Laurent Vivier [Mon, 19 Mar 2018 11:35:44 +0000 (12:35 +0100)]
target/m68k: add a mechanism to automatically free TCGv
SRC_EA() and gen_extend() can return either a temporary
TCGv or a memory allocated one. Mark them when they are
allocated, and free them automatically at end of the
instruction translation.
We want to free locally allocated TCGv to avoid
overflow in sequence like:
That can fill a lot of TCGv entries in a sequence,
especially since 15fa08f845 ("tcg: Dynamically allocate TCGOps")
we have no limit to fill the TCGOps cache and we can fill
the entire TCG variables array and overflow it.
* remotes/vivier2/tags/linux-user-for-2.12-pull-request:
linux-user: init_guest_space: Add a comment about search strategy
linux-user: init_guest_space: Don't try to align if we'll reject it
linux-user: init_guest_space: Clean up control flow a bit
linux-user: init_guest_commpage: Add a comment about size check
linux-user: init_guest_space: Clarify page alignment logic
linux-user: init_guest_space: Correctly handle guest_start in commpage initialization
linux-user: init_guest_space: Clean up if we can't initialize the commpage
linux-user: Rename validate_guest_space => init_guest_commpage
linux-user: Use #if to only call validate_guest_space for 32-bit ARM target
qemu-binfmt-conf.sh: add qemu-xtensa
linux-user: drop unused target_msync function
linux-user: fix target_mprotect/target_munmap error return values
linux-user: fix assertion in shmdt
linux-user: fix mmap/munmap/mprotect/mremap/shmat
linux-user: Support f_flags in statfs when available.
linux-user: allows to use "--systemd ALL" with qemu-binfmt-conf.sh
linux-user: Remove the unused "not implemented" signal handling stubs
linux-user: Drop unicore32 code
Peter Maydell [Thu, 15 Mar 2018 16:49:29 +0000 (16:49 +0000)]
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream-sev' into staging
* Migrate MSR_SMI_COUNT (Liran)
* Update kernel headers (Gerd, myself)
* SEV support (Brijesh)
I have not tested non-x86 compilation, but I reordered the SEV patches
so that all non-x86-specific changes go first to catch any possible
issues (which weren't there anyway :)).
Peter Maydell [Thu, 15 Mar 2018 14:48:09 +0000 (14:48 +0000)]
Merge remote-tracking branch 'remotes/stsquad/tags/pull-travis-speedup-130318-1' into staging
Some updates to reduce timeouts in Travis
# gpg: Signature made Tue 13 Mar 2018 16:44:46 GMT
# gpg: using RSA key FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <[email protected]>"
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44
* remotes/stsquad/tags/pull-travis-speedup-130318-1:
.travis.yml: add --disable-user with the rest of the disables
.travis.yml: split default config into system and user
.travis.yml: drop setting default log output
Brijesh Singh [Thu, 8 Mar 2018 12:49:00 +0000 (06:49 -0600)]
sev/i386: add sev_get_capabilities()
The function can be used to get the current SEV capabilities.
The capabilities include platform diffie-hellman key (pdh) and certificate
chain. The key can be provided to the external entities which wants to
establish a trusted channel between SEV firmware and guest owner.
The command can be used by libvirt to retrieve the measurement of SEV guest.
This measurement is a signature of the memory contents that was encrypted
through the LAUNCH_UPDATE_DATA.
Brijesh Singh [Thu, 8 Mar 2018 12:48:58 +0000 (06:48 -0600)]
cpu/i386: populate CPUID 0x8000_001F when SEV is active
When SEV is enabled, CPUID 0x8000_001F should provide additional
information regarding the feature (such as which page table bit is used
to mark the pages as encrypted etc).
