Peter Maydell [Thu, 24 Oct 2024 14:21:42 +0000 (15:21 +0100)]
Merge tag 'pull-tcg-20241022' of https://gitlab.com/rth7680/qemu into staging
tcg: Reset data_gen_ptr correctly
tcg/riscv: Implement host vector support
tcg/ppc: Fix tcg_out_rlw_rc
target/i386: Walk NPT in guest real mode
target/i386: Use probe_access_full_mmu in ptw_translate
linux-user: Fix build failure caused by missing __u64 on musl
linux-user: Emulate /proc/self/maps under mmap_lock
linux-user/riscv: Fix definition of RISCV_HWPROBE_EXT_ZVFHMIN
linux-user/ppc: Fix sigmask endianness issue in sigreturn
* tag 'for-upstream' of https://repo.or.cz/qemu/kevin:
raw-format: Fix error message for invalid offset/size
block-backend: per-device throttling of BLOCK_IO_ERROR reports
qapi: add qom-path to BLOCK_IO_ERROR event
iotests/backup-discard-source: don't use actual-size
iotests/backup-discard-source: convert size variable to be int
block/vdi.c: Make SECTOR_SIZE constant 64-bits
tests/qemu-iotests/211.out: Update to expect MapEntry 'compressed' field
block/ssh.c: Don't double-check that characters are hex digits
block/gluster: Use g_autofree for string in qemu_gluster_parse_json()
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Thu, 24 Oct 2024 10:23:38 +0000 (11:23 +0100)]
Merge tag 'misc-fixes-pull-request' of https://gitlab.com/berrange/qemu into staging
Misc sockets, crypto and VNC fixes
* Fix rare EADDRINUSE failures on OpenBSD platforms seen
with migration
* Fix & test overwriting of hash output buffer
* Close connection instead of returning empty SASL mechlist to
VNC clients
* Fix handling of SASL SSF on VNC server UNIX sockets
* Fix handling of NULL SASL server data in VNC server
* Validate trailing NUL padding byte from SASL client
* Fix & test AF_ALG crypto backend build
* Remove unused code in sockets and crypto subsystems
* tag 'misc-fixes-pull-request' of https://gitlab.com/berrange/qemu:
gitlab: enable afalg tests in fedora system test
ui: validate NUL byte padding in SASL client data more strictly
ui: fix handling of NULL SASL server data
ui/vnc: don't check for SSF after SASL authentication on UNIX sockets
ui/vnc: fix skipping SASL SSF on UNIX sockets
ui/vnc: don't raise error formatting socket address for non-inet
ui/vnc: don't return an empty SASL mechlist to the client
crypto/hash-afalg: Fix broken build
include/crypto: clarify @result/@result_len for hash/hmac APIs
tests: correctly validate result buffer in hash/hmac tests
crypto/hash: avoid overwriting user supplied result pointer
util: don't set SO_REUSEADDR on client sockets
sockets: Remove deadcode
crypto: Remove unused DER string functions
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Yao Zi [Tue, 22 Oct 2024 16:01:37 +0000 (16:01 +0000)]
linux-user/riscv: Fix definition of RISCV_HWPROBE_EXT_ZVFHMIN
Current definition yields a negative 32bits value, messing up hwprobe
result when Zvfhmin extension presents. Replace it by using a 1ULL bit
shift value as done in kernel upstream.
Link: https://github.com/torvalds/linux/commit/5ea6764d9095e234b024054f75ebbccc4f0eb146 Fixes: a3432cf227 ("linux-user/riscv: Sync hwprobe keys with Linux") Cc: qemu-stable@nongnu.org Signed-off-by: Yao Zi <ziyao@disroot.org>
Message-ID: <20241022160136.21714-2-ziyao@disroot.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Yao Zi [Tue, 22 Oct 2024 12:29:30 +0000 (12:29 +0000)]
linux-user: Fix build failure caused by missing __u64 on musl
Commit 9651cead2f ("linux-user: add openat2 support in linux-user")
ships a definition of struct open_how_ver0 while assuming type __u64 is
available in code, which is not the case when building QEMU on musl.
Let's replaces __u64 with uint64_t.
Fixes: 9651cead2f ("linux-user: add openat2 support in linux-user") Signed-off-by: Yao Zi <ziyao@disroot.org> Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-ID: <20241022122929.17465-2-ziyao@disroot.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Ilya Leoshkevich [Tue, 22 Oct 2024 10:26:16 +0000 (12:26 +0200)]
linux-user: Trace rt_sigprocmask's sigsets
Add a function for formatting target sigsets. It can be useful for
other syscalls in the future, so put it into the beginning of strace.c.
For simplicity, do not implement the strace's ~[] output syntax.
Ilya Leoshkevich [Thu, 17 Oct 2024 12:54:43 +0000 (14:54 +0200)]
linux-user/ppc: Fix sigmask endianness issue in sigreturn
do_setcontext() copies the target sigmask without endianness handling
and then uses target_to_host_sigset_internal(), which expects a
byte-swapped one. Use target_to_host_sigset() instead.
Fixes: bcd4933a23f1 ("linux-user: ppc signal handling") Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20241017125811.447961-2-iii@linux.ibm.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Ilya Leoshkevich [Mon, 14 Oct 2024 20:34:21 +0000 (22:34 +0200)]
linux-user: Emulate /proc/self/maps under mmap_lock
If one thread modifies the mappings and another thread prints them,
a situation may occur that the printer thread sees a guest mapping
without a corresponding host mapping, leading to a crash in
open_self_maps_2().
