%define qemu_name qemu %define qemu_version 1.6.2 %define qemu_rel 1 %define subrel 10 #define qemu_snapshot 0 %define qemu_release %mkrel %{?qemu_snapshot:0.%{qemu_snapshot}.}%{qemu_rel} Summary: QEMU CPU Emulator Name: qemu Version: %{qemu_version} Release: %{qemu_release} Source0: http://wiki.qemu-project.org/download/%{qemu_name}-%{version}%{?qemu_snapshot:-%{qemu_snapshot}}.tar.bz2 Source1: kvm.modules # KSM control scripts Source4: ksm.service Source5: ksm.sysconfig Source6: ksmtuned.service Source7: ksmtuned Source8: ksmtuned.conf Source9: ksmctl.c # patches from Fedora # qemu-kvm migration compat (not for upstream, drop by Fedora 21?) Patch0001: 0001-Fix-migration-from-qemu-kvm.patch # Fix crash with -M isapc -cpu Haswell (bz #986790) Patch0002: 0002-isapc-disable-kvmvapic.patch # Fix crash in lsi_soft_reset (bz #1000947) # Patches posted upstream Patch0003: 0003-pci-do-not-export-pci_bus_reset.patch Patch0004: 0004-qdev-allow-both-pre-and-post-order-vists-in-qdev-wal.patch Patch0005: 0005-qdev-switch-reset-to-post-order.patch # CVE-2013-4377: Fix crash when unplugging virtio devices (bz #1012633, # bz #1012641) # Patches posted upstream Patch0006: 0006-virtio-bus-remove-vdev-field.patch Patch0007: 0007-virtio-pci-remove-vdev-field.patch Patch0008: 0008-virtio-ccw-remove-vdev-field.patch Patch0009: 0009-virtio-bus-cleanup-plug-unplug-interface.patch Patch0010: 0010-virtio-blk-switch-exit-callback-to-VirtioDeviceClass.patch Patch0011: 0011-virtio-serial-switch-exit-callback-to-VirtioDeviceCl.patch Patch0012: 0012-virtio-net-switch-exit-callback-to-VirtioDeviceClass.patch Patch0013: 0013-virtio-scsi-switch-exit-callback-to-VirtioDeviceClas.patch Patch0014: 0014-virtio-balloon-switch-exit-callback-to-VirtioDeviceC.patch Patch0015: 0015-virtio-rng-switch-exit-callback-to-VirtioDeviceClass.patch Patch0016: 0016-virtio-pci-add-device_unplugged-callback.patch # Fix 'new snapshot' slowness after the first snap (bz #988436) # Patches queued for upstream Patch0101: 0101-qcow2-Pass-discard-type-to-qcow2_discard_clusters.patch Patch0102: 0102-qcow2-Discard-VM-state-in-active-L1-after-creating-s.patch # Fix 9pfs xattrs on kernel 3.11 (bz #1013676) # Patch posted upstream Patch0103: 0103-hw-9pfs-Fix-errno-value-for-xattr-functions.patch # Fix drive discard options via libvirt (bz #1029953) # Patch queued upstream Patch0104: 0104-qmp-access-the-local-QemuOptsLists-for-drive-option.patch # Fix process exit with -sandbox on (bz #1027421) Patch0105: 0105-seccomp-fine-tuning-whitelist-by-adding-times.patch # Changing streaming mode default to off for spice (bz #1038336) Patch0106: 0106-spice-flip-streaming-video-mode-to-off-by-default.patch # Fix guest scsi verify command (bz #1001617) Patch0107: 0107-scsi-bus-fix-transfer-length-and-direction-for-VERIF.patch Patch0108: 0108-scsi-disk-fix-VERIFY-emulation.patch # Fix performance regression after save/restore (bz #917723) Patch0109: 0109-migration-drop-MADVISE_DONT_NEED-for-incoming-zero-p.patch # Fix bogus libcacard dep on gluster (bz #987441) Patch0110: 0110-libcacard-Don-t-link-with-all-libraries-QEMU-links-t.patch # Fix mouse with -display gtk -vga qxl (bz #1051724) Patch0111: 0111-gtk-Fix-mouse-warping-with-gtk3.patch Patch0112: 0112-gtk-Don-t-warp-absolute-pointer.patch # Change gtk quit accelerator to ctrl+shift+q (bz #1062393) # Patches queued for 2.1 Patch0113: 