SHA256
1
0
forked from pool/qemu

Accepting request 612290 from home:bfrogers:branches:Virtualization

A couple of fixes, including one which gives confidence we can submit to Factory finally.

OBS-URL: https://build.opensuse.org/request/show/612290
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=410
This commit is contained in:
Bruce Rogers 2018-05-25 18:04:13 +00:00 committed by Git OBS Bridge
parent 0a85de9260
commit 58fc860e6d
42 changed files with 2752 additions and 108 deletions

View File

@ -32,7 +32,7 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
---
Makefile.target | 13 +++++++++++++
linux-user/Makefile.objs | 2 ++
linux-user/binfmt.c | 42 ++++++++++++++++++++++++++++++++++++++++++
linux-user/binfmt.c | 42 ++++++++++++++++++++++++++++++++++++++++
3 files changed, 57 insertions(+)
create mode 100644 linux-user/binfmt.c

View File

@ -18,7 +18,7 @@ prefer the use of qemu_strto[u]ll() over strto[u]ll().
Cc: qemu-stable@nongnu.org
Signed-off-by: Andreas Färber <afaerber@suse.de>
---
qapi/string-input-visitor.c | 63 +++++++++++++++++++++++++++++++++++----------
qapi/string-input-visitor.c | 63 +++++++++++++++++++++++++++++--------
1 file changed, 50 insertions(+), 13 deletions(-)
diff --git a/qapi/string-input-visitor.c b/qapi/string-input-visitor.c

View File

@ -11,8 +11,8 @@ Add a test for parsing and setting a uint64 property.
Signed-off-by: Andreas Färber <afaerber@suse.de>
---
MAINTAINERS | 1 +
tests/Makefile.include | 3 ++
tests/check-qom-props.c | 122 ++++++++++++++++++++++++++++++++++++++++++++++++
tests/Makefile.include | 3 +
tests/check-qom-props.c | 122 ++++++++++++++++++++++++++++++++++++++++
3 files changed, 126 insertions(+)
create mode 100644 tests/check-qom-props.c

View File

@ -15,7 +15,7 @@ Signed-off-by: Andreas Färber <afaerber@suse.de>
---
MAINTAINERS | 1 +
tests/Makefile.include | 3 ++
tests/scsi-disk-test.c | 83 ++++++++++++++++++++++++++++++++++++++++++++++++++
tests/scsi-disk-test.c | 83 ++++++++++++++++++++++++++++++++++++++++++
3 files changed, 87 insertions(+)
create mode 100644 tests/scsi-disk-test.c

View File

@ -24,8 +24,8 @@ For smbios tables which dont have string fields provided, qemu should add 2.
[LM: BSC#1084316]
Signed-off-by: Lin Ma <lma@suse.com>
---
hw/smbios/smbios.c | 90 ++++++++++++++++++++++++++++++++++++++++++++++
include/hw/smbios/smbios.h | 44 +++++++++++++++++++++++
hw/smbios/smbios.c | 90 ++++++++++++++++++++++++++++++++++++++
include/hw/smbios/smbios.h | 44 +++++++++++++++++++
2 files changed, 134 insertions(+)
diff --git a/hw/smbios/smbios.c b/hw/smbios/smbios.c

View File

@ -0,0 +1,39 @@
From 3faf2d7bb2c32a603e65f68045a58524f3018937 Mon Sep 17 00:00:00 2001
From: Geert Uytterhoeven <geert+renesas@glider.be>
Date: Thu, 26 Apr 2018 11:04:38 +0100
Subject: [PATCH] device_tree: Increase FDT_MAX_SIZE to 1 MiB
It is not uncommon for a contemporary FDT to be larger than 64 KiB,
leading to failures loading the device tree from sysfs:
qemu-system-aarch64: qemu_fdt_setprop: Couldn't set ...: FDT_ERR_NOSPACE
Hence increase the limit to 1 MiB, like on PPC.
For reference, the largest arm64 DTB created from the Linux sources is
ca. 75 KiB large (100 KiB when built with symbols/fixup support).
Cc: qemu-stable@nongnu.org
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Message-id: 1523541337-23919-1-git-send-email-geert+renesas@glider.be
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
(cherry picked from commit 14ec3cbd7c1e31dca4d23f028100c8f43e156573)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
device_tree.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/device_tree.c b/device_tree.c
index 19458b32bf..52c3358a55 100644
--- a/device_tree.c
+++ b/device_tree.c
@@ -29,7 +29,7 @@
#include <libfdt.h>
-#define FDT_MAX_SIZE 0x10000
+#define FDT_MAX_SIZE 0x100000
void *create_device_tree(int *sizep)
{

View File

@ -0,0 +1,47 @@
From 62a58c5c2ab8ae7575a9d91d903e97ef250cc537 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Fri, 20 Apr 2018 10:48:19 +0200
Subject: [PATCH] vnc: fix use-after-free
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
When vnc_client_read() return value is -1
vs is not valid any more.
Fixes: d49b87f0d1e0520443a990fc610d0f02bc63c556
Reported-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180420084820.3873-1-kraxel@redhat.com
(cherry picked from commit 1bc3117abad28d6465ecdb2c944b22943df0e4f3)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
ui/vnc.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/ui/vnc.c b/ui/vnc.c
index 5ebae6f664..a4b2cc7666 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -1539,13 +1539,14 @@ gboolean vnc_client_io(QIOChannel *ioc G_GNUC_UNUSED,
VncState *vs = opaque;
if (condition & G_IO_IN) {
if (vnc_client_read(vs) < 0) {
- goto end;
+ /* vs is free()ed here */
+ return TRUE;
}
}
if (condition & G_IO_OUT) {
vnc_client_write(vs);
}
-end:
+
if (vs->disconnecting) {
if (vs->ioc_tag != 0) {
g_source_remove(vs->ioc_tag);

View File

@ -0,0 +1,49 @@
From 147b2d783526c7904732749cace06b62fd5fde9b Mon Sep 17 00:00:00 2001
From: Jason Andryuk <jandryuk@gmail.com>
Date: Fri, 20 Apr 2018 14:32:19 -0400
Subject: [PATCH] ccid: Fix dwProtocols advertisement of T=0
Commit d7d218ef02d87c637d20d64da8f575d434ff6f78 attempted to change
dwProtocols to only advertise support for T=0 and not T=1. The change
was incorrect as it changed 0x00000003 to 0x00010000.
lsusb -v in a linux guest shows:
"dwProtocols 65536 (Invalid values detected)", though the
smart card could still be accessed. Windows 7 does not detect inserted
smart cards and logs the the following Error in the Event Logs:
Source: Smart Card Service
Event ID: 610
Smart Card Reader 'QEMU QEMU USB CCID 0' rejected IOCTL SET_PROTOCOL:
Incorrect function. If this error persists, your smart card or reader
may not be functioning correctly
Command Header: 03 00 00 00
Setting to 0x00000001 fixes the Windows issue.
Signed-off-by: Jason Andryuk <jandryuk@gmail.com>
Message-id: 20180420183219.20722-1-jandryuk@gmail.com
Cc: qemu-stable@nongnu.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit 0ee86bb6c5beb6498488850104f7557c376d0bef)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/usb/dev-smartcard-reader.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/usb/dev-smartcard-reader.c b/hw/usb/dev-smartcard-reader.c
index e6468057a0..cabb564788 100644
--- a/hw/usb/dev-smartcard-reader.c
+++ b/hw/usb/dev-smartcard-reader.c
@@ -329,8 +329,8 @@ static const uint8_t qemu_ccid_descriptor[] = {
*/
0x07, /* u8 bVoltageSupport; 01h - 5.0v, 02h - 3.0, 03 - 1.8 */
- 0x00, 0x00, /* u32 dwProtocols; RRRR PPPP. RRRR = 0000h.*/
- 0x01, 0x00, /* PPPP: 0001h = Protocol T=0, 0002h = Protocol T=1 */
+ 0x01, 0x00, /* u32 dwProtocols; RRRR PPPP. RRRR = 0000h.*/
+ 0x00, 0x00, /* PPPP: 0001h = Protocol T=0, 0002h = Protocol T=1 */
/* u32 dwDefaultClock; in kHZ (0x0fa0 is 4 MHz) */
0xa0, 0x0f, 0x00, 0x00,
/* u32 dwMaximumClock; */

