- make -M virt test exercise -cpu max
- document how binfmt_misc docker works
- clean-up the devel TOC generation
- clean-up check-tcg cross-compile behaviour
- fix byte swap error in xmm gdbstub access
- add float_convd test with reference files
- more reference files for float_convs
- more cleanly handle gdb crashing during check-tcg
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmJgIgsACgkQ+9DbCVqe
KkRs3Qf/WnL4YV3l8jO/wEVbls/57aLPk+ak1GuvXJ+iM9gH8Qz6WZxIJIEhhHlu
ZEixCewahTn8POMMRo4JAr0bRgtfBuh717GerXObiHcS3OuLsGM8rYP2Z1xqKL3L
4pR8VqhyUq/Jyl/6MPN5OZB0AdEPIdI5MuflckCeDcFaowpthLjwHao07hG/FU0s
wQYS7aYTZT33V2Xm6xlePEEMq8YMPCJj00HF3Ljg4eUOmb+C+csFXMQtotsBJRCg
mC/T2U0IFbrQUkkWJqVmRCPwKraQGDMn6POk298siRWE0kV4BmH8mnmN+/Jxhqgl
QfFhQrsBxmPPG5TfQhEmlHfQ5EARLQ==
=8q12
-----END PGP SIGNATURE-----
Merge tag 'pull-fixes-for-7.1-200422-1' of https://github.com/stsquad/qemu into staging
Testing, docs and gdbstub updates:
- make -M virt test exercise -cpu max
- document how binfmt_misc docker works
- clean-up the devel TOC generation
- clean-up check-tcg cross-compile behaviour
- fix byte swap error in xmm gdbstub access
- add float_convd test with reference files
- more reference files for float_convs
- more cleanly handle gdb crashing during check-tcg
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmJgIgsACgkQ+9DbCVqe
# KkRs3Qf/WnL4YV3l8jO/wEVbls/57aLPk+ak1GuvXJ+iM9gH8Qz6WZxIJIEhhHlu
# ZEixCewahTn8POMMRo4JAr0bRgtfBuh717GerXObiHcS3OuLsGM8rYP2Z1xqKL3L
# 4pR8VqhyUq/Jyl/6MPN5OZB0AdEPIdI5MuflckCeDcFaowpthLjwHao07hG/FU0s
# wQYS7aYTZT33V2Xm6xlePEEMq8YMPCJj00HF3Ljg4eUOmb+C+csFXMQtotsBJRCg
# mC/T2U0IFbrQUkkWJqVmRCPwKraQGDMn6POk298siRWE0kV4BmH8mnmN+/Jxhqgl
# QfFhQrsBxmPPG5TfQhEmlHfQ5EARLQ==
# =8q12
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 20 Apr 2022 08:08:59 AM PDT
# gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44
* tag 'pull-fixes-for-7.1-200422-1' of https://github.com/stsquad/qemu: (25 commits)
tests/guest-debug: better handle gdb crashes
target/i386: fix byte swap issue with XMM register access
tests/tcg: add missing reference files for float_convs
tests/tcg: add float_convd test
tests/tcg: remove duplicate sha512-sse case
tests/tcg: fix non-static build
tests/docker: remove SKIP_DOCKER_BUILD
tests/tcg: isolate from QEMU's config-host.mak
tests/tcg: invoke Makefile.target directly from QEMU's makefile
tests/tcg: list test targets in Makefile.prereqs
tests/tcg: prepare Makefile.prereqs at configure time
tests/tcg: remove CONFIG_USER_ONLY from config-target.mak
tests/tcg: remove CONFIG_LINUX_USER from config-target.mak
tests/tcg: add compiler test variables when using containers
tests/docker: do not duplicate rules for hexagon-cross
tests/docker: simplify docker-TEST@IMAGE targets
tests/docker: remove unnecessary filtering of $(DOCKER_IMAGES)
tests/docker: inline variable definitions or move close to use
tests/docker: remove unnecessary default definitions
tests/docker: remove dead variable
...
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
This was confusing and in the case of qtest was hiding the details of
the qgraph sub-document in the qtest pages.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Acked-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220419091020.3008144-4-alex.bennee@linaro.org>
We document some of this on the wiki but lets move it into our
official developer notes documentation.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220419091020.3008144-3-alex.bennee@linaro.org>
SynDbg commands can come from two different flows:
1. Hypercalls, in this mode the data being sent is fully
encapsulated network packets.
2. SynDbg specific MSRs, in this mode only the data that needs to be
transfered is passed.
Signed-off-by: Jon Doron <arilou@gmail.com>
Reviewed-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
Message-Id: <20220216102500.692781-4-arilou@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Convert the TARGET_WORDS_BIGENDIAN macro, similarly to what was done
with HOST_BIG_ENDIAN. The new TARGET_BIG_ENDIAN macro is either 0 or 1,
and thus should always be defined to prevent misuse.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Suggested-by: Halil Pasic <pasic@linux.ibm.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220323155743.1585078-8-marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Add a section explaining how the Guest Owner should calculate the
expected guest launch measurement for SEV and SEV-ES.