0113-Change-gtk-quit-accelerator-to-ctrl-shift-q-bz-10623.patch # Fix crash during virtio-scsi hotplug (bz #1051611) Patch0114: 0114-scsi-Assign-cancel_io-vector-for-scsi_disk_emulate_o.patch Patch0115: 0115-virtio-scsi-Cleanup-of-I-Os-that-never-started.patch Patch0116: 0116-virtio-scsi-Prevent-assertion-on-missed-events.patch # Block/image format validation CVE-2014-0142 - 2014-0148 (bz #1078201, # bz #1086710, bz #1079140, bz #1086724, bz #1079240, bz #1086735, bz # #1078885, bz #1086720, bz #1078232, bz #1086713, bz #1078848, bz # #1086717, bz #1078212, bz #1086712) Patch0117: 0117-block-cloop-validate-block_size-header-field-CVE-201.patch Patch0118: 0118-block-cloop-prevent-offsets_size-integer-overflow-CV.patch Patch0119: 0119-block-cloop-refuse-images-with-huge-offsets-arrays-C.patch Patch0120: 0120-block-cloop-refuse-images-with-bogus-offsets-CVE-201.patch Patch0121: 0121-block-cloop-fix-offsets-size-off-by-one.patch Patch0122: 0122-bochs-Unify-header-structs-and-make-them-QEMU_PACKED.patch Patch0123: 0123-bochs-Use-unsigned-variables-for-offsets-and-sizes-C.patch Patch0124: 0124-bochs-Check-catalog_size-header-field-CVE-2014-0143.patch Patch0125: 0125-bochs-Check-extent_size-header-field-CVE-2014-0142.patch Patch0126: 0126-bochs-Fix-bitmap-offset-calculation.patch Patch0127: 0127-vpc-vhd-add-bounds-check-for-max_table_entries-and-b.patch Patch0128: 0128-vpc-Validate-block-size-CVE-2014-0142.patch Patch0129: 0129-vdi-add-bounds-checks-for-blocks_in_image-and-disk_s.patch Patch0130: 0130-vhdx-Bounds-checking-for-block_size-and-logical_sect.patch Patch0131: 0131-curl-check-data-size-before-memcpy-to-local-buffer.-.patch Patch0132: 0132-qcow2-Check-header_length-CVE-2014-0144.patch Patch0133: 0133-qcow2-Check-backing_file_offset-CVE-2014-0144.patch Patch0134: 0134-qcow2-Check-refcount-table-size-CVE-2014-0144.patch Patch0135: 0135-qcow2-Validate-refcount-table-offset.patch Patch0136: 0136-qcow2-Validate-snapshot-table-offset-size-CVE-2014-0.patch Patch0137: 0137-qcow2-Validate-active-L1-table-offset-and-size-CVE-2.patch Patch0138: 0138-qcow2-Fix-backing-file-name-length-check.patch Patch0139: 0139-qcow2-fix-offset-overflow-in-qcow2_alloc_clusters_at.patch Patch0140: 0140-qcow2-Don-t-rely-on-free_cluster_index-in-alloc_refc.patch Patch0141: 0141-qcow2-Avoid-integer-overflow-in-get_refcount-CVE-201.patch Patch0142: 0142-qcow2-Check-new-refcount-table-size-on-growth.patch Patch0143: 0143-qcow2-Fix-types-in-qcow2_alloc_clusters-and-alloc_cl.patch Patch0144: 0144-qcow2-Protect-against-some-integer-overflows-in-bdrv.patch Patch0145: 0145-qcow2-Fix-new-L1-table-size-check-CVE-2014-0143.patch Patch0146: 0146-dmg-coding-style-and-indentation-cleanup.patch Patch0147: 0147-dmg-prevent-out-of-bounds-array-access-on-terminator.patch Patch0148: 0148-dmg-drop-broken-bdrv_pread-loop.patch Patch0149: 0149-dmg-use-appropriate-types-when-reading-chunks.patch Patch0150: 0150-dmg-sanitize-chunk-length-and-sectorcount-CVE-2014-0.patch Patch0151: 0151-dmg-use-uint64_t-consistently-for-sectors-and-length.patch Patch0152: 0152-dmg-prevent-chunk-buffer-overflow-CVE-2014-0145.patch Patch0153: 0153-block-Limit-request-size-CVE-2014-0143.patch Patch0154: 0154-qcow2-Fix-copy_sectors-with-VM-state.patch Patch0155: 0155-qcow2-Fix-NULL-dereference-in-qcow2_open-error-path-.patch Patch0156: 0156-qcow2-Fix-L1-allocation-size-in-qcow2_snapshot_load_.patch Patch0157: 