diff --git a/.github/workflows/build-source-package.yml b/.github/workflows/build-source-package.yml new file mode 100644 index 00000000000..dba46ced431 --- /dev/null +++ b/.github/workflows/build-source-package.yml @@ -0,0 +1,115 @@ +# Builds a Debian source package for QEMU + +name: Build Debian Source Package + +on: + push: + branches: + - 'nvidia/latest' + - 'nvidia_stable-10.1' + + # Allow manual triggering of the workflow from the GitHub UI + workflow_dispatch: + +jobs: + build-source-package: + # arm64 is the primary platform of interest for this project + runs-on: ubuntu-24.04 + + steps: + # Step 1: Check out the repository's code + - name: Checkout repository + uses: actions/checkout@v4 + with: + # Fetch all history for all tags and branches, which can be necessary + # for tools like git-buildpackage to determine version numbers. + fetch-depth: 0 + + # Step 2: Install Debian packaging tools and build dependencies + - name: Install Build Dependencies + run: | + sudo apt-get update + + sudo DEBIAN_FRONTEND=noninteractive apt-get install -y devscripts equivs fakeroot git-buildpackage + + # Use mk-build-deps to parse debian/control, create a dummy package + # with all build dependencies, and install it. This ensures all + # required build dependencies are present. + # The --no-install-recommends flag keeps the environment minimal. + sudo mk-build-deps -i --tool="apt-get -y --no-install-recommends" + # Remove debs that this generates from the working directory after install + rm -f qemu-build-deps* + + # Step 3: Generate Upstream Tarball + - name: Generate Upstream Tarball + run: | + # Extract source name and upstream version from debian/changelog. + # The first sed command strips any epoch (e.g., "1:") from the start of the version. + # The second sed command strips the Debian revision from the end of the version string. + # dpkg-parsechangelog is in the dpkg-dev package, a dependency of devscripts. + export SOURCE_NAME=$(dpkg-parsechangelog -S Source) + export UPSTREAM_VERSION=$(dpkg-parsechangelog -S Version | sed 's/^[0-9]\+://' | sed 's/-[^-]*$//') + + git config --global user.email "robot@builder.local" + git config --global user.name "Builder Robot" + # Create the .orig.tar.gz in the parent directory. + ./debian/build-source-package-from-git.sh + + # Step 4: Upload Workspace for Debugging + - name: Upload Workspace for Debugging + uses: actions/upload-artifact@v4 + with: + name: pre-build-workspace + path: . + + # Step 5: Build the Debian source package + - name: Build Source Package + run: | + # Use debuild to create the source package. + # -S: Build a source package only (no binaries). + # -us: Do not sign the source package. + # -uc: Do not sign the .changes file. + # This command will find and use the .orig.tar.gz we just created. + current_dir=$(pwd) + cd deb + # There should only be one thing in here, which is the tarball we'll extract + # so wildcard should be OK in this instance. + ls + tar -xvf $(ls -d * | head -n 1) + ls + cd $(ls -d */ | head -n 1) + debuild -S -us -uc + cd "$current_dir" + + # Step 6: Log MD5 Checksums + - name: Log MD5 Checksums as Annotations + run: | + # Change to the parent directory where artifacts were created. + current_dir=$(pwd) + cd deb + mkdir source_package_artifacts + + # Iterate over all the generated build artifacts. + for file in *.dsc *.orig.tar.* *.debian.tar.* *.changes *source.build *source.buildinfo; do + # Check if files matching the pattern exist before processing. + if [ -f "$file" ]; then + # Calculate the MD5 sum and format it for the annotation. + # The output of md5sum is "CHECKSUM FILENAME". + checksum=$(md5sum "$file") + + # Echo the checksum as a workflow notice annotation. + # This will make it easily visible in the GitHub Actions UI. + echo "::notice title=MD5 Checksum::$checksum" + mv "$file" source_package_artifacts + fi + done + mv source_package_artifacts "$current_dir" + + # Step 7: Upload the generated source package files as artifacts + - name: Upload Debian Source Package Artifacts + uses: actions/upload-artifact@v4 + with: + # Name of the artifact bundle to be displayed in the GitHub UI + name: debian-source-package + + path: source_package_artifacts diff --git a/backends/iommufd.c b/backends/iommufd.c index e1fee16acf2..24b65de2d55 100644 --- a/backends/iommufd.c +++ b/backends/iommufd.c @@ -390,16 +390,23 @@ bool iommufd_backend_get_dirty_bitmap(IOMMUFDBackend *be, return true; } +/* + * @type can carry a desired HW info type defined in the uapi headers. If caller + * doesn't have one, indicating it wants the default type, then @type should be + * zeroed (i.e. IOMMU_HW_INFO_TYPE_DEFAULT). + */ bool iommufd_backend_get_device_info(IOMMUFDBackend *be, uint32_t devid, uint32_t *type, void *data, uint32_t len, uint64_t *caps, uint8_t *max_pasid_log2, Error **errp) { struct iommu_hw_info info = { + .flags = (*type) ? IOMMU_HW_INFO_FLAG_INPUT_TYPE : 0, .size = sizeof(info), .dev_id = devid, .data_len = len, .data_uptr = (uintptr_t)data, + .in_data_type = *type, }; if (ioctl(be->fd, IOMMU_GET_HW_INFO, &info)) { @@ -456,6 +463,7 @@ bool iommufd_backend_invalidate_cache(IOMMUFDBackend *be, uint32_t id, bool iommufd_backend_alloc_viommu(IOMMUFDBackend *be, uint32_t dev_id, uint32_t viommu_type, uint32_t hwpt_id, + void *data_ptr, uint32_t data_len, uint32_t *out_viommu_id, Error **errp) { int ret; @@ -464,11 +472,14 @@ bool iommufd_backend_alloc_viommu(IOMMUFDBackend *be, uint32_t dev_id, .type = viommu_type, .dev_id = dev_id, .hwpt_id = hwpt_id, + .data_len = data_len, + .data_uptr = (uintptr_t)data_ptr, }; ret = ioctl(be->fd, IOMMU_VIOMMU_ALLOC, &alloc_viommu); trace_iommufd_backend_alloc_viommu(be->fd, dev_id, viommu_type, hwpt_id, + (uintptr_t)data_ptr, data_len, alloc_viommu.out_viommu_id, ret); if (ret) { error_setg_errno(errp, errno, "IOMMU_VIOMMU_ALLOC failed"); @@ -538,6 +549,59 @@ bool iommufd_backend_alloc_veventq(IOMMUFDBackend *be, uint32_t viommu_id, return true; } +bool iommufd_backend_alloc_hw_queue(IOMMUFDBackend *be, uint32_t viommu_id, + uint32_t queue_type, uint32_t index, + uint64_t addr, uint64_t length, + uint32_t *out_hw_queue_id, Error **errp) +{ + int ret; + struct iommu_hw_queue_alloc alloc_hw_queue = { + .size = sizeof(alloc_hw_queue), + .flags = 0, + .viommu_id = viommu_id, + .type = queue_type, + .index = index, + .nesting_parent_iova = addr, + .length = length, + }; + + ret = ioctl(be->fd, IOMMU_HW_QUEUE_ALLOC, &alloc_hw_queue); + + trace_iommufd_backend_alloc_hw_queue(be->fd, viommu_id, queue_type, + index, addr, length, + alloc_hw_queue.out_hw_queue_id, ret); + if (ret) { + error_setg_errno(errp, errno, "IOMMU_HW_QUEUE_ALLOC failed"); + return false; + } + + g_assert(out_hw_queue_id); + *out_hw_queue_id = alloc_hw_queue.out_hw_queue_id; + return true; +} + +/* + * Helper to mmap HW MMIO regions exposed via iommufd for a vIOMMU instance. + * The caller is responsible for unmapping the mapped region. + */ +bool iommufd_backend_viommu_mmap(IOMMUFDBackend *be, uint32_t viommu_id, + uint64_t size, off_t offset, void **out_ptr, + Error **errp) +{ + g_assert(viommu_id); + g_assert(out_ptr); + + *out_ptr = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_SHARED, be->fd, + offset); + trace_iommufd_backend_viommu_mmap(be->fd, viommu_id, size, offset); + if (*out_ptr == MAP_FAILED) { + error_setg_errno(errp, errno, "IOMMUFD vIOMMU mmap failed"); + return false; + } + + return true; +} + bool host_iommu_device_iommufd_attach_hwpt(HostIOMMUDeviceIOMMUFD *idev, uint32_t hwpt_id, Error **errp) { diff --git a/backends/trace-events b/backends/trace-events index b9365113e73..b63420b73ee 100644 --- a/backends/trace-events +++ b/backends/trace-events @@ -21,9 +21,11 @@ iommufd_backend_free_id(int iommufd, uint32_t id, int ret) " iommufd=%d id=%d (% iommufd_backend_set_dirty(int iommufd, uint32_t hwpt_id, bool start, int ret) " iommufd=%d hwpt=%u enable=%d (%d)" iommufd_backend_get_dirty_bitmap(int iommufd, uint32_t hwpt_id, uint64_t iova, uint64_t size, uint64_t flags, uint64_t page_size, int ret) " iommufd=%d hwpt=%u iova=0x%"PRIx64" size=0x%"PRIx64" flags=0x%"PRIx64" page_size=0x%"PRIx64" (%d)" iommufd_backend_invalidate_cache(int iommufd, uint32_t id, uint32_t data_type, uint32_t entry_len, uint32_t entry_num, uint32_t done_num, uint64_t data_ptr, int ret) " iommufd=%d id=%u data_type=%u entry_len=%u entry_num=%u done_num=%u data_ptr=0x%"PRIx64" (%d)" -iommufd_backend_alloc_viommu(int iommufd, uint32_t dev_id, uint32_t type, uint32_t hwpt_id, uint32_t viommu_id, int ret) " iommufd=%d type=%u dev_id=%u hwpt_id=%u viommu_id=%u (%d)" +iommufd_backend_alloc_viommu(int iommufd, uint32_t dev_id, uint32_t type, uint32_t hwpt_id, uint64_t data_ptr, uint32_t data_len, uint32_t viommu_id, int ret) " iommufd=%d type=%u dev_id=%u hwpt_id=%u data_ptr=0x%"PRIx64" data_len=0x%x viommu_id=%u (%d)" iommufd_backend_alloc_vdev(int iommufd, uint32_t dev_id, uint32_t viommu_id, uint64_t virt_id, uint32_t vdev_id, int ret) " iommufd=%d dev_id=%u viommu_id=%u virt_id=0x%"PRIx64" vdev_id=%u (%d)" iommufd_viommu_alloc_eventq(int iommufd, uint32_t viommu_id, uint32_t type, uint32_t veventq_id, uint32_t veventq_fd, int ret) " iommufd=%d viommu_id=%u type=%u veventq_id=%u veventq_fd=%u (%d)" +iommufd_backend_alloc_hw_queue(int iommufd, uint32_t viommu_id, uint32_t queue_type, uint32_t index, uint64_t addr, uint64_t size, uint32_t queue_id, int ret) " iommufd=%d viommu_id=%u queue_type=%u index=%u addr=0x%"PRIx64" size=0x%"PRIx64" queue_id=%u (%d)" +iommufd_backend_viommu_mmap(int iommufd, uint32_t viommu_id, uint64_t size, uint64_t offset) " iommufd=%d viommu_id=%u size=0x%"PRIx64" offset=0x%"PRIx64 # igvm-cfg.c igvm_reset_enter(int type) "type=%u" diff --git a/debian/README-components-versions b/debian/README-components-versions new file mode 100644 index 00000000000..de78efe654d --- /dev/null +++ b/debian/README-components-versions @@ -0,0 +1,74 @@ +Evolution of qemu-related packages in debian + +kvm: was a binary package providing /usr/bin/kvm before squeeze. + + In squeeze it has been renamed to qemu-kvm, + so kvm becomes a transitional package. + + Probably can be get rid of now. + + No need to conflict with this package, but we can force-remove it + by conflicting with it. + + Some packages may still Require/Depend/Suggest: kvm. + + +qemu-kvm: was a binary package providing /usr/bin/kvm in wheezy (v. 1.1) + + This binary become a (deprecated) shell wrapper and was a part of + qemu-system-x86 package between versions 1.3.0+dfsg-5 (when qemu-system + were split) up to 1.7.0+dfsg-1, with qemu-kvm package being transitional. + + At version 1.7.0+dfsg-2, qemu-kvm packcage is not transitional anymore, + and the wrapper is provided by qemu-kvm, not qemu-system-x86. + + Some packages may Require/Depend/Suggest: qemu-kvm. + +qemu: initially it was a mix of all of qemu (unrelated, not conflicting +with qemu-kvm or kvm) + + at 0.11.0-1 it were split to qemu-user, qemu-user-static and qemu-system. + + Also qemu-keymaps is made a separate package at version 0.12.4+dfsg-4 + (for use together with qemu-kvm and xen and, on ubuntu, qemu-linaro). + + And qemu-utils become a separate package (look when? since the beginning?) + + Now it is a metapackage and a placeholder for some docs + +qemu-system: was a package with all qemu-system-* binaries. + + Were split into individual qemu-system-foo and qemu-system-common at version + 1.3.0+dfsg-5, so qemu-system becomes a metapackage without its own files. + + The split introduced a bunch of qemu-system-* conflicting+replacing + qemu-system<<1.3.0+dfsg-5. + + At version 1.3.0+dfsg-4exp (before split, in experimental), /usr/bin/kvm was + a part of qemu-system (and later qemu-system-x86)/ + + At the same version, virtfs-proxy-helper binary has been moved from qemu-utils + to qemu-system (and later to qemu-system-common). + +qemu-system-common: appeared at 1.3.0+dfsg-5, files common for all qemu-system* + + briefly (>=1.3.0+dfsg-4exp, <<1.3.0+dfsg-5), qemu-utils had + virtfs-proxy-helper binary which is in qemu-system-common + +qemu-keymaps: keymap definition for qemu, qemu-kvm and xen. + + Can be merged into qemu-system-common now, or after qemu-linaro. + + Were split out of qemu at version 0.12.4+dfsg-4 + +qemu-utils: common utilities (part of qemu-common in ubuntu?) + + In versions between 1.3.0+dfsg-1~exp1 and 1.3.0+dfsg-4exp, wrongly shipped + virtfs-proxy-helper binary + +qemu-user, qemu-user-static: user-mode qemu emulation + + Were split out of qemu at verson 0.11.0-1 (pre-squeeze), + do not conflict/replace anything anymore. + +qemu-common: ubuntu package diff --git a/debian/TODO b/debian/TODO new file mode 100644 index 00000000000..5efed04b42f --- /dev/null +++ b/debian/TODO @@ -0,0 +1,16 @@ +* fix other binaries (s390-zipl, ppc_rom) + +* permissions/ownership for /dev/vhost_net??? + +* startup script for qemu-guest-agent: check dependencies & runlevels. + +* maybe provide activation for udev & systemd: + + SUBSYSTEM=="virtio-ports", ATTR{name}=="org.qemu.guest_agent.0", \ + TAG+="systemd" ENV{SYSTEMD_WANTS}="qemu-guest-agent.service" + + and dev-virtio/ports-org.qemu.guest_agent.0.device activation + for systemd. + +* decide what to do with qemu-bridge-helper (#691138) + diff --git a/debian/binfmt-install b/debian/binfmt-install new file mode 100755 index 00000000000..02536c381ef --- /dev/null +++ b/debian/binfmt-install @@ -0,0 +1,130 @@ +#!/bin/sh +set -e + +PACKAGE="$1" +case "$#$PACKAGE" in + 1qemu-user-static) SUFFIX=-static; FIXB=F; DOC_PACKAGE=$PACKAGE ;; + 1qemu-user-binfmt) SUFFIX=; FIXB= ; DOC_PACKAGE=qemu-user ;; + *) echo "usage: $0 "; exit 1 ;; +esac + +fmts="aarch64 alpha arm armeb cris hexagon hppa i386 loongarch64 m68k microblaze mips mipsel mipsn32 mipsn32el mips64 mips64el ppc ppc64 ppc64le riscv32 riscv64 s390x sh4 sh4eb sparc sparc32plus sparc64 x86_64 xtensa xtensaeb" +removed_fmts="ppc64abi32" + +# linux ELF_OSABI(byte7) can be 0 (traditional,SYSV) or 3 (GNU/LINUX extensions) +# binfmt registration does not allow a enum, only value&mask. So we use broader mask +# to allow both 0 and 3 here, this also lets 1 (HPUX) and 2 (NETBSD) - 0xfc not 0xff +# alternative is to create 2 magic/mask pairs instead of one + + aarch64_magic='\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7\x00' + aarch64_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff' + alpha_magic='\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x26\x90' + alpha_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff' + arm_magic='\x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00' + arm_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff' + armeb_magic='\x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28' + armeb_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff' + cris_magic='\x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x4c\x00' + cris_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff' + hexagon_magic='\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xa4\x00' + hexagon_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff' + hppa_magic='\x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x0f' + hppa_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff' + i386_magic='\x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x03\x00' + i386_mask='\xff\xff\xff\xff\xff\xfe\xfe\xfc\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff' +loongarch64_magic='\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x02\x01' + loongarch64_mask='\xff\xff\xff\xff\xff\xff\xff\xfc\x00\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff' + m68k_magic='\x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x04' + m68k_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff' + microblaze_magic='\x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\xba\xab' + microblaze_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff' + mips_magic='\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' + mips_mask='\xff\xff\xff\xff\xff\xff\xff\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x20' + mipsel_magic='\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' + mipsel_mask='\xff\xff\xff\xff\xff\xff\xff\x00\x00\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00' + mipsn32_magic='\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x20' + mipsn32_mask='\xff\xff\xff\xff\xff\xff\xff\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x20' + mipsn32el_magic='\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00' + mipsn32el_mask='\xff\xff\xff\xff\xff\xff\xff\x00\x00\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00' + mips64_magic='\x7f\x45\x4c\x46\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08' + mips64_mask='\xff\xff\xff\xff\xff\xff\xff\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff' + mips64el_magic='\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00' + mips64el_mask='\xff\xff\xff\xff\xff\xff\xff\x00\x00\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff' + ppc_magic='\x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x14' + ppc_mask='\xff\xff\xff\xff\xff\xff\xff\xfc\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff' + ppc64_magic='\x7f\x45\x4c\x46\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x15' + ppc64_mask='\xff\xff\xff\xff\xff\xff\xff\xfc\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff' + ppc64le_magic='\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x15\x00' + ppc64le_mask='\xff\xff\xff\xff\xff\xff\xff\xfc\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\x00' + riscv32_magic='\x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00' + riscv32_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff' + riscv64_magic='\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00' + riscv64_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff' + s390x_magic='\x7f\x45\x4c\x46\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x16' + s390x_mask='\xff\xff\xff\xff\xff\xff\xff\xfc\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff' + sh4_magic='\x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2a\x00' + sh4_mask='\xff\xff\xff\xff\xff\xff\xff\xfc\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff' + sh4eb_magic='\x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2a' + sh4eb_mask='\xff\xff\xff\xff\xff\xff\xff\xfc\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff' + sparc_magic='\x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x02' + sparc_mask='\xff\xff\xff\xff\xff\xff\xff\xfc\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff' +sparc32plus_magic='\x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x12' + sparc32plus_mask='\xff\xff\xff\xff\xff\xff\xff\xfc\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff' + sparc64_magic='\x7f\x45\x4c\x46\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2b' + sparc64_mask='\xff\xff\xff\xff\xff\xff\xff\xfc\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff' + x86_64_magic='\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x3e\x00' + x86_64_mask='\xff\xff\xff\xff\xff\xfe\xfe\xfc\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff' + xtensa_magic='\x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x5e\x00' + xtensa_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff' + xtensaeb_magic='\x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x5e' + xtensaeb_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff' + +: ${DEB_HOST_ARCH:=$(dpkg-architecture -qDEB_HOST_ARCH)} + +# find which fmts needs to be filtered out, which is arch-dependent. +# Drop support for emulating amd64 on i386, http://bugs.debian.org/604712 +case "$DEB_HOST_ARCH" in + amd64 | i386 | x32) omit="i386|x86_64|x32" ;; + arm | armel | armhf | arm64) omit="arm|aarch64" ;; + ppc64 | powerpc) omit="ppc|ppc64|ppc64abi32" ;; + ppc64el) omit="ppc64le" ;; + riscv64) omit="riscv32|riscv64" ;; + s390x) omit="s390x" ;; + sparc | sparc64) omit="sparc|sparc32plus|sparc64" ;; + *) omit="$DEB_HOST_ARCH" ;; +esac + +mkdir -p debian/$PACKAGE/usr/lib/binfmt.d \ + debian/$DOC_PACKAGE/usr/share/doc/$DOC_PACKAGE \ + debian/$PACKAGE/usr/libexec/qemu-binfmt \ + +for fmt in $fmts ; do + eval "case $fmt in $omit) inst=;; *) inst=y;; esac; magic=\"\$${fmt}_magic\" mask=\"\$${fmt}_mask\"" + # for arch from the same family as host, install stuff to docdir + # so it is not enabled by default. One can (sym)link selected entries + # from docdir to /etc/binfmt.d/ to enable them + if [ "$inst" ]; then inst=debian/$PACKAGE/usr/lib/binfmt.d + else inst=debian/$DOC_PACKAGE/usr/share/doc/$DOC_PACKAGE + fi + ln -sf ../../bin/qemu-$fmt$SUFFIX debian/$PACKAGE/usr/libexec/qemu-binfmt/$fmt-binfmt-P + echo ":qemu-$fmt:M::$magic:$mask:/usr/libexec/qemu-binfmt/$fmt-binfmt-P:OP${FIXB}" \ + >$inst/qemu-$fmt.conf +done + +# generate postinst script to unregister all from binfmt-support +# when upgrading from older qemu. +cat >>debian/$PACKAGE.postinst.debhelper </dev/null || return 0 + for fmt in $fmts $removed_fmts; do + if [ -f /var/lib/binfmts/qemu-\$fmt ]; then + [ -f /usr/bin/qemu-\$fmt$SUFFIX ] || + echo "$PACKAGE.preinst: note: the warning from update-binfmts about missing qemu-\$fmt$SUFFIX is okay" >&2 + update-binfmts --package $PACKAGE --remove qemu-\$fmt /usr/bin/qemu-\$fmt$SUFFIX + fi + done +} +binfmt_update "\$1" "\$2" +EOF diff --git a/debian/build-deb-from-git.sh b/debian/build-deb-from-git.sh new file mode 100755 index 00000000000..0e8f76ed900 --- /dev/null +++ b/debian/build-deb-from-git.sh @@ -0,0 +1,34 @@ +#!/bin/bash +# +# Produce a deb source package that can be uploaded to a Debian/Ubuntu builder. + +if [[ $(git --no-optional-locks status -uno --porcelain) ]]; then + echo "ERROR: git repository is not clean" + echo "Try running:" + echo " git reset --hard HEAD" + echo " git submodule foreach --recursive 'git reset --hard && git clean -fdx'" + echo " rm -rf deb" + exit 1 +fi + +# Update submodules +git clean -xdf +git submodule update --init --recursive + +# Clean up and include everything in the package +find subprojects/ -type d -name .git -exec rm -rf {} \; +find . -name .gitignore -exec rm -f {} \; + +meson subprojects download +pip3 download --dest python/wheels/ wheel setuptools pip + +find subprojects/ -type d -name .git -exec rm -rf {} \; +find . -name .gitignore -exec rm -f {} \; + +# Import submodules in git +git add . +git commit -s -a -m "[DROP THIS] Include submodules for packaging" + +# Produce an orig tarball +mkdir -p deb +git archive --prefix=qemu-11.0.0/ -o deb/qemu_11.0.0+nvidia1.orig.tar.gz HEAD diff --git a/debian/build-source-package-from-git.sh b/debian/build-source-package-from-git.sh new file mode 100755 index 00000000000..104b924f1e0 --- /dev/null +++ b/debian/build-source-package-from-git.sh @@ -0,0 +1,32 @@ +#!/bin/bash +# +# Produce a deb source package that can be uploaded to a Debian/Ubuntu builder. + +if [[ $(git --no-optional-locks status -uno --porcelain) ]]; then + echo "ERROR: git repository is not clean" + echo "Try running:" + echo " git submodule foreach --recursive 'git reset --hard && git clean -fdx'" + exit 1 +fi + +# Update submodules +git clean -xdf +git submodule update --init --recursive + +# Clean up and include everything in the package +find subprojects/ -type d -name .git -exec rm -rf {} \; +find . -name .gitignore -exec rm -f {} \; + +meson subprojects download + +find subprojects/ -type d -name .git -exec rm -rf {} \; +find . -name .gitignore -exec rm -f {} \; + +# Import submodules in git +git add . +git commit -s -a -m "[DROP THIS] Include submodules for packaging" + +# Produce an orig tarball +mkdir -p deb +debversion=$(dpkg-parsechangelog -S Version | sed 's/^[0-9]\+://' | sed 's/-[^-]*$//') +git archive --prefix=qemu-10.1.0/ -o deb/qemu_$debversion.orig.tar.gz HEAD diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 00000000000..b4bb431eb91 --- /dev/null +++ b/debian/changelog @@ -0,0 +1,11297 @@ +qemu (1:11.0.0+nvidia1-1) noble; urgency=medium + + * Update to QEMU v11.0.0 upstream with NVIDIA support + * Items included in upstream v11.0.0: + - vSMMUv3 v9 + - DMABUF v4 + - vEVENTQ v8, + - hugepfnmap v4, + - SMMUv3 AUTO properties v5 + * hw/vfio/iommufd: Control dirty tracking for nesting parent HWPT + * hw/arm/smmuv3: Have smmuv3_accel_init() take an Error* parameter + * hw/arm/smmuv3-accel: Resolve AUTO properties v3 (7 patches) + * hw/arm/virt: Introduce Tegra241 CMDQV support for accelerated + SMMUv3 (31 patches) + * hw/acpi/pci.c: preserve generic initiator insertion order + * EGM support on virtualization (6 patches) + * Ubuntu Noble debian packaging from noble-updates (8.2.2+ds-0ubuntu1.16) + + -- Jiandi An Thu, 15 May 2026 23:18:08 -0500 + +qemu (1:8.2.2+ds-0ubuntu1.16) noble-security; urgency=medium + + * SECURITY UPDATE: use-after-free + - debian/patches/CVE-2024-6519.patch: keep a reference to the device while + SCRIPTS in hw/scsi/lsi53c895a.c. + - CVE-2024-6519 + * SECURITY UPDATE: out-of-bounds read + - debian/patches/CVE-2026-2243.patch: fix OOB read in vmdk_read_extent() + in block/vmdk.c. + - CVE-2026-2243 + * SECURITY UPDATE: heap buffer overflow + - debian/patches/CVE-2026-3195-1.patch: fix max_size bounds check in input + cb in hw/audio/virtio-snd.c. + - debian/patches/CVE-2026-3195-2.patch: tighten read amount in in_cb in + hw/audio/virtio-snd.c. + - CVE-2026-3195 + * SECURITY UPDATE: integer overflow + - debian/patches/CVE-2026-3196.patch: handle 5.14.6.2 for PCM_INFO properly + in hw/audio/virtio-snd.c. + - CVE-2026-3196 + * SECURITY UPDATE: out-of-bounds write + - debian/patches/CVE-2026-3842.patch: check length returned by + cpu_physical_memory_map() in hw/hyperv/syndbg.c. + - CVE-2026-3842 + + -- Fabian Toepfer Wed, 08 Apr 2026 11:57:03 +0200 + +qemu (1:8.2.2+ds-0ubuntu1.15) noble; urgency=medium + + * d/p/u/lp2142099-*: fix wrong feature dependency for waitpkg + (LP: #2142099) + + -- Hector Cao Fri, 20 Mar 2026 11:41:09 +0100 + +qemu (1:8.2.2+ds-0ubuntu1.14) noble; urgency=medium + + * Fix crash on concurrent `block-stream` and `query-named-block-nodes` + (LP: #2126951) + - d/p/ubuntu/lp2126951-block-Drop-detach_subchain-for-bdrv_replace_node.patch + + -- Wesley Hershberger Wed, 11 Mar 2026 10:42:17 -0500 + +qemu (1:8.2.2+ds-0ubuntu1.13) noble-security; urgency=medium + + * SECURITY UPDATE: denial-of-service + - debian/patches/CVE-2024-8354-2.patch: don't assert for SETUP to non-0 + endpoint in hw/usb/hcd-uhci. + - CVE-2024-8354 + * SECURITY UPDATE: use-after-free + - debian/patches/CVE-2025-11234-1.patch: release active GSource in TLS + channel finalizer in io/channel-tls.c. + - debian/patches/CVE-2025-11234-2.patch: move websock resource release to + close method in io/channel-websock.c. + - debian/patches/CVE-2025-11234-3.patch: fix use after free in websocket + handshake code in io/channel-websock.c. + - CVE-2025-11234 + * SECURITY UPDATE: stack-based buffer overflow + - debian/patches/CVE-2025-12464.patch: pad packets to minimum length in + qemu_receive_packet() in net/net.c. + - CVE-2025-12464 + * SECURITY UPDATE: denial-of-service + - debian/patches/CVE-2025-14876-1.patch: verify asym request size in + hw/virtio/virtio-crypto.c. + - debian/patches/CVE-2025-14876-2.patch: Limit the maximum size in + backends/cryptodev-builtin.c. + - CVE-2025-14876 + * SECURITY UPDATE: out-of-bounds read + - debian/patches/CVE-2026-0665.patch: fix PIRQ bounds check in + xen_physdev_map_pirq() in hw/i386/kvm/xen_evtchn.c. + - CVE-2026-0665 + + -- Fabian Toepfer Tue, 03 Mar 2026 15:03:56 +0100 + +qemu (1:8.2.2+ds-0ubuntu1.12) noble; urgency=medium + + * Do not expose arch-caps when not available on AMD + CPUs (LP: #2131822) + - d/p/u/lp2131822/* : create -v2 ubuntu machine types and backport arch_caps + for this newly created types. + - d/qemu-system-x86.NEWS : info about the new types + + -- Hector Cao Mon, 15 Dec 2025 12:33:49 +0000 + +qemu (1:8.2.2+ds-0ubuntu1.11) noble; urgency=medium + + * smbios: Fix buffer overrun when using path= option (LP: #2127974) + * debian/.gitignore: unignore patches + + -- Nick Rosbrook Thu, 20 Nov 2025 16:08:18 -0500 + +qemu (1:8.2.2+ds-0ubuntu1.10) noble-security; urgency=medium + + * SECURITY UPDATE: double-free in QEMU virtio devices + - debian/patches/CVE-2024-3446-pre1.patch: introduce + virtio_bh_new_guarded() helper in hw/virtio/virtio.c, + include/hw/virtio/virtio.h. + - debian/patches/CVE-2024-3446-1.patch: protect from DMA re-entrancy + bugs in hw/virtio/virtio-crypto.c. + - debian/patches/CVE-2024-3446-2.patch: protect from DMA re-entrancy + bugs in hw/char/virtio-serial-bus.c. + - debian/patches/CVE-2024-3446-3.patch: protect from DMA re-entrancy + bugs in hw/display/virtio-gpu.c. + - CVE-2024-3446 + * SECURITY UPDATE: heap overflow in SDHCI device emulation + - debian/patches/CVE-2024-3447.patch: do not update TRNMOD when Command + Inhibit (DAT) is set in hw/sd/sdhci.c. + - CVE-2024-3447 + * SECURITY UPDATE: assert failure in checksum calculation + - debian/patches/CVE-2024-3567.patch: fix overrun in + update_sctp_checksum() in hw/net/net_tx_pkt.c. + - CVE-2024-3567 + * SECURITY UPDATE: resource consumption in disk utility + - debian/patches/CVE-2024-4467-1.patch: don't open data_file with + BDRV_O_NO_IO in block/qcow2.c, tests/qemu-iotests/061*. + - debian/patches/CVE-2024-4467-2.patch: don't store data-file with + protocol in image in tests/qemu-iotests/244. + - debian/patches/CVE-2024-4467-3.patch: don't store data-file with + json: prefix in image in tests/qemu-iotests/270. + - debian/patches/CVE-2024-4467-4.patch: parse filenames only when + explicitly requested in block.c. + - CVE-2024-4467 + * SECURITY UPDATE: heap overflow in virtio-net device RSS feature + - debian/patches/CVE-2024-6505.patch: ensure queue index fits with RSS + in hw/net/virtio-net.c. + - CVE-2024-6505 + * SECURITY UPDATE: Dos via improper synchronization during socket closure + - debian/patches/CVE-2024-7409-1.patch: plumb in new args to + nbd_client_add() in blockdev-nbd.c, include/block/nbd.h, + nbd/server.c, qemu-nbd.c. + - debian/patches/CVE-2024-7409-2.patch: cap default max-connections to + 100 in block/monitor/block-hmp-cmds.c, blockdev-nbd.c, + include/block/nbd.h, qapi/block-export.json. + - debian/patches/CVE-2024-7409-3.patch: close stray clients at + server-stop in blockdev-nbd.c. + - debian/patches/CVE-2024-7409-4.patch: drop non-negotiating clients in + nbd/server.c, nbd/trace-events. + - debian/patches/CVE-2024-7409-5.patch: avoid use-after-free when + closing server in blockdev-nbd.c. + - CVE-2024-7409 + * SECURITY UPDATE: DoS via assert failure in usb_ep_get() + - debian/patches/CVE-2024-8354.patch: change ohci validation in + hw/usb/hcd-ohci.c, hw/usb/trace-events. + - CVE-2024-8354 + * SECURITY UPDATE: possibly binfmt privilege escalation (LP: #2120814) + - debian/binfmt-install: stop using C (Credentials) flag for + binfmt_misc registration. + + -- Marc Deslauriers Mon, 25 Aug 2025 14:10:37 -0400 + +qemu (1:8.2.2+ds-0ubuntu1.9) noble; urgency=medium + + * d/p/u/lp-2101053-pci-acpi-Windows-PCI-Label-Id-bug-workaround.patch: + fix windows virtio network by tolerarting a bad acpi call (LP: #2101053) + + -- Christian Ehrhardt Wed, 02 Jul 2025 11:36:20 +0200 + +qemu (1:8.2.2+ds-0ubuntu1.8) noble; urgency=medium + + * d/p/u/lp2101944/*: Synthesize IBPB_BRTYPE and SBPB CPUID bits to the guest + as described in AMD's Speculative Return Stack Overflow whitepaper. + (LP: #2101944) + + -- Lukas Märdian Wed, 19 Mar 2025 10:02:49 +0100 + +qemu (1:8.2.2+ds-0ubuntu1.7) noble; urgency=medium + + * d/p/u/lp2049698/*: Add full boot order support on s390x (LP: #2049698) + * Cherry-pick prerequisite for above backport (to avoid FTBFS): + - d/p/u/lp2049698/0-hw-s390x-sclp.c-include-s390-virtio-ccw.h-to-make.patch + * d/qemu-system-data.links: symlink s390-netboot.img -> s390-ccw.img for + backwards compatibility, as the code is now combined. + + [ Michael Tokarev ] + * d/rules: run ./configure in arch-indep build and build some roms from there. + After adding just a few more build-deps to common Build-Depends, + it is now possible to run ./configure in arch-indep step too. + Run ./configure, and switch s390-ccw and vof.bin builds from + ad-hoc instructions to using the regular qemu makefiles. + Move python3-venv dependency from Build-Depend-Arch to Build-Depend + so that ./configure can be run. + [cherry-pick https://salsa.debian.org/qemu-team/qemu/-/commit/5b5a97b] + + * Fix qemu-aarch64-static segfaults running ldconfig.real (LP: #2072564) + - lp-2072564-01-linux-user-Honor-elf-alignment-when-placing-images.patch + - lp-2072564-02-elfload-Fix-alignment-when-unmapping-excess-reservat.patch + Thanks to Dimitry Andric for identifying the fix. + + -- Lukas Märdian Thu, 13 Mar 2025 17:15:00 +0100 + +qemu (1:8.2.2+ds-0ubuntu1.6) noble; urgency=medium + + [ Gabriel B. Sant'Anna ] + * Fix emulation of RISC-V Vector instructions (LP: #2095169) + - d/p/u/lp2095169-riscv-vector-fixes-{01..12}.patch: ensure vstart_eq_zero + is updated at the end of each vector instruction. + - Changes come from upstream, but backporting to 8.2.2 required some + adjustment before patches could be applied cleanly. + - Thanks to Daniel Henrique Barboza + + -- Sergio Durigan Junior Fri, 24 Jan 2025 16:48:49 -0500 + +qemu (1:8.2.2+ds-0ubuntu1.5) noble; urgency=medium + + * d/p/u/lp-2091099-fix-9p-regression-cve-2023-2861.patch: Fix + regression regarding CVE-2023-2861 affecting 9p filesystems. + (LP: #2091099) + + -- Sergio Durigan Junior Wed, 11 Dec 2024 22:06:49 -0500 + +qemu (1:8.2.2+ds-0ubuntu1.4) noble-security; urgency=medium + + * SECURITY UPDATE: denial of service + - debian/patches/CVE-2024-4693-1.patch: virtio-pci: fix use of a + released vector + - debian/patches/CVE-2024-4693-2.patch: virtio-pci: Fix the use of + an uninitialized irqfd + - CVE-2024-4693 + * SECURITY UPDATE: heap buffer overflow + - debian/patches/CVE-2024-7730.patch: add max size bounds check in + input cb + - CVE-2024-7730 + + -- Bruce Cable Tue, 22 Oct 2024 15:57:13 +1100 + +qemu (1:8.2.2+ds-0ubuntu1.3) noble; urgency=medium + + * d/p/u/lp2076927-fix-time-based-freq-kvm.patch: Fix + timebase-frequency when using KVM acceleration on RISC-V. (LP: #2076927) + * d/p/u/lp2028964-add-support-sierra-forest.patch: Add support for + Sierra Forest CPU model. (LP: #2028964) + * Fail gracefully when hotplugging a vCPU fails on PPC. (LP: #2076587) + - d/p/u/lp2076587-cpu-hotplug-crashes-guest-*.patch: Backport + patches for upstream fix. + + -- Sergio Durigan Junior Tue, 24 Sep 2024 22:57:11 -0400 + +qemu (1:8.2.2+ds-0ubuntu1.2) noble-security; urgency=medium + + * SECURITY UPDATE: buffer overflow + - debian/patches/CVE-2024-26327.patch: Check num_vfs size + - CVE-2024-26327 + * SECURITY UPDATE: out of bounds memory access + - debian/patches/CVE-2024-26328.patch: Use pcie_sriov_num_vfs to + get number of enabled vfs before and after config writes + - CVE-2024-26328 + + -- Bruce Cable Wed, 21 Aug 2024 11:53:08 +1000 + +qemu (1:8.2.2+ds-0ubuntu1.1) noble-proposed; urgency=medium + + * SRU: LP: #2076340: No-change rebuild to pick up changed build flags + on ppc64 and s390x. + + -- Matthias Klose Fri, 09 Aug 2024 04:33:21 +0200 + +qemu (1:8.2.2+ds-0ubuntu1) noble; urgency=medium + + * Merge version 8.2.2 from upstream. (LP: #2061005). Cherry-picks from + Debian: + - d/p/ui-clipboard-mark-type-as-not-available-when-no-data-CVE-2023-6683.patch: + Remove patch; included upstream. + - d/control: clarify qemu-system-gui description: this is not a + management gui for qemu + - d/rules: stop qemu-system-${arch} packages from providing + themselves (#1063233) + - d/control{,-in}: Fix typo on qemu-system-gui description. + + -- Sergio Durigan Junior Fri, 12 Apr 2024 18:13:51 -0400 + +qemu (1:8.2.1+ds-1ubuntu9) noble; urgency=medium + + * No-change rebuild for CVE-2024-3094 + + -- William Grant Mon, 01 Apr 2024 18:20:15 +1100 + +qemu (1:8.2.1+ds-1ubuntu8) noble; urgency=medium + + * d/p/u/lp2012763-maxcpus-too-low.patch: Actually set the max_cpus + property of the new Mantic machine types. (LP: #2012763) + + -- Sergio Durigan Junior Mon, 25 Mar 2024 14:58:39 -0400 + +qemu (1:8.2.1+ds-1ubuntu7) noble; urgency=medium + + * d/p/u/lp2012763-maxcpus-too-low.patch: Bump max_cpus to 1024 on + Jammy amd64 machine types. (LP: #2012763) + + -- Sergio Durigan Junior Mon, 18 Mar 2024 16:48:22 -0400 + +qemu (1:8.2.1+ds-1ubuntu6) noble; urgency=medium + + * No-change rebuild against libcurl3t64-gnutls + + -- Steve Langasek Sat, 16 Mar 2024 07:16:54 +0000 + +qemu (1:8.2.1+ds-1ubuntu5) noble; urgency=medium + + * No-change rebuild against libglib2.0-0t64 + + -- Steve Langasek Mon, 11 Mar 2024 23:31:21 +0000 + +qemu (1:8.2.1+ds-1ubuntu4) noble; urgency=medium + + * No-change rebuild against libgnutls30t64 + + -- Steve Langasek Sun, 10 Mar 2024 02:11:43 +0000 + +qemu (1:8.2.1+ds-1ubuntu3) noble; urgency=medium + + * No-change rebuild against libpng16-16t64 + + -- Steve Langasek Thu, 29 Feb 2024 07:54:00 +0000 + +qemu (1:8.2.1+ds-1ubuntu2) noble; urgency=medium + + * d/p/u/lp-2055003-*: Properly initialize max_cpus limit to + SPAPR_IRQ_NR_IPIS, fixing a segfault on ppc64el. (LP: #2055003) + + -- Sergio Durigan Junior Mon, 26 Feb 2024 15:32:25 -0500 + +qemu (1:8.2.1+ds-1ubuntu1) noble; urgency=medium + + * Merge with Debian unstable (LP: #2051883, #2049703). Remaining changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-system-common.qemu-kvm.service: systemd unit to call + qemu-kvm-init + - d/qemu-system-common.install: install helper script + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm + - Distribution specific machine type + (LP 1304107 1621042 1776189 1761372 1761372 1776189) + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types containing release versioned machine attributes + - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type + - Enable nesting by default + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + [ No more strictly needed, but required for backward compatibility ] + - tolerate ipxe size change on migrations to >=18.04 (LP 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - Ease the use of module retention on upgrades (LP 1913421) + - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade + - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664) + + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch: + fix qboot FTBFS with LTO + - d/rules: Enable/disable extra features on microvm + variant. (LP #2045594) + - Move glusterfs storage driver to Universe in a new package + (LP #2045063): + + d/control{,-in}: new package qemu-block-supplemental for drivers + we want in Universe + + d/rules: we only want block-gluster.so in the new + qemu-block-supplemental package. Adjust dynamically-created + maintainer scripts for qemu-block-extra and -supplemental. + + -- Sergio Durigan Junior Wed, 07 Feb 2024 13:01:14 -0500 + +qemu (1:8.2.1+ds-1) unstable; urgency=medium + + * new upstream stable/bugfix release + * remove all upstream-applied patches + * d/patches/note-missing-module-pkg-name.diff: fixup + * replace fix for CVE-2023-6683 (A different fix from upstream) + * remove the mistakenly-added temp file in d/qemu-block-extra/ + * d/.gitignore: refresh + + -- Michael Tokarev Tue, 30 Jan 2024 10:32:17 +0300 + +qemu (1:8.2.0+ds-5) unstable; urgency=medium + + * d/rules, d/run-qemu.mount: use dh_installsystemd to install run-qemu.mount + (Closes: #1060087) + * update hppa and seabios-hppa patch series + * ui-clipboard-avoid-crash-upon-request-when-clipboard-CVE-2023-6683.patch + (Closes: #1060749, CVE-2023-6683) + * +target-s390x-Fix-LAE-setting-a-wrong-access-register.patch + * +tcg-s390x-Fix-encoding-of-VRIc-VRSa-VRSc-insns.patch + fix chacha20 issue on s390x + * update hw-vfio-fix-iteration-over-global-VFIODevice-list.patch + + -- Michael Tokarev Thu, 18 Jan 2024 10:16:31 +0300 + +qemu (1:8.2.0+ds-4ubuntu2) noble; urgency=medium + + * Move glusterfs storage driver to Universe in a new package + (LP: #2045063): + - d/control{,-in}: new package qemu-block-supplemental for drivers + we want in Universe + - d/rules: we only want block-gluster.so in the new + qemu-block-supplemental package. Adjust dynamically-created + maintainer scripts for qemu-block-extra and -supplemental. + + -- Andreas Hasenack Fri, 02 Feb 2024 14:07:00 -0300 + +qemu (1:8.2.0+ds-4ubuntu1) noble; urgency=medium + + * Merge with Debian unstable (LP: #2048802, #2048776). Remaining changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-system-common.qemu-kvm.service: systemd unit to call + qemu-kvm-init + - d/qemu-system-common.install: install helper script + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm + - Distribution specific machine type + (LP 1304107 1621042 1776189 1761372 1761372 1776189) + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types containing release versioned machine attributes + - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type + - Enable nesting by default + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + [ No more strictly needed, but required for backward compatibility ] + - tolerate ipxe size change on migrations to >=18.04 (LP 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - Ease the use of module retention on upgrades (LP 1913421) + - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade + - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664) + + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch: + fix qboot FTBFS with LTO + * Drop changes: + - d/p/u/lp2003673-*.patch: Enable passthrough of IBM Z crypto + hardware to Secure Execution guests. (LP #2003673) + [ Incorporated by upstream on version 8.2.0. ] + * Add changes: + - d/rules: Enable/disable extra features on microvm + variant. (LP: #2045594) + + -- Sergio Durigan Junior Wed, 10 Jan 2024 19:10:46 -0500 + +qemu (1:8.2.0+ds-4) unstable; urgency=medium + + * d/rules: fix "tail -20" usage + * note-missing-module-pkg-name.diff: update, to be much more accurate + No more sporadic warnings about missing audio backends etc + * d/control: clarify qemu-system-gui and qemu-system-modules-* package + descriptions a little bit (#1059457) + * more fixups from the ML targetting stable: + + hw-net-cadence_gem-fix-MDIO_OP_xxx-values.patch + + tcg-ppc-use-new-registers-for-LQ-destination.patch + + target-riscv-fix-mcycle-minstret-increment-behavior.patch + * a bunch of hppa and seabios-hppa fixes targetting -stable for + https://gitlab.com/qemu-project/qemu/-/issues/2044 + + -- Michael Tokarev Thu, 04 Jan 2024 22:47:59 +0300 + +qemu (1:8.2.0+ds-3) unstable; urgency=medium + + * +virtio-net-correctly-copy-vnet-header-when-flushing-TX-CVE-2023-6693.patch + Fix CVE-2023-6693 (virtio-net: stack buffer overflow in virtio_net_flush_tx) + * +target-i386-the-sgx_epc_get_section-stub-is-reachable.patch + * +target-xtensa-fix-OOB-TLB-entry-access.patch + * d/rules: print last 20 lines of config.log & meson.log if ./configure fails + + -- Michael Tokarev Tue, 02 Jan 2024 15:54:35 +0300 + +qemu (1:8.2.0+ds-2) unstable; urgency=medium + + * include-ui-rect.h-fix-qemu_rect_init-mis-assignment.patch + fixes virtio-gpu redraw issue (Closes: #1059211) + * hw-vfio-fix-iteration-over-global-VFIODevice-list.patch + fixes reboot issue with virtio-gpu + * target-i386-do-not-re-compute-new-pc-with-CF_PCREL.patch + fixes 4M edk2 stall in i386 tcg mode + * block-fix-crash-when-loading-snapshot-on-inactive-no.patch + fix possible assertion failure when loading snapshot + + -- Michael Tokarev Tue, 02 Jan 2024 12:10:14 +0300 + +qemu (1:8.2.0+ds-1) unstable; urgency=medium + + * new upstream release 8.2.0 + Closes: #1013952 + * d/rules: re-enable building static-pie binaries (the default) for + qemu-user-static again (formally Closes: #1053101, LP:#1908331) + * d/rules: add --disable-pie for static build on i386 due to #1056739 + * d/control: qemu-system-x86 depends on seabios >>1.16.3-1 due to ahci fix + * d/qemu-user-static.lintian-overrides: +shared-library-lacks-prerequisites + for static-pie executables + * d/rules: omit qemu-user-static package from dh_shlibdeps run + since dpkg-shlibdeps complains about static-pie binaries + * d/rules: fix bugzilla.redhat.com url (migrated to issues.redhat.com) + * d/patches: remove patches applied upstream + * d/patches, d/rules: use --disable-relocatable instead of a patch + * d/patches: refresh disable-xen-on-x32.patch + * d/control: --enable-pixman (which is optional now) + * d/rules: vnc needs pixman too (for xen and microvm builds) + * d/copyright: stop excluding subprojects/dtc (not included anymore) + * d/source/lintian-overrides: +source-is-missing for vdso.so files + + -- Michael Tokarev Wed, 20 Dec 2023 18:21:19 +0300 + +qemu (1:8.1.3+ds-1ubuntu2) noble; urgency=medium + + * d/p/u/define-ubuntu-machine-types.patch: Remove -hpb Noble machine + types, as they are not needed by OpenStack anymore. (LP: #2045592) + + -- Sergio Durigan Junior Mon, 04 Dec 2023 16:44:44 -0500 + +qemu (1:8.1.3+ds-1ubuntu1) noble; urgency=medium + + * Merge with Debian unstable (LP: #2044425, #2039700). Remaining changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-system-common.qemu-kvm.service: systemd unit to call + qemu-kvm-init + - d/qemu-system-common.install: install helper script + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm + - Distribution specific machine type + (LP 1304107 1621042 1776189 1761372 1761372 1776189) + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types containing release versioned machine attributes + - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type + - Enable nesting by default + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + [ No more strictly needed, but required for backward compatibility ] + - tolerate ipxe size change on migrations to >=18.04 (LP 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - Ease the use of module retention on upgrades (LP 1913421) + - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade + - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664) + + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch: + fix qboot FTBFS with LTO + - d/p/u/lp2003673-*.patch: Enable passthrough of IBM Z crypto + hardware to Secure Execution guests. (LP #2003673) + * Drop changes: + - d/rules: Incorporate the following changes from Debian unstable, in + order to fix the FTBFS caused by -fcf-protection: + + d/rules: move icons install rules to install-misc section + + d/rules: stop running whole thing with dh, take back *-indep sequence + + d/rules: implement arch-dependent install/build targets without dh too + [ Fixed in Debian. ] + - d/rules: Get rid of binary-helper target; explicitly invoke its + commands under binary-{arch,indep}. This makes the build succeed + again in Ubuntu, where binary-helper wasn't being properly invoked. + [ Fixed in Debian. ] + - d/p/u/lp2003673-update-linux-headers-6.3rc5.patch, + d/p/u/lp2003673-update-linux-headers-6.5rc1.patch, + d/p/u/lp2003673-s390x-fix-missing-subsystem-reset-registration.patch: + Drop some of the patches to Enable passthrough of IBM Z crypto + hardware to Secure Execution guests. (LP #2003673) + [ Applied upstream. ] + + -- Sergio Durigan Junior Wed, 22 Nov 2023 21:34:19 -0500 + +qemu (1:8.1.3+ds-1) unstable; urgency=medium + + * new upstream stable/bugfix release + * remove patches applied upstream: + - linux-user-Fixes-for-zero_bss.patch + - target-mips-Fix-MSA-BZ-BNZ-opcodes-displacement.patch + - hw-ide-reset-cancel-async-DMA-operation-before-reset.patch + * d/control, d/qemu-system-gui.install: enable pipewire audio support + (Closes: #1055221) + + -- Michael Tokarev Wed, 22 Nov 2023 17:56:06 +0300 + +qemu (1:8.1.2+ds-1) unstable; urgency=medium + + * upstream 8.1.2 stable/bugfix release + * remove all stable-staging/ patches and two more + (all included into 8.1.2) + * d/rules: microvm build: do not explicitly enable avx2 + + -- Michael Tokarev Tue, 17 Oct 2023 09:44:39 +0300 + +qemu (1:8.1.1+ds-2) unstable; urgency=medium + + * d/rules: fix binary target to produce both arch and indep + binaries instead of omitting indep one(s) + * d/patches: sync with current staging-8.1 branch, many new fixes + * additional fixes: + +hw-ide-ahci-fix-legacy-software-reset.patch + +target-mips-Fix-MSA-BZ-BNZ-opcodes-displacement.patch + +hw-ide-reset-cancel-async-DMA-operation-before-reset.patch + + -- Michael Tokarev Sun, 08 Oct 2023 12:28:55 +0300 + +qemu (1:8.1.1+ds-1) unstable; urgency=medium + + * new upstream stable/bugfix release + * remove all stable-staging/ patches, keep + softmmu-Use-async_run_on_cpu-in-tcg_commit.patch + * vfio-display-fix-missing-update-to-set-backing-field.patch + * scsi-disk-disallow-small-block-sizes-CVE-2023-42467.patch + (Closes: #1051899, CVE-2023-42467) + * migration-qmp-Fix-crash-on-setting-tls-authz-with-nu.patch + * d/patches/move-vl-opts/ - stop linking everything with async-teardown.c, + un-FTBFS on ia64 + * d/control: minor: remove old todo comments + * d/control: disable rbd (ceph) on 32bit platforms (Closes: #1053172) + * d/control: enable rbd on riscv64 once it's built there + * d/copyright: also remove subprojects/dtc + + -- Michael Tokarev Sun, 01 Oct 2023 22:11:24 +0300 + +qemu (1:8.1.0+ds-6) unstable; urgency=medium + + * re-enable softmmu-Use-async_run_on_cpu-in-tcg_commit.patch + * add https://www.mail-archive.com/qemu-devel@nongnu.org/msg989073.html + fixing https://gitlab.com/qemu-project/qemu/-/issues/1866 + * d/rules: reorder some definitions to evaluate in proper order + + -- Michael Tokarev Wed, 20 Sep 2023 23:31:59 +0300 + +qemu (1:8.1.0+ds-5) unstable; urgency=medium + + * disable softmmu-Use-async_run_on_cpu-in-tcg_commit.patch + The change in softmmu-Use-async_run_on_cpu-in-tcg_commit.patch + which is a fix for https://gitlab.com/qemu-project/qemu/-/issues/1864 + (x86 VM with TCG and SMP fails to start on 8.1.0) + introduces https://gitlab.com/qemu-project/qemu/-/issues/1866 + * more patches from stable-staging + * re-introduce qemu-debootstrap for now until all users of it will + be converted to regular debootstrap + + -- Michael Tokarev Sun, 17 Sep 2023 19:10:34 +0300 + +qemu (1:8.1.0+ds-4) unstable; urgency=medium + + * d/changelog: fix spelling + * +linux-user-Fixes-for-zero_bss.patch: fix linux-user zero_bss bug + * many small changes for d/rules + * d/rules: split out qemu-user build out out of main qemu build + When both system and linux-user builds are enabled, linux-user + build is getting features only relevant for system (softmmu) + configuration, like linking with liburing, libnuma and other + softmmu-only stuff. So build it separately. + This not only makes qemu-user smaller and neater, but it also + makes Built-Using field for qemu-user-static (which is generated + from Depends field of qemu-user) accurate. + * d/qemu-user[-static].docs: use unprocessed .rst doc instead of html + * d/rules: check for nocheck in DEB_BUILD_PROFILES too, + not only DEB_BUILD_OPTIONS + * d/rules, d/control: disable build-time test due to apparent dak bug + + -- Michael Tokarev Mon, 11 Sep 2023 14:19:32 +0300 + +qemu (1:8.1.0+ds-3) unstable; urgency=medium + + * d/control: split out most of Build-Depends to Build-Depends-Arch, in order + to break B-D loop on qemu-system-data (it is only needed for -Arch) and + to reduce arch-all build time. + Only very few things left in common Build-Depends. + * Removing most things from B-D discovered that skiboot includes openssl + header(s) (!), so add libssl-dev to Build-Depends-Indep. + * d/control,d/rules: introduce build profiles to omit building some packages + (mostly debugging aid, to reduce test build run time). + * d/rules: use ninja directly for various qemu builds + (non-verbose build now shows errors/warnings nicely) + * d/control: Rules-Requires-Root: "binary-targets", not "no", - + this enables building as non-root, finally + * d/rules: add forgotten -p for mkdir b/user-static + * d/not-installed: list 2 files from user/ manual + (which is built even on unsupported architectures) + + -- Michael Tokarev Sun, 10 Sep 2023 01:30:15 +0300 + +qemu (1:8.1.0+ds-2) unstable; urgency=medium + + * d/control: fix descriptions of qemu-system-gui and + qemu-system-modules-spice packages + * update lintian-overrides + * d/rules: enable verbose (-v) build for qboot + * d/rules: move lto control to where it actually works + * d/rules: remove usage of "standard dh sequencer". + It has multiple issues. To name a few: + - it exports CFLAGS &Co which breaks badly when trying to compile + bios/firmware code (fixes FTBFS with new -fcf-protection) + - it performs multiple recursive calls to d/rules which is + slow when make variables are set using $(shell), - annoying + when debugging + - it hides actual actions being done at install/binary stages + - it is confusing in override_dh_foo{,-indep,-arch} + - it does just too much unknown magic, - just give the control + back. + + -- Michael Tokarev Sat, 09 Sep 2023 22:37:02 +0300 + +qemu (1:8.1.0+ds-1) unstable; urgency=medium + + * d/changelog: mention closing of #984451, CVE-2021-20255 by 8.1 + * d/changelog: mention closing of #1041471 by 8.1 + * d/patches: add patches currenly staged for 8.1.1 + * d/gbp.conf: switch from experimental to master + * upload to unstable + + -- Michael Tokarev Sat, 09 Sep 2023 17:03:54 +0300 + +qemu (1:8.1.0+ds-1~exp2) experimental; urgency=medium + + * qemu-system-modules-spice & qemu-system-modules-opengl packages, + containing optional spice and opengl modules from qemu-system-common. + Both are recommended by all qemu-system-* but can be removed if not + used, to reduce list of dependencies. + + -- Michael Tokarev Wed, 23 Aug 2023 12:37:55 +0300 + +qemu (1:8.1.0+ds-1~exp1) experimental; urgency=medium + + * new upstream release + Closes: #1041102, CVE-2023-3019 (NIC DMA reentrancy issue, problem class) + Closes: CVE-2021-3750 (DMA MMIO reentrancy issue, problem class) + Closes: #984451, CVE-2021-20255 (DMA reentrancy issue) + Closes: #1041471 (qemu-user armel commpage mapping bug) + * d/watch: change repack suffix to +ds + * d/patches: remove patches applied upstream + * disable-xen-on-x32.patch: refresh + * d/copyright: stop stripping dtc/ and meson/, removed upstream + * d/rules: replace --with-git-submodules=ignore with --disable-download + * d/control: build-depend on python3-venv + * d/control: bump minimum meson version to 0.63.0 + * d/control: build-depend on seabios & qemu-system-data for the testsuite. + qemu testsuite runs qemu-system binaries which require firmware even for + simple tests + * d/rules: run `make check-block' after the main build, as a minimal test + for now + * qemu-img-omit-errno-value-in-error-message.patch fixes check-block tests + on mips* where errno values are different from other architectures. + * late fix for 8.1 linux-user-Adjust-brk-for-load_bias.patch + + -- Michael Tokarev Wed, 23 Aug 2023 08:01:13 +0300 + +qemu (1:8.0.4+dfsg-3) unstable; urgency=medium + + * d/rules: export PYTHONDONTWRITEBYTECODE=1 to stop generating .pyc files + (Closes: #1046056) + * d/control: list more CPU types emulated by qemu in package descriptions + * d/control: refine qemu-system-gui package description + * d/rules: remove --interp-prefix= configure option + * late fix for 8.1: target-arm-Fix-SME-ST1Q.patch + * late fix for 8.1: target-arm-Fix-64-bit-SSRA.patch + * d/control: remove old versions from build-deps + + -- Michael Tokarev Tue, 22 Aug 2023 20:15:07 +0300 + +qemu (1:8.0.4+dfsg-2) unstable; urgency=medium + + * remove linux-user-show-heap-address-in-proc-pid-maps.patch + * pick 2 nvme fixes from upstream: + - hw-nvme-fix-oob-memory-read-in-fdp-events-log-CVE-2023-4135.patch + Closes: #1050142, CVE-2023-4135 + - hw-nvme-fix-null-pointer-access-in-directive-receive-CVE-2023-40360.patch + Closes: #1050140, CVE-2023-40360 + * d/rules: --enable-virtfs (--enable-attr --enable-cap-ng) for xen build + to enable 9pfs (Closes: #1049925) + * d/rules: run-qemu.mount is linux-specific too + (if we ever do non-linux system build) + * d/control: disable sndio on debian too (disabled on ubuntu), for now anyway + * d/*.install, d/rules: explicitly list all qemu-system modules + * d/control: build-depend on libglib2.0-dev (forgotten!) and zlib1g-dev, + move the two to the top before all optional deps + * d/changelog: fix 7.1+dfsg-1 changelog entry (qemu-user and qemu-system) + + -- Michael Tokarev Mon, 21 Aug 2023 09:57:59 +0300 + +qemu (1:8.0.4+dfsg-1ubuntu5) noble; urgency=medium + + * d/p/u/lp2003673-*.patch: Enable passthrough of IBM Z crypto + hardware to Secure Execution guests. (LP: #2003673) + + -- Sergio Durigan Junior Thu, 16 Nov 2023 10:35:58 -0500 + +qemu (1:8.0.4+dfsg-1ubuntu4) noble; urgency=medium + + * Rebuild against new libnfs14. + + -- Gianfranco Costamagna Fri, 27 Oct 2023 10:46:01 +0200 + +qemu (1:8.0.4+dfsg-1ubuntu3) mantic; urgency=medium + + * d/rules: Get rid of binary-helper target; explicitly invoke its + commands under binary-{arch,indep}. This makes the build succeed + again in Ubuntu, where binary-helper wasn't being properly invoked. + + -- Sergio Durigan Junior Tue, 03 Oct 2023 18:13:20 -0400 + +qemu (1:8.0.4+dfsg-1ubuntu2) mantic; urgency=medium + + * d/rules: Incorporate the following changes from Debian unstable, in + order to fix the FTBFS caused by -fcf-protection: + - d/rules: implement arch-dependent install/build targets without dh too + - d/rules: stop running whole thing with dh, take back *-indep sequence + - d/rules: move icons install rules to install-misc section + + -- Sergio Durigan Junior Wed, 27 Sep 2023 14:53:27 -0400 + +qemu (1:8.0.4+dfsg-1ubuntu1) mantic; urgency=medium + + * Merge with Debian unstable. Remaining changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-system-common.qemu-kvm.service: systemd unit to call + qemu-kvm-init + - d/qemu-system-common.install: install helper script + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm + - Distribution specific machine type + (LP 1304107 1621042 1776189 1761372 1761372 1776189) + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types containing release versioned machine attributes + - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type + - Enable nesting by default + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + [ No more strictly needed, but required for backward compatibility ] + - tolerate ipxe size change on migrations to >=18.04 (LP 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - Ease the use of module retention on upgrades (LP 1913421) + - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade + - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664) + + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch: + fix qboot FTBFS with LTO + + -- Sergio Durigan Junior Mon, 14 Aug 2023 16:28:34 -0400 + +qemu (1:8.0.4+dfsg-1) unstable; urgency=medium + + * new upstream stable/bugfix release + Closes: CVE-2023-3180 (virtual crypto virtio_crypto_handle_sym_req) + Closes: CVE-2023-3354 (VNC server QIOChannel NULL ptr deref) + Closes: CVE-2023-3255 (VNC: infinite loop in inflate_buffer) + * d/patches: remove patches picked up from stable-staging branch + which are applied in 8.0.4 + * d/control: build-depend on libglib2.0-dev (forgotten!) and zlib1g-dev, + move the two to the top before all optional deps + * remove xen-specific wrapper for qemu-system-i386 + (needed for bookworm upgrade only) + + -- Michael Tokarev Fri, 11 Aug 2023 22:13:36 +0300 + +qemu (1:8.0.3+dfsg-5) unstable; urgency=medium + + * remove previous 2 mmap/brk patches for now + linux-user-optimize-memory-layout-for-static-and-dyn.patch + linux-user-load-pie-executables-at-upper-memory.patch + These are intended for 8.1, and causes other issues on 8.0. + Closes: #1042808 + Reopens: #1040981 + + -- Michael Tokarev Wed, 02 Aug 2023 10:55:50 +0300 + +qemu (1:8.0.3+dfsg-4ubuntu1) mantic; urgency=medium + + * Merge with Debian unstable (LP: #2028873, #2028124). Remaining changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-system-common.qemu-kvm.service: systemd unit to call + qemu-kvm-init + - d/qemu-system-common.install: install helper script + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm + - Distribution specific machine type + (LP 1304107 1621042 1776189 1761372 1761372 1776189) + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types containing release versioned machine attributes + - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type + - Enable nesting by default + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + [ No more strictly needed, but required for backward compatibility ] + - tolerate ipxe size change on migrations to >=18.04 (LP 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - Ease the use of module retention on upgrades (LP 1913421) + - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade + - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664) + + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch: + fix qboot FTBFS with LTO + + -- Sergio Durigan Junior Mon, 31 Jul 2023 23:09:27 -0400 + +qemu (1:8.0.3+dfsg-4) unstable; urgency=medium + + * more linux-user address fixes from Helge Deller + Remove + stable-staging/linux-user-fix-qemu-arm-to-run-static-armhf-binaries.patch + linux-user-limit-brk-adjustment-wrt-interp.brk-to-arm32.patch + Add + linux-user-show-heap-address-in-proc-pid-maps.patch + linux-user-optimize-memory-layout-for-static-and-dyn.patch + linux-user-load-pie-executables-at-upper-memory.patch + This *might* fix #1041859. + * stable-staging/tcg-ppc-fix-race-in-goto_tb-implementation.patch + fix qemu sigsegv on ppc -smp. Should fix autopkgtests (debvm, others) + * Stop passing --no-start to qga's dh_installsystemd. + qga is activated from an udev rule, but we need to restart it on upgrade. + Change by Sergio Durigan. Closes: LP#2028124. + + -- Michael Tokarev Wed, 26 Jul 2023 07:51:20 +0300 + +qemu (1:8.0.3+dfsg-3) unstable; urgency=medium + + * d/control: glusterfs: drop pre-buster glusterfs-common alternative, + restrict glusterfs support to 64bit (see #1039604) + * linux-user-limit-brk-adjustment-wrt-interp.brk-to-arm32.patch + Fix (band-aid for now) an unexpected breakage caused by the previous + patch in this area which fixes static executables loading on armhf. + * d/binfmt-install: update mips* magic strings from upstream commit + 77d119dd335f910c7: + mips: allow nonzero EI_ABIVERSION, distinguish o32 and n32 + (Closes: #1041597) + + -- Michael Tokarev Sat, 22 Jul 2023 11:53:38 +0300 + +qemu (1:8.0.3+dfsg-2) unstable; urgency=medium + + * d/patches: set Forwarded: URLs for some patches + * add 5 qemu-user fixes staging for the next stable: + linux-user-make-sure-initial-brk-0-is-page-aligned.patch + linux-user-fix-qemu-brk-to-not-zero-bytes-on-current-page.patch + linux-user-prohibit-brk-to-to-shrink-below-initial-address.patch + linux-user-fix-signed-math-overflow-in-brk-syscall.patch + linux-user-fix-qemu-arm-to-run-static-armhf-binaries.patch + (Closes: #1040981) + + -- Michael Tokarev Thu, 20 Jul 2023 09:59:49 +0300 + +qemu (1:8.0.3+dfsg-1) unstable; urgency=medium + + * new upstream stable/bugfix release 8.0.3 + Including the following security fix(es): + - 9pfs: prevent opening special files (CVE-2023-2861) + * remove patches now included upstream: + - hw-mips-malta-fix-the-malta-machine-on-big-endian-hosts.patch + - qga-fix-suspend-on-linux-guests-without-systemd.patch + - hw_intc_allwinner-a10-pic-handle-IRQ-levels-other-than-0-or-1.patch + - linux-user-Avoid-mmap-of-the-last-byte-of-the-reserv.patch + * d/rules: omit qemu-systemd-data from dh_dwz run + * d/rules: create qemu-system-armhf & qemu-system-armel aliases + for qemu-system-arm (Closes: #1040209) + + -- Michael Tokarev Tue, 11 Jul 2023 15:07:04 +0300 + +qemu (1:8.0.2+dfsg-3) unstable; urgency=medium + + * d/patches/*: update, add DEP-3 headers + * d/rules: strip ../../ prefix from compile paths + to undo sub-subdir build (-ffile-prefix-map) + * linux-user-Avoid-mmap-of-the-last-byte-of-the-reserv.patch: + (hackish) fix for recent memory failures + + -- Michael Tokarev Thu, 29 Jun 2023 18:36:33 +0300 + +qemu (1:8.0.2+dfsg-2ubuntu1) mantic; urgency=medium + + * Merge with Debian unstable (LP: #2018103). Remaining changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-system-common.qemu-kvm.service: systemd unit to call + qemu-kvm-init + - d/qemu-system-common.install: install helper script + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm + - Distribution specific machine type + (LP 1304107 1621042 1776189 1761372 1761372 1776189) + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types containing release versioned machine attributes + - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type + - Enable nesting by default + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + [ No more strictly needed, but required for backward compatibility ] + - tolerate ipxe size change on migrations to >=18.04 (LP 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - Ease the use of module retention on upgrades (LP 1913421) + - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade + - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664) + + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch: + fix qboot FTBFS with LTO + * Drop changes: + - d/control-in: libnfs is in main since focal, enable direct nfs + storage support (LP 1988704) + [ Adopted by Debian. ] + - d/control-in: libsndio is in universe in ubuntu + [ Adopted by Debian. ] + - Fix FTBFS with glibc >= 2.36. (LP #2015418) + + d/p/fix-ftbfs-glibc-*.patch: Revert now-unnecessary + upstream commits that were working around a glibc issue. + [ Incorporated upstream. ] + - d/qemu-system-x86.README.Debian: add info about updated nesting changes + [ Debian linked the qemu-system-x86 documentation with the + qemu-system-common package, rendering this README file not + applicable. ] + - d/p/u/allow-repeating-hot-unplug-requests.patch: Allow repeating + hot-unplug requests by making ACPI PCI able to requeue them. + (LP #2018733) + [ Applied upstream. ] + + -- Sergio Durigan Junior Mon, 19 Jun 2023 15:45:09 -0400 + +qemu (1:8.0.2+dfsg-2) unstable; urgency=medium + + * d/rules: --enable-libusb for xen build (Closes: #1037341) + * reapply linux-user-binfmt-P.diff. + Re-rely on qemu-user's argv0 to detect it is running in binfmt context. + The problem is that while we ship kernel which can pass this info the + qemu way, there are many containers which are running on older kernels + still, including bullseye kernel (5.10) which does not have this feature. + Keep it for a bit more. + * hw_intc_allwinner-a10-pic-handle-IRQ-levels-other-than-0-or-1.patch + Pick a patch from upstream mailinglist to fix regression in 8.0.2 + + -- Michael Tokarev Thu, 15 Jun 2023 22:25:50 +0300 + +qemu (1:8.0.2+dfsg-1) unstable; urgency=medium + + * new upstream stable/bugfix release + Closes: #1029155, CVE-2023-0330: + A DMA-MMIO reentrancy problem in lsi53c895a device + * keep full upstream version number, not just first 2 components + (Closes: #855966) + * d/copyright: remove stray newline + * d/control: drop libuuid-dev build-dep (not used) + * clarify files in d/not-installed just a little bit + * fixup qemu(1) refs in qemu-storage-daemon(1) + * move qemu-storage-daemon and qemu-block-drivers.7 + from qemu-system-common to qemu-utils + * remove patches now included upstream: + - linux-user-fix-getgroups-setgroups-allocations.patch + - rtl8139-fix-large_send_mss-divide-by-zero.patch + - target_i386-Change-wrong-XFRM-value.patch + * qga-fix-suspend-on-linux-guests-without-systemd.patch + (hopefully Closes: #1004943) + * d/rules: disable pvrdma (Closes: #1034179, CVE-2023-1544) + CVE-2023-1544: + huge number of page tables for a ring of descriptors for CQ and + async events, potentially leading to an OOB read and crash + + -- Michael Tokarev Sun, 11 Jun 2023 11:49:17 +0300 + +qemu (1:8.0+dfsg-4) experimental; urgency=medium + + * d/control: do not use --enable-spice on sh4 and --enable-seccomp + on hppa where qemu-system is not being built + * spelling-information.patch: add headers + * merge d/qemu-system-x86.NEWS into d/qemu-system-common.NEWS + * d/rules: migrate docs for individual qemu-system-foo into symlinks + pointing to qemu-system-common docs + * d/rules: move qemu-user-binfmt doclink to the proper place, + and remove installdocs and installchangelogs overrides + * d/qemu-system-common.README.Debian, d/qemu-user*.README.Debian: + update statement about ppc64el in READMEs + * d/rules: switch to more declarative approach to generating various + qemu-system-foo packages, fix some bugs + * d/rules: switch to use "-" in variable names instead of "_" + to avoid exporting variables from environment + * add qemu-system-for-arch package (commented-out for now) + * refresh d/source/lintian-overrides + + -- Michael Tokarev Fri, 21 Apr 2023 19:11:53 +0300 + +qemu (1:8.0+dfsg-3) experimental; urgency=medium + + * Release highlights: + - build only tools on unsupported arches + - much easier arch control in a single place + - much easier dependency/options control + - stop building system targets on ia64 and kfreebsd + * d/control: generate Architecture: field dynamically from d/rules + * demote ia64 and kfreebsd from system arches to tools arches + * include m68k into list of utils arches + * optional dependencies and --enable-feature in d/control: + - update d/extract-config-opts to expect dpkg-like [arch] patterns + - d/control: unify and simplify arch strings for --enable-foo + and dependencies + - d/control: switch some build-deps to [:system-arch:] + * stop using --enable-tcg-interpreter for unsupported arches, + add --enable-tools for main qemu build + * provide --disable-xkbcommon to stop building qemu-keymap tool (!) + * d/rules: for !enable-system build, remove qemu.1 manpage + * install upstream qemu.desktop file instead of debian-specific + * d/*.install: list files relative to d/tmp/, use ${DEB_HOST_MULTIARCH} + * d/qemu-system-common.install: move 3 linux-specific files + from d/rules to here + * d/rules: move qemu-block-extrs maintscript/savedir generation + to instide enable-system + + -- Michael Tokarev Thu, 20 Apr 2023 20:50:35 +0300 + +qemu (1:8.0+dfsg-2) experimental; urgency=medium + + * re-add the dropped-on-the-way Provides: qemu-system-any + * specify versions for all Provides: so it's possible to add versioned deps + (including qemu-system-any and qemu-kvm) + * d/control: collapse Depends: qemu-system-* into tne new qemu-system-any + * drop Breaks:/Replaces: qemu-kvm (it was for old qemu-kvm binary pkg) + + -- Michael Tokarev Thu, 20 Apr 2023 13:09:57 +0300 + +qemu (1:8.0+dfsg-1) experimental; urgency=medium + + * New qemu release 8.0.0. + * remove binfmt-support registration, use systemd binfmd.d/ only + No more binfmt-support support. Unregister any entries on upgrades. + * binfmt: ship (but not enable) entries for all arches, do not omit native + Ship all really-foreign binfmt entries in /usr/lib/binfmt.d/ as usual, + to be enable automatically at package install. Also ship the + same-cpu-family entries in /usr/share/doc/qemu-user-static/qemu-foo.conf - + this way it will not be enabled automatically but it will be possible to + (carefully) symlink the needed additional entries to /etc/binfmt.d/. + (Closes: #924667, #1016810, #1027781) + * qemu-system-*: add extra names to use as qemu-system-${DEB_HOST_ARCH_CPU}, + for both the Provides: line and executable file names. See + /usr/share/doc/qemu-system-common/README.Debian. + * qemu-system-*: also Provides: qemu-system-any + * qemu-system-ppc: provide qemu-kvm on ppc64el too, the same as ppc64 + * qemu-user, qemu-user-static: provide qemu-${DEB_HOST_ARCH}[-static] + aliases too, when qemu arch is different from debian arch. See + /usr/share/doc/qemu-user[-static]/README.Debian. + * d/binfmt-install: fix disabled .conf entries install for qemu-user-binfmt + (those goes to qemu-user doc dir, not qemu-user-binfmt doc dir) + * d/control: remove old (pre-bullseye) Breaks/Replaces + * qemu-bridge-helper-path.patch: use the right path for qemu-bridge-helper + in docs (Closes: #1027447) + * d/qemu-system-common.NEWS: document dropping of virtiofsd + * d/rules: add comment saying why savemoddir block needs to be generated + * stop trying to provide os-specific qemu-ifup + * two more spelling fixes for mistyped "information" + + -- Michael Tokarev Thu, 20 Apr 2023 04:19:06 +0300 + +qemu (1:8.0~rc4+dfsg-2) experimental; urgency=medium + + [ Vagrant Cascadian ] + * debian/rules: Use 'printf' instead of 'echo' to avoid + differences in underlying /bin/sh implementations. + Closes: #1034431 + + [ Michael Tokarev ] + * Provide Debian architecture names for qemu-system-foo packages and + binaries, for arm64, armel, armhf, powerpc, amd64, loong64 and ppc64el. + It is now possible to run qemu-system-$debianarch binary or depend on + qemu-system-$debianarch package. This should simplify various tools + for cross compilation and the like. Also Closes: #825841. + * d/qemu-system-ppc.README.Debian: remove obsolete README about video.x + + -- Michael Tokarev Tue, 18 Apr 2023 05:04:04 +0300 + +qemu (1:8.0~rc4+dfsg-1) experimental; urgency=medium + + * update to 8.0.0-rc4 + * d/rules, d/qemu.desktop: install a simple .desktop file in + qemu-system-data so that qemu-system-foo has an icon under gnome/wayland + * re-enable build on x32 - disable new CONFIG_XEN_EMU which is now enabled + unconditionally on x86 + * d/patches: restore note-missing-module-pkg-name.diff + (lost in one of previous commits) + * pick 3 more fixes from qemu-devel@: + +rtl8139-fix-large_send_mss-divide-by-zero.patch + +target_i386-Change-wrong-XFRM-value.patch + +hw_mips_malta-Fix-malta-machine-on-big-endian-hosts.patch + + -- Michael Tokarev Fri, 14 Apr 2023 12:25:57 +0300 + +qemu (1:8.0~rc3+dfsg-2) experimental; urgency=medium + + * d/rules: fix qemu.svg install and remove .png fallback icons again + (qemu window still doesn't have an icon) + * d/binfmt-install: fix systemd binfmt registration broken + since previous upload + * +linux-user-fix-getgroups-setgroups-allocations.patch (Closes: #811087) + + -- Michael Tokarev Mon, 10 Apr 2023 12:33:01 +0300 + +qemu (1:8.0~rc3+dfsg-1) experimental; urgency=medium + + * new upstream release candidate (8.0.0-rc3) + * d/control: build-depend on gcc-powerpc-linux-gnu (for u-boot code) + * d/rules: build u-boot-sam460 ppc firmware (u-boot-sam460-20100605.bin) + * +u-boot-sam460ex-fdi.patch + * +u-boot-sam460ex-mstring.patch + * d/copyright: stop stripping roms/u-boot/, we need it for u-boot.e500 + * d/rules: build u-boot.e500 binary (Closes: #756833) + * d/rules: install all png icons too (for gtk display) + * d/rules: remove old compat qboot symlink + * remove skip-meson-pc-bios.diff (and skip-unpack-edk2-blobs.patch), + fix pc-bios/meson.build instead + * remove d/get-orig-source.sh now when d/copyright is set up + * d/source/options: stop diff-ignoring submodules + + -- Michael Tokarev Thu, 06 Apr 2023 09:50:41 +0300 + +qemu (1:8.0~rc2+dfsg-1) experimental; urgency=medium + + [ Michael Tokarev ] + * new upstream 8.0 (rc2) + Packaging changes: + * d/rules, d/qemu-system-common.lintian-overrides: + do not try to install virtiofsd, it is removed in qemu 8.0 + * d/rules: do not build sgabios, it is removed upstream in 8.0 + * spelling.diff: remove hunks which has been applied, + adopt virtio.c=>virtio-hmp.c for remaining + * patches: remove all patches from d/patches/master/ (picked from upstream) + * hw-pvrdma-protect-against-guest-driver-CVE-2022-1050.patch: + remove, also applied upstream + * microvm-default-machine-type.patch: adjust for 8.0 + * openbios-address-of-packet-member.patch: remove, not needed anymore + * d/control: build-depend on flex & bison + * d/rules: it is --disable-install-blobs, not --disable-blobs for xen too + * build microblaze firmware (petalogic-*.dtb) instead of using shipped one + * remove microblaze firmware (petalogic-*.dtb) for -dfsg + * remove previously deprecated qemu-debootstrap + * stop using custom $argv[0] for binfmt + * d/rules: always disable dwz if <<0.14 + * stop enabling avx512f for xen build (it is disabled by default) + * d/rules: install .bmp icon, not .png + + + [ Christian Ehrhardt ] + * d/control-in: libsndio is in universe in ubuntu + * d/control-in: libnfs is in main since focal, + enable direct nfs storage support (LP: #1988704) + + -- Michael Tokarev Fri, 31 Mar 2023 15:44:21 +0300 + +qemu (1:7.2+dfsg-5ubuntu3) mantic; urgency=medium + + * d/p/u/allow-repeating-hot-unplug-requests.patch: Allow repeating + hot-unplug requests by making ACPI PCI able to requeue them. + (LP: #2018733) + + -- Sergio Durigan Junior Thu, 18 May 2023 15:13:14 -0400 + +qemu (1:7.2+dfsg-5ubuntu2) lunar; urgency=medium + + * Fix FTBFS with glibc >= 2.36. (LP: #2015418) + - d/p/fix-ftbfs-glibc-*.patch: Revert now-unnecessary + upstream commits that were working around a glibc issue. + + -- Sergio Durigan Junior Wed, 05 Apr 2023 20:10:13 -0400 + +qemu (1:7.2+dfsg-5ubuntu1) lunar; urgency=medium + + * Re-merge with Debian unstable to pick up stabilization fixes + remaining changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-system-common.qemu-kvm.service: systemd unit to call + qemu-kvm-init + - d/qemu-system-common.install: install helper script + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm + - Distribution specific machine type + (LP: 1304107 1621042 1776189 1761372 1761372 1776189) + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types containing release versioned machine attributes + - d/qemu-system-x86.NEWS Info on fixed machine type defintions + for host-phys-bits=true + - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type + - Enable nesting by default + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + [ No more strictly needed, but required for backward compatibility ] + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - d/qemu-system-x86.README.Debian: add info about updated nesting changes + - Ease the use of module retention on upgrades (LP 1913421) + - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade + - d/control-in: switch qemu-system-x86-xen to qemu-system-xen as this + landed in Debian but under a different name. + - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664) + + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch: + fix qboot FTBFS with LTO + - d/control-in: libnfs is in main since focal, enable direct nfs + storage support (LP 1988704) + - d/control-in: libsndio is in universe in ubuntu + + -- Christian Ehrhardt Tue, 07 Mar 2023 08:50:45 +0100 + +qemu (1:7.2+dfsg-5) unstable; urgency=medium + + * d/qemu-guest-agent.udev: fix missing comma + (Christian Schneider , Closes: #1031838) + * remove qemu-make-debian-root. + Ths script debian/qemu-make-debian-root has been broken for ages. + In 2023, it creates /etc/fstab with a reference to /dev/hda1, and + edits /etc/inittab which does not exist. And no one noticed, - so + it's safe to assume it is not used anymore. Just remove it. + * re-pick qemu-stable patches from master (the same patch contents): + master/tests-tcg-i386-Introduce-and-use-reg_t-consistently.patch + master/target-i386-Fix-BEXTR-instruction.patch + master/target-i386-Fix-C-flag-for-BLSI-BLSMSK-BLSR.patch + master/target-i386-fix-ADOX-followed-by-ADCX.patch + * 20 more changes picked from upstream/master: + master/target-i386-Fix-BZHI-instruction.patch + master/block-iscsi-fix-double-free-on-BUSY-or-similar-status.patch + master/hw-smbios-fix-field-corruption-in-type-4-table.patch + master/Revert-x86-do-not-re-randomize-RNG-seed-on-snapshot-.patch + master/Revert-x86-re-initialize-RNG-seed-when-selecting-ker.patch + master/Revert-x86-reinitialize-RNG-seed-on-system-reboot.patch + master/Revert-x86-use-typedef-for-SetupData-struct.patch + master/Revert-x86-return-modified-setup_data-only-if-read-a.patch + master/Revert-hw-i386-pass-RNG-seed-via-setup_data-entry.patch + master/vhost-user-gpio-Configure-vhost_dev-when-connecting.patch + master/vhost-user-i2c-Back-up-vqs-before-cleaning-up-vhost_.patch + master/vhost-user-rng-Back-up-vqs-before-cleaning-up-vhost_.patch + master/virtio-rng-pci-fix-migration-compat-for-vectors.patch + master/virtio-rng-pci-fix-transitional-migration-compat-for.patch + master/hw-timer-hpet-Fix-expiration-time-overflow.patch + master/vdpa-stop-all-svq-on-device-deletion.patch + master/vhost-avoid-a-potential-use-of-an-uninitialized-vari.patch + master/libvhost-user-check-for-NULL-when-allocating-a-virtq.patch + master/chardev-char-socket-set-s-listener-NULL-in-char_sock.patch + master/intel-iommu-fail-MAP-notifier-without-caching-mode.patch + master/intel-iommu-fail-DEVIOTLB_UNMAP-without-dt-mode.patch + + -- Michael Tokarev Sun, 05 Mar 2023 20:09:04 +0300 + +qemu (1:7.2+dfsg-4ubuntu1) lunar; urgency=medium + + * Merge with Debian unstable (LP: #1993438), among many other fixes + this resolvs these bugs: + (LP: #1957924) - support for querying stats, + (LP: #1853307) - Enhanced Interpretation for PCI Functions (s390x) + (LP: #1959966) - guest dump encryption with customer keys (s390x) + (LP: #1999885) - pv: don't allow userspace to set the clock under PV + (LP: #1957924) - add filtering of statistics by target vCPU + remaining changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-system-common.qemu-kvm.service: systemd unit to call + qemu-kvm-init + - d/qemu-system-common.install: install helper script + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm + - Distribution specific machine type + (LP: 1304107 1621042 1776189 1761372 1761372 1776189) + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types containing release versioned machine attributes + - d/qemu-system-x86.NEWS Info on fixed machine type defintions + for host-phys-bits=true + - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type + - Enable nesting by default + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + [ No more strictly needed, but required for backward compatibility ] + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - d/qemu-system-x86.README.Debian: add info about updated nesting changes + - Ease the use of module retention on upgrades (LP 1913421) + - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade + - d/control-in: switch qemu-system-x86-xen to qemu-system-xen as this + landed in Debian but under a different name. + - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664) + + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch: + fix qboot FTBFS with LTO + * Dropped Changes [now part of upstream v7.2.0] + - d/p/u/lp1994002-migration-Read-state-once.patch: Fix for libvirt + error 'migration was active, but no RAM info was set' (LP 1994002) + - d/p/u/ebpf-replace-deprecated-bpf_program__set_socket_filt.patch: + Fix FTBFS with libbpf 1.0.1-2. + + Header updates that were added as part of the libbpf fixes + but not mentioned in changelog + - d/p/u/lp-1981339-*: fix s390x system emulation (LP 1981339) + - Fix I/O stalls when using NVMe storage (LP 1970737). + + d/p/lp1970737-linux-aio-*.patch: Fix unbalanced plugged counter + in laio_io_unplug. + - SECURITY UPDATE: heap overflow in floppy disk emulator + + debian/patches/CVE-2021-3507.patch: prevent end-of-track overrun in + hw/block/fdc.c. + - SECURITY UPDATE: use-after-free vulnerability + + debian/patches/CVE-2022-0216-*.patch: fix use-after-free in + lsi_do_msgout + - SECURITY UPDATE: heap overflow vulnerability + + debian/patches/CVE-2022-2962.patch: tulip: Restrict DMA engine to + memories + - SECURITY UPDATE: integer underflow vulnerability + + debian/patches/CVE-2022-3165.patch: fix integer underflow in + vnc_client_cut_text_ext + * Dropped Changes in regard to GCC-12 FTBFS (LP 1988710) + [not all are needed in lunar] + - d/p/u/lp1988710-silence-openbios-array-bounds-false-positive.patch. + Silence -Warray-bounds false positive [no more needed] + - d/rules: set -O1 for alpha firmware build + - d/p/u/lp1988710-opensbi-Makefile-fix-build-with-binutils-2.38.patch: + further FTBFS fixup + * Dropped Changes [in Debian 1:7.2+dfsg-3] + - d/rules: disable LTO on non-amd64 builds (LP 1921664) + * Added Changes + - d/control-in: libnfs is in main since focal, enable direct nfs + storage support (LP: #1988704) + - d/control-in: libsndio is in universe in ubuntu + + -- Christian Ehrhardt Wed, 04 Jan 2023 13:18:43 +0100 + +qemu (1:7.2+dfsg-4) unstable; urgency=medium + + * block-fix-detect-zeroes-with-BDRV_REQ_REGISTERED_BUF.patch: + re-pick now from master (the same patch, moved to master/). + * revert x86-don-t-let-decompressed-kernel-image-clobber-setu.patch + Closes: ##1031682 . + This turned out to be wrong move, breaking more stuff than fixing. + Upstream is going to revert it too. + + -- Michael Tokarev Mon, 20 Feb 2023 21:00:18 +0300 + +qemu (1:7.2+dfsg-3) unstable; urgency=medium + + [ Paride Legovini ] + * Disable LTO on non-amd64 builds (LP: #1921664) + + [ Michael Tokarev ] + * target-arm-Fix-physical-address-resolution-for-Stage2.patch: + re-fetch now from master branch + * 4 more patches picked from master: + x86-don-t-let-decompressed-kernel-image-clobber-setu.patch + migration-ram-Fix-error-handling-in-ram_write_tracki.patch + migration-ram-Fix-populate_read_range.patch + qcow2-Fix-theoretical-corruption-in-store_bitmap-err.patch + * 5 fixes picked from current pullreqs: + block-fix-detect-zeroes-with-BDRV_REQ_REGISTERED_BUF.patch + tests_tcg_i386-introduce-and-use-reg_t-consistently.patch + target_i386-fix-BEXTR-instruction.patch + target_i386-fix-C-flag-for-BLSI-BLSMSK-BLSR.patch + target_i386-fix-ADOX-followed-by-ADCX.patch + * disable dwz on certain architectures for older dwz + (FTBFS on bullseye, #968670) + + -- Michael Tokarev Fri, 10 Feb 2023 14:29:12 +0300 + +qemu (1:7.2+dfsg-2) unstable; urgency=medium + + * d/rules: add -ffile-prefix-map when building skiboot + * d/control: provide qemu-kvm in qemu-system-misc on s390x + (Closes: #1029309) + * d/control: drop dependency of qemu-guest-agent on lsb-base + * Picked patches from qemu master branch tagged for qemu-stable + up to commit deabea6e88 (2023-02-02): + target-sh4-Mask-restore-of-env-flags-from-tb-flags.patch + vhost-fix-vq-dirty-bitmap-syncing-when-vIOMMU-is-ena.patch + virtio-mem-Fix-the-bitmap-index-of-the-section-offse.patch + virtio-mem-Fix-the-iterator-variable-in-a-vmem-rdl_l.patch + target-arm-fix-handling-of-HLT-semihosting-in-system.patch + meson-accept-relative-symlinks-in-meson-introspect-i.patch + target-riscv-Set-pc_succ_insn-for-rvc-illegal-insn.patch + acpi-cpuhp-fix-guest-visible-maximum-access-size-to-.patch + hw-nvme-fix-missing-endian-conversions-for-doorbell-.patch + hw-nvme-fix-missing-cq-eventidx-update.patch + configure-fix-GLIB_VERSION-for-cross-compilation.patch + target-arm-Fix-sve_probe_page.patch + target-arm-allow-writes-to-SCR_EL3.HXEn-bit-when-FEA.patch + target-arm-Fix-in_debug-path-in-S1_ptw_translate.patch + * Also: target-arm-Fix-physical-address-resolution-for-Stage.patch + + -- Michael Tokarev Thu, 02 Feb 2023 21:17:10 +0300 + +qemu (1:7.2+dfsg-1) unstable; urgency=medium + + * new upstream release + Closes: #1025123 CVE-2022-4172 + (erst: undefined behavior in memcpy in write_erst_record) + Closes: #1021981 qemu-user: faccessat2 is not implemented + Closes: #1021019 CVE-2022-3165 (VNC: integer underflow in + vnc_client_cut_text_ext leads to CPU exhaustion) + * remove patches applied upstream + * refresh note-missing-module-pkg-name.diff + * slirp is always external package now, not a submodule anymore + * d/control: require meson >> 0.61.5~ for build + * spelling.diff: update with more spelling error + * add some lintian-overrides + * fix minor spelling errors in patches + * d/control: Bump Standards-Version to 4.6.1 + * debian shell programs use "which" instead of the "command -v", + fix that (Closes: #1018254) + * Better fix for #1019011 (gcc ICE building palcode-clipper), use -O1 + instead of -O2 for the failing compile when it actually fails + (no need to depend on gcc-11, Closes: #1011003) + + -- Michael Tokarev Thu, 15 Dec 2022 17:17:28 +0300 + +qemu (1:7.1+dfsg-2) unstable; urgency=medium + + * tulip-restrict-DMA-engine-to-memories-CVE-2022-2962.patch + fix possible stack or heap overflow (tulip: DMA reentrancy issue) + Closes: #1018055, CVE-2022-2962 + * hw-pvrdma-protect-against-guest-driver-CVE-2022-1050.patch + fix possible use-after-free in paravirtual RDMA device. + Closes: #1014589, CVE-2022-1050 + * mention closing of #979677 (CVE-2020-14394) by 7.1 + * d/rules: parametrify extra-cflags & extra-ldflags + * d/rules: explicitly disable pie on arm64 due to + https://sourceware.org/bugzilla/show_bug.cgi?id=29514 + Fixes FTBFS. + + -- Michael Tokarev Tue, 13 Sep 2022 20:08:43 +0300 + +qemu (1:7.1+dfsg-1) unstable; urgency=medium + + * new upstream release (7.1) + Closes: #1014958, CVE-2022-35414 + Closes: #1014590, CVE-2022-0216 + Closes: #979677, CVE-2020-14394 + Closes: #987410, CVE-2021-3507 + Closes: #988333, #1018913 + * d/copyright: + - remove mentions of slirp (packaged separately) + - blindly convert to dep-5 (it needs a complete rewrite) + - add Files-Excluded from d/get-orig-source.sh + * d/gbp.conf: remove filter= (and whole [import-orig]) + * d/watch: verify upstream tarballs + * d/rules: stop faking skiboot version, it is now properly included in + roms/skiboot/.version file. Add a dependency on this file too + * d/patches: + - remove use-fixed-data-path.patch: not needed anymore + - linux-user-binfmt-P.diff: refresh + - remove patches applied upstream + * d/control: + - it is --enable-capstone now, not --enable-capstone=system + - it is --enable-png now, not --enable-vnc-png + * d/rules: fix --enable-vhost-* options + * d/rules: remove vnc-png for xen too + * openbios-array-bounds-gcc12.patch + * opensbi-fix-build-with-binutils-2.38.patch + * d/rules: adopt vof build changes + * d/qemu-system-data.docs: omit ccid.txt (removed) + * temporary workaround for gcc-12 bug #1019011: use gcc-11-alpha-linux-gnu + instead of gcc-alpha-linux-gnu (another option is to use -Os) + * d/control: temporarily build-depend on libva-dev till #1019485 is fixed + * add loongarch64 qemu-user and qemu-system arch + + -- Michael Tokarev Mon, 12 Sep 2022 11:50:53 +0300 + +qemu (1:7.0+dfsg-7ubuntu4) lunar; urgency=medium + + * SECURITY UPDATE: use-after-free vulnerability + - debian/patches/CVE-2022-0216-*.patch: fix use-after-free in + lsi_do_msgout + - CVE-2022-0216 + * SECURITY UPDATE: heap overflow vulnerability + - debian/patches/CVE-2022-2962.patch: tulip: Restrict DMA engine to + memories + - CVE-2022-2962 + * SECURITY UPDATE: integer underflow vulnerability + - debian/patches/CVE-2022-3165.patch: fix integer underflow in + vnc_client_cut_text_ext + - CVE-2022-3165 + + -- Nishit Majithia Fri, 09 Dec 2022 10:25:52 +0530 + +qemu (1:7.0+dfsg-7ubuntu3) lunar; urgency=medium + + [ Brett Milford ] + * d/p/u/lp1994002-migration-Read-state-once.patch: Fix for libvirt + error 'migration was active, but no RAM info was set' (LP: #1994002) + + [ Mauricio Faria de Oliveira ] + * d/p/u/ebpf-replace-deprecated-bpf_program__set_socket_filt.patch: + Fix FTBFS with libbpf 1.0.1-2. + + -- Mauricio Faria de Oliveira Wed, 30 Nov 2022 12:17:51 -0300 + +qemu (1:7.0+dfsg-7ubuntu2) kinetic; urgency=medium + + [ Paride Legovini ] + * d/rules: disable LTO on non-amd64 builds (LP: #1921664) + * GCC-12 FTBFS (LP: #1988710) + - d/p/u/lp1988710-silence-openbios-array-bounds-false-positive.patch. + Silence -Warray-bounds false positive (treated as error) + + [ Christian Ehrhardt ] + * More on GCC-12 FTBFS (LP 1988710) + - d/rules: set -O1 for alpha firmware build + - d/p/u/lp1988710-opensbi-Makefile-fix-build-with-binutils-2.38.patch: + further FTBFS fixup + + -- Christian Ehrhardt Mon, 19 Sep 2022 08:07:24 +0200 + +qemu (1:7.0+dfsg-7ubuntu1) kinetic; urgency=medium + + * Merge with Debian unstable (LP: #1971315)(LP: #1980896), remaining changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-system-common.qemu-kvm.service: systemd unit to call + qemu-kvm-init + - d/qemu-system-common.install: install helper script + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm + - Distribution specific machine type + (LP: 1304107 1621042 1776189 1761372 1761372 1776189) + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types containing release versioned machine attributes + - d/qemu-system-x86.NEWS Info on fixed machine type defintions + for host-phys-bits=true + - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type + - Enable nesting by default + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + [ No more strictly needed, but required for backward compatibility ] + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - d/qemu-system-x86.README.Debian: add info about updated nesting changes + - Ease the use of module retention on upgrades (LP 1913421) + - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade + - Fix I/O stalls when using NVMe storage (LP 1970737). + - d/p/lp1970737-linux-aio-*.patch: Fix unbalanced plugged counter + in laio_io_unplug. + - SECURITY UPDATE: heap overflow in floppy disk emulator + - debian/patches/CVE-2021-3507.patch: prevent end-of-track overrun in + hw/block/fdc.c. + - CVE-2021-3507 + * Dropped Changes [now part of 1:7.0+dfsg-7]: + - d/rules: xen libexec dir is no more versioned + - d/rules: ensure xen is built on x86 + - d/kvm-spice: fix when acceleration is already defined on the commandline + - debian/control[-in]: no more disable glusterfs in Ubuntu (LP 1246924) + * Dropped Changes [now part of upstream v7.0.0] + - d/p/u/lp-1959984-s390x-ipl-support-extended-kernel-command-line-size.patch + Allow long kernel command lines for QEMU (LP 1959984) + - d/p/u/fix-virtiofsd-for-glibc2.35.patch: add rseq to seccomp allow list + - d/p/u/tcg-Remove-dh_alias-indirection-for-dh_typecode.patch: fix 32bit + tcg on s390x. + - Fix diff handling on ceph that can cause data corruption (LP 1968258) + - d/p/u/lp-1968258-block-rbd-fix-handling-of-holes-in-.bdrv_co.patch + - d/p/u/lp-1968258-block-rbd-workaround-for-ceph-issue-53784.patch + - d/p/u/lp-1970563-ui-vnc.c-Fixed-a-deadlock-bug.patch: avoid deadlock + in vnc connections (LP 1970563) + - All CVE fixes of 1:6.2+dfsg-2ubuntu8 except CVE-2021-3507 + * Dropped Changes + - d/p/lp-1952448-relax-skiboot-gcc-deprecation-errors.patch: + add patch to workaround FTBFS when building against OpenSSL 3.0. + [ now working with OpenSSL 3.0 ] + - d/optionrom.mak, d/p/u/avoid-fcf-clashing-with-i486.patch: fix + -fcf-protection being unavailble on -march=i486 (LP 1940029) + [ fixed in compiler toolchain ] + - Make qemu-system-x86-microvm a transitional package as the binary is now + in qemu-system-x86 itself. + [ no more needed] + * Added Changes + - d/control-in: switch qemu-system-x86-xen to qemu-system-xen as this + landed in Debian but under a different name. + - d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch: fix qboot FTBFS + with LTO + - d/p/u/lp-1981339-*: fix s390x system emulation (LP: #1981339) + + -- Christian Ehrhardt Tue, 05 Jul 2022 12:07:19 +0200 + +qemu (1:7.0+dfsg-7) unstable; urgency=medium + + * d/tests/test-qemu-user: rework ls/glob test a bit + * d/tests/test-qemu-user: fix ppc64le qemu architecture name + * d/binfmt-install: use proper name for binfmt.d (*.conf) + Hopefully closes: #1011003 + * two virtio-scsi bugfixes from upstream: + virtio-scsi-fix-ctrl-and-event-handler-functions-in-dataplane.patch + virtio-scsi-don-t-waste-CPU-polling-the-event-virtqueue.patch + * 3 patches from upstream to fix possible coroutine crashes: + coroutine-use-QEMU_DEFINE_STATIC_CO_TLS.patch + coroutine-rename-qemu_coroutine_inc-dec_pool_size.patch + coroutine-revert-to-constant-batch-size.patch + * target-i386-do-not-consult-nonexistent-host-leaves.patch + * d/control: stop suggesting sudo for qemu-user-static + * Revert "d/rules: do not try to enable tcg-interpreter on unsupported + targets, it does not help anymore" - it does help but it needs a bit + more work + * disable xen support for qemu-system-x86 build and create a wrapper + for -i386 to redirect xen-related usage to xen-specific binary + with a warning (for bookworm only) + * common-user-no-user.patch: fix one of FTBFS on unsupported architectures + * d/rules: use regular variable assignment for BUILD_PACKAGES + * two trivial patches to fix spelling in roms: + openbios-spelling-endianess.patch + slof-spelling-seperator.patch + + -- Michael Tokarev Sun, 15 May 2022 15:49:12 +0300 + +qemu (1:7.0+dfsg-6) unstable; urgency=medium + + * d/rules: the forgotten --enable-xen-pci-passthrough for the xen build + * d/tests/test-qemu-user: rewrite to be more robust and complete and + include test for qemu-user-static too. + + -- Michael Tokarev Mon, 09 May 2022 01:37:56 +0300 + +qemu (1:7.0+dfsg-5) unstable; urgency=medium + + * d/tests/test-qemu-user.sh: more arch-specific debugging/updates + + -- Michael Tokarev Sat, 07 May 2022 12:22:26 +0300 + +qemu (1:7.0+dfsg-4) unstable; urgency=medium + + * d/tests/: fix failing tests. + - test-qemu-user: depend on gcc for dpkg-architecture to work, + and print debugging info for future switch to uname -m + - test-qemu-img: switch from using file to qemu-img info + + -- Michael Tokarev Sat, 07 May 2022 11:33:23 +0300 + +qemu (1:7.0+dfsg-3) unstable; urgency=medium + + [ Michael Tokarev ] + * d/binfmt-install: also generate binfmt.d/ entries for systemd + * d/control: use systemd as preferred alternative to binfmt-support + hopefully Closes: #789011 (Minimal dependencies to register binfmt) + Closes: #985889 (make binfmt setup configurable) + * d/control: remove Riku Voipio from Uploaders. Thank you Riku! + * d/rules: simplify DEB_BUILD_OPTIONS=parallel=N parsing + + [ Guido Günther ] + * Add minimal autopkgtest (Closes: #832982) + + -- Michael Tokarev Sat, 07 May 2022 00:03:24 +0300 + +qemu (1:7.0+dfsg-2) unstable; urgency=medium + + * d/control: add Rules-Requires-Root: no + * d/control: switch to debhelper-compat=13 + * d/control: drop "qemu" empty/dummy pseudopackage + * d/control: do not build linux-user* on ia64 and powerpc + (not supported by upstream anymore) + * d/control: add Breaks for qemu-system-data for other packages from which + it borrowed files in the past (Closes: #1008095) + * d/rules: switch to the dh sequence (but keep build-{arch,indep}), + rearrange some rules. + This brings us dh_dwz (very slow) and dh_strip_nondeterminism. + * d/rules: do not explicitly turn off slirp & capstone (now properly + controlled by --with[out]-default-features option) + * d/rules: do not try to enable tcg-interpreter on the unsupported + targets, it does not help to build tools anymore + * d/rules: do not chown -w d/control, it breaks dpkg-source + * d/rules: clean up the clean target + * d/not-installed: list many documentation files and qemu-plugin.h + * configure-make-fortify_source-yes-by-default.patch: enable + fortify-source for minimal builds too + * d/changelog: mention #990562 (CVE-2021-3611) closed by 7.0 + + -- Michael Tokarev Sat, 30 Apr 2022 13:38:12 +0300 + +qemu (1:7.0+dfsg-1) unstable; urgency=medium + + * update to 7.0 release + + -- Michael Tokarev Thu, 21 Apr 2022 14:19:51 +0300 + +qemu (1:7.0~rc4+dfsg-1) experimental; urgency=medium + + * New upstream 7.0 (rc) + Closes: #990562, CVE-2021-3611 + * remove patches applied upstream + * remove new binary file, pc-bios/edk2-x86_64-microvm.fd.bz2 + * d/control: remove libxfs-dev build dependency, + the ioctl is implemented inline + * d/control: stop build-depend-indep on libc6.1-dev-alpha-cross, + not needed anymore + * d/rules: update skiboot version check (skiboot hasn't canged since 6.1) + * build & install vbootrom (npcm7xx_bootrom.bin), and + build-depend-indep on gcc-arm-none-eabi + * create a new binary package, qemu-system-xen, which provides + /usr/libexec/xen-qemu-system-i386 binary for use by xen only. + Once xen switches to use this binary instead of usual qemu-system-i386, + xen support will be removed from the regular qemu-system-x86 build + * use a fast inline version of /usr/share/dpkg/architecture.mk + + -- Michael Tokarev Sun, 17 Apr 2022 15:08:40 +0300 + +qemu (1:6.2+dfsg-3) unstable; urgency=medium + + [ Christian Ehrhardt ] + * d/rules: ensure xen is built on x86 + * d/rules: xen libexec dir is no more versioned + * d/kvm-spice: fix when acceleration is already defined on the commandline + + [ Michael Tokarev ] + * d/control, d/rules: do not compile xen support on i386, + since it is amd64-only now (since 4.16) + * d/control: add libbpf-dev & --enable-bpf for eBPF support + (Closes: #994573) + + -- Michael Tokarev Fri, 25 Feb 2022 12:01:46 +0300 + +qemu (1:6.2+dfsg-2ubuntu8) kinetic; urgency=medium + + [ Marc Deslauriers ] + * SECURITY UPDATE: heap overflow in floppy disk emulator + - debian/patches/CVE-2021-3507.patch: prevent end-of-track overrun in + hw/block/fdc.c. + - CVE-2021-3507 + * SECURITY UPDATE: use-after-free in nvme + - debian/patches/CVE-2021-3929.patch: deny DMA to the iomem of the + device itself in hw/nvme/ctrl.c. + - CVE-2021-3929 + * SECURITY UPDATE: integer overflow in QXL display device emulation + - debian/patches/CVE-2021-4206.patch: check width and height in + hw/display/qxl-render.c, hw/display/vmware_vga.c, ui/cursor.c. + - CVE-2021-4206 + * SECURITY UPDATE: heap overflow in QXL display device emulation + - debian/patches/CVE-2021-4207.patch: fix race condition in qxl_cursor + in hw/display/qxl-render.c. + - CVE-2021-4207 + * SECURITY UPDATE: potential privilege escalation in virtiofsd + - debian/patches/CVE-2022-0358.patch: Drop membership of all + supplementary groups in tools/virtiofsd/passthrough_ll.c. + - CVE-2022-0358 + * SECURITY UPDATE: memory leakage in virtio-net device + - debian/patches/CVE-2022-26353.patch: fix map leaking on error during + receive in hw/net/virtio-net.c. + - CVE-2022-26353 + * SECURITY UPDATE: memory leakage in vhost-vsock device + - debian/patches/CVE-2022-26354.patch: detach the virqueue element in + case of error in hw/virtio/vhost-vsock-common.c. + - CVE-2022-26354 + + [ Sergio Durigan Junior ] + * Fix I/O stalls when using NVMe storage (LP: #1970737). + - d/p/lp1970737-linux-aio-*.patch: Fix unbalanced plugged counter + in laio_io_unplug. + + -- Sergio Durigan Junior Wed, 22 Jun 2022 15:38:37 -0400 + +qemu (1:6.2+dfsg-2ubuntu7) kinetic; urgency=medium + + * d/p/u/lp-1970563-ui-vnc.c-Fixed-a-deadlock-bug.patch: avoid deadlock + in vnc connections (LP: #1970563) + + -- Christian Ehrhardt Thu, 19 May 2022 08:25:20 +0200 + +qemu (1:6.2+dfsg-2ubuntu6) jammy; urgency=medium + + * debian/control[-in]: no more disable glusterfs in Ubuntu (LP: #1246924) + * Fix diff handling on ceph that can cause data corruption (LP: #1968258) + - d/p/u/lp-1968258-block-rbd-fix-handling-of-holes-in-.bdrv_co.patch + - d/p/u/lp-1968258-block-rbd-workaround-for-ceph-issue-53784.patch + + -- Christian Ehrhardt Fri, 08 Apr 2022 09:36:34 +0200 + +qemu (1:6.2+dfsg-2ubuntu5) jammy; urgency=medium + + * d/p/u/tcg-Remove-dh_alias-indirection-for-dh_typecode.patch: fix 32bit + tcg on s390x. + + -- Christian Ehrhardt Thu, 17 Feb 2022 09:54:36 +0100 + +qemu (1:6.2+dfsg-2ubuntu4) jammy; urgency=medium + + * No-change rebuild to update maintainer scripts, see LP: 1959054 + + -- Dave Jones Wed, 16 Feb 2022 17:28:14 +0000 + +qemu (1:6.2+dfsg-2ubuntu3) jammy; urgency=medium + + * Merge with Debian unstable, remaining changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-system-common.qemu-kvm.service: systemd unit to call + qemu-kvm-init + - d/qemu-system-common.install: install helper script + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm + - Distribution specific machine type + (LP: 1304107 1621042 1776189 1761372 1761372 1776189) + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types containing release versioned machine attributes + - d/qemu-system-x86.NEWS Info on fixed machine type defintions + for host-phys-bits=true + - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type + - Enable nesting by default + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + [ No more strictly needed, but required for backward compatibility ] + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - d/qemu-system-x86.README.Debian: add info about updated nesting changes + - d/p/lp-1952448-relax-skiboot-gcc-deprecation-errors.patch: + add patch to workaround FTBFS when building against OpenSSL 3.0. + - d/optionrom.mak, d/p/u/avoid-fcf-clashing-with-i486.patch: fix + -fcf-protection being unavailble on -march=i486 (LP 1940029) + - Ease the use of module retention on upgrades (LP 1913421) + - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade + - Make qemu-system-x86-microvm a transitional package as the binary is now + in qemu-system-x86 itself. + * Dropped Changes [now part of 1:6.1+dfsg-8]: + - updated debian/patches/linux-user-binfmt-P.diff to work with in-kernel code + (#993658) (LP 1947860) + - improved dependencies + - Make qemu-system-common depend on qemu-block-extra + - Make qemu-utils depend on qemu-block-extra + - d/control*, d/rules: disable xen by default, but provide universe + package qemu-system-x86-xen as alternative + [includes compat links changes of 5.0-5ubuntu4] + - d/p/ubuntu/lp-1929926-*: avoid segfaults by uretprobes (LP 1929926) + * Dropped Changes [now part of upstream] + - d/p/u/lp-1932175-s390x-cpumodel-add-3931-and-3932.patch: add new 3931 + and 3932 machines (LP 1932175) + - d/p/u/lp-1940288-audio-Never-send-migration-section.patch: fix + migration with audio devices present (LP 1940288) + * Added changes: + - update patches for qemu v6.2.0 + - d/p/u/enable-svm-by-default.patch + - d/p/u/define-ubuntu-machine-types.patch + - d/p/u/lp-1952448-relax-skiboot-gcc-deprecation-errors.patch + - d/rules: xen libexec dir is no more versioned + - d/rules: ensure xen is built on x86 + - d/p/u/lp-1959984-s390x-ipl-support-extended-kernel-command-line-size.patch + Allow long kernel command lines for QEMU (LP: #1959984) + - d/kvm-spice: fix when acceleration is already defined on the commandline + - d/p/u/fix-virtiofsd-for-glibc2.35.patch: add rseq to seccomp allow list + + -- Christian Ehrhardt Wed, 05 Jan 2022 12:18:25 +0100 + +qemu (1:6.2+dfsg-2) unstable; urgency=medium + + * bump meson build-dep to 0.59.3 + * build & include multiboot_dma.bin (Closes: #1003930) + * libxml2 is not needed for parallels. + Enable parallels block image format (Closes: #1003162) + * acpi-validate-hotplug-selector-on-access-CVE-2021-4158.patch + Closes: CVE-2021-4158 + * acpi-fix-QEMU-crash-when-started-with-SLIC-table.patch + (Closes: #1004017) + * acpi-fix-OEM_ID-padding.patch + * debian/get-orig-source.sh: repack dfsg archive differently + * mention closing of a few CVEs by 6.2.0 + + -- Michael Tokarev Thu, 20 Jan 2022 10:52:19 +0300 + +qemu (1:6.2+dfsg-1) unstable; urgency=medium + + [ Christian Ehrhardt ] + * 6.2.0 upstream release + Closes: #984452, CVE-2021-20203 + (integer overflow issue in the vmxnet3 NIC emulator) + Closes: #984453, CVE-2021-20196 + (fdc: check drive block device before usage) + Closes: #984451, CVE-2021-20255 + (infinite recursion / DMA reentrancy in eepro100 i8255x device emulator) + * d/get-orig-source.sh: remove pc-bios/multiboot_dma.bin in dfsg-clean + * Drop patches upstream in v6.2.0 + * d/p/spelling.diff: update for v6.2.0 (partially accepted) + * d/rules: use new --disable-install-blobs build arg + * Revert "make fuse debian-only, since libfuse3 in ubuntu is in universe", + it is now in main (LP: #1934510) + * d/rules: bump skiboot version for qemu v6.2.0 + * d/p/ignore-roms-dependency-in-qtest.patch: fix meson issue + due to dfsg removal of blobs + * d/rules: drop --disable-fdt on microvm builds + (now strictly required on any x86 build) + * d/rules: select default PARISC config for hppa-firmware + + -- Michael Tokarev Sun, 09 Jan 2022 12:52:10 +0300 + +qemu (1:6.1+dfsg-8) unstable; urgency=medium + + * fix keymaps definitions placement in last upload + (Closes: #997925, #997926) + + -- Michael Tokarev Wed, 27 Oct 2021 13:27:09 +0300 + +qemu (1:6.1+dfsg-7) unstable; urgency=medium + + * qemu-system-data: do not install qemu.desktop (Closes: #995628) + * remove qemu-user-static.README.Debian (#995633) + * d/rules: update configure rules for different qemu builds + * qemu-system-x86-xen: install only -i386 link to xen path, not -x86_64 + * promote qemu-system-x86-xen package on ubuntu to be like qemu-system-x86 + since it uses the same modules actually + * enable zstd compression support (Build-Depends) + * qemu-system-data: install usr/share/icons/hicolor/32x32/apps/qemu.bmp + for the sdl ui + * d/control: fix wrong relation (< vs <<) + * d/control: use :native version of python3-sphynx (Closes: #995622) + * do not make qemu-system-gui Multi-Arch:same due to vhost-user-gpu + * quieten gcc11 warnings/errors so roms will compile (Closes: #997082) + * move d/qemu-system-data.install to d/rules + + -- Michael Tokarev Tue, 26 Oct 2021 10:35:02 +0300 + +qemu (1:6.1+dfsg-6) unstable; urgency=medium + + * virtio-net-fix-use-after-unmap-free-for-sg-CVE-2021-3748.patch + Closes: #993401, CVE-2021-3748: use-after-free in virtio_net_receive_rcu + * ati_2d-fix-buffer-overflow-in-ati_2d_blt-CVE-2021-3638.patch + Closes: #992726, CVE-2021-3638: + inconsistent check in ati_2d_blt() may lead to out-of-bounds write + * refresh uas-add-stream-number-sanity-checks-CVE-2021-3713{.diff=>.patch} + from upstream + * hmp-unbreak-change-vnc.patch from upstream + to fix 'change vnc passwd' command + + -- Michael Tokarev Wed, 29 Sep 2021 13:41:47 +0300 + +qemu (1:6.1+dfsg-5) unstable; urgency=medium + + * updated debian/patches/linux-user-binfmt-P.diff + to work with in-kernel code + Closes: #993658 + * d/rules: do not mark configure target as .PHONY + since it is a real file + + -- Michael Tokarev Mon, 06 Sep 2021 01:20:59 +0300 + +qemu (1:6.1+dfsg-4) unstable; urgency=medium + + * qemu-sockets-fix-unix-socket-path-copy-again.patch + replacing socket-unix-maxlen.patch + Closes: #993145 + * enable more devices for the microvm build: + virtio-gpu & vhost-user-gpu + virtio-input-host & vhost_user_input + * move vhost-user-gpu files from qemu-system-common to qemu-system-gui + this elminates X11 dependencies from non-gui qemu-system install + * build and install vof.bin firmware + * rearrange d/rules a bit to make different qemu builds + to be consistent with sysdata-components + * move ppc dtb firmware files from qemu-system-ppc to qemu-system-data + * device-tree-compiler is now needed in build-indep-depends, + not in build-depends + * d/rules: use CROSSPFX variables + * ubuntu only: + - Revert commit from the previous release which restores + relation between qemu-system-xen and qemu-system-gui + since -xen is not compatible with -gui modules + - qemu-system-xen does not suggest qemu-block-extra (incompatible too) + - qemu-system-s390x recommends qemu-block-extra not suggests it + + -- Michael Tokarev Tue, 31 Aug 2021 22:27:25 +0300 + +qemu (1:6.1+dfsg-3) unstable; urgency=medium + + * fix brown-paper bag in last upload (--enable-libudev) + * ubuntu only: restore relations (depends/recommends) + between qemu-system-gui and qemu-system-xen since -xen + replaces full qemu-system-x86 and acts the same way + + -- Michael Tokarev Tue, 31 Aug 2021 02:50:52 +0300 + +qemu (1:6.1+dfsg-2) unstable; urgency=medium + + * rearrange d/rules to be able to configure/build/install + various different kinds of qemu builds (main/microvm/xen/static) + separately, by splitting targets of d/rules into subtargets + * enable many virtio devices for microvm build (Closes: #992029) + * disable libudev and fuse for microvm build + * rearrange options for microvm build in d/rules + * tidy newly added assert in unix-domain socket handling code + to account for extra \0 terminator for socket pathname, + socket-unix-maxlen.patch (Closes: #993145) + * upstream qemu added ignoring of *.patch to .gitignore, + unignore them in d/.gitignore + * re-add 4 patches which were lost from git + during preparation for 6.1 + (not affecting the source package) + * uas-add-stream-number-sanity-checks-CVE-2021-3713.diff + Closes: #992727, CVE-2021-3713 + * Mention (some) bugs closed by 6.1 upstream + * Mention closing of #947349 + + -- Michael Tokarev Tue, 31 Aug 2021 02:01:51 +0300 + +qemu (1:6.1+dfsg-1) unstable; urgency=medium + + * new upstream release (6.1.0) + Closes: CVE-2021-3607 (pvrdma: ensure correct input on ring init) + Closes: CVE-2021-3608 (pvrdma: unmap initialized dma address) + Closes: #989042, CVE-2021-3544 (vhost-user-gpu resource leaks) + Closes: #989042, CVE-2021-3545 (vhost-user-gpu memory disclosure) + Closes: #989042, CVE-2021-3546 (vhost-user-gpu OOBwr virgl_cmd_get_capset) + Closes: #991911, CVE-2021-3682 (pvrdma: possible mremap overflow) + * refresh patches, remove patches which were applied upstream + * remove newly appeared pc-bios/vof.bin in dfsg-clean + * add python3-sphinx-rtd-theme to build-depends + * removed qemu-system-moxie arch + * actually build many qemu modules as modules, and install + them in qemu-system-common. + * make strong versioned dependency between various qemu-system-* + packages, so that modules works correctly. + * drop very old versions from Build-Depends, Depends and Recommends + for packages which long has much more recent versions in debian + * up qemu-block-extra dependecy level from Suggests to Recommends + * d/control: stop suggesting sgabios by qemu-system-x86 + * (experimental for now, needs more work) print name of the package + name for a module which can't be loaded, to give a clue what other + package one may need to install for the requested functionality + * fix some spelling mistakes in visible messages (spelling.diff) + * enable jack audio backend (in qemu-system-gui) (Closes: #984726) + * other small/internal changes in packaging: + - removed --disable-sheepdog which were dropped upstream + - install gui modules in d/rules not in d/q-s-gui.install + to be able to use wildcard in d/q-s-common.install + - recommend qemu-block-extra, not suggest it and not depend on it (ubuntu) + for qemu-system-* and qemu-utils + - reformat qemu "deps" for qemu-system-gui, stop listing -xen there + (it can not satisfy -gui), qemu-system-s390x is :ubuntu:-only + - d/control: stop recommending -gui for xen package + (it is of no use for xen) + - d/control: reformat Depends for qemu-block-extra, do not include -xen + version there, mark -x390x as ubuntu-only, + and allow qemu-utils to satisfy the dependency + - do not install docs which does not exist anymore + - stop omiting Changelog from dh_installchangelog: the file is long gone + - d/rules: explicitly state version of skiboot as it is stored + in a git tag only, or else skiboot does not build (hack) + - put (new in 6.1, new in debian) hw-display-virtio-gpu-gl.so + to qemu-system-gui as it pulls in X11 + + -- Michael Tokarev Wed, 25 Aug 2021 15:59:26 +0300 + +qemu (1:6.0+dfsg-4) unstable; urgency=medium + + * d/rules: fix last ubuntu merge, xen is x86-only, not all-debian + + -- Michael Tokarev Tue, 17 Aug 2021 19:04:30 +0300 + +qemu (1:6.0+dfsg-3) unstable; urgency=medium + + [ Michael Tokarev ] + * enable /run/qemu mount on ubuntu only + * usbredir-fix-free-call-CVE-2021-3682.patchi + Closes: #991911, CVE-2021-3682 + + [ Christian Ehrhardt ] + * ubuntu-only changes: + - d/control-in: Make Ubuntu qemu-utils depend on qemu-block-extra + - d/control-in: Make Ubuntu qemu-system-common depend on qemu-block-extra + - d/control*, d/rules: disable xen by default, but provide universe package + qemu-system-x86-xen as alternative + * d/p/target-s390x-Fix-translation-exception-on-illegal-in.patch: + avoid segfaults by uretprobes (LP 1929926) + + -- Michael Tokarev Tue, 17 Aug 2021 17:49:10 +0300 + +qemu (1:6.0+dfsg-2expubuntu4) jammy; urgency=medium + + * d/p/lp-1952448-relax-skiboot-gcc-deprecation-errors.patch: + add patch to workaround FTBFS when building against OpenSSL 3.0. + Thanks to Christian Ehrhardt (LP: #1952448) + + -- Paride Legovini Fri, 26 Nov 2021 15:47:51 +0100 + +qemu (1:6.0+dfsg-2expubuntu3) jammy; urgency=medium + + * No-change rebuild against liburing2 + + -- Paride Legovini Mon, 22 Nov 2021 18:00:26 +0100 + +qemu (1:6.0+dfsg-2expubuntu2) jammy; urgency=medium + + * updated debian/patches/linux-user-binfmt-P.diff to work with in-kernel code + (#993658) (LP: #1947860) + + -- Christian Ehrhardt Wed, 03 Nov 2021 14:10:56 +0100 + +qemu (1:6.0+dfsg-2expubuntu1) impish; urgency=medium + + * Merge with Debian experimental, remaining changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-system-common.qemu-kvm.service: systemd unit to call + qemu-kvm-init + - d/qemu-system-common.install: install helper script + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm + - Distribution specific machine type + (LP: 1304107 1621042 1776189 1761372 1761372 1776189) + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types containing release versioned machine attributes + - d/qemu-system-x86.NEWS Info on fixed machine type defintions + for host-phys-bits=true + - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type + - Enable nesting by default + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + [ No more strictly needed, but required for backward compatibility ] + - improved dependencies + - Make qemu-system-common depend on qemu-block-extra + - Make qemu-utils depend on qemu-block-extra + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - d/qemu-system-x86.README.Debian: add info about updated nesting changes + - d/control*, d/rules: disable xen by default, but provide universe + package qemu-system-x86-xen as alternative + [includes compat links changes of 5.0-5ubuntu4] + - d/p/ubuntu/enable-svm-by-default.patch: update to match v6.0 + - d/p/ubuntu/define-ubuntu-machine-types.patch: add ubuntu machine types + for v6.0 + - d/p/ubuntu/lp-1929926-*: avoid segfaults by uretprobes (LP 1929926) + - Ease the use of module retention on upgrades (LP 1913421) + - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade + * Dropped Changes [in 1:6.0+dfsg-2exp]: + - d/control-in: Disable capstone disassembler library support (universe) + - Disable fuse export (universe dependency) + - Ease the use of module retention on upgrades (LP 1913421) + - d/run-qemu.mount, d/rules: provide run-qemu.mount in qemu-block-extra + - d/rules: only save modules if /run/qemu isn't noexec + - d/rules: clear all (current and former) modules on purge + - d/control: qemu 6.0 broke libvirt <7.2 add a breaks to avoid partial + upgrade issues (LP 1932264) + - Enable SDL as secondary UI backend (LP 1256185) + - d/control: add build dependency libsdl2-dev + - d/control: enable sdl graphics on build + - d/qemu-system-gui.install: add ui-sdl.so + - d/control: add runtime dependency to libgl1 + * Dropped Changes [no more needed] + - let qemu-utils recommend sharutils + * Added changes: + - d/optionrom.mak, d/p/u/avoid-fcf-clashing-with-i486.patch: fix + -fcf-protection being unavailble on -march=i486 (LP: #1940029) + - d/p/u/lp-1932175-s390x-cpumodel-add-3931-and-3932.patch: add new 3931 + and 3932 machines (LP: #1932175) + - d/p/u/lp-1940288-audio-Never-send-migration-section.patch: fix + migration with audio devices present (LP: #1940288) + + -- Christian Ehrhardt Thu, 12 Aug 2021 15:35:12 +0200 + +qemu (1:6.0+dfsg-2exp) experimental; urgency=medium + + [ Christian Ehrhardt ] + * qemu 6.0 broke libvirt <7.2, add a Breaks + to avoid partial upgrade issues (LP: #1932264) + * enable SDL as secondary UI backend (LP: #1256185) (Closes: #947349) + * clear all (current and former) modules on purge + * only save modules if /run/qemu isn't noexec + * provide run-qemu.mount in qemu-block-extra + (disabled in debian for now) + * Disable capstone disassembler library support in ubuntu (universe) + + [ Michael Tokarev ] + * qemu does not ship Changelog file anymore + * drop version from libfuse-dev build-depends (noticed by Ville Skyttä) + * a few patches from upstream stable: + - target-ppc-fix-load-endianness-for-lxvwsx-lxvdsx.patch + fix various crashes in ppc system emulation. + Thanks to Christian Ehrhardt for pointing this out + - pvrdma-fix-possible-mremap-overflow-in-pvrdma-device-CVE-2021-3582.patch + (Closes: #990565, CVE-2021-3582) + - pvrdma-ensure-correct-input-on-ring-init-CVE-2021-3607.patch + (Closes: #990564, CVE-2021-3607) + - pvrdma-fix-the-ring-init-error-flow-CVE-2021-3608.patch + (Closes: #990563, CVE-2021-3608) + - usb-limit-combined-packets-to-1-MiB-CVE-2021-3527.patch + usb-redir-avoid-dynamic-stack-allocation-CVE-2021-3527.patch + (Closes: #988157, CVE-2021-3527) + * mention closing of 3 bugs in am53c974 (ESP) device emulation by 6.0 + (Closes: #979679, CVE-2020-35504) + (Closes: #984455, CVE-2020-35505) + (Closes: #984454, CVE-2020-35506) + * make fuse debian-only, since libfuse3 in ubuntu is in universe + * fix microvm default machine type for a new build system (LP: #1936894) + + -- Michael Tokarev Wed, 21 Jul 2021 19:43:37 +0300 + +qemu (1:6.0+dfsg-1~ubuntu3) impish; urgency=medium + + * d/p/u/lp-1935617-target-ppc-Fix-load-endianness-for-lxvwsx-lxvdsx.patch: + fix TCG emulation for ppc64 (LP: #1935617) + + -- Christian Ehrhardt Tue, 13 Jul 2021 09:34:55 +0200 + +qemu (1:6.0+dfsg-1~ubuntu2) impish; urgency=medium + + * d/control: remove fuse2 trial-build (LP 1934510) + + -- Christian Ehrhardt Wed, 07 Jul 2021 10:26:08 +0200 + +qemu (1:6.0+dfsg-1~ubuntu1) impish; urgency=medium + + * Merge with Debian experimental, Among many other things this fixes LP Bugs: + (LP: #1907952) broken arrow keys in -display gtk on aarch64 + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-system-common.qemu-kvm.service: systemd unit to call + qemu-kvm-init + - d/qemu-system-common.install: install helper script + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm + - Distribution specific machine type + (LP: 1304107 1621042 1776189 1761372 1761372 1776189) + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types containing release versioned machine attributes + - d/qemu-system-x86.NEWS Info on fixed machine type defintions + for host-phys-bits=true + - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type + - Enable nesting by default + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + [ No more strictly needed, but required for backward compatibility ] + - improved dependencies + - Make qemu-system-common depend on qemu-block-extra + - Make qemu-utils depend on qemu-block-extra + - Let qemu-utils recommend sharutils + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - d/control-in: Disable capstone disassembler library support (universe) + - d/qemu-system-x86.README.Debian: add info about updated nesting changes + - d/control*, d/rules: disable xen by default, but provide universe + package qemu-system-x86-xen as alternative + [includes compat links changes of 5.0-5ubuntu4] + - Fix upgrade module handling (LP 1905377) + --enable-module-upgrades for qemu-xen which doesn't exist in Debian + * Dropped Changes [in 6.0]: + - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix + ld usage of -no-pie (LP 1907789) + - d/p/u/lp-1916230-hw-s390x-fix-build-for-virtio-9p-ccw.patch: fix + virtio-9p-ccw being missing (LP 1916230) + - d/p/u/lp-1916705-disas-Fix-build-with-glib2.0-2.67.3.patch: Fix FTFBS due + to glib2.0 >=2.67.3 (LP 1916705) + - d/p/u/lp-1921754*: add EPYC-Rome-v2 as v1 missed IBRS and thereby fails + on some HW/Guest combinations e.g. Windows 10 on Threadripper chips + (LP 1921754) + - d/p/u/lp-1921880*: add EPYC-Milan features and named cpu type support + (LP 1921880) + - d/p/u/lp-1922010-linux-user-s390x-Use-the-guest-pointer-for-the-sigre*: + fix go in qemu-s390x-static (LP 1922010) + * Dropped Changes [in Debian]: + - Allow qemu to load old modules post upgrade (LP 1847361) + - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in + - d/rules: Drop generating package version into maintainer scripts + * Dropped Changes [No more needed >21.04]: + - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on + the bad old prerm (LP 1906245 1905377) + * Added Changes + - Disable fuse export (universe dependency) + - d/p/ubuntu/enable-svm-by-default.patch: update to match v6.0 + - d/p/ubuntu/define-ubuntu-machine-types.patch: add ubuntu machine types + for v6.0 + - d/p/ubuntu/lp-1929926-*: avoid segfaults by uretprobes (LP: #1929926) + - Ease the use of module retention on upgrades (LP: #1913421) + - d/run-qemu.mount, d/rules: provide run-qemu.mount in qemu-block-extra + - d/rules: only save modules if /run/qemu isn't noexec + - d/rules: clear all (current and former) modules on purge + - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade + - d/control: qemu 6.0 broke libvirt <7.2 add a breaks to avoid partial + upgrade issues (LP: #1932264) + - Enable SDL as secondary UI backend (LP: #1256185) + - d/control: add build dependency libsdl2-dev + - d/control: enable sdl graphics on build + - d/qemu-system-gui.install: add ui-sdl.so + - d/control: add runtime dependency to libgl1 + - d/rules: qemu-system-x86-xen builds modules as well now (follows the + other packages) + + -- Christian Ehrhardt Tue, 15 Jun 2021 12:41:33 +0200 + +qemu (1:6.0+dfsg-1~exp0) experimental; urgency=medium + + * new upstream release + Closes: #979679, CVE-2020-35504 + Closes: #984455, CVE-2020-35505 + Closes: #984454, CVE-2020-35506 + * remove obsolete patches, refresh use-fixed-data-path.patch + * use libncurses-dev, not old libncursesw5-dev + * enable fuse export (and build-depend on libfuse3-dev) + * install (new) manpages for qemu-storage-daemon + * enable new hexagon qemu-user target + * two patches to fix 3 new spelling mistakes + * remove now-unused shared-library-lacks-prerequisites lintian-overrides + for qemu-user-static + + -- Michael Tokarev Sat, 08 May 2021 10:16:05 +0300 + +qemu (1:5.2+dfsg-11) unstable; urgency=medium + + * i386-acpi-restore-device-paths-for-pre-5.1-vms.patch + This fixes a serious issue in some VMs (in particuar, Windows & MacOS) + when migrating from buster qemu to bullseye qemu. + (Closes: #990675) + * pvrdma-fix-possible-mremap-overflow-in-pvrdma-device-CVE-2021-3582.patch + (Closes: #990565, CVE-2021-3582) + * pvrdma-ensure-correct-input-on-ring-init-CVE-2021-3607.patch + (Closes: #990564, CVE-2021-3607) + * pvrdma-fix-the-ring-init-error-flow-CVE-2021-3608.patch + (Closes: #990563, CVE-2021-3608) + * ide-atapi-check-logical-block-address-and-read-size-CVE-2020-29443.patch + (Closes: #983575, CVE-2020-29443) + * usb-limit-combined-packets-to-1-MiB-CVE-2021-3527.patch + usb-redir-avoid-dynamic-stack-allocation-CVE-2021-3527.patch + (Closes: #988157, CVE-2021-3527) + + -- Michael Tokarev Sun, 18 Jul 2021 16:14:41 +0300 + +qemu (1:5.2+dfsg-10) unstable; urgency=medium + + * 5 sdhci fixes from upstream: + dont-transfer-any-data-when-command-time-out.patch + dont-write-to-SDHC_SYSAD-register-when-transfer-is-in-progress.patch + correctly-set-the-controller-status-for-ADMA.patch + limit-block-size-only-when-SDHC_BLKSIZE-register-is-writable.patch + reset-the-data-pointer-of-s-fifo_buffer-when-a-different-block-size...patch + (Closes: #986795, #970937, CVE-2021-3409, CVE-2020-17380, CVE-2020-25085) + * mptsas-remove-unused-MPTSASState.pending-CVE-2021-3392.patch + fix possible use-after-free in mptsas_free_request + (Cloese: #984449, CVE-2021-3392) + + -- Michael Tokarev Fri, 16 Apr 2021 12:43:36 +0300 + +qemu (1:5.2+dfsg-9ubuntu3) hirsute; urgency=medium + + * d/p/u/lp-1921754*: add EPYC-Rome-v2 as v1 missed IBRS and thereby fails + on some HW/Guest combinations e.g. Windows 10 on Threadripper chips + (LP: #1921754) + * d/p/u/lp-1921880*: add EPYC-Milan features and named cpu type support + (LP: #1921880) + + -- Christian Ehrhardt Wed, 07 Apr 2021 11:58:29 +0200 + +qemu (1:5.2+dfsg-9ubuntu2) hirsute; urgency=medium + + * d/p/u/lp-1922010-linux-user-s390x-Use-the-guest-pointer-for-the-sigre.patch: + fix go in qemu-s390x-static (LP: #1922010) + + -- Christian Ehrhardt Wed, 31 Mar 2021 10:01:40 +0200 + +qemu (1:5.2+dfsg-9ubuntu1) hirsute; urgency=medium + + * Merge with Debian unstable; Remaining changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-system-common.qemu-kvm.service: systemd unit to call + qemu-kvm-init + - d/qemu-system-common.install: install helper script + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm + - Distribution specific machine type (LP: 1304107 1621042) + - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types + - d/qemu-system-x86.NEWS Info on fixed machine type definitions + for host-phys-bits=true (LP: 1776189) + - add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - provide pseries-bionic-2.11-sxxm type as convenience with all + meltdown/spectre workarounds enabled by default. (LP: 1761372). + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type + - Enable nesting by default + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + [ No more strictly needed, but required for backward compatibility ] + - improved dependencies + - Make qemu-system-common depend on qemu-block-extra + - Make qemu-utils depend on qemu-block-extra + - let qemu-utils recommend sharutils + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - d/control-in: Disable capstone disassembler library support (universe) + - d/qemu-system-x86.README.Debian: add info about updated nesting changes + - d/control*, d/rules: disable xen by default, but provide universe + package qemu-system-x86-xen as alternative + [includes compat links changes of 5.0-5ubuntu4] + - allow qemu to load old modules post upgrade (LP 1847361) + - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in + - d/rules: Drop generating package version into maintainer scripts + - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on + the bad old prerm (LP 1906245 1905377) + - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix + ld usage of -no-pie (LP 1907789) + - d/p/u/lp-1916230-hw-s390x-fix-build-for-virtio-9p-ccw.patch: fix + virtio-9p-ccw being missing (LP 1916230) + - d/p/u/lp-1916705-disas-Fix-build-with-glib2.0-2.67.3.patch: Fix FTFBS due + to glib2.0 >=2.67.3 (LP 1916705) + + -- Christian Ehrhardt Thu, 18 Mar 2021 11:13:49 +0100 + +qemu (1:5.2+dfsg-9) unstable; urgency=medium + + * do not make qemu-system-data dependent on qemu-system-foo + (Closes: #985040) + * CVE-2021-20263 - implement dropping security.capability xattr + This adds two patches from upstream: + virtiofsd-save-error-code-early-at-the-failure-callsite.patch + virtiofsd-drop-remapped-security.capability-..-needed-CVE-2021-20263.patch + Closes: #985083, CVE-2021-20263 + * CVE-2021-3416 fix from upstream + Fixes infinite loop in loopback mode of various network devices, + adding 10 patches from upstream + Closes: #984448, CVE-2021-3416 + * net-e1000-fail-early-for-evil-descriptor-CVE-2021-20257.patch + Fix CVE-2021-20257 from upstream: e1000: infinite loop while processing + transmit descriptors + Closes: #984450, CVE-2021-20257 + + -- Michael Tokarev Wed, 17 Mar 2021 21:02:30 +0300 + +qemu (1:5.2+dfsg-8) unstable; urgency=medium + + * a no-change upload to fix broken previous upload + + -- Michael Tokarev Sun, 14 Mar 2021 12:21:37 +0300 + +qemu (1:5.2+dfsg-7) unstable; urgency=high + + * do not make qemu-system-common dependent on qemu-system-foo. + We removed modules from qemu-system-common for now, so there's no + need for it to depend on any of qemu-system-foo of the same version. + Among other things this fixes #983756 (which should be fixes some + other way anyway, but it should be ok for now). + Closes: #983756, #983921, #985195 + Urgency is high because a single bin-NMU of qemu package made it + uninstallable. + + -- Michael Tokarev Sun, 14 Mar 2021 11:32:54 +0300 + +qemu (1:5.2+dfsg-6ubuntu2) hirsute; urgency=medium + + * d/p/u/lp-1916705-disas-Fix-build-with-glib2.0-2.67.3.patch: Fix FTFBS due + to glib2.0 >=2.67.3 (LP: #1916705) + + -- Christian Ehrhardt Wed, 24 Feb 2021 08:39:09 +0100 + +qemu (1:5.2+dfsg-6ubuntu1) hirsute; urgency=medium + + * Merge with Debian unstable, includes fixes for + - build operates differently if source is a git repo (LP: #1887535) + Remaining changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-system-common.qemu-kvm.service: systemd unit to call + qemu-kvm-init + - d/qemu-system-common.install: install helper script + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm + - Distribution specific machine type (LP: 1304107 1621042) + - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types + - d/qemu-system-x86.NEWS Info on fixed machine type definitions + for host-phys-bits=true (LP: 1776189) + - add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - provide pseries-bionic-2.11-sxxm type as convenience with all + meltdown/spectre workarounds enabled by default. (LP: 1761372). + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type + - Enable nesting by default + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + [ No more strictly needed, but required for backward compatibility ] + - improved dependencies + - Make qemu-system-common depend on qemu-block-extra + - Make qemu-utils depend on qemu-block-extra + - let qemu-utils recommend sharutils + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - d/control-in: Disable capstone disassembler library support (universe) + - d/qemu-system-x86.README.Debian: add info about updated nesting changes + - d/control*, d/rules: disable xen by default, but provide universe + package qemu-system-x86-xen as alternative + [includes compat links changes of 5.0-5ubuntu4] + - allow qemu to load old modules post upgrade (LP 1847361) + - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in + - d/rules: Drop generating package version into maintainer scripts + - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on + the bad old prerm (LP 1906245 1905377) + - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix + ld usage of -no-pie (LP 1907789) + * Added changes + - d/p/u/lp-1916230-hw-s390x-fix-build-for-virtio-9p-ccw.patch: fix + virtio-9p-ccw being missing (LP: #1916230) + + -- Christian Ehrhardt Mon, 22 Feb 2021 11:40:36 +0100 + +qemu (1:5.2+dfsg-6) unstable; urgency=medium + + * deprecate qemu-debootstrap. It is not needed anymore with + binfmt F flag, since everything now works without --foreign + debootstrap argument and copying the right qemu binary into + the chroot. Closes: #901197 + * fix the brown-paper bag bug: wrong argument order + in the linux-user-binfmt patch (really closes: #970460) + + -- Michael Tokarev Tue, 16 Feb 2021 12:11:20 +0300 + +qemu (1:5.2+dfsg-5) unstable; urgency=medium + + * d/rules: ensure b/ subdir exists before building palcode and qboot + * d/changelog: #959530 is not fixed by 5.2+dfsg-4 + * 3 virtiofsd patches Closes: #980814, CVE-2020-35517 + virtiofsd: potential privileged host device access from guest + - virtiofsd-extract-lo_do_open-from-lo_open.patch + - virtiofsd-optionally-return-inode-pointer-from-lo_do_lookup.patch + - virtiofsd-prevent-opening-of-special-files-CVE-2020-35517.patch + -- Michael Tokarev Sun, 14 Feb 2021 17:44:06 +0300 + +qemu (1:5.2+dfsg-4) unstable; urgency=medium + + [ Michael Tokarev ] + * require libfdt >= 1.5.0-2 due to #931046 + * qemu-user: attempt to preserve argv[0] when run under binfmt + (Closes: #970460) + This changes the enterpreter name for all linux-user registered + binfmts, so it potentially can break stuff. The actual binary + being registered now is /usr/libexec/qemu-binfmt/foo-binfmt-P, + which is a symlink to actual /usr/lib/qemu-foo[-static]. + * ignore .git-submodule-status when building source + * some security fixes from upstream: + o arm_gic-fix-interrupt-ID-in-GICD_SGIR-CVE-2021-20221.patch + Closes: CVE-2021-20221 + GIC (armv7): out-of-bound heap buffer access via an interrupt ID field + o 9pfs-Fully-restart-unreclaim-loop-CVE-2021-20181.patch + Closes: CVE-2021-20181 + * non-security fixes from upstream: + pc-bios-descriptors-fix-paths-in-json-files.patch - fixes wrong paths + in edk2-firmware-related json files introduced in 5.2 + + [ Christian Ehrhardt ] + * d/control-in: avoid version mismatch of installed binaries + (Closes: #956377) + + [ Dan Streetman ] + * Backport configure param --with-git-submodules and set to 'ignore' + + -- Michael Tokarev Sun, 14 Feb 2021 16:52:10 +0300 + +qemu (1:5.2+dfsg-3ubuntu2) hirsute; urgency=medium + + * No change rebuild to pick up liburing. (LP: #1914145) + + -- Mauricio Faria de Oliveira Wed, 03 Feb 2021 19:44:54 -0300 + +qemu (1:5.2+dfsg-3ubuntu1) hirsute; urgency=medium + + * Merge with Debian unstable, includes fixes for + - qemu-user-static are partially dynamically linked (LP: #1908331) + - qemu crashing when using spice without qemu-system-gui being + installed (LP: #1908577) + Remaining changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-system-common.qemu-kvm.service: systemd unit to call + qemu-kvm-init + - d/qemu-system-common.install: install helper script + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm + - Distribution specific machine type (LP: 1304107 1621042) + - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types + - d/qemu-system-x86.NEWS Info on fixed machine type definitions + for host-phys-bits=true (LP: 1776189) + - add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - provide pseries-bionic-2.11-sxxm type as convenience with all + meltdown/spectre workarounds enabled by default. (LP: 1761372). + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type + - Enable nesting by default + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + [ No more strictly needed, but required for backward compatibility ] + - improved dependencies + - Make qemu-system-common depend on qemu-block-extra + - Make qemu-utils depend on qemu-block-extra + - let qemu-utils recommend sharutils + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - d/control-in: Disable capstone disassembler library support (universe) + - d/qemu-system-x86.README.Debian: add info about updated nesting changes + - d/control*, d/rules: disable xen by default, but provide universe + package qemu-system-x86-xen as alternative + [includes compat links changes of 5.0-5ubuntu4] + - allow qemu to load old modules post upgrade (LP 1847361) + - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in + - d/rules: Drop generating package version into maintainer scripts + - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on + the bad old prerm (LP 1906245 1905377) + - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix + ld usage of -no-pie (LP 1907789) + + -- Christian Ehrhardt Tue, 05 Jan 2021 12:43:42 +0100 + +qemu (1:5.2+dfsg-3) unstable; urgency=medium + + [ Christian Ehrhardt ] + * d/rules: fix qemu-user-static to really be static (LP: #1908331) + + [ Michael Tokarev ] + * build most modules statically (besides block and gui parts). + This makes qemu-system-common package to be of less strict dependency + for other qemu-system-* packages, and also Closes: #977301, #978131 + * especially remove removed binfmts in qemu-user-{static,binfmt}.preinst + (really Closes: #977015) + * memory-clamp-cached-translation-MMIO-region-CVE-2020-27821.patch + (Closes: #977616, CVE-2020-27821) + + -- Michael Tokarev Tue, 29 Dec 2020 15:07:03 +0300 + +qemu (1:5.2+dfsg-2ubuntu1) hirsute; urgency=medium + + * Merge with Debian unstable + - includes fix for CVE-2020-17380 + - includes a fix for s390x PCI device reset (LP: #1907656) + Remaining changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-system-common.qemu-kvm.service: systemd unit to call + qemu-kvm-init + - d/qemu-system-common.install: install helper script + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm + - Distribution specific machine type (LP: 1304107 1621042) + - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types + - d/qemu-system-x86.NEWS Info on fixed machine type definitions + for host-phys-bits=true (LP: 1776189) + - add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - provide pseries-bionic-2.11-sxxm type as convenience with all + meltdown/spectre workarounds enabled by default. (LP: 1761372). + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type + - Enable nesting by default + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + [ No more strictly needed, but required for backward compatibility ] + - improved dependencies + - Make qemu-system-common depend on qemu-block-extra + - Make qemu-utils depend on qemu-block-extra + - let qemu-utils recommend sharutils + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - d/control-in: Disable capstone disassembler library support (universe) + - d/qemu-system-x86.README.Debian: add info about updated nesting changes + - d/control*, d/rules: disable xen by default, but provide universe + package qemu-system-x86-xen as alternative + [includes compat links changes of 5.0-5ubuntu4] + - allow qemu to load old modules post upgrade (LP 1847361) + - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in + - d/rules: Drop generating package version into maintainer scripts + - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on + the bad old prerm (LP 1906245 1905377) + * Dropped Changes: + - d/control, d/rules: build with gcc-9 on armhf as workaround until + resolved in gcc-10 (LP: 1890435) [it is flaky still, but no more 100% + fails] + * Added Changes: + - Refreshed ubuntu machine types for hirsute@5.2 + - d/control: regenerated from d/control-in + - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix + ld usage of -no-pie (LP: #1907789) + + -- Christian Ehrhardt Wed, 09 Dec 2020 16:44:47 +0100 + +qemu (1:5.2+dfsg-2) unstable; urgency=medium + + * move ui-opengl.so module from qemu-system-gui to qemu-system-common, + as other modules want it (Closes: #976996, #977022) + * do not install dropped ppc64abi32 binfmt for qemu-user[-static] + (Closes: #977015) + + -- Michael Tokarev Thu, 10 Dec 2020 11:15:43 +0300 + +qemu (1:5.2+dfsg-1) unstable; urgency=medium + + * new upstream release + Closes: #965978, CVE-2020-15859 (22dc8663d9fc7baa22100544c600b6285a63c7a3) + Closes: #970539, CVE-2020-25084 (21bc31524e8ca487e976f713b878d7338ee00df2) + Closes: #970540, CVE-2020-25085 (dfba99f17feb6d4a129da19d38df1bcd8579d1c3) + Closes: #970541, CVE-2020-25624 (1328fe0c32d5474604105b8105310e944976b058) + Closes: #970542, CVE-2020-25625 (1be90ebecc95b09a2ee5af3f60c412b45a766c4f) + Closes: #974687, CVE-2020-25707 (c2cb511634012344e3d0fe49a037a33b12d8a98a) + Closes: #975276, CVE-2020-25723 (2fdb42d840400d58f2e706ecca82c142b97bcbd6) + Closes: #975265, CVE-2020-27616 (ca1f9cbfdce4d63b10d57de80fef89a89d92a540) + Closes: #973324, CVE-2020-27617 (7564bf7701f00214cdc8a678a9f7df765244def1) + Closes: #972864, CVE-2020-27661 (bea2a9e3e00b275dc40cfa09c760c715b8753e03) + Closes: CVE-2020-27821 (1370d61ae3c9934861d2349349447605202f04e9) + Closes: #976388, CVE-2020-28916 (c2cb511634012344e3d0fe49a037a33b12d8a98a) + * remove obsolete patches + * refresh use-fixed-data-path.patch and debian/get-orig-source.sh + * bump minimum meson version required for build to 0.55.3 + * update build rules for several components + * remove deprecated lm32 and unicore32 system emulators + * remove deprecated ppc64abi32 and tilegx linux-user emulators + * install ui-spice-core.so & chardev-spice.so in qemu-system-common + * install ui-egl-headless.so in qemu-system-common + * install hw-display-virtio-*.so in qemu-system-common + * install ui-opengl.so in qemu-system-gui + * install qemu-pr-helper.8 in qemu-system-common + * qemu-pr-helper moved to usr/bin/ again + * qboot.rom renamed from bios-microvm.bin + * remove several unused lintian overrides + * add spelling.diff patch to fix a few spelling errors + * update Standards-Version to 4.5.1 + * fix a few trailing whitespaces in d/control and d/changelog + * require libcapstone >= 4.0.2 (v4) for build + + -- Michael Tokarev Wed, 09 Dec 2020 08:57:41 +0300 + +qemu (1:5.1+dfsg-4ubuntu3) hirsute; urgency=medium + + * d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on + the bad old prerm (LP: #1906245) + + -- Christian Ehrhardt Mon, 30 Nov 2020 12:53:03 +0100 + +qemu (1:5.1+dfsg-4ubuntu2) hirsute; urgency=medium + + * Fix upgrade module handling (LP: #1905377) + This was accetped in a slightly different form in qemu_5.0-6 and therefore + allows to drop some former delta that is now conflicting. + Ubuntu still keeps enabling --enable-module-upgrades, but only for + qemu-xen which doesn't exist in Debian + - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in + - d/rules: Drop generating package version into maintainer scripts + + -- Christian Ehrhardt Tue, 24 Nov 2020 11:16:01 +0100 + +qemu (1:5.1+dfsg-4ubuntu1) hirsute; urgency=medium + + * Merge with Debian testing, remaining changes: + Fixes qemu-arm-static Assertion `guest_base != 0' failed (LP: #1897854) + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-system-common.qemu-kvm.service: systemd unit to call + qemu-kvm-init + - d/qemu-system-common.install: install helper script + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm + - Distribution specific machine type (LP: 1304107 1621042) + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types + - d/qemu-system-x86.NEWS Info on fixed machine type definitions + for host-phys-bits=true (LP: 1776189) + - add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - provide pseries-bionic-2.11-sxxm type as convenience with all + meltdown/spectre workarounds enabled by default. (LP: 1761372). + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type + - Enable nesting by default + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + [ No more strictly needed, but required for backward compatibility ] + - improved dependencies + - Make qemu-system-common depend on qemu-block-extra + - Make qemu-utils depend on qemu-block-extra + - let qemu-utils recommend sharutils + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - d/control-in: Disable capstone disassembler library support (universe) + - d/qemu-system-x86.README.Debian: add info about updated nesting changes + - d/control*, d/rules: disable xen by default, but provide universe + package qemu-system-x86-xen as alternative + [includes compat links changes of 5.0-5ubuntu4] + - allow qemu to load old modules post upgrade (LP 1847361) + - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on + upgrade + - d/rules: generate maintainer scripts matching package version on build + - d/rules: enable --enable-module-upgrades where --enable-modules is set + - d/control: regenerate debian/control out of control-in + * Dropped changes [in Debian or no more needed] + - d/control-in: disable pmem on ppc64 as it is currently considered + experimental on that architecture (pmdk v1.8-1) + - d/rules: makefile definitions can't be recursive - sys_systems for s390x + - d/rules: report config log from the correct subdir + - d/control-in: disable rbd support unavailable on riscv (LP: 1872931) + - Pick further changes for groovy from debian/master since 5.0-5 + - ati-vga-check-mm_index-before-recursive-call-CVE-2020-13800.patch + - revert-memory-accept-mismatching-sizes-in-memory_region_access_...patch + - exec-set-map-length-to-zero-when-returning-NULL-CVE-2020-13659.patch + - megasas-use-unsigned-type-for-reply_queue_head-and-check-index...patch + - megasas-use-unsigned-type-for-positive-numeric-fields.patch + - megasas-fix-possible-out-of-bounds-array-access.patch + - nbd-server-avoid-long-error-message-assertions-CVE-2020-10761.patch + - es1370-check-total-frame-count-against-current-...-CVE-2020-13361.patch + - a few patches from the stable series: + - fix-tulip-breakage.patch + - 9p-lock-directory-streams-with-a-CoMutex.patch + Prevent deadlocks in 9pfs readdir code + - net-do-not-include-a-newline-in-the-id-of-nic-device.patch + Fix newline accidentally sneaked into id string of a nic + - qemu-nbd-close-inherited-stderr.patch + - virtio-balloon-fix-free-page-hinting-check-on-unreal.patch + - virtio-balloon-fix-free-page-hinting-without-an-iothread.patch + - virtio-balloon-unref-the-iothread-when-unrealizing.patch + - acpi-tmr-allow-2-byte-reads.patch + - reapply CVE-2020-13253 fixes from upstream + - linux-user-refactor-ipc-syscall-and-support-of-semtimedop.patch + - linux-user-add-netlink-RTM_SETLINK-command.patch + - d/control: since qemu-system-data now contains module(s), + it can't be multi-arch. Ditto for qemu-block-extra. + - qemu-system-foo: depend on exact version of qemu-system-data, + due to the latter having modules + - acpi-allow-accessing-acpi-cnt-register-by-byte.patch' + This is another incarnation of the recent bugfix which actually enabled + memory access constraints, like #964247 + - acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch + this replace acpi-allow-accessing-acpi-cnt-register-by-byte.patch + and acpi-tmr-allow-2-byte-reads.patch, a more complete fix + - xhci-fix-valid.max_access_size-to-access-address-registers.patch + fix one more incarnation of the breakage after the CVE-2020-13754 fix + - do not install outdated (0.12 and before) Changelog + - xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch + ARM-only XGMAC NIC, possible buffer overflow during packet transmission + Closes: CVE-2020-15863 + - sm501 OOB read/write due to integer overflow in sm501_2d_operation() + - riscv-allow-64-bit-access-to-SiFive-CLINT.patch + another fix for revert-memory-accept-.. CVE-2020-13754 + - seabios-hppa-fno-ipa-sra.patch fix ftbfs with gcc-10 + - d/control-in: build-dep libcap is no more needed + - arch aware kvm wrappers + [upstream now automatically enables KVM if available and called with + kvm* name, provides KVM as before but with auto-fallback to tcg. + Former behavior of KVM-or-die can be achieved via -machine accel=kvm ] + * Dropped changes [upstream now] + - d/p/u/usb-fix-setup_len-init-CVE-2020-14364.patch: sanity check usb + setup_len + - d/p/u/lp-1887930-*: Enable Channel Path Handling for vfio-ccw (LP 1887930) + - d/p/u/lp-1894942-*: fix virtio-ccw host/guest notification (LP 1894942) + - d/p/ubuntu/lp-1887935-vfio-ccw-allow-non-prefetch-ORBs.patch: fix boot + from vfio-ccw (LP 1887935) + - fix qemu-user-static initialization to allow executing systemd (LP 1890881) + - fix assertion failue in net_tx_pkt_add_raw_fragment (LP 1891187) + - d/p/ubuntu/lp-1883984-target-s390x-Fix-SQXBR.patch: avoid crash on + SQXBR (LP 1883984) + - d/p/lp-1890154-*: fix -no-reboot on s390x secure boot (LP 1890154) + - d/p/ubuntu/lp-1887763-*: fix TCG sizing that OOMed many small CI + environments (LP 1887763) + - d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP 1835546) + - debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that + crashes it on shutdown (LP 1878973) + - update d/p/ubuntu/lp-1835546-* to the final versions + - d/p/ubuntu/virtio-net-fix-rsc_ext-compat-handling.patch: fix + FTBFS in groovy + * Added Changes: + - update ubuntu machine types for hirsute@5.1 + - d/control: regenerated from d/control-in + - d/control, d/rules: build with gcc-9 on armhf as workaround until + resolved in gcc-10 (LP: 1890435) + + -- Christian Ehrhardt Thu, 29 Oct 2020 12:37:31 +0100 + +qemu (1:5.1+dfsg-4) unstable; urgency=high + + * mention closing of CVE-2020-16092 by 5.1 + * usb-fix-setup_len-init-CVE-2020-14364.patch + Closes: #968947, CVE-2020-14364 + (OOB r/w access in USB emulation) + + -- Michael Tokarev Wed, 02 Sep 2020 16:14:52 +0300 + +qemu (1:5.1+dfsg-3) unstable; urgency=medium + + * fix one more issue in last upload. This is what happens when + you do "obvious" stuff in a hurry without proper testing.. + + -- Michael Tokarev Mon, 17 Aug 2020 22:19:55 +0300 + +qemu (1:5.1+dfsg-2) unstable; urgency=medium + + * fix brown-paper bag bug in last upload + + -- Michael Tokarev Mon, 17 Aug 2020 20:58:52 +0300 + +qemu (1:5.1+dfsg-1) unstable; urgency=medium + + * hw-display-qxl.so depends on spice so install it + only if it is built just like ui-spice-app + * note #931046 for libfdt + + -- Michael Tokarev Mon, 17 Aug 2020 18:57:14 +0300 + +qemu (1:5.1+dfsg-0exp1) experimental; urgency=medium + + * new upstream release 5.1.0. Make source DFSG-clean again + Closes: #968088 + Closes: CVE-2020-16092 (net_tx_pkt_add_raw_fragment in e1000e & vmxnet3) + * remove all patches which are applied upstream + * do not install non-existing doc/qemu/*-ref.* + * qemu-pr-helper is now in /usr/lib/qemu not /usr/bin + * virtfs-proxy-helper is in /usr/lib/qemu now, not /usr/bin + * new architecture: qemu-system-avr + * refresh d/get-orig-source.sh + * d/get-orig-source.sh: report already removed files in dfsg-clean + * install common modules in qemu-system-common + * lintian tag renamed: shared-lib-without-dependency-information to + shared-library-lacks-prerequisites + + -- Michael Tokarev Wed, 12 Aug 2020 19:09:24 +0300 + +qemu (1:5.0-14) unstable; urgency=high + + * this is a bugfix release before breaking toys with the new upstream + * riscv-allow-64-bit-access-to-SiFive-CLINT.patch + (another fix for revert-memory-accept-..-CVE-2020-13754) + * install /usr/lib/*/qemu/ui-curses.so in qemu-system-common + Closes: #966517 + + -- Michael Tokarev Fri, 31 Jul 2020 11:45:25 +0300 + +qemu (1:5.0-13) unstable; urgency=medium + + * seabios-hppa-fno-ipa-sra.patch + fix ftbfs with gcc-10 + + -- Michael Tokarev Wed, 22 Jul 2020 22:16:41 +0300 + +qemu (1:5.0-12) unstable; urgency=medium + + * acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch + this replace cpi-allow-accessing-acpi-cnt-register-by-byte.patch + and acpi-tmr-allow-2-byte-reads.patch, a more complete fix + * xhci-fix-valid.max_access_size-to-access-address-registers.patch + fix one more incarnation of the breakage after the CVE-2020-13754 fix + * do not install outdated (0.12 and before) Changelog (Closes: #965381) + * xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch + ARM-only XGMAC NIC, possible buffer overflow during packet transmission + Closes: CVE-2020-15863 + * sm501 OOB read/write due to integer overflow in sm501_2d_operation() + List of patches: + sm501-convert-printf-abort-to-qemu_log_mask.patch + sm501-shorten-long-variable-names-in-sm501_2d_operation.patch + sm501-use-BIT-macro-to-shorten-constant.patch + sm501-clean-up-local-variables-in-sm501_2d_operation.patch + sm501-replace-hand-written-implementation-with-pixman-CVE-2020-12829.patch + Closes: #961451, CVE-2020-12829 + + -- Michael Tokarev Wed, 22 Jul 2020 19:42:29 +0300 + +qemu (1:5.0-11) unstable; urgency=high + + * d/control-in: only enable opengl (libdrm&Co) on linux + * d/control-in: spice: drop versioned deps (even jessie version is enough), + drop libspice-protocol-dev (automatically pulled by libspice-server-dev), + and build on more architectures + * change from debhelper versioned dependency to debhelper-compat (=12) + * acpi-allow-accessing-acpi-cnt-register-by-byte.patch' (Closes: #964793) + This is another incarnation of the recent bugfix which actually enabled + memory access constraints, like #964247 + Urgency = high due to this issue. + + -- Michael Tokarev Mon, 20 Jul 2020 18:41:17 +0300 + +qemu (1:5.0-10) unstable; urgency=medium + + * fix the wrong $(if) construct for s390x kvm link (FTBFS on s390x) + * use the same $(if) construct to simplify #ifdeffery + + -- Michael Tokarev Sat, 18 Jul 2020 10:02:41 +0300 + +qemu (1:5.0-9) unstable; urgency=medium + + * move kvm executable/script from qemu-kvm to qemu-system-foo, + make it multi-arch, and remove qemu-kvm package + * remove libcacard leftovers from d/.gitignore + * linux-user-refactor-ipc-syscall-and-support-of-semtimedop.patch + (Closes: #965109) + * linux-user-add-netlink-RTM_SETLINK-command.patch (Closes: #964289) + * libudev is linux-specific, do not build-depend on it + on kfreebsd and others + * install virtiofsd in d/rules (!sparc64) instead of + d/qemu-system-common.install (fixes FTBFS on sparc64) + * confirm -static-pie not working today still + * d/control: since qemu-system-data now contains module(s), + it can't be multi-arch. Ditto for qemu-block-extra. + * qemu-system-foo: depend on exact version of qemu-system-data, + due to the latter having modules + * build all modules since there are modules anyway, + no need to hack them in d/rules + * fix spelling in a patch name/subject inlast upload + * d/rules: do not use dh_install and dh_movefiles for individual + pkgs, open-code mkdir+cp/mv, b/c dh_install acts on all files + listed in d/foo.install too, in addition to given on command-line + * remove trailing whitespace from d/changelog + + -- Michael Tokarev Sat, 18 Jul 2020 08:29:38 +0300 + +qemu (1:5.0-8) unstable; urgency=medium + + * d/control: rdma is linux-only, do not enable it on kfreebsd & hurd + * add comment about virtiofsd conditional to d/qemu-system-common.install + Now qemu FTBFS on sparc64 since virtiofsd is not built due to missing + seccomp onn that platform, we should either make virtiofsd conditional + (!sparc64) or fix seccomp on sparc64 and build-depend on it + * openbios-use-source_date_epoch-in-makefile.patch (Closes: #963466) + * seabios-hppa-use-consistant-date-and-remove-hostname.patch (Closes: #963467) + * slof-remove-user-and-host-from-release-version.patch (Closes: #963472) + * slof-ensure-ld-is-called-with-C-locale.patch (Closes: #963470) + * update previous changelog, mention #945997 + * reapply CVE-2020-13253 fixed from upstream: + sdcard-simplify-realize-a-bit.patch (preparation for the next patch) + sdcard-dont-allow-invalid-SD-card-sizes.patch (half part of CVE-2020-13253) + sdcard-update-coding-style-to-make-checkpatch-happy.patch (preparational) + sdcard-dont-switch-to-ReceivingData-if-address-is-in..-CVE-2020-13253.patch + Closes: #961297, CVE-2020-13253 + + -- Michael Tokarev Fri, 17 Jul 2020 09:12:43 +0300 + +qemu (1:5.0-7) unstable; urgency=medium + + * Revert "d/rules: report config log from the correct subdir - base build" + * Revert "d/rules: report config log from the correct subdir - microvm build" + * acpi-tmr-allow-2-byte-reads.patch (Closes: #964247) + * remove sdcard-dont-switch-to-ReceivingData-if-add...-CVE-2020-13253.patch - + upstream decided to fix it differently (Reopens: #961297, CVE-2020-13253) + * explicitly specify --enable-tools on hppa and do the same trick + with --enable-tcg-interpreter --enable-tools on a few other unsupported + arches (Closes: #964372, #945997) + + -- Michael Tokarev Thu, 16 Jul 2020 18:36:08 +0300 + +qemu (1:5.0-6) unstable; urgency=medium + + [ Christian Ehrhardt ] + * d/control-in: disable pmem on ppc64 as it is currently considered + experimental on that architecture + * d/rules: makefile definitions can't be recursive - sys_systems for s390x + * d/rules: report config log from the correct subdir - base build + * d/rules: report config log from the correct subdir - microvm build + * d/control-in: disable rbd support unavailable on riscv + * fix assert in qemu guest agent that crashes on shutdown (LP: #1878973) + * d/control-in: build-dep libcap is no more needed + * d/rules: update -spice compat (Ubuntu only) + + [ Michael Tokarev ] + * save block modules on upgrades (LP: #1847361) + After upgrade a still running qemu of a former version can't load the + new modules e.g. for extended storage support. Qemu 5.0 has the code to + allow defining a path that it will load these modules from. + * ati-vga-check-mm_index-before-recursive-call-CVE-2020-13800.patch + Closes: CVE-2020-13800, ati-vga allows guest OS users to trigger + infinite recursion via a crafted mm_index value during + ati_mm_read or ati_mm_write call. + * revert-memory-accept-mismatching-sizes-in-memory_region_access_valid...patch + Closes: CVE-2020-13754, possible OOB memory accesses in a bunch of qemu + devices which uses min_access_size and max_access_size Memory API fields. + Also closes: CVE-2020-13791 + * exec-set-map-length-to-zero-when-returning-NULL-CVE-2020-13659.patch + CVE-2020-13659: address_space_map in exec.c can trigger + a NULL pointer dereference related to BounceBuffer + * megasas-use-unsigned-type-for-reply_queue_head-and-check-index...patch + Closes: #961887, CVE-2020-13362, megasas_lookup_frame in hw/scsi/megasas.c + has an OOB read via a crafted reply_queue_head field from a guest OS user + * megasas-use-unsigned-type-for-positive-numeric-fields.patch + fix other possible cases like in CVE-2020-13362 (#961887) + * megasas-fix-possible-out-of-bounds-array-access.patch + Some tracepoints use a guest-controlled value as an index into the + mfi_frame_desc[] array. Thus a malicious guest could cause a very low + impact OOB errors here + * nbd-server-avoid-long-error-message-assertions-CVE-2020-10761.patch + Closes: CVE-2020-10761, An assertion failure issue in the QEMU NBD Server. + This flaw occurs when an nbd-client sends a spec-compliant request that is + near the boundary of maximum permitted request length. A remote nbd-client + could use this flaw to crash the qemu-nbd server resulting in a DoS. + * es1370-check-total-frame-count-against-current-frame-CVE-2020-13361.patch + Closes: CVE-2020-13361, es1370_transfer_audio in hw/audio/es1370.c does not + properly validate the frame count, which allows guest OS users to trigger + an out-of-bounds access during an es1370_write() operation + * sdcard-dont-switch-to-ReceivingData-if-address-is-in...-CVE-2020-13253.patch + CVE-2020-13253: sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated + address, which leads to an out-of-bounds read during sdhci_write() + operations. A guest OS user can crash the QEMU process. + And a preparational patch, + sdcard-update-coding-style-to-make-checkpatch-happy.patch + * a few patches from the stable series: + - fix-tulip-breakage.patch + The tulip network driver in a qemu-system-hppa emulation is broken in + the sense that bigger network packages aren't received any longer and + thus even running e.g. "apt update" inside the VM fails. Fix this. + - 9p-lock-directory-streams-with-a-CoMutex.patch + Prevent deadlocks in 9pfs readdir code + - net-do-not-include-a-newline-in-the-id-of-nic-device.patch + Fix newline accidentally sneaked into id string of a nic + - qemu-nbd-close-inherited-stderr.patch + - virtio-balloon-fix-free-page-hinting-check-on-unreal.patch + - virtio-balloon-fix-free-page-hinting-without-an-iothread.patch + - virtio-balloon-unref-the-iothread-when-unrealizing.patch + + [ Aurelien Jarno ] + * Remove myself from maintainers + + -- Michael Tokarev Fri, 03 Jul 2020 18:24:48 +0300 + +qemu (1:5.0-5ubuntu11) hirsute; urgency=medium + + * d/p/ubuntu/define-ubuntu-machine-types.patch: update to fix 15.04 wily + machine type to match how it originally was released (LP: #1902654) + + -- Christian Ehrhardt Mon, 09 Nov 2020 08:19:07 +0100 + +qemu (1:5.0-5ubuntu10) hirsute; urgency=medium + + * No-change rebuild for brltty soname change. + + -- Matthias Klose Mon, 02 Nov 2020 16:59:33 +0100 + +qemu (1:5.0-5ubuntu9) groovy; urgency=medium + + * d/p/u/usb-fix-setup_len-init-CVE-2020-14364.patch: sanity check usb + setup_len + CVE-2020-14364 + + -- Christian Ehrhardt Tue, 22 Sep 2020 16:53:18 +0200 + +qemu (1:5.0-5ubuntu8) groovy; urgency=medium + + * d/p/u/lp-1887930-*: Enable Channel Path Handling for vfio-ccw (LP: #1887930) + + -- Christian Ehrhardt Mon, 14 Sep 2020 08:23:49 +0200 + +qemu (1:5.0-5ubuntu7) groovy; urgency=medium + + * d/p/u/lp-1894942-*: fix virtio-ccw host/guest notification (LP: #1894942) + + -- Christian Ehrhardt Wed, 09 Sep 2020 08:47:12 +0200 + +qemu (1:5.0-5ubuntu6) groovy; urgency=medium + + * d/p/ubuntu/lp-1887935-vfio-ccw-allow-non-prefetch-ORBs.patch: fix boot + from vfio-ccw (LP: #1887935) + + -- Christian Ehrhardt Tue, 25 Aug 2020 11:09:12 +0200 + +qemu (1:5.0-5ubuntu5) groovy; urgency=medium + + * fix qemu-user-static initialization to allow executing systemd + (LP: #1890881) + - d/p/u/lp1890881-linux-user-completely-re-write-init_guest_space.patch + - d/p/u/lp1890881-linux-user-deal-with-address-wrap-for-ARM_COMMPAGE-o.patch + - d/p/u/lp1890881-linux-user-don-t-use-MAP_FIXED-in-pgd_find_hole_fall.patch + - d/p/u/lp1890881-linux-user-elfload-use-MAP_FIXED_NOREPLACE-in-pgb_re.patch + - d/p/u/lp1890881-linux-user-limit-check-to-HOST_LONG_BITS-TARGET_ABI_.patch + - d/p/u/lp1890881-linux-user-provide-fallback-pgd_find_hole-for-bare-c.patch + * fix assertion failue in net_tx_pkt_add_raw_fragment (LP: #1891187) + CVE-2020-16092 + - d/p/u/lp-1891187-hw-net-net_tx_pkt-fix-assertion-failure-in-net_tx.patch + + -- Christian Ehrhardt Wed, 19 Aug 2020 07:19:42 +0200 + +qemu (1:5.0-5ubuntu4) groovy; urgency=medium + + * xen: provide compat links to what libxen-dev reports where to find + the binaries (LP: #1890005) + * d/p/ubuntu/lp-1883984-target-s390x-Fix-SQXBR.patch: avoid crash on + SQXBR (LP: #1883984) + * d/p/lp-1890154-*: fix -no-reboot on s390x secure boot (LP: #1890154) + + -- Christian Ehrhardt Mon, 03 Aug 2020 07:15:28 +0200 + +qemu (1:5.0-5ubuntu3) groovy; urgency=medium + + * d/p/ubuntu/lp-1887763-*: fix TCG sizing that OOMed many small CI + environments (LP: #1887763) + * Pick further changes for groovy from debian/master since 5.0-5 + - ati-vga-check-mm_index-before-recursive-call-CVE-2020-13800.patch + Closes: CVE-2020-13800, ati-vga allows guest OS users to trigger + infinite recursion via a crafted mm_index value during + ati_mm_read or ati_mm_write call. + - revert-memory-accept-mismatching-sizes-in-memory_region_access_valid...patch + Closes: CVE-2020-13754, possible OOB memory accesses in a bunch of qemu + devices which uses min_access_size and max_access_size Memory API fields. + Also closes: CVE-2020-13791 + - exec-set-map-length-to-zero-when-returning-NULL-CVE-2020-13659.patch + CVE-2020-13659: address_space_map in exec.c can trigger + a NULL pointer dereference related to BounceBuffer + - megasas-use-unsigned-type-for-reply_queue_head-and-check-index...patch + Closes: #961887, CVE-2020-13362, megasas_lookup_frame in hw/scsi/megasas.c + has an OOB read via a crafted reply_queue_head field from a guest OS user + - megasas-use-unsigned-type-for-positive-numeric-fields.patch + fix other possible cases like in CVE-2020-13362 (#961887) + - megasas-fix-possible-out-of-bounds-array-access.patch + Some tracepoints use a guest-controlled value as an index into the + mfi_frame_desc[] array. Thus a malicious guest could cause a very low + impact OOB errors here + - nbd-server-avoid-long-error-message-assertions-CVE-2020-10761.patch + Closes: CVE-2020-10761, An assertion failure issue in the QEMU NBD Server. + This flaw occurs when an nbd-client sends a spec-compliant request that is + near the boundary of maximum permitted request length. A remote nbd-client + could use this flaw to crash the qemu-nbd server resulting in a DoS. + - es1370-check-total-frame-count-against-current-frame-CVE-2020-13361.patch + Closes: CVE-2020-13361, es1370_transfer_audio in hw/audio/es1370.c does not + properly validate the frame count, which allows guest OS users to trigger + an out-of-bounds access during an es1370_write() operation + - a few patches from the stable series: + - fix-tulip-breakage.patch + The tulip network driver in a qemu-system-hppa emulation is broken in + the sense that bigger network packages aren't received any longer and + thus even running e.g. "apt update" inside the VM fails. Fix this. + - 9p-lock-directory-streams-with-a-CoMutex.patch + Prevent deadlocks in 9pfs readdir code + - net-do-not-include-a-newline-in-the-id-of-nic-device.patch + Fix newline accidentally sneaked into id string of a nic + - qemu-nbd-close-inherited-stderr.patch + - virtio-balloon-fix-free-page-hinting-check-on-unreal.patch + - virtio-balloon-fix-free-page-hinting-without-an-iothread.patch + - virtio-balloon-unref-the-iothread-when-unrealizing.patch + - acpi-tmr-allow-2-byte-reads.patch (Closes: #964247) + - reapply CVE-2020-13253 fixed from upstream: + sdcard-simplify-realize-a-bit.patch (preparation for the next patch) + sdcard-dont-allow-invalid-SD-card-sizes.patch (half part of CVE-2020-13253) + sdcard-update-coding-style-to-make-checkpatch-happy.patch (preparational) + sdcard-dont-switch-to-ReceivingData-if-address-is-in..-CVE-2020-13253.patch + Closes: #961297, CVE-2020-13253 + - linux-user-refactor-ipc-syscall-and-support-of-semtimedop.patch + (Closes: #965109) + - linux-user-add-netlink-RTM_SETLINK-command.patch (Closes: #964289) + - d/control: since qemu-system-data now contains module(s), + it can't be multi-arch. Ditto for qemu-block-extra. + - qemu-system-foo: depend on exact version of qemu-system-data, + due to the latter having modules + - acpi-allow-accessing-acpi-cnt-register-by-byte.patch' (Closes: #964793) + This is another incarnation of the recent bugfix which actually enabled + memory access constraints, like #964247 + - acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch + this replace acpi-allow-accessing-acpi-cnt-register-by-byte.patch + and acpi-tmr-allow-2-byte-reads.patch, a more complete fix + - xhci-fix-valid.max_access_size-to-access-address-registers.patch + fix one more incarnation of the breakage after the CVE-2020-13754 fix + - do not install outdated (0.12 and before) Changelog (Closes: #965381) + - xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch + ARM-only XGMAC NIC, possible buffer overflow during packet transmission + Closes: CVE-2020-15863 + - sm501 OOB read/write due to integer overflow in sm501_2d_operation() + List of patches: + sm501-convert-printf-abort-to-qemu_log_mask.patch + sm501-shorten-long-variable-names-in-sm501_2d_operation.patch + sm501-use-BIT-macro-to-shorten-constant.patch + sm501-clean-up-local-variables-in-sm501_2d_operation.patch + sm501-replace-hand-written-implementation-with-pixman-CVE-2020-12829.patch + Closes: #961451, CVE-2020-12829 + - riscv-allow-64-bit-access-to-SiFive-CLINT.patch + another fix for revert-memory-accept-.. CVE-2020-13754 + - seabios-hppa-fno-ipa-sra.patch fix ftbfs with gcc-10 + + -- Christian Ehrhardt Tue, 28 Jul 2020 13:21:31 +0200 + +qemu (1:5.0-5ubuntu2) groovy; urgency=medium + + * No change rebuild against new libnettle8 and libhogweed6 ABI. + + -- Dimitri John Ledkov Mon, 29 Jun 2020 22:32:55 +0100 + +qemu (1:5.0-5ubuntu1) groovy; urgency=medium + + * Merge with Debian testing (LP: #1749393), remaining changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-system-common.qemu-kvm.service: systemd unit to call + qemu-kvm-init + - d/qemu-system-common.install: install helper script + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm + - Distribution specific machine type (LP: 1304107 1621042) + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types + - d/qemu-system-x86.NEWS Info on fixed machine type definitions + for host-phys-bits=true (LP: 1776189) + - add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - provide pseries-bionic-2.11-sxxm type as convenience with all + meltdown/spectre workarounds enabled by default. (LP: 1761372). + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type + - Enable nesting by default + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + [ No more strictly needed, but required for backward compatibility ] + - improved dependencies + - Make qemu-system-common depend on qemu-block-extra + - Make qemu-utils depend on qemu-block-extra + - let qemu-utils recommend sharutils + - arch aware kvm wrappers + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - d/control-in: Disable capstone disassembler library support (universe) + - d/qemu-system-x86.README.Debian: add info about updated nesting changes + - d/control*, d/rules: disable xen by default, but provide universe + package qemu-system-x86-xen as alternative + [includes --disable-xen for user-static builds] + - d/control-in: disable pmem on ppc64 as it is currently considered + experimental on that architecture (pmdk v1.8-1) + - d/rules: makefile definitions can't be recursive - sys_systems for s390x + - d/rules: report config log from the correct subdir + - allow qemu to load old modules post upgrade (LP 1847361) + - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on + upgrade + - d/rules: generate maintainer scripts matching package version on build + - d/rules: enable --enable-module-upgrades where --enable-modules is set + - d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP 1835546) + - d/control-in: disable rbd support unavailable on riscv (LP: 1872931) + - debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that + crashes it on shutdown (LP 1878973) + * Dropped changes (no more needed) + - d/qemu-system-common.maintscript: clean old sysv and upstart scripts + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default + in qemu64 cpu type. + - d/control: avoid upgrade issues triggered by moving ivshmem tools after + Debian. Fixed by bumping the related Breaks/Replaces to the + Version Ubuntu introduced the change (LP 1862287) + * Dropped changes (in Debian) + - improved s390x support + - d/binfmt-update-in: fix binfmt being called in some containers + (LP 1840956) + - qemu-system-x86-microvm package + In addition to the generic multi-purpose qemu also provide a minimal + feature binary that is loading faster for use cases with microvm machine + type and qboot bios + - d/control-in: add a new qemu-system-x86-microvm package + - d/rules: add an extra config/build step to get the minimal qemu + - Security and packaging fixes (LP 1872937) + - arm-fix-PAuth-sbox-functions-CVE-2020-10702.patch + - net-tulip-check-frame-size-and-r-w-data-length-CVE-2020-11102.patch + CVE-2020-10702 + CVE-2020-11102 + - fix external spice UI + + install ui-spice-app.so in qemu-system-common + + install ui-spice-app.so only if built, spice is optional + - switch binfmt registration to use update-binfmts --[un]import (#866756) + - qemu-system-gui: Multi-Arch=same, not foreign (#956763) + - qemu-system-data: s/highcolor/hicolor/ (#955741) + - enable riscv build (LP 1872931) + [ changes picked from Debian ] + - enable support for riscv64 hosts + - only enable librbd on architectures where it is built + - ceph: do not list librados-dev as we only use librbd-dev and the latter + depends on the former + - seccomp grew up, no need in versioned build-dep + - enable seccomp only on architectures where it can be built + * Dropped changes (upstream) + - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model + (LP 1857033) + - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP 1859527) + - d/p/ubuntu/vhost-user-gpu-Drop-trailing-json-comma.patch: fix parsing of + vhost-user-gpu + - d/p/ubuntu/lp-1847361-vhost-correctly-turn-on-VIRTIO_F_IOMMU_PLATFORM.patch: + avoid unnecessary IOTLB transactions (LP 1866207) + - d/p/stable/lp-1867519-*: Stabilize qemu 4.2 with upstream + patches @qemu-stable (LP 1867519) + - remove d/p/ubuntu/expose-vmx_qemu64cpu.patch: Stop adding VMX to qemu64 + to avoid broken nesting (LP 1868692) + - d/p/ubuntu/lp-1871830-*: avoid crash when using QEMU_MODULE_DIR + (LP 1871830) + - d/p/ubuntu/lp-1872107*: fix migration while rebooting guests (LP 1872107) + - d/p/ubuntu/lp-1872931-*: fix build on non KVM platforms + - d/p/ubuntu/lp-1872945-*: fix riscv emulation errors that e.g. hung ssh + and clobbered doubles (LP 1872945) + - SECURITY UPDATE: DoS via integer overflow in ati_2d_blt() + - debian/patches/ubuntu/CVE-2020-11869.patch: fix checks in + ati_2d_blt() to avoid crash in hw/display/ati_2d.c. + - CVE-2020-11869 + - d/p/ubuntu/lp-1805256*: Fixes for QEMU on aarch64 ARM hosts + - async: use explicit memory barriers (LP 1805256) + - aio-wait: delegate polling of main AioContext if BQL not held + - d/p/ubuntu/lp-1882774-*: fix issues with VMX subfeatures on systems not + supporting to set them (LP 1882774) + - d/p/ubuntu/lp-1847361-modules-load-upgrade.patch: to fallback module + load to a versioned path + * Added Changes: + - d/control: regenerate debian/control out of control-in + - update d/p/ubuntu/lp-1835546-* to the final versions + - 11 patches dropped as they are in 5.0 + - 20 patches updated to how they will be in 5.1 + - d/p/ubuntu/virtio-net-fix-rsc_ext-compat-handling.patch: fix + FTBFS in groovy + - Make qemu-system-x86-microvm a transitional package as the binary is now + in qemu-system-x86 itself. + - d/control-in: build-dep libcap is no more needed + - d/rules: update arch aware kvm wrappers + - d/qemu-system-x86.README.Debian: fix typo + + -- Christian Ehrhardt Tue, 16 Jun 2020 16:50:09 +0200 + +qemu (1:5.0-5) unstable; urgency=medium + + * more binfmt-install updates + * CVE-2020-10717 fix from upstream: + virtiofsd-add-rlimit-nofile-NUM-option.patch (preparational) and + virtiofsd-stay-below-fs.file-max-CVE-2020-10717.patch + (Closes: #959746, CVE-2020-10717) + * 2 patches from upstream/stable to fix io_uring fd set buildup: + aio-posix-dont-duplicate-fd-handler-deletion-in-fdmon_io_uring_destroy.patch + aio-posix-disable-fdmon-io_uring-when-GSource-is-used.patch + * upstream stable fix: hostmem-dont-use-mbind-if-host-nodes-is-empty.patch + * upstream stable fix: + net-use-peer-when-purging-queue-in-qemu_flush_or_purge_queue_packets.patch + + -- Michael Tokarev Wed, 13 May 2020 12:57:19 +0300 + +qemu (1:5.0-4) unstable; urgency=medium + + * fix binfmt registration (Closes: #959222) + * disable PIE for user-static build on x32 too, not only i386 + + -- Michael Tokarev Fri, 01 May 2020 13:30:43 +0300 + +qemu (1:5.0-3) unstable; urgency=medium + + * do not explicitly enable -static-pie on non-i386 architectures. + Apparenly only amd64 actually support -static-pie for now, and + it is correctly detected. + + -- Michael Tokarev Thu, 30 Apr 2020 08:05:31 +0300 + +qemu (1:5.0-2) unstable; urgency=medium + + * (temporarily) disable pie on i386 static build + For now -static-pie fails on i386 with the following error message: + /usr/bin/ld: /usr/lib/i386-linux-gnu/libc.a(memset_chk-nonshared.o): + unsupported non-PIC call to IFUNC `memset' + * install qemu-system docs in qemu-system-common, not qemu-system-data, + since docs require ./configure run + + -- Michael Tokarev Wed, 29 Apr 2020 23:41:04 +0300 + +qemu (1:5.0-1) unstable; urgency=medium + + * new upstream release (5.0) + Closes: #958926 + Closes: CVE-2020-11869 + * refresh patches, remove patches applied upstream + * do not mention openhackware, it is not used anymore + * do not disable bluez (support removed) + * new system arch "rx" + * dont install qemu-doc.* for now, + but install virtiofsd & qemu-storage-daemon + * add shared-lib-without-dependency-information tag + to qemu-user-static.lintian-overrides + * add html docs to qemu-system-data (to /usr/share/doc/qemu-system-common) + * do not install usr/share/doc/qemu/specs & usr/share/doc/qemu/tools + * install qemu-user html docs for qemu-user & qemu-user-static + * build hppa-firmware.img from roms/seabios-hppa + (and Build-Depeds-Indep on gcc-hppa-linux-gnu) + * enable liburing on linux (build-depend on liburing-dev) + * add upstream signing-key.asc (Michael Roth ) + * build opensbi firmware + (for riscv64 only, riscv32 is possible with compiler flags) + * add source-level lintian-overrides for binaries-without-sources + (lintian can't find sources for a few firmware images which are in roms/) + + -- Michael Tokarev Wed, 29 Apr 2020 12:00:12 +0300 + +qemu (1:4.2-7) unstable; urgency=medium + + * qemu-system-gui: Multi-Arch=same, not foreign (Closes: #956763) + * x32 arch is in the same family as i386 & x86_64, omit binfmt registration + * check systemd-detect-virt before running update-binfmt + * gluster is de-facto linux-only, do not build-depend on it on non-linux + * virglrenderer is also essentially linux-specific + * qemu-user-static does not depend on shlibs + * disable parallel building of targets of d/rules + * add lintian overrides (arch-dependent static binaries) for openbios binaries + * separate binary-indep target into install-indep-prep and binary-indep + * split out various components of qemu-system-data into independent + build/install rules and add infrastructure for more components: + x86-optionrom, sgabios, qboot, openbios, skiboot, palcode-clipper, + slof, s390x-fw + * iscsi-fix-heap-buffer-overflow-in-iscsi_aio_ioctl_cb.patch + + -- Michael Tokarev Mon, 20 Apr 2020 18:30:00 +0300 + +qemu (1:4.2-6) unstable; urgency=medium + + * d/rules: fix FTBFS (brown-paper-bag bug) in last upload + + -- Michael Tokarev Tue, 14 Apr 2020 17:08:45 +0300 + +qemu (1:4.2-5) unstable; urgency=medium + + * no error-out on address-of-packet-member in openbios + * install ui-spice-app.so only if built, spice is optional + * arm-fix-PAuth-sbox-functions-CVE-2020-10702.patch - + Closes: CVE-2020-10702, weak signature generation + in Pointer Authentication support for ARM + * (temporarily) enable seccomp only on architectures where it can be built + (Closes: #956624) + * seccomp has grown up, no need in versioned build-dep + * do not list librados-dev in build-dep as we only use librbd-dev + and the latter depends on the former + * only enable librbd on architectures where it is buildable + + -- Michael Tokarev Tue, 14 Apr 2020 15:47:40 +0300 + +qemu (1:4.2-4) unstable; urgency=medium + + [ Michael Tokarev ] + * d/rules: build minimal configuration for qboot/microvm usage + * set microvm to be the default machine type for microvm case + * install ui-spice-app.so in qemu-system-common + * do not depend on libattr-dev, functions are now in libc6 (Closes: #953910) + * net-tulip-check-frame-size-and-r-w-data-length-CVE-2020-11102.patch + (Closes: #956145, CVE-2020-11102, tulip nic buffer overflow) + * qemu-system-data: s/highcolor/hicolor/ (Closes: #955741) + * switch binfmt registration to use update-binfmts --[un]import + (Closes: #866756) + * build openbios-ppc & openbios-sparc binaries in qemu-system-data, + and replace corresponding binary packages. + Add gcc-sparc64-linux-gnu, fcode-utils & xsltproc to build-depend-indep + * build and provide/replace qemu-slof too + + [ Aurelien Jarno ] + * enable support for riscv64 hosts + + -- Michael Tokarev Tue, 14 Apr 2020 12:44:43 +0300 + +qemu (1:4.2-3ubuntu10) groovy; urgency=medium + + * No-change rebuild against libnettle8 + + -- Steve Langasek Mon, 20 Jul 2020 16:12:37 +0000 + +qemu (1:4.2-3ubuntu9) groovy; urgency=medium + + * debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that + crashes it on shutdown (LP: #1878973) + * d/p/ubuntu/lp-1882774-*: fix issues with VMX subfeatures on systems not + supporting to set them (LP: #1882774) + + -- Christian Ehrhardt Tue, 02 Jun 2020 10:42:49 +0200 + +qemu (1:4.2-3ubuntu8) groovy; urgency=medium + + * d/p/ubuntu/lp-1805256*: Fixes for QEMU on aarch64 ARM hosts + - async: use explicit memory barriers (LP: #1805256) + - aio-wait: delegate polling of main AioContext if BQL not held + + -- Rafael David Tinoco Wed, 27 May 2020 21:47:21 +0000 + +qemu (1:4.2-3ubuntu7) groovy; urgency=medium + + * SECURITY UPDATE: DoS via integer overflow in ati_2d_blt() + - debian/patches/ubuntu/CVE-2020-11869.patch: fix checks in + ati_2d_blt() to avoid crash in hw/display/ati_2d.c. + - CVE-2020-11869 + + -- Marc Deslauriers Thu, 21 May 2020 14:43:19 -0400 + +qemu (1:4.2-3ubuntu6) focal; urgency=medium + + [ Christian Ehrhardt ] + * enable riscv build (LP: #1872931) + [ changes picked from Debian ] + - enable support for riscv64 hosts + - only enable librbd on architectures where it is built + - ceph: do not list librados-dev as we only use librbd-dev and the latter + depends on the former + - seccomp grew up, no need in versioned build-dep + - enable seccomp only on architectures where it can be built + * d/p/ubuntu/lp-1872931-*: fix build on non KVM platforms + * d/p/ubuntu/lp-1872945-*: fix riscv emulation errors that e.g. hung ssh + and clobbered doubles (LP: #1872945) + + [ William Grant ] + * d/control-in: disable rbd support unavailable on riscv (LP: 1872931) + + -- Christian Ehrhardt Wed, 15 Apr 2020 14:27:15 +0200 + +qemu (1:4.2-3ubuntu5) focal; urgency=medium + + [ Christian Ehrhardt ] + * d/p/ubuntu/lp-1871830-*: avoid crash when using QEMU_MODULE_DIR + (LP: #1871830) + * Security and packaging fixes (LP: #1872937) + - arm-fix-PAuth-sbox-functions-CVE-2020-10702.patch + - net-tulip-check-frame-size-and-r-w-data-length-CVE-2020-11102.patch + CVE-2020-10702 + CVE-2020-11102 + - fix external spice UI + + install ui-spice-app.so in qemu-system-common + + install ui-spice-app.so only if built, spice is optional + - switch binfmt registration to use update-binfmts --[un]import (#866756) + - qemu-system-gui: Multi-Arch=same, not foreign (#956763) + - qemu-system-data: s/highcolor/hicolor/ (#955741) + * d/p/ubuntu/lp-1872107*: fix migration while rebooting guests (LP: #1872107) + + -- Christian Ehrhardt Wed, 15 Apr 2020 11:26:44 +0200 + +qemu (1:4.2-3ubuntu4) focal; urgency=medium + + * d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP: #1835546) + * remove d/p/ubuntu/expose-vmx_qemu64cpu.patch: Stop adding VMX to qemu64 + to avoid broken nesting (LP: #1868692) + + -- Christian Ehrhardt Fri, 20 Mar 2020 08:02:16 +0100 + +qemu (1:4.2-3ubuntu3) focal; urgency=medium + + * d/p/stable/lp-1867519-*: Stabilize qemu 4.2 with upstream + patches @qemu-stable (LP: #1867519) + + -- Christian Ehrhardt Wed, 18 Mar 2020 13:57:57 +0100 + +qemu (1:4.2-3ubuntu2) focal; urgency=medium + + * allow qemu to load old modules post upgrade (LP: #1847361) + - d/p/ubuntu/lp-1847361-modules-load-upgrade.patch: to fallback module + load to a versioned path + - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on + upgrade + - d/rules: generate maintainer scripts matching package version on build + - d/rules: enable --enable-module-upgrades where --enable-modules is set + * d/p/ubuntu/lp-1847361-vhost-correctly-turn-on-VIRTIO_F_IOMMU_PLATFORM.patch: + avoid unnecessary IOTLB transactions (LP: #1866207) + + -- Christian Ehrhardt Mon, 02 Mar 2020 15:21:27 +0100 + +qemu (1:4.2-3ubuntu1) focal; urgency=medium + + * Merge with Debian testing, remaining changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-system-common.qemu-kvm.service: systemd unit to call + qemu-kvm-init + - d/qemu-system-common.install: install helper script + - d/qemu-system-common.maintscript: clean old sysv and upstart scripts + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm + - Distribution specific machine type (LP: 1304107 1621042) + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types + - d/qemu-system-x86.NEWS Info on fixed machine type definitions + for host-phys-bits=true (LP: 1776189) + - add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - provide pseries-bionic-2.11-sxxm type as convenience with all + meltdown/spectre workarounds enabled by default. (LP: 1761372). + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type + - Enable nesting by default + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + [ No more strictly needed, but required for backward compatibility ] + - improved dependencies + - Make qemu-system-common depend on qemu-block-extra + - Make qemu-utils depend on qemu-block-extra + - let qemu-utils recommend sharutils + - improved s390x support + - d/rules: build s390-ccw.img with upstream Makefile + - d/rules: build s390-netboot.img with upstream Makefile + - arch aware kvm wrappers + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - d/control-in: Disable capstone disassembler library support (universe) + - d/binfmt-update-in: fix binfmt being called in some containers + (LP 1840956) + - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model + (LP 1857033) + - d/qemu-system-x86.README.Debian: add info about updated nesting changes + - d/control*, d/rules: disable xen by default, but provide universe + package qemu-system-x86-xen as alternative + - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP 1859527) + - Dropped changes [ in Debian ] + - d/control: update VCS links + - d/control-in: bump debhelper build-dep for compat 12 + - d/control: disable bluetooth being deprecated + - d/not-installed: ignore new interop docs and extra icons for now + - d/not-installed: do not install elf2dmp until namespaced + - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap + [ not needed ] + - d/control-in: promote qemu-efi/ovmf in Ubuntu (LP 1570617) + - s390x support + - Create qemu-system-s390x package + - Enable numa support for s390x + - d/control*: enable libpmem support for nvdimms (LP 1790856) + * Added changes + - d/control: regenerate debian/control out of control-in + - qemu-system-x86-microvm package + In addition to the generic multi-purpose qemu also provide a minimal + feature binary that is loading faster for use cases with microvm machine + type and qboot bios + - d/control-in: add a new qemu-system-x86-microvm package + - d/rules: add an extra config/build step to get the minimal qemu + - d/control-in: disable pmem on ppc64 as it is currently considered + experimental on that architecture (pmdk v1.8-1) + - d/rules: makefile definitions can't be recursive - sys_systems for s390x + - d/p/ubuntu/vhost-user-gpu-Drop-trailing-json-comma.patch: fix parsing of + vhost-user-gpu + - d/rules: report config log from the correct subdir + - d/rules: --disable-xen for user-static builds + + -- Christian Ehrhardt Wed, 12 Feb 2020 15:21:56 +0100 + +qemu (1:4.2-3) unstable; urgency=medium + + * mention closing of #909743 in previous changelog (Closes: #909743) + * do not link to qemu-skiboot from qemu-system-ppc (Closes: #950431) + * provide+conflict qemu-skiboot from qemu-system-data, + as we are not using this package anymore + + -- Michael Tokarev Sat, 01 Feb 2020 22:10:57 +0300 + +qemu (1:4.2-2) unstable; urgency=medium + + [ Fabrice Bauzac ] + * Fix a typo in the description of the qemu binary package + + [ Frédéric Bonnard ] + * Enable powernv emulation with skiboot firmware + + [ Michael R. Crusoe ] + * Modernize watch file (Closes: #909743) + + [ Christian Ehrhardt ] + * d/control-in: promote qemu-efi/ovmf in Ubuntu + * d/control-in: bump debhelper build-dep for compat 12 + * - d/control-in: update VCS links + * - d/control-in: disable bluetooth being deprecated + * d/not-installed: ignore new interop docs and extra icons for now + * do not install elf2dmp until namespaced + * d/control-in: Enable numa support for s390x + * Create qemu-system-s390x package (Ubuntu only for now) + + [ Michael Tokarev ] + * stop using inttypes.h in qboot code; + this makes dependency on libc6-dev-i386 to be unnecessary + * qboot-no-jump-tables.diff - use #pragma for one file in qboot + * do not install qemu-edid and qemu-keymap for now + * no need in bluetooth patches as bluetooth is disabled + * scsi-cap-block-count-from-GET-LBA-STATUS-CVE-2020-1711.patch + (Closes: #949731, CVE-2020-1711) + * enable libpmem support on amd64|arm64|ppc64el (Closes: #935327) + + -- Michael Tokarev Fri, 31 Jan 2020 23:51:09 +0300 + +qemu (1:4.2-1ubuntu2) focal; urgency=medium + + * d/control: avoid upgrade issues triggered by moving ivshmem tools after + Debian. Fixed by by bumping the related Breaks/Replaces to the + Version Ubuntu introduced the change (LP: #1862287) + + -- Christian Ehrhardt Fri, 07 Feb 2020 07:31:21 +0100 + +qemu (1:4.2-1ubuntu1) focal; urgency=medium + + * Merge with Debian testing, Among many other things this fixes LP Bugs: + LP: #1847806 - add mff* instructions to not break on ppc64 with newer glibc + LP: #1812822 - avoid crashes on detaching vhost_net interfaces + LP: #1852744 - Crypto Passthrough Interrupt Support + LP: #1853316 - CCW IPL Support + Remaining changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-system-common.qemu-kvm.service: systemd unit to call + qemu-kvm-init + - d/qemu-system-common.install: install helper script + - d/qemu-system-common.maintscript: clean old sysv and upstart scripts + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm + - Distribution specific machine type (LP: 1304107 1621042) + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types + - d/qemu-system-x86.NEWS Info on fixed machine type definitions + for host-phys-bits=true (LP: 1776189) + - add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - provide pseries-bionic-2.11-sxxm type as convenience with all + meltdown/spectre workarounds enabled by default. (LP: 1761372). + - Enable nesting by default + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + [ No more strictly needed, but required for backward compatibility ] + - improved dependencies + - Make qemu-system-common depend on qemu-block-extra + - Make qemu-utils depend on qemu-block-extra + - let qemu-utils recommend sharutils + - s390x support + - Create qemu-system-s390x package + - Enable numa support for s390x + - d/rules: build s390-ccw.img with upstream Makefile + - d/rules: build s390-netboot.img with upstream Makefile + - arch aware kvm wrappers + - d/control: update VCS links + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - d/control-in: Disable capstone disassembler library support (universe) + - d/control: disable bluetooth being deprecated + - d/not-installed: ignore new interop docs and extra icons for now + - d/not-installed: do not install elf2dmp until namespaced + - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap + - d/control-in: promote qemu-efi/ovmf in Ubuntu (LP 1570617) + - d/binfmt-update-in: fix binfmt being called in some containers + (LP 1840956) + - Dropped changes (in Debian) + - qemu-guest-agent: freeze-hook fixes (LP: 1484990) + - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook + - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d + - d/control-in: enable RDMA support in qemu (LP: 1692476) + - enable RDMA config option + - add libibumad-dev build-dep + - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back + some SLOF bits stripped in DFSG to be able to build s390x-netboot roms + As that hack to build s390-ccw.img rom can't build s390x-netboot.img + replace it with a build-indep using the upstream makefiles. + This is less prone to miss future changes/fixes that are done to the + makefiles + - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945) + - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga + - d/rules: fix qemu-kvm service for debhelper compat >=12 + - Refreshed patches for v4.0 context changes + - d/control*: remove sdlabi which was removed upstream + - d/control*: enable docs (now explicit) and provide new build-dep + python3-sphinx + - d/qemu-system-data.install: use new paths for formerly used icons + - Merge with Upstream release of qemu 4.0 + - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch + - Dropped changes (Upstream) + - d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration (LP 1830243) + - d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP 1830238) + - d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch: + fix i386 build error + - d/p/ubuntu/lp-1836066-s390-cpumodel-fix-description-for-the-new-vector-fac: + fix naming of the new vector facitlity (LP 1836066) + - d/p/ubuntu/lp-1836159-fix-with-latest-kernel.patch: fix build issues + for missing SIOCGSTAMP definition; final fix is still in discussion + upstream (LP: 1836159) + - d/p/ubuntu/lp-1836154-*: further fixups for HW CPU model for newer + s390x machines (LP 1836154) + - d/p/ubuntu/lp-1841066-*: fix detection of arch_capability flags + (LP 1841066) + - d/p/lp-1842774-s390x-cpumodel-Add-the-z15-name-to-the-description-o.patch: + update the z15 model name (LP 1842774) + - d/p/ubuntu/lp-1848556-curl-Handle-success-in-multi_check_completion.patch: + fix a potential hang when qemu or qemu-img where accessing http backed + disks via libcurl (LP 1848556) + - d/p/u/lp-1848497-virtio-balloon-fix-QEMU-4.0-config-size-migration-*: + fix migration issue from qemu <4.0 when using virtio-balloon (LP 1848497) + - d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch + toleration for future machines (LP 1830704) + - SECURITY UPDATE: Add support for exposing md-clear functionality + to guests + - d/p/ubuntu/enable-md-clear.patch + - d/p/ubuntu/enable-md-no.patch + - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 + - SECURITY UPDATE: heap overflow when loading device tree blob + - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to + copy the device tree blob into is. + - CVE-2018-20815 + - SECURITY UPDATE: device driver denial of service via NULL pointer + dereference + - d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read' + routine + - CVE-2019-5008 + - SECURITY UPDATE: information leak in SLiRP + - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when + emulating ident. + - CVE-2019-9824 + - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for- + unimplement.patch: properly return architecture defined exception + on bad subcodes of diag 308 (LP 1812384) + * Dropped changes (no more needed) + - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for + mv_conffile since the new path is a directory in the old package + version which can not be handled by mv_conffile. + [ only needed between disco and eoan ] + - disable pvrdma + [ CVEs all fixed now ] + - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch: + avoid misdetection of simplified nesting blocking all migrations + [ qemu now detects and handles nesting - needs kernel >=4.20 ] + - Enable nesting by default + - d/qemu-system-x86.modprobe: set nested=1 module option on intel. + (is default on amd) + - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded + without nested=1 + [ nesting is default in kernel modules and default selected cpu types ] + * Added changes + - d/control: regenerate debian/control out of control-in + - updated ubuntu machine types to match qemu 4.2 in Ubuntu 20.04 Focal + - added ubuntu focal types for qemu 4.2 + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type + - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model + (LP: #1857033) + - d/qemu-system-x86.README.Debian: add info about updated nesting changes + - d/control*, d/rules: disable xen by default, but provide universe + package qemu-system-x86-xen as alternative + - fix typos in changelog and d/qemu-system-x86.NEWS + - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP: #1859527) + - d/control*: enable libpmem support for nvdimms (LP: #1790856) + + -- Christian Ehrhardt Wed, 08 Jan 2020 15:27:42 +0100 + +qemu (1:4.2-1) unstable; urgency=medium + + * new upstream release (4.2.0) + * removed patches: v4.1.1.diff, enable-pschange-mc-no.patch + * do not make sgabios.bin executable (lintian) + * add s390-netboot.img lintian overrides for qemu-system-data + * build qboot (bios-microvm.bin) + * build-depend-indep on libc6-dev-i386 for qboot + (includes some system headers) + + -- Michael Tokarev Sat, 14 Dec 2019 14:07:27 +0300 + +qemu (1:4.1-3) unstable; urgency=medium + + * mention #939869 (CVE-2019-15890) in previous changelog entry + * add Provides: sgabios to qemu-data (Closes: #945924) + * fix qemu-debootsrtap (add hppa arch, print correct error message) + thanks to Helge Deller (Closes: #923410) + * enable long binfmt masks again for mips/mips32 (Closes: #829243) + + -- Michael Tokarev Mon, 02 Dec 2019 13:24:58 +0300 + +qemu (1:4.1-2) unstable; urgency=medium + + * build sgabios in build-indep, conflict with sgabios package + * qemu-system-ppc: build and install canyonlands.dtb in addition to bamboo.dtb + * remove duplicated CVE-2018-20123 & CVE-2018-20124 in prev changelog + * move s390 firmware build rules to debian/s390fw.mak, build s390-netboot.img + * imported v4.1.1.diff - upstream stable branch + Closes: CVE-2019-12068 + Closes: #945258, #945072 + * enable-pschange-mc-no.patch: i386: add PSCHANGE_MC_NO feature + to allow disabling ITLB multihit mitigations in nested hypervisors + Closes: #944623 + * build-depend on nettle-dev, enable nettle, and clarify --enable-lzo + * switch to system libslirp, build-depend on libslirp-dev + Closes: #939869, CVE-2019-15890 + + -- Michael Tokarev Mon, 25 Nov 2019 12:54:05 +0300 + +qemu (1:4.1-1) unstable; urgency=medium + + * new upstream release v4.1 + Closes: #933741, CVE-2019-14378 (slirp buff overflow in packet reassembly) + (use internal slirp copy for now) + Closes: #931351, CVE-2019-13164 (qemu-bridge-helper long IFNAME) + Closes: #922923, CVE-2019-8934 (ppc64 emulator leaks hw identity) + Closes: #916442, CVE-2018-20123 (pvrdma memory leak in device hotplug) + Closes: #922461, CVE-2018-20124 (pvrdma num_sge can exceed MAX_SGE) + Closes: #927924 (new upstream version) + Closes: #897054 (AMD Zen CPU support) + Closes: #935324 (FTBFS due to gluster API change) + Closes: CVE-2018-20125 (pvrdma: DoS in create_cq_ring|create_qp_rings) + Closes: CVE-2018-20126 (pvrdma: memleaks in create_cq_ring|create_qp_rings) + Closes: CVE-2018-20191 (pvrdma: DoS due to missing read operation impl.) + Closes: CVE-2018-20216 (pvrdma: infinite loop in pvrdma_dev_ring.c) + * remove patches which are applied upstream, refresh remaining patches + (bt-use-size_t-...