[arch-commits] Commit in qemu/repos (8 files)
Sébastien Luttringer
seblu at archlinux.org
Mon Aug 3 11:07:53 UTC 2015
Date: Monday, August 3, 2015 @ 13:07:53
Author: seblu
Revision: 242953
archrelease: copy trunk to testing-x86_64
Added:
qemu/repos/testing-x86_64/
qemu/repos/testing-x86_64/65-kvm.rules
(from rev 242952, qemu/trunk/65-kvm.rules)
qemu/repos/testing-x86_64/CVE-2015-3214.patch
(from rev 242952, qemu/trunk/CVE-2015-3214.patch)
qemu/repos/testing-x86_64/CVE-2015-3456.patch
(from rev 242952, qemu/trunk/CVE-2015-3456.patch)
qemu/repos/testing-x86_64/CVE-2015-5154.patch
(from rev 242952, qemu/trunk/CVE-2015-5154.patch)
qemu/repos/testing-x86_64/CVE-2015-5158.patch
(from rev 242952, qemu/trunk/CVE-2015-5158.patch)
qemu/repos/testing-x86_64/PKGBUILD
(from rev 242952, qemu/trunk/PKGBUILD)
qemu/repos/testing-x86_64/qemu.install
(from rev 242952, qemu/trunk/qemu.install)
---------------------+
65-kvm.rules | 2
CVE-2015-3214.patch | 40 +++++++++++
CVE-2015-3456.patch | 84 ++++++++++++++++++++++++
CVE-2015-5154.patch | 175 ++++++++++++++++++++++++++++++++++++++++++++++++++
CVE-2015-5158.patch | 46 +++++++++++++
PKGBUILD | 155 ++++++++++++++++++++++++++++++++++++++++++++
qemu.install | 24 ++++++
7 files changed, 526 insertions(+)
Copied: qemu/repos/testing-x86_64/65-kvm.rules (from rev 242952, qemu/trunk/65-kvm.rules)
===================================================================
--- testing-x86_64/65-kvm.rules (rev 0)
+++ testing-x86_64/65-kvm.rules 2015-08-03 11:07:53 UTC (rev 242953)
@@ -0,0 +1,2 @@
+KERNEL=="kvm", GROUP="kvm", MODE="0660"
+KERNEL=="vhost-net", GROUP="kvm", MODE="0660", TAG+="uaccess", OPTIONS+="static_node=vhost-net"
Copied: qemu/repos/testing-x86_64/CVE-2015-3214.patch (from rev 242952, qemu/trunk/CVE-2015-3214.patch)
===================================================================
--- testing-x86_64/CVE-2015-3214.patch (rev 0)
+++ testing-x86_64/CVE-2015-3214.patch 2015-08-03 11:07:53 UTC (rev 242953)
@@ -0,0 +1,40 @@
+From 7d08e1fae6150a3c0867dba6f75cf00946b3163c Mon Sep 17 00:00:00 2001
+From: Petr Matousek <pmatouse at redhat.com>
+Date: Tue, 2 Jun 2015 14:32:06 +0200
+Subject: [PATCH] i8254: fix out-of-bounds memory access in pit_ioport_read()
+
+Due converting PIO to the new memory read/write api we no longer provide
+separate I/O region lenghts for read and write operations. As a result,
+reading from PIT Mode/Command register will end with accessing
+pit->channels with invalid index.
+
+Fix this by ignoring read from the Mode/Command register.
+
+This is CVE-2015-3214.
