pool/qemu
SHA256
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Accepting request 919019 from home:jziviani:branches:Virtualization

Browse Source 
- Replace patch to fix hardcoded binfmt handler
  (bsc#1186256)
* Patches dropped:
  qemu-binfmt-conf.sh-allow-overriding-SUS.patch
* Patches added:
  qemu-binfmt-conf.sh-should-use-F-as-shor.patch
- Stable fixes from upstream
* Patches added:
  9pfs-fix-crash-in-v9fs_walk.patch
  i386-cpu-Remove-AVX_VNNI-feature-from-Co.patch
  plugins-do-not-limit-exported-symbols-if.patch
  plugins-execlog-removed-unintended-s-at-.patch
  qemu-sockets-fix-unix-socket-path-copy-a.patch
  target-i386-add-missing-bits-to-CR4_RESE.patch
  virtio-balloon-don-t-start-free-page-hin.patch

OBS-URL: https://build.opensuse.org/request/show/919019
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=672
This commit is contained in:
José Ricardo Ziviani 2021-09-14 22:18:25 +00:00 committed by Git OBS Bridge
parent 39abf6289b
commit 00b6d2ec43
13 changed files with 526 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
9pfs-fix-crash-in-v9fs_walk.patch Normal file
View File

@ -0,0 +1,74 @@
From: Christian Schoenebeck <qemu_oss@crudebyte.com>
Date: Wed, 1 Sep 2021 18:15:10 +0200
Subject: 9pfs: fix crash in v9fs_walk()
Git-commit: f83df00900816476cca41bb536e4d532b297d76e
v9fs_walk() utilizes the v9fs_co_run_in_worker({...}) macro to run the
supplied fs driver code block on a background worker thread.
When either the 'Twalk' client request was interrupted or if the client
requested fid for that 'Twalk' request caused a stat error then that
fs driver code block was left by 'break' keyword, with the intention to
return from worker thread back to main thread as well:
v9fs_co_run_in_worker({
if (v9fs_request_cancelled(pdu)) {
err = -EINTR;
break;
}
err = s->ops->lstat(&s->ctx, &dpath, &fidst);
if (err < 0) {
err = -errno;
break;
}
...
});
However that 'break;' statement also skipped the v9fs_co_run_in_worker()
macro's final and mandatory
/* re-enter back to qemu thread */
qemu_coroutine_yield();
call and thus caused the rest of v9fs_walk() to be continued being
executed on the worker thread instead of main thread, eventually
leading to a crash in the transport virtio transport driver.
To fix this issue and to prevent the same error from happening again by
other users of v9fs_co_run_in_worker() in future, auto wrap the supplied
code block into its own
do { } while (0);
loop inside the 'v9fs_co_run_in_worker' macro definition.
Full discussion and backtrace:
https://lists.gnu.org/archive/html/qemu-devel/2021-08/msg05209.html
https://lists.gnu.org/archive/html/qemu-devel/2021-09/msg00174.html
Fixes: 8d6cb100731c4d28535adbf2a3c2d1f29be3fef4
Signed-off-by: Christian Schoenebeck <qemu_oss@crudebyte.com>
Cc: qemu-stable@nongnu.org
Reviewed-by: Greg Kurz <groug@kaod.org>
Message-Id: <E1mLTBg-0002Bh-2D@lizzy.crudebyte.com>
Signed-off-by: Jose R. Ziviani <jziviani@suse.de>
---
hw/9pfs/coth.h | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/hw/9pfs/coth.h b/hw/9pfs/coth.h
index c51289903d0df0ff65f9d3f2649b..f83c7dda7bb8df8295c6a6db59c5 100644
--- a/hw/9pfs/coth.h
+++ b/hw/9pfs/coth.h
@@ -51,7 +51,9 @@
*/ \
qemu_coroutine_yield(); \
qemu_bh_delete(co_bh); \
- code_block; \
+ do { \
+ code_block; \
+ } while (0); \
/* re-enter back to qemu thread */ \
qemu_coroutine_yield(); \
} while (0)

