Kevin Wolf [Fri, 3 Jun 2016 14:17:28 +0000 (16:17 +0200)]
block: Prepare bdrv_aligned_preadv() for byte-aligned requests
This patch makes bdrv_aligned_preadv() ready to accept byte-aligned
requests. Note that this doesn't mean that such requests are actually
made. The caller still ensures that all requests are aligned to at least
512 bytes.
Kevin Wolf [Thu, 2 Jun 2016 09:41:52 +0000 (11:41 +0200)]
block: Byte-based bdrv_co_do_copy_on_readv()
In a first step to convert the common I/O path to work on bytes rather
than sectors, this converts the copy-on-read logic that is used by
bdrv_aligned_preadv().
The code still exists today, but by a (happy?) accident we entirely
broke the ability to use qcow[2] encryption in the system emulators
in the 2.4.0 release due to
qcow2/qcow: protect against uninitialized encryption key
This commit was designed to prevent future coding bugs which
might cause QEMU to read/write data on an encrypted block
device in plain text mode before a decryption key is set.
It turns out this preventative measure was a little too good,
because we already had a long standing bug where QEMU read
encrypted data in plain text mode during system emulator
startup, in order to guess disk geometry:
Thread 10 (Thread 0x7fffd3fff700 (LWP 30373)):
#0 0x00007fffe90b1a28 in raise () at /lib64/libc.so.6
#1 0x00007fffe90b362a in abort () at /lib64/libc.so.6
#2 0x00007fffe90aa227 in __assert_fail_base () at /lib64/libc.so.6
#3 0x00007fffe90aa2d2 in () at /lib64/libc.so.6
#4 0x000055555587ae19 in qcow2_co_readv (bs=0x5555562accb0, sector_num=0, remaining_sectors=1, qiov=0x7fffffffd260) at block/qcow2.c:1229
#5 0x000055555589b60d in bdrv_aligned_preadv (bs=bs@entry=0x5555562accb0, req=req@entry=0x7fffd3ffea50, offset=offset@entry=0, bytes=bytes@entry=512, align=align@entry=512, qiov=qiov@entry=0x7fffffffd260, flags=0) at block/io.c:908
#6 0x000055555589b8bc in bdrv_co_do_preadv (bs=0x5555562accb0, offset=0, bytes=512, qiov=0x7fffffffd260, flags=<optimized out>) at block/io.c:999
#7 0x000055555589c375 in bdrv_rw_co_entry (opaque=0x7fffffffd210) at block/io.c:544
#8 0x000055555586933b in coroutine_thread (opaque=0x555557876310) at coroutine-gthread.c:134
#9 0x00007ffff64e1835 in g_thread_proxy (data=0x5555562b5590) at gthread.c:778
#10 0x00007ffff6bb760a in start_thread () at /lib64/libpthread.so.0
#11 0x00007fffe917f59d in clone () at /lib64/libc.so.6
Thread 1 (Thread 0x7ffff7ecab40 (LWP 30343)):
#0 0x00007fffe91797a9 in syscall () at /lib64/libc.so.6
#1 0x00007ffff64ff87f in g_cond_wait (cond=cond@entry=0x555555e085f0 <coroutine_cond>, mutex=mutex@entry=0x555555e08600 <coroutine_lock>) at gthread-posix.c:1397
#2 0x00005555558692c3 in qemu_coroutine_switch (co=<optimized out>) at coroutine-gthread.c:117
#3 0x00005555558692c3 in qemu_coroutine_switch (from_=0x5555562b5e30, to_=to_@entry=0x555557876310, action=action@entry=COROUTINE_ENTER) at coroutine-gthread.c:175
#4 0x0000555555868a90 in qemu_coroutine_enter (co=0x555557876310, opaque=0x0) at qemu-coroutine.c:116
#5 0x0000555555859b84 in thread_pool_completion_bh (opaque=0x7fffd40010e0) at thread-pool.c:187
#6 0x0000555555859514 in aio_bh_poll (ctx=ctx@entry=0x5555562953b0) at async.c:85
#7 0x0000555555864d10 in aio_dispatch (ctx=ctx@entry=0x5555562953b0) at aio-posix.c:135
#8 0x0000555555864f75 in aio_poll (ctx=ctx@entry=0x5555562953b0, blocking=blocking@entry=true) at aio-posix.c:291
