diff --git a/Fix-double-free-issue-in-qemu_set_log_fi.patch b/Fix-double-free-issue-in-qemu_set_log_fi.patch new file mode 100644 index 0000000..c2367f9 --- /dev/null +++ b/Fix-double-free-issue-in-qemu_set_log_fi.patch @@ -0,0 +1,33 @@ +From: Robert Foley +Date: Mon, 18 Nov 2019 16:15:23 -0500 +Subject: Fix double free issue in qemu_set_log_filename(). +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Git-commit: 0f516ca4767042aec8716369d6d62436fa10593a + +After freeing the logfilename, we set logfilename to NULL, in case of an +error which returns without setting logfilename. + +Signed-off-by: Robert Foley +Reviewed-by: Alex Bennée +Signed-off-by: Alex Bennée +Message-Id: <20191118211528.3221-2-robert.foley@linaro.org> +Signed-off-by: Bruce Rogers +--- + util/log.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/util/log.c b/util/log.c +index 1ca13059eef5441dce01769e046d..4316fe74eee8ba96fd2d3c9afd3b 100644 +--- a/util/log.c ++++ b/util/log.c +@@ -113,6 +113,7 @@ void qemu_set_log_filename(const char *filename, Error **errp) + { + char *pidstr; + g_free(logfilename); ++ logfilename = NULL; + + pidstr = strstr(filename, "%"); + if (pidstr) { diff --git a/Revert-qemu-options.hx-Update-for-reboot.patch b/Revert-qemu-options.hx-Update-for-reboot.patch new file mode 100644 index 0000000..80ed78b --- /dev/null +++ b/Revert-qemu-options.hx-Update-for-reboot.patch @@ -0,0 +1,35 @@ +From: Han Han +Date: Thu, 5 Dec 2019 10:48:21 +0800 +Subject: Revert "qemu-options.hx: Update for reboot-timeout parameter" + +Git-commit: 8937a39da22e5d5689c516a2d4ce4f2bb6a378fc + +This reverts commit bbd9e6985ff342cbe15b9cb7eb30e842796fbbe8. + +In 20a1922032 we allowed reboot-timeout=-1 again, so update the doc +accordingly. + +Signed-off-by: Han Han +Reviewed-by: Markus Armbruster +Message-Id: <20191205024821.245435-1-hhan@redhat.com> +Signed-off-by: Laurent Vivier +Signed-off-by: Bruce Rogers +--- + qemu-options.hx | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/qemu-options.hx b/qemu-options.hx +index 65c9473b7325545c00befcbac651..e14d88e9b2f3a3c13a4c20db0b36 100644 +--- a/qemu-options.hx ++++ b/qemu-options.hx +@@ -327,8 +327,8 @@ format(true color). The resolution should be supported by the SVGA mode, so + the recommended is 320x240, 640x480, 800x640. + + A timeout could be passed to bios, guest will pause for @var{rb_timeout} ms +-when boot failed, then reboot. If @option{reboot-timeout} is not set, +-guest will not reboot by default. Currently Seabios for X86 ++when boot failed, then reboot. If @var{rb_timeout} is '-1', guest will not ++reboot, qemu passes '-1' to bios by default. Currently Seabios for X86 + system support it. + + Do strict boot via @option{strict=on} as far as firmware/BIOS diff --git a/arm-arm-powerctl-set-NSACR.-CP11-CP10-bi.patch b/arm-arm-powerctl-set-NSACR.-CP11-CP10-bi.patch new file mode 100644 index 0000000..b691024 --- /dev/null +++ b/arm-arm-powerctl-set-NSACR.-CP11-CP10-bi.patch @@ -0,0 +1,42 @@ +From: Niek Linnenbank +Date: Mon, 2 Dec 2019 22:09:43 +0100 +Subject: arm/arm-powerctl: set NSACR.{CP11, CP10} bits in arm_set_cpu_on() + +Git-commit: 0c7f8c43daf6556078e51de98aa13f069e505985 + +This change ensures that the FPU can be accessed in Non-Secure mode +when the CPU core is reset using the arm_set_cpu_on() function call. +The NSACR.{CP11,CP10} bits define the exception level required to +access the FPU in Non-Secure mode. Without these bits set, the CPU +will give an undefined exception trap on the first FPU access for the +secondary cores under Linux. + +This is necessary because in this power-control codepath QEMU +is effectively emulating a bit of EL3 firmware, and has to set +the CPU up as the EL3 firmware would. + +Fixes: fc1120a7f5 +Cc: qemu-stable@nongnu.org +Signed-off-by: Niek Linnenbank +[PMM: added clarifying para to commit message] +Reviewed-by: Peter Maydell +Signed-off-by: Peter Maydell +Signed-off-by: Bruce Rogers +--- + target/arm/arm-powerctl.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/target/arm/arm-powerctl.c b/target/arm/arm-powerctl.c +index f77a950db67276513977af686aa9..b064513d44a86932bbd70b06b3ca 100644 +--- a/target/arm/arm-powerctl.c ++++ b/target/arm/arm-powerctl.c +@@ -104,6 +104,9 @@ static void arm_set_cpu_on_async_work(CPUState *target_cpu_state, + /* Processor is not in secure mode */ + target_cpu->env.cp15.scr_el3 |= SCR_NS; + ++ /* Set NSACR.{CP11,CP10} so NS can access the FPU */ ++ target_cpu->env.cp15.nsacr |= 3 << 10; ++ + /* + * If QEMU is providing the equivalent of EL3 firmware, then we need + * to make sure a CPU targeting EL2 comes out of reset with a diff --git a/backup-top-Begin-drain-earlier.patch b/backup-top-Begin-drain-earlier.patch new file mode 100644 index 0000000..098ab07 --- /dev/null +++ b/backup-top-Begin-drain-earlier.patch @@ -0,0 +1,40 @@ +From: Max Reitz +Date: Thu, 19 Dec 2019 19:26:38 +0100 +Subject: backup-top: Begin drain earlier + +Git-commit: 503ca1262bab2c11c533a4816d1ff4297d4f58a6 + +When dropping backup-top, we need to drain the node before freeing the +BlockCopyState. Otherwise, requests may still be in flight and then the +assertion in shres_destroy() will fail. + +(This becomes visible in intermittent failure of 056.) + +Cc: qemu-stable@nongnu.org +Signed-off-by: Max Reitz +Message-id: 20191219182638.104621-1-mreitz@redhat.com +Signed-off-by: Max Reitz +Signed-off-by: Bruce Rogers +--- + block/backup-top.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/block/backup-top.c b/block/backup-top.c +index 7cdb1f8eba1065c04057b4a2137e..818d3f26b48da425ba061e21887f 100644 +--- a/block/backup-top.c ++++ b/block/backup-top.c +@@ -257,12 +257,12 @@ void bdrv_backup_top_drop(BlockDriverState *bs) + BDRVBackupTopState *s = bs->opaque; + AioContext *aio_context = bdrv_get_aio_context(bs); + +- block_copy_state_free(s->bcs); +- + aio_context_acquire(aio_context); + + bdrv_drained_begin(bs); + ++ block_copy_state_free(s->bcs); ++ + s->active = false; + bdrv_child_refresh_perms(bs, bs->backing, &error_abort); + bdrv_replace_node(bs, backing_bs(bs), &error_abort); diff --git a/block-Activate-recursively-even-for-alre.patch b/block-Activate-recursively-even-for-alre.patch new file mode 100644 index 0000000..b7c65d6 --- /dev/null +++ b/block-Activate-recursively-even-for-alre.patch @@ -0,0 +1,102 @@ +From: Kevin Wolf +Date: Tue, 17 Dec 2019 15:06:38 +0100 +Subject: block: Activate recursively even for already active nodes + +Git-commit: 7bb4941ace471fc7dd6ded4749b95b9622baa6ed + +bdrv_invalidate_cache_all() assumes that all nodes in a given subtree +are either active or inactive when it starts. Therefore, as soon as it +arrives at an already active node, it stops. + +However, this assumption is wrong. For example, it's possible to take a +snapshot of an inactive node, which results in an active overlay over an +inactive backing file. The active overlay is probably also the root node +of an inactive BlockBackend (blk->disable_perm == true). + +In this case, bdrv_invalidate_cache_all() does not need to do anything +to activate the overlay node, but it still needs to recurse into the +children and the parents to make sure that after returning success, +really everything is activated. + +Cc: qemu-stable@nongnu.org +Signed-off-by: Kevin Wolf +Reviewed-by: Max Reitz +Signed-off-by: Bruce Rogers +--- + block.c | 50 ++++++++++++++++++++++++-------------------------- + 1 file changed, 24 insertions(+), 26 deletions(-) + +diff --git a/block.c b/block.c +index 473eb6eeaabacbaea4e74869e93e..2e5e8b639a88d430e52ef40973c7 100644 +--- a/block.c ++++ b/block.c +@@ -5335,10 +5335,6 @@ static void coroutine_fn bdrv_co_invalidate_cache(BlockDriverState *bs, + return; + } + +- if (!(bs->open_flags & BDRV_O_INACTIVE)) { +- return; +- } +- + QLIST_FOREACH(child, &bs->children, next) { + bdrv_co_invalidate_cache(child->bs, &local_err); + if (local_err) { +@@ -5360,34 +5356,36 @@ static void coroutine_fn bdrv_co_invalidate_cache(BlockDriverState *bs, + * just keep the extended permissions for the next time that an activation + * of the image is tried. + */ +- bs->open_flags &= ~BDRV_O_INACTIVE; +- bdrv_get_cumulative_perm(bs, &perm, &shared_perm); +- ret = bdrv_check_perm(bs, NULL, perm, shared_perm, NULL, NULL, &local_err); +- if (ret < 0) { +- bs->open_flags |= BDRV_O_INACTIVE; +- error_propagate(errp, local_err); +- return; +- } +- bdrv_set_perm(bs, perm, shared_perm); +- +- if (bs->drv->bdrv_co_invalidate_cache) { +- bs->drv->bdrv_co_invalidate_cache(bs, &local_err); +- if (local_err) { ++ if (bs->open_flags & BDRV_O_INACTIVE) { ++ bs->open_flags &= ~BDRV_O_INACTIVE; ++ bdrv_get_cumulative_perm(bs, &perm, &shared_perm); ++ ret = bdrv_check_perm(bs, NULL, perm, shared_perm, NULL, NULL, &local_err); ++ if (ret < 0) { + bs->open_flags |= BDRV_O_INACTIVE; + error_propagate(errp, local_err); + return; + } +- } ++ bdrv_set_perm(bs, perm, shared_perm); + +- FOR_EACH_DIRTY_BITMAP(bs, bm) { +- bdrv_dirty_bitmap_skip_store(bm, false); +- } ++ if (bs->drv->bdrv_co_invalidate_cache) { ++ bs->drv->bdrv_co_invalidate_cache(bs, &local_err); ++ if (local_err) { ++ bs->open_flags |= BDRV_O_INACTIVE; ++ error_propagate(errp, local_err); ++ return; ++ } ++ } + +- ret = refresh_total_sectors(bs, bs->total_sectors); +- if (ret < 0) { +- bs->open_flags |= BDRV_O_INACTIVE; +- error_setg_errno(errp, -ret, "Could not refresh total sector