Instead of fetching the prebuilt image from patchew download the install
iso and prepare the image locally. Install to disk, using the serial
console. Create qemu user, configure ssh login. Install packages
needed for qemu builds.
Note that freebsd package downloads are delivered as non-cachable
content, so I had to configure squid with "ignore-no-store
ignore-private ignore-reload" for pkgmir.geo.freebsd.org to make the
caching actually work.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20190617043858.8290-9-kraxel@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Instead of fetching the prebuilt image from patchew download the install
iso and prepare the image locally. Install to disk, using the serial
console. Create qemu user, configure ssh login. Install packages
needed for qemu builds.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190617043858.8290-8-kraxel@redhat.com>
[AJB: added tags]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Add a bunch of helpers to talk to the guest using the
serial console.
Also drop the hard-coded -serial parameter for the vm
so QEMUMachine.set_console() actually works.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190617043858.8290-7-kraxel@redhat.com>
[AJB: added tags]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
For testing/troubleshooting convenience.
make vm-boot-serial-<guest>
Boot guest, with the serial console on stdio.
make vm-boot-ssh-<guest>
Boot guest, login via ssh.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190617043858.8290-6-kraxel@redhat.com>
[AJB: added tags]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
When not running in snapshot mode ask the guest to poweroff and wait for
this to finish instead of simply quitting qemu, so the guest can flush
pending updates to disk.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190617043858.8290-5-kraxel@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
The build script doesn't shutdown the guest VMs properly,
which results in filesystem corruption and guest boot
failures sooner or later.
Use the --snapshot to run builds on a snapshot,
That way killing the VM doesn't corrupt the base image.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Acked-by: Ed Maste <emaste@freebsd.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190617043858.8290-4-kraxel@redhat.com>
[AJB: added tags]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Allways ask ssh to run with a pseudo terminal.
Not having a terminal causes problems now and then.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190617043858.8290-3-kraxel@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Packages are fetched via proxy that way, if configured on the host.
That might be required to pass firewalls, and it allows to route
package downloads through a caching proxy server.
Needs AcceptEnv setup in sshd_config on the guest side to work.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190617043858.8290-2-kraxel@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Possibly because of different behavior on the newly update
cloud-image, trying to run 'apt-get build-dep' results in:
E: You must put some 'source' URIs in your sources.list
This enables all source repos (even though some are not
needed) for simplicity sake.
Signed-off-by: Cleber Rosa <crosa@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190613130718.3763-5-crosa@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
It's a good practice to always have the same components used in tests.
According to:
https://cloud-images.ubuntu.com/releases/16.04/
New images are released from time to time, and the "release/"
directory points to the latest release. Let's pin to the latest
available version, and while at it, set a hash for verification.
Signed-off-by: Cleber Rosa <crosa@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190613130718.3763-4-crosa@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Python's os.rename() will silently replace an existing file,
so there's no need for the extra check and removal.
Reference: https://docs.python.org/3/library/os.html#os.rename
Signed-off-by: Cleber Rosa <crosa@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190613130718.3763-3-crosa@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
The image copy is only really needed because xz doesn't know to
properly decompress a file not named properly. Instead of
decompressing to stdout, and having to rely on a shell, let's just
create a link instead of copying the file.
