From d69748463c706801eabce2216c3f7914f56cc3a8 Mon Sep 17 00:00:00 2001 From: Bruce Rogers Date: Thu, 29 Mar 2018 09:10:18 -0600 Subject: [PATCH 01/20] sys_membarrier: fix up include directives Our rule right now is to use <> for external headers only. util/sys_membarrier.c violates that. Fix it up. Signed-off-by: Bruce Rogers Message-Id: <20180329151018.15319-1-brogers@suse.com> Signed-off-by: Paolo Bonzini --- util/sys_membarrier.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/util/sys_membarrier.c b/util/sys_membarrier.c index 8dcb53e63e..1362c0c4c5 100644 --- a/util/sys_membarrier.c +++ b/util/sys_membarrier.c @@ -6,9 +6,9 @@ * Author: Paolo Bonzini */ -#include -#include -#include +#include "qemu/osdep.h" +#include "qemu/sys_membarrier.h" +#include "qemu/error-report.h" #ifdef CONFIG_LINUX #include From 5cd10051c2e02b7a86eae49919d6c65a87dbea46 Mon Sep 17 00:00:00 2001 From: Alexandro Sanchez Bach Date: Thu, 5 Apr 2018 14:40:58 +0200 Subject: [PATCH 02/20] target/i386: Fix andn instruction In commit 7073fbada733c8d10992f00772c9b9299d740e9b, the `andn` instruction was implemented via `tcg_gen_andc` but passes the operands in the wrong order: - X86 defines `andn dest,src1,src2` as: dest = ~src1 & src2 - TCG defines `andc dest,src1,src2` as: dest = src1 & ~src2 The following simple test shows the issue: #include #include int main(void) { uint32_t ret = 0; __asm ( "mov $0xFF00, %%ecx\n" "mov $0x0F0F, %%eax\n" "andn %%ecx, %%eax, %%ecx\n" "mov %%ecx, %0\n" : "=r" (ret)); printf("%08X\n", ret); return 0; } This patch fixes the problem by simply swapping the order of the two last arguments in `tcg_gen_andc_tl`. Reported-by: Alexandro Sanchez Bach Signed-off-by: Alexandro Sanchez Bach Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini --- target/i386/translate.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target/i386/translate.c b/target/i386/translate.c index 0135415d92..3b7ce9232e 100644 --- a/target/i386/translate.c +++ b/target/i386/translate.c @@ -3802,7 +3802,7 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b, } ot = mo_64_32(s->dflag); gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 0); - tcg_gen_andc_tl(cpu_T0, cpu_regs[s->vex_v], cpu_T0); + tcg_gen_andc_tl(cpu_T0, cpu_T0, cpu_regs[s->vex_v]); gen_op_mov_reg_v(ot, reg, cpu_T0); gen_op_update1_cc(); set_cc_op(s, CC_OP_LOGICB + ot); From 053e45d2f3d3eb51799f371a39434699984e9019 Mon Sep 17 00:00:00 2001 From: Su Hang Date: Mon, 26 Mar 2018 10:06:22 +0800 Subject: [PATCH 03/20] scripts/checkpatch.pl: Bug fix Commit 2b9aef6fcd96ba7ed8c1ee723e391901852d344c introduced a regression: checkpatch.pl started complaining about the following valid pattern: do { /* something */ } while (condition); Fix the script to once again permit this pattern. Signed-off-by: Su Hang Message-Id: <1522029982-4650-1-git-send-email-suhang16@mails.ucas.ac.cn> Signed-off-by: Paolo Bonzini --- scripts/checkpatch.pl | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl index 57daae05ea..d52207a3cc 100755 --- a/scripts/checkpatch.pl +++ b/scripts/checkpatch.pl @@ -2356,6 +2356,18 @@ sub process { # check for missing bracing around if etc if ($line =~ /(^.*)\b(?:if|while|for)\b/ && $line !~ /\#\s*if/) { + my $allowed = 0; + + # Check the pre-context. + if ($line =~ /(\}.*?)$/) { + my $pre = $1; + + if ($line !~ /else/) { + print "APW: ALLOWED: pre<$pre> line<$line>\n" + if $dbg_adv_apw; + $allowed = 1; + } + } my ($level, $endln, @chunks) = ctx_statement_full($linenr, $realcnt, 1); if ($dbg_adv_apw) { @@ -2364,7 +2376,6 @@ sub process { if $#chunks >= 1; } if ($#chunks >= 0 && $level == 0) { - my $allowed = 0; my $seen = 0; my $herectx = $here . "\n"; my $ln = $linenr - 1; @@ -2408,7 +2419,7 @@ sub process { $allowed = 1; } } - if ($seen != ($#chunks + 1)) { + if ($seen != ($#chunks + 1) && !$allowed) { ERROR("braces {} are necessary for all arms of this statement\n" . $herectx); } } From 648abbfbaa4462bc015b15dd335068638bee4246 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= Date: Wed, 28 Mar 2018 14:18:04 +0200 Subject: [PATCH 04/20] memfd: fix vhost-user-test on non-memfd capable host MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On RHEL7, memfd is not supported, and vhost-user-test fails: TEST: tests/vhost-user-test... (pid=10248) /x86_64/vhost-user/migrate: qemu-system-x86_64: -object memory-backend-memfd,id=mem,size=2M,: failed to create memfd FAIL There is a qemu_memfd_check() to prevent running memfd path, but it also checks for fallback implementation. Let's specialize qemu_memfd_check() to check memfd only, while qemu_memfd_alloc_check() checks for the qemu_memfd_alloc() API. Reported-by: Miroslav Rezanina Tested-by: Miroslav Rezanina Signed-off-by: Marc-André Lureau Message-Id: <20180328121804.16203-1-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini Signed-off-by: Marc-André Lureau --- hw/virtio/vhost.c | 2 +- include/qemu/memfd.h | 1 + util/memfd.c | 34 +++++++++++++++++++++++++++++++++- 3 files changed, 35 insertions(+), 2 deletions(-) diff --git a/hw/virtio/vhost.c b/hw/virtio/vhost.c index 250f886acb..27c1ec5fe8 100644 --- a/hw/virtio/vhost.c +++ b/hw/virtio/vhost.c @@ -1223,7 +1223,7 @@ int vhost_dev_init(struct vhost_dev *hdev, void *opaque, if (!