Kevin Wolf [Thu, 11 Mar 2021 16:42:51 +0000 (17:42 +0100)]
char: Skip CLI aliases in query-chardev-backends
The aliases "tty" and "parport" are only valid on the command line, QMP
commands like chardev-add don't know them. query-chardev-backends should
describe QMP and therefore not include them in the list of available
backends.
Kevin Wolf [Fri, 19 Feb 2021 17:14:01 +0000 (18:14 +0100)]
qom: Add user_creatable_parse_str()
The system emulator has a more complicated way of handling command line
options in that it reorders options before it processes them. This means
that parsing object options and creating the object happen at two
different points. Split the parsing part into a separate function that
can be reused by the system emulator command line.
Kevin Wolf [Wed, 17 Feb 2021 14:27:54 +0000 (15:27 +0100)]
hmp: QAPIfy object_add
This switches the HMP command object_add from a QemuOpts-based parser to
user_creatable_add_from_str() which uses a keyval parser and enforces
the QAPI schema.
Apart from being a cleanup, this makes non-scalar properties and help
accessible. In order for help to be printed to the monitor instead of
stdout, the printf() calls in the help functions are changed to
qemu_printf().
Kevin Wolf [Wed, 17 Feb 2021 11:56:45 +0000 (12:56 +0100)]
qemu-img: Use user_creatable_process_cmdline() for --object
This switches qemu-img from a QemuOpts-based parser for --object to
user_creatable_process_cmdline() which uses a keyval parser and enforces
the QAPI schema.
Apart from being a cleanup, this makes non-scalar properties accessible.
As a side effect, fix wrong exit codes in the object parsing error path
of 'qemu-img compare'. This was broken in commit 334c43e2c3 because
&error_fatal exits with an exit code of 1, while it should have been 2.
Document that exit code 0 is also returned when just requested help was
printed instead of comparing images. This is preexisting behaviour that
isn't changed by this patch, though another instance of it is added with
'--object help'.
Kevin Wolf [Wed, 17 Feb 2021 11:56:45 +0000 (12:56 +0100)]
qemu-nbd: Use user_creatable_process_cmdline() for --object
This switches qemu-nbd from a QemuOpts-based parser for --object to
user_creatable_process_cmdline() which uses a keyval parser and enforces
the QAPI schema.
Apart from being a cleanup, this makes non-scalar properties accessible.
Kevin Wolf [Wed, 17 Feb 2021 11:56:45 +0000 (12:56 +0100)]
qemu-io: Use user_creatable_process_cmdline() for --object
This switches qemu-io from a QemuOpts-based parser for --object to
user_creatable_process_cmdline() which uses a keyval parser and enforces
the QAPI schema.
Apart from being a cleanup, this makes non-scalar properties accessible.
Kevin Wolf [Wed, 17 Feb 2021 11:06:20 +0000 (12:06 +0100)]
qom: Factor out user_creatable_process_cmdline()
The implementation for --object can be shared between
qemu-storage-daemon and other binaries, so move it into a function in
qom/object_interfaces.c that is accessible from everywhere.
This also requires moving the implementation of qmp_object_add() into a
new user_creatable_add_qapi(), because qom/qom-qmp-cmds.c is not linked
for tools.
user_creatable_print_help_from_qdict() can become static now.
Kevin Wolf [Mon, 22 Feb 2021 14:29:27 +0000 (15:29 +0100)]
qom: Make "object" QemuOptsList optional
This code is going away anyway, but for a few more commits, we'll be in
a state where some binaries still use QemuOpts and others don't. If the
"object" QemuOptsList doesn't even exist, we don't have to remove (or
fail to remove, and therefore abort) a user creatable object from it.
Kevin Wolf [Tue, 20 Oct 2020 11:27:22 +0000 (13:27 +0200)]
qapi/qom: QAPIfy object-add
This converts object-add from 'gen': false to the ObjectOptions QAPI
type. As an immediate benefit, clients can now use QAPI schema
introspection for user creatable QOM objects.
