Commit Graph

4686 Commits

Author SHA1 Message Date
Markus Armbruster
b359f4b203 tests: Rename UserDefNativeListUnion to UserDefListUnion
The lists in UserDefNativeListUnion aren't "native", they're lists of
built-in types.  The next commit will add a list of a user-defined
type.  Drop "Native", and adjust the tests using the type.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190301154051.23317-6-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2019-03-05 14:43:11 +01:00
Markus Armbruster
709395f8f6 qapi: Fix code generation for sub-modules in other directories
The #include directives to pull in sub-modules use file names relative
to the main module.  Works only when all modules are in the same
directory, or the main module's output directory is in the compiler's
include path.  Use relative file names instead.

The dummy variable we generate to avoid empty .o files has an invalid
name for sub-modules in other directories.  Fix that.

Both messed up in commit 252dc3105f "qapi: Generate separate .h, .c
for each module".  Escaped testing because tests/qapi-schema-test.json
doesn't cover sub-modules in other directories, only
tests/qapi-schema/include-relpath.json does, and we generate and
compile C code only for the former, not the latter.  Fold the latter
into the former.  This would have caught the mistakes fixed in this
commit.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190301154051.23317-5-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2019-03-05 14:43:11 +01:00
Markus Armbruster
0f20628b24 tests/qapi-schema: Cover conditional arrays
Commit 967c885108 neglected to cover arrays of conditional types.  Do
that now.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190301154051.23317-3-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2019-03-05 14:43:11 +01:00
Markus Armbruster
ca0ac758d6 tests/qapi-schema: Make test-qapi.py print arrays
The next few commits mess with array types, and having the changes
exposed in output of test-qapi.py will be useful.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190301154051.23317-2-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[Rationale added to commit message]
2019-03-05 14:41:01 +01:00
Dr. David Alan Gilbert
4b9b700002 tests: Add a test for qemu self announcements
We now expose qemu_announce_self through QMP and HMP.  Add a test
with some very basic packet validation (make sure we get a RARP).

Signed-off-by: Vlad Yasevich <vyasevic@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2019-03-05 11:27:41 +08:00
Dr. David Alan Gilbert
544f6ea324 hmp: Add hmp_announce_self
Add an HMP command to trigger self annocements.
Unlike the QMP command (which takes a set of parameters), the HMP
command reuses the set of parameters used for migration.

Signend-off-by: Vladislav Yasevich <vyasevic@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2019-03-05 11:27:41 +08:00
Peter Maydell
1d31f1872b pci, pc, virtio: fixes, cleanups, tests
Lots of work on tests: BiosTablesTest UEFI app,
 vhost-user testing for non-Linux hosts.
 Misc cleanups and fixes all over the place
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJccBqMAAoJECgfDbjSjVRpvSEIAKYPRNdCBX/SSS/L/tmJS5Zt
 8IyU/HW1YJ249vO+aT6z4Q3QPgqNC3KjXC3brx/WRoPZnRroen4rv2Kqnk6SayPa
 a52d2ubXKWxb3swdG1CAVzFRhq/ABpgAPx0dr1JW+RXgo2lxpJ4GNYxKMosQTaPE
 hRNeXl1XlcIK525kJhFH3Hlij9mTRuY6T7ydpPQd8dUq2dBRaL9RrzZRrkZxCy6l
 gQPUqNzPhG0XXyOiJmwYyVX0zGzbYrMLrMQAor2SBIYmU+zv2eZGPJUYxoMTUMzt
 YR0WCpvkvPITlAryaBoozAIDYVz8PxBRT1KRwpDal+2rzlm6o+veKDiF8R46gn0=
 =GzUz
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

pci, pc, virtio: fixes, cleanups, tests

Lots of work on tests: BiosTablesTest UEFI app,
vhost-user testing for non-Linux hosts.
Misc cleanups and fixes all over the place

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Fri 22 Feb 2019 15:51:40 GMT
# gpg:                using RSA key 281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full]
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>" [full]
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream: (26 commits)
  pci: Sanity test minimum downstream LNKSTA
  hw/smbios: fix offset of type 3 sku field
  pci: Move NVIDIA vendor id to the rest of ids
  virtio-balloon: Safely handle BALLOON_PAGE_SIZE < host page size
  virtio-balloon: Use ram_block_discard_range() instead of raw madvise()
  virtio-balloon: Rework ballon_page() interface
  virtio-balloon: Corrections to address verification
  virtio-balloon: Remove unnecessary MADV_WILLNEED on deflate
  i386/kvm: ignore masked irqs when update msi routes
  contrib/vhost-user-blk: fix the compilation issue
  Revert "contrib/vhost-user-blk: fix the compilation issue"
  pc-dimm: use same mechanism for [get|set]_addr
  tests/data: introduce "uefi-boot-images" with the "bios-tables-test" ISOs
  tests/uefi-test-tools: add build scripts
  tests: introduce "uefi-test-tools" with the BiosTablesTest UEFI app
  roms: build the EfiRom utility from the roms/edk2 submodule
  roms: add the edk2 project as a git submodule
  vhost-user-test: create a temporary directory per TestServer
  vhost-user-test: small changes to init_hugepagefs
  vhost-user-test: create a main loop per TestServer
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-03-04 11:04:31 +00:00
Peter Maydell
de5be3fe16 - Updates to MAINTAINERS file
- Re-enable the guest-agent test
 - Add the possibility to load a bios image on the mcf5208evb machine
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJcd9K9AAoJEC7Z13T+cC21VyUP/RWJmh79AlbfZ78VIa68T3tZ
 vaehdDS135MQupk0bcDB/EVCgCQ/OAIQ1+vn224zbBea78ZdkjohlN7skW+o+HVP
 fC0FIIqQkLGnK/nfmXz7Lj/wEQRTYuoC7SZGiFDRsyd56S/09FcNLZsre+CTytUX
 2TRP2bwhjrCIyIzQk8eIeXM50JILpR+yF9wzMtnYyu9nA5fc/Y4y7HsFHtcWp1Uo
 nOP4B3D8nXjYigZ5Cx7Dotdk9VVOznH55M1RVEsAnzTT26wDAg2Qa7Zd1tR/eG5E
 nzKdI+9xnEnSJupIUsRp1DPM39pt7J7AKMHZJG18nIKksjYVgwaqAeNLFVr+POeG
 RHr4KtJXTQlDD+5qiBefK+Jgr1DYGwgfSD4Ot/aRsJimhBNbkUgTfsSJ5VdeCGTb
 XLotEtlcdycHLBxWtAlVLhm3/D2Shlwc+QjKsPXhNmZ+fHa4cJ4vY7AR3h9+Td5E
 5zv40ibH5G4dx6/qpetFfN9bkfYEodhyxQb1XguKfDMAPu0SRg4hSWY9xrwwGfiS
 OVnBc9MpEJV7zZERRQMRcw9KjOBIIBnppVuxDCntq83dJIFSl6FdYKpKgdoRpwv7
 72gF90bCqDyO+QCN8E7BRH7jWyvo7s7weUIkgPrKq+gYR+SmucWHiLlUMUSfJSwE
 7kbWum8gJt/uv1M7p9Od
 =Lzgr
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2019-02-28' into staging