Signed-off-by: Cleber Rosa <crosa@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190613130718.3763-2-crosa@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
* more code-movement to separate TCG-only functions into their own files
* Correct VMOV_imm_dp handling of short vectors
* Execute Thumb instructions when their condbits are 0xf
* armv7m_systick: Forbid non-privileged accesses
* Use _ra versions of cpu_stl_data() in v7M helpers
* v8M: Check state of exception being returned from
* v8M: Forcibly clear negative-priority exceptions on deactivate
-----BEGIN PGP SIGNATURE-----
iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAl0eKdoZHHBldGVyLm1h
eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3uESD/9VRv/N44W2jszHn23alpFU
Oe/9fSMiYDbhYbWzRSTWOrUGPDvfnJSvr2DPN/6QZjSH+UpWpS5AxlvkKtgsHW3C
R1X7thwLfs+hIwvH0SgoqWxtmFffC6+sMMfrUZUJ/ggPDJwpgyEY6Pc5CCMsvvOi
7YIYTdWe4n4Bt3m6zJ0wVOvcFKTGGCq5CIA9Vrel2Vw98+Ryjh2QkpSV1Dt8Ynlk
/F781Mg1GvxO5nLbZO/HO1zZ4vy1Uo8Lu+pkyjCFWahN0vUqaIaOkZjC6PrAvsjD
sBwAkqzWZMnq39+A2OmHlbwF+KgZysPo7RR28J/aPNXC6k8SviVEtLQdS9Bh18jy
0HDkduimHAm72XWbzAx5G/K/L62yMYrfHfLr60n0muREvH23ArINIY1FbDWVMTAa
3UV/y8f+p3hBN2fmLSO+SHNhY+9sE7R5rBBZTFes6H1dEt2HxAKYrOuCdP3ICE9g
hq9fvW1eEzlYn3+2SPj/azaaTTT+igpdD+5D6oyegPq4tBYmwVPqNBLCL9Jk3WNd
UU+NeV9LkB/8XRPFwvtbocgEfmxTDNCkvs5XapLoxuucFJDqeGyVfz3nezqLxt+i
/sB/FYY2xZvaR5Sv+DbiORQ2F2Tmc7PyeKNeVtZbFt32EHAu46yY748r4AoIYqkg
l7Uo1VLf7N4ec71n6DIcKg==
=vttM
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20190704-1' into staging
target-arm queue:
* more code-movement to separate TCG-only functions into their own files
* Correct VMOV_imm_dp handling of short vectors
* Execute Thumb instructions when their condbits are 0xf
* armv7m_systick: Forbid non-privileged accesses
* Use _ra versions of cpu_stl_data() in v7M helpers
* v8M: Check state of exception being returned from
* v8M: Forcibly clear negative-priority exceptions on deactivate
# gpg: Signature made Thu 04 Jul 2019 17:31:22 BST
# gpg: using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg: issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg: aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE
* remotes/pmaydell/tags/pull-target-arm-20190704-1:
target/arm: Correct VMOV_imm_dp handling of short vectors
target/arm: Execute Thumb instructions when their condbits are 0xf
hw/timer/armv7m_systick: Forbid non-privileged accesses
target/arm: Use _ra versions of cpu_stl_data() in v7M helpers
target/arm: v8M: Check state of exception being returned from
arm v8M: Forcibly clear negative-priority exceptions on deactivate
target/arm/helper: Move M profile routines to m_helper.c
target/arm: Restrict semi-hosting to TCG
target/arm: Move debug routines to debug_helper.c
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Coverity points out (CID 1402195) that the loop in trans_VMOV_imm_dp()
that iterates over the destination registers in a short-vector VMOV
accidentally throws away the returned updated register number
from vfp_advance_dreg(). Add the missing assignment. (We got this
correct in trans_VMOV_imm_sp().)
Fixes: 18cf951af9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190702105115.9465-1-peter.maydell@linaro.org
Thumb instructions in an IT block are set up to be conditionally
executed depending on a set of condition bits encoded into the IT
bits of the CPSR/XPSR. The architecture specifies that if the
condition bits are 0b1111 this means "always execute" (like 0b1110),
not "never execute"; we were treating it as "never execute". (See
the ConditionHolds() pseudocode in both the A-profile and M-profile
Arm ARM.)
This is a bit of an obscure corner case, because the only legal
way to get to an 0b1111 set of condbits is to do an exception
return which sets the XPSR/CPSR up that way. An IT instruction
which encodes a condition sequence that would include an 0b1111 is
UNPREDICTABLE, and for v8A the CONSTRAINED UNPREDICTABLE choices
for such an IT insn are to NOP, UNDEF, or treat 0b1111 like 0b1110.
Add a comment noting that we take the latter option.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190617175317.27557-7-peter.maydell@linaro.org
Like most of the v7M memory mapped system registers, the systick
registers are accessible to privileged code only and user accesses
must generate a BusFault. We implement that for registers in
the NVIC proper already, but missed it for systick since we
implement it as a separate device. Correct the omission.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190617175317.27557-6-peter.maydell@linaro.org
In the various helper functions for v7M/v8M instructions, use
the _ra versions of cpu_stl_data() and friends. Otherwise we
may get wrong behaviour or an assert() due to not being able
to locate the TB if there is an exception on the memory access
or if it performs an IO operation when in icount mode.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190617175317.27557-5-peter.maydell@linaro.org
In v8M, an attempt to return from an exception which is not
active is an illegal exception return. For this purpose,
exceptions which can configurably target either Secure or
NonSecure are not considered to be active if they are
configured for the opposite security state for the one
we're trying to return from (eg attempt to return from
an NS NMI but NMI targets Secure). In the pseudocode this
is handled by IsActiveForState().
