33 files changed, 185 insertions, 1567 deletions

diff --git a/meta/recipes-devtools/qemu/nativesdk-qemu-helper_1.0.bb b/meta/recipes-devtools/qemu/nativesdk-qemu-helper_1.0.bb
index 997f72e6e7..35735c1e15 100644
--- a/meta/recipes-devtools/qemu/nativesdk-qemu-helper_1.0.bb
+++ b/meta/recipes-devtools/qemu/nativesdk-qemu-helper_1.0.bb
@@ -4,10 +4,8 @@ RDEPENDS:${PN} = "nativesdk-qemu nativesdk-unfs3 nativesdk-pseudo \
                   nativesdk-python3-shell nativesdk-python3-fcntl nativesdk-python3-logging \
                 "
 
-
 LIC_FILES_CHKSUM = "file://${COREBASE}/scripts/runqemu;beginline=5;endline=10;md5=ac2b489a58739c7628a2604698db5e7f"
 
-
 SRC_URI = "file://${COREBASE}/scripts/runqemu \
            file://${COREBASE}/scripts/runqemu-addptable2image \
            file://${COREBASE}/scripts/runqemu-gen-tapdevs \
@@ -18,7 +16,7 @@ SRC_URI = "file://${COREBASE}/scripts/runqemu \
            file://${COREBASE}/scripts/runqemu-export-rootfs \
           "
 
-S = "${WORKDIR}"
+S = "${UNPACKDIR}"
 
 inherit nativesdk
 
diff --git a/meta/recipes-devtools/qemu/qemu-helper-native_1.0.bb b/meta/recipes-devtools/qemu/qemu-helper-native_1.0.bb
index 8bb6ef0995..30108e76df 100644
--- a/meta/recipes-devtools/qemu/qemu-helper-native_1.0.bb
+++ b/meta/recipes-devtools/qemu/qemu-helper-native_1.0.bb
@@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://${S}/qemu-oe-bridge-helper.c;endline=4;md5=ae00a3bab8
 
 SRC_URI = "file://qemu-oe-bridge-helper.c"
 
-S = "${WORKDIR}"
+S = "${UNPACKDIR}"
 
 inherit native
 
diff --git a/meta/recipes-devtools/qemu/qemu-native.inc b/meta/recipes-devtools/qemu/qemu-native.inc
index 891dc5e2a1..d074d7d181 100644
--- a/meta/recipes-devtools/qemu/qemu-native.inc
+++ b/meta/recipes-devtools/qemu/qemu-native.inc
@@ -4,4 +4,4 @@ inherit_defer native
 
 EXTRA_OEMAKE:append = " LD='${LD}' AR='${AR}' OBJCOPY='${OBJCOPY}' LDFLAGS='${LDFLAGS}'"
 
-LDFLAGS:append = " -fuse-ld=bfd"
+LDFLAGS += "-fuse-ld=bfd"
diff --git a/meta/recipes-devtools/qemu/qemu-native_8.2.1.bb b/meta/recipes-devtools/qemu/qemu-native_10.0.2.bb
index a77953529b..26fa84c180 100644
--- a/meta/recipes-devtools/qemu/qemu-native_8.2.1.bb
+++ b/meta/recipes-devtools/qemu/qemu-native_10.0.2.bb
@@ -7,3 +7,4 @@ require qemu-native.inc
 EXTRA_OECONF:append = " --target-list=${@get_qemu_usermode_target_list(d)} --disable-tools --disable-install-blobs --disable-guest-agent"
 
 PACKAGECONFIG ??= "pie"
+
diff --git a/meta/recipes-devtools/qemu/qemu-system-native_8.2.1.bb b/meta/recipes-devtools/qemu/qemu-system-native_10.0.2.bb
index 5d2fbcbc02..22462e2499 100644
--- a/meta/recipes-devtools/qemu/qemu-system-native_8.2.1.bb
+++ b/meta/recipes-devtools/qemu/qemu-system-native_10.0.2.bb
@@ -9,7 +9,7 @@ DEPENDS += "glib-2.0-native zlib-native pixman-native qemu-native"
 
 EXTRA_OECONF:append = " --target-list=${@get_qemu_system_target_list(d)}"
 
-PACKAGECONFIG ??= "fdt alsa kvm pie slirp png \
+PACKAGECONFIG ??= "fdt alsa kvm pie slirp png pixman sdl \
     ${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'virglrenderer epoxy', '', d)} \
 "
 
@@ -29,3 +29,4 @@ do_install:append() {
     install -d ${D}${libdir}/qemu-python/qmp/
     install -D ${S}/python/qemu/qmp/* ${D}${libdir}/qemu-python/qmp/
 }
+
diff --git a/meta/recipes-devtools/qemu/qemu-targets.inc b/meta/recipes-devtools/qemu/qemu-targets.inc
index 24f9a03948..50e5eb6796 100644
--- a/meta/recipes-devtools/qemu/qemu-targets.inc
+++ b/meta/recipes-devtools/qemu/qemu-targets.inc
@@ -7,6 +7,12 @@ def get_qemu_target_list(d):
     import bb
     archs = d.getVar('QEMU_TARGETS').split()
     tos = d.getVar('HOST_OS')
+    tarch = d.getVar('HOST_ARCH')
+    # 32 bit hosts can't handle 64 bit targets
+    if "64" not in tarch:
+        for arch in archs.copy():
+            if "64" in arch:
+                archs.remove(arch)
     softmmuonly = ""
     for arch in ['ppcemb', 'lm32']:
         if arch in archs:
diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index f76cbbb5cb..7893df0df2 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -21,62 +21,37 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=441c28d2cf86e15a37fa47e15a72fbac \
 SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
            file://powerpc_rom.bin \
            file://run-ptest \
+           file://fix-strerrorname_np.patch \
            file://0001-qemu-Add-addition-environment-space-to-boot-loader-q.patch \
-           file://0003-apic-fixup-fallthrough-to-PIC.patch \
-           file://0004-configure-Add-pkg-config-handling-for-libgcrypt.patch \
-           file://0005-qemu-Do-not-include-file-if-not-exists.patch \
-           file://0006-qemu-Add-some-user-space-mmap-tweaks-to-address-musl.patch \
-           file://0007-qemu-Determinism-fixes.patch \
-           file://0008-tests-meson.build-use-relative-path-to-refer-to-file.patch \
-           file://0009-Define-MAP_SYNC-and-MAP_SHARED_VALIDATE-on-needed-li.patch \
-           file://0010-hw-pvrdma-Protect-against-buggy-or-malicious-guest-d.patch \
-           file://0002-linux-user-Replace-use-of-lfs64-related-functions-an.patch \
-           file://fixedmeson.patch \
-           file://no-pip.patch \
-           file://4a8579ad8629b57a43daa62e46cc7af6e1078116.patch \
-           file://0001-linux-user-x86_64-Handle-the-vsyscall-page-in-open_s.patch \
-           file://0002-linux-user-loongarch64-Remove-TARGET_FORCE_SHMLBA.patch \
-           file://0003-linux-user-Add-strace-for-shmat.patch \
-           file://0004-linux-user-Rewrite-target_shmat.patch \
-           file://0005-tests-tcg-Check-that-shmat-does-not-break-proc-self-.patch \
-           file://CVE-2023-6683.patch \
+           file://0002-apic-fixup-fallthrough-to-PIC.patch \
+           file://0004-qemu-Do-not-include-file-if-not-exists.patch \
+           file://0005-qemu-Add-some-user-space-mmap-tweaks-to-address-musl.patch \
+           file://0006-qemu-Determinism-fixes.patch \
+           file://0007-tests-meson.build-use-relative-path-to-refer-to-file.patch \
+           file://0008-Define-MAP_SYNC-and-MAP_SHARED_VALIDATE-on-needed-li.patch \
+           file://0010-configure-lookup-meson-exutable-from-PATH.patch \
+           file://0011-qemu-Ensure-pip-and-the-python-venv-aren-t-used-for-.patch \
            file://qemu-guest-agent.init \
            file://qemu-guest-agent.udev \
            "
+# file index at download.qemu.org isn't reliable: https://gitlab.com/qemu-project/qemu-web/-/issues/9
+UPSTREAM_CHECK_URI = "https://www.qemu.org"
 UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"
 
-# SDK_OLDEST_KERNEL is set below 4.17, which is the minimum version required by QEMU >= 8.1
-# This is due to two MMAP flags being used at certain points
-SRC_URI:append:class-nativesdk = " \
-        file://0011-linux-user-workaround-for-missing-MAP_FIXED_NOREPLAC.patch \
-        file://0012-linux-user-workaround-for-missing-MAP_SHARED_VALIDAT.patch \
-        "
-
-# Support building and using native version on pre 4.17 kernels
-SRC_URI:append:class-native = " \
-        file://0011-linux-user-workaround-for-missing-MAP_FIXED_NOREPLAC.patch \
-        file://0012-linux-user-workaround-for-missing-MAP_SHARED_VALIDAT.patch \
-        "
-
-SRC_URI[sha256sum] = "8562751158175f9d187c5f22b57555abe3c870f0325c8ced12c34c6d987729be"
+SRC_URI[sha256sum] = "ef786f2398cb5184600f69aef4d5d691efd44576a3cff4126d38d4c6fec87759"
 
 CVE_STATUS[CVE-2007-0998] = "not-applicable-config: The VNC server can expose host files uder some circumstances. We don't enable it by default."
 
 # https://bugzilla.redhat.com/show_bug.cgi?id=1609015#c11
 CVE_STATUS[CVE-2018-18438] = "disputed: The issues identified by this CVE were determined to not constitute a vulnerability."
 
-# As per https://nvd.nist.gov/vuln/detail/CVE-2023-0664
-# https://bugzilla.redhat.com/show_bug.cgi?id=2167423
-CVE_STATUS[CVE-2023-0664] = "not-applicable-platform: Issue only applies on Windows"
-
 # As per https://bugzilla.redhat.com/show_bug.cgi?id=2203387
 CVE_STATUS[CVE-2023-2680] = "not-applicable-platform: RHEL specific issue."
 
-CVE_STATUS[CVE-2023-3019] = "cpe-incorrect: Applies only against versions before 8.2.0"
-
-CVE_STATUS[CVE-2023-5088] = "cpe-incorrect: Applies only against version 8.2.0 and earlier"
+# NVD DB has this CVE as version-less (with "-")
+CVE_STATUS[CVE-2024-6505] = "fixed-version: this CVE is fixed since 9.1.0"
 
-CVE_STATUS[CVE-2023-6693] = "cpe-incorrect: Applies only against version 8.2.0 and earlier"
+CVE_STATUS[CVE-2023-1386] = "disputed: not an issue as per https://bugzilla.redhat.com/show_bug.cgi?id=2223985"
 
 COMPATIBLE_HOST:mipsarchn32 = "null"
 COMPATIBLE_HOST:mipsarchn64 = "null"
@@ -182,27 +157,16 @@ do_install () {
         rm ${D}${datadir}/qemu/s390-netboot.img -f
         # ELF binary /usr/share/qemu/s390-ccw.img has relocations in .text [textrel]
         rm ${D}${datadir}/qemu/s390-ccw.img -f
+        # We don't support PARISC and these cause strip and SDK relocation errors
+        rm ${D}${datadir}/qemu/hppa* -f
 }
 
-# The following fragment will create a wrapper for qemu-mips user emulation
-# binary in order to work around a segmentation fault issue. Basically, by
-# default, the reserved virtual address space for 32-on-64 bit is set to 4GB.
-# This will trigger a MMU access fault in the virtual CPU. With this change,
-# the qemu-mips works fine.
-# IMPORTANT: This piece needs to be removed once the root cause is fixed!
-do_install:append() {
-        if [ -e "${D}/${bindir}/qemu-mips" ]; then
-                create_wrapper ${D}/${bindir}/qemu-mips \
-                        QEMU_RESERVED_VA=0x0
-        fi
-}
-# END of qemu-mips workaround
-
 # Disable kvm/virgl/mesa on targets that do not support it
 PACKAGECONFIG:remove:darwin = "kvm virglrenderer epoxy gtk+"
 PACKAGECONFIG:remove:mingw32 = "kvm virglrenderer epoxy gtk+ pie"
 
