diff options
Diffstat (limited to 'emulators/qemu-devel/files')
| -rw-r--r-- | emulators/qemu-devel/files/patch-90_security | 181 | ||||
| -rw-r--r-- | emulators/qemu-devel/files/patch-CVE-2008-2004 | 60 | ||||
| -rw-r--r-- | emulators/qemu-devel/files/patch-Makefile | 15 | ||||
| -rw-r--r-- | emulators/qemu-devel/files/patch-cpu-exec.c | 54 | ||||
| -rw-r--r-- | emulators/qemu-devel/files/patch-curses_keys.h | 17 | ||||
| -rw-r--r-- | emulators/qemu-devel/files/patch-exec-all.h | 10 | ||||
| -rw-r--r-- | emulators/qemu-devel/files/patch-exec.c | 30 | ||||
| -rw-r--r-- | emulators/qemu-devel/files/patch-fbsd | 6 | ||||
| -rw-r--r-- | emulators/qemu-devel/files/patch-hw-e1000.c | 17 | ||||
| -rw-r--r-- | emulators/qemu-devel/files/patch-libmath2 | 10 | ||||
| -rw-r--r-- | emulators/qemu-devel/files/patch-osdep.c | 31 | ||||
| -rw-r--r-- | emulators/qemu-devel/files/patch-qemu-img.texi | 19 | ||||
| -rw-r--r-- | emulators/qemu-devel/files/patch-target-i386-translate.c | 16 | ||||
| -rw-r--r-- | emulators/qemu-devel/files/patch-tcg-i386-tcg-target.c | 28 | ||||
| -rw-r--r-- | emulators/qemu-devel/files/patch-tcg-tcg-op.h | 19 | ||||
| -rw-r--r-- | emulators/qemu-devel/files/patch-vl.c | 12 | ||||
| -rw-r--r-- | emulators/qemu-devel/files/patch-vl.c-nographic | 9 |
17 files changed, 163 insertions, 371 deletions
diff --git a/emulators/qemu-devel/files/patch-90_security b/emulators/qemu-devel/files/patch-90_security index 8de4cb5949f3..40a5b54c66db 100644 --- a/emulators/qemu-devel/files/patch-90_security +++ b/emulators/qemu-devel/files/patch-90_security @@ -1,148 +1,3 @@ -Index: qemu-0.8.2/hw/cirrus_vga.c -@@ -217,6 +217,20 @@ - #define CIRRUS_HOOK_NOT_HANDLED 0 - #define CIRRUS_HOOK_HANDLED 1 - -+#define BLTUNSAFE(s) \ -+ ( \ -+ ( /* check dst is within bounds */ \ -+ (s)->cirrus_blt_height * (s)->cirrus_blt_dstpitch \ -+ + ((s)->cirrus_blt_dstaddr & (s)->cirrus_addr_mask) > \ -+ (s)->vram_size \ -+ ) || \ -+ ( /* check src is within bounds */ \ -+ (s)->cirrus_blt_height * (s)->cirrus_blt_srcpitch \ -+ + ((s)->cirrus_blt_srcaddr & (s)->cirrus_addr_mask) > \ -+ (s)->vram_size \ -+ ) \ -+ ) -+ - struct CirrusVGAState; - typedef void (*cirrus_bitblt_rop_t) (struct CirrusVGAState *s, - uint8_t * dst, const uint8_t * src, -@@ -636,7 +650,7 @@ - - for (y = 0; y < lines; y++) { - off_cur = off_begin; -- off_cur_end = off_cur + bytesperline; -+ off_cur_end = (off_cur + bytesperline) & s->cirrus_addr_mask; - off_cur &= TARGET_PAGE_MASK; - while (off_cur < off_cur_end) { - cpu_physical_memory_set_dirty(s->vram_offset + off_cur); -@@ -651,7 +665,11 @@ - { - uint8_t *dst; - -- dst = s->vram_ptr + s->cirrus_blt_dstaddr; -+ dst = s->vram_ptr + (s->cirrus_blt_dstaddr & s->cirrus_addr_mask); -+ -+ if (BLTUNSAFE(s)) -+ return 0; -+ - (*s->cirrus_rop) (s, dst, src, - s->cirrus_blt_dstpitch, 0, - s->cirrus_blt_width, s->cirrus_blt_height); -@@ -667,8 +685,11 @@ - { - cirrus_fill_t rop_func; - -+ if (BLTUNSAFE(s)) -+ return 0; -+ - rop_func = cirrus_fill[rop_to_index[blt_rop]][s->cirrus_blt_pixelwidth - 1]; -- rop_func(s, s->vram_ptr + s->cirrus_blt_dstaddr, -+ rop_func(s, s->vram_ptr + (s->cirrus_blt_dstaddr & s->cirrus_addr_mask), - s->cirrus_blt_dstpitch, - s->cirrus_blt_width, s->cirrus_blt_height); - cirrus_invalidate_region(s, s->cirrus_blt_dstaddr, -@@ -687,8 +708,8 @@ - static int cirrus_bitblt_videotovideo_patterncopy(CirrusVGAState * s) - { - return cirrus_bitblt_common_patterncopy(s, -- s->vram_ptr + -- (s->cirrus_blt_srcaddr & ~7)); -+ s->vram_ptr + ((s->cirrus_blt_srcaddr & ~7) & -+ s->cirrus_addr_mask)); - } - - static void cirrus_do_copy(CirrusVGAState *s, int dst, int src, int w, int h) -@@ -738,8 +759,10 @@ - if (notify) - vga_hw_update(); - -- (*s->cirrus_rop) (s, s->vram_ptr + s->cirrus_blt_dstaddr, -- s->vram_ptr + s->cirrus_blt_srcaddr, -+ (*s->cirrus_rop) (s, s->vram_ptr + -+ (s->cirrus_blt_dstaddr & s->cirrus_addr_mask), -+ s->vram_ptr + -+ (s->cirrus_blt_srcaddr & s->cirrus_addr_mask), - s->cirrus_blt_dstpitch, s->cirrus_blt_srcpitch, - s->cirrus_blt_width, s->cirrus_blt_height); - -@@ -765,8 +788,14 @@ - s->cirrus_blt_srcaddr - s->start_addr, - s->cirrus_blt_width, s->cirrus_blt_height); - } else { -- (*s->cirrus_rop) (s, s->vram_ptr + s->cirrus_blt_dstaddr, -- s->vram_ptr + s->cirrus_blt_srcaddr, -+ -+ if (BLTUNSAFE(s)) -+ return 0; -+ -+ (*s->cirrus_rop) (s, s->vram_ptr + -+ (s->cirrus_blt_dstaddr & s->cirrus_addr_mask), -+ s->vram_ptr + -+ (s->cirrus_blt_srcaddr & s->cirrus_addr_mask), - s->cirrus_blt_dstpitch, s->cirrus_blt_srcpitch, - s->cirrus_blt_width, s->cirrus_blt_height); - -@@ -798,8 +827,9 @@ - } else { - /* at least one scan line */ - do { -- (*s->cirrus_rop)(s, s->vram_ptr + s->cirrus_blt_dstaddr, -- s->cirrus_bltbuf, 0, 0, s->cirrus_blt_width, 1); -+ (*s->cirrus_rop)(s, s->vram_ptr + -+ (s->cirrus_blt_dstaddr & s->cirrus_addr_mask), -+ s->cirrus_bltbuf, 0, 0, s->cirrus_blt_width, 1); - cirrus_invalidate_region(s, s->cirrus_blt_dstaddr, 0, - s->cirrus_blt_width, 1); - s->cirrus_blt_dstaddr += s->cirrus_blt_dstpitch; -@@ -1917,7 +1947,7 @@ - unsigned val = mem_value; - uint8_t *dst; - -- dst = s->vram_ptr + offset; -+ dst = s->vram_ptr + (offset &= s->cirrus_addr_mask); - for (x = 0; x < 8; x++) { - if (val & 0x80) { - *dst = s->cirrus_shadow_gr1; -@@ -1940,7 +1970,7 @@ - unsigned val = mem_value; - uint8_t *dst; - -- dst = s->vram_ptr + offset; -+ dst = s->vram_ptr + (offset &= s->cirrus_addr_mask); - for (x = 0; x < 8; x++) { - if (val & 0x80) { - *dst = s->cirrus_shadow_gr1; -Index: qemu-0.8.2/hw/cirrus_vga_rop.h -=================================================================== ---- qemu-0.8.2.orig/hw/cirrus_vga_rop.h 2006-07-22 20:23:34.000000000 +0300 -+++ qemu-0.8.2/hw/cirrus_vga_rop.h 2007-04-20 06:05:59.000000000 +0300 -@@ -31,6 +31,12 @@ glue(cirrus_bitblt_rop_fwd_, ROP_NAME)(C - int x,y; - dstpitch -= bltwidth; - srcpitch -= bltwidth; -+ -+ if (dstpitch < 0 || srcpitch < 0) { -+ /* is 0 valid? srcpitch == 0 could be useful */ -+ return; -+ } -+ - for (y = 0; y < bltheight; y++) { - for (x = 0; x < bltwidth; x++) { - ROP_OP(*dst, *src); Index: qemu-0.8.2/hw/dma.c =================================================================== --- qemu-0.8.2.orig/hw/dma.c 2006-07-22 20:23:34.000000000 +0300 @@ -162,21 +17,27 @@ Index: qemu-0.8.2/hw/dma.c ldebug ("dma_pos %d size %d\n", n, (r->base[COUNT] + 1) << ncont); } -Index: qemu-0.8.2/hw/fdc.c -@@ -1247,7 +1247,12 @@ - len = fdctrl->data_len - fdctrl->data_pos; - if (len > FD_SECTOR_LEN) - len = FD_SECTOR_LEN; -- bdrv_read(cur_drv->bs, fd_sector(cur_drv), fdctrl->fifo, 1); -+ if (cur_drv->bs) { -+ bdrv_read(cur_drv->bs, fd_sector(cur_drv), fdctrl->fifo, 1); -+ } else { -+ FLOPPY_ERROR("can't read data from drive\n"); -+ return 0; -+ } - } - } - retval = fdctrl->fifo[pos]; +Index: qemu/hw/fdc.c +@@ -1322,7 +1322,8 @@ + fd_sector(cur_drv)); + return 0; + } +- if (bdrv_read(cur_drv->bs, fd_sector(cur_drv), fdctrl->fifo, 1) < 0) { ++ if (cur_drv->bs == NULL || ++ bdrv_read(cur_drv->bs, fd_sector(cur_drv), fdctrl->fifo, 1) < 0) { + FLOPPY_DPRINTF("error getting sector %d\n", + fd_sector(cur_drv)); + /* Sure, image size is too small... */ +@@ -1776,7 +1777,8 @@ + if (pos == FD_SECTOR_LEN - 1 || + fdctrl->data_pos == fdctrl->data_len) { + cur_drv = get_cur_drv(fdctrl); +- if (bdrv_write(cur_drv->bs, fd_sector(cur_drv), fdctrl->fifo, 1) < 0) { ++ if (cur_drv->bs == NULL || ++ bdrv_write(cur_drv->bs, fd_sector(cur_drv), fdctrl->fifo, 1) < 0) { + FLOPPY_ERROR("writing sector %d\n", fd_sector(cur_drv)); + return; + } Index: qemu-0.8.2/hw/pc.c =================================================================== --- qemu-0.8.2.orig/hw/pc.c 2007-04-20 06:05:58.000000000 +0300 diff --git a/emulators/qemu-devel/files/patch-CVE-2008-2004 b/emulators/qemu-devel/files/patch-CVE-2008-2004 deleted file mode 100644 index 1e60749606b8..000000000000 --- a/emulators/qemu-devel/files/patch-CVE-2008-2004 +++ /dev/null @@ -1,60 +0,0 @@ -Index: qemu/vl.c -=================================================================== ---- vl.c (revision 4276) -+++ vl.c (revision 4277) -@@ -4961,6 +4961,7 @@ - int bus_id, unit_id; - int cyls, heads, secs, translation; - BlockDriverState *bdrv; -+ BlockDriver *drv = NULL; - int max_devs; - int index; - int cache; -@@ -4968,7 +4969,7 @@ - char *str = arg->opt; - char *params[] = { "bus", "unit", "if", "index", "cyls", "heads", - "secs", "trans", "media", "snapshot", "file", -- "cache", NULL }; -+ "cache", "format", NULL }; - - if (check_params(buf, sizeof(buf), params, str) < 0) { - fprintf(stderr, "qemu: unknown parameter '%s' in '%s'\n", -@@ -5136,6 +5137,14 @@ - } - } - -+ if (get_param_value(buf, sizeof(buf), "format", str)) { -+ drv = bdrv_find_format(buf); -+ if (!drv) { -+ fprintf(stderr, "qemu: '%s' invalid format\n", buf); -+ return -1; -+ } -+ } -+ - if (arg->file == NULL) - get_param_value(file, sizeof(file), "file", str); - else -@@ -5238,7 +5247,7 @@ - bdrv_flags |= BDRV_O_SNAPSHOT; - if (!cache) - bdrv_flags |= BDRV_O_DIRECT; -- if (bdrv_open(bdrv, file, bdrv_flags) < 0 || qemu_key_check(bdrv, file)) { -+ if (bdrv_open2(bdrv, file, bdrv_flags, drv) < 0 || qemu_key_check(bdrv, file)) { - fprintf(stderr, "qemu: could not open disk image %s\n", - file); - return -1; -Index: qemu/qemu-doc.texi -=================================================================== ---- qemu-doc.texi (revision 4276) -+++ qemu-doc.texi (revision 4277) -@@ -261,6 +261,10 @@ - @var{snapshot} is "on" or "off" and allows to enable snapshot for given drive (see @option{-snapshot}). - @item cache=@var{cache} - @var{cache} is "on" or "off" and allows to disable host cache to access data. -+@item format=@var{format} -+Specify which disk @var{format} will be used rather than detecting -+the format. Can be used to specifiy format=raw to avoid interpreting -+an untrusted format header. - @end table - - Instead of @option{-cdrom} you can use: diff --git a/emulators/qemu-devel/files/patch-Makefile b/emulators/qemu-devel/files/patch-Makefile index effe2d44222c..9cb30cef2a6a 100644 --- a/emulators/qemu-devel/files/patch-Makefile +++ b/emulators/qemu-devel/files/patch-Makefile @@ -1,17 +1,17 @@ Index: qemu/Makefile -@@ -19,7 +19,11 @@ - BASE_LDFLAGS += -static +@@ -17,7 +17,11 @@ + LDFLAGS += -static endif ifdef BUILD_DOCS +ifdef NOPORTDOCS -+DOCS=qemu.1 qemu-img.1 ++DOCS=qemu.1 qemu-img.1 qemu-nbd.8 +else - DOCS=qemu-doc.html qemu-tech.html qemu.1 qemu-img.1 + DOCS=qemu-doc.html qemu-tech.html qemu.1 qemu-img.1 qemu-nbd.8 +endif else DOCS= endif -@@ -60,8 +64,10 @@ +@@ -203,13 +211,13 @@ common de-ch es fo fr-ca hu ja mk nl-be pt sl tr install-doc: $(DOCS) @@ -22,3 +22,8 @@ Index: qemu/Makefile ifndef CONFIG_WIN32 mkdir -p "$(DESTDIR)$(mandir)/man1" $(INSTALL) qemu.1 qemu-img.1 "$(DESTDIR)$(mandir)/man1" +- mkdir -p "$(DESTDIR)$(mandir)/man8" +- $(INSTALL) qemu-nbd.8 "$(DESTDIR)$(mandir)/man8" + endif + + install: all $(if $(BUILD_DOCS),install-doc) diff --git a/emulators/qemu-devel/files/patch-cpu-exec.c b/emulators/qemu-devel/files/patch-cpu-exec.c index 3971fba6ddfc..708a76a0eaec 100644 --- a/emulators/qemu-devel/files/patch-cpu-exec.c +++ b/emulators/qemu-devel/files/patch-cpu-exec.c @@ -1,29 +1,27 @@ ---- qemu.orig/cpu-exec.c Mon Jan 14 11:11:02 2008 -+++ qemu/cpu-exec.c Thu Jan 17 23:03:00 2008 -@@ -449,16 +449,18 @@ int cpu_exec(CPUState *env1) - (env->eflags & IF_MASK || env->hflags & HF_HIF_MASK) && - !(env->hflags & HF_INHIBIT_IRQ_MASK)) { - int intno; -- svm_check_intercept(SVM_EXIT_INTR); - env->interrupt_request &= ~(CPU_INTERRUPT_HARD | CPU_INTERRUPT_VIRQ); - intno = cpu_get_pic_interrupt(env); -- if (loglevel & CPU_LOG_TB_IN_ASM) { -- fprintf(logfile, "Servicing hardware INT=0x%02x\n", intno); -- } -- do_interrupt(intno, 0, 0, 0, 1); -- /* ensure that no TB jump will be modified as -- the program flow was changed */ -- BREAK_CHAIN; -+ if(intno>=0) { -+ svm_check_intercept(SVM_EXIT_INTR); -+ if (loglevel & CPU_LOG_TB_IN_ASM) { -+ fprintf(logfile, "Servicing hardware INT=0x%02x\n", intno); -+ } -+ do_interrupt(intno, 0, 0, 0, 1); -+ /* ensure that no TB jump will be modified as -+ the program flow was changed */ -+ BREAK_CHAIN; -+ } +Index: qemu/cpu-exec.c +@@ -394,16 +394,18 @@ + (env->eflags & IF_MASK && + !