count"); +- return; ++ FOR_EACH_DIRTY_BITMAP(bs, bm) { ++ bdrv_dirty_bitmap_skip_store(bm, false); ++ } ++ ++ ret = refresh_total_sectors(bs, bs->total_sectors); ++ if (ret < 0) { ++ bs->open_flags |= BDRV_O_INACTIVE; ++ error_setg_errno(errp, -ret, "Could not refresh total sector count"); ++ return; ++ } + } + + QLIST_FOREACH(parent, &bs->parents, next_parent) { diff --git a/bundles.tar.xz b/bundles.tar.xz index cfba332..7b2dc16 100644 --- a/bundles.tar.xz +++ b/bundles.tar.xz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:d7a9c78df502f34c7e09f81581ee0d59a896b8282135778d22af1cd27807553f -size 49832 +oid sha256:b046fbeb4e300b898b61779b1b05f1c292e4f0ecedc1826298aa68f5f1440fd6 +size 64960 diff --git a/display-bochs-display-fix-memory-leak.patch b/display-bochs-display-fix-memory-leak.patch new file mode 100644 index 0000000..51ace31 --- /dev/null +++ b/display-bochs-display-fix-memory-leak.patch @@ -0,0 +1,34 @@ +From: Cameron Esfahani +Date: Tue, 10 Dec 2019 13:27:54 -0800 +Subject: display/bochs-display: fix memory leak +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Git-commit 0d82411d0e38a0de7829f97d04406765c8d2210d + +Fix memory leak in bochs_display_update(). Leaks 304 bytes per frame. + +Fixes: 33ebad54056 +Signed-off-by: Cameron Esfahani +Message-Id: +Reviewed-by: Philippe Mathieu-Daudé +Signed-off-by: Gerd Hoffmann +Signed-off-by: Bruce Rogers +--- + hw/display/bochs-display.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/hw/display/bochs-display.c b/hw/display/bochs-display.c +index dc1bd1641d3428247204993da0c3..215db9a231d3564289a3e7971098 100644 +--- a/hw/display/bochs-display.c ++++ b/hw/display/bochs-display.c +@@ -252,6 +252,8 @@ static void bochs_display_update(void *opaque) + dpy_gfx_update(s->con, 0, ys, + mode.width, y - ys); + } ++ ++ g_free(snap); + } + } + diff --git a/hmat-acpi-Build-Memory-Proximity-Domain-.patch b/hmat-acpi-Build-Memory-Proximity-Domain-.patch index 53aee81..3da5bf5 100644 --- a/hmat-acpi-Build-Memory-Proximity-Domain-.patch +++ b/hmat-acpi-Build-Memory-Proximity-Domain-.patch @@ -3,7 +3,7 @@ Date: Fri, 13 Dec 2019 09:19:25 +0800 Subject: hmat acpi: Build Memory Proximity Domain Attributes Structure(s) Git commit: e6f123c3b81241be33f1b763d0ff8b36d1ae9c1e -References: JIRA-SLE-10228 +References: jsc#SLE-8897 HMAT is defined in ACPI 6.3: 5.2.27 Heterogeneous Memory Attribute Table (HMAT). The specification references below link: diff --git a/hmat-acpi-Build-Memory-Side-Cache-Inform.patch b/hmat-acpi-Build-Memory-Side-Cache-Inform.patch index f675b1b..91173ec 100644 --- a/hmat-acpi-Build-Memory-Side-Cache-Inform.patch +++ b/hmat-acpi-Build-Memory-Side-Cache-Inform.patch @@ -3,7 +3,7 @@ Date: Fri, 13 Dec 2019 09:19:27 +0800 Subject: hmat acpi: Build Memory Side Cache Information Structure(s) Git commit: a9c2b841af002db6e21e1297c9026b63fc22c875 -References: JIRA-SLE-10228 +References: jsc#SLE-8897 This structure describes memory side cache information for memory proximity domains if the memory side cache is present and the diff --git a/hmat-acpi-Build-System-Locality-Latency-.patch b/hmat-acpi-Build-System-Locality-Latency-.patch index a6e4dae..0eabef4 100644 --- a/hmat-acpi-Build-System-Locality-Latency-.patch +++ b/hmat-acpi-Build-System-Locality-Latency-.patch @@ -4,7 +4,7 @@ Subject: hmat acpi: Build System Locality Latency and Bandwidth Information Structure(s) Git commit: 4586a2cb833f80b19c80ebe364a005ac2fa0974a -References: JIRA-SLE-10228 +References: jsc#SLE-8897 This structure describes the memory access latency and bandwidth information from various memory access initiator proximity domains. diff --git a/hw-arm-smmuv3-Align-stream-table-base-ad.patch b/hw-arm-smmuv3-Align-stream-table-base-ad.patch new file mode 100644 index 0000000..8103520 --- /dev/null +++ b/hw-arm-smmuv3-Align-stream-table-base-ad.patch @@ -0,0 +1,75 @@ +From: Simon Veith +Date: Fri, 20 Dec 2019 14:03:00 +0000 +Subject: hw/arm/smmuv3: Align stream table base address to table size + +Git-commit: 41678c33aac61261522b74f08595ccf2221a430a + +Per the specification, and as observed in hardware, the SMMUv3 aligns +the SMMU_STRTAB_BASE address to the size of the table by masking out the +respective least significant bits in the ADDR field. + +Apply this masking logic to our smmu_find_ste() lookup function per the +specification. + +ref. ARM IHI 0070C, section 6.3.23. + +Signed-off-by: Simon Veith +Acked-by: Eric Auger +Tested-by: Eric Auger +Message-id: 1576509312-13083-5-git-send-email-sveith@amazon.de +Cc: Eric Auger +Cc: qemu-devel@nongnu.org +Cc: qemu-arm@nongnu.org +Reviewed-by: Peter Maydell +Signed-off-by: Peter Maydell +Signed-off-by: Bruce Rogers +--- + hw/arm/smmuv3.c | 18 ++++++++++++++---- + 1 file changed, 14 insertions(+), 4 deletions(-) + +diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c +index 727558bcfa5e782b8a9225adb302..31ac3ca32ebe3c1073350843c8ab 100644 +--- a/hw/arm/smmuv3.c ++++ b/hw/arm/smmuv3.c +@@ -376,8 +376,9 @@ bad_ste: + static int smmu_find_ste(SMMUv3State *s, uint32_t sid, STE *ste, + SMMUEventInfo *event) + { +- dma_addr_t addr; ++ dma_addr_t addr, strtab_base; + uint32_t log2size; ++ int strtab_size_shift; + int ret; + + trace_smmuv3_find_ste(sid, s->features, s->sid_split); +@@ -391,10 +392,16 @@ static int smmu_find_ste(SMMUv3State *s, uint32_t sid, STE *ste, + } + if (s->features & SMMU_FEATURE_2LVL_STE) { + int l1_ste_offset, l2_ste_offset, max_l2_ste, span; +- dma_addr_t strtab_base, l1ptr, l2ptr; ++ dma_addr_t l1ptr, l2ptr; + STEDesc l1std; + +- strtab_base = s->strtab_base & SMMU_BASE_ADDR_MASK; ++ /* ++ * Align strtab base address to table size. For this purpose, assume it ++ * is not bounded by SMMU_IDR1_SIDSIZE. ++ */ ++ strtab_size_shift = MAX(5, (int)log2size - s->sid_split - 1 + 3); ++ strtab_base = s->strtab_base & SMMU_BASE_ADDR_MASK & ++ ~MAKE_64BIT_MASK(0, strtab_size_shift); + l1_ste_offset = sid >> s->sid_split; + l2_ste_offset = sid & ((1 << s->sid_split) - 1); + l1ptr = (dma_addr_t)(strtab_base + l1_ste_offset * sizeof(l1std)); +@@ -433,7 +440,10 @@ static int smmu_find_ste(SMMUv3State *s, uint32_t sid, STE *ste, + } + addr = l2ptr + l2_ste_offset * sizeof(*ste); + } else { +- addr = (s->strtab_base & SMMU_BASE_ADDR_MASK) + sid * sizeof(*ste); ++ strtab_size_shift = log2size + 5; ++ strtab_base = s->strtab_base & SMMU_BASE_ADDR_MASK & ++ ~MAKE_64BIT_MASK(0, strtab_size_shift); ++ addr = strtab_base + sid * sizeof(*ste); + } + + if (smmu_get_ste(s, addr, ste, event)) { diff --git a/hw-arm-smmuv3-Apply-address-mask-to-line.patch b/hw-arm-smmuv3-Apply-address-mask-to-line.patch new file mode 100644 index 0000000..2742280 --- /dev/null +++ b/hw-arm-smmuv3-Apply-address-mask-to-line.patch @@ -0,0 +1,50 @@ +From: Simon Veith +Date: Fri, 20 Dec 2019 14:03:00 +0000 +Subject: hw/arm/smmuv3: Apply address mask to linear strtab base address + +Git-commit: 3d44c60500785f18bb469c9de0aeba7415c0f28f + +In the SMMU_STRTAB_BASE register, the stream table base address only +occupies bits [51:6]. Other bits, such as RA (bit [62]), must be masked +out to obtain the base address. + +The branch for 2-level stream tables correctly applies this mask by way +of SMMU_BASE_ADDR_MASK, but the one for linear stream tables does not. + +Apply the missing mask in that case as well so that the correct stream +base address is used by guests which configure a linear stream table. + +Linux guests are unaffected by this change because they choose a 2-level +stream table layout for the QEMU SMMUv3, based on the size of its stream +ID space. + +ref. ARM IHI 0070C, section 6.3.23. + +Signed-off-by: Simon Veith +Acked-by: Eric Auger +Tested-by: Eric Auger +Message-id: 1576509312-13083-2-git-send-email-sveith@amazon.de +Cc: Eric Auger +Cc: qemu-devel@nongnu.org +Cc: qemu-arm@nongnu.org +Acked-by: Eric Auger +Reviewed-by: Peter Maydell +Signed-off-by: Peter Maydell +Signed-off-by: Bruce Rogers +--- + hw/arm/smmuv3.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c +index e2fbb8357ea521cd4ca6185b3c7a..eef9a18d70f891af08ef7b03235c 100644 +--- a/hw/arm/smmuv3.c ++++ b/hw/arm/smmuv3.c +@@ -429,7 +429,7 @@ static int smmu_find_ste(SMMUv3State *s, uint32_t sid, STE *ste, + } + addr = l2ptr + l2_ste_offset * sizeof(*ste); + } else { +- addr = s->strtab_base + sid * sizeof(*ste); ++ addr = (s->strtab_base & SMMU_BASE_ADDR_MASK) + sid * sizeof(*ste); + } + + if (smmu_get_ste(s, addr, ste, event)) { diff --git a/hw-arm-smmuv3-Check-stream-IDs-against-a.patch b/hw-arm-smmuv3-Check-stream-IDs-against-a.patch new file mode 100644 index 0000000..f78c79c --- /dev/null +++ b/hw-arm-smmuv3-Check-stream-IDs-against-a.patch @@ -0,0 +1,55 @@ +From: Simon Veith +Date: Fri, 20 Dec 2019 14:03:00 +0000 +Subject: hw/arm/smmuv3: Check stream IDs against actual table LOG2SIZE + +Git-commit: 05ff2fb80ce4ca85d8a39d48ff8156de739b4f51 + +When checking whether a stream ID is in range of the stream table, we +have so far been only checking it against our implementation limit +(SMMU_IDR1_SIDSIZE). However, the guest can program the +STRTAB_BASE_CFG.LOG2SIZE field to a size that is smaller than this +limit. + +Check the stream ID against this limit as well to match the hardware +behavior of raising C_BAD_STREAMID events in case the limit is exceeded. +Also, ensure that we do not go one entry beyond the end of the table by +checking that its index is strictly smaller than the table size. + +ref. ARM IHI 0070C, section 6.3.24. + +Signed-off-by: Simon Veith +Acked-by: Eric Auger +Tested-by: Eric Auger +Message-id: 1576509312-13083-4-git-send-email-sveith@amazon.de +Cc: Eric Auger +Cc: qemu-devel@nongnu.org +Cc: qemu-arm@nongnu.org +Reviewed-by: Peter Maydell +Signed-off-by: Peter Maydell +Signed-off-by: Bruce Rogers +--- + hw/arm/smmuv3.