Cc: qemu-stable@nongnu.org Fixes: 7b7a3366e142 ("linux-user: Use walk_memory_regions for open_self_maps") Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com> Reviewed-by: Laurent Vivier <laurent@vivier.eu> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241014203441.387560-1-iii@linux.ibm.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
target/i386: Remove ra parameter from ptw_translate
This argument is no longer used.
Suggested-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241013184733.1423747-4-richard.henderson@linaro.org>
Alexander Graf [Sat, 21 Sep 2024 08:57:12 +0000 (08:57 +0000)]
target/i386: Walk NPT in guest real mode
When translating virtual to physical address with a guest CPU that
supports nested paging (NPT), we need to perform every page table walk
access indirectly through the NPT, which we correctly do.
However, we treat real mode (no page table walk) special: In that case,
we currently just skip any walks and translate VA -> PA. With NPT
enabled, we also need to then perform NPT walk to do GVA -> GPA -> HPA
which we fail to do so far.
The net result of that is that TCG VMs with NPT enabled that execute
real mode code (like SeaBIOS) end up with GPA==HPA mappings which means
the guest accesses host code and data. This typically shows as failure
to boot guests.
This patch changes the page walk logic for NPT enabled guests so that we
always perform a GVA -> GPA translation and then skip any logic that
requires an actual PTE.
That way, all remaining logic to walk the NPT stays and we successfully
walk the NPT in real mode.
Cc: qemu-stable@nongnu.org Fixes: fe441054bb3f0 ("target-i386: Add NPT support") Signed-off-by: Alexander Graf <graf@amazon.com> Reported-by: Eduard Vlad <evlad@amazon.de> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20240921085712.28902-1-graf@amazon.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
was translated to `slwi r15, r14, 0` instead of `slwi r14, r14, 0`
due to SH field overflow. SH field is 5 bits, and tcg_out_rlw is called
in some situations with `32-n`, when `n` is 0 it results in an overflow
to RA field.
This commit prevents overflow of that field and adds debug assertions
for the other fields
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com> Signed-off-by: Dani Szebenyi <szedani@linux.ibm.com>
Message-ID: <20241022133535.69351-2-szedani@linux.ibm.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
TANG Tiancheng [Mon, 7 Oct 2024 02:56:54 +0000 (10:56 +0800)]
tcg/riscv: Implement vector cmp/cmpsel ops
Extend comparison results from mask registers to SEW-width elements,
following recommendations in The RISC-V SPEC Volume I (Version 20240411).
This aligns with TCG's cmp_vec behavior by expanding compare results to
full element width: all 1s for true, all 0s for false.
Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com> Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241007025700.47259-7-zhiwei_liu@linux.alibaba.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Huang Shiyuan [Mon, 7 Oct 2024 02:56:50 +0000 (10:56 +0800)]
tcg/riscv: Add basic support for vector
The RISC-V vector instruction set utilizes the LMUL field to group
multiple registers, enabling variable-length vector registers. This
implementation uses only the first register number of each group while
reserving the other register numbers within the group.
In TCG, each VEC_IR can have 3 types (TCG_TYPE_V64/128/256), and the
host runtime needs to adjust LMUL based on the type to use different
register groups.
This presents challenges for TCG's register allocation. Currently, we
avoid modifying the register allocation part of TCG and only expose the
minimum number of vector registers.
For example, when the host vlen is 64 bits and type is TCG_TYPE_V256, with
LMUL equal to 4, we use 4 vector registers as one register group. We can
use a maximum of 8 register groups, but the V0 register number is reserved
as a mask register, so we can effectively use at most 7 register groups.
Moreover, when type is smaller than TCG_TYPE_V256, only 7 registers are
forced to be used. This is because TCG cannot yet dynamically constrain
registers with type; likewise, when the host vlen is 128 bits and
TCG_TYPE_V256, we can use at most 15 registers.
There is not much pressure on vector register allocation in TCG now, so
using 7 registers is feasible and will not have a major impact on code
generation.
This patch:
1. Reserves vector register 0 for use as a mask register.
2. When using register groups, reserves the additional registers within
each group.
Signed-off-by: Huang Shiyuan <swung0x48@outlook.com> Co-authored-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com> Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com> Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241007025700.47259-3-zhiwei_liu@linux.alibaba.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
TANG Tiancheng [Mon, 7 Oct 2024 02:56:49 +0000 (10:56 +0800)]
util: Add RISC-V vector extension probe in cpuinfo
Add support for probing RISC-V vector extension availability in
the backend. This information will be used when deciding whether
to use vector instructions in code generation.
Cache lg2(vlenb) for the backend. The storing of lg2(vlenb) means
we can convert all of the division into subtraction.
While the compiler doesn't support RISCV_HWPROBE_EXT_ZVE64X,
we use RISCV_HWPROBE_IMA_V instead. RISCV_HWPROBE_IMA_V is more
strictly constrainted than RISCV_HWPROBE_EXT_ZVE64X. At least in
current QEMU implemenation, the V vector extension depends on the
zve64d extension.
Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com> Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com> Tested-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Message-ID: <20241007025700.47259-2-zhiwei_liu@linux.alibaba.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
The first immediate field is unsigned, whereas operand_vimm
extracts a signed value. There is no need to mask the result
with 'u'; just print the immediate with 'i'.
Fixes: 07f4964d178 ("disas/riscv.c: rvv: Add disas support for vector instructions") Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Reviewed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Kevin Wolf [Thu, 29 Aug 2024 18:55:27 +0000 (20:55 +0200)]
raw-format: Fix error message for invalid offset/size
s->offset and s->size are only set at the end of the function and still
contain the old values when formatting the error message. Print the
parameters with the new values that we actually checked instead.
Fixes: 500e2434207d ('raw-format: Split raw_read_options()') Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-ID: <20240829185527.47152-1-kwolf@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Hanna Czenczek <hreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Leonid Kaplan [Wed, 2 Oct 2024 15:18:06 +0000 (18:18 +0300)]
block-backend: per-device throttling of BLOCK_IO_ERROR reports
BLOCK_IO_ERROR events comes from guest, so we must throttle them.
We still want per-device throttling, so let's use device id as a key.
Signed-off-by: Leonid Kaplan <xeor@yandex-team.ru> Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Message-ID: <20241002151806.592469-3-vsementsov@yandex-team.ru> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
We need something more reliable than "device" (which absent in modern
interfaces) and "node-name" (which may absent, and actually don't
specify the device, which is a source of error) to make a per-device
throttling for the event in the following commit.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Message-ID: <20241002151806.592469-2-vsementsov@yandex-team.ru> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
iotests/backup-discard-source: don't use actual-size
Relying on disk usage is bad thing, and test just doesn't work on XFS.
Let's instead add a dirty bitmap to track writes to test image.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Message-ID: <20240620144402.65896-3-vsementsov@yandex-team.ru> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Tested-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
iotests/backup-discard-source: convert size variable to be int
Make variable reusable in code for checks. Don't care to change "512 *
1024" invocations as they will be dropped in the next commit.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Message-ID: <20240620144402.65896-2-vsementsov@yandex-team.ru> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Peter Maydell [Tue, 8 Oct 2024 16:47:08 +0000 (17:47 +0100)]
block/vdi.c: Make SECTOR_SIZE constant 64-bits
Make the VDI SECTOR_SIZE define be a 64-bit constant; this matches
how we define BDRV_SECTOR_SIZE. The benefit is that it means that we
don't need to carefully cast to 64-bits when doing operations like
"n_sectors * SECTOR_SIZE" to avoid doing a 32x32->32 multiply, which
might overflow, and which Coverity and other static analysers tend to
warn about.
The specific potential overflow Coverity is highlighting is the one
at the end of vdi_co_pwritev() where we write out n_sectors sectors
to the block map. This is very unlikely to actually overflow, since
the block map has 4 bytes per block and the maximum number of blocks
in the image must fit into a 32-bit integer. So this commit is not
fixing a real-world bug.
An inspection of all the places currently using SECTOR_SIZE in the
file shows none which care about the change in its type, except for
one call to error_setg() which needs the format string adjusting.
Resolves: Coverity CID 1508076 Suggested-by: Kevin Wolf <kwolf@redhat.com>
Message-ID: <20241008164708.2966400-5-peter.maydell@linaro.org> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Peter Maydell [Tue, 8 Oct 2024 16:47:07 +0000 (17:47 +0100)]
tests/qemu-iotests/211.out: Update to expect MapEntry 'compressed' field
In commit 52b10c9c0c68e90f in 2023 the QAPI MapEntry struct was
updated to add a 'compressed' field. That commit updated a number
of iotest expected-output files, but missed 211, which is vdi
specific. The result is that
./check -vdi
and more specifically
./check -vdi 211
fails because the expected and actual output don't match.
Update the reference output.
Cc: qemu-stable@nongnu.org Fixes: 52b10c9c0c68e90f ("qemu-img: map: report compressed data blocks") Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-ID: <20241008164708.2966400-4-peter.maydell@linaro.org> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Peter Maydell [Tue, 8 Oct 2024 16:47:06 +0000 (17:47 +0100)]
block/ssh.c: Don't double-check that characters are hex digits
In compare_fingerprint() we effectively check whether the characters
in the fingerprint are valid hex digits twice: first we do so with
qemu_isxdigit(), but then the hex2decimal() function also has a code
path where it effectively detects an invalid digit and returns -1.
This causes Coverity to complain because it thinks that we might use
that -1 value in an expression where it would be an integer overflow.
Avoid the double-check of hex digit validity by testing the return
values from hex2decimal() rather than doing separate calls to
qemu_isxdigit().
Since this means we now use the illegal-character return value
from hex2decimal(), rewrite it from "-1" to "UINT_MAX", which
has the same effect since the return type is "unsigned" but
looks less confusing at the callsites when we detect it with
"c0 > 0xf".
Resolves: Coverity CID 1547813 Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-ID: <20241008164708.2966400-3-peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Coverity correctly complains that the assignment "str = NULL" at the
end of the loop is unnecessary, because we will either go back to the
top of the loop and overwrite it, or else we will exit the loop and
then exit the function without ever reading str again. The assignment
is there as defensive coding to ensure that str is only non-NULL if
it's a live allocation, so this is intentional.
We can make Coverity happier and simplify the code here by using
g_autofree, since we never need 'str' outside the loop.
