SHA256
1
0
forked from pool/qemu

Accepting request 519796 from Virtualization:Staging

Update to v2.10.0. Also includes some prep work for SLE15.

OBS-URL: https://build.opensuse.org/request/show/519796
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=359
This commit is contained in:
Bruce Rogers 2017-08-30 22:22:50 +00:00 committed by Git OBS Bridge
parent 8430fff5e7
commit 01e9700e70
97 changed files with 1442 additions and 8748 deletions

View File

@ -1,4 +1,4 @@
From c033f8e4e487f2b1a09c86351f33c116464509af Mon Sep 17 00:00:00 2001
From 5e63842369b27b4db6bc20d1d2652f7ce0ed0c29 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 21 Nov 2011 23:50:36 +0100
Subject: [PATCH] XXX dont dump core on sigabort
@ -8,7 +8,7 @@ Subject: [PATCH] XXX dont dump core on sigabort
1 file changed, 6 insertions(+)
diff --git a/linux-user/signal.c b/linux-user/signal.c
index a67db04e1a..a11728f6e0 100644
index cc0c3fcee9..47f1a89860 100644
--- a/linux-user/signal.c
+++ b/linux-user/signal.c
@@ -560,6 +560,10 @@ static void QEMU_NORETURN dump_core_and_abort(int target_sig)

View File

@ -1,4 +1,4 @@
From 70b4b47993dbbae58b80e504f4bc373e75a4acfb Mon Sep 17 00:00:00 2001
From a4246a201cfc32b55f59afafb42ba81758f2dd66 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 10 Aug 2016 19:00:24 +0200
Subject: [PATCH] qemu-binfmt-conf: Modify default path
@ -14,7 +14,7 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/qemu-binfmt-conf.sh b/scripts/qemu-binfmt-conf.sh
index 0f1aa63872..9fcd95a435 100755
index 8afc3eb5bb..5c3ba942ec 100755
--- a/scripts/qemu-binfmt-conf.sh
+++ b/scripts/qemu-binfmt-conf.sh
@@ -264,7 +264,7 @@ BINFMT_SET=qemu_register_interpreter

View File

@ -1,81 +0,0 @@
From d1c07c5e280a5ca62d3019792049038a53476248 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 14 Apr 2009 16:20:50 +0200
Subject: [PATCH] qemu-cvs-alsa_bitfield
Implements TYPE_INTBITFIELD partially. (required for ALSA support)
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Ulrich Hecht <uli@suse.de>
---
include/exec/user/thunk.h | 3 +++
thunk.c | 21 +++++++++++++++++++++
2 files changed, 24 insertions(+)
diff --git a/include/exec/user/thunk.h b/include/exec/user/thunk.h
index f19ef4b230..b2659e0def 100644
--- a/include/exec/user/thunk.h
+++ b/include/exec/user/thunk.h
@@ -37,6 +37,7 @@ typedef enum argtype {
TYPE_ARRAY,
TYPE_STRUCT,
TYPE_OLDDEVT,
+ TYPE_INTBITFIELD,
} argtype;
#define MK_PTR(type) TYPE_PTR, type
@@ -89,6 +90,7 @@ static inline int thunk_type_size(const argtype *type_ptr, int is_host)
case TYPE_SHORT:
return 2;
case TYPE_INT:
+ case TYPE_INTBITFIELD:
return 4;
case TYPE_LONGLONG:
case TYPE_ULONGLONG:
@@ -151,6 +153,7 @@ static inline int thunk_type_align(const argtype *type_ptr, int is_host)
case TYPE_SHORT:
return 2;
case TYPE_INT:
+ case TYPE_INTBITFIELD:
return 4;
case TYPE_LONGLONG:
case TYPE_ULONGLONG:
diff --git a/thunk.c b/thunk.c
index 2dac36666d..0eb72861fe 100644
--- a/thunk.c
+++ b/thunk.c
@@ -37,6 +37,7 @@ static inline const argtype *thunk_type_next(const argtype *type_ptr)
case TYPE_CHAR:
case TYPE_SHORT:
case TYPE_INT:
+ case TYPE_INTBITFIELD:
case TYPE_LONGLONG:
case TYPE_ULONGLONG:
case TYPE_LONG:
@@ -139,6 +140,26 @@ const argtype *thunk_convert(void *dst, const void *src,
case TYPE_INT:
*(uint32_t *)dst = tswap32(*(uint32_t *)src);
break;
+ case TYPE_INTBITFIELD:
+#if defined(TARGET_I386) && defined(__powerpc__)
+ /* powerpc uses the MSB, whereas i386 uses the LSB
+ * to store the first bit in a field */
+ {
+ unsigned char byte = *(uint8_t *)src;
+ *(uint8_t *)dst = ((byte >> 7) & 1)
+ | ((byte >> 5) & 2)
+ | ((byte >> 3) & 4)
+ | ((byte >> 1) & 8)
+ | ((byte << 1) & 16)
+ | ((byte << 3) & 32)
+ | ((byte << 5) & 64)
+ | ((byte << 7) & 128);
+ /* FIXME: implement for bitfields > 1 byte and other archs */
+ }
+#else
+ *(uint32_t *)dst = tswap32(*(uint32_t *)src);
+#endif
+ break;
case TYPE_LONGLONG:
case TYPE_ULONGLONG:
*(uint64_t *)dst = tswap64(*(uint64_t *)src);

View File

@ -1,4 +1,4 @@
From cc91b17c96a16f1fccdbe4f7ab534816b4ff5e77 Mon Sep 17 00:00:00 2001
From b05b060316ffa77e26dc32215b3cfd49286b0c2f Mon Sep 17 00:00:00 2001
From: Ulrich Hecht <uli@suse.de>
Date: Tue, 14 Apr 2009 16:25:41 +0200
Subject: [PATCH] qemu-cvs-gettimeofday
@ -9,10 +9,10 @@ No clue what this is for.
1 file changed, 2 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index cec8428589..03c3576dab 100644
index 9b6364a266..ec6ee23f96 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -8914,6 +8914,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
@@ -8950,6 +8950,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
case TARGET_NR_gettimeofday:
{
struct timeval tv;

File diff suppressed because it is too large Load Diff

View File

@ -1,4 +1,4 @@
From a047a2ecf689e8f70d09ad3804b1c1fe8bca4406 Mon Sep 17 00:00:00 2001
From b92757bdfdd6bec948283cec7183ab3a2cdfa2d9 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 14 Apr 2009 16:26:33 +0200
Subject: [PATCH] qemu-cvs-ioctl_debug
@ -12,10 +12,10 @@ Signed-off-by: Ulrich Hecht <uli@suse.de>
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 03c3576dab..891ee1c6ea 100644
index ec6ee23f96..cf290dbf4b 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -5611,7 +5611,12 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
@@ -5615,7 +5615,12 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
ie = ioctl_entries;
for(;;) {
if (ie->target_cmd == 0) {

View File

@ -1,45 +0,0 @@
From 60ce6f53311146b52cd81ddd0aa964a1afa5bd5f Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 14 Apr 2009 16:24:15 +0200
Subject: [PATCH] qemu-cvs-alsa_mmap
Hack to prevent ALSA from using mmap() interface to simplify emulation.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Ulrich Hecht <uli@suse.de>
---
linux-user/mmap.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index 4888f53139..a3fcea263f 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -357,6 +357,9 @@ abi_ulong mmap_find_vma(abi_ulong start, abi_ulong size)
}
}
+#define SNDRV_PCM_MMAP_OFFSET_STATUS 0x80000000
+#define SNDRV_PCM_MMAP_OFFSET_CONTROL 0x81000000
+
/* NOTE: all the constants are the HOST ones */
abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
int flags, int fd, abi_ulong offset)
@@ -391,6 +394,17 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
}
#endif
+ /* Alsa tries to communcate with the kernel via mmap. This usually
+ * is a good idea when user- and kernelspace are running on the
+ * same architecture but does not work out when not. To make alsa
+ * not to use mmap, we can just have it fail on the mmap calls that
+ * would initiate this.
+ */
+ if(offset == SNDRV_PCM_MMAP_OFFSET_STATUS || offset == SNDRV_PCM_MMAP_OFFSET_CONTROL) {
+ errno = EINVAL;
+ return -1;
+ }
+
if (offset & ~TARGET_PAGE_MASK) {
errno = EINVAL;
goto fail;

View File

@ -1,4 +1,4 @@
From 82f268e91d5582f5bf7c327abe2ba6c4ff527f7b Mon Sep 17 00:00:00 2001
From 1e894eafd90d078886d31e50774d8f3b5732f087 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 14 Apr 2009 16:27:36 +0200
Subject: [PATCH] qemu-cvs-ioctl_nodirection
@ -15,10 +15,10 @@ Signed-off-by: Ulrich Hecht <uli@suse.de>
1 file changed, 6 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 891ee1c6ea..2f82a7d1a6 100644
index cf290dbf4b..1802aec4cb 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -5648,6 +5648,11 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
@@ -5652,6 +5652,11 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
arg_type++;
target_size = thunk_type_size(arg_type, 0);
switch(ie->access) {
@ -30,7 +30,7 @@ index 891ee1c6ea..2f82a7d1a6 100644
case IOC_R:
ret = get_errno(safe_ioctl(fd, ie->host_cmd, buf_temp));
if (!is_error(ret)) {
@@ -5666,6 +5671,7 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
@@ -5670,6 +5675,7 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
unlock_user(argptr, arg, 0);
ret = get_errno(safe_ioctl(fd, ie->host_cmd, buf_temp));
break;

View File

@ -1,4 +1,4 @@
From c1f6c6bbb68c9ceb462cb3f8f4a2abd719f67bd5 Mon Sep 17 00:00:00 2001
From 05252b67f56cf792580ff32cd8f577f747bf588e Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Fri, 30 Sep 2011 19:40:36 +0200
Subject: [PATCH] linux-user: add binfmt wrapper for argv[0] handling
@ -37,7 +37,7 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
create mode 100644 linux-user/binfmt.c
diff --git a/Makefile.target b/Makefile.target
index 7df2b8c149..85ae084545 100644
index 7f42c45db8..b5a3574059 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -36,6 +36,10 @@ endif
@ -60,7 +60,7 @@ index 7df2b8c149..85ae084545 100644
endif #CONFIG_LINUX_USER
#########################################################
@@ -169,7 +175,11 @@ endif # CONFIG_SOFTMMU
@@ -162,7 +168,11 @@ endif # CONFIG_SOFTMMU
# Workaround for http://gcc.gnu.org/PR55489, see configure.
%/translate.o: QEMU_CFLAGS += $(TRANSLATE_OPT_CFLAGS)
@ -72,7 +72,7 @@ index 7df2b8c149..85ae084545 100644
all-obj-y := $(obj-y)
target-obj-y :=
@@ -211,6 +221,9 @@ ifdef CONFIG_DARWIN
@@ -203,6 +213,9 @@ ifdef CONFIG_DARWIN
$(call quiet-command,SetFile -a C $@,"SETFILE","$(TARGET_DIR)$@")
endif

View File

@ -1,4 +1,4 @@
From 5af3522f9a43395d9445806b150c0b9f5a7d107e Mon Sep 17 00:00:00 2001
From e1e2752d5d87ad1b341e1205938c627ca0d7f82c Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Fri, 6 Jan 2012 01:05:55 +0100
Subject: [PATCH] PPC: KVM: Disable mmu notifier check
@ -13,12 +13,12 @@ KVM guests work there, even if possibly racy in some odd circumstances.
1 file changed, 2 insertions(+)
diff --git a/exec.c b/exec.c
index c97ef4a8da..b47b3f9096 100644
index d20c34ca83..b54fbb02c8 100644
--- a/exec.c
+++ b/exec.c
@@ -1362,11 +1362,13 @@ static void *file_ram_alloc(RAMBlock *block,
int fd = -1;
int64_t file_size;
@@ -1950,11 +1950,13 @@ RAMBlock *qemu_ram_alloc_from_fd(ram_addr_t size, MemoryRegion *mr,
return NULL;
}
+#ifndef TARGET_PPC
if (kvm_enabled() && !kvm_has_sync_mmu()) {
@ -28,5 +28,5 @@ index c97ef4a8da..b47b3f9096 100644
}
+#endif
for (;;) {
fd = open(path, O_RDWR);
if (phys_mem_alloc != qemu_anon_ram_alloc) {
/*

View File

@ -1,4 +1,4 @@
From ebdfb6b8345badf51e6da5f56abcb069de29ebfe Mon Sep 17 00:00:00 2001
From d37e6a8cf4aafca05c62d45a9e0f6c7a2315bd90 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Fri, 13 Jan 2012 17:05:41 +0100
Subject: [PATCH] linux-user: fix segfault deadlock
@ -26,7 +26,7 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 4 insertions(+)
diff --git a/user-exec.c b/user-exec.c
index a8f95fa1e1..c262653604 100644
index 2a975eaf69..6225c4e1a8 100644
--- a/user-exec.c
+++ b/user-exec.c
@@ -78,6 +78,10 @@ static inline int handle_cpu_signal(uintptr_t pc, unsigned long address,

View File

@ -1,4 +1,4 @@
From 8a8e7f00c3028d2f07a8afd4dabf20b634654637 Mon Sep 17 00:00:00 2001
From 36b9976bddad38fa0aa991655482c0c087c2e704 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 2 Feb 2012 18:02:33 +0100
Subject: [PATCH] linux-user: binfmt: support host binaries

View File

@ -1,4 +1,4 @@
From fd25a10cf311c732589a131c107b0dd61a845ecf Mon Sep 17 00:00:00 2001
From 8993e5938b5c14148c8fe4898946731c61707ecd Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 23 Jul 2012 10:24:14 +0200
Subject: [PATCH] linux-user: Fake /proc/cpuinfo
@ -22,10 +22,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 20 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 2f82a7d1a6..37b49bd406 100644
index 1802aec4cb..cf22c5b96a 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -7503,6 +7503,25 @@ static int open_self_stat(void *cpu_env, int fd)
@@ -7472,6 +7472,25 @@ static int open_self_stat(void *cpu_env, int fd)
return 0;
}
@ -51,7 +51,7 @@ index 2f82a7d1a6..37b49bd406 100644
static int open_self_auxv(void *cpu_env, int fd)
{
CPUState *cpu = ENV_GET_CPU((CPUArchState *)cpu_env);
@@ -7617,6 +7636,7 @@ static int do_openat(void *cpu_env, int dirfd, const char *pathname, int flags,
@@ -7586,6 +7605,7 @@ static int do_openat(void *cpu_env, int dirfd, const char *pathname, int flags,
#if defined(HOST_WORDS_BIGENDIAN) != defined(TARGET_WORDS_BIGENDIAN)
{ "/proc/net/route", open_net_route, is_proc },
#endif

View File

@ -1,4 +1,4 @@
From be8989734d0f8f83659186495cca577e3844a310 Mon Sep 17 00:00:00 2001
From 6c7351296bd1d8b500f33c7ef7832d3d12a76bb4 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 21 Aug 2012 14:20:40 +0200
Subject: [PATCH] linux-user: XXX disable fiemap
@ -9,10 +9,10 @@ agraf: fiemap breaks in libarchive. Disable it for now.
1 file changed, 5 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 37b49bd406..983475a0b9 100644
index cf22c5b96a..99e9ee82ed 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -5076,6 +5076,11 @@ static abi_long do_ioctl_fs_ioc_fiemap(const IOCTLEntry *ie, uint8_t *buf_temp,
@@ -5080,6 +5080,11 @@ static abi_long do_ioctl_fs_ioc_fiemap(const IOCTLEntry *ie, uint8_t *buf_temp,
uint32_t outbufsz;
int free_fm = 0;

View File

@ -1,4 +1,4 @@
From 86cc99ea8d1648c0e2388cde261e8349d7f235b8 Mon Sep 17 00:00:00 2001
From ca891b6c05280246f827a2692d216efa763a3eff Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 9 Oct 2012 09:06:49 +0200
Subject: [PATCH] linux-user: use target_ulong
@ -36,10 +36,10 @@ index 4edd7d0c08..25208645e9 100644
extern THREAD CPUState *thread_cpu;
void cpu_loop(CPUArchState *env);
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 983475a0b9..1472d72f27 100644
index 99e9ee82ed..a2bb65922b 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -7710,10 +7710,10 @@ static target_timer_t get_timer_id(abi_long arg)
@@ -7728,10 +7728,10 @@ static TargetFdTrans target_inotify_trans = {
/* do_syscall() should always have a single exit point at the end so
that actions, such as logging of syscall results, can be performed.
All errnos that do_syscall() returns must be -TARGET_<errcode>. */

View File

@ -1,4 +1,4 @@
From 0e5cce67ba0aafd9cf0bc3c31a3b24706bee26f4 Mon Sep 17 00:00:00 2001
From 8f591fd391262fbf76373136fc5a1629635b4de4 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 6 Jun 2011 06:53:52 +0200
Subject: [PATCH] console: add question-mark escape operator
@ -16,7 +16,7 @@ Signed-off-by: Alexander Graf <agraf@suse.de>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ui/console.c b/ui/console.c
index 419b098c11..9688457480 100644
index d2d3534c49..c28e19c375 100644
--- a/ui/console.c
+++ b/ui/console.c
@@ -880,7 +880,7 @@ static void console_putchar(QemuConsole *s, int ch)

View File

@ -1,4 +1,4 @@
From dafee8907bcaa3ee580ebef4f76e7d62c14cd5c3 Mon Sep 17 00:00:00 2001
From 6d94b304169f112118fb6dd78c5cd2617e4613f6 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 1 Apr 2010 17:36:23 +0200
Subject: [PATCH] Make char muxer more robust wrt small FIFOs
@ -20,15 +20,37 @@ This patch fixes input when using -nographic on s390 for me.
[AF: Rebased for v2.7.0-rc2]
---
chardev/char-mux.c | 13 +++++++++++++
chardev/char-mux.h | 3 +++
2 files changed, 16 insertions(+)
chardev/char-fe.c | 1 +
chardev/char-mux.c | 14 ++++++++++++++
chardev/char.c | 1 +
include/chardev/char-mux.h | 3 +++
4 files changed, 19 insertions(+)
diff --git a/chardev/char-fe.c b/chardev/char-fe.c
index f3af6ae584..9683926048 100644
--- a/chardev/char-fe.c
+++ b/chardev/char-fe.c
@@ -21,6 +21,7 @@
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
+#define HW_POISON_H // avoid poison since we patch against rules it "enforces"
#include "qemu/osdep.h"
#include "qemu/error-report.h"
#include "qapi/error.h"
diff --git a/chardev/char-mux.c b/chardev/char-mux.c
index 5547a36a0a..7b80dc8ad7 100644
index 4cda5e7458..a6dc05c624 100644
--- a/chardev/char-mux.c
+++ b/chardev/char-mux.c
@@ -179,6 +179,15 @@ static void mux_chr_accept_input(Chardev *chr)
@@ -21,6 +21,7 @@
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
+#define HW_POISON_H // avoid poison since we patch against rules it "enforces"
#include "qemu/osdep.h"
#include "qapi/error.h"
#include "qemu-common.h"
@@ -179,6 +180,15 @@ static void mux_chr_accept_input(Chardev *chr)
be->chr_read(be->opaque,
&d->buffer[m][d->cons[m]++ & MUX_BUFFER_MASK], 1);
}
@ -44,7 +66,7 @@ index 5547a36a0a..7b80dc8ad7 100644
}
static int mux_chr_can_read(void *opaque)
@@ -308,6 +317,10 @@ static void qemu_chr_open_mux(Chardev *chr,
@@ -314,6 +324,10 @@ static void qemu_chr_open_mux(Chardev *chr,
}
d->focus = -1;
@ -55,11 +77,23 @@ index 5547a36a0a..7b80dc8ad7 100644
/* only default to opened state if we've realized the initial
* set of muxes
*/
diff --git a/chardev/char-mux.h b/chardev/char-mux.h
index 9a2fffce91..d5f419c8a9 100644
--- a/chardev/char-mux.h
+++ b/chardev/char-mux.h
@@ -35,6 +35,9 @@ typedef struct MuxChardev {
diff --git a/chardev/char.c b/chardev/char.c
index 5d283b90d3..d74fd7aeb9 100644
--- a/chardev/char.c
+++ b/chardev/char.c
@@ -21,6 +21,7 @@
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
+#define HW_POISON_H // avoid poison since we patch against rules it "enforces"
#include "qemu/osdep.h"
#include "qemu/cutils.h"
#include "monitor/monitor.h"
diff --git a/include/chardev/char-mux.h b/include/chardev/char-mux.h
index 8928977897..ee9bfe7205 100644
--- a/include/chardev/char-mux.h
+++ b/include/chardev/char-mux.h
@@ -36,6 +36,9 @@ typedef struct MuxChardev {
Chardev parent;
CharBackend *backends[MAX_MUX];
CharBackend chr;

View File

@ -1,4 +1,4 @@
From 53b09a6f91e505d68429e5e67002fcd476d5e4ee Mon Sep 17 00:00:00 2001
From 94bf05dfa58cb57d03bb02e9937c029df3497022 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 13 Dec 2012 14:29:22 +0100
Subject: [PATCH] linux-user: lseek: explicitly cast non-set offsets to signed
@ -16,10 +16,10 @@ Signed-off-by: Alexander Graf <agraf@suse.de>
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 1472d72f27..71d4f06bdb 100644
index a2bb65922b..8b75b1f588 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -8076,9 +8076,14 @@ abi_long do_syscall(void *cpu_env, int num, abi_ulong arg1,
@@ -8107,9 +8107,14 @@ abi_long do_syscall(void *cpu_env, int num, abi_ulong arg1,
case TARGET_NR_oldstat:
goto unimplemented;
#endif

View File

@ -1,124 +0,0 @@
From 83cb2267f51dd9240a9c7940205e65373a7665c3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 29 Aug 2012 18:42:56 +0200
Subject: [PATCH] slirp: -nooutgoing
TBD (from SUSE Studio team)
---
qemu-options.hx | 10 ++++++++++
slirp/socket.c | 8 ++++++++
slirp/tcp_subr.c | 12 ++++++++++++
vl.c | 9 +++++++++
4 files changed, 39 insertions(+)
diff --git a/qemu-options.hx b/qemu-options.hx
index 99af8edf5f..4712277d7c 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -3215,6 +3215,16 @@ Store the QEMU process PID in @var{file}. It is useful if you launch QEMU
from a script.
ETEXI
+DEF("nooutgoing", HAS_ARG, QEMU_OPTION_nooutgoing, \
+ "-nooutgoing <IP>\n" \
+ " incoming traffic only from IP, no outgoing\n", \
+ QEMU_ARCH_ALL)
+STEXI
+@item -nooutgoing
+Forbid userspace networking to make outgoing connections. Only accept incoming
+connections from ip address IP.
+ETEXI
+
DEF("singlestep", 0, QEMU_OPTION_singlestep, \
"-singlestep always run in singlestep mode\n", QEMU_ARCH_ALL)
STEXI
diff --git a/slirp/socket.c b/slirp/socket.c
index 86927722e1..5c89064e15 100644
--- a/slirp/socket.c
+++ b/slirp/socket.c
@@ -625,6 +625,8 @@ sorecvfrom(struct socket *so)
} /* if ping packet */
}
+extern int slirp_nooutgoing;
+
/*
* sendto() a socket
*/
@@ -642,6 +644,12 @@ sosendto(struct socket *so, struct mbuf *m)
DEBUG_CALL(" sendto()ing)");
sotranslate_out(so, &addr);
+ /* Only allow DNS requests */
+ if (slirp_nooutgoing && ntohs(((struct sockaddr_in *)&addr)->sin_port) != 53) {
+ errno = EHOSTUNREACH;
+ return -1;
+ }
+
/* Don't care what port we get */
ret = sendto(so->s, m->m_data, m->m_len, 0,
(struct sockaddr *)&addr, sockaddr_size(&addr));
diff --git a/slirp/tcp_subr.c b/slirp/tcp_subr.c
index ed16e1807f..b2c7a8cba0 100644
--- a/slirp/tcp_subr.c
+++ b/slirp/tcp_subr.c
@@ -391,6 +391,8 @@ tcp_sockclosed(struct tcpcb *tp)
* nonblocking. Connect returns after the SYN is sent, and does
* not wait for ACK+SYN.
*/
+extern int slirp_nooutgoing;
+
int tcp_fconnect(struct socket *so, unsigned short af)
{
int ret=0;
@@ -398,6 +400,11 @@ int tcp_fconnect(struct socket *so, unsigned short af)
DEBUG_CALL("tcp_fconnect");
DEBUG_ARG("so = %p", so);
+ if (slirp_nooutgoing) {
+ errno = EHOSTUNREACH;
+ return -1;
+ }
+
ret = so->s = qemu_socket(af, SOCK_STREAM, 0);
if (ret >= 0) {
int opt, s=so->s;
@@ -478,6 +485,11 @@ void tcp_connect(struct socket *inso)
tcp_close(sototcpcb(so)); /* This will sofree() as well */
return;
}
+ if (slirp_nooutgoing && ((struct sockaddr_in *)&addr)->sin_addr.s_addr != slirp_nooutgoing) {
+ tcp_close(sototcpcb(so)); /* This will sofree() as well */
+ closesocket(s);
+ return;
+ }
qemu_set_nonblock(s);
socket_set_fast_reuse(s);
opt = 1;
diff --git a/vl.c b/vl.c
index 0b4ed5241c..e0f2ec86a9 100644
--- a/vl.c
+++ b/vl.c
@@ -168,6 +168,7 @@ int smp_threads = 1;
int acpi_enabled = 1;
int no_hpet = 0;
int fd_bootchk = 1;
+int slirp_nooutgoing = 0;
static int no_reboot;
int no_shutdown = 0;
int cursor_hide = 1;
@@ -3405,6 +3406,14 @@ int main(int argc, char **argv, char **envp)
case QEMU_OPTION_singlestep:
singlestep = 1;
break;
+ case QEMU_OPTION_nooutgoing:
+ slirp_nooutgoing = inet_addr(optarg);
+ if (slirp_nooutgoing == INADDR_NONE) {
+ printf("Invalid address: %s.\nOnly addresses of the format "
+ "xxx.xxx.xxx.xxx are supported.\n", optarg);
+ exit(1);
+ }
+ break;
case QEMU_OPTION_S:
autostart = 0;
break;

View File

@ -1,4 +1,4 @@
From 5d3ffee948660539ebe7dc51595986d18ae3701b Mon Sep 17 00:00:00 2001
From 2ca6f0f0129374584098e60809afaaa43c609666 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Wed, 14 Jan 2015 01:32:11 +0100
Subject: [PATCH] AIO: Reduce number of threads for 32bit hosts

View File

@ -1,132 +0,0 @@
From 1e4392f3e2e1641b7ed570da630a9e86cb23710d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 29 Aug 2012 20:06:01 +0200
Subject: [PATCH] vnc: password-file= and incoming-connections=
TBD (from SUSE Studio team)
---
ui/vnc.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 55 insertions(+)
diff --git a/ui/vnc.c b/ui/vnc.c
index 349cfc9d86..486d2759e4 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -59,6 +59,8 @@ static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 };
static QTAILQ_HEAD(, VncDisplay) vnc_displays =
QTAILQ_HEAD_INITIALIZER(vnc_displays);
+static int allowed_connections = 0;
+
static int vnc_cursor_define(VncState *vs);
static void vnc_release_modifiers(VncState *vs);
@@ -1130,6 +1132,7 @@ static void vnc_disconnect_start(VncState *vs)
void vnc_disconnect_finish(VncState *vs)
{
int i;
+ static int num_disconnects = 0;
vnc_jobs_join(vs); /* Wait encoding jobs */
@@ -1178,6 +1181,13 @@ void vnc_disconnect_finish(VncState *vs)
object_unref(OBJECT(vs->sioc));
vs->sioc = NULL;
g_free(vs);
+
+ num_disconnects++;
+ if (allowed_connections > 0 && allowed_connections <= num_disconnects) {
+ VNC_DEBUG("Maximum number of disconnects (%d) reached:"
+ " Session terminating\n", allowed_connections);
+ exit(0);
+ }
}
ssize_t vnc_client_io_error(VncState *vs, ssize_t ret, Error **errp)
@@ -3171,6 +3181,39 @@ static void vnc_display_print_local_addr(VncDisplay *vd)
qapi_free_SocketAddress(addr);
}
+static void read_file_password(const char *id, const char *filename)
+{
+ FILE *pfile = NULL;
+ char *passwd = NULL;
+ int start = 0, length = 0, rc = 0;
+
+ if (strlen(filename) == 0) {
+ printf("No file supplied\n");
+ return;
+ }
+
+ pfile = fopen(filename, "r");
+ if (pfile == NULL) {
+ printf("Could not read from %s\n", filename);
+ return;
+ }
+
+ start = ftell(pfile);
+ fseek(pfile, 0L, SEEK_END);
+ length = ftell(pfile);
+ fseek(pfile, 0L, start);
+
+ passwd = g_malloc(length + 1);
+ rc = fread(passwd, 1, length, pfile);
+ fclose(pfile);
+
+ if (rc == length && rc > 0) {
+ vnc_display_password(id, passwd);
+ }
+
+ g_free(passwd);
+}
+
static QemuOptsList qemu_vnc_opts = {
.name = "vnc",
.head = QTAILQ_HEAD_INITIALIZER(qemu_vnc_opts.head),
@@ -3201,6 +3244,9 @@ static QemuOptsList qemu_vnc_opts = {
},{
.name = "connections",
.type = QEMU_OPT_NUMBER,
+ },{
+ .name = "allowed-connections",
+ .type = QEMU_OPT_NUMBER,
},{
.name = "to",
.type = QEMU_OPT_NUMBER,
@@ -3213,6 +3259,9 @@ static QemuOptsList qemu_vnc_opts = {
},{
.name = "password",
.type = QEMU_OPT_BOOL,
+ },{
+ .name = "password-file",
+ .type = QEMU_OPT_STRING,
},{
.name = "reverse",
.type = QEMU_OPT_BOOL,
@@ -3766,6 +3815,7 @@ void vnc_display_open(const char *id, Error **errp)
const char *share, *device_id;
QemuConsole *con;
bool password = false;
+ const char *password_file;
bool reverse = false;
const char *credid;
bool sasl = false;
@@ -3809,6 +3859,10 @@ void vnc_display_open(const char *id, Error **errp)
goto fail;
}
}
+ password_file = qemu_opt_get(opts, "password-file");
+ if (password_file) {
+ read_file_password(id, password_file);
+ }
lock_key_sync = qemu_opt_get_bool(opts, "lock-key-sync", true);
key_delay_ms = qemu_opt_get_number(opts, "key-delay-ms", 1);
@@ -3897,6 +3951,7 @@ void vnc_display_open(const char *id, Error **errp)
vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
}
vd->connections_limit = qemu_opt_get_number(opts, "connections", 32);
+ allowed_connections = qemu_opt_get_number(opts, "allowed-connections", 0);
#ifdef CONFIG_VNC_JPEG
vd->lossy = qemu_opt_get_bool(opts, "lossy", false);

View File

@ -1,4 +1,4 @@
From e583a3cabe6667f8446d6ba35bd1f730d3ac991f Mon Sep 17 00:00:00 2001
From c6660c98496ab59522e3ebaa1f1339beff864ca5 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Wed, 9 Mar 2016 15:18:11 -0700
Subject: [PATCH] xen_disk: Add suse specific flush disable handling and map to
@ -17,18 +17,18 @@ Signed-off-by: Olaf Hering <olaf@aepfle.de>
1 file changed, 15 insertions(+)
diff --git a/hw/block/xen_disk.c b/hw/block/xen_disk.c
index 456a2d5694..94e755d3e8 100644
index d42ed7070d..0dc524903e 100644
--- a/hw/block/xen_disk.c
+++ b/hw/block/xen_disk.c
@@ -111,6 +111,7 @@ struct XenBlkDev {
int requests_inflight;
@@ -113,6 +113,7 @@ struct XenBlkDev {
int requests_finished;
unsigned int max_requests;
+ gboolean cache_unsafe;
/* Persistent grants extension */
gboolean feature_discard;
gboolean feature_persistent;
@@ -960,6 +961,16 @@ static void blk_parse_discard(struct XenBlkDev *blkdev)
@@ -947,6 +948,16 @@ static void blk_parse_discard(struct XenBlkDev *blkdev)
}
}
@ -45,15 +45,15 @@ index 456a2d5694..94e755d3e8 100644
static int blk_init(struct XenDevice *xendev)
{
struct XenBlkDev *blkdev = container_of(xendev, struct XenBlkDev, xendev);
@@ -1031,6 +1042,7 @@ static int blk_init(struct XenDevice *xendev)
xenstore_write_be_int(&blkdev->xendev, "info", info);
@@ -1028,6 +1039,7 @@ static int blk_init(struct XenDevice *xendev)
MAX_RING_PAGE_ORDER);
blk_parse_discard(blkdev);
+ blk_parse_cache_unsafe(blkdev);
g_free(directiosafe);
return 0;
@@ -1073,6 +1085,9 @@ static int blk_connect(struct XenDevice *xendev)
@@ -1083,6 +1095,9 @@ static int blk_connect(struct XenDevice *xendev)
qflags |= BDRV_O_UNMAP;
}