#9 0x000055555589c40d in bdrv_prwv_co (bs=bs@entry=0x5555562accb0, offset=offset@entry=0, qiov=qiov@entry=0x7fffffffd260, is_write=is_write@entry=false, flags=flags@entry=(unknown: 0)) at block/io.c:591
#10 0x000055555589c503 in bdrv_rw_co (bs=bs@entry=0x5555562accb0, sector_num=sector_num@entry=0, buf=buf@entry=0x7fffffffd2e0 "\321,", nb_sectors=nb_sectors@entry=21845, is_write=is_write@entry=false, flags=flags@entry=(unknown: 0)) at block/io.c:614
#11 0x000055555589c562 in bdrv_read_unthrottled (nb_sectors=21845, buf=0x7fffffffd2e0 "\321,", sector_num=0, bs=0x5555562accb0) at block/io.c:622
#12 0x000055555589c562 in bdrv_read_unthrottled (bs=0x5555562accb0, sector_num=sector_num@entry=0, buf=buf@entry=0x7fffffffd2e0 "\321,", nb_sectors=nb_sectors@entry=21845) at block/io.c:634
nb_sectors@entry=1) at block/block-backend.c:504
#14 0x0000555555752e9f in guess_disk_lchs (blk=blk@entry=0x5555562a5290, pcylinders=pcylinders@entry=0x7fffffffd52c, pheads=pheads@entry=0x7fffffffd530, psectors=psectors@entry=0x7fffffffd534) at hw/block/hd-geometry.c:68
#15 0x0000555555752ff7 in hd_geometry_guess (blk=0x5555562a5290, pcyls=pcyls@entry=0x555557875d1c, pheads=pheads@entry=0x555557875d20, psecs=psecs@entry=0x555557875d24, ptrans=ptrans@entry=0x555557875d28) at hw/block/hd-geometry.c:133
#16 0x0000555555752b87 in blkconf_geometry (conf=conf@entry=0x555557875d00, ptrans=ptrans@entry=0x555557875d28, cyls_max=cyls_max@entry=65536, heads_max=heads_max@entry=16, secs_max=secs_max@entry=255, errp=errp@entry=0x7fffffffd5e0) at hw/block/block.c:71
#17 0x0000555555799bc4 in ide_dev_initfn (dev=0x555557875c80, kind=IDE_HD) at hw/ide/qdev.c:174
#18 0x0000555555768394 in device_realize (dev=0x555557875c80, errp=0x7fffffffd640) at hw/core/qdev.c:247
#19 0x0000555555769a81 in device_set_realized (obj=0x555557875c80, value=<optimized out>, errp=0x7fffffffd730) at hw/core/qdev.c:1058
#20 0x00005555558240ce in property_set_bool (obj=0x555557875c80, v=<optimized out>, opaque=0x555557875de0, name=<optimized out>, errp=0x7fffffffd730)
at qom/object.c:1514
#21 0x0000555555826c87 in object_property_set_qobject (obj=obj@entry=0x555557875c80, value=value@entry=0x55555784bcb0, name=name@entry=0x55555591cb3d "realized", errp=errp@entry=0x7fffffffd730) at qom/qom-qobject.c:24
#22 0x0000555555825760 in object_property_set_bool (obj=obj@entry=0x555557875c80, value=value@entry=true, name=name@entry=0x55555591cb3d "realized", errp=errp@entry=0x7fffffffd730) at qom/object.c:905
#23 0x000055555576897b in qdev_init_nofail (dev=dev@entry=0x555557875c80) at hw/core/qdev.c:380
#24 0x0000555555799ead in ide_create_drive (bus=bus@entry=0x555557629630, unit=unit@entry=0, drive=0x5555562b77e0) at hw/ide/qdev.c:122
#25 0x000055555579a746 in pci_ide_create_devs (dev=dev@entry=0x555557628db0, hd_table=hd_table@entry=0x7fffffffd830) at hw/ide/pci.c:440
#26 0x000055555579b165 in pci_piix3_ide_init (bus=<optimized out>, hd_table=0x7fffffffd830, devfn=<optimized out>) at hw/ide/piix.c:218
#27 0x000055555568ca55 in pc_init1 (machine=0x5555562960a0, pci_enabled=1, kvmclock_enabled=<optimized out>) at /home/berrange/src/virt/qemu/hw/i386/pc_piix.c:256
#28 0x0000555555603ab2 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at vl.c:4249
So the safety net is correctly preventing QEMU reading cipher
text as if it were plain text, during startup and aborting QEMU
to avoid bad usage of this data.