Resolves: Coverity CID 1527385 Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20241008164708.2966400-2-peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
* tag 'pull-trivial-patches' of https://gitlab.com/mjt0k/qemu:
replace error_setg(&error_fatal, ...) with error_report()
meson.build: Remove ncurses workaround for OpenBSD
configure: Replace literally printed '\n' with newline
ui/console-vc: Silence warning about sprintf() on OpenBSD
linux-user: Clean up unused header
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The AF_ALG crypto integration for Linux is not being tested in
any CI scenario. It always requires an explicit configure time
flag to be passed to turn it on. The Fedora system test is
arbitrarily picked as the place to test it.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
ui: validate NUL byte padding in SASL client data more strictly
When the SASL data is non-NULL, the SASL protocol spec requires that
it is padded with a trailing NUL byte. QEMU discards the trailing
byte, but does not currently validate that it was in fact a NUL.
Apply strict validation to better detect any broken clients.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
The code is supposed to distinguish between SASL server data that
is NULL, vs non-NULL but zero-length. It was incorrectly checking
the 'serveroutlen' variable, rather than 'serverout' though, so
failing to distinguish the cases.
Fortunately we can fix this without breaking compatibility with
clients, as clients already know how to decode the input data
correctly.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
ui/vnc: don't check for SSF after SASL authentication on UNIX sockets
Although we avoid requesting an SSF when querying SASL mechanisms for a
UNIX socket client, we still mistakenly checked for availability of an
SSF once the SASL auth process is complete.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
ui: extract code to connect/listen from vnc_display_open
meant we stopped setting the 'is_unix' flag when QEMU listens for
VNC sockets, only setting when QEMU does a reverse VNC connection.
Rather than fixing setting of the 'is_unix' flag, remove it, and
directly check the live client socket address. This is more robust
to a possible situation where the VNC server was listening on a
mixture of INET and UNIX sockets.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
ui/vnc: don't raise error formatting socket address for non-inet
The SASL library requires the connection's local & remote IP address to
be passed in, since some mechanism may use this information. Currently
QEMU raises an error for non-inet sockets, but it is valid to pass NULL
to the SASL library. Doing so makes SASL work on UNIX sockets.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
ui/vnc: don't return an empty SASL mechlist to the client
The SASL initialization phase may determine that there are no valid
mechanisms available to use. This may be because the host OS admin
forgot to install some packages, or it might be because the requested
SSF level is incompatible with available mechanisms, or other unknown
reasons.
If we return an empty mechlist to the client, they're going to get a
failure from the SASL library on their end and drop the connection.
Thus there is no point even sending this back to the client, we can
just drop the connection immediately.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Fux build broken by semantic conflict with commit 8f525028bc6 (qapi/crypto: Rename QCryptoAFAlg to QCryptoAFAlgo).
Fixes: 90c3dc60735a (crypto/hash-afalg: Implement new hash API) Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
include/crypto: clarify @result/@result_len for hash/hmac APIs
The @result parameter passed to hash/hmac APIs may either contain
a pre-allocated buffer, or a buffer can be allocated on the fly.
Clarify these two different usage models in the API docs.
Reviewed-by: Dorjoy Chowdhury <dorjoychy111@gmail.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Setting the SO_REUSEADDR property on a socket allows binding to a port
number that is in the TIMED_WAIT state. This is usually done on listener
sockets, to enable a server to restart itself without having to wait for
the completion of TIMED_WAIT on the port.
It is also possible, but highly unusual, to set it on client sockets. It
is rare to explicitly bind() a client socket, since it is almost always
fine to allow the kernel to auto-bind a client socket to a random free
port. Most systems will have many 10's of 1000's of free ports that
client sockets will be bound to.
eg on Linux
$ sysctl -a | grep local_port
net.ipv4.ip_local_port_range = 32768 60999
eg on OpenBSD
$ sysctl -a | grep net.inet.ip.port
net.inet.ip.portfirst=1024
net.inet.ip.portlast=49151
net.inet.ip.porthifirst=49152
net.inet.ip.porthilast=65535
A connected socket must have a unique set of value for
A client connection should trivially avoid EADDRINUSE if letting the
kernel auto-assign the 'localport' value, which QEMU always does.
When QEMU sets SO_REUSEADDR on a client socket on OpenBSD, however, it
upsets this situation.
The OpenBSD kernel appears to happily pick a 'localport' that is in the
TIMED_WAIT state, even if there are many other available local ports
available for use that are not in the TIMED_WAIT state.
A test program that just loops opening client sockets will start seeing
EADDRINUSE on OpenBSD when as few as 2000 ports are in TIMED_WAIT,
despite 10's of 1000's ports still being unused. This contrasts with
Linux which appears to avoid picking local ports in TIMED_WAIT state.
This problem on OpenBSD exhibits itself periodically with the migration
test failing with a message like[1]:
qemu-system-ppc64: Failed to connect to '127.0.0.1:24109': Address already in use
While I have not been able to reproduce the OpenBSD failure in my own
testing, given the scope of what QEMU tests do, it is entirely possible
that there could be a lot of ports in TIMED_WAIT state when the
migration test runs.
Removing SO_REUSEADDR from the client sockets should not affect normal
QEMU usage, and should improve reliability on OpenBSD.
