LAKITU: add QEMU 5.2.0 from the Gentoo upstream
Performance of QEMU up to 5.2.0 is severely affected by the compiler.
The clang build is 100 times slower than GCC build when measured by
this microbenchmark: dd if=/dev/zero bs=1M count=256 | md5sum
This performance issue causes systemd services time out during
boot up and renders booted COS image unusable.
There is no clean way to force-rebuild QEMU when setting up chroot
so instead bring 5.2.0 from the Gentoo upstream to chromiumos-overlay
as the most future-proof workaround. Once portage-stable version
catches up and overtakes 5.2.0, it'll be used instead of this ebuild.
ncurses flag has to be disabled because 5.2.0 requires ncurses 6
which has not been ported from the upstream yet.
BUG=b/175740674
TEST=run VMtest using new version of QEMU
RELEASE_NOTE=None
Change-Id: I0f6717c6d9f6de08f5584375063c3d6428e93e05
Reviewed-on: https://cos-review.googlesource.com/c/third_party/overlays/chromiumos-overlay/+/11890
Reviewed-by: Roy Yang <royyang@google.com>
Tested-by: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
index 96bd155..2157b27 100644
--- a/app-emulation/qemu/Manifest
+++ b/app-emulation/qemu/Manifest
@@ -1,3 +1 @@
-DIST qemu-20200718-keycodemapdb.tar.gz 47598 BLAKE2B 8ffeb7afd4c2ccbdb686d61428dc106a98907a96bb4980e187eace15c1c2454196fd16cb7b48d1887db98ff9aea55089ab192479068eaec0ac04c9e632fe5e81 SHA512 0db43f9933b5837ff534415c7084777f939ed3db7523e73fbb046567b96d5c097cf81b7670368447b6da38d514c62e0ede9b4b872954c4f42078b0dc8431e66d
-DIST qemu-20200729-berkeley-testfloat-3.tar.gz 139221 BLAKE2B 7e4a0632224f8e8d5a11ae373bbe334adb3eaee9c0bc5626be1d6148cbb219b2311ce20bc7a8ff7d532f932c497fc8f3ead75ccf4a8d406fcc4e0fca15061c0a SHA512 98a8b1be0c2854e36f1eef9de0ea5609a30e35cf231da7bb63242d636a6139d61ff78f117e8e24e0d076a588abf12cbeea06dc8ba625b84feccc07e05cd365a3
-DIST qemu-20200729-slirp.tar.gz 126451 BLAKE2B cf139056b275b54aec11e708bc7832817b707c91adaaa830c5e73ca03f3283d699073d96cac0c64a2fe72abe60c35b8d7b5f777d70ba7d2aabce1f21b6b1b5e4 SHA512 09038eb718b01a67389d1a9db1b5a4db6e0195ea4365670b90dbb3a87e18b82b85e43c24f718eba3c4045a325469836c6da0286bd5d8952ca171e9eb7800d19f
+DIST qemu-5.2.0.tar.xz 106902800 BLAKE2B 4413d5591cbabf80faba5b0b7347ee7749ff0a71af44bdf7f64b1995e17ecf1f3df539fa8e63959e0d50cd0502a41a2921e60cc6d078ed8ab5b09ab4b86d4ed7 SHA512 bddd633ce111471ebc651e03080251515178808556b49a308a724909e55dac0be0cc0c79c536ac12d239678ae94c60100dc124be9b9d9538340c03a2f27177f3
diff --git a/app-emulation/qemu/files/qemu-2.11.1-capstone_include_path.patch b/app-emulation/qemu/files/qemu-2.11.1-capstone_include_path.patch
new file mode 100644
index 0000000..d79570e
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.11.1-capstone_include_path.patch
@@ -0,0 +1,11 @@
+--- qemu-2.11.1/include/disas/capstone.h 2018-02-14 22:53:22.000000000 +0100
++++ qemu-2.11.1/include/disas/capstone.h 2018-02-17 20:12:12.754703951 +0100
+@@ -3,7 +3,7 @@
+
+ #ifdef CONFIG_CAPSTONE
+
+-#include <capstone.h>
++#include <capstone/capstone.h>
+
+ #else
+
diff --git a/app-emulation/qemu/files/qemu-5.2.0-cleaner-werror.patch b/app-emulation/qemu/files/qemu-5.2.0-cleaner-werror.patch
new file mode 100644
index 0000000..33115f1
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-5.2.0-cleaner-werror.patch
@@ -0,0 +1,40 @@
+-Wall -Wextra compains about unused arguments,
+causes safe-stack to be mis-detected.
+--- a/configure
++++ b/configure
+@@ -2293,7 +2293,7 @@ fi
+ cat > $TMPC << EOF
+ #include <stdint.h>
+ #include <stdio.h>
+-int main(int argc, char *argv[]) {
++int main(void) {
+ return printf("%zu", SIZE_MAX);
+ }
+ EOF
+@@ -4911,7 +4911,7 @@ fi
+
+ if test "$safe_stack" = "yes"; then
+ cat > $TMPC << EOF
+-int main(int argc, char *argv[])
++int main(void)
+ {
+ #if ! __has_feature(safe_stack)
+ #error SafeStack Disabled
+@@ -4933,7 +4933,7 @@ EOF
+ fi
+ else
+ cat > $TMPC << EOF
+-int main(int argc, char *argv[])
++int main(void)
+ {
+ #if defined(__has_feature)
+ #if __has_feature(safe_stack)
+@@ -5283,7 +5283,7 @@ static const int Z = 1;
+ #define TAUT(X) ((X) == Z)
+ #define PAREN(X, Y) (X == Y)
+ #define ID(X) (X)
+-int main(int argc, char *argv[])
++int main(void)
+ {
+ int x = 0, y = 0;
+ x = ID(x);
diff --git a/app-emulation/qemu/files/qemu-5.2.0-disable-keymap.patch b/app-emulation/qemu/files/qemu-5.2.0-disable-keymap.patch
new file mode 100644
index 0000000..4b5676b
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-5.2.0-disable-keymap.patch
@@ -0,0 +1,25 @@
+Do not use system's 'qemu-keymap' in native case.