0157-qcow2-Check-maximum-L1-size-in-qcow2_snapshot_load_t.patch Patch0158: 0158-qcow2-Limit-snapshot-table-size.patch Patch0159: 0159-parallels-Fix-catalog-size-integer-overflow-CVE-2014.patch Patch0160: 0160-parallels-Sanity-check-for-s-tracks-CVE-2014-0142.patch # CVE-2014-0150: virtio-net: buffer overflow in virtio_net_handle_mac() # function (bz #1086775, bz #1078846) Patch0201: 0201-virtio-net-fix-guest-triggerable-buffer-overrun.patch # CVE-2013-4544: vmxnet3: bounds checking buffer overrun (bz #1087513, # bz #1087522) Patch0202: 0202-vmxnet3-validate-interrupt-indices-coming-from-guest.patch Patch0203: 0203-vmxnet3-validate-queues-configuration-coming-from-gu.patch Patch0204: 0204-vmxnet3-validate-interrupt-indices-read-on-migration.patch Patch0205: 0205-vmxnet3-validate-queues-configuration-read-on-migrat.patch # CVE-2014-2894: out of bounds buffer accesses, guest triggerable via # IDE SMART (bz #1087981, bz #1087971) Patch0206: 0206-ide-Correct-improper-smart-self-test-counter-reset-i.patch # Fix guest startup crashes from autotest (bz #1081610) Patch0207: 0207-char-serial-Fix-emptyness-check.patch Patch0208: 0208-char-serial-Fix-emptyness-handling.patch # Fix arm sd warnings with latest kernel (bz #1091548) Patch0209: 0209-vmstate-Add-uint32-2D-array-support.patch Patch0210: 0210-arm_gic-Extract-headers-hw-intc-arm_gic-_common-.h.patch Patch0211: 0211-arm_gic-Rename-GIC_X_TRIGGER-to-GIC_X_EDGE_TRIGGER.patch Patch0212: 0212-hw-arm_gic-Introduce-gic_set_priority-function.patch Patch0213: 0213-arm_gic-Introduce-define-for-GIC_NR_SGIS.patch Patch0214: 0214-arm_gic-Fix-GICD_ICPENDR-and-GICD_ISPENDR-writes.patch Patch0215: 0215-arm_gic-Fix-GIC-pending-behavior.patch Patch0216: 0216-arm_gic-Keep-track-of-SGI-sources.patch Patch0217: 0217-arm_gic-Support-setting-getting-binary-point-reg.patch Patch0218: 0218-arm_gic-Add-GICC_APRn-state-to-the-GICState.patch Patch0219: 0219-hw-intc-arm_gic-Fix-NVIC-assertion-failure.patch # Migration CVEs: CVE-2014-0182 etc. Patch0301: 0301-vmstate-add-VMS_MUST_EXIST.patch Patch0302: 0302-vmstate-add-VMSTATE_VALIDATE.patch Patch0303: 0303-virtio-net-fix-buffer-overflow-on-invalid-state-load.patch Patch0304: 0304-virtio-net-out-of-bounds-buffer-write-on-invalid-sta.patch Patch0305: 0305-virtio-out-of-bounds-buffer-write-on-invalid-state-l.patch Patch0306: 0306-ahci-fix-buffer-overrun-on-invalid-state-load.patch Patch0307: 0307-hpet-fix-buffer-overrun-on-invalid-state-load.patch Patch0308: 0308-hw-pci-pcie_aer.c-fix-buffer-overruns-on-invalid-sta.patch Patch0309: 0309-pl022-fix-buffer-overun-on-invalid-state-load.patch Patch0310: 0310-vmstate-fix-buffer-overflow-in-target-arm-machine.c.patch Patch0311: 0311-virtio-avoid-buffer-overrun-on-incoming-migration.patch Patch0312: 0312-virtio-validate-num_sg-when-mapping.patch Patch0313: 0313-pxa2xx-avoid-buffer-overrun-on-incoming-migration.patch Patch0314: 0314-ssd0323-fix-buffer-overun-on-invalid-state-load.patch Patch0315: 0315-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch Patch0316: 0316-zaurus-fix-buffer-overrun-on-invalid-state-load.patch Patch0317: 0317-virtio-scsi-fix-buffer-overrun-on-invalid-state-load.patch Patch0318: 0318-vmstate-s-VMSTATE_INT32_LE-VMSTATE_INT32_POSITIVE_LE.patch Patch0319: 0319-usb-sanity-check-setup_index-setup_len-in-post_load.patch Patch0320: 0320-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch Patch0321: 