Commit Graph

1115 Commits

Author SHA1 Message Date
Coiby Xu
8675a37681 MAINTAINERS: Add vhost-user block device backend server maintainer
Suggested-by: Stefano Garzarella <sgarzare@redhat.com>
Signed-off-by: Coiby Xu <coiby.xu@gmail.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 20200918080912.321299-8-coiby.xu@gmail.com
[Removed reference to vhost-user-blk-test.c, it will be sent in a
separate pull request.
--Stefan]
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2020-10-23 13:42:16 +01:00
John Snow
b8eaee96e4 MAINTAINERS: Add Python library stanza
I'm proposing that I split the actual Python library off from the other
miscellaneous python scripts we have and declare it maintained. Add
myself as a maintainer of this folder, along with Cleber.

I will be actively working to add CI style guide checks, strict typing,
and an actual package infrastructure to this folder specifically which
differentiates it from loose, miscellaneous scripts which are generally
maintained by other individuals with subject matter expertise.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Acked-by: Cleber Rosa <crosa@redhat.com>
Acked-by: Eduardo Habkost <ehabkost@redhat.com>
2020-10-20 09:37:57 -04:00
Philippe Mathieu-Daudé
5ca2b25269 MAINTAINERS: Remove duplicated Malta test entries
The Malta tests are already covered in the Malta section.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20201013101659.3557154-3-f4bug@amsat.org>
2020-10-17 13:59:40 +02:00
Philippe Mathieu-Daudé
4ba98e96e0 MAINTAINERS: Downgrade MIPS Boston to 'Odd Fixes', fix Paul Burton mail
Paul's Wavecomp email has been bouncing for months. He told us
he "no longer has access to modern MIPS CPUs or Boston hardware,
and wouldn't currently have time to spend on them if he did." [1]
but "perhaps that might change in the future." [2].
Be fair and downgrade the status of the Boston board to "Odd Fixes"
(has a maintainer but they don't have time to do much other).
Similarly to commit 2b107c2c1c (".mailmap: Update Paul Burton email
address"), update his email address here too.

[1] https://www.mail-archive.com/qemu-devel@nongnu.org/msg718739.html
[2] https://www.mail-archive.com/qemu-devel@nongnu.org/msg728605.html

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20201013101659.3557154-4-f4bug@amsat.org>
2020-10-17 13:59:40 +02:00
Philippe Mathieu-Daudé
cf960317cb MAINTAINERS: Put myself forward for MIPS target
To avoid the MIPS target being orphan, volunteer to keep an eye
on it and put together pull requests.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20201013101659.3557154-2-f4bug@amsat.org>
2020-10-17 13:59:40 +02:00
Aleksandar Markovic
ca263c0fb9 MAINTAINERS: Remove myself
I have been working on project other than QEMU for some time, and would
like to devote myself to that project. It is impossible for me to find
enough time to perform maintainer's duties with needed meticulousness
and patience.

I wish prosperous future to QEMU and all colleagues in QEMU community.

Signed-off-by: Aleksandar Markovic <aleksandar.qemu.devel@gmail.com>
Message-Id: <1602103041-32017-6-git-send-email-aleksandar.qemu.devel@gmail.com>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-10-17 13:59:40 +02:00
Daniel P. Berrangé
5737eea24f block: drop moderated sheepdog mailing list from MAINTAINERS file
The sheepdog mailing list is setup to stop and queue messages from
non-subscribers, pending moderator approval. Unfortunately it seems
that the moderation queue is not actively dealt with. Even when messages
are approved, the sender is never added to the whitelist, so every
future mail from the same sender continues to get stopped for moderation.

MAINTAINERS entries should be responsive and not unneccessarily block
mails from QEMU contributors, so drop the sheepdog mailing list.

Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20201002113243.2347710-2-berrange@redhat.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-10-15 16:06:28 +02:00
Peter Maydell
b37da83763 * qtest improvements (test for crash found with the fuzzer, increase
downtime in migration test, less verbose output when running w/o KVM)
 * Improve handling of acceptance tests in the Gitlab-CI
 * Run checkpatch.pl in the Gitlab-CI
 * Improve the gitlab-pipeline-status script
 * Misc patches (mark 'moxie' as deprecated, remove stale .gitignore files, ...)
 -----BEGIN PGP SIGNATURE-----
 
 iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAl+FhiIRHHRodXRoQHJl
 ZGhhdC5jb20ACgkQLtnXdP5wLbXfcBAAkMc4eUbZ0Wkm7M7TdIRkn1vQEstgvyJN
 6t02MuqY0R01rdbIBAnCLSw9okxfCTf7Q33VmC7snLtPo6WmvYIPAXZAnUiz13K1
 hGhMJfEY0JSyPEXlENMC/SWcRfNuHud6OPp6KePvn6EQsVZ5CR9SeO5zMsCVj2SP
 bMaBYIAJsVCEHkR2lq9UXbjckjyO0GQnQ/oR3mNiqDLYBmrXUOxIFMBctgfbuUtm
 uPuvvknHVQa8foD18qVJ8QYZrpwrqN4edFjcoW3yvwfX6OOhTnx+pY43BG/of9YB
 OoRY7V4VN8aYmVR08sqyn6PRNpXW9WcSUn8D3JNeiAhLzO/8H197JhHwFVvbZc7t
 puLECIINy91wH2i3Onx7HWhss3XLUK3HsvWNLrvLui6vdbFHEtiW2/0GbwJzrcA0
 a9inH7bvI7BlPiIau/J7goaDv0fzZ7xVXlQcrM8hC9oCWH5gvmvcgTBWJn/5OxUZ
 fov3iFxcRWslFSQe+D66gBceIl/fScF+TUmPoWyeSlD/f1OR2WW+q8N1FvnbLflz
 oPutIoja8b6CobzAzp8Igc6/9uQvzCAFB92Y8q1Og7eguQybw7dDtbArjBmjUBVi
 slFWoY8/ri2+uyiPsyU13Yfu9N5myqdwIQeM7H8sQ7qS40QHp0z2tj18o951xH2w
 WJv3PlGcez4=
 =lCRK
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2020-10-13' into staging

* qtest improvements (test for crash found with the fuzzer, increase
  downtime in migration test, less verbose output when running w/o KVM)
* Improve handling of acceptance tests in the Gitlab-CI
* Run checkpatch.pl in the Gitlab-CI
* Improve the gitlab-pipeline-status script
* Misc patches (mark 'moxie' as deprecated, remove stale .gitignore files, ...)

# gpg: Signature made Tue 13 Oct 2020 11:49:06 BST
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg:                issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* remotes/huth-gitlab/tags/pull-request-2020-10-13: (23 commits)
  scripts/ci/gitlab-pipeline-status: wait for pipeline creation
  scripts/ci/gitlab-pipeline-status: use more descriptive exceptions
  scripts/ci/gitlab-pipeline-status: handle keyboard interrupts
  scripts/ci/gitlab-pipeline-status: refactor parser creation
  scripts/ci/gitlab-pipeline-status: give early feedback on running pipelines
  scripts/ci/gitlab-pipeline-status: improve message regarding timeout
  scripts/ci/gitlab-pipeline-status: make branch name configurable
  gitlab: assign python helper files to GitLab maintainers section
  gitlab: add a CI job to validate the DCO sign off
  gitlab: add a CI job for running checkpatch.pl
  configure: fixes indent of $meson setup
  docs/system/deprecated: Mark the 'moxie' CPU as deprecated
  Remove superfluous .gitignore files
  MAINTAINERS: Ignore bios-tables-test in the qtest section
  Add a comment in bios-tables-test.c to clarify the reason behind approach
  softmmu/vl: Be less verbose about missing KVM when running the qtests
  tests/migration: Allow longer timeouts
  qtest: add fuzz test case
  Acceptance tests: show test report on GitLab CI
  Acceptance tests: do not show canceled test logs on GitLab CI
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-10-13 12:46:26 +01:00
Daniel P. Berrangé
4fb716360a gitlab: assign python helper files to GitLab maintainers section
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20200918132903.1848939-4-berrange@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2020-10-13 12:48:17 +02:00
Thomas Huth
520ddc18bf MAINTAINERS: Ignore bios-tables-test in the qtest section
I'm very often getting CC: on rather large patch series that
modify the ACPI stuff of either ARM or x86, just because the
bios-table-test is often slightly involved here. I can't say
much about ACPI, and the bios-table-test is already covered
by the ACPI section in MAINTAINERS, so I'd rather prefer to
not getting automatically CC-ed on such patch series anymore.
If people want my opinion about qtest-related changes, they
can still put me on CC manually.

Message-Id: <20201001042717.136033-1-thuth@redhat.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2020-10-13 12:48:17 +02:00
Paolo Bonzini
22fb6eb571 qom: fix objects with improper parent type
Some objects accidentally inherit ObjectClass instead of Object.
They compile silently but may crash after downcasting.

In this patch, we introduce a coccinelle script to find broken
declarations and fix them manually with proper base type.

Signed-off-by: Sergey Nizovtsev <snizovtsev@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-10-12 11:50:22 -04:00
Paolo Bonzini
d9f24bf572 exec: split out non-softmmu-specific parts
Over the years, most parts of exec.c that were not specific to softmmu
have been moved to accel/tcg; what's left is mostly the low-level part
of the memory API, which includes RAMBlock and AddressSpaceDispatch.
However exec.c also hosts 4-500 lines of code for the target specific
parts of the CPU QOM object, plus a few functions for user-mode
emulation that do not have a better place (they are not TCG-specific so
accel/tcg/user-exec.c is not a good place either).

Move these parts to a new file, so that exec.c can be moved to
softmmu/physmem.c.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-10-12 11:50:22 -04:00
Paolo Bonzini
800d4deda0 softmmu: move more files to softmmu/
Keep most softmmu_ss files into the system-emulation-specific
directory.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-10-12 11:50:21 -04:00
Philippe Mathieu-Daudé
8d0bceba24 hw/nvram: Always register FW_CFG_DATA_GENERATOR_INTERFACE
While the FW_CFG_DATA_GENERATOR_INTERFACE is only consumed
by a device only available using system-mode (fw_cfg), it is
implemented by a crypto component (tls-cipher-suites) which
is always available when crypto is used.

