Commit Graph

92058 Commits

Author SHA1 Message Date
Richard Henderson
b1641c5097 virtio,pci,pc: bugfixes
Lots of small fixes all over the place.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 
 iQFDBAABCAAtFiEEXQn9CHHI+FuUyooNKB8NuNKNVGkFAmGk2o4PHG1zdEByZWRo
 YXQuY29tAAoJECgfDbjSjVRpAP0H/i47erp9gRr4XXUd71mhwVeIj7SOwGIJYvuf
 YAHnFPu/Hvtl0zMQ3tHsUFV4ak7SeyJpqTIspTrhRF5WN9RB2drF+bVEUM+zVLiC
 dNpstDu1E3Po3RBMLwVBQK0fheo+n680wmgiB5I4H9xTukszRmRm3evIjZQpMwZ+
 Gx9WLW4ghG3fRJyXbZFDzOW2nlD/LUIQQ9ZZk9no3jULzbFS5hDFP1yxTOKZOGYk
 JeITGHx+ODIIBla5KIUkH2yDYurHvKoOzpxo1qLr65EmVMuq4TT1DjaAM0SRg8YO
 X+osx1AZRW7ZznYOUEiJuWru8QDM/BD0t91oR1kZAaEdaF3gYB8=
 =w54r
 -----END PGP SIGNATURE-----

Merge tag 'for_upstream' of git://git.kernel.org/pub/scm/virt/kvm/mst/qemu into staging

virtio,pci,pc: bugfixes

Lots of small fixes all over the place.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Mon 29 Nov 2021 02:50:06 PM CET
# gpg:                using RSA key 5D09FD0871C8F85B94CA8A0D281F0DB8D28D5469
# gpg:                issuer "mst@redhat.com"
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full]
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>" [full]

* tag 'for_upstream' of git://git.kernel.org/pub/scm/virt/kvm/mst/qemu:
  Fix bad overflow check in hw/pci/pcie.c
  intel-iommu: ignore leaf SNP bit in scalable mode
  virtio-balloon: correct used length
  virtio-balloon: process all in sgs for free_page_vq
  vdpa: Add dummy receive callback
  failover: fix unplug pending detection
  virtio-mmio : fix the crash in the vm shutdown

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-29 15:23:17 +01:00
Andreas Schwab
0a761ce303 linux-user: implement more loop ioctls
LOOP_CONFIGURE is now used by losetup, and it cannot cope with ENOSYS.

Signed-off-by: Andreas Schwab <schwab@suse.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <mvmtug4mbfx.fsf_-_@suse.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2021-11-29 14:54:17 +01:00
Daniella Lee
bacf58ca18 Fix bad overflow check in hw/pci/pcie.c
Orginal qemu commit hash:14d02cfbe4adaeebe7cb833a8cc71191352cf03b

In function pcie_add_capability, an assert contains the
"offset < offset + size" expression.
Both variable offset and variable size are uint16_t,
the comparison is always true due to type promotion.
The next expression may be the same.

It might be like this:
Thread 1 "qemu-system-x86" hit Breakpoint 1, pcie_add_capability (
    dev=0x555557ce5f10, cap_id=1, cap_ver=2 '\002', offset=256, size=72)
    at ../hw/pci/pcie.c:930
930	{
(gdb) n
931	    assert(offset >= PCI_CONFIG_SPACE_SIZE);
(gdb) n
932	    assert(offset < offset + size);
(gdb) p offset
$1 = 256
(gdb) p offset < offset + size
$2 = 1
(gdb) set offset=65533
(gdb) p offset < offset + size
$3 = 1
(gdb) p offset < (uint16_t)(offset + size)
$4 = 0

Signed-off-by: Daniella Lee <daniellalee111@gmail.com>
Message-Id: <20211126061324.47331-1-daniellalee111@gmail.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-11-29 08:49:36 -05:00
Jason Wang
0192d6677c intel-iommu: ignore leaf SNP bit in scalable mode
When booting with scalable mode, I hit this error:

qemu-system-x86_64: vtd_iova_to_slpte: detected splte reserve non-zero iova=0xfffff002, level=0x1slpte=0x102681803)
qemu-system-x86_64: vtd_iommu_translate: detected translation failure (dev=01:00:00, iova=0xfffff002)
qemu-system-x86_64: New fault is not recorded due to compression of faults

This is because the SNP bit is set for second level page table since
Linux kernel commit 6c00612d0cba1 ("iommu/vt-d: Report right snoop
capability when using FL for IOVA") even if SC is not supported by the
hardware.

To unbreak the guest, ignore the leaf SNP bit for scalable mode
first. In the future we may consider to add SC support.

Signed-off-by: Jason Wang <jasowang@redhat.com>
Message-Id: <20211129033618.3857-1-jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
2021-11-29 08:49:36 -05:00
Jason Wang
d3f1f940eb virtio-balloon: correct used length
Spec said:

"and len the total of bytes written into the buffer."

For inflateq, deflateq and statsq, we don't process in_sg so the used
length should be zero. For free_page_vq, tough the pages could be
changed by the device (in the destination), spec said:

"Note: len is particularly useful for drivers using untrusted buffers:
if a driver does not know exactly how much has been written by the
device, the driver would have to zero the buffer in advance to ensure
no data leakage occurs."

So 0 should be used as well here.

Signed-off-by: Jason Wang <jasowang@redhat.com>
Message-Id: <20211129030841.3611-2-jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
2021-11-29 08:49:36 -05:00
Jason Wang
0fe7245d8b virtio-balloon: process all in sgs for free_page_vq
We only process the first in sg which may lead to the bitmap of the
pages belongs to following sgs were not cleared. This may result more
pages to be migrated. Fixing this by process all in sgs for
free_page_vq.

Acked-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Message-Id: <20211129030841.3611-1-jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-11-29 08:49:36 -05:00
Richard Henderson
e750c10167 target-arm queue:
* virt: Diagnose attempts to enable MTE or virt when using HVF accelerator
  * GICv3 ITS: Allow clearing of ITS CTLR Enabled bit
  * GICv3: Update cached state after LPI state changes
  * GICv3: Fix handling of LPIs in list registers
 -----BEGIN PGP SIGNATURE-----
 
 iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmGkrMYZHHBldGVyLm1h
 eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3jFCD/9QHZGiKLBkcJx1PNKqtpLh
 OIg3xheECzLT6KVQMQGxYwxo5oeKApjmny5F+/LsuP5y9PxgiFgxeh1OnEj8Z4gZ
 r6CIqWw9+Gpyye9tUCfB7SqAJvGTDKyfxJg8PVILT/+LTDPjubZ0QCQH67ktCI5+
 oYA44QlTS2z3+oPCPmrj5d09h3u1V62vSJzGF1agQKUUZ2YFN3KYJwAjPr/utvkC
 0lBx/qM/kwWGP0JRUvD+fzR+wie6ebMub5TlTr1UtUxNiju53ITPYf6rLdj8KNS7
 rfGToIJxz7o2RjRyy3sLBEn/YzLnKlS61BXf9wEdDNtKiiMkvXCkzILGCFkydmvW
 qdo2NSOXAsk8F1qwo0Ca3YGuRMy9jCPlE3FSEz7F6OL2cp5VgpjK54yJVlPG4vaT
 xqAJ7JhHu64r9jDfdM1MWvaUPQ5Aggk3QL8HKhEFb4RwKg+VGsh2kz7LC51whfw7
 ocEq5YVGuy59ERD3MFsDS/KK2UvLUB0bXgOtAi/wbjpr8QYRgGZAticOoj5zHeOe
 dvAEfbzecGfB5frOvB4K1Xw9PsJrPT1IgK9T/G67E6gpmd6WS5hh3YXrGrHgYHrX
 fZ/KOBM1390NuaZ5tIgPZsSJAyJJIPt/tFrRic0XV/6m7svpwPfSNQZ+eJPdW3m+
 qa9XLvxR6P3bU+2OkeKXfA==
 =/KcE
 -----END PGP SIGNATURE-----

