to allow improved control over use of git submodules
* Deprecate the -enable-fips option
* Ensure docs use prefer format for bool options
* Clarify platform support rules
* Misc fixes to keymap conversions
* Fix misc problems on macOS
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEE2vOm/bJrYpEtDo4/vobrtBUQT98FAmAUQXUACgkQvobrtBUQ
T9/9Zw//VV3z7MI70HjWk17TUmkKLGFbmrc3xvtS6EMZbhfXpsR8qMfSjoRxP4Gn
CgeftOa/lK5XjL7FcEUmcZeO8jZNE/+S5wgP2upP5Ae1zuDeyaSPTGR6UYs7WqSa
P1kQsot2sAsZCP7Lko0jSv7rEDInK1bcdWr0a/xR5M2TvKiXoEdbElIZdwe3yLbC
qWPWiv2pp6z2eGtJK/9VBxXjP0tlkNAR+jz8p/8RSZEEKf3aSq6HvVae+bHU86nX
9t4baZk3ZuuwkmHJrHJP/72BjjitqEOiydtSsOCVYmY2GOclYeTnezG/vm75cGIK
ej6hwFGElAEQk+KU9g7HOXi1eqXncSBjP0xWqc8PaZLW7wW/Uv8UV94fk+SCkIQ0
GVBBLP8PzySL+w33NN7sv14cWeBpsjy9arMr4okZ80klFlS2hx/FqnUmhFhoN8ub
ptIPUcSJoL+6pjxatV2yJ6bHkVga9PiwtLC8/rqETYPJz0b756xlPaEGd+0B1P0V
ZMraE7lCgS0kJM6w0xF3R7JlGVtKouj4ZePCK5MGjpByBAK/vn/MbhbEmcyh+uJD
r6sakKwqLjDLKdmQDd+biq3q6mvKE8ZKaUj8dXYdvxXSxxqXZ8DnrNpj/UkDTi3S
chlTT1qUYrp2MVYqGmFjZ0XcEdEUR1I39rUs+wRxE3RgtE56M1A=
=g6bC
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/berrange-gitlab/tags/misc-fixes-pull-request' into staging
* Replace --enable/disable-git-update with --with-git-submodules
to allow improved control over use of git submodules
* Deprecate the -enable-fips option
* Ensure docs use prefer format for bool options
* Clarify platform support rules
* Misc fixes to keymap conversions
* Fix misc problems on macOS
# gpg: Signature made Fri 29 Jan 2021 17:10:13 GMT
# gpg: using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full]
# gpg: aka "Daniel P. Berrange <berrange@redhat.com>" [full]
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF
* remotes/berrange-gitlab/tags/misc-fixes-pull-request:
tests: Replace deprecated ASN1 code
tests: Fix runtime error in test-authz-pam
ui: update keycodemapdb submodule commit
crypto: Add spaces around operator
configure: replace --enable/disable-git-update with --with-git-submodules
docs: fix missing backslash in certtool shell example
docs: simplify and clarify the platform support rules
Prefer 'on' | 'off' over 'yes' | 'no' for bool options
os: deprecate the -enable-fips option and QEMU's FIPS enforcement
crypto: Fix memory leaks in set_loaded for tls-*
crypto: Forbid broken unloading of secrets
crypto: Move USER_CREATABLE to secret_common base class
crypto: Fix some code style problems, add spaces around operator
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Replace the --enable-git-update and --disable-git-update configure params
with the param --with-git-submodules=(update|validate|ignore) to
allow 3 options for building from a git repo.
This is needed because downstream packagers, e.g. Debian, Ubuntu, etc,
also keep the source code in git, but do not want to enable the
'git_update' mode; with the current code, that's not possible even
if the downstream package specifies --disable-git-update.
The previous parameters are deprecated but still available; the
--enable-git-update parameter maps to --with-git-submodules=update and
--disable-git-update parameter maps to --with-git-submodules=validate.
The configure script behavior is slightly modified, where previously
the dtc, capstone, and slirp submodules were not validated when
--disable-git-update was specified (but were updated with git-update
enabled), now they are validated when using --with-git-submodules=validate
and are only ignored when using --with-git-submodules=ignore.