+
+Signed-off-by: Petr Matousek <pmatouse at redhat.com>
+Reported-by: Matt Tait <matttait at google.com>
+---
+ hw/timer/i8254.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/hw/timer/i8254.c b/hw/timer/i8254.c
+index 3450c98..9b65a33 100644
+--- a/hw/timer/i8254.c
++++ b/hw/timer/i8254.c
+@@ -196,6 +196,12 @@ static uint64_t pit_ioport_read(void *opaque, hwaddr addr,
+ PITChannelState *s;
+
+ addr &= 3;
++
++ if (addr == 3) {
++ /* Mode/Command register is write only, read is ignored */
++ return 0;
++ }
++
+ s = &pit->channels[addr];
+ if (s->status_latched) {
+ s->status_latched = 0;
+--
+2.1.0
+
Copied: qemu/repos/testing-x86_64/CVE-2015-3456.patch (from rev 242952, qemu/trunk/CVE-2015-3456.patch)
===================================================================
--- testing-x86_64/CVE-2015-3456.patch (rev 0)
+++ testing-x86_64/CVE-2015-3456.patch 2015-08-03 11:07:53 UTC (rev 242953)
@@ -0,0 +1,84 @@
+From e907746266721f305d67bc0718795fedee2e824c Mon Sep 17 00:00:00 2001
+From: Petr Matousek <pmatouse at redhat.com>
+Date: Wed, 6 May 2015 09:48:59 +0200
+Subject: [PATCH] fdc: force the fifo access to be in bounds of the allocated buffer
+
+During processing of certain commands such as FD_CMD_READ_ID and
+FD_CMD_DRIVE_SPECIFICATION_COMMAND the fifo memory access could
+get out of bounds leading to memory corruption with values coming
+from the guest.
+
+Fix this by making sure that the index is always bounded by the
+allocated memory.
+
+This is CVE-2015-3456.
+
+Signed-off-by: Petr Matousek <pmatouse at redhat.com>
+Reviewed-by: John Snow <jsnow at redhat.com>
+Signed-off-by: John Snow <jsnow at redhat.com>
+---
+ hw/block/fdc.c | 17 +++++++++++------
+ 1 files changed, 11 insertions(+), 6 deletions(-)
+
+diff --git a/hw/block/fdc.c b/hw/block/fdc.c
+index f72a392..d8a8edd 100644
+--- a/hw/block/fdc.c
++++ b/hw/block/fdc.c
+@@ -1497,7 +1497,7 @@ static uint32_t fdctrl_read_data(FDCtrl *fdctrl)
+ {
+ FDrive *cur_drv;
+ uint32_t retval = 0;
+- int pos;
++ uint32_t pos;
+
+ cur_drv = get_cur_drv(fdctrl);
+ fdctrl->dsr &= ~FD_DSR_PWRDOWN;
+@@ -1506,8 +1506,8 @@ static uint32_t fdctrl_read_data(FDCtrl *fdctrl)
+ return 0;
+ }
+ pos = fdctrl->data_pos;
++ pos %= FD_SECTOR_LEN;
+ if (fdctrl->msr & FD_MSR_NONDMA) {
+- pos %= FD_SECTOR_LEN;
+ if (pos == 0) {
+ if (fdctrl->data_pos != 0)
+ if (!fdctrl_seek_to_next_sect(fdctrl, cur_drv)) {
+@@ -1852,10 +1852,13 @@ static void fdctrl_handle_option(FDCtrl *fdctrl, int direction)
+ static void fdctrl_handle_drive_specification_command(FDCtrl *fdctrl, int direction)
+ {
+ FDrive *cur_drv = get_cur_drv(fdctrl);
++ uint32_t pos;
+
+- if (fdctrl->fifo[fdctrl->data_pos - 1] & 0x80) {
++ pos = fdctrl->data_pos - 1;
++ pos %= FD_SECTOR_LEN;
++ if (fdctrl->fifo[pos] & 0x80) {
+ /* Command parameters done */
+- if (fdctrl->fifo[fdctrl->data_pos - 1] & 0x40) {
++ if (fdctrl->fifo[pos] & 0x40) {
+ fdctrl->fifo[0] = fdctrl->fifo[1];
+ fdctrl->fifo[2] = 0;
+ fdctrl->fifo[3] = 0;
+@@ -1955,7 +1958,7 @@ static uint8_t command_to_handler[256];
+ static void fdctrl_write_data(FDCtrl *fdctrl, uint32_t value)
+ {
+ FDrive *cur_drv;
+- int pos;
++ uint32_t pos;
+
+ /* Reset mode */
