pool/qemu
SHA256
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Accepting request 612292 from Virtualization

Browse Source 
v2.12 version update finally! (We had an issue the needed to get resolved before pushing this on everybody). Also a smattering of other fixes, and post 2.12 stable fixes. Please note that there are now more sub-packages being generated, which will need to be made available in the repo.

OBS-URL: https://build.opensuse.org/request/show/612292
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/qemu?expand=0&rev=140
This commit is contained in:
Dominique Leuenberger 2018-05-29 14:46:26 +00:00 committed by Git OBS Bridge
commit 5c3b267ee6
135 changed files with 3682 additions and 5988 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
0001-XXX-dont-dump-core-on-sigabort.patch
View File

@ -1,4 +1,4 @@
From 1a51a6b423402ce1cf03188d5b47d47c07854349 Mon Sep 17 00:00:00 2001
From 853d867a5db06bc90044554b6f30c339377a8389 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 21 Nov 2011 23:50:36 +0100
Subject: [PATCH] XXX dont dump core on sigabort
@ -8,7 +8,7 @@ Subject: [PATCH] XXX dont dump core on sigabort
1 file changed, 6 insertions(+)
diff --git a/linux-user/signal.c b/linux-user/signal.c
index b858f1b0f1..752e814bc4 100644
index b283270391..93ba2c3304 100644
--- a/linux-user/signal.c
+++ b/linux-user/signal.c
@@ -560,6 +560,10 @@ static void QEMU_NORETURN dump_core_and_abort(int target_sig)

6
0002-qemu-binfmt-conf-Modify-default-pat.patch
View File

@ -1,4 +1,4 @@
From 4f39ca8b4bfa8077b05faf7cfe5e15f326e7b5c4 Mon Sep 17 00:00:00 2001
From 59f664e34a535f0c55ffcb1f37b1dc10ece83c9f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 10 Aug 2016 19:00:24 +0200
Subject: [PATCH] qemu-binfmt-conf: Modify default path
@ -14,10 +14,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/qemu-binfmt-conf.sh b/scripts/qemu-binfmt-conf.sh
index 8afc3eb5bb..5c3ba942ec 100755
index 7ab7435fbd..adb3e1a613 100755
--- a/scripts/qemu-binfmt-conf.sh
+++ b/scripts/qemu-binfmt-conf.sh
@@ -264,7 +264,7 @@ BINFMT_SET=qemu_register_interpreter
@@ -299,7 +299,7 @@ BINFMT_SET=qemu_register_interpreter
SYSTEMDDIR="/etc/binfmt.d"
DEBIANDIR="/usr/share/binfmts"

6
0003-qemu-cvs-gettimeofday.patch
View File

@ -1,4 +1,4 @@
From 1fcc7fdc072463a0954e7c0c934080058a8fb0d4 Mon Sep 17 00:00:00 2001
From fa82bb32e04288022ab786ad7d5b223d6e4fa4b5 Mon Sep 17 00:00:00 2001
From: Ulrich Hecht <uli@suse.de>
Date: Tue, 14 Apr 2009 16:25:41 +0200
Subject: [PATCH] qemu-cvs-gettimeofday
@ -9,10 +9,10 @@ No clue what this is for.
1 file changed, 2 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 11c9116c4a..dc6a102449 100644
index 643b8833de..db2a3f132c 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -8996,6 +8996,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
@@ -9159,6 +9159,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
case TARGET_NR_gettimeofday:
{
struct timeval tv;

6
0004-qemu-cvs-ioctl_debug.patch
View File

@ -1,4 +1,4 @@
From 22461f1aeea83aecb71dfeaf8b90ffb74216fa6a Mon Sep 17 00:00:00 2001
From f04ab80dbccb7dc8badb7e510b80d75675a340f5 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 14 Apr 2009 16:26:33 +0200
Subject: [PATCH] qemu-cvs-ioctl_debug
@ -12,10 +12,10 @@ Signed-off-by: Ulrich Hecht <uli@suse.de>
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index dc6a102449..faf890774a 100644
index db2a3f132c..ef7de52667 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -5632,7 +5632,12 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
@@ -5698,7 +5698,12 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
ie = ioctl_entries;
for(;;) {
if (ie->target_cmd == 0) {

8
0005-qemu-cvs-ioctl_nodirection.patch
View File

@ -1,4 +1,4 @@
From 66779c72be83467bd5053d40f6c189c5238fc97a Mon Sep 17 00:00:00 2001
From 2dfd9f6a65dd6a5b2ea36ca9cbdb13c7ee649891 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 14 Apr 2009 16:27:36 +0200
Subject: [PATCH] qemu-cvs-ioctl_nodirection
@ -15,10 +15,10 @@ Signed-off-by: Ulrich Hecht <uli@suse.de>
1 file changed, 6 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index faf890774a..5288ee0078 100644
index ef7de52667..25cc3e90bc 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -5669,6 +5669,11 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
@@ -5735,6 +5735,11 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
arg_type++;
target_size = thunk_type_size(arg_type, 0);
switch(ie->access) {
@ -30,7 +30,7 @@ index faf890774a..5288ee0078 100644
case IOC_R:
ret = get_errno(safe_ioctl(fd, ie->host_cmd, buf_temp));
if (!is_error(ret)) {
@@ -5687,6 +5692,7 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
@@ -5753,6 +5758,7 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
unlock_user(argptr, arg, 0);
ret = get_errno(safe_ioctl(fd, ie->host_cmd, buf_temp));
break;

6
0006-linux-user-add-binfmt-wrapper-for-a.patch
View File

@ -1,4 +1,4 @@
From 66515950d58fda6057d0d17dbea2490d60f5bd0b Mon Sep 17 00:00:00 2001
From 8b8005b5c48ab1ee7ca8254d055c8fd2825df176 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Fri, 30 Sep 2011 19:40:36 +0200
Subject: [PATCH] linux-user: add binfmt wrapper for argv[0] handling
@ -32,12 +32,12 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
---
Makefile.target | 13 +++++++++++++
linux-user/Makefile.objs | 2 ++
linux-user/binfmt.c | 42 ++++++++++++++++++++++++++++++++++++++++++
linux-user/binfmt.c | 42 ++++++++++++++++++++++++++++++++++++++++
3 files changed, 57 insertions(+)
create mode 100644 linux-user/binfmt.c
diff --git a/Makefile.target b/Makefile.target
index f9a9da7e7c..3920383fb7 100644
index d0ec77a307..ddd1b0f1e9 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -36,6 +36,10 @@ endif

6
0007-PPC-KVM-Disable-mmu-notifier-check.patch
View File

@ -1,4 +1,4 @@
From 954d17d5ccae3340de3893872bc306542c2ad492 Mon Sep 17 00:00:00 2001
From 55aceb5b2167a94a65e03da12676d5c8318d1625 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Fri, 6 Jan 2012 01:05:55 +0100
Subject: [PATCH] PPC: KVM: Disable mmu notifier check
@ -13,10 +13,10 @@ KVM guests work there, even if possibly racy in some odd circumstances.
1 file changed, 2 insertions(+)
diff --git a/exec.c b/exec.c
index 03238a3449..1ca0f9e0ab 100644
index 02b1efebb7..3caa8c1eed 100644
--- a/exec.c
+++ b/exec.c
@@ -1975,11 +1975,13 @@ RAMBlock *qemu_ram_alloc_from_fd(ram_addr_t size, MemoryRegion *mr,
@@ -2052,11 +2052,13 @@ RAMBlock *qemu_ram_alloc_from_fd(ram_addr_t size, MemoryRegion *mr,
return NULL;
}

10
0008-linux-user-fix-segfault-deadlock.patch
View File

@ -1,4 +1,4 @@
From e61d37b1ec17800a82e06a9231a4708f232da4ea Mon Sep 17 00:00:00 2001
From 2635ac986fb70408292c274b4c0327f2cfc401e2 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Fri, 13 Jan 2012 17:05:41 +0100
Subject: [PATCH] linux-user: fix segfault deadlock
@ -26,10 +26,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 4 insertions(+)
diff --git a/accel/tcg/user-exec.c b/accel/tcg/user-exec.c
index f42285ea1c..a96c56aa33 100644
index 26a3ffbba1..43bbf92f36 100644
--- a/accel/tcg/user-exec.c
+++ b/accel/tcg/user-exec.c
@@ -102,6 +102,10 @@ static inline int handle_cpu_signal(uintptr_t pc, unsigned long address,
@@ -103,6 +103,10 @@ static inline int handle_cpu_signal(uintptr_t pc, siginfo_t *info,
printf("qemu: SIGSEGV pc=0x%08lx address=%08lx w=%d oldset=0x%08lx\n",
pc, address, is_write, *(unsigned long *)old_set);
#endif
@ -38,5 +38,5 @@ index f42285ea1c..a96c56aa33 100644
+ tb_lock_reset();
+
/* XXX: locking issue */
if (is_write && h2g_valid(address)) {
switch (page_unprotect(h2g(address), pc)) {
/* Note that it is important that we don't call page_unprotect() unless
* this is really a "write to nonwriteable page" fault, because

2
0009-linux-user-binfmt-support-host-bina.patch
View File

@ -1,4 +1,4 @@
From 9ae09852f058ac34d118cdde08082cbd37f86c2b Mon Sep 17 00:00:00 2001
From 18678e03622d987031ceb4da08fdc67f2d428832 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 2 Feb 2012 18:02:33 +0100
Subject: [PATCH] linux-user: binfmt: support host binaries

8
0010-linux-user-Fake-proc-cpuinfo.patch
View File

@ -1,4 +1,4 @@
From 09f0630a44d60be34c6fae2a875e57ac72e4d276 Mon Sep 17 00:00:00 2001
From 5398492297fa5a5ae2b893aeed5c12d62c1a58de Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 23 Jul 2012 10:24:14 +0200
Subject: [PATCH] linux-user: Fake /proc/cpuinfo
@ -22,10 +22,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 20 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 5288ee0078..feb8556076 100644
index 25cc3e90bc..d1e14071ad 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -7499,6 +7499,25 @@ static int open_self_stat(void *cpu_env, int fd)
@@ -7566,6 +7566,25 @@ static int open_self_stat(void *cpu_env, int fd)
return 0;
}
@ -51,7 +51,7 @@ index 5288ee0078..feb8556076 100644
static int open_self_auxv(void *cpu_env, int fd)
{
CPUState *cpu = ENV_GET_CPU((CPUArchState *)cpu_env);
@@ -7613,6 +7632,7 @@ static int do_openat(void *cpu_env, int dirfd, const char *pathname, int flags,
@@ -7680,6 +7699,7 @@ static int do_openat(void *cpu_env, int dirfd, const char *pathname, int flags,
#if defined(HOST_WORDS_BIGENDIAN) != defined(TARGET_WORDS_BIGENDIAN)
{ "/proc/net/route", open_net_route, is_proc },
#endif

6
0011-linux-user-XXX-disable-fiemap.patch
View File

@ -1,4 +1,4 @@
From 5cd617b2b651852a98f5e3c4f3631fd461349410 Mon Sep 17 00:00:00 2001
From ba79c7b6559b50210be412d7f23e83749b4982a9 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 21 Aug 2012 14:20:40 +0200
Subject: [PATCH] linux-user: XXX disable fiemap
@ -9,10 +9,10 @@ agraf: fiemap breaks in libarchive. Disable it for now.
1 file changed, 5 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index feb8556076..da7deec78d 100644
index d1e14071ad..4e2f5e0fd0 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -5097,6 +5097,11 @@ static abi_long do_ioctl_fs_ioc_fiemap(const IOCTLEntry *ie, uint8_t *buf_temp,
@@ -5154,6 +5154,11 @@ static abi_long do_ioctl_fs_ioc_fiemap(const IOCTLEntry *ie, uint8_t *buf_temp,
uint32_t outbufsz;
int free_fm = 0;

12
0012-linux-user-use-target_ulong.patch
View File

@ -1,4 +1,4 @@
From 9a7bc05f85db8f058793c5d5709b453ad0d0542b Mon Sep 17 00:00:00 2001
From da2d73f2809fa98721f963fd858bd36f5bf8498f Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 9 Oct 2012 09:06:49 +0200
Subject: [PATCH] linux-user: use target_ulong
@ -17,10 +17,10 @@ Signed-off-by: Alexander Graf <agraf@suse.de>
2 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/linux-user/qemu.h b/linux-user/qemu.h
index 4edd7d0c08..25208645e9 100644
index 192a0d2fef..725f3f5e63 100644
--- a/linux-user/qemu.h
+++ b/linux-user/qemu.h
@@ -196,10 +196,10 @@ abi_long memcpy_to_target(abi_ulong dest, const void *src,
@@ -192,10 +192,10 @@ abi_long memcpy_to_target(abi_ulong dest, const void *src,
void target_set_brk(abi_ulong new_brk);
abi_long do_brk(abi_ulong new_brk);
void syscall_init(void);
@ -33,13 +33,13 @@ index 4edd7d0c08..25208645e9 100644
+ abi_ulong arg5, abi_ulong arg6, abi_ulong arg7,
+ abi_ulong arg8);
void gemu_log(const char *fmt, ...) GCC_FMT_ATTR(1, 2);
extern THREAD CPUState *thread_cpu;
extern __thread CPUState *thread_cpu;
void cpu_loop(CPUArchState *env);
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index da7deec78d..dee97c05be 100644
index 4e2f5e0fd0..6ce64d6c2e 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -7755,10 +7755,10 @@ static TargetFdTrans target_inotify_trans = {
@@ -7889,10 +7889,10 @@ static int host_to_target_cpu_mask(const unsigned long *host_mask,
/* do_syscall() should always have a single exit point at the end so
that actions, such as logging of syscall results, can be performed.
All errnos that do_syscall() returns must be -TARGET_<errcode>. */

38
0013-Make-char-muxer-more-robust-wrt-sma.patch
View File

@ -1,4 +1,4 @@
From 87982f31e45440ef105d24afffbfd3023ce80331 Mon Sep 17 00:00:00 2001
From 29af67d7cdb46c617a920158b37626148b94b66d Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 1 Apr 2010 17:36:23 +0200
Subject: [PATCH] Make char muxer more robust wrt small FIFOs
@ -24,10 +24,11 @@ This patch fixes input when using -nographic on s390 for me.
chardev/char-mux.c | 14 ++++++++++++++
chardev/char.c | 1 +
include/chardev/char-mux.h | 3 +++
4 files changed, 19 insertions(+)
tests/test-char.c | 1 +
5 files changed, 20 insertions(+)
diff --git a/chardev/char-fe.c b/chardev/char-fe.c
index ee6d596100..41e0b251a4 100644
index b1f228e8b5..f6e923bd7d 100644
--- a/chardev/char-fe.c
+++ b/chardev/char-fe.c
@@ -21,6 +21,7 @@
@ -39,18 +40,18 @@ index ee6d596100..41e0b251a4 100644
#include "qemu/error-report.h"
#include "qapi/error.h"
diff --git a/chardev/char-mux.c b/chardev/char-mux.c
index 4cda5e7458..a6dc05c624 100644
index 1b925c8dec..bc97973f87 100644
--- a/chardev/char-mux.c
+++ b/chardev/char-mux.c
@@ -21,6 +21,7 @@
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
@@ -22,6 +22,7 @@
* THE SOFTWARE.
*/
+#define HW_POISON_H // avoid poison since we patch against rules it "enforces"
#include "qemu/osdep.h"
#include "qapi/error.h"
#include "qemu-common.h"
@@ -179,6 +180,15 @@ static void mux_chr_accept_input(Chardev *chr)
#include "qemu/option.h"
@@ -190,6 +191,15 @@ static void mux_chr_accept_input(Chardev *chr)
be->chr_read(be->opaque,
&d->buffer[m][d->cons[m]++ & MUX_BUFFER_MASK], 1);
}
@ -66,7 +67,7 @@ index 4cda5e7458..a6dc05c624 100644
}
static int mux_chr_can_read(void *opaque)
@@ -314,6 +324,10 @@ static void qemu_chr_open_mux(Chardev *chr,
@@ -323,6 +333,10 @@ static void qemu_chr_open_mux(Chardev *chr,
}
d->focus = -1;
@ -78,22 +79,22 @@ index 4cda5e7458..a6dc05c624 100644
* set of muxes
*/
diff --git a/chardev/char.c b/chardev/char.c
index 2ae4f465ec..f90d428cfe 100644
index 76d866e6fe..021744f7e9 100644
--- a/chardev/char.c
+++ b/chardev/char.c
@@ -21,6 +21,7 @@
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
@@ -22,6 +22,7 @@
* THE SOFTWARE.
*/
+#define HW_POISON_H // avoid poison since we patch against rules it "enforces"
#include "qemu/osdep.h"
#include "qemu/cutils.h"
#include "monitor/monitor.h"
diff --git a/include/chardev/char-mux.h b/include/chardev/char-mux.h
index 8928977897..ee9bfe7205 100644
index 1e13187767..3a000a9e9f 100644
--- a/include/chardev/char-mux.h
+++ b/include/chardev/char-mux.h
@@ -36,6 +36,9 @@ typedef struct MuxChardev {
@@ -34,6 +34,9 @@ typedef struct MuxChardev {
Chardev parent;
CharBackend *backends[MAX_MUX];
CharBackend chr;
@ -103,3 +104,12 @@ index 8928977897..ee9bfe7205 100644
int focus;
int mux_cnt;
int term_got_escape;
diff --git a/tests/test-char.c b/tests/test-char.c
index 306c728335..918f7b8820 100644
--- a/tests/test-char.c
+++ b/tests/test-char.c
@@ -1,3 +1,4 @@
+#define HW_POISON_H // avoid poison since we patch against rules it "enforces"
#include "qemu/osdep.h"
#include <glib/gstdio.h>

6
0014-linux-user-lseek-explicitly-cast-no.patch
View File

@ -1,4 +1,4 @@
From 5e10b103a7060771d8314aa50f809a5097a7288c Mon Sep 17 00:00:00 2001
From a36180d75a0525d1cd2bb1929e6b348a0ba17be2 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 13 Dec 2012 14:29:22 +0100
Subject: [PATCH] linux-user: lseek: explicitly cast non-set offsets to signed
@ -16,10 +16,10 @@ Signed-off-by: Alexander Graf <agraf@suse.de>
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index dee97c05be..95fb8de295 100644
index 6ce64d6c2e..9dbcb7668d 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -8134,9 +8134,14 @@ abi_long do_syscall(void *cpu_env, int num, abi_ulong arg1,
@@ -8268,9 +8268,14 @@ abi_long do_syscall(void *cpu_env, int num, abi_ulong arg1,
case TARGET_NR_oldstat:
goto unimplemented;
#endif

2
0015-AIO-Reduce-number-of-threads-for-32.patch
View File

@ -1,4 +1,4 @@
From 0fc340f81a8d6ef82e99d1767103a1e775400ed1 Mon Sep 17 00:00:00 2001
From a8e7b6f492b5fe2d98ecb257e222c9e73942407d Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Wed, 14 Jan 2015 01:32:11 +0100
Subject: [PATCH] AIO: Reduce number of threads for 32bit hosts

12
0016-xen_disk-Add-suse-specific-flush-di.patch
View File

@ -1,4 +1,4 @@
From 45783db0ed8628cb9cdb4d3ebbf7471f2f88db9b Mon Sep 17 00:00:00 2001
From 150300e170a70517df3b59eb8e743277a76fccc9 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Wed, 9 Mar 2016 15:18:11 -0700
Subject: [PATCH] xen_disk: Add suse specific flush disable handling and map to
@ -17,10 +17,10 @@ Signed-off-by: Olaf Hering <olaf@aepfle.de>
1 file changed, 15 insertions(+)
diff --git a/hw/block/xen_disk.c b/hw/block/xen_disk.c
index e431bd89e8..dceee88a78 100644
index f74fcd42d1..1696382f36 100644
--- a/hw/block/xen_disk.c
+++ b/hw/block/xen_disk.c
@@ -113,6 +113,7 @@ struct XenBlkDev {
@@ -115,6 +115,7 @@ struct XenBlkDev {
int requests_finished;
unsigned int max_requests;
@ -28,7 +28,7 @@ index e431bd89e8..dceee88a78 100644
/* Persistent grants extension */
gboolean feature_discard;
gboolean feature_persistent;
@@ -944,6 +945,16 @@ static void blk_parse_discard(struct XenBlkDev *blkdev)
@@ -967,6 +968,16 @@ static void blk_parse_discard(struct XenBlkDev *blkdev)
}
}
@ -45,7 +45,7 @@ index e431bd89e8..dceee88a78 100644
static int blk_init(struct XenDevice *xendev)
{
struct XenBlkDev *blkdev = container_of(xendev, struct XenBlkDev, xendev);
@@ -1022,6 +1033,7 @@ static int blk_init(struct XenDevice *xendev)
@@ -1047,6 +1058,7 @@ static int blk_init(struct XenDevice *xendev)
MAX_RING_PAGE_ORDER);
blk_parse_discard(blkdev);
@ -53,7 +53,7 @@ index e431bd89e8..dceee88a78 100644
g_free(directiosafe);
return 0;
@@ -1077,6 +1089,9 @@ static int blk_connect(struct XenDevice *xendev)
@@ -1104,6 +1116,9 @@ static int blk_connect(struct XenDevice *xendev)
qflags |= BDRV_O_UNMAP;
}

2
0017-qemu-bridge-helper-reduce-security-.patch
View File

@ -1,4 +1,4 @@
From 7d8219b4427779376c0d6405c169fb950ea1f43b Mon Sep 17 00:00:00 2001
From f3de20db1304cf3e517c2f5f901fa94a37f95166 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Tue, 2 Aug 2016 11:36:02 -0600
Subject: [PATCH] qemu-bridge-helper: reduce security profile

8
0018-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
View File

@ -1,4 +1,4 @@
From 467907dc59bb7b955d78f37a190958cbb4cc837d Mon Sep 17 00:00:00 2001
From fb67fe30ce2ebaec9884de1339283c1f8f040516 Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@suse.de>
Date: Fri, 12 Aug 2016 18:20:49 +0200
Subject: [PATCH] qemu-binfmt-conf: use qemu-ARCH-binfmt
@ -13,10 +13,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/scripts/qemu-binfmt-conf.sh b/scripts/qemu-binfmt-conf.sh
index 5c3ba942ec..bb29213fa5 100755
index adb3e1a613..1107386b80 100755
--- a/scripts/qemu-binfmt-conf.sh
+++ b/scripts/qemu-binfmt-conf.sh
@@ -206,7 +206,7 @@ qemu_check_systemd() {
@@ -241,7 +241,7 @@ qemu_check_systemd() {
}
qemu_generate_register() {
@ -25,7 +25,7 @@ index 5c3ba942ec..bb29213fa5 100755
}
qemu_register_interpreter() {
@@ -247,9 +247,9 @@ qemu_set_binfmts() {
@@ -282,9 +282,9 @@ qemu_set_binfmts() {
continue
fi

6
0019-linux-user-properly-test-for-infini.patch
View File

@ -1,4 +1,4 @@
From f885b1a3afadad00b6a28af2ce25ecebe4cc32cb Mon Sep 17 00:00:00 2001
From a6780492932efe56032ad1fc336fb5f03b3ee4b2 Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@linux-m68k.org>
Date: Thu, 8 Sep 2016 11:21:05 +0200
Subject: [PATCH] linux-user: properly test for infinite timeout in poll (#8)
@ -16,10 +16,10 @@ Signed-off-by: Andreas Schwab <schwab@suse.de>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 95fb8de295..642462242b 100644
index 9dbcb7668d..5b8d844d9b 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -10286,7 +10286,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_ulong arg1,
@@ -10454,7 +10454,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_ulong arg1,
{
struct timespec ts, *pts;

8
0020-roms-Makefile-pass-a-packaging-time.patch
View File

@ -1,4 +1,4 @@
From 6d5775e5a6a2ef48703c545772c6f0a0ab9ed887 Mon Sep 17 00:00:00 2001
From 1dc760f3b436dc6bf9e68ec529682aa3d79ce217 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Sat, 19 Nov 2016 08:06:30 -0700
Subject: [PATCH] roms/Makefile: pass a packaging timestamp to subpackages with
@ -20,7 +20,7 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/roms/Makefile b/roms/Makefile
index b5e5a69e91..89d69eb350 100644
index 02b69fbac8..7d97ba46a9 100644
--- a/roms/Makefile
+++ b/roms/Makefile
@@ -52,6 +52,12 @@ SEABIOS_EXTRAVERSION="-prebuilt.qemu-project.org"
@ -36,7 +36,7 @@ index b5e5a69e91..89d69eb350 100644
default:
@echo "nothing is build by default"
@echo "available build targets:"
@@ -106,7 +112,7 @@ build-lgplvgabios:
@@ -107,7 +113,7 @@ build-lgplvgabios:
.PHONY: sgabios skiboot
sgabios:
@ -45,7 +45,7 @@ index b5e5a69e91..89d69eb350 100644
cp sgabios/sgabios.bin ../pc-bios
@@ -126,18 +132,22 @@ efi-rom-%: build-pxe-roms build-efi-roms
@@ -127,18 +133,22 @@ efi-rom-%: build-pxe-roms build-efi-roms
build-pxe-roms:
$(MAKE) -C ipxe/src CONFIG=qemu \

14
0021-Raise-soft-address-space-limit-to-h.patch
View File

@ -1,4 +1,4 @@
From 34dc5aecd47ac65b43fda0d85c17ea33f333b9ce Mon Sep 17 00:00:00 2001
From 522aede2849b955e7407624870c6d1fff518b7c1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Sun, 15 Jan 2012 19:53:49 +0100
Subject: [PATCH] Raise soft address space limit to hard limit
@ -17,18 +17,18 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
1 file changed, 12 insertions(+)
diff --git a/vl.c b/vl.c
index 1ad1c04637..11d14b3ec1 100644
index fce1fd12d8..c00a250831 100644
--- a/vl.c
+++ b/vl.c
@@ -26,6 +26,7 @@
@@ -28,6 +28,7 @@
#include "qemu/cutils.h"
#include "qemu/help_option.h"
#include "qemu/uuid.h"
+#include <sys/resource.h>
#ifdef CONFIG_SECCOMP
#include "sysemu/seccomp.h"
@@ -3132,6 +3133,7 @@ int main(int argc, char **argv, char **envp)
#include <sys/prctl.h>
@@ -3059,6 +3060,7 @@ int main(int argc, char **argv, char **envp)
} BlockdevOptions_queue;
QSIMPLEQ_HEAD(, BlockdevOptions_queue) bdo_queue
= QSIMPLEQ_HEAD_INITIALIZER(bdo_queue);
@ -36,8 +36,8 @@ index 1ad1c04637..11d14b3ec1 100644
module_call_init(MODULE_INIT_TRACE);
@@ -3139,6 +3141,16 @@ int main(int argc, char **argv, char **envp)
qemu_init_cpu_loop();
@@ -3067,6 +3069,16 @@ int main(int argc, char **argv, char **envp)
qemu_mutex_lock_iothread();
+ /*

6
0022-increase-x86_64-physical-bits-to-42.patch
View File

@ -1,4 +1,4 @@
From 43638ed256283e67877d0c18f38f0b8b2a132116 Mon Sep 17 00:00:00 2001
From 277b158cc6e5f00f3be96aab16bda13865d3b354 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Fri, 17 May 2013 16:49:58 -0600
Subject: [PATCH] increase x86_64 physical bits to 42
@ -19,10 +19,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index f3d0ebb673..4e66a0404e 100644
index 1b219fafc4..164884f1d8 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -1508,7 +1508,7 @@ uint64_t cpu_get_tsc(CPUX86State *env);
@@ -1583,7 +1583,7 @@ uint64_t cpu_get_tsc(CPUX86State *env);
/* XXX: This value should match the one returned by CPUID
* and in exec.c */
# if defined(TARGET_X86_64)

6
0023-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
View File

@ -1,4 +1,4 @@
From 46f00361392e6b37f7784759fa0bafaba4f53ccc Mon Sep 17 00:00:00 2001
From 5f889cb737fd5bf76d03e265d7bbffae0572516a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 12 Jun 2013 19:26:37 +0200
Subject: [PATCH] vga: Raise VRAM to 16 MiB for pc-0.15 and below
@ -25,10 +25,10 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
1 file changed, 26 insertions(+), 1 deletion(-)
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 5e47528993..a1994c77ee 100644
index 729a0508aa..6000f8c898 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -793,7 +793,32 @@ DEFINE_I440FX_MACHINE(v1_0, "pc-1.0", pc_compat_1_2,
@@ -797,7 +797,32 @@ DEFINE_I440FX_MACHINE(v1_0, "pc-1.0", pc_compat_1_2,
#define PC_COMPAT_0_15 \

8
0024-i8254-Fix-migration-from-SLE11-SP2.patch
View File

@ -1,4 +1,4 @@
From cb942fa994767ed596877a74d12c07469941e4a3 Mon Sep 17 00:00:00 2001
From cb75869521f011bff93fe429d1084051aaf5896f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 31 Jul 2013 17:05:29 +0200
Subject: [PATCH] i8254: Fix migration from SLE11 SP2
@ -17,10 +17,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 7 insertions(+)
diff --git a/hw/timer/i8254_common.c b/hw/timer/i8254_common.c
index b623c96198..18e69688c9 100644
index 6190b6fc5d..177b1acf37 100644
--- a/hw/timer/i8254_common.c
+++ b/hw/timer/i8254_common.c
@@ -260,6 +260,12 @@ static int pit_dispatch_post_load(void *opaque, int version_id)
@@ -259,6 +259,12 @@ static int pit_dispatch_post_load(void *opaque, int version_id)
return 0;
}
@ -33,7 +33,7 @@ index b623c96198..18e69688c9 100644
static const VMStateDescription vmstate_pit_common = {
.name = "i8254",
.version_id = 3,
@@ -269,6 +275,7 @@ static const VMStateDescription vmstate_pit_common = {
@@ -268,6 +274,7 @@ static const VMStateDescription vmstate_pit_common = {
.pre_save = pit_dispatch_pre_save,
.post_load = pit_dispatch_post_load,
.fields = (VMStateField[]) {

4
0025-acpi_piix4-Fix-migration-from-SLE11.patch
View File

@ -1,4 +1,4 @@
From b95747d42aadcc6555a98eb2c5db15cae291b0b0 Mon Sep 17 00:00:00 2001
From 647e494a0b04cb5a262ee973ebfaedba688ed772 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 31 Jul 2013 17:32:35 +0200
Subject: [PATCH] acpi_piix4: Fix migration from SLE11 SP2
@ -17,7 +17,7 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/acpi/piix4.c b/hw/acpi/piix4.c
index a0fb1ce037..67a36cb660 100644
index 8b703455b7..4fddf8d694 100644
--- a/hw/acpi/piix4.c
+++ b/hw/acpi/piix4.c
@@ -311,7 +311,7 @@ static const VMStateDescription vmstate_cpuhp_state = {

6
0026-Fix-tigervnc-long-press-issue.patch
View File

@ -1,4 +1,4 @@
From 14812344beb127d20d9fc58d9283d78946b432e6 Mon Sep 17 00:00:00 2001
From c630166cf5b74b95af9ef894251b385e305963b8 Mon Sep 17 00:00:00 2001
From: Chunyan Liu <cyliu@suse.com>
Date: Thu, 3 Mar 2016 16:48:17 +0800
Subject: [PATCH] Fix tigervnc long press issue
@ -24,10 +24,10 @@ Signed-off-by: Chunyan Liu <cyliu@suse.com>
1 file changed, 19 insertions(+)
diff --git a/ui/vnc.c b/ui/vnc.c
index 06abe7360e..cb425f0aed 100644
index e164eb798c..5ebae6f664 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -1802,6 +1802,25 @@ static void do_key_event(VncState *vs, int down, int keycode, int sym)
@@ -1817,6 +1817,25 @@ static void do_key_event(VncState *vs, int down, int keycode, int sym)
if (down)
vs->modifiers_state[keycode] ^= 1;
break;

4
0027-string-input-visitor-Fix-uint64-par.patch
View File

@ -1,4 +1,4 @@
From 467310d802cf7790129dbd2f0559da13c08c4718 Mon Sep 17 00:00:00 2001
From 114d411a7af47fc4ccac68c5b38b99684fb0e545 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Thu, 24 Sep 2015 19:21:11 +0200
Subject: [PATCH] string-input-visitor: Fix uint64 parsing
@ -18,7 +18,7 @@ prefer the use of qemu_strto[u]ll() over strto[u]ll().
Cc: qemu-stable@nongnu.org
Signed-off-by: Andreas Färber <afaerber@suse.de>
---
qapi/string-input-visitor.c | 63 +++++++++++++++++++++++++++++++++++----------
qapi/string-input-visitor.c | 63 +++++++++++++++++++++++++++++--------
1 file changed, 50 insertions(+), 13 deletions(-)
diff --git a/qapi/string-input-visitor.c b/qapi/string-input-visitor.c