-PACKAGECONFIG[sdl] = "--enable-sdl,--disable-sdl,libsdl2"
+PACKAGECONFIG[sdl] = "--enable-sdl,--disable-sdl,virtual/libsdl2"
+PACKAGECONFIG[sdl-image] = "--enable-sdl-image,--disable-sdl-image,libsdl2-image"
 PACKAGECONFIG[png] = "--enable-png,--disable-png,libpng"
 PACKAGECONFIG[virtfs] = "--enable-virtfs --enable-attr --enable-cap-ng,--disable-virtfs,libcap-ng attr,"
 PACKAGECONFIG[aio] = "--enable-linux-aio,--disable-linux-aio,libaio,"
@@ -213,6 +177,7 @@ PACKAGECONFIG[vnc-jpeg] = "--enable-vnc --enable-vnc-jpeg,--disable-vnc-jpeg,jpe
 PACKAGECONFIG[libcurl] = "--enable-curl,--disable-curl,curl,"
 PACKAGECONFIG[nss] = "--enable-smartcard,--disable-smartcard,nss,"
 PACKAGECONFIG[curses] = "--enable-curses,--disable-curses,ncurses,"
+PACKAGECONFIG[pixman] = "--enable-pixman,--disable-pixman,pixman"
 PACKAGECONFIG[gtk+] = "--enable-gtk,--disable-gtk,gtk+3 gettext-native"
 PACKAGECONFIG[vte] = "--enable-vte,--disable-vte,vte gettext-native"
 PACKAGECONFIG[libcap-ng] = "--enable-cap-ng,--disable-cap-ng,libcap-ng,"
@@ -287,9 +252,6 @@ python split_qemu_packages () {
     subpackages += do_split_packages(d, archdir, r'^qemu-((?!system|edid|ga|img|io|nbd|pr-helper|storage-daemon).*)$', '${PN}-user-%s', 'QEMU full user emulation binaries(%s)' , prepend=True, extra_depends='${PN}-common')
     if subpackages:
         d.appendVar('RDEPENDS:' + d.getVar('PN'), ' ' + ' '.join(subpackages))
-    mipspackage = d.getVar('PN') + "-user-mips"
-    if mipspackage in ' '.join(subpackages):
-        d.appendVar('RDEPENDS:' + mipspackage, ' ' + d.getVar("MLPREFIX") + 'bash')
 }
 
 # Put the guest agent in a separate package
diff --git a/meta/recipes-devtools/qemu/qemu/0001-linux-user-x86_64-Handle-the-vsyscall-page-in-open_s.patch b/meta/recipes-devtools/qemu/qemu/0001-linux-user-x86_64-Handle-the-vsyscall-page-in-open_s.patch
deleted file mode 100644
index 2eaebe883c..0000000000
--- a/meta/recipes-devtools/qemu/qemu/0001-linux-user-x86_64-Handle-the-vsyscall-page-in-open_s.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-From 4517e2046610722879761bcdb60edbb2b929c848 Mon Sep 17 00:00:00 2001
-From: Richard Henderson <richard.henderson@linaro.org>
-Date: Wed, 28 Feb 2024 10:25:14 -1000
-Subject: [PATCH 1/5] linux-user/x86_64: Handle the vsyscall page in
- open_self_maps_{2,4}
-
-This is the only case in which we expect to have no host memory backing
-for a guest memory page, because in general linux user processes cannot
-map any pages in the top half of the 64-bit address space.
-
-Upstream-Status: Submitted [https://www.mail-archive.com/qemu-devel@nongnu.org/msg1026793.html]
-
-Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2170
-Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
-Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
----
- linux-user/syscall.c | 16 ++++++++++++++++
- 1 file changed, 16 insertions(+)
-
-diff --git a/linux-user/syscall.c b/linux-user/syscall.c
-index a114f29a8..8307a8a61 100644
---- a/linux-user/syscall.c
-+++ b/linux-user/syscall.c
-@@ -7922,6 +7922,10 @@ static void open_self_maps_4(const struct open_self_maps_data *d,
-         path = "[heap]";
-     } else if (start == info->vdso) {
-         path = "[vdso]";
-+#ifdef TARGET_X86_64
-+    } else if (start == TARGET_VSYSCALL_PAGE) {
-+        path = "[vsyscall]";
-+#endif
-     }
- 
-     /* Except null device (MAP_ANON), adjust offset for this fragment. */
-@@ -8010,6 +8014,18 @@ static int open_self_maps_2(void *opaque, target_ulong guest_start,
-     uintptr_t host_start = (uintptr_t)g2h_untagged(guest_start);
-     uintptr_t host_last = (uintptr_t)g2h_untagged(guest_end - 1);
- 
-+#ifdef TARGET_X86_64
-+    /*
-+     * Because of the extremely high position of the page within the guest
-+     * virtual address space, this is not backed by host memory at all.
-+     * Therefore the loop below would fail.  This is the only instance
-+     * of not having host backing memory.
-+     */
-+    if (guest_start == TARGET_VSYSCALL_PAGE) {
-+        return open_self_maps_3(opaque, guest_start, guest_end, flags);
-+    }
-+#endif
-+
-     while (1) {
-         IntervalTreeNode *n =
-             interval_tree_iter_first(d->host_maps, host_start, host_start);
--- 
-2.34.1
-
diff --git a/meta/recipes-devtools/qemu/qemu/0001-qemu-Add-addition-environment-space-to-boot-loader-q.patch b/meta/recipes-devtools/qemu/qemu/0001-qemu-Add-addition-environment-space-to-boot-loader-q.patch
index c65508017d..f27208f45f 100644
--- a/meta/recipes-devtools/qemu/qemu/0001-qemu-Add-addition-environment-space-to-boot-loader-q.patch
+++ b/meta/recipes-devtools/qemu/qemu/0001-qemu-Add-addition-environment-space-to-boot-loader-q.patch
@@ -1,7 +1,7 @@
-From de64af82950a6908f9407dfc92b83c17e2af3eab Mon Sep 17 00:00:00 2001
+From 27273fcac6857750f07a2632bdb6b0ed66ae982a Mon Sep 17 00:00:00 2001
 From: Jason Wessel <jason.wessel@windriver.com>
 Date: Fri, 28 Mar 2014 17:42:43 +0800
-Subject: [PATCH 01/12] qemu: Add addition environment space to boot loader
+Subject: [PATCH] qemu: Add addition environment space to boot loader
  qemu-system-mips
 
 Upstream-Status: Inappropriate - OE uses deep paths
@@ -13,16 +13,15 @@ to only 256 bytes. This patch expands the limit.
 
 Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
 Signed-off-by: Roy Li <rongqing.li@windriver.com>
-
 ---
  hw/mips/malta.c | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
 
-Index: qemu-8.0.0/hw/mips/malta.c
-===================================================================
---- qemu-8.0.0.orig/hw/mips/malta.c
-+++ qemu-8.0.0/hw/mips/malta.c
-@@ -64,7 +64,7 @@
+diff --git a/hw/mips/malta.c b/hw/mips/malta.c
+index 8e9cea70b..2268a8b61 100644
+--- a/hw/mips/malta.c
++++ b/hw/mips/malta.c
+@@ -65,7 +65,7 @@
  #define ENVP_PADDR          0x2000
  #define ENVP_VADDR          cpu_mips_phys_to_kseg0(NULL, ENVP_PADDR)
  #define ENVP_NB_ENTRIES     16
diff --git a/meta/recipes-devtools/qemu/qemu/0003-apic-fixup-fallthrough-to-PIC.patch b/meta/recipes-devtools/qemu/qemu/0002-apic-fixup-fallthrough-to-PIC.patch
index e85f8202e9..ad5c5ba03e 100644
--- a/meta/recipes-devtools/qemu/qemu/0003-apic-fixup-fallthrough-to-PIC.patch
+++ b/meta/recipes-devtools/qemu/qemu/0002-apic-fixup-fallthrough-to-PIC.patch
@@ -1,7 +1,7 @@
-From dc2a8ccd440ee3741b61606eafed3f7e092f4312 Mon Sep 17 00:00:00 2001
+From 19b95073e5d42dc4aa5392da3d422ab668003107 Mon Sep 17 00:00:00 2001
 From: Mark Asselstine <mark.asselstine@windriver.com>
 Date: Tue, 26 Feb 2013 11:43:28 -0500
-Subject: [PATCH 03/12] apic: fixup fallthrough to PIC
+Subject: [PATCH] apic: fixup fallthrough to PIC
 
 Commit 0e21e12bb311c4c1095d0269dc2ef81196ccb60a [Don't route PIC
 interrupts through the local APIC if the local APIC config says so.]
@@ -24,16 +24,15 @@ serviced, is -1.
 Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
 Upstream-Status: Submitted [https://lists.gnu.org/archive/html/qemu-devel/2013-04/msg00878.html]
 Signed-off-by: He Zhe <zhe.he@windriver.com>
-
 ---
  hw/intc/apic.c | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
 
-Index: qemu-8.0.0/hw/intc/apic.c
-===================================================================
---- qemu-8.0.0.orig/hw/intc/apic.c
-+++ qemu-8.0.0/hw/intc/apic.c
-@@ -607,7 +607,7 @@ int apic_accept_pic_intr(DeviceState *de
+diff --git a/hw/intc/apic.c b/hw/intc/apic.c
+index d18c1dbf2..45dde1fc5 100644
+--- a/hw/intc/apic.c
++++ b/hw/intc/apic.c
+@@ -758,7 +758,7 @@ int apic_accept_pic_intr(DeviceState *dev)
      APICCommonState *s = APIC(dev);
      uint32_t lvt0;
  