+ if (!(fdctrl->dor & FD_DOR_nRESET)) {
+@@ -2004,7 +2007,9 @@ static void fdctrl_write_data(FDCtrl *fdctrl, uint32_t value)
+ }
+
+ FLOPPY_DPRINTF("%s: %02x\n", __func__, value);
+- fdctrl->fifo[fdctrl->data_pos++] = value;
++ pos = fdctrl->data_pos++;
++ pos %= FD_SECTOR_LEN;
++ fdctrl->fifo[pos] = value;
+ if (fdctrl->data_pos == fdctrl->data_len) {
+ /* We now have all parameters
+ * and will be able to treat the command
+--
+1.7.0.4
+
Copied: qemu/repos/testing-x86_64/CVE-2015-5154.patch (from rev 242952, qemu/trunk/CVE-2015-5154.patch)
===================================================================
--- testing-x86_64/CVE-2015-5154.patch (rev 0)
+++ testing-x86_64/CVE-2015-5154.patch 2015-08-03 11:07:53 UTC (rev 242953)
@@ -0,0 +1,175 @@
+From a9de14175548c04e0f8be7fae219246509ba46a9 Mon Sep 17 00:00:00 2001
+From: Kevin Wolf <kwolf at redhat.com>
+Date: Wed, 3 Jun 2015 14:13:31 +0200
+Subject: [PATCH 1/3] ide: Check array bounds before writing to io_buffer
+ (CVE-2015-5154)
+
+If the end_transfer_func of a command is called because enough data has
+been read or written for the current PIO transfer, and it fails to
+correctly call the command completion functions, the DRQ bit in the
+status register and s->end_transfer_func may remain set. This allows the
+guest to access further bytes in s->io_buffer beyond s->data_end, and
+eventually overflowing the io_buffer.
+
+One case where this currently happens is emulation of the ATAPI command
+START STOP UNIT.
+
+This patch fixes the problem by adding explicit array bounds checks
+before accessing the buffer instead of relying on end_transfer_func to
+function correctly.
+
+Cc: qemu-stable at nongnu.org
+Signed-off-by: Kevin Wolf <kwolf at redhat.com>
+---
+ hw/ide/core.c | 16 ++++++++++++++++
+ 1 file changed, 16 insertions(+)
+
+diff --git a/hw/ide/core.c b/hw/ide/core.c
+index 122e955..44fcc23 100644
+--- a/hw/ide/core.c
++++ b/hw/ide/core.c
+@@ -2021,6 +2021,10 @@ void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
+ }
+
+ p = s->data_ptr;
++ if (p + 2 > s->data_end) {
++ return;
++ }
++
+ *(uint16_t *)p = le16_to_cpu(val);
+ p += 2;
+ s->data_ptr = p;
+@@ -2042,6 +2046,10 @@ uint32_t ide_data_readw(void *opaque, uint32_t addr)
+ }
+
+ p = s->data_ptr;
++ if (p + 2 > s->data_end) {
++ return 0;
++ }
++
+ ret = cpu_to_le16(*(uint16_t *)p);
+ p += 2;
+ s->data_ptr = p;
+@@ -2063,6 +2071,10 @@ void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
+ }
+
+ p = s->data_ptr;
++ if (p + 4 > s->data_end) {
++ return;
++ }
++
+ *(uint32_t *)p = le32_to_cpu(val);
+ p += 4;
+ s->data_ptr = p;
+@@ -2084,6 +2096,10 @@ uint32_t ide_data_readl(void *opaque, uint32_t addr)
+ }
+
+ p = s->data_ptr;
++ if (p + 4 > s->data_end) {
++ return 0;
++ }
++
+ ret = cpu_to_le32(*(uint32_t *)p);
+ p += 4;
+ s->data_ptr = p;
+--
+1.8.3.1
+From aa851d30acfbb9580098ac1dc82885530cb8b3c1 Mon Sep 17 00:00:00 2001
+From: Kevin Wolf <kwolf at redhat.com>
+Date: Wed, 3 Jun 2015 14:17:46 +0200
+Subject: [PATCH 2/3] ide/atapi: Fix START STOP UNIT command completion
+
+The command must be completed on all code paths. START STOP UNIT with
+pwrcnd set should succeed without doing anything.
