crypto: introduce new base module for TLS credentials
Introduce a QCryptoTLSCreds class to act as the base class for
storing TLS credentials. This will be later subclassed to provide
handling of anonymous and x509 credential types. The subclasses
will be user creatable objects, so instances can be created &
deleted via 'object-add' and 'object-del' QMP commands respectively,
or via the -object command line arg.
If the credentials cannot be initialized an error will be reported
as a QMP reply, or on stderr respectively.
The idea is to make it possible to represent and manage TLS
credentials independently of the network service that is using
them. This will enable multiple services to use the same set of
credentials and minimize code duplication. A later patch will
convert the current VNC server TLS code over to use this object.
The representation of credentials will be functionally equivalent
to that currently implemented in the VNC server with one exception.
The new code has the ability to (optionally) load a pre-generated
set of diffie-hellman parameters, if the file dh-params.pem exists,
whereas the current VNC server will always generate them on startup.
This is beneficial for admins who wish to avoid the (small) time
sink of generating DH parameters at startup and/or avoid depleting
entropy.
The qom objects are currently added to common-obj-y
which is only linked into the system emulators. The
later crypto patches will depend on QOM infrastructure
and will also be used from tools binaries. Thus the QOM
objects are moved into a new qom-obj-y variable which
can be referenced when linking tools, system emulators
and tests.
Future patches will be adding more crypto related APIs which
rely on QOM infrastructure. This creates a problem, because
QOM relies on library constructors to register objects. When
you have a file in a static .a library though which is only
referenced by a constructor the linker is dumb and will drop
that file when linking to the final executable :-( The only
workaround for this is to link the .a library to the executable
using the -Wl,--whole-archive flag, but this creates its own
set of problems because QEMU is relying on lazy linking for
libqemuutil.a. Using --whole-archive majorly increases the
size of final executables as they now contain a bunch of
object code they don't actually use.
The least bad option is to thus not include the crypto objects
in libqemuutil.la, and instead define a crypto-obj-y variable
that is referenced directly by all the executables that need
this code (tools + softmmu, but not qemu-ga). We avoid pulling
entire of crypto-obj-y into the userspace emulators as that
would force them to link to gnutls too, which is not required.
Most of the unit tests have identical sets of object deps.
For example all block unit tests need to depend on
$(block-obj-y) libqemuutil.a libqemustub.a
Currently each unit test repeats this list of test deps.
This list of deps will grow as future patches add more
modules to the build, so define some common variables
that can be used by all unit tests to remove the
repetition.
qapi: allow override of default enum prefix naming
The camel_to_upper() method applies some heuristics to turn
a mixed case type name into an all-uppercase name. This is
used for example, to generate enum constant name prefixes.
The heuristics don't also generate a satisfactory name
though. eg
Results in Q_CRYPTOTLS_CREDS_ENDPOINT_CLIENT. This has
an undesirable _ after the initial Q and is missing an
_ between the CRYPTO & TLS strings.
Rather than try to add more and more heuristics to try
to cope with this, simply allow the QAPI schema to
specify the desired enum constant prefix explicitly.
Peter Maydell [Mon, 14 Sep 2015 17:51:09 +0000 (18:51 +0100)]
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging
Block layer patches (v2)
# gpg: Signature made Mon 14 Sep 2015 15:56:54 BST using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <[email protected]>"
* remotes/kevin/tags/for-upstream: (23 commits)
qcow2: Make qcow2_alloc_bytes() more explicit
vmdk: Fix next_cluster_sector for compressed write
iotests: Add test for checking large image files
qcow2: Make size_to_clusters() return uint64_t
qemu-iotests: More qcow2 reopen tests
qemu-iotests: Reopen qcow2 with lazy-refcounts change
qcow2: Support updating driver-specific options in reopen
qcow2: Make qcow2_update_options() suitable for transactions
qcow2: Fix memory leak in qcow2_update_options() error path
qcow2: Leave s unchanged on qcow2_update_options() failure
qcow2: Move rest of option handling to qcow2_update_options()
qcow2: Move qcow2_update_options() call up
qcow2: Factor out qcow2_update_options()
qcow2: Improve error message
qemu-io: Add command 'reopen'
qemu-io: Remove duplicate 'open' error message
block: Allow specifying driver-specific options to reopen
qcow2: Rename BDRVQcowState to BDRVQcow2State
block: Drop bdrv_find_whitelisted_format()
block: Drop drv parameter from bdrv_fill_options()
...
Peter Maydell [Mon, 14 Sep 2015 15:13:16 +0000 (16:13 +0100)]
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
* Support for jemalloc
* qemu_mutex_lock_iothread "No such process" fix
* cutils: qemu_strto* wrappers
* iohandler.c simplification
* Many other fixes and misc patches.