diff --git a/meta/recipes-devtools/qemu/qemu/0002-linux-user-Replace-use-of-lfs64-related-functions-an.patch b/meta/recipes-devtools/qemu/qemu/0002-linux-user-Replace-use-of-lfs64-related-functions-an.patch
deleted file mode 100644
index ceae67be64..0000000000
--- a/meta/recipes-devtools/qemu/qemu/0002-linux-user-Replace-use-of-lfs64-related-functions-an.patch
+++ /dev/null
@@ -1,355 +0,0 @@
-From 71f14902256e3c3529710b713e1ea43100bf4c40 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Sat, 17 Dec 2022 08:37:46 -0800
-Subject: [PATCH 2/2] linux-user: Replace use of lfs64 related functions and
- macros
-
-Builds defines -D_FILE_OFFSET_BITS=64 which makes the original functions
-anf macros behave same as their 64 suffixed counterparts. This also
-helps in compiling with latest musl C library, where these macros and
-functions are no more available under _GNU_SOURCE feature macro
-
-Upstream-Status: Submitted [https://lists.gnu.org/archive/html/qemu-devel/2022-12/msg02841.html]
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-Cc: Laurent Vivier <laurent@vivier.eu>
----
- linux-user/syscall.c | 153 +++++++++++--------------------------------
- 1 file changed, 39 insertions(+), 114 deletions(-)
-
-Index: qemu-8.0.0/linux-user/syscall.c
-===================================================================
---- qemu-8.0.0.orig/linux-user/syscall.c
-+++ qemu-8.0.0/linux-user/syscall.c
-@@ -761,8 +761,8 @@ safe_syscall6(ssize_t, copy_file_range,
-  */
- #define safe_ioctl(...) safe_syscall(__NR_ioctl, __VA_ARGS__)
- /* Similarly for fcntl. Note that callers must always:
-- *  pass the F_GETLK64 etc constants rather than the unsuffixed F_GETLK
-- *  use the flock64 struct rather than unsuffixed flock
-+ *  pass the F_GETLK etc constants rather than the unsuffixed F_GETLK
-+ *  use the flock struct rather than unsuffixed flock
-  * This will then work and use a 64-bit offset for both 32-bit and 64-bit hosts.
-  */
- #ifdef __NR_fcntl64
-@@ -6813,13 +6813,13 @@ static int target_to_host_fcntl_cmd(int
-         ret = cmd;
-         break;
-     case TARGET_F_GETLK:
--        ret = F_GETLK64;
-+        ret = F_GETLK;
-         break;
-     case TARGET_F_SETLK:
--        ret = F_SETLK64;
-+        ret = F_SETLK;
-         break;
-     case TARGET_F_SETLKW:
--        ret = F_SETLKW64;
-+        ret = F_SETLKW;
-         break;
-     case TARGET_F_GETOWN:
-         ret = F_GETOWN;
-@@ -6833,17 +6833,6 @@ static int target_to_host_fcntl_cmd(int
-     case TARGET_F_SETSIG:
-         ret = F_SETSIG;
-         break;
--#if TARGET_ABI_BITS == 32
--    case TARGET_F_GETLK64:
--        ret = F_GETLK64;
--        break;
--    case TARGET_F_SETLK64:
--        ret = F_SETLK64;
--        break;
--    case TARGET_F_SETLKW64:
--        ret = F_SETLKW64;
--        break;
--#endif
-     case TARGET_F_SETLEASE:
-         ret = F_SETLEASE;
-         break;
-@@ -6895,8 +6884,8 @@ static int target_to_host_fcntl_cmd(int
-      * them to 5, 6 and 7 before making the syscall(). Since we make the
-      * syscall directly, adjust to what is supported by the kernel.
-      */
--    if (ret >= F_GETLK64 && ret <= F_SETLKW64) {
--        ret -= F_GETLK64 - 5;
-+    if (ret >= F_GETLK && ret <= F_SETLKW) {
-+        ret -= F_GETLK - 5;
-     }
- #endif
- 
-@@ -6929,55 +6918,11 @@ static int host_to_target_flock(int type
-     return type;
- }
- 
--static inline abi_long copy_from_user_flock(struct flock64 *fl,
--                                            abi_ulong target_flock_addr)
--{
--    struct target_flock *target_fl;
--    int l_type;
--
--    if (!lock_user_struct(VERIFY_READ, target_fl, target_flock_addr, 1)) {
--        return -TARGET_EFAULT;
--    }
--
--    __get_user(l_type, &target_fl->l_type);
--    l_type = target_to_host_flock(l_type);
--    if (l_type < 0) {
--        return l_type;
--    }
--    fl->l_type = l_type;
--    __get_user(fl->l_whence, &target_fl->l_whence);
--    __get_user(fl->l_start, &target_fl->l_start);
--    __get_user(fl->l_len, &target_fl->l_len);
--    __get_user(fl->l_pid, &target_fl->l_pid);
--    unlock_user_struct(target_fl, target_flock_addr, 0);
--    return 0;
--}
--
--static inline abi_long copy_to_user_flock(abi_ulong target_flock_addr,
--                                          const struct flock64 *fl)
--{
--    struct target_flock *target_fl;
--    short l_type;
--
--    if (!lock_user_struct(VERIFY_WRITE, target_fl, target_flock_addr, 0)) {
--        return -TARGET_EFAULT;
--    }
--
--    l_type = host_to_target_flock(fl->l_type);
--    __put_user(l_type, &target_fl->l_type);
--    __put_user(fl->l_whence, &target_fl->l_whence);
--    __put_user(fl->l_start, &target_fl->l_start);
--    __put_user(fl->l_len, &target_fl->l_len);
--    __put_user(fl->l_pid, &target_fl->l_pid);
--    unlock_user_struct(target_fl, target_flock_addr, 1);
--    return 0;
--}
--
--typedef abi_long from_flock64_fn(struct flock64 *fl, abi_ulong target_addr);
--typedef abi_long to_flock64_fn(abi_ulong target_addr, const struct flock64 *fl);
-+typedef abi_long from_flock_fn(struct flock *fl, abi_ulong target_addr);
-+typedef abi_long to_flock_fn(abi_ulong target_addr, const struct flock *fl);
- 
- #if defined(TARGET_ARM) && TARGET_ABI_BITS == 32
--struct target_oabi_flock64 {
-+struct target_oabi_flock {
-     abi_short l_type;
-     abi_short l_whence;
-     abi_llong l_start;
-@@ -6985,10 +6930,10 @@ struct target_oabi_flock64 {
-     abi_int   l_pid;
- } QEMU_PACKED;
- 
--static inline abi_long copy_from_user_oabi_flock64(struct flock64 *fl,
-+static inline abi_long copy_from_user_oabi_flock(struct flock *fl,
-                                                    abi_ulong target_flock_addr)
- {
--    struct target_oabi_flock64 *target_fl;
-+    struct target_oabi_flock *target_fl;
-     int l_type;
- 
-     if (!lock_user_struct(VERIFY_READ, target_fl, target_flock_addr, 1)) {
-@@ -7009,10 +6954,10 @@ static inline abi_long copy_from_user_oa
-     return 0;
- }
- 
--static inline abi_long copy_to_user_oabi_flock64(abi_ulong target_flock_addr,
--                                                 const struct flock64 *fl)
-+static inline abi_long copy_to_user_oabi_flock(abi_ulong target_flock_addr,
-+                                                 const struct flock *fl)
- {
--    struct target_oabi_flock64 *target_fl;
-+    struct target_oabi_flock *target_fl;
-     short l_type;
- 
-     if (!lock_user_struct(VERIFY_WRITE, target_fl, target_flock_addr, 0)) {
-@@ -7030,10 +6975,10 @@ static inline abi_long copy_to_user_oabi
- }
- #endif
- 
--static inline abi_long copy_from_user_flock64(struct flock64 *fl,
-+static inline abi_long copy_from_user_flock(struct flock *fl,
-                                               abi_ulong target_flock_addr)
- {
--    struct target_flock64 *target_fl;
-+    struct target_flock *target_fl;
-     int l_type;
- 
-     if (!lock_user_struct(VERIFY_READ, target_fl, target_flock_addr, 1)) {
-@@ -7054,10 +6999,10 @@ static inline abi_long copy_from_user_fl
-     return 0;
- }
- 
--static inline abi_long copy_to_user_flock64(abi_ulong target_flock_addr,
--                                            const struct flock64 *fl)
-+static inline abi_long copy_to_user_flock(abi_ulong target_flock_addr,
-+                                            const struct flock *fl)
- {
--    struct target_flock64 *target_fl;
-+    struct target_flock *target_fl;
-     short l_type;
- 
-     if (!lock_user_struct(VERIFY_WRITE, target_fl, target_flock_addr, 0)) {
-@@ -7076,7 +7021,7 @@ static inline abi_long copy_to_user_floc
- 
- static abi_long do_fcntl(int fd, int cmd, abi_ulong arg)
- {
--    struct flock64 fl64;
-+    struct flock fl64;
- #ifdef F_GETOWN_EX
-     struct f_owner_ex fox;
-     struct target_f_owner_ex *target_fox;
-@@ -7089,6 +7034,7 @@ static abi_long do_fcntl(int fd, int cmd
- 
-     switch(cmd) {
-     case TARGET_F_GETLK:
-+    case TARGET_F_OFD_GETLK:
-         ret = copy_from_user_flock(&fl64, arg);
-         if (ret) {
-             return ret;
-@@ -7098,32 +7044,11 @@ static abi_long do_fcntl(int fd, int cmd
-             ret = copy_to_user_flock(arg, &fl64);
-         }
-         break;
--
-     case TARGET_F_SETLK:
-     case TARGET_F_SETLKW:
--        ret = copy_from_user_flock(&fl64, arg);
--        if (ret) {
--            return ret;
--        }
--        ret = get_errno(safe_fcntl(fd, host_cmd, &fl64));
--        break;
--
--    case TARGET_F_GETLK64:
--    case TARGET_F_OFD_GETLK:
--        ret = copy_from_user_flock64(&fl64, arg);
--        if (ret) {
--            return ret;
--        }
--        ret = get_errno(safe_fcntl(fd, host_cmd, &fl64));
--        if (ret == 0) {
--            ret = copy_to_user_flock64(arg, &fl64);
--        }
--        break;
--    case TARGET_F_SETLK64:
--    case TARGET_F_SETLKW64:
-     case TARGET_F_OFD_SETLK:
-     case TARGET_F_OFD_SETLKW:
--        ret = copy_from_user_flock64(&fl64, arg);
-+        ret = copy_from_user_flock(&fl64, arg);
-         if (ret) {
-             return ret;
-         }
-@@ -7348,7 +7273,7 @@ static inline abi_long target_truncate64
-         arg2 = arg3;
-         arg3 = arg4;
-     }
--    return get_errno(truncate64(arg1, target_offset64(arg2, arg3)));
-+    return get_errno(truncate(arg1, target_offset64(arg2, arg3)));
- }
- #endif
- 
-@@ -7362,7 +7287,7 @@ static inline abi_long target_ftruncate6
-         arg2 = arg3;
-         arg3 = arg4;
-     }
--    return get_errno(ftruncate64(arg1, target_offset64(arg2, arg3)));
-+    return get_errno(ftruncate(arg1, target_offset64(arg2, arg3)));
- }
- #endif
- 
-@@ -8598,7 +8523,7 @@ static int do_getdents(abi_long dirfd, a
-     void *tdirp;
-     int hlen, hoff, toff;
-     int hreclen, treclen;
--    off64_t prev_diroff = 0;
-+    off_t prev_diroff = 0;
- 
-     hdirp = g_try_malloc(count);
-     if (!hdirp) {
-@@ -8651,7 +8576,7 @@ static int do_getdents(abi_long dirfd, a
-              * Return what we have, resetting the file pointer to the
-              * location of the first record not returned.
-              */
--            lseek64(dirfd, prev_diroff, SEEK_SET);
-+            lseek(dirfd, prev_diroff, SEEK_SET);
-             break;
-         }
- 
-@@ -8685,7 +8610,7 @@ static int do_getdents64(abi_long dirfd,
-     void *tdirp;
-     int hlen, hoff, toff;
-     int hreclen, treclen;
--    off64_t prev_diroff = 0;
-+    off_t prev_diroff = 0;
- 
-     hdirp = g_try_malloc(count);
-     if (!hdirp) {
-@@ -8727,7 +8652,7 @@ static int do_getdents64(abi_long dirfd,
-              * Return what we have, resetting the file pointer to the
-              * location of the first record not returned.
-              */
--            lseek64(dirfd, prev_diroff, SEEK_SET);
-+            lseek(dirfd, prev_diroff, SEEK_SET);
-             break;
-         }
- 
-@@ -11158,7 +11083,7 @@ static abi_long do_syscall1(CPUArchState
-                 return -TARGET_EFAULT;
-             }
-         }
--        ret = get_errno(pread64(arg1, p, arg3, target_offset64(arg4, arg5)));
-+        ret = get_errno(pread(arg1, p, arg3, target_offset64(arg4, arg5)));
-         unlock_user(p, arg2, ret);
-         return ret;
-     case TARGET_NR_pwrite64:
-@@ -11175,7 +11100,7 @@ static abi_long do_syscall1(CPUArchState
-                 return -TARGET_EFAULT;
-             }
-         }
--        ret = get_errno(pwrite64(arg1, p, arg3, target_offset64(arg4, arg5)));
-+        ret = get_errno(pwrite(arg1, p, arg3, target_offset64(arg4, arg5)));
-         unlock_user(p, arg2, 0);
-         return ret;
- #endif
-@@ -11998,14 +11923,14 @@ static abi_long do_syscall1(CPUArchState
-     case TARGET_NR_fcntl64:
-     {
-         int cmd;
--        struct flock64 fl;
--        from_flock64_fn *copyfrom = copy_from_user_flock64;
--        to_flock64_fn *copyto = copy_to_user_flock64;
-+        struct flock fl;
-+        from_flock_fn *copyfrom = copy_from_user_flock;
-+        to_flock_fn *copyto = copy_to_user_flock;
- 
- #ifdef TARGET_ARM
-         if (!cpu_env->eabi) {
--            copyfrom = copy_from_user_oabi_flock64;
--            copyto = copy_to_user_oabi_flock64;
-+            copyfrom = copy_from_user_oabi_flock;
-+            copyto = copy_to_user_oabi_flock;
-         }
- #endif
- 
-@@ -12015,7 +11940,7 @@ static abi_long do_syscall1(CPUArchState
-         }
- 
-         switch(arg2) {
--        case TARGET_F_GETLK64:
-+        case TARGET_F_GETLK:
-             ret = copyfrom(&fl, arg3);
-             if (ret) {
-                 break;
-@@ -12026,8 +11951,8 @@ static abi_long do_syscall1(CPUArchState
-             }
-            break;
- 
--        case TARGET_F_SETLK64:
--        case TARGET_F_SETLKW64:
-+        case TARGET_F_SETLK:
-+        case TARGET_F_SETLKW:
-             ret = copyfrom(&fl, arg3);
-             if (ret) {
-                 break;
diff --git a/meta/recipes-devtools/qemu/qemu/0002-linux-user-loongarch64-Remove-TARGET_FORCE_SHMLBA.patch b/meta/recipes-devtools/qemu/qemu/0002-linux-user-loongarch64-Remove-TARGET_FORCE_SHMLBA.patch
deleted file mode 100644
index 3f01aaa644..0000000000
--- a/meta/recipes-devtools/qemu/qemu/0002-linux-user-loongarch64-Remove-TARGET_FORCE_SHMLBA.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 5bf65b24414d3ff8339f6f1beb221c7c35c91e5d Mon Sep 17 00:00:00 2001
-From: Richard Henderson <richard.henderson@linaro.org>
-Date: Wed, 28 Feb 2024 10:25:15 -1000
-Subject: [PATCH 2/5] linux-user/loongarch64: Remove TARGET_FORCE_SHMLBA
-
-The kernel abi was changed with
-
-    commit d23b77953f5a4fbf94c05157b186aac2a247ae32
-    Author: Huacai Chen <chenhuacai@kernel.org>
-    Date:   Wed Jan 17 12:43:08 2024 +0800
-
-        LoongArch: Change SHMLBA from SZ_64K to PAGE_SIZE
-
-during the v6.8 cycle.
-
-Upstream-Status: Submitted [https://www.mail-archive.com/qemu-devel@nongnu.org/msg1026793.html]
-
-Reviewed-by: Song Gao <gaosong@loongson.cn>
-Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
-Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
----
- linux-user/loongarch64/target_syscall.h | 7 -------
- 1 file changed, 7 deletions(-)
-
-diff --git a/linux-user/loongarch64/target_syscall.h b/linux-user/loongarch64/target_syscall.h
-index 8b5de5212..39f229bb9 100644