6
0028-test-string-input-visitor-Add-int-t.patch
View File

@ -1,4 +1,4 @@
From 33c5e0f025d380144fcd310fc67d69cf57e2100f Mon Sep 17 00:00:00 2001
From 1581fd1dd1caeb73f477a217b5cda182b83d959f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Thu, 24 Sep 2015 19:23:50 +0200
Subject: [PATCH] test-string-input-visitor: Add int test case
@ -14,10 +14,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 8 insertions(+)
diff --git a/tests/test-string-input-visitor.c b/tests/test-string-input-visitor.c
index 4f9c36bef1..470f58e0ab 100644
index 88e0e1aa9a..9bbe9c1120 100644
--- a/tests/test-string-input-visitor.c
+++ b/tests/test-string-input-visitor.c
@@ -55,6 +55,14 @@ static void test_visitor_in_int(TestInputVisitorData *data,
@@ -53,6 +53,14 @@ static void test_visitor_in_int(TestInputVisitorData *data,
v = visitor_input_test_init(data, "-42");

8
0029-test-string-input-visitor-Add-uint6.patch
View File

@ -1,4 +1,4 @@
From 5f820fc473f23dc626d0314082072a8fccdb43f6 Mon Sep 17 00:00:00 2001
From c65473ea7a0449452118a1dfcbefc7a8b438a702 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Thu, 24 Sep 2015 19:24:23 +0200
Subject: [PATCH] test-string-input-visitor: Add uint64 test
@ -15,10 +15,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 23 insertions(+)
diff --git a/tests/test-string-input-visitor.c b/tests/test-string-input-visitor.c
index 470f58e0ab..0bf22777cf 100644
index 9bbe9c1120..099ff7f5ab 100644
--- a/tests/test-string-input-visitor.c
+++ b/tests/test-string-input-visitor.c
@@ -78,6 +78,27 @@ static void test_visitor_in_int(TestInputVisitorData *data,
@@ -76,6 +76,27 @@ static void test_visitor_in_int(TestInputVisitorData *data,
error_free_or_abort(&err);
}
@ -46,7 +46,7 @@ index 470f58e0ab..0bf22777cf 100644
static void check_ilist(Visitor *v, int64_t *expected, size_t n)
{
int64List *res = NULL;
@@ -364,6 +385,8 @@ int main(int argc, char **argv)
@@ -362,6 +383,8 @@ int main(int argc, char **argv)
input_visitor_test_add("/string-visitor/input/int",
&in_visitor_data, test_visitor_in_int);

16
0030-tests-Add-QOM-property-unit-tests.patch
View File

@ -1,4 +1,4 @@
From 466bf8436ac9720529c5a9baae4a901f4988da0b Mon Sep 17 00:00:00 2001
From fdc0f082c094bd538a56a54e2430a47ab3d98a44 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Sun, 6 Sep 2015 20:12:42 +0200
Subject: [PATCH] tests: Add QOM property unit tests
@ -11,16 +11,16 @@ Add a test for parsing and setting a uint64 property.
Signed-off-by: Andreas Färber <afaerber@suse.de>
---
MAINTAINERS | 1 +
tests/Makefile.include | 3 ++
tests/check-qom-props.c | 122 ++++++++++++++++++++++++++++++++++++++++++++++++
tests/Makefile.include | 3 +
tests/check-qom-props.c | 122 ++++++++++++++++++++++++++++++++++++++++
3 files changed, 126 insertions(+)
create mode 100644 tests/check-qom-props.c
diff --git a/MAINTAINERS b/MAINTAINERS
index 0255113470..7801583a76 100644
index 24b70169bc..97a12a92fa 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1521,6 +1521,7 @@ F: qom/
@@ -1619,6 +1619,7 @@ F: qom/
X: qom/cpu.c
F: tests/check-qom-interface.c
F: tests/check-qom-proplist.c
@ -29,10 +29,10 @@ index 0255113470..7801583a76 100644
QMP
diff --git a/tests/Makefile.include b/tests/Makefile.include
index c002352134..f777533f1a 100644
index 3b9a5e31a2..7dbfe5e4ad 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -116,6 +116,8 @@ check-unit-y += tests/check-qom-interface$(EXESUF)
@@ -127,6 +127,8 @@ check-unit-y += tests/check-qom-interface$(EXESUF)
gcov-files-check-qom-interface-y = qom/object.c
check-unit-y += tests/check-qom-proplist$(EXESUF)
gcov-files-check-qom-proplist-y = qom/object.c
@ -41,7 +41,7 @@ index c002352134..f777533f1a 100644
check-unit-y += tests/test-qemu-opts$(EXESUF)
gcov-files-test-qemu-opts-y = util/qemu-option.c
check-unit-y += tests/test-keyval$(EXESUF)
@@ -586,6 +588,7 @@ tests/check-qjson$(EXESUF): tests/check-qjson.o $(test-util-obj-y)
@@ -617,6 +619,7 @@ tests/check-qjson$(EXESUF): tests/check-qjson.o $(test-util-obj-y)
tests/check-qlit$(EXESUF): tests/check-qlit.o $(test-util-obj-y)
tests/check-qom-interface$(EXESUF): tests/check-qom-interface.o $(test-qom-obj-y)
tests/check-qom-proplist$(EXESUF): tests/check-qom-proplist.o $(test-qom-obj-y)

25
0031-tests-Add-scsi-disk-test.patch
View File

@ -1,4 +1,4 @@
From e500d6e4a2f964c2718686731113336da7c013c6 Mon Sep 17 00:00:00 2001
From 7de5bd85d7eaa31cd3bc7463da5969dd2a464248 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Fri, 25 Sep 2015 12:31:11 +0200
Subject: [PATCH] tests: Add scsi-disk test
@ -15,15 +15,15 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
---
MAINTAINERS | 1 +
tests/Makefile.include | 3 ++
tests/scsi-disk-test.c | 82 ++++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 86 insertions(+)
tests/scsi-disk-test.c | 83 ++++++++++++++++++++++++++++++++++++++++++
3 files changed, 87 insertions(+)
create mode 100644 tests/scsi-disk-test.c
diff --git a/MAINTAINERS b/MAINTAINERS
index 7801583a76..e7dbf3c9b2 100644
index 97a12a92fa..3546001872 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1003,6 +1003,7 @@ M: Paolo Bonzini <pbonzini@redhat.com>
@@ -1093,6 +1093,7 @@ R: Fam Zheng <famz@redhat.com>
S: Supported
F: include/hw/scsi/*
F: hw/scsi/*
@ -32,10 +32,10 @@ index 7801583a76..e7dbf3c9b2 100644
T: git git://github.com/bonzini/qemu.git scsi-next
diff --git a/tests/Makefile.include b/tests/Makefile.include
index f777533f1a..199b7bbddd 100644
index 7dbfe5e4ad..0d76624dd5 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -188,6 +188,8 @@ check-qtest-virtio-y += tests/virtio-rng-test$(EXESUF)
@@ -200,6 +200,8 @@ check-qtest-virtio-y += tests/virtio-rng-test$(EXESUF)
gcov-files-virtio-y += hw/virtio/virtio-rng.c
check-qtest-virtio-y += tests/virtio-scsi-test$(EXESUF)
gcov-files-virtio-y += i386-softmmu/hw/scsi/virtio-scsi.c
@ -44,7 +44,7 @@ index f777533f1a..199b7bbddd 100644
ifeq ($(CONFIG_VIRTIO)$(CONFIG_VIRTFS)$(CONFIG_PCI),yyy)
check-qtest-virtio-y += tests/virtio-9p-test$(EXESUF)
gcov-files-virtio-y += hw/9pfs/virtio-9p.c
@@ -793,6 +795,7 @@ tests/migration-test$(EXESUF): tests/migration-test.o
@@ -821,6 +823,7 @@ tests/migration-test$(EXESUF): tests/migration-test.o
tests/vhost-user-test$(EXESUF): tests/vhost-user-test.o $(test-util-obj-y) \
$(qtest-obj-y) $(test-io-obj-y) $(libqos-virtio-obj-y) $(libqos-pc-obj-y) \
$(chardev-obj-y)
@ -54,10 +54,10 @@ index f777533f1a..199b7bbddd 100644
tests/test-keyval$(EXESUF): tests/test-keyval.o $(test-util-obj-y) $(test-qapi-obj-y)
diff --git a/tests/scsi-disk-test.c b/tests/scsi-disk-test.c
new file mode 100644
index 0000000000..5dc7e71417
index 0000000000..cd8c807200
--- /dev/null
+++ b/tests/scsi-disk-test.c
@@ -0,0 +1,82 @@
@@ -0,0 +1,83 @@
+/*
+ * QTest testcase for SCSI disks
+ * See virtio-scsi-test for more integrated tests.
@ -72,6 +72,7 @@ index 0000000000..5dc7e71417
+#include <glib.h>
+#include "libqtest.h"
+#include "qapi/qmp/qnum.h"
+#include "qapi/qmp/qdict.h"
+
+static void test_scsi_disk_common(const char *type, const char *id)
+{
@ -96,7 +97,7 @@ index 0000000000..5dc7e71417
+ path);
+ g_assert(response);
+ g_assert(qdict_haskey(response, "return"));
+ value = qobject_to_qnum(qdict_get(response, "return"));
+ value = qobject_to(QNum, qdict_get(response, "return"));
+ g_assert_cmpint(qnum_get_uint(value), ==, UINT64_MAX);
+
+ response = qmp("{ 'execute': 'qom-get',"
@ -105,7 +106,7 @@ index 0000000000..5dc7e71417
+ path);
+ g_assert(response);
+ g_assert(qdict_haskey(response, "return"));
+ value = qobject_to_qnum(qdict_get(response, "return"));
+ value = qobject_to(QNum, qdict_get(response, "return"));
+ g_assert_cmpint(qnum_get_uint(value), ==, UINT64_C(1) << 63);
+
+ g_free(path);

10
0032-Switch-order-of-libraries-for-mpath.patch
View File

@ -1,4 +1,4 @@
From df14b8456cc69b8948786a8008840418d5008fa5 Mon Sep 17 00:00:00 2001
From aed2596727a664bc9350d89a6cddc87bdb3ea93d Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Fri, 3 Nov 2017 11:12:40 -0600
Subject: [PATCH] Switch order of libraries for mpath support
@ -10,10 +10,10 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/Makefile b/Makefile
index ab0354c153..4be3366e27 100644
index d71dd5bea4..3c5368382c 100644
--- a/Makefile
+++ b/Makefile
@@ -449,7 +449,7 @@ fsdev/virtfs-proxy-helper$(EXESUF): LIBS += -lcap
@@ -544,7 +544,7 @@ fsdev/virtfs-proxy-helper$(EXESUF): LIBS += -lcap
scsi/qemu-pr-helper$(EXESUF): scsi/qemu-pr-helper.o scsi/utils.o $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) $(COMMON_LDADDS)
ifdef CONFIG_MPATH
@ -23,10 +23,10 @@ index ab0354c153..4be3366e27 100644
qemu-img-cmds.h: $(SRC_PATH)/qemu-img-cmds.hx $(SRC_PATH)/scripts/hxtool
diff --git a/configure b/configure
index 0c6e7572db..01e1d15fa4 100755
index 0a19b033bc..e84dce857d 100755
--- a/configure
+++ b/configure
@@ -3382,7 +3382,7 @@ int main(void) {
@@ -3486,7 +3486,7 @@ int main(void) {
return 0;
}
EOF

4
0044-Make-installed-scripts-explicitly-p.patch → 0033-Make-installed-scripts-explicitly-p.patch
View File

@ -1,4 +1,4 @@
From 8635ebbf94af8dbcd20da8f52e8081f1be8c977c Mon Sep 17 00:00:00 2001
From 9ca3a32b648a48f0f9752310e57cda99b4e4c70c Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Thu, 25 Jan 2018 14:16:10 -0700
Subject: [PATCH] Make installed scripts explicitly python2
@ -14,7 +14,7 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/scripts/analyze-migration.py b/scripts/analyze-migration.py
index 14553876a2..a512ddc552 100755
index 88ff4adb30..519b600161 100755
--- a/scripts/analyze-migration.py
+++ b/scripts/analyze-migration.py
@@ -1,4 +1,4 @@

55
0033-memfd-fix-configure-test.patch
View File

@ -1,55 +0,0 @@
From 7c2613d2ed9d35c8634248204acdffcf96e1e6b2 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Tue, 28 Nov 2017 11:51:27 +0100
Subject: [PATCH] memfd: fix configure test
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Recent glibc added memfd_create in sys/mman.h. This conflicts with
the definition in util/memfd.c:
/builddir/build/BUILD/qemu-2.11.0-rc1/util/memfd.c:40:12: error: static declaration of memfd_create follows non-static declaration
Fix the configure test, and remove the sys/memfd.h inclusion since the
file actually does not exist---it is a typo in the memfd_create(2) man
page.
Cc: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 75e5b70e6b5dcc4f2219992d7cffa462aa406af0)
[BR: BOO#1081154]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
configure | 2 +-
util/memfd.c | 4 +---
2 files changed, 2 insertions(+), 4 deletions(-)
diff --git a/configure b/configure
index 01e1d15fa4..71b8b473fc 100755
--- a/configure
+++ b/configure
@@ -3920,7 +3920,7 @@ fi
# check if memfd is supported
memfd=no
cat > $TMPC << EOF
-#include <sys/memfd.h>
+#include <sys/mman.h>
int main(void)
{
diff --git a/util/memfd.c b/util/memfd.c
index 4571d1aba8..412e94a405 100644
--- a/util/memfd.c
+++ b/util/memfd.c
@@ -31,9 +31,7 @@
#include "qemu/memfd.h"
-#ifdef CONFIG_MEMFD
-#include <sys/memfd.h>
-#elif defined CONFIG_LINUX
+#if defined CONFIG_LINUX && !defined CONFIG_MEMFD
#include <sys/syscall.h>
#include <asm/unistd.h>

14
0075-migration-warn-about-inconsistent-s.patch → 0034-migration-warn-about-inconsistent-s.patch
View File

@ -1,4 +1,4 @@
From 555715ac88c361e4c9b262235010c265729738bf Mon Sep 17 00:00:00 2001
From 8697082d1fd625f74e919d697cca2b75f720a04b Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Wed, 21 Feb 2018 14:00:52 -0700
Subject: [PATCH] migration: warn about inconsistent spec_ctrl state
@ -22,10 +22,10 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
3 files changed, 21 insertions(+)
diff --git a/cpus.c b/cpus.c
index d1e7e28993..1bfdb155dc 100644
index 38eba8bff3..ef39603cf9 100644
--- a/cpus.c
+++ b/cpus.c
@@ -2039,6 +2039,18 @@ exit:
@@ -2312,6 +2312,18 @@ exit:
fclose(f);
}
@ -45,20 +45,20 @@ index d1e7e28993..1bfdb155dc 100644
{
nmi_monitor_handle(monitor_get_cpu_index(), errp);
diff --git a/include/qemu/thread.h b/include/qemu/thread.h
index 9910f49b3a..c5803bfacc 100644
index ef7bd16123..c4ecb386fe 100644
--- a/include/qemu/thread.h
+++ b/include/qemu/thread.h
@@ -210,4 +210,5 @@ void qemu_lockcnt_inc_and_unlock(QemuLockCnt *lockcnt);
@@ -240,4 +240,5 @@ void qemu_lockcnt_inc_and_unlock(QemuLockCnt *lockcnt);
*/
unsigned qemu_lockcnt_count(QemuLockCnt *lockcnt);
+bool spec_ctrl_is_inconsistent(void);
#endif
diff --git a/migration/migration.c b/migration/migration.c
index d780601f0c..d39c43c6b7 100644
index 52a5092add..3cf11aadfa 100644
--- a/migration/migration.c
+++ b/migration/migration.c
@@ -2121,6 +2121,14 @@ static void migration_completion(MigrationState *s, int current_active_state,
@@ -2163,6 +2163,14 @@ static void migration_completion(MigrationState *s)
migrate_set_state(&s->state, current_active_state,
MIGRATION_STATUS_COMPLETED);
}

253
0034-qapi-use-items-values-intead-of-ite.patch
View File

@ -1,253 +0,0 @@
From b644653df5e25a922d5bb7d9fb9c86bfe9dda86c Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Tue, 16 Jan 2018 13:42:05 +0000
Subject: [PATCH] qapi: use items()/values() intead of iteritems()/itervalues()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The iteritems()/itervalues() methods are gone in py3, but the
items()/values() methods are still around. The latter are less
efficient than the former in py2, but this has unmeasurably
small impact on QEMU build time, so taking portability over
efficiency is a net win.
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <20180116134217.8725-3-berrange@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
(cherry picked from commit 2f8480447067d6f42af52a886385284ead052af9)
[BR: BSC#1077564 - note that this patch also includes commit
ef9d9108917d6d5f903bca31602827e512a51c50 squashed in, which is how
I originally included patch. This avoids renaming of the patch queue]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
scripts/qapi.py | 24 ++++++++++++------------
scripts/qapi2texi.py | 11 ++++++-----
tests/qapi-schema/test-qapi.py | 37 +++++++++++++++++++------------------
3 files changed, 37 insertions(+), 35 deletions(-)
diff --git a/scripts/qapi.py b/scripts/qapi.py
index 62dc52ed6e..d5ac21ad35 100644
--- a/scripts/qapi.py
+++ b/scripts/qapi.py
@@ -11,6 +11,7 @@
# This work is licensed under the terms of the GNU GPL, version 2.
# See the COPYING file in the top-level directory.
+from __future__ import print_function
import errno
import getopt
import os
@@ -252,7 +253,7 @@ class QAPIDoc(object):
"'Returns:' is only valid for commands")
def check(self):
- bogus = [name for name, section in self.args.iteritems()
+ bogus = [name for name, section in self.args.items()
if not section.member]
if bogus:
raise QAPISemError(
@@ -308,7 +309,7 @@ class QAPISchemaParser(object):
if not isinstance(pragma, dict):
raise QAPISemError(
info, "Value of 'pragma' must be a dictionary")
- for name, value in pragma.iteritems():
+ for name, value in pragma.items():
self._pragma(name, value, info)
else:
expr_elem = {'expr': expr,
@@ -1476,7 +1477,7 @@ class QAPISchema(object):
self._def_exprs()
self.check()
except QAPIError as err:
- print >>sys.stderr, err
+ print(err, file=sys.stderr)
exit(1)
def _def_entity(self, ent):
@@ -1574,7 +1575,7 @@ class QAPISchema(object):
def _make_members(self, data, info):
return [self._make_member(key, value, info)
- for (key, value) in data.iteritems()]
+ for (key, value) in data.items()]
def _def_struct_type(self, expr, info, doc):
name = expr['struct']
@@ -1606,11 +1607,11 @@ class QAPISchema(object):
name, info, doc, 'base', self._make_members(base, info)))
if tag_name:
variants = [self._make_variant(key, value)
- for (key, value) in data.iteritems()]
+ for (key, value) in data.items()]
members = []
else:
variants = [self._make_simple_variant(key, value, info)
- for (key, value) in data.iteritems()]
+ for (key, value) in data.items()]
typ = self._make_implicit_enum_type(name, info,
[v.name for v in variants])
tag_member = QAPISchemaObjectTypeMember('type', typ, False)
@@ -1625,7 +1626,7 @@ class QAPISchema(object):
name = expr['alternate']
data = expr['data']
variants = [self._make_variant(key, value)
- for (key, value) in data.iteritems()]
+ for (key, value) in data.items()]
tag_member = QAPISchemaObjectTypeMember('type', 'QType', False)
self._def_entity(
QAPISchemaAlternateType(name, info, doc,
@@ -1940,7 +1941,7 @@ def parse_command_line(extra_options='', extra_long_options=[]):
['source', 'header', 'prefix=',
'output-dir='] + extra_long_options)
except getopt.GetoptError as err:
- print >>sys.stderr, "%s: %s" % (sys.argv[0], str(err))
+ print("%s: %s" % (sys.argv[0], str(err)), file=sys.stderr)
sys.exit(1)
output_dir = ''
@@ -1954,9 +1955,8 @@ def parse_command_line(extra_options='', extra_long_options=[]):
if o in ('-p', '--prefix'):
match = re.match(r'([A-Za-z_.-][A-Za-z0-9_.-]*)?', a)
if match.end() != len(a):
- print >>sys.stderr, \
- "%s: 'funny character '%s' in argument of --prefix" \
- % (sys.argv[0], a[match.end()])
+ print("%s: 'funny character '%s' in argument of --prefix" \
+ % (sys.argv[0], a[match.end()]), file=sys.stderr)
sys.exit(1)
prefix = a
elif o in ('-o', '--output-dir'):
@@ -1973,7 +1973,7 @@ def parse_command_line(extra_options='', extra_long_options=[]):
do_h = True
if len(args) != 1:
- print >>sys.stderr, "%s: need exactly one argument" % sys.argv[0]
+ print("%s: need exactly one argument" % sys.argv[0], file=sys.stderr)
sys.exit(1)
fname = args[0]
diff --git a/scripts/qapi2texi.py b/scripts/qapi2texi.py
index a317526e51..a61e88934b 100755
--- a/scripts/qapi2texi.py
+++ b/scripts/qapi2texi.py
@@ -4,6 +4,7 @@
# This work is licensed under the terms of the GNU LGPL, version 2+.
# See the COPYING file in the top-level directory.
"""This script produces the documentation of a qapi schema in texinfo format"""
+from __future__ import print_function
import re
import sys
@@ -147,7 +148,7 @@ def texi_member(member, suffix=''):
def texi_members(doc, what, base, variants, member_func):
"""Format the table of members"""
items = ''
- for section in doc.args.itervalues():
+ for section in doc.args.values():
# TODO Drop fallbacks when undocumented members are outlawed
if section.content:
desc = texi_format(str(section))
@@ -285,15 +286,15 @@ def texi_schema(schema):
def main(argv):
"""Takes schema argument, prints result to stdout"""
if len(argv) != 2:
- print >>sys.stderr, "%s: need exactly 1 argument: SCHEMA" % argv[0]
+ print("%s: need exactly 1 argument: SCHEMA" % argv[0], file=sys.stderr)
sys.exit(1)
schema = qapi.QAPISchema(argv[1])
if not qapi.doc_required:
- print >>sys.stderr, ("%s: need pragma 'doc-required' "
- "to generate documentation" % argv[0])
+ print("%s: need pragma 'doc-required' "
+ "to generate documentation" % argv[0], file=sys.stderr)
sys.exit(1)
- print texi_schema(schema)
+ print(texi_schema(schema))
if __name__ == '__main__':
diff --git a/tests/qapi-schema/test-qapi.py b/tests/qapi-schema/test-qapi.py
index c7724d3437..9bbe35daf0 100644
--- a/tests/qapi-schema/test-qapi.py
+++ b/tests/qapi-schema/test-qapi.py
@@ -10,6 +10,7 @@
# See the COPYING file in the top-level directory.
#
+from __future__ import print_function
from qapi import *
from pprint import pprint
import os
@@ -18,51 +19,51 @@ import sys
class QAPISchemaTestVisitor(QAPISchemaVisitor):
def visit_enum_type(self, name, info, values, prefix):
- print 'enum %s %s' % (name, values)
+ print('enum %s %s' % (name, values))
if prefix:
- print ' prefix %s' % prefix
+ print(' prefix %s' % prefix)
def visit_object_type(self, name, info, base, members, variants):
- print 'object %s' % name
+ print('object %s' % name)
if base:
- print ' base %s' % base.name
+ print(' base %s' % base.name)
for m in members:
- print ' member %s: %s optional=%s' % \
- (m.name, m.type.name, m.optional)
+ print(' member %s: %s optional=%s' % \
+ (m.name, m.type.name, m.optional))
self._print_variants(variants)
def visit_alternate_type(self, name, info, variants):
- print 'alternate %s' % name
+ print('alternate %s' % name)
self._print_variants(variants)
def visit_command(self, name, info, arg_type, ret_type,
gen, success_response, boxed):
- print 'command %s %s -> %s' % \
+ print('command %s %s -> %s' % \)
(name, arg_type and arg_type.name, ret_type and ret_type.name)
- print ' gen=%s success_response=%s boxed=%s' % \
+ print(' gen=%s success_response=%s boxed=%s' % \)
(gen, success_response, boxed)
def visit_event(self, name, info, arg_type, boxed):
- print 'event %s %s' % (name, arg_type and arg_type.name)
- print ' boxed=%s' % boxed
+ print('event %s %s' % (name, arg_type and arg_type.name))
+ print(' boxed=%s' % boxed)
@staticmethod
def _print_variants(variants):
if variants:
- print ' tag %s' % variants.tag_member.name
+ print(' tag %s' % variants.tag_member.name)
for v in variants.variants:
- print ' case %s: %s' % (v.name, v.type.name)
+ print(' case %s: %s' % (v.name, v.type.name))
schema = QAPISchema(sys.argv[1])
schema.visit(QAPISchemaTestVisitor())
for doc in schema.docs:
if doc.symbol:
- print 'doc symbol=%s' % doc.symbol
+ print('doc symbol=%s' % doc.symbol)
else:
- print 'doc freeform'
- print ' body=\n%s' % doc.body
+ print('doc freeform')
+ print(' body=\n%s' % doc.body)
for arg, section in doc.args.iteritems():
- print ' arg=%s\n%s' % (arg, section)
+ print(' arg=%s\n%s' % (arg, section))
for section in doc.sections:
- print ' section=%s\n%s' % (section.name, section)
+ print(' section=%s\n%s' % (section.name, section))

39
0035-qapi-Use-OrderedDict-from-standard-.patch
View File

@ -1,39 +0,0 @@
From a1cd35be6c021ebea74d43da4ebb3b92b7064b72 Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Tue, 16 Jan 2018 13:42:06 +0000
Subject: [PATCH] qapi: Use OrderedDict from standard library if available
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The OrderedDict class appeared in the 'collections' module
from python 2.7 onwards, so use that in preference to our
local backport if available.
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <20180116134217.8725-4-berrange@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
(cherry picked from commit 38710a8994911d98acbe183a39ec3a53638de510)
[BR: BSC#1077564]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
scripts/qapi.py | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/scripts/qapi.py b/scripts/qapi.py
index d5ac21ad35..dba6cd6779 100644
--- a/scripts/qapi.py
+++ b/scripts/qapi.py
@@ -18,7 +18,10 @@ import os
import re
import string
import sys
-from ordereddict import OrderedDict
+try:
+ from collections import OrderedDict
+except:
+ from ordereddict import OrderedDict
builtin_types = {
'null': 'QTYPE_QNULL',

16
0077-smbios-Add-1-terminator-if-any-stri.patch → 0035-smbios-Add-1-terminator-if-any-stri.patch
View File

@ -1,4 +1,4 @@
From 2327abe59d36fda675560f955923a638fd1eed0d Mon Sep 17 00:00:00 2001
From 82f73214b4bb024153408b121ccb78321093862f Mon Sep 17 00:00:00 2001
From: Lin Ma <lma@suse.com>
Date: Wed, 14 Mar 2018 14:31:26 +0800
Subject: [PATCH] smbios: Add 1 terminator if any string fields defined in
@ -24,15 +24,15 @@ For smbios tables which dont have string fields provided, qemu should add 2.
[LM: BSC#1084316]
Signed-off-by: Lin Ma <lma@suse.com>
---
hw/smbios/smbios.c | 90 ++++++++++++++++++++++++++++++++++++++++++++++
include/hw/smbios/smbios.h | 44 +++++++++++++++++++++++
hw/smbios/smbios.c | 90 ++++++++++++++++++++++++++++++++++++++
include/hw/smbios/smbios.h | 44 +++++++++++++++++++
2 files changed, 134 insertions(+)
diff --git a/hw/smbios/smbios.c b/hw/smbios/smbios.c
index 5d11f01874..d9f5f1ef70 100644
index 27a07e96f4..b4515ae787 100644
--- a/hw/smbios/smbios.c
+++ b/hw/smbios/smbios.c
@@ -954,6 +954,9 @@ void smbios_entry_add(QemuOpts *opts, Error **errp)
@@ -955,6 +955,9 @@ void smbios_entry_add(QemuOpts *opts, Error **errp)
{
const char *val;
@ -42,7 +42,7 @@ index 5d11f01874..d9f5f1ef70 100644
assert(!smbios_immutable);
val = qemu_opt_get(opts, "file");
@@ -995,7 +998,94 @@ void smbios_entry_add(QemuOpts *opts, Error **errp)
@@ -996,7 +999,94 @@ void smbios_entry_add(QemuOpts *opts, Error **errp)
smbios_type4_count++;
}
@ -138,10 +138,10 @@ index 5d11f01874..d9f5f1ef70 100644
smbios_table_max = size;
}
diff --git a/include/hw/smbios/smbios.h b/include/hw/smbios/smbios.h
index a83adb93d7..6613f68ad1 100644
index eeb5a4d7b6..2662df995a 100644
--- a/include/hw/smbios/smbios.h
+++ b/include/hw/smbios/smbios.h
@@ -273,4 +273,48 @@ void smbios_get_tables(const struct smbios_phys_mem_area *mem_array,
@@ -272,4 +272,48 @@ void smbios_get_tables(const struct smbios_phys_mem_area *mem_array,
const unsigned int mem_array_size,
uint8_t **tables, size_t *tables_len,
uint8_t **anchor, size_t *anchor_len);

2
0078-Remove-problematic-evdev-86-key-fro.patch → 0036-Remove-problematic-evdev-86-key-fro.patch
View File

@ -1,4 +1,4 @@
From 3c263c86795e5c2325ccdc4ac098a37c60eeb8c4 Mon Sep 17 00:00:00 2001
From 0d10e6cbe3c88323dd478f8bbd13e09358db2ee0 Mon Sep 17 00:00:00 2001
From: Adam Williamson <awilliam@redhat.com>
Date: Wed, 20 Dec 2017 15:43:07 -0800
Subject: [PATCH] Remove problematic 'evdev 86' key from en-us keymap

44
0036-qapi-adapt-to-moved-location-of-Str.patch
View File

@ -1,44 +0,0 @@
From 474475499831d76f92dcdde71ff2d0a29205f2ff Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Tue, 16 Jan 2018 13:42:07 +0000
Subject: [PATCH] qapi: adapt to moved location of StringIO module in py3
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <20180116134217.8725-5-berrange@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
(cherry picked from commit 5f90af8e6b34f9e6b60eb05a15707a95a0febbde)
[BR: BSC#1077564]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
scripts/qapi.py | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/scripts/qapi.py b/scripts/qapi.py
index dba6cd6779..7882ae77fb 100644
--- a/scripts/qapi.py
+++ b/scripts/qapi.py
@@ -22,6 +22,10 @@ try:
from collections import OrderedDict
except:
from ordereddict import OrderedDict
+try:
+ from StringIO import StringIO
+except ImportError:
+ from io import StringIO
builtin_types = {
'null': 'QTYPE_QNULL',
@@ -2004,8 +2008,7 @@ def open_output(output_dir, do_c, do_h, prefix, c_file, h_file,
if really:
return open(name, opt)
else:
- import StringIO
- return StringIO.StringIO()
+ return StringIO()
fdef = maybe_open(do_c, c_file, 'w')
fdecl = maybe_open(do_h, h_file, 'w')

26
0037-configure-Modify-python-used-for-io.patch Normal file
View File

@ -0,0 +1,26 @@
From 2af288c3c5b915d8a51f62b3b06d9d15b44a806c Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Fri, 6 Apr 2018 09:21:56 -0600
Subject: [PATCH] configure: Modify python used for io tests
Because the block io tests are not yet ported to python3, change
the python env var to explicitly reference python2.
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
configure | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure b/configure
index e84dce857d..a0e53bffc7 100755
--- a/configure
+++ b/configure
@@ -7188,7 +7188,7 @@ iotests_check="tests/qemu-iotests/check"
echo "# Automatically generated by configure - do not modify" > "$iotests_common_env"
echo >> "$iotests_common_env"
-echo "export PYTHON='$python'" >> "$iotests_common_env"
+echo "export PYTHON='/usr/bin/python2 -B'" >> "$iotests_common_env"
if [ ! -e "$iotests_check" ]; then
symlink "$source_path/$iotests_check" "$iotests_check"

32
0037-qapi-Adapt-to-moved-location-of-mak.patch
View File

@ -1,32 +0,0 @@
From 038a061ce8a984ae6de48ceb247033e7799a72fb Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Tue, 16 Jan 2018 13:42:08 +0000
Subject: [PATCH] qapi: Adapt to moved location of 'maketrans' function in py3
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <20180116134217.8725-6-berrange@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
(cherry picked from commit 52c4272c6c916a53cde65b997e1a4e891c14dcef)
[BR: BSC#1077564]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
scripts/qapi.py | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/scripts/qapi.py b/scripts/qapi.py
index 7882ae77fb..88e854edec 100644
--- a/scripts/qapi.py
+++ b/scripts/qapi.py
@@ -1743,7 +1743,10 @@ def c_enum_const(type_name, const_name, prefix=None):
type_name = prefix
return camel_to_upper(type_name) + '_' + c_name(const_name, False).upper()
-c_name_trans = string.maketrans('.-', '__')
+if hasattr(str, 'maketrans'):
+ c_name_trans = str.maketrans('.-', '__')
+else:
+ c_name_trans = string.maketrans('.-', '__')
# Map @name to a valid C identifier.