View File

@ -1,646 +0,0 @@
From 9f1a253507537ec3fd31fb6bf9d9ad3278f1cd46 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Wed, 5 Aug 2009 09:49:37 +0200
Subject: [PATCH] block: Add support for DictZip enabled gzip files
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
DictZip is an extension to the gzip format that allows random seeks in gzip
compressed files by cutting the file into pieces and storing the piece offsets
in the "extra" header of the gzip format.
Thanks to that extension, we can use gzip compressed files as block backend,
though only in read mode.
This makes a lot of sense when stacked with tar files that can then be shipped
to VM users. If a VM image is inside a tar file that is inside a DictZip
enabled gzip file, the user can run the tar.gz file as is without having to
extract the image first.
Tar patch follows.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Bruce Rogers <brogers@novell.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
[TH: Use bdrv_open options instead of filename]
Signed-off-by: Tim Hardeck <thardeck@suse.de>
[AF: Error **errp added for bdrv_file_open, bdrv_delete -> bdrv_unref]
[AF: qemu_opts_create_nofail() -> qemu_opts_create(),
bdrv_file_open() -> bdrv_open(), based on work by brogers]
[AF: error_is_set() dropped for v2.1.0-rc0]
[AF: BlockDriverAIOCB -> BlockAIOCB,
BlockDriverCompletionFunc -> BlockCompletionFunc,
qemu_aio_release() -> qemu_aio_unref(),
drop dictzip_aio_cancel()]
[AF: common-obj-y -> block-obj-y, drop probe hook (bsc#945778)]
[AF: Drop bdrv_open() drv parameter for 2.5]
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Bruce Rogers <brogers@suse.com>
[AF: Drop bdrv_open() bs parameter and change return value for v2.7.0-rc2,
for bdrv_pread() and bdrv_aio_readv() do s/s->hd/s->hd->file/]
Signed-off-by: Andreas Färber <afaerber@suse.de>
---
block/Makefile.objs | 1 +
block/dictzip.c | 580 ++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 581 insertions(+)
create mode 100644 block/dictzip.c
diff --git a/block/Makefile.objs b/block/Makefile.objs
index de96f8ee80..bab24da2fb 100644
--- a/block/Makefile.objs
+++ b/block/Makefile.objs
@@ -21,6 +21,7 @@ block-obj-$(CONFIG_RBD) += rbd.o
block-obj-$(CONFIG_GLUSTERFS) += gluster.o
block-obj-$(CONFIG_LIBSSH2) += ssh.o
block-obj-y += accounting.o dirty-bitmap.o
+block-obj-y += dictzip.o
block-obj-y += write-threshold.o
block-obj-y += backup.o
block-obj-$(CONFIG_REPLICATION) += replication.o
diff --git a/block/dictzip.c b/block/dictzip.c
new file mode 100644
index 0000000000..4b7e2db817
--- /dev/null
+++ b/block/dictzip.c
@@ -0,0 +1,580 @@
+/*
+ * DictZip Block driver for dictzip enabled gzip files
+ *
+ * Use the "dictzip" tool from the "dictd" package to create gzip files that
+ * contain the extra DictZip headers.
+ *
+ * dictzip(1) is a compression program which creates compressed files in the
+ * gzip format (see RFC 1952). However, unlike gzip(1), dictzip(1) compresses
+ * the file in pieces and stores an index to the pieces in the gzip header.
+ * This allows random access to the file at the granularity of the compressed
+ * pieces (currently about 64kB) while maintaining good compression ratios
+ * (within 5% of the expected ratio for dictionary data).
+ * dictd(8) uses files stored in this format.
+ *
+ * For details on DictZip see http://dict.org/.
+ *
+ * Copyright (c) 2009 Alexander Graf <agraf@suse.de>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "qemu-common.h"
+#include "block/block_int.h"
+#include <zlib.h>
+
+// #define DEBUG
+
+#ifdef DEBUG
+#define dprintf(fmt, ...) do { printf("dzip: " fmt, ## __VA_ARGS__); } while (0)
+#else
+#define dprintf(fmt, ...) do { } while (0)
+#endif
+
+#define SECTOR_SIZE 512
+#define Z_STREAM_COUNT 4
+#define CACHE_COUNT 20
+
+/* magic values */
+
+#define GZ_MAGIC1 0x1f
+#define GZ_MAGIC2 0x8b
+#define DZ_MAGIC1 'R'
+#define DZ_MAGIC2 'A'
+
+#define GZ_FEXTRA 0x04 /* Optional field (random access index) */
+#define GZ_FNAME 0x08 /* Original name */
+#define GZ_COMMENT 0x10 /* Zero-terminated, human-readable comment */
+#define GZ_FHCRC 0x02 /* Header CRC16 */
+
+/* offsets */
+
+#define GZ_ID 0 /* GZ_MAGIC (16bit) */
+#define GZ_FLG 3 /* FLaGs (see above) */
+#define GZ_XLEN 10 /* eXtra LENgth (16bit) */
+#define GZ_SI 12 /* Subfield ID (16bit) */
+#define GZ_VERSION 16 /* Version for subfield format */
+#define GZ_CHUNKSIZE 18 /* Chunk size (16bit) */
+#define GZ_CHUNKCNT 20 /* Number of chunks (16bit) */
+#define GZ_RNDDATA 22 /* Random access data (16bit) */
+
+#define GZ_99_CHUNKSIZE 18 /* Chunk size (32bit) */
+#define GZ_99_CHUNKCNT 22 /* Number of chunks (32bit) */
+#define GZ_99_FILESIZE 26 /* Size of unpacked file (64bit) */
+#define GZ_99_RNDDATA 34 /* Random access data (32bit) */
+
+struct BDRVDictZipState;
+
+typedef struct DictZipAIOCB {
+ BlockAIOCB common;
+ struct BDRVDictZipState *s;
+ QEMUIOVector *qiov; /* QIOV of the original request */
+ QEMUIOVector *qiov_gz; /* QIOV of the gz subrequest */
+ QEMUBH *bh; /* BH for cache */
+ z_stream *zStream; /* stream to use for decoding */
+ int zStream_id; /* stream id of the above pointer */
+ size_t start; /* offset into the uncompressed file */
+ size_t len; /* uncompressed bytes to read */
+ uint8_t *gzipped; /* the gzipped data */
+ uint8_t *buf; /* cached result */
+ size_t gz_len; /* amount of gzip data */
+ size_t gz_start; /* uncompressed starting point of gzip data */
+ uint64_t offset; /* offset for "start" into the uncompressed chunk */
+ int chunks_len; /* amount of uncompressed data in all gzip data */
+} DictZipAIOCB;
+
+typedef struct dict_cache {
+ size_t start;
+ size_t len;
+ uint8_t *buf;
+} DictCache;
+
+typedef struct BDRVDictZipState {
+ BlockDriverState *hd;
+ z_stream zStream[Z_STREAM_COUNT];
+ DictCache cache[CACHE_COUNT];
+ int cache_index;
+ uint8_t stream_in_use;
+ uint64_t chunk_len;
+ uint32_t chunk_cnt;
+ uint16_t *chunks;
+ uint32_t *chunks32;
+ uint64_t *offsets;
+ int64_t file_len;
+} BDRVDictZipState;
+
+static int start_zStream(z_stream *zStream)
+{
+ zStream->zalloc = NULL;
+ zStream->zfree = NULL;
+ zStream->opaque = NULL;
+ zStream->next_in = 0;
+ zStream->avail_in = 0;
+ zStream->next_out = NULL;
+ zStream->avail_out = 0;
+
+ return inflateInit2( zStream, -15 );
+}
+
+static QemuOptsList runtime_opts = {
+ .name = "dzip",
+ .head = QTAILQ_HEAD_INITIALIZER(runtime_opts.head),
+ .desc = {
+ {
+ .name = "filename",
+ .type = QEMU_OPT_STRING,
+ .help = "URL to the dictzip file",
+ },
+ { /* end of list */ }
+ },
+};
+
+static int dictzip_open(BlockDriverState *bs, QDict *options, int flags, Error **errp)
+{
+ BDRVDictZipState *s = bs->opaque;
+ const char *err = "Unknown (read error?)";
+ uint8_t magic[2];
+ char buf[100];
+ uint8_t header_flags;
+ uint16_t chunk_len16;
+ uint16_t chunk_cnt16;
+ uint16_t header_ver;
+ uint16_t tmp_short;
+ uint64_t offset;
+ int chunks_len;
+ int headerLength = GZ_XLEN - 1;
+ int rnd_offs;
+ int ret;
+ int i;
+ QemuOpts *opts;
+ Error *local_err = NULL;
+ const char *filename;
+
+ opts = qemu_opts_create(&runtime_opts, NULL, 0, &error_abort);
+ qemu_opts_absorb_qdict(opts, options, &local_err);
+ if (local_err != NULL) {
+ error_propagate(errp, local_err);
+ ret = -EINVAL;
+ goto fail;
+ }
+
+ filename = qemu_opt_get(opts, "filename");
+
+ if (!strncmp(filename, "dzip://", 7))
+ filename += 7;
+ else if (!strncmp(filename, "dzip:", 5))
+ filename += 5;
+
+ s->hd = bdrv_open(filename, NULL, NULL, flags | BDRV_O_PROTOCOL, errp);
+ if (!s->hd) {
+ ret = -EINVAL;
+ qemu_opts_del(opts);
+ return ret;
+ }
+
+ /* initialize zlib streams */
+ for (i = 0; i < Z_STREAM_COUNT; i++) {
+ if (start_zStream( &s->zStream[i] ) != Z_OK) {
+ err = s->zStream[i].msg;
+ goto fail;
+ }
+ }
+
+ /* gzip header */
+ if (bdrv_pread(s->hd->file, GZ_ID, &magic, sizeof(magic)) != sizeof(magic))
+ goto fail;
+
+ if (!((magic[0] == GZ_MAGIC1) && (magic[1] == GZ_MAGIC2))) {
+ err = "No gzip file";
+ goto fail;
+ }
+
+ /* dzip header */
+ if (bdrv_pread(s->hd->file, GZ_FLG, &header_flags, 1) != 1)
+ goto fail;
+
+ if (!(header_flags & GZ_FEXTRA)) {
+ err = "Not a dictzip file (wrong flags)";
+ goto fail;
+ }
+
+ /* extra length */
+ if (bdrv_pread(s->hd->file, GZ_XLEN, &tmp_short, 2) != 2)
+ goto fail;
+
+ headerLength += le16_to_cpu(tmp_short) + 2;
+
+ /* DictZip magic */
+ if (bdrv_pread(s->hd->file, GZ_SI, &magic, 2) != 2)
+ goto fail;
+
+ if (magic[0] != DZ_MAGIC1 || magic[1] != DZ_MAGIC2) {
+ err = "Not a dictzip file (missing extra magic)";
+ goto fail;
+ }
+
+ /* DictZip version */
+ if (bdrv_pread(s->hd->file, GZ_VERSION, &header_ver, 2) != 2)
+ goto fail;
+
+ header_ver = le16_to_cpu(header_ver);
+
+ switch (header_ver) {
+ case 1: /* Normal DictZip */
+ /* number of chunks */
+ if (bdrv_pread(s->hd->file, GZ_CHUNKSIZE, &chunk_len16, 2) != 2)
+ goto fail;
+
+ s->chunk_len = le16_to_cpu(chunk_len16);
+
+ /* chunk count */
+ if (bdrv_pread(s->hd->file, GZ_CHUNKCNT, &chunk_cnt16, 2) != 2)
+ goto fail;
+
+ s->chunk_cnt = le16_to_cpu(chunk_cnt16);
+ chunks_len = sizeof(short) * s->chunk_cnt;
+ rnd_offs = GZ_RNDDATA;
+ break;
+ case 99: /* Special Alex pigz version */
+ /* number of chunks */
+ if (bdrv_pread(s->hd->file, GZ_99_CHUNKSIZE, &s->chunk_len, 4) != 4)
+ goto fail;
+
+ dprintf("chunk len [%#x] = %d\n", GZ_99_CHUNKSIZE, s->chunk_len);
+ s->chunk_len = le32_to_cpu(s->chunk_len);
+
+ /* chunk count */
+ if (bdrv_pread(s->hd->file, GZ_99_CHUNKCNT, &s->chunk_cnt, 4) != 4)
+ goto fail;
+
+ s->chunk_cnt = le32_to_cpu(s->chunk_cnt);
+
+ dprintf("chunk len | count = %d | %d\n", s->chunk_len, s->chunk_cnt);
+
+ /* file size */
+ if (bdrv_pread(s->hd->file, GZ_99_FILESIZE, &s->file_len, 8) != 8)
+ goto fail;
+
+ s->file_len = le64_to_cpu(s->file_len);
+ chunks_len = sizeof(int) * s->chunk_cnt;
+ rnd_offs = GZ_99_RNDDATA;
+ break;
+ default:
+ err = "Invalid DictZip version";
+ goto fail;
+ }
+
+ /* random access data */
+ s->chunks = g_malloc(chunks_len);
+ if (header_ver == 99)
+ s->chunks32 = (uint32_t *)s->chunks;
+
+ if (bdrv_pread(s->hd->file, rnd_offs, s->chunks, chunks_len) != chunks_len)
+ goto fail;
+
+ /* orig filename */
+ if (header_flags & GZ_FNAME) {
+ if (bdrv_pread(s->hd->file, headerLength + 1, buf, sizeof(buf)) != sizeof(buf))
+ goto fail;
+
+ buf[sizeof(buf) - 1] = '\0';
+ headerLength += strlen(buf) + 1;
+
+ if (strlen(buf) == sizeof(buf))
+ goto fail;
+
+ dprintf("filename: %s\n", buf);
+ }
+
+ /* comment field */
+ if (header_flags & GZ_COMMENT) {
+ if (bdrv_pread(s->hd->file, headerLength, buf, sizeof(buf)) != sizeof(buf))
+ goto fail;
+
+ buf[sizeof(buf) - 1] = '\0';
+ headerLength += strlen(buf) + 1;
+
+ if (strlen(buf) == sizeof(buf))
+ goto fail;
+
+ dprintf("comment: %s\n", buf);
+ }
+
+ if (header_flags & GZ_FHCRC)
+ headerLength += 2;
+
+ /* uncompressed file length*/
+ if (!s->file_len) {
+ uint32_t file_len;
+
+ if (bdrv_pread(s->hd->file, bdrv_getlength(s->hd) - 4, &file_len, 4) != 4)
+ goto fail;
+
+ s->file_len = le32_to_cpu(file_len);
+ }
+
+ /* compute offsets */
+ s->offsets = g_malloc(sizeof( *s->offsets ) * s->chunk_cnt);
+
+ for (offset = headerLength + 1, i = 0; i < s->chunk_cnt; i++) {
+ s->offsets[i] = offset;
+ switch (header_ver) {
+ case 1:
+ offset += s->chunks[i];
+ break;
+ case 99:
+ offset += s->chunks32[i];
+ break;
+ }
+
+ dprintf("chunk %#x - %#x = offset %#x -> %#x\n", i * s->chunk_len, (i+1) * s->chunk_len, s->offsets[i], offset);
+ }
+ qemu_opts_del(opts);
+
+ return 0;
+
+fail:
+ fprintf(stderr, "DictZip: Error opening file: %s\n", err);
+ bdrv_unref(s->hd);
+ if (s->chunks)
+ g_free(s->chunks);
+ qemu_opts_del(opts);
+ return -EINVAL;
+}
+
+/* This callback gets invoked when we have the result in cache already */
+static void dictzip_cache_cb(void *opaque)
+{
+ DictZipAIOCB *acb = (DictZipAIOCB *)opaque;
+
+ qemu_iovec_from_buf(acb->qiov, 0, acb->buf, acb->len);
+ acb->common.cb(acb->common.opaque, 0);
+ qemu_bh_delete(acb->bh);
+ qemu_aio_unref(acb);
+}
+
+/* This callback gets invoked by the underlying block reader when we have
+ * all compressed data. We uncompress in here. */
+static void dictzip_read_cb(void *opaque, int ret)
+{
+ DictZipAIOCB *acb = (DictZipAIOCB *)opaque;
+ struct BDRVDictZipState *s = acb->s;
+ uint8_t *buf;
+ DictCache *cache;
+ int r;
+
+ buf = g_malloc(acb->chunks_len);
+
+ /* uncompress the chunk */
+ acb->zStream->next_in = acb->gzipped;
+ acb->zStream->avail_in = acb->gz_len;
+ acb->zStream->next_out = buf;
+ acb->zStream->avail_out = acb->chunks_len;
+
+ r = inflate( acb->zStream, Z_PARTIAL_FLUSH );
+ if ( (r != Z_OK) && (r != Z_STREAM_END) )
+ fprintf(stderr, "Error inflating: [%d] %s\n", r, acb->zStream->msg);
+
+ if ( r == Z_STREAM_END )
+ inflateReset(acb->zStream);
+
+ dprintf("inflating [%d] left: %d | %d bytes\n", r, acb->zStream->avail_in, acb->zStream->avail_out);
+ s->stream_in_use &= ~(1 << acb->zStream_id);
+
+ /* nofity the caller */
+ qemu_iovec_from_buf(acb->qiov, 0, buf + acb->offset, acb->len);
+ acb->common.cb(acb->common.opaque, 0);
+
+ /* fill the cache */
+ cache = &s->cache[s->cache_index];
+ s->cache_index++;
+ if (s->cache_index == CACHE_COUNT)
+ s->cache_index = 0;
+
+ cache->len = 0;
+ if (cache->buf)
+ g_free(cache->buf);
+ cache->start = acb->gz_start;
+ cache->buf = buf;
+ cache->len = acb->chunks_len;
+
+ /* free occupied ressources */
+ g_free(acb->qiov_gz);
+ qemu_aio_unref(acb);
+}
+
+static const AIOCBInfo dictzip_aiocb_info = {
+ .aiocb_size = sizeof(DictZipAIOCB),
+};
+
+/* This is where we get a request from a caller to read something */
+static BlockAIOCB *dictzip_aio_readv(BlockDriverState *bs,
+ int64_t sector_num, QEMUIOVector *qiov, int nb_sectors,
+ BlockCompletionFunc *cb, void *opaque)
+{
+ BDRVDictZipState *s = bs->opaque;
+ DictZipAIOCB *acb;
+ QEMUIOVector *qiov_gz;
+ struct iovec *iov;
+ uint8_t *buf;
+ size_t start = sector_num * SECTOR_SIZE;
+ size_t len = nb_sectors * SECTOR_SIZE;
+ size_t end = start + len;
+ size_t gz_start;
+ size_t gz_len;
+ int64_t gz_sector_num;
+ int gz_nb_sectors;
+ int first_chunk, last_chunk;
+ int first_offset;
+ int i;
+
+ acb = qemu_aio_get(&dictzip_aiocb_info, bs, cb, opaque);
+ if (!acb)
+ return NULL;
+
+ /* Search Cache */
+ for (i = 0; i < CACHE_COUNT; i++) {
+ if (!s->cache[i].len)
+ continue;
+
+ if ((start >= s->cache[i].start) &&
+ (end <= (s->cache[i].start + s->cache[i].len))) {
+ acb->buf = s->cache[i].buf + (start - s->cache[i].start);
+ acb->len = len;
+ acb->qiov = qiov;
+ acb->bh = qemu_bh_new(dictzip_cache_cb, acb);
+ qemu_bh_schedule(acb->bh);
+
+ return &acb->common;
+ }
+ }
+
+ /* No cache, so let's decode */
+ do {
+ for (i = 0; i < Z_STREAM_COUNT; i++) {
+ if (!(s->stream_in_use & (1 << i))) {
+ s->stream_in_use |= (1 << i);
+ acb->zStream_id = i;
+ acb->zStream = &s->zStream[i];
+ break;
+ }
+ }
+ } while(!acb->zStream);
+
+ /* We need to read these chunks */
+ first_chunk = start / s->chunk_len;
+ first_offset = start - first_chunk * s->chunk_len;
+ last_chunk = end / s->chunk_len;
+
+ gz_start = s->offsets[first_chunk];
+ gz_len = 0;
+ for (i = first_chunk; i <= last_chunk; i++) {
+ if (s->chunks32)
+ gz_len += s->chunks32[i];
+ else
+ gz_len += s->chunks[i];
+ }
+
+ gz_sector_num = gz_start / SECTOR_SIZE;
+ gz_nb_sectors = (gz_len / SECTOR_SIZE);
+
+ /* account for tail and heads */
+ while ((gz_start + gz_len) > ((gz_sector_num + gz_nb_sectors) * SECTOR_SIZE))
+ gz_nb_sectors++;
+
+ /* Allocate qiov, iov and buf in one chunk so we only need to free qiov */
+ qiov_gz = g_malloc0(sizeof(QEMUIOVector) + sizeof(struct iovec) +
+ (gz_nb_sectors * SECTOR_SIZE));
+ iov = (struct iovec *)(((char *)qiov_gz) + sizeof(QEMUIOVector));
+ buf = ((uint8_t *)iov) + sizeof(struct iovec *);
+
+ /* Kick off the read by the backing file, so we can start decompressing */
+ iov->iov_base = (void *)buf;
+ iov->iov_len = gz_nb_sectors * 512;
+ qemu_iovec_init_external(qiov_gz, iov, 1);
+
+ dprintf("read %d - %d => %d - %d\n", start, end, gz_start, gz_start + gz_len);
+
+ acb->s = s;
+ acb->qiov = qiov;
+ acb->qiov_gz = qiov_gz;
+ acb->start = start;
+ acb->len = len;
+ acb->gzipped = buf + (gz_start % SECTOR_SIZE);
+ acb->gz_len = gz_len;
+ acb->gz_start = first_chunk * s->chunk_len;
+ acb->offset = first_offset;
+ acb->chunks_len = (last_chunk - first_chunk + 1) * s->chunk_len;
+
+ return bdrv_aio_readv(s->hd->file, gz_sector_num, qiov_gz, gz_nb_sectors,
+ dictzip_read_cb, acb);
+}
+
+static void dictzip_close(BlockDriverState *bs)
+{
+ BDRVDictZipState *s = bs->opaque;
+ int i;
+
+ for (i = 0; i < CACHE_COUNT; i++) {
+ if (!s->cache[i].len)
+ continue;
+
+ g_free(s->cache[i].buf);
+ }
+
+ for (i = 0; i < Z_STREAM_COUNT; i++) {
+ inflateEnd(&s->zStream[i]);
+ }
+
+ if (s->chunks)
+ g_free(s->chunks);
+
+ if (s->offsets)
+ g_free(s->offsets);
+
+ dprintf("Close\n");
+}
+
+static int64_t dictzip_getlength(BlockDriverState *bs)
+{
+ BDRVDictZipState *s = bs->opaque;
+ dprintf("getlength -> %ld\n", s->file_len);
+ return s->file_len;
+}
+
+static BlockDriver bdrv_dictzip = {
+ .format_name = "dzip",
+ .protocol_name = "dzip",
+
+ .instance_size = sizeof(BDRVDictZipState),
+ .bdrv_file_open = dictzip_open,
+ .bdrv_close = dictzip_close,
+ .bdrv_getlength = dictzip_getlength,
+
+ .bdrv_aio_readv = dictzip_aio_readv,
+};
+
+static void dictzip_block_init(void)
+{
+ bdrv_register(&bdrv_dictzip);
+}
+
+block_init(dictzip_block_init);

View File

@ -1,4 +1,4 @@
From 2818c2f6840a0169068d390e5756a79ad1f2fb08 Mon Sep 17 00:00:00 2001
From 87f1e67999ab7ddbbb9b2a4a04e82ceb7cdcbdf1 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Tue, 2 Aug 2016 11:36:02 -0600
Subject: [PATCH] qemu-bridge-helper: reduce security profile

View File

@ -1,437 +0,0 @@
From 9bab09a016d850caba2bffe818d9696bd8c165c3 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Wed, 5 Aug 2009 17:28:38 +0200
Subject: [PATCH] block: Add tar container format
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Tar is a very widely used format to store data in. Sometimes people even put
virtual machine images in there.
So it makes sense for qemu to be able to read from tar files. I implemented a
written from scratch reader that also knows about the GNU sparse format, which
is what pigz creates.
This version checks for filenames that end on well-known extensions. The logic
could be changed to search for filenames given on the command line, but that
would require changes to more parts of qemu.
The tar reader in conjunctiuon with dzip gives us the chance to download
tar'ed up virtual machine images (even via http) and instantly make use of
them.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Bruce Rogers <brogers@novell.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
[TH: Use bdrv_open options instead of filename]
Signed-off-by: Tim Hardeck <thardeck@suse.de>
[AF: bdrv_file_open got an Error **errp argument, bdrv_delete -> brd_unref]
[AF: qemu_opts_create_nofail() -> qemu_opts_create(),
bdrv_file_open() -> bdrv_open(), based on work by brogers]
[AF: error_is_set() dropped for v2.1.0-rc0]
[AF: BlockDriverAIOCB -> BlockAIOCB,
BlockDriverCompletionFunc -> BlockCompletionFunc,
qemu_aio_release() -> qemu_aio_unref(),
drop tar_aio_cancel()]
[AF: common-obj-y -> block-obj-y, drop probe hook (bsc#945778)]
[AF: Drop bdrv_open() drv parameter for 2.5]
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Bruce Rogers <brogers@suse.com>
[AF: Changed bdrv_open() bs parameter and return value for v2.7.0-rc2,
for bdrv_pread() and bdrv_aio_readv() s/s->hd/s->hd->file/]
Signed-off-by: Andreas Färber <afaerber@suse.de>
---
block/Makefile.objs | 1 +
block/tar.c | 370 ++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 371 insertions(+)
create mode 100644 block/tar.c
diff --git a/block/Makefile.objs b/block/Makefile.objs
index bab24da2fb..73c7b55871 100644
--- a/block/Makefile.objs
+++ b/block/Makefile.objs
@@ -22,6 +22,7 @@ block-obj-$(CONFIG_GLUSTERFS) += gluster.o
block-obj-$(CONFIG_LIBSSH2) += ssh.o
block-obj-y += accounting.o dirty-bitmap.o
block-obj-y += dictzip.o
+block-obj-y += tar.o
block-obj-y += write-threshold.o
block-obj-y += backup.o
block-obj-$(CONFIG_REPLICATION) += replication.o
diff --git a/block/tar.c b/block/tar.c
new file mode 100644
index 0000000000..508265ed5e
--- /dev/null
+++ b/block/tar.c
@@ -0,0 +1,370 @@
+/*
+ * Tar block driver
+ *
+ * Copyright (c) 2009 Alexander Graf <agraf@suse.de>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "qemu-common.h"
+#include "block/block_int.h"
+
+// #define DEBUG
+
+#ifdef DEBUG
+#define dprintf(fmt, ...) do { printf("tar: " fmt, ## __VA_ARGS__); } while (0)
+#else
+#define dprintf(fmt, ...) do { } while (0)
+#endif
+
+#define SECTOR_SIZE 512
+
+#define POSIX_TAR_MAGIC "ustar"
+#define OFFS_LENGTH 0x7c
+#define OFFS_TYPE 0x9c
+#define OFFS_MAGIC 0x101
+
+#define OFFS_S_SP 0x182
+#define OFFS_S_EXT 0x1e2
+#define OFFS_S_LENGTH 0x1e3
+#define OFFS_SX_EXT 0x1f8
+
+typedef struct SparseCache {
+ uint64_t start;
+ uint64_t end;
+} SparseCache;
+
+typedef struct BDRVTarState {
+ BlockDriverState *hd;
+ size_t file_sec;
+ uint64_t file_len;
+ SparseCache *sparse;
+ int sparse_num;
+ uint64_t last_end;
+ char longfile[2048];
+} BDRVTarState;
+
+static int str_ends(char *str, const char *end)
+{
+ int end_len = strlen(end);
+ int str_len = strlen(str);
+
+ if (str_len < end_len)
+ return 0;
+
+ return !strncmp(str + str_len - end_len, end, end_len);
+}
+
+static int is_target_file(BlockDriverState *bs, char *filename)
+{
+ int retval = 0;
+
+ if (str_ends(filename, ".raw"))
+ retval = 1;
+
+ if (str_ends(filename, ".qcow"))
+ retval = 1;
+
+ if (str_ends(filename, ".qcow2"))
+ retval = 1;
+
+ if (str_ends(filename, ".vmdk"))
+ retval = 1;
+
+ dprintf("does filename %s match? %s\n", filename, retval ? "yes" : "no");
+
+ /* make sure we're not using this name again */
+ filename[0] = '\0';
+ return retval;
+}
+
+static uint64_t tar2u64(char *ptr)
+{
+ uint64_t retval;
+ char oldend = ptr[12];
+
+ ptr[12] = '\0';
+ if (*ptr & 0x80) {
+ /* XXX we only support files up to 64 bit length */
+ retval = be64_to_cpu(*(uint64_t *)(ptr+4));
+ dprintf("Convert %lx -> %#lx\n", *(uint64_t*)(ptr+4), retval);
+ } else {
+ retval = strtol(ptr, NULL, 8);
+ dprintf("Convert %s -> %#lx\n", ptr, retval);
+ }
+
+ ptr[12] = oldend;
+
+ return retval;
+}
+
+static void tar_sparse(BDRVTarState *s, uint64_t offs, uint64_t len)
+{
+ SparseCache *sparse;
+
+ if (!len)
+ return;
+ if (!(offs - s->last_end)) {
+ s->last_end += len;
+ return;
+ }
+ if (s->last_end > offs)
+ return;
+
+ dprintf("Last chunk until %lx new chunk at %lx\n", s->last_end, offs);
+
+ s->sparse = g_realloc(s->sparse, (s->sparse_num + 1) * sizeof(SparseCache));
+ sparse = &s->sparse[s->sparse_num];
+ sparse->start = s->last_end;
+ sparse->end = offs;
+ s->last_end = offs + len;
+ s->sparse_num++;
+ dprintf("Sparse at %lx end=%lx\n", sparse->start,
+ sparse->end);
+}
+
+static QemuOptsList runtime_opts = {
+ .name = "tar",
+ .head = QTAILQ_HEAD_INITIALIZER(runtime_opts.head),
+ .desc = {
+ {
+ .name = "filename",
+ .type = QEMU_OPT_STRING,
+ .help = "URL to the tar file",
+ },
+ { /* end of list */ }
+ },
+};
+
+static int tar_open(BlockDriverState *bs, QDict *options, int flags, Error **errp)
+{
+ BDRVTarState *s = bs->opaque;
+ char header[SECTOR_SIZE];
+ char *real_file = header;
+ char *magic;
+ size_t header_offs = 0;
+ int ret;
+ QemuOpts *opts;
+ Error *local_err = NULL;
+ const char *filename;
+
+ opts = qemu_opts_create(&runtime_opts, NULL, 0, &error_abort);
+ qemu_opts_absorb_qdict(opts, options, &local_err);
+ if (local_err != NULL) {
+ error_propagate(errp, local_err);
+ ret = -EINVAL;
+ goto fail;
+ }
+
+ filename = qemu_opt_get(opts, "filename");
+
+ if (!strncmp(filename, "tar://", 6))
+ filename += 6;
+ else if (!strncmp(filename, "tar:", 4))
+ filename += 4;
+
+ s->hd = bdrv_open(filename, NULL, NULL, flags | BDRV_O_PROTOCOL, errp);
+ if (!s->hd) {
+ ret = -EINVAL;
+ qemu_opts_del(opts);
+ return ret;
+ }
+
+ /* Search the file for an image */
+
+ do {
+ /* tar header */
+ if (bdrv_pread(s->hd->file, header_offs, header, SECTOR_SIZE) != SECTOR_SIZE)
+ goto fail;
+
+ if ((header_offs > 1) && !header[0]) {
+ fprintf(stderr, "Tar: No image file found in archive\n");
+ goto fail;
+ }
+
+ magic = &header[OFFS_MAGIC];
+ if (strncmp(magic, POSIX_TAR_MAGIC, 5)) {
+ fprintf(stderr, "Tar: Invalid magic: %s\n", magic);
+ goto fail;
+ }
+
+ dprintf("file type: %c\n", header[OFFS_TYPE]);
+
+ /* file length*/
+ s->file_len = (tar2u64(&header[OFFS_LENGTH]) + (SECTOR_SIZE - 1)) &
+ ~(SECTOR_SIZE - 1);
+ s->file_sec = (header_offs / SECTOR_SIZE) + 1;
+
+ header_offs += s->file_len + SECTOR_SIZE;
+
+ if (header[OFFS_TYPE] == 'L') {
+ bdrv_pread(s->hd->file, header_offs - s->file_len, s->longfile,
+ sizeof(s->longfile));
+ s->longfile[sizeof(s->longfile)-1] = '\0';
+ } else if (s->longfile[0]) {
+ real_file = s->longfile;
+ } else {
+ real_file = header;
+ }
+ } while(!is_target_file(bs, real_file));
+
+ /* We found an image! */
+
+ if (header[OFFS_TYPE] == 'S') {
+ uint8_t isextended;
+ int i;
+
+ for (i = OFFS_S_SP; i < (OFFS_S_SP + (4 * 24)); i += 24)
+ tar_sparse(s, tar2u64(&header[i]), tar2u64(&header[i+12]));
+
+ s->file_len = tar2u64(&header[OFFS_S_LENGTH]);
+ isextended = header[OFFS_S_EXT];
+
+ while (isextended) {
+ if (bdrv_pread(s->hd->file, s->file_sec * SECTOR_SIZE, header,
+ SECTOR_SIZE) != SECTOR_SIZE)
+ goto fail;
+
+ for (i = 0; i < (21 * 24); i += 24)
+ tar_sparse(s, tar2u64(&header[i]), tar2u64(&header[i+12]));
+ isextended = header[OFFS_SX_EXT];
+ s->file_sec++;
+ }
+ tar_sparse(s, s->file_len, 1);
+ }
+ qemu_opts_del(opts);
+
+ return 0;
+
+fail:
+ fprintf(stderr, "Tar: Error opening file\n");
+ bdrv_unref(s->hd);
+ qemu_opts_del(opts);
+ return -EINVAL;
+}
+
+typedef struct TarAIOCB {
+ BlockAIOCB common;
+ QEMUBH *bh;
+} TarAIOCB;
+
+/* This callback gets invoked when we have pure sparseness */
+static void tar_sparse_cb(void *opaque)
+{
+ TarAIOCB *acb = (TarAIOCB *)opaque;
+
+ acb->common.cb(acb->common.opaque, 0);
+ qemu_bh_delete(acb->bh);
+ qemu_aio_unref(acb);
+}
+
+static AIOCBInfo tar_aiocb_info = {
+ .aiocb_size = sizeof(TarAIOCB),
+};
+
+/* This is where we get a request from a caller to read something */
+static BlockAIOCB *tar_aio_readv(BlockDriverState *bs,
+ int64_t sector_num, QEMUIOVector *qiov, int nb_sectors,
+ BlockCompletionFunc *cb, void *opaque)
+{
+ BDRVTarState *s = bs->opaque;
+ SparseCache *sparse;
+ int64_t sec_file = sector_num + s->file_sec;
+ int64_t start = sector_num * SECTOR_SIZE;
+ int64_t end = start + (nb_sectors * SECTOR_SIZE);
+ int i;
+ TarAIOCB *acb;
+
+ for (i = 0; i < s->sparse_num; i++) {
+ sparse = &s->sparse[i];
+ if (sparse->start > end) {
+ /* We expect the cache to be start increasing */
+ break;
+ } else if ((sparse->start < start) && (sparse->end <= start)) {
+ /* sparse before our offset */
+ sec_file -= (sparse->end - sparse->start) / SECTOR_SIZE;
+ } else if ((sparse->start <= start) && (sparse->end >= end)) {
+ /* all our sectors are sparse */
+ char *buf = g_malloc0(nb_sectors * SECTOR_SIZE);
+
+ acb = qemu_aio_get(&tar_aiocb_info, bs, cb, opaque);
+ qemu_iovec_from_buf(qiov, 0, buf, nb_sectors * SECTOR_SIZE);
+ g_free(buf);
+ acb->bh = qemu_bh_new(tar_sparse_cb, acb);
+ qemu_bh_schedule(acb->bh);
+
+ return &acb->common;
+ } else if (((sparse->start >= start) && (sparse->start < end)) ||
+ ((sparse->end >= start) && (sparse->end < end))) {
+ /* we're semi-sparse (worst case) */
+ /* let's go synchronous and read all sectors individually */
+ char *buf = g_malloc(nb_sectors * SECTOR_SIZE);
+ uint64_t offs;
+
+ for (offs = 0; offs < (nb_sectors * SECTOR_SIZE);
+ offs += SECTOR_SIZE) {
+ bdrv_pread(bs->file, (sector_num * SECTOR_SIZE) + offs,
+ buf + offs, SECTOR_SIZE);
+ }
+
+ qemu_iovec_from_buf(qiov, 0, buf, nb_sectors * SECTOR_SIZE);
+ acb = qemu_aio_get(&tar_aiocb_info, bs, cb, opaque);
+ acb->bh = qemu_bh_new(tar_sparse_cb, acb);
+ qemu_bh_schedule(acb->bh);
+
+ return &acb->common;
+ }
+ }
+
+ return bdrv_aio_readv(s->hd->file, sec_file, qiov, nb_sectors,
+ cb, opaque);
+}
+
+static void tar_close(BlockDriverState *bs)
+{
+ dprintf("Close\n");
+}
+
+static int64_t tar_getlength(BlockDriverState *bs)
+{
+ BDRVTarState *s = bs->opaque;
+ dprintf("getlength -> %ld\n", s->file_len);
+ return s->file_len;
+}
+
+static BlockDriver bdrv_tar = {
+ .format_name = "tar",
+ .protocol_name = "tar",
+
+ .instance_size = sizeof(BDRVTarState),
+ .bdrv_file_open = tar_open,
+ .bdrv_close = tar_close,
+ .bdrv_getlength = tar_getlength,
+
+ .bdrv_aio_readv = tar_aio_readv,
+};
+
+static void tar_block_init(void)
+{
+ bdrv_register(&bdrv_tar);
+}
+
+block_init(tar_block_init);

View File

@ -1,4 +1,4 @@
From 108e17b16aa8372c04ec13ddeb566794ae336cf5 Mon Sep 17 00:00:00 2001
From 9fd37e866278fac910e0321aeea4c950f26cb224 Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@suse.de>
Date: Fri, 12 Aug 2016 18:20:49 +0200
Subject: [PATCH] qemu-binfmt-conf: use qemu-ARCH-binfmt
@ -13,7 +13,7 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/scripts/qemu-binfmt-conf.sh b/scripts/qemu-binfmt-conf.sh
index 9fcd95a435..f14a6ef37b 100755
index 5c3ba942ec..bb29213fa5 100755
--- a/scripts/qemu-binfmt-conf.sh
+++ b/scripts/qemu-binfmt-conf.sh
@@ -206,7 +206,7 @@ qemu_check_systemd() {

View File

@ -1,56 +0,0 @@
From d9f090d7d5e9ddefc29e3e0b3ead5b408fefaff3 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Wed, 12 Dec 2012 19:11:30 +0100
Subject: [PATCH] Legacy Patch kvm-qemu-preXX-dictzip3.patch
---
block/tar.c | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/block/tar.c b/block/tar.c
index 508265ed5e..734082a011 100644
--- a/block/tar.c
+++ b/block/tar.c
@@ -73,7 +73,8 @@ static int str_ends(char *str, const char *end)
return !strncmp(str + str_len - end_len, end, end_len);
}
-static int is_target_file(BlockDriverState *bs, char *filename)
+static int is_target_file(BlockDriverState *bs, char *filename,
+ char *header)
{
int retval = 0;
@@ -89,10 +90,17 @@ static int is_target_file(BlockDriverState *bs, char *filename)
if (str_ends(filename, ".vmdk"))
retval = 1;
+ if (retval &&
+ (header[OFFS_TYPE] != '0') &&
+ (header[OFFS_TYPE] != 'S')) {
+ retval = 0;
+ }
+
dprintf("does filename %s match? %s\n", filename, retval ? "yes" : "no");
/* make sure we're not using this name again */
filename[0] = '\0';
+
return retval;
}
@@ -219,12 +227,13 @@ static int tar_open(BlockDriverState *bs, QDict *options, int flags, Error **err
bdrv_pread(s->hd->file, header_offs - s->file_len, s->longfile,
sizeof(s->longfile));
s->longfile[sizeof(s->longfile)-1] = '\0';
+ real_file = header;
} else if (s->longfile[0]) {
real_file = s->longfile;
} else {
real_file = header;
}
- } while(!is_target_file(bs, real_file));
+ } while(!is_target_file(bs, real_file, header));
/* We found an image! */

View File

@ -1,4 +1,4 @@
From eebe76eeffb2166f2ce71bd3445498e989235aa2 Mon Sep 17 00:00:00 2001
From 07887c4bbde2e00ded180e90395c61dfe10fbbf1 Mon Sep 17 00:00:00 2001
From: markkp <mpost@suse.com>
Date: Thu, 11 Aug 2016 16:28:39 -0400
Subject: [PATCH] configure: Fix detection of seccomp on s390x
@ -13,10 +13,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 3 insertions(+)
diff --git a/configure b/configure
index 3308560f78..cb7589a8e7 100755
index dd73cce62f..f2b265681e 100755
--- a/configure
+++ b/configure
@@ -1961,6 +1961,9 @@ if test "$seccomp" != "no" ; then
@@ -2040,6 +2040,9 @@ if test "$seccomp" != "no" ; then
ppc|ppc64)
libseccomp_minver="2.3.0"
;;

View File

@ -1,4 +1,4 @@
From 158de49a5e5ae6f0e90f3e3f381acf769e063988 Mon Sep 17 00:00:00 2001
From 846384277e21e0b4d7bf815a3a26c5fc7d34e288 Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@linux-m68k.org>
Date: Thu, 8 Sep 2016 11:21:05 +0200
Subject: [PATCH] linux-user: properly test for infinite timeout in poll (#8)
@ -16,10 +16,10 @@ Signed-off-by: Andreas Schwab <schwab@suse.de>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 71d4f06bdb..78f0ea4c58 100644
index 8b75b1f588..25b0a2ce69 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -10204,7 +10204,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_ulong arg1,
@@ -10240,7 +10240,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_ulong arg1,
{
struct timespec ts, *pts;

View File

@ -1,4 +1,4 @@
From efc73d004696dada76a417cb2797593493e94f66 Mon Sep 17 00:00:00 2001
From f8462e79c79efa3de96835939d08aed29a5c5213 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Sat, 19 Nov 2016 08:06:30 -0700
Subject: [PATCH] roms/Makefile: pass a packaging timestamp to subpackages with

View File

@ -1,4 +1,4 @@
From 0b4661283cb4ea49967dd1a9b1f977a4fbc9e804 Mon Sep 17 00:00:00 2001
From b839546b8729e0ed6415ddc16799ba6cca8e9e09 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Sun, 15 Jan 2012 19:53:49 +0100
Subject: [PATCH] Raise soft address space limit to hard limit
@ -17,7 +17,7 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
1 file changed, 12 insertions(+)
diff --git a/vl.c b/vl.c
index e0f2ec86a9..caad3f93b3 100644
index 8e247cc2a2..9bfbc25c6b 100644
--- a/vl.c
+++ b/vl.c
@@ -26,6 +26,7 @@
@ -28,7 +28,7 @@ index e0f2ec86a9..caad3f93b3 100644
#ifdef CONFIG_SECCOMP
#include "sysemu/seccomp.h"
@@ -2984,6 +2985,7 @@ int main(int argc, char **argv, char **envp)
@@ -3035,6 +3036,7 @@ int main(int argc, char **argv, char **envp)
} BlockdevOptions_queue;
QSIMPLEQ_HEAD(, BlockdevOptions_queue) bdo_queue
= QSIMPLEQ_HEAD_INITIALIZER(bdo_queue);
@ -36,7 +36,7 @@ index e0f2ec86a9..caad3f93b3 100644
module_call_init(MODULE_INIT_TRACE);
@@ -2991,6 +2993,16 @@ int main(int argc, char **argv, char **envp)
@@ -3042,6 +3044,16 @@ int main(int argc, char **argv, char **envp)
qemu_init_cpu_loop();
qemu_mutex_lock_iothread();

View File

@ -1,28 +0,0 @@
From e374a2f8d62eaba772ef5da1deede30b5a3b6868 Mon Sep 17 00:00:00 2001
From: Dinar Valeev <k0da@opensuse.org>
Date: Wed, 2 Oct 2013 17:56:03 +0200
Subject: [PATCH] configure: Enable PIE for ppc and ppc64 hosts
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Dinar Valeev <dvaleev@suse.com>
[AF: Rebased for v1.7]
Signed-off-by: Andreas Färber <afaerber@suse.de>
---
configure | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure b/configure
index be4d326ae0..3308560f78 100755
--- a/configure
+++ b/configure
@@ -1600,7 +1600,7 @@ fi
if test "$pie" = ""; then
case "$cpu-$targetos" in
- i386-Linux|x86_64-Linux|x32-Linux|i386-OpenBSD|x86_64-OpenBSD)
+ i386-Linux|x86_64-Linux|x32-Linux|ppc*-Linux|i386-OpenBSD|x86_64-OpenBSD)
;;
*)
pie="no"

View File

@ -1,4 +1,4 @@
From 28085d5db9376007294f5189c559d3182a2a98f4 Mon Sep 17 00:00:00 2001
From 5c70d36188f9864e847475cc0369ce87e8b8f779 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Fri, 17 May 2013 16:49:58 -0600
Subject: [PATCH] increase x86_64 physical bits to 42
@ -19,10 +19,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index c4602ca80d..81c02c5a3b 100644
index 051867399b..fdbaf372a9 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -1488,7 +1488,7 @@ uint64_t cpu_get_tsc(CPUX86State *env);
@@ -1500,7 +1500,7 @@ uint64_t cpu_get_tsc(CPUX86State *env);
/* XXX: This value should match the one returned by CPUID
* and in exec.c */
# if defined(TARGET_X86_64)

View File

@ -1,4 +1,4 @@
From dec5ed741c369aed84b47752e43ad0eace76b75b Mon Sep 17 00:00:00 2001
From 5b7e140d6d806dda842e9731337fb179dfab3bfa Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 12 Jun 2013 19:26:37 +0200
Subject: [PATCH] vga: Raise VRAM to 16 MiB for pc-0.15 and below
@ -25,10 +25,10 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
1 file changed, 26 insertions(+), 1 deletion(-)
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 9f102aa388..1c09005293 100644
index 46dfd2c954..e4ac76c905 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -779,7 +779,32 @@ DEFINE_I440FX_MACHINE(v1_0, "pc-1.0", pc_compat_1_2,
@@ -789,7 +789,32 @@ DEFINE_I440FX_MACHINE(v1_0, "pc-1.0", pc_compat_1_2,
#define PC_COMPAT_0_15 \