Signed-off-by: Dan Streetman <ddstreet@canonical.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
A workaround added in early days of 64-bit OSX forced x86_64 if the
host machine had 64-bit support. This creates issues when cross-
compiling for ARM64. Additionally, the user can always use --cpu=* to
manually set the host CPU and therefore this workaround should be
removed.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Joelle van Dyne <j@getutm.app>
Message-id: 20210126012457.39046-12-j@getutm.app
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
On iOS there is no CoreAudio, so we should not assume Darwin always
has it.
Signed-off-by: Joelle van Dyne <j@getutm.app>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20210126012457.39046-11-j@getutm.app
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Joelle van Dyne <j@getutm.app>
Message-id: 20210126012457.39046-9-j@getutm.app
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Add objc to the Meson cross file as well as detection of Darwin.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Joelle van Dyne <j@getutm.app>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20210126012457.39046-8-j@getutm.app
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Meson will find CoreFoundation, IOKit, and Cocoa as needed.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Joelle van Dyne <j@getutm.app>
Message-id: 20210126012457.39046-7-j@getutm.app
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The iOS toolchain does not use the host prefix naming convention. So we
need to enable cross-compile options while allowing the PREFIX to be
blank.
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Joelle van Dyne <j@getutm.app>
Message-id: 20210126012457.39046-3-j@getutm.app
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Move the preadv availability check to meson.build. This is what we
want to be doing for host-OS-feature-checks anyway, but it also fixes
a problem with building for macOS with the most recent XCode SDK on a
Catalina host.
On that configuration, 'preadv()' is provided as a weak symbol, so
that programs can be built with optional support for it and make a
runtime availability check to see whether the preadv() they have is a
working one or one which they must not call because it will
runtime-assert. QEMU's configure test passes (unless you're building
with --enable-werror) because the test program using preadv()
compiles, but then QEMU crashes at runtime when preadv() is called,
with errors like:
dyld: lazy symbol binding failed: Symbol not found: _preadv
Referenced from: /Users/pm215/src/qemu/./build/x86/tests/test-replication
Expected in: /usr/lib/libSystem.B.dylib
dyld: Symbol not found: _preadv
Referenced from: /Users/pm215/src/qemu/./build/x86/tests/test-replication
Expected in: /usr/lib/libSystem.B.dylib
Meson's own function availability check has a special case for macOS
which adds '-Wl,-no_weak_imports' to the compiler flags, which forces
the test to require the real function, not the macOS-version-too-old
stub.
So this commit fixes the bug where macOS builds on Catalina currently
require --disable-werror.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20210126155846.17109-1-peter.maydell@linaro.org
Since meson switch and commit feabc71dfa ("configure: do not include
dependency flags in QEMU_CFLAGS and LIBS"), LIBS is unused.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210114125605.1227742-2-marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Make CONFIG_TCG_INTERPRETER a Meson option, and enable TCI (though with
a warning) if the host CPU is unsupported, making it more similar to
other --enable-* options.
Remove TCG-specific include paths from !CONFIG_TCG builds.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
There are two cases that need to be accounted for when compiling QEMU
for MinGW32:
1) A standalone distribution, where QEMU is self contained and
extracted by the user, such as a user would download from the QEMU
website. In this case, all the QEMU executable files should be
rooted in $prefix to ensure they can be easily found by the user
2) QEMU integrated into a distribution image/sysroot/SDK and
distributed with other programs. In this case, the provided
arguments for bindir/datadir/etc. should be respected as they for a
Linux build.
Restructures the MinGW path configuration so that all of the paths
except bindir use the same rules as when building for other platforms.
This satisfies #2 and #1 since these files do not need to be directly in
$prefix anyway.
The handling for --bindir is changed so that it defaults to $prefix on
MinGW (maintaining the compatibility with #1), but if the user specifies
a specific path when configuring it can also satisfy #2.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Message-Id: <20210112210239.28836-1-JPEWhacker@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
It is not a part of standard time.h. Glibc put it under
time.h however musl treat it as a sys timex extension.
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210118063808.12471-2-jiaxun.yang@flygoat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
The support of socket based debugging which we need for linux-user
testing is only really stable as of 8.3.1 so lets gate our use of GDB
on having a relatively modern version.
For direct testing you can just point to a locally compiled version of
gdb via configure, e.g.:
../../configure --gdb=$HOME/src/binutils-gdb.git/builds/all/install/bin/gdb
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210108224256.2321-4-alex.bennee@linaro.org>
Make config.status generation a bit more robust. (The quote_sh
function will also be reused to parse configure's command line
arguments in an external script driven by Meson build option
introspection).