It is also the first step towards making the QAPI schema the only
external interface for the creation of user creatable objects. Once all
other places (HMP and command lines of the system emulator and all
tools) go through QAPI, too, some object implementations can be
simplified because some checks (e.g. that mandatory options are set) are
already performed by QAPI, and in another step, QOM boilerplate code
could be generated from the schema.
Kevin Wolf [Tue, 20 Oct 2020 10:47:58 +0000 (12:47 +0200)]
qapi/qom: Add ObjectOptions for confidential-guest-support
This adds a QAPI schema for the properties of the objects implementing
the confidential-guest-support interface.
pef-guest and s390x-pv-guest don't have any properties, so they only
need to be added to the ObjectType enum without adding a new branch to
ObjectOptions.
Kevin Wolf [Tue, 20 Oct 2020 10:47:58 +0000 (12:47 +0200)]
qapi/qom: Add ObjectOptions for filter-*
This adds a QAPI schema for the properties of the filter-* objects.
Some parts of the interface (in particular NetfilterProperties.position)
are very unusual for QAPI, but for now just describe the existing
interface.
net.json can't be included in qom.json because the storage daemon
doesn't have it. NetFilterDirection is still required in the new object
property definitions in qom.json, so move this enum to common.json.
Kevin Wolf [Tue, 20 Oct 2020 10:47:58 +0000 (12:47 +0200)]
qapi/qom: Add ObjectOptions for tls-*, deprecate 'loaded'
This adds a QAPI schema for the properties of the tls-* objects.
The 'loaded' property doesn't seem to make sense as an external
interface: It is automatically set to true in ucc->complete, and
explicitly setting it to true earlier just means that additional options
will be silently ignored.
In other words, the 'loaded' property is useless. Mark it as deprecated
in the schema from the start.
Kevin Wolf [Tue, 20 Oct 2020 10:47:58 +0000 (12:47 +0200)]
qapi/qom: Add ObjectOptions for secret*, deprecate 'loaded'
This adds a QAPI schema for the properties of the secret* objects.
The 'loaded' property doesn't seem to make sense as an external
interface: It is automatically set to true in ucc->complete, and
explicitly setting it to true earlier just means that additional options
will be silently ignored.
In other words, the 'loaded' property is useless. Mark it as deprecated
in the schema from the start.
Kevin Wolf [Tue, 20 Oct 2020 10:47:58 +0000 (12:47 +0200)]
qapi/qom: Add ObjectOptions for throttle-group
This adds a QAPI schema for the properties of the throttle-group object.
The only purpose of the x-* properties is to make the nested options in
'limits' available for a command line parser that doesn't support
structs. Any parser that will use the QAPI schema will supports structs,
though, so they will not be needed in the schema in the future.
To keep the conversion straightforward, add them to the schema anyway.
We can then remove the options and adjust documentation, test cases etc.
in a separate patch.
Kevin Wolf [Tue, 20 Oct 2020 10:47:58 +0000 (12:47 +0200)]
qapi/qom: Add ObjectOptions for rng-*, deprecate 'opened'
This adds a QAPI schema for the properties of the rng-* objects.
The 'opened' property doesn't seem to make sense as an external
interface: It is automatically set to true in ucc->complete, and
explicitly setting it to true earlier just means that trying to set
additional options will result in an error. After the property has once
been set to true (i.e. when the object construction has completed), it
can never be reset to false. In other words, the 'opened' property is
useless. Mark it as deprecated in the schema from the start.
Kevin Wolf [Tue, 20 Oct 2020 10:47:58 +0000 (12:47 +0200)]
qapi/qom: Add ObjectOptions for memory-backend-*
This adds a QAPI schema for the properties of the memory-backend-*
objects.
HostMemPolicy has to be moved to an include file that can be used by the
storage daemon, too, because ObjectOptions must be the same in all
binaries if we don't want to compile the whole code multiple times.
Kevin Wolf [Tue, 20 Oct 2020 10:47:58 +0000 (12:47 +0200)]
qapi/qom: Add ObjectOptions for cryptodev-*
This adds a QAPI schema for the properties of the cryptodev-* objects.