Detect this case rather than counting an active exception
possibly of the wrong security state as being sufficient.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190617175317.27557-4-peter.maydell@linaro.org
To prevent execution priority remaining negative if the guest
returns from an NMI or HardFault with a corrupted IPSR, the
v8M interrupt deactivation process forces the HardFault and NMI
to inactive based on the current raw execution priority,
even if the interrupt the guest is trying to deactivate
is something else. In the pseudocode this is done in the
Deactivate() function.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190617175317.27557-3-peter.maydell@linaro.org
In preparation for supporting TCG disablement on ARM, we move most
of TCG related v7m/v8m helpers and APIs into their own file.
Note: It is easier to review this commit using the 'histogram'
diff algorithm:
$ git diff --diff-algorithm=histogram ...
or
$ git diff --histogram ...
Suggested-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190702144335.10717-2-philmd@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: updated qapi #include to match recent changes there]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Per Peter Maydell:
Semihosting hooks either SVC or HLT instructions, and inside KVM
both of those go to EL1, ie to the guest, and can't be trapped to
KVM.
Let check_for_semihosting() return False when not running on TCG.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190701194942.10092-3-philmd@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
These routines are TCG specific.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190701194942.10092-2-philmd@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This pull request contains a handful of patches that I'd like to target
for the 4.1 soft freeze. There are a handful of new features:
* Support for the 1.11.0, the latest privileged specification.
* Support for reading and writing the PRCI registers.
* Better control over the ISA of the target machine.
* Support for the cpu-topology device tree node.
Additionally, there are a handful of bug fixes including:
* Load reservations are now broken by both store conditional and by
scheduling, which fixes issues with parallel applications.
* Various fixes to the PMP implementation.
* Fixes to the 32-bit linux-user syscall ABI.
* Various fixes for instruction decodeing.
* A fix to the PCI device tree "bus-range" property.
This boots 32-bit and 64-bit OpenEmbedded.
Changes since v2 [riscv-for-master-4.1-sf1-v2]:
* Dropped OpenSBI.
Changes since v1 [riscv-for-master-4.1-sf1]:
* Contains a fix to the sifive_u OpenSBI integration.
-----BEGIN PGP SIGNATURE-----
iQJHBAABCAAxFiEEAM520YNJYN/OiG3470yhUCzLq0EFAl0caa0THHBhbG1lckBk
YWJiZWx0LmNvbQAKCRDvTKFQLMurQRTNEACwLeajFWIdeltz9PpzlmbABoY9p8rT
amMVjEcisMmIzV7UjLcmqYAyPUFb2KvNy5EA15op0nQKGv7Mm7c4P7V5/eQyz9wE
9/81s3OoOuRa79mwgF3aekA6iQXb0ID+kMaIFSrbTTyECOULb2kb4/xxOH+N13wh
8VfYBdgxsvC37DDShXuzGOdtWpu1wZDgYwYOHAIns/r90FYA1w2vJhjn72AiDfnY
QKwm6FHiplraMfbURRxbgU5oUIXsCelYNB3Fu9dFOuVwgmwrwFHJIG1Mi5pvMkbo
vRnSDX5vKKpeyFj6U23RnCJpxoORe0Bp6GnD5MbByUr9oroBbD3dkNryXU0da5jN
e5Jje3F8v/g3KdRUm6AQJb6JBBOZu4uSUn9jUfqlNLFDvUDLTq74kfJHLzsWr4Ds
k/rP3fmyked27KnEwCOzAEEDI4Z3exbwnoPiP5ik92ZkSL7PVwLpWvB/8tn8HQab
ldq8w/piUkbC9ug2p07TFg6aST8YjzuGHtOW4M8TpX5cuAiHPbjS54dj88+EL5i7
shBWFKEuKV0ESVgIBwJu9qlX5QvQWJA4LSo35PyrGJb6xV+lQ3j0pdcOojL6ZSkk
JDbQtC1nsxDf/Qt4vHc4VbOZQChO+FYs2Smin8Wl5gN+hReY6lB/ZtHjYl7uw2bC
9Ijy2OkCjtz4mw==
=lliO
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/palmer/tags/riscv-for-master-4.1-sf1-v3' into staging
RISC-V Patches for the 4.1 Soft Freeze, Part 2 v3
This pull request contains a handful of patches that I'd like to target
for the 4.1 soft freeze. There are a handful of new features:
* Support for the 1.11.0, the latest privileged specification.