View File

@ -1,143 +0,0 @@
From 86965fe480a4bf416e69617166b4f9f8ee7044bd Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 15 Jun 2015 17:36:32 +0200
Subject: [PATCH] dictzip: Fix on big endian systems
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The dictzip code in SLE11 received some treatment over time to support
running on big endian hosts. Somewhere in the transition to SLE12 this
support got lost. Add it back in again from the SLE11 code base.
Furthermore while at it, fix up the debug prints to not emit warnings.
[AG: BSC#937572]
Signed-off-by: Alexander Graf <agraf@suse.de>
[AF: Rebased for v2.7.0-rc2]
Signed-off-by: Andreas Färber <afaerber@suse.de>
---
block/dictzip.c | 50 ++++++++++++++++++++++++++++----------------------
1 file changed, 28 insertions(+), 22 deletions(-)
diff --git a/block/dictzip.c b/block/dictzip.c
index 4b7e2db817..3235337164 100644
--- a/block/dictzip.c
+++ b/block/dictzip.c
@@ -156,6 +156,7 @@ static int dictzip_open(BlockDriverState *bs, QDict *options, int flags, Error *
uint8_t header_flags;
uint16_t chunk_len16;
uint16_t chunk_cnt16;
+ uint32_t chunk_len32;
uint16_t header_ver;
uint16_t tmp_short;
uint64_t offset;
@@ -255,11 +256,11 @@ static int dictzip_open(BlockDriverState *bs, QDict *options, int flags, Error *
break;
case 99: /* Special Alex pigz version */
/* number of chunks */
- if (bdrv_pread(s->hd->file, GZ_99_CHUNKSIZE, &s->chunk_len, 4) != 4)
+ if (bdrv_pread(s->hd->file, GZ_99_CHUNKSIZE, &chunk_len32, 4) != 4)
goto fail;
- dprintf("chunk len [%#x] = %d\n", GZ_99_CHUNKSIZE, s->chunk_len);
- s->chunk_len = le32_to_cpu(s->chunk_len);
+ dprintf("chunk len [%#x] = %d\n", GZ_99_CHUNKSIZE, chunk_len32);
+ s->chunk_len = le32_to_cpu(chunk_len32);
/* chunk count */
if (bdrv_pread(s->hd->file, GZ_99_CHUNKCNT, &s->chunk_cnt, 4) != 4)
@@ -267,7 +268,7 @@ static int dictzip_open(BlockDriverState *bs, QDict *options, int flags, Error *
s->chunk_cnt = le32_to_cpu(s->chunk_cnt);
- dprintf("chunk len | count = %d | %d\n", s->chunk_len, s->chunk_cnt);
+ dprintf("chunk len | count = %"PRId64" | %d\n", s->chunk_len, s->chunk_cnt);
/* file size */
if (bdrv_pread(s->hd->file, GZ_99_FILESIZE, &s->file_len, 8) != 8)
@@ -338,14 +339,14 @@ static int dictzip_open(BlockDriverState *bs, QDict *options, int flags, Error *
s->offsets[i] = offset;
switch (header_ver) {
case 1:
- offset += s->chunks[i];
+ offset += le16_to_cpu(s->chunks[i]);
break;
case 99:
- offset += s->chunks32[i];
+ offset += le32_to_cpu(s->chunks32[i]);
break;
}
- dprintf("chunk %#x - %#x = offset %#x -> %#x\n", i * s->chunk_len, (i+1) * s->chunk_len, s->offsets[i], offset);
+ dprintf("chunk %#"PRIx64" - %#"PRIx64" = offset %#"PRIx64" -> %#"PRIx64"\n", i * s->chunk_len, (i+1) * s->chunk_len, s->offsets[i], offset);
}
qemu_opts_del(opts);
@@ -379,10 +380,26 @@ static void dictzip_read_cb(void *opaque, int ret)
struct BDRVDictZipState *s = acb->s;
uint8_t *buf;
DictCache *cache;
- int r;
+ int r, i;
buf = g_malloc(acb->chunks_len);
+ /* try to find zlib stream for decoding */
+ do {
+ for (i = 0; i < Z_STREAM_COUNT; i++) {
+ if (!(s->stream_in_use & (1 << i))) {
+ s->stream_in_use |= (1 << i);
+ acb->zStream_id = i;
+ acb->zStream = &s->zStream[i];
+ break;
+ }
+ }
+ } while(!acb->zStream);
+
+ /* sure, we could handle more streams, but this callback should be single
+ threaded and when it's not, we really want to know! */
+ assert(i == 0);
+
/* uncompress the chunk */
acb->zStream->next_in = acb->gzipped;
acb->zStream->avail_in = acb->gz_len;
@@ -468,17 +485,6 @@ static BlockAIOCB *dictzip_aio_readv(BlockDriverState *bs,
}
/* No cache, so let's decode */
- do {
- for (i = 0; i < Z_STREAM_COUNT; i++) {
- if (!(s->stream_in_use & (1 << i))) {
- s->stream_in_use |= (1 << i);
- acb->zStream_id = i;
- acb->zStream = &s->zStream[i];
- break;
- }
- }
- } while(!acb->zStream);
-
/* We need to read these chunks */
first_chunk = start / s->chunk_len;
first_offset = start - first_chunk * s->chunk_len;
@@ -488,9 +494,9 @@ static BlockAIOCB *dictzip_aio_readv(BlockDriverState *bs,
gz_len = 0;
for (i = first_chunk; i <= last_chunk; i++) {
if (s->chunks32)
- gz_len += s->chunks32[i];
+ gz_len += le32_to_cpu(s->chunks32[i]);
else
- gz_len += s->chunks[i];
+ gz_len += le16_to_cpu(s->chunks[i]);
}
gz_sector_num = gz_start / SECTOR_SIZE;
@@ -511,7 +517,7 @@ static BlockAIOCB *dictzip_aio_readv(BlockDriverState *bs,
iov->iov_len = gz_nb_sectors * 512;
qemu_iovec_init_external(qiov_gz, iov, 1);
- dprintf("read %d - %d => %d - %d\n", start, end, gz_start, gz_start + gz_len);
+ dprintf("read %zd - %zd => %zd - %zd\n", start, end, gz_start, gz_start + gz_len);
acb->s = s;
acb->qiov = qiov;

View File

@ -1,4 +1,4 @@
From 5013ff917f276a6d9edc2ca0ab93fed93a7ac653 Mon Sep 17 00:00:00 2001
From f56bc071c0ad6ba30b6f2c6c224916c0c2fc5fd8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 31 Jul 2013 17:05:29 +0200
Subject: [PATCH] i8254: Fix migration from SLE11 SP2
@ -17,7 +17,7 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 7 insertions(+)
diff --git a/hw/timer/i8254_common.c b/hw/timer/i8254_common.c
index e18299a482..bc676c4664 100644
index 976d5200f1..f1d9b3cbe9 100644
--- a/hw/timer/i8254_common.c
+++ b/hw/timer/i8254_common.c
@@ -258,6 +258,12 @@ static int pit_dispatch_post_load(void *opaque, int version_id)

View File

@ -1,4 +1,4 @@
From e681140d293caba3f27ccadfd872473725021aa2 Mon Sep 17 00:00:00 2001
From 926544e46fbfebc5a09d1eac59c3b748a9242acd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 31 Jul 2013 17:32:35 +0200
Subject: [PATCH] acpi_piix4: Fix migration from SLE11 SP2
@ -17,7 +17,7 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/acpi/piix4.c b/hw/acpi/piix4.c
index a553a7e110..c34f761175 100644
index f276967365..85557a7fab 100644
--- a/hw/acpi/piix4.c
+++ b/hw/acpi/piix4.c
@@ -311,7 +311,7 @@ static const VMStateDescription vmstate_cpuhp_state = {

View File

@ -1,4 +1,4 @@
From 76e9783f2f222d9650e620082cf1741002d9fd88 Mon Sep 17 00:00:00 2001
From 1a77800ad89b4d90155b82181557690a91d9349f Mon Sep 17 00:00:00 2001
From: Chunyan Liu <cyliu@suse.com>
Date: Thu, 3 Mar 2016 16:48:17 +0800
Subject: [PATCH] Fix tigervnc long press issue
@ -24,10 +24,10 @@ Signed-off-by: Chunyan Liu <cyliu@suse.com>
1 file changed, 19 insertions(+)
diff --git a/ui/vnc.c b/ui/vnc.c
index 486d2759e4..51d6f2353f 100644
index 651cbb8606..eb3d7d0e54 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -1668,6 +1668,25 @@ static void do_key_event(VncState *vs, int down, int keycode, int sym)
@@ -1657,6 +1657,25 @@ static void do_key_event(VncState *vs, int down, int keycode, int sym)
if (down)
vs->modifiers_state[keycode] ^= 1;
break;

View File

@ -1,4 +1,4 @@
From b6acefe54f39380e601ea553b8d2109c92427143 Mon Sep 17 00:00:00 2001
From 3e0bafa61adbdeb3d2fd0800ed6d89fcf3a478f9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Thu, 24 Sep 2015 19:21:11 +0200
Subject: [PATCH] string-input-visitor: Fix uint64 parsing
@ -22,7 +22,7 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
1 file changed, 50 insertions(+), 13 deletions(-)
diff --git a/qapi/string-input-visitor.c b/qapi/string-input-visitor.c
index c089491c24..fedbda7895 100644
index 67a0a4a58b..1c73e5aeae 100644
--- a/qapi/string-input-visitor.c
+++ b/qapi/string-input-visitor.c
@@ -43,7 +43,8 @@ static void free_range(void *range, void *dummy)

View File

@ -1,4 +1,4 @@
From 610feec09278e8f2112c77c32d9c2e6633859730 Mon Sep 17 00:00:00 2001
From a7e094ddefb5e7eea6376840e501b928b6c4c668 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Thu, 24 Sep 2015 19:23:50 +0200
Subject: [PATCH] test-string-input-visitor: Add int test case

View File

@ -1,4 +1,4 @@
From c22b22f0d807e8dc81c94dfbea4d95864bd79586 Mon Sep 17 00:00:00 2001
From c90474a98dc87e92c66c382110fd3942b4fc399d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Thu, 24 Sep 2015 19:24:23 +0200
Subject: [PATCH] test-string-input-visitor: Add uint64 test

View File

@ -1,82 +0,0 @@
From 0206a322d7067b3b74c868f2d80e8dfb4c24de97 Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@suse.de>
Date: Wed, 28 Sep 2016 16:36:40 +0200
Subject: [PATCH] linux-user: remove all traces of qemu from /proc/self/cmdline
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Instead of post-processing the real contents use the remembered target
argv. That removes all traces of qemu, including command line options,
and handles QEMU_ARGV0.
Signed-off-by: Andreas Schwab <schwab@suse.de>
Signed-off-by: Andreas Färber <afaerber@suse.de>
---
linux-user/syscall.c | 47 +++++++----------------------------------------
1 file changed, 7 insertions(+), 40 deletions(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 78f0ea4c58..1e56583d63 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -7374,52 +7374,19 @@ int host_to_target_waitstatus(int status)
static int open_self_cmdline(void *cpu_env, int fd)
{
- int fd_orig = -1;
- bool word_skipped = false;
-
- fd_orig = open("/proc/self/cmdline", O_RDONLY);
- if (fd_orig < 0) {
- return fd_orig;
- }
+ CPUState *cpu = ENV_GET_CPU((CPUArchState *)cpu_env);
+ struct linux_binprm *bprm = ((TaskState *)cpu->opaque)->bprm;
+ int i;
- while (true) {
- ssize_t nb_read;
- char buf[128];
- char *cp_buf = buf;
+ for (i = 0; i < bprm->argc; i++) {
+ size_t len = strlen(bprm->argv[i]) + 1;
- nb_read = read(fd_orig, buf, sizeof(buf));
- if (nb_read < 0) {
- int e = errno;
- fd_orig = close(fd_orig);
- errno = e;
+ if (write(fd, bprm->argv[i], len) != len) {
return -1;
- } else if (nb_read == 0) {
- break;
- }
-
- if (!word_skipped) {
- /* Skip the first string, which is the path to qemu-*-static
- instead of the actual command. */
- cp_buf = memchr(buf, 0, nb_read);
- if (cp_buf) {
- /* Null byte found, skip one string */
- cp_buf++;
- nb_read -= cp_buf - buf;
- word_skipped = true;
- }
- }
-
- if (word_skipped) {
- if (write(fd, cp_buf, nb_read) != nb_read) {
- int e = errno;
- close(fd_orig);
- errno = e;
- return -1;
- }
}
}
- return close(fd_orig);
+ return 0;
}
static int open_self_maps(void *cpu_env, int fd)

View File

@ -1,4 +1,4 @@
From 1c4096e92b45e128c7b10d7eb03c64b1f6437152 Mon Sep 17 00:00:00 2001
From 9aed1b7bf6e3d84c2f046b44d89d1237b905c5b9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Sun, 6 Sep 2015 20:12:42 +0200
Subject: [PATCH] tests: Add QOM property unit tests
@ -17,10 +17,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
create mode 100644 tests/check-qom-props.c
diff --git a/MAINTAINERS b/MAINTAINERS
index c60235eaf6..a023f5d70e 100644
index ccee28b12d..1d6ae7b46c 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1419,6 +1419,7 @@ F: qom/
@@ -1439,6 +1439,7 @@ F: qom/
X: qom/cpu.c
F: tests/check-qom-interface.c
F: tests/check-qom-proplist.c
@ -29,10 +29,10 @@ index c60235eaf6..a023f5d70e 100644
QMP
diff --git a/tests/Makefile.include b/tests/Makefile.include
index f3de81fcfb..ca8f859f79 100644
index 37c1bed683..1cffa2403f 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -92,6 +92,8 @@ check-unit-y += tests/check-qom-interface$(EXESUF)
@@ -113,6 +113,8 @@ check-unit-y += tests/check-qom-interface$(EXESUF)
gcov-files-check-qom-interface-y = qom/object.c
check-unit-y += tests/check-qom-proplist$(EXESUF)
gcov-files-check-qom-proplist-y = qom/object.c
@ -41,7 +41,7 @@ index f3de81fcfb..ca8f859f79 100644
check-unit-y += tests/test-qemu-opts$(EXESUF)
gcov-files-test-qemu-opts-y = util/qemu-option.c
check-unit-y += tests/test-keyval$(EXESUF)
@@ -537,6 +539,7 @@ tests/check-qnull$(EXESUF): tests/check-qnull.o $(test-util-obj-y)
@@ -571,6 +573,7 @@ tests/check-qnull$(EXESUF): tests/check-qnull.o $(test-util-obj-y)
tests/check-qjson$(EXESUF): tests/check-qjson.o $(test-util-obj-y)
tests/check-qom-interface$(EXESUF): tests/check-qom-interface.o $(test-qom-obj-y)
tests/check-qom-proplist$(EXESUF): tests/check-qom-proplist.o $(test-qom-obj-y)

View File

@ -1,4 +1,4 @@
From 5739c0d7a8ddc5aeb056aee239b2339df4d22189 Mon Sep 17 00:00:00 2001
From 915562c2846fac9a51f8b76f4ec3fe9ef9bbc150 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Fri, 25 Sep 2015 12:31:11 +0200
Subject: [PATCH] tests: Add scsi-disk test
@ -20,10 +20,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
create mode 100644 tests/scsi-disk-test.c
diff --git a/MAINTAINERS b/MAINTAINERS
index a023f5d70e..9840d5bb68 100644
index 1d6ae7b46c..45a45935ea 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -957,6 +957,7 @@ M: Paolo Bonzini <pbonzini@redhat.com>
@@ -970,6 +970,7 @@ M: Paolo Bonzini <pbonzini@redhat.com>
S: Supported
F: include/hw/scsi/*
F: hw/scsi/*
@ -32,10 +32,10 @@ index a023f5d70e..9840d5bb68 100644
T: git git://github.com/bonzini/qemu.git scsi-next
diff --git a/tests/Makefile.include b/tests/Makefile.include
index ca8f859f79..85187d4b8c 100644
index 1cffa2403f..27d4ce8bc3 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -161,6 +161,8 @@ check-qtest-virtio-y += tests/virtio-rng-test$(EXESUF)
@@ -185,6 +185,8 @@ check-qtest-virtio-y += tests/virtio-rng-test$(EXESUF)
gcov-files-virtio-y += hw/virtio/virtio-rng.c
check-qtest-virtio-y += tests/virtio-scsi-test$(EXESUF)
gcov-files-virtio-y += i386-softmmu/hw/scsi/virtio-scsi.c
@ -44,7 +44,7 @@ index ca8f859f79..85187d4b8c 100644
ifeq ($(CONFIG_VIRTIO)$(CONFIG_VIRTFS)$(CONFIG_PCI),yyy)
check-qtest-virtio-y += tests/virtio-9p-test$(EXESUF)
gcov-files-virtio-y += hw/9pfs/virtio-9p.c
@@ -741,6 +743,7 @@ tests/postcopy-test$(EXESUF): tests/postcopy-test.o
@@ -779,6 +781,7 @@ tests/postcopy-test$(EXESUF): tests/postcopy-test.o
tests/vhost-user-test$(EXESUF): tests/vhost-user-test.o $(test-util-obj-y) \
$(qtest-obj-y) $(test-io-obj-y) $(libqos-virtio-obj-y) $(libqos-pc-obj-y) \
$(chardev-obj-y)
@ -54,7 +54,7 @@ index ca8f859f79..85187d4b8c 100644
tests/test-keyval$(EXESUF): tests/test-keyval.o $(test-util-obj-y) $(test-qapi-obj-y)
diff --git a/tests/scsi-disk-test.c b/tests/scsi-disk-test.c
new file mode 100644
index 0000000000..f19f93d97a
index 0000000000..5dc7e71417
--- /dev/null
+++ b/tests/scsi-disk-test.c
@@ -0,0 +1,82 @@
@ -71,13 +71,13 @@ index 0000000000..f19f93d97a
+#include "qemu/osdep.h"
+#include <glib.h>
+#include "libqtest.h"
+#include "qapi/qmp/qint.h"
+#include "qapi/qmp/qnum.h"
+
+static void test_scsi_disk_common(const char *type, const char *id)
+{
+ char *cmdline, *path;
+ QDict *response;
+ QInt *value;
+ QNum *value;
+
+ cmdline = g_strdup_printf(
+ "-drive id=drv0,if=none,file=/dev/null,format=raw "
@ -96,8 +96,8 @@ index 0000000000..f19f93d97a
+ path);
+ g_assert(response);
+ g_assert(qdict_haskey(response, "return"));
+ value = qobject_to_qint(qdict_get(response, "return"));
+ g_assert_cmpint(qint_get_int(value), ==, UINT64_MAX);
+ value = qobject_to_qnum(qdict_get(response, "return"));
+ g_assert_cmpint(qnum_get_uint(value), ==, UINT64_MAX);
+
+ response = qmp("{ 'execute': 'qom-get',"
+ " 'arguments': { 'path': %s,"
@ -105,8 +105,8 @@ index 0000000000..f19f93d97a
+ path);
+ g_assert(response);
+ g_assert(qdict_haskey(response, "return"));
+ value = qobject_to_qint(qdict_get(response, "return"));
+ g_assert_cmpint(qint_get_int(value), ==, UINT64_C(1) << 63);
+ value = qobject_to_qnum(qdict_get(response, "return"));
+ g_assert_cmpint(qnum_get_uint(value), ==, UINT64_C(1) << 63);
+
+ g_free(path);
+ qtest_end();

View File

@ -1,54 +0,0 @@
From 301054b84a2e3b31768ec107f549e4742c4a15d6 Mon Sep 17 00:00:00 2001
From: Chunyan Liu <cyliu@suse.com>
Date: Fri, 29 Apr 2016 11:17:08 +0800
Subject: [PATCH] fix xen hvm direct kernel boot
Since commit a1666142: acpi-build: make ROMs RAM blocks resizeable,
xen HVM direct kernel boot failed. Xen HVM direct kernel boot will
insert a linuxboot.bin or multiboot.bin to /genroms, before this
commit, in acpi_setup, for rom linuxboot.bin/multiboot.bin, it
only needs 0x20000 size; after the commit, it will reserve x16
size for resize, that is 0x200000 size. It causes xen_ram_alloc
failed due to running out of memory.
To resolve it, either:
1. keep using original rom size instead of max size, don't reserve x16 size.
2. guest maxmem needs to be increased. (commit c1d322e6 "xen-hvm: increase
maxmem before calling xc_domain_populate_physmap" solved the problem for
a time, by accident. But then it is reverted in commit ffffbb369 due to
other problem.)
For 2, more discussion is needed about howto. So this patch tries 1, to
use unresizable rom size in xen case in rom_set_mr.
[CYL: BSC#970791]
Signed-off-by: Chunyan Liu <cyliu@suse.com>
---
hw/core/loader.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/hw/core/loader.c b/hw/core/loader.c
index bf17b42cbe..14dc6e116f 100644
--- a/hw/core/loader.c
+++ b/hw/core/loader.c
@@ -55,6 +55,7 @@
#include "exec/address-spaces.h"
#include "hw/boards.h"
#include "qemu/cutils.h"
+#include "hw/xen/xen.h"
#include <zlib.h>
@@ -866,7 +867,10 @@ static void *rom_set_mr(Rom *rom, Object *owner, const char *name, bool ro)
void *data;
rom->mr = g_malloc(sizeof(*rom->mr));
- memory_region_init_resizeable_ram(rom->mr, owner, name,
+ if (xen_enabled())
+ memory_region_init_ram(rom->mr, owner, name, rom->datasize, &error_fatal);
+ else
+ memory_region_init_resizeable_ram(rom->mr, owner, name,
rom->datasize, rom->romsize,
fw_cfg_resized,
&error_fatal);

View File

@ -1,66 +0,0 @@
From bc9b2977224fcea4131448ade1e122c36411435d Mon Sep 17 00:00:00 2001
From: Christoffer Dall <cdall@linaro.org>
Date: Tue, 28 Mar 2017 16:12:03 +0200
Subject: [PATCH] RFC: update Linux headers from irqs-to-user-v3
Get ioctl number and definitions for KVM_CAP_ARM_USER_IRQ.
Signed-off-by: Christoffer Dall <cdall@linaro.org>
[agraf: change cap to indicate downstream status]
Signed-off-by: Alexander Graf <agraf@suse.de>
---
linux-headers/asm-arm/kvm.h | 2 ++
linux-headers/asm-arm64/kvm.h | 2 ++
linux-headers/linux/kvm.h | 8 ++++++++
3 files changed, 12 insertions(+)
diff --git a/linux-headers/asm-arm/kvm.h b/linux-headers/asm-arm/kvm.h
index 1101d55d2f..8a1654a55b 100644
--- a/linux-headers/asm-arm/kvm.h
+++ b/linux-headers/asm-arm/kvm.h
@@ -114,6 +114,8 @@ struct kvm_debug_exit_arch {
};
struct kvm_sync_regs {
+ /* Used with KVM_CAP_ARM_USER_IRQ */
+ __u64 device_irq_level;
};
struct kvm_arch_memory_slot {
diff --git a/linux-headers/asm-arm64/kvm.h b/linux-headers/asm-arm64/kvm.h
index 651ec30040..1bc8346f0d 100644
--- a/linux-headers/asm-arm64/kvm.h
+++ b/linux-headers/asm-arm64/kvm.h
@@ -143,6 +143,8 @@ struct kvm_debug_exit_arch {
#define KVM_GUESTDBG_USE_HW (1 << 17)
struct kvm_sync_regs {
+ /* Used with KVM_CAP_ARM_USER_IRQ */
+ __u64 device_irq_level;
};
struct kvm_arch_memory_slot {
diff --git a/linux-headers/linux/kvm.h b/linux-headers/linux/kvm.h
index 4e082a81b4..72f0d21103 100644
--- a/linux-headers/linux/kvm.h
+++ b/linux-headers/linux/kvm.h
@@ -883,6 +883,7 @@ struct kvm_ppc_resize_hpt {
#define KVM_CAP_PPC_MMU_RADIX 134
#define KVM_CAP_PPC_MMU_HASH_V3 135
#define KVM_CAP_IMMEDIATE_EXIT 136
+#define KVM_CAP_ARM_USER_IRQ (0x1000 | 137)
#ifdef KVM_CAP_IRQ_ROUTING
@@ -1354,4 +1355,11 @@ struct kvm_assigned_msix_entry {
#define KVM_X2APIC_API_USE_32BIT_IDS (1ULL << 0)
#define KVM_X2APIC_API_DISABLE_BROADCAST_QUIRK (1ULL << 1)
+/* Available with KVM_CAP_ARM_USER_IRQ */
+
+/* Bits for run->s.regs.device_irq_level */
+#define KVM_ARM_DEV_EL1_VTIMER (1 << 0)
+#define KVM_ARM_DEV_EL1_PTIMER (1 << 1)
+#define KVM_ARM_DEV_PMU (1 << 2)
+
#endif /* __LINUX_KVM_H */

View File

@ -1,108 +0,0 @@
From 3227a2bdc7a494194a6a4f7d5653ff178ecb1b2f Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 19 Sep 2016 10:02:55 +0200
Subject: [PATCH] ARM: KVM: Enable in-kernel timers with user space gic
When running with KVM enabled, you can choose between emulating the
gic in kernel or user space. If the kernel supports in-kernel virtualization
of the interrupt controller, it will default to that. If not, if will
default to user space emulation.
Unfortunately when running in user mode gic emulation, we miss out on
timer events which are only available from kernel space. This patch leverages
the new kernel/user space pending line synchronization for those timer events.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
hw/arm/virt.c | 10 ++++++++++
target/arm/cpu.h | 3 +++
target/arm/kvm.c | 31 ++++++++++++++++++++++++++++++-
3 files changed, 43 insertions(+), 1 deletion(-)
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index 5f62a0321e..a1d24a4db6 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -609,6 +609,16 @@ static void create_gic(VirtMachineState *vms, qemu_irq *pic)
} else if (type == 2) {
create_v2m(vms, pic);
}
+
+#ifdef CONFIG_KVM
+ if (kvm_enabled() && !kvm_irqchip_in_kernel()) {
+ if (!kvm_check_extension(kvm_state, KVM_CAP_ARM_USER_IRQ)) {
+ error_report("KVM with user space irqchip only works when the "
+ "host kernel supports KVM_CAP_ARM_USER_IRQ");
+ exit(1);
+ }
+ }
+#endif
}
static void create_uart(const VirtMachineState *vms, qemu_irq *pic, int uart,
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index a8aabce7dd..19cb596449 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -702,6 +702,9 @@ struct ARMCPU {
ARMELChangeHook *el_change_hook;
void *el_change_hook_opaque;
+
+ /* Used to synchronize KVM and QEMU timer levels */
+ uint64_t device_irq_level;
};
static inline ARMCPU *arm_env_get_cpu(CPUARMState *env)
diff --git a/target/arm/kvm.c b/target/arm/kvm.c
index 45554682f2..dccb326615 100644
--- a/target/arm/kvm.c
+++ b/target/arm/kvm.c
@@ -174,6 +174,12 @@ int kvm_arch_init(MachineState *ms, KVMState *s)
*/
kvm_async_interrupts_allowed = true;
+ /*
+ * PSCI wakes up secondary cores, so we always need to
+ * have vCPUs waiting in kernel space
+ */
+ kvm_halt_in_kernel_allowed = true;
+
cap_has_mp_state = kvm_check_extension(s, KVM_CAP_MP_STATE);
type_register_static(&host_arm_cpu_type_info);
@@ -528,10 +534,33 @@ void kvm_arch_pre_run(CPUState *cs, struct kvm_run *run)
MemTxAttrs kvm_arch_post_run(CPUState *cs, struct kvm_run *run)
{
+ ARMCPU *cpu;
+
+ if (kvm_irqchip_in_kernel()) {
+ /*
+ * We only need to sync timer states with user-space interrupt
+ * controllers, so return early and save cycles if we don't.
+ */
+ return MEMTXATTRS_UNSPECIFIED;
+ }
+
+ cpu = ARM_CPU(cs);
+
+ /* Synchronize our internal vtimer irq line with the kvm one */
+ if (run->s.regs.device_irq_level != cpu->device_irq_level) {
+ qemu_mutex_lock_iothread();
+ qemu_set_irq(cpu->gt_timer_outputs[GTIMER_VIRT],
+ run->s.regs.device_irq_level & KVM_ARM_DEV_EL1_VTIMER);
+ qemu_set_irq(cpu->gt_timer_outputs[GTIMER_PHYS],
+ run->s.regs.device_irq_level & KVM_ARM_DEV_EL1_PTIMER);
+ /* TODO: Handle changes in PMU as well */
+ cpu->device_irq_level = run->s.regs.device_irq_level;
+ qemu_mutex_unlock_iothread();
+ }
+
return MEMTXATTRS_UNSPECIFIED;
}
-
int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
{
int ret = 0;

View File

@ -1,50 +0,0 @@
From 99ce69e23c7154ccaee85137c121bb6b8bab8275 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 30 Mar 2017 16:22:55 +0200
Subject: [PATCH] input: Add trace event for empty keyboard queue
When driving QEMU from the outside, we have basically no chance to
determine how quickly the guest OS picks up key events, so we usually
have to limit ourselves to very slow keyboard presses to make sure
the guest always has enough chance to pick them up.
This patch adds a trace events when the keyboarde queue is drained.
An external driver can use that as hint that new keys can be pressed.
Signed-off-by: Alexander Graf <agraf@suse.de>
Message-id: 1490883775-94658-1-git-send-email-agraf@suse.de
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
[BR: BSC#1031692]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/input/hid.c | 4 ++++
hw/input/trace-events | 1 +
2 files changed, 5 insertions(+)
diff --git a/hw/input/hid.c b/hw/input/hid.c
index fa9cc4c616..93887ecc43 100644
--- a/hw/input/hid.c
+++ b/hw/input/hid.c
@@ -256,6 +256,10 @@ static void hid_keyboard_process_keycode(HIDState *hs)
slot = hs->head & QUEUE_MASK; QUEUE_INCR(hs->head); hs->n--;
keycode = hs->kbd.keycodes[slot];
+ if (!hs->n) {
+ trace_hid_kbd_queue_empty();
+ }
+
key = keycode & 0x7f;
index = key | ((hs->kbd.modifiers & (1 << 8)) >> 1);
hid_code = hid_usage_keys[index];
diff --git a/hw/input/trace-events b/hw/input/trace-events
index f3bfbede5c..5a87818b49 100644
--- a/hw/input/trace-events
+++ b/hw/input/trace-events
@@ -24,6 +24,7 @@ milkymist_softusb_pulse_irq(void) "Pulse IRQ"
# hw/input/hid.c
hid_kbd_queue_full(void) "queue full"
+hid_kbd_queue_empty(void) "queue empty"
# hw/input/virtio
virtio_input_queue_full(void) "queue full"

View File

@ -1,47 +0,0 @@
From e4733da636cf6a2b53ae1fdfc5c934576e1970a6 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Thu, 27 Apr 2017 13:43:58 -0600
Subject: [PATCH] ACPI: don't call acpi_pcihp_device_plug_cb on xen
Commit f0c9d64a exposed the issue that with a xenfv machine using
pci passthrough, acpi cpi hotplug code was being executed by mistake.
Guard calls to acpi_pcihp_device_plug_cb (and corresponding
acpi_pcihp_device_unplug_cb) with a check for xen_enabled(). Without
this check I am seeing an error that the bus doesn't have the
acpi-pcihp-bsel property set.
[BR: BSC#1034131]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/acpi/piix4.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/hw/acpi/piix4.c b/hw/acpi/piix4.c
index c34f761175..ae1cb26a82 100644
--- a/hw/acpi/piix4.c
+++ b/hw/acpi/piix4.c
@@ -385,7 +385,10 @@ static void piix4_device_plug_cb(HotplugHandler *hotplug_dev,
dev, errp);
}
} else if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
- acpi_pcihp_device_plug_cb(hotplug_dev, &s->acpi_pci_hotplug, dev, errp);
+ if (!xen_enabled()) {
+ acpi_pcihp_device_plug_cb(hotplug_dev, &s->acpi_pci_hotplug, dev,
+ errp);
+ }
} else if (object_dynamic_cast(OBJECT(dev), TYPE_CPU)) {
if (s->cpu_hotplug_legacy) {
legacy_acpi_cpu_plug_cb(hotplug_dev, &s->gpe_cpu, dev, errp);
@@ -408,8 +411,10 @@ static void piix4_device_unplug_request_cb(HotplugHandler *hotplug_dev,
acpi_memory_unplug_request_cb(hotplug_dev, &s->acpi_memory_hotplug,
dev, errp);
} else if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
- acpi_pcihp_device_unplug_cb(hotplug_dev, &s->acpi_pci_hotplug, dev,
- errp);
+ if (!xen_enabled()) {
+ acpi_pcihp_device_unplug_cb(hotplug_dev, &s->acpi_pci_hotplug, dev,
+ errp);
+ }
} else if (object_dynamic_cast(OBJECT(dev), TYPE_CPU) &&
!s->cpu_hotplug_legacy) {
acpi_cpu_unplug_request_cb(hotplug_dev, &s->cpuhp_state, dev, errp);

View File

@ -1,102 +0,0 @@
From 5cff035804d92d336b27c368754b63e2dccbba90 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Tue, 28 Mar 2017 05:27:00 -0600
Subject: [PATCH] i386: Allow cpuid bit override
KVM has a feature bitmap of CPUID bits that it knows works for guests.
QEMU removes bits that are not part of that bitmap automatically on VM
start.
However, some times we just don't list features in that list because
they don't make sense for normal scenarios, but may be useful in specific,
targeted workloads.
For that purpose, add a new =force option to all CPUID feature flags in
the CPU property. With that we can override the accel filtering and give
users full control over the CPUID feature bits exposed into guests.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
target/i386/cpu.c | 25 ++++++++++++++++++++++---
target/i386/cpu.h | 3 +++
2 files changed, 25 insertions(+), 3 deletions(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 13c0985f11..6105fc513e 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -2229,7 +2229,7 @@ void x86_cpu_list(FILE *f, fprintf_function cpu_fprintf)
g_slist_foreach(list, x86_cpu_list_entry, &s);
g_slist_free(list);
- (*cpu_fprintf)(f, "\nRecognized CPUID flags:\n");
+ (*cpu_fprintf)(f, "\nRecognized CPUID flags (=on|=off|=force):\n");
for (i = 0; i < ARRAY_SIZE(feature_word_info); i++) {
FeatureWordInfo *fw = &feature_word_info[i];
@@ -3464,6 +3464,7 @@ static int x86_cpu_filter_features(X86CPU *cpu)
x86_cpu_get_supported_feature_word(w, false);
uint32_t requested_features = env->features[w];
env->features[w] &= host_feat;
+ env->features[w] |= cpu->forced_features[w];
cpu->filtered_features[w] = requested_features & ~env->features[w];
if (cpu->filtered_features[w]) {
rv = 1;
@@ -3706,8 +3707,17 @@ static void x86_cpu_get_bit_prop(Object *obj, Visitor *v, const char *name,
X86CPU *cpu = X86_CPU(obj);
BitProperty *fp = opaque;
uint32_t f = cpu->env.features[fp->w];
+ uint32_t ff = cpu->forced_features[fp->w];
bool value = (f & fp->mask) == fp->mask;
- visit_type_bool(v, name, &value, errp);
+ bool forced = (ff & fp->mask) == fp->mask;
+ char str[] = "force";
+ char *strval = str;
+
+ if (forced) {
+ visit_type_str(v, name, &strval, errp);
+ } else {
+ visit_type_bool(v, name, &value, errp);
+ }
}
static void x86_cpu_set_bit_prop(Object *obj, Visitor *v, const char *name,
@@ -3717,6 +3727,7 @@ static void x86_cpu_set_bit_prop(Object *obj, Visitor *v, const char *name,
X86CPU *cpu = X86_CPU(obj);
BitProperty *fp = opaque;
Error *local_err = NULL;
+ char *strval = NULL;
bool value;
if (dev->realized) {
@@ -3724,7 +3735,15 @@ static void x86_cpu_set_bit_prop(Object *obj, Visitor *v, const char *name,
return;
}
- visit_type_bool(v, name, &value, &local_err);
+ visit_type_str(v, name, &strval, &local_err);
+ if (!local_err && !strcmp(strval, "force")) {
+ value = true;
+ cpu->forced_features[fp->w] |= fp->mask;
+ } else {
+ local_err = NULL;
+ visit_type_bool(v, name, &value, &local_err);
+ }
+
if (local_err) {
error_propagate(errp, local_err);
return;
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index 81c02c5a3b..a458c3af9b 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -1230,6 +1230,9 @@ struct X86CPU {
/* Features that were filtered out because of missing host capabilities */
uint32_t filtered_features[FEATURE_WORDS];
+ /* Features that are force enabled despite incompatible accel */
+ uint32_t forced_features[FEATURE_WORDS];
+
/* Enable PMU CPUID bits. This can't be enabled by default yet because
* it doesn't have ABI stability guarantees, as it passes all PMU CPUID
* bits returned by GET_SUPPORTED_CPUID (that depend on host CPU and kernel

View File

@ -1,90 +0,0 @@
From 60f3bfde84c98a31a1de4542fbab456ae83c4cbb Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Fri, 28 Apr 2017 10:42:37 +0200
Subject: [PATCH] input: limit kbd queue depth
Apply a limit to the number of items we accept into the keyboard queue.
Impact: Without this limit vnc clients can exhaust host memory by
sending keyboard events faster than qemu feeds them to the guest.
Fixes: CVE-2017-8379
Cc: P J P <ppandit@redhat.com>
Cc: Huawei PSIRT <PSIRT@huawei.com>
Reported-by: jiangxin1@huawei.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20170428084237.23960-1-kraxel@redhat.com
(cherry picked from commit fa18f36a461984eae50ab957e47ec78dae3c14fc)
[BR: BSC#1037334]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
ui/input.c | 14 +++++++++++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/ui/input.c b/ui/input.c
index ed88cda6d6..fb1f404095 100644
--- a/ui/input.c
+++ b/ui/input.c
@@ -41,6 +41,8 @@ static QTAILQ_HEAD(QemuInputEventQueueHead, QemuInputEventQueue) kbd_queue =
QTAILQ_HEAD_INITIALIZER(kbd_queue);
static QEMUTimer *kbd_timer;
static uint32_t kbd_default_delay_ms = 10;
+static uint32_t queue_count;
+static uint32_t queue_limit = 1024;
QemuInputHandlerState *qemu_input_handler_register(DeviceState *dev,
QemuInputHandler *handler)
@@ -268,6 +270,7 @@ static void qemu_input_queue_process(void *opaque)
break;
}
QTAILQ_REMOVE(queue, item, node);
+ queue_count--;
g_free(item);
}
}
@@ -282,6 +285,7 @@ static void qemu_input_queue_delay(struct QemuInputEventQueueHead *queue,
item->delay_ms = delay_ms;
item->timer = timer;
QTAILQ_INSERT_TAIL(queue, item, node);
+ queue_count++;
if (start_timer) {
timer_mod(item->timer, qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL)
@@ -298,6 +302,7 @@ static void qemu_input_queue_event(struct QemuInputEventQueueHead *queue,
item->src = src;
item->evt = evt;
QTAILQ_INSERT_TAIL(queue, item, node);
+ queue_count++;
}
static void qemu_input_queue_sync(struct QemuInputEventQueueHead *queue)
@@ -306,6 +311,7 @@ static void qemu_input_queue_sync(struct QemuInputEventQueueHead *queue)
item->type = QEMU_INPUT_QUEUE_SYNC;
QTAILQ_INSERT_TAIL(queue, item, node);
+ queue_count++;
}
void qemu_input_event_send_impl(QemuConsole *src, InputEvent *evt)
@@ -381,7 +387,7 @@ void qemu_input_event_send_key(QemuConsole *src, KeyValue *key, bool down)
qemu_input_event_send(src, evt);
qemu_input_event_sync();
qapi_free_InputEvent(evt);
- } else {
+ } else if (queue_count < queue_limit) {
qemu_input_queue_event(&kbd_queue, src, evt);
qemu_input_queue_sync(&kbd_queue);
}
@@ -409,8 +415,10 @@ void qemu_input_event_send_key_delay(uint32_t delay_ms)
kbd_timer = timer_new_ms(QEMU_CLOCK_VIRTUAL, qemu_input_queue_process,
&kbd_queue);
}
- qemu_input_queue_delay(&kbd_queue, kbd_timer,
- delay_ms ? delay_ms : kbd_default_delay_ms);
+ if (queue_count < queue_limit) {
+ qemu_input_queue_delay(&kbd_queue, kbd_timer,
+ delay_ms ? delay_ms : kbd_default_delay_ms);
+ }
}
InputEvent *qemu_input_event_new_btn(InputButton btn, bool down)

View File

@ -1,38 +0,0 @@
From f612e97b6af1cb18d66d70ede8c65faab8c21a5a Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Fri, 28 Apr 2017 09:56:12 +0200
Subject: [PATCH] audio: release capture buffers
AUD_add_capture() allocates two buffers which are never released.
Add the missing calls to AUD_del_capture().
Impact: Allows vnc clients to exhaust host memory by repeatedly
starting and stopping audio capture.
Fixes: CVE-2017-8309
Cc: P J P <ppandit@redhat.com>
Cc: Huawei PSIRT <PSIRT@huawei.com>
Reported-by: "Jiangxin (hunter, SCC)" <jiangxin1@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-id: 20170428075612.9997-1-kraxel@redhat.com
(cherry picked from commit 3268a845f41253fb55852a8429c32b50f36f349a)
[BR: BSC#1037242]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
audio/audio.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/audio/audio.c b/audio/audio.c
index c8898d8422..beafed209b 100644
--- a/audio/audio.c
+++ b/audio/audio.c
@@ -2028,6 +2028,8 @@ void AUD_del_capture (CaptureVoiceOut *cap, void *cb_opaque)
sw = sw1;
}
QLIST_REMOVE (cap, entries);
+ g_free (cap->hw.mix_buf);
+ g_free (cap->buf);
g_free (cap);
}
return;