For added fun this bug only happens if the encrypted qcow2
file happens to have data written to the first cluster,
otherwise the cluster won't be allocated and so qcow2 would
not try the decryption routines at all, just return all 0's.
That no one even noticed, let alone reported, this bug that
has shipped in 2.4.0, 2.5.0 and 2.6.0 shows that the number
of actual users of encrypted qcow2 is approximately zero.
So rather than fix the crash, and backport it to stable
releases, just go ahead with what we have warned users about
and disable any use of qcow2 encryption in the system
emulators. qemu-img/qemu-io/qemu-nbd are still able to access
qcow2 encrypted images for the sake of data conversion.
In the future, qcow2 will gain support for the alternative
luks format, but when this happens it'll be using the
'-object secret' infrastructure for getting keys, which
avoids this problematic scenario entirely.
Eric Blake [Mon, 13 Jun 2016 18:56:34 +0000 (12:56 -0600)]
block: Avoid bogus flags during mirroring
Commit e253f4b8 converted mirroring from sector-based bdrv_aio_*
to byte-based blk_aio_*, but failed to account for the subtle
difference in signatures (the former takes a semi-redundant length,
the latter takes a flags parameter). Since all of our flags are
currently smaller in size than BDRV_SECTOR_SIZE, it has no ill
effects until we either perform sub-sector mirroring, or we start
asserting that no unexpected flags are set. I found it while
testing new asserts when qemu-iotests 132 started warning about an
unknown flag 0x200000.
Colin Lord [Wed, 8 Jun 2016 17:56:28 +0000 (13:56 -0400)]
blockdev: clarify error on attempt to open locked tray
When opening a device with a locked tray, gives an error explaining the
device tray is locked and that the user should wait and try again. This
is less confusing than the previous error, which simply stated that the
tray was locked.
Kevin Wolf [Wed, 1 Jun 2016 14:55:05 +0000 (16:55 +0200)]
qcow2: Implement .bdrv_co_pwritev()
This changes qcow2 to implement the byte-based .bdrv_co_pwritev
interface rather than the sector-based old one.
As preallocation uses the same allocation function as normal writes, and
the interface of that function needs to be changed, it is converted in
the same patch.
Kevin Wolf [Tue, 31 May 2016 14:13:07 +0000 (16:13 +0200)]
qcow2: Implement .bdrv_co_preadv()
Reading from qcow2 images is now byte granularity.
Most of the affected code in qcow2 actually gets simpler with this
change. The only exception is encryption, which is fixed on 512 bytes
blocks; in order to keep this working, bs->request_alignment is set for
encrypted images.
Kevin Wolf [Tue, 31 May 2016 14:41:09 +0000 (16:41 +0200)]
qcow2: Work with bytes in qcow2_get_cluster_offset()
This patch changes the units that qcow2_get_cluster_offset() uses
internally, without touching the interface just yet. This will be done
in another patch.
Peter Maydell [Thu, 16 Jun 2016 09:53:33 +0000 (10:53 +0100)]
Merge remote-tracking branch 'remotes/amit-migration/tags/migration-for-2.7-4' into staging
Migration:
- Fixes for TLS series
- Postcopy: Add stats, fix, test case
# gpg: Signature made Thu 16 Jun 2016 05:40:09 BST
# gpg: using RSA key 0xEB0B4DFC657EF670
# gpg: Good signature from "Amit Shah <[email protected]>"
# gpg: aka "Amit Shah <[email protected]>"
# gpg: aka "Amit Shah <[email protected]>"
# Primary key fingerprint: 48CA 3722 5FE7 F4A8 B337 2735 1E9A 3B5F 8540 83B6
# Subkey fingerprint: CC63 D332 AB8F 4617 4529 6534 EB0B 4DFC 657E F670
* remotes/amit-migration/tags/migration-for-2.7-4:
migration: rename functions to starting migrations
migration: fix typos in qapi-schema from latest migration additions
Postcopy: Check for support when setting the capability
tests: fix libqtest socket timeouts
test: Postcopy
Postcopy: Add stats on page requests
Migration: Split out ram part of qmp_query_migrate
Postcopy: Avoid 0 length discards
Postcopy: Check for support when setting the capability
Knowing whether the destination host supports migration with
postcopy can be tricky.