Also update the name and links to the SEV API Spec document.
Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Suggested-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20220217110059.2320497-1-dovmurik@linux.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Pavel Pisa <pisa@cmp.felk.cvut.cz>
Reviewed-by: Francisco Iglesias <frasse.iglesias@gmail.com>
Message-id: 20220402204523.32643-1-pisa@cmp.felk.cvut.cz
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
QEMU plugins can be loaded via command line arguments or via
the QEMU_PLUGIN environment variable. Currently, only the first method
is documented. Let's document QEMU_PLUGIN.
As drive-by cleanup, this patch fixes the path to the plugins
in the same section of the documentation.
Signed-off-by: Christoph Muellner <cmuellner@linux.com>
Message-Id: <20220316181412.1550044-1-cmuellner@linux.com>
[AJB: fixed some minor typos]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
As far as I can tell nothing in the source tree uses this file. The
original comment mentions texi2pdf and I think that was all culled
when we switched to our rst documentation pipeline.
Fixes: 4ac2ee194b ("docs/interop: Convert qemu-qmp-ref to rST")
Cc: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20220316161038.3033723-1-alex.bennee@linaro.org>
We have a growing set of developer docs but the index is currently in
order of when stuff was added. Try and make things a bit easier to
find my adding sub indexes and organising into themes.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Kashyap Chamarthy <kchamart@redhat.com>
Message-Id: <20220315121251.2280317-7-alex.bennee@linaro.org>
Prefer the :option:`--name` form when cross-referencing other options
from the qemu-nbd documentation.
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20220314203818.3681277-2-eblake@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
- Dan Berrange: Allow qemu-nbd to support TLS over Unix sockets
- Eric Blake: Minor cleanups related to 64-bit block operations
-----BEGIN PGP SIGNATURE-----
iQEzBAABCAAdFiEEccLMIrHEYCkn0vOqp6FrSiUnQ2oFAmImtE8ACgkQp6FrSiUn
Q2ovmgf/aksDqf2eNcahs++fez+8Qi9ll5OY/qGyjnzBgsatYKjrK+xF7OnjoJox
eRX026lh81Q4EQK7oZBUnr2UCY4bncDBTI7MTLh603EV/tId5ZLwx007ERhzvtC1
mIsQHXNuO9X25LQG2eWnfunY9YztQpiT5r/g3khD2yPBqJWIvBfblzPLx6FkF7px
/WM8xEKCihmGr1Wr3b+zGYL083YkaBWCvHoR8mJt3tEFUj+Qie8XcdV0OVyI0XUj
5goIFRcpVwBE8P2nLtfUKNzEXz22cmdonOJUX7E5IvGO21k5F/HrWlHdo8JnuSUZ
t0w5L9yCxBrRpY1burz30b77J0WMCw==
=C8Dd
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2022-03-07' into staging
nbd patches for 2022-03-07
- Dan Berrange: Allow qemu-nbd to support TLS over Unix sockets
- Eric Blake: Minor cleanups related to 64-bit block operations
# gpg: Signature made Tue 08 Mar 2022 01:41:35 GMT
# gpg: using RSA key 71C2CC22B1C4602927D2F3AAA7A16B4A2527436A
# gpg: Good signature from "Eric Blake <eblake@redhat.com>" [full]
# gpg: aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>" [full]
# gpg: aka "[jpeg image of size 6874]" [full]
# Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2 F3AA A7A1 6B4A 2527 436A
* remotes/ericb/tags/pull-nbd-2022-03-07:
qemu-io: Allow larger write zeroes under no fallback
qemu-io: Utilize 64-bit status during map
nbd/server: Minor cleanups
tests/qemu-iotests: validate NBD TLS with UNIX sockets and PSK
tests/qemu-iotests: validate NBD TLS with UNIX sockets
tests/qemu-iotests: validate NBD TLS with hostname mismatch
tests/qemu-iotests: convert NBD TLS test to use standard filters
tests/qemu-iotests: introduce filter for qemu-nbd export list
tests/qemu-iotests: expand _filter_nbd rules
tests/qemu-iotests: add QEMU_IOTESTS_REGEN=1 to update reference file
block/nbd: don't restrict TLS usage to IP sockets
qemu-nbd: add --tls-hostname option for TLS certificate validation
block/nbd: support override of hostname for TLS certificate validation
block: pass desired TLS hostname through from block driver client
crypto: mandate a hostname when checking x509 creds on a client
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
vhost-user enabled on non-linux systems
