blob: 593eb11f4031bd53512964b4a965f449c042c078 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
|
# Contributor: Valery Kartel <valery.kartel@gmail.com>
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=qemu
pkgver=2.8.1.1
pkgrel=1
pkgdesc="QEMU is a generic machine emulator and virtualizer"
url="http://qemu.org/"
arch="all"
license="GPL2 LGPL-2"
makedepends="
alsa-lib-dev
bison
curl-dev
flex
glib-dev
gnutls-dev
gtk+3.0-dev
libaio-dev
libcap-dev
libcap-ng-dev
libjpeg-turbo-dev
libnfs-dev
libpng-dev
libssh2-dev
libusb-dev
linux-headers
lzo-dev
ncurses-dev
paxmark
snappy-dev
spice-dev
texinfo
usbredir-dev
util-linux-dev
vde2-dev
xfsprogs-dev
zlib-dev
"
depends=""
pkggroups="qemu"
install="$pkgname.pre-install $pkgname.post-install"
options="suid" # needed for qemu-bridge-helper
subpackages="$pkgname-doc $pkgname-guest-agent:guest"
_subsystems="
aarch64
alpha
arm
armeb
cris
i386
m68k
microblaze
microblazeel
mips
mips64
mips64el
mipsel
mipsn32
mipsn32el
or32
ppc
ppc64
ppc64abi32
ppc64le
s390x
sh4
sh4eb
sparc
sparc32plus
sparc64
system-aarch64
system-alpha
system-arm
system-cris
system-i386
system-lm32
system-m68k
system-microblaze
system-microblazeel
system-mips
system-mips64
system-mips64el
system-mipsel
system-moxie
system-or32
system-ppc
system-ppc64
system-ppcemb
system-s390x
system-sh4
system-sh4eb
system-sparc
system-sparc64
system-tricore
system-unicore32
system-x86_64
system-xtensa
system-xtensaeb
x86_64
"
for _sub in $_subsystems; do
subpackages="$subpackages $pkgname-$_sub:_subsys"
done
case "$CARCH" in
x86) _arch=i386 ;;
x86_64) _arch=x86_64 ;;
*) _arch="" ;;
esac
if [ -n "$_arch" ]; then
subpackages="$subpackages $pkgname-gtk"
gtk() { _subsys system-$_arch-gtk; }
fi
subpackages="$subpackages $pkgname-img" # -img must be declared the last
source="http://wiki.qemu-project.org/download/$pkgname-$pkgver.tar.bz2
0001-elfload-load-PIE-executables-to-right-address.patch
0006-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
0001-linux-user-fix-build-with-musl-on-aarch64.patch
musl-F_SHLCK-and-F_EXLCK.patch
fix-sigevent-and-sigval_t.patch
xattr_size_max.patch
ncurses.patch
$pkgname-guest-agent.confd
$pkgname-guest-agent.initd
80-kvm.rules
bridge.conf
CVE-2016-9102.patch
CVE-2016-10155.patch
CVE-2017-5525.patch
CVE-2017-5552.patch
CVE-2017-5578.patch
CVE-2017-5579.patch
CVE-2017-5856.patch
CVE-2017-5857.patch
CVE-2017-5898.patch
CVE-2017-6505.patch
"
builddir="$srcdir"/$pkgname-$pkgver
# secfixes:
# 2.8.1.1-r0:
# - CVE-2016-9101
# - CVE-2016-9102
# - CVE-2016-9103
# - CVE-2016-9104
# - CVE-2016-9105
# - CVE-2016-9106
# - CVE-2016-10155
# - CVE-2017-5525
# - CVE-2017-5552
# - CVE-2017-5578
# - CVE-2017-5579
# - CVE-2017-5667
# - CVE-2017-5856
# - CVE-2017-5857
# - CVE-2017-5898
# - CVE-2017-5931
# - CVE-2017-2615
# - CVE-2017-2620
# - CVE-2017-6505
prepare() {
default_prepare || return 1 # apply patches
sed -i 's/^VL_LDFLAGS=$/VL_LDFLAGS=-Wl,-z,execheap/' \
Makefile.target
}
_compile() {
../configure \
--prefix=/usr \
--localstatedir=/var \
--sysconfdir=/etc \
--libexecdir=/usr/lib/qemu \
--audio-drv-list=oss,alsa \
--enable-kvm \
--enable-vde \
--enable-virtfs \
--enable-curl \
--enable-cap-ng \
--enable-linux-aio \