- Updates to MAINTAINERS file
- Re-enable the guest-agent test
- Add the possibility to load a bios image on the mcf5208evb machine

# gpg: Signature made Thu 28 Feb 2019 12:23:25 GMT
# gpg:                using RSA key 2ED9D774FE702DB5
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* remotes/huth-gitlab/tags/pull-request-2019-02-28:
  hw/m68k/mcf5208: Support loading of bios images
  tests/test-qga: Reenable guest-agent qtest
  MAINTAINERS: Clean up the RISC-V TCG backend section
  MAINTAINERS: Add some missing entries for the sun4m machine
  MAINTAINERS: Add maintainer to the TCG/i386 subsystem
  MAINTAINERS: Add maintainers to the Linux subsystem
  MAINTAINERS: Orphanize the 'GDB stub' subsystem
  MAINTAINERS: Add maintainer to the POSIX subsystem
  MAINTAINERS: Add an entry for the Dino machine
  MAINTAINERS: Add missing test entries to the Cryptography section
  MAINTAINERS: Add missing entries for the QObject section
  MAINTAINERS: Add missing entries for the PC machines
  MAINTAINERS: Add missing entries for the sun4u machines

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-03-01 09:52:42 +00:00
Peter Maydell
4179575898 target/xtensa: FLIX support, various fixes and test improvements
- add FLIX (flexible length instructions extension) support;
 - make testsuite runnable on wider range of xtensa cores;
 - add floating point opcode tests;
 - don't add duplicate 'static' in import_core.sh script;
 - fix undefined opcodes detection in test_mmuhifi_c3 overlay.
 -----BEGIN PGP SIGNATURE-----
 
 iQJHBAABCAAxFiEEK2eFS5jlMn3N6xfYUfnMkfg/oEQFAlx32cMTHGpjbXZia2Jj
 QGdtYWlsLmNvbQAKCRBR+cyR+D+gRGcJD/4li2uLwhAjuTWYyn4QhNueWXNBLvWl
 0XJ0n6FgBrJ/PrrbfzZHygqHLgz7Mf8LsKxr9UsQLrf2BEv3lbRdMGW3WzXa/d30
 UqdNv1swNFehzLk1YpIcxbVJma2yNx9WQ2XQadgGK83Nqzi5/UqEYL7v5r3y78iY
 fae+Ln5Rmgwv/DfUaI/yE23gotfORh5J9Ez3fNLMA7Y0lsKmDXstHtgZWTATg0mZ
 nrnRmeTB8ZuBvaHDNTgiUrjof94l3O3u2mx66Z78OuA6OQWKY/E4JseM2ds/AfGg
 xZeDz+wWsnpPI94QgVGuMj6W1mD5xToLMRwRIcwKdmcC3YCoVAnO9w+B6eyvaKTA
 Yp9EfegA8LiFQaaaVV7M5nsqn/ghQGZDb4m0O4S+2t5ut6hwMOc24iCrO4VhrbVA
 qXb1aM8q45rK0VY0XdMmQ263Ia2bOtXQeABxqF8alRcx5ArjeUJ0FiKiSNYd7lEM
 DQLtMLWPWnU7Fj9OM2OQP+ZSlDWfc1/Fxld/sOd2xfpefsxk+79qZ6uxoX43zRJ6
 qgPoNt9ghMYlE/oU/ajiCxR3U9tLgoLizhJLCem95uq1ppOSIHes4+D1WQ9eunJR
 d+v30aC9wVC6DahIG1ZZY8Zps2FZw53hRjnbsdwKEnbR+F8uloy7XyBFqTLXxViA
 jBiRS3i0MWz34A==
 =lWCC
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/xtensa/tags/20190228-xtensa' into staging

target/xtensa: FLIX support, various fixes and test improvements

- add FLIX (flexible length instructions extension) support;
- make testsuite runnable on wider range of xtensa cores;
- add floating point opcode tests;
- don't add duplicate 'static' in import_core.sh script;
- fix undefined opcodes detection in test_mmuhifi_c3 overlay.