View File

@ -1,45 +0,0 @@
From 7b1991173de44443e24a82f6a52f3977e5f66bc7 Mon Sep 17 00:00:00 2001
From: Prasad J Pandit <pjp@fedoraproject.org>
Date: Mon, 24 Apr 2017 17:36:34 +0530
Subject: [PATCH] scsi: avoid an off-by-one error in megasas_mmio_write
While reading magic sequence(MFI_SEQ) in megasas_mmio_write,
an off-by-one error could occur as 's->adp_reset' index is not
reset after reading the last sequence.
Reported-by: YY Z <bigbird475958471@gmail.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <20170424120634.12268-1-ppandit@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 24dfa9fa2f90a95ac33c7372de4f4f2c8a2c141f)
[BR: BSC#1037336 CVE-2017-8380]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/scsi/megasas.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index 84b8caf901..804122ab05 100644
--- a/hw/scsi/megasas.c
+++ b/hw/scsi/megasas.c
@@ -2138,15 +2138,15 @@ static void megasas_mmio_write(void *opaque, hwaddr addr,
case MFI_SEQ:
trace_megasas_mmio_writel("MFI_SEQ", val);
/* Magic sequence to start ADP reset */
- if (adp_reset_seq[s->adp_reset] == val) {
- s->adp_reset++;
+ if (adp_reset_seq[s->adp_reset++] == val) {
+ if (s->adp_reset == 6) {
+ s->adp_reset = 0;
+ s->diag = MFI_DIAG_WRITE_ENABLE;
+ }
} else {
s->adp_reset = 0;
s->diag = 0;
}
- if (s->adp_reset == 6) {
- s->diag = MFI_DIAG_WRITE_ENABLE;
- }
break;
case MFI_DIAG:
trace_megasas_mmio_writel("MFI_DIAG", val);

View File

@ -1,33 +0,0 @@
From 4e1c19fe60bb27e1a8b44878b40e59c0c324af56 Mon Sep 17 00:00:00 2001
From: P J P <ppandit@redhat.com>
Date: Tue, 25 Apr 2017 18:36:23 +0530
Subject: [PATCH] vmw_pvscsi: check message ring page count at initialisation
A guest could set the message ring page count to zero, resulting in
infinite loop. Add check to avoid it.
Reported-by: YY Z <bigbird475958471@gmail.com>
Signed-off-by: P J P <ppandit@redhat.com>
Message-Id: <20170425130623.3649-1-ppandit@redhat.com>
Reviewed-by: Dmitry Fleytman <dmitry@daynix.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit f68826989cd4d1217797251339579c57b3c0934e)
[BR: BSC#1036211 CVE-2017-8112]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/scsi/vmw_pvscsi.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/scsi/vmw_pvscsi.c b/hw/scsi/vmw_pvscsi.c
index 75575461e2..4a106da856 100644
--- a/hw/scsi/vmw_pvscsi.c
+++ b/hw/scsi/vmw_pvscsi.c
@@ -202,7 +202,7 @@ pvscsi_ring_init_msg(PVSCSIRingInfo *m, PVSCSICmdDescSetupMsgRing *ri)
uint32_t len_log2;
uint32_t ring_size;
- if (ri->numPages > PVSCSI_SETUP_MSG_RING_MAX_NUM_PAGES) {
+ if (!ri->numPages || ri->numPages > PVSCSI_SETUP_MSG_RING_MAX_NUM_PAGES) {
return -1;
}
ring_size = ri->numPages * PVSCSI_MAX_NUM_MSG_ENTRIES_PER_PAGE;

View File

@ -1,174 +0,0 @@
From 385fd07f1627cb73ed2ad266e23923cb7eae30f7 Mon Sep 17 00:00:00 2001
From: Greg Kurz <groug@kaod.org>
Date: Fri, 5 May 2017 14:48:08 +0200
Subject: [PATCH] 9pfs: local: forbid client access to metadata (CVE-2017-7493)
When using the mapped-file security mode, we shouldn't let the client mess
with the metadata. The current code already tries to hide the metadata dir
from the client by skipping it in local_readdir(). But the client can still
access or modify it through several other operations. This can be used to
escalate privileges in the guest.
Affected backend operations are:
- local_mknod()
- local_mkdir()
- local_open2()
- local_symlink()
- local_link()
- local_unlinkat()
- local_renameat()
- local_rename()
- local_name_to_path()
Other operations are safe because they are only passed a fid path, which
is computed internally in local_name_to_path().
This patch converts all the functions listed above to fail and return
EINVAL when being passed the name of the metadata dir. This may look
like a poor choice for errno, but there's no such thing as an illegal
path name on Linux and I could not think of anything better.
This fixes CVE-2017-7493.
Reported-by: Leo Gaspard <leo@gaspard.io>
Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
(cherry picked from commit 7a95434e0ca8a037fd8aa1a2e2461f92585eb77b)
[BR: BSC#1039495]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/9pfs/9p-local.c | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 56 insertions(+), 2 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index f3ebca4f7a..a2486566af 100644
--- a/hw/9pfs/9p-local.c
+++ b/hw/9pfs/9p-local.c
@@ -452,6 +452,11 @@ static off_t local_telldir(FsContext *ctx, V9fsFidOpenState *fs)
return telldir(fs->dir.stream);
}
+static bool local_is_mapped_file_metadata(FsContext *fs_ctx, const char *name)
+{
+ return !strcmp(name, VIRTFS_META_DIR);
+}
+
static struct dirent *local_readdir(FsContext *ctx, V9fsFidOpenState *fs)
{
struct dirent *entry;
@@ -465,8 +470,8 @@ again:
if (ctx->export_flags & V9FS_SM_MAPPED) {
entry->d_type = DT_UNKNOWN;
} else if (ctx->export_flags & V9FS_SM_MAPPED_FILE) {
- if (!strcmp(entry->d_name, VIRTFS_META_DIR)) {
- /* skp the meta data directory */
+ if (local_is_mapped_file_metadata(ctx, entry->d_name)) {
+ /* skip the meta data directory */
goto again;
}
entry->d_type = DT_UNKNOWN;
@@ -559,6 +564,12 @@ static int local_mknod(FsContext *fs_ctx, V9fsPath *dir_path,
int err = -1;
int dirfd;
+ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE &&
+ local_is_mapped_file_metadata(fs_ctx, name)) {
+ errno = EINVAL;
+ return -1;
+ }
+
dirfd = local_opendir_nofollow(fs_ctx, dir_path->data);
if (dirfd == -1) {
return -1;
@@ -605,6 +616,12 @@ static int local_mkdir(FsContext *fs_ctx, V9fsPath *dir_path,
int err = -1;
int dirfd;
+ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE &&
+ local_is_mapped_file_metadata(fs_ctx, name)) {
+ errno = EINVAL;
+ return -1;
+ }
+
dirfd = local_opendir_nofollow(fs_ctx, dir_path->data);
if (dirfd == -1) {
return -1;
@@ -694,6 +711,12 @@ static int local_open2(FsContext *fs_ctx, V9fsPath *dir_path, const char *name,
int err = -1;
int dirfd;
+ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE &&
+ local_is_mapped_file_metadata(fs_ctx, name)) {
+ errno = EINVAL;
+ return -1;
+ }
+
/*
* Mark all the open to not follow symlinks
*/
@@ -752,6 +775,12 @@ static int local_symlink(FsContext *fs_ctx, const char *oldpath,
int err = -1;
int dirfd;
+ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE &&
+ local_is_mapped_file_metadata(fs_ctx, name)) {
+ errno = EINVAL;
+ return -1;
+ }
+
dirfd = local_opendir_nofollow(fs_ctx, dir_path->data);
if (dirfd == -1) {
return -1;
@@ -826,6 +855,12 @@ static int local_link(FsContext *ctx, V9fsPath *oldpath,
int ret = -1;
int odirfd, ndirfd;
+ if (ctx->export_flags & V9FS_SM_MAPPED_FILE &&
+ local_is_mapped_file_metadata(ctx, name)) {
+ errno = EINVAL;
+ return -1;
+ }
+
odirfd = local_opendir_nofollow(ctx, odirpath);
if (odirfd == -1) {
goto out;
@@ -1096,6 +1131,12 @@ static int local_lremovexattr(FsContext *ctx, V9fsPath *fs_path,
static int local_name_to_path(FsContext *ctx, V9fsPath *dir_path,
const char *name, V9fsPath *target)
{
+ if (ctx->export_flags & V9FS_SM_MAPPED_FILE &&
+ local_is_mapped_file_metadata(ctx, name)) {
+ errno = EINVAL;
+ return -1;
+ }
+
if (dir_path) {
v9fs_path_sprintf(target, "%s/%s", dir_path->data, name);
} else if (strcmp(name, "/")) {
@@ -1116,6 +1157,13 @@ static int local_renameat(FsContext *ctx, V9fsPath *olddir,
int ret;
int odirfd, ndirfd;
+ if (ctx->export_flags & V9FS_SM_MAPPED_FILE &&
+ (local_is_mapped_file_metadata(ctx, old_name) ||
+ local_is_mapped_file_metadata(ctx, new_name))) {
+ errno = EINVAL;
+ return -1;
+ }
+
odirfd = local_opendir_nofollow(ctx, olddir->data);
if (odirfd == -1) {
return -1;
@@ -1206,6 +1254,12 @@ static int local_unlinkat(FsContext *ctx, V9fsPath *dir,
int ret;
int dirfd;
+ if (ctx->export_flags & V9FS_SM_MAPPED_FILE &&
+ local_is_mapped_file_metadata(ctx, name)) {
+ errno = EINVAL;
+ return -1;
+ }
+
dirfd = local_opendir_nofollow(ctx, dir->data);
if (dirfd == -1) {
return -1;

View File

@ -1,41 +0,0 @@
From 93971b136370f4d22269a605a2d1d60cb0fa185a Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Wed, 3 May 2017 12:44:41 +0200
Subject: [PATCH] jazz_led: fix bad snprintf
Detected by GCC 7's -Wformat-truncation. snprintf writes at most
2 bytes here including the terminating NUL, so the result is
truncated. In addition, the newline at the end is pointless.
Fix the buffer size and the format string.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
(cherry picked from commit e9c6ab62c760e333a6cf0f3f9ab021633723434c)
[LY: BSC#1040228]
Signed-off-by: Liang Yan <lyan@suse.com>
---
hw/display/jazz_led.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/display/jazz_led.c b/hw/display/jazz_led.c
index b72fdb1717..3c97d56434 100644
--- a/hw/display/jazz_led.c
+++ b/hw/display/jazz_led.c
@@ -227,13 +227,13 @@ static void jazz_led_invalidate_display(void *opaque)
static void jazz_led_text_update(void *opaque, console_ch_t *chardata)
{
LedState *s = opaque;
- char buf[2];
+ char buf[3];
dpy_text_cursor(s->con, -1, -1);
qemu_console_resize(s->con, 2, 1);
/* TODO: draw the segments */
- snprintf(buf, 2, "%02hhx\n", s->segments);
+ snprintf(buf, 3, "%02hhx", s->segments);
console_write_ch(chardata++, ATTR2CHTYPE(buf[0], QEMU_COLOR_BLUE,
QEMU_COLOR_BLACK, 1));
console_write_ch(chardata++, ATTR2CHTYPE(buf[1], QEMU_COLOR_BLUE,

View File

@ -1,117 +0,0 @@
From 40a4715c9e38f67f30bb22565d7e2b1cc59b7832 Mon Sep 17 00:00:00 2001
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Fri, 7 Apr 2017 15:32:54 +0100
Subject: [PATCH] slirp/smb: Replace constant strings by glib string
gcc 7 (on fedora 26) objects to many of the snprintf's
in the smb path and command creation because it can't
figure out that the smb_dir (i.e. the /tmp dir for the configuration)
is known to be short.
Replace all these fixed length buffers by g_str* functions that dynamically
allocate and use g_dir_make_tmp to make the directory.
(It's fairly new glib but we have a compat function for it).
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
(cherry picked from commit f95cc8b6cc3ad8c4b687f305a978d67091c28138)
[LY: BSC#1040228]
Signed-off-by: Liang Yan <lyan@suse.com>
---
net/slirp.c | 30 +++++++++++++++++-------------
1 file changed, 17 insertions(+), 13 deletions(-)
diff --git a/net/slirp.c b/net/slirp.c
index f97ec23345..9f6521190b 100644
--- a/net/slirp.c
+++ b/net/slirp.c
@@ -80,7 +80,7 @@ typedef struct SlirpState {
Slirp *slirp;
Notifier exit_notifier;
#ifndef _WIN32
- char smb_dir[128];
+ gchar *smb_dir;
#endif
} SlirpState;
@@ -558,11 +558,10 @@ int net_slirp_redir(const char *redir_str)
/* automatic user mode samba server configuration */
static void slirp_smb_cleanup(SlirpState *s)
{
- char cmd[128];
int ret;
- if (s->smb_dir[0] != '\0') {
- snprintf(cmd, sizeof(cmd), "rm -rf %s", s->smb_dir);
+ if (s->smb_dir) {
+ gchar *cmd = g_strdup_printf("rm -rf %s", s->smb_dir);
ret = system(cmd);
if (ret == -1 || !WIFEXITED(ret)) {
error_report("'%s' failed.", cmd);
@@ -570,15 +569,17 @@ static void slirp_smb_cleanup(SlirpState *s)
error_report("'%s' failed. Error code: %d",
cmd, WEXITSTATUS(ret));
}
- s->smb_dir[0] = '\0';
+ g_free(cmd);
+ g_free(s->smb_dir);
+ s->smb_dir = NULL;
}
}
static int slirp_smb(SlirpState* s, const char *exported_dir,
struct in_addr vserver_addr)
{
- char smb_conf[128];
- char smb_cmdline[128];
+ char *smb_conf;
+ char *smb_cmdline;
struct passwd *passwd;
FILE *f;
@@ -600,19 +601,19 @@ static int slirp_smb(SlirpState* s, const char *exported_dir,
return -1;
}
- snprintf(s->smb_dir, sizeof(s->smb_dir), "/tmp/qemu-smb.XXXXXX");
- if (!mkdtemp(s->smb_dir)) {
- error_report("could not create samba server dir '%s'", s->smb_dir);
- s->smb_dir[0] = 0;
+ s->smb_dir = g_dir_make_tmp("qemu-smb.XXXXXX", NULL);
+ if (!s->smb_dir) {
+ error_report("could not create samba server dir");
return -1;
}
- snprintf(smb_conf, sizeof(smb_conf), "%s/%s", s->smb_dir, "smb.conf");
+ smb_conf = g_strdup_printf("%s/%s", s->smb_dir, "smb.conf");
f = fopen(smb_conf, "w");
if (!f) {
slirp_smb_cleanup(s);
error_report("could not create samba server configuration file '%s'",
smb_conf);
+ g_free(smb_conf);
return -1;
}
fprintf(f,
@@ -651,15 +652,18 @@ static int slirp_smb(SlirpState* s, const char *exported_dir,
);
fclose(f);
- snprintf(smb_cmdline, sizeof(smb_cmdline), "%s -l %s -s %s",
+ smb_cmdline = g_strdup_printf("%s -l %s -s %s",
CONFIG_SMBD_COMMAND, s->smb_dir, smb_conf);
+ g_free(smb_conf);
if (slirp_add_exec(s->slirp, 0, smb_cmdline, &vserver_addr, 139) < 0 ||
slirp_add_exec(s->slirp, 0, smb_cmdline, &vserver_addr, 445) < 0) {
slirp_smb_cleanup(s);
+ g_free(smb_cmdline);
error_report("conflicting/invalid smbserver address");
return -1;
}
+ g_free(smb_cmdline);
return 0;
}

View File

@ -1,28 +0,0 @@
From ac31e9efbe92ee16903a446db4faa14f28e8a9b8 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Mon, 22 May 2017 17:46:40 -0600
Subject: [PATCH] altera_timer: fix incorrect memset
Use sizeof instead of ARRAY_SIZE, fixing -Wmemset-elt-size with recent
GCC versions.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
[LY: BSC#1040228]
Signed-off-by: Liang Yan <lyan@suse.com>
---
hw/timer/altera_timer.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/timer/altera_timer.c b/hw/timer/altera_timer.c
index 6d4862661d..c9a0fc5dca 100644
--- a/hw/timer/altera_timer.c
+++ b/hw/timer/altera_timer.c
@@ -204,7 +204,7 @@ static void altera_timer_reset(DeviceState *dev)
ptimer_stop(t->ptimer);
ptimer_set_limit(t->ptimer, 0xffffffff, 1);
- memset(t->regs, 0, ARRAY_SIZE(t->regs));
+ memset(t->regs, 0, sizeof(t->regs));
}
static Property altera_timer_properties[] = {

View File

@ -1,133 +0,0 @@
From f73df04319a21d9c40ae7b40614637f2fbd5fa3f Mon Sep 17 00:00:00 2001
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 22 May 2017 17:48:13 -0600
Subject: [PATCH] Hacks for building on gcc 7 / Fedora 26
Hi,
Fedora 26 has gcc 7.0.1 which has the normal compliment
of new fussy warnings; so far I've posted :
tests/check-qdict: Fix missing brackets
slirp/smb: Replace constant strings by glib string
that fix one actual mistake and work around something it's being
fussy over.
But I've also got a pile of hacks, attached below that I'm
not too sure what I'll do with them yet, but they're attached
for anyone else trying to build. Note they're smoke-only-tested.
I also have gcc bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80346
filed for what I reckon is a couple of overly pessimistic warnings.
Enjoy,
Dave
From 15353ce59e35e1d85927138982241491ea65cee2 Mon Sep 17 00:00:00 2001
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Thu, 6 Apr 2017 15:44:50 +0100
Subject: [HACK!] Hacks for f26 build
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
[LY: BSC#1040228]
Signed-off-by: Liang Yan <lyan@suse.com>
---
block/blkdebug.c | 4 ++--
block/blkverify.c | 4 ++--
hw/usb/bus.c | 5 +++--
include/qemu/iov.h | 4 ++--
tests/bios-tables-test.c | 2 +-
5 files changed, 10 insertions(+), 9 deletions(-)
diff --git a/block/blkdebug.c b/block/blkdebug.c
index 67e8024e36..34c645d095 100644
--- a/block/blkdebug.c
+++ b/block/blkdebug.c
@@ -689,9 +689,9 @@ static void blkdebug_refresh_filename(BlockDriverState *bs, QDict *options)
}
if (!force_json && bs->file->bs->exact_filename[0]) {
- snprintf(bs->exact_filename, sizeof(bs->exact_filename),
+ g_assert_cmpint(snprintf(bs->exact_filename, sizeof(bs->exact_filename),
"blkdebug:%s:%s", s->config_file ?: "",
- bs->file->bs->exact_filename);
+ bs->file->bs->exact_filename), <, sizeof(bs->exact_filename));
}
opts = qdict_new();
diff --git a/block/blkverify.c b/block/blkverify.c
index 9a1e21c6ad..d038947a5a 100644
--- a/block/blkverify.c
+++ b/block/blkverify.c
@@ -305,10 +305,10 @@ static void blkverify_refresh_filename(BlockDriverState *bs, QDict *options)
if (bs->file->bs->exact_filename[0]
&& s->test_file->bs->exact_filename[0])
{
- snprintf(bs->exact_filename, sizeof(bs->exact_filename),
+ g_assert_cmpint(snprintf(bs->exact_filename, sizeof(bs->exact_filename),
"blkverify:%s:%s",
bs->file->bs->exact_filename,
- s->test_file->bs->exact_filename);
+ s->test_file->bs->exact_filename), <, sizeof(bs->exact_filename));
}
}
diff --git a/hw/usb/bus.c b/hw/usb/bus.c
index 24f1608b4b..6023f3b419 100644
--- a/hw/usb/bus.c
+++ b/hw/usb/bus.c
@@ -8,6 +8,7 @@
#include "monitor/monitor.h"
#include "trace.h"
#include "qemu/cutils.h"
+#include <glib.h>
static void usb_bus_dev_print(Monitor *mon, DeviceState *qdev, int indent);
@@ -407,8 +408,8 @@ void usb_register_companion(const char *masterbus, USBPort *ports[],
void usb_port_location(USBPort *downstream, USBPort *upstream, int portnr)
{
if (upstream) {
- snprintf(downstream->path, sizeof(downstream->path), "%s.%d",
- upstream->path, portnr);
+ g_assert_cmpint(snprintf(downstream->path, sizeof(downstream->path), "%s.%d",
+ upstream->path, portnr), <, sizeof(downstream->path));
downstream->hubcount = upstream->hubcount + 1;
} else {
snprintf(downstream->path, sizeof(downstream->path), "%d", portnr);
diff --git a/include/qemu/iov.h b/include/qemu/iov.h
index bd9fd55b0a..ebb0221140 100644
--- a/include/qemu/iov.h
+++ b/include/qemu/iov.h
@@ -46,7 +46,7 @@ static inline size_t
iov_from_buf(const struct iovec *iov, unsigned int iov_cnt,
size_t offset, const void *buf, size_t bytes)
{
- if (__builtin_constant_p(bytes) && iov_cnt &&
+ if (__builtin_constant_p(bytes) && iov_cnt && bytes <= INT_MAX &&
offset <= iov[0].iov_len && bytes <= iov[0].iov_len - offset) {
memcpy(iov[0].iov_base + offset, buf, bytes);
return bytes;
@@ -59,7 +59,7 @@ static inline size_t
iov_to_buf(const struct iovec *iov, const unsigned int iov_cnt,
size_t offset, void *buf, size_t bytes)
{
- if (__builtin_constant_p(bytes) && iov_cnt &&
+ if (__builtin_constant_p(bytes) && iov_cnt && bytes <= INT_MAX &&
offset <= iov[0].iov_len && bytes <= iov[0].iov_len - offset) {
memcpy(buf, iov[0].iov_base + offset, bytes);
return bytes;
diff --git a/tests/bios-tables-test.c b/tests/bios-tables-test.c
index 88dbf97853..c55de4f65b 100644
--- a/tests/bios-tables-test.c
+++ b/tests/bios-tables-test.c
@@ -98,7 +98,7 @@ static void test_acpi_rsdt_table(test_data *data)
AcpiRsdtDescriptorRev1 *rsdt_table = &data->rsdt_table;
uint32_t addr = data->rsdp_table.rsdt_physical_address;
uint32_t *tables;
- int tables_nr;
+ unsigned int tables_nr;
uint8_t checksum;
/* read the header */

View File

@ -1,102 +0,0 @@
From 44e4ce741c71d1d2c32f1d2b0d90a1f2e635e44f Mon Sep 17 00:00:00 2001
From: Greg Kurz <groug@kaod.org>
Date: Thu, 25 May 2017 10:30:13 +0200
Subject: [PATCH] 9pfs: local: fix unlink of alien files in mapped-file mode
When trying to remove a file from a directory, both created in non-mapped
mode, the file remains and EBADF is returned to the guest.
This is a regression introduced by commit "df4938a6651b 9pfs: local:
unlinkat: don't follow symlinks" when fixing CVE-2016-9602. It changed the
way we unlink the metadata file from
ret = remove("$dir/.virtfs_metadata/$name");
if (ret < 0 && errno != ENOENT) {
/* Error out */
}
/* Ignore absence of metadata */
to
fd = openat("$dir/.virtfs_metadata")
unlinkat(fd, "$name")
if (ret < 0 && errno != ENOENT) {
/* Error out */
}
/* Ignore absence of metadata */
If $dir was created in non-mapped mode, openat() fails with ENOENT and
we pass -1 to unlinkat(), which fails in turn with EBADF.
We just need to check the return of openat() and ignore ENOENT, in order
to restore the behaviour we had with remove().
Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
[groug: rewrote the comments as suggested by Eric]
(cherry picked from commit 6a87e7929f97b86c5823d4616fa1aa7636b2f116)
[BR: Fix and/or infrastructure for BSC#1020427 CVE-2016-9602]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/9pfs/9p-local.c | 34 +++++++++++++++-------------------
1 file changed, 15 insertions(+), 19 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index a2486566af..226234d386 100644
--- a/hw/9pfs/9p-local.c
+++ b/hw/9pfs/9p-local.c
@@ -992,6 +992,14 @@ static int local_unlinkat_common(FsContext *ctx, int dirfd, const char *name,
if (ctx->export_flags & V9FS_SM_MAPPED_FILE) {
int map_dirfd;
+ /* We need to remove the metadata as well:
+ * - the metadata directory if we're removing a directory
+ * - the metadata file in the parent's metadata directory
+ *
+ * If any of these are missing (ie, ENOENT) then we're probably
+ * trying to remove something that wasn't created in mapped-file
+ * mode. We just ignore the error.
+ */
if (flags == AT_REMOVEDIR) {
int fd;
@@ -999,32 +1007,20 @@ static int local_unlinkat_common(FsContext *ctx, int dirfd, const char *name,
if (fd == -1) {
goto err_out;
}
- /*
- * If directory remove .virtfs_metadata contained in the
- * directory
- */
ret = unlinkat(fd, VIRTFS_META_DIR, AT_REMOVEDIR);
close_preserve_errno(fd);
if (ret < 0 && errno != ENOENT) {
- /*
- * We didn't had the .virtfs_metadata file. May be file created
- * in non-mapped mode ?. Ignore ENOENT.
- */
goto err_out;
}
}
- /*
- * Now remove the name from parent directory
- * .virtfs_metadata directory.
- */
map_dirfd = openat_dir(dirfd, VIRTFS_META_DIR);
- ret = unlinkat(map_dirfd, name, 0);
- close_preserve_errno(map_dirfd);
- if (ret < 0 && errno != ENOENT) {
- /*
- * We didn't had the .virtfs_metadata file. May be file created
- * in non-mapped mode ?. Ignore ENOENT.
- */
+ if (map_dirfd != -1) {
+ ret = unlinkat(map_dirfd, name, 0);
+ close_preserve_errno(map_dirfd);
+ if (ret < 0 && errno != ENOENT) {
+ goto err_out;
+ }
+ } else if (errno != ENOENT) {
goto err_out;
}
}

View File

@ -1,113 +0,0 @@
From b4c6e40036a569fa10cd2fde63244e707b4d75e5 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Mon, 19 Jun 2017 16:36:08 -0600
Subject: [PATCH] megasas: do not read DCMD opcode more than once from frame
Avoid TOC-TOU bugs by storing the DCMD opcode in the MegasasCmd
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
[BR: BSC#1043296 CVE-2017-9503]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/scsi/megasas.c | 25 +++++++++++--------------
1 file changed, 11 insertions(+), 14 deletions(-)
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index 804122ab05..887958481b 100644
--- a/hw/scsi/megasas.c
+++ b/hw/scsi/megasas.c
@@ -63,6 +63,7 @@ typedef struct MegasasCmd {
hwaddr pa;
hwaddr pa_size;
+ uint32_t dcmd_opcode;
union mfi_frame *frame;
SCSIRequest *req;
QEMUSGList qsg;
@@ -511,6 +512,7 @@ static MegasasCmd *megasas_enqueue_frame(MegasasState *s,
cmd->context &= (uint64_t)0xFFFFFFFF;
}
cmd->count = count;
+ cmd->dcmd_opcode = -1;
s->busy++;
if (s->consumer_pa) {
@@ -1559,22 +1561,21 @@ static const struct dcmd_cmd_tbl_t {
static int megasas_handle_dcmd(MegasasState *s, MegasasCmd *cmd)
{
- int opcode;
int retval = 0;
size_t len;
const struct dcmd_cmd_tbl_t *cmdptr = dcmd_cmd_tbl;
- opcode = le32_to_cpu(cmd->frame->dcmd.opcode);
- trace_megasas_handle_dcmd(cmd->index, opcode);
+ cmd->dcmd_opcode = le32_to_cpu(cmd->frame->dcmd.opcode);
+ trace_megasas_handle_dcmd(cmd->index, cmd->dcmd_opcode);
if (megasas_map_dcmd(s, cmd) < 0) {
return MFI_STAT_MEMORY_NOT_AVAILABLE;
}
- while (cmdptr->opcode != -1 && cmdptr->opcode != opcode) {
+ while (cmdptr->opcode != -1 && cmdptr->opcode != cmd->dcmd_opcode) {
cmdptr++;
}
len = cmd->iov_size;
if (cmdptr->opcode == -1) {
- trace_megasas_dcmd_unhandled(cmd->index, opcode, len);
+ trace_megasas_dcmd_unhandled(cmd->index, cmd->dcmd_opcode, len);
retval = megasas_dcmd_dummy(s, cmd);
} else {
trace_megasas_dcmd_enter(cmd->index, cmdptr->desc, len);
@@ -1589,13 +1590,11 @@ static int megasas_handle_dcmd(MegasasState *s, MegasasCmd *cmd)
static int megasas_finish_internal_dcmd(MegasasCmd *cmd,
SCSIRequest *req)
{
- int opcode;
int retval = MFI_STAT_OK;
int lun = req->lun;
- opcode = le32_to_cpu(cmd->frame->dcmd.opcode);
- trace_megasas_dcmd_internal_finish(cmd->index, opcode, lun);
- switch (opcode) {
+ trace_megasas_dcmd_internal_finish(cmd->index, cmd->dcmd_opcode, lun);
+ switch (cmd->dcmd_opcode) {
case MFI_DCMD_PD_GET_INFO:
retval = megasas_pd_get_info_submit(req->dev, lun, cmd);
break;
@@ -1603,7 +1602,7 @@ static int megasas_finish_internal_dcmd(MegasasCmd *cmd,
retval = megasas_ld_get_info_submit(req->dev, lun, cmd);
break;
default:
- trace_megasas_dcmd_internal_invalid(cmd->index, opcode);
+ trace_megasas_dcmd_internal_invalid(cmd->index, cmd->dcmd_opcode);
retval = MFI_STAT_INVALID_DCMD;
break;
}
@@ -1824,7 +1823,6 @@ static void megasas_xfer_complete(SCSIRequest *req, uint32_t len)
{
MegasasCmd *cmd = req->hba_private;
uint8_t *buf;
- uint32_t opcode;
trace_megasas_io_complete(cmd->index, len);
@@ -1834,8 +1832,7 @@ static void megasas_xfer_complete(SCSIRequest *req, uint32_t len)
}
buf = scsi_req_get_buf(req);
- opcode = le32_to_cpu(cmd->frame->dcmd.opcode);
- if (opcode == MFI_DCMD_PD_GET_INFO && cmd->iov_buf) {
+ if (cmd->dcmd_opcode == MFI_DCMD_PD_GET_INFO && cmd->iov_buf) {
struct mfi_pd_info *info = cmd->iov_buf;
if (info->inquiry_data[0] == 0x7f) {
@@ -1846,7 +1843,7 @@ static void megasas_xfer_complete(SCSIRequest *req, uint32_t len)
memcpy(info->vpd_page83, buf, len);
}
scsi_req_continue(req);
- } else if (opcode == MFI_DCMD_LD_GET_INFO) {
+ } else if (cmd->dcmd_opcode == MFI_DCMD_LD_GET_INFO) {
struct mfi_ld_info *info = cmd->iov_buf;
if (cmd->iov_buf) {

View File

@ -1,123 +0,0 @@
From 5e011980d6a696192ce807c21c145d738668d040 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Sat, 10 Jun 2017 14:04:51 -0600
Subject: [PATCH] megasas: always store SCSIRequest* into MegasasCmd
This ensures that the request is unref'ed properly, and avoids a
segmentation fault in the new qtest testcase that is added.
Reported-by: Zhangyanyu <zyy4013@stu.ouc.edu.cn>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
[BR: BSC#1043296 CVE-2017-9503, dropped testcase from patch]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/scsi/megasas.c | 31 ++++++++++++++++---------------
1 file changed, 16 insertions(+), 15 deletions(-)
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index 887958481b..a0cafe3010 100644
--- a/hw/scsi/megasas.c
+++ b/hw/scsi/megasas.c
@@ -607,6 +607,9 @@ static void megasas_reset_frames(MegasasState *s)
static void megasas_abort_command(MegasasCmd *cmd)
{
/* Never abort internal commands. */
+ if (cmd->dcmd_opcode != -1) {
+ return;
+ }
if (cmd->req != NULL) {
scsi_req_cancel(cmd->req);
}
@@ -1014,7 +1017,6 @@ static int megasas_pd_get_info_submit(SCSIDevice *sdev, int lun,
uint64_t pd_size;
uint16_t pd_id = ((sdev->id & 0xFF) << 8) | (lun & 0xFF);
uint8_t cmdbuf[6];
- SCSIRequest *req;
size_t len, resid;
if (!cmd->iov_buf) {
@@ -1023,8 +1025,8 @@ static int megasas_pd_get_info_submit(SCSIDevice *sdev, int lun,
info->inquiry_data[0] = 0x7f; /* Force PQual 0x3, PType 0x1f */
info->vpd_page83[0] = 0x7f;
megasas_setup_inquiry(cmdbuf, 0, sizeof(info->inquiry_data));
- req = scsi_req_new(sdev, cmd->index, lun, cmdbuf, cmd);
- if (!req) {
+ cmd->req = scsi_req_new(sdev, cmd->index, lun, cmdbuf, cmd);
+ if (!cmd->req) {
trace_megasas_dcmd_req_alloc_failed(cmd->index,
"PD get info std inquiry");
g_free(cmd->iov_buf);
@@ -1033,26 +1035,26 @@ static int megasas_pd_get_info_submit(SCSIDevice *sdev, int lun,
}
trace_megasas_dcmd_internal_submit(cmd->index,
"PD get info std inquiry", lun);
- len = scsi_req_enqueue(req);
+ len = scsi_req_enqueue(cmd->req);
if (len > 0) {
cmd->iov_size = len;
- scsi_req_continue(req);
+ scsi_req_continue(cmd->req);
}
return MFI_STAT_INVALID_STATUS;
} else if (info->inquiry_data[0] != 0x7f && info->vpd_page83[0] == 0x7f) {
megasas_setup_inquiry(cmdbuf, 0x83, sizeof(info->vpd_page83));
- req = scsi_req_new(sdev, cmd->index, lun, cmdbuf, cmd);
- if (!req) {
+ cmd->req = scsi_req_new(sdev, cmd->index, lun, cmdbuf, cmd);
+ if (!cmd->req) {
trace_megasas_dcmd_req_alloc_failed(cmd->index,
"PD get info vpd inquiry");
return MFI_STAT_FLASH_ALLOC_FAIL;
}
trace_megasas_dcmd_internal_submit(cmd->index,
"PD get info vpd inquiry", lun);
- len = scsi_req_enqueue(req);
+ len = scsi_req_enqueue(cmd->req);
if (len > 0) {
cmd->iov_size = len;
- scsi_req_continue(req);
+ scsi_req_continue(cmd->req);
}
return MFI_STAT_INVALID_STATUS;
}
@@ -1214,7 +1216,6 @@ static int megasas_ld_get_info_submit(SCSIDevice *sdev, int lun,
struct mfi_ld_info *info = cmd->iov_buf;
size_t dcmd_size = sizeof(struct mfi_ld_info);
uint8_t cdb[6];
- SCSIRequest *req;
ssize_t len, resid;
uint16_t sdev_id = ((sdev->id & 0xFF) << 8) | (lun & 0xFF);
uint64_t ld_size;
@@ -1223,8 +1224,8 @@ static int megasas_ld_get_info_submit(SCSIDevice *sdev, int lun,
cmd->iov_buf = g_malloc0(dcmd_size);
info = cmd->iov_buf;
megasas_setup_inquiry(cdb, 0x83, sizeof(info->vpd_page83));
- req = scsi_req_new(sdev, cmd->index, lun, cdb, cmd);
- if (!req) {
+ cmd->req = scsi_req_new(sdev, cmd->index, lun, cdb, cmd);
+ if (!cmd->req) {
trace_megasas_dcmd_req_alloc_failed(cmd->index,
"LD get info vpd inquiry");
g_free(cmd->iov_buf);
@@ -1233,10 +1234,10 @@ static int megasas_ld_get_info_submit(SCSIDevice *sdev, int lun,
}
trace_megasas_dcmd_internal_submit(cmd->index,
"LD get info vpd inquiry", lun);
- len = scsi_req_enqueue(req);
+ len = scsi_req_enqueue(cmd->req);
if (len > 0) {
cmd->iov_size = len;
- scsi_req_continue(req);
+ scsi_req_continue(cmd->req);
}
return MFI_STAT_INVALID_STATUS;
}
@@ -1865,7 +1866,7 @@ static void megasas_command_complete(SCSIRequest *req, uint32_t status,
return;
}
- if (cmd->req == NULL) {
+ if (cmd->dcmd_opcode != -1) {
/*
* Internal command complete
*/

View File

@ -1,80 +0,0 @@
From 096703b0e4c619c6cd3015fcb105c65692b2ec56 Mon Sep 17 00:00:00 2001
From: Eric Blake <eblake@redhat.com>
Date: Fri, 26 May 2017 22:04:21 -0500
Subject: [PATCH] nbd: Fully initialize client in case of failed negotiation
If a non-NBD client connects to qemu-nbd, we would end up with
a SIGSEGV in nbd_client_put() because we were trying to
unregister the client's association to the export, even though
we skipped inserting the client into that list. Easy trigger
in two terminals:
$ qemu-nbd -p 30001 --format=raw file
$ nmap 127.0.0.1 -p 30001
nmap claims that it thinks it connected to a pago-services1
server (which probably means nmap could be updated to learn the
NBD protocol and give a more accurate diagnosis of the open
port - but that's not our problem), then terminates immediately,
so our call to nbd_negotiate() fails. The fix is to reorder
nbd_co_client_start() to ensure that all initialization occurs
before we ever try talking to a client in nbd_negotiate(), so
that the teardown sequence on negotiation failure doesn't fault
while dereferencing a half-initialized object.
While debugging this, I also noticed that nbd_update_server_watch()
called by nbd_client_closed() was still adding a channel to accept
the next client, even when the state was no longer RUNNING. That
is fixed by making nbd_can_accept() pay attention to the current
state.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1451614
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20170527030421.28366-1-eblake@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit df8ad9f128c15aa0a0ebc7b24e9a22c9775b67af)
[BR: BSC#1043808 CVE-2017-9524]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
nbd/server.c | 8 +++-----
qemu-nbd.c | 2 +-
2 files changed, 4 insertions(+), 6 deletions(-)
diff --git a/nbd/server.c b/nbd/server.c
index 924a1fe2db..edfda84d43 100644
--- a/nbd/server.c
+++ b/nbd/server.c
@@ -1376,16 +1376,14 @@ static coroutine_fn void nbd_co_client_start(void *opaque)
if (exp) {
nbd_export_get(exp);
+ QTAILQ_INSERT_TAIL(&exp->clients, client, next);
}
+ qemu_co_mutex_init(&client->send_lock);
+
if (nbd_negotiate(data)) {
client_close(client);
goto out;
}
- qemu_co_mutex_init(&client->send_lock);
-
- if (exp) {
- QTAILQ_INSERT_TAIL(&exp->clients, client, next);
- }
nbd_client_receive_next_request(client);
diff --git a/qemu-nbd.c b/qemu-nbd.c
index e080fb7c75..b44764eb87 100644
--- a/qemu-nbd.c
+++ b/qemu-nbd.c
@@ -324,7 +324,7 @@ out:
static int nbd_can_accept(void)
{
- return nb_fds < shared;
+ return state == RUNNING && nb_fds < shared;
}
static void nbd_export_closed(NBDExport *exp)

View File

@ -1,28 +0,0 @@
From e915b08f89ee946a702b98624c1e73849ddb611c Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Mon, 19 Jun 2017 14:48:02 -0600
Subject: [PATCH] 9pfs: local: remove: use correct path component
Commit a0e640a8 introduced a path processing error.
Pass fstatat the dirpath based path component instead
of the entire path.
[BR: BSC#1045035]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/9pfs/9p-local.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index 226234d386..47f6d9ec99 100644
--- a/hw/9pfs/9p-local.c
+++ b/hw/9pfs/9p-local.c
@@ -1044,7 +1044,7 @@ static int local_remove(FsContext *ctx, const char *path)
goto out;
}
- if (fstatat(dirfd, path, &stbuf, AT_SYMLINK_NOFOLLOW) < 0) {
+ if (fstatat(dirfd, name, &stbuf, AT_SYMLINK_NOFOLLOW) < 0) {
goto err_out;
}

View File

@ -1,27 +0,0 @@
From b1fafc01f55733b0e1aaeba84192b6515c92f7a0 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 22 Jun 2017 09:33:21 +0200
Subject: [PATCH] hid: Reset kbd modifiers on reset
When resetting the keyboard, we need to reset not just the pending keystrokes,
but also any pending modifiers. Otherwise there's a race when we're getting
reset while running an escape sequence (modifier 0x100).
Cc: qemu-stable@nongnu.org
Signed-off-by: Alexander Graf <agraf@suse.de>
---
hw/input/hid.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/hw/input/hid.c b/hw/input/hid.c
index 93887ecc43..0d049ff61c 100644
--- a/hw/input/hid.c
+++ b/hw/input/hid.c
@@ -487,6 +487,7 @@ void hid_reset(HIDState *hs)
memset(hs->kbd.keycodes, 0, sizeof(hs->kbd.keycodes));
memset(hs->kbd.key, 0, sizeof(hs->kbd.key));
hs->kbd.keys = 0;
+ hs->kbd.modifiers = 0;
break;
case HID_MOUSE:
case HID_TABLET:

View File

@ -1,29 +0,0 @@
From bea345d1c1fa6d351de7cacf66ccc35845406b31 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Thu, 22 Jun 2017 09:36:36 +0200
Subject: [PATCH] input: Decrement queue count on kbd delay
Delays in the input layer are special cased input events. Every input
event is accounted for in a global intput queue count. The special cased
delays however did not get removed from the queue, leading to queue overruns
and thus silent key drops after typing quite a few characters.
Signed-off-by: Alexander Graf <agraf@suse.de>
Fixes: be1a7176 ("input: add support for kbd delays")
Cc: qemu-stable@nongnu.org
---
ui/input.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/ui/input.c b/ui/input.c
index fb1f404095..94ba3d52cf 100644
--- a/ui/input.c
+++ b/ui/input.c
@@ -252,6 +252,7 @@ static void qemu_input_queue_process(void *opaque)
item = QTAILQ_FIRST(queue);
g_assert(item->type == QEMU_INPUT_QUEUE_DELAY);
QTAILQ_REMOVE(queue, item, node);
+ queue_count--;
g_free(item);
while (!QTAILQ_EMPTY(queue)) {

View File

@ -1,54 +0,0 @@
From a049f58c32e0c783d2d524a918d40ba4b22d96b8 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Thu, 8 Jun 2017 09:41:22 +0200
Subject: [PATCH] xhci: only update dequeue ptr on completed transfers
The dequeue pointer should only be updated in case the transfer
is actually completed. If we update it for inflight transfers
we will not pick them up again after migration, which easily
triggers with HID devices as they typically have a pending
transfer, waiting for user input to happen.
Fixes: 243afe858b95765b98d16a1f0dd50dca262858ad
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1451631
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Laurent Vivier <lvivier@redhat.com>
Message-id: 20170608074122.32099-1-kraxel@redhat.com
(cherry picked from commit d54fddea989ba4aa2912d49583d86ce01c0d27ea)
Fixes: https://bugzilla.suse.com/show_bug.cgi?id=1048296
Signed-off-by: Alexander Graf <agraf@suse.de>
---
hw/usb/hcd-xhci.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
index a2d3143bf4..ed0f13f37b 100644
--- a/hw/usb/hcd-xhci.c
+++ b/hw/usb/hcd-xhci.c
@@ -2119,6 +2119,8 @@ static void xhci_kick_epctx(XHCIEPContext *epctx, unsigned int streamid)
}
assert(!xfer->running_retry);
if (xfer->complete) {
+ /* update ring dequeue ptr */
+ xhci_set_ep_state(xhci, epctx, stctx, epctx->state);
xhci_ep_free_xfer(epctx->retry);
}
epctx->retry = NULL;
@@ -2169,6 +2171,8 @@ static void xhci_kick_epctx(XHCIEPContext *epctx, unsigned int streamid)
xhci_fire_transfer(xhci, xfer, epctx);
}
if (xfer->complete) {
+ /* update ring dequeue ptr */
+ xhci_set_ep_state(xhci, epctx, stctx, epctx->state);
xhci_ep_free_xfer(xfer);
xfer = NULL;
}
@@ -2186,8 +2190,6 @@ static void xhci_kick_epctx(XHCIEPContext *epctx, unsigned int streamid)
break;
}
}
- /* update ring dequeue ptr */
- xhci_set_ep_state(xhci, epctx, stctx, epctx->state);
epctx->kick_active--;
ep = xhci_epid_to_usbep(epctx);

View File

@ -1,54 +0,0 @@
From ea61b5439c77d6fdeb62a04c39affa534b09fcdd Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Wed, 12 Jul 2017 14:43:45 +0200
Subject: [PATCH] vnc: Set default kbd delay to 10ms
The current VNC default keyboard delay is 1ms. With that we're constantly
typing faster than the guest receives keyboard events from an XHCI attached
USB HID device.
The default keyboard delay time in the input layer however is 10ms. I don't know
how that number came to be, but empirical tests on some OpenQA driven ARM
systems show that 10ms really is a reasonable default number for the delay.
This patch moves the VNC delay also to 10ms. That way our default is much
safer (good!) and also consistent with the input layer default (also good!).
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Message-id: 1499863425-103133-1-git-send-email-agraf@suse.de
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit d3b0db6dfea6b3a9ee0d96aceb796bdcafa84314)
[BR: BSC#1031692]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
qemu-options.hx | 2 +-
ui/vnc.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/qemu-options.hx b/qemu-options.hx
index 4712277d7c..ab7e32a4a0 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -1491,7 +1491,7 @@ spec but is traditional QEMU behavior.
@item key-delay-ms
Set keyboard delay, for key down and key up events, in milliseconds.
-Default is 1. Keyboards are low-bandwidth devices, so this slowdown
+Default is 10. Keyboards are low-bandwidth devices, so this slowdown
can help the device and guest to keep up and not lose events in case
events are arriving in bulk. Possible causes for the latter are flaky
network connections, or scripts for automated testing.
diff --git a/ui/vnc.c b/ui/vnc.c
index 51d6f2353f..3528d50c8a 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -3884,7 +3884,7 @@ void vnc_display_open(const char *id, Error **errp)
}
lock_key_sync = qemu_opt_get_bool(opts, "lock-key-sync", true);
- key_delay_ms = qemu_opt_get_number(opts, "key-delay-ms", 1);
+ key_delay_ms = qemu_opt_get_number(opts, "key-delay-ms", 10);
sasl = qemu_opt_get_bool(opts, "sasl", false);
#ifndef CONFIG_VNC_SASL
if (sasl) {

View File

@ -1,47 +0,0 @@
From 40c9dcf30be29a4d76aeb85b5510cea071423b81 Mon Sep 17 00:00:00 2001
From: Max Reitz <mreitz@redhat.com>
Date: Sun, 11 Jun 2017 14:37:14 +0200
Subject: [PATCH] qemu-nbd: Ignore SIGPIPE
qemu proper has done so for 13 years
(8a7ddc38a60648257dc0645ab4a05b33d6040063), qemu-img and qemu-io have
done so for four years (526eda14a68d5b3596be715505289b541288ef2a).
Ignoring this signal is especially important in qemu-nbd because
otherwise a client can easily take down the qemu-nbd server by dropping
the connection when the server wants to send something, for example:
$ qemu-nbd -x foo -f raw -t null-co:// &
[1] 12726
$ qemu-io -c quit nbd://localhost/bar
can't open device nbd://localhost/bar: No export with name 'bar' available
[1] + 12726 broken pipe qemu-nbd -x foo -f raw -t null-co://
In this case, the client sends an NBD_OPT_ABORT and closes the
connection (because it is not required to wait for a reply), but the
server replies with an NBD_REP_ACK (because it is required to reply).
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20170611123714.31292-1-mreitz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 041e32b8d9d076980b4e35317c0339e57ab888f1)
[BR: BSC#1046636 CVE-2017-10664]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
qemu-nbd.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/qemu-nbd.c b/qemu-nbd.c
index b44764eb87..83bf9cb46c 100644
--- a/qemu-nbd.c
+++ b/qemu-nbd.c
@@ -581,6 +581,10 @@ int main(int argc, char **argv)
sa_sigterm.sa_handler = termsig_handler;
sigaction(SIGTERM, &sa_sigterm, NULL);
+#ifdef CONFIG_POSIX
+ signal(SIGPIPE, SIG_IGN);
+#endif
+
module_call_init(MODULE_INIT_TRACE);
qcrypto_init(&error_fatal);

View File

@ -1,50 +0,0 @@
From 416a6f3bf137b8e6782dd7c1f9563afe8ee97b19 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Tue, 9 May 2017 13:01:28 +0200
Subject: [PATCH] usb-redir: fix stack overflow in usbredir_log_data
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Don't reinvent a broken wheel, just use the hexdump function we have.
Impact: low, broken code doesn't run unless you have debug logging
enabled.
Reported-by: 李强 <liqiang6-s@360.cn>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20170509110128.27261-1-kraxel@redhat.com
(cherry picked from commit bd4a683505b27adc1ac809f71e918e58573d851d)
[BR: BSC#1047674 CVE-2017-10806]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/usb/redirect.c | 13 +------------
1 file changed, 1 insertion(+), 12 deletions(-)
diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c
index 0efe62f725..eb70dc7218 100644
--- a/hw/usb/redirect.c
+++ b/hw/usb/redirect.c
@@ -229,21 +229,10 @@ static void usbredir_log(void *priv, int level, const char *msg)
static void usbredir_log_data(USBRedirDevice *dev, const char *desc,
const uint8_t *data, int len)
{
- int i, j, n;
-
if (dev->debug < usbredirparser_debug_data) {
return;
}
-
- for (i = 0; i < len; i += j) {
- char buf[128];
-
- n = sprintf(buf, "%s", desc);
- for (j = 0; j < 8 && i + j < len; j++) {
- n += sprintf(buf + n, " %02X", data[i + j]);
- }
- error_report("%s", buf);
- }
+ qemu_hexdump((char *)data, stderr, desc, len);
}
/*

View File

@ -1,43 +0,0 @@
From f6658a500e003e91225f59bc2c2305c6b7d2f0d1 Mon Sep 17 00:00:00 2001
From: Prasad J Pandit <pjp@fedoraproject.org>
Date: Wed, 12 Jul 2017 18:08:40 +0530
Subject: [PATCH] exec: use qemu_ram_ptr_length to access guest ram
When accessing guest's ram block during DMA operation, use
'qemu_ram_ptr_length' to get ram block pointer. It ensures
that DMA operation of given length is possible; And avoids
any OOB memory access situations.
Reported-by: Alex <broscutamaker@gmail.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <20170712123840.29328-1-ppandit@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 04bf2526ce87f21b32c9acba1c5518708c243ad0)
[BR: BSC#1048902 CVE-2017-11334]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
exec.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/exec.c b/exec.c
index b47b3f9096..1de9107b61 100644
--- a/exec.c
+++ b/exec.c
@@ -2767,7 +2767,7 @@ static MemTxResult address_space_write_continue(AddressSpace *as, hwaddr addr,
}
} else {
/* RAM case */
- ptr = qemu_map_ram_ptr(mr->ram_block, addr1);
+ ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l);
memcpy(ptr, buf, l);
invalidate_and_set_dirty(mr, addr1, l);
}
@@ -2858,7 +2858,7 @@ MemTxResult address_space_read_continue(AddressSpace *as, hwaddr addr,
}
} else {
/* RAM case */
- ptr = qemu_map_ram_ptr(mr->ram_block, addr1);
+ ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l);
memcpy(buf, ptr, l);
}

View File

@ -1,35 +0,0 @@
From 2c4c724d1ad6dfd316ca3941b29d50f52ab625eb Mon Sep 17 00:00:00 2001
From: Prasad J Pandit <pjp@fedoraproject.org>
Date: Mon, 17 Jul 2017 17:33:26 +0530
Subject: [PATCH] slirp: check len against dhcp options array end
While parsing dhcp options string in 'dhcp_decode', if an options'
length 'len' appeared towards the end of 'bp_vend' array, ensuing
read could lead to an OOB memory access issue. Add check to avoid it.
This is CVE-2017-11434.
Reported-by: Reno Robert <renorobert@gmail.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
(cherry picked from commit 413d463f43fbc4dd3a601e80a5724aa384a265a0)
[BR: BSC#1049381 CVE-2017-11434]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
slirp/bootp.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/slirp/bootp.c b/slirp/bootp.c
index 5a4646c182..5dd1a415b5 100644
--- a/slirp/bootp.c
+++ b/slirp/bootp.c
@@ -123,6 +123,9 @@ static void dhcp_decode(const struct bootp_t *bp, int *pmsg_type,
if (p >= p_end)
break;
len = *p++;
+ if (p + len > p_end) {
+ break;
+ }
DPRINTF("dhcp: tag=%d len=%d\n", tag, len);
switch(tag) {

View File

@ -1,161 +0,0 @@
From 96ce16c57f821b9f676de88f25d488d52fec68fe Mon Sep 17 00:00:00 2001
From: Stefano Stabellini <sstabellini@kernel.org>
Date: Wed, 3 May 2017 14:00:35 -0700
Subject: [PATCH] xen/mapcache: store dma information in revmapcache entries
for debugging
The Xen mapcache is able to create long term mappings, they are called
"locked" mappings. The third parameter of the xen_map_cache call
specifies if a mapping is a "locked" mapping.
>From the QEMU point of view there are two kinds of long term mappings:
[a] device memory mappings, such as option roms and video memory
[b] dma mappings, created by dma_memory_map & friends
After certain operations, ballooning a VM in particular, Xen asks QEMU
kindly to destroy all mappings. However, certainly [a] mappings are
present and cannot be removed. That's not a problem as they are not
affected by balloonning. The *real* problem is that if there are any
mappings of type [b], any outstanding dma operations could fail. This is
a known shortcoming. In other words, when Xen asks QEMU to destroy all
mappings, it is an error if any [b] mappings exist.
However today we have no way of distinguishing [a] from [b]. Because of
that, we cannot even print a decent warning.
This patch introduces a new "dma" bool field to MapCacheRev entires, to
remember if a given mapping is for dma or is a long term device memory
mapping. When xen_invalidate_map_cache is called, we print a warning if
any [b] mappings exist. We ignore [a] mappings.
Mappings created by qemu_map_ram_ptr are assumed to be [a], while
mappings created by address_space_map->qemu_ram_ptr_length are assumed
to be [b].
The goal of the patch is to make debugging and system understanding
easier.
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Acked-by: Anthony PERARD <anthony.perard@citrix.com>
(cherry picked from commit 1ff7c5986a515d2d936eba026ff19947bbc7cb92)
[BR: infrastructure (and otherwise useful) for BSC#1048902]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
exec.c | 8 ++++----
include/sysemu/xen-mapcache.h | 5 +++--
xen-mapcache.c | 15 ++++++++++-----
3 files changed, 17 insertions(+), 11 deletions(-)
diff --git a/exec.c b/exec.c
index 1de9107b61..8f45b902e4 100644
--- a/exec.c
+++ b/exec.c
@@ -2012,10 +2012,10 @@ void *qemu_map_ram_ptr(RAMBlock *ram_block, ram_addr_t addr)
* In that case just map until the end of the page.
*/
if (block->offset == 0) {
- return xen_map_cache(addr, 0, 0);
+ return xen_map_cache(addr, 0, 0, false);
}
- block->host = xen_map_cache(block->offset, block->max_length, 1);
+ block->host = xen_map_cache(block->offset, block->max_length, 1, false);
}
return ramblock_ptr(block, addr);
}
@@ -2045,10 +2045,10 @@ static void *qemu_ram_ptr_length(RAMBlock *ram_block, ram_addr_t addr,
* In that case just map the requested area.
*/
if (block->offset == 0) {
- return xen_map_cache(addr, *size, 1);
+ return xen_map_cache(addr, *size, 1, true);
}
- block->host = xen_map_cache(block->offset, block->max_length, 1);
+ block->host = xen_map_cache(block->offset, block->max_length, 1, true);
}
return ramblock_ptr(block, addr);
diff --git a/include/sysemu/xen-mapcache.h b/include/sysemu/xen-mapcache.h
index b8c93b9bce..01daaad00c 100644
--- a/include/sysemu/xen-mapcache.h
+++ b/include/sysemu/xen-mapcache.h
@@ -17,7 +17,7 @@ typedef hwaddr (*phys_offset_to_gaddr_t)(hwaddr start_addr,
void xen_map_cache_init(phys_offset_to_gaddr_t f,
void *opaque);
uint8_t *xen_map_cache(hwaddr phys_addr, hwaddr size,
- uint8_t lock);
+ uint8_t lock, bool dma);
ram_addr_t xen_ram_addr_from_mapcache(void *ptr);
void xen_invalidate_map_cache_entry(uint8_t *buffer);
void xen_invalidate_map_cache(void);
@@ -31,7 +31,8 @@ static inline void xen_map_cache_init(phys_offset_to_gaddr_t f,
static inline uint8_t *xen_map_cache(hwaddr phys_addr,
hwaddr size,
- uint8_t lock)
+ uint8_t lock,
+ bool dma)
{
abort();
}
diff --git a/xen-mapcache.c b/xen-mapcache.c
index 1a96d2e5db..8335266698 100644
--- a/xen-mapcache.c
+++ b/xen-mapcache.c
@@ -62,6 +62,7 @@ typedef struct MapCacheRev {
hwaddr paddr_index;
hwaddr size;
QTAILQ_ENTRY(MapCacheRev) next;
+ bool dma;
} MapCacheRev;
typedef struct MapCache {
@@ -202,7 +203,7 @@ static void xen_remap_bucket(MapCacheEntry *entry,
}
static uint8_t *xen_map_cache_unlocked(hwaddr phys_addr, hwaddr size,
- uint8_t lock)
+ uint8_t lock, bool dma)
{
MapCacheEntry *entry, *pentry = NULL;
hwaddr address_index;
@@ -289,6 +290,7 @@ tryagain:
if (lock) {
MapCacheRev *reventry = g_malloc0(sizeof(MapCacheRev));
entry->lock++;
+ reventry->dma = dma;
reventry->vaddr_req = mapcache->last_entry->vaddr_base + address_offset;
reventry->paddr_index = mapcache->last_entry->paddr_index;
reventry->size = entry->size;
@@ -300,12 +302,12 @@ tryagain:
}
uint8_t *xen_map_cache(hwaddr phys_addr, hwaddr size,
- uint8_t lock)
+ uint8_t lock, bool dma)
{
uint8_t *p;
mapcache_lock();
- p = xen_map_cache_unlocked(phys_addr, size, lock);
+ p = xen_map_cache_unlocked(phys_addr, size, lock, dma);
mapcache_unlock();
return p;
}
@@ -426,8 +428,11 @@ void xen_invalidate_map_cache(void)
mapcache_lock();
QTAILQ_FOREACH(reventry, &mapcache->locked_entries, next) {
- DPRINTF("There should be no locked mappings at this time, "
- "but "TARGET_FMT_plx" -> %p is present\n",
+ if (!reventry->dma) {
+ continue;
+ }
+ fprintf(stderr, "Locked DMA mapping while invalidating mapcache!"
+ " "TARGET_FMT_plx" -> %p is present\n",
reventry->paddr_index, reventry->vaddr_req);
}

View File

@ -1,84 +0,0 @@
From 9ca38f9940fd21f0a24f5a5bfac69f81561096f9 Mon Sep 17 00:00:00 2001
From: Anthony PERARD <anthony.perard@citrix.com>
Date: Wed, 26 Jul 2017 17:53:26 +0100
Subject: [PATCH] exec: Add lock parameter to qemu_ram_ptr_length
Commit 04bf2526ce87f21b32c9acba1c5518708c243ad0 (exec: use
qemu_ram_ptr_length to access guest ram) start using qemu_ram_ptr_length
instead of qemu_map_ram_ptr, but when used with Xen, the behavior of
both function is different. They both call xen_map_cache, but one with
"lock", meaning the mapping of guest memory is never released
implicitly, and the second one without, which means, mapping can be
release later, when needed.
In the context of address_space_{read,write}_continue, the ptr to those
mapping should not be locked because it is used immediatly and never
used again.
The lock parameter make it explicit in which context qemu_ram_ptr_length
is called.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Message-Id: <20170726165326.10327-1-anthony.perard@citrix.com>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit f5aa69bdc3418773f26747ca282c291519626ece)
[BR: infrastructure for BSC#1048902]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
exec.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/exec.c b/exec.c
index 8f45b902e4..9ef33e4f65 100644
--- a/exec.c
+++ b/exec.c
@@ -2026,7 +2026,7 @@ void *qemu_map_ram_ptr(RAMBlock *ram_block, ram_addr_t addr)
* Called within RCU critical section.
*/
static void *qemu_ram_ptr_length(RAMBlock *ram_block, ram_addr_t addr,
- hwaddr *size)
+ hwaddr *size, bool lock)
{
RAMBlock *block = ram_block;
if (*size == 0) {
@@ -2045,10 +2045,10 @@ static void *qemu_ram_ptr_length(RAMBlock *ram_block, ram_addr_t addr,
* In that case just map the requested area.
*/
if (block->offset == 0) {
- return xen_map_cache(addr, *size, 1, true);
+ return xen_map_cache(addr, *size, lock, lock);
}
- block->host = xen_map_cache(block->offset, block->max_length, 1, true);
+ block->host = xen_map_cache(block->offset, block->max_length, 1, lock);
}
return ramblock_ptr(block, addr);
@@ -2767,7 +2767,7 @@ static MemTxResult address_space_write_continue(AddressSpace *as, hwaddr addr,
}
} else {
/* RAM case */
- ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l);
+ ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l, false);
memcpy(ptr, buf, l);
invalidate_and_set_dirty(mr, addr1, l);
}
@@ -2858,7 +2858,7 @@ MemTxResult address_space_read_continue(AddressSpace *as, hwaddr addr,
}
} else {
/* RAM case */
- ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l);
+ ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l, false);
memcpy(buf, ptr, l);
}
@@ -3169,7 +3169,7 @@ void *address_space_map(AddressSpace *as,
memory_region_ref(mr);
*plen = address_space_extend_translation(as, addr, len, mr, xlat, l, is_write);
- ptr = qemu_ram_ptr_length(mr->ram_block, xlat, plen);
+ ptr = qemu_ram_ptr_length(mr->ram_block, xlat, plen, true);
rcu_read_unlock();
return ptr;

View File

@ -1,279 +0,0 @@
From 01bf5bb9169ef8963930c47a5c097ecaa2e94031 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Wed, 28 Jun 2017 13:44:52 -0700
Subject: [PATCH] Replace 'struct ucontext' with 'ucontext_t' type
glibc used to have:
typedef struct ucontext { ... } ucontext_t;
glibc now has:
typedef struct ucontext_t { ... } ucontext_t;
(See https://sourceware.org/bugzilla/show_bug.cgi?id=21457
for detail and rationale for the glibc change)
However, QEMU used "struct ucontext" in declarations. This is a
private name and compatibility cannot be guaranteed. Switch to
only using the standardized type name.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Message-id: 20170628204452.41230-1-raj.khem@gmail.com
Cc: Kamil Rytarowski <kamil@netbsd.org>
Cc: Riku Voipio <riku.voipio@iki.fi>
Cc: Laurent Vivier <laurent@vivier.eu>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[PMM: Rewrote commit message, based mostly on the one from
Nathaniel McCallum]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
(cherry picked from commit 04b33e21866412689f18b7ad6daf0a54d8f959a7)
[BR: BOO#1055587]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
linux-user/host/aarch64/hostdep.h | 2 +-
linux-user/host/arm/hostdep.h | 2 +-
linux-user/host/i386/hostdep.h | 2 +-
linux-user/host/ppc64/hostdep.h | 2 +-
linux-user/host/s390x/hostdep.h | 2 +-
linux-user/host/x86_64/hostdep.h | 2 +-
linux-user/signal.c | 10 +++++-----
tests/tcg/test-i386.c | 4 ++--
user-exec.c | 18 +++++++++---------
9 files changed, 22 insertions(+), 22 deletions(-)
diff --git a/linux-user/host/aarch64/hostdep.h b/linux-user/host/aarch64/hostdep.h
index 64f75cef49..a8d41a21ad 100644
--- a/linux-user/host/aarch64/hostdep.h
+++ b/linux-user/host/aarch64/hostdep.h
@@ -24,7 +24,7 @@ extern char safe_syscall_end[];
/* Adjust the signal context to rewind out of safe-syscall if we're in it */
static inline void rewind_if_in_safe_syscall(void *puc)
{
- struct ucontext *uc = puc;
+ ucontext_t *uc = puc;
__u64 *pcreg = &uc->uc_mcontext.pc;
if (*pcreg > (uintptr_t)safe_syscall_start
diff --git a/linux-user/host/arm/hostdep.h b/linux-user/host/arm/hostdep.h
index 5c1ae60120..9276fe6ceb 100644
--- a/linux-user/host/arm/hostdep.h
+++ b/linux-user/host/arm/hostdep.h
@@ -24,7 +24,7 @@ extern char safe_syscall_end[];
/* Adjust the signal context to rewind out of safe-syscall if we're in it */
static inline void rewind_if_in_safe_syscall(void *puc)
{
- struct ucontext *uc = puc;
+ ucontext_t *uc = puc;
unsigned long *pcreg = &uc->uc_mcontext.arm_pc;
if (*pcreg > (uintptr_t)safe_syscall_start
diff --git a/linux-user/host/i386/hostdep.h b/linux-user/host/i386/hostdep.h
index d834bd80ea..073be74d87 100644
--- a/linux-user/host/i386/hostdep.h
+++ b/linux-user/host/i386/hostdep.h
@@ -24,7 +24,7 @@ extern char safe_syscall_end[];
/* Adjust the signal context to rewind out of safe-syscall if we're in it */
static inline void rewind_if_in_safe_syscall(void *puc)
{
- struct ucontext *uc = puc;
+ ucontext_t *uc = puc;
greg_t *pcreg = &uc->uc_mcontext.gregs[REG_EIP];
if (*pcreg > (uintptr_t)safe_syscall_start
diff --git a/linux-user/host/ppc64/hostdep.h b/linux-user/host/ppc64/hostdep.h
index 0b0f5f7821..98979ad917 100644
--- a/linux-user/host/ppc64/hostdep.h
+++ b/linux-user/host/ppc64/hostdep.h
@@ -24,7 +24,7 @@ extern char safe_syscall_end[];
/* Adjust the signal context to rewind out of safe-syscall if we're in it */
static inline void rewind_if_in_safe_syscall(void *puc)
{
- struct ucontext *uc = puc;
+ ucontext_t *uc = puc;
unsigned long *pcreg = &uc->uc_mcontext.gp_regs[PT_NIP];
if (*pcreg > (uintptr_t)safe_syscall_start
diff --git a/linux-user/host/s390x/hostdep.h b/linux-user/host/s390x/hostdep.h
index 6f9da9c608..4f0171f36f 100644
--- a/linux-user/host/s390x/hostdep.h
+++ b/linux-user/host/s390x/hostdep.h
@@ -24,7 +24,7 @@ extern char safe_syscall_end[];
/* Adjust the signal context to rewind out of safe-syscall if we're in it */
static inline void rewind_if_in_safe_syscall(void *puc)
{
- struct ucontext *uc = puc;
+ ucontext_t *uc = puc;
unsigned long *pcreg = &uc->uc_mcontext.psw.addr;
if (*pcreg > (uintptr_t)safe_syscall_start
diff --git a/linux-user/host/x86_64/hostdep.h b/linux-user/host/x86_64/hostdep.h
index 3b4259633e..a4fefb5114 100644
--- a/linux-user/host/x86_64/hostdep.h
+++ b/linux-user/host/x86_64/hostdep.h
@@ -24,7 +24,7 @@ extern char safe_syscall_end[];
/* Adjust the signal context to rewind out of safe-syscall if we're in it */
static inline void rewind_if_in_safe_syscall(void *puc)
{
- struct ucontext *uc = puc;
+ ucontext_t *uc = puc;
greg_t *pcreg = &uc->uc_mcontext.gregs[REG_RIP];
if (*pcreg > (uintptr_t)safe_syscall_start
diff --git a/linux-user/signal.c b/linux-user/signal.c
index a11728f6e0..ca37b538cf 100644
--- a/linux-user/signal.c
+++ b/linux-user/signal.c
@@ -3352,7 +3352,7 @@ static void setup_rt_frame(int sig, struct target_sigaction *ka,
*
* a0 = signal number
* a1 = pointer to siginfo_t
- * a2 = pointer to struct ucontext
+ * a2 = pointer to ucontext_t
*
* $25 and PC point to the signal handler, $29 points to the
* struct sigframe.
@@ -3739,7 +3739,7 @@ struct target_signal_frame {
struct rt_signal_frame {
siginfo_t info;
- struct ucontext uc;
+ ucontext_t uc;
uint32_t tramp[2];
};
@@ -3955,7 +3955,7 @@ struct rt_signal_frame {
siginfo_t *pinfo;
void *puc;
siginfo_t info;
- struct ucontext uc;
+ ucontext_t uc;
uint16_t retcode[4]; /* Trampoline code. */
};
@@ -4490,7 +4490,7 @@ static void setup_rt_frame(int sig, struct target_sigaction *ka,
tswap_siginfo(&frame->info, info);
}
- /*err |= __clear_user(&frame->uc, offsetof(struct ucontext, uc_mcontext));*/
+ /*err |= __clear_user(&frame->uc, offsetof(ucontext_t, uc_mcontext));*/
__put_user(0, &frame->uc.tuc_flags);
__put_user(0, &frame->uc.tuc_link);
__put_user(target_sigaltstack_used.ss_sp,
@@ -4981,7 +4981,7 @@ enum {
struct target_ucontext {
target_ulong tuc_flags;
- target_ulong tuc_link; /* struct ucontext __user * */
+ target_ulong tuc_link; /* ucontext_t __user * */
struct target_sigaltstack tuc_stack;
#if !defined(TARGET_PPC64)
int32_t tuc_pad[7];
diff --git a/tests/tcg/test-i386.c b/tests/tcg/test-i386.c
index 0f7b943b0c..9599204895 100644
--- a/tests/tcg/test-i386.c
+++ b/tests/tcg/test-i386.c
@@ -1720,7 +1720,7 @@ int tab[2];
void sig_handler(int sig, siginfo_t *info, void *puc)
{
- struct ucontext *uc = puc;
+ ucontext_t *uc = puc;
printf("si_signo=%d si_errno=%d si_code=%d",
info->si_signo, info->si_errno, info->si_code);
@@ -1912,7 +1912,7 @@ void test_exceptions(void)
/* specific precise single step test */
void sig_trap_handler(int sig, siginfo_t *info, void *puc)
{
- struct ucontext *uc = puc;
+ ucontext_t *uc = puc;
printf("EIP=" FMTLX "\n", (long)uc->uc_mcontext.gregs[REG_EIP]);
}
diff --git a/user-exec.c b/user-exec.c
index c262653604..6225c4e1a8 100644
--- a/user-exec.c
+++ b/user-exec.c
@@ -171,7 +171,7 @@ int cpu_signal_handler(int host_signum, void *pinfo,
#elif defined(__OpenBSD__)
struct sigcontext *uc = puc;
#else
- struct ucontext *uc = puc;
+ ucontext_t *uc = puc;
#endif
unsigned long pc;
int trapno;
@@ -226,7 +226,7 @@ int cpu_signal_handler(int host_signum, void *pinfo,
#elif defined(__OpenBSD__)
struct sigcontext *uc = puc;
#else
- struct ucontext *uc = puc;
+ ucontext_t *uc = puc;
#endif
pc = PC_sig(uc);
@@ -293,7 +293,7 @@ int cpu_signal_handler(int host_signum, void *pinfo,
#if defined(__FreeBSD__) || defined(__FreeBSD_kernel__)
ucontext_t *uc = puc;
#else
- struct ucontext *uc = puc;
+ ucontext_t *uc = puc;
#endif
unsigned long pc;
int is_write;
@@ -320,7 +320,7 @@ int cpu_signal_handler(int host_signum, void *pinfo,
void *puc)
{
siginfo_t *info = pinfo;
- struct ucontext *uc = puc;
+ ucontext_t *uc = puc;
uint32_t *pc = uc->uc_mcontext.sc_pc;
uint32_t insn = *pc;
int is_write = 0;
@@ -418,7 +418,7 @@ int cpu_signal_handler(int host_signum, void *pinfo,
#if defined(__NetBSD__)
ucontext_t *uc = puc;
#else
- struct ucontext *uc = puc;
+ ucontext_t *uc = puc;
#endif
unsigned long pc;
int is_write;
@@ -445,7 +445,7 @@ int cpu_signal_handler(int host_signum, void *pinfo,
int cpu_signal_handler(int host_signum, void *pinfo, void *puc)
{
siginfo_t *info = pinfo;
- struct ucontext *uc = puc;
+ ucontext_t *uc = puc;
uintptr_t pc = uc->uc_mcontext.pc;
uint32_t insn = *(uint32_t *)pc;
bool is_write;
@@ -478,7 +478,7 @@ int cpu_signal_handler(int host_signum, void *pinfo, void *puc)
int cpu_signal_handler(int host_signum, void *pinfo, void *puc)
{
siginfo_t *info = pinfo;
- struct ucontext *uc = puc;
+ ucontext_t *uc = puc;
unsigned long ip;
int is_write = 0;
@@ -509,7 +509,7 @@ int cpu_signal_handler(int host_signum, void *pinfo,
void *puc)
{
siginfo_t *info = pinfo;
- struct ucontext *uc = puc;
+ ucontext_t *uc = puc;
unsigned long pc;
uint16_t *pinsn;
int is_write = 0;
@@ -562,7 +562,7 @@ int cpu_signal_handler(int host_signum, void *pinfo,
void *puc)
{
siginfo_t *info = pinfo;
- struct ucontext *uc = puc;
+ ucontext_t *uc = puc;
greg_t pc = uc->uc_mcontext.pc;
int is_write;

View File

@ -1,32 +0,0 @@
From 45f2265bfcbbf2afd7fac24372ae26e453f2b52d Mon Sep 17 00:00:00 2001
From: Michael Brown <mcb30@ipxe.org>
Date: Wed, 22 Mar 2017 11:52:09 +0200
Subject: [PATCH] [ath] Add missing break statements
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
src/drivers/net/ath/ath5k/ath5k_desc.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/drivers/net/ath/ath5k/ath5k_desc.c b/src/drivers/net/ath/ath5k/ath5k_desc.c
index 30fe1c77..816d26ed 100644
--- a/src/drivers/net/ath/ath5k/ath5k_desc.c
+++ b/src/drivers/net/ath/ath5k/ath5k_desc.c
@@ -104,10 +104,13 @@ ath5k_hw_setup_2word_tx_desc(struct ath5k_hw *ah, struct ath5k_desc *desc,
case AR5K_PKT_TYPE_BEACON:
case AR5K_PKT_TYPE_PROBE_RESP:
frame_type = AR5K_AR5210_TX_DESC_FRAME_TYPE_NO_DELAY;
+ break;
case AR5K_PKT_TYPE_PIFS:
frame_type = AR5K_AR5210_TX_DESC_FRAME_TYPE_PIFS;
+ break;
default:
frame_type = type /*<< 2 ?*/;
+ break;
}
tx_ctl->tx_control_0 |=
--
2.12.2

View File

@ -1,168 +0,0 @@
From 5f85cbb9ee1c00cec81a848a9e871ad5d1e7f53f Mon Sep 17 00:00:00 2001
From: Michael Brown <mcb30@ipxe.org>
Date: Wed, 29 Mar 2017 10:36:03 +0300
Subject: [PATCH] [build] Avoid implicit-fallthrough warnings on GCC 7
Reported-by: Vinson Lee <vlee@freedesktop.org>
Reported-by: Liang Yan <lyan@suse.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
[BR: BSC#1031340]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
src/arch/x86/image/bzimage.c | 2 ++
src/drivers/infiniband/golan.c | 1 +
src/drivers/net/ath/ath9k/ath9k_ar5008_phy.c | 2 ++
src/drivers/net/ath/ath9k/ath9k_ar9002_phy.c | 1 +
src/drivers/net/ath/ath9k/ath9k_ar9003_phy.c | 1 +
src/drivers/net/igbvf/igbvf_vf.c | 1 +
src/drivers/net/tg3/tg3_hw.c | 12 ++++++++++++
src/tests/setjmp_test.c | 5 +++--
8 files changed, 23 insertions(+), 2 deletions(-)
diff --git a/src/arch/x86/image/bzimage.c b/src/arch/x86/image/bzimage.c
index e3c4cb83..51498bf9 100644
--- a/src/arch/x86/image/bzimage.c
+++ b/src/arch/x86/image/bzimage.c
@@ -282,9 +282,11 @@ static int bzimage_parse_cmdline ( struct image *image,
case 'G':
case 'g':
bzimg->mem_limit <<= 10;
+ /* Fall through */
case 'M':
case 'm':
bzimg->mem_limit <<= 10;
+ /* Fall through */
case 'K':
case 'k':
bzimg->mem_limit <<= 10;
diff --git a/src/drivers/infiniband/golan.c b/src/drivers/infiniband/golan.c
index 30eaabab..61331d4c 100755
--- a/src/drivers/infiniband/golan.c
+++ b/src/drivers/infiniband/golan.c
@@ -1956,6 +1956,7 @@ static inline void golan_handle_port_event(struct golan *golan, struct golan_eqe
case GOLAN_PORT_CHANGE_SUBTYPE_CLIENT_REREG:
case GOLAN_PORT_CHANGE_SUBTYPE_ACTIVE:
golan_ib_update ( ibdev );
+ /* Fall through */
case GOLAN_PORT_CHANGE_SUBTYPE_DOWN:
case GOLAN_PORT_CHANGE_SUBTYPE_LID:
case GOLAN_PORT_CHANGE_SUBTYPE_PKEY:
diff --git a/src/drivers/net/ath/ath9k/ath9k_ar5008_phy.c b/src/drivers/net/ath/ath9k/ath9k_ar5008_phy.c
index 2b6c133c..a98e4bb6 100644
--- a/src/drivers/net/ath/ath9k/ath9k_ar5008_phy.c
+++ b/src/drivers/net/ath/ath9k/ath9k_ar5008_phy.c
@@ -640,12 +640,14 @@ static void ar5008_hw_init_chain_masks(struct ath_hw *ah)
case 0x5:
REG_SET_BIT(ah, AR_PHY_ANALOG_SWAP,
AR_PHY_SWAP_ALT_CHAIN);
+ /* Fall through */
case 0x3:
if (ah->hw_version.macVersion == AR_SREV_REVISION_5416_10) {
REG_WRITE(ah, AR_PHY_RX_CHAINMASK, 0x7);
REG_WRITE(ah, AR_PHY_CAL_CHAINMASK, 0x7);
break;
}
+ /* Fall through */
case 0x1:
case 0x2:
case 0x7:
diff --git a/src/drivers/net/ath/ath9k/ath9k_ar9002_phy.c b/src/drivers/net/ath/ath9k/ath9k_ar9002_phy.c
index 72203ba4..65cfad59 100644
--- a/src/drivers/net/ath/ath9k/ath9k_ar9002_phy.c
+++ b/src/drivers/net/ath/ath9k/ath9k_ar9002_phy.c
@@ -122,6 +122,7 @@ static int ar9002_hw_set_channel(struct ath_hw *ah, struct ath9k_channel *chan)
aModeRefSel = 2;
if (aModeRefSel)
break;
+ /* Fall through */
case 1:
default:
aModeRefSel = 0;
diff --git a/src/drivers/net/ath/ath9k/ath9k_ar9003_phy.c b/src/drivers/net/ath/ath9k/ath9k_ar9003_phy.c
index 2244b775..b66358b9 100644
--- a/src/drivers/net/ath/ath9k/ath9k_ar9003_phy.c
+++ b/src/drivers/net/ath/ath9k/ath9k_ar9003_phy.c
@@ -539,6 +539,7 @@ void ar9003_hw_set_chain_masks(struct ath_hw *ah, u8 rx, u8 tx)
case 0x5:
REG_SET_BIT(ah, AR_PHY_ANALOG_SWAP,
AR_PHY_SWAP_ALT_CHAIN);
+ /* Fall through */
case 0x3:
case 0x1:
case 0x2:
diff --git a/src/drivers/net/igbvf/igbvf_vf.c b/src/drivers/net/igbvf/igbvf_vf.c
index f2dac8be..f841d5e3 100644
--- a/src/drivers/net/igbvf/igbvf_vf.c
+++ b/src/drivers/net/igbvf/igbvf_vf.c
@@ -357,6 +357,7 @@ s32 igbvf_promisc_set_vf(struct e1000_hw *hw, enum e1000_promisc_type type)
break;
case e1000_promisc_enabled:
msgbuf |= E1000_VF_SET_PROMISC_MULTICAST;
+ /* Fall through */
case e1000_promisc_unicast:
msgbuf |= E1000_VF_SET_PROMISC_UNICAST;
case e1000_promisc_disabled:
diff --git a/src/drivers/net/tg3/tg3_hw.c b/src/drivers/net/tg3/tg3_hw.c
index 50353cf3..798f8519 100644
--- a/src/drivers/net/tg3/tg3_hw.c
+++ b/src/drivers/net/tg3/tg3_hw.c
@@ -2518,28 +2518,40 @@ static int tg3_reset_hw(struct tg3 *tp, int reset_phy)
switch (limit) {
case 16:
tw32(MAC_RCV_RULE_15, 0); tw32(MAC_RCV_VALUE_15, 0);
+ /* Fall through */
case 15:
tw32(MAC_RCV_RULE_14, 0); tw32(MAC_RCV_VALUE_14, 0);
+ /* Fall through */
case 14:
tw32(MAC_RCV_RULE_13, 0); tw32(MAC_RCV_VALUE_13, 0);
+ /* Fall through */
case 13:
tw32(MAC_RCV_RULE_12, 0); tw32(MAC_RCV_VALUE_12, 0);
+ /* Fall through */
case 12:
tw32(MAC_RCV_RULE_11, 0); tw32(MAC_RCV_VALUE_11, 0);
+ /* Fall through */
case 11:
tw32(MAC_RCV_RULE_10, 0); tw32(MAC_RCV_VALUE_10, 0);
+ /* Fall through */
case 10:
tw32(MAC_RCV_RULE_9, 0); tw32(MAC_RCV_VALUE_9, 0);
+ /* Fall through */
case 9:
tw32(MAC_RCV_RULE_8, 0); tw32(MAC_RCV_VALUE_8, 0);
+ /* Fall through */
case 8:
tw32(MAC_RCV_RULE_7, 0); tw32(MAC_RCV_VALUE_7, 0);
+ /* Fall through */
case 7:
tw32(MAC_RCV_RULE_6, 0); tw32(MAC_RCV_VALUE_6, 0);
+ /* Fall through */
case 6:
tw32(MAC_RCV_RULE_5, 0); tw32(MAC_RCV_VALUE_5, 0);
+ /* Fall through */
case 5:
tw32(MAC_RCV_RULE_4, 0); tw32(MAC_RCV_VALUE_4, 0);
+ /* Fall through */
case 4:
/* tw32(MAC_RCV_RULE_3, 0); tw32(MAC_RCV_VALUE_3, 0); */
case 3:
diff --git a/src/tests/setjmp_test.c b/src/tests/setjmp_test.c
index 50ad13f3..deafcee0 100644
--- a/src/tests/setjmp_test.c
+++ b/src/tests/setjmp_test.c
@@ -111,8 +111,9 @@ static void setjmp_return_ok ( struct setjmp_test *test, int value ) {
* @v file Test code file
* @v line Test code line
*/
-static void longjmp_okx ( struct setjmp_test *test, int value,
- const char *file, unsigned int line ) {
+static void __attribute__ (( noreturn ))
+longjmp_okx ( struct setjmp_test *test, int value,
+ const char *file, unsigned int line ) {
/* Record expected value. A zero passed to longjmp() should
* result in setjmp() returning a value of one.
--
2.12.2