0321-openpic-avoid-buffer-overrun-on-incoming-migration.patch Patch0322: 0322-virtio-net-out-of-bounds-buffer-write-on-load.patch Patch0323: 0323-virtio-validate-config_len-on-load.patch # QCOW1 validation CVEs: CVE-2014-0222, CVE-2014-0223 (bz #1097232, bz # #1097238, bz #1097222, bz #1097216) Patch0401: 0401-qcow1-Make-padding-in-the-header-explicit.patch Patch0402: 0402-qcow1-Check-maximum-cluster-size.patch Patch0403: 0403-qcow1-Validate-L2-table-size-CVE-2014-0222.patch Patch0404: 0404-qcow1-Validate-image-size-CVE-2014-0223.patch Patch0405: 0405-qcow1-Stricter-backing-file-length-check.patch # CVE-2014-3461: Issues in USB post load checks (bz #1097260, bz # #1096821) Patch0406: 0406-usb-fix-up-post-load-checks.patch # Fix spice audio playback sample rate (bz #1129961) Patch0407: 0407-Add-the-ability-to-vary-Spice-playback-and-record-ra.patch # Fix virtio-blk migration incompatibility caused by CVE backport (bz # #1115604) Patch0408: 0408-Allow-mismatched-virtio-config-len.patch # CVE-2014-3615 Fix crash when guest sets high resolution (bz #1139121, # bz #1139115) Patch0409: 0409-vbe-make-bochs-dispi-interface-return-the-correct-me.patch Patch0410: 0410-vbe-rework-sanity-checks.patch Patch0411: 0411-spice-make-sure-we-don-t-overflow-ssd-buf.patch # CVE-2014-3640 qemu: slirp: NULL pointer (bz #1144821, bz #1144818) Patch0412: 0412-slirp-udp-fix-NULL-pointer-dereference-because-of-un.patch # CVE-2014-7815 vnc: insufficient bits_per_pixel from the client # sanitization (bz #1157647, bz #1157641) Patch0413: 0413-vnc-sanitize-bits_per_pixel-from-the-client.patch # CVE-2014-3689 vmware_vga: insufficient parameter validation in # rectangle functions (bz #1153038, bz #1153035) Patch0414: 0414-vmware-vga-CVE-2014-3689-turn-off-hw-accel.patch Patch0415: 0415-vmware-vga-add-vmsvga_verify_rect.patch Patch0416: 0416-vmware-vga-use-vmsvga_verify_rect-in-vmsvga_update_r.patch Patch0417: 0417-vmware-vga-use-vmsvga_verify_rect-in-vmsvga_copy_rec.patch Patch0418: 0418-vmware-vga-use-vmsvga_verify_rect-in-vmsvga_fill_rec.patch # Fix SLES11 migration issue (bz #1109427) Patch0419: 0419-kvm-run-cpu-state-synchronization-on-target-vcpu-thr.patch Patch0420: 0420-Introduce-cpu_clean_all_dirty.patch Patch0421: 0421-kvmclock-Ensure-time-in-migration-never-goes-backwar.patch Patch0422: 0422-kvmclock-Ensure-proper-env-tsc-value-for-kvmclock_cu.patch # CVE-2014-7840: insufficient parameter validation during ram load (bz # #1163080) Patch0423: 0423-migration-fix-parameter-validation-on-ram-load.patch Patch0424: 0424-block-raw-posix-Fix-disk-corruption-in-try_fiemap.patch Patch0425: 0425-raw-posix-Drop-fiemap.patch # Fix qemu_bh_schedule race condition (bz #1165315) Patch0426: 0426-aio-fix-qemu_bh_schedule-bh-ctx-race-condition.patch # patches 427 and 428 are CVE-2014-8106 (rhbz#1169454) Patch0427: 0427-cirrus-fix-blit-region-check.patch Patch0428: 0428-cirrus-don-t-overflow-CirrusVGAState-cirrus_bltbuf.patch # Qemu: PRDT overflow from guest to host (bz #1204919, bz #1205322) Patch0429: 0429-ide-Correct-handling-of-malformed-short-PRDTs.patch # CVE-2015-1779 vnc: insufficient resource limiting in VNC websockets # decoder (bz #1205051, bz #1199572) Patch0430: 0430-CVE-2015-1779-incrementally-decode-websocket-frames.patch Patch0431: 0431-CVE-2015-1779-limit-size-of-HTTP-headers-from-websoc.patch Patch0432: qemu-2.1.3-CVE-2015-3456.patch # http://git.qemu.org/?p=qemu.git;a=commit;h=3afca1d6d413592c2b78cf28f52fa24a586d8f56 (fixes CVE-2014-5263) Patch0500: 0500-vmstate_xhci_event-fix-unterminated-field-list.patch License: GPLv2+ URL: http://wiki.qemu.org/Main_Page Group: Emulators Provides: kvm Requires: qemu-img = %{version}-%{release} # for %%{_sysconfdir}/sasl2 Requires: cyrus-sasl BuildRequires: flex BuildRequires: bison BuildRequires: libtool BuildRequires: libSDL-devel BuildRequires: texi2html BuildRequires: e2fsprogs-devel BuildRequires: kernel-headers BuildRequires: pulseaudio-devel BuildRequires: zlib-devel BuildRequires: brlapi-devel BuildRequires: gnutls-devel BuildRequires: libsasl-devel BuildRequires: pciutils-devel BuildRequires: texinfo BuildRequires: vde-devel BuildRequires: bluez-devel BuildRequires: curl-devel BuildRequires: pkgconfig(libusbredirparser-0.5) >= 0.6 BuildRequires: libuuid-devel BuildRequires: pkgconfig(libpng) BuildRequires: libaio-devel BuildRequires: cap-ng-devel # for virtfs BuildRequires: cap-devel BuildRequires: attr-devel # for direct xfs access with raw device BuildRequires: libxfs-devel BuildRequires: pkgconfig(libcacard) %ifarch %{ix86} x86_64 BuildRequires: spice-protocol >= 0.8.1 BuildRequires: spice-server-devel >= 0.9.0 BuildRequires: xen-devel >= 4.1.2 %endif BuildRequires: dev86 BuildRequires: iasl ExclusiveArch: %{ix86} ppc x86_64 amd64 %{sunsparc} %description QEMU is a FAST! processor emulator. By using dynamic translation it achieves a reasonnable speed while being easy to port on new host CPUs. QEMU has two operating modes: * User mode emulation. In this mode, QEMU can launch Linux processes compiled for one CPU on another CPU. Linux system calls are converted because of endianness and 32/64 bit mismatches. Wine (Windows emulation) and DOSEMU (DOS emulation) are the main targets for QEMU. * Full system emulation. In this mode, QEMU emulates a full system, including a processor and various peripherials. Currently, it is only used to launch an x86 Linux kernel on an x86 Linux system. It enables easier testing and debugging of system code. It can also be used to provide virtual hosting of several virtual PC on a single server. %package img Summary: QEMU disk image utility Group: Emulators Version: %{qemu_version} Release: %{qemu_release} %description img This package contains the QEMU disk image utility that is used to create, commit, convert and get information from a disk image. %prep %setup -q -n %{qemu_name}-%{qemu_version}%{?qemu_snapshot:-%{qemu_snapshot}} %apply_patches %build extraldflags="-Wl,--build-id"; buildldflags="VL_LDFLAGS=-Wl,--build-id" %ifarch %{ix86} x86_64 ./configure \ --target-list=x86_64-softmmu \ --prefix=%{_prefix} \ --sysconfdir=%{_sysconfdir} \ --audio-drv-list=pa,sdl,alsa,oss \ --enable-spice \ --enable-xen \ --enable-xen-pci-passthrough \ --disable-kvm \ --enable-mixemu \ --extra-ldflags=$extraldflags \ --extra-cflags="$CFLAGS" %make V=1 $buildldflags cp -a x86_64-softmmu/qemu-system-x86_64 qemu-xen make clean # sdl outputs to alsa or pulseaudio depending on system config, but it's broken (RH bug #495964) # alsa works, but causes huge CPU load due to bugs # oss works, but is very problematic because it grabs exclusive control of the device causing other apps to go haywire ./configure \ --target-list=x86_64-softmmu \ --prefix=%{_prefix} \ --sysconfdir=%{_sysconfdir} \ --audio-drv-list=pa,sdl,alsa,oss \ --enable-spice \ --enable-kvm \ --disable-xen \ --enable-mixemu \ --extra-ldflags=$extraldflags \ --extra-cflags="$CFLAGS" %make V=1 $buildldflags cp -a x86_64-softmmu/qemu-system-x86_64 qemu-kvm make clean %endif ./configure \ --target-list="i386-softmmu x86_64-softmmu arm-softmmu cris-softmmu m68k-softmmu \ mips-softmmu mipsel-softmmu mips64-softmmu mips64el-softmmu ppc-softmmu \ ppcemb-softmmu ppc64-softmmu sh4-softmmu sh4eb-softmmu sparc-softmmu \ i386-linux-user x86_64-linux-user alpha-linux-user arm-linux-user \ armeb-linux-user cris-linux-user m68k-linux-user mips-linux-user \ mipsel-linux-user ppc-linux-user ppc64-linux-user ppc64abi32-linux-user \ sh4-linux-user sh4eb-linux-user sparc-linux-user sparc64-linux-user \ sparc32plus-linux-user" \ --prefix=%{_prefix} \ --sysconfdir=%{_sysconfdir} \ --interp-prefix=%{_prefix}/qemu-%%M \ --audio-drv-list=pa,sdl,alsa,oss \ --disable-kvm \ --disable-xen \ %ifarch %{ix86} x86_64 --enable-spice \ %endif --extra-ldflags=$extraldflags \ --extra-cflags="$CFLAGS" %make V=1 $buildldflags gcc %{SOURCE9} -O2 -g -o ksmctl %install install -D -p -m 0644 %{SOURCE4} %{buildroot}/%{_unitdir}/ksm.service install -D -p -m 0644 %{SOURCE5} %{buildroot}/%{_sysconfdir}/sysconfig/ksm install -D -p -m 0755 ksmctl %{buildroot}/lib/systemd/ksmctl install -D -p -m 0644 %{SOURCE6} %{buildroot}/%{_unitdir}/ksmtuned.service install -D -p -m 0755 %{SOURCE7} %{buildroot}/%{_sbindir}/ksmtuned install -D -p -m 0644 %{SOURCE8} %{buildroot}/%{_sysconfdir}/ksmtuned.conf %ifarch %{ix86} x86_64 mkdir -p %{buildroot}/%{_sysconfdir}/sysconfig/modules mkdir -p %{buildroot}/%{_bindir}/ mkdir -p %{buildroot}/%{_datadir}/%{name} install -m 0755 %{SOURCE1} %{buildroot}/%{_sysconfdir}/sysconfig/modules/kvm.modules install -m 0755 qemu-kvm %{buildroot}/%{_bindir}/ install -m 0755 qemu-xen %{buildroot}/%{_bindir}/ %endif %makeinstall_std BUILD_DOCS="yes" install -D -p -m 0644 qemu.sasl %{buildroot}/%{_sysconfdir}/sasl2/qemu.conf # remove unpackaged files rm -rf %{buildroot}/%{_docdir}/qemu %{buildroot}%{_bindir}/vscclient rm -f %{buildroot}/%{_libdir}/libcacard* rm -f %{buildroot}/usr/lib/libcacard* rm -f %{buildroot}/%{_libdir}/pkgconfig/libcacard.pc rm -f %{buildroot}/usr/lib/pkgconfig/libcacard.pc rm -rf %{buildroot}/%{_includedir}/cacard %post %ifarch %{ix86} x86_64 # load kvm modules now, so we can make sure no reboot is needed. # If there's already a kvm module installed, we don't mess with it sh /%{_sysconfdir}/sysconfig/modules/kvm.modules %endif %_post_service ksmtuned %_post_service ksm %preun %_preun_service ksm %_preun_service ksmtuned %files %doc README qemu-doc.html qemu-tech.html %config(noreplace)%{_sysconfdir}/sasl2/qemu.conf %{_unitdir}/ksm.service /lib/systemd/ksmctl %config(noreplace) %{_sysconfdir}/sysconfig/ksm %{_unitdir}/ksmtuned.service %{_sbindir}/ksmtuned %config(noreplace) %{_sysconfdir}/ksmtuned.conf %{_sysconfdir}/sysconfig/modules/kvm.modules %{_sysconfdir}/qemu/target-x86_64.conf %{_bindir}/qemu-io %{_bindir}/qemu-kvm %{_bindir}/qemu-xen %{_bindir}/qemu-alpha %{_bindir}/qemu-arm* %{_bindir}/qemu-cris %{_bindir}/qemu-ga %{_bindir}/qemu-i386 %{_bindir}/qemu-m68k %{_bindir}/qemu-mips* %{_bindir}/qemu-nbd %{_bindir}/qemu-ppc* %{_bindir}/qemu-sh4* %{_bindir}/qemu-sparc* %{_bindir}/qemu-x86_64 %{_bindir}/qemu-system-arm %{_bindir}/qemu-system-cris %{_bindir}/qemu-system-m68k %{_bindir}/qemu-system-sh4* %{_bindir}/qemu-system-ppc* %{_bindir}/qemu-system-mips* %{_bindir}/qemu-system-sparc %{_bindir}/qemu-system-x86_64 %{_bindir}/qemu-system-i386 %{_bindir}/virtfs-proxy-helper %{_mandir}/man1/qemu.1* %{_mandir}/man8/qemu-nbd.8* %{_mandir}/man1/virtfs-proxy-helper.