diff options
Diffstat (limited to 'community/qemu/APKBUILD')
-rw-r--r-- | community/qemu/APKBUILD | 319 |
1 files changed, 253 insertions, 66 deletions
diff --git a/community/qemu/APKBUILD b/community/qemu/APKBUILD index b74e8c35708..91506b96c5a 100644 --- a/community/qemu/APKBUILD +++ b/community/qemu/APKBUILD @@ -3,17 +3,17 @@ # Contributor: Jakub Jirutka <jakub@jirutka.cz> # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=qemu -pkgver=5.2.0 -pkgrel=2 +pkgver=8.2.2 +pkgrel=0 pkgdesc="QEMU is a generic machine emulator and virtualizer" url="https://qemu.org/" arch="all" -license="GPL-2.0 LGPL-2" +license="GPL-2.0-only AND LGPL-2.1-only" makedepends=" - meson - bash alsa-lib-dev + bash bison + capstone-dev curl-dev flex glib-dev @@ -21,22 +21,28 @@ makedepends=" gnutls-dev gtk+3.0-dev libaio-dev + libbpf-dev libcap-dev libcap-ng-dev libjpeg-turbo-dev libnfs-dev libpng-dev libseccomp-dev + libslirp-dev libssh-dev + liburing-dev libusb-dev libxml2-dev linux-headers lzo-dev + meson ncurses-dev + numactl-dev perl pulseaudio-dev - python3 py3-sphinx + py3-sphinx_rtd_theme + python3 sdl2-dev snappy-dev spice-dev @@ -49,14 +55,29 @@ makedepends=" xfsprogs-dev zlib-dev zlib-static + zstd-dev " pkggroups="qemu" install="$pkgname.pre-install $pkgname.post-install $pkgname.pre-upgrade" + # suid needed for qemu-bridge-helper # strip fails on .img files # some tests does not run on our builders -options="suid !strip !check" -subpackages="$pkgname-doc $pkgname-lang $pkgname-guest-agent:guest +options="suid !strip !check textrels" + +subpackages=" + $pkgname-dev + $pkgname-doc + $pkgname-lang + $pkgname-guest-agent:guest + $pkgname-guest-agent-openrc + $pkgname-tools:_tools + $pkgname-hppa-firmware:_hppa_firmware + $pkgname-ppc-firmware:_ppc_firmware + $pkgname-s390x-firmware:_s390x_firmware + $pkgname-pr-helper:_pr_helper + $pkgname-vhost-user-gpu:_vhost_user_gpu + $pkgname-bridge-helper:bridgehelper " _subsystems=" @@ -66,8 +87,10 @@ _subsystems=" arm armeb cris + hexagon hppa i386 + loongarch64 m68k microblaze microblazeel @@ -97,6 +120,7 @@ _subsystems=" system-cris system-hppa system-i386 + system-loongarch64 system-m68k system-microblaze system-microblazeel @@ -104,7 +128,6 @@ _subsystems=" system-mips64 system-mips64el system-mipsel - system-moxie system-nios2 system-or1k system-ppc @@ -134,25 +157,50 @@ _modules=" audio-oss audio-pa audio-sdl + audio-spice block-curl block-dmg-bz2 block-nfs block-ssh + chardev-spice hw-display-qxl + hw-display-virtio-gpu + hw-display-virtio-gpu-gl + hw-display-virtio-gpu-pci + hw-display-virtio-gpu-pci-gl + hw-display-virtio-vga + hw-display-virtio-vga-gl + hw-s390x-virtio-gpu-ccw + hw-usb-host hw-usb-redirect ui-curses + ui-egl-headless ui-gtk + ui-opengl ui-sdl ui-spice-app - audio-spice - chardev-spice - hw-display-virtio-gpu-pci - hw-display-virtio-gpu - hw-display-virtio-vga - ui-egl-headless - ui-opengl ui-spice-core " + +case "$CARCH" in +x86) + # ui-dbus has textrels + _configure_dbus=--disable-dbus-display + ;; +*) + _modules="$_modules audio-dbus ui-dbus" + _configure_dbus=--enable-dbus-display + ;; +esac + +case "$CARCH" in +arm*|x86) ;; +*) + makedepends="$makedepends