Accepting request 825860 from Virtualization:Staging
Update to v5.1.0 qemu OBS-URL: https://build.opensuse.org/request/show/825860 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=557
This commit is contained in:
parent
44644229e6
commit
139cdd2a16
@ -20,10 +20,10 @@ Signed-off-by: Alexander Graf <agraf@suse.de>
|
||||
1 file changed, 6 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/util/thread-pool.c b/util/thread-pool.c
|
||||
index 4ed9b89ab2d9c4e6d805ea47c2b2..697c989885ca8aa4dd1185b780df 100644
|
||||
index d763cea505b68575af8e1b39cd95..785487b8767d96ca76c643f1851f 100644
|
||||
--- a/util/thread-pool.c
|
||||
+++ b/util/thread-pool.c
|
||||
@@ -307,7 +307,12 @@ static void thread_pool_init_one(ThreadPool *pool, AioContext *ctx)
|
||||
@@ -306,7 +306,12 @@ static void thread_pool_init_one(ThreadPool *pool, AioContext *ctx)
|
||||
qemu_mutex_init(&pool->lock);
|
||||
qemu_cond_init(&pool->worker_stopped);
|
||||
qemu_sem_init(&pool->sem, 0);
|
||||
|
@ -8,10 +8,10 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/Makefile b/Makefile
|
||||
index 1a2f649a21a85e1849a3ca40991d..a7851435c0ba8c60df39ebad492b 100644
|
||||
index e7116289550f169a65f8aecfeccf..3da7feaf0d9e9b3f1222efb8823b 100644
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -974,6 +974,7 @@ ifneq ($(DESCS),)
|
||||
@@ -970,6 +970,7 @@ ifneq ($(DESCS),)
|
||||
"$(DESTDIR)$(qemu_datadir)/firmware/$$x"; \
|
||||
done
|
||||
endif
|
||||
@ -19,7 +19,7 @@ index 1a2f649a21a85e1849a3ca40991d..a7851435c0ba8c60df39ebad492b 100644
|
||||
for s in $(ICON_SIZES); do \
|
||||
mkdir -p "$(DESTDIR)$(qemu_icondir)/hicolor/$${s}/apps"; \
|
||||
$(INSTALL_DATA) $(SRC_PATH)/ui/icons/qemu_$${s}.png \
|
||||
@@ -988,6 +989,7 @@ endif
|
||||
@@ -984,6 +985,7 @@ endif
|
||||
mkdir -p "$(DESTDIR)$(qemu_desktopdir)"
|
||||
$(INSTALL_DATA) $(SRC_PATH)/ui/qemu.desktop \
|
||||
"$(DESTDIR)$(qemu_desktopdir)/qemu.desktop"
|
||||
|
@ -1,6 +1,6 @@
|
||||
From: Michael Brown <mcb30@ipxe.org>
|
||||
Date: Mon, 22 Jul 2019 14:51:28 +0100
|
||||
Subject: [build] Do not apply WORKAROUND_CFLAGS for host compiler
|
||||
Subject: Do not apply WORKAROUND_CFLAGS for host compiler
|
||||
|
||||
Git-commit: a4f8c6e31f6c62522cfc633bbbffa81b22f9d6f3
|
||||
Include-If: %ifarch aarch64
|
||||
@ -29,10 +29,10 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
2 files changed, 6 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/roms/ipxe/src/Makefile.housekeeping b/roms/ipxe/src/Makefile.housekeeping
|
||||
index 4b09e81f0b1eb82e79f6af11986d..1b175b9508c0d20f169801f8763d 100644
|
||||
index d94eb1454c9168545c933ec6e900..9c33cc08c4db1bbd0f9966924fce 100644
|
||||
--- a/roms/ipxe/src/Makefile.housekeeping
|
||||
+++ b/roms/ipxe/src/Makefile.housekeeping
|
||||
@@ -454,7 +454,7 @@ endif
|
||||
@@ -455,7 +455,7 @@ endif
|
||||
CFLAGS += $(WORKAROUND_CFLAGS) $(EXTRA_CFLAGS)
|
||||
ASFLAGS += $(WORKAROUND_ASFLAGS) $(EXTRA_ASFLAGS)
|
||||
LDFLAGS += $(WORKAROUND_LDFLAGS) $(EXTRA_LDFLAGS)
|
@ -1,6 +1,6 @@
|
||||
From: Valentine Barshak <gvaxon@gmail.com>
|
||||
Date: Sun, 9 Jun 2019 13:30:11 +0300
|
||||
Subject: [build] Fix "'%s' directive argument is null" error
|
||||
Subject: Fix "'%s' directive argument is null" error
|
||||
|
||||
Git-commit: 412acd7854de10e7194f362a6b1a3257a17974f7
|
||||
References: bsc#1121464
|
@ -3,7 +3,7 @@ Date: Thu, 1 Apr 2010 17:36:23 +0200
|
||||
Subject: Make char muxer more robust wrt small FIFOs
|
||||
|
||||
Virtio-Console can only process one character at a time. Using it on S390
|
||||
gave me strage "lags" where I got the character I pressed before when
|
||||
gave me strange "lags" where I got the character I pressed before when
|
||||
pressing one. So I typed in "abc" and only received "a", then pressed "d"
|
||||
but the guest received "b" and so on.
|
||||
|
||||
@ -24,12 +24,13 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
chardev/char-fe.c | 1 +
|
||||
chardev/char-mux.c | 16 ++++++++++++++++
|
||||
chardev/char.c | 1 +
|
||||
include/chardev/char-mux.h | 3 +++
|
||||
chardev/chardev-internal.h | 3 +++
|
||||
chardev/chardev-sysemu.c | 1 +
|
||||
tests/test-char.c | 1 +
|
||||
5 files changed, 22 insertions(+)
|
||||
6 files changed, 23 insertions(+)
|
||||
|
||||
diff --git a/chardev/char-fe.c b/chardev/char-fe.c
|
||||
index f3530a90e6364d813097105b6113..f8aa0daf31692810efc7d5ca32eb 100644
|
||||
index 474715c5a9257ae9e9e286d2e02d..eeb1b3e0b548027e2bcda0c272d5 100644
|
||||
--- a/chardev/char-fe.c
|
||||
+++ b/chardev/char-fe.c
|
||||
@@ -21,6 +21,7 @@
|
||||
@ -41,7 +42,7 @@ index f3530a90e6364d813097105b6113..f8aa0daf31692810efc7d5ca32eb 100644
|
||||
#include "qemu/error-report.h"
|
||||
#include "qapi/error.h"
|
||||
diff --git a/chardev/char-mux.c b/chardev/char-mux.c
|
||||
index 46c44af67c4ea5348eb1b6db637f..1d3eaf1e37bc2995ae4b8e80f0ff 100644
|
||||
index 6f980bb83647da13c62f514391b3..094bc6703a3febdf5fefb7c0024f 100644
|
||||
--- a/chardev/char-mux.c
|
||||
+++ b/chardev/char-mux.c
|
||||
@@ -22,6 +22,7 @@
|
||||
@ -82,7 +83,7 @@ index 46c44af67c4ea5348eb1b6db637f..1d3eaf1e37bc2995ae4b8e80f0ff 100644
|
||||
* set of muxes
|
||||
*/
|
||||
diff --git a/chardev/char.c b/chardev/char.c
|
||||
index e77564060dbc8d60e964787b9150..7f08483a4fc8b1c2c01d57546eca 100644
|
||||
index 77e7ec814f2196d8352e2f3ec75e..bcdec537e8753025b715e75214e6 100644
|
||||
--- a/chardev/char.c
|
||||
+++ b/chardev/char.c
|
||||
@@ -22,6 +22,7 @@
|
||||
@ -93,11 +94,11 @@ index e77564060dbc8d60e964787b9150..7f08483a4fc8b1c2c01d57546eca 100644
|
||||
#include "qemu/osdep.h"
|
||||
#include "qemu/cutils.h"
|
||||
#include "monitor/monitor.h"
|
||||
diff --git a/include/chardev/char-mux.h b/include/chardev/char-mux.h
|
||||
index 417fe32eedf29b206c4c7a20f8ef..225a4d1c37d051bca576a1b73607 100644
|
||||
--- a/include/chardev/char-mux.h
|
||||
+++ b/include/chardev/char-mux.h
|
||||
@@ -34,6 +34,9 @@ typedef struct MuxChardev {
|
||||
diff --git a/chardev/chardev-internal.h b/chardev/chardev-internal.h
|
||||
index f4d0429763bc28438e6cd6e7de1a..fc6cd39eb2d98af15aec25642438 100644
|
||||
--- a/chardev/chardev-internal.h
|
||||
+++ b/chardev/chardev-internal.h
|
||||
@@ -36,6 +36,9 @@ typedef struct MuxChardev {
|
||||
Chardev parent;
|
||||
CharBackend *backends[MAX_MUX];
|
||||
CharBackend chr;
|
||||
@ -107,8 +108,20 @@ index 417fe32eedf29b206c4c7a20f8ef..225a4d1c37d051bca576a1b73607 100644
|
||||
int focus;
|
||||
int mux_cnt;
|
||||
int term_got_escape;
|
||||
diff --git a/chardev/chardev-sysemu.c b/chardev/chardev-sysemu.c
|
||||
index eecdc615ee1c6c64060452ac837d..c052f101e89c193af1effa9c6fa5 100644
|
||||
--- a/chardev/chardev-sysemu.c
|
||||
+++ b/chardev/chardev-sysemu.c
|
||||
@@ -22,6 +22,7 @@
|
||||
* THE SOFTWARE.
|
||||
*/
|
||||
|
||||
+#define HW_POISON_H /* avoid poison since we patch against rules it "enforces" */
|
||||
#include "qemu/osdep.h"
|
||||
#include "sysemu/sysemu.h"
|
||||
#include "chardev/char.h"
|
||||
diff --git a/tests/test-char.c b/tests/test-char.c
|
||||
index 3afc9b1b8d59802919139012c2cb..530cf7c2414e85e00e2685e7482c 100644
|
||||
index d35cc839bc60db1884c3f265629b..51635ba059ef2302608459e84a65 100644
|
||||
--- a/tests/test-char.c
|
||||
+++ b/tests/test-char.c
|
||||
@@ -1,3 +1,4 @@
|
||||
|
@ -13,7 +13,7 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
2 files changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/scripts/analyze-migration.py b/scripts/analyze-migration.py
|
||||
index 96a31d3974ba2af13d419b71c409..4cae695244a00003d1431c02febf 100755
|
||||
index 95838cbff3f00f1ba097ee032032..d5f6c67bf1f7305461bb536f57b1 100755
|
||||
--- a/scripts/analyze-migration.py
|
||||
+++ b/scripts/analyze-migration.py
|
||||
@@ -1,4 +1,4 @@
|
||||
|
@ -14,10 +14,10 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/exec.c b/exec.c
|
||||
index 2c419f327cf925ee55c46d111272..7adf108c66ed8912588cb83bc15e 100644
|
||||
index 6f381f98e2a01c432c28c0c094db..0cec6a514147a1b90e2056f3eac4 100644
|
||||
--- a/exec.c
|
||||
+++ b/exec.c
|
||||
@@ -2297,11 +2297,13 @@ RAMBlock *qemu_ram_alloc_from_fd(ram_addr_t size, MemoryRegion *mr,
|
||||
@@ -2328,11 +2328,13 @@ RAMBlock *qemu_ram_alloc_from_fd(ram_addr_t size, MemoryRegion *mr,
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
@ -1,11 +1,17 @@
|
||||
The qemu package, and derived packages have a special maintenance workflow in
|
||||
order to support git based patching. Please use it in order to have changes
|
||||
you make be acceptable to the package maintainers.
|
||||
The qemu package includes a special maintenance workflow in order to support git
|
||||
based patching. Please use it in order to have changes you make be acceptable to
|
||||
the package maintainers.
|
||||
|
||||
Currently a local clone of the upstream repo(s) is required for the packaging
|
||||
workflow. It is anticipated that the need for any extra setup will be reduced or
|
||||
even eliminated entirely in the future, but for now, you will need do so some
|
||||
setup. See config.sh for details.
|
||||
|
||||
The qemu.spec file is generated from a qemu.spec.in template, so to make changes
|
||||
to the spec file (besides the script generated patch references), you'll need to
|
||||
edit the template, not the spec file. The spec file patch references are inserted
|
||||
by a script as described below.
|
||||
to the spec file beyond the patch name generation, patch reference and automated
|
||||
versioning done by the scripts, you need to edit the template. Do not directly
|
||||
edit the spec file. The spec file's version and patch references are added when
|
||||
the update_git.sh script is passed certain commands, as described below.
|
||||
|
||||
If you are not modifying any patches or their order, but just need to update the
|
||||
spec file from a changed template, run 'bash ./update_git.sh refresh'.
|
||||
@ -22,16 +28,13 @@ upstream patches from there). Once you have the patch queue ready to go run
|
||||
'bash ./update_git.sh git2pkg' which updates the bundles.tar.xz file, as well as
|
||||
the spec and patch files.
|
||||
|
||||
The default action for update_git.sh is git2pkg, which helps simplify repeated
|
||||
package updates as you modify the patch queue from the local git repo.
|
||||
|
||||
The maintainer and automation use another workflow mode dealing with packaging
|
||||
the latest upstream qemu. See 'LATEST' references in the scripts for details.
|
||||
|
||||
** SPECIAL NOTE ABOUT CURRENT STATUS ***
|
||||
The current status as of 31 Oct 2019 is that for this incarnation of qemu
|
||||
packaging, the previous workflow which relied on the patches being in a shared
|
||||
git repo on github or gitlab is no longer supported. This new bundle based
|
||||
workflow is still a work in progress.
|
||||
If it isn't working right, please contact Bruce Rogers <brogers@suse.com>.
|
||||
*** END SPECIAL NOTE ***
|
||||
* * * * * * * * *
|
||||
|
||||
Additional Notes:
|
||||
|
||||
@ -60,11 +63,12 @@ This will cause the patch application in the spec file to be done as follows:
|
||||
%endif
|
||||
|
||||
A trick worth noting is, if a given git tracked patch is to be applied in a way
|
||||
that can't be done in the normal patching section of the spec file, you can still
|
||||
include the patch, and use it by name with the patch program elsewhere in the
|
||||
spec file by doing something such as:
|
||||
that can't be done in the normal patching section of the spec file, you can
|
||||
still include the patch, and use it by name with the patch program elsewhere in
|
||||
the spec file by doing something such as:
|
||||
Include-If: %if 0%{?patch-possibly-applied-elsewhere}
|
||||
(this variable will remain undefined in the spec file) And then elsewhere in spec
|
||||
file, the actual patch (eg specially-handled-change.patch) is referenced as, eg:
|
||||
(this variable will remain undefined in the spec file) And then elsewhere in the
|
||||
spec file, the actual patch (eg specially-handled-change.patch) is referenced as
|
||||
eg:
|
||||
|
||||
patch -p1 < %_sourcedir/specially-handled-change.patch
|
||||
|
@ -16,7 +16,7 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
1 file changed, 12 insertions(+)
|
||||
|
||||
diff --git a/softmmu/vl.c b/softmmu/vl.c
|
||||
index 32c004788919e4f50b4bfc88113b..97e3888e832f0c9051f720bb701c 100644
|
||||
index 4eb9d1f7fd54f27583bfb1ce9407..c6e7530b012db308d0c607ec749d 100644
|
||||
--- a/softmmu/vl.c
|
||||
+++ b/softmmu/vl.c
|
||||
@@ -34,6 +34,7 @@
|
||||
@ -26,8 +26,8 @@ index 32c004788919e4f50b4bfc88113b..97e3888e832f0c9051f720bb701c 100644
|
||||
+#include <sys/resource.h>
|
||||
#include "sysemu/seccomp.h"
|
||||
#include "sysemu/tcg.h"
|
||||
|
||||
@@ -2851,6 +2852,7 @@ void qemu_init(int argc, char **argv, char **envp)
|
||||
#include "sysemu/xen.h"
|
||||
@@ -2868,6 +2869,7 @@ void qemu_init(int argc, char **argv, char **envp)
|
||||
BlockdevOptionsQueue bdo_queue = QSIMPLEQ_HEAD_INITIALIZER(bdo_queue);
|
||||
QemuPluginList plugin_list = QTAILQ_HEAD_INITIALIZER(plugin_list);
|
||||
int mem_prealloc = 0; /* force preallocation of physical target memory */
|
||||
@ -35,7 +35,7 @@ index 32c004788919e4f50b4bfc88113b..97e3888e832f0c9051f720bb701c 100644
|
||||
|
||||
os_set_line_buffering();
|
||||
|
||||
@@ -2862,6 +2864,16 @@ void qemu_init(int argc, char **argv, char **envp)
|
||||
@@ -2879,6 +2881,16 @@ void qemu_init(int argc, char **argv, char **envp)
|
||||
|
||||
qemu_mutex_lock_iothread();
|
||||
|
||||
|
@ -9,10 +9,10 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
2 files changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/Makefile b/Makefile
|
||||
index 8a9113e6663eb51cf842b2f4f5a2..1a2f649a21a85e1849a3ca40991d 100644
|
||||
index 13dd708c4af52df3bc932812fc60..e7116289550f169a65f8aecfeccf 100644
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -619,7 +619,7 @@ fsdev/virtfs-proxy-helper$(EXESUF): fsdev/virtfs-proxy-helper.o fsdev/9p-marshal
|
||||
@@ -613,7 +613,7 @@ fsdev/virtfs-proxy-helper$(EXESUF): fsdev/virtfs-proxy-helper.o fsdev/9p-marshal
|
||||
|
||||
scsi/qemu-pr-helper$(EXESUF): scsi/qemu-pr-helper.o scsi/utils.o $(authz-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) $(COMMON_LDADDS)
|
||||
ifdef CONFIG_MPATH
|
||||
@ -22,10 +22,10 @@ index 8a9113e6663eb51cf842b2f4f5a2..1a2f649a21a85e1849a3ca40991d 100644
|
||||
|
||||
qemu-img-cmds.h: $(SRC_PATH)/qemu-img-cmds.hx $(SRC_PATH)/scripts/hxtool
|
||||
diff --git a/configure b/configure
|
||||
index 23b5e93752b6a2597b2099b50218..ef127fb1e0715da446b4a822e3ab 100755
|
||||
index 2acc4d1465f8165ae3a238784231..a47fda0fb5267e153a3f1f3ee3bc 100755
|
||||
--- a/configure
|
||||
+++ b/configure
|
||||
@@ -3961,7 +3961,7 @@ int main(void) {
|
||||
@@ -4100,7 +4100,7 @@ int main(void) {
|
||||
return 0;
|
||||
}
|
||||
EOF
|
||||
|
@ -1,87 +0,0 @@
|
||||
From: Janosch Frank <frankja@linux.ibm.com>
|
||||
Date: Tue, 25 Feb 2020 06:09:23 -0500
|
||||
Subject: Sync pv
|
||||
|
||||
Git-commit: 6807f464961cfee1dd81c95e22ddd91fa352fcc4
|
||||
References: bsc#1167075
|
||||
|
||||
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
linux-headers/linux/kvm.h | 45 +++++++++++++++++++++++++++++++++++++--
|
||||
1 file changed, 43 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/linux-headers/linux/kvm.h b/linux-headers/linux/kvm.h
|
||||
index 265099100e65b3e86d9e42e8806e..c30344ab0095e8568e785a237c89 100644
|
||||
--- a/linux-headers/linux/kvm.h
|
||||
+++ b/linux-headers/linux/kvm.h
|
||||
@@ -474,12 +474,17 @@ struct kvm_s390_mem_op {
|
||||
__u32 size; /* amount of bytes */
|
||||
__u32 op; /* type of operation */
|
||||
__u64 buf; /* buffer in userspace */
|
||||
- __u8 ar; /* the access register number */
|
||||
- __u8 reserved[31]; /* should be set to 0 */
|
||||
+ union {
|
||||
+ __u8 ar; /* the access register number */
|
||||
+ __u32 sida_offset; /* offset into the sida */
|
||||
+ __u8 reserved[32]; /* should be set to 0 */
|
||||
+ };
|
||||
};
|
||||
/* types for kvm_s390_mem_op->op */
|
||||
#define KVM_S390_MEMOP_LOGICAL_READ 0
|
||||
#define KVM_S390_MEMOP_LOGICAL_WRITE 1
|
||||
+#define KVM_S390_MEMOP_SIDA_READ 2
|
||||
+#define KVM_S390_MEMOP_SIDA_WRITE 3
|
||||
/* flags for kvm_s390_mem_op->flags */
|
||||
#define KVM_S390_MEMOP_F_CHECK_ONLY (1ULL << 0)
|
||||
#define KVM_S390_MEMOP_F_INJECT_EXCEPTION (1ULL << 1)
|
||||
@@ -1010,6 +1015,7 @@ struct kvm_ppc_resize_hpt {
|
||||
#define KVM_CAP_ARM_NISV_TO_USER 177
|
||||
#define KVM_CAP_ARM_INJECT_EXT_DABT 178
|
||||
#define KVM_CAP_S390_VCPU_RESETS 179
|
||||
+#define KVM_CAP_S390_PROTECTED 180
|
||||
|
||||
#ifdef KVM_CAP_IRQ_ROUTING
|
||||
|
||||
@@ -1478,6 +1484,41 @@ struct kvm_enc_region {
|
||||
#define KVM_S390_NORMAL_RESET _IO(KVMIO, 0xc3)
|
||||
#define KVM_S390_CLEAR_RESET _IO(KVMIO, 0xc4)
|
||||
|
||||
+struct kvm_s390_pv_sec_parm {
|
||||
+ __u64 origin;
|
||||
+ __u64 length;
|
||||
+};
|
||||
+
|
||||
+struct kvm_s390_pv_unp {
|
||||
+ __u64 addr;
|
||||
+ __u64 size;
|
||||
+ __u64 tweak;
|
||||
+};
|
||||
+
|
||||
+enum pv_cmd_id {
|
||||
+ KVM_PV_ENABLE,
|
||||
+ KVM_PV_DISABLE,
|
||||
+ KVM_PV_VM_SET_SEC_PARMS,
|
||||
+ KVM_PV_VM_UNPACK,
|
||||
+ KVM_PV_VM_VERIFY,
|
||||
+ KVM_PV_VM_PREP_RESET,
|
||||
+ KVM_PV_VM_UNSHARE_ALL,
|
||||
+ KVM_PV_VCPU_CREATE,
|
||||
+ KVM_PV_VCPU_DESTROY,
|
||||
+};
|
||||
+
|
||||
+struct kvm_pv_cmd {
|
||||
+ __u32 cmd; /* Command to be executed */
|
||||
+ __u16 rc; /* Ultravisor return code */
|
||||
+ __u16 rrc; /* Ultravisor return reason code */
|
||||
+ __u64 data; /* Data or address */
|
||||
+ __u32 flags; /* flags for future extensions. Must be 0 for now */
|
||||
+ __u32 reserved[3];
|
||||
+};
|
||||
+
|
||||
+/* Available with KVM_CAP_S390_PROTECTED */
|
||||
+#define KVM_S390_PV_COMMAND _IOWR(KVMIO, 0xc5, struct kvm_pv_cmd)
|
||||
+
|
||||
/* Secure Encrypted Virtualization command */
|
||||
enum sev_cmd_id {
|
||||
/* Guest initialization commands */
|
16
_constraints
16
_constraints
@ -1,5 +1,5 @@
|
||||
<constraints>
|
||||
<!-- All builds are fine with 8GB disk -->
|
||||
<!-- All builds are fine with 9GB disk -->
|
||||
<overwrite>
|
||||
<conditions>
|
||||
<package>qemu</package>
|
||||
@ -8,10 +8,22 @@
|
||||
</conditions>
|
||||
<hardware>
|
||||
<disk>
|
||||
<size unit="G">8</size>
|
||||
<size unit="G">9</size>
|
||||
</disk>
|
||||
</hardware>
|
||||
</overwrite>
|
||||
<!-- To test qemu-linux-user, armv7l needs more than the default memory -->
|
||||
<overwrite>
|
||||
<conditions>
|
||||
<arch>armv7l</arch>
|
||||
<package>qemu:linux-user</package>
|
||||
</conditions>
|
||||
<hardware>
|
||||
<memory>
|
||||
<size unit="M">8192</size>
|
||||
</memory>
|
||||
</hardware>
|
||||
</overwrite>
|
||||
<!-- To build qemu, s390x needs more than the default memory -->
|
||||
<overwrite>
|
||||
<conditions>
|
||||
|
@ -16,10 +16,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/hw/acpi/piix4.c b/hw/acpi/piix4.c
|
||||
index 964d6f5990faf6ff7521bb2377a2..7b5f8234444b8b29ae66098b8d39 100644
|
||||
index 26bac4f16c18a7d32b3821e5e3e6..81c2a3410319e6236c1a09b07bb1 100644
|
||||
--- a/hw/acpi/piix4.c
|
||||
+++ b/hw/acpi/piix4.c
|
||||
@@ -274,7 +274,7 @@ static bool piix4_vmstate_need_smbus(void *opaque, int version_id)
|
||||
@@ -275,7 +275,7 @@ static bool piix4_vmstate_need_smbus(void *opaque, int version_id)
|
||||
static const VMStateDescription vmstate_acpi = {
|
||||
.name = "piix4_pm",
|
||||
.version_id = 3,
|
||||
|
@ -1,58 +0,0 @@
|
||||
From: Prasad J Pandit <pjp@fedoraproject.org>
|
||||
Date: Thu, 4 Jun 2020 14:38:30 +0530
|
||||
Subject: ati-vga: check mm_index before recursive call (CVE-2020-13800)
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Git-commit: a98610c429d52db0937c1e48659428929835c455
|
||||
References: bsc#1172495, CVE-2020-13800
|
||||
|
||||
While accessing VGA registers via ati_mm_read/write routines,
|
||||
a guest may set 's->regs.mm_index' such that it leads to infinite
|
||||
recursion. Check mm_index value to avoid such recursion. Log an
|
||||
error message for wrong values.
|
||||
|
||||
Reported-by: Ren Ding <rding@gatech.edu>
|
||||
Reported-by: Hanqing Zhao <hanqing@gatech.edu>
|
||||
Reported-by: Yi Ren <c4tren@gmail.com>
|
||||
Message-id: 20200604090830.33885-1-ppandit@redhat.com
|
||||
Suggested-by: BALATON Zoltan <balaton@eik.bme.hu>
|
||||
Suggested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
|
||||
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
hw/display/ati.c | 10 ++++++++--
|
||||
1 file changed, 8 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/hw/display/ati.c b/hw/display/ati.c
|
||||
index 58ec8291d4601b70720fa1484f88..9228f1b242bb7b141eb50a19e12b 100644
|
||||
--- a/hw/display/ati.c
|
||||
+++ b/hw/display/ati.c
|
||||
@@ -285,8 +285,11 @@ static uint64_t ati_mm_read(void *opaque, hwaddr addr, unsigned int size)
|
||||
if (idx <= s->vga.vram_size - size) {
|
||||
val = ldn_le_p(s->vga.vram_ptr + idx, size);
|
||||
}
|
||||
- } else {
|
||||
+ } else if (s->regs.mm_index > MM_DATA + 3) {
|
||||
val = ati_mm_read(s, s->regs.mm_index + addr - MM_DATA, size);
|
||||
+ } else {
|
||||
+ qemu_log_mask(LOG_GUEST_ERROR,
|
||||
+ "ati_mm_read: mm_index too small: %u\n", s->regs.mm_index);
|
||||
}
|
||||
break;
|
||||
case BIOS_0_SCRATCH ... BUS_CNTL - 1:
|
||||
@@ -520,8 +523,11 @@ static void ati_mm_write(void *opaque, hwaddr addr,
|
||||
if (idx <= s->vga.vram_size - size) {
|
||||
stn_le_p(s->vga.vram_ptr + idx, size, data);
|
||||
}
|
||||
- } else {
|
||||
+ } else if (s->regs.mm_index > MM_DATA + 3) {
|
||||
ati_mm_write(s, s->regs.mm_index + addr - MM_DATA, data, size);
|
||||
+ } else {
|
||||
+ qemu_log_mask(LOG_GUEST_ERROR,
|
||||
+ "ati_mm_write: mm_index too small: %u\n", s->regs.mm_index);
|
||||
}
|
||||
break;
|
||||
case BIOS_0_SCRATCH ... BUS_CNTL - 1:
|
@ -1,49 +0,0 @@
|
||||
From: Bruce Rogers <brogers@suse.com>
|
||||
Date: Thu, 21 May 2020 11:29:31 -0600
|
||||
Subject: audio: fix wavcapture segfault
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Git-commit: cbaf25d1f59ee13fc7542a06ea70784f2e000c04
|
||||
References: boo#1171712
|
||||
|
||||
Commit 571a8c522e caused the HMP wavcapture command to segfault when
|
||||
processing audio data in audio_pcm_sw_write(), where a NULL
|
||||
sw->hw->pcm_ops is dereferenced. This fix checks that the pointer is
|
||||
valid before dereferincing it. A similar fix is also made in the
|
||||
parallel function audio_pcm_sw_read().
|
||||
|
||||
Fixes: 571a8c522e (audio: split ctl_* functions into enable_* and
|
||||
volume_*)
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||
Message-id: 20200521172931.121903-1-brogers@suse.com
|
||||
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
audio/audio.c | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/audio/audio.c b/audio/audio.c
|
||||
index 7a9e6803558b85ff8d4158aa35f9..08a067722b2c33b3f31cb8cf9884 100644
|
||||
--- a/audio/audio.c
|
||||
+++ b/audio/audio.c
|
||||
@@ -649,7 +649,7 @@ static size_t audio_pcm_sw_read(SWVoiceIn *sw, void *buf, size_t size)
|
||||
total += isamp;
|
||||
}
|
||||
|
||||
- if (!hw->pcm_ops->volume_in) {
|
||||
+ if (hw->pcm_ops && !hw->pcm_ops->volume_in) {
|
||||
mixeng_volume (sw->buf, ret, &sw->vol);
|
||||
}
|
||||
|
||||
@@ -736,7 +736,7 @@ static size_t audio_pcm_sw_write(SWVoiceOut *sw, void *buf, size_t size)
|
||||
if (swlim) {
|
||||
sw->conv (sw->buf, buf, swlim);
|
||||
|
||||
- if (!sw->hw->pcm_ops->volume_out) {
|
||||
+ if (sw->hw->pcm_ops && !sw->hw->pcm_ops->volume_out) {
|
||||
mixeng_volume (sw->buf, swlim, &sw->vol);
|
||||
}
|
||||
}
|
@ -2,7 +2,7 @@ From: Bruce Rogers <brogers@suse.com>
|
||||
Date: Wed, 6 May 2020 15:03:02 -0600
|
||||
Subject: [build] Be explicit about -fcommon compiler directive
|
||||
|
||||
Git-commit: 6260364cc4bfea9a78867da63be8d4bf50e4a561
|
||||
Git-commit: f982a712979619dbae2c6e0d741757e2ce94be11
|
||||
References: boo#1171140
|
||||
|
||||
gcc10 switched default behavior from -fcommon to -fno-common. Since
|
||||
@ -11,12 +11,13 @@ gcc10 switched default behavior from -fcommon to -fno-common. Since
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
Modified-by: Michael Brown <mcb30@ipxe.org>
|
||||
Signed-off-by: Michael Brown <mcb30@ipxe.org>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
src/Makefile.housekeeping | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/roms/ipxe/src/Makefile.housekeeping b/roms/ipxe/src/Makefile.housekeeping
|
||||
index 1b175b9508c0d20f169801f8763d..893bd20f1fd5cecf0e480dee05bd 100644
|
||||
index 4b09e81f0b1eb82e79f6af11986d..f6f3e29248d3e59b76de690aeb0c 100644
|
||||
--- a/roms/ipxe/src/Makefile.housekeeping
|
||||
+++ b/roms/ipxe/src/Makefile.housekeeping
|
||||
@@ -422,6 +422,7 @@ CFLAGS += -Os
|
||||
|
@ -4,6 +4,7 @@ Subject: [build] Workaround compilation error with gcc 9.1
|
||||
|
||||
Git-commit: 1dd56dbd11082fb622c2ed21cfaced4f47d798a6
|
||||
References: bsc#1121464
|
||||
Include-If: %if 0%{?suse_version} > 1500 && 0%{?is_opensuse}
|
||||
|
||||
Compiling with gcc 9.1 generates lots of "taking address of packed
|
||||
member of ... may result in an unaligned pointer value" warnings.
|
||||
|
@ -1,3 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:98bbc84339311458aaa7725097230b2d8b9ab7076f44d830bb2d31a4b277a63a
|
||||
size 60868
|
||||
oid sha256:538acceeee5a8882a1bacc0a4601a05e402922c18bec4609c6491796073f8556
|
||||
size 44000
|
||||
|
@ -7,7 +7,7 @@
|
||||
# The following specifies the upstream tag or commit upon which our patchqueue
|
||||
# gets rebased. The special value LATEST may be used to "automatically" track
|
||||
# the upstream development tree in the master branch
|
||||
GIT_UPSTREAM_COMMIT_ISH=v5.0.0
|
||||
GIT_UPSTREAM_COMMIT_ISH=v5.1.0
|
||||
# WARNING: If transitioning from using LATEST to not, MANUALLY re-set the
|
||||
# tarball present. If transitioning TO LATEST, make sure that
|
||||
# NEXT_RELEASE_IS_MAJOR is set correctly
|
||||
|
@ -12,10 +12,10 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/configure b/configure
|
||||
index ef127fb1e0715da446b4a822e3ab..5a0a52e842df70b757252f89b74a 100755
|
||||
index a47fda0fb5267e153a3f1f3ee3bc..3b3c5dc2f93b87a91d247079f4c8 100755
|
||||
--- a/configure
|
||||
+++ b/configure
|
||||
@@ -6495,7 +6495,7 @@ if { test "$cpu" = "i386" || test "$cpu" = "x86_64"; } && \
|
||||
@@ -6770,7 +6770,7 @@ if { test "$cpu" = "i386" || test "$cpu" = "x86_64"; } && \
|
||||
fi
|
||||
|
||||
# Only build s390-ccw bios if we're on s390x and the compiler has -march=z900
|
||||
|
@ -18,10 +18,10 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/configure b/configure
|
||||
index 5a0a52e842df70b757252f89b74a..790337b204cdfa6d84b1f8524f90 100755
|
||||
index 3b3c5dc2f93b87a91d247079f4c8..4340229b47a3294307a08df3339e 100755
|
||||
--- a/configure
|
||||
+++ b/configure
|
||||
@@ -6939,7 +6939,7 @@ fi
|
||||
@@ -7229,7 +7229,7 @@ fi
|
||||
if test "$modules" = "yes"; then
|
||||
# $shacmd can generate a hash started with digit, which the compiler doesn't
|
||||
# like as an symbol. So prefix it with an underscore
|
||||
|
@ -14,7 +14,7 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/docs/index.html.in b/docs/index.html.in
|
||||
index e9a160384cfe939a3bccc51e5da9..2a76ade7bfd053f359d7782c7473 100644
|
||||
index 6736fa4360cfb8c40cbab2a362b0..ad431321ee858bcbe3e237e687b5 100644
|
||||
--- a/docs/index.html.in
|
||||
+++ b/docs/index.html.in
|
||||
@@ -7,6 +7,7 @@
|
||||
|
@ -6,6 +6,7 @@ Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Git-commit: 0000000000000000000000000000000000000000
|
||||
Include-If: %if 0%{?suse_version} > 1500
|
||||
|
||||
In Fedora 33 rawhide, we now have sphinx 3.1.1, as opposed
|
||||
to previous 2.2.2. This new version generates a warning on
|
||||
|
@ -8,7 +8,7 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/roms/seabios/Makefile b/roms/seabios/Makefile
|
||||
index ca8d0283922bbfa931e85511e921..d807c558ef0f09b5975f6ccc38f1 100644
|
||||
index edb83b7a1c77f7bb75c371330b2c..74a01853f26458d94d4a4e056b7b 100644
|
||||
--- a/roms/seabios/Makefile
|
||||
+++ b/roms/seabios/Makefile
|
||||
@@ -13,7 +13,7 @@ export CONFIG_SHELL := sh
|
||||
|
@ -1,60 +0,0 @@
|
||||
From: Prasad J Pandit <pjp@fedoraproject.org>
|
||||
Date: Fri, 15 May 2020 01:36:08 +0530
|
||||
Subject: es1370: check total frame count against current frame
|
||||
|
||||
Git-commit: 369ff955a8497988d079c4e3fa1e93c2570c1c69
|
||||
References: bsc#1172384, CVE-2020-13361
|
||||
|
||||
A guest user may set channel frame count via es1370_write()
|
||||
such that, in es1370_transfer_audio(), total frame count
|
||||
'size' is lesser than the number of frames that are processed
|
||||
'cnt'.
