- Update from version 8.1.1 to 8.1.2
- Update of rootfile not required
- Changelog is only provided at the 8.1 level and not lower. There is no further info on
what changes occurred in the changelog. For more details the git repo commits need to
be reviewed - https://gitlab.com/qemu-project/qemu/-/commits/master
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 8.0.3 to 8.1.1
- In CU179 the update of qemu caused at least one user to have a problem starting his
qemu system as the qemu bundled slirp library used for the net user backend was removed
in version 7.2. Unfortunately no user tested qemu in the CU179 Testing phase, or if they
did they are not using the net user backend.
- This patch adds the --enable-slirp option to configure and installs libslirp in a
separate patch.
- I can't test if this now works as I don't use qemu anywhere.
- Changelog is too large to include here.
8.1
https://wiki.qemu.org/ChangeLog/8.1
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 7.0.0 to 7.1.0
- Update of rootfile not required
- Removal of qemu-7.0.0-fix-glibc-headers.patch as an alternative patch approach has been
implemeted into thye source tarball.
- Changelog is too large to include here. Details can be found at
https://wiki.qemu.org/ChangeLog/7.1
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Historically, the MD5 checksums in our LFS files serve as a protection
against broken downloads, or accidentally corrupted source files.
While the sources are nowadays downloaded via HTTPS, it make sense to
beef up integrity protection for them, since transparently intercepting
TLS is believed to be feasible for more powerful actors, and the state
of the public PKI ecosystem is clearly not helping.
Therefore, this patch switches from MD5 to BLAKE2, updating all LFS
files as well as make.sh to deal with this checksum algorithm. BLAKE2 is
notably faster (and more secure) than SHA2, so the performance penalty
introduced by this patch is negligible, if noticeable at all.
In preparation of this patch, the toolchain files currently used have
been supplied with BLAKE2 checksums as well on
https://source.ipfire.org/.
Cc: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Acked-by: Michael Tremer <michael.tremeripfire.org>
Bumping across one of our scripts with very long trailing whitespaces, I
thought it might be a good idea to clean these up. Doing so, some
missing or inconsistent licence headers were fixed.
There is no need in shipping all these files en bloc, as their
functionality won't change.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
* Add a Summary and Services field to all pak lfs files
* Replace occurances of INSTALL_INITSCRIPT with new INSTALL_INITSCRIPTS
macro in all pak lfs files.
Signed-off-by: Robin Roevens <robin.roevens@disroot.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
This patch removes support for i586 according to the decision being
taken over a year ago.
It removes the architecture from the build system and removes all
required hacks and other quirks that have been necessary before.
There is no need to ship any changed files to the remaining
architectures as the removed code branches have not been used.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 5.2.0 to 6.1.0
- Update of rootfile
- Removal of --no-pie patch as the changes are now built into the qemu source files
- Changelog is too long to fully include here. Full details can be read at
https://wiki.qemu.org/ChangeLog/
Following are the deprecated options and features from each version.
6.1.0
Using non-persistent backing file with pmem=on is now deprecated.
'-display sdl,window_close=...' should be replaced with '-display sdl,window-close=...'
(i.e. with a minus instead of an underscore between “window” and “close”).
'-no-quit' is deprecated. '-display ...,window-close=off' should be used instead.
The Aspeed swift-bmc machine is deprecated and should be replaced by the
witherspoon-bmc or the romulus-bmc machines.
6.0.0
The --enable-fips option has been deprecated. Consumers wishing to have FIPS
compliance must build QEMU with libcrypt and gnutls, NOT nettle.
The -writeconfig option has been deprecated. The functionality of -writeconfig is
limited and the code does not even try to detect cases where it prints incorrect
syntax (for example if values have a quote in them). It will be removed without
replacement.
Boolean parameters such as share=on / share=off could be written in short form as
share and noshare. This is now deprecated and will cause a warning.
-chardev backend aliases tty and parport are aliases that will be removed. Instead,
the actual backend names serial and parallel should be used.
The delay option for socket character devices is now deprecated.
Userspace local APIC with KVM (-M kernel-irqchip=off)
hexadecimal sizes with scaling multipliers (e.g. 0x20M)
-spice password=string is deprecated now. Use password-secret option instead.
opened property of rng-* objects
loaded property of secret and secret_keyring
MIPS Trap-and-Emulate KVM support
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
- Update qemu from 5.0.0 to 5.2.0
- Changelogs for 5.1.0 and 5.2.0 available at https://wiki.qemu.org/ChangeLog/
- rootfile updated
- patch no longer needed as fix built into source. patch was not utilised
for 5.0.0 version. Patch line was commented out in previous lfs
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Not sure why this has ever been there. This simply makes it
nicer to read and edit because we can have line-breaks now.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
A newer version of qemu does not build anymore with our version of sdl. I
tried around a little bit and as I have not got a clue why we are using
sdl (spice and remote access still works) I think we should disable it.
I disabled the generation of the documentation as well but this switch
does not seem to have any effect.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Most of these files still used old dates and/or domain names for contact
mail addresses. This is now replaced by an up-to-date copyright line.
Just some housekeeping... :-)
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Since the new toolchain the flags are not compiled into the
binaries any more which causes paxctl to fail.
On top of that, PaX and grsecurity won't be available freely
any more which requires us to remove it from the distribution.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This package adds support for the use redirection of spice.
It is now possible to attach USB devices of the host where the spice
client run to the virtual machine.
The binary is not needed for this functionality and that's why they is
not shipped with the package
This feature is also enabled in qemu.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This patch update qemu to version 2.6
For changelogs see:
http://wiki.qemu.org/ChangeLog/2.5http://wiki.qemu.org/ChangeLog/2.6
Qemu try to built with bluez, but before version 2.6 bluez was not used
by qemu on IPFire, so I think it is better to disable bluez because
nobody needs it before version 2.6 and our bluez is not the latest
version so I think this will cause more problems than benefits.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
As a normal user, it is not possible to use qemu with KVM. This is bad
because it is better when it is possible to start the machine with a
less privileged user. To achieve this a group KVM is created and the
access to /dev/kvm is allowed for this group. So every user in this
group can use qemu with KVM.
This change is also useful for libvirt because the VMs can be started
with user nobody and group kvm.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