Merge tag 'pull-target-arm-20211129' of https://git.linaro.org/people/pmaydell/qemu-arm into staging

target-arm queue:
 * virt: Diagnose attempts to enable MTE or virt when using HVF accelerator
 * GICv3 ITS: Allow clearing of ITS CTLR Enabled bit
 * GICv3: Update cached state after LPI state changes
 * GICv3: Fix handling of LPIs in list registers

# gpg: Signature made Mon 29 Nov 2021 11:34:46 AM CET
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [full]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [full]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [full]

* tag 'pull-target-arm-20211129' of https://git.linaro.org/people/pmaydell/qemu-arm:
  hw/intc/arm_gicv3: fix handling of LPIs in list registers
  hw/intc/arm_gicv3: Add new gicv3_intid_is_special() function
  hw/intc/arm_gicv3: Update cached state after LPI state changes
  hw/intc: cannot clear GICv3 ITS CTLR[Enabled] bit
  hw/arm/virt: Extend nested and mte checks to hvf

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-29 11:56:07 +01:00
Peter Maydell
90feffad2a hw/intc/arm_gicv3: fix handling of LPIs in list registers
It is valid for an OS to put virtual interrupt ID values into the
list registers ICH_LR<n> which are greater than 1023.  This
corresponds to (for example) KVM using the in-kernel emulated ITS to
give a (nested) guest an ITS.  LPIs are delivered by the L1 kernel to
the L2 guest via the list registers in the same way as non-LPI
interrupts.

QEMU's code for handling writes to ICV_IARn (which happen when the L2
guest acknowledges an interrupt) and to ICV_EOIRn (which happen at
the end of the interrupt) did not consider LPIs, so it would
incorrectly treat interrupt IDs above 1023 as invalid.  Fix this by
using the correct condition, which is gicv3_intid_is_special().

Note that the condition in icv_dir_write() is correct -- LPIs
are not valid there and so we want to ignore both "special" ID
values and LPIs.

(In the pseudocode this logic is in:
 - VirtualReadIAR0(), VirtualReadIAR1(), which call IsSpecial()
 - VirtualWriteEOIR0(), VirtualWriteEOIR1(), which call
     VirtualIdentifierValid(data, TRUE) meaning "LPIs OK"
 - VirtualWriteDIR(), which calls VirtualIdentifierValid(data, FALSE)
     meaning "LPIs not OK")

This bug doesn't seem to have any visible effect on Linux L2 guests
most of the time, because the two bugs cancel each other out: we
neither mark the interrupt active nor deactivate it.  However it does
mean that the L2 vCPU priority while the LPI handler is running will
not be correct, so the interrupt handler could be unexpectedly
interrupted by a different interrupt.

(NB: this has nothing to do with using QEMU's emulated ITS.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Marc Zyngier <maz@kernel.org>
2021-11-29 10:10:21 +00:00
Eugenio Pérez
846a1e85da vdpa: Add dummy receive callback
Qemu falls back on userland handlers even if vhost-user and vhost-vdpa
cases. These assumes a tap device can handle the packets.

If a vdpa device fail to start, it can trigger a sigsegv because of
that. Add dummy receiver that returns no progress so it can keep
running.

Fixes: 1e0a84ea49 ("vhost-vdpa: introduce vhost-vdpa net client")
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
Message-Id: <20211125101614.76927-2-eperezma@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Jason Wang <jasowang@redhat.com>
2021-11-28 17:03:52 -05:00
Laurent Vivier
9323f892b3 failover: fix unplug pending detection
Failover needs to detect the end of the PCI unplug to start migration
after the VFIO card has been unplugged.

To do that, a flag is set in pcie_cap_slot_unplug_request_cb() and reset in
pcie_unplug_device().

But since
    17858a1695 ("hw/acpi/ich9: Set ACPI PCI hot-plug as default on Q35")
we have switched to ACPI unplug and these functions are not called anymore
and the flag not set. So failover migration is not able to detect if card
is really unplugged and acts as it's done as soon as it's started. So it
doesn't wait the end of the unplug to start the migration. We don't see any
problem when we test that because ACPI unplug is faster than PCIe native
hotplug and when the migration really starts the unplug operation is
already done.

See c000a9bd06 ("pci: mark device having guest unplug request pending")
    a99c4da9fc ("pci: mark devices partially unplugged")

Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: Ani Sinha <ani@anisinha.ca>
Message-Id: <20211118133225.324937-4-lvivier@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-11-28 17:03:52 -05:00
Cindy Lu
7abba7c638 virtio-mmio : fix the crash in the vm shutdown
The root cause for this crash is the ioeventfd not stopped while the VM stop.
The callback for vmstate_change was not implement in virtio-mmio bus

Reproduce step
load the vm with
 -M microvm \
  -netdev tap,id=net0,vhostforce,script=no,downscript=no  \
  -device virtio-net-device,netdev=net0\

After the VM boot, login the vm and then shutdown the vm

System will crash
[Current thread is 1 (Thread 0x7ffff6edde00 (LWP 374378))]
(gdb) bt
0  0x00005555558f18b4 in qemu_flush_or_purge_queued_packets (purge=false, nc=0x55500252e850) at ../net/net.c:636
1  qemu_flush_queued_packets (nc=0x55500252e850) at ../net/net.c:656
2  0x0000555555b6c363 in virtio_queue_notify_vq (vq=0x7fffe7e2b010) at ../hw/virtio/virtio.c:2339
3  virtio_queue_host_notifier_read (n=0x7fffe7e2b08c) at ../hw/virtio/virtio.c:3583
4  0x0000555555de7b5a in aio_dispatch_handler (ctx=ctx@entry=0x5555567c5780, node=0x555556b83fd0) at ../util/aio-posix.c:329
5  0x0000555555de8454 in aio_dispatch_ready_handlers (ready_list=<optimized out>, ctx=<optimized out>) at ../util/aio-posix.c:359
6  aio_poll (ctx=0x5555567c5780, blocking=blocking@entry=false) at ../util/aio-posix.c:662
7  0x0000555555cce0cc in monitor_cleanup () at ../monitor/monitor.c:645
8  0x0000555555b06bd2 in qemu_cleanup () at ../softmmu/runstate.c:822
9  0x000055555586e693 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at ../softmmu/main.c:51