View File

@ -1,79 +0,0 @@
From 08a98a925917dc2445d098c3ce9a2d2d8b8acda4 Mon Sep 17 00:00:00 2001
From: Michael Brown <mcb30@ipxe.org>
Date: Wed, 3 May 2017 13:01:11 +0100
Subject: [PATCH 2/2] [iscsi] Always send FirstBurstLength parameter
As of kernel 4.11, the LIO target will propose a value for
FirstBurstLength if the initiator did not do so. This is entirely
redundant in our case, since FirstBurstLength is defined by RFC 3720
to be
"Irrelevant when: ( InitialR2T=Yes and ImmediateData=No )"
and we already enforce both InitialR2T=Yes and ImmediateData=No in our
initial proposal. However, LIO (arguably correctly) complains when we
do not respond to its redundant proposal of an already-irrelevant
value.
Fix by always proposing the default value for FirstBurstLength.
Debugged-by: Patrick Seeburger <info@8bit.de>
Tested-by: Patrick Seeburger <info@8bit.de>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
[BR: BSC#1040476]
Signed-off-by: Liang Yan <lyan@suse.com>
---
src/net/tcp/iscsi.c | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/src/net/tcp/iscsi.c b/src/net/tcp/iscsi.c
index 6da8570c..aa30efda 100644
--- a/src/net/tcp/iscsi.c
+++ b/src/net/tcp/iscsi.c
@@ -434,12 +434,12 @@ static int iscsi_tx_data_out ( struct iscsi_session *iscsi ) {
*
* HeaderDigest=None
* DataDigest=None
- * MaxConnections is irrelevant; we make only one connection anyway [4]
+ * MaxConnections=1 (irrelevant; we make only one connection anyway) [4]
* InitialR2T=Yes [1]
- * ImmediateData is irrelevant; we never send immediate data [4]
+ * ImmediateData=No (irrelevant; we never send immediate data) [4]
* MaxRecvDataSegmentLength=8192 (default; we don't care) [3]
* MaxBurstLength=262144 (default; we don't care) [3]
- * FirstBurstLength=262144 (default; we don't care)
+ * FirstBurstLength=65536 (irrelevant due to other settings) [5]
* DefaultTime2Wait=0 [2]
* DefaultTime2Retain=0 [2]
* MaxOutstandingR2T=1
@@ -464,6 +464,11 @@ static int iscsi_tx_data_out ( struct iscsi_session *iscsi ) {
* these parameters, but some targets (notably a QNAP TS-639Pro) fail
* unless they are supplied, so we explicitly specify the default
* values.
+ *
+ * [5] FirstBurstLength is defined to be irrelevant since we already
+ * force InitialR2T=Yes and ImmediateData=No, but some targets
+ * (notably LIO as of kernel 4.11) fail unless it is specified, so we
+ * explicitly specify the default value.
*/
static int iscsi_build_login_request_strings ( struct iscsi_session *iscsi,
void *data, size_t len ) {
@@ -526,13 +531,14 @@ static int iscsi_build_login_request_strings ( struct iscsi_session *iscsi,
"ImmediateData=No%c"
"MaxRecvDataSegmentLength=8192%c"
"MaxBurstLength=262144%c"
+ "FirstBurstLength=65536%c"
"DefaultTime2Wait=0%c"
"DefaultTime2Retain=0%c"
"MaxOutstandingR2T=1%c"
"DataPDUInOrder=Yes%c"
"DataSequenceInOrder=Yes%c"
"ErrorRecoveryLevel=0%c",
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 );
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 );
}
return used;
--
2.13.0

View File

@ -1,28 +0,0 @@
From 28e26dd2503e6006fabb26f8c33050ba93a99623 Mon Sep 17 00:00:00 2001
From: Michael Brown <mcb30@ipxe.org>
Date: Wed, 29 Mar 2017 10:35:05 +0300
Subject: [PATCH] [mucurses] Fix erroneous __nonnull attribute
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
src/include/curses.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/include/curses.h b/src/include/curses.h
index 04060fe2..1f6fe029 100644
--- a/src/include/curses.h
+++ b/src/include/curses.h
@@ -443,7 +443,8 @@ extern int wborder ( WINDOW *, chtype, chtype, chtype, chtype, chtype, chtype,
extern int wclrtobot ( WINDOW * ) __nonnull;
extern int wclrtoeol ( WINDOW * ) __nonnull;
extern void wcursyncup ( WINDOW * );
-extern int wcolour_set ( WINDOW *, short, void * ) __nonnull;
+extern int wcolour_set ( WINDOW *, short, void * )
+ __attribute__ (( nonnull (1)));
#define wcolor_set(w,s,v) wcolour_set((w),(s),(v))
extern int wdelch ( WINDOW * ) __nonnull;
extern int wdeleteln ( WINDOW * ) __nonnull;
--
2.12.2

View File

@ -0,0 +1,95 @@
From 239e992583e342b3cca14e809c5ab9469d578072 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Mon, 24 Jul 2017 10:44:24 -0600
Subject: [PATCH] stub out the SAN req's in int13
---
src/arch/x86/interface/pcbios/int13.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/src/arch/x86/interface/pcbios/int13.c b/src/arch/x86/interface/pcbios/int13.c
index ca789a0d..bfbe4150 100644
--- a/src/arch/x86/interface/pcbios/int13.c
+++ b/src/arch/x86/interface/pcbios/int13.c
@@ -23,6 +23,8 @@
FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+#define INCLUDE_SAN_HOOKS 0
+
#include <stdint.h>
#include <stdlib.h>
#include <limits.h>
@@ -1243,6 +1245,7 @@ static void int13_unhook_vector ( void ) {
*/
static int int13_hook ( unsigned int drive, struct uri **uris,
unsigned int count, unsigned int flags ) {
+#if INCLUDE_SAN_HOOKS
struct san_device *sandev;
struct int13_data *int13;
unsigned int natural_drive;
@@ -1315,6 +1318,9 @@ static int int13_hook ( unsigned int drive, struct uri **uris,
sandev_put ( sandev );
err_alloc:
return rc;
+#else
+ return -1;
+#endif
}
/**
@@ -1328,6 +1334,7 @@ static int int13_hook ( unsigned int drive, struct uri **uris,
*/
static void int13_unhook ( unsigned int drive ) {
struct san_device *sandev;
+#if INCLUDE_SAN_HOOKS
/* Find drive */
sandev = sandev_find ( drive );
@@ -1353,6 +1360,7 @@ static void int13_unhook ( unsigned int drive ) {
/* Drop reference to drive */
sandev_put ( sandev );
+#endif
}
/**
@@ -1514,6 +1522,7 @@ static int int13_load_eltorito ( unsigned int drive, struct segoff *address ) {
* Note that this function can never return success, by definition.
*/
static int int13_boot ( unsigned int drive, const char *filename __unused ) {
+#if INCLUDE_SAN_HOOKS
struct memory_map memmap;
struct segoff address;
int rc;
@@ -1539,6 +1548,9 @@ static int int13_boot ( unsigned int drive, const char *filename __unused ) {
}
return -ECANCELED; /* -EIMPOSSIBLE */
+#else
+ return -1;
+#endif
}
/** Maximum size of boot firmware table(s) */
@@ -1605,6 +1617,7 @@ static int int13_install ( struct acpi_header *acpi ) {
* @ret rc Return status code
*/
static int int13_describe ( void ) {
+#if INCLUDE_SAN_HOOKS
int rc;
/* Clear tables */
@@ -1619,6 +1632,9 @@ static int int13_describe ( void ) {
}
return 0;
+#else
+ return -1;
+#endif
}
PROVIDE_SANBOOT ( pcbios, san_hook, int13_hook );
--
2.13.2

3
qemu-2.10.0.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:55d81ac987a4821d2744359c026d766459319ba9c013746570369068d93ff335
size 25040324

BIN
qemu-2.10.0.tar.xz.sig Normal file

Binary file not shown.

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f01cc33e3c5fd5fd2534ce14e369b6b111d7e54e4a4977f8c37eae668176b022
size 22830688

Binary file not shown.

View File

@ -1,3 +1,85 @@
-------------------------------------------------------------------
Wed Aug 30 19:52:36 UTC 2017 - brogers@suse.com
- Update to v2.10.0: See http://wiki.qemu.org/ChangeLog/2.10
- Dropped miscellaneous patches deemed unused and not worth carrying
* Patches renamed:
0006-qemu-cvs-gettimeofday.patch -> 0003-qemu-cvs-gettimeofday.patch
0007-qemu-cvs-ioctl_debug.patch -> 0004-qemu-cvs-ioctl_debug.patch
0008-qemu-cvs-ioctl_nodirection.patch -> 0005-qemu-cvs-ioctl_nodirection.patch
0009-linux-user-add-binfmt-wrapper-for-a.patch -> 0006-linux-user-add-binfmt-wrapper-for-a.patch
0010-PPC-KVM-Disable-mmu-notifier-check.patch -> 0007-PPC-KVM-Disable-mmu-notifier-check.patch
0011-linux-user-fix-segfault-deadlock.patch -> 0008-linux-user-fix-segfault-deadlock.patch
0012-linux-user-binfmt-support-host-bina.patch -> 0009-linux-user-binfmt-support-host-bina.patch
0013-linux-user-Fake-proc-cpuinfo.patch -> 0010-linux-user-Fake-proc-cpuinfo.patch
0014-linux-user-XXX-disable-fiemap.patch -> 0011-linux-user-XXX-disable-fiemap.patch
0017-linux-user-use-target_ulong.patch -> 0012-linux-user-use-target_ulong.patch
0021-console-add-question-mark-escape-op.patch -> 0013-console-add-question-mark-escape-op.patch
0022-Make-char-muxer-more-robust-wrt-sma.patch -> 0014-Make-char-muxer-more-robust-wrt-sma.patch
0023-linux-user-lseek-explicitly-cast-no.patch -> 0015-linux-user-lseek-explicitly-cast-no.patch
0025-AIO-Reduce-number-of-threads-for-32.patch -> 0016-AIO-Reduce-number-of-threads-for-32.patch
0027-xen_disk-Add-suse-specific-flush-di.patch -> 0017-xen_disk-Add-suse-specific-flush-di.patch
0028-qemu-bridge-helper-reduce-security-.patch -> 0018-qemu-bridge-helper-reduce-security-.patch
0029-qemu-binfmt-conf-use-qemu-ARCH-binf.patch -> 0019-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
0030-configure-Fix-detection-of-seccomp-.patch -> 0020-configure-Fix-detection-of-seccomp-.patch
0031-linux-user-properly-test-for-infini.patch -> 0021-linux-user-properly-test-for-infini.patch
0033-roms-Makefile-pass-a-packaging-time.patch -> 0022-roms-Makefile-pass-a-packaging-time.patch
0034-Raise-soft-address-space-limit-to-h.patch -> 0023-Raise-soft-address-space-limit-to-h.patch
0035-increase-x86_64-physical-bits-to-42.patch -> 0024-increase-x86_64-physical-bits-to-42.patch
0036-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch -> 0025-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
0037-i8254-Fix-migration-from-SLE11-SP2.patch -> 0026-i8254-Fix-migration-from-SLE11-SP2.patch
0038-acpi_piix4-Fix-migration-from-SLE11.patch -> 0027-acpi_piix4-Fix-migration-from-SLE11.patch
0039-Fix-tigervnc-long-press-issue.patch -> 0028-Fix-tigervnc-long-press-issue.patch
0041-string-input-visitor-Fix-uint64-par.patch -> 0029-string-input-visitor-Fix-uint64-par.patch
0042-test-string-input-visitor-Add-int-t.patch -> 0030-test-string-input-visitor-Add-int-t.patch
0043-test-string-input-visitor-Add-uint6.patch -> 0031-test-string-input-visitor-Add-uint6.patch
0044-tests-Add-QOM-property-unit-tests.patch -> 0032-tests-Add-QOM-property-unit-tests.patch
0045-tests-Add-scsi-disk-test.patch -> 0033-tests-Add-scsi-disk-test.patch
* Patches dropped (upstream unless otherwise noted):
0003-qemu-cvs-alsa_bitfield.patch (deemed not needed)
0004-qemu-cvs-alsa_ioctl.patch (deemed not needed)
0005-qemu-cvs-alsa_mmap.patch (deemed not needed)
0015-slirp-nooutgoing.patch (bsc#1055125)
0016-vnc-password-file-and-incoming-conn.patch (bsc#1055127)
0018-block-Add-support-for-DictZip-enabl.patch (bsc#1046783)
0019-block-Add-tar-container-format.patch (bsc#1046783)
0020-Legacy-Patch-kvm-qemu-preXX-dictzip.patch (bsc#1046783)
0024-configure-Enable-PIE-for-ppc-and-pp.patch (obsolete)
0026-dictzip-Fix-on-big-endian-systems.patch (bsc#1046783)
0032-linux-user-remove-all-traces-of-qem.patch
0040-fix-xen-hvm-direct-kernel-boot.patch (bsc#970791)
0046-RFC-update-Linux-headers-from-irqs-.patch
0047-ARM-KVM-Enable-in-kernel-timers-wit.patch
0048-input-Add-trace-event-for-empty-key.patch
0049-ACPI-don-t-call-acpi_pcihp_device_p.patch
0050-i386-Allow-cpuid-bit-override.patch (was for testing only)
0051-input-limit-kbd-queue-depth.patch
0052-audio-release-capture-buffers.patch
0053-scsi-avoid-an-off-by-one-error-in-m.patch
0054-vmw_pvscsi-check-message-ring-page-.patch
0055-9pfs-local-forbid-client-access-to-.patch
0056-jazz_led-fix-bad-snprintf.patch
0057-slirp-smb-Replace-constant-strings-.patch
0058-altera_timer-fix-incorrect-memset.patch
0059-Hacks-for-building-on-gcc-7-Fedora-.patch
0060-9pfs-local-fix-unlink-of-alien-file.patch
0061-megasas-do-not-read-DCMD-opcode-mor.patch
0062-megasas-always-store-SCSIRequest-in.patch
0063-nbd-Fully-initialize-client-in-case.patch
0064-9pfs-local-remove-use-correct-path-.patch
0065-hid-Reset-kbd-modifiers-on-reset.patch
0066-input-Decrement-queue-count-on-kbd-.patch
0067-xhci-only-update-dequeue-ptr-on-com.patch
0068-vnc-Set-default-kbd-delay-to-10ms.patch
0069-qemu-nbd-Ignore-SIGPIPE.patch
0070-usb-redir-fix-stack-overflow-in-usb.patch
0072-slirp-check-len-against-dhcp-option.patch
0071-exec-use-qemu_ram_ptr_length-to-acc.patch
0073-xen-mapcache-store-dma-information-.patch
0074-exec-Add-lock-parameter-to-qemu_ram.patch
0075-Replace-struct-ucontext-with-uconte.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.10
-------------------------------------------------------------------
Thu Aug 24 18:52:43 UTC 2017 - brogers@suse.com

View File

@ -21,86 +21,44 @@ Url: http://www.qemu.org/
Summary: Universal CPU emulator
License: BSD-3-Clause and GPL-2.0 and GPL-2.0+ and LGPL-2.1+ and MIT
Group: System/Emulators/PC
Version: 2.9.0
Version: 2.10.0
Release: 0
Source: qemu-2.9.0.tar.xz
Source: qemu-2.10.0.tar.xz
# Upstream First -- http://wiki.qemu-project.org/Contribute/SubmitAPatch
# This patch queue is auto-generated from https://github.com/openSUSE/qemu
Patch0001: 0001-XXX-dont-dump-core-on-sigabort.patch
Patch0002: 0002-qemu-binfmt-conf-Modify-default-pat.patch
Patch0003: 0003-qemu-cvs-alsa_bitfield.patch
Patch0004: 0004-qemu-cvs-alsa_ioctl.patch
Patch0005: 0005-qemu-cvs-alsa_mmap.patch
Patch0006: 0006-qemu-cvs-gettimeofday.patch
Patch0007: 0007-qemu-cvs-ioctl_debug.patch
Patch0008: 0008-qemu-cvs-ioctl_nodirection.patch
Patch0009: 0009-linux-user-add-binfmt-wrapper-for-a.patch
Patch0010: 0010-PPC-KVM-Disable-mmu-notifier-check.patch
Patch0011: 0011-linux-user-fix-segfault-deadlock.patch
Patch0012: 0012-linux-user-binfmt-support-host-bina.patch
Patch0013: 0013-linux-user-Fake-proc-cpuinfo.patch
Patch0014: 0014-linux-user-XXX-disable-fiemap.patch
Patch0015: 0015-slirp-nooutgoing.patch
Patch0016: 0016-vnc-password-file-and-incoming-conn.patch
Patch0017: 0017-linux-user-use-target_ulong.patch
Patch0018: 0018-block-Add-support-for-DictZip-enabl.patch
Patch0019: 0019-block-Add-tar-container-format.patch
Patch0020: 0020-Legacy-Patch-kvm-qemu-preXX-dictzip.patch
Patch0021: 0021-console-add-question-mark-escape-op.patch
Patch0022: 0022-Make-char-muxer-more-robust-wrt-sma.patch
Patch0023: 0023-linux-user-lseek-explicitly-cast-no.patch
Patch0024: 0024-configure-Enable-PIE-for-ppc-and-pp.patch
Patch0025: 0025-AIO-Reduce-number-of-threads-for-32.patch
Patch0026: 0026-dictzip-Fix-on-big-endian-systems.patch
Patch0027: 0027-xen_disk-Add-suse-specific-flush-di.patch
Patch0028: 0028-qemu-bridge-helper-reduce-security-.patch
Patch0029: 0029-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
Patch0030: 0030-configure-Fix-detection-of-seccomp-.patch
Patch0031: 0031-linux-user-properly-test-for-infini.patch
Patch0032: 0032-linux-user-remove-all-traces-of-qem.patch
Patch0033: 0033-roms-Makefile-pass-a-packaging-time.patch
Patch0034: 0034-Raise-soft-address-space-limit-to-h.patch
Patch0035: 0035-increase-x86_64-physical-bits-to-42.patch
Patch0036: 0036-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
Patch0037: 0037-i8254-Fix-migration-from-SLE11-SP2.patch
Patch0038: 0038-acpi_piix4-Fix-migration-from-SLE11.patch
Patch0039: 0039-Fix-tigervnc-long-press-issue.patch
Patch0040: 0040-fix-xen-hvm-direct-kernel-boot.patch
Patch0041: 0041-string-input-visitor-Fix-uint64-par.patch
Patch0042: 0042-test-string-input-visitor-Add-int-t.patch
Patch0043: 0043-test-string-input-visitor-Add-uint6.patch
Patch0044: 0044-tests-Add-QOM-property-unit-tests.patch
Patch0045: 0045-tests-Add-scsi-disk-test.patch
Patch0046: 0046-RFC-update-Linux-headers-from-irqs-.patch
Patch0047: 0047-ARM-KVM-Enable-in-kernel-timers-wit.patch
Patch0048: 0048-input-Add-trace-event-for-empty-key.patch
Patch0049: 0049-ACPI-don-t-call-acpi_pcihp_device_p.patch
Patch0050: 0050-i386-Allow-cpuid-bit-override.patch
Patch0051: 0051-input-limit-kbd-queue-depth.patch
Patch0052: 0052-audio-release-capture-buffers.patch
Patch0053: 0053-scsi-avoid-an-off-by-one-error-in-m.patch
Patch0054: 0054-vmw_pvscsi-check-message-ring-page-.patch
Patch0055: 0055-9pfs-local-forbid-client-access-to-.patch
Patch0056: 0056-jazz_led-fix-bad-snprintf.patch
Patch0057: 0057-slirp-smb-Replace-constant-strings-.patch
Patch0058: 0058-altera_timer-fix-incorrect-memset.patch
Patch0059: 0059-Hacks-for-building-on-gcc-7-Fedora-.patch
Patch0060: 0060-9pfs-local-fix-unlink-of-alien-file.patch
Patch0061: 0061-megasas-do-not-read-DCMD-opcode-mor.patch
Patch0062: 0062-megasas-always-store-SCSIRequest-in.patch
Patch0063: 0063-nbd-Fully-initialize-client-in-case.patch
Patch0064: 0064-9pfs-local-remove-use-correct-path-.patch
Patch0065: 0065-hid-Reset-kbd-modifiers-on-reset.patch
Patch0066: 0066-input-Decrement-queue-count-on-kbd-.patch
Patch0067: 0067-xhci-only-update-dequeue-ptr-on-com.patch
Patch0068: 0068-vnc-Set-default-kbd-delay-to-10ms.patch
Patch0069: 0069-qemu-nbd-Ignore-SIGPIPE.patch
Patch0070: 0070-usb-redir-fix-stack-overflow-in-usb.patch
Patch0071: 0071-exec-use-qemu_ram_ptr_length-to-acc.patch
Patch0072: 0072-slirp-check-len-against-dhcp-option.patch
Patch0073: 0073-xen-mapcache-store-dma-information-.patch
Patch0074: 0074-exec-Add-lock-parameter-to-qemu_ram.patch
Patch0075: 0075-Replace-struct-ucontext-with-uconte.patch
Patch0003: 0003-qemu-cvs-gettimeofday.patch
Patch0004: 0004-qemu-cvs-ioctl_debug.patch
Patch0005: 0005-qemu-cvs-ioctl_nodirection.patch
Patch0006: 0006-linux-user-add-binfmt-wrapper-for-a.patch
Patch0007: 0007-PPC-KVM-Disable-mmu-notifier-check.patch
Patch0008: 0008-linux-user-fix-segfault-deadlock.patch
Patch0009: 0009-linux-user-binfmt-support-host-bina.patch
Patch0010: 0010-linux-user-Fake-proc-cpuinfo.patch
Patch0011: 0011-linux-user-XXX-disable-fiemap.patch
Patch0012: 0012-linux-user-use-target_ulong.patch
Patch0013: 0013-console-add-question-mark-escape-op.patch
Patch0014: 0014-Make-char-muxer-more-robust-wrt-sma.patch
Patch0015: 0015-linux-user-lseek-explicitly-cast-no.patch
Patch0016: 0016-AIO-Reduce-number-of-threads-for-32.patch
Patch0017: 0017-xen_disk-Add-suse-specific-flush-di.patch
Patch0018: 0018-qemu-bridge-helper-reduce-security-.patch
Patch0019: 0019-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
Patch0020: 0020-configure-Fix-detection-of-seccomp-.patch
Patch0021: 0021-linux-user-properly-test-for-infini.patch
Patch0022: 0022-roms-Makefile-pass-a-packaging-time.patch
Patch0023: 0023-Raise-soft-address-space-limit-to-h.patch
Patch0024: 0024-increase-x86_64-physical-bits-to-42.patch
Patch0025: 0025-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
Patch0026: 0026-i8254-Fix-migration-from-SLE11-SP2.patch
Patch0027: 0027-acpi_piix4-Fix-migration-from-SLE11.patch
Patch0028: 0028-Fix-tigervnc-long-press-issue.patch
Patch0029: 0029-string-input-visitor-Fix-uint64-par.patch
Patch0030: 0030-test-string-input-visitor-Add-int-t.patch
Patch0031: 0031-test-string-input-visitor-Add-uint6.patch
Patch0032: 0032-tests-Add-QOM-property-unit-tests.patch
Patch0033: 0033-tests-Add-scsi-disk-test.patch
# Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue.
Source400: update_git.sh
@ -153,7 +111,7 @@ emulations. This can be used together with the OBS build script to
run cross-architecture builds.
%prep
%setup -q -n qemu-2.9.0
%setup -q -n qemu-2.10.0
%patch0001 -p1
%patch0002 -p1
%patch0003 -p1
@ -187,48 +145,6 @@ run cross-architecture builds.
%patch0031 -p1
%patch0032 -p1
%patch0033 -p1
%patch0034 -p1
%patch0035 -p1
%patch0036 -p1
%patch0037 -p1
%patch0038 -p1
%patch0039 -p1
%patch0040 -p1
%patch0041 -p1
%patch0042 -p1
%patch0043 -p1
%patch0044 -p1
%patch0045 -p1
%patch0046 -p1
%patch0047 -p1
%patch0048 -p1
%patch0049 -p1
%patch0050 -p1
%patch0051 -p1
%patch0052 -p1
%patch0053 -p1
%patch0054 -p1
%patch0055 -p1
%patch0056 -p1
%patch0057 -p1
%patch0058 -p1
%patch0059 -p1
%patch0060 -p1
%patch0061 -p1
%patch0062 -p1
%patch0063 -p1
%patch0064 -p1
%patch0065 -p1
%patch0066 -p1
%patch0067 -p1
%patch0068 -p1
%patch0069 -p1
%patch0070 -p1
%patch0071 -p1
%patch0072 -p1
%patch0073 -p1
%patch0074 -p1
%patch0075 -p1
%build
./configure \

View File

@ -23,7 +23,7 @@ License: BSD-3-Clause and GPL-2.0 and GPL-2.0+ and LGPL-2.1+ and MIT
Group: System/Emulators/PC
QEMU_VERSION
Release: 0
Source: qemu-2.9.0.tar.xz
Source: qemu-2.10.0.tar.xz
# Upstream First -- http://wiki.qemu-project.org/Contribute/SubmitAPatch
# This patch queue is auto-generated from https://github.com/openSUSE/qemu
PATCH_FILES
@ -79,7 +79,7 @@ emulations. This can be used together with the OBS build script to
run cross-architecture builds.
%prep
%setup -q -n qemu-2.9.0
%setup -q -n qemu-2.10.0
PATCH_EXEC
%build

View File

@ -1,3 +1,97 @@
-------------------------------------------------------------------
Wed Aug 30 19:52:26 UTC 2017 - brogers@suse.com
- Update to v2.10.0: See http://wiki.qemu.org/ChangeLog/2.10
- Dropped internal only patches used to support SUSE Studio
Testdrive as well as other miscellaneous patches deemed unused
and not worth carrying (bsc#1046783, bsc#1055125, bsc#1055127)
- Update SLE support statements in anticipation of SLE15
- disable SAN boot capability from virtio pxe rom used in v1.4 and
older pc machine types due to rom size requirements. Hopefully
a better solution can be found which doesn't impact functionality
* Patches added:
ipxe-stub-out-the-SAN-req-s-in-int13.patch
* Patches renamed:
0006-qemu-cvs-gettimeofday.patch -> 0003-qemu-cvs-gettimeofday.patch
0007-qemu-cvs-ioctl_debug.patch -> 0004-qemu-cvs-ioctl_debug.patch
0008-qemu-cvs-ioctl_nodirection.patch -> 0005-qemu-cvs-ioctl_nodirection.patch
0009-linux-user-add-binfmt-wrapper-for-a.patch -> 0006-linux-user-add-binfmt-wrapper-for-a.patch
0010-PPC-KVM-Disable-mmu-notifier-check.patch -> 0007-PPC-KVM-Disable-mmu-notifier-check.patch
0011-linux-user-fix-segfault-deadlock.patch -> 0008-linux-user-fix-segfault-deadlock.patch
0012-linux-user-binfmt-support-host-bina.patch -> 0009-linux-user-binfmt-support-host-bina.patch
0013-linux-user-Fake-proc-cpuinfo.patch -> 0010-linux-user-Fake-proc-cpuinfo.patch
0014-linux-user-XXX-disable-fiemap.patch -> 0011-linux-user-XXX-disable-fiemap.patch
0017-linux-user-use-target_ulong.patch -> 0012-linux-user-use-target_ulong.patch
0021-console-add-question-mark-escape-op.patch -> 0013-console-add-question-mark-escape-op.patch
0022-Make-char-muxer-more-robust-wrt-sma.patch -> 0014-Make-char-muxer-more-robust-wrt-sma.patch
0023-linux-user-lseek-explicitly-cast-no.patch -> 0015-linux-user-lseek-explicitly-cast-no.patch
0025-AIO-Reduce-number-of-threads-for-32.patch -> 0016-AIO-Reduce-number-of-threads-for-32.patch
0027-xen_disk-Add-suse-specific-flush-di.patch -> 0017-xen_disk-Add-suse-specific-flush-di.patch
0028-qemu-bridge-helper-reduce-security-.patch -> 0018-qemu-bridge-helper-reduce-security-.patch
0029-qemu-binfmt-conf-use-qemu-ARCH-binf.patch -> 0019-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
0030-configure-Fix-detection-of-seccomp-.patch -> 0020-configure-Fix-detection-of-seccomp-.patch
0031-linux-user-properly-test-for-infini.patch -> 0020-linux-user-properly-test-for-infini.patch
0033-roms-Makefile-pass-a-packaging-time.patch -> 0022-roms-Makefile-pass-a-packaging-time.patch
0034-Raise-soft-address-space-limit-to-h.patch -> 0023-Raise-soft-address-space-limit-to-h.patch
0035-increase-x86_64-physical-bits-to-42.patch -> 0024-increase-x86_64-physical-bits-to-42.patch
0036-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch -> 0025-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
0037-i8254-Fix-migration-from-SLE11-SP2.patch -> 0026-i8254-Fix-migration-from-SLE11-SP2.patch
0038-acpi_piix4-Fix-migration-from-SLE11.patch -> 0027-acpi_piix4-Fix-migration-from-SLE11.patch
0039-Fix-tigervnc-long-press-issue.patch -> 0028-Fix-tigervnc-long-press-issue.patch
0041-string-input-visitor-Fix-uint64-par.patch -> 0029-string-input-visitor-Fix-uint64-par.patch
0042-test-string-input-visitor-Add-int-t.patch -> 0030-test-string-input-visitor-Add-int-t.patch
0043-test-string-input-visitor-Add-uint6.patch -> 0031-test-string-input-visitor-Add-uint6.patch
0044-tests-Add-QOM-property-unit-tests.patch -> 0032-tests-Add-QOM-property-unit-tests.patch
0045-tests-Add-scsi-disk-test.patch -> 0033-tests-Add-scsi-disk-test.patch
* Patches dropped (upstream unless otherwise noted):
0003-qemu-cvs-alsa_bitfield.patch (deemed not needed)
0004-qemu-cvs-alsa_ioctl.patch (deemed not needed)
0005-qemu-cvs-alsa_mmap.patch (deemed not needed)
0015-slirp-nooutgoing.patch (bsc#1055125)
0016-vnc-password-file-and-incoming-conn.patch (bsc#1055127)
0018-block-Add-support-for-DictZip-enabl.patch (bsc#1046783)
0019-block-Add-tar-container-format.patch (bsc#1046783)
0020-Legacy-Patch-kvm-qemu-preXX-dictzip.patch (bsc#1046783)
0024-configure-Enable-PIE-for-ppc-and-pp.patch (obsolete)
0026-dictzip-Fix-on-big-endian-systems.patch (bsc#1046783)
0032-linux-user-remove-all-traces-of-qem.patch
0040-fix-xen-hvm-direct-kernel-boot.patch (bsc#970791)
0046-RFC-update-Linux-headers-from-irqs-.patch
0047-ARM-KVM-Enable-in-kernel-timers-wit.patch
0048-input-Add-trace-event-for-empty-key.patch
0049-ACPI-don-t-call-acpi_pcihp_device_p.patch
0050-i386-Allow-cpuid-bit-override.patch (was for testing only)
0051-input-limit-kbd-queue-depth.patch
0052-audio-release-capture-buffers.patch
0053-scsi-avoid-an-off-by-one-error-in-m.patch
0054-vmw_pvscsi-check-message-ring-page-.patch
0055-9pfs-local-forbid-client-access-to-.patch
0056-jazz_led-fix-bad-snprintf.patch
0057-slirp-smb-Replace-constant-strings-.patch
0058-altera_timer-fix-incorrect-memset.patch
0059-Hacks-for-building-on-gcc-7-Fedora-.patch
0060-9pfs-local-fix-unlink-of-alien-file.patch
0061-megasas-do-not-read-DCMD-opcode-mor.patch
0062-megasas-always-store-SCSIRequest-in.patch
0063-nbd-Fully-initialize-client-in-case.patch
0064-9pfs-local-remove-use-correct-path-.patch
0065-hid-Reset-kbd-modifiers-on-reset.patch
0066-input-Decrement-queue-count-on-kbd-.patch
0067-xhci-only-update-dequeue-ptr-on-com.patch
0068-vnc-Set-default-kbd-delay-to-10ms.patch
0069-qemu-nbd-Ignore-SIGPIPE.patch
0070-usb-redir-fix-stack-overflow-in-usb.patch
0072-slirp-check-len-against-dhcp-option.patch
0071-exec-use-qemu_ram_ptr_length-to-acc.patch
0073-xen-mapcache-store-dma-information-.patch
0074-exec-Add-lock-parameter-to-qemu_ram.patch
0075-Replace-struct-ucontext-with-uconte.patch
ipxe-build-Avoid-implicit-fallthrough-warnings-on-GCC-7.patch
ipxe-iscsi-Always-send-FirstBurstLength-parameter.patch
ipxe-ath-Add-missing-break-statements.patch
ipxe-mucurses-Fix-erroneous-__nonnull-attribute.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.10
-------------------------------------------------------------------
Thu Aug 24 18:52:40 UTC 2017 - brogers@suse.com