-CVE-2018-19665.patch hasn't been applied upstream, + bluetooth subsystem is going to be removed, we keep it for now) + * debian/source/options: ignore slirp/ submodule + * use python3 for building, not python + * debian/optionrom.mk: add pvh.bin + * switch from libssh2 to libssh, and enable libssh support in ubuntu + * bump spice version requiriment to 0.12.5 + * enable pvrdma + * debian/control-in: remove reference to libsdl + * debian/rules: add new objects for s390-ccw fw + * debian/control: add build dependency on python3-sphinx for docs + * install ui/icons/qemu.svg and qemu.desktop + * debian/rules: remove pc-bios/bamboo.dtb before building it + * install vhost-user-gpu binary and 50-qemu-gpu.json + * debian/rules: remove old maintscript-helper invocations, not needed anymore + * remove +dfsg for now, upload whole upstream source, will trim it later + + -- Michael Tokarev Tue, 27 Aug 2019 12:43:43 +0300 + +qemu (1:4.0+dfsg-0ubuntu10) focal; urgency=medium + + * d/p/ubuntu/lp-1848556-curl-Handle-success-in-multi_check_completion.patch: + fix a potential hang when qemu or qemu-img where accessing http backed + disks via libcurl (LP: #1848556) + * d/p/u/lp-1848497-virtio-balloon-fix-QEMU-4.0-config-size-migration-in.patch: + fix migration issue from qemu <4.0 when using virtio-balloon (LP: #1848497) + + -- Christian Ehrhardt Mon, 21 Oct 2019 14:51:45 +0200 + +qemu (1:4.0+dfsg-0ubuntu9) eoan; urgency=medium + + * d/p/lp-1842774-s390x-cpumodel-Add-the-z15-name-to-the-description-o.patch: + update the z15 model name (LP: #1842774) + + -- Christian Ehrhardt Tue, 24 Sep 2019 11:42:58 +0200 + +qemu (1:4.0+dfsg-0ubuntu8) eoan; urgency=medium + + * d/binfmt-update-in: fix binfmt being called in some containers + (LP: #1840956) + + -- Christian Ehrhardt Mon, 09 Sep 2019 11:03:13 +0200 + +qemu (1:4.0+dfsg-0ubuntu7) eoan; urgency=medium + + * No-change upload with strops.h and sys/strops.h removed in glibc. + + -- Matthias Klose Thu, 05 Sep 2019 11:07:25 +0000 + +qemu (1:4.0+dfsg-0ubuntu6) eoan; urgency=medium + + * d/p/ubuntu/lp-1841066-*: fix detection of arch_capability flags + (LP: #1841066) + + -- Christian Ehrhardt Mon, 26 Aug 2019 12:08:04 +0200 + +qemu (1:4.0+dfsg-0ubuntu5) eoan; urgency=medium + + * d/p/ubuntu/lp-1836154-*: further fixups for HW CPU model for newer + s390x machines (LP: #1836154) + + -- Christian Ehrhardt Wed, 17 Jul 2019 13:20:42 +0200 + +qemu (1:4.0+dfsg-0ubuntu4) eoan; urgency=medium + + * d/control-in: promote qemu-efi/ovmf in Ubuntu (LP: #1570617) + - pick Debian change for (#889885) + move ovmf to recommends on debian and update aarch ovmf refs + - stop Ubuntu to drop ovmf/qemu-efi to a suggest + + -- Christian Ehrhardt Fri, 12 Jul 2019 12:48:24 +0200 + +qemu (1:4.0+dfsg-0ubuntu3) eoan; urgency=medium + + * d/p/ubuntu/lp-1836159-fix-with-latest-kernel.patch: fix build issues + for missing SIOCGSTAMP definition; final fix is still in discussion + upstream (LP: 1836159) + + -- Christian Ehrhardt Thu, 11 Jul 2019 10:10:00 +0200 + +qemu (1:4.0+dfsg-0ubuntu2) eoan; urgency=medium + + * d/p/ubuntu/lp-1836066-s390-cpumodel-fix-description-for-the-new-vector-fac: + fix naming of the new vector facitlity (LP: #1836066) + * d/control-in: update VCS links in control template as well + + -- Christian Ehrhardt Thu, 11 Jul 2019 08:18:44 +0200 + +qemu (1:4.0+dfsg-0ubuntu1) eoan; urgency=medium + + * Merge with Upstream release of qemu 4.0. + Among many other things this fixes LP Bugs: + LP: #1782206 - SnowRidge Accelerator Interfacing Architecture (AIA) + LP: #1828038 - Update s390x CPU Model for more HW support + LP: #1832622 - count cache flush Spectre v2 mitigation for ppc64el + Remaining Changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-system-common.qemu-kvm.service: systemd unit to call + qemu-kvm-init + - d/qemu-system-common.install: install helper script + - d/qemu-system-common.maintscript: clean old sysv and upstart scripts + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm + - Enable nesting by default + - d/qemu-system-x86.modprobe: set nested=1 module option on intel. + (is default on amd) + - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded + without nested=1 + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + - d/qemu-system-x86.README.Debian: document intention of nested being + default is comfort, not full support + - Distribution specific machine type (LP: 1304107 1621042) + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types + - d/qemu-system-x86.NEWS Info on fixed machine type definitions + for host-phys-bits=true (LP: 1776189) + - add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - provide pseries-bionic-2.11-sxxm type as convenience with all + meltdown/spectre workarounds enabled by default. (LP: 1761372). + - improved dependencies + - Make qemu-system-common depend on qemu-block-extra + - Make qemu-utils depend on qemu-block-extra + - let qemu-utils recommend sharutils + - s390x support + - Create qemu-system-s390x package + - Enable numa support for s390x + - arch aware kvm wrappers + - d/control: update VCS links + - qemu-guest-agent: freeze-hook fixes (LP: 1484990) + - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook + - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d + - d/control-in: enable RDMA support in qemu (LP: 1692476) + - enable RDMA config option + - add libibumad-dev build-dep + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - d/control-in: Disable capstone disassembler library support (universe) + - Move s390x roms to a new qemu-system-data-s390x + - d/qemu-system-data.install: install s390x roms as architecture:all in + qemu-system-data + - d/rules: build s390-ccw.img with upstream Makefile + - d/rules: build s390-netboot.img with upstream Makefile + - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back + some SLOF bits stripped in DFSG to be able to build s390x-netboot roms + As that hack to build s390-ccw.img rom can't build s390x-netboot.img + replace it with a build-indep using the upstream makefiles. + This is less prone to miss future changes/fixes that are done to the + makefiles + - d/control-in: add breaks/replaces for moving s390x roms from + qemu-system-s390x to qemu-system-data + - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945) + [From not yet uploaded Debian branch] + - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga + - d/rules: fix qemu-kvm service for debhelper compat >=12 + - disable pvrdma - besides several security holes there are many other + bugs there as well + * Dropped patches that are upstream in v4.0 + - d/p/do-not-link-everything-with-xen.patch + - d/p/usb-mtp-use-O_NOFOLLOW-and-O_CLOEXEC-CVE-2018-16872.patch + - d/p/hw_usb-fix-mistaken-de-initialization-of-CCID-state.patch + - d/p/scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch + - d/p/slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778 + - d/p/i2c-ddc-fix-oob-read-CVE-2019-3812.patch + - d/p/ubuntu/lp-1759509-qmp-query-current-machine-with-wakeup-suspend-suppor + (LP: 1759509) + - d/p/ubuntu/lp-1759509-qga-update-guest-suspend-ram-and-guest-suspend-hybri + - d/p/ubuntu/lp-1759509-qmp-hmp-Make-system_wakeup-check-wake-up-support-and + - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-unimplement + - d/p/ubuntu/CVE-2018-20815.patch + - d/p/ubuntu/CVE-2019-5008.patch + - d/p/ubuntu/CVE-2019-9824.patch + - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch: + avoid misdetection of simplified nesting blocking all migrations + * Dropped further patches + d/p/bt-use-size_t-type-for-length-parameters-instead-of-int-CVE-2018-19665 + [upstream deprecated the whole subsystem instead of applying the fix] + * Added Changes + - updated ubuntu machine types for v4.0 + - added eoan types + - fixed s390x issue of upstream types having a "v" prefix + - add back dropped machine types to avoid more issues like LP: 1802944 + - fix kvm split irqchip default in ubuntu q35 machine type + - drop no more needed spapr_machine_2_11_sxxm_instance_options and + adapt updated CamelCase + - -hpb types now need to use GlobalProperties + - pc_compat_2_0 got a _fn suffix and slight changes + - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: update to + SLOF of qemu 4.0 + - Refreshed patches still needed for v4.0 context changes + - d/p/use-fixed-data-path.patch + - d/p/ubuntu/enable-svm-by-default.patch + - d/p/ubuntu/enable-md-clear.patch + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch + - d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration + (LP: #1830243) + - d/control: disable bluetooth being deprecated + - d/control*: remove sdlabi which was removed upstream + - d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP: #1830238) + - d/control*: enable docs (now explicit) and provide new build-dep + python3-sphinx + - d/not-installed: ignore new interop docs and extra icons for now + - d/not-installed: do not install elf2dmp until namespaced + - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap + - d/qemu-system-data.install: use new paths for formerly used icons + - d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch: + fix i386 build error + + -- Christian Ehrhardt Mon, 24 Jun 2019 16:33:19 +0200 + +qemu (1:3.1+dfsg-8) unstable; urgency=high + + * sun4u-add-power_mem_read-routine-CVE-2019-5008.patch + fixes a null-pointer dereference in sparc/sun4u emulated hw + Closes: #927439, CVE-2019-5008 + * enable-md-no.patch & enable-md-clear.patch + mitigation for MDS (Microarchitectural Data Sampling) issues + Closes: #929067, + CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 + * qxl-check-release-info-object-CVE-2019-12155.patch + fixes null-pointer deref in qxl cleanup code + Closes: #929353, CVE-2019-12155 + * aarch32-exception-return-to-switch-from-hyp-mon.patch + fixes booting U-Boot in UEFI mode on aarch32 + Closes: #927763 + * stop qemu-system-common pre-depending on adduser + Closes: #929261 + + -- Michael Tokarev Mon, 27 May 2019 07:49:25 +0300 + +qemu (1:3.1+dfsg-7) unstable; urgency=high + + [ Michael Tokarev ] + * device_tree-don-t-use-load_image-CVE-2018-20815.patch + fix heap buffer overflow while loading device tree blob + (Closes: CVE-2018-20815) + + [ Christian Ehrhardt ] + * qemu-guest-agent: fix path of fsfreeze-hook (LP: #1820291) + - d/qemu-guest-agent.install: use correct path for fsfreeze-hook + - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for + mv_conffile since the new path is a directory in the old package + version which can not be handled by mv_conffile. + + -- Michael Tokarev Wed, 27 Mar 2019 14:24:06 +0300 + +qemu (1:3.1+dfsg-6) unstable; urgency=high + + * slirp-check-sscanf-result-when-emulating-ident-CVE-2019-9824.patch + fix information leakage in slirp code (Closes: CVE-2019-9824) + + -- Michael Tokarev Mon, 18 Mar 2019 14:41:51 +0300 + +qemu (1:3.1+dfsg-5) unstable; urgency=high + + * i2c-ddc-fix-oob-read-CVE-2019-3812.patch fixes + OOB read in hw/i2c/i2c-ddc.c which allows for memory disclosure. + Closes: #922635, CVE-2019-3812 + + -- Michael Tokarev Mon, 11 Mar 2019 14:30:44 +0300 + +qemu (1:3.1+dfsg-4) unstable; urgency=medium + + * mention closing of #855043 by 3.1+dfsg-3 + * disable pvrdma for now, it is a bit too buggy. + Besides several security holes there are many other bugs there as well, + and the amount of patches applied upstream after 3.1 release is large + (Closes, or really makes unimportant again: CVE-2018-20123 CVE-2018-20124 + CVE-2018-20125 CVE-2018-20126 CVE-2018-20191 CVE-2018-20216) + + -- Michael Tokarev Mon, 11 Feb 2019 14:00:09 +0300 + +qemu (1:3.1+dfsg-3) unstable; urgency=medium + + [ Michael Tokarev ] + * mention #696289 closed by 2.10 + * move ovmf to recommends on debian and update aarch ovmf refs + (Closes: #889885, #855043) + * remove /dev/kvm permission handling (moved to systemd 239-6) + (Closes: #892945) + * build qemu-palcode using alpha cross-compiler + (Closes: #913103) + * fix path in qemu-guest-agent.service (#918378), fixs Bind[s]To + (Closes: #918378 + * use int for sparc64 timeval.tv_usec + (Closes: #920032) + * build-depend on libglusterfs-dev not glusterfs-common + (Closes: #919668, #881527) + * add breaks: qemu-system-data to qemu-system-common, + to close #916279 completely (all this can be removed after buster) + (Closes: #916279) + * scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch + (Closes: #920222, CVE-2019-6501) + * slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778.patch + (Closes: #921525) + * pvrdma-release-device-resources-on-error-CVE-2018-20123.patch + (Closes: #916442, CVE-2018-20123) + * enable rdma and pvrdma, build-depend on + librdmacm-dev, libibverbs-dev, libibumad-dev + * sync debian/qemu-user-static.1 and debian/qemu-user.1 generate the latter + from the former (finally Closes: #901407) + * move ivshmem-server & ivshmem-client from qemu-utils to qemu-system-common + (the binaries are also specific to qemu-system, not useable alone) + * move qemu-pr-helper from qemu-utils to qemu-system-common - + this is an internal qemu-system helper, with possible socket activation, + not intended for use outside of qemu-system + + [ Christian Ehrhardt ] + * qemu-guest-agent: freeze-hook to ignore dpkg files (packaging changes) + + -- Michael Tokarev Wed, 06 Feb 2019 12:23:01 +0300 + +qemu (1:3.1+dfsg-2ubuntu5) eoan; urgency=medium + + * d/p/ubuntu/define-ubuntu-machine-types.patch: fix wily machine type being + broken since 2.11 due to 2.3/2.4 version mismatch in its definition to + fix migrations from old machines (LP: #1829868). + * d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch + toleration for future machines (LP: #1830704 + + -- Christian Ehrhardt Tue, 28 May 2019 11:30:42 +0200 + +qemu (1:3.1+dfsg-2ubuntu4) eoan; urgency=medium + + * SECURITY UPDATE: Add support for exposing md-clear functionality + to guests + - d/p/ubuntu/enable-md-clear.patch + - d/p/ubuntu/enable-md-no.patch + - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 + * SECURITY UPDATE: heap overflow when loading device tree blob + - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to + copy the device tree blob into is. + - CVE-2018-20815 + * SECURITY UPDATE: device driver denial of service via NULL pointer + dereference + - d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read' + routine + - CVE-2019-5008 + * SECURITY UPDATE: information leak in SLiRP + - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when + emulating ident. + - CVE-2019-9824 + + -- Steve Beattie Wed, 08 May 2019 09:27:53 -0700 + +qemu (1:3.1+dfsg-2ubuntu3) disco; urgency=medium + + * qemu-guest-agent: fix path of fsfreeze-hook (LP: #1820291) + - d/qemu-guest-agent.install: use correct path for fsfreeze-hook + - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for + mv_conffile since the new path is a directory in the old package + version which can not be handled by mv_conffile. + * i2c-ddc-fix-oob-read-CVE-2019-3812.patch fixes + OOB read in hw/i2c/i2c-ddc.c which allows for memory disclosure. + Closes: #922635 (Thanks to Gerd Hoffmann and Michael Tokarev) + CVE-2019-3812 + + -- Christian Ehrhardt Mon, 18 Mar 2019 09:20:07 +0100 + +qemu (1:3.1+dfsg-2ubuntu2) disco; urgency=medium + + * disable pvrdma - besides several security holes there are many other + bugs there as well, and the amount of patches applied upstream after + 3.1 release is large (Closes, or actuallymakes unimportant again) + - CVE-2018-20123 + - CVE-2018-20124 + - CVE-2018-20125 + - CVE-2018-20126 + - CVE-2018-20191 + - CVE-2018-20216 + * scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch + - CVE-2019-6501 + * slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778.patch + - CVE-2019-6778 + + -- Christian Ehrhardt Tue, 19 Feb 2019 06:43:04 +0100 + +qemu (1:3.1+dfsg-2ubuntu1) disco; urgency=medium + + * Merge with Debian testing, Among many other things this fixes LP Bugs: + LP: #1806104 - fix misleading page size error on ppc64el + LP: #1782205 - SnowRidge enabled new ISAs + LP: #1786956 - upgrade to qemu >= 3.0 + LP: #1809083 - Backward migration to Xenial on ppc64el + LP: #1803315 - s390x Huge page enablement + LP: #1657409 - enable virglrenderer + Remaining Changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-kvm.service: systemd unit to call qemu-kvm-init + - d/qemu-system-common.install: install systemd unit and helper script + - d/qemu-system-common.maintscript: clean old sysv and upstart scripts + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: install /etc/default/qemu-kvm + - Enable nesting by default + - d/qemu-system-x86.modprobe: set nested=1 module option on intel. + (is default on amd) + - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded + without nested=1 + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + - d/qemu-system-x86.README.Debian: document intention of nested being + default is comfort, not full support + - Distribution specific machine type (LP: 1304107 1621042 1776189 1761372) + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types + - d/qemu-system-x86.NEWS Info on fixed machine type definitions + for host-phys-bits=true (LP: 1776189) + - add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as + convenience with all meltdown/spectre workarounds enabled by default. + (LP: 1761372). + - improved dependencies + - Make qemu-system-common depend on qemu-block-extra + - Make qemu-utils depend on qemu-block-extra + - let qemu-utils recommend sharutils + - s390x support + - Create qemu-system-s390x package + - Enable numa support for s390x + - arch aware kvm wrappers + - d/control: update VCS links (updated to match latest Ubuntu) + - qemu-guest-agent: freeze-hook fixes (LP: 1484990) + - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook + - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d + - d/control-in: enable RDMA support in qemu (LP: 1692476) + - enable RDMA config option + - add libibumad-dev build-dep + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - d/control-in: Disable capstone disassembler library support (universe) + * Added Changes: + - d/p/ubuntu/define-ubuntu-machine-types.patch: update machine type changes + for qemu 3.1 in the Ubuntu Disco release + - d/p/ubuntu/lp-1759509-* fix waking up VMs from dompmsuspend (LP: #1759509) + - Move s390x roms to a new qemu-system-data-s390x + - d/qemu-system-data.install: install s390x roms as architecture:all in + qemu-system-data + - d/rules: build s390-ccw.img with upstream Makefile + - d/rules: build s390x-netboot.img with upstream Makefile + - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back + some SLOF bits stripped in DFSG to be able to build s390x-netboot roms + As that hack to build s390-ccw.img rom can't build s390x-netboot.img + replace it with a build-indep using the upstream makefiles. + This is less prone to miss future changes/fixes that are done to the + makefiles + - d/control-in: add breaks/replaces for moving s390x roms from + qemu-system-s390x to qemu-system-data + - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945) + [From not yet uploaded Debian branch] + - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga + (Closes: #918378) + - d/rules: fix qemu-kvm service for debhelper compat >=12 + - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch: + avoid misdetection of simplified nesting blocking all migrations + - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for- + unimplement.patch: properly return archicture defined exception + on bad subcodes of diag 308 (LP: #1812384) + * Dropped Changes: + - Include s390-ccw.img firmware (old style native build) + - d/rules enable install s390x-netboot.img (old style native build) + - libvirt/qemu user/group support + - qemu-system-common.postinst: remove acl placed by udev, and add udevadm + trigger. + [ Droppable since logind properly sets ACLs now ] + - qemu-system-common.preinst: add kvm group if needed + [ Droppable because systemd/udev take care of it since 239-6] + - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch of qemu-guest-agent + freeze-hook fixes (LP: 1484990) + [upstream] + - d/p/ubuntu/CVE-2018-3639/* update for qemu 2.12 using the final patches + merged upstream + [upstream] + - d/p/ubuntu/CVE-2018-11806-slirp-correct-size.patch: slirp: correct size + computation while concatenating mbuf. + CVE-2018-11806 + [upstream] + - d/p/ubuntu/lp-1781526-powerpc64-align-memory-THP.patch: align to 2MB + for powerpc64 to speed up translation (LP: 1781526) + [upstream] + - d/p/ubuntu/lp-1780773-s390x-cpumodels-add-z14-Model-ZR1.patch: Add + cpu model for z14 ZR1 (LP: 1780773). + [upstream] + - Mark qemu-system-data foreign to be able to install it e.g. on i386 + (Closes: 903562) + [in Debian] + - d/control-in: qemu-keymaps is provided by qemu-system-data now (from yet + unreleased Debian version) + [in Debian] + - d/p/lp-1755912-qxl-fix-local-renderer-crash.patch: Fix an issue triggered + by migrations with UI frontends or frequent guest resolution changes + (LP #1755912) + [upstream] + - d//ubuntu/target-ppc-extend-eieio-for-POWER9.patch: Backport to + extend eieio for POWER9 emulation (LP: 1787408). + [upstream] + - d/p/ubuntu/lp-1789551-seccomp-set-the-seccomp-filter-to-all-threads.patch: + ensure that the seccomp blacklist is applied to all threads (LP: 1789551) + [upstream] + - improve s390x spectre mitigation with etoken facility (LP: 1790457) + [upstream] + - Update pxe netboot images for KVM s390x to qemu 3.0 level (LP: 1790901) + [upstream] + - d/control-in: our addition of a qemu-system-s390x package needs to follow + the split of qemu-system-data by adding a dependency to it (LP: 1798084) + [in Debian] + - debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto + Adapters on s390x (LP: 1787405) + [upstream] + - enable opengl for vfio-MDEV support (LP: 1804766) + [in Debian] + - SECURITY UPDATE: integer overflow in NE2000 NIC emulation + [upstream] + - SECURITY UPDATE: integer overflow via crafted QMP command + [upstream] + - SECURITY UPDATE: OOB heap buffer r/w access in NVM Express Controller + [upstream] + - SECURITY UPDATE: buffer overflow in rtl8139 + [upstream] + - SECURITY UPDATE: buffer overflow in pcnet + [upstream] + - SECURITY UPDATE: DoS via large packet sizes + [upstream] + - SECURITY UPDATE: DoS in lsi53c895a + [upstream] + - SECURITY UPDATE: Out-of-bounds r/w stack access in ppc64 + [upstream] + - SECURITY UPDATE: race condition in 9p + [upstream] + + -- Christian Ehrhardt Tue, 08 Jan 2019 09:41:08 +0100 + +qemu (1:3.1+dfsg-2) unstable; urgency=medium + + * d/rules: split arch and indep builds + * enable s390x cross-compiler and build s390-ccw.img (Closes: #684909) + * build x86 optionrom in qemu-system-data (was in seabios/debian/) + * qemu-system-data: Multi-Arch: allowed=>foreign (Closes: #903562) + * fix Replaces: version for qemu-system-common (Closes: #916279) + * add simple udev rules file for systemd guest agent (Closes: #916674) + * usb-mtp-use-O_NOFOLLOW-and-O_CLOEXEC-CVE-2018-16872.patch + Race condition in usb_mtp implementation (Closes: #916397) + * bt-use-size_t-type-for-length-parameters-instead-of-int-CVE-2018-19665.patch + Memory corruption in bluetooth subsystem (Closes: #916278) + * hw_usb-fix-mistaken-de-initialization-of-CCID-state.patch (Closes: #917007) + * bump debhelper compat to 12 (>>11) + * d/rules: use dh_missing instead of dh_install --list-missing (compat=12) + * use dh_installsystemd for guest agent (Closes: #916625) + * mention closing by 3.1: Closes: #912655, CVE-2018-16847 + * mention closing by 2.10: + Closes: #849798, CVE-2016-10028 + Closes: CVE-2017-9060 + Closes: CVE-2017-8284 + + -- Michael Tokarev Fri, 21 Dec 2018 16:51:39 +0300 + +qemu (1:3.1+dfsg-1) unstable; urgency=medium + + * new upstream release (3.1) + * Security bugs fixed by upstream: + Closes: #910431, CVE-2018-10839: + integer overflow leads to buffer overflow issue + Closes: #911468, CVE-2018-17962 + pcnet: integer overflow leads to buffer overflow + Closes: #911469, CVE-2018-17963 + net: ignore packets with large size + Closes: #908682, CVE-2018-3639 + qemu should be able to pass the ssbd cpu flag + Closes: #901017, CVE-2018-11806 + m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow + via incoming fragmented datagrams + Closes: #902725, CVE-2018-12617 + qmp_guest_file_read in qemu-ga has an integer overflow + Closes: #907500, CVE-2018-15746 + qemu-seccomp might allow local OS guest users to cause a denial of service + Closes: #915884, CVE-2018-16867 + dev-mtp: path traversal in usb_mtp_write_data of the MTP + Closes: #911499, CVE-2018-17958 + Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c + because an incorrect integer data type is used + Closes: #911470, CVE-2018-18438 + integer overflows because IOReadHandler and its associated functions + use a signed integer data type for a size value + Closes: #912535, CVE-2018-18849 + lsi53c895a: OOB msg buffer access leads to DoS + Closes: #914604, CVE-2018-18954 + pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 + allows out-of-bounds write or read access to PowerNV memory + Closes: #914599, CVE-2018-19364 + Use-after-free due to race condition while updating fid path + Closes: #914727, CVE-2018-19489 + 9pfs: crash due to race condition in renaming files + Closes: #912655, CVE-2018-16847 + Out-of-bounds r/w buffer access in cmb operations + * remove patches which were applied upstream + * add new manpage qemu-cpu-models.7 + * qemu-system-ppcemb is gone, use qemu-system-ppc[64] + * do-not-link-everything-with-xen.patch (trivial) + * get-orig-source: handle 3.x and 4.x, and remove roms again, as + upstream wants us to use separate source packages for that stuff + * move generated data from qemu-system-data back to qemu-system-common + * d/control: enable spice on arm64 (Closes: #902501) + (probably should enable on all) + * d/control: change git@salsa urls to https + * add qemu-guest-agent.service (Closes: #795486) + * enable opengl support and virglrenderer (Closes: #813658) + * simplify d/rules just a little bit + * build-depend on libudev-dev, for qga + + -- Michael Tokarev Sun, 02 Dec 2018 19:10:27 +0300 + +qemu (1:2.12+dfsg-3ubuntu9) disco; urgency=medium + + [ Marc Deslauriers ] + * SECURITY UPDATE: integer overflow in NE2000 NIC emulation + - debian/patches/CVE-2018-10839.patch: use proper type in + hw/net/ne2000.c. + - CVE-2018-10839 + * SECURITY UPDATE: integer overflow via crafted QMP command + - debian/patches/CVE-2018-12617.patch: check bytes count read by + guest-file-read in qga/commands-posix.c. + - CVE-2018-12617 + * SECURITY UPDATE: OOB heap buffer r/w access in NVM Express Controller + - debian/patches/CVE-2018-16847.patch: check size in hw/block/nvme.c. + - CVE-2018-16847 + * SECURITY UPDATE: buffer overflow in rtl8139 + - debian/patches/CVE-2018-17958.patch: use proper type in + hw/net/rtl8139.c. + - CVE-2018-17958 + * SECURITY UPDATE: buffer overflow in pcnet + - debian/patches/CVE-2018-17962.patch: use proper type in + hw/net/pcnet.c. + - CVE-2018-17962 + * SECURITY UPDATE: DoS via large packet sizes + - debian/patches/CVE-2018-17963.patch: check size in net/net.c. + - CVE-2018-17963 + * SECURITY UPDATE: DoS in lsi53c895a + - debian/patches/CVE-2018-18849.patch: check message length value is + valid in hw/scsi/lsi53c895a.c. + - CVE-2018-18849 + * SECURITY UPDATE: Out-of-bounds r/w stack access in ppc64 + - debian/patches/CVE-2018-18954.patch: check size before data buffer + access in hw/ppc/pnv_lpc.c. + - CVE-2018-18954 + * SECURITY UPDATE: race condition in 9p + - debian/patches/CVE-2018-19364-1.patch: use write lock in + hw/9pfs/cofile.c. + - debian/patches/CVE-2018-19364-2.patch: use write lock in + hw/9pfs/9p.c. + - CVE-2018-19364 + + [ Christian Ehrhardt] + * debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto + Adapters on s390x (LP: #1787405) + * enable opengl for vfio-MDEV support (LP: #1804766) + - d/control-in: set --enable-opengl + - d/control-in: add gl related build-dependencies + + -- Christian Ehrhardt Wed, 21 Nov 2018 13:17:01 -0500 + +qemu (1:2.12+dfsg-3ubuntu8) cosmic; urgency=medium + + * d/control-in: our addition of a qemu-system-s390x package needs to follow + the split of qemu-system-data by adding a dependency to it (LP: #1798084) + + -- Christian Ehrhardt Wed, 17 Oct 2018 10:50:27 +0200 + +qemu (1:2.12+dfsg-3ubuntu7) cosmic; urgency=medium + + * Update pxe netboot images for KVM s390x to qemu 3.0 level (LP: #1790901) + The SLOF source pieces in src:qemu are only used for s390x netboot, + which are independent ROMs (no linking). All other binaries out of this + are part of src:slof and independent. + - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot-2.12-to-3.0.patch + - d/p/ubuntu/lp-1790901-0*: backport s390x pxelinux netboot capabilities + and related fixes + + -- Christian Ehrhardt Tue, 25 Sep 2018 13:31:15 +0200 + +qemu (1:2.12+dfsg-3ubuntu6) cosmic; urgency=medium + + * improve s390x spectre mitigation with etoken facility (LP: #1790457) + - debian/patches/ubuntu/lp-1790457-s390x-kvm-add-etoken-facility.patch + - debian/patches/ubuntu/lp-1790457-partial-s390x-linux-headers-update.patch + + -- Christian Ehrhardt Wed, 12 Sep 2018 10:06:48 +0200 + +qemu (1:2.12+dfsg-3ubuntu5) cosmic; urgency=medium + + * d/p/ubuntu/lp-1789551-seccomp-set-the-seccomp-filter-to-all-threads.patch: + ensure that the seccomp blacklist is applied to all threads (LP: #1789551) + - CVE-2018-15746 + + -- Christian Ehrhardt Wed, 29 Aug 2018 08:50:36 +0200 + +qemu (1:2.12+dfsg-3ubuntu4) cosmic; urgency=medium + + [ Murilo Opsfelder Araujo ] + * d//ubuntu/target-ppc-extend-eieio-for-POWER9.patch: Backport to + extend eieio for POWER9 emulation (LP: #1787408). + + -- Christian Ehrhardt Mon, 20 Aug 2018 11:52:39 +0200 + +qemu (1:2.12+dfsg-3ubuntu3) cosmic; urgency=medium + + * d/p/lp-1755912-qxl-fix-local-renderer-crash.patch: Fix an issue triggered + by migrations with UI frontends or frequent guest resolution changes + (LP: #1755912) + + -- Christian Ehrhardt Thu, 19 Jul 2018 08:26:52 +0200 + +qemu (1:2.12+dfsg-3ubuntu2) cosmic; urgency=medium + + * Disable capstone disassembler library support (universe dependency) + + -- Christian Ehrhardt Tue, 17 Jul 2018 08:35:32 +0200 + +qemu (1:2.12+dfsg-3ubuntu1) cosmic; urgency=medium + + * Merge with Debian testing, Remaining Changes: + - Among other things this fixes (LP: #1780768, LP: #1780769, LP: #1780772) + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-kvm.service: systemd unit to call qemu-kvm-init + - d/qemu-system-common.install: install systemd unit and helper script + - d/qemu-system-common.maintscript: clean old sysv and upstart scripts + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: install /etc/default/qemu-kvm + - Enable nesting by default + - set nested=1 module option on intel. (is default on amd) + - re-load kvm_intel.ko if it was loaded without nested=1 + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + - d/qemu-system-x86.README.Debian: document intention of nested being + default is comfort, not full support + - libvirt/qemu user/group support + - qemu-system-common.postinst: remove acl placed by udev, and add udevadm + trigger. + - qemu-system-common.preinst: add kvm group if needed + - Distribution specific machine type + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types to ease future live vm migration. + - d/qemu-system-x86.NEWS Info on fixed machine type definitions + - d/p/ubuntu/machine-type-hpb.patch: add -hpb machine type + for host-phys-bits=true (LP: 1776189) + - add an info about -hpb machine type in debian/qemu-system-x86.NEWS + - d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as + convenience with all meltdown/spectre workarounds enabled by default. + (LP: 1761372). + - improved dependencies + - Make qemu-system-common depend on qemu-block-extra + - Make qemu-utils depend on qemu-block-extra + - let qemu-utils recommend sharutils + - s390x support + - Create qemu-system-s390x package + - Include s390-ccw.img firmware + - Enable numa support for s390x + - arch aware kvm wrappers + - update VCS-git (updated to match cosmic) + - qemu-guest-agent: freeze-hook fixes (LP: 1484990) + - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch + - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook + - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d + - Create and install pxe netboot images for KVM s390x (LP: 1732094) + - d/rules enable install s390x-netboot.img + - d/control-in: enable RDMA support in qemu (LP: 1692476) + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - SECURITY UPDATE: Speculative Store Bypass + - debian/patches/ubuntu/CVE-2018-3639/0001*.patch: define the 'ssbd' + CPUID feature bit in target/i386/cpu.*. + - debian/patches/ubuntu/CVE-2018-3639/0002*.patch: define the AMD + 'virt-ssbd' CPUID feature bit in target/i386/cpu.c. + - debian/patches/ubuntu/CVE-2018-3639/0003*.patch: define the Virt SSBD + MSR and handling of it in target/i386/cpu.h, target/i386/kvm.c, + target/i386/machine.c. + - CVE-2018-3639 + * Added Changes: + - update machine type changes for qemu 2.12 and the Ubuntu Cosmic release + - add cosmic types for base and -hpb + - drop no more supported types (zesty and yakkety) + - d/p/series: group machine type changes + - d/p/ubuntu/CVE-2018-3639/* update for qemu 2.12 using the final patches + merged upstream + - d/p/ubuntu/CVE-2018-11806-slirp-correct-size.patch: slirp: correct size + computation while concatenating mbuf. + CVE-2018-11806 + - d/qemu-kvm-init, d/qemu-system-common.qemu-kvm.default: drop the + deprecated handling of VHOST_NET_ENABLED and KVM_HUGEPAGES. + - d/qemu-kvm-init: do not exit early on non x86/ppc64el (LP: #1763275) + - d/qemu-kvm-init, d/kvm.powerpc: clean up typos and shellcheck warnings + - d/qemu-kvm-init, d/kvm.powerpc: fix SMT detection and make it only apply + to POWER8 + - d/qemu-kvm-init: drop old VM detection that was broken in some cases and + is no more needed with systemd-detect-virt being more mature and always + present. + - d/kvm.powerpc: drop old powerpc (non-ppc64el) code. + - d/control-in: add libibumad-dev which is now needed for rdma + - d/rules: update s390x delta to match new Debian packaging + - d/p/ubuntu/lp-1781526-powerpc64-align-memory-THP.patch: align to 2MB + for powerpc64 to speed up translation (LP: #1781526) + - d/p/ubuntu/lp-1780773-s390x-cpumodels-add-z14-Model-ZR1.patch: Add + cpu model for z14 ZR1 (LP: #1780773). + - Mark qemu-system-data foreign to be able to install it e.g. on i386 + (Closes: 903562) + - d/control-in: qemu-keymaps is provided by qemu-system-data now (from yet + unreleased Debian version) + * Dropped Changes: + - debian/patches/ubuntu/partial-SLOF-for-s390x-netboot-compilation.patch + (No more removed when building DFSG orig tarball in Debian) + - sdl2 is yet too unstable for the LTS Ubuntu release given the reports + we still see upstream and in Debian - furthermore sdl2 isn't in main yet, + so we revert related changes to stick with the proven for now: + - 0fd25810 - do not build-depend on libx11-dev (libsdl2-dev already + depends on it) + - 9594f820 - switch from sdl1.2 to sdl2 (#870025) + (Debian switched to gtk which seems to work better and has all + dependencies in main.) + - d/control-in: enable seccomp on s390x (in Debian for Linux-any) + - Changes that are now upstream with qemu 2.12 + - d/p/ubuntu/lp1753826-memfd-fix-configure-test.patch: fix FTBFS with + newer versions of glibc >=2.27 (LP: 1753826) + - d/p/ubuntu/qemu-stable-2.11.1.patch: add stable release + - d/p/ubuntu/lp1739665-SSE-AVX-AVX512-cpu-features.patch: Enable new + SSE/AVX/AVX512 cpu features (LP: 1739665) + - d/p/ubuntu/lp1740219-continuous-space-commpage.patch: make Arm + space+commpage continuous which avoids long startup times on + qemu-user-static (LP: 1740219) + - provide pseries-2.12-sxxm type (LP: 1761372) + - d/p/ubuntu/lp-1704312-1-* provide means to manually handle + filesystem-dax with pmem by backporting align and unarmed options + (LP: 1704312). + - d/p/ubuntu/lp-1762315-slirp-Add-domainname.patch: slirp: Add domainname + option to slirp's DHCP server (LP: 1762315) + - d/p/ubuntu/lp-1762854-*: fix issue with SCSI-2 devices denying + Protection information (LP: 1762854). + - d/p/ubuntu/lp-1763468-*: fix VSMT handling to fix ppc64el P8/P9 + migration (LP: 1763468). + - SECURITY UPDATE: out-of-bounds access during migration via ps2 + CVE-2017-16845 + - SECURITY UPDATE: arbitrary code execution via load_multiboot + CVE-2018-7550 + - SECURITY UPDATE: denial of service in Cirrus CLGD 54xx VGA + CVE-2018-7858 + + -- Christian Ehrhardt Thu, 21 Jun 2018 14:24:06 +0200 + +qemu (1:2.12+dfsg-3) unstable; urgency=medium + + * make qemu-system-foo depending + on qemu-system-data >>ver~, not >>ver + (Closes: #900585) + * do not build qemu-system-gui on hppa + * use dh_lintian for lintian overrides + * update VCS fields to point to salsa.debian.org + + -- Michael Tokarev Fri, 01 Jun 2018 21:42:29 +0300 + +qemu (1:2.12+dfsg-2) unstable; urgency=medium + + * create new package, qemu-system-gui, + and package GTK module and audio modules in there + Closes: #850584 + * add an item about qemu-system-gui to debian/qemu-system-common.NEWS + * qemu-system-*: require more recent qemu-system-common + * switch all builds to be in a single b/ subdir + * d/get-orig-source: remove .oco (object) files from roms/SLOF/ + * refresh patches/use-fixed-data-path.patch: remove now-unused local var too + * ccid-card-passthru-fix-regression-in-realize.patch (Closes: #900006) + * debian/control-in: enable seccomp on linux-any (Closes: #900055) + * create new arch-indep package qemu-system-data, for data and firmware files. + Move common data files from qemu-system-common to it, for now + * fix sata/ahci stalls (ahci-fix-PxCI-register-race.patch) + * tcg-i386-Fix-dup_vec-in-non-AVX2-codepath.patch (Closes: #900372) + + -- Michael Tokarev Thu, 31 May 2018 13:22:55 +0300 + +qemu (1:2.12+dfsg-1) unstable; urgency=medium + + * new upstream release + * get-orig-source: do not remove roms/* directories, + since we will use these to build the roms + * disable building on hppa arch (not supported upstream since ong time) + * Use https://download.qemu.org to download new tarballs (Closes: #895067) + * add Breaks: binfmt-support (<<2.1.7) so that --fix-binary works; + also fix qemu-user-static description (Closes: #896478) + + -- Michael Tokarev Thu, 26 Apr 2018 20:29:36 +0300 + +qemu (1:2.12~rc3+dfsg-2) unstable; urgency=medium + + * fix typo in previous changelog entry + * add riscv32/riscv64 to qemu-debootstrap + * install gtk message catalogs into qemu-system-common (Closes: #878130) + (and install-gtk-message-catalogs-if-CONFIG_GTK.patch) + * tcg_mips-handle-large-offsets-from-target-env-to-tlb_table.patch: + fix FTBFS on mips targets + + -- Michael Tokarev Sat, 14 Apr 2018 17:01:24 +0300 + +qemu (1:2.12~rc3+dfsg-1) unstable; urgency=medium + + * new upstream 2.12 release (Release Candidate 3) + Closes: #892041, CVE-2018-7550 + Closes: #884806, CVE-2017-15124 + Closes: #887392, CVE-2018-5683 + Closes: #892497, CVE-2018-7858 + Closes: #882136, CVE-2017-16845 + Closes: #886532, #892947, #891375, #887892, #860822, #851694 + * refresh local debian patches + * d/rules: enable new system (hppa riscv32 riscv64) and + user (aarch64_be xtensa xtensaeb riscv32 riscv64) targets + Closes: #893767 + * fix d/source/options to match current reality + * drop use-data-path.patch, upstream now has --firmwarepath= option + * enable capstone disassembler library support + (build-depend on libcapstone-dev) + * debian/extract-config-opts: use tab for option / condition separator + * qemu-block-extra: install only block modules + * make `qemu' metapackage to be dummy, to remove it in a future release + * do not suggest kmod, it is pointless + * install /usr/bin/qemu-pr-helper to qemu-utils package + * switch from sdl2 to gtk ui + Closes: #839695, #886671, #879536, #879534, #879532, #879193, #894852 + * qemu-system-ppc: forgotten qemu-system-ppc64le.1 link + * mention closing of #880582 by 2.11 + * package will built against spice 0.14, so Closes: #854959 + * check sfdisk presence in qemu-make-debian-root (Closes: #872098) + * check mke2fs presence in qemu-make-debian-root (Closes: #887207) + * debian/binfmt-update-in: include forgotten hppa (Closes: #891261) + * debian/TODO: removed some old ToDo items + * use binfmt-support --fix-binary option (Closes: #868030) + + -- Michael Tokarev Thu, 12 Apr 2018 19:04:03 +0300 + +qemu (1:2.11+dfsg-1ubuntu11) cosmic; urgency=medium + + * d/p/ubuntu/machine-type-hpb.patch: add -hpb machine type + for host-phys-bits=true (LP: #1776189) + - add an info about this change in debian/qemu-system-x86.NEWS + + -- Christian Ehrhardt Tue, 12 Jun 2018 09:01:00 +0200 + +qemu (1:2.11+dfsg-1ubuntu10) cosmic; urgency=medium + + * SECURITY UPDATE: Speculative Store Bypass + - debian/patches/ubuntu/CVE-2018-3639/0001*.patch: define the 'ssbd' + CPUID feature bit in target/i386/cpu.*. + - debian/patches/ubuntu/CVE-2018-3639/0002*.patch: define the AMD + 'virt-ssbd' CPUID feature bit in target/i386/cpu.c. + - debian/patches/ubuntu/CVE-2018-3639/0003*.patch: define the Virt SSBD + MSR and handling of it in target/i386/cpu.h, target/i386/kvm.c, + target/i386/machine.c. + - CVE-2018-3639 + + -- Marc Deslauriers Tue, 22 May 2018 09:34:52 -0400 + +qemu (1:2.11+dfsg-1ubuntu9) cosmic; urgency=medium + + * SECURITY UPDATE: out-of-bounds access during migration via ps2 + - debian/patches/ubuntu/CVE-2017-16845.patch: check PS2Queue pointers + in post_load routine in hw/input/ps2.c. + - CVE-2017-16845 + * SECURITY UPDATE: arbitrary code execution via load_multiboot + - debian/patches/ubuntu/CVE-2018-7550.patch: handle bss_end_addr being + zero in hw/i386/multiboot.c. + - CVE-2018-7550 + * SECURITY UPDATE: denial of service in Cirrus CLGD 54xx VGA + - debian/patches/ubuntu/CVE-2018-7858.patch: fix region calculation in + hw/display/vga.c. + - CVE-2018-7858 + + -- Marc Deslauriers Wed, 16 May 2018 14:14:20 -0400 + +qemu (1:2.11+dfsg-1ubuntu8) cosmic; urgency=medium + + * No-change rebuild for ncurses soname changes. + + -- Matthias Klose Thu, 03 May 2018 14:18:39 +0000 + +qemu (1:2.11+dfsg-1ubuntu7) bionic; urgency=medium + + * d/p/ubuntu/lp-1762854-*: fix issue with SCSI-2 devices denying Protection + information (LP: #1762854). + * d/p/ubuntu/lp-1763468-*: fix VSMT handling to fix ppc64el P8/P9 migration + (LP: #1763468). + + -- Christian Ehrhardt Wed, 11 Apr 2018 07:46:18 +0200 + +qemu (1:2.11+dfsg-1ubuntu6) bionic; urgency=medium + + * Remove LP: 1752026 changes to d/p/ubuntu/define-ubuntu-machine-types.patch. + The Kernel fixes are preferred and already committed to the kernel. + Therefore remove the default disabling of the HTM feature (LP: #1761175) + * d/p/ubuntu/lp1739665-SSE-AVX-AVX512-cpu-features.patch: Enable new + SSE/AVX/AVX512 cpu features (LP: #1739665) + * d/p/ubuntu/lp1740219-continuous-space-commpage.patch: make Arm + space+commpage continuous which avoids long startup times on + qemu-user-static (LP: #1740219) + * d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as + convenience with all meltdown/spectre workarounds enabled by default. + This is not the default type following upstream and x86 on that. + (LP: #1761372). + * d/p/ubuntu/lp-1704312-1-* provide means to manually handle filesystem-dax + with pmem by backporting align and unarmed options (LP: #1704312). + * d/p/ubuntu/lp-1762315-slirp-Add-domainname.patch: slirp: Add domainname + option to slirp's DHCP server (LP: #1762315) + + -- Christian Ehrhardt Wed, 04 Apr 2018 15:16:07 +0200 + +qemu (1:2.11+dfsg-1ubuntu5) bionic; urgency=medium + + * Revert the slirp changes of 1:2.11+dfsg-1ubuntu3 until they are upstream + accepted to be better long term maintainable (LP: #1753938) + + -- Christian Ehrhardt Thu, 22 Mar 2018 10:31:23 +0100 + +qemu (1:2.11+dfsg-1ubuntu4) bionic; urgency=medium + + * d/p/ubuntu/define-ubuntu-machine-types.patch: Disable HTM feature for + ppc64el in spapr to let the defaults not fail on Power9 HW (LP: #1752026). + * d/p/ubuntu/lp1753826-memfd-fix-configure-test.patch: fix FTBFS with newer + versions of glibc >=2.27 (LP: #1753826) + + -- Christian Ehrhardt Mon, 05 Mar 2018 16:43:01 +0100 + +qemu (1:2.11+dfsg-1ubuntu3) bionic; urgency=medium + + * d/p/ubuntu/0001-slirp-Add-domainname-option-to-slirp-s-DHCP-server.patch, + d/p/ubuntu/0002-slirp-Add-classless-static-routes-support-to-DHCP-se.patch: + Add domainname option and classless static routes support to the user + networking's DHCP server + + -- Benjamin Drung Fri, 02 Mar 2018 21:08:54 +0100 + +qemu (1:2.11+dfsg-1ubuntu2) bionic; urgency=medium + + * d/p/ubuntu/qemu-stable-2.11.1.patch: add stable release + - among other fixes this adds code to: + - mitigate the Spectre/Meltdown attacks (LP: #1744882) (CVE-2017-5715) + However, enabling this functionality requires additional configuration + beyond just updating QEMU. Also migrations need special consideration. + Details about that can be found at: + https://www.qemu.org/2018/02/14/qemu-2-11-1-and-spectre-update/ + - Power9 allocation of max 8 threads per core (LP: #1750526) + * Drop changes that are part of the upstream stable release + - d/p/ubuntu/linux-headers-update-to-4.15-rc1.patch + - d/p/ubuntu/linux-headers-update-4.15-rc9.patch + - d/p/ubuntu/lp1743560-s390x-kvm-Handle-bpb-feature.patch + - d/p/ubuntu/lp1743560-s390x-kvm-provide-stfle.81.patch + * d/p/ubuntu/define-ubuntu-machine-types.patch: refresh to match stable update + * d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: unify to only change the + common compat.h header and add some extra info in the patch header. + + -- Christian Ehrhardt Mon, 19 Feb 2018 11:03:11 +0100 + +qemu (1:2.11+dfsg-1ubuntu1) bionic; urgency=medium + + * Merge with Debian testing, among other fixes this includes + - fix fatal error on negative maxcpus (LP: #1722495) + - fix segfault on dump-guest-memory on guests without memory (LP: #1723381) + - linux user threading issues (LP: #1350435) + - TOD-Clock Epoch Extension Support on s390x (LP: #1732691) + Remaining changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-kvm.service: systemd unit to call qemu-kvm-init + - d/qemu-system-common.install: install systemd unit and helper script + - d/qemu-system-common.maintscript: clean old sysv and upstart scripts + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: install /etc/default/qemu-kvm + - Enable nesting by default + - set nested=1 module option on intel. (is default on amd) + - re-load kvm_intel.ko if it was loaded without nested=1 + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + - libvirt/qemu user/group support + - qemu-system-common.postinst: remove acl placed by udev, and add udevadm + trigger. + - qemu-system-common.preinst: add kvm group if needed + - Distribution specific machine type + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types to ease future live vm migration. + - d/qemu-system-x86.NEWS Info on fixed machine type definitions + - improved dependencies + - Make qemu-system-common depend on qemu-block-extra + - Make qemu-utils depend on qemu-block-extra + - let qemu-utils recommend sharutils + - s390x support + - Create qemu-system-s390x package + - Include s390-ccw.img firmware + - Enable numa support for s390x + - ppc64[le] support + - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink + - arch aware kvm wrappers + * Added Changes + - update VCS-git to match the bionic branch + - sdl2 is yet too unstable for the LTS Ubuntu release given the reports + we still see upstream and in Debian - furthermore sdl2 isn't in main yet, + so we revert related changes to stick with the proven for now: + - 0fd25810 - do not build-depend on libx11-dev (libsdl2-dev already + depends on it) + - 9594f820 - switch from sdl1.2 to sdl2 (#870025) + - d/qemu-system-x86.README.Debian: document intention of nested being + default is comfort, not full support + - update Ubuntu machine types for qemu 2.11 + - qemu-guest-agent: freeze-hook fixes (LP: #1484990) + - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch + - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook + - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d + - Create and install pxe netboot images for KVM s390x (LP: #1732094) + - d/rules enable install s390x-netboot.img + - debian/patches/ubuntu/partial-SLOF-for-s390x-netboot-compilation.patch + - d/control-in: enable RDMA support in qemu (LP: #1692476) + - on s390x provide facility bits 81 (ppa15) and 82 (bpb) (LP: #1743560) + - d/p/ubuntu/linux-headers-update-to-4.15-rc1.patch + - d/p/ubuntu/linux-headers-update-4.15-rc9.patch + - d/p/ubuntu/lp1743560-s390x-kvm-Handle-bpb-feature.patch + - d/p/ubuntu/lp1743560-s390x-kvm-provide-stfle.81.patch + - tolerate ipxe size change on migrations to >=18.04 (LP: #1713490) + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types + reference 256k path + - d/control: depend on ipxe-qemu-256k-compat-efi-roms to be able to + handle incoming migrations from former releases. + - d/control-in: enable seccomp on s390x + * Dropped changes (no more needed): + - Dropped VHOST_NET_ENABLED and KVM_HUGEPAGES from /etc/default/qemu-kvm + The functionality is retained for upgraders, but is deprecated. + Post 18.04 the implementation for these configurations will be removed. + * Dropped changes (in Debian now): + - ppc64[le] support + - Enable seccomp for ppc64el + - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64 + - disable missing x32 architecture + - d/rules: or32 is now named or1k (since 4a09d0bb) + - d/qemu-system-common.docs: new paths since (ac06724a) + - d/qemu-system-common.install: qmp-commands.txt removed, but replaced + by qapi-schema.json which is already packaged (since 4d8bb958) + - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update + to Debian patch to match qemu 2.10) + - d/qemu-system-common.docs: adapt new path of live-block-operations.rst + since 8508eee7 + - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1 + - make nios2/hppa not installed explicitly until further stablized + - d/qemu-guest-agent.install: add the new guest agent reference man page + qemu-ga-ref + - d/qemu-system-common.install: add the now generated qapi/qmp reference + along the qapi intro + - d/not-installed: ignore further generated (since 56e8bdd4) files in + dh_missing that are already provided in other formats qemu-doc, + qemu-qmp-ref,qemu-ga-ref + * Dropped changes (integrated upstream): + - d/p/detect-ITS-and-skip-usage-on-older-kernel.patch to avoid crashes + on arm64 when doing suspend/resume and reboots due to older kernels not + supporting ITS (LP 1731051). + - Apply linux-user-return-EINVAL-from-prctl-PR_-_SECCOMP.patch from + James Cowgill to prevent qemu-user from forwarding prctl seccomp + calls (LP 1726394) + - update to upstream 2.10.1 point release (LP 1722808) + + + + -- Christian Ehrhardt Mon, 22 Jan 2018 14:35:18 +0100 + +qemu (1:2.11+dfsg-1) unstable; urgency=medium + + [ Michael Tokarev ] + * update to new upstream (2.11) release + Closes: #883625, CVE-2017-17381 + Closes: #880832, CVE-2017-15289 + Closes: #880836, CVE-2017-15268 + Closes: #883399, CVE-2017-15119 + Closes: #883406, CVE-2017-15118 + Closes: #880582 + * update to new upstream, remove old patches, refresh debian patches + * disable sdl audio driver (pulse or oss should work fine) + * do not build-depend on libx11-dev (libsdl2-dev already depends on it) + * move libpulse-dev build-dep to a better place + * clean up d/control from various old conflicts/replaces/provides + * remove --with-system-pixman, not used anymore + * remove ubuntu-specific qemu-system-aarch64 transitional package (trusty) + * remove ubuntu-specific mentions of old qemu-kvm-spice package (precise) + * remove old comment about /etc/kvm from qemu-kvm description + * add Suggests: openbios-sparc for qemu-system-sparc on ubuntu + (similar to what is done for qemu-system-ppc) + * update get-orig-source.sh with new blobs/submodules + * update debian/watch a bit + + [ Aurelien Jarno ] + * debian/control-in: build qemu-system and qemu-user on mips64 and + mips64el. Closes: #880485. + + [ Christian Ehrhardt ] + * ppc64[le]: provide symlink matching arch name + * d/control-in: Enable seccomp for ppc64el, + this bumps minimum libseccomp version + + -- Michael Tokarev Thu, 11 Jan 2018 14:42:12 +0300 + +qemu (1:2.10.0+dfsg-2) unstable; urgency=medium + + * update to upstream 2.10.1 point release + Closes: #877160 + Closes: CVE-2017-13673 + * remove 3 patches included upstream: + multiboot-validate-multiboot-header-address-values-CVE-2017-14167.patch + vga-stop-passing-pointers-to-vga_draw_line-functions-CVE-2017-13672.patch + slirp-fix-clearing-ifq_so-from-pending-packets-CVE-2017-13711.patch + * 9pfs-use-g_malloc0-to-allocate-space-for-xattr-CVE-2017-15038.patch + Closes: #877890, CVE-2017-15038 + * remove-trailing-whitespace-from-qemu-options.hx.patch + Closes: #875711 + * drop dh_makeshlibs call (was for libcacard) + * drop linux-libc-dev build-dependency (it gets pulled by libc-dev) + * switch from sdl1 to sdl2 (Closes: #870025) + + -- Michael Tokarev Sun, 08 Oct 2017 12:51:09 +0300 + +qemu (1:2.10.0+dfsg-1) unstable; urgency=medium + + * remove blobs, to DFSG'ify it again (there's still + no source for some blobs included in upstream tarball) + There's no way to revert to 2-number version due to prev. upload + * update from upstream git (no changes but include date & commit-id): + multiboot-validate-multiboot-header-address-values-CVE-2017-14167.patch + * update previous changelog entry (fix bug/closes refs): + Closes: #873851, CVE-2017-13672 + Closes: #874606, CVE-2017-14167 + Closes: #873875, CVE-2017-13711 + + -- Michael Tokarev Mon, 25 Sep 2017 09:46:53 +0300 + +qemu (1:2.10.0-1) unstable; urgency=medium + + * new upstream release, 2.10 + Closes: #865754, CVE-2017-9503 + Closes: #864219, CVE-2017-9375 + Closes: #869945 + Closes: #867978 + Closes: #871648, #871702, #872257 + Closes: #851694 + Closes: #696289 + Closed in this upstream release: + #865755, CVE-2017-9524 + #863840, CVE-2017-9310 + #863943, CVE-2017-9330 + #864216, CVE-2017-9373 + #864568, CVE-2017-9374 + #869171, CVE-2017-11434 + #869173, CVE-2017-11334 + #869706, CVE-2017-10911 + #867751, CVE-2017-10806 + #866674, CVE-2017-10664 + #873849, CVE-2017-12809 + #849798, CVE-2016-10028 + CVE-2017-9060 + CVE-2017-8284 + * dropped all fixes, applied upstream + * dropped 02_kfreebsd.patch - apparently not relevant anymore + * dropped +dfsg, use upstream tarball directly: we do not use + binaries shipped there, and even for those, upstream tarball + contains the sources + * refreshed list of targets: + qemu-or32, qemu-system-or32 => qemu-or1k, qemu-system-or1k + +qemu-nios2, qemu-system-nios2 + +qemu-hppa + * added hppa binfmt entry + * refreshed docs lists for various packages + * new (security) patches: + vga-stop-passing-pointers-to-vga_draw_line-functions-CVE-2017-13672.patch + Closes: #873851, CVE-2017-13672 + multiboot-validate-multiboot-header-address-values-CVE-2017-14167.patch + Closes: #874606, CVE-2017-14167 + slirp-fix-clearing-ifq_so-from-pending-packets-CVE-2017-13711.patch + Closes: #873875, CVE-2017-13711 + + -- Michael Tokarev Sat, 23 Sep 2017 16:47:02 +0300 + +qemu (1:2.10+dfsg-0ubuntu5) bionic; urgency=medium + + * d/p/detect-ITS-and-skip-usage-on-older-kernel.patch to avoid crashes + on arm64 when doing suspend/resume and reboots due to older kernels not + supporting ITS (LP: #1731051). + + -- Christian Ehrhardt Tue, 14 Nov 2017 08:30:29 +0100 + +qemu (1:2.10+dfsg-0ubuntu4) bionic; urgency=medium + + * Apply linux-user-return-EINVAL-from-prctl-PR_-_SECCOMP.patch from + James Cowgill to prevent qemu-user from forwarding prctl seccomp + calls (LP: #1726394) + + -- Julian Andres Klode Sat, 04 Nov 2017 00:21:14 +0100 + +qemu (1:2.10+dfsg-0ubuntu3) artful; urgency=medium + + * fix enablement of qemu-kvm service (LP: #1720397) + - rename d/qemu-kvm.service to d/qemu-system-common.qemu-kvm.service + - d/rules: add proper enablement debhelper calls + - d/qemu-system-common.install: install covered by dh_installinit + + -- Christian Ehrhardt Mon, 16 Oct 2017 11:28:39 +0200 + +qemu (1:2.10+dfsg-0ubuntu2) artful; urgency=medium + + * update to upstream 2.10.1 point release (LP: #1722808) + + -- Christian Ehrhardt Wed, 11 Oct 2017 15:33:40 +0200 + +qemu (1:2.10+dfsg-0ubuntu1) artful; urgency=medium + + * Merge with Upstream 2.10.0 to pick up final fixes of the 2.10 release + Remaining changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-kvm.service: systemd unit to call qemu-kvm-init + - d/qemu-system-common.install: install systemd unit and helper script + - d/qemu-system-common.maintscript: clean old sysv and upstart scripts + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: install /etc/default/qemu-kvm + - Enable nesting by default + - set nested=1 module option on intel. (is default on amd) + - re-load kvm_intel.ko if it was loaded without nested=1 + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + - libvirt/qemu user/group support + - qemu-system-common.postinst: remove acl placed by udev, and add udevadm + trigger. + - qemu-system-common.preinst: add kvm group if needed + - Distribution specific machine type + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types to ease future live vm migration. + - d/qemu-system-x86.NEWS Info on fixed machine type definitions + - improved dependencies + - Make qemu-system-common depend on qemu-block-extra + - Make qemu-utils depend on qemu-block-extra + - let qemu-utils recommend sharutils + - s390x support + - Create qemu-system-s390x package + - Include s390-ccw.img firmware + - Enable numa support for s390x + - ppc64[le] support + - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink + - Enable seccomp for ppc64el + - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64 + - arch aware kvm wrappers + - update VCS-git to match the Artful branch + - disable missing x32 architecture + - d/rules: or32 is now named or1k (since 4a09d0bb) + - d/qemu-system-common.docs: new paths since (ac06724a) + - d/qemu-system-common.install: qmp-commands.txt removed, but replaced + by qapi-schema.json which is already packaged (since 4d8bb958) + - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update + to Debian patch to match qemu 2.10) + - s390x package now builds correctly on all architectures (LP 1710695) + - d/qemu-system-common.docs: adapt new path of live-block-operations.rst + since 8508eee7 + - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1 + - make nios2/hppa not installed explicitly until further stablized + - d/qemu-guest-agent.install: add the new guest agent reference man page + qemu-ga-ref + - d/qemu-system-common.install: add the now generated qapi/qmp reference + along the qapi intro + - d/not-installed: ignore further generated (since 56e8bdd4) files in + dh_missing that are already provided in other formats qemu-doc, + qemu-qmp-ref,qemu-ga-ref + + + -- Christian Ehrhardt Tue, 05 Sep 2017 08:31:26 +0200 + +qemu (1:2.10~rc4+dfsg-0ubuntu1) artful; urgency=medium + + * Merge with Upstream 2.10-rc4; This fixes a migration issue (LP: #1711602); + Remaining changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-kvm.service: systemd unit to call qemu-kvm-init + - d/qemu-system-common.install: install systemd unit and helper script + - d/qemu-system-common.maintscript: clean old sysv and upstart scripts + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: install /etc/default/qemu-kvm + - Enable nesting by default + - set nested=1 module option on intel. (is default on amd) + - re-load kvm_intel.ko if it was loaded without nested=1 + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + - libvirt/qemu user/group support + - qemu-system-common.postinst: remove acl placed by udev, and add udevadm + trigger. + - qemu-system-common.preinst: add kvm group if needed + - Distribution specific machine type + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types to ease future live vm migration. + - d/qemu-system-x86.NEWS Info on fixed machine type definitions + - improved dependencies + - Make qemu-system-common depend on qemu-block-extra + - Make qemu-utils depend on qemu-block-extra + - let qemu-utils recommend sharutils + - s390x support + - Create qemu-system-s390x package + - Include s390-ccw.img firmware + - Enable numa support for s390x + - ppc64[le] support + - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink + - Enable seccomp for ppc64el + - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64 + - arch aware kvm wrappers + - update VCS-git to match the Artful branch + - disable missing x32 architecture + - d/rules: or32 is now named or1k (since 4a09d0bb) + - d/qemu-system-common.docs: new paths since (ac06724a) + - d/qemu-system-common.install: qmp-commands.txt removed, but replaced + by qapi-schema.json which is already packaged (since 4d8bb958) + - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update + to Debian patch to match qemu 2.10) + - s390x package now builds correctly on all architectures (LP 1710695) + * Added changes: + - d/qemu-system-common.docs: adapt new path of live-block-operations.rst + since 8508eee7 + - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1 + - make nios2/hppa not installed explicitly until further stablized + - d/qemu-guest-agent.install: add the new guest agent reference man page + qemu-ga-ref + - d/qemu-system-common.install: add the now generated qapi/qmp reference + along the qapi intro + - d/not-installed: ignore further generated (since 56e8bdd4) files in + dh_missing that are already provided in other formats qemu-doc, + qemu-qmp-ref,qemu-ga-ref + - d/p/ubuntu/define-ubuntu-machine-types.patch: update to match new + changes in 2.10-rc4 + + -- Christian Ehrhardt Fri, 25 Aug 2017 07:49:30 +0200 + +qemu (1:2.10~rc3+dfsg-0ubuntu1) artful; urgency=medium + + * Merge with Debian unstable (2.8) and Upstream 2.10-rci3; This fixes + a set of bugs + - [FFE] Qemu 2.10 in Artful (LP: #1699968) + - CPU hot unplug fails after migrating a CPU hotplugged guest + from source (LP: #1677552) + - [Feature] KNL/KNM: Numa Distance on KVM(LP: #1647902) + - New KVM 288 Pass Through (LP: #1672447) + - aarch64: MSI is not supported by interrupt controller (LP: #1706630) + * Remaining changes: + - qemu-kvm to systemd unit + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, + hugepages and architecture specifics + - d/qemu-kvm.service: systemd unit to call qemu-kvm-init + - d/qemu-system-common.install: install systemd unit and helper script + - d/qemu-system-common.maintscript: clean old sysv and upstart scripts + - d/qemu-system-common.qemu-kvm.default: defaults for + /etc/default/qemu-kvm + - d/rules: install /etc/default/qemu-kvm + - Enable nesting by default + - set nested=1 module option on intel. (is default on amd) + - re-load kvm_intel.ko if it was loaded without nested=1 + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default + in qemu64 on amd + - libvirt/qemu user/group support + - qemu-system-common.postinst: remove acl placed by udev, and add udevadm + trigger. + - qemu-system-common.preinst: add kvm group if needed + - Distribution specific machine type + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types to ease future live vm migration. + - d/qemu-system-x86.NEWS Info on fixed machine type definitions + - improved dependencies + - Make qemu-system-common depend on qemu-block-extra + - Make qemu-utils depend on qemu-block-extra + - let qemu-utils recommend sharutils + - s390x support + - Create qemu-system-s390x package + - Include s390-ccw.img firmware + - Enable numa support for s390x + - ppc64[le] support + - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink + - Enable seccomp for ppc64el + - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64 + - arch aware kvm wrappers + - disable missing x32 architecture + - update VCS links + * Added changes + - d/rules: or32 is now named or1k (since 4a09d0bb) + - d/qemu-system-common.docs: new paths since (ac06724a) + - d/qemu-system-common.install: qmp-commands.txt removed, but replaced + by qapi-schema.json which is already packaged (since 4d8bb958) + - Updates in debian/patches to match qemu 2.10 + - d/p/02_kfreebsd.patch: utimensat is no more optional upstream + - d/p/ubuntu/enable-svm-by-default.patch: target-i386 -> target/i386 + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: target-i386 -> target/i386 + - d/p/ubuntu/define-ubuntu-machine-types.patch: new 2.10 ubuntu types + - update VCS-git to match the Artful branch + - s390x package now builds correctly on all architectures (LP: #1710695) + * Dropped changes (integrated upstream): + - d/p/ubuntu/spapr-pci-populate-PCI-DT-in-reverse-order.patch: backport + "spapr/pci: populate PCI DT in reverse order" (LP 1670481). + - All CVE fixes formerly applied are upstream and thereby dropped. + + -- Christian Ehrhardt Tue, 08 Aug 2017 16:59:19 +0200 + +qemu (1:2.8+dfsg-7) unstable; urgency=medium + + * uploading to unstable all fixes which went to stretch-security + (exactly the same as 2.8+dfsg-6+deb9u2) + + -- Michael Tokarev Sat, 05 Aug 2017 16:35:01 +0300 + +qemu (1:2.8+dfsg-6+deb9u2) stretch-security; urgency=high + + * actually apply the nbd server patches, not only include in debian/patches/ + Really closes: #865755, CVE-2017-9524 + * slirp-check-len-against-dhcp-options-array-end-CVE-2017-11434.patch + Closes: #869171, CVE-2017-11434 + * exec-use-qemu_ram_ptr_length-to-access-guest-ram-CVE-2017-11334.patch + Closes: #869173, CVE-2017-11334 + * usb-redir-fix-stack-overflow-in-usbredir_log_data-CVE-2017-10806.patch + Closes: #867751, CVE-2017-10806 + * add reference to #869706 to + xen-disk-don-t-leak-stack-data-via-response-ring-CVE-2017-10911.patch + * disable xhci recursive calls fix for now, as it causes instant crash + (xhci-guard-xhci_kick_epctx-against-recursive-calls-CVE-2017-9375.patch) + Reopens: #864219, CVE-2017-9375 + Closes: #869945 + + -- Michael Tokarev Wed, 02 Aug 2017 16:57:34 +0300 + +qemu (1:2.8+dfsg-6+deb9u1) stretch-security; urgency=high + + * net-e1000e-fix-an-infinite-loop-issue-CVE-2017-9310.patch + Closes: #863840, CVE-2017-9310 + * usb-ohci-fix-error-return-code-in-servicing-iso-td-CVE-2017-9330.patch + Closes: #863943, CVE-2017-9330 + * ide-ahci-call-cleanup-function-in-ahci-unit-CVE-2017-9373.patch + Closes: #864216, CVE-2017-9373 + * xhci-guard-xhci_kick_epctx-against-recursive-calls-CVE-2017-9375.patch + Closes: #864219, CVE-2017-9375 + * usb-ehci-fix-memory-leak-in-ehci-CVE-2017-9374.patch + Closes: #864568, CVE-2017-9374 + * nbd-ignore-SIGPIPE-CVE-2017-10664.patch + Closes: #866674, CVE-2017-10664 + * nbd-fully-initialize-client-in-case-of-failed-negotiation-CVE-2017-9524.patch + nbd-fix-regression-on-resiliency-to-port-scan-CVE-2017-9524.patch + Closes: #865755, CVE-2017-9524 + * xen-disk-don-t-leak-stack-data-via-response-ring-CVE-2017-10911.patch + Closes: CVE-2017-10911 + + -- Michael Tokarev Wed, 12 Jul 2017 11:05:16 +0300 + +qemu (1:2.8+dfsg-6) unstable; urgency=high + + * 9pfs-local-forbid-client-access-to-metadata-CVE-2017-7493.patch + Closes: CVE-2017-7493 + * group all 9p patches together + * drop obsolete comment about libiscsi on ubuntu from d/control + + -- Michael Tokarev Tue, 23 May 2017 09:58:03 +0300 + +qemu (1:2.8+dfsg-5) unstable; urgency=high + + * Security fix release + * 9pfs-local-set-path-of-export-root-to-dot-CVE-2017-7471.patch + Closes: #860785, CVE-2017-7471 + * 9pfs-xattr-fix-memory-leak-in-v9fs_list_xattr-CVE-2017-8086.patch + Closes: #861348, CVE-2017-8086 + * vmw_pvscsi-check-message-ring-page-count-at-init-CVE-2017-8112.patch + Closes: #861351, CVE-2017-8112 + * scsi-avoid-an-off-by-one-error-in-megasas_mmio_write-CVE-2017-8380.patch + Closes: #862282, CVE-2017-8380 + * input-limit-kbd-queue-depth-CVE-2017-8379.patch + Closes: #862289, CVE-2017-8379 + * audio-release-capture-buffers-CVE-2017-8309.patch + Closes: #862280, CVE-2017-8309 + + -- Michael Tokarev Wed, 17 May 2017 09:01:24 +0300 + +qemu (1:2.8+dfsg-4) unstable; urgency=high + + * usb-ohci-limit-the-number-of-link-eds-CVE-2017-6505.patch + Closes: #856969, CVE-2017-6505 + * linux-user-fix-apt-get-update-on-linux-user-hppa.patch + Closes: #846084 + * update to 2.8.1 upstream stable/bugfix release + (v2.8.1.diff from upstream, except of seabios blob bits). + Closes: #857744, CVE-2016-9603 + Patches dropped because they're included in 2.8.1 release: + 9pfs-symlink-attack-fixes-CVE-2016-9602.patch + char-fix-ctrl-a-b-not-working.patch + cirrus-add-blit_is_unsafe-to-cirrus_bitblt_cputovideo-CVE-2017-2620.patch + cirrus-fix-oob-access-issue-CVE-2017-2615.patch + cirrus-ignore-source-pitch-as-needed-in-blit_is_unsafe.patch + linux-user-fix-s390x-safe-syscall-for-z900.patch + nbd_client-fix-drop_sync-CVE-2017-2630.patch + s390x-use-qemu-cpu-model-in-user-mode.patch + sd-sdhci-check-data-length-during-dma_memory_read-CVE-2017-5667.patch + virtio-crypto-fix-possible-integer-and-heap-overflow-CVE-2017-5931.patch + vmxnet3-fix-memory-corruption-on-vlan-header-stripping-CVE-2017-6058.patch + * bump seabios dependency to 1.10.2 due to ahci fix in 2.8.1 + * 9pfs-fix-file-descriptor-leak-CVE-2017-7377.patch + (Closes: #859854, CVE-2017-7377) + * dma-rc4030-limit-interval-timer-reload-value-CVE-2016-8667.patch + Closes: #840950, CVE-2016-8667 + * make d/control un-writable to stop users from changing a generated file + * two patches from upstream to fix user-mode network with IPv6 + slirp-make-RA-build-more-flexible.patch + slirp-send-RDNSS-in-RA-only-if-host-has-an-IPv6-DNS.patch + (Closes: #844566) + + -- Michael Tokarev Mon, 03 Apr 2017 16:28:49 +0300 + +qemu (1:2.8+dfsg-3ubuntu4) artful; urgency=medium + + * debian/rules: fix installation of /etc/default/qemu-kvm (LP: #1692530) + This was inadvertently dropped on 2.8 merge. + + -- Christian Ehrhardt Mon, 22 May 2017 15:45:58 +0200 + +qemu (1:2.8+dfsg-3ubuntu3) artful; urgency=medium + + * SECURITY UPDATE: denial of service via leak in virtFS + - debian/patches/CVE-2017-7377.patch: fix file descriptor leak in + hw/9pfs/9p.c. + - CVE-2017-7377 + * SECURITY UPDATE: denial of service in cirrus_vga + - debian/patches/CVE-2017-7718.patch: check parameters in + hw/display/cirrus_vga_rop.h. + - CVE-2017-7718 + * SECURITY UPDATE: code execution via cirrus_vga OOB r/w + - debian/patches/CVE-2017-7980-1.patch: handle negative pitch in + hw/display/cirrus_vga.c. + - debian/patches/CVE-2017-7980-2.patch: allow zero source pitch in + hw/display/cirrus_vga.c. + - debian/patches/CVE-2017-7980-3.patch: fix blit address mask handling + in hw/display/cirrus_vga.c. + - debian/patches/CVE-2017-7980-4.patch: fix patterncopy checks in + hw/display/cirrus_vga.c. + - debian/patches/CVE-2017-7980-5.patch: revert allow zero source pitch + in hw/display/cirrus_vga.c. + - debian/patches/CVE-2017-7980-6.patch: stop passing around dst + pointers in hw/display/cirrus_vga.c, hw/display/cirrus_vga_rop.h, + hw/display/cirrus_vga_rop2.h. + - debian/patches/CVE-2017-7980-7.patch: stop passing around src + pointers in hw/display/cirrus_vga.c, hw/display/cirrus_vga_rop.h, + hw/display/cirrus_vga_rop2.h. + - debian/patches/CVE-2017-7980-8.patch: fix off-by-one in + hw/display/cirrus_vga_rop.h. + - debian/patches/CVE-2017-7980-9.patch: fix cirrus_invalidate_region in + hw/display/cirrus_vga.c. + - CVE-2017-7980 + * SECURITY UPDATE: denial of service via memory leak in virtFS + - debian/patches/CVE-2017-8086.patch: fix leak in hw/9pfs/9p-xattr.c. + - CVE-2017-8086 + * SECURITY UPDATE: denial of service via leak in audio + - debian/patches/CVE-2017-8309.patch: release capture buffers in + audio/audio.c. + - CVE-2017-8309 + * SECURITY UPDATE: denial of service via leak in keyboard + - debian/patches/CVE-2017-8379-1.patch: limit kbd queue depth in + ui/input.c. + - debian/patches/CVE-2017-8379-2.patch: don't queue delay if paused in + ui/input.c. + - CVE-2017-8379 + + -- Marc Deslauriers Thu, 18 May 2017 09:20:54 -0400 + +qemu (1:2.8+dfsg-3ubuntu2.1) zesty-security; urgency=medium + + * SECURITY UPDATE: DoS in virtio GPU device + - debian/patches/CVE-2016-10028.patch: check virgl capabilities + max_size in hw/display/virtio-gpu-3d.c. + - CVE-2016-10028 + * SECURITY UPDATE: DoS in JAZZ RC4030 chipset emulation + - debian/patches/CVE-2016-8667.patch: limit interval timer reload value + in hw/dma/rc4030.c. + - CVE-2016-8667 + * SECURITY UPDATE: host filesystem access via virtFS + - debian/patches/CVE-2016-9602.patch: don't follow symlinks in + hw/9pfs/*. + - CVE-2016-9602 + * SECURITY UPDATE: arbitrary code execution via Cirrus VGA + - debian/patches/CVE-2016-9603.patch: remove bitblit support from + console code in hw/display/cirrus_vga.c, include/ui/console.h, + ui/console.c, ui/vnc.c. + - CVE-2016-9603 + * SECURITY UPDATE: information leak in virtio GPU device + - debian/patches/CVE-2016-9908.patch: properly clear out memory in + hw/display/virtio-gpu-3d.c. + - CVE-2016-9908 + * SECURITY UPDATE: DoS via memory leak in virtio GPU device + - debian/patches/CVE-2016-9912.patch: properly free memory in + hw/display/virtio-gpu.c. + - CVE-2016-9912 + * SECURITY UPDATE: DoS via virtFS + - debian/patches/CVE-2016-9914.patch: add cleanup operations to + fsdev/file-op-9p.h, hw/9pfs/9p.c. + - CVE-2016-9914 + * SECURITY UPDATE: DoS via memory leak in virtio GPU device + - debian/patches/CVE-2017-5552.patch: check return value in + hw/display/virtio-gpu-3d.c. + - CVE-2017-5552 + * SECURITY UPDATE: DoS via memory leak in virtio GPU device + - debian/patches/CVE-2017-5578.patch: check res->iov in + hw/display/virtio-gpu.c. + - CVE-2017-5578 + * SECURITY UPDATE: DoS via infinite loop in SDHCI device emulation + - debian/patches/CVE-2017-5987-*.patch: fix transfer mode register + handling in hw/sd/sdhci.c. + - CVE-2017-5987 + * SECURITY UPDATE: DoS via infinite loop in USB OHCI emulation + - debian/patches/CVE-2017-6505.patch: limit the number of link eds in + hw/usb/hcd-ohci.c. + - CVE-2017-6505 + + -- Marc Deslauriers Mon, 24 Apr 2017 07:30:11 -0400 + +qemu (1:2.8+dfsg-3ubuntu2) zesty; urgency=medium + + * d/p/ubuntu/spapr-pci-populate-PCI-DT-in-reverse-order.patch: backport + "spapr/pci: populate PCI DT in reverse order" (LP: #1670481). + + -- Christian Ehrhardt Tue, 07 Mar 2017 09:23:08 +0100 + +qemu (1:2.8+dfsg-3ubuntu1) zesty; urgency=medium + + * Merge with Debian; + This fixes several CVEs that were reported against qemu 2.8 and also + includes a few important functional backports (LP: #1667033); remaining + changes: + - add qemu-kvm init script and defaults file + (d/qemu-system-common.qemu-kvm.*) + - d/rules, d/qemu-kvm-init: add and install script loading kvm + modules and handling /etc/default/qemu-kvm + - qemu-system-common.preinst: add kvm group if needed + - Enable nesting by default on intel. + - set default module option + - re-load kvm_intel.ko if it was loaded without nested=1 + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by + default in qemu64 cpu type. + - Enable svm by default for qemu64 on amd + - d/p/ubuntu/define-ubuntu-machine-types.patch, d/qemu-system-x86.NEWS: + define distro machine types to ease future live vm migration (includes + all former follow up fixes). + - Make qemu-system-common depend on qemu-block-extra + - Make qemu-utils depend on qemu-block-extra + - s390x support + - Create qemu-system-s390x package + - Include s390-ccw.img firmware + - qemu-system-common.postinst: + - change acl placed by udev, and add udevadm trigger. + - d/qemu-kvm-init, d/kvm.powerpc, d/control-in: check SMT on ppc64el + - Several changes were applied but missing in the changelog so far + - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink + - arch aware kvm wrapper + - update VCS links + - let qemu-utils recommend sharutils + - disable x32 architecture + - Enable seccomp for ppc64el + - Enable numa support for s390x + - d/qemu-system-common.qemu-kvm.init: fix lintian error type + init.d-script-missing-dependency-on-remote_fs + - d/qemu-system-common.postinst: fix lintian error type + command-with-path-in-maintainer-script + - Transition qemu-kvm to a systemd unit + - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check avoid unwanted output + - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check keep output local so + that it shows up where the user expects (sytemctl status, kvm stdout) + - d/qemu-kvm-init ppc64el warn on expected second level kvm-hv load failure + - add arch aware kvm wrapper for s390x + * Dropped Changes (in Debian now): + - d/p/ubuntu/ctrl-a-b-fix-fb5e19d2.patch: char: fix ctrl-a b not working + - d/control-in: change dependencies for fix of wrong acl for newly + created device node on ubuntu + - have qemu-system-arm suggest: qemu-efi; this should be a stronger + relationship, but qemu-efi is still in universe right now. + - Disable glusterfs (Universe dependency) + - no more skip disable libiscsi on Ubuntu + - d/rules, d/control-in: avoid people editing d/control + * Added Changes: + - d/control: bump libseccomp-dev dependency as enabling libseccomp for + power makes 2.3 the minimum level. + + -- Christian Ehrhardt Wed, 01 Mar 2017 14:23:16 +0100 + +qemu (1:2.8+dfsg-3) unstable; urgency=high + + * urgency high due to security fixes + + [ Michael Tokarev ] + * serial-fix-memory-leak-in-serial-exit-CVE-2017-5579.patch + Closes: #853002, CVE-2017-5579 + * cirrus-ignore-source-pitch-as-needed-in-blit_is_unsafe.patch + (needed for the next patch, CVE-2017-2620 fix) + * cirrus-add-blit_is_unsafe-to-cirrus_bitblt_cputovideo-CVE-2017-2620.patch + Closes: #855791, CVE-2017-2620 + * nbd_client-fix-drop_sync-CVE-2017-2630.diff + Closes: #855227, CVE-2017-2630 + * sd-sdhci-check-transfer-mode-register-in-multi-block-CVE-2017-5987.patch + Closes: #855159, CVE-2017-5987 + * vmxnet3-fix-memory-corruption-on-vlan-header-stripping-CVE-2017-6058.patch + Closes: #855616, CVE-2017-6058 + * 3 CVE fixes from upstream for #853996: + sd-sdhci-check-data-length-during-dma_memory_read-CVE-2017-5667.patch + megasas-fix-guest-triggered-memory-leak-CVE-2017-5856.patch + virtio-gpu-fix-resource-leak-in-virgl_cmd_resource-CVE-2017-5857.patch + Closes: #853996, CVE-2017-5667, CVE-2017-5856, CVE-2017-5857 + * usb-ccid-check-ccid-apdu-length-CVE-2017-5898.patch + Closes: #854729, CVE-2017-5898 + * virtio-crypto-fix-possible-integer-and-heap-overflow-CVE-2017-5931.patch + Closes: #854730, CVE-2017-5931 + * xhci-apply-limits-to-loops-CVE-2017-5973.patch + Closes: #855611, CVE-2017-5973 + * net-imx-limit-buffer-descriptor-count-CVE-2016-7907.patch + Closes: #839986, CVE-2016-7907 + * cirrus-fix-oob-access-issue-CVE-2017-2615.patch + Closes: #854731, CVE-2017-2615 + * 9pfs-symlink-attack-fixes-CVE-2016-9602.patch + Closes: #853006 + * vnc-do-not-disconnect-on-EAGAIN.patch + Closes: #854032 + * xhci-fix-event-queue-IRQ-handling.patch (win7 xhci issue fix) + * xhci-only-free-completed-transfers.patch + Closes: #855659 + * char-fix-ctrl-a-b-not-working.patch + Closes: https://bugs.launchpad.net/bugs/1654137 + * char-drop-data-written-to-a-disconnected-pty.patch + Closes: https://bugs.launchpad.net/bugs/1667033 + * s390x-use-qemu-cpu-model-in-user-mode.patch + Closes: #854893 + * d/control is autogenerated, add comment + * check if debootstrap is available in qemu-debootstrap + Closes: #846497 + + [ Christian Ehrhardt ] + * (ubuntu) no more skip enable libiscsi (now in main) + * (ubuntu) Disable glusterfs (Universe dependency) + * (ubuntu) have qemu-system-arm suggest: qemu-efi; + this should be a stronger relationship, but qemu-efi is still + in universe right now. + * (ubuntu) change dependencies for fix of wrong acl for newly + created device node on ubuntu + + -- Michael Tokarev Tue, 28 Feb 2017 11:40:18 +0300 + +qemu (1:2.8+dfsg-2ubuntu1) zesty; urgency=medium + + * Merge with Debian; remaining changes: + - add qemu-kvm init script and defaults file + (d/qemu-system-common.qemu-kvm.*) + - d/rules, d/qemu-kvm-init: add and install script loading kvm + modules and handling /etc/default/qemu-kvm + - qemu-system-common.preinst: add kvm group if needed + - Enable nesting by default on intel. + - set default module option + - re-load kvm_intel.ko if it was loaded without nested=1 + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by + default in qemu64 cpu type. + - Enable svm by default for qemu64 on amd + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types to ease future live vm migration. + - Make qemu-system-common depend on qemu-block-extra + - Make qemu-utils depend on qemu-block-extra + - s390x support + - Create qemu-system-s390x package + - Include s390-ccw.img firmware + - qemu-system-common.postinst: + - change acl placed by udev, and add udevadm trigger. + - d/control-in: change dependencies for fix of wrong acl for newly + created device node on ubuntu + - have qemu-system-arm suggest: qemu-efi; this should be a stronger + relationship, but qemu-efi is still in universe right now. + - d/qemu-kvm-init, d/kvm.powerpc, d/control-in: check SMT on ppc64el + - Several changes were applied but missing in the changelog so far + - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink + - arch aware kvm wrapper + - update VCS links + - no more skip disable libiscsi on Ubuntu + - let qemu-utils recommend sharutils + - disable x32 architecture + * Dropped Changes: + - Several changes were applied but missing in the changelog so far + but are no more needed + - no pie for relocatable LD calls, with toolchain defaulting to + pie (fixed upstream) + - enable libnuma-dev (now in Debian) + - transition for moved init scripts (can be dropped after LTS + containing >=2.5 which is Xenial) + - --enable-seccomp related whitespace change (had no effect) + - apport hook for qemu source package (In Debian) + - add upstart script (d/qemu-system-common.qemu-kvm.upstart) + - d/qemu-system-x86.maintscript: transition off of + /etc/init.d/qemu-system-x86 (can be dropped after Xenial) + - Enable pie by default, on ubuntu/s390x. (Is the default since + >=Xenial, no cloud archive backport <=Xenial to consider) + - no pie for relocatable LD calls (fixed upstream in commit + 7ecf44a5) + - CVEs: CVE-2016-5403, CVE-2016-6351, CVE-2016-6490 (now Upstream) + - Revert fix for CVE-2016-5403, causes regression see USN-3047-2. + (Improved fix included by upstream) + - Enable GPU Passthru for ppc64le (is upstream in qemu 2.7) + - Fixed wrong migration blocker when vhost is used (is upstream in + qemu 2.8) + * Added Changes: + - d/rules, d/control-in: avoid people editing d/control by warning + header and non writable permissions + - fixed moving trusty machine type definition which made it + ambiguous (LP: #1641532) + - d/qemu-system-x86.NEWS describe the issue + - Enable seccomp for ppc64el (LP: #1644639) + - Enable numa support for s390x + - d/qemu-system-common.qemu-kvm.init: fix lintian error type + init.d-script-missing-dependency-on-remote_fs + - d/qemu-system-common.postinst: fix lintian error type + command-with-path-in-maintainer-script + - Transition qemu-kvm to a systemd unit + - Disable glusterfs (Universe dependency) + - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check avoid unwanted output + - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check keep output local so + that it shows up where the user expects (sytemctl status, kvm stdout) + - d/qemu-kvm-init ppc64el warn on expected second level kvm-hv load failure + - add arch aware kvm wrapper for s390x + - d/p/ubuntu/ctrl-a-b-fix-fb5e19d2.patch: char: fix ctrl-a b not working + - Enable DDW in Yakkety machine type because "Enable GPU Passthru for + ppc64le" was released as part of qemu 2.6 (can be dropped at 18.10, + merged in d/p/ubuntu/define-ubuntu-machine-types.patch) + + -- Christian Ehrhardt Mon, 16 Jan 2017 16:27:11 +0100 + +qemu (1:2.8+dfsg-2) unstable; urgency=medium + + * Revert "update binfmt registration for mipsn32" + Reopens: #829243 + Closes: #843032 + Will re-enable it for stretch+1, since for now upgrades + from jessie are broken (jessie comes with 3.16 kernel), + and there's no easy fix for this + * Revert "enable virtio gpu (virglrenderer) and opengl support" + Revert "switch from sdl1 to gtk3" + Revert other gtk2/drm/vte/virgl-related changes + Reopens: #813658, #839695 + The change were too close to stretch release and too large, + bringing too much graphics stuff for headless servers, + will re-think this for stretch+1. + sdl1 back: Closes: #851509 + virtio-3d bugs: Closes: #849798, #852119 + * mention closing of #769983 (multi-threaded linux-user) by 2.7 + * mention closing of #842455, CVE-2016-9101 by 2.8 + * audio-ac97-add-exit-function-CVE-2017-5525.patch (Closes: #852021) + * audio-es1370-add-exit-function-CVE-2017-5526.patch (Closes: #851910) + * watchdog-6300esb-add-exit-function-CVE-2016-10155.patch (Closes: #852232) + + -- Michael Tokarev Mon, 23 Jan 2017 14:06:54 +0300 + +qemu (1:2.8+dfsg-1) unstable; urgency=medium + + * new upstream release + Closes: #837191, CVE-2016-7156 + Closes: #837316, CVE-2016-7170 + Closes: #839835, CVE-2016-7908 + Closes: #839834, CVE-2016-7909 + Closes: #840228, CVE-2016-7994 + Closes: #840236, CVE-2016-7995 + Closes: #840343, CVE-2016-8576 + Closes: #840341, CVE-2016-8577 + Closes: #840340, CVE-2016-8578 + Closes: #840948, CVE-2016-8668 + Closes: #840945, CVE-2016-8669 + Closes: #841950, CVE-2016-8909 + Closes: #841955, CVE-2016-8910 + Closes: #842463, CVE-2016-9102 CVE-2016-9103 CVE-2016-9104 + CVE-2016-9105 CVE-2016-9106 + Closes: #846797, CVE-2016-9776 + Closes: #847381, CVE-2016-9845 + Closes: #847382, CVE-2017-9846 + Closes: #847953, CVE-2016-9907 + Closes: #847400, CVE-2016-9908 + Closes: #847951, CVE-2016-9911 + Closes: #847391, CVE-2016-9912 + Closes: #847496, CVE-2016-9913 CVE-2016-9914 CVE-2016-9915 CVE-2016-9916 + Closes: #847960, CVE-2016-9921 CVE-2016-9922 + Closes: #847957, CVE-2016-9923 + Closes: #842455, CVE-2016-9101 (git2634ab7fe29b3f75d0865b719caf8f310d634aae) + Closes: #819755, #833162 + Hopefully closes: #844361 + * remove unicore32 linux-user target, removed upstream + * remove all patches which were applied upstream (most of them) + * actually fix #841060 + * doc-don-t-mention-memory-it-is-m.patch, Closes: #833619 + * don't pass --enable-uuid (always enabled) + * build-depend on libncursesw5-dev, not libncurses5-dev + * install trace-events-all in qemu-system-common + * do not install qemu-tech.html (not provided by upstream anymore) + * switch from sdl1 to gtk3 (Closes: #839695) + * enable virtio gpu (virglrenderer) and opengl support (Closes: #813658) + * strip out -ldrm out of OPENGL_LIBS, since libdrm is actually not needed + * enable nfs support (libnfs-dev), in qemu-block-extra + * enable glusterfs support (glusterfs-common), in qemu-block-extra + (Closes: #775431) + * enable numa support (libnuma-dev) (Closes: #758189) + + -- Michael Tokarev Wed, 28 Dec 2016 15:31:37 +0300 + +qemu (1:2.7+dfsg-3) unstable; urgency=medium + + * add PIE.patch to change loadable modules linker flags, from Adrian + (Closes: #837574) + * linux-user-fix-s390x-safe-syscall-for-z900.patch - fix FTBFS on s390x + * mention CVE-2016-7466 for 2.7+dfsg-1 (Closes: #838687, CVE-2016-7466) + + -- Michael Tokarev Thu, 27 Oct 2016 19:38:01 +0300 + +qemu (1:2.7+dfsg-2) unstable; urgency=medium + + * fix distribution field in previous changelog entry + * add depends: on seabios >= 1.9 with linuxboot_dma.bin + (Closes: #840853, #841060, #842161) + * add more links for openbios-sparc to qemu-system-sparc, + bump dependency (Closes: #827456) + * include license for qemu logo files (Closes: #785362) + + -- Michael Tokarev Wed, 26 Oct 2016 20:04:15 +0300 + +qemu (1:2.7+dfsg-1) unstable; urgency=medium + + * Acknowledge the previous NMU. Thank you Andrew! + * New upstream release, 2.7 (Closes: #748043, #839292) + Closes: #838850, CVE-2016-7161 + Closes: #473240 (qcow encryption support has been removed) + Closes: #769983 (multi-threaded linux-user) + * removed patches which went upstream, refreshed use-data-path.patch + * renamed remaining patches to include CVE#s and added Bug-Debian headers + * added Depends on lsb-base to qemu-guest-agent (Closes: #840740) + * update binfmt registration for mipsn32 (Closes: #829243) + Thank you Adam Borowski for investigation and the patch + * replace CVE-2016-7156 (#837339) patch with actual code from upstream + * scsi-mptsas-use-g_new0-to-allocate-MPTSASRequest-obj-CVE-2016-7423.patch + (Closes: #838145, CVE-2016-7423) + * virtio-add-check-for-descriptor-s-mapped-address-CVE-2016-7422.patch + (Closes: #838146, CVE-2016-7422) + * scsi-pvscsi-limit-process-IO-loop-to-ring-size-CVE-2016-7421.patch + (Closes: #838147, CVE-2016-7421) + * usb-xhci-fix-memory-leak-in-usb_xhci_exit-CVE-2016-7466.patch + (Closes: #838687, CVE-2016-7466) + + -- Michael Tokarev Fri, 14 Oct 2016 13:31:40 +0300 + +qemu (1:2.6.1+dfsg-0ubuntu5) yakkety; urgency=medium + + * No-change rebuild to compile against new libxen version. + + -- Stefan Bader Fri, 30 Sep 2016 14:24:37 +0200 + +qemu (1:2.6.1+dfsg-0ubuntu4) yakkety; urgency=medium + + * retain older xenial machine type to avoid issues starting guests + created on xenial prior to the SRU for bug 1621042. In that regard the old + broken xenial machine type and the new fixed one have both to be considered + as valid LTS machine types (LP: #1626070). + + -- Christian Ehrhardt Wed, 21 Sep 2016 14:57:09 +0200 + +qemu (1:2.6.1+dfsg-0ubuntu3) yakkety; urgency=medium + + * fix default ubuntu machine types. (LP: #1621042) + - add dep3 header to d/p/ubuntu/define-ubuntu-machine-types.patch + - remove double default and double ubuntu alias + - drop former devel releases utopic, vivid, wily + - add xenial and yakkety machine types + - add q35 based ubuntu machine type starting at xenial + - add ubuntu machine types on ppc64el and s390x starting at xenial + + -- Christian Ehrhardt Mon, 19 Sep 2016 07:50:50 +0200 + +qemu (1:2.6.1+dfsg-0ubuntu2) yakkety; urgency=medium + + * Enable GPU Passthru for ppc64le (LP: #1541902) + - 0001-spapr-ensure-device-trees-are-always-associated-with.patch + - 0002-spapr_pci-Use-correct-DMA-LIOBN-when-composing-the-d.patch + - 0003-spapr_iommu-Finish-renaming-vfio_accel-to-need_vfio.patch + - 0004-spapr_iommu-Move-table-allocation-to-helpers.patch + - 0005-vmstate-Define-VARRAY-with-VMS_ALLOC.patch + - 0006-spapr_iommu-Introduce-enabled-state-for-TCE-table.patch + - 0007-spapr_iommu-Migrate-full-state.patch + - 0008-spapr_iommu-Add-root-memory-region.patch + - 0009-spapr_pci-Reset-DMA-config-on-PHB-reset.patch + - 0010-spapr_pci-Add-and-export-DMA-resetting-helper.patch + - 0011-memory-Add-reporting-of-supported-page-sizes.patch + - 0012-memory-Add-MemoryRegionIOMMUOps.notify_started-stopp.patch + - 0013-intel_iommu-Throw-hw_error-on-notify_started.patch + - 0014-spapr_iommu-Realloc-guest-visible-TCE-table-when-sta.patch + - 0015-vfio-spapr-Add-DMA-memory-preregistering-SPAPR-IOMMU.patch + - 0016-vfio-Add-host-side-DMA-window-capabilities.patch + - 0017-vfio-spapr-Create-DMA-window-dynamically-SPAPR-IOMMU.patch + - 0018-spapr_pci-spapr_pci_vfio-Support-Dynamic-DMA-Windows.patch + - 0019-vfio-spapr-Remove-stale-ioctl-call.patch + - 0020-spapr-Fix-undefined-behaviour-in-spapr_tce_reset.patch + - 0021-memory-Fix-IOMMU-replay-base-address.patch + + -- Jon Grimm Fri, 16 Sep 2016 14:14:47 -0500 + +qemu (1:2.6.1+dfsg-0ubuntu1) yakkety; urgency=medium + + * New upstream release. LP: #1617055. + * Revert fix for CVE-2016-5403, causes regression see USN-3047-2. + + -- Dimitri John Ledkov Fri, 09 Sep 2016 23:33:57 +0100 + +qemu (1:2.6+dfsg-3.1) unstable; urgency=high + + * Non-maintainer upload. + * Security fixes from upstream: + - virtio-error-out-if-guest-exceeds-virtqueue-size-CVE-2015-5403.patch + (Closes: #832619, CVE-2015-5403) + - scsi-pvscsi-avoid-infinite-loop-while-building-SG-list.patch + (Closes: #837339, CVE-2016-7156) + - scsi-pvscsi-check-page-count-while-initialising-descriptor-rings.patch + (Closes: #837174, CVE-2016-7155) + - CVE-2016-6351: scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch + and scsi-esp-fix-migration.patch (Closes: #832621, CVE-2016-6351) + - virtio-check-vring-descriptor-buffer-length.patch + (Closes: #832767, CVE-2016-6490) + - net-vmxnet3-check-for-device_active-before-write.patch + (Closes: #834904, CVE-2016-6833) + - net-check-fragment-length-during-fragmentation.patch + (Closes: #834905, CVE-2016-6834) + - net-vmxnet-check-IP-header-length.patch (Closes: #835031, CVE-2016-6835) + - net-vmxnet-initialise-local-tx-descriptor.patch + (Closes: #834944, CVE-2016-6836) + - net-vmxnet-use-g_new-for-pkt-initialisation.patch + (Closes: #834902, CVE-2016-6888) + - CVE-2016-7116: 9pfs-forbid-.