View File

@ -0,0 +1,48 @@
From 99aaadeae3b73ce65b3695a9fcae454ac09db81d Mon Sep 17 00:00:00 2001
From: Henry Wertz <hwertz10@gmail.com>
Date: Tue, 17 Apr 2018 12:06:23 -1000
Subject: [PATCH] tcg/arm: Fix memory barrier encoding
I found with qemu 2.11.x or newer that I would get an illegal instruction
error running some Intel binaries on my ARM chromebook. On investigation,
I found it was quitting on memory barriers.
qemu instruction:
mb $0x31
was translating as:
0x604050cc: 5bf07ff5 blpl #0x600250a8
After patch it gives:
0x604050cc: f57ff05b dmb ish
In short, I found INSN_DMB_ISH (memory barrier for ARMv7) appeared to be
correct based on online docs, but due to some endian-related shenanigans it
had to be byte-swapped to suit qemu; it appears INSN_DMB_MCR (memory
barrier for ARMv6) also should be byte swapped (and this patch does so).
I have not checked for correctness of aarch64's barrier instruction.
Cc: qemu-stable@nongnu.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Henry Wertz <hwertz10@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
(cherry picked from commit 3f814b803797c007abfe5c4041de754e01723031)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
tcg/arm/tcg-target.inc.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tcg/arm/tcg-target.inc.c b/tcg/arm/tcg-target.inc.c
index dc83f3e5be..56a32a470f 100644
--- a/tcg/arm/tcg-target.inc.c
+++ b/tcg/arm/tcg-target.inc.c
@@ -159,8 +159,8 @@ typedef enum {
INSN_STRD_IMM = 0x004000f0,
INSN_STRD_REG = 0x000000f0,
- INSN_DMB_ISH = 0x5bf07ff5,
- INSN_DMB_MCR = 0xba0f07ee,
+ INSN_DMB_ISH = 0xf57ff05b,
+ INSN_DMB_MCR = 0xee070fba,
/* Architected nop introduced in v6k. */
/* ??? This is an MSR (imm) 0,0,0 insn. Anyone know if this

View File

@ -0,0 +1,39 @@
From 5098e4e05ca692d356588714daa2feaecc0f3248 Mon Sep 17 00:00:00 2001
From: Cornelia Huck <cohuck@redhat.com>
Date: Wed, 2 May 2018 14:52:21 +0200
Subject: [PATCH] s390-ccw: force diag 308 subcode to unsigned long
We currently pass an integer as the subcode parameter. However,
the upper bits of the register containing the subcode need to
be 0, which is not guaranteed unless we explicitly specify the
subcode to be an unsigned long value.
Fixes: d046c51dad3 ("pc-bios/s390-ccw: Get device address via diag 308/6")
Cc: qemu-stable@nongnu.org
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
(cherry picked from commit 63d8b5ace31c1e1f3996fe4cd551d6d377594d5a)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
pc-bios/s390-ccw/iplb.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/pc-bios/s390-ccw/iplb.h b/pc-bios/s390-ccw/iplb.h
index 5357a36d51..ded20c834e 100644
--- a/pc-bios/s390-ccw/iplb.h
+++ b/pc-bios/s390-ccw/iplb.h
@@ -101,10 +101,11 @@ static inline bool manage_iplb(IplParameterBlock *iplb, bool store)
{
register unsigned long addr asm("0") = (unsigned long) iplb;
register unsigned long rc asm("1") = 0;
+ unsigned long subcode = store ? 6 : 5;
asm volatile ("diag %0,%2,0x308\n"
: "+d" (addr), "+d" (rc)
- : "d" (store ? 6 : 5)
+ : "d" (subcode)
: "memory", "cc");
return rc == 0x01;
}

View File

@ -0,0 +1,43 @@
From d0583cf5cba9821cef70389de8aab7c661f9f8a3 Mon Sep 17 00:00:00 2001
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Date: Fri, 27 Apr 2018 17:20:01 +0300
Subject: [PATCH] nbd/client: fix nbd_negotiate_simple_meta_context
Initialize received variable. Otherwise, is is possible for server to
answer without any contexts, but we will set context_id to something
random (received_id is not initialized too) and return 1, which is
wrong.
To solve it, just initialize received to false. Initialize received_id
too, just to make all possible checkers happy.
Bug was introduced in 78a33ab58782efdb206de14 "nbd: BLOCK_STATUS for
standard get_block_status function: client part" with the whole
function.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20180427142002.21930-2-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
CC: qemu-stable@nongnu.org
Signed-off-by: Eric Blake <eblake@redhat.com>
(cherry picked from commit 89aa0d87634e2cb98517509dc8bdb876f26ecf8b)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
nbd/client.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/nbd/client.c b/nbd/client.c
index b9e175d1c2..7f35b5c323 100644
--- a/nbd/client.c
+++ b/nbd/client.c
@@ -613,8 +613,8 @@ static int nbd_negotiate_simple_meta_context(QIOChannel *ioc,
{
int ret;
NBDOptionReply reply;
- uint32_t received_id;
- bool received;
+ uint32_t received_id = 0;
+ bool received = false;
uint32_t export_len = strlen(export);
uint32_t context_len = strlen(context);
uint32_t data_len = sizeof(export_len) + export_len +

View File

@ -0,0 +1,34 @@
From dacb486f3fda3c43180f919cd8e9febf6016bc00 Mon Sep 17 00:00:00 2001
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Date: Fri, 27 Apr 2018 17:20:02 +0300
Subject: [PATCH] migration/block-dirty-bitmap: fix memory leak in
dirty_bitmap_load_bits
Release buf on error path too.
Bug was introduced in b35ebdf076d697bc "migration: add postcopy
migration of dirty bitmaps" with the whole function.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20180427142002.21930-3-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
CC: qemu-stable@nongnu.org
Signed-off-by: Eric Blake <eblake@redhat.com>
(cherry picked from commit 16a2227893dc1d5cad78ed376ad1d7e300978fbe)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
migration/block-dirty-bitmap.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/migration/block-dirty-bitmap.c b/migration/block-dirty-bitmap.c
index dd04f102d8..8819aabe3a 100644
--- a/migration/block-dirty-bitmap.c
+++ b/migration/block-dirty-bitmap.c
@@ -600,6 +600,7 @@ static int dirty_bitmap_load_bits(QEMUFile *f, DirtyBitmapLoadState *s)
ret = qemu_get_buffer(f, buf, buf_size);
if (ret != buf_size) {
error_report("Failed to read bitmap bits");
+ g_free(buf);
return -EIO;
}

View File

@ -0,0 +1,59 @@
From 576c854128e5646e6b36a757eaead3f89f21fb51 Mon Sep 17 00:00:00 2001
From: Eric Blake <eblake@redhat.com>
Date: Tue, 1 May 2018 10:46:53 -0500
Subject: [PATCH] nbd/client: Fix error messages during NBD_INFO_BLOCK_SIZE
A missing space makes for poor error messages, and sizes can't
go negative. Also, we missed diagnosing a server that sends
a maximum block size less than the minimum.
Fixes: 081dd1fe
CC: qemu-stable@nongnu.org
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180501154654.943782-1-eblake@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
(cherry picked from commit e475d108f1b3d3163f0affea67cdedbe5fc9752b)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
nbd/client.c | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/nbd/client.c b/nbd/client.c
index 7f35b5c323..232ff4f46d 100644
--- a/nbd/client.c
+++ b/nbd/client.c
@@ -435,8 +435,8 @@ static int nbd_opt_go(QIOChannel *ioc, const char *wantname,
}
be32_to_cpus(&info->min_block);
if (!is_power_of_2(info->min_block)) {
- error_setg(errp, "server minimum block size %" PRId32
- "is not a power of two", info->min_block);
+ error_setg(errp, "server minimum block size %" PRIu32
+ " is not a power of two", info->min_block);
nbd_send_opt_abort(ioc);
return -1;
}
@@ -450,8 +450,8 @@ static int nbd_opt_go(QIOChannel *ioc, const char *wantname,
be32_to_cpus(&info->opt_block);
if (!is_power_of_2(info->opt_block) ||
info->opt_block < info->min_block) {
- error_setg(errp, "server preferred block size %" PRId32
- "is not valid", info->opt_block);
+ error_setg(errp, "server preferred block size %" PRIu32
+ " is not valid", info->opt_block);
nbd_send_opt_abort(ioc);
return -1;
}
@@ -462,6 +462,12 @@ static int nbd_opt_go(QIOChannel *ioc, const char *wantname,
return -1;
}
be32_to_cpus(&info->max_block);
+ if (info->max_block < info->min_block) {
+ error_setg(errp, "server maximum block size %" PRIu32
+ " is not valid", info->max_block);
+ nbd_send_opt_abort(ioc);
+ return -1;
+ }
trace_nbd_opt_go_info_block_size(info->min_block, info->opt_block,
info->max_block);
break;

