Commit Graph

116465 Commits

Author SHA1 Message Date
TANG Tiancheng
d1843219a1 tcg/riscv: Implement vector roti/v/x ops
Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com>
Message-ID: <20241007025700.47259-12-zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-10-22 11:57:25 -07:00
TANG Tiancheng
cbde22f18b tcg/riscv: Implement vector shi/s/v ops
Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241007025700.47259-11-zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-10-22 11:57:25 -07:00
TANG Tiancheng
1631f19b04 tcg/riscv: Implement vector min/max ops
Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241007025700.47259-10-zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-10-22 11:57:25 -07:00
TANG Tiancheng
101c1ef562 tcg/riscv: Implement vector sat/mul ops
Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241007025700.47259-9-zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-10-22 11:57:25 -07:00
Richard Henderson
dc9cd4ec12 tcg/riscv: Accept constant first argument to sub_vec
Use vrsub.vi to subtract from a constant.

Reviewed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-10-22 11:57:25 -07:00
TANG Tiancheng
c283c0748a tcg/riscv: Implement vector neg ops
Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241007025700.47259-8-zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-10-22 11:57:25 -07:00
TANG Tiancheng
a31768c019 tcg/riscv: Implement vector cmp/cmpsel ops
Extend comparison results from mask registers to SEW-width elements,
following recommendations in The RISC-V SPEC Volume I (Version 20240411).
This aligns with TCG's cmp_vec behavior by expanding compare results to
full element width: all 1s for true, all 0s for false.

Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241007025700.47259-7-zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-10-22 11:57:25 -07:00
TANG Tiancheng
5a63f59987 tcg/riscv: Add support for basic vector opcodes
Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241007025700.47259-6-zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-10-22 11:57:25 -07:00
TANG Tiancheng
d4be6ee111 tcg/riscv: Implement vector mov/dup{m/i}
Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241007025700.47259-5-zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-10-22 11:57:25 -07:00
Huang Shiyuan
f63e7089b4 tcg/riscv: Add basic support for vector
The RISC-V vector instruction set utilizes the LMUL field to group
multiple registers, enabling variable-length vector registers. This
implementation uses only the first register number of each group while
reserving the other register numbers within the group.

In TCG, each VEC_IR can have 3 types (TCG_TYPE_V64/128/256), and the
host runtime needs to adjust LMUL based on the type to use different
register groups.

This presents challenges for TCG's register allocation. Currently, we
avoid modifying the register allocation part of TCG and only expose the
minimum number of vector registers.

For example, when the host vlen is 64 bits and type is TCG_TYPE_V256, with
LMUL equal to 4, we use 4 vector registers as one register group. We can
use a maximum of 8 register groups, but the V0 register number is reserved
as a mask register, so we can effectively use at most 7 register groups.
Moreover, when type is smaller than TCG_TYPE_V256, only 7 registers are
forced to be used. This is because TCG cannot yet dynamically constrain
registers with type; likewise, when the host vlen is 128 bits and
TCG_TYPE_V256, we can use at most 15 registers.

There is not much pressure on vector register allocation in TCG now, so
using 7 registers is feasible and will not have a major impact on code
generation.

This patch:
1. Reserves vector register 0 for use as a mask register.
2. When using register groups, reserves the additional registers within
   each group.

Signed-off-by: Huang Shiyuan <swung0x48@outlook.com>
Co-authored-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241007025700.47259-3-zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-10-22 11:57:25 -07:00
TANG Tiancheng
f7230e09b1 util: Add RISC-V vector extension probe in cpuinfo
Add support for probing RISC-V vector extension availability in
the backend. This information will be used when deciding whether
to use vector instructions in code generation.

Cache lg2(vlenb) for the backend. The storing of lg2(vlenb) means
we can convert all of the division into subtraction.

While the compiler doesn't support RISCV_HWPROBE_EXT_ZVE64X,
we use RISCV_HWPROBE_IMA_V instead. RISCV_HWPROBE_IMA_V is more
strictly constrainted than RISCV_HWPROBE_EXT_ZVE64X. At least in
current QEMU implemenation, the V vector extension depends on the
zve64d extension.

Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com>
Tested-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Message-ID: <20241007025700.47259-2-zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-10-22 11:57:25 -07:00
Richard Henderson
be46e0bf14 disas/riscv: Fix vsetivli disassembly
The first immediate field is unsigned, whereas operand_vimm
extracts a signed value.  There is no need to mask the result
with 'u'; just print the immediate with 'i'.

Fixes: 07f4964d17 ("disas/riscv.c: rvv: Add disas support for vector instructions")
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-10-22 11:57:25 -07:00
Richard Henderson
a7cfd751fb tcg: Reset data_gen_ptr correctly
This pointer needs to be reset after overflow just like
code_buf and code_ptr.