+--- a/meson.build
++++ b/meson.build
+@@ -337,6 +337,8 @@ if 'CONFIG_LIBCAP_NG' in config_host
+ endif
+ if get_option('xkbcommon').auto() and not have_system and not have_tools
+ xkbcommon = not_found
++elif get_option('xkbcommon').disabled()
++ xkbcommon = not_found
+ else
+ xkbcommon = dependency('xkbcommon', required: get_option('xkbcommon'),
+ method: 'pkg-config', static: enable_static)
+--- a/pc-bios/keymaps/meson.build
++++ b/pc-bios/keymaps/meson.build
+@@ -33,7 +33,9 @@ keymaps = {
+ 'tr': '-l tr',
+ }
+
+-if meson.is_cross_build() or 'CONFIG_XKBCOMMON' not in config_host
++if meson.is_cross_build()
+ native_qemu_keymap = find_program('qemu-keymap', required: false, disabler: true)
++elif get_option('xkbcommon').disabled()
++ native_qemu_keymap = not_found
+ else
+ native_qemu_keymap = qemu_keymap
diff --git a/app-emulation/qemu/files/qemu-5.2.0-strings.patch b/app-emulation/qemu/files/qemu-5.2.0-strings.patch
new file mode 100644
index 0000000..0b3dcdc
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-5.2.0-strings.patch
@@ -0,0 +1,23 @@
+https://bugs.gentoo.org/759310
+--- a/configure
++++ b/configure
+@@ -521,6 +521,7 @@ ld="${LD-${cross_prefix}ld}"
+ ranlib="${RANLIB-${cross_prefix}ranlib}"
+ nm="${NM-${cross_prefix}nm}"
+ strip="${STRIP-${cross_prefix}strip}"
++strings="${STRINGS-${cross_prefix}strings}"
+ windres="${WINDRES-${cross_prefix}windres}"
+ pkg_config_exe="${PKG_CONFIG-${cross_prefix}pkg-config}"
+ query_pkg_config() {
+@@ -2265,9 +2266,9 @@ int main(int argc, char *argv[]) {
+ EOF
+
+ if compile_object ; then
+- if strings -a $TMPO | grep -q BiGeNdIaN ; then
++ if $strings -a $TMPO | grep -q BiGeNdIaN ; then
+ bigendian="yes"
+- elif strings -a $TMPO | grep -q LiTtLeEnDiAn ; then
++ elif $strings -a $TMPO | grep -q LiTtLeEnDiAn ; then
+ bigendian="no"
+ else
+ echo big/little test failed
diff --git a/app-emulation/qemu/metadata.xml b/app-emulation/qemu/metadata.xml
index 0c30c45..930ce27 100644
--- a/app-emulation/qemu/metadata.xml
+++ b/app-emulation/qemu/metadata.xml
@@ -29,6 +29,8 @@
<pkg>net-libs/libiscsi</pkg> instead of indirectly via the Linux
block layer that <pkg>sys-block/open-iscsi</pkg> does.</flag>
<flag name="io-uring">Enable efficient I/O via <pkg>sys-libs/liburing</pkg>.</flag>
+ <flag name="multipath">Enable multipath persistent reservation passthrough via
+ <pkg>sys-fs/multipath-tools</pkg>.</flag>
<flag name="ncurses">Enable the ncurses-based console</flag>
<flag name="nfs">Enable NFS support</flag>
<flag name="numa">Enable NUMA support</flag>
@@ -40,12 +42,12 @@
<flag name="rbd">Enable rados block device backend support, see http://ceph.newdream.net/wiki/QEMU-RBD</flag>
<flag name="sdl">Enable the SDL-based console</flag>
<flag name="sdl-image">SDL Image support for icons</flag>
+ <flag name="slirp">Enable TCP/IP in hypervisor via <pkg>net-libs/libslirp</pkg></flag>
<flag name="spice">Enable Spice protocol support via <pkg>app-emulation/spice</pkg></flag>
<flag name="ssh">Enable SSH based block device support via <pkg>net-libs/libssh2</pkg></flag>
<flag name="static-user">Build the User targets as static binaries</flag>
<flag name="static">Build the User and Software MMU (system) targets as well as tools as static binaries</flag>
<flag name="systemtap">Enable SystemTAP/DTrace tracing</flag>
- <flag name="tci">Enable the TCG Interpreter which can speed up or slowdown workloads depending on the host and guest CPUs being emulated. In the future it will be a runtime option but for now its compile time.</flag>
<flag name="jemalloc">Enable jemalloc allocator support</flag>
<flag name="jpeg">Enable jpeg image support for the VNC console server</flag>
<flag name="png">Enable png image support for the VNC console server</flag>
@@ -58,8 +60,7 @@
<flag name="virtfs">Enable VirtFS via virtio-9p-pci / fsdev. See http://wiki.qemu.org/Documentation/9psetup</flag>
<flag name="vte">Enable terminal support (<pkg>x11-libs/vte</pkg>) in the GTK+ interface</flag>
<flag name="xattr">Add support for getting and setting POSIX extended attributes, through
- <pkg>sys-apps/attr</pkg>. Requisite for the virtfs backend.
- </flag>
+ <pkg>sys-apps/attr</pkg>. Requisite for the virtfs backend.</flag>
<flag name="xen">Enables support for Xen backends</flag>
<flag name="xfs">Support xfsctl() notification and syncing for XFS backed
virtual disks.</flag>
diff --git a/app-emulation/qemu/qemu-5.2.0-r1.ebuild b/app-emulation/qemu/qemu-5.2.0-r1.ebuild
new file mode 120000
index 0000000..babb047
--- /dev/null
+++ b/app-emulation/qemu/qemu-5.2.0-r1.ebuild
@@ -0,0 +1 @@
+qemu-5.2.0.ebuild
\ No newline at end of file
diff --git a/app-emulation/qemu/qemu-5.2.0.ebuild b/app-emulation/qemu/qemu-5.2.0.ebuild
new file mode 100644
index 0000000..66da0a4
--- /dev/null
+++ b/app-emulation/qemu/qemu-5.2.0.ebuild
@@ -0,0 +1,857 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+
+PYTHON_COMPAT=( python3_{6,7,8,9} )
+PYTHON_REQ_USE="ncurses,readline"
+
+FIRMWARE_ABI_VERSION="4.0.0-r50"
+
+inherit eutils linux-info toolchain-funcs multilib python-r1 \
+ udev fcaps readme.gentoo-r1 pax-utils l10n xdg-utils
+
+if [[ ${PV} = *9999* ]]; then
+ EGIT_REPO_URI="https://git.qemu.org/git/qemu.git"
+ EGIT_SUBMODULES=(
+ meson
+ tests/fp/berkeley-softfloat-3
+ tests/fp/berkeley-testfloat-3
+ ui/keycodemapdb
+ )
+ inherit git-r3
+ SRC_URI=""
+else
+ SRC_URI="https://download.qemu.org/${P}.tar.xz"
+ KEYWORDS="*"
+fi
+
+DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
+HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
+
+LICENSE="GPL-2 LGPL-2 BSD-2"
+SLOT="0"
+
+IUSE="accessibility +aio alsa bzip2 capstone +caps +curl debug doc
+ +fdt glusterfs gnutls gtk infiniband iscsi io-uring
+ jack jemalloc +jpeg kernel_linux
+ kernel_FreeBSD lzo multipath
+ ncurses nfs nls numa opengl +oss +pin-upstream-blobs
+ plugins +png pulseaudio python rbd sasl +seccomp sdl sdl-image selinux
+ +slirp
+ smartcard snappy spice ssh static static-user systemtap test udev usb
+ usbredir vde +vhost-net vhost-user-fs virgl virtfs +vnc vte xattr xen
+ xfs zstd"
+
+COMMON_TARGETS="aarch64 alpha arm cris hppa i386 m68k microblaze microblazeel
+ mips mips64 mips64el mipsel nios2 or1k ppc ppc64 riscv32 riscv64 s390x
+ sh4 sh4eb sparc sparc64 x86_64 xtensa xtensaeb"
+IUSE_SOFTMMU_TARGETS="${COMMON_TARGETS}
+ avr lm32 moxie rx tricore unicore32"
+IUSE_USER_TARGETS="${COMMON_TARGETS}
+ aarch64_be armeb mipsn32 mipsn32el ppc64abi32 ppc64le sparc32plus
+ tilegx"
+
+use_softmmu_targets=$(printf ' qemu_softmmu_targets_%s' ${IUSE_SOFTMMU_TARGETS})
+use_user_targets=$(printf ' qemu_user_targets_%s' ${IUSE_USER_TARGETS})
+IUSE+=" ${use_softmmu_targets} ${use_user_targets}"
+
+RESTRICT="!test? ( test )"
+# Allow no targets to be built so that people can get a tools-only build.