beginning of nvme sriov support
bigger tx queue for vdpa
virtio iommu bypass
FADT flag to detect legacy keyboards
Fixes, cleanups all over the place
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
-----BEGIN PGP SIGNATURE-----
iQFDBAABCAAtFiEEXQn9CHHI+FuUyooNKB8NuNKNVGkFAmImipMPHG1zdEByZWRo
YXQuY29tAAoJECgfDbjSjVRpD5AH/jz73VVDE3dZTtsdEH/f2tuO8uosur9fIjHJ
nCMwBoosdDWmrWjrwxynmG6e+qIcOHEGdTInvS1TY2OTU+elNNTiR57pWiljXRsJ
2kNIXKp4dXaYI/bxmKUzKSoVscyWxL686ND4U8sZhuppSNrWpLmMUNgwqmYjQQLV
yd2JpIKgZYnzShPnJMDtF3ItcCHetY6jeB28WAclKywIEuCTmjulYCTaH5ujroG9
rykMaQIjoe/isdmCcBx05UuMxH61vf5L8pR06N6e3GO9T2/Y/hWuteVoEJaCQvNa
+zIyL2hOjGuMKr+icLo9c42s3yfwWNsRfz87wqdAY47yYSyc1wo=
=3NVe
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
virtio,pc,pci: features, cleanups, fixes
vhost-user enabled on non-linux systems
beginning of nvme sriov support
bigger tx queue for vdpa
virtio iommu bypass
FADT flag to detect legacy keyboards
Fixes, cleanups all over the place
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Mon 07 Mar 2022 22:43:31 GMT
# gpg: using RSA key 5D09FD0871C8F85B94CA8A0D281F0DB8D28D5469
# gpg: issuer "mst@redhat.com"
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full]
# gpg: aka "Michael S. Tsirkin <mst@redhat.com>" [full]
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67
# Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469
* remotes/mst/tags/for_upstream: (47 commits)
hw/acpi/microvm: turn on 8042 bit in FADT boot architecture flags if present
tests/acpi: i386: update FACP table differences
hw/acpi: add indication for i8042 in IA-PC boot flags of the FADT table
tests/acpi: i386: allow FACP acpi table changes
docs: vhost-user: add subsection for non-Linux platforms
configure, meson: allow enabling vhost-user on all POSIX systems
vhost: use wfd on functions setting vring call fd
event_notifier: add event_notifier_get_wfd()
pci: drop COMPAT_PROP_PCP for 2.0 machine types
hw/smbios: Add table 4 parameter, "processor-id"
x86: cleanup unused compat_apic_id_mode
vhost-vsock: detach the virqueue element in case of error
pc: add option to disable PS/2 mouse/keyboard
acpi: pcihp: pcie: set power on cap on parent slot
pci: expose TYPE_XIO3130_DOWNSTREAM name
pci: show id info when pci BDF conflict
hw/misc/pvpanic: Use standard headers instead
headers: Add pvpanic.h
pci-bridge/xio3130_downstream: Fix error handling
pci-bridge/xio3130_upstream: Fix error handling
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
# Conflicts:
# docs/specs/index.rst
When using the --list option, qemu-nbd acts as an NBD client rather
than a server. As such when using TLS, it has a need to validate
the server certificate. This adds a --tls-hostname option which can
be used to override the default hostname used for certificate
validation.
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20220304193610.3293146-5-berrange@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Add a section explaining how vhost-user is supported on platforms
other than Linux.
Signed-off-by: Sergio Lopez <slp@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20220304100854.14829-5-slp@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Add a small intro + minimal documentation for how to
implement SR/IOV support for an emulated device.
Signed-off-by: Knut Omang <knuto@ifi.uio.no>
Message-Id: <20220217174504.1051716-3-lukasz.maniak@linux.intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
The list of machine types grows larger and larger each release ... and
it is unlikely that many people still use the very old ones for live
migration. QEMU v1.7 has been released more than 8 years ago, so most
people should have updated their machines to a newer version in those
8 years at least once. Thus let's mark the very old 1.x machine types
as deprecated now.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20220117191639.278497-1-thuth@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
- qemu-storage-daemon: Add --daemonize
- Fix x-blockdev-amend and block node activation code which incorrectly
executed code in the iothread that must run in the main thread.