View File

@ -22,6 +22,7 @@
%define build_slof_from_source 0
%define kvm_available 0
%define legacy_qemu_kvm 0
%define force_fit_virtio_pxe_rom 1
%ifarch %ix86 x86_64
# choice of building all from source or using provided binary x86 blobs
@ -86,7 +87,7 @@
%define with_seccomp 1
%endif
%ifarch %ix86 x86_64
%ifarch %ix86 x86_64 s390x
%define with_seccomp 1
%endif
@ -109,10 +110,10 @@ Url: http://www.qemu.org/
Summary: Universal CPU emulator
License: BSD-3-Clause and GPL-2.0 and GPL-2.0+ and LGPL-2.1+ and MIT
Group: System/Emulators/PC
Version: 2.9.0
Version: 2.10.0
Release: 0
Source: http://wiki.qemu.org/download/qemu-2.9.0.tar.xz
Source99: http://wiki.qemu.org/download/qemu-2.9.0.tar.xz.sig
Source: http://wiki.qemu.org/download/qemu-2.10.0.tar.xz
Source99: http://wiki.qemu.org/download/qemu-2.10.0.tar.xz.sig
Source1: 80-kvm.rules
Source2: qemu-ifup
Source3: kvm_stat
@ -132,79 +133,37 @@ Source15: supported.ppc.txt
# This patch queue is auto-generated from https://github.com/openSUSE/qemu
Patch0001: 0001-XXX-dont-dump-core-on-sigabort.patch
Patch0002: 0002-qemu-binfmt-conf-Modify-default-pat.patch
Patch0003: 0003-qemu-cvs-alsa_bitfield.patch
Patch0004: 0004-qemu-cvs-alsa_ioctl.patch
Patch0005: 0005-qemu-cvs-alsa_mmap.patch
Patch0006: 0006-qemu-cvs-gettimeofday.patch
Patch0007: 0007-qemu-cvs-ioctl_debug.patch
Patch0008: 0008-qemu-cvs-ioctl_nodirection.patch
Patch0009: 0009-linux-user-add-binfmt-wrapper-for-a.patch
Patch0010: 0010-PPC-KVM-Disable-mmu-notifier-check.patch
Patch0011: 0011-linux-user-fix-segfault-deadlock.patch
Patch0012: 0012-linux-user-binfmt-support-host-bina.patch
Patch0013: 0013-linux-user-Fake-proc-cpuinfo.patch
Patch0014: 0014-linux-user-XXX-disable-fiemap.patch
Patch0015: 0015-slirp-nooutgoing.patch
Patch0016: 0016-vnc-password-file-and-incoming-conn.patch
Patch0017: 0017-linux-user-use-target_ulong.patch
Patch0018: 0018-block-Add-support-for-DictZip-enabl.patch
Patch0019: 0019-block-Add-tar-container-format.patch
Patch0020: 0020-Legacy-Patch-kvm-qemu-preXX-dictzip.patch
Patch0021: 0021-console-add-question-mark-escape-op.patch
Patch0022: 0022-Make-char-muxer-more-robust-wrt-sma.patch
Patch0023: 0023-linux-user-lseek-explicitly-cast-no.patch
Patch0024: 0024-configure-Enable-PIE-for-ppc-and-pp.patch
Patch0025: 0025-AIO-Reduce-number-of-threads-for-32.patch
Patch0026: 0026-dictzip-Fix-on-big-endian-systems.patch
Patch0027: 0027-xen_disk-Add-suse-specific-flush-di.patch
Patch0028: 0028-qemu-bridge-helper-reduce-security-.patch
Patch0029: 0029-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
Patch0030: 0030-configure-Fix-detection-of-seccomp-.patch
Patch0031: 0031-linux-user-properly-test-for-infini.patch
Patch0032: 0032-linux-user-remove-all-traces-of-qem.patch
Patch0033: 0033-roms-Makefile-pass-a-packaging-time.patch
Patch0034: 0034-Raise-soft-address-space-limit-to-h.patch
Patch0035: 0035-increase-x86_64-physical-bits-to-42.patch
Patch0036: 0036-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
Patch0037: 0037-i8254-Fix-migration-from-SLE11-SP2.patch
Patch0038: 0038-acpi_piix4-Fix-migration-from-SLE11.patch
Patch0039: 0039-Fix-tigervnc-long-press-issue.patch
Patch0040: 0040-fix-xen-hvm-direct-kernel-boot.patch
Patch0041: 0041-string-input-visitor-Fix-uint64-par.patch
Patch0042: 0042-test-string-input-visitor-Add-int-t.patch
Patch0043: 0043-test-string-input-visitor-Add-uint6.patch
Patch0044: 0044-tests-Add-QOM-property-unit-tests.patch
Patch0045: 0045-tests-Add-scsi-disk-test.patch
Patch0046: 0046-RFC-update-Linux-headers-from-irqs-.patch
Patch0047: 0047-ARM-KVM-Enable-in-kernel-timers-wit.patch
Patch0048: 0048-input-Add-trace-event-for-empty-key.patch
Patch0049: 0049-ACPI-don-t-call-acpi_pcihp_device_p.patch
Patch0050: 0050-i386-Allow-cpuid-bit-override.patch
Patch0051: 0051-input-limit-kbd-queue-depth.patch
Patch0052: 0052-audio-release-capture-buffers.patch
Patch0053: 0053-scsi-avoid-an-off-by-one-error-in-m.patch
Patch0054: 0054-vmw_pvscsi-check-message-ring-page-.patch
Patch0055: 0055-9pfs-local-forbid-client-access-to-.patch
Patch0056: 0056-jazz_led-fix-bad-snprintf.patch
Patch0057: 0057-slirp-smb-Replace-constant-strings-.patch
Patch0058: 0058-altera_timer-fix-incorrect-memset.patch
Patch0059: 0059-Hacks-for-building-on-gcc-7-Fedora-.patch
Patch0060: 0060-9pfs-local-fix-unlink-of-alien-file.patch
Patch0061: 0061-megasas-do-not-read-DCMD-opcode-mor.patch
Patch0062: 0062-megasas-always-store-SCSIRequest-in.patch
Patch0063: 0063-nbd-Fully-initialize-client-in-case.patch
Patch0064: 0064-9pfs-local-remove-use-correct-path-.patch
Patch0065: 0065-hid-Reset-kbd-modifiers-on-reset.patch
Patch0066: 0066-input-Decrement-queue-count-on-kbd-.patch
Patch0067: 0067-xhci-only-update-dequeue-ptr-on-com.patch
Patch0068: 0068-vnc-Set-default-kbd-delay-to-10ms.patch
Patch0069: 0069-qemu-nbd-Ignore-SIGPIPE.patch
Patch0070: 0070-usb-redir-fix-stack-overflow-in-usb.patch
Patch0071: 0071-exec-use-qemu_ram_ptr_length-to-acc.patch
Patch0072: 0072-slirp-check-len-against-dhcp-option.patch
Patch0073: 0073-xen-mapcache-store-dma-information-.patch
Patch0074: 0074-exec-Add-lock-parameter-to-qemu_ram.patch
Patch0075: 0075-Replace-struct-ucontext-with-uconte.patch
Patch0003: 0003-qemu-cvs-gettimeofday.patch
Patch0004: 0004-qemu-cvs-ioctl_debug.patch
Patch0005: 0005-qemu-cvs-ioctl_nodirection.patch
Patch0006: 0006-linux-user-add-binfmt-wrapper-for-a.patch
Patch0007: 0007-PPC-KVM-Disable-mmu-notifier-check.patch
Patch0008: 0008-linux-user-fix-segfault-deadlock.patch
Patch0009: 0009-linux-user-binfmt-support-host-bina.patch
Patch0010: 0010-linux-user-Fake-proc-cpuinfo.patch
Patch0011: 0011-linux-user-XXX-disable-fiemap.patch
Patch0012: 0012-linux-user-use-target_ulong.patch
Patch0013: 0013-console-add-question-mark-escape-op.patch
Patch0014: 0014-Make-char-muxer-more-robust-wrt-sma.patch
Patch0015: 0015-linux-user-lseek-explicitly-cast-no.patch
Patch0016: 0016-AIO-Reduce-number-of-threads-for-32.patch
Patch0017: 0017-xen_disk-Add-suse-specific-flush-di.patch
Patch0018: 0018-qemu-bridge-helper-reduce-security-.patch
Patch0019: 0019-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
Patch0020: 0020-configure-Fix-detection-of-seccomp-.patch
Patch0021: 0021-linux-user-properly-test-for-infini.patch
Patch0022: 0022-roms-Makefile-pass-a-packaging-time.patch
Patch0023: 0023-Raise-soft-address-space-limit-to-h.patch
Patch0024: 0024-increase-x86_64-physical-bits-to-42.patch
Patch0025: 0025-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
Patch0026: 0026-i8254-Fix-migration-from-SLE11-SP2.patch
Patch0027: 0027-acpi_piix4-Fix-migration-from-SLE11.patch
Patch0028: 0028-Fix-tigervnc-long-press-issue.patch
Patch0029: 0029-string-input-visitor-Fix-uint64-par.patch
Patch0030: 0030-test-string-input-visitor-Add-int-t.patch
Patch0031: 0031-test-string-input-visitor-Add-uint6.patch
Patch0032: 0032-tests-Add-QOM-property-unit-tests.patch
Patch0033: 0033-tests-Add-scsi-disk-test.patch
# Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue.
@ -214,10 +173,6 @@ Patch0075: 0075-Replace-struct-ucontext-with-uconte.patch
# PATCH-FIX-OPENSUSE ipxe-stable-buildid.patch brogers@suse.com -- reproducible builds
Patch1100: ipxe-stable-buildid.patch
Patch1101: ipxe-use-gcc6-for-more-compact-code.patch
Patch1102: ipxe-build-Avoid-implicit-fallthrough-warnings-on-GCC-7.patch
Patch1103: ipxe-iscsi-Always-send-FirstBurstLength-parameter.patch
Patch1104: ipxe-ath-Add-missing-break-statements.patch
Patch1105: ipxe-mucurses-Fix-erroneous-__nonnull-attribute.patch
# sgabios
# PATCH-FIX-OPENSUSE sgabios-stable-buildid.patch brogers@suse.com -- reproducible builds
@ -227,6 +182,7 @@ Patch1200: sgabios-stable-buildid.patch
# this is to make lint happy
Source300: qemu-rpmlintrc
Source301: ipxe-stub-out-the-SAN-req-s-in-int13.patch
Source302: bridge.conf
Source400: update_git.sh
ExcludeArch: s390
@ -859,7 +815,7 @@ This package provides a service file for starting and stopping KSM.
%endif # !qemu-testsuite
%prep
%setup -q -n qemu-2.9.0
%setup -q -n qemu-2.10.0
%patch0001 -p1
%patch0002 -p1
%patch0003 -p1
@ -893,58 +849,12 @@ This package provides a service file for starting and stopping KSM.
%patch0031 -p1
%patch0032 -p1
%patch0033 -p1
%patch0034 -p1
%patch0035 -p1
%patch0036 -p1
%patch0037 -p1
%patch0038 -p1
%patch0039 -p1
%patch0040 -p1
%patch0041 -p1
%patch0042 -p1
%patch0043 -p1
%patch0044 -p1
%patch0045 -p1
%patch0046 -p1
%patch0047 -p1
%patch0048 -p1
%patch0049 -p1
%patch0050 -p1
%patch0051 -p1
%patch0052 -p1
%patch0053 -p1
%patch0054 -p1
%patch0055 -p1
%patch0056 -p1
%patch0057 -p1
%patch0058 -p1
%patch0059 -p1
%patch0060 -p1
%patch0061 -p1
%patch0062 -p1
%patch0063 -p1
%patch0064 -p1
%patch0065 -p1
%patch0066 -p1
%patch0067 -p1
%patch0068 -p1
%patch0069 -p1
%patch0070 -p1
%patch0071 -p1
%patch0072 -p1
%patch0073 -p1
%patch0074 -p1
%patch0075 -p1
pushd roms/ipxe
%patch1100 -p1
%if 0%{?suse_version} <= 1320
%patch1101 -p1
%endif
%patch1102 -p1
%patch1103 -p1
%patch1104 -p1
%patch1105 -p1
popd
pushd roms/sgabios
@ -1166,6 +1076,14 @@ make %{?_smp_mflags} -C roms pxerom
make %{?_smp_mflags} -C roms efirom
%endif
make -C roms sgabios
%if %{force_fit_virtio_pxe_rom}
pushd roms/ipxe
patch -p1 < %{SOURCE301}
popd
make %{?_smp_mflags} -C roms pxerom_variants=virtio pxerom_targets=1af41000 NO_WERROR=1 pxerom
%endif
# enforce pxe rom sizes for migration compatability from SLE 11 SP3 forward
# the following need to be > 64K
%define supported_nics_large {e1000 rtl8139}
@ -1489,6 +1407,8 @@ fi
%_datadir/%name/bamboo.dtb
%_datadir/%name/petalogix-ml605.dtb
%_datadir/%name/skiboot.lid
%_datadir/%name/qemu_vga.ndrv
%_datadir/%name/s390-netboot.img
%if 0%{?is_opensuse} == 0
%dir %_docdir/qemu-ppc
%_docdir/qemu-ppc/supported.txt

View File

@ -1,3 +1,97 @@
-------------------------------------------------------------------
Wed Aug 30 19:52:26 UTC 2017 - brogers@suse.com
- Update to v2.10.0: See http://wiki.qemu.org/ChangeLog/2.10
- Dropped internal only patches used to support SUSE Studio
Testdrive as well as other miscellaneous patches deemed unused
and not worth carrying (bsc#1046783, bsc#1055125, bsc#1055127)
- Update SLE support statements in anticipation of SLE15
- disable SAN boot capability from virtio pxe rom used in v1.4 and
older pc machine types due to rom size requirements. Hopefully
a better solution can be found which doesn't impact functionality
* Patches added:
ipxe-stub-out-the-SAN-req-s-in-int13.patch
* Patches renamed:
0006-qemu-cvs-gettimeofday.patch -> 0003-qemu-cvs-gettimeofday.patch
0007-qemu-cvs-ioctl_debug.patch -> 0004-qemu-cvs-ioctl_debug.patch
0008-qemu-cvs-ioctl_nodirection.patch -> 0005-qemu-cvs-ioctl_nodirection.patch
0009-linux-user-add-binfmt-wrapper-for-a.patch -> 0006-linux-user-add-binfmt-wrapper-for-a.patch
0010-PPC-KVM-Disable-mmu-notifier-check.patch -> 0007-PPC-KVM-Disable-mmu-notifier-check.patch
0011-linux-user-fix-segfault-deadlock.patch -> 0008-linux-user-fix-segfault-deadlock.patch
0012-linux-user-binfmt-support-host-bina.patch -> 0009-linux-user-binfmt-support-host-bina.patch
0013-linux-user-Fake-proc-cpuinfo.patch -> 0010-linux-user-Fake-proc-cpuinfo.patch
0014-linux-user-XXX-disable-fiemap.patch -> 0011-linux-user-XXX-disable-fiemap.patch
0017-linux-user-use-target_ulong.patch -> 0012-linux-user-use-target_ulong.patch
0021-console-add-question-mark-escape-op.patch -> 0013-console-add-question-mark-escape-op.patch
0022-Make-char-muxer-more-robust-wrt-sma.patch -> 0014-Make-char-muxer-more-robust-wrt-sma.patch
0023-linux-user-lseek-explicitly-cast-no.patch -> 0015-linux-user-lseek-explicitly-cast-no.patch
0025-AIO-Reduce-number-of-threads-for-32.patch -> 0016-AIO-Reduce-number-of-threads-for-32.patch
0027-xen_disk-Add-suse-specific-flush-di.patch -> 0017-xen_disk-Add-suse-specific-flush-di.patch
0028-qemu-bridge-helper-reduce-security-.patch -> 0018-qemu-bridge-helper-reduce-security-.patch
0029-qemu-binfmt-conf-use-qemu-ARCH-binf.patch -> 0019-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
0030-configure-Fix-detection-of-seccomp-.patch -> 0020-configure-Fix-detection-of-seccomp-.patch
0031-linux-user-properly-test-for-infini.patch -> 0020-linux-user-properly-test-for-infini.patch
0033-roms-Makefile-pass-a-packaging-time.patch -> 0022-roms-Makefile-pass-a-packaging-time.patch
0034-Raise-soft-address-space-limit-to-h.patch -> 0023-Raise-soft-address-space-limit-to-h.patch
0035-increase-x86_64-physical-bits-to-42.patch -> 0024-increase-x86_64-physical-bits-to-42.patch
0036-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch -> 0025-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
0037-i8254-Fix-migration-from-SLE11-SP2.patch -> 0026-i8254-Fix-migration-from-SLE11-SP2.patch
0038-acpi_piix4-Fix-migration-from-SLE11.patch -> 0027-acpi_piix4-Fix-migration-from-SLE11.patch
0039-Fix-tigervnc-long-press-issue.patch -> 0028-Fix-tigervnc-long-press-issue.patch
0041-string-input-visitor-Fix-uint64-par.patch -> 0029-string-input-visitor-Fix-uint64-par.patch
0042-test-string-input-visitor-Add-int-t.patch -> 0030-test-string-input-visitor-Add-int-t.patch
0043-test-string-input-visitor-Add-uint6.patch -> 0031-test-string-input-visitor-Add-uint6.patch
0044-tests-Add-QOM-property-unit-tests.patch -> 0032-tests-Add-QOM-property-unit-tests.patch
0045-tests-Add-scsi-disk-test.patch -> 0033-tests-Add-scsi-disk-test.patch
* Patches dropped (upstream unless otherwise noted):
0003-qemu-cvs-alsa_bitfield.patch (deemed not needed)
0004-qemu-cvs-alsa_ioctl.patch (deemed not needed)
0005-qemu-cvs-alsa_mmap.patch (deemed not needed)
0015-slirp-nooutgoing.patch (bsc#1055125)
0016-vnc-password-file-and-incoming-conn.patch (bsc#1055127)
0018-block-Add-support-for-DictZip-enabl.patch (bsc#1046783)
0019-block-Add-tar-container-format.patch (bsc#1046783)
0020-Legacy-Patch-kvm-qemu-preXX-dictzip.patch (bsc#1046783)
0024-configure-Enable-PIE-for-ppc-and-pp.patch (obsolete)
0026-dictzip-Fix-on-big-endian-systems.patch (bsc#1046783)
0032-linux-user-remove-all-traces-of-qem.patch
0040-fix-xen-hvm-direct-kernel-boot.patch (bsc#970791)
0046-RFC-update-Linux-headers-from-irqs-.patch
0047-ARM-KVM-Enable-in-kernel-timers-wit.patch
0048-input-Add-trace-event-for-empty-key.patch
0049-ACPI-don-t-call-acpi_pcihp_device_p.patch
0050-i386-Allow-cpuid-bit-override.patch (was for testing only)
0051-input-limit-kbd-queue-depth.patch
0052-audio-release-capture-buffers.patch
0053-scsi-avoid-an-off-by-one-error-in-m.patch
0054-vmw_pvscsi-check-message-ring-page-.patch
0055-9pfs-local-forbid-client-access-to-.patch
0056-jazz_led-fix-bad-snprintf.patch
0057-slirp-smb-Replace-constant-strings-.patch
0058-altera_timer-fix-incorrect-memset.patch
0059-Hacks-for-building-on-gcc-7-Fedora-.patch
0060-9pfs-local-fix-unlink-of-alien-file.patch
0061-megasas-do-not-read-DCMD-opcode-mor.patch
0062-megasas-always-store-SCSIRequest-in.patch
0063-nbd-Fully-initialize-client-in-case.patch
0064-9pfs-local-remove-use-correct-path-.patch
0065-hid-Reset-kbd-modifiers-on-reset.patch
0066-input-Decrement-queue-count-on-kbd-.patch
0067-xhci-only-update-dequeue-ptr-on-com.patch
0068-vnc-Set-default-kbd-delay-to-10ms.patch
0069-qemu-nbd-Ignore-SIGPIPE.patch
0070-usb-redir-fix-stack-overflow-in-usb.patch
0072-slirp-check-len-against-dhcp-option.patch
0071-exec-use-qemu_ram_ptr_length-to-acc.patch
0073-xen-mapcache-store-dma-information-.patch
0074-exec-Add-lock-parameter-to-qemu_ram.patch
0075-Replace-struct-ucontext-with-uconte.patch
ipxe-build-Avoid-implicit-fallthrough-warnings-on-GCC-7.patch
ipxe-iscsi-Always-send-FirstBurstLength-parameter.patch
ipxe-ath-Add-missing-break-statements.patch
ipxe-mucurses-Fix-erroneous-__nonnull-attribute.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.10
-------------------------------------------------------------------
Thu Aug 24 18:52:40 UTC 2017 - brogers@suse.com

176
qemu.spec
View File

@ -22,6 +22,7 @@
%define build_slof_from_source 0
%define kvm_available 0
%define legacy_qemu_kvm 0
%define force_fit_virtio_pxe_rom 1
%ifarch %ix86 x86_64
# choice of building all from source or using provided binary x86 blobs
@ -86,7 +87,7 @@
%define with_seccomp 1
%endif
%ifarch %ix86 x86_64
%ifarch %ix86 x86_64 s390x
%define with_seccomp 1
%endif
@ -109,10 +110,10 @@ Url: http://www.qemu.org/
Summary: Universal CPU emulator
License: BSD-3-Clause and GPL-2.0 and GPL-2.0+ and LGPL-2.1+ and MIT
Group: System/Emulators/PC
Version: 2.9.0
Version: 2.10.0
Release: 0
Source: http://wiki.qemu.org/download/qemu-2.9.0.tar.xz
Source99: http://wiki.qemu.org/download/qemu-2.9.0.tar.xz.sig
Source: http://wiki.qemu.org/download/qemu-2.10.0.tar.xz
Source99: http://wiki.qemu.org/download/qemu-2.10.0.tar.xz.sig
Source1: 80-kvm.rules
Source2: qemu-ifup
Source3: kvm_stat
@ -132,79 +133,37 @@ Source15: supported.ppc.txt
# This patch queue is auto-generated from https://github.com/openSUSE/qemu
Patch0001: 0001-XXX-dont-dump-core-on-sigabort.patch
Patch0002: 0002-qemu-binfmt-conf-Modify-default-pat.patch
Patch0003: 0003-qemu-cvs-alsa_bitfield.patch
Patch0004: 0004-qemu-cvs-alsa_ioctl.patch
Patch0005: 0005-qemu-cvs-alsa_mmap.patch
Patch0006: 0006-qemu-cvs-gettimeofday.patch
Patch0007: 0007-qemu-cvs-ioctl_debug.patch
Patch0008: 0008-qemu-cvs-ioctl_nodirection.patch
Patch0009: 0009-linux-user-add-binfmt-wrapper-for-a.patch
Patch0010: 0010-PPC-KVM-Disable-mmu-notifier-check.patch
Patch0011: 0011-linux-user-fix-segfault-deadlock.patch
Patch0012: 0012-linux-user-binfmt-support-host-bina.patch
Patch0013: 0013-linux-user-Fake-proc-cpuinfo.patch
Patch0014: 0014-linux-user-XXX-disable-fiemap.patch
Patch0015: 0015-slirp-nooutgoing.patch
Patch0016: 0016-vnc-password-file-and-incoming-conn.patch
Patch0017: 0017-linux-user-use-target_ulong.patch
Patch0018: 0018-block-Add-support-for-DictZip-enabl.patch
Patch0019: 0019-block-Add-tar-container-format.patch
Patch0020: 0020-Legacy-Patch-kvm-qemu-preXX-dictzip.patch
Patch0021: 0021-console-add-question-mark-escape-op.patch
Patch0022: 0022-Make-char-muxer-more-robust-wrt-sma.patch
Patch0023: 0023-linux-user-lseek-explicitly-cast-no.patch
Patch0024: 0024-configure-Enable-PIE-for-ppc-and-pp.patch
Patch0025: 0025-AIO-Reduce-number-of-threads-for-32.patch
Patch0026: 0026-dictzip-Fix-on-big-endian-systems.patch
Patch0027: 0027-xen_disk-Add-suse-specific-flush-di.patch
Patch0028: 0028-qemu-bridge-helper-reduce-security-.patch
Patch0029: 0029-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
Patch0030: 0030-configure-Fix-detection-of-seccomp-.patch
Patch0031: 0031-linux-user-properly-test-for-infini.patch
Patch0032: 0032-linux-user-remove-all-traces-of-qem.patch
Patch0033: 0033-roms-Makefile-pass-a-packaging-time.patch
Patch0034: 0034-Raise-soft-address-space-limit-to-h.patch
Patch0035: 0035-increase-x86_64-physical-bits-to-42.patch
Patch0036: 0036-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
Patch0037: 0037-i8254-Fix-migration-from-SLE11-SP2.patch
Patch0038: 0038-acpi_piix4-Fix-migration-from-SLE11.patch
Patch0039: 0039-Fix-tigervnc-long-press-issue.patch
Patch0040: 0040-fix-xen-hvm-direct-kernel-boot.patch
Patch0041: 0041-string-input-visitor-Fix-uint64-par.patch
Patch0042: 0042-test-string-input-visitor-Add-int-t.patch
Patch0043: 0043-test-string-input-visitor-Add-uint6.patch
Patch0044: 0044-tests-Add-QOM-property-unit-tests.patch
Patch0045: 0045-tests-Add-scsi-disk-test.patch
Patch0046: 0046-RFC-update-Linux-headers-from-irqs-.patch
Patch0047: 0047-ARM-KVM-Enable-in-kernel-timers-wit.patch
Patch0048: 0048-input-Add-trace-event-for-empty-key.patch
Patch0049: 0049-ACPI-don-t-call-acpi_pcihp_device_p.patch
Patch0050: 0050-i386-Allow-cpuid-bit-override.patch
Patch0051: 0051-input-limit-kbd-queue-depth.patch
Patch0052: 0052-audio-release-capture-buffers.patch
Patch0053: 0053-scsi-avoid-an-off-by-one-error-in-m.patch
Patch0054: 0054-vmw_pvscsi-check-message-ring-page-.patch
Patch0055: 0055-9pfs-local-forbid-client-access-to-.patch
Patch0056: 0056-jazz_led-fix-bad-snprintf.patch
Patch0057: 0057-slirp-smb-Replace-constant-strings-.patch
Patch0058: 0058-altera_timer-fix-incorrect-memset.patch
Patch0059: 0059-Hacks-for-building-on-gcc-7-Fedora-.patch
Patch0060: 0060-9pfs-local-fix-unlink-of-alien-file.patch
Patch0061: 0061-megasas-do-not-read-DCMD-opcode-mor.patch
Patch0062: 0062-megasas-always-store-SCSIRequest-in.patch
Patch0063: 0063-nbd-Fully-initialize-client-in-case.patch
Patch0064: 0064-9pfs-local-remove-use-correct-path-.patch
Patch0065: 0065-hid-Reset-kbd-modifiers-on-reset.patch
Patch0066: 0066-input-Decrement-queue-count-on-kbd-.patch
Patch0067: 0067-xhci-only-update-dequeue-ptr-on-com.patch
Patch0068: 0068-vnc-Set-default-kbd-delay-to-10ms.patch
Patch0069: 0069-qemu-nbd-Ignore-SIGPIPE.patch
Patch0070: 0070-usb-redir-fix-stack-overflow-in-usb.patch
Patch0071: 0071-exec-use-qemu_ram_ptr_length-to-acc.patch
Patch0072: 0072-slirp-check-len-against-dhcp-option.patch
Patch0073: 0073-xen-mapcache-store-dma-information-.patch
Patch0074: 0074-exec-Add-lock-parameter-to-qemu_ram.patch
Patch0075: 0075-Replace-struct-ucontext-with-uconte.patch
Patch0003: 0003-qemu-cvs-gettimeofday.patch
Patch0004: 0004-qemu-cvs-ioctl_debug.patch
Patch0005: 0005-qemu-cvs-ioctl_nodirection.patch
Patch0006: 0006-linux-user-add-binfmt-wrapper-for-a.patch
Patch0007: 0007-PPC-KVM-Disable-mmu-notifier-check.patch
Patch0008: 0008-linux-user-fix-segfault-deadlock.patch
Patch0009: 0009-linux-user-binfmt-support-host-bina.patch
Patch0010: 0010-linux-user-Fake-proc-cpuinfo.patch
Patch0011: 0011-linux-user-XXX-disable-fiemap.patch
Patch0012: 0012-linux-user-use-target_ulong.patch
Patch0013: 0013-console-add-question-mark-escape-op.patch
Patch0014: 0014-Make-char-muxer-more-robust-wrt-sma.patch
Patch0015: 0015-linux-user-lseek-explicitly-cast-no.patch
Patch0016: 0016-AIO-Reduce-number-of-threads-for-32.patch
Patch0017: 0017-xen_disk-Add-suse-specific-flush-di.patch
Patch0018: 0018-qemu-bridge-helper-reduce-security-.patch
Patch0019: 0019-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
Patch0020: 0020-configure-Fix-detection-of-seccomp-.patch
Patch0021: 0021-linux-user-properly-test-for-infini.patch
Patch0022: 0022-roms-Makefile-pass-a-packaging-time.patch
Patch0023: 0023-Raise-soft-address-space-limit-to-h.patch
Patch0024: 0024-increase-x86_64-physical-bits-to-42.patch
Patch0025: 0025-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
Patch0026: 0026-i8254-Fix-migration-from-SLE11-SP2.patch
Patch0027: 0027-acpi_piix4-Fix-migration-from-SLE11.patch
Patch0028: 0028-Fix-tigervnc-long-press-issue.patch
Patch0029: 0029-string-input-visitor-Fix-uint64-par.patch
Patch0030: 0030-test-string-input-visitor-Add-int-t.patch
Patch0031: 0031-test-string-input-visitor-Add-uint6.patch
Patch0032: 0032-tests-Add-QOM-property-unit-tests.patch
Patch0033: 0033-tests-Add-scsi-disk-test.patch
# Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue.
@ -214,10 +173,6 @@ Patch0075: 0075-Replace-struct-ucontext-with-uconte.patch
# PATCH-FIX-OPENSUSE ipxe-stable-buildid.patch brogers@suse.com -- reproducible builds
Patch1100: ipxe-stable-buildid.patch
Patch1101: ipxe-use-gcc6-for-more-compact-code.patch
Patch1102: ipxe-build-Avoid-implicit-fallthrough-warnings-on-GCC-7.patch
Patch1103: ipxe-iscsi-Always-send-FirstBurstLength-parameter.patch
Patch1104: ipxe-ath-Add-missing-break-statements.patch
Patch1105: ipxe-mucurses-Fix-erroneous-__nonnull-attribute.patch
# sgabios
# PATCH-FIX-OPENSUSE sgabios-stable-buildid.patch brogers@suse.com -- reproducible builds
@ -227,6 +182,7 @@ Patch1200: sgabios-stable-buildid.patch
# this is to make lint happy
Source300: qemu-rpmlintrc
Source301: ipxe-stub-out-the-SAN-req-s-in-int13.patch
Source302: bridge.conf
Source400: update_git.sh
ExcludeArch: s390
@ -859,7 +815,7 @@ This package provides a service file for starting and stopping KSM.
%endif # !qemu-testsuite
%prep
%setup -q -n qemu-2.9.0
%setup -q -n qemu-2.10.0
%patch0001 -p1
%patch0002 -p1
%patch0003 -p1
@ -893,58 +849,12 @@ This package provides a service file for starting and stopping KSM.
%patch0031 -p1
%patch0032 -p1
%patch0033 -p1
%patch0034 -p1
%patch0035 -p1
%patch0036 -p1
%patch0037 -p1
%patch0038 -p1
%patch0039 -p1
%patch0040 -p1
%patch0041 -p1
%patch0042 -p1
%patch0043 -p1
%patch0044 -p1
%patch0045 -p1
%patch0046 -p1
%patch0047 -p1
%patch0048 -p1
%patch0049 -p1
%patch0050 -p1
%patch0051 -p1
%patch0052 -p1
%patch0053 -p1
%patch0054 -p1
%patch0055 -p1
%patch0056 -p1
%patch0057 -p1
%patch0058 -p1
%patch0059 -p1
%patch0060 -p1
%patch0061 -p1
%patch0062 -p1
%patch0063 -p1
%patch0064 -p1
%patch0065 -p1
%patch0066 -p1
%patch0067 -p1
%patch0068 -p1
%patch0069 -p1
%patch0070 -p1
%patch0071 -p1
%patch0072 -p1
%patch0073 -p1
%patch0074 -p1
%patch0075 -p1
pushd roms/ipxe
%patch1100 -p1
%if 0%{?suse_version} <= 1320
%patch1101 -p1
%endif
%patch1102 -p1
%patch1103 -p1
%patch1104 -p1
%patch1105 -p1
popd
pushd roms/sgabios
@ -1166,6 +1076,14 @@ make %{?_smp_mflags} -C roms pxerom
make %{?_smp_mflags} -C roms efirom
%endif
make -C roms sgabios
%if %{force_fit_virtio_pxe_rom}
pushd roms/ipxe
patch -p1 < %{SOURCE301}
popd
make %{?_smp_mflags} -C roms pxerom_variants=virtio pxerom_targets=1af41000 NO_WERROR=1 pxerom
%endif
# enforce pxe rom sizes for migration compatability from SLE 11 SP3 forward
# the following need to be > 64K
%define supported_nics_large {e1000 rtl8139}
@ -1489,6 +1407,8 @@ fi
%_datadir/%name/bamboo.dtb
%_datadir/%name/petalogix-ml605.dtb
%_datadir/%name/skiboot.lid
%_datadir/%name/qemu_vga.ndrv
%_datadir/%name/s390-netboot.img
%if 0%{?is_opensuse} == 0
%dir %_docdir/qemu-ppc
%_docdir/qemu-ppc/supported.txt

View File

@ -22,6 +22,7 @@
%define build_slof_from_source 0
%define kvm_available 0
%define legacy_qemu_kvm 0
%define force_fit_virtio_pxe_rom 1
%ifarch %ix86 x86_64
# choice of building all from source or using provided binary x86 blobs
@ -86,7 +87,7 @@
%define with_seccomp 1
%endif
%ifarch %ix86 x86_64
%ifarch %ix86 x86_64 s390x
%define with_seccomp 1
%endif
@ -111,8 +112,8 @@ License: BSD-3-Clause and GPL-2.0 and GPL-2.0+ and LGPL-2.1+ and MIT
Group: System/Emulators/PC
QEMU_VERSION
Release: 0
Source: http://wiki.qemu.org/download/qemu-2.9.0.tar.xz
Source99: http://wiki.qemu.org/download/qemu-2.9.0.tar.xz.sig
Source: http://wiki.qemu.org/download/qemu-2.10.0.tar.xz
Source99: http://wiki.qemu.org/download/qemu-2.10.0.tar.xz.sig
Source1: 80-kvm.rules
Source2: qemu-ifup
Source3: kvm_stat
@ -140,10 +141,6 @@ PATCH_FILES
# PATCH-FIX-OPENSUSE ipxe-stable-buildid.patch brogers@suse.com -- reproducible builds
Patch1100: ipxe-stable-buildid.patch
Patch1101: ipxe-use-gcc6-for-more-compact-code.patch
Patch1102: ipxe-build-Avoid-implicit-fallthrough-warnings-on-GCC-7.patch
Patch1103: ipxe-iscsi-Always-send-FirstBurstLength-parameter.patch
Patch1104: ipxe-ath-Add-missing-break-statements.patch
Patch1105: ipxe-mucurses-Fix-erroneous-__nonnull-attribute.patch
# sgabios
# PATCH-FIX-OPENSUSE sgabios-stable-buildid.patch brogers@suse.com -- reproducible builds
@ -153,6 +150,7 @@ Patch1200: sgabios-stable-buildid.patch
# this is to make lint happy
Source300: qemu-rpmlintrc
Source301: ipxe-stub-out-the-SAN-req-s-in-int13.patch
Source302: bridge.conf
Source400: update_git.sh
ExcludeArch: s390
@ -785,7 +783,7 @@ This package provides a service file for starting and stopping KSM.
%endif # !qemu-testsuite
%prep
%setup -q -n qemu-2.9.0
%setup -q -n qemu-2.10.0
PATCH_EXEC
pushd roms/ipxe
@ -793,10 +791,6 @@ pushd roms/ipxe
%if 0%{?suse_version} <= 1320
%patch1101 -p1
%endif
%patch1102 -p1
%patch1103 -p1
%patch1104 -p1
%patch1105 -p1
popd
pushd roms/sgabios
@ -1018,6 +1012,14 @@ make %{?_smp_mflags} -C roms pxerom
make %{?_smp_mflags} -C roms efirom
%endif
make -C roms sgabios
%if %{force_fit_virtio_pxe_rom}
pushd roms/ipxe
patch -p1 < %{SOURCE301}
popd
make %{?_smp_mflags} -C roms pxerom_variants=virtio pxerom_targets=1af41000 NO_WERROR=1 pxerom
%endif
# enforce pxe rom sizes for migration compatability from SLE 11 SP3 forward
# the following need to be > 64K
%define supported_nics_large {e1000 rtl8139}
@ -1341,6 +1343,8 @@ fi
%_datadir/%name/bamboo.dtb
%_datadir/%name/petalogix-ml605.dtb
%_datadir/%name/skiboot.lid
%_datadir/%name/qemu_vga.ndrv
%_datadir/%name/s390-netboot.img
%if 0%{?is_opensuse} == 0
%dir %_docdir/qemu-ppc
%_docdir/qemu-ppc/supported.txt

View File

@ -1,11 +1,11 @@
[qemu-arm package document]
SLES 12 SP3 QEMU/KVM RELATED SUPPORT STATEMENTS
SLES 15 QEMU/KVM RELATED SUPPORT STATEMENTS
Overview
--------
The QEMU based packages included with SLES 12 SP3 provide a large variety of
The QEMU based packages included with SLES 15 provide a large variety of
features, from the very latest customer requests to features of questionable
quality or value. The linux kernel includes components which contribute KVM
virtualization features as well. This document was created to assist the user
@ -56,8 +56,8 @@ Major QEMU/KVM Supported Features
Since a KVM guest runs in the context of a normal linux process, some types
of execution controls are managed with linux tools.
- QEMU is compatible with EDK based UEFI firmware available with SLES12-SP3,
which allow boot options common to physical systems along with other features
- QEMU is compatible with EDK based UEFI firmware available with SLES15, which
allow boot options common to physical systems along with other features
tailored to virtualization. Various VGABIOS ROMs, from the SEABIOS project,
are also available.
@ -72,7 +72,7 @@ Major QEMU/KVM Supported Features
- Guest execution state may be "moved" in both time (save/restore) and space
(static and live migration). These migrations or save/restore operations can
take place either from certain prior SLES versioned hosts to a SLES 12 SP3
take place either from certain prior SLES versioned hosts to a SLES 15 host
or between hosts of the same version. Certain other restrictions also apply.
- Security considerations include privileged helpers and a security model which
@ -111,7 +111,7 @@ Major QEMU/KVM Supported Features
- Portions of the host file system may be shared with a guest by using virtFS.
- A guest "agent" is available for SLES 12 KVM guests via the qemu-guest-agent
- A guest "agent" is available for SLES 15 KVM guests via the qemu-guest-agent
package. This allows some introspection and control of the guest OS
environment from the host.
@ -314,7 +314,9 @@ QEMU Command-Line and Monitor Syntax and Support
c
change ...
chardev-add ...
chardev-change ...
chardev-remove ...
chardev-send-break ...
client_migrate_info ...
closefd ...
cont
@ -329,6 +331,8 @@ QEMU Command-Line and Monitor Syntax and Support
dump_guest_memory ...
eject ...
gdbserver ...
gpa2hpa ...
gpa2hva ...
help
i ...
info ...
@ -408,7 +412,9 @@ QEMU Command-Line and Monitor Syntax and Support
change
change-vnc-password
chardev-add
chardev-change
chardev-remove
chardev-send-break
client_migrate_info
closefd
cont
@ -527,28 +533,27 @@ QEMU Command-Line and Monitor Syntax and Support
at45db081d|bcm2835-aux|bcm2835-dma|bcm2835-fb|bcm2835-ic|bcm2835-mbox|
bcm2835-peripherals|bcm2835-property|bcm2836|bcm2836-control|
cadence_gem|cadence_ttc|cadence_uart|ccid-card-emulated|
ccid-card-passthrough|cfi.pflash01|cfi.pflash02|cirrus-vga|corgi-ssp|
ccid-card-passthrough|cfi.pflash02|cirrus-vga|corgi-ssp|
cortex-a15-arm-cpu|cortex-a53-arm-cpu|cortex-a57-arm-cpu|
cortex-a8-arm-cpu|cortex-a9-arm-cpu|cortex-m3-arm-cpu|
cortex-m4-arm-cpu|cortex-r5-arm-cpu|cs4231a|digic|digic-timer|
digic-uart|ds1338|dscm1xxxx|e1000|en25f32|en25p32|en25p64|en25q32b|
en25q64|esp|exynos4210.combiner|exynos4210-ehci-usb|exynos4210.fimd|
en25q64|exynos4210.combiner|exynos4210-ehci-usb|exynos4210.fimd|
exynos4210.gic|exynos4210.i2c|exynos4210.irq_gate|exynos4210.mct|
exynos4210.pmu|exynos4210.pwm|exynos4210.rtc|exynos4210.uart|floppy|
fslimx25|fslimx31|fusbh200-ehci-usb|fw_cfg|gd25q32|gd25q64|
generic-sdhci|gpex-pcihost|gpex-root|gpio_i2c|gpio-key|gus|
hyperv-testdev|highbank-regs|host-arm-cpu|*-i386-cpu|i8042|
ib700|icp-ctrl-regs|igd-passthrough-isa-bridge|imx25.ccm|imx31.ccm|
imx6.ccm|imx.avic|imx.epit|imx.fec|imx.gpio|imx.gpt|imx.i2c|
imx.serial|integrator_core|integrator_debug|integrator_pic|
integrator_pit|intel_iommu|ipmi-bmc-extern|ipmi-bmc-sim|isa-applesmc|
isa-cirrus-vga|isa-debugcon|isa-debug-exit|isa-fdc|isa-ide|
isa-ipmi-bt|isa-ipmi-kcs|isa-parallel|isa-vga|isabus-bridge|
kvm-arm-gic|kvm-arm-gicv3|kvm-pci-assign|l2x0|lan9118|lm8323|loader|
lsi53c810a|lsi53c895a|m25p05|m25p10|m25p128|m25p16|m25p20|m25p32|
m25p40|m25p64|m25p80|m25pe16|m25pe20|m25pe80|m25px32|m25px32-s0|
m25px32-s1|m25px64|m45pe10|m45pe16|m45pe80|mainstone-fpga|max1110|
max1111|max7310|musicpal_gpio|musicpal_key|musicpal_lcd|
gpex-pcihost|gpex-root|gpio_i2c|gpio-key|gus|hyperv-testdev|
highbank-regs|host-arm-cpu|*-i386-cpu|i8042|ib700|icp-ctrl-regs|
igd-passthrough-isa-bridge|imx25.ccm|imx31.ccm|imx6.ccm|imx.avic|
imx.epit|imx.fec|imx.gpio|imx.gpt|imx.i2c|imx.serial|integrator_core|
integrator_debug|integrator_pic|integrator_pit|intel_iommu|
ipmi-bmc-extern|ipmi-bmc-sim|isa-applesmc|isa-cirrus-vga|isa-debugcon|
isa-debug-exit|isa-fdc|isa-ide|isa-ipmi-bt|isa-ipmi-kcs|isa-parallel|
isa-vga|kvm-arm-gic|kvm-arm-gicv3|kvm-pci-assign|l2x0|lan9118|lm8323|
loader|lsi53c810a|lsi53c895a|m25p05|m25p10|m25p128|m25p16|m25p20|
m25p32|m25p40|m25p64|m25p80|m25pe16|m25pe20|m25pe80|m25px32|
m25px32-s0|m25px32-s1|m25px64|m45pe10|m45pe16|m45pe80|mainstone-fpga|
max1110|max1111|max7310|musicpal_gpio|musicpal_key|musicpal_lcd|
musicpal-misc|mv88w8618_audio|mv88w8618_eth|mv88w8618_flashcfg|
mv88w8618_pic|mv88w8618_pit|mv88w8618_wlan|mx25l12805d|mx25l12855e|
mx25l1606e|mx25l2005a|mx25l25635e|mx25l25655e|mx25l3205d|mx25l4005a|
@ -575,17 +580,17 @@ QEMU Command-Line and Monitor Syntax and Support
sst25wf080|sst25wf512|stellaris-adc|stellaris_enet|stellaris-gptm|
stellaris-i2c|stm32f205-soc|stm32f2xx-syscfg|stm32f2xx-timer|
stm32f2xx-usart|strongarm-gpio|strongarm_pic|strongarm-ppc|
strongarm-rtc|strongarm-ssp|strongarm-uart|sysbus-ahci|sysbus-ohci|
tegra2-ehci-usb|ti925t-arm-cpu|tmp105|tosa_dac|tosa-ssp|tusb6010|
twl92230|usb-redir|versatile_i2c|versatilepb_sic|versatile_pci|
versatile_pci_host|vfio-pci-igd-lpc-bridge|vhost-vsock-device|
vhost-vsock-pci|virtconsole|virtio-crypto-device|virtio-crypto-pci|
virtio-mmio|virtio-vga|vmware-svga|w25q256|w25q32|w25q32dw|w25q64|
w25q80|w25q80bl|w25x10|w25x16|w25x20|w25x32|w25x40|w25x64|w25x80|
wm8750|*-x86_64-cpu|xen-backend|xen-pci-passthrough|xen-platform|
xen-pvdevice|xen-sysdev|xgmac|xilinxzynq_slcr|xlnx.ps7-qspi|
xlnx.ps7-spi|xlnxps7-usb|xlnxzynqmp|xlnxzynq-xadc|
unimplemented-device|vmgenid]
strongarm-rtc|strongarm-ssp|strongarm-uart|tegra2-ehci-usb|
ti925t-arm-cpu|tmp105|tosa_dac|tosa-ssp|tusb6010|twl92230|usb-redir|
versatile_i2c|versatilepb_sic|versatile_pci|versatile_pci_host|
vfio-pci-igd-lpc-bridge|vhost-vsock-device|vhost-vsock-pci|
virtconsole|virtio-crypto-device|virtio-crypto-pci|virtio-vga|
vmware-svga|w25q256|w25q32|w25q32dw|w25q64|w25q80|w25q80bl|w25x10|
w25x16|w25x20|w25x32|w25x40|w25x64|w25x80|wm8750|*-x86_64-cpu|
xen-backend|xen-pci-passthrough|xen-platform|xen-pvdevice|xgmac|
xilinxzynq_slcr|xlnx.ps7-qspi|xlnx.ps7-spi|xlnxps7-usb|xlnxzynqmp|
xlnxzynq-xadc|vmgenid|vhost-user-scsi|vhost-user-scsi-pci|
mmio_interface]
(the following are aliases of these unsupported devices: lsi|
virtio-input-host|virtio-keyboard|virtio-mouse|virtio-tablet|
virtio-gpu|pci-assign|piix-usb-uhci)
@ -622,7 +627,9 @@ QEMU Command-Line and Monitor Syntax and Support
-no-kvm-irqchip
-no-kvm-pit
-no-kvm-pit-reinjection
-numa ...
-numa cpu ...
-numa dist ...
-numa node ...
-option-rom ...
-pflash file
-portrait
@ -642,6 +649,7 @@ QEMU Command-Line and Monitor Syntax and Support
-xen-attach ...
-xen-create
-xen-domid ...
-xen-domid-restrict ...
- The following monitor commands are unsupported:
acl_add ...
@ -695,6 +703,7 @@ QEMU Command-Line and Monitor Syntax and Support
x-blockdev-insert-medium
x-blockdev-remove-medium
x-colo-lost-heartbeat
x-debug-block-dirty-bitmap-sha256
xen-colo-do-checkpoint
xen-load-devices-state
xen-save-devices-state