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c +index eef9a18d70f891af08ef7b03235c..727558bcfa5e782b8a9225adb302 100644 +--- a/hw/arm/smmuv3.c ++++ b/hw/arm/smmuv3.c +@@ -377,11 +377,15 @@ static int smmu_find_ste(SMMUv3State *s, uint32_t sid, STE *ste, + SMMUEventInfo *event) + { + dma_addr_t addr; ++ uint32_t log2size; + int ret; + + trace_smmuv3_find_ste(sid, s->features, s->sid_split); +- /* Check SID range */ +- if (sid > (1 << SMMU_IDR1_SIDSIZE)) { ++ log2size = FIELD_EX32(s->strtab_base_cfg, STRTAB_BASE_CFG, LOG2SIZE); ++ /* ++ * Check SID range against both guest-configured and implementation limits ++ */ ++ if (sid >= (1 << MIN(log2size, SMMU_IDR1_SIDSIZE))) { + event->type = SMMU_EVT_C_BAD_STREAMID; + return -EINVAL; + } diff --git a/hw-arm-smmuv3-Correct-SMMU_BASE_ADDR_MAS.patch b/hw-arm-smmuv3-Correct-SMMU_BASE_ADDR_MAS.patch new file mode 100644 index 0000000..cac8e9c --- /dev/null +++ b/hw-arm-smmuv3-Correct-SMMU_BASE_ADDR_MAS.patch @@ -0,0 +1,44 @@ +From: Simon Veith +Date: Fri, 20 Dec 2019 14:03:00 +0000 +Subject: hw/arm/smmuv3: Correct SMMU_BASE_ADDR_MASK value + +Git-commit: 3293b9f514a413e019b7dbc9d543458075b4849e + +There are two issues with the current value of SMMU_BASE_ADDR_MASK: + +- At the lower end, we are clearing bits [4:0]. Per the SMMUv3 spec, + we should also be treating bit 5 as zero in the base address. +- At the upper end, we are clearing bits [63:48]. Per the SMMUv3 spec, + only bits [63:52] must be explicitly treated as zero. + +Update the SMMU_BASE_ADDR_MASK value to mask out bits [63:52] and [5:0]. + +ref. ARM IHI 0070C, section 6.3.23. + +Signed-off-by: Simon Veith +Acked-by: Eric Auger +Tested-by: Eric Auger +Message-id: 1576509312-13083-3-git-send-email-sveith@amazon.de +Cc: Eric Auger +Cc: qemu-devel@nongnu.org +Cc: qemu-arm@nongnu.org +Reviewed-by: Peter Maydell +Signed-off-by: Peter Maydell +Signed-off-by: Bruce Rogers +--- + hw/arm/smmuv3-internal.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/arm/smmuv3-internal.h b/hw/arm/smmuv3-internal.h +index d190181ef1bf3d116ecc48abc1bc..042b4358084b6b87e8b9e42d5622 100644 +--- a/hw/arm/smmuv3-internal.h ++++ b/hw/arm/smmuv3-internal.h +@@ -99,7 +99,7 @@ REG32(GERROR_IRQ_CFG2, 0x74) + + #define A_STRTAB_BASE 0x80 /* 64b */ + +-#define SMMU_BASE_ADDR_MASK 0xffffffffffe0 ++#define SMMU_BASE_ADDR_MASK 0xfffffffffffc0 + + REG32(STRTAB_BASE_CFG, 0x88) + FIELD(STRTAB_BASE_CFG, FMT, 16, 2) diff --git a/hw-arm-smmuv3-Report-F_STE_FETCH-fault-a.patch b/hw-arm-smmuv3-Report-F_STE_FETCH-fault-a.patch new file mode 100644 index 0000000..84a7b8c --- /dev/null +++ b/hw-arm-smmuv3-Report-F_STE_FETCH-fault-a.patch @@ -0,0 +1,47 @@ +From: Simon Veith +Date: Fri, 20 Dec 2019 14:03:00 +0000 +Subject: hw/arm/smmuv3: Report F_STE_FETCH fault address in correct word + position + +Git-commit: b255cafb59578d16716186ed955717bc8f87bdb7 + +The smmuv3_record_event() function that generates the F_STE_FETCH error +uses the EVT_SET_ADDR macro to record the fetch address, placing it in +32-bit words 4 and 5. + +The correct position for this address is in words 6 and 7, per the +SMMUv3 Architecture Specification. + +Update the function to use the EVT_SET_ADDR2 macro instead, which is the +macro intended for writing to these words. + +ref. ARM IHI 0070C, section 7.3.4. + +Signed-off-by: Simon Veith +Acked-by: Eric Auger +Tested-by: Eric Auger +Message-id: 1576509312-13083-7-git-send-email-sveith@amazon.de +Cc: Eric Auger +Cc: qemu-devel@nongnu.org +Cc: qemu-arm@nongnu.org +Acked-by: Eric Auger +Reviewed-by: Peter Maydell +Signed-off-by: Peter Maydell +Signed-off-by: Bruce Rogers +--- + hw/arm/smmuv3.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c +index 31ac3ca32ebe3c1073350843c8ab..8b5f157dc702322b5424ab585b8a 100644 +--- a/hw/arm/smmuv3.c ++++ b/hw/arm/smmuv3.c +@@ -172,7 +172,7 @@ void smmuv3_record_event(SMMUv3State *s, SMMUEventInfo *info) + case SMMU_EVT_F_STE_FETCH: + EVT_SET_SSID(&evt, info->u.f_ste_fetch.ssid); + EVT_SET_SSV(&evt, info->u.f_ste_fetch.ssv); +- EVT_SET_ADDR(&evt, info->u.f_ste_fetch.addr); ++ EVT_SET_ADDR2(&evt, info->u.f_ste_fetch.addr); + break; + case SMMU_EVT_C_BAD_STE: + EVT_SET_SSID(&evt, info->u.c_bad_ste.ssid); diff --git a/hw-arm-smmuv3-Use-correct-bit-positions-.patch b/hw-arm-smmuv3-Use-correct-bit-positions-.patch new file mode 100644 index 0000000..12149d4 --- /dev/null +++ b/hw-arm-smmuv3-Use-correct-bit-positions-.patch @@ -0,0 +1,49 @@ +From: Simon Veith +Date: Fri, 20 Dec 2019 14:03:00 +0000 +Subject: hw/arm/smmuv3: Use correct bit positions in EVT_SET_ADDR2 macro + +Git-commit: a7f65ceb851af5a5b639c6e30801076d848db2c2 + +The bit offsets in the EVT_SET_ADDR2 macro do not match those specified +in the ARM SMMUv3 Architecture Specification. In all events that use +this macro, e.g. F_WALK_EABT, the faulting fetch address or IPA actually +occupies the 32-bit words 6 and 7 in the event record contiguously, with +the upper and lower unused bits clear due to alignment or maximum +supported address bits. How many bits are clear depends on the +individual event type. + +Update the macro to write to the correct words in the event record so +that guest drivers can obtain accurate address information on events. + +ref. ARM IHI 0070C, sections 7.3.12 through 7.3.16. + +Signed-off-by: Simon Veith +Acked-by: Eric Auger +Tested-by: Eric Auger +Message-id: 1576509312-13083-6-git-send-email-sveith@amazon.de +Cc: Eric Auger +Cc: qemu-devel@nongnu.org +Cc: qemu-arm@nongnu.org +Acked-by: Eric Auger +Reviewed-by: Peter Maydell +Signed-off-by: Peter Maydell +Signed-off-by: Bruce Rogers +--- + hw/arm/smmuv3-internal.h | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/hw/arm/smmuv3-internal.h b/hw/arm/smmuv3-internal.h +index 042b4358084b6b87e8b9e42d5622..4112394129e0069018a5967cb685 100644 +--- a/hw/arm/smmuv3-internal.h ++++ b/hw/arm/smmuv3-internal.h +@@ -461,8 +461,8 @@ typedef struct SMMUEventInfo { + } while (0) + #define EVT_SET_ADDR2(x, addr) \ + do { \ +- (x)->word[7] = deposit32((x)->word[7], 3, 29, addr >> 16); \ +- (x)->word[7] = deposit32((x)->word[7], 0, 16, addr & 0xffff);\ ++ (x)->word[7] = (uint32_t)(addr >> 32); \ ++ (x)->word[6] = (uint32_t)(addr & 0xffffffff); \ + } while (0) + + void smmuv3_record_event(SMMUv3State *s, SMMUEventInfo *event); diff --git a/i386-Add-MSR-feature-bit-for-MDS-NO.patch b/i386-Add-MSR-feature-bit-for-MDS-NO.patch index 40ea42e..028fd7d 100644 --- a/i386-Add-MSR-feature-bit-for-MDS-NO.patch +++ b/i386-Add-MSR-feature-bit-for-MDS-NO.patch @@ -3,7 +3,7 @@ Date: Tue, 22 Oct 2019 15:35:26 +0800 Subject: i386: Add MSR feature bit for MDS-NO Git commit: 77b168d221191156c47fcd8d1c47329dfdb9439e -References: JIRA-SLE-10195 +References: jsc#SLE-7923 Define MSR_ARCH_CAP_MDS_NO in the IA32_ARCH_CAPABILITIES MSR to allow CPU models to report the feature when host supports it. diff --git a/i386-Add-macro-for-stibp.patch b/i386-Add-macro-for-stibp.patch index 7930b1b..2a45dd3 100644 --- a/i386-Add-macro-for-stibp.patch +++ b/i386-Add-macro-for-stibp.patch @@ -3,7 +3,7 @@ Date: Tue, 22 Oct 2019 15:35:27 +0800 Subject: i386: Add macro for stibp Git commit: 5af514d0cb314f43bc53f2aefb437f6451d64d0c -References: JIRA-SLE-10195 +References: jsc#SLE-7923 stibp feature is already added through the following commit. https://github.com/qemu/qemu/commit/0e8916582991b9fd0b94850a8444b8b80d0a0955 diff --git a/i386-Add-new-CPU-model-Cooperlake.patch b/i386-Add-new-CPU-model-Cooperlake.patch index a24e8ce..23c03db 100644 --- a/i386-Add-new-CPU-model-Cooperlake.patch +++ b/i386-Add-new-CPU-model-Cooperlake.patch @@ -3,7 +3,7 @@ Date: Tue, 22 Oct 2019 15:35:28 +0800 Subject: i386: Add new CPU model Cooperlake Git commit: 22a866b6166db5caa4abaa6e656c2a431fa60726 -References: JIRA-SLE-10195 +References: jsc#SLE-7923 Cooper Lake is intel's successor to Cascade Lake, the new CPU model inherits features from Cascadelake-Server, while diff --git a/i386-Resolve-CPU-models-to-v1-by-default.patch b/i386-Resolve-CPU-models-to-v1-by-default.patch new file mode 100644 index 0000000..eca9a2d --- /dev/null +++ b/i386-Resolve-CPU-models-to-v1-by-default.patch @@ -0,0 +1,83 @@ +From: Eduardo Habkost +Date: Thu, 5 Dec 2019 19:33:39 -0300 +Subject: i386: Resolve CPU models to v1 by default + +Git-commit: ad18392892c04637fb56956d997f4bc600224356 + +When using `query-cpu-definitions` using `-machine none`, +QEMU is resolving all CPU models to their latest versions. The +actual CPU model version being used by another machine type (e.g. +`pc-q35-4.0`) might be different. + +In theory, this was OK because the correct CPU model +version is returned when using the correct `-machine` argument. + +Except that in practice, this breaks libvirt expectations: +libvirt always use `-machine none` when checking if a CPU model +is runnable, because runnability is not expected to be affected +when the machine type is changed. + +For example, when running on a Haswell host without TSX, +Haswell-v4 is runnable, but Haswell-v1 is not. On those hosts, +`query-cpu-definitions` says