* %dir %{_datadir}/qemu %{_datadir}/qemu/*.aml %{_datadir}/qemu/*.bin %{_datadir}/qemu/*.img %{_datadir}/qemu/*.rom %{_datadir}/qemu/keymaps %{_datadir}/qemu/openbios-sparc32 %{_datadir}/qemu/openbios-sparc64 %{_datadir}/qemu/openbios-ppc %{_datadir}/qemu/*.dtb %{_datadir}/qemu/palcode-clipper %{_datadir}/qemu/qemu-icon.bmp /usr/libexec/qemu-bridge-helper %{_datadir}/qemu/*.svg %files img %{_bindir}/qemu-img %{_mandir}/man1/qemu-img.1* %changelog * Wed May 13 2015 luigiwalser <luigiwalser> 1.6.2-1.10.mga4 + Revision: 822017 - add patch from redhat to fix CVE-2015-3456 - rediff patch from fedora to fix PRDT overflow (rhbz#1204919, mga#15561) - add patches from fedora to fix CVE-2015-1779 - add upstream patches to fix CVE-2014-8106 - add newest patches from fedora, including fix for CVE-2014-7840 - add upstream patch to fix CVE-2014-5263 - add patches from fedora to fix CVE-2014-3689 and CVE-2014-7815 - qemu 1.6.2 requires updated usbredir (mga#14434) - build against release version of libusbredir - 1.6.2 - add patches from fedora to fix CVE-2013-4377 + bcornec <bcornec> - Fix all current CVEs on qemu + oden <oden> - rebuilt against usbredir-0.6 (prereq for virt-manager-1.0.x) * Tue Oct 15 2013 dams <dams> 1.6.1-2.mga4 + Revision: 501216 - Rebuild for new libxen* * Thu Oct 10 2013 luigiwalser <luigiwalser> 1.6.1-1.mga4 + Revision: 494548 - 1.6.1 * Sat Aug 31 2013 fwang <fwang> 1.6.0-3.mga4 + Revision: 473656 - rebuild for new sasl * Tue Aug 27 2013 luigiwalser <luigiwalser> 1.6.0-2.mga4 + Revision: 472088 - rebuild for cyrus-sasl * Mon Aug 19 2013 joequant <joequant> 1.6.0-1.mga4 + Revision: 467681 - upgrade to 1.6.0 * Tue Jul 23 2013 luigiwalser <luigiwalser> 1.5.0-4.mga4 + Revision: 457471 - add patches from redhat to fix CVE-2013-2231 * Mon Jun 03 2013 fwang <fwang> 1.5.0-3.mga4 + Revision: 436076 - rebuild for new libpng * Sat Jun 01 2013 sander85 <sander85> 1.5.0-2.mga4 + Revision: 434028 - Rebuild for new brltty * Tue May 28 2013 tv <tv> 1.5.0-1.mga4 + Revision: 429348 - new release - drop merged patches - drop obsolete obsoletes tag - do not use embedded libcacard * Thu Apr 25 2013 luigiwalser <luigiwalser> 1.2.0-8.mga3 + Revision: 411183 - add patch from fedora to fix CVE-2013-1922 * Wed Mar 06 2013 alien <alien> 1.2.0-7.mga3 + Revision: 401563 - Build native qemu-xen * Wed Jan 16 2013 luigiwalser <luigiwalser> 1.2.0-6.mga3 + Revision: 388815 - add patches from upstream via debian to fix CVE-2012-6075 * Wed Jan 09 2013 pterjan <pterjan> 1.2.0-5.mga3 + Revision: 343878 - Rebuild for new libxen* * Tue Dec 25 2012 cjw <cjw> 1.2.0-4.mga3 + Revision: 334857 - patch1: fix crashes with vmvga graphics + spice - add BuildRequires: pkgconfig(libpng) xen-devel libaio-devel cap-ng-devel cap-devel attr-devel * Fri Sep 07 2012 guillomovitch <guillomovitch> 1.2.0-3.mga3 + Revision: 289178 - drop smartcard support (conflict with libcaca-tools) * Thu Sep 06 2012 guillomovitch <guillomovitch> 1.2.0-2.mga3 + Revision: 288853 - add smartcard NSS support - add systemd support - drop sysinit support * Wed Sep 05 2012 tv <tv> 1.2.0-1.mga3 + Revision: 288693 - further adjust file list - adjust file list - new