Cc: qemu-stable@nongnu.org
Fixes: 57a269469d ("tcg: Infrastructure for managing constant pools")
Acked-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-10-22 11:57:25 -07:00
Thomas Huth
abaabb2e60 hw/s390x/ipl: Provide more memory to the s390-ccw.img firmware
We are going to link the SLOF libc into the s390-ccw.img, and this
libc needs more memory for providing space for malloc() and friends.
Thus bump the memory size that we reserve for the bios to 3 MiB
instead of only 2 MiB. While we're at it, add a proper check that
there is really enough memory assigned to the machine before blindly
using it.

Message-ID: <20240621082422.136217-3-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2024-10-22 19:46:04 +02:00
Kevin Wolf
04bbc3ee52 raw-format: Fix error message for invalid offset/size
s->offset and s->size are only set at the end of the function and still
contain the old values when formatting the error message. Print the
parameters with the new values that we actually checked instead.

Fixes: 500e243420 ('raw-format: Split raw_read_options()')
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-ID: <20240829185527.47152-1-kwolf@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Hanna Czenczek <hreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2024-10-22 17:52:49 +02:00
Leonid Kaplan
2155d2dd7f block-backend: per-device throttling of BLOCK_IO_ERROR reports
BLOCK_IO_ERROR events comes from guest, so we must throttle them.
We still want per-device throttling, so let's use device id as a key.

Signed-off-by: Leonid Kaplan <xeor@yandex-team.ru>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Message-ID: <20241002151806.592469-3-vsementsov@yandex-team.ru>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2024-10-22 17:52:49 +02:00
Vladimir Sementsov-Ogievskiy
7452162ade qapi: add qom-path to BLOCK_IO_ERROR event
We need something more reliable than "device" (which absent in modern
interfaces) and "node-name" (which may absent, and actually don't
specify the device, which is a source of error) to make a per-device
throttling for the event in the following commit.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Message-ID: <20241002151806.592469-2-vsementsov@yandex-team.ru>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2024-10-22 17:52:49 +02:00
Vladimir Sementsov-Ogievskiy
526c4a90c4 iotests/backup-discard-source: don't use actual-size
Relying on disk usage is bad thing, and test just doesn't work on XFS.

Let's instead add a dirty bitmap to track writes to test image.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Message-ID: <20240620144402.65896-3-vsementsov@yandex-team.ru>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Tested-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2024-10-22 17:52:49 +02:00
Vladimir Sementsov-Ogievskiy
b4bc6ad1d7 iotests/backup-discard-source: convert size variable to be int
Make variable reusable in code for checks. Don't care to change "512 *
1024" invocations as they will be dropped in the next commit.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Message-ID: <20240620144402.65896-2-vsementsov@yandex-team.ru>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2024-10-22 17:52:49 +02:00
Peter Maydell
4d7c5f8335 block/vdi.c: Make SECTOR_SIZE constant 64-bits
Make the VDI SECTOR_SIZE define be a 64-bit constant; this matches
how we define BDRV_SECTOR_SIZE.  The benefit is that it means that we
don't need to carefully cast to 64-bits when doing operations like
"n_sectors * SECTOR_SIZE" to avoid doing a 32x32->32 multiply, which
might overflow, and which Coverity and other static analysers tend to
warn about.

The specific potential overflow Coverity is highlighting is the one
at the end of vdi_co_pwritev() where we write out n_sectors sectors
to the block map.  This is very unlikely to actually overflow, since
the block map has 4 bytes per block and the maximum number of blocks
in the image must fit into a 32-bit integer.  So this commit is not
fixing a real-world bug.

An inspection of all the places currently using SECTOR_SIZE in the
file shows none which care about the change in its type, except for
one call to error_setg() which needs the format string adjusting.

Resolves: Coverity CID 1508076
Suggested-by: Kevin Wolf <kwolf@redhat.com>
Message-ID: <20241008164708.2966400-5-peter.maydell@linaro.org>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2024-10-22 17:52:49 +02:00
Peter Maydell
d60bd080e7 tests/qemu-iotests/211.out: Update to expect MapEntry 'compressed' field
In commit 52b10c9c0c in 2023 the QAPI MapEntry struct was
updated to add a 'compressed' field. That commit updated a number
of iotest expected-output files, but missed 211, which is vdi
specific. The result is that
 ./check -vdi
and more specifically
 ./check -vdi 211
fails because the expected and actual output don't match.

Update the reference output.