View File

@ -0,0 +1,54 @@
From 15ada521b8ffff264f5322a188fa1ce080eec5a4 Mon Sep 17 00:00:00 2001
From: Eric Blake <eblake@redhat.com>
Date: Thu, 3 May 2018 17:26:26 -0500
Subject: [PATCH] nbd/client: Relax handling of large NBD_CMD_BLOCK_STATUS
reply
The NBD spec is proposing a relaxation of NBD_CMD_BLOCK_STATUS
where a server may have the final extent per context give a
length beyond the original request, if it can easily prove that
subsequent bytes have the same status, on the grounds that a
client can take advantage of this information for fewer block
status requests. Since qemu 2.12 as a client always sends
NBD_CMD_FLAG_REQ_ONE, and rejects a server that sends extra
length, the upstream NBD spec will probably limit this behavior
to clients that don't request REQ_ONE semantics; but it doesn't
hurt to relax qemu to always be permissive of this server
behavior, even if it continues to use REQ_ONE.
CC: qemu-stable@nongnu.org
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180503222626.1303410-1-eblake@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
(cherry picked from commit acfd8f7a5f92e703d2d046cbe3d510008a697194)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
block/nbd-client.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/block/nbd-client.c b/block/nbd-client.c
index e7caf49fbb..8d69eaaa32 100644
--- a/block/nbd-client.c
+++ b/block/nbd-client.c
@@ -259,14 +259,18 @@ static int nbd_parse_blockstatus_payload(NBDClientSession *client,
if (extent->length == 0 ||
(client->info.min_block && !QEMU_IS_ALIGNED(extent->length,
- client->info.min_block)) ||
- extent->length > orig_length)
- {
+ client->info.min_block))) {
error_setg(errp, "Protocol error: server sent status chunk with "
"invalid length");
return -EINVAL;
}
+ /* The server is allowed to send us extra information on the final
+ * extent; just clamp it to the length we requested. */
+ if (extent->length > orig_length) {
+ extent->length = orig_length;
+ }
+
return 0;
}

View File

@ -0,0 +1,40 @@
From 103ae095901618329ae7bcc1c353fb9f89f0dce4 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Fri, 27 Apr 2018 13:55:28 +0200
Subject: [PATCH] qxl: fix local renderer crash
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Make sure we only ask the spice local renderer for display updates in
case we have a valid primary surface. Without that spice is confused
and throws errors in case a display update request (triggered by
screendump for example) happens in parallel to a mode switch and hits
the race window where the old primary surface is gone and the new isn't
establisted yet.
Cc: qemu-stable@nongnu.org
Fixes: https://bugzilla.redhat.com//show_bug.cgi?id=1567733
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 20180427115528.345-1-kraxel@redhat.com
(cherry picked from commit 5bd5c27c7d284d01477c5cc022ce22438c46bf9f)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/display/qxl-render.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/hw/display/qxl-render.c b/hw/display/qxl-render.c
index e7ac4f8789..c62b9a5e75 100644
--- a/hw/display/qxl-render.c
+++ b/hw/display/qxl-render.c
@@ -169,7 +169,8 @@ void qxl_render_update(PCIQXLDevice *qxl)
qemu_mutex_lock(&qxl->ssd.lock);
- if (!runstate_is_running() || !qxl->guest_primary.commands) {
+ if (!runstate_is_running() || !qxl->guest_primary.commands ||
+ qxl->mode == QXL_MODE_UNDEFINED) {
qxl_render_update_area_unlocked(qxl);
qemu_mutex_unlock(&qxl->ssd.lock);
return;

View File

@ -0,0 +1,83 @@
From 4a80d570314e7d15b62ef1195b34ea635ec940fe Mon Sep 17 00:00:00 2001
From: Richard Henderson <richard.henderson@linaro.org>
Date: Tue, 8 May 2018 19:18:59 +0000
Subject: [PATCH] tcg: Limit the number of ops in a TB
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
In 6001f7729e12 we partially attempt to address the branch
displacement overflow caused by 15fa08f845.
However, gcc/testsuite/gcc.target/aarch64/advsimd-intrinsics/vqtbX.c
is a testcase that contains a TB so large as to overflow anyway.
The limit here of 8000 ops produces a maximum output TB size of
24112 bytes on a ppc64le host with that test case. This is still
much less than the maximum forward branch distance of 32764 bytes.
Cc: qemu-stable@nongnu.org
Fixes: 15fa08f845 ("tcg: Dynamically allocate TCGOps")
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
(cherry picked from commit abebf92597186be2bc48d487235da28b1127860f)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
tcg/tcg.c | 3 +++
tcg/tcg.h | 8 +++++++-
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/tcg/tcg.c b/tcg/tcg.c
index bb24526c93..66997cc653 100644
--- a/tcg/tcg.c
+++ b/tcg/tcg.c
@@ -866,6 +866,7 @@ void tcg_func_start(TCGContext *s)
/* No temps have been previously allocated for size or locality. */
memset(s->free_temps, 0, sizeof(s->free_temps));
+ s->nb_ops = 0;
s->nb_labels = 0;
s->current_frame_offset = s->frame_start;
@@ -1983,6 +1984,7 @@ void tcg_op_remove(TCGContext *s, TCGOp *op)
{
QTAILQ_REMOVE(&s->ops, op, link);
QTAILQ_INSERT_TAIL(&s->free_ops, op, link);
+ s->nb_ops--;
#ifdef CONFIG_PROFILER
atomic_set(&s->prof.del_op_count, s->prof.del_op_count + 1);
@@ -2002,6 +2004,7 @@ static TCGOp *tcg_op_alloc(TCGOpcode opc)
}
memset(op, 0, offsetof(TCGOp, link));
op->opc = opc;
+ s->nb_ops++;
return op;
}
diff --git a/tcg/tcg.h b/tcg/tcg.h
index 30896ca304..17cf764565 100644
--- a/tcg/tcg.h
+++ b/tcg/tcg.h
@@ -655,6 +655,7 @@ struct TCGContext {
int nb_globals;
int nb_temps;
int nb_indirects;
+ int nb_ops;
/* goto_tb support */
tcg_insn_unit *code_buf;
@@ -844,7 +845,12 @@ static inline TCGOp *tcg_last_op(void)
/* Test for whether to terminate the TB for using too many opcodes. */
static inline bool tcg_op_buf_full(void)
{
- return false;
+ /* This is not a hard limit, it merely stops translation when
+ * we have produced "enough" opcodes. We want to limit TB size
+ * such that a RISC host can reasonably use a 16-bit signed
+ * branch within the TB.
+ */
+ return tcg_ctx->nb_ops >= 8000;
}
/* pool based memory allocation */