|
||||
|
||||
int cnt = d->frame_cnt >> 16;
|
||||
int size = d->frame_cnt & 0xffff;
|
||||
|
||||
if (size < cnt), it results in incorrect calculations leading
|
||||
to OOB access issue(s). Add check to avoid it.
|
||||
|
||||
Reported-by: Ren Ding <rding@gatech.edu>
|
||||
Reported-by: Hanqing Zhao <hanqing@gatech.edu>
|
||||
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
|
||||
Message-id: 20200514200608.1744203-1-ppandit@redhat.com
|
||||
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
hw/audio/es1370.c | 7 +++++--
|
||||
1 file changed, 5 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/hw/audio/es1370.c b/hw/audio/es1370.c
|
||||
index 89c4dabcd44fb2d7782e3cabc51d..5f8a83ff56241d94347c1e51419e 100644
|
||||
--- a/hw/audio/es1370.c
|
||||
+++ b/hw/audio/es1370.c
|
||||
@@ -643,6 +643,9 @@ static void es1370_transfer_audio (ES1370State *s, struct chan *d, int loop_sel,
|
||||
int csc_bytes = (csc + 1) << d->shift;
|
||||
int cnt = d->frame_cnt >> 16;
|
||||
int size = d->frame_cnt & 0xffff;
|
||||
+ if (size < cnt) {
|
||||
+ return;
|
||||
+ }
|
||||
int left = ((size - cnt + 1) << 2) + d->leftover;
|
||||
int transferred = 0;
|
||||
int temp = MIN (max, MIN (left, csc_bytes));
|
||||
@@ -651,7 +654,7 @@ static void es1370_transfer_audio (ES1370State *s, struct chan *d, int loop_sel,
|
||||
addr += (cnt << 2) + d->leftover;
|
||||
|
||||
if (index == ADC_CHANNEL) {
|
||||
- while (temp) {
|
||||
+ while (temp > 0) {
|
||||
int acquired, to_copy;
|
||||
|
||||
to_copy = MIN ((size_t) temp, sizeof (tmpbuf));
|
||||
@@ -669,7 +672,7 @@ static void es1370_transfer_audio (ES1370State *s, struct chan *d, int loop_sel,
|
||||
else {
|
||||
SWVoiceOut *voice = s->dac_voice[index];
|
||||
|
||||
- while (temp) {
|
||||
+ while (temp > 0) {
|
||||
int copied, to_copy;
|
||||
|
||||
to_copy = MIN ((size_t) temp, sizeof (tmpbuf));
|
@ -1,54 +0,0 @@
|
||||
From: Prasad J Pandit <pjp@fedoraproject.org>
|
||||
Date: Tue, 26 May 2020 16:47:43 +0530
|
||||
Subject: exec: set map length to zero when returning NULL
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Git-commit: 77f55eac6c433e23e82a1b88b2d74f385c4c7d82
|
||||
References: bsc#1172386, CVE-2020-13659
|
||||
|
||||
When mapping physical memory into host's virtual address space,
|
||||
'address_space_map' may return NULL if BounceBuffer is in_use.
|
||||
Set and return '*plen = 0' to avoid later NULL pointer dereference.
|
||||
|
||||
Reported-by: Alexander Bulekov <alxndr@bu.edu>
|
||||
Fixes: https://bugs.launchpad.net/qemu/+bug/1878259
|
||||
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
|
||||
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
|
||||
Message-Id: <20200526111743.428367-1-ppandit@redhat.com>
|
||||
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
exec.c | 1 +
|
||||
include/exec/memory.h | 3 ++-
|
||||
2 files changed, 3 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/exec.c b/exec.c
|
||||
index 2874bb508853d353bca3b9790e5d..2c419f327cf925ee55c46d111272 100644
|
||||
--- a/exec.c
|
||||
+++ b/exec.c
|
||||
@@ -3538,6 +3538,7 @@ void *address_space_map(AddressSpace *as,
|
||||
|
||||
if (!memory_access_is_direct(mr, is_write)) {
|
||||
if (atomic_xchg(&bounce.in_use, true)) {
|
||||
+ *plen = 0;
|
||||
return NULL;
|
||||
}
|
||||
/* Avoid unbounded allocations */
|
||||
diff --git a/include/exec/memory.h b/include/exec/memory.h
|
||||
index e000bd2f97b2fce76a41f9b5d9f3..8fa2d3cab2d51e5328e28151c65c 100644
|
||||
--- a/include/exec/memory.h
|
||||
+++ b/include/exec/memory.h
|
||||
@@ -2303,7 +2303,8 @@ bool address_space_access_valid(AddressSpace *as, hwaddr addr, hwaddr len,
|
||||
/* address_space_map: map a physical memory region into a host virtual address
|
||||
*
|
||||
* May map a subset of the requested range, given by and returned in @plen.
|
||||
- * May return %NULL if resources needed to perform the mapping are exhausted.
|
||||
+ * May return %NULL and set *@plen to zero(0), if resources needed to perform
|
||||
+ * the mapping are exhausted.
|
||||
* Use only for reads OR writes - not for read-modify-write operations.
|
||||
* Use cpu_register_map_client() to know when retrying the map operation is
|
||||
* likely to succeed.
|
@ -1,30 +0,0 @@
|
||||
From: Bruce Rogers <brogers@suse.com>
|
||||
Date: Wed, 22 Apr 2020 08:50:55 -0600
|
||||
Subject: gcc10: maybe-uninitialized
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
References: boo#1169728
|
||||
|
||||
gcc 10 needs some help to understand that indeed cpu_irqs[0] does get
|
||||
initialized in all cases. In this case an assert is sufficient.
|
||||
|
||||
Reported-by: Martin Liška <mliska@suse.cz>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
hw/openrisc/openrisc_sim.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/hw/openrisc/openrisc_sim.c b/hw/openrisc/openrisc_sim.c
|
||||
index d08ce6181199aa1e75a7c5bc2157..02f5259e5e33272b17bba701f5d5 100644
|
||||
--- a/hw/openrisc/openrisc_sim.c
|
||||
+++ b/hw/openrisc/openrisc_sim.c
|
||||
@@ -134,6 +134,7 @@ static void openrisc_sim_init(MachineState *machine)
|
||||
int n;
|
||||
unsigned int smp_cpus = machine->smp.cpus;
|
||||
|
||||
+ assert(smp_cpus >= 1 && smp_cpus <= 2);
|
||||
for (n = 0; n < smp_cpus; n++) {
|
||||
cpu = OPENRISC_CPU(cpu_create(machine->cpu_type));
|
||||
if (cpu == NULL) {
|
26
hw-hyperv-vmbus-Fix-32bit-compilation.patch
Normal file
26
hw-hyperv-vmbus-Fix-32bit-compilation.patch
Normal file
@ -0,0 +1,26 @@
|
||||
From: Jon Doron <arilou@gmail.com>
|
||||
Date: Wed, 15 Jul 2020 11:43:26 +0300
|
||||
Subject: hw: hyperv: vmbus: Fix 32bit compilation
|
||||
|
||||
Git-commit: 0000000000000000000000000000000000000000
|
||||
|
||||
Signed-off-by: Jon Doron <arilou@gmail.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
hw/hyperv/vmbus.c | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/hw/hyperv/vmbus.c b/hw/hyperv/vmbus.c
|
||||
index 34392e892af6228f270ec327563e..c28bb4201be449eb6dae4b0e0218 100644
|
||||
--- a/hw/hyperv/vmbus.c
|
||||
+++ b/hw/hyperv/vmbus.c
|
||||
@@ -383,7 +383,8 @@ static ssize_t gpadl_iter_io(GpadlIter *iter, void *buf, uint32_t len)
|
||||
}
|
||||
}
|
||||
|
||||
- p = (void *)(((uintptr_t)iter->map & TARGET_PAGE_MASK) | off_in_page);
|
||||
+ p = (void *)(uintptr_t)(((uintptr_t)iter->map & TARGET_PAGE_MASK) |
|
||||
+ off_in_page);
|
||||
if (iter->dir == DMA_DIRECTION_FROM_DEVICE) {
|
||||
memcpy(p, buf, cplen);
|
||||
} else {
|
@ -41,10 +41,10 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/hw/intc/exynos4210_gic.c b/hw/intc/exynos4210_gic.c
|
||||
index 82c8f4192cbc34fe4c8762846728..50958b31c9173aba84b7443950cb 100644
|
||||
index 0aa3b843a9e045348b719cb4b8a4..83506dda3c9142350319d7f4dd5c 100644
|
||||
--- a/hw/intc/exynos4210_gic.c
|
||||
+++ b/hw/intc/exynos4210_gic.c
|
||||
@@ -290,8 +290,8 @@ static void exynos4210_gic_realize(DeviceState *dev, Error **errp)
|
||||
@@ -291,8 +291,8 @@ static void exynos4210_gic_realize(DeviceState *dev, Error **errp)
|
||||
SysBusDevice *sbd = SYS_BUS_DEVICE(obj);
|
||||
const char cpu_prefix[] = "exynos4210-gic-alias_cpu";
|
||||
const char dist_prefix[] = "exynos4210-gic-alias_dist";
|
||||
|
@ -16,18 +16,18 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
1 file changed, 39 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/hw/smbios/smbios.c b/hw/smbios/smbios.c
|
||||
index ffd98727ee9e503dfce5e5c92241..a50b5aea6545f1d702278e838cf2 100644
|
||||
index f56082690437df2962681ea823d3..4ad74efc8e764429b5567c91d7ed 100644
|
||||
--- a/hw/smbios/smbios.c
|
||||
+++ b/hw/smbios/smbios.c
|
||||
@@ -963,6 +963,7 @@ void smbios_entry_add(QemuOpts *opts, Error **errp)
|
||||
@@ -962,6 +962,7 @@ void smbios_entry_add(QemuOpts *opts, Error **errp)
|
||||
struct smbios_structure_header *header;
|
||||
int size;
|
||||
struct smbios_table *table; /* legacy mode only */
|
||||
+ uint8_t *dbl_nulls, *orig_end;
|
||||
|
||||
qemu_opts_validate(opts, qemu_smbios_file_opts, &err);
|
||||
if (err) {
|
||||
@@ -977,11 +978,21 @@ void smbios_entry_add(QemuOpts *opts, Error **errp)
|
||||
if (!qemu_opts_validate(opts, qemu_smbios_file_opts, errp)) {
|
||||
return;
|
||||
@@ -974,11 +975,21 @@ void smbios_entry_add(QemuOpts *opts, Error **errp)
|
||||
}
|
||||
|
||||
/*
|
||||
@ -53,7 +53,7 @@ index ffd98727ee9e503dfce5e5c92241..a50b5aea6545f1d702278e838cf2 100644
|
||||
header = (struct smbios_structure_header *)(smbios_tables +
|
||||
smbios_tables_len);
|
||||
|
||||
@@ -996,6 +1007,19 @@ void smbios_entry_add(QemuOpts *opts, Error **errp)
|
||||
@@ -993,6 +1004,19 @@ void smbios_entry_add(QemuOpts *opts, Error **errp)
|
||||
header->type);
|
||||
return;
|
||||
}
|
||||
@ -73,7 +73,7 @@ index ffd98727ee9e503dfce5e5c92241..a50b5aea6545f1d702278e838cf2 100644
|
||||
set_bit(header->type, have_binfile_bitmap);
|
||||
|
||||
if (header->type == 4) {
|
||||
@@ -1016,6 +1040,17 @@ void smbios_entry_add(QemuOpts *opts, Error **errp)
|
||||
@@ -1013,6 +1037,17 @@ void smbios_entry_add(QemuOpts *opts, Error **errp)
|
||||
* delete the one we don't need from smbios_set_defaults(),
|
||||
* once we know which machine version has been requested.
|
||||
*/
|
||||
|
@ -17,10 +17,10 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
1 file changed, 13 insertions(+)
|
||||
|
||||
diff --git a/hw/usb/dev-mtp.c b/hw/usb/dev-mtp.c
|
||||
index 20717f026bc03922944317f73a68..e640fe183a0b407db555aade6e16 100644
|
||||
index 15a2243101f8c465e038e26c6551..d4d3a388f2034d735a6595fdaa36 100644
|
||||
--- a/hw/usb/dev-mtp.c
|
||||
+++ b/hw/usb/dev-mtp.c
|
||||
@@ -1722,9 +1722,22 @@ static void usb_mtp_write_metadata(MTPState *s, uint64_t dlen)
|
||||
@@ -1721,9 +1721,22 @@ static void usb_mtp_write_metadata(MTPState *s, uint64_t dlen)
|
||||
assert(!s->write_pending);
|
||||
assert(p != NULL);
|
||||
|
||||
|
@ -28,7 +28,7 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
|
||||
index b330e36fe6cc69a3b47ddd51ccba..8c4e4b66dd33ee482125b98846b7 100644
|
||||
index 67a18fe2b64c2cc0f77be5897c5d..79386df49b7aaec7c2f2b4c19b6f 100644
|
||||
--- a/hw/usb/hcd-xhci.c
|
||||
+++ b/hw/usb/hcd-xhci.c
|
||||
@@ -3340,6 +3340,7 @@ static void usb_xhci_init(XHCIState *xhci)
|
||||
|
@ -1,36 +0,0 @@
|
||||
From: Thomas Huth <thuth@redhat.com>
|
||||
Date: Thu, 11 Jun 2020 11:36:40 -0600
|
||||
Subject: hw/vfio/pci-quirks: Fix broken legacy IGD passthrough
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Git-commit: 643a4eacef87a318cf71800a4fb2ae1f78c4b245
|
||||
|
||||
The #ifdef CONFIG_VFIO_IGD in pci-quirks.c is not working since the
|
||||
required header config-devices.h is not included, so that the legacy
|
||||
IGD passthrough is currently broken. Let's include the right header
|
||||
to fix this issue.
|
||||
|
||||
Buglink: https://bugs.launchpad.net/qemu/+bug/1882784
|
||||
Fixes: 29d62771c81d ("hw/vfio: Move the IGD quirk code to a separate file")
|
||||
Signed-off-by: Thomas Huth <thuth@redhat.com>
|
||||
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
hw/vfio/pci-quirks.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/hw/vfio/pci-quirks.c b/hw/vfio/pci-quirks.c
|
||||
index 2d348f8237fa6a8e7aac10a4a920..656098b827c69f04ac1d6e2ff227 100644
|
||||
--- a/hw/vfio/pci-quirks.c
|
||||
+++ b/hw/vfio/pci-quirks.c
|
||||
@@ -11,6 +11,7 @@
|
||||
*/
|
||||
|
||||
#include "qemu/osdep.h"
|
||||
+#include "config-devices.h"
|
||||
#include "exec/memop.h"
|
||||
#include "qemu/units.h"
|
||||
#include "qemu/error-report.h"
|
@ -18,10 +18,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
|
||||
index e818fc712aca18df805859d10ede..bafc094406d16f6f8c1d41d69ff6 100644
|
||||
index e1a5c174dce15c4620bb94bc2826..2dc6d4ae0b61303401cc08bfb7ae 100644
|
||||
--- a/target/i386/cpu.h
|
||||
+++ b/target/i386/cpu.h
|
||||
@@ -1942,7 +1942,7 @@ uint64_t cpu_get_tsc(CPUX86State *env);
|
||||
@@ -1963,7 +1963,7 @@ uint64_t cpu_get_tsc(CPUX86State *env);
|
||||
/* XXX: This value should match the one returned by CPUID
|
||||
* and in exec.c */
|
||||
# if defined(TARGET_X86_64)
|
||||
|
@ -4,7 +4,7 @@ Subject: [intel] Avoid spurious compiler warning on GCC 10
|
||||
|
||||
Git-commit: 28cf9806d1632d378485005babec295da0c77fcf
|
||||
References: boo#1171123
|
||||
`
|
||||
|
||||
GCC 10 produces a spurious warning about an out-of-bounds array access
|
||||
for the unsized raw dword array in union intelvf_msg.
|
||||
|
||||
|
@ -14,7 +14,7 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
1 file changed, 10 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/roms/ipxe/src/Makefile.housekeeping b/roms/ipxe/src/Makefile.housekeeping
|
||||
index 893bd20f1fd5cecf0e480dee05bd..9c33cc08c4db1bbd0f9966924fce 100644
|
||||
index f6f3e29248d3e59b76de690aeb0c..d94eb1454c9168545c933ec6e900 100644
|
||||
--- a/roms/ipxe/src/Makefile.housekeeping
|
||||
+++ b/roms/ipxe/src/Makefile.housekeeping
|
||||
@@ -1172,11 +1172,18 @@ blib : $(BLIB)
|
||||
|
@ -21,10 +21,10 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
|
||||
1 file changed, 24 insertions(+)
|
||||
|
||||
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
|
||||
index 894627b9dc8d4f72c06bab90aa9b..39b824760a29765dc9538d8574e5 100644
|
||||
index 1a835798d19cc77da8d7ec6bdc7b..5cd29859d6ac5349f04c03996b12 100644
|
||||
--- a/linux-user/syscall.c
|
||||
+++ b/linux-user/syscall.c
|
||||
@@ -7344,6 +7344,27 @@ static int open_self_stat(void *cpu_env, int fd)
|
||||
@@ -7473,6 +7473,27 @@ static int open_self_stat(void *cpu_env, int fd)
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -52,8 +52,8 @@ index 894627b9dc8d4f72c06bab90aa9b..39b824760a29765dc9538d8574e5 100644
|
||||
static int open_self_auxv(void *cpu_env, int fd)
|
||||
{
|
||||
CPUState *cpu = env_cpu((CPUArchState *)cpu_env);
|
||||
@@ -7486,6 +7507,9 @@ static int do_openat(void *cpu_env, int dirfd, const char *pathname, int flags,
|
||||
#if defined(TARGET_SPARC)
|
||||
@@ -7627,6 +7648,9 @@ static int do_openat(void *cpu_env, int dirfd, const char *pathname, int flags,
|
||||
#if defined(TARGET_SPARC) || defined(TARGET_HPPA)
|
||||
{ "/proc/cpuinfo", open_cpuinfo, is_proc },
|
||||
#endif
|
||||
+#if defined(TARGET_ARM)
|
||||
|
@ -35,7 +35,7 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
|
||||
3 files changed, 56 insertions(+)
|
||||
|
||||
diff --git a/Makefile.target b/Makefile.target
|
||||
index 8ed1eba95b9c29ab4e47349cbdb2..8b5d84006cb32d4463f13059de93 100644
|
||||
index ffa2657269ac5e4ed4eab213e1bd..b6621549b8909d76e64cc0c5c2f3 100644
|
||||
--- a/Makefile.target
|
||||
+++ b/Makefile.target
|
||||
@@ -39,6 +39,10 @@ endif
|
||||
@ -58,7 +58,7 @@ index 8ed1eba95b9c29ab4e47349cbdb2..8b5d84006cb32d4463f13059de93 100644
|
||||
endif #CONFIG_LINUX_USER
|
||||
|
||||
#########################################################
|
||||
@@ -176,7 +182,11 @@ generated-files-y += config-devices.h
|
||||
@@ -173,7 +179,11 @@ generated-files-y += config-devices.h
|
||||
|
||||
endif # CONFIG_SOFTMMU
|
||||
|
||||
@ -69,8 +69,8 @@ index 8ed1eba95b9c29ab4e47349cbdb2..8b5d84006cb32d4463f13059de93 100644
|
||||
+endif
|
||||
all-obj-y := $(obj-y)
|
||||
|
||||
include $(SRC_PATH)/Makefile.objs
|
||||
@@ -211,6 +221,9 @@ ifdef CONFIG_DARWIN
|
||||
#
|
||||
@@ -222,6 +232,9 @@ ifdef CONFIG_DARWIN
|
||||
$(call quiet-command,SetFile -a C $@,"SETFILE","$(TARGET_DIR)$@")
|
||||
endif
|
||||
|
||||
|
@ -15,10 +15,10 @@ Signed-off-by: Alexander Graf <agraf@suse.de>
|
||||
1 file changed, 7 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
|
||||
index 0317c64f4ae460c972fe4fe67ef8..6ada54d3a19e455c0c12a1d4b321 100644
|
||||
index 9ec933bdc0078f3fc62bfd499957..78a1f6c347511b85634da898f831 100644
|
||||
--- a/linux-user/syscall.c
|
||||
+++ b/linux-user/syscall.c
|
||||
@@ -8005,8 +8005,13 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_ulong arg1,
|
||||
@@ -8149,8 +8149,13 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_ulong arg1,
|
||||
return ret;
|
||||
#endif
|
||||
#ifdef TARGET_NR_lseek
|
||||
|
@ -15,10 +15,10 @@ Signed-off-by: Andreas Schwab <schwab@suse.de>
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
|
||||
index 6ada54d3a19e455c0c12a1d4b321..69c9dee831d8fdb96cde3a0b996c 100644
|
||||
index 78a1f6c347511b85634da898f831..d70d8a59f44feaf126d8b6187f17 100644
|
||||
--- a/linux-user/syscall.c
|
||||
+++ b/linux-user/syscall.c
|
||||
@@ -10052,7 +10052,7 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_ulong arg1,
|
||||
@@ -10207,7 +10207,7 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_ulong arg1,
|
||||
{
|
||||
struct timespec ts, *pts;
|
||||
|
||||
|
@ -16,10 +16,10 @@ Signed-off-by: Alexander Graf <agraf@suse.de>
|
||||
2 files changed, 13 insertions(+), 13 deletions(-)
|
||||
|
||||
diff --git a/linux-user/qemu.h b/linux-user/qemu.h
|
||||
index 792c74290f8d376235b07f3f8ef0..956ad6db3df11684132402dd877b 100644
|
||||
index 5c964389c101ce00fcffe206bc69..76d0399e82d5c2b599b9472e0743 100644
|
||||
--- a/linux-user/qemu.h
|
||||
+++ b/linux-user/qemu.h
|
||||
@@ -207,10 +207,10 @@ abi_long memcpy_to_target(abi_ulong dest, const void *src,
|
||||
@@ -227,10 +227,10 @@ abi_long memcpy_to_target(abi_ulong dest, const void *src,
|
||||
void target_set_brk(abi_ulong new_brk);
|
||||
abi_long do_brk(abi_ulong new_brk);
|
||||
void syscall_init(void);
|
||||
@ -35,10 +35,10 @@ index 792c74290f8d376235b07f3f8ef0..956ad6db3df11684132402dd877b 100644
|
||||
void cpu_loop(CPUArchState *env);
|
||||
const char *target_strerror(int err);
|
||||
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
|
||||
index 39b824760a29765dc9538d8574e5..0317c64f4ae460c972fe4fe67ef8 100644
|
||||
index 5cd29859d6ac5349f04c03996b12..9ec933bdc0078f3fc62bfd499957 100644
|
||||
--- a/linux-user/syscall.c
|
||||
+++ b/linux-user/syscall.c
|
||||
@@ -7650,10 +7650,10 @@ static int host_to_target_cpu_mask(const unsigned long *host_mask,
|
||||
@@ -7791,10 +7791,10 @@ static int host_to_target_cpu_mask(const unsigned long *host_mask,
|
||||
* of syscall results, can be performed.
|
||||
* All errnos that do_syscall() returns must be -TARGET_<errcode>.
|
||||
*/
|
||||
@ -53,7 +53,7 @@ index 39b824760a29765dc9538d8574e5..0317c64f4ae460c972fe4fe67ef8 100644
|
||||
{
|
||||
CPUState *cpu = env_cpu(cpu_env);
|
||||
abi_long ret;
|
||||
@@ -10423,7 +10423,7 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1,
|
||||
@@ -10578,7 +10578,7 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1,
|
||||
*/
|
||||
ret = -TARGET_EINVAL;
|
||||
if (cpu_isar_feature(aa64_sve, env_archcpu(cpu_env))
|
||||
@ -62,7 +62,7 @@ index 39b824760a29765dc9538d8574e5..0317c64f4ae460c972fe4fe67ef8 100644
|
||||
CPUARMState *env = cpu_env;
|
||||
ARMCPU *cpu = env_archcpu(env);
|
||||
uint32_t vq, old_vq;
|
||||
@@ -12456,10 +12456,10 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1,
|
||||
@@ -12610,10 +12610,10 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1,
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
@ -1,50 +0,0 @@
|
||||
From: Prasad J Pandit <pjp@fedoraproject.org>
|
||||
Date: Thu, 14 May 2020 00:55:38 +0530
|
||||
Subject: megasas: use unsigned type for reply_queue_head and check index
|
||||
|
||||
Git-commit: f50ab86a2620bd7e8507af865b164655ee921661
|
||||
References: bsc#1172383, CVE-2020-13362
|
||||
|
||||
A guest user may set 'reply_queue_head' field of MegasasState to
|
||||
a negative value. Later in 'megasas_lookup_frame' it is used to
|
||||
index into s->frames[] array. Use unsigned type to avoid OOB
|
||||
access issue.
|
||||
|
||||
Also check that 'index' value stays within s->frames[] bounds
|
||||
through the while() loop in 'megasas_lookup_frame' to avoid OOB
|
||||
access.
|
||||
|
||||
Reported-by: Ren Ding <rding@gatech.edu>
|
||||
Reported-by: Hanqing Zhao <hanqing@gatech.edu>
|
||||
Reported-by: Alexander Bulekov <alxndr@bu.edu>
|
||||
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
|
||||
Acked-by: Alexander Bulekov <alxndr@bu.edu>
|
||||
Message-Id: <20200513192540.1583887-2-ppandit@redhat.com>
|
||||
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
hw/scsi/megasas.c | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
|
||||
index af18c88b656e7f5fa299c5f0dda1..6ce598cd6908b5223470b506c481 100644
|
||||
--- a/hw/scsi/megasas.c
|
||||
+++ b/hw/scsi/megasas.c
|
||||
@@ -112,7 +112,7 @@ typedef struct MegasasState {
|
||||
uint64_t reply_queue_pa;
|
||||
void *reply_queue;
|
||||
int reply_queue_len;
|
||||
- int reply_queue_head;
|
||||
+ uint16_t reply_queue_head;
|
||||
int reply_queue_tail;
|
||||
uint64_t consumer_pa;
|
||||
uint64_t producer_pa;
|
||||
@@ -445,7 +445,7 @@ static MegasasCmd *megasas_lookup_frame(MegasasState *s,
|
||||
|
||||
index = s->reply_queue_head;
|
||||
|
||||
- while (num < s->fw_cmds) {
|
||||
+ while (num < s->fw_cmds && index < MEGASAS_MAX_FRAMES) {
|
||||
if (s->frames[index].pa && s->frames[index].pa == frame) {
|
||||
cmd = &s->frames[index];
|
||||
break;
|
@ -1,148 +0,0 @@
|
||||
From: Eric Blake <eblake@redhat.com>
|
||||
Date: Mon, 8 Jun 2020 13:26:37 -0500
|
||||
Subject: nbd/server: Avoid long error message assertions CVE-2020-10761
|
||||
|
||||
Git-commit: 5c4fe018c025740fef4a0a4421e8162db0c3eefd
|
||||
References: bsc#1172710, CVE-2020-10761
|
||||
|
||||
Ever since commit 36683283 (v2.8), the server code asserts that error
|
||||
strings sent to the client are well-formed per the protocol by not
|
||||
exceeding the maximum string length of 4096. At the time the server
|
||||
first started sending error messages, the assertion could not be
|
||||
triggered, because messages were completely under our control.
|
||||
However, over the years, we have added latent scenarios where a client
|
||||
could trigger the server to attempt an error message that would
|
||||
include the client's information if it passed other checks first:
|
||||
|
||||
- requesting NBD_OPT_INFO/GO on an export name that is not present
|
||||
(commit 0cfae925 in v2.12 echoes the name)
|
||||
|
||||
- requesting NBD_OPT_LIST/SET_META_CONTEXT on an export name that is
|
||||
not present (commit e7b1948d in v2.12 echoes the name)
|
||||
|
||||
At the time, those were still safe because we flagged names larger
|
||||
than 256 bytes with a different message; but that changed in commit
|
||||
93676c88 (v4.2) when we raised the name limit to 4096 to match the NBD
|
||||
string limit. (That commit also failed to change the magic number
|
||||
4096 in nbd_negotiate_send_rep_err to the just-introduced named
|
||||
constant.) So with that commit, long client names appended to server
|
||||
text can now trigger the assertion, and thus be used as a denial of
|
||||
service attack against a server. As a mitigating factor, if the
|
||||
server requires TLS, the client cannot trigger the problematic paths
|
||||
unless it first supplies TLS credentials, and such trusted clients are
|
||||
less likely to try to intentionally crash the server.
|
||||
|
||||
We may later want to further sanitize the user-supplied strings we
|
||||
place into our error messages, such as scrubbing out control
|
||||
characters, but that is less important to the CVE fix, so it can be a
|
||||
later patch to the new nbd_sanitize_name.
|
||||
|
||||
Consideration was given to changing the assertion in
|
||||
nbd_negotiate_send_rep_verr to instead merely log a server error and
|
||||
truncate the message, to avoid leaving a latent path that could
|
||||
trigger a future CVE DoS on any new error message. However, this
|
||||
merely complicates the code for something that is already (correctly)
|
||||
flagging coding errors, and now that we are aware of the long message
|
||||
pitfall, we are less likely to introduce such errors in the future,
|
||||
which would make such error handling dead code.
|
||||
|
||||
Reported-by: Xueqiang Wei <xuwei@redhat.com>
|
||||
CC: qemu-stable@nongnu.org
|
||||
Fixes: https://bugzilla.redhat.com/1843684 CVE-2020-10761
|
||||
Fixes: 93676c88d7
|
||||
Signed-off-by: Eric Blake <eblake@redhat.com>
|
||||
Message-Id: <20200610163741.3745251-2-eblake@redhat.com>
|
||||
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
nbd/server.c | 23 ++++++++++++++++++++---
|
||||
tests/qemu-iotests/143 | 4 ++++
|
||||
tests/qemu-iotests/143.out | 2 ++
|
||||
3 files changed, 26 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/nbd/server.c b/nbd/server.c
|
||||
index 02b1ed080145b3f99979887d4268..20754e9ebc3c1342692c99e7a99f 100644
|
||||
--- a/nbd/server.c
|
||||
+++ b/nbd/server.c
|
||||
@@ -217,7 +217,7 @@ nbd_negotiate_send_rep_verr(NBDClient *client, uint32_t type,
|
||||
|
||||
msg = g_strdup_vprintf(fmt, va);
|
||||
len = strlen(msg);
|
||||
- assert(len < 4096);
|
||||
+ assert(len < NBD_MAX_STRING_SIZE);
|
||||
trace_nbd_negotiate_send_rep_err(msg);
|
||||
ret = nbd_negotiate_send_rep_len(client, type, len, errp);
|
||||
if (ret < 0) {
|
||||
@@ -231,6 +231,19 @@ nbd_negotiate_send_rep_verr(NBDClient *client, uint32_t type,
|
||||
return 0;
|
||||
}
|
||||
|
||||
+/*
|
||||
+ * Return a malloc'd copy of @name suitable for use in an error reply.
|
||||
+ */
|
||||
+static char *
|
||||
+nbd_sanitize_name(const char *name)
|
||||
+{
|
||||
+ if (strnlen(name, 80) < 80) {
|
||||
+ return g_strdup(name);
|
||||
+ }
|
||||
+ /* XXX Should we also try to sanitize any control characters? */
|
||||
+ return g_strdup_printf("%.80s...", name);
|
||||
+}
|
||||
+
|
||||
/* Send an error reply.
|
||||
* Return -errno on error, 0 on success. */
|
||||
static int GCC_FMT_ATTR(4, 5)
|
||||
@@ -595,9 +608,11 @@ static int nbd_negotiate_handle_info(NBDClient *client, Error **errp)
|
||||
|
||||
exp = nbd_export_find(name);
|
||||
if (!exp) {
|
||||
+ g_autofree char *sane_name = nbd_sanitize_name(name);
|
||||
+
|
||||
return nbd_negotiate_send_rep_err(client, NBD_REP_ERR_UNKNOWN,
|
||||
errp, "export '%s' not present",
|
||||
- name);
|
||||
+ sane_name);
|
||||
}
|
||||
|
||||
/* Don't bother sending NBD_INFO_NAME unless client requested it */
|
||||
@@ -995,8 +1010,10 @@ static int nbd_negotiate_meta_queries(NBDClient *client,
|
||||
|
||||
meta->exp = nbd_export_find(export_name);
|
||||
if (meta->exp == NULL) {
|
||||
+ g_autofree char *sane_name = nbd_sanitize_name(export_name);
|
||||
+
|
||||
return nbd_opt_drop(client, NBD_REP_ERR_UNKNOWN, errp,
|
||||
- "export '%s' not present", export_name);
|
||||
+ "export '%s' not present", sane_name);
|
||||
}
|
||||
|
||||
ret = nbd_opt_read(client, &nb_queries, sizeof(nb_queries), errp);
|
||||
diff --git a/tests/qemu-iotests/143 b/tests/qemu-iotests/143
|
||||
index f649b36195011e9b0f19e4b51a8d..d2349903b1b5fa1b48ffc3e7a00d 100755
|
||||
--- a/tests/qemu-iotests/143
|
||||
+++ b/tests/qemu-iotests/143
|
||||
@@ -58,6 +58,10 @@ _send_qemu_cmd $QEMU_HANDLE \
|
||||
$QEMU_IO_PROG -f raw -c quit \
|
||||
"nbd+unix:///no_such_export?socket=$SOCK_DIR/nbd" 2>&1 \
|
||||
| _filter_qemu_io | _filter_nbd
|
||||
+# Likewise, with longest possible name permitted in NBD protocol
|
||||
+$QEMU_IO_PROG -f raw -c quit \
|
||||
+ "nbd+unix:///$(printf %4096d 1 | tr ' ' a)?socket=$SOCK_DIR/nbd" 2>&1 \
|
||||
+ | _filter_qemu_io | _filter_nbd | sed 's/aaaa*aa/aa--aa/'
|
||||
|
||||
_send_qemu_cmd $QEMU_HANDLE \
|
||||
"{ 'execute': 'quit' }" \
|
||||
diff --git a/tests/qemu-iotests/143.out b/tests/qemu-iotests/143.out
|
||||
index 1f4001c6013137a13d90f64b4f86..fc9c0a761fa107a5c800d27af843 100644
|
||||
--- a/tests/qemu-iotests/143.out
|
||||
+++ b/tests/qemu-iotests/143.out
|
||||
@@ -5,6 +5,8 @@ QA output created by 143
|
||||
{"return": {}}
|
||||
qemu-io: can't open device nbd+unix:///no_such_export?socket=SOCK_DIR/nbd: Requested export not available
|
||||
server reported: export 'no_such_export' not present
|
||||
+qemu-io: can't open device nbd+unix:///aa--aa1?socket=SOCK_DIR/nbd: Requested export not available
|
||||
+server reported: export 'aa--aa...' not present
|
||||
{ 'execute': 'quit' }
|
||||
{"return": {}}
|
||||
{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN", "data": {"guest": false, "reason": "host-qmp-quit"}}
|
@ -11,13 +11,13 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/pc-bios/s390-ccw/netboot.mak b/pc-bios/s390-ccw/netboot.mak
|
||||
index 5eefb7c289395ca37fcd241ce53d..ea2994722cde7e8a65796d374dc7 100644
|
||||
index 577c023afe3db17ada307b2abbcc..cea8fb8532ddccda2390d936c93f 100644
|
||||
--- a/pc-bios/s390-ccw/netboot.mak
|
||||
+++ b/pc-bios/s390-ccw/netboot.mak
|
||||
@@ -53,6 +53,7 @@ libc.a: $(LIBCOBJS)
|
||||
LIBNETOBJS := args.o dhcp.o dns.o icmpv6.o ipv6.o tcp.o udp.o bootp.o \
|
||||
@@ -54,6 +54,7 @@ LIBNETOBJS := args.o dhcp.o dns.o icmpv6.o ipv6.o tcp.o udp.o bootp.o \
|
||||
dhcpv6.o ethernet.o ipv4.o ndp.o tftp.o pxelinux.o
|
||||
LIBNETCFLAGS := $(QEMU_CFLAGS) $(CFLAGS) -DDHCPARCH=0x1F $(LIBC_INC) $(LIBNET_INC)
|
||||
LIBNETCFLAGS = $(QEMU_CFLAGS) $(CFLAGS) $(LIBC_INC) $(LIBNET_INC) \
|
||||
-DDHCPARCH=0x1F -MMD -MP -MT $@ -MF $(@:%.o=%.d)
|
||||
+LIBNETCFLAGS += -Wno-address-of-packed-member
|
||||
|
||||
%.o : $(SLOF_DIR)/lib/libnet/%.c
|
||||
|
@ -1,38 +0,0 @@
|
||||
From: Suraj Jitindar Singh <sjitindarsingh@gmail.com>
|
||||
Date: Tue, 12 Jun 2018 15:16:30 +1000
|
||||
Subject: ppc/spapr_caps: Don't disable cap_cfpc on POWER8 by default
|
||||
|
||||
Git-commit: b2540203bdf4a390c3489146eae82ce237303653
|
||||
References: bsc#1174374
|
||||
|
||||
In default_caps_with_cpu() we set spapr_cap_cfpc to broken for POWER8
|
||||
processors and before.
|
||||
|
||||
Since we no longer require private l1d cache on POWER8 for this cap to
|
||||
be set to workaround change this to default to broken for POWER7
|
||||
processors and before.
|
||||
|
||||
Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com>
|
||||
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
|
||||
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
|
||||
Signed-off-by: Liang Yan <lyan@suse.com>
|
||||
---
|
||||
hw/ppc/spapr_caps.c | 5 -----
|
||||
1 file changed, 5 deletions(-)
|
||||
|
||||
diff --git a/hw/ppc/spapr_caps.c b/hw/ppc/spapr_caps.c
|
||||
index eb54f9422722f8be922c275c4217..1134f7a1c7cd51be7d0111c6bf85 100644
|
||||
--- a/hw/ppc/spapr_caps.c
|
||||
+++ b/hw/ppc/spapr_caps.c
|
||||
@@ -643,11 +643,6 @@ static SpaprCapabilities default_caps_with_cpu(SpaprMachineState *spapr,
|
||||
|
||||
caps = smc->default_caps;
|
||||
|
||||
- if (!ppc_type_check_compat(cputype, CPU_POWERPC_LOGICAL_3_00,
|
||||
- 0, spapr->max_compat_pvr)) {
|
||||
- caps.caps[SPAPR_CAP_LARGE_DECREMENTER] = SPAPR_CAP_OFF;
|
||||
- }
|
||||
-
|
||||
if (!ppc_type_check_compat(cputype, CPU_POWERPC_LOGICAL_2_07,
|
||||
0, spapr->max_compat_pvr)) {
|
||||
caps.caps[SPAPR_CAP_HTM] = SPAPR_CAP_OFF;
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:2f13a92a0fa5c8b69ff0796b59b86b080bbb92ebad5d301a7724dd06b5e78cb6
|
||||
size 62426192
|
Binary file not shown.