--enable-usb-redir \
--enable-libssh2 \
--enable-vhost-net \
--enable-pie \
--enable-snappy \
--enable-tpm \
--enable-libnfs \
--enable-lzo \
--enable-docs \
--enable-curses \
--disable-glusterfs \
--disable-debug-info \
--disable-bsd-user \
--disable-werror \
--disable-sdl \
--disable-xen \
--cc="${CC:-gcc}" \
"$@" \
|| return 1
make ARFLAGS="rc" || return 1
}
build() {
mkdir -p "$builddir"/build \
"$builddir"/build-gtk
cd "$builddir"/build
_compile \
--enable-vnc \
--enable-vnc-png \
--enable-vnc-jpeg \
--enable-spice \
--enable-linux-user \
--enable-guest-agent \
--disable-gtk \
|| return 1
# tests fails on x86
# http://lists.gnu.org/archive/html/qemu-devel/2012-11/msg01429.html
# http://web.archiveorange.com/archive/v/21oVv8wOfpQGkyy8EK0N
# make check || return 1
if [ -n "$_arch" ]; then
cd "$builddir"/build-gtk
_compile \
--enable-gtk \
--with-gtkabi=3.0 \
--disable-linux-user \
--disable-vnc \
--disable-spice \
--disable-guest-agent \
--target-list="$_arch-softmmu" \
|| return 1
fi
}
package() {
cd "$builddir"/build
make DESTDIR="$pkgdir" install || return 1
paxmark -m "$pkgdir"/usr/bin/qemu-system-* || return 1
install -Dm640 -g qemu "$srcdir"/bridge.conf \
"$pkgdir"/etc/qemu/bridge.conf || return 1
install -Dm644 "$srcdir"/80-kvm.rules \
"$pkgdir"/lib/udev/rules.d/80-kvm.rules || return 1
# qemu-bridge-helper needs suid to create tunX devices;
# allow only users in the qemu group to run it.
chmod 04710 "$pkgdir"/usr/lib/qemu/qemu-bridge-helper || return 1
chgrp qemu "$pkgdir"/usr/lib/qemu/qemu-bridge-helper || return 1
if [ -n "$_arch" ]; then
cd "$builddir"/build-gtk
install $_arch-softmmu/qemu-system-$_arch \
"$pkgdir"/usr/bin/qemu-system-$_arch-gtk || return 1
fi
# Do not install HTML docs.
rm "$pkgdir"/usr/share/doc/qemu/*.html
}
_subsys() {
local name=${1:-"${subpkgname#$pkgname-}"}
pkgdesc="Qemu ${name/-/ } emulator"
depends="qemu"
options=""
mkdir -p "$subpkgdir"/usr/bin
mv "$pkgdir"/usr/bin/qemu-$name "$subpkgdir"/usr/bin/
}
img() {
pkgdesc="QEMU command line tool for manipulating disk images"
replaces="qemu"
options=""
mkdir -p "$subpkgdir"/usr/bin
mv "$pkgdir"/usr/bin/qemu-img \
"$pkgdir"/usr/bin/qemu-io \
"$subpkgdir"/usr/bin/ || return 1
# We exploit the fact that -img subpackage are created last
# and check that we done have new systems that belongs in
# subpackage.
local path= retval=0
for path in "$pkgdir"/usr/bin/qemu-system-*; do
if [ -r "$path" ]; then
error "Please create a subpackage for ${path##*/}"
retval=1
fi
done
return $retval
}
guest() {
pkgdesc="QEMU guest agent"
options=""
mkdir -p "$subpkgdir"/usr/bin
mv "$pkgdir"/usr/bin/qemu-ga "$subpkgdir"/usr/bin/ || return 1
install -Dm755 "$srcdir"/$pkgname-guest-agent.initd \
"$subpkgdir"/etc/init.d/$pkgname-guest-agent || return 1
install -Dm644 "$srcdir"/$pkgname-guest-agent.confd \
"$subpkgdir"/etc/conf.d/$pkgname-guest-agent || return 1
}
md5sums="a6a23a0c59fd0f8ec564b0fb89a79954 qemu-2.8.1.1.tar.bz2
672727bb1d8c8ab7b5def65dd1793c33 0001-elfload-load-PIE-executables-to-right-address.patch
d364208c4847ad2baeb237900befecd1 0006-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
38fbaee6f2913993169e5b39d96927a1 0001-linux-user-fix-build-with-musl-on-aarch64.patch