---- a/linux-user/loongarch64/target_syscall.h
-+++ b/linux-user/loongarch64/target_syscall.h
-@@ -38,11 +38,4 @@ struct target_pt_regs {
- #define TARGET_MCL_FUTURE  2
- #define TARGET_MCL_ONFAULT 4
- 
--#define TARGET_FORCE_SHMLBA
--
--static inline abi_ulong target_shmlba(CPULoongArchState *env)
--{
--    return 64 * KiB;
--}
--
- #endif
--- 
-2.34.1
-
diff --git a/meta/recipes-devtools/qemu/qemu/0003-linux-user-Add-strace-for-shmat.patch b/meta/recipes-devtools/qemu/qemu/0003-linux-user-Add-strace-for-shmat.patch
deleted file mode 100644
index 0c601c804a..0000000000
--- a/meta/recipes-devtools/qemu/qemu/0003-linux-user-Add-strace-for-shmat.patch
+++ /dev/null
@@ -1,71 +0,0 @@
-From e8f06676c6c88e12cd5f4f81a839b7111c683596 Mon Sep 17 00:00:00 2001
-From: Richard Henderson <richard.henderson@linaro.org>
-Date: Wed, 28 Feb 2024 10:25:16 -1000
-Subject: [PATCH 3/5] linux-user: Add strace for shmat
-
-Upstream-Status: Submitted [https://www.mail-archive.com/qemu-devel@nongnu.org/msg1026793.html]
-
-Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
-Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
----
- linux-user/strace.c    | 23 +++++++++++++++++++++++
- linux-user/strace.list |  2 +-
- 2 files changed, 24 insertions(+), 1 deletion(-)
-
-diff --git a/linux-user/strace.c b/linux-user/strace.c
-index cf26e5526..47d6ec326 100644
---- a/linux-user/strace.c
-+++ b/linux-user/strace.c
-@@ -670,6 +670,25 @@ print_semctl(CPUArchState *cpu_env, const struct syscallname *name,
- }
- #endif
- 
-+static void
-+print_shmat(CPUArchState *cpu_env, const struct syscallname *name,
-+            abi_long arg0, abi_long arg1, abi_long arg2,
-+            abi_long arg3, abi_long arg4, abi_long arg5)
-+{
-+    static const struct flags shmat_flags[] = {
-+        FLAG_GENERIC(SHM_RND),
-+        FLAG_GENERIC(SHM_REMAP),
-+        FLAG_GENERIC(SHM_RDONLY),
-+        FLAG_GENERIC(SHM_EXEC),
-+    };
-+
-+    print_syscall_prologue(name);
-+    print_raw_param(TARGET_ABI_FMT_ld, arg0, 0);
-+    print_pointer(arg1, 0);
-+    print_flags(shmat_flags, arg2, 1);
-+    print_syscall_epilogue(name);
-+}
-+
- #ifdef TARGET_NR_ipc
- static void
- print_ipc(CPUArchState *cpu_env, const struct syscallname *name,
-@@ -683,6 +702,10 @@ print_ipc(CPUArchState *cpu_env, const struct syscallname *name,
-         print_ipc_cmd(arg3);
-         qemu_log(",0x" TARGET_ABI_FMT_lx ")", arg4);
-         break;
-+    case IPCOP_shmat:
-+        print_shmat(cpu_env, &(const struct syscallname){ .name = "shmat" },
-+                    arg1, arg4, arg2, 0, 0, 0);
-+        break;
-     default:
-         qemu_log(("%s("
-                   TARGET_ABI_FMT_ld ","
-diff --git a/linux-user/strace.list b/linux-user/strace.list
-index 6655d4f26..dfd4237d1 100644
---- a/linux-user/strace.list
-+++ b/linux-user/strace.list
-@@ -1398,7 +1398,7 @@
- { TARGET_NR_sgetmask, "sgetmask" , NULL, NULL, NULL },
- #endif
- #ifdef TARGET_NR_shmat
--{ TARGET_NR_shmat, "shmat" , NULL, NULL, print_syscall_ret_addr },
-+{ TARGET_NR_shmat, "shmat" , NULL, print_shmat, print_syscall_ret_addr },
- #endif
- #ifdef TARGET_NR_shmctl
- { TARGET_NR_shmctl, "shmctl" , NULL, NULL, NULL },
--- 
-2.34.1
-
diff --git a/meta/recipes-devtools/qemu/qemu/0004-configure-Add-pkg-config-handling-for-libgcrypt.patch b/meta/recipes-devtools/qemu/qemu/0004-configure-Add-pkg-config-handling-for-libgcrypt.patch
deleted file mode 100644
index f981a64a54..0000000000
--- a/meta/recipes-devtools/qemu/qemu/0004-configure-Add-pkg-config-handling-for-libgcrypt.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From d8265abdce5dc2bf74b3fccdf2b7257b4f3894f0 Mon Sep 17 00:00:00 2001
-From: He Zhe <zhe.he@windriver.com>
-Date: Wed, 28 Aug 2019 19:56:28 +0800
-Subject: [PATCH 04/12] configure: Add pkg-config handling for libgcrypt
-
-libgcrypt may also be controlled by pkg-config, this patch adds pkg-config
-handling for libgcrypt.
-
-Upstream-Status: Denied [https://lists.nongnu.org/archive/html/qemu-devel/2019-08/msg06333.html]
-
-Signed-off-by: He Zhe <zhe.he@windriver.com>
-
----
- meson.build | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-Index: qemu-8.1.0/meson.build
-===================================================================
---- qemu-8.1.0.orig/meson.build
-+++ qemu-8.1.0/meson.build
-@@ -1481,7 +1481,7 @@ endif
- if not gnutls_crypto.found()
-   if (not get_option('gcrypt').auto() or have_system) and not get_option('nettle').enabled()
-     gcrypt = dependency('libgcrypt', version: '>=1.8',
--                        method: 'config-tool',
-+                        method: 'pkg-config',
-                         required: get_option('gcrypt'))
-     # Debian has removed -lgpg-error from libgcrypt-config
-     # as it "spreads unnecessary dependencies" which in
diff --git a/meta/recipes-devtools/qemu/qemu/0004-linux-user-Rewrite-target_shmat.patch b/meta/recipes-devtools/qemu/qemu/0004-linux-user-Rewrite-target_shmat.patch
deleted file mode 100644
index 88c3ed40b0..0000000000
--- a/meta/recipes-devtools/qemu/qemu/0004-linux-user-Rewrite-target_shmat.patch
+++ /dev/null
@@ -1,236 +0,0 @@
-From cb48d5d1592e63ebd0d4a3e300ef98e38e6306d7 Mon Sep 17 00:00:00 2001
-From: Richard Henderson <richard.henderson@linaro.org>
-Date: Wed, 28 Feb 2024 10:25:17 -1000
-Subject: [PATCH 4/5] linux-user: Rewrite target_shmat
-
-Handle combined host and guest alignment requirements.
-Handle host and guest page size differences.
-Handle SHM_EXEC.
-
-Upstream-Status: Submitted [https://www.mail-archive.com/qemu-devel@nongnu.org/msg1026793.html]
-
-Resolves: https://gitlab.com/qemu-project/qemu/-/issues/115
-Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
-Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
----
- linux-user/mmap.c | 166 +++++++++++++++++++++++++++++++++++++---------
- 1 file changed, 133 insertions(+), 33 deletions(-)
-
-diff --git a/linux-user/mmap.c b/linux-user/mmap.c
-index 18fb3aaf7..6a2f649bb 100644
---- a/linux-user/mmap.c
-+++ b/linux-user/mmap.c
-@@ -1062,69 +1062,161 @@ static inline abi_ulong target_shmlba(CPUArchState *cpu_env)
- }
- #endif
- 
-+#if defined(__arm__) || defined(__mips__) || defined(__sparc__)
-+#define HOST_FORCE_SHMLBA 1
-+#else
-+#define HOST_FORCE_SHMLBA 0
-+#endif
-+
- abi_ulong target_shmat(CPUArchState *cpu_env, int shmid,
-                        abi_ulong shmaddr, int shmflg)
- {
-     CPUState *cpu = env_cpu(cpu_env);
--    abi_ulong raddr;
-     struct shmid_ds shm_info;
-     int ret;
--    abi_ulong shmlba;
-+    int h_pagesize;
-+    int t_shmlba, h_shmlba, m_shmlba;
-+    size_t t_len, h_len, m_len;
- 
-     /* shmat pointers are always untagged */
- 
--    /* find out the length of the shared memory segment */
-+    /*
-+     * Because we can't use host shmat() unless the address is sufficiently
-+     * aligned for the host, we'll need to check both.
-+     * TODO: Could be fixed with softmmu.
-+     */
-+    t_shmlba = target_shmlba(cpu_env);
-+    h_pagesize = qemu_real_host_page_size();
-+    h_shmlba = (HOST_FORCE_SHMLBA ? SHMLBA : h_pagesize);
-+    m_shmlba = MAX(t_shmlba, h_shmlba);
-+
-+    if (shmaddr) {
-+        if (shmaddr & (m_shmlba - 1)) {
-+            if (shmflg & SHM_RND) {
-+                /*
-+                 * The guest is allowing the kernel to round the address.
-+                 * Assume that the guest is ok with us rounding to the
-+                 * host required alignment too.  Anyway if we don't, we'll
-+                 * get an error from the kernel.
-+                 */
-+                shmaddr &= ~(m_shmlba - 1);
-+                if (shmaddr == 0 && (shmflg & SHM_REMAP)) {
-+                    return -TARGET_EINVAL;
-+                }
-+            } else {
-+                int require = TARGET_PAGE_SIZE;
-+#ifdef TARGET_FORCE_SHMLBA
-+                require = t_shmlba;
-+#endif
-+                /*
-+                 * Include host required alignment, as otherwise we cannot
-+                 * use host shmat at all.
-+                 */
-+                require = MAX(require, h_shmlba);
-+                if (shmaddr & (require - 1)) {
-+                    return -TARGET_EINVAL;
-+                }
-+            }
-+        }
-+    } else {
-+        if (shmflg & SHM_REMAP) {
-+            return -TARGET_EINVAL;
-+        }
-+    }
-+    /* All rounding now manually concluded. */
-+    shmflg &= ~SHM_RND;
-+
-+    /* Find out the length of the shared memory segment. */
-     ret = get_errno(shmctl(shmid, IPC_STAT, &shm_info));
-     if (is_error(ret)) {
-         /* can't get length, bail out */
-         return ret;
-     }
-+    t_len = TARGET_PAGE_ALIGN(shm_info.shm_segsz);
-+    h_len = ROUND_UP(shm_info.shm_segsz, h_pagesize);
-+    m_len = MAX(t_len, h_len);
- 
--    shmlba = target_shmlba(cpu_env);
--
--    if (shmaddr & (shmlba - 1)) {
--        if (shmflg & SHM_RND) {
--            shmaddr &= ~(shmlba - 1);
--        } else {
--            return -TARGET_EINVAL;
--        }
--    }
--    if (!guest_range_valid_untagged(shmaddr, shm_info.shm_segsz)) {
-+    if (!guest_range_valid_untagged(shmaddr, m_len)) {
-         return -TARGET_EINVAL;
-     }
- 
-     WITH_MMAP_LOCK_GUARD() {
--        void *host_raddr;
-+        bool mapped = false;
-+        void *want, *test;
-         abi_ulong last;
- 
--        if (shmaddr) {
--            host_raddr = shmat(shmid, (void *)g2h_untagged(shmaddr), shmflg);
-+        if (!shmaddr) {
-+            shmaddr = mmap_find_vma(0, m_len, m_shmlba);
-+            if (shmaddr == -1) {
-+                return -TARGET_ENOMEM;
-+            }
-+            mapped = !reserved_va;
-+        } else if (shmflg & SHM_REMAP) {
-+            /*
-+             * If host page size > target page size, the host shmat may map
-+             * more memory than the guest expects.  Reject a mapping that
-+             * would replace memory in the unexpected gap.
-+             * TODO: Could be fixed with softmmu.
-+             */
-+            if (t_len < h_len &&
-+                !page_check_range_empty(shmaddr + t_len,
-+                                        shmaddr + h_len - 1)) {
-+                return -TARGET_EINVAL;
-+            }
-         } else {
--            abi_ulong mmap_start;
-+            if (!page_check_range_empty(shmaddr, shmaddr + m_len - 1)) {
-+                return -TARGET_EINVAL;
-+            }
-+        }
- 
--            /* In order to use the host shmat, we need to honor host SHMLBA.  */
--            mmap_start = mmap_find_vma(0, shm_info.shm_segsz,
--                                       MAX(SHMLBA, shmlba));
-+        /* All placement is now complete. */
-+        want = (void *)g2h_untagged(shmaddr);
- 
--            if (mmap_start == -1) {
--                return -TARGET_ENOMEM;
-+        /*
-+         * Map anonymous pages across the entire range, then remap with
-+         * the shared memory.  This is required for a number of corner
-+         * cases for which host and guest page sizes differ.
-+         */
-+        if (h_len != t_len) {
-+            int mmap_p = PROT_READ | (shmflg & SHM_RDONLY ? 0 : PROT_WRITE);
-+            int mmap_f = MAP_PRIVATE | MAP_ANONYMOUS
-+                       | (reserved_va || (shmflg & SHM_REMAP)
-+                          ? MAP_FIXED : MAP_FIXED_NOREPLACE);
-+
-+            test = mmap(want, m_len, mmap_p, mmap_f, -1, 0);
-+            if (unlikely(test != want)) {
-+                /* shmat returns EINVAL not EEXIST like mmap. */
-+                ret = (test == MAP_FAILED && errno != EEXIST
-+                       ? get_errno(-1) : -TARGET_EINVAL);
-+                if (mapped) {
-+                    do_munmap(want, m_len);
-+                }
-+                return ret;
-             }
--            host_raddr = shmat(shmid, g2h_untagged(mmap_start),
--                               shmflg | SHM_REMAP);
-+            mapped = true;
-         }
- 
--        if (host_raddr == (void *)-1) {
--            return get_errno(-1);
-+        if (reserved_va || mapped) {
-+            shmflg |= SHM_REMAP;
-+        }
-+        test = shmat(shmid, want, shmflg);
-+        if (test == MAP_FAILED) {
-+            ret = get_errno(-1);
-+            if (mapped) {
-+                do_munmap(want, m_len);
-+            }
-+            return ret;
-         }
--        raddr = h2g(host_raddr);
--        last = raddr + shm_info.shm_segsz - 1;
-+        assert(test == want);
- 
--        page_set_flags(raddr, last,
-+        last = shmaddr + m_len - 1;
-+        page_set_flags(shmaddr, last,
-                        PAGE_VALID | PAGE_RESET | PAGE_READ |
--                       (shmflg & SHM_RDONLY ? 0 : PAGE_WRITE));
-+                       (shmflg & SHM_RDONLY ? 0 : PAGE_WRITE) |
-+                       (shmflg & SHM_EXEC ? PAGE_EXEC : 0));
- 
--        shm_region_rm_complete(raddr, last);
--        shm_region_add(raddr, last);
-+        shm_region_rm_complete(shmaddr, last);
-+        shm_region_add(shmaddr, last);
-     }
- 
-     /*
-@@ -1138,7 +1230,15 @@ abi_ulong target_shmat(CPUArchState *cpu_env, int shmid,
-         tb_flush(cpu);
-     }
- 
--    return raddr;
-+    if (qemu_loglevel_mask(CPU_LOG_PAGE)) {
-+        FILE *f = qemu_log_trylock();
-+        if (f) {
-+            fprintf(f, "page layout changed following shmat\n");
-+            page_dump(f);
-+            qemu_log_unlock(f);
-+        }
-+    }
-+    return shmaddr;
- }
- 
- abi_long target_shmdt(abi_ulong shmaddr)
--- 
-2.34.1
-
diff --git a/meta/recipes-devtools/qemu/qemu/0005-qemu-Do-not-include-file-if-not-exists.patch b/meta/recipes-devtools/qemu/qemu/0004-qemu-Do-not-include-file-if-not-exists.patch
index 38aa4c3bbe..c04e42608f 100644
--- a/meta/recipes-devtools/qemu/qemu/0005-qemu-Do-not-include-file-if-not-exists.patch
+++ b/meta/recipes-devtools/qemu/qemu/0004-qemu-Do-not-include-file-if-not-exists.patch
@@ -1,7 +1,7 @@
-From f39e7bfc5ed07b5ecaeb705c4eae4855ca120d47 Mon Sep 17 00:00:00 2001
+From 913064f9fe724fa1b70b9bf6dd3444c7dddeb928 Mon Sep 17 00:00:00 2001
 From: Oleksiy Obitotskyy <oobitots@cisco.com>
 Date: Wed, 25 Mar 2020 21:21:35 +0200
-Subject: [PATCH 05/12] qemu: Do not include file if not exists
+Subject: [PATCH] qemu: Do not include file if not exists
 