The details for memory encryption CPUID is available in AMD APM
(https://support.amd.com/TechDocs/24594.pdf) Section E.4.17
Brijesh Singh [Thu, 8 Mar 2018 12:48:51 +0000 (06:48 -0600)]
sev/i386: add support to LAUNCH_MEASURE command
During machine creation we encrypted the guest bios image, the
LAUNCH_MEASURE command can be used to retrieve the measurement of
the encrypted memory region. This measurement is a signature of
the memory contents that can be sent to the guest owner as an
attestation that the memory was encrypted correctly by the firmware.
VM management tools like libvirt can query the measurement using
query-sev-launch-measure QMP command.
Brijesh Singh [Thu, 8 Mar 2018 12:48:48 +0000 (06:48 -0600)]
sev/i386: add command to create launch memory encryption context
The KVM_SEV_LAUNCH_START command creates a new VM encryption key (VEK).
The encryption key created with the command will be used for encrypting
the bootstrap images (such as guest bios).
Brijesh Singh [Thu, 8 Mar 2018 12:48:45 +0000 (06:48 -0600)]
sev/i386: register the guest memory range which may contain encrypted data
When SEV is enabled, the hardware encryption engine uses a tweak such
that the two identical plaintext at different location will have a
different ciphertexts. So swapping or moving a ciphertexts of two guest
pages will not result in plaintexts being swapped. Hence relocating
a physical backing pages of the SEV guest will require some additional
steps in KVM driver. The KVM_MEMORY_ENCRYPT_{UN,}REG_REGION ioctl can be
used to register/unregister the guest memory region which may contain the
encrypted data. KVM driver will internally handle the relocating physical
backing pages of registered memory regions.
Brijesh Singh [Thu, 8 Mar 2018 12:48:44 +0000 (06:48 -0600)]
sev/i386: add command to initialize the memory encryption context
When memory encryption is enabled, KVM_SEV_INIT command is used to
initialize the platform. The command loads the SEV related persistent
data from non-volatile storage and initializes the platform context.
This command should be first issued before invoking any other guest
commands provided by the SEV firmware.
Peter Maydell [Tue, 13 Mar 2018 16:26:44 +0000 (16:26 +0000)]
Merge remote-tracking branch 'remotes/ehabkost/tags/python-next-pull-request' into staging
Python queue, 2018-03-12
# gpg: Signature made Mon 12 Mar 2018 22:10:36 GMT
# gpg: using RSA key 2807936F984DC5A6
# gpg: Good signature from "Eduardo Habkost <[email protected]>"
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6
* remotes/ehabkost/tags/python-next-pull-request:
device-crash-test: Use 'python' binary
qmp.py: Encode json data before sending
qemu.py: Use items() instead of iteritems()
device-crash-test: New known crashes
Luke Shumaker [Thu, 28 Dec 2017 18:08:11 +0000 (13:08 -0500)]
linux-user: init_guest_space: Don't try to align if we'll reject it
If the ensure-alignment code gets triggered, then the
"if (host_start && real_start != current_start)" check will always trigger,
so save 2 syscalls and put that check first.
Note that we can't just switch to using MAP_FIXED for that check, because
then we couldn't differentiate between a failure because "there isn't
enough space" and "there isn't enough space *here*".
Luke Shumaker [Thu, 28 Dec 2017 18:08:10 +0000 (13:08 -0500)]
linux-user: init_guest_space: Clean up control flow a bit
Instead of doing
if (check1) {
if (check2) {
success;
}
}
retry;
Do a clearer
if (!check1) {
goto try_again;
}
if (!check2) {
goto try_again;
}
success;
try_again:
retry;
Besides being clearer, this makes it easier to insert more checks that
need to trigger a retry on check failure, or rearrange them, or anything
like that.
Because some indentation is changing, "ignore space change" may be useful
for viewing this patch.