# gpg: Signature made Thu 28 Feb 2019 12:53:23 GMT
# gpg:                using RSA key 2B67854B98E5327DCDEB17D851F9CC91F83FA044
# gpg:                issuer "jcmvbkbc@gmail.com"
# gpg: Good signature from "Max Filippov <filippov@cadence.com>" [unknown]
# gpg:                 aka "Max Filippov <max.filippov@cogentembedded.com>" [full]
# gpg:                 aka "Max Filippov <jcmvbkbc@gmail.com>" [full]
# Primary key fingerprint: 2B67 854B 98E5 327D CDEB  17D8 51F9 CC91 F83F A044

* remotes/xtensa/tags/20190228-xtensa: (40 commits)
  tests/tcg/xtensa: add FPU2000 coprocessor tests
  tests/tcg/xtensa: add FP1 group tests
  tests/tcg/xtensa: add FP0 group conversion tests
  tests/tcg/xtensa: add FP0 group arithmetic tests
  tests/tcg/xtensa: add LSCI/LSCX group tests
  tests/tcg/xtensa: add test for FLIX
  tests/tcg/xtensa: conditionalize MMU-related tests
  tests/tcg/xtensa: conditionalize windowed register tests
  tests/tcg/xtensa: conditionalize and fix s32c1i tests
  tests/tcg/xtensa: fix SR tests for big endian configs
  tests/tcg/xtensa: conditionalize and expand SR tests
  tests/tcg/xtensa: conditionalize timer/CCOUNT tests
  tests/tcg/xtensa: conditionalize interrupt tests
  tests/tcg/xtensa: add straightforward conditionals
  tests/tcg/xtensa: conditionalize cache option tests
  tests/tcg/xtensa: conditionalize debug option tests
  tests/tcg/xtensa: enable boolean tests
  tests/tcg/xtensa: fix endianness issues in test_b
  tests/tcg/xtensa: don't use optional opcodes in generic code
  tests/tcg/xtensa: support configs with LITBASE
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-02-28 19:04:16 +00:00
Peter Maydell
711d13d5e2 MIPS queue for February 27th, 2019
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJcdpBIAAoJENSXKoln91plXDcH/377ByoCFuKu0uYN0f8m3eJ5
 wCwOrcwExM36vga/zaMCkkj44TbrzpNtjeo/frBn+8pabFDpfF6NOXlBSC+CE/hg
 i3G4Wm09GeNOyPH9JIdvItE1LvL3EEOf10pbheNdv6PeuFPRnUAV4pyQ/Rcu9USC
 7pAwIJvR3GYXAEhsqa8sKbbuCBq1oiFXWpsEuBNwybWKgdVEpia6IJVYDi+xwnVc
 FcpMF7BAqZDIX13kCSIgOAaa/XCKRFgxUYnZMd3bwD9m+x3iC442eS7Idx/HyXXK
 5HDeyubff8bMKBzTUWFuM1J8t0uuQsRDqR61WptQ0rxf5Qf9Uiv9OcAww+LIENI=
 =9h9l
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/amarkovic/tags/mips-queue-feb-27-2019' into staging

MIPS queue for February 27th, 2019

# gpg: Signature made Wed 27 Feb 2019 13:27:36 GMT
# gpg:                using RSA key D4972A8967F75A65
# gpg: Good signature from "Aleksandar Markovic <amarkovic@wavecomp.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8526 FBF1 5DA3 811F 4A01  DD75 D497 2A89 67F7 5A65

* remotes/amarkovic/tags/mips-queue-feb-27-2019:
  target/mips: Preparing for adding MMI instructions
  tests/tcg: target/mips: Add tests for MSA integer max/min instructions
  tests/tcg: target/mips: Add wrappers for MSA integer max/min instructions
  qemu-doc: Add section on MIPS' Boston board
  qemu-doc: Add section on MIPS' Fulong 2E board
  qemu-doc: Move section on MIPS' mipssim pseudo board
  disas: nanoMIPS: Fix a function misnomer
  tests/tcg: target/mips: Add tests for MSA integer compare instructions