Commit 69699f3055 introduced the following error in the
qemu-storage-daemon binary:

  $ echo -e \
    '{"execute": "qmp_capabilities"}\r\n{"execute": "qom-list-types"}\r\n{"execute": "quit"}\r\n' \
    | storage-daemon/qemu-storage-daemon --chardev stdio,id=qmp0  --monitor qmp0
  {"QMP": {"version": {"qemu": {"micro": 50, "minor": 1, "major": 5}, "package": ""}, "capabilities": ["oob"]}}
  {"return": {}}
  missing interface 'fw_cfg-data-generator' for object 'tls-creds'
  Aborted (core dumped)

Since QOM dependencies are resolved at runtime, this issue
could not be triggered at linktime, and we don't have test
running the qemu-storage-daemon binary.

Fix by always registering the QOM interface.

Reported-by: Kevin Wolf <kwolf@redhat.com>
Fixes: 69699f3055 ("crypto/tls-cipher-suites: Produce fw_cfg consumable blob")
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20201006111909.2302081-2-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-10-12 11:50:20 -04:00
Pavel Dovgalyuk
be52eca309 tests/acceptance: add reverse debugging test
This is a test for GDB reverse debugging commands: reverse step and reverse continue.
Every test in this suite consists of two phases: record and replay.
Recording saves the execution of some instructions and makes an initial
VM snapshot to allow reverse execution.
Replay saves the order of the first instructions and then checks that they
are executed backwards in the correct order.
After that the execution is replayed to the end, and reverse continue
command is checked by setting several breakpoints, and asserting
that the execution is stopped at the last of them.

Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgalyuk@ispras.ru>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>

--

v5:
 - disabled (as some other tests) when running on gitlab
   due to the unidentified timeout problem
Message-Id: <160174524678.12451.13258942849173670277.stgit@pasha-ThinkPad-X280>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-10-06 08:34:50 +02:00
Pavel Dovgalyuk
43d7e1d782 qapi: introduce replay.json for record/replay-related stuff
This patch adds replay.json file. It will be
used for adding record/replay-related data structures and commands.

Signed-off-by: Pavel Dovgalyuk <pavel.dovgalyuk@ispras.ru>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <160174519444.12451.3472949430004845434.stgit@pasha-ThinkPad-X280>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-10-06 08:34:49 +02:00
Claudio Fontana
8ef39ecfa6 cpus: extract out whpx-specific code to target/i386/
register a "CpusAccel" interface for WHPX as well.

Signed-off-by: Claudio Fontana <cfontana@suse.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-10-05 16:41:22 +02:00
Claudio Fontana
1583a38988 cpus: extract out qtest-specific code to accel/qtest
register a "CpusAccel" interface for qtest as well.

Signed-off-by: Claudio Fontana <cfontana@suse.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-10-05 16:41:22 +02:00
Claudio Fontana
740b175973 cpu-timers, icount: new modules
refactoring of cpus.c continues with cpu timer state extraction.

cpu-timers: responsible for the softmmu cpu timers state,
            including cpu clocks and ticks.

icount: counts the TCG instructions executed. As such it is specific to
the TCG accelerator. Therefore, it is built only under CONFIG_TCG.

One complication is due to qtest, which uses an icount field to warp time
as part of qtest (qtest_clock_warp).

In order to solve this problem, provide a separate counter for qtest.

This requires fixing assumptions scattered in the code that
qtest_enabled() implies icount_enabled(), checking each specific case.

Signed-off-by: Claudio Fontana <cfontana@suse.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
[remove redundant initialization with qemu_spice_init]
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
[fix lingering calls to icount_get]
Signed-off-by: Claudio Fontana <cfontana@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-10-05 16:41:22 +02:00
John Snow
77582e2c9d MAINTAINERS: Update my git address
I am switching from github to gitlab.

Signed-off-by: John Snow <jsnow@redhat.com>
2020-10-01 13:04:16 -04:00
Pavel Pisa
de4d4adb58 hw/net/can: Documentation for CTU CAN FD IP open hardware core emulation.
Updated MAINTAINERS for CAN bus related emulation as well.

Signed-off-by: Pavel Pisa <pisa@cmp.felk.cvut.cz>
Message-Id: <6d1b8db69efc4e5cfad702d2150e1960e8f63572.1600069689.git.pisa@cmp.felk.cvut.cz>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-09-30 19:11:37 +02:00
Philippe Mathieu-Daudé
71f364b703 stubs: Split accelerator / hardware related stubs
Move hardware stubs unrelated from the accelerator to xen-hw-stub.c.

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20200908155530.249806-5-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-09-30 19:11:36 +02:00
Stefan Hajnoczi
1b7e01d008 MAINTAINERS: add Paolo Bonzini as RCU maintainer
The RCU code that Paolo maintains is missing a MAINTAINERS file entry.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20200909090851.14458-1-stefanha@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-09-30 19:09:19 +02:00
Peter Maydell
db16115f87 docs/interop: Convert qemu-ga-ref to rST
Convert qemu-ga-ref to rST format. This includes dropping
the plain-text, pdf and info format outputs for this document;
as with all our other Sphinx-based documentation, we provide
HTML and manpage only.