The destination doesn't need the capability set, however
if we set it then use the opportunity to do the test and
tell the user/management layer early.
/* I'm a bootable disk */
.org 0x7dfe
.byte 0x55
.byte 0xAA
...........
and that can be assembled by the following magic:
as --32 -march=i486 fill.s -o fill.o
objcopy -O binary fill.o fill.boot
dd if=fill.boot of=bootsect bs=256 count=2 skip=124
xxd -i bootsect
The discard code in migration/ram.c would send request for
zero length discards in the case where no discards were needed.
It doesn't appear to have had any bad effect.
Peter Maydell [Wed, 15 Jun 2016 15:12:19 +0000 (16:12 +0100)]
Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging
X86 queue, 2016-06-14 (v2)
# gpg: Signature made Tue 14 Jun 2016 22:29:04 BST
# gpg: using RSA key 0x2807936F984DC5A6
# gpg: Good signature from "Eduardo Habkost <[email protected]>"
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6
* remotes/ehabkost/tags/x86-pull-request:
target-i386: Consolidate calls of object_property_parse() in x86_cpu_parse_featurestr
target-i386: Use cpu_generic_init() in cpu_x86_init()
target-i386: Move xcc->kvm_required check to realize time
target-i386: Remove assert(kvm_enabled()) from host_x86_cpu_initfn()
target-i386: Move features logic that requires CPUState to realize time
target-i386: Remove xlevel & hv-spinlocks option fixups
target-i386: Implement CPUID[0xB] (Extended Topology Enumeration)
pc: Add 2.7 machine
target-i386: add Skylake-Client cpu model
Eduardo Habkost [Fri, 10 Jun 2016 11:42:08 +0000 (08:42 -0300)]
target-i386: Remove assert(kvm_enabled()) from host_x86_cpu_initfn()
The code will be changed to allow creation of the CPU object and
report kvm_required errors only at realizefn, so we need to make
the instance_init function more flexible.
Igor Mammedov [Mon, 6 Jun 2016 15:16:44 +0000 (17:16 +0200)]
target-i386: Move features logic that requires CPUState to realize time
Making x86_cpu_parse_featurestr() a pure convertor
of legacy feature string into global properties, needs
it to be called before a CPU instance is created so
parser shouldn't modify CPUState directly or access
it at all. Hence move current hack that directly pokes
into CPUState, to set/unset +-feats, from parser to
CPU's realize method.
The "fixup will be removed in future versions" warnings are
present since QEMU 1.7.0, at least, so users should have fixed
their scripts and configurations, already.
In the case of libvirt users, libvirt doesn't use the "xlevel"
option, and already rejects HyperV spinlock retry count < 0xFFF.
I looked at a dozen Intel CPU that have this CPUID and all of them
always had Core offset as 1 (a wasted bit when hyperthreading is
disabled) and Package offset at least 4 (wasted bits at <= 4 cores).
QEMU uses more compact IDs and it doesn't make much sense to change it
now. I keep the SMT and Core sub-leaves even if there is just one
thread/core; it makes the code simpler and there should be no harm.
Peter Maydell [Tue, 14 Jun 2016 15:04:25 +0000 (16:04 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20160614-2' into staging
target-arm queue:
* add PMU support for virt machine under KVM
* fix reset and migration of TTBCR(S)
* add virt-2.7 machine type
* QOMify various ARM devices
* implement xilinx DisplayPort device
* don't permit ARMv8-only Neon insns to work on ARMv7
Peter Maydell [Tue, 14 Jun 2016 14:59:15 +0000 (15:59 +0100)]
target-arm: Don't permit ARMv8-only Neon insns on ARMv7
The Neon instructions VCVTA, VCVTM, VCVTN, VCVTP, VRINTA, VRINTM,
VRINTN, VRINTP, VRINTX, and VRINTZ were only introduced with ARMv8,
so they need a guard to make them UNDEF if the CPU only supports ARMv7.