These interfaces have some questionable aspects (cryptodev-backend is
really an abstract base class without function, and the queues option
only makes sense for cryptodev-vhost-user), but as the goal is to
represent the existing interface in QAPI, leave these things in place.
Kevin Wolf [Tue, 20 Oct 2020 10:47:58 +0000 (12:47 +0200)]
qapi/qom: Add ObjectOptions for iothread
Add an ObjectOptions union that will eventually describe the options of
all user creatable object types. As unions can't exist without any
branches, also add the first object type.
This adds a QAPI schema for the properties of the iothread object.
Kevin Wolf [Fri, 27 Nov 2020 16:40:21 +0000 (17:40 +0100)]
tests: Drop 'props' from object-add calls
The 'props' option has been deprecated in 5.0 in favour of a flattened
object-add command. Time to change our test cases to drop the deprecated
option.
Stefan Hajnoczi [Tue, 9 Mar 2021 09:41:03 +0000 (09:41 +0000)]
block/export: disable VHOST_USER_PROTOCOL_F_INFLIGHT_SHMFD for now
The vhost-user in-flight shmfd feature has not been tested with
qemu-storage-daemon's vhost-user-blk server. Disable this optional
feature for now because it requires MFD_ALLOW_SEALING, which is not
available in some CI environments.
If we need this feature in the future it can be re-enabled after
testing.
Max Reitz [Tue, 9 Mar 2021 13:05:41 +0000 (14:05 +0100)]
curl: Disconnect sockets from CURLState
When a curl transfer is finished, that does not mean that CURL lets go
of all the sockets it used for it. We therefore must not free a
CURLSocket object before CURL has invoked curl_sock_cb() to tell us to
remove it. Otherwise, we may get a use-after-free, as described in this
bug report: https://bugs.launchpad.net/qemu/+bug/1916501
(Reproducer from that report:
$ qemu-img convert -f qcow2 -O raw \
https://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img \
out.img
)
(Alternatively, it might seem logical to force-drop all sockets that
have been used for a state when the respective transfer is done, kind of
like it is done now, but including unsetting the AIO handlers.
Unfortunately, doing so makes the driver just hang instead of crashing,
which seems to evidence that CURL still uses those sockets.)
Make the CURLSocket object independent of "its" CURLState by putting all
sockets into a hash table belonging to the BDRVCURLState instead of a
list that belongs to a CURLState. Do not touch any sockets in
curl_clean_state().
Testing, it seems like all sockets are indeed gone by the time the curl
BDS is closed, so it seems like there really was no point in freeing any
socket just because a transfer is done. libcurl does invoke
curl_sock_cb() with CURL_POLL_REMOVE for every socket it has.
Max Reitz [Tue, 9 Mar 2021 13:05:40 +0000 (14:05 +0100)]
curl: Store BDRVCURLState pointer in CURLSocket
A socket does not really belong to any specific state. We do not need
to store a pointer to "its" state in it, a pointer to the common
BDRVCURLState is sufficient.
Kevin Wolf [Tue, 9 Mar 2021 17:34:51 +0000 (18:34 +0100)]
stream: Don't crash when node permission is denied
The image streaming block job restricts shared permissions of the nodes
it accesses. This can obviously fail when other users already got these
permissions. &error_abort is therefore wrong and can crash. Handle these
errors gracefully and just fail starting the block job.
block: remove format defaults from QemuOpts in bdrv_create_file()
QemuOpts is usually created merging the QemuOptsList of format
and protocol. So, when the format calls bdr_create_file(), the 'opts'
parameter contains a QemuOptsList with a combination of format and
protocol default values.
The format properly removes its options before calling
bdr_create_file(), but the default values remain in 'opts->list'.
So if the protocol has options with the same name (e.g. rbd has
'cluster_size' as qcow2), it will see the default values of the format,
since for overlapping options, the format wins.
To avoid this issue, lets convert QemuOpts to QDict, in this way we take
only the set options, and then convert it back to QemuOpts, using the
'create_opts' of the protocol. So the new QemuOpts, will contain only the
protocol defaults.