Haswell is runnable if using +`-machine none`, but Haswell is actually not runnable using any +of the `pc-*` machine types (because they resolve Haswell to +Haswell-v1). In other words, we're breaking the "runnability +guarantee" we promised to not break for a few releases (see +qemu-deprecated.texi). + +To address this issue, change the default CPU model version to v1 +on all machine types, so we make `query-cpu-definitions` output +when using `-machine none` match the results when using `pc-*`. +This will change in the future (the plan is to always return the +latest CPU model version if using `-machine none`), but only +after giving libvirt the opportunity to adapt. + +Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1779078 +Signed-off-by: Eduardo Habkost +Message-Id: <20191205223339.764534-1-ehabkost@redhat.com> +Signed-off-by: Eduardo Habkost +Signed-off-by: Bruce Rogers +--- + qemu-deprecated.texi | 8 ++++++++ + target/i386/cpu.c | 8 +++++++- + 2 files changed, 15 insertions(+), 1 deletion(-) + +diff --git a/qemu-deprecated.texi b/qemu-deprecated.texi +index 4b4b7425ac1e8f71ad6a2becafb1..b42d8b3c5fbd7e74acc826678a90 100644 +--- a/qemu-deprecated.texi ++++ b/qemu-deprecated.texi +@@ -374,6 +374,14 @@ guarantees must resolve the CPU model aliases using te + ``alias-of'' field returned by the ``query-cpu-definitions'' QMP + command. + ++While those guarantees are kept, the return value of ++``query-cpu-definitions'' will have existing CPU model aliases ++point to a version that doesn't break runnability guarantees ++(specifically, version 1 of those CPU models). In future QEMU ++versions, aliases will point to newer CPU model versions ++depending on the machine type, so management software must ++resolve CPU model aliases before starting a virtual machine. ++ + + @node Recently removed features + @appendix Recently removed features +diff --git a/target/i386/cpu.c b/target/i386/cpu.c +index de828e29d8d6a35c1f03bc4a456a..8a1993ac64bd763b7bb70c98b8b8 100644 +--- a/target/i386/cpu.c ++++ b/target/i386/cpu.c +@@ -3984,7 +3984,13 @@ static PropValue tcg_default_props[] = { + }; + + +-X86CPUVersion default_cpu_version = CPU_VERSION_LATEST; ++/* ++ * We resolve CPU model aliases using -v1 when using "-machine ++ * none", but this is just for compatibility while libvirt isn't ++ * adapted to resolve CPU model versions before creating VMs. ++ * See "Runnability guarantee of CPU models" at * qemu-deprecated.texi. ++ */ ++X86CPUVersion default_cpu_version = 1; + + void x86_cpu_set_default_version(X86CPUVersion version) + { diff --git a/intel_iommu-a-fix-to-vtd_find_as_from_bu.patch b/intel_iommu-a-fix-to-vtd_find_as_from_bu.patch new file mode 100644 index 0000000..3357576 --- /dev/null +++ b/intel_iommu-a-fix-to-vtd_find_as_from_bu.patch @@ -0,0 +1,38 @@ +From: Liu Yi L +Date: Fri, 3 Jan 2020 21:28:05 +0800 +Subject: intel_iommu: a fix to vtd_find_as_from_bus_num() + +Git-commit: a2e1cd41ccfe796529abfd1b6aeb1dd4393762a2 + +Ensure the return value of vtd_find_as_from_bus_num() is NULL by +enforcing vtd_bus=NULL. This would help caller of vtd_find_as_from_bus_num() +to decide if any further operation on the returned vtd_bus. + +Cc: qemu-stable@nongnu.org +Cc: Kevin Tian +Cc: Jacob Pan +Cc: Peter Xu +Cc: Yi Sun +Signed-off-by: Liu Yi L +Signed-off-by: Yi Sun +Message-Id: <1578058086-4288-2-git-send-email-yi.l.liu@intel.com> +Reviewed-by: Peter Xu +Reviewed-by: Michael S. Tsirkin +Signed-off-by: Michael S. Tsirkin +Signed-off-by: Bruce Rogers +--- + hw/i386/intel_iommu.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c +index 43c94b993b4ab591067676ed022a..00ebae4863cf7e49368779bd1fc4 100644 +--- a/hw/i386/intel_iommu.c ++++ b/hw/i386/intel_iommu.c +@@ -948,6 +948,7 @@ static VTDBus *vtd_find_as_from_bus_num(IntelIOMMUState *s, uint8_t bus_num) + return vtd_bus; + } + } ++ vtd_bus = NULL; + } + return vtd_bus; + } diff --git a/iotests-Fix-IMGOPTSSYNTAX-for-nbd.patch b/iotests-Fix-IMGOPTSSYNTAX-for-nbd.patch new file mode 100644 index 0000000..9615f9c --- /dev/null +++ b/iotests-Fix-IMGOPTSSYNTAX-for-nbd.patch @@ -0,0 +1,34 @@ +From: Max Reitz +Date: Wed, 18 Dec 2019 11:48:55 +0100 +Subject: iotests: Fix IMGOPTSSYNTAX for nbd +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Git-commit: eb4ea9aaa0051054b3c148ad8631be7510851681 + +There is no $SOCKDIR, only $SOCK_DIR. + +Fixes: f3923a72f199b2c63747a7032db74730546f55c6 +Signed-off-by: Max Reitz +Reviewed-by: Philippe Mathieu-Daudé +Signed-off-by: Kevin Wolf +Signed-off-by: Bruce Rogers +--- + tests/qemu-iotests/common.rc | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/tests/qemu-iotests/common.rc b/tests/qemu-iotests/common.rc +index 6f0582c79af429c14f197b301f5c..555c45391157d58534f0702094bc 100644 +--- a/tests/qemu-iotests/common.rc ++++ b/tests/qemu-iotests/common.rc +@@ -217,7 +217,8 @@ if [ "$IMGOPTSSYNTAX" = "true" ]; then + TEST_IMG="$DRIVER,file.filename=$TEST_DIR/t.$IMGFMT" + elif [ "$IMGPROTO" = "nbd" ]; then + TEST_IMG_FILE=$TEST_DIR/t.$IMGFMT +- TEST_IMG="$DRIVER,file.driver=nbd,file.type=unix,file.path=$SOCKDIR/nbd" ++ TEST_IMG="$DRIVER,file.driver=nbd,file.type=unix" ++ TEST_IMG="$TEST_IMG,file.path=$SOCK_DIR/nbd" + elif [ "$IMGPROTO" = "ssh" ]; then + TEST_IMG_FILE=$TEST_DIR/t.$IMGFMT + TEST_IMG="$DRIVER,file.driver=ssh,file.host=127.0.0.1,file.path=$TEST_IMG_FILE" diff --git a/iotests-Provide-a-function-for-checking-.patch b/iotests-Provide-a-function-for-checking-.patch new file mode 100644 index 0000000..b5a3525 --- /dev/null +++ b/iotests-Provide-a-function-for-checking-.patch @@ -0,0 +1,82 @@ +From: Thomas Huth +Date: Wed, 4 Dec 2019 16:46:12 +0100 +Subject: iotests: Provide a function for checking the creation of huge files +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Git-commit: 30729ae93b7e123e472a2d42792134ae39bf9df0 + +Some tests create huge (but sparse) files, and to be able to run those +tests in certain limited environments (like CI containers), we have to +check for the possibility to create such files first. Thus let's introduce +a common function to check for large files, and replace the already +existing checks in the iotests 005 and 220 with this function. + +Reviewed-by: Alex Bennée +Signed-off-by: Thomas Huth +Reviewed-by: Cleber Rosa +Tested-by: Cleber Rosa +Reviewed-by: Philippe Mathieu-Daudé +Message-Id: <20191204154618.23560-2-thuth@redhat.com> +Signed-off-by: Alex Bennée +Signed-off-by: Bruce Rogers +--- + tests/qemu-iotests/005 | 5 +---- + tests/qemu-iotests/220 | 6 ++---- + tests/qemu-iotests/common.rc | 10 ++++++++++ + 3 files changed, 13 insertions(+), 8 deletions(-) + +diff --git a/tests/qemu-iotests/005 b/tests/qemu-iotests/005 +index 58442762fe366d0f5eb9bf7a1860..b6d03ac37deabcbf6372ffb17113 100755 +--- a/tests/qemu-iotests/005 ++++ b/tests/qemu-iotests/005 +@@ -59,10 +59,7 @@ fi + # Sanity check: For raw, we require a file system that permits the creation + # of a HUGE (but very sparse) file. Check we can create it before continuing. + if [ "$IMGFMT" = "raw" ]; then +- if ! truncate --size=5T "$TEST_IMG"; then +- _notrun "file system on $TEST_DIR does not support large enough files" +- fi +- rm "$TEST_IMG" ++ _require_large_file 5T + fi + + echo +diff --git a/tests/qemu-iotests/220 b/tests/qemu-iotests/220 +index 2d62c5dcac2a258ed82cd4bca775..15159270d33550e4649a25fe772e 100755 +--- a/tests/qemu-iotests/220 ++++ b/tests/qemu-iotests/220 +@@ -42,10 +42,8 @@ echo "== Creating huge file ==" + + # Sanity check: We require a file system that permits the creation + # of a HUGE (but very sparse) file. tmpfs works, ext4 does not. +-if ! truncate --size=513T "$TEST_IMG"; then +- _notrun "file system on $TEST_DIR does not support large enough files" +-fi +-rm "$TEST_IMG" ++_require_large_file 513T ++ + IMGOPTS='cluster_size=2M,refcount_bits=1' _make_test_img 513T + + echo "== Populating refcounts ==" +diff --git a/tests/qemu-iotests/common.rc b/tests/qemu-iotests/common.rc +index 0cc8acc9edd23e1cadf942676882..6f0582c79af429c14f197b301f5c 100644 +--- a/tests/qemu-iotests/common.rc ++++ b/tests/qemu-iotests/common.rc +@@ -643,5 +643,15 @@ _require_drivers() + done + } + ++# Check that we have a file system that allows huge (but very sparse) files ++# ++_require_large_file() ++{ ++ if ! truncate --size="$1" "$TEST_IMG"; then ++ _notrun "file system on $TEST_DIR does not support large enough files" ++ fi ++ rm "$TEST_IMG" ++} ++ + # make sure this script returns success + true diff --git a/iotests-Skip-test-060-if-it-is-not-possi.patch b/iotests-Skip-test-060-if-it-is-not-possi.patch new file mode 100644 index 0000000..eba8285 --- /dev/null +++ b/iotests-Skip-test-060-if-it-is-not-possi.patch @@ -0,0 +1,33 @@ +From: Thomas Huth +Date: Mon, 2 Dec 2019 11:16:30 +0100 +Subject: iotests: Skip test 060 if it is not possible to create large files + +Git-commit: efd0e5a1215bbdfd28168485800f5cfec9735cf8 + +Test 060 fails in the arm64, s390x and ppc64le LXD containers on Travis +(which we will hopefully enable in our CI soon). These containers +apparently do not allow large files to be created. The repair process +in test 060 creates a file of 64 GiB, so test first whether such large +files are possible and skip the test if that's not the case. + +Signed-off-by: Thomas Huth +Signed-off-by: Kevin Wolf +Signed-off-by: Bruce Rogers +--- + tests/qemu-iotests/060 | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/tests/qemu-iotests/060 b/tests/qemu-iotests/060 +index b91d8321bb8d20d1033a3081acf4..d96f17a4846979aa3cb86c8388fa 100755 +--- a/tests/qemu-iotests/060 ++++ b/tests/qemu-iotests/060 +@@ -49,6 +49,9 @@ _supported_fmt qcow2 + _supported_proto file + _supported_os Linux + ++# The repair process will create a large file - so check for availability first ++_require_large_file 64G ++ + rt_offset=65536 # 0x10000 (XXX: just an assumption) + rb_offset=131072 # 0x20000 (XXX: just an assumption) + l1_offset=196608 # 0x30000 (XXX: just an assumption) diff --git a/iotests-Skip-test-079-if-it-is-not-possi.patch b/iotests-Skip-test-079-if-it-is-not-possi.patch new file mode 100644 index 0000000..6c36d23 --- /dev/null +++ b/iotests-Skip-test-079-if-it-is-not-possi.patch @@ -0,0 +1,34 @@ +From: Thomas Huth +Date: Mon, 2 Dec 2019 11:16:31 +0100 +Subject: iotests: Skip test 079 if it is not possible to create large files + +Git-commit: e28582fdb28b2e8b29a351c20b0c8f1af4120688 + +Test 079 fails in the arm64, s390x and ppc64le LXD containers on Travis +(which we will hopefully enable in our CI soon). These containers +apparently do not allow large files to be created. Test 079 tries to +create a 4G sparse file, which is apparently already too big for these +containers, so check first whether we can really create such files before +executing the test. + +Signed-off-by: Thomas Huth +Signed-off-by: Kevin Wolf +Signed-off-by: Bruce Rogers +--- + tests/qemu-iotests/079 | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/tests/qemu-iotests/079 b/tests/qemu-iotests/079 +index 81f0c21f530287b2c833eefd735d..78536d3bbfa01fc0575d31d1f680 100755 +--- a/tests/qemu-iotests/079 ++++ b/tests/qemu-iotests/079 +@@ -39,6 +39,9 @@ trap "_cleanup; exit \$status" 0 1 2 3 15 + _supported_fmt qcow2 + _supported_proto file nfs + ++# Some containers (e.g. non-x86 on Travis) do not allow large files ++_require_large_file 4G ++ + echo "=== Check option preallocation and cluster_size ===" + echo + cluster_sizes="16384 32768 65536 131072 262144 524288 1048576 2097152 4194304" diff --git a/numa-Extend-CLI-to-provide-initiator-inf.patch b/numa-Extend-CLI-to-provide-initiator-inf.patch index 0546e35..d78b8f6 100644 --- a/numa-Extend-CLI-to-provide-initiator-inf.patch +++ b/numa-Extend-CLI-to-provide-initiator-inf.patch @@ -3,7 +3,7 @@ Date: Fri, 13 Dec 2019 09:19:22 +0800 Subject: numa: Extend CLI to provide initiator information for numa nodes Git commit: 244b3f4485a07c7ce4b7123d6ce9d8c6012756e8 -References: JIRA-SLE-10228 +References: jsc#SLE-8897 In ACPI 6.3 chapter 5.2.27 Heterogeneous Memory Attribute Table (HMAT), The initiator represents processor which access to memory. And in 5.2.27.3 @@ -36,7 +36,7 @@ Signed-off-by: Bruce Rogers 5 files changed, 131 insertions(+), 6 deletions(-) diff --git a/hw/core/machine.c b/hw/core/machine.c -index 1689ad3bf8afd18f0e774ed41a8d..d7d2cfa66d58babbc723e19c9172 100644 +index aa63231f3160aaf32874e59ba452..a15c5a8673ade765965b4e2c8237 100644 --- a/hw/core/machine.c +++ b/hw/core/machine.c @@ -518,6 +518,20 @@ static void machine_set_nvdimm(Object *obj, bool value, Error **errp) @@ -88,7 +88,7 @@ index 1689ad3bf8afd18f0e774ed41a8d..d7d2cfa66d58babbc723e19c9172 100644 if (!match) { @@ -960,6 +986,13 @@ static void machine_initfn(Object *obj) - if (mc->numa_mem_supported) { + if (mc->cpu_index_to_instance_props && mc->get_default_cpu_node_id) { ms->numa_state = g_new0(NumaState, 1); + object_property_add_bool(obj, "hmat", + machine_get_hmat, machine_set_hmat, @@ -231,7 +231,7 @@ index ca26779f1a3623e86befc00ee8d8..27d0e375342a502c7676d23837a7 100644 ## # @NumaDistOptions: diff --git a/qemu-options.hx b/qemu-options.hx -index 65c9473b7325545c00befcbac651..63f6b33322f10cf33ab900eb292c 100644 +index e14d88e9b2f3a3c13a4c20db0b36..9b1618cd34d9fe1d8374d6abb954 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -43,7 +43,8 @@ DEF("machine", HAS_ARG, QEMU_OPTION_machine, \ diff --git a/numa-Extend-CLI-to-provide-memory-latenc.patch b/numa-Extend-CLI-to-provide-memory-latenc.patch index fc50a16..72fd79a 100644 --- a/numa-Extend-CLI-to-provide-memory-latenc.patch +++ b/numa-Extend-CLI-to-provide-memory-latenc.patch @@ -3,7 +3,7 @@ Date: Fri, 13 Dec 2019 09:19:23 +0800 Subject: numa: Extend CLI to provide memory latency and bandwidth information Git commit: 9b12dfa03a94d7f7a4b54eb67229a31e58193384 -References: JIRA-SLE-10228 +References: jsc#SLE-8897 Add -numa hmat-lb option to provide System Locality Latency and Bandwidth Information. These memory attributes help to build @@ -455,7 +455,7 @@ index 27d0e375342a502c7676d23837a7..cf8faf5a2a4929560c852bf8d50c 100644 # @HostMemPolicy: # diff --git a/qemu-options.hx b/qemu-options.hx -index 63f6b33322f10cf33ab900eb292c..c45e2ae513769f59aa6a61b7d67d 100644 +index 9b1618cd34d9fe1d8374d6abb954..5f7f31457ab6a8640698f6913b07 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -168,16 +168,19 @@ DEF("numa", HAS_ARG, QEMU_OPTION_numa, diff --git a/numa-Extend-CLI-to-provide-memory-side-c.patch b/numa-Extend-CLI-to-provide-memory-side-c.patch index bc2062c..ae168c4 100644 --- a/numa-Extend-CLI-to-provide-memory-side-c.patch +++ b/numa-Extend-CLI-to-provide-memory-side-c.patch @@ -3,7 +3,7 @@ Date: Fri, 13 Dec 2019 09:19:24 +0800 Subject: numa: Extend CLI to provide memory side cache information Git commit: c412a48d4d91e8f8b89aae02de0f44f1f0b729e5 -References: JIRA-SLE-10228 +References: jsc#SLE-8897 Add -numa hmat-cache option to provide Memory Side Cache Information. These memory attributes help to build Memory Side Cache Information @@ -256,7 +256,7 @@ index cf8faf5a2a4929560c852bf8d50c..b3d30bc8162da9a0b60005fdd86b 100644 # @HostMemPolicy: # diff --git a/qemu-options.hx b/qemu-options.hx -index c45e2ae513769f59aa6a61b7d67d..16e8888fccb59212bcbb078cd98e 100644 +index 5f7f31457ab6a8640698f6913b07..b0471ed152d77c9e0512c842149f 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -169,7 +169,8 @@ DEF("numa", HAS_ARG, QEMU_OPTION_numa, diff --git a/numa-properly-check-if-numa-is-supported.patch b/numa-properly-check-if-numa-is-supported.patch new file mode 100644 index 0000000..4aead2b --- /dev/null +++ b/numa-properly-check-if-numa-is-supported.patch @@ -0,0 +1,67 @@ +From: Igor Mammedov +Date: Thu, 12 Dec 2019 13:48:56 +0100 +Subject: numa: properly check if numa is supported + +Git-commit: fcd3f2cc124600385dba46c69a80626985c15b50 + +Commit aa57020774b, by mistake used MachineClass::numa_mem_supported +to check if NUMA is supported by machine and also as unrelated change +set it to true for sbsa-ref board. + +Luckily change didn't break machines that support NUMA, as the field +is set to true for them. + +But the field is not intended for checking if NUMA is supported and +will be flipped to false within this release for new machine types. + +Fix it: + - by using previously used condition + !mc->cpu_index_to_instance_props || !mc->get_default_cpu_node_id + the first time and then use MachineState::numa_state down the road + to check if NUMA is supported + - dropping stray sbsa-ref chunk + +Fixes: aa57020774b690a22be72453b8e91c9b5a68c516 +Signed-off-by: Igor Mammedov +Message-Id: <1576154936-178362-3-git-send-email-imammedo@redhat.com> +Signed-off-by: Eduardo Habkost +Signed-off-by: Bruce Rogers +--- + hw/arm/sbsa-ref.c | 1 - + hw/core/machine.c | 4 ++-- + 2 files changed, 2 insertions(+), 3 deletions(-) + +diff --git a/hw/arm/sbsa-ref.c b/hw/arm/sbsa-ref.c +index 27046cc284f4b9daa59468889430..c6261d44a4c53e8a6bc14bbf088d 100644 +--- a/hw/arm/sbsa-ref.c ++++ b/hw/arm/sbsa-ref.c +@@ -791,7 +791,6 @@ static void sbsa_ref_class_init(ObjectClass *oc, void *data) + mc->possible_cpu_arch_ids = sbsa_ref_possible_cpu_arch_ids; + mc->cpu_index_to_instance_props = sbsa_ref_cpu_index_to_props; + mc->get_default_cpu_node_id = sbsa_ref_get_default_cpu_node_id; +- mc->numa_mem_supported = true; + } + + static const TypeInfo sbsa_ref_info = { +diff --git a/hw/core/machine.c b/hw/core/machine.c +index 1689ad3bf8afd18f0e774ed41a8d..aa63231f3160aaf32874e59ba452 100644 +--- a/hw/core/machine.c ++++ b/hw/core/machine.c +@@ -958,7 +958,7 @@ static void machine_initfn(Object *obj) + NULL); + } + +- if (mc->numa_mem_supported) { ++ if (mc->cpu_index_to_instance_props && mc->get_default_cpu_node_id) { + ms->numa_state = g_new0(NumaState, 1); + } + +@@ -1102,7 +1102,7 @@ void machine_run_board_init(MachineState *machine) + { + MachineClass *machine_class = MACHINE_GET_CLASS(machine); + +- if (machine_class->numa_mem_supported) { ++ if (machine->numa_state) { + numa_complete_configuration(machine); + if (machine->numa_state->num_nodes) { + machine_numa_finish_cpu_init(machine); diff --git a/qcow2-bitmaps-fix-qcow2_can_store_new_di.patch b/qcow2-bitmaps-fix-qcow2_can_store_new_di.patch new file mode 100644 index 0000000..9f5b430 --- /dev/null +++ b/qcow2-bitmaps-fix-qcow2_can_store_new_di.patch @@ -0,0 +1,96 @@ +From: Vladimir Sementsov-Ogievskiy +Date: Mon, 14 Oct 2019 14:51:25 +0300 +Subject: qcow2-bitmaps: fix qcow2_can_store_new_dirty_bitmap + +Git-commit: a1db8733d28d615bc0daeada6c406a6dd5c5d5ef + +qcow2_can_store_new_dirty_bitmap works wrong, as it considers only +bitmaps already stored in the qcow2 image and ignores persistent +BdrvDirtyBitmap objects. + +So, let's instead count persistent BdrvDirtyBitmaps. We load all qcow2 +bitmaps on open, so there should not be any bitmap in