3
qemu-5.1.0.tar.xz
Normal file
3
qemu-5.1.0.tar.xz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:c9174eb5933d9eb5e61f541cd6d1184cd3118dfe4c5c4955bc1bdc4d390fa4e5
|
||||
size 62911540
|
BIN
qemu-5.1.0.tar.xz.sig
Normal file
BIN
qemu-5.1.0.tar.xz.sig
Normal file
Binary file not shown.
@ -11,10 +11,10 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
|
||||
index 05f03919ff070a06444d82e86a70..1a350d1a9e0ff9f99e36817a6ecc 100644
|
||||
index 945fc252791ce79d968dba5f9545..b1e68b7b1b3d689af62cd271cf31 100644
|
||||
--- a/linux-user/syscall.c
|
||||
+++ b/linux-user/syscall.c
|
||||
@@ -8837,6 +8837,9 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1,
|
||||
@@ -8988,6 +8988,9 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1,
|
||||
{
|
||||
struct timeval tv;
|
||||
struct timezone tz;
|
||||
|
@ -13,10 +13,10 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
1 file changed, 14 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
|
||||
index 1a350d1a9e0ff9f99e36817a6ecc..946c1e3a1957ea43368311acecda 100644
|
||||
index b1e68b7b1b3d689af62cd271cf31..8a80cf418ab4299548a85b90e427 100644
|
||||
--- a/linux-user/syscall.c
|
||||
+++ b/linux-user/syscall.c
|
||||
@@ -5301,8 +5301,21 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
|
||||
@@ -5440,8 +5440,21 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
|
||||
ie = ioctl_entries;
|
||||
for(;;) {
|
||||
if (ie->target_cmd == 0) {
|
||||
|
@ -16,10 +16,10 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
1 file changed, 8 insertions(+)
|
||||
|
||||
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
|
||||
index 946c1e3a1957ea43368311acecda..894627b9dc8d4f72c06bab90aa9b 100644
|
||||
index 8a80cf418ab4299548a85b90e427..1a835798d19cc77da8d7ec6bdc7b 100644
|
||||
--- a/linux-user/syscall.c
|
||||
+++ b/linux-user/syscall.c
|
||||
@@ -5346,6 +5346,13 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
|
||||
@@ -5485,6 +5485,13 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
|
||||
arg_type++;
|
||||
target_size = thunk_type_size(arg_type, 0);
|
||||
switch(ie->access) {
|
||||
@ -33,7 +33,7 @@ index 946c1e3a1957ea43368311acecda..894627b9dc8d4f72c06bab90aa9b 100644
|
||||
case IOC_R:
|
||||
ret = get_errno(safe_ioctl(fd, ie->host_cmd, buf_temp));
|
||||
if (!is_error(ret)) {
|
||||
@@ -5364,6 +5371,7 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
|
||||
@@ -5503,6 +5510,7 @@ static abi_long do_ioctl(int fd, int cmd, abi_long arg)
|
||||
unlock_user(argptr, arg, 0);
|
||||
ret = get_errno(safe_ioctl(fd, ie->host_cmd, buf_temp));
|
||||
break;
|
||||
|
75
qemu.changes
75
qemu.changes
@ -1,3 +1,78 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 11 20:05:25 UTC 2020 - Bruce Rogers <brogers@suse.com>
|
||||
|
||||
- Update to v5.1.0: See http://wiki.qemu.org/ChangeLog/5.1
|
||||
Take note that ongoing feature deprecation is tracked at both
|
||||
http://wiki.qemu-project.org/Features/LegacyRemoval and in
|
||||
the deprecated.html file installed with the qemu package
|
||||
Some noteworthy changes:
|
||||
* s390: Protected virtualization (secure execute) is fully merged
|
||||
upstream
|
||||
* s390: vfio-ccw devices no longer require setting the allow
|
||||
prefetch bit in the ORB, but is still dependent on host kernel
|
||||
support
|
||||
* s390: vfio-ccw now has basic support for relaying path state
|
||||
changes to the guest
|
||||
* PowerPC: pseries: NVDIMMs require label-size property
|
||||
* PowerPC: pseries: POWER10 support
|
||||
* PowerPC: added interface to inject POWER style NMIs
|
||||
* ARM: new board: sonorapass-bmc
|
||||
* ARM: new emulated features: ARMv8.2-TTSUXN, ARMv8.5-MemTag
|
||||
* ARM: Raspberry Pi boards now support a USB controller
|
||||
* ARM: virt board now supports hot-remove memory
|
||||
* RISC-V lots of improvements
|
||||
* qemu-img resize now requires -shrink to shrinking raw images
|
||||
* The mem parameter of the -numa option is no longer recognized
|
||||
starting with 5.1 machine types - instead use the memdev parameter
|
||||
* The ACPI WAET table is now exposed to guests
|
||||
* The max blocksize for virtual storage device is now 2 MiB
|
||||
* NVMe improvements
|
||||
* Crypto subsystem improvements
|
||||
* Block backends and tools: Numerous improvements and fixes
|
||||
* Firmware updates: SeaBIOS (essentially v1.14.0), OpenBIOS, SLOF
|
||||
(20200717), OpenSBI (v0.7)
|
||||
* Patches dropped (upstream unless otherwise noted):
|
||||
ati-vga-check-mm_index-before-recursive-.patch
|
||||
audio-fix-wavcapture-segfault.patch
|
||||
es1370-check-total-frame-count-against-c.patch
|
||||
exec-set-map-length-to-zero-when-returni.patch
|
||||
gcc10-maybe-uninitialized.patch
|
||||
hw-vfio-pci-quirks-Fix-broken-legacy-IGD.patch
|
||||
megasas-use-unsigned-type-for-reply_queu.patch
|
||||
nbd-server-Avoid-long-error-message-asse.patch
|
||||
ppc-spapr_caps-Don-t-disable-cap_cfpc-on.patch
|
||||
s390x-Add-SIDA-memory-ops.patch
|
||||
s390x-Add-unpack-facility-feature-to-GA1.patch
|
||||
s390x-Move-diagnose-308-subcodes-and-rcs.patch
|
||||
s390x-protvirt-Add-migration-blocker.patch
|
||||
s390x-protvirt-Disable-address-checks-fo.patch
|
||||
s390x-protvirt-Handle-SIGP-store-status-.patch
|
||||
s390x-protvirt-Inhibit-balloon-when-swit.patch
|
||||
s390x-protvirt-KVM-intercept-changes.patch
|
||||
s390x-protvirt-Move-diag-308-data-over-S.patch
|
||||
s390x-protvirt-Move-IO-control-structure.patch
|
||||
s390x-protvirt-Move-STSI-data-over-SIDAD.patch
|
||||
s390x-protvirt-SCLP-interpretation.patch
|
||||
s390x-protvirt-Set-guest-IPL-PSW.patch
|
||||
s390x-protvirt-Support-unpack-facility.patch
|
||||
s390x-s390-virtio-ccw-Fix-build-on-syste.patch
|
||||
Sync-pv.patch
|
||||
tests-Disable-some-block-tests-for-now.patch (no longer needed)
|
||||
vga-fix-cirrus-bios.patch
|
||||
virtiofsd-add-rlimit-nofile-NUM-option.patch
|
||||
virtiofsd-stay-below-fs.file-max-sysctl-.patch
|
||||
* Patches renamed:
|
||||
build-Do-not-apply-WORKAROUND_CFLAGS-for.patch
|
||||
-> Do-not-apply-WORKAROUND_CFLAGS-for-host-.patch
|
||||
build-Fix-s-directive-argument-is-null-e.patch
|
||||
-> Fix-s-directive-argument-is-null-error.patch
|
||||
* Patches added:
|
||||
hw-hyperv-vmbus-Fix-32bit-compilation.patch
|
||||
- New subpackages, due to modularization: qemu-chardev-baum,
|
||||
qemu-hw-display-qxl, qemu-hw-usb-redirect, qemu-hw-usb-smartcard
|
||||
- Configure to use "system" libslirp and libdaxctl (libnvdimm)
|
||||
when available
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 23 19:26:05 UTC 2020 - Liang Yan <lyan@suse.com>
|
||||
|
||||
|
410
qemu.spec
410
qemu.spec
@ -73,6 +73,12 @@
|
||||
%define with_rbd 1
|
||||
%endif
|
||||
|
||||
%if 0%{?is_opensuse}
|
||||
%ifarch x86_64 ppc64le
|
||||
%define with_daxctl 1
|
||||
%endif
|
||||
%endif
|
||||
|
||||
# qemu, qemu-linux-user, and qemu-testsuite "flavors" enabled via OBS Multibuild
|
||||
%define flavor @BUILD_FLAVOR@%{nil}
|
||||
%if "%flavor" == ""
|
||||
@ -89,9 +95,9 @@
|
||||
|
||||
%bcond_with system_membarrier
|
||||
|
||||
%define qemuver 5.0.0
|
||||
%define srcver 5.0.0
|
||||
%define sbver 1.13.0
|
||||
%define qemuver 5.1.0
|
||||
%define srcver 5.1.0
|
||||
%define sbver 1.13.0_48_gd9c812d
|
||||
%define srcname qemu
|
||||
Name: qemu%{name_suffix}
|
||||
URL: https://www.qemu.org/
|
||||
@ -127,90 +133,62 @@ Source303: README.PACKAGING
|
||||
# This patch queue is auto-generated - see README.PACKAGING for process
|
||||
|
||||
# Patches applied in base project:
|
||||
Patch00000: s390x-Move-diagnose-308-subcodes-and-rcs.patch
|
||||
Patch00001: Sync-pv.patch
|
||||
Patch00002: s390x-protvirt-Support-unpack-facility.patch
|
||||
Patch00003: s390x-protvirt-Add-migration-blocker.patch
|
||||
Patch00004: s390x-protvirt-Inhibit-balloon-when-swit.patch
|
||||
Patch00005: s390x-protvirt-KVM-intercept-changes.patch
|
||||
Patch00006: s390x-Add-SIDA-memory-ops.patch
|
||||
Patch00007: s390x-protvirt-Move-STSI-data-over-SIDAD.patch
|
||||
Patch00008: s390x-protvirt-SCLP-interpretation.patch
|
||||
Patch00009: s390x-protvirt-Set-guest-IPL-PSW.patch
|
||||
Patch00010: s390x-protvirt-Move-diag-308-data-over-S.patch
|
||||
Patch00011: s390x-protvirt-Disable-address-checks-fo.patch
|
||||
Patch00012: s390x-protvirt-Move-IO-control-structure.patch
|
||||
Patch00013: s390x-protvirt-Handle-SIGP-store-status-.patch
|
||||
Patch00014: s390x-Add-unpack-facility-feature-to-GA1.patch
|
||||
Patch00015: virtiofsd-add-rlimit-nofile-NUM-option.patch
|
||||
Patch00016: virtiofsd-stay-below-fs.file-max-sysctl-.patch
|
||||
Patch00017: es1370-check-total-frame-count-against-c.patch
|
||||
Patch00018: audio-fix-wavcapture-segfault.patch
|
||||
Patch00019: ati-vga-check-mm_index-before-recursive-.patch
|
||||
Patch00020: nbd-server-Avoid-long-error-message-asse.patch
|
||||
Patch00021: hw-vfio-pci-quirks-Fix-broken-legacy-IGD.patch
|
||||
Patch00022: megasas-use-unsigned-type-for-reply_queu.patch
|
||||
Patch00023: exec-set-map-length-to-zero-when-returni.patch
|
||||
Patch00024: XXX-dont-dump-core-on-sigabort.patch
|
||||
Patch00025: qemu-binfmt-conf-Modify-default-path.patch
|
||||
Patch00026: qemu-cvs-gettimeofday.patch
|
||||
Patch00027: qemu-cvs-ioctl_debug.patch
|
||||
Patch00028: qemu-cvs-ioctl_nodirection.patch
|
||||
Patch00029: linux-user-add-binfmt-wrapper-for-argv-0.patch
|
||||
Patch00030: PPC-KVM-Disable-mmu-notifier-check.patch
|
||||
Patch00031: linux-user-binfmt-support-host-binaries.patch
|
||||
Patch00032: linux-user-Fake-proc-cpuinfo.patch
|
||||
Patch00033: linux-user-use-target_ulong.patch
|
||||
Patch00034: Make-char-muxer-more-robust-wrt-small-FI.patch
|
||||
Patch00035: linux-user-lseek-explicitly-cast-non-set.patch
|
||||
Patch00036: AIO-Reduce-number-of-threads-for-32bit-h.patch
|
||||
Patch00037: xen_disk-Add-suse-specific-flush-disable.patch
|
||||
Patch00038: qemu-bridge-helper-reduce-security-profi.patch
|
||||
Patch00039: qemu-binfmt-conf-use-qemu-ARCH-binfmt.patch
|
||||
Patch00040: linux-user-properly-test-for-infinite-ti.patch
|
||||
Patch00041: roms-Makefile-pass-a-packaging-timestamp.patch
|
||||
Patch00042: Raise-soft-address-space-limit-to-hard-l.patch
|
||||
Patch00043: increase-x86_64-physical-bits-to-42.patch
|
||||
Patch00044: i8254-Fix-migration-from-SLE11-SP2.patch
|
||||
Patch00045: acpi_piix4-Fix-migration-from-SLE11-SP2.patch
|
||||
Patch00046: Switch-order-of-libraries-for-mpath-supp.patch
|
||||
Patch00047: Make-installed-scripts-explicitly-python.patch
|
||||
Patch00048: hw-smbios-handle-both-file-formats-regar.patch
|
||||
Patch00049: xen-add-block-resize-support-for-xen-dis.patch
|
||||
Patch00050: tests-qemu-iotests-Triple-timeout-of-i-o.patch
|
||||
Patch00051: tests-Fix-block-tests-to-be-compatible-w.patch
|
||||
Patch00052: xen-ignore-live-parameter-from-xen-save-.patch
|
||||
Patch00053: Conditionalize-ui-bitmap-installation-be.patch
|
||||
Patch00054: tests-change-error-message-in-test-162.patch
|
||||
Patch00055: hw-usb-hcd-xhci-Fix-GCC-9-build-warning.patch
|
||||
Patch00056: hw-usb-dev-mtp-Fix-GCC-9-build-warning.patch
|
||||
Patch00057: hw-intc-exynos4210_gic-provide-more-room.patch
|
||||
Patch00058: configure-only-populate-roms-if-softmmu.patch
|
||||
Patch00059: pc-bios-s390-ccw-net-avoid-warning-about.patch
|
||||
Patch00060: roms-change-cross-compiler-naming-to-be-.patch
|
||||
Patch00061: tests-Disable-some-block-tests-for-now.patch
|
||||
Patch00062: test-add-mapping-from-arch-of-i686-to-qe.patch
|
||||
Patch00063: roms-Makefile-enable-cross-compile-for-b.patch
|
||||
Patch00064: s390x-s390-virtio-ccw-Fix-build-on-syste.patch
|
||||
Patch00065: configure-remove-pkgversion-from-CONFIG_.patch
|
||||
Patch00066: gcc10-maybe-uninitialized.patch
|
||||
Patch00067: docs-add-SUSE-support-statements-to-html.patch
|
||||
Patch00068: docs-fix-trace-docs-build-with-sphinx-3..patch
|
||||
Patch00069: ppc-spapr_caps-Don-t-disable-cap_cfpc-on.patch
|
||||
Patch00000: docs-fix-trace-docs-build-with-sphinx-3..patch
|
||||
Patch00001: hw-hyperv-vmbus-Fix-32bit-compilation.patch
|
||||
Patch00002: XXX-dont-dump-core-on-sigabort.patch
|
||||
Patch00003: qemu-binfmt-conf-Modify-default-path.patch
|
||||
Patch00004: qemu-cvs-gettimeofday.patch
|
||||
Patch00005: qemu-cvs-ioctl_debug.patch
|
||||
Patch00006: qemu-cvs-ioctl_nodirection.patch
|
||||
Patch00007: linux-user-add-binfmt-wrapper-for-argv-0.patch
|
||||
Patch00008: PPC-KVM-Disable-mmu-notifier-check.patch
|
||||
Patch00009: linux-user-binfmt-support-host-binaries.patch
|
||||
Patch00010: linux-user-Fake-proc-cpuinfo.patch
|
||||
Patch00011: linux-user-use-target_ulong.patch
|
||||
Patch00012: Make-char-muxer-more-robust-wrt-small-FI.patch
|
||||
Patch00013: linux-user-lseek-explicitly-cast-non-set.patch
|
||||
Patch00014: AIO-Reduce-number-of-threads-for-32bit-h.patch
|
||||
Patch00015: xen_disk-Add-suse-specific-flush-disable.patch
|
||||
Patch00016: qemu-bridge-helper-reduce-security-profi.patch
|
||||
Patch00017: qemu-binfmt-conf-use-qemu-ARCH-binfmt.patch
|
||||
Patch00018: linux-user-properly-test-for-infinite-ti.patch
|
||||
Patch00019: roms-Makefile-pass-a-packaging-timestamp.patch
|
||||
Patch00020: Raise-soft-address-space-limit-to-hard-l.patch
|
||||
Patch00021: increase-x86_64-physical-bits-to-42.patch
|
||||
Patch00022: i8254-Fix-migration-from-SLE11-SP2.patch
|
||||
Patch00023: acpi_piix4-Fix-migration-from-SLE11-SP2.patch
|
||||
Patch00024: Switch-order-of-libraries-for-mpath-supp.patch
|
||||
Patch00025: Make-installed-scripts-explicitly-python.patch
|
||||
Patch00026: hw-smbios-handle-both-file-formats-regar.patch
|
||||
Patch00027: xen-add-block-resize-support-for-xen-dis.patch
|
||||
Patch00028: tests-qemu-iotests-Triple-timeout-of-i-o.patch
|
||||
Patch00029: tests-Fix-block-tests-to-be-compatible-w.patch
|
||||
Patch00030: xen-ignore-live-parameter-from-xen-save-.patch
|
||||
Patch00031: Conditionalize-ui-bitmap-installation-be.patch
|
||||
Patch00032: tests-change-error-message-in-test-162.patch
|
||||
Patch00033: hw-usb-hcd-xhci-Fix-GCC-9-build-warning.patch
|
||||
Patch00034: hw-usb-dev-mtp-Fix-GCC-9-build-warning.patch
|
||||
Patch00035: hw-intc-exynos4210_gic-provide-more-room.patch
|
||||
Patch00036: configure-only-populate-roms-if-softmmu.patch
|
||||
Patch00037: pc-bios-s390-ccw-net-avoid-warning-about.patch
|
||||
Patch00038: roms-change-cross-compiler-naming-to-be-.patch
|
||||
Patch00039: test-add-mapping-from-arch-of-i686-to-qe.patch
|
||||
Patch00040: roms-Makefile-enable-cross-compile-for-b.patch
|
||||
Patch00041: configure-remove-pkgversion-from-CONFIG_.patch
|
||||
Patch00042: docs-add-SUSE-support-statements-to-html.patch
|
||||
# Patches applied in roms/seabios/:
|
||||
Patch01000: seabios-use-python2-explicitly-as-needed.patch
|
||||
Patch01001: seabios-switch-to-python3-as-needed.patch
|
||||
Patch01002: enable-cross-compilation-on-ARM.patch
|
||||
Patch01003: vga-fix-cirrus-bios.patch
|
||||
# Patches applied in roms/ipxe/:
|
||||
Patch02000: build-Fix-s-directive-argument-is-null-e.patch
|
||||
Patch02000: Fix-s-directive-argument-is-null-error.patch
|
||||
Patch02001: build-Workaround-compilation-error-with-.patch
|
||||
Patch02002: build-Do-not-apply-WORKAROUND_CFLAGS-for.patch
|
||||
Patch02003: build-Be-explicit-about-fcommon-compiler.patch
|
||||
Patch02004: intel-Avoid-spurious-compiler-warning-on.patch
|
||||
Patch02005: golan-Add-explicit-type-casts-for-nodnic.patch
|
||||
Patch02006: stub-out-the-SAN-req-s-in-int13.patch
|
||||
Patch02007: ipxe-Makefile-fix-issues-of-build-reprod.patch
|
||||
Patch02002: build-Be-explicit-about-fcommon-compiler.patch
|
||||
Patch02003: intel-Avoid-spurious-compiler-warning-on.patch
|
||||
Patch02004: golan-Add-explicit-type-casts-for-nodnic.patch
|
||||
Patch02005: stub-out-the-SAN-req-s-in-int13.patch
|
||||
Patch02006: ipxe-Makefile-fix-issues-of-build-reprod.patch
|
||||
Patch02007: Do-not-apply-WORKAROUND_CFLAGS-for-host-.patch
|
||||
# Patches applied in roms/sgabios/:
|
||||
Patch03000: sgabios-Makefile-fix-issues-of-build-rep.patch
|
||||
Patch03001: roms-sgabios-Fix-csum8-to-be-built-by-ho.patch
|
||||
@ -290,7 +268,7 @@ BuildRequires: glibc-devel-32bit
|
||||
%if 0%{?with_glusterfs}
|
||||
BuildRequires: glusterfs-devel >= 3
|
||||
%endif
|
||||
BuildRequires: gtk3-devel >= 3.16
|
||||
BuildRequires: gtk3-devel >= 3.22
|
||||
BuildRequires: libaio-devel
|
||||
BuildRequires: libattr-devel
|
||||
BuildRequires: libbz2-devel
|
||||
@ -306,6 +284,9 @@ BuildRequires: libgcrypt-devel >= 1.5.0
|
||||
BuildRequires: libgnutls-devel >= 3.1.18
|
||||
BuildRequires: libiscsi-devel >= 1.9.0
|
||||
BuildRequires: libjpeg-devel
|
||||
%if 0%{?with_daxctl}
|
||||
BuildRequires: libndctl-devel
|
||||
%endif
|
||||
%if 0%{?is_opensuse}
|
||||
BuildRequires: libnfs-devel >= 1.9.3
|
||||
%endif
|
||||
@ -327,6 +308,9 @@ BuildRequires: libSDL2-devel
|
||||
BuildRequires: libSDL2_image-devel
|
||||
%endif
|
||||
BuildRequires: libseccomp-devel >= 2.3.0
|
||||
%if 0%{?is_opensuse}
|
||||
BuildRequires: libslirp-devel >= 4.2.0
|
||||
%endif
|
||||
BuildRequires: libspice-server-devel >= 0.12.5
|
||||
BuildRequires: libssh-devel >= 0.8
|
||||
BuildRequires: libusb-1_0-devel >= 1.0.13
|
||||
@ -388,11 +372,17 @@ BuildRequires: qemu-block-nfs = %{qemuver}
|
||||
BuildRequires: qemu-block-rbd = %{qemuver}
|
||||
%endif
|
||||
BuildRequires: qemu-block-ssh = %{qemuver}
|
||||
BuildRequires: qemu-chardev-baum = %{qemuver}
|
||||
%if %{provide_edk2_firmware}
|
||||
BuildRequires: qemu-edk2 = %{qemuver}
|
||||
%endif
|
||||
BuildRequires: qemu-extra = %{qemuver}
|
||||
BuildRequires: qemu-guest-agent = %{qemuver}
|
||||
BuildRequires: qemu-hw-display-qxl = %{qemuver}
|
||||
BuildRequires: qemu-hw-usb-redirect = %{qemuver}
|
||||
%if 0%{?is_opensuse}
|
||||
BuildRequires: qemu-hw-usb-smartcard = %{qemuver}
|
||||
%endif
|
||||
BuildRequires: qemu-ipxe = 1.0.0+
|
||||
%if 0%{?is_opensuse}
|
||||
BuildRequires: qemu-ksm = %{qemuver}
|
||||
@ -423,6 +413,11 @@ Requires(post): procps
|
||||
Recommends: kvm_stat
|
||||
%endif
|
||||
Recommends: qemu-block-curl
|
||||
Recommends: qemu-hw-display-qxl
|
||||
Recommends: qemu-hw-usb-redirect
|
||||
%if 0%{?is_opensuse}
|
||||
Recommends: qemu-hw-usb-smartcard
|
||||
%endif
|
||||
Recommends: qemu-tools
|
||||
Recommends: qemu-ui-curses
|
||||
Recommends: qemu-ui-gtk
|
||||
@ -461,6 +456,7 @@ Suggests: qemu-block-nfs
|
||||
Suggests: qemu-block-rbd
|
||||
%endif
|
||||
Suggests: qemu-block-ssh
|
||||
Suggests: qemu-chardev-baum
|
||||
Suggests: qemu-extra
|
||||
Suggests: qemu-lang
|
||||
%if 0%{?is_opensuse}
|
||||
@ -608,6 +604,38 @@ Conflicts: %name > %{qemuver}-%{release} \
|
||||
Conflicts: qemu-tools < %{qemuver}-%{release} \
|
||||
Conflicts: qemu-tools > %{qemuver}-%{release}
|
||||
|
||||
%package audio-alsa
|
||||
Summary: ALSA based audio support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
Version: %{qemuver}
|
||||
Release: 0
|
||||
%{qemu_module_conflicts}
|
||||
|
||||
%description audio-alsa
|
||||
This package contains a module for ALSA based audio support for QEMU.
|
||||
|
||||
%package audio-pa
|
||||
Summary: Pulse Audio based audio support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
Version: %{qemuver}
|
||||
Release: 0
|
||||
%{qemu_module_conflicts}
|
||||
|
||||
%description audio-pa
|
||||
This package contains a module for Pulse Audio based audio support for QEMU.
|
||||
|
||||
%if 0%{?is_opensuse}
|
||||
%package audio-sdl
|
||||
Summary: SDL based audio support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
Version: %{qemuver}
|
||||
Release: 0
|
||||
%{qemu_module_conflicts}
|
||||
|
||||
%description audio-sdl
|
||||
This package contains a module for SDL based audio support for QEMU.
|
||||
%endif
|
||||
|
||||
%package block-curl
|
||||
Summary: cURL block support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
@ -690,6 +718,46 @@ Release: 0
|
||||
This package contains a module for accessing network-based image files over an
|
||||
SSH network connection from qemu-img tool and QEMU system emulation.
|
||||
|
||||
%package chardev-baum
|
||||
Summary: Baum braille chardev support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
Version: %{qemuver}
|
||||
Release: 0
|
||||
%{qemu_module_conflicts}
|
||||
|
||||
%description chardev-baum
|
||||
This package contains a module for baum braille chardev support.
|
||||
|
||||
%package hw-display-qxl
|
||||
Summary: QXL display support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
Version: %{qemuver}
|
||||
Release: 0
|
||||
%{qemu_module_conflicts}
|
||||
|
||||
%description hw-display-qxl
|
||||
This package contains a module for QXL display support.
|
||||
|
||||
%package hw-usb-redirect
|
||||
Summary: USB redirection support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
Version: %{qemuver}
|
||||
Release: 0
|
||||
%{qemu_module_conflicts}
|
||||
|
||||
%description hw-usb-redirect
|
||||
This package contains a module for USB redirection support.
|
||||
|
||||
%package hw-usb-smartcard
|
||||
Summary: USB smartcard support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
Version: %{qemuver}
|
||||
Release: 0
|
||||
%{qemu_module_conflicts}
|
||||
|
||||
%description hw-usb-smartcard
|
||||
This package contains a modules for USB smartcard support.
|
||||
|
||||
%package ui-curses
|
||||
Summary: Curses based UI support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
@ -732,38 +800,6 @@ Release: 0
|
||||
%description ui-spice-app
|
||||
This package contains a module for doing Spice based UI for QEMU.
|
||||
|
||||
%package audio-alsa
|
||||
Summary: ALSA based audio support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
Version: %{qemuver}
|
||||
Release: 0
|
||||
%{qemu_module_conflicts}
|
||||
|
||||
%description audio-alsa
|
||||
This package contains a module for ALSA based audio support for QEMU.
|
||||
|
||||
%package audio-pa
|
||||
Summary: Pulse Audio based audio support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
Version: %{qemuver}
|
||||
Release: 0
|
||||
%{qemu_module_conflicts}
|
||||
|
||||
%description audio-pa
|
||||
This package contains a module for Pulse Audio based audio support for QEMU.
|
||||
|
||||
%if 0%{?is_opensuse}
|
||||
%package audio-sdl
|
||||
Summary: SDL based audio support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
Version: %{qemuver}
|
||||
Release: 0
|
||||
%{qemu_module_conflicts}
|
||||
|
||||
%description audio-sdl
|
||||
This package contains a module for SDL based audio support for QEMU.
|
||||
%endif
|
||||
|
||||
%package vhost-user-gpu
|
||||
Summary: Vhost user mode virtio-gpu 2D/3D rendering backend for QEMU
|
||||
Group: System/Emulators/PC
|
||||
@ -906,7 +942,9 @@ This package provides a service file for starting and stopping KSM.
|
||||
# ========================================================================
|
||||
%prep
|
||||
%setup -q -n %{srcname}-%{expand:%%(SV=%{srcver};echo ${SV%%%%+git*})}
|
||||
%if 0%{?suse_version} > 1500
|
||||
%patch00000 -p1
|
||||
%endif
|
||||
%patch00001 -p1
|
||||
%patch00002 -p1
|
||||
%patch00003 -p1
|
||||
@ -948,52 +986,26 @@ This package provides a service file for starting and stopping KSM.