This use of SO_REUSEADDR on client sockets is highly unusual, and
appears to have been present since the very start of the QEMU socket
helpers in 2008. The orignal commit has no comment about the use of
SO_REUSEADDR on the client, so is most likely just an 16 year old
copy+paste bug.
Fixes: d247d25f18764402899b37c381bb696a79000b4e Reviewed-by: Peter Xu <peterx@redhat.com> Reviewed-by: Fabiano Rosas <farosas@suse.de> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
socket_remote_address hasn't been used since it was added in 17c55decec ("sockets: add helpers for creating SocketAddress from a socket")
inet_connect hasn't been used since 2017's 8ecc2f9eab ("sheepdog: Use SocketAddress and socket_connect()")
Remove them.
Signed-off-by: Dr. David Alan Gilbert <dave@treblig.org> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
qcrypto_der_encode_octet_str_begin and _end have been unused
since they were added in 3b34ccad66 ("crypto: Support DER encodings")
Remove them.
Signed-off-by: Dr. David Alan Gilbert <dave@treblig.org> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Tudor Gheorghiu [Mon, 7 Oct 2024 22:27:56 +0000 (01:27 +0300)]
replace error_setg(&error_fatal, ...) with error_report()
According to include/qapi/error.h:
* Please don't error_setg(&error_fatal, ...), use error_report() and
* exit(), because that's more obvious.
Patch updates all instances of error_setg(&error_fatal, ...) with
error_report(...), adds the explicit exit(1) and removes redundant
return statements.
Signed-off-by: Tudor Gheorghiu <tudor.reda@gmail.com> Suggested-by: Thomas Huth <thuth@redhat.com>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2587 Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
(Mjt: also fold __func__ to previous line)
Brad Smith [Sat, 12 Oct 2024 03:38:55 +0000 (23:38 -0400)]
meson.build: Remove ncurses workaround for OpenBSD
meson.build: Remove ncurses workaround for OpenBSD
OpenBSD 7.5 has upgraded to ncurses 6.4.
Signed-off-by: Brad Smith <brad@comstyle.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Kevin Wolf [Fri, 18 Oct 2024 12:05:57 +0000 (14:05 +0200)]
configure: Replace literally printed '\n' with newline
The idea here was to leave an empty line before the message, but by
default, echo prints '\n' literally instead of interpreting it. Use a
separate echo without parameter instead like in other places in the
script.
Fixes: 6fdc5bc173188f5e4942616b16d589500b874a15 Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Thomas Huth [Tue, 15 Oct 2024 11:25:10 +0000 (13:25 +0200)]
ui/console-vc: Silence warning about sprintf() on OpenBSD
The linker on OpenBSD complains:
ld: warning: console-vc.c:824 (../src/ui/console-vc.c:824)([...]):
warning: sprintf() is often misused, please use snprintf()
Using g_strdup_printf() is certainly better here, so let's switch
to that function instead.
Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Gustavo Romero [Tue, 15 Oct 2024 14:09:22 +0000 (14:09 +0000)]
linux-user: Clean up unused header
Clean up unused (already commented-out) header from syscall.c.
Signed-off-by: Gustavo Romero <gustavo.romero@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Peter Maydell [Mon, 21 Oct 2024 16:12:59 +0000 (17:12 +0100)]
Merge tag 'pull-request-2024-10-21' of https://gitlab.com/thuth/qemu into staging
* Convert most Tuxrun Avocado tests to the new functional framework
* Update the OpenBSD CI image to OpenBSD v7.6
* Bump timeout of the ide-test
* New maintainer for the QTests
* Disable the pci-bridge on s390x by default
* tag 'pull-request-2024-10-21' of https://gitlab.com/thuth/qemu:
tests/functional: Convert the Avocado sh4 tuxrun test
Revert "hw/sh4/r2d: Realize IDE controller before accessing it"
tests/functional: Convert the Avocado ppc32 tuxrun test
tests/functional: Convert the Avocado mips64el tuxrun test
tests/functional: Convert the Avocado mips64 tuxrun test
tests/functional: Convert the Avocado mipsel tuxrun test
tests/functional: Convert the Avocado mips tuxrun test
tests/functional: Convert the Avocado x86_64 tuxrun test
tests/functional: Convert the Avocado i386 tuxrun test
tests/functional: Convert the Avocado riscv64 tuxrun tests
tests/functional: Convert the Avocado riscv32 tuxrun tests
tests/functional: Convert the Avocado arm tuxrun tests
tests/functional: Convert the Avocado s390x tuxrun test
tests/functional: Convert the Avocado sparc64 tuxrun test
tests/functional: Convert the Avocado ppc64 tuxrun tests
tests/functional: Add a base class for the TuxRun tests
hw/pci-bridge: Add a Kconfig switch for the normal PCI bridge
MAINTAINERS: A new maintainer for the qtests
tests/qtest: Raise the ide-test timeout
tests/vm: update openbsd image to 7.6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Changing the order here caused a regression with the "tuxrun"
kernels (from https://storage.tuxboot.com/20230331/) - ATA commands
fail with a "ata1: lost interrupt (Status 0x58)" message.
Apparently we need to wire the interrupt here first before
realizing the device, so revert the change to the original
behavior.