(env->hflags & HF_INHIBIT_IRQ_MASK))))) { + int intno; +- svm_check_intercept(SVM_EXIT_INTR); + env->interrupt_request &= ~(CPU_INTERRUPT_HARD | CPU_INTERRUPT_VIRQ); + intno = cpu_get_pic_interrupt(env); +- if (loglevel & CPU_LOG_TB_IN_ASM) { +- fprintf(logfile, "Servicing hardware INT=0x%02x\n", intno); ++ if (intno>=0) { ++ svm_check_intercept(SVM_EXIT_INTR); ++ if (loglevel & CPU_LOG_TB_IN_ASM) { ++ fprintf(logfile, "Servicing hardware INT=0x%02x\n", intno); ++ } ++ do_interrupt(intno, 0, 0, 0, 1); ++ /* ensure that no TB jump will be modified as ++ the program flow was changed */ ++ next_tb = 0; + } +- do_interrupt(intno, 0, 0, 0, 1); +- /* ensure that no TB jump will be modified as +- the program flow was changed */ +- next_tb = 0; #if !defined(CONFIG_USER_ONLY) - } else if ((interrupt_request & CPU_INTERRUPT_VIRQ) && - (env->eflags & IF_MASK) && !(env->hflags & HF_INHIBIT_IRQ_MASK)) { + } else if ((interrupt_request & CPU_INTERRUPT_VIRQ) && + (env->eflags & IF_MASK) && diff --git a/emulators/qemu-devel/files/patch-curses_keys.h b/emulators/qemu-devel/files/patch-curses_keys.h deleted file mode 100644 index 697fc53fb98d..000000000000 --- a/emulators/qemu-devel/files/patch-curses_keys.h +++ /dev/null @@ -1,17 +0,0 @@ -Index: qemu/curses_keys.h -=================================================================== -RCS file: /sources/qemu/qemu/curses_keys.h,v -retrieving revision 1.1 -retrieving revision 1.2 -diff -u -p -r1.1 -r1.2 ---- curses_keys.h 10 Feb 2008 16:33:13 -0000 1.1 -+++ curses_keys.h 18 Mar 2008 06:55:27 -0000 1.2 -@@ -198,7 +198,7 @@ int curses2keycode[CURSES_KEYS] = { - - [0x001] = 30 | CNTRL, /* Control + a */ - [0x013] = 31 | CNTRL, /* Control + s */ -- [0x014] = 32 | CNTRL, /* Control + d */ -+ [0x004] = 32 | CNTRL, /* Control + d */ - [0x006] = 33 | CNTRL, /* Control + f */ - [0x007] = 34 | CNTRL, /* Control + g */ - [0x008] = 35 | CNTRL, /* Control + h */ diff --git a/emulators/qemu-devel/files/patch-exec-all.h b/emulators/qemu-devel/files/patch-exec-all.h new file mode 100644 index 000000000000..244bfb05055a --- /dev/null +++ b/emulators/qemu-devel/files/patch-exec-all.h @@ -0,0 +1,10 @@ +Index: qemu/exec-all.h +@@ -30,7 +30,7 @@ + struct TranslationBlock; + + /* XXX: make safe guess about sizes */ +-#define MAX_OP_PER_INSTR 64 ++#define MAX_OP_PER_INSTR 128 /* 64 */ + /* A Call op needs up to 6 + 2N parameters (N = number of arguments). */ + #define MAX_OPC_PARAM 10 + #define OPC_BUF_SIZE 512 diff --git a/emulators/qemu-devel/files/patch-exec.c b/emulators/qemu-devel/files/patch-exec.c new file mode 100644 index 000000000000..64fc4723e24b --- /dev/null +++ b/emulators/qemu-devel/files/patch-exec.c @@ -0,0 +1,30 @@ +Index: qemu/exec.c +@@ -405,6 +405,28 @@ + exit(1); + } + } ++#elif defined(__FreeBSD__) ++ { ++ int flags; ++ void *addr = NULL; ++ flags = MAP_PRIVATE | MAP_ANONYMOUS; ++#if defined(__x86_64__) ++ /* FreeBSD doesn't have MAP_32BIT, use MAP_FIXED and assume ++ * 0x40000000 is free */ ++ flags |= MAP_FIXED; ++ addr = (void *)0x40000000; ++ /* Cannot map more than that */ ++ if (code_gen_buffer_size > (800 * 1024 * 1024)) ++ code_gen_buffer_size = (800 * 1024 * 1024); ++#endif ++ code_gen_buffer = mmap(addr, code_gen_buffer_size, ++ PROT_WRITE | PROT_READ | PROT_EXEC, ++ flags, -1, 0); ++ if (code_gen_buffer == MAP_FAILED) { ++ fprintf(stderr, "Could not allocate dynamic translator buffer\n"); ++ exit(1); ++ } ++ } + #else + code_gen_buffer = qemu_malloc(code_gen_buffer_size); + if (!code_gen_buffer) { diff --git