Add a new memory encryption object 'sev-guest'. The object will be used
to create encrypted VMs on AMD EPYC CPU. The object provides the properties
to pass guest owner's public Diffie-hellman key, guest policy and session
information required to create the memory encryption context within the
SEV firmware.
e.g to launch SEV guest
# $QEMU \
-object sev-guest,id=sev0 \
-machine ....,memory-encryption=sev0
Brijesh Singh [Thu, 8 Mar 2018 12:48:46 +0000 (06:48 -0600)]
kvm: introduce memory encryption APIs
Inorder to integerate the Secure Encryption Virtualization (SEV) support
add few high-level memory encryption APIs which can be used for encrypting
the guest memory region.
Peter Maydell [Tue, 13 Mar 2018 09:43:43 +0000 (09:43 +0000)]
Merge remote-tracking branch 'remotes/stefanha/tags/tracing-pull-request' into staging
# gpg: Signature made Mon 12 Mar 2018 15:59:54 GMT
# gpg: using RSA key 9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <[email protected]>"
# gpg: aka "Stefan Hajnoczi <[email protected]>"
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35 775A 9CA4 ABB3 81AB 73C8
* remotes/stefanha/tags/tracing-pull-request:
trace: only permit standard C types and fixed size integer types
trace: remove use of QEMU specific types from trace probes
trace: include filename when printing parser error messages
simpletrace: fix timestamp argument type
log-for-trace.h: Split out parts of log.h used by trace.h
Eduardo Habkost [Mon, 12 Mar 2018 18:55:02 +0000 (15:55 -0300)]
qmp.py: Encode json data before sending
On Python 3, json.dumps() return a str object, which can't be
sent directly through a socket and must be encoded into a bytes
object. Use .encode('utf-8'), which will work on both Python 2
and Python 3.
Chao Peng [Sun, 4 Mar 2018 16:48:35 +0000 (00:48 +0800)]
i386: Add Intel Processor Trace feature support
Expose Intel Processor Trace feature to guest.
To make Intel PT live migration safe and get same CPUID information
with same CPU model on diffrent host. CPUID[14] is constant in this
patch. Intel PT use EPT is first supported in IceLake, the CPUID[14]
get on this machine as default value. Intel PT would be disabled
if any machine don't support this minial feature list.
Wanpeng Li [Fri, 9 Feb 2018 14:15:25 +0000 (06:15 -0800)]
target-i386: add KVM_HINTS_DEDICATED performance hint
Add KVM_HINTS_DEDICATED performance hint, guest checks this feature bit
to determine if they run on dedicated vCPUs, allowing optimizations such
as usage of qspinlocks.
Peter Maydell [Mon, 12 Mar 2018 14:06:23 +0000 (14:06 +0000)]
Merge remote-tracking branch 'remotes/kraxel/tags/ui-20180312-pull-request' into staging
gtk,spice: add dmabuf support.
sdl,vnc,gtk: bugfixes.
ui/qapi: add device ID and head parameters to screendump.
build: try improve handling of clang warnings.
* remotes/kraxel/tags/ui-20180312-pull-request:
qapi: Add device ID and head parameters to screendump
spice: add cursor_dmabuf support
spice: add scanout_dmabuf support
spice: drop dprint() debug logging
vnc: deal with surface NULL pointers
ui/gtk-egl: add cursor_dmabuf support
ui/gtk-egl: add scanout_dmabuf support
ui/gtk: use GtkGlArea on wayland only
ui/opengl: Makefile cleanup
ui/gtk: group gtk.mo declarations in Makefile
ui/gtk: make GtkGlArea usage a runtime option
sdl: workaround bug in sdl 2.0.8 headers
make: switch language file build to be gtk module aware
build: try improve handling of clang warnings
Peter Maydell [Mon, 12 Mar 2018 13:21:53 +0000 (13:21 +0000)]
Merge remote-tracking branch 'remotes/dgilbert/tags/pull-migration-20180309a' into staging
Migration pull 2018-03-09