release - drop merged patches + luigiwalser <luigiwalser> - add patch from RedHat to fix CVE-2012-3515 * Tue Jul 10 2012 luigiwalser <luigiwalser> 1.0-7.mga3 + Revision: 269332 - re-diff upstream patch to fix CVE-2012-2652 * Sat Apr 14 2012 kamil <kamil> 1.0-6.mga2 + Revision: 230742 - add P0: upstream-support-for-udp-unicast-network-backend.patch * Mon Mar 05 2012 misc <misc> 1.0-5.mga2 + Revision: 219367 - rebuild for new vde * Fri Mar 02 2012 misc <misc> 1.0-4.mga2 + Revision: 216760 - enable mixer emulation ( for spice ) - fix the BuildRequires for usb-redir * Fri Mar 02 2012 misc <misc> 1.0-3.mga2 + Revision: 216752 - add xfs raw direct access support - also add support for uuid generation - add support for usb redirection * Fri Mar 02 2012 misc <misc> 1.0-2.mga2 + Revision: 216745 - add support for curl download - add support for bluetooth stack - as explained in the qemu changelog, the qemu binary is no more, and will be replaced in the future by a specific tool, so do not try to put specific symlink for that ( see http://wiki.qemu.org/ChangeLog/1.0 ) - fix build with Fedora patch - revert last change, as asked by coling on irc, to keep patching as minimal as possible - remove patch0 to add a fedora13 machine type ( not needed anymore ) - Update to 1.0 + colin <colin> - Fix build (upstream patch) - Fix pidfile to match LSB header in sysvinit script * Wed Jan 11 2012 ovitters <ovitters> 0.15.1-2.mga2 + Revision: 194839 - enable spice support (needed for gnome-boxes) + dmorgan <dmorgan> - New version 0.15.1 * Wed Sep 28 2011 boklm <boklm> 0.15.0-2.mga2 + Revision: 149704 - fix dependency on texi2html + tv <tv> - fix file list - new release - drop patch 1 (merged) + fwang <fwang> - fix build with latest pulseaudio - add default-stop - rebuild for new gnutls * Sat Jun 18 2011 cjw <cjw> 0.14.1-1.mga2 + Revision: 109334 - 0.14.1 - drop patch1 and patch3, included upstream * Tue May 03 2011 misc <misc> 0.14.0-5.mga1 + Revision: 94340 - add fix for CVE-2011-1750, patch from debian and upstream * Sat Apr 16 2011 blino <blino> 0.14.0-4.mga1 + Revision: 86505 - sync ksm initscripts with Fedora (to silence an error about missing max_kernel_pages with current kernels) * Tue Apr 05 2011 misc <misc> 0.14.0-3.mga1 + Revision: 80843 - rebuild - remove old comments and all trace of kvmtrace - add comments about obsoletes and trigger to remove - remove old commented part of the spec about kvmtrace ( tool deprecated upstream ) - remove hack around mtune, since this is the default flag it is supported by gcc or not specified, and as the remplacement is using pentiumpro, this is already highly x86 specific ) - qemu do not seems to use private symbol of glibc, so remove the hack to filter them * Tue Apr 05 2011 misc <misc> 0.14.0-2.mga1 + Revision: 80767 - reenable vde, Fedora not using it is not a reason for us to not use it - use single digit for patch, more readable - add comments on the 2 patchs - remove old patch not referenced in spec * Mon Mar 07 2011 saispo <saispo> 0.14.0-1.mga1 + Revision: 65897 - Remove video.x file - Fix apply patch00 and patch01 - Add two patches come from Fedora - Disable vde-devel BuildRequires, don't need it - New release 0.14.0 + misc <misc> - fix License - enable vde support ( since we do not have main/contribs ) - clean overzealous requires - remove old conflicts against 2007.1 packages - imported package qemu