Signed-off-by: Cindy Lu <lulu@redhat.com>
Message-Id: <20211109023744.22387-1-lulu@redhat.com>
Acked-by: Jason Wang <jasowang@redhat.com
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-11-28 17:03:52 -05:00
Peter Maydell
b74d7c0e50 hw/intc/arm_gicv3: Add new gicv3_intid_is_special() function
The GICv3/v4 pseudocode has a function IsSpecial() which returns true
if passed a "special" interrupt ID number (anything between 1020 and
1023 inclusive).  We open-code this condition in a couple of places,
so abstract it out into a new function gicv3_intid_is_special().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Marc Zyngier <maz@kernel.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
2021-11-26 16:58:57 +00:00
Peter Maydell
101f27f3c8 hw/intc/arm_gicv3: Update cached state after LPI state changes
The logic of gicv3_redist_update() is as follows:
 * it must be called in any code path that changes the state of
   (only) redistributor interrupts
 * if it finds a redistributor interrupt that is (now) higher
   priority than the previous highest-priority pending interrupt,
   then this must be the new highest-priority pending interrupt
 * if it does *not* find a better redistributor interrupt, then:
    - if the previous state was "no interrupts pending" then
      the new state is still "no interrupts pending"
    - if the previous best interrupt was not a redistributor
      interrupt then that remains the best interrupt
    - if the previous best interrupt *was* a redistributor interrupt,
      then the new best interrupt must be some non-redistributor
      interrupt, but we don't know which so must do a full scan

In commit 17fb5e36aa we effectively added the LPI interrupts
as a kind of "redistributor interrupt" for this purpose, by adding
cs->hpplpi to the set of things that gicv3_redist_update() considers
before it gives up and decides to do a full scan of distributor
interrupts. However we didn't quite get this right:
 * the condition check for "was the previous best interrupt a
   redistributor interrupt" must be updated to include LPIs
   in what it considers to be redistributor interrupts
 * every code path which updates the LPI state which
   gicv3_redist_update() checks must also call gicv3_redist_update():
   this is cs->hpplpi and the GICR_CTLR ENABLE_LPIS bit

This commit fixes this by:
 * correcting the test on cs->hppi.irq in gicv3_redist_update()
 * making gicv3_redist_update_lpi() always call gicv3_redist_update()
 * introducing a new gicv3_redist_update_lpi_only() for the one
   callsite (the post-load hook) which must not call
   gicv3_redist_update()
 * making gicv3_redist_lpi_pending() always call gicv3_redist_update(),
   either directly or via gicv3_redist_update_lpi()
 * removing a couple of now-unnecessary calls to gicv3_redist_update()
   from some callers of those two functions
 * calling gicv3_redist_update() when the GICR_CTLR ENABLE_LPIS
   bit is cleared

(This means that the not-file-local gicv3_redist_* LPI related
functions now all take care of the updates of internally cached
GICv3 information, in the same way the older functions
gicv3_redist_set_irq() and gicv3_redist_send_sgi() do.)

The visible effect of this bug was that when the guest acknowledged
an LPI by reading ICC_IAR1_EL1, we marked it as not pending in the
LPI data structure but still left it in cs->hppi so we would offer it
to the guest again.  In particular for setups using an emulated GICv3
and ITS and using devices which use LPIs (ie PCI devices) a Linux
guest would complain "irq 54: nobody cared" and then hang.  (The hang
was intermittent, presumably depending on the timing between
different interrupts arriving and being completed.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20211124202005.989935-1-peter.maydell@linaro.org
2021-11-26 16:57:51 +00:00
Shashi Mallela
2f459cd1a8 hw/intc: cannot clear GICv3 ITS CTLR[Enabled] bit
When Enabled bit is cleared in GITS_CTLR,ITS feature continues
to be enabled.This patch fixes the issue.

Signed-off-by: Shashi Mallela <shashi.mallela@linaro.org>
Tested-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20211124182246.67691-1-shashi.mallela@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-11-26 16:54:09 +00:00
Alexander Graf
bede01170e hw/arm/virt: Extend nested and mte checks to hvf
The virt machine has properties to enable MTE and Nested Virtualization
support. However, its check to ensure the backing accel implementation
supports it today only looks for KVM and bails out if it finds it.

Extend the checks to HVF as well as it does not support either today.
This will cause QEMU to print a useful error message rather than
silently ignoring the attempt by the user to enable either MTE or
the Virtualization extensions.

Reported-by: saar amar <saaramar5@gmail.com>
Signed-off-by: Alexander Graf <agraf@csgraf.de>
Message-id: 20211123122859.22452-1-agraf@csgraf.de
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-11-26 16:51:21 +00:00
Richard Henderson
dd4b0de459 Fix version for v6.2.0-rc2 release
Typo while setting VERSION in the tag commit.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-26 11:58:54 +01:00
Richard Henderson
14d02cfbe4 Update version for v6.2.0-rc2 release
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-24 16:50:54 +01:00
Richard Henderson
35133781bd Block patches for 6.2-rc2:
- Fix memory leak in vvfat when vvfat_open() fails
 - iotest fixes for the gnutls crypto backend
 -----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEEy2LXoO44KeRfAE00ofpA0JgBnN8FAmGdD40SHGhyZWl0ekBy
 ZWRoYXQuY29tAAoJEKH6QNCYAZzf/CwQAKBCQS7HhSxNbXuDGlX6uxLOZ8cQCsWi
 bgty//YEBxEm0p8xJU/BSTwFMWBvGqSyGw6fYrH1YOmQMaec5kMyGJFf++a029DW
 +liqTGOM5HCOXt1Ky7siVcaPtPC5w2fxK0SVhqnPazKhACuJbwfu2noH65RY0IL5
 wnVQvAG04Puwpv0/rXuMGIap5lxO8NTXZ7K9jH+L5eAvlYa8z7XWh7RgWS8s92YK
 nxIXkcYmsZLkbpRRQbP/5epckpQeMVjkqTWkjecYOfCMIGEY9IEI5Dsiz+c+S5rd
 JZGsPY2mEJko4VYAdMUvyIVHWpL0cVv0cWmSxrJBJ+iqHaFkT8hEY3CtHzkGcb0Q
 N8GxLTyVf4Nh3Dsyx/T3WvrGCJyaCpypG+kCTldSk8RSDa3rNuaMoKyVa7P4Hno5
 xxEItEulozzyzGtqnJjQtFq06KlAK1nC5Y16S/77wivYsTw3ywS0sCB5qJNBQ0DP
 MQ96KadJBMb7tp/IbtArFOQjp2cUO+QKz1/U3Vuw2sEp+fUBTERR1u7zgBdfVGt0
 lZa6ThXBN471Dxg8vpJtFDn+7zXm9APpTtsMYYbanbaKX5dlLIUA4Xr6/C58cUAk
 xjky2bJvraTVt74glsRaOa+venMiNJzXJ/vw82nNRJQZ/bfFlsFh8oz+w1G8uqYE
 TkzgJ+P1S9JM
 =Cel9
 -----END PGP SIGNATURE-----

Merge tag 'pull-block-2021-11-23' of https://gitlab.com/hreitz/qemu into staging

Block patches for 6.2-rc2:
- Fix memory leak in vvfat when vvfat_open() fails
- iotest fixes for the gnutls crypto backend

# gpg: Signature made Tue 23 Nov 2021 04:58:05 PM CET
# gpg:                using RSA key CB62D7A0EE3829E45F004D34A1FA40D098019CDF
# gpg:                issuer "hreitz@redhat.com"
# gpg: Good signature from "Hanna Reitz <hreitz@redhat.com>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: CB62 D7A0 EE38 29E4 5F00  4D34 A1FA 40D0 9801 9CDF

* tag 'pull-block-2021-11-23' of https://gitlab.com/hreitz/qemu:
  iotests/149: Skip on unsupported ciphers
  iotests: Use aes-128-cbc
  block/vvfat.c fix leak when failure occurs

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-23 17:22:21 +01:00
Hanna Reitz
4dd218fd07 iotests/149: Skip on unsupported ciphers
Whenever qemu-img or qemu-io report that some cipher is unsupported,
skip the whole test, because that is probably because qemu has been
configured with the gnutls crypto backend.