- Add macros for coroutine-safe TLS variables (required for correctness
with LTO)
- Fix crashes with concurrent I/O and bdrv_refresh_limits()
- Split block APIs in global state and I/O
- iotests: Don't refuse to run at all without GNU sed, just skip tests
that need it
-----BEGIN PGP SIGNATURE-----
iQJFBAABCAAvFiEE3D3rFZqa+V09dFb+fwmycsiPL9YFAmIiSecRHGt3b2xmQHJl
ZGhhdC5jb20ACgkQfwmycsiPL9aSMBAAhS1FLwiUPJ5zsRlYkFiJ76M5AEJPNgYT
F3QqBxJa4d/rR8Hibx0p6bFU21QKIat2OIkepcaVGh8oOM8/8DKx1dUlhQt3IOQq
yTJ5klBTxQtnBYapEsZC1bcRgRhLXbhjsXtJluzJrfvIYO0BPdVmpetTY4vJ7v79
U2lYImHkUYZ3xH84qXj3ymfURyBc8LpjmMwWrCaEkjxcwfgb1fOeZuGEy7B387aL
zpYE2oKjSSI20TTbJ+VsPgf2CglmTRl2kILnWP0tFjh5clpozkXAJ/0WW/TwgQgJ
20Blvxk4inSfkMxHPdW0ttoBfW+WqftFFh1t0xqeUn6AfQFJkpQ93RmWk4rpKc8k
rVcXIO54sYNEcJfkofs0m7N6rDk5HBq1WA7wt5veWBeNeoKWALcqjFSlr52FofJr
bcCFnf/DRrGJ9XSi0XDqAqJeuqcGARVViqJZL3jUm+7VuLYcdA7d1wVUzuPUdv+0
KdANzzoLaGR8xNbB+NqRBuzOcxoXYRZWbKH5i2XDk+FCwl5qcg/XalsAcM0bwXPL
moRkH7csqrnD4cBZDSToZoi/iNdlynSIZmI8pL5Tr9btPODBF8lQEiPtJziSHReo
v7S1nR0Q6NNOpuZUMzLJJoPcm+uy7n672SAoWhpbvh0NTdW9msxtqY2KGCKjJH8l
f5zp/zljV0Y=
=Jdal
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/kwolf-gitlab/tags/for-upstream' into staging
Block layer patches
- qemu-storage-daemon: Add --daemonize
- Fix x-blockdev-amend and block node activation code which incorrectly
executed code in the iothread that must run in the main thread.
- Add macros for coroutine-safe TLS variables (required for correctness
with LTO)
- Fix crashes with concurrent I/O and bdrv_refresh_limits()
- Split block APIs in global state and I/O
- iotests: Don't refuse to run at all without GNU sed, just skip tests
that need it
# gpg: Signature made Fri 04 Mar 2022 17:18:31 GMT
# gpg: using RSA key DC3DEB159A9AF95D3D7456FE7F09B272C88F2FD6
# gpg: issuer "kwolf@redhat.com"
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full]
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74 56FE 7F09 B272 C88F 2FD6
* remotes/kwolf-gitlab/tags/for-upstream: (50 commits)
block/amend: Keep strong reference to BDS
block/amend: Always call .bdrv_amend_clean()
tests/qemu-iotests: Rework the checks and spots using GNU sed
iotests/graph-changes-while-io: New test
iotests: Allow using QMP with the QSD
block: Make bdrv_refresh_limits() non-recursive
job.h: assertions in the callers of JobDriver function pointers
job.h: split function pointers in JobDriver
block-backend-common.h: split function pointers in BlockDevOps
block_int-common.h: assertions in the callers of BdrvChildClass function pointers
block_int-common.h: split function pointers in BdrvChildClass
block_int-common.h: assertions in the callers of BlockDriver function pointers
block_int-common.h: split function pointers in BlockDriver
block/coroutines: I/O and "I/O or GS" API
block/copy-before-write.h: global state API + assertions
include/block/snapshot: global state API + assertions
assertions for blockdev.h global state API
include/sysemu/blockdev.h: global state API
assertions for blockjob.h global state API
include/block/blockjob.h: global state API
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
To implement this, we reuse the existing daemonizing functions from the
system emulator, which mainly do the following:
- Fork off a child process, and set up a pipe between parent and child
- The parent process waits until the child sends a status byte over the
pipe (0 means that the child was set up successfully; anything else
(including errors or EOF) means that the child was not set up
successfully), and then exits with an appropriate exit status
- The child process enters a new session (forking off again), changes
the umask, and will ignore terminal signals from then on
- Once set-up is complete, the child will chdir to /, redirect all
standard I/O streams to /dev/null, and tell the parent that set-up has
been completed successfully
In contrast to qemu-nbd's --fork implementation, during the set up
phase, error messages are not piped through the parent process.
qemu-nbd mainly does this to detect errors, though (while os_daemonize()
has the child explicitly signal success after set up); because we do not
redirect stderr after forking, error messages continue to appear on
whatever the parent's stderr was (until set up is complete).
Signed-off-by: Hanna Reitz <hreitz@redhat.com>
Message-Id: <20220303164814.284974-4-hreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Adding device ID for ERST device in pci-ids.txt. It was missed when ERST
related patches were reviewed.