+# Block USE flag configurations known to not work.
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ qemu_softmmu_targets_arm? ( fdt )
+ qemu_softmmu_targets_microblaze? ( fdt )
+ qemu_softmmu_targets_mips64el? ( fdt )
+ qemu_softmmu_targets_ppc64? ( fdt )
+ qemu_softmmu_targets_ppc? ( fdt )
+ qemu_softmmu_targets_riscv32? ( fdt )
+ qemu_softmmu_targets_riscv64? ( fdt )
+ static? ( static-user !alsa !gtk !jack !opengl !pulseaudio !plugins !rbd !snappy )
+ static-user? ( !plugins )
+ vhost-user-fs? ( caps seccomp )
+ virtfs? ( caps xattr )
+ vte? ( gtk )
+ multipath? ( udev )
+ plugins? ( !static !static-user )
+"
+
+# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
+# and user/softmmu targets (qemu-*, qemu-system-*).
+#
+# Yep, you need both libcap and libcap-ng since virtfs only uses libcap.
+#
+# The attr lib isn't always linked in (although the USE flag is always
+# respected). This is because qemu supports using the C library's API
+# when available rather than always using the external library.
+ALL_DEPEND="
+ >=dev-libs/glib-2.0[static-libs(+)]
+ sys-libs/zlib[static-libs(+)]
+ python? ( ${PYTHON_DEPS} )
+ systemtap? ( dev-util/systemtap )
+ xattr? ( sys-apps/attr[static-libs(+)] )"
+
+# Dependencies required for qemu tools (qemu-nbd, qemu-img, qemu-io, ...)
+# softmmu targets (qemu-system-*).
+SOFTMMU_TOOLS_DEPEND="
+ dev-libs/libxml2[static-libs(+)]
+ >=x11-libs/pixman-0.28.0[static-libs(+)]
+ accessibility? (
+ app-accessibility/brltty[api]
+ app-accessibility/brltty[static-libs(+)]
+ )
+ aio? ( dev-libs/libaio[static-libs(+)] )
+ alsa? ( >=media-libs/alsa-lib-1.0.13 )
+ bzip2? ( app-arch/bzip2[static-libs(+)] )
+ capstone? ( dev-libs/capstone:= )
+ caps? ( sys-libs/libcap-ng[static-libs(+)] )
+ curl? ( >=net-misc/curl-7.15.4[static-libs(+)] )
+ fdt? ( >=sys-apps/dtc-1.5.0[static-libs(+)] )
+ glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] )
+ gnutls? (
+ dev-libs/nettle:=[static-libs(+)]
+ >=net-libs/gnutls-3.0:=[static-libs(+)]
+ )
+ gtk? (
+ x11-libs/gtk+:3
+ vte? ( x11-libs/vte:2.91 )
+ )
+ infiniband? (
+ sys-fabric/libibumad:=[static-libs(+)]
+ sys-fabric/libibverbs:=[static-libs(+)]
+ sys-fabric/librdmacm:=[static-libs(+)]
+ )
+ iscsi? ( net-libs/libiscsi )
+ io-uring? ( sys-libs/liburing:=[static-libs(+)] )
+ jack? ( virtual/jack )
+ jemalloc? ( dev-libs/jemalloc )
+ jpeg? ( virtual/jpeg:0=[static-libs(+)] )
+ lzo? ( dev-libs/lzo:2[static-libs(+)] )
+ multipath? ( sys-fs/multipath-tools )
+ ncurses? (
+ sys-libs/ncurses:0=[unicode]
+ sys-libs/ncurses:0=[static-libs(+)]
+ )
+ nfs? ( >=net-fs/libnfs-1.9.3:=[static-libs(+)] )
+ numa? ( sys-process/numactl[static-libs(+)] )
+ opengl? (
+ virtual/opengl
+ media-libs/libepoxy[static-libs(+)]
+ media-libs/mesa[static-libs(+)]
+ media-libs/mesa[egl,gbm]
+ )
+ png? ( media-libs/libpng:0=[static-libs(+)] )
+ pulseaudio? ( media-sound/pulseaudio )
+ rbd? ( sys-cluster/ceph )
+ sasl? ( dev-libs/cyrus-sasl[static-libs(+)] )
+ sdl? (
+ media-libs/libsdl2[video]
+ media-libs/libsdl2[static-libs(+)]
+ )
+ sdl-image? ( media-libs/sdl2-image[static-libs(+)] )
+ seccomp? ( >=sys-libs/libseccomp-2.1.0[static-libs(+)] )
+ slirp? ( net-libs/libslirp[static-libs(+)] )
+ smartcard? ( >=app-emulation/libcacard-2.5.0[static-libs(+)] )
+ snappy? ( app-arch/snappy:= )
+ spice? (
+ >=app-emulation/spice-protocol-0.12.3
+ >=app-emulation/spice-0.12.0[static-libs(+)]
+ )
+ ssh? ( >=net-libs/libssh-0.8.6[static-libs(+)] )
+ udev? ( virtual/libudev[static-libs(+)] )
+ usb? ( >=virtual/libusb-1-r2[static-libs(+)] )
+ usbredir? ( >=sys-apps/usbredir-0.6[static-libs(+)] )
+ vde? ( net-misc/vde[static-libs(+)] )
+ virgl? ( media-libs/virglrenderer[static-libs(+)] )
+ virtfs? ( sys-libs/libcap )
+ xen? ( app-emulation/xen-tools:= )
+ xfs? ( sys-fs/xfsprogs[static-libs(+)] )
+ zstd? ( >=app-arch/zstd-1.4.0[static-libs(+)] )
+"
+
+X86_FIRMWARE_DEPEND="
+ pin-upstream-blobs? (
+ ~sys-firmware/edk2-ovmf-201905[binary]
+ ~sys-firmware/ipxe-1.0.0_p20190728[binary,qemu]
+ ~sys-firmware/seabios-1.12.0[binary,seavgabios]