|
||||
%patch00039 -p1
|
||||
%patch00040 -p1
|
||||
%patch00041 -p1
|
||||
%patch00042 -p1
|
||||
%patch00043 -p1
|
||||
%patch00044 -p1
|
||||
%patch00045 -p1
|
||||
%patch00046 -p1
|
||||
%patch00047 -p1
|
||||
%patch00048 -p1
|
||||
%patch00049 -p1
|
||||
%patch00050 -p1
|
||||
%patch00051 -p1
|
||||
%patch00052 -p1
|
||||
%patch00053 -p1
|
||||
%patch00054 -p1
|
||||
%patch00055 -p1
|
||||
%patch00056 -p1
|
||||
%patch00057 -p1
|
||||
%patch00058 -p1
|
||||
%patch00059 -p1
|
||||
%patch00060 -p1
|
||||
%patch00061 -p1
|
||||
%patch00062 -p1
|
||||
%patch00063 -p1
|
||||
%patch00064 -p1
|
||||
%patch00065 -p1
|
||||
%patch00066 -p1
|
||||
%if %{legacy_qemu_kvm} && 0%{?is_opensuse} == 0
|
||||
%patch00067 -p1
|
||||
%patch00042 -p1
|
||||
%endif
|
||||
%patch00068 -p1
|
||||
%patch00069 -p1
|
||||
%patch01000 -p1
|
||||
%patch01001 -p1
|
||||
%patch01002 -p1
|
||||
%patch01003 -p1
|
||||
%patch02000 -p1
|
||||
%if 0%{?suse_version} > 1500 && 0%{?is_opensuse}
|
||||
%patch02001 -p1
|
||||
%ifarch aarch64
|
||||
%patch02002 -p1
|
||||
%endif
|
||||
%patch02002 -p1
|
||||
%patch02003 -p1
|
||||
%patch02004 -p1
|
||||
%patch02005 -p1
|
||||
%if 0%{?patch-possibly-applied-elsewhere}
|
||||
%patch02006 -p1
|
||||
%patch02005 -p1
|
||||
%endif
|
||||
%patch02006 -p1
|
||||
%ifarch aarch64
|
||||
%patch02007 -p1
|
||||
%endif
|
||||
%patch03000 -p1
|
||||
%patch03001 -p1
|
||||
%patch08000 -p1
|
||||
@ -1145,6 +1157,11 @@ cd %mybuilddir
|
||||
--enable-tools --enable-guest-agent \
|
||||
--enable-modules \
|
||||
--disable-module-upgrades \
|
||||
%if 0%{?is_opensuse}
|
||||
--enable-slirp=system \
|
||||
%else
|
||||
--enable-slirp=git \
|
||||
%endif
|
||||
--enable-pie \
|
||||
--enable-docs \
|
||||
%if 0%{?is_opensuse}
|
||||
@ -1182,6 +1199,11 @@ cd %mybuilddir
|
||||
--enable-kvm \
|
||||
%else
|
||||
--disable-kvm \
|
||||
%endif
|
||||
%if 0%{?with_daxctl}
|
||||
--enable-libdaxctl \
|
||||
%else
|
||||
--disable-libdaxctl \
|
||||
%endif
|
||||
--enable-libiscsi \
|
||||
%if 0%{?is_opensuse}
|
||||
@ -1231,6 +1253,7 @@ cd %mybuilddir
|
||||
%endif
|
||||
--enable-rdma \
|
||||
--enable-replication \
|
||||
--disable-safe-stack \
|
||||
--disable-sanitizers \
|
||||
%if 0%{?is_opensuse}
|
||||
--enable-sdl \
|
||||
@ -1259,6 +1282,7 @@ cd %mybuilddir
|
||||
--enable-vhost-scsi \
|
||||
--enable-vhost-user \
|
||||
--enable-vhost-user-fs \
|
||||
--enable-vhost-vdpa \
|
||||
--enable-vhost-vsock \
|
||||
--enable-virglrenderer \
|
||||
--enable-virtfs \
|
||||
@ -1297,6 +1321,7 @@ cd %mybuilddir
|
||||
--disable-fdt \
|
||||
--disable-iconv \
|
||||
--disable-kvm \
|
||||
--disable-libdaxctl \
|
||||
--disable-malloc-trim \
|
||||
%if %{with system_membarrier}
|
||||
--enable-membarrier \
|
||||
@ -1309,6 +1334,7 @@ cd %mybuilddir
|
||||
--disable-qed \
|
||||
--disable-replication \
|
||||
--disable-sheepdog \
|
||||
--disable-safe-stack \
|
||||
--disable-slirp \
|
||||
--disable-tpm \
|
||||
--disable-vdi \
|
||||
@ -1402,8 +1428,7 @@ make -C %{_builddir}/%buildsubdir/roms sgabios \
|
||||
pushd %{_builddir}/%buildsubdir
|
||||
patch -p1 < %_sourcedir/stub-out-the-SAN-req-s-in-int13.patch
|
||||
popd
|
||||
make %{?_smp_mflags} -C %{_builddir}/%buildsubdir/roms \
|
||||
pxerom_variants=virtio pxerom_targets=1af41000 pxerom
|
||||
make %{?_smp_mflags} -C %{_builddir}/%buildsubdir/roms pxerom_variants=virtio pxerom_targets=1af41000 pxerom
|
||||
%endif
|
||||
|
||||
# enforce pxe rom sizes for migration compatability from SLE 11 SP3 forward
|
||||
@ -1772,16 +1797,18 @@ fi
|
||||
%_docdir/%name/interop/live-block-operations.html
|
||||
%_docdir/%name/interop/objects.inv
|
||||
%_docdir/%name/interop/pr-helper.html
|
||||
%_docdir/%name/interop/qemu-ga-ref.html
|
||||
%_docdir/%name/interop/qemu-ga-ref.txt
|
||||
%_docdir/%name/interop/qemu-qmp-ref.html
|
||||
%_docdir/%name/interop/qemu-qmp-ref.txt
|
||||
%_docdir/%name/interop/search.html
|
||||
%_docdir/%name/interop/searchindex.js
|
||||
%_docdir/%name/interop/vhost-user.html
|
||||
%_docdir/%name/interop/vhost-user-gpu.html
|
||||
%_docdir/%name/qemu-qmp-ref.txt
|
||||
%_docdir/%name/qemu-qmp-ref.html
|
||||
%_docdir/%name/qemu-ga-ref.txt
|
||||
%_docdir/%name/qemu-ga-ref.html
|
||||
%_docdir/%name/interop/vhost-vdpa.html
|
||||
%_docdir/%name/specs/.buildinfo
|
||||
%_docdir/%name/specs/_static/*
|
||||
%_docdir/%name/specs/acpi_hest_ghes.html
|
||||
%_docdir/%name/specs/acpi_hw_reduced_hotplug.html
|
||||
%_docdir/%name/specs/genindex.html
|
||||
%_docdir/%name/specs/index.html
|
||||
@ -1793,8 +1820,14 @@ fi
|
||||
%_docdir/%name/specs/tpm.html
|
||||
%_docdir/%name/system/.buildinfo
|
||||
%_docdir/%name/system/_static/*
|
||||
%_docdir/%name/system/arm/aspeed.html
|
||||
%_docdir/%name/system/arm/collie.html
|
||||
%_docdir/%name/system/arm/cpu-features.html
|
||||
%_docdir/%name/system/arm/digic.html
|
||||
%_docdir/%name/system/arm/gumstix.html
|
||||
%_docdir/%name/system/arm/integratorcp.html
|
||||
%_docdir/%name/system/arm/mps2.html
|
||||
%_docdir/%name/system/arm/musca.html
|
||||
%_docdir/%name/system/arm/musicpal.html
|
||||
%_docdir/%name/system/arm/nseries.html
|
||||
%_docdir/%name/system/arm/orangepi.html
|
||||
@ -1803,6 +1836,8 @@ fi
|
||||
%_docdir/%name/system/arm/stellaris.html
|
||||
%_docdir/%name/system/arm/sx1.html
|
||||
%_docdir/%name/system/arm/versatile.html
|
||||
%_docdir/%name/system/arm/vexpress.html
|
||||
%_docdir/%name/system/arm/virt.html
|
||||
%_docdir/%name/system/arm/xscale.html
|
||||
%_docdir/%name/system/build-platforms.html
|
||||
%_docdir/%name/system/deprecated.html
|
||||
@ -1824,20 +1859,26 @@ fi
|
||||
%_docdir/%name/system/qemu-cpu-models.html
|
||||
%_docdir/%name/system/qemu-manpage.html
|
||||
%_docdir/%name/system/quickstart.html
|
||||
%_docdir/%name/system/s390x/3270.html
|
||||
%_docdir/%name/system/s390x/css.html
|
||||
%_docdir/%name/system/s390x/protvirt.html
|
||||
%_docdir/%name/system/s390x/vfio-ap.html
|
||||
%_docdir/%name/system/s390x/vfio-ccw.html
|
||||
%_docdir/%name/system/search.html
|
||||
%_docdir/%name/system/searchindex.js
|
||||
%_docdir/%name/system/security.html
|
||||
%_docdir/%name/system/target-arm.html
|
||||
%_docdir/%name/system/target-avr.html
|
||||
%_docdir/%name/system/target-i386.html
|
||||
%_docdir/%name/system/target-m68k.html
|
||||
%_docdir/%name/system/target-mips.html
|
||||
%_docdir/%name/system/target-ppc.html
|
||||
%_docdir/%name/system/targets.html
|
||||
%_docdir/%name/system/target-rx.html
|
||||
%_docdir/%name/system/target-s390x.html
|
||||
%_docdir/%name/system/target-sparc64.html
|
||||
%_docdir/%name/system/target-sparc.html
|
||||
%_docdir/%name/system/target-xtensa.html
|
||||
%_docdir/%name/system/targets.html
|
||||
%_docdir/%name/system/tls.html
|
||||
%_docdir/%name/system/usb.html
|
||||
%_docdir/%name/system/vnc-security.html
|
||||
@ -1932,6 +1973,7 @@ fi
|
||||
%files extra
|
||||
%defattr(-, root, root)
|
||||
%_bindir/qemu-system-alpha
|
||||
%_bindir/qemu-system-avr
|
||||
%_bindir/qemu-system-cris
|
||||
%_bindir/qemu-system-hppa
|
||||
%_bindir/qemu-system-lm32
|
||||
@ -1981,6 +2023,23 @@ fi
|
||||
%endif
|
||||
%endif
|
||||
|
||||
%files audio-alsa
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/audio-alsa.so
|
||||
|
||||
%files audio-pa
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/audio-pa.so
|
||||
|
||||
%if 0%{?is_opensuse}
|
||||
%files audio-sdl
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/audio-sdl.so
|
||||
%endif
|
||||
|
||||
%files block-curl
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
@ -2025,6 +2084,28 @@ fi
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/block-ssh.so
|
||||
|
||||
%files chardev-baum
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/chardev-baum.so
|
||||
|
||||
%files hw-display-qxl
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/hw-display-qxl.so
|
||||
|
||||
%files hw-usb-redirect
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/hw-usb-redirect.so
|
||||
|
||||
%if 0%{?is_opensuse}
|
||||
%files hw-usb-smartcard
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/hw-usb-smartcard.so
|
||||
%endif
|
||||
|
||||
%files ui-curses
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
@ -2047,23 +2128,6 @@ fi
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/ui-spice-app.so
|
||||
|
||||
%files audio-alsa
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/audio-alsa.so
|
||||
|
||||
%files audio-pa
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/audio-pa.so
|
||||
|
||||
%if 0%{?is_opensuse}
|
||||
%files audio-sdl
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/audio-sdl.so
|
||||
%endif
|
||||
|
||||
%files lang -f %mybuilddir/%name.lang
|
||||
%defattr(-, root, root)
|
||||
|
||||
@ -2157,11 +2221,11 @@ fi
|
||||
%_bindir/qemu-io
|
||||
%_bindir/qemu-keymap
|
||||
%_bindir/qemu-nbd
|
||||
%_bindir/qemu-pr-helper
|
||||
%_bindir/qemu-storage-daemon
|
||||
%_bindir/virtfs-proxy-helper
|
||||
%_bindir/vmstate-static-checker.py
|
||||
%verify(not mode) %attr(4750,root,kvm) %_libexecdir/qemu-bridge-helper
|
||||
%_libexecdir/qemu-pr-helper
|
||||
%_libexecdir/virtfs-proxy-helper
|
||||
%_libexecdir/virtiofsd
|
||||
%_mandir/man1/qemu-img.1.gz
|
||||
%_mandir/man1/virtfs-proxy-helper.1.gz
|
||||
|
234
qemu.spec.in
234
qemu.spec.in
@ -73,6 +73,12 @@
|
||||
%define with_rbd 1
|
||||
%endif
|
||||
|
||||
%if 0%{?is_opensuse}
|
||||
%ifarch x86_64 ppc64le
|
||||
%define with_daxctl 1
|
||||
%endif
|
||||
%endif
|
||||
|
||||
# qemu, qemu-linux-user, and qemu-testsuite "flavors" enabled via OBS Multibuild
|
||||
%define flavor @BUILD_FLAVOR@%{nil}
|
||||
%if "%flavor" == ""
|
||||
@ -195,7 +201,7 @@ BuildRequires: glibc-devel-32bit
|
||||
%if 0%{?with_glusterfs}
|
||||
BuildRequires: glusterfs-devel >= 3
|
||||
%endif
|
||||
BuildRequires: gtk3-devel >= 3.16
|
||||
BuildRequires: gtk3-devel >= 3.22
|
||||
BuildRequires: libaio-devel
|
||||
BuildRequires: libattr-devel
|
||||
BuildRequires: libbz2-devel
|
||||
@ -211,6 +217,9 @@ BuildRequires: libgcrypt-devel >= 1.5.0
|
||||
BuildRequires: libgnutls-devel >= 3.1.18
|
||||
BuildRequires: libiscsi-devel >= 1.9.0
|
||||
BuildRequires: libjpeg-devel
|
||||
%if 0%{?with_daxctl}
|
||||
BuildRequires: libndctl-devel
|
||||
%endif
|
||||
%if 0%{?is_opensuse}
|
||||
BuildRequires: libnfs-devel >= 1.9.3
|
||||
%endif
|
||||
@ -232,6 +241,9 @@ BuildRequires: libSDL2-devel
|
||||
BuildRequires: libSDL2_image-devel
|
||||
%endif
|
||||
BuildRequires: libseccomp-devel >= 2.3.0
|
||||
%if 0%{?is_opensuse}
|
||||
BuildRequires: libslirp-devel >= 4.2.0
|
||||
%endif
|
||||
BuildRequires: libspice-server-devel >= 0.12.5
|
||||
BuildRequires: libssh-devel >= 0.8
|
||||
BuildRequires: pkgconfig(libudev)
|
||||
@ -293,11 +305,17 @@ BuildRequires: qemu-block-nfs = %{qemuver}
|
||||
BuildRequires: qemu-block-rbd = %{qemuver}
|
||||
%endif
|
||||
BuildRequires: qemu-block-ssh = %{qemuver}
|
||||
BuildRequires: qemu-chardev-baum = %{qemuver}
|
||||
%if %{provide_edk2_firmware}
|
||||
BuildRequires: qemu-edk2 = %{qemuver}
|
||||
%endif
|
||||
BuildRequires: qemu-extra = %{qemuver}
|
||||
BuildRequires: qemu-guest-agent = %{qemuver}
|
||||
BuildRequires: qemu-hw-display-qxl = %{qemuver}
|
||||
BuildRequires: qemu-hw-usb-redirect = %{qemuver}
|
||||
%if 0%{?is_opensuse}
|
||||
BuildRequires: qemu-hw-usb-smartcard = %{qemuver}
|
||||
%endif
|
||||
BuildRequires: qemu-ipxe = 1.0.0+
|
||||
%if 0%{?is_opensuse}
|
||||
BuildRequires: qemu-ksm = %{qemuver}
|
||||
@ -328,6 +346,11 @@ Requires(post): procps
|
||||
Recommends: kvm_stat
|
||||
%endif
|
||||
Recommends: qemu-block-curl
|
||||
Recommends: qemu-hw-display-qxl
|
||||
Recommends: qemu-hw-usb-redirect
|
||||
%if 0%{?is_opensuse}
|
||||
Recommends: qemu-hw-usb-smartcard
|
||||
%endif
|
||||
Recommends: qemu-tools
|
||||
Recommends: qemu-ui-curses
|
||||
Recommends: qemu-ui-gtk
|
||||
@ -366,6 +389,7 @@ Suggests: qemu-block-nfs
|
||||
Suggests: qemu-block-rbd
|
||||
%endif
|
||||
Suggests: qemu-block-ssh
|
||||
Suggests: qemu-chardev-baum
|
||||
Suggests: qemu-extra
|
||||
Suggests: qemu-lang
|
||||
%if 0%{?is_opensuse}
|
||||
@ -513,6 +537,38 @@ Conflicts: %name > %{qemuver}-%{release} \
|
||||
Conflicts: qemu-tools < %{qemuver}-%{release} \
|
||||
Conflicts: qemu-tools > %{qemuver}-%{release}
|
||||
|
||||
%package audio-alsa
|
||||
Summary: ALSA based audio support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
Version: %{qemuver}
|
||||
Release: 0
|
||||
%{qemu_module_conflicts}
|
||||
|
||||
%description audio-alsa
|
||||
This package contains a module for ALSA based audio support for QEMU.
|
||||
|
||||
%package audio-pa
|
||||
Summary: Pulse Audio based audio support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
Version: %{qemuver}
|
||||
Release: 0
|
||||
%{qemu_module_conflicts}
|
||||
|
||||
%description audio-pa
|
||||
This package contains a module for Pulse Audio based audio support for QEMU.
|
||||
|
||||
%if 0%{?is_opensuse}
|
||||
%package audio-sdl
|
||||
Summary: SDL based audio support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
Version: %{qemuver}
|
||||
Release: 0
|
||||
%{qemu_module_conflicts}
|
||||
|
||||
%description audio-sdl
|
||||
This package contains a module for SDL based audio support for QEMU.
|
||||
%endif
|
||||
|
||||
%package block-curl
|
||||
Summary: cURL block support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
@ -595,6 +651,46 @@ Release: 0
|
||||
This package contains a module for accessing network-based image files over an
|
||||
SSH network connection from qemu-img tool and QEMU system emulation.
|
||||
|
||||
%package chardev-baum
|
||||
Summary: Baum braille chardev support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
Version: %{qemuver}
|
||||
Release: 0
|
||||
%{qemu_module_conflicts}
|
||||
|
||||
%description chardev-baum
|
||||
This package contains a module for baum braille chardev support.
|
||||
|
||||
%package hw-display-qxl
|
||||
Summary: QXL display support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
Version: %{qemuver}
|
||||
Release: 0
|
||||
%{qemu_module_conflicts}
|
||||
|
||||
%description hw-display-qxl
|
||||
This package contains a module for QXL display support.
|
||||
|
||||
%package hw-usb-redirect
|
||||
Summary: USB redirection support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
Version: %{qemuver}
|
||||
Release: 0
|
||||
%{qemu_module_conflicts}
|
||||
|
||||
%description hw-usb-redirect
|
||||
This package contains a module for USB redirection support.
|
||||
|
||||
%package hw-usb-smartcard
|
||||
Summary: USB smartcard support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
Version: %{qemuver}
|
||||
Release: 0
|
||||
%{qemu_module_conflicts}
|
||||
|
||||
%description hw-usb-smartcard
|
||||
This package contains a modules for USB smartcard support.
|
||||
|
||||
%package ui-curses
|
||||
Summary: Curses based UI support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
@ -637,38 +733,6 @@ Release: 0
|
||||
%description ui-spice-app
|
||||
This package contains a module for doing Spice based UI for QEMU.
|
||||
|
||||
%package audio-alsa
|
||||
Summary: ALSA based audio support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
Version: %{qemuver}
|
||||
Release: 0
|
||||
%{qemu_module_conflicts}
|
||||
|
||||
%description audio-alsa
|
||||
This package contains a module for ALSA based audio support for QEMU.
|
||||
|
||||
%package audio-pa
|
||||
Summary: Pulse Audio based audio support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
Version: %{qemuver}
|
||||
Release: 0
|
||||
%{qemu_module_conflicts}
|
||||
|
||||
%description audio-pa
|
||||
This package contains a module for Pulse Audio based audio support for QEMU.
|
||||
|
||||
%if 0%{?is_opensuse}
|
||||
%package audio-sdl
|
||||
Summary: SDL based audio support for QEMU
|
||||
Group: System/Emulators/PC
|
||||
Version: %{qemuver}
|
||||
Release: 0
|
||||
%{qemu_module_conflicts}
|
||||
|
||||
%description audio-sdl
|
||||
This package contains a module for SDL based audio support for QEMU.
|
||||
%endif
|
||||
|
||||
%package vhost-user-gpu
|
||||
Summary: Vhost user mode virtio-gpu 2D/3D rendering backend for QEMU
|
||||
Group: System/Emulators/PC
|
||||
@ -958,6 +1022,11 @@ cd %mybuilddir
|
||||
--enable-tools --enable-guest-agent \
|
||||
--enable-modules \
|
||||
--disable-module-upgrades \
|
||||
%if 0%{?is_opensuse}
|
||||
--enable-slirp=system \
|
||||
%else
|
||||
--enable-slirp=git \
|
||||
%endif
|
||||
--enable-pie \
|
||||
--enable-docs \
|
||||
%if 0%{?is_opensuse}
|
||||
@ -995,6 +1064,11 @@ cd %mybuilddir
|
||||
--enable-kvm \
|
||||
%else
|
||||
--disable-kvm \
|
||||
%endif
|
||||
%if 0%{?with_daxctl}
|
||||
--enable-libdaxctl \
|
||||
%else
|
||||
--disable-libdaxctl \
|
||||
%endif
|
||||
--enable-libiscsi \
|
||||
%if 0%{?is_opensuse}
|
||||
@ -1044,6 +1118,7 @@ cd %mybuilddir
|
||||
%endif
|
||||
--enable-rdma \
|
||||
--enable-replication \
|
||||
--disable-safe-stack \
|
||||
--disable-sanitizers \
|
||||
%if 0%{?is_opensuse}
|
||||
--enable-sdl \
|
||||
@ -1072,6 +1147,7 @@ cd %mybuilddir
|
||||
--enable-vhost-scsi \
|
||||
--enable-vhost-user \
|
||||
--enable-vhost-user-fs \
|
||||
--enable-vhost-vdpa \
|
||||
--enable-vhost-vsock \
|
||||
--enable-virglrenderer \
|
||||
--enable-virtfs \
|
||||
@ -1110,6 +1186,7 @@ cd %mybuilddir
|
||||
--disable-fdt \
|
||||
--disable-iconv \
|
||||
--disable-kvm \
|
||||
--disable-libdaxctl \
|
||||
--disable-malloc-trim \
|
||||
%if %{with system_membarrier}
|
||||
--enable-membarrier \
|
||||
@ -1122,6 +1199,7 @@ cd %mybuilddir
|
||||
--disable-qed \
|
||||
--disable-replication \
|
||||
--disable-sheepdog \
|
||||
--disable-safe-stack \
|
||||
--disable-slirp \
|
||||
--disable-tpm \
|
||||
--disable-vdi \
|
||||
@ -1215,8 +1293,7 @@ make -C %{_builddir}/%buildsubdir/roms sgabios \
|
||||
pushd %{_builddir}/%buildsubdir
|
||||
patch -p1 < %_sourcedir/stub-out-the-SAN-req-s-in-int13.patch
|
||||
popd
|
||||
make %{?_smp_mflags} -C %{_builddir}/%buildsubdir/roms \
|
||||
pxerom_variants=virtio pxerom_targets=1af41000 pxerom
|
||||
make %{?_smp_mflags} -C %{_builddir}/%buildsubdir/roms pxerom_variants=virtio pxerom_targets=1af41000 pxerom
|
||||
%endif
|
||||
|
||||
# enforce pxe rom sizes for migration compatability from SLE 11 SP3 forward
|
||||
@ -1585,16 +1662,18 @@ fi
|
||||
%_docdir/%name/interop/live-block-operations.html
|
||||
%_docdir/%name/interop/objects.inv
|
||||
%_docdir/%name/interop/pr-helper.html
|
||||
%_docdir/%name/interop/qemu-ga-ref.html
|
||||
%_docdir/%name/interop/qemu-ga-ref.txt
|
||||
%_docdir/%name/interop/qemu-qmp-ref.html
|
||||
%_docdir/%name/interop/qemu-qmp-ref.txt
|
||||
%_docdir/%name/interop/search.html
|
||||
%_docdir/%name/interop/searchindex.js
|
||||
%_docdir/%name/interop/vhost-user.html
|
||||
%_docdir/%name/interop/vhost-user-gpu.html
|
||||
%_docdir/%name/qemu-qmp-ref.txt
|
||||
%_docdir/%name/qemu-qmp-ref.html
|
||||
%_docdir/%name/qemu-ga-ref.txt
|
||||
%_docdir/%name/qemu-ga-ref.html
|
||||
%_docdir/%name/interop/vhost-vdpa.html
|
||||
%_docdir/%name/specs/.buildinfo
|
||||
%_docdir/%name/specs/_static/*
|
||||
%_docdir/%name/specs/acpi_hest_ghes.html
|
||||
%_docdir/%name/specs/acpi_hw_reduced_hotplug.html
|
||||
%_docdir/%name/specs/genindex.html
|
||||
%_docdir/%name/specs/index.html
|
||||
@ -1606,8 +1685,14 @@ fi
|
||||
%_docdir/%name/specs/tpm.html
|
||||
%_docdir/%name/system/.buildinfo
|
||||
%_docdir/%name/system/_static/*
|
||||
%_docdir/%name/system/arm/aspeed.html
|
||||
%_docdir/%name/system/arm/collie.html
|
||||
%_docdir/%name/system/arm/cpu-features.html
|
||||
%_docdir/%name/system/arm/digic.html
|
||||
%_docdir/%name/system/arm/gumstix.html
|
||||
%_docdir/%name/system/arm/integratorcp.html
|
||||
%_docdir/%name/system/arm/mps2.html
|
||||
%_docdir/%name/system/arm/musca.html
|
||||
%_docdir/%name/system/arm/musicpal.html
|
||||
%_docdir/%name/system/arm/nseries.html
|
||||
%_docdir/%name/system/arm/orangepi.html
|
||||
@ -1616,6 +1701,8 @@ fi
|
||||
%_docdir/%name/system/arm/stellaris.html
|
||||
%_docdir/%name/system/arm/sx1.html
|
||||
%_docdir/%name/system/arm/versatile.html
|
||||
%_docdir/%name/system/arm/vexpress.html
|
||||
%_docdir/%name/system/arm/virt.html
|
||||
%_docdir/%name/system/arm/xscale.html
|
||||
%_docdir/%name/system/build-platforms.html
|
||||
%_docdir/%name/system/deprecated.html
|
||||
@ -1637,20 +1724,26 @@ fi
|
||||
%_docdir/%name/system/qemu-cpu-models.html
|
||||
%_docdir/%name/system/qemu-manpage.html
|
||||
%_docdir/%name/system/quickstart.html
|
||||
%_docdir/%name/system/s390x/3270.html
|
||||
%_docdir/%name/system/s390x/css.html
|
||||
%_docdir/%name/system/s390x/protvirt.html
|
||||
%_docdir/%name/system/s390x/vfio-ap.html
|
||||
%_docdir/%name/system/s390x/vfio-ccw.html
|
||||
%_docdir/%name/system/search.html
|
||||
%_docdir/%name/system/searchindex.js
|
||||
%_docdir/%name/system/security.html
|
||||
%_docdir/%name/system/target-arm.html
|
||||
%_docdir/%name/system/target-avr.html
|
||||
%_docdir/%name/system/target-i386.html
|
||||
%_docdir/%name/system/target-m68k.html
|
||||
%_docdir/%name/system/target-mips.html
|
||||
%_docdir/%name/system/target-ppc.html
|
||||
%_docdir/%name/system/targets.html
|
||||
%_docdir/%name/system/target-rx.html
|
||||
%_docdir/%name/system/target-s390x.html
|
||||
%_docdir/%name/system/target-sparc64.html
|
||||
%_docdir/%name/system/target-sparc.html
|
||||
%_docdir/%name/system/target-xtensa.html
|
||||
%_docdir/%name/system/targets.html
|
||||
%_docdir/%name/system/tls.html
|
||||
%_docdir/%name/system/usb.html
|
||||
%_docdir/%name/system/vnc-security.html
|
||||
@ -1745,6 +1838,7 @@ fi
|
||||
%files extra
|
||||
%defattr(-, root, root)
|
||||
%_bindir/qemu-system-alpha
|
||||
%_bindir/qemu-system-avr
|
||||
%_bindir/qemu-system-cris
|
||||
%_bindir/qemu-system-hppa
|
||||
%_bindir/qemu-system-lm32
|
||||
@ -1794,6 +1888,23 @@ fi
|
||||
%endif
|
||||
%endif
|
||||
|
||||
%files audio-alsa
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/audio-alsa.so
|
||||
|
||||
%files audio-pa
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/audio-pa.so
|
||||
|
||||
%if 0%{?is_opensuse}
|
||||
%files audio-sdl
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/audio-sdl.so
|
||||
%endif
|
||||
|
||||
%files block-curl
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
@ -1838,6 +1949,28 @@ fi
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/block-ssh.so
|
||||
|
||||
%files chardev-baum
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/chardev-baum.so
|
||||
|
||||
%files hw-display-qxl
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/hw-display-qxl.so
|
||||
|
||||
%files hw-usb-redirect
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/hw-usb-redirect.so
|
||||
|
||||
%if 0%{?is_opensuse}
|
||||
%files hw-usb-smartcard
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/hw-usb-smartcard.so
|
||||
%endif
|
||||
|
||||
%files ui-curses
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
@ -1860,23 +1993,6 @@ fi
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/ui-spice-app.so
|
||||
|
||||
%files audio-alsa
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/audio-alsa.so
|
||||
|
||||
%files audio-pa
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/audio-pa.so
|
||||
|
||||
%if 0%{?is_opensuse}
|
||||
%files audio-sdl
|
||||
%defattr(-, root, root)
|
||||
%dir %_libdir/%name
|
||||
%_libdir/%name/audio-sdl.so
|
||||
%endif
|
||||
|
||||
%files lang -f %mybuilddir/%name.lang
|
||||
%defattr(-, root, root)
|
||||
|
||||
@ -1970,11 +2086,11 @@ fi
|
||||
%_bindir/qemu-io
|
||||
%_bindir/qemu-keymap
|
||||
%_bindir/qemu-nbd
|
||||
%_bindir/qemu-pr-helper
|
||||
%_bindir/qemu-storage-daemon
|
||||
%_bindir/virtfs-proxy-helper
|
||||
%_bindir/vmstate-static-checker.py
|
||||
%verify(not mode) %attr(4750,root,kvm) %_libexecdir/qemu-bridge-helper
|
||||
%_libexecdir/qemu-pr-helper
|
||||
%_libexecdir/virtfs-proxy-helper
|
||||
%_libexecdir/virtiofsd
|
||||
%_mandir/man1/qemu-img.1.gz
|
||||
%_mandir/man1/virtfs-proxy-helper.1.gz
|
||||
|
@ -1,135 +0,0 @@
|
||||
From: Janosch Frank <frankja@linux.ibm.com>
|
||||
Date: Wed, 5 Feb 2020 06:57:35 -0500
|
||||
Subject: s390x: Add SIDA memory ops
|
||||
|
||||
Git-commit a9f21cec3bc9c86062c7c24bb2143d22cb3c2950
|
||||
References: bsc#1167075
|
||||
|
||||
Protected guests save the instruction control blocks in the SIDA
|
||||
instead of QEMU/KVM directly accessing the guest's memory.
|
||||
|
||||
Let's introduce new functions to access the SIDA.
|
||||
|
||||
The memops for doing so are available with KVM_CAP_S390_PROTECTED, so
|
||||
let's check for that.
|
||||
|
||||
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
|
||||
Reviewed-by: David Hildenbrand <david@redhat.com>
|
||||
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
|
||||
Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
|
||||
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
target/s390x/cpu.h | 7 ++++++-
|
||||
target/s390x/kvm.c | 26 ++++++++++++++++++++++++++
|
||||
target/s390x/kvm_s390x.h | 2 ++
|
||||
target/s390x/mmu_helper.c | 14 ++++++++++++++
|
||||
4 files changed, 48 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/target/s390x/cpu.h b/target/s390x/cpu.h
|
||||
index 1d17709d6e10b5e0668bc09e21c7..035427521cec252877c70288d597 100644
|
||||
--- a/target/s390x/cpu.h
|
||||
+++ b/target/s390x/cpu.h
|
||||
@@ -823,7 +823,12 @@ int s390_cpu_virt_mem_rw(S390CPU *cpu, vaddr laddr, uint8_t ar, void *hostbuf,
|
||||
#define s390_cpu_virt_mem_check_write(cpu, laddr, ar, len) \
|
||||
s390_cpu_virt_mem_rw(cpu, laddr, ar, NULL, len, true)
|
||||
void s390_cpu_virt_mem_handle_exc(S390CPU *cpu, uintptr_t ra);
|
||||
-
|
||||
+int s390_cpu_pv_mem_rw(S390CPU *cpu, unsigned int offset, void *hostbuf,
|
||||
+ int len, bool is_write);
|
||||
+#define s390_cpu_pv_mem_read(cpu, offset, dest, len) \
|
||||
+ s390_cpu_pv_mem_rw(cpu, offset, dest, len, false)
|
||||
+#define s390_cpu_pv_mem_write(cpu, offset, dest, len) \
|
||||
+ s390_cpu_pv_mem_rw(cpu, offset, dest, len, true)
|
||||
|
||||
/* sigp.c */
|
||||
int s390_cpu_restart(S390CPU *cpu);
|
||||
diff --git a/target/s390x/kvm.c b/target/s390x/kvm.c
|
||||
index 1988809ec2e7b1b6db33ba85eaef..0e93778ed15d0e04e83eff1baccf 100644
|
||||
--- a/target/s390x/kvm.c
|
||||
+++ b/target/s390x/kvm.c
|
||||
@@ -154,6 +154,7 @@ static int cap_ri;
|
||||
static int cap_gs;
|
||||
static int cap_hpage_1m;
|
||||
static int cap_vcpu_resets;
|
||||
+static int cap_protected;
|
||||
|
||||
static int active_cmma;
|
||||
|
||||
@@ -351,6 +352,7 @@ int kvm_arch_init(MachineState *ms, KVMState *s)
|
||||
cap_mem_op = kvm_check_extension(s, KVM_CAP_S390_MEM_OP);
|
||||
cap_s390_irq = kvm_check_extension(s, KVM_CAP_S390_INJECT_IRQ);
|
||||
cap_vcpu_resets = kvm_check_extension(s, KVM_CAP_S390_VCPU_RESETS);
|
||||
+ cap_protected = kvm_check_extension(s, KVM_CAP_S390_PROTECTED);
|
||||
|
||||
if (!kvm_check_extension(s, KVM_CAP_S390_GMAP)
|
||||
|| !kvm_check_extension(s, KVM_CAP_S390_COW)) {
|
||||
@@ -851,6 +853,30 @@ int kvm_s390_mem_op(S390CPU *cpu, vaddr addr, uint8_t ar, void *hostbuf,
|
||||
return ret;
|
||||
}
|
||||
|
||||
+int kvm_s390_mem_op_pv(S390CPU *cpu, uint64_t offset, void *hostbuf,
|
||||
+ int len, bool is_write)
|
||||
+{
|
||||
+ struct kvm_s390_mem_op mem_op = {
|
||||
+ .sida_offset = offset,
|
||||
+ .size = len,
|
||||
+ .op = is_write ? KVM_S390_MEMOP_SIDA_WRITE
|
||||
+ : KVM_S390_MEMOP_SIDA_READ,
|
||||
+ .buf = (uint64_t)hostbuf,
|
||||
+ };
|
||||
+ int ret;
|
||||
+
|
||||
+ if (!cap_mem_op || !cap_protected) {
|
||||
+ return -ENOSYS;
|
||||
+ }
|
||||
+
|
||||
+ ret = kvm_vcpu_ioctl(CPU(cpu), KVM_S390_MEM_OP, &mem_op);
|
||||
+ if (ret < 0) {
|
||||
+ error_report("KVM_S390_MEM_OP failed: %s", strerror(-ret));
|
||||
+ abort();
|
||||
+ }
|
||||
+ return ret;
|
||||
+}
|
||||
+
|
||||
/*
|
||||
* Legacy layout for s390:
|
||||
* Older S390 KVM requires the topmost vma of the RAM to be
|
||||
diff --git a/target/s390x/kvm_s390x.h b/target/s390x/kvm_s390x.h
|
||||
index dea813f450153c34e1269424772d..6ab17c81b73a0011e32213552698 100644
|
||||
--- a/target/s390x/kvm_s390x.h
|
||||
+++ b/target/s390x/kvm_s390x.h
|
||||
@@ -19,6 +19,8 @@ void kvm_s390_vcpu_interrupt(S390CPU *cpu, struct kvm_s390_irq *irq);
|
||||
void kvm_s390_access_exception(S390CPU *cpu, uint16_t code, uint64_t te_code);
|
||||
int kvm_s390_mem_op(S390CPU *cpu, vaddr addr, uint8_t ar, void *hostbuf,
|
||||
int len, bool is_write);
|
||||
+int kvm_s390_mem_op_pv(S390CPU *cpu, vaddr addr, void *hostbuf, int len,
|
||||
+ bool is_write);
|
||||
void kvm_s390_program_interrupt(S390CPU *cpu, uint16_t code);
|
||||
int kvm_s390_set_cpu_state(S390CPU *cpu, uint8_t cpu_state);
|
||||
void kvm_s390_vcpu_interrupt_pre_save(S390CPU *cpu);
|
||||
diff --git a/target/s390x/mmu_helper.c b/target/s390x/mmu_helper.c
|
||||
index 0be2f300bbe4ac8b68619b8c2285..7d9f3059cd502c49108b459c8d23 100644
|
||||
--- a/target/s390x/mmu_helper.c
|
||||
+++ b/target/s390x/mmu_helper.c
|
||||
@@ -474,6 +474,20 @@ static int translate_pages(S390CPU *cpu, vaddr addr, int nr_pages,
|
||||
return 0;
|
||||
}
|
||||
|
||||
+int s390_cpu_pv_mem_rw(S390CPU *cpu, unsigned int offset, void *hostbuf,
|
||||
+ int len, bool is_write)
|
||||
+{
|
||||
+ int ret;
|
||||
+
|
||||
+ if (kvm_enabled()) {
|
||||
+ ret = kvm_s390_mem_op_pv(cpu, offset, hostbuf, len, is_write);
|
||||
+ } else {
|
||||
+ /* Protected Virtualization is a KVM/Hardware only feature */
|
||||
+ g_assert_not_reached();
|
||||
+ }
|
||||
+ return ret;
|
||||
+}
|
||||
+
|
||||
/**
|
||||
* s390_cpu_virt_mem_rw:
|
||||
* @laddr: the logical start address
|
@ -1,61 +0,0 @@
|
||||
From: Christian Borntraeger <borntraeger@de.ibm.com>
|
||||
Date: Tue, 25 Feb 2020 06:28:51 -0500
|
||||
Subject: s390x: Add unpack facility feature to GA1
|
||||
|
||||
Git-commit: 3034eaac3b2970ba85a1d77814ceef1352d05357
|
||||
References: bsc#1167075
|
||||
|
||||
The unpack facility is an indication that diagnose 308 subcodes 8-10
|
||||
are available to the guest. That means, that the guest can put itself
|
||||
into protected mode.