CC: Eric DeVolder <eric.devolder@oracle.com>
Reviewed-by: Eric DeVolder <eric.devolder@oracle.com>
Signed-off-by: Ani Sinha <ani@anisinha.ca>
Message-Id: <20220223143322.927136-4-ani@anisinha.ca>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Information on the implementation of the ACPI ERST support.
Signed-off-by: Eric DeVolder <eric.devolder@oracle.com>
Acked-by: Ani Sinha <ani@anisinha.ca>
Message-Id: <20220223143322.927136-2-ani@anisinha.ca>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Add docs/specs/sev-guest-firmware.rst which describes the GUIDed table
in the end of OVMF's image which is parsed by QEMU, and currently used
to describe some values for SEV and SEV-ES guests.
Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20220103091413.2869-1-dovmurik@linux.ibm.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
* Fixup checks for ext_zb[abcs]
* Add AIA support for virt machine
* Increase maximum number of CPUs in virt machine
* Fixup OpenTitan SPI address
* Add support for zfinx, zdinx and zhinx{min} extensions
-----BEGIN PGP SIGNATURE-----
iQEzBAABCAAdFiEE9sSsRtSTSGjTuM6PIeENKd+XcFQFAmIgUZ8ACgkQIeENKd+X
cFTzegf8DbUYFLpyfURm6bJoJfLQHjtjB4Hs6PnszJZZAEtC6Ia+551TDjh93vTf
GTbpWm0BlugQqEeyg+Mioe2mb2EhK2w208RGXRSDjT9QFVOaIp83NDAjaQTPqs22
XC35ygJYuo1Yf0WoJV77aB6IYPZB3ba5i+dkGb6lk60Ru5ULqoLvqp73tNe5KvNB
uVAEy+ubzjmzWs5hGPw95HqTIbcMGnlHew4XU6xJaiJixSy71Z5nOCCn+2sxk+6A
QW59Onglyfk01F9ac3GMLvi2e+FUdj0S0y07oVqchzxXWYpYwgTO4Xkt794c8mqU
T02kuelfubr1qH1z/IolStju1JnaXw==
=LzOY
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/alistair/tags/pull-riscv-to-apply-20220303' into staging
Fifth RISC-V PR for QEMU 7.0
* Fixup checks for ext_zb[abcs]
* Add AIA support for virt machine
* Increase maximum number of CPUs in virt machine
* Fixup OpenTitan SPI address
* Add support for zfinx, zdinx and zhinx{min} extensions
# gpg: Signature made Thu 03 Mar 2022 05:26:55 GMT
# gpg: using RSA key F6C4AC46D4934868D3B8CE8F21E10D29DF977054
# gpg: Good signature from "Alistair Francis <alistair@alistair23.me>" [full]
# Primary key fingerprint: F6C4 AC46 D493 4868 D3B8 CE8F 21E1 0D29 DF97 7054
* remotes/alistair/tags/pull-riscv-to-apply-20220303:
target/riscv: expose zfinx, zdinx, zhinx{min} properties
target/riscv: add support for zhinx/zhinxmin
target/riscv: add support for zdinx
target/riscv: add support for zfinx
target/riscv: hardwire mstatus.FS to zero when enable zfinx
target/riscv: add cfg properties for zfinx, zdinx and zhinx{min}
hw: riscv: opentitan: fixup SPI addresses
hw/riscv: virt: Increase maximum number of allowed CPUs
docs/system: riscv: Document AIA options for virt machine
hw/riscv: virt: Add optional AIA IMSIC support to virt machine
hw/intc: Add RISC-V AIA IMSIC device emulation
hw/riscv: virt: Add optional AIA APLIC support to virt machine
target/riscv: fix inverted checks for ext_zb[abcs]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
We have two new machine options "aia" and "aia-guests" available
for the RISC-V virt machine so let's document these options.
Signed-off-by: Anup Patel <anup.patel@wdc.com>
Signed-off-by: Anup Patel <anup@brainfault.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Frank Chang <frank.chang@sifive.com>
Message-Id: <20220220085526.808674-5-anup@brainfault.org>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
This feature widens physical addresses (and intermediate physical
addresses for 2-stage translation) from 48 to 52 bits, when using
4k or 16k pages.
This introduces the DS bit to TCR_ELx, which is RES0 unless the
page size is enabled and supports LPA2, resulting in the effective
value of DS for a given table walk. The DS bit changes the format
of the page table descriptor slightly, moving the PS field out to
TCR so that all pages have the same sharability and repurposing
those bits of the page table descriptor for the highest bits of
the output address.
Do not yet enable FEAT_LPA2; we need extra plumbing to avoid
tickling an old kernel bug.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20220301215958.157011-17-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This feature widens physical addresses (and intermediate physical
addresses for 2-stage translation) from 48 to 52 bits, when using
64k pages. The only thing left at this point is to handle the
extra bits in the TTBR and in the table descriptors.