+ ~sys-firmware/sgabios-0.1_pre8[binary]
+ )
+ !pin-upstream-blobs? (
+ sys-firmware/edk2-ovmf
+ sys-firmware/ipxe[qemu]
+ >=sys-firmware/seabios-1.10.2[seavgabios]
+ sys-firmware/sgabios
+ )"
+PPC64_FIRMWARE_DEPEND="
+ pin-upstream-blobs? (
+ ~sys-firmware/seabios-1.12.0[binary,seavgabios]
+ )
+ !pin-upstream-blobs? (
+ >=sys-firmware/seabios-1.10.2[seavgabios]
+ )
+"
+
+BDEPEND="
+ $(python_gen_impl_dep)
+ dev-lang/perl
+ sys-apps/texinfo
+ virtual/pkgconfig
+ doc? ( dev-python/sphinx )
+ gtk? ( nls? ( sys-devel/gettext ) )
+ test? (
+ dev-libs/glib[utils]
+ sys-devel/bc
+ )
+"
+CDEPEND="
+ !static? (
+ ${ALL_DEPEND//\[static-libs(+)]}
+ ${SOFTMMU_TOOLS_DEPEND//\[static-libs(+)]}
+ )
+ qemu_softmmu_targets_i386? ( ${X86_FIRMWARE_DEPEND} )
+ qemu_softmmu_targets_x86_64? ( ${X86_FIRMWARE_DEPEND} )
+ qemu_softmmu_targets_ppc64? ( ${PPC64_FIRMWARE_DEPEND} )
+"
+DEPEND="${CDEPEND}
+ kernel_linux? ( >=sys-kernel/linux-headers-2.6.35 )
+ static? (
+ ${ALL_DEPEND}
+ ${SOFTMMU_TOOLS_DEPEND}
+ )
+ static-user? ( ${ALL_DEPEND} )"
+RDEPEND="${CDEPEND}
+ acct-group/kvm
+ selinux? ( sec-policy/selinux-qemu )"
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-2.11.1-capstone_include_path.patch
+ "${FILESDIR}"/${PN}-5.2.0-cleaner-werror.patch
+ "${FILESDIR}"/${PN}-5.2.0-disable-keymap.patch
+ "${FILESDIR}"/${PN}-5.2.0-strings.patch
+)
+
+QA_PREBUILT="
+ usr/share/qemu/hppa-firmware.img
+ usr/share/qemu/openbios-ppc
+ usr/share/qemu/openbios-sparc64
+ usr/share/qemu/openbios-sparc32
+ usr/share/qemu/opensbi-riscv64-generic-fw_dynamic.elf
+ usr/share/qemu/opensbi-riscv32-generic-fw_dynamic.elf
+ usr/share/qemu/palcode-clipper
+ usr/share/qemu/s390-ccw.img
+ usr/share/qemu/s390-netboot.img
+ usr/share/qemu/u-boot.e500
+"
+
+QA_WX_LOAD="usr/bin/qemu-i386
+ usr/bin/qemu-x86_64
+ usr/bin/qemu-alpha
+ usr/bin/qemu-arm
+ usr/bin/qemu-cris
+ usr/bin/qemu-m68k
+ usr/bin/qemu-microblaze
+ usr/bin/qemu-microblazeel
+ usr/bin/qemu-mips
+ usr/bin/qemu-mipsel
+ usr/bin/qemu-or1k
+ usr/bin/qemu-ppc
+ usr/bin/qemu-ppc64
+ usr/bin/qemu-ppc64abi32
+ usr/bin/qemu-sh4
+ usr/bin/qemu-sh4eb
+ usr/bin/qemu-sparc
+ usr/bin/qemu-sparc64
+ usr/bin/qemu-armeb
+ usr/bin/qemu-sparc32plus
+ usr/bin/qemu-s390x
+ usr/bin/qemu-unicore32
+"
+
+DOC_CONTENTS="If you don't have kvm compiled into the kernel, make sure you have the
+kernel module loaded before running kvm. The easiest way to ensure that the
+kernel module is loaded is to load it on boot.
+ For AMD CPUs the module is called 'kvm-amd'.
+ For Intel CPUs the module is called 'kvm-intel'.
+Please review /etc/conf.d/modules for how to load these.
+
+Make sure your user is in the 'kvm' group. Just run
+ $ gpasswd -a <USER> kvm
+then have <USER> re-login.
+
+For brand new installs, the default permissions on /dev/kvm might not let
+you access it. You can tell udev to reset ownership/perms:
+ $ udevadm trigger -c add /dev/kvm
+
+If you want to register binfmt handlers for qemu user targets:
+For openrc:
+ # rc-update add qemu-binfmt
+For systemd:
+ # ln -s /usr/share/qemu/binfmt.d/qemu.conf /etc/binfmt.d/qemu.conf"
+
+pkg_pretend() {
+ if use kernel_linux && kernel_is lt 2 6 25; then
+ eerror "This version of KVM requires a host kernel of 2.6.25 or higher."
+ elif use kernel_linux; then
+ if ! linux_config_exists; then
+ eerror "Unable to check your kernel for KVM support"
+ else
+ CONFIG_CHECK="~KVM ~TUN ~BRIDGE"
+ ERROR_KVM="You must enable KVM in your kernel to continue"
+ ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in"
+ ERROR_KVM_AMD+=" your kernel configuration."
+ ERROR_KVM_INTEL="If you have an Intel CPU, you must enable"
+ ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration."
+ ERROR_TUN="You will need the Universal TUN/TAP driver compiled"
+ ERROR_TUN+=" into your kernel or loaded as a module to use the"
+ ERROR_TUN+=" virtual network device if using -net tap."
+ ERROR_BRIDGE="You will also need support for 802.1d"
+ ERROR_BRIDGE+=" Ethernet Bridging for some network configurations."