Cc: qemu-stable@nongnu.org
Fixes: 52b10c9c0c ("qemu-img: map: report compressed data blocks")
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-ID: <20241008164708.2966400-4-peter.maydell@linaro.org>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2024-10-22 17:52:49 +02:00
Peter Maydell
19c1e44123 block/ssh.c: Don't double-check that characters are hex digits
In compare_fingerprint() we effectively check whether the characters
in the fingerprint are valid hex digits twice: first we do so with
qemu_isxdigit(), but then the hex2decimal() function also has a code
path where it effectively detects an invalid digit and returns -1.
This causes Coverity to complain because it thinks that we might use
that -1 value in an expression where it would be an integer overflow.

Avoid the double-check of hex digit validity by testing the return
values from hex2decimal() rather than doing separate calls to
qemu_isxdigit().

Since this means we now use the illegal-character return value
from hex2decimal(), rewrite it from "-1" to "UINT_MAX", which
has the same effect since the return type is "unsigned" but
looks less confusing at the callsites when we detect it with
"c0 > 0xf".

Resolves: Coverity CID 1547813
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-ID: <20241008164708.2966400-3-peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2024-10-22 17:52:49 +02:00
Peter Maydell
75200708ce block/gluster: Use g_autofree for string in qemu_gluster_parse_json()
In the loop in qemu_gluster_parse_json() we do:

    char *str = NULL;
    for(...) {
        str = g_strdup_printf(...);
        ...
        if (various errors) {
            goto out;
        }
        ...
        g_free(str);
        str = NULL;
    }
    return 0;
out:
    various cleanups;
    g_free(str);
    ...
    return -errno;

Coverity correctly complains that the assignment "str = NULL" at the
end of the loop is unnecessary, because we will either go back to the
top of the loop and overwrite it, or else we will exit the loop and
then exit the function without ever reading str again. The assignment
is there as defensive coding to ensure that str is only non-NULL if
it's a live allocation, so this is intentional.

We can make Coverity happier and simplify the code here by using
g_autofree, since we never need 'str' outside the loop.

Resolves: Coverity CID 1527385
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20241008164708.2966400-2-peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2024-10-22 17:52:49 +02:00
Peter Maydell
55522f7214 trivial patches for 2024-10-22
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEZKoqtTHVaQM2a/75gqpKJDselHgFAmcXQugACgkQgqpKJDse
 lHjSfg//ZVmwp7zuGJC6dFwgCIoVc1IqERliuiBQNosw/IYSPwt6S4+lECR6Hu+N
 4ktKAO6MKwQgBDoqw9Wz+lDASHKJ3VbDkyxfE4wfOz7C1UrCxGEsUzy43wI3Ms5J
 fM175GWTQZiJZkmf0hLmRKtgmouq7YbjPqPvCQTQP/NT8k6f2KiY+YKLmo2cMoUJ
 Ra+JPOKMTQhGTCCOtijdK/6whtUuym7X6hW3LaXC8cjehfwE+dRf7gcApZG8fcKE
 1ALFbXRlRL+FFM5GfsWr39rtJI0XXdm8fa+dIOuXJQe8X9xns/Ha8fLqiKVo+9k+
 Axk+B2xFopIf6CBPxfXyxzcDnx5KBhIIO86D/M+rSK+pqTaNYcad8OY9ciSBQien
 EgDJDp8DtM6gmY0xa7kMXEKy127l4DWlIp2bM3Ufuv3r5+FS1tSsz5Tfx/d9LRfV
 JPt/9Xl/gW5XAB3+HEc7nkP+/YW4C79nZbkxEYiDIFKa9SrAxbBkuTPGzReAly4y
 zUAaxk0qbtqfYrufz1oiEz3eCoY7zTmey015AfMPwQMHhqPIAYOjv6bwYVOzVTFj
 Vh7xhS+qn/iLDhEB10XqOALIuQu+PCtQjIwHakwGD0IEjG0G1b363p3eYO/+UpDl
 E3ydNh/K61/oCvQJcAJM0lY3KdlVxDCY499KwNDAjSnZL8i8gFY=
 =zFvF
 -----END PGP SIGNATURE-----