6
_constraints
View File

@ -8,7 +8,7 @@
</conditions>
<hardware>
<disk>
<size unit="G">10</size>
<size unit="G">15</size>
</disk>
</hardware>
</overwrite>
@ -32,7 +32,7 @@
</conditions>
<hardware>
<memory>
<size unit="M">1200</size>
<size unit="M">4096</size>
</memory>
</hardware>
</overwrite>
@ -42,6 +42,7 @@
<arch>i586</arch>
<arch>x86_64</arch>
<arch>ppc64le</arch>
<arch>s390x</arch>
<package>qemu:testsuite</package>
</conditions>
<hardware>
@ -67,6 +68,7 @@
<conditions>
<arch>aarch64</arch>
<arch>x86_64</arch>
<arch>s390x</arch>
<package>qemu</package>
</conditions>
<hardware>

4
bundles.tar.xz
View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:142b72d25648f82d201e7f06f26f898478a776bbd79cd04c853bcf38b612c50e
size 41228
oid sha256:43c519c9991d32f0cb9babf8ac470a778ef80b428147c136264153915bd81130
size 44228

32
i386-cpu-Remove-AVX_VNNI-feature-from-Co.patch Normal file
View File

@ -0,0 +1,32 @@
From: Yang Zhong <yang.zhong@intel.com>
Date: Fri, 20 Aug 2021 13:46:11 +0800
Subject: i386/cpu: Remove AVX_VNNI feature from Cooperlake cpu model
Git-commit: f429dbf8fc526a9cacf531176b28d0c65701475a
The AVX_VNNI feature is not in Cooperlake platform, remove it
from cpu model.
Signed-off-by: Yang Zhong <yang.zhong@intel.com>
Message-Id: <20210820054611.84303-1-yang.zhong@intel.com>
Fixes: c1826ea6a052 ("i386/cpu: Expose AVX_VNNI instruction to guest")
Cc: qemu-stable@nongnu.org
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Jose R. Ziviani <jziviani@suse.de>
---
target/i386/cpu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 34a7ce865bba4dcf759c719a2bb6..24ddc5b92654534742f80ca571ce 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -3102,7 +3102,7 @@ static const X86CPUDefinition builtin_x86_defs[] = {
MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY | MSR_ARCH_CAP_MDS_NO |
MSR_ARCH_CAP_PSCHANGE_MC_NO | MSR_ARCH_CAP_TAA_NO,
.features[FEAT_7_1_EAX] =
- CPUID_7_1_EAX_AVX_VNNI | CPUID_7_1_EAX_AVX512_BF16,
+ CPUID_7_1_EAX_AVX512_BF16,
/* XSAVES is added in version 2 */
.features[FEAT_XSAVE] =
CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |

71
plugins-do-not-limit-exported-symbols-if.patch Normal file
View File

@ -0,0 +1,71 @@
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Wed, 11 Aug 2021 12:05:50 +0200
Subject: plugins: do not limit exported symbols if modules are active
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Git-commit: b906acace2d4f68b6ff8de73739a773cc4851436
On Mac --enable-modules and --enable-plugins are currently incompatible, because the
Apple -Wl,-exported_symbols_list command line options prevents the export of any
symbols needed by the modules. On x86 -Wl,--dynamic-list does not have this effect,
but only because the -Wl,--export-dynamic option provided by gmodule-2.0.pc overrides
it. On Apple there is no -Wl,--export-dynamic, because it is the default, and thus
no override.
Either way, when modules are active there is no reason to include the plugin_ldflags.
While at it, avoid the useless -Wl,--export-dynamic when --enable-plugins is
specified but --enable-modules is not; this way, the GNU and Apple configurations
are more similar.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/516
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
[AJB: fix noexport to no-export]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210811100550.54714-1-pbonzini@redhat.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Jose R. Ziviani <jziviani@suse.de>
---
configure | 5 ++---
plugins/meson.build | 14 ++++++++------
2 files changed, 10 insertions(+), 9 deletions(-)
diff --git a/configure b/configure
index 26368a637f85c0667fa627f7cbd6..8b90f02927f3ea161be9af7a0e3f 100755
--- a/configure
+++ b/configure
@@ -3187,9 +3187,8 @@ glib_req_ver=2.56
glib_modules=gthread-2.0
if test "$modules" = yes; then
glib_modules="$glib_modules gmodule-export-2.0"
-fi
-if test "$plugins" = "yes"; then
- glib_modules="$glib_modules gmodule-2.0"
+elif test "$plugins" = "yes"; then
+ glib_modules="$glib_modules gmodule-no-export-2.0"
fi
for i in $glib_modules; do
diff --git a/plugins/meson.build b/plugins/meson.build
index e77723010e6ebbed7b4cdaca6207..bfd5c9822a68d001a0a333a130d8 100644
--- a/plugins/meson.build
+++ b/plugins/meson.build
@@ -1,9 +1,11 @@
-if 'CONFIG_HAS_LD_DYNAMIC_LIST' in config_host
- plugin_ldflags = ['-Wl,--dynamic-list=' + (meson.build_root() / 'qemu-plugins-ld.symbols')]
-elif 'CONFIG_HAS_LD_EXPORTED_SYMBOLS_LIST' in config_host
- plugin_ldflags = ['-Wl,-exported_symbols_list,' + (meson.build_root() / 'qemu-plugins-ld64.symbols')]
-else
- plugin_ldflags = []
+plugin_ldflags = []
+# Modules need more symbols than just those in plugins/qemu-plugins.symbols
+if not enable_modules
+ if 'CONFIG_HAS_LD_DYNAMIC_LIST' in config_host
+ plugin_ldflags = ['-Wl,--dynamic-list=' + (meson.build_root() / 'qemu-plugins-ld.symbols')]
+ elif 'CONFIG_HAS_LD_EXPORTED_SYMBOLS_LIST' in config_host
+ plugin_ldflags = ['-Wl,-exported_symbols_list,' + (meson.build_root() / 'qemu-plugins-ld64.symbols')]
+ endif
endif
specific_ss.add(when: 'CONFIG_PLUGIN', if_true: [files(