Reported-by: Guenter Roeck <linux@roeck-us.net> Acked-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-17-thuth@redhat.com>
Thomas Huth [Fri, 11 Oct 2024 13:19:18 +0000 (15:19 +0200)]
tests/functional: Add a base class for the TuxRun tests
Add a base class for the TuxRun tests, based on the code from
tests/avocado/tuxrun_baselines.py (the test have to be put into
separate file in the following commits, depending on the target
architecture that gets tested).
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-2-thuth@redhat.com>
Thomas Huth [Fri, 13 Sep 2024 14:48:44 +0000 (16:48 +0200)]
hw/pci-bridge: Add a Kconfig switch for the normal PCI bridge
The pci-bridge device is not usable on s390x, so introduce a Kconfig
switch that allows to disable it.
Message-ID: <20240913144844.427899-1-thuth@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Cédric Le Goater <clg@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Fri, 11 Oct 2024 14:13:44 +0000 (16:13 +0200)]
MAINTAINERS: A new maintainer for the qtests
Since I blundered into becoming the maintainer of the new functional
test framework in QEMU (tests/functional/) recently, I need to drop
some other duties - it's getting too much for me otherwise. Laurent
is also quite busy with other projects nowadays, so I looked around
for help.
Fabiano did quite a lot of work in the qtests in the past already,
and is also already a maintainer for migration, so I thought he
would be a very good fit, thus I asked him whether he would be
interested to help out with the qtests and he agreed.
Thank you very much, Fabiano!
Message-ID: <20241011141344.379781-1-thuth@redhat.com> Acked-by: Laurent Vivier <lvivier@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Fabiano Rosas <farosas@suse.de> Signed-off-by: Thomas Huth <thuth@redhat.com>
Peter Maydell [Tue, 15 Oct 2024 11:37:05 +0000 (12:37 +0100)]
tests/qtest: Raise the ide-test timeout
The ide-test occasionally times out: on the system I run
vm-build-openbsd on, it usually takes about 18 seconds, but
occasionally hits the 60s timeout, likely when the host machine is
under heavy load. I have also seen this test hit its time limit on
the s390x CI runner.
Double the timeout for this test so that it won't hit its timeout
even when the host is running more slowly than usual.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241015113705.239067-1-peter.maydell@linaro.org> Signed-off-by: Thomas Huth <thuth@redhat.com>
Brad Smith [Sun, 13 Oct 2024 06:19:41 +0000 (02:19 -0400)]
tests/vm: update openbsd image to 7.6
Remove tomli as Python has been updated to 3.11.
[thuth: The "Time appears wrong" line is now necessary since the server
seems to provide a wrong timestamp. We likely have to remove that again
later once the server is running with the correct time again]
Signed-off-by: Brad Smith <brad@comstyle.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Tested-by: Thomas Huth <thuth@redhat.com>
Message-ID: <ZwtmfVlWgFRF9G8W@humpty.home.comstyle.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Peter Maydell [Fri, 18 Oct 2024 14:45:02 +0000 (15:45 +0100)]
Merge tag 'pull-tpm-2024-10-18-1' of https://github.com/stefanberger/qemu-tpm into staging
Merge tpm 2024/10/18 v1
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCAAdFiEEuBi5yt+QicLVzsZrda1lgCoLQhEFAmcSXq4ACgkQda1lgCoL
# QhHTRQgAhlSeKfhK1iJsExOmkT/mgAsfoawRUl4DZW4nVmm1xjXmRYcGK8cgEFPn
# gw8UJp294cQqxzP9iehEvXP5zkrjmkIQm8fE3hh9nim6bREeo66uDfcfHJEnUK7i
# eLXLChsTvpCRO6TtILW65jXwvajPzC5ZBu2Wsbao4HUdEPWAm/g6+gMnaHMe4Dq/
# ml19bOhPJy7J7+0g8dBVannD2X/PKbXhBEjbBu15QdvzW8jQNp4s6z3YN84Fec6X
# IoDm+rr0ZZ7hZL/zrbLFT5yGPc23lyVWGyvXBUUNBZCy0jYUFwP7XJFuKwfHp1F1
# 323i4AWBF4fqCtodJje15L+xIJKi1A==
# =c7lX
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 18 Oct 2024 14:12:14 BST
# gpg: using RSA key B818B9CADF9089C2D5CEC66B75AD65802A0B4211
# gpg: Good signature from "Stefan Berger <stefanb@linux.vnet.ibm.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: B818 B9CA DF90 89C2 D5CE C66B 75AD 6580 2A0B 4211
* tag 'pull-tpm-2024-10-18-1' of https://github.com/stefanberger/qemu-tpm:
tests: Wait for migration completion on destination QEMU to avoid failures
tpm_emulator: Read control channel response in 2 passes
tpm: Use new ptm_cap_n structure for PTM_GET_CAPABILITY
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* tag 'pull-error-2024-10-18' of https://repo.or.cz/qemu/armbru:
qerror: QERR_PROPERTY_VALUE_OUT_OF_RANGE is no longer used, drop
hw/intc/openpic: Improve errors for out of bounds property values
target/i386/cpu: Improve errors for out of bounds property values
target/i386/cpu: Avoid mixing signed and unsigned in property setters
block: Adjust check_block_size() signature
block: Improve errors about block sizes
error: Drop superfluous #include "qapi/qmp/qerror.h"
qga: Improve error for guest-set-user-password parameter @crypted
qga/qapi-schema: Drop obsolete note on "unsupported" errors
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
qerror: QERR_PROPERTY_VALUE_OUT_OF_RANGE is no longer used, drop
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20241010150144.986655-8-armbru@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
hw/intc/openpic: Improve errors for out of bounds property values
The error message doesn't matter much, as the "openpic" device isn't
user-creatable. But it's the last use of
QERR_PROPERTY_VALUE_OUT_OF_RANGE, which has to go. Change the message
just like the previous commit did for x86 CPUs.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20241010150144.986655-7-armbru@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
target/i386/cpu: Improve errors for out of bounds property values
The error message for a "stepping" value that is out of bounds is a
bit odd:
$ qemu-system-x86_64 -cpu qemu64,stepping=16
qemu-system-x86_64: can't apply global qemu64-x86_64-cpu.stepping=16: Property .stepping doesn't take value 16 (minimum: 0, maximum: 15)
The "can't apply global" part is an unfortunate artifact of -cpu's
implementation. Left for another day.