+
+Signed-off-by: Kevin Wolf <kwolf at redhat.com>
+---
+ hw/ide/atapi.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/hw/ide/atapi.c b/hw/ide/atapi.c
+index 950e311..79dd167 100644
+--- a/hw/ide/atapi.c
++++ b/hw/ide/atapi.c
+@@ -983,6 +983,7 @@ static void cmd_start_stop_unit(IDEState *s, uint8_t* buf)
+
+ if (pwrcnd) {
+ /* eject/load only happens for power condition == 0 */
++ ide_atapi_cmd_ok(s);
+ return;
+ }
+
+--
+1.8.3.1
+
+From 1d3c2268f8708126a34064c2e0c1000b40e6f3e5 Mon Sep 17 00:00:00 2001
+From: Kevin Wolf <kwolf at redhat.com>
+Date: Wed, 3 Jun 2015 14:41:27 +0200
+Subject: [PATCH 3/3] ide: Clear DRQ after handling all expected accesses
+
+This is additional hardening against an end_transfer_func that fails to
+clear the DRQ status bit. The bit must be unset as soon as the PIO
+transfer has completed, so it's better to do this in a central place
+instead of duplicating the code in all commands (and forgetting it in
+some).
+
+Signed-off-by: Kevin Wolf <kwolf at redhat.com>
+---
+ hw/ide/core.c | 16 ++++++++++++----
+ 1 file changed, 12 insertions(+), 4 deletions(-)
+
+diff --git a/hw/ide/core.c b/hw/ide/core.c
+index 44fcc23..50449ca 100644
+--- a/hw/ide/core.c
++++ b/hw/ide/core.c
+@@ -2028,8 +2028,10 @@ void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
+ *(uint16_t *)p = le16_to_cpu(val);
+ p += 2;
+ s->data_ptr = p;
+- if (p >= s->data_end)
++ if (p >= s->data_end) {
++ s->status &= ~DRQ_STAT;
+ s->end_transfer_func(s);
++ }
+ }
+
+ uint32_t ide_data_readw(void *opaque, uint32_t addr)
+@@ -2053,8 +2055,10 @@ uint32_t ide_data_readw(void *opaque, uint32_t addr)
+ ret = cpu_to_le16(*(uint16_t *)p);
+ p += 2;
+ s->data_ptr = p;
+- if (p >= s->data_end)
++ if (p >= s->data_end) {
++ s->status &= ~DRQ_STAT;
+ s->end_transfer_func(s);
++ }
+ return ret;
+ }
+
+@@ -2078,8 +2082,10 @@ void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
+ *(uint32_t *)p = le32_to_cpu(val);
+ p += 4;
+ s->data_ptr = p;
+- if (p >= s->data_end)
++ if (p >= s->data_end) {
++ s->status &= ~DRQ_STAT;
+ s->end_transfer_func(s);
++ }
+ }
+
+ uint32_t ide_data_readl(void *opaque, uint32_t addr)
+@@ -2103,8 +2109,10 @@ uint32_t ide_data_readl(void *opaque, uint32_t addr)
+ ret = cpu_to_le32(*(uint32_t *)p);
+ p += 4;
+ s->data_ptr = p;
+- if (p >= s->data_end)
++ if (p >= s->data_end) {
++ s->status &= ~DRQ_STAT;
+ s->end_transfer_func(s);
++ }
+ return ret;
+ }
+
+--
+1.8.3.1
+
Copied: qemu/repos/testing-x86_64/CVE-2015-5158.patch (from rev 242952, qemu/trunk/CVE-2015-5158.patch)
===================================================================
--- testing-x86_64/CVE-2015-5158.patch (rev 0)
+++ testing-x86_64/CVE-2015-5158.patch 2015-08-03 11:07:53 UTC (rev 242953)
@@ -0,0 +1,46 @@
+From c170aad8b057223b1139d72e5ce7acceafab4fa9 Mon Sep 17 00:00:00 2001
+From: Paolo Bonzini <pbonzini at redhat.com>
+Date: Tue, 21 Jul 2015 08:59:39 +0200
+Subject: [PATCH] scsi: fix buffer overflow in scsi_req_parse_cdb
+ (CVE-2015-5158)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This is a guest-triggerable buffer overflow present in QEMU 2.2.0
+and newer. scsi_cdb_length returns -1 as an error value, but the
+caller does not check it.