32
plugins-execlog-removed-unintended-s-at-.patch Normal file
View File

@ -0,0 +1,32 @@
From: Mahmoud Mandour <ma.mandourr@gmail.com>
Date: Fri, 6 Aug 2021 15:10:12 +0100
Subject: plugins/execlog: removed unintended "s" at the end of log lines.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Git-commit: b40310616d2bd550279dd22b05483c3c613a00ff
Signed-off-by: Mahmoud Mandour <ma.mandourr@gmail.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210803151428.125323-1-ma.mandourr@gmail.com>
Message-Id: <20210806141015.2487502-2-alex.bennee@linaro.org>
Cc: qemu-stable@nongnu.org
Signed-off-by: Jose R. Ziviani <jziviani@suse.de>
---
contrib/plugins/execlog.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/contrib/plugins/execlog.c b/contrib/plugins/execlog.c
index 2de9f0d7d4d46446f7e1dd6b32b0..a5275dcc15c221b0967106629a21 100644
--- a/contrib/plugins/execlog.c
+++ b/contrib/plugins/execlog.c
@@ -67,7 +67,7 @@ static void vcpu_insn_exec(unsigned int cpu_index, void *udata)
/* Print previous instruction in cache */
if (s->len) {
qemu_plugin_outs(s->str);
- qemu_plugin_outs("s\n");
+ qemu_plugin_outs("\n");
}
/* Store new instruction in cache */