Merge tag 'pull-trivial-patches' of https://gitlab.com/mjt0k/qemu into staging

trivial patches for 2024-10-22

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCgAdFiEEZKoqtTHVaQM2a/75gqpKJDselHgFAmcXQugACgkQgqpKJDse
# lHjSfg//ZVmwp7zuGJC6dFwgCIoVc1IqERliuiBQNosw/IYSPwt6S4+lECR6Hu+N
# 4ktKAO6MKwQgBDoqw9Wz+lDASHKJ3VbDkyxfE4wfOz7C1UrCxGEsUzy43wI3Ms5J
# fM175GWTQZiJZkmf0hLmRKtgmouq7YbjPqPvCQTQP/NT8k6f2KiY+YKLmo2cMoUJ
# Ra+JPOKMTQhGTCCOtijdK/6whtUuym7X6hW3LaXC8cjehfwE+dRf7gcApZG8fcKE
# 1ALFbXRlRL+FFM5GfsWr39rtJI0XXdm8fa+dIOuXJQe8X9xns/Ha8fLqiKVo+9k+
# Axk+B2xFopIf6CBPxfXyxzcDnx5KBhIIO86D/M+rSK+pqTaNYcad8OY9ciSBQien
# EgDJDp8DtM6gmY0xa7kMXEKy127l4DWlIp2bM3Ufuv3r5+FS1tSsz5Tfx/d9LRfV
# JPt/9Xl/gW5XAB3+HEc7nkP+/YW4C79nZbkxEYiDIFKa9SrAxbBkuTPGzReAly4y
# zUAaxk0qbtqfYrufz1oiEz3eCoY7zTmey015AfMPwQMHhqPIAYOjv6bwYVOzVTFj
# Vh7xhS+qn/iLDhEB10XqOALIuQu+PCtQjIwHakwGD0IEjG0G1b363p3eYO/+UpDl
# E3ydNh/K61/oCvQJcAJM0lY3KdlVxDCY499KwNDAjSnZL8i8gFY=
# =zFvF
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 22 Oct 2024 07:15:04 BST
# gpg:                using RSA key 64AA2AB531D56903366BFEF982AA4A243B1E9478
# gpg: Good signature from "Michael Tokarev <mjt@debian.org>" [full]
# gpg:                 aka "Michael Tokarev <mjt@corpit.ru>" [full]
# gpg:                 aka "Michael Tokarev <mjt@tls.msk.ru>" [full]
# Primary key fingerprint: 9D8B E14E 3F2A 9DD7 9199  28F1 61AD 3D98 ECDF 2C8E
#      Subkey fingerprint: 64AA 2AB5 31D5 6903 366B  FEF9 82AA 4A24 3B1E 9478

* tag 'pull-trivial-patches' of https://gitlab.com/mjt0k/qemu:
  replace error_setg(&error_fatal, ...) with error_report()
  meson.build: Remove ncurses workaround for OpenBSD
  configure: Replace literally printed '\n' with newline
  ui/console-vc: Silence warning about sprintf() on OpenBSD
  linux-user: Clean up unused header

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2024-10-22 14:53:20 +01:00
Daniel P. Berrangé
c64df333f9 gitlab: enable afalg tests in fedora system test
The AF_ALG crypto integration for Linux is not being tested in
any CI scenario. It always requires an explicit configure time
flag to be passed to turn it on. The Fedora system test is
arbitrarily picked as the place to test it.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2024-10-22 13:02:33 +01:00
Daniel P. Berrangé
1a225f57f3 ui: validate NUL byte padding in SASL client data more strictly
When the SASL data is non-NULL, the SASL protocol spec requires that
it is padded with a trailing NUL byte. QEMU discards the trailing
byte, but does not currently validate that it was in fact a NUL.
Apply strict validation to better detect any broken clients.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2024-10-22 13:02:31 +01:00
Daniel P. Berrangé
829cb3d0ea ui: fix handling of NULL SASL server data
The code is supposed to distinguish between SASL server data that
is NULL, vs non-NULL but zero-length. It was incorrectly checking
the 'serveroutlen' variable, rather than 'serverout' though, so
failing to distinguish the cases.

Fortunately we can fix this without breaking compatibility with
clients, as clients already know how to decode the input data
correctly.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2024-10-22 11:44:23 +01:00
Daniel P. Berrangé
2b69564798 ui/vnc: don't check for SSF after SASL authentication on UNIX sockets
Although we avoid requesting an SSF when querying SASL mechanisms for a
UNIX socket client, we still mistakenly checked for availability of an
SSF once the SASL auth process is complete.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2024-10-22 11:44:23 +01:00
Daniel P. Berrangé
c0a9c92bd5 ui/vnc: fix skipping SASL SSF on UNIX sockets
The 'is_unix' flag is set on the VNC server during startup, however,
a regression in:

  commit 8bd22f477f
  Author: Daniel P. Berrangé <berrange@redhat.com>
  Date:   Fri Feb 3 12:06:46 2017 +0000

    ui: extract code to connect/listen from vnc_display_open

meant we stopped setting the 'is_unix' flag when QEMU listens for
VNC sockets, only setting when QEMU does a reverse VNC connection.