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-02-28 12:59:49 +00:00
Max Filippov
de0cebd930 tests/tcg/xtensa: add FPU2000 coprocessor tests
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-02-28 04:43:24 -08:00
Max Filippov
fd78bc55a4 tests/tcg/xtensa: add FP1 group tests
Test comparisons and conditional move operations.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-02-28 04:43:24 -08:00
Max Filippov
710b15f041 tests/tcg/xtensa: add FP0 group conversion tests
Test conversions for normal, NaN and Inf arguments.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-02-28 04:43:23 -08:00
Max Filippov
9d012e8ec2 tests/tcg/xtensa: add FP0 group arithmetic tests
Test arithmetic operations for normal, NaN and Inf arguments.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-02-28 04:43:23 -08:00
Max Filippov
5e33b037b5 tests/tcg/xtensa: add LSCI/LSCX group tests
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-02-28 04:43:23 -08:00
Max Filippov
ebbd775aab tests/tcg/xtensa: add test for FLIX
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-02-28 04:43:23 -08:00
Max Filippov
3db8a95e70 tests/tcg/xtensa: conditionalize MMU-related tests
Make MMU-related tests conditional on the presence of MMUv2 option.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-02-28 04:43:23 -08:00
Max Filippov
c20e10eac8 tests/tcg/xtensa: conditionalize windowed register tests
Make windowed register tests conditional on the presence of this option.
Fix tests to work correctly for both 32 and 64 physical registers.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-02-28 04:43:23 -08:00
Max Filippov
00988da486 tests/tcg/xtensa: conditionalize and fix s32c1i tests
Make s32c1i tests conditional on the presence of this option. Initialize
ATOMCTL SR when it's present to allow RCW transactions on uncached
memory.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-02-28 04:43:23 -08:00
Max Filippov
9b2d08a066 tests/tcg/xtensa: fix SR tests for big endian configs
SR tests generate instructions that the assembler does not recognize and
thus must take care about configuration endianness.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-02-28 04:43:23 -08:00
Max Filippov
50d3a0feae tests/tcg/xtensa: conditionalize and expand SR tests
Make tests for specific special registers conditional on the presence of
the options that add these registers and test that the registers are not
accessible otherwise.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-02-28 04:43:23 -08:00
Max Filippov
02a5a4a877 tests/tcg/xtensa: conditionalize timer/CCOUNT tests
Make timer/CCOUNT tests conditional on the presence of timer option and
number of configured timers. Don't use hard coded interrupt levels for
timers, use configured values.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-02-28 04:43:23 -08:00
Max Filippov
9c98822619 tests/tcg/xtensa: conditionalize interrupt tests
Make interrupt tests conditional on the presence of interrupt option and
on the presence of level-1 and high level software interrupts. Don't use
hard-coded interrupt level for the high level interrupt tests, choose
high level software IRQ and use its configured level.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-02-28 04:43:23 -08:00
Max Filippov
50f0171a95 tests/tcg/xtensa: add straightforward conditionals
Make tests for optional instruction groups conditional on the presence
of corresponding options in the config.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-02-28 04:43:23 -08:00
Max Filippov
ecf5b57759 tests/tcg/xtensa: conditionalize cache option tests
Make data/instruction tests conditional on the presence of
data/instruction cache, whether they're lockable and whether data cache
is writeback.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-02-28 04:43:23 -08:00
Max Filippov
66c58ba71b tests/tcg/xtensa: conditionalize debug option tests
Make debug tests conditional on the presence of the debug option in the
config and tests that depend on the presence/number of instruction or
data breakpoint registers on the corresponding definitions. Use
configured debug interrupt level instead of the hardcoded value to set
up IRQ handler and access debug EPC register.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-02-28 04:43:23 -08:00
Max Filippov
912f161ff7 tests/tcg/xtensa: enable boolean tests
Uncomment test_boolean in the test makefile. Make actual tests code
conditional on the presence of boolean option in the config.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-02-28 04:43:23 -08:00
Max Filippov
64eef9bf95 tests/tcg/xtensa: fix endianness issues in test_b
Use bbci.l/bbsi.l instead of bbci/bbsi, as they are assembly macros that
accept little-endian bit number and produce correct immediate for both
little and big endian configurations. Choose value loaded into register
for bbc/bbs opcodes based on configuration endianness.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-02-28 04:43:22 -08:00
Max Filippov
fafd553343 tests/tcg/xtensa: don't use optional opcodes in generic code
Don't use 'loop' opcode in generic testsuite completion code, only use
core opcodes to make it work with any configuration.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-02-28 04:43:22 -08:00
Max Filippov
306a69dad4 tests/tcg/xtensa: support configs with LITBASE
Configurations with LITBASE register may use absolute literals by
default. Pass --no-absolute-literals option to assembler to use
PC-relative literals instead.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-02-28 04:43:22 -08:00
Max Filippov
906da88291 tests/tcg/xtensa: support configurations w/o vecbase
Configurations w/o vecbase may have vectors not grouped together and not
in fixed order. They may not always be grouped into single output
sections by assigning next offset to dot, as it may sometimes move dot
backwards and sometimes they may even belong to different memory region.
Don't group vectors into single output section. Instead put each vector
into its own section ant put it at its default virtual address.
Reserve 4KBytes from the default vectors base and put rest of the code
and data starting from there. Mark vectors sections as executable,
otherwise their contents is discarded. There may be as little as 16
bytes reserved for some vectors, load handler address into a0 and use
ret.n to jump there to make vector code fit into this 16 byte space.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-02-28 04:43:22 -08:00
Max Filippov
0ed040db36 tests/tcg/xtensa: indicate failed tests
When test suite with multiple tests fails it's not obvious which test
failed. Pring "failed" in every invocation of test_fail. Do printing
when DEBUG preprocessor macro is defined.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-02-28 04:43:22 -08:00
Peter Maydell
093a2af7b6 nbd patches for 2019-02-25
- iotest failure fixes for tests related to NBD
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABCAAGBQJcdW1XAAoJEKeha0olJ0NqNH8H/2DF/IVFGIx0mNlBjeu7pk8E
 /qDa4V19g6/Hyl/DTdqHi8afipewav+hNbhBrT9SCFtF+tON13HZqMoFJYcoQ+iU
 eBRwgpSPXhAMmVsoEYlYBATjq/+B8IpNEhj8uGd9VqhsnSYElgHnyIlSw+znw/KR
 t9/LTXKCRkabUgjNqzQcuV+8w8IeusjDocFIVaFZiTnUAgTXx/vIR9AGUtgwkJE0
 WFOUFTLYwy20h9J6FOzyhBG9hqM6KH9JYaKY7laJSzEanY5A6c8XrAfdI39o3oQb
 I0/GmDKos0yKAvdlXsULu/nStu8NYl+ET36Qi80Bc4Uo9XJeUx/IbioSFNnGjfY=
 =AIRl
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2019-02-25-v2' into staging

nbd patches for 2019-02-25

- iotest failure fixes for tests related to NBD

# gpg: Signature made Tue 26 Feb 2019 16:46:15 GMT
# gpg:                using RSA key A7A16B4A2527436A
# gpg: Good signature from "Eric Blake <eblake@redhat.com>" [full]
# gpg:                 aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>" [full]
# gpg:                 aka "[jpeg image of size 6874]" [full]
# Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2  F3AA A7A1 6B4A 2527 436A

* remotes/ericb/tags/pull-nbd-2019-02-25-v2:
  iotests: avoid broken pipe with certtool
  iotests: ensure we print nbd server log on error
  iotests: handle TypeError for Python 3 in test 242

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-02-28 12:02:07 +00:00
Philippe Mathieu-Daudé
a9d2e3f11c tests/test-qga: Reenable guest-agent qtest
Due to a misuse of rules.mak logical functions, commit f386df1744
disabled the guest-agent test.
Enable it back.