64
qemu-binfmt-conf.sh-allow-overriding-SUS.patch
View File

@ -1,64 +0,0 @@
From: Martin Wilck <mwilck@suse.com>
Date: Wed, 19 May 2021 17:24:45 +0200
Subject: qemu-binfmt-conf.sh: allow overriding SUSE-specific argv[0] handling
Git-commit: 0000000000000000000000000000000000000000
References: bsc#1186256
Since abbc0ce ("qemu-binfmt-conf: use qemu-ARCH-binfmt"),
qemu-binfmt-conf.sh automatically replaces the default qemu binfmt wrapper
qemu-$ARCH with qemu-$ARCH-binfmt in order to ensure that argv[0] is
preserved; qemu-$ARCH-binfmt is a link to qemu-binfmt, which is just a
simple wrapper that mangles argv to achieve the desired result.
This is inconvenient in some situations. In particular for running
foreign-arch containers, it's useful to use the binfmt_misc "F" ("fix
binary") flag to pre-load the qemu wrapper in the kernel. That way,
foreign-arch containers can be run just like native containers, without
having to bind-mount interpreters into the container. But that's impossible
with the SUSE binfmt wrapper that needs to exec() a different (native)
executable.
As the qemu-binfmt-conf script supports the --qemu-suffix option anyway,
use it to set the "-binfmt" suffix, thus allowing admins to override the
SUSE default with the option "--qemu-suffix ''".
Signed-off-by: Martin Wilck <mwilck@suse.com>
Acked-by: Jose R Ziviani <jose.ziviani@suse.com>
---
scripts/qemu-binfmt-conf.sh | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/scripts/qemu-binfmt-conf.sh b/scripts/qemu-binfmt-conf.sh
index c46e604fa6ef3faaecccaae835ba..76c96815c350d7646aca7877587a 100755
--- a/scripts/qemu-binfmt-conf.sh
+++ b/scripts/qemu-binfmt-conf.sh
@@ -185,6 +185,7 @@ Usage: qemu-binfmt-conf.sh [--qemu-path PATH][--debian][--systemd CPU]
--help: display this usage
--qemu-path: set path to qemu interpreter ($QEMU_PATH)
--qemu-suffix: add a suffix to the default interpreter name
+ (default: "-binfmt")
--debian: don't write into /proc,
instead generate update-binfmts templates
--systemd: don't write into /proc,
@@ -316,9 +317,9 @@ qemu_set_binfmts() {
continue
fi
- qemu="$QEMU_PATH/qemu-$cpu-binfmt"
+ qemu="$QEMU_PATH/qemu-$cpu"
if [ "$cpu" = "i486" ] ; then
- qemu="$QEMU_PATH/qemu-i386-binfmt"
+ qemu="$QEMU_PATH/qemu-i386"
fi
qemu="$qemu$QEMU_SUFFIX"
@@ -338,7 +339,7 @@ QEMU_PATH=/usr/bin
CREDENTIAL=no
PERSISTENT=no
PRESERVE_ARG0=no
-QEMU_SUFFIX=""
+QEMU_SUFFIX="-binfmt"
options=$(getopt -o ds:Q:S:e:hc:p:g: -l debian,systemd:,qemu-path:,qemu-suffix:,exportdir:,help,credential:,persistent:,preserve-argv0: -- "$@")
eval set -- "$options"

27
qemu-binfmt-conf.sh-should-use-F-as-shor.patch Normal file
View File

@ -0,0 +1,27 @@
From: Martin Wilck <mwilck@suse.com>
Date: Tue, 14 Sep 2021 14:10:58 -0300
Subject: =?UTF-8?q?qemu-binfmt-conf.sh=20should=20use=20"-F"=20as=20short?=
=?UTF-8?q?=20option=20for=20"--qemu-suffix".=0AFix=20the=20getopt=20call?=
=?UTF-8?q?=20to=20make=20this=20work.?=
Git-commit: 00000000000000000000000000000000000000000
References: bsc#1186256
Signed-off-by: Martin Wilck <mwilck@suse.com>
---
scripts/qemu-binfmt-conf.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/qemu-binfmt-conf.sh b/scripts/qemu-binfmt-conf.sh
index c46e604fa6ef3faaecccaae835ba..a73232edfd7f9dedb3a7c32218fb 100755
--- a/scripts/qemu-binfmt-conf.sh
+++ b/scripts/qemu-binfmt-conf.sh
@@ -340,7 +340,7 @@ PERSISTENT=no
PRESERVE_ARG0=no
QEMU_SUFFIX=""
-options=$(getopt -o ds:Q:S:e:hc:p:g: -l debian,systemd:,qemu-path:,qemu-suffix:,exportdir:,help,credential:,persistent:,preserve-argv0: -- "$@")
+options=$(getopt -o ds:Q:S:e:hc:p:g:F: -l debian,systemd:,qemu-path:,qemu-suffix:,exportdir:,help,credential:,persistent:,preserve-argv0: -- "$@")
eval set -- "$options"
while true ; do