19a26bd596f0a1c55d2e831106ce96f5 musl-F_SHLCK-and-F_EXLCK.patch
18f3194bdb0751d1c96140bd4d98b86f fix-sigevent-and-sigval_t.patch
36b835d7f00aa99f69d909bcdff9b1cf xattr_size_max.patch
4b3b899ebc67accff89ace306d48668e ncurses.patch
1663bc6977f6886a58394155b1bf3676 qemu-guest-agent.confd
ea972f2fc5505488f68320bf386106bb qemu-guest-agent.initd
66660f143235201249dc0648b39b86ee 80-kvm.rules
a2f5570453f2489b6e4023e96f70cb7e bridge.conf
fcdd29dbfa628d009509d012e708195d CVE-2016-9102.patch
c856f6933e89054b1551c899388ea135 CVE-2016-10155.patch
025eca2d1c54ab1405b4f51fe5e9ed10 CVE-2017-5525.patch
e74541b2f280df892d5b0db47f28a25b CVE-2017-5552.patch
5bf67a11540bcd7574d3207c0dc528b2 CVE-2017-5578.patch
583264963ab9961a6472134b666dd7c6 CVE-2017-5579.patch
617be04c5990cef0cae6a4dc1cdf7d71 CVE-2017-5856.patch
228584e3469f42b423031f7010d23278 CVE-2017-5857.patch
efe40d8b1d0fc1593f9415abd3d31cfe CVE-2017-5898.patch
bebadea798d684fbff3b5e3c4759bd26 CVE-2017-6505.patch"
sha256sums="f62ab18a1fb9ff5b4c81ed44becc945b11581eff777618141bdb787da55d3638 qemu-2.8.1.1.tar.bz2
af35304b165622a53f7557b59ffd8da5030f5fd444e669c862f9410131f3b987 0001-elfload-load-PIE-executables-to-right-address.patch
6af6cf9044997710a6d0fbdba30a35c8d775e30d30c032ec97db672f75ec88ac 0006-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
1086ee9ea9411b3bacaf58bc72630a159260ef873a66710b7edb7223be1ea2c0 0001-linux-user-fix-build-with-musl-on-aarch64.patch
ec5e2bd34636c47f464c6b9efd01e487a7b81602c8b598df6efe8d8ceed0c2e5 musl-F_SHLCK-and-F_EXLCK.patch
5bd5723873af643406b250641e7eaa248ce728b8caf8e761e219728f59ce6072 fix-sigevent-and-sigval_t.patch
a0c21e70495ac249e3dfcba7420eebe044c6cccc5a8bdc5b635d89ca2e2eac7f xattr_size_max.patch
f24b9492f208d386edc5a7a5222906e4816733348e0c557c09ce813bbd80be92 ncurses.patch
d84e53a94584f37f3bd1b21f44077b5de0d07094c6729f26ae20ab1f7b9cc298 qemu-guest-agent.confd
5bef90ccab2e743868fd562eee9a3ded35c8d3e01fa387367ed55a0da95570d5 qemu-guest-agent.initd
37f666f1cdb7d8a62171de69b531681dcb0fba74236729dac8b6c019232eba84 80-kvm.rules
2f05021990014a5f832aa17317c1464806dc97c278f88d8284db88378f53cb32 bridge.conf
b1f6b4a38fadc543ef53c49bc4a8a44e15d126aa1cc5ee9eacae5cdb28639c1c CVE-2016-9102.patch
7c8ff81f37f7c768eeebfa789e59ad2b3e63d9b7d9f91682fa0d024dbd0360f6 CVE-2016-10155.patch
e2fae28919a467675a0b1747fae34f2cdc18a2b3332b99c7a2e49691b1220ba4 CVE-2017-5525.patch
f9bb04f19677e62a49d2d13fc2e6540565911a3b51d59765d00dac23be5cdf8e CVE-2017-5552.patch
c866543572e2b651f953f2f70f537ee77c418e7e1bb593e1bbd29d2c51c84777 CVE-2017-5578.patch
036d4d2a7b37c92f33bd033226699d4110273256682fe02bf2accde022f46c51 CVE-2017-5579.patch
5cfaf143a479f81d3ef955f1fbaa1da4f16cc16da1e602cb8de96644919df20e CVE-2017-5856.patch
e2150a7cc92b72e3f20506b9c76b40599af8d2366d25bd9b245a0bffa66ad8eb CVE-2017-5857.patch
763784f398f73b10ce4bc103366ca7e5c889804fc144a419a00e6902380652f8 CVE-2017-5898.patch
e941cde157d16f30707b67c180f9021b1014c46c6957cb169a5b7d79813eefd8 CVE-2017-6505.patch"
sha512sums="6e680aa329e1cf739b5dac3d232abc584a71efd990227e598226cbd118c298b4496593b1084fb55e0e2580c4cc9364562c3ad63f33465b9b93de633cf4cabc15 qemu-2.8.1.1.tar.bz2