Rather than fixing setting of the 'is_unix' flag, remove it, and
directly check the live client socket address. This is more robust
to a possible situation where the VNC server was listening on a
mixture of INET and UNIX sockets.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2024-10-22 11:44:23 +01:00
Daniel P. Berrangé
e9eabcc911 ui/vnc: don't raise error formatting socket address for non-inet
The SASL library requires the connection's local & remote IP address to
be passed in, since some mechanism may use this information. Currently
QEMU raises an error for non-inet sockets, but it is valid to pass NULL
to the SASL library. Doing so makes SASL work on UNIX sockets.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2024-10-22 11:44:23 +01:00
Daniel P. Berrangé
46c80446b5 ui/vnc: don't return an empty SASL mechlist to the client
The SASL initialization phase may determine that there are no valid
mechanisms available to use. This may be because the host OS admin
forgot to install some packages, or it might be because the requested
SSF level is incompatible with available mechanisms, or other unknown
reasons.

If we return an empty mechlist to the client, they're going to get a
failure from the SASL library on their end and drop the connection.
Thus there is no point even sending this back to the client, we can
just drop the connection immediately.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2024-10-22 11:44:23 +01:00
Markus Armbruster
f8395ce8a3 crypto/hash-afalg: Fix broken build
Fux build broken by semantic conflict with commit
8f525028bc (qapi/crypto: Rename QCryptoAFAlg to QCryptoAFAlgo).

Fixes: 90c3dc6073 (crypto/hash-afalg: Implement new hash API)
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2024-10-22 11:44:23 +01:00
Daniel P. Berrangé
769660955a include/crypto: clarify @result/@result_len for hash/hmac APIs
The @result parameter passed to hash/hmac APIs may either contain
a pre-allocated buffer, or a buffer can be allocated on the fly.
Clarify these two different usage models in the API docs.

Reviewed-by: Dorjoy Chowdhury <dorjoychy111@gmail.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2024-10-22 11:44:23 +01:00
Daniel P. Berrangé
164f2be1b5 tests: correctly validate result buffer in hash/hmac tests
Validate that the pre-allocated buffer pointer was not overwritten
by the hash/hmac APIs.

Reviewed-by: Dorjoy Chowdhury <dorjoychy111@gmail.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2024-10-22 11:44:23 +01:00
Daniel P. Berrangé
dde538c9a7 crypto/hash: avoid overwriting user supplied result pointer
If the user provides a pre-allocated buffer for the hash result,
we must use that rather than re-allocating a new buffer.

Reported-by: Dorjoy Chowdhury <dorjoychy111@gmail.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2024-10-22 11:44:23 +01:00
Daniel P. Berrangé
b5b89e9bc6 util: don't set SO_REUSEADDR on client sockets
Setting the SO_REUSEADDR property on a socket allows binding to a port
number that is in the TIMED_WAIT state. This is usually done on listener
sockets, to enable a server to restart itself without having to wait for
the completion of TIMED_WAIT on the port.

It is also possible, but highly unusual, to set it on client sockets. It
is rare to explicitly bind() a client socket, since it is almost always
fine to allow the kernel to auto-bind a client socket to a random free
port. Most systems will have many 10's of 1000's of free ports that
client sockets will be bound to.

eg on Linux

  $ sysctl -a | grep local_port
  net.ipv4.ip_local_port_range = 32768	60999

eg on OpenBSD

  $ sysctl -a | grep net.inet.ip.port
  net.inet.ip.portfirst=1024
  net.inet.ip.portlast=49151
  net.inet.ip.porthifirst=49152
  net.inet.ip.porthilast=65535

A connected socket must have a unique set of value for

 (protocol, localip, localport, remoteip, remoteport)

otherwise it is liable to get EADDRINUSE.

A client connection should trivially avoid EADDRINUSE if letting the
kernel auto-assign the 'localport' value, which QEMU always does.

When QEMU sets SO_REUSEADDR on a client socket on OpenBSD, however, it
upsets this situation.

The OpenBSD kernel appears to happily pick a 'localport' that is in the
TIMED_WAIT state, even if there are many other available local ports
available for use that are not in the TIMED_WAIT state.

A test program that just loops opening client sockets will start seeing
EADDRINUSE on OpenBSD when as few as 2000 ports are in TIMED_WAIT,
despite 10's of 1000's ports still being unused. This contrasts with
Linux which appears to avoid picking local ports in TIMED_WAIT state.

This problem on OpenBSD exhibits itself periodically with the migration
test failing with a message like[1]:

  qemu-system-ppc64: Failed to connect to '127.0.0.1:24109': Address already in use

While I have not been able to reproduce the OpenBSD failure in my own
testing, given the scope of what QEMU tests do, it is entirely possible
that there could be a lot of ports in TIMED_WAIT state when the
migration test runs.

Removing SO_REUSEADDR from the client sockets should not affect normal
QEMU usage, and should improve reliability on OpenBSD.