View File

@ -0,0 +1,63 @@
From 5c37a7c504f63919341d277486e941c64584d171 Mon Sep 17 00:00:00 2001
From: Richard Henderson <richard.henderson@linaro.org>
Date: Thu, 10 May 2018 18:10:58 +0100
Subject: [PATCH] target/arm: Clear SVE high bits for FMOV
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Use write_fp_dreg and clear_vec_high to zero the bits
that need zeroing for these cases.
Cc: qemu-stable@nongnu.org
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180502221552.3873-5-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
(cherry picked from commit 9a9f1f59521f46e8ff4527d9a2b52f83577e2aa3)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
target/arm/translate-a64.c | 17 +++++------------
1 file changed, 5 insertions(+), 12 deletions(-)
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
index c91329249d..a2c26a5f0a 100644
--- a/target/arm/translate-a64.c
+++ b/target/arm/translate-a64.c
@@ -5438,31 +5438,24 @@ static void handle_fmov(DisasContext *s, int rd, int rn, int type, bool itof)
if (itof) {
TCGv_i64 tcg_rn = cpu_reg(s, rn);
+ TCGv_i64 tmp;
switch (type) {
case 0:
- {
/* 32 bit */
- TCGv_i64 tmp = tcg_temp_new_i64();
+ tmp = tcg_temp_new_i64();
tcg_gen_ext32u_i64(tmp, tcg_rn);
- tcg_gen_st_i64(tmp, cpu_env, fp_reg_offset(s, rd, MO_64));
- tcg_gen_movi_i64(tmp, 0);
- tcg_gen_st_i64(tmp, cpu_env, fp_reg_hi_offset(s, rd));
+ write_fp_dreg(s, rd, tmp);
tcg_temp_free_i64(tmp);
break;
- }
case 1:
- {
/* 64 bit */
- TCGv_i64 tmp = tcg_const_i64(0);
- tcg_gen_st_i64(tcg_rn, cpu_env, fp_reg_offset(s, rd, MO_64));
- tcg_gen_st_i64(tmp, cpu_env, fp_reg_hi_offset(s, rd));
- tcg_temp_free_i64(tmp);
+ write_fp_dreg(s, rd, tcg_rn);
break;
- }
case 2:
/* 64 bit to top half. */
tcg_gen_st_i64(tcg_rn, cpu_env, fp_reg_hi_offset(s, rd));
+ clear_vec_high(s, true, rd);
break;
}
} else {

View File

@ -0,0 +1,47 @@
From b75d0d531a92be9c7d4f8dbbb9ebf7d0cb6b4423 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Le=20Goater?= <clg@kaod.org>
Date: Wed, 25 Apr 2018 15:18:28 +0200
Subject: [PATCH] cpus: tcg: fix never exiting loop on unplug
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Commit 9b0605f9837b ("cpus: tcg: unregister thread with RCU, fix
exiting of loop on unplug") changed the exit condition of the loop in
the vCPU thread function but forgot to remove the beginning 'while (1)'
statement. The resulting code :
while (1) {
...
} while (!cpu->unplug || cpu_can_run(cpu));
is a sequence of two distinct two while() loops, the first not exiting
in case of an unplug event.
Remove the first while (1) to fix CPU unplug.
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20180425131828.15604-1-clg@kaod.org>
Cc: qemu-stable@nongnu.org
Fixes: 9b0605f9837b68fd56c7fc7c96a3a1a3b983687d
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
(cherry picked from commit 54961aac190df28d311802364d19e18d5cda8bab)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
cpus.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/cpus.c b/cpus.c
index ef39603cf9..b13112b8e2 100644
--- a/cpus.c
+++ b/cpus.c
@@ -1648,7 +1648,7 @@ static void *qemu_tcg_cpu_thread_fn(void *arg)
/* process any pending work */
cpu->exit_request = 1;
- while (1) {
+ do {
if (cpu_can_run(cpu)) {
int r;
qemu_mutex_unlock_iothread();

View File

@ -0,0 +1,48 @@
From 2b39c3abb35d0725bd94b21475737098fbea22ff Mon Sep 17 00:00:00 2001
From: Cornelia Huck <cohuck@redhat.com>
Date: Fri, 4 May 2018 14:53:16 +0200
Subject: [PATCH] s390x/css: disabled subchannels cannot be status pending
The 3270 code will try to post an attention interrupt when the
3270 emulator (e.g. x3270) attaches. If the guest has not yet
enabled the subchannel for the 3270 device, we will present a spurious
cc 1 (status pending) when it uses msch on it later on, e.g. when
trying to enable the subchannel.
To fix this, just don't do anything in css_conditional_io_interrupt()
if the subchannel is not enabled. The 3270 code will work fine with
that, and the other user of this function (virtio-ccw) never
attempts to post an interrupt for a disabled device to begin with.
CC: qemu-stable@nongnu.org
Reported-by: Thomas Huth <thuth@redhat.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Acked-by: Halil Pasic <pasic@linux.ibm.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
(cherry picked from commit 6e9c893ecd00afd5344c35d0d0ded50eaa0938f6)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/s390x/css.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/hw/s390x/css.c b/hw/s390x/css.c
index 301bf1772f..56c3fa8c89 100644
--- a/hw/s390x/css.c
+++ b/hw/s390x/css.c
@@ -616,6 +616,14 @@ void css_inject_io_interrupt(SubchDev *sch)
void css_conditional_io_interrupt(SubchDev *sch)
{
+ /*
+ * If the subchannel is not enabled, it is not made status pending
+ * (see PoP p. 16-17, "Status Control").
+ */
+ if (!(sch->curr_status.pmcw.flags & PMCW_FLAGS_MASK_ENA)) {
+ return;
+ }
+
/*
* If the subchannel is not currently status pending, make it pending
* with alert status.

View File

@ -0,0 +1,44 @@
From 3179a2220ee4fbb087446148ab231898eae01fce Mon Sep 17 00:00:00 2001
From: Thomas Huth <thuth@redhat.com>
Date: Tue, 8 May 2018 12:17:52 +0200
Subject: [PATCH] pc-bios/s390-ccw: struct tpi_info must be declared as
aligned(4)
I've run into a compilation error today with the current version of GCC 8:
In file included from s390-ccw.h:49,
from main.c:12:
cio.h:128:1: error: alignment 1 of 'struct tpi_info' is less than 4 [-Werror=packed-not-aligned]
} __attribute__ ((packed));
^
cc1: all warnings being treated as errors
Since the struct tpi_info contains an element ("struct subchannel_id schid")
which is marked as aligned(4), we've got to mark the struct tpi_info as
aligned(4), too.
CC: qemu-stable@nongnu.org
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1525774672-11913-1-git-send-email-thuth@redhat.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
(cherry picked from commit a6e4385dea94850d7b06b0542e7960c1063fdabd)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
pc-bios/s390-ccw/cio.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pc-bios/s390-ccw/cio.h b/pc-bios/s390-ccw/cio.h
index 55eaeee4b6..1a0795f645 100644
--- a/pc-bios/s390-ccw/cio.h
+++ b/pc-bios/s390-ccw/cio.h
@@ -125,7 +125,7 @@ struct tpi_info {
__u32 reserved3 : 12;
__u32 int_type : 3;
__u32 reserved4 : 12;
-} __attribute__ ((packed));
+} __attribute__ ((packed, aligned(4)));
/* channel command word (type 1) */
struct ccw1 {