* Support for reading and writing the PRCI registers.
* Better control over the ISA of the target machine.
* Support for the cpu-topology device tree node.
Additionally, there are a handful of bug fixes including:
* Load reservations are now broken by both store conditional and by
scheduling, which fixes issues with parallel applications.
* Various fixes to the PMP implementation.
* Fixes to the 32-bit linux-user syscall ABI.
* Various fixes for instruction decodeing.
* A fix to the PCI device tree "bus-range" property.
This boots 32-bit and 64-bit OpenEmbedded.
Changes since v2 [riscv-for-master-4.1-sf1-v2]:
* Dropped OpenSBI.
Changes since v1 [riscv-for-master-4.1-sf1]:
* Contains a fix to the sifive_u OpenSBI integration.
# gpg: Signature made Wed 03 Jul 2019 09:39:09 BST
# gpg: using RSA key 00CE76D1834960DFCE886DF8EF4CA1502CCBAB41
# gpg: issuer "palmer@dabbelt.com"
# gpg: Good signature from "Palmer Dabbelt <palmer@dabbelt.com>" [unknown]
# gpg: aka "Palmer Dabbelt <palmer@sifive.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 00CE 76D1 8349 60DF CE88 6DF8 EF4C A150 2CCB AB41
* remotes/palmer/tags/riscv-for-master-4.1-sf1-v3: (32 commits)
hw/riscv: Extend the kernel loading support
hw/riscv: Add support for loading a firmware
hw/riscv: Split out the boot functions
riscv: sifive_u: Update the plic hart config to support multicore
riscv: sifive_u: Do not create hard-coded phandles in DT
disas/riscv: Fix `rdinstreth` constraint
disas/riscv: Disassemble reserved compressed encodings as illegal
riscv: virt: Add cpu-topology DT node.
RISC-V: Update syscall list for 32-bit support.
RISC-V: Clear load reservations on context switch and SC
RISC-V: Add support for the Zicsr extension
RISC-V: Add support for the Zifencei extension
target/riscv: Add support for disabling/enabling Counters
target/riscv: Remove user version information
target/riscv: Require either I or E base extension
qemu-deprecated.texi: Deprecate the RISC-V privledge spec 1.09.1
target/riscv: Set privledge spec 1.11.0 as default
target/riscv: Add the mcountinhibit CSR
target/riscv: Add the privledge spec version 1.11.0
target/riscv: Restructure deprecatd CPUs
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAABAgAGBQJdG4G5AAoJENSXKoln91plV1UH/0pnDNiBR0AKu3cqY6fYuPMI
9cyh/z5KSW11+KuXjh0t73fzDPL34z6jXoZU681yLU2IppyN0OXOKduKjFxzwU1Z
rwLvTmXfHlvLGj66GJIhzBFKYCsRlJ6ZeLjUTFCjEUofww8z6LWaOEXvjo0qS1db
Kx0bZtNpIhNnNCFukxjU2qMUpH/Gk17UvC4F9v5882QpXJAUsPhv/lb9nSfx7Fve
xiyiFk6cYUdmErvwUwNWhuFeZGKaAOfnBMcJEX5u28C82tyRT4D/cc1gM8OivVPO
enDDLMqch/8hTdxXvm1TI7FSS4445noRhfzuu1IErrnOXwRS3KGHoi0LyM1wAZ8=
=qMlD
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/amarkovic/tags/mips-queue-jul-02-2019' into staging
MIPS queue for July 2nd, 2019
# gpg: Signature made Tue 02 Jul 2019 17:09:29 BST
# gpg: using RSA key D4972A8967F75A65
# gpg: Good signature from "Aleksandar Markovic <amarkovic@wavecomp.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8526 FBF1 5DA3 811F 4A01 DD75 D497 2A89 67F7 5A65
* remotes/amarkovic/tags/mips-queue-jul-02-2019:
target/mips: Correct helper for MSA FCLASS.<W|D> instructions
target/mips: Unroll loops for MSA float max/min instructions
target/mips: Correct comments in msa_helper.c
target/mips: Correct comments in translate.c
tcg/tests: target/mips: Correct MSA test compilation and execution order
tcg/tests: target/mips: Amend MSA integer multiply tests
tcg/tests: target/mips: Amend MSA fixed point multiply tests
hw/mips: Express dependencies of the r4k platform with Kconfig
hw/mips: Express dependencies of the Jazz machine with Kconfig
hw/mips: Express dependencies of the MIPSsim machine with Kconfig
hw/mips: Explicit the semi-hosting feature is always required
tests/machine-none: Test recent MIPS cpus
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
When QEMU exposes a VirtIO-RNG device to the guest, that device needs a
source of entropy, and that source needs to be "non-blocking", like
`/dev/urandom`. However, currently QEMU defaults to the problematic
`/dev/random`, which on Linux is "blocking" (as in, it waits until
sufficient entropy is available).
