NixOS · alyssais · Sep 2, 2022 · Jul 29, 2022
diff --git a/pkgs/applications/virtualization/qemu/default.nix b/pkgs/applications/virtualization/qemu/default.nix
@@ -41,11 +41,11 @@ stdenv.mkDerivation rec {
     + lib.optionalString xenSupport "-xen"
     + lib.optionalString hostCpuOnly "-host-cpu-only"
     + lib.optionalString nixosTestRunner "-for-vm-tests";
-  version = "7.0.0";
+  version = "7.1.0";
 
   src = fetchurl {
-    url= "https://download.qemu.org/qemu-${version}.tar.xz";
-    sha256 = "sha256-9rN1x5UfcoQCeYsLqrsthkeMpT1Eztvvq74cRr9G+Dk=";
+    url = "https://download.qemu.org/qemu-${version}.tar.xz";
+    sha256 = "1rmvrgqjhrvcmchnz170dxvrrf14n6nm39y8ivrprmfydd9lwqx0";
   };
 
   depsBuildBuild = [ buildPackages.stdenv.cc ];
@@ -109,44 +109,6 @@ stdenv.mkDerivation rec {
       sha256 = "sha256-oC+bRjEHixv1QEFO9XAm4HHOwoiT+NkhknKGPydnZ5E=";
       revert = true;
     })
-    # make nixos tests that boot from USB more stable
-    # https://lists.nongnu.org/archive/html/qemu-devel/2022-05/msg01484.html
-    (fetchpatch {
-      url = "https://gitlab.com/raboof/qemu/-/commit/3fb5e8fe4434130b1167a995b2a01c077cca2cd5.patch";
-      sha256 = "sha256-evzrN3i4ntc/AFG0C0rezQpQbWcnx74nXO+5DLErX8o=";
-    })
-    # fix 9p on macOS host, landed in master
-    (fetchpatch {
-      name = "fix-9p-on-macos.patch";
-      url = "https://gitlab.com/qemu/qemu/-/commit/f5643914a9e8f79c606a76e6a9d7ea82a3fc3e65.patch";
-      sha256 = "sha256-8i13wU135h+YxoXFtkXweBN3hMslpWoNoeQ7Ydmn3V4=";
-    })
-    (fetchpatch {
-      name = "CVE-2022-35414.patch";
-      url = "https://gitlab.com/qemu-project/qemu/-/commit/418ade7849ce7641c0f7333718caf5091a02fd4c.patch";
-      sha256 = "sha256-zQHDXedIXZBnabv4+3TA4z5mY1+KZiPmqUbhaSkGLgA=";
-    })
-    # needed for CVE-2022-0216's test to pass
-    (fetchpatch {
-      name = "fuzz-tests-x86-only.patch";
-      url = "https://gitlab.com/qemu-project/qemu/-/commit/b911c30c566dee48a27bc1bfa1ee6df3a729cbbb.patch";
-      sha256 = "sha256-RXKRmZo25yZ1VuBtBA+BsY8as9kIcACqE6aEYmIm9KQ=";
-    })
-    (fetchpatch {
-      name = "CVE-2022-0216.part-1.patch";
-      url = "https://gitlab.com/qemu-project/qemu/-/commit/6c8fa961da5e60f574bb52fd3ad44b1e9e8ad4b8.patch";
-      sha256 = "sha256-0z0zVPBVXFSU8qEV0Ea2+rDxyikMyitlDM0jZOLLC6s=";
-    })
-    (fetchpatch {
-      name = "CVE-2022-0216.part-2.patch";
-      url = "https://gitlab.com/qemu-project/qemu/-/commit/4367a20cc442c56b05611b4224de9a61908f9eac.patch";
-      sha256 = "sha256-hpNu4Zjw1dIbT6Vt57cayHE1Elaltp0a/bsKlDY0Qr8=";
-    })
-    (fetchpatch {
-      name = "CVE-2020-14394.patch";
-      url = "https://gitlab.com/qemu-project/qemu/-/commit/effaf5a240e03020f4ae953e10b764622c3e87cc.patch";
-      sha256 = "sha256-NobsIxRC+xlyj8d/oD4mqgXAGX37pfww/PQQuKhrTzc=";
-    })
   ]
   ++ lib.optional nixosTestRunner ./force-uid0-on-9p.patch;
 