The remainder feels overly verbose. Change it to
qemu64-x86_64-cpu: can't apply global qemu64-x86_64-cpu.stepping=16: parameter 'stepping' can be at most 15
Likewise for "family", "model", and "tsc-frequency".
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20241010150144.986655-6-armbru@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com>
target/i386/cpu: Avoid mixing signed and unsigned in property setters
Properties "family", "model", and "stepping" are visited as signed
integers. They are backed by bits in CPUX86State member
@cpuid_version. The code to extract and insert these bits mixes
signed and unsigned. Not actually wrong, but avoiding such mixing is
good practice.
Visit them as unsigned integers instead.
This adds a few mildly ugly cast in arguments of error_setg(). The
next commit will get rid of them again.
Property "tsc-frequency" is also visited as signed integer. The value
ultimately flows into the kernel, where it is 31 bits unsigned. The
QEMU code freely mixes int, uint32_t, int64_t. I elect not to attempt
draining this swamp today.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20241010150144.986655-5-armbru@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Parameter @id is no longer used, drop. Return a bool to indicate
success / failure, as recommended by qapi/error.h.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20241010150144.986655-4-armbru@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Block sizes need to be a power of two between 512 and an arbitrary
limit, currently 2MiB.
Commit 5937835ac4c factored block size checking out of set_blocksize()
into new check_block_size(), for reuse in block/export/.
Its two error messages are okay for the original purpose:
$ qemu-system-x86_64 -device ide-hd,physical_block_size=1
qemu-system-x86_64: -device ide-hd,physical_block_size=1: Property .physical_block_size doesn't take value 1 (minimum: 512, maximum: 2097152)
$ qemu-system-x86_64 -device ide-hd,physical_block_size=513
qemu-system-x86_64: -device ide-hd,physical_block_size=513: Property .physical_block_size doesn't take value '513', it's not a power of 2
They're mildly off for block exports:
$ qemu-storage-daemon --blockdev node-name=nod0,driver=file,filename=foo.img --export type=vduse-blk,id=exp0,node-name=nod0,name=foo,logical-block-size=1
qemu-storage-daemon: --export type=vduse-blk,id=exp0,node-name=nod0,name=foo,logical-block-size=1: Property exp0.logical-block-size doesn't take value 1 (minimum: 512, maximum: 2097152)
The error message talks about a property. CLI options like --export
don't have properties, they have parameters.
Replace the two error messages by a single one that's okay for both
purposes. Looks like this:
qemu-storage-daemon: --export type=vduse-blk,id=exp0,node-name=nod0,name=foo,logical-block-size=1: parameter logical-block-size must be a power of 2 between 512 and 2097152
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20241010150144.986655-3-armbru@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
error: Drop superfluous #include "qapi/qmp/qerror.h"
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20241010150144.986655-2-armbru@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
qga: Improve error for guest-set-user-password parameter @crypted
The Windows version of guest-set-user-password rejects argument
"crypted": true with the rather useless "this feature or command is
not currently supported". Improve to "'crypted' must be off on this
host".
QERR_UNSUPPORTED is now unused. Drop.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20240911131206.2503035-3-armbru@redhat.com>
qga/qapi-schema: Drop obsolete note on "unsupported" errors
The note talks about "unsupported" errors and QERR_UNSUPPORTED. The
former is vague, and the latter makes sense only in C, not in external
interface documentation. Fortunately, we don't have to address this
anymore: recent merge commit 3b5efc553eb got rid of these errors.
Delete the note.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20240911131206.2503035-2-armbru@redhat.com>
Stefan Berger [Wed, 16 Oct 2024 15:21:59 +0000 (11:21 -0400)]
tests: Wait for migration completion on destination QEMU to avoid failures
Rather than waiting for the completion of migration on the source side,
wait for it on the destination QEMU side to avoid accessing the TPM TIS
memory mapped registers before QEMU could restore their state. This
error condition could be triggered on busy systems where the destination
QEMU did not have enough time to restore the TIS state while the test case
was already reading its registers. The test case was for example reading
the STS register and received an unexpected value (0xffffffff), which
lead to a segmentation fault later on due to trying to read 0xffff bytes
from the TIS into a buffer.