Note that PAR_EL1 and HPFAR_EL2 are nominally extended, but we don't
mask out the high bits when writing to those registers, so no changes
are required there.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20220301215958.157011-11-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This feature is relatively small, as it applies only to
64k pages and thus requires no additional changes to the
table descriptor walking algorithm, only a change to the
minimum TSZ (which is the inverse of the maximum virtual
address space size).
Note that this feature widens VBAR_ELx, but we already
treat the register as being 64 bits wide.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20220301215958.157011-10-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
There are no longer any VMStateDescription structs in the tree which
use the load_state_old support for custom handling of incoming
migration from very old QEMU. Remove the mechanism entirely.
This includes removing one stray useless setting of
minimum_version_id_old in a VMStateDescription with no load_state_old
function, which crept in after the global weeding-out of them in
commit 17e3134061.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20220215175705.3846411-1-peter.maydell@linaro.org>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Francisco Iglesias <francisco.iglesias@xilinx.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
- restore TESTS/IMAGES filtering to docker tests
- add NOUSER to alpine image
- bump lcitool version
- move arm64/s390x cross build images to lcitool
- add aarch32 runner CI scripts
- expand testing to more vectors
- update s390x jobs to focal for gitlab/travis
- disable threadcount for all sh4
- fix semihosting SYS_HEAPINFO and test
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmIdGJEACgkQ+9DbCVqe
KkQZYQf+Ndlm651dulO4J55puk8cUOMrCrDvqVkxM/V7ZD4GKyoa9/PstfOspLkQ
hXNANtfcr7zsXxo7J7PKVpX3y+upxCMLLK9NqHXW3O8mOSoru44caLko6FdmwWkU
KmoToEM3jgxJxqrE8ijLz1gxo79TVT0m3OyyKlMf9C+Wf4BfUe4NXjt/VMcecrDd
wKJnvjWyrk67yOyPRDnT2XlG1HdphD90g8xPxiK1tzkEQEWJlojTLSZENQksa1V6
JBu1mwT/KPodkllzTQcHHjGn4/vsdzFqjqV+8d3xXiSmr/QdeyByUeDhJ7aI4qdY
aKoX3hoIUdENmPxqXozuVBy/S4gLoA==
=MY0T
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/stsquad/tags/pull-testing-and-semihosting-280222-1' into staging
Testing and semihosting updates:
- restore TESTS/IMAGES filtering to docker tests
- add NOUSER to alpine image
- bump lcitool version
- move arm64/s390x cross build images to lcitool
- add aarch32 runner CI scripts
- expand testing to more vectors
- update s390x jobs to focal for gitlab/travis
- disable threadcount for all sh4
- fix semihosting SYS_HEAPINFO and test
# gpg: Signature made Mon 28 Feb 2022 18:46:41 GMT
# gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [full]
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44
* remotes/stsquad/tags/pull-testing-and-semihosting-280222-1:
tests/tcg: port SYS_HEAPINFO to a system test
semihosting/arm-compat: replace heuristic for softmmu SYS_HEAPINFO
tests/tcg: completely disable threadcount for sh4
gitlab: upgrade the job definition for s390x to 20.04
travis.yml: Update the s390x jobs to Ubuntu Focal
tests/tcg: add vectorised sha512 versions
tests/tcg: add sha512 test
tests/tcg: build sha1-vector with O3 and compare
tests/tcg/ppc64: clean-up handling of byte-reverse
gitlab: add a new aarch32 custom runner definition
scripts/ci: allow for a secondary runner
scripts/ci: add build env rules for aarch32 on aarch64
tests/docker: introduce debian-riscv64-test-cross
tests/docker: update debian-s390x-cross with lcitool
tests/docker: update debian-arm64-cross with lcitool
tests/lcitool: update to latest version
tests/docker: add NOUSER for alpine image
tests/docker: restore TESTS/IMAGES filtering
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* Removal of the swift-bmc machine
* New Secure Boot Controller model
* Improvements on the rainier machine
* Various small cleanups
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEoPZlSPBIlev+awtgUaNDx8/77KEFAmIbOjkACgkQUaNDx8/7
7KHl4w//QySSZtdkk0fLIHg6q4aSeehLZWro5JVRs+ZGtmM6ixi95RNQwEyiM3g6
fHbkgsE3YHh3rnX5KckTPwMq+LctLSebrUtOvHQyTcHckCjwn90Vyaw7hSBROeGz
8Yieb6qda2kEnX61yGlE80go3WDuA2kyRw2bvHOhT5Vzsb2Xq8xflziFv+gHH4NT
Hf/AiCSh6uCILT0JyhZF4Swzip+jDGytryPdBThBtptShyscCgIKb9GqVTVHbWXi