The qemu-ga-ref.rst is somewhat more stripped down than
the .texi was, because we do not (currently) attempt to
generate indexes for the commands, events and data types
being documented.

As the GA ref is now part of the Sphinx 'interop' manual,
we can delete the direct link from index.html.in.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20200925162316.21205-9-peter.maydell@linaro.org>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Unicode legacy literal dumbed down to plain string literal, TODO
comment on displaying QEMU version added]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2020-09-29 17:55:39 +02:00
Peter Maydell
4078ee5469 docs/sphinx: Add new qapi-doc Sphinx extension
Some of our documentation is auto-generated from documentation
comments in the JSON schema.

For Sphinx, rather than creating a file to include, the most natural
way to handle this is to have a small custom Sphinx extension which
processes the JSON file and inserts documentation into the rST
file being processed.

This is the same approach that kerneldoc and hxtool use.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20200925162316.21205-8-peter.maydell@linaro.org>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Comment and doc string formatting tweaked, unused method dropped,
a few line breaks tweaked to follow PEP 8 more closely, MAINTAINERS
section QAPI updated]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2020-09-29 17:55:39 +02:00
Philippe Mathieu-Daudé
61c7f9876a qapi: Extract PCI commands to 'pci.json'
Only qemu-system-FOO and qemu-storage-daemon provide QMP
monitors, therefore such declarations and definitions are
irrelevant for user-mode emulation.

Extracting the PCI commands to their own schema reduces the size of
the qapi-misc* headers generated, and pulls less QAPI-generated code
into user-mode.

Suggested-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20200913195348.1064154-9-philmd@redhat.com>
[Commit message tweaked]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2020-09-29 15:41:36 +02:00
Philippe Mathieu-Daudé
27c9188fa0 qapi: Extract ACPI commands to 'acpi.json'
Only qemu-system-FOO and qemu-storage-daemon provide QMP
monitors, therefore such declarations and definitions are
irrelevant for user-mode emulation.

Extracting the ACPI commands to their own schema reduces the size of
the qapi-misc* headers generated, and pulls less QAPI-generated code
into user-mode.

Suggested-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Acked-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20200913195348.1064154-8-philmd@redhat.com>
[Commit message tweaked]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2020-09-29 15:41:36 +02:00
Stefan Hajnoczi
ed7db34b5a tests: add test-fdmon-epoll
Test aio_disable_external(), which switches from fdmon-epoll back to
fdmon-poll. This resulted in an assertion failure that was fixed in the
previous patch.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20200915120339.702938-3-stefanha@redhat.com>
2020-09-23 13:45:52 +01:00
Stefan Hajnoczi
1a94978983 MAINTAINERS: add Stefan Hajnoczi as block/nvme.c maintainer
Development of the userspace NVMe block driver picked up again recently.
After talking with Fam I am stepping up as block/nvme.c maintainer.
Patches will be merged through my 'block' tree.

Cc: Kevin Wolf <kwolf@redhat.com>
Cc: Klaus Jensen <k.jensen@samsung.com>
Cc: Fam Zheng <fam@euphon.net>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Acked-by: Kevin Wolf <kwolf@redhat.com>
Acked-by: Klaus Jensen <k.jensen@samsung.com>
Acked-by: Fam Zheng <fam@euphon.net>
Message-id: 20200907111632.90499-1-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2020-09-23 13:41:58 +01:00
Havard Skinnemoen
d1cb5eda67 roms: Add virtual Boot ROM for NPCM7xx SoCs
This is a minimalistic boot ROM written specifically for use with QEMU.
It supports loading the second-stage loader from SPI flash into RAM, SMP
boot, and not much else.

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Havard Skinnemoen <hskinnemoen@google.com>
Message-id: 20200911052101.2602693-7-hskinnemoen@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-09-14 14:24:59 +01:00
Havard Skinnemoen
e5a7ba8788 hw/misc: Add NPCM7xx System Global Control Registers device model
Implement a device model for the System Global Control Registers in the
NPCM730 and NPCM750 BMC SoCs.

This is primarily used to enable SMP boot (the boot ROM spins reading
the SCRPAD register) and DDR memory initialization; other registers are
best effort for now.

The reset values of the MDLR and PWRON registers are determined by the
SoC variant (730 vs 750) and board straps respectively.