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2019-02-28 12:18:18 +01:00
Peter Maydell
4f9ca54d12 Softloat updates, mostly in preparation for s390x usage
-----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAlx1SJ4ACgkQ+9DbCVqe
 KkRLvgf/RyooKgC4+Gien26iuaEEaNJXcPmwPfzC18BiuxIV6GuWAIX3A5X8LRvJ
 HlRj32ervZUMPLk2Amttur9ijh8MCifTt7KyRIFWW1e97WCHX0BuD+DZgD8xT5yX
 zEL8z1MVdyh9ZeBQm930LbcwLeEwtV1jZHCNdlYNhFI4ZlZ8F4SmRdv8rfbAwz0d
 1aC6rDSQhRaY6j5EurTZvDo4s1PA0fYa6LOkWSX/6rCWg1Z2Dtmb16ZTYscBFZ2P
 RhDILojQ6DSPvglcgCYzd/kCQD+OzE3TRSQc40MCS6gX8C4rfAkiuYpDFKNvzdnE
 aAkzemgiBBnslJ0m2VEmfGuJmvXbVg==
 =ApKt
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stsquad/tags/pull-fpu-next-260219-1' into staging

Softloat updates, mostly in preparation for s390x usage

# gpg: Signature made Tue 26 Feb 2019 14:09:34 GMT
# gpg:                using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [full]
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8  DF35 FBD0 DB09 5A9E 2A44

* remotes/stsquad/tags/pull-fpu-next-260219-1:
  tests/Makefile.include: test all rounding modes of softfloat
  softfloat: Support float_round_to_odd more places
  tests/fp: enable f128_to_ui[32/64] tests in float-to-uint
  tests/fp: add wrapping for f128_to_ui32
  softfloat: Implement float128_to_uint32
  softfloat: add float128_is_{normal,denormal}
  tests: Ignore fp test outputs

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-02-28 11:13:32 +00:00
Peter Maydell
1387294169 ppc patch queue 2019-02-26
Next set of patches for ppc and spapr.  There's a lot in this one:
  * Support "STOP light" states on POWER9
  * Add support for HVI interrupts on POWER9 (powernv machine)
  * CVE-2019-8934: Don't leak host model and serial information to the guest
  * Tests and cleanups for various hot unplug options
  * Hash and radix MMU implementation on POWER9 for powernv machine
  * PCI Host Bridge hotplug support for pseries machine
  * Allow larger kernels and initrds for powernv machine
 
 Plus a handful of miscellaneous fixes and cleanups.
 
 The cpu hotplug tests and cleanups from David Hildenbrand aren't
 solely power related.  However the consensus amongst Michael Tsirkin,
 David Hildenbrand, Cornelia Huck and myself was that it made most
 sense to come in via my tree.
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEdfRlhq5hpmzETofcbDjKyiDZs5IFAlx0tIoACgkQbDjKyiDZ
 s5I+ZhAA1LHyTGh2xXYcE1BFUFeYWqpDmFEghKSGvnCjhqkPoACBUyR3GKcNF+vf
 sgX/OgoPPgXE8QpB/4hzcMxiNxFTPNOX+1p5oGv3zzokjyF7qtlVvVub3BI0cvjg
 37eGLW9iLmc/PhiS7kDVSDwQpyhombsU4jb73cp6RqYTKT0wHHl/As3WmzIWW4bk
 BguUE6zPROEuVyQSxiL2pTWv4UBSsMrqqwCBkbAohXkDCjntaSdHCxmaHyf+VXqe
 ac50BSIAkAEIiJiPOGEJkuIOm1goE823RGwuPQWvkfM3flozmTYWh/Y+Y2t9NMBR
 sC8Ly9Wo3Lz/sDr3cfL5HZ3NXCayDZwJEllbHqzDyjSJzU3gY3XMyWnIM0NTckTr
 n5wX1OLghTYkgYkDLRyi9Nj1Gd0B11OfMsw17/Bj9hyz3k1KdgyJ98UZkwUBqvbC
 kwrwkSutMrs8qqAZM6xtn++ABYgxhLOlY83U8rfAXEebUixAj/6WOmxgyYiV+m/n
 9qQfPD8301lxpmmowBVuGyBKcdFUJ+QYNXD3a1S/vphvA2+G1y1SccMrlz2WEYol
 gXVVe1tpA0ohmwflFX87zDOeyvO1gezhtXdaDlVjyeXOaGYUV3Srjei9w1p3PTs0
 FsKwC/bL+cbTmi43qj5et0HG5Fx48fjIOjEqCcVBaz0ZQqjkdus=
 =Z4Z6
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-4.0-20190226' into staging

ppc patch queue 2019-02-26

Next set of patches for ppc and spapr.  There's a lot in this one:
 * Support "STOP light" states on POWER9
 * Add support for HVI interrupts on POWER9 (powernv machine)
 * CVE-2019-8934: Don't leak host model and serial information to the guest
 * Tests and cleanups for various hot unplug options
 * Hash and radix MMU implementation on POWER9 for powernv machine
 * PCI Host Bridge hotplug support for pseries machine
 * Allow larger kernels and initrds for powernv machine

Plus a handful of miscellaneous fixes and cleanups.

The cpu hotplug tests and cleanups from David Hildenbrand aren't
solely power related.  However the consensus amongst Michael Tsirkin,
David Hildenbrand, Cornelia Huck and myself was that it made most
sense to come in via my tree.