Peter Maydell [Thu, 18 Mar 2021 19:55:37 +0000 (19:55 +0000)]
Merge remote-tracking branch 'remotes/nvme/tags/nvme-next-pull-request' into staging
emulated nvme updates and fixes
* fixes for Coverity CID 1450756, 1450757 and 1450758 (me)
* fix for a bug in zone management receive (me)
* metadata and end-to-end data protection support (me & Gollu Appalanaidu)
* verify support (Gollu Appalanaidu)
* multiple lba formats and format nvm support (Minwoo Im)
and a couple of misc refactorings from me.
v2:
- remove an unintended submodule update. Argh.
# gpg: Signature made Thu 18 Mar 2021 11:53:48 GMT
# gpg: using RSA key 522833AA75E2DCE6A24766C04DE1AF316D4F0DE9
# gpg: Good signature from "Klaus Jensen <[email protected]>" [unknown]
# gpg: aka "Klaus Jensen <[email protected]>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: DDCA 4D9C 9EF9 31CC 3468 4272 63D5 6FC5 E55D A838
# Subkey fingerprint: 5228 33AA 75E2 DCE6 A247 66C0 4DE1 AF31 6D4F 0DE9
* remotes/nvme/tags/nvme-next-pull-request:
hw/block/nvme: add support for the format nvm command
hw/block/nvme: pull lba format initialization
hw/block/nvme: prefer runtime helpers instead of device parameters
hw/block/nvme: support multiple lba formats
hw/block/nvme: add non-mdts command size limit for verify
hw/block/nvme: add verify command
hw/block/nvme: end-to-end data protection
hw/block/nvme: add metadata support
hw/block/nvme: fix zone management receive reporting too many zones
hw/block/nvme: assert namespaces array indices
hw/block/nvme: fix potential overflow
Peter Maydell [Thu, 18 Mar 2021 19:00:49 +0000 (19:00 +0000)]
Merge remote-tracking branch 'remotes/berrange-gitlab/tags/dep-many-pull-request' into staging
Remove many old deprecated features
The following features have been deprecated for well over the 2
release cycle we promise
``-drive file=json:{...{'driver':'file'}}`` (since 3.0)
``-vnc acl`` (since 4.0.0)
``-mon ...,control=readline,pretty=on|off`` (since 4.1)
``migrate_set_downtime`` and ``migrate_set_speed`` (since 2.8.0)
``query-named-block-nodes`` result ``encryption_key_missing`` (since 2.10.0)
``query-block`` result ``inserted.encryption_key_missing`` (since 2.10.0)
``migrate-set-cache-size`` and ``query-migrate-cache-size`` (since 2.11.0)
``query-named-block-nodes`` and ``query-block`` result dirty-bitmaps[i].status (since 4.0)
``query-cpus`` (since 2.12.0)
``query-cpus-fast`` ``arch`` output member (since 3.0.0)
``query-events`` (since 4.0)
chardev client socket with ``wait`` option (since 4.0)
``acl_show``, ``acl_reset``, ``acl_policy``, ``acl_add``, ``acl_remove`` (since 4.0.0)
``ide-drive`` (since 4.2)
``scsi-disk`` (since 4.2)
# gpg: Signature made Thu 18 Mar 2021 09:23:39 GMT
# gpg: using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <[email protected]>" [full]
# gpg: aka "Daniel P. Berrange <[email protected]>" [full]
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF
* remotes/berrange-gitlab/tags/dep-many-pull-request:
block: remove support for using "file" driver with block/char devices
block: remove 'dirty-bitmaps' field from 'BlockInfo' struct
block: remove dirty bitmaps 'status' field
block: remove 'encryption_key_missing' flag from QAPI
hw/scsi: remove 'scsi-disk' device
hw/ide: remove 'ide-drive' device
chardev: reject use of 'wait' flag for socket client chardevs
machine: remove 'arch' field from 'query-cpus-fast' QMP command
machine: remove 'query-cpus' QMP command
migrate: remove QMP/HMP commands for speed, downtime and cache size
monitor: remove 'query-events' QMP command