+ use vhost-net && CONFIG_CHECK+=" ~VHOST_NET"
+ ERROR_VHOST_NET="You must enable VHOST_NET to have vhost-net"
+ ERROR_VHOST_NET+=" support"
+
+ if use amd64 || use x86 || use amd64-linux || use x86-linux; then
+ if grep -q AuthenticAMD /proc/cpuinfo; then
+ CONFIG_CHECK+=" ~KVM_AMD"
+ elif grep -q GenuineIntel /proc/cpuinfo; then
+ CONFIG_CHECK+=" ~KVM_INTEL"
+ fi
+ fi
+
+ use python && CONFIG_CHECK+=" ~DEBUG_FS"
+ ERROR_DEBUG_FS="debugFS support required for kvm_stat"
+
+ # Now do the actual checks setup above
+ check_extra_config
+ fi
+ fi
+
+ if grep -qs '/usr/bin/qemu-kvm' "${EROOT}"/etc/libvirt/qemu/*.xml; then
+ eerror "The kvm/qemu-kvm wrappers no longer exist, but your libvirt"
+ eerror "instances are still pointing to it. Please update your"
+ eerror "configs in /etc/libvirt/qemu/ to use the -enable-kvm flag"
+ eerror "and the right system binary (e.g. qemu-system-x86_64)."
+ die "update your virt configs to not use qemu-kvm"
+ fi
+}
+
+# Sanity check to make sure target lists are kept up-to-date.
+check_targets() {
+ local var=$1 mak=$2
+ local detected sorted
+
+ pushd "${S}"/default-configs/targets/ >/dev/null || die
+
+ # Force C locale until glibc is updated. #564936
+ detected=$(echo $(printf '%s\n' *-${mak}.mak | sed "s:-${mak}.mak::" | LC_COLLATE=C sort -u))
+ sorted=$(echo $(printf '%s\n' ${!var} | LC_COLLATE=C sort -u))
+ if [[ ${sorted} != "${detected}" ]] ; then
+ eerror "The ebuild needs to be kept in sync."
+ eerror "${var}: ${sorted}"
+ eerror "$(printf '%-*s' ${#var} configure): ${detected}"
+ die "sync ${var} to the list of targets"
+ fi
+
+ popd >/dev/null
+}
+
+src_prepare() {
+ check_targets IUSE_SOFTMMU_TARGETS softmmu
+ check_targets IUSE_USER_TARGETS linux-user
+
+ default
+
+ # Use correct toolchain to fix cross-compiling
+ tc-export AR AS LD NM OBJCOPY PKG_CONFIG RANLIB STRINGS
+ export WINDRES=${CHOST}-windres
+
+ # Verbose builds
+ MAKEOPTS+=" V=1"
+
+ # Remove bundled copy of libfdt
+ rm -r dtc || die
+}
+
+##
+# configures qemu based on the build directory and the build type
+# we are using.
+#
+qemu_src_configure() {
+ debug-print-function ${FUNCNAME} "$@"
+
+ local buildtype=$1
+ local builddir="${S}/${buildtype}-build"
+
+ mkdir "${builddir}"
+
+ local conf_opts=(
+ --prefix=/usr
+ --sysconfdir=/etc
+ --bindir=/usr/bin
+ --libdir=/usr/$(get_libdir)
+ --datadir=/usr/share
+ --docdir=/usr/share/doc/${PF}/html
+ --mandir=/usr/share/man
+ --localstatedir=/var
+ --disable-bsd-user
+ --disable-containers # bug #732972
+ --disable-guest-agent
+ --disable-strip
+
+ # bug #746752: TCG interpreter has a few limitations:
+ # - it does not support FPU
+ # - it's generally slower on non-self-modifying code
+ # It's advantage is support for host architectures
+ # where native codegeneration is not implemented.
+ # Gentoo has qemu keyworded only on targets with
+ # native code generation available. Avoid the interpreter.
+ --disable-tcg-interpreter
+
+ --disable-werror
+ # We support gnutls/nettle for crypto operations. It is possible
+ # to use gcrypt when gnutls/nettle are disabled (but not when they
+ # are enabled), but it's not really worth the hassle. Disable it
+ # all the time to avoid automatically detecting it. #568856
+ --disable-gcrypt
+ --python="${PYTHON}"
+ --cc="$(tc-getCC)"
+ --cxx="$(tc-getCXX)"
+ --host-cc="$(tc-getBUILD_CC)"
+ $(use_enable debug debug-info)
+ $(use_enable debug debug-tcg)
+ $(use_enable doc docs)
+ $(use_enable nls gettext)
+ $(use_enable plugins)
+ $(use_enable xattr attr)
+ )
+
+ # Disable options not used by user targets. This simplifies building
+ # static user targets (USE=static-user) considerably.
+ conf_notuser() {
+ if [[ ${buildtype} == "user" ]] ; then
+ echo "--disable-${2:-$1}"
+ else
+ use_enable "$@"
+ fi
+ }
+ # Enable option only for softmmu build, but not 'user' or 'tools'
+ conf_softmmu() {
+ if [[ ${buildtype} == "softmmu" ]] ; then
+ use_enable "$@"
+ else
+ echo "--disable-${2:-$1}"
+ fi
+ }
+ # Enable option only for tools build, but not 'user' or 'softmmu'
+ conf_tools() {
+ if [[ ${buildtype} == "tools" ]] ; then
+ use_enable "$@"
+ else
+ echo "--disable-${2:-$1}"
+ fi
+ }
+ conf_opts+=(
+ $(conf_notuser accessibility brlapi)
+ $(conf_notuser aio linux-aio)
+ $(conf_notuser bzip2)
+ $(conf_notuser capstone)
+ $(conf_notuser caps cap-ng)
+ $(conf_notuser curl)
+ $(conf_notuser fdt)
+ $(conf_notuser glusterfs)
+ $(conf_notuser gnutls)
+ $(conf_notuser gnutls nettle)
+ $(conf_notuser gtk)
+ $(conf_notuser infiniband rdma)
+ $(conf_notuser iscsi libiscsi)
+ $(conf_notuser io-uring linux-io-uring)
+ $(conf_notuser jemalloc jemalloc)
+ $(conf_notuser jpeg vnc-jpeg)
+ $(conf_notuser kernel_linux kvm)
+ $(conf_notuser lzo)
+ $(conf_notuser multipath mpath)
+ $(conf_notuser ncurses curses)
+ $(conf_notuser nfs libnfs)
+ $(conf_notuser numa)
+ $(conf_notuser opengl)
+ $(conf_notuser png vnc-png)
+ $(conf_notuser rbd)
+ $(conf_notuser sasl vnc-sasl)
+ $(conf_notuser sdl)
+ $(conf_softmmu sdl-image)
+ $(conf_notuser seccomp)
+ $(conf_notuser slirp slirp system)
+ $(conf_notuser smartcard)
+ $(conf_notuser snappy)
+ $(conf_notuser spice)
+ $(conf_notuser ssh libssh)
+ $(conf_notuser udev libudev)
+ $(conf_notuser usb libusb)
+ $(conf_notuser usbredir usb-redir)
+ $(conf_notuser vde)
+ $(conf_notuser vhost-net)
+ $(conf_notuser vhost-user-fs)
+ $(conf_tools vhost-user-fs virtiofsd)
+ $(conf_notuser virgl virglrenderer)
+ $(conf_notuser virtfs)
+ $(conf_notuser vnc)
+ $(conf_notuser vte)
+ $(conf_notuser xen)
+ $(conf_notuser xen xen-pci-passthrough)
+ $(conf_notuser xfs xfsctl)
+ # use prebuilt keymaps, bug #759604
+ --disable-xkbcommon
+ $(conf_notuser zstd)
+ )
+
+ if [[ ${buildtype} == "user" ]] ; then
+ conf_opts+=( --disable-libxml2 )
+ else
+ conf_opts+=( --enable-libxml2 )
+ fi
+
+ if [[ ! ${buildtype} == "user" ]] ; then
+ # audio options
+ local audio_opts=(
+ # Note: backend order matters here: #716202
+ # We iterate from higher-level to lower level.