And some MTTCG work (with Emilio's fixes squashed):
* Signal-free TCG kick
* Removing spinlock in favor of QemuMutex
* User-mode emulation multi-threading fixes/docs
# gpg: Signature made Thu 10 Sep 2015 09:03:07 BST using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <[email protected]>"
# gpg: aka "Paolo Bonzini <[email protected]>"
* remotes/bonzini/tags/for-upstream: (44 commits)
cutils: work around platform differences in strto{l,ul,ll,ull}
cpu-exec: fix lock hierarchy for user-mode emulation
exec: make mmap_lock/mmap_unlock globally available
tcg: comment on which functions have to be called with mmap_lock held
tcg: add memory barriers in page_find_alloc accesses
remove unused spinlock.
replace spinlock by QemuMutex.
cpus: remove tcg_halt_cond and tcg_cpu_thread globals
cpus: protect work list with work_mutex
scripts/dump-guest-memory.py: fix after RAMBlock change
configure: Add support for jemalloc
add macro file for coccinelle
configure: factor out adding disas configure
vhost-scsi: fix wrong vhost-scsi firmware path
checkpatch: remove tests that are not relevant outside the kernel
checkpatch: adapt some tests to QEMU
CODING_STYLE: update mixed declaration rules
qmp: Add example usage of strto*l() qemu wrapper
cutils: Add qemu_strtoull() wrapper
cutils: Add qemu_strtoll() wrapper
...
Max Reitz [Fri, 11 Sep 2015 16:47:51 +0000 (18:47 +0200)]
qcow2: Make qcow2_alloc_bytes() more explicit
In case of -EAGAIN returned by update_refcount(), we should discard the
cluster offset we were trying to allocate and request a new one, because
in theory that old offset might now be taken by a refcount block.
In practice, this was not the case due to update_refcount() generally
returning strictly monotonic increasing cluster offsets. However, this
behavior is not set in stone, and it is also not obvious when looking at
qcow2_alloc_bytes() alone, so we should not rely on it.
vmdk: Fix next_cluster_sector for compressed write
When the VMDK is streamOptimized (or compressed), the
next_cluster_sector must not be incremented by a fixed number of
sectors. Instead of this, it must be rounded up to the next consecutive
sector. Fixing this results in much smaller compressed images.
Max Reitz [Mon, 14 Sep 2015 14:39:47 +0000 (16:39 +0200)]
qcow2: Make size_to_clusters() return uint64_t
Sadly, some images may have more clusters than what can be represented
using a plain int. We should be prepared for that case (in
qcow2_check_refcounts() we actually were trying to catch that case, but
since size_to_clusters() truncated the returned value, that check never
did anything useful).
Kevin Wolf [Thu, 16 Apr 2015 11:42:27 +0000 (13:42 +0200)]
qcow2: Support updating driver-specific options in reopen
For updating the cache sizes, disabling lazy refcounts and updating the
clean_cache_timer there is a bit more to do than just changing the
variables, but otherwise we're all set for changing options during
bdrv_reopen().
Just implement the missing pieces and hook the functions up in
bdrv_reopen().
Kevin Wolf [Thu, 16 Apr 2015 09:36:10 +0000 (11:36 +0200)]
qcow2: Move qcow2_update_options() call up
qcow2_update_options() only updates some variables in BDRVQcowState and
doesn't really depend on other parts of it being initialised yet, so it
can be moved so that it immediately follows the other half of option
handling code in qcow2_open().
Kevin Wolf [Thu, 16 Apr 2015 09:29:27 +0000 (11:29 +0200)]
qcow2: Factor out qcow2_update_options()
Eventually we want to be able to change options at runtime. As a first
step towards that goal, separate some option handling code from the
general initialisation code in qcow2_open().
Peter Maydell [Mon, 14 Sep 2015 13:57:50 +0000 (14:57 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150914' into staging
target-arm queue:
* fix GIC region size in xlnx-zynqmp
* xlnx-zynqmp: Remove unnecessary brackets
* improve A64 generated TCG code
* add GPIO devices to i.MX25 and i.MX31
* more missing pieces for EL2 support
Usually, eliminate an operation from the translator by combining
a shift with an extract.
In the case of gen_set_NZ64, we don't need a boolean value for cpu_ZF,
merely a non-zero value. Given that we can extract both halves of a
64-bit input in one call, this simplifies the code.
target-arm: Handle always condition codes within arm_test_cc
Handling this with TCG_COND_ALWAYS will allow these unlikely
cases to be handled without special cases in the rest of the
translator. The TCG optimizer ought to be able to reduce
these ALWAYS conditions completely.