dCe+eDDPUm7npOfP5RmHE249tz+SwS+YejTShewt0FALzglxu/GZI3UNEg0Ays+0
E7uWeSFrgQE5lZvht3Z7Duc0GCGQxYkVwhUtr2e/9dLUIRTrcdj/55h/VgeaSzR5
3RXtbwNAaumE0JdgKXFwmBuPNRNzZa89hrBcvswkcVXtlB2hsWlWLniKJHbafNHk
vOMABrEeWCZYT794J0yFrunCUFPCNUXpPYJJdRBeIktiHzRGJYHraX7i/aJ5ltse
VaDVbEdHaB11H8Y2cQJtjda/zM84DaqGQj9EkQPCRe7w3bnWQLSJ1qcahszV0P+Z
y+DkoFRr3LKVE9dIS/N4gwIBWk5AymqSqAVizQ61rq8ZetUNdgTT12EC39djhATi
OfudYiQKc33gvYOLLFSST2tiv/NK/GfIGc2Ag1qME30NYnam50Q=
=0F2M
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/legoater/tags/pull-aspeed-20220227' into staging
aspeed queue:
* Removal of the swift-bmc machine
* New Secure Boot Controller model
* Improvements on the rainier machine
* Various small cleanups
# gpg: Signature made Sun 27 Feb 2022 08:45:45 GMT
# gpg: using RSA key A0F66548F04895EBFE6B0B6051A343C7CFFBECA1
# gpg: Good signature from "Cédric Le Goater <clg@kaod.org>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: A0F6 6548 F048 95EB FE6B 0B60 51A3 43C7 CFFB ECA1
* remotes/legoater/tags/pull-aspeed-20220227:
aspeed/sdmc: Add trace events
aspeed/smc: Add an address mask on segment registers
aspeed: Introduce a create_pca9552() helper
aspeed: rainier: Add strap values taken from hardware
aspeed: rainier: Add i2c LED devices
ast2600: Add Secure Boot Controller model
arm: Remove swift-bmc machine
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Although running on aarch64 hardware we can still target 32bit builds
with a cross compiler and run the resulting binaries.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20220225172021.3493923-10-alex.bennee@linaro.org>
It was scheduled for removal in 7.0.
Signed-off-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
- Improves documentation of SSH fingerprint checking
- Fixes SHA256 fingerprints with non-blockdev usage
- Blocks the clone3, setns, unshare & execveat syscalls
with seccomp
- Blocks process spawning via clone syscall, but allows
threads, with seccomp
- Takes over seccomp maintainer role
- Expands firmware descriptor spec to allow flash
without NVRAM
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEE2vOm/bJrYpEtDo4/vobrtBUQT98FAmIOOBkACgkQvobrtBUQ
T9/ruhAAr8jkAH8FN5ftx2/L7q8SHpjPupue1CJ0Nl/ykmYhTGc+SqC3R2nZWOk2
Ws8hHVcDVT1lhrGxPtU7o+JPC1TebJTsloimJoKQY3qfdvZadJeR/4KsOUzi2ruu
VZ6HiYvZc1c9T+NPf3QRhBo7yyascKWKWHDseUNIt/2DiefCox4QFUDDMG86HiQF
KK30xWTvwJdcPxRlbfZbWRoqA0v4OoSDK6Ftp94FQSNBkExO85kstDq3xVaApf8H
DE1QD7gf+dvz11wVuFhrf4d1EH032nU0p0kMxhABc4/kZXo5iWXohhzML3/MUEVT
pe5/9pzUdWpfXQd/2r7x2PyPgySAG7lGbkgltowY52qnRPaNw9ukwkFCFAj8wiD8
FT2ghvkYD3zLfnZ3nuuzJVjf3pXgCc5VcfXaoffT72a7gpI1LTuEqPFwo04imV4l
21fYFx26mYTGCLH1CwVw8MQ2z/dg6uorT/NHdmRA/KrYJ1Elay2K7DV3Z5jOM5MI
0Ll5HkfsUut+1rioUjNgmlQ+96k/G0P0hVUoTUIcgl3U/GDx2+ypcrNTfmEcaCLV
bOhsjtrcg/KAXsCSbvnfDe3bWf0txnscyqoilEzDahLvciWG3d6qlhczLy29LGb4
/w7iqnUcSygXc+a9/ckVo1h5fo0i9qb3W8Pw9klapvz6SGJ83g4=
=PeCY
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/berrange-gitlab/tags/misc-next-pull-request' into staging
This misc series of changes:
- Improves documentation of SSH fingerprint checking
- Fixes SHA256 fingerprints with non-blockdev usage
- Blocks the clone3, setns, unshare & execveat syscalls
with seccomp
- Blocks process spawning via clone syscall, but allows
threads, with seccomp
- Takes over seccomp maintainer role
- Expands firmware descriptor spec to allow flash
without NVRAM
# gpg: Signature made Thu 17 Feb 2022 11:57:13 GMT
# gpg: using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full]
# gpg: aka "Daniel P. Berrange <berrange@redhat.com>" [full]
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF
* remotes/berrange-gitlab/tags/misc-next-pull-request:
docs: expand firmware descriptor to allow flash without NVRAM
MAINTAINERS: take over seccomp from Eduardo Otubo
seccomp: block setns, unshare and execveat syscalls
seccomp: block use of clone3 syscall
seccomp: fix blocking of process spawning
seccomp: add unit test for seccomp filtering
seccomp: allow action to be customized per syscall
block: print the server key type and fingerprint on failure
block: support sha256 fingerprint with pre-blockdev options
block: better document SSH host key fingerprint checking
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This is the BMC attached to the OpenBMC Mori board.