40
0038-qapi-remove-q-arg-to-diff-when-comp.patch
View File

@ -1,40 +0,0 @@
From c3577e33fd92f1d5d3632620f0b74f38b3b23ed8 Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Tue, 16 Jan 2018 13:42:09 +0000
Subject: [PATCH] qapi: remove '-q' arg to diff when comparing QAPI output
When the qapi schema tests fail they merely print that the expected
output didn't match the actual output. This is largely useless when
trying diagnose what went wrong. Removing the '-q' arg to diff
means that it is still silent on successful tests, but when it
fails we'll see details of the incorrect output.
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <20180116134217.8725-7-berrange@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
(cherry picked from commit 46ec4fcea95204a8e5bab9295cbfaa3606d78dc9)
[BR: BSC#1077564]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
tests/Makefile.include | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/tests/Makefile.include b/tests/Makefile.include
index 199b7bbddd..f4a05a82c1 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -909,10 +909,10 @@ $(patsubst %, check-%, $(check-qapi-schema-y)): check-%.json: $(SRC_PATH)/%.json
$^ >$*.test.out 2>$*.test.err; \
echo $$? >$*.test.exit, \
"TEST","$*.out")
- @diff -q $(SRC_PATH)/$*.out $*.test.out
+ @diff $(SRC_PATH)/$*.out $*.test.out
@# Sanitize error messages (make them independent of build directory)
- @perl -p -e 's|\Q$(SRC_PATH)\E/||g' $*.test.err | diff -q $(SRC_PATH)/$*.err -
- @diff -q $(SRC_PATH)/$*.exit $*.test.exit
+ @perl -p -e 's|\Q$(SRC_PATH)\E/||g' $*.test.err | diff $(SRC_PATH)/$*.err -
+ @diff $(SRC_PATH)/$*.exit $*.test.exit
.PHONY: check-tests/qapi-schema/doc-good.texi
check-tests/qapi-schema/doc-good.texi: tests/qapi-schema/doc-good.test.texi

46
0038-qemu-io-tests-comment-out-problemat.patch Normal file
View File

@ -0,0 +1,46 @@
From fbd6c52b4e0de8376411d8a3f1ff90d26ee35563 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Fri, 6 Apr 2018 13:33:31 -0600
Subject: [PATCH] qemu-io tests: comment out problematic block io tests issues
The following issues are seen:
130 - timeout resulting from failed to get shared "write" lock
153 - failed to get "write" lock
162 - occasional, using nbd, network unreachable
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
tests/qemu-iotests/group | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/tests/qemu-iotests/group b/tests/qemu-iotests/group
index 52a80f3f9e..16f248fca2 100644
--- a/tests/qemu-iotests/group
+++ b/tests/qemu-iotests/group
@@ -136,7 +136,7 @@
127 rw auto backing quick
128 rw auto quick
129 rw auto quick
-130 rw auto quick
+#ISSUES 130 rw auto quick
131 rw auto quick
132 rw auto quick
133 auto quick
@@ -158,7 +158,7 @@
149 rw auto sudo
150 rw auto quick
152 rw auto quick
-153 rw auto quick
+#ISSUES 153 rw auto quick
154 rw auto backing quick
155 rw auto
156 rw auto quick
@@ -166,7 +166,7 @@
158 rw auto quick
159 rw auto quick
160 rw auto quick
-162 auto quick
+#ISSUES 162 auto quick
163 rw auto
165 rw auto quick
169 rw auto quick

37
0039-qapi-ensure-stable-sort-ordering-wh.patch
View File

@ -1,37 +0,0 @@
From 23ef1eee49f51e6fcae2c1676e9b71b0a9d1436b Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Tue, 16 Jan 2018 13:42:10 +0000
Subject: [PATCH] qapi: ensure stable sort ordering when checking QAPI entities
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Some early python 3.x versions will have different default
ordering when calling the 'values()' method on a dict, compared
to python 2.x and later 3.x versions. Explicitly sort the items
to get a stable ordering.
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <20180116134217.8725-8-berrange@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
(cherry picked from commit f7a5376d4b667cf6c83c1d640e32d22456d7b5ee)
[BR: BSC#1077564]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
scripts/qapi.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/qapi.py b/scripts/qapi.py
index 88e854edec..94d52f7eb5 100644
--- a/scripts/qapi.py
+++ b/scripts/qapi.py
@@ -1687,7 +1687,7 @@ class QAPISchema(object):
assert False
def check(self):
- for ent in self._entity_dict.values():
+ for (name, ent) in sorted(self._entity_dict.items()):
ent.check(self)
def visit(self, visitor):

42
0039-tests-test-thread-pool-is-racy-add-.patch Normal file
View File

@ -0,0 +1,42 @@
From 7ddbb37c5a0ae657ff97c221c055cb2e843016f4 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Fri, 13 Apr 2018 11:46:47 -0600
Subject: [PATCH] tests: test-thread-pool is racy - add some barriers
I imagine there is more to be done to fix the memory consistency
races here, but these added barriers at least let it pass on ppc64le,
whereas before it would fail regularly there.
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
tests/test-thread-pool.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/tests/test-thread-pool.c b/tests/test-thread-pool.c
index 91b4ec5524..9790200df7 100644
--- a/tests/test-thread-pool.c
+++ b/tests/test-thread-pool.c
@@ -171,6 +171,7 @@ static void do_test_cancel(bool sync)
/* Cancel the jobs that haven't been started yet. */
num_canceled = 0;
for (i = 0; i < 100; i++) {
+ smp_mb();
if (atomic_cmpxchg(&data[i].n, 0, 3) == 0) {
data[i].ret = -ECANCELED;
if (sync) {
@@ -185,6 +186,7 @@ static void do_test_cancel(bool sync)
g_assert_cmpint(num_canceled, <, 100);
for (i = 0; i < 100; i++) {
+ smp_mb();
if (data[i].aiocb && data[i].n != 3) {
if (sync) {
/* Canceling the others will be a blocking operation. */
@@ -201,6 +203,7 @@ static void do_test_cancel(bool sync)
}
g_assert_cmpint(active, ==, 0);
for (i = 0; i < 100; i++) {
+ smp_mb();
if (data[i].n == 3) {
g_assert_cmpint(data[i].ret, ==, -ECANCELED);
g_assert(data[i].aiocb == NULL);

39
0040-device_tree-Increase-FDT_MAX_SIZE-t.patch Normal file
View File

@ -0,0 +1,39 @@
From 3faf2d7bb2c32a603e65f68045a58524f3018937 Mon Sep 17 00:00:00 2001
From: Geert Uytterhoeven <geert+renesas@glider.be>
Date: Thu, 26 Apr 2018 11:04:38 +0100
Subject: [PATCH] device_tree: Increase FDT_MAX_SIZE to 1 MiB
It is not uncommon for a contemporary FDT to be larger than 64 KiB,
leading to failures loading the device tree from sysfs:
qemu-system-aarch64: qemu_fdt_setprop: Couldn't set ...: FDT_ERR_NOSPACE
Hence increase the limit to 1 MiB, like on PPC.
For reference, the largest arm64 DTB created from the Linux sources is
ca. 75 KiB large (100 KiB when built with symbols/fixup support).
Cc: qemu-stable@nongnu.org
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Message-id: 1523541337-23919-1-git-send-email-geert+renesas@glider.be
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
(cherry picked from commit 14ec3cbd7c1e31dca4d23f028100c8f43e156573)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
device_tree.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/device_tree.c b/device_tree.c
index 19458b32bf..52c3358a55 100644
--- a/device_tree.c
+++ b/device_tree.c
@@ -29,7 +29,7 @@
#include <libfdt.h>
-#define FDT_MAX_SIZE 0x10000
+#define FDT_MAX_SIZE 0x100000
void *create_device_tree(int *sizep)
{

131
0040-qapi-force-a-UTF-8-locale-for-runni.patch
View File

@ -1,131 +0,0 @@
From 178826a44b2d08e69dc7128cb3f47cea32912e37 Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Tue, 16 Jan 2018 13:42:11 +0000
Subject: [PATCH] qapi: force a UTF-8 locale for running Python
Python2 did not validate locale correctness when reading input data, so
would happily read UTF-8 data in non-UTF-8 locales. Python3 is strict so
if you try to read UTF-8 data in the C locale, it will raise an error
for any UTF-8 bytes that aren't representable in 7-bit ascii encoding.
e.g.
UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 54: ordinal not in range(128)
Traceback (most recent call last):
File "/tmp/qemu-test/src/scripts/qapi-commands.py", line 317, in <module>
schema = QAPISchema(input_file)
File "/tmp/qemu-test/src/scripts/qapi.py", line 1468, in __init__
parser = QAPISchemaParser(open(fname, 'r'))
File "/tmp/qemu-test/src/scripts/qapi.py", line 301, in __init__
previously_included)
File "/tmp/qemu-test/src/scripts/qapi.py", line 348, in _include
exprs_include = QAPISchemaParser(fobj, previously_included, info)
File "/tmp/qemu-test/src/scripts/qapi.py", line 271, in __init__
self.src = fp.read()
File "/usr/lib64/python3.5/encodings/ascii.py", line 26, in decode
return codecs.ascii_decode(input, self.errors)[0]
More background on this can be seen in
https://www.python.org/dev/peps/pep-0538/
Many distros support a new C.UTF-8 locale that is like the C locale,
but with UTF-8 instead of 7-bit ASCII. That is not entirely portable
though. This patch thus sets the LANG to "C", but overrides LC_CTYPE
to be en_US.UTF-8 locale. This gets us pretty close to C.UTF-8, but
in a way that should be portable to everywhere QEMU builds.
This patch only forces UTF-8 for QAPI scripts, since that is the one
showing the immediate error under Python3 with C locale, but potentially
we ought to force this for all python scripts used in the build process.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <20180116134217.8725-9-berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
(cherry picked from commit d4e5ec877ca698a87dabe68814c6f93668f50c60)
[BR: BSC#1077564]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
Makefile | 22 ++++++++++++----------
1 file changed, 12 insertions(+), 10 deletions(-)
diff --git a/Makefile b/Makefile
index 4be3366e27..eec3a8d430 100644
--- a/Makefile
+++ b/Makefile
@@ -14,6 +14,8 @@ ifneq ($(wildcard config-host.mak),)
all:
include config-host.mak
+PYTHON_UTF8 = LC_ALL= LANG=C LC_CTYPE=en_US.UTF-8 $(PYTHON)
+
git-submodule-update:
.PHONY: git-submodule-update
@@ -467,17 +469,17 @@ qapi-py = $(SRC_PATH)/scripts/qapi.py $(SRC_PATH)/scripts/ordereddict.py
qga/qapi-generated/qga-qapi-types.c qga/qapi-generated/qga-qapi-types.h :\
$(SRC_PATH)/qga/qapi-schema.json $(SRC_PATH)/scripts/qapi-types.py $(qapi-py)
- $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/qapi-types.py \
+ $(call quiet-command,$(PYTHON_UTF8) $(SRC_PATH)/scripts/qapi-types.py \
$(gen-out-type) -o qga/qapi-generated -p "qga-" $<, \
"GEN","$@")
qga/qapi-generated/qga-qapi-visit.c qga/qapi-generated/qga-qapi-visit.h :\
$(SRC_PATH)/qga/qapi-schema.json $(SRC_PATH)/scripts/qapi-visit.py $(qapi-py)
- $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/qapi-visit.py \
+ $(call quiet-command,$(PYTHON_UTF8) $(SRC_PATH)/scripts/qapi-visit.py \
$(gen-out-type) -o qga/qapi-generated -p "qga-" $<, \
"GEN","$@")
qga/qapi-generated/qga-qmp-commands.h qga/qapi-generated/qga-qmp-marshal.c :\
$(SRC_PATH)/qga/qapi-schema.json $(SRC_PATH)/scripts/qapi-commands.py $(qapi-py)
- $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/qapi-commands.py \
+ $(call quiet-command,$(PYTHON_UTF8) $(SRC_PATH)/scripts/qapi-commands.py \
$(gen-out-type) -o qga/qapi-generated -p "qga-" $<, \
"GEN","$@")
@@ -498,27 +500,27 @@ qapi-modules = $(SRC_PATH)/qapi-schema.json $(SRC_PATH)/qapi/common.json \
qapi-types.c qapi-types.h :\
$(qapi-modules) $(SRC_PATH)/scripts/qapi-types.py $(qapi-py)
- $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/qapi-types.py \
+ $(call quiet-command,$(PYTHON_UTF8) $(SRC_PATH)/scripts/qapi-types.py \
$(gen-out-type) -o "." -b $<, \
"GEN","$@")
qapi-visit.c qapi-visit.h :\
$(qapi-modules) $(SRC_PATH)/scripts/qapi-visit.py $(qapi-py)
- $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/qapi-visit.py \
+ $(call quiet-command,$(PYTHON_UTF8) $(SRC_PATH)/scripts/qapi-visit.py \
$(gen-out-type) -o "." -b $<, \
"GEN","$@")
qapi-event.c qapi-event.h :\
$(qapi-modules) $(SRC_PATH)/scripts/qapi-event.py $(qapi-py)
- $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/qapi-event.py \
+ $(call quiet-command,$(PYTHON_UTF8) $(SRC_PATH)/scripts/qapi-event.py \
$(gen-out-type) -o "." $<, \
"GEN","$@")
qmp-commands.h qmp-marshal.c :\
$(qapi-modules) $(SRC_PATH)/scripts/qapi-commands.py $(qapi-py)
- $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/qapi-commands.py \
+ $(call quiet-command,$(PYTHON_UTF8) $(SRC_PATH)/scripts/qapi-commands.py \
$(gen-out-type) -o "." $<, \
"GEN","$@")
qmp-introspect.h qmp-introspect.c :\
$(qapi-modules) $(SRC_PATH)/scripts/qapi-introspect.py $(qapi-py)
- $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/qapi-introspect.py \
+ $(call quiet-command,$(PYTHON_UTF8) $(SRC_PATH)/scripts/qapi-introspect.py \
$(gen-out-type) -o "." $<, \
"GEN","$@")
@@ -788,10 +790,10 @@ qemu-img-cmds.texi: $(SRC_PATH)/qemu-img-cmds.hx $(SRC_PATH)/scripts/hxtool
docs/interop/qemu-qmp-qapi.texi docs/interop/qemu-ga-qapi.texi: $(SRC_PATH)/scripts/qapi2texi.py $(qapi-py)
docs/interop/qemu-qmp-qapi.texi: $(qapi-modules)
- $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/qapi2texi.py $< > $@,"GEN","$@")
+ $(call quiet-command,$(PYTHON_UTF8) $(SRC_PATH)/scripts/qapi2texi.py $< > $@,"GEN","$@")
docs/interop/qemu-ga-qapi.texi: $(SRC_PATH)/qga/qapi-schema.json
- $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/qapi2texi.py $< > $@,"GEN","$@")
+ $(call quiet-command,$(PYTHON_UTF8) $(SRC_PATH)/scripts/qapi2texi.py $< > $@,"GEN","$@")
qemu.1: qemu-doc.texi qemu-options.texi qemu-monitor.texi qemu-monitor-info.texi
qemu.1: qemu-option-trace.texi

41
0041-scripts-ensure-signrom-treats-data-.patch
View File

@ -1,41 +0,0 @@
From 93a3811284417987034a0c72387db589760fcaaa Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Tue, 16 Jan 2018 13:42:12 +0000
Subject: [PATCH] scripts: ensure signrom treats data as bytes
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <20180116134217.8725-10-berrange@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
(cherry picked from commit 31d8f92e646f7d4cfbb4ffab440ab41a3c838fd3)
[BR: BSC#1077564]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
scripts/signrom.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/scripts/signrom.py b/scripts/signrom.py
index d1dabe0240..0497a1c32e 100644
--- a/scripts/signrom.py
+++ b/scripts/signrom.py
@@ -18,7 +18,7 @@ fin = open(sys.argv[1], 'rb')
fout = open(sys.argv[2], 'wb')
magic = fin.read(2)
-if magic != '\x55\xaa':
+if magic != b'\x55\xaa':
sys.exit("%s: option ROM does not begin with magic 55 aa" % sys.argv[1])
size_byte = ord(fin.read(1))
@@ -33,7 +33,7 @@ elif len(data) < size:
# Add padding if necessary, rounding the whole input to a multiple of
# 512 bytes according to the third byte of the input.
# size-1 because a final byte is added below to store the checksum.
- data = data.ljust(size-1, '\0')
+ data = data.ljust(size-1, b'\0')
else:
if ord(data[-1:]) != 0:
sys.stderr.write('WARNING: ROM includes nonzero checksum\n')

47
0041-vnc-fix-use-after-free.patch Normal file
View File

@ -0,0 +1,47 @@
From 62a58c5c2ab8ae7575a9d91d903e97ef250cc537 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Fri, 20 Apr 2018 10:48:19 +0200
Subject: [PATCH] vnc: fix use-after-free
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
When vnc_client_read() return value is -1
vs is not valid any more.
Fixes: d49b87f0d1e0520443a990fc610d0f02bc63c556
Reported-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180420084820.3873-1-kraxel@redhat.com
(cherry picked from commit 1bc3117abad28d6465ecdb2c944b22943df0e4f3)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
ui/vnc.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/ui/vnc.c b/ui/vnc.c
index 5ebae6f664..a4b2cc7666 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -1539,13 +1539,14 @@ gboolean vnc_client_io(QIOChannel *ioc G_GNUC_UNUSED,
VncState *vs = opaque;
if (condition & G_IO_IN) {
if (vnc_client_read(vs) < 0) {
- goto end;
+ /* vs is free()ed here */
+ return TRUE;
}
}
if (condition & G_IO_OUT) {
vnc_client_write(vs);
}
-end:
+
if (vs->disconnecting) {
if (vs->ioc_tag != 0) {
g_source_remove(vs->ioc_tag);

49
0042-ccid-Fix-dwProtocols-advertisement-.patch Normal file
View File

@ -0,0 +1,49 @@
From 147b2d783526c7904732749cace06b62fd5fde9b Mon Sep 17 00:00:00 2001
From: Jason Andryuk <jandryuk@gmail.com>
Date: Fri, 20 Apr 2018 14:32:19 -0400
Subject: [PATCH] ccid: Fix dwProtocols advertisement of T=0
Commit d7d218ef02d87c637d20d64da8f575d434ff6f78 attempted to change
dwProtocols to only advertise support for T=0 and not T=1. The change
was incorrect as it changed 0x00000003 to 0x00010000.
lsusb -v in a linux guest shows:
"dwProtocols 65536 (Invalid values detected)", though the
smart card could still be accessed. Windows 7 does not detect inserted
smart cards and logs the the following Error in the Event Logs:
Source: Smart Card Service
Event ID: 610
Smart Card Reader 'QEMU QEMU USB CCID 0' rejected IOCTL SET_PROTOCOL:
Incorrect function. If this error persists, your smart card or reader
may not be functioning correctly
Command Header: 03 00 00 00
Setting to 0x00000001 fixes the Windows issue.
Signed-off-by: Jason Andryuk <jandryuk@gmail.com>
Message-id: 20180420183219.20722-1-jandryuk@gmail.com
Cc: qemu-stable@nongnu.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit 0ee86bb6c5beb6498488850104f7557c376d0bef)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/usb/dev-smartcard-reader.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/usb/dev-smartcard-reader.c b/hw/usb/dev-smartcard-reader.c
index e6468057a0..cabb564788 100644
--- a/hw/usb/dev-smartcard-reader.c
+++ b/hw/usb/dev-smartcard-reader.c
@@ -329,8 +329,8 @@ static const uint8_t qemu_ccid_descriptor[] = {
*/
0x07, /* u8 bVoltageSupport; 01h - 5.0v, 02h - 3.0, 03 - 1.8 */
- 0x00, 0x00, /* u32 dwProtocols; RRRR PPPP. RRRR = 0000h.*/
- 0x01, 0x00, /* PPPP: 0001h = Protocol T=0, 0002h = Protocol T=1 */
+ 0x01, 0x00, /* u32 dwProtocols; RRRR PPPP. RRRR = 0000h.*/
+ 0x00, 0x00, /* PPPP: 0001h = Protocol T=0, 0002h = Protocol T=1 */
/* u32 dwDefaultClock; in kHZ (0x0fa0 is 4 MHz) */
0xa0, 0x0f, 0x00, 0x00,
/* u32 dwMaximumClock; */

32
0042-configure-allow-use-of-python-3.patch
View File

@ -1,32 +0,0 @@
From 9ef8e6f7a53e7790187a810495e428a7556ead6e Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Tue, 16 Jan 2018 13:42:13 +0000
Subject: [PATCH] configure: allow use of python 3
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <20180116134217.8725-11-berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
(cherry picked from commit c21965a0c8b979c306e927f158257e5b0fa3a1f9)
[BR: BSC#1077564]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
configure | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/configure b/configure
index 71b8b473fc..62d66a6819 100755
--- a/configure
+++ b/configure
@@ -1573,9 +1573,8 @@ fi
# Note that if the Python conditional here evaluates True we will exit
# with status 1 which is a shell 'false' value.
-if ! $python -c 'import sys; sys.exit(sys.version_info < (2,6) or sys.version_info >= (3,))'; then
- error_exit "Cannot use '$python', Python 2.6 or later is required." \
- "Note that Python 3 or later is not yet supported." \
+if ! $python -c 'import sys; sys.exit(sys.version_info < (2,6))'; then
+ error_exit "Cannot use '$python', Python 2 >= 2.6 or Python 3 is required." \
"Use --python=/path/to/python to specify a supported Python."
fi

63
0043-input-add-missing-JIS-keys-to-virti.patch
View File

@ -1,63 +0,0 @@
From 47dfdc212f68d2ab3d06db162bff907c4922e67d Mon Sep 17 00:00:00 2001
From: Miika S <miika9764@gmail.com>
Date: Tue, 16 Jan 2018 13:42:14 +0000
Subject: [PATCH] input: add missing JIS keys to virtio input
keycodemapdb updated to add the QKeyCodes muhenkan and katakanahiragana
Signed-off-by: Miika S <miika9764@gmail.com>
Message-Id: <20180116134217.8725-12-berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
(cherry picked from commit 280b8da3b842177de538de4f73d3d63db077e39b)
[BR: BSC#1077564 - added changes to hw/input/virtio-input-hid.c which
were in an earlier proposed version of patch, but removed since that
file had become autogenerated. In 2.11, it is not autogenerated so those
previously proposed changes make sense for us.]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/input/virtio-input-hid.c | 7 +++++++
qapi/ui.json | 5 ++++-
2 files changed, 11 insertions(+), 1 deletion(-)
diff --git a/hw/input/virtio-input-hid.c b/hw/input/virtio-input-hid.c
index e78faec0b1..9628d289f9 100644
--- a/hw/input/virtio-input-hid.c
+++ b/hw/input/virtio-input-hid.c
@@ -139,6 +139,13 @@ static const unsigned int keymap_qcode[Q_KEY_CODE__MAX] = {
[Q_KEY_CODE_META_L] = KEY_LEFTMETA,
[Q_KEY_CODE_META_R] = KEY_RIGHTMETA,
[Q_KEY_CODE_MENU] = KEY_MENU,
+
+ [Q_KEY_CODE_MUHENKAN] = KEY_MUHENKAN,
+ [Q_KEY_CODE_HENKAN] = KEY_HENKAN,
+ [Q_KEY_CODE_KATAKANAHIRAGANA] = KEY_KATAKANAHIRAGANA,
+ [Q_KEY_CODE_COMPOSE] = KEY_COMPOSE,
+ [Q_KEY_CODE_RO] = KEY_RO,
+ [Q_KEY_CODE_YEN] = KEY_YEN,
};
static const unsigned int keymap_button[INPUT_BUTTON__MAX] = {
diff --git a/qapi/ui.json b/qapi/ui.json
index 07b468f625..d6679aa8f5 100644
--- a/qapi/ui.json
+++ b/qapi/ui.json
@@ -748,6 +748,9 @@
# @ac_bookmarks: since 2.10
# altgr, altgr_r: dropped in 2.10
#
+# @muhenkan: since 2.12
+# @katakanahiragana: since 2.12
+#
# 'sysrq' was mistakenly added to hack around the fact that
# the ps2 driver was not generating correct scancodes sequences
# when 'alt+print' was pressed. This flaw is now fixed and the
@@ -775,7 +778,7 @@
'left', 'up', 'down', 'right', 'insert', 'delete', 'stop', 'again',
'props', 'undo', 'front', 'copy', 'open', 'paste', 'find', 'cut',
'lf', 'help', 'meta_l', 'meta_r', 'compose', 'pause',
- 'ro', 'hiragana', 'henkan', 'yen',
+ 'ro', 'hiragana', 'henkan', 'yen', 'muhenkan', 'katakanahiragana',
'kp_comma', 'kp_equals', 'power', 'sleep', 'wake',
'audionext', 'audioprev', 'audiostop', 'audioplay', 'audiomute',
'volumeup', 'volumedown', 'mediaselect',

48
0043-tcg-arm-Fix-memory-barrier-encoding.patch Normal file
View File

@ -0,0 +1,48 @@
From 99aaadeae3b73ce65b3695a9fcae454ac09db81d Mon Sep 17 00:00:00 2001
From: Henry Wertz <hwertz10@gmail.com>
Date: Tue, 17 Apr 2018 12:06:23 -1000
Subject: [PATCH] tcg/arm: Fix memory barrier encoding
I found with qemu 2.11.x or newer that I would get an illegal instruction
error running some Intel binaries on my ARM chromebook. On investigation,
I found it was quitting on memory barriers.
qemu instruction:
mb $0x31
was translating as:
0x604050cc: 5bf07ff5 blpl #0x600250a8
After patch it gives:
0x604050cc: f57ff05b dmb ish
In short, I found INSN_DMB_ISH (memory barrier for ARMv7) appeared to be
correct based on online docs, but due to some endian-related shenanigans it
had to be byte-swapped to suit qemu; it appears INSN_DMB_MCR (memory
barrier for ARMv6) also should be byte swapped (and this patch does so).
I have not checked for correctness of aarch64's barrier instruction.
Cc: qemu-stable@nongnu.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Henry Wertz <hwertz10@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
(cherry picked from commit 3f814b803797c007abfe5c4041de754e01723031)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
tcg/arm/tcg-target.inc.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tcg/arm/tcg-target.inc.c b/tcg/arm/tcg-target.inc.c
index dc83f3e5be..56a32a470f 100644
--- a/tcg/arm/tcg-target.inc.c
+++ b/tcg/arm/tcg-target.inc.c
@@ -159,8 +159,8 @@ typedef enum {
INSN_STRD_IMM = 0x004000f0,
INSN_STRD_REG = 0x000000f0,
- INSN_DMB_ISH = 0x5bf07ff5,
- INSN_DMB_MCR = 0xba0f07ee,
+ INSN_DMB_ISH = 0xf57ff05b,
+ INSN_DMB_MCR = 0xee070fba,
/* Architected nop introduced in v6k. */
/* ??? This is an MSR (imm) 0,0,0 insn. Anyone know if this

39
0044-s390-ccw-force-diag-308-subcode-to-.patch Normal file
View File

@ -0,0 +1,39 @@
From 5098e4e05ca692d356588714daa2feaecc0f3248 Mon Sep 17 00:00:00 2001
From: Cornelia Huck <cohuck@redhat.com>
Date: Wed, 2 May 2018 14:52:21 +0200
Subject: [PATCH] s390-ccw: force diag 308 subcode to unsigned long
We currently pass an integer as the subcode parameter. However,
the upper bits of the register containing the subcode need to
be 0, which is not guaranteed unless we explicitly specify the
subcode to be an unsigned long value.
Fixes: d046c51dad3 ("pc-bios/s390-ccw: Get device address via diag 308/6")
Cc: qemu-stable@nongnu.org
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
(cherry picked from commit 63d8b5ace31c1e1f3996fe4cd551d6d377594d5a)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
pc-bios/s390-ccw/iplb.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/pc-bios/s390-ccw/iplb.h b/pc-bios/s390-ccw/iplb.h
index 5357a36d51..ded20c834e 100644
--- a/pc-bios/s390-ccw/iplb.h
+++ b/pc-bios/s390-ccw/iplb.h
@@ -101,10 +101,11 @@ static inline bool manage_iplb(IplParameterBlock *iplb, bool store)
{
register unsigned long addr asm("0") = (unsigned long) iplb;
register unsigned long rc asm("1") = 0;
+ unsigned long subcode = store ? 6 : 5;
asm volatile ("diag %0,%2,0x308\n"
: "+d" (addr), "+d" (rc)
- : "d" (store ? 6 : 5)
+ : "d" (subcode)
: "memory", "cc");
return rc == 0x01;
}

43
0045-nbd-client-fix-nbd_negotiate_simple.patch Normal file
View File

@ -0,0 +1,43 @@
From d0583cf5cba9821cef70389de8aab7c661f9f8a3 Mon Sep 17 00:00:00 2001
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Date: Fri, 27 Apr 2018 17:20:01 +0300
Subject: [PATCH] nbd/client: fix nbd_negotiate_simple_meta_context
Initialize received variable. Otherwise, is is possible for server to
answer without any contexts, but we will set context_id to something
random (received_id is not initialized too) and return 1, which is
wrong.
To solve it, just initialize received to false. Initialize received_id
too, just to make all possible checkers happy.
Bug was introduced in 78a33ab58782efdb206de14 "nbd: BLOCK_STATUS for
standard get_block_status function: client part" with the whole
function.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20180427142002.21930-2-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
CC: qemu-stable@nongnu.org
Signed-off-by: Eric Blake <eblake@redhat.com>
(cherry picked from commit 89aa0d87634e2cb98517509dc8bdb876f26ecf8b)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
nbd/client.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/nbd/client.c b/nbd/client.c
index b9e175d1c2..7f35b5c323 100644
--- a/nbd/client.c
+++ b/nbd/client.c
@@ -613,8 +613,8 @@ static int nbd_negotiate_simple_meta_context(QIOChannel *ioc,
{
int ret;
NBDOptionReply reply;
- uint32_t received_id;
- bool received;
+ uint32_t received_id = 0;
+ bool received = false;
uint32_t export_len = strlen(export);
uint32_t context_len = strlen(context);
uint32_t data_len = sizeof(export_len) + export_len +

61
0045-pc-fail-memory-hot-plug-unplug-with.patch
View File

@ -1,61 +0,0 @@
From 097f317248eb261968efb30755e3c91fd9311cea Mon Sep 17 00:00:00 2001
From: Haozhong Zhang <haozhong.zhang@intel.com>
Date: Fri, 22 Dec 2017 09:51:20 +0800
Subject: [PATCH] pc: fail memory hot-plug/unplug with -no-acpi and Q35 machine
type
When -no-acpi option is used with Q35 machine type, no guest ACPI is
built, but the ACPI device is still created, so only checking the
presence of ACPI device before memory plug/unplug is not enough in
such cases. Check whether ACPI is disabled globally in addition and
fail memory plug/unplug if it's disabled.
Signed-off-by: Haozhong Zhang <haozhong.zhang@intel.com>
Message-Id: <20171222015120.31730-1-haozhong.zhang@intel.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 8cd91acec8dfea6065272ca828405333f564a612)
[BR: BSC#1077823]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/i386/pc.c | 18 ++++++++++++++----
1 file changed, 14 insertions(+), 4 deletions(-)
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 186545d2a4..e7faf92143 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1694,9 +1694,14 @@ static void pc_dimm_plug(HotplugHandler *hotplug_dev,
align = memory_region_get_alignment(mr);
}
- if (!pcms->acpi_dev) {
+ /*
+ * When -no-acpi is used with Q35 machine type, no ACPI is built,
+ * but pcms->acpi_dev is still created. Check !acpi_enabled in
+ * addition to cover this case.
+ */
+ if (!pcms->acpi_dev || !acpi_enabled) {
error_setg(&local_err,
- "memory hotplug is not enabled: missing acpi device");
+ "memory hotplug is not enabled: missing acpi device or acpi disabled");
goto out;
}
@@ -1728,9 +1733,14 @@ static void pc_dimm_unplug_request(HotplugHandler *hotplug_dev,
Error *local_err = NULL;
PCMachineState *pcms = PC_MACHINE(hotplug_dev);
- if (!pcms->acpi_dev) {
+ /*
+ * When -no-acpi is used with Q35 machine type, no ACPI is built,
+ * but pcms->acpi_dev is still created. Check !acpi_enabled in
+ * addition to cover this case.
+ */
+ if (!pcms->acpi_dev || !acpi_enabled) {
error_setg(&local_err,
- "memory hotplug is not enabled: missing acpi device");
+ "memory hotplug is not enabled: missing acpi device or acpi disabled");
goto out;
}