We could taylor the algorithm list to what gnutls supports, but this is
a test that is run rather rarely anyway (because it requires
password-less sudo), and so it seems better and easier to skip it.  When
this test is intentionally run to check LUKS compatibility, it seems
better not to limit the algorithms but keep the list extensive.

Signed-off-by: Hanna Reitz <hreitz@redhat.com>
Message-Id: <20211117151707.52549-3-hreitz@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-11-23 15:39:12 +01:00
Hanna Reitz
cb5a24d7f6 iotests: Use aes-128-cbc
Our gnutls crypto backend (which is the default as of 8bd0931f6)
supports neither twofish-128 nor the CTR mode.  CBC and aes-128 are
supported by all of our backends (as far as I can tell), so use
aes-128-cbc in our iotests.

(We could also use e.g. aes-256-cbc, but the different key sizes would
lead to different key slot offsets and so change the reference output
more, which is why I went with aes-128.)

Signed-off-by: Hanna Reitz <hreitz@redhat.com>
Message-Id: <20211117151707.52549-2-hreitz@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Tested-by: Thomas Huth <thuth@redhat.com>
2021-11-23 15:39:12 +01:00
Daniella Lee
22c36b75c8 block/vvfat.c fix leak when failure occurs
Function vvfat_open called function enable_write_target and init_directories,
and these functions malloc new memory for BDRVVVFATState::qcow_filename,
BDRVVVFATState::used_clusters, and BDRVVVFATState::cluster_buff.

When the specified folder does not exist ,it may contains memory leak.
After init_directories function is executed, the vvfat_open return -EIO,
and bdrv_open_driver goto label open_failed,
the program use g_free(bs->opaque) to release BDRVVVFATState struct
without members mentioned.

command line:
qemu-system-x86_64 -hdb <vdisk qcow file>  -usb -device usb-storage,drive=fat16
-drive file=fat:rw:fat-type=16:"<path of a host folder does not exist>",
id=fat16,format=raw,if=none

enable_write_target called:
(gdb) bt
    at ../block/vvfat.c:3114
    flags=155650, errp=0x7fffffffd780) at ../block/vvfat.c:1236
    node_name=0x0, options=0x555556fa45d0, open_flags=155650,
    errp=0x7fffffffd890) at ../block.c:1558
    errp=0x7fffffffd890) at ../block.c:1852
    reference=0x0, options=0x555556fa45d0, flags=40962, parent=0x555556f98cd0,
    child_class=0x555556b1d6a0 <child_of_bds>, child_role=19,
    errp=0x7fffffffda90) at ../block.c:3779
    options=0x555556f9cfc0, bdref_key=0x555556239bb8 "file",
    parent=0x555556f98cd0, child_class=0x555556b1d6a0 <child_of_bds>,
    child_role=19, allow_none=true, errp=0x7fffffffda90) at ../block.c:3419
    reference=0x0, options=0x555556f9cfc0, flags=8194, parent=0x0,
    child_class=0x0, child_role=0, errp=0x555556c98c40 <error_fatal>)
    at ../block.c:3726
    options=0x555556f757b0, flags=0, errp=0x555556c98c40 <error_fatal>)
    at ../block.c:3872
    options=0x555556f757b0, flags=0, errp=0x555556c98c40 <error_fatal>)
    at ../block/block-backend.c:436
    bs_opts=0x555556f757b0, errp=0x555556c98c40 <error_fatal>)
    at ../blockdev.c:608
    errp=0x555556c98c40 <error_fatal>) at ../blockdev.c:992
......

Signed-off-by: Daniella Lee <daniellalee111@gmail.com>
Message-Id: <20211119112553.352222-1-daniellalee111@gmail.com>
[hreitz: Took commit message from v1]
Signed-off-by: Hanna Reitz <hreitz@redhat.com>
2021-11-23 15:39:12 +01:00
Richard Henderson
73e0f70e09 Create common rewind_if_in_safe_syscall function.
Resolves pointer type issues with uc_mcontext.pc
 on aarch64 between glibc and musl.
 -----BEGIN PGP SIGNATURE-----
 
 iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmGcqosdHHJpY2hhcmQu
 aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV84JAgAjk5PmFv5ARYa6GD1
 oXX+s5Z8YcBa/p7vflDQkZuStRFN8uddkp76LKhqZdaYmFQLFKvw/TIoHPrESvOW
 083FSRxvOjJLvoV+X+Lb2LrzwlYhSmTVoL8oQY7dCuo/lSIZR23TEFcfkPmOb3Qd
 Ill+7VpYY5YYwTEBWXB4DQKwuoZ2kBb9a9T1Dyo2fakCMghlv2ZYPC+8V/TiAdhT
 pH8Cxcj5KOHG6CBd/0qrlGGYPaSiSxeCNZBRGj2TCwlZlW2UIBQ88ee4rqFhwfnh
 QS5T+LJtcTAbL7D/8DRxi2ekdBRtVK0WXpwcurwizV4Kw7wzdepXp3Ls77IMk7PU
 nLO/jg==
 =J1Ha
 -----END PGP SIGNATURE-----

Merge tag 'pull-lu-20211123' of https://gitlab.com/rth7680/qemu into staging

Create common rewind_if_in_safe_syscall function.
Resolves pointer type issues with uc_mcontext.pc
on aarch64 between glibc and musl.

# gpg: Signature made Tue 23 Nov 2021 09:47:07 AM CET
# gpg:                using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg:                issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [ultimate]

* tag 'pull-lu-20211123' of https://gitlab.com/rth7680/qemu:
  linux-user/signal.c: Create a common rewind_if_in_safe_syscall
  linux-user: Add host_signal_set_pc to set pc in mcontext

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-23 11:33:14 +01:00
Richard Henderson
3c2a46d528 Python testing fixes for 6.2
A few more fixes to help eliminate race conditions from
 device-crash-test, along with a fix that allows the SCM_RIGHTS
 functionality to work on hosts that only have Python 3.6.
 