View File

@ -2,4 +2,656 @@
SLES 12 SP3 QEMU/KVM RELATED SUPPORT STATEMENTS
QEMU/KVM on ppc is not supported.
Overview
--------
QEMU/KVM on ppc is in Tech Preview status on an OpenPower S822LC host,
otherwise, it is not supported. Usage of the word support or supported in this
document indicates "intended" support if and when support changes to level 3
support (L3).
The QEMU based packages included with SLES 12 SP3 provide a large variety of
features, from the very latest customer requests to features of questionable
quality or value. The linux kernel includes components which contribute KVM
virtualization features as well. This document was created to assist the user
in deciding which features can be relied upon to build enterprise class
virtualization solutions. KVM based virtualization for x86 (Intel 64/AMD64),
for IBM System z (s390x) and for the ARM64 architecture (AArch64) are offered
at the L3 (full support) level. The bulk of this document deals with intended
supported features and is primarily ppc centric. This document should be
considered a companion to the standard virtualization documentation delivered
with the product.
KVM is implemented in linux kernel modules which enable the linux kernel to
function as an integral part of the KVM hypervisor. The hypervisor-guest
interaction is managed by QEMU through the /dev/kvm ioctl interface. The linux
host assists in the virtualization of storage, networking and display
resources as well as allowing direct hardware passthrough of PCI and USB
devices. Linux memory and cpu management features are used by QEMU/KVM to
enable guests to share those host resources as efficiently as possible.
The kvm_hv kernel module is required. The kvm_pr kernel module is unsupported.
QEMU is a primary component of KVM based virtualization. The QEMU emulator
binary qemu-system-ppc64 is the program to use to access KVM virtualization.
When using this program, the -machine option accel=kvm (or its alias
-enable-kvm) must be specified for KVM acceleration to be used by the guest.
Libvirt is the preferred means of accessing QEMU/KVM functionality and is
documented elsewhere. This document focuses on the features and direct usage
of QEMU/KVM as provided by the QEMU based packages.
Major QEMU/KVM Supported Features
---------------------------------
- KVM virtualization is accomplished by using the QEMU program in KVM
acceleration mode. KVM acceleration requires that both guest and host have
the same fundamental architecture.
- Guest images created under previous QEMU versions are supported by machine
version compatibilities built into more recent QEMU versions.
- For ease of use, the QEMU program has defaults which represent traditional
usage patterns.
- Guest virtual machine characteristics are specified by a combination of
internal defaults, options provided on the QEMU program command-line, runtime
configurations set via the monitor interfaces and optional config files. The
runtime control of a VM is effected either through the Human Monitor
"Protocol" (HMP), or the JSON based programmatical QEMU Monitor Protocol (QMP)
interface. For QMP details, see qemu-qmp-ref man page.
Since a KVM guest runs in the context of a normal linux process, some types
of execution controls are managed with linux tools.
- QEMU uses SLOF (Slimline Open Firmware) for booting ppc guests, which allow
boot options common to physical systems.Various VGABIOS ROMs, from the SEABIOS
project, are also available.
- Some QEMU messages have been localized to various languages. This is provided
by the optional qemu-lang package. Keyboard mappings for various nationalities
is also provided.
- Virtual machine lifecycle controls include startup through firmware or kernel
boot, firmware based shutdown, execution pausing, the saving and restoring of
machine state or disk state, VM migration to another host, and miscellaneous
controls available through the "monitors" mentioned above.
- Guest execution state may be "moved" in both time (save/restore) and space
(static and live migration). These migrations or save/restore operations can
take place either from certain prior SLES versioned hosts to a SLES 12 SP3
or between hosts of the same version. Certain other restrictions also apply.
- Security considerations include privileged helpers and a security model which
allows running guests as a non-root user.
- QEMU provides best effort reuse of existing disk images, including those with
systems installed, through geometry probing. Also disk images produced by
other popular virtualization technologies may be imported into QEMU supported
storage formats. These QEMU formats include features which exploit the
benefits of virtualization.
- Memory, cpu and disk space overcommit are possible and can be beneficial when
done responsibly. Additional management of these resources comes in the form
of memory ballooning or hotplug, host KSM, vcpu hot-add, online disk resizing,
trim, discard and hole punching.
- Guest performance is enhanced through the use of virtio devices, various disk
caching modes, network acceleration via the vhost-net kernel module, multi-
queue network transmit capabilities, host transparent huge pages (THP) and
direct hugetlb usage. Physical PCI and USB devices may also be passed through
to the guest, including SR-IOV VF's.
- The guest UI is accessable via GTK, SDL, VNC, Spice, and serial (including
curses TUI) interfaces.
- Guest timekeeping is supported in a variety of ways, including a paravirtual
clocksource, and options for the various guest clocks for how to handle the
timeslicing of the guest's execution on the host.
- In addition to the para-virtualized devices already mentioned, other devices
and infrastructure designed to avoid virtualization "problem areas" are
available such as SPICE graphics, vmmouse emulation, tablet style pointer
interfaces and virtio based UI interfaces.
- A built-in user-mode network (SLIRP) stack is available.
- Portions of the host file system may be shared with a guest by using virtFS.
- A guest "agent" is available for SLES 12 KVM guests via the qemu-guest-agent
package. This allows some introspection and control of the guest OS
environment from the host.
QEMU/KVM Technology Previews
----------------------------
- Specifying and placing PCI devices on a PCI bridge allows for a greater number
of devices.
- All features indicated as not being supported in this document fall under the
Technology Preview definition contained in the main product's release notes.
Noteworthy QEMU/KVM Unsupported Features
----------------------------------------
- Note that some features are unsupported simply due to lack of validation. If
an existing feature is desired, but not marked supported, let SUSE know about
your requirements.
- The TCG "acceleration" mode may be helpful for problem isolation, but
otherwise presents insufficient benefit and stability.
- GlusterFS integration is not enabled.
Deprecated, Superseded, Modified and Dropped Features
-----------------------------------------------------
- http://wiki.qemu-project.org/Features/LegacyRemoval
This website tracks feature deprecation and removal at the upstream
development level. Our qemu package inherits this community direction, but be
aware that we can and will deviate as needed. Those deviations and additional
information can be found in this section.
- The use of "?" as a parameter to "-cpu", "-soundhw", "-device", "-M",
"-machine", "-d", and "-clock" is now considered deprecated. Use "help"
instead.
- The use of "if=scsi" as a parameter to "-drive" does not work anymore with PC
machine types, as it created an obsolete SCSI controller model.
- Use of aio=native without direct cache mode also being specified (cache=none,
cache=directsync, or cache.direct=on) is no longer allowed.
- The use of image encryption in qcow and qcow2 formats is now considered
deprecated.
Analysis has shown it to be weak encryption, in addition to suffering from
poor design. Images can easily be converted to a non-encrypted format.
- Use of acpi, boot-opts, and smp-opts in a -readconfig config file are now
considered deprecated. In the future those names will be standardized to
acpitable, boot, and smp respectively.
- These previously supported command line options are now considered deprecated:
-device ivshmem (use ivshmem-doorbell or ivshmem-plain instead)
- These previously supported command line options are no longer supported:
-device pci-assign, -device kvm-pci-assign (use -device vfio-pci instead)
- These previously supported command line options are no longer recognized:
-device pc-sysfw (no longer needed)
- Specifying a cpu feature with both "+feature/-feature" and "feature=on/off"
will now cause a warning. The current behavior for this combination where
"+feature/-feature" wins over "feature=on/off", will be changed going forward
so that "+feature" and "-feature" will be synonyms for "feature=on" and
"feature=off" respectively.
- The previously supported blkdev-add QMP command has been flagged as lacking
and could possibly change syntax in the future.
QEMU Command-Line and Monitor Syntax and Support
------------------------------------------------
- The QEMU program command-line syntax is as follows:
qemu-system-ppc64 [options]
Where 'options' are taken from the options listed below.
The images used with -drive or -cdrom, may be in the raw (no format), qcow2
or qed storage formats, and may be located in files within the host
filesystem, logical volumes, host physical disks, or network based storage.
Read only media may also be accessed via URL style protocol specifiers.
Note that as a general rule, as new command line options are added which serve
to replace an older option or interface, you are strongly encouraged to adapt
your usage to the new option. The new option is being introduced to provide
better functionality and usability going forward. In some cases existing
problems or even bugs in older interfaces cannot be fixed due to functional
expectations, but are resolved in the newer interface or option.
This advice includes moving to the most recent machine type (eg virt-2.9
instead of virt-2.6) if possible. (note: there is no virt-2.9 machine type!)
- The following command line options are supported:
-accel ...
-add-fd ...
-alt-grab
-append ...
-audio-help
-balloon ...
-bios ...
-blockdev ...
-boot ...
-cdrom ...
-chardev ..
-clock ...
-cpu host
-ctrl-grab
-d ...
-daemonize
-debugcon ...
-device [VGA|rtl8139|virtio-net-pci|virtio-blk-pci|virtio-balloon-pci|
virtio-9p-pci|usb-hub|usb-ehci|usb-tablet|usb-storage|usb-mouse|
usb-kbd|virtserialport|virtconsole|virtio-serial-pci|i82559er|
virtio-scsi-pci|scsi-cd|scsi-hd|scsi-generic|scsi-disk|scsi-block|
pci-serial|pci-serial-2x|pci-serial-4x|ich9-ahci|usb-host|usb-serial|
usb-wacom-tablet|usb-braille|usb-net|pci-ohci|virtio-rng-pci|i6300esb|
qxl|qxl-vga|pvpanic|vfio-pci|ivshmem|ivshmem-doorbell|ivshmem-plain|
pci-bridge|megasas-gen2|e1000e|e1000]
(the following are aliases of these supported devices: ahci|
virtio-blk|virtio-net|virtio-serial|virtio-balloon| virtio-9p|
virtio-scsi|virtio-rng|e1000-82540em)
-dfilter range, ...
-display ...
-drive ... (if specified if=[virtio] and format=[qcow2|qed|raw] and
snapshot=off only)
-echr ...
-enable-fips
-enable-kvm
-fsdev ...
-full-screen
-fw_cfg ...
-gdb ...
-global ...
-h
-help
-incoming ...
-initrd ...
-iscsi ...
-k ...
-kernel ...
-loadvm ...
-m ...
-M [help|?|none|pseries|pseries-2.9]
-machine [help|?|none|pseries|pseries-2.9]
-mem-path ...
-mem-prealloc
-mon ...
-monitor ...
-msg ...
-name ...
-net [bridge|l2tpv3|nic|none|tap|user] ... (for model= only e1000, rtl8139,
and virtio are supported)
-netdev [bridge|tap|user] ...
-nodefaults
-nodefconfig
-no-frame
-nographic
-no-quit
-no-reboot
-no-shutdown
-no-user-config
-object ...
-only-migratable
-parallel ...
-pidfile ...
-qmp ...
-qmp-pretty ...
-readconfig ...
-realtime ...
-rtc ...
-runas ...
-s
-S
-sandbox ...
-sdl
-serial ...
-show-cursor
-smbios ...
-smp ...
-spice
-tpmdev passthrough ...
-trace ...
-usb
-usbdevice [braile|disk|host|mouse|net|serial|tablet]
-uuid ..
-version
-vga [none|qxl|std|virtio]
-virtfs ...
-virtioconsole ...
-vnc ...
-watchdog ...
-watchdog-action ...
-writeconfig ...
- The following monitor commands are supported:
?
balloon ...
block_resize ...
boot_set ...
c
change ...
chardev-add ...
chardev-remove ...
client_migrate_info ...
closefd ...
cont
cpu ...
cpu-add ...
delvm ...
device_add ...
device_del ...
drive_add ...
drive_backup ...
drive_del ...
dump_guest_memory ...
eject ...
gdbserver ...
help
i ...
info ...
loadvm ...
logfile ...
logitem ...
mce ...
memsave ...
migrate ...
migrate_cancel
migrate_incoming
migrate_set_cache_size ...
migrate_set_capability ...
migrate_set_downtime ...
migrate_set_parameter ...
migrate_set_speed ...
migrate_start_post_copy
mouse_button ...
mouse_move ...
mouse_set ...
nmi ...
o ...
object_add ...
object_del ...
p ...
pci_add ...
pci_del...
pmemsave ...
print ...
q
qemu-io ...
qom-list
qom-set
ringbuf_read ...
ringbuf_write ...
savevm ...
screendump ...
sendkey ...
snapshot_blkdev_internal ...
snapshot_delete_blkdev_internal ...
stop
sum ...
system_powerdown
system_reset
system_wakeup
trace-event ...
usb_add ...
usb_del ...
watchdog_action ...
x ...
xp ...
- The following QMP commands are supported:
add_client
add-fd
balloon
blockdev-add
blockdev-backup
blockdev-change-medium
blockdev-close-tray
blockdev-del
blockdev-mirror
blockdev-open-tray
blockdev-snapshot
blockdev-snapshot-delete-internal-sync
blockdev-snapshot-internal-sync
blockdev-snapshot-sync
block-commit
block-dirty-bitmap-add
block-dirty-bitmap-clear
block-dirty-bitmap-remove
block_passwd
block_resize
block_set_io_throttle
block-set-write-threshold
block_stream
change
change-vnc-password
chardev-add
chardev-remove
client_migrate_info
closefd
cont
cpu
cpu-add
device_add
device_del
device-list-properties
dump-guest-memory
eject
expire_password
getfd
human-monitor-command
inject-nmi
input-send-event
memsave
migrate
migrate_cancel
migrate-incoming
migrate-set-cache-size
migrate-set-capabilities
migrate_set_downtime
migrate_set_speed
migrate-set-parameters
migrate-start-postcopy
object-add
object-del
pmemsave
qmp_capabilities
qom-get
qom-list
qom-list-types
qom-set
query-acpi-ospm-status
query-balloon
query-block
query-block-jobs
query-blockstats
query-chardev
query-chardev-backends
query-command-line-options
query-commands
query-cpu-definitions
query-cpu-model-baseline
query-cpu-model-comparison
query-cpu-model-expansion
query-cpus
query-dump
query-dump-guest-memory-capability
query-events
query-fdsets
query-gic-capabilities
query-hotpluggable-cpus
query-iothreads
query-kvm
query-machines
query-memdev
query-memory-devices
query-mice
query-migrate
query-migrate-cache-size
query-migrate-capabilities
query-migrate-parameters
query-name
query-named-block-nodes
query-pci
query-qmp-schema
query-rocker
query-rocker-of-dpa-flows
query-rocker-of-dpa-groups
query-rocker-ports
query-rx-filter
query-spice
query-status
query-target
query-tpm
query-tpm-models
query-tpm-types
query-uuid
query-version
query-vnc
query-vnc-servers
query-xen-replication-status
quit
remove-fd
ringbuf-read
ringbuf-write
rtc-reset-reinjection
screendump
send-key
set_link
set_password
stop
system_powerdown
system_reset
system_wakeup
trace-event-get-state
trace-event-set-state
transaction
- The following command line options are unsupported:
-acpitable ...
-bt ...
-chroot ...
-cpu ... (all except host)
-curses
-device [adb-keyboard| adb-mouse|adlib|amd-iommu|AMDVI-PCI|ccid-card-emulated|
ccid-card-passthrough|cfi.pflash02|cirrus-vga|cmd646-ide|cs4231a|
dec-21154-p2p-bridge|dec-21154-sysbus|e1000 e500-ccsr|e500-pcihost|
e500-spin|escc|esp|eTSEC|floppy|generic-sdhci|gus|grackle-pcihost|
host-spapr-cpu-core|hyperv-testdev|i8042|i82374|i82378|ib700|icp|
icp-kvm|ics|icskvm|igd-passthrough-isa-bridge|intel_iommu|
ipmi-bmc-extern|ipmi-bmc-sim|isa-applesmc|isa-cirrus-vga|isa-debugcon|
isa-debug-exit|isa-fdc|isa-ide|isa-ipmi-bt|isa-ipmi-kcs|isa-m48t59|
isa-parallel|isa-vga|isabus-bridge|kvm-openpic|kvm-pci-assign|loader|
lsi53c810a| macio-ide|macio-newworld|macio-nvram|macio-oldworld|
mpc8544-guts| mpc8xxx_gpio|ne2k_isa|nvdimm|openpic|pc-dimm|pc-testdev|
pc87312|piix3-ide|piix3-ide|piix3-ide-xen|piix3-usb-uhci|
platform-bus-device|pnv-lpc|powernv-chip-POWER8|powernv-chip-POWER8E|
powernv-chip-POWER8NVL|powernv-chip-POWER9|powernv-cpu-core-POWER8|
powernv-cpu-core-POWER8E|powernv-cpu-core-POWER8NVL|
powernv-cpu-core-POWER9|ppc4xx-pcihost|prep-systemio|raven-pcihost|
rs6000-mc|sb16|sdhci-pci|sga spapr-nvram|spapr-pci-host-bridge|
spapr-pci-vfio-host-bridge|spapr-rng|spapr-rtc|spapr-tce-table|
spapr-vio-bridge|spapr-vlan|spapr-vscsi|spapr-vty|sysbus-m48t02|
sysbus-m48t08|sysbus-m48t59|u3-agp-pcihost|uni-north-agp-pcihost|
uni-north-internal-pci-pcihost|uni-north-pci|uni-north-pci-pcihost|
unimplemented-device|usb-redir|vfio-pci-igd-lpc-bridge|
vhost-vsock-device|vhost-vsock-pci|virtconsole|virtio-crypto-device|
virtio-crypto-pci|virtio-mmio|virtio-vga|vmgenid|vmware-svga|
xen-backend|xen-pci-passthrough|xen-platform|xen-pvdevice|xen-sysdev|
xlnx.xps-ethernetlite|xlnx.xps-intc|xlnx.xps-timer|xlnx.xps-uartlite|
*-i386-cpu|*-powerpc64-cpu|*-spapr-cpu-core|*-x86_64-cpu]
(the following are aliases of these unsupported devices: lsi|
virtio-input-host|virtio-keyboard|virtio-mouse|virtio-tablet|
virtio-gpu|pci-assign|piix-usb-uhci)
(note that some of these device names represent supported devices and
are used internally, but are not specifyable via -device even though
they appear in the list of devices)
-drive ,if=[scsi|mtd|pflash], snapshot=on, format=[anything besides qcow2, qed
or raw]
-dtb file
-enable-hax
-fda/-fdb ...
-g ...
-hda/-hdb/-hdc/-hdd ...
-icount ...
-L ...
-M [40p|bamboo|g3beige|mac99|mpc8544ds|powernv|ppce500|prep|pseries-2.1|
pseries-2.2|pseries-2.3|pseries-2.4|pseries-2.5|pseries-2.6|pseries-2.7|
pseries-2.8|ref405ep|taihu|virtex-ml507]
-machine [40p|bamboo|g3beige|mac99|mpc8544ds|powernv|ppce500|prep|pseries-2.1|
pseries-2.2|pseries-2.3|pseries-2.4|pseries-2.5|pseries-2.6|pseries-2.7|
pseries-2.8|ref405ep|taihu|virtex-ml507]
-mtdblock file
-net [dump|socket|vde] ...
-netdev [dump|hubport|l2tpv3|socket|vde] ...
-no-acpi
-no-fd-bootchk
-no-hpet
-no-kvm
-no-kvm-irqchip
-no-kvm-pit
-no-kvm-pit-reinjection
-numa ...
-option-rom ...
-pflash file
-portrait
-prom-env ...
-qtest ...
-qtest-log ...
-rotate
-sd file
-set ...
-singlestep
-snapshot
-soundhw ...
-tb-size ...
-tdf
-vga [cg3|tcx|virtio|cirrus|xenfb]
-win2k-hack
-xen-attach ...
-xen-create
-xen-domid ...
- The following monitor commands are unsupported:
acl_add ...
acl_policy ...
acl_remove ...
acl_reset ...
acl_show ...
block_job_cancel ...
block_job_complete ...
block_job_pause ...
block_job_resume ...
block_job_set_speed ...
block_passwd ...
commit ...
drive_mirror ...
expire_password ...
hostfwd_add ...
hostfwd_remove ...
host_net_add ...
host_net_remove ...
nbd_server_add ...
nbd server_start ...
nbd_server_stop ...
netdev_add
netdev_del ...
pcie_aer_inject_error ...
set_link ...
set_password ...
singlestep ...
snapshot_blkdev ...
stopcapture ...
wavcapture ...
x_colo_lost_heartbeat
- The following QMP commands are unsupported:
block-job-cancel
block-job-complete
block-job-pause
block-job-resume
block-job-set-speed
change-backing-file
drive-backup
drive-mirror
dump-skeys
netdev_add
netdev_del
nbd-server-add
nbd-server-start
nbd-server-stop
x-blockdev-change
x-blockdev-insert-medium
x-blockdev-remove-medium
x-colo-lost-heartbeat
xen-colo-do-checkpoint
xen-load-devices-state
xen-save-devices-state
xen-set-global-dirty-log
xen-set-replication

View File

@ -1,11 +1,11 @@
[qemu-s390 package document]
SLES 12 SP3 QEMU/KVM RELATED SUPPORT STATEMENTS
SLES 15 QEMU/KVM RELATED SUPPORT STATEMENTS
Overview
--------
The QEMU based packages included with SLES 12 SP3 provide a large variety of
The QEMU based packages included with SLES 15 provide a large variety of
features, from the very latest customer requests to features of questionable
quality or value. The linux kernel includes components which contribute KVM
virtualization features as well. This document was created to assist the user
@ -73,7 +73,7 @@ Major QEMU/KVM Supported Features
- Guest execution state may be "moved" in both time (save/restore) and space
(static and live migration). These migrations or save/restore operations can
take place either from certain prior SLES versioned hosts to a SLES 12 SP3
take place either from certain prior SLES versioned hosts to a SLES 15 host
or between hosts of the same version. Certain other restrictions also apply.
- Security considerations include privileged helpers and a security model which
@ -112,7 +112,7 @@ Major QEMU/KVM Supported Features
- Portions of the host file system may be shared with a guest by using virtFS.
- A guest "agent" is available for SLES 12 KVM guests via the qemu-guest-agent
- A guest "agent" is available for SLES 15 KVM guests via the qemu-guest-agent
package. This allows some introspection and control of the guest OS
environment from the host.
@ -305,7 +305,9 @@ QEMU Command-Line and Monitor Syntax and Support
c
change ...
chardev-add ...
chardev-change ...
chardev-remove ...
chardev-send-break ...
client_migrate_info ...
closefd ...
cont
@ -320,6 +322,8 @@ QEMU Command-Line and Monitor Syntax and Support
dump_guest_memory ...
eject ...
gdbserver ...
gpa2hpa ...
gpa2hva ...
help
i ...
info ...
@ -397,7 +401,9 @@ QEMU Command-Line and Monitor Syntax and Support
change
change-vnc-password
chardev-add
chardev-change
chardev-remove
chardev-send-break
client_migrate_info
closefd
cont
@ -501,51 +507,50 @@ QEMU Command-Line and Monitor Syntax and Support
-chroot ...
-cpu ... (all except host)
-curses
-device [AC97|adlib|allwinner-ahci|am53c974|amd-iommu|AMDVI-PCI|
ccid-card-emulated|ccid-card-passthrough|cirrus-vga|cs4231a|dc390|
diag288|e1000-82544gc|e1000-82545em|edu|ES1370|floppy|generic-sdhci|
generic-sdhci|gus|hda-duplex|hda-micro|hda-output|hyperv-testdev|
*-i386-cpu|i8042|i82550|i82551|i82557a|i82557b|i82557c|i82558a|
i82558b|i82559a|i82559b|i82559c|i82562|i82801|i82801b11-bridge|ib700|
ich9-intel-hda|ich9-usb-ehci1|ich9-usb-ehci2|ich9-usb-uhci1|
ich9-usb-uhci2|ich9-usb-uhci3|ich9-usb-uhci4|ich9-usb-uhci5|
ich9-usb-uhci6|ide-cd|ide-drive|ide-hd|igd-passthrough-isa-bridge|
intel-hda|intel_iommu|ioh3420|ipmi-bmc-extern|ipmi-bmc-sim|ipoctal232|
isa-applesmc|isa-cirrus-vga|isa-debugcon|isa-debug-exit|isa-fdc|
isa-ide|isa-ipmi-bt|isa-ipmi-kcs|isa-parallel|isa-serial|isa-vga|
kvm-pci-assign|lsi53c810|lsi53c810a|megasas|mptsas1068|ne2k_isa|
ne2k_pci|nec-usb-xhci|nvdimm|nvme|pc-dimm|pci-testdev|pcnet|
pc-testdev|piix3-ide|piix3-ide|piix3-ide-xen|piix4-usb-uhci|pvscsi|
pxb|pxb-host|pxb-pcie|qemu-s390-cpu|rocker|s390-flic|s390-flic-qemu|
s390-ipl|s390-pcihost|s390-sclp-event-facility|s390-skeys-qemu|sb16|
sclp|sclpconsole|sclp-cpu-hotplug|sclplmconsole|
sclp-memory-hotplug-dev|sclpquiesce|sd-card|sdhci-pci|sdhci-pci|
secondary-vga|sga|smbus-eeprom|tpci200|unimplemented-device|
-device [AC97|adlib|am53c974|amd-iommu|AMDVI-PCI|ccid-card-emulated|
ccid-card-passthrough|cirrus-vga|cs4231a|dc390|diag288|e1000-82544gc|
e1000-82545em|edu|ES1370|floppy|generic-sdhci|gus|hda-duplex|
hda-micro|hda-output|hyperv-testdev|*-i386-cpu|i8042|i82550|i82551|
i82557a|i82557b|i82557c|i82558a|i82558b|i82559a|i82559b|i82559c|
i82562|i82801|i82801b11-bridge|ib700|ich9-intel-hda|ich9-usb-ehci1|
ich9-usb-ehci2|ich9-usb-uhci1|ich9-usb-uhci2|ich9-usb-uhci3|
ich9-usb-uhci4|ich9-usb-uhci5|ich9-usb-uhci6|ide-cd|ide-drive|ide-hd|
igd-passthrough-isa-bridge|intel-hda|intel_iommu|ioh3420|
ipmi-bmc-extern|ipmi-bmc-sim|ipoctal232|isa-applesmc|isa-cirrus-vga|
isa-debugcon|isa-debug-exit|isa-fdc|isa-ide|isa-ipmi-bt|isa-ipmi-kcs|
isa-parallel|isa-serial|isa-vga|kvm-pci-assign|lsi53c810|lsi53c810a|
megasas|mptsas1068|ne2k_isa|ne2k_pci|nec-usb-xhci|nvdimm|nvme|pc-dimm|
pci-testdev|pcnet|pc-testdev|piix3-ide|piix3-ide|piix3-ide-xen|
piix4-usb-uhci|pvscsi|pxb|pxb-host|pxb-pcie|qemu-s390-cpu|rocker|
s390-flic|s390-flic-qemu|s390-ipl|s390-pcihost|
s390-sclp-event-facility|s390-skeys-qemu|sb16|sclp|sclpconsole|
sclp-cpu-hotplug|sclplmconsole|sclp-memory-hotplug-dev|sclpquiesce|
sd-card|sdhci-pci|sdhci-pci|secondary-vga|sga|smbus-eeprom|tpci200|
usb-audio|usb-bot|usb-bt-dongle|usb-ccid|usb-mtp|usb-uas|vfio-pci|
vhost-scsi-ccw|vhost-vsock-ccw|virtio-9p-device|virtio-balloon-ccw|
virtio-blk-ccw|virtio-crypto-ccw|virtio-mmio|virtio-net-ccw|
virtio-rng-ccw|virtio-scsi-ccw|virtio-serial-ccw|virtio-vga|
virtual-css-bridge|vmware-svga|vmxnet3|vt82c686b-usb-uhci|
x3130-upstream|*-x86_64-cpu|xen-backend|xen-pci-passthrough|
xen-platform|xen-pvdevice|xen-sysdev|xio3130-downstream|
z10BC.2-base-s390-cpu|z10BC.2-s390-cpu|z10BC-base-s390-cpu|
z10BC-s390-cpu|z10EC.2-base-s390-cpu|z10EC.2-s390-cpu|
z10EC.3-base-s390-cpu|z10EC.3-s390-cpu|z10EC-base-s390-cpu|
z10EC-s390-cpu|z114-base-s390-cpu|z114-s390-cpu|z13.2-base-s390-cpu|
z13.2-s390-cpu|z13-base-s390-cpu|z13-s390-cpu|z13s-base-s390-cpu|
z13s-s390-cpu|z196.2-base-s390-cpu|z196.2-s390-cpu|z196-base-s390-cpu|
z196-s390-cpu|z800-base-s390-cpu|z800-s390-cpu|z890.2-base-s390-cpu|
z890.2-s390-cpu|z890.3-base-s390-cpu|z890.3-s390-cpu|
z890-base-s390-cpu|z890-s390-cpu|z900.2-base-s390-cpu|z900.2-s390-cpu|
z900.3-base-s390-cpu|z900.3-s390-cpu|z900-base-s390-cpu|z900-s390-cpu|
z990.2-base-s390-cpu|z990.2-s390-cpu|z990.3-base-s390-cpu|
z990.3-s390-cpu|z990.4-base-s390-cpu|z990.4-s390-cpu|
z990.5-base-s390-cpu|z990.5-s390-cpu|z990-base-s390-cpu|z990-s390-cpu|
z9BC.2-base-s390-cpu|z9BC.2-s390-cpu|z9BC-base-s390-cpu|z9BC-s390-cpu|
z9EC.2-base-s390-cpu|z9EC.2-s390-cpu|z9EC.3-base-s390-cpu|
z9EC.3-s390-cpu|z9EC-base-s390-cpu|z9EC-s390-cpu|zBC12-base-s390-cpu|
zBC12-s390-cpu|zEC12.2-base-s390-cpu|zEC12.2-s390-cpu|
zEC12-base-s390-cpu|zEC12-s390-cpu|zpci|vmgenid]
virtio-blk-ccw|virtio-crypto-ccw|virtio-net-ccw|virtio-rng-ccw|
virtio-scsi-ccw|virtio-serial-ccw|virtio-vga|virtual-css-bridge|
vmware-svga|vmxnet3|vt82c686b-usb-uhci|x3130-upstream|*-x86_64-cpu|
xen-backend|xen-pci-passthrough|xen-platform|xen-pvdevice|
xio3130-downstream|z10BC.2-base-s390-cpu|z10BC.2-s390-cpu|
z10BC-base-s390-cpu|z10BC-s390-cpu|z10EC.2-base-s390-cpu|
z10EC.2-s390-cpu|z10EC.3-base-s390-cpu|z10EC.3-s390-cpu|
z10EC-base-s390-cpu|z10EC-s390-cpu|z114-base-s390-cpu|z114-s390-cpu|
z13.2-base-s390-cpu|z13.2-s390-cpu|z13-base-s390-cpu|z13-s390-cpu|
z13s-base-s390-cpu|z13s-s390-cpu|z196.2-base-s390-cpu|z196.2-s390-cpu|
z196-base-s390-cpu|z196-s390-cpu|z800-base-s390-cpu|z800-s390-cpu|
z890.2-base-s390-cpu|z890.2-s390-cpu|z890.3-base-s390-cpu|
z890.3-s390-cpu|z890-base-s390-cpu|z890-s390-cpu|z900.2-base-s390-cpu|
z900.2-s390-cpu|z900.3-base-s390-cpu|z900.3-s390-cpu|
z900-base-s390-cpu|z900-s390-cpu|z990.2-base-s390-cpu|z990.2-s390-cpu|
z990.3-base-s390-cpu|z990.3-s390-cpu|z990.4-base-s390-cpu|
z990.4-s390-cpu|z990.5-base-s390-cpu|z990.5-s390-cpu|
z990-base-s390-cpu|z990-s390-cpu|z9BC.2-base-s390-cpu|z9BC.2-s390-cpu|
z9BC-base-s390-cpu|z9BC-s390-cpu|z9EC.2-base-s390-cpu|z9EC.2-s390-cpu|
z9EC.3-base-s390-cpu|z9EC.3-s390-cpu|z9EC-base-s390-cpu|z9EC-s390-cpu|
zBC12-base-s390-cpu|zBC12-s390-cpu|zEC12.2-base-s390-cpu|
zEC12.2-s390-cpu|zEC12-base-s390-cpu|zEC12-s390-cpu|zpci|vmgenid|
vhost-user-scsi|vhost-user-scsi-pci|mmio_interface]
(the following are aliases of these unsupported devices: lsi|
virtio-input-host|virtio-keyboard|virtio-mouse|virtio-tablet|
virtio-gpu|virtio-9p|pci-assign|ahci|e1000-82540em)
@ -575,7 +580,9 @@ QEMU Command-Line and Monitor Syntax and Support
-no-kvm-irqchip
-no-kvm-pit
-no-kvm-pit-reinjection
-numa ...
-numa cpu ...
-numa dist ...
-numa node ...
-option-rom ...
-pflash file
-portrait
@ -599,6 +606,7 @@ QEMU Command-Line and Monitor Syntax and Support
-xen-attach ...
-xen-create
-xen-domid ...
-xen-domid-restrict ...
- The following monitor commands are unsupported:
acl_add ...
@ -657,6 +665,7 @@ QEMU Command-Line and Monitor Syntax and Support
x-blockdev-insert-medium
x-blockdev-remove-medium
x-colo-lost-heartbeat
x-debug-block-dirty-bitmap-sha256
xen-colo-do-checkpoint
xen-load-devices-state
xen-save-devices-state

View File

@ -1,11 +1,11 @@
[qemu-x86 package document]
SLES 12 SP3 QEMU/KVM RELATED SUPPORT STATEMENTS
SLES 15 QEMU/KVM RELATED SUPPORT STATEMENTS
Overview
--------
The QEMU based packages included with SLES 12 SP3 provide a large variety of
The QEMU based packages included with SLES 15 provide a large variety of
features, from the very latest customer requests to features of questionable
quality or value. The linux kernel includes components which contribute KVM
virtualization features as well. This document was created to assist the user
@ -80,7 +80,7 @@ Major QEMU/KVM Supported Features
- Guest execution state may be "moved" in both time (save/restore) and space
(static and live migration). These migrations or save/restore operations can
take place either from certain prior SLES versioned hosts to a SLES 12 SP3
take place either from certain prior SLES versioned hosts to a SLES 15 host
or between hosts of the same version. Certain other restrictions also apply.
- Security considerations include seccomp2 based sandboxing, vTPM, privileged
@ -130,7 +130,7 @@ Major QEMU/KVM Supported Features
- Portions of the host file system may be shared with a guest by using virtFS.
- A guest "agent" is available for SLES 12 KVM guests via the qemu-guest-agent
- A guest "agent" is available for SLES 15 KVM guests via the qemu-guest-agent
package. This allows some introspection and control of the guest OS
environment from the host.
@ -380,6 +380,8 @@ QEMU Command-Line and Monitor Syntax and Support
-no-reboot
-no-shutdown
-no-user-config
-numa cpu ...
-numa dist ...
-object ...
-only-migratable
-parallel ...
@ -415,6 +417,7 @@ QEMU Command-Line and Monitor Syntax and Support
-writeconfig ...
-xen-attach ...
-xen-domid ...
-xen-domid-restrict ...
- The following monitor commands are supported:
?
@ -424,7 +427,9 @@ QEMU Command-Line and Monitor Syntax and Support
c
change ...
chardev-add ...
chardev-change ...
chardev-remove ...
chardev-send-break ...
client_migrate_info ...
closefd ...
cont
@ -439,6 +444,8 @@ QEMU Command-Line and Monitor Syntax and Support
dump_guest_memory ...
eject ...
gdbserver ...
gpa2hpa ...
gpa2hva ...
help
i ...
info ...
@ -518,7 +525,9 @@ QEMU Command-Line and Monitor Syntax and Support
change
change-vnc-password
chardev-add
chardev-change
chardev-remove
chardev-send-break
client_migrate_info
closefd
cont
@ -642,19 +651,18 @@ QEMU Command-Line and Monitor Syntax and Support
virtio-balloon-device|virtio-blk-device|virtio-net-device|
virtio-rng-device|virtio-scsi-device|virtio-serial-device|vmxnet3|
xen-pci-passthrough|xen-platform|xen-pvdevice|piix3-ide|piix3-ide-xen|
piix3-ide|i8042|sdhci-pci|generic-sdhci|secondary-vga|edu|fw_cfg_io|
fw_cfg_mem|intel_iommu|usb-mtp|e1000-82544gc|e1000-82545em|
virtio-input-host-pci|virtio-keyboard-pci|virtio-mouse-pci|
virtio-tablet-pci|virtio-gpu-pci|pci-bridge-seat|pxb|pxb-pcie|
allwinner-ahci|sdhci-pci|rocker|virtio-input-host-device|
piix3-ide|i8042|sdhci-pci|secondary-vga|edu|intel_iommu|usb-mtp|
e1000-82544gc|e1000-82545em|virtio-input-host-pci|virtio-keyboard-pci|
virtio-mouse-pci|virtio-tablet-pci|virtio-gpu-pci|pci-bridge-seat|pxb|
pxb-pcie|sdhci-pci|rocker|virtio-input-host-device|
virtio-keyboard-device|virtio-mouse-device|virtio-tablet-device|
virtio-vga|hyperv-testdev|generic-sdhci|igd-passthrough-isa-bridge|
ipmi-bmc-extern|ipmi-bmc-sim|isa-ipmi-bt|isa-ipmi-kcs|mptsas1068|
nvdimm|pxb-host|sd-card|virtio-gpu-device|kvm-pci-assign|xen-sysdev|
amd-iommu|AMDVI-PCI|vhost-vsock-device|vhost-vsock-pci|
virtio-crypto-device|virtio-crypto-pci|vfio-pci-igd-lpc-bridge|
isabus-bridge|pcie-root-port|qemu-xhci|unimplemented-device|
*-i386-cpu|*-x86_64-cpu]
nvdimm|pxb-host|sd-card|virtio-gpu-device|kvm-pci-assign|amd-iommu|
AMDVI-PCI|vhost-vsock-device|vhost-vsock-pci|virtio-crypto-device|
virtio-crypto-pci|vfio-pci-igd-lpc-bridge|pcie-root-port|qemu-xhci|
*-i386-cpu|*-x86_64-cpu|vhost-user-scsi|vhost-user-scsi-pci|
mmio_interface]
(the following are aliases of these unsupported devices: lsi|
virtio-input-host|virtio-keyboard|virtio-mouse|virtio-tablet|
virtio-gpu|pci-assign)
@ -685,7 +693,7 @@ QEMU Command-Line and Monitor Syntax and Support
-no-kvm-irqchip
-no-kvm-pit
-no-kvm-pit-reinjection
-numa ...
-numa node ...
-option-rom ...
-pflash file
-portrait
@ -755,5 +763,6 @@ QEMU Command-Line and Monitor Syntax and Support
x-blockdev-insert-medium
x-blockdev-remove-medium
x-colo-lost-heartbeat
x-debug-block-dirty-bitmap-sha256
xen-colo-do-checkpoint
xen-set-replication

View File

@ -13,8 +13,8 @@ set -e
GIT_TREE=git://github.com/openSUSE/qemu.git
GIT_LOCAL_TREE=~/git/qemu-opensuse
GIT_BRANCH=opensuse-2.9
GIT_UPSTREAM_TAG=v2.9.0
GIT_BRANCH=opensuse-2.10
GIT_UPSTREAM_TAG=v2.10.0
GIT_DIR=/dev/shm/qemu-factory-git-dir
CMP_DIR=/dev/shm/qemu-factory-cmp-dir