# Contributor: Sergei Lukin # Contributor: Valery Kartel # Contributor: Jakub Jirutka # Maintainer: Natanael Copa pkgname=qemu pkgver=6.0.0 pkgrel=4 pkgdesc="QEMU is a generic machine emulator and virtualizer" url="https://qemu.org/" arch="all" license="GPL-2.0 LGPL-2" makedepends=" meson bash alsa-lib-dev bison curl-dev flex glib-dev glib-static gnutls-dev gtk+3.0-dev libaio-dev libcap-dev libcap-ng-dev libjpeg-turbo-dev libnfs-dev libpng-dev libseccomp-dev libssh-dev libusb-dev libxml2-dev linux-headers lzo-dev ncurses-dev perl pulseaudio-dev python3 py3-sphinx sdl2-dev snappy-dev spice-dev texinfo usbredir-dev util-linux-dev vde2-dev virglrenderer-dev vte3-dev xfsprogs-dev zlib-dev zlib-static zstd-dev zstd-static " pkggroups="qemu" install="$pkgname.pre-install $pkgname.post-install $pkgname.pre-upgrade" # suid needed for qemu-bridge-helper # strip fails on .img files # some tests does not run on our builders options="suid !strip !check" [ "$CARCH" = "riscv64" ] && options="$options textrels" subpackages="$pkgname-doc $pkgname-lang $pkgname-guest-agent:guest " _subsystems=" aarch64 aarch64_be alpha arm armeb cris hppa i386 m68k microblaze microblazeel mips mips64 mips64el mipsel mipsn32 mipsn32el nios2 or1k ppc ppc64 ppc64le riscv32 riscv64 s390x sh4 sh4eb sparc sparc32plus sparc64 system-aarch64 system-alpha system-arm system-avr system-cris system-hppa system-i386 system-m68k system-microblaze system-microblazeel system-mips system-mips64 system-mips64el system-mipsel system-moxie system-nios2 system-or1k system-ppc system-ppc64 system-riscv32 system-riscv64 system-rx system-s390x system-sh4 system-sh4eb system-sparc system-sparc64 system-tricore system-x86_64 system-xtensa system-xtensaeb x86_64 xtensa xtensaeb " for _sub in $_subsystems; do subpackages="$subpackages $pkgname-$_sub:_subsys" done _modules=" audio-alsa audio-oss audio-pa audio-sdl block-curl block-dmg-bz2 block-nfs block-ssh hw-display-qxl hw-usb-redirect ui-curses ui-gtk ui-sdl ui-spice-app audio-spice chardev-spice hw-display-virtio-gpu-pci hw-display-virtio-gpu hw-display-virtio-vga hw-s390x-virtio-gpu-ccw ui-egl-headless ui-opengl ui-spice-core " for _mod in $_modules; do subpackages="$subpackages $pkgname-$_mod:_module" done subpackages="$subpackages qemu-modules:_all_modules" subpackages="$subpackages $pkgname-img" # -img must be declared the last source="https://wiki.qemu-project.org/download/qemu-$pkgver.tar.xz 0006-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch 0001-linux-user-fix-build-with-musl-on-aarch64.patch fix-sigevent-and-sigval_t.patch xattr_size_max.patch 0001-linux-user-fix-build-with-musl-on-ppc64le.patch MAP_SYNC-fix.patch fix-sockios-header.patch guest-agent-shutdown.patch mips-softfloat.patch 0001-virtio-host-input-use-safe-64-bit-time-accessors-for.patch 0002-virtio-user-input-use-safe-64-bit-time-accessors-for.patch CVE-2021-20255.patch CVE-2021-3527.patch $pkgname-guest-agent.confd $pkgname-guest-agent.initd 80-kvm.rules bridge.conf " # secfixes: # 6.0.0-r2: # - CVE-2021-3527 # 6.0.0-r1: # - CVE-2021-20255 # 5.1.0-r1: # - CVE-2020-14364 # 2.8.1-r1: # - CVE-2016-7994 # - CVE-2016-7995 # - CVE-2016-8576 # - CVE-2016-8577 # - CVE-2016-8578 # - CVE-2016-8668 # - CVE-2016-8909 # - CVE-2016-8910 # - CVE-2016-9101 # - CVE-2016-9102 # - CVE-2016-9103 # - CVE-2016-9104 # - CVE-2016-9105 # - CVE-2016-9106 # - CVE-2017-2615 # - CVE-2017-2620 # - CVE-2017-5525 # - CVE-2017-5552 # - CVE-2017-5578 # - CVE-2017-5579 # - CVE-2017-5667 # - CVE-2017-5856 # - CVE-2017-5857 # - CVE-2017-5898 # - CVE-2017-5931 _compile_common() { CFLAGS="${CFLAGS/-Os/-O2}" "$builddir"/configure \ --prefix=/usr \ --localstatedir=/var \ --sysconfdir=/etc \ --libexecdir=/usr/lib/qemu \ --python=/usr/bin/python3 \ --disable-glusterfs \ --disable-debug-info \ --disable-bsd-user \ --disable-werror \ --disable-xen \ --enable-kvm \ --enable-seccomp \ --cc="${CC:-gcc}" \ "$@" make ARFLAGS="rc" } build() { mkdir -p "$builddir"/build \ "$builddir"/build-static cd "$builddir"/build-static _compile_common \ --enable-linux-user \ --disable-system \ --static \ --disable-docs \ --disable-sdl \ --disable-gtk \ --disable-spice \ --disable-tools \ --disable-guest-agent \ --disable-guest-agent-msi \ --disable-curses \ --disable-curl \ --disable-gnutls \ --disable-gcrypt \ --disable-nettle \ --disable-cap-ng \ --disable-brlapi \ --disable-mpath \ --disable-libnfs \ --disable-capstone cd "$builddir"/build _compile_common \ --disable-linux-user \ --audio-drv-list=oss,alsa,sdl,pa \ --enable-cap-ng \ --enable-curl \ --enable-curses \ --enable-docs \ --enable-gtk \ --enable-guest-agent \ --enable-libnfs \ --enable-libssh \ --enable-linux-aio \ --enable-lzo \ --enable-modules \ --enable-pie \ --enable-sdl \ --enable-snappy \ --enable-spice \ --enable-tpm \ --enable-usb-redir \ --enable-vde \ --enable-vhost-net \ --enable-virglrenderer \ --enable-virtfs \ --enable-vnc \ --enable-vnc-jpeg \ --enable-vnc-png \ --enable-zstd \ --tls-priority=@QEMU,SYSTEM } check() { cd "$builddir"/build # XXX: ESSIV crypto tests are disabled, see test-crypto-ivgen-skip-essiv.patch. make check V=1 } package() { cd "$builddir"/build-static make DESTDIR="$pkgdir" install cd "$builddir"/build make DESTDIR="$pkgdir" install install -Dm640 -g qemu "$srcdir"/bridge.conf \ "$pkgdir"/etc/qemu/bridge.conf install -Dm644 "$srcdir"/80-kvm.rules \ "$pkgdir"/lib/udev/rules.d/80-kvm.rules # qemu-bridge-helper needs suid to create tunX devices; # allow only users in the qemu group to run it. chmod 04710 "$pkgdir"/usr/lib/qemu/qemu-bridge-helper chgrp qemu "$pkgdir"/usr/lib/qemu/qemu-bridge-helper # Do not install HTML docs. rm -rf "$pkgdir"/usr/share/doc } _subsys() { local name=${1:-"${subpkgname#$pkgname-}"} pkgdesc="Qemu ${name/-/ } emulator" options="" depends="" case "$name" in system*) depends="qemu";; esac mkdir -p "$subpkgdir"/usr/bin mv "$pkgdir"/usr/bin/qemu-$name "$subpkgdir"/usr/bin/ } img() { pkgdesc="QEMU command line tool for manipulating disk images" depends="" options="" mkdir -p "$subpkgdir"/usr/bin mv "$pkgdir"/usr/bin/qemu-img \ "$pkgdir"/usr/bin/qemu-io \ "$pkgdir"/usr/bin/qemu-nbd \ "$subpkgdir"/usr/bin/ # We exploit the fact that -img subpackage are created last # and check that we done have new systems that belongs in # subpackage. local path= retval=0 for path in "$pkgdir"/usr/bin/qemu-system-* "$pkgdir"/usr/lib/qemu/*.so; do if [ -r "$path" ]; then error "Please create a subpackage for ${path##*/}" retval=1 fi done return $retval } guest() { pkgdesc="QEMU guest agent" depends="" options="" mkdir -p "$subpkgdir"/usr/bin mv "$pkgdir"/usr/bin/qemu-ga "$subpkgdir"/usr/bin/ install -Dm755 "$srcdir"/$pkgname-guest-agent.initd \ "$subpkgdir"/etc/init.d/$pkgname-guest-agent install -Dm644 "$srcdir"/$pkgname-guest-agent.confd \ "$subpkgdir"/etc/conf.d/$pkgname-guest-agent } _module() { local _mod=${subpkgname#qemu-} local _class=${_mod%%-*} local _m=${_mod#*-} pkgdesc="Qemu $_m $_class module" case "$_mod" in ui-egl-headless|ui-gtk|ui-sdl|ui-spice-core) depends="qemu-ui-opengl";; hw-display-qxl) depends="qemu-ui-spice-core";; hw-display-virtio-vga) depends="qemu-hw-display-virtio-gpu";; esac mkdir -p "$subpkgdir"/usr/lib/qemu mv "$pkgdir"/usr/lib/qemu/$_mod.so \ "$subpkgdir"/usr/lib/qemu/ } _all_modules() { pkgdesc="Meta package for all qemu modules" local _i for _i in $_modules; do depends="$depends qemu-$_i" done mkdir -p "$subpkgdir" } sha512sums=" ee3ff00aebec4d8891d2ff6dabe4e667e510b2a4fe3f6190aa34673a91ea32dcd2db2e9bf94c2f1bf05aa79788f17cfbbedc6027c0988ea08a92587b79ee05e4 qemu-6.0.0.tar.xz 98db5e23397cfad4a7210f9f7e1c5fa5c48f065785439521c5b39325c429f2dc367c40925adff6aa8677b3192a1a98a30e93d5b9c879df523deb019c40edd9d9 0006-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch 1ac043312864309e19f839a699ab2485bca51bbf3d5fdb39f1a87b87e3cbdd8cbda1a56e6b5c9ffccd65a8ac2f600da9ceb8713f4dbba26f245bc52bcd8a1c56 0001-linux-user-fix-build-with-musl-on-aarch64.patch 5da8114b9bd2e62f0f1f0f73f393fdbd738c5dea827ea60cedffd6f6edd0f5a97489c7148d37a8ec5a148d4e65d75cbefe9353714ee6b6f51a600200133fc914 fix-sigevent-and-sigval_t.patch 4b1e26ba4d53f9f762cbd5cea8ef6f8062d827ae3ae07bc36c5b0c0be4e94fc1856ad2477e8e791b074b8a25d51ed6d0ddd75e605e54600e5dd0799143793ce4 xattr_size_max.patch d8933df9484158c2b4888254e62117d78f8ed7c18527b249419f39c2b2ab1afa148010884b40661f8965f1ef3105580fceffdfddbb2c9221dc1c62066722ba65 0001-linux-user-fix-build-with-musl-on-ppc64le.patch d7de79ea74e36702cac4a59e472564a55f0a663be7e63c3755e32b4b5dfbc04b390ee79f09f43f6ae706ee2aec9e005eade3c0fd4a202db60d11f436874a17d7 MAP_SYNC-fix.patch 39590476a4ebd7c1e79a4f0451b24c75b1817a2a83abaa1f71bb60b225d772152f0af8f3e51ff65645e378c536ffa6ff551dade52884d03a14b7c6a19c5c97d4 fix-sockios-header.patch d6b81846cefd46b8fd1fb04450d4898f97dc77d11e049fb1bc8e2553bbb88c8325151d0e4bec70cc6820a5863c1d1749b99100b4747d91182856c3ca1946cb28 guest-agent-shutdown.patch e3acdab38c17eccb87bce1dfec22ce9474dae281474b886860848ae206006b071378882b855023916bb00a86cfbe55216c3fa4336b4e402399df2a9937b8c21c mips-softfloat.patch 9541a94685cfe411120c4073e6714fd3e307d8a4954e7a760532224b3b018fc8948ee03f2338edbb6626b20b751263249c731ac1de83333048d80982371e1874 0001-virtio-host-input-use-safe-64-bit-time-accessors-for.patch be84d316ebe4ec883e4d02a05721be5b5d478aaa5897bb8cf25431a893397b6834e46253f139b7b94d0f4186c0c90bba78968deb47a82fc06865097f8f4d7a1a 0002-virtio-user-input-use-safe-64-bit-time-accessors-for.patch e9389a6e3b2c3b59f66ea13eb7a3515e87341a68ca14afeb1ddd0084717bf4a13f5f58dc41dadbf0f2faf8fe1ae94ba7d1469c41539c79e45fa1624c6081e904 CVE-2021-20255.patch c9dbc74fbf298413ca4fdd943a0a6cc8869cb4d6842423f820474374835195bf71db8a46ad6aa5c9517d89b890b290dcb0b21fc9c1e80c6ea56bf29aa7c9c8e5 CVE-2021-3527.patch d90c034cae3f9097466854ed1a9f32ab4b02089fcdf7320e8f4da13b2b1ff65067233f48809911485e4431d7ec1a22448b934121bc9522a2dc489009e87e2b1f qemu-guest-agent.confd 1cd24c2444c5935a763c501af2b0da31635aad9cf62e55416d6477fcec153cddbe7de205d99616def11b085e0dd366ba22463d2270f831d884edbc307c7864a6 qemu-guest-agent.initd 9b7a89b20fcf737832cb7b4d5dc7d8301dd88169cbe5339eda69fbb51c2e537d8cb9ec7cf37600899e734209e63410d50d0821bce97e401421db39c294d97be2 80-kvm.rules 749efa2e764006555b4fd3a8e2f6d1118ad2ea4d45acf99104a41a93cfe66dc9685f72027c17d8211e5716246c2a52322c962cf4b73b27541b69393cd57f53bb bridge.conf "