-and-.-in-file-names.patch, + 9pfs-forbid-illegal-path-names.patch and + 9pfs-handle-walk-of-.-in-the-root-directory.patch + (Closes: #836502, CVE-2016-7116) + - CVE-2016-7157: scsi-mptconfig-fix-an-assert-expression.patch and + scsi-mptconfig-fix-misuse-of-MPTSAS_CONFIG_PACK.patch + (Closes: #837603, CVE-2016-7157) + + -- Andrew James Wed, 14 Sep 2016 00:56:18 -0600 + +qemu (1:2.6+dfsg-3ubuntu2) yakkety; urgency=medium + + * SECURITY UPDATE: DoS via unbounded memory allocation + - debian/patches/CVE-2016-5403.patch: check size in hw/virtio/virtio.c. + - CVE-2016-5403 + * SECURITY UPDATE: oob write access while reading ESP command + - debian/patches/CVE-2016-6351.patch: make cmdbuf big enough for + maximum CDB size and handle migration in hw/scsi/esp.c, + include/hw/scsi/esp.h, include/migration/vmstate.h. + - CVE-2016-6351 + * SECURITY UPDATE: infinite loop in virtqueue_pop + - debian/patches/CVE-2016-6490.patch: check vring descriptor buffer + length in hw/virtio/virtio.c. + - CVE-2016-6490 + + -- Marc Deslauriers Wed, 03 Aug 2016 08:36:16 -0400 + +qemu (1:2.6+dfsg-3ubuntu1) yakkety; urgency=medium + + * Merge with Debian; remaining changes: + - debian/rules: do not drop the init scripts loading kvm modules + (still needed in precise in cloud archive) + - qemu-system-common.postinst: + * remove acl placed by udev, and add udevadm trigger. + * reload kvm_intel if needed to set nested=1 + - qemu-system-common.preinst: add kvm group if needed + - add qemu-kvm upstart job and defaults file (rules, + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) + - rules,qemu-system-x86.modprobe: support use under older udevs which + do not auto-load the kvm kernel module. Enable nesting by default + on intel. + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types to ease future live vm migration. + - apport hook for qemu source package: d/source_qemu-kvm.py, + d/qemu-system-common.install + - Make qemu-system-common and qemu-utils depend on qemu-block-extra + to fix errors with missing block backends. + - s390x: + * Create qemu-system-s390x package + * Enable pie by default, on ubuntu/s390x. + * Enable svm by default for qemu64 on amd + * Include s390-ccw.img firmware + * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger + relationship, but qemu-efi is still in universe right now. + + -- Serge Hallyn Wed, 15 Jun 2016 16:49:49 -0500 + +qemu (1:2.6+dfsg-3) unstable; urgency=high + + * more security fixes picked from upstream: + - CVE-2016-4454 fix (vmsvga) (Closes: CVE-2016-4454) + vmsvga-add-more-fifo-checks-CVE-2016-4454.patch + vmsvga-move-fifo-sanity-checks-to-vmsvga_fifo_length-CVE-2016-4454.patch + vmsvga-shadow-fifo-registers-CVE-2016-4454.patch + - vmsvga-don-t-process-more-than-1024-fifo-commands-at-once-CVE-2016-4453.patch + (Closes: CVE-2016-4453) + - scsi-check-buffer-length-before-reading-scsi-command-CVE-2016-5238.patch + (Closes: #826152, CVE-2016-5238) + * set urgency to high due to the amount of + security fixes accumulated so far + + -- Michael Tokarev Wed, 15 Jun 2016 08:54:12 +0300 + +qemu (1:2.6+dfsg-2) unstable; urgency=medium + + * add missing log entries for previous upload, + remove closing of #807006 (it is not closed) + * Added vga-add-sr_vbe-register-set.patch from upstream + This fixes regression (in particular with win7 installer) + introduced by the fix for CVE-2016-3712 (commit fd3c136) + * fix-linking-relocatable-objects-on-sparc.patch (Closes: #807006) + * Lots of security patches from upstream: + - net-mipsnet-check-packet-length-against-buffer-CVE-2016-4002.patch + (Closes: #821061, CVE-2016-4002) + - i386-kvmvapic-initialise-imm32-variable-CVE-2016-4020.patch + (Closes: #821062, CVE-2016-4020) + - esp-check-command-buffer-length-before-write-CVE-2016-4439.patch, + esp-check-dma-length-before-reading-scsi-command-CVE-2016-4441.patch + (Closes: #824856, CVE-2016-4439, CVE-2016-4441) + - scsi-mptsas-infinite-loop-while-fetching-requests-CVE-2016-4964.patch + (Closes: #825207, CVE-2016-4964) + - scsi-pvscsi-check-command-descriptor-ring-buffer-size-CVE-2016-4952.patch + (Closes: #825210, CVE-2016-4952) + - scsi-megasas-use-appropriate-property-buffer-size-CVE-2016-5106.patch + (Closes: #825615, CVE-2016-5106) + - scsi-megasas-initialise-local-configuration-data-buffer-CVE-2016-5105.patch + (Closes: #825614, CVE-2016-5105) + - scsi-megasas-check-read_queue_head-index-value-CVE-2016-5107.patch + (Closes: #825616, CVE-2016-5107) + - block-iscsi-avoid-potential-overflow-of-acb-task-cdb-CVE-2016-5126.patch + (Closes: #826151, CVE-2016-5126) + - scsi-esp-check-TI-buffer-index-before-read-write-CVE-2016-5338.patch + (Closes: #827024, CVE-2016-5338) + - scsi-megasas-null-terminate-bios-version-buffer-CVE-2016-5337.patch + (Closes: #827026, CVE-2016-5337) + * hw-dma-omap-spelling-fix-endianness.patch (lintian) + * arm-spelling-fix-mismatch.patch (lintian) + + -- Michael Tokarev Mon, 13 Jun 2016 12:10:44 +0300 + +qemu (1:2.6+dfsg-1ubuntu1) yakkety; urgency=medium + + * Merge with Debian; remaining changes: (LP: #1583775) + - debian/rules: do not drop the init scripts loading kvm modules + (still needed in precise in cloud archive) + - qemu-system-common.postinst: + * remove acl placed by udev, and add udevadm trigger. + * reload kvm_intel if needed to set nested=1 + - qemu-system-common.preinst: add kvm group if needed + - add qemu-kvm upstart job and defaults file (rules, + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) + - rules,qemu-system-x86.modprobe: support use under older udevs which + do not auto-load the kvm kernel module. Enable nesting by default + on intel. + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types to ease future live vm migration. + - apport hook for qemu source package: d/source_qemu-kvm.py, + d/qemu-system-common.install + - Make qemu-system-common and qemu-utils depend on qemu-block-extra + to fix errors with missing block backends. (LP: #1495895) + - s390x: + * Create qemu-system-s390x package + * Enable pie by default, on ubuntu/s390x. + * Enable svm by default for qemu64 on amd + * Include s390-ccw.img firmware + * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger + relationship, but qemu-efi is still in universe right now. + * Drop patches which have been applied upstream: + + -- Serge Hallyn Thu, 19 May 2016 12:11:36 -0500 + +qemu (1:2.6+dfsg-1) unstable; urgency=medium + + * new upstream release + Closes: #799115 + Closes: #822369, #823588 + Closes: #813698 + Closes: #805827 + Closes: #813585 + Closes: #823830 CVE-2016-3710 CVE-2016-3712 + Closes: #813193 CVE-2016-2198 + Closes: #813194 CVE-2016-2197 + Closes: #815008 CVE-2016-2392 + Closes: #815009 CVE-2016-2391 + Closes: #815680 CVE-2016-2538 + Closes: #821038 CVE-2016-4001 + Closes: #822344 CVE-2016-4037 + Closes: #817181 CVE-2016-2841 + Closes: #817182 CVE-2016-2857 + Closes: #817183 CVE-2016-2858 + - removed all patches applied upstream + - removed mjt-set-oem-in-rsdt-like-slic.diff, feature has been + implemented in upstream differently + - refreshed local patches + * do not recommend sharutils for qemu-utils anymore (Closes: #820449) + * typo fix in qemu-system-misc description (Closes: #822883) + * allow qemu-debootstrap to create mips64el chroot (Closes: #817234) + * switch VCS URLs from http to https (lintian) + * Bump Standards-Version to 3.9.8 (no changes) + * code spelling fixes from upstream + * added s390x-virtio-ccw-fix-spelling.patch from upstream + * added hw-ipmi-fix-spelling.patch from upstream + * added docs-specify-spell-fix.patch from upstream + * added fsdev-spelling-fix.patch from upstream + * fold long list of supported arches in package descriptions + + -- Michael Tokarev Wed, 18 May 2016 14:44:14 +0300 + +qemu (1:2.5+dfsg-5ubuntu12) yakkety; urgency=medium + + * Cherrypick upstream patches to support the query-gic-version QMP command + (LP: #1566564) + + -- dann frazier Tue, 05 Apr 2016 16:56:11 -0600 + +qemu (1:2.5+dfsg-5ubuntu11) yakkety; urgency=medium + + [Stefan Bader] + * Enable svm by default for qemu64 on amd (LP: #1561019) + + -- Serge Hallyn Fri, 22 Apr 2016 16:53:55 -0500 + +qemu (1:2.5+dfsg-5ubuntu10) xenial; urgency=medium + + * qemu-system-s390x only available on s390x, so qemu-system should only + depend on it on this arch. + * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger + relationship, but qemu-efi is still in universe right now. + + -- Steve Langasek Tue, 19 Apr 2016 13:41:37 -0700 + +qemu (1:2.5+dfsg-5ubuntu9) xenial; urgency=medium + + * And actually ship the right things in qemu-system-s390x. + + -- Dimitri John Ledkov Tue, 19 Apr 2016 16:49:00 +0100 + +qemu (1:2.5+dfsg-5ubuntu8) xenial; urgency=medium + + * Create qemu-system-s390x package on ubuntu only. + + -- Dimitri John Ledkov Mon, 18 Apr 2016 10:16:19 +0100 + +qemu (1:2.5+dfsg-5ubuntu7) xenial; urgency=medium + + * Cherrypick patch from mailing list to fix qemu in sandbox. (LP: #1560149) + + -- Serge Hallyn Mon, 11 Apr 2016 15:13:06 -0500 + +qemu (1:2.5+dfsg-5ubuntu6) xenial; urgency=medium + + * Cherrypick upstream patch vhost-user-interrupt-management-fixes.patch + (LP: #1556306) + + -- Serge Hallyn Wed, 16 Mar 2016 16:35:22 -0700 + +qemu (1:2.5+dfsg-5ubuntu5) xenial; urgency=medium + + * Cherrypick upstream patch to fix snapshot regression (LP: #1533728) + + -- Serge Hallyn Mon, 07 Mar 2016 18:53:34 -0800 + +qemu (1:2.5+dfsg-5ubuntu4) xenial; urgency=medium + + * d/control{-in}: Re-generate and build with libiscsi-dev now + that its in Ubuntu main (LP: #1271653). + + -- James Page Wed, 24 Feb 2016 17:59:13 +0000 + +qemu (1:2.5+dfsg-5ubuntu3) xenial; urgency=medium + + * Make -no-pie conditional, on $(CC) supporting -no-pie flag. + + -- Dimitri John Ledkov Wed, 24 Feb 2016 14:40:19 +0000 + +qemu (1:2.5+dfsg-5ubuntu2) xenial; urgency=medium + + * No-change rebuild for gnutls transition. + + -- Matthias Klose Wed, 17 Feb 2016 22:27:20 +0000 + +qemu (1:2.5+dfsg-5ubuntu1) xenial; urgency=medium + + * Merge with Debian; remaining changes: + - debian/rules: do not drop the init scripts loading kvm modules + (still needed in precise in cloud archive) + - qemu-system-common.postinst: + * remove acl placed by udev, and add udevadm trigger. + * reload kvm_intel if needed to set nested=1 + - qemu-system-common.preinst: add kvm group if needed + - add qemu-kvm upstart job and defaults file (rules, + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) + - rules,qemu-system-x86.modprobe: support use under older udevs which + do not auto-load the kvm kernel module. Enable nesting by default + on intel. + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types to ease future live vm migration. + - apport hook for qemu source package: d/source_qemu-kvm.py, + d/qemu-system-common.install + - Make qemu-system-common and qemu-utils depend on qemu-block-extra + to fix errors with missing block backends. (LP: #1495895) + - Enable pie by default, on ubuntu/s390x. + - Include s390-ccw.img firmware. + + -- Serge Hallyn Tue, 09 Feb 2016 10:24:49 -0800 + +qemu (1:2.5+dfsg-5) unstable; urgency=medium + + * fix misspellings in previous debian/changelog entry + * e1000-eliminate-infinite-loops-on-out-of-bounds-start-CVE-2016-1981.patch + (Closes: #812307, CVE-2016-1981) + * hmp-fix-sendkey-out-of-bounds-write-CVE-2015-8619.patch + (Closes: #809237, CVE-2015-8619) + * use `command -v' instead of `type' to check for command existence + + -- Michael Tokarev Thu, 28 Jan 2016 18:39:21 +0300 + +qemu (1:2.5+dfsg-4) unstable; urgency=medium + + * change misspelling of won't in NEWS (lintian) + * two patches from upstream to enable sigaltstack syscall (linux-user) + (Closes: #805826) + * word-wrapped last entry in debian/changelog + * use type to find out whenever update-binfmts is available + * fw_cfg-add-check-to-validate-current-entry-value-CVE-2016-1714.patch + (Partial) patch targeted 2.3 which fixes the read side of the issue + (Closes: CVE-2016-1714) + * i386-avoid-null-pointer-dereference-CVE-2016-1922.patch + (Closes: #811201, CVE-2016-1922) + + -- Michael Tokarev Thu, 21 Jan 2016 13:06:06 +0300 + +qemu (1:2.5+dfsg-3) unstable; urgency=high + + [ Aurelien Jarno ] + * debian/copyright: + fix a spelling error reported by lintian: dependecy -> dependency. + + [ Michael Tokarev ] + * net-vmxnet3-avoid-memory-leakage-in-activate_device patch + (Closes: #808145, CVE-2015-8567, CVE-2015-8568) + * scsi-initialise-info-object-with-appropriate-size-CVE-2015-8613.patch + (Closes: #809232, CVE-2015-8613) + * net-rocker-fix-an-incorrect-array-bounds-check-CVE-2015-8701.patch + (Closes: #809313, CVE-2015-8701) + + -- Michael Tokarev Sun, 10 Jan 2016 10:59:46 +0300 + +qemu (1:2.5+dfsg-2) unstable; urgency=high + + * ehci-make-idt-processing-more-robust-CVE-2015-8558.patch + (Closes: #808144, CVE-2015-8558) + * virtio-9p-use-accessor-to-get-thread_pool.patch (Closes: #808357) + * two upstream patches from xsa-155 fixing unsafe shared memory access in xen + (Closes: #809229, CVE-2015-8550) + * net-ne2000-fix-bounds-check-in-ioport-operations-CVE-2015-8743.patch + (Closes: #810519, CVE-2015-8743) + * ide-ahci-reset-ncq-object-to-unused-on-error-CVE-2016-1568.patch + (Closes: #810527, CVE-2016-1568) + * changed build-depends from libpng12-dev to libpng-dev (Closes: #810205) + + -- Michael Tokarev Sat, 09 Jan 2016 21:40:43 +0300 + +qemu (1:2.5+dfsg-1ubuntu5) xenial; urgency=medium + + * SECURITY UPDATE: paravirtualized drivers incautious about shared memory + contents + - debian/patches/CVE-2015-8550-1.patch: avoid double access in + hw/block/xen_blkif.h. + - debian/patches/CVE-2015-8550-2.patch: avoid reading twice in + hw/display/xenfb.c. + - CVE-2015-8550 + * SECURITY UPDATE: infinite loop in ehci_advance_state + - debian/patches/CVE-2015-8558.patch: make idt processing more robust + in hw/usb/hcd-ehci.c. + - CVE-2015-8558 + * SECURITY UPDATE: host memory leakage in vmxnet3 + - debian/patches/CVE-2015-856x.patch: avoid memory leakage in + hw/net/vmxnet3.c. + - CVE-2015-8567 + - CVE-2015-8568 + * SECURITY UPDATE: buffer overflow in megasas_ctrl_get_info + - debian/patches/CVE-2015-8613.patch: initialise info object with + appropriate size in hw/scsi/megasas.c. + - CVE-2015-8613 + * SECURITY UPDATE: DoS via Human Monitor Interface + - debian/patches/CVE-2015-8619.patch: fix sendkey out of bounds write + in hmp.c, include/ui/console.h, ui/input-legacy.c. + - CVE-2015-8619 + * SECURITY UPDATE: incorrect array bounds check in rocker + - debian/patches/CVE-2015-8701.patch: fix an incorrect array bounds + check in hw/net/rocker/rocker.c. + - CVE-2015-8701 + * SECURITY UPDATE: ne2000 OOB r/w in ioport operations + - debian/patches/CVE-2015-8743.patch: fix bounds check in ioport + operations in hw/net/ne2000.c. + - CVE-2015-8743 + * SECURITY UPDATE: ahci use-after-free vulnerability in aio port commands + - debian/patches/CVE-2016-1568.patch: reset ncq object to unused on + error in hw/ide/ahci.c. + - CVE-2016-1568 + * SECURITY UPDATE: DoS via null pointer dereference in vapic_write() + - debian/patches/CVE-2016-1922.patch: avoid null pointer dereference in + hw/i386/kvmvapic.c. + - CVE-2016-1922 + * SECURITY UPDATE: e1000 infinite loop + - debian/patches/CVE-2016-1981.patch: eliminate infinite loops on + out-of-bounds transfer start in hw/net/e1000.c + - CVE-2016-1981 + * SECURITY UPDATE: AHCI NULL pointer dereference when using FIS CLB + engines + - debian/patches/CVE-2016-2197.patch: add check before calling + dma_memory_unmap in hw/ide/ahci.c. + - CVE-2016-2197 + * SECURITY UPDATE: ehci null pointer dereference in ehci_caps_write + - debian/patches/CVE-2016-2198.patch: add capability mmio write + function in hw/usb/hcd-ehci.c. + - CVE-2016-2198 + + -- Marc Deslauriers Mon, 01 Feb 2016 09:39:01 -0500 + +qemu (1:2.5+dfsg-1ubuntu4) xenial; urgency=medium + + * debian/qemu-kvm-init: Call systemd-detect-virt instead of the + Ubuntu specific running-in-container wrapper. (LP: #1539016) + + -- Martin Pitt Thu, 28 Jan 2016 13:24:51 +0100 + +qemu (1:2.5+dfsg-1ubuntu3) xenial; urgency=high + + * Include s390-ccw.img firmware. + + -- Dimitri John Ledkov Tue, 12 Jan 2016 15:53:43 +0000 + +qemu (1:2.5+dfsg-1ubuntu2) xenial; urgency=medium + + * Place qemu-kvm.defaults file in qemu-system-common, next to the init + scripts. Fix the comparison operator when checking KVM_HUGEPAGES. + Thanks Simon. (LP: #1531191) + + -- Serge Hallyn Wed, 06 Jan 2016 09:45:37 -0800 + +qemu (1:2.5+dfsg-1ubuntu1) xenial; urgency=medium + + * Merge with Debian; remaining changes: + - debian/rules: do not drop the init scripts loading kvm modules + (still needed in precise in cloud archive) + - qemu-system-common.postinst: + * remove acl placed by udev, and add udevadm trigger. + * reload kvm_intel if needed to set nested=1 + - qemu-system-common.preinst: add kvm group if needed + - add qemu-kvm upstart job and defaults file (rules, + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) + - rules,qemu-system-x86.modprobe: support use under older udevs which + do not auto-load the kvm kernel module. Enable nesting by default + on intel. + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine + types to ease future live vm migration. + - apport hook for qemu source package: d/source_qemu-kvm.py, + d/qemu-system-common.install + - Make qemu-system-common and qemu-utils depend on qemu-block-extra + to fix errors with missing block backends. (LP: #1495895) + - Enable pie by default, on ubuntu/s390x. + * Drop vGICv3 support patches - all is now upstream + * debian/qemu-kvm-init: handle KVM_HUGEPAGES being unset (LP: #1531191) + + -- Serge Hallyn Tue, 05 Jan 2016 15:42:50 -0800 + +qemu (1:2.5+dfsg-1) unstable; urgency=medium + + * new upstream release + (Closes: #801158) + Closes: #806373 CVE-2015-8345 + Closes: #806742 CVE-2015-7504 + Closes: #806741 CVE-2015-7512 + Closes: #808131 CVE-2015-7549 + Closes: #808130 CVE-2015-8504 + * adopt for the new upstream: + - removed patches which are upstream now + - build-depend on libcacard-dev and stop requiring libtool + - removed libcacard refs from debian/qemu-system-common.docs + - moved qmp docs out of subdir following upstream + - removed pc-bios/vgabios-virtio.bin + * enable new linux-user target: tilegx + * install qemu-ga manpage + * install ivshmem-server and ivshmem-client to qemu-utils + * stop using cylinders/heads/sectors for sfdisk + in qemu-make-debian-root (Closes: #785470) + * modify qemu-make-debian-root to use some current tools + (this simplifies things, removes usage of uudecode) + (usefulness of this utility is questionable anyway) + + -- Michael Tokarev Wed, 16 Dec 2015 20:00:04 +0300 + +qemu (1:2.4+dfsg-5ubuntu3) xenial; urgency=high + + * Enable pie by default, on ubuntu/s390x. + + -- Dimitri John Ledkov Mon, 07 Dec 2015 16:04:16 +0000 + +qemu (1:2.4+dfsg-5ubuntu2) xenial; urgency=medium + + * undo the libseccomp delta from debian. libseccomp is indeed available + on other arches, but we need qemu's configure script to be fixed before + we can use it on anything other than amd64|i386. Fixes FTBFS. + (LP: #1522531) + + -- Serge Hallyn Thu, 03 Dec 2015 12:44:46 -0600 + +qemu (1:2.4+dfsg-5ubuntu1) xenial; urgency=medium + + * Merge with Debian; remaining changes: + - Update the ubuntu machine types patch to reflect upstream churn + - debian/rules: do not drop the init scripts loading kvm modules + (still needed in precise in cloud archive) + - qemu-system-common.postinst: + * remove acl placed by udev, and add udevadm trigger. + * reload kvm_intel if needed to set nested=1 + - qemu-system-common.preinst: add kvm group if needed + - add qemu-kvm upstart job and defaults file (rules, + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) + - rules,qemu-system-x86.modprobe: support use under older udevs which + do not auto-load the kvm kernel module. Enable nesting by default + on intel. + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty + machine type to ease future live vm migration. + - apport hook for qemu source package: d/source_qemu-kvm.py, + d/qemu-system-common.install + - Make qemu-system-common and qemu-utils depend on qemu-block-extra + to fix errors with missing block backends. (LP: #1495895) + - control-in: build with libseccomp an all architectures + - Add vGICv3 support + + -- Matthias Klose Wed, 02 Dec 2015 21:31:36 +0100 + +qemu (1:2.4+dfsg-5) unstable; urgency=medium + + * trace-remove-malloc-tracing.patch from upstream. + (Closes: #802633) + * stop building libcacard, as it is now in its own separate + source package and has been removed from upstream qemu in 2.5. + Here we just stop producing libcacard binaries, but still use + embedded libcacard source to link with it statically. In 2.5 + we will switch to external libcacard. (Closes: #805410) + + -- Michael Tokarev Sun, 29 Nov 2015 12:22:52 +0300 + +qemu (1:2.4+dfsg-4ubuntu3) xenial; urgency=medium + + * SECURITY UPDATE: loopback mode heap overflow vulnerability in pcnet + - debian/patches/CVE-2015-7504.patch: leave room for CRC code in + hw/net/pcnet.c. + - CVE-2015-7504 + * SECURITY UPDATE: non-loopback mode buffer overflow in pcnet + - debian/patches/CVE-2015-7512.patch: check packet length in + hw/net/pcnet.c. + - CVE-2015-7512 + * SECURITY UPDATE: infinite loop in eepro100 + - debian/patches/CVE-2015-8345.patch: prevent endless loop in + hw/net/eepro100.c. + - CVE-2015-8345 + + -- Marc Deslauriers Tue, 01 Dec 2015 13:36:40 -0500 + +qemu (1:2.4+dfsg-4ubuntu2) xenial; urgency=medium + + * d/p/u/define-ubuntu-machine-type.patch: Fix typo in utopic definition. + + -- dann frazier Tue, 03 Nov 2015 08:05:46 -0700 + +qemu (1:2.4+dfsg-4ubuntu1) xenial; urgency=medium + + * Merge 2.4 from unstable. Remaining changes: + - Update the ubuntu machine types patch to reflect upstream churn + - debian/rules: do not drop the init scripts loading kvm modules + (still needed in precise in cloud archive) + - qemu-system-common.postinst: + * remove acl placed by udev, and add udevadm trigger. + * reload kvm_intel if needed to set nested=1 + - qemu-system-common.preinst: add kvm group if needed + - add qemu-kvm upstart job and defaults file (rules, + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) + - rules,qemu-system-x86.modprobe: support use under older udevs which + do not auto-load the kvm kernel module. Enable nesting by default + on intel. + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty + machine type to ease future live vm migration. + - apport hook for qemu source package: d/source_qemu-kvm.py, + d/qemu-system-common.install + - Make qemu-system-common and qemu-utils depend on qemu-block-extra + to fix errors with missing block backends. (LP: #1495895) + - control-in: build with libseccomp an all architectures. + * Add vGICv3 support + + -- Serge Hallyn Tue, 27 Oct 2015 13:28:58 -0500 + +qemu (1:2.4+dfsg-4) unstable; urgency=medium + + * applied 3 patches from upstream to fix virtio-net + possible remote DoS (Closes: #799452 CVE-2015-7295) + * remove now-unused /etc/qemu too (Closes: #797608) + + -- Michael Tokarev Thu, 08 Oct 2015 20:30:03 +0300 + +qemu (1:2.4+dfsg-3) unstable; urgency=high + + * ne2000-add-checks-to-validate-ring-buffer-pointers-CVE-2015-5279.patch + fix for Heap overflow vulnerability in ne2000_receive() function + (Closes: #799074 CVE-2015-5279) + * ne2000-avoid-infinite-loop-when-receiving-packets-CVE-2015-5278.patch + (Closes: #799073 CVE-2015-5278) + * some binfmt reorg: + - extend aarch64 to include one more byte as other arches do + - set OSABI mask to 0xfc for i386, ppc*, s390x, sparc*, to recognize + OSABI=3 (GNU/Linux) in addition to NONE/SysV + (Closes: #784605, #794737) + - tighten sh4 & sh4eb, fixing OSABI mask to be \xfc not 0 + + -- Michael Tokarev Tue, 15 Sep 2015 19:30:18 +0300 + +qemu (1:2.4+dfsg-2) unstable; urgency=high + + * Add e1000-avoid-infinite-loop-in-transmit-CVE-2015-6815.patch. + CVE-2015-6815: net: e1000 infinite loop issue in processing transmit + descriptor. (Closes: #798101 CVE-2015-6815) + * Add ide-fix-ATAPI-command-permissions-CVE-2015-6855.patch. + CVE-2015-6855: ide: qemu allows arbitrary commands to be sent to an ATAPI + device from guest, while illegal comands might have security impact, + f.e. WIN_READ_NATIVE_MAX results in divide by zero error. + (Closes: CVE-2015-6855) + + -- Michael Tokarev Fri, 11 Sep 2015 19:54:07 +0300 + +qemu (1:2.4+dfsg-1a) unstable; urgency=medium + + * new upstream (2.4.0) release + Closes: #795461, #793811, #794610, #795087, #794611, #793388 + CVE-2015-3214 CVE-2015-5154 CVE-2015-5165 CVE-2015-5745 + CVE-2015-5166 CVE-2015-5158 + Closes: #793817 + * removed all upstreamed patches + * remove --enable-vnc-ws option (not used anymore) + * update mjt-set-oem-in-rsdt-like-slic.diff + * vnc-fix-memory-corruption-CVE-2015-5225.patch from upstream + Closes: #796465 CVE-2015-5225 + * remove now-unused /etc/qemu/target-x86_64.conf + + -- Michael Tokarev Mon, 31 Aug 2015 16:28:08 +0300 + +qemu (1:2.3+dfsg-6a) unstable; urgency=medium + + * fix d/copyright leftover in previous upload + + -- Michael Tokarev Thu, 11 Jun 2015 20:31:07 +0300 + +qemu (1:2.3+dfsg-6) unstable; urgency=high + + * pcnet-force-buffer-access-to-be-in-bounds-CVE-2015-3209.patch + from upstream (Closes: #788460 CVE-2015-3209) + + -- Michael Tokarev Thu, 11 Jun 2015 20:03:40 +0300 + +qemu (1:2.3+dfsg-5ubuntu10) xenial; urgency=medium + + * debian/patches/fix-curses-with-xterm-256.patch (LP: #1508466) + + -- Ryan Harper Wed, 21 Oct 2015 08:59:29 -0500 + +qemu (1:2.3+dfsg-5ubuntu9) wily; urgency=low + + * debian/patches/upstream-fix-irq-route-entries.patch + Fix "kvm_irqchip_commit_routes: Assertion 'ret == 0' failed" + (LP: #1465935) + + -- Stefan Bader Fri, 09 Oct 2015 15:38:53 +0200 + +qemu (1:2.3+dfsg-5ubuntu8) wily; urgency=medium + + * Build using libseccomp on all architectures. + + -- Matthias Klose Sat, 03 Oct 2015 21:12:15 +0200 + +qemu (1:2.3+dfsg-5ubuntu7) wily; urgency=medium + + * SECURITY UPDATE: denial of service via NE2000 driver + - debian/patches/CVE-2015-5278.patch: fix infinite loop in + hw/net/ne2000.c. + - CVE-2015-5278 + * SECURITY UPDATE: denial of service and possible code execution via + heap overflow in NE2000 driver + - debian/patches/CVE-2015-5279.patch: validate ring buffer pointers in + hw/net/ne2000.c. + - CVE-2015-5279 + * SECURITY UPDATE: denial of service via e1000 infinite loop + - debian/patches/CVE-2015-6815.patch: check bytes in hw/net/e1000.c. + - CVE-2015-6815 + * SECURITY UPDATE: denial of service via illegal ATAPI commands + - debian/patches/CVE-2015-6855.patch: fix ATAPI command permissions in + hw/ide/core.c. + - CVE-2015-6855 + + -- Marc Deslauriers Wed, 23 Sep 2015 15:05:51 -0400 + +qemu (1:2.3+dfsg-5ubuntu6) wily; urgency=medium + + * Make qemu-system-common and qemu-utils depend on qemu-block-extra + to fix errors with missing block backends. (LP: #1495895) + * Cherry pick fixes for vmdk stream-optimized subformat (LP: #1006655) + * Apply fix for memory corruption during live-migration in tcg mode + (LP: #1493049) + * Apply tracing patch to remove use of custom vtable in newer glibc + (LP: #1491972) + + -- Ryan Harper Tue, 15 Sep 2015 09:37:23 -0500 + +qemu (1:2.3+dfsg-5ubuntu5) wily; urgency=medium + + * Import qcow2-handle-eagain-from-update_refcount from upstream + to fix errors when using qemu-img convert -c. (LP: #1491050) + + -- Serge Hallyn Fri, 04 Sep 2015 16:35:56 -0500 + +qemu (1:2.3+dfsg-5ubuntu4) wily; urgency=medium + + * SECURITY UPDATE: process heap memory disclosure + - debian/patches/CVE-2015-5165.patch: check sizes in hw/net/rtl8139.c. + - CVE-2015-5165 + * SECURITY UPDATE: privilege escalation via block device unplugging + - debian/patches/CVE-2015-5166.patch: properly unhook from BlockBackend + in hw/ide/piix.c. + - CVE-2015-5166 + * SECURITY UPDATE: privilege escalation via memory corruption in vnc + - debian/patches/CVE-2015-5225.patch: use bytes per scanline to apply + limits in ui/vnc.c. + - CVE-2015-5225 + * SECURITY UPDATE: denial of service via virtio-serial + - debian/patches/CVE-2015-5745.patch: don't assume a specific layout + for control messages in hw/char/virtio-serial-bus.c. + - CVE-2015-5745 + + -- Marc Deslauriers Tue, 25 Aug 2015 09:38:43 -0400 + +qemu (1:2.3+dfsg-5ubuntu3) wily; urgency=medium + + * SECURITY UPDATE: out-of-bounds memory access in pit_ioport_read() + - debian/patches/CVE-2015-3214.patch: ignore read in hw/timer/i8254.c. + - CVE-2015-3214 + * SECURITY UPDATE: heap overflow when processing ATAPI commands + - debian/patches/CVE-2015-5154.patch: check bounds and clear DRQ in + hw/ide/core.c, make sure command is completed in hw/ide/atapi.c. + - CVE-2015-5154 + * SECURITY UPDATE: buffer overflow in scsi_req_parse_cdb + - debian/patches/CVE-2015-5158.patch: check length in + hw/scsi/scsi-bus.c. + - CVE-2015-5158 + + -- Marc Deslauriers Mon, 27 Jul 2015 10:07:05 -0400 + +qemu (1:2.3+dfsg-5ubuntu2) wily; urgency=medium + + * SECURITY UPDATE: heap overflow in PCNET controller + - debian/patches/CVE-2015-3209.patch: check bounds in hw/net/pcnet.c. + - CVE-2015-3209 + + -- Marc Deslauriers Thu, 11 Jun 2015 14:25:05 -0400 + +qemu (1:2.3+dfsg-5ubuntu1) wily; urgency=medium + + * Merge 1:2.3+dfsg-5 from Debian. + * Remaining changes: + - debian/rules: do not drop the init scripts loading kvm modules + (still needed in precise in cloud archive) + - qemu-system-common.postinst: + * remove acl placed by udev, and add udevadm trigger. + * reload kvm_intel if needed to set nested=1 + - qemu-system-common.preinst: add kvm group if needed + - add qemu-kvm upstart job and defaults file (rules, + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) + - rules,qemu-system-x86.modprobe: support use under older udevs which + do not auto-load the kvm kernel module. Enable nesting by default + on intel. + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty + machine type to ease future live vm migration. + - apport hook for qemu source package: d/source_qemu-kvm.py, + d/qemu-system-common.install + * Refreshed patches: + - ubuntu/expose-vmx_qemu64cpu.patch + - ubuntu/define-ubuntu-machine-types.patch + + -- Serge Hallyn Wed, 10 Jun 2015 14:28:39 -0500 + +qemu (1:2.3+dfsg-5) unstable; urgency=high + + * slirp-use-less-predictable-directory-name-in-tmp-CVE-2015-4037.patch + (Closes: CVE-2015-4037) + * 11 patches for XEN PCI pass-through issues + (Closes: #787547 CVE-2015-4103 CVE-2015-4104 CVE-2015-4105 CVE-2015-4106) + * kbd-add-brazil-kbd-keys-*.patch, adding two keys found on Brazilian + keyboards (Closes: #772422) + + -- Michael Tokarev Wed, 03 Jun 2015 17:18:58 +0300 + +qemu (1:2.3+dfsg-4ubuntu1) wily; urgency=medium + + * Merge 1:2.3+dfsg-4 from Debian. + * Remaining changes: + - debian/rules: do not drop the init scripts loading kvm modules + (still needed in precise in cloud archive) + - qemu-system-common.postinst: + * remove acl placed by udev, and add udevadm trigger. + * reload kvm_intel if needed to set nested=1 + - qemu-system-common.preinst: add kvm group if needed + - add qemu-kvm upstart job and defaults file (rules, + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) + - rules,qemu-system-x86.modprobe: support use under older udevs which + do not auto-load the kvm kernel module. Enable nesting by default + on intel. + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty + machine type to ease future live vm migration. + - apport hook for qemu source package: d/source_qemu-kvm.py, + d/qemu-system-common.install + * Dropped all patches which are applied upstream + * Move the upstart jobs to a generic script + - add new qemu-kvm-init script + - call that from upstart and sysvrc qemu-kvm scripts + - move to qemu-system-common, which must now B/R qemu-system-{x86,ppc} + + -- Serge Hallyn Wed, 03 Jun 2015 13:36:36 -0500 + +qemu (1:2.3+dfsg-4) unstable; urgency=medium + + * rules.mak-force-CFLAGS-for-all-objects-in-DSO.patch: + patch from upstream to fix FTBFS on some arches + * libcacard-dev: depend on libnss3-dev (Closes: #785798) + * libcacard-dev: do not depend on pkg-config + + -- Michael Tokarev Wed, 20 May 2015 14:21:09 +0300 + +qemu (1:2.3+dfsg-3) unstable; urgency=high + + * fdc-force-the-fifo-access-to-be-in-bounds-CVE-2015-3456.patch + (Closes: CVE-2015-3456) + * fix the OSABI binfmt mask for x86_64 arch, to actually fix #763043. + Original fix didn't work, because "someone" forgot arithmetics. + (Really Closes: #763043) + * align binfmt magics/masks to be in single column + + -- Michael Tokarev Tue, 12 May 2015 23:02:29 +0300 + +qemu (1:2.3+dfsg-2) unstable; urgency=medium + + * do not install upstream changelog file, it is unused for a long time + * mention closing of #781250 #769299 by 2.3 + * mention qemu-block-extra split in NEWS files + * fix spelling prob in the manpage + * bump Standards-Version to 3.9.6 (no changes needed) + * add mips64 and mips64el binfmt registration (Closes: #778624) + + -- Michael Tokarev Mon, 04 May 2015 13:01:03 +0300 + +qemu (1:2.3+dfsg-1) unstable; urgency=medium + + * new upstream release (2.3) + (Closes: #781250 #769299 #781250 #769299) + + -- Michael Tokarev Fri, 24 Apr 2015 17:33:46 +0300 + +qemu (1:2.2+dfsg-6exp) experimental; urgency=medium + + * qemu 2.2.1 stable/bugfix release (remove included upstream + exec-change-default-exception_index-value-for-migration-to--1.patch) + * added mips64(el) to list of architectures where qemu-utils is built + (Closes: #780200) + * added kvm-on-x32.patch from Adam Borowski (Closes: #778737) + * create qemu-block-extra package + * rules.mak-fix-module-build.patch from upstream to fix module build + * pass --enable-modules to configure + * pass multiarch --libdir to configure + * mjt-set-oem-in-rsdt-like-slic.diff: update FACP table too, + not only RSDT. FACP is needed for win7 booting in UEFI mode. + * enable libcacard (closes: #764971) + - build-depend on libnss3-dev & libtool-bin + - --enable-smartcard-nss + - run dh_makeshlibs + - rm libcacard.la + - add libcacard0, libcacard-dev and libcacard-tools packages + - add libcacard*.install and libcacard0.symbols + + -- Michael Tokarev Fri, 17 Apr 2015 21:54:53 +0300 + +qemu (1:2.2+dfsg-5expubuntu10) wily; urgency=medium + + * SECURITY UPDATE: denial of service in vnc web + - debian/patches/CVE-2015-1779-1.patch: incrementally decode websocket + frames in ui/vnc-ws.c, ui/vnc-ws.h, ui/vnc.h. + - debian/patches/CVE-2015-1779-2.patch: limit size of HTTP headers from + websockets clients in ui/vnc-ws.c. + - CVE-2015-1779 + * SECURITY UPDATE: host code execution via floppy device (VEMON) + - debian/patches/CVE-2015-3456.patch: force the fifo access to be in + bounds of the allocated buffer in hw/block/fdc.c. + - CVE-2015-3456 + + -- Marc Deslauriers Wed, 13 May 2015 07:25:59 -0400 + +qemu (1:2.2+dfsg-5expubuntu9) vivid; urgency=low + + * CVE-2015-2756 / XSA-126 + - xen: limit guest control of PCI command register + + -- Stefan Bader Wed, 08 Apr 2015 10:17:45 +0200 + +qemu (1:2.2+dfsg-5expubuntu8) vivid; urgency=medium + + * debian/qemu-system-x86.qemu-kvm.upstart: fix redirection to not + accidentally create /1 + + -- Steve Beattie Thu, 12 Mar 2015 16:46:51 -0700 + +qemu (1:2.2+dfsg-5expubuntu7) vivid; urgency=low + + * No-change rebuild to pull in libxl-4.5 (take 2: step to the right). + + -- Stefan Bader Thu, 26 Feb 2015 08:55:35 +0100 + +qemu (1:2.2+dfsg-5expubuntu6) vivid; urgency=low + + * No-change rebuild to pull in libxl-4.5. + + -- Stefan Bader Wed, 25 Feb 2015 13:58:37 +0100 + +qemu (1:2.2+dfsg-5expubuntu5) vivid; urgency=medium + + * debian/control-in: enable numa on architectures where numa is built + (LP: #1417937) + + -- Serge Hallyn Thu, 12 Feb 2015 23:18:58 -0600 + +qemu (1:2.2+dfsg-5expubuntu4) vivid; urgency=medium + + [Scott Moser] + * update d/kvm.powerpc to avoid use of awk, which isn't allowed by aa + profile when started by libvirt. + + [Serge Hallyn] + * add symlink qemu-system-ppc64le -> qemu-system-ppc64 + * debian/rules: fix DEB_HOST_ARCh fix to ppc64el for installing qemu-kvm init script + (LP: #1419855) + + [Chris J Arges] + * Determine if we are running inside a virtual environment. If running inside + a virtualized enviornment do _not_ automatically enable KSM. (LP: #1414153) + + -- Serge Hallyn Thu, 12 Feb 2015 13:04:21 -0600 + +qemu (1:2.2+dfsg-5expubuntu1) vivid; urgency=medium + + * Merge 1:2.2+dfsg-5exp from Debian. (LP: #1409308) + - debian/rules: do not drop the init scripts loading kvm modules + (still needed in precise in cloud archive) + * Remaining changes: + - qemu-system-common.postinst: + * remove acl placed by udev, and add udevadm trigger. + * reload kvm_intel if needed to set nested=1 + - qemu-system-common.preinst: add kvm group if needed + - add qemu-kvm upstart job and defaults file (rules, + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) + - rules,qemu-system-x86.modprobe: support use under older udevs which + do not auto-load the kvm kernel module. Enable nesting by default + on intel. + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty + machine type to ease future live vm migration. + - apport hook for qemu source package: d/source_qemu-kvm.py, + d/qemu-system-common.install + * Dropped all patches which are applied upstream + * Update ubuntu-vivid machine type to default to std graphics (following + upstream's lead for pc-i440fx-2.2 machine type) + + -- Serge Hallyn Mon, 09 Feb 2015 22:31:09 -0600 + +qemu (1:2.2+dfsg-5exp) experimental; urgency=medium + + * fix initscript removal once again + + -- Michael Tokarev Fri, 23 Jan 2015 15:05:46 +0300 + +qemu (1:2.2+dfsg-4exp) experimental; urgency=medium + + * fix a brown-paper bag bug removing the qemu-system-x86 initscript + (Closes: #776004) + + -- Michael Tokarev Thu, 22 Jan 2015 20:33:38 +0300 + +qemu (1:2.2+dfsg-3exp) experimental; urgency=medium + + * mention closing of #753887 by 2.2 + * install only specific bamboo.dtb for ppc, not *.dtb + (Closes: #773033) + * install qemu-system-misc firmware in d/*.install not d/rules, + as other firmware files + * exec-change-default-exception_index-value-for-migration-to--1.patch: + cherry-picked commit adee64249ee37e from upstream + * stop messing up with alternatives (qemu for qemu-system-*) + * stop shipping qemu-system-x86 initscript to load kvm modules + (kernel since 3.4 does that automatically) (Closes: #751754) + + -- Michael Tokarev Thu, 22 Jan 2015 09:28:01 +0300 + +qemu (1:2.2+dfsg-2exp) experimental; urgency=medium + + * and finally uploading to experimental as it should be + + -- Michael Tokarev Wed, 10 Dec 2014 00:58:32 +0300 + +qemu (2.2+dfsg-1exp) unstable; urgency=medium + + * new upstream release 2.2.0 (Closes: #751078, #726629, #753887) + * removed all patches which was cherry-picked from upstream, + only keeping debian-specific changes + * refreshed mjt-set-oem-in-rsdt-like-slic.diff + * added tricore to qemu-system-misc package (new arch) + * restore upstream pc-bios/petalogix-*.dtb "blobs": + upstream says it is the canonical form, dtc is used + to convert from dts to dtb and back, the conversion + is reversible + * install petalogix firmware for microblaze (Closes: #769068) + + -- Michael Tokarev Tue, 09 Dec 2014 23:09:26 +0300 + +qemu (1:2.1+dfsg-11ubuntu2) vivid; urgency=medium + + * Cherrypick upstream patch needed to allow ESx hosts to run under + kvm (LP: #1411575) + + -- Serge Hallyn Fri, 16 Jan 2015 16:32:48 -0600 + +qemu (1:2.1+dfsg-11ubuntu1) vivid; urgency=medium + + * Merge 2.1+dfsg-11. Remaining changes: + - qemu-system-common.postinst: + * remove acl placed by udev, and add udevadm trigger. + * reload kvm_intel if needed to set nested=1 + - qemu-system-common.preinst: add kvm group if needed + - add qemu-kvm upstart job and defaults file (rules, + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) + - rules,qemu-system-x86.modprobe: support use under older udevs which + do not auto-load the kvm kernel module. Enable nesting by default + on intel. + - debian/qemu-system-alternatives.in: use a later version as ubuntu + removed the alternatives bit later. + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty + machine type to ease future live vm migration. + - apport hook for qemu source package: d/source_qemu-kvm.py, + d/qemu-system-common.install + - debian/binfmt-update-in: support ppcle + * debian/binfmt-update-in + * Support-ppcle.patch + - Upstream patches to fix AArch64 emulation ignoring SPSel=0: + * d/p/target-arm-A64-Break-out-aarch64_save-restore_sp.patch + * d/p/target-arm-A64-Respect-SPSEL-in-ERET-SP-restore.patch + * d/p/target-arm-A64-Respect-SPSEL-when-taking-exceptions.patch: + * Dropped patches (upstream or now in debian's tree): + - upstream-xen_disk-fix-unmapping-of-persistent-grants.patch + - CVE-2014-7840.patch + - CVE-2014-8106.patch + + -- Serge Hallyn Wed, 17 Dec 2014 13:57:34 -0600 + +qemu (1:2.1+dfsg-11) unstable; urgency=medium + + * bump epoch and reupload to cancel 2.2+dfsg-1exp upload + mistakenly done to unstable. No other changes. + + -- Michael Tokarev Wed, 10 Dec 2014 00:52:28 +0300 + +qemu (2.1+dfsg-10) unstable; urgency=medium + + * make (debian-specific) x86 data path (with seabios and ipxe + in it) non-x86-specific, since other arches use firmware + files too (Closes: #772127) + * add seabios to Recommends to qemu-system-misc, qemu-system-mips, + qemu-system-ppc and qemu-system-sparc packages, because these + packages contains emulators using vgabios which is part of + seabios package (#772127). + * add ipxe-qemu to Recommends to qemu-system-misc, qemu-system-arm, + qemu-system-mips, qemu-system-ppc, qemu-system-sparc packages, + because these packages contains emulators using network boot + roms (#772127), in a similar way. + + -- Michael Tokarev Tue, 09 Dec 2014 13:47:36 +0300 + +qemu (2.1+dfsg-9) unstable; urgency=high + + * apply upstream patches for CVE-2014-8106 + (cirrus: insufficient blit region checks) + (Closes: #772025 CVE-2014-8106) + + -- Michael Tokarev Thu, 04 Dec 2014 00:10:43 +0300 + +qemu (2.1+dfsg-8) unstable; urgency=low + + [ Michael Tokarev ] + * add Built-Using control field for qemu-user-static package: + take contents of qemu-user ${shlibs:Depends} and transform it + into list of source packages with versions. (Closes: #768926) + * run remove-alternatives in qemu-system.postinst (the metapkg) + too, not only in qemu-system-XX.postinst, to handle upgrades + from wheezy (Closes: #768244) + * several fixes for debian/qemu-user.1 manpage. It needs more + work, but at least some easy and obvious errors are fixed now. + (Closes: #763841) + * migration-fix-parameter-validation-on-ram-load.patch from upstream + (Closes: #769451 CVE-2014-7840) + * fix x86_64 binfmt mask to allow more values in ELF_OSABI field + (byte7). Current gcc/binfmt sometimes produces binaries with + this field set to 3 (OSABI_GNU) not 0 (OSABI_SYSV) as used to be. + Set mask to 0xfb not 0xff here, to allow 0 (traditional SYSV), + 1 (HPUX), 2 (NETBSD) or 3 (GNU). This lets 2 more types than + necessary, but qemu will reject wrong types so no harm is done. + Some other binfmts ignore this field completely (with mask=0). + Maybe some day we'll have 2 different binfmt registrations for + the 2 different ABI types. (Closes: #763043) + * usb-host-fix-usb_host_speed_compat-tyops.patch -- fix host usb devices + attach, without this patch many USB devices does not work + * qdev-monitor-fix-segmentation-fault-on-qdev_device_h.patch - trivial + patch from upstream to fix segfault in -device foo,help (Closes: #770880) + + [ Aurelien Jarno ] + * Add tcg-mips-fix-store-softmmu-slow-path.patch from upstream to fix + TCG support on mips/mipsel hosts (Closes: #769470). + + [ Ian Campbell ] + * Backport patch to fix unmapping of persistent grants in the Xen qdisk + backend (Closes: #770468). + + -- Michael Tokarev Thu, 27 Nov 2014 18:32:45 +0300 + +qemu (2.1+dfsg-7ubuntu5) vivid; urgency=medium + + * SECURITY UPDATE: code execution via savevm data + - debian/patches/CVE-2014-7840.patch: validate parameters in + arch_init.c. + - CVE-2014-7840 + * SECURITY UPDATE: code execution via cirrus vga blit regions + (LP: #1400775) + - debian/patches/CVE-2014-8106.patch: properly validate blit regions in + hw/display/cirrus_vga.c. + - CVE-2014-8106 + + -- Marc Deslauriers Thu, 11 Dec 2014 14:11:52 -0500 + +qemu (2.1+dfsg-7ubuntu4) vivid; urgency=low + + * d/rules: Fix vendor check to make kvm-spice symlinks (DEB_VENDOR got + dropped and VENDOR now will be all capital UBUNTU). + + -- Stefan Bader Mon, 08 Dec 2014 14:45:31 +0100 + +qemu (2.1+dfsg-7ubuntu3) vivid; urgency=medium + + * d/p/target-arm-A64-Break-out-aarch64_save-restore_sp.patch + d/p/target-arm-A64-Respect-SPSEL-in-ERET-SP-restore.patch + d/p/target-arm-A64-Respect-SPSEL-when-taking-exceptions.patch: + Cherry-pick of upstream patches in order to fix AArch64 emulation ignoring + SPSel=0 in certain conditions. (LP: #1349277) + + -- Chris J Arges Thu, 04 Dec 2014 14:17:01 -0600 + +qemu (2.1+dfsg-7ubuntu2) vivid; urgency=low + + * d/p/upstream-xen_disk-fix-unmapping-of-persistent-grants.patch: + Cherry-pick of qemu-upstream patch to fix issues with persistent + grants and the PV backend (Qdisk) (LP: #1394327). + + -- Stefan Bader Fri, 28 Nov 2014 13:14:37 +0100 + +qemu (2.1+dfsg-7ubuntu1) vivid; urgency=medium + + * Merge 2.1+dfsg-7. Remaining changes: + - qemu-system-common.postinst: + * remove acl placed by udev, and add udevadm trigger. + * reload kvm_intel if needed to set nested=1 + - qemu-system-common.preinst: add kvm group if needed + - add qemu-kvm upstart job and defaults file (rules, + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) + - rules,qemu-system-x86.modprobe: support use under older udevs which + do not auto-load the kvm kernel module. Enable nesting by default + on intel. + - debian/qemu-system-alternatives.in: use a later version as ubuntu + removed the alternatives bit later. + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty + machine type to ease future live vm migration. + - apport hook for qemu source package: d/source_qemu-kvm.py, + d/qemu-system-common.install + - debian/binfmt-update-in: support ppcle + * debian/binfmt-update-in + * Support-ppcle.patch + * Dropped patches (upstream or now in debian's tree): + - pc-reserve-more-memory-for-acpi.patch + - CVE-2014-5388.patch + - 501-block-raw-posix-fix-disk-corruption-in-try-fiemap and + 502-block-raw-posic-use-seek-hole-ahead-of-fiemap (combined + in debian) + - CVE-2014-3615.patch + - CVE-2014-3640.patch + - CVE-2014-3689.patch + - CVE-2014-7815.patch + + -- Serge Hallyn Sat, 22 Nov 2014 18:36:53 -0600 + +qemu (2.1+dfsg-7) unstable; urgency=high + + * urgency is high due to 2 security fixes + (one current and one forgotten in previous release) + and because of possible data corruption bugfix + * vnc-sanitize-bits_per_pixel-from-the-client-CVE-2014-7815.patch + from upstream (Closes: CVE-2014-7815) + * fix spelling mistake in previous changelog entry + * add two patches from upstream for block/raw-posix.c to work around + probs in FS_IOC_FIEMAP ioctl and to prefer seek_hole over fiemap. + This should fix a long-standing ghost data corruption observed + in various places. + + -- Michael Tokarev Mon, 03 Nov 2014 18:44:34 +0300 + +qemu (2.1+dfsg-6) unstable; urgency=medium + + * mention closing of CVE-2014-3615 by 2.1.2 (2.1+dfsg-5) + * 9p-use-little-endian-format-for-xattr-values.patch (Closes: #755740) + * mention closing of #760386 + * mention closing of more CVEs by 2.1+dfsg-1 + * recognize ppc64el in qemu-debootstrap (Luca Falavigna) (Closes: #760949) + * use dpkg-vendor to let derived distros to use our d/rules + * use /usr/share/dpkg/architecture.mk to get DEB_HOST_* and DEB_BUILD_* + variables. This restores cross building support. + * use /usr/share/dpkg/buildflags.mk for CFLAGS LDFLAGS &Co + * pass -DVENDOR_{DEBIAN,UBUNTU} to compiler + * do not treat ppc* and ppc*le as compatible for binfmt registrations + * mention ACPI SLIC to RSDT id copying if slic table is supplied, + thank you Tim Small for the patch (Closes: #765075) + * apply 5 patches from upstream to fix a security issue in + vmware-vga (Closes: #765496 CVE-2014-3689) + * apply two patches from upstream to make qemu to work with samba4 + (Closes: #747636) + + -- Michael Tokarev Mon, 03 Nov 2014 18:07:48 +0300 + +qemu (2.1+dfsg-5) unstable; urgency=medium + + * upstream bugfix release v2.1.2 + (Closes: #762532 CVE-2014-3640 CVE-2014-5388 CVE-2014-3615) + * Add x32 to the list of supported architectures + (patch by Thorsten Glaser) (Closes: #760386) + * fix wrong reference in kvm.1 (Closes: #761137) + * removed patches (applied upstream): + l2tp-linux-only.patch + ide-only-constrain-read_write-requests-to-drive-size.diff + pc-reserve-more-memory-for-acpi.patch + + -- Michael Tokarev Fri, 26 Sep 2014 17:43:26 +0400 + +qemu (2.1+dfsg-4ubuntu9) vivid; urgency=medium + + * SECURITY UPDATE: information disclosure via vga driver + - debian/patches/CVE-2014-3615.patch: return the correct memory size, + sanity check register writes, and don't use fixed buffer sizes in + hw/display/qxl.c, hw/display/vga.c, hw/display/vga_int.h, + ui/spice-display.c. + - CVE-2014-3615 + * SECURITY UPDATE: denial of service via slirp NULL pointer deref + - debian/patches/CVE-2014-3640.patch: make sure socket is not just a + stub in slirp/udp.c. + - CVE-2014-3640 + * SECURITY UPDATE: possible privilege escalation via vmware-vga driver + - debian/patches/CVE-2014-3689.patch: verify rectangles in + hw/display/vmware_vga.c. + - CVE-2014-3689 + * SECURITY UPDATE: denial of service via VNC console + - debian/patches/CVE-2014-7815.patch: validate bits_per_pixel in + ui/vnc.c. + - CVE-2014-7815 + + -- Marc Deslauriers Thu, 13 Nov 2014 07:31:03 -0500 + +qemu (2.1+dfsg-4ubuntu8) vivid; urgency=medium + + * Support qemu-kvm on x32, arm64, ppc64 and pp64el architectures + (LP: #1389897) (Patch thanks to mwhudson, BenC, and infinity) + + -- Serge Hallyn Tue, 11 Nov 2014 15:51:47 -0600 + +qemu (2.1+dfsg-4ubuntu7) vivid; urgency=medium + + * Apply two patches to fix intermittent qemu-img corruption + (LP: #1368815) + - 501-block-raw-posix-fix-disk-corruption-in-try-fiemap + - 502-block-raw-posic-use-seek-hole-ahead-of-fiemap + + -- Serge Hallyn Wed, 29 Oct 2014 22:31:43 -0500 + +qemu (2.1+dfsg-4ubuntu6) utopic; urgency=medium + + * debian/control: slof is moving into main, so we can depend on qemu-slof as + debian does. + + -- Serge Hallyn Wed, 15 Oct 2014 22:01:27 +0200 + +qemu (2.1+dfsg-4ubuntu5) utopic; urgency=medium + + * debian/binfmt-update-in: don't blacklist ppc64le on ppc64 and vice + versa. + * Drop Support-ppc64le.pach, as that architecture appears to not exist yet. + * update d/p/ubuntu/define-ubuntu-machine-types.patch to keep -M pc pointing + to latest upstream machine type, rather than distro one. Add 'ubuntu' + machine type for that. + + -- Serge Hallyn Mon, 06 Oct 2014 13:41:31 -0500 + +qemu (2.1+dfsg-4ubuntu4) utopic; urgency=medium + + * debian/qemu-system-x86.qemu-kvm.upstart: create /dev/kvm in a + container. (LP: #1370199) + * load kvm module on ppc64le at boot (LP: #1369785) + - debian/rules: install qemu-kvm on ppc64el + - add debian/qemu-system-ppc.qemu-kvm.{upstart,default} to autoload the + kvm-hv module if available + * qemu-system-x86.maintscript: remove accidentally installed + /etc/init.d/qemu-system-x86 (from 2.0.0+dfsg-6ubuntu1 and a few earlier) + * rename qemu-system-x86 init script to qemu-kvm so it gets installed in + ubuntu. + + -- Serge Hallyn Wed, 17 Sep 2014 14:20:12 -0500 + +qemu (2.1+dfsg-4ubuntu3) utopic; urgency=medium + + * Re-stick the trusty machine type to 2.0 (where it must always stay) and + define a new, default, pc-i440fx-utopic machine type (LP: #1369481) + + -- Serge Hallyn Mon, 15 Sep 2014 14:04:57 -0500 + +qemu (2.1+dfsg-4ubuntu2) utopic; urgency=medium + + * move kvm_intel nested setting to qemu-system-x86.postinst. + + -- Serge Hallyn Fri, 12 Sep 2014 23:12:52 +0000 + +qemu (2.1+dfsg-4ubuntu1) utopic; urgency=medium + + * Merge new debian release + * Remaining changes: + - qemu-system-common.postinst: + * remove acl placed by udev, and add udevadm trigger. + * reload kvm_intel if needed to set nested=1 + - qemu-system-common.preinst: add kvm group if needed + - add qemu-kvm upstart job and defaults file (rules, + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) + - rules,qemu-system-x86.modprobe: support use under older udevs which + do not auto-load the kvm kernel module. Enable nesting by default + on intel. + - debian/qemu-system-alternatives.in: use a later version as ubuntu + removed the alternatives bit later. + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty + machine type to ease future live vm migration. + - apport hook for qemu source package: d/source_qemu-kvm.py, + d/qemu-system-common.install + - debian/binfmt-update-in: support ppcle + * debian/binfmt-update-in + * Support-ppcle.patch + - d/p/CVE-2014-5388.patch + + -- Serge Hallyn Tue, 09 Sep 2014 17:56:15 -0500 + +qemu (2.1+dfsg-4) unstable; urgency=medium + + * mention libnuma-dev but not enable for now + * 9p-readdir.patch: fix readdir in 9p mapped mode (Closes: #755738) + * pc-reserve-more-memory-for-acpi.patch: fix linux -kernel not working + with new qemu (Closes: #759522) + * qemu-options-add-missing--drive-discard-option-to-cmdline-help.diff - + documentation fix + * mention that 2.1 closed #754336. + * move qemu-bridge-helper to /usr/lib/qemu/ subdir (lintian) + * debian/binfmt-update-in (Serge Hallyn): + - don't run in a container + - add ppc64le as target + * add apport hook from ubuntu package (ubuntu-only for now) + + -- Michael Tokarev Sun, 31 Aug 2014 09:32:59 +0400 + +qemu (2.1+dfsg-3ubuntu4) utopic; urgency=medium + + * SECURITY UPDATE: memory disclosure via out-of-bounds array access + - debian/patches/CVE-2014-5388.patch: fix check in hw/acpi/pcihp.c. + - CVE-2014-5388 + + -- Marc Deslauriers Tue, 09 Sep 2014 08:26:24 -0400 + +qemu (2.1+dfsg-3ubuntu3) utopic; urgency=medium + + * replace d/p/revert-acpi-table-size-bump with + pc-reserve-more-memory-for-acpi.patch from upstream + * debian/binfmt-update-in + - don't run in a container + - add ppc64le as target (LP: #1358268) + * Add experimental ppcle support (LP: #1358268) + + -- Serge Hallyn Wed, 27 Aug 2014 18:24:32 -0500 + +qemu (2.1+dfsg-3ubuntu2) utopic; urgency=medium + + * revert-acpi-table-size-bump - get qemu -kernel working again. + + -- Serge Hallyn Fri, 15 Aug 2014 15:33:24 -0500 + +qemu (2.1+dfsg-3ubuntu1) utopic; urgency=medium + + * Merge new debian release + * Remaining changes: + - control-in: stick to libsdl1.2-dev. + - qemu-system-common.install: add debian/tmp/usr/lib to install the + qemu-bridge-helper + - qemu-system-common.postinst: remove acl placed by udev, + and add udevadm trigger. + - qemu-system-common.preinst: add kvm group if needed + - add qemu-kvm upstart job and defaults file (rules, + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) + - rules,qemu-system-x86.modprobe: support use under older udevs which + do not auto-load the kvm kernel module. Enable nesting by default + on intel. + - debian/qemu-system-alternatives.in: use a later version as ubuntu + removed the alternatives bit later. + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty + machine type to ease future live vm migration. + - apport hook for qemu source package: d/source_qemu-kvm.py, + d/qemu-system-common.install + * Upstart job: use getent group to check for kvm group + * apport: 'qemu' doesn't exist any more, so check for any qemu* tasks + + -- Serge Hallyn Fri, 15 Aug 2014 08:44:54 -0500 + +qemu (2.1+dfsg-3) unstable; urgency=medium + + * set SHELL = /bin/sh -e, so that more complex shell constructs + in d/rules will fail if any command fail inside + * check for pipe2() being a stub too, like utimensat() etc + * build-depend on gnutls-dev, not libgnutls*-dev, so the + buuld system will pick default gnutls impl (so it works for + backports and future versions) + * build-depend on libjpeg-dev not libjpeg8-dev + * minimum version of seabios is 1.7.5 (Closes: #757958) + * ide-only-constrain-read_write-requests-to-drive-size.diff + (Closes: #757927) + * added use-arch-data-path.patch, to be able to search for binary + blobs in several (arch-specific) data directories instead of just one. + * removed all blob/firmware symlinks from qemu-system-x86, using + arch-specific datapath instead (/usr/share/seabios:/usr/lib/ipxe/qemu) + * removed retry-pxe-after-efi.patch and depend on ipxe-qemu which + introduced efi boot roms. qemu should not try to load "wrong" + ROM, or else migration will fail due to rom size mismatch. + * include /usr/lib/qemu-bridge-helper binary, but not make it setuid + due to security concerns outlined in #691138 (Closes: #691138) + * make vnc-jpeg not debian-specific + * install kvm-spice symlinks on ubuntu + + -- Michael Tokarev Thu, 14 Aug 2014 14:30:24 +0400 + +qemu (2.1+dfsg-2ubuntu2) utopic; urgency=medium + + * reload kvm_intel if needed to set the nested=Y flag (LP: #1324174) + + -- Serge Hallyn Mon, 11 Aug 2014 12:58:50 -0500 + +qemu (2.1+dfsg-2ubuntu1) utopic; urgency=medium + + * Merge new debian release + * Remaining changes: + - qemu-system-x86.links: add eepro100.rom link, drop links which we + have in ipxe-qemu package. + - control-in: stick to libsdl1.2-dev. + - qemu-system-common.install: add debian/tmp/usr/lib to install the + qemu-bridge-helper + - qemu-system-common.postinst: remove acl placed by udev, + and add udevadm trigger. + - qemu-system-common.preinst: add kvm group if needed + - add qemu-kvm upstart job and defaults file (rules, + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) + - debian/rules: add qemu-kvm-spice + - rules,qemu-system-x86.modprobe: support use under older udevs which + do not auto-load the kvm kernel module. Enable nesting by default + on intel. + - binfmt-update-in: make sure to filter out compat arches. + - debian/qemu-system-alternatives.in: use a later version as ubuntu + removed the alternatives bit later. + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty + machine type to ease future live vm migration. + - apport hook for qemu source package: d/source_qemu-kvm.py, + d/qemu-system-common.install + + -- Serge Hallyn Tue, 05 Aug 2014 13:53:06 -0500 + +qemu (2.1+dfsg-2) unstable; urgency=medium + + * l2tp-linux-only.patch: fix FTBFS on kfreebsd + * imx_timer_TIMER_MAX_clash.diff: fix ITIMER_MAX definition clash + * remove kfreebsd hack which disabled usb support on this platform + since qemu-1.3: it isn't needed anymore + + -- Michael Tokarev Sat, 02 Aug 2014 00:51:04 +0400 + +qemu (2.1+dfsg-1) unstable; urgency=medium + + * new upstream release + Closes: #739589: + CVE-2013-4148 CVE-2013-4149 CVE-2013-4150 CVE-2013-4151 + CVE-2013-4526 CVE-2013-4527 CVE-2013-4528 + CVE-2013-4530 CVE-2013-4531 CVE-2013-4532 CVE-2013-4533 CVE-2013-4534 + CVE-2013-4535 CVE-2013-4536 CVE-2013-4537 CVE-2013-4538 CVE-2013-4539 + CVE-2013-4540 CVE-2013-4541 CVE-2013-4542 + CVE-2013-6399 CVE-2014-0182 CVE-2014-3461 + Closes: #735618 + Closes: #754336 + Closes: CVE-2014-3471 (pcie hotplug/hotunplug) + * versioned build-depend on libiscsi-dev (>>1.9.0~) + * added ppc64le user target + * fix description of qemu-user-binfmt wrt "empty" (Closes: #755988) + * use /usr/share/dpkg/pkg-info.mk instead of inventing the same locally + * added debian/get-orig-source.sh (and a d/rules target) + * set ubuntu vcs branch to ubuntu-utopic + * binfmt-update-in: make sure to filter out compat arches + + -- Michael Tokarev Fri, 01 Aug 2014 20:06:22 +0400 + +qemu (2.0.0+dfsg-7) unstable; urgency=medium + + * clarify description of qemu-user-binfmt a bit + * build-depend on acpica-tools (iasl) in order to rebuild .dsl files + * remove qemu-keymaps package, since it is not used by other tools + anymore, and ship keymaps in qemu-system-common. + * remove (and break by qemu-system-common) old qemu-common for + ubuntu too, since it was transitional-to-qemu-keymaps pkg + * reorganize docs (Closes: #751376): + - do not ship docs in qemu (meta)package, except of qemu-doc.html + - ship most of docs/* in qemu-system-common in /usr/share/doc/q-s-c/ + - make symlinks from /usr/share/doc/qemu-system-foo/common to ../q-s-c/ + - ship doc-base file for qemu-system-common too (for qemu-doc.html) + - rename qemu.1 manpage to qemu-system.1 + * qemu-user-static & qemu-user-binfmt conflict with each other, not break. + * mention that qemu-user-binfmt is empty package (lintian) + + -- Michael Tokarev Thu, 24 Jul 2014 16:51:16 +0400 + +qemu (2.0.0+dfsg-6ubuntu2) utopic; urgency=medium + + * d/qemu-system-x86.qemu-kvm.upstart: change the early-exit check from + /usr/bin/kvm to qemu-system-x86_64. (LP: #1348551) + + -- Serge Hallyn Fri, 25 Jul 2014 08:35:02 -0500 + +qemu (2.0.0+dfsg-6ubuntu1) utopic; urgency=medium + + * Merge 2.0.0+dfsg-6. Remaining changes: + - qemu-system-x86.links: add eepro100.rom link, drop links which we + have in ipxe-qemu package. + - control-in: stick to libgnutls-dev and libsdl1.2-dev. + - qemu-system-common.install: add debian/tmp/usr/lib to install the + qemu-bridge-helper + - qemu-system-common.postinst: remove acl placed by udev, + and add udevadm trigger. + - qemu-system-common.preinst: add kvm group if needed + - add qemu-kvm upstart job and defaults file (rules, + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) + - debian/rules: add qemu-kvm-spice + - rules,qemu-system-x86.modprobe: support use under older udevs which + do not auto-load the kvm kernel module. Enable nesting by default + on intel. + - binfmt-update-in: make sure to filter out compat arches. + - debian/qemu-system-alternatives.in: use a later version as ubuntu + removed the alternatives bit later. + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default + in qemu64 cpu type. + - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty + machine type to ease future live vm migration. + - re-introduce apport hook for qemu source package: + d/source_qemu-kvm.py, d/qemu-system-common.install + * enable-build-dep on libjpeg8-dev - which is now in main + + -- Serge Hallyn Mon, 23 Jun 2014 14:52:54 -0500 + +qemu (2.0.0+dfsg-6) unstable; urgency=medium + + * build-depend on libgnutls28-dev not libgnutls-dev + * added qcow1 block format validation patches from upstream: + block-fmt-validation/qcow1-check-maximum-cluster-size.patch + block-fmt-validation/qcow1-stricter-backing-file-length-check.patch + block-fmt-validation/qcow1-validate-image-size-CVE-2014-0223.patch + block-fmt-validation/qcow1-validate-L2-table-size-CVE-2014-0222.patch + (Finally closes: #742730, CVE-2014-0222, CVE-2014-0223) + + -- Michael Tokarev Fri, 23 May 2014 12:12:38 +0400 + +qemu (2.0.0+dfsg-5) unstable; urgency=medium + + * re-re-enable rbd (ceph) support again (Closes: #689239) + Should watch for breakage and for runtime dependencies closely from now on. + * fix qemu-kvm package description (stop mentioning it is transitional) + * move all binfmt handling from many files to d/binfmt-update-in + * introduce qemu-user-binfmt (dummy) package to support binfmt + registration of qemu-user binaries (Closes: #677529) + + -- Michael Tokarev Tue, 13 May 2014 21:15:48 +0400 + +qemu (2.0.0+dfsg-4) unstable; urgency=medium + + * suggests ovmf, not recommends it as it is not in -main (Closes: #745698) + * cputlb-fix-regression-with-TCG-interpreter.patch (Closes: #744342) + + -- Michael Tokarev Wed, 30 Apr 2014 10:03:55 +0400 + +qemu (2.0.0+dfsg-3) unstable; urgency=low + + * 2.0.0 closed #744213 (CVE-2013-4544) and #745157 (CVE-2014-2894) + * mjt-set-oem-in-rsdt-like-slic.diff: apply a (hackish) patch to simplify + running OEM versions of windows vista and 7 in qemu using SLIC table + from current hardware. + * set VENDOR in d/rules + * added forgotten qemu-kvm Pre-Depends field + * switch back from sdl2 to sdl1, as the former apparently isn't ready yet + (Closes: #745269) + + -- Michael Tokarev Mon, 21 Apr 2014 12:34:03 +0400 + +qemu (2.0.0+dfsg-2ubuntu3) utopic; urgency=medium + + * remove alternatives for qemu: different architectures + aren't really alternatives and never had been (LP: #1316829) + + -- Serge Hallyn Wed, 07 May 2014 15:12:33 +0000 + +qemu (2.0.0+dfsg-2ubuntu2) utopic; urgency=medium + + * debian/rules: install the proper /etc/init/qemu-kvm.conf (LP: #1315402) + * debian/control: drop the versioning requirement from libfdt-dev + build-dependency, as it is longer needed (LP: #1295072) + + -- Serge Hallyn Fri, 02 May 2014 11:43:44 -0500 + +qemu (2.0.0+dfsg-2ubuntu1) trusty-proposed; urgency=medium + + * Merge 2.0.0+dfsg-2 + * Incorporates a fix for spice users (LP: #1309452) + * drop patch kvm_physical_sync_dirty_bitmap-ignore-ENOENT-from-kv.patch, as + the regression requiring it was reverted for 2.0 upstream. + * remove qemu-system-common depends on the qemu-system-aarch64 metapackage + * debian/qemu-debootstrap: add arm64 + * Remaining changes from debian: + - keep qemu 'alternative' (not something to change in SRU) + - debian/control and debian/control-in: + * versioned libfdt-dev check, until libfdt is fixed in precise + * enable rbd + * remove ovmf Recommends, as it is in multiverse + * use libsdl1.2, not libsdl2, since libsdl2-dev is in universe + * add a qemu-system-aarch64 metapackage for transitions from trusty + development version. This can be removed after trusty. + - qemu-system-common.install: add debian/tmp/usr/lib to install the + qemu-bridge-helper + - qemu-system-common.postinst: fix /dev/kvm acls + - qemu-system-common.preinst: add kvm group if needed + - qemu-system-x86.links: add eepro100.rom link, drop links which we + have in ipxe-qemu package. + - qemu-system-x86.modprobe: set module options for older releases + - qemu-system-x86.qemu-kvm.default: defaults for the upstart job + - qemu-system-x86.qemu-kvm.upstart: qemu-kvm upstart job + - qemu-user-static.postinst-in: remove qemu-arm64-static on arm64 + - debian/rules + * add legacy kvm-spice link + * fix ppc and arm slections + * add aarch64 to user_targets + - debian/patches/ubuntu/define-trusty-machine-type.patch: define a + pc-i440fx-trusty machine type as the default. + - debian/patches/ubuntu/expose-vmx_qemu64cpu.patch: support nesting by + default in qemu64 cpu time. + + -- Serge Hallyn Fri, 18 Apr 2014 09:23:27 -0500 + +qemu (2.0.0+dfsg-2) unstable; urgency=medium + + * resurrect 02_kfreebsd.patch, -- without it qemu FTBFS on current + Debian kFreeBSD system still. + + -- Michael Tokarev Thu, 17 Apr 2014 22:04:38 +0400 + +qemu (2.0.0+dfsg-1) unstable; urgency=low + + * new upstream major release + Closes: #744213 CVE-2013-4544 + Closes: #745157 CVE-2014-2894 + * 2.0 actually does not close #739589, + remove it from from last changelog entry + * mention closing of #707629 by 2.0 + * mention a list of CVE IDs closed by #742730 + * mention closing of CVE-2013-4377 by 1.7.0-6 + * do not set --enable-uname-release=2.6.32 for qemu-user anymore + (was needed for old ubuntu builders) + * removed 02_kfreebsd.patch: it adds configure check for futimens() and + futimesat() syscalls on FreeBSD, however futimens() appeared in FreeBSD + 5.0, and futimesat() in 8.0, and 8.0 is the earliest supported version + * kmod dependency is linux-any + * doc-grammify-allows-to.patch: fix some lintian warnings + * remove alternatives for qemu: different architectures + aren't really alternatives and never had been + * update Standards-Version to 3.9.5 (no changes needed) + * exec-limit-translation-limiting-in-address_space_translate-to-xen.diff - + fixes windows BSOD with virtio-scsi when upgrading from 1.7.0 to 1.7.1 + or 2.0, among other things + + -- Michael Tokarev Thu, 17 Apr 2014 18:27:15 +0400 + +qemu (2.0.0~rc1+dfsg-1exp) experimental; urgency=low + + * new upstream release candidate (2.0-rc1) + Closes: #742730 -- image format processing issues: + CVE-2014-0142 CVE-2014-0143 CVE-2014-0144 CVE-2014-0145 + CVE-2014-0146 CVE-2014-0147 CVE-2014-0148 + Closes: #743235, #707629 + * refreshed patches: + 02_kfreebsd.patch + retry-pxe-after-efi.patch + use-fixed-data-path.patch + * removed patches applied upstream: + qemu-1.7.1.diff + address_space_translate-do-not-cross-page-boundaries.diff + fix-smb-security-share.patch + slirp-smb-redirect-port-445-too.patch + implement-posix-timers.diff + linux-user-fixed-s390x-clone-argument-order.patch + * added bios-256k.bin symlink and bump seabios dependency to >= 1.7.4-2 + * recommend ovmf package for qemu-system-x86 to support UEFI boot + (Closes: #714249) + * switch from sdl1 to sdl2 (build-depend on libsdl2-dev) + * output last 50 lines of config.log in case configure failed + + -- Michael Tokarev Sat, 05 Apr 2014 16:23:48 +0400 + +qemu (2.0.0~rc1+dfsg-0ubuntu3) trusty; urgency=medium + + * d/p/ubuntu/kvm_physical_sync_dirty_bitmap-ignore-ENOENT-from-kv.patch + don't abort() just because the kernel has no dirty bitmap. + (LP: #1303926) + + -- Serge Hallyn Tue, 08 Apr 2014 22:32:00 -0500 + +qemu (2.0.0~rc1+dfsg-0ubuntu2) trusty; urgency=medium + + * define-trusty-machine-type.patch: update the trusty machine type name to + pc-i440fx-trusty (LP: #1304107) + + -- Serge Hallyn Tue, 08 Apr 2014 11:49:04 -0500 + +qemu (2.0.0~rc1+dfsg-0ubuntu1) trusty; urgency=medium + + * Merge 2.0.0-rc1 + * debian/rules: consolidate ppc filter entries. + * Move qemu-system-arch64 into qemu-system-arm + * debian/patches/define-trusty-machine-type.patch: define a trusty machine + type, currently the same as pc-i440fx-2.0, to put is in a better position + to enable live migrations from trusty onward. (LP: #1294823) + * debian/control: build-dep on libfdt >= 1.4.0 (LP: #1295072) + * Merge latest upstream git to commit dc9528f + * Debian/rules: + - remove -enable-uname-release=2.6.32 + - don't make the aarch64 target Ubuntu-specific. + * Remove patches which are now upstream: + - fix-smb-security-share.patch + - slirp-smb-redirect-port-445-too.patch + - linux-user-Implement-sendmmsg-syscall.patch (better version is upstream) + - signal-added-a-wrapper-for-sigprocmask-function.patch + - ubuntu/signal-sigsegv-protection-on-do_sigprocmask.patch + - ubuntu/Don-t-block-SIGSEGV-at-more-places.patch + - ubuntu/ppc-force-cpu-threads-count-to-be-power-of-2.patch + * add link for /usr/share/qemu/bios-256k.bin + * Remove all linaro patches. + * Remove all arm64/ patches. Many but not all are upstream. + * Remove CVE-2013-4377.patch which is upstream. + * debian/control-in: don't make qemu-system-aarch64 ubuntu-specific + + -- Serge Hallyn Tue, 25 Feb 2014 22:31:43 -0600 + +qemu (1.7.0+dfsg-9) unstable; urgency=medium + + * remove rbd/rados/ceph support *again*, till they'll actually provide + some symbol/library version mechanism + (Closes: #744364, Reopens: #729961, #689239) + + -- Michael Tokarev Sun, 13 Apr 2014 18:49:46 +0400 + +qemu (1.7.0+dfsg-8) unstable; urgency=low + + * fix a brown-paper-bag bug in the previous upload + + -- Michael Tokarev Fri, 11 Apr 2014 22:01:32 +0400 + +qemu (1.7.0+dfsg-7) unstable; urgency=high + + * fix guest-triggerable buffer overrun in virtio-net device + (Closes: #744221 CVE-2014-0150) + + -- Michael Tokarev Fri, 11 Apr 2014 20:27:16 +0400 + +qemu (1.7.0+dfsg-6) unstable; urgency=medium + + * make ceph (rbd) support linux-only, since it exists only on linux + + -- Michael Tokarev Sat, 05 Apr 2014 13:59:48 +0400 + +qemu (1.7.0+dfsg-5) unstable; urgency=medium + + * remove OVMF.fd symlink added in -4, it belongs to ovmf (Closes: #741494) + * qemu-debootstrap: add support for arm64 architecture (Closes: #740112) + * mention closing of #725176 by 1.7.0 + + -- Michael Tokarev Thu, 13 Mar 2014 06:21:01 +0400 + +qemu (1.7.0+dfsg-4) unstable; urgency=medium + + [ Michael Tokarev ] + * 1.7.1 stable upstream release (Closes: #719633) + Closes: CVE-2013-4377 + * implement-posix-timers.diff from upstream (Closes: #732258) + * address_space_translate-do-not-cross-page-boundaries.diff - + upstream bugfix for xen + * break libvirt << 1.2, not just 1.0, we need 1.2+ after qemu-1.6. + * add linux-user-fixed-s390x-clone-argument-order.patch (Closes: #739800) + * re-enable cepth (rbd) support (Closes: #729961, #689239) + + [ Steve Langasek ] + * (from Ubuntu) add symlink for OVMF.fd, which is now available in Debian + non-free. + * libusbredir is enabled in Ubuntu too, so sync debian/control. + * Enable building for ppc64el (in both Debian and Ubuntu): Debian does not + have a ppc64el port yet, but qemu builds out of the box there so it's + safe/appropriate to enable. + * Merge in Ubuntu-specific (and Ubuntu-tagged) debian/control changes. + * Enable building for arm64; the arm64 target is not yet merged, but the + package doesn't need arm64 target support to build for an arm64 host. + + [ Riku Voipio ] + * control: build-depend on python:any (change originally made + in Aug-2013 but reverted by mjt later) + + -- Michael Tokarev Wed, 12 Mar 2014 18:34:03 +0400 + +qemu (1.7.0+dfsg-3ubuntu7) trusty; urgency=low + + * No-change rebuild to build with libxen-4.4. + + -- Stefan Bader Fri, 21 Mar 2014 10:04:36 +0100 + +qemu (1.7.0+dfsg-3ubuntu6) trusty; urgency=medium + + * d/p/ubuntu/ppc-force-cpu-threads-count-to-be-power-of-2.patch: cherrypick + upstream patch to force cpu count on ppc to be a power of 2. (LP: #1279682) + + -- Serge Hallyn Tue, 11 Mar 2014 00:03:00 -0500 + +qemu (1.7.0+dfsg-3ubuntu5) trusty; urgency=medium + + [ dann frazier ] + * Add patches from the susematz tree to avoid intermittent segfaults: + - ubuntu/signal-added-a-wrapper-for-sigprocmask-function.patch + - ubuntu/signal-sigsegv-protection-on-do_sigprocmask.patch + - ubuntu/Don-t-block-SIGSEGV-at-more-places.patch + + [ Serge Hallyn ] + * Modify do_sigprocmask to only change behavior for aarch64. + (LP: #1285363) + + -- Serge Hallyn Thu, 06 Mar 2014 16:15:50 -0600 + +qemu (1.7.0+dfsg-3ubuntu4) trusty; urgency=medium + + [ Steve Langasek ] + * Merge debian/control with unreleased Debian branch: our architecture + lists should now be in sync. + + [ Dann Frazier ] + * ubuntu/linux-user-Implement-sendmmsg-syscall.patch: Fix user mode DNS + on arm64 and maybe others. (LP: #1284344) + + [ Serge Hallyn ] + * Move the OVMF.fd link to the ovmf package. + + -- Serge Hallyn Fri, 21 Feb 2014 12:14:53 -0800 + +qemu (1.7.0+dfsg-3ubuntu3) trusty; urgency=medium + + * Add ppc64el to the architecture list (supposedly added in the previous + upload, but really wasn't). + + -- Steve Langasek Thu, 20 Feb 2014 23:40:07 -0800 + +qemu (1.7.0+dfsg-3ubuntu2) trusty; urgency=medium + + * Backport changes to enable qemu-user-static support for aarch64 + * debian/control: add ppc64el to Architectures + * debian/rules: only install qemu-system-aarch64 on arm64. + Fixes a FTBFS when built twice in a row on non-arm64 due to a stale + debian/qemu-system-aarch64 directory + + -- dann frazier Tue, 11 Feb 2014 15:41:53 -0700 + +qemu (1.7.0+dfsg-3ubuntu1) trusty; urgency=medium + + * Fix broken filter_binfmts + * Remove use of dpkg-version in postinsts, as we're not Depending on + dpkg-dev. + + -- Serge Hallyn Wed, 05 Feb 2014 21:57:38 -0600 + +qemu (1.7.0+dfsg-3ubuntu1~ppa1) trusty; urgency=medium + + * Merge 1.7.0+dfsg-3 from debian. Remaining changes: + - debian/patches/ubuntu: + * expose-vmx_qemu64cpu.patch + * linaro (omap3) and arm64 patches + * ubuntu/target-ppc-add-stubs-for-kvm-breakpoints: fix FTBFS + on ppc + * ubuntu/CVE-2013-4377.patch: fix denial of service via virtio + - debian/qemu-system-x86.modprobe: set kvm_intel nested=1 options + - debian/control: + * add arm64 to Architectures + * add qemu-common and qemu-system-aarch64 packages + - debian/qemu-system-common.install: add debian/tmp/usr/lib + - debian/qemu-system-common.preinst: add kvm group + - debian/qemu-system-common.postinst: remove acl placed by udev, + and add udevadm trigger. + - qemu-system-x86.links: add eepro100.rom, remove pxe-virtio, + pxe-e1000 and pxe-rtl8139. + - add qemu-system-x86.qemu-kvm.upstart and .default + - qemu-user-static.postinst-in: remove arm64 binfmt + - debian/rules: + * allow parallel build + * add aarch64 to system_targets and sys_systems + * add qemu-kvm-spice links + * install qemu-system-x86.modprobe + - add debian/qemu-system-common.links for OVMF.fd link + * Remove kvm-img, kvm-nbd, kvm-ifup and kvm-ifdown symlinks. + + -- Serge Hallyn Tue, 04 Feb 2014 12:13:08 -0600 + +qemu (1.7.0+dfsg-3) unstable; urgency=low + + * qemu-kvm: fix versions for Breaks/Replaces/Depends on qemu-system-x86 + * qemu-system-ppc: depend on openbios-ppc >= 1.1+svn1229 to fix boot issues + * qemu-system-sparc: depend on openbios-sparc >= 1.1+svn1229 too + * remove unused lintian overrides for qemu-user from qemu (meta)package + * qemu-system-*: depend on unversioned qemu-keymaps and qemu-system-common + packages (no particular version of any is hard-required) + * remove debian/README.source (was from quilt) + * add myself to debian/copyright + * reorder d/control to have Recommends:/Suggests: closer to Depends. + * rename d/control to d/control-in and add a d/rules rule to build it + based on ${VENDOR} + * allow different content in d/control for debian/ubuntu + * added debian/README-components-versions + * fixed qemu-armeb binfmt (Closes: #735078) + * added powerpcspe host arch (Closes: #734696) + * do not check for presence of update-alternatives which is part of dpkg + (Closes: #733222) + * do not call update-alternative --remove from postrm:remove + (lintian complains about this) + * add efi netrom links. This requires new ipxe-qemu. + + -- Michael Tokarev Thu, 16 Jan 2014 15:17:46 +0400 + +qemu (1.7.0+dfsg-2ubuntu9) trusty; urgency=medium + + * debian/qemu-user-static.postinst-in: remove arm64 qemu-user binfmt, which + may have been installed up to 1.6.0+dfsg-2ubuntu4 (LP: #1273654) + + -- Serge Hallyn Tue, 28 Jan 2014 14:41:20 +0000 + +qemu (1.7.0+dfsg-2ubuntu8) trusty; urgency=medium + + * SECURITY UPDATE: denial of service via virtio device hot-plugging + - debian/patches/CVE-2013-4377.patch: upstream commits to refactor + virtio device unplugging. + - CVE-2013-4377 + + -- Marc Deslauriers Mon, 27 Jan 2014 09:10:37 -0500 + +qemu (1.7.0+dfsg-2ubuntu7) trusty; urgency=medium + + * d/p/target-ppc-add-stubs-for-kvm-breakpoints: fix FTBFS on + powerpc. + + -- Serge Hallyn Wed, 22 Jan 2014 11:59:26 -0600 + +qemu (1.7.0+dfsg-2ubuntu6) trusty; urgency=medium + + [ Serge Hallyn ] + * add arm64 patchset from upstream. The three arm virt patches previously + pushed are in that set, so drop them. + + [ dann frazier ] + * Add packaging for qemu-system-aarch64. This package is currently only + available for arm64, as full software emulation is not yet supported. + + -- Serge Hallyn Fri, 10 Jan 2014 12:19:08 -0600 + +qemu (1.7.0+dfsg-2ubuntu5) trusty; urgency=medium + + * Drop d/p/fix-pci-add: upstream does not intend for pci_add to be + supported any longer. + * Add patchset from git://git.linaro.org/qemu/qemu-linaro.git#rebasing + * Refresh debian/patches/hw_arm_add_virt_platform.patch against context + churn caused by linaro patchset. + * debian/rules: enable parallel builds. + + -- Serge Hallyn Fri, 03 Jan 2014 10:53:17 -0600 + +qemu (1.7.0+dfsg-2ubuntu4) trusty; urgency=medium + + * d/control: enable usbredir (LP: 1126390) + + -- Serge Hallyn Thu, 02 Jan 2014 08:55:43 -0600 + +qemu (1.7.0+dfsg-2ubuntu3) trusty; urgency=medium + + * add missing arm virt patches from the mach-virt-v7 branch of + git://git.linaro.org/people/cdall/qemu-arm.git + + -- Serge Hallyn Wed, 18 Dec 2013 12:25:59 -0600 + +qemu (1.7.0+dfsg-2ubuntu2) trusty; urgency=medium + + * debian/control: add arm64 to list of architectures. + + -- Serge Hallyn Thu, 12 Dec 2013 10:22:47 -0600 + +qemu (1.7.0+dfsg-2ubuntu1) trusty; urgency=low + + * Merge 1.7.0+dfsg-2 from debian experimental. Remaining changes: + - debian/control + * update maintainer + * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev + from build-deps + * enable rbd + * add qemu-system and qemu-common B/R to qemu-keymaps + * add D:udev, R:qemu, R:qemu-common and B:qemu-common to + qemu-system-common + * qemu-system-arm, qemu-system-ppc, qemu-system-sparc: + - add qemu-common, qemu-kvm, kvm to B/R + - remove openbios-sparc from qemu-system-sparc D + - drop openbios-ppc and openhackware Depends to Suggests (for now) + * qemu-system-x86: + - add qemu-common to Breaks/Replaces. + - add cpu-checker to Recommends. + * qemu-user: add B/R:qemu-kvm + * qemu-kvm: + - add armhf armel powerpc sparc to Architecture + - C/R/P: qemu-kvm-spice + * add qemu-common package + * drop qemu-slof which is not packaged in ubuntu + - add qemu-system-common.links for tap ifup/down scripts and OVMF link. + - qemu-system-x86.links: + * remove pxe rom links which are in kvm-ipxe + - debian/rules + * add kvm-spice symlink to qemu-kvm + * call dh_installmodules for qemu-system-x86 + * update dh_installinit to install upstart script + * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2) + - Add qemu-utils.links for kvm-* symlinks. + - Add qemu-system-x86.qemu-kvm.upstart and .default + - Add qemu-system-x86.modprobe to set nesting=1 + - Add qemu-system-common.preinst to add kvm group + - qemu-system-common.postinst: remove bad group acl if there, then have + udev relabel /dev/kvm. + - New linaro patches from qemu-linaro rebasing branch + - Dropped patches: + * linaro patchset + * mach-virt patchset + - Kept patches: + * expose_vms_qemu64cpu.patch + * fix-pci-add + * qemu-system-common.install: add debian/tmp/usr/lib to install the + qemu-bridge-helper + + -- Serge Hallyn Sat, 07 Dec 2013 06:08:11 +0000 + +qemu (1.7.0+dfsg-2) unstable; urgency=low + + * switch from vgabios to seavgabios + * rework update-alternatives handling for qemu-system (Closes: #722914) + * mention closing of #326886, #390444, #706237 and CVE-2013-4375 for 1.7.0 + * rearrange libvte-dev build-dependency to come together with gtk, and + comment it out (since gtk frontend isn't being built) + * re-introduce qemu-kvm package with just a wrapper (/usr/bin/kvm) + and make this wrapper to force kvm mode (Closes: #727762) + * use less strict dependency on qemu-keymaps + * added fix-smb-security-share.patch by Michael Büsch (Closes: #727756) + * added move-ncalrpc-dir-to-tmp.patch by Michael Büsch (Closes: #728876) + + -- Michael Tokarev Fri, 29 Nov 2013 00:16:44 +0400 + +qemu (1.7.0+dfsg-1) unstable; urgency=low + + * new upstream release (Closes: #724758, #326886, #390444, #706237, #725176) + Also fixes CVE-2013-4375 (xen-specific qemu disk backend (qdisk) + resource leak) + * tweak kvm loading script to not load module for 3.4+ kernel + (kernel autoloads kvm modules since 3.4) (Closes: #717811) + * mention closing of #721713, #710971, #674201 + * refresh use-fixed-data-path.patch to contain just the min. changes + * fix pxe-eepro100.rom link (never worked in qemu due to wrong name) + * remove old $Id$ line from debian/rules + + -- Michael Tokarev Thu, 28 Nov 2013 03:14:21 +0400 + +qemu (1.6.0+dfsg-2ubuntu2) trusty; urgency=low + + * debian/control: qemu-utils must Replace: qemu-kvm as it did in raring, + to prevent lts-to-lts updates from breaking. (LP: #1243403) + + -- Serge Hallyn Wed, 23 Oct 2013 14:31:05 -0500 + +qemu (1.6.0+dfsg-2ubuntu1) trusty; urgency=low + + * Merge 1.6.0~rc0+dfsg-2exp from debian experimental. Remaining changes: + - debian/control + * update maintainer + * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev + from build-deps + * enable rbd + * add qemu-system and qemu-common B/R to qemu-keymaps + * add D:udev, R:qemu, R:qemu-common and B:qemu-common to + qemu-system-common + * qemu-system-arm, qemu-system-ppc, qemu-system-sparc: + - add qemu-kvm to Provides + - add qemu-common, qemu-kvm, kvm to B/R + - remove openbios-sparc from qemu-system-sparc D + - drop openbios-ppc and openhackware Depends to Suggests (for now) + * qemu-system-x86: + - add qemu-common to Breaks/Replaces. + - add cpu-checker to Recommends. + * qemu-user: add B/R:qemu-kvm + * qemu-kvm: + - add armhf armel powerpc sparc to Architecture + - C/R/P: qemu-kvm-spice + * add qemu-common package + * drop qemu-slof which is not packaged in ubuntu + - add qemu-system-common.links for tap ifup/down scripts and OVMF link. + - qemu-system-x86.links: + * remove pxe rom links which are in kvm-ipxe + * add symlink for kvm.1 manpage + - debian/rules + * add kvm-spice symlink to qemu-kvm + * call dh_installmodules for qemu-system-x86 + * update dh_installinit to install upstart script + * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2) + - Add qemu-utils.links for kvm-* symlinks. + - Add qemu-system-x86.qemu-kvm.upstart and .default + - Add qemu-system-x86.modprobe to set nesting=1 + - Add qemu-system-common.preinst to add kvm group + - qemu-system-common.postinst: remove bad group acl if there, then have + udev relabel /dev/kvm. + - New linaro patches from qemu-linaro rebasing branch + - Dropped patches: + * xen-simplify-xen_enabled.patch + * sparc-linux-user-fix-missing-symbols-in-.rel-.rela.plt-sections.patch + * main_loop-do-not-set-nonblocking-if-xen_enabled.patch + * xen_machine_pv-do-not-create-a-dummy-CPU-in-machine-.patch + * virtio-rng-fix-crash + - Kept patches: + * expose_vms_qemu64cpu.patch - updated + * linaro arm patches from qemu-linaro rebasing branch + - New patches: + * fix-pci-add: change CONFIG variable in ifdef to make sure that + pci_add is defined. + * Add linaro patches + * Add experimental mach-virt patches for arm virtualization. + * qemu-system-common.install: add debian/tmp/usr/lib to install the + qemu-bridge-helper + + -- Serge Hallyn Tue, 22 Oct 2013 22:47:07 -0500 + +qemu (1.6.0+dfsg-2) unstable; urgency=low + + * Build-depend in seccomp again once it is in -testing + * 1.6.1 upstream bugfix release (Closes: #725944, #721713, #710971) + * fix "allows [one] to" in qemu-ga description + * fix descriptions for qemu-system and qemu-system-common packages + + -- Michael Tokarev Fri, 11 Oct 2013 01:15:48 +0400 + +qemu (1.6.0+dfsg-1) unstable; urgency=low + + * final upstream v1.6.0 (Closes: #718180, #714273, #605525, #701855, #674201) + * removed configure-explicitly-disable-virtfs-if-softmmu=no.patch + * mention closing of #717724 by 1.6 + * mention closing of #710971 by 1.5 (which disabled gtk support) + + [ Riku Voipio ] + * - set --cross-prefix in debian/rules when cross-compiling + + -- Michael Tokarev Mon, 02 Sep 2013 15:18:49 +0400 + +qemu (1.6.0~rc0+dfsg-1exp) experimental; urgency=low + + * uploading to experimental (rc0) + * new upstream release (release candidate) (Closes: #718016, #717724) + * removed patches: + - qemu-1.5.1.diff + - sparc-linux-user-fix-missing-symbols-in-.rel-.rela.plt-sections.patch + * refreshed use-fixed-data-path.patch + * ship new qemu_logo_no_text.svg + * stop shipping sgabios symlink, it is moved to sgabios package + * bump version of libseccomp build dependency to 2.1 (minimum + required to build) and disable libseccomp for now (because it + isn't available in debian yet) + + -- Michael Tokarev Wed, 31 Jul 2013 10:49:30 +0400 + +qemu (1.5.0+dfsg-5) unstable; urgency=low + + * new upstream 1.5.1 stable/bugfix release (as qemu-1.5.1.diff) + removed qemu_openpty_raw-helper.patch (included upstream) + * configure-explicitly-disable-virtfs-if-softmmu=no.patch -- do not + build virtfs-proxy-helper stuff if not building system emulator + (fix FTBFS on s390) + * disable gtk ui and build dependencies, as it adds almost nothing + compared with sdl (well, except bugs and limitations), and has + lots of additional dependencies (Closes: #710971) + * remove obsolete /etc/init.d/qemu-kvm (Closes: #712898) + * fix versions of obsolete qemu-kvm conffiles to be removed + * provide manpage for obsolete kvm (Closes: #716891, #586973) + * add --daemonize option to the guest-agent startup script (Closes: #715502) + * clarify what qemu-guest-agent does (Closes: #714270) and provide + its json schema as a doc + + -- Michael Tokarev Tue, 23 Jul 2013 22:39:54 +0400 + +qemu (1.5.0+dfsg-4) unstable; urgency=medium + + * urgency is medium to make it go faster because, on one hand, we've + been in unstable for quite a bit longer than needed already and + have nothing but (build) fixes in there, but on the other hand + we're holding migration of other packages which are waiting for + us, again, for too long already + * added qemu_openpty_raw-helper.patch - a cleanup patch submitted upstream + which removes #include from common header and hence works + around FTBFS problem on debian sparc where somehow, conflicts + with . + + -- Michael Tokarev Thu, 06 Jun 2013 01:50:32 +0400 + +qemu (1.5.0+dfsg-3ubuntu6) trusty; urgency=low + + * No change rebuild for new seccomp. + + -- Stéphane Graber Mon, 21 Oct 2013 18:34:50 -0400 + +qemu (1.5.0+dfsg-3ubuntu5) saucy; urgency=low + + * Cherrypick upstream patch to fix crash with rng device (LP: #1235017) + - virtio-rng-fix-crash + + -- Serge Hallyn Wed, 09 Oct 2013 17:46:49 -0500 + +qemu (1.5.0+dfsg-3ubuntu4) saucy; urgency=low + + * Re-introduce snippet in upstart job to load kvm modules if needed. + (LP: #1218459) + + -- Serge Hallyn Mon, 16 Sep 2013 22:43:52 +0000 + +qemu (1.5.0+dfsg-3ubuntu3) saucy; urgency=low + + * Cherry-picking three Xen related patches targetted for qemu-stable: + * xen-simplify-xen_enabled.patch + * main_loop-do-not-set-nonblocking-if-xen_enabled.patch + * xen_machine_pv-do-not-create-a-dummy-CPU-in-machine-.patch + + -- Stefan Bader Fri, 26 Jul 2013 15:01:44 +0200 + +qemu (1.5.0+dfsg-3ubuntu2) saucy; urgency=low + + * Drop openbios-ppc and openhackware Depends to Suggests for now. + + -- Adam Conrad Wed, 05 Jun 2013 03:23:56 -0600 + +qemu (1.5.0+dfsg-3ubuntu1) saucy; urgency=low + + * Merge 1.5.0+dfs-3 from debian unstable. Remaining changes: + - debian/control + * update maintainer + * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev + from build-deps + * enable rbd + * add qemu-system and qemu-common B/R to qemu-keymaps + * add D:udev, R:qemu, R:qemu-common and B:qemu-common to + qemu-system-common + * qemu-system-arm, qemu-system-ppc, qemu-system-sparc: + - add qemu-kvm to Provides + - add qemu-common, qemu-kvm, kvm to B/R + - remove openbios-sparc from qemu-system-sparc D + * qemu-system-x86: + - add qemu-common to Breaks/Replaces. + - add cpu-checker to Recommends. + * qemu-user: add B/R:qemu-kvm + * qemu-kvm: + - add armhf armel powerpc sparc to Architecture + - C/R/P: qemu-kvm-spice + * add qemu-common