This use of SO_REUSEADDR on client sockets is highly unusual, and
appears to have been present since the very start of the QEMU socket
helpers in 2008. The orignal commit has no comment about the use of
SO_REUSEADDR on the client, so is most likely just an 16 year old
copy+paste bug.

[1] https://lists.nongnu.org/archive/html/qemu-devel/2024-10/msg03427.html
    https://lists.nongnu.org/archive/html/qemu-devel/2024-02/msg01572.html

Fixes: d247d25f18
Reviewed-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Fabiano Rosas <farosas@suse.de>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2024-10-22 11:44:23 +01:00
Dr. David Alan Gilbert
a347207514 sockets: Remove deadcode
socket_remote_address hasn't been used since it was added in
  17c55decec ("sockets: add helpers for creating SocketAddress from a socket")

inet_connect hasn't been used since 2017's
  8ecc2f9eab ("sheepdog: Use SocketAddress and socket_connect()")

Remove them.

Signed-off-by: Dr. David Alan Gilbert <dave@treblig.org>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2024-10-22 11:44:23 +01:00
Dr. David Alan Gilbert
04eeeec697 crypto: Remove unused DER string functions
qcrypto_der_encode_octet_str_begin and _end have been unused
since they were added in
  3b34ccad66 ("crypto: Support DER encodings")

Remove them.

Signed-off-by: Dr. David Alan Gilbert <dave@treblig.org>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2024-10-22 11:44:23 +01:00
Tudor Gheorghiu
5ae3ec6363 replace error_setg(&error_fatal, ...) with error_report()
According to include/qapi/error.h:
* Please don't error_setg(&error_fatal, ...), use error_report() and
* exit(), because that's more obvious.

Patch updates all instances of error_setg(&error_fatal, ...) with
error_report(...), adds the explicit exit(1) and removes redundant
return statements.

Signed-off-by: Tudor Gheorghiu <tudor.reda@gmail.com>
Suggested-by: Thomas Huth <thuth@redhat.com>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2587
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
(Mjt: also fold __func__ to previous line)
2024-10-21 22:40:47 +03:00
Brad Smith
f8d3116fdd meson.build: Remove ncurses workaround for OpenBSD
meson.build: Remove ncurses workaround for OpenBSD

OpenBSD 7.5 has upgraded to ncurses 6.4.

Signed-off-by: Brad Smith <brad@comstyle.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2024-10-21 22:40:47 +03:00
Kevin Wolf
c11aaaaef1 configure: Replace literally printed '\n' with newline
The idea here was to leave an empty line before the message, but by
default, echo prints '\n' literally instead of interpreting it. Use a
separate echo without parameter instead like in other places in the
script.

Fixes: 6fdc5bc173
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2024-10-21 22:40:47 +03:00
Thomas Huth
30b1fc5a98 ui/console-vc: Silence warning about sprintf() on OpenBSD
The linker on OpenBSD complains:

 ld: warning: console-vc.c:824 (../src/ui/console-vc.c:824)([...]):
 warning: sprintf() is often misused, please use snprintf()

Using g_strdup_printf() is certainly better here, so let's switch
to that function instead.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2024-10-21 22:40:47 +03:00
Gustavo Romero
fe71f4b0de linux-user: Clean up unused header
Clean up unused (already commented-out) header from syscall.c.

Signed-off-by: Gustavo Romero <gustavo.romero@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2024-10-21 22:40:47 +03:00
Peter Maydell
6f625ce2f2 * Convert most Tuxrun Avocado tests to the new functional framework
* Update the OpenBSD CI image to OpenBSD v7.6
 * Bump timeout of the ide-test
 * New maintainer for the QTests
 * Disable the pci-bridge on s390x by default
 -----BEGIN PGP SIGNATURE-----
 
 iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmcWfCgRHHRodXRoQHJl
 ZGhhdC5jb20ACgkQLtnXdP5wLbV6kQ//YwRebyA192IBM+XQK5YYmguieHmWxV8J
 fZf0a1dWN8oiT3jzI48YWttiU9P6AMa/dwiuepVl4G9+d+w1c3RhS6kQqJljNbDb
 NGw+LVZZcwY1FJpEsEwbDfePkugYHmNXUU672kxz3I8bv/8NmLDc7R3cI5U/7+SP
 N4lxVM6Hd3XZZdc+O2S8En20E1oAJ6IvJwwhCqjLlT36Ez8P69KQhE0V8MtLnrBg
 FsXZuzmaxt/ZDMhTsiHNl6f7N1oD7Y2TPJrdq7V2aihpDA+zx0RlvBPpzD98ZgeS
 PtdkqjL63B5S3RL4fjJUSb/gbL4oChQ5TZDb2Dfw7Q5qPMZ1cgeJLBwdzHZEZrzF
 RTtn4fObYUqtRF3M0Ha4xXc8odSzJTV2fvpSVXcljG1E4AMcD6CMK0E472XbhkMS
 txZHW+C/IDVJ4OoSncrH8ybi1JasEqJZ0YaPfb+aTsPV058b65l+0jQJtlxLoTIf
 p5LluL3exwr0sS3Aq5tcV3pNITtCv1FkcUk7So8sohO2OLQtC9QA300CSXna8XhQ
 OxgRA1c3HXw23MTJKSWjseDIt1bajvBu+cr/pmDxlYnWWsSCcEFaAoQohwhOMA6Z
 JfJF0tSv+koUsw6hSl7146aylSvDYUKPilAGgAUAy1yscgglMvtmQqWkEta/XGP2
 U8qvX8nUwOM=
 =DJf9
 -----END PGP SIGNATURE-----