Why prefer `/dev/urandom` over `/dev/random`?
---------------------------------------------
The man pages of urandom(4) and random(4) state:
"The /dev/random device is a legacy interface which dates back to a
time where the cryptographic primitives used in the implementation
of /dev/urandom were not widely trusted. It will return random
bytes only within the estimated number of bits of fresh noise in the
entropy pool, blocking if necessary. /dev/random is suitable for
applications that need high quality randomness, and can afford
indeterminate delays."
Further, the "Usage" section of the said man pages state:
"The /dev/random interface is considered a legacy interface, and
/dev/urandom is preferred and sufficient in all use cases, with the
exception of applications which require randomness during early boot
time; for these applications, getrandom(2) must be used instead,
because it will block until the entropy pool is initialized.
"If a seed file is saved across reboots as recommended below (all
major Linux distributions have done this since 2000 at least), the
output is cryptographically secure against attackers without local
root access as soon as it is reloaded in the boot sequence, and
perfectly adequate for network encryption session keys. Since reads
from /dev/random may block, users will usually want to open it in
nonblocking mode (or perform a read with timeout), and provide some
sort of user notification if the desired entropy is not immediately
available."
And refer to random(7) for a comparison of `/dev/random` and
`/dev/urandom`.
What about other OSes?
----------------------
`/dev/urandom` exists and works on OS-X, FreeBSD, DragonFlyBSD, NetBSD
and OpenBSD, which cover all the non-Linux platforms we explicitly
support, aside from Windows.
On Windows `/dev/random` doesn't work either so we don't regress.
This is actually another argument in favour of using the newly
proposed 'rng-builtin' backend by default, as that will work on
Windows.
- - -
Given the above, change the entropy source for VirtIO-RNG device to
`/dev/urandom`.
Related discussion in these[1][2] past threads.
[1] https://lists.nongnu.org/archive/html/qemu-devel/2018-06/msg08335.html
-- "RNG: Any reason QEMU doesn't default to `/dev/urandom`?"
[2] https://lists.nongnu.org/archive/html/qemu-devel/2018-09/msg02724.html
-- "[RFC] Virtio RNG: Consider changing the default entropy source to
/dev/urandom"
Signed-off-by: Kashyap Chamarthy <kchamart@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Message-Id: <20190529143106.11789-2-lvivier@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Targets "clean" and "install" run make recursively in a for loop.
This ignores -j and -k. Target "all" depends on SUBDIR/all to recurse
into each SUBDIR. Behaves nicely with -j and -k. Put that to use for
"clean" and "install": depend on SUBDIR/clean or SUBDIR/install,
respectively, and delete the loop.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20190528082308.22032-5-armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
We make a few sub-directories recursively, in particular
$(TARGET_DIRS).
For goal "all", we do it the nice way: "all" has a prerequisite
subdir-T for each T in $(TARGET_DIRS), and T's recipe runs make
recursively. Behaves nicely with -j and -k.
For other goals such as "clean" and "install", the recipe runs make
recursively in a for loop. Ignores -j and -k.
The next commit will fix that for "clean" and "install". This commit
prepares the ground by renaming the targets we use for "all" to
include the goal for the sub-make. This will permit reusing them for
goals other than "all".
Targets subdir-T for T in $(TARGET_DIRS) run "make all" in T. Rename
to T/all, and declare phony.
Targets romsubdir-R for R in $(ROMS) run "make" in pc-bios/R. Default
goal is "all" for all R. Rename to pc-bios/R/all, and declare phony.
The remainder are renamed just for consistency.
Target subdir-dtc runs "make libbft/libfdt.a" in dtc. Rename to
dtc/all, and declare phony.
Target subdir-capstone runs make $(BUILD_DIR)/capstone/$(LIBCAPSTONE)
in $(SRC_PATH)/capstone. Rename to capstone/all, and declare phony.