package + * drop qemu-slof which is not packaged in ubuntu + - add qemu-system-common.links for tap ifup/down scripts and OVMF link. + - qemu-system-x86.links: + * remove pxe rom links which are in kvm-ipxe + * add symlink for kvm.1 manpage + - debian/rules + * add kvm-spice symlink to qemu-kvm + * call dh_installmodules for qemu-system-x86 + * update dh_installinit to install upstart script + * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2) + - Add qemu-utils.links for kvm-* symlinks. + - Add qemu-system-x86.qemu-kvm.upstart and .default + - Add qemu-system-x86.modprobe to set nesting=1 + - Add qemu-system-common.preinst to add kvm group + - qemu-system-common.postinst: remove bad group acl if there, then have + udev relabel /dev/kvm. + - Dropped patches: + * 0001-fix-wrong-output-with-info-chardev-for-tcp-socket.patch + - Kept patches: + * expose_vms_qemu64cpu.patch - updated + * gridcentric patch - updated + * linaro arm patches from qemu-linaro rebasing branch + + -- Serge Hallyn Tue, 04 Jun 2013 22:56:43 +0200 + +qemu (1.5.0+dfsg-3) unstable; urgency=low + + * fix sections: misc => otherosfs + * remove obsolete conffiles (kvm-ifup, kvm-ifdown, target-x86_64.conf) + from /etc/kvm/ in qemu-kvm (Closes: #710328) + * rework debian/rules a bit, to build various bits depending on + which packages are requested, not depending on ad-hoc host/arch + logic + * do not fail at install if kvm module loading failed on x86 or + if modprobe isn't installed (Closes: #710496) + * also suggest kmod to be able to load x86 kvm modules + * suggest sgabios for qemu-system-x86 and put a symlink to sgabios.bin + (Closes: #696985) + * add rules to build just one of arch/indep parts, to make + buildd log scanner happier (E-binary-arch-produces-all) + * use verbose build by default (V=1) and let it to be overridden + + -- Michael Tokarev Sun, 02 Jun 2013 01:49:47 +0400 + +qemu (1.5.0+dfsg-2ubuntu1) saucy; urgency=low + + * Merge 1.5.0+dfs-2 from debian unstable. Remaining changes: + - debian/control + * update maintainer + * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev + from build-deps + * enable rbd + * add qemu-system and qemu-common B/R to qemu-keymaps + * add D:udev, R:qemu, R:qemu-common and B:qemu-common to + qemu-system-common + * qemu-system-arm, qemu-system-ppc, qemu-system-sparc: + - add qemu-kvm to Provides + - add qemu-common, qemu-kvm, kvm to B/R + - remove openbios-sparc from qemu-system-sparc D + * qemu-system-x86: + - add qemu-common to Breaks/Replaces. + - add cpu-checker to Recommends. + * qemu-user: add B/R:qemu-kvm + * qemu-kvm: + - add armhf armel powerpc sparc to Architecture + - C/R/P: qemu-kvm-spice + * add qemu-common package + * drop qemu-slof which is not packaged in ubuntu + - add qemu-system-common.links for tap ifup/down scripts and OVMF link. + - qemu-system-x86.links: + * remove pxe rom links which are in kvm-ipxe + * add symlink for kvm.1 manpage + - debian/rules + * add kvm-spice symlink to qemu-kvm + * call dh_installmodules for qemu-system-x86 + * update dh_installinit to install upstart script + * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2) + - Add qemu-utils.links for kvm-* symlinks. + - Add qemu-system-x86.qemu-kvm.upstart and .default + - Add qemu-system-x86.modprobe to set nesting=1 + - Add qemu-system-common.preinst to add kvm group + - qemu-system-common.postinst: remove bad group acl if there, then have + udev relabel /dev/kvm. + - Dropped patches: + * 0001-fix-wrong-output-with-info-chardev-for-tcp-socket.patch + - Kept patches: + * expose_vms_qemu64cpu.patch - updated + * gridcentric patch - updated + * linaro arm patches from qemu-linaro rebasing branch + + -- Serge Hallyn Tue, 28 May 2013 08:18:30 -0500 + +qemu (1.5.0+dfsg-2) unstable; urgency=low + + * merged development history of wheezy and experimental branches. + Now the history is ordered by version, but is not chronological. + As a base we now have wheezy (1.1.2+dfsg-6a) version. + * removed trailing whitespaces from changelog file + * run dh_installinit properly (Closes: #709199) + * run dh_installman (Closes: #709241) + * remove build-dependendy on texi2html, upstream switched to makeinfo + + -- Michael Tokarev Tue, 28 May 2013 10:48:41 +0400 + +qemu (1.5.0+dfsg-1) unstable; urgency=low + + * update to 1.5.0 (Closes: #707732) + * upload to unstable + * mention that 1.5 closes #697641 and #705544 + * bump dependency on openbios (openbios-ppc for qemu-system-ppc, + openbios-sparc for qemu-system-sparc) from 1.0+svn1060 to 1.1 + (Closes: #707727) + * bump dependency on seabios to be >= 1.7.2-2 + * add retry-pxe-after-efi.patch to try pxe-XXXX.rom after unsuccessfully + trying efi-XXXX.rom - this is for NICs, until pxe-qemu package will be + able to provide necessary efi-XXXX.rom files. + * add (versioned) dependency on libusb-1.0 now when the right version + is available in debian + * use-fixed-data-path.patch: do not try to derive data path from + executable location, always use /usr/share/qemu + + -- Michael Tokarev Tue, 21 May 2013 00:49:47 +0400 + +qemu (1.5.0~rc0+dfsg-1) experimental; urgency=low + + * update to new upstream release candidate (1.5.0-rc0) + (Closes: #697641, #705544) + * remove --audio-card-list + * added new moxie system target + * added new linux-user targets: mips64 mips64el mipsn32 mipsn32el + * add libgtk2 and libvte to dependencies (new UI) + * added libssh2 to dependencies (new block device) + * s/libvdeplug2-dev/libvdeplug-dev/ + * define localstatedir (for guest-agent) + + -- Michael Tokarev Wed, 08 May 2013 01:01:01 +0400 + +qemu (1.4.0+dfsg-2exp) experimental; urgency=low + + [ Michael Tokarev ] + * set qemu-kvm priority to extra + * fix distribution field in last qemu-system.NEWS entry + * bump Standards-Version to 3.9.4 (no changes needed) + * fix update-rc.d args for qemu-system-x86 + * pre-Depend on adduser for qemu-system-common (Closes: #700840) + * move guest agent binary (qemu-ga) to /usr/sbin + * add versioned build-depends on libspice-protocol-dev (>= 0.12.3) + * refresh qemu-ifunc-sparc.patch, use proper submission from patchwork + (sparc-linux-user-fix-missing-symbols...) instead. + * apply 1.4.1 upstream stable patch + * release as 1.4.0 + + [ Aurelien Jarno ] + * debian/rules: don't build spapr-rtas.bin from .hex file. + * qemu-system-ppc: add a depends on qemu-slof and add the corresponding + links (Closes: #686979). + + -- Michael Tokarev Thu, 18 Apr 2013 14:45:30 +0400 + +qemu (1.4.0+dfsg-1expubuntu4) raring; urgency=low + + * re-add qemu-system-x86.modprobe to set nesting=1 (LP: #1155177) + * qemu-system-x86.qemu-kvm.upstart: + - remove NESTED workarounds from upstart file. + - remove loading of modules which is now always done + - remove TAPR define which is no longer used + * move customizable defines back to qemu-kvm.default + * copy creation of group kvm to preinst - the group must exist when the + kvm udev rule is installed (LP: #1103022) (LP: #1092715) + * add adduser to qemu-system-common Pre-Depends for use by preinst. + + -- Serge Hallyn Thu, 14 Mar 2013 14:21:53 -0500 + +qemu (1.4.0+dfsg-1expubuntu3) raring; urgency=low + + * debian/rules: add a symlink from kvm-spice to kvm in qemu-kvm, on + i386/amd64 targets. (LP: #1126258) + + -- Serge Hallyn Thu, 28 Feb 2013 15:17:16 -0600 + +qemu (1.4.0+dfsg-1expubuntu2) raring; urgency=low + + * substitute (apparently identical) patches from 1.4.0 qemu-linaro rebasing + tree. + * add qemu-common to qemu-system-common B/R (was accidentally dropped from + 1.3.0 in 1.4.0 merge). + * debian/control: fix kvm P/C/B/R: + - make all C/B/R against kvm versioned + - don't have any qemu-system-* other than x86 Provides: kvm + + -- Serge Hallyn Fri, 22 Feb 2013 13:34:07 -0600 + +qemu (1.4.0+dfsg-1expubuntu1) raring; urgency=low + + * Merge 1.4.0+dfsg-1exp from debian. Remaining changes: + - debian/control: + * update maintainer + * remove libiscsi, usb-redir, vde, and vnc-jpeg from build-deps + * enable rbd + * add qemu-system and qemu-common B/R to qemu-keymaps + * add D:udev and R:qemu to qemu-system-common + * qemu-system-arm, qemu-system-ppc, qemu-system-sparc: + - add qemu-kvm and kvm to Provides + - add qemu-common and qemu-kvm to Breaks/Replaces qemu-system-ppc, + qemu-system-sparc: + - remove openbios-$arch from Depends + * qemu-system-x86: + - add qemu-common to Breaks/Replaces. + - add cpu-checker to Recommends. + * qemu-user: + - add B/R qemu-kvm + * qemu-utils: + - add B/R qemu-user and qemu-kvm + * qemu-kvm: add armhf armel powerpc sparc to Architecture + * add qemu-common package + - add qemu-system-common.links for tap ifup/down scripts and OVMF link. + - qemu-system-x86.links: + * remove pxe rom links which are in kvm-ipxe + * add symlink for kvm.1 manpage + - Add qemu-utils.links for kvm-* symlinks. + - Add qemu-kvm.conf upstart job to qemu-system + - Clear /dev/kvm acls on install + - Add linaro arm patches. + - Add gridcentric patches. + - Re-add expose_vms_qemu64cpu.patch (from Daviey) + * Add 0001-fix-wrong-output-with-info-chardev-for-tcp-socket.patch + + -- Serge Hallyn Wed, 20 Feb 2013 11:58:27 -0600 + +qemu (1.4.0+dfsg-1exp) experimental; urgency=low + + [ Michael Tokarev ] + * 1.4.0 final release + * remove fix-virtio-net-for-win-guests.patch (upstream now has better fix) + * fix debian/control arch fields. Build-Depends: foo [bar] + means foo will be selected for build on LINUX-bar, not any-bar. + So stop using [bar], always use [linux-bar] or [any-bar], + as appropriate. This fix spice and xen (non)selection on + kfreebsd-{i386,amd64}. + * fix manpage "links" generation (man qemu-system-* was broken) + * change Vcs fields to point to anonscm.debian.org (lintian) + * add a check for (lxc) container to qemu-system-x86 initscript + + [ Steve Langasek ] + * Pass --enable-uname-release=2.6.32 for the user emulation builds, so that + we have a sensible baseline kernel value regardless of what the + underlying host kernel is. This makes eglibc happier when running under + emulation on a very old kernel for instance (whose host syscall ABI has + nothing to do with what emulated syscalls are supported), and probably + also lets us steer clear for the moment of code that has problem with + the new kernel upstream versioning convention. LP: #921078. + + -- Michael Tokarev Sat, 16 Feb 2013 12:34:54 +0400 + +qemu (1.4.0~rc0+dfsg-1exp) experimental; urgency=low + + * new upstream 1.4.0-rc0 (first release candidate). + (Closes: #549195) + * remove patches included upstream: + e1000-discard-oversized-packets-based-on-SBP_LPE.patch + link-seccomp-only-with-softmmu-targets.patch + revert-serial-fix-retry-logic.patch + savevm.c-cleanup-system-includes.patch + * refresh qemu-ifunc-sparc.patch + * add fix-virtio-net-for-win-guests.patch bandaid to make virtio-net + in windows guest to work again + * don't install virtfs-proxy-helper in its own subdir in /usr/bin + * add qemu-io manpage. Thank you Asias He for the work! + (Closes: #652518) + * move config options from debian/configure-opts into debian/control, + to keep list of build-deps & corresponding config flags in one place + * use initscript from old qemu-kvm package to load kvm modules for + qemu-system-x86, and clean it up (Closes: #699404) + * load vhost_net module in the initscript too + * mention default NIC change in qemu-kvm.NEWS and old conffiles + * remove mentions of (ubuntu-specific) qemu-common from debian/control + for now, as it does not help anyway (other changes are needed anyway + and it is better to keep them in one place) + * add a (preliminary) qemu-guest-agent startup script + * qemu-system-x86 break libvirt0 << 1.0, because older versions + didn't work with qemu 1.3+ correctly + + -- Michael Tokarev Sat, 02 Feb 2013 21:05:28 +0400 + +qemu (1.3.0+dfsg-5expubuntu5) raring; urgency=low + + * qemu-system-common.postinst: only run setfacl when /dev/kvm exists. + (LP: #1130591) + + -- Serge Hallyn Wed, 20 Feb 2013 08:58:53 -0600 + +qemu (1.3.0+dfsg-5expubuntu4) raring; urgency=low + + * Update workarounds for udev/inotify: (LP: #1092715) + - qemu-system-common.udev: go back to original, simple rule + - qemu-system-common.postinst: manually run setfacl + - (keep Depends: on acl as well) + - this can be removed once bug 1092715 is fixed. + + -- Serge Hallyn Tue, 19 Feb 2013 12:41:22 -0600 + +qemu (1.3.0+dfsg-5expubuntu3) raring; urgency=low + + * Now that qemu provides spice support, and qemu-kvm-spice is removed from + the archive, have qemu-kvm (which qemu-kvm-spice always depended on) + P/C/R qemu-kvm-spice. + + -- Serge Hallyn Thu, 14 Feb 2013 13:43:27 -0600 + +qemu (1.3.0+dfsg-5expubuntu2) raring; urgency=low + + * Enable spice. + * Address lintian warning by adding ${misc:Depends} to qemu-common and + qemu-kvm. + + -- Serge Hallyn Tue, 12 Feb 2013 16:07:04 -0600 + +qemu (1.3.0+dfsg-5expubuntu1) raring; urgency=low + + [ Serge Hallyn ] + * Merge 1.3.0+dfsg-5exp from Debian. + * remaining changes from 1.3.0+dfsg-1~exp3ubuntu1: + - debian/control: + * update maintainer + * remove vde2 recommends + * build-deps: remove libusbredir, libvdeplug2-dev, + libspice-server-dev, libspice-protocol-dev, libiscsi-dev + * qemu-system: + - break/replace qemu-common + - depend on udev + - remove openbios-ppc, openbios-sparc, and openhackware from + Depends. (Intend to add them back once we can build them.) + * qemu-utils: break/replace qemu-kvm + - qemu-kvm.upstart: + - add qemu-system.qemu-kvm.upstart + - debian/rules: add dh_installinit to get qemu-system.upstart installed. + - take the defaults from the old qemu-kvm.defaults, and move them into + the upstart job + - debian/patches: + - apply gridcentric patches from lp:~amscanne/+junk/gridcentric-qemu-patches + - apply arm patches from git://git.linaro.org/qemu/qemu-linaro.git + - add links for qemu-ifup/down in qemu-system-common.links + - debian/qemu-system-common.postinst + - udevadm trigger to fix up /dev/kvm perms + - debian/qemu-system.links: + - remove pxe-virtio, pxe-e1000 and pxe-rtl8139 links (which conflict + with ones from kvm-ipxe). We may want to move the links from kvm-ipxe + back to qemu-system at some point. + * remaining changes from after 1.3.0+dfsg-1~exp3ubuntu1: + - qemu-system-common.links: add link for OVMF + - Add qemu-utils.links for kvm-img and kvm-nbd utils and manpages. + - qemu-system.links: + * Add link to usr/share/ovmf/OVMF.fd + * Fix target of /etc/kvm/kvm-if{up,down} links + - debian/control: qemu-system should Recommend cpu-checker + - Add qemu-kvm breaks/replaces to qemu-user, to handle conflict over + (i.e.) qemu-x86_64. + - add qemu-kvm, and qemu-common transitional packages. + - Add breaks/replaces to qemu-keymaps for qemu-system. + - Add provides: qemu-kvm and kvm to qemu-system-ppc. + - Add breaks/replaces to qemu-system-ppc for qemu-kvm and qemu-common. + - Add breaks/replaces to qemu-kvm for qemu-common. + - Add breaks/replaces to qemu-utils for qemu-user and qemu-kvm. + - Add armhf, armel, powerpc and sparc arches to qemu-kvm transitional + package. + - Add qemu-common package. + - Make sure /dev/kvm gets its acls cleared: + * Add acl to qemu-system.depends + * update qemu-system.udev to run setfacl to set g::rw acl + - Remove vnc-jpeg, libiscsi-dev, and vde from debian/configure-opts + * dropped debian/patches/CVE-2012-6075.patch (duplicate of + e1000-discard-oversize-packets-based-on-SBP_LPE.patch) + * debian/{control,configure-opts}: enable rbd (LP: #1118406) + * add symlink for kvm.1 -> qemu.1 manpage (LP: #1117636) + * add replaces to qemu-system-common for qemu - we briefly moved conflicting + docs to qemu, which debian moved to qemu-system-common. This can be + dropped after raring. + * move qemu-kvm.upstart from qemu-system to qemu-system-x86. + * Support upgrade from qemu-kvm on non-x86 arches: + - Add Provides: qemu-kvm, kvm to qemu-system-{arm,ppc,sparc,x86} + - Add Breaks/Replaces for qemu-{common,system,kvm} and kvm. + * Re-add expose_vms_qemu64cpu.patch (from Daviey) from quantal. + + [ Steve Langasek ] + * Pass --enable-uname-release=2.6.32 for the user emulation builds, so that + we have a sensible baseline kernel value regardless of what the + underlying host kernel is. This makes eglibc happier when running under + emulation on a very old kernel for instance (whose host syscall ABI has + nothing to do with what emulated syscalls are supported), and probably + also lets us steer clear for the moment of code that has problem with + the new kernel upstream versioning convention. LP: #921078. + + -- Serge Hallyn Thu, 07 Feb 2013 14:15:26 -0600 + +qemu (1.3.0+dfsg-5exp) experimental; urgency=low + + * qemu-system-split: split qemu-system into several target-specific packages: + qemu-system-arm, qemu-system-mips, qemu-system-ppc, qemu-system-sparc, + qemu-system-x86, and qemu-system-misc, plus qemu-system-common. + (Closes: #636000) + * add initial qemu-guest-agent package (just the binary for now, + no startup script) (Closes: #676959) + * do not try to install (linux-specific) virtfs-proxy-helper on kfreebsd + * change order of audio drivers, in particular put pulseaudio (pa) first + * ship OS-specific qemu-ifup (use trivial ifconfig invocation on kfreebsd) + * qemu-system replaces qemu-utils due to virtfs-proxy-helper binary + * chmod +x qemu-ifdown + + -- Michael Tokarev Mon, 28 Jan 2013 15:05:57 +0400 + +qemu (1.3.0+dfsg-4exp) experimental; urgency=low + + * install forgotten /etc/qemu-ifdown (dummy, but qemu complains without it) + * install virtfs-proxy-helper in qemu-system not qemu-utils + * add qemu-kvm.NEWS mentioning transition from qemu-kvm to qemu-system-x86_64. + * do not pass -cpu kvm64 to qemu in kvm wrapper script, previous qemu-kvm + used qemu64 cpu instead - the same as new qemu uses. + * install kvm wrapper on x86 only, and install it as /usr/bin/kvm not + /usr/bin/kvm/kvm (Closes: #698736). + * stop shipping /usr/share/qemu/vapic.bin link (qemu uses kvmvapic.bin) + * stop shipping /usr/share/qemu/vgabios.bin link (qemu uses vgabios-*.bin) + * enable all guest audio devices + * add breaks/replaces/provides/conflicts with kvm (very old package), + qemu-kvm, and ubuntu's qemu-common. + * stop caring about old (pre-squeeze) qemu + + -- Michael Tokarev Wed, 23 Jan 2013 11:08:47 +0400 + +qemu (1.3.0+dfsg-3exp) experimental; urgency=low + + * add ability to specify os-arch in configure-opts + * libseccomp is linux-x86 not linux-any + * e1000-discard-oversized-packets-based-on-SBP_LPE.patch + CVE-2012-6075 (Closes: #696051) + + -- Michael Tokarev Mon, 21 Jan 2013 02:54:15 +0400 + +qemu (1.3.0+dfsg-2exp) experimental; urgency=low + + * qemu-nbd and qemu-io should be installed on kFreeBSD too + * install qemu-system docs into /usr/share/doc/qemu-system, + not .../qemu (Closes: #697085) + * do not depend on ipxe, it does not provide our ROMs + * move vde2 from Recommends to Suggests, since it isn't + used often + * require libspice-server-dev >= 0.12.2 and require it on i386 too, + enable spice support + * require libusbredirparser-dev >= 0.6, enable usb-redir + * enable xen explicitly on amd64|i386 + * enable xfsctl explicitly on linux + * sort build-deps in debian/control and add comments + * set permissions of /dev/kvm in qemu-system.postinst + the same way it is done in old qemu-kvm package + * set --localstatedir=/var (will be used later by guest agent) + * bump qemu-system dependency on seabios to 1.7.2 + and add symlinks for acpi-dsdt.aml and q35-acpi-dsdt.aml + * import qemu-ifup and qemu-ifdown scripts from qemu-kvm, + and modify qemu-ifup to allow usage of just `ip' command + from iproute package (if installed) instead of old brctl+ifconfig. + Add Breaks: for old iproute without bridge controls. + Add iproute to Recomments, so that the scripts will actually work + (previous script used sudo which should be in recommends too) + * enable seccomp (and libseccomp-dev b-d) on linux, + and add link-seccomp-only-with-softmmu-targets.patch + * use $(MAKE) not make when building spapr-rtas.bin + * update debian/watch (new place and new extensions) + * add qemu-kvm package (transitional, depends on qemu-system), + and add /usr/bin/kvm wrapper that calls qemu-system-x86_64 + with some arguments to match original qemu-kvm behavour. + (Closes: #560853) + + -- Michael Tokarev Sun, 20 Jan 2013 22:12:11 +0400 + +qemu (1.3.0+dfsg-1~exp3ubuntu8) raring; urgency=low + + * qemu-system.links: + - Add link to usr/share/ovmf/OVMF.fd (LP: #1074207) + - Fix target of /etc/kvm/kvm-if{up,down} links + + -- Serge Hallyn Tue, 29 Jan 2013 10:52:22 -0600 + +qemu (1.3.0+dfsg-1~exp3ubuntu7) raring; urgency=low + + * debian/control: qemu-system should Recommend cpu-checker (LP: #1103982) + + -- Serge Hallyn Mon, 28 Jan 2013 11:52:10 -0600 + +qemu (1.3.0+dfsg-1~exp3ubuntu6) raring; urgency=low + + * configure-opts: add audio-cards list (LP: #1102487) + * configure-opts: change order of audio-drv-list for ubuntu, putting pa + first. + + -- Serge Hallyn Mon, 21 Jan 2013 12:02:09 -0600 + +qemu (1.3.0+dfsg-1~exp3ubuntu5) raring; urgency=low + + * Add qemu-kvm breaks/replaces to qemu-user, to handle conflict over + (i.e.) qemu-x86_64. (LP: #1102332) + + -- Serge Hallyn Mon, 21 Jan 2013 08:58:07 -0600 + +qemu (1.3.0+dfsg-1~exp3ubuntu4) raring; urgency=low + + * Move three docs from qemu-system.install to qemu.docs (LP: #1101798) + + -- Adam Conrad Sat, 19 Jan 2013 20:12:48 -0700 + +qemu (1.3.0+dfsg-1~exp3ubuntu3) raring; urgency=low + + * debian/patches/CVE-2012-6075.patch: Fix guest denial of service and + possible code execution in hw/e1000.c by dropping oversize packets. + + -- Adam Conrad Sat, 19 Jan 2013 07:31:50 -0700 + +qemu (1.3.0+dfsg-1~exp3ubuntu2) raring; urgency=low + + * debian/rules: empty MAKEFLAGS when building spapr-rtas.bin on powerpc, to + fix FTBFS due to parallel compile. + + -- Serge Hallyn Fri, 18 Jan 2013 15:51:09 -0600 + +qemu (1.3.0+dfsg-1~exp3ubuntu1) raring; urgency=low + + * Merge 1.3.0+dfsg-1~exp3. Remaining ubuntu delta: + - debian/control: + * update maintainer + * remove vde2 recommends + * build-deps: remove libusbredir, libvdeplug2-dev, + libspice-server-dev, libspice-protocol-dev, libiscsi-dev, + and libxen-dev. + * qemu-keymaps: break/replace qemu-common + * qemu-system: + - break/replace qemu-common + - depend on udev + - remove openbios-ppc, openbios-sparc, and openhackware from + Depends. (Intend to add them back once we can build them.) + - provides: qemu-kvm + * qemu-utils: break/replace qemu-kvm + * set up transitional packages for qemu-kvm, qemu-common, and kvm. + - qemu-kvm.upstart: + - add qemu-system.qemu-kvm.upstart + - debian/rules: add dh_installinit to get qemu-system.upstart installed. + - take the defaults from the old qemu-kvm.defaults, and move them into + the upstart job + - debian/patches: + - apply gridcentric patches from lp:~amscanne/+junk/gridcentric-qemu-patches + - apply arm patches from git://git.linaro.org/qemu/qemu-linaro.git + - ifup/down: + - copy Debian qemu-kvm's kvm-ifup/down into debian/ + - fix dh_install for kvm-ifup/down in debian/rules + - add links for qemu-ifup/down in qemu-system.links + - remove (debian's original) qemu-ifup from qemu-system.install + - debian/qemu-system.postinst + - udevadm trigger to fix up /dev/kvm perms + - make the 'qemu' symlink point to qemu-system-x86_64, not -i386. + - debian/qemu-system.links: + - point 'kvm' to qemu-system-x86_64 + - remove pxe-virtio, pxe-e1000 and pxe-rtl8139 links (which conflict + with ones from kvm-ipxe). We may want to move the links from kvm-ipxe + back to qemu-system at some point. + * Add note about kvm to qemu-system.README.debian. + * Copy kvm-ifup and kvm-ifdown from debian's qemu-kvm + * Remove TAPBR from qemu-kvm.conf. + * Make sure /dev/kvm gets its acls cleared: + - Add acl to qemu-system.depends + - update qemu-system.udev to run setfacl to set g::rw acl + * qemu-system.qemu-kvm.conf: don't rmmod at stop + * Remove vnc-jpeg, libiscsi-dev, and vde from debian/configure-opts + * Remove hugepages sysctl file - qemu now supports transparent hugepages. + + -- Serge Hallyn Mon, 14 Jan 2013 23:22:51 -0600 + +qemu (1.3.0+dfsg-1~exp3) experimental; urgency=low + + * enable vde on kFreebsd too (no idea why it was disabled) + * bluez (libbluetooth) is linux-specific + * savevm.c-cleanup-system-includes.patch: remove excessive #includes + from savevm.c (fixes FTBFS on kFreebsd due to wrong #include) + + -- Michael Tokarev Mon, 31 Dec 2012 15:52:23 +0400 + +qemu (1.3.0+dfsg-1~exp2) experimental; urgency=low + + * mention that 1.3: Closes #622319, #597527, #593547, #660154 + * libcap and libcap-ng are linux-specific + * include spapr-rtas.bin file in a pre-compiled pseudo-hex-with-assembly + form in debian/spapr-rtas.hex, "compile" it (using sed magic) in + build step and compare the result with the actually built binary + on ppc. This binary is needed for ppc system emulation (qemu-system-ppc*). + (Closes: #670909). + * rename system-build to qemu-build, and merge user-build to qemu-build, + building qemu-system and qemu-user in one go. Only qemu-system-static + is left in separate build dir. Note that current qemu-user is + linux-specific, even if qemu has bsd-user targets. + * add or32 user target + * debian/configure-opts - list of (possible arch- or os-specific) + features to enable/disable. This is in order to ensure we always + build with specific options enabled and error out if new upstream + will dislike our dependencies, or if the deps will not work. + Move config_audio_drv from debian/rules to this file too. + For now do not explicitly enable xen, spice, usb-redir, since + these requires some more work. + Also pass $(QEMU_CONFIGURE_OPTIONS) to qemu configure line, + to be able to quickly override some options. + * do not build-depend on sharutils, since no uuencoded binaries + are shipped anymore + * do not build-depend on nasm, we don't compile from assembly anymore + * remove libgpmg1-dev from build-depends. It was due to #267174, + because of static link of qemu with libsdl. Now only qemu-user-static + is linked statically, and this one does not use libsdl. + * add myself to uploaders, and remove dm-upload-allowed + * added main docs to qemu-system package + * specify --libexecdir=/usr/lib to configure + * mark all packages as Multi-Arch: foreign + (at least it is possible to install i386 versions on amd64 arch) + * replace "flags OC" with "credentials yes" in debian/binfmts/*, + since that's the format update-binfmts expects to enable setuid + binaries. (Closes: #683205) + * build-depend on debhelper 9, and set debian/compat to 9 + + -- Michael Tokarev Mon, 31 Dec 2012 01:40:35 +0400 + +qemu (1.3.0+dfsg-1~exp1) experimental; urgency=low + + [ Michael Tokarev ] + * new upstream version (1.3.0) + (Closes: #676374, #622319, #597527, #593547, #660154) + - Removed patches included upstream: + do-not-include-libutil.h.patch + configure-nss-usbredir.patch + tcg_s390-fix-ld_st-with-CONFIG_TCG_PASS_AREG0.patch + net-add--netdev-options-to-man-page.patch + - update 02_kfreebsd.patch + - do not build mpc8544ds.dtb + - include new targets + * Cleaned up the build system ALOT. Larger changes: + - used explicit lists of emulated targets in debian/rules + and generate everything else from there, instead of repeating + these lists in lots of places. + - stop using debian/$pkg.manpages and other auxilary files like this, + moving eveything to debian/$pkg.install, because with the number + of packages growing, amount of these small files becomes very + large and the result is difficult to maintain. + * ship forgotten target-x86_64.conf in qemu-system. + * ship virtfs-proxy-helper in qemu-utils. + * stop shipping tundev.c, since it does not reflect the reality for + a long time now (Closes: #325761, #325754). + * re-introduce support parallel build using DEB_BUILD_OPTIONS=parallel=N, + this time by adding to $MAKEFLAGS instead of passing down to submakes + * build-depend on libcap-ng-dev (for virtfs-proxy-helper) + + [ Vagrant Cascadian ] + * Add libcap-dev to Build-Depends to support virtfs-proxy-helper. + + -- Michael Tokarev Sun, 30 Dec 2012 01:52:21 +0400 + +qemu (1.2.0.dfsg-1~exp1-0ubuntu2) raring; urgency=low + + * Remove kvm package + - make qemu-system P/C/B: kvm. + + -- Serge Hallyn Mon, 14 Jan 2013 12:03:19 -0600 + +qemu (1.2.0.dfsg-1~exp1-0ubuntu1) raring; urgency=low + + [ Serge Hallyn ] + * debian/control: + - update maintainer + - remove vde2 recommends + - build-deps: remove libusbredir, libvdeplug2-dev, + libspice-server-dev, libspice-protocol-dev, libiscsi-dev, + and libxen-dev. + - qemu-keymaps: break/replace qemu-common + - qemu-system: + - break/replace qemu-common + - depend on udev + - remove openbios-ppc, openbios-sparc, and openhackware from + Depends. (Intend to add them back once we can build them.) + - provides: qemu-kvm + - qemu-utils: break/replace qemu-kvm + - set up transitional packages for qemu-kvm, qemu-common, and kvm. + * debian/rules: + - install kvm-ifup and kvm-ifdown + - dh_installinit the qemu-kvm upstart job + * install a 30-qemu-kvm.conf into /etc/sysctl.c for nr_hugepages. + * qemu-kvm.upstart: + - add qemu-system.qemu-kvm.upstart + - add mv_confile to qemu-system.preinst, postinst, and .postrm to rename + /etc/init/qemu-kvm.conf to qemu-system.conf + - debian/rules: add dh_installinit to get qemu-system.upstart installed. + - take the defaults from the old qemu-kvm.defaults, and move them into + the upstart job + * debian/patches: + - apply gridcentric patches from lp:~amscanne/+junk/gridcentric-qemu-patches + - apply arm patches from git://git.linaro.org/qemu/qemu-linaro.git + - apply nbd-fixes-to-read-only-handling.patch from upstream to + make read-write mount after read-only mount work. (LP: #1077838) + * ifup/down: + - copy Ubuntu qemu-kvm's kvm-ifup/down into debian/ + - fix dh_install for kvm-ifup/down in debian/rules + - add links for qemu-ifup/down in qemu-system.links + - remove (debian's original) qemu-ifup from qemu-system.install + * debian/qemu-system.postinst + - udevadm trigger to fix up /dev/kvm perms + - make the 'qemu' symlink point to qemu-system-x86_64, not -i386. + * debian/qemu-system.links: + - point 'kvm' to qemu-system-x86_64 + - remove pxe-virtio, pxe-e1000 and pxe-rtl8139 links (which conflict + with ones from kvm-ipxe). We may want to move the links from kvm-ipxe + back to qemu-system at some point. + - add qemu-ifdown and qemu-ifup links + * debian/qemu-system.install: + - remove /etc/qemu-ifup link + - add /etc/sysctl.d/30-qemu-kvm.conf + + [ Adam Conrad ] + * Appease apt-get's dist-upgrade resolver by creating a qemu-common + transitional package to upgrade more gracefully to qemu-keymaps. + * Move all the empty transitional packages to the oldlibs section. + * Restore the versioned dep from qemu-kvm (and kvm) to qemu-system. + + -- Serge Hallyn Fri, 04 Jan 2013 08:50:24 -0600 + +qemu (1.2.0+dfsg-1~exp1) UNRELEASED; urgency=low + + [ Michael Tokarev ] + * new upstream version (1.3.0) + (Closes: #676374, #622319, #597527, #593547, #660154) + - Removed patches included upstream: + do-not-include-libutil.h.patch + configure-nss-usbredir.patch + tcg_s390-fix-ld_st-with-CONFIG_TCG_PASS_AREG0.patch + net-add--netdev-options-to-man-page.patch + - update 02_kfreebsd.patch + - do not build mpc8544ds.dtb + - include new targets + * Cleaned up the build system ALOT. Larger changes: + - used explicit lists of emulated targets in debian/rules + and generate everything else from there, instead of repeating + these lists in lots of places. + - stop using debian/$pkg.manpages and other auxilary files like this, + moving eveything to debian/$pkg.install, because with the number + of packages growing, amount of these small files becomes very + large and the result is difficult to maintain. + * ship forgotten target-x86_64.conf in qemu-system. + * ship virtfs-proxy-helper in qemu-utils. + * stop shipping tundev.c, since it does not reflect the reality for + a long time now (Closes: #325761, #325754). + * re-introduce support parallel build using DEB_BUILD_OPTIONS=parallel=N, + this time by adding to $MAKEFLAGS instead of passing down to submakes + * build-depend on libcap-ng-dev (for virtfs-proxy-helper) + + [ Vagrant Cascadian ] + * Add libcap-dev to Build-Depends to support virtfs-proxy-helper. + + -- Michael Tokarev Sun, 30 Dec 2012 01:52:21 +0400 + +qemu (1.1.2+dfsg-6a) unstable; urgency=low + + * reupload to remove two unrelated files slipped in debian/ + + -- Michael Tokarev Mon, 18 Mar 2013 10:09:37 +0400 + +qemu (1.1.2+dfsg-6) unstable; urgency=low + + * another bugfix for USB, upstream from early days of past-1.1. + usb-split-endpoint-init-and-reset.patch. With certain redirected + to guest USB devices, qemu process may crash: + + usb_packet_complete: Assertion `((&ep->queue)->tqh_first) == p' failed. + + The patch fixes this by de-coupling reset and complete paths. + Big thanks goes to Joseph Price who found the fix by doing a + reverse git bisection. + (Closes: #701926) + + -- Michael Tokarev Mon, 18 Mar 2013 09:07:24 +0400 + +qemu (1.1.2+dfsg-5) unstable; urgency=low + + * fix USB regression introduced in 1.1 (Closes: #683983) + uhci-don-t-queue-up-packets-after-one-with-the-SPD-flag-set.patch + Big thanks to Peter Schaefer (https://bugs.launchpad.net/bugs/1033727) + for the help identifying the fix. + + -- Michael Tokarev Mon, 14 Jan 2013 12:20:29 +0400 + +qemu (1.1.2+dfsg-4) unstable; urgency=medium + + * linux-user-fix-mips-32-on-64-prealloc-case.patch (Closes: #668658) + * e1000-discard-oversized-packets-based-on-SBP_LPE.patch: the second + half of the fix for CVE-2012-6075. (Finally Closes: #696051) + + -- Michael Tokarev Wed, 09 Jan 2013 23:05:17 +0400 + +qemu (1.1.2+dfsg-3) unstable; urgency=low + + * add build-dependency on libcap-dev [linux-any] to enable virtfs support + which has been dropped in 1.1. (Closes: #677654) + * intel_hda-do-not-call-msi_reset-when-only-device-state-needs-resetting.patch + patch to fix Fixing reset of MSI function in intel-hda virtual device. + The fix (applied to stable-1.1.1) was partially wrong, as it actually + added the msi_reset() call to two code paths instead of one as planned. + Fix this by splitting the function in question into two parts. + (Closes: #688964) + * blockdev-preserve-readonly-and-snapshot-states-across-media-changes.patch: + allow opening of read-only cdrom images/devices (Closes: #686776) + * ahci-properly-reset-PxCMD-on-HBA-reset.patch: fix windows install on ahci + (Closes: #696052) + * e1000-discard-packets-that-are-too-long-if-not-SBP-and-not-LPE.patch: + discard too long rx packets which may overflow guest buffer + (Closes: #696051) + * eepro100-fix-network-hang-when-rx-buffers-run-out.patch: + fix e100 stall (Closes: #696061) + * fix possible network stalls/slowness in e1000 device emulation: + net-notify-iothread-after-flushing-queue.patch + e1000-flush-queue-whenever-can_receive-can-go-from-false-to-true.patch + (Closes: #696063) + * fixes-related-to-processing-of-qemu-s-numa-option.patch: + fixes numa handling (Closes: #691343) + * qcow2-fix-avail_sectors-in-cluster-allocation-code.patch: + fixes data corruption in stacked qcow2 (Closes: #695905) + * qcow2-fix-refcount-table-size-calculation.patch: another possible + corruption or crash in qcow2 (Closes: #691569) + * tap-reset-vnet-header-size-on-open.patch: always ensure tap device is + in known state initially (Closes: #696057) + * vmdk-fix-data-corruption-bug-in-WRITE-and-READ-handling.patch: + possible data corruption bug in vmdk image format (Closes: #696050) + + -- Michael Tokarev Sun, 16 Dec 2012 23:08:40 +0400 + +qemu (1.1.2+dfsg-2) unstable; urgency=low + + * remove debian/patches/fix-armhf-prctl.patch, it is included + upstream in 1.1.0 version and is misapplied since 1.1.0~rc3+dfsg-1. + * drop -jN passing to downstream makes, as it breaks dpkg-buildpackage -j + and actually breaks build (Closes: #597524 - said to be fixed in 0.14.1 + but was still present) + * add revert-serial-fix-retry-logic.patch that restores + old (semi-)working behavour of a virtual serial port. + + -- Michael Tokarev Wed, 19 Sep 2012 13:54:05 +0400 + +qemu (1.1.2+dfsg-1) unstable; urgency=low + + [Michael Tokarev] + * new upstream stable/bugfix release, fixing a LOT of bugs, + including CVE-2012-3515 (Closes: #686973, #681985) + * bump versioned depends of seabios to 1.7.0~, since this version ships + kvmvapic.bin. + * ship /usr/share/qemu/qemu-icon.bmp (Closes: #681317) + * do not build-depend on ceph (librbd-dev librados-dev), since ceph is + having longstanding issues in wheezy. + * add tcg_s390-fix-ld_st-with-CONFIG_TCG_PASS_AREG0.patch - upstream fix + to un-break s390[x] emulation code. Similar fixes were included for + other platforms in 1.1.2 changeset. Without this fix, qemu is basically + useless on s390. + * document -netdev option in the manpage, a long-standing omission + (net-add--netdev-options-to-man-page.patch) + + [Vagrant Cascadian] + * qemu-system: Add symlinks for extboot.bin, kvmvapic.bin and vapic.bin to + binaries shipped in seabios. Closes: #678217, #679004. + * qemu-system: Remove dead link for ne2k_isa.rom, which is not included in + ipxe. Closes: #679004. + * qemu-system: Bump versioned openbios-sparc and openbios-ppc Depends to + 1.0+svn1060, to ensure we use at least version which is used by upstream. + Wheezy already has the right version, but we should not break partial + upgrades. + + -- Michael Tokarev Sun, 09 Sep 2012 18:52:57 +0400 + +qemu (1.1.0+dfsg-1) unstable; urgency=low + + [ Vagrant Cascadian ] + * New upstream release. (Closes: #655604, #655145) + + [ Michael Tokarev ] + * do-not-include-libutil.h.patch - don't include libutil.h&Co when not + needed. Fixes FTBFS on kFreebsd with recent libbsd-dev. + * drop libbsd-dev support on kFreebsd - no longer needed. + * do not build USB host support on kFreebsd (qemu uses obsolete, + now removed, USB API). Use the same hack/technique as FreeBSD + qemu port does -- changing HOST_USB to "stub" after configure run. + + -- Vagrant Cascadian Thu, 07 Jun 2012 13:44:26 -0700 + +qemu (1.1.0~rc3+dfsg-1) experimental; urgency=low + + * New upstream release candidate. + * debian/patches: + - Update 02_kfreebsd. + - Remove dont-block-sigchld, applied upstream. + - Update configure-nss-usbredir. + - Update fix-armhf-prctl. + * debian/rules: Remove --disable-darwin-user from configure, as it is no + longer present. + * Apply patch to qemu-make-debian-root to improve argument handling. + (Closes: #671723). Thanks to Askar Safin. + * qemu-utils: Add recommends on sharutils, used by qemu-make-debian-root + (Closes: #660296). + * Add Build-Depends on libusbredirparser-dev to support usbredir protocol. + * Add Build-Depends on libbsd-dev for kfreebsd. + + -- Vagrant Cascadian Wed, 30 May 2012 20:24:59 -0700 + +qemu (1.0.1+dfsg-1) unstable; urgency=low + + [ Aurelien Jarno ] + * New upstream stable version: + - remove debian/patches/fix-malta-i8259 + - remove debian/patches/qemu-ifunc-ppc.patch + - remove debian/patches/x86-fix-cmpxchg.patch + + [ Michael Tokarev ] + * apply patch to change backticks `` in debian/rules variables + to $(shell) construct, by Allard Hoeve. (Closes: #660133) + * depend on vgabios >= 0.6c-3~ not 0.6c-3, to assist backporting + + [ Hector Oron ] + * Fix prctl syscall (Closes: #656926, #651083). + + [ Vagrant Cascadian ] + * Update to Standards-Version 3.9.3, no changes necessary. + + -- Vagrant Cascadian Mon, 05 Mar 2012 13:05:14 -0800 + +qemu (1.0+dfsg-3) unstable; urgency=low + + [ Aurelien Jarno ] + * Add a build-depends on libfdt-dev to enable some more emulated machines. + * Really add binfmt support for s390x. + + [ Michael Tokarev ] + * Depend on ipxe-qemu | ipxe (<< 1.0.0+git-20120202.f6840ba-2) + after ipxe package split. This will probably need to be changed + to just ipxe-qemu once it will be landed properly. + + [ Vagrant Cascadian ] + * Apply patch to use dpkg-buildflags (Closes: #656276). + Thanks to Moritz Muehlenhoff. + + -- Vagrant Cascadian Mon, 06 Feb 2012 17:56:15 -0800 + +qemu (1.0+dfsg-2) unstable; urgency=low + + [ Aurelien Jarno ] + * Add patch from upstream to fix cmpxchg on x86. + * Add patch to not link user builds with NSS (Closes: #648202). + * Add binfmt support for s390x. + * Bump depends on openbios-ppc and openbios-sparc on versions + compatible with version 1.0. + * Build on s390x (Closes: #651048). + + [ Vagrant Cascadian ] + * qemu-make-debian-root: Fix argument processing to handle when both -s and + -k are specified. Thanks to Mats Erik Andersson (Closes: #638047). + * Add Patch from upstream to fix regression on malta with i8259 interrupts. + * qemu-debootstrap: Add support for armhf and s390x. + * debian/rules: remove config.log in the clean target. + * qemu-make-debian-root: Use debootstrap's minbase variant, instead of a + long list of excludes. + + -- Vagrant Cascadian Mon, 09 Jan 2012 16:01:17 -0800 + +qemu (1.0+dfsg-1) experimental; urgency=low + + * New upstream version. + * Add build-dep on libxen-dev to enable xen support. + * Add build-dep on libiscsi-dev to enable iscsi support. + * Add patch from upstream to not block SIGCHLD (Closes: #618743). + + -- Vagrant Cascadian Fri, 30 Dec 2011 16:12:03 -0800 + +qemu (1.0~rc4+dfsg-1) experimental; urgency=low + + * New upstream version: + - Fixes CVE-2011-4111. + * remove patches applied upstream: + - security/leftover.patch + - Move_QEMU_INCLUDES_before_QEMU_CFLAGS + - runnning-typo.patch + * Install new qemu-system variants: + xtensa, xtensaeb, alpha + * debian/rules: Drop hack to rename "qemu" binary to "qemu-system-i386", as + upstream now does the same. + * Enable spice support on amd64: + - Add Build-Depends: libspice-server-dev, libspice-protocol-dev + * debian/rules: use dh_prep instead of "dh_clean -k", which is deprecated. + * qemu-system: Bump dependency on seabios to 1.6.3~. + + -- Vagrant Cascadian Mon, 28 Nov 2011 23:40:24 -0800 + +qemu (0.15.1+dfsg-3) unstable; urgency=low + + * Add patch from upstream to fix FTBFS on ia64. + + -- Vagrant Cascadian Fri, 09 Dec 2011 23:48:21 -0800 + +qemu (0.15.1+dfsg-2) unstable; urgency=low + + * Add patch that fixes a buffer overrun (CVE-2011-4111). + * Enable spice support on amd64: + - Add Build-Depends: libspice-server-dev, libspice-protocol-dev + * debian/rules: Use dh_prep instead of "dh_clean -k", which is deprecated. + + -- Vagrant Cascadian Mon, 28 Nov 2011 20:34:50 -0800 + +qemu (0.15.1+dfsg-1) unstable; urgency=low + + * New upstream version. + + -- Vagrant Cascadian Sun, 06 Nov 2011 10:37:31 -0800 + +qemu (0.15.0+dfsg-1) unstable; urgency=low + + * New upstream version. + * Install new qemu-system, qemu-user and qemu-user-static variants: + lm32, microblazeel, s390x, unicore32 + * Patch from upstream to set QEMU_INCLUDES before QEMU_CFLAGS. + * Update debian/watch to check http://qemu.org/download. + + -- Vagrant Cascadian Mon, 03 Oct 2011 12:29:18 -0700 + +qemu (0.15.0~rc2+dfsg-1) experimental; urgency=low + + * New upstream version. + * qemu-debootstrap: Return the exit status of debootstrap instead of + hard-coding a sucessful exit status. + * Build-depend on librbd-dev. + * Remove qemu-mipsel-debian-rootfs.patch, a variation was applied upstream. + * Remove pcnet-ipxe patch, applied upstream. + * Add Build-Depends on python. + * Rename pxe rom symlinks to match upstream rename. + + -- Vagrant Cascadian Sun, 07 Aug 2011 13:27:43 +0200 + +qemu (0.14.1+dfsg-3) unstable; urgency=low + + [ Aurelien Jarno ] + * Add patches/qemu-ifunc-ppc.patch and patches/qemu-ifunc-sparc.patch + to fix FTBFS on ppc and sparc. + + [ Vagrant Cascadian ] + * Apply patch to fix qemu-user-static mipsel emulation (Closes: #562887). + * Drop support for esd (Closes: #633390). Thanks to Adrian Bunk. + * Add dummy debian/rules build-indep/build-arch targets to resolve lintian + warnings and future policy requirements. + * Remove needless mention of "Author(s)" which triggers a lintian warning. + * Fix maintainer-script-without-set-e lintian checks. + * Fix hyphen-used-as-minus-sign lintian check for qemu-debootstrap manpage. + + -- Vagrant Cascadian Sat, 23 Jul 2011 10:18:37 +0200 + +qemu (0.14.1+dfsg-2) unstable; urgency=low + + * Add override for qemu-user-static binaries which embed needed libraries. + * Add qemu-debootstrap manpage. + * Add patch to fix typo in qemu-system-* (runnning -> running). + * Update to Standards-Version 3.9.2, no changes necessary. + + -- Vagrant Cascadian Sat, 02 Jul 2011 22:29:17 -0700 + +qemu (0.14.1+dfsg-1) unstable; urgency=low + + * New upstream version. + * Depend on ipxe instead of etherboot-qemu. + * Add pcnet-ipxe.patch from upstream to fix ipxe with pcnet nic. + * Add symlink for network boot with eepro100 cards (i82551, i82557b, + i82559er). + * Drop 01_rdb.patch, applied upstream. + * Add support for building on armhf architecture. + * Support debootstrap options that require arguments in qemu-debootstrap. + Thanks to Stefano Rivera for the patch. Closes: #605660. + + -- Vagrant Cascadian Fri, 01 Jul 2011 22:49:40 -0700 + +qemu (0.14.0+dfsg-5.1) unstable; urgency=low + + * Non-maintainer upload. + * Replace "librados1-dev" by "librados-dev" in Build-Dependencies. + + -- Mehdi Dogguy Fri, 29 Apr 2011 17:45:05 +0200 + +qemu (0.14.0+dfsg-5) unstable; urgency=low + + * Don't register qemu-mips(el) with binfmt on mips(el). Closes: + #618369. + + -- Aurelien Jarno Thu, 17 Mar 2011 20:13:27 +0100 + +qemu (0.14.0+dfsg-4) unstable; urgency=low + + * Reupload without automatically generated patch + debian-changes-0.14.0+dfsg-3. + + -- Aurelien Jarno Mon, 28 Feb 2011 15:10:04 +0100 + +qemu (0.14.0+dfsg-3) unstable; urgency=low + + [ Aurelien Jarno ] + * Depends on vgabios (>= 0.6c-3) and add symlinks for qxl, stdvga and + vmware bioses. Closes: #614252, #614169. + * Tighten build-depends on linux-libc-dev to (>= 2.6.34), to get + vhost-net support. + * Build-depends on xfslibs-dev in order to get TRIM support on XFS + filesystems. + * Build-depends on librados1-dev to get rdb support. Closes: #614150. + + -- Aurelien Jarno Mon, 28 Feb 2011 09:06:00 +0100 + +qemu (0.14.0+dfsg-2) unstable; urgency=low + + [ Aurelien Jarno ] + * Tighten dependencies on openbios-ppc, openbios-sparc and seabios to + the versions in upstream 0.14.0. + * patches/02_kfreebsd.patch: don't consider futimens/utimensat available + if it is a stub. + + -- Aurelien Jarno Sun, 20 Feb 2011 00:36:20 +0100 + +qemu (0.14.0+dfsg-1) unstable; urgency=low + + [ Vagrant Cascadian ] + * New upstream release candidate version. + * qemu-user-static: + - Drop binfmt support for emulating amd64 on i386, as it is broken and + including it interferes with environments capable of running amd64 + natively. Closes: #604712. + - Remove binfmt support for installed targets in postinst before installing + supported targets, to ensure no-longer-supported targets are actually + removed. + - Remove binfmt support for installed targets in prerm. + + [ Aurelien Jarno ] + * Fix configuration files directory. Closes: #600735. + * Enable AIO support. + + [ Vagrant Cascadian ] + * Update debian/copyright to refer to upstream git repositry and clarify + which binary blobs are removed to make the dfsg-free tarball. + * Refresh debian/patches/security/leftover.patch. + + -- Vagrant Cascadian Fri, 18 Feb 2011 21:07:01 -0800 + +qemu (0.13.0+dfsg-2) experimental; urgency=low + + * Fix Build-Depends to exclude kfreebsd-any wildcards where appropriate. + Thanks to Jon Severinsson. Closes: #592215 + + -- Vagrant Cascadian Sun, 24 Oct 2010 09:02:27 -0700 + +qemu (0.13.0+dfsg-1) experimental; urgency=low + + [ Aurelien Jarno ] + * mips/mipsel binfmt registration: also match EI_ABIVERSION=1, used by + OpenWRT. Closes: #591543. + * Build-depends on libattr1-dev to enable VirtFS (9p) support. Closes: + #592215. + * Use architecture wildcards instead of explicit architecture list. + + [ Vagrant Cascadian ] + * Switch to source format 3.0 (quilt). + * New upstream version. + * Drop 99_stable.diff, applied in new upstream version. + * debian/watch: update to properly handle upstream rc versions. + + -- Vagrant Cascadian Mon, 18 Oct 2010 10:22:44 -0700 + +qemu (0.13.0~rc0+dfsg-2) experimental; urgency=low + + [ Aurelien Jarno ] + * Add ia64 to the list of supported architectures. + * Bump Standards-Version to 3.9.1 (no changes). + * Update seabios, openbios-ppc and openbios-sparc dependencies. + * Add 99_stable.diff to update from the stable-0.13 branch: + - Fix sparc FTBFS. Closes: #591249. + * Add qemu-debootstrap from Loïc Minier in qemu-static. Closes: + #572952. + + -- Aurelien Jarno Tue, 03 Aug 2010 07:25:06 +0200 + +qemu (0.13.0~rc0+dfsg-1) experimental; urgency=low + + * New upstream release candidate version. + * Do not configure audio drivers for qemu-user and qemu-user-static targets. + * Remove patches: + - 05_bochs_vbe, applied upstream. + - 06_sh4, applied upstream. + - 03_support_pselect_in_linux_user_arm, upstream implemented a simpler + workaround. + * Add Build-Depends on texinfo. + * Drop libqemu-dev package. + + -- Vagrant Cascadian Thu, 29 Jul 2010 19:51:01 -0400 + +qemu (0.12.5+dfsg-3) unstable; urgency=medium + + * qemu-user-static: + - Drop binfmt support for emulating amd64 on i386, as it is broken and + including it interferes with environments capable of running amd64 + natively. Closes: #604712. + - Remove binfmt support for installed targets in postinst before installing + supported targets, to ensure no-longer-supported targets are actually + removed. + - Remove binfmt support for installed targets in prerm. + + -- Vagrant Cascadian Sun, 28 Nov 2010 15:57:11 -0800 + +qemu (0.12.5+dfsg-2) unstable; urgency=low + + * mips/mipsel binfmt registration: also match EI_ABIVERSION=1, used by + OpenWRT. Closes: #591543. + * Update 99_stable.diff from the stable branch: + - Fix windows XP boot with libvirt. Closes: bug#579166. + + -- Aurelien Jarno Tue, 17 Aug 2010 12:56:30 +0200 + +qemu (0.12.5+dfsg-1) unstable; urgency=low + + * New upstream stable version. + * qemu-system: don't suggests kqemu-source. Closes: bug#589217. + * qemu-keymaps: fix short description. + + -- Aurelien Jarno Fri, 23 Jul 2010 19:02:14 +0200 + +qemu (0.12.4+dfsg-4) unstable; urgency=high + + * Update debian/copyright. Closes: bug#588911. + * Update 99_stable.diff from the stable branch: + - Add documentation for the stdio signal option. Closes: bug#588514. + * Split out keymaps in the qemu-keymaps package. Closes: bug#559174. + * Bump Standards-Version to 3.9.0 (no changes). + + -- Aurelien Jarno Wed, 14 Jul 2010 15:13:04 +0200 + +qemu (0.12.4+dfsg-3) unstable; urgency=low + + * Update 99_stable.diff from the stable branch. + + -- Aurelien Jarno Wed, 16 Jun 2010 23:07:36 +0200 + +qemu (0.12.4+dfsg-2) unstable; urgency=low + + [ Vagrant Cascadian ] + * qemu-system: Depend on etherboot-qemu package for PXE roms. + Closes: #552406. + + [ Aurelien Jarno ] + * Add 99_stable.diff to update from the stable branch. + * Use --with-pkgversion to set the packaging version. + + -- Aurelien Jarno Wed, 02 Jun 2010 21:24:26 +0200 + +qemu (0.12.4+dfsg-1) unstable; urgency=low + + * New upstream stable version: + - remove debian/patches/01_redir_doc.patch + - remove debian/patches/04_cmd646.patch + - update debian/patches/06_sh4.diff + + -- Aurelien Jarno Fri, 07 May 2010 19:43:48 +0200 + +qemu (0.12.3+dfsg-4) unstable; urgency=low + + * Add 05_bochs_vbe.diff backported from uptream to support vgabios + 0.6c. + * Add 06_sh4.diff containing a few SH4 specific fixes backported from + upstream. + + -- Aurelien Jarno Fri, 09 Apr 2010 01:44:38 +0200 + +qemu (0.12.3+dfsg-3) unstable; urgency=low + + * Add symlink for seabios's multiboot.bin. + * Change configure-stamp depends to non-phony target $(QUILT_STAMPFN). + Closes: #574444. + * Fix a crash in cmd646 bmdma code that can be triggered by the guest. + Closes: #574539. + * Explain that KQEMU support has been removed in qemu-system.NEWS. + * Build-Conflicts with oss4-dev, as this package install a broken + header. Closes: #575320. + + -- Aurelien Jarno Sat, 03 Apr 2010 17:07:23 +0200 + +qemu (0.12.3+dfsg-2) unstable; urgency=low + + [ Aurelien Jarno ] + * Disable KVM support on PowerPC, as it needs at least 2.6.33 kernel + headers. + + [ Vagrant Cascadian ] + * Support pselect for linux-user arm target. Patch by Michael Casadevall. + * Add symlink for seabios's linuxboot.bin to fix -kernel option. Thanks to + Sami Liedes. Closes: #574174. + * qemu-system: Switch back to using versioned dependencies for vgabios, + bochsbios, openhackware, openbios-ppc and openbios-sparc rather than + recommends/conflicts, to ensure a proper upgrade path. Closes: #573397. + Reopens: #436094. + + -- Vagrant Cascadian Fri, 19 Mar 2010 09:31:29 -0700 + +qemu (0.12.3+dfsg-1) unstable; urgency=low + + [ Vagrant Cascadian ] + * New upstream version: + - Fix access to block devices on GNU/kFreeBSD. Closes: #558447. + - Correctly update clock when waking up from sleep. Closes: #414165. + - Slirp works with other network interfaces. Closes: #407702. + - Add the possibility to specify a host to bind to with the -redir + option. Closes: #366847. + - Fix cirrus graphics card with windows 98. Closes: #522124. + * Indicate repackaged upstream tarball by adding "+dfsg" to the version. + Closes: #388740. + * Remove second libgnutls-dev from build depends. + * Update debian/watch with current location of tarball releases. + * Drop binutils-gold patch, applied upstream. + * Switch from bochsbios to seabios. Update bios.bin symlink and + recommends/conflicts. + * Bump Standards-Version to 3.8.4 (no changes). + * Update my email address to vagrant@debian.org. + + [ Aurelien Jarno ] + * Create a kvm group in postinst and set the group of /dev/kvm to kvm. + Closes: #570544. + * Add mips and mipsel to the list of supported architectures. + * Add patches/01_redir_doc.patch to fix a mistake in the redirection + documentation. + * Add patches/02_kfreebsd.patch to use the legacy USB stack on + GNU/kFreeBSD. + * Force the depends from qemu on qemu-system, qemu-user and qemu-utils + to (>= {source:Version}). + * Update openbios related conflicts. + + -- Vagrant Cascadian Sun, 07 Mar 2010 09:20:43 -0800 + +qemu (0.11.1-2) unstable; urgency=low + + * Add versioned build-depends on etherboot. + * Add PXE boot support for virtio network adapters. + * Move qemu-make-debian-root to qemu-utils package, as it only produces disk + images not useable by qemu-user. Lower recommends on debootstrap to + suggests. Add Conflicts and Replaces on older versions of qemu-user. + * Register /usr/bin/qemu with the alternatives system. Closes: #413840. + * qemu: Add ${misc:Depends} so that debhelper can add dependencies if needed. + + -- Vagrant Cascadian Fri, 08 Jan 2010 09:26:11 -0800 + +qemu (0.11.1-1) unstable; urgency=low + + [ Aurelien Jarno ] + * New upstream version. + * Drop build-depends on libfreebsd-dev on GNU/kFreeBSD. + * qemu: suggests qemu-user-static. + * qemu-user-static: register QEMU with binfmt mecanism. Closes: + #306637. + * Bump conflicts on openbios-ppc to (<< 1.0+svn505-1). + * Add 01-binutils-gold.diff to fix FTBFS with binutils-gold. Closes: + #556301. + * Add sparc64 support. + * Use new roms location in etherboot package. + + [ Vagrant Cascadian ] + * qemu-utils, qemu-user, qemu-system: Set both Conflicts and Replaces for + older versions of qemu to ensure proper upgrade path. + * Add versioned build-dep on linux-libc-dev to ensure that KVM support is + enabled. + * qemu-system: Lower dependencies on vgabios, bochsbios, openhackware, + openbios-ppc and openbios-sparc to recommends. Conflict with versions that + are incompatible. Closes: #436094. + * qemu-utils: Tighten the versioned conflicts with kvm, as not all older + versions actually conflict. + * qemu-make-debian-root: Apply modified patch from Nicolas Boulenguez that + documents usage of -s, exits on error, and mentions that it is normally + run as root. Closes: #447034. + + -- Aurelien Jarno Sun, 27 Dec 2009 12:09:11 +0100 + +qemu (0.11.0-6) unstable; urgency=low + + * Update from stable-0.11 branch. + * qemu-utils: add Replaces: qemu (<< 0.11.0-2). Closes: #556627, + #556860. + + -- Aurelien Jarno Fri, 20 Nov 2009 08:24:32 +0100 + +qemu (0.11.0-5) unstable; urgency=low + + * Change the Conflicts: into Replaces: to handle the move of /etc/ifup + from one package to another correctly. Tighten the version. Closes: + #556627. + + -- Aurelien Jarno Wed, 18 Nov 2009 16:30:39 +0000 + +qemu (0.11.0-4) unstable; urgency=low + + [ Aurelien Jarno ] + * Update from stable-0.11 branch. + * Default to alsa before OSS. Closes: #451234. + + [ Vagrant Cascadian ] + * Updated Vcs-Git to a url more likely to work with debcommit. + + -- Aurelien Jarno Wed, 18 Nov 2009 16:26:17 +0100 + +qemu (0.11.0-3) unstable; urgency=low + + * qemu-system, qemu-user: fix conflicts version. Closes: #556627. + * qemu-utils: conflicts with kvm (<= 85+dfsg-4.1), as it also provides + qemu-io. + + -- Aurelien Jarno Tue, 17 Nov 2009 09:49:24 +0100 + +qemu (0.11.0-2) unstable; urgency=low + + * Update from stable-0.11 branch. + * Move qemu-user.1 and qemu-make-debian-root.8 to the qemu-user + package. + * Add build-depends on uuid-dev. + * Use a specific install file for qemu-utils on GNU/kFreeBSD. + * Call dh_install with -s. + + -- Aurelien Jarno Tue, 17 Nov 2009 09:11:29 +0100 + +qemu (0.11.0-1) unstable; urgency=low + + [ Aurelien Jarno ] + * New upstream version. + - Documents virtio NIC. Closes: #541182. + - Increase the maximum TCG op a target instruction op can expand to. + Closes: #530645, #542297. + - KVM is enabled by default. Closes: #520894. + - Fix CVE-2009-3616. Closes: #553589. + * Drop 65_kfreebsd.patch. + * Split the qemu package and use out of tree building. Based on a patch + from Vagrant Cascadian. Closes: #524774. + * Only recommends debootstrap for qemu-user and qemu-user static. Closes: + #543356. + * Remove /usr/share/qemu/proll.elf. Closes: bug#542247. + * Add build-depends on libcurl4-gnutls-dev, libgnutls-dev and libsasl2-dev + to enable new upstream features. + * Bump Standards-Version to 3.8.3 (no changes). + * Update Vcs-* fields to point to the new git repository. + * Add Vagrant Cascadian to uploaders, and set + DM-Upload-Allowed to yes. + + -- Aurelien Jarno Mon, 26 Oct 2009 10:17:57 +0000 + +qemu (0.10.50+git20090729-1) experimental; urgency=low + + [ Josh Triplett ] + * Remove myself from Uploaders. + + [ Riku Voipio ] + * new upstream RC version + * nuke all linux-user patches (applied upstream) + 06_exit_segfault + 12_signal_powerpc_support + 21_net_soopts + 30_syscall_ipc + 32_syscall_sysctl + 35_syscall_sockaddr + 48_signal_terminate + 55_unmux_socketcall + * nuke all other applied-upstream patches + 01_nostrip (better version upstream) + 07_i386_exec_name (can be reintroduced in debian/rules) + 50_linuxbios_isa_bios_ram (shouldn't be needed anymore) + 51_linuxbios_piix_ram_size (applied) + 56_dhcp (crap) + 60_ppc_ld (reintroduce if needed) + 64_ppc_asm_constraints (ditto) + 66_tls_ld.patch (ditto) + 81_compile_dtb.patch (applied upstream) + 82_qemu-img_decimal (ditto) + * move to git + * simplify build rules + * Correct my email address + + -- Riku Voipio Wed, 29 Jul 2009 13:28:05 +0300 + +qemu (0.10.6-1) unstable; urgency=low + + [ Josh Triplett ] + * Remove myself from Uploaders. + + [ Aurelien Jarno ] + * New upstream version. + * Bump Standards-Version to 3.8.2 (no changes). + * Update debian/watch (closes: bug#538781). + + -- Aurelien Jarno Fri, 31 Jul 2009 15:25:36 +0200 + +qemu (0.10.5-1) unstable; urgency=low + + * New upstream version. + + -- Aurelien Jarno Sun, 24 May 2009 16:15:35 +0200 + +qemu (0.10.4-1) unstable; urgency=low + + * New upstream version. + * debian/NEWS.Debian: new file, describing the cache policy options + (closes: bug#526832). + * debian/patches/70_versatile_memsize.patch: new patch to set a upper + limit on the memory size of the versatile boards (closes: + bug#527264). + + -- Aurelien Jarno Tue, 12 May 2009 18:31:29 +0200 + +qemu (0.10.3-1) unstable; urgency=low + + * New upstream version. + * Tighten dependency on bochsbios. + + -- Aurelien Jarno Sat, 02 May 2009 10:14:21 +0200 + +qemu (0.10.2-2) unstable; urgency=low + + * Add missing comma in build-depends (closes: bug#524207). + * Tighten dependency on vgabios. + + -- Aurelien Jarno Wed, 15 Apr 2009 22:30:43 +0200 + +qemu (0.10.2-1) unstable; urgency=low + + [ Aurelien Jarno ] + * New upstream stable release. + + -- Aurelien Jarno Tue, 07 Apr 2009 07:37:15 +0200 + +qemu (0.10.1-1) unstable; urgency=low + + [ Aurelien Jarno ] + * New upstream stable release: + - patches/80_stable-branch.patch: remove. + * debian/control: + - Remove depends on proll. + - Move depends on device-tree-compiler to build-depends. + - Bump Standards-Version to 3.8.1 (no changes). + * patches/82_qemu-img_decimal.patch: new patch from upstream to make + qemu-img accept sizes with decimal values (closes: bug#501400). + + -- Aurelien Jarno Sun, 22 Mar 2009 10:13:17 +0100 + +qemu (0.10.0-1) unstable; urgency=low + + [ Aurelien Jarno ] + * New upstream release: + - Fix fr-be keyboard mapping (closes: bug#514462). + - Fix stat64 structure on ppc-linux-user (closes: bug#470231). + - Add a chroot option (closes: bug#415996). + - Add evdev support (closes: bug#513210). + - Fix loop on symlinks in user mode (closes: bug#297572). + - Bump depends on openbios-sparc. + - Depends on openbios-ppc. + - Update 12_signal_powerpc_support.patch. + - Update 21_net_soopts.patch. + - Drop 44_socklen_t_check.patch (merged upstream). + - Drop 49_null_check.patch (merged upstream). + - Update 64_ppc_asm_constraints.patch. + - Drop security/CVE-2008-0928-fedora.patch (merged upstream). + - Drop security/CVE-2007-5730.patch (merged upstream). + * patches/80_stable-branch.patch: add patches from stable branch: + - Fix race condition between signal handler/execution loop (closes: + bug#474386, bug#501731). + * debian/copyright: update. + * Compile and install .dtb files: + - debian/control: build-depends on device-tree-compiler. + - debian/patches/81_compile_dtb.patch: new patch from upstream. + - debian/rules: compile and install bamboo.dtb and mpc8544.dtb. + + -- Aurelien Jarno Sat, 07 Mar 2009 06:20:34 +0100 + +qemu (0.9.1+svn20090104-1) experimental; urgency=low + + [ Aurelien Jarno ] + * New upstream snapshot. + * Disable security/CVE-2008-0928-fedora.patch, it still breaks qcow + format. + + -- Aurelien Jarno Sun, 04 Jan 2009 16:31:40 +0100 + +qemu (0.9.1+svn20081223-1) experimental; urgency=low + + [ Aurelien Jarno ] + * New upstream snapshot. + - Fix CVE-2008-2382 + * Update patches/48_signal_terminate.patch. + * debian/rules: remove upstream flags from CFLAGS. + + -- Aurelien Jarno Tue, 23 Dec 2008 14:51:25 +0100 + +qemu (0.9.1+svn20081214-1) experimental; urgency=low + + [ Aurelien Jarno ] + * New upstream snapshot. + - Fix jmp im on x86_64 when executing 32-bit code. Fix grub + installation (Closes: bug#467148). + + -- Aurelien Jarno Sun, 14 Dec 2008 23:26:04 +0100 + +qemu (0.9.1+svn20081207-1) experimental; urgency=low + + [ Aurelien Jarno ] + * New upstream snapshot. + - Do not depend on gcc-3.4 anymore (Closes: bug#440425, bug#463066). + - Fix broken display introduced by CVE-2007-1320 (Closes: bug#422578). + * debian/control: remove build-dependency on gcc-3.4. + * debian/rules: remove code for dyngen targets. + * Split 90_security.patch into + - security/CVE-2007-5730.patch + - security/leftover.patch + * Replace 91_security.patch by security/CVE-2008-0928-fedora.patch taken + from fedora repository and enable it (Closes: #469649). + + [ Riku Voipio ] + * 2 patches gone, 19 to go: + - 10_signal_jobs.patch: drop, merged upstream + - 11_signal_sigaction.patch: drop, merged upstream + - series: update + + -- Aurelien Jarno Sun, 07 Dec 2008 19:40:09 +0100 + +qemu (0.9.1+svn20081128-1) experimental; urgency=low + + [ Aurelien Jarno ] + * New upstream snapshot. + - Include documentation for network downscript option (Closes: + bug#506994). + - Drop 00_bios.patch and pass --disable-blobs instead. + - Update 12_signal_powerpc_support.patch. + + [ Riku Voipio ] + * Drop 31_syscalls.patch as it makes no sense using host uselib to + load target code into qemu's host memoryspace. + + -- Aurelien Jarno Sat, 29 Nov 2008 09:04:41 +0100 + +qemu (0.9.1+svn20081112-1) experimental; urgency=low + + [ Aurelien Jarno ] + * New upstream snapshot. + - does not need a disk image anymore (Closes: bug#260935). + - 53_openbios_size.patch: drop (merged upstream). + - 90_security: update. + * debian/control: depend on openbios-sparc (>= 1.0~alpha2+20081109) + (Closes: bug#502411, bug#502414). + + -- Aurelien Jarno Sun, 09 Nov 2008 14:42:37 +0100 + +qemu (0.9.1+svn20081101-1) experimental; urgency=low + + [ Aurelien Jarno ] + * New upstream snapshot. + - fix a heap overflow in Cirrus emulation (CVE-2008-4539). + - 50_linuxbios_isa_bios_ram.patch: update. + - 90_security.patch: update. + + -- Aurelien Jarno Sat, 01 Nov 2008 09:26:45 +0100 + +qemu (0.9.1+svn20081023-1) experimental; urgency=low + + [ Aurelien Jarno ] + * New upstream snapshot. + - 12_signal_powerpc_support.patch: update. + - 50_linuxbios_isa_bios_ram.patch: update. + + -- Aurelien Jarno Thu, 23 Oct 2008 21:34:26 +0200 + +qemu (0.9.1+svn20081016-1) experimental; urgency=low + + [ Aurelien Jarno ] + * New upstream snapshot. + * patches/31_syscalls.patch: remove parts merged upstream. + * debian/qemu-make-debian-root: + - Fix bug introduced when fixing bug#496394 (Closes: bug#502325). + + -- Aurelien Jarno Mon, 13 Oct 2008 23:11:15 +0200 + +qemu (0.9.1+svn20081012-1) experimental; urgency=low + + [ Riku Voipio ] + * Add a bunch of patches from scratchbox + - 44_socklen_t_check work better with badbehavin net apps + - 48_signal_terminate make qemu binary terminate on signals as expected + - 49_null_checks don't bother some syscalls when null/zero is passed + + [ Aurelien Jarno ] + * New upstream snapshot. + - alpha is now a TCG target. + - comma has been added to sendkey (closes: bug#414342). + * patches/31_syscalls.patch: remove parts merged upstream. + * patches/39_syscall_fadvise64.patch: remove (merged upstream). + * patches/90_security.patch: remove parts merged upstream. + * debian/control: build-depends on libbluetooth-dev. + + -- Aurelien Jarno Sun, 12 Oct 2008 18:46:54 +0200 + +qemu (0.9.1+svn20080905-1) experimental; urgency=low + + * New upstream snapshot. + - SH4 is now a TCG target. + * debian/watch: update URL location. + + -- Aurelien Jarno Tue, 02 Sep 2008 01:43:24 +0200 + +qemu (0.9.1+svn20080826-1) experimental; urgency=low + + * New upstream snapshot. + * debian/qemu-make-debian-root: + - Use mktemp instead of $$ to create temporary directories (Closes: + bug#496394). + * Ship a libqemu-dev package (Closes: bug#451618). + + -- Aurelien Jarno Tue, 26 Aug 2008 09:55:36 +0200 + +qemu (0.9.1+svn20080822-1) experimental; urgency=low + + * New upstream snapshot. + - Focus to monitor to ask password (Closes: bug#473240). + - TCG SPARC host support (Closes: bug#450817). + - Check KQEMU availability before allocating memory (Closes: bug#414566). + - Fix dead keys (Closes: bug#489594). + - Fix ES1370 emulation (Closes: bug#494462). + - New USB UHCI implemnation (Closes: bug#457651). + - Add debian/patches/00_bios.patch. + - Remove debian/patches/02_snapshot_use_tmpdir.patch (merged). + - Remove debian/patches/04_do_not_print_rtc_freq_if_ok.patch (merged). + - Remove patches/05_non-fatal_if_linux_hd_missing.patch (merged). + - Update debian/patches/07_i386_exec_name.patch + - Update debian/patches/12_signal_powerpc_support.patch + - Remove debian/patches/33_syscall_ppc_clone.patch (merged differently). + - Remove debian/patches/41_arm_fpa_sigfpe.patch (merged). + - Remove debian/patches/42_arm_tls.patch (merged differently). + - Update debian/patches/55_unmux_socketcall.patch. + - Remove debian/patches/63_sparc_build.patch (useless). + - Update debian/patches/65_kfreebsd.patch. + - Update debian/patches/66_tls_ld.patch. + - Remove debian/patches/70_manpage.patch (merged). + - Remove debian/patches/71_doc.patch (merged). + - Remove debian/patches/80_ui_curses.patch (merged). + - Remove debian/patches/81_mips32r2_fpu.patch (merged). + - Remove debian/patches/82_mips_abs.patch (merged). + - Remove debian/patches/83_usb-serial.patch (merged). + - Remove debian/patches/84_rtl8139.patch (merged). + - Remove debian/patches/85_vvfat.patch (merged). + - Remove debian/patches/86_df.patch (merged). + - Remove debian/patches/87_eoi.patch (merged). + - Remove debian/patches/88_dma.patch (merged). + - Remove debian/patches/89_braille.patch (merged). + - Remove debian/patches/92_no_shutdown.patch (merged). + - Remove debian/patches/93_tmpfs.patch (merged). + - Remove debian/patches/94_security.patch (merged). + * debian/README.source: new file. + * debian/patches/*: convert to patchlevel 1 (Closes: bug#484963). + * debian/control: + - Add build-depends on libesd0-dev. + - Add build-depends on libpulse-dev. + - Add build-depends on libvdeplug2-dev. + - Add build-depends on etherboot. + - Update list of supported targets (Closes: bug#488339). + - Suggests kqemu-source. + - Bump Standards-Version to 3.8.0. + * debian/links: + - Add missing manpage symlinks. + * debian/rules: + - Enable audio drivers depending on the system. + - Enable DYNGEN targets depending on the system. + - Install PXE bios from etherboot (Closes: bug#412010). + - Don't ignore make clean errors. + - Don't build DYNGEN targets on kfreebsd-amd64 (Closes: bug#494353). + * debian/patches/22_net_tuntap_stall.patch: remove (outdated). + + -- Aurelien Jarno Fri, 22 Aug 2008 01:00:54 +0200 + +qemu (0.9.1-5) unstable; urgency=high + + [ Guillem Jover ] + * Add Homepage field. + * Add Vcs-Browser and Vcs-Svn fields. + * Remove packaging repository information from debian/copyright. + * Add former package co-maintainers to debian/copyright. + * Serialize patch and configure steps in debian/rules to support parallel + builds, as we are patching configure. + * Remove myself from Uploaders. + + [ Aurelien Jarno ] + * debian/patches/70_manpage.patch: remove curses documentation, it is already + in debian/patches/80_ui_curses.patch (Closes: bug#477369). + * debian/patches/94_security.patch: add format= to drive options + (CVE-2008-2004). + + -- Aurelien Jarno Mon, 28 Apr 2008 21:54:12 +0200 + +qemu (0.9.1-4) unstable; urgency=high + + * debian/patches/52_ne2000_return.patch: drop, the patch is wrong. + * Backports from upstream: + - Typo in curses_keys.h + - Documentation for the -curses option + - Fix broken absoluteness check for cabs.d.*. + - USB-to-serial device. + - rtl8139: fix endianness on big endian targets + - restore rw support for vvfat + - x86-64: recompute DF after eflags has been modified when emulating + SYSCALL + - ignore reads to the EOI register + - IDE: Improve DMA transfers by increasing the buffer size + - Braille device support + - Add -no-shutdown option (Closes: #326406) + - Ask to use "mount -o remount" instead of "umount" and "mount" + /dev/shm (Closes: #476539). + * debian/qemu.doc-base: fix section. + + -- Aurelien Jarno Sun, 20 Apr 2008 23:29:42 +0200 + +qemu (0.9.1-3) unstable; urgency=low + + [ Aurelien Jarno ] + * debian/patches/42_arm_tls.patch: fix to get qemu-system-arm working + again. (Closes: #471722). + * debian/patches/56_dhcp.patch: fix DHCP server to correctly support + MS-Windows guests. (Closes: #471452). + + -- Aurelien Jarno Wed, 19 Mar 2008 18:58:29 +0100 + +qemu (0.9.1-2) unstable; urgency=low + + [ Aurelien Jarno ] + * debian/patches/80_ui_curses.patch: pull new patch from upstream CVS + (Closes: #442274). + * debian/patches/65_kfreebsd.patch: link with -lfreebsd. (Closes: + #465932). + * debian/patches/81_mips32r2_fpu.patch: patch pulled from upstream + to fix FPU issue on MIPS32R2. + * debian/patches/42_arm_tls.patch: reenable, mistakenly disabled in the + previous upload. (Closes: #469743). + * debian/rules: fix parallel building. (Closes: #469981). + * debian/patches/07_i386_exec_name.patch: install the i386 emulator as + qemu-system-i386, and change qemu into a link pointing to the i386 + version. + * debian/README.Debian: add notes about qemu-system-ppc and video.x + (Closes: #388735). + * debian/patches/70_manpage.patch: describe the -curses option. + (Closes: #433658). + * debian/patches/71_doc.patch: fix the monitor change option. (Closes: + #467106). + * debian/patches/35_syscall_sockaddr.patch: fix sockaddr (Closes: + #469351). + * debian/patches/43_arm_cpustate.patch: disable (Closes: #444171). + + -- Aurelien Jarno Mon, 17 Mar 2008 01:29:03 +0100 + +qemu (0.9.1-1) unstable; urgency=low + + [ Aurelien Jarno ] + * New upstream version. (Closes: #459801) + - Supports s390 host. (Closes: #441119) + - Fix PCI bar allocation. (Closes: #413315) + - Fix typo in keys name. (Closes: #426181) + - Fix segfault of qemu-i386 (Closes: #446868). + - debian/control: bump depends on openbios-sparc to + >= 1.0~alpha2+20080106. + - debian/patches/02_snapshot_use_tmpdir.patch: Refreshed. + - debian/patches/04_do_not_print_rtc_freq_if_ok.patch: Likewise. + - debian/patches/05_non-fatal_if_linux_hd_missing.patch: Likewise. + - debian/patches/06_exit_segfault.patch: Likewise. + - debian/patches/10_signal_jobs.patch: Likewise. + - debian/patches/11_signal_sigaction.patch: Likewise. + - debian/patches/12_signal_powerpc_support.patch: Likewise. + - debian/patches/21_net_soopts.patch: Likewise. + - debian/patches/30_syscall_ipc.patch: Likewise. + - debian/patches/31_syscalls.patch: Likewise. + - debian/patches/32_syscall_sysctl.patch: Likewise. + - debian/patches/33_syscall_ppc_clone.patch: Likewise. + - debian/patches/35_syscall_sockaddr.patch: Likewise. + - debian/patches/41_arm_fpa_sigfpe.patch: Likewise. + - debian/patches/42_arm_tls.patch: Likewise. + - debian/patches/50_linuxbios_isa_bios_ram.patch: Likewise + - debian/patches/51_linuxbios_piix_ram_size.patch: Likewise + - debian/patches/61_safe_64bit_int.patch: Removed, merged upstream. + - debian/patches/63_sparc_build.patch: Refreshed. + - debian/patches/80_ui_curses.patch: Likewise. + * debian/patches/90_security.patch: fix 64-bit overflow. (Closes: + #425634) + * debian/qemu-make-debian-root: add a -s option to create sparse + image. (Closes: #322325) + * debian/control: bump depends on bochsbios to >= 2.3.5-1. Use + BIOS-qemu-latest instead of BIOS-bochs-latest. (Closes: #402289, + #442822) + * debian/rules: build the non-dyngen part with default gcc. + * debian/rules: support DEB_BUILD_OPTIONS="parallel=n". + * debian/patches/70_manpage.patch: describe the arguments of the + -usbdevice option in the manpage. (Closes: #443801) + * debian/control: now using Standards-Version 3.7.3 (no changes needed). + * debian/control: build-depends on libgnutls-dev to enable TLS support + in VNC. + * debian/patches/01_nostrip.patch: don't strip binaries during make + install. (Closes: #437866) + * debian/patches/53_openbios_size.patch: increase maximum prom size to + support latest openbios. + + -- Aurelien Jarno Mon, 28 Jan 2008 21:24:14 +0100 + +qemu (0.9.0+20070816-1) unstable; urgency=low + + [ Guillem Jover ] + * New upstream snapshot. + - Fix hang on ARM during Etch installation. (Closes: #430164) + - Fix data corruption with qcow 2. (Closes: #440296) + - Fix errors with raw images > 4 GiB. (Closes: #425634) + - debian/patches/01_typo_qemu-img.patch: Removed, merged upstream. + - debian/patches/03_machines_list_no_error.patch: Likewise. + - debian/patches/36_syscall_prctl.patch: Likewise. + - debian/patches/37_syscall_mount.patch: Likewise. + - debian/patches/38_syscall_semctl.patch: Likewise. + - debian/patches/40_sparc_fp_to_int.patch: Likewise. + - debian/patches/44_arm_eabi_built_on_64bit_arches.patch: Likewise. + - debian/patches/62_linux_boot_nasm.patch: Likewise. + - debian/patches/04_do_not_print_rtc_freq_if_ok.patch: Synced. + - debian/patches/05_non-fatal_if_linux_hd_missing.patch: Likewise. + - debian/patches/31_syscalls.patch: Likewise. + - debian/patches/35_syscall_sockaddr.patch: Likewise. + - debian/patches/42_arm_tls.patch: Likewise. + - debian/patches/43_arm_cpustate.patch: Likewise. + - debian/patches/51_linuxbios_piix_ram_size.patch: Likewise. + - debian/patches/55_unmux_socketcall.patch: Likewise. + - debian/patches/60_ppc_ld.patch: Likewise. + - debian/patches/65_kfreebsd.patch: Likewise. + - debian/patches/80_ui_curses.patch: Likewise. + - debian/patches/90_security.patch: Likewise. + * Remove Elrond and Guilherme de S. Pastore from Uploaders, with their + permission, and add Aurelien Jarno and Riku Voipio. + * Remove Tag field, this is better maintained outside of the package. + * Add openbios-sparc64 to qemu_bios_files in debian/rules. + + [ Aurelien Jarno ] + * Fix FTBFS on amd64. (Closes: #434296) + - Drop debian/patches/34_syscalls_types.patch + * debian/control: + - Suggest samba. (Closes: #430368) + * Add OpenBIOS for sparc. (Closes: #407076) + - debian/control: depends on openbios-sparc. + - debian/links: provide symlinks in /usr/share/qemu. + + -- Guillem Jover Tue, 04 Sep 2007 04:04:47 +0300 + +qemu (0.9.0-2) unstable; urgency=high + + [ Guillem Jover ] + * Fix several security issues. (Closes: #424070) + Thanks to Tavis Ormandy . + - Cirrus LGD-54XX "bitblt" heap overflow. CVE-2007-1320 + - NE2000 "mtu" heap overflow. + - QEMU "net socket" heap overflow. + - QEMU NE2000 "receive" integer signedness error. CVE-2007-1321 + - Infinite loop in the emulated SB16 device. + - Unprivileged "aam" instruction does not correctly handle the + undocumented divisor operand. CVE-2007-1322 + - Unprivileged "icebp" instruction will halt emulation. CVE-2007-1322 + - debian/patches/90_security.patch: New file. + * Enable adlib audio emulation. (Closes: #419170) + * Fix structure padding for target_eabi_flock64 when built for a 64 bit + architecture. (Closes: #414799) + Thanks to Stuart Anderson . + - debian/patches/44_arm_eabi_built_on_64bit_arches.patch: New file. + * Fix qemu to be able to use LinuxBios. (Closes: #412212) + Thanks to Ed Swierk . + - debian/patches/50_linuxbios_isa_bios_ram.patch: New file. + - 51_linuxbios_piix_ram_size.patch: Likewise. + * Fix segfault when booting a Linux kernel w/o a disk image, by exiting but + clarifying the message, as to use '/dev/null'. (Closes: #409817, #411780) + Thanks to Robert Millan . + - debian/patches/05_non-fatal_if_linux_hd_missing.patch: Updated. + * Fix segfault by using addrlen instead of target_addrlen in + do_getpeername()/do_getsockname(). (Closes: #411910) + Thanks to Stuart Anderson . + - debian/patches/35_syscall_sockaddr.patch: Updated. + * Fix semctl() for 32 bit targets on 64 bit hosts. (Closes: #414809) + Thanks to Stuart Anderson . + - debian/patches/38_syscall_semctl.patch: New file. + * Remove Elrond from Uploaders with consent, always welcome to join + back anytime. + + -- Guillem Jover Wed, 16 May 2007 08:08:31 +0300 + +qemu (0.9.0-1) experimental; urgency=low + + [ Guillem Jover ] + * New upstream release. (Closes: #409989) + - Support for relative paths in backing files for disk images. + (Closes: #390446) + - debian/patches/01_doc_typos.patch: Removed, merged upstream. + - debian/patches/38_syscall_arm_statfs64.patch: Likewise. + - debian/patches/51_serial_small_divider.patch: Likewise. + - debian/patches/67_ppc_ftbfs.patch: Likewise. + - debian/patches/21_net_soopts.patch: Synced. + - debian/patches/30_syscall_ipc.patch: Likewise. + - debian/patches/31_syscalls.patch: Likewise. + - debian/patches/35_syscall_sockaddr.patch: Likewise. + - debian/patches/39_syscall_fadvise64.patch: Likewise. + - debian/patches/42_arm_tls.patch: Likewise. + - debian/patches/55_unmux_socketcall.patch: Likewise. + - debian/patches/80_ui_curses.patch: Likewise. + * Update the copyright information. + * The ACPI initialization code has been moved to bochsbios. + - debian/patches/acpi-dsdt.hex: Removed. + - debian/rules: Do not install acpi-dsdt.hex. + * Add more files to the list of roms removed from the tarball needed to + be touched so that upstream 'make install' does not fail. + * Added armeb and armel to Architecture fields and libgpmg1-dev + Build-Depends. + * Recommend vde2 instead of the transitional vde package. (Closes: #407251) + * Fix typo in qemu-img output. (Closes: #408542) + - debian/patches/01_typo_qemu-img.patch: New file. + Thanks to Adam Buchbinder . + * Symlink qemu-user(1) to qemu-m68k(1). + * Reduce redundancy in qemu-user(1) synopsis. + * Fix rounding in sparc floating point to integer conversions. + - debian/patches/40_sparc_fp_to_int.patch: New file. + Thanks to Aurelien Jarno . + + -- Guillem Jover Thu, 8 Feb 2007 01:01:29 +0200 + +qemu (0.8.2-5) unstable; urgency=low + + [ Guillem Jover ] + * Added a missing part to the ARM NPTL support patch, initially lost. + - debian/patches/42_arm_tls.patch: Updated. + + -- Guillem Jover Tue, 16 Jan 2007 11:44:00 +0200 + +qemu (0.8.2-4) unstable; urgency=medium + + [ Guillem Jover ] + * Disable using iasl for now until it's ported to big-endian systems and + include a locally built acpi-dsdt.hex file. + + -- Guillem Jover Sun, 3 Dec 2006 21:10:23 +0200 + +qemu (0.8.2-3) unstable; urgency=low + + [ Guillem Jover ] + * Hopefully really fix powerpc FTBFS. + + -- Guillem Jover Sun, 5 Nov 2006 17:09:53 +0200 + +qemu (0.8.2-2) unstable; urgency=low + + [ Guillem Jover ] + * Update Tag field to match new debtags vocabulary. + * Clean properly. (Closes: #390166) + - Remove the acpi generated files and the docs. + - Revert the docs regeneration forcing logic. + Thanks to Anderson Lizardo . + * On install use DESTDIR instead of specifying all paths. (Closes: #396139) + Thanks to Anderson Lizardo . + * Port to GNU/kFreeBSD. (Closes: #327622) + - Disable ALSA on non-linux systems. + - Add a Build-Depends on libfreebsd-dev on kfreebsd systems. + - Add kfreebsd-i386 and kfreebsd-amd64 to the Architecture field. + - debian/patches/65_kfreebsd.patch: New file. + Thanks Petr Salinger . + * In qemu-make-debian-root do not explicitely install in aptitude and + libsigc++-1.2-5c102, they are pulled now by default. And do not remove + aptitude afterwards. (Closes: #392481) + Thanks to Ted Percival . + * Add experimental ncurses ui support. (Closes: #369462) + - debian/patches/80_ui_curses.patch: New file. + Thanks to Andrzej Zaborowski . + * Add SO_PEERCRED and SO_SNDTIMEO support, and fix accept syscall when + being passed NULL pointers. + - debian/patches/21_net_sockopts.patch: Renamed to ... + - debian/patches/21_net_soopts.patch: ... here. Modify. + Thanks to Pablo Virolainen. + * Add a fadvise64 syscall stub. + - debian/patches/39_syscall_fadvise64.patch: New file. + Thanks to Pablo Virolainen. + * Add EABI unmuxed socket syscalls. + - debian/patches/55_unmux_socketcall.patch: New file. + Thanks to Riku Voipio. + * Add TLS sections to the ARM and x86 linker scripts so that qemu user + emulators can be linked statically. + - debian/patches/66_tls_ld.patch: New file. + * Move the documentation of the binary blob removals from the original + upstream tarball from README.Debian to debian/copyright. + * Reword the emphasis on "FAST!" from the package description. + * Fix FTBFS on powerpc by adding the missing fp_status variable to the + int32_to_float32 function calls. + - debian/patches/67_ppc_ftbfs.patch: New file. + + -- Guillem Jover Sun, 5 Nov 2006 08:48:27 +0200 + +qemu (0.8.2-1) unstable; urgency=low + + [ Guillem Jover ] + * New upstream release. (Closes: #379461, #385029, #388810) + - Add ACPI BIOS emulation support. (Closes: #372533) + - Fix mouse invisible wall when using Windows XP. (Closes: #384666) + - debian/patches/01_doc_typos.patch: Sync. + - debian/patches/03_machines_list_no_error.patch: Likewise. + - debian/patches/04_do_not_print_rtc_freq_if_ok.patch: Likewise. + - debian/patches/05_non-fatal_if_linux_hd_missing.patch: Likewise. + - debian/patches/06_exit_segfault.patch: Likewise. + - debian/patches/12_signal_powerpc_support.patch: Likewise. + - debian/patches/21_net_sockopt.patch: Likewise. + - debian/patches/22_net_tuntap_stall.patch: Likewise. + - debian/patches/30_syscall_ipc.patch: Likewise. + - debian/patches/31_syscalls.patch: Likewise. + - debian/patches/32_syscall_sysctl.patch: Likewise. + - debian/patches/33_syscall_ppc_clone.patch: Likewise. + - debian/patches/35_syscall_sockaddr.patch: Likewise. + - debian/patches/36_syscall_prctl.patch: Likewise. + - debian/patches/37_syscall_mount.patch: Likewise. + - debian/patches/41_arm_fpa_sigfpe.patch: Likewise. + - debian/patches/42_arm_tls.patch: Likewise. + - debian/patches/61_safe_64bit_int.patch: Likewise. + - debian/patches/63_sparc_build.patch: Likewise. + - debian/patches/50_missing_keycodes.patch: Removed, integrated upstream. + * Switch to quilt: + - debian/control: Add quilt (>= 0.40) to Build-Depends. + - debian/patches/series: New file. + - debian/patch.mk: Removed. + - debian/rules: Include '/usr/share/quilt/quilt.make' instead of + 'debian/patch.mk'. + * Build the ACPI Source Language files with iasl. + * Add a Tag field to the binary package, using data from debtags. + * Add 2006 to the debian/copyright years. + * Add a Recommends on vde. (Closes: #386780) + * Fix spelling error in package description (peripherials -> peripherals). + (Closes: #388700) + Thanks to Rakesh 'arky' Ambati . + * Fix ne2000_can_receive return code to 0 when the command is STOP. + (Closes: #386209) + - debian/patches/52_ne2000_return.patch: New file. + Thanks to Samuel Thibault . + * Document the binary blob removals from the original upstream tarball in + README.Debian. (Closes: #388740) + + -- Guillem Jover Mon, 25 Sep 2006 04:16:25 +0300 + +qemu (0.8.1-1) unstable; urgency=low + + [ Guillem Jover ] + * New upstream release. (Closes: #366955, #366637) + - debian/patches/01_doc_typos.patch: Sync. + - debian/patches/04_do_not_print_rtc_freq_if_ok.patch: Likewise. + - debian/patches/05_non-fatal_if_linux_hd_missing.patch: Likewise. + - debian/patches/12_signal_powerpc_support.patch: Likewise. + - debian/patches/21_net_sockopt.patch: Likewise. + - debian/patches/22_net_tuntap_stall.patch: Likewise. + - debian/patches/30_syscall_ipc.patch: Likewise. + - debian/patches/31_syscalls.patch: Likewise. + - debian/patches/32_syscall_sysctl.patch: Likewise. + - debian/patches/33_syscall_ppc_clone.patch: Likewise. + - debian/patches/35_syscall_sockaddr.patch: Likewise. + - debian/patches/36_syscall_prctl.patch: Likewise. + - debian/patches/37_syscall_mount.patch: Likewise. + - debian/patches/41_arm_fpa_sigfpe.patch: Likewise. + - debian/patches/42_arm_tls.patch: Likewise. + - debian/patches/43_arm_cpustate.patch: Likewise. + - debian/patches/50_missing_keycodes.patch: Likewise. + - debian/patches/51_serial_small_divider.patch: Likewise. + - debian/patches/61_safe_64bit_int.patch: Likewise. + - debian/patches/63_sparc_build.patch: Likewise. + - debian/patches/40_arm_nwfpe_cpsr.patch: Removed, integrated upstream. + * Make the patch system apply the patch on the first run. + - debian/patches/64_ppc_asm_constraints.patch: Add DPATCHLEVEL. + * Document how to use the images created with qemu-make-debian-root in the + man page. Thanks to Jacobo . (Closes: #343450) + * Add support for the -snapshot option to use the TMPDIR evironment + variable. (Closes: #353880) + - debian/patches/02_snapshot_use_tmpdir.patch: New file. + * Do not exit with an error when using '-M ?'