Merge tag 'pull-request-2024-10-21' of https://gitlab.com/thuth/qemu into staging

* Convert most Tuxrun Avocado tests to the new functional framework
* Update the OpenBSD CI image to OpenBSD v7.6
* Bump timeout of the ide-test
* New maintainer for the QTests
* Disable the pci-bridge on s390x by default

# -----BEGIN PGP SIGNATURE-----
#
# iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmcWfCgRHHRodXRoQHJl
# ZGhhdC5jb20ACgkQLtnXdP5wLbV6kQ//YwRebyA192IBM+XQK5YYmguieHmWxV8J
# fZf0a1dWN8oiT3jzI48YWttiU9P6AMa/dwiuepVl4G9+d+w1c3RhS6kQqJljNbDb
# NGw+LVZZcwY1FJpEsEwbDfePkugYHmNXUU672kxz3I8bv/8NmLDc7R3cI5U/7+SP
# N4lxVM6Hd3XZZdc+O2S8En20E1oAJ6IvJwwhCqjLlT36Ez8P69KQhE0V8MtLnrBg
# FsXZuzmaxt/ZDMhTsiHNl6f7N1oD7Y2TPJrdq7V2aihpDA+zx0RlvBPpzD98ZgeS
# PtdkqjL63B5S3RL4fjJUSb/gbL4oChQ5TZDb2Dfw7Q5qPMZ1cgeJLBwdzHZEZrzF
# RTtn4fObYUqtRF3M0Ha4xXc8odSzJTV2fvpSVXcljG1E4AMcD6CMK0E472XbhkMS
# txZHW+C/IDVJ4OoSncrH8ybi1JasEqJZ0YaPfb+aTsPV058b65l+0jQJtlxLoTIf
# p5LluL3exwr0sS3Aq5tcV3pNITtCv1FkcUk7So8sohO2OLQtC9QA300CSXna8XhQ
# OxgRA1c3HXw23MTJKSWjseDIt1bajvBu+cr/pmDxlYnWWsSCcEFaAoQohwhOMA6Z
# JfJF0tSv+koUsw6hSl7146aylSvDYUKPilAGgAUAy1yscgglMvtmQqWkEta/XGP2
# U8qvX8nUwOM=
# =DJf9
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 21 Oct 2024 17:07:04 BST
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg:                issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* tag 'pull-request-2024-10-21' of https://gitlab.com/thuth/qemu:
  tests/functional: Convert the Avocado sh4 tuxrun test
  Revert "hw/sh4/r2d: Realize IDE controller before accessing it"
  tests/functional: Convert the Avocado ppc32 tuxrun test
  tests/functional: Convert the Avocado mips64el tuxrun test
  tests/functional: Convert the Avocado mips64 tuxrun test
  tests/functional: Convert the Avocado mipsel tuxrun test
  tests/functional: Convert the Avocado mips tuxrun test
  tests/functional: Convert the Avocado x86_64 tuxrun test
  tests/functional: Convert the Avocado i386 tuxrun test
  tests/functional: Convert the Avocado riscv64 tuxrun tests
  tests/functional: Convert the Avocado riscv32 tuxrun tests
  tests/functional: Convert the Avocado arm tuxrun tests
  tests/functional: Convert the Avocado s390x tuxrun test
  tests/functional: Convert the Avocado sparc64 tuxrun test
  tests/functional: Convert the Avocado ppc64 tuxrun tests
  tests/functional: Add a base class for the TuxRun tests
  hw/pci-bridge: Add a Kconfig switch for the normal PCI bridge
  MAINTAINERS: A new maintainer for the qtests
  tests/qtest: Raise the ide-test timeout
  tests/vm: update openbsd image to 7.6

