diff options
Diffstat (limited to 'meta/recipes-devtools/qemu/qemu.inc')
| -rw-r--r-- | meta/recipes-devtools/qemu/qemu.inc | 59 |
1 files changed, 15 insertions, 44 deletions
diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index 4501f84c2b..fb38fb44de 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc | |||
| @@ -22,62 +22,31 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ | |||
| 22 | file://powerpc_rom.bin \ | 22 | file://powerpc_rom.bin \ |
| 23 | file://run-ptest \ | 23 | file://run-ptest \ |
| 24 | file://0001-qemu-Add-addition-environment-space-to-boot-loader-q.patch \ | 24 | file://0001-qemu-Add-addition-environment-space-to-boot-loader-q.patch \ |
| 25 | file://0003-apic-fixup-fallthrough-to-PIC.patch \ | 25 | file://0002-apic-fixup-fallthrough-to-PIC.patch \ |
| 26 | file://0004-configure-Add-pkg-config-handling-for-libgcrypt.patch \ | 26 | file://0003-configure-Add-pkg-config-handling-for-libgcrypt.patch \ |
| 27 | file://0005-qemu-Do-not-include-file-if-not-exists.patch \ | 27 | file://0004-qemu-Do-not-include-file-if-not-exists.patch \ |
| 28 | file://0006-qemu-Add-some-user-space-mmap-tweaks-to-address-musl.patch \ | 28 | file://0005-qemu-Add-some-user-space-mmap-tweaks-to-address-musl.patch \ |
| 29 | file://0007-qemu-Determinism-fixes.patch \ | 29 | file://0006-qemu-Determinism-fixes.patch \ |
| 30 | file://0008-tests-meson.build-use-relative-path-to-refer-to-file.patch \ | 30 | file://0007-tests-meson.build-use-relative-path-to-refer-to-file.patch \ |
| 31 | file://0009-Define-MAP_SYNC-and-MAP_SHARED_VALIDATE-on-needed-li.patch \ | 31 | file://0008-Define-MAP_SYNC-and-MAP_SHARED_VALIDATE-on-needed-li.patch \ |
| 32 | file://0010-hw-pvrdma-Protect-against-buggy-or-malicious-guest-d.patch \ | 32 | file://0009-linux-user-Replace-use-of-lfs64-related-functions-an.patch \ |
| 33 | file://0002-linux-user-Replace-use-of-lfs64-related-functions-an.patch \ | 33 | file://0010-configure-lookup-meson-exutable-from-PATH.patch \ |
| 34 | file://fixedmeson.patch \ | 34 | file://0011-qemu-Ensure-pip-and-the-python-venv-aren-t-used-for-.patch \ |
| 35 | file://no-pip.patch \ | ||
| 36 | file://4a8579ad8629b57a43daa62e46cc7af6e1078116.patch \ | ||
| 37 | file://0001-linux-user-x86_64-Handle-the-vsyscall-page-in-open_s.patch \ | ||
| 38 | file://0002-linux-user-loongarch64-Remove-TARGET_FORCE_SHMLBA.patch \ | ||
| 39 | file://0003-linux-user-Add-strace-for-shmat.patch \ | ||
| 40 | file://0004-linux-user-Rewrite-target_shmat.patch \ | ||
| 41 | file://0005-tests-tcg-Check-that-shmat-does-not-break-proc-self-.patch \ | ||
| 42 | file://CVE-2023-6683.patch \ | ||
| 43 | file://qemu-guest-agent.init \ | 35 | file://qemu-guest-agent.init \ |
| 44 | file://qemu-guest-agent.udev \ | 36 | file://qemu-guest-agent.udev \ |
| 45 | " | 37 | " |
| 46 | UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar" | 38 | UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar" |
| 47 | 39 | ||
| 48 | # SDK_OLDEST_KERNEL is set below 4.17, which is the minimum version required by QEMU >= 8.1 | 40 | SRC_URI[sha256sum] = "32708ac66c30d8c892633ea968c771c1c76d597d70ddead21a0d22ccf386da69" |
| 49 | # This is due to two MMAP flags being used at certain points | ||
| 50 | SRC_URI:append:class-nativesdk = " \ | ||
| 51 | file://0011-linux-user-workaround-for-missing-MAP_FIXED_NOREPLAC.patch \ | ||
| 52 | file://0012-linux-user-workaround-for-missing-MAP_SHARED_VALIDAT.patch \ | ||
| 53 | " | ||
| 54 | |||
| 55 | # Support building and using native version on pre 4.17 kernels | ||
| 56 | SRC_URI:append:class-native = " \ | ||
| 57 | file://0011-linux-user-workaround-for-missing-MAP_FIXED_NOREPLAC.patch \ | ||
| 58 | file://0012-linux-user-workaround-for-missing-MAP_SHARED_VALIDAT.patch \ | ||
| 59 | " | ||
| 60 | |||
| 61 | SRC_URI[sha256sum] = "8562751158175f9d187c5f22b57555abe3c870f0325c8ced12c34c6d987729be" | ||
| 62 | 41 | ||