View File

@ -0,0 +1,127 @@
From ffc072689e4202e198ea8e8a3df4ec128e53bbea Mon Sep 17 00:00:00 2001
From: Cornelia Huck <cohuck@redhat.com>
Date: Mon, 7 May 2018 15:05:42 +0200
Subject: [PATCH] virtio-ccw: common reset handler
All the different virtio ccw devices use the same reset handler,
so let's move setting it into the base virtio ccw device class.
CC: qemu-stable@nongnu.org
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Halil Pasic <pasic@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
(cherry picked from commit 0c53057adb04d254bc09511880670c92ab185fc6)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/s390x/virtio-ccw.c | 13 +------------
1 file changed, 1 insertion(+), 12 deletions(-)
diff --git a/hw/s390x/virtio-ccw.c b/hw/s390x/virtio-ccw.c
index e51fbefd23..40a33302a7 100644
--- a/hw/s390x/virtio-ccw.c
+++ b/hw/s390x/virtio-ccw.c
@@ -1345,7 +1345,6 @@ static void virtio_ccw_net_class_init(ObjectClass *klass, void *data)
k->realize = virtio_ccw_net_realize;
k->unrealize = virtio_ccw_unrealize;
- dc->reset = virtio_ccw_reset;
dc->props = virtio_ccw_net_properties;
set_bit(DEVICE_CATEGORY_NETWORK, dc->categories);
}
@@ -1373,7 +1372,6 @@ static void virtio_ccw_blk_class_init(ObjectClass *klass, void *data)
k->realize = virtio_ccw_blk_realize;
k->unrealize = virtio_ccw_unrealize;
- dc->reset = virtio_ccw_reset;
dc->props = virtio_ccw_blk_properties;
set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
}
@@ -1401,7 +1399,6 @@ static void virtio_ccw_serial_class_init(ObjectClass *klass, void *data)
k->realize = virtio_ccw_serial_realize;
k->unrealize = virtio_ccw_unrealize;
- dc->reset = virtio_ccw_reset;
dc->props = virtio_ccw_serial_properties;
set_bit(DEVICE_CATEGORY_INPUT, dc->categories);
}
@@ -1429,7 +1426,6 @@ static void virtio_ccw_balloon_class_init(ObjectClass *klass, void *data)
k->realize = virtio_ccw_balloon_realize;
k->unrealize = virtio_ccw_unrealize;
- dc->reset = virtio_ccw_reset;
dc->props = virtio_ccw_balloon_properties;
set_bit(DEVICE_CATEGORY_MISC, dc->categories);
}
@@ -1457,7 +1453,6 @@ static void virtio_ccw_scsi_class_init(ObjectClass *klass, void *data)
k->realize = virtio_ccw_scsi_realize;
k->unrealize = virtio_ccw_unrealize;
- dc->reset = virtio_ccw_reset;
dc->props = virtio_ccw_scsi_properties;
set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
}
@@ -1484,7 +1479,6 @@ static void vhost_ccw_scsi_class_init(ObjectClass *klass, void *data)
k->realize = vhost_ccw_scsi_realize;
k->unrealize = virtio_ccw_unrealize;
- dc->reset = virtio_ccw_reset;
dc->props = vhost_ccw_scsi_properties;
set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
}
@@ -1521,7 +1515,6 @@ static void virtio_ccw_rng_class_init(ObjectClass *klass, void *data)
k->realize = virtio_ccw_rng_realize;
k->unrealize = virtio_ccw_unrealize;
- dc->reset = virtio_ccw_reset;
dc->props = virtio_ccw_rng_properties;
set_bit(DEVICE_CATEGORY_MISC, dc->categories);
}
@@ -1559,7 +1552,6 @@ static void virtio_ccw_crypto_class_init(ObjectClass *klass, void *data)
k->realize = virtio_ccw_crypto_realize;
k->unrealize = virtio_ccw_unrealize;
- dc->reset = virtio_ccw_reset;
dc->props = virtio_ccw_crypto_properties;
set_bit(DEVICE_CATEGORY_MISC, dc->categories);
}
@@ -1597,7 +1589,6 @@ static void virtio_ccw_gpu_class_init(ObjectClass *klass, void *data)
k->realize = virtio_ccw_gpu_realize;
k->unrealize = virtio_ccw_unrealize;
- dc->reset = virtio_ccw_reset;
dc->props = virtio_ccw_gpu_properties;
dc->hotpluggable = false;
set_bit(DEVICE_CATEGORY_DISPLAY, dc->categories);
@@ -1626,7 +1617,6 @@ static void virtio_ccw_input_class_init(ObjectClass *klass, void *data)
k->realize = virtio_ccw_input_realize;
k->unrealize = virtio_ccw_unrealize;
- dc->reset = virtio_ccw_reset;
dc->props = virtio_ccw_input_properties;
set_bit(DEVICE_CATEGORY_INPUT, dc->categories);
}
@@ -1730,6 +1720,7 @@ static void virtio_ccw_device_class_init(ObjectClass *klass, void *data)
dc->realize = virtio_ccw_busdev_realize;
dc->unrealize = virtio_ccw_busdev_unrealize;
dc->bus_type = TYPE_VIRTUAL_CSS_BUS;
+ dc->reset = virtio_ccw_reset;
}
static const TypeInfo virtio_ccw_device_info = {
@@ -1806,7 +1797,6 @@ static void virtio_ccw_9p_class_init(ObjectClass *klass, void *data)
k->unrealize = virtio_ccw_unrealize;
k->realize = virtio_ccw_9p_realize;
- dc->reset = virtio_ccw_reset;
dc->props = virtio_ccw_9p_properties;
set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
}
@@ -1856,7 +1846,6 @@ static void vhost_vsock_ccw_class_init(ObjectClass *klass, void *data)
k->unrealize = virtio_ccw_unrealize;
set_bit(DEVICE_CATEGORY_MISC, dc->categories);
dc->props = vhost_vsock_ccw_properties;
- dc->reset = virtio_ccw_reset;
}
static void vhost_vsock_ccw_instance_init(Object *obj)

View File

@ -0,0 +1,103 @@
From 783d488a66a565aaf259e8736b6ccb97fb0cbb86 Mon Sep 17 00:00:00 2001
From: Cornelia Huck <cohuck@redhat.com>
Date: Mon, 7 May 2018 15:27:57 +0200
Subject: [PATCH] s390x/ccw: make sure all ccw devices are properly reset
Thomas reported that the subchannel for a 3270 device that ended up
in a broken state (status pending even though not enabled) did not
get out of that state even after a reboot (which involves a subsytem
reset). The reason for this is that the 3270 device did not define
a reset handler.
Let's fix this by introducing a base reset handler (set up for all
ccw devices) that resets the subchannel and have virtio-ccw call
its virtio-specific reset procedure in addition to that.
CC: qemu-stable@nongnu.org
Reported-by: Thomas Huth <thuth@redhat.com>
Suggested-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Halil Pasic <pasic@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
(cherry picked from commit 838fb84f83c84f00d15b1bede5e080b495644458)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
hw/s390x/ccw-device.c | 8 ++++++++
hw/s390x/virtio-ccw.c | 9 ++++++---
hw/s390x/virtio-ccw.h | 1 +
3 files changed, 15 insertions(+), 3 deletions(-)
diff --git a/hw/s390x/ccw-device.c b/hw/s390x/ccw-device.c
index f9bfa154d6..7cd73df4aa 100644
--- a/hw/s390x/ccw-device.c
+++ b/hw/s390x/ccw-device.c
@@ -40,6 +40,13 @@ static Property ccw_device_properties[] = {
DEFINE_PROP_END_OF_LIST(),
};
+static void ccw_device_reset(DeviceState *d)
+{
+ CcwDevice *ccw_dev = CCW_DEVICE(d);
+
+ css_reset_sch(ccw_dev->sch);
+}
+
static void ccw_device_class_init(ObjectClass *klass, void *data)
{
DeviceClass *dc = DEVICE_CLASS(klass);
@@ -48,6 +55,7 @@ static void ccw_device_class_init(ObjectClass *klass, void *data)
k->realize = ccw_device_realize;
k->refill_ids = ccw_device_refill_ids;
dc->props = ccw_device_properties;
+ dc->reset = ccw_device_reset;
}
const VMStateDescription vmstate_ccw_dev = {
diff --git a/hw/s390x/virtio-ccw.c b/hw/s390x/virtio-ccw.c
index 40a33302a7..22df33b509 100644
--- a/hw/s390x/virtio-ccw.c
+++ b/hw/s390x/virtio-ccw.c
@@ -1058,10 +1058,12 @@ static void virtio_ccw_reset(DeviceState *d)
{
VirtioCcwDevice *dev = VIRTIO_CCW_DEVICE(d);
VirtIODevice *vdev = virtio_bus_get_device(&dev->bus);
- CcwDevice *ccw_dev = CCW_DEVICE(d);
+ VirtIOCCWDeviceClass *vdc = VIRTIO_CCW_DEVICE_GET_CLASS(dev);
virtio_ccw_reset_virtio(dev, vdev);
- css_reset_sch(ccw_dev->sch);
+ if (vdc->parent_reset) {
+ vdc->parent_reset(d);
+ }
}
static void virtio_ccw_vmstate_change(DeviceState *d, bool running)
@@ -1715,12 +1717,13 @@ static void virtio_ccw_device_class_init(ObjectClass *klass, void *data)
{
DeviceClass *dc = DEVICE_CLASS(klass);
CCWDeviceClass *k = CCW_DEVICE_CLASS(dc);
+ VirtIOCCWDeviceClass *vdc = VIRTIO_CCW_DEVICE_CLASS(klass);
k->unplug = virtio_ccw_busdev_unplug;
dc->realize = virtio_ccw_busdev_realize;
dc->unrealize = virtio_ccw_busdev_unrealize;
dc->bus_type = TYPE_VIRTUAL_CSS_BUS;
- dc->reset = virtio_ccw_reset;
+ device_class_set_parent_reset(dc, virtio_ccw_reset, &vdc->parent_reset);
}
static const TypeInfo virtio_ccw_device_info = {
diff --git a/hw/s390x/virtio-ccw.h b/hw/s390x/virtio-ccw.h
index 2fc513001e..3453aa1f98 100644
--- a/hw/s390x/virtio-ccw.h
+++ b/hw/s390x/virtio-ccw.h
@@ -77,6 +77,7 @@ typedef struct VirtIOCCWDeviceClass {
CCWDeviceClass parent_class;
void (*realize)(VirtioCcwDevice *dev, Error **errp);
void (*unrealize)(VirtioCcwDevice *dev, Error **errp);
+ void (*parent_reset)(DeviceState *dev);
} VirtIOCCWDeviceClass;
/* Performance improves when virtqueue kick processing is decoupled from the