(We got this right for all the other new-in-v8 insns, but forgot
it for these Neon 2-reg-misc ops.)
Most of the control flow logic between send and recv (error checking
etc) is the same. Factor this out into a common send_recv() API.
This is then usable by clients, where the control logic for send
and receive differs only by a boolean. E.g.
Create two variants of DEFINE_VIRT_MACHINE. One, just called
DEFINE_VIRT_MACHINE, that does not set properties that only
the latest machine type should have, and another that does.
This will hopefully reduce potential for errors when adding
new versions.
Andrew Jones [Tue, 14 Jun 2016 14:59:12 +0000 (15:59 +0100)]
hw/arm/virt: separate versioned type-init code
Rename machvirt_info (which is specifically for 2.6 TypeInfo)
to machvirt_2_6_info, and separate the type registration of the
abstract machine type from the versioned type.
Peter Maydell [Tue, 14 Jun 2016 14:59:12 +0000 (15:59 +0100)]
target-arm: Fix reset and migration of TTBCR(S)
Commit 6459b94c26dd666badb3 broke reset and migration of the AArch32
TTBCR(S) register if the guest used non-LPAE page tables. This is
because the AArch32 TTBCR register definition is marked as ARM_CP_ALIAS,
meaning that the AArch64 variant has to handle migration and reset.
Although AArch64 TCR_EL3 doesn't need to care about the mask and
base_mask fields, AArch32 may do so, and so we must use the special
TTBCR reset and raw write functions to ensure they are set correctly.
This doesn't affect TCR_EL2, because the AArch32 equivalent of that
is HTCR, which never uses the non-LPAE page table variant.
Peter Maydell [Tue, 10 May 2016 10:30:42 +0000 (11:30 +0100)]
qdev_try_create(): Assert that devices we put onto the system bus are SysBusDevices
If qdev_try_create() is passed NULL for the bus, it will automatically
put the newly created device onto the default system bus. However
if the device is not actually a SysBusDevice then this will result
in later crashes (for instance when running the monitor "info qtree"
command) because code reasonably assumes that all devices on the system
bus are system bus devices.
Generally the mistake is that the calling code should create the
object with object_new(TYPE_FOO) rather than qdev_create(NULL, TYPE_FOO);
see commit 6749695eaaf346c1 for an example of fixing this bug.
Assert in qdev_try_create() if the device isn't suitable to put on
the system bus, so that this mistake results in failure earlier
and more reliably.
s390x/kvm: Fixup interrupt type for non-adapter I/O interrupts
The current algorithm for I/O interrupts would result in a wrong
interrupt type for subchannel numbers fffe and ffff. In addition
a non adapter interrupt might look like an adapter interrupt for
any subchannel number that has the 0x0400 bit set.
No kernel has ever used the type outside logging - and the logging
was wrong all the time. For everything else the kernel used the
interrupt parameters.
Let's use the KVM_S390_INT_IO macro as for adapter interrupts.
The sclp scp read info call fills in a buffer with information about the
system. With more than 248 CPUs we overflow the 4k buffer of the SCCB,
leading to random data corruption. Basically ALL guest operating systems
call scp read info, so let's limit the machines to 248 CPUs to make it
obvious that >=249 does not work.
As KVM also limits itself to 248 and TCG on s390 does not support
SMP, this should cause no regression for any user as no VMs with more
than 248 VCPUs were ever possible.
Let's introduce a CssDevId to handle device ids of the xx.x.xxxx
type used for channel devices. This has some benefits:
- We can use them in virtio-ccw and split the validity checks for
a channel device id in general from the constraint checking
within the virtio-ccw scope.
- We can reuse the device id type for future non-virtio channel
devices.
While we're at it, improve the validity checks and disallow e.g.
trailing characters.
Halil Pasic [Wed, 27 Jan 2016 12:24:17 +0000 (13:24 +0100)]
s390x/css: clear IO irqs when generating IPI CRW
According to the Principles of Operation (more precisely the subsection
'Channel-Report Word'), a subchannel put into the installed parameters
initialized state is in the same state as after an I/O system reset (just
parameters possibly changed). This implies that any I/O interrupts for that
subchannel are no longer pending (as I/O system resets clear I/O
interrupts). Therefore, we need an interface to clear pending I/O
interrupts. Make css_generate_sch_crws clear the pending IO interrupts for
the subchannel.