Reviewed-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: Alexander Bulekov <alxndr@bu.edu>
Signed-off-by: Havard Skinnemoen <hskinnemoen@google.com>
Message-id: 20200911052101.2602693-2-hskinnemoen@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-09-14 14:24:15 +01:00
Peter Maydell
f00f57f344 This PR includes multiple fixes and features for RISC-V:
- Fixes a bug in printing trap causes
  - Allows 16-bit writes to the SiFive test device. This fixes the
    failure to reboot the RISC-V virt machine
  - Support for the Microchip PolarFire SoC and Icicle Kit
  - A reafactor of RISC-V code out of hw/riscv
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEE9sSsRtSTSGjTuM6PIeENKd+XcFQFAl9aa4YACgkQIeENKd+X
 cFTJjgf5ASfFIO5HqP1l80/UM5Pswyq0IROZDq0ItZa6U4EPzLXoE2N0POriIj4h
 Ds2JbMg0ORDqY0VbSxHlgYHMgJ9S6cuVOMnATsPG0d2jaJ3gSxLBu5k/1ENqe+Vw
 sSYXZv5uEAUfOFz99zbuhKHct5HzlmBFW9dVHdflUQS+cRgsSXq27mz1BvZ8xMWl
 lMhwubqdoNx0rOD3vKnlwrxaf54DcJ2IQT3BtTCjEar3tukdNaLijAuwt2hrFyr+
 IwpeFXA/NWar+mXP3M+BvcLaI33j73/ac2+S5SJuzHGp/ot5nT5gAuq3PDEjHMeS
 t6z9Exp776VXxNE2iUA5NB65Yp3/6w==
 =07oA
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/alistair/tags/pull-riscv-to-apply-20200910' into staging

This PR includes multiple fixes and features for RISC-V:
 - Fixes a bug in printing trap causes
 - Allows 16-bit writes to the SiFive test device. This fixes the
   failure to reboot the RISC-V virt machine
 - Support for the Microchip PolarFire SoC and Icicle Kit
 - A reafactor of RISC-V code out of hw/riscv

# gpg: Signature made Thu 10 Sep 2020 19:08:06 BST
# gpg:                using RSA key F6C4AC46D4934868D3B8CE8F21E10D29DF977054
# gpg: Good signature from "Alistair Francis <alistair@alistair23.me>" [full]
# Primary key fingerprint: F6C4 AC46 D493 4868 D3B8  CE8F 21E1 0D29 DF97 7054

* remotes/alistair/tags/pull-riscv-to-apply-20200910: (30 commits)
  hw/riscv: Sort the Kconfig options in alphabetical order
  hw/riscv: Drop CONFIG_SIFIVE
  hw/riscv: Always build riscv_hart.c
  hw/riscv: Move sifive_test model to hw/misc
  hw/riscv: Move sifive_uart model to hw/char
  hw/riscv: Move riscv_htif model to hw/char
  hw/riscv: Move sifive_plic model to hw/intc
  hw/riscv: Move sifive_clint model to hw/intc
  hw/riscv: Move sifive_gpio model to hw/gpio
  hw/riscv: Move sifive_u_otp model to hw/misc
  hw/riscv: Move sifive_u_prci model to hw/misc
  hw/riscv: Move sifive_e_prci model to hw/misc
  hw/riscv: sifive_u: Connect a DMA controller
  hw/riscv: clint: Avoid using hard-coded timebase frequency
  hw/riscv: microchip_pfsoc: Hook GPIO controllers
  hw/riscv: microchip_pfsoc: Connect 2 Cadence GEMs
  hw/arm: xlnx: Set all boards' GEM 'phy-addr' property value to 23
  hw/net: cadence_gem: Add a new 'phy-addr' property
  hw/riscv: microchip_pfsoc: Connect a DMA controller
  hw/dma: Add SiFive platform DMA controller emulation
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

# Conflicts:
#	hw/riscv/trace-events
2020-09-13 20:29:35 +01:00
Peter Maydell
3d9f371b01 Various misc and testing fixes:
- Expand CODING_STYLE.rst a little more
   - usb-host build fix
   - allow check-softfloat unit tests without TCG
   - simplify mips imm_branch so compiler isn't confused
   - mark ppc64abi32 for deprecation
   - more compiler soothing in pch_rev_id
   - allow acceptance to skip missing binaries
   - more a bunch of plugins to contrib
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAl9Z9wkACgkQ+9DbCVqe
 KkRbkQf9HLRDEUSy/1LqbU7ncHzgCmnlzC0MKCqn/L3e+M916naO3xhu0tbJN9Ks
 nxu9irY1mGrj/gK+gJ9lr50GOvcc8XCFTpE82MisMRWWFeVRt3vYLAql7WcY0ioM
 K6jMMfoVswmVetP034llQhsAt9zvFimL89kp4O4i2Mjw5shsBIPfharXnnhL4EgS
 ykKmUdLWxAJPSOJJA71IAFP9UzMYfXg7/NHFK1SMVOWZjMT18aoa6YDzBpbr4KzX
 4vOvgGK3tBlVuOooSew7By6iR5oBPa5GP7O9Z78osCsyvzJMPcoNxQZyvgnS0Tda
 q6+/QeF9/ooDPkg5Jq6Z8EAsY0q+XA==
 =PIOR
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stsquad/tags/pull-testing-fixes-100920-1' into staging

Various misc and testing fixes:

  - Expand CODING_STYLE.rst a little more
  - usb-host build fix
  - allow check-softfloat unit tests without TCG
  - simplify mips imm_branch so compiler isn't confused
  - mark ppc64abi32 for deprecation
  - more compiler soothing in pch_rev_id
  - allow acceptance to skip missing binaries
  - more a bunch of plugins to contrib