39
0046-memattrs-add-debug-attribute.patch
View File

@ -1,39 +0,0 @@
From 631811d80a534654f23009e86cf9b9b942d53a48 Mon Sep 17 00:00:00 2001
From: Brijesh Singh <brijesh.singh@amd.com>
Date: Thu, 15 Feb 2018 09:03:19 -0600
Subject: [PATCH] memattrs: add debug attribute
Extend the MemTxAttrs to include 'debug' flag. The flag can be used as
general indicator that operation was triggered by the debugger.
Later in the patch series we set the debug=1 when issuing a memory access
from the gdbstub or HMP commands. This patch is prerequisite to support
debugging the encrypted guest. If we see request with debug=1 then we
will need to use encryption APIs to access the guest memory.
Cc: Alistair Francis <alistair.francis@xilinx.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: "Edgar E. Iglesias" <edgar.iglesias@xilinx.com>
Cc: Richard Henderson <richard.henderson@linaro.org>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: "Edgar E. Iglesias" <edgar.iglesias@xilinx.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
[BR: FATE#322124]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
include/exec/memattrs.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/include/exec/memattrs.h b/include/exec/memattrs.h
index d4a1642098..08099e4f7e 100644
--- a/include/exec/memattrs.h
+++ b/include/exec/memattrs.h
@@ -37,6 +37,8 @@ typedef struct MemTxAttrs {
unsigned int user:1;
/* Requester ID (for MSI for example) */
unsigned int requester_id:16;
+ /* Memory access request from the debugger */
+ unsigned int debug:1;
} MemTxAttrs;
/* Bus masters which don't specify any attributes will get this,

34
0046-migration-block-dirty-bitmap-fix-me.patch Normal file
View File

@ -0,0 +1,34 @@
From dacb486f3fda3c43180f919cd8e9febf6016bc00 Mon Sep 17 00:00:00 2001
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Date: Fri, 27 Apr 2018 17:20:02 +0300
Subject: [PATCH] migration/block-dirty-bitmap: fix memory leak in
dirty_bitmap_load_bits
Release buf on error path too.
Bug was introduced in b35ebdf076d697bc "migration: add postcopy
migration of dirty bitmaps" with the whole function.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20180427142002.21930-3-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
CC: qemu-stable@nongnu.org
Signed-off-by: Eric Blake <eblake@redhat.com>
(cherry picked from commit 16a2227893dc1d5cad78ed376ad1d7e300978fbe)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
migration/block-dirty-bitmap.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/migration/block-dirty-bitmap.c b/migration/block-dirty-bitmap.c
index dd04f102d8..8819aabe3a 100644
--- a/migration/block-dirty-bitmap.c
+++ b/migration/block-dirty-bitmap.c
@@ -600,6 +600,7 @@ static int dirty_bitmap_load_bits(QEMUFile *f, DirtyBitmapLoadState *s)
ret = qemu_get_buffer(f, buf, buf_size);
if (ret != buf_size) {
error_report("Failed to read bitmap bits");
+ g_free(buf);
return -EIO;
}

204
0047-exec-add-ram_debug_ops-support.patch
View File

@ -1,204 +0,0 @@
From a8955ac9aa33e2d3edb4ea948d74cf52fc9771a2 Mon Sep 17 00:00:00 2001
From: Brijesh Singh <brijesh.singh@amd.com>
Date: Thu, 15 Feb 2018 09:03:19 -0600
Subject: [PATCH] exec: add ram_debug_ops support
Currently, the guest memory access for the debug purpose is performed
using the memcpy(). Lets extend the 'struct MemoryRegion' to include
ram_debug_ops callbacks. The ram_debug_ops can be used to override
memcpy() with something else.
The feature can be used by encrypted guest -- which can register
callbacks to override memcpy() with memory encryption/decryption APIs.
a typical usage:
mem_read(uint8_t *dst, uint8_t *src, uint32_t len, MemTxAttrs *attrs);
mem_write(uint8_t *dst, uint8_t *src, uint32_t len, MemTxAttrs *attrs);
MemoryRegionRAMReadWriteOps ops;
ops.read = mem_read;
ops.write = mem_write;
memory_region_init_ram(mem, NULL, "memory", size, NULL);
memory_region_set_ram_debug_ops(mem, ops);
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Cc: Richard Henderson <rth@twiddle.net>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
[BR: FATE#322124]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
exec.c | 43 ++++++++++++++++++++++++++++++++-----------
include/exec/memory.h | 30 +++++++++++++++++++++++++++++-
2 files changed, 61 insertions(+), 12 deletions(-)
diff --git a/exec.c b/exec.c
index 1ca0f9e0ab..fe49807f58 100644
--- a/exec.c
+++ b/exec.c
@@ -2983,7 +2983,11 @@ static MemTxResult flatview_write_continue(FlatView *fv, hwaddr addr,
} else {
/* RAM case */
ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l, false);
- memcpy(ptr, buf, l);
+ if (attrs.debug && mr->ram_debug_ops) {
+ mr->ram_debug_ops->write(ptr, buf, l, attrs);
+ } else {
+ memcpy(ptr, buf, l);
+ }
invalidate_and_set_dirty(mr, addr1, l);
}
@@ -3081,7 +3085,11 @@ MemTxResult flatview_read_continue(FlatView *fv, hwaddr addr,
} else {
/* RAM case */
ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l, false);
- memcpy(buf, ptr, l);
+ if (attrs.debug && mr->ram_debug_ops) {
+ mr->ram_debug_ops->read(buf, ptr, l, attrs);
+ } else {
+ memcpy(buf, ptr, l);
+ }
}
if (release_lock) {
@@ -3155,7 +3163,8 @@ enum write_rom_type {
};
static inline void cpu_physical_memory_write_rom_internal(AddressSpace *as,
- hwaddr addr, const uint8_t *buf, int len, enum write_rom_type type)
+ hwaddr addr, const uint8_t *buf, int len, MemTxAttrs attrs,
+ enum write_rom_type type)
{
hwaddr l;
uint8_t *ptr;
@@ -3175,7 +3184,11 @@ static inline void cpu_physical_memory_write_rom_internal(AddressSpace *as,
ptr = qemu_map_ram_ptr(mr->ram_block, addr1);
switch (type) {
case WRITE_DATA:
- memcpy(ptr, buf, l);
+ if (mr->ram_debug_ops) {
+ mr->ram_debug_ops->write(ptr, buf, l, attrs);
+ } else {
+ memcpy(ptr, buf, l);
+ }
invalidate_and_set_dirty(mr, addr1, l);
break;
case FLUSH_CACHE:
@@ -3194,7 +3207,9 @@ static inline void cpu_physical_memory_write_rom_internal(AddressSpace *as,
void cpu_physical_memory_write_rom(AddressSpace *as, hwaddr addr,
const uint8_t *buf, int len)
{
- cpu_physical_memory_write_rom_internal(as, addr, buf, len, WRITE_DATA);
+ cpu_physical_memory_write_rom_internal(as, addr, buf, len,
+ MEMTXATTRS_UNSPECIFIED,
+ WRITE_DATA);
}
void cpu_flush_icache_range(hwaddr start, int len)
@@ -3209,8 +3224,9 @@ void cpu_flush_icache_range(hwaddr start, int len)
return;
}
- cpu_physical_memory_write_rom_internal(&address_space_memory,
- start, NULL, len, FLUSH_CACHE);
+ cpu_physical_memory_write_rom_internal(&address_space_memory, start, NULL,
+ len, MEMTXATTRS_UNSPECIFIED,
+ FLUSH_CACHE);
}
typedef struct {
@@ -3525,6 +3541,10 @@ int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
page = addr & TARGET_PAGE_MASK;
phys_addr = cpu_get_phys_page_attrs_debug(cpu, page, &attrs);
asidx = cpu_asidx_from_attrs(cpu, attrs);
+
+ /* set debug attrs to indicate memory access is from the debugger */
+ attrs.debug = 1;
+
/* if no physical page mapped, return an error */
if (phys_addr == -1)
return -1;
@@ -3533,13 +3553,14 @@ int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
l = len;
phys_addr += (addr & ~TARGET_PAGE_MASK);
if (is_write) {
- cpu_physical_memory_write_rom(cpu->cpu_ases[asidx].as,
- phys_addr, buf, l);
+ cpu_physical_memory_write_rom_internal(cpu->cpu_ases[asidx].as,
+ phys_addr, buf, l, attrs,
+ WRITE_DATA);
} else {
address_space_rw(cpu->cpu_ases[asidx].as, phys_addr,
- MEMTXATTRS_UNSPECIFIED,
- buf, l, 0);
+ attrs, buf, l, 0);
}
+
len -= l;
buf += l;
addr += l;
diff --git a/include/exec/memory.h b/include/exec/memory.h
index 5ed4042f87..8d3b99cba8 100644
--- a/include/exec/memory.h
+++ b/include/exec/memory.h
@@ -215,6 +215,18 @@ typedef struct IOMMUMemoryRegionClass {
typedef struct CoalescedMemoryRange CoalescedMemoryRange;
typedef struct MemoryRegionIoeventfd MemoryRegionIoeventfd;
+/* Memory Region RAM debug callback */
+typedef struct MemoryRegionRAMReadWriteOps MemoryRegionRAMReadWriteOps;
+
+struct MemoryRegionRAMReadWriteOps {
+ /* Write data into guest memory */
+ int (*write) (uint8_t *dest, const uint8_t *src,
+ uint32_t len, MemTxAttrs attrs);
+ /* Read data from guest memory */
+ int (*read) (uint8_t *dest, const uint8_t *src,
+ uint32_t len, MemTxAttrs attrs);
+};
+
struct MemoryRegion {
Object parent_obj;
@@ -254,6 +266,7 @@ struct MemoryRegion {
const char *name;
unsigned ioeventfd_nb;
MemoryRegionIoeventfd *ioeventfds;
+ const MemoryRegionRAMReadWriteOps *ram_debug_ops;
};
struct IOMMUMemoryRegion {
@@ -620,6 +633,21 @@ void memory_region_init_rom_device_nomigrate(MemoryRegion *mr,
uint64_t size,
Error **errp);
+/**
+ * memory_region_set_ram_debug_ops: Set debug access ops for a given memory
+ * region.
+ *
+ * @mr: the #MemoryRegion to be initialized
+ * @ops: a function that will be used for when accessing @target region during
+ * debug
+ */
+static inline void
+memory_region_set_ram_debug_ops(MemoryRegion *mr,
+ const MemoryRegionRAMReadWriteOps *ops)
+{
+ mr->ram_debug_ops = ops;
+}
+
/**
* memory_region_init_reservation: Initialize a memory region that reserves
* I/O space.
@@ -1928,7 +1956,7 @@ MemTxResult flatview_read(FlatView *fv, hwaddr addr, MemTxAttrs attrs,
void *ptr;
MemoryRegion *mr;
- if (__builtin_constant_p(len)) {
+ if (__builtin_constant_p(len) && !attrs.debug) {
if (len) {
rcu_read_lock();
l = len;

59
0047-nbd-client-Fix-error-messages-durin.patch Normal file
View File

@ -0,0 +1,59 @@
From 576c854128e5646e6b36a757eaead3f89f21fb51 Mon Sep 17 00:00:00 2001
From: Eric Blake <eblake@redhat.com>
Date: Tue, 1 May 2018 10:46:53 -0500
Subject: [PATCH] nbd/client: Fix error messages during NBD_INFO_BLOCK_SIZE
A missing space makes for poor error messages, and sizes can't
go negative. Also, we missed diagnosing a server that sends
a maximum block size less than the minimum.
Fixes: 081dd1fe
CC: qemu-stable@nongnu.org
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180501154654.943782-1-eblake@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
(cherry picked from commit e475d108f1b3d3163f0affea67cdedbe5fc9752b)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
nbd/client.c | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/nbd/client.c b/nbd/client.c
index 7f35b5c323..232ff4f46d 100644
--- a/nbd/client.c
+++ b/nbd/client.c
@@ -435,8 +435,8 @@ static int nbd_opt_go(QIOChannel *ioc, const char *wantname,
}
be32_to_cpus(&info->min_block);
if (!is_power_of_2(info->min_block)) {
- error_setg(errp, "server minimum block size %" PRId32
- "is not a power of two", info->min_block);
+ error_setg(errp, "server minimum block size %" PRIu32
+ " is not a power of two", info->min_block);
nbd_send_opt_abort(ioc);
return -1;
}
@@ -450,8 +450,8 @@ static int nbd_opt_go(QIOChannel *ioc, const char *wantname,
be32_to_cpus(&info->opt_block);
if (!is_power_of_2(info->opt_block) ||
info->opt_block < info->min_block) {
- error_setg(errp, "server preferred block size %" PRId32
- "is not valid", info->opt_block);
+ error_setg(errp, "server preferred block size %" PRIu32
+ " is not valid", info->opt_block);
nbd_send_opt_abort(ioc);
return -1;
}
@@ -462,6 +462,12 @@ static int nbd_opt_go(QIOChannel *ioc, const char *wantname,
return -1;
}
be32_to_cpus(&info->max_block);
+ if (info->max_block < info->min_block) {
+ error_setg(errp, "server maximum block size %" PRIu32
+ " is not valid", info->max_block);
+ nbd_send_opt_abort(ioc);
+ return -1;
+ }
trace_nbd_opt_go_info_block_size(info->min_block, info->opt_block,
info->max_block);
break;

106
0048-exec-add-debug-version-of-physical-.patch
View File

@ -1,106 +0,0 @@
From bb5805ddc9a5bfbf78d4ce81b6395452c783ca77 Mon Sep 17 00:00:00 2001
From: Brijesh Singh <brijesh.singh@amd.com>
Date: Thu, 15 Feb 2018 09:03:20 -0600
Subject: [PATCH] exec: add debug version of physical memory read and write API
Adds the following new APIs
- cpu_physical_memory_read_debug
- cpu_physical_memory_write_debug
- cpu_physical_memory_rw_debug
- ldl_phys_debug
- ldq_phys_debug
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Cc: Richard Henderson <rth@twiddle.net>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
[BR: FATE#322124]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
exec.c | 40 ++++++++++++++++++++++++++++++++++++++++
include/exec/cpu-common.h | 15 +++++++++++++++
2 files changed, 55 insertions(+)
diff --git a/exec.c b/exec.c
index fe49807f58..2a297de819 100644
--- a/exec.c
+++ b/exec.c
@@ -3525,6 +3525,46 @@ void address_space_cache_destroy(MemoryRegionCache *cache)
#define RCU_READ_UNLOCK() rcu_read_unlock()
#include "memory_ldst.inc.c"
+uint32_t ldl_phys_debug(CPUState *cpu, hwaddr addr)
+{
+ MemTxAttrs attrs;
+ int asidx = cpu_asidx_from_attrs(cpu, attrs);
+ uint32_t val;
+
+ /* set debug attrs to indicate memory access is from the debugger */
+ attrs.debug = 1;
+
+ address_space_rw(cpu->cpu_ases[asidx].as, addr, attrs,
+ (void *) &val, 4, 0);
+
+ return tswap32(val);
+}
+
+uint64_t ldq_phys_debug(CPUState *cpu, hwaddr addr)
+{
+ MemTxAttrs attrs;
+ int asidx = cpu_asidx_from_attrs(cpu, attrs);
+ uint64_t val;
+
+ /* set debug attrs to indicate memory access is from the debugger */
+ attrs.debug = 1;
+
+ address_space_rw(cpu->cpu_ases[asidx].as, addr, attrs,
+ (void *) &val, 8, 0);
+ return val;
+}
+
+void cpu_physical_memory_rw_debug(hwaddr addr, uint8_t *buf,
+ int len, int is_write)
+{
+ MemTxAttrs attrs;
+
+ /* set debug attrs to indicate memory access is from the debugger */
+ attrs.debug = 1;
+
+ address_space_rw(&address_space_memory, addr, attrs, buf, len, is_write);
+}
+
/* virtual memory access for debug (includes writing to ROM) */
int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
uint8_t *buf, int len, int is_write)
diff --git a/include/exec/cpu-common.h b/include/exec/cpu-common.h
index 74341b19d2..fa01385d4f 100644
--- a/include/exec/cpu-common.h
+++ b/include/exec/cpu-common.h
@@ -77,11 +77,26 @@ size_t qemu_ram_pagesize_largest(void);
void cpu_physical_memory_rw(hwaddr addr, uint8_t *buf,
int len, int is_write);
+void cpu_physical_memory_rw_debug(hwaddr addr, uint8_t *buf,
+ int len, int is_write);
static inline void cpu_physical_memory_read(hwaddr addr,
void *buf, int len)
{
cpu_physical_memory_rw(addr, buf, len, 0);
}
+static inline void cpu_physical_memory_read_debug(hwaddr addr,
+ void *buf, int len)
+{
+ cpu_physical_memory_rw_debug(addr, buf, len, 0);
+}
+static inline void cpu_physical_memory_write_debug(hwaddr addr,
+ const void *buf, int len)
+{
+ cpu_physical_memory_rw_debug(addr, (void *)buf, len, 1);
+}
+uint32_t ldl_phys_debug(CPUState *cpu, hwaddr addr);
+uint64_t ldq_phys_debug(CPUState *cpu, hwaddr addr);
+
static inline void cpu_physical_memory_write(hwaddr addr,
const void *buf, int len)
{

54
0048-nbd-client-Relax-handling-of-large-.patch Normal file
View File

@ -0,0 +1,54 @@
From 15ada521b8ffff264f5322a188fa1ce080eec5a4 Mon Sep 17 00:00:00 2001
From: Eric Blake <eblake@redhat.com>
Date: Thu, 3 May 2018 17:26:26 -0500
Subject: [PATCH] nbd/client: Relax handling of large NBD_CMD_BLOCK_STATUS
reply
The NBD spec is proposing a relaxation of NBD_CMD_BLOCK_STATUS
where a server may have the final extent per context give a
length beyond the original request, if it can easily prove that
subsequent bytes have the same status, on the grounds that a
client can take advantage of this information for fewer block
status requests. Since qemu 2.12 as a client always sends
NBD_CMD_FLAG_REQ_ONE, and rejects a server that sends extra
length, the upstream NBD spec will probably limit this behavior
to clients that don't request REQ_ONE semantics; but it doesn't
hurt to relax qemu to always be permissive of this server
behavior, even if it continues to use REQ_ONE.
CC: qemu-stable@nongnu.org
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180503222626.1303410-1-eblake@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
(cherry picked from commit acfd8f7a5f92e703d2d046cbe3d510008a697194)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
block/nbd-client.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/block/nbd-client.c b/block/nbd-client.c
index e7caf49fbb..8d69eaaa32 100644
--- a/block/nbd-client.c
+++ b/block/nbd-client.c
@@ -259,14 +259,18 @@ static int nbd_parse_blockstatus_payload(NBDClientSession *client,
if (extent->length == 0 ||
(client->info.min_block && !QEMU_IS_ALIGNED(extent->length,
- client->info.min_block)) ||
- extent->length > orig_length)
- {
+ client->info.min_block))) {
error_setg(errp, "Protocol error: server sent status chunk with "
"invalid length");
return -EINVAL;
}
+ /* The server is allowed to send us extra information on the final
+ * extent; just clamp it to the length we requested. */
+ if (extent->length > orig_length) {
+ extent->length = orig_length;
+ }
+
return 0;
}

366
0049-monitor-i386-use-debug-APIs-when-ac.patch
View File

@ -1,366 +0,0 @@
From 6dd6cff79148e79a45da6277fd7f9b5de4f41d20 Mon Sep 17 00:00:00 2001
From: Brijesh Singh <brijesh.singh@amd.com>
Date: Thu, 15 Feb 2018 09:03:20 -0600
Subject: [PATCH] monitor/i386: use debug APIs when accessing guest memory
Updates HMP commands to use the debug version of APIs when accessing the
guest memory.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
[BR: FATE#322124]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
cpus.c | 2 +-
disas.c | 2 +-
monitor.c | 6 +++---
target/i386/helper.c | 14 ++++++------
target/i386/monitor.c | 60 +++++++++++++++++++++++++++------------------------
5 files changed, 44 insertions(+), 40 deletions(-)
diff --git a/cpus.c b/cpus.c
index 114c29b6a0..d1e7e28993 100644
--- a/cpus.c
+++ b/cpus.c
@@ -2026,7 +2026,7 @@ void qmp_pmemsave(int64_t addr, int64_t size, const char *filename,
l = sizeof(buf);
if (l > size)
l = size;
- cpu_physical_memory_read(addr, buf, l);
+ cpu_physical_memory_read_debug(addr, buf, l);
if (fwrite(buf, 1, l, f) != l) {
error_setg(errp, QERR_IO_ERROR);
goto exit;
diff --git a/disas.c b/disas.c
index d4ad1089ef..fcedbf2633 100644
--- a/disas.c
+++ b/disas.c
@@ -586,7 +586,7 @@ static int
physical_read_memory(bfd_vma memaddr, bfd_byte *myaddr, int length,
struct disassemble_info *info)
{
- cpu_physical_memory_read(memaddr, myaddr, length);
+ cpu_physical_memory_read_debug(memaddr, myaddr, length);
return 0;
}
diff --git a/monitor.c b/monitor.c
index e36fb5308d..6b484e3e0d 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1359,7 +1359,7 @@ static void memory_dump(Monitor *mon, int count, int format, int wsize,
if (l > line_size)
l = line_size;
if (is_physical) {
- cpu_physical_memory_read(addr, buf, l);
+ cpu_physical_memory_read_debug(addr, buf, l);
} else {
if (cpu_memory_rw_debug(cs, addr, buf, l, 0) < 0) {
monitor_printf(mon, " Cannot access memory\n");
@@ -1565,8 +1565,8 @@ static void hmp_sum(Monitor *mon, const QDict *qdict)
sum = 0;
for(addr = start; addr < (start + size); addr++) {
- uint8_t val = address_space_ldub(&address_space_memory, addr,
- MEMTXATTRS_UNSPECIFIED, NULL);
+ uint8_t val;
+ cpu_physical_memory_read_debug(addr, &val, 1);
/* BSD sum algorithm ('sum' Unix command) */
sum = (sum >> 1) | (sum << 15);
sum += val;
diff --git a/target/i386/helper.c b/target/i386/helper.c
index f63eb3d3f4..5dc9e8839b 100644
--- a/target/i386/helper.c
+++ b/target/i386/helper.c
@@ -757,7 +757,7 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
if (la57) {
pml5e_addr = ((env->cr[3] & ~0xfff) +
(((addr >> 48) & 0x1ff) << 3)) & a20_mask;
- pml5e = x86_ldq_phys(cs, pml5e_addr);
+ pml5e = ldq_phys_debug(cs, pml5e_addr);
if (!(pml5e & PG_PRESENT_MASK)) {
return -1;
}
@@ -767,7 +767,7 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
pml4e_addr = ((pml5e & PG_ADDRESS_MASK) +
(((addr >> 39) & 0x1ff) << 3)) & a20_mask;
- pml4e = x86_ldq_phys(cs, pml4e_addr);
+ pml4e = ldq_phys_debug(cs, pml4e_addr);
if (!(pml4e & PG_PRESENT_MASK)) {
return -1;
}
@@ -788,14 +788,14 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
{
pdpe_addr = ((env->cr[3] & ~0x1f) + ((addr >> 27) & 0x18)) &
a20_mask;
- pdpe = x86_ldq_phys(cs, pdpe_addr);
+ pdpe = ldq_phys_debug(cs, pdpe_addr);
if (!(pdpe & PG_PRESENT_MASK))
return -1;
}
pde_addr = ((pdpe & PG_ADDRESS_MASK) +
(((addr >> 21) & 0x1ff) << 3)) & a20_mask;
- pde = x86_ldq_phys(cs, pde_addr);
+ pde = ldq_phys_debug(cs, pde_addr);
if (!(pde & PG_PRESENT_MASK)) {
return -1;
}
@@ -808,7 +808,7 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
pte_addr = ((pde & PG_ADDRESS_MASK) +
(((addr >> 12) & 0x1ff) << 3)) & a20_mask;
page_size = 4096;
- pte = x86_ldq_phys(cs, pte_addr);
+ pte = ldq_phys_debug(cs, pte_addr);
}
if (!(pte & PG_PRESENT_MASK)) {
return -1;
@@ -818,7 +818,7 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
/* page directory entry */
pde_addr = ((env->cr[3] & ~0xfff) + ((addr >> 20) & 0xffc)) & a20_mask;
- pde = x86_ldl_phys(cs, pde_addr);
+ pde = ldl_phys_debug(cs, pde_addr);
if (!(pde & PG_PRESENT_MASK))
return -1;
if ((pde & PG_PSE_MASK) && (env->cr[4] & CR4_PSE_MASK)) {
@@ -827,7 +827,7 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
} else {
/* page directory entry */
pte_addr = ((pde & ~0xfff) + ((addr >> 10) & 0xffc)) & a20_mask;
- pte = x86_ldl_phys(cs, pte_addr);
+ pte = ldl_phys_debug(cs, pte_addr);
if (!(pte & PG_PRESENT_MASK)) {
return -1;
}
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index 75e155ffb1..63f7125ba8 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -66,7 +66,7 @@ static void tlb_info_32(Monitor *mon, CPUArchState *env)
pgd = env->cr[3] & ~0xfff;
for(l1 = 0; l1 < 1024; l1++) {
- cpu_physical_memory_read(pgd + l1 * 4, &pde, 4);
+ cpu_physical_memory_read_debug(pgd + l1 * 4, &pde, 4);
pde = le32_to_cpu(pde);
if (pde & PG_PRESENT_MASK) {
if ((pde & PG_PSE_MASK) && (env->cr[4] & CR4_PSE_MASK)) {
@@ -74,7 +74,8 @@ static void tlb_info_32(Monitor *mon, CPUArchState *env)
print_pte(mon, env, (l1 << 22), pde, ~((1 << 21) - 1));
} else {
for(l2 = 0; l2 < 1024; l2++) {
- cpu_physical_memory_read((pde & ~0xfff) + l2 * 4, &pte, 4);
+ cpu_physical_memory_read_debug((pde & ~0xfff) + l2 * 4,
+ &pte, 4);
pte = le32_to_cpu(pte);
if (pte & PG_PRESENT_MASK) {
print_pte(mon, env, (l1 << 22) + (l2 << 12),
@@ -95,12 +96,12 @@ static void tlb_info_pae32(Monitor *mon, CPUArchState *env)
pdp_addr = env->cr[3] & ~0x1f;
for (l1 = 0; l1 < 4; l1++) {
- cpu_physical_memory_read(pdp_addr + l1 * 8, &pdpe, 8);
+ cpu_physical_memory_read_debug(pdp_addr + l1 * 8, &pdpe, 8);
pdpe = le64_to_cpu(pdpe);
if (pdpe & PG_PRESENT_MASK) {
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
- cpu_physical_memory_read(pd_addr + l2 * 8, &pde, 8);
+ cpu_physical_memory_read_debug(pd_addr + l2 * 8, &pde, 8);
pde = le64_to_cpu(pde);
if (pde & PG_PRESENT_MASK) {
if (pde & PG_PSE_MASK) {
@@ -110,7 +111,8 @@ static void tlb_info_pae32(Monitor *mon, CPUArchState *env)
} else {
pt_addr = pde & 0x3fffffffff000ULL;
for (l3 = 0; l3 < 512; l3++) {
- cpu_physical_memory_read(pt_addr + l3 * 8, &pte, 8);
+ cpu_physical_memory_read_debug(pt_addr + l3 * 8,
+ &pte, 8);
pte = le64_to_cpu(pte);
if (pte & PG_PRESENT_MASK) {
print_pte(mon, env, (l1 << 30) + (l2 << 21)
@@ -135,7 +137,7 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
uint64_t pdp_addr, pd_addr, pt_addr;
for (l1 = 0; l1 < 512; l1++) {
- cpu_physical_memory_read(pml4_addr + l1 * 8, &pml4e, 8);
+ cpu_physical_memory_read_debug(pml4_addr + l1 * 8, &pml4e, 8);
pml4e = le64_to_cpu(pml4e);
if (!(pml4e & PG_PRESENT_MASK)) {
continue;
@@ -143,7 +145,7 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
pdp_addr = pml4e & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
- cpu_physical_memory_read(pdp_addr + l2 * 8, &pdpe, 8);
+ cpu_physical_memory_read_debug(pdp_addr + l2 * 8, &pdpe, 8);
pdpe = le64_to_cpu(pdpe);
if (!(pdpe & PG_PRESENT_MASK)) {
continue;
@@ -158,7 +160,7 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l3 = 0; l3 < 512; l3++) {
- cpu_physical_memory_read(pd_addr + l3 * 8, &pde, 8);
+ cpu_physical_memory_read_debug(pd_addr + l3 * 8, &pde, 8);
pde = le64_to_cpu(pde);
if (!(pde & PG_PRESENT_MASK)) {
continue;
@@ -173,9 +175,7 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
pt_addr = pde & 0x3fffffffff000ULL;
for (l4 = 0; l4 < 512; l4++) {
- cpu_physical_memory_read(pt_addr
- + l4 * 8,
- &pte, 8);
+ cpu_physical_memory_read_debug(pt_addr + l4 * 8, &pte, 8);
pte = le64_to_cpu(pte);
if (pte & PG_PRESENT_MASK) {
print_pte(mon, env, (l0 << 48) + (l1 << 39) +
@@ -196,7 +196,7 @@ static void tlb_info_la57(Monitor *mon, CPUArchState *env)
pml5_addr = env->cr[3] & 0x3fffffffff000ULL;
for (l0 = 0; l0 < 512; l0++) {
- cpu_physical_memory_read(pml5_addr + l0 * 8, &pml5e, 8);
+ cpu_physical_memory_read_debug(pml5_addr + l0 * 8, &pml5e, 8);
pml5e = le64_to_cpu(pml5e);
if (pml5e & PG_PRESENT_MASK) {
tlb_info_la48(mon, env, l0, pml5e & 0x3fffffffff000ULL);
@@ -271,7 +271,7 @@ static void mem_info_32(Monitor *mon, CPUArchState *env)
last_prot = 0;
start = -1;
for(l1 = 0; l1 < 1024; l1++) {
- cpu_physical_memory_read(pgd + l1 * 4, &pde, 4);
+ cpu_physical_memory_read_debug(pgd + l1 * 4, &pde, 4);
pde = le32_to_cpu(pde);
end = l1 << 22;
if (pde & PG_PRESENT_MASK) {
@@ -280,7 +280,8 @@ static void mem_info_32(Monitor *mon, CPUArchState *env)
mem_print(mon, &start, &last_prot, end, prot);
} else {
for(l2 = 0; l2 < 1024; l2++) {
- cpu_physical_memory_read((pde & ~0xfff) + l2 * 4, &pte, 4);
+ cpu_physical_memory_read_debug((pde & ~0xfff) + l2 * 4,
+ &pte, 4);
pte = le32_to_cpu(pte);
end = (l1 << 22) + (l2 << 12);
if (pte & PG_PRESENT_MASK) {
@@ -313,13 +314,13 @@ static void mem_info_pae32(Monitor *mon, CPUArchState *env)
last_prot = 0;
start = -1;
for (l1 = 0; l1 < 4; l1++) {
- cpu_physical_memory_read(pdp_addr + l1 * 8, &pdpe, 8);
+ cpu_physical_memory_read_debug(pdp_addr + l1 * 8, &pdpe, 8);
pdpe = le64_to_cpu(pdpe);
end = l1 << 30;
if (pdpe & PG_PRESENT_MASK) {
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
- cpu_physical_memory_read(pd_addr + l2 * 8, &pde, 8);
+ cpu_physical_memory_read_debug(pd_addr + l2 * 8, &pde, 8);
pde = le64_to_cpu(pde);
end = (l1 << 30) + (l2 << 21);
if (pde & PG_PRESENT_MASK) {
@@ -330,7 +331,8 @@ static void mem_info_pae32(Monitor *mon, CPUArchState *env)
} else {
pt_addr = pde & 0x3fffffffff000ULL;
for (l3 = 0; l3 < 512; l3++) {
- cpu_physical_memory_read(pt_addr + l3 * 8, &pte, 8);
+ cpu_physical_memory_read_debug(pt_addr + l3 * 8,
+ &pte, 8);
pte = le64_to_cpu(pte);
end = (l1 << 30) + (l2 << 21) + (l3 << 12);
if (pte & PG_PRESENT_MASK) {
@@ -369,13 +371,13 @@ static void mem_info_la48(Monitor *mon, CPUArchState *env)
last_prot = 0;
start = -1;
for (l1 = 0; l1 < 512; l1++) {
- cpu_physical_memory_read(pml4_addr + l1 * 8, &pml4e, 8);
+ cpu_physical_memory_read_debug(pml4_addr + l1 * 8, &pml4e, 8);
pml4e = le64_to_cpu(pml4e);
end = l1 << 39;
if (pml4e & PG_PRESENT_MASK) {
pdp_addr = pml4e & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
- cpu_physical_memory_read(pdp_addr + l2 * 8, &pdpe, 8);
+ cpu_physical_memory_read_debug(pdp_addr + l2 * 8, &pdpe, 8);
pdpe = le64_to_cpu(pdpe);
end = (l1 << 39) + (l2 << 30);
if (pdpe & PG_PRESENT_MASK) {
@@ -387,7 +389,8 @@ static void mem_info_la48(Monitor *mon, CPUArchState *env)
} else {
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l3 = 0; l3 < 512; l3++) {
- cpu_physical_memory_read(pd_addr + l3 * 8, &pde, 8);
+ cpu_physical_memory_read_debug(pd_addr + l3 * 8,
+ &pde, 8);
pde = le64_to_cpu(pde);
end = (l1 << 39) + (l2 << 30) + (l3 << 21);
if (pde & PG_PRESENT_MASK) {
@@ -399,9 +402,9 @@ static void mem_info_la48(Monitor *mon, CPUArchState *env)
} else {
pt_addr = pde & 0x3fffffffff000ULL;
for (l4 = 0; l4 < 512; l4++) {
- cpu_physical_memory_read(pt_addr
- + l4 * 8,
- &pte, 8);
+ cpu_physical_memory_read_debug(pt_addr
+ + l4 * 8,
+ &pte, 8);
pte = le64_to_cpu(pte);
end = (l1 << 39) + (l2 << 30) +
(l3 << 21) + (l4 << 12);
@@ -446,7 +449,7 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
last_prot = 0;
start = -1;
for (l0 = 0; l0 < 512; l0++) {
- cpu_physical_memory_read(pml5_addr + l0 * 8, &pml5e, 8);
+ cpu_physical_memory_read_debug(pml5_addr + l0 * 8, &pml5e, 8);
pml5e = le64_to_cpu(pml5e);
end = l0 << 48;
if (!(pml5e & PG_PRESENT_MASK)) {
@@ -457,7 +460,7 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
pml4_addr = pml5e & 0x3fffffffff000ULL;
for (l1 = 0; l1 < 512; l1++) {
- cpu_physical_memory_read(pml4_addr + l1 * 8, &pml4e, 8);
+ cpu_physical_memory_read_debug(pml4_addr + l1 * 8, &pml4e, 8);
pml4e = le64_to_cpu(pml4e);
end = (l0 << 48) + (l1 << 39);
if (!(pml4e & PG_PRESENT_MASK)) {
@@ -468,7 +471,7 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
pdp_addr = pml4e & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
- cpu_physical_memory_read(pdp_addr + l2 * 8, &pdpe, 8);
+ cpu_physical_memory_read_debug(pdp_addr + l2 * 8, &pdpe, 8);
pdpe = le64_to_cpu(pdpe);
end = (l0 << 48) + (l1 << 39) + (l2 << 30);
if (pdpe & PG_PRESENT_MASK) {
@@ -487,7 +490,7 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l3 = 0; l3 < 512; l3++) {
- cpu_physical_memory_read(pd_addr + l3 * 8, &pde, 8);
+ cpu_physical_memory_read_debug(pd_addr + l3 * 8, &pde, 8);
pde = le64_to_cpu(pde);
end = (l0 << 48) + (l1 << 39) + (l2 << 30) + (l3 << 21);
if (pde & PG_PRESENT_MASK) {
@@ -506,7 +509,8 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
pt_addr = pde & 0x3fffffffff000ULL;
for (l4 = 0; l4 < 512; l4++) {
- cpu_physical_memory_read(pt_addr + l4 * 8, &pte, 8);
+ cpu_physical_memory_read_debug(pt_addr + l4 * 8,
+ &pte, 8);
pte = le64_to_cpu(pte);
end = (l0 << 48) + (l1 << 39) + (l2 << 30) +
(l3 << 21) + (l4 << 12);