Peter Maydell [Tue, 14 Jun 2016 08:30:05 +0000 (09:30 +0100)]
Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.7-20160614' into staging
ppc patch queue for 2016-06-14
Latest patch queue for ppc.
* Allow qemu to support a generic architecture 2.07 (POWER8-era)
compatibility mode. This is useful for guests which are POWER8
aware, but don't know about the specific POWER8 variant that
qemu (and/or KVM) is emulating. (Thomas Huth)
* Fix a bug where macio wasn't removing DMA mappings (Mark Cave-Ayland)
* Add a workaround for Linux guest's miscalculation of maximum
memory address (including hotplugged memory), which could break
when hotplug memory was combined with VFIO. The previous
approach was technically correct by spec, but differed from
PowerVM's behaviour enough to trip a guest kernel bug. This
works around the bug, while remaining correct-to-spec. (Bharata Rao)
# gpg: Signature made Tue 14 Jun 2016 06:53:58 BST
# gpg: using RSA key 0x6C38CACA20D9B392
# gpg: Good signature from "David Gibson <[email protected]>"
# gpg: aka "David Gibson (Red Hat) <[email protected]>"
# gpg: aka "David Gibson (ozlabs.org) <[email protected]>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E 87DC 6C38 CACA 20D9 B392
* remotes/dgibson/tags/ppc-for-2.7-20160614:
spapr: Ensure all LMBs are represented in ibm,dynamic-memory
macio: call dma_memory_unmap() at the end of each DMA transfer
Add PowerPC AT_HWCAP2 definitions
ppc: Add PowerISA 2.07 compatibility mode
ppc: Improve PCR bit selection in ppc_set_compat()
ppc: Provide function to get CPU class of the host CPU
ppc: Split pcr_mask settings into supported bits and the register mask
ppc/spapr: Refactor h_client_architecture_support() CPU parsing code
Bharata B Rao [Fri, 10 Jun 2016 05:14:48 +0000 (10:44 +0530)]
spapr: Ensure all LMBs are represented in ibm,dynamic-memory
Memory hotplug can fail for some combinations of RAM and maxmem when
DDW is enabled in the presence of devices like nec-usb-xhci. DDW depends
on maximum addressable memory returned by guest and this value is currently
being calculated wrongly by the guest kernel routine memory_hotplug_max().
While there is an attempt to fix the guest kernel, this patch works
around the problem within QEMU itself.
memory_hotplug_max() routine in the guest kernel arrives at max
addressable memory by multiplying lmb-size with the lmb-count obtained
from ibm,dynamic-memory property. There are two assumptions here:
- All LMBs are part of ibm,dynamic memory: This is not true for PowerKVM
where only hot-pluggable LMBs are present in this property.
- The memory area comprising of RAM and hotplug region is contiguous: This
needn't be true always for PowerKVM as there can be gap between
boot time RAM and hotplug region.
To work around this guest kernel bug, ensure that ibm,dynamic-memory
has information about all the LMBs (RMA, boot-time LMBs, future
hotpluggable LMBs, and dummy LMBs to cover the gap between RAM and
hotpluggable region).
RMA is represented separately by memory@0 node. Hence mark RMA LMBs
and also the LMBs for the gap b/n RAM and hotpluggable region as
reserved and as having no valid DRC so that these LMBs are not considered
by the guest.
Thomas Huth [Tue, 7 Jun 2016 15:39:39 +0000 (17:39 +0200)]
ppc: Improve PCR bit selection in ppc_set_compat()
When using an olderr PowerISA level, all the upper compatibility
bits have to be enabled, too. For example when we want to run
something in PowerISA 2.05 compatibility mode on POWER8, the bit
for 2.06 has to be set beside the bit for 2.05.
Additionally, to make sure that we do not set bits that are not
supported by the host, we apply a mask with the known-to-be-good
bits here, too.