# gpg: Signature made Tue 26 Feb 2019 03:37:46 GMT
# gpg:                using RSA key 75F46586AE61A66CC44E87DC6C38CACA20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>" [full]
# gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>" [full]
# gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>" [full]
# gpg:                 aka "David Gibson (kernel.org) <dwg@kernel.org>" [unknown]
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392

* remotes/dgibson/tags/ppc-for-4.0-20190226: (50 commits)
  ppc/pnv: use IEC binary prefixes to represent sizes
  ppc/pnv: add INITRD_MAX_SIZE constant
  ppc/pnv: increase kernel size limit to 256MiB
  hw/ppc: Use object_initialize_child for correct reference counting
  ppc/xive: xive does not have a POWER7 interrupt model
  tests/device-plug: Add PHB unplug request test for spapr
  spapr: enable PHB hotplug for default pseries machine type
  spapr: add hotplug hooks for PHB hotplug
  spapr_pci: add ibm, my-drc-index property for PHB hotplug
  spapr_pci: provide node start offset via spapr_populate_pci_dt()
  spapr_events: add support for phb hotplug events
  spapr: populate PHB DRC entries for root DT node
  spapr: create DR connectors for PHBs
  spapr_pci: add PHB unrealize
  spapr_irq: Expose the phandle of the interrupt controller
  spapr: Expose the name of the interrupt controller node
  xics: Write source state to KVM at claim time
  spapr/drc: Drop spapr_drc_attach() fdt argument
  spapr/pci: Generate FDT fragment at configure connector time
  spapr: Generate FDT fragment for CPUs at configure connector time
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-02-28 10:28:00 +00:00
Aleksandar Markovic
1e6bea794c tests/tcg: target/mips: Add tests for MSA integer max/min instructions
Add tests for MSA integer max/min instructions. This includes
following instructions:

  * MAX_A.B - maximum of absolute of two signed values (bytes)
  * MAX_A.H - maximum of absolute of two signed values (halfwords)
  * MAX_A.W - maximum of absolute of two signed values (words)
  * MAX_A.D - maximum of absolute of two signed values (doublewords)
  * MIN_A.B - minimum of absolute of two signed values (bytes)
  * MIN_A.H - minimum of absolute of two signed values (halfwords)
  * MIN_A.W - minimum of absolute of two signed values (words)
  * MIN_A.D - minimum of absolute of two signed values (doublewords)
  * MAX_S.B - maximum of two signed values (bytes)
  * MAX_S.H - maximum of two signed values (halfwords)
  * MAX_S.W - maximum of two signed values (words)
  * MAX_S.D - maximum of two signed values (doublewords)
  * MIN_S.B - minimum of two signed values (bytes)
  * MIN_S.H - minimum of two signed values (halfwords)
  * MIN_S.W - minimum of two signed values (words)
  * MIN_S.D - minimum of two signed values (doublewords)
  * MAX_U.B - maximum of two unsigned values (bytes)
  * MAX_U.H - maximum of two unsigned values (halfwords)
  * MAX_U.W - maximum of two unsigned values (words)
  * MAX_U.D - maximum of two unsigned values (doublewords)
  * MIN_U.B - minimum of two unsigned values (bytes)
  * MIN_U.H - minimum of two unsigned values (halfwords)
  * MIN_U.W - minimum of two unsigned values (words)
  * MIN_U.D - minimum of two unsigned values (doublewords)

Each test consists of 80 test cases, so altogether there are 1920
test cases.

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Message-Id: <1551185735-17154-8-git-send-email-aleksandar.markovic@rt-rk.com>
2019-02-27 14:26:14 +01:00
Aleksandar Markovic
1f3a111ecc tests/tcg: target/mips: Add wrappers for MSA integer max/min instructions
Add wrappers for MSA integer max/min instructions.

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Message-Id: <1551185735-17154-7-git-send-email-aleksandar.markovic@rt-rk.com>
2019-02-27 14:26:14 +01:00
Aleksandar Markovic
520e210c0a tests/tcg: target/mips: Add tests for MSA integer compare instructions
Add tests for MSA integer compare instructions. This includes
following instructions:

  * CEQ.B - integer compare equal (bytes)
  * CEQ.H - integer compare equal (halfwords)
  * CEQ.W - integer compare equal (words)
  * CEQ.D - integer compare equal (doublewords)
  * CLE_S.B - signed integer compare less or equal (bytes)
  * CLE_S.H - signed integer compare less or equal (halfwords)
  * CLE_S.W - signed integer compare less or equal (words)
  * CLE_S.D - signed integer compare less or equal (doublewords)
  * CLE_U.B - unsigned integer compare less or equal (bytes)
  * CLE_U.H - unsigned integer compare less or equal (halfwords)
  * CLE_U.W - unsigned integer compare less or equal (words)
  * CLE_U.D - unsigned integer compare less or equal (doublewords)
  * CLT_S.B - signed integer compare less or equal (bytes)
  * CLT_S.H - signed integer compare less or equal (halfwords)
  * CLT_S.W - signed integer compare less or equal (words)
  * CLT_S.D - signed integer compare less or equal (doublewords)
  * CLT_U.B - unsigned integer compare less or equal (bytes)
  * CLT_U.H - unsigned integer compare less or equal (halfwords)
  * CLT_U.W - unsigned integer compare less or equal (words)
  * CLT_U.D - unsigned integer compare less or equal (doublewords)

Each test consists of 80 test cases, so altogether there are 1600 test
cases.