the image for +which we don't have BdrvDirtyBitmaps version. If it is - it's a kind of +corruption, and no reason to check for corruptions here (open() and +close() are better places for it). + +Signed-off-by: Vladimir Sementsov-Ogievskiy +Message-id: 20191014115126.15360-2-vsementsov@virtuozzo.com +Reviewed-by: Max Reitz +Cc: qemu-stable@nongnu.org +Signed-off-by: Max Reitz +Signed-off-by: Bruce Rogers +--- + block/qcow2-bitmap.c | 41 ++++++++++++++++++----------------------- + 1 file changed, 18 insertions(+), 23 deletions(-) + +diff --git a/block/qcow2-bitmap.c b/block/qcow2-bitmap.c +index c6c8ebbe89d4252432bfb80e3426..d41f5d049b7d791ac30e1e36d3c5 100644 +--- a/block/qcow2-bitmap.c ++++ b/block/qcow2-bitmap.c +@@ -1703,8 +1703,14 @@ bool coroutine_fn qcow2_co_can_store_new_dirty_bitmap(BlockDriverState *bs, + Error **errp) + { + BDRVQcow2State *s = bs->opaque; +- bool found; +- Qcow2BitmapList *bm_list; ++ BdrvDirtyBitmap *bitmap; ++ uint64_t bitmap_directory_size = 0; ++ uint32_t nb_bitmaps = 0; ++ ++ if (bdrv_find_dirty_bitmap(bs, name)) { ++ error_setg(errp, "Bitmap already exists: %s", name); ++ return false; ++ } + + if (s->qcow_version < 3) { + /* Without autoclear_features, we would always have to assume +@@ -1720,38 +1726,27 @@ bool coroutine_fn qcow2_co_can_store_new_dirty_bitmap(BlockDriverState *bs, + goto fail; + } + +- if (s->nb_bitmaps == 0) { +- return true; ++ FOR_EACH_DIRTY_BITMAP(bs, bitmap) { ++ if (bdrv_dirty_bitmap_get_persistence(bitmap)) { ++ nb_bitmaps++; ++ bitmap_directory_size += ++ calc_dir_entry_size(strlen(bdrv_dirty_bitmap_name(bitmap)), 0); ++ } + } ++ nb_bitmaps++; ++ bitmap_directory_size += calc_dir_entry_size(strlen(name), 0); + +- if (s->nb_bitmaps >= QCOW2_MAX_BITMAPS) { ++ if (nb_bitmaps > QCOW2_MAX_BITMAPS) { + error_setg(errp, + "Maximum number of persistent bitmaps is already reached"); + goto fail; + } + +- if (s->bitmap_directory_size + calc_dir_entry_size(strlen(name), 0) > +- QCOW2_MAX_BITMAP_DIRECTORY_SIZE) +- { ++ if (bitmap_directory_size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) { + error_setg(errp, "Not enough space in the bitmap directory"); + goto fail; + } + +- qemu_co_mutex_lock(&s->lock); +- bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, +- s->bitmap_directory_size, errp); +- qemu_co_mutex_unlock(&s->lock); +- if (bm_list == NULL) { +- goto fail; +- } +- +- found = find_bitmap_by_name(bm_list, name); +- bitmap_list_free(bm_list); +- if (found) { +- error_setg(errp, "Bitmap with the same name is already stored"); +- goto fail; +- } +- + return true; + + fail: diff --git a/qemu.changes b/qemu.changes index e132130..b9a8d12 100644 --- a/qemu.changes +++ b/qemu.changes @@ -1,13 +1,47 @@ +------------------------------------------------------------------- +Fri Jan 10 14:12:38 UTC 2020 - Bruce Rogers + +- Include upstream patches targeted for the next stable release + (bug fixes only) + arm-arm-powerctl-set-NSACR.-CP11-CP10-bi.patch + backup-top-Begin-drain-earlier.patch + block-Activate-recursively-even-for-alre.patch + display-bochs-display-fix-memory-leak.patch + Fix-double-free-issue-in-qemu_set_log_fi.patch + hw-arm-smmuv3-Align-stream-table-base-ad.patch + hw-arm-smmuv3-Apply-address-mask-to-line.patch + hw-arm-smmuv3-Check-stream-IDs-against-a.patch + hw-arm-smmuv3-Correct-SMMU_BASE_ADDR_MAS.patch + hw-arm-smmuv3-Report-F_STE_FETCH-fault-a.patch + hw-arm-smmuv3-Use-correct-bit-positions-.patch + i386-Resolve-CPU-models-to-v1-by-default.patch + intel_iommu-a-fix-to-vtd_find_as_from_bu.patch + iotests-Fix-IMGOPTSSYNTAX-for-nbd.patch + iotests-Provide-a-function-for-checking-.patch + iotests-Skip-test-060-if-it-is-not-possi.patch + iotests-Skip-test-079-if-it-is-not-possi.patch + numa-properly-check-if-numa-is-supported.patch + qcow2-bitmaps-fix-qcow2_can_store_new_di.patch + Revert-qemu-options.hx-Update-for-reboot.patch + vhost-user-gpu-Drop-trailing-json-comma.patch + virtio-blk-fix-out-of-bounds-access-to-b.patch + virtio-mmio-update-queue-size-on-guest-w.patch + virtio-net-delete-also-control-queue-whe.patch + virtio-update-queue-size-on-guest-write.patch +- Include performance improvement + virtio-don-t-enable-notifications-during.patch +- Repair incorrect packaging references to Jira tracked features + ------------------------------------------------------------------- Thu Jan 9 17:48:25 UTC 2020 - Bruce Rogers -- Add Cooperlake vcpu model (jira-SLE-10195) +- Add Cooperlake vcpu model (jsc#SLE-7923) i386-Add-MSR-feature-bit-for-MDS-NO.patch i386-Add-macro-for-stibp.patch i386-Add-new-CPU-model-Cooperlake.patch target-i386-Add-new-bit-definitions-of-M.patch target-i386-Add-missed-features-to-Coope.patch -- Add HMAT support (jira-SLE-10228) (the test case for this series +- Add HMAT support (jsc#SLE-8897) (the test case for this series isn't included because we aren't set up to handle binary patches) numa-Extend-CLI-to-provide-initiator-inf.patch numa-Extend-CLI-to-provide-memory-latenc.patch @@ -99,7 +133,7 @@ Wed Nov 27 03:10:09 UTC 2019 - Bruce Rogers CVE-2019-11135 CVE-2019-12068 CVE-2019-12155 CVE-2019-13164 CVE-2019-14378 CVE-2019-15890, and the following feature requests are satisfied by this package: fate#327410 fate#327764 fate#327796 - jira-SLE-4883 jira-SLE-6132 jira-SLE-6237 jira-SLE-6754 + jsc#SLE-4883 jsc#SLE-6132 jsc#SLE-6237 jsc#SLE-6754 ------------------------------------------------------------------- Tue Nov 19 19:13:41 UTC 2019 - Bruce Rogers diff --git a/qemu.spec b/qemu.spec index 942bafd..35703e2 100644 --- a/qemu.spec +++ b/qemu.spec @@ -128,56 +128,82 @@ Source303: README.PACKAGING Patch00000: i386-Add-MSR-feature-bit-for-MDS-NO.patch Patch00001: i386-Add-macro-for-stibp.patch Patch00002: i386-Add-new-CPU-model-Cooperlake.patch -Patch00003: numa-Extend-CLI-to-provide-initiator-inf.patch -Patch00004: numa-Extend-CLI-to-provide-memory-latenc.patch -Patch00005: numa-Extend-CLI-to-provide-memory-side-c.patch -Patch00006: hmat-acpi-Build-Memory-Proximity-Domain-.patch -Patch00007: hmat-acpi-Build-System-Locality-Latency-.patch -Patch00008: hmat-acpi-Build-Memory-Side-Cache-Inform.patch -Patch00009: tests-numa-Add-case-for-QMP-build-HMAT.patch -Patch00010: target-i386-Add-new-bit-definitions-of-M.patch -Patch00011: target-i386-Add-missed-features-to-Coope.patch -Patch00012: XXX-dont-dump-core-on-sigabort.patch -Patch00013: qemu-binfmt-conf-Modify-default-path.patch -Patch00014: qemu-cvs-gettimeofday.patch -Patch00015: qemu-cvs-ioctl_debug.patch -Patch00016: qemu-cvs-ioctl_nodirection.patch -Patch00017: linux-user-add-binfmt-wrapper-for-argv-0.patch -Patch00018: PPC-KVM-Disable-mmu-notifier-check.patch -Patch00019: linux-user-binfmt-support-host-binaries.patch -Patch00020: linux-user-Fake-proc-cpuinfo.patch -Patch00021: linux-user-use-target_ulong.patch -Patch00022: Make-char-muxer-more-robust-wrt-small-FI.patch -Patch00023: linux-user-lseek-explicitly-cast-non-set.patch -Patch00024: AIO-Reduce-number-of-threads-for-32bit-h.patch -Patch00025: xen_disk-Add-suse-specific-flush-disable.patch -Patch00026: qemu-bridge-helper-reduce-security-profi.patch -Patch00027: qemu-binfmt-conf-use-qemu-ARCH-binfmt.patch -Patch00028: linux-user-properly-test-for-infinite-ti.patch -Patch00029: roms-Makefile-pass-a-packaging-timestamp.patch -Patch00030: Raise-soft-address-space-limit-to-hard-l.patch -Patch00031: increase-x86_64-physical-bits-to-42.patch -Patch00032: vga-Raise-VRAM-to-16-MiB-for-pc-0.15-and.patch -Patch00033: i8254-Fix-migration-from-SLE11-SP2.patch -Patch00034: acpi_piix4-Fix-migration-from-SLE11-SP2.patch -Patch00035: Switch-order-of-libraries-for-mpath-supp.patch -Patch00036: Make-installed-scripts-explicitly-python.patch -Patch00037: hw-smbios-handle-both-file-formats-regar.patch -Patch00038: xen-add-block-resize-support-for-xen-dis.patch -Patch00039: tests-qemu-iotests-Triple-timeout-of-i-o.patch -Patch00040: tests-Fix-block-tests-to-be-compatible-w.patch -Patch00041: xen-ignore-live-parameter-from-xen-save-.patch -Patch00042: Conditionalize-ui-bitmap-installation-be.patch -Patch00043: tests-change-error-message-in-test-162.patch -Patch00044: hw-usb-hcd-xhci-Fix-GCC-9-build-warning.patch -Patch00045: hw-usb-dev-mtp-Fix-GCC-9-build-warning.patch -Patch00046: hw-intc-exynos4210_gic-provide-more-room.patch -Patch00047: configure-only-populate-roms-if-softmmu.patch -Patch00048: pc-bios-s390-ccw-net-avoid-warning-about.patch -Patch00049: roms-change-cross-compiler-naming-to-be-.patch -Patch00050: tests-Disable-some-block-tests-for-now.patch -Patch00051: test-add-mapping-from-arch-of-i686-to-qe.patch -Patch00052: roms-Makefile-enable-cross-compile-for-b.patch +Patch00003: arm-arm-powerctl-set-NSACR.