83
qemu-sockets-fix-unix-socket-path-copy-a.patch Normal file
View File

@ -0,0 +1,83 @@
From: Michael Tokarev <mjt@tls.msk.ru>
Date: Wed, 1 Sep 2021 16:16:24 +0300
Subject: qemu-sockets: fix unix socket path copy (again)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Git-commit: 118d527f2e4baec5fe8060b22a6212468b8e4d3f
Commit 4cfd970ec188558daa6214f26203fe553fb1e01f added an
assert which ensures the path within an address of a unix
socket returned from the kernel is at least one byte and
does not exceed sun_path buffer. Both of this constraints
are wrong:
A unix socket can be unnamed, in this case the path is
completely empty (not even \0)
And some implementations (notable linux) can add extra
trailing byte (\0) _after_ the sun_path buffer if we
passed buffer larger than it (and we do).
So remove the assertion (since it causes real-life breakage)
but at the same time fix the usage of sun_path. Namely,
we should not access sun_path[0] if kernel did not return
it at all (this is the case for unnamed sockets),
and use the returned salen when copyig actual path as an
upper constraint for the amount of bytes to copy - this
will ensure we wont exceed the information provided by
the kernel, regardless whenever there is a trailing \0
or not. This also helps with unnamed sockets.
Note the case of abstract socket, the sun_path is actually
a blob and can contain \0 characters, - it should not be
passed to g_strndup and the like, it should be accessed by
memcpy-like functions.
Fixes: 4cfd970ec188558daa6214f26203fe553fb1e01f
Fixes: http://bugs.debian.org/993145
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
CC: qemu-stable@nongnu.org
Signed-off-by: Jose R. Ziviani <jziviani@suse.de>
---
util/qemu-sockets.c | 13 +++++--------
1 file changed, 5 insertions(+), 8 deletions(-)
diff --git a/util/qemu-sockets.c b/util/qemu-sockets.c
index f2f3676d1f71d1cdd6acb6c4b3b9..c5043999e9d47116a89511d82b23 100644
--- a/util/qemu-sockets.c
+++ b/util/qemu-sockets.c
@@ -1345,25 +1345,22 @@ socket_sockaddr_to_address_unix(struct sockaddr_storage *sa,
SocketAddress *addr;
struct sockaddr_un *su = (struct sockaddr_un *)sa;
- assert(salen >= sizeof(su->sun_family) + 1 &&
- salen <= sizeof(struct sockaddr_un));
-
addr = g_new0(SocketAddress, 1);
addr->type = SOCKET_ADDRESS_TYPE_UNIX;
+ salen -= offsetof(struct sockaddr_un, sun_path);
#ifdef CONFIG_LINUX
- if (!su->sun_path[0]) {
+ if (salen > 0 && !su->sun_path[0]) {
/* Linux abstract socket */
- addr->u.q_unix.path = g_strndup(su->sun_path + 1,
- salen - sizeof(su->sun_family) - 1);
+ addr->u.q_unix.path = g_strndup(su->sun_path + 1, salen - 1);
addr->u.q_unix.has_abstract = true;
addr->u.q_unix.abstract = true;
addr->u.q_unix.has_tight = true;
- addr->u.q_unix.tight = salen < sizeof(*su);
+ addr->u.q_unix.tight = salen < sizeof(su->sun_path);
return addr;
}
#endif
- addr->u.q_unix.path = g_strndup(su->sun_path, sizeof(su->sun_path));
+ addr->u.q_unix.path = g_strndup(su->sun_path, salen);
return addr;
}
#endif /* WIN32 */

19
qemu.changes
View File

@ -1,3 +1,22 @@
-------------------------------------------------------------------
Tue Sep 14 17:19:23 UTC 2021 - José Ricardo Ziviani <jose.ziviani@suse.com>
- Replace patch to fix hardcoded binfmt handler
(bsc#1186256)
* Patches dropped:
qemu-binfmt-conf.sh-allow-overriding-SUS.patch
* Patches added:
qemu-binfmt-conf.sh-should-use-F-as-shor.patch
- Stable fixes from upstream
* Patches added:
9pfs-fix-crash-in-v9fs_walk.patch
i386-cpu-Remove-AVX_VNNI-feature-from-Co.patch
plugins-do-not-limit-exported-symbols-if.patch
plugins-execlog-removed-unintended-s-at-.patch
qemu-sockets-fix-unix-socket-path-copy-a.patch
target-i386-add-missing-bits-to-CR4_RESE.patch
virtio-balloon-don-t-start-free-page-hin.patch
-------------------------------------------------------------------
Wed Sep 8 17:51:18 UTC 2021 - José Ricardo Ziviani <jose.ziviani@suse.com>