+ $(usex pulseaudio pa "")
+ $(usev jack)
+ $(usev sdl)
+ $(usev alsa)
+ $(usev oss)
+ )
+ conf_opts+=(
+ --audio-drv-list=$(printf "%s," "${audio_opts[@]}")
+ )
+ fi
+
+ case ${buildtype} in
+ user)
+ conf_opts+=(
+ --enable-linux-user
+ --disable-system
+ --disable-blobs
+ --disable-tools
+ )
+ local static_flag="static-user"
+ ;;
+ softmmu)
+ conf_opts+=(
+ --disable-linux-user
+ --enable-system
+ --disable-tools
+ )
+ local static_flag="static"
+ ;;
+ tools)
+ conf_opts+=(
+ --disable-linux-user
+ --disable-system
+ --disable-blobs
+ --enable-tools
+ )
+ local static_flag="static"
+ ;;
+ esac
+
+ local targets="${buildtype}_targets"
+ [[ -n ${targets} ]] && conf_opts+=( --target-list="${!targets}" )
+
+ # Add support for SystemTAP
+ use systemtap && conf_opts+=( --enable-trace-backend=dtrace )
+
+ # We always want to attempt to build with PIE support as it results
+ # in a more secure binary. But it doesn't work with static or if
+ # the current GCC doesn't have PIE support.
+ if use ${static_flag}; then
+ conf_opts+=( --static --disable-pie )
+ else
+ tc-enables-pie && conf_opts+=( --enable-pie )
+ fi
+
+ # Plumb through equivalent of EXTRA_ECONF to allow experiments
+ # like bug #747928.
+ conf_opts+=( ${EXTRA_CONF_QEMU} )
+
+ echo "../configure ${conf_opts[*]}"
+ cd "${builddir}"
+ ../configure "${conf_opts[@]}" || die "configure failed"
+
+ # FreeBSD's kernel does not support QEMU assigning/grabbing
+ # host USB devices yet
+ use kernel_FreeBSD && \
+ sed -i -E -e "s|^(HOST_USB=)bsd|\1stub|" "${S}"/config-host.mak
+}
+
+src_configure() {
+ local target
+
+ python_setup
+
+ softmmu_targets= softmmu_bins=()
+ user_targets= user_bins=()
+
+ for target in ${IUSE_SOFTMMU_TARGETS} ; do
+ if use "qemu_softmmu_targets_${target}"; then
+ softmmu_targets+=",${target}-softmmu"
+ softmmu_bins+=( "qemu-system-${target}" )
+ fi
+ done
+
+ for target in ${IUSE_USER_TARGETS} ; do
+ if use "qemu_user_targets_${target}"; then
+ user_targets+=",${target}-linux-user"
+ user_bins+=( "qemu-${target}" )
+ fi
+ done
+
+ softmmu_targets=${softmmu_targets#,}
+ user_targets=${user_targets#,}
+
+ [[ -n ${softmmu_targets} ]] && qemu_src_configure "softmmu"
+ [[ -n ${user_targets} ]] && qemu_src_configure "user"
+ qemu_src_configure "tools"
+}
+
+src_compile() {
+ if [[ -n ${user_targets} ]]; then
+ cd "${S}/user-build"
+ default
+ fi
+
+ if [[ -n ${softmmu_targets} ]]; then
+ cd "${S}/softmmu-build"
+ default
+ fi
+
+ cd "${S}/tools-build"
+ default
+}
+
+src_test() {
+ if [[ -n ${softmmu_targets} ]]; then
+ cd "${S}/softmmu-build"
+ pax-mark m */qemu-system-* #515550
+ emake check
+ fi
+}
+
+qemu_python_install() {
+ python_domodule "${S}/python/qemu"
+
+ python_doscript "${S}/scripts/kvm/vmxcap"
+ python_doscript "${S}/scripts/qmp/qmp-shell"
+ python_doscript "${S}/scripts/qmp/qemu-ga-client"
+}
+
+# Generate binfmt support files.
+# - /etc/init.d/qemu-binfmt script which registers the user handlers (openrc)
+# - /usr/share/qemu/binfmt.d/qemu.conf (for use with systemd-binfmt)
+generate_initd() {
+ local out="${T}/qemu-binfmt"
+ local out_systemd="${T}/qemu.conf"
+ local d="${T}/binfmt.d"
+
+ einfo "Generating qemu binfmt scripts and configuration files"
+
+ # Generate the debian fragments first.
+ mkdir -p "${d}"
+ "${S}"/scripts/qemu-binfmt-conf.sh \
+ --debian \
+ --exportdir "${d}" \
+ --qemu-path "${EPREFIX}/usr/bin" \
+ || die
+ # Then turn the fragments into a shell script we can source.
+ sed -E -i \
+ -e 's:^([^ ]+) (.*)$:\1="\2":' \
+ "${d}"/* || die
+
+ # Generate the init.d script by assembling the fragments from above.
+ local f qcpu package interpreter magic mask
+ cat "${FILESDIR}"/qemu-binfmt.initd.head >"${out}" || die
+ for f in "${d}"/qemu-* ; do
+ source "${f}"
+
+ # Normalize the cpu logic like we do in the init.d for the native cpu.
+ qcpu=${package#qemu-}
+ case ${qcpu} in
+ arm*) qcpu="arm";;
+ mips*) qcpu="mips";;
+ ppc*) qcpu="ppc";;
+ s390*) qcpu="s390";;
+ sh*) qcpu="sh";;
+ sparc*) qcpu="sparc";;
+ esac
+
+ # we use 'printf' here to be portable across 'sh'
+ # implementations: #679168
+ cat <<EOF >>"${out}"
+ if [ "\${cpu}" != "${qcpu}" -a -x "${interpreter}" ] ; then
+ printf '%s\n' ':${package}:M::${magic}:${mask}:${interpreter}:'"\${QEMU_BINFMT_FLAGS}" >/proc/sys/fs/binfmt_misc/register
+ fi
+EOF
+
+ echo ":${package}:M::${magic}:${mask}:${interpreter}:OC" >>"${out_systemd}"
+
+ done
+ cat "${FILESDIR}"/qemu-binfmt.initd.tail >>"${out}" || die
+}
+
+src_install() {
+ if [[ -n ${user_targets} ]]; then
+ cd "${S}/user-build"
+ emake DESTDIR="${ED}" install
+
+ # Install binfmt handler init script for user targets.