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Message-Id: <1551185735-17154-2-git-send-email-aleksandar.markovic@rt-rk.com>
2019-02-27 14:26:14 +01:00
Peter Maydell
adf2e451f3 Block layer patches:
- Block graph change fixes (avoid loops, cope with non-tree graphs)
 - bdrv_set_aio_context() related fixes
 - HMP snapshot commands: Use only tag, not the ID to identify snapshots
 - qmeu-img, commit: Error path fixes
 - block/nvme: Build fix for gcc 9
 - MAINTAINERS updates
 - Fix various issues with bdrv_refresh_filename()
 - Fix various iotests
 - Include LUKS overhead in qemu-img measure for qcow2
 - A fix for vmdk's image creation interface
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJcc/knAAoJEH8JsnLIjy/WptQP/3F8Lh52H4egXaP7NUUuDjQM
 AhqhuDAp/EZBS+xim9kLTogNJADe/rMWdSX/YB5aLpSPYbjasC66NgaLhd6QewgQ
 VIcsLUdlYAyZ5ZjJytimfMTLwm1X02RmVIe55y52DTY8LlfViZzOlf3qwqPm00ao
 EJB2cl8UJLM+PVEu59cCw3R0/06LY+WIJRB32d3tnCBRTkaJwfR9h4lrp/juVcFZ
 U+2eWU68KMbUHSYiWANowN+KRV3uPY4HVA98v3F0vDmcBxlVHOeBg6S+PcT7tK8p
 huzCMwcdwUyPMJgVs/+WBtUnbG0jN6SHUYmFLz859UMVgBnCw5tzBMf8qw1wOA4A
 Iw+zor27Pxj4IlxcLPp5f97YZ8k9acdMR2VKPH6xLJZ1JF+sKa54RfzESd5EJeIj
 Mfcp773H0lIaWcFJ6RY1F0L1E1ta7QigwNBiWMdYfh0a0EWHnDvGyYeaSPYEQ+rl
 e8bZOcfrYwVI7DTDiZOIkGA9D8DXEPDNp+sl6s1DxeY69D0NNaXTtCPqFNNAbFbd
 20uD7yDRZlWq32cQB/K9D5cSkZRSOzdUpLfLU3nQU2+dz11x6OpM6m7DVboSrztD
 1HtPPDzDEvH5dOP7ibd60s+ntjkSiNfNkUgnuVrBE/d/PocC1eHHpZt5V7f43Ofb
 RxVwH5+smzQ9nsNBfQR0
 =gaah
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches:

- Block graph change fixes (avoid loops, cope with non-tree graphs)
- bdrv_set_aio_context() related fixes
- HMP snapshot commands: Use only tag, not the ID to identify snapshots
- qmeu-img, commit: Error path fixes
- block/nvme: Build fix for gcc 9
- MAINTAINERS updates
- Fix various issues with bdrv_refresh_filename()
- Fix various iotests
- Include LUKS overhead in qemu-img measure for qcow2
- A fix for vmdk's image creation interface

# gpg: Signature made Mon 25 Feb 2019 14:18:15 GMT
# gpg:                using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full]
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream: (71 commits)
  iotests: Skip 211 on insufficient memory
  vmdk: false positive of compat6 with hwversion not set
  iotests: add LUKS payload overhead to 178 qemu-img measure test
  qcow2: include LUKS payload overhead in qemu-img measure
  iotests.py: s/_/-/g on keys in qmp_log()
  iotests: Let 045 be run concurrently
  iotests: Filter SSH paths
  iotests.py: Filter filename in any string value
  iotests.py: Add is_str()
  iotests: Fix 207 to use QMP filters for qmp_log
  iotests: Fix 232 for LUKS
  iotests: Remove superfluous rm from 232
  iotests: Fix 237 for Python 2.x
  iotests: Re-add filename filters
  iotests: Test json:{} filenames of internal BDSs
  block: BDS options may lack the "driver" option
  block/null: Generate filename even with latency-ns
  block/curl: Implement bdrv_refresh_filename()
  block/curl: Harmonize option defaults
  block/nvme: Fix bdrv_refresh_filename()
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-02-26 19:04:47 +00:00
Daniel P. Berrangé
3e6f45446b iotests: avoid broken pipe with certtool
When we run "certtool 2>&1 | head -1" the latter command is likely to
complete and exit before certtool has written everything it wants to
stderr. In at least the RHEL-7 gnutls 3.3.29 this causes certtool to
quit with broken pipe before it has finished writing the desired
output file to disk. This causes non-deterministic failures of the
iotest 233 because the certs are sometimes zero length files.
If certtool fails the "head -1" means we also lose any useful error
message it would have printed.

Thus this patch gets rid of the pipe and post-processes the output in a
more flexible & reliable manner.

Reported-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20190220145819.30969-3-berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2019-02-26 10:45:37 -06:00
Daniel P. Berrangé
84f8b840a2 iotests: ensure we print nbd server log on error
If we abort the iotest early the server.log file might contain useful
information for diagnosing the problem. Ensure its contents are
displayed in this case.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20190220145819.30969-2-berrange@redhat.com>
[eblake: fix shell quoting]
Signed-off-by: Eric Blake <eblake@redhat.com>
2019-02-26 10:45:37 -06:00
Andrey Shinkevich
42eb4591fe iotests: handle TypeError for Python 3 in test 242
The data type for bytes in Python 3 differs from the one in Python 2.
The type cast that is compatible with both versions was applied.

Signed-off-by: Nir Soffer <nsoffer@redhat.com>
Signed-off-by: Andrey Shinkevich <andrey.shinkevich@virtuozzo.com>
Reported-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <1551197495-24425-1-git-send-email-andrey.shinkevich@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2019-02-26 10:37:06 -06:00
Daniel P. Berrange
b76806d4ec authz: delete existing ACL implementation
The 'qemu_acl' type was a previous non-QOM based attempt to provide an
authorization facility in QEMU. Because it is non-QOM based it cannot be
created via the command line and requires special monitor commands to
manipulate it.

The new QAuthZ subclasses provide a superset of the functionality in
qemu_acl, so the latter can now be deleted. The HMP 'acl_*' monitor
commands are converted to use the new QAuthZSimple data type instead
in order to provide temporary backwards compatibility.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2019-02-26 15:32:19 +00:00
Daniel P. Berrange
8953caf3cd authz: add QAuthZPAM object type for authorizing using PAM
Add an authorization backend that talks to PAM to check whether the user
identity is allowed. This only uses the PAM account validation facility,
which is essentially just a check to see if the provided username is permitted
access. It doesn't use the authentication or session parts of PAM, since
that's dealt with by the relevant part of QEMU (eg VNC server).