# gpg: Signature made Fri 09 Mar 2018 17:52:46 GMT
# gpg: using RSA key 0516331EBC5BFDE7
# gpg: Good signature from "Dr. David Alan Gilbert (RH2) <[email protected]>"
# Primary key fingerprint: 45F5 C71B 4A0C B7FB 977A 9FA9 0516 331E BC5B FDE7
* remotes/dgilbert/tags/pull-migration-20180309a:
tests: Silence migration-test 'bad' test
migration: fix applying wrong capabilities
migration/block: rename MAX_INFLIGHT_IO to MAX_IO_BUFFERS
migration/block: reset dirty bitmap before read in bulk phase
migration: do not transfer ram during bulk storage migration
migration: fix minor finalize leak
Peter Maydell [Mon, 12 Mar 2018 11:47:52 +0000 (11:47 +0000)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20180309' into staging
target-arm queue:
* i.MX: Add i.MX7 SOC implementation and i.MX7 Sabre board
* Report the correct core count in A53 L2CTLR on the ZynqMP board
* linux-user: preliminary SVE support work (signal handling)
* hw/arm/boot: fix memory leak in case of error loading ELF file
* hw/arm/boot: avoid reading off end of buffer if passed very
small image file
* hw/arm: Use more CONFIG switches for the object files
* target/arm: Add "-cpu max" support
* hw/arm/virt: Support -machine gic-version=max
* hw/sd: improve debug tracing
* hw/sd: sdcard: Add the Tuning Command (CMD 19)
* MAINTAINERS: add Philippe as odd-fixes maintainer for SD
* remotes/pmaydell/tags/pull-target-arm-20180309: (25 commits)
MAINTAINERS: Add entries for SD (SDHCI, SDBus, SDCard)
sdhci: Fix a typo in comment
sdcard: Add the Tuning Command (CMD19)
sdcard: Display which protocol is used when tracing (SD or SPI)
sdcard: Display command name when tracing CMD/ACMD
sdcard: Do not trace CMD55, except when we already expect an ACMD
hw/arm/virt: Support -machine gic-version=max
hw/arm/virt: Add "max" to the list of CPU types "virt" supports
target/arm: Make 'any' CPU just an alias for 'max'
target/arm: Add "-cpu max" support
target/arm: Move definition of 'host' cpu type into cpu.c
target/arm: Query host CPU features on-demand at instance init
arm: avoid heap-buffer-overflow in load_aarch64_image
arm: fix load ELF error leak
hw/arm: Use more CONFIG switches for the object files
aarch64-linux-user: Add support for SVE signal frame records
aarch64-linux-user: Add support for EXTRA signal frame records
aarch64-linux-user: Remove struct target_aux_context
aarch64-linux-user: Split out helpers for guest signal handling
linux-user: Implement aarch64 PR_SVE_SET/GET_VL
...
trace: only permit standard C types and fixed size integer types
Some trace backends will compile code based on the declared trace
events. It should not be assumed that the backends can resolve any QEMU
specific typedefs. So trace events should restrict their argument
types to the standard C types and fixed size integer types. Any complex
pointer types can be declared as "void *" for purposes of trace events,
since nothing will be dereferencing these pointer arguments.
trace: remove use of QEMU specific types from trace probes
Any compound structs / unions / etc, should always be declared as
'void *' pointers, since it cannot be assumed that trace backends
are able to resolve QEMU typedefs.
Stefan Hajnoczi [Thu, 22 Feb 2018 16:39:01 +0000 (16:39 +0000)]
simpletrace: fix timestamp argument type
The timestamp argument to a trace event method is documented as follows:
The method can also take a timestamp argument before the trace event
arguments:
def runstate_set(self, timestamp, new_state):
...
Timestamps have the uint64_t type and are in nanoseconds.
In reality methods with a timestamp argument actually receive a tuple
like (123456789,) as the timestamp argument. This is due to a bug in
simpletrace.py.
This patch unpacks the tuple so that methods receive the correct
timestamp argument type.
