aboutsummaryrefslogtreecommitdiffstats
path: root/community/qemu/APKBUILD
diff options
context:
space:
mode:
Diffstat (limited to 'community/qemu/APKBUILD')
-rw-r--r--community/qemu/APKBUILD287
1 files changed, 229 insertions, 58 deletions
diff --git a/community/qemu/APKBUILD b/community/qemu/APKBUILD
index 20e922183e6..91506b96c5a 100644
--- a/community/qemu/APKBUILD
+++ b/community/qemu/APKBUILD
@@ -3,17 +3,17 @@
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=qemu
-pkgver=6.1.0
-pkgrel=1
+pkgver=8.2.2
+pkgrel=0
pkgdesc="QEMU is a generic machine emulator and virtualizer"
url="https://qemu.org/"
arch="all"
-license="GPL-2.0 LGPL-2"
+license="GPL-2.0-only AND LGPL-2.1-only"
makedepends="
- meson
- bash
alsa-lib-dev
+ bash
bison
+ capstone-dev
curl-dev
flex
glib-dev
@@ -21,24 +21,28 @@ makedepends="
gnutls-dev
gtk+3.0-dev
libaio-dev
+ libbpf-dev
libcap-dev
libcap-ng-dev
libjpeg-turbo-dev
libnfs-dev
libpng-dev
libseccomp-dev
+ libslirp-dev
libssh-dev
+ liburing-dev
libusb-dev
libxml2-dev
linux-headers
lzo-dev
+ meson
ncurses-dev
numactl-dev
perl
pulseaudio-dev
- python3
py3-sphinx
py3-sphinx_rtd_theme
+ python3
sdl2-dev
snappy-dev
spice-dev
@@ -52,7 +56,6 @@ makedepends="
zlib-dev
zlib-static
zstd-dev
- zstd-static
"
pkggroups="qemu"
install="$pkgname.pre-install $pkgname.post-install $pkgname.pre-upgrade"
@@ -60,10 +63,21 @@ install="$pkgname.pre-install $pkgname.post-install $pkgname.pre-upgrade"
# suid needed for qemu-bridge-helper
# strip fails on .img files
# some tests does not run on our builders
-options="suid !strip !check"
-[ "$CARCH" = "riscv64" ] && options="$options textrels"
-
-subpackages="$pkgname-doc $pkgname-lang $pkgname-guest-agent:guest
+options="suid !strip !check textrels"
+
+subpackages="
+ $pkgname-dev
+ $pkgname-doc
+ $pkgname-lang
+ $pkgname-guest-agent:guest
+ $pkgname-guest-agent-openrc
+ $pkgname-tools:_tools
+ $pkgname-hppa-firmware:_hppa_firmware
+ $pkgname-ppc-firmware:_ppc_firmware
+ $pkgname-s390x-firmware:_s390x_firmware
+ $pkgname-pr-helper:_pr_helper
+ $pkgname-vhost-user-gpu:_vhost_user_gpu
+ $pkgname-bridge-helper:bridgehelper
"
_subsystems="
@@ -73,8 +87,10 @@ _subsystems="
arm
armeb
cris
+ hexagon
hppa
i386
+ loongarch64
m68k
microblaze
microblazeel
@@ -104,6 +120,7 @@ _subsystems="
system-cris
system-hppa
system-i386
+ system-loongarch64
system-m68k
system-microblaze
system-microblazeel
@@ -136,37 +153,54 @@ for _sub in $_subsystems; do
done
_modules="
- accel-tcg-i386
- accel-tcg-x86_64
-
audio-alsa
audio-oss
audio-pa
audio-sdl
+ audio-spice
block-curl
block-dmg-bz2
block-nfs
block-ssh
- hw-display-qxl
- hw-usb-redirect
- ui-curses
- ui-gtk
- ui-sdl
- ui-spice-app
- audio-spice
chardev-spice
- hw-display-virtio-gpu-pci
+ hw-display-qxl