+
+Luckily, the massive overflow means that QEMU will just SIGSEGV,
+making the impact much smaller.
+
+Reported-by: Zhu Donghai (朱东海) <donghai.zdh at alibaba-inc.com>
+Fixes: 1894df02811f6b79ea3ffbf1084599d96f316173
+Reviewed-by: Fam Zheng <famz at redhat.com>
+Cc: qemu-stable at nongnu.org
+Signed-off-by: Paolo Bonzini <pbonzini at redhat.com>
+---
+ hw/scsi/scsi-bus.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/hw/scsi/scsi-bus.c b/hw/scsi/scsi-bus.c
+index f50b2f0..f0ae462 100644
+--- a/hw/scsi/scsi-bus.c
++++ b/hw/scsi/scsi-bus.c
+@@ -1239,10 +1239,15 @@ int scsi_cdb_length(uint8_t *buf) {
+ int scsi_req_parse_cdb(SCSIDevice *dev, SCSICommand *cmd, uint8_t *buf)
+ {
+ int rc;
++ int len;
+
+ cmd->lba = -1;
+- cmd->len = scsi_cdb_length(buf);
++ len = scsi_cdb_length(buf);
++ if (len < 0) {
++ return -1;
++ }
+
++ cmd->len = len;
+ switch (dev->type) {
+ case TYPE_TAPE:
+ rc = scsi_req_stream_xfer(cmd, dev, buf);
Copied: qemu/repos/testing-x86_64/PKGBUILD (from rev 242952, qemu/trunk/PKGBUILD)
===================================================================
--- testing-x86_64/PKGBUILD (rev 0)
+++ testing-x86_64/PKGBUILD 2015-08-03 11:07:53 UTC (rev 242953)
@@ -0,0 +1,155 @@
+# $Id$
+# Maintainer: Tobias Powalowski <tpowa at archlinux.org>
+# Contributor: Sébastien "Seblu" Luttringer <seblu at seblu.net>
+
+pkgbase=qemu
+pkgname=('qemu'
+ 'qemu-block-iscsi'
+ 'qemu-block-rbd'
+ 'qemu-block-gluster'
+ 'libcacard')
+pkgver=2.3.0
+pkgrel=6
+arch=('i686' 'x86_64')
+license=('GPL2' 'LGPL2.1')
+url='http://wiki.qemu.org/'
+makedepends=('pixman' 'libjpeg' 'libpng' 'sdl' 'alsa-lib' 'nss' 'glib2'
+ 'gnutls' 'bluez-libs' 'vde2' 'util-linux' 'curl' 'libsasl'
+ 'libgl' 'libpulse' 'seabios' 'libcap-ng' 'libaio' 'libseccomp'
+ 'libiscsi' 'libcacard' 'spice' 'spice-protocol' 'python2'
+ 'usbredir' 'ceph' 'glusterfs' 'libssh2' 'lzo' 'snappy')
+source=(http://wiki.qemu.org/download/${pkgname}-${pkgver}.tar.bz2
+ CVE-2015-3456.patch
+ CVE-2015-5154.patch
+ CVE-2015-3214.patch
+ CVE-2015-5158.patch
+ 65-kvm.rules)
+md5sums=('2fab3ea4460de9b57192e5b8b311f221'
+ '5e8a68940c4e0267e795a6ddd144e00e'
+ '311d3845dda4795bf63107c3dcbf2bea'
+ '29840d5f2fa93ff447bf9dd120d12e5a'
+ 'cd87c265dfec4d8aa3767d5d047cd397'
+ '33ab286a20242dda7743a900f369d68a')
+
+prepare() {
+ for _p in *.patch; do
+ [[ -e "$_p" ]] || continue
+ msg2 "Patching $_p"
+ patch -p1 -d ${pkgname}-${pkgver} < "$_p"
+ done
+}
+
+build ()
+{