Peter Maydell [Tue, 13 Feb 2018 14:00:29 +0000 (14:00 +0000)]
log-for-trace.h: Split out parts of log.h used by trace.h
A persistent build problem we see is where a source file
accidentally omits the #include of log.h. This slips through
local developer testing because if you configure with the
default (log) trace backend trace.h will pull in log.h for you.
Compilation fails only if some other backend is selected.
To make this error cause a compile failure regardless of
the configured trace backend, split out the parts of log.h
that trace.h requires into a new log-for-trace.h header.
Since almost all manual uses of the log.h functions will
use constants or functions which aren't in log-for-trace.h,
this will let us catch missing #include "qemu/log.h" more
consistently.
Stefan Hajnoczi [Wed, 7 Mar 2018 12:46:19 +0000 (12:46 +0000)]
block: make BDRV_POLL_WHILE() re-entrancy safe
Nested BDRV_POLL_WHILE() calls can occur. Currently
assert(!wait_->wakeup) fails in AIO_WAIT_WHILE() when this happens.
This patch converts the bool wait_->need_kick flag to an unsigned
wait_->num_waiters counter.
Nesting works correctly because outer AIO_WAIT_WHILE() callers evaluate
the condition again after the inner caller completes (invoking the inner
caller counts as aio_poll() progress).
Gerd Hoffmann [Fri, 9 Mar 2018 14:37:04 +0000 (15:37 +0100)]
vga: fix region calculation
Typically the scanline length and the line offset are identical. But
in case they are not our calculation for region_end is incorrect. Using
line_offset is fine for all scanlines, except the last one where we have
to use the actual scanline length.
Gerd Hoffmann [Tue, 6 Mar 2018 07:40:48 +0000 (08:40 +0100)]
audio: add module loading support
Make audio_driver_lookup() try load the module in case it doesn't find
the driver in the registry. Also load all modules for -audio-help, so
the help output includes the help text for modular audio drivers.
Gerd Hoffmann [Tue, 6 Mar 2018 07:40:47 +0000 (08:40 +0100)]
audio: add driver registry
Add registry for audio drivers, using the existing audio_driver struct.
Make all drivers register themself. The old list of audio_driver struct
pointers is now a list of audio driver names, specifying the priority
(aka probe order) in case no driver is explicitly asked for.
Peter Maydell [Mon, 12 Mar 2018 10:08:09 +0000 (10:08 +0000)]
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging
Block layer patches
# gpg: Signature made Fri 09 Mar 2018 15:09:20 GMT
# gpg: using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <[email protected]>"
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74 56FE 7F09 B272 C88F 2FD6
* remotes/kevin/tags/for-upstream: (56 commits)
qemu-iotests: fix 203 migration completion race
iotests: Tweak 030 in order to trigger a race condition with parallel jobs
iotests: Skip test for ENOMEM error
iotests: Mark all tests executable
iotests: Test creating overlay when guest running
qemu-iotests: Test ssh image creation over QMP
qemu-iotests: Test qcow2 over file image creation with QMP
block: Fail bdrv_truncate() with negative size
file-posix: Fix no-op bdrv_truncate() with falloc preallocation
ssh: Support .bdrv_co_create
ssh: Pass BlockdevOptionsSsh to connect_to_ssh()
ssh: QAPIfy host-key-check option
ssh: Use QAPI BlockdevOptionsSsh object
sheepdog: Support .bdrv_co_create
sheepdog: QAPIfy "redundancy" create option
nfs: Support .bdrv_co_create
nfs: Use QAPI options in nfs_client_open()
rbd: Use qemu_rbd_connect() in qemu_rbd_do_create()
rbd: Assign s->snap/image_name in qemu_rbd_open()
rbd: Support .bdrv_co_create
...
Thomas Huth [Mon, 5 Mar 2018 16:37:48 +0000 (17:37 +0100)]
qapi: Add device ID and head parameters to screendump
QEMU's screendump command can only take dumps from the primary display.