This is a bug fix for aarch64. At present, we have branches using
the 32-bit (translate.c) versions of cpu_[NZCV]F, but we set the flags
using the 64-bit (translate-a64.c) versions of cpu_[NZCV]F. From
the view of the TCG code generator, these are unrelated variables.
The bug is hard to see because we currently only read these variables
from branches, and upon reaching a branch TCG will first spill live
variables and then reload the arguments of the branch. Since the
32-bit versions were never live until reaching the branch, we'd re-read
the data that had just been spilled from the 64-bit versions.
There is currently no such problem with the cpu_exclusive_* variables,
but there's no point in tempting fate.
The GIC in ZynqMP cover a 64K address space, however the actual
registers are decoded within a 4K address space and mirrored at the 4K
boundaries. This change fixes the defined size for these regions as it
was set to 0x4000/16K incorrectly.
# gpg: Signature made Sun 13 Sep 2015 22:16:12 BST using RSA key ID 1DDD8C9B
# gpg: Good signature from "Aurelien Jarno <[email protected]>"
# gpg: aka "Aurelien Jarno <[email protected]>"
# gpg: aka "Aurelien Jarno <[email protected]>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 7746 2642 A9EF 94FD 0F77 196D BA9C 7806 1DDD 8C9B
* remotes/aurel/tags/pull-sh4-next-20150913:
sh4: Fix initramfs initialization for endiannes-mismatched targets
target-sh4: improve shad instruction
target-sh4: improve shld instruction
target-sh4: improve cmp/str instruction
target-sh4: use deposit in swap.b instruction
target-sh4: add flags markups for FP helpers
Guenter Roeck [Wed, 12 Aug 2015 14:20:36 +0000 (07:20 -0700)]
sh4: Fix initramfs initialization for endiannes-mismatched targets
If host and target endianness does not match, loding an initramfs does not work.
Fix by writing boot parameters with appropriate endianness conversion.
The SH4 shad instruction can shift in both direction, depending on the
sign of the shift. This is currently implemented using branches, which
is not really efficient and prevents the optimizer to do its job. In
practice it is often used with a constant loaded in a register just
before.
Simplify the implementation by computing both the value shifted to the
left and to the right, and then selecting the correct one with a
movcond. As with a negative value the shift amount can go up to 32 which
is undefined, we shift the value in two steps.
The SH4 shld instruction can shift in both direction, depending on the
sign of the shift. This is currently implemented using branches, which
is not really efficient and prevents the optimizer to do its job. In
practice it is often used with a constant loaded in a register just
before.
Simplify the implementation by computing both the value shifted to the
left and to the right, and then selecting the correct one with a
movcond. As with a negative value the shift amount can go up to 32 which
is undefined, we shift the value in two steps.
Instead of testing bytes one by one, we can use the following trick
from https://graphics.stanford.edu/~seander/bithacks.html:
haszero(v) = (v - 0x01010101) & ~v & 0x80808080
The subexpression v - 0x01010101, evaluates to a high bit set in any
byte whenever the corresponding byte in v is zero or greater than 0x80.
The sub-expression ~v & 0x80808080 evaluates to high bits set in bytes
where the byte of v doesn't have its high bit set (so the byte was less
than 0x80). Finally, by ANDing these two sub-expressions the result is
the high bits set where the bytes in v were zero, since the high bits
set due to a value greater than 0x80 in the first sub-expression are
masked off by the second.
Peter Maydell [Fri, 11 Sep 2015 17:01:56 +0000 (18:01 +0100)]
Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20150911' into staging
queued tcg related patches
# gpg: Signature made Fri 11 Sep 2015 16:17:00 BST using RSA key ID 4DD0279B
# gpg: Good signature from "Richard Henderson <[email protected]>"
# gpg: aka "Richard Henderson <[email protected]>"
# gpg: aka "Richard Henderson <[email protected]>"
* remotes/rth/tags/pull-tcg-20150911:
cpu-exec: introduce loop exit with restore function
softmmu: remove now unused functions
softmmu: add helper function to pass through retaddr
tlb: Add "ifetch" argument to cpu_mmu_index()
Peter Maydell [Fri, 14 Aug 2015 17:46:31 +0000 (18:46 +0100)]
scripts/qemu-gdb: Silently pass through SIGUSR1
SIGUSR1 is QEMU's IPI signal, and it gets sent a lot, so is
best silently passed through to the guest without stopping.
Make qemu-gdb.py do this bit of configuration for the user.
Peter Maydell [Fri, 14 Aug 2015 17:46:29 +0000 (18:46 +0100)]
scripts/qemu-gdb: Split MtreeCommand into its own module
As we add more commands to our Python gdb debugging support, it's
going to get unwieldy to have everything in a single file. Split
the implementation of the 'mtree' command from qemu-gdb.py into
its own module.