monitor: raise error when 'pretty' option is used with HMP
ui, monitor: remove deprecated VNC ACL option and HMP commands
Peter Maydell [Thu, 18 Mar 2021 17:11:17 +0000 (17:11 +0000)]
Merge remote-tracking branch 'remotes/rth-gitlab/tags/pull-tcg-20210317' into staging
TCI argument extraction helpers and disassembler
TCG build fix for gcc 11
# gpg: Signature made Wed 17 Mar 2021 15:29:47 GMT
# gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg: issuer "[email protected]"
# gpg: Good signature from "Richard Henderson <[email protected]>" [full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F
* remotes/rth-gitlab/tags/pull-tcg-20210317: (38 commits)
tcg: Fix prototypes for tcg_out_vec_op and tcg_out_op
tcg/tci: Split out tcg_out_op_r[iI]
tcg/tci: Split out tcg_out_op_v
tcg/tci: Split out tcg_out_op_{rrm,rrrm,rrrrm}
tcg/tci: Split out tcg_out_op_rrrrcl
tcg/tci: Split out tcg_out_op_rrrr
tcg/tci: Split out tcg_out_op_rrrrrr
tcg/tci: Split out tcg_out_op_rrcl
tcg/tci: Split out tcg_out_op_rrrbb
tcg/tci: Split out tcg_out_op_rrrrrc
tcg/tci: Split out tcg_out_op_rrrc
tcg/tci: Split out tcg_out_op_rrr
tcg/tci: Split out tcg_out_op_rr
tcg/tci: Split out tcg_out_op_p
tcg/tci: Split out tcg_out_op_l
tcg/tci: Split out tcg_out_op_rrs
tcg/tci: Push opcode emit into each case
tcg/tci: Implement the disassembler properly
tcg/tci: Remove tci_disas
tcg/tci: Hoist op_size checking into tci_args_*
...
# gpg: Signature made Wed 17 Mar 2021 07:19:23 GMT
# gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <[email protected]>" [full]
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44
* remotes/stsquad/tags/pull-misc-6.0-updates-170321-2:
hw/core: Only build guest-loader if libfdt is available
plugins: Fixes typo in qemu-plugin.h
plugins: getting qemu_plugin_get_hwaddr only expose one function prototype
plugins: expand kernel-doc for memory query and instrumentation
plugins: expand kernel-doc for instruction query and instrumentation
plugins: expand inline exec kernel-doc documentation.
plugins: add qemu_plugin_id_t to kernel-doc
plugins: add qemu_plugin_cb_flags to kernel-doc
plugins: expand the typedef kernel-docs for translation
plugins: expand the callback typedef kernel-docs
plugins: cleanup kernel-doc for qemu_plugin_install
plugins: expand kernel-doc for qemu_info_t
plugins: Expose physical addresses instead of device offsets
plugins: new syscalls plugin
utils: Use fixed-point arithmetic in qemu_strtosz
Peter Maydell [Thu, 18 Mar 2021 14:07:31 +0000 (14:07 +0000)]
Merge remote-tracking branch 'remotes/cleber-gitlab/tags/python-next-pull-request' into staging
Acceptance and Python Test Improvements
Small collection of Acceptance and Python tests/improvements.
# gpg: Signature made Wed 17 Mar 2021 03:22:47 GMT
# gpg: using RSA key 7ABB96EB8B46B94D5E0FE9BB657E8D33A5F209F3
# gpg: Good signature from "Cleber Rosa <[email protected]>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 7ABB 96EB 8B46 B94D 5E0F E9BB 657E 8D33 A5F2 09F3
* remotes/cleber-gitlab/tags/python-next-pull-request:
tests/acceptance: linux-related tests fix
tests: Add functional test for out-of-process device emulation
avocado_qemu: add exec_command function
tests/migration: fix unix socket batch migration
tests/acceptance: Print expected message on wait_for_console_pattern
Minwoo Im [Fri, 12 Feb 2021 12:11:39 +0000 (13:11 +0100)]
hw/block/nvme: add support for the format nvm command
Format NVM admin command can make a namespace or namespaces to be
with different LBA size and metadata size with protection information
types.