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
The cocoa UI code currently assumes it is always the active UI
and does not interact well with other UI frontend code. Move
the relevant checks to Meson now that all other frontends
have become Meson options. This way, SDL/GTK+/Cocoa can be
parsed entirely by scripts/configure-parse-buildoptions.pl.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This also allows removing CONFIG_NEED_X11, all the ingredients
can be computed easily in meson.build.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
For now move the logic verbatim. GTK+ actually has a hard requirement
on X11 if gtk+x11 is present, but we will sort that out later.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
CONFIG_GTK_GL is defined if OpenGL is present and GTK+
is 3.16 or newer. Since GTK+ 3.22 is the minimum supported
version, just use CONFIG_OPENGL instead.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Remove the automagic connection between --enable-cocoa
and enabling coreaudio in audio_drv_list. It can be
overridden anyway just by placing --enable-cocoa before
--audio-drv-list.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
cURL 7.16.0 was released in October 2006. Just remove code that is
in all likelihood not being used anywhere, and require the oldest version
found in currently supported distros, which is 7.29.0 from CentOS 7.
pkg-config is enough for QEMU, since it does not need extra information
such as the path for certicate authorities. All supported platforms
today will all have pkg-config for curl, so we can drop curl-config.
Suggested-by: Daniel Berrangé <berrange@redhat.com>
Reviewed-by: Daniel Berrangé <berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
version.rc can just use existing preprocessor symbols.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Meson understands -Dslirp=enabled, so there is no reason not to
accept the configure option as well.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
The condition can be tested also from $targetos, clean up.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
meson.build is already doing the same check, so remove it from
configure.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This patch adds a flag to enable/disable control flow integrity checks
on indirect function calls.
This feature only allows indirect function calls at runtime to functions
with compatible signatures.
This feature is only provided by LLVM/Clang, and depends on link-time
optimization which is currently supported only with LLVM/Clang >= 6.0
We also add an option to enable a debugging version of cfi, with verbose
output in case of a CFI violation.
CFI on indirect function calls does not support calls to functions in
shared libraries (since they were not known at compile time), and such
calls are forbidden. QEMU relies on dlopen/dlsym when using modules,
so we make modules incompatible with CFI.
All the checks are performed in meson.build. configure is only used to
forward the flags to meson
Signed-off-by: Daniele Buono <dbuono@linux.vnet.ibm.com>
Message-Id: <20201204230615.2392-5-dbuono@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This patch allows to compile QEMU with link-time optimization (LTO).
Compilation with LTO is handled directly by meson. This patch only
adds the option in configure and forwards the request to meson
Tested with all major versions of clang from 6 to 12
Signed-off-by: Daniele Buono <dbuono@linux.vnet.ibm.com>
Message-Id: <20201204230615.2392-2-dbuono@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
By default QEMU enables a lot of features if it can probe and find the
support libraries. It also enables a bunch of features by default.
This patch adds the ability to build --without-default-features which
can be paired with a --without-default-devices for a barely functional
build.
The main use case for this is testing our build assumptions and for
minimising the amount of stuff you build if you just want to test a
particular feature on your relatively slow emulated test system. On
it's own I go from:
$ ls -lh qemu-system-aarch64
-rwxr-xr-x 1 alex alex 120M Dec 10 12:45 qemu-system-aarch64*
$ ldd qemu-system-aarch64 | wc -l
170
to:
$ ls -lh qemu-aarch64
-rwxr-xr-x 1 alex alex 43M Dec 10 12:41 qemu-aarch64*
$ ldd qemu-system-aarch64 | wc -l
57
which is still able to run my default Debian ARM64 machine with a lot
less fat involved.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Acked-by: Thomas Huth <thuth@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20201210190417.31673-5-alex.bennee@linaro.org>
This will allow meson to honour -Dauto_features=disabled later.
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20201210190417.31673-4-alex.bennee@linaro.org>
Coverity always complains about switch-case statements that fall through
the next one when there is no comment in between - which could indicate
a forgotten "break" statement. Instead of handling these issues after
they have been committed, it would be better to avoid them in the build
process already. Thus let's enable the -Wimplicit-fallthrough warning now.
The "=2" level seems to be a good compromise between being too strict and
too generic about the possible comments, so we'll start with "=2" for now.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Chen Qun <kuhn.chenqun@huawei.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20201211152426.350966-13-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>