|
||||
|
||||
Once it is in protected mode, the hardware stops any attempt of VM
|
||||
introspection by the hypervisor.
|
||||
|
||||
Some features are currently not supported in protected mode:
|
||||
* vfio devices
|
||||
* Migration
|
||||
* Huge page backings
|
||||
|
||||
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
|
||||
Reviewed-by: David Hildenbrand <david@redhat.com>
|
||||
Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
|
||||
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
|
||||
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
target/s390x/gen-features.c | 1 +
|
||||
target/s390x/kvm.c | 8 ++++++++
|
||||
2 files changed, 9 insertions(+)
|
||||
|
||||
diff --git a/target/s390x/gen-features.c b/target/s390x/gen-features.c
|
||||
index 6278845b12b8dee84c086413c60a..8ddeebc54419a3e2481e21916389 100644
|
||||
--- a/target/s390x/gen-features.c
|
||||
+++ b/target/s390x/gen-features.c
|
||||
@@ -562,6 +562,7 @@ static uint16_t full_GEN15_GA1[] = {
|
||||
S390_FEAT_GROUP_MSA_EXT_9,
|
||||
S390_FEAT_GROUP_MSA_EXT_9_PCKMO,
|
||||
S390_FEAT_ETOKEN,
|
||||
+ S390_FEAT_UNPACK,
|
||||
};
|
||||
|
||||
/* Default features (in order of release)
|
||||
diff --git a/target/s390x/kvm.c b/target/s390x/kvm.c
|
||||
index 870dd1b52b6e424f6cbd751cce0d..69881a0da0b31f72c4c3794d17ab 100644
|
||||
--- a/target/s390x/kvm.c
|
||||
+++ b/target/s390x/kvm.c
|
||||
@@ -2425,6 +2425,14 @@ void kvm_s390_get_host_cpu_model(S390CPUModel *model, Error **errp)
|
||||
clear_bit(S390_FEAT_BPB, model->features);
|
||||
}
|
||||
|
||||
+ /*
|
||||
+ * If we have support for protected virtualization, indicate
|
||||
+ * the protected virtualization IPL unpack facility.
|
||||
+ */
|
||||
+ if (cap_protected) {
|
||||
+ set_bit(S390_FEAT_UNPACK, model->features);
|
||||
+ }
|
||||
+
|
||||
/* We emulate a zPCI bus and AEN, therefore we don't need HW support */
|
||||
set_bit(S390_FEAT_ZPCI, model->features);
|
||||
set_bit(S390_FEAT_ADAPTER_EVENT_NOTIFICATION, model->features);
|
@ -1,61 +0,0 @@
|
||||
From: Janosch Frank <frankja@linux.ibm.com>
|
||||
Date: Fri, 13 Mar 2020 10:35:02 -0400
|
||||
Subject: s390x: Move diagnose 308 subcodes and rcs into ipl.h
|
||||
|
||||
Git-commit: 284bc3dd6e9a978e6e34b00777ce72007a88d6d9
|
||||
References: bsc#1167075
|
||||
|
||||
They are part of the IPL process, so let's put them into the ipl
|
||||
header.
|
||||
|
||||
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
hw/s390x/ipl.h | 11 +++++++++++
|
||||
target/s390x/diag.c | 11 -----------
|
||||
2 files changed, 11 insertions(+), 11 deletions(-)
|
||||
|
||||
diff --git a/hw/s390x/ipl.h b/hw/s390x/ipl.h
|
||||
index 3e44abe1c651d8a01f4708c2801c..a5665e6bfde2e8cfbb1b2e6c7234 100644
|
||||
--- a/hw/s390x/ipl.h
|
||||
+++ b/hw/s390x/ipl.h
|
||||
@@ -159,6 +159,17 @@ struct S390IPLState {
|
||||
typedef struct S390IPLState S390IPLState;
|
||||
QEMU_BUILD_BUG_MSG(offsetof(S390IPLState, iplb) & 3, "alignment of iplb wrong");
|
||||
|
||||
+#define DIAG_308_RC_OK 0x0001
|
||||
+#define DIAG_308_RC_NO_CONF 0x0102
|
||||
+#define DIAG_308_RC_INVALID 0x0402
|
||||
+
|
||||
+#define DIAG308_RESET_MOD_CLR 0
|
||||
+#define DIAG308_RESET_LOAD_NORM 1
|
||||
+#define DIAG308_LOAD_CLEAR 3
|
||||
+#define DIAG308_LOAD_NORMAL_DUMP 4
|
||||
+#define DIAG308_SET 5
|
||||
+#define DIAG308_STORE 6
|
||||
+
|
||||
#define S390_IPL_TYPE_FCP 0x00
|
||||
#define S390_IPL_TYPE_CCW 0x02
|
||||
#define S390_IPL_TYPE_QEMU_SCSI 0xff
|
||||
diff --git a/target/s390x/diag.c b/target/s390x/diag.c
|
||||
index 54e5670b3fd6d960bd3fb4baca8b..8aba6341f94848e1ce8fff420ed8 100644
|
||||
--- a/target/s390x/diag.c
|
||||
+++ b/target/s390x/diag.c
|
||||
@@ -49,17 +49,6 @@ int handle_diag_288(CPUS390XState *env, uint64_t r1, uint64_t r3)
|
||||
return diag288_class->handle_timer(diag288, func, timeout);
|
||||
}
|
||||
|
||||
-#define DIAG_308_RC_OK 0x0001
|
||||
-#define DIAG_308_RC_NO_CONF 0x0102
|
||||
-#define DIAG_308_RC_INVALID 0x0402
|
||||
-
|
||||
-#define DIAG308_RESET_MOD_CLR 0
|
||||
-#define DIAG308_RESET_LOAD_NORM 1
|
||||
-#define DIAG308_LOAD_CLEAR 3
|
||||
-#define DIAG308_LOAD_NORMAL_DUMP 4
|
||||
-#define DIAG308_SET 5
|
||||
-#define DIAG308_STORE 6
|
||||
-
|
||||
static int diag308_parm_check(CPUS390XState *env, uint64_t r1, uint64_t addr,
|
||||
uintptr_t ra, bool write)
|
||||
{
|
@ -1,64 +0,0 @@
|
||||
From: Janosch Frank <frankja@linux.ibm.com>
|
||||
Date: Fri, 6 Mar 2020 06:40:13 -0500
|
||||
Subject: s390x: protvirt: Add migration blocker
|
||||
|
||||
Git-commit: e721e55a3dabb2897081614b17dd4565e85249ac
|
||||
References: bsc#1167075
|
||||
|
||||
Migration is not yet supported.
|
||||
|
||||
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
|
||||
Reviewed-by: David Hildenbrand <david@redhat.com>
|
||||
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
|
||||
Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
|
||||
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
hw/s390x/s390-virtio-ccw.c | 18 ++++++++++++++++++
|
||||
1 file changed, 18 insertions(+)
|
||||
|
||||
diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c
|
||||
index b4d681da43af43f23f66206cacf6..e00040a00ba60b20b42ee26a299b 100644
|
||||
--- a/hw/s390x/s390-virtio-ccw.c
|
||||
+++ b/hw/s390x/s390-virtio-ccw.c
|
||||
@@ -45,6 +45,9 @@
|
||||
#include "sysemu/sysemu.h"
|
||||
#include "hw/s390x/pv.h"
|
||||
#include <linux/kvm.h>
|
||||
+#include "migration/blocker.h"
|
||||
+
|
||||
+static Error *pv_mig_blocker;
|
||||
|
||||
S390CPU *s390_cpu_addr2state(uint16_t cpu_addr)
|
||||
{
|
||||
@@ -324,15 +327,30 @@ static void s390_machine_unprotect(S390CcwMachineState *ms)
|
||||
{
|
||||
s390_pv_vm_disable();
|
||||
ms->pv = false;
|
||||
+ migrate_del_blocker(pv_mig_blocker);
|
||||
+ error_free_or_abort(&pv_mig_blocker);
|
||||
}
|
||||
|
||||
static int s390_machine_protect(S390CcwMachineState *ms)
|
||||
{
|
||||
+ Error *local_err = NULL;
|
||||
int rc;
|
||||
|
||||
+ error_setg(&pv_mig_blocker,
|
||||
+ "protected VMs are currently not migrateable.");
|
||||
+ rc = migrate_add_blocker(pv_mig_blocker, &local_err);
|
||||
+ if (rc) {
|
||||
+ error_report_err(local_err);
|
||||
+ error_free_or_abort(&pv_mig_blocker);
|
||||
+ return rc;
|
||||
+ }
|
||||
+
|
||||
/* Create SE VM */
|
||||
rc = s390_pv_vm_enable();
|
||||
if (rc) {
|
||||
+ error_report_err(local_err);
|
||||
+ migrate_del_blocker(pv_mig_blocker);
|
||||
+ error_free_or_abort(&pv_mig_blocker);
|
||||
return rc;
|
||||
}
|
||||
|
@ -1,119 +0,0 @@
|
||||
From: Janosch Frank <frankja@linux.ibm.com>
|
||||
Date: Fri, 29 Nov 2019 04:22:41 -0500
|
||||
Subject: s390x: protvirt: Disable address checks for PV guest IO emulation
|
||||
|
||||
Git-commit f658bf14295ad49caf8d1b21033982ce69423fb7
|
||||
References: bsc#1167075
|
||||
|
||||
IO instruction data is routed through SIDAD for protected guests, so
|
||||
adresses do not need to be checked, as this is kernel memory which is
|
||||
always available.
|
||||
|
||||
Also the instruction data always starts at offset 0 of the SIDAD.
|
||||
|
||||
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
|
||||
Reviewed-by: Thomas Huth <thuth@redhat.com>
|
||||
Reviewed-by: David Hildenbrand <david@redhat.com>
|
||||
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
|
||||
Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
|
||||
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
target/s390x/ioinst.c | 35 ++++++++++++++++++++++++++++-------
|
||||
1 file changed, 28 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/target/s390x/ioinst.c b/target/s390x/ioinst.c
|
||||
index 0e840cc5792afe02d543568ba880..8828482eec306a2bccd8bef269b7 100644
|
||||
--- a/target/s390x/ioinst.c
|
||||
+++ b/target/s390x/ioinst.c
|
||||
@@ -16,6 +16,25 @@
|
||||
#include "hw/s390x/ioinst.h"
|
||||
#include "trace.h"
|
||||
#include "hw/s390x/s390-pci-bus.h"
|
||||
+#include "hw/s390x/pv.h"
|
||||
+
|
||||
+/* All I/O instructions but chsc use the s format */
|
||||
+static uint64_t get_address_from_regs(CPUS390XState *env, uint32_t ipb,
|
||||
+ uint8_t *ar)
|
||||
+{
|
||||
+ /*
|
||||
+ * Addresses for protected guests are all offsets into the
|
||||
+ * satellite block which holds the IO control structures. Those
|
||||
+ * control structures are always starting at offset 0 and are
|
||||
+ * always aligned and accessible. So we can return 0 here which
|
||||
+ * will pass the following address checks.
|
||||
+ */
|
||||
+ if (s390_is_pv()) {
|
||||
+ *ar = 0;
|
||||
+ return 0;
|
||||
+ }
|
||||
+ return decode_basedisp_s(env, ipb, ar);
|
||||
+}
|
||||
|
||||
int ioinst_disassemble_sch_ident(uint32_t value, int *m, int *cssid, int *ssid,
|
||||
int *schid)
|
||||
@@ -114,7 +133,7 @@ void ioinst_handle_msch(S390CPU *cpu, uint64_t reg1, uint32_t ipb, uintptr_t ra)
|
||||
CPUS390XState *env = &cpu->env;
|
||||
uint8_t ar;
|
||||
|
||||
- addr = decode_basedisp_s(env, ipb, &ar);
|
||||
+ addr = get_address_from_regs(env, ipb, &ar);
|
||||
if (addr & 3) {
|
||||
s390_program_interrupt(env, PGM_SPECIFICATION, ra);
|
||||
return;
|
||||
@@ -171,7 +190,7 @@ void ioinst_handle_ssch(S390CPU *cpu, uint64_t reg1, uint32_t ipb, uintptr_t ra)
|
||||
CPUS390XState *env = &cpu->env;
|
||||
uint8_t ar;
|
||||
|
||||
- addr = decode_basedisp_s(env, ipb, &ar);
|
||||
+ addr = get_address_from_regs(env, ipb, &ar);
|
||||
if (addr & 3) {
|
||||
s390_program_interrupt(env, PGM_SPECIFICATION, ra);
|
||||
return;
|
||||
@@ -203,7 +222,7 @@ void ioinst_handle_stcrw(S390CPU *cpu, uint32_t ipb, uintptr_t ra)
|
||||
CPUS390XState *env = &cpu->env;
|
||||
uint8_t ar;
|
||||
|
||||
- addr = decode_basedisp_s(env, ipb, &ar);
|
||||
+ addr = get_address_from_regs(env, ipb, &ar);
|
||||
if (addr & 3) {
|
||||
s390_program_interrupt(env, PGM_SPECIFICATION, ra);
|
||||
return;
|
||||
@@ -234,7 +253,7 @@ void ioinst_handle_stsch(S390CPU *cpu, uint64_t reg1, uint32_t ipb,
|
||||
CPUS390XState *env = &cpu->env;
|
||||
uint8_t ar;
|
||||
|
||||
- addr = decode_basedisp_s(env, ipb, &ar);
|
||||
+ addr = get_address_from_regs(env, ipb, &ar);
|
||||
if (addr & 3) {
|
||||
s390_program_interrupt(env, PGM_SPECIFICATION, ra);
|
||||
return;
|
||||
@@ -303,7 +322,7 @@ int ioinst_handle_tsch(S390CPU *cpu, uint64_t reg1, uint32_t ipb, uintptr_t ra)
|
||||
return -EIO;
|
||||
}
|
||||
trace_ioinst_sch_id("tsch", cssid, ssid, schid);
|
||||
- addr = decode_basedisp_s(env, ipb, &ar);
|
||||
+ addr = get_address_from_regs(env, ipb, &ar);
|
||||
if (addr & 3) {
|
||||
s390_program_interrupt(env, PGM_SPECIFICATION, ra);
|
||||
return -EIO;
|
||||
@@ -601,7 +620,7 @@ void ioinst_handle_chsc(S390CPU *cpu, uint32_t ipb, uintptr_t ra)
|
||||
{
|
||||
ChscReq *req;
|
||||
ChscResp *res;
|
||||
- uint64_t addr;
|
||||
+ uint64_t addr = 0;
|
||||
int reg;
|
||||
uint16_t len;
|
||||
uint16_t command;
|
||||
@@ -610,7 +629,9 @@ void ioinst_handle_chsc(S390CPU *cpu, uint32_t ipb, uintptr_t ra)
|
||||
|
||||
trace_ioinst("chsc");
|
||||
reg = (ipb >> 20) & 0x00f;
|
||||
- addr = env->regs[reg];
|
||||
+ if (!s390_is_pv()) {
|
||||
+ addr = env->regs[reg];
|
||||
+ }
|
||||
/* Page boundary? */
|
||||
if (addr & 0xfff) {
|
||||
s390_program_interrupt(env, PGM_SPECIFICATION, ra);
|
@ -1,44 +0,0 @@
|
||||
From: Janosch Frank <frankja@linux.ibm.com>
|
||||
Date: Tue, 6 Aug 2019 15:40:05 +0200
|
||||
Subject: s390x: protvirt: Handle SIGP store status correctly
|
||||
|
||||
Git-commit: 398fc6874438c320407449d1c9560925aba2280b
|
||||
References: bsc#1167075
|
||||
|
||||
For protected VMs status storing is not done by QEMU anymore.
|
||||
|
||||
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
|
||||
Reviewed-by: Thomas Huth <thuth@redhat.com>
|
||||
Reviewed-by: David Hildenbrand <david@redhat.com>
|
||||
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
|
||||
Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
|
||||
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
target/s390x/helper.c | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
|
||||
diff --git a/target/s390x/helper.c b/target/s390x/helper.c
|
||||
index ed726849114f2f353471233f670b..09f60406aa33c938ff54a0dbda13 100644
|
||||
--- a/target/s390x/helper.c
|
||||
+++ b/target/s390x/helper.c
|
||||
@@ -25,6 +25,7 @@
|
||||
#include "qemu/timer.h"
|
||||
#include "qemu/qemu-print.h"
|
||||
#include "hw/s390x/ioinst.h"
|
||||
+#include "hw/s390x/pv.h"
|
||||
#include "sysemu/hw_accel.h"
|
||||
#include "sysemu/runstate.h"
|
||||
#ifndef CONFIG_USER_ONLY
|
||||
@@ -246,6 +247,11 @@ int s390_store_status(S390CPU *cpu, hwaddr addr, bool store_arch)
|
||||
hwaddr len = sizeof(*sa);
|
||||
int i;
|
||||
|
||||
+ /* For PVMs storing will occur when this cpu enters SIE again */
|
||||
+ if (s390_is_pv()) {
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
sa = cpu_physical_memory_map(addr, &len, true);
|
||||
if (!sa) {
|
||||
return -EFAULT;
|
@ -1,84 +0,0 @@
|
||||
From: Janosch Frank <frankja@linux.ibm.com>
|
||||
Date: Mon, 24 Feb 2020 07:49:06 -0500
|
||||
Subject: s390x: protvirt: Inhibit balloon when switching to protected mode
|
||||
|
||||
Git-commit: 59dc32a3494d6afdd420f3e401f1f324a1179256
|
||||
References: bsc#1167075
|
||||
|
||||
Ballooning in protected VMs can only be done when the guest shares the
|
||||
pages it gives to the host. If pages are not shared, the integrity
|
||||
checks will fail once those pages have been altered and are given back
|
||||
to the guest.
|
||||
|
||||
As we currently do not yet have a solution for this we will continue
|
||||
like this:
|
||||
|
||||
1. We block ballooning now in QEMU (with this patch).
|
||||
|
||||
2. Later we will provide a change to virtio that removes the blocker
|
||||
and adds VIRTIO_F_IOMMU_PLATFORM automatically by QEMU when doing the
|
||||
protvirt switch. This is OK, as the balloon driver in Linux (the only
|
||||
supported guest) will refuse to work with the IOMMU_PLATFORM feature
|
||||
bit set.
|
||||
|
||||
3. Later, we can fix the guest balloon driver to accept the IOMMU
|
||||
feature bit and correctly exercise sharing and unsharing of balloon
|
||||
pages.
|
||||
|
||||
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
|
||||
Reviewed-by: David Hildenbrand <david@redhat.com>
|
||||
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
|
||||
Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
|
||||
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
hw/s390x/s390-virtio-ccw.c | 11 +++++++++++
|
||||
1 file changed, 11 insertions(+)
|
||||
|
||||
diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c
|
||||
index e00040a00ba60b20b42ee26a299b..db45249320abf7920ec8730790c2 100644
|
||||
--- a/hw/s390x/s390-virtio-ccw.c
|
||||
+++ b/hw/s390x/s390-virtio-ccw.c
|
||||
@@ -43,6 +43,7 @@
|
||||
#include "hw/qdev-properties.h"
|
||||
#include "hw/s390x/tod.h"
|
||||
#include "sysemu/sysemu.h"
|
||||
+#include "sysemu/balloon.h"
|
||||
#include "hw/s390x/pv.h"
|
||||
#include <linux/kvm.h>
|
||||
#include "migration/blocker.h"
|
||||
@@ -329,6 +330,7 @@ static void s390_machine_unprotect(S390CcwMachineState *ms)
|
||||
ms->pv = false;
|
||||
migrate_del_blocker(pv_mig_blocker);
|
||||
error_free_or_abort(&pv_mig_blocker);
|
||||
+ qemu_balloon_inhibit(false);
|
||||
}
|
||||
|
||||
static int s390_machine_protect(S390CcwMachineState *ms)
|
||||
@@ -336,10 +338,18 @@ static int s390_machine_protect(S390CcwMachineState *ms)
|
||||
Error *local_err = NULL;
|
||||
int rc;
|
||||
|
||||
+ /*
|
||||
+ * Ballooning on protected VMs needs support in the guest for
|
||||
+ * sharing and unsharing balloon pages. Block ballooning for
|
||||
+ * now, until we have a solution to make at least Linux guests
|
||||
+ * either support it or fail gracefully.
|
||||
+ */
|
||||
+ qemu_balloon_inhibit(true);
|
||||
error_setg(&pv_mig_blocker,
|
||||
"protected VMs are currently not migrateable.");
|
||||
rc = migrate_add_blocker(pv_mig_blocker, &local_err);
|
||||
if (rc) {
|
||||
+ qemu_balloon_inhibit(false);
|
||||
error_report_err(local_err);
|
||||
error_free_or_abort(&pv_mig_blocker);
|
||||
return rc;
|
||||
@@ -348,6 +358,7 @@ static int s390_machine_protect(S390CcwMachineState *ms)
|
||||
/* Create SE VM */
|
||||
rc = s390_pv_vm_enable();
|
||||
if (rc) {
|
||||
+ qemu_balloon_inhibit(false);
|
||||
error_report_err(local_err);
|
||||
migrate_del_blocker(pv_mig_blocker);
|
||||
error_free_or_abort(&pv_mig_blocker);
|
@ -1,60 +0,0 @@
|
||||
From: Janosch Frank <frankja@linux.ibm.com>
|
||||
Date: Mon, 13 May 2019 10:35:27 +0200
|
||||
Subject: s390x: protvirt: KVM intercept changes
|
||||
|
||||
Git-commit: fd70eb764f176c200d6723c2ad88362f23536bfa
|
||||
References: bsc#1167075
|
||||
|
||||
Protected VMs no longer intercept with code 4 for an instruction
|
||||
interception. Instead they have codes 104 and 108 for protected
|
||||
instruction interception and protected instruction notification
|
||||
respectively.
|
||||
|
||||
The 104 mirrors the 4 interception.
|
||||
|
||||
The 108 is a notification interception to let KVM and QEMU know that
|
||||
something changed and we need to update tracking information or
|
||||
perform specific tasks. It's currently taken for the following
|
||||
instructions:
|
||||
|
||||
* spx (To inform about the changed prefix location)
|
||||
* sclp (On incorrect SCCB values, so we can inject a IRQ)
|
||||
* sigp (All but "stop and store status")
|
||||
* diag308 (Subcodes 0/1)
|
||||
|
||||
Of these exits only sclp errors, state changing sigps and diag308 will
|
||||
reach QEMU. QEMU will do its parts of the job, while the ultravisor
|
||||
has done the instruction part of the job.
|
||||
|
||||
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
|
||||
Reviewed-by: David Hildenbrand <david@redhat.com>
|
||||
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
|
||||
Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
|
||||
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
target/s390x/kvm.c | 4 ++++
|
||||
1 file changed, 4 insertions(+)
|
||||
|
||||
diff --git a/target/s390x/kvm.c b/target/s390x/kvm.c
|
||||
index b2b14bde2b251986230153adca9a..1988809ec2e7b1b6db33ba85eaef 100644
|
||||
--- a/target/s390x/kvm.c
|
||||
+++ b/target/s390x/kvm.c
|
||||
@@ -115,6 +115,8 @@
|
||||
#define ICPT_CPU_STOP 0x28
|
||||
#define ICPT_OPEREXC 0x2c
|
||||
#define ICPT_IO 0x40
|
||||
+#define ICPT_PV_INSTR 0x68
|
||||
+#define ICPT_PV_INSTR_NOTIFICATION 0x6c
|
||||
|
||||
#define NR_LOCAL_IRQS 32
|
||||
/*
|
||||
@@ -1698,6 +1700,8 @@ static int handle_intercept(S390CPU *cpu)
|
||||
(long)cs->kvm_run->psw_addr);
|
||||
switch (icpt_code) {
|
||||
case ICPT_INSTRUCTION:
|
||||
+ case ICPT_PV_INSTR:
|
||||
+ case ICPT_PV_INSTR_NOTIFICATION:
|
||||
r = handle_instruction(cpu, run);
|
||||
break;
|
||||
case ICPT_PROGRAM:
|
@ -1,156 +0,0 @@
|
||||
From: Janosch Frank <frankja@linux.ibm.com>
|
||||
Date: Wed, 5 Feb 2020 07:02:33 -0500
|
||||
Subject: s390x: protvirt: Move IO control structures over SIDA
|
||||
|
||||
Git-commit: 4989e18cbe5621df39020ef812316f479d8f5246
|
||||
References: bsc#1167075
|
||||
|
||||
For protected guests, we need to put the IO emulation results into the
|
||||
SIDA, so SIE will write them into the guest at the next entry.
|
||||
|
||||
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
|
||||
Reviewed-by: David Hildenbrand <david@redhat.com>
|
||||
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
target/s390x/ioinst.c | 61 +++++++++++++++++++++++++++++++------------
|
||||
1 file changed, 45 insertions(+), 16 deletions(-)
|
||||
|
||||
diff --git a/target/s390x/ioinst.c b/target/s390x/ioinst.c
|
||||
index 8828482eec306a2bccd8bef269b7..7a14c52c123b842bba0b13f96b16 100644
|
||||
--- a/target/s390x/ioinst.c
|
||||
+++ b/target/s390x/ioinst.c
|
||||
@@ -138,7 +138,9 @@ void ioinst_handle_msch(S390CPU *cpu, uint64_t reg1, uint32_t ipb, uintptr_t ra)
|
||||
s390_program_interrupt(env, PGM_SPECIFICATION, ra);
|
||||
return;
|
||||
}
|
||||
- if (s390_cpu_virt_mem_read(cpu, addr, ar, &schib, sizeof(schib))) {
|
||||
+ if (s390_is_pv()) {
|
||||
+ s390_cpu_pv_mem_read(cpu, addr, &schib, sizeof(schib));
|
||||
+ } else if (s390_cpu_virt_mem_read(cpu, addr, ar, &schib, sizeof(schib))) {
|
||||
s390_cpu_virt_mem_handle_exc(cpu, ra);
|
||||
return;
|
||||
}
|
||||
@@ -195,7 +197,9 @@ void ioinst_handle_ssch(S390CPU *cpu, uint64_t reg1, uint32_t ipb, uintptr_t ra)
|
||||
s390_program_interrupt(env, PGM_SPECIFICATION, ra);
|
||||
return;
|
||||
}
|
||||
- if (s390_cpu_virt_mem_read(cpu, addr, ar, &orig_orb, sizeof(orb))) {
|
||||
+ if (s390_is_pv()) {
|
||||
+ s390_cpu_pv_mem_read(cpu, addr, &orig_orb, sizeof(orb));
|
||||
+ } else if (s390_cpu_virt_mem_read(cpu, addr, ar, &orig_orb, sizeof(orb))) {
|
||||
s390_cpu_virt_mem_handle_exc(cpu, ra);
|
||||
return;
|
||||
}
|
||||
@@ -231,14 +235,19 @@ void ioinst_handle_stcrw(S390CPU *cpu, uint32_t ipb, uintptr_t ra)
|
||||
cc = css_do_stcrw(&crw);
|
||||
/* 0 - crw stored, 1 - zeroes stored */
|
||||
|
||||
- if (s390_cpu_virt_mem_write(cpu, addr, ar, &crw, sizeof(crw)) == 0) {
|
||||
+ if (s390_is_pv()) {
|
||||
+ s390_cpu_pv_mem_write(cpu, addr, &crw, sizeof(crw));
|
||||
setcc(cpu, cc);
|
||||
} else {
|
||||
- if (cc == 0) {
|
||||
- /* Write failed: requeue CRW since STCRW is suppressing */
|
||||
- css_undo_stcrw(&crw);
|
||||
+ if (s390_cpu_virt_mem_write(cpu, addr, ar, &crw, sizeof(crw)) == 0) {
|
||||
+ setcc(cpu, cc);
|
||||
+ } else {
|
||||
+ if (cc == 0) {
|
||||
+ /* Write failed: requeue CRW since STCRW is suppressing */
|
||||
+ css_undo_stcrw(&crw);
|
||||
+ }
|
||||
+ s390_cpu_virt_mem_handle_exc(cpu, ra);
|
||||
}
|
||||
- s390_cpu_virt_mem_handle_exc(cpu, ra);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -260,6 +269,13 @@ void ioinst_handle_stsch(S390CPU *cpu, uint64_t reg1, uint32_t ipb,
|
||||
}
|
||||
|
||||
if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid)) {
|
||||
+ /*
|
||||
+ * The Ultravisor checks schid bit 16 to be one and bits 0-12
|
||||
+ * to be 0 and injects a operand exception itself.
|
||||
+ *
|
||||
+ * Hence we should never end up here.
|
||||
+ */
|
||||
+ g_assert(!s390_is_pv());
|
||||
/*
|
||||
* As operand exceptions have a lower priority than access exceptions,
|
||||
* we check whether the memory area is writeable (injecting the
|
||||
@@ -292,14 +308,17 @@ void ioinst_handle_stsch(S390CPU *cpu, uint64_t reg1, uint32_t ipb,
|
||||
}
|
||||
}
|
||||
if (cc != 3) {
|
||||
- if (s390_cpu_virt_mem_write(cpu, addr, ar, &schib,
|
||||
- sizeof(schib)) != 0) {
|
||||
+ if (s390_is_pv()) {
|
||||
+ s390_cpu_pv_mem_write(cpu, addr, &schib, sizeof(schib));
|
||||
+ } else if (s390_cpu_virt_mem_write(cpu, addr, ar, &schib,
|
||||
+ sizeof(schib)) != 0) {
|
||||
s390_cpu_virt_mem_handle_exc(cpu, ra);
|
||||
return;
|
||||
}
|
||||
} else {
|
||||
/* Access exceptions have a higher priority than cc3 */
|
||||
- if (s390_cpu_virt_mem_check_write(cpu, addr, ar, sizeof(schib)) != 0) {
|
||||
+ if (!s390_is_pv() &&
|
||||
+ s390_cpu_virt_mem_check_write(cpu, addr, ar, sizeof(schib)) != 0) {
|
||||
s390_cpu_virt_mem_handle_exc(cpu, ra);
|
||||
return;
|
||||
}
|
||||
@@ -336,7 +355,9 @@ int ioinst_handle_tsch(S390CPU *cpu, uint64_t reg1, uint32_t ipb, uintptr_t ra)
|
||||
}
|
||||
/* 0 - status pending, 1 - not status pending, 3 - not operational */
|
||||
if (cc != 3) {
|
||||
- if (s390_cpu_virt_mem_write(cpu, addr, ar, &irb, irb_len) != 0) {
|
||||
+ if (s390_is_pv()) {
|
||||
+ s390_cpu_pv_mem_write(cpu, addr, &irb, irb_len);
|
||||
+ } else if (s390_cpu_virt_mem_write(cpu, addr, ar, &irb, irb_len) != 0) {
|
||||
s390_cpu_virt_mem_handle_exc(cpu, ra);
|
||||
return -EFAULT;
|
||||
}
|
||||
@@ -344,7 +365,8 @@ int ioinst_handle_tsch(S390CPU *cpu, uint64_t reg1, uint32_t ipb, uintptr_t ra)
|
||||
} else {
|
||||
irb_len = sizeof(irb) - sizeof(irb.emw);
|
||||
/* Access exceptions have a higher priority than cc3 */
|
||||
- if (s390_cpu_virt_mem_check_write(cpu, addr, ar, irb_len) != 0) {
|
||||
+ if (!s390_is_pv() &&
|
||||
+ s390_cpu_virt_mem_check_write(cpu, addr, ar, irb_len) != 0) {
|
||||
s390_cpu_virt_mem_handle_exc(cpu, ra);
|
||||
return -EFAULT;
|
||||
}
|
||||
@@ -642,7 +664,9 @@ void ioinst_handle_chsc(S390CPU *cpu, uint32_t ipb, uintptr_t ra)
|
||||
* present CHSC sub-handlers ... if we ever need more, we should take
|
||||
* care of req->len here first.
|
||||
*/
|
||||
- if (s390_cpu_virt_mem_read(cpu, addr, reg, buf, sizeof(ChscReq))) {
|
||||
+ if (s390_is_pv()) {
|
||||
+ s390_cpu_pv_mem_read(cpu, addr, buf, sizeof(ChscReq));
|
||||
+ } else if (s390_cpu_virt_mem_read(cpu, addr, reg, buf, sizeof(ChscReq))) {
|
||||
s390_cpu_virt_mem_handle_exc(cpu, ra);
|
||||
return;
|
||||
}
|
||||
@@ -675,11 +699,16 @@ void ioinst_handle_chsc(S390CPU *cpu, uint32_t ipb, uintptr_t ra)
|
||||
break;
|
||||
}
|
||||
|
||||
- if (!s390_cpu_virt_mem_write(cpu, addr + len, reg, res,
|
||||
- be16_to_cpu(res->len))) {
|
||||
+ if (s390_is_pv()) {
|
||||
+ s390_cpu_pv_mem_write(cpu, addr + len, res, be16_to_cpu(res->len));
|
||||
setcc(cpu, 0); /* Command execution complete */
|
||||
} else {
|
||||
- s390_cpu_virt_mem_handle_exc(cpu, ra);
|
||||
+ if (!s390_cpu_virt_mem_write(cpu, addr + len, reg, res,
|
||||
+ be16_to_cpu(res->len))) {
|
||||
+ setcc(cpu, 0); /* Command execution complete */
|
||||
+ } else {
|
||||
+ s390_cpu_virt_mem_handle_exc(cpu, ra);
|
||||
+ }
|
||||
}
|
||||
}
|
||||
|
@ -1,55 +0,0 @@
|
||||
From: Janosch Frank <frankja@linux.ibm.com>
|
||||
Date: Wed, 5 Feb 2020 07:02:51 -0500
|
||||
Subject: s390x: protvirt: Move STSI data over SIDAD
|
||||
|
||||
Git-commit: ccce7a654911ae507c962aff5f41004a7a88fad6
|
||||
References: bsc#1167075
|
||||
|
||||
For protected guests, we need to put the STSI emulation results into
|
||||
the SIDA, so SIE will write them into the guest at the next entry.