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2024-10-21 17:12:59 +01:00
Peter Maydell
91e4e1832e Edgars Xen queue.
-----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCgAdFiEErET+3BT38evtv0FRKcWWeA9ryoMFAmcV7NYACgkQKcWWeA9r
 yoM0pAgA2RNMysVe9IhoAlZ6ThGRvAE9epuHtoPERSTfqtFPOOY3UOU7zxrsX9Ov
 YPh41I5YtbV3fB3X8kp51pqcTOWZBBdyCLtj0EFB0XTArPvpOFPueL1q2LgEnlLV
 77mBHnMarb3SI4INRm/tWWpk7ljgXMA6TSd2JlmO5l1OcZGlURdhLFWBBIRnTg1n
 K+ZqQyq2KMANhIYvN0JAvM45FkwXntUzbxVMIjo0ICk2/EDgcFnGn9V0TgMkcIs3
 ctBEk6reZrdvNghX02r1wsH0HKGn78358G5uZAo9YEQOoTeGDswujHOVsn73ia2a
 6DChqCfyvlrJt4ljip2WoaoCMlZGdA==
 =QB2W
 -----END PGP SIGNATURE-----

Merge tag 'edgar/xen-queue-2024-10-21.for-upstream' of https://gitlab.com/edgar.iglesias/qemu into staging

Edgars Xen queue.

# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEErET+3BT38evtv0FRKcWWeA9ryoMFAmcV7NYACgkQKcWWeA9r
# yoM0pAgA2RNMysVe9IhoAlZ6ThGRvAE9epuHtoPERSTfqtFPOOY3UOU7zxrsX9Ov
# YPh41I5YtbV3fB3X8kp51pqcTOWZBBdyCLtj0EFB0XTArPvpOFPueL1q2LgEnlLV
# 77mBHnMarb3SI4INRm/tWWpk7ljgXMA6TSd2JlmO5l1OcZGlURdhLFWBBIRnTg1n
# K+ZqQyq2KMANhIYvN0JAvM45FkwXntUzbxVMIjo0ICk2/EDgcFnGn9V0TgMkcIs3
# ctBEk6reZrdvNghX02r1wsH0HKGn78358G5uZAo9YEQOoTeGDswujHOVsn73ia2a
# 6DChqCfyvlrJt4ljip2WoaoCMlZGdA==
# =QB2W
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 21 Oct 2024 06:55:34 BST
# gpg:                using RSA key AC44FEDC14F7F1EBEDBF415129C596780F6BCA83
# gpg: Good signature from "Edgar E. Iglesias (Xilinx key) <edgar.iglesias@xilinx.com>" [unknown]
# gpg:                 aka "Edgar E. Iglesias <edgar.iglesias@gmail.com>" [full]
# Primary key fingerprint: AC44 FEDC 14F7 F1EB EDBF  4151 29C5 9678 0F6B CA83

* tag 'edgar/xen-queue-2024-10-21.for-upstream' of https://gitlab.com/edgar.iglesias/qemu:
  hw/xen: Avoid use of uninitialized bufioreq_evtchn

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2024-10-21 17:12:43 +01:00
Thomas Huth
c592ff3511 tests/functional: Convert the Avocado sh4 tuxrun test
Move the test into a new file so that it can be run via
qemu-system-sh4 in the functional framework.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-18-thuth@redhat.com>
2024-10-21 16:41:39 +02:00
Thomas Huth
68ad89b75a Revert "hw/sh4/r2d: Realize IDE controller before accessing it"
This reverts commit 3c5f86a226.

Changing the order here caused a regression with the "tuxrun"
kernels (from https://storage.tuxboot.com/20230331/) - ATA commands
fail with a "ata1: lost interrupt (Status 0x58)" message.
Apparently we need to wire the interrupt here first before
realizing the device, so revert the change to the original
behavior.

Reported-by: Guenter Roeck <linux@roeck-us.net>
Acked-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-17-thuth@redhat.com>
2024-10-21 16:40:11 +02:00
Thomas Huth
9ca8239aad tests/functional: Convert the Avocado ppc32 tuxrun test
Move the test into a new file so that it can be run via
qemu-system-ppc in the functional framework.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-16-thuth@redhat.com>
2024-10-21 16:40:09 +02:00
Thomas Huth
a2a2a5b05d tests/functional: Convert the Avocado mips64el tuxrun test
Move the test into a new file so that it can be run via
qemu-system-mips64el in the functional framework.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-15-thuth@redhat.com>
2024-10-21 16:39:41 +02:00
Thomas Huth
a01be218d4 tests/functional: Convert the Avocado mips64 tuxrun test
Move the test into a new file so that it can be run via
qemu-system-mips64 in the functional framework.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-14-thuth@redhat.com>
2024-10-21 16:38:07 +02:00