+ cd ${pkgname}-${pkgver}
+ # qemu vs. make 4 == bad
+ export ARFLAGS="rv"
+ # http://permalink.gmane.org/gmane.comp.emulators.qemu/238740
+ export CFLAGS+=' -fPIC'
+ # gtk gui breaks keymappings at the moment
+ ./configure --prefix=/usr --sysconfdir=/etc --audio-drv-list='pa alsa sdl' \
+ --python=/usr/bin/python2 --smbd=/usr/bin/smbd \
+ --enable-docs --libexecdir=/usr/lib/qemu \
+ --disable-gtk --enable-linux-aio --enable-seccomp \
+ --enable-spice --localstatedir=/var \
+ --enable-tpm \
+ --enable-modules --enable-{rbd,glusterfs,libiscsi,curl}
+ make V=99
+}
+
+package_qemu() {
+ pkgdesc='A generic and open source processor emulator which achieves a good emulation speed by using dynamic translation'
+ depends=('glibc' 'pixman' 'libjpeg' 'libpng' 'sdl' 'alsa-lib' 'nss' 'glib2'
+ 'gnutls' 'bluez-libs' 'vde2' 'util-linux' 'libsasl' 'mesa-libgl'
+ 'seabios' 'libcap' 'libcap-ng' 'libaio' 'libseccomp' 'libcacard'
+ 'spice' 'usbredir' 'lzo' 'snappy' 'gcc-libs' 'zlib' 'bzip2' 'nspr'
+ 'ncurses' 'libx11' 'libusb' 'libpulse')
+ backup=('etc/qemu/target-x86_64.conf')
+ replaces=('qemu-kvm')
+ optdepends=('samba: SMB/CIFS server support'
+ 'qemu-block-iscsi: iSCSI block support'
+ 'qemu-block-rbd: RDB block support'
+ 'qemu-block-gluster: glusterfs block support')
+ options=(!strip)
+ install=qemu.install
+
+ make -C ${pkgname}-${pkgver} DESTDIR="${pkgdir}" libexecdir="/usr/lib/qemu" install
+
+ cd "${pkgdir}"
+
+ # provided by seabios package
+ rm usr/share/qemu/bios.bin
+ rm usr/share/qemu/acpi-dsdt.aml
+ rm usr/share/qemu/q35-acpi-dsdt.aml
+ rm usr/share/qemu/bios-256k.bin
+ rm usr/share/qemu/vgabios-cirrus.bin
+ rm usr/share/qemu/vgabios-qxl.bin
+ rm usr/share/qemu/vgabios-stdvga.bin
+ rm usr/share/qemu/vgabios-vmware.bin
+
+ # remove conflicting /var/run directory
+ rm -r var
+
+ # systemd stuff
+ install -D -m644 "${srcdir}/65-kvm.rules" usr/lib/udev/rules.d/65-kvm.rules
+ install -D -m644 "${srcdir}/qemu.sysusers" usr/lib/sysusers.d/qemu.conf
+
+ # bridge_helper needs suid
+ # https://bugs.archlinux.org/task/32565
+ chmod u+s usr/lib/qemu/qemu-bridge-helper
+
+ # add sample config
+ echo 'allow br0' > etc/qemu/bridge.conf.sample
+
+ # manual striping in scripts directory
+ find usr/src/linux-${_kernver}/scripts -type f -perm -u+w 2>/dev/null|while read binary ; do
+ case "$(file -bi "$binary")" in
+ *application/x-executable*) # Binaries
+ /usr/bin/strip $STRIP_BINARIES "$binary";;
+ esac
+ done
+
+ # remove libcacard files