40
0049-qxl-fix-local-renderer-crash.patch Normal file
View File

@ -0,0 +1,40 @@
From 103ae095901618329ae7bcc1c353fb9f89f0dce4 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Fri, 27 Apr 2018 13:55:28 +0200
Subject: [PATCH] qxl: fix local renderer crash
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Make sure we only ask the spice local renderer for display updates in
case we have a valid primary surface. Without that spice is confused
and throws errors in case a display update request (triggered by
screendump for example) happens in parallel to a mode switch and hits
the race window where the old primary surface is gone and the new isn't
establisted yet.
Cc: qemu-stable@nongnu.org
Fixes: https://bugzilla.redhat.com//show_bug.cgi?id=1567733
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 20180427115528.345-1-kraxel@redhat.com
(cherry picked from commit 5bd5c27c7d284d01477c5cc022ce22438c46bf9f)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/qxl-render.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/hw/display/qxl-render.c b/hw/display/qxl-render.c
index e7ac4f8789..c62b9a5e75 100644
--- a/hw/display/qxl-render.c
+++ b/hw/display/qxl-render.c
@@ -169,7 +169,8 @@ void qxl_render_update(PCIQXLDevice *qxl)
qemu_mutex_lock(&qxl->ssd.lock);
- if (!runstate_is_running() || !qxl->guest_primary.commands) {
+ if (!runstate_is_running() || !qxl->guest_primary.commands ||
+ qxl->mode == QXL_MODE_UNDEFINED) {
qxl_render_update_area_unlocked(qxl);
qemu_mutex_unlock(&qxl->ssd.lock);
return;

86
0050-machine-add-memory-encryption-prope.patch
View File

@ -1,86 +0,0 @@
From 969964dd7f15ac507887f58fccbb2623110bd8f6 Mon Sep 17 00:00:00 2001
From: Brijesh Singh <brijesh.singh@amd.com>
Date: Thu, 15 Feb 2018 09:03:20 -0600
Subject: [PATCH] machine: add -memory-encryption property
When CPU supports memory encryption feature, the property can be used to
specify the encryption object to use when launching an encrypted guest.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Cc: Stefan Hajnoczi <stefanha@gmail.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
[BR: FATE#322124]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/core/machine.c | 22 ++++++++++++++++++++++
include/hw/boards.h | 1 +
qemu-options.hx | 2 ++
3 files changed, 25 insertions(+)
diff --git a/hw/core/machine.c b/hw/core/machine.c
index 36c2fb069c..132c57bc51 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -335,6 +335,22 @@ static bool machine_get_enforce_config_section(Object *obj, Error **errp)
return ms->enforce_config_section;
}
+static char *machine_get_memory_encryption(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ return g_strdup(ms->memory_encryption);
+}
+
+static void machine_set_memory_encryption(Object *obj, const char *value,
+ Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ g_free(ms->memory_encryption);
+ ms->memory_encryption = g_strdup(value);
+}
+
static void error_on_sysbus_device(SysBusDevice *sbdev, void *opaque)
{
error_report("Option '-device %s' cannot be handled by this machine",
@@ -598,6 +614,12 @@ static void machine_class_init(ObjectClass *oc, void *data)
&error_abort);
object_class_property_set_description(oc, "enforce-config-section",
"Set on to enforce configuration section migration", &error_abort);
+
+ object_class_property_add_str(oc, "memory-encryption",
+ machine_get_memory_encryption, machine_set_memory_encryption,
+ &error_abort);
+ object_class_property_set_description(oc, "memory-encryption",
+ "Set memory encyption object to use", &error_abort);
}
static void machine_class_base_init(ObjectClass *oc, void *data)
diff --git a/include/hw/boards.h b/include/hw/boards.h
index 156b16f7a6..41fa577955 100644
--- a/include/hw/boards.h
+++ b/include/hw/boards.h
@@ -238,6 +238,7 @@ struct MachineState {
bool suppress_vmdesc;
bool enforce_config_section;
bool enable_graphics;
+ char *memory_encryption;
ram_addr_t ram_size;
ram_addr_t maxram_size;
diff --git a/qemu-options.hx b/qemu-options.hx
index 57f2c6a75f..617e5d5c20 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -104,6 +104,8 @@ code to send configuration section even if the machine-type sets the
@option{migration.send-configuration} property to @var{off}.
NOTE: this parameter is deprecated. Please use @option{-global}
@option{migration.send-configuration}=@var{on|off} instead.
+@item memory-encryption=@var{}
+Memory encryption object to use. The default is none.
@end table
ETEXI

83
0050-tcg-Limit-the-number-of-ops-in-a-TB.patch Normal file
View File

@ -0,0 +1,83 @@
From 4a80d570314e7d15b62ef1195b34ea635ec940fe Mon Sep 17 00:00:00 2001
From: Richard Henderson <richard.henderson@linaro.org>
Date: Tue, 8 May 2018 19:18:59 +0000
Subject: [PATCH] tcg: Limit the number of ops in a TB
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
In 6001f7729e12 we partially attempt to address the branch
displacement overflow caused by 15fa08f845.
However, gcc/testsuite/gcc.target/aarch64/advsimd-intrinsics/vqtbX.c
is a testcase that contains a TB so large as to overflow anyway.
The limit here of 8000 ops produces a maximum output TB size of
24112 bytes on a ppc64le host with that test case. This is still
much less than the maximum forward branch distance of 32764 bytes.
Cc: qemu-stable@nongnu.org
Fixes: 15fa08f845 ("tcg: Dynamically allocate TCGOps")
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
(cherry picked from commit abebf92597186be2bc48d487235da28b1127860f)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
tcg/tcg.c | 3 +++
tcg/tcg.h | 8 +++++++-
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/tcg/tcg.c b/tcg/tcg.c
index bb24526c93..66997cc653 100644
--- a/tcg/tcg.c
+++ b/tcg/tcg.c
@@ -866,6 +866,7 @@ void tcg_func_start(TCGContext *s)
/* No temps have been previously allocated for size or locality. */
memset(s->free_temps, 0, sizeof(s->free_temps));
+ s->nb_ops = 0;
s->nb_labels = 0;
s->current_frame_offset = s->frame_start;
@@ -1983,6 +1984,7 @@ void tcg_op_remove(TCGContext *s, TCGOp *op)
{
QTAILQ_REMOVE(&s->ops, op, link);
QTAILQ_INSERT_TAIL(&s->free_ops, op, link);
+ s->nb_ops--;
#ifdef CONFIG_PROFILER
atomic_set(&s->prof.del_op_count, s->prof.del_op_count + 1);
@@ -2002,6 +2004,7 @@ static TCGOp *tcg_op_alloc(TCGOpcode opc)
}
memset(op, 0, offsetof(TCGOp, link));
op->opc = opc;
+ s->nb_ops++;
return op;
}
diff --git a/tcg/tcg.h b/tcg/tcg.h
index 30896ca304..17cf764565 100644
--- a/tcg/tcg.h
+++ b/tcg/tcg.h
@@ -655,6 +655,7 @@ struct TCGContext {
int nb_globals;
int nb_temps;
int nb_indirects;
+ int nb_ops;
/* goto_tb support */
tcg_insn_unit *code_buf;
@@ -844,7 +845,12 @@ static inline TCGOp *tcg_last_op(void)
/* Test for whether to terminate the TB for using too many opcodes. */
static inline bool tcg_op_buf_full(void)
{
- return false;
+ /* This is not a hard limit, it merely stops translation when
+ * we have produced "enough" opcodes. We want to limit TB size
+ * such that a RISC host can reasonably use a 16-bit signed
+ * branch within the TB.
+ */
+ return tcg_ctx->nb_ops >= 8000;
}
/* pool based memory allocation */

118
0051-kvm-update-kvm.h-to-include-memory-.patch
View File

@ -1,118 +0,0 @@
From f62e734e8cbb2b31f23b9c0e8cb69ae1500a200b Mon Sep 17 00:00:00 2001
From: Brijesh Singh <brijesh.singh@amd.com>
Date: Thu, 15 Feb 2018 09:03:20 -0600
Subject: [PATCH] kvm: update kvm.h to include memory encryption ioctls
Updates kmv.h to include memory encryption ioctls and SEV commands.
Cc: Christian Borntraeger <borntraeger@de.ibm.com>
Cc: Cornelia Huck <cornelia.huck@de.ibm.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
[BR: FATE#322124]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
linux-headers/linux/kvm.h | 90 +++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 90 insertions(+)
diff --git a/linux-headers/linux/kvm.h b/linux-headers/linux/kvm.h
index d92c9b2f0e..aed2230995 100644
--- a/linux-headers/linux/kvm.h
+++ b/linux-headers/linux/kvm.h
@@ -1362,6 +1362,96 @@ struct kvm_s390_ucas_mapping {
/* Available with KVM_CAP_S390_CMMA_MIGRATION */
#define KVM_S390_GET_CMMA_BITS _IOWR(KVMIO, 0xb8, struct kvm_s390_cmma_log)
#define KVM_S390_SET_CMMA_BITS _IOW(KVMIO, 0xb9, struct kvm_s390_cmma_log)
+/* Memory Encryption Commands */
+#define KVM_MEMORY_ENCRYPT_OP _IOWR(KVMIO, 0xba, unsigned long)
+
+struct kvm_enc_region {
+ __u64 addr;
+ __u64 size;
+};
+
+#define KVM_MEMORY_ENCRYPT_REG_REGION _IOR(KVMIO, 0xbb, struct kvm_enc_region)
+#define KVM_MEMORY_ENCRYPT_UNREG_REGION _IOR(KVMIO, 0xbc, struct kvm_enc_region)
+
+/* Secure Encrypted Virtualization command */
+enum sev_cmd_id {
+ /* Guest initialization commands */
+ KVM_SEV_INIT = 0,
+ KVM_SEV_ES_INIT,
+ /* Guest launch commands */
+ KVM_SEV_LAUNCH_START,
+ KVM_SEV_LAUNCH_UPDATE_DATA,
+ KVM_SEV_LAUNCH_UPDATE_VMSA,
+ KVM_SEV_LAUNCH_SECRET,
+ KVM_SEV_LAUNCH_MEASURE,
+ KVM_SEV_LAUNCH_FINISH,
+ /* Guest migration commands (outgoing) */
+ KVM_SEV_SEND_START,
+ KVM_SEV_SEND_UPDATE_DATA,
+ KVM_SEV_SEND_UPDATE_VMSA,
+ KVM_SEV_SEND_FINISH,
+ /* Guest migration commands (incoming) */
+ KVM_SEV_RECEIVE_START,
+ KVM_SEV_RECEIVE_UPDATE_DATA,
+ KVM_SEV_RECEIVE_UPDATE_VMSA,
+ KVM_SEV_RECEIVE_FINISH,
+ /* Guest status and debug commands */
+ KVM_SEV_GUEST_STATUS,
+ KVM_SEV_DBG_DECRYPT,
+ KVM_SEV_DBG_ENCRYPT,
+ /* Guest certificates commands */
+ KVM_SEV_CERT_EXPORT,
+
+ KVM_SEV_NR_MAX,
+};
+
+struct kvm_sev_cmd {
+ __u32 id;
+ __u64 data;
+ __u32 error;
+ __u32 sev_fd;
+};
+
+struct kvm_sev_launch_start {
+ __u32 handle;
+ __u32 policy;
+ __u64 dh_uaddr;
+ __u32 dh_len;
+ __u64 session_uaddr;
+ __u32 session_len;
+};
+
+struct kvm_sev_launch_update_data {
+ __u64 uaddr;
+ __u32 len;
+};
+
+
+struct kvm_sev_launch_secret {
+ __u64 hdr_uaddr;
+ __u32 hdr_len;
+ __u64 guest_uaddr;
+ __u32 guest_len;
+ __u64 trans_uaddr;
+ __u32 trans_len;
+};
+
+struct kvm_sev_launch_measure {
+ __u64 uaddr;
+ __u32 len;
+};
+
+struct kvm_sev_guest_status {
+ __u32 handle;
+ __u32 policy;
+ __u32 state;
+};
+
+struct kvm_sev_dbg {
+ __u64 src_uaddr;
+ __u64 dst_uaddr;
+ __u32 len;
+};
#define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0)
#define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1)

63
0051-target-arm-Clear-SVE-high-bits-for-.patch Normal file
View File

@ -0,0 +1,63 @@
From 5c37a7c504f63919341d277486e941c64584d171 Mon Sep 17 00:00:00 2001
From: Richard Henderson <richard.henderson@linaro.org>
Date: Thu, 10 May 2018 18:10:58 +0100
Subject: [PATCH] target/arm: Clear SVE high bits for FMOV
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Use write_fp_dreg and clear_vec_high to zero the bits
that need zeroing for these cases.
Cc: qemu-stable@nongnu.org
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180502221552.3873-5-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
(cherry picked from commit 9a9f1f59521f46e8ff4527d9a2b52f83577e2aa3)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
target/arm/translate-a64.c | 17 +++++------------
1 file changed, 5 insertions(+), 12 deletions(-)
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
index c91329249d..a2c26a5f0a 100644
--- a/target/arm/translate-a64.c
+++ b/target/arm/translate-a64.c
@@ -5438,31 +5438,24 @@ static void handle_fmov(DisasContext *s, int rd, int rn, int type, bool itof)
if (itof) {
TCGv_i64 tcg_rn = cpu_reg(s, rn);
+ TCGv_i64 tmp;
switch (type) {
case 0:
- {
/* 32 bit */
- TCGv_i64 tmp = tcg_temp_new_i64();
+ tmp = tcg_temp_new_i64();
tcg_gen_ext32u_i64(tmp, tcg_rn);
- tcg_gen_st_i64(tmp, cpu_env, fp_reg_offset(s, rd, MO_64));
- tcg_gen_movi_i64(tmp, 0);
- tcg_gen_st_i64(tmp, cpu_env, fp_reg_hi_offset(s, rd));
+ write_fp_dreg(s, rd, tmp);
tcg_temp_free_i64(tmp);
break;
- }
case 1:
- {
/* 64 bit */
- TCGv_i64 tmp = tcg_const_i64(0);
- tcg_gen_st_i64(tcg_rn, cpu_env, fp_reg_offset(s, rd, MO_64));
- tcg_gen_st_i64(tmp, cpu_env, fp_reg_hi_offset(s, rd));
- tcg_temp_free_i64(tmp);
+ write_fp_dreg(s, rd, tcg_rn);
break;
- }
case 2:
/* 64 bit to top half. */
tcg_gen_st_i64(tcg_rn, cpu_env, fp_reg_hi_offset(s, rd));
+ clear_vec_high(s, true, rd);
break;
}
} else {

47
0052-cpus-tcg-fix-never-exiting-loop-on-.patch Normal file
View File

@ -0,0 +1,47 @@
From b75d0d531a92be9c7d4f8dbbb9ebf7d0cb6b4423 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Le=20Goater?= <clg@kaod.org>
Date: Wed, 25 Apr 2018 15:18:28 +0200
Subject: [PATCH] cpus: tcg: fix never exiting loop on unplug
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Commit 9b0605f9837b ("cpus: tcg: unregister thread with RCU, fix
exiting of loop on unplug") changed the exit condition of the loop in
the vCPU thread function but forgot to remove the beginning 'while (1)'
statement. The resulting code :
while (1) {
...
} while (!cpu->unplug || cpu_can_run(cpu));
is a sequence of two distinct two while() loops, the first not exiting
in case of an unplug event.
Remove the first while (1) to fix CPU unplug.
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20180425131828.15604-1-clg@kaod.org>
Cc: qemu-stable@nongnu.org
Fixes: 9b0605f9837b68fd56c7fc7c96a3a1a3b983687d
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
(cherry picked from commit 54961aac190df28d311802364d19e18d5cda8bab)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
cpus.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/cpus.c b/cpus.c
index ef39603cf9..b13112b8e2 100644
--- a/cpus.c
+++ b/cpus.c
@@ -1648,7 +1648,7 @@ static void *qemu_tcg_cpu_thread_fn(void *arg)
/* process any pending work */
cpu->exit_request = 1;
- while (1) {
+ do {
if (cpu_can_run(cpu)) {
int r;
qemu_mutex_unlock_iothread();

115
0052-docs-add-AMD-Secure-Encrypted-Virtu.patch
View File

@ -1,115 +0,0 @@
From 23745abd0c79cea6c85622263a46a33c3a96fefb Mon Sep 17 00:00:00 2001
From: Brijesh Singh <brijesh.singh@amd.com>
Date: Thu, 15 Feb 2018 09:03:20 -0600
Subject: [PATCH] docs: add AMD Secure Encrypted Virtualization (SEV)
Create a documentation entry to describe the AMD Secure Encrypted
Virtualization (SEV) feature.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
[BR: FATE#322124]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
docs/amd-memory-encryption.txt | 92 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 92 insertions(+)
create mode 100644 docs/amd-memory-encryption.txt
diff --git a/docs/amd-memory-encryption.txt b/docs/amd-memory-encryption.txt
new file mode 100644
index 0000000000..72a92b6c63
--- /dev/null
+++ b/docs/amd-memory-encryption.txt
@@ -0,0 +1,92 @@
+Secure Encrypted Virtualization (SEV) is a feature found on AMD processors.
+
+SEV is an extension to the AMD-V architecture which supports running encrypted
+virtual machine (VMs) under the control of KVM. Encrypted VMs have their pages
+(code and data) secured such that only the guest itself has access to the
+unencrypted version. Each encrypted VM is associated with a unique encryption
+key; if its data is accessed to a different entity using a different key the
+encrypted guests data will be incorrectly decrypted, leading to unintelligible
+data.
+
+The key management of this feature is handled by separate processor known as
+AMD secure processor (AMD-SP) which is present in AMD SOCs. Firmware running
+inside the AMD-SP provide commands to support common VM lifecycle. This
+includes commands for launching, snapshotting, migrating and debugging the
+encrypted guest. Those SEV command can be issued via KVM_MEMORY_ENCRYPT_OP
+ioctls.
+
+Launching
+---------
+Boot images (such as bios) must be encrypted before guest can be booted.
+MEMORY_ENCRYPT_OP ioctl provides commands to encrypt the images :LAUNCH_START,
+LAUNCH_UPDATE_DATA, LAUNCH_MEASURE and LAUNCH_FINISH. These four commands
+together generate a fresh memory encryption key for the VM, encrypt the boot
+images and provide a measurement than can be used as an attestation of the
+successful launch.
+
+LAUNCH_START is called first to create a cryptographic launch context within
+the firmware. To create this context, guest owner must provides guest policy,
+its public Diffie-Hellman key (PDH) and session parameters. These inputs
+should be treated as binary blob and must be passed as-is to the SEV firmware.
+
+The guest policy is passed as plaintext and hypervisor may able to read it
+but should not modify it (any modification of the policy bits will result
+in bad measurement). The guest policy is a 4-byte data structure containing
+several flags that restricts what can be done on running SEV guest.
+See KM Spec section 3 and 6.2 for more details.
+
+Guest owners provided DH certificate and session parameters will be used to
+establish a cryptographic session with the guest owner to negotiate keys used
+for the attestation.
+
+LAUNCH_UPDATE_DATA encrypts the memory region using the cryptographic context
+created via LAUNCH_START command. If required, this command can be called
+multiple times to encrypt different memory regions. The command also calculates
+the measurement of the memory contents as it encrypts.
+
+LAUNCH_MEASURE command can be used to retrieve the measurement of encrypted
+memory. This measurement is a signature of the memory contents that can be
+sent to the guest owner as an attestation that the memory was encrypted
+correctly by the firmware. The guest owner may wait to provide the guest
+confidential information until it can verify the attestation measurement.
+Since the guest owner knows the initial contents of the guest at boot, the
+attestation measurement can be verified by comparing it to what the guest owner
+expects.
+
+LAUNCH_FINISH command finalizes the guest launch and destroy's the cryptographic
+context.
+
+See SEV KM API Spec [1] 'Launching a guest' usage flow (Appendix A) for the
+complete flow chart.
+
+Debugging
+-----------
+Since memory contents of SEV guest is encrypted hence hypervisor access to the
+guest memory will get a cipher text. If guest policy allows debugging, then
+hypervisor can use DEBUG_DECRYPT and DEBUG_ENCRYPT commands access the guest
+memory region for debug purposes.
+
+Snapshot/Restore
+-----------------
+TODO
+
+Live Migration
+----------------
+TODO
+
+References
+-----------------
+
+AMD Memory Encryption whitepaper:
+http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf
+
+Secure Encrypted Virutualization Key Management:
+[1] http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf
+
+KVM Forum slides:
+http://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf
+
+AMD64 Architecture Programmer's Manual:
+ http://support.amd.com/TechDocs/24593.pdf
+ SME is section 7.10
+ SEV is section 15.34

48
0053-s390x-css-disabled-subchannels-cann.patch Normal file
View File

@ -0,0 +1,48 @@
From 2b39c3abb35d0725bd94b21475737098fbea22ff Mon Sep 17 00:00:00 2001
From: Cornelia Huck <cohuck@redhat.com>
Date: Fri, 4 May 2018 14:53:16 +0200
Subject: [PATCH] s390x/css: disabled subchannels cannot be status pending
The 3270 code will try to post an attention interrupt when the
3270 emulator (e.g. x3270) attaches. If the guest has not yet
enabled the subchannel for the 3270 device, we will present a spurious
cc 1 (status pending) when it uses msch on it later on, e.g. when
trying to enable the subchannel.
To fix this, just don't do anything in css_conditional_io_interrupt()
if the subchannel is not enabled. The 3270 code will work fine with
that, and the other user of this function (virtio-ccw) never
attempts to post an interrupt for a disabled device to begin with.
CC: qemu-stable@nongnu.org
Reported-by: Thomas Huth <thuth@redhat.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Acked-by: Halil Pasic <pasic@linux.ibm.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
(cherry picked from commit 6e9c893ecd00afd5344c35d0d0ded50eaa0938f6)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/s390x/css.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/hw/s390x/css.c b/hw/s390x/css.c
index 301bf1772f..56c3fa8c89 100644
--- a/hw/s390x/css.c
+++ b/hw/s390x/css.c
@@ -616,6 +616,14 @@ void css_inject_io_interrupt(SubchDev *sch)
void css_conditional_io_interrupt(SubchDev *sch)
{
+ /*
+ * If the subchannel is not enabled, it is not made status pending
+ * (see PoP p. 16-17, "Status Control").
+ */
+ if (!(sch->curr_status.pmcw.flags & PMCW_FLAGS_MASK_ENA)) {
+ return;
+ }
+
/*
* If the subchannel is not currently status pending, make it pending
* with alert status.