. (Closes: #365209) + - debian/patches/03_machines_list_no_error.patch: New file. + * Added symlink for system-mipsel emulator man page. + * Build and clean the pc-bios directory. + * Avoid segfaulting by using _exit(2) instead of exit(3) in qemu user + emulators. (Closes: #338289) + - debian/patches/06_exit_segfault.patch: New file. + * Enable ALSA audio support and add libasound2-dev to the Build-Depends. + * Now using Standards-Version 3.7.2 (no changes needed). + + -- Guillem Jover Sun, 28 May 2006 20:51:10 +0300 + +qemu (0.8.0-3) unstable; urgency=low + + [ Josh Triplett ] + * Fix FTBFS on PowerPC caused by asm constraint problem. (Closes: #361727) + - debian/patches/64_ppc_asm_constraints.patch. + + [ Guillem Jover ] + * Clamp addrlen from host to target when using AF_UNIX. This fixes + socket problems when using EABI. + - debian/patches/35_syscall_sockaddr.patch: New file. + * Fix floating point comparison on ARM NWFPE, due to glue code missmatch. + (Closes: #356287) + - debian/patches/40_arm_nwfpe_cpsr.patch: New file. + - debian/patches/40_fpu_arm_sigfpe.patch: Rename to ... + - debian/patches/41_arm_fpa_sigfpe.patch: ... this. Resync. + Thanks to Ulrich Hecht. + * Fix POSIX threads creation on ARM hanging when initializing the cpu + structure being it cyclic. + - debian/patches/43_arm_cpustate.patch: New file. + * Add TLS support for ARM. Stolen from Scratchbox. + - debian/patches/42_arm_tls.patch: New file. + * Fix sysctl endian problem. + - debian/patches/32_syscall_sysctl.patch: Update. + Thanks to Timo Savola . + * Remove now default '--enable-slirp' build option. (Closes: #356284) + Thanks to Anderson Lizardo . + * Remove unused sharedir to 'make install'. (Closes: #356418) + Thanks to Anderson Lizardo . + * Fix package not cleaning properly. (Closes: #356279) + Thanks to Anderson Lizardo for the initial + patch. + * Add needed syscalls to make debootstrap work. (Closes: #356291) + - debian/patches/36_syscall_prctl.patch: New file. + - debian/patches/37_syscall_mount.patch: Likewise. + - debian/patches/38_syscall_arm_statfs64.patch: Likewise. + Thanks to Anderson Lizardo . + * Remove obsolete Build-Dependency xlibs-dev. + + -- Guillem Jover Thu, 13 Apr 2006 11:53:00 +0300 + +qemu (0.8.0-2) unstable; urgency=low + + [ Guillem Jover ] + * Switch away from cdbs to plain debhelper. + * Upgrade to debhelper compat level 5. + * Allow overriding CC compiler variable. (Closes: #345772) + * Do not redefine 64 bit types on 64 bit arches. + - debian/patches/61_safe_64bit_int.patch: New file. + * Allow linux_boot.bin to be built on any arch by switching to nasm, + and Build-Depending on it. + - debian/patches/62_linux_boot_nasm.patch: New file. + * The serial hw driver uses a small divider that gets zeroed when shifting + bits to the right. (Closes: #276276, #348098) + - debian/patches/51_serial_small_divider.patch: New file. + Thanks to Samuel Thibault . + * Escaped hyphens in qemu-user manpage, use italics for filenames and + parameters and bold for options. + * Partial build failure fix for Sparc. (Bugs: #317145, #336970) + Thanks to Jurij Smakov . + + -- Guillem Jover Mon, 20 Feb 2006 09:17:46 +0200 + +qemu (0.8.0-1) unstable; urgency=low + + [ Guillem Jover ] + * New upstream release. (Closes: #344339) + - Added support for Virtual FAT. (Closes: #313123) + - Emulate repeated keystrokes when holding a key. (Closes: #298864) + - debian/patches/01_doc_typos.patch: Sync. + - debian/patches/04_do_not_print_rtc_freq_if_ok.patch: Likewise. + - debian/patches/05_non-fatal_if_linux_hd_missing.patch: Likewise. + - debian/patches/12_signal_powerpc_support.patch: Likewise. + - debian/patches/21_net_sockopt.patch: Likewise. + - debian/patches/22_net_tuntap_stall.patch: Likewise. + - debian/patches/30_syscall_ipc.patch: Likewise. + - debian/patches/31_syscalls.patch: Likewise. + - debian/patches/32_syscall_sysctl.patch: Likewise. + - debian/patches/33_syscall_ppc_clone.patch: Likewise. + - debian/patches/40_fpu_arm_sigfpe.patch: Likewise. + - debian/patches/50_missing_keycodes.patch: Likewise. + * Added mips and mipsel to the lintian overrides for the user emulators + being shlib-with-non-pic-code. + * Added symlinks for mips, mipsel and system-arm emulator manpages. + + -- Guillem Jover Fri, 30 Dec 2005 05:44:53 +0200 + +qemu (0.7.2-2) unstable; urgency=low + + [ Josh Triplett ] + * Add support for signal handling on PowerPC. (Closes: #335509) + - debian/patches/12_signal_powerpc_support.patch: New file. + + [ Guillem Jover ] + * Add Josh Triplett to Uploaders and packaging team. + * Fix PowerPC build failure by reintroducing the ppc linker script and + adding the missing _SDA_BASE_ and _SDA2_BASE_ symbols. (Closes: #336983) + * Remove invalid patch making X11 fail at runtime. + - debian/patches/20_net_socket.patch: Remove. + - debian/patches/32_syscall_sysctl.patch: Sync. + Thanks to Daniel Gimpelevich . + * Avoid the patch system to try until it applies. + - debian/patches/05_non-fatal_if_linux_hd_missing.patch: Added patch level. + - debian/patches/12_signal_powerpc_support.patch: Likewise. + + -- Guillem Jover Wed, 21 Dec 2005 22:11:34 +0200 + +qemu (0.7.2-1) unstable; urgency=low + + [ Guillem Jover ] + * New upstream release. (Closes: #321232, #327168) + - debian/patches/12_signal_silent.patch: Integrated upstream, remove. + - debian/patches/50_ppc_ldscript.patch: Likewise. + - debian/patches/33_syscall_truncate64.patch: Likewise. + - debian/patches/01_doc_typos.patch: Resync with upstream. + - debian/patches/04_do_not_print_rtc_freq_if_ok.patch: Likewise. + - debian/patches/05_non-fatal_if_linux_hd_missing.patch: Likewise. + - debian/patches/10_signal_jobs.patch: Likewise. + - debian/patches/11_signal_sigaction.patch: Likewise. + - debian/patches/20_net_socket.patch: Likewise. + - debian/patches/21_net_sockopt.patch: Likewise. + - debian/patches/22_net_tuntap_stall.patch: Likewise. + - debian/patches/30_syscall_ipc.patch: Likewise. + - debian/patches/31_syscalls.patch: Likewise. + - debian/patches/32_syscall_sysctl.patch: Likewise. + - debian/patches/40_fpu_arm_sigfpe.patch: Likewise. + * Repackaged upstream source to deal with binaries w/o sources. + - pc-bios/video.x: New file removed. + * Create a new qemu-user(1) manpage and link all user emulator manpages + to it. (Closes: #335163) + * Add missing '-' and '=' keycodes for sendkey command. + - debian/patches/50_missing_keycodes.patch: New file. (Closes: #334071) + Thanks to Robert Millan . + * Add manpage link for qemu-system-mips. + * Make sysctl byte-swap the name values. + - debian/patches/32_syscall_sysctl.patch: Merge patch. (Closes: #334458) + Thanks to Josh Triplett . + * Change documentation menu section to "Apps/Emulators". (Closes: #335062) + Thanks to Frans Pop . + * On PowerPC, do not zero registers r7-r31 in do_fork and zero register r3. + Fixing segfaults on programs using the clone syscall. + - debian/patches/33_syscall_ppc_clone.patch: New file. (Closes: #335159) + Thanks to Josh Triplett + and Paul Brook . + * Tighten vgabios and bochsbios versioned Depends. + * Add video.x to the list of roms to touch to make qemu Makefile happy. + * Add lintian overrides for the user emulators being shlib-with-non-pic-code. + * Wrap lines in debian/control fields (knowingly breaking policy). + + [ Guilherme de S. Pastore ] + * debian/control: + - Updated my e-mail address. + * debian/copyright: + - Dropped André from team members list, not a single contribution ever. + + -- Guillem Jover Mon, 31 Oct 2005 05:01:45 +0200 + +qemu (0.7.0-4) unstable; urgency=low + + [ Guillem Jover ] + * Rebuild source with locally deborked dpkg-source. (Closes: #321019) + * Added the location of the Subversion repo used for the packages and + fixed the upstream URL in debian/copyright. + * Lower case title header in qemu-make-debian-root man page. + * Use dd instead of cat to generate the qemu debian root image. + (Closes: #315952) + + -- Guillem Jover Wed, 3 Aug 2005 05:53:30 +0300 + +qemu (0.7.0-3) unstable; urgency=low + + [ Guillem Jover ] + * Update watch file to version 3, use perlre and new upstream site. + * Now using Standards-Version 3.6.2 (no changes needed). + * Fix TUN/TAP network interface stalling the connection. (Closes: #290569) + Thanks to Vitaly Belostotsky . + * Link against librt, needed by the new clock_gettime syscall. + - debian/patches/31_syscalls.patch: Update. (Closes: #315388) + Thanks to Timo Savola for noticing. + * Force Build-Dependency on binutils >= 2.16-1 needed by the amd64 and + powerpc linker scripts. (Closes: #262655) + * Force usage of gcc-3.4. (Closes: #319527) + * Add missing Build-Dependency on zlib1g-dev. + Thanks to Reinhard Tartler . + * Include in syscall.c to avoid the broken headers in + linux-kernel-headers 2.6.12. + - debian/patches/34_syscalls_types.patch: New file. + Thanks to Octavian Cerna . + * Fix powerpc linker script. + - debian/patches/50_ppc_ldscript.patch: New file. + Thanks to Octavian Cerna . + + -- Guillem Jover Mon, 1 Aug 2005 02:48:09 +0300 + +qemu (0.7.0-2) unstable; urgency=low + + [ Guillem Jover ] + * Add alpha, sparc, arm and s390 to Architectures (and to the + libgpmg1-dev Build-Depends). + + * Forward SIGSTOP and SIGCONT sent to QEMU to the emulated application. + - debian/patches/10_signal_jobs.patch: New file. + Thanks to Ulrich Hecht. + * Return EINVAL on emulated sigaction when given invalid signal + parameters SIGKILL and SIGSTOP. + - debian/patches/11_signal_sigaction.patch: New fle. + Thanks to Valtteri Rahkonen. + * Do not print messsages for uncaught signal, thus fixing the case + were some applications want to kill their siblings. + - debian/patches/12_signal_silent.patch: New file. + Thanks to Valtteri Rahkonen + + * Fix Unix sockets by handling correctly AF_UNIX socket address + structure length. + - debian/patches/20_net_socket.patch: New file. + Thanks to Timo Savola. + * Implement SO_LINGER, SO_RCVTIMEO, SO_SNDTIMEO, SO_PEERNAME and + SO_PEERCRED getsockoptions. + - debian/patches/21_net_sockopt.patch: New file. + Thanks to Valtteri Rahkonen. + + * Implement SysV IPC message and semaphore syscalls. + - debian/patches/30_syscall_ipc.patch: New file. + Thanks to Valtteri Rahkonen. + * Implement acct, umount2, uselib, swapon, syslog, ftruncate64, + mincore, madvise, readahead and clock_gettime syscalls. + - debian/patches/31_syscalls.patch: New file. + Thanks to Ulrich Hecht. + * Implement sysctl CTL_KERN/KERN_VERSION + - debian/patches/32_syscall_sysctl.patch: New file. + Thanks to Timo Savola. + * Implement truncate64 syscall. + - debian/patches/33_syscall_truncate64.patch: New file. + Thanks to Valtteri Rahkonen. + + * Implement ARM floating point exeption emulation. + - debian/patches/40_fpu_arm_sigfpe.patch: New file. + Thanks to Ulrich Hecht. + + -- Guillem Jover Sun, 19 Jun 2005 15:05:37 +0300 + +qemu (0.7.0-1) experimental; urgency=low + + [ Guillem Jover ] + * New upstream release. (Closes: #308459, #308494) + * Do not require a disk image when booting a Linux kernel. (Closes: #260935) + Thanks to Jonas Smedegaard . + + [ Guilherme de S. Pastore ] + * Rewrote README.Debian for more clarity + * Add support for amd64 as a host architecture. (Closes: #262655) + - Add build-depend on libgpmg1-dev on amd64. + * Fixed qemu-make-debian-root so that it shows the name by which + it was called on the usage notice, not "%s". (Closes: #303507) + Thanks to Micah Anderson . + + [ Elrond ] + * Clean up more files, so they don't end up in the final .diff.gz + * Switch to external proll and openhackware: + - Instead of patching qemu's Makefile, trick it by giving it empty + files to install and remove them straight after install. + - Don't ship the roms in debian/roms any more! + - Instead add more symlinks. + - Update Depends: apropiately. + + -- Guillem Jover Fri, 27 May 2005 02:06:20 +0300 + +qemu (0.6.1+20050407-1) unstable; urgency=low + + [ Guillem Jover ] + * New upstream snapshot. + - Fix -user-net. (Closes: #295019) + - Fix win2k and winxp image booting. (Closes: #285170, #292707) + - Fix installation of outdated documentation. (Closes: #286931) + - Provide qemu-img instead of qemu-mkcow. (Closes: #290713) + - Remove debian/patches/05_fix_openpic_timer_test.patch, integrated + upstream. + - Remove debian/patches/02_selectable_sdl_keyboard.patch, superseded + by new keyboard implementation. (Closes: #284510, #299432) + - Remove debian/patches/01_mkcow_section_and_hyphens.patch. + - Conditionalize qemu -g option for some architectures. (Closes: #298988) + * Added new copyright year to debian/copyright. + * Added initial qemu-make-debian-root man page. (Closes: #286932) + * Fixed typos in qemu documentation. (Closes: #301933) + Thanks to A Costa . + * Added Elrond to Uploaders and packaging team. + * Use the default target list: + - Do not build qemu-fast anymore as it is deprecated upstream anyway. + (Closes: #278602, #281510) + - New targets armeb and system-x86_64. + * Updated ROM images under debian/roms/: + - OpenHackWare 0.4. + - Proll 18 with qemu specific patches. + * Remove uudecoded files from pc-bios/ on clean. + * Fix qemu-make-debian-root to behave correctly even if the needed + Recommends are not installed. + + [ Guilherme de S. Pastore ] + * Create a doc-base entry for the package (Closes: #290669) + * debian/control: + - Add debootstrap to the 'Recommends: ' line, as needed by + qemu-make-debian-root (Closes: #302848) + - Moved sharutils from dependency to recommendation, as it is only + needed by qemu-make-debian-root + * debian/docs: + - Do not include README.distrib in the binary package (Closes: #302853) + + [ Elrond ] + * Replace "libgpmg1-dev | not+linux-gnu" by "libgpmg1-dev [i386 powerpc]" + in Build-Depends. qemu should not need to build-depend on it anyway, the + real problem is described in Bug#267174. When it is solved, we can + remove our dependency. Until then please remember to add any arch, which + we will build on and that has gpm. This change hopefully calms: + + * Add versions to the dependencies on bochsbios and vgabios + (Closes: #288997): + - vgabios: Use the current version from testing/unstable (0.4c+20041014-1), + according to Frans Pop , this fixed those + "blank screen" problems. + - bochsbios: Use the current version from unstable (2.1.1+20041109-3), as + Guillem Jover fixed the networking in that version. + + -- Guillem Jover Thu, 7 Apr 2005 01:26:01 +0300 + +qemu (0.6.1-1) unstable; urgency=low + + [ Guillem Jover ] + * New upstream release. (Closes: #281626) + - Booting from drive b is not supported anymore. (Closes: #275679) + - Fix ne2k network interface that was not working in some situations. + (Closes: #281862) + - Remove debian/patches/06_build_gcc3.4.patch, fixed upstream. + - Remove debian/patches/04_lfs.patch, fixed upstream. + - Remove debian/patches/02_fix_powerpc_FTBFS.patch, fixed upstream. + - Remove debian/patches/00_escape_manpage_hyphens.patch, not needed. + - Sync debian/patches/03_use_external_bios.patch. + * Include uuencoded source for proll 18, some build fixes and its binary + proll.bin on debian/roms/. + * Suggests sudo to be used by the qemu-ifup script. + Thanks to Elrond . + * Make sudo in qemu-ifup explain what the password is for. (Closes: #281380) + * Add an option to select the method to convert keyevent to keycode + in the SDL keyboard handling code. Added support for Right Shift in the + generic handler. (Closes: #282658) + Thanks to Elrond . + * Do not set RTC frequency to 1024 or warn about this if it has already + the correct value. (Closes: #281403) + * Enabled sparc-softmmu support. + + -- Guillem Jover Sat, 27 Nov 2004 23:23:49 +0100 + +qemu (0.6.0.dfsg.2-1) unstable; urgency=low + + [ Guillem Jover ] + * Repackaged upstream source to remove external included files. + - pc-bios/ppc-rom.bin: Removed. + - pc-bios/OpenHackWare_0.3.tar.bz2: Likewise. + - pc-bios/vgabios.bin: Likewise. + - pc-bios/vgabios-cirrus.bin: Likewise. + - pc-bios/vgabios-cvs-2004-06-17.tgz: Likewise. + * Include uuencoded source for OpenHackWare 0.3.1 and its binary + ppc-rom.bin on debian/roms/. Add a Build-Depends on sharutils. + * Update tundev.c. Pass -tun-dev to qemu without the equal sign. + Thanks to Isaac Clerencia . + * Fix README.Debian to point to the renamed qemu-make-debian-root. + * Add Depends on sharutils needed by qemu-make-debian-root. + (Closes: #272130) + * Use and depend on vgabios package, which is in sync with bochsbios + that checks for rom bios checksums. (Closes: #281202) + * Enable LFS globally, thus fixing problems with qemu-mkcow when using + an existing large image. + (Closes: #279925) + * Fix openpic timer write test, catched from a warning about a constant + value larger than the type it was casted to. + * Fix build failure with gcc 3.4. Patch stolen from Gentoo BTS. + + -- Guillem Jover Mon, 15 Nov 2004 10:46:54 +0100 + +qemu (0.6.0.dfsg.1-1) unstable; urgency=high + + [ Guillem Jover ] + * Repackaged upstream source to deal with binaries w/o sources. + (Closes: #268780) + - pc-bios/bios.bin: Removed binary without source. Now using + bochsbios package. + - pc-bios/vgabios.bin: Rebuilt from vgabios cvs 2004-06-17 snapshot, + source included. + - pc-bios/vgabios-cirrus.bin: Likewise. + - pc-bios/ppc-rom.bin: Rebuilt on voltaire, source included. + - pc-bios/linux_boot.bin: Rebuilt from source. + * Move make-debian-root.sh to /usr/sbin/qemu-make-debian-root. + (Closes: #268705) + + -- Guillem Jover Mon, 13 Sep 2004 01:28:54 +0200 + +qemu (0.6.0-2) unstable; urgency=high + + [ Guilherme de S. Pastore ] + * Fixed dangling symlinks under /usr/share/man/man1. (Closes: #264764) + + [ Guillem Jover ] + * Fix FTBFS on powerpc. + - debian/patches/02_fix_powerpc_FTBFS.patch: New file. + + -- Guillem Jover Wed, 18 Aug 2004 15:50:43 +0200 + +qemu (0.6.0-1) unstable; urgency=medium + + * New maintainers. (Closes: #258900) + * New upstream release. (Closes: #258732) + - Installs ppc BIOS ROM file. (Closes: #257492) + - Builds with -fno-strict-aliasing. (Closes: #257123) + + [ Guilherme de S. Pastore ] + * debian/rules: + - Cleaned up. + - Ported to use CDBS. + * 00_escape_manpage_hyphens.patch: + - Correct a little typo and escape hyphens in upstream manpage. + * 01_mkcow_section_and_hyphens.patch: + - Fix section mismatch and escape hyphens in the qemu-mkcow manpage. + * Added simple /etc/qemu-ifup helper script. (Closes: #245281) + Thanks to Martin Michlmayr . + * Cleaned debian/watch. + * UTF-8'ed debian/changelog. + * Updated Standards-Version to 3.6.1.1. + * Removed outdated and unnecessary debian/qemu-i386.sgml. + - Removed build dependency on docbook-to-man. + * Removed "x86" part from the description (hey, qemu is not x86-only + in any way). Deserves a complete rewrite, shall be done soon. + + [ Guillem Jover ] + * Lower-case package short description. + * Added missing CPU emulations to the description. + * Cleaned and updated debian/copyright. + * Removed manually added libx11-6 dependency. + * Only Build-Depends on libgpmg1-dev on GNU/Linux systems. + * Cosmetic unification to debian/changelog. + * debian/rules: + - Remove generated files. + - Give exec perms to qemu-ifup. + + -- Guillem Jover Sun, 8 Aug 2004 17:24:08 +0200 + +qemu (0.5.5-2) unstable; urgency=low + + * Re-enable SDL disabled while I was bugchasing. (Closes: #255014) + * Yes, this is really 0.5.5. (Closes: #254655) + * Enable slirp networking. (Closes: #253573) + * Add Build-Depends on libgpmg1-dev (found by Bastian Blank, probably breaks + Hurd but that's a problem for another day). + + -- Paul Russell Thu, 24 Jun 2004 06:26:42 +0200 + +qemu (0.5.5-1) unstable; urgency=low + + * New upstream release. (Closes: #237556, #237556) + * Applied patch to add options to make_debian_root.sh. (Closes: #238787) + * Applied patch for other archs: hmmm... (Closes: #251420) + * Do umount -d in make_debian_root.sh. (Closes: #251775) + + -- Paul Russell Tue, 1 Jun 2004 03:50:05 +0200 + +qemu (0.5.4-1) unstable; urgency=low + + * New upstream release. (Closes: #246634) + * qemu-mkcow included in upstream. + * Added tundev program source in doc, to see if people find it useful. + + -- Paul Russell Mon, 3 May 2004 08:14:49 +0200 + +qemu (0.5.3-1) unstable; urgency=low + + * New upstream release. (Closes: #237556) + * Use aalib-config --static-libs. (Closes: #243325) + * Document Control-Shift to release mouse pointer. (Closes: #238074) + + -- Paul Russell Tue, 13 Apr 2004 02:58:49 +0200 + +qemu (0.5.2-4) unstable; urgency=low + + * Fix PPC install (Michel Daenzer patch). (Closes: #238431) + * Simplify deps (might be wrong, but it's neater). (Closes: #238430) + + -- Paul Russell Wed, 17 Mar 2004 01:35:47 +0100 + +qemu (0.5.2-3) unstable; urgency=low + + * Make compile on woody. (Closes: #238163) + * Include qemu-doc.html. (Closes: #238076) + * Wrote qemu-i386 man page. (Closes: #238077) + + -- Paul Russell Mon, 15 Mar 2004 23:56:25 +0100 + +qemu (0.5.2-2) unstable; urgency=low + + * Fix build problem so bios.bin etc. can be found. (Closes: #237553) + + -- Paul Russell Fri, 12 Mar 2004 05:43:00 +0100 + +qemu (0.5.2-1) unstable; urgency=low + + * Initial Release. (Closes: #187407) + + -- Paul Russell Wed, 3 Mar 2004 02:18:54 +0100 diff --git a/debian/control b/debian/control new file mode 100644 index 00000000000..28d67bead1b --- /dev/null +++ b/debian/control @@ -0,0 +1,670 @@ +# autogenerated file, please edit debian/control-in +Source: qemu +Section: otherosfs +Priority: optional +Maintainer: NVIDIA BaseOS Team +XSBC-Original-Maintainer: Debian QEMU Team +Uploaders: Michael Tokarev +Build-Depends: debhelper-compat (= 13), + python3:any, + meson (>> 0.63.0~) | meson-1.5, ninja-build, + flex, bison, +Build-Depends-Arch: +# In comments below we also specify (system-specific) arguments +# to qemu's configure script, -- optional features which depend +# on build-dependencies. + python3-venv, +# --enable-docs +# for python3-sphinx:native see #995622 + texinfo, python3-sphinx:native, python3-sphinx-rtd-theme, +# always needed + libglib2.0-dev, + zlib1g-dev, +# iasl (from acpica-tools) is used only in a single test these days, not for building +# acpica-tools, +# libcapstone is in universe in ubuntu +# --enable-linux-aio linux-any + libaio-dev [linux-any], +# libsndio is in universe in ubuntu +# --disable-sndio +# --audio-drv-list=pipewire,pa,alsa,jack,oss,sdl amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32 +##--audio-drv-list=pa,oss kfreebsd-any + libjack-dev [amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32], + libpulse-dev, + libasound2-dev [amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32], + libpipewire-0.3-dev [amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32], +# for virtfs (now in libc6) +# --enable-attr +# --enable-bpf linux-any + libbpf-dev [linux-any], +# --enable-brlapi amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32 + libbrlapi-dev [amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32], +# --enable-virtfs linux-any +# needed for virtfs +# --enable-cap-ng linux-any + libcap-ng-dev [linux-any], +# --enable-curl + libcurl4-gnutls-dev, +# --enable-fdt + libfdt-dev, +# --enable-fuse + libfuse3-dev, +# --enable-gnutls + gnutls-dev, +# --enable-gtk --enable-vte amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32 + libgtk-3-dev [amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32], + libvte-2.91-dev [amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32], +# --enable-libiscsi + libiscsi-dev, +# --enable-curses amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32 + libncurses-dev [amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32], +# --enable-virglrenderer amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32 + libvirglrenderer-dev [amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32], +# --enable-opengl amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32 + libepoxy-dev [amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32], + libdrm-dev [amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32], + libgbm-dev [amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32], +# --enable-libnfs + libnfs-dev, +# --enable-numa i386 amd64 ia64 mips mipsel mips64 mips64el powerpc powerpcspe x32 ppc64 ppc64el arm64 sparc s390x riscv64 + libnuma-dev [i386 amd64 ia64 mips mipsel mips64 mips64el powerpc powerpcspe x32 ppc64 ppc64el arm64 sparc s390x riscv64], +# --enable-smartcard + libcacard-dev, +# --enable-pixman + libpixman-1-dev, +# --enable-rbd amd64 arm64 mips64el ppc64el ppc64 riscv64 s390x sparc64 + librbd-dev [amd64 arm64 mips64el ppc64el ppc64 riscv64 s390x sparc64], +# gluster is 64bit-only: #1039604 +# --enable-glusterfs amd64 arm64 ppc64el ppc64 riscv64 mips64el s390x ia64 sparc64 + libglusterfs-dev [amd64 arm64 ppc64el ppc64 riscv64 mips64el s390x ia64 sparc64], +# --enable-vnc-sasl + libsasl2-dev, +# --enable-sdl amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32 + libsdl2-dev [amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32], +# --enable-seccomp amd64 arm64 armel armhf i386 mips64el mipsel ppc64 ppc64el powerpc riscv64 s390x x32 + libseccomp-dev [amd64 arm64 armel armhf i386 mips64el mipsel ppc64 ppc64el powerpc riscv64 s390x x32], +# --enable-slirp + libslirp-dev, +# --enable-spice amd64 arm64 armel armhf i386 mips64el mipsel ppc64el x32 + libspice-server-dev [amd64 arm64 armel armhf i386 mips64el mipsel ppc64el x32], +# --enable-rdma linux-any + librdmacm-dev [linux-any], libibverbs-dev [linux-any], libibumad-dev [linux-any], +# --enable-linux-io-uring linux-any + liburing-dev [linux-any], +# --enable-libusb linux-any + libusb-1.0-0-dev [linux-any], +# --enable-usb-redir linux-any + libusbredirparser-dev [linux-any], +# --enable-libssh + libssh-dev, +# --enable-zstd + libzstd-dev, +# vde is debian-only since ubuntu/vde2 is in universe + libxen-dev [linux-amd64], +# --enable-nettle + nettle-dev, +# other optional features we enable +# --enable-libudev +# needed for qga? + libudev-dev [linux-any], +# --enable-vnc +# --enable-vnc-jpeg + libjpeg-dev, +# --enable-png + libpng-dev, +# --enable-libpmem amd64 arm64 + libpmem-dev [amd64 arm64], +# --enable-kvm linux-any +# --enable-vhost-net linux-any # is it really linux-specific? +##--enable-lzo todo, for (memory) dumps +##--enable-netmap todo bsd +##--enable-xen-pci-passthrough todo +## auth-pam - for auth for vnc&Co using PAM +# +# the testsuite: +#XXX-cyclic-test-dep-dak-bug seabios [amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32] , +# ipxe-qemu [amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32] , +# various firmware files (kvmvapic.bin &Co), older qemu-system-data should work +#XXX-cyclic-test-dep-dak-bug qemu-system-data [amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32] , +Build-Depends-Indep: +# Firmware build dependencies disabled since we're not building firmware +# (sysdata-components commented out in debian/rules) +# pc-bios/*.dts => *.dtb (PPC firmware) + device-tree-compiler, +# gcc-s390x-linux-gnu, +# qemu-palcode/palcode-clipper +# gcc-alpha-linux-gnu, +# u-boot code +# gcc-powerpc-linux-gnu, bc, +# skiboot firmware, openbios +# gcc-powerpc64-linux-gnu, +# skiboot includes +# libssl-dev, +# openbios +# gcc-sparc64-linux-gnu, fcode-utils, xsltproc, +# hppa-firmware +# gcc-hppa-linux-gnu, +# opensbi +# gcc-riscv64-linux-gnu, +# vbootrom/npcm7xx_bootrom +# gcc-arm-none-eabi, +Build-Conflicts: oss4-dev +Standards-Version: 4.6.1 +Homepage: http://www.qemu.org/ +Rules-Requires-Root: binary-targets +XS-Debian-Vcs-Browser: https://salsa.debian.org/qemu-team/qemu +XS-Debian-Vcs-Git: https://salsa.debian.org/qemu-team/qemu.git +Vcs-Browser: https://git.launchpad.net/ubuntu/+source/qemu +Vcs-Git: https://git.launchpad.net/ubuntu/+source/qemu + +Package: qemu-system +Architecture: amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32 +Multi-Arch: foreign +Build-Profiles: +Depends: ${misc:Depends}, + qemu-system-arm, + qemu-system-mips, + qemu-system-ppc, + qemu-system-sparc, + qemu-system-x86, + qemu-system-s390x, + qemu-system-misc +Description: QEMU full system emulation binaries + QEMU is a fast processor emulator: currently the package supports Alpha, ARM, + CRIS, i386, LoongArch, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, RISC-V, + S390x, SH4, SPARC, x86-64, Xtensa and other emulations. By using dynamic + translation it achieves reasonable speed while being easy to port on new host + CPUs. + . + This metapackage provides the full system emulation binaries for all supported + targets, by depending on all per-architecture system emulation packages which + QEMU supports. + +Package: qemu-block-extra +Architecture: amd64 arm arm64 armel armhf hppa i386 ia64 kfreebsd-amd64 kfreebsd-i386 m68k mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sh4 sparc sparc64 x32 +Multi-Arch: no +Depends: ${misc:Depends}, ${shlibs:Depends}, +# we need to ensure qemu-block-extra is upgraded with qemu-system-* or qemu-utils + qemu-system-any (= ${binary:Version}) [amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32] | qemu-utils (= ${binary:Version}), +Enhances: qemu-utils, qemu-system-misc, + qemu-system-arm, qemu-system-mips, qemu-system-sparc, qemu-system-x86, +Description: extra block backend modules for qemu-system and qemu-utils + QEMU is a fast processor emulator: currently the package supports Alpha, ARM, + CRIS, i386, LoongArch, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, RISC-V, + S390x, SH4, SPARC, x86-64, Xtensa and other emulations. By using dynamic + translation it achieves reasonable speed while being easy to port on new host + CPUs. + . + This package provides extra block device backend modules for qemu-system + emulation and qemu-img from qemu-utils package, which are rarely used and + has extra dependencies. + +Package: qemu-block-supplemental +# For now, this package only ships glusterfs, which does not build in 32bit architectures +Architecture: amd64 arm64 ppc64el riscv64 s390x +Multi-Arch: no +Depends: ${misc:Depends}, ${shlibs:Depends}, +# qemu-block-extra has the run-qemu.mount unit which we need + qemu-block-extra (= ${binary:Version}), +# we need to ensure qemu-block-supplemental is upgraded with qemu-system-* or qemu-utils + qemu-system-any (= ${binary:Version}) [amd64 arm64 armhf ppc64el riscv64 s390x] | qemu-utils (= ${binary:Version}), +Enhances: qemu-utils, qemu-system-misc, + qemu-system-arm, qemu-system-mips, qemu-system-sparc, qemu-system-x86, +Breaks: qemu-block-extra (<< 1:8.2.0+ds-4ubuntu2~) +Replaces: qemu-block-extra (<< 1:8.2.0+ds-4ubuntu2) +Description: supplemental block backend modules for qemu-system and qemu-utils + QEMU is a fast processor emulator: currently the package supports Alpha, ARM, + CRIS, i386, LoongArch, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, RISC-V, + S390x, SH4, SPARC, x86-64, Xtensa and other emulations. By using dynamic + translation it achieves reasonable speed while being easy to port on new host + CPUs. + . + This package provides supplemental block device backend modules for qemu-system + emulation and qemu-img from qemu-utils package. + . + Currently, the following module is shipped in this package: block-glusterfs + +Package: qemu-system-data +Architecture: all +Multi-Arch: foreign +Conflicts: sgabios, qemu-skiboot, openbios-sparc, openbios-ppc, qemu-slof, +Replaces: sgabios, openbios-sparc, openbios-ppc, qemu-slof, + qemu-system-ppc (<< 1:6.1-4~), +Breaks: qemu-system-ppc (<< 1:6.1-4~), +Provides: qemu-keymaps, sgabios, qemu-skiboot, openbios-sparc, openbios-ppc, qemu-slof, +Depends: ${misc:Depends} +Description: QEMU full system emulation (data files) + This package provides architecture-neutral data files + (such as keyboard definitions, icons) for system-mode + QEMU emulation (qemu-system-*) packages. + +Package: qemu-system-common +Architecture: amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32 +Multi-Arch: no +Build-Profiles: +Breaks: libvirt-daemon (<< 7.2.0-1) +Depends: ${misc:Depends}, ${shlibs:Depends}, +# to fix wrong acl for newly created device node on ubuntu: + acl +Description: QEMU full system emulation binaries (common files) + QEMU is a fast processor emulator: currently the package supports Alpha, ARM, + CRIS, i386, LoongArch, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, RISC-V, + S390x, SH4, SPARC, x86-64, Xtensa and other emulations. By using dynamic + translation it achieves reasonable speed while being easy to port on new host + CPUs. + . + This package provides common files needed for target-specific + full system emulation (qemu-system-*) packages. + +Package: qemu-system-gui +Architecture: amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32 +#XXX M-A: same does not really work for now due to /usr/lib/qemu/vhost-user-gpu +#XXX we'll deal with this if some actual need arises, +#XXX by moving that binary back to q-s-common or packaging it separately +#Multi-Arch: same +Depends: ${misc:Depends}, ${shlibs:Depends}, +# ui-* depends on ui-opengl + qemu-system-modules-opengl (= ${binary:Version}), +# we need to ensure qemu-system-gui is upgraded with qemu-system-* + qemu-system-any (= ${binary:Version}), +# libgl1 is dynamically loaded by sdl display code + libgl1, +# we moved vhost-user-gpu files here from qemu-system-common at 6.1-4 +Replaces: qemu-system-common (<< 1:6.1+dfsg-4~) +Description: QEMU full system emulation binaries (graphical display and audio modules) + This package provides optional graphical guest display modules (currently GTK + and SDL) and audio backend modules for full system emulation (qemu-system-*) + packages. + . + This package is not a management/control/GUI interface for qemu, use something + else (like virt-manager) for that. + +Package: qemu-system-modules-spice +Architecture: amd64 arm64 armel armhf i386 mips64el mipsel ppc64el x32 +Build-Profiles: +Depends: ${misc:Depends}, ${shlibs:Depends}, +# spice modules depends on ui-opengl + qemu-system-modules-opengl (= ${binary:Version}), +# we need to ensure qemu-system-modules-spice is upgraded with qemu-system-* + qemu-system-any (= ${binary:Version}), +Replaces: qemu-system-common (<< 1:8.1.0+ds-1~exp2~) +Breaks: qemu-system-common (<< 1:8.1.0+ds-1~exp2~) +Description: QEMU full system emulation binaries (spice display modules) + This package provides optional spice display (qxl and spice-app) and audio + support modules for QEMU full system emulation (qemu-system-*) packages. + +Package: qemu-system-modules-opengl +Architecture: amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32 +Build-Profiles: +Depends: ${misc:Depends}, ${shlibs:Depends}, +# we need to ensure qemu-system-modules-opengl is upgraded when qemu-system is upgraded + qemu-system-any (= ${binary:Version}), +Replaces: qemu-system-common (<< 1:8.1.0+ds-1~exp2~), qemu-system-gui (<< 1:8.1.0+ds-1~exp2~) +Breaks: qemu-system-common (<< 1:8.1.0+ds-1~exp2~), qemu-system-gui (<< 1:8.1.0+ds-1~exp2~) +Description: QEMU full system emulation binaries (OpenGL display modules) + This package provides optional OpenGL display support modules for QEMU full + system emulation (qemu-system-*) packages. It also provides dbus display type. + +Package: qemu-system-misc +Architecture: amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32 +Multi-Arch: foreign +Build-Profiles: +Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (= ${binary:Version}), qemu-system-data (>> ${source:Upstream-Version}~), +Recommends: qemu-utils, +# alpha uses vgabios +# alpha m68k sh4 uses bootroms + seabios, + ipxe-qemu, + qemu-system-gui (= ${binary:Version}), + qemu-system-modules-spice (= ${binary:Version}) [amd64 arm64 armel armhf i386 mips64el mipsel ppc64el x32], + qemu-system-modules-opengl (= ${binary:Version}), + qemu-block-extra (= ${binary:Version}), +Suggests: samba, vde2, +Provides: ${qemu:Provides} +Description: QEMU full system emulation binaries (miscellaneous) + QEMU is a fast processor emulator: currently the package supports Alpha, ARM, + CRIS, i386, LoongArch, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, RISC-V, + S390x, SH4, SPARC, x86-64, Xtensa and other emulations. By using dynamic + translation it achieves reasonable speed while being easy to port on new host + CPUs. + . + This package provides the full system emulation binaries to emulate + various other hardware which did not made into separate packages. + Emulators for the following architectures are provided: + ${qemu:archlist}. + . + In system emulation mode QEMU emulates a full system, including a processor + and various peripherals. It enables easier testing and debugging of system + code. It can also be used to provide virtual hosting of several virtual + machines on a single server. + +Package: qemu-system-arm +Architecture: amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32 +Multi-Arch: foreign +Build-Profiles: +Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (= ${binary:Version}), qemu-system-data (>> ${source:Upstream-Version}~), +Recommends: qemu-utils, +# aarch64 arm uses bootroms + ipxe-qemu, + ipxe-qemu-256k-compat-efi-roms, + qemu-efi-aarch64, qemu-efi-arm, + qemu-system-gui (= ${binary:Version}), + qemu-system-modules-spice (= ${binary:Version}) [amd64 arm64 armel armhf i386 mips64el mipsel ppc64el x32], + qemu-system-modules-opengl (= ${binary:Version}), + qemu-block-extra (= ${binary:Version}), +Suggests: samba, vde2, +Provides: ${qemu:Provides} +Description: QEMU full system emulation binaries (arm) + QEMU is a fast processor emulator: currently the package supports + ARM emulation. By using dynamic translation it achieves + reasonable speed while being easy to port on new host CPUs. + . + This package provides the full system emulation binaries to emulate + the following arm hardware: ${qemu:archlist}. + . + In system emulation mode QEMU emulates a full system, including a processor + and various peripherals. It enables easier testing and debugging of system + code. It can also be used to provide virtual hosting of several virtual + machines on a single server. + +Package: qemu-system-mips +Architecture: amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32 +Multi-Arch: foreign +Build-Profiles: +Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (= ${binary:Version}), qemu-system-data (>> ${source:Upstream-Version}~), +Recommends: qemu-utils, +# all mips targets uses vgabios and bootroms + seabios, + ipxe-qemu, + qemu-system-gui (= ${binary:Version}), + qemu-system-modules-spice (= ${binary:Version}) [amd64 arm64 armel armhf i386 mips64el mipsel ppc64el x32], + qemu-system-modules-opengl (= ${binary:Version}), + qemu-block-extra (= ${binary:Version}), +Suggests: samba, vde2, +Provides: ${qemu:Provides} +Description: QEMU full system emulation binaries (mips) + QEMU is a fast processor emulator: currently the package supports + MIPS emulation. By using dynamic translation it achieves + reasonable speed while being easy to port on new host CPUs. + . + This package provides the full system emulation binaries to emulate + the following mips hardware: ${qemu:archlist}. + . + In system emulation mode QEMU emulates a full system, including a processor + and various peripherals. It enables easier testing and debugging of system + code. It can also be used to provide virtual hosting of several virtual + machines on a single server. + +Package: qemu-system-ppc +Architecture: amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32 +Multi-Arch: foreign +Build-Profiles: +Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (= ${binary:Version}), qemu-system-data (>> ${source:Upstream-Version}~), +Recommends: qemu-utils, + ipxe-qemu-256k-compat-efi-roms, +# ppc targets use vgabios-stdvga and bootroms + seabios, + ipxe-qemu, + qemu-system-gui (= ${binary:Version}), + qemu-system-modules-spice (= ${binary:Version}) [amd64 arm64 armel armhf i386 mips64el mipsel ppc64el x32], + qemu-system-modules-opengl (= ${binary:Version}), + qemu-block-extra (= ${binary:Version}), +Suggests: samba, vde2, +Provides: ${qemu:Provides} +Description: QEMU full system emulation binaries (ppc) + QEMU is a fast processor emulator: currently the package supports + PowerPC emulation. By using dynamic translation it achieves + reasonable speed while being easy to port on new host CPUs. + . + This package provides the full system emulation binaries to emulate + the following PowerPC hardware: ${qemu:archlist}. + . + In system emulation mode QEMU emulates a full system, including a processor + and various peripherals. It enables easier testing and debugging of system + code. It can also be used to provide virtual hosting of several virtual + machines on a single server. + +Package: qemu-system-sparc +Architecture: amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32 +Multi-Arch: foreign +Build-Profiles: +Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (= ${binary:Version}), qemu-system-data (>> ${source:Upstream-Version}~), +Recommends: qemu-utils, +# sparc64 uses vgabios-stdvga and bootroms + seabios, + ipxe-qemu, + qemu-system-gui (= ${binary:Version}), + qemu-system-modules-spice (= ${binary:Version}) [amd64 arm64 armel armhf i386 mips64el mipsel ppc64el x32], + qemu-system-modules-opengl (= ${binary:Version}), + qemu-block-extra (= ${binary:Version}), +Suggests: samba, vde2, +Provides: ${qemu:Provides} +Description: QEMU full system emulation binaries (sparc) + QEMU is a fast processor emulator: currently the package supports + SPARC emulation. By using dynamic translation it achieves + reasonable speed while being easy to port on new host CPUs. + . + This package provides the full system emulation binaries to emulate + the following sparc hardware: ${qemu:archlist}. + . + In system emulation mode QEMU emulates a full system, including a processor + and various peripherals. It enables easier testing and debugging of system + code. It can also be used to provide virtual hosting of several virtual + machines on a single server. + +Package: qemu-system-s390x +Architecture: amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32 +Multi-Arch: foreign +Build-Profiles: +Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (= ${binary:Version}), qemu-system-data (>> ${source:Upstream-Version}~), +Recommends: qemu-utils, + qemu-system-gui (= ${binary:Version}), + qemu-system-modules-spice (= ${binary:Version}) [amd64 arm64 armel armhf i386 mips64el mipsel ppc64el x32], + qemu-system-modules-opengl (= ${binary:Version}), + qemu-block-extra (= ${binary:Version}), +Provides: ${qemu:Provides} +Description: QEMU full system emulation binaries (s390x) + QEMU is a fast processor emulator: currently the package supports + s390x emulation. By using dynamic translation it achieves reasonable + speed while being easy to port on new host CPUs. + . + This package provides the full system emulation binaries to emulate + the following s390x hardware: ${qemu:archlist}. + . + In system emulation mode QEMU emulates a full system, including a processor + and various peripherals. It enables easier testing and debugging of system + code. It can also be used to provide virtual hosting of several virtual + machines on a single server. + +# xen support generally is disabled on ubuntu, for a while we used +# an extra build with xen enabled. In the meantime Debian followed that +# approach but with a different name, so add a transitional until +# after 24.04 +Package: qemu-system-x86-xen +Architecture: amd64 +Multi-Arch: foreign +Section: oldlibs +Depends: qemu-system-xen (>= 1:7.0+dfsg-7ubuntu1), ${misc:Depends} +Description: QEMU full system emulation binaries (x86) + The former qemu-system-x86-xen binaries are now in qemu-system-xen. + . + This is a transitional package. You can safely remove it. + +Package: qemu-system-x86 +Architecture: amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32 +Multi-Arch: foreign +Build-Profiles: +Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (= ${binary:Version}), qemu-system-data (>> ${source:Upstream-Version}~), + seabios (>> 1.16.3-1~), + ipxe-qemu, +Recommends: qemu-utils, + ipxe-qemu-256k-compat-efi-roms, + ovmf, + qemu-system-gui (= ${binary:Version}), + qemu-system-modules-spice (= ${binary:Version}) [amd64 arm64 armel armhf i386 mips64el mipsel ppc64el x32], + qemu-system-modules-opengl (= ${binary:Version}), + qemu-block-extra (= ${binary:Version}), + cpu-checker, +Suggests: samba, vde2, +Provides: ${qemu:Provides} +Description: QEMU full system emulation binaries (x86) + QEMU is a fast processor emulator: currently the package supports + i386 and x86-64 emulation. By using dynamic translation it achieves + reasonable speed while being easy to port on new host CPUs. + . + This package provides the full system emulation binaries to emulate + the following x86 hardware: ${qemu:archlist}. + . + In system emulation mode QEMU emulates a full system, including a processor + and various peripherals. It enables easier testing and debugging of system + code. It can also be used to provide virtual hosting of several virtual + machines on a single server. + . + On x86 host hardware this package also enables KVM kernel virtual machine + usage on systems which supports it. + +Package: qemu-system-xen +Architecture: amd64 +Multi-Arch: no +Build-Profiles: +# do we really need qemu-system-data? keymaps only? +Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-data (>> ${source:Upstream-Version}~), + seabios +Recommends: qemu-utils, + ovmf, +# For the transition from the former qemu-system-x86-xen name +Breaks: qemu-system-x86-xen (<<1:7.0+dfsg-7ubuntu1) +Replaces: qemu-system-x86-xen (<<1:7.0+dfsg-7ubuntu1) +Provides: qemu-system-x86-xen +Description: QEMU full system emulation (Xen helper package) + This package provides the i386 system emulation binary to work + together with the Xen hypervisor for some types of DomUs. + This package is not useful by its own. + +Package: qemu-user +Architecture: amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel ppc64 ppc64el riscv64 s390x sparc sparc64 x32 +Multi-Arch: foreign +Build-Profiles: +Depends: ${shlibs:Depends}, ${misc:Depends} +Recommends: qemu-user-binfmt +Description: QEMU user mode emulation binaries + QEMU is a fast processor emulator: currently the package supports Alpha, ARM, + CRIS, i386, LoongArch, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, RISC-V, + S390x, SH4, SPARC, x86-64, Xtensa and other emulations. By using dynamic + translation it achieves reasonable speed while being easy to port on new host + CPUs. + . + This package provides the user mode emulation binaries. In this mode + QEMU can launch Linux processes compiled for one CPU on another CPU. + . + If qemu-user-binfmt package is also installed, it will register binary + format handlers from this qemu-user package with the kernel so it will + be possible to run foreign binaries directly. However, this might not + be suitable for using inside foreign chroots, in which case it is + possible to use qemu-user-static package instead of qemu-user-binmft, -- + qemu-user-static will register statically linked binfmt handlers instead. + +Package: qemu-user-static +Architecture: amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel ppc64 ppc64el riscv64 s390x sparc sparc64 x32 +Built-Using: ${built-using} +Multi-Arch: foreign +Build-Profiles: +Depends: ${misc:Depends} +# Recommend systemd for binfmt-misc registration +Recommends: systemd +Provides: qemu-user-binfmt +Conflicts: qemu-user-binfmt +Description: QEMU user mode emulation binaries (static version) + QEMU is a fast processor emulator: currently the package supports Alpha, ARM, + CRIS, i386, LoongArch, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, RISC-V, + S390x, SH4, SPARC, x86-64, Xtensa and other emulations. By using dynamic + translation it achieves reasonable speed while being easy to port on new host + CPUs. + . + This package provides the user mode emulation binaries, built + statically. In this mode QEMU can launch Linux processes compiled for + one CPU on another CPU. + . + qemu-user-static package will register binary formats which the provided + emulators can handle, so that it will be possible to run foreign binaries + directly. + +Package: qemu-user-binfmt +Architecture: amd64 arm arm64 armel armhf i386 mips mips64 mips64el mipsel ppc64 ppc64el riscv64 s390x sparc sparc64 x32 +Multi-Arch: foreign +Build-Profiles: +Depends: ${misc:Depends}, qemu-user (= ${binary:Version}) +# Recommend systemd for binfmt-misc registration +Recommends: systemd +Conflicts: qemu-user-static +Description: QEMU user mode binfmt registration for qemu-user + QEMU is a fast processor emulator: currently the package supports Alpha, ARM, + CRIS, i386, LoongArch, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, RISC-V, + S390x, SH4, SPARC, x86-64, Xtensa and other emulations. By using dynamic + translation it achieves reasonable speed while being easy to port on new host + CPUs. + . + This package provides binfmt support registration for the user mode + emulation binaries from qemu-user. This is an empty package, it does + not contain any additional files, only registration scripts which run + at install and remove times. + +Package: qemu-utils +Architecture: amd64 arm arm64 armel armhf hppa i386 ia64 kfreebsd-amd64 kfreebsd-i386 m68k mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sh4 sparc sparc64 x32 +Multi-Arch: foreign +Depends: ${shlibs:Depends}, ${misc:Depends}, +Recommends: + qemu-block-extra (= ${binary:Version}), +Replaces: +# qemu-storage-daemon and qemu-block-driver.7 has been moved from q-s-c. + qemu-system-common (<< 1:8.0+dfsg-5~), +Breaks: + qemu-system-common (<< 1:8.0+dfsg-5~), +Description: QEMU utilities + QEMU is a fast processor emulator: currently the package supports Alpha, ARM, + CRIS, i386, LoongArch, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, RISC-V, + S390x, SH4, SPARC, x86-64, Xtensa and other emulations. By using dynamic + translation it achieves reasonable speed while being easy to port on new host + CPUs. + . + This package provides QEMU related utilities: + * qemu-img: QEMU disk image utility + * qemu-io: QEMU disk exerciser + * qemu-nbd: QEMU disk network block device server + +Package: qemu-guest-agent +Architecture: any +Multi-Arch: foreign +Depends: ${shlibs:Depends}, ${misc:Depends} +Pre-Depends: ${misc:Pre-Depends} +Description: Guest-side qemu-system agent + QEMU is a fast processor emulator: currently the package supports Alpha, ARM, + CRIS, i386, LoongArch, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, RISC-V, + S390x, SH4, SPARC, x86-64, Xtensa and other emulations. By using dynamic + translation it achieves reasonable speed while being easy to port on new host + CPUs. + . + This package provides a daemon (agent) to run inside qemu-system + guests (full system emulation). It communicates with the host using + a virtio-serial channel org.qemu.guest_agent.0, and allows one to perform + some functions in the guest from the host, including: + - querying and setting guest system time + - performing guest filesystem sync operation + - initiating guest shutdown or suspend to ram + - accessing guest files + - freezing/thawing guest filesystem operations + - others. + . + Install this package on a system which is running as guest inside + qemu virtual machine. It is not used on the host. + +#Package: qemu-system-for-host +## This is actually all architectures for which qemu-system (softmmu) target is implemented +#Architecture: any +#Multi-Arch: same +#Depends: ${qemu:for-host} (=${binary:Version}) +#Description: QEMU full system emulation (dependency-only package for the host architecture) +# This package pulls one of qemu-system-* subpackages which contains +# qemu-system-${}{DEB_HOST_ARCH_CPU} binary specific for the host +# architecture. This one depends on ${qemu:for-host}. +# diff --git a/debian/control-in b/debian/control-in new file mode 100644 index 00000000000..6785d4076e8 --- /dev/null +++ b/debian/control-in @@ -0,0 +1,676 @@ +Source: qemu +Section: otherosfs +Priority: optional +:debian:Maintainer: Debian QEMU Team +:ubuntu:Maintainer: Ubuntu Developers +:ubuntu:XSBC-Original-Maintainer: Debian QEMU Team +Uploaders: Michael Tokarev +Build-Depends: debhelper-compat (= 13), + python3:any, + python3-venv, + meson (>> 0.63.0~) | meson-1.5, ninja-build, + flex, bison, +Build-Depends-Arch: +# In comments below we also specify (system-specific) arguments +# to qemu's configure script, -- optional features which depend +# on build-dependencies. +# --enable-docs +# for python3-sphinx:native see #995622 + texinfo, python3-sphinx:native, python3-sphinx-rtd-theme, +# always needed + libglib2.0-dev, + zlib1g-dev, +# iasl (from acpica-tools) is used only in a single test these days, not for building +# acpica-tools, +# libcapstone is in universe in ubuntu +:debian:# --enable-capstone +:debian: libcapstone-dev, +# --enable-linux-aio linux-any + libaio-dev [linux-any], +# libsndio is in universe in ubuntu +# --disable-sndio +# --audio-drv-list=pipewire,pa,alsa,jack,oss,sdl :system-arch-linux: +##--audio-drv-list=pa,oss kfreebsd-any + libjack-dev [:system-arch-linux:], + libpulse-dev, + libasound2-dev [:system-arch-linux:], + libpipewire-0.3-dev [:system-arch-linux:], +# for virtfs (now in libc6) +# --enable-attr +# --enable-bpf linux-any + libbpf-dev [linux-any], +# --enable-brlapi :system-arch: + libbrlapi-dev [:system-arch:], +# --enable-virtfs linux-any +# needed for virtfs +# --enable-cap-ng linux-any + libcap-ng-dev [linux-any], +# --enable-curl + libcurl4-gnutls-dev, +# --enable-fdt + libfdt-dev, +# --enable-fuse + libfuse3-dev, +# --enable-gnutls + gnutls-dev, +# --enable-gtk --enable-vte :system-arch: + libgtk-3-dev [:system-arch:], + libvte-2.91-dev [:system-arch:], +# --enable-libiscsi + libiscsi-dev, +# --enable-curses :system-arch: + libncurses-dev [:system-arch:], +# --enable-virglrenderer :system-arch-linux: + libvirglrenderer-dev [:system-arch-linux:], +# --enable-opengl :system-arch-linux: + libepoxy-dev [:system-arch-linux:], + libdrm-dev [:system-arch-linux:], + libgbm-dev [:system-arch-linux:], +# --enable-libnfs + libnfs-dev, +# --enable-numa i386 amd64 ia64 mips mipsel mips64 mips64el powerpc powerpcspe x32 ppc64 ppc64el arm64 sparc s390x riscv64 + libnuma-dev [i386 amd64 ia64 mips mipsel mips64 mips64el powerpc powerpcspe x32 ppc64 ppc64el arm64 sparc s390x riscv64], +# --enable-smartcard + libcacard-dev, +# --enable-pixman + libpixman-1-dev, +# --enable-rbd amd64 arm64 mips64el ppc64el ppc64 riscv64 s390x sparc64 + librbd-dev [amd64 arm64 mips64el ppc64el ppc64 riscv64 s390x sparc64], +# gluster is 64bit-only: #1039604 +# --enable-glusterfs amd64 arm64 ppc64el ppc64 riscv64 mips64el s390x ia64 sparc64 + libglusterfs-dev [amd64 arm64 ppc64el ppc64 riscv64 mips64el s390x ia64 sparc64], +# --enable-vnc-sasl + libsasl2-dev, +# --enable-sdl :system-arch: + libsdl2-dev [:system-arch:], +# --enable-seccomp amd64 arm64 armel armhf i386 mips64el mipsel ppc64 ppc64el powerpc riscv64 s390x x32 + libseccomp-dev [amd64 arm64 armel armhf i386 mips64el mipsel ppc64 ppc64el powerpc riscv64 s390x x32], +# --enable-slirp + libslirp-dev, +# --enable-spice :spice-arch: + libspice-server-dev [:spice-arch:], +# --enable-rdma linux-any + librdmacm-dev [linux-any], libibverbs-dev [linux-any], libibumad-dev [linux-any], +# --enable-linux-io-uring linux-any + liburing-dev [linux-any], +# --enable-libusb linux-any + libusb-1.0-0-dev [linux-any], +# --enable-usb-redir linux-any + libusbredirparser-dev [linux-any], +# --enable-libssh + libssh-dev, +# --enable-zstd + libzstd-dev, +# vde is debian-only since ubuntu/vde2 is in universe +:debian:# --enable-vde +:debian: libvdeplug-dev, + libxen-dev [linux-amd64], +# --enable-nettle + nettle-dev, +# other optional features we enable +# --enable-libudev +# needed for qga? + libudev-dev [linux-any], +# --enable-vnc +# --enable-vnc-jpeg + libjpeg-dev, +# --enable-png + libpng-dev, +# --enable-libpmem amd64 arm64 + libpmem-dev [amd64 arm64], +# --enable-kvm linux-any +# --enable-vhost-net linux-any # is it really linux-specific? +##--enable-lzo todo, for (memory) dumps +##--enable-netmap todo bsd +##--enable-xen-pci-passthrough todo +## auth-pam - for auth for vnc&Co using PAM +# +# the testsuite: +#XXX-cyclic-test-dep-dak-bug seabios [:system-arch-linux:] , +# ipxe-qemu [:system-arch-linux:] , +# various firmware files (kvmvapic.bin &Co), older qemu-system-data should work +#XXX-cyclic-test-dep-dak-bug qemu-system-data [:system-arch-linux:] , +Build-Depends-Indep: +# Firmware build dependencies disabled since we're not building firmware +# (sysdata-components commented out in debian/rules) +# pc-bios/*.dts => *.dtb (PPC firmware) + device-tree-compiler, +# gcc-s390x-linux-gnu, +# qemu-palcode/palcode-clipper +# gcc-alpha-linux-gnu, +# u-boot code +# gcc-powerpc-linux-gnu, bc, +# skiboot firmware, openbios +# gcc-powerpc64-linux-gnu, +# skiboot includes +# libssl-dev, +# openbios +# gcc-sparc64-linux-gnu, fcode-utils, xsltproc, +# hppa-firmware +# gcc-hppa-linux-gnu, +# opensbi +# gcc-riscv64-linux-gnu, +# vbootrom/npcm7xx_bootrom +# gcc-arm-none-eabi, +Build-Conflicts: oss4-dev +Standards-Version: 4.6.1 +Homepage: http://www.qemu.org/ +Rules-Requires-Root: binary-targets +:debian:Vcs-Browser: https://salsa.debian.org/qemu-team/qemu +:debian:Vcs-Git: https://salsa.debian.org/qemu-team/qemu.git +:ubuntu:XS-Debian-Vcs-Browser: https://salsa.debian.org/qemu-team/qemu +:ubuntu:XS-Debian-Vcs-Git: https://salsa.debian.org/qemu-team/qemu.git +:ubuntu:Vcs-Browser: https://git.launchpad.net/ubuntu/+source/qemu +:ubuntu:Vcs-Git: https://git.launchpad.net/ubuntu/+source/qemu + +Package: qemu-system +Architecture: :system-arch: +Multi-Arch: foreign +Build-Profiles: +Depends: ${misc:Depends}, + qemu-system-arm, + qemu-system-mips, + qemu-system-ppc, + qemu-system-sparc, + qemu-system-x86, +:ubuntu: qemu-system-s390x, + qemu-system-misc +Description: QEMU full system emulation binaries + QEMU is a fast processor emulator: currently the package supports Alpha, ARM, + CRIS, i386, LoongArch, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, RISC-V, + S390x, SH4, SPARC, x86-64, Xtensa and other emulations. By using dynamic + translation it achieves reasonable speed while being easy to port on new host + CPUs. + . + This metapackage provides the full system emulation binaries for all supported + targets, by depending on all per-architecture system emulation packages which + QEMU supports. + +Package: qemu-block-extra +Architecture: :utils-arch: +Multi-Arch: no +Depends: ${misc:Depends}, ${shlibs:Depends}, +# we need to ensure qemu-block-extra is upgraded with qemu-system-* or qemu-utils + qemu-system-any (= ${binary:Version}) [:system-arch:] | qemu-utils (= ${binary:Version}), +Enhances: qemu-utils, qemu-system-misc, + qemu-system-arm, qemu-system-mips, qemu-system-sparc, qemu-system-x86, +Description: extra block backend modules for qemu-system and qemu-utils + QEMU is a fast processor emulator: currently the package supports Alpha, ARM, + CRIS, i386, LoongArch, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, RISC-V, + S390x, SH4, SPARC, x86-64, Xtensa and other emulations. By using dynamic + translation it achieves reasonable speed while being easy to port on new host + CPUs. + . + This package provides extra block device backend modules for qemu-system + emulation and qemu-img from qemu-utils package, which are rarely used and + has extra dependencies. +:ubuntu: +:ubuntu:Package: qemu-block-supplemental +:ubuntu:# For now, this package only ships glusterfs, which does not build in 32bit architectures +:ubuntu:Architecture: amd64 arm64 ppc64el riscv64 s390x +:ubuntu:Multi-Arch: no +:ubuntu:Depends: ${misc:Depends}, ${shlibs:Depends}, +:ubuntu:# qemu-block-extra has the run-qemu.mount unit which we need +:ubuntu: qemu-block-extra (= ${binary:Version}), +:ubuntu:# we need to ensure qemu-block-supplemental is upgraded with qemu-system-* or qemu-utils +:ubuntu: qemu-system-any (= ${binary:Version}) [amd64 arm64 armhf ppc64el riscv64 s390x] | qemu-utils (= ${binary:Version}), +:ubuntu:Enhances: qemu-utils, qemu-system-misc, +:ubuntu: qemu-system-arm, qemu-system-mips, qemu-system-sparc, qemu-system-x86, +:ubuntu:Breaks: qemu-block-extra (<< 1:8.2.0+ds-4ubuntu2~) +:ubuntu:Replaces: qemu-block-extra (<< 1:8.2.0+ds-4ubuntu2) +:ubuntu:Description: supplemental block backend modules for qemu-system and qemu-utils +:ubuntu: QEMU is a fast processor emulator: currently the package supports Alpha, ARM, +:ubuntu: CRIS, i386, LoongArch, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, RISC-V, +:ubuntu: S390x, SH4, SPARC, x86-64, Xtensa and other emulations. By using dynamic +:ubuntu: translation it achieves reasonable speed while being easy to port on new host +:ubuntu: CPUs. +:ubuntu: . +:ubuntu: This package provides supplemental block device backend modules for qemu-system +:ubuntu: emulation and qemu-img from qemu-utils package. +:ubuntu: . +:ubuntu: Currently, the following module is shipped in this package: block-glusterfs + +Package: qemu-system-data +Architecture: all +Multi-Arch: foreign +Conflicts: sgabios, qemu-skiboot, openbios-sparc, openbios-ppc, qemu-slof, +Replaces: sgabios, openbios-sparc, openbios-ppc, qemu-slof, + qemu-system-ppc (<< 1:6.1-4~), +Breaks: qemu-system-ppc (<< 1:6.1-4~), +Provides: qemu-keymaps, sgabios, qemu-skiboot, openbios-sparc, openbios-ppc, qemu-slof, +Depends: ${misc:Depends} +Description: QEMU full system emulation (data files) + This package provides architecture-neutral data files + (such as keyboard definitions, icons) for system-mode + QEMU emulation (qemu-system-*) packages. + +Package: qemu-system-common +Architecture: :system-arch: +Multi-Arch: no +Build-Profiles: +Breaks: libvirt-daemon (<< 7.2.0-1) +Depends: ${misc:Depends}, ${shlibs:Depends}, +# to fix wrong acl for newly created device node on ubuntu: +:ubuntu: acl +Description: QEMU full system emulation binaries (common files) + QEMU is a fast processor emulator: currently the package supports Alpha, ARM, + CRIS, i386, LoongArch, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, RISC-V, + S390x, SH4, SPARC, x86-64, Xtensa and other emulations. By using dynamic + translation it achieves reasonable speed while being easy to port on new host + CPUs. + . + This package provides common files needed for target-specific + full system emulation (qemu-system-*) packages. + +Package: qemu-system-gui +Architecture: :system-arch: +#XXX M-A: same does not really work for now due to /usr/lib/qemu/vhost-user-gpu +#XXX we'll deal with this if some actual need arises, +#XXX by moving that binary back to q-s-common or packaging it separately +#Multi-Arch: same +Depends: ${misc:Depends}, ${shlibs:Depends}, +# ui-* depends on ui-opengl + qemu-system-modules-opengl (= ${binary:Version}), +# we need to ensure qemu-system-gui is upgraded with qemu-system-* + qemu-system-any (= ${binary:Version}), +# libgl1 is dynamically loaded by sdl display code + libgl1, +# we moved vhost-user-gpu files here from qemu-system-common at 6.1-4 +Replaces: qemu-system-common (<< 1:6.1+dfsg-4~) +Description: QEMU full system emulation binaries (graphical display and audio modules) + This package provides optional graphical guest display modules (currently GTK + and SDL) and audio backend modules for full system emulation (qemu-system-*) + packages. + . + This package is not a management/control/GUI interface for qemu, use something + else (like virt-manager) for that. + +Package: qemu-system-modules-spice +Architecture: :spice-arch: +Build-Profiles: +Depends: ${misc:Depends}, ${shlibs:Depends}, +# spice modules depends on ui-opengl + qemu-system-modules-opengl (= ${binary:Version}), +# we need to ensure qemu-system-modules-spice is upgraded with qemu-system-* + qemu-system-any (= ${binary:Version}), +Replaces: qemu-system-common (<< 1:8.1.0+ds-1~exp2~) +Breaks: qemu-system-common (<< 1:8.1.0+ds-1~exp2~) +Description: QEMU full system emulation binaries (spice display modules) + This package provides optional spice display (qxl and spice-app) and audio + support modules for QEMU full system emulation (qemu-system-*) packages. + +Package: qemu-system-modules-opengl +Architecture: :system-arch: +Build-Profiles: +Depends: ${misc:Depends}, ${shlibs:Depends}, +# we need to ensure qemu-system-modules-opengl is upgraded when qemu-system is upgraded + qemu-system-any (= ${binary:Version}), +Replaces: qemu-system-common (<< 1:8.1.0+ds-1~exp2~), qemu-system-gui (<< 1:8.1.0+ds-1~exp2~) +Breaks: qemu-system-common (<< 1:8.1.0+ds-1~exp2~), qemu-system-gui (<< 1:8.1.0+ds-1~exp2~) +Description: QEMU full system emulation binaries (OpenGL display modules) + This package provides optional OpenGL display support modules for QEMU full + system emulation (qemu-system-*) packages. It also provides dbus display type. + +Package: qemu-system-misc +Architecture: :system-arch: +Multi-Arch: foreign +Build-Profiles: +Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (= ${binary:Version}), qemu-system-data (>> ${source:Upstream-Version}~), +Recommends: qemu-utils, +# alpha uses vgabios +# alpha m68k sh4 uses bootroms + seabios, + ipxe-qemu, + qemu-system-gui (= ${binary:Version}), + qemu-system-modules-spice (= ${binary:Version}) [:spice-arch:], + qemu-system-modules-opengl (= ${binary:Version}), + qemu-block-extra (= ${binary:Version}), +Suggests: samba, vde2, +Provides: ${qemu:Provides} +Description: QEMU full system emulation binaries (miscellaneous) + QEMU is a fast processor emulator: currently the package supports Alpha, ARM, + CRIS, i386, LoongArch, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, RISC-V, + S390x, SH4, SPARC, x86-64, Xtensa and other emulations. By using dynamic + translation it achieves reasonable speed while being easy to port on new host + CPUs. + . + This package provides the full system emulation binaries to emulate + various other hardware which did not made into separate packages. + Emulators for the following architectures are provided: + ${qemu:archlist}. + . + In system emulation mode QEMU emulates a full system, including a processor + and various peripherals. It enables easier testing and debugging of system + code. It can also be used to provide virtual hosting of several virtual + machines on a single server. + +Package: qemu-system-arm +Architecture: :system-arch: +Multi-Arch: foreign +Build-Profiles: +Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (= ${binary:Version}), qemu-system-data (>> ${source:Upstream-Version}~), +Recommends: qemu-utils, +# aarch64 arm uses bootroms + ipxe-qemu, +:ubuntu: ipxe-qemu-256k-compat-efi-roms, + qemu-efi-aarch64, qemu-efi-arm, + qemu-system-gui (= ${binary:Version}), + qemu-system-modules-spice (= ${binary:Version}) [:spice-arch:], + qemu-system-modules-opengl (= ${binary:Version}), + qemu-block-extra (= ${binary:Version}), +Suggests: samba, vde2, +Provides: ${qemu:Provides} +Description: QEMU full system emulation binaries (arm) + QEMU is a fast processor emulator: currently the package supports + ARM emulation. By using dynamic translation it achieves + reasonable speed while being easy to port on new host CPUs. + . + This package provides the full system emulation binaries to emulate + the following arm hardware: ${qemu:archlist}. + . + In system emulation mode QEMU emulates a full system, including a processor + and various peripherals. It enables easier testing and debugging of system + code. It can also be used to provide virtual hosting of several virtual + machines on a single server. + +Package: qemu-system-mips +Architecture: :system-arch: +Multi-Arch: foreign +Build-Profiles: +Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (= ${binary:Version}), qemu-system-data (>> ${source:Upstream-Version}~), +Recommends: qemu-utils, +# all mips targets uses vgabios and bootroms + seabios, + ipxe-qemu, + qemu-system-gui (= ${binary:Version}), + qemu-system-modules-spice (= ${binary:Version}) [:spice-arch:], + qemu-system-modules-opengl (= ${binary:Version}), + qemu-block-extra (= ${binary:Version}), +Suggests: samba, vde2, +Provides: ${qemu:Provides} +Description: QEMU full system emulation binaries (mips) + QEMU is a fast processor emulator: currently the package supports + MIPS emulation. By using dynamic translation it achieves + reasonable speed while being easy to port on new host CPUs. + . + This package provides the full system emulation binaries to emulate + the following mips hardware: ${qemu:archlist}. + . + In system emulation mode QEMU emulates a full system, including a processor + and various peripherals. It enables easier testing and debugging of system + code. It can also be used to provide virtual hosting of several virtual + machines on a single server. + +Package: qemu-system-ppc +Architecture: :system-arch: +Multi-Arch: foreign +Build-Profiles: +Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (= ${binary:Version}), qemu-system-data (>> ${source:Upstream-Version}~), +Recommends: qemu-utils, +:ubuntu: ipxe-qemu-256k-compat-efi-roms, +# ppc targets use vgabios-stdvga and bootroms + seabios, + ipxe-qemu, + qemu-system-gui (= ${binary:Version}), + qemu-system-modules-spice (= ${binary:Version}) [:spice-arch:], + qemu-system-modules-opengl (= ${binary:Version}), + qemu-block-extra (= ${binary:Version}), +Suggests: samba, vde2, +Provides: ${qemu:Provides} +Description: QEMU full system emulation binaries (ppc) + QEMU is a fast processor emulator: currently the package supports + PowerPC emulation. By using dynamic translation it achieves + reasonable speed while being easy to port on new host CPUs. + . + This package provides the full system emulation binaries to emulate + the following PowerPC hardware: ${qemu:archlist}. + . + In system emulation mode QEMU emulates a full system, including a processor + and various peripherals. It enables easier testing and debugging of system + code. It can also be used to provide virtual hosting of several virtual + machines on a single server. + +Package: qemu-system-sparc +Architecture: :system-arch: +Multi-Arch: foreign +Build-Profiles: +Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (= ${binary:Version}), qemu-system-data (>> ${source:Upstream-Version}~), +Recommends: qemu-utils, +# sparc64 uses vgabios-stdvga and bootroms + seabios, + ipxe-qemu, + qemu-system-gui (= ${binary:Version}), + qemu-system-modules-spice (= ${binary:Version}) [:spice-arch:], + qemu-system-modules-opengl (= ${binary:Version}), + qemu-block-extra (= ${binary:Version}), +Suggests: samba, vde2, +Provides: ${qemu:Provides} +Description: QEMU full system emulation binaries (sparc) + QEMU is a fast processor emulator: currently the package supports + SPARC emulation. By using dynamic translation it achieves + reasonable speed while being easy to port on new host CPUs. + . + This package provides the full system emulation binaries to emulate + the following sparc hardware: ${qemu:archlist}. + . + In system emulation mode QEMU emulates a full system, including a processor + and various peripherals. It enables easier testing and debugging of system + code. It can also be used to provide virtual hosting of several virtual + machines on a single server. +:ubuntu: +:ubuntu:Package: qemu-system-s390x +:ubuntu:Architecture: :system-arch: +:ubuntu:Multi-Arch: foreign +:ubuntu:Build-Profiles: +:ubuntu:Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (= ${binary:Version}), qemu-system-data (>> ${source:Upstream-Version}~), +:ubuntu:Recommends: qemu-utils, +:ubuntu: qemu-system-gui (= ${binary:Version}), +:ubuntu: qemu-system-modules-spice (= ${binary:Version}) [:spice-arch:], +:ubuntu: qemu-system-modules-opengl (= ${binary:Version}), +:ubuntu: qemu-block-extra (= ${binary:Version}), +:ubuntu:Provides: ${qemu:Provides} +:ubuntu:Description: QEMU full system emulation binaries (s390x) +:ubuntu: QEMU is a fast processor emulator: currently the package supports +:ubuntu: s390x emulation. By using dynamic translation it achieves reasonable +:ubuntu: speed while being easy to port on new host CPUs. +:ubuntu: . +:ubuntu: This package provides the full system emulation binaries to emulate +:ubuntu: the following s390x hardware: ${qemu:archlist}. +:ubuntu: . +:ubuntu: In system emulation mode QEMU emulates a full system, including a processor +:ubuntu: and various peripherals. It enables easier testing and debugging of system +:ubuntu: code. It can also be used to provide virtual hosting of several virtual +:ubuntu: machines on a single server. +:ubuntu: +:ubuntu:# xen support generally is disabled on ubuntu, for a while we used +:ubuntu:# an extra build with xen enabled. In the meantime Debian followed that +:ubuntu:# approach but with a different name, so add a transitional until +:ubuntu:# after 24.04 +:ubuntu:Package: qemu-system-x86-xen +:ubuntu:Architecture: amd64 +:ubuntu:Multi-Arch: foreign +:ubuntu:Section: oldlibs +:ubuntu:Depends: qemu-system-xen (>= 1:7.0+dfsg-7ubuntu1), ${misc:Depends} +:ubuntu:Description: QEMU full system emulation binaries (x86) +:ubuntu: The former qemu-system-x86-xen binaries are now in qemu-system-xen. +:ubuntu: . +:ubuntu: This is a transitional package. You can safely remove it. + +Package: qemu-system-x86 +Architecture: :system-arch: +Multi-Arch: foreign +Build-Profiles: +Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (= ${binary:Version}), qemu-system-data (>> ${source:Upstream-Version}~), + seabios (>> 1.16.3-1~), + ipxe-qemu, +Recommends: qemu-utils, +:ubuntu: ipxe-qemu-256k-compat-efi-roms, + ovmf, + qemu-system-gui (= ${binary:Version}), + qemu-system-modules-spice (= ${binary:Version}) [:spice-arch:], + qemu-system-modules-opengl (= ${binary:Version}), + qemu-block-extra (= ${binary:Version}), +:ubuntu: cpu-checker, +Suggests: samba, vde2, +Provides: ${qemu:Provides} +Description: QEMU full system emulation binaries (x86) + QEMU is a fast processor emulator: currently the package supports + i386 and x86-64 emulation. By using dynamic translation it achieves + reasonable speed while being easy to port on new host CPUs. + . + This package provides the full system emulation binaries to emulate + the following x86 hardware: ${qemu:archlist}. + . + In system emulation mode QEMU emulates a full system, including a processor + and various peripherals. It enables easier testing and debugging of system + code. It can also be used to provide virtual hosting of several virtual + machines on a single server. + . + On x86 host hardware this package also enables KVM kernel virtual machine + usage on systems which supports it. + +Package: qemu-system-xen +Architecture: amd64 +Multi-Arch: no +Build-Profiles: +# do we really need qemu-system-data? keymaps only? +Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-data (>> ${source:Upstream-Version}~), + seabios +Recommends: qemu-utils, + ovmf, +:ubuntu:# For the transition from the former qemu-system-x86-xen name +:ubuntu:Breaks: qemu-system-x86-xen (<<1:7.0+dfsg-7ubuntu1) +:ubuntu:Replaces: qemu-system-x86-xen (<<1:7.0+dfsg-7ubuntu1) +:ubuntu:Provides: qemu-system-x86-xen +Description: QEMU full system emulation (Xen helper package) + This package provides the i386 system emulation binary to work + together with the Xen hypervisor for some types of DomUs. + This package is not useful by its own. + +Package: qemu-user +Architecture: :user-arch: +Multi-Arch: foreign +Build-Profiles: +Depends: ${shlibs:Depends}, ${misc:Depends} +Recommends: qemu-user-binfmt +Description: QEMU user mode emulation binaries + QEMU is a fast processor emulator: currently the package supports Alpha, ARM, + CRIS, i386, LoongArch, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, RISC-V, + S390x, SH4, SPARC, x86-64, Xtensa and other emulations. By using dynamic + translation it achieves reasonable speed while being easy to port on new host + CPUs. + . + This package provides the user mode emulation binaries. In this mode + QEMU can launch Linux processes compiled for one CPU on another CPU. + . + If qemu-user-binfmt package is also installed, it will register binary + format handlers from this qemu-user package with the kernel so it will + be possible to run foreign binaries directly. However, this might not + be suitable for using inside foreign chroots, in which case it is + possible to use qemu-user-static package instead of qemu-user-binmft, -- + qemu-user-static will register statically linked binfmt handlers instead. + +Package: qemu-user-static +Architecture: :user-arch: +Built-Using: ${built-using} +Multi-Arch: foreign +Build-Profiles: +Depends: ${misc:Depends} +# Recommend systemd for binfmt-misc registration +Recommends: systemd +Provides: qemu-user-binfmt +Conflicts: qemu-user-binfmt +Description: QEMU user mode emulation binaries (static version) + QEMU is a fast processor emulator: currently the package supports Alpha, ARM, + CRIS, i386, LoongArch, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, RISC-V, + S390x, SH4, SPARC, x86-64, Xtensa and other emulations. By using dynamic + translation it achieves reasonable speed while being easy to port on new host + CPUs. + . + This package provides the user mode emulation binaries, built + statically. In this mode QEMU can launch Linux processes compiled for + one CPU on another CPU. + . + qemu-user-static package will register binary formats which the provided + emulators can handle, so that it will be possible to run foreign binaries + directly. + +Package: qemu-user-binfmt +Architecture: :user-arch: +Multi-Arch: foreign +Build-Profiles: +Depends: ${misc:Depends}, qemu-user (= ${binary:Version}) +# Recommend systemd for binfmt-misc registration +Recommends: systemd +Conflicts: qemu-user-static +Description: QEMU user mode binfmt registration for qemu-user + QEMU is a fast processor emulator: currently the package supports Alpha, ARM, + CRIS, i386, LoongArch, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, RISC-V, + S390x, SH4, SPARC, x86-64, Xtensa and other emulations. By using dynamic + translation it achieves reasonable speed while being easy to port on new host + CPUs. + . + This package provides binfmt support registration for the user mode + emulation binaries from qemu-user. This is an empty package, it does + not contain any additional files, only registration scripts which run + at install and remove times. + +Package: qemu-utils +Architecture: :utils-arch: +Multi-Arch: foreign +Depends: ${shlibs:Depends}, ${misc:Depends}, +Recommends: + qemu-block-extra (= ${binary:Version}), +Replaces: +# qemu-storage-daemon and qemu-block-driver.7 has been moved from q-s-c. + qemu-system-common (<< 1:8.0+dfsg-5~), +Breaks: + qemu-system-common (<< 1:8.0+dfsg-5~), +Description: QEMU utilities + QEMU is a fast processor emulator: currently the package supports Alpha, ARM, + CRIS, i386, LoongArch, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, RISC-V, + S390x, SH4, SPARC, x86-64, Xtensa and other emulations. By using dynamic + translation it achieves reasonable speed while being easy to port on new host + CPUs. + . + This package provides QEMU related utilities: + * qemu-img: QEMU disk image utility + * qemu-io: QEMU disk exerciser + * qemu-nbd: QEMU disk network block device server + +Package: qemu-guest-agent +Architecture: any +Multi-Arch: foreign +Depends: ${shlibs:Depends}, ${misc:Depends} +Pre-Depends: ${misc:Pre-Depends} +Description: Guest-side qemu-system agent + QEMU is a fast processor emulator: currently the package supports Alpha, ARM, + CRIS, i386, LoongArch, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, RISC-V, + S390x, SH4, SPARC, x86-64, Xtensa and other emulations. By using dynamic + translation it achieves reasonable speed while being easy to port on new host + CPUs. + . + This package provides a daemon (agent) to run inside qemu-system + guests (full system emulation). It communicates with the host using + a virtio-serial channel org.qemu.guest_agent.0, and allows one to perform + some functions in the guest from the host, including: + - querying and setting guest system time + - performing guest filesystem sync operation + - initiating guest shutdown or suspend to ram + - accessing guest files + - freezing/thawing guest filesystem operations + - others. + . + Install this package on a system which is running as guest inside + qemu virtual machine. It is not used on the host. + +#Package: qemu-system-for-host +## This is actually all architectures for which qemu-system (softmmu) target is implemented +#Architecture: any +#Multi-Arch: same +#Depends: ${qemu:for-host} (=${binary:Version}) +#Description: QEMU full system emulation (dependency-only package for the host architecture) +# This package pulls one of qemu-system-* subpackages which contains +# qemu-system-${}{DEB_HOST_ARCH_CPU} binary specific for the host +# architecture. This one depends on ${qemu:for-host}. +# diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 00000000000..ddec53dd95c --- /dev/null +++ b/debian/copyright @@ -0,0 +1,529 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Files-Excluded: + roms/QemuMacDrivers + roms/edk2 + roms/ipxe + roms/seabios +# roms/u-boot +# + roms/SLOF/board-js2x/rtas/i2c_bmc.oco + roms/SLOF/board-js2x/rtas/ipmi_oem.oco + roms/SLOF/clients/takeover/takeover.oco + roms/SLOF/lib/libipmi/libipmi.oco +# + pc-bios/QEMU,*.bin + pc-bios/bamboo.dtb pc-bios/canyonlands.dtb + pc-bios/bios.bin + pc-bios/bios-256k.bin + pc-bios/bios-microvm.bin + pc-bios/edk2-*.fd.bz2 + pc-bios/efi-*.rom + pc-bios/pxe-*.rom + pc-bios/hppa-firmware.img + pc-bios/kvmvapic.bin + pc-bios/linuxboot.bin + pc-bios/linuxboot_dma.bin + pc-bios/multiboot.bin + pc-bios/multiboot_dma.bin + pc-bios/openbios-ppc + pc-bios/openbios-sparc32 + pc-bios/openbios-sparc64 + pc-bios/opensbi-*.bin + pc-bios/palcode-clipper + pc-bios/petalogix-ml605.dtb + pc-bios/petalogix-s3adsp1800.dtb + pc-bios/pvh.bin + pc-bios/qboot.rom + pc-bios/qemu_vga.ndrv + pc-bios/s390-ccw.img + pc-bios/s390-netboot.img + pc-bios/skiboot.lid + pc-bios/slof.bin + pc-bios/u-boot-sam460-20100605.bin + pc-bios/u-boot.e500 + pc-bios/vgabios.bin + pc-bios/vgabios-*.bin + pc-bios/vof.bin + +Files: * +Copyright: + Copyright (C) 1982, 1986, 1988-1994 The Regents of the University of California + Copyright (C) 1986-2007 Free Software Foundation Inc. + Copyright (C) 1988-1992 Richard Outerbridge + Copyright (C) 1991-1992, 1996 Linus Torvalds + Copyright (C) 1992 Graven Imagery + Copyright (C) 1995 Danny Gasparovski + Copyright (C) 1996-1999 Eduardo Horvath + Copyright (C) 1996 Paul Mackerras + Copyright (C) 1997-1999, 2001, 2006-2009 Red Hat Inc. + Copyright (C) 1998-1999 Philip Blundell + Copyright (C) 1998-2001, 2003, 2006 Thomas Sailer + Copyright (C) 1998, 2003-2008 Fabrice Bellard + Copyright (C) 1998-2004 Samuel Rydh + Copyright (C) 1998 Kenneth Albanowski + Copyright (C) 1998 The Silver Hammer Group Ltd. + Copyright (C) 1999-2000, 2002-2003 Maxim Krasnyansky + Copyright (C) 1999-2000 Tatsuyuki Satoh + Copyright (C) 1999-2006, 2008 Intel Corporation + Copyright (C) 1999 AT&T Laboratories Cambridge + Copyright (C) 2000-2001 Qualcomm Incorporated + Copyright (C) 2000-2002, 2004-2009 Axis Communications AB. + Copyright (C) 2000-2003, 2005 Martin Schwidefsky + Copyright (C) 2000-2003 David McCullough + Copyright (C) 2000-2005 All Rights Reserved. + Copyright (C) 2000-2005 DENX Software Engineering + Copyright (C) 2000-2005 Silicon Graphics Inc. + Copyright (C) 2000-2005 Wolfgang Denk + Copyright (C) 2000-2007 Tibor "TS" Schütz + Copyright (C) 2001 OKTET Ltd. + Copyright (C) 2001 Xilinx Inc. + Copyright (C) 2002-2005 Vassili Karpov + Copyright (C) 2002-2006 Marcel Holtmann + Copyright (C) 2002 Greg Ungerer + Copyright (C) 2002 Paul Dale + Copyright (C) 2003-2004 James Yonan + Copyright (C) 2003-2007 Jocelyn Mayer + Copyright (C) 2003 Damion K. Wilson + Copyright (C) 2003 Thomas M. Ogrisegg + Copyright (C) 2004-2005 Johannes E. Schindelin + Copyright (C) 2004, 2007 Magnus Damm + Copyright (C) 2004 Antony T Curtis + Copyright (C) 2004 Gianni Tedesco + Copyright (C) 2004 Johannes Schindelin + Copyright (C) 2004 Makoto Suzuki + Copyright (C) 2005, 2007 Alex Beregszaszi + Copyright (C) 2005-2007 Anthony Liguori + Copyright (C) 2005-2008 Andrzej Zaborowski + Copyright (C) 2005-2009 Paul Brook + Copyright (C) 2005 Anthony Liguori + Copyright (C) 2005 Filip Navara + Copyright (C) 2005 International Business Machines Corp. + Copyright (C) 2005 LLC. Written + Copyright (C) 2005 Mike Kronenberg + Copyright (C) 2005 Samuel Tardieu + Copyright (C) 2006-2007, 2009 Aurelien Jarno + Copyright (C) 2006-2007, 2009 Stefan Weil + Copyright (C) 2006-2007 Thiemo Seufer + Copyright (C) 2006-2007 Thorsten Zitterell + Copyright (C) 2006-2008 Openedhand Ltd. + Copyright (C) 2006-2008 Qumranet Technologies + Copyright (C) 2006 Frederick Reeve + Copyright (C) 2006 Igor Kovalenko + Copyright (C) 2006 InnoTek Systemberatung GmbH + Copyright (C) 2006 Joachim Henke + Copyright (C) 2006 Lonnie Mendez + Copyright (C) 2006 Marius Groeger + Copyright (C) 2007-2008 Bull S.A.S. + Copyright (C) 2007-2008 IBM Corporation + Copyright (C) 2007-2008 Lauro Ramos Venancio + Copyright (C) 2007-2008 Nokia Corporation + Copyright (C) 2007-2008 OpenMoko Inc. + Copyright (C) 2007, 2009 Alexander Graf + Copyright (C) 2007-2009 Edgar E. Iglesias + Copyright (C) 2007-2009 Herve Poussineau + Copyright (C) 2007 Arastra Inc. + Copyright (C) 2007 Armin Kuster + Copyright (C) 2007 Dan Aloni + Copyright (C) 2007 Marko Kohtala + Copyright (C) 2007 MontaVista Software Inc. + Copyright (C) 2007 Robert Reif + Copyright (C) 2007 Vladimir Ananiev + Copyright (C) 2008-2009 Arnaud Patard + Copyright (C) 2008-2009 Citrix Systems Inc. + Copyright (C) 2008-2009 Gerd Hoffmann + Copyright (C) 2008 Dell MessageOne + Copyright (C) 2008 Dmitry Baryshkov + Copyright (C) 2008 Gleb Natapov + Copyright (C) 2008 Jean-Christophe PLAGNIOL-VILLARD + Copyright (C) 2008 Lubomir Rintel + Copyright (C) 2008 Max Krasnyansky + Copyright (C) 2008 Paul Mundt + Copyright (C) 2008 Samuel Thibault + Copyright (C) 2008 Shin-ichiro KAWASAKI + Copyright (C) 2008 Takashi YOSHII + Copyright (C) 2008 TJ + Copyright (C) 2009 CodeSourcery + Copyright (C) 2009 Freescale Semiconductor Inc. + Copyright (C) 2009 Hewlett-Packard Development Company + Copyright (C) 2009 Isaku Yamahata + Copyright (C) 2009 Kevin Wolf + Copyright (C) 2009 Laurent Vivier + Copyright (C) 2009 Michael S. Tsirkin + Copyright (C) 2009 Novell Inc. + Copyright (C) 2009 Ulrich Hecht + Copyright (C) 2009 VA Linux Systems Japan +License: + QEMU as a whole is released under the GNU General Public License version 2. + On Debian systems, the complete text of the GNU General Public License + version 2 can be found in the file /usr/share/common-licenses/GPL-2. + . + Parts of QEMU have specific licenses which are compatible with the + GNU General Public License. Hence each source file contains its own + licensing information. + . + In particular, the QEMU virtual CPU core library (libqemu.a) is + released under the GNU Lesser General Public License version 2 or later. + On Debian systems, the complete text of the GNU Lesser General Public + License can be found in the file /usr/share/common-licenses/LGPL-2. + . + The BSD emulator is released under the following BSD license: + . + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + . + THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE + FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + SUCH DAMAGE. + . + The TCG code and many hardware device emulation sources are released under the + following MIT license: + . + Permission is hereby granted, free of charge, to any person obtaining a copy + of this software and associated documentation files (the "Software"), to deal + in the Software without restriction, including without limitation the rights + to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + copies of the Software, and to permit persons to whom the Software is + furnished to do so, subject to the following conditions: + . + The above copyright notice and this permission notice shall be included in + all copies or substantial portions of the Software. + . + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + THE SOFTWARE. + . + The QEMU Logo, pc-bios/qemu_logo*.svg, and also icons and pictures derived from + it, pc-bios/qemu-icon.bmp, pc-bios/qemu-nsis.*, are licensed under Creative + Commons Attribution license version 3.0 (CC-BY-3.0): + . + Attribution 3.0 Unported + . + CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE + LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN + ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS + INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES + REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR + DAMAGES RESULTING FROM ITS USE. + . + License + . + THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE + COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY + COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS + AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. + . + BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE + TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY + BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS + CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND + CONDITIONS. + . + 1. Definitions + . + a. "Adaptation" means a work based upon the Work, or upon the Work and + other pre-existing works, such as a translation, adaptation, + derivative work, arrangement of music or other alterations of a + literary or artistic work, or phonogram or performance and includes + cinematographic adaptations or any other form in which the Work may be + recast, transformed, or adapted including in any form recognizably + derived from the original, except that a work that constitutes a + Collection will not be considered an Adaptation for the purpose of + this License. For the avoidance of doubt, where the Work is a musical + work, performance or phonogram, the synchronization of the Work in + timed-relation with a moving image ("synching") will be considered an + Adaptation for the purpose of this License. + b. "Collection" means a collection of literary or artistic works, such as + encyclopedias and anthologies, or performances, phonograms or + broadcasts, or other works or subject matter other than works listed + in Section 1(f) below, which, by reason of the selection and + arrangement of their contents, constitute intellectual creations, in + which the Work is included in its entirety in unmodified form along + with one or more other contributions, each constituting separate and + independent works in themselves, which together are assembled into a + collective whole. A work that constitutes a Collection will not be + considered an Adaptation (as defined above) for the purposes of this + License. + c. "Distribute" means to make available to the public the original and + copies of the Work or Adaptation, as appropriate, through sale or + other transfer of ownership. + d. "Licensor" means the individual, individuals, entity or entities that + offer(s) the Work under the terms of this License. + e. "Original Author" means, in the case of a literary or artistic work, + the individual, individuals, entity or entities who created the Work + or if no individual or entity can be identified, the publisher; and in + addition (i) in the case of a performance the actors, singers, + musicians, dancers, and other persons who act, sing, deliver, declaim, + play in, interpret or otherwise perform literary or artistic works or + expressions of folklore; (ii) in the case of a phonogram the producer + being the person or legal entity who first fixes the sounds of a + performance or other sounds; and, (iii) in the case of broadcasts, the + organization that transmits the broadcast. + f. "Work" means the literary and/or artistic work offered under the terms + of this License including without limitation any production in the + literary, scientific and artistic domain, whatever may be the mode or + form of its expression including digital form, such as a book, + pamphlet and other writing; a lecture, address, sermon or other work + of the same nature; a dramatic or dramatico-musical work; a + choreographic work or entertainment in dumb show; a musical + composition with or without words; a cinematographic work to which are + assimilated works expressed by a process analogous to cinematography; + a work of drawing, painting, architecture, sculpture, engraving or + lithography; a photographic work to which are assimilated works + expressed by a process analogous to photography; a work of applied + art; an illustration, map, plan, sketch or three-dimensional work + relative to geography, topography, architecture or science; a + performance; a broadcast; a phonogram; a compilation of data to the + extent it is protected as a copyrightable work; or a work performed by + a variety or circus performer to the extent it is not otherwise + considered a literary or artistic work. + g. "You" means an individual or entity exercising rights under this + License who has not previously violated the terms of this License with + respect to the Work, or who has received express permission from the + Licensor to exercise rights under this License despite a previous + violation. + h. "Publicly Perform" means to perform public recitations of the Work and + to communicate to the public those public recitations, by any means or + process, including by wire or wireless means or public digital + performances; to make available to the public Works in such a way that + members of the public may access these Works from a place and at a + place individually chosen by them; to perform the Work to the public + by any means or process and the communication to the public of the + performances of the Work, including by public digital performance; to + broadcast and rebroadcast the Work by any means including signs, + sounds or images. + i. "Reproduce" means to make copies of the Work by any means including + without limitation by sound or visual recordings and the right of + fixation and reproducing fixations of the Work, including storage of a + protected performance or phonogram in digital form or other electronic + medium. + . + 2. Fair Dealing Rights. Nothing in this License is intended to reduce, + limit, or restrict any uses free from copyright or rights arising from + limitations or exceptions that are provided for in connection with the + copyright protection under copyright law or other applicable laws. + . + 3. License Grant. Subject to the terms and conditions of this License, + Licensor hereby grants You a worldwide, royalty-free, non-exclusive, + perpetual (for the duration of the applicable copyright) license to + exercise the rights in the Work as stated below: + . + a. to Reproduce the Work, to incorporate the Work into one or more + Collections, and to Reproduce the Work as incorporated in the + Collections; + b. to create and Reproduce Adaptations provided that any such Adaptation, + including any translation in any medium, takes reasonable steps to + clearly label, demarcate or otherwise identify that changes were made + to the original Work. For example, a translation could be marked "The + original work was translated from English to Spanish," or a + modification could indicate "The original work has been modified."; + c. to Distribute and Publicly Perform the Work including as incorporated + in Collections; and, + d. to Distribute and Publicly Perform Adaptations. + e. For the avoidance of doubt: + . + i. Non-waivable Compulsory License Schemes. In those jurisdictions in + which the right to collect royalties through any statutory or + compulsory licensing scheme cannot be waived, the Licensor + reserves the exclusive right to collect such royalties for any + exercise by You of the rights granted under this License; + ii. Waivable Compulsory License Schemes. In those jurisdictions in + which the right to collect royalties through any statutory or + compulsory licensing scheme can be waived, the Licensor waives the + exclusive right to collect such royalties for any exercise by You + of the rights granted under this License; and, + iii. Voluntary License Schemes. The Licensor waives the right to + collect royalties, whether individually or, in the event that the + Licensor is a member of a collecting society that administers + voluntary licensing schemes, via that society, from any exercise + by You of the rights granted under this License. + . + The above rights may be exercised in all media and formats whether now + known or hereafter devised. The above rights include the right to make + such modifications as are technically necessary to exercise the rights in + other media and formats. Subject to Section 8(f), all rights not expressly + granted by Licensor are hereby reserved. + . + 4. Restrictions. The license granted in Section 3 above is expressly made + subject to and limited by the following restrictions: + . + a. You may Distribute or Publicly Perform the Work only under the terms + of this License. You must include a copy of, or the Uniform Resource + Identifier (URI) for, this License with every copy of the Work You + Distribute or Publicly Perform. You may not offer or impose any terms + on the Work that restrict the terms of this License or the ability of + the recipient of the Work to exercise the rights granted to that + recipient under the terms of the License. You may not sublicense the + Work. You must keep intact all notices that refer to this License and + to the disclaimer of warranties with every copy of the Work You + Distribute or Publicly Perform. When You Distribute or Publicly + Perform the Work, You may not impose any effective technological + measures on the Work that restrict the ability of a recipient of the + Work from You to exercise the rights granted to that recipient under + the terms of the License. This Section 4(a) applies to the Work as + incorporated in a Collection, but this does not require the Collection + apart from the Work itself to be made subject to the terms of this + License. If You create a Collection, upon notice from any Licensor You + must, to the extent practicable, remove from the Collection any credit + as required by Section 4(b), as requested. If You create an + Adaptation, upon notice from any Licensor You must, to the extent + practicable, remove from the Adaptation any credit as required by + Section 4(b), as requested. + b. If You Distribute, or Publicly Perform the Work or any Adaptations or + Collections, You must, unless a request has been made pursuant to + Section 4(a), keep intact all copyright notices for the Work and + provide, reasonable to the medium or means You are utilizing: (i) the + name of the Original Author (or pseudonym, if applicable) if supplied, + and/or if the Original Author and/or Licensor designate another party + or parties (e.g., a sponsor institute, publishing entity, journal) for + attribution ("Attribution Parties") in Licensor's copyright notice, + terms of service or by other reasonable means, the name of such party + or parties; (ii) the title of the Work if supplied; (iii) to the + extent reasonably practicable, the URI, if any, that Licensor + specifies to be associated with the Work, unless such URI does not + refer to the copyright notice or licensing information for the Work; + and (iv) , consistent with Section 3(b), in the case of an Adaptation, + a credit identifying the use of the Work in the Adaptation (e.g., + "French translation of the Work by Original Author," or "Screenplay + based on original Work by Original Author"). The credit required by + this Section 4 (b) may be implemented in any reasonable manner; + provided, however, that in the case of a Adaptation or Collection, at + a minimum such credit will appear, if a credit for all contributing + authors of the Adaptation or Collection appears, then as part of these + credits and in a manner at least as prominent as the credits for the + other contributing authors. For the avoidance of doubt, You may only + use the credit required by this Section for the purpose of attribution + in the manner set out above and, by exercising Your rights under this + License, You may not implicitly or explicitly assert or imply any + connection with, sponsorship or endorsement by the Original Author, + Licensor and/or Attribution Parties, as appropriate, of You or Your + use of the Work, without the separate, express prior written + permission of the Original Author, Licensor and/or Attribution + Parties. + c. Except as otherwise agreed in writing by the Licensor or as may be + otherwise permitted by applicable law, if You Reproduce, Distribute or + Publicly Perform the Work either by itself or as part of any + Adaptations or Collections, You must not distort, mutilate, modify or + take other derogatory action in relation to the Work which would be + prejudicial to the Original Author's honor or reputation. Licensor + agrees that in those jurisdictions (e.g. Japan), in which any exercise + of the right granted in Section 3(b) of this License (the right to + make Adaptations) would be deemed to be a distortion, mutilation, + modification or other derogatory action prejudicial to the Original + Author's honor and reputation, the Licensor will waive or not assert, + as appropriate, this Section, to the fullest extent permitted by the + applicable national law, to enable You to reasonably exercise Your + right under Section 3(b) of this License (right to make Adaptations) + but not otherwise. + . + 5. Representations, Warranties and Disclaimer + . + UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR + OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY + KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, + INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, + FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF + LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, + WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION + OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. + . + 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE + LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR + ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES + ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS + BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. + . + 7. Termination + . + a. This License and the rights granted hereunder will terminate + automatically upon any breach by You of the terms of this License. + Individuals or entities who have received Adaptations or Collections + from You under this License, however, will not have their licenses + terminated provided such individuals or entities remain in full + compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will + survive any termination of this License. + b. Subject to the above terms and conditions, the license granted here is + perpetual (for the duration of the applicable copyright in the Work). + Notwithstanding the above, Licensor reserves the right to release the + Work under different license terms or to stop distributing the Work at + any time; provided, however that any such election will not serve to + withdraw this License (or any other license that has been, or is + required to be, granted under the terms of this License), and this + License will continue in full force and effect unless terminated as + stated above. + . + 8. Miscellaneous + . + a. Each time You Distribute or Publicly Perform the Work or a Collection, + the Licensor offers to the recipient a license to the Work on the same + terms and conditions as the license granted to You under this License. + b. Each time You Distribute or Publicly Perform an Adaptation, Licensor + offers to the recipient a license to the original Work on the same + terms and conditions as the license granted to You under this License. + c. If any provision of this License is invalid or unenforceable under + applicable law, it shall not affect the validity or enforceability of + the remainder of the terms of this License, and without further action + by the parties to this agreement, such provision shall be reformed to + the minimum extent necessary to make such provision valid and + enforceable. + d. No term or provision of this License shall be deemed waived and no + breach consented to unless such waiver or consent shall be in writing + and signed by the party to be charged with such waiver or consent. + e. This License constitutes the entire agreement between the parties with + respect to the Work licensed here. There are no understandings, + agreements or representations with respect to the Work not specified + here. Licensor shall not be bound by any additional provisions that + may appear in any communication from You. This License may not be + modified without the mutual written agreement of the Licensor and You. + f. The rights granted under, and the subject matter referenced, in this + License were drafted utilizing the terminology of the Berne Convention + for the Protection of Literary and Artistic Works (as amended on + September 28, 1979), the Rome Convention of 1961, the WIPO Copyright + Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 + and the Universal Copyright Convention (as revised on July 24, 1971). + These rights and subject matter take effect in the relevant + jurisdiction in which the License terms are sought to be enforced + according to the corresponding provisions of the implementation of + those treaty provisions in the applicable national law. If the + standard suite of rights granted under applicable copyright law + includes additional rights not granted under this License, such + additional rights are deemed to be included in the License; this + License is not intended to restrict the license of any rights under + applicable law. + . + Creative Commons Notice + . + Creative Commons is not a party to this License, and makes no warranty + whatsoever in connection with the Work. Creative Commons will not be + liable to You or any party on any legal theory for any damages + whatsoever, including without limitation any general, special, + incidental or consequential damages arising in connection to this + license. Notwithstanding the foregoing two (2) sentences, if Creative + Commons has expressly identified itself as the Licensor hereunder, it + shall have all rights and obligations of Licensor. + . + Except for the limited purpose of indicating to the public that the + Work is licensed under the CCPL, Creative Commons does not authorize + the use by either party of the trademark "Creative Commons" or any + related trademark or logo of Creative Commons without the prior + written consent of Creative Commons. Any permitted use will be in + compliance with Creative Commons' then-current trademark usage + guidelines, as may be published on its website or otherwise made + available upon request from time to time. For the avoidance of doubt, + this trademark restriction does not form part of this License. + . + Creative Commons may be contacted at https://creativecommons.org/. diff --git a/debian/extract-config-opts b/debian/extract-config-opts new file mode 100755 index 00000000000..b75d63b8b84 --- /dev/null +++ b/debian/extract-config-opts @@ -0,0 +1,22 @@ +#! /bin/sh + +# This is a trivial script to parse comments in debian/control +# into a set of system-specific configure options. +# Usage: ./debian/extract-config-opts $OS-$ARCH debian/control + +osarch=$1 +control=$2 + +sed -n 's/^# \?