 If this is too much this late in the RC process, I'd advocate for at
 least patch 7/7 by itself.
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE+ber27ys35W+dsvQfe+BBqr8OQ4FAmGcU90ACgkQfe+BBqr8
 OQ7nIw//UF4tgL2Pmbc6Mh26iVXGBbgg1BkTnefUVHDAQRg5GSf988lERsppHCJl
 HoNVrn4brAVWapor9Za4b5qWAkkwszVraiU3mNzfqQFQfttf3sju+kEs7MvvlPma
 GaKk6iOBGEzX9hWSduzLDPjJn5MwNqVrGNxHU/MkS3WI09KdjnIW7W8HpasIC45V
 XRqHqjTFBklfhdBCH7/oh2pK4TYCfnu3ZNqJ0PGn0a3c+jA7kdTfy33WDTS2GnEN
 pUoHkvcTfjDW0tNIikXSSAT1GgtUk0JJe52zUJrK/sBGVLjGiI6+82Ro9pxA+7kT
 +75xnUAkMq9Fww20duJQxBZ86t1GwEtSkpuyCqa/YmsmDncx2Y+uB9hFf2vZzCZU
 DkaCuyASB7WfpIGRcUknzdfay5ovIjNmp46IjjdN2EbGIsLz8nzMMIXQnDSLnFmU
 tlGDl61vFQiQmbQk/Cka2VAp4o8nvgsJ4TOq+WZsXG4uGXdVOoE7UbcpcnvxnhSJ
 D7Vv87qRPXItBflPJh+3/CsuoUbXcrapIUjQhBPHJNBiZ18cUu9ikVgZynt4d78w
 PkOXF19+dHkyFyUbV+OazFUsR/PHZBOdtOr2upjd7DxQPmJtVa8A3ZC0xz5hJ9a+
 ViBXjpAmyflRE2tGo4lCnNuEfTG02zByjlwiCLwpLCOxtvUcHIY=
 =YtGD
 -----END PGP SIGNATURE-----

Merge tag 'python-pull-request' of https://gitlab.com/jsnow/qemu into staging

Python testing fixes for 6.2

A few more fixes to help eliminate race conditions from
device-crash-test, along with a fix that allows the SCM_RIGHTS
functionality to work on hosts that only have Python 3.6.

If this is too much this late in the RC process, I'd advocate for at
least patch 7/7 by itself.

# gpg: Signature made Tue 23 Nov 2021 03:37:17 AM CET
# gpg:                using RSA key F9B7ABDBBCACDF95BE76CBD07DEF8106AAFC390E
# gpg: Good signature from "John Snow (John Huston) <jsnow@redhat.com>" [full]

* tag 'python-pull-request' of https://gitlab.com/jsnow/qemu:
  python/aqmp: fix send_fd_scm for python 3.6.x
  scripts/device-crash-test: Use a QMP timeout
  python/machine: handle "fast" QEMU terminations
  python/machine: move more variable initializations to _pre_launch
  python/machine: add instance disambiguator to default nickname
  python/machine: remove _remove_monitor_sockfile property
  python/machine: add @sock_dir property

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-23 09:41:09 +01:00
Warner Losh
0763788868 linux-user/signal.c: Create a common rewind_if_in_safe_syscall
All instances of rewind_if_in_safe_syscall are the same, differing only
in how the instruction point is fetched from the ucontext and the size
of the registers. Use host_signal_pc and new host_signal_set_pc
interfaces to fetch the pointer to the PC and adjust if needed. Delete
all the old copies of rewind_if_in_safe_syscall.

Acked-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Warner Losh <imp@bsdimp.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20211113045603.60391-3-imp@bsdimp.com>
[rth: include safe-syscall.h, simplify ifdefs]
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-23 01:47:20 +01:00
Warner Losh
c6cda6a44a linux-user: Add host_signal_set_pc to set pc in mcontext
Add a new function host_signal_set_pc to set the next pc in an
mcontext. The caller should ensure this is a valid PC for execution.

Acked-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Warner Losh <imp@bsdimp.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20211113045603.60391-2-imp@bsdimp.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-23 01:47:01 +01:00
Richard Henderson
6d9c9603ad target-arm queue:
* drop spurious bump of ITS vmstate version fields
 -----BEGIN PGP SIGNATURE-----
 
 iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmGb5McZHHBldGVyLm1h
 eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3nH5D/4h8F33LnIRqeDJrBxy8o2t
 d+GqKMhU8fHpE8RoKgEaZFd9dSyxbhJRIV6p307XjMVOxDkLNumRxIp52AhVhd6X
 6JPXD4GK3IbyHZSdkouxNoGn1B4dSIW5dwurC2FCRB5kMTJehFxyOVvqpOAa7LwY
 AnRj3DvuAc7LVS6WWzTcn5ylpiL5DRTVDANuvpuI4Jkcf0r1Ce0iXMJZ4GhWtYCt
 BY0715/xj3vxBQBrF0W+SaJSXie4EyS7rBcgD63AAj+1JCe+ng82e1IGo9D69+7Z
 6btYrx8ezpp/iegybPqfZeAgAfizD5y0aPcajlM/ASEgC/yVxr0vrhufLihe20xg
 UwJDbVR89dl47T/Yo3meftfjH2AJHTnbbeDyiZdLl/0CdMGW4Q9DxWXyqZeF0n8c
 T4+xLd4PEmkRVv/RB7xCd9mDtxz7FVrG7ngkoU3fWnQBm87elck9tBHY1z3r8wUm
 wc9oxM0/TKBpE/Iq2laUFr7pfF2O87E0FkcMQ1z2LaOS5smdZuSceC7E1dnrPrsF
 PToolA/1fwQvEz6b1MUY7sJ5wTA/7yQxlFGolIEWLI5/vdMjQRwBigL5pW+AUWcb
 t30/42OlbBt1AMNryId4KtqWrLmpNaAVIaHfTJuI7BPdqes1T/ID7tHWvfhkemqs
 Ms7UmUcQS8tjqgc36qcvfA==
 =Hemo
 -----END PGP SIGNATURE-----

Merge tag 'pull-target-arm-20211122-1' of https://git.linaro.org/people/pmaydell/qemu-arm into staging

target-arm queue:
 * drop spurious bump of ITS vmstate version fields

# gpg: Signature made Mon 22 Nov 2021 07:43:19 PM CET
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [full]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [full]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [full]

* tag 'pull-target-arm-20211122-1' of https://git.linaro.org/people/pmaydell/qemu-arm:
  hw/intc/arm_gicv3_its: Revert version increments in vmstate_its

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-23 01:41:05 +01:00
John Snow
a57cb3e23d python/aqmp: fix send_fd_scm for python 3.6.x
3.6 doesn't play keepaway with the socket object, so we don't need to go
fishing for it on this version. In fact, so long as 'sendmsg' is still
available, it's probably preferable to just use that method and only go
fishing for forbidden details when we absolutely have to.

Reported-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Message-id: 20211118204620.1897674-8-jsnow@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
2021-11-22 18:41:21 -05:00
John Snow
206439cd89 scripts/device-crash-test: Use a QMP timeout
Despite all the previous fixes, it's still possible for
device-crash-test to wedge itself in the case that QEMU terminates *so
quickly* that it doesn't even begin a connection attempt to our QMP
client. Python will just joyfully wait ad infinitum for a connection
that will now never arrive.