 Script configure checks for if_alg.h and check failed but
 if_alg.h still included.
@@ -11,16 +11,15 @@ Signed-off-by: Oleksiy Obitotskyy <oobitots@cisco.com>
 
 [update patch context]
 Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
-
 ---
  linux-user/syscall.c | 2 ++
  1 file changed, 2 insertions(+)
 
-Index: qemu-8.0.0/linux-user/syscall.c
-===================================================================
---- qemu-8.0.0.orig/linux-user/syscall.c
-+++ qemu-8.0.0/linux-user/syscall.c
-@@ -115,7 +115,9 @@
+diff --git a/linux-user/syscall.c b/linux-user/syscall.c
+index 8bfe4912e..d04984f66 100644
+--- a/linux-user/syscall.c
++++ b/linux-user/syscall.c
+@@ -118,7 +118,9 @@
  #include <linux/blkpg.h>
  #include <netpacket/packet.h>
  #include <linux/netlink.h>
diff --git a/meta/recipes-devtools/qemu/qemu/0006-qemu-Add-some-user-space-mmap-tweaks-to-address-musl.patch b/meta/recipes-devtools/qemu/qemu/0005-qemu-Add-some-user-space-mmap-tweaks-to-address-musl.patch
index 5d1d7c6881..388d11d10d 100644
--- a/meta/recipes-devtools/qemu/qemu/0006-qemu-Add-some-user-space-mmap-tweaks-to-address-musl.patch
+++ b/meta/recipes-devtools/qemu/qemu/0005-qemu-Add-some-user-space-mmap-tweaks-to-address-musl.patch
@@ -1,8 +1,7 @@
-From 375cae3dd6151ef33cae8f243f6a2c2da6c0c356 Mon Sep 17 00:00:00 2001
+From f2adfc703e94819b0daca98fde1d0a30168c292d Mon Sep 17 00:00:00 2001
 From: Richard Purdie <richard.purdie@linuxfoundation.org>
 Date: Fri, 8 Jan 2021 17:27:06 +0000
-Subject: [PATCH 06/12] qemu: Add some user space mmap tweaks to address musl
- 32 bit
+Subject: [PATCH] qemu: Add some user space mmap tweaks to address musl 32 bit
 
 When using qemu-i386 to build qemux86 webkitgtk on musl, it sits in an
 infinite loop of mremap calls of ever decreasing/increasing addresses.
@@ -18,16 +17,15 @@ rather than ENOMEM so adjust the other part of the test to this.
 
 Upstream-Status: Submitted [https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg01355.html]
 Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org
-
 ---
  linux-user/mmap.c | 10 +++++++---
  1 file changed, 7 insertions(+), 3 deletions(-)
 
-Index: qemu-8.0.0/linux-user/mmap.c
-===================================================================
---- qemu-8.0.0.orig/linux-user/mmap.c
-+++ qemu-8.0.0/linux-user/mmap.c
-@@ -776,12 +776,16 @@ abi_long target_mremap(abi_ulong old_add
+diff --git a/linux-user/mmap.c b/linux-user/mmap.c
+index d1f36e6f1..26ccf8f4d 100644
+--- a/linux-user/mmap.c
++++ b/linux-user/mmap.c
+@@ -1108,12 +1108,16 @@ abi_long target_mremap(abi_ulong old_addr, abi_ulong old_size,
      int prot;
      void *host_addr;
  
diff --git a/meta/recipes-devtools/qemu/qemu/0005-tests-tcg-Check-that-shmat-does-not-break-proc-self-.patch b/meta/recipes-devtools/qemu/qemu/0005-tests-tcg-Check-that-shmat-does-not-break-proc-self-.patch
deleted file mode 100644
index 5afb35ea0c..0000000000
--- a/meta/recipes-devtools/qemu/qemu/0005-tests-tcg-Check-that-shmat-does-not-break-proc-self-.patch
+++ /dev/null
@@ -1,85 +0,0 @@
-From 1234063488134ad1f541f56dd30caa7896905f06 Mon Sep 17 00:00:00 2001
-From: Ilya Leoshkevich <iii@linux.ibm.com>
-Date: Wed, 28 Feb 2024 10:25:18 -1000
-Subject: [PATCH 5/5] tests/tcg: Check that shmat() does not break
- /proc/self/maps
-
-Add a regression test for a recently fixed issue, where shmat()
-desynced the guest and the host view of the address space and caused
-open("/proc/self/maps") to SEGV.
-
-Upstream-Status: Submitted [https://www.mail-archive.com/qemu-devel@nongnu.org/msg1026793.html]
-
-Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
-Message-Id: <jwyuvao4apydvykmsnvacwshdgy3ixv7qvkh4dbxm3jkwgnttw@k4wpaayou7oq>
-Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
-Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
----
- tests/tcg/multiarch/linux/linux-shmat-maps.c | 55 ++++++++++++++++++++
- 1 file changed, 55 insertions(+)
- create mode 100644 tests/tcg/multiarch/linux/linux-shmat-maps.c
-
-diff --git a/tests/tcg/multiarch/linux/linux-shmat-maps.c b/tests/tcg/multiarch/linux/linux-shmat-maps.c
-new file mode 100644
-index 000000000..0ccf7a973
---- /dev/null
-+++ b/tests/tcg/multiarch/linux/linux-shmat-maps.c
-@@ -0,0 +1,55 @@
-+/*
-+ * Test that shmat() does not break /proc/self/maps.
-+ *
-+ * SPDX-License-Identifier: GPL-2.0-or-later
-+ */
-+#include <assert.h>
-+#include <fcntl.h>
-+#include <stdlib.h>
-+#include <sys/ipc.h>
-+#include <sys/shm.h>
-+#include <unistd.h>
-+
-+int main(void)
-+{
-+    char buf[128];
-+    int err, fd;
-+    int shmid;
-+    ssize_t n;
-+    void *p;
-+
-+    shmid = shmget(IPC_PRIVATE, 1, IPC_CREAT | 0600);
-+    assert(shmid != -1);
-+
-+    /*
-+     * The original bug required a non-NULL address, which skipped the
-+     * mmap_find_vma step, which could result in a host mapping smaller
-+     * than the target mapping.  Choose an address at random.
-+     */
-+    p = shmat(shmid, (void *)0x800000, SHM_RND);
-+    if (p == (void *)-1) {
-+        /*
-+         * Because we are now running the testcase for all guests for which
-+         * we have a cross-compiler, the above random address might conflict
-+         * with the guest executable in some way.  Rather than stopping,
-+         * continue with a system supplied address, which should never fail.
-+         */
-+        p = shmat(shmid, NULL, 0);
-+        assert(p != (void *)-1);
-+    }
-+
-+    fd = open("/proc/self/maps", O_RDONLY);
-+    assert(fd != -1);
-+    do {
-+        n = read(fd, buf, sizeof(buf));
-+        assert(n >= 0);
-+    } while (n != 0);
-+    close(fd);
-+
-+    err = shmdt(p);
-+    assert(err == 0);
-+    err = shmctl(shmid, IPC_RMID, NULL);
-+    assert(err == 0);
-+
-+    return EXIT_SUCCESS;
-+}
--- 
-2.34.1
-
diff --git a/meta/recipes-devtools/qemu/qemu/0007-qemu-Determinism-fixes.patch b/meta/recipes-devtools/qemu/qemu/0006-qemu-Determinism-fixes.patch
index d3f965e070..4690d86315 100644
--- a/meta/recipes-devtools/qemu/qemu/0007-qemu-Determinism-fixes.patch
+++ b/meta/recipes-devtools/qemu/qemu/0006-qemu-Determinism-fixes.patch
@@ -1,7 +1,7 @@
-From 50bab5c2605b609ea7ea154f57a9be96d656725a Mon Sep 17 00:00:00 2001
+From e032726e9da8de0088d6c70cfd92e0a52155315f Mon Sep 17 00:00:00 2001
 From: Richard Purdie <richard.purdie@linuxfoundation.org>
 Date: Mon, 1 Mar 2021 13:00:47 +0000
-Subject: [PATCH 07/12] qemu: Determinism fixes
+Subject: [PATCH] qemu: Determinism fixes
 
 When sources are included within debug information, a couple of areas of the
 qemu build are not reproducible due to either full buildpaths or timestamps.
@@ -11,16 +11,15 @@ meson to pass relative paths but we can fix that in the script.
 