Pavel Dovgalyuk [Fri, 10 Jul 2015 09:56:50 +0000 (12:56 +0300)]
softmmu: add helper function to pass through retaddr
This patch introduces several helpers to pass return address
which points to the TB. Correct return address allows correct
restoring of the guest PC and icount. These functions should be used when
helpers embedded into TB invoke memory operations.
This is set to true when the index is for an instruction fetch
translation.
The core get_page_addr_code() sets it, as do the SOFTMMU_CODE_ACCESS
acessors.
All targets ignore it for now, and all other callers pass "false".
This will allow targets who wish to split the mmu index between
instruction and data accesses to do so. A subsequent patch will
do just that for PowerPC.
Stefan Weil [Sat, 29 Aug 2015 07:29:52 +0000 (09:29 +0200)]
linux-user: Fix warnings caused by missing 'static' attribute
Warnings from the Sparse static analysis tool:
linux-user/main.c:40:12: warning:
symbol 'filename' was not declared. Should it be static?
linux-user/main.c:41:12: warning:
symbol 'argv0' was not declared. Should it be static?
linux-user/main.c:42:5: warning:
symbol 'gdbstub_port' was not declared. Should it be static?
linux-user/main.c:43:11: warning:
symbol 'envlist' was not declared. Should it be static?
Kővágó, Zoltán [Tue, 7 Jul 2015 14:42:10 +0000 (16:42 +0200)]
opts: produce valid command line in qemu_opts_print
This will let us print options in a format that the user would actually
write it on the command line (foo=bar,baz=asd,etc=def), without
prepending a spurious comma at the beginning of the list, or quoting
values unnecessarily. This patch provides the following changes:
* write and id=, if the option has an id
* do not print separator before the first element
* do not quote string arguments
* properly escape commas (,) for QEMU
The free() and g_free() functions both happily accept
NULL on any platform QEMU builds on. As such putting a
conditional 'if (foo)' check before calls to 'free(foo)'
merely serves to bloat the lines of code.
Many source files have doubled words (eg "the the", "to to",
and so on). Most of these can simply be removed, but a couple
were actual mis-spellings (eg "to to" instead of "to do").
There was even one triple word score "to to to" :-)
A number of source files have statements accidentally
terminated by a double semicolon - eg 'foo = bar;;'.
This is harmless but a mistake none the less.
The tcg/ia64/tcg-target.c file is whitelisted because
it has valid use of ';;' in a comment containing assembly
code.
but get_ticks_per_sec() is 10^9 (30 bit value) and timeout
is a 35 bit value.
Whereas muldiv64 is:
uint64_t muldiv64(uint64_t a, uint32_t b, uint32_t c)
So we loose 3 bits of timeout.
Swapping get_ticks_per_sec() and timeout fixes it.
We can also replace it by a multiplication by 30 ns,
but this changes PCI clock frequency from 33MHz to 33.333333MHz
and we need to do this on all the QEMU PCI devices (later...)
Peter Maydell [Thu, 10 Sep 2015 17:25:52 +0000 (18:25 +0100)]
Merge remote-tracking branch 'remotes/sstabellini/tags/xen-2015-09-10-tag' into staging
xen-2015-09-10
# gpg: Signature made Thu 10 Sep 2015 17:52:08 BST using RSA key ID 70E1AE90
# gpg: Good signature from "Stefano Stabellini <[email protected]>"
* remotes/sstabellini/tags/xen-2015-09-10-tag: (29 commits)
xen/pt: Don't slurp wholesale the PCI configuration registers
xen/pt: Check for return values for xen_host_pci_[get|set] in init
xen/pt: Move bulk of xen_pt_unregister_device in its own routine.
xen/pt: Make xen_pt_unregister_device idempotent
xen/pt: Log xen_host_pci_get/set errors in MSI code.
xen/pt: Log xen_host_pci_get in two init functions
xen/pt: Remove XenPTReg->data field.
xen/pt: Check if reg->init function sets the 'data' past the reg->size
xen/pt: Sync up the dev.config and data values.
xen/pt: Use xen_host_pci_get_[byte|word] instead of dev.config
xen/pt: Use XEN_PT_LOG properly to guard against compiler warnings.
xen/pt/msi: Add the register value when printing logging and error messages
xen: use errno instead of rc for xc_domain_add_to_physmap
xen/pt: xen_host_pci_config_read returns -errno, not -1 on failure
xen/pt: Make xen_pt_msi_set_enable static
xen/pt: Update comments with proper function name.
xen/HVM: atomically access pointers in bufioreq handling
xen-hvm: When using xc_domain_add_to_physmap also include errno when reporting
xen, gfx passthrough: add opregion mapping
xen, gfx passthrough: register host bridge specific to passthrough
...
projects / qemu.git / log