405008589cad1c8b609eca004d520bf944366e8525f85a19fc6e283c95b84b6c2429822ba064675823ab69f1406a57377266a65021623d1cd581e7db000134fd 0001-elfload-load-PIE-executables-to-right-address.patch
ec84b27648c01c6e58781295dcd0c2ff8e5a635f9836ef50c1da5d0ed125db1afc4cb5b01cb97606d6dd8f417acba93e1560d9a32ca29161a4bb730b302440ea 0006-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
4431dad803156d424a6c9fc74783762590b27fcb3bfadb6b23b149bc9e71c31f139991541aa4e0583c17ac531242dff02ebf4d5a8f9a9a77be757fb30cb65565 0001-linux-user-fix-build-with-musl-on-aarch64.patch
224f5b44da749921e8a821359478c5238d8b6e24a9c0b4c5738c34e82f3062ec4639d495b8b5883d304af4a0d567e38aa6623aac1aa3a7164a5757c036528ac0 musl-F_SHLCK-and-F_EXLCK.patch
5da8114b9bd2e62f0f1f0f73f393fdbd738c5dea827ea60cedffd6f6edd0f5a97489c7148d37a8ec5a148d4e65d75cbefe9353714ee6b6f51a600200133fc914 fix-sigevent-and-sigval_t.patch
4b1e26ba4d53f9f762cbd5cea8ef6f8062d827ae3ae07bc36c5b0c0be4e94fc1856ad2477e8e791b074b8a25d51ed6d0ddd75e605e54600e5dd0799143793ce4 xattr_size_max.patch
b6ed02aaf95a9bb30a5f107d35371207967edca058f3ca11348b0b629ea7a9c4baa618db68a3df72199eea6d86d14ced74a5a229d17604cc3f0adedcfeae7a73 ncurses.patch
d90c034cae3f9097466854ed1a9f32ab4b02089fcdf7320e8f4da13b2b1ff65067233f48809911485e4431d7ec1a22448b934121bc9522a2dc489009e87e2b1f qemu-guest-agent.confd
316b40d97587fea717821852859d81039cfdcb276a658bb6e6fb554e321d5856a833ebb3778149c4732cea625bac320b1008d374c88a9aae35c0fb67977c01b7 qemu-guest-agent.initd
9b7a89b20fcf737832cb7b4d5dc7d8301dd88169cbe5339eda69fbb51c2e537d8cb9ec7cf37600899e734209e63410d50d0821bce97e401421db39c294d97be2 80-kvm.rules
749efa2e764006555b4fd3a8e2f6d1118ad2ea4d45acf99104a41a93cfe66dc9685f72027c17d8211e5716246c2a52322c962cf4b73b27541b69393cd57f53bb bridge.conf
c605c658f6a15467b9c21fb89995497a24ee8093f1c7eb68e17d89cc106dc7f3473195287ab349e822a5a287b08845f817ac9087bc4a8293707a2b9fa8264683 CVE-2016-9102.patch
350f53bf39bc644fd3f6cad297a5bcd33829e83283285ec372354c2b70a51bf52be691499f2fc40c1c76bb3ceaf3c65fb1a82e384e18cecda6ef38bbf457ab09 CVE-2016-10155.patch
a633ffdbd6eb58b1f091553db7944b72f6c5ea412b82f8162b4ece4b3c98aa550246bb8ab865b24468455f92bbb4908d842e03e84b9fb1fb0f1084a4e6097288 CVE-2017-5525.patch
1a17a4c9c5c2bb724735dade20c196bf90f5ab419b0dc5ca3ce771ac68d493d1f831722fe1aac8636f2c22ebecaa4560693aad98a87bd4e45c9fa529a1549546 CVE-2017-5552.patch
5f104e05e904a1392ca31203f02b7b546aeb91f1a438631c8a5f0fb5c6c051b19d8d0219b2c71aadd5d5404222d5dbc8e80127d2afaea6ed2bf918007d613a8a CVE-2017-5578.patch
74415ea5e6f6bfa787a2515da86c3ead87b0a9694d6adbdd390cbb3be43e1c88b4be4a8891f46bc6af520d3d5582c9ebe70572e2bb78d13c29d5ca12695d33ed CVE-2017-5579.patch
2b051f9d9265f9039e2cfed0bbdc93360f1660ea5b4129ec01f6faa3c1b6b135f5c949ddc26fe05a91a95a3ac558e8844ec292558c1dd66552868cbbc6aa8744 CVE-2017-5856.patch
d6d000b57f1fb194f9554165621109b364ebdb61416bc07e2283f2d493c33e770d1b63002d62565aae1ac19ed0ad9e572c207341aa1ad023581f349f62158d30 CVE-2017-5857.patch
80f89d75970345fbf6771cb16ed0d48c91c52b6b63ac967b3dbef56c16b654df432fa7ada0549c1b812d3d641f831fe20cb8b0eb52c46b8e73ade2801a563a8d CVE-2017-5898.patch
a151ffb922670e044851c15b1404dc4bbf62905fa075ebedce36d706cbc97e8d8c2abbb53946d2d42a24d86a616425d936abf1da2298390c38867743931fd1b8 CVE-2017-6505.patch"
|