-CP11-CP10-bi.patch +Patch00004: iotests-Skip-test-060-if-it-is-not-possi.patch +Patch00005: iotests-Skip-test-079-if-it-is-not-possi.patch +Patch00006: Revert-qemu-options.hx-Update-for-reboot.patch +Patch00007: iotests-Provide-a-function-for-checking-.patch +Patch00008: Fix-double-free-issue-in-qemu_set_log_fi.patch +Patch00009: iotests-Fix-IMGOPTSSYNTAX-for-nbd.patch +Patch00010: virtio-blk-fix-out-of-bounds-access-to-b.patch +Patch00011: block-Activate-recursively-even-for-alre.patch +Patch00012: i386-Resolve-CPU-models-to-v1-by-default.patch +Patch00013: numa-properly-check-if-numa-is-supported.patch +Patch00014: vhost-user-gpu-Drop-trailing-json-comma.patch +Patch00015: display-bochs-display-fix-memory-leak.patch +Patch00016: hw-arm-smmuv3-Apply-address-mask-to-line.patch +Patch00017: hw-arm-smmuv3-Correct-SMMU_BASE_ADDR_MAS.patch +Patch00018: hw-arm-smmuv3-Check-stream-IDs-against-a.patch +Patch00019: hw-arm-smmuv3-Align-stream-table-base-ad.patch +Patch00020: hw-arm-smmuv3-Use-correct-bit-positions-.patch +Patch00021: hw-arm-smmuv3-Report-F_STE_FETCH-fault-a.patch +Patch00022: virtio-update-queue-size-on-guest-write.patch +Patch00023: virtio-don-t-enable-notifications-during.patch +Patch00024: numa-Extend-CLI-to-provide-initiator-inf.patch +Patch00025: numa-Extend-CLI-to-provide-memory-latenc.patch +Patch00026: numa-Extend-CLI-to-provide-memory-side-c.patch +Patch00027: hmat-acpi-Build-Memory-Proximity-Domain-.patch +Patch00028: hmat-acpi-Build-System-Locality-Latency-.patch +Patch00029: hmat-acpi-Build-Memory-Side-Cache-Inform.patch +Patch00030: tests-numa-Add-case-for-QMP-build-HMAT.patch +Patch00031: qcow2-bitmaps-fix-qcow2_can_store_new_di.patch +Patch00032: backup-top-Begin-drain-earlier.patch +Patch00033: virtio-mmio-update-queue-size-on-guest-w.patch +Patch00034: virtio-net-delete-also-control-queue-whe.patch +Patch00035: intel_iommu-a-fix-to-vtd_find_as_from_bu.patch +Patch00036: target-i386-Add-new-bit-definitions-of-M.patch +Patch00037: target-i386-Add-missed-features-to-Coope.patch +Patch00038: XXX-dont-dump-core-on-sigabort.patch +Patch00039: qemu-binfmt-conf-Modify-default-path.patch +Patch00040: qemu-cvs-gettimeofday.patch +Patch00041: qemu-cvs-ioctl_debug.patch +Patch00042: qemu-cvs-ioctl_nodirection.patch +Patch00043: linux-user-add-binfmt-wrapper-for-argv-0.patch +Patch00044: PPC-KVM-Disable-mmu-notifier-check.patch +Patch00045: linux-user-binfmt-support-host-binaries.patch +Patch00046: linux-user-Fake-proc-cpuinfo.patch +Patch00047: linux-user-use-target_ulong.patch +Patch00048: Make-char-muxer-more-robust-wrt-small-FI.patch +Patch00049: linux-user-lseek-explicitly-cast-non-set.patch +Patch00050: AIO-Reduce-number-of-threads-for-32bit-h.patch +Patch00051: xen_disk-Add-suse-specific-flush-disable.patch +Patch00052: qemu-bridge-helper-reduce-security-profi.patch +Patch00053: qemu-binfmt-conf-use-qemu-ARCH-binfmt.patch +Patch00054: linux-user-properly-test-for-infinite-ti.patch +Patch00055: roms-Makefile-pass-a-packaging-timestamp.patch +Patch00056: Raise-soft-address-space-limit-to-hard-l.patch +Patch00057: increase-x86_64-physical-bits-to-42.patch +Patch00058: vga-Raise-VRAM-to-16-MiB-for-pc-0.15-and.patch +Patch00059: i8254-Fix-migration-from-SLE11-SP2.patch +Patch00060: acpi_piix4-Fix-migration-from-SLE11-SP2.patch +Patch00061: Switch-order-of-libraries-for-mpath-supp.patch +Patch00062: Make-installed-scripts-explicitly-python.patch +Patch00063: hw-smbios-handle-both-file-formats-regar.patch +Patch00064: xen-add-block-resize-support-for-xen-dis.patch +Patch00065: tests-qemu-iotests-Triple-timeout-of-i-o.patch +Patch00066: tests-Fix-block-tests-to-be-compatible-w.patch +Patch00067: xen-ignore-live-parameter-from-xen-save-.patch +Patch00068: Conditionalize-ui-bitmap-installation-be.patch +Patch00069: tests-change-error-message-in-test-162.patch +Patch00070: hw-usb-hcd-xhci-Fix-GCC-9-build-warning.patch +Patch00071: hw-usb-dev-mtp-Fix-GCC-9-build-warning.patch +Patch00072: hw-intc-exynos4210_gic-provide-more-room.patch +Patch00073: configure-only-populate-roms-if-softmmu.patch +Patch00074: pc-bios-s390-ccw-net-avoid-warning-about.patch +Patch00075: roms-change-cross-compiler-naming-to-be-.patch +Patch00076: tests-Disable-some-block-tests-for-now.patch +Patch00077: test-add-mapping-from-arch-of-i686-to-qe.patch +Patch00078: roms-Makefile-enable-cross-compile-for-b.patch # Patches applied in roms/seabios/: Patch01000: seabios-use-python2-explicitly-as-needed.patch Patch01001: seabios-switch-to-python3-as-needed.patch @@ -937,6 +963,32 @@ This package provides a service file for starting and stopping KSM. %patch00050 -p1 %patch00051 -p1 %patch00052 -p1 +%patch00053 -p1 +%patch00054 -p1 +%patch00055 -p1 +%patch00056 -p1 +%patch00057 -p1 +%patch00058 -p1 +%patch00059 -p1 +%patch00060 -p1 +%patch00061 -p1 +%patch00062 -p1 +%patch00063 -p1 +%patch00064 -p1 +%patch00065 -p1 +%patch00066 -p1 +%patch00067 -p1 +%patch00068 -p1 +%patch00069 -p1 +%patch00070 -p1 +%patch00071 -p1 +%patch00072 -p1 +%patch00073 -p1 +%patch00074 -p1 +%patch00075 -p1 +%patch00076 -p1 +%patch00077 -p1 +%patch00078 -p1 %patch01000 -p1 %patch01001 -p1 %patch01002 -p1 diff --git a/target-i386-Add-missed-features-to-Coope.patch b/target-i386-Add-missed-features-to-Coope.patch index c41150b..d887416 100644 --- a/target-i386-Add-missed-features-to-Coope.patch +++ b/target-i386-Add-missed-features-to-Coope.patch @@ -3,7 +3,7 @@ Date: Wed, 8 Jan 2020 13:32:40 +0100 Subject: target/i386: Add missed features to Cooperlake CPU model Git-commit: 0000000000000000000000000000000000000000 -References: JIRA-SLE-1015 +References: jsc#SLE-7923 It lacks VMX features and two security feature bits (disclosed recently) in MSR_IA32_ARCH_CAPABILITIES in current Cooperlake CPU model, so add them. @@ -18,7 +18,7 @@ Signed-off-by: Bruce Rogers 1 file changed, 50 insertions(+), 1 deletion(-) diff --git a/target/i386/cpu.c b/target/i386/cpu.c -index de828e29d8d6a35c1f03bc4a456a..b49e47ddf590d4d23683bb47212a 100644 +index 8a1993ac64bd763b7bb70c98b8b8..876bd166652365397514ada0dec7 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -3201,7 +3201,8 @@ static X86CPUDefinition builtin_x86_defs[] = { diff --git a/target-i386-Add-new-bit-definitions-of-M.patch b/target-i386-Add-new-bit-definitions-of-M.patch index f3dd2d1..878b9e6 100644 --- a/target-i386-Add-new-bit-definitions-of-M.patch +++ b/target-i386-Add-new-bit-definitions-of-M.patch @@ -3,7 +3,7 @@ Date: Wed, 8 Jan 2020 13:32:39 +0100 Subject: target/i386: Add new bit definitions of MSR_IA32_ARCH_CAPABILITIES Git-commit: 0000000000000000000000000000000000000000 -References: JIRA-SLE-1015 +References: jsc#SLE-7923 The bit 6, 7 and 8 of MSR_IA32_ARCH_CAPABILITIES are recently disclosed for some security issues. Add the definitions for them to be used by named diff --git a/tests-numa-Add-case-for-QMP-build-HMAT.patch b/tests-numa-Add-case-for-QMP-build-HMAT.patch index 469b72b..2ec1dc8 100644 --- a/tests-numa-Add-case-for-QMP-build-HMAT.patch +++ b/tests-numa-Add-case-for-QMP-build-HMAT.patch @@ -3,7 +3,7 @@ Date: Fri, 13 Dec 2019 09:19:28 +0800 Subject: tests/numa: Add case for QMP build HMAT Git commit: d00817c944ed15fbe4a61d44fe7f9fe166c7df88 -References: JIRA-SLE-10228 +References: jsc#SLE-8897 Check configuring HMAT usecase diff --git a/vhost-user-gpu-Drop-trailing-json-comma.patch b/vhost-user-gpu-Drop-trailing-json-comma.patch new file mode 100644 index 0000000..38159d7 --- /dev/null +++ b/vhost-user-gpu-Drop-trailing-json-comma.patch @@ -0,0 +1,36 @@ +From: Cole Robinson +Date: Thu, 19 Sep 2019 16:33:44 -0400 +Subject: vhost-user-gpu: Drop trailing json comma +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Git-commit: ca26b032e5a0e8a190c763ce828a8740d24b9b65 + +Trailing comma is not valid json: + +$ cat contrib/vhost-user-gpu/50-qemu-gpu.json.in | jq +parse error: Expected another key-value pair at line 5, column 1 + +Signed-off-by: Cole Robinson +Reviewed-by: Marc-André Lureau +Reviewed-by: Li Qiang +Reviewed-by: Philippe Mathieu-Daudé +Message-id: 7f5dd2ac9f3504e2699f23e69bc3d8051b729832.1568925097.git.crobinso@redhat.com +Signed-off-by: Gerd Hoffmann +Signed-off-by: Bruce Rogers +--- + contrib/vhost-user-gpu/50-qemu-gpu.json.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/contrib/vhost-user-gpu/50-qemu-gpu.json.in b/contrib/vhost-user-gpu/50-qemu-gpu.json.in +index 658b545864b1acd02b1ceb8dee82..f5edd097f805b839939a7423395a 100644 +--- a/contrib/vhost-user-gpu/50-qemu-gpu.json.in ++++ b/contrib/vhost-user-gpu/50-qemu-gpu.json.in +@@ -1,5 +1,5 @@ + { + "description": "QEMU vhost-user-gpu", + "type": "gpu", +- "binary": "@libexecdir@/vhost-user-gpu", ++ "binary": "@libexecdir@/vhost-user-gpu" + } diff --git a/virtio-blk-fix-out-of-bounds-access-to-b.patch b/virtio-blk-fix-out-of-bounds-access-to-b.patch new file mode 100644 index 0000000..e6acaa0 --- /dev/null +++ b/virtio-blk-fix-out-of-bounds-access-to-b.patch @@ -0,0 +1,36 @@ +From: Li Hangjing +Date: Mon, 16 Dec 2019 10:30:50 +0800 +Subject: virtio-blk: fix out-of-bounds access to bitmap in notify_guest_bh + +Git-commit: 725fe5d10dbd4259b1853b7d253cef83a3c0d22a + +When the number of a virtio-blk device's virtqueues is larger than +BITS_PER_LONG, the out-of-bounds access to bitmap[ ] will occur. + +Fixes: e21737ab15 ("virtio-blk: multiqueue batch notify") +Cc: qemu-stable@nongnu.org +Cc: Stefan Hajnoczi +Signed-off-by: Li Hangjing +Reviewed-by: Xie Yongji +Reviewed-by: Chai Wen +Message-id: 20191216023050.48620-1-lihangjing@baidu.com +Message-Id: <20191216023050.48620-1-lihangjing@baidu.com> +Signed-off-by: Stefan Hajnoczi +Signed-off-by: Bruce Rogers +--- + hw/block/dataplane/virtio-blk.