hw-display-virtio-gpu
- hw-display-virtio-vga
hw-display-virtio-gpu-gl
+ hw-display-virtio-gpu-pci
hw-display-virtio-gpu-pci-gl
+ hw-display-virtio-vga
hw-display-virtio-vga-gl
hw-s390x-virtio-gpu-ccw
hw-usb-host
+ hw-usb-redirect
+ ui-curses
ui-egl-headless
+ ui-gtk
ui-opengl
+ ui-sdl
+ ui-spice-app
ui-spice-core
"
+
+case "$CARCH" in
+x86)
+ # ui-dbus has textrels
+ _configure_dbus=--disable-dbus-display
+ ;;
+*)
+ _modules="$_modules audio-dbus ui-dbus"
+ _configure_dbus=--enable-dbus-display
+ ;;
+esac
+
+case "$CARCH" in
+arm*|x86) ;;
+*)
+ makedepends="$makedepends ceph-dev"
+ _modules="$_modules block-rbd"
+ _configure_rbd="--enable-rbd"
+esac
+
for _mod in $_modules; do
subpackages="$subpackages $pkgname-$_mod:_module"
done
@@ -174,15 +208,17 @@ subpackages="$subpackages qemu-modules:_all_modules"
subpackages="$subpackages $pkgname-img" # -img must be declared the last
+# https://gitlab.com/qemu-project/qemu/-/commit/91e0127087257048d2eb98b5b1a5671f53c3a36d
+_edk2hash="91e0127087257048d2eb98b5b1a5671f53c3a36d"
source="https://wiki.qemu-project.org/download/qemu-$pkgver.tar.xz
0006-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
- 0001-linux-user-fix-build-with-musl-on-aarch64.patch
xattr_size_max.patch
- 0001-linux-user-fix-build-with-musl-on-ppc64le.patch
MAP_SYNC-fix.patch
fix-sockios-header.patch
guest-agent-shutdown.patch
+ lfs64.patch
mips-softfloat.patch
+ musl-initialise-msghdr.patch
CVE-2021-20255.patch
@@ -193,12 +229,69 @@ source="https://wiki.qemu-project.org/download/qemu-$pkgver.tar.xz
"
# secfixes:
+# 8.0.2-r1:
+# - CVE-2023-2861
+# 8.0.0-r6:
+# - CVE-2023-0330
+# 7.1.0-r4:
+# - CVE-2022-2962
+# - CVE-2022-3165
+# 7.0.0-r0:
+# - CVE-2021-4158
+# 6.1.0-r0:
+# - CVE-2020-35503
+# - CVE-2021-3507
+# - CVE-2021-3544
+# - CVE-2021-3545
+# - CVE-2021-3546
+# - CVE-2021-3682
# 6.0.0-r2:
+# - CVE-2020-35504
+# - CVE-2020-35505
+# - CVE-2020-35506
# - CVE-2021-3527
# 6.0.0-r1:
+# - CVE-2021-20181
# - CVE-2021-20255
+# - CVE-2021-3392
+# - CVE-2021-3409
+# - CVE-2021-3416
+# 5.2.0-r0:
+# - CVE-2020-24352
+# - CVE-2020-25723
+# - CVE-2020-25742
+# - CVE-2020-25743
+# - CVE-2020-27661
+# - CVE-2020-27821
+# - CVE-2020-29443
+# - CVE-2020-35517
+# - CVE-2021-20203
# 5.1.0-r1:
+# - CVE-2020-13361
+# - CVE-2020-13362
# - CVE-2020-14364
+# - CVE-2020-15863
+# - CVE-2020-16092
+# - CVE-2020-17380
+# - CVE-2020-25084
+# - CVE-2020-25085
+# - CVE-2020-25624
+# - CVE-2020-25625
+# - CVE-2020-25741
+# - CVE-2020-28916
+# 5.0.0-r0:
+# - CVE-2020-13659
+# - CVE-2020-13754
+# - CVE-2020-13791
+# - CVE-2020-13800
+# - CVE-2020-14415
+# - CVE-2020-15469
+# - CVE-2020-15859
+# - CVE-2020-27616
+# - CVE-2020-27617
+# - CVE-2021-20221
+# 4.2.0-r0:
+# - CVE-2020-13765