Signed-off-by: Thomas Huth <[email protected]>
[dwg: Added some #ifs to fix compile on 32-bit targets] Signed-off-by: David Gibson <[email protected]>
Thomas Huth [Tue, 7 Jun 2016 15:39:37 +0000 (17:39 +0200)]
ppc: Split pcr_mask settings into supported bits and the register mask
The current pcr_mask values are ambiguous: Should these be the mask
that defines valid bits in the PCR register? Or should these rather
indicate which compatibility levels are possible? Anyway, POWER6 and
POWER7 should certainly not use the same values here. So let's
introduce an additional variable "pcr_supported" here which is
used to indicate the valid compatibility levels, and use pcr_mask
to signal the valid bits in the PCR register.
Thomas Huth [Tue, 7 Jun 2016 15:39:36 +0000 (17:39 +0200)]
ppc/spapr: Refactor h_client_architecture_support() CPU parsing code
The h_client_architecture_support() function has become quite big
and nested already. So factor out the code that takes care of the
sPAPR compatibility PVRs (which will be modified by the following
patches).
* remotes/kraxel/tags/pull-usb-20160613-1:
vl: Eliminate usb_enabled()
pxa2xx: Unconditionally enable USB controller
hw/usb/dev-network.c: Use ldl_le_p() and stl_le_p()
usb-host: add special case for bus+addr
Jan Beulich [Mon, 23 May 2016 06:44:57 +0000 (00:44 -0600)]
xen/blkif: avoid double access to any shared ring request fields
Commit f9e98e5d7a ("xen/blkif: Avoid double access to
src->nr_segments") didn't go far enough: src->operation is also being
used twice. And nothing was done to prevent the compiler from using the
source side of the copy done by blk_get_request() (granted that's very
unlikely).
Move the barrier()s up, and add another one to blk_get_request().
Note that for completing XSA-155, the barrier() getting added to
blk_get_request() would suffice, and hence the changes to xen_blkif.h
are more like just cleanup. And since, as said, the unpatched code
getting compiled to something vulnerable is very unlikely (and not
observed in practice), this isn't being viewed as a new security issue.
Peter Maydell [Mon, 13 Jun 2016 12:05:02 +0000 (13:05 +0100)]
Merge remote-tracking branch 'remotes/berrange/tags/qcrypto-next-2016-06-13-v1' into staging
Merge qcrypto-next 2016/06/13 v1
# gpg: Signature made Mon 13 Jun 2016 12:43:22 BST
# gpg: using RSA key 0xBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <[email protected]>"
# gpg: aka "Daniel P. Berrange <[email protected]>"
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF
* remotes/berrange/tags/qcrypto-next-2016-06-13-v1:
crypto: aes: always rename internal symbols
crypto: assert that qcrypto_hash_digest_len is in range
crypto: remove temp files on completion of secrets test
TLS: provide slightly more information when TLS certificate loading fails
Mike Frysinger [Mon, 6 Jun 2016 22:05:35 +0000 (18:05 -0400)]
crypto: aes: always rename internal symbols
OpenSSL's libcrypto always defines AES symbols with the same names as
qemu's local aes code. This is problematic when enabling at least curl
as that frequently also uses libcrypto. It might not be noticed when
running, but if you try to statically link, everything falls down.
An example snippet:
LINK qemu-nbd
.../libcrypto.a(aes-x86_64.o): In function 'AES_encrypt':
(.text+0x460): multiple definition of 'AES_encrypt'
crypto/aes.o:aes.c:(.text+0x670): first defined here
.../libcrypto.a(aes-x86_64.o): In function 'AES_decrypt':
(.text+0x9f0): multiple definition of 'AES_decrypt'
crypto/aes.o:aes.c:(.text+0xb30): first defined here
.../libcrypto.a(aes-x86_64.o): In function 'AES_cbc_encrypt':
(.text+0xf90): multiple definition of 'AES_cbc_encrypt'
crypto/aes.o:aes.c:(.text+0xff0): first defined here
collect2: error: ld returned 1 exit status
.../qemu-2.6.0/rules.mak:105: recipe for target 'qemu-nbd' failed
make: *** [qemu-nbd] Error 1
The aes.h header has redefines already for FreeBSD, but go ahead and
enable that for everyone since there's no real good reason to not use
a namespace all the time.
Paolo Bonzini [Fri, 20 May 2016 09:09:54 +0000 (11:09 +0200)]
crypto: assert that qcrypto_hash_digest_len is in range
Otherwise unintended results could happen. For example,
Coverity reports a division by zero in qcrypto_afsplit_hash.
