glibc 2.27 has added memfd_create() but this conflicts with a copy in qemu, so
take a patch from upstream to fix building with glibc 2.27.
(From OE-Core rev: 8e6672055e804a0828e2f51fae9cbac81e4e834d)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This fixes compile failures of qemu-native with new versions of glibc. Patch
is taken from upstream.
(From OE-Core rev: 9c54510632d22c12850962572ce7276170ce5488)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
virtio-gpu: information leakage in virgl_cmd_get_capset
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9908
(From OE-Core rev: f5f4a08baeb4864984fcb9a837a3a8c51274df2b)
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This enables the use of swtpm (from meta-security) as a virtual TPM in
qemu. These patches extend the existing support in qemu for TPM
passthrough so that a swtpm daemon can be accessed via CUSE (character
device in user space).
To use this:
- add the meta-security layer including the swtpm enhancements for qemu
- bitbake swtpm-native
- create a TPM instance and initialize it with:
$ mkdir -p my-machine/myvtpm0
$ tmp-glibc/sysroots/x86_64-linux/usr/bin/swtpm_setup_oe.sh --tpm-state my-machine/myvtpm0 --createek
Starting vTPM manufacturing as root:root @ Fri 20 Jan 2017 08:56:18 AM CET
TPM is listening on TCP port 52167.
Successfully created EK.
Successfully authored TPM state.
Ending vTPM manufacturing @ Fri 20 Jan 2017 08:56:19 AM CET
- run swtpm *before each runqemu invocation* (it shuts down after use) and
do it as root (required to set up the /dev/vtpm0 CUSE device):
$ sudo sh -c 'PATH=`pwd`/tmp-glibc/sysroots/x86_64-linux/usr/bin/:`pwd`/tmp-glibc/sysroots/x86_64-linux/usr/sbin/:$PATH; export TPM_PATH=`pwd`/my-machine/myvtpm0; swtpm_cuse -n vtpm0' && sudo chmod a+rw /dev/vtpm0
- run qemu:
$ runqemu 'qemuparams=-tpmdev cuse-tpm,id=tpm0,path=/dev/vtpm0 -device tpm-tis,tpmdev=tpm0' ...
The guest kernel has to have TPM support enabled, which can be done with:
KERNEL_FEATURES_append = " features/tpm/tpm.scc"
(From OE-Core rev: 1264d26fa251ac11a9069f3e602dec6be9d8b9ba)
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The Makefile in directory tests has been renamed, then update script
run-ptest to follow the change.
(From OE-Core rev: 364565f3f3baccc9757ce0dcb393464b38055b4f)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport patch to fix CVE-2016-7909 of qemu.
Ref:
https://security-tracker.debian.org/tracker/CVE-2016-7909
(From OE-Core rev: 126783ca25a5ae9daf87ac563239fbff4696a682)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport patches to fix CVE-2016-7423 and CVE-2016-7908 of qemu.
(From OE-Core rev: 1f4c303fd64a4bc05882de01676f241f0df6da78)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It is reported in qemu community that VM always exits with:
| 2016-10-17T07:33:40.393592Z qemu-kvm: Virtqueue size exceede
when VM is suspend and resume. Solution from the maintainer of virtio
is to merge following 3 commits:
http://git.qemu.org/?p=qemu.git;a=commit;h=bccdef6http://git.qemu.org/?p=qemu.git;a=commit;h=58a83c6http://git.qemu.org/?p=qemu.git;a=commit;h=4b7f91e
The first 2 commits have been merged in qemu 2.7.0. Then apply the
third one.
(From OE-Core rev: db5b9254fbbc30e50b50c7c8cd1f04dcc965cd52)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This upgrade can fix a qemuppc + openssh bug, the ssh connection maybe
refused or closed randomly, and it's not easy to reproduce. RP pointed
that this upgrade can fix the problem, and it does work in my local
testing.
* Update add-ptest-in-makefile.patch
* Drop backported patch 0001-configure-support-vte-2.91.patch
Here is the Changlog:
http://wiki.qemu.org/ChangeLog/2.7
(From OE-Core rev: 056ce17e168bf856ff95a6f659098403169cb889)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This patch has been accepted upstream:
http://lists.nongnu.org/archive/html/qemu-devel/2016-07/msg05778.html
(From OE-Core rev: b89bd412a69bfda262ed795e970b362ddbec6c68)
Signed-off-by: André Draszik <git@andred.net>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Enforce the correct tag names across all of oe-core for consistency.
(From OE-Core rev: 606a43dc38a00cc243f933722db657aea4129f8e)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The main thing is build failures with gold linker, but qemu is also a
little too aggressive at finding random tools on the build host, so we
also set the build env for qemu-native and make sure it doesn't reset
its own (hard-coded) cflags when we don't want it to.
(From OE-Core rev: 862c9cbbef1f17b57c0ea369d88194b60623ffdd)
Signed-off-by: Stephen Arnold <sarnold@vctlabs.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
By default qemu builds a complete list of directories within the user
emulation sysroot (-L option). The OE sysroot directory is large and
this is confusing, for example it indexes all pkgdata. In particular this
confuses strace of qemu binaries with tons of irrelevant paths.
This patch stops the code indexing up front and instead only indexes
things if/as/when it needs to. This drastically reduces the files it
reads and reduces memory usage and cleans up strace.
It would also avoid the infinite directory traversal bug in [YOCTO #6996]
although the code could still be vulnerable if it parsed those specific
paths.
(From OE-Core rev: 9ac5017b3328a18561c2912edfda2d7d97c675f2)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Allocation tracing has been removed from GLib 2.46 and trying to use
it results in an ugly warning: Backport patch to not use it in Qemu.