# 2.8.1-r1:
# - CVE-2016-7994
# - CVE-2016-7995
@@ -227,7 +320,7 @@ source="https://wiki.qemu-project.org/download/qemu-$pkgver.tar.xz
# - CVE-2017-5931
_compile_common() {
- CFLAGS="${CFLAGS/-Os/-O2}" "$builddir"/configure \
+ "$builddir"/configure \
--prefix=/usr \
--localstatedir=/var \
--sysconfdir=/etc \
@@ -246,6 +339,11 @@ _compile_common() {
}
build() {
+ # it pretty much never makes sense to optimise qemu for disk size
+ export CFLAGS="$CFLAGS -O2"
+ export CXXFLAGS="$CXXFLAGS -O2"
+ export CPPFLAGS="$CPPFLAGS -O2"
+
mkdir -p "$builddir"/build \
"$builddir"/build-static
@@ -254,30 +352,33 @@ build() {
--enable-linux-user \
--disable-system \
--static \
+ --disable-brlapi \
+ --disable-bpf \
+ --disable-cap-ng \
+ --disable-capstone \
+ --disable-curl \
+ --disable-curses \
--disable-docs \
- --disable-sdl \
+ --disable-gcrypt \
+ --disable-gnutls \
--disable-gtk \
- --disable-spice \
- --disable-tools \
--disable-guest-agent \
--disable-guest-agent-msi \
- --disable-curses \
- --disable-curl \
- --disable-gnutls \
- --disable-gcrypt \
- --disable-nettle \
- --disable-cap-ng \
- --disable-brlapi \
- --disable-mpath \
--disable-libnfs \
+ --disable-mpath \
+ --disable-nettle \
--disable-numa \
- --disable-capstone
+ --disable-sdl \
+ --disable-spice \
+ --disable-tools
cd "$builddir"/build
_compile_common \
--disable-linux-user \
--audio-drv-list=oss,alsa,sdl,pa \
+ --enable-bpf \
--enable-cap-ng \
+ --enable-capstone \
--enable-curl \
--enable-curses \
--enable-docs \
@@ -301,9 +402,9 @@ build() {
--enable-virtfs \
--enable-vnc \
--enable-vnc-jpeg \
- --enable-vnc-png \
--enable-zstd \
- --tls-priority=@QEMU,SYSTEM
+ $_configure_rbd \
+ $_configure_dbus
}
check() {
@@ -335,10 +436,15 @@ package() {
rm -rf "$pkgdir"/usr/share/doc
# remove accel-qtest-* modules, not needed for package
rm -f "$pkgdir"/usr/lib/qemu/accel-qtest-*
+
+ install -Dm755 "$srcdir"/$pkgname-guest-agent.initd \
+ "$pkgdir"/etc/init.d/$pkgname-guest-agent
+ install -Dm644 "$srcdir"/$pkgname-guest-agent.confd \
+ "$pkgdir"/etc/conf.d/$pkgname-guest-agent
}
_subsys() {
- local name=${1:-"${subpkgname#$pkgname-}"}
+ local name=${1:-"${subpkgname#"$pkgname"-}"}
pkgdesc="Qemu ${name/-/ } emulator"
options=""
depends=""
@@ -346,8 +452,69 @@ _subsys() {
system*) depends="qemu";;
esac
- mkdir -p "$subpkgdir"/usr/bin
- mv "$pkgdir"/usr/bin/qemu-$name "$subpkgdir"/usr/bin/
+ amove /usr/bin/qemu-$name
+
+ local _arch=${name#system-}
+ case "$name" in
+ system-aarch64)
+ amove /usr/share/qemu/edk2-aarch64-code.fd
+ ;;
+ system-arm)
+ amove /usr/share/qemu/edk2-arm-code.fd \
+ /usr/share/qemu/edk2-arm-vars.fd
+ ;;
+ system-x86_64|system-i386)
+ provides="qemu-accel-tcg-$_arch"
+ amove /usr/lib/qemu/accel-tcg-$_arch.so \