This patch introduces Format NVM command with LBA format, Metadata, and
Protection Information for the device. The secure erase operation things
and support for formatting zoned namespaces are yet to be added.
The parameter checks inside of this patch has been referred from
Keith's old branch.
Minwoo Im [Fri, 12 Feb 2021 11:25:08 +0000 (12:25 +0100)]
hw/block/nvme: support multiple lba formats
This patch introduces multiple LBA formats supported with the typical
logical block sizes of 512 bytes and 4096 bytes as well as metadata
sizes of 0, 8, 16 and 64 bytes. The format will be chosed based on the
lbads and ms parameters of the nvme-ns device.
Klaus Jensen [Sun, 14 Feb 2021 18:09:27 +0000 (19:09 +0100)]
hw/block/nvme: add non-mdts command size limit for verify
Verify is not subject to MDTS, so a single Verify command may result in
excessive amounts of allocated memory. Impose a limit on the data size
by adding support for TP 4040 ("Non-MDTS Command Size Limits").
Klaus Jensen [Thu, 4 Feb 2021 08:55:48 +0000 (09:55 +0100)]
hw/block/nvme: end-to-end data protection
Add support for namespaces formatted with protection information. The
type of end-to-end data protection (i.e. Type 1, Type 2 or Type 3) is
selected with the `pi` nvme-ns device parameter. If the number of
metadata bytes is larger than 8, the `pil` nvme-ns device parameter may
be used to control the location of the 8-byte DIF tuple. The default
`pil` value of '0', causes the DIF tuple to be transferred as the last
8 bytes of the metadata. Set to 1 to store this in the first eight bytes
instead.
Klaus Jensen [Mon, 23 Nov 2020 10:24:55 +0000 (15:54 +0530)]
hw/block/nvme: add metadata support
Add support for metadata in the form of extended logical blocks as well
as a separate buffer of data. The new `ms` nvme-ns device parameter
specifies the size of metadata per logical block in bytes. The `mset`
nvme-ns device parameter controls whether metadata is transfered as part
of an extended lba (set to '1') or in a separate buffer (set to '0',
the default).
Regardsless of the scheme chosen with `mset`, metadata is stored at the
end of the namespace backing block device. This requires the user
provided PRP/SGLs to be walked and "split" into data and metadata
scatter/gather lists if the extended logical block scheme is used, but
has the advantage of not breaking the deallocated blocks support.
Klaus Jensen [Tue, 9 Mar 2021 14:11:42 +0000 (15:11 +0100)]
hw/block/nvme: fix zone management receive reporting too many zones
nvme_zone_mgmt_recv uses nvme_ns_nlbas() to get the number of LBAs in
the namespace and then calculates the number of zones to report by
incrementing slba with ZSZE until exceeding the number of LBAs as
returned by nvme_ns_nlbas().
This is bad because the namespace might be of such as size that some
LBAs are valid, but are not part of any zone, causing zone management
receive to report one additional (but non-existing) zone.
Fix this with a conventional loop on i < ns->num_zones instead.
Fixes: a479335bfaf3 ("hw/block/nvme: Support Zoned Namespace Command Set") Cc: Dmitry Fomichev <[email protected]> Signed-off-by: Klaus Jensen <[email protected]>
Klaus Jensen [Mon, 15 Mar 2021 07:41:41 +0000 (08:41 +0100)]
hw/block/nvme: assert namespaces array indices
Coverity complains about a possible memory corruption in the
nvme_ns_attach and _detach functions. While we should not (famous last
words) be able to reach this function without nsid having previously
been validated, this is still an open door for future misuse.
Make Coverity and maintainers happy by asserting that the index into the
array is valid. Also, while not detected by Coverity (yet), add an
assert in nvme_subsys_ns and nvme_subsys_register_ns as well since a
similar issue is exists there.