+ generate_initd
+ doinitd "${T}/qemu-binfmt"
+
+ # Install binfmt/qemu.conf.
+ insinto "/usr/share/qemu/binfmt.d"
+ doins "${T}/qemu.conf"
+ fi
+
+ if [[ -n ${softmmu_targets} ]]; then
+ cd "${S}/softmmu-build"
+ emake DESTDIR="${ED}" install
+
+ # This might not exist if the test failed. #512010
+ [[ -e check-report.html ]] && dodoc check-report.html
+
+ if use kernel_linux; then
+ udev_newrules "${FILESDIR}"/65-kvm.rules-r1 65-kvm.rules
+ fi
+
+ if use python; then
+ python_foreach_impl qemu_python_install
+ fi
+ fi
+
+ cd "${S}/tools-build"
+ emake DESTDIR="${ED}" install
+
+ # Disable mprotect on the qemu binaries as they use JITs to be fast #459348
+ pushd "${ED}"/usr/bin >/dev/null
+ pax-mark mr "${softmmu_bins[@]}" "${user_bins[@]}" # bug 575594
+ popd >/dev/null
+
+ # Install config file example for qemu-bridge-helper
+ insinto "/etc/qemu"
+ doins "${FILESDIR}/bridge.conf"
+
+ cd "${S}"
+ dodoc MAINTAINERS docs/specs/pci-ids.txt
+ newdoc pc-bios/README README.pc-bios
+
+ # Disallow stripping of prebuilt firmware files.
+ dostrip -x ${QA_PREBUILT}
+
+ if [[ -n ${softmmu_targets} ]]; then
+ # Remove SeaBIOS since we're using the SeaBIOS packaged one
+ rm "${ED}/usr/share/qemu/bios.bin"
+ rm "${ED}/usr/share/qemu/bios-256k.bin"
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
+ dosym ../seabios/bios.bin /usr/share/qemu/bios.bin
+ dosym ../seabios/bios-256k.bin /usr/share/qemu/bios-256k.bin
+ fi
+
+ # Remove vgabios since we're using the seavgabios packaged one
+ rm "${ED}/usr/share/qemu/vgabios.bin"
+ rm "${ED}/usr/share/qemu/vgabios-cirrus.bin"
+ rm "${ED}/usr/share/qemu/vgabios-qxl.bin"
+ rm "${ED}/usr/share/qemu/vgabios-stdvga.bin"
+ rm "${ED}/usr/share/qemu/vgabios-virtio.bin"
+ rm "${ED}/usr/share/qemu/vgabios-vmware.bin"
+ # PPC64 loads vgabios-stdvga
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386 || use qemu_softmmu_targets_ppc64; then
+ dosym ../seavgabios/vgabios-isavga.bin /usr/share/qemu/vgabios.bin
+ dosym ../seavgabios/vgabios-cirrus.bin /usr/share/qemu/vgabios-cirrus.bin
+ dosym ../seavgabios/vgabios-qxl.bin /usr/share/qemu/vgabios-qxl.bin
+ dosym ../seavgabios/vgabios-stdvga.bin /usr/share/qemu/vgabios-stdvga.bin
+ dosym ../seavgabios/vgabios-virtio.bin /usr/share/qemu/vgabios-virtio.bin
+ dosym ../seavgabios/vgabios-vmware.bin /usr/share/qemu/vgabios-vmware.bin
+ fi
+
+ # Remove sgabios since we're using the sgabios packaged one
+ rm "${ED}/usr/share/qemu/sgabios.bin"
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
+ dosym ../sgabios/sgabios.bin /usr/share/qemu/sgabios.bin
+ fi
+
+ # Remove iPXE since we're using the iPXE packaged one
+ rm "${ED}"/usr/share/qemu/pxe-*.rom
+ if use qemu_softmmu_targets_x86_64 || use qemu_softmmu_targets_i386; then
+ dosym ../ipxe/8086100e.rom /usr/share/qemu/pxe-e1000.rom
+ dosym ../ipxe/80861209.rom /usr/share/qemu/pxe-eepro100.rom
+ dosym ../ipxe/10500940.rom /usr/share/qemu/pxe-ne2k_pci.rom
+ dosym ../ipxe/10222000.rom /usr/share/qemu/pxe-pcnet.rom
+ dosym ../ipxe/10ec8139.rom /usr/share/qemu/pxe-rtl8139.rom
+ dosym ../ipxe/1af41000.rom /usr/share/qemu/pxe-virtio.rom
+ fi
+ fi
+
+ DISABLE_AUTOFORMATTING=true
+ readme.gentoo_create_doc
+}
+
+firmware_abi_change() {
+ local pv
+ for pv in ${REPLACING_VERSIONS}; do
+ if ver_test $pv -lt ${FIRMWARE_ABI_VERSION}; then
+ return 0
+ fi
+ done
+ return 1
+}
+
+pkg_postinst() {
+ if [[ -n ${softmmu_targets} ]] && use kernel_linux; then
+ udev_reload
+ fi
+
+ xdg_icon_cache_update
+
+ [[ -z ${EPREFIX} ]] && [[ -f ${EROOT}/usr/libexec/qemu-bridge-helper ]] && \
+ fcaps cap_net_admin ${EROOT}/usr/libexec/qemu-bridge-helper
+
+ DISABLE_AUTOFORMATTING=true
+ readme.gentoo_print_elog
+
+ if use pin-upstream-blobs && firmware_abi_change; then
+ ewarn "This version of qemu pins new versions of firmware blobs:"
+ ewarn " $(best_version sys-firmware/edk2-ovmf)"
+ ewarn " $(best_version sys-firmware/ipxe)"
+ ewarn " $(best_version sys-firmware/seabios)"
+ ewarn " $(best_version sys-firmware/sgabios)"
+ ewarn "This might break resume of hibernated guests (started with a different"
+ ewarn "firmware version) and live migration to/from qemu versions with different"
+ ewarn "firmware. Please (cold) restart all running guests. For functional"
+ ewarn "guest migration ensure that all"
+ ewarn "hosts run at least"
+ ewarn " app-emulation/qemu-${FIRMWARE_ABI_VERSION}."