# gpg: Signature made Thu 10 Sep 2020 10:51:05 BST
# gpg:                using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [full]
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8  DF35 FBD0 DB09 5A9E 2A44

* remotes/stsquad/tags/pull-testing-fixes-100920-1:
  plugins: move the more involved plugins to contrib
  tests/acceptance: Add Test.fetch_asset(cancel_on_missing=True)
  tests: bump avocado version
  hw/i386: make explicit clearing of pch_rev_id
  configure: don't enable ppc64abi32-linux-user by default
  docs/system/deprecated: mark ppc64abi32-linux-user for deprecation
  target/mips: simplify gen_compute_imm_branch logic
  tests/meson.build: fp tests don't need CONFIG_TCG
  usb-host: restrict workaround to new libusb versions
  CODING_STYLE.rst: flesh out our naming conventions.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-09-12 22:54:32 +01:00
Alex Bennée
c17a386b6a plugins: move the more involved plugins to contrib
We have an exploding complexity problem in the testing so lets just
move the more involved plugins into contrib. tests/plugins still exist
for the basic plugins that exercise the API. We restore the old
pre-meson style Makefile for contrib as it also doubles as a guide for
out-of-tree plugin builds.

While we are at it add some examples to the documentation and a
specific plugins build target.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20200909112742.25730-11-alex.bennee@linaro.org>
2020-09-10 10:47:03 +01:00
Bin Meng
a8fb0a500a hw/char: Add Microchip PolarFire SoC MMUART emulation
Microchip PolarFire SoC MMUART is ns16550 compatible, with some
additional registers. Create a simple MMUART model built on top
of the existing ns16550 model.

Signed-off-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <1598924352-89526-6-git-send-email-bmeng.cn@gmail.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-09-09 15:54:18 -07:00
Bin Meng
56f6e31e7b hw/riscv: Initial support for Microchip PolarFire SoC Icicle Kit board
This is an initial support for Microchip PolarFire SoC Icicle Kit.
The Icicle Kit board integrates a PolarFire SoC, with one SiFive's
E51 plus four U54 cores and many on-chip peripherals and an FPGA.

For more details about Microchip PolarFire Soc, please see:
https://www.microsemi.com/product-directory/soc-fpgas/5498-polarfire-soc-fpga

Unlike SiFive FU540, the RISC-V core resect vector is at 0x20220000.
The following perepherals are created as an unimplemented device:

- Bus Error Uint 0/1/2/3/4
- L2 cache controller
- SYSREG
- MPUCFG
- IOSCBCFG

More devices will be added later.

The BIOS image used by this machine is hss.bin, aka Hart Software
Services, which can be built from:
https://github.com/polarfire-soc/hart-software-services

To launch this machine:
$ qemu-system-riscv64 -nographic -M microchip-icicle-kit

The memory is set to 1 GiB by default to match the hardware.
A sanity check on ram size is performed in the machine init routine
to prompt user to increase the RAM size to > 1 GiB when less than
1 GiB ram is detected.

Signed-off-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <1598924352-89526-5-git-send-email-bmeng.cn@gmail.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-09-09 15:54:18 -07:00
Eduardo Habkost
94dfc0f343 codeconverter: script for automating QOM code cleanups
This started as a simple script that scanned for regular
expressions, but became more and more complex when exceptions to
the rules were found.

I don't know if this should be maintained in the QEMU source tree
long term (maybe it can be reused for other code transformations
that Coccinelle can't handle).  In either case, this is included
as part of the patch series to document how exactly the automated
code transformations in the next patches were done.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <20200831210740.126168-7-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2020-09-08 17:29:19 -04:00
Thomas Huth
6bcb5fc0f7 gitlab-ci: Add cross-compiling build tests
Now that we can use all our QEMU test containers in the gitlab-CI, we can
easily add some jobs that test cross-compilation for various architectures.
There is just only small ugliness: Since the shared runners on gitlab.com
are single-threaded, we have to split each compilation job into two parts
(--disable-user and --disable-system), and exclude some additional targets,
to avoid that the jobs are running too long and hitting the timeout of 1 h.

Message-Id: <20200823111757.72002-8-thuth@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2020-09-07 12:34:17 +02:00
Keith Busch
e8cc43d5cc MAINTAINERS: update nvme entry
The nvme emulated device development pace has increased recently.  Klaus
has offered to co-maintain, and since we have many new contributions
coming through, we're adding a repository to accumulate and test new
features.

Cc: Klaus Jensen <its@irrelevant.dk>
Acked-by: Klaus Jensen <k.jensen@samsung.com>
Acked-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Keith Busch <kbusch@kernel.org>
2020-09-02 08:48:49 +02:00
Thomas Huth
0abd386d8b docs/system/target-avr: Improve the AVR docs and add to MAINTAINERS
The examples look nicer when using "::" code blocks.
Also mention that "-d in_asm" only outputs instructions that have not
been translated by the JIT layer yet.
And while we're at it, also add the AVR doc file to the MAINTAINERS file.

Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Michael Rolnik <mrolnik@gmail.com>
Message-Id: <20200812155304.18016-1-huth@tuxfamily.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2020-09-01 11:15:00 +02:00
Edgar E. Iglesias
ff9e157bdc docs/system/arm: Document the Xilinx Versal Virt board
Document the Xilinx Versal Virt board.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 20200803164749.301971-2-edgar.iglesias@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-24 10:02:06 +01:00
Philippe Mathieu-Daudé
d0d89526f7 MAINTAINERS: Cover the firmware JSON schema
Add an entry to cover firmware.json (see commit 3a0adfc9bf:
schema that describes the different uses and properties of
virtual machine firmware).

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Kashyap Chamarthy <kchamart@redhat.com>
Cc: Daniel P. Berrange <berrange@redhat.com>
Suggested-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20200703183450.32398-1-philmd@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Kashyap Chamarthy <kchamart@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-07-27 10:28:28 -04:00
Thomas Huth
6184e5fb42 MAINTAINERS: Extend the device fuzzing section
The file docs/devel/fuzzing.txt should be in this section, too, and add
myself as a reviewer (since I often take the fuzzer patches through the
qtest-next tree, I should be notified on patches, too).

Message-Id: <20200721053926.17197-1-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2020-07-21 08:40:42 +02:00
Peter Maydell
6a0b7505f1 docs/system: Document the arm virt board
Document the arm 'virt' board, which has been undocumented
for far too long given that it is the main recommended board
type for arm guests.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20200713175746.5936-5-peter.maydell@linaro.org
2020-07-20 11:35:17 +01:00
Peter Maydell
bb309000c8 docs/system: Briefly document gumstix boards
Add skeletal documentation of the gumstix boards
('connex' and 'verdex').

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20200713175746.5936-4-peter.maydell@linaro.org
2020-07-20 11:35:17 +01:00
Peter Maydell
b76b60f59b docs/system: Briefly document collie board
Add skeletal documentation of the collie board.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20200713175746.5936-3-peter.maydell@linaro.org
2020-07-20 11:35:17 +01:00
Peter Maydell
2d21dd17c5 docs/system: Briefly document canon-a1100 board
Add skeletal documentation of the canon-a1100 board.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20200713175746.5936-2-peter.maydell@linaro.org
2020-07-20 11:35:17 +01:00
Prasad J Pandit
4b7c5bc447 vvfat: set status to odd fixes
Virtual VFAT driver is quite old and rarely used. Set its status
to Odd Fixes.

Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <20200710190451.761286-1-ppandit@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-07-17 14:20:57 +02:00
Peter Maydell
f1d5948669 MIPS patches for 5.1
- A pair of fixes,
 - Add Huacai Chen as MIPS KVM maintainer,
 - Add Jiaxun Yang as designated MIPS TCG reviewer.
 
 CI jobs results:
 . https://travis-ci.org/github/philmd/qemu/builds/708079271
 . https://gitlab.com/philmd/qemu/-/pipelines/166528104
 . https://cirrus-ci.com/build/6483996878045184
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAl8ODr4ACgkQ4+MsLN6t
 wN4XxhAAnH9aPdBx9oZit3Yq0ZggJKQ5xgoDJMKtknYzSfjRipPgPp7A7sf5I0as
 0/2l6AQhvq8iyU4hlAl7EITRqJUp2Z9/B0T0vgSydlLuDNFjHJ/1bY7UKAhAmaUE
 lLJLuC3tEK8a4pJqeYN8kxY2Z+P7VdYFog72xo0tiDO9KXKisLzQX0KlhUskBV8o
 Ead47EKIQ1m3jyorRXwNmf/XzBmHWVriDdT3BGVf+TWrqZh9E5e6X8zFAXXQc2as
 X+o0EnZVOtj8S1JSoxcOR5Wg3pjmwQ+RlxKqrv9bNmrkOrpU+iNZJQtS4ZZp8oe/
 dwYHZozInIT2ccHyZ5pQ1LTNfkCPQB9HAx6SZeb0KVMluSbFYwu45AhX8g58jyjI
 UyKMCnbFvP5WByPlp8BglWkdeFvSVvDxcGIc6S8SSaXpgtq4BkSp0yVw/ICGaE2W
 UsZiOqFR7mmrm0FJlKYX2ttGb7ATrRJ8to+kmH865aXTPKVlsCM34FloOFb9Yw9L
 V0RTc95oeexImfBe/mxe0qHtyZLfoKc9u8DHx2glr6ooUcidUeiZUnPzidCFdAfm
 qq6lj5tG3jHiQamclSTdow0p4+ttJn5ytkf0Qaepznpu9xVNvPDh8hGnSM/9Aryr
 tTLClX8ZpqxwMTepmFt4Q2SUEqTCNQ+CfQ9Jjq/fQTneUn0k058=
 =Mncy
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/philmd-gitlab/tags/mips-next-20200714' into staging

MIPS patches for 5.1

- A pair of fixes,
- Add Huacai Chen as MIPS KVM maintainer,
- Add Jiaxun Yang as designated MIPS TCG reviewer.