|
||||
|
||||
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
|
||||
Reviewed-by: David Hildenbrand <david@redhat.com>
|
||||
Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
|
||||
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
target/s390x/kvm.c | 11 +++++++++--
|
||||
1 file changed, 9 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/target/s390x/kvm.c b/target/s390x/kvm.c
|
||||
index 0e93778ed15d0e04e83eff1baccf..e0b61680ab086a5ff5875c42b7e5 100644
|
||||
--- a/target/s390x/kvm.c
|
||||
+++ b/target/s390x/kvm.c
|
||||
@@ -50,6 +50,7 @@
|
||||
#include "exec/memattrs.h"
|
||||
#include "hw/s390x/s390-virtio-ccw.h"
|
||||
#include "hw/s390x/s390-virtio-hcall.h"
|
||||
+#include "hw/s390x/pv.h"
|
||||
|
||||
#ifndef DEBUG_KVM
|
||||
#define DEBUG_KVM 0
|
||||
@@ -1808,7 +1809,9 @@ static void insert_stsi_3_2_2(S390CPU *cpu, __u64 addr, uint8_t ar)
|
||||
SysIB_322 sysib;
|
||||
int del, i;
|
||||
|
||||
- if (s390_cpu_virt_mem_read(cpu, addr, ar, &sysib, sizeof(sysib))) {
|
||||
+ if (s390_is_pv()) {
|
||||
+ s390_cpu_pv_mem_read(cpu, 0, &sysib, sizeof(sysib));
|
||||
+ } else if (s390_cpu_virt_mem_read(cpu, addr, ar, &sysib, sizeof(sysib))) {
|
||||
return;
|
||||
}
|
||||
/* Shift the stack of Extended Names to prepare for our own data */
|
||||
@@ -1861,7 +1864,11 @@ static void insert_stsi_3_2_2(S390CPU *cpu, __u64 addr, uint8_t ar)
|
||||
/* Insert UUID */
|
||||
memcpy(sysib.vm[0].uuid, &qemu_uuid, sizeof(sysib.vm[0].uuid));
|
||||
|
||||
- s390_cpu_virt_mem_write(cpu, addr, ar, &sysib, sizeof(sysib));
|
||||
+ if (s390_is_pv()) {
|
||||
+ s390_cpu_pv_mem_write(cpu, 0, &sysib, sizeof(sysib));
|
||||
+ } else {
|
||||
+ s390_cpu_virt_mem_write(cpu, addr, ar, &sysib, sizeof(sysib));
|
||||
+ }
|
||||
}
|
||||
|
||||
static int handle_stsi(S390CPU *cpu)
|
@ -1,78 +0,0 @@
|
||||
From: Janosch Frank <frankja@linux.ibm.com>
|
||||
Date: Wed, 31 Jul 2019 17:49:08 +0200
|
||||
Subject: s390x: protvirt: Move diag 308 data over SIDA
|
||||
|
||||
Git-commit: 258da1c7736d3aa4604ceea6cce00995c6f30058
|
||||
References: bsc#1167075
|
||||
|
||||
For protected guests the IPIB is written/read to/from the SIDA, so we
|
||||
need those accesses to go through s390_cpu_pv_mem_read/write().
|
||||
|
||||
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
|
||||
Reviewed-by: David Hildenbrand <david@redhat.com>
|
||||
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
|
||||
Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
|
||||
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
target/s390x/diag.c | 25 ++++++++++++++++++++-----
|
||||
1 file changed, 20 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/target/s390x/diag.c b/target/s390x/diag.c
|
||||
index b2cbefb8cfe4e5a244219e761fb4..1a4842956402e308426c0ed5ce5c 100644
|
||||
--- a/target/s390x/diag.c
|
||||
+++ b/target/s390x/diag.c
|
||||
@@ -75,6 +75,7 @@ void handle_diag_308(CPUS390XState *env, uint64_t r1, uint64_t r3, uintptr_t ra)
|
||||
{
|
||||
bool valid;
|
||||
CPUState *cs = env_cpu(env);
|
||||
+ S390CPU *cpu = S390_CPU(cs);
|
||||
uint64_t addr = env->regs[r1];
|
||||
uint64_t subcode = env->regs[r3];
|
||||
IplParameterBlock *iplb;
|
||||
@@ -111,13 +112,22 @@ void handle_diag_308(CPUS390XState *env, uint64_t r1, uint64_t r3, uintptr_t ra)
|
||||
return;
|
||||
}
|
||||
iplb = g_new0(IplParameterBlock, 1);
|
||||
- cpu_physical_memory_read(addr, iplb, sizeof(iplb->len));
|
||||
+ if (!s390_is_pv()) {
|
||||
+ cpu_physical_memory_read(addr, iplb, sizeof(iplb->len));
|
||||
+ } else {
|
||||
+ s390_cpu_pv_mem_read(cpu, 0, iplb, sizeof(iplb->len));
|
||||
+ }
|
||||
+
|
||||
if (!iplb_valid_len(iplb)) {
|
||||
env->regs[r1 + 1] = DIAG_308_RC_INVALID;
|
||||
goto out;
|
||||
}
|
||||
|
||||
- cpu_physical_memory_read(addr, iplb, be32_to_cpu(iplb->len));
|
||||
+ if (!s390_is_pv()) {
|
||||
+ cpu_physical_memory_read(addr, iplb, be32_to_cpu(iplb->len));
|
||||
+ } else {
|
||||
+ s390_cpu_pv_mem_read(cpu, 0, iplb, be32_to_cpu(iplb->len));
|
||||
+ }
|
||||
|
||||
valid = subcode == DIAG308_PV_SET ? iplb_valid_pv(iplb) : iplb_valid(iplb);
|
||||
if (!valid) {
|
||||
@@ -140,12 +150,17 @@ out:
|
||||
} else {
|
||||
iplb = s390_ipl_get_iplb();
|
||||
}
|
||||
- if (iplb) {
|
||||
+ if (!iplb) {
|
||||
+ env->regs[r1 + 1] = DIAG_308_RC_NO_CONF;
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ if (!s390_is_pv()) {
|
||||
cpu_physical_memory_write(addr, iplb, be32_to_cpu(iplb->len));
|
||||
- env->regs[r1 + 1] = DIAG_308_RC_OK;
|
||||
} else {
|
||||
- env->regs[r1 + 1] = DIAG_308_RC_NO_CONF;
|
||||
+ s390_cpu_pv_mem_write(cpu, 0, iplb, be32_to_cpu(iplb->len));
|
||||
}
|
||||
+ env->regs[r1 + 1] = DIAG_308_RC_OK;
|
||||
return;
|
||||
case DIAG308_PV_START:
|
||||
iplb = s390_ipl_get_iplb_pv();
|
@ -1,156 +0,0 @@
|
||||
From: Janosch Frank <frankja@linux.ibm.com>
|
||||
Date: Mon, 3 Jun 2019 16:40:29 +0200
|
||||
Subject: s390x: protvirt: SCLP interpretation
|
||||
|
||||
Git-commit: 32633cf4539341180dbc7a92c2655c711b4a6996
|
||||
References: bsc#1167075
|
||||
|
||||
SCLP for a protected guest is done over the SIDAD, so we need to use
|
||||
the s390_cpu_pv_mem_* functions to access the SIDAD instead of guest
|
||||
memory when reading/writing SCBs.
|
||||
|
||||
To not confuse the sclp emulation, we set 0x4000 as the SCCB address,
|
||||
since the function that injects the sclp external interrupt would
|
||||
reject a zero sccb address.
|
||||
|
||||
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
|
||||
Reviewed-by: David Hildenbrand <david@redhat.com>
|
||||
Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
|
||||
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
hw/s390x/sclp.c | 56 +++++++++++++++++++++++++++++++++--------
|
||||
include/hw/s390x/sclp.h | 2 ++
|
||||
target/s390x/kvm.c | 25 ++++++++++++++----
|
||||
3 files changed, 67 insertions(+), 16 deletions(-)
|
||||
|
||||
diff --git a/hw/s390x/sclp.c b/hw/s390x/sclp.c
|
||||
index f0c35aa57afde03f7ec3e5f52f49..ede056b3efd7d92445d00f2e1298 100644
|
||||
--- a/hw/s390x/sclp.c
|
||||
+++ b/hw/s390x/sclp.c
|
||||
@@ -33,6 +33,22 @@ static inline SCLPDevice *get_sclp_device(void)
|
||||
return sclp;
|
||||
}
|
||||
|
||||
+static inline bool sclp_command_code_valid(uint32_t code)
|
||||
+{
|
||||
+ switch (code & SCLP_CMD_CODE_MASK) {
|
||||
+ case SCLP_CMDW_READ_SCP_INFO:
|
||||
+ case SCLP_CMDW_READ_SCP_INFO_FORCED:
|
||||
+ case SCLP_CMDW_READ_CPU_INFO:
|
||||
+ case SCLP_CMDW_CONFIGURE_IOA:
|
||||
+ case SCLP_CMDW_DECONFIGURE_IOA:
|
||||
+ case SCLP_CMD_READ_EVENT_DATA:
|
||||
+ case SCLP_CMD_WRITE_EVENT_DATA:
|
||||
+ case SCLP_CMD_WRITE_EVENT_MASK:
|
||||
+ return true;
|
||||
+ }
|
||||
+ return false;
|
||||
+}
|
||||
+
|
||||
static void prepare_cpu_entries(SCLPDevice *sclp, CPUEntry *entry, int *count)
|
||||
{
|
||||
MachineState *ms = MACHINE(qdev_get_machine());
|
||||
@@ -193,6 +209,34 @@ static void sclp_execute(SCLPDevice *sclp, SCCB *sccb, uint32_t code)
|
||||
}
|
||||
}
|
||||
|
||||
+/*
|
||||
+ * We only need the address to have something valid for the
|
||||
+ * service_interrupt call.
|
||||
+ */
|
||||
+#define SCLP_PV_DUMMY_ADDR 0x4000
|
||||
+int sclp_service_call_protected(CPUS390XState *env, uint64_t sccb,
|
||||
+ uint32_t code)
|
||||
+{
|
||||
+ SCLPDevice *sclp = get_sclp_device();
|
||||
+ SCLPDeviceClass *sclp_c = SCLP_GET_CLASS(sclp);
|
||||
+ SCCB work_sccb;
|
||||
+ hwaddr sccb_len = sizeof(SCCB);
|
||||
+
|
||||
+ s390_cpu_pv_mem_read(env_archcpu(env), 0, &work_sccb, sccb_len);
|
||||
+
|
||||
+ if (!sclp_command_code_valid(code)) {
|
||||
+ work_sccb.h.response_code = cpu_to_be16(SCLP_RC_INVALID_SCLP_COMMAND);
|
||||
+ goto out_write;
|
||||
+ }
|
||||
+
|
||||
+ sclp_c->execute(sclp, &work_sccb, code);
|
||||
+out_write:
|
||||
+ s390_cpu_pv_mem_write(env_archcpu(env), 0, &work_sccb,
|
||||
+ be16_to_cpu(work_sccb.h.length));
|
||||
+ sclp_c->service_interrupt(sclp, SCLP_PV_DUMMY_ADDR);
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
int sclp_service_call(CPUS390XState *env, uint64_t sccb, uint32_t code)
|
||||
{
|
||||
SCLPDevice *sclp = get_sclp_device();
|
||||
@@ -225,17 +269,7 @@ int sclp_service_call(CPUS390XState *env, uint64_t sccb, uint32_t code)
|
||||
return -PGM_SPECIFICATION;
|
||||
}
|
||||
|
||||
- switch (code & SCLP_CMD_CODE_MASK) {
|
||||
- case SCLP_CMDW_READ_SCP_INFO:
|
||||
- case SCLP_CMDW_READ_SCP_INFO_FORCED:
|
||||
- case SCLP_CMDW_READ_CPU_INFO:
|
||||
- case SCLP_CMDW_CONFIGURE_IOA:
|
||||
- case SCLP_CMDW_DECONFIGURE_IOA:
|
||||
- case SCLP_CMD_READ_EVENT_DATA:
|
||||
- case SCLP_CMD_WRITE_EVENT_DATA:
|
||||
- case SCLP_CMD_WRITE_EVENT_MASK:
|
||||
- break;
|
||||
- default:
|
||||
+ if (!sclp_command_code_valid(code)) {
|
||||
work_sccb.h.response_code = cpu_to_be16(SCLP_RC_INVALID_SCLP_COMMAND);
|
||||
goto out_write;
|
||||
}
|
||||
diff --git a/include/hw/s390x/sclp.h b/include/hw/s390x/sclp.h
|
||||
index cd7b24359f28deb4b659b1f284f6..822eff4396ff5dded7496e50575d 100644
|
||||
--- a/include/hw/s390x/sclp.h
|
||||
+++ b/include/hw/s390x/sclp.h
|
||||
@@ -217,5 +217,7 @@ void s390_sclp_init(void);
|
||||
void sclp_service_interrupt(uint32_t sccb);
|
||||
void raise_irq_cpu_hotplug(void);
|
||||
int sclp_service_call(CPUS390XState *env, uint64_t sccb, uint32_t code);
|
||||
+int sclp_service_call_protected(CPUS390XState *env, uint64_t sccb,
|
||||
+ uint32_t code);
|
||||
|
||||
#endif
|
||||
diff --git a/target/s390x/kvm.c b/target/s390x/kvm.c
|
||||
index e0b61680ab086a5ff5875c42b7e5..870dd1b52b6e424f6cbd751cce0d 100644
|
||||
--- a/target/s390x/kvm.c
|
||||
+++ b/target/s390x/kvm.c
|
||||
@@ -1233,12 +1233,27 @@ static void kvm_sclp_service_call(S390CPU *cpu, struct kvm_run *run,
|
||||
sccb = env->regs[ipbh0 & 0xf];
|
||||
code = env->regs[(ipbh0 & 0xf0) >> 4];
|
||||
|
||||
- r = sclp_service_call(env, sccb, code);
|
||||
- if (r < 0) {
|
||||
- kvm_s390_program_interrupt(cpu, -r);
|
||||
- return;
|
||||
+ switch (run->s390_sieic.icptcode) {
|
||||
+ case ICPT_PV_INSTR_NOTIFICATION:
|
||||
+ g_assert(s390_is_pv());
|
||||
+ /* The notification intercepts are currently handled by KVM */
|
||||
+ error_report("unexpected SCLP PV notification");
|
||||
+ exit(1);
|
||||
+ break;
|
||||
+ case ICPT_PV_INSTR:
|
||||
+ g_assert(s390_is_pv());
|
||||
+ sclp_service_call_protected(env, sccb, code);
|
||||
+ /* Setting the CC is done by the Ultravisor. */
|
||||
+ break;
|
||||
+ case ICPT_INSTRUCTION:
|
||||
+ g_assert(!s390_is_pv());
|
||||
+ r = sclp_service_call(env, sccb, code);
|
||||
+ if (r < 0) {
|
||||
+ kvm_s390_program_interrupt(cpu, -r);
|
||||
+ return;
|
||||
+ }
|
||||
+ setcc(cpu, r);
|
||||
}
|
||||
- setcc(cpu, r);
|
||||
}
|
||||
|
||||
static int handle_b2(S390CPU *cpu, struct kvm_run *run, uint8_t ipa1)
|
@ -1,60 +0,0 @@
|
||||
From: Janosch Frank <frankja@linux.ibm.com>
|
||||
Date: Tue, 23 Jul 2019 13:17:32 +0200
|
||||
Subject: s390x: protvirt: Set guest IPL PSW
|
||||
|
||||
Git-commit: e8686d9849f1625f4f4b28403f0555181b72d1b6
|
||||
References: bsc#1167075
|
||||
|
||||
Handling of CPU reset and setting of the IPL psw from guest storage at
|
||||
offset 0 is done by a Ultravisor call. Let's only fetch it if
|
||||
necessary.
|
||||
|
||||
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
|
||||
Reviewed-by: Thomas Huth <thuth@redhat.com>
|
||||
Reviewed-by: David Hildenbrand <david@redhat.com>
|
||||
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
|
||||
Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
|
||||
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
target/s390x/cpu.c | 26 +++++++++++++++++---------
|
||||
1 file changed, 17 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/target/s390x/cpu.c b/target/s390x/cpu.c
|
||||
index bb7a588e3b791fe48b4e0a0826dd..f2ccf0a06a0c9c1dde202988ceee 100644
|
||||
--- a/target/s390x/cpu.c
|
||||
+++ b/target/s390x/cpu.c
|
||||
@@ -77,16 +77,24 @@ static bool s390_cpu_has_work(CPUState *cs)
|
||||
static void s390_cpu_load_normal(CPUState *s)
|
||||
{
|
||||
S390CPU *cpu = S390_CPU(s);
|
||||
- uint64_t spsw = ldq_phys(s->as, 0);
|
||||
-
|
||||
- cpu->env.psw.mask = spsw & PSW_MASK_SHORT_CTRL;
|
||||
- /*
|
||||
- * Invert short psw indication, so SIE will report a specification
|
||||
- * exception if it was not set.
|
||||
- */
|
||||
- cpu->env.psw.mask ^= PSW_MASK_SHORTPSW;
|
||||
- cpu->env.psw.addr = spsw & PSW_MASK_SHORT_ADDR;
|
||||
+ uint64_t spsw;
|
||||
|
||||
+ if (!s390_is_pv()) {
|
||||
+ spsw = ldq_phys(s->as, 0);
|
||||
+ cpu->env.psw.mask = spsw & PSW_MASK_SHORT_CTRL;
|
||||
+ /*
|
||||
+ * Invert short psw indication, so SIE will report a specification
|
||||
+ * exception if it was not set.
|
||||
+ */
|
||||
+ cpu->env.psw.mask ^= PSW_MASK_SHORTPSW;
|
||||
+ cpu->env.psw.addr = spsw & PSW_MASK_SHORT_ADDR;
|
||||
+ } else {
|
||||
+ /*
|
||||
+ * Firmware requires us to set the load state before we set
|
||||
+ * the cpu to operating on protected guests.
|
||||
+ */
|
||||
+ s390_cpu_set_state(S390_CPU_STATE_LOAD, cpu);
|
||||
+ }
|
||||
s390_cpu_set_state(S390_CPU_STATE_OPERATING, cpu);
|
||||
}
|
||||
#endif
|
@ -1,869 +0,0 @@
|
||||
From: Janosch Frank <frankja@linux.ibm.com>
|
||||
Date: Mon, 11 Feb 2019 16:07:19 +0100
|
||||
Subject: s390x: protvirt: Support unpack facility
|
||||
|
||||
Git-commit: 2150c92b9b7d12b5fbdd2c59e5b17197d28f53db
|
||||
References: bsc#1167075
|
||||
|
||||
The unpack facility provides the means to setup a protected guest. A
|
||||
protected guest cannot be introspected by the hypervisor or any
|
||||
user/administrator of the machine it is running on.
|
||||
|
||||
Protected guests are encrypted at rest and need a special boot
|
||||
mechanism via diag308 subcode 8 and 10.
|
||||
|
||||
Code 8 sets the PV specific IPLB which is retained separately from
|
||||
those set via code 5.
|
||||
|
||||
Code 10 is used to unpack the VM into protected memory, verify its
|
||||
integrity and start it.
|
||||
|
||||
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
|
||||
Co-developed-by: Christian Borntraeger <borntraeger@de.ibm.com> [Changes
|
||||
to machine]
|
||||
Reviewed-by: David Hildenbrand <david@redhat.com>
|
||||
Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
|
||||
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
|
||||
[BR: Needed to fix a compiler warning on i586 in hw/s390x/ipl.c]
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
MAINTAINERS | 2 +
|
||||
hw/s390x/Makefile.objs | 1 +
|
||||
hw/s390x/ipl.c | 59 +++++++++++++-
|
||||
hw/s390x/ipl.h | 91 ++++++++++++++++++++-
|
||||
hw/s390x/pv.c | 98 +++++++++++++++++++++++
|
||||
hw/s390x/s390-virtio-ccw.c | 119 +++++++++++++++++++++++++++-
|
||||
include/hw/s390x/pv.h | 55 +++++++++++++
|
||||
include/hw/s390x/s390-virtio-ccw.h | 1 +
|
||||
target/s390x/cpu.c | 1 +
|
||||
target/s390x/cpu_features_def.inc.h | 1 +
|
||||
target/s390x/diag.c | 39 ++++++++-
|
||||
target/s390x/kvm-stub.c | 5 ++
|
||||
target/s390x/kvm.c | 5 ++
|
||||
target/s390x/kvm_s390x.h | 1 +
|
||||
14 files changed, 468 insertions(+), 10 deletions(-)
|
||||
|
||||
diff --git a/MAINTAINERS b/MAINTAINERS
|
||||
index 8cbc1fac2bfcec86e0e9415ab244..831d4b014aea8c3ce17050cea880 100644
|
||||
--- a/MAINTAINERS
|
||||
+++ b/MAINTAINERS
|
||||
@@ -396,6 +396,8 @@ F: target/s390x/machine.c
|
||||
F: target/s390x/sigp.c
|
||||
F: target/s390x/cpu_features*.[ch]
|
||||
F: target/s390x/cpu_models.[ch]
|
||||
+F: hw/s390x/pv.c
|
||||
+F: include/hw/s390x/pv.h
|
||||
F: hw/intc/s390_flic.c
|
||||
F: hw/intc/s390_flic_kvm.c
|
||||
F: include/hw/s390x/s390_flic.h
|
||||
diff --git a/hw/s390x/Makefile.objs b/hw/s390x/Makefile.objs
|
||||
index e02ed80b6829a511362abc3525ec..a46a1c7894e0f612a2d74cec74f6 100644
|
||||
--- a/hw/s390x/Makefile.objs
|
||||
+++ b/hw/s390x/Makefile.objs
|
||||
@@ -31,6 +31,7 @@ obj-y += tod-qemu.o
|
||||
obj-$(CONFIG_KVM) += tod-kvm.o
|
||||
obj-$(CONFIG_KVM) += s390-skeys-kvm.o
|
||||
obj-$(CONFIG_KVM) += s390-stattrib-kvm.o
|
||||
+obj-$(CONFIG_KVM) += pv.o
|
||||
obj-y += s390-ccw.o
|
||||
obj-y += ap-device.o
|
||||
obj-y += ap-bridge.o
|
||||
diff --git a/hw/s390x/ipl.c b/hw/s390x/ipl.c
|
||||
index 8c3e019571764920857540be62aa..ce21494c08f77a35269b5e4b3ad5 100644
|
||||
--- a/hw/s390x/ipl.c
|
||||
+++ b/hw/s390x/ipl.c
|
||||
@@ -1,10 +1,11 @@
|
||||
/*
|
||||
* bootloader support
|
||||
*
|
||||
- * Copyright IBM, Corp. 2012
|
||||
+ * Copyright IBM, Corp. 2012, 2020
|
||||
*
|
||||
* Authors:
|
||||
* Christian Borntraeger <borntraeger@de.ibm.com>
|
||||
+ * Janosch Frank <frankja@linux.ibm.com>
|
||||
*
|
||||
* This work is licensed under the terms of the GNU GPL, version 2 or (at your
|
||||
* option) any later version. See the COPYING file in the top-level directory.
|
||||
@@ -27,6 +28,7 @@
|
||||
#include "hw/s390x/vfio-ccw.h"
|
||||
#include "hw/s390x/css.h"
|
||||
#include "hw/s390x/ebcdic.h"
|
||||
+#include "hw/s390x/pv.h"
|
||||
#include "ipl.h"
|
||||
#include "qemu/error-report.h"
|
||||
#include "qemu/config-file.h"
|
||||
@@ -566,12 +568,31 @@ void s390_ipl_update_diag308(IplParameterBlock *iplb)
|
||||
{
|
||||
S390IPLState *ipl = get_ipl_device();
|
||||
|
||||
- ipl->iplb = *iplb;
|
||||
- ipl->iplb_valid = true;
|
||||
+ /*
|
||||
+ * The IPLB set and retrieved by subcodes 8/9 is completely
|
||||
+ * separate from the one managed via subcodes 5/6.
|
||||
+ */
|
||||
+ if (iplb->pbt == S390_IPL_TYPE_PV) {
|
||||
+ ipl->iplb_pv = *iplb;
|
||||
+ ipl->iplb_valid_pv = true;
|
||||
+ } else {
|
||||
+ ipl->iplb = *iplb;
|
||||
+ ipl->iplb_valid = true;
|
||||
+ }
|
||||
ipl->netboot = is_virtio_net_device(iplb);
|
||||
update_machine_ipl_properties(iplb);
|
||||
}
|
||||
|
||||
+IplParameterBlock *s390_ipl_get_iplb_pv(void)
|
||||
+{
|
||||
+ S390IPLState *ipl = get_ipl_device();
|
||||
+
|
||||
+ if (!ipl->iplb_valid_pv) {
|
||||
+ return NULL;
|
||||
+ }
|
||||
+ return &ipl->iplb_pv;
|
||||
+}
|
||||
+
|
||||
IplParameterBlock *s390_ipl_get_iplb(void)
|
||||
{
|
||||
S390IPLState *ipl = get_ipl_device();
|
||||
@@ -660,6 +681,38 @@ static void s390_ipl_prepare_qipl(S390CPU *cpu)
|
||||
cpu_physical_memory_unmap(addr, len, 1, len);
|
||||
}
|
||||
|
||||
+int s390_ipl_prepare_pv_header(void)
|
||||
+{
|
||||
+ IplParameterBlock *ipib = s390_ipl_get_iplb_pv();
|
||||
+ IPLBlockPV *ipib_pv = &ipib->pv;
|
||||
+ void *hdr = g_malloc(ipib_pv->pv_header_len);
|
||||
+ int rc;
|
||||
+
|
||||
+ cpu_physical_memory_read(ipib_pv->pv_header_addr, hdr,
|
||||
+ ipib_pv->pv_header_len);
|
||||
+ rc = s390_pv_set_sec_parms((uintptr_t)hdr,
|
||||
+ ipib_pv->pv_header_len);
|
||||
+ g_free(hdr);
|
||||
+ return rc;
|
||||
+}
|
||||
+
|
||||
+int s390_ipl_pv_unpack(void)
|
||||
+{
|
||||
+ IplParameterBlock *ipib = s390_ipl_get_iplb_pv();
|
||||
+ IPLBlockPV *ipib_pv = &ipib->pv;
|
||||
+ int i, rc = 0;
|
||||
+
|
||||
+ for (i = 0; i < ipib_pv->num_comp; i++) {
|
||||
+ rc = s390_pv_unpack(ipib_pv->components[i].addr,
|
||||
+ TARGET_PAGE_ALIGN(ipib_pv->components[i].size),
|
||||
+ ipib_pv->components[i].tweak_pref);
|
||||
+ if (rc) {
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
+ return rc;
|
||||
+}
|
||||
+
|
||||
void s390_ipl_prepare_cpu(S390CPU *cpu)
|
||||
{
|
||||
S390IPLState *ipl = get_ipl_device();
|
||||
diff --git a/hw/s390x/ipl.h b/hw/s390x/ipl.h
|
||||
index a5665e6bfde2e8cfbb1b2e6c7234..89b3044d7a2ee54014daa8eeafc9 100644
|
||||
--- a/hw/s390x/ipl.h
|
||||
+++ b/hw/s390x/ipl.h
|
||||
@@ -1,8 +1,9 @@
|
||||
/*
|
||||
* s390 IPL device
|
||||
*
|
||||
- * Copyright 2015 IBM Corp.
|
||||
+ * Copyright 2015, 2020 IBM Corp.
|
||||
* Author(s): Zhang Fan <bjfanzh@cn.ibm.com>
|
||||
+ * Janosch Frank <frankja@linux.ibm.com>
|
||||
*
|
||||
* This work is licensed under the terms of the GNU GPL, version 2 or (at
|
||||
* your option) any later version. See the COPYING file in the top-level
|
||||
@@ -15,6 +16,24 @@
|
||||
#include "cpu.h"
|
||||
#include "hw/qdev-core.h"
|
||||
|
||||
+struct IPLBlockPVComp {
|
||||
+ uint64_t tweak_pref;
|
||||
+ uint64_t addr;
|
||||
+ uint64_t size;
|
||||
+} QEMU_PACKED;
|
||||
+typedef struct IPLBlockPVComp IPLBlockPVComp;
|
||||
+
|
||||
+struct IPLBlockPV {
|
||||
+ uint8_t reserved18[87]; /* 0x18 */
|
||||
+ uint8_t version; /* 0x6f */
|
||||
+ uint32_t reserved70; /* 0x70 */
|
||||
+ uint32_t num_comp; /* 0x74 */
|
||||
+ uint64_t pv_header_addr; /* 0x78 */
|
||||
+ uint64_t pv_header_len; /* 0x80 */
|
||||
+ struct IPLBlockPVComp components[];
|
||||
+} QEMU_PACKED;
|
||||
+typedef struct IPLBlockPV IPLBlockPV;
|
||||
+
|
||||
struct IplBlockCcw {
|
||||
uint8_t reserved0[85];
|
||||
uint8_t ssid;
|
||||
@@ -71,6 +90,7 @@ union IplParameterBlock {
|
||||
union {
|
||||
IplBlockCcw ccw;
|
||||
IplBlockFcp fcp;
|
||||
+ IPLBlockPV pv;
|
||||
IplBlockQemuScsi scsi;
|
||||
};
|
||||
} QEMU_PACKED;
|
||||
@@ -85,8 +105,11 @@ typedef union IplParameterBlock IplParameterBlock;
|
||||
|
||||
int s390_ipl_set_loadparm(uint8_t *loadparm);
|
||||
void s390_ipl_update_diag308(IplParameterBlock *iplb);
|
||||
+int s390_ipl_prepare_pv_header(void);
|
||||
+int s390_ipl_pv_unpack(void);
|
||||
void s390_ipl_prepare_cpu(S390CPU *cpu);
|
||||
IplParameterBlock *s390_ipl_get_iplb(void);
|
||||
+IplParameterBlock *s390_ipl_get_iplb_pv(void);
|
||||
|
||||
enum s390_reset {
|
||||
/* default is a reset not triggered by a CPU e.g. issued by QMP */
|
||||
@@ -94,6 +117,7 @@ enum s390_reset {
|
||||
S390_RESET_REIPL,
|
||||
S390_RESET_MODIFIED_CLEAR,
|
||||
S390_RESET_LOAD_NORMAL,
|
||||
+ S390_RESET_PV,
|
||||
};
|
||||
void s390_ipl_reset_request(CPUState *cs, enum s390_reset reset_type);
|
||||
void s390_ipl_get_reset_request(CPUState **cs, enum s390_reset *reset_type);
|
||||
@@ -133,6 +157,7 @@ struct S390IPLState {
|
||||
/*< private >*/
|
||||
DeviceState parent_obj;
|
||||
IplParameterBlock iplb;
|
||||
+ IplParameterBlock iplb_pv;
|
||||
QemuIplParameters qipl;
|
||||
uint64_t start_addr;
|
||||
uint64_t compat_start_addr;
|
||||
@@ -140,6 +165,7 @@ struct S390IPLState {
|
||||
uint64_t compat_bios_start_addr;
|
||||
bool enforce_bios;
|
||||
bool iplb_valid;
|
||||
+ bool iplb_valid_pv;
|
||||
bool netboot;
|
||||
/* reset related properties don't have to be migrated or reset */
|
||||
enum s390_reset reset_type;
|
||||
@@ -162,6 +188,8 @@ QEMU_BUILD_BUG_MSG(offsetof(S390IPLState, iplb) & 3, "alignment of iplb wrong");
|
||||
#define DIAG_308_RC_OK 0x0001
|
||||
#define DIAG_308_RC_NO_CONF 0x0102
|
||||
#define DIAG_308_RC_INVALID 0x0402
|
||||
+#define DIAG_308_RC_NO_PV_CONF 0x0902
|
||||
+#define DIAG_308_RC_INVAL_FOR_PV 0x0a02
|
||||
|
||||
#define DIAG308_RESET_MOD_CLR 0
|
||||
#define DIAG308_RESET_LOAD_NORM 1
|
||||
@@ -169,12 +197,17 @@ QEMU_BUILD_BUG_MSG(offsetof(S390IPLState, iplb) & 3, "alignment of iplb wrong");
|
||||
#define DIAG308_LOAD_NORMAL_DUMP 4
|
||||
#define DIAG308_SET 5
|
||||
#define DIAG308_STORE 6
|
||||
+#define DIAG308_PV_SET 8
|
||||
+#define DIAG308_PV_STORE 9
|
||||
+#define DIAG308_PV_START 10
|
||||
|
||||
#define S390_IPL_TYPE_FCP 0x00
|
||||
#define S390_IPL_TYPE_CCW 0x02
|
||||
+#define S390_IPL_TYPE_PV 0x05
|
||||
#define S390_IPL_TYPE_QEMU_SCSI 0xff
|
||||
|
||||
#define S390_IPLB_HEADER_LEN 8
|
||||
+#define S390_IPLB_MIN_PV_LEN 148
|
||||
#define S390_IPLB_MIN_CCW_LEN 200
|
||||
#define S390_IPLB_MIN_FCP_LEN 384
|
||||
#define S390_IPLB_MIN_QEMU_SCSI_LEN 200
|
||||
@@ -184,6 +217,62 @@ static inline bool iplb_valid_len(IplParameterBlock *iplb)
|
||||
return be32_to_cpu(iplb->len) <= sizeof(IplParameterBlock);
|
||||
}
|
||||
|
||||
+static inline bool ipl_valid_pv_components(IplParameterBlock *iplb)
|
||||
+{
|
||||
+ IPLBlockPV *ipib_pv = &iplb->pv;
|
||||
+ int i;
|
||||
+
|
||||
+ if (ipib_pv->num_comp == 0) {
|
||||
+ return false;
|
||||
+ }
|
||||
+
|
||||
+ for (i = 0; i < ipib_pv->num_comp; i++) {
|
||||
+ /* Addr must be 4k aligned */
|
||||
+ if (ipib_pv->components[i].addr & ~TARGET_PAGE_MASK) {
|
||||
+ return false;
|
||||
+ }
|
||||
+
|
||||
+ /* Tweak prefix is monotonically increasing with each component */
|
||||
+ if (i < ipib_pv->num_comp - 1 &&
|
||||
+ ipib_pv->components[i].tweak_pref >=
|
||||
+ ipib_pv->components[i + 1].tweak_pref) {
|
||||
+ return false;
|
||||
+ }
|
||||
+ }
|
||||
+ return true;
|
||||
+}
|
||||
+
|
||||
+static inline bool ipl_valid_pv_header(IplParameterBlock *iplb)
|
||||
+{
|
||||
+ IPLBlockPV *ipib_pv = &iplb->pv;
|
||||
+
|
||||
+ if (ipib_pv->pv_header_len > 2 * TARGET_PAGE_SIZE) {
|
||||
+ return false;
|
||||
+ }
|
||||
+
|
||||
+ if (!address_space_access_valid(&address_space_memory,
|
||||
+ ipib_pv->pv_header_addr,
|
||||
+ ipib_pv->pv_header_len,
|
||||
+ false,
|
||||
+ MEMTXATTRS_UNSPECIFIED)) {
|
||||
+ return false;
|
||||
+ }
|
||||
+
|
||||
+ return true;
|
||||
+}
|
||||
+
|
||||
+static inline bool iplb_valid_pv(IplParameterBlock *iplb)
|
||||
+{
|
||||
+ if (iplb->pbt != S390_IPL_TYPE_PV ||
|
||||
+ be32_to_cpu(iplb->len) < S390_IPLB_MIN_PV_LEN) {
|
||||
+ return false;
|
||||
+ }
|
||||
+ if (!ipl_valid_pv_header(iplb)) {
|
||||
+ return false;
|
||||
+ }
|
||||
+ return ipl_valid_pv_components(iplb);
|
||||
+}
|
||||
+
|
||||
static inline bool iplb_valid(IplParameterBlock *iplb)
|
||||
{
|
||||
switch (iplb->pbt) {
|
||||
diff --git a/hw/s390x/pv.c b/hw/s390x/pv.c
|
||||
new file mode 100644
|
||||
index 0000000000000000000000000000000000000000..8cf5cd2c9bcd48b03af1e546fb3a85cdc7ac28bb
|
||||
--- /dev/null
|
||||
+++ b/hw/s390x/pv.c
|
||||
@@ -0,0 +1,98 @@
|
||||
+/*
|
||||
+ * Protected Virtualization functions
|
||||
+ *
|
||||
+ * Copyright IBM Corp. 2020
|
||||
+ * Author(s):
|
||||
+ * Janosch Frank <frankja@linux.ibm.com>
|
||||
+ *
|
||||
+ * This work is licensed under the terms of the GNU GPL, version 2 or (at
|
||||
+ * your option) any later version. See the COPYING file in the top-level
|
||||
+ * directory.