While this cannot really happen, it shows that the contract
of qcrypto_hash_digest_len can be improved.
crypto: remove temp files on completion of secrets test
The secret object tests left some temporary files on disk
when completing. Ensure they are unlink, and rename them
to make it more obvious where they come from.
Alex Bligh [Tue, 5 Apr 2016 19:33:48 +0000 (20:33 +0100)]
TLS: provide slightly more information when TLS certificate loading fails
Give slightly more information when certification loading fails.
Rather than have no information, you now get gnutls's only slightly
less unhelpful error messages.
Eduardo Habkost [Wed, 8 Jun 2016 20:50:24 +0000 (17:50 -0300)]
pxa2xx: Unconditionally enable USB controller
Simplify initialization logic by removing the usb_enabled()
check. The USB controller is part of the SoC, so it doesn't make
sense to create a system where it is not present.
Peter Maydell [Fri, 10 Jun 2016 15:37:57 +0000 (16:37 +0100)]
hw/usb/dev-network.c: Use ldl_le_p() and stl_le_p()
Use stl_le_p() and ldl_le_p() to read and write data from
buffers, rather than using pointer casts and cpu_to_le32()
for writes and le32_to_cpup() for reads. This:
* avoids lots of casts
* works even if the buffer isn't as aligned as the host would like
* avoids using the *_to_cpup() functions which we want to get rid of
Note that there may still be some places where a pointer from the
guest is cast to a pointer to a host structure; these would also
have to be changed for the device to work on a host CPU which
enforces alignment restrictions.
Gerd Hoffmann [Fri, 3 Jun 2016 09:12:55 +0000 (11:12 +0200)]
usb-host: add special case for bus+addr
This patch changes usb-host behavior in case we hostbus= and hostaddr=
properties are used to identify the usb device in question. Instead of
adding the device to the hotplug watchlist we try to open directly using
the given bus number and device address.
Putting a device specified by hostaddr to the hotplug watchlist isn't
a great idea as the address isn't a fixed property. It changes every
time the device is plugged in. So considering this case as "use the
device at bus:addr _now_" is more sane. Also usb-host will throw errors
in case it can't initialize the host device.
Note: For devices on the hotplug watchlist (hostport or vendorid or
productid specified) qemu continues to ignore errors and keeps
monitoring the usb bus to see if the device eventually shows up.
Anthony PERARD [Thu, 9 Jun 2016 15:56:17 +0000 (16:56 +0100)]
exec: Fix qemu_ram_block_from_host for Xen
Since f615f39 (exec: remove ram_addr argument from
qemu_ram_block_from_host), migration under Xen is likely to fail, with a
SEGV of QEMU. But the commit only reveal a bug with the calculation of
the offset value in qemu_ram_block_from_host().
This patch calculates the offset from the ram_addr as
qemu_ram_addr_from_host() will later calculate the ram_addr from the
offset.
Peter Maydell [Mon, 13 Jun 2016 09:12:44 +0000 (10:12 +0100)]
Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20160611' into staging
TB hashing improvements
# gpg: Signature made Sun 12 Jun 2016 01:12:50 BST
# gpg: using RSA key 0xAD1270CC4DD0279B
# gpg: Good signature from "Richard Henderson <[email protected]>"
# gpg: aka "Richard Henderson <[email protected]>"
# gpg: aka "Richard Henderson <[email protected]>"
# Primary key fingerprint: 9CB1 8DDA F8E8 49AD 2AFC 16A4 AD12 70CC 4DD0 279B
* remotes/rth/tags/pull-tcg-20160611:
translate-all: add tb hash bucket info to 'info jit' dump
tb hash: track translated blocks with qht
qht: add test-qht-par to invoke qht-bench from 'check' target
qht: add qht-bench, a performance benchmark
qht: add test program
qht: QEMU's fast, resizable and scalable Hash Table
qdist: add test program
qdist: add module to represent frequency distributions of data
tb hash: hash phys_pc, pc, and flags with xxhash
exec: add tb_hash_func5, derived from xxhash
qemu-thread: add simple test-and-set spinlock
include/processor.h: define cpu_relax()
seqlock: rename write_lock/unlock to write_begin/end
seqlock: remove optional mutex
compiler.h: add QEMU_ALIGNED() to enforce struct alignment
projects / qemu.git / log