(hdev->features & (0x1ULL << VHOST_F_LOG_ALL))) { error_setg(&hdev->migration_blocker, "Migration disabled: vhost lacks VHOST_F_LOG_ALL feature."); - } else if (vhost_dev_log_is_shared(hdev) && !qemu_memfd_check()) { + } else if (vhost_dev_log_is_shared(hdev) && !qemu_memfd_alloc_check()) { error_setg(&hdev->migration_blocker, "Migration disabled: failed to allocate shared memory"); } diff --git a/include/qemu/memfd.h b/include/qemu/memfd.h index de10198ed6..49e79634da 100644 --- a/include/qemu/memfd.h +++ b/include/qemu/memfd.h @@ -18,6 +18,7 @@ int qemu_memfd_create(const char *name, size_t size, bool hugetlb, uint64_t hugetlbsize, unsigned int seals, Error **errp); +bool qemu_memfd_alloc_check(void); void *qemu_memfd_alloc(const char *name, size_t size, unsigned int seals, int *fd, Error **errp); void qemu_memfd_free(void *ptr, size_t size, int fd); diff --git a/util/memfd.c b/util/memfd.c index 07d579ea7d..b3ecbac19e 100644 --- a/util/memfd.c +++ b/util/memfd.c @@ -173,7 +173,13 @@ enum { MEMFD_TODO }; -bool qemu_memfd_check(void) +/** + * qemu_memfd_alloc_check(): + * + * Check if qemu_memfd_alloc() can allocate, including using a + * fallback implementation when host doesn't support memfd. + */ +bool qemu_memfd_alloc_check(void) { static int memfd_check = MEMFD_TODO; @@ -188,3 +194,29 @@ bool qemu_memfd_check(void) return memfd_check == MEMFD_OK; } + +/** + * qemu_memfd_check(): + * + * Check if host supports memfd. + */ +bool qemu_memfd_check(void) +{ +#ifdef CONFIG_LINUX + static int memfd_check = MEMFD_TODO; + + if (memfd_check == MEMFD_TODO) { + int mfd = memfd_create("test", 0); + if (mfd >= 0) { + memfd_check = MEMFD_OK; + close(mfd); + } else { + memfd_check = MEMFD_KO; + } + } + + return memfd_check == MEMFD_OK; +#else + return false; +#endif +} From 7becac84fb352c01ad8b914aa956688f03079739 Mon Sep 17 00:00:00 2001 From: "Justin Terry (VM)" Date: Mon, 26 Mar 2018 10:06:58 -0700 Subject: [PATCH 05/20] target/i386: WHPX: set CPUID_EXT_HYPERVISOR bit Implements the CPUID trap for CPUID 1 to include the CPUID_EXT_HYPERVISOR flag in the ECX results. This was preventing some older linux kernels from booting when trying to access MSR's that dont make sense when virtualized. Signed-off-by: Justin Terry (VM) Message-Id: <20180326170658.606-1-juterry@microsoft.com> Signed-off-by: Paolo Bonzini --- target/i386/whpx-all.c | 79 +++++++++++++++++++++++++++++++++++++++++- 1 file changed, 78 insertions(+), 1 deletion(-) diff --git a/target/i386/whpx-all.c b/target/i386/whpx-all.c index bf33d320bf..58435178a4 100644 --- a/target/i386/whpx-all.c +++ b/target/i386/whpx-all.c @@ -911,12 +911,62 @@ static int whpx_vcpu_run(CPUState *cpu) ret = 1; break; + case WHvRunVpExitReasonX64Cpuid: { + WHV_REGISTER_VALUE reg_values[5] = {0}; + WHV_REGISTER_NAME reg_names[5]; + UINT32 reg_count = 5; + UINT64 rip, rax, rcx, rdx, rbx; + + rip = vcpu->exit_ctx.VpContext.Rip + + vcpu->exit_ctx.VpContext.InstructionLength; + switch (vcpu->exit_ctx.CpuidAccess.Rax) { + case 1: + rax = vcpu->exit_ctx.CpuidAccess.DefaultResultRax; + /* Advertise that we are running on a hypervisor */ + rcx = + vcpu->exit_ctx.CpuidAccess.DefaultResultRcx | + CPUID_EXT_HYPERVISOR; + + rdx = vcpu->exit_ctx.CpuidAccess.DefaultResultRdx; + rbx = vcpu->exit_ctx.CpuidAccess.DefaultResultRbx; + break; + default: + rax = vcpu->exit_ctx.CpuidAccess.DefaultResultRax; + rcx = vcpu->exit_ctx.CpuidAccess.DefaultResultRcx; + rdx = vcpu->exit_ctx.CpuidAccess.DefaultResultRdx; + rbx = vcpu->exit_ctx.CpuidAccess.DefaultResultRbx; + } + + reg_names[0] = WHvX64RegisterRip; + reg_names[1] = WHvX64RegisterRax; + reg_names[2] = WHvX64RegisterRcx; + reg_names[3] = WHvX64RegisterRdx; + reg_names[4] = WHvX64RegisterRbx; + + reg_values[0].Reg64 = rip; + reg_values[1].Reg64 = rax; + reg_values[2].Reg64 = rcx; + reg_values[3].Reg64 = rdx; + reg_values[4].Reg64 = rbx; + + hr = WHvSetVirtualProcessorRegisters(whpx->partition, + cpu->cpu_index, + reg_names, + reg_count, + reg_values); + + if (FAILED(hr)) { + error_report("WHPX: Failed to set CpuidAccess state registers," + " hr=%08lx", hr); + } + ret = 0; + break; + } case WHvRunVpExitReasonNone: case WHvRunVpExitReasonUnrecoverableException: case WHvRunVpExitReasonInvalidVpRegisterValue: case WHvRunVpExitReasonUnsupportedFeature: case WHvRunVpExitReasonX64MsrAccess: - case WHvRunVpExitReasonX64Cpuid: case WHvRunVpExitReasonException: default: error_report("WHPX: Unexpected VP exit code %d", @@ -1272,6 +1322,33 @@ static int whpx_accel_init(MachineState *ms) goto error; } + memset(&prop, 0, sizeof(WHV_PARTITION_PROPERTY)); + prop.ExtendedVmExits.X64CpuidExit = 1; + hr = WHvSetPartitionProperty(whpx->partition, + WHvPartitionPropertyCodeExtendedVmExits, + &prop, + sizeof(WHV_PARTITION_PROPERTY)); + + if (FAILED(hr)) { + error_report("WHPX: Failed to enable partition extended X64CpuidExit" + " hr=%08lx", hr); + ret = -EINVAL; + goto error; + } + + UINT32 cpuidExitList[] = {1}; + hr = WHvSetPartitionProperty(whpx->partition, + WHvPartitionPropertyCodeCpuidExitList, + cpuidExitList, + RTL_NUMBER_OF(cpuidExitList) * sizeof(UINT32)); + + if (FAILED(hr)) { + error_report("WHPX: Failed to set partition CpuidExitList hr=%08lx", + hr); + ret = -EINVAL; + goto error; + } + hr = WHvSetupPartition(whpx->partition); if (FAILED(hr)) { error_report("WHPX: Failed to setup partition, hr=%08lx", hr); From 9445597b6a323c5afee7ed33ca2c1913f78a92dc Mon Sep 17 00:00:00 2001 From: Roman Kagan Date: Fri, 30 Mar 2018 20:02:08 +0300 Subject: [PATCH 06/20] i386/hyperv: add hv-frequencies cpu property In order to guarantee compatibility