The real fix is to use asyncio to simultaneously poll both the health of
the launched process AND the connection attempt. That's quite a bit more
invasive than just setting a connection timeout, though.

Do the very simplest thing for now.

Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 20211118204620.1897674-7-jsnow@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
2021-11-22 18:41:21 -05:00
John Snow
1611e6cf4e python/machine: handle "fast" QEMU terminations
In the case that the QEMU process actually launches -- but then dies so
quickly that we can't establish a QMP connection to it -- QEMUMachine
currently calls _post_shutdown() assuming that it never launched the VM
process.

This isn't true, though: it "merely" may have failed to establish a QMP
connection and the process is in the middle of its own exit path.

If we don't wait for the subprocess, the caller may get a bogus `None`
return for .exitcode(). This behavior was observed from
device-crash-test; after the switch to Async QMP, the timings were
changed such that it was now seemingly possible to witness the failure
of "vm.launch()" *prior* to the exitcode becoming available.

The semantic of the `_launched` property is changed in this
patch. Instead of representing the condition "launch() executed
successfully", it will now represent "has forked a child process
successfully". This way, wait() when called in the exit path won't
become a no-op.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Message-id: 20211118204620.1897674-6-jsnow@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
2021-11-22 18:41:17 -05:00
John Snow
b1ca991993 python/machine: move more variable initializations to _pre_launch
No need to clear them only to set them later.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Message-id: 20211118204620.1897674-5-jsnow@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
2021-11-22 18:40:59 -05:00
John Snow
72b17fe715 python/machine: add instance disambiguator to default nickname
If you create two instances of QEMUMachine(), they'll both create the
same nickname by default -- which is not that helpful.

Luckily, they'll both create unique temporary directories ... but due to
user configuration, they may share logging and sockfile directories,
meaning two instances can collide. The Python logging will also be quite
confusing, with no differentiation between the two instances.

Add an instance disambiguator (The memory address of the instance) to
the default nickname to foolproof this in all cases.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Message-id: 20211118204620.1897674-4-jsnow@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
2021-11-22 18:40:59 -05:00
John Snow
6eeb3de7e1 python/machine: remove _remove_monitor_sockfile property
It doesn't matter if it was the user or the class itself that specified
where the sockfile should be created; the fact is that if we are using a
sockfile here, we created it and we can clean it up.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Message-id: 20211118204620.1897674-3-jsnow@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
2021-11-22 18:40:59 -05:00
John Snow
87bf1fe5cb python/machine: add @sock_dir property
Analogous to temp_dir and log_dir, add a sock_dir property that defaults
to @temp_dir -- instead of base_temp_dir -- when the user hasn't
overridden the sock dir value in the initializer.

This gives us a much more unique directory to put sockfiles in by default.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Message-id: 20211118204620.1897674-2-jsnow@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
2021-11-22 18:40:59 -05:00
Richard Henderson
3c87012e38 * Documentation updates
-----BEGIN PGP SIGNATURE-----
 
 iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmGbo7MRHHRodXRoQHJl
 ZGhhdC5jb20ACgkQLtnXdP5wLbUG5g/+NgstvV5IpqIPfs5BRfFZfFwrteo7/m7B
 KTOpicaWzWUB5f0xAiTg4h1dozDJaE4JItY03mwu+Vb+RQdeq0RUsilnPiGvUuo4
 FK+Ty9lfIH1XPDIG1trTFiO8mzXp6kklFX7/bFuW6lc+xxOFo00VQmlM1lEqmPOf
 PdILl6SdknIP+HbgYkH3Asg2ST+rx2OZJBtC9tqe/oFf7y4XlW9T6/nSgDVpH37q
 W9zaYOYVDrZfp7o31pc+1c4MwglBR4a8Wy/P5wEyAGI6W6qKlXOFqeVkqLw/8ftK
 wdpGeFYv9RlgnbT6zu/fShnUnDLzYNWxTH2fbaTdT0EaLjwh4mR+n5YlryM1gb+I
 LweaFZFkpkC/Kv2A3ka++pZLohwjyyDeII3vRKnvGDuX9ynCNdck86+kWstuc9LI
 v8jrh33CaFImIgrKoRh3K4hGGqhoK1By9bsvmoG7Kaalp6WCDGx2P6EDVBh6x6Sk
 fwXoW/B7KZW+W4bTmLqxQ3sP/qR7Vyhbg7gs91TRCRhv0044INBmnmEujTOw3cTP
 PFSHs0W90fKbOyER3KfDGQEPBR/TlxLOhtBVH8KhIy+K0aLyTAX9TMYg8+2Hwvzk
 VLXEkG1ZfAwKDDn4DOxBW08azbbtAga0DsnGn87VJ62ongtf/EOL61yoNUKY5emC
 Drpiym+4bBM=
 =BBr1
 -----END PGP SIGNATURE-----

Merge tag 'pull-request-2021-11-22' of https://gitlab.com/thuth/qemu into staging

* Documentation updates

# gpg: Signature made Mon 22 Nov 2021 03:05:39 PM CET
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg:                issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]

* tag 'pull-request-2021-11-22' of https://gitlab.com/thuth/qemu:
  docs: Render binary names as monospaced text
  docs: Use double quotes instead of single quotes for COLO
  docs: Drop deprecated 'props' from object-add
  Fix some typos in documentation (found by codespell)
  docs: List more commit-message tags in "submitting-a-patch"
  docs: Fix botched rST conversion of 'submitting-a-patch.rst'

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-22 23:21:28 +01:00
Eric Auger
33a0c404fb hw/intc/arm_gicv3_its: Revert version increments in vmstate_its
Commit 18f6290a6a ("hw/intc: GICv3 ITS initial framework")
incremented version_id and minimum_version_id fields of
VMStateDescription vmstate_its. This breaks the migration between
6.2 and 6.1 with the following message:

qemu-system-aarch64: savevm: unsupported version 1 for 'arm_gicv3_its' v0
qemu-system-aarch64: load of migration failed: Invalid argument

Revert that change.

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Message-id: 20211122171020.1195483-1-eric.auger@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-11-22 18:17:19 +00:00
Richard Henderson
d8a6311dab nbd patches for 2021-11-22
- Eric Blake: Avoid uninitialized memory on client hard disconnect
 - Eric Blake: Take advantage of block layer 64-bit zero/trim
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEccLMIrHEYCkn0vOqp6FrSiUnQ2oFAmGboTsACgkQp6FrSiUn
 Q2pHYAf/VEfIEhd8+JR04Ie4X0rDo7NDo0I5SkIIUfslmBcGl6hp91/fW6K5qz9U
 BNnkSc3VQ2qFgq50F5g435QR/1TXuCP81Hhjbr1zecbabf87+YgfukA6yW3OeBJw
 jKC6vza02eXVz5Sia9oinjIwMFyznxD31hwvhQLbHBMxda//tNMU2mwyGJ10Y8yl
 A3O47lr8H0n8tremlw1GcBkHHUL9PBT1YbOWwdFdJtY7J4bk3e8eIEP5bZGfwnye
 8F8XlwjyUxjCCfOkBRTZe5qQMHJQJVc7jSs/fo5piHo8cBlcmoRAFPzxbPqptXKS
 tAmG32CzuN1T042hfuNl9qPxE5jx+Q==
 =honP
 -----END PGP SIGNATURE-----