22
qemu.spec
View File

@ -176,10 +176,17 @@ Patch00040: roms-Makefile-add-cross-file-to-qboot-me.patch
Patch00041: usb-Help-compiler-out-to-avoid-a-warning.patch
Patch00042: qom-handle-case-of-chardev-spice-module-.patch
Patch00043: doc-add-our-support-doc-to-the-main-proj.patch
Patch00044: qemu-binfmt-conf.sh-allow-overriding-SUS.patch
Patch00045: Revert-qemu-img-Improve-error-for-rebase.patch
Patch00046: Revert-qemu-img-Require-F-with-b-backing.patch
Patch00047: tcg-arm-Fix-tcg_out_vec_op-function-sign.patch
Patch00044: Revert-qemu-img-Improve-error-for-rebase.patch
Patch00045: Revert-qemu-img-Require-F-with-b-backing.patch
Patch00046: tcg-arm-Fix-tcg_out_vec_op-function-sign.patch
Patch00047: i386-cpu-Remove-AVX_VNNI-feature-from-Co.patch
Patch00048: plugins-execlog-removed-unintended-s-at-.patch
Patch00049: plugins-do-not-limit-exported-symbols-if.patch
Patch00050: 9pfs-fix-crash-in-v9fs_walk.patch
Patch00051: virtio-balloon-don-t-start-free-page-hin.patch
Patch00052: qemu-sockets-fix-unix-socket-path-copy-a.patch
Patch00053: target-i386-add-missing-bits-to-CR4_RESE.patch
Patch00054: qemu-binfmt-conf.sh-should-use-F-as-shor.patch
# Patches applied in roms/seabios/:
Patch01000: seabios-use-python2-explicitly-as-needed.patch
Patch01001: seabios-switch-to-python3-as-needed.patch
@ -1118,6 +1125,13 @@ This package records qemu testsuite results and represents successful testing.
%patch00045 -p1
%patch00046 -p1
%patch00047 -p1
%patch00048 -p1
%patch00049 -p1
%patch00050 -p1
%patch00051 -p1
%patch00052 -p1
%patch00053 -p1
%patch00054 -p1
%patch01000 -p1
%patch01001 -p1
%patch01002 -p1

53
target-i386-add-missing-bits-to-CR4_RESE.patch Normal file
View File

@ -0,0 +1,53 @@
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Tue, 31 Aug 2021 18:50:33 +0100
Subject: target/i386: add missing bits to CR4_RESERVED_MASK
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Git-commit: 69e3895f9d37ca39536775b13ce63e8c291427ba
Booting Fedora kernels with -cpu max hangs very early in boot. Disabling
the la57 CPUID bit fixes the problem. git bisect traced the regression to
commit 213ff024a2f92020290296cb9dc29c2af3d4a221 (HEAD, refs/bisect/bad)
Author: Lara Lazier <laramglazier@gmail.com>
Date: Wed Jul 21 17:26:50 2021 +0200
target/i386: Added consistency checks for CR4
All MBZ bits in CR4 must be zero. (APM2 15.5)
Added reserved bitmask and added checks in both
helper_vmrun and helper_write_crN.
Signed-off-by: Lara Lazier <laramglazier@gmail.com>
Message-Id: <20210721152651.14683-2-laramglazier@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
In this commit CR4_RESERVED_MASK is missing CR4_LA57_MASK and
two others. Adding this lets Fedora kernels boot once again.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Tested-by: Richard W.M. Jones <rjones@redhat.com>
Message-Id: <20210831175033.175584-1-berrange@redhat.com>
[Removed VMXE/SMXE, matching the commit message. - Paolo]
Fixes: 213ff024a2 ("target/i386: Added consistency checks for CR4", 2021-07-22)
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jose R. Ziviani <jziviani@suse.de>
---
target/i386/cpu.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index 6c50d3ab4f1d38b4cbaf78c84ac0..21b33fbe2e696dabe06228b20d2e 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -257,6 +257,7 @@ typedef enum X86Seg {
| CR4_DE_MASK | CR4_PSE_MASK | CR4_PAE_MASK \
| CR4_MCE_MASK | CR4_PGE_MASK | CR4_PCE_MASK \
| CR4_OSFXSR_MASK | CR4_OSXMMEXCPT_MASK |CR4_UMIP_MASK \
+ | CR4_LA57_MASK \
| CR4_FSGSBASE_MASK | CR4_PCIDE_MASK | CR4_OSXSAVE_MASK \
| CR4_SMEP_MASK | CR4_SMAP_MASK | CR4_PKE_MASK | CR4_PKS_MASK))