on migration, QEMU should have complete control over the features it announces to the guest via CPUID. However, the availability of Hyper-V frequency MSRs (HV_X64_MSR_TSC_FREQUENCY and HV_X64_MSR_APIC_FREQUENCY) depends solely on the support for them in the underlying KVM. Introduce "hv-frequencies" cpu property (off by default) which gives QEMU full control over whether these MSRs are announced. While at this, drop the redundant check of the cpu tsc frequency, and decouple this feature from hv-time. Signed-off-by: Roman Kagan Reviewed-by: Eduardo Habkost Message-Id: <20180330170209.20627-2-rkagan@virtuozzo.com> Signed-off-by: Paolo Bonzini --- target/i386/cpu.c | 1 + target/i386/cpu.h | 1 + target/i386/kvm.c | 13 +++++++++---- 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 555ae79d29..1a6b082b6f 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -4761,6 +4761,7 @@ static Property x86_cpu_properties[] = { DEFINE_PROP_BOOL("hv-runtime", X86CPU, hyperv_runtime, false), DEFINE_PROP_BOOL("hv-synic", X86CPU, hyperv_synic, false), DEFINE_PROP_BOOL("hv-stimer", X86CPU, hyperv_stimer, false), + DEFINE_PROP_BOOL("hv-frequencies", X86CPU, hyperv_frequencies, false), DEFINE_PROP_BOOL("check", X86CPU, check_cpuid, true), DEFINE_PROP_BOOL("enforce", X86CPU, enforce_cpuid, false), DEFINE_PROP_BOOL("kvm", X86CPU, expose_kvm, true), diff --git a/target/i386/cpu.h b/target/i386/cpu.h index 78db1b833a..1b219fafc4 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -1296,6 +1296,7 @@ struct X86CPU { bool hyperv_runtime; bool hyperv_synic; bool hyperv_stimer; + bool hyperv_frequencies; bool check_cpuid; bool enforce_cpuid; bool expose_kvm; diff --git a/target/i386/kvm.c b/target/i386/kvm.c index d23fff12f5..b35623ae24 100644 --- a/target/i386/kvm.c +++ b/target/i386/kvm.c @@ -648,11 +648,16 @@ static int hyperv_handle_properties(CPUState *cs) env->features[FEAT_HYPERV_EAX] |= HV_HYPERCALL_AVAILABLE; env->features[FEAT_HYPERV_EAX] |= HV_TIME_REF_COUNT_AVAILABLE; env->features[FEAT_HYPERV_EAX] |= HV_REFERENCE_TSC_AVAILABLE; - - if (has_msr_hv_frequencies && tsc_is_stable_and_known(env)) { - env->features[FEAT_HYPERV_EAX] |= HV_ACCESS_FREQUENCY_MSRS; - env->features[FEAT_HYPERV_EDX] |= HV_FREQUENCY_MSRS_AVAILABLE; + } + if (cpu->hyperv_frequencies) { + if (!has_msr_hv_frequencies) { + fprintf(stderr, "Hyper-V frequency MSRs " + "(requested by 'hv-frequencies' cpu flag) " + "are not supported by kernel\n"); + return -ENOSYS; } + env->features[FEAT_HYPERV_EAX] |= HV_ACCESS_FREQUENCY_MSRS; + env->features[FEAT_HYPERV_EDX] |= HV_FREQUENCY_MSRS_AVAILABLE; } if (cpu->hyperv_crash && has_msr_hv_crash) { env->features[FEAT_HYPERV_EDX] |= HV_GUEST_CRASH_MSR_AVAILABLE; From 1221f1504140b2c4aa56b66ee52c714506a04eed Mon Sep 17 00:00:00 2001 From: Roman Kagan Date: Fri, 30 Mar 2018 20:02:09 +0300 Subject: [PATCH 07/20] i386/hyperv: error out if features requested but unsupported In order to guarantee compatibility on migration, QEMU should have complete control over the features it announces to the guest via CPUID. However, for a number of Hyper-V-related cpu properties, if the corresponding feature is not supported by the underlying KVM, the propery is silently ignored and the feature is not announced to the guest. Refuse to start with an error instead. Signed-off-by: Roman Kagan Message-Id: <20180330170209.20627-3-rkagan@virtuozzo.com> Reviewed-by: Eduardo Habkost Signed-off-by: Paolo Bonzini --- target/i386/kvm.c | 43 ++++++++++++++++++++++++++++++++++--------- 1 file changed, 34 insertions(+), 9 deletions(-) diff --git a/target/i386/kvm.c b/target/i386/kvm.c index b35623ae24..6c49954e68 100644 --- a/target/i386/kvm.c +++ b/target/i386/kvm.c @@ -632,11 +632,6 @@ static int hyperv_handle_properties(CPUState *cs) X86CPU *cpu = X86_CPU(cs); CPUX86State *env = &cpu->env; - if (cpu->hyperv_time && - kvm_check_extension(cs->kvm_state, KVM_CAP_HYPERV_TIME) <= 0) { - cpu->hyperv_time = false; - } - if (cpu->hyperv_relaxed_timing) { env->features[FEAT_HYPERV_EAX] |= HV_HYPERCALL_AVAILABLE; } @@ -645,6 +640,12 @@ static int hyperv_handle_properties(CPUState *cs) env->features[FEAT_HYPERV_EAX] |= HV_APIC_ACCESS_AVAILABLE; } if (cpu->hyperv_time) { + if (kvm_check_extension(cs->kvm_state, KVM_CAP_HYPERV_TIME) <= 0) { + fprintf(stderr, "Hyper-V clocksources " + "(requested by 'hv-time' cpu flag) " + "are not supported by kernel\n"); + return -ENOSYS; + } env->features[FEAT_HYPERV_EAX] |= HV_HYPERCALL_AVAILABLE; env->features[FEAT_HYPERV_EAX] |= HV_TIME_REF_COUNT_AVAILABLE; env->features[FEAT_HYPERV_EAX] |= HV_REFERENCE_TSC_AVAILABLE; @@ -659,17 +660,41 @@ static int hyperv_handle_properties(CPUState *cs) env->features[FEAT_HYPERV_EAX] |= HV_ACCESS_FREQUENCY_MSRS; env->features[FEAT_HYPERV_EDX] |= HV_FREQUENCY_MSRS_AVAILABLE; } - if (cpu->hyperv_crash && has_msr_hv_crash) { + if (cpu->hyperv_crash) { + if (!has_msr_hv_crash) { + fprintf(stderr, "Hyper-V crash MSRs " + "(requested by 'hv-crash' cpu flag) " + "are not supported by kernel\n"); + return -ENOSYS; + } env->features[FEAT_HYPERV_EDX] |= HV_GUEST_CRASH_MSR_AVAILABLE; } env->features[FEAT_HYPERV_EDX] |= HV_CPU_DYNAMIC_PARTITIONING_AVAILABLE; - if (cpu->hyperv_reset && has_msr_hv_reset) { + if (cpu->hyperv_reset) { + if (!has_msr_hv_reset) { + fprintf(stderr, "Hyper-V reset MSR " + "(requested by 'hv-reset' cpu flag) " + "is not supported by kernel\n"); + return -ENOSYS; + } env->features[FEAT_HYPERV_EAX] |= HV_RESET_AVAILABLE; } - if (cpu->hyperv_vpindex && has_msr_hv_vpindex) { + if (cpu->hyperv_vpindex) { + if (!has_msr_hv_vpindex) { + fprintf(stderr, "Hyper-V VP_INDEX MSR " + "(requested by 'hv-vpindex' cpu flag) " + "is not supported by kernel\n"); + return -ENOSYS; + } env->features[FEAT_HYPERV_EAX] |= HV_VP_INDEX_AVAILABLE; } - if (cpu->hyperv_runtime && has_msr_hv_runtime) { + if (cpu->hyperv_runtime) { + if (!has_msr_hv_runtime) { + fprintf(stderr, "Hyper-V VP_RUNTIME MSR " + "(requested by 'hv-runtime' cpu flag) " + "is not supported by kernel\n"); + return -ENOSYS; + } env->features[FEAT_HYPERV_EAX] |= HV_VP_RUNTIME_AVAILABLE; } if (cpu->hyperv_synic) { From db1b5f135c58a1473b6609b53b8fd9da02d6b5d1 Mon Sep 17 00:00:00 2001 From: Thomas Huth Date: Tue, 27 Mar 2018 17:09:30 +0200 Subject: [PATCH 08/20] configure: Add missing configure options to help text We forgot to mention --with-git, --libexecdir and --with-pkgversion so far. Signed-off-by: Thomas Huth Message-Id: <1522163370-18544-1-git-send-email-thuth@redhat.com> Reviewed-by: Eric Blake Signed-off-by: Paolo Bonzini --- configure | 3 +++ 1 file changed, 3 insertions(+) diff --git a/configure b/configure index a2301dd0dc..752dd9ef32 100755 --- a/configure +++ b/configure @@ -1497,16 +1497,19 @@ Advanced options (experts only): --install=INSTALL use specified install [$install] --python=PYTHON use specified python [$python] --smbd=SMBD use specified smbd [$smbd] + --with-git=GIT use specified git [$git] --static enable static build [$static] --mandir=PATH install man pages in PATH --datadir=PATH install firmware in PATH$confsuffix --docdir=PATH install documentation in PATH$confsuffix --bindir=PATH install binaries in PATH --libdir=PATH install libraries in PATH + --libexecdir=PATH install helper binaries in PATH --sysconfdir=PATH install config in PATH$confsuffix --localstatedir=PATH install local state in PATH (set at runtime on win32) --firmwarepath=PATH search PATH for firmware files --with-confsuffix=SUFFIX suffix for QEMU data inside datadir/libdir/sysconfdir [$confsuffix] + --with-pkgversion=VERS use specified string as sub-version of the package --enable-debug enable common debug build options --enable-sanitizers enable default sanitizers --disable-strip disable stripping binaries From 37c51741892a89cf5710f5ac231091fb0a6352c7 Mon Sep 17 00:00:00 2001 From: Fam Zheng Date: Wed, 28 Mar 2018 00:41:41 +0800 Subject: [PATCH 09/20] scsi-disk: Don't enlarge min_io_size to max_io_size Some backends report big max_io_sectors. Making min_io_size the same value in this case will make it impossible for guest to align memory, therefore the disk may not be usable at all. Do not enlarge them when they are zero. Reported-by: David Gibson Signed-off-by: Fam Zheng Message-Id: <20180327164141.19075-1-famz@redhat.com> Signed-off-by: Paolo Bonzini --- hw/scsi/scsi-disk.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c index f5ab767ab5..f8ed8cf2b4 100644 --- a/hw/scsi/scsi-disk.c +++ b/hw/scsi/scsi-disk.c @@ -714,10 +714,12 @@ static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf) /* min_io_size and opt_io_size can't be greater than * max_io_sectors */ - min_io_size = - MIN_NON_ZERO(min_io_size, max_io_sectors); - opt_io_size = - MIN_NON_ZERO(opt_io_size, max_io_sectors); + if (min_io_size) { + min_io_size = MIN(min_io_size, max_io_sectors); + } + if (opt_io_size) { + opt_io_size = MIN(opt_io_size, max_io_sectors); + } } /* required VPD size with unmap support */ buflen = 0x40; From 2343be0d7ee8a6e02c2bf99d0243492085c8d399 Mon Sep 17 00:00:00 2001 From: Paolo Bonzini Date: Thu, 5 Apr 2018 18:09:51 +0200 Subject: [PATCH 10/20] scsi-disk: allow customizing the SCSI version We would like to have different behavior for passthrough devices depending on the SCSI version they expose. To prepare for that, allow the user of emulated devices to specify the desired SCSI level, and adjust the emulation according to the property value. The next patch will set the level for scsi-block and scsi-generic devices. Based on a patch by Daniel Henrique Barboza . Signed-off-by: Paolo Bonzini --- hw/scsi/scsi-disk.c | 29 ++++++++++++++++++++++++----- hw/scsi/scsi-generic.c | 1 + include/hw/scsi/scsi.h | 2 ++ 3 files changed, 27 insertions(+), 5 deletions(-) diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c index f8ed8cf2b4..9400b97387 100644 --- a/hw/scsi/scsi-disk.c +++ b/hw/scsi/scsi-disk.c @@ -825,7 +825,7 @@ static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf) * block characteristics VPD page by default. Not all of SPC-3 * is actually implemented, but we're good enough. */ - outbuf[2] = 5; + outbuf[2] = s->qdev.default_scsi_version; outbuf[3] = 2 | 0x10; /* Format 2, HiSup */ if (buflen > 36) { @@ -2193,7 +2193,11 @@ static int32_t scsi_disk_dma_command(SCSIRequest *req, uint8_t *buf) case READ_12: case READ_16: DPRINTF("Read (sector %" PRId64 ", count %u)\n", r->req.cmd.lba, len); - if (r->req.cmd.buf[1] & 0xe0) { + /* Protection information is not supported. For SCSI versions 2 and + * older (as determined by snooping the guest's INQUIRY commands), + * there is no RD/WR/VRPROTECT, so skip this check in these versions. + */ + if (s->qdev.scsi_version > 2 && (r->req.cmd.buf[1] & 0xe0)) { goto illegal_request; } if (!check_lba_range(s, r->req.cmd.lba, len)) { @@ -2224,7 +2228,7 @@ static int32_t scsi_disk_dma_command(SCSIRequest *req, uint8_t *buf) * As far as DMA is concerned, we can treat it the same as a write; * scsi_block_do_sgio will send VERIFY commands. */ - if (r->req.cmd.buf[1] & 0xe0) { + if (s->qdev.scsi_version > 2 && (r->req.cmd.buf[1] & 0xe0)) { goto illegal_request; } if (!check_lba_range(s, r->req.cmd.lba, len)) { @@ -2270,6 +2274,8 @@ static void scsi_disk_reset(DeviceState *dev) /* reset tray statuses */ s->tray_locked = 0; s->tray_open = 0; + + s->qdev.scsi_version = s->qdev.default_scsi_version; } static void scsi_disk_resize_cb(void *opaque) @@ -2814,6 +2820,8 @@ static bool scsi_block_is_passthrough(SCSIDiskState *s, uint8_t *buf) static int32_t scsi_block_dma_command(SCSIRequest *req, uint8_t *buf) { SCSIBlockReq *r = (SCSIBlockReq *)req; + SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev); + r->cmd = req->cmd.buf[0]; switch (r->cmd >> 5) { case 0: @@ -2839,8 +2847,11 @@ static int32_t scsi_block_dma_command(SCSIRequest *req, uint8_t *buf) abort(); } - if (r->cdb1 & 0xe0) { - /* Protection information is not supported. */ + /* Protection information is not supported. For SCSI versions 2 and + * older (as determined by snooping the guest's INQUIRY commands), + * there is no RD/WR/VRPROTECT, so skip this check in these versions. + */ + if (s->qdev.scsi_version > 2 && (req->cmd.buf[1] & 0xe0)) { scsi_check_condition(&r->req, SENSE_CODE(INVALID_FIELD)); return 0; } @@ -2952,6 +2963,8 @@ static Property scsi_hd_properties[] = { DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size, DEFAULT_MAX_IO_SIZE), DEFINE_PROP_UINT16("rotation_rate", SCSIDiskState, rotation_rate, 0), + DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version, + 5), DEFINE_BLOCK_CHS_PROPERTIES(SCSIDiskState, qdev.conf), DEFINE_PROP_END_OF_LIST(), }; @@ -2997,6 +3010,8 @@ static Property scsi_cd_properties[] = { DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0), DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size, DEFAULT_MAX_IO_SIZE), + DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version, + 5), DEFINE_PROP_END_OF_LIST(), }; @@ -3025,6 +3040,8 @@ static Property scsi_block_properties[] = { DEFINE_PROP_DRIVE("drive", SCSIDiskState, qdev.conf.blk), DEFINE_PROP_BOOL("share-rw", SCSIDiskState, qdev.conf.share_rw, false), DEFINE_PROP_UINT16("rotation_rate", SCSIDiskState, rotation_rate, 0), + DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version, + 5), DEFINE_PROP_END_OF_LIST(), }; @@ -3065,6 +3082,8 @@ static Property scsi_disk_properties[] = { DEFAULT_MAX_UNMAP_SIZE), DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size, DEFAULT_MAX_IO_SIZE), + DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version, + 5), DEFINE_PROP_END_OF_LIST(), }; diff --git a/hw/scsi/scsi-generic.c b/hw/scsi/scsi-generic.c index 4753f8738f..1870085762 100644 --- a/hw/scsi/scsi-generic.c +++ b/hw/scsi/scsi-generic.c @@ -474,6 +474,7 @@ static void scsi_generic_reset(DeviceState *dev) { SCSIDevice *s = SCSI_DEVICE(dev); + s->scsi_version = s->default_scsi_version; scsi_device_purge_requests(s, SENSE_CODE(RESET)); } diff --git a/include/hw/scsi/scsi.h b/include/hw/scsi/scsi.h index 7ecaddac9d..e35137ea78 100644 --- a/include/hw/scsi/scsi.h +++ b/include/hw/scsi/scsi.h @@ -85,6 +85,8 @@ struct SCSIDevice uint64_t max_lba; uint64_t wwn; uint64_t port_wwn; + int scsi_version; + int default_scsi_version; }; extern const VMStateDescription vmstate_scsi_device; From 29e560f00e2bc1b5731c8276031aaf192de55d9d Mon Sep 17 00:00:00 2001 From: Daniel Henrique Barboza Date: Tue, 27 Mar 2018 18:14:51 -0300 Subject: [PATCH 11/20] hw/scsi: support SCSI-2 passthrough without PI QEMU SCSI code makes assumptions about how the PROTECT and BYTCHK works in the protocol, denying support for PI (Protection Information) in case the guest OS requests it. However, in SCSI versions 2 and older, there is no PI concept in the protocol. This means that when dealing with such devices: - there is no PROTECT bit in byte 5 of the standard INQUIRY response. The whole byte is marked as "Reserved"; - there is no RDPROTECT in byte 2 of READ. We have 'Logical Unit Number' in this field instead; - there is no VRPROTECT in byte 2 of VERIFY. We have 'Logical Unit Number' in this field instead. This also means that the BYTCHK bit in this case is not related to PI. Since QEMU does not consider these changes, a SCSI passthrough using a SCSI-2 device will not work. It will mistake these fields with PI information and return Illegal Request SCSI SENSE thinking that the driver is asking for PI support. This patch fixes it by adding a new attribute called 'scsi_version' that is read from the standard INQUIRY response of passthrough devices. This allows for a version verification before applying conditions related to PI that doesn't apply for older versions. Reported-by: Dac Nguyen Signed-off-by: Daniel Henrique Barboza Message-Id: <20180327211451.14647-1-danielhb@linux.vnet.ibm.com> Signed-off-by: Paolo Bonzini --- hw/scsi/scsi-disk.c | 2 +- hw/scsi/scsi-generic.c | 45 ++++++++++++++++++++++++++++++++---------- 2 files changed, 36 insertions(+), 11 deletions(-) diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c index 9400b97387..ded23d36ca 100644 --- a/hw/scsi/scsi-disk.c +++ b/hw/scsi/scsi-disk.c @@ -3041,7 +3041,7 @@ static Property scsi_block_properties[] = { DEFINE_PROP_BOOL("share-rw", SCSIDiskState, qdev.conf.share_rw, false), DEFINE_PROP_UINT16("rotation_rate", SCSIDiskState, rotation_rate, 0), DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version, - 5), + -1), DEFINE_PROP_END_OF_LIST(), }; diff --git a/hw/scsi/scsi-generic.c b/hw/scsi/scsi-generic.c index 1870085762..381f04e339 100644 --- a/hw/scsi/scsi-generic.c +++ b/hw/scsi/scsi-generic.c @@ -194,17 +194,40 @@ static void scsi_read_complete(void * opaque, int ret) r->buf[3] |= 0x80; } } - if (s->type == TYPE_DISK && - r->req.cmd.buf[0] == INQUIRY && - r->req.cmd.buf[2] == 0xb0) { - uint32_t max_transfer = - blk_get_max_transfer(s->conf.blk) / s->blocksize; + if (r->req.cmd.buf[0] == INQUIRY) { + /* + * EVPD set to zero returns the standard INQUIRY data. + * + * Check if scsi_version is unset (-1) to avoid re-defining it + * each time an INQUIRY with standard data is received. + * scsi_version is initialized with -1 in scsi_generic_reset + * and scsi_disk_reset, making sure that we'll set the + * scsi_version after a reset. If the version field of the + * INQUIRY response somehow changes after a guest reboot, + * we'll be able to keep track of it. + * + * On SCSI-2 and older, first 3 bits of byte 2 is the + * ANSI-approved version, while on later versions the + * whole byte 2 contains the version. Check if we're dealing + * with a newer version and, in that case, assign the + * whole byte. + */ + if (s->scsi_version == -1 && !(r->req.cmd.buf[1] & 0x01)) { + s->scsi_version = r->buf[2] & 0x07; + if (s->scsi_version > 2) { + s->scsi_version = r->buf[2]; + } + } + if (s->type == TYPE_DISK && r->req.cmd.buf[2] == 0xb0) { + uint32_t max_transfer = + blk_get_max_transfer(s->conf.blk) / s->blocksize; - assert(max_transfer); - stl_be_p(&r->buf[8], max_transfer); - /* Also take care of the opt xfer len. */ - stl_be_p(&r->buf[12], - MIN_NON_ZERO(max_transfer, ldl_be_p(&r->buf[12]))); + assert(max_transfer); + stl_be_p(&r->buf[8], max_transfer); + /* Also take care of the opt xfer len. */ + stl_be_p(&r->buf[12], + MIN_NON_ZERO(max_transfer, ldl_be_p(&r->buf[12]))); + } } scsi_req_data(&r->req, len); scsi_req_unref(&r->req); @@ -550,6 +573,8 @@ static void scsi_generic_realize(SCSIDevice *s, Error **errp) DPRINTF("block size %d\n", s->blocksize); + /* Only used by scsi-block, but initialize it nevertheless to be clean. */ + s->default_scsi_version = -1; scsi_generic_read_device_identification(s); } From 4968a2c6edb7b46b127c19a8426575d23b55ab1f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Mon, 26 Mar 2018 12:34:37 -0300 Subject: [PATCH 12/20] hw/dma/i82374: Avoid double creation of the 82374 controller MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit QEMU fails when used with the following command line: ./ppc64-softmmu/qemu-system-ppc64 -S -machine 40p -device i82374 qemu-system-ppc64: hw/isa/isa-bus.c:110: isa_bus_dma: Assertion `!bus->dma[0] && !bus->dma[1]' failed. The 40p machine type already creates the device i82374. If specified in the command line, it will try to create it again, hence generating the error. The function isa_bus_dma() isn't supposed to be called twice for the same bus. Check the bus doesn't already have a DMA controller registered before creating the device. Fixes: https://bugs.launchpad.net/qemu/+bug/1721224 Signed-off-by: Philippe Mathieu-Daudé Message-Id: <20180326153441.32641-2-f4bug@amsat.org> Signed-off-by: Paolo Bonzini --- hw/dma/i82374.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/hw/dma/i82374.c b/hw/dma/i82374.c index 83c87d92e0..892f655a7e 100644 --- a/hw/dma/i82374.c +++ b/hw/dma/i82374.c @@ -23,6 +23,7 @@ */ #include "qemu/osdep.h" +#include "qapi/error.h" #include "hw/isa/isa.h" #include "hw/dma/i8257.h" @@ -118,13 +119,19 @@ static const MemoryRegionPortio i82374_portio_list[] = { static void i82374_realize(DeviceState *dev, Error **errp) { I82374State *s = I82374(dev); + ISABus *isa_bus = isa_bus_from_device(ISA_DEVICE(dev)); + + if (isa_get_dma(isa_bus, 0)) { + error_setg(errp, "DMA already initialized on ISA bus"); + return; + } + i8257_dma_init(isa_bus, true); portio_list_init(&s->port_list, OBJECT(s), i82374_portio_list, s, "i82374"); portio_list_add(&s->port_list, isa_address_space_io(&s->parent_obj), s->iobase); - i8257_dma_init(isa_bus_from_device(ISA_DEVICE(dev)), true); memset(s->commands, 0, sizeof(s->commands)); } From c2b01cfec1f1426d95c27abacc3ea5b5fbb9a57e Mon Sep 17 00:00:00 2001 From: Michael Chapman Date: Fri, 6 Apr 2018 15:34:06 +1000 Subject: [PATCH 13/20] kvmclock: fix clock_is_reliable on migration from QEMU < 2.9 When migrating from a pre-2.9 QEMU, no clock_is_reliable flag is transferred. We should assume that the source host has an unreliable KVM_GET_CLOCK, rather than using whatever was determined locally, to ensure that any drift from the TSC-based value calculated by the guest is corrected. Signed-off-by: Michael Chapman Message-Id: <20180406053406.774-1-mike@very.puzzling.org> Signed-off-by: Paolo Bonzini --- hw/i386/kvm/clock.