--/--/p' $control | \ +while IFS=' ' read f p x; do + set -- $p + if [ $# = 0 ]; then echo $f; continue; fi + for p in "$@"; do + case "$p" in + *-any) p="${p%-any}-*" ;; + *-*) ;; + *) p="linux-$p" ;; + esac + eval "case \$osarch in ($p) echo \$f; continue;; esac" + done +done diff --git a/debian/gbp.conf b/debian/gbp.conf new file mode 100644 index 00000000000..b185b618e50 --- /dev/null +++ b/debian/gbp.conf @@ -0,0 +1,4 @@ +[DEFAULT] +sign-tags = True +pristine-tar = True +upstream-branch = upstream-8.2 diff --git a/debian/kvm-spice b/debian/kvm-spice new file mode 100755 index 00000000000..55f910d145b --- /dev/null +++ b/debian/kvm-spice @@ -0,0 +1,10 @@ +#! /bin/sh +echo "$0: W: this is an old compat wrapper script for kvm-spice" >&2 +echo "$0: W: please use qemu-system-x86_64 instead of $0" >&2 + +if echo "$@" | grep -q -E -e '(^|\s)-machine\s.*accel=' -e '(^|\s)-accel\s'; then + # acceleration already set via commandline option - adding -enable-kvm would conflic" + exec qemu-system-x86_64 "$@" +else + exec qemu-system-x86_64 -enable-kvm "$@" +fi diff --git a/debian/kvm-spice.1 b/debian/kvm-spice.1 new file mode 100644 index 00000000000..896daab20e9 --- /dev/null +++ b/debian/kvm-spice.1 @@ -0,0 +1,17 @@ +.TH kvm-spice 1 2020-07 "5.0" Ubuntu +.SH NAME +kvm-spice, qemu-system-x86_64-spice \- compatibility names for qemu-system-x86_64 +.SH DESCRIPTION +The two names are aliases for +.BR qemu-system-x86_64 , +where kvm-spice enables kvm native hardware mode by default. +These names are kept for backward compatibility +wih old package, when spice-enabled qemu were packaged +separately. Now main qemu-system has spice functionality +built in. Please use +.B qemu-system-x86_64 +instead of the old compat names. +.SH SEE ALSO +.BR qemu-system-x86_64 (1). +.SH AUTHOR +This manual page was written by Michael Tokarev . diff --git a/debian/kvm.1 b/debian/kvm.1 new file mode 100644 index 00000000000..0b272026f11 --- /dev/null +++ b/debian/kvm.1 @@ -0,0 +1,20 @@ +.TH kvm 1 2020-07 "5.0" Debian +.SH NAME +kvm \- kvm-enabling link for qemu-system-@ARCH@ +.SH DESCRIPTION +When executed as +.BR kvm , +qemu-system is run with preference to native hardware-based +virtualization, instead of relying solely on emulation. +Essentially +.B kvm +is equivalent to +.B qemu-system-@ARCH@ +.I -machine accel=kvm:tcg +so when the host CPU support the kvm mode, native hardware +virtualization is enabled, or qemu-system-@ARCH@ falls back +to the emulation (TCG) mode. +.SH SEE ALSO +.BR qemu-system-@ARCH@ (1). +.SH AUTHOR +This manual page was written by Michael Tokarev . diff --git a/debian/microvm-devices.mak b/debian/microvm-devices.mak new file mode 100644 index 00000000000..1512d34af08 --- /dev/null +++ b/debian/microvm-devices.mak @@ -0,0 +1,26 @@ +# see configs/devices/i386-softmmu/default.mak +# for additional devices which can be disabled +# +CONFIG_PCI_DEVICES=n + +# we can't disable all machine types (boards) as of 6.1 +# since the resulting binary fails to link +#CONFIG_ISAPC=y +#CONFIG_I440FX=y +CONFIG_Q35=y +CONFIG_MICROVM=y + +CONFIG_VIRTIO_BLK=y +CONFIG_VIRTIO_SERIAL=y +CONFIG_VIRTIO_INPUT=y +CONFIG_VIRTIO_INPUT_HOST=y +CONFIG_VHOST_USER_INPUT=y +CONFIG_VIRTIO_NET=y +CONFIG_VIRTIO_SCSI=y +CONFIG_VIRTIO_RNG=y +CONFIG_VIRTIO_CRYPTO=y +CONFIG_VIRTIO_BALLOON=y +CONFIG_VIRTIO_MEM=y +CONFIG_VIRTIO_PMEM=y +CONFIG_VIRTIO_GPU=y +CONFIG_VHOST_USER_GPU=y diff --git a/debian/not-installed b/debian/not-installed new file mode 100644 index 00000000000..bda49a1ff50 --- /dev/null +++ b/debian/not-installed @@ -0,0 +1,21 @@ +usr/include/qemu-plugin.h +usr/share/doc/qemu/_static +usr/share/doc/qemu/about +usr/share/doc/qemu/devel +usr/share/doc/qemu/interop +usr/share/doc/qemu/specs +usr/share/doc/qemu/tools +usr/share/doc/qemu/*.* +usr/share/doc/qemu/.buildinfo +usr/bin/elf2dmp +# test tool +usr/bin/qemu-edid +# we install these files in d/rules into arch-all qemu-system-data +usr/share/icons +usr/share/applications/qemu.desktop +usr/share/qemu/keymaps +# these 2 are installed even if no user or system build is requested +usr/share/doc/qemu/user/index.html +usr/share/doc/qemu/user/main.html +# VMware-specific helper, not needed for NVIDIA QEMU +usr/bin/qemu-vmsr-helper diff --git a/debian/optionrom.mak b/debian/optionrom.mak new file mode 100644 index 00000000000..27dc7249a8d --- /dev/null +++ b/debian/optionrom.mak @@ -0,0 +1,31 @@ +LD = ld +OBJCOPY = objcopy +CC = cc +CFLAGS = -O2 -m16 -Wa,-32 -march=i486 \ + -ffreestanding -fno-stack-protector -fno-pie \ + -I${SRC_PATH}/include +VPATH = ${SRC_PATH}/pc-bios/optionrom + +BINS = kvmvapic.bin linuxboot.bin linuxboot_dma.bin \ + multiboot.bin multiboot_dma.bin pvh.bin +all: ${BINS} + +%.o: %.S + ${CC} ${CFLAGS} -c -o $@ $< +%.o: %.c + ${CC} ${CFLAGS} -c -o $@ $< +%.img: %.o + ${LD} -m elf_i386 -T ${SRC_PATH}/pc-bios/optionrom/flat.lds -s -o $@ $^ +pvh.img: pvh.o pvh_main.o +%.raw: %.img + ${OBJCOPY} -O binary -j .text $< $@ +%.bin: %.raw + python3 ${SRC_PATH}/scripts/signrom.py $< $@ + +clean: + rm -f ${BINS} + +install: ${BINS} + install -m 0644 -t "${DESTDIR}" ${BINS} + +.PHONY: all clean install diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 00000000000..e69de29bb2d diff --git a/debian/qemu-block-extra.install b/debian/qemu-block-extra.install new file mode 100644 index 00000000000..d8e0569358e --- /dev/null +++ b/debian/qemu-block-extra.install @@ -0,0 +1 @@ +usr/lib/${DEB_HOST_MULTIARCH}/qemu/block-*.so diff --git a/debian/qemu-block-extra.postinst b/debian/qemu-block-extra.postinst new file mode 100644 index 00000000000..9108c498aaf --- /dev/null +++ b/debian/qemu-block-extra.postinst @@ -0,0 +1,59 @@ +#!/bin/sh +# postinst script for qemu-block-extra +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `configure' +# * `abort-upgrade' +# * `abort-remove' `in-favour' +# +# * `abort-remove' +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see https://www.debian.org/doc/debian-policy/ or +# the debian-policy package + + +case "$1" in + configure) + ;; + + abort-upgrade|abort-remove|abort-deconfigure) + ;; + + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +# dh_installsystemd will not fully enable or start .mount units, but we want +# this to be ready after install. We want to avoid forcing users to fail once +# only to realize they need to activate anything. +if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then + if [ -d /run/systemd/system ]; then + # enabling on install will not work through deb-systemd-helper + # It will do all the rest like d-s-h state files and such, but + # not enable (= symlink) it. Therefore on new install or + # upgrade from a former version enable it once. + if dpkg --compare-versions "$2" lt "1:6.0+dfsg-1~ubuntu1~"; then + systemctl enable 'run-qemu.mount' >/dev/null || true + fi + fi + # start it on configure + if [ -d /run/systemd/system ]; then + systemctl --system daemon-reload >/dev/null || true + deb-systemd-invoke start 'run-qemu.mount' >/dev/null || true + fi +fi + +exit 0 diff --git a/debian/qemu-block-extra.run-qemu.mount b/debian/qemu-block-extra.run-qemu.mount new file mode 100644 index 00000000000..6ab120a8201 --- /dev/null +++ b/debian/qemu-block-extra.run-qemu.mount @@ -0,0 +1,14 @@ +[Unit] +Description=Prepare /run/qemu to allow still running qemu binaries of former builds (after package upgrades) to fallback-load modules from there +Before=libvirtd.service + +[Mount] +What=tmpfs +Where=/run/qemu +Type=tmpfs +Options=nosuid,nodev,mode=0755 +ReadWriteOnly=true +LazyUnmount=yes + +[Install] +WantedBy=multi-user.target diff --git a/debian/qemu-debootstrap b/debian/qemu-debootstrap new file mode 100755 index 00000000000..399e736c86c --- /dev/null +++ b/debian/qemu-debootstrap @@ -0,0 +1,15 @@ +#!/bin/sh +# it was qemu-debootstrap - setup qemu syscall emulation in a debootstrap chroot +# since kernel binfmt-misc support F flag for the interpreter and we use it, +# there is no need to copy qemu-user binfmt interpreter binary to the chroot, +# so regular debootstrap can be used just fine without --foreign, since all +# commands inside the chroot will just run using qemu from binfmt-misc subsystem. + +if ! command -v debootstrap >/dev/null; then + echo "E: debootstrap isn't found in \$PATH, is debootstrap package installed?" >&2 + exit 1 +fi + +echo "W: qemu-debootstrap is deprecated. Please use regular debootstrap directly" >&2 +echo "I: Running command: debootstrap $*" >&2 +exec debootstrap "$@" diff --git a/debian/qemu-debootstrap.1 b/debian/qemu-debootstrap.1 new file mode 100644 index 00000000000..8e76a1b4825 --- /dev/null +++ b/debian/qemu-debootstrap.1 @@ -0,0 +1,19 @@ +.TH qemu\-debootstrap 1 2011-07-02 "0.14.1+dfsg" Debian +.SH NAME +qemu\-debootstrap \- QEMU debootstrap wrapper +.SH SYNOPSIS +.B qemu\-debootstrap +.RI [ options ] +.SH DESCRIPTION +The +.B qemu\-debootstrap +wrapper calls +.BR debootstrap (8) +making use of the \-\-foreign and \-\-second-stage options, and copies the appropriate +.BR qemu\-user\-static (1) +binary into place in order to install cross-architecture chroots. In order for it to work seamlessly, the binfmt-support package must be installed. +.SH SEE ALSO +.BR debootstrap (8), +.BR qemu\-user\-static (1). +.SH AUTHOR +This manual page was written by Vagrant Cascadian . diff --git a/debian/qemu-guest-agent.dirs b/debian/qemu-guest-agent.dirs new file mode 100644 index 00000000000..47e91b182d9 --- /dev/null +++ b/debian/qemu-guest-agent.dirs @@ -0,0 +1 @@ +/etc/qemu/fsfreeze-hook.d diff --git a/debian/qemu-guest-agent.init b/debian/qemu-guest-agent.init new file mode 100644 index 00000000000..e142478056d --- /dev/null +++ b/debian/qemu-guest-agent.init @@ -0,0 +1,131 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: qemu-guest-agent +# Required-Start: $remote_fs $syslog +# Required-Stop: $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: QEMU Guest Agent startup script +# Description: Start the QEMU Guest Agent if we're running +# in a QEMU virtual machine +### END INIT INFO + +# Author: Michael Tokarev + +PATH=/sbin:/usr/sbin:/bin:/usr/bin +DESC="QEMU Guest Agent" +NAME=qemu-ga +DAEMON=/usr/sbin/$NAME +PIDFILE=/var/run/$NAME.pid + +# config +DAEMON_ARGS="" +# default transport +TRANSPORT=virtio-serial:/dev/virtio-ports/org.qemu.guest_agent.0 + +# Exit if the package is not installed +[ -x "$DAEMON" ] || exit 0 + +# Read configuration variable file if it is present +[ -r /etc/default/qemu-guest-agent ] && . /etc/default/qemu-guest-agent + +# Load the VERBOSE setting and other rcS variables +. /lib/init/vars.sh + +# Define LSB log_* functions. +# Depend on lsb-base (>= 3.2-14) to ensure that this file is present +# and status_of_proc is working. +. /lib/lsb/init-functions + +# +# Function that checks whenever system has necessary environment +# It also splits $TRANSPORT into $method and $path +# +do_check_transport() { + method=${TRANSPORT%%:*}; path=${TRANSPORT#*:} + case "$method" in + virtio-serial | isa-serial) + if [ ! -e "$path" ]; then + log_warning_msg "$NAME: transport endpoint not found, not starting" + return 1 + fi + ;; + esac +} + +# +# Function that starts the daemon/service +# +do_start() +{ + # Return + # 0 if daemon has been started + # 1 if daemon was already running + # 2 if daemon could not be started + start-stop-daemon -Sq -p $PIDFILE -x $DAEMON --test > /dev/null \ + || return 1 + start-stop-daemon -Sq -p $PIDFILE -x $DAEMON -- --daemonize \ + $DAEMON_ARGS -m "$method" -p "$path" \ + || return 2 +} + +# +# Function that stops the daemon/service +# +do_stop() +{ + # Return + # 0 if daemon has been stopped + # 1 if daemon was already stopped + # 2 if daemon could not be stopped + # other if a failure occurred + start-stop-daemon -Kq --retry=TERM/30/KILL/5 -p $PIDFILE --name $NAME +} + +case "$1" in + start) + do_check_transport || exit 0 + [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" $NAME + do_start + case "$?" in + 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; + 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; + esac + ;; + stop) + [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" $NAME + do_stop + case "$?" in + 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; + 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; + esac + ;; + status) + status_of_proc "$DAEMON" $NAME && exit 0 || exit $? + ;; + restart|force-reload) # we do not support reload + do_check_transport || exit 0 + log_daemon_msg "Restarting $DESC" $NAME + do_stop + case "$?" in + 0|1) + do_start + case "$?" in + 0) log_end_msg 0 ;; + 1) log_end_msg 1 ;; # Old process is still running + *) log_end_msg 1 ;; # Failed to start + esac + ;; + *) + # Failed to stop + log_end_msg 1 + ;; + esac + ;; + *) + echo "Usage: /etc/init.d/qemu-guest-agent {start|stop|status|restart|force-reload}" >&2 + exit 3 + ;; +esac + +: diff --git a/debian/qemu-guest-agent.install b/debian/qemu-guest-agent.install new file mode 100644 index 00000000000..d48def15bde --- /dev/null +++ b/debian/qemu-guest-agent.install @@ -0,0 +1,8 @@ +# from source tree +qga/qapi-schema.json /usr/share/doc/qemu-guest-agent/ +scripts/qemu-guest-agent/fsfreeze-hook /etc/qemu/ + +# from staging area +usr/bin/qemu-ga /usr/sbin/ +usr/share/man/man8/qemu-ga.8 /usr/share/man/man8/ +usr/share/man/man7/qemu-ga-ref.7 /usr/share/man/man7/ diff --git a/debian/qemu-guest-agent.postinst b/debian/qemu-guest-agent.postinst new file mode 100644 index 00000000000..e479a0d21a7 --- /dev/null +++ b/debian/qemu-guest-agent.postinst @@ -0,0 +1,59 @@ +#!/bin/sh +# postinst script for qemu-guest-agent +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `configure' +# * `abort-upgrade' +# * `abort-remove' `in-favour' +# +# * `abort-remove' +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see https://www.debian.org/doc/debian-policy/ or +# the debian-policy package + + +case "$1" in + configure) + ;; + + abort-upgrade|abort-remove|abort-deconfigure) + ;; + + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +# Normal mv_conffile alone would fail due to the new path being a DIR in the old package version (LP: 1820291) +case "$1" in + configure) + # From /usr/bin/dpkg-maintscript-helper modified to be able to cope with this edge case + if [ -n "$2" ] && dpkg --compare-versions -- "$2" le-nl "1:3.1+dfsg-7~"; then + TMPCONFFILE="/etc/qemu/fsfreeze-hook.old" + NEWCONFFILE="/etc/qemu/fsfreeze-hook" + ORIGCONFFILE="/etc/qemu/fsfreeze-hook/fsfreeze-hook" + rm -f "$TMPCONFFILE.dpkg-remove" + if [ -e "$TMPCONFFILE" ]; then + echo "Preserving user changes to $NEWCONFFILE (renamed from $ORIGCONFFILE)..." + if [ -e "$NEWCONFFILE" ]; then + mv -f "$NEWCONFFILE" "$NEWCONFFILE.dpkg-new" + fi + mv -f "$TMPCONFFILE" "$NEWCONFFILE" + fi + fi + ;; +esac + +exit 0 diff --git a/debian/qemu-guest-agent.postrm b/debian/qemu-guest-agent.postrm new file mode 100644 index 00000000000..525e3cbfe16 --- /dev/null +++ b/debian/qemu-guest-agent.postrm @@ -0,0 +1,56 @@ +#!/bin/sh +# postrm script for qemu-guest-agent +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `purge' +# * `upgrade' +# * `failed-upgrade' +# * `abort-install' +# * `abort-install' +# * `abort-upgrade' +# * `disappear' +# +# for details, see https://www.debian.org/doc/debian-policy/ or +# the debian-policy package + + +case "$1" in + purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + ;; + + *) + echo "postrm called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +# If needed revert the move we have made in preinst to compensate the new path being a DIR in the old package version (LP: 1820291) +case "$1" in + abort-install|abort-upgrade) + # From /usr/bin/dpkg-maintscript-helper modified to be able to cope with this edge case + if [ -n "$2" ] && dpkg --compare-versions -- "$2" le-nl "1:3.1+dfsg-7~"; then + TMPCONFFILE="/etc/qemu/fsfreeze-hook.old" + NEWCONFFILE="/etc/qemu/fsfreeze-hook" + ORIGCONFFILE="/etc/qemu/fsfreeze-hook/fsfreeze-hook" + if [ -e "$TMPCONFFILE.dpkg-remove" ]; then + echo "Reinstalling $ORIGCONFFILE that was moved away" + if [ -f "$NEWCONFFILE" ]; then + rm -f "$NEWCONFFILE" + fi + mkdir -p "$NEWCONFFILE" + mv "$TMPCONFFILE.dpkg-remove" "$ORIGCONFFILE" + fi + fi +esac + +exit 0 diff --git a/debian/qemu-guest-agent.preinst b/debian/qemu-guest-agent.preinst new file mode 100644 index 00000000000..f5b4cc7de97 --- /dev/null +++ b/debian/qemu-guest-agent.preinst @@ -0,0 +1,62 @@ +#!/bin/sh +# preinst script for qemu-guest-agent +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `install' +# * `install' +# * `upgrade' +# * `abort-upgrade' +# for details, see https://www.debian.org/doc/debian-policy/ or +# the debian-policy package + + +case "$1" in + install|upgrade) + ;; + + abort-upgrade) + ;; + + *) + echo "preinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +# Normal mv_conffile alone would fail due to the new path being a DIR in the old package version (LP: 1820291) +case "$1" in + install|upgrade) + # From /usr/bin/dpkg-maintscript-helper modified to be able to cope with this edge case + if [ -n "$2" ] && dpkg --compare-versions -- "$2" le-nl "1:3.1+dfsg-7~"; then + TMPCONFFILE="/etc/qemu/fsfreeze-hook.old" + NEWCONFFILE="/etc/qemu/fsfreeze-hook" + ORIGCONFFILE="/etc/qemu/fsfreeze-hook/fsfreeze-hook" + if [ -f "$ORIGCONFFILE" ]; then + disk_md5sum="$(md5sum "$ORIGCONFFILE" | sed -e 's/ .*//')" + pkg_md5sum="$(dpkg-query -W -f='${Conffiles}' "qemu-guest-agent" | \ + sed -n -e "\'^ $ORIGCONFFILE ' { s/ obsolete$//; s/.* //; p }")" + if [ "$disk_md5sum" = "$pkg_md5sum" ]; then + # mark as having no custom content + mv -f "$ORIGCONFFILE" "${TMPCONFFILE}.dpkg-remove" + else + # keep the "old" name to reflect there is content to be preserved + mv -f "$ORIGCONFFILE" "$TMPCONFFILE" + fi + # In any case the old directory blocking the new conffile + # has to be removed before unpack happens + rmdir "$NEWCONFFILE" || echo "failed to remove $NEWCONFFILE" + fi + fi + ;; +esac + +#DEBHELPER# + +exit 0 diff --git a/debian/qemu-guest-agent.service b/debian/qemu-guest-agent.service new file mode 100644 index 00000000000..88ef9c7e5f5 --- /dev/null +++ b/debian/qemu-guest-agent.service @@ -0,0 +1,11 @@ +[Unit] +Description=QEMU Guest Agent +BindsTo=dev-virtio\x2dports-org.qemu.guest_agent.0.device +After=dev-virtio\x2dports-org.qemu.guest_agent.0.device + +[Service] +ExecStart=-/usr/sbin/qemu-ga +Restart=always +RestartSec=0 + +[Install] diff --git a/debian/qemu-guest-agent.udev b/debian/qemu-guest-agent.udev new file mode 100644 index 00000000000..47097057e3a --- /dev/null +++ b/debian/qemu-guest-agent.udev @@ -0,0 +1,2 @@ +SUBSYSTEM=="virtio-ports", ATTR{name}=="org.qemu.guest_agent.0", \ + TAG+="systemd", ENV{SYSTEMD_WANTS}="qemu-guest-agent.service" diff --git a/debian/qemu-ifdown b/debian/qemu-ifdown new file mode 100755 index 00000000000..b2dc471f048 --- /dev/null +++ b/debian/qemu-ifdown @@ -0,0 +1,6 @@ +#! /bin/sh +# Script to shut down a network (tap) device for qemu. +# Initially this script is empty, but you can configure, +# for example, accounting info here. + +: diff --git a/debian/qemu-ifup b/debian/qemu-ifup new file mode 100755 index 00000000000..76b68ea5777 --- /dev/null +++ b/debian/qemu-ifup @@ -0,0 +1,41 @@ +#! /bin/sh +# Script to bring a network (tap) device for qemu up. +# The idea is to add the tap device to the same bridge +# as we have default routing to. + +# in order to be able to find brctl +PATH=$PATH:/sbin:/usr/sbin +ip=$(command -v ip) + +if [ -n "$ip" ]; then + ip link set "$1" up +else + brctl=$(command -v brctl) + if [ -z "$ip$brctl" ]; then + echo "W: $0: not doing any bridge processing: neither ip nor brctl utility not found" >&2 + exit 0 + fi + ifconfig "$1" 0.0.0.0 up +fi + +switch=$(ip route ls | \ + awk '/^default / { + for(i=0;i&2 diff --git a/debian/qemu-io.1 b/debian/qemu-io.1 new file mode 100644 index 00000000000..cabd24e3016 --- /dev/null +++ b/debian/qemu-io.1 @@ -0,0 +1,43 @@ +.TH QEMU-IO 1 "December 18, 2011" +.SH NAME +qemu-io \- QEMU Disk exerciser +.SH SYNOPSIS +.B qemu-io [-h] [-V] [-rsnm] [-c cmd] ... [file] +.SH DESCRIPTION +qemu-io is a command line utility to exercise the QEMU I/O path. +.SH OPTIONS +.TP +.B \-c,\ \-\-cmd\ +Command to execute +.TP +.B \-r,\ \-\-read-only +Export read-only +.TP +.B \-s,\ \-\-snapshot +Use snapshot file +.TP +.B \-n,\ \-\-nocache +Disable host cache +.TP +.B \-g,\ \-\-growable +Allow file to grow (only applies to protocols) +.TP +.B \-m,\ \-\-misalign +Misalign allocations for O_DIRECT +.TP +.B \-k,\ \-\-native-aio +Use kernel AIO implementation (on Linux only) +.TP +.B \-h,\ \-\-help +Display help and exit +.TP +.B \-V,\ \-\-version +Output version information and exit +.SH SEE ALSO +.BR qemu-img (1), +.BR qemu-nbd (8) +.SH AUTHOR +QEMU project +.PP +This manual page was written by Asias He , for the Debian project (and may be used by others). Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-Share Alike 3.0 United States License. (See http://creativecommons.org/licenses/by-sa/3.0/us/legalcode) +. diff --git a/debian/qemu-kvm-init b/debian/qemu-kvm-init new file mode 100755 index 00000000000..af00b71848c --- /dev/null +++ b/debian/qemu-kvm-init @@ -0,0 +1,89 @@ +#!/bin/sh + +# Detect our host arch +arch=$(arch) +test -z "$arch" && exit 0 + +modlist="" +case "$arch" in + x86_64 | i686) + kvm=/usr/bin/qemu-system-x86_64 + if grep -qs "^flags.* vmx" /proc/cpuinfo; then + modlist="kvm_intel $KVM_NESTED" + elif grep -qs "^flags.* svm" /proc/cpuinfo; then + modlist="kvm_amd" + fi + ;; + ppc*) + SMT=$(/usr/sbin/ppc64_cpu --smt 2>&1 | grep "SMT=[248]") + if [ -n "$SMT" ] + then + if grep -q -e '^cpu\s*:\s*POWER8' /proc/cpuinfo; then + echo "Error: You must disable SMT if you want to run QEMU/KVM on Power8 based ppc64le architecture" + echo "In order to disable SMT, run: # ppc64_cpu --smt=off" + fi + fi + kvm=/usr/bin/qemu-system-ppc64 + if [ "$(uname -m)" != "ppc64le" ]; then + exit 0 + fi + if systemd-detect-virt --quiet --vm; then + echo "Info: second level virtualization not supported, kvm-hv load might fail" + fi + modlist="kvm-hv" + ;; +esac + +# Silently exit if the package isn't installed anymore +if [ -z "$kvm" -o ! -e "$kvm" ]; then + exit 0 +fi + +# shellcheck disable=SC1091 +[ -r /etc/default/qemu-kvm ] && . /etc/default/qemu-kvm + +start() { + if [ -n "$modlist" ]; then + modprobe -b $modlist || true + fi + + if systemd-detect-virt --quiet --container; then + mknod /dev/kvm c 10 232 || true + chown root:kvm /dev/kvm || true + chmod g+rw /dev/kvm || true + fi + + # Determine if we are running inside a VM + IS_VM=0 + if command -v systemd-detect-virt >/dev/null 2>&1; then + systemd-detect-virt -vq && IS_VM=1 + fi + + # Enable KSM, respecting the default configuration file. If 'AUTO' is + # set, enable only if we aren't running inside a VM. + if [ "$KSM_ENABLED" = "1" ] || [ "$KSM_ENABLED" = "AUTO" ] && [ "$IS_VM" = "0" ]; then + # shellcheck disable=SC2015 + [ -w /sys/kernel/mm/ksm/run ] && echo 1 > /sys/kernel/mm/ksm/run || true + if [ -w /sys/kernel/mm/ksm/sleep_millisecs ]; then + if [ -n "$SLEEP_MILLISECS" ]; then + echo "$SLEEP_MILLISECS" > /sys/kernel/mm/ksm/sleep_millisecs || true + fi + fi + else + # shellcheck disable=SC2015 + [ -w /sys/kernel/mm/ksm/run ] && echo 0 > /sys/kernel/mm/ksm/run || true + fi +} + +# See how we were called. +case "$1" in + start) + start + ;; + + *) + exit 0 + ;; +esac + +exit $? diff --git a/debian/qemu-system-arm.maintscript b/debian/qemu-system-arm.maintscript new file mode 100644 index 00000000000..368fa9a1e19 --- /dev/null +++ b/debian/qemu-system-arm.maintscript @@ -0,0 +1 @@ +dir_to_symlink /usr/share/doc/qemu-system-arm qemu-system-common 1:8.0+dfsg-4~ qemu-system-arm diff --git a/debian/qemu-system-common.NEWS b/debian/qemu-system-common.NEWS new file mode 100644 index 00000000000..fc8fccc96f6 --- /dev/null +++ b/debian/qemu-system-common.NEWS @@ -0,0 +1,106 @@ +qemu (1:8.0+dfsg-1) experimental; urgency=medium + + Qemu upstream dropped support of the C-language virtiofsd daemon + implementation in version 8.0, so this package does not ship + virtiofsd anymore. A rust-language implementation is available + in a separate virtiofsd package. + + -- Michael Tokarev Tue, 18 Apr 2023 21:26:14 +0300 + +qemu (1:7.0+dfsg-7) unstable; urgency=medium + + Starting with this version of qemu-system-x86 on x86 architecture, xen + support is moved out to a separate package named qemu-system-xen. Xen + release since 4.16.1-1 already uses qemu binary from this package. In + order to support transition from old xen and xen-supporting qemu-system-x86 + to separate xen build of qemu, the qemu-system-i386 binary is temporarily + replaced by a shell wrapper which detects xen usage and if found, redirects + the call to xen-enabled qemu binary if found (with a warning), or suggests + to install qemu-system-xen package. If you used qemu-system-x86 (or + qemu-system-x86-xen on Ubuntu) to run xen, please install qemu-system-xen. + qemu-system-x86 is not used by xen anymore since 4.16.1-1. + + -- Michael Tokarev Sun, 15 May 2022 15:15:58 +0300 + +qemu (1:5.0-9) unstable; urgency=medium + + With this version, kvm wrapper (initially from the separate kvm + package, which were later renamed to qemu-kvm) is merged back + to qemu-system-x86 package, replacing old qemu-kvm package. + 'kvm' command name turned out to be very handy for manual + execution of qemu with kvm enabled, and we now rely on the + upstream behavor - when executable name ends with "kvm" it + enables the kvm mode by default if available, and falls back + to TCG if not. + + -- Michael Tokarev Fri, 17 Jul 2020 12:54:35 +0300 + +qemu (1:2.12+dfsg-2) unstable; urgency=medium + + Since qemu 2.12, [G]UI display frontends can be built as modules. + Debian creates new package, qemu-system-gui, which currently + includes GTK3 support. This also switches display from SDL to GTK. + Qemu-system-* packages recommends installing qemu-system-gui, so + by default on upgrade you will have new package installed, and + local GUI will continue to work. However, if you choose to not + install recommended packages, you might consider installing + qemu-system-gui package separately, if you need local GUI support + as well. Without this package, qemu-system-* becomes "headless", + and can be used on servers to reduce amount of dependencies - + this way, no X11 stuff is needed by qemu-system anymore. + + -- Michael Tokarev Sun, 27 Apr 2018 09:18:32 +0300 + +qemu (1:2.2+dfsg-6exp) unstable; urgency=medium + + Since Debian release 2.2+dfsg-6exp, a new package named qemu-block-extra + has been created and some less frequently used block backends has been + split out of main qemu-system binaries and from qemu-img binary to + this new package. The backends which has been split are: + curl + iscsi + rbd (ceph/rados) + ssh + If you use any of these, please install qemu-block-extra package in + addition to qemu-system-* or qemu-utils package, because without it + these block backends won't work anymore. + + -- Michael Tokarev Mon, 27 Apr 2015 09:29:55 +0300 + +qemu (2.0.0+dfsg-1) unstable; urgency=low + + qemu-system-* packages does not provide /usr/bin/qemu alternative + anymore, and all various alternatives will be unregistered at new + individual qemu-system packages install. This is because different + architectures are not really alternatives, and never has been. + Historically, qemu emulated just one architecture, so the name "qemu" + was used for the binary. However when more architectures were added, + the old name "qemu" was used as an alternative, pointing to one of + the emulators. Upstream does not use the name "qemu" for binaries + for a long time. If you have scripts using the old name "qemu" + please update them to use the right qemu-system-* binary. + + -- Michael Tokarev Fri, 11 Apr 2014 19:57:22 +0400 + +qemu (1.7.0+dfsg-2) unstable; urgency=low + + Since version 1.7.0+dfsg-2, qemu-system-x86 switched from vgabios for + plex/bochs project to implementation of vgabios provided by seabios. + The latter is written almost entirely in C language so it is much easier + to debugu/develop, but it lacks some 16bit protected mode functions which + are present in vgabios. This means that it is possible that, for eaxample, + some protected-mode games written for MS-DOS may not work since this + release. + + This also means that vgabios package isn't used by qemu anymore, and might + be removed from the system if there are no other users of it left. + + + /usr/bin/kvm shell wrapper has been moved back to qemu-kvm package (it was + moved to qemu-system-x86 in version 1.3.0+dfsg-2exp). Please note that we + do not re-install qemu-kvm package if it has been removed as obsolete, so + if you need /usr/bin/kvm wrapper please install qemu-kvm package again. + This change allows qemu-system-x86 package to co-exist with the old qemu-kvm + binary (not shell-wrapper) package from wheezy. + + -- Michael Tokarev Thu, 28 Nov 2013 18:40:56 +0400 diff --git a/debian/qemu-system-common.README.Debian b/debian/qemu-system-common.README.Debian new file mode 100644 index 00000000000..f282b7a0faa --- /dev/null +++ b/debian/qemu-system-common.README.Debian @@ -0,0 +1,35 @@ +Historically, there were different naming in use for the +same architectures within different groups/projects. For +example, amd64 architecture (Debian name) is also known as +x86_64; arm64 and aarch64; and so on. Qemu used one way +to name the binaries, debian used another, some architectures +are named the same way, while for other architectures there's +a difference. + +Starting with debian qemu-system-* packages version 8.0, we now +provide debian-compatible naming scheme for qemu-system-$arch +binaries, shipping symlinks to qemu names when qemu name is +different from debian's. For example, qemu-system-amd64 is a +symlink to qemu-system-x86_64. + +Since qemu-system emulates a CPU (it is agnostic to what +OS/kernel/abi is being actually used inside), we can use +qemu-system-${DEB_HOST_ARCH_CPU} from dpkg-architecture, +not qemu-system-${DEB_HOST_ARCH}. + +In particular, the following extra names are provided: + + amd64 => x86_64 + arm64 => aarch64 + loong64 => loongarch64 + powerpc => ppc + ppc64el => ppc64 + +The other names do match between qemu and debian. + +There's another name which is also provided but which is +neither in debian nor in qemu: it is ppc64le, which is +the name used for this architecture in the linux kernel. + +One can run qemu-system-$archos binary, and you can +list it in (Build-)Depends: field too. diff --git a/debian/qemu-system-common.doc-base b/debian/qemu-system-common.doc-base new file mode 100644 index 00000000000..76cd04b3295 --- /dev/null +++ b/debian/qemu-system-common.doc-base @@ -0,0 +1,12 @@ +Document: qemu-system-doc +Title: QEMU User Manual +Author: Fabrice Bellard +Abstract: The QEMU user manual intends to make the user understand what + qemu is/does, and to guide them through the first steps of getting + the emulator to work, documenting parameters and commands, among other + useful things. +Section: Emulators + +Format: HTML +Index: /usr/share/doc/qemu-system-common/system/index.html +Files: /usr/share/doc/qemu-system-common/system/index.html diff --git a/debian/qemu-system-common.install b/debian/qemu-system-common.install new file mode 100644 index 00000000000..a4a90b57df8 --- /dev/null +++ b/debian/qemu-system-common.install @@ -0,0 +1,33 @@ +debian/qemu-ifup etc/ +debian/qemu-ifdown etc/ + +usr/share/man/man1/qemu-system.1 +usr/share/qemu/trace-events-all +usr/bin/qemu-pr-helper +usr/share/man/man8/qemu-pr-helper.8 +usr/share/man/man7/qemu-qmp-ref.7 +usr/share/man/man7/qemu-cpu-models.7 +usr/share/doc/qemu/system usr/share/doc/qemu-system-common + +# linux-specific +usr/lib/qemu/qemu-bridge-helper +# virtfs-proxy-helper removed in QEMU 9.0+ (replaced by vhost-user-fs) +# usr/lib/qemu/virtfs-proxy-helper +# usr/share/man/man1/virtfs-proxy-helper.1 + +# common modules. Other gui modules are in qemu-system-gui +# accel-tcg-*.so modules no longer built as separate .so files in QEMU 10.1+ +# usr/lib/${DEB_HOST_MULTIARCH}/qemu/accel-tcg-*.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/audio-alsa.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/audio-oss.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/chardev-baum.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/hw-display-virtio-gpu-pci.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/hw-display-virtio-gpu.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/hw-display-virtio-vga.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/hw-usb-host.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/hw-usb-redirect.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/hw-usb-smartcard.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/hw-s390x-virtio-gpu-ccw.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/hw-uefi-vars.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/ui-curses.so +debian/qemu-kvm-init /usr/share/qemu/init diff --git a/debian/qemu-system-common.lintian-overrides b/debian/qemu-system-common.lintian-overrides new file mode 100644 index 00000000000..628f7111c8e --- /dev/null +++ b/debian/qemu-system-common.lintian-overrides @@ -0,0 +1,9 @@ +# probably a false positives +qemu-system-common: shared-library-lacks-prerequisites [usr/lib/*/qemu/hw-display-virtio-gpu-pci.so] +qemu-system-common: shared-library-lacks-prerequisites [usr/lib/*/qemu/hw-display-virtio-vga.so] +qemu-system-common: shared-library-lacks-prerequisites [usr/lib/*/qemu/hw-s390x-virtio-gpu-ccw.so] +qemu-system-common: hardening-no-fortify-functions [usr/lib/*/qemu/audio-alsa.so] +qemu-system-common: hardening-no-fortify-functions [usr/lib/*/qemu/audio-oss.so] +# this is a common/generic manpage used by all qemu-system-* binaries +qemu-system-common: spare-manual-page [usr/share/man/man1/qemu-system.1.gz] +qemu-system-common: spare-manual-page [usr/share/man/man1/virtfs-proxy-helper.1.gz] diff --git a/debian/qemu-system-common.qemu-kvm.default b/debian/qemu-system-common.qemu-kvm.default new file mode 100644 index 00000000000..08ab26c7688 --- /dev/null +++ b/debian/qemu-system-common.qemu-kvm.default @@ -0,0 +1,8 @@ +# Set to 1 to enable KSM, 0 to disable KSM, and AUTO to use default settings. +# After changing this setting restart the qemu-kvm service. +KSM_ENABLED=AUTO +SLEEP_MILLISECS=200 + +# Dropped VHOST_NET_ENABLED as this is auto-loaded in recent kernels + +# Dropped KVM_HUGEPAGES as systemd provides feasible hugepage moutpoints diff --git a/debian/qemu-system-common.qemu-kvm.service b/debian/qemu-system-common.qemu-kvm.service new file mode 100644 index 00000000000..f35e3e98bfa --- /dev/null +++ b/debian/qemu-system-common.qemu-kvm.service @@ -0,0 +1,16 @@ +[Unit] +Description=QEMU KVM preparation - module, ksm, hugepages +DefaultDependencies=no +After=local-fs.target +Before=shutdown.target +Conflicts=shutdown.target +RequiresMountsFor=/usr + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/share/qemu/init/qemu-kvm-init start +ExecReload=/usr/share/qemu/init/qemu-kvm-init start + +[Install] +WantedBy=multi-user.target diff --git a/debian/qemu-system-data.docs b/debian/qemu-system-data.docs new file mode 100644 index 00000000000..3c68b4688b1 --- /dev/null +++ b/debian/qemu-system-data.docs @@ -0,0 +1,5 @@ +docs/multiseat.txt +docs/qdev-device-use.txt +docs/qemupciserial.inf +docs/config/ +docs/specs/ diff --git a/debian/qemu-system-data.install b/debian/qemu-system-data.install new file mode 100644 index 00000000000..2b1b4196904 --- /dev/null +++ b/debian/qemu-system-data.install @@ -0,0 +1,2 @@ +usr/share/qemu/dtb/bamboo.dtb +usr/share/qemu/dtb/canyonlands.dtb diff --git a/debian/qemu-system-data.links b/debian/qemu-system-data.links new file mode 100644 index 00000000000..6ccba3d609d --- /dev/null +++ b/debian/qemu-system-data.links @@ -0,0 +1 @@ +usr/share/qemu/s390-ccw.img usr/share/qemu/s390-netboot.img diff --git a/debian/qemu-system-data.lintian-overrides b/debian/qemu-system-data.lintian-overrides new file mode 100644 index 00000000000..d1be0c48e07 --- /dev/null +++ b/debian/qemu-system-data.lintian-overrides @@ -0,0 +1,5 @@ +# firmware files are arch-dependent binaries and can be statically linked +qemu-system-data: arch-dependent-file-in-usr-share *usr/share/qemu/* +qemu-system-data: arch-independent-package-contains-binary-or-object *usr/share/qemu/* +qemu-system-data: statically-linked-binary *usr/share/qemu/* +qemu-system-data: shared-library-lacks-prerequisites *usr/share/qemu/s390-* diff --git a/debian/qemu-system-gui.install b/debian/qemu-system-gui.install new file mode 100644 index 00000000000..df9c3eb5572 --- /dev/null +++ b/debian/qemu-system-gui.install @@ -0,0 +1,10 @@ +usr/share/locale/*/LC_MESSAGES/qemu.mo +usr/share/qemu/vhost-user/50-qemu-gpu.json +usr/lib/qemu/vhost-user-gpu +# modules +usr/lib/${DEB_HOST_MULTIARCH}/qemu/ui-gtk.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/ui-sdl.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/audio-sdl.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/audio-jack.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/audio-pa.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/audio-pipewire.so diff --git a/debian/qemu-system-mips.maintscript b/debian/qemu-system-mips.maintscript new file mode 100644 index 00000000000..7f302e915d1 --- /dev/null +++ b/debian/qemu-system-mips.maintscript @@ -0,0 +1 @@ +dir_to_symlink /usr/share/doc/qemu-system-mips qemu-system-common 1:8.0+dfsg-4~ qemu-system-mips diff --git a/debian/qemu-system-misc.install b/debian/qemu-system-misc.install new file mode 100644 index 00000000000..13f6225a84f --- /dev/null +++ b/debian/qemu-system-misc.install @@ -0,0 +1,2 @@ +usr/share/qemu/dtb/petalogix-ml605.dtb +usr/share/qemu/dtb/petalogix-s3adsp1800.dtb diff --git a/debian/qemu-system-misc.lintian-overrides b/debian/qemu-system-misc.lintian-overrides new file mode 100644 index 00000000000..ec61d802ca2 --- /dev/null +++ b/debian/qemu-system-misc.lintian-overrides @@ -0,0 +1,2 @@ +qemu-system-misc: spelling-error-in-binary addd add *usr/bin/qemu-* +qemu-system-misc: spelling-error-in-binary nott not *usr/bin/qemu-* diff --git a/debian/qemu-system-misc.maintscript b/debian/qemu-system-misc.maintscript new file mode 100644 index 00000000000..6f0082da19c --- /dev/null +++ b/debian/qemu-system-misc.maintscript @@ -0,0 +1 @@ +dir_to_symlink /usr/share/doc/qemu-system-misc qemu-system-common 1:8.0+dfsg-4~ qemu-system-misc diff --git a/debian/qemu-system-modules-opengl.install b/debian/qemu-system-modules-opengl.install new file mode 100644 index 00000000000..0ed5c82a9bc --- /dev/null +++ b/debian/qemu-system-modules-opengl.install @@ -0,0 +1,8 @@ +usr/lib/${DEB_HOST_MULTIARCH}/qemu/ui-opengl.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/ui-egl-headless.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/hw-display-virtio-gpu-pci-gl.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/hw-display-virtio-gpu-gl.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/hw-display-virtio-vga-gl.so +# ui-dbus requires ui-opengl +usr/lib/${DEB_HOST_MULTIARCH}/qemu/audio-dbus.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/ui-dbus.so diff --git a/debian/qemu-system-modules-opengl.lintian-overrides b/debian/qemu-system-modules-opengl.lintian-overrides new file mode 100644 index 00000000000..ea04ea1d64c --- /dev/null +++ b/debian/qemu-system-modules-opengl.lintian-overrides @@ -0,0 +1,3 @@ +# probably false positives +qemu-system-modules-opengl: shared-library-lacks-prerequisites [usr/lib/*/qemu/hw-display-virtio-gpu-pci-gl.so] +qemu-system-modules-opengl: shared-library-lacks-prerequisites [usr/lib/*/qemu/hw-display-virtio-vga-gl.so] diff --git a/debian/qemu-system-modules-spice.install b/debian/qemu-system-modules-spice.install new file mode 100644 index 00000000000..9aede779854 --- /dev/null +++ b/debian/qemu-system-modules-spice.install @@ -0,0 +1,5 @@ +usr/lib/${DEB_HOST_MULTIARCH}/qemu/audio-spice.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/chardev-spice.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/hw-display-qxl.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/ui-spice-app.so +usr/lib/${DEB_HOST_MULTIARCH}/qemu/ui-spice-core.so diff --git a/debian/qemu-system-ppc.lintian-overrides b/debian/qemu-system-ppc.lintian-overrides new file mode 100644 index 00000000000..b215e1b0a4d --- /dev/null +++ b/debian/qemu-system-ppc.lintian-overrides @@ -0,0 +1 @@ +qemu-system-ppc: spelling-error-in-binary buid build *usr/bin/qemu-system-ppc64* diff --git a/debian/qemu-system-ppc.maintscript b/debian/qemu-system-ppc.maintscript new file mode 100644 index 00000000000..760727fb056 --- /dev/null +++ b/debian/qemu-system-ppc.maintscript @@ -0,0 +1 @@ +dir_to_symlink /usr/share/doc/qemu-system-ppc qemu-system-common 1:8.0+dfsg-4~ qemu-system-ppc diff --git a/debian/qemu-system-s390x.maintscript b/debian/qemu-system-s390x.maintscript new file mode 100644 index 00000000000..cd86fbcacf7 --- /dev/null +++ b/debian/qemu-system-s390x.maintscript @@ -0,0 +1 @@ +dir_to_symlink /usr/share/doc/qemu-system-s390x qemu-system-common 1:8.0+dfsg-4~ qemu-system-s390x diff --git a/debian/qemu-system-sparc.maintscript b/debian/qemu-system-sparc.maintscript new file mode 100644 index 00000000000..1b51c3b5c7c --- /dev/null +++ b/debian/qemu-system-sparc.maintscript @@ -0,0 +1 @@ +dir_to_symlink /usr/share/doc/qemu-system-sparc qemu-system-common 1:8.0+dfsg-4~ qemu-system-sparc diff --git a/debian/qemu-system-x86.NEWS b/debian/qemu-system-x86.NEWS new file mode 100644 index 00000000000..8aae3e95c94 --- /dev/null +++ b/debian/qemu-system-x86.NEWS @@ -0,0 +1,10 @@ +qemu (1:8.2.2+ds-0ubuntu1.12) noble; urgency=medium + + * To backport the fix for arch-caps (LP: #2131822) in old Ubuntu releases. + We add new Ubuntu v2 machine types that will contain this fix: + - pc-i440fx-noble-v2 + - pc-q35-noble-v2 + The creation of these machine types allow to not break existing guests. + The -v2 machine type becomes the default Ubuntu machine. + + -- Hector Cao Mon, 15 Dec 2025 12:33:49 +0000 diff --git a/debian/qemu-system-x86.maintscript b/debian/qemu-system-x86.maintscript new file mode 100644 index 00000000000..afaba5d56cd --- /dev/null +++ b/debian/qemu-system-x86.maintscript @@ -0,0 +1 @@ +dir_to_symlink /usr/share/doc/qemu-system-x86 qemu-system-common 1:8.0+dfsg-4~ qemu-system-x86 diff --git a/debian/qemu-system-x86_64-spice b/debian/qemu-system-x86_64-spice new file mode 100755 index 00000000000..a7bdb04e0c8 --- /dev/null +++ b/debian/qemu-system-x86_64-spice @@ -0,0 +1,5 @@ +#! /bin/sh +echo "$0: W: this is an old compat wrapper script for qemu-system-x86_64-spice" >&2 +echo "$0: W: please use qemu-system-x86_64 instead of $0" >&2 + +exec qemu-system-x86_64 "$@" diff --git a/debian/qemu-system-xen.lintian-overrides b/debian/qemu-system-xen.lintian-overrides new file mode 100644 index 00000000000..1df7552f5d6 --- /dev/null +++ b/debian/qemu-system-xen.lintian-overrides @@ -0,0 +1 @@ +qemu-system-xen: no-manual-page [usr/libexec/xen-qemu-system-i386] diff --git a/debian/qemu-system.NEWS b/debian/qemu-system.NEWS new file mode 100644 index 00000000000..550670bafb3 --- /dev/null +++ b/debian/qemu-system.NEWS @@ -0,0 +1,47 @@ +qemu (1.3.0+dfsg-4exp) experimental; urgency=low + + Starting from 1.3.0 release, qemu-system package, which provided + QEMU system emulation targets for many architectures, has been + split into several packages, each providing a related, + per-base-architecture, set of emulators, and qemu-system-misc + package which contains some "other" architectures. There are + also qemu-system-common package, which provides common files for + all other qemu-system-*, packages. Former qemu-system package + now become a meta-package which installs emulators for all + available targets as before. + + -- Michael Tokarev Tue, 22 Jan 2013 01:38:27 +0400 + +qemu (0.12.3+dfsg-3) unstable; urgency=low + + Starting with QEMU 0.12.0, KQEMU support has been removed from + upstream, as it has not seen active development for a few years now, + while causing regressions or limitations for non-KQEMU users. + + -- Aurelien Jarno Wed, 24 Mar 2010 23:14:35 +0100 + +qemu (0.10.3-2) unstable; urgency=low + + Starting with QEMU 0.10.0, it is possible to control how the host + cache is used to access block data, using the cache= suboption of the + -drive option. The following suboptions are available: + * none: The host page cache is entirely avoided. + * writeback (default in QEMU 0.9.x): Writeback caching reports data + writes as completed as soon as the data is present in the host page + cache. This is safe as long as you trust your host. If your host + crashes or loses power, then the guest may experience data + corruption. + * writethrough (default in QEMU 0.10.x): The host page cache is used + to read and write data but write notification is sent to the guest + only when the data has been reported as written by the storage + subsystem. + + Note that depending on your configuration (filesystem, encryption, + kernel version, etc.), disk accesses can be very slow with the default + cache policy (writethrough). You can use the writeback cache policy + instead, but the data integrity is not assured anymore. + + See qemu(1) for more details. + + -- Aurelien Jarno Sun, 03 May 2009 23:22:29 +0200 + diff --git a/debian/qemu-user-static.1 b/debian/qemu-user-static.1 new file mode 100644 index 00000000000..bac2d391c22 --- /dev/null +++ b/debian/qemu-user-static.1 @@ -0,0 +1,37 @@ +.TH qemu\-user\-static 1 2007-02-08 "0.9.0" Debian +.SH NAME +qemu\-user\-static \- QEMU User Emulator (static version) +.SH SYNOPSIS +.B qemu\-user\-static +.RI [ options ] +.I program +.RI [ program-arguments... ] +.SH DESCRIPTION +The +.B qemu\-user\-static +emulator can run binaries for other architectures but with the same operating +system as the current one. +.SH OPTIONS +.TP +.BR \-h +Print this help. +.TP +.BR \-g " \fI\fP" +Wait gdb connection to port \fIport\fP. +.TP +.BR \-L " \fI\fP" +Set the elf interpreter prefix (default=\fI/etc/qemu\-binfmt/%M\fP). +.TP +.BR \-s " \fI\fP" +Set the stack size in bytes (default=\fI524288\fP). +.TP +.BR \-d " \fI\fP" +Activate log (logfile=\fI/tmp/qemu.log\fP) +.TP +.BR \-p " \fI\fP" +Set the host page size to 'pagesize'. +.SH SEE ALSO +.BR qemu-system (1) +(in qemu-system-common package). +.SH AUTHOR +This manual page was written by Guillem Jover . diff --git a/debian/qemu-user-static.README.Debian b/debian/qemu-user-static.README.Debian new file mode 100644 index 00000000000..b22be69605c --- /dev/null +++ b/debian/qemu-user-static.README.Debian @@ -0,0 +1,28 @@ +Historically, there were different naming in use for the +same architectures within different groups/projects. For +example, amd64 architecture (Debian name) is also known as +x86_64; arm64 and aarch64; and so on. Qemu used one way +to name the binaries, debian used another, some architectures +are named the same way, while for other architectures there's +a difference. + +Starting with debian qemu-user-static package version 8.0, we +provide debian-compatible naming scheme for qemu-$arch-static +binaries, to be used as qemu-${DEB_HOST_ARCH}-static. For +example, qemu-armel-static is a symlink for qemu-arm-static. + +In particular, the following extra names are provided: + + amd64 => x86_64 + arm64 => aarch64 + armhf => arm + armel => arm + loong64 => loongarch64 + powerpc => ppc + ppc64el => ppc64 + +The other names do match between qemu and debian. + +There's another name which is also provided but which is +neither in debian nor in qemu: it is ppc64le, which is +the name used for this architecture in the linux kernel. diff --git a/debian/qemu-user-static.docs b/debian/qemu-user-static.docs new file mode 100644 index 00000000000..b8472f7f0e6 --- /dev/null +++ b/debian/qemu-user-static.docs @@ -0,0 +1 @@ +docs/user/main.rst diff --git a/debian/qemu-user-static.install b/debian/qemu-user-static.install new file mode 100644 index 00000000000..42e8bca7c92 --- /dev/null +++ b/debian/qemu-user-static.install @@ -0,0 +1,3 @@ +debian/qemu-user-static.1 usr/share/man/man1/ +debian/qemu-debootstrap usr/sbin +debian/qemu-debootstrap.1 usr/share/man/man1/ diff --git a/debian/qemu-user-static.lintian-overrides b/debian/qemu-user-static.lintian-overrides new file mode 100644 index 00000000000..b9ed6553d30 --- /dev/null +++ b/debian/qemu-user-static.lintian-overrides @@ -0,0 +1,4 @@ +qemu-user-static: spelling-error-in-binary addd add *usr/bin/qemu-*-static* +qemu-user-static: spelling-error-in-binary nott not *usr/bin/qemu-*-static* +# these are static-pic executables, not shared executables: +qemu-user-static: shared-library-lacks-prerequisites *usr/bin/qemu-*-static* diff --git a/debian/qemu-user.docs b/debian/qemu-user.docs new file mode 100644 index 00000000000..b8472f7f0e6 --- /dev/null +++ b/debian/qemu-user.docs @@ -0,0 +1 @@ +docs/user/main.rst diff --git a/debian/qemu-user.lintian-overrides b/debian/qemu-user.lintian-overrides new file mode 100644 index 00000000000..5ee86b85bcb --- /dev/null +++ b/debian/qemu-user.lintian-overrides @@ -0,0 +1,3 @@ +qemu-user: spelling-error-in-binary addd add *usr/bin/qemu-* +qemu-user: spelling-error-in-binary nott not *usr/bin/qemu-* +qemu-user: spare-manual-page [usr/share/man/man1/qemu-user.1.gz] diff --git a/debian/qemu-utils.NEWS b/debian/qemu-utils.NEWS new file mode 100644 index 00000000000..406990ad04b --- /dev/null +++ b/debian/qemu-utils.NEWS @@ -0,0 +1,15 @@ +qemu (1:2.2+dfsg-6exp) unstable; urgency=medium + + Since Debian release 2.2+dfsg-6exp, a new package named qemu-block-extra + has been created and some less frequently used block backends has been + split out of main qemu-system binaries and from qemu-img binary to + this new package. The backends which has been split are: + curl + iscsi + rbd (ceph/rados) + ssh + If you use any of these, please install qemu-block-extra package in + addition to qemu-system-* or qemu-utils package, because without it + these block backends won't work anymore. + + -- Michael Tokarev Mon, 27 Apr 2015 09:29:55 +0300 diff --git a/debian/qemu-utils.install b/debian/qemu-utils.install new file mode 100644 index 00000000000..152109d222f --- /dev/null +++ b/debian/qemu-utils.install @@ -0,0 +1,10 @@ +usr/bin/qemu-img +usr/share/man/man1/qemu-img.1 +usr/bin/qemu-nbd +usr/share/man/man8/qemu-nbd.8 +usr/bin/qemu-io +usr/bin/qemu-storage-daemon +usr/share/man/man1/qemu-storage-daemon.1 +usr/share/man/man7/qemu-storage-daemon-qmp-ref.7 + +usr/share/man/man7/qemu-block-drivers.7 diff --git a/debian/qemu-utils.manpages b/debian/qemu-utils.manpages new file mode 100644 index 00000000000..7cba2a0b134 --- /dev/null +++ b/debian/qemu-utils.manpages @@ -0,0 +1 @@ +debian/qemu-io.1 diff --git a/debian/rules b/debian/rules new file mode 100755 index 00000000000..901d8ae8457 --- /dev/null +++ b/debian/rules @@ -0,0 +1,797 @@ +#!/usr/bin/make -f +SHELL = /bin/sh -e + +# stop python from generating .pyc caches +export PYTHONDONTWRITEBYTECODE=1 + +# in order to keep output non-intermixed together, disable parallel building +# of different targets in this d/rules but allow running parallel submakes +.NOTPARALLEL: + +ifeq ($(shell dpkg-vendor --derives-from Ubuntu && echo yes),yes) +VENDOR := UBUNTU +DEB_BUILD_PARALLEL = yes +else +VENDOR := DEBIAN +endif + +# get DEB_VERSION +include /usr/share/dpkg/pkg-info.mk + +ifeq ($(and ${DEB_HOST_MULTIARCH},${DEB_HOST_ARCH}),) +# Fast version of dpkg/architecture.mk defining all vars in one go + $(foreach d, $(shell dpkg-architecture | sed 's/=/?=/'), $(eval export $d)) +endif + +# we build in a sub-subdir so strip that from file paths too +export DEB_CFLAGS_MAINT_APPEND = -ffile-prefix-map=../../= + +# Disable LTO on non-amd64 builds, see: +# https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1921664 +# https://issues.redhat.com/browse/RHEL-7385 +ifneq ($(DEB_HOST_ARCH),amd64) + export DEB_BUILD_MAINT_OPTIONS += optimize=-lto +endif + +# get CFLAGS LDFLAGS etc (should come after DEB_*MAINT*) +include /usr/share/dpkg/buildflags.mk + +# Host architectures we produce packages for. +# when changing this list, check d/control-in too, if any changes +# needs to be done for build deps and --enable options. +system-arch-linux = \ + amd64 arm arm64 armel armhf i386 mips mipsel mips64 mips64el \ + powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32 +system-arch = ${system-arch-linux} +user-arch = \ + amd64 arm arm64 armel armhf i386 mips mipsel mips64 mips64el \ + ppc64 ppc64el riscv64 s390x sparc sparc64 x32 +utils-arch = $(sort ${system-arch} ${user-arch} ia64 hppa m68k sh4 \ + kfreebsd-amd64 kfreebsd-i386) +# subset of system-arch +spice-arch = amd64 i386 arm64 armel armhf mips64el mipsel ppc64el x32 + +# DEB_BUILD_OPTIONS=parallel=N +MAKEFLAGS += $(subst parallel=,-j,$(filter parallel=%,${DEB_BUILD_OPTIONS})) + +# verbose build +V = $(if $(filter terse, ${DEB_BUILD_OPTIONS}),,1) + +NINJA = ninja $(if $V,-v) $(or $(filter -j%,${MAKEFLAGS}),-j1) + +# list of packages we're supposed to build +BUILD_PACKAGES := $(shell dh_listpackages) + +enable-system = $(if $(filter qemu-system,${BUILD_PACKAGES}),y) +enable-user = $(if $(filter qemu-user,${BUILD_PACKAGES}),y) +enable-user-static = $(if $(filter qemu-user-static,${BUILD_PACKAGES}),y) + +QEMU_XEN = /usr/libexec/xen-qemu-system-i386 +PKGVERSION = Debian ${DEB_VERSION} +SAVEMODDIR = /run/qemu/$(shell echo -n "${PKGVERSION}" | tr --complement '[:alnum:]+-.~' '_') +# New Ubuntu package qemu-block-supplemental to hold modules we want in Universe +# glusterfs is in universe, see LP: #2045063 +# This variable specifies a space-separated list of module filenames +# If altering this list, please also update the package description in d/control* +BLOCK_SUPPLEMENTAL_MODULES = block-gluster.so +sysdataidir = debian/qemu-system-data/usr/share/qemu +libdir = /usr/lib/${DEB_HOST_MULTIARCH} +FIRMWAREPATH = /usr/share/qemu:/usr/share/seabios:/usr/lib/ipxe/qemu + +ALPHAEV67_CROSSPFX = alpha-linux-gnu- +PPC_CROSSPFX = powerpc-linux-gnu- +PPC64_CROSSPFX = powerpc64-linux-gnu- +RISCV64_CROSSPFX = riscv64-linux-gnu- +ARM_CROSSPFX = arm-none-eabi- + +extra-cflags = ${CFLAGS} ${CPPFLAGS} +extra-ldflags = ${LDFLAGS} -Wl,--as-needed +# we add another set of configure options from debian/control +common_configure_opts = \ + --with-pkgversion="$(PKGVERSION)" \ + --extra-cflags="${extra-cflags}" \ + --extra-ldflags="${extra-ldflags}" \ + --prefix=/usr \ + --sysconfdir=/etc \ + --libdir=${libdir} \ + --libexecdir=/usr/lib/qemu \ + --firmwarepath=${FIRMWAREPATH} \ + --localstatedir=/var \ + --disable-install-blobs \ + --disable-strip \ + --localstatedir=/var \ + --disable-download \ + --disable-relocatable \ + +# this disables building of qemu-keymap tool (!) +# qemu-keymap might be helpful for qemu-system -k +# but is -k flag useful these days? +common_configure_opts += --disable-xkbcommon + +# pvrdma was removed in QEMU 9.1, no longer needs to be disabled +# (it was an extension for vmxnet3 vmware virtual network adapter) + +# Cross compiling support +ifneq ($(DEB_BUILD_GNU_TYPE), $(DEB_HOST_GNU_TYPE)) +common_configure_opts += --cross-prefix=$(DEB_HOST_GNU_TYPE)- +endif + +comma:=, + +# qemu-system (softmmu) targets, in multiple packages +# For each package: +# system-archlist-$pkg - list qemu architectues which should go to this pkg +# system-kvmcpus-$pkg - list of ${DEB_HOST_ARCH_CPU}s where we create +# kvm link for this package +# For each of ${system-archlist-*}, optional: +# system-alias-$qcpu - aliases for this qemu architecture +# For each of ${system-kvmcpus-*}, mandatory: +# system-kvmlink-$dcpu - where to point kvm link for this ${DEB_HOST_ARCH_CPU} + +system-archlist-arm = aarch64 arm +system-alias-aarch64 = arm64 +system-alias-arm = armel armhf +system-kvmcpus-arm = arm64 arm +system-kvmlink-arm64 = aarch64 +system-kvmlink-arm = arm + +system-archlist-mips = mips mipsel mips64 mips64el + +system-archlist-ppc = ppc ppc64 +system-alias-ppc = powerpc +system-alias-ppc64 = ppc64le ppc64el +system-kvmcpus-ppc = ppc64 ppc64el powerpc +system-kvmlink-ppc64 = ppc64 +system-kvmlink-ppc64el = ppc64 +system-kvmlink-powerpc = ppc + +system-archlist-sparc = sparc sparc64 + +system-s390x = $(if $(filter ${VENDOR},UBUNTU),s390x) + +system-archlist-s390x = ${system-s390x} +system-kvmcpus-s390x = s390x +system-kvmlink-s390x = s390x + +system-archlist-x86 = i386 x86_64 +system-alias-x86_64 = amd64 +system-kvmcpus-x86 = amd64 i386 +system-kvmlink-amd64 = x86_64 +system-kvmlink-i386 = x86_64 + +system-archlist-misc = alpha avr hppa m68k loongarch64 \ + microblaze microblazeel or1k riscv32 riscv64 rx sh4 sh4eb \ + $(if ${system-s390x},,s390x) \ + tricore xtensa xtensaeb +# Note: cris and nios2 removed in QEMU 9.1+ - system emulation targets no longer exist +system-alias-loongarch64 = loong64 +system-kvmcpus-misc = $(if ${system-s390x},,s390x) + +system-packages = arm mips ppc sparc x86 ${system-s390x} misc + +# install-system qemu-system-$pkg, ${system-archlist-$pkg}, kvm-link +# install qemu-arch-list binaries with manpages and aliases into pkg +# install kvm link to qemu-system-${kvm-link} if it is not empty +# fills in qemu:Provides and qemu:archlist substvars +define install-system + # installing $1 + dh_installdirs -p $1 usr/bin usr/share/man/man1 + mv -t debian/$1/usr/bin/ $(addprefix debian/tmp/usr/bin/qemu-system-,$2) +$(foreach q,$2,\ + @echo ".so man1/qemu-system.1" > debian/$1/usr/share/man/man1/qemu-system-$q.1 + $(foreach a,${system-alias-$q},\ + dh_link -p $1 usr/bin/qemu-system-$q usr/bin/qemu-system-$a + dh_link -p $1 usr/share/man/man1/qemu-system-$q.1 usr/share/man/man1/qemu-system-$a.1 +)) +$(if $3,\ + dh_link -p $1 usr/bin/$3 usr/bin/kvm + dh_link -p $1 usr/share/man/man1/$3.1 usr/share/man/man1/kvm.1 +) +# note: older make does not understand line-splitting inside $(functions ..) + echo 'qemu:Provides=$(if $3,qemu-kvm (=${DEB_VERSION})${comma})\ + $(patsubst %,% (=${DEB_VERSION})${comma},$(filter-out $1, $(patsubst %, qemu-system-%, any $2 $(foreach q,$2,${system-alias-$q}))))' \ + | tr _ - >> debian/$1.substvars +# construct list `arch1 arch2 (alias) arch3..' for Description +# and word-wrap it into two lines if too long + list='$(foreach q,$2,$q$(if ${system-alias-$q}, (${system-alias-$q})))'; \ + len2=$$(($${#list}/2)); \ + if [ $$len2 -gt 36 ]; then \ + while expr substr "$$list" $$len2 1 != " " >/dev/null; do len2=$$(($$len2+1)); done; \ + list="$$(expr substr "$$list" 1 $$(($$len2-1)))\$${Newline} $$(expr substr "$$list" $$(($$len2+1)) $$len2)"; \ + fi; \ + echo "qemu:archlist=$$list" >> debian/$1.substvars + dh_installdocs -p $1 --link-doc=qemu-system-common +endef + +sysdata-components := +qemu-builds := + +# several builds of qemu binaries: + +############################################## +# main system and tools build +configure-qemu: b/qemu/configured +b/qemu/configured: configure + rm -rf b/qemu; mkdir -p b/qemu + cd b/qemu && \ + ../../configure ${common_configure_opts} \ + --$(if ${enable-system},enable,disable)-system \ + --disable-user --disable-linux-user \ + --enable-tools \ + --disable-xen \ + --enable-modules \ + $(if ${enable-system},--enable-module-upgrades) \ + $(shell sh debian/extract-config-opts \ + $(DEB_HOST_ARCH_OS)-$(DEB_HOST_ARCH) debian/control) \ + ${QEMU_CONFIGURE_OPTIONS} || \ + { tail -n20 config.log meson-logs/meson-log.txt && false; } + touch $@ + +build-qemu: b/qemu/built +b/qemu/built: b/qemu/configured + ${NINJA} -C b/qemu + touch $@ + +test-qemu: b/qemu/tested +b/qemu/tested: b/qemu/built +ifeq (${enable-system},y) +# copy all firmware files. An alternative is to remove qemu-bundle +# cp -a /usr/share/seabios/* /usr/lib/ipxe/qemu/* /usr/share/qemu/* \ +# b/qemu/qemu-bundle/usr/share/qemu/ + rm -rf b/qemu/qemu-bundle + QEMU_MODULE_DIR=${CURDIR}/b/qemu \ + ${MAKE} -C b/qemu check-block +endif + touch $@ + +install-qemu: b/qemu/built + DESTDIR=${CURDIR}/debian/tmp \ + ${NINJA} -C b/qemu install + +# remove qtest "accel" modules + rm -f debian/tmp${libdir}/qemu/accel-qtest-*.so + +# fixup the manpage +# Note: with no enable-system, qemu-system manpage will not be installed. + sed -i 's/\\fBqemu(1)\\fP manual page/\\fBqemu-system(1)\\fP manual page (in qemu-system-common package)/' \ + debian/tmp/usr/share/man/man1/qemu-storage-daemon.1 + +ifeq (${enable-system},y) + + # qemu-system subpackages + mv debian/tmp/usr/share/man/man1/qemu.1 debian/tmp/usr/share/man/man1/qemu-system.1 + $(foreach p,${system-packages},\ + $(call install-system,qemu-system-$p,${system-archlist-$p}\ + ,$(if $(filter ${DEB_HOST_ARCH_CPU},${system-kvmcpus-$p}),qemu-system-${system-kvmlink-${DEB_HOST_ARCH_CPU}}))) + +ifeq ($(DEB_HOST_ARCH_OS),linux) + +ifeq (${VENDOR},UBUNTU) +ifneq ($(filter ${DEB_HOST_ARCH},amd64 i386),) +# on ubuntu *-spice existed, may be used in libvirt xml and scripts - keep links for compatibility +# The sunset for this will be when Ubuntu-Bionic goes out of support which is expected to happen in 2028 + install -p -t debian/qemu-system-x86/usr/bin debian/kvm-spice debian/qemu-system-x86_64-spice + install -p -t debian/qemu-system-x86/usr/share/man/man1/ debian/kvm-spice.1 + echo ".so man1/kvm-spice.1" > debian/qemu-system-x86/usr/share/man/man1/qemu-system-x86_64-spice.1 +endif # x86 +# apport hook is ubuntu-specific + install -p -D -t debian/qemu-system-common/usr/share/apport/package-hooks/ \ + debian/source_qemu.py +endif # ubuntu + +# for --enable-module-upgrades to work (also see run-qemu.mount install) +# save block-extra loadable modules on upgrades +# other module types for now (5.0) can't be loaded at runtime, only at startup +# the maintscript fragments include version string so we have to generate them + echo 'case $$1 in (upgrade|deconfigure) [ -d /run/qemu ] || exit 0; ! findmnt --noheadings --target /run/qemu/ | grep -q noexec || exit 0; mkdir -p ${SAVEMODDIR}; for m in ${libdir}/qemu/block-*.so; do if echo "${BLOCK_SUPPLEMENTAL_MODULES}" | grep -qF `basename "$$m"`; then continue; else cp -p $$m ${SAVEMODDIR}/; fi; done;; esac' \ + >> debian/qemu-block-extra.prerm.debhelper + echo 'case $$1 in (remove) for m in ${libdir}/qemu/block-*.so; do if echo "${BLOCK_SUPPLEMENTAL_MODULES}" | grep -qF `basename "$$m"`; then continue; else rm -f ${SAVEMODDIR}/`basename $$m`; fi; done;; esac' \ + >> debian/qemu-block-extra.postrm.debhelper + echo 'case $$1 in (purge) if systemctl is-active -q run-qemu.mount; then systemctl stop run-qemu.mount || true; fi; rm -rf "/run/qemu";; esac' \ + >> debian/qemu-block-extra.postrm.debhelper +# do mostly the same for qemu-block-supplemental +ifneq (,$(filter qemu-block-supplemental,${BUILD_PACKAGES})) + echo 'case $$1 in (upgrade|deconfigure) [ -d /run/qemu ] || exit 0; ! findmnt --noheadings --target /run/qemu/ | grep -q noexec || exit 0; mkdir -p ${SAVEMODDIR}; for m in ${BLOCK_SUPPLEMENTAL_MODULES}; do cp -p ${libdir}/qemu/$$m ${SAVEMODDIR}/; done;; esac' \ + >> debian/qemu-block-supplemental.prerm.debhelper + echo 'case $$1 in (remove) for m in ${BLOCK_SUPPLEMENTAL_MODULES}; do rm -f ${SAVEMODDIR}/$$m; done;; esac' \ + >> debian/qemu-block-supplemental.postrm.debhelper +endif + +endif # linux + +else # !enable-system + +# qemu-system manpage is built regardless of system target + rm -fv debian/tmp/usr/share/man/man1/qemu.1 + +endif # enable-system + +qemu-builds += qemu + +############################################## +# microvm build: +configure-microvm: b/microvm/configured +b/microvm/configured: configure debian/microvm-devices.mak + rm -rf b/microvm; mkdir -p b/microvm + cp -up debian/microvm-devices.mak configs/devices/x86_64-softmmu/microvm.mak + cd b/microvm && \ + ../../configure ${common_configure_opts} \ + --extra-cflags="${extra-cflags} -DCONFIG_MICROVM_DEFAULT=1" \ + --disable-docs \ + --without-default-features \ + --target-list=x86_64-softmmu --enable-kvm --disable-tcg \ + --enable-pixman \ + --enable-attr \ + --enable-coroutine-pool \ + --audio-drv-list="" \ + --without-default-devices \ + --with-devices-x86_64=microvm \ + --enable-vhost-kernel --enable-vhost-net \ + --enable-vhost-vdpa \ + --enable-vhost-user --enable-vhost-user-blk-server \ + --enable-vhost-crypto \ + --enable-linux-aio \ + --enable-numa \ + --enable-seccomp \ + --enable-virtfs \ + --disable-vnc \ + ${QEMU_MICROVM_CONFIGURE_OPTIONS} + touch $@ +build-microvm: b/microvm/qemu-system-x86_64 +b/microvm/qemu-system-x86_64: b/microvm/configured + ${NINJA} -C b/microvm qemu-system-x86_64 +install-microvm: b/microvm/qemu-system-x86_64 + cp b/microvm/qemu-system-x86_64 debian/qemu-system-x86/usr/bin/qemu-system-x86_64-microvm + echo ".so man1/qemu-system.1" > debian/qemu-system-x86/usr/share/man/man1/qemu-system-x86_64-microvm.1 +# build microvm on amd64 only if system build is enabled +qemu-builds += $(if $(filter ${DEB_HOST_ARCH}-${enable-system},amd64-y),microvm) + +############################################## +# xen build (amd64 arch only, i386-softmmu target only) +configure-xen: b/xen/configured +b/xen/configured: configure + # system build for qemu-system-xen + rm -rf b/xen; mkdir -p b/xen + cd b/xen && \ + ../../configure ${common_configure_opts} \ + --disable-install-blobs --disable-docs --disable-tools \ + --without-default-features \ + --enable-xen --target-list=i386-softmmu \ + --enable-xen-pci-passthrough \ + --disable-tcg --disable-kvm \ + --audio-drv-list= \ + --enable-libusb \ + --enable-pixman --enable-vnc --enable-vnc-jpeg \ + --enable-spice \ + --enable-virtfs --enable-attr --enable-cap-ng \ + ${QEMU_XEN_CONFIGURE_OPTIONS} + touch $@ +build-xen: b/xen/built +b/xen/built: b/xen/configured + ${NINJA} -C b/xen qemu-system-i386 + touch $@ +install-xen: b/xen/built + install -D b/xen/qemu-system-i386 \ + debian/qemu-system-xen${QEMU_XEN} +qemu-builds += $(if $(filter qemu-system-xen,${BUILD_PACKAGES}),xen) + +############################## + +# list of linux-user targets, from configs/targets/*-linux-user.mak +# Note: cris and nios2 removed in QEMU 9.1+ +user-targets = \ + aarch64 aarch64_be alpha arm armeb hexagon hppa i386 loongarch64 \ + m68k microblaze microblazeel mips mips64 mips64el mipsel mipsn32 mipsn32el \ + or1k ppc ppc64 ppc64le riscv32 riscv64 \ + s390x sh4 sh4eb sparc sparc32plus sparc64 \ + x86_64 xtensa xtensaeb +# aliases for missing ${DEB_HOST_ARCH} names in qemu-user: +user-alias-aarch64 = arm64 +user-alias-arm = armel armhf +user-alias-loongarch64 = loong64 +user-alias-ppc = powerpc +user-alias-ppc64le = ppc64el +user-alias-x86_64 = amd64 + +# install-user [-static] +define install-user + dh_installdirs -p qemu-user$1 \ + usr/bin usr/share/man/man1 usr/share/doc/qemu-user$1 +$(foreach t,${user-targets},\ + cp -p b/user$1/qemu-$t debian/qemu-user$1/usr/bin/qemu-$t$1 + ln -sf qemu-user$1.1 debian/qemu-user$1/usr/share/man/man1/qemu-$t$1.1 +$(foreach a,${user-alias-$t},\ + ln -sf qemu-$t$1 debian/qemu-user$1/usr/bin/qemu-$a$1 + ln -sf qemu-$t$1.1 debian/qemu-user$1/usr/share/man/man1/qemu-$a$1.1 +)) +endef + +############################################## +# user build +configure-user: b/user/configured +b/user/configured: configure +# do not use debian/configure-opts here, all optional stuff will be enabled +# automatically, dependencies are already verified in the main build + rm -rf b/user; mkdir -p b/user + cd b/user && \ + ../../configure ${common_configure_opts} \ + --extra-cflags="${extra-cflags}" \ + --disable-plugins \ + --target-list="$(addsuffix -linux-user,${user-targets})" + touch $@ +build-user: b/user/built +b/user/built: b/user/configured + # we use this invocation to build just the binaries + ${NINJA} -C b/user $(addprefix qemu-,${user-targets}) + touch $@ +install-user: b/user/built + $(call install-user,) + sed -e 's/qemu\\-user\\-static/qemu\\-user/g' \ + -e 's/ (static version)//' \ + debian/qemu-user-static.1 > debian/qemu-user/usr/share/man/man1/qemu-user.1 + sed 's|-static||g' debian/qemu-user-static.README.Debian > \ + debian/qemu-user/usr/share/doc/qemu-user/README.Debian + dh_installdocs -p qemu-user-binfmt --link-doc=qemu-user + ./debian/binfmt-install qemu-user-binfmt +qemu-builds += $(if ${enable-user},user) + +############################################## +# user-static build +configure-user-static: b/user-static/configured +b/user-static/configured: configure +# do not use debian/configure-opts here, all optional stuff will be enabled +# automatically, dependencies are already verified in the main build +# See LP:#1908331 for --static-pie (the default in qemu) and #1053101 +# See https://sourceware.org/bugzilla/show_bug.cgi?id=29514 +# use --disable-pie on i386 for now due to #1056739 +# (maybe also add arm64 here for gcc12) + rm -rf b/user-static; mkdir -p b/user-static + cd b/user-static && \ + ../../configure ${common_configure_opts} \ + --extra-cflags="${extra-cflags}" \ + --static \ + $(if $(filter i386,${DEB_HOST_ARCH}),--disable-pie) \ + --disable-plugins \ + --target-list="$(addsuffix -linux-user,${user-targets})" + touch $@ +build-user-static: b/user-static/built +b/user-static/built: b/user-static/configured + # we use this invocation to build just the binaries + ${NINJA} -C b/user-static $(addprefix qemu-,${user-targets}) + touch $@ +install-user-static: b/user-static/built + $(call install-user,-static) + ./debian/binfmt-install qemu-user-static +qemu-builds += $(if ${enable-user-static},user-static) + +############################################## +# qemu-system-for-host dep-only package +# find the qemu-system-foo package which contains the right binary: +#qemu-system-for-host=$(strip \ +# $(foreach p,${system-packages},\ +# $(if \ +# $(filter \ +# ${system-archlist-$p} $(foreach a,${system-archlist-$p},${system-alias-$a}),\ +# ${DEB_HOST_ARCH_CPU}),\ +# qemu-system-$p))) +install-qemu-system-for-host: +# $(if ${qemu-system-for-host},,$(error no qemu-system-for-host found for ${DEB_HOST_ARCH_CPU})) +# echo 'qemu-for-host=${qemu-system-for-host}' + echo 'qemu:for-host=qemu-system-${DEB_HOST_ARCH_CPU}' \ + >> debian/qemu-system-for-host.substvars + dh_installdocs -p qemu-system-for-host --link-doc=qemu-system-common +configure-qemu-system-for-host: +build-qemu-system-for-host: +qemu-builds += $(filter ${BUILD_PACKAGES},qemu-system-for-host) + +############################################## +# common rules + +.PHONY: $(addprefix configure-, ${qemu-builds}) \ + $(addprefix build-, ${qemu-builds}) \ + $(addprefix install-, ${qemu-builds}) \ + configure-arch build-arch test-qemu \ + pre-install-arch install-arch binary-arch +configure-arch: $(addprefix configure-, ${qemu-builds}) +build-arch: $(addprefix build-, ${qemu-builds}) \ + +#XXX-cyclic-test-dep-dak-bug $(if $(findstring nocheck, ${DEB_BUILD_OPTIONS} ${DEB_BUILD_PROFILES}),, test-qemu) + +pre-install-arch: + dh_testroot + dh_prep -a + dh_installdirs -a +install-arch: pre-install-arch $(addprefix install-, ${qemu-builds}) + dh_install -a +ifneq (,$(filter qemu-block-supplemental,${BUILD_PACKAGES})) + # block-gluster.so should only be in qemu-block-supplemental, if it's built (it doesn't build on 32bit architectures) + dh_installdirs -p qemu-block-supplemental usr/lib/${DEB_HOST_MULTIARCH}/qemu + for m in ${BLOCK_SUPPLEMENTAL_MODULES}; do mv debian/qemu-block-extra/usr/lib/${DEB_HOST_MULTIARCH}/qemu/$$m debian/qemu-block-supplemental/usr/lib/${DEB_HOST_MULTIARCH}/qemu/; done + # This also introduces a "Depends: qemu-block-extra" to qemu-block-supplemental, which + # we want also because of the run-qemu.mount unit shipped there. + dh_installdocs -p qemu-block-supplemental --link-doc=qemu-block-extra +endif + dh_missing -a + dh_installdocs -a + dh_installchangelogs -a + dh_installman -a + dh_installinit -pqemu-guest-agent + # install /etc/default/qemu-kvm + dh_installinit -a -pqemu-system-common --name=qemu-kvm + dh_installsystemd -pqemu-guest-agent --no-enable + dh_installudev -pqemu-guest-agent + # install and enable qemu-kvm.service + dh_installsystemd -a -pqemu-system-common --no-restart-on-upgrade --name=qemu-kvm +# default-enable /run/qemu mount only on ubuntu, +# on debian let it be manually controlled and off by default + dh_installsystemd -pqemu-block-extra --no-restart-on-upgrade --name=run-qemu \ + $(if $(filter ${VENDOR},DEBIAN),--no-start --no-enable,) + dh_lintian -a + dh_strip_nondeterminism -a + dh_compress -a + dh_fixperms -a +#968670: skip dwz << 0.14 on these arches, remove in bookworm+1 + v="$$(dwz --version 2>&1 | sed -n 's/^dwz version //p')"; case "$$v" in \ + (0.1[0123]) echo "Skipping dwz version $$v on ${DEB_HOST_ARCH}: #968670" ;; \ + (*) dh_dwz -a ;; \ + esac + dh_strip -a +# qemu-user-static contains static binaries only, but they might be built +# as static-pie executables and dpkg-shlibdeps complains. Just omit it here. + dh_shlibdeps -a -Nqemu-user-static +ifeq (${enable-user-static},y) +# after shlibdeps finished, grab ${shlibs:Depends} from -user package +# and transform it into Built-Using field for -user-static. + if [ -f debian/qemu-user.substvars ]; then \ + pkgs=$$(sed -n -e's/([^)]*)//g' -e's/,//g' -e's/^shlibs:Depends=//p' debian/qemu-user.substvars); \ + srcs="$$srcs $$(dpkg-query -f '$${source:Package} (= $${source:Version}),' -W $$pkgs)"; \ + echo "built-using=$$srcs" >> debian/qemu-user-static.substvars ; \ + fi +endif +binary-arch: install-arch binary-helper +binary-arch: a=-a + +############################################## +### firmware, qemu-user-data package + +### main qemu arch-indep build +# we configure qemu in b/data with default options, so that various +# subcomponents can be built from the main qemu source +b/data/.configured: | b + rm -rf b/data; mkdir -p b/data + cd b/data && ../../configure --skip-meson + touch $@ + +### openbios rules +b/openbios/config-host.mak: + mkdir -p b/openbios + cd b/openbios && ../../roms/openbios/config/scripts/switch-arch builtin-ppc builtin-sparc32 builtin-sparc64 +build-openbios: $(addprefix b/openbios/obj-, $(addsuffix /.built, ppc sparc32 sparc64)) +b/openbios/obj-%/.built: b/openbios/config-host.mak + ${MAKE} -C ${@D} V=${V} EXTRACFLAGS="-ffreestanding -fno-pic -fno-stack-protector" + @touch $@ +install-openbios: build-openbios + install -m 0644 b/openbios/obj-ppc/openbios-qemu.elf ${sysdataidir}/openbios-ppc + install -m 0644 b/openbios/obj-sparc32/openbios-builtin.elf ${sysdataidir}/openbios-sparc32 + install -m 0644 b/openbios/obj-sparc64/openbios-builtin.elf ${sysdataidir}/openbios-sparc64 + install -m 0644 -t ${sysdataidir} \ + b/openbios/obj-sparc32/QEMU,tcx.bin \ + b/openbios/obj-sparc32/QEMU,cgthree.bin \ + b/openbios/obj-sparc64/QEMU,VGA.bin +# sysdata-components += openbios + +### powernv firmware in roms/skiboot +build-skiboot: b/skiboot/skiboot.lid +b/skiboot/skiboot.lid: | roms/skiboot/.version + mkdir -p b/skiboot +# skiboot makefiles makes it difficult to *add* an option to CFLAGS. +# Abuse OPTS= for this, with the default being -Os. + grep -q '^OPTS=-Os$$' roms/skiboot/Makefile.main || \ + { echo "review OPTS= in skiboot/Makefile.main"; false; } + ${MAKE} -C b/skiboot -f ${CURDIR}/roms/skiboot/Makefile \ + SRC=${CURDIR}/roms/skiboot \ + OPTS='-Os -ffile-prefix-map="${CURDIR}/roms/skiboot/"=' \ + CROSS_COMPILE=${PPC64_CROSSPFX} V=${V} +install-skiboot: b/skiboot/skiboot.lid + install -m 0644 -t ${sysdataidir} $< +# sysdata-components += skiboot + +### vof.bin +build-vof: b/data/pc-bios/vof/vof.bin +b/data/pc-bios/vof/vof.bin: b/data/.configured + ${MAKE} -C ${@D} V=$V ${@F} +install-vof: b/data/pc-bios/vof/vof.bin + install -m 0644 -t ${sysdataidir} $< +# sysdata-components += vof + +### u-boot-e500 (u-boot.e500) +build-u-boot-e500: b/u-boot/build-e500/u-boot +b/u-boot/build-e500/u-boot: | b + cp -alu roms/u-boot b/ + ${MAKE} -C b/u-boot O=build-e500 qemu-ppce500_config + ${MAKE} -C b/u-boot CROSS_COMPILE=${PPC_CROSSPFX} O=build-e500 V=$V + ${PPC_CROSSPFX}strip $@ +install-u-boot-e500: b/u-boot/build-e500/u-boot + install -m 0644 $< ${sysdataidir}/u-boot.e500 +# sysdata-components += u-boot-e500 + +### u-boot-sam460 (u-boot-sam460-20100605.bin) +build-u-boot-sam460: b/u-boot-sam460ex/u-boot.bin +b/u-boot-sam460ex/u-boot.bin: | b + cp -alu roms/u-boot-sam460ex b/ + ${MAKE} -C b/u-boot-sam460ex Sam460ex_config + env -u LDFLAGS -u OBJCFLAGS \ + ${MAKE} -C b/u-boot-sam460ex CROSS_COMPILE=${PPC_CROSSPFX} +# ${PPC_CROSSPFX}strip $@ +install-u-boot-sam460: b/u-boot-sam460ex/u-boot.bin | ${sysdataidir} + install -m 0644 $< ${sysdataidir}/u-boot-sam460-20100605.bin +# sysdata-components += u-boot-sam460 + +### x86 optionrom +build-x86-optionrom: b/optionrom/built +b/optionrom/built: + mkdir -p b/optionrom + ${MAKE} -f ${CURDIR}/debian/optionrom.mak -C b/optionrom SRC_PATH="${CURDIR}" all + touch $@ +install-x86-optionrom: build-x86-optionrom | ${sysdataidir} + ${MAKE} -f ${CURDIR}/debian/optionrom.mak -C b/optionrom SRC_PATH="${CURDIR}" install DESTDIR="${CURDIR}/${sysdataidir}" +# sysdata-components += x86-optionrom + +### qboot, aka bios-microvm +build-qboot: b/qboot/bios.bin +b/qboot/bios.bin: | b + rm -rf b/qboot + meson setup roms/qboot b/qboot + ninja -C b/qboot $(if $V,-v) +install-qboot: b/qboot/bios.bin + install -m 0644 $< ${sysdataidir}/qboot.rom +# sysdata-components += qboot + +### alpha firmware in roms/palcode-clipper +build-palcode-clipper: b/qemu-palcode/palcode-clipper +b/qemu-palcode/palcode-clipper: | b + cp -al roms/qemu-palcode b/ +#XXX #1019011 (remove OPT= alternative when fixed) + ${MAKE} -C b/qemu-palcode CROSS=${ALPHAEV67_CROSSPFX} -k || \ + ${MAKE} -C b/qemu-palcode CROSS=${ALPHAEV67_CROSSPFX} OPT=-O1 + ${ALPHAEV67_CROSSPFX}strip b/qemu-palcode/palcode-clipper +install-palcode-clipper: b/qemu-palcode/palcode-clipper + install -m 0644 $< ${sysdataidir}/palcode-clipper +# sysdata-components += palcode-clipper + +### SLOF +build-slof: b/SLOF/boot_rom.bin +b/SLOF/boot_rom.bin: | b + cp -al roms/SLOF b/ + env -u LDFLAGS -u CFLAGS $(MAKE) -C b/SLOF qemu CROSS=${PPC64_CROSSPFX} V=${V} +install-slof: b/SLOF/boot_rom.bin + install -m 0644 $< ${sysdataidir}/slof.bin +# sysdata-components += slof + +### s390x firmware in pc-bios/s390-ccw +build-s390x-fw: b/data/pc-bios/s390-ccw/.built +b/data/pc-bios/s390-ccw/.built: b/data/.configured + make -C ${@D} V=$V + touch $@ +install-s390x-fw: b/data/pc-bios/s390-ccw/.built + install -m 0644 -t ${sysdataidir} ${ roms/seabios-hppa/.config + ${MAKE} -C roms/seabios-hppa olddefconfig + ${MAKE} -C roms/seabios-hppa OUT=../../b/hppafw/ PYTHON=python3 parisc + hppa-linux-gnu-strip -R.note -R.comment $@ +install-hppa-fw: b/hppafw/hppa-firmware.img + install -m 0644 $< ${sysdataidir} +# sysdata-components += hppa-fw + +### opensbi (riscv firmware) +# we only build v64 variants, not v32 +build-opensbi: b/opensbi/.built +b/opensbi/.built: + mkdir -p b/opensbi + ${MAKE} -C roms/opensbi O=../../b/opensbi CROSS_COMPILE=${RISCV64_CROSSPFX} V=${V} PLATFORM=generic + ${RISCV64_CROSSPFX}strip --strip-unneeded -R.comment -R.note b/opensbi/platform/generic/firmware/fw_dynamic.elf + touch $@ +install-opensbi: build-opensbi + install -m 0644 b/opensbi/platform/generic/firmware/fw_dynamic.bin ${sysdataidir}/opensbi-riscv64-generic-fw_dynamic.bin + install -m 0644 b/opensbi/platform/generic/firmware/fw_dynamic.elf ${sysdataidir}/opensbi-riscv64-generic-fw_dynamic.elf +# sysdata-components += opensbi + +### vbootrom (npcm7xx) +build-vbootrom: b/vbootrom/.built +b/vbootrom/.built: | b + cp -pa roms/vbootrom b/ + ${MAKE} -C b/vbootrom CROSS_COMPILE=${ARM_CROSSPFX} + touch $@ +install-vbootrom: build-vbootrom + install -m 0644 b/vbootrom/npcm7xx_bootrom.bin ${sysdataidir}/ +# sysdata-components += vbootrom + +### misc firmware +build-misc: b/misc/.built +b/misc/.built: + mkdir -p b/misc + # Use pre-built DTB files from pc-bios/dtb/ + cp pc-bios/dtb/bamboo.dtb b/misc/bamboo.dtb + cp pc-bios/dtb/canyonlands.dtb b/misc/canyonlands.dtb + cp pc-bios/dtb/petalogix-ml605.dtb b/misc/petalogix-ml605.dtb + cp pc-bios/dtb/petalogix-s3adsp1800.dtb b/misc/petalogix-s3adsp1800.dtb + touch $@ +install-misc: build-misc + install -m 0644 b/misc/bamboo.dtb b/misc/canyonlands.dtb \ + -D -t ${sysdataidir}/dtb + install -m 0644 b/misc/petalogix-ml605.dtb b/misc/petalogix-s3adsp1800.dtb \ + -D -t debian/qemu-system-misc/usr/share/qemu/dtb/ +# icon for gtk ui + install -Dp -m0644 ui/icons/qemu.svg \ + -t debian/qemu-system-data/usr/share/icons/hicolor/scalable/apps/ + install -Dp -m0644 ui/qemu.desktop \ + -t debian/qemu-system-data/usr/share/applications/ +# icon for sdl2 ui (non-sdl-image version) + install -Dp -m0644 ui/icons/qemu_32x32.bmp \ + debian/qemu-system-data/usr/share/icons/hicolor/32x32/apps/qemu.bmp + install -Dp -m0644 -t debian/qemu-system-data/usr/share/qemu/keymaps/ \ + $$(ls -1 pc-bios/keymaps/* | fgrep -v /meson.build) +sysdata-components += misc + +${sysdataidir}: + mkdir -p -m 0755 $@ +b: + mkdir -p $@ + +.PHONY: $(addprefix build- , ${sysdata-components}) \ + $(addprefix install-, ${sysdata-components}) \ + build-indep pre-install-indep install-indep binary-indep +$(addprefix build- , ${sysdata-components}): | b +$(addprefix install-, ${sysdata-components}): | ${sysdataidir} +build-indep: $(addprefix build-, ${sysdata-components}) +pre-install-indep: + dh_testroot + dh_prep -i +install-indep: pre-install-indep $(addprefix install-, ${sysdata-components}) + dh_installdocs -i + # install qemu-system-data.links + dh_link -i + dh_installchangelogs -i + dh_lintian -i + dh_compress -i + dh_fixperms -i +binary-indep: install-indep binary-helper +binary-indep: a=-i + +build: build-arch build-indep +install: install-arch install-indep +binary: install-arch install-indep binary-helper +binary: a= +binary-helper: + dh_installdeb $a + dh_gencontrol $a + dh_md5sums $a + dh_builddeb $a + +clean: debian/control + dh_clean \ + b/ \ + configs/devices/x86_64-softmmu/microvm.mak \ + +.PHONY: build install binary binary-helper clean + +ifneq (,$(wildcard debian/control-in)) +# only include rules for debian/control if debian/control-in is present +debian/control: debian/control-in debian/rules + echo '# autogenerated file, please edit debian/control-in' > $@.tmp + sed -e 's/^:$(shell echo ${VENDOR} | tr '[A-Z]' '[a-z]')://' \ + -e '/^:[a-z]*:/D' \ + -e 's/:system-arch-linux:/$(sort ${system-arch-linux})/g' \ + -e 's/:system-arch:/$(sort ${system-arch})/g' \ + -e 's/:spice-arch:/$(sort ${spice-arch})/g' \ + -e 's/:user-arch:/$(sort ${user-arch})/g' \ + -e 's/:utils-arch:/${utils-arch}/g' \ + $< >> $@.tmp + mv -f $@.tmp $@ +endif diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 00000000000..163aaf8d82b --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/debian/source/lintian-overrides b/debian/source/lintian-overrides new file mode 100644 index 00000000000..8d4f783e736 --- /dev/null +++ b/debian/source/lintian-overrides @@ -0,0 +1,14 @@ +# deliberate spacing to align Replaces +qemu source: debian-control-has-unusual-field-spacing Replaces * +# we have a ton of files with long lines, just shut up this warning +qemu source: very-long-line-length-in-source-file * +qemu source: package-does-not-install-examples *roms/*/examples/* +# we refer to versioned Provides coming from the same source so it's ok +qemu source: version-substvar-for-external-package Depends ${binary:Version} qemu-* -> qemu-system-any * +# yes we do NOT use dh sequencer. +# dh exports CFLAGS et all, which breaks firmware compilation badly +# also, it makes whole thing recursive, uncontrollable and hidden, +# hence difficult to debug. +qemu source: no-dh-sequencer [debian/rules] +# the source is available in linux-user/*/vdso.S: +qemu source: source-is-missing [linux-user/*/vdso*.so] diff --git a/debian/source/options b/debian/source/options new file mode 100644 index 00000000000..06e1ae9c8a7 --- /dev/null +++ b/debian/source/options @@ -0,0 +1 @@ +include-binaries diff --git a/debian/source_qemu.py b/debian/source_qemu.py new file mode 100644 index 00000000000..b86d6bd7a69 --- /dev/null +++ b/debian/source_qemu.py @@ -0,0 +1,25 @@ +'''apport package hook for qemu + +(c) 2009 Canonical Ltd. +''' + +from apport.hookutils import * +import subprocess + +def cmd_pipe(command1, command2, input = None, stderr = subprocess.STDOUT, stdin = None): + '''Try to pipe command1 into command2.''' + try: + sp1 = subprocess.Popen(command1, stdin=stdin, stdout=subprocess.PIPE, stderr=stderr, close_fds=True) + sp2 = subprocess.Popen(command2, stdin=sp1.stdout, stdout=subprocess.PIPE, stderr=stderr, close_fds=True) + except OSError as e: + return [127, str(e)] + + out = sp2.communicate(input)[0] + return [sp2.returncode,out] + +def add_info(report): + attach_hardware(report) + attach_related_packages(report, ['kvm*', '*libvirt*', 'virt-manager', 'qemu*']) + rc,output = cmd_pipe(['ps', '-eo', 'comm,stat,euid,ruid,pid,ppid,pcpu,args'], ['egrep', '(^COMMAND|^qemu|^kvm)']) + if rc == 0: + report['KvmCmdLine'] = output diff --git a/debian/tests/control b/debian/tests/control new file mode 100644 index 00000000000..9869a5f8aec --- /dev/null +++ b/debian/tests/control @@ -0,0 +1,11 @@ +Tests: test-qemu-img.sh +Depends: qemu-utils +Restrictions: superficial + +Tests: test-qemu-system.sh +Depends: qemu-system-x86 +Restrictions: superficial + +Tests: test-qemu-user.sh +Depends: qemu-user, qemu-user-static +Restrictions: superficial diff --git a/debian/tests/test-qemu-img.sh b/debian/tests/test-qemu-img.sh new file mode 100755 index 00000000000..ed7475f2faf --- /dev/null +++ b/debian/tests/test-qemu-img.sh @@ -0,0 +1,35 @@ +#!/bin/sh + +set -e + +cd "$AUTOPKGTEST_TMP" + +doit() { + echo "$1:" + shift + echo "$1" + if [ -n "$2" ]; then + out="$($1)" + eval "case \"\$out\" in ( $2 ) echo \"\$out\";; (*) echo \"unexpected output:\"; echo \" want $2\"; echo \" got \$out\"; return 1;; esac" + else + $1 + fi + echo ok. +} + +doit "Testing if qemu-img creates images" \ + "qemu-img create q.raw 12G" + +doit "Testing for correct image size" \ + "ls -l q.raw" '*\ 12884901888\ *' + +doit "Testing if file is sparse" \ + 'ls -s q.raw' '[04]\ *' + +doit "Testing if conversion to a qcow2 image works" \ + "qemu-img convert -f raw -O qcow2 q.raw q.qcow2" + +doit "Checking if image is qcow2" \ + 'qemu-img info q.qcow2' "*'file format: qcow2'*'size: 12 GiB (12884901888 bytes)'*" + +rm -f q.raw q.qcow2 diff --git a/debian/tests/test-qemu-system.sh b/debian/tests/test-qemu-system.sh new file mode 100755 index 00000000000..eca40951ca9 --- /dev/null +++ b/debian/tests/test-qemu-system.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +set -e + +for ARCH in x86_64 i386; do + echo -n "Checking for pc in ${ARCH}..." + qemu-system-${ARCH} -M help | grep -qs "pc\s\+Standard PC" + echo "done." +done + diff --git a/debian/tests/test-qemu-user.sh b/debian/tests/test-qemu-user.sh new file mode 100755 index 00000000000..da18b8af83c --- /dev/null +++ b/debian/tests/test-qemu-user.sh @@ -0,0 +1,34 @@ +#!/bin/sh + +set -e + +arch=$(dpkg --print-architecture) +echo "debian architecture: $arch" +case $arch in + ( amd64 | x86_64 ) arch=x86_64 ;; + ( i[3456]86 ) arch=i386 ;; + ( arm64 | aarch64 ) arch=aarch64 ;; + ( arm | armel | armhf ) arch=arm ;; + ( ppc64el | powerpc64le ) arch=ppc64le ;; + ( s390x ) ;; + ( * ) echo "Warning: unmapped architecture $arch" ;; +esac +echo "qemu architecture: $arch" + +tested= +for f in qemu-$arch qemu-$arch-static ; do + [ -x /usr/bin/$f ] || continue + echo "Checking if $f can run executables:" + echo "glob with sh: $f /bin/sh -c '$f /bin/ls -dCFl debian/*[t]*':" + ls="$($f /bin/sh -c "$f /bin/ls -dCFl debian/*[t]*")" + echo "$ls" + case "$ls" in + (*debian/control*) ;; + *) echo "Expected output not found" >&2; exit 1;; + esac + echo ok. + tested=y +done +if [ ! "$tested" ]; then + echo "Warning: qemu-$arch[-static] not found, not testing qemu-user" +fi diff --git a/debian/upstream/signing-key.asc b/debian/upstream/signing-key.asc new file mode 100644 index 00000000000..63904eafeab --- /dev/null +++ b/debian/upstream/signing-key.asc @@ -0,0 +1,44 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQENBFJhQQ8BCAChk4A3y0VfqeGfuhBZK4nvpZP/cSIQntWDheF3Tx7m9CxEGbc+ +5aHxfrvm45LSjwPCK020WjeqYX2UFQfcvcjoW6iMbth1BLydu11vx6Gk/CJuB7Ss +8AbyvEXBcOfHbginUdqr4nwLD9e8qlVxRFbSHfbFRbuybZghke4y1pZzekkqbseT +kahkWHxr6o1EGAjyIdjAq1IQxewW6yJ4rkHWsRvfv3sUQTqBU+wT180kdwC8AAv6 +q6TX4um0HGR46uJ+5SG8DYb00kRMckQtYpTuwuUmlAvNh/qLg2fVVMEiHBpcuIiV +h7x8INuq94vc+tgxmr0bomIWIZljMQ7vp8ixABEBAAG0IE1pY2hhZWwgUm90aCA8 +bWRyb3RoQHV0ZXhhcy5lZHU+iQE4BBMBAgAiBQJSYUEPAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRAzU8nO8Qi1hAHFB/9XZo74FYIGrSY814qun2wWF1Ui +wljt6pLrwJfpn5DQJmMRn6ZMAJxXb7S7NE1jVvo0E85m4tykjidWZvrFtTljDBiV +WKA+xHT8ip5+cLIOr5ogwsR7ujC+Rk1u5nb8FIafo3G7V8raXYI6T7sfOCJ+wUUI +s0A3Sw7P7GiAQLuafQ+jAUjg7S0REPNBvGamZ+tIAJxL7bAAACTWe4hZUGodXJuV +Ofk7ic2p5SpeT0E6/Pd2JtAcQdsdpRB4x5M99neRtyEdZO/3SauoHzIoneRxml1Y +rp4hr27Ggr8I9WMomU5E0IMz7HR3fRTQXVd5SsXKLsitUqeKHmTOLn1zuXtUtCFN +aWNoYWVsIFJvdGggPGZsdWtzaHVuQGdtYWlsLmNvbT6JATgEEwECACIFAlJhQl4C +GwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEDNTyc7xCLWEj2cH/21MIyGv +podSPX6e2y6sS0cvZ3rTNTm+qVq3VY2yJlHX8KVcvT6Su9s0yl9J5FdeIkQCqpo4 ++U/ANDK4R7rcnHl/gEw21932lVESPMMKhxlLluAb054nrqdwpdjtxf+VZcTt4c4B +zcF/K9po1LgZoOt6HJPxIC+tqYYQrsmrOZUtCJjgOXO6IkadrBmxoFNFxQ4qWB2u +oZ+/HEtceOIb56qNfOj36MtEKVwpScYPAxaePd9lO7P4vlCOx6yIzO3MzEl+Aen7 +/NYKU8WwwRnshAlW4GTn2XbrEQeJx4HzSzI5r8xfMOH3JLh/ZVANBR7c5cw1MPe7 +1fAj5WzXrr/scJu0KE1pY2hhZWwgUm90aCA8bWRyb3RoQGxpbnV4LnZuZXQuaWJt +LmNvbT6JATgEEwECACIFAlJhQjYCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheA +AAoJEDNTyc7xCLWEltAH/37ADf0YFPrJd3gcZyGC/zvtPhYPZ/kxnqoahoBIRF/s +ftGV5XqwwZOGm1Iws/VmTQ0PFBvU+Mw0vNT0HcreRT8PohtRlF+V8umHLVeL6x3C +tmJfsfyYBxLoE5/DLyYqBvpCothLm40ND4O6lRdLF5CUScGhgD1IblvmYBs0Uz71 +tFnHmC+Ov3fNC8YkTNymaxnJGYlPtmwUZ7SWh1XRl8pMQzL+3B9Be6ecO3J5lbFm +wL8XYawx0HtayvM5n9VbPy2eawAn++e7bLLywc39YyQ9/ckmSlZqtlUsEuij+h0T +qmr9XY7K8WEHqBJXfl8txIm8DTOqq4dcx3j7k+qwQJC5AQ0EUmFBDwEIAJDxMtsu +9ie8QN7eepcm+WuaY6Zbg3iDdPOOrQ4Ez+4oLaib5FHiZZjikdTsD7hlwcVuuhyE +P2/bT9f29pbsrUVjHRgqJPdcuoOlUzAekgz17895Wh1gRarsbDIJDgs1878OSvIC +/ek++qAWkzU4Sy8Psu9eJMTP6F0nPBOvet+iPwWDZO/dxrf+BnBb9wuBZnihpKMa +v2gJox0iYrqpnFOFlK/XdSYnZNYpIyBin1e+K2CG+TzF2M+KmdZE7FMhnTz95est +AG2kC37VIVkCq8yHNVZqsgyAfMqpB1ayQI2r3FUBM0Hxp6z2+8v/Ezp6zhYCI+Bi +UC7VbrWSSuTlp4UAEQEAAYkBHwQYAQIACQUCUmFBDwIbDAAKCRAzU8nO8Qi1hKWY +B/0R6ct3W2SEyoNuHTTKd5szIJigHYXrsqBa4XQGaVuFz7XZtcIbFFhEHjMrvTJp +BWhuZ091Gp0AjV2ACNi2z+dSpXi16QxdFb1/4us6mFEm86UIu4tcNN1V3WPiODpW +fFkEys/vmqQImLjfSsdxzhMdX7Yen1B3fxiKzwzsTlFbnNiBr2Mv7flDiUvMdbHm +b/n0/B6a69SRYfVkJ3MZdl0gptJlXhJVdwjwVVl3bjvlQd0aZoLwJ7ntrWeMxOkb +f8950vPVxemQ1frblB0zR98fuUNhX4cjrFTI9iJck7xLUwNZfgOz9PodfqUv4riM +LczMmw3nwGZO/aJg0m6uWSWk +=IvBA +-----END PGP PUBLIC KEY BLOCK----- diff --git a/debian/watch b/debian/watch new file mode 100644 index 00000000000..297e0b0c622 --- /dev/null +++ b/debian/watch @@ -0,0 +1,9 @@ +version=4 + +opts=\ +dversionmangle=auto,\ +repacksuffix=+ds,\ +uversionmangle=s/-rc/~rc/,\ +pgpsigurlmangle=s/$/.sig/,\ +compression=xz \ + https://download.qemu.org/ qemu-@ANY_VERSION@@ARCHIVE_EXT@ diff --git a/hw/acpi/acpi_egm_memory.c b/hw/acpi/acpi_egm_memory.c new file mode 100644 index 00000000000..46de1e462b1 --- /dev/null +++ b/hw/acpi/acpi_egm_memory.c @@ -0,0 +1,181 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Copyright (c) 2024, NVIDIA CORPORATION & AFFILIATES. All rights reserved + */ + +#include "qemu/osdep.h" +#include "hw/acpi/acpi_egm_memory.h" +#include "hw/acpi/aml-build.h" +#include "hw/boards.h" +#include "hw/pci/pci_device.h" +#include "qemu/error-report.h" +#include "hw/arm/virt.h" +#include "include/hw/boards.h" + +typedef struct AcpiEgmMemoryClass { + ObjectClass parent_class; +} AcpiEgmMemoryClass; + +static int gpu_id; + +OBJECT_DEFINE_TYPE_WITH_INTERFACES(AcpiEgmMemory, acpi_egm_memory, + ACPI_EGM_MEMORY, OBJECT, + { TYPE_USER_CREATABLE }, + { NULL }) + +OBJECT_DECLARE_SIMPLE_TYPE(AcpiEgmMemory, ACPI_EGM_MEMORY) + +static void acpi_egm_memory_init(Object *obj) +{ + AcpiEgmMemory *egm = ACPI_EGM_MEMORY(obj); + + egm->node = MAX_NODES; + egm->pci_dev = NULL; +} + +static void acpi_egm_memory_finalize(Object *obj) +{ + AcpiEgmMemory *egm = ACPI_EGM_MEMORY(obj); + + g_free(egm->pci_dev); +} + +static void acpi_egm_memory_set_pci_device(Object *obj, const char *val, + Error **errp) +{ + AcpiEgmMemory *egm = ACPI_EGM_MEMORY(obj); + + egm->pci_dev = g_strdup(val); +} + +static void acpi_egm_memory_set_node(Object *obj, Visitor *v, + const char *name, void *opaque, + Error **errp) +{ + AcpiEgmMemory *egm = ACPI_EGM_MEMORY(obj); + uint32_t value; + + if (!visit_type_uint32(v, name, &value, errp)) { + return; + } + + if (value >= MAX_NODES) { + error_printf("%s: Invalid NUMA node specified\n", + TYPE_ACPI_EGM_MEMORY); + exit(1); + } + + egm->node = value; +} + +static void acpi_egm_memory_class_init(ObjectClass *oc, const void *data) +{ + object_class_property_add_str(oc, "pci-dev", NULL, + acpi_egm_memory_set_pci_device); + object_class_property_add(oc, "node", "int", NULL, + acpi_egm_memory_set_node, NULL, NULL); +} + +static void acpi_dsdt_add_gpu(Aml *dev, int32_t devfn, uint64_t egm_mem_base, + uint64_t egm_mem_size, int egm_mem_pxm) +{ + Aml *dev_gpu = aml_device("GPU%d", gpu_id++); + Aml *pkg = aml_package(3); + Aml *pkg1 = aml_package(2); + Aml *pkg2 = aml_package(2); + Aml *pkg3 = aml_package(2); + Aml *dev_pkg = aml_package(2); + Aml *UUID; + + aml_append(dev_gpu, aml_name_decl("_ADR", aml_int(PCI_SLOT(devfn) << 16))); + + aml_append(pkg1, aml_string("nvidia,egm-base-pa")); + aml_append(pkg1, aml_int(egm_mem_base)); + + aml_append(pkg2, aml_string("nvidia,egm-size")); + aml_append(pkg2, aml_int(egm_mem_size)); + + aml_append(pkg3, aml_string("nvidia,egm-pxm")); + aml_append(pkg3, aml_int(egm_mem_pxm)); + + aml_append(pkg, pkg1); + aml_append(pkg, pkg2); + aml_append(pkg, pkg3); + + UUID = aml_touuid("DAFFD814-6EBA-4D8C-8A91-BC9BBF4AA301"); + aml_append(dev_pkg, UUID); + aml_append(dev_pkg, pkg); + + aml_append(dev_gpu, aml_name_decl("_DSD", dev_pkg)); + aml_append(dev, dev_gpu); +} + +typedef struct DsdtInfo { + Aml *dev; + int bus; +} DsdtInfo; + +void acpi_egm_memory_reset_gpu_id(void) +{ + gpu_id = 0; +} + +static int build_all_acpi_egm_memory_dsdt(Object *obj, void *opaque) +{ + MachineState *ms = MACHINE(qdev_get_machine()); + AcpiEgmMemory *egm; + DsdtInfo *info = opaque; + PCIDevice *pci_dev; + Object *o; + VirtMachineState *vms = VIRT_MACHINE(qdev_get_machine()); + uint64_t mem_base; + int i; + + if (!object_dynamic_cast(obj, TYPE_ACPI_EGM_MEMORY)) { + return 0; + } + + egm = ACPI_EGM_MEMORY(obj); + if (egm->node >= ms->numa_state->num_nodes) { + error_printf("%s: Specified node %d is invalid.