Consider starting QEMU with a VNC server and telling it to use TLS with
x509 client certificates and configuring it to use an PAM to validate
the x509 distinguished name. In this example we're telling it to use PAM
for the QAuthZ impl with a service name of "qemu-vnc"

 $ qemu-system-x86_64 \
     -object tls-creds-x509,id=tls0,dir=/home/berrange/security/qemutls,\
             endpoint=server,verify-peer=yes \
     -object authz-pam,id=authz0,service=qemu-vnc \
     -vnc :1,tls-creds=tls0,tls-authz=authz0

This requires an /etc/pam/qemu-vnc file to be created with the auth
rules. A very simple file based whitelist can be setup using

  $ cat > /etc/pam/qemu-vnc <<EOF
  account         requisite       pam_listfile.so item=user sense=allow file=/etc/qemu/vnc.allow
  EOF

The /etc/qemu/vnc.allow file simply contains one username per line. Any
username not in the file is denied. The usernames in this example are
the x509 distinguished name from the client's x509 cert.

  $ cat > /etc/qemu/vnc.allow <<EOF
  CN=laptop.berrange.com,O=Berrange Home,L=London,ST=London,C=GB
  EOF

More interesting would be to configure PAM to use an LDAP backend, so
that the QEMU authorization check data can be centralized instead of
requiring each compute host to have file maintained.

The main limitation with this PAM module is that the rules apply to all
QEMU instances on the host. Setting up different rules per VM, would
require creating a separate PAM service name & config file for every
guest. An alternative approach for the future might be to not pass in
the plain username to PAM, but instead combine the VM name or UUID with
the username. This requires further consideration though.

Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2019-02-26 15:32:19 +00:00
Daniel P. Berrangé
55d869846d authz: add QAuthZListFile object type for a file access control list
Add a QAuthZListFile object type that implements the QAuthZ interface. This
built-in implementation is a proxy around the QAuthZList object type,
initializing it from an external file, and optionally, automatically
reloading it whenever it changes.

To create an instance of this object via the QMP monitor, the syntax
used would be:

      {
        "execute": "object-add",
        "arguments": {
          "qom-type": "authz-list-file",
          "id": "authz0",
          "props": {
            "filename": "/etc/qemu/vnc.acl",
	    "refresh": true
          }
        }
      }

If "refresh" is "yes", inotify is used to monitor the file,
automatically reloading changes. If an error occurs during reloading,
all authorizations will fail until the file is next successfully
loaded.

The /etc/qemu/vnc.acl file would contain a JSON representation of a
QAuthZList object

    {
      "rules": [
         { "match": "fred", "policy": "allow", "format": "exact" },
         { "match": "bob", "policy": "allow", "format": "exact" },
         { "match": "danb", "policy": "deny", "format": "glob" },
         { "match": "dan*", "policy": "allow", "format": "exact" },
      ],
      "policy": "deny"
    }

This sets up an authorization rule that allows 'fred', 'bob' and anyone
whose name starts with 'dan', except for 'danb'. Everyone unmatched is
denied.

The object can be loaded on the comand line using

   -object authz-list-file,id=authz0,filename=/etc/qemu/vnc.acl,refresh=yes

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-02-26 15:32:18 +00:00
Daniel P. Berrange
c8c99887d1 authz: add QAuthZList object type for an access control list
Add a QAuthZList object type that implements the QAuthZ interface. This
built-in implementation maintains a trivial access control list with a
sequence of match rules and a final default policy. This replicates the
functionality currently provided by the qemu_acl module.

To create an instance of this object via the QMP monitor, the syntax
used would be:

  {
    "execute": "object-add",
    "arguments": {
      "qom-type": "authz-list",
      "id": "authz0",
      "props": {
        "rules": [
           { "match": "fred", "policy": "allow", "format": "exact" },
           { "match": "bob", "policy": "allow", "format": "exact" },
           { "match": "danb", "policy": "deny", "format": "glob" },
           { "match": "dan*", "policy": "allow", "format": "exact" },
        ],
        "policy": "deny"
      }
    }
  }

This sets up an authorization rule that allows 'fred', 'bob' and anyone
whose name starts with 'dan', except for 'danb'. Everyone unmatched is
denied.

It is not currently possible to create this via -object, since there is
no syntax supported to specify non-scalar properties for objects. This
is likely to be addressed by later support for using JSON with -object,
or an equivalent approach.

In any case the future "authz-listfile" object can be used from the
CLI and is likely a better choice, as it allows the ACL to be refreshed
automatically on change.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2019-02-26 15:32:18 +00:00
Daniel P. Berrangé
fb5c4ebc08 authz: add QAuthZSimple object type for easy whitelist auth checks
In many cases a single VM will just need to whitelist a single identity
as the allowed user of network services. This is especially the case for
TLS live migration (optionally with NBD storage) where we just need to
whitelist the x509 certificate distinguished name of the source QEMU
host.

Via QMP this can be configured with:

  {
    "execute": "object-add",
    "arguments": {
      "qom-type": "authz-simple",
      "id": "authz0",
      "props": {
        "identity": "fred"
      }
    }
  }

Or via the command line

  -object authz-simple,id=authz0,identity=fred

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2019-02-26 15:25:58 +00:00
Daniel P. Berrangé
90e33dfec6 util: add helper APIs for dealing with inotify in portable manner
The inotify userspace API for reading events is quite horrible, so it is
useful to wrap it in a more friendly API to avoid duplicating code
across many users in QEMU. Wrapping it also allows introduction of a
platform portability layer, so that we can add impls for non-Linux based
equivalents in future.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-02-26 15:25:58 +00:00
Alex Bennée
bf30e8662c tests/Makefile.include: test all rounding modes of softfloat
We missed a bug in a recent patch as we were not testing all the
rounding modes for all operations. However enabling all rounding modes
for mulAdd does slow down the already slowest test and doesn't really
buy us much additional coverage so lets allow the default test flags
to be overridden.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2019-02-26 14:08:03 +00:00