diff --git a/utils/qemu/Makefile b/utils/qemu/Makefile index 0dc4d5c5..ccaa6ef0 100644 --- a/utils/qemu/Makefile +++ b/utils/qemu/Makefile @@ -1,6 +1,6 @@ # # Copyright (C) 2016 OpenWrt.org -# Copyright (C) 2016-2018 Yousong Zhou +# Copyright (C) 2016-2019 Yousong Zhou # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -9,20 +9,22 @@ include $(TOPDIR)/rules.mk PKG_NAME:=qemu -PKG_VERSION:=3.1.0 +PKG_VERSION:=4.1.0 PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz -PKG_HASH:=6a0508df079a0a33c2487ca936a56c12122f105b8a96a44374704bef6c69abfc +PKG_HASH:=656e60218689bdeec69903087fd7582d5d3e72238d02f4481d8dc6d79fd909c6 PKG_SOURCE_URL:=http://download.qemu.org/ PKG_LICENSE:=GPL-2.0 PKG_LICENSE_FILES:=LICENSE tcg/LICENSE PKG_MAINTAINER:=Yousong Zhou +PKG_CPE_ID:=cpe:/a:qemu:qemu PKG_BUILD_PARALLEL:=1 PKG_INSTALL:=1 PKG_USE_MIPS16:=0 include $(INCLUDE_DIR)/uclibc++.mk +include $(INCLUDE_DIR)/nls.mk include $(INCLUDE_DIR)/package.mk @@ -52,10 +54,6 @@ define Package/qemu-ga DEPENDS:= +glib2 +virtio-console-helper $(CXX_DEPENDS) $(QEMU_DEPS_IN_GUEST) endef -define Package/qemu-ga/description - This package contains the QEMU Guest Agent daemon -endef - define Package/qemu-ga/install $(INSTALL_DIR) $(1)/usr/bin $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/qemu-ga $(1)/usr/bin @@ -65,20 +63,8 @@ define Package/qemu-ga/install $(INSTALL_BIN) ./files/10-qemu-ga.hotplug $(1)/etc/hotplug.d/virtio-ports/10-qemu-ga endef +PKG_CONFIG_DEPENDS += CONFIG_PACKAGE_qemu-ga -define Package/qemu-blobs - SECTION:=utils - CATEGORY:=Utilities - SUBMENU:=Virtualization - TITLE:=QEMU blobs of BIOS, VGA BIOS and keymaps - URL:=http://www.qemu.org - DEPENDS:=$(QEMU_DEPS_IN_HOST) -endef - -define Package/qemu-blobs/install - $(INSTALL_DIR) $(1)/usr/share/qemu - $(CP) $(PKG_INSTALL_DIR)/usr/share/qemu/* $(1)/usr/share/qemu -endef define Package/qemu-bridge-helper SECTION:=utils @@ -96,13 +82,14 @@ define Package/qemu-bridge-helper/install $(INSTALL_DATA) ./files/bridge.conf $(1)/etc/qemu endef + define Package/qemu-img SECTION:=utils CATEGORY:=Utilities SUBMENU:=Virtualization TITLE:=QEMU Image utility URL:=http://www.qemu.org - DEPENDS:=+glib2 $(CXX_DEPENDS) $(QEMU_DEPS_IN_HOST) + DEPENDS:=+glib2 $(QEMU_DEPS_IN_HOST) endef define Package/qemu-img/install @@ -110,13 +97,14 @@ define Package/qemu-img/install $(INSTALL_BIN) $(PKG_BUILD_DIR)/qemu-img $(1)/usr/bin/qemu-img endef + define Package/qemu-nbd SECTION:=utils CATEGORY:=Utilities SUBMENU:=Virtualization TITLE:=QEMU Network Block Device Utility URL:=http://www.qemu.org - DEPENDS:=+glib2 $(CXX_DEPENDS) $(QEMU_DEPS_IN_HOST) +kmod-nbd + DEPENDS:=+glib2 $(QEMU_DEPS_IN_HOST) +kmod-nbd endef define Package/qemu-nbd/install @@ -124,7 +112,41 @@ define Package/qemu-nbd/install $(INSTALL_BIN) $(PKG_BUILD_DIR)/qemu-nbd $(1)/usr/sbin/qemu-nbd endef -PKG_CONFIG_DEPENDS += CONFIG_PACKAGE_qemu-ga + +define qemu-firmware + QEMU_PACKAGES += qemu-firmware-$(1) + + define Package/qemu-firmware-$(1) + SECTION:=utils + CATEGORY:=Utilities + SUBMENU:=Virtualization + TITLE:=$(qemu-firmware-$(1)-title) + URL:=http://www.qemu.org + DEPENDS:=$(QEMU_DEPS_IN_HOST) + endef + + define Package/qemu-firmware-$(1)/install + $$(INSTALL_DIR) $$(1)/usr/share/qemu + $$(CP) $(foreach f,$(qemu-firmware-$(1)-files),$$(PKG_INSTALL_DIR)/usr/share/qemu/$(f)) $$(1)/usr/share/qemu + endef +endef + +qemu-firmware-seabios-title:=QEMU build of SeaBIOS for x86 guest +qemu-firmware-seabios-files:=bios.bin bios-256k.bin +$(eval $(call qemu-firmware,seabios)) + +qemu-firmware-seavgabios-title:=QEMU build of SeaVGABIOS +qemu-firmware-seavgabios-files:=vgabios-*.bin +$(eval $(call qemu-firmware,seavgabios)) + +qemu-firmware-pxe-title:=QEMU build of iPXE PXE roms +qemu-firmware-pxe-files:=pxe-*.rom +$(eval $(call qemu-firmware,pxe)) + +qemu-firmware-efi-title:=QEMU build of iPXE EFI roms +qemu-firmware-efi-files:=efi-*.rom +$(eval $(call qemu-firmware,efi)) + # Naming rules used in qemu Makefile.target define qemu-prog_ @@ -144,6 +166,7 @@ qemu-prog = $(strip $(call qemu-prog_,$(1))) # define qemu-target PKG_CONFIG_DEPENDS += CONFIG_PACKAGE_qemu-$(1) + QEMU_PACKAGES += qemu-$(1) define Package/qemu-$(1) SECTION:=utils @@ -151,8 +174,8 @@ define qemu-target SUBMENU:=Virtualization TITLE:=QEMU target $(1) URL:=http://www.qemu.org - DEPENDS:= +glib2 +libpthread +zlib $(CXX_DEPENDS) $(QEMU_DEPS_IN_HOST) \ - $(if $(filter %-softmmu,$(1)),+libncurses +libfdt +pixman +qemu-blobs) + DEPENDS:= +glib2 +libpthread +zlib $(CXX_DEPENDS) $(QEMU_DEPS_IN_HOST) $(qemu-target-$(1)-deps) \ + $(if $(filter %-softmmu,$(1)),+libncurses +libfdt +pixman +qemu-firmware-efi $(ICONV_DEPENDS)) endef define Package/qemu-$(1)/description @@ -162,18 +185,34 @@ define qemu-target define Package/qemu-$(1)/install $(INSTALL_DIR) $$(1)/usr/bin $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/$(call qemu-prog,$(1)) $$(1)/usr/bin + $(foreach f,$(qemu-target-$(1)-extra-files), + $(INSTALL_DIR) $$(1)/$(dir $(f)) + $(CP) $(PKG_INSTALL_DIR)/$(f) $$(1)/$(f) + ) endef endef -QEMU_TARGET_LIST := \ +qemu-target-list := \ x86_64-softmmu \ arm-softmmu \ -$(foreach target,$(QEMU_TARGET_LIST), \ +qemu-target-x86_64-softmmu-deps:= \ + +qemu-firmware-pxe \ + +qemu-firmware-seabios \ + +qemu-firmware-seavgabios +qemu-target-x86_64-softmmu-extra-files:= \ + usr/share/qemu/kvmvapic.bin \ + usr/share/qemu/linuxboot.bin \ + usr/share/qemu/linuxboot_dma.bin \ + usr/share/qemu/multiboot.bin \ + usr/share/qemu/pvh.bin + +$(foreach target,$(qemu-target-list), \ $(eval $(call qemu-target,$(target))) \ ) + # QEMU configure script does not recognize these options CONFIGURE_ARGS:=$(filter-out \ --target=% \ @@ -192,81 +231,142 @@ CONFIGURE_ARGS += \ --host-cc="$(HOSTCC)" \ --disable-fortify-source \ --disable-stack-protector \ + --extra-cflags="$(EXTRA_CFLAGS)" \ + --extra-cxxflags="$(EXTRA_CXXFLAGS)" \ + --extra-ldflags="$(EXTRA_LDFLAGS)" \ -# Make a list from QEMU source code for reference +# VHost features +CONFIGURE_ARGS += \ + --enable-vhost-crypto \ + --enable-vhost-kernel \ + --enable-vhost-net \ + --enable-vhost-scsi \ + --enable-vhost-user \ + --enable-vhost-vsock \ + +# Image formats support +CONFIGURE_ARGS += \ + --disable-bochs \ + --disable-cloop \ + --disable-dmg \ + --disable-qcow1 \ + --disable-vdi \ + --disable-vvfat \ + --disable-qed \ + --disable-parallels \ + +# system/user-mode emulation +CONFIGURE_ARGS += \ + --disable-user \ + --disable-bsd-user \ + --disable-linux-user \ + --enable-system \ + +# accel +CONFIGURE_ARGS += \ + --disable-hax \ + --disable-hvf \ + --disable-whpx \ + --disable-xen \ + --enable-kvm \ + --enable-tcg \ + +# UI +CONFIGURE_ARGS += \ + --disable-cocoa \ + --disable-gtk \ + --disable-sdl \ + --disable-sdl-image \ + --disable-spice \ + --disable-virglrenderer \ + --disable-vnc \ + --disable-vnc-jpeg \ + --disable-vnc-png \ + --disable-vnc-sasl \ + --disable-vte \ + --enable-curses \ + --enable-iconv \ + +# Features for performance & no external dependency +CONFIGURE_ARGS += \ + --enable-coroutine-pool \ + --enable-crypto-afalg \ + --enable-live-block-migration \ + --enable-membarrier \ + --enable-replication \ + +# Review configure options not explicitly specified here # -# grep -E '^\s*--disable-[^)]+\)' configure | cut -f1 -d')' | sort -u +# openwrt_makefile=openwrt/packages/utils/qemu/Makefile +# qemu_configure=qemu/configure +# for arg in $(grep -E '^\s*--disable-[^)]+\)' "$qemu_configure" | cut -f1 -d')'); do +# grep -qE "(--enable|--disable)${arg#--disable}" "$openwrt_makefile" || echo "$arg" +# done # CONFIGURE_ARGS += \ --audio-drv-list='' \ --disable-attr \ + --disable-auth-pam \ --disable-bluez \ --disable-brlapi \ - --disable-bsd-user \ --disable-bzip2 \ --disable-cap-ng \ - --disable-cocoa \ + --disable-capstone \ --disable-curl \ --disable-debug-info \ + --disable-debug-mutex \ --disable-debug-tcg \ --disable-docs \ --disable-gcrypt \ + --disable-git-update \ --disable-glusterfs \ --disable-gnutls \ - --disable-gtk \ --disable-guest-agent-msi \ --disable-jemalloc \ --disable-libiscsi \ --disable-libnfs \ --disable-libpmem \ - --disable-libssh2 \ + --disable-libssh \ --disable-libudev \ --disable-libusb \ --disable-libxml2 \ --disable-linux-aio \ + --disable-lzfse \ --disable-lzo \ --disable-modules \ + --disable-mpath \ --disable-netmap \ --disable-nettle \ --disable-numa \ --disable-opengl \ + --disable-pvrdma \ --disable-qom-cast-debug \ --disable-rbd \ --disable-rdma \ - --disable-sdl \ + --disable-sanitizers \ --disable-seccomp \ + --disable-sheepdog \ --disable-smartcard \ --disable-snappy \ --disable-sparse \ - --disable-spice \ --disable-strip \ --disable-tcg-interpreter \ --disable-tcmalloc \ --disable-tools \ --disable-tpm \ --disable-usb-redir \ - --disable-uuid \ --disable-vde \ - --disable-vhdx \ - --disable-virglrenderer \ --disable-virtfs \ - --disable-vnc \ - --disable-vnc-jpeg \ - --disable-vnc-png \ - --disable-vnc-sasl \ - --disable-vte \ + --disable-vxhs \ --disable-werror \ - --disable-xen \ --disable-xen-pci-passthrough \ - --disable-xen-pv-domain-build \ --disable-xfsctl \ - --disable-zlib-test \ -CONFIGURE_ARGS += --target-list='$(foreach target,$(QEMU_TARGET_LIST),$(if $(CONFIG_PACKAGE_qemu-$(target)),$(target)))' +CONFIGURE_ARGS += --target-list='$(foreach target,$(qemu-target-list),$(if $(CONFIG_PACKAGE_qemu-$(target)),$(target)))' CONFIGURE_ARGS += $(if $(CONFIG_PACKAGE_qemu-ga),--enable-guest-agent) TARGET_LDFLAGS += -Wl,--as-needed -MAKE_VARS += V=s +MAKE_VARS += V=1 # ARCH is special in qemu's build system, e.g. ARCH mips64 will be translated # there to mips and stored in config-host.mak MAKE_FLAGS:=$(filter-out \ @@ -278,7 +378,7 @@ QEMU_MAKE_TARGETS := \ $(if $(CONFIG_PACKAGE_qemu-bridge-helper),qemu-bridge-helper) \ $(if $(CONFIG_PACKAGE_qemu-img),qemu-img) \ $(if $(CONFIG_PACKAGE_qemu-nbd),qemu-nbd) \ - $(foreach target,$(QEMU_TARGET_LIST),$(if $(CONFIG_PACKAGE_qemu-$(target)),subdir-$(target))) \ + $(foreach target,$(qemu-target-list),$(if $(CONFIG_PACKAGE_qemu-$(target)),$(target)/all)) \ define Build/Compile $(if $(strip $(QEMU_MAKE_TARGETS)),$(call Build/Compile/Default,$(QEMU_MAKE_TARGETS))) @@ -289,7 +389,6 @@ $(eval $(call BuildPackage,qemu-ga)) $(eval $(call BuildPackage,qemu-bridge-helper)) $(eval $(call BuildPackage,qemu-img)) $(eval $(call BuildPackage,qemu-nbd)) -$(eval $(call BuildPackage,qemu-blobs)) -$(foreach target,$(QEMU_TARGET_LIST), \ - $(eval $(call BuildPackage,qemu-$(target))) \ +$(foreach p,$(QEMU_PACKAGES), \ + $(eval $(call BuildPackage,$(p))) \ ) diff --git a/utils/qemu/patches/0001-configure-allow-disable-fortify_source.patch b/utils/qemu/patches/0001-configure-allow-disable-fortify_source.patch index 9759cfa5..a1fb69c7 100644 --- a/utils/qemu/patches/0001-configure-allow-disable-fortify_source.patch +++ b/utils/qemu/patches/0001-configure-allow-disable-fortify_source.patch @@ -1,4 +1,4 @@ -From 82d1bb429533dcab4278ed21afc19ee303d7d3f5 Mon Sep 17 00:00:00 2001 +From cbb0971d0d1bc32413095810e24f17eb7169810a Mon Sep 17 00:00:00 2001 From: Yousong Zhou Date: Sat, 24 Feb 2018 13:43:19 +0800 Subject: [PATCH 1/4] configure: allow disable fortify_source @@ -10,10 +10,10 @@ OpenWrt base build system decide flavor of fortify_source to use 1 file changed, 2 insertions(+) diff --git a/configure b/configure -index 0a3c6a72c3..d274df816c 100755 +index 1c563a7027..f4d949b35b 100755 --- a/configure +++ b/configure -@@ -1491,6 +1491,8 @@ for opt do +@@ -1518,6 +1518,8 @@ for opt do ;; --disable-libpmem) libpmem=no ;; diff --git a/utils/qemu/patches/0002-configure-allow-enabling-disabling-libudev-from-comm.patch b/utils/qemu/patches/0002-configure-allow-enabling-disabling-libudev-from-comm.patch index 4a429572..ea0183fa 100644 --- a/utils/qemu/patches/0002-configure-allow-enabling-disabling-libudev-from-comm.patch +++ b/utils/qemu/patches/0002-configure-allow-enabling-disabling-libudev-from-comm.patch @@ -1,4 +1,4 @@ -From 4d7955f069922c482886e03e5cd352281dbce146 Mon Sep 17 00:00:00 2001 +From 39b07d1742475f2c60ae2c80f3f2853bb556e0b1 Mon Sep 17 00:00:00 2001 From: Yousong Zhou Date: Tue, 2 Apr 2019 06:31:31 +0000 Subject: [PATCH 2/4] configure: allow enabling/disabling libudev from command @@ -9,10 +9,10 @@ Subject: [PATCH 2/4] configure: allow enabling/disabling libudev from command 1 file changed, 4 insertions(+) diff --git a/configure b/configure -index d274df816c..a138faeb72 100755 +index f4d949b35b..939f54178b 100755 --- a/configure +++ b/configure -@@ -1491,6 +1491,10 @@ for opt do +@@ -1518,6 +1518,10 @@ for opt do ;; --disable-libpmem) libpmem=no ;; diff --git a/utils/qemu/patches/0003-disas-fix-compilation-failure-when-isnan-is-a-macro.patch b/utils/qemu/patches/0003-disas-fix-compilation-failure-when-isnan-is-a-macro.patch index ece36702..a204f183 100644 --- a/utils/qemu/patches/0003-disas-fix-compilation-failure-when-isnan-is-a-macro.patch +++ b/utils/qemu/patches/0003-disas-fix-compilation-failure-when-isnan-is-a-macro.patch @@ -1,4 +1,4 @@ -From c480c25cf9265fe8e90c2c26d65c8a2fa174b0ea Mon Sep 17 00:00:00 2001 +From fb90eacb808c3b1719d6a5f2deefe88c82589bfb Mon Sep 17 00:00:00 2001 From: Yousong Zhou Date: Sat, 24 Feb 2018 13:45:25 +0800 Subject: [PATCH 3/4] disas: fix compilation failure when isnan is a macro diff --git a/utils/qemu/patches/0004-pc-bios-fix-compilation-when-AS-is-actually-gcc-driv.patch b/utils/qemu/patches/0004-pc-bios-fix-compilation-when-AS-is-actually-gcc-driv.patch index f63f015b..45e4ca51 100644 --- a/utils/qemu/patches/0004-pc-bios-fix-compilation-when-AS-is-actually-gcc-driv.patch +++ b/utils/qemu/patches/0004-pc-bios-fix-compilation-when-AS-is-actually-gcc-driv.patch @@ -1,4 +1,4 @@ -From e030d1c14119e880a52788dd04325d489cf455ae Mon Sep 17 00:00:00 2001 +From 8cff6a5f07f66103809e6bf4a26c512d70ab2841 Mon Sep 17 00:00:00 2001 From: Yousong Zhou Date: Sat, 24 Feb 2018 13:46:31 +0800 Subject: [PATCH 4/4] pc-bios: fix compilation when $(AS) is actually gcc @@ -9,7 +9,7 @@ Subject: [PATCH 4/4] pc-bios: fix compilation when $(AS) is actually gcc 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pc-bios/optionrom/Makefile b/pc-bios/optionrom/Makefile -index a9a9e5e7eb..f88b3ee446 100644 +index e33a24da0d..ce734e8202 100644 --- a/pc-bios/optionrom/Makefile +++ b/pc-bios/optionrom/Makefile @@ -34,7 +34,7 @@ endif @@ -20,13 +20,13 @@ index a9a9e5e7eb..f88b3ee446 100644 +ASFLAGS += $(Wa)-32 QEMU_CFLAGS += $(call cc-c-option, $(QEMU_CFLAGS), $(Wa)-32) - build-all: multiboot.bin linuxboot.bin linuxboot_dma.bin kvmvapic.bin -@@ -44,7 +44,7 @@ build-all: multiboot.bin linuxboot.bin linuxboot_dma.bin kvmvapic.bin + build-all: multiboot.bin linuxboot.bin linuxboot_dma.bin kvmvapic.bin pvh.bin +@@ -44,7 +44,7 @@ build-all: multiboot.bin linuxboot.bin linuxboot_dma.bin kvmvapic.bin pvh.bin %.o: %.S - $(call quiet-command,$(CPP) $(QEMU_INCLUDES) $(QEMU_DGFLAGS) -c -o - $< | $(AS) $(ASFLAGS) -o $@,"AS","$(TARGET_DIR)$@") + $(call quiet-command,$(CPP) $(QEMU_INCLUDES) $(QEMU_DGFLAGS) -c -o - $< | $(AS) $(ASFLAGS) -o $@ -x assembler -,"AS","$(TARGET_DIR)$@") - %.img: %.o - $(call quiet-command,$(LD) $(LDFLAGS_NOPIE) -m $(LD_I386_EMULATION) -T $(SRC_PATH)/pc-bios/optionrom/flat.lds -s -o $@ $<,"BUILD","$(TARGET_DIR)$@") + pvh.img: pvh.o pvh_main.o + $(call quiet-command,$(LD) $(LDFLAGS_NOPIE) -m $(LD_I386_EMULATION) -T $(SRC_PATH)/pc-bios/optionrom/flat.lds -s -o $@ $^,"BUILD","$(TARGET_DIR)$@") diff --git a/utils/qemu/patches/0005-slirp-ipreass-fix-use-after-free.patch b/utils/qemu/patches/0005-slirp-ipreass-fix-use-after-free.patch new file mode 100644 index 00000000..45f37d32 --- /dev/null +++ b/utils/qemu/patches/0005-slirp-ipreass-fix-use-after-free.patch @@ -0,0 +1,46 @@ +From c59279437eda91841b9d26079c70b8a540d41204 Mon Sep 17 00:00:00 2001 +From: Samuel Thibault +Date: Mon, 26 Aug 2019 00:55:03 +0200 +Subject: [PATCH] ip_reass: Fix use after free + +Using ip_deq after m_free might read pointers from an allocation reuse. + +This would be difficult to exploit, but that is still related with +CVE-2019-14378 which generates fragmented IP packets that would trigger this +issue and at least produce a DoS. + +Signed-off-by: Samuel Thibault +--- +Taken from https://gitlab.freedesktop.org/slirp/libslirp/commit/c5927943 + + slirp/src/ip_input.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/slirp/src/ip_input.c b/slirp/src/ip_input.c +index 7364ce0..aa514ae 100644 +--- a/slirp/src/ip_input.c ++++ b/slirp/src/ip_input.c +@@ -292,6 +292,7 @@ static struct ip *ip_reass(Slirp *slirp, struct ip *ip, struct ipq *fp) + */ + while (q != (struct ipasfrag *)&fp->frag_link && + ip->ip_off + ip->ip_len > q->ipf_off) { ++ struct ipasfrag *prev; + i = (ip->ip_off + ip->ip_len) - q->ipf_off; + if (i < q->ipf_len) { + q->ipf_len -= i; +@@ -299,9 +300,10 @@ static struct ip *ip_reass(Slirp *slirp, struct ip *ip, struct ipq *fp) + m_adj(dtom(slirp, q), i); + break; + } ++ prev = q; + q = q->ipf_next; +- m_free(dtom(slirp, q->ipf_prev)); +- ip_deq(q->ipf_prev); ++ ip_deq(prev); ++ m_free(dtom(slirp, prev)); + } + + insert: +-- +2.22.0 +