diff --git a/pkgs/applications/virtualization/qemu/fix-qemu-ga.patch b/pkgs/applications/virtualization/qemu/fix-qemu-ga.patch
@@ -1,16 +1,17 @@
-diff -Naur a/qga/commands-posix.c b/qga/commands-posix.c
---- a/qga/commands-posix.c
-+++ b/qga/commands-posix.c
-@@ -109,6 +109,8 @@
-         reopen_fd_to_null(1);
-         reopen_fd_to_null(2);
-
-+        execle("/run/current-system/sw/bin/shutdown", "shutdown", "-h", shutdown_flag, "+0",
-+               "hypervisor initiated shutdown", (char*)NULL, environ);
-         execle("/sbin/shutdown", "shutdown", "-h", shutdown_flag, "+0",
-                "hypervisor initiated shutdown", (char*)NULL, environ);
-         _exit(EXIT_FAILURE);
-@@ -157,11 +159,13 @@
+diff --git i/qga/commands-posix.c w/qga/commands-posix.c
+index 954efed01b..39c4b916ce 100644
+--- i/qga/commands-posix.c
++++ w/qga/commands-posix.c
+@@ -123,6 +123,8 @@ void qmp_guest_shutdown(bool has_mode, const char *mode, Error **errp)
+         execl("/sbin/shutdown", "shutdown", shutdown_flag, "-g0", "-y",
+               "hypervisor initiated shutdown", (char *)NULL);
+ #else
++        execl("/run/current-system/sw/bin/shutdown", "shutdown", "-h", shutdown_flag, "+0",
++               "hypervisor initiated shutdown", (char *)NULL);
+         execl("/sbin/shutdown", "shutdown", "-h", shutdown_flag, "+0",
+                "hypervisor initiated shutdown", (char *)NULL);
+ #endif
+@@ -158,11 +160,13 @@ void qmp_guest_set_time(bool has_time, int64_t time_ns, Error **errp)
      pid_t pid;
      Error *local_err = NULL;
      struct timeval tv;
@@ -25,12 +26,11 @@ diff -Naur a/qga/commands-posix.c b/qga/commands-posix.c
      }
 
      if (!hwclock_available) {
-@@ -207,6 +211,8 @@
+@@ -208,6 +212,7 @@ void qmp_guest_set_time(bool has_time, int64_t time_ns, Error **errp)
 
          /* Use '/sbin/hwclock -w' to set RTC from the system time,
           * or '/sbin/hwclock -s' to set the system time from RTC. */
-+        execle(hwclock_path_nix, "hwclock", has_time ? "-w" : "-s",
-+               NULL, environ);
-         execle(hwclock_path, "hwclock", has_time ? "-w" : "-s",
-                NULL, environ);
++        execl(hwclock_path_nix, "hwclock", has_time ? "-w" : "-s", NULL);
+         execl(hwclock_path, "hwclock", has_time ? "-w" : "-s", NULL);
          _exit(EXIT_FAILURE);
+     } else if (pid < 0) {
diff --git a/pkgs/applications/virtualization/qemu/revert-ui-cocoa-add-clipboard-support.patch b/pkgs/applications/virtualization/qemu/revert-ui-cocoa-add-clipboard-support.patch
@@ -1,4 +1,4 @@
-From 19b0952b36b6b5c4bd2665cc0bd4e55a85f81b55 Mon Sep 17 00:00:00 2001
+From 756021d1e433925cf9a732d7ea67b01b0beb061c Mon Sep 17 00:00:00 2001
 From: Will Cohen <willcohen@users.noreply.github.com>
 Date: Tue, 29 Mar 2022 14:00:56 -0400
 Subject: [PATCH] Revert "ui/cocoa: Add clipboard support"
@@ -7,8 +7,8 @@ This reverts commit 7e3e20d89129614f4a7b2451fe321cc6ccca3b76.
 ---
  include/ui/clipboard.h |   2 +-
  ui/clipboard.c         |   2 +-
- ui/cocoa.m             | 121 -----------------------------------------
- 3 files changed, 2 insertions(+), 123 deletions(-)
+ ui/cocoa.m             | 123 -----------------------------------------
+ 3 files changed, 2 insertions(+), 125 deletions(-)
 