425
0053-target-i386-add-Secure-Encrypted-Vi.patch
View File

@ -1,425 +0,0 @@
From 3ab22b287a2ea323cb0b4d6daf9fc2177b6dec1c Mon Sep 17 00:00:00 2001
From: Brijesh Singh <brijesh.singh@amd.com>
Date: Thu, 15 Feb 2018 09:03:21 -0600
Subject: [PATCH] target/i386: add Secure Encrypted Virtulization (SEV) object
Add a new memory encryption object 'sev-guest'. The object will be used
to create enrypted VMs on AMD EPYC CPU. The object provides the properties
to pass guest owner's public Diffie-hellman key, guest policy and session
information required to create the memory encryption context within the
SEV firmware.
e.g to launch SEV guest
# $QEMU \
-object sev-guest,id=sev0 \
-machine ....,memory-encryption=sev0
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
[BR: FATE#322124]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
docs/amd-memory-encryption.txt | 17 +++
include/sysemu/sev.h | 54 ++++++++++
qemu-options.hx | 36 +++++++
target/i386/Makefile.objs | 2 +-
target/i386/sev.c | 228 +++++++++++++++++++++++++++++++++++++++++
5 files changed, 336 insertions(+), 1 deletion(-)
create mode 100644 include/sysemu/sev.h
create mode 100644 target/i386/sev.c
diff --git a/docs/amd-memory-encryption.txt b/docs/amd-memory-encryption.txt
index 72a92b6c63..1527f603ea 100644
--- a/docs/amd-memory-encryption.txt
+++ b/docs/amd-memory-encryption.txt
@@ -35,10 +35,21 @@ in bad measurement). The guest policy is a 4-byte data structure containing
several flags that restricts what can be done on running SEV guest.
See KM Spec section 3 and 6.2 for more details.
+The guest policy can be provided via the 'policy' property (see below)
+
+# ${QEMU} \
+ sev-guest,id=sev0,policy=0x1...\
+
Guest owners provided DH certificate and session parameters will be used to
establish a cryptographic session with the guest owner to negotiate keys used
for the attestation.
+The DH certificate and session blob can be provided via 'dh-cert-file' and
+'session-file' property (see below
+
+# ${QEMU} \
+ sev-guest,id=sev0,dh-cert-file=<file1>,session-file=<file2>
+
LAUNCH_UPDATE_DATA encrypts the memory region using the cryptographic context
created via LAUNCH_START command. If required, this command can be called
multiple times to encrypt different memory regions. The command also calculates
@@ -59,6 +70,12 @@ context.
See SEV KM API Spec [1] 'Launching a guest' usage flow (Appendix A) for the
complete flow chart.
+To launch a SEV guest
+
+# ${QEMU} \
+ -machine ...,memory-encryption=sev0 \
+ -object sev-guest,id=sev0
+
Debugging
-----------
Since memory contents of SEV guest is encrypted hence hypervisor access to the
diff --git a/include/sysemu/sev.h b/include/sysemu/sev.h
new file mode 100644
index 0000000000..a1936a7a79
--- /dev/null
+++ b/include/sysemu/sev.h
@@ -0,0 +1,54 @@
+/*
+ * QEMU Secure Encrypted Virutualization (SEV) support
+ *
+ * Copyright: Advanced Micro Devices, 2016-2018
+ *
+ * Authors:
+ * Brijesh Singh <brijesh.singh@amd.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#ifndef QEMU_SEV_H
+#define QEMU_SEV_H
+
+#include "qom/object.h"
+#include "qapi/error.h"
+#include "sysemu/kvm.h"
+#include "qemu/error-report.h"
+
+#define TYPE_QSEV_GUEST_INFO "sev-guest"
+#define QSEV_GUEST_INFO(obj) \
+ OBJECT_CHECK(QSevGuestInfo, (obj), TYPE_QSEV_GUEST_INFO)
+
+typedef struct QSevGuestInfo QSevGuestInfo;
+typedef struct QSevGuestInfoClass QSevGuestInfoClass;
+
+/**
+ * QSevGuestInfo:
+ *
+ * The QSevGuestInfo object is used for creating a SEV guest.
+ *
+ * # $QEMU \
+ * -object sev-guest,id=sev0 \
+ * -machine ...,memory-encryption=sev0
+ */
+struct QSevGuestInfo {
+ Object parent_obj;
+
+ char *sev_device;
+ uint32_t policy;
+ uint32_t handle;
+ char *dh_cert_file;
+ char *session_file;
+ uint32_t cbitpos;
+ uint32_t reduced_phys_bits;
+};
+
+struct QSevGuestInfoClass {
+ ObjectClass parent_class;
+};
+
+#endif
diff --git a/qemu-options.hx b/qemu-options.hx
index 617e5d5c20..ab8d089f29 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -4471,6 +4471,42 @@ contents of @code{iv.b64} to the second secret
data=$SECRET,iv=$(<iv.b64)
@end example
+@item -object sev-guest,id=@var{id},sev-device=@var{string}[cbitpos=@var{cbitpos},policy=@var{policy},handle=@var{handle},dh-cert-file=@var{file},session-file=@var{file}]
+
+Create a Secure Encrypted Virtualization (SEV) guest object, which can be used
+to provide the guest memory encryption support on AMD processors.
+
+The @option{sev-device} provides the device file to use for communicating with
+the SEV firmware running inside AMD Secure Processor. The default device is
+'/dev/sev'. If hardware supports memory encryption then /dev/sev devices are
+created by CCP driver.
+
+The @option{cbitpos} provide the C-bit location in guest page table entry to use.
+
+The @option{policy} provides the guest policy to be enforced by the SEV firmware
+and restrict what configuration and operational commands can be performed on this
+guest by the hypervisor. The policy should be provided by the guest owner and is
+bound to the guest and cannot be changed throughout the lifetime of the guest.
+The default is 0.
+
+If guest @option{policy} allows sharing the key with another SEV guest then
+@option{handle} can be use to provide handle of the guest from which to share
+the key.
+
+The @option{dh-cert-file} and @option{session-file} provides the guest owner's
+Public Diffie-Hillman key defined in SEV spec. The PDH and session parameters
+are used for establishing a cryptographic session with the guest owner to
+negotiate keys used for attestation. The file must be encoded in base64.
+
+e.g to launch a SEV guest
+@example
+ # $QEMU \
+ ......
+ -object sev-guest,id=sev0 \
+ -machine ...,memory-encryption=sev0
+ .....
+
+@end example
@end table
ETEXI
diff --git a/target/i386/Makefile.objs b/target/i386/Makefile.objs
index 6a26e9d9f0..682f029c45 100644
--- a/target/i386/Makefile.objs
+++ b/target/i386/Makefile.objs
@@ -4,7 +4,7 @@ obj-$(CONFIG_TCG) += bpt_helper.o cc_helper.o excp_helper.o fpu_helper.o
obj-$(CONFIG_TCG) += int_helper.o mem_helper.o misc_helper.o mpx_helper.o
obj-$(CONFIG_TCG) += seg_helper.o smm_helper.o svm_helper.o
obj-$(CONFIG_SOFTMMU) += machine.o arch_memory_mapping.o arch_dump.o monitor.o
-obj-$(CONFIG_KVM) += kvm.o hyperv.o
+obj-$(CONFIG_KVM) += kvm.o hyperv.o sev.o
obj-$(call lnot,$(CONFIG_KVM)) += kvm-stub.o
# HAX support
ifdef CONFIG_WIN32
diff --git a/target/i386/sev.c b/target/i386/sev.c
new file mode 100644
index 0000000000..f07c646577
--- /dev/null
+++ b/target/i386/sev.c
@@ -0,0 +1,228 @@
+/*
+ * QEMU SEV support
+ *
+ * Copyright Advanced Micro Devices 2016-2018
+ *
+ * Author:
+ * Brijesh Singh <brijesh.singh@amd.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "qom/object_interfaces.h"
+#include "qemu/base64.h"
+#include "sysemu/kvm.h"
+#include "sysemu/sev.h"
+#include "sysemu/sysemu.h"
+
+#define DEFAULT_GUEST_POLICY 0x1 /* disable debug */
+#define DEFAULT_SEV_DEVICE "/dev/sev"
+
+static void
+qsev_guest_finalize(Object *obj)
+{
+}
+
+static char *
+qsev_guest_get_session_file(Object *obj, Error **errp)
+{
+ QSevGuestInfo *s = QSEV_GUEST_INFO(obj);
+
+ return s->session_file ? g_strdup(s->session_file) : NULL;
+}
+
+static void
+qsev_guest_set_session_file(Object *obj, const char *value, Error **errp)
+{
+ QSevGuestInfo *s = QSEV_GUEST_INFO(obj);
+
+ s->session_file = g_strdup(value);
+}
+
+static char *
+qsev_guest_get_dh_cert_file(Object *obj, Error **errp)
+{
+ QSevGuestInfo *s = QSEV_GUEST_INFO(obj);
+
+ return g_strdup(s->dh_cert_file);
+}
+
+static void
+qsev_guest_set_dh_cert_file(Object *obj, const char *value, Error **errp)
+{
+ QSevGuestInfo *s = QSEV_GUEST_INFO(obj);
+
+ s->dh_cert_file = g_strdup(value);
+}
+
+static char *
+qsev_guest_get_sev_device(Object *obj, Error **errp)
+{
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+
+ return g_strdup(sev->sev_device);
+}
+
+static void
+qsev_guest_set_sev_device(Object *obj, const char *value, Error **errp)
+{
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+
+ sev->sev_device = g_strdup(value);
+}
+
+static void
+qsev_guest_class_init(ObjectClass *oc, void *data)
+{
+ object_class_property_add_str(oc, "sev-device",
+ qsev_guest_get_sev_device,
+ qsev_guest_set_sev_device,
+ NULL);
+ object_class_property_set_description(oc, "sev-device",
+ "SEV device to use", NULL);
+ object_class_property_add_str(oc, "dh-cert-file",
+ qsev_guest_get_dh_cert_file,
+ qsev_guest_set_dh_cert_file,
+ NULL);
+ object_class_property_set_description(oc, "dh-cert-file",
+ "guest owners DH certificate (encoded with base64)", NULL);
+ object_class_property_add_str(oc, "session-file",
+ qsev_guest_get_session_file,
+ qsev_guest_set_session_file,
+ NULL);
+ object_class_property_set_description(oc, "session-file",
+ "guest owners session parameters (encoded with base64)", NULL);
+}
+
+static void
+qsev_guest_set_handle(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+ uint32_t value;
+
+ visit_type_uint32(v, name, &value, errp);
+ sev->handle = value;
+}
+
+static void
+qsev_guest_set_policy(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+ uint32_t value;
+
+ visit_type_uint32(v, name, &value, errp);
+ sev->policy = value;
+}
+
+static void
+qsev_guest_set_cbitpos(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+ uint32_t value;
+
+ visit_type_uint32(v, name, &value, errp);
+ sev->cbitpos = value;
+}
+
+static void
+qsev_guest_set_reduced_phys_bits(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+ uint32_t value;
+
+ visit_type_uint32(v, name, &value, errp);
+ sev->reduced_phys_bits = value;
+}
+
+static void
+qsev_guest_get_policy(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ uint32_t value;
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+
+ value = sev->policy;
+ visit_type_uint32(v, name, &value, errp);
+}
+
+static void
+qsev_guest_get_handle(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ uint32_t value;
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+
+ value = sev->handle;
+ visit_type_uint32(v, name, &value, errp);
+}
+
+static void
+qsev_guest_get_cbitpos(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ uint32_t value;
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+
+ value = sev->cbitpos;
+ visit_type_uint32(v, name, &value, errp);
+}
+
+static void
+qsev_guest_get_reduced_phys_bits(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ uint32_t value;
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+
+ value = sev->reduced_phys_bits;
+ visit_type_uint32(v, name, &value, errp);
+}
+
+static void
+qsev_guest_init(Object *obj)
+{
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+
+ sev->sev_device = g_strdup(DEFAULT_SEV_DEVICE);
+ sev->policy = DEFAULT_GUEST_POLICY;
+ object_property_add(obj, "policy", "uint32", qsev_guest_get_policy,
+ qsev_guest_set_policy, NULL, NULL, NULL);
+ object_property_add(obj, "handle", "uint32", qsev_guest_get_handle,
+ qsev_guest_set_handle, NULL, NULL, NULL);
+ object_property_add(obj, "cbitpos", "uint32", qsev_guest_get_cbitpos,
+ qsev_guest_set_cbitpos, NULL, NULL, NULL);
+ object_property_add(obj, "reduced-phys-bits", "uint32",
+ qsev_guest_get_reduced_phys_bits,
+ qsev_guest_set_reduced_phys_bits, NULL, NULL, NULL);
+}
+
+/* sev guest info */
+static const TypeInfo qsev_guest_info = {
+ .parent = TYPE_OBJECT,
+ .name = TYPE_QSEV_GUEST_INFO,
+ .instance_size = sizeof(QSevGuestInfo),
+ .instance_finalize = qsev_guest_finalize,
+ .class_size = sizeof(QSevGuestInfoClass),
+ .class_init = qsev_guest_class_init,
+ .instance_init = qsev_guest_init,
+ .interfaces = (InterfaceInfo[]) {
+ { TYPE_USER_CREATABLE },
+ { }
+ }
+};
+
+static void
+sev_register_types(void)
+{
+ type_register_static(&qsev_guest_info);
+}
+
+type_init(sev_register_types);

44
0054-pc-bios-s390-ccw-struct-tpi_info-mu.patch Normal file
View File

@ -0,0 +1,44 @@
From 3179a2220ee4fbb087446148ab231898eae01fce Mon Sep 17 00:00:00 2001
From: Thomas Huth <thuth@redhat.com>
Date: Tue, 8 May 2018 12:17:52 +0200
Subject: [PATCH] pc-bios/s390-ccw: struct tpi_info must be declared as
aligned(4)
I've run into a compilation error today with the current version of GCC 8:
In file included from s390-ccw.h:49,
from main.c:12:
cio.h:128:1: error: alignment 1 of 'struct tpi_info' is less than 4 [-Werror=packed-not-aligned]
} __attribute__ ((packed));
^
cc1: all warnings being treated as errors
Since the struct tpi_info contains an element ("struct subchannel_id schid")
which is marked as aligned(4), we've got to mark the struct tpi_info as
aligned(4), too.
CC: qemu-stable@nongnu.org
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1525774672-11913-1-git-send-email-thuth@redhat.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
(cherry picked from commit a6e4385dea94850d7b06b0542e7960c1063fdabd)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
pc-bios/s390-ccw/cio.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pc-bios/s390-ccw/cio.h b/pc-bios/s390-ccw/cio.h
index 55eaeee4b6..1a0795f645 100644
--- a/pc-bios/s390-ccw/cio.h
+++ b/pc-bios/s390-ccw/cio.h
@@ -125,7 +125,7 @@ struct tpi_info {
__u32 reserved3 : 12;
__u32 int_type : 3;
__u32 reserved4 : 12;
-} __attribute__ ((packed));
+} __attribute__ ((packed, aligned(4)));
/* channel command word (type 1) */
struct ccw1 {

109
0054-qmp-add-query-sev-command.patch
View File

@ -1,109 +0,0 @@
From 25703182278f403f2d8ff608aadabb5c4f0f3398 Mon Sep 17 00:00:00 2001
From: Brijesh Singh <brijesh.singh@amd.com>
Date: Thu, 15 Feb 2018 09:03:21 -0600
Subject: [PATCH] qmp: add query-sev command
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The QMP query command can used to retrieve the SEV information when
memory encryption is enabled on AMD platform.
Cc: Eric Blake <eblake@redhat.com>
Cc: "Daniel P. Berrangé" <berrange@redhat.com>
Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
[BR: FATE#322124]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
qapi-schema.json | 57 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
qmp.c | 6 ++++++
2 files changed, 63 insertions(+)
diff --git a/qapi-schema.json b/qapi-schema.json
index 18457954a8..91a8a74f81 100644
--- a/qapi-schema.json
+++ b/qapi-schema.json
@@ -3200,3 +3200,60 @@
# Since: 2.11
##
{ 'command': 'watchdog-set-action', 'data' : {'action': 'WatchdogAction'} }
+
+##
+# @SevState:
+#
+# An enumeration of SEV state information used during @query-sev.
+#
+# Since: 2.12
+##
+{ 'enum': 'SevState',
+ 'data': ['uninit', 'lupdate', 'lsecret', 'running', 'supdate', 'rupdate' ] }
+
+##
+# @SevInfo:
+#
+# Information about Secure Encrypted Virtualization (SEV) support
+#
+# @enabled: true if SEV is active
+#
+# @api-major: SEV API major version
+#
+# @api-minor: SEV API minor version
+#
+# @build-id: SEV FW build id
+#
+# @policy: SEV policy value
+#
+# @state: SEV guest state
+#
+# Since: 2.12
+##
+{ 'struct': 'SevInfo',
+ 'data': { 'enabled': 'bool',
+ 'api-major': 'uint8',
+ 'api-minor' : 'uint8',
+ 'build-id' : 'uint8',
+ 'policy' : 'uint32',
+ 'state' : 'SevState'
+ }
+}
+
+##
+# @query-sev:
+#
+# Returns information about SEV
+#
+# Returns: @SevInfo
+#
+# Since: 2.12
+#
+# Example:
+#
+# -> { "execute": "query-sev" }
+# <- { "return": { "enabled": true, "api-major" : 0, "api-minor" : 0,
+# "build-id" : 0, "policy" : 0, "state" : "running" } }
+#
+##
+{ 'command': 'query-sev', 'returns': 'SevInfo' }
diff --git a/qmp.c b/qmp.c
index e8c303116a..75b5a349b0 100644
--- a/qmp.c
+++ b/qmp.c
@@ -37,6 +37,7 @@
#include "qom/object_interfaces.h"
#include "hw/mem/pc-dimm.h"
#include "hw/acpi/acpi_dev_interface.h"
+#include "sysemu/sev.h"
NameInfo *qmp_query_name(Error **errp)
{
@@ -722,3 +723,8 @@ MemoryInfo *qmp_query_memory_size_summary(Error **errp)
return mem_info;
}
+
+SevInfo *qmp_query_sev(Error **errp)
+{
+ return NULL;
+}

405
0055-sev-i386-add-command-to-initialize-.patch
View File

@ -1,405 +0,0 @@
From dcba83a5b2ba19c6b143734ac392e678e8e710c2 Mon Sep 17 00:00:00 2001
From: Brijesh Singh <brijesh.singh@amd.com>
Date: Thu, 15 Feb 2018 09:03:21 -0600
Subject: [PATCH] sev/i386: add command to initialize the memory encryption
context
When memory encryption is enabled, KVM_SEV_INIT command is used to
initialize the platform. The command loads the SEV related persistent
data from non-volatile storage and initializes the platform context.
This command should be first issued before invoking any other guest
commands provided by the SEV firmware.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
[BR: FATE#322124]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
accel/kvm/kvm-all.c | 15 ++++
include/sysemu/sev.h | 19 +++++
stubs/Makefile.objs | 1 +
stubs/sev.c | 54 ++++++++++++++
target/i386/sev.c | 191 +++++++++++++++++++++++++++++++++++++++++++++++
target/i386/trace-events | 3 +
6 files changed, 283 insertions(+)
create mode 100644 stubs/sev.c
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index f290f487a5..6e5f3fd650 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -38,6 +38,7 @@
#include "qemu/event_notifier.h"
#include "trace.h"
#include "hw/irq.h"
+#include "sysemu/sev.h"
#include "hw/boards.h"
@@ -103,6 +104,9 @@ struct KVMState
#endif
KVMMemoryListener memory_listener;
QLIST_HEAD(, KVMParkedVcpu) kvm_parked_vcpus;
+
+ /* memory encryption */
+ void *memcrypt_handle;
};
KVMState *kvm_state;
@@ -1632,6 +1636,17 @@ static int kvm_init(MachineState *ms)
kvm_state = s;
+ /*
+ * if memory encryption object is specified then initialize the memory
+ * encryption context.
+ */
+ if (ms->memory_encryption) {
+ kvm_state->memcrypt_handle = sev_guest_init(ms->memory_encryption);
+ if (!kvm_state->memcrypt_handle) {
+ goto err;
+ }
+ }
+
ret = kvm_arch_init(ms, s);
if (ret < 0) {
goto err;
diff --git a/include/sysemu/sev.h b/include/sysemu/sev.h
index a1936a7a79..5c8c549b68 100644
--- a/include/sysemu/sev.h
+++ b/include/sysemu/sev.h
@@ -14,15 +14,26 @@
#ifndef QEMU_SEV_H
#define QEMU_SEV_H
+#include <linux/kvm.h>
+
#include "qom/object.h"
#include "qapi/error.h"
#include "sysemu/kvm.h"
#include "qemu/error-report.h"
+#include "qapi-types.h"
#define TYPE_QSEV_GUEST_INFO "sev-guest"
#define QSEV_GUEST_INFO(obj) \
OBJECT_CHECK(QSevGuestInfo, (obj), TYPE_QSEV_GUEST_INFO)
+extern bool sev_enabled(void);
+extern uint64_t sev_get_me_mask(void);
+extern SevState sev_get_current_state(void);
+extern void sev_get_fw_version(uint8_t *major, uint8_t *minor, uint8_t *build);
+extern void sev_get_policy(uint32_t *policy);
+extern uint32_t sev_get_cbit_position(void);
+extern uint32_t sev_get_reduced_phys_bits(void);
+
typedef struct QSevGuestInfo QSevGuestInfo;
typedef struct QSevGuestInfoClass QSevGuestInfoClass;
@@ -51,4 +62,12 @@ struct QSevGuestInfoClass {
ObjectClass parent_class;
};
+struct SEVState {
+ QSevGuestInfo *sev_info;
+};
+
+typedef struct SEVState SEVState;
+
+void *sev_guest_init(const char *id);
+
#endif
diff --git a/stubs/Makefile.objs b/stubs/Makefile.objs
index 8cfe34328a..b3bbbe62c0 100644
--- a/stubs/Makefile.objs
+++ b/stubs/Makefile.objs
@@ -42,3 +42,4 @@ stub-obj-y += vmgenid.o
stub-obj-y += xen-common.o
stub-obj-y += xen-hvm.o
stub-obj-y += pci-host-piix.o
+stub-obj-y += sev.o
diff --git a/stubs/sev.c b/stubs/sev.c
new file mode 100644
index 0000000000..24c7b0c3e0
--- /dev/null
+++ b/stubs/sev.c
@@ -0,0 +1,54 @@
+/*
+ * QEMU SEV stub
+ *
+ * Copyright Advanced Micro Devices 2018
+ *
+ * Authors:
+ * Brijesh Singh <brijesh.singh@amd.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qemu-common.h"
+#include "sysemu/sev.h"
+
+SevState sev_get_current_state(void)
+{
+ return SEV_STATE_UNINIT;
+}
+
+bool sev_enabled(void)
+{
+ return false;
+}
+
+void *sev_guest_init(const char *id)
+{
+ return NULL;
+}
+
+uint64_t sev_get_me_mask(void)
+{
+ return ~0UL;
+}
+
+uint32_t sev_get_cbit_position(void)
+{
+ return 0;
+}
+
+uint32_t sev_get_reduced_phys_bits(void)
+{
+ return 0;
+}
+
+void sev_get_fw_version(uint8_t *major, uint8_t *minor, uint8_t *build)
+{
+}
+
+void sev_get_policy(uint32_t *policy)
+{
+}
diff --git a/target/i386/sev.c b/target/i386/sev.c
index f07c646577..f9a8748d19 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -18,10 +18,76 @@
#include "sysemu/kvm.h"
#include "sysemu/sev.h"
#include "sysemu/sysemu.h"
+#include "trace.h"
#define DEFAULT_GUEST_POLICY 0x1 /* disable debug */
#define DEFAULT_SEV_DEVICE "/dev/sev"
+static uint64_t me_mask;
+static bool sev_active;
+static int sev_fd;
+static uint32_t x86_cbitpos;
+static uint32_t x86_reduced_phys_bits;
+
+static const char *const sev_fw_errlist[] = {
+ "",
+ "Platform state is invalid",
+ "Guest state is invalid",
+ "Platform configuration is invalid",
+ "Buffer too small",
+ "Platform is already owned",
+ "Certificate is invalid",
+ "Policy is not allowed",
+ "Guest is not active",
+ "Invalid address",
+ "Bad signature",
+ "Bad measurement",
+ "Asid is already owned",
+ "Invalid ASID",
+ "WBINVD is required",
+ "DF_FLUSH is required",
+ "Guest handle is invalid",
+ "Invalid command",
+ "Guest is active",
+ "Hardware error",
+ "Hardware unsafe",
+ "Feature not supported",
+ "Invalid parameter"
+};
+
+#define SEV_FW_MAX_ERROR ARRAY_SIZE(sev_fw_errlist)
+
+static int
+sev_ioctl(int cmd, void *data, int *error)
+{
+ int r;
+ struct kvm_sev_cmd input;
+
+ memset(&input, 0x0, sizeof(input));
+
+ input.id = cmd;
+ input.sev_fd = sev_fd;
+ input.data = (__u64)data;
+
+ r = kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_OP, &input);
+
+ if (error) {
+ *error = input.error;
+ }
+
+ return r;
+}
+
+static const char *
+fw_error_to_str(int code)
+{
+ if (code >= SEV_FW_MAX_ERROR) {
+ return "unknown error";
+ }
+
+ return sev_fw_errlist[code];
+}
+
static void
qsev_guest_finalize(Object *obj)
{
@@ -219,6 +285,131 @@ static const TypeInfo qsev_guest_info = {
}
};
+static QSevGuestInfo *
+lookup_sev_guest_info(const char *id)
+{
+ Object *obj;
+ QSevGuestInfo *info;
+
+ obj = object_resolve_path_component(object_get_objects_root(), id);
+ if (!obj) {
+ return NULL;
+ }
+
+ info = (QSevGuestInfo *)
+ object_dynamic_cast(obj, TYPE_QSEV_GUEST_INFO);
+ if (!info) {
+ return NULL;
+ }
+
+ return info;
+}
+
+uint64_t
+sev_get_me_mask(void)
+{
+ return ~me_mask;
+}
+
+uint32_t
+sev_get_cbit_position(void)
+{
+ return x86_cbitpos;
+}
+
+uint32_t
+sev_get_reduced_phys_bits(void)
+{
+ return x86_reduced_phys_bits;
+}
+
+SevState
+sev_get_current_state(void)
+{
+ return SEV_STATE_UNINIT;
+}
+
+bool
+sev_enabled(void)
+{
+ return sev_active;
+}
+
+void
+sev_get_fw_version(uint8_t *major, uint8_t *minor, uint8_t *build)
+{
+}
+
+void
+sev_get_policy(uint32_t *policy)
+{
+}
+
+void *
+sev_guest_init(const char *id)
+{
+ SEVState *s;
+ char *devname;
+ int ret, fw_error;
+ uint32_t ebx;
+ uint32_t host_cbitpos, cbitpos;
+ uint32_t host_reduced_phys_bits, reduced_phys_bits;
+
+ s = g_new0(SEVState, 1);
+ s->sev_info = lookup_sev_guest_info(id);
+ if (!s->sev_info) {
+ error_report("%s: '%s' is not a valid '%s' object",
+ __func__, id, TYPE_QSEV_GUEST_INFO);
+ goto err;
+ }
+
+ host_cpuid(0x8000001F, 0, NULL, &ebx, NULL, NULL);
+ host_cbitpos = ebx & 0x3f;
+ host_reduced_phys_bits = (ebx >> 6) & 0x3f;
+
+ cbitpos = object_property_get_int(OBJECT(s->sev_info), "cbitpos", NULL);
+ if (host_cbitpos != cbitpos) {
+ error_report("%s: cbitpos check failed, host '%d' requested '%d'",
+ __func__, host_cbitpos, cbitpos);
+ goto err;
+ }
+
+ reduced_phys_bits = object_property_get_int(OBJECT(s->sev_info),
+ "reduced-phys-bits", NULL);
+ if (host_reduced_phys_bits != reduced_phys_bits) {
+ error_report("%s: reduced_phys_bits check failed,"
+ "host '%d' requested '%d'", __func__,
+ host_reduced_phys_bits, reduced_phys_bits);
+ goto err;
+ }
+
+ devname = object_property_get_str(OBJECT(s->sev_info), "sev-device", NULL);
+ sev_fd = open(devname, O_RDWR);
+ if (sev_fd < 0) {
+ error_report("%s: Failed to open %s '%s'", __func__,
+ devname, strerror(errno));
+ goto err;
+ }
+ g_free(devname);
+
+ trace_kvm_sev_init();
+ ret = sev_ioctl(KVM_SEV_INIT, NULL, &fw_error);
+ if (ret) {
+ error_report("%s: failed to initialize ret=%d fw_error=%d '%s'",
+ __func__, ret, fw_error, fw_error_to_str(fw_error));
+ goto err;
+ }
+
+ me_mask = (1UL << cbitpos);
+ x86_reduced_phys_bits = reduced_phys_bits;
+ x86_cbitpos = cbitpos;
+ sev_active = true;
+ return s;
+err:
+ g_free(s);
+ return NULL;
+}
+
static void
sev_register_types(void)
{
diff --git a/target/i386/trace-events b/target/i386/trace-events
index 3153fd4454..797b716751 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -5,3 +5,6 @@ kvm_x86_fixup_msi_error(uint32_t gsi) "VT-d failed to remap interrupt for GSI %"
kvm_x86_add_msi_route(int virq) "Adding route entry for virq %d"
kvm_x86_remove_msi_route(int virq) "Removing route entry for virq %d"
kvm_x86_update_msi_routes(int num) "Updated %d MSI routes"
+
+# target/i386/sev.c
+kvm_sev_init(void) ""

127
0055-virtio-ccw-common-reset-handler.patch Normal file
View File

@ -0,0 +1,127 @@
From ffc072689e4202e198ea8e8a3df4ec128e53bbea Mon Sep 17 00:00:00 2001
From: Cornelia Huck <cohuck@redhat.com>
Date: Mon, 7 May 2018 15:05:42 +0200
Subject: [PATCH] virtio-ccw: common reset handler
All the different virtio ccw devices use the same reset handler,
so let's move setting it into the base virtio ccw device class.
CC: qemu-stable@nongnu.org
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Halil Pasic <pasic@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
(cherry picked from commit 0c53057adb04d254bc09511880670c92ab185fc6)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/s390x/virtio-ccw.c | 13 +------------
1 file changed, 1 insertion(+), 12 deletions(-)
diff --git a/hw/s390x/virtio-ccw.c b/hw/s390x/virtio-ccw.c
index e51fbefd23..40a33302a7 100644
--- a/hw/s390x/virtio-ccw.c
+++ b/hw/s390x/virtio-ccw.c
@@ -1345,7 +1345,6 @@ static void virtio_ccw_net_class_init(ObjectClass *klass, void *data)
k->realize = virtio_ccw_net_realize;
k->unrealize = virtio_ccw_unrealize;
- dc->reset = virtio_ccw_reset;
dc->props = virtio_ccw_net_properties;
set_bit(DEVICE_CATEGORY_NETWORK, dc->categories);
}
@@ -1373,7 +1372,6 @@ static void virtio_ccw_blk_class_init(ObjectClass *klass, void *data)
k->realize = virtio_ccw_blk_realize;
k->unrealize = virtio_ccw_unrealize;
- dc->reset = virtio_ccw_reset;
dc->props = virtio_ccw_blk_properties;
set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
}
@@ -1401,7 +1399,6 @@ static void virtio_ccw_serial_class_init(ObjectClass *klass, void *data)
k->realize = virtio_ccw_serial_realize;
k->unrealize = virtio_ccw_unrealize;
- dc->reset = virtio_ccw_reset;
dc->props = virtio_ccw_serial_properties;
set_bit(DEVICE_CATEGORY_INPUT, dc->categories);
}
@@ -1429,7 +1426,6 @@ static void virtio_ccw_balloon_class_init(ObjectClass *klass, void *data)
k->realize = virtio_ccw_balloon_realize;
k->unrealize = virtio_ccw_unrealize;
- dc->reset = virtio_ccw_reset;
dc->props = virtio_ccw_balloon_properties;
set_bit(DEVICE_CATEGORY_MISC, dc->categories);
}
@@ -1457,7 +1453,6 @@ static void virtio_ccw_scsi_class_init(ObjectClass *klass, void *data)
k->realize = virtio_ccw_scsi_realize;
k->unrealize = virtio_ccw_unrealize;
- dc->reset = virtio_ccw_reset;
dc->props = virtio_ccw_scsi_properties;
set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
}
@@ -1484,7 +1479,6 @@ static void vhost_ccw_scsi_class_init(ObjectClass *klass, void *data)
k->realize = vhost_ccw_scsi_realize;
k->unrealize = virtio_ccw_unrealize;
- dc->reset = virtio_ccw_reset;
dc->props = vhost_ccw_scsi_properties;
set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
}
@@ -1521,7 +1515,6 @@ static void virtio_ccw_rng_class_init(ObjectClass *klass, void *data)
k->realize = virtio_ccw_rng_realize;
k->unrealize = virtio_ccw_unrealize;
- dc->reset = virtio_ccw_reset;
dc->props = virtio_ccw_rng_properties;
set_bit(DEVICE_CATEGORY_MISC, dc->categories);
}
@@ -1559,7 +1552,6 @@ static void virtio_ccw_crypto_class_init(ObjectClass *klass, void *data)
k->realize = virtio_ccw_crypto_realize;
k->unrealize = virtio_ccw_unrealize;
- dc->reset = virtio_ccw_reset;
dc->props = virtio_ccw_crypto_properties;
set_bit(DEVICE_CATEGORY_MISC, dc->categories);
}
@@ -1597,7 +1589,6 @@ static void virtio_ccw_gpu_class_init(ObjectClass *klass, void *data)
k->realize = virtio_ccw_gpu_realize;
k->unrealize = virtio_ccw_unrealize;
- dc->reset = virtio_ccw_reset;
dc->props = virtio_ccw_gpu_properties;
dc->hotpluggable = false;
set_bit(DEVICE_CATEGORY_DISPLAY, dc->categories);
@@ -1626,7 +1617,6 @@ static void virtio_ccw_input_class_init(ObjectClass *klass, void *data)
k->realize = virtio_ccw_input_realize;
k->unrealize = virtio_ccw_unrealize;
- dc->reset = virtio_ccw_reset;
dc->props = virtio_ccw_input_properties;
set_bit(DEVICE_CATEGORY_INPUT, dc->categories);
}
@@ -1730,6 +1720,7 @@ static void virtio_ccw_device_class_init(ObjectClass *klass, void *data)
dc->realize = virtio_ccw_busdev_realize;
dc->unrealize = virtio_ccw_busdev_unrealize;
dc->bus_type = TYPE_VIRTUAL_CSS_BUS;
+ dc->reset = virtio_ccw_reset;
}
static const TypeInfo virtio_ccw_device_info = {
@@ -1806,7 +1797,6 @@ static void virtio_ccw_9p_class_init(ObjectClass *klass, void *data)
k->unrealize = virtio_ccw_unrealize;
k->realize = virtio_ccw_9p_realize;
- dc->reset = virtio_ccw_reset;
dc->props = virtio_ccw_9p_properties;
set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
}
@@ -1856,7 +1846,6 @@ static void vhost_vsock_ccw_class_init(ObjectClass *klass, void *data)
k->unrealize = virtio_ccw_unrealize;
set_bit(DEVICE_CATEGORY_MISC, dc->categories);
dc->props = vhost_vsock_ccw_properties;
- dc->reset = virtio_ccw_reset;
}
static void vhost_vsock_ccw_instance_init(Object *obj)

43
0056-qmp-populate-SevInfo-fields-with-SE.patch
View File

@ -1,43 +0,0 @@
From 0b770bea4deaa363b1eff696402057d55d9721b6 Mon Sep 17 00:00:00 2001
From: Brijesh Singh <brijesh.singh@amd.com>
Date: Thu, 15 Feb 2018 09:03:21 -0600
Subject: [PATCH] qmp: populate SevInfo fields with SEV guest information
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
query-sev command is used to get the SEV guest information, fill the
SevInfo fields with SEV guest information.
Cc: Eric Blake <eblake@redhat.com>
Cc: "Daniel P. Berrangé" <berrange@redhat.com>
Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
[BR: FATE#322124]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
qmp.c | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/qmp.c b/qmp.c
index 75b5a349b0..3c2d573384 100644
--- a/qmp.c
+++ b/qmp.c
@@ -726,5 +726,15 @@ MemoryInfo *qmp_query_memory_size_summary(Error **errp)
SevInfo *qmp_query_sev(Error **errp)
{
- return NULL;
+ SevInfo *info = g_malloc0(sizeof(*info));
+
+ info->enabled = sev_enabled();
+ if (info->enabled) {
+ sev_get_fw_version(&info->api_major,
+ &info->api_minor, &info->build_id);
+ sev_get_policy(&info->policy);
+ info->state = sev_get_current_state();
+ }
+
+ return info;
}