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/hw/i386/kvm/clock.c b/hw/i386/kvm/clock.c index 1707434db3..7dac319403 100644 --- a/hw/i386/kvm/clock.c +++ b/hw/i386/kvm/clock.c @@ -241,6 +241,19 @@ static const VMStateDescription kvmclock_reliable_get_clock = { } }; +/* + * When migrating, assume the source has an unreliable + * KVM_GET_CLOCK unless told otherwise. + */ +static int kvmclock_pre_load(void *opaque) +{ + KVMClockState *s = opaque; + + s->clock_is_reliable = false; + + return 0; +} + /* * When migrating, read the clock just before migration, * so that the guest clock counts during the events @@ -268,6 +281,7 @@ static const VMStateDescription kvmclock_vmsd = { .name = "kvmclock", .version_id = 1, .minimum_version_id = 1, + .pre_load = kvmclock_pre_load, .pre_save = kvmclock_pre_save, .fields = (VMStateField[]) { VMSTATE_UINT64(clock, KVMClockState), From 9f91022f28dc092e3b3250823814e4b3191c51ed Mon Sep 17 00:00:00 2001 From: linzhecheng Date: Wed, 28 Mar 2018 21:34:35 +0800 Subject: [PATCH 14/20] virtio-serial: fix heapover-flow Check device having the feature of VIRTIO_CONSOLE_F_EMERG_WRITE before get config->emerg_wr. It is neccessary because sizeof(virtio_console_config) is 8 byte if VirtIOSerial doesn't have the feature of VIRTIO_CONSOLE_F_EMERG_WRITE(see virtio_serial_device_realize), read/write emerg_wr will lead to heap-over-flow. Signed-off-by: linzhecheng Message-Id: <20180328133435.20112-1-linzhecheng@huawei.com> Signed-off-by: Paolo Bonzini --- hw/char/virtio-serial-bus.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/hw/char/virtio-serial-bus.c b/hw/char/virtio-serial-bus.c index 9470bd7be7..d2dd8ab502 100644 --- a/hw/char/virtio-serial-bus.c +++ b/hw/char/virtio-serial-bus.c @@ -580,13 +580,16 @@ static void set_config(VirtIODevice *vdev, const uint8_t *config_data) VirtIOSerial *vser = VIRTIO_SERIAL(vdev); struct virtio_console_config *config = (struct virtio_console_config *)config_data; - uint8_t emerg_wr_lo = le32_to_cpu(config->emerg_wr); VirtIOSerialPort *port = find_first_connected_console(vser); VirtIOSerialPortClass *vsc; + uint8_t emerg_wr_lo; - if (!config->emerg_wr) { + if (!virtio_has_feature(vser->host_features, + VIRTIO_CONSOLE_F_EMERG_WRITE) || !config->emerg_wr) { return; } + + emerg_wr_lo = le32_to_cpu(config->emerg_wr); /* Make sure we don't misdetect an emergency write when the guest * does a short config write after an emergency write. */ config->emerg_wr = 0; From 8dc0bf2647919f9f3e06380d8c748ef5b33b545d Mon Sep 17 00:00:00 2001 From: Michal Privoznik Date: Tue, 3 Apr 2018 15:12:14 +0200 Subject: [PATCH 15/20] qemu-pr-helper: Daemonize before dropping privileges After we've dropped privileges it might be not possible to write pidfile. For instance, if this binary is run as root (because user wants it to write pidfile to some privileged location) writing pidfile fails because privileges are dropped before we even get to that. Signed-off-by: Michal Privoznik Signed-off-by: Paolo Bonzini --- scsi/qemu-pr-helper.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/scsi/qemu-pr-helper.c b/scsi/qemu-pr-helper.c index 21e1b8ea60..eeff80acf2 100644 --- a/scsi/qemu-pr-helper.c +++ b/scsi/qemu-pr-helper.c @@ -1081,13 +1081,6 @@ int main(int argc, char **argv) accept_client, NULL, NULL); -#ifdef CONFIG_LIBCAP - if (drop_privileges() < 0) { - error_report("Failed to drop privileges: %s", strerror(errno)); - exit(EXIT_FAILURE); - } -#endif - if (daemonize) { if (daemon(0, 0) < 0) { error_report("Failed to daemonize: %s", strerror(errno)); @@ -1096,6 +1089,13 @@ int main(int argc, char **argv) write_pidfile(); } +#ifdef CONFIG_LIBCAP + if (drop_privileges() < 0) { + error_report("Failed to drop privileges: %s", strerror(errno)); + exit(EXIT_FAILURE); + } +#endif + state = RUNNING; do { main_loop_wait(false); From bd6b1c8324171e26eb2ce23d5a832bc8c4cf941b Mon Sep 17 00:00:00 2001 From: Michal Privoznik Date: Tue, 3 Apr 2018 15:12:15 +0200 Subject: [PATCH 16/20] qemu-pr-helper: Write pidfile more often Let's write pidfile even if user did not request --daemon but they requested just --pidfile. Libvirt will use exactly this. Signed-off-by: Michal Privoznik Signed-off-by: Paolo Bonzini --- scsi/qemu-pr-helper.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/scsi/qemu-pr-helper.c b/scsi/qemu-pr-helper.c index eeff80acf2..d0f83176e1 100644 --- a/scsi/qemu-pr-helper.c +++ b/scsi/qemu-pr-helper.c @@ -924,6 +924,7 @@ int main(int argc, char **argv) Error *local_err = NULL; char *trace_file = NULL; bool daemonize = false; + bool pidfile_specified = false; unsigned socket_activation; struct sigaction sa_sigterm; @@ -954,6 +955,7 @@ int main(int argc, char **argv) case 'f': g_free(pidfile); pidfile = g_strdup(optarg); + pidfile_specified = true; break; #ifdef CONFIG_LIBCAP case 'u': { @@ -1086,9 +1088,11 @@ int main(int argc, char **argv) error_report("Failed to daemonize: %s", strerror(errno)); exit(EXIT_FAILURE); } - write_pidfile(); } + if (daemonize || pidfile_specified) + write_pidfile(); + #ifdef CONFIG_LIBCAP if (drop_privileges() < 0) { error_report("Failed to drop privileges: %s", strerror(errno)); From 01366ef9a4a6dd1240614960561cdba5e7220d14 Mon Sep 17 00:00:00 2001 From: Thomas Huth Date: Fri, 16 Mar 2018 10:51:30 +0100 Subject: [PATCH 17/20] device-crash-test: Remove fixed isa-fdc entry Fixed by commit b3da551 ("fdc: Exit if ISA controller does not support DMA", 2018-03-16). Signed-off-by: Thomas Huth Signed-off-by: Paolo Bonzini --- scripts/device-crash-test | 1 - 1 file changed, 1 deletion(-) diff --git a/scripts/device-crash-test b/scripts/device-crash-test index 24c7bf5a16..5d17dc68dd 100755 --- a/scripts/device-crash-test +++ b/scripts/device-crash-test @@ -217,7 +217,6 @@ ERROR_WHITELIST = [ {'exitcode':-6, 'log':r"Object .* is not an instance of type generic-pc-machine", 'loglevel':logging.ERROR}, {'exitcode':-6, 'log':r"Object .