| 63 | CVE_STATUS[CVE-2007-0998] = "not-applicable-config: The VNC server can expose host files uder some circumstances. We don't enable it by default." | 42 | CVE_STATUS[CVE-2007-0998] = "not-applicable-config: The VNC server can expose host files uder some circumstances. We don't enable it by default." |
| 64 | 43 | ||
| 65 | # https://bugzilla.redhat.com/show_bug.cgi?id=1609015#c11 | 44 | # https://bugzilla.redhat.com/show_bug.cgi?id=1609015#c11 |
| 66 | CVE_STATUS[CVE-2018-18438] = "disputed: The issues identified by this CVE were determined to not constitute a vulnerability." | 45 | CVE_STATUS[CVE-2018-18438] = "disputed: The issues identified by this CVE were determined to not constitute a vulnerability." |
| 67 | 46 | ||
| 68 | # As per https://nvd.nist.gov/vuln/detail/CVE-2023-0664 | ||
| 69 | # https://bugzilla.redhat.com/show_bug.cgi?id=2167423 | ||
| 70 | CVE_STATUS[CVE-2023-0664] = "not-applicable-platform: Issue only applies on Windows" | ||
| 71 | |||
| 72 | # As per https://bugzilla.redhat.com/show_bug.cgi?id=2203387 | 47 | # As per https://bugzilla.redhat.com/show_bug.cgi?id=2203387 |
| 73 | CVE_STATUS[CVE-2023-2680] = "not-applicable-platform: RHEL specific issue." | 48 | CVE_STATUS[CVE-2023-2680] = "not-applicable-platform: RHEL specific issue." |
| 74 | 49 | ||
| 75 | CVE_STATUS[CVE-2023-3019] = "cpe-incorrect: Applies only against versions before 8.2.0" | ||
| 76 | |||
| 77 | CVE_STATUS[CVE-2023-5088] = "cpe-incorrect: Applies only against version 8.2.0 and earlier" | ||
| 78 | |||
| 79 | CVE_STATUS[CVE-2023-6693] = "cpe-incorrect: Applies only against version 8.2.0 and earlier" | ||
| 80 | |||
| 81 | COMPATIBLE_HOST:mipsarchn32 = "null" | 50 | COMPATIBLE_HOST:mipsarchn32 = "null" |
| 82 | COMPATIBLE_HOST:mipsarchn64 = "null" | 51 | COMPATIBLE_HOST:mipsarchn64 = "null" |
| 83 | COMPATIBLE_HOST:riscv32 = "null" | 52 | COMPATIBLE_HOST:riscv32 = "null" |
| @@ -168,11 +137,11 @@ do_install () { | |||
| 168 | # If we built the guest agent, also install startup/udev rules | 137 | # If we built the guest agent, also install startup/udev rules |
| 169 | if [ -e "${D}${bindir}/qemu-ga" ]; then | 138 | if [ -e "${D}${bindir}/qemu-ga" ]; then |
| 170 | install -d ${D}${sysconfdir}/init.d/ | 139 | install -d ${D}${sysconfdir}/init.d/ |
| 171 | install -m 0755 ${WORKDIR}/qemu-guest-agent.init ${D}${sysconfdir}/init.d/qemu-guest-agent | 140 | install -m 0755 ${UNPACKDIR}/qemu-guest-agent.init ${D}${sysconfdir}/init.d/qemu-guest-agent |
| 172 | sed -i 's:@bindir@:${bindir}:' ${D}${sysconfdir}/init.d/qemu-guest-agent | 141 | sed -i 's:@bindir@:${bindir}:' ${D}${sysconfdir}/init.d/qemu-guest-agent |
| 173 | 142 | ||
| 174 | install -d ${D}${sysconfdir}/udev/rules.d/ | 143 | install -d ${D}${sysconfdir}/udev/rules.d/ |
| 175 | install -m 0644 ${WORKDIR}/qemu-guest-agent.udev ${D}${sysconfdir}/udev/rules.d/60-qemu-guest-agent.rules | 144 | install -m 0644 ${UNPACKDIR}/qemu-guest-agent.udev ${D}${sysconfdir}/udev/rules.d/60-qemu-guest-agent.rules |
| 176 | 145 | ||
| 177 | install -d ${D}${systemd_unitdir}/system/ | 146 | install -d ${D}${systemd_unitdir}/system/ |
| 178 | install -m 0644 ${S}/contrib/systemd/qemu-guest-agent.service ${D}${systemd_unitdir}/system | 147 | install -m 0644 ${S}/contrib/systemd/qemu-guest-agent.service ${D}${systemd_unitdir}/system |
| @@ -182,6 +151,8 @@ do_install () { | |||
| 182 | rm ${D}${datadir}/qemu/s390-netboot.img -f | 151 | rm ${D}${datadir}/qemu/s390-netboot.img -f |
| 183 | # ELF binary /usr/share/qemu/s390-ccw.img has relocations in .text [textrel] | 152 | # ELF binary /usr/share/qemu/s390-ccw.img has relocations in .text [textrel] |
| 184 | rm ${D}${datadir}/qemu/s390-ccw.img -f | 153 | rm ${D}${datadir}/qemu/s390-ccw.img -f |
| 154 | # We don't support PARISC and these cause strip and SDK relocation errors | ||
| 155 | rm ${D}${datadir}/qemu/hppa* -f | ||
| 185 | } | 156 | } |
| 186 | 157 | ||
| 187 | # The following fragment will create a wrapper for qemu-mips user emulation | 158 | # The following fragment will create a wrapper for qemu-mips user emulation |