ceph-dev" + _modules="$_modules block-rbd" + _configure_rbd="--enable-rbd" +esac + for _mod in $_modules; do subpackages="$subpackages $pkgname-$_mod:_module" done @@ -160,22 +208,19 @@ subpackages="$subpackages qemu-modules:_all_modules" subpackages="$subpackages $pkgname-img" # -img must be declared the last +# https://gitlab.com/qemu-project/qemu/-/commit/91e0127087257048d2eb98b5b1a5671f53c3a36d +_edk2hash="91e0127087257048d2eb98b5b1a5671f53c3a36d" source="https://wiki.qemu-project.org/download/qemu-$pkgver.tar.xz 0006-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch - 0001-linux-user-fix-build-with-musl-on-aarch64.patch - musl-F_SHLCK-and-F_EXLCK.patch - fix-sigevent-and-sigval_t.patch xattr_size_max.patch - ignore-signals-33-and-64-to-allow-golang-emulation.patch - 0001-linux-user-fix-build-with-musl-on-ppc64le.patch MAP_SYNC-fix.patch fix-sockios-header.patch - test-crypto-ivgen-skip-essiv.patch guest-agent-shutdown.patch + lfs64.patch mips-softfloat.patch + musl-initialise-msghdr.patch - 0001-virtio-host-input-use-safe-64-bit-time-accessors-for.patch - 0002-virtio-user-input-use-safe-64-bit-time-accessors-for.patch + CVE-2021-20255.patch $pkgname-guest-agent.confd $pkgname-guest-agent.initd @@ -184,8 +229,69 @@ source="https://wiki.qemu-project.org/download/qemu-$pkgver.tar.xz " # secfixes: +# 8.0.2-r1: +# - CVE-2023-2861 +# 8.0.0-r6: +# - CVE-2023-0330 +# 7.1.0-r4: +# - CVE-2022-2962 +# - CVE-2022-3165 +# 7.0.0-r0: +# - CVE-2021-4158 +# 6.1.0-r0: +# - CVE-2020-35503 +# - CVE-2021-3507 +# - CVE-2021-3544 +# - CVE-2021-3545 +# - CVE-2021-3546 +# - CVE-2021-3682 +# 6.0.0-r2: +# - CVE-2020-35504 +# - CVE-2020-35505 +# - CVE-2020-35506 +# - CVE-2021-3527 +# 6.0.0-r1: +# - CVE-2021-20181 +# - CVE-2021-20255 +# - CVE-2021-3392 +# - CVE-2021-3409 +# - CVE-2021-3416 +# 5.2.0-r0: +# - CVE-2020-24352 +# - CVE-2020-25723 +# - CVE-2020-25742 +# - CVE-2020-25743 +# - CVE-2020-27661 +# - CVE-2020-27821 +# - CVE-2020-29443 +# - CVE-2020-35517 +# - CVE-2021-20203 # 5.1.0-r1: +# - CVE-2020-13361 +# - CVE-2020-13362 # - CVE-2020-14364 +# - CVE-2020-15863 +# - CVE-2020-16092 +# - CVE-2020-17380 +# - CVE-2020-25084 +# - CVE-2020-25085 +# - CVE-2020-25624 +# - CVE-2020-25625 +# - CVE-2020-25741 +# - CVE-2020-28916 +# 5.0.0-r0: +# - CVE-2020-13659 +# - CVE-2020-13754 +# - CVE-2020-13791 +# - CVE-2020-13800 +# - CVE-2020-14415 +# - CVE-2020-15469 +# - CVE-2020-15859 +# - CVE-2020-27616 +# - CVE-2020-27617 +# - CVE-2021-20221 +# 4.2.0-r0: +# - CVE-2020-13765 # 2.8.1-r1: # - CVE-2016-7994 # - CVE-2016-7995 @@ -214,7 +320,7 @@ source="https://wiki.qemu-project.org/download/qemu-$pkgver.tar.xz # - CVE-2017-5931 _compile_common() { - CFLAGS="${CFLAGS/-Os/-O2}" "$builddir"/configure \ + "$builddir"/configure \ --prefix=/usr \ --localstatedir=/var \ --sysconfdir=/etc \ @@ -233,6 +339,11 @@ _compile_common() { } build() { + # it pretty much never makes sense to optimise qemu for disk size + export CFLAGS="$CFLAGS -O2" + export CXXFLAGS="$CXXFLAGS -O2" + export CPPFLAGS="$CPPFLAGS -O2" + mkdir -p "$builddir"/build \ "$builddir"/build-static @@ -241,29 +352,33 @@ build() { --enable-linux-user \ --disable-system \ --static \ + --disable-brlapi \ + --disable-bpf \ + --disable-cap-ng \ + --disable-capstone \ + --disable-curl \ + --disable-curses \ --disable-docs \ - --disable-sdl \ + --disable-gcrypt \ + --disable-gnutls \ --disable-gtk \ - --disable-spice \ - --disable-tools \ --disable-guest-agent \ --disable-guest-agent-msi \ - --disable-curses \ - --disable-curl \ - --disable-gnutls \ - --disable-gcrypt \ - --disable-nettle \ - --disable-cap-ng \ - --disable-brlapi \ - --disable-mpath \ --disable-libnfs \ - --disable-capstone + --disable-mpath \ + --disable-nettle \ + --disable-numa \ + --disable-sdl \ + --disable-spice \ + --disable-tools cd "$builddir"/build _compile_common \ --disable-linux-user \ --audio-drv-list=oss,alsa,sdl,pa \ + --enable-bpf \ --enable-cap-ng \ + --enable-capstone \ --enable-curl \ --enable-curses \ --enable-docs \ @@ -274,6 +389,7 @@ build() { --enable-linux-aio \ --enable-lzo \ --enable-modules \ + --enable-numa \ --enable-pie \ --enable-sdl \ --enable-snappy \ @@ -286,8 +402,9 @@ build() { --enable-virtfs \ --enable-vnc \ --enable-vnc-jpeg \ - --enable-vnc-png \ - --tls-priority=@QEMU,SYSTEM + --enable-zstd \ + $_configure_rbd \ + $_configure_dbus } check() { @@ -317,10 +434,17 @@ package() { # Do not install HTML docs. rm -rf "$pkgdir"/usr/share/doc + # remove accel-qtest-* modules, not needed for package + rm -f "$pkgdir"/usr/lib/qemu/accel-qtest-* + + install -Dm755 "$srcdir"/$pkgname-guest-agent.initd \ + "$pkgdir"/etc/init.d/$pkgname-guest-agent + install -Dm644 "$srcdir"/$pkgname-guest-agent.confd \ + "$pkgdir"/etc/conf.d/$pkgname-guest-agent } _subsys() { - local name=${1:-"${subpkgname#$pkgname-}"} + local name=${1:-"${subpkgname#"$pkgname"-}"} pkgdesc="Qemu ${name/-/ } emulator" options="" depends="" @@ -328,8 +452,69 @@ _subsys() { system*) depends="qemu";; esac - mkdir -p "$subpkgdir"/usr/bin - mv "$pkgdir"/usr/bin/qemu-$name "$subpkgdir"/usr/bin/ + amove /usr/bin/qemu-$name + + local _arch=${name#system-} + case "$name" in + system-aarch64) + amove /usr/share/qemu/edk2-aarch64-code.fd + ;; + system-arm) + amove /usr/share/qemu/edk2-arm-code.fd \ + /usr/share/qemu/edk2-arm-vars.fd + ;; + system-x86_64|system-i386) + provides="qemu-accel-tcg-$_arch" + amove /usr/lib/qemu/accel-tcg-$_arch.so \ + /usr/share/qemu/edk2-$_arch-code.fd \ + /usr/share/qemu/edk2-$_arch-secure-code.fd + ;; + system-s390x|system-hppa|system-ppc) + depends="$pkgname-$_arch-firmware" + ;; + esac +} + +_tools() { + pkgdesc="QEMU support tools" + depends="" + options="" + amove /usr/bin/qemu-edid \ + /usr/bin/qemu-keymap \ + /usr/bin/elf2dmp +} + +# keep s390x boot files in subpackage to prevent abuild from stripping it +_s390x_firmware() { + pkgdesc="QEMU s390x boot devices" + depends="" + amove /usr/share/qemu/s390-ccw.img \ + /usr/share/qemu/s390-netboot.img +} + +_hppa_firmware() { + pkgdesc="QEMU hppa firmware" + depends="" + amove /usr/share/qemu/hppa-firmware.img +} + +_ppc_firmware() { + pkgdesc="QEMU ppc firmware" + depends="" + amove /usr/share/qemu/openbios-ppc +} + +_vhost_user_gpu() { + pkgdesc="QEMU vhost user GPU device" + depends="" + options="" + amove /usr/lib/qemu/vhost-user-gpu \ + /usr/share/qemu/vhost-user/50-qemu-gpu.json +} + +_pr_helper() { + pkgdesc="QEMU pr helper utility" + amove /usr/bin/qemu-pr-helper } img() { @@ -341,6 +526,7 @@ img() { mv "$pkgdir"/usr/bin/qemu-img \ "$pkgdir"/usr/bin/qemu-io \ "$pkgdir"/usr/bin/qemu-nbd \ + "$pkgdir"/usr/bin/qemu-storage-daemon \ "$subpkgdir"/usr/bin/ # We exploit the fact that -img subpackage are created last @@ -363,11 +549,6 @@ guest() { mkdir -p "$subpkgdir"/usr/bin mv "$pkgdir"/usr/bin/qemu-ga "$subpkgdir"/usr/bin/ - - install -Dm755 "$srcdir"/$pkgname-guest-agent.initd \ - "$subpkgdir"/etc/init.d/$pkgname-guest-agent - install -Dm644 "$srcdir"/$pkgname-guest-agent.confd \ - "$subpkgdir"/etc/conf.d/$pkgname-guest-agent } _module() { @@ -375,9 +556,10 @@ _module() { local _class=${_mod%%-*} local _m=${_mod#*-} pkgdesc="Qemu $_m $_class module" - case "$_m" in - gtk|sdl) depends="qemu-ui-opengl";; - display-virtio-vga) depends="qemu-hw-display-virtio-gpu";; + case "$_mod" in + ui-egl-headless|ui-gtk|ui-sdl|ui-spice-core) depends="qemu-ui-opengl";; + hw-display-qxl) depends="qemu-ui-spice-core";; + hw-display-virtio-vga|hw-display-virtio-gpu-gl) depends="qemu-hw-display-virtio-gpu";; esac mkdir -p "$subpkgdir"/usr/lib/qemu @@ -394,22 +576,27 @@ _all_modules() { mkdir -p "$subpkgdir" } -sha512sums="bddd633ce111471ebc651e03080251515178808556b49a308a724909e55dac0be0cc0c79c536ac12d239678ae94c60100dc124be9b9d9538340c03a2f27177f3 qemu-5.2.0.tar.xz -98db5e23397cfad4a7210f9f7e1c5fa5c48f065785439521c5b39325c429f2dc367c40925adff6aa8677b3192a1a98a30e93d5b9c879df523deb019c40edd9d9 0006-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch -1ac043312864309e19f839a699ab2485bca51bbf3d5fdb39f1a87b87e3cbdd8cbda1a56e6b5c9ffccd65a8ac2f600da9ceb8713f4dbba26f245bc52bcd8a1c56 0001-linux-user-fix-build-with-musl-on-aarch64.patch -224f5b44da749921e8a821359478c5238d8b6e24a9c0b4c5738c34e82f3062ec4639d495b8b5883d304af4a0d567e38aa6623aac1aa3a7164a5757c036528ac0 musl-F_SHLCK-and-F_EXLCK.patch -5da8114b9bd2e62f0f1f0f73f393fdbd738c5dea827ea60cedffd6f6edd0f5a97489c7148d37a8ec5a148d4e65d75cbefe9353714ee6b6f51a600200133fc914 fix-sigevent-and-sigval_t.patch -4b1e26ba4d53f9f762cbd5cea8ef6f8062d827ae3ae07bc36c5b0c0be4e94fc1856ad2477e8e791b074b8a25d51ed6d0ddd75e605e54600e5dd0799143793ce4 xattr_size_max.patch -fd178f2913639a0c33199b3880cb17536961f2b3ff171c12b27f4be6bca032d6b88fd16302d09c692bb34883346babef5c44407a6804b20a39a465bb2bc85136 ignore-signals-33-and-64-to-allow-golang-emulation.patch -d8933df9484158c2b4888254e62117d78f8ed7c18527b249419f39c2b2ab1afa148010884b40661f8965f1ef3105580fceffdfddbb2c9221dc1c62066722ba65 0001-linux-user-fix-build-with-musl-on-ppc64le.patch -d7de79ea74e36702cac4a59e472564a55f0a663be7e63c3755e32b4b5dfbc04b390ee79f09f43f6ae706ee2aec9e005eade3c0fd4a202db60d11f436874a17d7 MAP_SYNC-fix.patch -39590476a4ebd7c1e79a4f0451b24c75b1817a2a83abaa1f71bb60b225d772152f0af8f3e51ff65645e378c536ffa6ff551dade52884d03a14b7c6a19c5c97d4 fix-sockios-header.patch -8b8db136f78bd26b5da171effa9e11016ec2bc3e2fc8107228b5543b47aa370978ed883794aa4f917f334e284a5b49e82070e1da2d31d49301195b6713a48eff test-crypto-ivgen-skip-essiv.patch -b8e58bcc409f25cc6ff59967ed68f4de0a8656ec4db71ab663cc77761f8210b3f85c475fceb32dec934dc02a5c4f679a8313edbcf84e149692a81764c8904f67 guest-agent-shutdown.patch -d9e299e1658b1a1e9304b3fcf0da8ab665fa334629e5e462354f20079cf6fae330297cbc28e1d546f8e6837abc6f515c836167c32c5a061a30ae88c4b195d1b0 mips-softfloat.patch -9541a94685cfe411120c4073e6714fd3e307d8a4954e7a760532224b3b018fc8948ee03f2338edbb6626b20b751263249c731ac1de83333048d80982371e1874 0001-virtio-host-input-use-safe-64-bit-time-accessors-for.patch -be84d316ebe4ec883e4d02a05721be5b5d478aaa5897bb8cf25431a893397b6834e46253f139b7b94d0f4186c0c90bba78968deb47a82fc06865097f8f4d7a1a 0002-virtio-user-input-use-safe-64-bit-time-accessors-for.patch +bridgehelper() { + pkgdesc="QEMU SUID helper for bridged networking" + install_if="$pkgname=$pkgver-r$pkgrel" + + amove usr/lib/qemu/qemu-bridge-helper \ + etc/qemu/bridge.conf +} + +sha512sums=" +dfd2e1305f9e51bfbc90a7738c69336d5f805481a626ea527b971bdfb6dbe6867e5df7461d48d1c22b79be2dc18e057ea9fa36ef593127cd8b262a5c33f1aa41 qemu-8.2.2.tar.xz +b392f229e631d149d28eb952dcd507d9e5b6975cbba123fd3dab10860fa1936d5035d8e266926652acc1d7cde6874c440beccd33d729bf346769d2c138ebbc01 0006-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch +2c6b3b22877674f870958bb0c74ad85c814f01c98fb123142b1ce77d89adf5c08626e6eade7f627090a53b48f5cebe2a535547804345648cff91dd66f90c2d5b xattr_size_max.patch +7672a3518050f275219920f2cb088f6991ac810dba077856129d779fdf45a3e8c0302c8ca4aa58c0c38e44af80f56404006b3f250e4921fb364cd6fe7149e6ea MAP_SYNC-fix.patch +54d26c3c44730fbd2a155431558fba6a1a3f25d8c057a8e5b8b0d802cb2b6c8a12545a16069fff1b9888a15d6cb087e9750d5e2c310dfc1a3fc756509d3d963e fix-sockios-header.patch +8eed250bea980a35f4f50365e904f56aa4751aeeb2ba9a6bbc6ad27ab9842cf3c773e48be058d9456278d1cc4006e5e80e368cbcb429ccb28a25df92b11477d7 guest-agent-shutdown.patch +d5b4626193fa9b7c687a649aa5ea37d8a74fd2e556a66a71e31af618a0990e144beae253b82b89efd8a798102bcab59cf1a61a76029afcdb0bc5ed58fb40493f lfs64.patch +8a8385dbf4a232adbd51be31d64b1e3ad2333eeb0de867555f995bf1b353ec530f85a25c8b33ce6b9572edfe4bb979a0645f14b839394d8bd47c9ffcd91509a2 mips-softfloat.patch +7a6340df8aa28811af20cd23b98ba95fc8072d4d4d3a2d497604386396892cf26716d0755821e47d02c8eded203133d7dde100537c117e2a047179e4f93883cf musl-initialise-msghdr.patch +25778c29c1f2bf40572125a7b39a01227e3165ed555add44de72a714e4b9d5a91b1504f69d0df55b4e178035813d4c3eca5be048d9afa5e3647d13df3e2f5a30 CVE-2021-20255.patch d90c034cae3f9097466854ed1a9f32ab4b02089fcdf7320e8f4da13b2b1ff65067233f48809911485e4431d7ec1a22448b934121bc9522a2dc489009e87e2b1f qemu-guest-agent.confd 1cd24c2444c5935a763c501af2b0da31635aad9cf62e55416d6477fcec153cddbe7de205d99616def11b085e0dd366ba22463d2270f831d884edbc307c7864a6 qemu-guest-agent.initd 9b7a89b20fcf737832cb7b4d5dc7d8301dd88169cbe5339eda69fbb51c2e537d8cb9ec7cf37600899e734209e63410d50d0821bce97e401421db39c294d97be2 80-kvm.rules -749efa2e764006555b4fd3a8e2f6d1118ad2ea4d45acf99104a41a93cfe66dc9685f72027c17d8211e5716246c2a52322c962cf4b73b27541b69393cd57f53bb bridge.conf" +749efa2e764006555b4fd3a8e2f6d1118ad2ea4d45acf99104a41a93cfe66dc9685f72027c17d8211e5716246c2a52322c962cf4b73b27541b69393cd57f53bb bridge.conf +" |