View File

@ -0,0 +1,65 @@
From 28f65ae0a583e3b0a9d2b26c6fa6dc50dfb25ad6 Mon Sep 17 00:00:00 2001
From: John Snow <jsnow@redhat.com>
Date: Tue, 8 May 2018 19:36:59 -0400
Subject: [PATCH] blockjob: expose error string via query
When we've reached the concluded state, we need to expose the error
state if applicable. Add the new field.
This should be sufficient for determining if a job completed
successfully or not after concluding; if we want to discriminate
based on how it failed more mechanically, we can always add an
explicit return code enumeration later.
I didn't bother to make it only show up if we are in the concluded
state; I don't think it's necessary.
Cc: qemu-stable@nongnu.org
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
(cherry picked from commit ab9ba614556ac5b0f8d96b99e0dba19f1e28d6c2)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
blockjob.c | 2 ++
qapi/block-core.json | 6 +++++-
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/blockjob.c b/blockjob.c
index 27f957e571..4de48166b2 100644
--- a/blockjob.c
+++ b/blockjob.c
@@ -831,6 +831,8 @@ BlockJobInfo *block_job_query(BlockJob *job, Error **errp)
info->status = job->status;
info->auto_finalize = job->auto_finalize;
info->auto_dismiss = job->auto_dismiss;
+ info->has_error = job->ret != 0;
+ info->error = job->ret ? g_strdup(strerror(-job->ret)) : NULL;
return info;
}
diff --git a/qapi/block-core.json b/qapi/block-core.json
index c50517bff3..7da3bea6bc 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -1172,6 +1172,9 @@
# @auto-dismiss: Job will dismiss itself when CONCLUDED, moving to the NULL
# state and disappearing from the query list. (since 2.12)
#
+# @error: Error information if the job did not complete successfully.
+# Not set if the job completed successfully. (since 2.12.1)
+#
# Since: 1.1
##
{ 'struct': 'BlockJobInfo',
@@ -1179,7 +1182,8 @@
'offset': 'int', 'busy': 'bool', 'paused': 'bool', 'speed': 'int',
'io-status': 'BlockDeviceIoStatus', 'ready': 'bool',
'status': 'BlockJobStatus',
- 'auto-finalize': 'bool', 'auto-dismiss': 'bool' } }
+ 'auto-finalize': 'bool', 'auto-dismiss': 'bool',
+ '*error': 'str' } }
##
# @query-block-jobs:

View File

@ -0,0 +1,39 @@
From 1eb457c2de41008aca9873be0ba2e2635e1f9cf1 Mon Sep 17 00:00:00 2001
From: Kevin Wolf <kwolf@redhat.com>
Date: Tue, 8 May 2018 11:55:30 +0200
Subject: [PATCH] blockjob: Fix assertion in block_job_finalize()
Every job gets a non-NULL job->txn on creation, but it doesn't
necessarily keep it until it is decommissioned: Finalising a job removes
it from its transaction. Therefore, calling 'blockdev-job-finalize' a
second time on an already concluded job causes an assertion failure.
Remove job->txn from the assertion in block_job_finalize() to fix this.
block_job_do_finalize() still has the same assertion, but if a job is
already removed from its transaction, block_job_apply_verb() will
already error out before we run into that assertion.
Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
(cherry picked from commit 37aa19b63c46d933f1e4ea944cfccee54e2caf4a)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
blockjob.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/blockjob.c b/blockjob.c
index 4de48166b2..b38ed7e265 100644
--- a/blockjob.c
+++ b/blockjob.c
@@ -702,7 +702,7 @@ void block_job_complete(BlockJob *job, Error **errp)
void block_job_finalize(BlockJob *job, Error **errp)
{
- assert(job && job->id && job->txn);
+ assert(job && job->id);
if (block_job_apply_verb(job, BLOCK_JOB_VERB_FINALIZE, errp)) {
return;
}

View File

@ -0,0 +1,52 @@
From 17f84e4f3e671f58c8c9fe909a5551ffd9dfdc87 Mon Sep 17 00:00:00 2001
From: Max Reitz <mreitz@redhat.com>
Date: Wed, 2 May 2018 22:20:49 +0200
Subject: [PATCH] qemu-io: Use purely string blockdev options
Currently, qemu-io only uses string-valued blockdev options (as all are
converted directly from QemuOpts) -- with one exception: -U adds the
force-share option as a boolean. This in itself is already a bit
questionable, but a real issue is that it also assumes the value already
existing in the options QDict would be a boolean, which is wrong.
That has the following effect:
$ ./qemu-io -r -U --image-opts \
driver=file,filename=/dev/null,force-share=off
[1] 15200 segmentation fault (core dumped) ./qemu-io -r -U
--image-opts driver=file,filename=/dev/null,force-share=off
Since @opts is converted from QemuOpts, the value must be a string, and
we have to compare it as such. Consequently, it makes sense to also set
it as a string instead of a boolean.
Cc: qemu-stable@nongnu.org
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20180502202051.15493-2-mreitz@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
(cherry picked from commit 2a01c01f9ecb43af4c0a85fe6adc429ffc9c31b5)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
qemu-io.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/qemu-io.c b/qemu-io.c
index e692c555e0..0755a30447 100644
--- a/qemu-io.c
+++ b/qemu-io.c
@@ -95,12 +95,12 @@ static int openfile(char *name, int flags, bool writethrough, bool force_share,
opts = qdict_new();
}
if (qdict_haskey(opts, BDRV_OPT_FORCE_SHARE)
- && !qdict_get_bool(opts, BDRV_OPT_FORCE_SHARE)) {
+ && strcmp(qdict_get_str(opts, BDRV_OPT_FORCE_SHARE), "on")) {
error_report("-U conflicts with image options");
QDECREF(opts);
return 1;
}
- qdict_put_bool(opts, BDRV_OPT_FORCE_SHARE, true);
+ qdict_put_str(opts, BDRV_OPT_FORCE_SHARE, "on");
}
qemuio_blk = blk_new_open(name, NULL, opts, flags, &local_err);
if (!qemuio_blk) {