 Upstream-Status: Pending [some version of all/part of this may be accepted]
 RP 2021/3/1
-
 ---
  scripts/decodetree.py | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
 
-Index: qemu-8.0.0/scripts/decodetree.py
-===================================================================
---- qemu-8.0.0.orig/scripts/decodetree.py
-+++ qemu-8.0.0/scripts/decodetree.py
-@@ -1328,7 +1328,7 @@ def main():
+diff --git a/scripts/decodetree.py b/scripts/decodetree.py
+index e8b72da3a..5cd86b142 100644
+--- a/scripts/decodetree.py
++++ b/scripts/decodetree.py
+@@ -1558,7 +1558,7 @@ def main():
      toppat = ExcMultiPattern(0)
  
      for filename in args:
diff --git a/meta/recipes-devtools/qemu/qemu/0007-tests-meson.build-use-relative-path-to-refer-to-file.patch b/meta/recipes-devtools/qemu/qemu/0007-tests-meson.build-use-relative-path-to-refer-to-file.patch
new file mode 100644
index 0000000000..7c24f432f2
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/0007-tests-meson.build-use-relative-path-to-refer-to-file.patch
@@ -0,0 +1,43 @@
+From ebeab06747306ec16299207bf4bd7481a472b4de Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Thu, 14 Jan 2021 06:33:04 +0000
+Subject: [PATCH] tests/meson.build: use relative path to refer to files
+
+Fix error like:
+Fatal error: can't create tests/ptimer-test.p/..._qemu-5.2.0_hw_core_ptimer.c.o: File name too long
+
+when build path is too long, use meson.source_root() will make this
+filename too long. Fixed by using relative path to refer to files
+
+Upstream-Status: Submitted [send to qemu-devel]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ tests/unit/meson.build | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/tests/unit/meson.build b/tests/unit/meson.build
+index d5248ae51..2c581f055 100644
+--- a/tests/unit/meson.build
++++ b/tests/unit/meson.build
+@@ -127,17 +127,17 @@ endif
+ 
+ if have_system
+   tests += {
+-    'ptimer-test': ['ptimer-test-stubs.c', meson.project_source_root() / 'hw/core/ptimer.c'],
++    'ptimer-test': ['ptimer-test-stubs.c', '../../hw/core/ptimer.c'],
+     'test-iov': [],
+     'test-opts-visitor': [testqapi],
+     'test-xs-node': [qom],
+-    'test-virtio-dmabuf': [meson.project_source_root() / 'hw/display/virtio-dmabuf.c'],
++    'test-virtio-dmabuf': ['../../hw/display/virtio-dmabuf.c'],
+     'test-qmp-cmds': [testqapi],
+     'test-xbzrle': [migration],
+     'test-util-sockets': ['socket-helpers.c'],
+     'test-base64': [],
+     'test-bufferiszero': [],
+-    'test-smp-parse': [qom, meson.project_source_root() / 'hw/core/machine-smp.c'],
++    'test-smp-parse': [qom, '../../hw/core/machine-smp.c'],
+     'test-vmstate': [migration, io],
+     'test-yank': ['socket-helpers.c', qom, io, chardev]
+   }
diff --git a/meta/recipes-devtools/qemu/qemu/0009-Define-MAP_SYNC-and-MAP_SHARED_VALIDATE-on-needed-li.patch b/meta/recipes-devtools/qemu/qemu/0008-Define-MAP_SYNC-and-MAP_SHARED_VALIDATE-on-needed-li.patch
index 4de6cc2445..54421544bb 100644
--- a/meta/recipes-devtools/qemu/qemu/0009-Define-MAP_SYNC-and-MAP_SHARED_VALIDATE-on-needed-li.patch
+++ b/meta/recipes-devtools/qemu/qemu/0008-Define-MAP_SYNC-and-MAP_SHARED_VALIDATE-on-needed-li.patch
@@ -1,7 +1,7 @@
-From ebf4bb2f51da83af0c61480414cfa156f7308b34 Mon Sep 17 00:00:00 2001
+From 9c225234a756f2745cf04c3c3af6ef6b6acf4277 Mon Sep 17 00:00:00 2001
 From: Khem Raj <raj.khem@gmail.com>
 Date: Mon, 21 Mar 2022 10:09:38 -0700
-Subject: [PATCH 09/12] Define MAP_SYNC and MAP_SHARED_VALIDATE on needed linux
+Subject: [PATCH] Define MAP_SYNC and MAP_SHARED_VALIDATE on needed linux
  systems
 
 linux only wires MAP_SYNC and MAP_SHARED_VALIDATE for architectures
@@ -13,15 +13,14 @@ Upstream-Status: Submitted [https://lists.nongnu.org/archive/html/qemu-devel/202
 Signed-off-by: Khem Raj <raj.khem@gmail.com>
 Cc: Zhang Yi <yi.z.zhang@linux.intel.com>
 Cc: Michael S. Tsirkin <mst@redhat.com>
-
 ---
  util/mmap-alloc.c | 10 +++++++---
  1 file changed, 7 insertions(+), 3 deletions(-)
 
-Index: qemu-8.0.0/util/mmap-alloc.c
-===================================================================
---- qemu-8.0.0.orig/util/mmap-alloc.c
-+++ qemu-8.0.0/util/mmap-alloc.c
+diff --git a/util/mmap-alloc.c b/util/mmap-alloc.c
+index ed14f9c64..038f5b4b5 100644
+--- a/util/mmap-alloc.c
++++ b/util/mmap-alloc.c
 @@ -10,14 +10,18 @@
   * later.  See the COPYING file in the top-level directory.
   */
diff --git a/meta/recipes-devtools/qemu/qemu/0008-tests-meson.build-use-relative-path-to-refer-to-file.patch b/meta/recipes-devtools/qemu/qemu/0008-tests-meson.build-use-relative-path-to-refer-to-file.patch
deleted file mode 100644
index a84364ccc1..0000000000
--- a/meta/recipes-devtools/qemu/qemu/0008-tests-meson.build-use-relative-path-to-refer-to-file.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From 2bf9388b801d4389e2d57e95a7897bfc1c42786e Mon Sep 17 00:00:00 2001
-From: Changqing Li <changqing.li@windriver.com>
-Date: Thu, 14 Jan 2021 06:33:04 +0000
-Subject: [PATCH 08/12] tests/meson.build: use relative path to refer to files
-
-Fix error like:
-Fatal error: can't create tests/ptimer-test.p/..._qemu-5.2.0_hw_core_ptimer.c.o: File name too long
-
-when build path is too long, use meson.source_root() will make this
-filename too long. Fixed by using relative path to refer to files
-
-Upstream-Status: Submitted [send to qemu-devel]
-
-Signed-off-by: Changqing Li <changqing.li@windriver.com>
-
----
- tests/unit/meson.build | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-Index: qemu-8.0.0/tests/unit/meson.build
-===================================================================
---- qemu-8.0.0.orig/tests/unit/meson.build
-+++ qemu-8.0.0/tests/unit/meson.build
-@@ -46,7 +46,7 @@ tests = {
-   'test-keyval': [testqapi],
-   'test-logging': [],
-   'test-uuid': [],
--  'ptimer-test': ['ptimer-test-stubs.c', meson.project_source_root() / 'hw/core/ptimer.c'],
-+  'ptimer-test': ['ptimer-test-stubs.c', '../../hw/core/ptimer.c'],
-   'test-qapi-util': [],
-   'test-interval-tree': [],
-   'test-xs-node': [qom],
-@@ -136,7 +136,7 @@ if have_system
-     'test-util-sockets': ['socket-helpers.c'],
-     'test-base64': [],
-     'test-bufferiszero': [],
--    'test-smp-parse': [qom, meson.project_source_root() / 'hw/core/machine-smp.c'],
-+    'test-smp-parse': [qom, '../../hw/core/machine-smp.c'],
-     'test-vmstate': [migration, io],
-     'test-yank': ['socket-helpers.c', qom, io, chardev]
-   }
diff --git a/meta/recipes-devtools/qemu/qemu/fixedmeson.patch b/meta/recipes-devtools/qemu/qemu/0010-configure-lookup-meson-exutable-from-PATH.patch
index 9047f66dc3..28a10d98bd 100644
--- a/meta/recipes-devtools/qemu/qemu/fixedmeson.patch
+++ b/meta/recipes-devtools/qemu/qemu/0010-configure-lookup-meson-exutable-from-PATH.patch
@@ -1,10 +1,18 @@
+From 9adf3fc3ea2cbccb41d49695a53c74fed6850fb0 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Martin=20Hundeb=C3=B8ll?= <martin@geanix.com>
+Date: Wed, 22 May 2024 14:02:55 +0200
+Subject: [PATCH] configure: lookup meson exutable from PATH
+
 Upstream-Status: Inappropriate [workaround, would need a real fix for upstream]
+---
+ configure | 7 +------
+ 1 file changed, 1 insertion(+), 6 deletions(-)
 
-Index: qemu-8.2.0/configure
-===================================================================
---- qemu-8.2.0.orig/configure
-+++ qemu-8.2.0/configure
-@@ -955,12 +955,7 @@ fi
+diff --git a/configure b/configure
+index 02f1dd231..2c5ecd346 100755
+--- a/configure
++++ b/configure
+@@ -983,12 +983,7 @@ mkvenv="$python ${source_path}/python/scripts/mkvenv.py"
  $mkvenv ensuregroup --dir "${source_path}/python/wheels" \
       ${source_path}/pythondeps.toml meson || exit 1
  