103
0056-s390x-ccw-make-sure-all-ccw-devices.patch Normal file
View File

@ -0,0 +1,103 @@
From 783d488a66a565aaf259e8736b6ccb97fb0cbb86 Mon Sep 17 00:00:00 2001
From: Cornelia Huck <cohuck@redhat.com>
Date: Mon, 7 May 2018 15:27:57 +0200
Subject: [PATCH] s390x/ccw: make sure all ccw devices are properly reset
Thomas reported that the subchannel for a 3270 device that ended up
in a broken state (status pending even though not enabled) did not
get out of that state even after a reboot (which involves a subsytem
reset). The reason for this is that the 3270 device did not define
a reset handler.
Let's fix this by introducing a base reset handler (set up for all
ccw devices) that resets the subchannel and have virtio-ccw call
its virtio-specific reset procedure in addition to that.
CC: qemu-stable@nongnu.org
Reported-by: Thomas Huth <thuth@redhat.com>
Suggested-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Halil Pasic <pasic@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
(cherry picked from commit 838fb84f83c84f00d15b1bede5e080b495644458)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/s390x/ccw-device.c | 8 ++++++++
hw/s390x/virtio-ccw.c | 9 ++++++---
hw/s390x/virtio-ccw.h | 1 +
3 files changed, 15 insertions(+), 3 deletions(-)
diff --git a/hw/s390x/ccw-device.c b/hw/s390x/ccw-device.c
index f9bfa154d6..7cd73df4aa 100644
--- a/hw/s390x/ccw-device.c
+++ b/hw/s390x/ccw-device.c
@@ -40,6 +40,13 @@ static Property ccw_device_properties[] = {
DEFINE_PROP_END_OF_LIST(),
};
+static void ccw_device_reset(DeviceState *d)
+{
+ CcwDevice *ccw_dev = CCW_DEVICE(d);
+
+ css_reset_sch(ccw_dev->sch);
+}
+
static void ccw_device_class_init(ObjectClass *klass, void *data)
{
DeviceClass *dc = DEVICE_CLASS(klass);
@@ -48,6 +55,7 @@ static void ccw_device_class_init(ObjectClass *klass, void *data)
k->realize = ccw_device_realize;
k->refill_ids = ccw_device_refill_ids;
dc->props = ccw_device_properties;
+ dc->reset = ccw_device_reset;
}
const VMStateDescription vmstate_ccw_dev = {
diff --git a/hw/s390x/virtio-ccw.c b/hw/s390x/virtio-ccw.c
index 40a33302a7..22df33b509 100644
--- a/hw/s390x/virtio-ccw.c
+++ b/hw/s390x/virtio-ccw.c
@@ -1058,10 +1058,12 @@ static void virtio_ccw_reset(DeviceState *d)
{
VirtioCcwDevice *dev = VIRTIO_CCW_DEVICE(d);
VirtIODevice *vdev = virtio_bus_get_device(&dev->bus);
- CcwDevice *ccw_dev = CCW_DEVICE(d);
+ VirtIOCCWDeviceClass *vdc = VIRTIO_CCW_DEVICE_GET_CLASS(dev);
virtio_ccw_reset_virtio(dev, vdev);
- css_reset_sch(ccw_dev->sch);
+ if (vdc->parent_reset) {
+ vdc->parent_reset(d);
+ }
}
static void virtio_ccw_vmstate_change(DeviceState *d, bool running)
@@ -1715,12 +1717,13 @@ static void virtio_ccw_device_class_init(ObjectClass *klass, void *data)
{
DeviceClass *dc = DEVICE_CLASS(klass);
CCWDeviceClass *k = CCW_DEVICE_CLASS(dc);
+ VirtIOCCWDeviceClass *vdc = VIRTIO_CCW_DEVICE_CLASS(klass);
k->unplug = virtio_ccw_busdev_unplug;
dc->realize = virtio_ccw_busdev_realize;
dc->unrealize = virtio_ccw_busdev_unrealize;
dc->bus_type = TYPE_VIRTUAL_CSS_BUS;
- dc->reset = virtio_ccw_reset;
+ device_class_set_parent_reset(dc, virtio_ccw_reset, &vdc->parent_reset);
}
static const TypeInfo virtio_ccw_device_info = {
diff --git a/hw/s390x/virtio-ccw.h b/hw/s390x/virtio-ccw.h
index 2fc513001e..3453aa1f98 100644
--- a/hw/s390x/virtio-ccw.h
+++ b/hw/s390x/virtio-ccw.h
@@ -77,6 +77,7 @@ typedef struct VirtIOCCWDeviceClass {
CCWDeviceClass parent_class;
void (*realize)(VirtioCcwDevice *dev, Error **errp);
void (*unrealize)(VirtioCcwDevice *dev, Error **errp);
+ void (*parent_reset)(DeviceState *dev);
} VirtIOCCWDeviceClass;
/* Performance improves when virtqueue kick processing is decoupled from the

65
0057-blockjob-expose-error-string-via-qu.patch Normal file
View File

@ -0,0 +1,65 @@
From 28f65ae0a583e3b0a9d2b26c6fa6dc50dfb25ad6 Mon Sep 17 00:00:00 2001
From: John Snow <jsnow@redhat.com>
Date: Tue, 8 May 2018 19:36:59 -0400
Subject: [PATCH] blockjob: expose error string via query
When we've reached the concluded state, we need to expose the error
state if applicable. Add the new field.
This should be sufficient for determining if a job completed
successfully or not after concluding; if we want to discriminate
based on how it failed more mechanically, we can always add an
explicit return code enumeration later.
I didn't bother to make it only show up if we are in the concluded
state; I don't think it's necessary.
Cc: qemu-stable@nongnu.org
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
(cherry picked from commit ab9ba614556ac5b0f8d96b99e0dba19f1e28d6c2)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
blockjob.c | 2 ++
qapi/block-core.json | 6 +++++-
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/blockjob.c b/blockjob.c
index 27f957e571..4de48166b2 100644
--- a/blockjob.c
+++ b/blockjob.c
@@ -831,6 +831,8 @@ BlockJobInfo *block_job_query(BlockJob *job, Error **errp)
info->status = job->status;
info->auto_finalize = job->auto_finalize;
info->auto_dismiss = job->auto_dismiss;
+ info->has_error = job->ret != 0;
+ info->error = job->ret ? g_strdup(strerror(-job->ret)) : NULL;
return info;
}
diff --git a/qapi/block-core.json b/qapi/block-core.json
index c50517bff3..7da3bea6bc 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -1172,6 +1172,9 @@
# @auto-dismiss: Job will dismiss itself when CONCLUDED, moving to the NULL
# state and disappearing from the query list. (since 2.12)
#
+# @error: Error information if the job did not complete successfully.
+# Not set if the job completed successfully. (since 2.12.1)
+#
# Since: 1.1
##
{ 'struct': 'BlockJobInfo',
@@ -1179,7 +1182,8 @@
'offset': 'int', 'busy': 'bool', 'paused': 'bool', 'speed': 'int',
'io-status': 'BlockDeviceIoStatus', 'ready': 'bool',
'status': 'BlockJobStatus',
- 'auto-finalize': 'bool', 'auto-dismiss': 'bool' } }
+ 'auto-finalize': 'bool', 'auto-dismiss': 'bool',
+ '*error': 'str' } }
##
# @query-block-jobs:

96
0057-sev-i386-register-the-guest-memory-.patch
View File

@ -1,96 +0,0 @@
From c6101a4c186abcc2d3b78972a534cbe1907bea57 Mon Sep 17 00:00:00 2001
From: Brijesh Singh <brijesh.singh@amd.com>
Date: Thu, 15 Feb 2018 09:03:21 -0600
Subject: [PATCH] sev/i386: register the guest memory range which may contain
encrypted data
When SEV is enabled, the hardware encryption engine uses a tweak such
that the two identical plaintext at different location will have a
different ciphertexts. So swapping or moving a ciphertexts of two guest
pages will not result in plaintexts being swapped. Hence relocating
a physical backing pages of the SEV guest will require some additional
steps in KVM driver. The KVM_MEMORY_ENCRYPT_{UN,}REG_REGION ioctl can be
used to register/unregister the guest memory region which may contain the
encrypted data. KVM driver will internally handle the relocating physical
backing pages of registered memory regions.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
[BR: FATE#322124]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
target/i386/sev.c | 41 +++++++++++++++++++++++++++++++++++++++++
target/i386/trace-events | 2 ++
2 files changed, 43 insertions(+)
diff --git a/target/i386/sev.c b/target/i386/sev.c
index f9a8748d19..de5c8d4675 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -88,6 +88,45 @@ fw_error_to_str(int code)
return sev_fw_errlist[code];
}
+static void
+sev_ram_block_added(RAMBlockNotifier *n, void *host, size_t size)
+{
+ int r;
+ struct kvm_enc_region range;
+
+ range.addr = (__u64)host;
+ range.size = size;
+
+ trace_kvm_memcrypt_register_region(host, size);
+ r = kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_REG_REGION, &range);
+ if (r) {
+ error_report("%s: failed to register region (%p+%#lx)",
+ __func__, host, size);
+ }
+}
+
+static void
+sev_ram_block_removed(RAMBlockNotifier *n, void *host, size_t size)
+{
+ int r;
+ struct kvm_enc_region range;
+
+ range.addr = (__u64)host;
+ range.size = size;
+
+ trace_kvm_memcrypt_unregister_region(host, size);
+ r = kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_UNREG_REGION, &range);
+ if (r) {
+ error_report("%s: failed to unregister region (%p+%#lx)",
+ __func__, host, size);
+ }
+}
+
+static struct RAMBlockNotifier sev_ram_notifier = {
+ .ram_block_added = sev_ram_block_added,
+ .ram_block_removed = sev_ram_block_removed,
+};
+
static void
qsev_guest_finalize(Object *obj)
{
@@ -404,6 +443,8 @@ sev_guest_init(const char *id)
x86_reduced_phys_bits = reduced_phys_bits;
x86_cbitpos = cbitpos;
sev_active = true;
+ ram_block_notifier_add(&sev_ram_notifier);
+
return s;
err:
g_free(s);
diff --git a/target/i386/trace-events b/target/i386/trace-events
index 797b716751..ffa3d22504 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -8,3 +8,5 @@ kvm_x86_update_msi_routes(int num) "Updated %d MSI routes"
# target/i386/sev.c
kvm_sev_init(void) ""
+kvm_memcrypt_register_region(void *addr, size_t len) "addr %p len 0x%lu"
+kvm_memcrypt_unregister_region(void *addr, size_t len) "addr %p len 0x%lu"

39
0058-blockjob-Fix-assertion-in-block_job.patch Normal file
View File

@ -0,0 +1,39 @@
From 1eb457c2de41008aca9873be0ba2e2635e1f9cf1 Mon Sep 17 00:00:00 2001
From: Kevin Wolf <kwolf@redhat.com>
Date: Tue, 8 May 2018 11:55:30 +0200
Subject: [PATCH] blockjob: Fix assertion in block_job_finalize()
Every job gets a non-NULL job->txn on creation, but it doesn't
necessarily keep it until it is decommissioned: Finalising a job removes
it from its transaction. Therefore, calling 'blockdev-job-finalize' a
second time on an already concluded job causes an assertion failure.
Remove job->txn from the assertion in block_job_finalize() to fix this.
block_job_do_finalize() still has the same assertion, but if a job is
already removed from its transaction, block_job_apply_verb() will
already error out before we run into that assertion.
Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
(cherry picked from commit 37aa19b63c46d933f1e4ea944cfccee54e2caf4a)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
blockjob.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/blockjob.c b/blockjob.c
index 4de48166b2..b38ed7e265 100644
--- a/blockjob.c
+++ b/blockjob.c
@@ -702,7 +702,7 @@ void block_job_complete(BlockJob *job, Error **errp)
void block_job_finalize(BlockJob *job, Error **errp)
{
- assert(job && job->id && job->txn);
+ assert(job && job->id);
if (block_job_apply_verb(job, BLOCK_JOB_VERB_FINALIZE, errp)) {
return;
}

129
0058-kvm-introduce-memory-encryption-API.patch
View File

@ -1,129 +0,0 @@
From da8eb76eb09a056b7107bc27f790c715fba088d7 Mon Sep 17 00:00:00 2001
From: Brijesh Singh <brijesh.singh@amd.com>
Date: Thu, 15 Feb 2018 09:03:22 -0600
Subject: [PATCH] kvm: introduce memory encryption APIs
Inorder to integerate the Secure Encryption Virtualization (SEV) support
add few high-level memory encryption APIs which can be used for encrypting
the guest memory region.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
[BR: FATE#322124]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
accel/kvm/kvm-all.c | 30 ++++++++++++++++++++++++++++++
accel/stubs/kvm-stub.c | 14 ++++++++++++++
include/sysemu/kvm.h | 25 +++++++++++++++++++++++++
3 files changed, 69 insertions(+)
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 6e5f3fd650..f1fb826f06 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -107,6 +107,8 @@ struct KVMState
/* memory encryption */
void *memcrypt_handle;
+ int (*memcrypt_encrypt_data)(void *handle, uint8_t *ptr, uint64_t len);
+ void (*memcrypt_debug_ops)(void *handle, MemoryRegion *mr);
};
KVMState *kvm_state;
@@ -142,6 +144,34 @@ int kvm_get_max_memslots(void)
return s->nr_slots;
}
+bool kvm_memcrypt_enabled(void)
+{
+ if (kvm_state && kvm_state->memcrypt_handle) {
+ return true;
+ }
+
+ return false;
+}
+
+int kvm_memcrypt_encrypt_data(uint8_t *ptr, uint64_t len)
+{
+ if (kvm_state->memcrypt_handle &&
+ kvm_state->memcrypt_encrypt_data) {
+ return kvm_state->memcrypt_encrypt_data(kvm_state->memcrypt_handle,
+ ptr, len);
+ }
+
+ return 1;
+}
+
+void kvm_memcrypt_set_debug_ops(MemoryRegion *mr)
+{
+ if (kvm_state->memcrypt_handle &&
+ kvm_state->memcrypt_debug_ops) {
+ kvm_state->memcrypt_debug_ops(kvm_state->memcrypt_handle, mr);
+ }
+}
+
static KVMSlot *kvm_get_free_slot(KVMMemoryListener *kml)
{
KVMState *s = kvm_state;
diff --git a/accel/stubs/kvm-stub.c b/accel/stubs/kvm-stub.c
index c964af3e1c..5739712a67 100644
--- a/accel/stubs/kvm-stub.c
+++ b/accel/stubs/kvm-stub.c
@@ -105,6 +105,20 @@ int kvm_on_sigbus(int code, void *addr)
return 1;
}
+bool kvm_memcrypt_enabled(void)
+{
+ return false;
+}
+
+int kvm_memcrypt_encrypt_data(uint8_t *ptr, uint64_t len)
+{
+ return 1;
+}
+
+void kvm_memcrypt_set_debug_ops(MemoryRegion *mr)
+{
+}
+
#ifndef CONFIG_USER_ONLY
int kvm_irqchip_add_msi_route(KVMState *s, int vector, PCIDevice *dev)
{
diff --git a/include/sysemu/kvm.h b/include/sysemu/kvm.h
index bbf12a1723..4a5db5dde3 100644
--- a/include/sysemu/kvm.h
+++ b/include/sysemu/kvm.h
@@ -231,6 +231,31 @@ int kvm_destroy_vcpu(CPUState *cpu);
*/
bool kvm_arm_supports_user_irq(void);
+/**
+ * kvm_memcrypt_enabled - return boolean indicating whether memory encryption
+ * is enabled
+ * Returns: 1 memory encryption is enabled
+ * 0 memory encryption is disabled
+ */
+bool kvm_memcrypt_enabled(void);
+
+/**
+ * kvm_memcrypt_encrypt_data: encrypt the memory range
+ *
+ * Return: 1 failed to encrypt the range
+ * 0 succesfully encrypted memory region
+ */
+int kvm_memcrypt_encrypt_data(uint8_t *ptr, uint64_t len);
+
+/**
+ * kvm_memcrypt_set_debug_ram_ops: set debug_ram_ops callback
+ *
+ * When debug_ram_ops is set, debug access to this memory region will use
+ * memory encryption APIs.
+ */
+void kvm_memcrypt_set_debug_ops(MemoryRegion *mr);
+
+
#ifdef NEED_CPU_H
#include "cpu.h"

87
0059-hmp-add-info-sev-command.patch
View File

@ -1,87 +0,0 @@
From ae854a2255006d807366a2b2529311b1dcaaed17 Mon Sep 17 00:00:00 2001
From: Brijesh Singh <brijesh.singh@amd.com>
Date: Thu, 15 Feb 2018 09:03:22 -0600
Subject: [PATCH] hmp: add 'info sev' command
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The command can be used to show the SEV information when memory
encryption is enabled on AMD platform.
Cc: Eric Blake <eblake@redhat.com>
Cc: "Daniel P. Berrangé" <berrange@redhat.com>
Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
[BR: FATE#322124]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hmp-commands-info.hx | 14 ++++++++++++++
hmp.c | 19 +++++++++++++++++++
hmp.h | 1 +
3 files changed, 34 insertions(+)
diff --git a/hmp-commands-info.hx b/hmp-commands-info.hx
index 54c3e5eac6..83491f84f6 100644
--- a/hmp-commands-info.hx
+++ b/hmp-commands-info.hx
@@ -865,6 +865,20 @@ STEXI
@findex info memory_size_summary
Display the amount of initially allocated and present hotpluggable (if
enabled) memory in bytes.
+ETEXI
+
+ {
+ .name = "sev",
+ .args_type = "",
+ .params = "",
+ .help = "show SEV information",
+ .cmd = hmp_info_sev,
+ },
+
+STEXI
+@item info sev
+@findex info sev
+Show SEV information.
ETEXI
STEXI
diff --git a/hmp.c b/hmp.c
index 35a7041824..f3898347b8 100644
--- a/hmp.c
+++ b/hmp.c
@@ -2918,3 +2918,22 @@ void hmp_info_memory_size_summary(Monitor *mon, const QDict *qdict)
}
hmp_handle_error(mon, &err);
}
+
+void hmp_info_sev(Monitor *mon, const QDict *qdict)
+{
+ SevInfo *info;
+
+ info = qmp_query_sev(NULL);
+ monitor_printf(mon, "sev support: ");
+ monitor_printf(mon, "%s\n", info->enabled ? "enabled" : "disabled");
+
+ if (info->enabled) {
+ monitor_printf(mon, "state: %s\n", SevState_str(info->state));
+ monitor_printf(mon, "policy: 0x%x\n", info->policy);
+ monitor_printf(mon, "build id: %u\n", info->build_id);
+ monitor_printf(mon, "api version: %u.%u\n",
+ info->api_major, info->api_minor);
+ }
+
+ qapi_free_SevInfo(info);
+}
diff --git a/hmp.h b/hmp.h
index a6f56b1f29..153f106be8 100644
--- a/hmp.h
+++ b/hmp.h
@@ -147,5 +147,6 @@ void hmp_info_ramblock(Monitor *mon, const QDict *qdict);
void hmp_hotpluggable_cpus(Monitor *mon, const QDict *qdict);
void hmp_info_vm_generation_id(Monitor *mon, const QDict *qdict);
void hmp_info_memory_size_summary(Monitor *mon, const QDict *qdict);
+void hmp_info_sev(Monitor *mon, const QDict *qdict);
#endif

52
0059-qemu-io-Use-purely-string-blockdev-.patch Normal file
View File

@ -0,0 +1,52 @@
From 17f84e4f3e671f58c8c9fe909a5551ffd9dfdc87 Mon Sep 17 00:00:00 2001
From: Max Reitz <mreitz@redhat.com>
Date: Wed, 2 May 2018 22:20:49 +0200
Subject: [PATCH] qemu-io: Use purely string blockdev options
Currently, qemu-io only uses string-valued blockdev options (as all are
converted directly from QemuOpts) -- with one exception: -U adds the
force-share option as a boolean. This in itself is already a bit
questionable, but a real issue is that it also assumes the value already
existing in the options QDict would be a boolean, which is wrong.
That has the following effect:
$ ./qemu-io -r -U --image-opts \
driver=file,filename=/dev/null,force-share=off
[1] 15200 segmentation fault (core dumped) ./qemu-io -r -U
--image-opts driver=file,filename=/dev/null,force-share=off
Since @opts is converted from QemuOpts, the value must be a string, and
we have to compare it as such. Consequently, it makes sense to also set
it as a string instead of a boolean.
Cc: qemu-stable@nongnu.org
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20180502202051.15493-2-mreitz@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
(cherry picked from commit 2a01c01f9ecb43af4c0a85fe6adc429ffc9c31b5)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
qemu-io.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/qemu-io.c b/qemu-io.c
index e692c555e0..0755a30447 100644
--- a/qemu-io.c
+++ b/qemu-io.c
@@ -95,12 +95,12 @@ static int openfile(char *name, int flags, bool writethrough, bool force_share,
opts = qdict_new();
}
if (qdict_haskey(opts, BDRV_OPT_FORCE_SHARE)
- && !qdict_get_bool(opts, BDRV_OPT_FORCE_SHARE)) {
+ && strcmp(qdict_get_str(opts, BDRV_OPT_FORCE_SHARE), "on")) {
error_report("-U conflicts with image options");
QDECREF(opts);
return 1;
}
- qdict_put_bool(opts, BDRV_OPT_FORCE_SHARE, true);
+ qdict_put_str(opts, BDRV_OPT_FORCE_SHARE, "on");
}
qemuio_blk = blk_new_open(name, NULL, opts, flags, &local_err);
if (!qemuio_blk) {

48
0060-qemu-img-Use-only-string-options-in.patch Normal file
View File

@ -0,0 +1,48 @@
From a8a7fe80f036d584ffed21f9d2ddb65d269bc805 Mon Sep 17 00:00:00 2001
From: Max Reitz <mreitz@redhat.com>
Date: Wed, 2 May 2018 22:20:50 +0200
Subject: [PATCH] qemu-img: Use only string options in img_open_opts
img_open_opts() takes a QemuOpts and converts them to a QDict, so all
values therein are strings. Then it may try to call qdict_get_bool(),
however, which will fail with a segmentation fault every time:
$ ./qemu-img info -U --image-opts \
driver=file,filename=/dev/null,force-share=off
[1] 27869 segmentation fault (core dumped) ./qemu-img info -U
--image-opts driver=file,filename=/dev/null,force-share=off
Fix this by using qdict_get_str() and comparing the value as a string.
Also, when adding a force-share value to the QDict, add it as a string
so it fits the rest of the dict.
Cc: qemu-stable@nongnu.org
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20180502202051.15493-3-mreitz@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
(cherry picked from commit 4615f87832d2fcb7a544bedeece2741bf8c21f94)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
qemu-img.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/qemu-img.c b/qemu-img.c
index 855fa52514..42b60917b0 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -277,12 +277,12 @@ static BlockBackend *img_open_opts(const char *optstr,
options = qemu_opts_to_qdict(opts, NULL);
if (force_share) {
if (qdict_haskey(options, BDRV_OPT_FORCE_SHARE)
- && !qdict_get_bool(options, BDRV_OPT_FORCE_SHARE)) {
+ && strcmp(qdict_get_str(options, BDRV_OPT_FORCE_SHARE), "on")) {
error_report("--force-share/-U conflicts with image options");
QDECREF(options);
return NULL;
}
- qdict_put_bool(options, BDRV_OPT_FORCE_SHARE, true);
+ qdict_put_str(options, BDRV_OPT_FORCE_SHARE, "on");
}
blk = blk_new_open(NULL, NULL, options, flags, &local_err);
if (!blk) {

161
0060-sev-i386-add-command-to-create-laun.patch
View File

@ -1,161 +0,0 @@
From 0c5346f2b8f38e938f277c9df91068cbcad12ad2 Mon Sep 17 00:00:00 2001
From: Brijesh Singh <brijesh.singh@amd.com>
Date: Thu, 15 Feb 2018 09:03:22 -0600
Subject: [PATCH] sev/i386: add command to create launch memory encryption
context
The KVM_SEV_LAUNCH_START command creates a new VM encryption key (VEK).
The encryption key created with the command will be used for encrypting
the bootstrap images (such as guest bios).
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
[BR: FATE#322124]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
target/i386/sev.c | 91 +++++++++++++++++++++++++++++++++++++++++++++++-
target/i386/trace-events | 2 ++
2 files changed, 92 insertions(+), 1 deletion(-)
diff --git a/target/i386/sev.c b/target/i386/sev.c
index de5c8d4675..6f767084fd 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -29,6 +29,8 @@ static int sev_fd;
static uint32_t x86_cbitpos;
static uint32_t x86_reduced_phys_bits;
+static SevState current_sev_guest_state = SEV_STATE_UNINIT;
+
static const char *const sev_fw_errlist[] = {
"",
"Platform state is invalid",
@@ -88,6 +90,16 @@ fw_error_to_str(int code)
return sev_fw_errlist[code];
}
+static void
+sev_set_guest_state(SevState new_state)
+{
+ assert(new_state < SEV_STATE__MAX);
+
+ trace_kvm_sev_change_state(SevState_str(current_sev_guest_state),
+ SevState_str(new_state));
+ current_sev_guest_state = new_state;
+}
+
static void
sev_ram_block_added(RAMBlockNotifier *n, void *host, size_t size)
{
@@ -365,7 +377,7 @@ sev_get_reduced_phys_bits(void)
SevState
sev_get_current_state(void)
{
- return SEV_STATE_UNINIT;
+ return current_sev_guest_state;
}
bool
@@ -384,6 +396,76 @@ sev_get_policy(uint32_t *policy)
{
}
+static int
+sev_read_file_base64(const char *filename, guchar **data, gsize *len)
+{
+ gsize sz;
+ gchar *base64;
+ GError *error = NULL;
+
+ if (!g_file_get_contents(filename, &base64, &sz, &error)) {
+ error_report("failed to read '%s' (%s)", filename, error->message);
+ return -1;
+ }
+
+ *data = g_base64_decode(base64, len);
+ return 0;
+}
+
+static int
+sev_launch_start(SEVState *s)
+{
+ gsize sz;
+ int ret = 1;
+ int fw_error;
+ QSevGuestInfo *sev = s->sev_info;
+ struct kvm_sev_launch_start *start;
+ guchar *session = NULL, *dh_cert = NULL;
+
+ start = g_malloc0(sizeof(*start));
+ if (!start) {
+ return 1;
+ }
+
+ start->handle = object_property_get_int(OBJECT(sev), "handle",
+ &error_abort);
+ start->policy = object_property_get_int(OBJECT(sev), "policy",
+ &error_abort);
+ if (sev->session_file) {
+ if (sev_read_file_base64(sev->session_file, &session, &sz) < 0) {
+ return 1;
+ }
+ start->session_uaddr = (unsigned long)session;
+ start->session_len = sz;
+ }
+
+ if (sev->dh_cert_file) {
+ if (sev_read_file_base64(sev->dh_cert_file, &dh_cert, &sz) < 0) {
+ return 1;
+ }
+ start->dh_uaddr = (unsigned long)dh_cert;
+ start->dh_len = sz;
+ }
+
+ trace_kvm_sev_launch_start(start->policy, session, dh_cert);
+ ret = sev_ioctl(KVM_SEV_LAUNCH_START, start, &fw_error);
+ if (ret < 0) {
+ error_report("%s: LAUNCH_START ret=%d fw_error=%d '%s'",
+ __func__, ret, fw_error, fw_error_to_str(fw_error));
+ return 1;
+ }
+
+ object_property_set_int(OBJECT(sev), start->handle, "handle",
+ &error_abort);
+ sev_set_guest_state(SEV_STATE_LUPDATE);
+
+ g_free(start);
+ g_free(session);
+ g_free(dh_cert);
+
+ return 0;
+}
+
void *
sev_guest_init(const char *id)
{
@@ -439,6 +521,13 @@ sev_guest_init(const char *id)
goto err;
}
+ ret = sev_launch_start(s);
+ if (ret) {
+ error_report("%s: failed to create encryption context", __func__);
+ goto err;
+ }
+
+
me_mask = (1UL << cbitpos);
x86_reduced_phys_bits = reduced_phys_bits;
x86_cbitpos = cbitpos;
diff --git a/target/i386/trace-events b/target/i386/trace-events
index ffa3d22504..9402251e99 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -10,3 +10,5 @@ kvm_x86_update_msi_routes(int num) "Updated %d MSI routes"
kvm_sev_init(void) ""
kvm_memcrypt_register_region(void *addr, size_t len) "addr %p len 0x%lu"
kvm_memcrypt_unregister_region(void *addr, size_t len) "addr %p len 0x%lu"
+kvm_sev_change_state(const char *old, const char *new) "%s -> %s"
+kvm_sev_launch_start(int policy, void *session, void *pdh) "policy 0x%x session %p pdh %p"

51
0061-nfs-Remove-processed-options-from-Q.patch Normal file
View File

@ -0,0 +1,51 @@
From 07cfae0f6649239efdbf4aa97db175468495c5a1 Mon Sep 17 00:00:00 2001
From: Kevin Wolf <kwolf@redhat.com>
Date: Wed, 16 May 2018 18:08:16 +0200
Subject: [PATCH] nfs: Remove processed options from QDict
Commit c22a03454 QAPIfied option parsing in the NFS block driver, but
forgot to remove all the options we processed. Therefore, we get an
error in bdrv_open_inherit(), which thinks the remaining options are
invalid. Trying to open an NFS image will result in an error like this:
Block protocol 'nfs' doesn't support the option 'server.host'
Remove all options from the QDict to make the NFS driver work again.
Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-id: 20180516160816.26259-1-kwolf@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Jeff Cody <jcody@redhat.com>
(cherry picked from commit c82be42cc803b36fd7aed5dceec68312c7056fd5)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
block/nfs.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/block/nfs.c b/block/nfs.c
index 2577df4b26..dc12d5000d 100644
--- a/block/nfs.c
+++ b/block/nfs.c
@@ -557,6 +557,7 @@ static BlockdevOptionsNfs *nfs_options_qdict_to_qapi(QDict *options,
BlockdevOptionsNfs *opts = NULL;
QObject *crumpled = NULL;
Visitor *v;
+ const QDictEntry *e;
Error *local_err = NULL;
crumpled = qdict_crumple(options, errp);
@@ -573,6 +574,12 @@ static BlockdevOptionsNfs *nfs_options_qdict_to_qapi(QDict *options,
return NULL;
}
+ /* Remove the processed options from the QDict (the visitor processes
+ * _all_ options in the QDict) */
+ while ((e = qdict_first(options))) {
+ qdict_del(options, e->key);
+ }
+
return opts;
}

145
0061-sev-i386-add-command-to-encrypt-gue.patch
View File

@ -1,145 +0,0 @@
From b7326c19d0504bb913c80075648a71c9830cda10 Mon Sep 17 00:00:00 2001
From: Brijesh Singh <brijesh.singh@amd.com>
Date: Thu, 15 Feb 2018 09:03:22 -0600
Subject: [PATCH] sev/i386: add command to encrypt guest memory region
The KVM_SEV_LAUNCH_UPDATE_DATA command is used to encrypt a guest memory
region using the VM Encryption Key created using LAUNCH_START.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
[BR: FATE#322124]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
accel/kvm/kvm-all.c | 2 ++
include/sysemu/sev.h | 1 +
stubs/sev.c | 5 +++++
target/i386/sev.c | 49 ++++++++++++++++++++++++++++++++++++++++++++++++
target/i386/trace-events | 1 +
5 files changed, 58 insertions(+)
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index f1fb826f06..37f7c442dc 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -1675,6 +1675,8 @@ static int kvm_init(MachineState *ms)
if (!kvm_state->memcrypt_handle) {
goto err;
}
+
+ kvm_state->memcrypt_encrypt_data = sev_encrypt_data;
}
ret = kvm_arch_init(ms, s);
diff --git a/include/sysemu/sev.h b/include/sysemu/sev.h
index 5c8c549b68..c16102b05e 100644
--- a/include/sysemu/sev.h
+++ b/include/sysemu/sev.h
@@ -69,5 +69,6 @@ struct SEVState {
typedef struct SEVState SEVState;
void *sev_guest_init(const char *id);
+int sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len);
#endif
diff --git a/stubs/sev.c b/stubs/sev.c
index 24c7b0c3e0..74182bb545 100644
--- a/stubs/sev.c
+++ b/stubs/sev.c
@@ -15,6 +15,11 @@
#include "qemu-common.h"
#include "sysemu/sev.h"
+int sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len)
+{
+ return 1;
+}
+
SevState sev_get_current_state(void)
{
return SEV_STATE_UNINIT;
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 6f767084fd..04a64b5bc6 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -90,6 +90,12 @@ fw_error_to_str(int code)
return sev_fw_errlist[code];
}
+static bool
+sev_check_state(SevState state)
+{
+ return current_sev_guest_state == state ? true : false;
+}
+
static void
sev_set_guest_state(SevState new_state)
{
@@ -466,6 +472,36 @@ sev_launch_start(SEVState *s)
return 0;
}
+static int
+sev_launch_update_data(uint8_t *addr, uint64_t len)
+{
+ int ret, fw_error;
+ struct kvm_sev_launch_update_data *update;
+
+ if (addr == NULL || len <= 0) {
+ return 1;
+ }
+
+ update = g_malloc0(sizeof(*update));
+ if (!update) {
+ return 1;
+ }
+
+ update->uaddr = (__u64)addr;
+ update->len = len;
+ trace_kvm_sev_launch_update_data(addr, len);
+ ret = sev_ioctl(KVM_SEV_LAUNCH_UPDATE_DATA, update, &fw_error);
+ if (ret) {
+ error_report("%s: LAUNCH_UPDATE ret=%d fw_error=%d '%s'",
+ __func__, ret, fw_error, fw_error_to_str(fw_error));
+ goto err;
+ }
+
+err:
+ g_free(update);
+ return ret;
+}
+
void *
sev_guest_init(const char *id)
{
@@ -540,6 +576,19 @@ err:
return NULL;
}
+int
+sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len)
+{
+ assert(handle);
+
+ /* if SEV is in update state then encrypt the data else do nothing */
+ if (sev_check_state(SEV_STATE_LUPDATE)) {
+ return sev_launch_update_data(ptr, len);
+ }
+
+ return 0;
+}
+
static void
sev_register_types(void)
{
diff --git a/target/i386/trace-events b/target/i386/trace-events
index 9402251e99..c0cd8e9321 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -12,3 +12,4 @@ kvm_memcrypt_register_region(void *addr, size_t len) "addr %p len 0x%lu"
kvm_memcrypt_unregister_region(void *addr, size_t len) "addr %p len 0x%lu"
kvm_sev_change_state(const char *old, const char *new) "%s -> %s"
kvm_sev_launch_start(int policy, void *session, void *pdh) "policy 0x%x session %p pdh %p"
+kvm_sev_launch_update_data(void *addr, uint64_t len) "addr %p len 0x%" PRIu64