View File

@ -0,0 +1,48 @@
From a8a7fe80f036d584ffed21f9d2ddb65d269bc805 Mon Sep 17 00:00:00 2001
From: Max Reitz <mreitz@redhat.com>
Date: Wed, 2 May 2018 22:20:50 +0200
Subject: [PATCH] qemu-img: Use only string options in img_open_opts
img_open_opts() takes a QemuOpts and converts them to a QDict, so all
values therein are strings. Then it may try to call qdict_get_bool(),
however, which will fail with a segmentation fault every time:
$ ./qemu-img info -U --image-opts \
driver=file,filename=/dev/null,force-share=off
[1] 27869 segmentation fault (core dumped) ./qemu-img info -U
--image-opts driver=file,filename=/dev/null,force-share=off
Fix this by using qdict_get_str() and comparing the value as a string.
Also, when adding a force-share value to the QDict, add it as a string
so it fits the rest of the dict.
Cc: qemu-stable@nongnu.org
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20180502202051.15493-3-mreitz@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
(cherry picked from commit 4615f87832d2fcb7a544bedeece2741bf8c21f94)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
qemu-img.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/qemu-img.c b/qemu-img.c
index 855fa52514..42b60917b0 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -277,12 +277,12 @@ static BlockBackend *img_open_opts(const char *optstr,
options = qemu_opts_to_qdict(opts, NULL);
if (force_share) {
if (qdict_haskey(options, BDRV_OPT_FORCE_SHARE)
- && !qdict_get_bool(options, BDRV_OPT_FORCE_SHARE)) {
+ && strcmp(qdict_get_str(options, BDRV_OPT_FORCE_SHARE), "on")) {
error_report("--force-share/-U conflicts with image options");
QDECREF(options);
return NULL;
}
- qdict_put_bool(options, BDRV_OPT_FORCE_SHARE, true);
+ qdict_put_str(options, BDRV_OPT_FORCE_SHARE, "on");
}
blk = blk_new_open(NULL, NULL, options, flags, &local_err);
if (!blk) {

View File

@ -0,0 +1,51 @@
From 07cfae0f6649239efdbf4aa97db175468495c5a1 Mon Sep 17 00:00:00 2001
From: Kevin Wolf <kwolf@redhat.com>
Date: Wed, 16 May 2018 18:08:16 +0200
Subject: [PATCH] nfs: Remove processed options from QDict
Commit c22a03454 QAPIfied option parsing in the NFS block driver, but
forgot to remove all the options we processed. Therefore, we get an
error in bdrv_open_inherit(), which thinks the remaining options are
invalid. Trying to open an NFS image will result in an error like this:
Block protocol 'nfs' doesn't support the option 'server.host'
Remove all options from the QDict to make the NFS driver work again.
Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-id: 20180516160816.26259-1-kwolf@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Jeff Cody <jcody@redhat.com>
(cherry picked from commit c82be42cc803b36fd7aed5dceec68312c7056fd5)
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
block/nfs.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/block/nfs.c b/block/nfs.c
index 2577df4b26..dc12d5000d 100644
--- a/block/nfs.c
+++ b/block/nfs.c
@@ -557,6 +557,7 @@ static BlockdevOptionsNfs *nfs_options_qdict_to_qapi(QDict *options,
BlockdevOptionsNfs *opts = NULL;
QObject *crumpled = NULL;
Visitor *v;
+ const QDictEntry *e;
Error *local_err = NULL;
crumpled = qdict_crumple(options, errp);
@@ -573,6 +574,12 @@ static BlockdevOptionsNfs *nfs_options_qdict_to_qapi(QDict *options,
return NULL;
}
+ /* Remove the processed options from the QDict (the visitor processes
+ * _all_ options in the QDict) */
+ while ((e = qdict_first(options))) {
+ qdict_del(options, e->key);
+ }
+
return opts;
}

View File

@ -0,0 +1,50 @@
From 9641d6f6e656248df8c0877ef047c0764b2bbffc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Mon, 21 May 2018 22:54:22 +0100
Subject: [PATCH] i386: define the 'ssbd' CPUID feature bit (CVE-2018-3639)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
New microcode introduces the "Speculative Store Bypass Disable"
CPUID feature bit. This needs to be exposed to guest OS to allow
them to protect against CVE-2018-3639.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Message-Id: <20180521215424.13520-2-berrange@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
(cherry picked from commit d19d1f965904a533998739698020ff4ee8a103da)
[BR: BSC#1092885]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
target/i386/cpu.c | 2 +-
target/i386/cpu.h | 1 +
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index a20fe26573..2f5263e22f 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -510,7 +510,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
NULL, NULL, "spec-ctrl", NULL,
- NULL, NULL, NULL, NULL,
+ NULL, NULL, NULL, "ssbd",
},
.cpuid_eax = 7,
.cpuid_needs_ecx = true, .cpuid_ecx = 0,
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index 164884f1d8..4c8e42e39d 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -684,6 +684,7 @@ typedef uint32_t FeatureWordArray[FEATURE_WORDS];
#define CPUID_7_0_EDX_AVX512_4VNNIW (1U << 2) /* AVX512 Neural Network Instructions */
#define CPUID_7_0_EDX_AVX512_4FMAPS (1U << 3) /* AVX512 Multiply Accumulation Single Precision */
#define CPUID_7_0_EDX_SPEC_CTRL (1U << 26) /* Speculation Control */
+#define CPUID_7_0_EDX_SPEC_CTRL_SSBD (1U << 31) /* Speculative Store Bypass Disable */
#define KVM_HINTS_DEDICATED (1U << 0)

View File

@ -0,0 +1,147 @@
From 3d54c78e88efc794e3adc1b32c2bf24829f18dec Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Mon, 21 May 2018 22:54:24 +0100
Subject: [PATCH] i386: Define the Virt SSBD MSR and handling of it
(CVE-2018-3639)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
"Some AMD processors only support a non-architectural means of enabling
speculative store bypass disable (SSBD). To allow a simplified view of
this to a guest, an architectural definition has been created through a new
CPUID bit, 0x80000008_EBX[25], and a new MSR, 0xc001011f. With this, a
hypervisor can virtualize the existence of this definition and provide an
architectural method for using SSBD to a guest.
Add the new CPUID feature, the new MSR and update the existing SSBD
support to use this MSR when present." (from x86/speculation: Add virtualized
speculative store bypass disable support in Linux).
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20180521215424.13520-4-berrange@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
(cherry picked from commit cfeea0c021db6234c154dbc723730e81553924ff)
[BR: BSC#1092885]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
target/i386/cpu.h | 2 ++
target/i386/kvm.c | 16 ++++++++++++++--
target/i386/machine.c | 20 ++++++++++++++++++++
3 files changed, 36 insertions(+), 2 deletions(-)
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index 4c8e42e39d..e63205d1f0 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -351,6 +351,7 @@ typedef enum X86Seg {
#define MSR_IA32_FEATURE_CONTROL 0x0000003a
#define MSR_TSC_ADJUST 0x0000003b
#define MSR_IA32_SPEC_CTRL 0x48
+#define MSR_VIRT_SSBD 0xc001011f
#define MSR_IA32_TSCDEADLINE 0x6e0
#define FEATURE_CONTROL_LOCKED (1<<0)
@@ -1150,6 +1151,7 @@ typedef struct CPUX86State {
uint32_t pkru;
uint64_t spec_ctrl;
+ uint64_t virt_ssbd;
/* End of state preserved by INIT (dummy marker). */
struct {} end_init_save;
diff --git a/target/i386/kvm.c b/target/i386/kvm.c
index 6c49954e68..19e6aa320d 100644
--- a/target/i386/kvm.c
+++ b/target/i386/kvm.c
@@ -92,6 +92,7 @@ static bool has_msr_hv_stimer;
static bool has_msr_hv_frequencies;
static bool has_msr_xss;
static bool has_msr_spec_ctrl;
+static bool has_msr_virt_ssbd;
static bool has_msr_smi_count;
static uint32_t has_architectural_pmu_version;
@@ -1218,6 +1219,9 @@ static int kvm_get_supported_msrs(KVMState *s)
case MSR_IA32_SPEC_CTRL:
has_msr_spec_ctrl = true;
break;
+ case MSR_VIRT_SSBD:
+ has_msr_virt_ssbd = true;
+ break;
}
}
}
@@ -1706,6 +1710,10 @@ static int kvm_put_msrs(X86CPU *cpu, int level)
if (has_msr_spec_ctrl) {
kvm_msr_entry_add(cpu, MSR_IA32_SPEC_CTRL, env->spec_ctrl);
}
+ if (has_msr_virt_ssbd) {
+ kvm_msr_entry_add(cpu, MSR_VIRT_SSBD, env->virt_ssbd);
+ }
+
#ifdef TARGET_X86_64
if (lm_capable_kernel) {
kvm_msr_entry_add(cpu, MSR_CSTAR, env->cstar);
@@ -2077,8 +2085,9 @@ static int kvm_get_msrs(X86CPU *cpu)
if (has_msr_spec_ctrl) {
kvm_msr_entry_add(cpu, MSR_IA32_SPEC_CTRL, 0);
}
-
-
+ if (has_msr_virt_ssbd) {
+ kvm_msr_entry_add(cpu, MSR_VIRT_SSBD, 0);
+ }
if (!env->tsc_valid) {
kvm_msr_entry_add(cpu, MSR_IA32_TSC, 0);
env->tsc_valid = !runstate_is_running();
@@ -2444,6 +2453,9 @@ static int kvm_get_msrs(X86CPU *cpu)
case MSR_IA32_SPEC_CTRL:
env->spec_ctrl = msrs[i].data;
break;
+ case MSR_VIRT_SSBD:
+ env->virt_ssbd = msrs[i].data;
+ break;
case MSR_IA32_RTIT_CTL:
env->msr_rtit_ctrl = msrs[i].data;
break;
diff --git a/target/i386/machine.c b/target/i386/machine.c
index bd2d82e91b..f0a835c292 100644
--- a/target/i386/machine.c
+++ b/target/i386/machine.c
@@ -893,6 +893,25 @@ static const VMStateDescription vmstate_msr_intel_pt = {
}
};
+static bool virt_ssbd_needed(void *opaque)
+{
+ X86CPU *cpu = opaque;
+ CPUX86State *env = &cpu->env;
+
+ return env->virt_ssbd != 0;
+}
+
+static const VMStateDescription vmstate_msr_virt_ssbd = {
+ .name = "cpu/virt_ssbd",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .needed = virt_ssbd_needed,
+ .fields = (VMStateField[]){
+ VMSTATE_UINT64(env.virt_ssbd, X86CPU),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
VMStateDescription vmstate_x86_cpu = {
.name = "cpu",
.version_id = 12,
@@ -1015,6 +1034,7 @@ VMStateDescription vmstate_x86_cpu = {
&vmstate_spec_ctrl,
&vmstate_mcg_ext_ctl,
&vmstate_msr_intel_pt,
+ &vmstate_msr_virt_ssbd,
NULL
}
};