diff --git a/meta/recipes-devtools/qemu/qemu/0010-hw-pvrdma-Protect-against-buggy-or-malicious-guest-d.patch b/meta/recipes-devtools/qemu/qemu/0010-hw-pvrdma-Protect-against-buggy-or-malicious-guest-d.patch
deleted file mode 100644
index 6caf35b634..0000000000
--- a/meta/recipes-devtools/qemu/qemu/0010-hw-pvrdma-Protect-against-buggy-or-malicious-guest-d.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-CVE: CVE-2022-1050
-Upstream-Status: Submitted [https://lore.kernel.org/qemu-devel/20220403095234.2210-1-yuval.shaia.ml@gmail.com/]
-Signed-off-by: Ross Burton <ross.burton@arm.com>
-
-From dbdef95c272e8f3ec037c3db4197c66002e30995 Mon Sep 17 00:00:00 2001
-From: Yuval Shaia <yuval.shaia.ml@gmail.com>
-Date: Sun, 3 Apr 2022 12:52:34 +0300
-Subject: [PATCH] hw/pvrdma: Protect against buggy or malicious guest driver
-
-Guest driver might execute HW commands when shared buffers are not yet
-allocated.
-This could happen on purpose (malicious guest) or because of some other
-guest/host address mapping error.
-We need to protect againts such case.
-
-Fixes: CVE-2022-1050
-
-Reported-by: Raven <wxhusst@gmail.com>
-Signed-off-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
----
- hw/rdma/vmw/pvrdma_cmd.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-Index: qemu-8.0.0/hw/rdma/vmw/pvrdma_cmd.c
-===================================================================
---- qemu-8.0.0.orig/hw/rdma/vmw/pvrdma_cmd.c
-+++ qemu-8.0.0/hw/rdma/vmw/pvrdma_cmd.c
-@@ -782,6 +782,12 @@ int pvrdma_exec_cmd(PVRDMADev *dev)
-             goto out;
-     }
- 
-+    if (!dsr_info->dsr) {
-+            /* Buggy or malicious guest driver */
-+            rdma_error_report("Exec command without dsr, req or rsp buffers");
-+            goto out;
-+    }
-+
-     if (dsr_info->req->hdr.cmd >= sizeof(cmd_handlers) /
-                       sizeof(struct cmd_handler)) {
-         rdma_error_report("Unsupported command");
diff --git a/meta/recipes-devtools/qemu/qemu/0011-linux-user-workaround-for-missing-MAP_FIXED_NOREPLAC.patch b/meta/recipes-devtools/qemu/qemu/0011-linux-user-workaround-for-missing-MAP_FIXED_NOREPLAC.patch
deleted file mode 100644
index cc53b1eedd..0000000000
--- a/meta/recipes-devtools/qemu/qemu/0011-linux-user-workaround-for-missing-MAP_FIXED_NOREPLAC.patch
+++ /dev/null
@@ -1,282 +0,0 @@
-From fa9bcabe2387bb230ef82d62827ad6f93b8a1e61 Mon Sep 17 00:00:00 2001
-From: Frederic Konrad <fkonrad@amd.com>
-Date: Wed, 17 Jan 2024 18:15:06 +0000
-Subject: [PATCH 1/2] linux-user/*: workaround for missing MAP_FIXED_NOREPLACE
-
-QEMU v8.1.0 recently requires MAP_FIXED_NOREPLACE flags implementation for mmap.
-
-This is missing from ubuntu 18.04, thus this patch catches the mmap calls which
-could use that new flag and forwards them to mmap when MAP_FIXED_NOREPLACE
-flag isn't set or emulates them by checking the returned address w.r.t the
-requested address.
-
-Signed-off-by: Frederic Konrad <fkonrad@amd.com>
-Signed-off-by: Francisco Iglesias <francisco.iglesias@amd.com>
-
-Upstream-Status: Inappropriate [OE specific]
-
-The upstream only supports the last two major releases of an OS.  The ones
-they have declared all have kernel 4.17 or newer.
-
-See:
-https://xilinx.slack.com/archives/D04G2647CTV/p1705074697942019
-
-https://www.qemu.org/docs/master/about/build-platforms.html
-
- The project aims to support the most recent major version at all times for up
- to five years after its initial release. Support for the previous major
- version will be dropped 2 years after the new major version is released or
- when the vendor itself drops support, whichever comes first.
-
-Signed-off-by: Mark Hatle <mark.hatle@amd.com>
----
- linux-user/elfload.c    |  7 +++--
- linux-user/meson.build  |  1 +
- linux-user/mmap-fixed.c | 63 +++++++++++++++++++++++++++++++++++++++++
- linux-user/mmap-fixed.h | 39 +++++++++++++++++++++++++
- linux-user/mmap.c       | 31 +++++++++++---------
- linux-user/syscall.c    |  1 +
- 6 files changed, 125 insertions(+), 17 deletions(-)
- create mode 100644 linux-user/mmap-fixed.c
- create mode 100644 linux-user/mmap-fixed.h
-
-Index: qemu-8.2.1/linux-user/elfload.c
-===================================================================
---- qemu-8.2.1.orig/linux-user/elfload.c
-+++ qemu-8.2.1/linux-user/elfload.c
-@@ -22,6 +22,7 @@
- #include "qemu/error-report.h"
- #include "target_signal.h"
- #include "accel/tcg/debuginfo.h"
-+#include "mmap-fixed.h"
- 
- #ifdef TARGET_ARM
- #include "target/arm/cpu-features.h"
-@@ -2765,9 +2766,9 @@ static abi_ulong create_elf_tables(abi_u
- static int pgb_try_mmap(uintptr_t addr, uintptr_t addr_last, bool keep)
- {
-     size_t size = addr_last - addr + 1;
--    void *p = mmap((void *)addr, size, PROT_NONE,
--                   MAP_ANONYMOUS | MAP_PRIVATE |
--                   MAP_NORESERVE | MAP_FIXED_NOREPLACE, -1, 0);
-+    void *p = mmap_fixed_noreplace((void *)addr, size, PROT_NONE,
-+                                   MAP_ANONYMOUS | MAP_PRIVATE |
-+                                   MAP_NORESERVE | MAP_FIXED_NOREPLACE, -1, 0);
-     int ret;
- 
-     if (p == MAP_FAILED) {
-Index: qemu-8.2.1/linux-user/meson.build
-===================================================================
---- qemu-8.2.1.orig/linux-user/meson.build
-+++ qemu-8.2.1/linux-user/meson.build
-@@ -14,6 +14,7 @@ linux_user_ss.add(files(
-   'linuxload.c',
-   'main.c',
-   'mmap.c',
-+  'mmap-fixed.c',
-   'signal.c',
-   'strace.c',
-   'syscall.c',
-Index: qemu-8.2.1/linux-user/mmap-fixed.c
-===================================================================
---- /dev/null
-+++ qemu-8.2.1/linux-user/mmap-fixed.c
-@@ -0,0 +1,63 @@
-+/*
-+ * Workaround for MAP_FIXED_NOREPLACE
-+ *
-+ * Copyright (c) 2024, Advanced Micro Devices, Inc.
-+ * Developed by Fred Konrad <fkonrad@amd.com>
-+ *
-+ * Permission is hereby granted, free of charge, to any person obtaining a copy
-+ * of this software and associated documentation files (the "Software"), to deal
-+ * in the Software without restriction, including without limitation the rights
-+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-+ * copies of the Software, and to permit persons to whom the Software is
-+ * furnished to do so, subject to the following conditions:
-+ *
-+ * The above copyright notice and this permission notice shall be included in
-+ * all copies or substantial portions of the Software.
-+ *
-+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
-+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-+ * THE SOFTWARE.
-+ */
-+
-+#include <sys/mman.h>
-+#include <errno.h>
-+
-+#ifndef MAP_FIXED_NOREPLACE
-+#include "mmap-fixed.h"
-+
-+void *mmap_fixed_noreplace(void *addr, size_t len, int prot, int flags,
-+                                  int fd, off_t offset)
-+{
-+    void *retaddr;
-+
-+    if (!(flags & MAP_FIXED_NOREPLACE)) {
-+        /* General case, use the regular mmap.  */
-+        return mmap(addr, len, prot, flags, fd, offset);
-+    }
-+
-+    /* Since MAP_FIXED_NOREPLACE is not implemented, try to emulate it.  */
-+    flags = flags & ~(MAP_FIXED_NOREPLACE | MAP_FIXED);
-+    retaddr = mmap(addr, len, prot, flags, fd, offset);
-+    if ((retaddr == addr) || (retaddr == MAP_FAILED)) {
-+        /*
-+         * Either the map worked and we get the good address so it can be
-+         * returned, or it failed and would have failed the same with
-+         * MAP_FIXED*, in which case return MAP_FAILED.
-+         */
-+        return retaddr;
-+    } else {
-+        /*
-+         * Page has been mapped but not at the requested address.. unmap it and
-+         * return EEXIST.
-+         */
-+        munmap(retaddr, len);
-+        errno = EEXIST;
-+        return MAP_FAILED;
-+    }
-+}
-+
-+#endif
-Index: qemu-8.2.1/linux-user/mmap-fixed.h
-===================================================================
---- /dev/null
-+++ qemu-8.2.1/linux-user/mmap-fixed.h
-@@ -0,0 +1,39 @@
-+/*
-+ * Workaround for MAP_FIXED_NOREPLACE
-+ *
-+ * Copyright (c) 2024, Advanced Micro Devices, Inc.
-+ * Developed by Fred Konrad <fkonrad@amd.com>
-+ *
-+ * Permission is hereby granted, free of charge, to any person obtaining a copy
-+ * of this software and associated documentation files (the "Software"), to deal
-+ * in the Software without restriction, including without limitation the rights
-+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-+ * copies of the Software, and to permit persons to whom the Software is
-+ * furnished to do so, subject to the following conditions:
-+ *
-+ * The above copyright notice and this permission notice shall be included in
-+ * all copies or substantial portions of the Software.
-+ *
-+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
-+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-+ * THE SOFTWARE.
-+ */
-+
-+#ifndef MMAP_FIXED_H
-+#define MMAP_FIXED_H
-+
-+#ifndef MAP_FIXED_NOREPLACE
-+#define MAP_FIXED_NOREPLACE 0x100000
-+
-+void *mmap_fixed_noreplace(void *addr, size_t len, int prot, int flags,
-+                           int fd, off_t offset);
-+
-+#else /* MAP_FIXED_NOREPLACE */
-+#define mmap_fixed_noreplace mmap
-+#endif /* MAP_FIXED_NOREPLACE */
-+
-+#endif /* MMAP_FIXED_H */
-Index: qemu-8.2.1/linux-user/mmap.c
-===================================================================
---- qemu-8.2.1.orig/linux-user/mmap.c
-+++ qemu-8.2.1/linux-user/mmap.c
-@@ -25,6 +25,7 @@
- #include "user-mmap.h"
- #include "target_mman.h"
- #include "qemu/interval-tree.h"
-+#include "mmap-fixed.h"
- 
- #ifdef TARGET_ARM
- #include "target/arm/cpu-features.h"
-@@ -273,7 +274,7 @@ int target_mprotect(abi_ulong start, abi
- static int do_munmap(void *addr, size_t len)
- {
-     if (reserved_va) {
--        void *ptr = mmap(addr, len, PROT_NONE,
-+        void *ptr =  mmap_fixed_noreplace(addr, len, PROT_NONE,
-                          MAP_FIXED | MAP_ANONYMOUS
-                          | MAP_PRIVATE | MAP_NORESERVE, -1, 0);
-         return ptr == addr ? 0 : -1;
-@@ -319,9 +320,9 @@ static bool mmap_frag(abi_ulong real_sta
-          * outside of the fragment we need to map.  Allocate a new host
-          * page to cover, discarding whatever else may have been present.
-          */
--        void *p = mmap(host_start, qemu_host_page_size,
--                       target_to_host_prot(prot),
--                       flags | MAP_ANONYMOUS, -1, 0);
-+        void *p = mmap_fixed_noreplace(host_start, qemu_host_page_size,
-+                                       target_to_host_prot(prot),
-+                                       flags | MAP_ANONYMOUS, -1, 0);
-         if (p != host_start) {
-             if (p != MAP_FAILED) {
-                 munmap(p, qemu_host_page_size);
-@@ -420,8 +421,9 @@ abi_ulong mmap_find_vma(abi_ulong start,
-          *  - mremap() with MREMAP_FIXED flag
-          *  - shmat() with SHM_REMAP flag
-          */
--        ptr = mmap(g2h_untagged(addr), size, PROT_NONE,
--                   MAP_ANONYMOUS | MAP_PRIVATE | MAP_NORESERVE, -1, 0);
-+        ptr = mmap_fixed_noreplace(g2h_untagged(addr), size, PROT_NONE,
-+                                   MAP_ANONYMOUS | MAP_PRIVATE | MAP_NORESERVE,
-+                                   -1, 0);
- 
-         /* ENOMEM, if host address space has no memory */
-         if (ptr == MAP_FAILED) {
-@@ -615,16 +617,16 @@ abi_long target_mmap(abi_ulong start, ab
-          * especially important if qemu_host_page_size >
-          * qemu_real_host_page_size.
-          */
--        p = mmap(g2h_untagged(start), host_len, host_prot,
--                 flags | MAP_FIXED | MAP_ANONYMOUS, -1, 0);
-+        p = mmap_fixed_noreplace(g2h_untagged(start), host_len, host_prot,
-+                                 flags | MAP_FIXED | MAP_ANONYMOUS, -1, 0);
-         if (p == MAP_FAILED) {
-             goto fail;
-         }
-         /* update start so that it points to the file position at 'offset' */
-         host_start = (uintptr_t)p;
-         if (!(flags & MAP_ANONYMOUS)) {
--            p = mmap(g2h_untagged(start), len, host_prot,
--                     flags | MAP_FIXED, fd, host_offset);
-+            p = mmap_fixed_noreplace(g2h_untagged(start), len, host_prot,
-+                                     flags | MAP_FIXED, fd, host_offset);
-             if (p == MAP_FAILED) {
-                 munmap(g2h_untagged(start), host_len);
-                 goto fail;
-@@ -749,8 +751,9 @@ abi_long target_mmap(abi_ulong start, ab
-             len1 = real_last - real_start + 1;
-             want_p = g2h_untagged(real_start);
- 
--            p = mmap(want_p, len1, target_to_host_prot(target_prot),
--                     flags, fd, offset1);
-+            p = mmap_fixed_noreplace(want_p, len1,
-+                                     target_to_host_prot(target_prot),
-+                                     flags, fd, offset1);
-             if (p != want_p) {
-                 if (p != MAP_FAILED) {
-                     munmap(p, len1);
-Index: qemu-8.2.1/linux-user/syscall.c
-===================================================================
---- qemu-8.2.1.orig/linux-user/syscall.c
-+++ qemu-8.2.1/linux-user/syscall.c
-@@ -145,6 +145,7 @@
- #include "qapi/error.h"
- #include "fd-trans.h"
- #include "cpu_loop-common.h"
-+#include "mmap-fixed.h"
- 
- #ifndef CLONE_IO
- #define CLONE_IO                0x80000000      /* Clone io context */
diff --git a/meta/recipes-devtools/qemu/qemu/no-pip.patch b/meta/recipes-devtools/qemu/qemu/0011-qemu-Ensure-pip-and-the-python-venv-aren-t-used-for-.patch
index 92b2edbe9f..b06020d106 100644
--- a/meta/recipes-devtools/qemu/qemu/no-pip.patch
+++ b/meta/recipes-devtools/qemu/qemu/0011-qemu-Ensure-pip-and-the-python-venv-aren-t-used-for-.patch
@@ -1,4 +1,7 @@
-qemu: Ensure pip and the python venv aren't used for meson
+From 0d85988457a475c25b84085cf090040150a9c16d Mon Sep 17 00:00:00 2001
+From: Richard Purdie <richard.purdie@linuxfoundation.org>
+Date: Wed, 22 May 2024 13:58:23 +0200
+Subject: [PATCH] qemu: Ensure pip and the python venv aren't used for meson
 
 Qemu wants to use a supported python version and a specific meson version
 to "help" users and uses pip and creates a venv to do this. This is a nightmare
@@ -21,12 +24,15 @@ as it stands is a workaround.
 
 Upstream-Status: Inappropriate [oe specific]
 Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+---
+ configure | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
 
-Index: qemu-8.2.0/configure
-===================================================================
---- qemu-8.2.0.orig/configure
-+++ qemu-8.2.0/configure
-@@ -937,7 +937,7 @@ python="$(command -v "$python")"
+diff --git a/configure b/configure
+index 2c5ecd346..5315ede35 100755
+--- a/configure
++++ b/configure
+@@ -969,14 +969,14 @@ python="$(command -v "$python")"
  echo "python determined to be '$python'"
  echo "python version: $($python --version)"
  
@@ -35,10 +41,10 @@ Index: qemu-8.2.0/configure
  if test "$?" -ne 0 ; then
      error_exit "python venv creation failed"
  fi
-@@ -945,6 +945,7 @@ fi
+ 
  # Suppress writing compiled files
  python="$python -B"
- mkvenv="$python ${source_path}/python/scripts/mkvenv.py"
+-mkvenv="$python ${source_path}/python/scripts/mkvenv.py"
 +mkvenv=true
  