+ /usr/share/qemu/edk2-$_arch-code.fd \
+ /usr/share/qemu/edk2-$_arch-secure-code.fd
+ ;;
+ system-s390x|system-hppa|system-ppc)
+ depends="$pkgname-$_arch-firmware"
+ ;;
+ esac
+}
+
+_tools() {
+ pkgdesc="QEMU support tools"
+ depends=""
+ options=""
+ amove /usr/bin/qemu-edid \
+ /usr/bin/qemu-keymap \
+ /usr/bin/elf2dmp
+}
+
+# keep s390x boot files in subpackage to prevent abuild from stripping it
+_s390x_firmware() {
+ pkgdesc="QEMU s390x boot devices"
+ depends=""
+ amove /usr/share/qemu/s390-ccw.img \
+ /usr/share/qemu/s390-netboot.img
+}
+
+_hppa_firmware() {
+ pkgdesc="QEMU hppa firmware"
+ depends=""
+ amove /usr/share/qemu/hppa-firmware.img
+}
+
+_ppc_firmware() {
+ pkgdesc="QEMU ppc firmware"
+ depends=""
+ amove /usr/share/qemu/openbios-ppc
+}
+
+_vhost_user_gpu() {
+ pkgdesc="QEMU vhost user GPU device"
+ depends=""
+ options=""
+ amove /usr/lib/qemu/vhost-user-gpu \
+ /usr/share/qemu/vhost-user/50-qemu-gpu.json
+}
+
+_pr_helper() {
+ pkgdesc="QEMU pr helper utility"
+ amove /usr/bin/qemu-pr-helper
}
img() {
@@ -359,6 +526,7 @@ img() {
mv "$pkgdir"/usr/bin/qemu-img \
"$pkgdir"/usr/bin/qemu-io \
"$pkgdir"/usr/bin/qemu-nbd \
+ "$pkgdir"/usr/bin/qemu-storage-daemon \
"$subpkgdir"/usr/bin/
# We exploit the fact that -img subpackage are created last
@@ -381,11 +549,6 @@ guest() {
mkdir -p "$subpkgdir"/usr/bin
mv "$pkgdir"/usr/bin/qemu-ga "$subpkgdir"/usr/bin/
-
- install -Dm755 "$srcdir"/$pkgname-guest-agent.initd \
- "$subpkgdir"/etc/init.d/$pkgname-guest-agent
- install -Dm644 "$srcdir"/$pkgname-guest-agent.confd \
- "$subpkgdir"/etc/conf.d/$pkgname-guest-agent
}
_module() {
@@ -413,17 +576,25 @@ _all_modules() {
mkdir -p "$subpkgdir"
}
+bridgehelper() {
+ pkgdesc="QEMU SUID helper for bridged networking"
+ install_if="$pkgname=$pkgver-r$pkgrel"
+
+ amove usr/lib/qemu/qemu-bridge-helper \
+ etc/qemu/bridge.conf
+}
+
sha512sums="
-3378ae21c75b77ee6a759827f1fcf7b2a50a0fef07e3b0e89117108022a8d8655fa977e4d65596f4f24f7c735c6594d44b0c6f69732ea4465e88a7406b1d5d3c qemu-6.1.0.tar.xz
-98db5e23397cfad4a7210f9f7e1c5fa5c48f065785439521c5b39325c429f2dc367c40925adff6aa8677b3192a1a98a30e93d5b9c879df523deb019c40edd9d9 0006-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
-1ac043312864309e19f839a699ab2485bca51bbf3d5fdb39f1a87b87e3cbdd8cbda1a56e6b5c9ffccd65a8ac2f600da9ceb8713f4dbba26f245bc52bcd8a1c56 0001-linux-user-fix-build-with-musl-on-aarch64.patch
-4b1e26ba4d53f9f762cbd5cea8ef6f8062d827ae3ae07bc36c5b0c0be4e94fc1856ad2477e8e791b074b8a25d51ed6d0ddd75e605e54600e5dd0799143793ce4 xattr_size_max.patch
-d8933df9484158c2b4888254e62117d78f8ed7c18527b249419f39c2b2ab1afa148010884b40661f8965f1ef3105580fceffdfddbb2c9221dc1c62066722ba65 0001-linux-user-fix-build-with-musl-on-ppc64le.patch
