr/share/qemu/s390-ccw.img has relocations in .text [textrel] |
184 | rm ${D}${datadir}/qemu/s390-ccw.img -f | 153 | rm ${D}${datadir}/qemu/s390-ccw.img -f |
154 | # We don't support PARISC and these cause strip and SDK relocation errors | ||
155 | rm ${D}${datadir}/qemu/hppa* -f | ||
185 | } | 156 | } |
186 | 157 | ||
187 | # The following fragment will create a wrapper for qemu-mips user emulation | 158 | # The following fragment will create a wrapper for qemu-mips user emulation |