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/block/dataplane/virtio-blk.c b/hw/block/dataplane/virtio-blk.c +index 119906a5fe78dcd165f5775c42a0..1b52e8159c8d1056f56bd5f7c22f 100644 +--- a/hw/block/dataplane/virtio-blk.c ++++ b/hw/block/dataplane/virtio-blk.c +@@ -67,7 +67,7 @@ static void notify_guest_bh(void *opaque) + memset(s->batch_notify_vqs, 0, sizeof(bitmap)); + + for (j = 0; j < nvqs; j += BITS_PER_LONG) { +- unsigned long bits = bitmap[j]; ++ unsigned long bits = bitmap[j / BITS_PER_LONG]; + + while (bits != 0) { + unsigned i = j + ctzl(bits); diff --git a/virtio-don-t-enable-notifications-during.patch b/virtio-don-t-enable-notifications-during.patch new file mode 100644 index 0000000..e314963 --- /dev/null +++ b/virtio-don-t-enable-notifications-during.patch @@ -0,0 +1,145 @@ +From: Stefan Hajnoczi +Date: Mon, 9 Dec 2019 21:09:57 +0000 +Subject: virtio: don't enable notifications during polling + +Git-commit: d0435bc513e23a4961b6af20164d1c6c219eb4ea + +Virtqueue notifications are not necessary during polling, so we disable +them. This allows the guest driver to avoid MMIO vmexits. +Unfortunately the virtio-blk and virtio-scsi handler functions re-enable +notifications, defeating this optimization. + +Fix virtio-blk and virtio-scsi emulation so they leave notifications +disabled. The key thing to remember for correctness is that polling +always checks one last time after ending its loop, therefore it's safe +to lose the race when re-enabling notifications at the end of polling. + +There is a measurable performance improvement of 5-10% with the null-co +block driver. Real-life storage configurations will see a smaller +improvement because the MMIO vmexit overhead contributes less to +latency. + +Signed-off-by: Stefan Hajnoczi +Message-Id: <20191209210957.65087-1-stefanha@redhat.com> +Reviewed-by: Michael S. Tsirkin +Signed-off-by: Michael S. Tsirkin +Signed-off-by: Bruce Rogers +--- + hw/block/virtio-blk.c | 9 +++++++-- + hw/scsi/virtio-scsi.c | 9 +++++++-- + hw/virtio/virtio.c | 12 ++++++------ + include/hw/virtio/virtio.h | 1 + + 4 files changed, 21 insertions(+), 10 deletions(-) + +diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c +index 4c357d2928ff1cfe94a601c93ffa..c4e55fb3defb711dbc39b67e00a1 100644 +--- a/hw/block/virtio-blk.c ++++ b/hw/block/virtio-blk.c +@@ -764,13 +764,16 @@ bool virtio_blk_handle_vq(VirtIOBlock *s, VirtQueue *vq) + { + VirtIOBlockReq *req; + MultiReqBuffer mrb = {}; ++ bool suppress_notifications = virtio_queue_get_notification(vq); + bool progress = false; + + aio_context_acquire(blk_get_aio_context(s->blk)); + blk_io_plug(s->blk); + + do { +- virtio_queue_set_notification(vq, 0); ++ if (suppress_notifications) { ++ virtio_queue_set_notification(vq, 0); ++ } + + while ((req = virtio_blk_get_request(s, vq))) { + progress = true; +@@ -781,7 +784,9 @@ bool virtio_blk_handle_vq(VirtIOBlock *s, VirtQueue *vq) + } + } + +- virtio_queue_set_notification(vq, 1); ++ if (suppress_notifications) { ++ virtio_queue_set_notification(vq, 1); ++ } + } while (!virtio_queue_empty(vq)); + + if (mrb.num_reqs) { +diff --git a/hw/scsi/virtio-scsi.c b/hw/scsi/virtio-scsi.c +index e8b2b64d09fb185404fa83882ba9..f080545f48e6a3e411caf641b935 100644 +--- a/hw/scsi/virtio-scsi.c ++++ b/hw/scsi/virtio-scsi.c +@@ -597,12 +597,15 @@ bool virtio_scsi_handle_cmd_vq(VirtIOSCSI *s, VirtQueue *vq) + { + VirtIOSCSIReq *req, *next; + int ret = 0; ++ bool suppress_notifications = virtio_queue_get_notification(vq); + bool progress = false; + + QTAILQ_HEAD(, VirtIOSCSIReq) reqs = QTAILQ_HEAD_INITIALIZER(reqs); + + do { +- virtio_queue_set_notification(vq, 0); ++ if (suppress_notifications) { ++ virtio_queue_set_notification(vq, 0); ++ } + + while ((req = virtio_scsi_pop_req(s, vq))) { + progress = true; +@@ -622,7 +625,9 @@ bool virtio_scsi_handle_cmd_vq(VirtIOSCSI *s, VirtQueue *vq) + } + } + +- virtio_queue_set_notification(vq, 1); ++ if (suppress_notifications) { ++ virtio_queue_set_notification(vq, 1); ++ } + } while (ret != -EINVAL && !virtio_queue_empty(vq)); + + QTAILQ_FOREACH_SAFE(req, &reqs, next, next) { +diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c +index 04716b5f6ce1ccfb3f21a5b81b77..3211135bc8beb0856e100bcbda58 100644 +--- a/hw/virtio/virtio.c ++++ b/hw/virtio/virtio.c +@@ -432,6 +432,11 @@ static void virtio_queue_packed_set_notification(VirtQueue *vq, int enable) + } + } + ++bool virtio_queue_get_notification(VirtQueue *vq) ++{ ++ return vq->notification; ++} ++ + void virtio_queue_set_notification(VirtQueue *vq, int enable) + { + vq->notification = enable; +@@ -3384,17 +3389,12 @@ static bool virtio_queue_host_notifier_aio_poll(void *opaque) + { + EventNotifier *n = opaque; + VirtQueue *vq = container_of(n, VirtQueue, host_notifier); +- bool progress; + + if (!vq->vring.desc || virtio_queue_empty(vq)) { + return false; + } + +- progress = virtio_queue_notify_aio_vq(vq); +- +- /* In case the handler function re-enabled notifications */ +- virtio_queue_set_notification(vq, 0); +- return progress; ++ return virtio_queue_notify_aio_vq(vq); + } + + static void virtio_queue_host_notifier_aio_poll_end(EventNotifier *n) +diff --git a/include/hw/virtio/virtio.h b/include/hw/virtio/virtio.h +index c32a815303730700e60c2ddd06c4..6a2044246d63ba8a3f932086f9e8 100644 +--- a/include/hw/virtio/virtio.h ++++ b/include/hw/virtio/virtio.h +@@ -224,6 +224,7 @@ int virtio_load(VirtIODevice *vdev, QEMUFile *f, int version_id); + + void virtio_notify_config(VirtIODevice *vdev); + ++bool virtio_queue_get_notification(VirtQueue *vq); + void virtio_queue_set_notification(VirtQueue *vq, int enable); + + int virtio_queue_ready(VirtQueue *vq); diff --git a/virtio-mmio-update-queue-size-on-guest-w.patch b/virtio-mmio-update-queue-size-on-guest-w.patch new file mode 100644 index 0000000..04aea2a --- /dev/null +++ b/virtio-mmio-update-queue-size-on-guest-w.patch @@ -0,0 +1,34 @@ +From: Denis Plotnikov +Date: Tue, 24 Dec 2019 11:14:46 +0300 +Subject: virtio-mmio: update queue size on guest write + +Git-commit: 1049f4c62c4070618cc5defc9963c6a17ae7a5ae + +Some guests read back queue size after writing it. +Always update the on size write otherwise they might be confused. + +Cc: qemu-stable@nongnu.org +Signed-off-by: Denis Plotnikov +Message-Id: <20191224081446.17003-1-dplotnikov@virtuozzo.com> +Reviewed-by: Michael S. Tsirkin +Signed-off-by: Michael S. Tsirkin +Signed-off-by: Bruce Rogers +--- + hw/virtio/virtio-mmio.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/hw/virtio/virtio-mmio.c b/hw/virtio/virtio-mmio.c +index 94d934c44b6ca63a4d5c72258e90..1e40a74869dad64fd172e1279b25 100644 +--- a/hw/virtio/virtio-mmio.c ++++ b/hw/virtio/virtio-mmio.c +@@ -295,8 +295,9 @@ static void virtio_mmio_write(void *opaque, hwaddr offset, uint64_t value, + break; + case VIRTIO_MMIO_QUEUE_NUM: + trace_virtio_mmio_queue_write(value, VIRTQUEUE_MAX_SIZE); ++ virtio_queue_set_num(vdev, vdev->queue_sel, value); ++ + if (proxy->legacy) { +- virtio_queue_set_num(vdev, vdev->queue_sel, value); + virtio_queue_update_rings(vdev, vdev->queue_sel); + } else { + proxy->vqs[vdev->queue_sel].num = value; diff --git a/virtio-net-delete-also-control-queue-whe.patch b/virtio-net-delete-also-control-queue-whe.patch new file mode 100644 index 0000000..58b10e8 --- /dev/null +++ b/virtio-net-delete-also-control-queue-whe.patch @@ -0,0 +1,35 @@ +From: Yuri Benditovich +Date: Thu, 26 Dec 2019 06:36:49 +0200 +Subject: virtio-net: delete also control queue when TX/RX deleted + +Git-commit: d945d9f1731244ef341f74ede93120fc9de35913 + +https://bugzilla.redhat.com/show_bug.cgi?id=1708480 +If the control queue is not deleted together with TX/RX, it +later will be ignored in freeing cache resources and hot +unplug will not be completed. + +Cc: qemu-stable@nongnu.org +Signed-off-by: Yuri Benditovich +Message-Id: <20191226043649.14481-3-yuri.benditovich@daynix.com> +Reviewed-by: Michael S. Tsirkin +Signed-off-by: Michael S. Tsirkin +Signed-off-by: Bruce Rogers +--- + hw/net/virtio-net.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c +index db3d7c38e6feea5b7d6898389b17..f325440d0144d3388ad255b71178 100644 +--- a/hw/net/virtio-net.c ++++ b/hw/net/virtio-net.c +@@ -3101,7 +3101,8 @@ static void virtio_net_device_unrealize(DeviceState *dev, Error **errp) + for (i = 0; i < max_queues; i++) { + virtio_net_del_queue(n, i); + } +- ++ /* delete also control vq */ ++ virtio_del_queue(vdev, max_queues * 2); + qemu_announce_timer_del(&n->announce_timer, false); + g_free(n->vqs); + qemu_del_nic(n->nic); diff --git a/virtio-update-queue-size-on-guest-write.patch b/virtio-update-queue-size-on-guest-write.patch new file mode 100644 index 0000000..9949564 --- /dev/null +++ b/virtio-update-queue-size-on-guest-write.patch @@ -0,0 +1,34 @@ +From: "Michael S. Tsirkin" +Date: Fri, 13 Dec 2019 09:22:48 -0500 +Subject: virtio: update queue size on guest write + +Git-commit: d0c5f643383b9e84316f148affff368ac33d75b9 + +Some guests read back queue size after writing it. +Update the size immediatly upon write otherwise +they get confused. + +In particular this is the case for seabios. + +Reported-by: Roman Kagan +Suggested-by: Denis Plotnikov +Cc: qemu-stable@nongnu.org +Signed-off-by: Michael S. Tsirkin +Signed-off-by: Bruce Rogers +--- + hw/virtio/virtio-pci.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c +index c6b47a9c7385195a9e9bed074040..e5c759e19eb57cfff1051ca03e84 100644 +--- a/hw/virtio/virtio-pci.c ++++ b/hw/virtio/virtio-pci.c +@@ -1256,6 +1256,8 @@ static void virtio_pci_common_write(void *opaque, hwaddr addr, + break; + case VIRTIO_PCI_COMMON_Q_SIZE: + proxy->vqs[vdev->queue_sel].num = val; ++ virtio_queue_set_num(vdev, vdev->queue_sel, ++ proxy->vqs[vdev->queue_sel].num); + break; + case VIRTIO_PCI_COMMON_Q_MSIX: + msix_vector_unuse(&proxy->pci_dev,