-d7de79ea74e36702cac4a59e472564a55f0a663be7e63c3755e32b4b5dfbc04b390ee79f09f43f6ae706ee2aec9e005eade3c0fd4a202db60d11f436874a17d7 MAP_SYNC-fix.patch
-39590476a4ebd7c1e79a4f0451b24c75b1817a2a83abaa1f71bb60b225d772152f0af8f3e51ff65645e378c536ffa6ff551dade52884d03a14b7c6a19c5c97d4 fix-sockios-header.patch
-d6b81846cefd46b8fd1fb04450d4898f97dc77d11e049fb1bc8e2553bbb88c8325151d0e4bec70cc6820a5863c1d1749b99100b4747d91182856c3ca1946cb28 guest-agent-shutdown.patch
-e3acdab38c17eccb87bce1dfec22ce9474dae281474b886860848ae206006b071378882b855023916bb00a86cfbe55216c3fa4336b4e402399df2a9937b8c21c mips-softfloat.patch
-e9389a6e3b2c3b59f66ea13eb7a3515e87341a68ca14afeb1ddd0084717bf4a13f5f58dc41dadbf0f2faf8fe1ae94ba7d1469c41539c79e45fa1624c6081e904 CVE-2021-20255.patch
+dfd2e1305f9e51bfbc90a7738c69336d5f805481a626ea527b971bdfb6dbe6867e5df7461d48d1c22b79be2dc18e057ea9fa36ef593127cd8b262a5c33f1aa41 qemu-8.2.2.tar.xz
+b392f229e631d149d28eb952dcd507d9e5b6975cbba123fd3dab10860fa1936d5035d8e266926652acc1d7cde6874c440beccd33d729bf346769d2c138ebbc01 0006-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch
+2c6b3b22877674f870958bb0c74ad85c814f01c98fb123142b1ce77d89adf5c08626e6eade7f627090a53b48f5cebe2a535547804345648cff91dd66f90c2d5b xattr_size_max.patch
+7672a3518050f275219920f2cb088f6991ac810dba077856129d779fdf45a3e8c0302c8ca4aa58c0c38e44af80f56404006b3f250e4921fb364cd6fe7149e6ea MAP_SYNC-fix.patch
+54d26c3c44730fbd2a155431558fba6a1a3f25d8c057a8e5b8b0d802cb2b6c8a12545a16069fff1b9888a15d6cb087e9750d5e2c310dfc1a3fc756509d3d963e fix-sockios-header.patch
+8eed250bea980a35f4f50365e904f56aa4751aeeb2ba9a6bbc6ad27ab9842cf3c773e48be058d9456278d1cc4006e5e80e368cbcb429ccb28a25df92b11477d7 guest-agent-shutdown.patch
+d5b4626193fa9b7c687a649aa5ea37d8a74fd2e556a66a71e31af618a0990e144beae253b82b89efd8a798102bcab59cf1a61a76029afcdb0bc5ed58fb40493f lfs64.patch
+8a8385dbf4a232adbd51be31d64b1e3ad2333eeb0de867555f995bf1b353ec530f85a25c8b33ce6b9572edfe4bb979a0645f14b839394d8bd47c9ffcd91509a2 mips-softfloat.patch
+7a6340df8aa28811af20cd23b98ba95fc8072d4d4d3a2d497604386396892cf26716d0755821e47d02c8eded203133d7dde100537c117e2a047179e4f93883cf musl-initialise-msghdr.patch
+25778c29c1f2bf40572125a7b39a01227e3165ed555add44de72a714e4b9d5a91b1504f69d0df55b4e178035813d4c3eca5be048d9afa5e3647d13df3e2f5a30 CVE-2021-20255.patch
d90c034cae3f9097466854ed1a9f32ab4b02089fcdf7320e8f4da13b2b1ff65067233f48809911485e4431d7ec1a22448b934121bc9522a2dc489009e87e2b1f qemu-guest-agent.confd
1cd24c2444c5935a763c501af2b0da31635aad9cf62e55416d6477fcec153cddbe7de205d99616def11b085e0dd366ba22463d2270f831d884edbc307c7864a6 qemu-guest-agent.initd
9b7a89b20fcf737832cb7b4d5dc7d8301dd88169cbe5339eda69fbb51c2e537d8cb9ec7cf37600899e734209e63410d50d0821bce97e401421db39c294d97be2 80-kvm.rules