50
0062-i386-define-the-ssbd-CPUID-feature-.patch Normal file
View File

@ -0,0 +1,50 @@
From 9641d6f6e656248df8c0877ef047c0764b2bbffc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Mon, 21 May 2018 22:54:22 +0100
Subject: [PATCH] i386: define the 'ssbd' CPUID feature bit (CVE-2018-3639)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
New microcode introduces the "Speculative Store Bypass Disable"
CPUID feature bit. This needs to be exposed to guest OS to allow
them to protect against CVE-2018-3639.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Message-Id: <20180521215424.13520-2-berrange@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
(cherry picked from commit d19d1f965904a533998739698020ff4ee8a103da)
[BR: BSC#1092885]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
target/i386/cpu.c | 2 +-
target/i386/cpu.h | 1 +
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index a20fe26573..2f5263e22f 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -510,7 +510,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
NULL, NULL, "spec-ctrl", NULL,
- NULL, NULL, NULL, NULL,
+ NULL, NULL, NULL, "ssbd",
},
.cpuid_eax = 7,
.cpuid_needs_ecx = true, .cpuid_ecx = 0,
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index 164884f1d8..4c8e42e39d 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -684,6 +684,7 @@ typedef uint32_t FeatureWordArray[FEATURE_WORDS];
#define CPUID_7_0_EDX_AVX512_4VNNIW (1U << 2) /* AVX512 Neural Network Instructions */
#define CPUID_7_0_EDX_AVX512_4FMAPS (1U << 3) /* AVX512 Multiply Accumulation Single Precision */
#define CPUID_7_0_EDX_SPEC_CTRL (1U << 26) /* Speculation Control */
+#define CPUID_7_0_EDX_SPEC_CTRL_SSBD (1U << 31) /* Speculative Store Bypass Disable */
#define KVM_HINTS_DEDICATED (1U << 0)

49
0062-target-i386-encrypt-bios-rom.patch
View File

@ -1,49 +0,0 @@
From e6990d56a3b6d4702cec1c3d35c037e906eb39c0 Mon Sep 17 00:00:00 2001
From: Brijesh Singh <brijesh.singh@amd.com>
Date: Thu, 15 Feb 2018 09:03:22 -0600
Subject: [PATCH] target/i386: encrypt bios rom
SEV requires that guest bios must be encrypted before booting the guest.
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
[BR: FATE#322124]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/i386/pc_sysfw.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c
index 6b183747fc..8ddbbf74d3 100644
--- a/hw/i386/pc_sysfw.c
+++ b/hw/i386/pc_sysfw.c
@@ -112,6 +112,8 @@ static void pc_system_flash_init(MemoryRegion *rom_memory)
pflash_t *system_flash;
MemoryRegion *flash_mem;
char name[64];
+ void *flash_ptr;
+ int ret, flash_size;
sector_bits = 12;
sector_size = 1 << sector_bits;
@@ -168,6 +170,17 @@ static void pc_system_flash_init(MemoryRegion *rom_memory)
if (unit == 0) {
flash_mem = pflash_cfi01_get_memory(system_flash);
pc_isa_bios_init(rom_memory, flash_mem, size);
+
+ /* Encrypt the pflash boot ROM */
+ if (kvm_memcrypt_enabled()) {
+ flash_ptr = memory_region_get_ram_ptr(flash_mem);
+ flash_size = memory_region_size(flash_mem);
+ ret = kvm_memcrypt_encrypt_data(flash_ptr, flash_size);
+ if (ret) {
+ error_report("failed to encrypt pflash rom");
+ exit(1);
+ }
+ }
}
}
}

147
0063-i386-Define-the-Virt-SSBD-MSR-and-h.patch Normal file
View File

@ -0,0 +1,147 @@
From 3d54c78e88efc794e3adc1b32c2bf24829f18dec Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Mon, 21 May 2018 22:54:24 +0100
Subject: [PATCH] i386: Define the Virt SSBD MSR and handling of it
(CVE-2018-3639)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
"Some AMD processors only support a non-architectural means of enabling
speculative store bypass disable (SSBD). To allow a simplified view of
this to a guest, an architectural definition has been created through a new
CPUID bit, 0x80000008_EBX[25], and a new MSR, 0xc001011f. With this, a
hypervisor can virtualize the existence of this definition and provide an
architectural method for using SSBD to a guest.
Add the new CPUID feature, the new MSR and update the existing SSBD
support to use this MSR when present." (from x86/speculation: Add virtualized
speculative store bypass disable support in Linux).
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20180521215424.13520-4-berrange@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
(cherry picked from commit cfeea0c021db6234c154dbc723730e81553924ff)
[BR: BSC#1092885]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
target/i386/cpu.h | 2 ++
target/i386/kvm.c | 16 ++++++++++++++--
target/i386/machine.c | 20 ++++++++++++++++++++
3 files changed, 36 insertions(+), 2 deletions(-)
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index 4c8e42e39d..e63205d1f0 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -351,6 +351,7 @@ typedef enum X86Seg {
#define MSR_IA32_FEATURE_CONTROL 0x0000003a
#define MSR_TSC_ADJUST 0x0000003b
#define MSR_IA32_SPEC_CTRL 0x48
+#define MSR_VIRT_SSBD 0xc001011f
#define MSR_IA32_TSCDEADLINE 0x6e0
#define FEATURE_CONTROL_LOCKED (1<<0)
@@ -1150,6 +1151,7 @@ typedef struct CPUX86State {
uint32_t pkru;
uint64_t spec_ctrl;
+ uint64_t virt_ssbd;
/* End of state preserved by INIT (dummy marker). */
struct {} end_init_save;
diff --git a/target/i386/kvm.c b/target/i386/kvm.c
index 6c49954e68..19e6aa320d 100644
--- a/target/i386/kvm.c
+++ b/target/i386/kvm.c
@@ -92,6 +92,7 @@ static bool has_msr_hv_stimer;
static bool has_msr_hv_frequencies;
static bool has_msr_xss;
static bool has_msr_spec_ctrl;
+static bool has_msr_virt_ssbd;
static bool has_msr_smi_count;
static uint32_t has_architectural_pmu_version;
@@ -1218,6 +1219,9 @@ static int kvm_get_supported_msrs(KVMState *s)
case MSR_IA32_SPEC_CTRL:
has_msr_spec_ctrl = true;
break;
+ case MSR_VIRT_SSBD:
+ has_msr_virt_ssbd = true;
+ break;
}
}
}
@@ -1706,6 +1710,10 @@ static int kvm_put_msrs(X86CPU *cpu, int level)
if (has_msr_spec_ctrl) {
kvm_msr_entry_add(cpu, MSR_IA32_SPEC_CTRL, env->spec_ctrl);
}
+ if (has_msr_virt_ssbd) {
+ kvm_msr_entry_add(cpu, MSR_VIRT_SSBD, env->virt_ssbd);
+ }
+
#ifdef TARGET_X86_64
if (lm_capable_kernel) {
kvm_msr_entry_add(cpu, MSR_CSTAR, env->cstar);
@@ -2077,8 +2085,9 @@ static int kvm_get_msrs(X86CPU *cpu)
if (has_msr_spec_ctrl) {
kvm_msr_entry_add(cpu, MSR_IA32_SPEC_CTRL, 0);
}
-
-
+ if (has_msr_virt_ssbd) {
+ kvm_msr_entry_add(cpu, MSR_VIRT_SSBD, 0);
+ }
if (!env->tsc_valid) {
kvm_msr_entry_add(cpu, MSR_IA32_TSC, 0);
env->tsc_valid = !runstate_is_running();
@@ -2444,6 +2453,9 @@ static int kvm_get_msrs(X86CPU *cpu)
case MSR_IA32_SPEC_CTRL:
env->spec_ctrl = msrs[i].data;
break;
+ case MSR_VIRT_SSBD:
+ env->virt_ssbd = msrs[i].data;
+ break;
case MSR_IA32_RTIT_CTL:
env->msr_rtit_ctrl = msrs[i].data;
break;
diff --git a/target/i386/machine.c b/target/i386/machine.c
index bd2d82e91b..f0a835c292 100644
--- a/target/i386/machine.c
+++ b/target/i386/machine.c
@@ -893,6 +893,25 @@ static const VMStateDescription vmstate_msr_intel_pt = {
}
};
+static bool virt_ssbd_needed(void *opaque)
+{
+ X86CPU *cpu = opaque;
+ CPUX86State *env = &cpu->env;
+
+ return env->virt_ssbd != 0;
+}
+
+static const VMStateDescription vmstate_msr_virt_ssbd = {
+ .name = "cpu/virt_ssbd",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .needed = virt_ssbd_needed,
+ .fields = (VMStateField[]){
+ VMSTATE_UINT64(env.virt_ssbd, X86CPU),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
VMStateDescription vmstate_x86_cpu = {
.name = "cpu",
.version_id = 12,
@@ -1015,6 +1034,7 @@ VMStateDescription vmstate_x86_cpu = {
&vmstate_spec_ctrl,
&vmstate_mcg_ext_ctl,
&vmstate_msr_intel_pt,
+ &vmstate_msr_virt_ssbd,
NULL
}
};

168
0063-sev-i386-add-support-to-LAUNCH_MEAS.patch
View File

@ -1,168 +0,0 @@
From 0bc4fd78361c340ad4ee0c77bfde2d487fb580f5 Mon Sep 17 00:00:00 2001
From: Brijesh Singh <brijesh.singh@amd.com>
Date: Thu, 15 Feb 2018 09:03:23 -0600
Subject: [PATCH] sev/i386: add support to LAUNCH_MEASURE command
During machine creation we encrypted the guest bios image, the
LAUNCH_MEASURE command can be used to retrieve the measurement of
the encrypted memory region. This measurement is a signature of
the memory contents that can be sent to the guest owner as an
attestation that the memory was encrypted correctly by the firmware.
VM management tools like libvirt can query the measurement using
query-sev-launch-measure QMP command.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
[BR: FATE#322124]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
include/sysemu/sev.h | 2 ++
stubs/sev.c | 5 ++++
target/i386/sev.c | 68 ++++++++++++++++++++++++++++++++++++++++++++++++
target/i386/trace-events | 1 +
4 files changed, 76 insertions(+)
diff --git a/include/sysemu/sev.h b/include/sysemu/sev.h
index c16102b05e..ad4a1f1338 100644
--- a/include/sysemu/sev.h
+++ b/include/sysemu/sev.h
@@ -33,6 +33,7 @@ extern void sev_get_fw_version(uint8_t *major, uint8_t *minor, uint8_t *build);
extern void sev_get_policy(uint32_t *policy);
extern uint32_t sev_get_cbit_position(void);
extern uint32_t sev_get_reduced_phys_bits(void);
+extern char *sev_get_launch_measurement(void);
typedef struct QSevGuestInfo QSevGuestInfo;
typedef struct QSevGuestInfoClass QSevGuestInfoClass;
@@ -64,6 +65,7 @@ struct QSevGuestInfoClass {
struct SEVState {
QSevGuestInfo *sev_info;
+ gchar *measurement;
};
typedef struct SEVState SEVState;
diff --git a/stubs/sev.c b/stubs/sev.c
index 74182bb545..5420ada7fd 100644
--- a/stubs/sev.c
+++ b/stubs/sev.c
@@ -57,3 +57,8 @@ void sev_get_fw_version(uint8_t *major, uint8_t *minor, uint8_t *build)
void sev_get_policy(uint32_t *policy)
{
}
+
+char *sev_get_launch_measurement(void)
+{
+ return NULL;
+}
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 04a64b5bc6..401b2a33d7 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -19,6 +19,7 @@
#include "sysemu/sev.h"
#include "sysemu/sysemu.h"
#include "trace.h"
+#include "qapi-event.h"
#define DEFAULT_GUEST_POLICY 0x1 /* disable debug */
#define DEFAULT_SEV_DEVICE "/dev/sev"
@@ -28,6 +29,7 @@ static bool sev_active;
static int sev_fd;
static uint32_t x86_cbitpos;
static uint32_t x86_reduced_phys_bits;
+static SEVState *sev_state;
static SevState current_sev_guest_state = SEV_STATE_UNINIT;
@@ -502,6 +504,69 @@ err:
return ret;
}
+static void
+sev_launch_get_measure(Notifier *notifier, void *unused)
+{
+ int ret, error;
+ guchar *data;
+ SEVState *s = sev_state;
+ struct kvm_sev_launch_measure *measurement;
+
+ if (!sev_check_state(SEV_STATE_LUPDATE)) {
+ return;
+ }
+
+ measurement = g_malloc0(sizeof(*measurement));
+ if (!measurement) {
+ return;
+ }
+
+ /* query the measurement blob length */
+ ret = sev_ioctl(KVM_SEV_LAUNCH_MEASURE, measurement, &error);
+ if (!measurement->len) {
+ error_report("%s: LAUNCH_MEASURE ret=%d fw_error=%d '%s'",
+ __func__, ret, error, fw_error_to_str(errno));
+ goto free_measurement;
+ }
+
+ data = g_malloc(measurement->len);
+ if (s->measurement) {
+ goto free_data;
+ }
+
+ measurement->uaddr = (unsigned long)data;
+
+ /* get the measurement blob */
+ ret = sev_ioctl(KVM_SEV_LAUNCH_MEASURE, measurement, &error);
+ if (ret) {
+ error_report("%s: LAUNCH_MEASURE ret=%d fw_error=%d '%s'",
+ __func__, ret, error, fw_error_to_str(errno));
+ goto free_data;
+ }
+
+ sev_set_guest_state(SEV_STATE_LSECRET);
+
+ /* encode the measurement value and emit the event */
+ s->measurement = g_base64_encode(data, measurement->len);
+ trace_kvm_sev_launch_measurement(s->measurement);
+
+free_data:
+ g_free(data);
+free_measurement:
+ g_free(measurement);
+}
+
+char *
+sev_get_launch_measurement(void)
+{
+ return current_sev_guest_state >= SEV_STATE_LSECRET ?
+ g_strdup(sev_state->measurement) : NULL;
+}
+
+static Notifier sev_machine_done_notify = {
+ .notify = sev_launch_get_measure,
+};
+
void *
sev_guest_init(const char *id)
{
@@ -569,6 +634,9 @@ sev_guest_init(const char *id)
x86_cbitpos = cbitpos;
sev_active = true;
ram_block_notifier_add(&sev_ram_notifier);
+ qemu_add_machine_init_done_notifier(&sev_machine_done_notify);
+
+ sev_state = s;
return s;
err:
diff --git a/target/i386/trace-events b/target/i386/trace-events
index c0cd8e9321..f7a1a1e6b8 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -13,3 +13,4 @@ kvm_memcrypt_unregister_region(void *addr, size_t len) "addr %p len 0x%lu"
kvm_sev_change_state(const char *old, const char *new) "%s -> %s"
kvm_sev_launch_start(int policy, void *session, void *pdh) "policy 0x%x session %p pdh %p"
kvm_sev_launch_update_data(void *addr, uint64_t len) "addr %p len 0x%" PRIu64
+kvm_sev_launch_measurement(const char *value) "data %s"

40
0064-i386-define-the-AMD-virt-ssbd-CPUID.patch Normal file
View File

@ -0,0 +1,40 @@
From b418432f84340d80f17b5b1317afe9c81a1d50ae Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Mon, 21 May 2018 22:54:23 +0100
Subject: [PATCH] i386: define the AMD 'virt-ssbd' CPUID feature bit
(CVE-2018-3639)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
AMD Zen expose the Intel equivalant to Speculative Store Bypass Disable
via the 0x80000008_EBX[25] CPUID feature bit.
This needs to be exposed to guest OS to allow them to protect
against CVE-2018-3639.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20180521215424.13520-3-berrange@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
(cherry picked from commit 403503b162ffc33fb64cfefdf7b880acf41772cd)
[BR: BSC#1092885]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
target/i386/cpu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 2f5263e22f..2e305ab689 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -541,7 +541,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
"ibpb", NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
- NULL, NULL, NULL, NULL,
+ NULL, "virt-ssbd", NULL, NULL,
NULL, NULL, NULL, NULL,
},
.cpuid_eax = 0x80000008,

75
0064-sev-i386-finalize-the-SEV-guest-lau.patch
View File

@ -1,75 +0,0 @@
From 15ba1a246b2e68d9dbb6d8db3e065f26b33062cc Mon Sep 17 00:00:00 2001
From: Brijesh Singh <brijesh.singh@amd.com>
Date: Thu, 15 Feb 2018 09:03:23 -0600
Subject: [PATCH] sev/i386: finalize the SEV guest launch flow
SEV launch flow requires us to issue LAUNCH_FINISH command before guest
is ready to run.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
[BR: FATE#322124]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
target/i386/sev.c | 29 +++++++++++++++++++++++++++++
target/i386/trace-events | 1 +
2 files changed, 30 insertions(+)
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 401b2a33d7..305ef65191 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -567,6 +567,34 @@ static Notifier sev_machine_done_notify = {
.notify = sev_launch_get_measure,
};
+static void
+sev_launch_finish(SEVState *s)
+{
+ int ret, error;
+
+ trace_kvm_sev_launch_finish();
+ ret = sev_ioctl(KVM_SEV_LAUNCH_FINISH, 0, &error);
+ if (ret) {
+ error_report("%s: LAUNCH_FINISH ret=%d fw_error=%d '%s'",
+ __func__, ret, error, fw_error_to_str(error));
+ exit(1);
+ }
+
+ sev_set_guest_state(SEV_STATE_RUNNING);
+}
+
+static void
+sev_vm_state_change(void *opaque, int running, RunState state)
+{
+ SEVState *s = opaque;
+
+ if (running) {
+ if (!sev_check_state(SEV_STATE_RUNNING)) {
+ sev_launch_finish(s);
+ }
+ }
+}
+
void *
sev_guest_init(const char *id)
{
@@ -635,6 +663,7 @@ sev_guest_init(const char *id)
sev_active = true;
ram_block_notifier_add(&sev_ram_notifier);
qemu_add_machine_init_done_notifier(&sev_machine_done_notify);
+ qemu_add_vm_change_state_handler(sev_vm_state_change, s);
sev_state = s;
diff --git a/target/i386/trace-events b/target/i386/trace-events
index f7a1a1e6b8..b1fbde6e40 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -14,3 +14,4 @@ kvm_sev_change_state(const char *old, const char *new) "%s -> %s"
kvm_sev_launch_start(int policy, void *session, void *pdh) "policy 0x%x session %p pdh %p"
kvm_sev_launch_update_data(void *addr, uint64_t len) "addr %p len 0x%" PRIu64
kvm_sev_launch_measurement(const char *value) "data %s"
+kvm_sev_launch_finish(void) ""

45
0065-Revert-replay-don-t-process-async-e.patch Normal file
View File

@ -0,0 +1,45 @@
From 41e6f70a01044bf814949da00e22a18d0ada809b Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Fri, 25 May 2018 09:08:20 -0600
Subject: [PATCH] Revert "replay: don't process async events when warping the
clock"
This reverts commit 89e46eb477113550485bc24264d249de9fd1260a.
[BR: BSC#1094406]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
replay/replay-events.c | 1 -
replay/replay.c | 7 +------
2 files changed, 1 insertion(+), 7 deletions(-)
diff --git a/replay/replay-events.c b/replay/replay-events.c
index 707de3867b..fc7d458b90 100644
--- a/replay/replay-events.c
+++ b/replay/replay-events.c
@@ -201,7 +201,6 @@ static void replay_save_event(Event *event, int checkpoint)
void replay_save_events(int checkpoint)
{
g_assert(replay_mutex_locked());
- g_assert(checkpoint != CHECKPOINT_CLOCK_WARP_START);
while (!QTAILQ_EMPTY(&events_list)) {
Event *event = QTAILQ_FIRST(&events_list);
replay_save_event(event, checkpoint);
diff --git a/replay/replay.c b/replay/replay.c
index 8228261401..eae8daf18a 100644
--- a/replay/replay.c
+++ b/replay/replay.c
@@ -211,12 +211,7 @@ bool replay_checkpoint(ReplayCheckpoint checkpoint)
} else if (replay_mode == REPLAY_MODE_RECORD) {
g_assert(replay_mutex_locked());
replay_put_event(EVENT_CHECKPOINT + checkpoint);
- /* This checkpoint belongs to several threads.
- Processing events from different threads is
- non-deterministic */
- if (checkpoint != CHECKPOINT_CLOCK_WARP_START) {
- replay_save_events(checkpoint);
- }
+ replay_save_events(checkpoint);
res = true;
}
out:

58
0065-hw-i386-set-ram_debug_ops-when-memo.patch
View File

@ -1,58 +0,0 @@
From 6d17c0a5da11a757f26db7763823fcb53a79d445 Mon Sep 17 00:00:00 2001
From: Brijesh Singh <brijesh.singh@amd.com>
Date: Thu, 15 Feb 2018 09:03:23 -0600
Subject: [PATCH] hw/i386: set ram_debug_ops when memory encryption is enabled
When memory encryption is enabled, the guest RAM and boot flash ROM will
contain the encrypted data. By setting the debug ops allow us to invoke
encryption APIs when accessing the memory for the debug purposes.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
[BR: FATE#322124]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/i386/pc.c | 9 +++++++++
hw/i386/pc_sysfw.c | 6 ++++++
2 files changed, 15 insertions(+)
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index e7faf92143..c9c91e150b 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1355,6 +1355,15 @@ void pc_memory_init(PCMachineState *pcms,
e820_add_entry(0x100000000ULL, pcms->above_4g_mem_size, E820_RAM);
}
+ /*
+ * When memory encryption is enabled, the guest RAM will be encrypted with
+ * a guest unique key. Set the debug ops so that any debug access to the
+ * guest RAM will go through the memory encryption APIs.
+ */
+ if (kvm_memcrypt_enabled()) {
+ kvm_memcrypt_set_debug_ops(ram);
+ }
+
if (!pcmc->has_reserved_memory &&
(machine->ram_slots ||
(machine->maxram_size > machine->ram_size))) {
diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c
index 8ddbbf74d3..3d149b1c9f 100644
--- a/hw/i386/pc_sysfw.c
+++ b/hw/i386/pc_sysfw.c
@@ -180,6 +180,12 @@ static void pc_system_flash_init(MemoryRegion *rom_memory)
error_report("failed to encrypt pflash rom");
exit(1);
}
+
+ /*
+ * The pflash ROM is encrypted, set the debug ops so that any
+ * debug accesses will use memory encryption APIs.
+ */
+ kvm_memcrypt_set_debug_ops(flash_mem);
}
}
}

51
0066-Revert-replay-avoid-recursive-call-.patch Normal file
View File

@ -0,0 +1,51 @@
From 00300f4a36119691fc8689575424d380b2450bf7 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Fri, 25 May 2018 09:09:04 -0600
Subject: [PATCH] Revert "replay: avoid recursive call of checkpoints"
This reverts commit 66eb7825d0bd84a870a054fb208fe765317109fa.
[BR: BSC#1094406]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
replay/replay.c | 14 +-------------
1 file changed, 1 insertion(+), 13 deletions(-)
diff --git a/replay/replay.c b/replay/replay.c
index eae8daf18a..90f98b7490 100644
--- a/replay/replay.c
+++ b/replay/replay.c
@@ -176,24 +176,13 @@ void replay_shutdown_request(ShutdownCause cause)
bool replay_checkpoint(ReplayCheckpoint checkpoint)
{
bool res = false;
- static bool in_checkpoint;
assert(EVENT_CHECKPOINT + checkpoint <= EVENT_CHECKPOINT_LAST);
+ replay_save_instructions();
if (!replay_file) {
return true;
}
- if (in_checkpoint) {
- /* If we are already in checkpoint, then there is no need
- for additional synchronization.
- Recursion occurs when HW event modifies timers.
- Timer modification may invoke the checkpoint and
- proceed to recursion. */
- return true;
- }
- in_checkpoint = true;
-
- replay_save_instructions();
if (replay_mode == REPLAY_MODE_PLAY) {
g_assert(replay_mutex_locked());
@@ -215,7 +204,6 @@ bool replay_checkpoint(ReplayCheckpoint checkpoint)
res = true;
}
out:
- in_checkpoint = false;
return res;
}

174
0066-sev-i386-add-debug-encrypt-and-decr.patch
View File

@ -1,174 +0,0 @@
From 42f8013adf0a5f8ca17212ee54a8009471d6c8f3 Mon Sep 17 00:00:00 2001
From: Brijesh Singh <brijesh.singh@amd.com>
Date: Thu, 15 Feb 2018 09:03:23 -0600
Subject: [PATCH] sev/i386: add debug encrypt and decrypt commands
KVM_SEV_DBG_DECRYPT and KVM_SEV_DBG_ENCRYPT commands are used for
decrypting and encrypting guest memory region. The command works only if
the guest policy allows the debugging.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
[BR: FATE#322124]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
accel/kvm/kvm-all.c | 1 +
include/sysemu/sev.h | 1 +
stubs/sev.c | 4 +++
target/i386/sev.c | 72 ++++++++++++++++++++++++++++++++++++++++++++++++
target/i386/trace-events | 1 +
5 files changed, 79 insertions(+)
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 37f7c442dc..7d3b7b4107 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -1677,6 +1677,7 @@ static int kvm_init(MachineState *ms)
}
kvm_state->memcrypt_encrypt_data = sev_encrypt_data;
+ kvm_state->memcrypt_debug_ops = sev_set_debug_ops;
}
ret = kvm_arch_init(ms, s);
diff --git a/include/sysemu/sev.h b/include/sysemu/sev.h
index ad4a1f1338..ac70c7a00b 100644
--- a/include/sysemu/sev.h
+++ b/include/sysemu/sev.h
@@ -72,5 +72,6 @@ typedef struct SEVState SEVState;
void *sev_guest_init(const char *id);
int sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len);
+void sev_set_debug_ops(void *handle, MemoryRegion *mr);
#endif
diff --git a/stubs/sev.c b/stubs/sev.c
index 5420ada7fd..8ea167031e 100644
--- a/stubs/sev.c
+++ b/stubs/sev.c
@@ -15,6 +15,10 @@
#include "qemu-common.h"
#include "sysemu/sev.h"
+void sev_set_debug_ops(void *handle, MemoryRegion *mr)
+{
+}
+
int sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len)
{
return 1;
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 305ef65191..1fbc3beb16 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -23,6 +23,7 @@
#define DEFAULT_GUEST_POLICY 0x1 /* disable debug */
#define DEFAULT_SEV_DEVICE "/dev/sev"
+#define GUEST_POLICY_DBG_BIT 0x1
static uint64_t me_mask;
static bool sev_active;
@@ -30,6 +31,7 @@ static int sev_fd;
static uint32_t x86_cbitpos;
static uint32_t x86_reduced_phys_bits;
static SEVState *sev_state;
+static MemoryRegionRAMReadWriteOps sev_ops;
static SevState current_sev_guest_state = SEV_STATE_UNINIT;
@@ -595,6 +597,51 @@ sev_vm_state_change(void *opaque, int running, RunState state)
}
}
+static int
+sev_dbg_enc_dec(uint8_t *dst, const uint8_t *src, uint32_t len, bool write)
+{
+ int ret, error;
+ struct kvm_sev_dbg *dbg;
+
+ dbg = g_malloc0(sizeof(*dbg));
+ if (!dbg) {
+ return 1;
+ }
+
+ dbg->src_uaddr = (unsigned long)src;
+ dbg->dst_uaddr = (unsigned long)dst;
+ dbg->len = len;
+
+ trace_kvm_sev_debug(write ? "encrypt" : "decrypt", src, dst, len);
+ ret = sev_ioctl(write ? KVM_SEV_DBG_ENCRYPT : KVM_SEV_DBG_DECRYPT,
+ dbg, &error);
+ if (ret) {
+ error_report("%s (%s) %#llx->%#llx+%#x ret=%d fw_error=%d '%s'",
+ __func__, write ? "write" : "read", dbg->src_uaddr,
+ dbg->dst_uaddr, dbg->len, ret, error,
+ fw_error_to_str(error));
+ }
+
+ g_free(dbg);
+ return ret;
+}
+
+static int
+sev_mem_read(uint8_t *dst, const uint8_t *src, uint32_t len, MemTxAttrs attrs)
+{
+ assert(attrs.debug);
+
+ return sev_dbg_enc_dec(dst, src, len, false);
+}
+
+static int
+sev_mem_write(uint8_t *dst, const uint8_t *src, uint32_t len, MemTxAttrs attrs)
+{
+ assert(attrs.debug);
+
+ return sev_dbg_enc_dec(dst, src, len, true);
+}
+
void *
sev_guest_init(const char *id)
{
@@ -686,6 +733,31 @@ sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len)
return 0;
}
+void
+sev_set_debug_ops(void *handle, MemoryRegion *mr)
+{
+ int policy;
+ SEVState *s = (SEVState *)handle;
+
+ policy = object_property_get_int(OBJECT(s->sev_info),
+ "policy", &error_abort);
+
+ /*
+ * Check if guest policy supports debugging
+ * Bit 0 :
+ * 0 - debug allowed
+ * 1 - debug is not allowed
+ */
+ if (policy & GUEST_POLICY_DBG_BIT) {
+ return;
+ }
+
+ sev_ops.read = sev_mem_read;
+ sev_ops.write = sev_mem_write;
+
+ memory_region_set_ram_debug_ops(mr, &sev_ops);
+}
+
static void
sev_register_types(void)
{
diff --git a/target/i386/trace-events b/target/i386/trace-events
index b1fbde6e40..00aa6e98d8 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -15,3 +15,4 @@ kvm_sev_launch_start(int policy, void *session, void *pdh) "policy 0x%x session
kvm_sev_launch_update_data(void *addr, uint64_t len) "addr %p len 0x%" PRIu64
kvm_sev_launch_measurement(const char *value) "data %s"
kvm_sev_launch_finish(void) ""
+kvm_sev_debug(const char *op, const uint8_t *src, uint8_t *dst, int len) "(%s) src %p dst %p len %d"

53
0067-Revert-replay-check-return-values-o.patch Normal file
View File

@ -0,0 +1,53 @@
From cceb1b09c36f71bdb84cd8b3ad20d63335fc1559 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Fri, 25 May 2018 09:09:28 -0600
Subject: [PATCH] Revert "replay: check return values of fwrite"
This reverts commit 6dc0f5296359ff59c248215a965c8658dea9544b.
[BR: BSC#1094406]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
replay/replay-internal.c | 17 ++---------------
1 file changed, 2 insertions(+), 15 deletions(-)
diff --git a/replay/replay-internal.c b/replay/replay-internal.c
index b077cb5fd5..8e7474f787 100644
--- a/replay/replay-internal.c
+++ b/replay/replay-internal.c
@@ -24,23 +24,12 @@
static QemuMutex lock;
/* File for replay writing */
-static bool write_error;
FILE *replay_file;
-static void replay_write_error(void)
-{
- if (!write_error) {
- error_report("replay write error");
- write_error = true;
- }
-}
-
void replay_put_byte(uint8_t byte)
{
if (replay_file) {
- if (putc(byte, replay_file) == EOF) {
- replay_write_error();
- }
+ putc(byte, replay_file);
}
}
@@ -73,9 +62,7 @@ void replay_put_array(const uint8_t *buf, size_t size)
{
if (replay_file) {
replay_put_dword(size);
- if (fwrite(buf, 1, size, replay_file) != size) {
- replay_write_error();
- }
+ fwrite(buf, 1, size, replay_file);
}
}

Some files were not shown because too many files have changed in this diff Show More