 diff --git a/include/ui/clipboard.h b/include/ui/clipboard.h
 index ce76aa451f..c4e1dc4ff4 100644
@@ -37,18 +37,18 @@ index 9079ef829b..6b9ed59e1b 100644
  {
      if (!info ||
 diff --git a/ui/cocoa.m b/ui/cocoa.m
-index c4e5468f9e..cd3bdf0cec 100644
+index 5a8bd5dd84..79ed6d043f 100644
 --- a/ui/cocoa.m
 +++ b/ui/cocoa.m
-@@ -28,7 +28,6 @@
- #include <crt_externs.h>
+@@ -29,7 +29,6 @@
 
- #include "qemu-common.h"
+ #include "qemu/help-texts.h"
+ #include "qemu-main.h"
 -#include "ui/clipboard.h"
  #include "ui/console.h"
  #include "ui/input.h"
  #include "ui/kbd-state.h"
-@@ -107,10 +106,6 @@ static void cocoa_switch(DisplayChangeListener *dcl,
+@@ -109,10 +108,6 @@ static void cocoa_switch(DisplayChangeListener *dcl,
  static QemuSemaphore app_started_sem;
  static bool allow_events;
 
@@ -59,7 +59,7 @@ index c4e5468f9e..cd3bdf0cec 100644
  // Utility functions to run specified code block with iothread lock held
  typedef void (^CodeBlock)(void);
  typedef bool (^BoolCodeBlock)(void);
-@@ -1805,105 +1800,6 @@ static void addRemovableDevicesMenuItems(void)
+@@ -1815,107 +1810,6 @@ static void addRemovableDevicesMenuItems(void)
      qapi_free_BlockInfoList(pointerToFree);
  }
 
@@ -146,16 +146,18 @@ index c4e5468f9e..cd3bdf0cec 100644
 -static void cocoa_clipboard_request(QemuClipboardInfo *info,
 -                                    QemuClipboardType type)
 -{
+-    NSAutoreleasePool *pool;
 -    NSData *text;
 -
 -    switch (type) {
 -    case QEMU_CLIPBOARD_TYPE_TEXT:
+-        pool = [[NSAutoreleasePool alloc] init];
 -        text = [[NSPasteboard generalPasteboard] dataForType:NSPasteboardTypeString];
 -        if (text) {
 -            qemu_clipboard_set_data(&cbpeer, info, type,
 -                                    [text length], [text bytes], true);
--            [text release];
 -        }
+-        [pool release];
 -        break;
 -    default:
 -        break;
@@ -165,15 +167,15 @@ index c4e5468f9e..cd3bdf0cec 100644
  /*
   * The startup process for the OSX/Cocoa UI is complicated, because
   * OSX insists that the UI runs on the initial main thread, and so we
-@@ -1938,7 +1834,6 @@ static void cocoa_clipboard_request(QemuClipboardInfo *info,
+@@ -1950,7 +1844,6 @@ static void cocoa_clipboard_request(QemuClipboardInfo *info,
      COCOA_DEBUG("Second thread: calling qemu_main()\n");
      status = qemu_main(gArgc, gArgv, *_NSGetEnviron());
      COCOA_DEBUG("Second thread: qemu_main() returned, exiting\n");
 -    [cbowner release];
      exit(status);
  }
 
-@@ -2054,18 +1949,6 @@ static void cocoa_refresh(DisplayChangeListener *dcl)
+@@ -2066,18 +1959,6 @@ static void cocoa_refresh(DisplayChangeListener *dcl)
              [cocoaView setAbsoluteEnabled:YES];
          });
      }
@@ -192,7 +194,7 @@ index c4e5468f9e..cd3bdf0cec 100644
      [pool release];
  }
 
-@@ -2105,10 +1988,6 @@ static void cocoa_display_init(DisplayState *ds, DisplayOptions *opts)
+@@ -2117,10 +1998,6 @@ static void cocoa_display_init(DisplayState *ds, DisplayOptions *opts)
 
      // register vga output callbacks
      register_displaychangelistener(&dcl);