|
||||
+ */
|
||||
+#include "qemu/osdep.h"
|
||||
+
|
||||
+#include <linux/kvm.h>
|
||||
+
|
||||
+#include "qemu/error-report.h"
|
||||
+#include "sysemu/kvm.h"
|
||||
+#include "hw/s390x/pv.h"
|
||||
+
|
||||
+static int __s390_pv_cmd(uint32_t cmd, const char *cmdname, void *data)
|
||||
+{
|
||||
+ struct kvm_pv_cmd pv_cmd = {
|
||||
+ .cmd = cmd,
|
||||
+ .data = (uint64_t)data,
|
||||
+ };
|
||||
+ int rc = kvm_vm_ioctl(kvm_state, KVM_S390_PV_COMMAND, &pv_cmd);
|
||||
+
|
||||
+ if (rc) {
|
||||
+ error_report("KVM PV command %d (%s) failed: header rc %x rrc %x "
|
||||
+ "IOCTL rc: %d", cmd, cmdname, pv_cmd.rc, pv_cmd.rrc,
|
||||
+ rc);
|
||||
+ }
|
||||
+ return rc;
|
||||
+}
|
||||
+
|
||||
+/*
|
||||
+ * This macro lets us pass the command as a string to the function so
|
||||
+ * we can print it on an error.
|
||||
+ */
|
||||
+#define s390_pv_cmd(cmd, data) __s390_pv_cmd(cmd, #cmd, data);
|
||||
+#define s390_pv_cmd_exit(cmd, data) \
|
||||
+{ \
|
||||
+ int rc; \
|
||||
+ \
|
||||
+ rc = __s390_pv_cmd(cmd, #cmd, data);\
|
||||
+ if (rc) { \
|
||||
+ exit(1); \
|
||||
+ } \
|
||||
+}
|
||||
+
|
||||
+int s390_pv_vm_enable(void)
|
||||
+{
|
||||
+ return s390_pv_cmd(KVM_PV_ENABLE, NULL);
|
||||
+}
|
||||
+
|
||||
+void s390_pv_vm_disable(void)
|
||||
+{
|
||||
+ s390_pv_cmd_exit(KVM_PV_DISABLE, NULL);
|
||||
+}
|
||||
+
|
||||
+int s390_pv_set_sec_parms(uint64_t origin, uint64_t length)
|
||||
+{
|
||||
+ struct kvm_s390_pv_sec_parm args = {
|
||||
+ .origin = origin,
|
||||
+ .length = length,
|
||||
+ };
|
||||
+
|
||||
+ return s390_pv_cmd(KVM_PV_VM_SET_SEC_PARMS, &args);
|
||||
+}
|
||||
+
|
||||
+/*
|
||||
+ * Called for each component in the SE type IPL parameter block 0.
|
||||
+ */
|
||||
+int s390_pv_unpack(uint64_t addr, uint64_t size, uint64_t tweak)
|
||||
+{
|
||||
+ struct kvm_s390_pv_unp args = {
|
||||
+ .addr = addr,
|
||||
+ .size = size,
|
||||
+ .tweak = tweak,
|
||||
+ };
|
||||
+
|
||||
+ return s390_pv_cmd(KVM_PV_VM_UNPACK, &args);
|
||||
+}
|
||||
+
|
||||
+void s390_pv_perf_clear_reset(void)
|
||||
+{
|
||||
+ s390_pv_cmd_exit(KVM_PV_VM_PREP_RESET, NULL);
|
||||
+}
|
||||
+
|
||||
+int s390_pv_verify(void)
|
||||
+{
|
||||
+ return s390_pv_cmd(KVM_PV_VM_VERIFY, NULL);
|
||||
+}
|
||||
+
|
||||
+void s390_pv_unshare(void)
|
||||
+{
|
||||
+ s390_pv_cmd_exit(KVM_PV_VM_UNSHARE_ALL, NULL);
|
||||
+}
|
||||
diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c
|
||||
index 0fa00a9fff3dbda8b34d29aad187..b4d681da43af43f23f66206cacf6 100644
|
||||
--- a/hw/s390x/s390-virtio-ccw.c
|
||||
+++ b/hw/s390x/s390-virtio-ccw.c
|
||||
@@ -1,9 +1,10 @@
|
||||
/*
|
||||
* virtio ccw machine
|
||||
*
|
||||
- * Copyright 2012 IBM Corp.
|
||||
+ * Copyright 2012, 2020 IBM Corp.
|
||||
* Copyright (c) 2009 Alexander Graf <agraf@suse.de>
|
||||
* Author(s): Cornelia Huck <cornelia.huck@de.ibm.com>
|
||||
+ * Janosch Frank <frankja@linux.ibm.com>
|
||||
*
|
||||
* This work is licensed under the terms of the GNU GPL, version 2 or (at
|
||||
* your option) any later version. See the COPYING file in the top-level
|
||||
@@ -42,6 +43,8 @@
|
||||
#include "hw/qdev-properties.h"
|
||||
#include "hw/s390x/tod.h"
|
||||
#include "sysemu/sysemu.h"
|
||||
+#include "hw/s390x/pv.h"
|
||||
+#include <linux/kvm.h>
|
||||
|
||||
S390CPU *s390_cpu_addr2state(uint16_t cpu_addr)
|
||||
{
|
||||
@@ -317,10 +320,78 @@ static inline void s390_do_cpu_ipl(CPUState *cs, run_on_cpu_data arg)
|
||||
s390_cpu_set_state(S390_CPU_STATE_OPERATING, cpu);
|
||||
}
|
||||
|
||||
+static void s390_machine_unprotect(S390CcwMachineState *ms)
|
||||
+{
|
||||
+ s390_pv_vm_disable();
|
||||
+ ms->pv = false;
|
||||
+}
|
||||
+
|
||||
+static int s390_machine_protect(S390CcwMachineState *ms)
|
||||
+{
|
||||
+ int rc;
|
||||
+
|
||||
+ /* Create SE VM */
|
||||
+ rc = s390_pv_vm_enable();
|
||||
+ if (rc) {
|
||||
+ return rc;
|
||||
+ }
|
||||
+
|
||||
+ ms->pv = true;
|
||||
+
|
||||
+ /* Set SE header and unpack */
|
||||
+ rc = s390_ipl_prepare_pv_header();
|
||||
+ if (rc) {
|
||||
+ goto out_err;
|
||||
+ }
|
||||
+
|
||||
+ /* Decrypt image */
|
||||
+ rc = s390_ipl_pv_unpack();
|
||||
+ if (rc) {
|
||||
+ goto out_err;
|
||||
+ }
|
||||
+
|
||||
+ /* Verify integrity */
|
||||
+ rc = s390_pv_verify();
|
||||
+ if (rc) {
|
||||
+ goto out_err;
|
||||
+ }
|
||||
+ return rc;
|
||||
+
|
||||
+out_err:
|
||||
+ s390_machine_unprotect(ms);
|
||||
+ return rc;
|
||||
+}
|
||||
+
|
||||
+static void s390_machine_inject_pv_error(CPUState *cs)
|
||||
+{
|
||||
+ int r1 = (cs->kvm_run->s390_sieic.ipa & 0x00f0) >> 4;
|
||||
+ CPUS390XState *env = &S390_CPU(cs)->env;
|
||||
+
|
||||
+ /* Report that we are unable to enter protected mode */
|
||||
+ env->regs[r1 + 1] = DIAG_308_RC_INVAL_FOR_PV;
|
||||
+}
|
||||
+
|
||||
+static void s390_pv_prepare_reset(S390CcwMachineState *ms)
|
||||
+{
|
||||
+ CPUState *cs;
|
||||
+
|
||||
+ if (!s390_is_pv()) {
|
||||
+ return;
|
||||
+ }
|
||||
+ /* Unsharing requires all cpus to be stopped */
|
||||
+ CPU_FOREACH(cs) {
|
||||
+ s390_cpu_set_state(S390_CPU_STATE_STOPPED, S390_CPU(cs));
|
||||
+ }
|
||||
+ s390_pv_unshare();
|
||||
+ s390_pv_perf_clear_reset();
|
||||
+}
|
||||
+
|
||||
static void s390_machine_reset(MachineState *machine)
|
||||
{
|
||||
+ S390CcwMachineState *ms = S390_CCW_MACHINE(machine);
|
||||
enum s390_reset reset_type;
|
||||
CPUState *cs, *t;
|
||||
+ S390CPU *cpu;
|
||||
|
||||
/* get the reset parameters, reset them once done */
|
||||
s390_ipl_get_reset_request(&cs, &reset_type);
|
||||
@@ -328,9 +399,15 @@ static void s390_machine_reset(MachineState *machine)
|
||||
/* all CPUs are paused and synchronized at this point */
|
||||
s390_cmma_reset();
|
||||
|
||||
+ cpu = S390_CPU(cs);
|
||||
+
|
||||
switch (reset_type) {
|
||||
case S390_RESET_EXTERNAL:
|
||||
case S390_RESET_REIPL:
|
||||
+ if (s390_is_pv()) {
|
||||
+ s390_machine_unprotect(ms);
|
||||
+ }
|
||||
+
|
||||
qemu_devices_reset();
|
||||
s390_crypto_reset();
|
||||
|
||||
@@ -338,22 +415,56 @@ static void s390_machine_reset(MachineState *machine)
|
||||
run_on_cpu(cs, s390_do_cpu_ipl, RUN_ON_CPU_NULL);
|
||||
break;
|
||||
case S390_RESET_MODIFIED_CLEAR:
|
||||
+ /*
|
||||
+ * Susbsystem reset needs to be done before we unshare memory
|
||||
+ * and lose access to VIRTIO structures in guest memory.
|
||||
+ */
|
||||
+ subsystem_reset();
|
||||
+ s390_crypto_reset();
|
||||
+ s390_pv_prepare_reset(ms);
|
||||
CPU_FOREACH(t) {
|
||||
run_on_cpu(t, s390_do_cpu_full_reset, RUN_ON_CPU_NULL);
|
||||
}
|
||||
- subsystem_reset();
|
||||
- s390_crypto_reset();
|
||||
run_on_cpu(cs, s390_do_cpu_load_normal, RUN_ON_CPU_NULL);
|
||||
break;
|
||||
case S390_RESET_LOAD_NORMAL:
|
||||
+ /*
|
||||
+ * Susbsystem reset needs to be done before we unshare memory
|
||||
+ * and lose access to VIRTIO structures in guest memory.
|
||||
+ */
|
||||
+ subsystem_reset();
|
||||
+ s390_pv_prepare_reset(ms);
|
||||
CPU_FOREACH(t) {
|
||||
if (t == cs) {
|
||||
continue;
|
||||
}
|
||||
run_on_cpu(t, s390_do_cpu_reset, RUN_ON_CPU_NULL);
|
||||
}
|
||||
- subsystem_reset();
|
||||
run_on_cpu(cs, s390_do_cpu_initial_reset, RUN_ON_CPU_NULL);
|
||||
+ run_on_cpu(cs, s390_do_cpu_load_normal, RUN_ON_CPU_NULL);
|
||||
+ break;
|
||||
+ case S390_RESET_PV: /* Subcode 10 */
|
||||
+ subsystem_reset();
|
||||
+ s390_crypto_reset();
|
||||
+
|
||||
+ CPU_FOREACH(t) {
|
||||
+ if (t == cs) {
|
||||
+ continue;
|
||||
+ }
|
||||
+ run_on_cpu(t, s390_do_cpu_full_reset, RUN_ON_CPU_NULL);
|
||||
+ }
|
||||
+ run_on_cpu(cs, s390_do_cpu_reset, RUN_ON_CPU_NULL);
|
||||
+
|
||||
+ if (s390_machine_protect(ms)) {
|
||||
+ s390_machine_inject_pv_error(cs);
|
||||
+ /*
|
||||
+ * Continue after the diag308 so the guest knows something
|
||||
+ * went wrong.
|
||||
+ */
|
||||
+ s390_cpu_set_state(S390_CPU_STATE_OPERATING, cpu);
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
run_on_cpu(cs, s390_do_cpu_load_normal, RUN_ON_CPU_NULL);
|
||||
break;
|
||||
default:
|
||||
diff --git a/include/hw/s390x/pv.h b/include/hw/s390x/pv.h
|
||||
new file mode 100644
|
||||
index 0000000000000000000000000000000000000000..c6cb360f2f6a0a32a37970769e1bf2eb0220b199
|
||||
--- /dev/null
|
||||
+++ b/include/hw/s390x/pv.h
|
||||
@@ -0,0 +1,55 @@
|
||||
+/*
|
||||
+ * Protected Virtualization header
|
||||
+ *
|
||||
+ * Copyright IBM Corp. 2020
|
||||
+ * Author(s):
|
||||
+ * Janosch Frank <frankja@linux.ibm.com>
|
||||
+ *
|
||||
+ * This work is licensed under the terms of the GNU GPL, version 2 or (at
|
||||
+ * your option) any later version. See the COPYING file in the top-level
|
||||
+ * directory.
|
||||
+ */
|
||||
+#ifndef HW_S390_PV_H
|
||||
+#define HW_S390_PV_H
|
||||
+
|
||||
+#ifdef CONFIG_KVM
|
||||
+#include "hw/s390x/s390-virtio-ccw.h"
|
||||
+
|
||||
+static inline bool s390_is_pv(void)
|
||||
+{
|
||||
+ static S390CcwMachineState *ccw;
|
||||
+ Object *obj;
|
||||
+
|
||||
+ if (ccw) {
|
||||
+ return ccw->pv;
|
||||
+ }
|
||||
+
|
||||
+ /* we have to bail out for the "none" machine */
|
||||
+ obj = object_dynamic_cast(qdev_get_machine(),
|
||||
+ TYPE_S390_CCW_MACHINE);
|
||||
+ if (!obj) {
|
||||
+ return false;
|
||||
+ }
|
||||
+ ccw = S390_CCW_MACHINE(obj);
|
||||
+ return ccw->pv;
|
||||
+}
|
||||
+
|
||||
+int s390_pv_vm_enable(void);
|
||||
+void s390_pv_vm_disable(void);
|
||||
+int s390_pv_set_sec_parms(uint64_t origin, uint64_t length);
|
||||
+int s390_pv_unpack(uint64_t addr, uint64_t size, uint64_t tweak);
|
||||
+void s390_pv_perf_clear_reset(void);
|
||||
+int s390_pv_verify(void);
|
||||
+void s390_pv_unshare(void);
|
||||
+#else /* CONFIG_KVM */
|
||||
+static inline bool s390_is_pv(void) { return false; }
|
||||
+static inline int s390_pv_vm_enable(void) { return 0; }
|
||||
+static inline void s390_pv_vm_disable(void) {}
|
||||
+static inline int s390_pv_set_sec_parms(uint64_t origin, uint64_t length) { return 0; }
|
||||
+static inline int s390_pv_unpack(uint64_t addr, uint64_t size, uint64_t tweak) { return 0; }
|
||||
+static inline void s390_pv_perf_clear_reset(void) {}
|
||||
+static inline int s390_pv_verify(void) { return 0; }
|
||||
+static inline void s390_pv_unshare(void) {}
|
||||
+#endif /* CONFIG_KVM */
|
||||
+
|
||||
+#endif /* HW_S390_PV_H */
|
||||
diff --git a/include/hw/s390x/s390-virtio-ccw.h b/include/hw/s390x/s390-virtio-ccw.h
|
||||
index 8aa27199c9123bab03d3450313a5..cd1dccc6e3ba86455a9de5eb41cb 100644
|
||||
--- a/include/hw/s390x/s390-virtio-ccw.h
|
||||
+++ b/include/hw/s390x/s390-virtio-ccw.h
|
||||
@@ -28,6 +28,7 @@ typedef struct S390CcwMachineState {
|
||||
/*< public >*/
|
||||
bool aes_key_wrap;
|
||||
bool dea_key_wrap;
|
||||
+ bool pv;
|
||||
uint8_t loadparm[8];
|
||||
} S390CcwMachineState;
|
||||
|
||||
diff --git a/target/s390x/cpu.c b/target/s390x/cpu.c
|
||||
index 427a46e3e1b61da1b7aae1f0e543..bb7a588e3b791fe48b4e0a0826dd 100644
|
||||
--- a/target/s390x/cpu.c
|
||||
+++ b/target/s390x/cpu.c
|
||||
@@ -37,6 +37,7 @@
|
||||
#include "sysemu/hw_accel.h"
|
||||
#include "hw/qdev-properties.h"
|
||||
#ifndef CONFIG_USER_ONLY
|
||||
+#include "hw/s390x/pv.h"
|
||||
#include "hw/boards.h"
|
||||
#include "sysemu/arch_init.h"
|
||||
#include "sysemu/sysemu.h"
|
||||
diff --git a/target/s390x/cpu_features_def.inc.h b/target/s390x/cpu_features_def.inc.h
|
||||
index 31dff0d84e9724513b1945f8d447..60db28351d059091b6e05fd62c37 100644
|
||||
--- a/target/s390x/cpu_features_def.inc.h
|
||||
+++ b/target/s390x/cpu_features_def.inc.h
|
||||
@@ -107,6 +107,7 @@ DEF_FEAT(DEFLATE_BASE, "deflate-base", STFL, 151, "Deflate-conversion facility (
|
||||
DEF_FEAT(VECTOR_PACKED_DECIMAL_ENH, "vxpdeh", STFL, 152, "Vector-Packed-Decimal-Enhancement Facility")
|
||||
DEF_FEAT(MSA_EXT_9, "msa9-base", STFL, 155, "Message-security-assist-extension-9 facility (excluding subfunctions)")
|
||||
DEF_FEAT(ETOKEN, "etoken", STFL, 156, "Etoken facility")
|
||||
+DEF_FEAT(UNPACK, "unpack", STFL, 161, "Unpack facility")
|
||||
|
||||
/* Features exposed via SCLP SCCB Byte 80 - 98 (bit numbers relative to byte-80) */
|
||||
DEF_FEAT(SIE_GSLS, "gsls", SCLP_CONF_CHAR, 40, "SIE: Guest-storage-limit-suppression facility")
|
||||
diff --git a/target/s390x/diag.c b/target/s390x/diag.c
|
||||
index 8aba6341f94848e1ce8fff420ed8..b2cbefb8cfe4e5a244219e761fb4 100644
|
||||
--- a/target/s390x/diag.c
|
||||
+++ b/target/s390x/diag.c
|
||||
@@ -20,6 +20,8 @@
|
||||
#include "sysemu/cpus.h"
|
||||
#include "hw/s390x/ipl.h"
|
||||
#include "hw/s390x/s390-virtio-ccw.h"
|
||||
+#include "hw/s390x/pv.h"
|
||||
+#include "kvm_s390x.h"
|
||||
|
||||
int handle_diag_288(CPUS390XState *env, uint64_t r1, uint64_t r3)
|
||||
{
|
||||
@@ -52,6 +54,10 @@ int handle_diag_288(CPUS390XState *env, uint64_t r1, uint64_t r3)
|
||||
static int diag308_parm_check(CPUS390XState *env, uint64_t r1, uint64_t addr,
|
||||
uintptr_t ra, bool write)
|
||||
{
|
||||
+ /* Handled by the Ultravisor */
|
||||
+ if (s390_is_pv()) {
|
||||
+ return 0;
|
||||
+ }
|
||||
if ((r1 & 1) || (addr & ~TARGET_PAGE_MASK)) {
|
||||
s390_program_interrupt(env, PGM_SPECIFICATION, ra);
|
||||
return -1;
|
||||
@@ -67,6 +73,7 @@ static int diag308_parm_check(CPUS390XState *env, uint64_t r1, uint64_t addr,
|
||||
|
||||
void handle_diag_308(CPUS390XState *env, uint64_t r1, uint64_t r3, uintptr_t ra)
|
||||
{
|
||||
+ bool valid;
|
||||
CPUState *cs = env_cpu(env);
|
||||
uint64_t addr = env->regs[r1];
|
||||
uint64_t subcode = env->regs[r3];
|
||||
@@ -82,6 +89,11 @@ void handle_diag_308(CPUS390XState *env, uint64_t r1, uint64_t r3, uintptr_t ra)
|
||||
return;
|
||||
}
|
||||
|
||||
+ if (subcode >= DIAG308_PV_SET && !s390_has_feat(S390_FEAT_UNPACK)) {
|
||||
+ s390_program_interrupt(env, PGM_SPECIFICATION, ra);
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
switch (subcode) {
|
||||
case DIAG308_RESET_MOD_CLR:
|
||||
s390_ipl_reset_request(cs, S390_RESET_MODIFIED_CLEAR);
|
||||
@@ -94,6 +106,7 @@ void handle_diag_308(CPUS390XState *env, uint64_t r1, uint64_t r3, uintptr_t ra)
|
||||
s390_ipl_reset_request(cs, S390_RESET_REIPL);
|
||||
break;
|
||||
case DIAG308_SET:
|
||||
+ case DIAG308_PV_SET:
|
||||
if (diag308_parm_check(env, r1, addr, ra, false)) {
|
||||
return;
|
||||
}
|
||||
@@ -106,7 +119,8 @@ void handle_diag_308(CPUS390XState *env, uint64_t r1, uint64_t r3, uintptr_t ra)
|
||||
|
||||
cpu_physical_memory_read(addr, iplb, be32_to_cpu(iplb->len));
|
||||
|
||||
- if (!iplb_valid(iplb)) {
|
||||
+ valid = subcode == DIAG308_PV_SET ? iplb_valid_pv(iplb) : iplb_valid(iplb);
|
||||
+ if (!valid) {
|
||||
env->regs[r1 + 1] = DIAG_308_RC_INVALID;
|
||||
goto out;
|
||||
}
|
||||
@@ -117,10 +131,15 @@ out:
|
||||
g_free(iplb);
|
||||
return;
|
||||
case DIAG308_STORE:
|
||||
+ case DIAG308_PV_STORE:
|
||||
if (diag308_parm_check(env, r1, addr, ra, true)) {
|
||||
return;
|
||||
}
|
||||
- iplb = s390_ipl_get_iplb();
|
||||
+ if (subcode == DIAG308_PV_STORE) {
|
||||
+ iplb = s390_ipl_get_iplb_pv();
|
||||
+ } else {
|
||||
+ iplb = s390_ipl_get_iplb();
|
||||
+ }
|
||||
if (iplb) {
|
||||
cpu_physical_memory_write(addr, iplb, be32_to_cpu(iplb->len));
|
||||
env->regs[r1 + 1] = DIAG_308_RC_OK;
|
||||
@@ -128,6 +147,22 @@ out:
|
||||
env->regs[r1 + 1] = DIAG_308_RC_NO_CONF;
|
||||
}
|
||||
return;
|
||||
+ case DIAG308_PV_START:
|
||||
+ iplb = s390_ipl_get_iplb_pv();
|
||||
+ if (!iplb) {
|
||||
+ env->regs[r1 + 1] = DIAG_308_RC_NO_PV_CONF;
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ if (kvm_s390_get_hpage_1m()) {
|
||||
+ error_report("Protected VMs can currently not be backed with "
|
||||
+ "huge pages");
|
||||
+ env->regs[r1 + 1] = DIAG_308_RC_INVAL_FOR_PV;
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ s390_ipl_reset_request(cs, S390_RESET_PV);
|
||||
+ break;
|
||||
default:
|
||||
s390_program_interrupt(env, PGM_SPECIFICATION, ra);
|
||||
break;
|
||||
diff --git a/target/s390x/kvm-stub.c b/target/s390x/kvm-stub.c
|
||||
index c4cd497f850eb9c7a859932b0f1f..aa185017a2a886ca300fa75747ed 100644
|
||||
--- a/target/s390x/kvm-stub.c
|
||||
+++ b/target/s390x/kvm-stub.c
|
||||
@@ -39,6 +39,11 @@ int kvm_s390_vcpu_interrupt_post_load(S390CPU *cpu)
|
||||
return 0;
|
||||
}
|
||||
|
||||
+int kvm_s390_get_hpage_1m(void)
|
||||
+{
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
int kvm_s390_get_ri(void)
|
||||
{
|
||||
return 0;
|
||||
diff --git a/target/s390x/kvm.c b/target/s390x/kvm.c
|
||||
index 7f7ebab84279290cb0992d41e706..b2b14bde2b251986230153adca9a 100644
|
||||
--- a/target/s390x/kvm.c
|
||||
+++ b/target/s390x/kvm.c
|
||||
@@ -321,6 +321,11 @@ void kvm_s390_set_max_pagesize(uint64_t pagesize, Error **errp)
|
||||
cap_hpage_1m = 1;
|
||||
}
|
||||
|
||||
+int kvm_s390_get_hpage_1m(void)
|
||||
+{
|
||||
+ return cap_hpage_1m;
|
||||
+}
|
||||
+
|
||||
static void ccw_machine_class_foreach(ObjectClass *oc, void *opaque)
|
||||
{
|
||||
MachineClass *mc = MACHINE_CLASS(oc);
|
||||
diff --git a/target/s390x/kvm_s390x.h b/target/s390x/kvm_s390x.h
|
||||
index 0b21789796d7c462bdc72160166f..dea813f450153c34e1269424772d 100644
|
||||
--- a/target/s390x/kvm_s390x.h
|
||||
+++ b/target/s390x/kvm_s390x.h
|
||||
@@ -23,6 +23,7 @@ void kvm_s390_program_interrupt(S390CPU *cpu, uint16_t code);
|
||||
int kvm_s390_set_cpu_state(S390CPU *cpu, uint8_t cpu_state);
|
||||
void kvm_s390_vcpu_interrupt_pre_save(S390CPU *cpu);
|
||||
int kvm_s390_vcpu_interrupt_post_load(S390CPU *cpu);
|
||||
+int kvm_s390_get_hpage_1m(void);
|
||||
int kvm_s390_get_ri(void);
|
||||
int kvm_s390_get_gs(void);
|
||||
int kvm_s390_get_clock(uint8_t *tod_high, uint64_t *tod_clock);
|
@ -1,129 +0,0 @@
|
||||
From: Christian Borntraeger <borntraeger@de.ibm.com>
|
||||
Date: Mon, 6 Apr 2020 06:01:58 -0400
|
||||
Subject: s390x/s390-virtio-ccw: Fix build on systems without KVM
|
||||
|
||||
References: bsc#1167075
|
||||
|
||||
linux/kvm.h is not available on all platforms. Let us move
|
||||
s390_machine_inject_pv_error into pv.c as it uses KVM structures.
|
||||
Also rename the function to s390_pv_inject_reset_error.
|
||||
|
||||
While at it, ipl.h needs an include for "exec/address-spaces.h"
|
||||
as it uses address_space_memory.
|
||||
|
||||
Fixes: 49fc3220175e ("s390x: protvirt: Support unpack facility")
|
||||
Reported-by: Bruce Rogers <brogers@suse.com>
|
||||
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
hw/s390x/ipl.h | 1 +
|
||||
hw/s390x/pv.c | 11 +++++++++++
|
||||
hw/s390x/s390-virtio-ccw.c | 12 +-----------
|
||||
include/hw/s390x/pv.h | 3 +++
|
||||
4 files changed, 16 insertions(+), 11 deletions(-)
|
||||
|
||||
diff --git a/hw/s390x/ipl.h b/hw/s390x/ipl.h
|
||||
index 89b3044d7a2ee54014daa8eeafc9..53cc9eb5ac4d326b2b61bf1668a8 100644
|
||||
--- a/hw/s390x/ipl.h
|
||||
+++ b/hw/s390x/ipl.h
|
||||
@@ -14,6 +14,7 @@
|
||||
#define HW_S390_IPL_H
|
||||
|
||||
#include "cpu.h"
|
||||
+#include "exec/address-spaces.h"
|
||||
#include "hw/qdev-core.h"
|
||||
|
||||
struct IPLBlockPVComp {
|
||||
diff --git a/hw/s390x/pv.c b/hw/s390x/pv.c
|
||||
index 8cf5cd2c9bcd48b03af1e546fb3a..2c4d5e89890b7d21abdcd718c2f2 100644
|
||||
--- a/hw/s390x/pv.c
|
||||
+++ b/hw/s390x/pv.c
|
||||
@@ -13,8 +13,10 @@
|
||||
|
||||
#include <linux/kvm.h>
|
||||
|
||||
+#include "cpu.h"
|
||||
#include "qemu/error-report.h"
|
||||
#include "sysemu/kvm.h"
|
||||
+#include "hw/s390x/ipl.h"
|
||||
#include "hw/s390x/pv.h"
|
||||
|
||||
static int __s390_pv_cmd(uint32_t cmd, const char *cmdname, void *data)
|
||||
@@ -96,3 +98,12 @@ void s390_pv_unshare(void)
|
||||
{
|
||||
s390_pv_cmd_exit(KVM_PV_VM_UNSHARE_ALL, NULL);
|
||||
}
|
||||
+
|
||||
+void s390_pv_inject_reset_error(CPUState *cs)
|
||||
+{
|
||||
+ int r1 = (cs->kvm_run->s390_sieic.ipa & 0x00f0) >> 4;
|
||||
+ CPUS390XState *env = &S390_CPU(cs)->env;
|
||||
+
|
||||
+ /* Report that we are unable to enter protected mode */
|
||||
+ env->regs[r1 + 1] = DIAG_308_RC_INVAL_FOR_PV;
|
||||
+}
|
||||
diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c
|
||||
index db45249320abf7920ec8730790c2..501d4a66b346cfe9a987cebe884d 100644
|
||||
--- a/hw/s390x/s390-virtio-ccw.c
|
||||
+++ b/hw/s390x/s390-virtio-ccw.c
|
||||
@@ -45,7 +45,6 @@
|
||||
#include "sysemu/sysemu.h"
|
||||
#include "sysemu/balloon.h"
|
||||
#include "hw/s390x/pv.h"
|
||||
-#include <linux/kvm.h>
|
||||
#include "migration/blocker.h"
|
||||
|
||||
static Error *pv_mig_blocker;
|
||||
@@ -391,15 +390,6 @@ out_err:
|
||||
return rc;
|
||||
}
|
||||
|
||||
-static void s390_machine_inject_pv_error(CPUState *cs)
|
||||
-{
|
||||
- int r1 = (cs->kvm_run->s390_sieic.ipa & 0x00f0) >> 4;
|
||||
- CPUS390XState *env = &S390_CPU(cs)->env;
|
||||
-
|
||||
- /* Report that we are unable to enter protected mode */
|
||||
- env->regs[r1 + 1] = DIAG_308_RC_INVAL_FOR_PV;
|
||||
-}
|
||||
-
|
||||
static void s390_pv_prepare_reset(S390CcwMachineState *ms)
|
||||
{
|
||||
CPUState *cs;
|
||||
@@ -485,7 +475,7 @@ static void s390_machine_reset(MachineState *machine)
|
||||
run_on_cpu(cs, s390_do_cpu_reset, RUN_ON_CPU_NULL);
|
||||
|
||||
if (s390_machine_protect(ms)) {
|
||||
- s390_machine_inject_pv_error(cs);
|
||||
+ s390_pv_inject_reset_error(cs);
|
||||
/*
|
||||
* Continue after the diag308 so the guest knows something
|
||||
* went wrong.
|
||||
diff --git a/include/hw/s390x/pv.h b/include/hw/s390x/pv.h
|
||||
index c6cb360f2f6a0a32a37970769e1b..522ca6a04ee877940ff1de9f410b 100644
|
||||
--- a/include/hw/s390x/pv.h
|
||||
+++ b/include/hw/s390x/pv.h
|
||||
@@ -13,6 +13,7 @@
|
||||
#define HW_S390_PV_H
|
||||
|
||||
#ifdef CONFIG_KVM
|
||||
+#include "cpu.h"
|
||||
#include "hw/s390x/s390-virtio-ccw.h"
|
||||
|
||||
static inline bool s390_is_pv(void)
|
||||
@@ -41,6 +42,7 @@ int s390_pv_unpack(uint64_t addr, uint64_t size, uint64_t tweak);
|
||||
void s390_pv_perf_clear_reset(void);
|
||||
int s390_pv_verify(void);
|
||||
void s390_pv_unshare(void);
|
||||
+void s390_pv_inject_reset_error(CPUState *cs);
|
||||
#else /* CONFIG_KVM */
|
||||
static inline bool s390_is_pv(void) { return false; }
|
||||
static inline int s390_pv_vm_enable(void) { return 0; }
|
||||
@@ -50,6 +52,7 @@ static inline int s390_pv_unpack(uint64_t addr, uint64_t size, uint64_t tweak) {
|
||||
static inline void s390_pv_perf_clear_reset(void) {}
|
||||
static inline int s390_pv_verify(void) { return 0; }
|
||||
static inline void s390_pv_unshare(void) {}
|
||||
+static inline void s390_pv_inject_reset_error(CPUState *cs) {};
|
||||
#endif /* CONFIG_KVM */
|
||||
|
||||
#endif /* HW_S390_PV_H */
|
@ -17,7 +17,7 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
5 files changed, 19 insertions(+), 19 deletions(-)
|
||||
|
||||
diff --git a/roms/seabios/Makefile b/roms/seabios/Makefile
|
||||
index de1fa90035b82ef3608d68d62f59..ca8d0283922bbfa931e85511e921 100644
|
||||
index 87a6ac92e69f23c1ce799d16512a..edb83b7a1c77f7bb75c371330b2c 100644
|
||||
--- a/roms/seabios/Makefile
|
||||
+++ b/roms/seabios/Makefile
|
||||
@@ -22,7 +22,7 @@ LD=$(CROSS_PREFIX)ld
|
||||
|
@ -14,7 +14,7 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
3 files changed, 3 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/roms/seabios/Makefile b/roms/seabios/Makefile
|
||||
index 5f7d5370198abac950b24e08a7aa..de1fa90035b82ef3608d68d62f59 100644
|
||||
index 3d8943ef5f25afb9c41db84ad2a0..87a6ac92e69f23c1ce799d16512a 100644
|
||||
--- a/roms/seabios/Makefile
|
||||
+++ b/roms/seabios/Makefile
|
||||
@@ -22,7 +22,7 @@ LD=$(CROSS_PREFIX)ld
|
||||
|
@ -202,6 +202,7 @@ Deprecated, Superseded, Modified and Dropped Features
|
||||
and could possibly change syntax in the future.