Fixes: 037953b5b299 ("hw/block/nvme: support namespace detach") Fixes: CID 1450757 Fixes: CID 1450758 Cc: Minwoo Im <[email protected]> Signed-off-by: Klaus Jensen <[email protected]> Reviewed-by: Philippe Mathieu-Daudé <[email protected]>
Klaus Jensen [Fri, 12 Mar 2021 13:55:29 +0000 (14:55 +0100)]
hw/block/nvme: fix potential overflow
page_size is a uint32_t, and zasl is a uint8_t, so the expression
`page_size << zasl` is done using 32-bit arithmetic and might overflow.
Since we then compare this against a 64 bit data_size value, Coverity
complains that we might overflow unintentionally. An MDTS/ZASL value in
excess of 4GiB is probably impractical, but it is not entirely
unrealistic, so add a cast such that we handle that case properly.
Fixes: 578d914b263c ("hw/block/nvme: align zoned.zasl with mdts") Fixes: CID 1450756 Signed-off-by: Klaus Jensen <[email protected]>
* remotes/mdroth/tags/qga-pull-2021-03-16-tag:
qga: return a more explicit error on why a command is disabled
qga: Switch and case should be at the same indent
qga: Open brace '{' following struct go on the same
qga: Delete redundant spaces
qga: Add spaces around operator
qga: Correct loop count in qmp_guest_get_vcpus()
* remotes/vivier/tags/q800-for-6.0-pull-request:
mac_via: remove VIA1 timer optimisations
mac_via: fix 60Hz VIA1 timer interval
mac_via: rename VBL timer to 60Hz timer
mac_via: don't re-inject ADB response when switching to IDLE state
mac_via: allow long accesses to VIA registers
mac_via: fix up adb_via_receive() trace events
mac_via: switch rtc pram trace-events to use hex rather than decimal for addresses
block: remove 'encryption_key_missing' flag from QAPI
This has been hardcoded to "false" since 2.10.0, since secrets required
to unlock block devices are now always provided up front instead of using
interactive prompts.
The newer 'query-cpus-fast' command avoids side effects on the guest
execution. Note that some of the field names are different in the
'query-cpus-fast' command.
migrate: remove QMP/HMP commands for speed, downtime and cache size
The generic 'migrate_set_parameters' command handle all types of param.
Only the QMP commands were documented in the deprecations page, but the
rationale for deprecating applies equally to HMP, and the replacements
exist. Furthermore the HMP commands are just shims to the QMP commands,
so removing the latter breaks the former unless they get re-implemented.
The code comment suggests removing QAPIEvent_(str|lookup) symbols too,
however, these are both auto-generated as standard for any enum in
QAPI. As such it they'll exist whether we use them or not.
* remotes/bonzini-gitlab/tags/for-upstream:
qemu-timer: allow freeing a NULL timer
hw/i8254: fix vmstate load
scsi: fix sense code for EREMOTEIO
Revert "accel: kvm: Add aligment assert for kvm_log_clear_one_slot"
configure: add option to explicitly enable/disable libgio
fuzz: move some DMA hooks
fuzz: configure a sparse-mem device, by default
memory: add a sparse memory device for fuzzing
fuzz: add a am53c974 generic-fuzzer config
fuzz: add instructions for building reproducers
fuzz: add a script to build reproducers
fuzz: don't leave orphan llvm-symbolizers around
fuzz: fix the pro100 generic-fuzzer config
MAINTAINERS: Cover fuzzer reproducer tests within 'Device Fuzzing'
tests/qtest: Only run fuzz-virtio-scsi when virtio-scsi is available
tests/qtest: Only run fuzz-megasas-test if megasas device is available
* remotes/awilliam/tags/vfio-update-20210316.0:
vfio/migrate: Move switch of dirty tracking into vfio_memory_listener
vfio: Support host translation granule size
vfio: Avoid disabling and enabling vectors repeatedly in VFIO migration
vfio: Set the priority of the VFIO VM state change handler explicitly
vfio: Move the saving of the config space to the right place in VFIO migration
spapr_iommu: Fix vhost integration regression
vfio: Do not register any IOMMU_NOTIFIER_DEVIOTLB_UNMAP notifier
MAINTAINERS: Cover docs/igd-assign.txt in VFIO section
hw/vfio/pci-quirks: Replace the word 'blacklist'
vfio: Fix vfio_listener_log_sync function name typo
Peter Maydell [Wed, 17 Mar 2021 18:28:03 +0000 (18:28 +0000)]
Merge remote-tracking branch 'remotes/cschoenebeck/tags/pull-9p-20210316' into staging
9pfs: code cleanup
* Use lock-guard design pattern instead of manual lock/unlock.