Merge tag 'pull-nbd-2021-11-22' of https://repo.or.cz/qemu/ericb into staging

nbd patches for 2021-11-22

- Eric Blake: Avoid uninitialized memory on client hard disconnect
- Eric Blake: Take advantage of block layer 64-bit zero/trim

# gpg: Signature made Mon 22 Nov 2021 02:55:07 PM CET
# gpg:                using RSA key 71C2CC22B1C4602927D2F3AAA7A16B4A2527436A
# gpg: Good signature from "Eric Blake <eblake@redhat.com>" [full]
# gpg:                 aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>" [full]
# gpg:                 aka "[jpeg image of size 6874]" [full]

* tag 'pull-nbd-2021-11-22' of https://repo.or.cz/qemu/ericb:
  nbd/server: Simplify zero and trim
  nbd/server: Don't complain on certain client disconnects

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-22 19:15:05 +01:00
Richard Henderson
89d2f9e4c6 target-arm queue:
* revert SMCCC/PSCI change, as it regresses some usecases for some boards
 -----BEGIN PGP SIGNATURE-----
 
 iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmGbnjsZHHBldGVyLm1h
 eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3qANEACGPK8M1HVvh2aVPlX+Dd2t
 RCA7XyQTWlQaLqppe3II6blCjPKWRfmmaJzolRvjpZnp4z4fBYDd7QvHb0mDFLIu
 nAyaLbtW103pDR1MaVs742tFVQCq7btE3FtNe0k6c9XbyNgGIGC7+Gzdx0jRMKFT
 C2zkN99LaDjz0yPQfn7Y/Opzjxfv+wplf0sDlqrL1r4ALdt3BM9Sm4r4GPzkIlqT
 BxxxB8FYwDWf746ounqsENDUt0yJ12zyh5xwvmQIu29cKuQqPSTTKASzljlK8Peg
 KuWPuNzjwgiYkPZoNhRlmN9v2tokC5rkdRz4is4apiW761hBqMX02iLVOHGx61io
 YddrimmaYUXLZrS7JCkvrXShFsbSExeSmg8yb/WvElInwJFao8x9EkKhtbfcFv9f
 meivFGsDil/m1evzmwUR9W+pz95pcZp5Xoi17jQfv7jgq+/16JT6/vULZaK144tq
 U/WnhIsDaVBQyjY9bGgUpA25hi+gW5Stk3uXHMk4wKLSWbqjqQIsXazAQCq5LtaY
 3d+TgcHdsqsHMU77eMK80J4dObBMxsQ8hpXA+Vbd3ANdjbH1jy3yPMgcuGxbJZAg
 5Eje5BCvBk8dk2pv20FFuSPbTKcr77UFCqW3eUG0Y04hBt+QpSSPeQzkAwjJTnQU
 k1XestD9DjxjHBQrVvDF4A==
 =gNAF
 -----END PGP SIGNATURE-----

Merge tag 'pull-target-arm-20211122' of https://git.linaro.org/people/pmaydell/qemu-arm into staging

target-arm queue:
 * revert SMCCC/PSCI change, as it regresses some usecases for some boards

# gpg: Signature made Mon 22 Nov 2021 02:42:19 PM CET
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [full]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [full]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [full]

* tag 'pull-target-arm-20211122' of https://git.linaro.org/people/pmaydell/qemu-arm:
  Revert "arm: tcg: Adhere to SMCCC 1.3 section 5.2"

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-22 16:35:54 +01:00
Philippe Mathieu-Daudé
c5ba621954 docs: Render binary names as monospaced text
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20211118192744.64325-1-philmd@redhat.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-11-22 15:02:38 +01:00
Rao, Lei
eff708a876 docs: Use double quotes instead of single quotes for COLO
Signed-off-by: Lei Rao <lei.rao@intel.com>
Message-Id: <1637567387-28250-2-git-send-email-lei.rao@intel.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-11-22 15:02:38 +01:00
Rao, Lei
8f75cae2dd docs: Drop deprecated 'props' from object-add
In commit 5024340745 "qapi/qom: Drop deprecated 'props' from
object-add" (v6.0.0), we also should update documents.

Signed-off-by: Lei Rao <lei.rao@intel.com>
Message-Id: <1637567387-28250-1-git-send-email-lei.rao@intel.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-11-22 15:02:38 +01:00
Stefan Weil
b980c1aec6 Fix some typos in documentation (found by codespell)
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Message-Id: <20211117210702.1393570-1-sw@weilnetz.de>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
[thuth: "what's" --> "what is" as suggested by philmd]
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-11-22 15:02:38 +01:00
Kashyap Chamarthy
93e86b1664 docs: List more commit-message tags in "submitting-a-patch"
Add some more examples of commonly used commit-message tags.

(Thanks: Alex Bennée)

Signed-off-by: Kashyap Chamarthy <kchamart@redhat.com>
Message-Id: <20211119193118.949698-3-kchamart@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-11-22 15:02:38 +01:00
Kashyap Chamarthy
cd6b1674d6 docs: Fix botched rST conversion of 'submitting-a-patch.rst'
I completely botched up the merged[0] rST conversion of this document by
accidentally dropping entire hunks (!) of text. :-(  I made it very hard
for reviewers to spot it, as the omitted text was buried deep in the
document.  To fix my hatchet job, I reconverted the "SubmitAPatch"
wiki[1] page from scratch and replaced the existing rST with it, while
making sure I incorporated previous feedback.

In summary, in this reconverted edition:

- I did a careful (to the extent my eyes allowed) para-by-para
  comparison of the wiki and the rST to make sure I didn't omit
  anything accidentally.

- I made sure to work in the cosmetic feedback[2] that Thomas Huth
  pointed out in the merged (and botched) edition:

   - fix the hyperlinks in "Split up long patches"

   - replace ".". with "does not end with a dot" (in "Write a meaningful
     commit message" section)

   - replace "---" with ``---`` so that it doesn't render as an em-dash
     (there were two other occurrences; I fixed those too)

- Use "QEMU" spelling consistently in prose usage

- Add a consistent "refer to git-config" link where appropriate

Thanks to Thomas Huth and Alex Bennée for noticing it on IRC.  And sorry
for my sloppiness.

Fixes: 9f73de8df0 ("docs: rSTify the "SubmitAPatch" wiki")

[0] https://gitlab.com/qemu-project/qemu/-/commit/9f73de8df033
[1] https://wiki.qemu.org/index.php?title=Contribute/SubmitAPatch&oldid=10387
[2] https://lists.nongnu.org/archive/html/qemu-devel/2021-11/msg03600.html

Signed-off-by: Kashyap Chamarthy <kchamart@redhat.com>
Message-Id: <20211119193118.949698-2-kchamart@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[thuth: Some more cosmetical changes, fixed links from external to internal]
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-11-22 15:02:38 +01:00
Peter Maydell
4825eaae4f Revert "arm: tcg: Adhere to SMCCC 1.3 section 5.2"
This reverts commit 9fcd15b919.