When using multiple VGA cards, there is no way to get a dump from a
secondary card or other display heads yet. So let's add a 'device' and
a 'head' parameter to the HMP and QMP commands to be able to specify
alternative devices and heads with the screendump command, too.
Gerd Hoffmann [Thu, 8 Mar 2018 09:06:17 +0000 (10:06 +0100)]
spice: add cursor_dmabuf support
Add support for cursor dmabufs. qemu has to render the cursor for
that, so in case a cursor is present qemu allocates a new dmabuf, blits
the scanout, blends in the pointer and passes on the new dmabuf to
spice-server. Without cursor qemu continues to simply pass on the
scanout dmabuf as-is.
Gerd Hoffmann [Thu, 8 Mar 2018 16:18:03 +0000 (17:18 +0100)]
vnc: deal with surface NULL pointers
Secondary displays in multihead setups are allowed to have a NULL
DisplaySurface. Typically user interfaces handle this by hiding the
window which shows the display in question.
This isn't an option for vnc though because it simply hasn't a concept
of windows or outputs. So handle the situation by showing a placeholder
DisplaySurface instead. Also check in console_select whenever a surface
is preset in the first place before requesting an update.
This fixes a segfault which can be triggered by switching to an unused
display (via vtrl-alt-<nr>) in a multihead setup, for example using
-device virtio-vga,max_outputs=2.
Gerd Hoffmann [Tue, 6 Mar 2018 09:09:49 +0000 (10:09 +0100)]
ui/gtk: use GtkGlArea on wayland only
For dma-buf support we need a egl context. The gtk x11 backend uses glx
contexts though. We can't use the GtkGlArea widget on x11 because of
that, so use our own gtk-egl code instead. wayland continues to use
the GtkGlArea widget.
Gerd Hoffmann [Fri, 9 Mar 2018 13:59:45 +0000 (14:59 +0100)]
build: try improve handling of clang warnings
This patch disables the pragma diagnostic -Wunused-but-set-variable for
clang in util/coroutine-ucontext.c.
This in turn allows us to remove it from the configure check, so the
CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE will succeed for clang.
With that in place clang builds (linux) will use -Werror by default,
which breaks the build due to warning about unaligned struct members.
Just turning off this warning isn't a good idea as it indicates
portability problems. So make it a warning again, using
-Wno-error=address-of-packed-member. That way it doesn't break the
build but still shows up in the logs.
Now clang builds qemu without errors. Well, almost. There are some
left in the rdma code. Leaving that to the rdma people. All others can
use --disable-rdma to workarounds this.
There are 3 parts to this change:
- Add a comment showing the relative sizes and positions of the blocks of
memory
- introduce and use new aligned_{start,size} instead of adjusting
real_{start_size}
- When we clean up (on failure), munmap(real_start, real_size) instead of
munmap(aligned_start, aligned_size). It *shouldn't* make any
difference, but I will admit that this does mean we are making the
syscall with different values, so this isn't quite a no-op patch.
Luke Shumaker [Thu, 28 Dec 2017 18:08:07 +0000 (13:08 -0500)]
linux-user: init_guest_space: Correctly handle guest_start in commpage initialization
init_guest_commpage needs to check if the mapped space, which ends at
real_start+real_size overlaps with where it needs to put the commpage,
which is (assuming sane qemu_host_page_size) guest_base + 0xffff000, where
guest_base is real_start - guest_start.
[guest_base][ 0xffff0000 ][commpage]
[guest_base][guest_start][real_size] [commpage]
[ real_start ][real_size] [commpage]
^
fail if this gap < 0
Since init_guest_commpage wants to do everything relative to guest_base
(rather than real_start), it obviously needs to be comparing 0xffff0000
against guest_start+real_size, not just real_size.
This bug has been present since 806d102141b99d4f1e55a97d68b7ea8c8ba3129f in
2012, but guest_start is usually 0, and prior to v2.11 real_size was
usually much smaller than 0xffff0000, so it was uncommon for it to have
made a difference.
projects / qemu.git / log