\n", + TYPE_ACPI_EGM_MEMORY, egm->node); + exit(1); + } + + o = object_resolve_path_type(egm->pci_dev, TYPE_PCI_DEVICE, NULL); + if (!o) { + error_printf("%s: Specified device must be a PCI device.\n", + TYPE_ACPI_EGM_MEMORY); + exit(1); + } + + pci_dev = PCI_DEVICE(o); + + if (info->bus != pci_bus_num(pci_get_bus(pci_dev))) { + return 0; + } + + mem_base = vms->memmap[VIRT_MEM].base; + for (i = 0; i < ms->numa_state->num_nodes; ++i) { + if (i == egm->node) { + acpi_dsdt_add_gpu(info->dev, pci_dev->devfn, mem_base, + ms->numa_state->nodes[i].node_mem, i); + break; + } + + if (ms->numa_state->nodes[i].node_mem > 0) { + mem_base += ms->numa_state->nodes[i].node_mem; + } + } + + return 0; +} + +void build_acpi_egm_memory_dsdt(Aml *dev, int bus) +{ + DsdtInfo info = {dev, bus}; + + object_child_foreach_recursive(object_get_root(), + build_all_acpi_egm_memory_dsdt, + &info); +} diff --git a/hw/acpi/meson.build b/hw/acpi/meson.build index 1c5251909b4..6dec088e04d 100644 --- a/hw/acpi/meson.build +++ b/hw/acpi/meson.build @@ -1,5 +1,7 @@ acpi_ss = ss.source_set() acpi_ss.add(files( + 'acpi_egm_memory.c', + 'acpi_interface.c', 'aml-build.c', 'bios-linker-loader.c', 'core.c', diff --git a/hw/acpi/pci.c b/hw/acpi/pci.c index 8c7ed104796..61d9a836c5b 100644 --- a/hw/acpi/pci.c +++ b/hw/acpi/pci.c @@ -88,18 +88,35 @@ OBJECT_DEFINE_TYPE_WITH_INTERFACES(AcpiGenericInitiator, acpi_generic_initiator, OBJECT_DECLARE_SIMPLE_TYPE(AcpiGenericInitiator, ACPI_GENERIC_INITIATOR) +static GPtrArray *acpi_generic_initiator_list; + static void acpi_generic_initiator_init(Object *obj) { AcpiGenericInitiator *gi = ACPI_GENERIC_INITIATOR(obj); gi->node = MAX_NODES; gi->pci_dev = NULL; + + /* Initialize array on first use */ + if (!acpi_generic_initiator_list) { + acpi_generic_initiator_list = g_ptr_array_new(); + } + + g_ptr_array_add(acpi_generic_initiator_list, gi); } static void acpi_generic_initiator_finalize(Object *obj) { AcpiGenericInitiator *gi = ACPI_GENERIC_INITIATOR(obj); + if (acpi_generic_initiator_list) { + g_ptr_array_remove(acpi_generic_initiator_list, gi); + + if (acpi_generic_initiator_list->len == 0) { + g_ptr_array_free(acpi_generic_initiator_list, true); + acpi_generic_initiator_list = NULL; + } + } g_free(gi->pci_dev); } @@ -145,20 +162,15 @@ static void acpi_generic_initiator_class_init(ObjectClass *oc, const void *data) "NUMA node associated with the PCI device"); } -static int build_acpi_generic_initiator(Object *obj, void *opaque) + +static void build_acpi_generic_initiator(AcpiGenericInitiator *gi, + GArray *table_data) { MachineState *ms = MACHINE(qdev_get_machine()); - AcpiGenericInitiator *gi; - GArray *table_data = opaque; int32_t devfn; uint8_t bus; Object *o; - if (!object_dynamic_cast(obj, TYPE_ACPI_GENERIC_INITIATOR)) { - return 0; - } - - gi = ACPI_GENERIC_INITIATOR(obj); if (gi->node >= ms->numa_state->num_nodes) { error_printf("%s: Specified node %d is invalid.\n", TYPE_ACPI_GENERIC_INITIATOR, gi->node); @@ -178,8 +190,22 @@ static int build_acpi_generic_initiator(Object *obj, void *opaque) assert(devfn >= 0 && devfn < PCI_DEVFN_MAX); build_srat_pci_generic_initiator(table_data, gi->node, 0, bus, devfn); +} - return 0; +static void build_all_acpi_generic_initiators(GArray *table_data) +{ + AcpiGenericInitiator *gi; + guint i; + + if (!acpi_generic_initiator_list) { + return; + } + + /* Iterate array in insertion order */ + for (i = 0; i < acpi_generic_initiator_list->len; i++) { + gi = g_ptr_array_index(acpi_generic_initiator_list, i); + build_acpi_generic_initiator(gi, table_data); + } } typedef struct AcpiGenericPort { @@ -295,9 +321,8 @@ static int build_acpi_generic_port(Object *obj, void *opaque) void build_srat_generic_affinity_structures(GArray *table_data) { - object_child_foreach_recursive(object_get_root(), - build_acpi_generic_initiator, - table_data); + build_all_acpi_generic_initiators(table_data); + object_child_foreach_recursive(object_get_root(), build_acpi_generic_port, table_data); } diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig index 4e50fb1111f..073f2ebaafa 100644 --- a/hw/arm/Kconfig +++ b/hw/arm/Kconfig @@ -618,6 +618,10 @@ config FSL_IMX8MP_EVK depends on TCG select FSL_IMX8MP +config TEGRA241_CMDQV + bool + depends on ARM_SMMUV3_ACCEL + config ARM_SMMUV3_ACCEL bool depends on ARM_SMMUV3 @@ -625,6 +629,7 @@ config ARM_SMMUV3_ACCEL config ARM_SMMUV3 bool select ARM_SMMUV3_ACCEL if IOMMUFD + imply TEGRA241_CMDQV config FSL_IMX6UL bool diff --git a/hw/arm/boot.c b/hw/arm/boot.c index c97d4c4e118..27378dd45d7 100644 --- a/hw/arm/boot.c +++ b/hw/arm/boot.c @@ -33,6 +33,14 @@ #include "qemu/units.h" #include "qemu/bswap.h" +#include +#include "qapi/error.h" +#include "qemu/error-report.h" + +#ifdef CONFIG_LINUX +#include +#endif + /* Kernel boot protocol is specified in the kernel docs * Documentation/arm/Booting and Documentation/arm64/booting.txt * They have different preferred image load offsets from system RAM base. @@ -459,11 +467,103 @@ static int fdt_add_pmem_node(void *fdt, uint32_t acells, uint32_t scells, if (node >= 0) { return qemu_fdt_setprop_cell(fdt, nodename, "numa-node-id", node); + +static int fdt_add_memory_node_wrapper(void *fdt, uint32_t acells, + hwaddr mem_base, uint32_t scells, + hwaddr mem_len, int numa_node_id) +{ + int rc; + + if (!mem_len) { + return 0; + } + + rc = fdt_add_memory_node(fdt, acells, mem_base, scells, + mem_len, numa_node_id); + if (rc < 0) { + fprintf(stderr, "couldn't add /memory@%"PRIx64" node\n", + mem_base); + return -1; } return 0; } +static int offset_compare(const void *a, const void *b) +{ + struct egm_bad_pages_info *page1 = (struct egm_bad_pages_info *) a; + struct egm_bad_pages_info *page2 = (struct egm_bad_pages_info *) b; + + if (page1->offset > page2->offset) { + return 1; + } else if (page1->offset < page2->offset) { + return -1; + } else { + return 0; + } +} + +static int add_memory_regions(struct egm_bad_pages_list *info, void *fdt, + uint32_t acells, hwaddr mem_base, uint32_t scells, + hwaddr mem_len, int numa_node_id) +{ + int index; + hwaddr mem_base_curr, mem_last_curr = mem_len; + + if (!info) { + goto no_retired_pages; + } + + qsort(info->bad_pages, info->count, + sizeof(struct egm_bad_pages_info), &offset_compare); + mem_last_curr = mem_len; + for (index = info->count - 1; index >= 0; index--) { + mem_base_curr = info->bad_pages[index].offset + + info->bad_pages[index].size; + if (fdt_add_memory_node_wrapper(fdt, acells, mem_base_curr + mem_base, + scells, mem_last_curr - mem_base_curr, + numa_node_id)) { + return -1; + } + + mem_last_curr = info->bad_pages[index].offset; + } + +no_retired_pages: + if (fdt_add_memory_node_wrapper(fdt, acells, mem_base, scells, + mem_last_curr, numa_node_id)) { + return -1; + } + + return 0; +} + +static void fetch_retired_pages(MemoryRegion *mr, + struct egm_bad_pages_list **info) +{ + size_t argsz = sizeof(struct egm_bad_pages_list); + int fd; + + *info = g_malloc0(argsz); + + fd = memory_region_get_fd(mr); + +retry: + (*info)->argsz = argsz; + + if (ioctl(fd, EGM_BAD_PAGES_LIST, *info)) { + g_free(*info); + *info = NULL; + return; + } + + if ((*info)->argsz > argsz) { + argsz = (*info)->argsz; + *info = g_realloc(*info, argsz); + goto retry; + } +} + int arm_load_dtb(hwaddr addr, const struct arm_boot_info *binfo, hwaddr addr_limit, AddressSpace *as, MachineState *ms, ARMCPU *cpu) @@ -554,16 +654,22 @@ int arm_load_dtb(hwaddr addr, const struct arm_boot_info *binfo, mem_base = binfo->loader_start; for (i = 0; i < ms->numa_state->num_nodes; i++) { mem_len = ms->numa_state->nodes[i].node_mem; - if (!mem_len) { - continue; - } - rc = fdt_add_memory_node(fdt, acells, mem_base, - scells, mem_len, i); - if (rc < 0) { - fprintf(stderr, "couldn't add /memory@%"PRIx64" node\n", - mem_base); - goto fail; + if (ms->numa_state->nodes[i].node_memdev) { + struct egm_bad_pages_list *info = NULL; + fetch_retired_pages(&(ms->numa_state->nodes[i].node_memdev->mr), + &info); + rc = add_memory_regions(info, fdt, acells, mem_base, scells, + mem_len, i); + g_free(info); + + if (rc) { + goto fail; + } + } else { + if (fdt_add_memory_node_wrapper(fdt, acells, mem_base, + scells, mem_len, i)) + goto fail; } mem_base += mem_len; diff --git a/hw/arm/meson.build b/hw/arm/meson.build index b187b946f04..5198cd4716f 100644 --- a/hw/arm/meson.build +++ b/hw/arm/meson.build @@ -86,6 +86,8 @@ arm_common_ss.add(when: 'CONFIG_FSL_IMX8MP', if_true: files('fsl-imx8mp.c')) arm_common_ss.add(when: 'CONFIG_FSL_IMX8MP_EVK', if_true: files('imx8mp-evk.c')) arm_ss.add(when: 'CONFIG_ARM_SMMUV3', if_true: files('smmuv3.c')) arm_ss.add(when: 'CONFIG_ARM_SMMUV3_ACCEL', if_true: files('smmuv3-accel.c')) +arm_ss.add(when: 'CONFIG_TEGRA241_CMDQV', if_true: files('tegra241-cmdqv.c')) +stub_ss.add(files('tegra241-cmdqv-stubs.c')) arm_common_ss.add(when: 'CONFIG_FSL_IMX6UL', if_true: files('fsl-imx6ul.c', 'mcimx6ul-evk.c')) arm_common_ss.add(when: 'CONFIG_NRF51_SOC', if_true: files('nrf51_soc.c')) arm_common_ss.add(when: 'CONFIG_XEN', if_true: files( diff --git a/hw/arm/smmuv3-accel.c b/hw/arm/smmuv3-accel.c index 65c2f44880a..0aad0846970 100644 --- a/hw/arm/smmuv3-accel.c +++ b/hw/arm/smmuv3-accel.c @@ -18,6 +18,8 @@ #include "smmuv3-internal.h" #include "smmuv3-accel.h" +#include "tegra241-cmdqv.h" +#include "system/system.h" /* * The root region aliases the global system memory, and shared_as_sysmem @@ -35,11 +37,53 @@ static int smmuv3_oas_bits(uint32_t oas) return map[oas]; } +static void smmuv3_accel_auto_finalise(SMMUv3State *s, + struct iommu_hw_info_arm_smmuv3 *info) { + SMMUv3AccelState *accel = s->s_accel; + + /* + * Return if 'auto' was not set for any accel SMMUv3 property, or + * if property values were already resolved from a previous call + * to this function (e.g. if this function was called again after + * VM boot during device hot plug). We do not accept new property + * values in this case where auto_finalised == true, and we re-use + * the values determined from the initial cold plug. + */ + if (!accel->auto_mode || accel->auto_finalised) { + return; + } + + if (s->ats == ON_OFF_AUTO_AUTO) { + s->idr[0] = FIELD_DP32(s->idr[0], IDR0, ATS, + FIELD_EX32(info->idr[0], IDR0, ATS)); + } + + if (s->ril == ON_OFF_AUTO_AUTO) { + s->idr[3] = FIELD_DP32(s->idr[3], IDR3, RIL, + FIELD_EX32(info->idr[3], IDR3, RIL)); + } + + if (s->ssidsize == SSID_SIZE_MODE_AUTO) { + /* Store for get_viommu_flags() to determine PASID support */ + s->idr[1] = FIELD_DP32(s->idr[1], IDR1, SSIDSIZE, + FIELD_EX32(info->idr[1], IDR1, SSIDSIZE)); + } + + if (s->oas == OAS_MODE_AUTO) { + s->idr[5] = FIELD_DP32(s->idr[5], IDR5, OAS, + FIELD_EX32(info->idr[5], IDR5, OAS)); + } + + accel->auto_finalised = true; +} + static bool smmuv3_accel_check_hw_compatible(SMMUv3State *s, struct iommu_hw_info_arm_smmuv3 *info, Error **errp) { + smmuv3_accel_auto_finalise(s, info); + /* QEMU SMMUv3 supports both linear and 2-level stream tables */ if (FIELD_EX32(info->idr[0], IDR0, STLEVEL) != FIELD_EX32(s->idr[0], IDR0, STLEVEL)) { @@ -133,7 +177,7 @@ smmuv3_accel_hw_compatible(SMMUv3State *s, HostIOMMUDeviceIOMMUFD *idev, Error **errp) { struct iommu_hw_info_arm_smmuv3 info; - uint32_t data_type; + uint32_t data_type = IOMMU_HW_INFO_TYPE_DEFAULT; uint64_t caps; if (!iommufd_backend_get_device_info(idev->iommufd, idev->devid, &data_type, @@ -396,47 +440,60 @@ bool smmuv3_accel_issue_inv_cmd(SMMUv3State *bs, void *cmd, SMMUDevice *sdev, sizeof(Cmd), &entry_num, cmd, errp); } -static void smmuv3_accel_event_read(void *opaque) +bool smmuv3_accel_event_read_validate(IOMMUFDVeventq *veventq, uint32_t type, + void *buf, size_t size, Error **errp) { - SMMUv3State *s = opaque; - IOMMUFDVeventq *veventq = s->s_accel->veventq; - struct { - struct iommufd_vevent_header hdr; - struct iommu_vevent_arm_smmuv3 vevent; - } buf; - enum iommu_veventq_type type = IOMMU_VEVENTQ_TYPE_ARM_SMMUV3; - uint32_t id = veventq->veventq_id; uint32_t last_seq = veventq->last_event_seq; + uint32_t id = veventq->veventq_id; + struct iommufd_vevent_header *hdr; ssize_t bytes; - bytes = read(veventq->veventq_fd, &buf, sizeof(buf)); + bytes = read(veventq->veventq_fd, buf, size); if (bytes <= 0) { if (errno == EAGAIN || errno == EINTR) { - return; + return true; } - error_report_once("vEVENTQ(type %u id %u): read failed (%m)", type, id); - return; + error_setg(errp, "vEVENTQ(type %u id %u): read failed (%m)", type, id); + return false; } - - if (bytes == sizeof(buf.hdr) && - (buf.hdr.flags & IOMMU_VEVENTQ_FLAG_LOST_EVENTS)) { - error_report_once("vEVENTQ(type %u id %u): overflowed", type, id); + hdr = (struct iommufd_vevent_header *)buf; + if (bytes == sizeof(*hdr) && + (hdr->flags & IOMMU_VEVENTQ_FLAG_LOST_EVENTS)) { + error_setg(errp, "vEVENTQ(type %u id %u): overflowed", type, id); veventq->event_start = false; - return; + return false; } - if (bytes < sizeof(buf)) { - error_report_once("vEVENTQ(type %u id %u): short read(%zd/%zd bytes)", - type, id, bytes, sizeof(buf)); - return; + if (bytes < size) { + error_setg(errp, "vEVENTQ(type %u id %u): short read(%zd/%zd bytes)", + type, id, bytes, size); + return false; } - /* Check sequence in hdr for lost events if any */ - if (veventq->event_start && (buf.hdr.sequence - last_seq != 1)) { - error_report_once("vEVENTQ(type %u id %u): lost %u event(s)", - type, id, buf.hdr.sequence - last_seq - 1); + if (veventq->event_start && (hdr->sequence - last_seq != 1)) { + warn_report("vEVENTQ(type %u id %u): lost %u event(s)", + type, id, hdr->sequence - last_seq - 1); } - veventq->last_event_seq = buf.hdr.sequence; + veventq->last_event_seq = hdr->sequence; veventq->event_start = true; + return true; +} + +static void smmuv3_accel_event_read(void *opaque) +{ + SMMUv3State *s = opaque; + IOMMUFDVeventq *veventq = s->s_accel->veventq; + struct { + struct iommufd_vevent_header hdr; + struct iommu_vevent_arm_smmuv3 vevent; + } buf; + Error *local_err = NULL; + + if (!smmuv3_accel_event_read_validate(veventq, + IOMMU_VEVENTQ_TYPE_ARM_SMMUV3, &buf, + sizeof(buf), &local_err)) { + warn_report_err_once(local_err); + return; + } smmuv3_propagate_event(s, (Evt *)&buf.vevent); } @@ -510,7 +567,6 @@ bool smmuv3_accel_alloc_veventq(SMMUv3State *s, Error **errp) veventq = g_new0(IOMMUFDVeventq, 1); veventq->veventq_id = veventq_id; veventq->veventq_fd = veventq_fd; - veventq->viommu = accel->viommu; accel->veventq = veventq; /* Set up event handler for veventq fd */ @@ -528,6 +584,7 @@ smmuv3_accel_alloc_viommu(SMMUv3State *s, HostIOMMUDeviceIOMMUFD *idev, Error **errp) { SMMUv3AccelState *accel = s->s_accel; + const SMMUv3AccelCmdqvOps *cmdqv_ops = accel->cmdqv_ops; struct iommu_hwpt_arm_smmuv3 bypass_data = { .ste = { SMMU_STE_CFG_BYPASS | SMMU_STE_VALID, 0x0ULL }, }; @@ -538,10 +595,17 @@ smmuv3_accel_alloc_viommu(SMMUv3State *s, HostIOMMUDeviceIOMMUFD *idev, uint32_t viommu_id, hwpt_id; IOMMUFDViommu *viommu; - if (!iommufd_backend_alloc_viommu(idev->iommufd, idev->devid, - IOMMU_VIOMMU_TYPE_ARM_SMMUV3, - s2_hwpt_id, &viommu_id, errp)) { - return false; + if (cmdqv_ops) { + if (!cmdqv_ops->alloc_viommu(s, idev, &viommu_id, errp)) { + return false; + } + } else { + if (!iommufd_backend_alloc_viommu(idev->iommufd, idev->devid, + IOMMU_VIOMMU_TYPE_ARM_SMMUV3, + s2_hwpt_id, NULL, 0, &viommu_id, + errp)) { + return false; + } } viommu = g_new0(IOMMUFDViommu, 1); @@ -587,12 +651,69 @@ smmuv3_accel_alloc_viommu(SMMUv3State *s, HostIOMMUDeviceIOMMUFD *idev, free_abort_hwpt: iommufd_backend_free_id(idev->iommufd, accel->abort_hwpt_id); free_viommu: - iommufd_backend_free_id(idev->iommufd, viommu->viommu_id); + if (cmdqv_ops && cmdqv_ops->free_viommu) { + cmdqv_ops->free_viommu(s); + } else { + iommufd_backend_free_id(idev->iommufd, viommu->viommu_id); + } g_free(viommu); accel->viommu = NULL; return false; } +static const SMMUv3AccelCmdqvOps * +smmuv3_accel_probe_cmdqv(SMMUv3State *s, HostIOMMUDeviceIOMMUFD *idev, + Error **errp) +{ + const SMMUv3AccelCmdqvOps *ops = tegra241_cmdqv_get_ops(); + + if (!ops || !ops->probe) { + error_setg(errp, "No CMDQV ops found"); + return NULL; + } + + if (!ops->probe(s, idev, errp)) { + return NULL; + } + return ops; +} + +static bool +smmuv3_accel_select_cmdqv(SMMUv3State *s, HostIOMMUDeviceIOMMUFD *idev, + Error **errp) +{ + const SMMUv3AccelCmdqvOps *ops = NULL; + + if (s->s_accel->cmdqv_ops) { + return true; + } + + switch (s->cmdqv) { + case ON_OFF_AUTO_OFF: + s->s_accel->cmdqv_ops = NULL; + return true; + case ON_OFF_AUTO_AUTO: + ops = smmuv3_accel_probe_cmdqv(s, idev, NULL); + break; + case ON_OFF_AUTO_ON: + ops = smmuv3_accel_probe_cmdqv(s, idev, errp); + if (!ops) { + error_append_hint(errp, "CMDQV requested but not supported"); + return false; + } + s->s_accel->cmdqv_ops = ops; + break; + default: + g_assert_not_reached(); + } + + if (ops && ops->init && !ops->init(s, errp)) { + return false; + } + s->s_accel->cmdqv_ops = ops; + return true; +} + static bool smmuv3_accel_set_iommu_device(PCIBus *bus, void *opaque, int devfn, HostIOMMUDevice *hiod, Error **errp) { @@ -627,12 +748,28 @@ static bool smmuv3_accel_set_iommu_device(PCIBus *bus, void *opaque, int devfn, goto done; } + if (!smmuv3_accel_select_cmdqv(s, idev, errp)) { + return false; + } + if (!smmuv3_accel_alloc_viommu(s, idev, errp)) { error_append_hint(errp, "Unable to alloc vIOMMU: idev devid 0x%x: ", idev->devid); return false; } + /* + * CMDQV is active: block hot-unplug of the device that established the + * viommu association. Removing it would cause the vIOMMU to host SMMUv3 + * association be changed via device hot-plug. + */ + if (s->s_accel->cmdqv_ops) { + PCIDevice *pdev = pci_find_device(bus, pci_bus_num(bus), devfn); + error_setg(&accel_dev->unplug_blocker, + "CMDQV is active: removing the device that established the " + "viommu association would break the guest CMDQV"); + qdev_add_unplug_blocker(DEVICE(pdev), accel_dev->unplug_blocker); + } done: accel_dev->idev = idev; accel_dev->s_accel = s->s_accel; @@ -790,6 +927,13 @@ static AddressSpace *smmuv3_accel_find_add_as(PCIBus *bus, void *opaque, } } +static inline bool smmuv3_pasid_supported(SMMUv3State *s) +{ + return s->ssidsize > SSID_SIZE_MODE_0 || + (s->ssidsize == SSID_SIZE_MODE_AUTO && + FIELD_EX32(s->idr[1], IDR1, SSIDSIZE)); +} + static uint64_t smmuv3_accel_get_viommu_flags(void *opaque) { /* @@ -802,7 +946,7 @@ static uint64_t smmuv3_accel_get_viommu_flags(void *opaque) SMMUState *bs = opaque; SMMUv3State *s = ARM_SMMUV3(bs); - if (s->ssidsize > SSID_SIZE_MODE_0) { + if (smmuv3_pasid_supported(s)) { flags |= VIOMMU_FLAG_PASID_SUPPORTED; } return flags; @@ -896,8 +1040,17 @@ bool smmuv3_accel_attach_gbpa_hwpt(SMMUv3State *s, Error **errp) void smmuv3_accel_reset(SMMUv3State *s) { - /* Attach a HWPT based on GBPA reset value */ - smmuv3_accel_attach_gbpa_hwpt(s, NULL); + SMMUv3AccelState *accel = s->s_accel; + + if (!accel) { + return; + } + /* Attach a HWPT based on GBPA reset value */ + smmuv3_accel_attach_gbpa_hwpt(s, NULL); + + if (accel->cmdqv_ops && accel->cmdqv_ops->reset) { + accel->cmdqv_ops->reset(s); + } } static void smmuv3_accel_as_init(SMMUv3State *s) @@ -917,11 +1070,59 @@ static void smmuv3_accel_as_init(SMMUv3State *s) address_space_init(shared_as_sysmem, &root, "smmuv3-accel-as-sysmem"); } -void smmuv3_accel_init(SMMUv3State *s) +static void smmuv3_machine_done(Notifier *notifier, void *data) +{ + SMMUv3State *s = container_of(notifier, SMMUv3State, machine_done); + SMMUv3AccelState *accel = s->s_accel; + + if (!s->accel) { + return; + } + + if (accel->auto_mode && !accel->auto_finalised) { + error_report("arm-smmuv3 accel=on with 'auto' properties requires " + "at least one cold-plugged VFIO device"); + exit(1); + } + + if (s->cmdqv == ON_OFF_AUTO_ON && !accel->cmdqv) { + error_report("arm-smmuv3 cmdqv=on requires at least one cold-plugged " + "VFIO device"); + exit(1); + } +} + +SMMUv3AccelCmdqvType smmuv3_accel_cmdqv_type(Object *obj) +{ + SMMUv3State *s = ARM_SMMUV3(obj); + SMMUv3AccelState *accel = s->s_accel; + + if (!accel || !accel->cmdqv_ops || !accel->cmdqv_ops->get_type) { + return SMMUV3_CMDQV_NONE; + } + + return accel->cmdqv_ops->get_type(); +} + +bool smmuv3_accel_init(SMMUv3State *s, Error **errp) { SMMUState *bs = ARM_SMMU(s); s->s_accel = g_new0(SMMUv3AccelState, 1); bs->iommu_ops = &smmuv3_accel_ops; smmuv3_accel_as_init(s); + + if (s->ats == ON_OFF_AUTO_AUTO || + s->ril == ON_OFF_AUTO_AUTO || + s->ssidsize == SSID_SIZE_MODE_AUTO || + s->oas == OAS_MODE_AUTO) { + s->s_accel->auto_mode = true; + } + + if (s->s_accel->auto_mode) { + s->machine_done.notify = smmuv3_machine_done; + qemu_add_machine_init_done_notifier(&s->machine_done); + } + + return true; } diff --git a/hw/arm/smmuv3-accel.h b/hw/arm/smmuv3-accel.h index dba6c71de52..95f0cdef127 100644 --- a/hw/arm/smmuv3-accel.h +++ b/hw/arm/smmuv3-accel.h @@ -10,12 +10,35 @@ #define HW_ARM_SMMUV3_ACCEL_H #include "hw/arm/smmu-common.h" +#include "hw/arm/smmuv3.h" #include "system/iommufd.h" #ifdef CONFIG_LINUX #include #endif #include CONFIG_DEVICES +typedef enum SMMUv3AccelCmdqvType { + SMMUV3_CMDQV_NONE = 0, + SMMUV3_CMDQV_TEGRA241, +} SMMUv3AccelCmdqvType; + +/* + * CMDQ-Virtualization (CMDQV) hardware support, extends the SMMUv3 to + * support multiple VCMDQs with virtualization capabilities. + * CMDQV specific behavior is factored behind this ops interface. + */ +typedef struct SMMUv3AccelCmdqvOps { + bool (*probe)(SMMUv3State *s, HostIOMMUDeviceIOMMUFD *idev, Error **errp); + bool (*init)(SMMUv3State *s, Error **errp); + bool (*alloc_viommu)(SMMUv3State *s, + HostIOMMUDeviceIOMMUFD *idev, + uint32_t *out_viommu_id, + Error **errp); + void (*free_viommu)(SMMUv3State *s); + SMMUv3AccelCmdqvType (*get_type)(void); + void (*reset)(SMMUv3State *s); +} SMMUv3AccelCmdqvOps; + /* * Represents an accelerated SMMU instance backed by an iommufd vIOMMU object. * Holds bypass and abort proxy HWPT IDs used for device attachment. @@ -26,6 +49,10 @@ typedef struct SMMUv3AccelState { uint32_t bypass_hwpt_id; uint32_t abort_hwpt_id; QLIST_HEAD(, SMMUv3AccelDevice) device_list; + bool auto_mode; + bool auto_finalised; + const SMMUv3AccelCmdqvOps *cmdqv_ops; + void *cmdqv; /* vendor specific CMDQV state */ } SMMUv3AccelState; typedef struct SMMUS1Hwpt { @@ -39,10 +66,11 @@ typedef struct SMMUv3AccelDevice { IOMMUFDVdev *vdev; QLIST_ENTRY(SMMUv3AccelDevice) next; SMMUv3AccelState *s_accel; + Error *unplug_blocker; /* set when CMDQV is active to block hot-unplug */ } SMMUv3AccelDevice; #ifdef CONFIG_ARM_SMMUV3_ACCEL -void smmuv3_accel_init(SMMUv3State *s); +bool smmuv3_accel_init(SMMUv3State *s, Error **errp); bool smmuv3_accel_install_ste(SMMUv3State *s, SMMUDevice *sdev, int sid, Error **errp); bool smmuv3_accel_install_ste_range(SMMUv3State *s, SMMUSIDRange *range, @@ -52,10 +80,16 @@ bool smmuv3_accel_issue_inv_cmd(SMMUv3State *s, void *cmd, SMMUDevice *sdev, Error **errp); void smmuv3_accel_idr_override(SMMUv3State *s); bool smmuv3_accel_alloc_veventq(SMMUv3State *s, Error **errp); +bool smmuv3_accel_event_read_validate(IOMMUFDVeventq *veventq, uint32_t type, + void *buf, size_t size, Error **errp); void smmuv3_accel_reset(SMMUv3State *s); +SMMUv3AccelCmdqvType smmuv3_accel_cmdqv_type(Object *obj); #else -static inline void smmuv3_accel_init(SMMUv3State *s) +#include "qapi/error.h" +static inline bool smmuv3_accel_init(SMMUv3State *s, Error **errp) { + error_setg(errp, "accel=on support not compiled in"); + return false; } static inline bool smmuv3_accel_install_ste(SMMUv3State *s, SMMUDevice *sdev, int sid, @@ -86,9 +120,19 @@ static inline bool smmuv3_accel_alloc_veventq(SMMUv3State *s, Error **errp) { return true; } +static inline bool +smmuv3_accel_event_read_validate(IOMMUFDVeventq *veventq, uint32_t type, + void *buf, size_t size, Error **errp) +{ + return true; +} static inline void smmuv3_accel_reset(SMMUv3State *s) { } +static inline SMMUv3AccelCmdqvType smmuv3_accel_cmdqv_type(Object *obj) +{ + return SMMUV3_CMDQV_NONE; +} #endif #endif /* HW_ARM_SMMUV3_ACCEL_H */ diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c index 7fead1c3cff..9c5ae7c5f95 100644 --- a/hw/arm/smmuv3.c +++ b/hw/arm/smmuv3.c @@ -626,7 +626,10 @@ static int decode_ste(SMMUv3State *s, SMMUTransCfg *cfg, } /* Multiple context descriptors require SubstreamID support */ - if (s->ssidsize == SSID_SIZE_MODE_0 && STE_S1CDMAX(ste) != 0) { + if ((s->ssidsize == SSID_SIZE_MODE_0 || + (s->ssidsize == SSID_SIZE_MODE_AUTO && + !FIELD_EX32(s->idr[1], IDR1, SSIDSIZE))) && + STE_S1CDMAX(ste) != 0) { qemu_log_mask(LOG_UNIMP, "SMMUv3: multiple S1 context descriptors require SubstreamID support. " "Configure ssidsize > 0 (requires accel=on)\n"); @@ -1965,28 +1968,11 @@ static void smmu_reset_exit(Object *obj, ResetType type) static bool smmu_validate_property(SMMUv3State *s, Error **errp) { -#ifndef CONFIG_ARM_SMMUV3_ACCEL - if (s->accel) { - error_setg(errp, "accel=on support not compiled in"); - return false; - } -#endif - - if (s->ats == ON_OFF_AUTO_AUTO) { - error_setg(errp, "ats auto mode is not supported"); - return false; - } - if (s->ril == ON_OFF_AUTO_AUTO) { - error_setg(errp, "ril auto mode is not supported"); - return false; - } - if (s->ssidsize == SSID_SIZE_MODE_AUTO) { - error_setg(errp, "ssidsize auto mode is not supported"); - return false; - } - if (s->oas != OAS_MODE_44 && s->oas != OAS_MODE_48) { - error_setg(errp, "QEMU SMMUv3 model only implements 44 and 48 bit" - "OAS; other OasMode values are not supported"); + if (s->oas != OAS_MODE_44 && s->oas != OAS_MODE_48 && + s->oas != OAS_MODE_AUTO) { + error_setg(errp, "QEMU SMMUv3 model only implements auto, " + "44 bit, or 48 bit OAS. Other OasMode values are " + "not supported."); return false; } @@ -2000,11 +1986,16 @@ static bool smmu_validate_property(SMMUv3State *s, Error **errp) return false; } if (s->oas > OAS_MODE_44) { - error_setg(errp, "OAS must be 44 bits when accel=off"); + error_setg(errp, "oas must be 44 bits when accel=off"); return false; } if (s->ssidsize > SSID_SIZE_MODE_0) { - error_setg(errp, "ssidsize can only be set if accel=on"); + error_setg(errp, "ssidsize can only be greater than 0 " + "bits if accel=on"); + return false; + } + if (s->cmdqv == ON_OFF_AUTO_ON) { + error_setg(errp, "cmdqv can only be enabled if accel=on"); return false; } return true; @@ -2033,7 +2024,9 @@ static void smmu_realize(DeviceState *d, Error **errp) } if (s->accel) { - smmuv3_accel_init(s); + if (!smmuv3_accel_init(s, errp)) { + return; + } error_setg(&s->migration_blocker, "Migration not supported with SMMUv3 " "accelerator mode enabled"); if (migrate_add_blocker(&s->migration_blocker, errp) < 0) { @@ -2137,15 +2130,25 @@ static const Property smmuv3_properties[] = { * Defaults to stage 1 */ DEFINE_PROP_STRING("stage", SMMUv3State, stage), + /* Identifier used for ACPI IORT SMMUv3 (and DSDT for CMDQV) generation */ + DEFINE_PROP_UINT8("identifier", SMMUv3State, identifier, 0), DEFINE_PROP_BOOL("accel", SMMUv3State, accel, false), /* GPA of MSI doorbell, for SMMUv3 accel use. */ DEFINE_PROP_UINT64("msi-gpa", SMMUv3State, msi_gpa, 0), + /* + * AUTO values for accel=off will resolve to: + * ril: on + * ats: off + * oas: 44 + * ssidsize: 0 + */ /* RIL can be turned off for accel cases */ - DEFINE_PROP_ON_OFF_AUTO("ril", SMMUv3State, ril, ON_OFF_AUTO_ON), - DEFINE_PROP_ON_OFF_AUTO("ats", SMMUv3State, ats, ON_OFF_AUTO_OFF), - DEFINE_PROP_OAS_MODE("oas", SMMUv3State, oas, OAS_MODE_44), + DEFINE_PROP_ON_OFF_AUTO("ril", SMMUv3State, ril, ON_OFF_AUTO_AUTO), + DEFINE_PROP_ON_OFF_AUTO("ats", SMMUv3State, ats, ON_OFF_AUTO_AUTO), + DEFINE_PROP_OAS_MODE("oas", SMMUv3State, oas, OAS_MODE_AUTO), DEFINE_PROP_SSIDSIZE_MODE("ssidsize", SMMUv3State, ssidsize, - SSID_SIZE_MODE_0), + SSID_SIZE_MODE_AUTO), + DEFINE_PROP_ON_OFF_AUTO("cmdqv", SMMUv3State, cmdqv, ON_OFF_AUTO_AUTO), }; static void smmuv3_instance_init(Object *obj) @@ -2172,22 +2175,26 @@ static void smmuv3_class_init(ObjectClass *klass, const void *data) "Enable SMMUv3 accelerator support. Allows host SMMUv3 to be " "configured in nested mode for vfio-pci dev assignment"); object_class_property_set_description(klass, "ril", - "Disable range invalidation support (for accel=on). ril=auto " - "is not supported."); + "Enable/disable range invalidation support (for accel=on). " + "Valid values are on, off, and auto. Defaults to auto. " + "Any attempt to turn it 'on' while the host does not support " + "it would fail."); object_class_property_set_description(klass, "ats", - "Enable/disable ATS support (for accel=on). Please ensure host " - "platform has ATS support before enabling this. ats=auto is not " - "supported."); + "Enable/disable ATS support (for accel=on). " + "Valid values are on, off, and auto. Defaults to auto. " + "Please ensure host platform supports ATS before setting it " + "to on."); object_class_property_set_description(klass, "oas", - "Specify Output Address Size (for accel=on). Supported values " - "are 44 or 48 bits. Defaults to 44 bits. oas=auto is not " - "supported."); + "Set Output Address Size in bits (for accel=on). " + "Valid values are 44, 48, and auto. Defaults to auto."); object_class_property_set_description(klass, "ssidsize", - "Number of bits used to represent SubstreamIDs (SSIDs). " + "Set number of bits used to represent SubstreamIDs (SSIDs). " + "Valid values are 0-20 and auto. Defaults to auto. " "A value of N allows SSIDs in the range [0 .. 2^N - 1]. " - "Valid range is 0-20, where 0 disables SubstreamID support. " - "Defaults to 0. A value greater than 0 is required to enable " - "PASID support. ssidsize=auto is not supported."); + "A value of 0 disables SubstreamID support. A value greater " + "than 0 is required to enable PASID support."); + object_class_property_set_description(klass, "cmdqv", + "Enable/disable CMDQ-Virtualisation support (for accel=on)"); } static int smmuv3_notify_flag_changed(IOMMUMemoryRegion *iommu, diff --git a/hw/arm/tegra241-cmdqv-stubs.c b/hw/arm/tegra241-cmdqv-stubs.c new file mode 100644 index 00000000000..eabf90daf86 --- /dev/null +++ b/hw/arm/tegra241-cmdqv-stubs.c @@ -0,0 +1,16 @@ +/* + * Copyright (c) 2025-2026 NVIDIA CORPORATION & AFFILIATES. All rights reserved + * + * Stubs for Tegra241 CMDQ-Virtualiisation extension for SMMUv3 + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "qemu/osdep.h" +#include "smmuv3-accel.h" +#include "hw/arm/tegra241-cmdqv.h" + +const SMMUv3AccelCmdqvOps *tegra241_cmdqv_get_ops(void) +{ + return NULL; +} diff --git a/hw/arm/tegra241-cmdqv.c b/hw/arm/tegra241-cmdqv.c new file mode 100644 index 00000000000..71f89abcb43 --- /dev/null +++ b/hw/arm/tegra241-cmdqv.c @@ -0,0 +1,817 @@ +/* + * Copyright (c) 2025-2026 NVIDIA CORPORATION & AFFILIATES. All rights reserved + * NVIDIA Tegra241 CMDQ-Virtualization extension for SMMUv3 + * + * Written by Nicolin Chen, Shameer Kolothum + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "qemu/osdep.h" +#include "qemu/error-report.h" +#include "qemu/log.h" + +#include "hw/arm/smmuv3.h" +#include "hw/core/irq.h" +#include "smmuv3-accel.h" +#include "smmuv3-internal.h" +#include "system/ramblock.h" +#include "system/ramlist.h" +#include "tegra241-cmdqv.h" +#include "trace.h" + +static void tegra241_cmdqv_guest_unmap_vintf_page0(Tegra241CMDQV *cmdqv) +{ + if (!cmdqv->mr_vintf_page0) { + return; + } + + memory_region_del_subregion(&cmdqv->mmio_cmdqv, cmdqv->mr_vintf_page0); + object_unparent(OBJECT(cmdqv->mr_vintf_page0)); + g_free(cmdqv->mr_vintf_page0); + cmdqv->mr_vintf_page0 = NULL; +} + +static void tegra241_cmdqv_guest_map_vintf_page0(Tegra241CMDQV *cmdqv) +{ + char *name; + + if (cmdqv->mr_vintf_page0) { + return; + } + + name = g_strdup_printf("%s vintf-page0", + memory_region_name(&cmdqv->mmio_cmdqv)); + cmdqv->mr_vintf_page0 = g_malloc0(sizeof(*cmdqv->mr_vintf_page0)); + memory_region_init_ram_device_ptr(cmdqv->mr_vintf_page0, + memory_region_owner(&cmdqv->mmio_cmdqv), + name, VINTF_PAGE_SIZE, + cmdqv->vintf_page0); + cmdqv->mr_vintf_page0->ram_device_skip_iommu_map = true; + memory_region_add_subregion_overlap(&cmdqv->mmio_cmdqv, + CMDQV_VINTF_PAGE0_BASE, + cmdqv->mr_vintf_page0, 1); + g_free(name); +} + +static void tegra241_cmdqv_free_vcmdq(Tegra241CMDQV *cmdqv, int index) +{ + IOMMUFDViommu *viommu = cmdqv->s_accel->viommu; + IOMMUFDHWqueue *vcmdq = cmdqv->vcmdq[index]; + + if (!vcmdq) { + return; + } + iommufd_backend_free_id(viommu->iommufd, vcmdq->hw_queue_id); + g_free(vcmdq); + cmdqv->vcmdq[index] = NULL; +} + +static void tegra241_cmdqv_free_all_vcmdq(Tegra241CMDQV *cmdqv) +{ + /* Free in reverse order to avoid "resource busy" error */ + for (int i = (TEGRA241_CMDQV_MAX_CMDQ - 1); i >= 0; i--) { + tegra241_cmdqv_free_vcmdq(cmdqv, i); + } +} + +static bool tegra241_cmdqv_setup_vcmdq(Tegra241CMDQV *cmdqv, int index, + Error **errp) +{ + SMMUv3AccelState *accel = cmdqv->s_accel; + uint64_t base_mask = (uint64_t)R_VCMDQ0_BASE_L_ADDR_MASK | + (uint64_t)R_VCMDQ0_BASE_H_ADDR_MASK << 32; + uint64_t addr = cmdqv->vcmdq_base[index] & base_mask; + uint64_t log2 = cmdqv->vcmdq_base[index] & R_VCMDQ0_BASE_L_LOG2SIZE_MASK; + uint64_t size = 1ULL << (log2 + 4); + IOMMUFDViommu *viommu = accel->viommu; + IOMMUFDHWqueue *hw_queue; + uint32_t hw_queue_id; + + /* Ignore any invalid address. This may come as part of reset etc. */ + if (!address_space_is_ram(&address_space_memory, addr) || + !address_space_is_ram(&address_space_memory, addr + size - 1)) { + return true; + } + + if (!tegra241_cmdq_enabled(cmdqv) || !tegra241_vintf_enabled(cmdqv)) { + return true; + } + + tegra241_cmdqv_free_vcmdq(cmdqv, index); + + if (!iommufd_backend_alloc_hw_queue(viommu->iommufd, viommu->viommu_id, + IOMMU_HW_QUEUE_TYPE_TEGRA241_CMDQV, + index, addr, size, &hw_queue_id, + errp)) { + return false; + } + hw_queue = g_new(IOMMUFDHWqueue, 1); + hw_queue->hw_queue_id = hw_queue_id; + hw_queue->viommu = viommu; + cmdqv->vcmdq[index] = hw_queue; + + tegra241_cmdqv_guest_map_vintf_page0(cmdqv); + return true; +} + +static inline uint32_t *tegra241_cmdqv_vintf_ptr(Tegra241CMDQV *cmdqv, + int index, hwaddr offset0) +{ + if (!cmdqv->vcmdq[index] || !cmdqv->vintf_page0) { + return NULL; + } + return (uint32_t *)(cmdqv->vintf_page0 + + (index * CMDQV_VCMDQ_STRIDE) + + (offset0 - CMDQV_VCMDQ_PAGE0_BASE)); +} + +/* + * Read a VCMDQ register using VCMDQ0_* offsets. + * + * The caller normalizes the MMIO offset such that @offset0 always refers + * to a VCMDQ0_* register, while @index selects the VCMDQ instance. + * + * If the VCMDQ is allocated and VINTF page0 is mmap'd, read directly + * from the VINTF page0 backing. Otherwise, fall back to cached state. + */ +static uint64_t tegra241_cmdqv_read_vcmdq(Tegra241CMDQV *cmdqv, hwaddr offset0, + int index) +{ + uint32_t *ptr = tegra241_cmdqv_vintf_ptr(cmdqv, index, offset0); + + if (ptr) { + switch (offset0) { + case A_VCMDQ0_CONS_INDX: + case A_VCMDQ0_PROD_INDX: + case A_VCMDQ0_CONFIG: + case A_VCMDQ0_STATUS: + case A_VCMDQ0_GERROR: + case A_VCMDQ0_GERRORN: + return *ptr; + default: + break; + } + } + + switch (offset0) { + case A_VCMDQ0_CONS_INDX: + return cmdqv->vcmdq_cons_indx[index]; + case A_VCMDQ0_PROD_INDX: + return cmdqv->vcmdq_prod_indx[index]; + case A_VCMDQ0_CONFIG: + return cmdqv->vcmdq_config[index]; + case A_VCMDQ0_STATUS: + return cmdqv->vcmdq_status[index]; + case A_VCMDQ0_GERROR: + return cmdqv->vcmdq_gerror[index]; + case A_VCMDQ0_GERRORN: + return cmdqv->vcmdq_gerrorn[index]; + case A_VCMDQ0_BASE_L: + return cmdqv->vcmdq_base[index]; + case A_VCMDQ0_BASE_H: + return cmdqv->vcmdq_base[index] >> 32; + case A_VCMDQ0_CONS_INDX_BASE_DRAM_L: + return cmdqv->vcmdq_cons_indx_base[index]; + case A_VCMDQ0_CONS_INDX_BASE_DRAM_H: + return cmdqv->vcmdq_cons_indx_base[index] >> 32; + default: + qemu_log_mask(LOG_UNIMP, + "%s unhandled read access at 0x%" PRIx64 "\n", + __func__, offset0); + return 0; + } +} + +/* + * Write a VCMDQ register using VCMDQ0_* offsets. + * + * The caller normalizes the MMIO offset such that @offset0 always refers + * to a VCMDQ0_* register, while @index selects the VCMDQ instance. + * + * If the VCMDQ is allocated and VINTF page0 is mmap'd, write directly + * to the VINTF page0 backing. Otherwise, update cached state. + */ +static void tegra241_cmdqv_write_vcmdq(Tegra241CMDQV *cmdqv, hwaddr offset0, + int index, uint64_t value, + unsigned size, Error **errp) +{ + uint32_t *ptr = tegra241_cmdqv_vintf_ptr(cmdqv, index, offset0); + + if (ptr) { + switch (offset0) { + case A_VCMDQ0_CONS_INDX: + case A_VCMDQ0_PROD_INDX: + case A_VCMDQ0_CONFIG: + case A_VCMDQ0_GERRORN: + *ptr = (uint32_t)value; + return; + default: + break; + } + } + + switch (offset0) { + case A_VCMDQ0_CONS_INDX: + cmdqv->vcmdq_cons_indx[index] = (uint32_t)value; + return; + case A_VCMDQ0_PROD_INDX: + cmdqv->vcmdq_prod_indx[index] = (uint32_t)value; + return; + case A_VCMDQ0_CONFIG: + if (value & R_VCMDQ0_CONFIG_CMDQ_EN_MASK) { + cmdqv->vcmdq_status[index] |= R_VCMDQ0_STATUS_CMDQ_EN_OK_MASK; + } else { + cmdqv->vcmdq_status[index] &= ~R_VCMDQ0_STATUS_CMDQ_EN_OK_MASK; + } + cmdqv->vcmdq_config[index] = (uint32_t)value; + return; + case A_VCMDQ0_GERRORN: + cmdqv->vcmdq_gerrorn[index] = (uint32_t)value; + return; + case A_VCMDQ0_BASE_L: + if (size == 8) { + cmdqv->vcmdq_base[index] = value; + } else { + cmdqv->vcmdq_base[index] = + (cmdqv->vcmdq_base[index] & 0xffffffff00000000ULL) | + (value & 0xffffffffULL); + } + tegra241_cmdqv_setup_vcmdq(cmdqv, index, errp); + return; + case A_VCMDQ0_BASE_H: + cmdqv->vcmdq_base[index] = + (cmdqv->vcmdq_base[index] & 0xffffffffULL) | + ((uint64_t)value << 32); + tegra241_cmdqv_setup_vcmdq(cmdqv, index, errp); + return; + case A_VCMDQ0_CONS_INDX_BASE_DRAM_L: + if (size == 8) { + cmdqv->vcmdq_cons_indx_base[index] = value; + } else { + cmdqv->vcmdq_cons_indx_base[index] = + (cmdqv->vcmdq_cons_indx_base[index] & 0xffffffff00000000ULL) | + (value & 0xffffffffULL); + } + return; + case A_VCMDQ0_CONS_INDX_BASE_DRAM_H: + cmdqv->vcmdq_cons_indx_base[index] = + (cmdqv->vcmdq_cons_indx_base[index] & 0xffffffffULL) | + ((uint64_t)value << 32); + return; + default: + qemu_log_mask(LOG_UNIMP, + "%s unhandled write access at 0x%" PRIx64 "\n", + __func__, offset0); + return; + } +} + +static bool +tegra241_cmdqv_munmap_vintf_page0(Tegra241CMDQV *cmdqv, Error **errp) +{ + if (!cmdqv->vintf_page0) { + return true; + } + + if (munmap(cmdqv->vintf_page0, VINTF_PAGE_SIZE) < 0) { + error_setg_errno(errp, errno, "Failed to unmap VINTF page0"); + return false; + } + cmdqv->vintf_page0 = NULL; + return true; +} + +static bool tegra241_cmdqv_mmap_vintf_page0(Tegra241CMDQV *cmdqv, Error **errp) +{ + IOMMUFDViommu *viommu = cmdqv->s_accel->viommu; + + if (cmdqv->vintf_page0) { + return true; + } + + if (!iommufd_backend_viommu_mmap(viommu->iommufd, viommu->viommu_id, + VINTF_PAGE_SIZE, + cmdqv->cmdqv_data.out_vintf_mmap_offset, + &cmdqv->vintf_page0, errp)) { + return false; + } + + return true; +} + +static uint64_t tegra241_cmdqv_config_vintf_read(Tegra241CMDQV *cmdqv, + hwaddr offset) +{ + int i; + + switch (offset) { + case A_VINTF0_CONFIG: + return cmdqv->vintf_config; + case A_VINTF0_STATUS: + return cmdqv->vintf_status; + case A_VINTF0_SID_MATCH_0 ... A_VINTF0_SID_MATCH_15: + i = (offset - A_VINTF0_SID_MATCH_0) / 4; + return cmdqv->vintf_sid_match[i]; + case A_VINTF0_SID_REPLACE_0 ... A_VINTF0_SID_REPLACE_15: + i = (offset - A_VINTF0_SID_REPLACE_0) / 4; + return cmdqv->vintf_sid_replace[i]; + case A_VINTF0_LVCMDQ_ERR_MAP_0 ... A_VINTF0_LVCMDQ_ERR_MAP_3: + i = (offset - A_VINTF0_LVCMDQ_ERR_MAP_0) / 4; + return cmdqv->vintf_cmdq_err_map[i]; + default: + /* + * GLB_FILT_CFG_0 (offset 0xC) and GLB_FILT_DATA_0 (offset 0x10) are + * filter config and filter data registers. They are not required for + * normal VINTF operation and are not emulated. + */ + qemu_log_mask(LOG_UNIMP, "%s unhandled read access at 0x%" PRIx64 "\n", + __func__, offset); + return 0; + } +} + +static void tegra241_cmdqv_config_vintf_write(Tegra241CMDQV *cmdqv, + hwaddr offset, uint64_t value, + Error **errp) +{ + int i; + + switch (offset) { + case A_VINTF0_CONFIG: + /* + * Mask out HYP_OWN on guest writes. This bit selects Hypervisor (1) vs + * Guest (0) ownership of the CMDQ. Force it to 0 so the VINTF always + * remains guest-owned. + */ + value &= ~R_VINTF0_CONFIG_HYP_OWN_MASK; + + cmdqv->vintf_config = value; + if (value & R_VINTF0_CONFIG_ENABLE_MASK) { + if (tegra241_cmdqv_mmap_vintf_page0(cmdqv, errp)) { + cmdqv->vintf_status |= R_VINTF0_STATUS_ENABLE_OK_MASK; + } + } else { + tegra241_cmdqv_guest_unmap_vintf_page0(cmdqv); + tegra241_cmdqv_free_all_vcmdq(cmdqv); + tegra241_cmdqv_munmap_vintf_page0(cmdqv, errp); + cmdqv->vintf_status &= ~R_VINTF0_STATUS_ENABLE_OK_MASK; + } + break; + case A_VINTF0_SID_MATCH_0 ... A_VINTF0_SID_MATCH_15: + i = (offset - A_VINTF0_SID_MATCH_0) / 4; + cmdqv->vintf_sid_match[i] = value; + break; + case A_VINTF0_SID_REPLACE_0 ... A_VINTF0_SID_REPLACE_15: + i = (offset - A_VINTF0_SID_REPLACE_0) / 4; + cmdqv->vintf_sid_replace[i] = value; + break; + default: + /* + * GLB_FILT_CFG_0 (offset 0xC) and GLB_FILT_DATA_0 (offset 0x10) are + * filter config and filter data registers. They are not required for + * normal VINTF operation and are not emulated. + */ + qemu_log_mask(LOG_UNIMP, "%s unhandled write access at 0x%" PRIx64 "\n", + __func__, offset); + return; + } +} + +static uint64_t tegra241_cmdqv_read_mmio(void *opaque, hwaddr offset, + unsigned size) +{ + Tegra241CMDQV *cmdqv = (Tegra241CMDQV *)opaque; + uint64_t val = 0; + int index; + + if (offset >= TEGRA241_CMDQV_IO_LEN) { + qemu_log_mask(LOG_UNIMP, + "%s offset 0x%" PRIx64 " off limit (0x%x)\n", __func__, + offset, TEGRA241_CMDQV_IO_LEN); + goto out; + } + + switch (offset) { + case A_CONFIG: + val = cmdqv->config; + break; + case A_PARAM: + val = cmdqv->param; + break; + case A_STATUS: + val = cmdqv->status; + break; + case A_VI_ERR_MAP_0 ... A_VI_ERR_MAP_1: + val = cmdqv->vi_err_map[(offset - A_VI_ERR_MAP_0) / 4]; + break; + case A_VI_INT_MASK ... A_VI_INT_MASK_1: + val = cmdqv->vi_int_mask[(offset - A_VI_INT_MASK) / 4]; + break; + case A_CMDQ_ERR_MAP_0 ... A_CMDQ_ERR_MAP_3: + val = cmdqv->cmdq_err_map[(offset - A_CMDQ_ERR_MAP_0) / 4]; + break; + case A_CMDQ_ALLOC_MAP_0 ... A_CMDQ_ALLOC_MAP_1: + val = cmdqv->cmdq_alloc_map[(offset - A_CMDQ_ALLOC_MAP_0) / 4]; + break; + case A_VINTF0_CONFIG ... A_VINTF0_LVCMDQ_ERR_MAP_3: + val = tegra241_cmdqv_config_vintf_read(cmdqv, offset); + break; + case A_VI_VCMDQ0_CONS_INDX ... A_VI_VCMDQ1_GERRORN: + /* + * VINTF Page0 registers have the same per-VCMDQ layout as the + * VCMDQ Page0 registers. Translate the VINTF aperture offset to the + * equivalent VCMDQ aperture offset, then fall through to reuse the + * common VCMDQ decoding logic below. + */ + offset -= CMDQV_VINTF_PAGE0_BASE - CMDQV_VCMDQ_PAGE0_BASE; + QEMU_FALLTHROUGH; + case A_VCMDQ0_CONS_INDX ... A_VCMDQ1_GERRORN: + /* + * Decode a per-VCMDQ register access. + * + * The hardware supports up to 128 identical VCMDQ instances; we + * currently expose TEGRA241_CMDQV_MAX_CMDQ (= 2). Each VCMDQ + * occupies a CMDQV_VCMDQ_STRIDE-byte window within the page. + * + * Extract the VCMDQ index and normalize to the VCMDQ0_* register + * offset. A single helper services all instances via @index. + */ + index = (offset - CMDQV_VCMDQ_PAGE0_BASE) / CMDQV_VCMDQ_STRIDE; + return tegra241_cmdqv_read_vcmdq(cmdqv, + offset - index * CMDQV_VCMDQ_STRIDE, index); + case A_VI_VCMDQ0_BASE_L ... A_VI_VCMDQ1_CONS_INDX_BASE_DRAM_H: + /* Same VINTF-to-VCMDQ translation as VINTF Page0 case above */ + offset -= CMDQV_VINTF_PAGE1_BASE - CMDQV_VCMDQ_PAGE1_BASE; + QEMU_FALLTHROUGH; + case A_VCMDQ0_BASE_L ... A_VCMDQ1_CONS_INDX_BASE_DRAM_H: + /* Same decode logic as VCMDQ Page0 case above */ + index = (offset - CMDQV_VCMDQ_PAGE1_BASE) / CMDQV_VCMDQ_STRIDE; + return tegra241_cmdqv_read_vcmdq(cmdqv, + offset - index * CMDQV_VCMDQ_STRIDE, index); + default: + qemu_log_mask(LOG_UNIMP, "%s unhandled read access at 0x%" PRIx64 "\n", + __func__, offset); + } + +out: + trace_tegra241_cmdqv_read_mmio(offset, val, size); + return val; +} + +static void tegra241_cmdqv_write_mmio(void *opaque, hwaddr offset, + uint64_t value, unsigned size) +{ + Tegra241CMDQV *cmdqv = (Tegra241CMDQV *)opaque; + Error *local_err = NULL; + int index; + + if (offset >= TEGRA241_CMDQV_IO_LEN) { + qemu_log_mask(LOG_UNIMP, + "%s offset 0x%" PRIx64 " off limit (0x%x)\n", __func__, + offset, TEGRA241_CMDQV_IO_LEN); + goto out; + } + + switch (offset) { + case A_CONFIG: + cmdqv->config = value; + if (value & R_CONFIG_CMDQV_EN_MASK) { + cmdqv->status |= R_STATUS_CMDQV_ENABLED_MASK; + } else { + tegra241_cmdqv_guest_unmap_vintf_page0(cmdqv); + tegra241_cmdqv_free_all_vcmdq(cmdqv); + cmdqv->status &= ~R_STATUS_CMDQV_ENABLED_MASK; + } + break; + case A_VI_INT_MASK ... A_VI_INT_MASK_1: + cmdqv->vi_int_mask[(offset - A_VI_INT_MASK) / 4] = value; + break; + case A_CMDQ_ALLOC_MAP_0 ... A_CMDQ_ALLOC_MAP_1: + cmdqv->cmdq_alloc_map[(offset - A_CMDQ_ALLOC_MAP_0) / 4] = value; + break; + case A_VINTF0_CONFIG ... A_VINTF0_LVCMDQ_ERR_MAP_3: + tegra241_cmdqv_config_vintf_write(cmdqv, offset, value, &local_err); + break; + case A_VI_VCMDQ0_CONS_INDX ... A_VI_VCMDQ1_GERRORN: + /* + * VINTF Page0 registers have the same per-VCMDQ layout as the + * VCMDQ Page0 registers. Translate the VINTF aperture offset to the + * equivalent VCMDQ aperture offset, then fall through to reuse the + * common VCMDQ decoding logic below. + */ + offset -= CMDQV_VINTF_PAGE0_BASE - CMDQV_VCMDQ_PAGE0_BASE; + QEMU_FALLTHROUGH; + case A_VCMDQ0_CONS_INDX ... A_VCMDQ1_GERRORN: + /* + * Decode a per-VCMDQ register access. + * + * The hardware supports up to 128 identical VCMDQ instances; we + * currently expose TEGRA241_CMDQV_MAX_CMDQ (= 2). Each VCMDQ + * occupies a CMDQV_VCMDQ_STRIDE-byte window within the page. + * + * Extract the VCMDQ index and normalize to the VCMDQ0_* register + * offset. A single helper services all instances via @index. + */ + index = (offset - CMDQV_VCMDQ_PAGE0_BASE) / CMDQV_VCMDQ_STRIDE; + tegra241_cmdqv_write_vcmdq(cmdqv, offset - index * CMDQV_VCMDQ_STRIDE, + index, value, size, &local_err); + break; + case A_VI_VCMDQ0_BASE_L ... A_VI_VCMDQ1_CONS_INDX_BASE_DRAM_H: + /* Same VINTF-to-VCMDQ translation as VINTF Page0 case above */ + offset -= CMDQV_VINTF_PAGE1_BASE - CMDQV_VCMDQ_PAGE1_BASE; + QEMU_FALLTHROUGH; + case A_VCMDQ0_BASE_L ... A_VCMDQ1_CONS_INDX_BASE_DRAM_H: + /* Same decode logic as VCMDQ Page0 case above */ + index = (offset - CMDQV_VCMDQ_PAGE1_BASE) / CMDQV_VCMDQ_STRIDE; + tegra241_cmdqv_write_vcmdq(cmdqv, offset - index * CMDQV_VCMDQ_STRIDE, + index, value, size, &local_err); + break; + default: + qemu_log_mask(LOG_UNIMP, "%s unhandled write access at 0x%" PRIx64 "\n", + __func__, offset); + } + +out: + if (local_err) { + error_report_err(local_err); + } + trace_tegra241_cmdqv_write_mmio(offset, value, size); +} + +static void tegra241_cmdqv_event_read(void *opaque) +{ + Tegra241CMDQV *cmdqv = opaque; + IOMMUFDVeventq *veventq = cmdqv->veventq; + struct { + struct iommufd_vevent_header hdr; + struct iommu_vevent_tegra241_cmdqv vevent; + } buf; + Error *local_err = NULL; + + if (!smmuv3_accel_event_read_validate(veventq, + IOMMU_VEVENTQ_TYPE_TEGRA241_CMDQV, + &buf, sizeof(buf), &local_err)) { + warn_report_err_once(local_err); + return; + } + + if (buf.vevent.lvcmdq_err_map[0] || buf.vevent.lvcmdq_err_map[1]) { + cmdqv->vintf_cmdq_err_map[0] = + buf.vevent.lvcmdq_err_map[0] & 0xffffffff; + cmdqv->vintf_cmdq_err_map[1] = + (buf.vevent.lvcmdq_err_map[0] >> 32) & 0xffffffff; + cmdqv->vintf_cmdq_err_map[2] = + buf.vevent.lvcmdq_err_map[1] & 0xffffffff; + cmdqv->vintf_cmdq_err_map[3] = + (buf.vevent.lvcmdq_err_map[1] >> 32) & 0xffffffff; + for (int i = 0; i < 4; i++) { + cmdqv->cmdq_err_map[i] = cmdqv->vintf_cmdq_err_map[i]; + } + cmdqv->vi_err_map[0] |= 0x1; + qemu_irq_pulse(cmdqv->irq); + trace_tegra241_cmdqv_err_map( + cmdqv->vintf_cmdq_err_map[3], cmdqv->vintf_cmdq_err_map[2], + cmdqv->vintf_cmdq_err_map[1], cmdqv->vintf_cmdq_err_map[0]); + } +} + +static void tegra241_cmdqv_free_viommu(SMMUv3State *s) +{ + SMMUv3AccelState *accel = s->s_accel; + IOMMUFDViommu *viommu = accel->viommu; + Tegra241CMDQV *cmdqv = accel->cmdqv; + IOMMUFDVeventq *veventq = cmdqv->veventq; + + if (!viommu) { + return; + } + if (veventq) { + qemu_set_fd_handler(veventq->veventq_fd, NULL, NULL, NULL); + close(veventq->veventq_fd); + iommufd_backend_free_id(viommu->iommufd, veventq->veventq_id); + g_free(veventq); + cmdqv->veventq = NULL; + } + iommufd_backend_free_id(viommu->iommufd, viommu->viommu_id); +} + +static bool +tegra241_cmdqv_alloc_viommu(SMMUv3State *s, HostIOMMUDeviceIOMMUFD *idev, + uint32_t *out_viommu_id, Error **errp) +{ + Tegra241CMDQV *cmdqv = s->s_accel->cmdqv; + uint32_t viommu_id, veventq_id, veventq_fd; + IOMMUFDVeventq *veventq; + int flags; + + if (!iommufd_backend_alloc_viommu(idev->iommufd, idev->devid, + IOMMU_VIOMMU_TYPE_TEGRA241_CMDQV, + idev->hwpt_id, &cmdqv->cmdqv_data, + sizeof(cmdqv->cmdqv_data), &viommu_id, + errp)) { + return false; + } + + if (!iommufd_backend_alloc_veventq(idev->iommufd, viommu_id, + IOMMU_VEVENTQ_TYPE_TEGRA241_CMDQV, + 1 << 16, &veventq_id, &veventq_fd, + errp)) { + error_append_hint(errp, "Tegra241 CMDQV: failed to alloc veventq"); + goto free_viommu; + } + + flags = fcntl(veventq_fd, F_GETFL); + if (flags < 0) { + error_setg(errp, "Failed to get flags for vEVENTQ fd"); + goto free_veventq; + } + if (fcntl(veventq_fd, F_SETFL, O_NONBLOCK | flags) < 0) { + error_setg(errp, "Failed to set O_NONBLOCK on vEVENTQ fd"); + goto free_veventq; + } + + veventq = g_new(IOMMUFDVeventq, 1); + veventq->veventq_id = veventq_id; + veventq->veventq_fd = veventq_fd; + cmdqv->veventq = veventq; + + /* Set up event handler for veventq fd */ + qemu_set_fd_handler(veventq_fd, tegra241_cmdqv_event_read, NULL, cmdqv); + *out_viommu_id = viommu_id; + return true; + +free_veventq: + close(veventq_fd); + iommufd_backend_free_id(idev->iommufd, veventq_id); +free_viommu: + iommufd_backend_free_id(idev->iommufd, viommu_id); + return false; +} + +static size_t tegra241_cmdqv_min_ram_pagesize(void) +{ + RAMBlock *rb; + size_t pg, min_pg = SIZE_MAX; + + RAMBLOCK_FOREACH(rb) { + MemoryRegion *mr = rb->mr; + + /* Only consider real RAM regions */ + if (!mr || !memory_region_is_ram(mr)) { + continue; + } + + /* Skip RAM regions that are not backed by a memory-backend */ + if (!object_dynamic_cast(mr->owner, TYPE_MEMORY_BACKEND)) { + continue; + } + + pg = qemu_ram_pagesize(rb); + if (pg && pg < min_pg) { + min_pg = pg; + } + } + + return (min_pg == SIZE_MAX) ? qemu_real_host_page_size() : min_pg; +} + +static void tegra241_cmdqv_init_regs(SMMUv3State *s, Tegra241CMDQV *cmdqv) +{ + int i; + size_t pgsize; + uint32_t val; + + cmdqv->config = V_CONFIG_RESET; + cmdqv->param = FIELD_DP32(0, PARAM, CMDQV_VER, CMDQV_VER); + cmdqv->param = FIELD_DP32(cmdqv->param, PARAM, CMDQV_NUM_CMDQ_LOG2, + CMDQV_NUM_CMDQ_LOG2); + cmdqv->param = FIELD_DP32(cmdqv->param, PARAM, CMDQV_NUM_SID_PER_VI_LOG2, + CMDQV_NUM_SID_PER_VI_LOG2); + trace_tegra241_cmdqv_init_regs(cmdqv->param); + cmdqv->status = R_STATUS_CMDQV_ENABLED_MASK; + for (i = 0; i < 2; i++) { + cmdqv->vi_err_map[i] = 0; + cmdqv->vi_int_mask[i] = 0; + cmdqv->cmdq_err_map[i] = 0; + } + cmdqv->cmdq_err_map[2] = 0; + cmdqv->cmdq_err_map[3] = 0; + cmdqv->vintf_config = 0; + cmdqv->vintf_status = 0; + for (i = 0; i < 4; i++) { + cmdqv->vintf_cmdq_err_map[i] = 0; + } + for (i = 0; i < TEGRA241_CMDQV_MAX_CMDQ; i++) { + cmdqv->cmdq_alloc_map[i] = 0; + cmdqv->vcmdq_cons_indx[i] = 0; + cmdqv->vcmdq_prod_indx[i] = 0; + cmdqv->vcmdq_config[i] = 0; + cmdqv->vcmdq_status[i] = 0; + cmdqv->vcmdq_gerror[i] = 0; + cmdqv->vcmdq_gerrorn[i] = 0; + cmdqv->vcmdq_base[i] = 0; + cmdqv->vcmdq_cons_indx_base[i] = 0; + } + + /* + * CMDQ must not cross a physical RAM backend page. Adjust CMDQS so the + * queue fits entirely within the smallest backend page size, ensuring + * the command queue is physically contiguous in host memory. + */ + pgsize = tegra241_cmdqv_min_ram_pagesize(); + val = FIELD_EX32(s->idr[1], IDR1, CMDQS); + s->idr[1] = FIELD_DP32(s->idr[1], IDR1, CMDQS, MIN(ctz64(pgsize) - 4, val)); +} + +static void tegra241_cmdqv_reset(SMMUv3State *s) +{ + SMMUv3AccelState *accel = s->s_accel; + Tegra241CMDQV *cmdqv = accel->cmdqv; + + if (!cmdqv) { + return; + } + + tegra241_cmdqv_guest_unmap_vintf_page0(cmdqv); + tegra241_cmdqv_munmap_vintf_page0(cmdqv, NULL); + tegra241_cmdqv_free_all_vcmdq(cmdqv); + + tegra241_cmdqv_init_regs(s, cmdqv); +} + +static const MemoryRegionOps mmio_cmdqv_ops = { + .read = tegra241_cmdqv_read_mmio, + .write = tegra241_cmdqv_write_mmio, + .endianness = DEVICE_LITTLE_ENDIAN, +}; + +static bool tegra241_cmdqv_init(SMMUv3State *s, Error **errp) +{ + SysBusDevice *sbd = SYS_BUS_DEVICE(OBJECT(s)); + SMMUv3AccelState *accel = s->s_accel; + Tegra241CMDQV *cmdqv; + + cmdqv = g_new0(Tegra241CMDQV, 1); + memory_region_init_io(&cmdqv->mmio_cmdqv, OBJECT(s), &mmio_cmdqv_ops, cmdqv, + "tegra241-cmdqv", TEGRA241_CMDQV_IO_LEN); + sysbus_init_mmio(sbd, &cmdqv->mmio_cmdqv); + sysbus_init_irq(sbd, &cmdqv->irq); + cmdqv->s_accel = accel; + accel->cmdqv = cmdqv; + return true; +} + +static SMMUv3AccelCmdqvType tegra241_cmdqv_get_type(void) +{ + return SMMUV3_CMDQV_TEGRA241; +} + +static bool tegra241_cmdqv_probe(SMMUv3State *s, HostIOMMUDeviceIOMMUFD *idev, + Error **errp) +{ + uint32_t data_type = IOMMU_HW_INFO_TYPE_TEGRA241_CMDQV; + struct iommu_hw_info_tegra241_cmdqv cmdqv_info; + uint64_t caps; + + if (!iommufd_backend_get_device_info(idev->iommufd, idev->devid, &data_type, + &cmdqv_info, sizeof(cmdqv_info), &caps, + NULL, errp)) { + return false; + } + if (data_type != IOMMU_HW_INFO_TYPE_TEGRA241_CMDQV) { + error_setg(errp, "Host CMDQV: unexpected data type %u (expected %u)", + data_type, IOMMU_HW_INFO_TYPE_TEGRA241_CMDQV); + return false; + } + if (cmdqv_info.version != CMDQV_VER) { + error_setg(errp, "Host CMDQV: unsupported version %u (expected %u)", + cmdqv_info.version, CMDQV_VER); + return false; + } + if (cmdqv_info.log2vcmdqs < CMDQV_NUM_CMDQ_LOG2) { + error_setg(errp, "Host CMDQV: insufficient vCMDQs log2=%u (need >= %u)", + cmdqv_info.log2vcmdqs, CMDQV_NUM_CMDQ_LOG2); + return false; + } + if (cmdqv_info.log2vsids < CMDQV_NUM_SID_PER_VI_LOG2) { + error_setg(errp, "Host CMDQV: insufficient SIDs log2=%u (need >= %u)", + cmdqv_info.log2vsids, CMDQV_NUM_SID_PER_VI_LOG2); + return false; + } + return true; +} + +static const SMMUv3AccelCmdqvOps tegra241_cmdqv_ops = { + .probe = tegra241_cmdqv_probe, + .init = tegra241_cmdqv_init, + .alloc_viommu = tegra241_cmdqv_alloc_viommu, + .free_viommu = tegra241_cmdqv_free_viommu, + .get_type = tegra241_cmdqv_get_type, + .reset = tegra241_cmdqv_reset, +}; + +const SMMUv3AccelCmdqvOps *tegra241_cmdqv_get_ops(void) +{ + return &tegra241_cmdqv_ops; +} diff --git a/hw/arm/tegra241-cmdqv.h b/hw/arm/tegra241-cmdqv.h new file mode 100644 index 00000000000..b2a444daef3 --- /dev/null +++ b/hw/arm/tegra241-cmdqv.h @@ -0,0 +1,367 @@ +/* + * Copyright (c) 2025-2026 NVIDIA CORPORATION & AFFILIATES. All rights reserved + * NVIDIA Tegra241 CMDQ-Virtualiisation extension for SMMUv3 + * + * Written by Nicolin Chen, Shameer Kolothum + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#ifndef HW_ARM_TEGRA241_CMDQV_H +#define HW_ARM_TEGRA241_CMDQV_H + +#include "hw/core/registerfields.h" + +#define CMDQV_VER 1 +#define CMDQV_NUM_CMDQ_LOG2 1 +#define CMDQV_NUM_SID_PER_VI_LOG2 4 + +#define TEGRA241_CMDQV_MAX_CMDQ (1U << CMDQV_NUM_CMDQ_LOG2) + +#define VINTF_PAGE_SIZE 0x10000 + +/* + * Tegra241 CMDQV MMIO layout (64KB pages) + * + * 0x00000 (CMDQ-V Config page) + * 0x10000 (CMDQ-V CMDQ Page0) + * 0x20000 (CMDQ-V CMDQ Page1) + * 0x30000 (Virtual Interface Page0) + * 0x40000 (Virtual Interface Page1) + */ +#define TEGRA241_CMDQV_IO_LEN 0x50000 + +/* CMDQV MMIO aperture bases and VCMDQ stride */ +#define CMDQV_VCMDQ_PAGE0_BASE 0x10000 /* CMDQV_CMDQ_BASE */ +#define CMDQV_VCMDQ_PAGE1_BASE 0x20000 +#define CMDQV_VINTF_PAGE0_BASE 0x30000 /* CMDQV_VI_CMDQ_BASE */ +#define CMDQV_VINTF_PAGE1_BASE 0x40000 +#define CMDQV_VCMDQ_STRIDE 0x80 + +typedef struct Tegra241CMDQV { + struct iommu_viommu_tegra241_cmdqv cmdqv_data; + SMMUv3AccelState *s_accel; + MemoryRegion mmio_cmdqv; + qemu_irq irq; + IOMMUFDVeventq *veventq; + IOMMUFDHWqueue *vcmdq[TEGRA241_CMDQV_MAX_CMDQ]; + void *vintf_page0; + MemoryRegion *mr_vintf_page0; + + /* Register Cache */ + uint32_t config; + uint32_t param; + uint32_t status; + uint32_t vi_err_map[2]; + uint32_t vi_int_mask[2]; + uint32_t cmdq_err_map[4]; + uint32_t cmdq_alloc_map[TEGRA241_CMDQV_MAX_CMDQ]; + uint32_t vintf_config; + uint32_t vintf_status; + uint32_t vintf_sid_match[16]; + uint32_t vintf_sid_replace[16]; + uint32_t vintf_cmdq_err_map[4]; + uint32_t vcmdq_cons_indx[TEGRA241_CMDQV_MAX_CMDQ]; + uint32_t vcmdq_prod_indx[TEGRA241_CMDQV_MAX_CMDQ]; + uint32_t vcmdq_config[TEGRA241_CMDQV_MAX_CMDQ]; + uint32_t vcmdq_status[TEGRA241_CMDQV_MAX_CMDQ]; + uint32_t vcmdq_gerror[TEGRA241_CMDQV_MAX_CMDQ]; + uint32_t vcmdq_gerrorn[TEGRA241_CMDQV_MAX_CMDQ]; + uint64_t vcmdq_base[TEGRA241_CMDQV_MAX_CMDQ]; + uint64_t vcmdq_cons_indx_base[TEGRA241_CMDQV_MAX_CMDQ]; +} Tegra241CMDQV; + +/* CMDQ-V Config page registers (offset 0x00000) */ +REG32(CONFIG, 0x0) +FIELD(CONFIG, CMDQV_EN, 0, 1) +FIELD(CONFIG, CMDQV_PER_CMD_OFFSET, 1, 3) +FIELD(CONFIG, CMDQ_MAX_CLK_BATCH, 4, 8) +FIELD(CONFIG, CMDQ_MAX_CMD_BATCH, 12, 8) +FIELD(CONFIG, CONS_DRAM_EN, 20, 1) + +#define V_CONFIG_RESET 0x00020403 + +REG32(PARAM, 0x4) +FIELD(PARAM, CMDQV_VER, 0, 4) +FIELD(PARAM, CMDQV_NUM_CMDQ_LOG2, 4, 4) +FIELD(PARAM, CMDQV_NUM_VI_LOG2, 8, 4) +FIELD(PARAM, CMDQV_NUM_SID_PER_VI_LOG2, 12, 4) + +REG32(STATUS, 0x8) +FIELD(STATUS, CMDQV_ENABLED, 0, 1) + +/* SMMU_CMDQV_VI_ERR_MAP_0/1 definitions */ +#define A_VI_ERR_MAP_0 0x14 +#define A_VI_ERR_MAP_1 0x18 +#define V_VI_ERR_MAP_NO_ERROR (0) +#define V_VI_ERR_MAP_ERROR (1) + +/* SMMU_CMDQV_VI_INT_MASK_0/1 definitions */ +#define A_VI_INT_MASK 0x1c +#define A_VI_INT_MASK_1 0x20 +#define V_VI_INT_MASK_NOT_MASKED (0) +#define V_VI_INT_MASK_MASKED (1) + +/* SMMU_CMDQV_CMDQ_ERR_MAP_0-3 definitions */ +#define A_CMDQ_ERR_MAP_0 0x24 +#define A_CMDQ_ERR_MAP_1 0x28 +#define A_CMDQ_ERR_MAP_2 0x2c +#define A_CMDQ_ERR_MAP_3 0x30 + +/* + * CMDQ_ALLOC_MAP: one entry per physical VCMDQ. Hardware supports up to 128 + * entries (CMDQV_NUM_CMDQ_LOG2=7), but QEMU only exposes + * TEGRA241_CMDQV_MAX_CMDQ (=2) VCMDQs per VM so only entries 0 and 1 are + * defined here. + */ +/* 2 identical register entries */ +#define SMMU_CMDQV_CMDQ_ALLOC_MAP_(i) \ + REG32(CMDQ_ALLOC_MAP_##i, 0x200 + i * 4) \ + FIELD(CMDQ_ALLOC_MAP_##i, ALLOC, 0, 1) \ + FIELD(CMDQ_ALLOC_MAP_##i, LVCMDQ, 1, 7) \ + FIELD(CMDQ_ALLOC_MAP_##i, VIRT_INTF_INDX, 15, 6) + +SMMU_CMDQV_CMDQ_ALLOC_MAP_(0) +SMMU_CMDQV_CMDQ_ALLOC_MAP_(1) + + +/* Only VINTF0 is exposed to the guest; vintf = 0 */ +#define SMMU_CMDQV_VINTFi_CONFIG_(vi) \ + REG32(VINTF##vi##_CONFIG, 0x1000 + vi * 0x100) \ + FIELD(VINTF##vi##_CONFIG, ENABLE, 0, 1) \ + FIELD(VINTF##vi##_CONFIG, VMID, 1, 16) \ + FIELD(VINTF##vi##_CONFIG, HYP_OWN, 17, 1) + +SMMU_CMDQV_VINTFi_CONFIG_(0) + +#define SMMU_CMDQV_VINTFi_STATUS_(vi) \ + REG32(VINTF##vi##_STATUS, 0x1004 + vi * 0x100) \ + FIELD(VINTF##vi##_STATUS, ENABLE_OK, 0, 1) \ + FIELD(VINTF##vi##_STATUS, STATUS, 1, 3) \ + FIELD(VINTF##vi##_STATUS, VI_NUM_LVCMDQ, 16, 8) + +SMMU_CMDQV_VINTFi_STATUS_(0) + +#define V_VINTF_STATUS_NO_ERROR (0 << 1) +#define V_VINTF_STATUS_VCMDQ_ERROR (1 << 1) + +/* + * SID_MATCH/SID_REPLACE: 16 entries per VINTF (CMDQV_NUM_SID_PER_VI_LOG2=4). + * vintf = 0, 16 identical register entries + */ +#define SMMU_CMDQV_VINTFi_SID_MATCH_(vi, j) \ + REG32(VINTF##vi##_SID_MATCH_##j, 0x1040 + j * 4 + vi * 0x100) \ + FIELD(VINTF##vi##_SID_MATCH_##j, ENABLE, 0, 1) \ + FIELD(VINTF##vi##_SID_MATCH_##j, VIRT_SID, 1, 20) + +SMMU_CMDQV_VINTFi_SID_MATCH_(0, 0) +/* Omitting [0][1~14] as not being directly called */ +SMMU_CMDQV_VINTFi_SID_MATCH_(0, 15) + +/* vintf = 0, 16 identical register entries */ +#define SMMU_CMDQV_VINTFi_SID_REPLACE_(vi, j) \ + REG32(VINTF##vi##_SID_REPLACE_##j, 0x1080 + j * 4 + vi * 0x100) \ + FIELD(VINTF##vi##_SID_REPLACE_##j, PHYS_SID, 0, 20) + +SMMU_CMDQV_VINTFi_SID_REPLACE_(0, 0) +/* Omitting [0][1~14] as not being directly called */ +SMMU_CMDQV_VINTFi_SID_REPLACE_(0, 15) + +/* + * LVCMDQ_ERR_MAP: hardware defines 4 registers per VINTF (offset + * 0x10c0..0x10cc), each covering 32 logical VCMDQs. All 4 are accessible + * by the guest. With TEGRA241_CMDQV_MAX_CMDQ=2 only MAP_0 bits [1:0] + * carry meaningful error state; MAP_1..MAP_3 always read as 0. + * vintf = 0, 4 identical register entries + */ +#define SMMU_CMDQV_VINTFi_LVCMDQ_ERR_MAP_(vi, j) \ + REG32(VINTF##vi##_LVCMDQ_ERR_MAP_##j, 0x10c0 + j * 4 + vi * 0x100) \ + FIELD(VINTF##vi##_LVCMDQ_ERR_MAP_##j, LVCMDQ_ERR_MAP, 0, 32) + +SMMU_CMDQV_VINTFi_LVCMDQ_ERR_MAP_(0, 0) +/* MAP_1 and MAP_2 omitted; not referenced directly */ +SMMU_CMDQV_VINTFi_LVCMDQ_ERR_MAP_(0, 3) + +/* + * VCMDQ register windows. + * + * Page 0 @ 0x10000: VCMDQ control and status registers + * Page 1 @ 0x20000: VCMDQ base and DRAM address registers + */ +#define A_VCMDQi_CONS_INDX(i) \ + REG32(VCMDQ##i##_CONS_INDX, 0x10000 + i * 0x80) \ + FIELD(VCMDQ##i##_CONS_INDX, RD, 0, 20) \ + FIELD(VCMDQ##i##_CONS_INDX, ERR, 24, 7) + +A_VCMDQi_CONS_INDX(0) +A_VCMDQi_CONS_INDX(1) + +#define V_VCMDQ_CONS_INDX_ERR_CERROR_NONE 0 +#define V_VCMDQ_CONS_INDX_ERR_CERROR_ILL_OPCODE 1 +#define V_VCMDQ_CONS_INDX_ERR_CERROR_ABT 2 +#define V_VCMDQ_CONS_INDX_ERR_CERROR_ATC_INV_SYNC 3 +#define V_VCMDQ_CONS_INDX_ERR_CERROR_ILL_ACCESS 4 + +#define A_VCMDQi_PROD_INDX(i) \ + REG32(VCMDQ##i##_PROD_INDX, 0x10000 + 0x4 + i * 0x80) \ + FIELD(VCMDQ##i##_PROD_INDX, WR, 0, 20) + +A_VCMDQi_PROD_INDX(0) +A_VCMDQi_PROD_INDX(1) + +#define A_VCMDQi_CONFIG(i) \ + REG32(VCMDQ##i##_CONFIG, 0x10000 + 0x8 + i * 0x80) \ + FIELD(VCMDQ##i##_CONFIG, CMDQ_EN, 0, 1) + +A_VCMDQi_CONFIG(0) +A_VCMDQi_CONFIG(1) + +#define A_VCMDQi_STATUS(i) \ + REG32(VCMDQ##i##_STATUS, 0x10000 + 0xc + i * 0x80) \ + FIELD(VCMDQ##i##_STATUS, CMDQ_EN_OK, 0, 1) + +A_VCMDQi_STATUS(0) +A_VCMDQi_STATUS(1) + +#define A_VCMDQi_GERROR(i) \ + REG32(VCMDQ##i##_GERROR, 0x10000 + 0x10 + i * 0x80) \ + FIELD(VCMDQ##i##_GERROR, CMDQ_ERR, 0, 1) \ + FIELD(VCMDQ##i##_GERROR, CONS_DRAM_WR_ABT_ERR, 1, 1) \ + FIELD(VCMDQ##i##_GERROR, CMDQ_INIT_ERR, 2, 1) + +A_VCMDQi_GERROR(0) +A_VCMDQi_GERROR(1) + +#define A_VCMDQi_GERRORN(i) \ + REG32(VCMDQ##i##_GERRORN, 0x10000 + 0x14 + i * 0x80) \ + FIELD(VCMDQ##i##_GERRORN, CMDQ_ERR, 0, 1) \ + FIELD(VCMDQ##i##_GERRORN, CONS_DRAM_WR_ABT_ERR, 1, 1) \ + FIELD(VCMDQ##i##_GERRORN, CMDQ_INIT_ERR, 2, 1) + +A_VCMDQi_GERRORN(0) +A_VCMDQi_GERRORN(1) + +#define A_VCMDQi_BASE_L(i) \ + REG32(VCMDQ##i##_BASE_L, 0x20000 + i * 0x80) \ + FIELD(VCMDQ##i##_BASE_L, LOG2SIZE, 0, 5) \ + FIELD(VCMDQ##i##_BASE_L, ADDR, 5, 27) + +A_VCMDQi_BASE_L(0) +A_VCMDQi_BASE_L(1) + +#define A_VCMDQi_BASE_H(i) \ + REG32(VCMDQ##i##_BASE_H, 0x20000 + 0x4 + i * 0x80) \ + FIELD(VCMDQ##i##_BASE_H, ADDR, 0, 16) + +A_VCMDQi_BASE_H(0) +A_VCMDQi_BASE_H(1) + +#define A_VCMDQi_CONS_INDX_BASE_DRAM_L(i) \ + REG32(VCMDQ##i##_CONS_INDX_BASE_DRAM_L, 0x20000 + 0x8 + i * 0x80) \ + FIELD(VCMDQ##i##_CONS_INDX_BASE_DRAM_L, ADDR, 0, 32) + +A_VCMDQi_CONS_INDX_BASE_DRAM_L(0) +A_VCMDQi_CONS_INDX_BASE_DRAM_L(1) + +#define A_VCMDQi_CONS_INDX_BASE_DRAM_H(i) \ + REG32(VCMDQ##i##_CONS_INDX_BASE_DRAM_H, 0x20000 + 0xc + i * 0x80) \ + FIELD(VCMDQ##i##_CONS_INDX_BASE_DRAM_H, ADDR, 0, 16) + +A_VCMDQi_CONS_INDX_BASE_DRAM_H(0) +A_VCMDQi_CONS_INDX_BASE_DRAM_H(1) + +/* + * VI_VCMDQ register windows (VCMDQs mapped via VINTF). + * + * Page 0 @ 0x30000: VI_VCMDQ control and status registers + * Page 1 @ 0x40000: VI_VCMDQ base and DRAM address registers + */ +#define A_VI_VCMDQi_CONS_INDX(i) \ + REG32(VI_VCMDQ##i##_CONS_INDX, 0x30000 + i * 0x80) \ + FIELD(VI_VCMDQ##i##_CONS_INDX, RD, 0, 20) \ + FIELD(VI_VCMDQ##i##_CONS_INDX, ERR, 24, 7) + +A_VI_VCMDQi_CONS_INDX(0) +A_VI_VCMDQi_CONS_INDX(1) + +#define A_VI_VCMDQi_PROD_INDX(i) \ + REG32(VI_VCMDQ##i##_PROD_INDX, 0x30000 + 0x4 + i * 0x80) \ + FIELD(VI_VCMDQ##i##_PROD_INDX, WR, 0, 20) + +A_VI_VCMDQi_PROD_INDX(0) +A_VI_VCMDQi_PROD_INDX(1) + +#define A_VI_VCMDQi_CONFIG(i) \ + REG32(VI_VCMDQ##i##_CONFIG, 0x30000 + 0x8 + i * 0x80) \ + FIELD(VI_VCMDQ##i##_CONFIG, CMDQ_EN, 0, 1) + +A_VI_VCMDQi_CONFIG(0) +A_VI_VCMDQi_CONFIG(1) + +#define A_VI_VCMDQi_STATUS(i) \ + REG32(VI_VCMDQ##i##_STATUS, 0x30000 + 0xc + i * 0x80) \ + FIELD(VI_VCMDQ##i##_STATUS, CMDQ_EN_OK, 0, 1) + +A_VI_VCMDQi_STATUS(0) +A_VI_VCMDQi_STATUS(1) + +#define A_VI_VCMDQi_GERROR(i) \ + REG32(VI_VCMDQ##i##_GERROR, 0x30000 + 0x10 + i * 0x80) \ + FIELD(VI_VCMDQ##i##_GERROR, CMDQ_ERR, 0, 1) \ + FIELD(VI_VCMDQ##i##_GERROR, CONS_DRAM_WR_ABT_ERR, 1, 1) \ + FIELD(VI_VCMDQ##i##_GERROR, CMDQ_INIT_ERR, 2, 1) + +A_VI_VCMDQi_GERROR(0) +A_VI_VCMDQi_GERROR(1) + +#define A_VI_VCMDQi_GERRORN(i) \ + REG32(VI_VCMDQ##i##_GERRORN, 0x30000 + 0x14 + i * 0x80) \ + FIELD(VI_VCMDQ##i##_GERRORN, CMDQ_ERR, 0, 1) \ + FIELD(VI_VCMDQ##i##_GERRORN, CONS_DRAM_WR_ABT_ERR, 1, 1) \ + FIELD(VI_VCMDQ##i##_GERRORN, CMDQ_INIT_ERR, 2, 1) + +A_VI_VCMDQi_GERRORN(0) +A_VI_VCMDQi_GERRORN(1) + +#define A_VI_VCMDQi_BASE_L(i) \ + REG32(VI_VCMDQ##i##_BASE_L, 0x40000 + i * 0x80) \ + FIELD(VI_VCMDQ##i##_BASE_L, LOG2SIZE, 0, 5) \ + FIELD(VI_VCMDQ##i##_BASE_L, ADDR, 5, 27) + +A_VI_VCMDQi_BASE_L(0) +A_VI_VCMDQi_BASE_L(1) + +#define A_VI_VCMDQi_BASE_H(i) \ + REG32(VI_VCMDQ##i##_BASE_H, 0x40000 + 0x4 + i * 0x80) \ + FIELD(VI_VCMDQ##i##_BASE_H, ADDR, 0, 16) + +A_VI_VCMDQi_BASE_H(0) +A_VI_VCMDQi_BASE_H(1) + +#define A_VI_VCMDQi_CONS_INDX_BASE_DRAM_L(i) \ + REG32(VI_VCMDQ##i##_CONS_INDX_BASE_DRAM_L, 0x40000 + 0x8 + i * 0x80) \ + FIELD(VI_VCMDQ##i##_CONS_INDX_BASE_DRAM_L, ADDR, 0, 32) + +A_VI_VCMDQi_CONS_INDX_BASE_DRAM_L(0) +A_VI_VCMDQi_CONS_INDX_BASE_DRAM_L(1) + +#define A_VI_VCMDQi_CONS_INDX_BASE_DRAM_H(i) \ + REG32(VI_VCMDQ##i##_CONS_INDX_BASE_DRAM_H, 0x40000 + 0xc + i * 0x80) \ + FIELD(VI_VCMDQ##i##_CONS_INDX_BASE_DRAM_H, ADDR, 0, 16) + +A_VI_VCMDQi_CONS_INDX_BASE_DRAM_H(0) +A_VI_VCMDQi_CONS_INDX_BASE_DRAM_H(1) + +static inline bool tegra241_cmdq_enabled(Tegra241CMDQV *cmdqv) +{ + return cmdqv->status & R_STATUS_CMDQV_ENABLED_MASK; +} + +static inline bool tegra241_vintf_enabled(Tegra241CMDQV *cmdqv) +{ + return cmdqv->vintf_status & R_VINTF0_STATUS_ENABLE_OK_MASK; +} + +const SMMUv3AccelCmdqvOps *tegra241_cmdqv_get_ops(void); + +#endif /* HW_ARM_TEGRA241_CMDQV_H */ diff --git a/hw/arm/trace-events b/hw/arm/trace-events index 3457536fb09..e5e4e933249 100644 --- a/hw/arm/trace-events +++ b/hw/arm/trace-events @@ -9,6 +9,7 @@ omap1_lpg_led(const char *onoff) "omap1 LPG: LED is %s" # virt-acpi-build.c virt_acpi_setup(void) "No fw cfg or ACPI disabled. Bailing out." +virt_acpi_dsdt_tegra241_cmdqv(int smmu_id, uint64_t base, uint32_t irq) "DSDT: add cmdqv node for (id=%d), base=0x%" PRIx64 ", irq=%d" # smmu-common.c smmu_add_mr(const char *name) "%s" @@ -72,6 +73,12 @@ smmuv3_accel_unset_iommu_device(int devfn, uint32_t devid) "devfn=0x%x (idev dev smmuv3_accel_translate_ste(uint32_t vsid, uint32_t hwpt_id, uint64_t ste_1, uint64_t ste_0) "vSID=0x%x hwpt_id=0x%x ste=%"PRIx64":%"PRIx64 smmuv3_accel_install_ste(uint32_t vsid, const char * type, uint32_t hwpt_id) "vSID=0x%x ste type=%s hwpt_id=0x%x" +# tegra241-cmdqv +tegra241_cmdqv_read_mmio(uint64_t offset, uint64_t val, unsigned size) "offset: 0x%"PRIx64" val: 0x%"PRIx64" size: 0x%x" +tegra241_cmdqv_write_mmio(uint64_t offset, uint64_t val, unsigned size) "offset: 0x%"PRIx64" val: 0x%"PRIx64" size: 0x%x" +tegra241_cmdqv_err_map(uint32_t map3, uint32_t map2, uint32_t map1, uint32_t map0) "hw irq received. error (hex) maps: %04X:%04X:%04X:%04X" +tegra241_cmdqv_init_regs(uint32_t param) "hw info received. param: 0x%04X" + # strongarm.c strongarm_uart_update_parameters(const char *label, int speed, char parity, int data_bits, int stop_bits) "%s speed=%d parity=%c data=%d stop=%d" strongarm_ssp_read_underrun(void) "SSP rx underrun" diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c index 591cfc993c6..fbc793d06e5 100644 --- a/hw/arm/virt-acpi-build.c +++ b/hw/arm/virt-acpi-build.c @@ -65,6 +65,9 @@ #include "target/arm/cpu.h" #include "target/arm/multiprocessing.h" +#include "smmuv3-accel.h" +#include "tegra241-cmdqv.h" + #define ARM_SPI_BASE 32 #define ACPI_BUILD_TABLE_SIZE 0x20000 @@ -342,6 +345,7 @@ static int iort_idmap_compare(gconstpointer a, gconstpointer b) typedef struct AcpiIortSMMUv3Dev { int irq; hwaddr base; + uint8_t id; GArray *rc_smmu_idmaps; /* Offset of the SMMUv3 IORT Node relative to the start of the IORT */ size_t offset; @@ -385,49 +389,42 @@ static int smmuv3_dev_idmap_compare(gconstpointer a, gconstpointer b) return map_a->input_base - map_b->input_base; } -static int iort_smmuv3_devices(Object *obj, void *opaque) -{ - VirtMachineState *vms = VIRT_MACHINE(qdev_get_machine()); - AcpiIortSMMUv3Dev sdev = {0}; - GArray *sdev_blob = opaque; - AcpiIortIdMapping idmap; - PlatformBusDevice *pbus; - int min_bus, max_bus; - SysBusDevice *sbdev; - PCIBus *bus; - - if (!object_dynamic_cast(obj, TYPE_ARM_SMMUV3)) { - return 0; - } - - bus = PCI_BUS(object_property_get_link(obj, "primary-bus", &error_abort)); - sdev.accel = object_property_get_bool(obj, "accel", &error_abort); - sdev.ats = smmuv3_ats_enabled(ARM_SMMUV3(obj)); - pbus = PLATFORM_BUS_DEVICE(vms->platform_bus_dev); - sbdev = SYS_BUS_DEVICE(obj); - sdev.base = platform_bus_get_mmio_addr(pbus, sbdev, 0); - sdev.base += vms->memmap[VIRT_PLATFORM_BUS].base; - sdev.irq = platform_bus_get_irqn(pbus, sbdev, 0); - sdev.irq += vms->irqmap[VIRT_PLATFORM_BUS]; - sdev.irq += ARM_SPI_BASE; - - pci_bus_range(bus, &min_bus, &max_bus); - sdev.rc_smmu_idmaps = g_array_new(false, true, sizeof(AcpiIortIdMapping)); - idmap.input_base = min_bus << 8, - idmap.id_count = (max_bus - min_bus + 1) << 8, - g_array_append_val(sdev.rc_smmu_idmaps, idmap); - g_array_append_val(sdev_blob, sdev); - return 0; -} - /* * Populate the struct AcpiIortSMMUv3Dev for all SMMUv3 devices and * return the total number of idmaps. */ -static int populate_smmuv3_dev(GArray *sdev_blob) +static int populate_smmuv3_dev(VirtMachineState *vms, GArray *sdev_blob) { - object_child_foreach_recursive(object_get_root(), - iort_smmuv3_devices, sdev_blob); + for (int i = 0; i < vms->smmuv3_devices->len; i++) { + Object *obj = OBJECT(g_ptr_array_index(vms->smmuv3_devices, i)); + AcpiIortSMMUv3Dev sdev = {0}; + AcpiIortIdMapping idmap; + PlatformBusDevice *pbus; + int min_bus, max_bus; + SysBusDevice *sbdev; + PCIBus *bus; + + bus = PCI_BUS(object_property_get_link(obj, "primary-bus", + &error_abort)); + sdev.accel = object_property_get_bool(obj, "accel", &error_abort); + sdev.ats = smmuv3_ats_enabled(ARM_SMMUV3(obj)); + sdev.id = object_property_get_uint(obj, "identifier", &error_abort); + pbus = PLATFORM_BUS_DEVICE(vms->platform_bus_dev); + sbdev = SYS_BUS_DEVICE(obj); + sdev.base = platform_bus_get_mmio_addr(pbus, sbdev, 0); + sdev.base += vms->memmap[VIRT_PLATFORM_BUS].base; + sdev.irq = platform_bus_get_irqn(pbus, sbdev, 0); + sdev.irq += vms->irqmap[VIRT_PLATFORM_BUS]; + sdev.irq += ARM_SPI_BASE; + + pci_bus_range(bus, &min_bus, &max_bus); + sdev.rc_smmu_idmaps = g_array_new(false, true, + sizeof(AcpiIortIdMapping)); + idmap.input_base = min_bus << 8; + idmap.id_count = (max_bus - min_bus + 1) << 8; + g_array_append_val(sdev.rc_smmu_idmaps, idmap); + g_array_append_val(sdev_blob, sdev); + } /* Sort the smmuv3 devices(if any) by smmu idmap input_base */ g_array_sort(sdev_blob, smmuv3_dev_idmap_compare); /* @@ -561,7 +558,7 @@ build_iort(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms) if (vms->legacy_smmuv3_present) { rc_smmu_idmaps_len = populate_smmuv3_legacy_dev(smmuv3_devs); } else { - rc_smmu_idmaps_len = populate_smmuv3_dev(smmuv3_devs); + rc_smmu_idmaps_len = populate_smmuv3_dev(vms, smmuv3_devs); } num_smmus = smmuv3_devs->len; @@ -638,7 +635,8 @@ build_iort(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms) (ID_MAPPING_ENTRY_SIZE * smmu_mapping_count); build_append_int_noprefix(table_data, node_size, 2); /* Length */ build_append_int_noprefix(table_data, 4, 1); /* Revision */ - build_append_int_noprefix(table_data, id++, 4); /* Identifier */ + build_append_int_noprefix(table_data, sdev->id, 4); /* Identifier */ + id++; /* advance shared counter for RC/RMR node uniqueness */ /* Number of ID mappings */ build_append_int_noprefix(table_data, smmu_mapping_count, 4); /* Reference to ID Array */ @@ -1119,6 +1117,51 @@ static void build_fadt_rev6(GArray *table_data, BIOSLinker *linker, build_fadt(table_data, linker, &fadt, vms->oem_id, vms->oem_table_id); } +static void acpi_dsdt_add_tegra241_cmdqv(Aml *scope, VirtMachineState *vms) +{ + for (int i = 0; i < vms->smmuv3_devices->len; i++) { + Object *obj = OBJECT(g_ptr_array_index(vms->smmuv3_devices, i)); + PlatformBusDevice *pbus; + Aml *dev, *crs, *addr; + SysBusDevice *sbdev; + hwaddr base; + uint32_t id; + int irq; + + if (smmuv3_accel_cmdqv_type(obj) != SMMUV3_CMDQV_TEGRA241) { + continue; + } + id = object_property_get_uint(obj, "identifier", &error_abort); + pbus = PLATFORM_BUS_DEVICE(vms->platform_bus_dev); + sbdev = SYS_BUS_DEVICE(obj); + base = platform_bus_get_mmio_addr(pbus, sbdev, 1); + base += vms->memmap[VIRT_PLATFORM_BUS].base; + irq = platform_bus_get_irqn(pbus, sbdev, NUM_SMMU_IRQS); + irq += vms->irqmap[VIRT_PLATFORM_BUS]; + irq += ARM_SPI_BASE; + + dev = aml_device("CV%.02u", id); + aml_append(dev, aml_name_decl("_HID", aml_string("NVDA200C"))); + aml_append(dev, aml_name_decl("_UID", aml_int(id))); + aml_append(dev, aml_name_decl("_CCA", aml_int(1))); + + crs = aml_resource_template(); + addr = aml_qword_memory(AML_POS_DECODE, AML_MIN_FIXED, AML_MAX_FIXED, + AML_CACHEABLE, AML_READ_WRITE, 0x0, base, + base + TEGRA241_CMDQV_IO_LEN - 0x1, 0x0, + TEGRA241_CMDQV_IO_LEN); + aml_append(crs, addr); + aml_append(crs, aml_interrupt(AML_CONSUMER, AML_EDGE, + AML_ACTIVE_HIGH, AML_EXCLUSIVE, + (uint32_t *)&irq, 1)); + aml_append(dev, aml_name_decl("_CRS", crs)); + + aml_append(scope, dev); + + trace_virt_acpi_dsdt_tegra241_cmdqv(id, base, irq); + } +} + /* DSDT */ static void build_dsdt(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms) @@ -1183,6 +1226,10 @@ build_dsdt(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms) acpi_dsdt_add_tpm(scope, vms); #endif + if (!vms->legacy_smmuv3_present) { + acpi_dsdt_add_tegra241_cmdqv(scope, vms); + } + aml_append(dsdt, scope); pci0_scope = aml_scope("\\_SB.PCI0"); diff --git a/hw/arm/virt.c b/hw/arm/virt.c index ec0d8475ca4..d3698b85f3c 100644 --- a/hw/arm/virt.c +++ b/hw/arm/virt.c @@ -240,6 +240,9 @@ static MemMapEntry extended_memmap[] = { /* Any CXL Fixed memory windows come here */ }; +/* Counts SMMUv3 devices plugged; used to assign stable IORT identifiers */ +static uint8_t smmuv3_dev_id; + static const int a15irqmap[] = { [VIRT_UART0] = 1, [VIRT_RTC] = 2, @@ -1832,6 +1835,25 @@ static void virt_build_smbios(VirtMachineState *vms) } } +/* + * SMMUv3 devices with acceleration may enable CMDQV extensions + * after device realize. In that case, additional MMIO regions and + * IRQ lines may be registered but not yet mapped to the platform bus. + * + * Ensure all resources are linked to the platform bus before final + * machine setup. + */ + +static void virt_smmuv3_dev_link_cmdqv(VirtMachineState *vms) +{ + for (int i = 0; i < vms->smmuv3_devices->len; i++) { + DeviceState *dev = g_ptr_array_index(vms->smmuv3_devices, i); + + platform_bus_link_device(PLATFORM_BUS_DEVICE(vms->platform_bus_dev), + SYS_BUS_DEVICE(dev)); + } +} + static void virt_machine_done(Notifier *notifier, void *data) { @@ -1848,6 +1870,9 @@ void virt_machine_done(Notifier *notifier, void *data) if (vms->cxl_devices_state.is_enabled) { cxl_fmws_link_targets(&error_fatal); } + + virt_smmuv3_dev_link_cmdqv(vms); + /* * If the user provided a dtb, we assume the dynamic sysbus nodes * already are integrated there. This corresponds to a use case where @@ -3204,6 +3229,15 @@ static void virt_machine_device_pre_plug_cb(HotplugHandler *hotplug_dev, OBJECT(vms->sysmem), NULL); object_property_set_link(OBJECT(dev), "secure-memory", OBJECT(vms->secure_sysmem), NULL); + /* + * In build_iort(), the ITS node(id=0) precedes SMMUv3 nodes + * when present. Account for it so this SMMUv3's identifier + * is globally unique across all IORT nodes. + */ + uint8_t its_offset = (vms->msi_controller == VIRT_MSI_CTRL_ITS) + ? 1 : 0; + object_property_set_uint(OBJECT(dev), "identifier", + its_offset + smmuv3_dev_id++, NULL); } if (object_property_get_bool(OBJECT(dev), "accel", &error_abort)) { hwaddr db_start = 0; @@ -3261,6 +3295,7 @@ static void virt_machine_device_plug_cb(HotplugHandler *hotplug_dev, } create_smmuv3_dev_dtb(vms, dev, bus, errp); + g_ptr_array_add(vms->smmuv3_devices, dev); } } @@ -3697,6 +3732,8 @@ static void virt_instance_init(Object *obj) vms->oem_id = g_strndup(ACPI_BUILD_APPNAME6, 6); vms->oem_table_id = g_strndup(ACPI_BUILD_APPNAME8, 8); cxl_machine_init(obj, &vms->cxl_devices_state); + + vms->smmuv3_devices = g_ptr_array_new_with_free_func(NULL); } static const TypeInfo virt_machine_info = { diff --git a/hw/core/machine.c b/hw/core/machine.c index 0aa77a57e95..0ee75460356 100644 --- a/hw/core/machine.c +++ b/hw/core/machine.c @@ -37,6 +37,16 @@ #include "hw/virtio/virtio-iommu.h" #include "hw/acpi/generic_event_device.h" #include "qemu/audio.h" +#include "hw/arm/smmuv3.h" + +GlobalProperty hw_compat_11_0[] = { + { "chardev-vc", "encoding", "cp437" }, + { TYPE_ARM_SMMUV3, "ats", "off" }, + { TYPE_ARM_SMMUV3, "ril", "on" }, + { TYPE_ARM_SMMUV3, "ssidsize", "0" }, + { TYPE_ARM_SMMUV3, "oas", "44" }, +}; +const size_t hw_compat_11_0_len = G_N_ELEMENTS(hw_compat_11_0); GlobalProperty hw_compat_10_2[] = { { "scsi-block", "migrate-pr", "off" }, diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c index f395fa248c0..b784c5f10ae 100644 --- a/hw/i386/intel_iommu.c +++ b/hw/i386/intel_iommu.c @@ -4825,9 +4825,12 @@ static void vtd_dev_unset_iommu_device(PCIBus *bus, void *opaque, int devfn) static uint64_t vtd_get_viommu_flags(void *opaque) { IntelIOMMUState *s = opaque; - uint64_t flags; + uint64_t flags = 0; - flags = s->fsts ? VIOMMU_FLAG_WANT_NESTING_PARENT : 0; + if (s->fsts) { + flags = VIOMMU_FLAG_WANT_NESTING_PARENT | + VIOMMU_FLAG_WANT_NESTING_DIRTY_TRACKING; + } return flags; } diff --git a/hw/pci-host/gpex-acpi.c b/hw/pci-host/gpex-acpi.c index d9820f9b419..5cd1e885b7f 100644 --- a/hw/pci-host/gpex-acpi.c +++ b/hw/pci-host/gpex-acpi.c @@ -7,6 +7,7 @@ #include "hw/pci/pci_bridge.h" #include "hw/pci/pcie_host.h" #include "hw/acpi/cxl.h" +#include "hw/acpi/acpi_egm_memory.h" static void acpi_dsdt_add_pci_route_table(Aml *dev, uint32_t irq, Aml *scope, uint8_t bus_num) @@ -109,6 +110,9 @@ void acpi_dsdt_add_gpex(Aml *scope, struct GPEXConfig *cfg) CrsRangeEntry *entry; int i; + /* Reset GPU ID for each complete ACPI table build */ + acpi_egm_memory_reset_gpu_id(); + /* start to construct the tables for pxb */ crs_range_set_init(&crs_range_set); if (bus) { @@ -117,6 +121,8 @@ void acpi_dsdt_add_gpex(Aml *scope, struct GPEXConfig *cfg) uint8_t numa_node = pci_bus_numa_node(bus); uint32_t uid; bool is_cxl = pci_bus_is_cxl(bus); + int devfn; + Aml *brg; if (!pci_bus_is_root(bus)) { continue; @@ -171,6 +177,21 @@ void acpi_dsdt_add_gpex(Aml *scope, struct GPEXConfig *cfg) cfg->preserve_config); } + for (devfn = 0; devfn < ARRAY_SIZE(bus->devices); devfn++) { + /* ACPI spec: 1.0b: Table 6-2 _ADR Object Bus Types, PCI type */ + int adr = PCI_SLOT(devfn) << 16 | PCI_FUNC(devfn); + PCIDevice *pdev = bus->devices[devfn]; + + if (!pdev) { + continue; + } + + brg = aml_device("RP%.02X", devfn); + aml_append(brg, aml_name_decl("_ADR", aml_int(adr))); + build_acpi_egm_memory_dsdt(brg, bus_num + 1); + aml_append(dev, brg); + } + aml_append(scope, dev); } } @@ -246,6 +267,8 @@ void acpi_dsdt_add_gpex(Aml *scope, struct GPEXConfig *cfg) acpi_dsdt_add_host_bridge_methods(dev, cfg->pci_native_hotplug, cfg->preserve_config); + build_acpi_egm_memory_dsdt(dev, 0); + Aml *dev_res0 = aml_device("%s", "RES0"); aml_append(dev_res0, aml_name_decl("_HID", aml_string("PNP0C02"))); crs = aml_resource_template(); diff --git a/hw/vfio/device.c b/hw/vfio/device.c index 973fc35b59d..8f7ae919a55 100644 --- a/hw/vfio/device.c +++ b/hw/vfio/device.c @@ -522,6 +522,17 @@ void vfio_device_unprepare(VFIODevice *vbasedev) vbasedev->bcontainer = NULL; } +bool vfio_device_get_viommu_flags_want_nesting_dirty(VFIODevice *vbasedev) +{ + VFIOPCIDevice *vdev = vfio_pci_from_vfio_device(vbasedev); + + if (vdev) { + return !!(pci_device_get_viommu_flags(PCI_DEVICE(vdev)) & + VIOMMU_FLAG_WANT_NESTING_DIRTY_TRACKING); + } + return false; +} + bool vfio_device_get_viommu_flags_want_nesting(VFIODevice *vbasedev) { VFIOPCIDevice *vdev = vfio_pci_from_vfio_device(vbasedev); diff --git a/hw/vfio/iommufd.c b/hw/vfio/iommufd.c index 3e33dfbb356..14199f5ac49 100644 --- a/hw/vfio/iommufd.c +++ b/hw/vfio/iommufd.c @@ -352,7 +352,8 @@ static bool iommufd_cdev_autodomains_get(VFIODevice *vbasedev, ERRP_GUARD(); IOMMUFDBackend *iommufd = vbasedev->iommufd; VFIOContainer *bcontainer = VFIO_IOMMU(container); - uint32_t type, flags = 0; + bool viommu_nesting, viommu_nesting_dirty; + uint32_t type = IOMMU_HW_INFO_TYPE_DEFAULT, flags = 0; uint64_t hw_caps; VendorCaps caps; VFIOIOASHwpt *hwpt; @@ -405,8 +406,14 @@ static bool iommufd_cdev_autodomains_get(VFIODevice *vbasedev, return false; } + viommu_nesting = vfio_device_get_viommu_flags_want_nesting(vbasedev); + viommu_nesting_dirty = + vfio_device_get_viommu_flags_want_nesting_dirty(vbasedev); + if (hw_caps & IOMMU_HW_CAP_DIRTY_TRACKING) { - flags = IOMMU_HWPT_ALLOC_DIRTY_TRACKING; + if (!viommu_nesting || viommu_nesting_dirty) { + flags |= IOMMU_HWPT_ALLOC_DIRTY_TRACKING; + } } /* @@ -414,7 +421,7 @@ static bool iommufd_cdev_autodomains_get(VFIODevice *vbasedev, * force to create it so that it could be reused by vIOMMU to create * nested HWPT. */ - if (vfio_device_get_viommu_flags_want_nesting(vbasedev)) { + if (viommu_nesting) { flags |= IOMMU_HWPT_ALLOC_NEST_PARENT; if (vfio_device_get_host_iommu_quirk_bypass_ro(vbasedev, type, @@ -941,7 +948,7 @@ static bool hiod_iommufd_vfio_realize(HostIOMMUDevice *hiod, void *opaque, HostIOMMUDeviceIOMMUFD *idev; HostIOMMUDeviceCaps *caps = &hiod->caps; VendorCaps *vendor_caps = &caps->vendor_caps; - enum iommu_hw_info_type type; + uint32_t type = IOMMU_HW_INFO_TYPE_DEFAULT; uint8_t max_pasid_log2; uint64_t hw_caps; diff --git a/hw/vfio/listener.c b/hw/vfio/listener.c index 960da9e0a93..32d33a740ae 100644 --- a/hw/vfio/listener.c +++ b/hw/vfio/listener.c @@ -614,6 +614,11 @@ void vfio_container_region_add(VFIOContainer *bcontainer, } } + if (memory_region_is_ram_device(section->mr) && + section->mr->ram_device_skip_iommu_map) { + return; + } + ret = vfio_container_dma_map(bcontainer, iova, int128_get64(llsize), vaddr, section->readonly, section->mr); if (ret) { diff --git a/include/hw/acpi/acpi_egm_memory.h b/include/hw/acpi/acpi_egm_memory.h new file mode 100644 index 00000000000..d225a62f50b --- /dev/null +++ b/include/hw/acpi/acpi_egm_memory.h @@ -0,0 +1,25 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Copyright (c) 2024, NVIDIA CORPORATION & AFFILIATES. All rights reserved + */ + +#ifndef ACPI_EGM_MEMORY_H +#define ACPI_EGM_MEMORY_H + +#include "qom/object_interfaces.h" + +#define TYPE_ACPI_EGM_MEMORY "acpi-egm-memory" + +typedef struct AcpiEgmMemory { + /* private */ + Object parent; + + /* public */ + char *pci_dev; + uint16_t node; +} AcpiEgmMemory; + +void build_acpi_egm_memory_dsdt(Aml *dev, int bus); +void acpi_egm_memory_reset_gpu_id(void); + +#endif diff --git a/include/hw/arm/smmuv3.h b/include/hw/arm/smmuv3.h index 82f18eb0907..0fce5646192 100644 --- a/include/hw/arm/smmuv3.h +++ b/include/hw/arm/smmuv3.h @@ -64,6 +64,7 @@ struct SMMUv3State { qemu_irq irq[4]; QemuMutex mutex; char *stage; + uint8_t identifier; /* SMMU has HW accelerator support for nested S1 + s2 */ bool accel; @@ -74,6 +75,10 @@ struct SMMUv3State { OnOffAuto ats; OasMode oas; SsidSizeMode ssidsize; + /* SMMU CMDQV extension */ + OnOffAuto cmdqv; + + Notifier machine_done; }; typedef enum { diff --git a/include/hw/arm/virt.h b/include/hw/arm/virt.h index 5fcbd1c76f2..a840a97de83 100644 --- a/include/hw/arm/virt.h +++ b/include/hw/arm/virt.h @@ -187,6 +187,7 @@ struct VirtMachineState { MemoryRegion *sysmem; MemoryRegion *secure_sysmem; bool pci_preserve_config; + GPtrArray *smmuv3_devices; }; #define VIRT_ECAM_ID(high) (high ? VIRT_HIGH_PCIE_ECAM : VIRT_PCIE_ECAM) diff --git a/include/hw/core/boards.h b/include/hw/core/boards.h index b8dad0a1074..db83fe92922 100644 --- a/include/hw/core/boards.h +++ b/include/hw/core/boards.h @@ -798,6 +798,9 @@ struct MachineState { } \ } while (0) +extern GlobalProperty hw_compat_11_0[]; +extern const size_t hw_compat_11_0_len; + extern GlobalProperty hw_compat_10_2[]; extern const size_t hw_compat_10_2_len; diff --git a/include/hw/core/iommu.h b/include/hw/core/iommu.h index 86af315c153..cd59a367ceb 100644 --- a/include/hw/core/iommu.h +++ b/include/hw/core/iommu.h @@ -21,6 +21,8 @@ enum viommu_flags { /* vIOMMU needs nesting parent HWPT to create nested HWPT */ VIOMMU_FLAG_WANT_NESTING_PARENT = BIT_ULL(0), VIOMMU_FLAG_PASID_SUPPORTED = BIT_ULL(1), + /* vIOMMU needs dirty tracking on the nesting parent HWPT for nested use */ + VIOMMU_FLAG_WANT_NESTING_DIRTY_TRACKING = BIT_ULL(2), }; /* Host IOMMU quirks. Extracted from host IOMMU capabilities */ diff --git a/include/hw/vfio/vfio-device.h b/include/hw/vfio/vfio-device.h index 828a31c006e..a95c5bf5030 100644 --- a/include/hw/vfio/vfio-device.h +++ b/include/hw/vfio/vfio-device.h @@ -268,6 +268,7 @@ void vfio_device_prepare(VFIODevice *vbasedev, VFIOContainer *bcontainer, void vfio_device_unprepare(VFIODevice *vbasedev); bool vfio_device_get_viommu_flags_want_nesting(VFIODevice *vbasedev); +bool vfio_device_get_viommu_flags_want_nesting_dirty(VFIODevice *vbasedev); bool vfio_device_get_host_iommu_quirk_bypass_ro(VFIODevice *vbasedev, uint32_t type, void *caps, uint32_t size); diff --git a/include/system/iommufd.h b/include/system/iommufd.h index 7062944fe61..b6599521b86 100644 --- a/include/system/iommufd.h +++ b/include/system/iommufd.h @@ -58,13 +58,18 @@ typedef struct IOMMUFDVdev { /* Virtual event queue interface for a vIOMMU */ typedef struct IOMMUFDVeventq { - IOMMUFDViommu *viommu; uint32_t veventq_id; uint32_t veventq_fd; uint32_t last_event_seq; /* Sequence number of last processed event */ bool event_start; /* True after first valid event; cleared on overflow */ } IOMMUFDVeventq; +/* HW queue object for a vIOMMU-specific HW-accelerated queue */ +typedef struct IOMMUFDHWqueue { + IOMMUFDViommu *viommu; + uint32_t hw_queue_id; +} IOMMUFDHWqueue; + bool iommufd_backend_connect(IOMMUFDBackend *be, Error **errp); void iommufd_backend_disconnect(IOMMUFDBackend *be); @@ -89,6 +94,7 @@ bool iommufd_backend_alloc_hwpt(IOMMUFDBackend *be, uint32_t dev_id, Error **errp); bool iommufd_backend_alloc_viommu(IOMMUFDBackend *be, uint32_t dev_id, uint32_t viommu_type, uint32_t hwpt_id, + void *data_ptr, uint32_t data_len, uint32_t *out_hwpt, Error **errp); bool iommufd_backend_alloc_vdev(IOMMUFDBackend *be, uint32_t dev_id, @@ -100,6 +106,15 @@ bool iommufd_backend_alloc_veventq(IOMMUFDBackend *be, uint32_t viommu_id, uint32_t *out_veventq_id, uint32_t *out_veventq_fd, Error **errp); +bool iommufd_backend_alloc_hw_queue(IOMMUFDBackend *be, uint32_t viommu_id, + uint32_t queue_type, uint32_t index, + uint64_t addr, uint64_t length, + uint32_t *out_hw_queue_id, Error **errp); + +bool iommufd_backend_viommu_mmap(IOMMUFDBackend *be, uint32_t viommu_id, + uint64_t size, off_t offset, void **out_ptr, + Error **errp); + bool iommufd_backend_set_dirty_tracking(IOMMUFDBackend *be, uint32_t hwpt_id, bool start, Error **errp); bool iommufd_backend_get_dirty_bitmap(IOMMUFDBackend *be, uint32_t hwpt_id, diff --git a/include/system/memory.h b/include/system/memory.h index d7b18b632d5..9df15e833af 100644 --- a/include/system/memory.h +++ b/include/system/memory.h @@ -864,6 +864,8 @@ struct MemoryRegion { /* For devices designed to perform re-entrant IO into their own IO MRs */ bool disable_reentrancy_guard; + /* RAM device region that does not require IOMMU mapping for P2P */ + bool ram_device_skip_iommu_map; }; struct IOMMUMemoryRegion { @@ -2841,6 +2843,16 @@ bool address_space_access_valid(AddressSpace *as, hwaddr addr, hwaddr len, */ bool address_space_is_io(AddressSpace *as, hwaddr addr); +/** + * address_space_is_ram: check whether a guest physical address whithin + * an address space is RAM. + * + * @as: #AddressSpace to be accessed + * @addr: address within that address space + */ + +bool address_space_is_ram(AddressSpace *as, hwaddr addr); + /* address_space_map: map a physical memory region into a host virtual address * * May map a subset of the requested range, given by and returned in @plen. diff --git a/linux-headers/linux/egm.h b/linux-headers/linux/egm.h new file mode 100644 index 00000000000..aed9c528bd5 --- /dev/null +++ b/linux-headers/linux/egm.h @@ -0,0 +1,20 @@ +#ifndef EGM_H +#define EGM_H + +#define EGM_TYPE ('E') + +struct egm_bad_pages_info { + __aligned_u64 offset; + __aligned_u64 size; +}; + +struct egm_bad_pages_list { + __u32 argsz; + /* out */ + __u32 count; + /* out */ + struct egm_bad_pages_info bad_pages[]; +}; +#define EGM_BAD_PAGES_LIST _IO(EGM_TYPE, 100) + +#endif /* EGM_H */ diff --git a/pc-bios/dtb/meson.build b/pc-bios/dtb/meson.build index 81bdd7580e0..975cf796cb6 100644 --- a/pc-bios/dtb/meson.build +++ b/pc-bios/dtb/meson.build @@ -7,7 +7,7 @@ dtbs = [ 'petalogix-s3adsp1800.dtb', ] -dtc = find_program('dtc', required: false) +dtc = disabler() # Force use of pre-built DTB files if dtc.found() foreach out : dtbs f = fs.replace_suffix(out, '.dts') diff --git a/qapi/qom.json b/qapi/qom.json index c653248f85d..b86eef19c5f 100644 --- a/qapi/qom.json +++ b/qapi/qom.json @@ -877,6 +877,21 @@ { 'struct': 'IOMMUFDProperties', 'data': { '*fd': 'str' } } +## +# @AcpiEgmMemoryProperties: +# +# Properties for acpi-egm-memory objects. +# +# @pci-dev: PCI device ID to be associated with the node +# +# @node: NUMA node associated with the PCI device +# +# Since: 9.0 +## +{ 'struct': 'AcpiEgmMemoryProperties', + 'data': { 'pci-dev': 'str', + 'node': 'uint32' } } + ## # @AcpiGenericInitiatorProperties: # @@ -1191,6 +1206,7 @@ ## { 'enum': 'ObjectType', 'data': [ + 'acpi-egm-memory', 'acpi-generic-initiator', 'acpi-generic-port', 'authz-list', @@ -1270,6 +1286,7 @@ 'id': 'str' }, 'discriminator': 'qom-type', 'data': { + 'acpi-egm-memory': 'AcpiEgmMemoryProperties', 'acpi-generic-initiator': 'AcpiGenericInitiatorProperties', 'acpi-generic-port': 'AcpiGenericPortProperties', 'authz-list': 'AuthZListProperties', diff --git a/qemu-options.hx b/qemu-options.hx index 21972f83268..1b56493f110 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -1291,30 +1291,43 @@ SRST Enabling accel configures the host SMMUv3 in nested mode to support vfio-pci passthrough. - The following options are available when accel=on. - Note: 'auto' mode is not currently supported. + The following options will be set to auto by default if not manually + set. When accel=on and these properties are set to auto, the value is + derived from the host SMMUv3 capabilities via IOMMU_GET_HW_INFO. With + accel=on, this requires at least one cold-plugged vfio-pci device; if + none is present at machine init, QEMU will abort. - ``ril=on|off`` (default: on) + If accel=off, auto values resolve to the non-accel defaults given below. + + ``ril=on|off|auto`` (default: auto) Support for Range Invalidation, which allows the SMMUv3 driver to invalidate TLB entries for a range of IOVAs at once instead of issuing separate commands to invalidate each page. Must match with host SMMUv3 Range Invalidation support. + - With accel=on, auto means the value is automatically derived from the host SMMU. + - With accel=off, auto is resolved to 'on'. - ``ats=on|off`` (default: off) + ``ats=on|off|auto`` (default: auto) Support for Address Translation Services, which enables PCIe devices to cache address translations in their local TLB and reduce latency. Host SMMUv3 must support ATS in order to enable this feature for the vIOMMU. + - With accel=on, auto means the value is automatically derived from the host SMMU. + - With accel=off, auto is resolved to 'off'. - ``oas=val`` (supported values are 44 and 48. default: 44) + ``oas=val|auto`` (supported values are 44 and 48. default: auto) Sets the Output Address Size in bits. The value set here must be less than or equal to the host SMMUv3's supported OAS, so that the intermediate physical addresses (IPA) consumed by host SMMU for stage-2 translation do not exceed the host's max supported IPA size. + - With accel=on, auto means the value is automatically derived from the host SMMU. + - With accel=off, auto is resolved to 44. - ``ssidsize=val`` (val between 0 and 20. default: 0) + ``ssidsize=val|auto`` (val between 0 and 20. default: auto) Sets the Substream ID size in bits. When set to a non-zero value, PASID capability is advertised to the vIOMMU and accelerated use cases such as Shared Virtual Addressing (SVA) are supported. + - With accel=on, auto means the value is automatically derived from the host SMMU. + - With accel=off, auto is resolved to 0. ``-device amd-iommu[,option=...]`` Enables emulation of an AMD-Vi I/O Memory Management Unit (IOMMU). diff --git a/system/physmem.c b/system/physmem.c index 4e26f1a1d42..b67dde80fbc 100644 --- a/system/physmem.c +++ b/system/physmem.c @@ -3674,6 +3674,17 @@ bool address_space_is_io(AddressSpace *as, hwaddr addr) return !(memory_region_is_ram(mr) || memory_region_is_romd(mr)); } +bool address_space_is_ram(AddressSpace *as, hwaddr addr) +{ + MemoryRegion *mr; + + RCU_READ_LOCK_GUARD(); + mr = address_space_translate(as, addr, &addr, NULL, false, + MEMTXATTRS_UNSPECIFIED); + + return memory_region_is_ram(mr); +} + static hwaddr flatview_extend_translation(FlatView *fv, hwaddr addr, hwaddr target_len,