# gpg: Signature made Tue 16 Mar 2021 10:49:09 GMT
# gpg: using RSA key 96D8D110CF7AF8084F88590134C2B58765A47395
# gpg: issuer "[email protected]"
# gpg: Good signature from "Christian Schoenebeck <[email protected]>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: ECAB 1A45 4014 1413 BA38 4926 30DB 47C3 A012 D5F4
# Subkey fingerprint: 96D8 D110 CF7A F808 4F88 5901 34C2 B587 65A4 7395
* remotes/cschoenebeck/tags/pull-9p-20210316:
hw/9pfs/9p-synth: Replaced qemu_mutex_lock with QEMU_LOCK_GUARD
* remotes/kraxel/tags/audio-20210316-pull-request:
coreaudio: Handle output device change
coreaudio: Extract device operations
coreaudio: Drop support for macOS older than 10.6
tcg: Fix prototypes for tcg_out_vec_op and tcg_out_op
There are two different versions of prototype for tcg_out_op and
tcg_out_vec_op functions:
1) using const TCGArg *args and const int *const_args arguments
2) using const TCGArg args[TCG_MAX_OP_ARGS] and const int
const_args[TCG_MAX_OP_ARGS] aguments.
This duality causes warnings on GCC 11 and prevents build using
--enable-werror. As second version provides more information,
unify functions prototypes to this variant.
Peter Maydell [Wed, 17 Mar 2021 15:01:09 +0000 (15:01 +0000)]
Merge remote-tracking branch 'remotes/cohuck-gitlab/tags/s390x-20210316' into staging
s390x updates:
- get rid of legacy_s390_alloc() and phys_mem_set_alloc()
- tcg: implement the MVPG condition-code-option bit
- fix g_autofree variable handing in the pci vfio code
- use official z15 names in the cpu model definitions
* remotes/cohuck-gitlab/tags/s390x-20210316:
s390x/pci: Add missing initialization for g_autofree variables
target/s390x: Store r1/r2 for page-translation exceptions during MVPG
target/s390x: Implement the MVPG condition-code-option bit
s390x/cpu_model: use official name for 8562
exec: Get rid of phys_mem_set_alloc()
s390x/kvm: Get rid of legacy_s390_alloc()
* remotes/kraxel/tags/ui-20210316-pull-request:
ui/cocoa: Comment about modifier key input quirks
ui: fold qemu_alloc_display in only caller
ui: honour the actual guest display dimensions without rounding
ui: use client width/height in WMVi message
ui: avoid sending framebuffer updates outside client desktop bounds
ui: add more trace points for VNC client/server messages
ui/cocoa: Do not exit immediately after shutdown
opengl: Do not convert format with glTexImage2D on OpenGL ES
ui: deprecate "password" option for SPICE server
ui: introduce "password-secret" option for SPICE server
ui: introduce "password-secret" option for VNC servers
Actually print arguments as opposed to simply the opcodes
and, uselessly, the argument counts. Reuse all of the helpers
developed as part of the interpreter.
This performs the size check while reading the arguments,
which means that we don't have to arrange for it to be
done after the operation. Which tidies all of the branches.
tcg/tci: Reduce qemu_ld/st TCGMemOpIdx operand to 32-bits
We are currently using the "natural" size routine, which
uses 64-bits on a 64-bit host. The TCGMemOpIdx operand
has 11 bits, so we can safely reduce to 32-bits.
Use the correct set of asserts during code generation.
We do not require the first input to overlap the output;
the existing interpreter already supported that.
Split out tci_args_rrrbb in the translator.
Use the deposit32/64 functions rather than inline expansion.
projects / qemu.git / log