|
||||
|
||||
- This previously unsupported command line option is now deprecated:
|
||||
-soundhw (use -device ... instead)
|
||||
-tb-size
|
||||
|
||||
- These previously unsupported command line options are no longer recognized:
|
||||
@ -732,7 +733,9 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
allwinner-rtc-sun6i|allwinner-rtc-sun7i|allwinner-sdhost-sun4i|
|
||||
allwinner-sdhost-sun5i|allwinner-sid|allwinner-sun8i-emac|imx.rngc|
|
||||
imx.usbphy|serial|serial-io|stm32f405-soc|stm32f4xx-exti|
|
||||
stm32f4xx-syscfg|tpm-tis-device]
|
||||
stm32f4xx-syscfg|tpm-tis-device|nvdimm|vhost-user-vsock-device|i
|
||||
vhost-user-vsock-pci|vhost-user-vsock-pci-non-transitional|
|
||||
vhost-user-vsock-pci-transitional]
|
||||
(the following are aliases of these unsupported devices: lsi|
|
||||
piix3-usb-uhci)
|
||||
(note that some of these device names represent supported devices and
|
||||
@ -760,10 +763,10 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
mps2-an511|mps2-an521|musca-a|musca-b1|musicpal|n800|n810|netduino2|
|
||||
netduinoplus2|nuri|orangepi-pc|palmetto-bmc|raspi2|raspi3|realview-eb|
|
||||
realview-eb-mpcore|realview-pb-a8|realview-pbx-a9|romulus-bmc|sabrelite|
|
||||
sbsa-ref|smdkc210|spitz|swift-bmc|sx1|sx1-v1|tacoma-bmc|terrier|tosa|
|
||||
verdex|versatileab|versatilepb|vexpress-a15|vexpress-a9|virt-2.7|virt-2.8|
|
||||
virt-2.12|virt-3.0|virt-4.0|virt-4.1|virt-5.0|witherspoon-bmc|
|
||||
xilinx-zynq-a9|xlnx-versal-virt|xlnx-zcu102|z2]
|
||||
sbsa-ref|smdkc210|sonorapass-bmc|spitz|swift-bmc|sx1|sx1-v1|tacoma-bmc|
|
||||
terrier|tosa|verdex|versatileab|versatilepb|vexpress-a15|vexpress-a9|
|
||||
virt-2.7|virt-2.8|virt-2.12|virt-3.0|virt-4.0|virt-4.1|virt-5.0|virt-5.1|
|
||||
witherspoon-bmc|xilinx-zynq-a9|xlnx-versal-virt|xlnx-zcu102|z2]
|
||||
|
||||
-machine
|
||||
|
||||
@ -774,10 +777,11 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
musicpal|n800|n810|netduino2|netduinoplus2|nuri|orangepi-pc|
|
||||
palmetto-bmc|raspi2|raspi3|realview-eb|realview-eb-mpcore|
|
||||
realview-pb-a8|realview-pbx-a9|romulus-bmc|sabrelite|sbsa-ref|
|
||||
smdkc210|spitz|swift-bmc|sx1|sx1-v1|tacoma-bmc|terrier|tosa|verdex|
|
||||
versatileab|versatilepb|vexpress-a15|vexpress-a9|virt-2.7|virt-2.8|
|
||||
virt-2.12|virt-3.0|virt-4.0|virt-4.1|virt-5.0|witherspoon-bmc|
|
||||
xilinx-zynq-a9|xlnx-versal-virt|xlnx-zcu102|z2]
|
||||
smdkc210|sonorapass-bmc|spitz|swift-bmc|sx1|sx1-v1|tacoma-bmc|
|
||||
terrier|tosa|verdex|versatileab|versatilepb|vexpress-a15|vexpress-a9|
|
||||
virt-2.7|virt-2.8|virt-2.12|virt-3.0|virt-4.0|virt-4.1|virt-5.0|
|
||||
virt-5.1|witherspoon-bmc|xilinx-zynq-a9|xlnx-versal-virt|xlnx-zcu102|
|
||||
z2]
|
||||
|
||||
-mtdblock file
|
||||
-net [dump|socket|vde] ...
|
||||
@ -865,6 +869,7 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
query-colo-status
|
||||
query-sev
|
||||
query-sev-launch-measure
|
||||
x-blockdev-amend
|
||||
x-blockdev-change
|
||||
x-blockdev-insert-medium
|
||||
x-blockdev-remove-medium
|
||||
|
@ -197,6 +197,7 @@ Deprecated, Superseded, Modified and Dropped Features
|
||||
-bt
|
||||
-device ide-drive (use ide-hd or ide-cd)
|
||||
-device scsi-disk (use scsi-hd or scsi-cd)
|
||||
-soundhw (use -device ... instead)
|
||||
-tb-size
|
||||
|
||||
- These previously unsupported command line options are no longer recognized:
|
||||
@ -687,7 +688,10 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
zEC12.2-s390x-cpu|zEC12-base-s390x-cpu|zEC12-s390x-cpu|cpu-cluster|
|
||||
z14.2-base-s390x-cpu|z14.2-s390x-cpu|vhost-user-fs-device|
|
||||
virtio-iommu-device|virtio-iommu-pci|
|
||||
virtio-iommu-pci-non-transitional|virtio-iommu-pci-transitional]
|
||||
virtio-iommu-pci-non-transitional|virtio-iommu-pci-transitional|
|
||||
vhost-user-vsock-device|vhost-user-vsock-pci|
|
||||
vhost-user-vsock-pci-non-transitional|
|
||||
vhost-user-vsock-pci-transitional]
|
||||
(the following are aliases of these unsupported devices: lsi|
|
||||
ahci|e1000-82540em|vfio-ccw)
|
||||
(note that some of these device names represent supported devices and
|
||||
@ -712,14 +716,14 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
[s390-ccw-virtio-2.4|s390-ccw-virtio-2.5|s390-ccw-virtio-2.7|
|
||||
s390-ccw-virtio-2.8|s390-ccw-virtio-2.10|s390-ccw-virtio-2.12|
|
||||
s390-ccw-virtio-3.0|s390-ccw-virtio-4.0|s390-ccw-virtio-4.1|
|
||||
s390-ccw-virtio-5.0]
|
||||
s390-ccw-virtio-5.0|s390-ccw-virtio-5.1]
|
||||
|
||||
-machine
|
||||
|
||||
[s390-ccw-virtio-2.4|s390-ccw-virtio-2.5|s390-ccw-virtio-2.7|
|
||||
s390-ccw-virtio-2.8|s390-ccw-virtio-2.10|s390-ccw-virtio-2.12|
|
||||
s390-ccw-virtio-3.0|s390-ccw-virtio-4.0|s390-ccw-virtio-4.1|
|
||||
s390-ccw-virtio-5.0]
|
||||
s390-ccw-virtio-5.0|s390-ccw-virtio-5.1]
|
||||
|
||||
-mtdblock file
|
||||
-net [dump|socket|vde] ...
|
||||
@ -817,6 +821,7 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
query-tpm
|
||||
query-tpm-models
|
||||
query-tpm-types
|
||||
x-blockdev-amend
|
||||
x-blockdev-change
|
||||
x-blockdev-insert-medium
|
||||
x-blockdev-remove-medium
|
||||
|
@ -241,6 +241,7 @@ Deprecated, Superseded, Modified and Dropped Features
|
||||
|
||||
- These previously unsupported command line options are now deprecated:
|
||||
-no-kvm-pit
|
||||
-soundhw (use -device ... instead)
|
||||
-tb-size
|
||||
|
||||
- The case of specified sockets, cores, and threads not matching the vcpu count
|
||||
@ -802,7 +803,10 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
intel-iommu|vhost-user-fs-device|tulip|ati-vga|i2c-ddc|pci-ipmi-bt|
|
||||
pci-ipmi-kcs|serial|serial-io|serial-mm|virtio-iommu-device|
|
||||
virtio-iommu-pci|virtio-iommu-pci-nontransitional|
|
||||
virtio-iommu-pci-transitional|xen-sysdev|imx.usbphy]
|
||||
virtio-iommu-pci-transitional|xen-sysdev|imx.usbphy|vmbus-bridge|
|
||||
vhost-user-vsock-device|vhost-user-vsock-pci|
|
||||
vhost-user-vsock-pci-non-transitional|
|
||||
vhost-user-vsock-pci-transitional|virtio-mem|virtio-mem-pci]
|
||||
(the following are aliases of these unsupported devices: lsi)
|
||||
(note that some of these device names represent supported devices and
|
||||
are used internally, but are not specifyable via -device even though
|
||||
@ -824,10 +828,10 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
[isapc|microvm|pc-1.0|pc-1.1|pc-1.2|pc-1.3|pc-i440fx-1.5|pc-i440fx-1.6|
|
||||
pc-i440fx-2.1|pc-i440fx-2.2|pc-i440fx-2.4|pc-i440fx-2.5|pc-i440fx-2.7|
|
||||
pc-i440fx-2.8|pc-i440fx-2.10|pc-i440fx-2.12|pc-i440fx-3.0|pc-i440fx-4.0|
|
||||
pc-i440fx-4.1|pc-i440fx-5.0|pc-q35-1.4|pc-q35-1.5|pc-q35-1.6|pc-q35-1.7|
|
||||
pc-q35-2.0|pc-q35-2.1|pc-q35-2.2|pc-q35-2.3|pc-q35-2.4|pc-q35-2.5|
|
||||
pc-q35-2.7|pc-q35-2.8|pc-q35-2.10|pc-q35-2.12|pc-q35-3.0|pc-q35-4.0|
|
||||
pc-q35-4.1|pc-q35-5.0]
|
||||
pc-i440fx-4.1|pc-i440fx-5.0|pc-i440fx-5.1|pc-q35-1.4|pc-q35-1.5|pc-q35-1.6|
|
||||
pc-q35-1.7|pc-q35-2.0|pc-q35-2.1|pc-q35-2.2|pc-q35-2.3|pc-q35-2.4|
|
||||
pc-q35-2.5|pc-q35-2.7|pc-q35-2.8|pc-q35-2.10|pc-q35-2.12|pc-q35-3.0|
|
||||
pc-q35-4.0|pc-q35-4.1|pc-q35-5.0|pc-q35-5.1]
|
||||
|
||||
-machine
|
||||
|
||||
@ -835,10 +839,10 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
pc-i440fx-1.6|pc-i440fx-2.1|pc-i440fx-2.2|pc-i440fx-2.4|
|
||||
pc-i440fx-2.5|pc-i440fx-2.7|pc-i440fx-2.8|pc-i440fx-2.10|
|
||||
pc-i440fx-2.12|pc-i440fx-3.0|pc-i440fx-4.0|pc-i440fx-4.1|
|
||||
pc-i440fx-5.0|pc-q35-1.4|pc-q35-1.5|pc-q35-1.6|pc-q35-1.7|
|
||||
pc-q35-2.0|pc-q35-2.1|pc-q35-2.2|pc-q35-2.3|pc-q35-2.4|pc-q35-2.5|
|
||||
pc-q35-2.7|pc-q35-2.8|pc-q35-2.10|pc-q35-2.12|pc-q35-3.0|
|
||||
pc-q35-4.0|pc-q35-4.1|pc-q35-5.0]
|
||||
pc-i440fx-5.0|pc-i440fx-5.1|pc-q35-1.4|pc-q35-1.5|pc-q35-1.6|
|
||||
pc-q35-1.7|pc-q35-2.0|pc-q35-2.1|pc-q35-2.2|pc-q35-2.3|pc-q35-2.4|
|
||||
pc-q35-2.5|pc-q35-2.7|pc-q35-2.8|pc-q35-2.10|pc-q35-2.12|pc-q35-3.0|
|
||||
pc-q35-4.0|pc-q35-4.1|pc-q35-5.0|pc-q35-5.1]
|
||||
|
||||
-mtdblock file
|
||||
-net [dump|socket|vde] ...
|
||||
@ -916,6 +920,7 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
query-colo-status
|
||||
query-sev
|
||||
query-sev-launch-measure
|
||||
x-blockdev-amend
|
||||
x-blockdev-change
|
||||
x-blockdev-insert-medium
|
||||
x-blockdev-remove-medium
|
||||
|
@ -1,28 +0,0 @@
|
||||
From: Bruce Rogers <brogers@suse.com>
|
||||
Date: Wed, 2 Oct 2019 07:28:04 -0600
|
||||
Subject: tests: Disable some block tests for now
|
||||
|
||||
Most tests previously disabled for qemu-testsuite to be able to complete
|
||||
successfully are no longer (as of v4.1) listed as auto, and therefore
|
||||
do not get run anymore.
|
||||
|
||||
27NOV2019 - added 161 since it is failing on s390x and ppc consistently
|
||||
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
tests/qemu-iotests/group | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/tests/qemu-iotests/group b/tests/qemu-iotests/group
|
||||
index 435dccd5af90754a3f80f4455bdb..a6c8ed8a5cdef50383594305c0c1 100644
|
||||
--- a/tests/qemu-iotests/group
|
||||
+++ b/tests/qemu-iotests/group
|
||||
@@ -182,7 +182,7 @@
|
||||
158 rw auto quick
|
||||
159 rw auto quick
|
||||
160 rw quick
|
||||
-161 rw auto quick
|
||||
+#DISABLE FOR NOW 161 rw auto quick
|
||||
162 quick
|
||||
163 rw
|
||||
165 rw quick
|
@ -16,10 +16,10 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
4 files changed, 14 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/tests/qemu-iotests/130 b/tests/qemu-iotests/130
|
||||
index 77ad2aa13a06094f26d2c8991e48..fd84a4c77d192e15ee961b07994b 100755
|
||||
index a7b365701c490b4b4894eb0c26a8..02cb0f8216a6618b5e0dc526c361 100755
|
||||
--- a/tests/qemu-iotests/130
|
||||
+++ b/tests/qemu-iotests/130
|
||||
@@ -64,7 +64,8 @@ echo
|
||||
@@ -63,7 +63,8 @@ echo
|
||||
_launch_qemu -drive id=testdisk,file="$TEST_IMG",backing.file.filename="$TEST_IMG.base"
|
||||
_send_qemu_cmd $QEMU_HANDLE "commit testdisk" "(qemu)"
|
||||
_send_qemu_cmd $QEMU_HANDLE '' '(qemu)'
|
||||
@ -29,7 +29,7 @@ index 77ad2aa13a06094f26d2c8991e48..fd84a4c77d192e15ee961b07994b 100755
|
||||
_img_info | _filter_img_info
|
||||
|
||||
# Make sure that if there was a backing file that was just overridden on the
|
||||
@@ -73,7 +74,8 @@ _make_test_img -F raw -b "$TEST_IMG.orig" 64M
|
||||
@@ -72,7 +73,8 @@ _make_test_img -F raw -b "$TEST_IMG.orig" 64M
|
||||
_launch_qemu -drive id=testdisk,file="$TEST_IMG",backing.file.filename="$TEST_IMG.base",backing.driver=$IMGFMT
|
||||
_send_qemu_cmd $QEMU_HANDLE "commit testdisk" "(qemu)"
|
||||
_send_qemu_cmd $QEMU_HANDLE '' '(qemu)'
|
||||
@ -60,10 +60,10 @@ index e45285ccc311522481ac1b27ba99..7168bdf70c3eb32d4de0d28bb947 100644
|
||||
file format: IMGFMT
|
||||
virtual size: 64 MiB (67108864 bytes)
|
||||
diff --git a/tests/qemu-iotests/153 b/tests/qemu-iotests/153
|
||||
index 2b1311176801e30485cf39ec65d8..608a377af5f3662dc25ddcebb01e 100755
|
||||
index 34045ea3cfeb5e30acac17ae8a10..b5cec71dd9a718055d9264e51946 100755
|
||||
--- a/tests/qemu-iotests/153
|
||||
+++ b/tests/qemu-iotests/153
|
||||
@@ -202,7 +202,8 @@ _send_qemu_cmd $QEMU_HANDLE \
|
||||
@@ -201,7 +201,8 @@ _send_qemu_cmd $QEMU_HANDLE \
|
||||
'return'
|
||||
_run_cmd $QEMU_IMG commit -b "${TEST_IMG}.b" "${TEST_IMG}.c"
|
||||
|
||||
@ -73,7 +73,7 @@ index 2b1311176801e30485cf39ec65d8..608a377af5f3662dc25ddcebb01e 100755
|
||||
|
||||
_launch_qemu
|
||||
|
||||
@@ -254,7 +255,8 @@ _send_qemu_cmd $QEMU_HANDLE \
|
||||
@@ -253,7 +254,8 @@ _send_qemu_cmd $QEMU_HANDLE \
|
||||
|
||||
_run_cmd $QEMU_IO "${TEST_IMG}" -c 'write 0 512'
|
||||
|
||||
@ -84,10 +84,10 @@ index 2b1311176801e30485cf39ec65d8..608a377af5f3662dc25ddcebb01e 100755
|
||||
echo
|
||||
echo "== Detecting -U and force-share conflicts =="
|
||||
diff --git a/tests/qemu-iotests/153.out b/tests/qemu-iotests/153.out
|
||||
index f7464dd8d345a853f7b64a67c6d0..8bc14f6abf94662473d6d93b5672 100644
|
||||
index 8a79e1ee870d72c6d346898113b1..d1d6b673b22d5443700ae9c146c7 100644
|
||||
--- a/tests/qemu-iotests/153.out
|
||||
+++ b/tests/qemu-iotests/153.out
|
||||
@@ -421,6 +421,8 @@ Is another process using the image [TEST_DIR/t.qcow2]?
|
||||
@@ -424,6 +424,8 @@ Is another process using the image [TEST_DIR/t.qcow2]?
|
||||
_qemu_img_wrapper commit -b TEST_DIR/t.qcow2.b TEST_DIR/t.qcow2.c
|
||||
{ 'execute': 'qmp_capabilities' }
|
||||
{"return": {}}
|
||||
@ -96,7 +96,7 @@ index f7464dd8d345a853f7b64a67c6d0..8bc14f6abf94662473d6d93b5672 100644
|
||||
Adding drive
|
||||
{ 'execute': 'human-monitor-command', 'arguments': { 'command-line': 'drive_add 0 if=none,id=d0,file=TEST_DIR/t.IMGFMT' } }
|
||||
{"return": "OKrn"}
|
||||
@@ -454,6 +456,8 @@ Closing the other
|
||||
@@ -457,6 +459,8 @@ Closing the other
|
||||
{"return": ""}
|
||||
|
||||
_qemu_io_wrapper TEST_DIR/t.qcow2 -c write 0 512
|
||||
|
@ -245,6 +245,7 @@ osc add qemu-$SOURCE_VERSION$VERSION_EXTRA.tar.xz
|
||||
#!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
|
||||
# !! We (perhaps temporarily) do MORE recursive submodules, since we are tracking ALL in these scripts, while upstream doesn't include all in tarball currently
|
||||
# !!! THIS IS AT LEAST PARTLY REDUNDANT WITH THE update --init DONE ABOUT 30 LINES AGO
|
||||
(cd $GIT_DIR && git submodule update --init --recursive &>/dev/null)
|
||||
SUBMODULE_COMMIT_IDS=($(git -C $GIT_DIR submodule status --recursive|awk '{print $1}'))
|
||||
SUBMODULE_DIRS=($(git -C $GIT_DIR submodule status --recursive|awk '{print $2}'))
|
||||
@ -479,8 +480,9 @@ rm -rf $BUNDLE_DIR
|
||||
echo "QEMU source version: $SOURCE_VERSION"
|
||||
echo "QEMU version extra: $VERSION_EXTRA"
|
||||
|
||||
# get rid of "rel-" prefix to the seabios version - keep any trailing git info, such as: "-44-g88ab0c1"
|
||||
SEABIOS_VERSION=${SEABIOS_VERSION:-$(tar JxfO qemu-$SOURCE_VERSION$VERSION_EXTRA.tar.xz \
|
||||
qemu-$SOURCE_VERSION/roms/seabios/.version | cut -d '-' -f 2)}
|
||||
qemu-$SOURCE_VERSION/roms/seabios/.version | cut -c5- | tr '-' '_')}
|
||||
|
||||
for package in qemu; do
|
||||
while IFS= read -r line; do
|
||||
|
@ -1,30 +0,0 @@
|
||||
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||
Date: Thu, 25 Jun 2020 11:17:09 +0200
|
||||
Subject: vga: fix cirrus bios
|
||||
|
||||
Git-commit: d11c75185276ded944f2ea0277532b7fee849bbc
|
||||
|
||||
Little mistake, big effect. The patch adding the ati driver broke
|
||||
cirrus due to a missing "else", which effectively downgrades cirrus
|
||||
to standard vga.
|
||||
|
||||
Fixes: 34b6ecc16074 ("vga: add atiext driver")
|
||||
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
vgasrc/vgahw.h | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/roms/seabios/vgasrc/vgahw.h b/roms/seabios/vgasrc/vgahw.h
|
||||
index c774f4f2c6b7c8012096bac2f0ed..8b64660e5ef70d71b440013300bc 100644
|
||||
--- a/roms/seabios/vgasrc/vgahw.h
|
||||
+++ b/roms/seabios/vgasrc/vgahw.h
|
||||
@@ -36,7 +36,7 @@ static inline int vgahw_set_mode(struct vgamode_s *vmode_g, int flags) {
|
||||
static inline void vgahw_list_modes(u16 seg, u16 *dest, u16 *last) {
|
||||
if (CONFIG_VGA_CIRRUS)
|
||||
clext_list_modes(seg, dest, last);
|
||||
- if (CONFIG_VGA_ATI)
|
||||
+ else if (CONFIG_VGA_ATI)
|
||||
ati_list_modes(seg, dest, last);
|
||||
else if (CONFIG_VGA_BOCHS)
|
||||
bochsvga_list_modes(seg, dest, last);
|
@ -1,147 +0,0 @@
|
||||
From: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
Date: Fri, 1 May 2020 15:06:43 +0100
|
||||
Subject: virtiofsd: add --rlimit-nofile=NUM option
|
||||
|
||||
Git-commit: 6dbb716877728ce4eb51619885ef6ef4ada9565f
|
||||
References: bsc#1171110
|
||||
|
||||
Make it possible to specify the RLIMIT_NOFILE on the command-line.
|
||||
Users running multiple virtiofsd processes should allocate a certain
|
||||
number to each process so that the system-wide limit can never be
|
||||
exhausted.
|
||||
|
||||
When this option is set to 0 the rlimit is left at its current value.
|
||||
This is useful when a management tool wants to configure the rlimit
|
||||
itself.
|
||||
|
||||
The default behavior remains unchanged: try to set the limit to
|
||||
1,000,000 file descriptors if the current rlimit is lower.
|
||||
|
||||
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
||||
Message-Id: <20200501140644.220940-2-stefanha@redhat.com>
|
||||
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
tools/virtiofsd/fuse_lowlevel.h | 1 +
|
||||
tools/virtiofsd/helper.c | 23 +++++++++++++++++++++++
|
||||
tools/virtiofsd/passthrough_ll.c | 22 ++++++++--------------
|
||||
3 files changed, 32 insertions(+), 14 deletions(-)
|
||||
|
||||
diff --git a/tools/virtiofsd/fuse_lowlevel.h b/tools/virtiofsd/fuse_lowlevel.h
|
||||
index 8f6d705b5ccdb318b860ed2d2dc7..562fd5241ed400013f6fa65116ee 100644
|
||||
--- a/tools/virtiofsd/fuse_lowlevel.h
|
||||
+++ b/tools/virtiofsd/fuse_lowlevel.h
|
||||
@@ -1777,6 +1777,7 @@ struct fuse_cmdline_opts {
|
||||
int syslog;
|
||||
int log_level;
|
||||
unsigned int max_idle_threads;
|
||||
+ unsigned long rlimit_nofile;
|
||||
};
|
||||
|
||||
/**
|
||||
diff --git a/tools/virtiofsd/helper.c b/tools/virtiofsd/helper.c
|
||||
index 819c2bc13cf7c23c2876f175104b..dc59f38af02c73c2a492fd3b2d6f 100644
|
||||
--- a/tools/virtiofsd/helper.c
|
||||
+++ b/tools/virtiofsd/helper.c
|
||||
@@ -23,6 +23,8 @@
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/param.h>
|
||||
+#include <sys/time.h>
|
||||
+#include <sys/resource.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#define FUSE_HELPER_OPT(t, p) \
|
||||
@@ -53,6 +55,7 @@ static const struct fuse_opt fuse_helper_opts[] = {
|
||||
FUSE_HELPER_OPT("subtype=", nodefault_subtype),
|
||||
FUSE_OPT_KEY("subtype=", FUSE_OPT_KEY_KEEP),
|
||||
FUSE_HELPER_OPT("max_idle_threads=%u", max_idle_threads),
|
||||
+ FUSE_HELPER_OPT("--rlimit-nofile=%lu", rlimit_nofile),
|
||||
FUSE_HELPER_OPT("--syslog", syslog),
|
||||
FUSE_HELPER_OPT_VALUE("log_level=debug", log_level, FUSE_LOG_DEBUG),
|
||||
FUSE_HELPER_OPT_VALUE("log_level=info", log_level, FUSE_LOG_INFO),
|
||||
@@ -171,6 +174,9 @@ void fuse_cmdline_help(void)
|
||||
" default: no_writeback\n"
|
||||
" -o xattr|no_xattr enable/disable xattr\n"
|
||||
" default: no_xattr\n"
|
||||
+ " --rlimit-nofile=<num> set maximum number of file descriptors\n"
|
||||
+ " (0 leaves rlimit unchanged)\n"
|
||||
+ " default: 1,000,000 if the current rlimit is lower\n"
|
||||
);
|
||||
}
|
||||
|
||||
@@ -191,11 +197,28 @@ static int fuse_helper_opt_proc(void *data, const char *arg, int key,
|
||||
}
|
||||
}
|
||||
|
||||
+static unsigned long get_default_rlimit_nofile(void)
|
||||
+{
|
||||
+ rlim_t max_fds = 1000000; /* our default RLIMIT_NOFILE target */
|
||||
+ struct rlimit rlim;
|
||||
+
|
||||
+ if (getrlimit(RLIMIT_NOFILE, &rlim) < 0) {
|
||||
+ fuse_log(FUSE_LOG_ERR, "getrlimit(RLIMIT_NOFILE): %m\n");
|
||||
+ exit(1);
|
||||
+ }
|
||||
+
|
||||
+ if (rlim.rlim_cur >= max_fds) {
|
||||
+ return 0; /* we have more fds available than required! */
|
||||
+ }
|
||||
+ return max_fds;
|
||||
+}
|
||||
+
|
||||
int fuse_parse_cmdline(struct fuse_args *args, struct fuse_cmdline_opts *opts)
|
||||
{
|
||||
memset(opts, 0, sizeof(struct fuse_cmdline_opts));
|
||||
|
||||
opts->max_idle_threads = 10;
|
||||
+ opts->rlimit_nofile = get_default_rlimit_nofile();
|
||||
opts->foreground = 1;
|
||||
|
||||
if (fuse_opt_parse(args, opts, fuse_helper_opts, fuse_helper_opt_proc) ==
|
||||
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
|
||||
index 4c35c95b256cbaa5d888037800a7..f7b9c1d20c312d1eefb4c8782c27 100644
|
||||
--- a/tools/virtiofsd/passthrough_ll.c
|
||||
+++ b/tools/virtiofsd/passthrough_ll.c
|
||||
@@ -2707,24 +2707,18 @@ static void setup_sandbox(struct lo_data *lo, struct fuse_session *se,
|
||||
setup_seccomp(enable_syslog);
|
||||
}
|
||||
|
||||
-/* Raise the maximum number of open file descriptors */
|
||||
-static void setup_nofile_rlimit(void)
|
||||
+/* Set the maximum number of open file descriptors */
|
||||
+static void setup_nofile_rlimit(unsigned long rlimit_nofile)
|
||||
{
|
||||
- const rlim_t max_fds = 1000000;
|
||||
- struct rlimit rlim;
|
||||
-
|
||||
- if (getrlimit(RLIMIT_NOFILE, &rlim) < 0) {
|
||||
- fuse_log(FUSE_LOG_ERR, "getrlimit(RLIMIT_NOFILE): %m\n");
|
||||
- exit(1);
|
||||
- }
|
||||
+ struct rlimit rlim = {
|
||||
+ .rlim_cur = rlimit_nofile,
|
||||
+ .rlim_max = rlimit_nofile,
|
||||
+ };
|
||||
|
||||
- if (rlim.rlim_cur >= max_fds) {
|
||||
+ if (rlimit_nofile == 0) {
|
||||
return; /* nothing to do */
|
||||
}
|
||||
|
||||
- rlim.rlim_cur = max_fds;
|
||||
- rlim.rlim_max = max_fds;
|
||||
-
|
||||
if (setrlimit(RLIMIT_NOFILE, &rlim) < 0) {
|
||||
/* Ignore SELinux denials */
|
||||
if (errno == EPERM) {
|
||||
@@ -2977,7 +2971,7 @@ int main(int argc, char *argv[])
|
||||
|
||||
fuse_daemonize(opts.foreground);
|
||||
|
||||
- setup_nofile_rlimit();
|
||||
+ setup_nofile_rlimit(opts.rlimit_nofile);
|
||||
|
||||
/* Must be before sandbox since it wants /proc */
|
||||
setup_capng();
|
@ -1,74 +0,0 @@
|
||||
From: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
Date: Fri, 1 May 2020 15:06:44 +0100
|
||||
Subject: virtiofsd: stay below fs.file-max sysctl value (CVE-2020-10717)
|
||||
|
||||
Git-commit: 8c1d353d107b4fc344e27f2f08ea7fa25de2eea2
|
||||
References: bsc#1171110, CVE-2020-10717
|
||||
|
||||
The system-wide fs.file-max sysctl value determines how many files can
|
||||
be open. It defaults to a value calculated based on the machine's RAM
|
||||
size. Previously virtiofsd would try to set RLIMIT_NOFILE to 1,000,000
|
||||
and this allowed the FUSE client to exhaust the number of open files
|
||||
system-wide on Linux hosts with less than 10 GB of RAM!
|
||||
|
||||
Take fs.file-max into account when choosing the default RLIMIT_NOFILE
|
||||
value.
|
||||
|
||||
Fixes: CVE-2020-10717
|
||||
Reported-by: Yuval Avrahami <yavrahami@paloaltonetworks.com>
|
||||
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||||
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
||||
Message-Id: <20200501140644.220940-3-stefanha@redhat.com>
|
||||
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
tools/virtiofsd/helper.c | 26 +++++++++++++++++++++++++-
|
||||
1 file changed, 25 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/tools/virtiofsd/helper.c b/tools/virtiofsd/helper.c
|
||||
index dc59f38af02c73c2a492fd3b2d6f..00a1ef666a510068bb687bb34756 100644
|
||||
--- a/tools/virtiofsd/helper.c
|
||||
+++ b/tools/virtiofsd/helper.c
|
||||
@@ -176,7 +176,8 @@ void fuse_cmdline_help(void)
|
||||
" default: no_xattr\n"
|
||||
" --rlimit-nofile=<num> set maximum number of file descriptors\n"
|
||||
" (0 leaves rlimit unchanged)\n"
|
||||
- " default: 1,000,000 if the current rlimit is lower\n"
|
||||
+ " default: min(1000000, fs.file-max - 16384)\n"
|
||||
+ " if the current rlimit is lower\n"
|
||||
);
|
||||
}
|
||||
|
||||
@@ -199,9 +200,32 @@ static int fuse_helper_opt_proc(void *data, const char *arg, int key,
|
||||
|
||||
static unsigned long get_default_rlimit_nofile(void)
|
||||
{
|
||||
+ g_autofree gchar *file_max_str = NULL;
|
||||
+ const rlim_t reserved_fds = 16384; /* leave at least this many fds free */
|
||||
rlim_t max_fds = 1000000; /* our default RLIMIT_NOFILE target */
|
||||
+ rlim_t file_max;
|
||||
struct rlimit rlim;
|
||||
|
||||
+ /*
|
||||
+ * Reduce max_fds below the system-wide maximum, if necessary. This
|
||||
+ * ensures there are fds available for other processes so we don't
|
||||
+ * cause resource exhaustion.
|
||||
+ */
|
||||
+ if (!g_file_get_contents("/proc/sys/fs/file-max", &file_max_str,
|
||||
+ NULL, NULL)) {
|
||||
+ fuse_log(FUSE_LOG_ERR, "can't read /proc/sys/fs/file-max\n");
|
||||
+ exit(1);
|
||||
+ }
|
||||
+ file_max = g_ascii_strtoull(file_max_str, NULL, 10);
|
||||
+ if (file_max < 2 * reserved_fds) {
|
||||
+ fuse_log(FUSE_LOG_ERR,
|
||||
+ "The fs.file-max sysctl is too low (%lu) to allow a "
|
||||
+ "reasonable number of open files.\n",
|
||||
+ (unsigned long)file_max);
|
||||
+ exit(1);
|
||||
+ }
|
||||
+ max_fds = MIN(file_max - reserved_fds, max_fds);
|
||||
+
|
||||
if (getrlimit(RLIMIT_NOFILE, &rlim) < 0) {
|
||||
fuse_log(FUSE_LOG_ERR, "getrlimit(RLIMIT_NOFILE): %m\n");
|
||||
exit(1);
|
@ -15,10 +15,10 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/hw/block/xen-block.c b/hw/block/xen-block.c
|
||||
index 57d0e2804860e6776b509c5b6d6e..f9a22ec8d7d13a242775797f1e1f 100644
|
||||
index 1a379e8771faee970808dd2efd89..310b9639e06b0d543f22652fadd9 100644
|
||||
--- a/hw/block/xen-block.c
|
||||
+++ b/hw/block/xen-block.c
|
||||
@@ -275,6 +275,9 @@ static void xen_block_realize(XenDevice *xendev, Error **errp)
|
||||
@@ -270,6 +270,9 @@ static void xen_block_realize(XenDevice *xendev, Error **errp)
|
||||
|
||||
xen_block_set_size(blockdev);
|
||||
|
||||
|
@ -27,10 +27,10 @@ Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/migration/savevm.c b/migration/savevm.c
|
||||
index c00a6807d92371380208762dc440..03ff4491a64861fcdf2b91d3ffed 100644
|
||||
index a843d202b5b4dd449e6982b59d80..d75642353e8276f5d3c391fe2c48 100644
|
||||
--- a/migration/savevm.c
|
||||
+++ b/migration/savevm.c
|
||||
@@ -2782,7 +2782,7 @@ void qmp_xen_save_devices_state(const char *filename, bool has_live, bool live,
|
||||
@@ -2820,7 +2820,7 @@ void qmp_xen_save_devices_state(const char *filename, bool has_live, bool live,
|
||||
* So call bdrv_inactivate_all (release locks) here to let the other
|
||||
* side of the migration take controle of the images.
|
||||
*/
|
||||
|
@ -18,10 +18,10 @@ Signed-off-by: Olaf Hering <olaf@aepfle.de>
|
||||
1 file changed, 12 insertions(+)
|
||||
|
||||
diff --git a/hw/block/xen-block.c b/hw/block/xen-block.c
|
||||
index 99cb4c67cb09aa2bd8f12982984f..57d0e2804860e6776b509c5b6d6e 100644
|
||||
index 8a7a3f54523ed050587c3e2047de..1a379e8771faee970808dd2efd89 100644
|
||||
--- a/hw/block/xen-block.c
|
||||
+++ b/hw/block/xen-block.c
|
||||
@@ -744,6 +744,8 @@ static XenBlockDrive *xen_block_drive_create(const char *id,
|
||||
@@ -729,6 +729,8 @@ static XenBlockDrive *xen_block_drive_create(const char *id,
|
||||
const char *mode = qdict_get_try_str(opts, "mode");
|
||||
const char *direct_io_safe = qdict_get_try_str(opts, "direct-io-safe");
|
||||
const char *discard_enable = qdict_get_try_str(opts, "discard-enable");
|
||||
@ -30,7 +30,7 @@ index 99cb4c67cb09aa2bd8f12982984f..57d0e2804860e6776b509c5b6d6e 100644
|
||||
char *driver = NULL;
|
||||
char *filename = NULL;
|
||||
XenBlockDrive *drive = NULL;
|
||||
@@ -813,6 +815,16 @@ static XenBlockDrive *xen_block_drive_create(const char *id,
|
||||
@@ -797,6 +799,16 @@ static XenBlockDrive *xen_block_drive_create(const char *id,
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user