* is not an instance of type e500-ccsr", 'loglevel':logging.ERROR}, {'exitcode':-6, 'log':r"vmstate_register_with_alias_id: Assertion `!se->compat \|\| se->instance_id == 0' failed", 'loglevel':logging.ERROR}, - {'exitcode':-6, 'device':'isa-fdc', 'loglevel':logging.ERROR, 'expected':True}, {'exitcode':-11, 'device':'isa-serial', 'loglevel':logging.ERROR, 'expected':True}, {'exitcode':-11, 'device':'mioe3680_pci', 'loglevel':logging.ERROR, 'expected':True}, {'exitcode':-11, 'device':'pcm3680_pci', 'loglevel':logging.ERROR, 'expected':True}, From 84c868f6b8f8c1be9d3d65df93cf00b30821401c Mon Sep 17 00:00:00 2001 From: Eric Blake Date: Tue, 27 Mar 2018 15:21:51 -0500 Subject: [PATCH 18/20] dump: Fix build with newer gcc gcc 8 on rawhide is picky enough to complain: /home/dummy/qemu/dump.c: In function 'create_header32': /home/dummy/qemu/dump.c:817:5: error: 'strncpy' output truncated before terminating nul copying 8 bytes from a string of the same length [-Werror=stringop-truncation] strncpy(dh->signature, KDUMP_SIGNATURE, strlen(KDUMP_SIGNATURE)); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ But we already have SIG_LEN defined as the right length without needing to do a strlen(), and memcpy() is better than strncpy() when we know we do not want a trailing NUL byte. Signed-off-by: Eric Blake Signed-off-by: Paolo Bonzini --- dump.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dump.c b/dump.c index 669f715274..b54cd42b21 100644 --- a/dump.c +++ b/dump.c @@ -814,7 +814,7 @@ static void create_header32(DumpState *s, Error **errp) size = sizeof(DiskDumpHeader32); dh = g_malloc0(size); - strncpy(dh->signature, KDUMP_SIGNATURE, strlen(KDUMP_SIGNATURE)); + memcpy(dh->signature, KDUMP_SIGNATURE, SIG_LEN); dh->header_version = cpu_to_dump32(s, 6); block_size = s->dump_info.page_size; dh->block_size = cpu_to_dump32(s, block_size); @@ -926,7 +926,7 @@ static void create_header64(DumpState *s, Error **errp) size = sizeof(DiskDumpHeader64); dh = g_malloc0(size); - strncpy(dh->signature, KDUMP_SIGNATURE, strlen(KDUMP_SIGNATURE)); + memcpy(dh->signature, KDUMP_SIGNATURE, SIG_LEN); dh->header_version = cpu_to_dump32(s, 6); block_size = s->dump_info.page_size; dh->block_size = cpu_to_dump32(s, block_size); From 3bd2608db729974ae469574fe087e9724b3fd2ee Mon Sep 17 00:00:00 2001 From: Eric Blake Date: Mon, 26 Mar 2018 13:41:47 -0500 Subject: [PATCH 19/20] maint: Add .mailmap entries for patches claiming list authorship The list did not author any patches, but it does rewrite the 'From:' header of messages sent from any domain with restrictive SPF policies that would otherwise prevent the message from reaching all list recipients. If a maintainer is not careful to undo the list header rewrite, and the author did not include a manual 'From:' line in the body to fix the munged header, then 'git am' happily attributes the patch to the list. Add some mailmap entries to correct the few that have escaped our attention; while we also work on improving the tooling to catch the problem in the future before a merge is even made. Also improve the comments occurring in the file, including line length improvements. Signed-off-by: Eric Blake Signed-off-by: Paolo Bonzini --- .mailmap | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/.mailmap b/.mailmap index cf689b9ec9..778a4d4e2c 100644 --- a/.mailmap +++ b/.mailmap @@ -1,6 +1,7 @@ -# This mailmap just translates the weird addresses from the original import into git -# into proper addresses so that they are counted properly in git shortlog output. -# +# This mailmap fixes up author names/addresses. + +# The first section translates weird addresses from the original git import +# into proper addresses so that they are counted properly by git shortlog. Andrzej Zaborowski balrog Anthony Liguori aliguori Anthony Liguori Anthony Liguori @@ -15,10 +16,19 @@ Paul Burton Paul Burton Thiemo Seufer ths malc malc + # There is also a: # (no author) <(no author)@c046a42c-6fe2-441c-8c8c-71466251a162> # for the cvs2svn initialization commit e63c3dc74bf. -# + +# Next, translate a few commits where mailman rewrote the From: line due +# to strict SPF, although we prefer to avoid adding more entries like that. +Ed Swierk Ed Swierk via Qemu-devel +Ian McKellar Ian McKellar via Qemu-devel +Julia Suvorova Julia Suvorova via Qemu-devel +Justin Terry (VM) Justin Terry (VM) via Qemu-devel + + # Also list preferred name forms where people have changed their # git author config Daniel P. Berrangé From e0014d4b3a955cfd8d517674703bfa87f340290a Mon Sep 17 00:00:00 2001 From: Eugene Minibaev Date: Fri, 6 Apr 2018 16:41:52 +0300 Subject: [PATCH 20/20] Add missing bit for SSE instr in VEX decoding The 2-byte VEX prefix imples a leading 0Fh opcode byte. Signed-off-by: Eugene Minibaev Signed-off-by: Paolo Bonzini --- target/i386/translate.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/target/i386/translate.c b/target/i386/translate.c index 3b7ce9232e..c9ed8dc709 100644 --- a/target/i386/translate.c +++ b/target/i386/translate.c @@ -4563,9 +4563,11 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu) #endif rex_r = (~vex2 >> 4) & 8; if (b == 0xc5) { + /* 2-byte VEX prefix: RVVVVlpp, implied 0f leading opcode byte */ vex3 = vex2; - b = x86_ldub_code(env, s); + b = x86_ldub_code(env, s) | 0x100; } else { + /* 3-byte VEX prefix: RXBmmmmm wVVVVlpp */ #ifdef TARGET_X86_64 s->rex_x = (~vex2 >> 3) & 8; s->rex_b = (~vex2 >> 2) & 8;