a/emulators/qemu-devel/files/patch-fbsd b/emulators/qemu-devel/files/patch-fbsd index 2492e0a4ea4c..00372eb5e03b 100644 --- a/emulators/qemu-devel/files/patch-fbsd +++ b/emulators/qemu-devel/files/patch-fbsd @@ -20,14 +20,14 @@ Index: qemu/Makefile rm -f *.o *.a $(TOOLS) dyngen$(EXESUF) TAGS *.pod *~ */*~ $(MAKE) -C tests clean Index: qemu/Makefile.target -@@ -649,8 +649,8 @@ +@@ -651,8 +651,8 @@ main.o: CFLAGS+=-p endif -$(QEMU_PROG): $(OBJS) ../libqemu_common.a libqemu.a -- $(CC) $(LDFLAGS) -o $@ $^ $(LIBS) $(SDL_LIBS) $(COCOA_LIBS) $(CURSES_LIBS) +- $(CC) $(LDFLAGS) -o $@ $^ $(LIBS) $(SDL_LIBS) $(COCOA_LIBS) $(CURSES_LIBS) $(BRLAPI_LIBS) +$(QEMU_PROG): $(OBJS) ../libqemu_common.a libqemu.a ../bsd/libmath.a -+ $(CC) $(LDFLAGS) -o $@ $^ $(LIBS) $(SDL_LIBS) $(COCOA_LIBS) $(CURSES_LIBS) ../bsd/libmath.a ++ $(CC) $(LDFLAGS) -o $@ $^ $(LIBS) $(SDL_LIBS) $(COCOA_LIBS) $(CURSES_LIBS) $(BRLAPI_LIBS) ../bsd/libmath.a endif # !CONFIG_USER_ONLY diff --git a/emulators/qemu-devel/files/patch-hw-e1000.c b/emulators/qemu-devel/files/patch-hw-e1000.c deleted file mode 100644 index ee1b81b05cda..000000000000 --- a/emulators/qemu-devel/files/patch-hw-e1000.c +++ /dev/null @@ -1,17 +0,0 @@ -Index: qemu/hw/e1000.c -=================================================================== -RCS file: /sources/qemu/qemu/hw/e1000.c,v -retrieving revision 1.3 -retrieving revision 1.4 -diff -u -p -r1.3 -r1.4 ---- hw/e1000.c 10 Feb 2008 13:34:48 -0000 1.3 -+++ hw/e1000.c 10 Mar 2008 00:02:10 -0000 1.4 -@@ -50,7 +50,7 @@ static int debugflags = DBGBIT(TXERR) | - #endif - - #define IOPORT_SIZE 0x40 --#define PNPMMIO_SIZE 0x60000 -+#define PNPMMIO_SIZE 0x20000 - - /* - * HW models: diff --git a/emulators/qemu-devel/files/patch-libmath2 b/emulators/qemu-devel/files/patch-libmath2 index a6f6475ee8b4..ecff96d0d89e 100644 --- a/emulators/qemu-devel/files/patch-libmath2 +++ b/emulators/qemu-devel/files/patch-libmath2 @@ -55,13 +55,3 @@ Index: qemu/bsd/amd64/s_ldexpl.c +} + +weak_alias(__ldexpl,ldexpl) -Index: qemu/target-i386/helper.c -@@ -2886,6 +2886,8 @@ - ST0 = floatx_round_to_int(ST0, &env->fp_status); - } - -+long double ldexpl(long double, int); -+ - void helper_fscale(void) - { - ST0 = ldexp (ST0, (int)(ST1)); diff --git a/emulators/qemu-devel/files/patch-osdep.c b/emulators/qemu-devel/files/patch-osdep.c index 36adcdbb7667..409dadea8b5f 100644 --- a/emulators/qemu-devel/files/patch-osdep.c +++ b/emulators/qemu-devel/files/patch-osdep.c @@ -1,5 +1,5 @@ Index: qemu/osdep.c -@@ -79,7 +79,9 @@ +@@ -68,7 +68,9 @@ #if defined(USE_KQEMU) @@ -9,7 +9,7 @@ Index: qemu/osdep.c #include <sys/mman.h> #include <fcntl.h> -@@ -90,6 +92,7 @@ +@@ -79,6 +81,7 @@ const char *tmpdir; char phys_ram_file[1024]; void *ptr; @@ -17,7 +17,7 @@ Index: qemu/osdep.c #ifdef HOST_SOLARIS struct statvfs stfs; #else -@@ -151,12 +154,20 @@ +@@ -138,7 +141,9 @@ } unlink(phys_ram_file); } @@ -25,16 +25,19 @@ Index: qemu/osdep.c size = (size + 4095) & ~4095; +#ifndef __FreeBSD__ ftruncate(phys_ram_fd, phys_ram_size + size); - ptr = mmap(NULL, - size, - PROT_WRITE | PROT_READ, MAP_SHARED, - phys_ram_fd, phys_ram_size); -+#else -+ ptr = mmap(NULL, -+ size, -+ PROT_WRITE | PROT_READ, MAP_PRIVATE|MAP_ANON, -+ -1, 0); -+#endif - if (ptr == MAP_FAILED) { + ptr = mmap(NULL, + size, +@@ -148,6 +153,13 @@ fprintf(stderr, "Could not map physical memory\n"); exit(1); + } ++#else ++ ptr = malloc(size); ++ if (ptr == NULL) { ++ fprintf(stderr, "Could not allocate physical memory\n"); ++ exit(1); ++ } ++#endif + phys_ram_size += size; + return ptr; + } diff --git a/emulators/qemu-devel/files/patch-qemu-img.texi b/emulators/qemu-devel/files/patch-qemu-img.texi deleted file mode 100644 index f89d1ea66664..000000000000 --- a/emulators/qemu-devel/files/patch-qemu-img.texi +++ /dev/null @@ -1,19 +0,0 @@ -Index: qemu/qemu-img.texi -@@ -10,7 +10,7 @@ - @table @option - @item create [-e] [-6] [-b @var{base_image}] [-f @var{fmt}] @var{filename} [@var{size}] - @item commit [-f @var{fmt}] @var{filename} --@item convert [-c] [-e] [-6] [-f @var{fmt}] @var{filename} [-O @var{output_fmt}] @var{output_filename} -+@item convert [-c] [-e] [-6] [-f @var{fmt}] [-O @var{output_fmt}] @var{filename} @var{output_filename} - @item info [-f @var{fmt}] @var{filename} - @end table - -@@ -83,7 +83,7 @@ - - Commit the changes recorded in @var{filename} in its base image. - --@item convert [-c] [-e] [-f @var{fmt}] @var{filename} [-O @var{output_fmt}] @var{output_filename} -+@item convert [-c] [-e] [-f @var{fmt}] [-O @var{output_fmt}] @var{filename} @var{output_filename} - - Convert the disk image @var{filename} to disk image @var{output_filename} - using format @var{output_fmt}. It can be optionnaly encrypted diff --git a/emulators/qemu-devel/files/patch-target-i386-translate.c b/emulators/qemu-devel/files/patch-target-i386-translate.c new file mode 100644 index 000000000000..332ce9fcd26e --- /dev/null +++ b/emulators/qemu-devel/files/patch-target-i386-translate.c @@ -0,0 +1,16 @@ +Index: qemu/target-i386/translate.c +@@ -3330,8 +3330,12 @@ + op1_offset = offsetof(CPUX86State,xmm_regs[reg]); + tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset); + sse_op2 = sse_op_table3[(s->dflag == 2) * 2 + ((b >> 8) - 2)]; +- tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]); +- tcg_gen_helper_0_2(sse_op2, cpu_ptr0, cpu_tmp2_i32); ++ if (ot == OT_LONG) { ++ tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]); ++ tcg_gen_helper_0_2(sse_op2, cpu_ptr0, cpu_tmp2_i32); ++ } else { ++ tcg_gen_helper_0_2(sse_op2, cpu_ptr0, cpu_T[0]); ++ } + break; + case 0x02c: /* cvttps2pi */ + case 0x12c: /* cvttpd2pi */ diff --git a/emulators/qemu-devel/files/patch-tcg-i386-tcg-target.c b/emulators/qemu-devel/files/patch-tcg-i386-tcg-target.c new file mode 100644 index 000000000000..73b90d3ad4e7 --- /dev/null +++ b/emulators/qemu-devel/files/patch-tcg-i386-tcg-target.c @@ -0,0 +1,28 @@ +Index: qemu/tcg/i386/tcg-target.c +@@ -360,22 +360,22 @@ + case TCG_COND_LT: + tcg_out_brcond(s, TCG_COND_LT, args[1], args[3], const_args[3], args[5]); + tcg_out_jxx(s, JCC_JNE, label_next); +- tcg_out_brcond(s, TCG_COND_LT, args[0], args[2], const_args[2], args[5]); ++ tcg_out_brcond(s, TCG_COND_LTU, args[0], args[2], const_args[2], args[5]); + break; + case TCG_COND_LE: + tcg_out_brcond(s, TCG_COND_LT, args[1], args[3], const_args[3], args[5]); + tcg_out_jxx(s, JCC_JNE, label_next); +- tcg_out_brcond(s, TCG_COND_LE, args[0], args[2], const_args[2], args[5]); ++ tcg_out_brcond(s, TCG_COND_LEU, args[0], args[2], const_args[2], args[5]); + break; + case TCG_COND_GT: + tcg_out_brcond(s, TCG_COND_GT, args[1], args[3], const_args[3], args[5]); + tcg_out_jxx(s, JCC_JNE, label_next); +- tcg_out_brcond(s, TCG_COND_GT, args[0], args[2], const_args[2], args[5]); ++ tcg_out_brcond(s, TCG_COND_GTU, args[0], args[2], const_args[2], args[5]); + break; + case TCG_COND_GE: + tcg_out_brcond(s, TCG_COND_GT, args[1], args[3], const_args[3], args[5]); + tcg_out_jxx(s, JCC_JNE, label_next); +- tcg_out_brcond(s, TCG_COND_GE, args[0], args[2], const_args[2], args[5]); ++ tcg_out_brcond(s, TCG_COND_GEU, args[0], args[2], const_args[2], args[5]); + break; + case TCG_COND_LTU: + tcg_out_brcond(s, TCG_COND_LTU, args[1], args[3], const_args[3], args[5]); diff --git a/emulators/qemu-devel/files/patch-tcg-tcg-op.h b/emulators/qemu-devel/files/patch-tcg-tcg-op.h deleted file mode 100644 index 78075092eed0..000000000000 --- a/emulators/qemu-devel/files/patch-tcg-tcg-op.h +++ /dev/null @@ -1,19 +0,0 @@ -Index: qemu/tcg/tcg-op.h -@@ -1172,7 +1172,7 @@ - tcg_gen_op3i(INDEX_op_qemu_ld8s, ret, addr, mem_index); - #else - tcg_gen_op4i(INDEX_op_qemu_ld8s, ret, addr, TCGV_HIGH(addr), mem_index); -- tcg_gen_ext8s_i32(TCGV_HIGH(ret), ret); -+ tcg_gen_sari_i32(TCGV_HIGH(ret), ret, 31); - #endif - } - -@@ -1192,7 +1192,7 @@ - tcg_gen_op3i(INDEX_op_qemu_ld16s, ret, addr, mem_index); - #else - tcg_gen_op4i(INDEX_op_qemu_ld16s, ret, addr, TCGV_HIGH(addr), mem_index); -- tcg_gen_ext16s_i32(TCGV_HIGH(ret), ret); -+ tcg_gen_sari_i32(TCGV_HIGH(ret), ret, 31); - #endif - } - diff --git a/emulators/qemu-devel/files/patch-vl.c b/emulators/qemu-devel/files/patch-vl.c index ec763da3848a..557508452062 100644 --- a/emulators/qemu-devel/files/patch-vl.c +++ b/emulators/qemu-devel/files/patch-vl.c @@ -7,23 +7,15 @@ Index: qemu/vl.c #else CharDriverState *qemu_chr_open_pty(void) -@@ -1771,14 +1771,14 @@ - return chr; +@@ -2334,7 +2334,7 @@ } + #endif -#if defined(__linux__) || defined(__sun__) +#if defined(__linux__) || defined(__sun__) || defined(__FreeBSD__) static CharDriverState *qemu_chr_open_pty(void) { struct termios tty; - char slave_name[1024]; - int master_fd, slave_fd; - --#if defined(__linux__) -+#if defined(__linux__) || defined(__FreeBSD__) - /* Not satisfying */ - if (openpty(&master_fd, &slave_fd, slave_name, NULL, NULL) < 0) { - return NULL; @@ -3036,7 +3036,7 @@ return qemu_chr_open_pp(filename); } else diff --git a/emulators/qemu-devel/files/patch-vl.c-nographic b/emulators/qemu-devel/files/patch-vl.c-nographic deleted file mode 100644 index eafbd45705af..000000000000 --- a/emulators/qemu-devel/files/patch-vl.c-nographic +++ /dev/null @@ -1,9 +0,0 @@ -Index: qemu/vl.c -@@ -7131,6 +7131,7 @@ - case QEMU_OPTION_nographic: - pstrcpy(serial_devices[0], sizeof(serial_devices[0]), "stdio"); - pstrcpy(monitor_device, sizeof(monitor_device), "stdio"); -+ pstrcpy(parallel_devices[0], sizeof(parallel_devices[0]), "null"); - nographic = 1; - break; - case QEMU_OPTION_kernel: |