Cc: <qemu-stable@nongnu.org> Reported-by: Fabiano Rosas <farosas@suse.de> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Wed, 16 Oct 2024 17:51:29 +0000 (13:51 -0400)]
tpm_emulator: Read control channel response in 2 passes
Error responses from swtpm are typically only 4 bytes long with the
exception of a few commands that return more bytes. Therefore, read the
entire response in 2 steps and stop if the first few bytes indicate an
error response with no subsequent bytes readable. Read the rest in a 2nd
step, if needed. This avoids getting stuck while waiting for too many
bytes in case of an error. The 'getting stuck' condition has not been
observed in practice so far, though.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2615 Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Wed, 16 Oct 2024 17:51:28 +0000 (13:51 -0400)]
tpm: Use new ptm_cap_n structure for PTM_GET_CAPABILITY
Use the new ptm_cap_n structure for getting the PTM_GET_CAPABILITY response
from swtpm. Previously only 17 bits could possibly have been set in ptm_cap
(uint64_t) in big endian order and those bits are now found in the 2nd
32bit word in the response in the caps field.
This data structure makes it now clear that the 1st 32bit word carries the
tpm_result like all the other response structures of all other commands
do.
The changes are taken from the swtpm project's tpm_ioctl.h.
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Peter Maydell [Fri, 18 Oct 2024 09:42:56 +0000 (10:42 +0100)]
Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging
* tcg/s390x: Fix for TSTEQ/TSTNE
* target/i386: Fixes for IN and OUT with REX prefix
* target/i386: New CPUID features and logic fixes
* target/i386: Add support save/load HWCR MSR
* target/i386: Move more instructions to new decoder; separate decoding
and IR generation
* target/i386/tcg: Use DPL-level accesses for interrupts and call gates
* accel/kvm: perform capability checks on VM file descriptor when necessary
* accel/kvm: dynamically sized kvm memslots array
* target/i386: fixes for Hyper-V
* docs/system: Add recommendations to Hyper-V enlightenments doc
* tag 'for-upstream' of https://gitlab.com/bonzini/qemu: (26 commits)
target/i386: Use only 16 and 32-bit operands for IN/OUT
accel/kvm: check for KVM_CAP_MEMORY_ATTRIBUTES on vm
accel/kvm: check for KVM_CAP_MULTI_ADDRESS_SPACE on vm
accel/kvm: check for KVM_CAP_READONLY_MEM on VM
target/i386/tcg: Use DPL-level accesses for interrupts and call gates
KVM: Rename KVMState->nr_slots to nr_slots_max
KVM: Rename KVMMemoryListener.nr_used_slots to nr_slots_used
KVM: Define KVM_MEMSLOTS_NUM_MAX_DEFAULT
KVM: Dynamic sized kvm memslots array
target/i386: assert that cc_op* and pc_save are preserved
target/i386: list instructions still in translate.c
target/i386: do not check PREFIX_LOCK in old-style decoder
target/i386: convert CMPXCHG8B/CMPXCHG16B to new decoder
target/i386: decode address before going back to translate.c
target/i386: convert bit test instructions to new decoder
tcg/s390x: fix constraint for 32-bit TSTEQ/TSTNE
docs/system: Add recommendations to Hyper-V enlightenments doc
target/i386: Make sure SynIC state is really updated before KVM_RUN
target/i386: Exclude 'hv-syndbg' from 'hv-passthrough'
target/i386: Fix conditional CONFIG_SYNDBG enablement
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Paolo Bonzini [Fri, 11 Oct 2024 08:39:58 +0000 (10:39 +0200)]
accel/kvm: check for KVM_CAP_MEMORY_ATTRIBUTES on vm
The exact set of available memory attributes can vary by VM. In the
future it might vary depending on enabled capabilities, too. Query the
extension on the VM level instead of on the KVM level, and only after
architecture-specific initialization.
Inspired by an analogous patch by Tom Dohrmann.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 11 Oct 2024 08:39:58 +0000 (10:39 +0200)]
accel/kvm: check for KVM_CAP_MULTI_ADDRESS_SPACE on vm
KVM_CAP_MULTI_ADDRESS_SPACE used to be a global capability, but with the
introduction of AMD SEV-SNP confidential VMs, the number of address spaces
can vary by VM type.
Query the extension on the VM level instead of on the KVM level.
Inspired by an analogous patch by Tom Dohrmann.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Tom Dohrmann [Tue, 3 Sep 2024 06:29:53 +0000 (06:29 +0000)]
accel/kvm: check for KVM_CAP_READONLY_MEM on VM
KVM_CAP_READONLY_MEM used to be a global capability, but with the
introduction of AMD SEV-SNP confidential VMs, this extension is not
always available on all VM types [1,2].
Query the extension on the VM level instead of on the KVM level.
Paolo Bonzini [Tue, 18 Jun 2024 06:53:19 +0000 (08:53 +0200)]
target/i386/tcg: Use DPL-level accesses for interrupts and call gates
Stack accesses should be explicit and use the privilege level of the
target stack. This ensures that SMAP is not applied when the target
stack is in ring 3.
This fixes a bug wherein i386/tcg assumed that an interrupt return, or a
far call using the CALL or JMP instruction, was always going from kernel
or user mode to kernel mode when using a call gate. This assumption is
violated if the call gate has a DPL that is greater than 0.
Analyzed-by: Robert R. Henry <rrh.henry@gmail.com>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/249 Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
projects / thirdparty / qemu.git / log