  # Finish preparing the virtual environment using vendored .whl files
diff --git a/meta/recipes-devtools/qemu/qemu/0012-linux-user-workaround-for-missing-MAP_SHARED_VALIDAT.patch b/meta/recipes-devtools/qemu/qemu/0012-linux-user-workaround-for-missing-MAP_SHARED_VALIDAT.patch
deleted file mode 100644
index 48034a4680..0000000000
--- a/meta/recipes-devtools/qemu/qemu/0012-linux-user-workaround-for-missing-MAP_SHARED_VALIDAT.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-From 5c73e53997df800a742f9cd7355f3045861984bb Mon Sep 17 00:00:00 2001
-From: Frederic Konrad <fkonrad@amd.com>
-Date: Thu, 18 Jan 2024 10:43:44 +0000
-Subject: [PATCH 2/2] linux-user/*: workaround for missing MAP_SHARED_VALIDATE
-
-QEMU v8.1.0 recently requires MAP_SHARED_VALIDATE flags implementation for mmap.
-
-This is missing from the Ubuntu 18.04 compiler but looks like to be in the
-kernel source.
-
-Signed-off-by: Frederic Konrad <fkonrad@amd.com>
-Signed-off-by: Francisco Iglesias <francisco.iglesias@amd.com>
-
-Upstream-Status: Inappropriate [OE specific]
-
-The upstream only supports the last two major releases of an OS.  The ones
-they have declared all have kernel 4.17 or newer.
-
-See:
-https://xilinx.slack.com/archives/D04G2647CTV/p1705074697942019
-
-https://www.qemu.org/docs/master/about/build-platforms.html
-
- The project aims to support the most recent major version at all times for up
- to five years after its initial release. Support for the previous major
- version will be dropped 2 years after the new major version is released or
- when the vendor itself drops support, whichever comes first.
-
-Signed-off-by: Mark Hatle <mark.hatle@amd.com>
----
- linux-user/mmap-fixed.h | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/linux-user/mmap-fixed.h b/linux-user/mmap-fixed.h
-index ef6eef5114..ec86586c1f 100644
---- a/linux-user/mmap-fixed.h
-+++ b/linux-user/mmap-fixed.h
-@@ -26,6 +26,10 @@
- #ifndef MMAP_FIXED_H
- #define MMAP_FIXED_H
- 
-+#ifndef MAP_SHARED_VALIDATE
-+#define MAP_SHARED_VALIDATE 0x03
-+#endif
-+
- #ifndef MAP_FIXED_NOREPLACE
- #define MAP_FIXED_NOREPLACE 0x100000
- 
--- 
-2.34.1
-
diff --git a/meta/recipes-devtools/qemu/qemu/4a8579ad8629b57a43daa62e46cc7af6e1078116.patch b/meta/recipes-devtools/qemu/qemu/4a8579ad8629b57a43daa62e46cc7af6e1078116.patch
deleted file mode 100644
index 5ad859ebe6..0000000000
--- a/meta/recipes-devtools/qemu/qemu/4a8579ad8629b57a43daa62e46cc7af6e1078116.patch
+++ /dev/null
@@ -1,60 +0,0 @@
-From 4a8579ad8629b57a43daa62e46cc7af6e1078116 Mon Sep 17 00:00:00 2001
-From: Richard Henderson <richard.henderson@linaro.org>
-Date: Tue, 13 Feb 2024 10:20:27 -1000
-Subject: [PATCH] linux-user: Split out do_munmap
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Upstream-Status: Submitted [https://gitlab.com/rth7680/qemu/-/commit/4a8579ad8629b57a43daa62e46cc7af6e1078116]
-
-Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
-Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
----
- linux-user/mmap.c | 23 ++++++++++++++++-------
- 1 file changed, 16 insertions(+), 7 deletions(-)
-
-diff --git a/linux-user/mmap.c b/linux-user/mmap.c
-index 1bbfeb25b14..8ebcca44444 100644
---- a/linux-user/mmap.c
-+++ b/linux-user/mmap.c
-@@ -267,6 +267,21 @@ int target_mprotect(abi_ulong start, abi_ulong len, int target_prot)
-     return ret;
- }
- 
-+/*
-+ * Perform munmap on behalf of the target, with host parameters.
-+ * If reserved_va, we must replace the memory reservation.
-+ */
-+static int do_munmap(void *addr, size_t len)
-+{
-+    if (reserved_va) {
-+        void *ptr = mmap(addr, len, PROT_NONE,
-+                         MAP_FIXED | MAP_ANONYMOUS
-+                         | MAP_PRIVATE | MAP_NORESERVE, -1, 0);
-+        return ptr == addr ? 0 : -1;
-+    }
-+    return munmap(addr, len);
-+}
-+
- /* map an incomplete host page */
- static bool mmap_frag(abi_ulong real_start, abi_ulong start, abi_ulong last,
-                       int prot, int flags, int fd, off_t offset)
-@@ -854,13 +869,7 @@ static int mmap_reserve_or_unmap(abi_ulong start, abi_ulong len)
-     real_len = real_last - real_start + 1;
-     host_start = g2h_untagged(real_start);
- 
--    if (reserved_va) {
--        void *ptr = mmap(host_start, real_len, PROT_NONE,
--                         MAP_FIXED | MAP_ANONYMOUS
--                         | MAP_PRIVATE | MAP_NORESERVE, -1, 0);
--        return ptr == host_start ? 0 : -1;
--    }
--    return munmap(host_start, real_len);
-+    return do_munmap(host_start, real_len);
- }
- 
- int target_munmap(abi_ulong start, abi_ulong len)
--- 
-GitLab
-
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2023-6683.patch b/meta/recipes-devtools/qemu/qemu/CVE-2023-6683.patch
deleted file mode 100644
index 732cb6af18..0000000000
--- a/meta/recipes-devtools/qemu/qemu/CVE-2023-6683.patch
+++ /dev/null
@@ -1,91 +0,0 @@
-From 405484b29f6548c7b86549b0f961b906337aa68a Mon Sep 17 00:00:00 2001
-From: Fiona Ebner <f.ebner@proxmox.com>
-Date: Wed, 24 Jan 2024 11:57:48 +0100
-Subject: [PATCH] ui/clipboard: mark type as not available when there is no
- data
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-With VNC, a client can send a non-extended VNC_MSG_CLIENT_CUT_TEXT
-message with len=0. In qemu_clipboard_set_data(), the clipboard info
-will be updated setting data to NULL (because g_memdup(data, size)
-returns NULL when size is 0). If the client does not set the
-VNC_ENCODING_CLIPBOARD_EXT feature when setting up the encodings, then
-the 'request' callback for the clipboard peer is not initialized.
-Later, because data is NULL, qemu_clipboard_request() can be reached
-via vdagent_chr_write() and vdagent_clipboard_recv_request() and
-there, the clipboard owner's 'request' callback will be attempted to
-be called, but that is a NULL pointer.
-
-In particular, this can happen when using the KRDC (22.12.3) VNC
-client.
-
-Another scenario leading to the same issue is with two clients (say
-noVNC and KRDC):
-
-The noVNC client sets the extension VNC_FEATURE_CLIPBOARD_EXT and
-initializes its cbpeer.
-
-The KRDC client does not, but triggers a vnc_client_cut_text() (note
-it's not the _ext variant)). There, a new clipboard info with it as
-the 'owner' is created and via qemu_clipboard_set_data() is called,
-which in turn calls qemu_clipboard_update() with that info.
-
-In qemu_clipboard_update(), the notifier for the noVNC client will be
-called, i.e. vnc_clipboard_notify() and also set vs->cbinfo for the
-noVNC client. The 'owner' in that clipboard info is the clipboard peer
-for the KRDC client, which did not initialize the 'request' function.
-That sounds correct to me, it is the owner of that clipboard info.
-
-Then when noVNC sends a VNC_MSG_CLIENT_CUT_TEXT message (it did set
-the VNC_FEATURE_CLIPBOARD_EXT feature correctly, so a check for it
-passes), that clipboard info is passed to qemu_clipboard_request() and
-the original segfault still happens.
-
-Fix the issue by handling updates with size 0 differently. In
-particular, mark in the clipboard info that the type is not available.
-
-While at it, switch to g_memdup2(), because g_memdup() is deprecated.
-
-Cc: qemu-stable@nongnu.org
-Fixes: CVE-2023-6683
-Reported-by: Markus Frank <m.frank@proxmox.com>
-Suggested-by: Marc-André Lureau <marcandre.lureau@redhat.com>
-Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
-Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
-Tested-by: Markus Frank <m.frank@proxmox.com>
-Message-ID: <20240124105749.204610-1-f.ebner@proxmox.com>
-
-CVE: CVE-2023-6683
-
-Upstream-Status: Backport [https://github.com/qemu/qemu/commit/405484b29f6548c7b86549b0f961b906337aa68a]
-Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
-
----
- ui/clipboard.c | 12 +++++++++---
- 1 file changed, 9 insertions(+), 3 deletions(-)
-
-diff --git a/ui/clipboard.c b/ui/clipboard.c
-index 3d14bffaf80f..b3f6fa3c9e1f 100644
---- a/ui/clipboard.c
-+++ b/ui/clipboard.c
-@@ -163,9 +163,15 @@ void qemu_clipboard_set_data(QemuClipboardPeer *peer,
-     }
- 
-     g_free(info->types[type].data);
--    info->types[type].data = g_memdup(data, size);
--    info->types[type].size = size;
--    info->types[type].available = true;
-+    if (size) {
-+        info->types[type].data = g_memdup2(data, size);
-+        info->types[type].size = size;
-+        info->types[type].available = true;
-+    } else {
-+        info->types[type].data = NULL;
-+        info->types[type].size = 0;
-+        info->types[type].available = false;
-+    }
- 
-     if (update) {
-         qemu_clipboard_update(info);
diff --git a/meta/recipes-devtools/qemu/qemu/fix-strerrorname_np.patch b/meta/recipes-devtools/qemu/qemu/fix-strerrorname_np.patch
new file mode 100644
index 0000000000..1cc973443e
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/fix-strerrorname_np.patch
@@ -0,0 +1,35 @@
+From 7e09654fa179ad5fab1dc0a47886c6a1a2acc097 Mon Sep 17 00:00:00 2001
+From: Natanael Copa <ncopa@alpinelinux.org>
+Date: Wed, 18 Sep 2024 16:19:37 -0700
+Subject: [PATCH] target/riscv/kvm: do not use non-portable strerrorname_np()
+
+strerrorname_np is non-portable and breaks building with musl libc.
+
+Use strerror(errno) instead, like we do other places.
+
+Upstream-Status: Submitted [https://mail.gnu.org/archive/html/qemu-stable/2023-12/msg00069.html]
+
+Cc: qemu-stable@nongnu.org
+Fixes: commit 082e9e4a58ba (target/riscv/kvm: improve 'init_multiext_cfg' error
+msg)
+Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2041
+Buglink: https://gitlab.alpinelinux.org/alpine/aports/-/issues/15541
+Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
+---
+ target/riscv/kvm/kvm-cpu.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/target/riscv/kvm/kvm-cpu.c b/target/riscv/kvm/kvm-cpu.c
+index 8001ca153..79fb43f92 100644
+--- a/target/riscv/kvm/kvm-cpu.c
++++ b/target/riscv/kvm/kvm-cpu.c
+@@ -1968,8 +1968,7 @@ static bool kvm_cpu_realize(CPUState *cs, Error **errp)
+     if (riscv_has_ext(&cpu->env, RVV)) {
+         ret = prctl(PR_RISCV_V_SET_CONTROL, PR_RISCV_V_VSTATE_CTRL_ON);
+         if (ret) {
+-            error_setg(errp, "Error in prctl PR_RISCV_V_SET_CONTROL, code: %s",
+-                       strerrorname_np(errno));
++            error_setg(errp, "Error in prctl PR_RISCV_V_SET_CONTROL, error %d", errno);
+             return false;
+         }
+     }
diff --git a/meta/recipes-devtools/qemu/qemu/run-ptest b/meta/recipes-devtools/qemu/qemu/run-ptest
index f9a4e8fb2b..1157b48855 100644
--- a/meta/recipes-devtools/qemu/qemu/run-ptest
+++ b/meta/recipes-devtools/qemu/qemu/run-ptest
@@ -9,5 +9,10 @@ export SRC_PATH=$ptestdir
 cd $ptestdir/tests
 tests=$(find . -name "test-*" ! -name "*.p")
 for f in $tests; do
+    # Test hangs intermittently on qemurisc64 on autobuilder
+    if [ "$f" = "./unit/test-nested-aio-poll" -a `uname -m` = "riscv64" ]; then
+        continue
+    fi
+    echo "Running $f"
     $f  | sed '/^ok/ s/ok/PASS:/g'
 done
diff --git a/meta/recipes-devtools/qemu/qemu_8.2.1.bb b/meta/recipes-devtools/qemu/qemu_10.0.2.bb
index dc1352232e..5d544d8d13 100644
--- a/meta/recipes-devtools/qemu/qemu_8.2.1.bb
+++ b/meta/recipes-devtools/qemu/qemu_10.0.2.bb
@@ -7,6 +7,7 @@ DEPENDS += "glib-2.0 zlib pixman"
 DEPENDS:append:libc-musl = " libucontext"
 
 CFLAGS += "${@bb.utils.contains('DISTRO_FEATURES', 'x11', '', '-DEGL_NO_X11=1', d)}"
+LDFLAGS:append:toolchain-clang:x86 = " -latomic"
 
 RDEPENDS:${PN}-common:class-target += "bash"
 
diff --git a/meta/recipes-devtools/qemu/qemuwrapper-cross_1.0.bb b/meta/recipes-devtools/qemu/qemuwrapper-cross_1.0.bb
index 97b44ad2e5..752ff3198d 100644
--- a/meta/recipes-devtools/qemu/qemuwrapper-cross_1.0.bb
+++ b/meta/recipes-devtools/qemu/qemuwrapper-cross_1.0.bb
@@ -2,7 +2,7 @@ SUMMARY = "QEMU wrapper script"
 HOMEPAGE = "http://qemu.org"
 LICENSE = "MIT"
 
-S = "${WORKDIR}"
+S = "${UNPACKDIR}"
 
 DEPENDS += "qemu-native"
 
@@ -26,7 +26,6 @@ if [ ${@bb.utils.contains('MACHINE_FEATURES', 'qemu-usermode', 'True', 'False',
         exit 1
 fi
 
-
 $qemu_binary $qemu_options "\$@"
 EOF