Signed-off-by: Patrick Venture <venture@google.com>
Reviewed-by: Chris Rauer <crauer@google.com>
Reviewed-by: Ilkyun Choi <ikchoi@google.com>
Message-id: 20220208233104.284425-1-venture@google.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Currently there is no way for a board model's Kconfig stanza to
say "I have an i2c bus which the user can plug an i2c device into,
build all the free-standing i2c devices". The Kconfig mechanism
for this is the "device group". Add an I2C_DEVICES group along
the same lines as the existing PCI_DEVICES. Simple free-standing
i2c devices which a user might plausibly want to be able to
plug in on the QEMU commandline should have
default y if I2C_DEVICES
and board models which have an i2c bus that is user-accessible
should use
imply I2C_DEVICES
to cause those pluggable devices to be built.
In this commit we mark only a fairly conservative set of i2c devices
as belonging to the I2C_DEVICES group: the simple sensors and RTCs
(not including PMBus devices or devices which need GPIO lines to be
connected).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Hao Wu <wuhaotsh@google.com>
Message-id: 20220208155911.3408455-2-peter.maydell@linaro.org
Provide an option "-o security_label/no_security_label" to enable/disable
security label functionality. By default these are turned off.
If enabled, server will indicate to client that it is capable of handling
one security label during file creation. Typically this is expected to
be a SELinux label. File server will set this label on the file. It will
try to set it atomically wherever possible. But its not possible in
all the cases.
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Message-Id: <20220208204813.682906-11-vgoyal@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
The current firmware descriptor schema for flash requires that both the
executable to NVRAM template paths be provided. This is fine for the
most common usage of EDK2 builds in virtualization where the separate
_CODE and _VARS files are provided.
With confidential computing technology like AMD SEV, persistent storage
of variables may be completely disabled because the firmware requires a
known clean state on every cold boot. There is no way to express this
in the firmware descriptor today.
Even with regular EDK2 builds it is possible to create a firmware that
has both executable code and variable persistence in a single file. This
hasn't been commonly used, since it would mean every guest bootup would
need to clone the full firmware file, leading to redundant duplicate
storage of the code portion. In some scenarios this may not matter and
might even be beneficial. For example if a public cloud allows users to
bring their own firmware, such that the user can pre-enroll their own
secure boot keys, you're going to have this copied on disk for each
tenant already. At this point the it can be simpler to just deal with
a single file rather than split builds. The firmware descriptor ought
to be able to express this combined firmware model too.
This all points towards expanding the schema for flash with a 'mode'
concept:
- "split" - the current implicit behaviour with separate files
for code and variables.
- "combined" - the alternate behaviour where a single file contains
both code and variables.
- "stateless" - the confidential computing use case where storage
of variables is completely disable, leaving only the code.
Reviewed-by: Kashyap Chamarthy <kchamart@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
The docs still illustrate host key fingerprint checking using the old
md5 hashes which are considered insecure and obsolete. Change it to
illustrate using a sha256 hash. Also show how to extract the hash
value from the known_hosts file.
Reviewed-by: Hanna Reitz <hreitz@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Since the hypervisor extension been non experimental and enabled for
default CPU, the previous command is no longer available and the
option `x-h=true` or `h=true` is also no longer required.
Signed-off-by: Yu Li <liyu.yukiteru@bytedance.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <9040401e-8f87-ef4a-d840-6703f08d068c@bytedance.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
There's a nice new Rust implementation out there; recommend people
do new work on that.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-id: 20220210174714.19843-1-dgilbert@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
It's likely broken, and nobody cared for picking it up again
during the deprecation phase, so let's remove this now.
Since this is the last entry in deprecated_targets_list, remove
the related code in the configure script, too.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Acked-by: Cédric Le Goater <clg@kaod.org>
Acked-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20211215084958.185214-1-thuth@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20220112112722.3641051-32-alex.bennee@linaro.org>
Users wanting this sort of functionality should turn to TCG plugins
instead.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Cc: Luis Vilanova <vilanova@imperial.ac.uk>
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20220204204335.1689602-18-alex.bennee@linaro.org>