This change turns out to cause regressions, for instance on the
imx6ul boards as described here:
https://lore.kernel.org/qemu-devel/c8b89685-7490-328b-51a3-48711c140a84@tribudubois.net/

The primary cause of that regression is that the guest code running
at EL3 expects SMCs (not related to PSCI) to do what they would if
our PSCI emulation was not present at all, but after this change
they instead set a value in R0/X0 and continue.

We could fix that by a refactoring that allowed us to only turn on
the PSCI emulation if we weren't booting the guest at EL3, but there
is a more tangled problem with the highbank board, which:
 (1) wants to enable PSCI emulation
 (2) has a bit of guest code that it wants to run at EL3 and
     to perform SMC calls that trap to the monitor vector table:
     this is the boot stub code that is written to memory by
     arm_write_secure_board_setup_dummy_smc() and which the
     highbank board enables by setting bootinfo->secure_board_setup

We can't satisfy both of those and also have the PSCI emulation
handle all SMC instruction executions regardless of function
identifier value.

This is too tricky to try to sort out before 6.2 is released;
revert this commit so we can take the time to get it right in
the 7.0 release.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20211119163419.557623-1-peter.maydell@linaro.org
2021-11-22 13:41:48 +00:00
Eric Blake
e35574226a nbd/server: Simplify zero and trim
Now that the block layer supports 64-bit operations (see commit
2800637a and friends, new to v6.2), we no longer have to self-fragment
requests larger than 2G, reverting the workaround added in 890cbccb08
("nbd: Fix large trim/zero requests", v5.1.0).

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20211117170230.1128262-3-eblake@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
2021-11-22 07:37:15 -06:00
Eric Blake
1644cccea5 nbd/server: Don't complain on certain client disconnects
When a client disconnects abruptly, but did not have any pending
requests (for example, when using nbdsh without calling h.shutdown),
we used to output the following message:

$ qemu-nbd -f raw file
$ nbdsh -u 'nbd://localhost:10809' -c 'h.trim(1,0)'
qemu-nbd: Disconnect client, due to: Failed to read request: Unexpected end-of-file before all bytes were read

Then in commit f148ae7, we refactored nbd_receive_request() to use
nbd_read_eof(); when this returns 0, we regressed into tracing
uninitialized memory (if tracing is enabled) and reporting a
less-specific:

qemu-nbd: Disconnect client, due to: Request handling failed in intermediate state

Note that with Unix sockets, we have yet another error message,
unchanged by the 6.0 regression:

$ qemu-nbd -k /tmp/sock -f raw file
$ nbdsh -u 'nbd+unix:///?socket=/tmp/sock' -c 'h.trim(1,0)'
qemu-nbd: Disconnect client, due to: Failed to send reply: Unable to write to socket: Broken pipe

But in all cases, the error message goes away if the client performs a
soft shutdown by using NBD_CMD_DISC, rather than a hard shutdown by
abrupt disconnect:

$ nbdsh -u 'nbd://localhost:10809' -c 'h.trim(1,0)' -c 'h.shutdown()'

This patch fixes things to avoid uninitialized memory, and in general
avoids warning about a client that does a hard shutdown when not in
the middle of a packet.  A client that aborts mid-request, or which
does not read the full server's reply, can still result in warnings,
but those are indeed much more unusual situations.

CC: qemu-stable@nongnu.org
Fixes: f148ae7d36 ("nbd/server: Quiesce coroutines on context switch", v6.0.0)
Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
[eblake: defer unrelated typo fixes to later patch]
Message-Id: <20211117170230.1128262-2-eblake@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2021-11-22 07:37:14 -06:00
Richard Henderson
5d1f437fb4 fixes for 6.2: microvm, ui, modules.
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEoDKM/7k6F6eZAf59TLbY7tPocTgFAmGbj5kACgkQTLbY7tPo
 cTiJrw//afZiIXG9/7nSkQety3L+IG5kNR+TpEGspo7alP4swIbdpndkpWL9+ipz
 Z+hLFekkDPQ56Ml8Q3qyBrDOVMZYxeHOrLeNcNtR2cxFLeXkrCjjY5apS5aDV9Yu
 ZI5WkGP57Hy2syUempFJEQsMNVjvXAe1Uwe692SZh4EPOW4qXoHlqui5iL7AfxjK
 XCThoY2MRRzdEuAO8gMNHUrB5URsDP85DMIGPtG3grM+CezxFeoj3WW+BYSuY0mn
 JO8BciZPSteh9bkjyYx70z2k159ue/99pjM81uRKOBFHv8KFOaUMfr8RmC1L+3Dx
 krc31misEDwvxumOEBp8SGTR5ZgcRdeW1iAzlQR7fXOCcSbEPuRuxmE3Bhc+1/qg
 8of2KWqayVFfIap6cSGE6A4lWl3RkFsOsqC7DZiwoYtDIt7nVT3BtpFTKvqeVIs9
 YRiCN3YQSxXhi2oxPnezNFcltBX2hZMdHnKS9Bkhfpmyxc2peEkWB18F+lTlEj2/
 KdUwCLGDonZ/LTh1sfU0SSqdTvw6Uw5ZUHThbftmPCEi8rf5RtF0G+/cvsypmJsv
 fch62M0J2urG0Oj0FygrTO4XIUR/PX/GU3Pt6MimeduL6t/hz3jUlCLrmriCnPMq
 BbDS/fOmCN3PjZtNtMZu4l/WYxaPeH/9BQJ/GahpTg57bUBoY4I=
 =QR2E
 -----END PGP SIGNATURE-----

Merge tag 'fixes-20211122-pull-request' of git://git.kraxel.org/qemu into staging

fixes for 6.2: microvm, ui, modules.

# gpg: Signature made Mon 22 Nov 2021 01:39:53 PM CET
# gpg:                using RSA key A0328CFFB93A17A79901FE7D4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full]
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>" [full]
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full]

* tag 'fixes-20211122-pull-request' of git://git.kraxel.org/qemu:
  microvm: check g_file_set_contents() return value
  microvm: add missing g_free() call
  hw/i386/microvm: Reduce annoying debug message in dt_setup_microvm()
  migration: fix dump-vmstate with modules
  ui/vnc-clipboard: fix adding notifier twice
  ui/gtk: graphic_hw_gl_flushed after closing dmabuf->fence_fd
  ui: fix incorrect pointer position on highdpi with gtk
  ui: fix incorrect scaling on highdpi with gtk/opengl

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-22 14:17:14 +01:00
Gerd Hoffmann
b9e5628ca5 microvm: check g_file_set_contents() return value
Fixes: CID 1465239
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-Id: <20211108130718.840216-3-kraxel@redhat.com>
2021-11-22 11:14:28 +01:00
Gerd Hoffmann
1b38ccc9a1 microvm: add missing g_free() call
Fixes: CID 1465240
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20211108130718.840216-2-kraxel@redhat.com>
2021-11-22 11:14:28 +01:00
Philippe Mathieu-Daudé
d612405ed2 hw/i386/microvm: Reduce annoying debug message in dt_setup_microvm()
Fixes: f5918a9928 ("microvm: add device tree support.")
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Sergio Lopez <slp@redhat.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Message-Id: <20211117174331.1715144-1-philmd@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2021-11-22 11:14:28 +01:00