+ rm -r usr/include/cacard
+ rm usr/lib/libcacard*
+ rm usr/lib/pkgconfig/libcacard.pc
+ rm usr/bin/vscclient
+
+ # remove splited block modules
+ rm usr/lib/qemu/block-{iscsi,rbd,gluster}.so
+}
+
+package_libcacard() {
+ pkgdesc='Common Access Card (CAC) Emulation'
+ depends=('glibc' 'nss' 'nspr' 'glib2')
+
+ cd "${pkgdir}"
+ install -d usr/{bin,lib/pkgconfig,include/cacard}
+ install "${srcdir}"/qemu-${pkgver}/libcacard/*.h usr/include/cacard/
+ install "${srcdir}"/qemu-${pkgver}/.libs/libcacard.so* usr/lib/
+ install "${srcdir}"/qemu-${pkgver}/libcacard.pc usr/lib/pkgconfig/
+ install "${srcdir}"/qemu-${pkgver}/.libs/vscclient usr/bin/
+}
+
+package_qemu-block-iscsi() {
+ pkgdesc='Qemu iSCSI block module'
+ depends=('glibc' 'glib2' 'libiscsi')
+
+ install -D qemu-${pkgver}/block-iscsi.so "${pkgdir}"/usr/lib/qemu/block-iscsi.so
+}
+
+package_qemu-block-rbd() {
+ pkgdesc='Qemu RBD block module'
+ depends=('glibc' 'glib2' 'ceph')
+
+ install -D qemu-${pkgver}/block-rbd.so "${pkgdir}"/usr/lib/qemu/block-rbd.so
+}
+
+package_qemu-block-gluster() {
+ pkgdesc='Qemu GlusterFS block module'
+ depends=('glibc' 'glib2' 'glusterfs')
+
+ install -D qemu-${pkgver}/block-gluster.so "${pkgdir}"/usr/lib/qemu/block-gluster.so
+}
+
+# vim:set ts=2 sw=2 et:
Copied: qemu/repos/testing-x86_64/qemu.install (from rev 242952, qemu/trunk/qemu.install)
===================================================================
--- testing-x86_64/qemu.install (rev 0)
+++ testing-x86_64/qemu.install 2015-08-03 11:07:53 UTC (rev 242953)
@@ -0,0 +1,24 @@
+# Arg 1: the new package version
+post_install() {
+ # create kvm group
+ systemd-sysusers qemu.conf
+
+ # retrigger events on modules files when already loaded
+ [[ -e /dev/kvm ]] && udevadm trigger /dev/kvm
+ [[ -e /dev/vhost-net ]] && udevadm trigger /dev/vhost-net
+}
+
+# arg 1: the new package version
+# arg 2: the old package version
+post_upgrade() {
+ if (( "$(vercmp $2 0.11)" < 0 )); then
+ echo "With the release of qemu and qemu-kvm 0.12.X, the kqemu kernel module"
+ echo "is no longer supported and will be removed from the repositories. You"
+ echo "can safely uninstall it from your system."
+ fi
+ if (( "$(vercmp $2 1.3.1)" < 0 )); then
+ echo "With the release of qemu 1.3.0, qemu-kvm binary is removed."
+ echo "You need to change the emulator path, if you use libvirt by using:"
+ echo "'virsh edit <vm-name>'"
+ fi
+}
More information about the arch-commits
mailing list