Target subdir-slirp runs "make" in $(SRC_PATH)/slirp. Default goal is
all, which builds $(BUILD_DIR)/libslirp.a. Rename to slirp/all, and
declare phony.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190528082308.22032-4-armbru@redhat.com>
[Add compatibility gunk to keep make working across the rename]
Linux terminal behavior (coming from vt100 I think) is somewhat strange
when it comes to line wraps: When a character is printed to the last
char cell of a line the cursor does NOT jump to the next line but stays
where it is. The line feed happens when the next character is printed.
So the valid range for the cursor position is not 0 .. width-1 but
0 .. width, where x == width represents the state where the line is
full but the cursor didn't jump to the next line yet.
The code for the 'clear from start of line' control sequence (ESC[1K)
fails to handle this corner case correctly and may call
console_clear_xy() with x == width. That will incorrectly clear the
first char cell of the next line, or in case the cursor happens to be on
the last line overflow the cell buffer by one character (three bytes).
Add a check to the loop to fix that.
Didn't spot any other places with the same problem. But it's easy to
miss that corner case, so also allocate one extra cell as precaution, so
in case we have simliar issues lurking elsewhere it at least wouldn't be
a buffer overflow.
v2: squashed in additional checks suggested by Christophe de Dinechin.
Reported-by: Alexander Oleinik <alxndr@bu.edu>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Christophe de Dinechin <dinechin@redhat.com>
Message-id: 20190701075301.14165-1-kraxel@redhat.com
Currently the bitbang_i2c_init() function allocates a
bitbang_i2c_interface struct which it returns. This is unfortunate
because it means that if the function is used from a DeviceState
init method then the memory will be leaked by an "init then delete"
cycle, as used by the qmp/hmp commands that list device properties.
Since three out of four of the uses of this function are in
device init methods, switch the function to do an in-place
initialization of a struct that can be embedded in the
device state struct of the caller.
This fixes LeakSanitizer leak warnings that have appeared in the
patchew configuration (which only tries to run the sanitizers
for the x86_64-softmmu target) now that we use the bitbang-i2c
code in an x86-64 config.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: BALATON Zoltan <balaton@eik.bme.hu>
Tested-by: BALATON Zoltan <balaton@eik.bme.hu>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190702163844.20458-1-peter.maydell@linaro.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
While loading virtio-gpu, the data can be malicious, we
should check if the resource already exists.
Signed-off-by: Li Qiang <liq3ea@163.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 20190628161358.10400-1-liq3ea@163.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
We land here in case not everything we've asked for could be mapped.
So unmap only the bytes which have actually been mapped.
Also we didn't access anything, so acces_len can be 0.
Reported-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Li Qiang <liq3ea@gmail.com>
Message-id: 20190628072357.31782-1-kraxel@redhat.com
Several people have reported to have bag microphone lag with the PA
backend. While I cannot reproduce the problem here, it seems that their
PA somehow decides to buffer the microphone input for way too long,
causing this delay. This patch sets an upper limit to the amount of
data PA should hold. This fixes the problem reliably on their side,
while having no adverse effects on mine.
Signed-off-by: Martin Schrodt <martin@schrodt.org>
Message-id: 20190615153852.99040-1-martin@schrodt.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
On very busy networks connected via a tap interface, it is possible to overflow
the RX descriptor ring in the time between the client driver enabling the RX
MAC and finishing writing the final configuration to the NIC registers.
Ensure that we detect this condition and update the status register accordingly
to indicate an overflow has occurred (and the incoming packet dropped) in order
to prevent the client driver becoming confused.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
The current return values in sunhme_receive() when processing incoming packets
are inverted from what they should be. Make sure that we return 0 to indicate
the packet was discarded (and polling is to be disabled) and -1 to indicate
that the packet was discarded but polling for incoming data is to be continued.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Some client drivers use this bit to pause and resume the driver so make sure
that queued packets are flushed when the MAC is disabled and then reactivated.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Due to a copy/paste error the wrong register was being checked in order to
determine if the NIC is able to receive data.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Commit 6807874d55 "sun4m: obey -vga none" changed the sun4m machines so that
they could be started without a framebuffer installed, but as no default
display type was configured the machines would start in headless mode without
an explict -vga option.
Set the default display type for all sun4m machines to TCX so that they will
start with a framebuffer if one is not specifically requested.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Report an error in case we fail to set a trigger action
on any VFIO_PCI_MSIX_IRQ_INDEX subindex. This might be
useful in debugging a device that is not working properly.
Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reported-by: Coverity (CID 1402196)
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