111
virtio-balloon-don-t-start-free-page-hin.patch Normal file
View File

@ -0,0 +1,111 @@
From: David Hildenbrand <david@redhat.com>
Date: Thu, 8 Jul 2021 11:53:38 +0200
Subject: virtio-balloon: don't start free page hinting if postcopy is possible
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Git-commit: fd51e54fa10221e5a8add894c38cc1cf199f4bc4
Postcopy never worked properly with 'free-page-hint=on', as there are
at least two issues:
1) With postcopy, the guest will never receive a VIRTIO_BALLOON_CMD_ID_DONE
and consequently won't release free pages back to the OS once
migration finishes.
The issue is that for postcopy, we won't do a final bitmap sync while
the guest is stopped on the source and
virtio_balloon_free_page_hint_notify() will only call
virtio_balloon_free_page_done() on the source during
PRECOPY_NOTIFY_CLEANUP, after the VM state was already migrated to
the destination.
2) Once the VM touches a page on the destination that has been excluded
from migration on the source via qemu_guest_free_page_hint() while
postcopy is active, that thread will stall until postcopy finishes
and all threads are woken up. (with older Linux kernels that won't
retry faults when woken up via userfaultfd, we might actually get a
SEGFAULT)
The issue is that the source will refuse to migrate any pages that
are not marked as dirty in the dirty bmap -- for example, because the
page might just have been sent. Consequently, the faulting thread will
stall, waiting for the page to be migrated -- which could take quite
a while and result in guest OS issues.
While we could fix 1) comparatively easily, 2) is harder to get right and
might require more involved RAM migration changes on source and destination
[1].
As it never worked properly, let's not start free page hinting in the
precopy notifier if the postcopy migration capability was enabled to fix
it easily. Capabilities cannot be enabled once migration is already
running.
Note 1: in the future we might either adjust migration code on the source
to track pages that have actually been sent or adjust
migration code on source and destination to eventually send
pages multiple times from the source and and deal with pages
that are sent multiple times on the destination.
Note 2: virtio-mem has similar issues, however, access to "unplugged"
memory by the guest is very rare and we would have to be very
lucky for it to happen during migration. The spec states
"The driver SHOULD NOT read from unplugged memory blocks ..."
and "The driver MUST NOT write to unplugged memory blocks".
virtio-mem will move away from virtio_balloon_free_page_done()
soon and handle this case explicitly on the destination.
[1] https://lkml.kernel.org/r/e79fd18c-aa62-c1d8-c7f3-ba3fc2c25fc8@redhat.com
Fixes: c13c4153f76d ("virtio-balloon: VIRTIO_BALLOON_F_FREE_PAGE_HINT")
Cc: qemu-stable@nongnu.org
Cc: Wei Wang <wei.w.wang@intel.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Cc: Alexander Duyck <alexander.duyck@gmail.com>
Cc: Juan Quintela <quintela@redhat.com>
Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: Peter Xu <peterx@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20210708095339.20274-2-david@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Jose R. Ziviani <jziviani@suse.de>
---
hw/virtio/virtio-balloon.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/hw/virtio/virtio-balloon.c b/hw/virtio/virtio-balloon.c
index 4b5d9e5e5037acd592d4bdc645d2..ae7867a8db6e6f6875b656128973 100644
--- a/hw/virtio/virtio-balloon.c
+++ b/hw/virtio/virtio-balloon.c
@@ -30,6 +30,7 @@
#include "trace.h"
#include "qemu/error-report.h"
#include "migration/misc.h"
+#include "migration/migration.h"
#include "hw/virtio/virtio-bus.h"
#include "hw/virtio/virtio-access.h"
@@ -662,6 +663,18 @@ virtio_balloon_free_page_hint_notify(NotifierWithReturn *n, void *data)
return 0;
}
+ /*
+ * Pages hinted via qemu_guest_free_page_hint() are cleared from the dirty
+ * bitmap and will not get migrated, especially also not when the postcopy
+ * destination starts using them and requests migration from the source; the
+ * faulting thread will stall until postcopy migration finishes and
+ * all threads are woken up. Let's not start free page hinting if postcopy
+ * is possible.
+ */
+ if (migrate_postcopy_ram()) {
+ return 0;
+ }
+
switch (pnd->reason) {
case PRECOPY_NOTIFY_BEFORE_BITMAP_SYNC:
virtio_balloon_free_page_stop(dev);