(From OE-Core rev: 5e6105a90acb86bf7e2c0d5e7fe51e6112080916)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Qemu has an automatic dependency on valgrind which cannot be disabled, which
causes non-deterministic builds and build failures. As Valgrind wasn't enabled
previously make this deterministic by forcibly disabling it.
(From OE-Core rev: 33960902b9c36575ddda3d926d70fa13bbad85f6)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Remove redundant lines in smc91c111_fix.patch which caused command patch
of lower version fails to work.
(From OE-Core rev: 18f9e0393b27a57030a4dbee924e7946b902927b)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The smc91c111.c driver appears to have several issues. The can_receive()
function can return that the driver is ready when rx_fifo has not been
freed yet. There is also no sanity check of rx_fifo() in _receive() which
can lead to corruption of the rx_fifo array.
release_packet() can also call qemu_flush_queued_packets() before rx_fifo
has been cleaned up, resulting in cases where packets are submitted
for which there is not yet any space.
This patch therefore:
* fixes the logic in can_receive()
* adds logic to receive() as a sanity check
* moves the flush() calls to the correct places where data is ready
to be received
Its currently undergoing discussion upstream about exactly which pieces
are the correct fix but for now, this stops the segfaults OE is seeing
which has to be an improvement.
[YOCTO #8234]
(From OE-Core rev: 414a5256d6f00d5682ce226ee4bc49674ee6c614)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When QEMU starts the RCU thread executes qemu_mutex_lock_thread
causing error "qemu:qemu_cpu_kick_thread: No such process" and exits.
For detail explanation see upstream patch.
[YOCTO #8143]
(From OE-Core rev: e4bbd98bf9648bbf3ffa7c4338f2302a92a413ef)
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
All CVE patches removed, included in release.
(From OE-Core rev: 3b57ca0ad44e66a1ecd39c410f63d99705c56b1e)
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We are expecting some random failures in QEMU runs one of this is
related to qemu_cpu_kick_thread that ends on exit(1) on qemu.
To improve debug information add patch that prints the backtrace and
the status of qemu cpu.
[YOCTO #8143]
(From OE-Core rev: c9dd8fae8fd799f0f64328606904e047ed8ee9c3)
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add sub-package ptest which runs all unit tests cases for qemu.
(From OE-Core rev: a79435797ee60f5858c952646f864c04113e5803)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Remove it since we have 2.4.0, the git version is 1.3 can't be built by
deafult:
ERROR: Fetcher failure: Unable to find revision 04024dea2674861fcf13582a77b58130c67fccd8 in branch master even from upstream
We can fix it, but seems that no one uses it any more.
And move patches from "files" dir to "qemu" dir.
(From OE-Core rev: d3c3d62cfb2eeb224fa021af9cd550edf826445e)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- Get rid of direct use of gnutls APIs in quorum
blockdrv in favour of using the crypto APIs.
- Convert VNC websockets to use crypto APIs.
- quorum and vnc-ws packageconfig options no
longer exist, removed.
- All previous CVE are now included.
- larger_default_ram_size.patch patch removed,
no longer necessary.
(From OE-Core rev: ff384c084678dab33bbd7eb82ece21a2baa13dfb)
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport patch to fix CVE-2015-3209.
http://git.qemu.org/?p=qemu.git;a=commit;h=9f7c594
(From OE-Core rev: ea85f36ad438353f5a8e64292dd27f457f1f665c)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport patches to fix CVE-2015-4103, CVE-2015-4104, CVE-2015-4105 and
CVE-2015-4106. These patches are from debian, but they are originally
from:
http://git.qemu.org/?p=qemu.git;a=shortlog;h=c25bbf1
(From OE-Core rev: 496b3ffba6755bb76709c88cf81399c9d23f830a)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Without this patch, x86_64 images would show invalid EDSCA key errors
with sshd from openssh (but not dropbear) during init.
This would cause problems with operation with some distros where EDSCA
keys were mandatory. The issue was present in qemu 2.2.1 and not in
2.3.0-rc0, bisected to this commit which was then backported. This fixes
intermittent failures on the autobuilder. Issue is not present when
using KVM (consistent with a fault in TCG).
(From OE-Core rev: 27fe06cb7d30c79833769b3ebb080a7a8115439d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The wacom driver we use is missing a HID descriptor causing it not to work
with 3.17 kernels and later. This patch adds in a descriptor to make the
driver work again.
(From OE-Core rev: 51200e0151f0a3b0ed06649ffe77ef20bb296499)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Darwin target will not be detected correctly
if qemu is cross-compiled under a Linux host.
(From OE-Core rev: 47d1fc9f5c38f3d092937c47bd4c2f45adaa7fe6)
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
QEMU 2.1 comes with fixes and improvements.
See http://wiki.qemu.org/ChangeLog/2.1 for details.
- Added config for quorum support, depending on gnutls.
- pcie_better_hotplug_support.patch removed,
integrated upstream.
- Qemu-Arm-versatilepb-Add-memory-size-checking.patch updated
to 2.1 source code.
- no-strip.patch removed, no longer necessary due to code changes.
(From OE-Core rev: 3ae32d0d6c7cf8294300f32d346da36748e05f3d)
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
linux-user-Handle-SOCK_CLOEXEC-NONBLOCK-if-unavailab.patch
file no longer needed, included in upstream.
qemu-native tested on all architectures,
host machine is Ubuntu Linux 13.10 x86-64.
Basic X11 and networking tests performed.
(From OE-Core rev: 0f81a4b17ab9ea1b3cc69629aec3f3d2176f8153)
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>