+ fi
+}
+
+pkg_info() {
+ echo "Using:"
+ echo " $(best_version app-emulation/spice-protocol)"
+ echo " $(best_version sys-firmware/edk2-ovmf)"
+ if has_version 'sys-firmware/edk2-ovmf[binary]'; then
+ echo " USE=binary"
+ else
+ echo " USE=''"
+ fi
+ echo " $(best_version sys-firmware/ipxe)"
+ echo " $(best_version sys-firmware/seabios)"
+ if has_version 'sys-firmware/seabios[binary]'; then
+ echo " USE=binary"
+ else
+ echo " USE=''"
+ fi
+ echo " $(best_version sys-firmware/sgabios)"
+}
+
+pkg_postrm() {
+ xdg_icon_cache_update
+}
diff --git a/net-libs/libslirp/Manifest b/net-libs/libslirp/Manifest
new file mode 100644
index 0000000..b508e93
--- /dev/null
+++ b/net-libs/libslirp/Manifest
@@ -0,0 +1 @@
+DIST libslirp-4.3.1.tar.gz 127008 BLAKE2B de40980521a54367fda73b9a67a80159ff14e8ea073086d8df3b42028ffe778b62f0aabe2b3f0929e168c73c453a8eda3fe0bb866d22de5b0712775e9cece19f SHA512 fa38a5e508b00802538f8466b8b52fc4842d6f7f74caa399db1011c15bb37198678415147327a606e3f259fd5def9390012df1d4dc76e8869e9bb77ca6514005
diff --git a/net-libs/libslirp/files/libslirp-4.3.1-bug-756910-check-pkt_len.patch b/net-libs/libslirp/files/libslirp-4.3.1-bug-756910-check-pkt_len.patch
new file mode 100644
index 0000000..aef7f19
--- /dev/null
+++ b/net-libs/libslirp/files/libslirp-4.3.1-bug-756910-check-pkt_len.patch
@@ -0,0 +1,48 @@
+From: Prasad J Pandit <pjp@fedoraproject.org>
+Date: Thu, 26 Nov 2020 13:57:06 +0000
+Subject: [PATCH] slirp: check pkt_len before reading protocol header
+
+While processing ARP/NCSI packets in 'arp_input' or 'ncsi_input'
+routines, ensure that pkt_len is large enough to accommodate the
+respective protocol headers, lest it should do an OOB access.
+Add check to avoid it.
+
+Reported-by: Qiuhao Li @outlook.com;
+Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
+---
+ src/ncsi.c | 4 ++++
+ src/slirp.c | 4 ++++
+ 2 files changed, 8 insertions(+)
+
+diff --git a/src/ncsi.c b/src/ncsi.c
+index 3c1dfef..75dcc08 100644
+--- a/src/ncsi.c
++++ b/src/ncsi.c
+@@ -148,6 +148,10 @@ void ncsi_input(Slirp *slirp, const uint8_t *pkt, int pkt_len)
+ uint32_t checksum;
+ uint32_t *pchecksum;
+
++ if (pkt_len < ETH_HLEN + sizeof(struct ncsi_pkt_hdr)) {
++ return; /* packet too short */
++ }
++
+ memset(ncsi_reply, 0, sizeof(ncsi_reply));
+
+ memset(reh->h_dest, 0xff, ETH_ALEN);
+diff --git a/src/slirp.c b/src/slirp.c
+index 9bead0c..abb6f9a 100644
+--- a/src/slirp.c
++++ b/src/slirp.c
+@@ -860,6 +860,10 @@ static void arp_input(Slirp *slirp, const uint8_t *pkt, int pkt_len)
+ return;
+ }
+
++ if (pkt_len < ETH_HLEN + sizeof(struct slirp_arphdr)) {
++ return; /* packet too short */
++ }
++
+ ar_op = ntohs(ah->ar_op);
+ switch (ar_op) {
+ case ARPOP_REQUEST:
+--
+2.28.0
diff --git a/net-libs/libslirp/libslirp-4.3.1-r1.ebuild b/net-libs/libslirp/libslirp-4.3.1-r1.ebuild
new file mode 100644
index 0000000..fef0fb7
--- /dev/null
+++ b/net-libs/libslirp/libslirp-4.3.1-r1.ebuild
@@ -0,0 +1,39 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit meson
+
+KEYWORDS="*"
+MY_P="${PN}-v${PV}"
+SRC_URI="https://gitlab.freedesktop.org/slirp/libslirp/-/archive/v${PV}/${MY_P}.tar.gz -> ${P}.tar.gz"
+DESCRIPTION="A general purpose TCP-IP emulator used by virtual machine hypervisors to provide virtual networking services."
+HOMEPAGE="https://gitlab.freedesktop.org/slirp/libslirp"
+
+LICENSE="BSD"
+SLOT="0"
+IUSE="static-libs"
+
+RDEPEND="dev-libs/glib:="
+
+DEPEND="${RDEPEND}"
+
+S=${WORKDIR}/${MY_P}
+
+PATCHES=(
+ "${FILESDIR}/libslirp-4.3.1-bug-756910-check-pkt_len.patch"
+)
+
+src_prepare() {
+ default
+ echo "${PV}" > .tarball-version || die
+ echo -e "#!${BASH}\necho -n \$(cat '${S}/.tarball-version')" > build-aux/git-version-gen || die
+}
+
+src_configure() {
+ local emesonargs=(
+ -Ddefault_library=$(usex static-libs both shared)
+ )
+ meson_src_configure
+}
diff --git a/net-libs/libslirp/metadata.xml b/net-libs/libslirp/metadata.xml
new file mode 100644
index 0000000..8830eef
--- /dev/null
+++ b/net-libs/libslirp/metadata.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer type="person">
+ <name>Zac Medico</name>
+ <email>zmedico@gentoo.org</email>
+ </maintainer>
+ <upstream>
+ <remote-id type="gitlab">gitlab.freedesktop.org/slirp/libslirp</remote-id>
+ </upstream>
+</pkgmetadata>
diff --git a/profiles/targets/sdk/package.use b/profiles/targets/sdk/package.use
index d17a241..76b6451 100644
--- a/profiles/targets/sdk/package.use
+++ b/profiles/targets/sdk/package.use
@@ -28,6 +28,7 @@
dev-libs/glib static-libs
dev-libs/libpcre static-libs
net-libs/nghttp2 static-libs
+net-libs/libslirp static-libs
sys-apps/attr static-libs
# mksquashfs used in build_image requires lzo support.
@@ -83,7 +84,7 @@
# Build qemu's userland helpers statically so we can copy them into sysroots
# and run unittests standalone. Build qemu's softmmu helpers statically so
# we can run vms outside of the chroot.
-app-emulation/qemu -pin-upstream-blobs -seccomp static-user static usb virtfs
+app-emulation/qemu -ncurses -pin-upstream-blobs -seccomp static-user static usb virtfs
dev-libs/glib static-libs
dev-libs/libaio static-libs
dev-libs/libpcre static-libs