CI jobs results:
. https://travis-ci.org/github/philmd/qemu/builds/708079271
. https://gitlab.com/philmd/qemu/-/pipelines/166528104
. https://cirrus-ci.com/build/6483996878045184

# gpg: Signature made Tue 14 Jul 2020 20:59:58 BST
# gpg:                using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full]
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD  6BB2 E3E3 2C2C DEAD C0DE

* remotes/philmd-gitlab/tags/mips-next-20200714:
  MAINTAINERS: Adjust MIPS maintainership (add Huacai Chen & Jiaxun Yang)
  target/mips: Fix ADD.S FPU instruction
  target/mips: Remove identical if/else branches

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-15 13:54:09 +01:00
Peter Maydell
3a9163af4e Fix CVE-2020-13253
By using invalidated address, guest can do out-of-bounds accesses.
 These patches fix the issue by only allowing SD card image sizes
 power of 2, and not switching to SEND_DATA state when the address
 is invalid (out of range).
 
 This issue was found using QEMU fuzzing mode (using --enable-fuzzing,
 see docs/devel/fuzzing.txt) and reported by Alexander Bulekov.
 
 Reproducer:
   https://bugs.launchpad.net/qemu/+bug/1880822/comments/1
 
 CI jobs results:
 . https://cirrus-ci.com/build/5157142548185088
 . https://gitlab.com/philmd/qemu/-/pipelines/166381731
 . https://travis-ci.org/github/philmd/qemu/builds/707956535
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAl8NuSQACgkQ4+MsLN6t
 wN7MEg/+PER/n+CpmrC2lggQ3WJwNjvY09A4yfPfhKldjOi+25/amf/bQ2Zjmj7m
 HoiiPFu7vz+FugOfGv5YFlTS2+VNmN1UZqGqZRwY/YJJKg9am6TJ8zA4UBf4iegi
 OqNBJOPW/EYsAYdH3jUFmW15zAsRHEM6g2vZ1Z4WwVZqfYHsMB/y2khp9Fr+jGU0
 6wDeG0cdap5QVsamIll4/BoxgBa5UdtBYjzo7QBENs+abvOf56jjUqZx0+AL/Ua/
 IOpZ01mmPZJ4wJxPNT87gfEnHv0MRA7bSpJ7TAC80xVoQjeoK+V2Ohvy+rvYPaqm
 5mR0l4M+GGhglCg44wV3uwNonmltCxvTgGqZrQPsa3WnXMFoXqwGZgwl6XrYdLzV
 hVODJAu/Ivegk9AAbVrZGXg/shQtkB4gyoOaE3Qoraf1az9/XudECIo+zwocP4Ip
 Z0ny8bwQKq2QGYrCU3NWlgWi30sj6PeW5e6Jgq/2b1sUeKuUgNuuBPcRmXQ6kaz5
 vMX7qYsXAxvO7o1QlbASzdvSvOXGx+0J0CJctPnY4jAJ7qjvJTKOb0j+jwMNJy+D
 XFAgB+D0go+UvnaPJn6teIHzaD4NqWE37MaamxsMY6RWjAnoy1+OOvZIZTnq+LnH
 iLbgk2EsxlFyBd3aZ/51ukeTUxpNgu9J6iRcXB3yVNBS4vqlBDw=
 =VZsF
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/philmd-gitlab/tags/sdcard-CVE-2020-13253-pull-request' into staging

Fix CVE-2020-13253

By using invalidated address, guest can do out-of-bounds accesses.
These patches fix the issue by only allowing SD card image sizes
power of 2, and not switching to SEND_DATA state when the address
is invalid (out of range).

This issue was found using QEMU fuzzing mode (using --enable-fuzzing,
see docs/devel/fuzzing.txt) and reported by Alexander Bulekov.

Reproducer:
  https://bugs.launchpad.net/qemu/+bug/1880822/comments/1

CI jobs results:
. https://cirrus-ci.com/build/5157142548185088
. https://gitlab.com/philmd/qemu/-/pipelines/166381731
. https://travis-ci.org/github/philmd/qemu/builds/707956535

# gpg: Signature made Tue 14 Jul 2020 14:54:44 BST
# gpg:                using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full]
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD  6BB2 E3E3 2C2C DEAD C0DE

* remotes/philmd-gitlab/tags/sdcard-CVE-2020-13253-pull-request:
  hw/sd/sdcard: Do not switch to ReceivingData if address is invalid
  hw/sd/sdcard: Update coding style to make checkpatch.pl happy
  hw/sd/sdcard: Do not allow invalid SD card sizes
  hw/sd/sdcard: Simplify realize() a bit
  hw/sd/sdcard: Restrict Class 6 commands to SCSD cards
  tests/acceptance/boot_linux: Expand SD card image to power of 2
  tests/acceptance/boot_linux: Tag tests using a SD card with 'device:sd'
  docs/orangepi: Add instructions for resizing SD image to power of two
  MAINTAINERS: Cc qemu-block mailing list

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-15 09:06:55 +01:00