View File

@ -0,0 +1,40 @@
From b418432f84340d80f17b5b1317afe9c81a1d50ae Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Mon, 21 May 2018 22:54:23 +0100
Subject: [PATCH] i386: define the AMD 'virt-ssbd' CPUID feature bit
(CVE-2018-3639)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
AMD Zen expose the Intel equivalant to Speculative Store Bypass Disable
via the 0x80000008_EBX[25] CPUID feature bit.
This needs to be exposed to guest OS to allow them to protect
against CVE-2018-3639.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20180521215424.13520-3-berrange@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
(cherry picked from commit 403503b162ffc33fb64cfefdf7b880acf41772cd)
[BR: BSC#1092885]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
target/i386/cpu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 2f5263e22f..2e305ab689 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -541,7 +541,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
"ibpb", NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
- NULL, NULL, NULL, NULL,
+ NULL, "virt-ssbd", NULL, NULL,
NULL, NULL, NULL, NULL,
},
.cpuid_eax = 0x80000008,

View File

@ -0,0 +1,45 @@
From 41e6f70a01044bf814949da00e22a18d0ada809b Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Fri, 25 May 2018 09:08:20 -0600
Subject: [PATCH] Revert "replay: don't process async events when warping the
clock"
This reverts commit 89e46eb477113550485bc24264d249de9fd1260a.
[BR: BSC#1094406]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
replay/replay-events.c | 1 -
replay/replay.c | 7 +------
2 files changed, 1 insertion(+), 7 deletions(-)
diff --git a/replay/replay-events.c b/replay/replay-events.c
index 707de3867b..fc7d458b90 100644
--- a/replay/replay-events.c
+++ b/replay/replay-events.c
@@ -201,7 +201,6 @@ static void replay_save_event(Event *event, int checkpoint)
void replay_save_events(int checkpoint)
{
g_assert(replay_mutex_locked());
- g_assert(checkpoint != CHECKPOINT_CLOCK_WARP_START);
while (!QTAILQ_EMPTY(&events_list)) {
Event *event = QTAILQ_FIRST(&events_list);
replay_save_event(event, checkpoint);
diff --git a/replay/replay.c b/replay/replay.c
index 8228261401..eae8daf18a 100644
--- a/replay/replay.c
+++ b/replay/replay.c
@@ -211,12 +211,7 @@ bool replay_checkpoint(ReplayCheckpoint checkpoint)
} else if (replay_mode == REPLAY_MODE_RECORD) {
g_assert(replay_mutex_locked());
replay_put_event(EVENT_CHECKPOINT + checkpoint);
- /* This checkpoint belongs to several threads.
- Processing events from different threads is
- non-deterministic */
- if (checkpoint != CHECKPOINT_CLOCK_WARP_START) {
- replay_save_events(checkpoint);
- }
+ replay_save_events(checkpoint);
res = true;
}
out:

View File

@ -0,0 +1,51 @@
From 00300f4a36119691fc8689575424d380b2450bf7 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Fri, 25 May 2018 09:09:04 -0600
Subject: [PATCH] Revert "replay: avoid recursive call of checkpoints"
This reverts commit 66eb7825d0bd84a870a054fb208fe765317109fa.
[BR: BSC#1094406]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
replay/replay.c | 14 +-------------
1 file changed, 1 insertion(+), 13 deletions(-)
diff --git a/replay/replay.c b/replay/replay.c
index eae8daf18a..90f98b7490 100644
--- a/replay/replay.c
+++ b/replay/replay.c
@@ -176,24 +176,13 @@ void replay_shutdown_request(ShutdownCause cause)
bool replay_checkpoint(ReplayCheckpoint checkpoint)
{
bool res = false;
- static bool in_checkpoint;
assert(EVENT_CHECKPOINT + checkpoint <= EVENT_CHECKPOINT_LAST);
+ replay_save_instructions();
if (!replay_file) {
return true;
}
- if (in_checkpoint) {
- /* If we are already in checkpoint, then there is no need
- for additional synchronization.
- Recursion occurs when HW event modifies timers.
- Timer modification may invoke the checkpoint and
- proceed to recursion. */
- return true;
- }
- in_checkpoint = true;
-
- replay_save_instructions();
if (replay_mode == REPLAY_MODE_PLAY) {
g_assert(replay_mutex_locked());
@@ -215,7 +204,6 @@ bool replay_checkpoint(ReplayCheckpoint checkpoint)
res = true;
}
out:
- in_checkpoint = false;
return res;
}

View File

@ -0,0 +1,53 @@
From cceb1b09c36f71bdb84cd8b3ad20d63335fc1559 Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Fri, 25 May 2018 09:09:28 -0600
Subject: [PATCH] Revert "replay: check return values of fwrite"
This reverts commit 6dc0f5296359ff59c248215a965c8658dea9544b.
[BR: BSC#1094406]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
replay/replay-internal.c | 17 ++---------------
1 file changed, 2 insertions(+), 15 deletions(-)
diff --git a/replay/replay-internal.c b/replay/replay-internal.c
index b077cb5fd5..8e7474f787 100644
--- a/replay/replay-internal.c
+++ b/replay/replay-internal.c
@@ -24,23 +24,12 @@
static QemuMutex lock;
/* File for replay writing */
-static bool write_error;
FILE *replay_file;
-static void replay_write_error(void)
-{
- if (!write_error) {
- error_report("replay write error");
- write_error = true;
- }
-}
-
void replay_put_byte(uint8_t byte)
{
if (replay_file) {
- if (putc(byte, replay_file) == EOF) {
- replay_write_error();
- }
+ putc(byte, replay_file);
}
}
@@ -73,9 +62,7 @@ void replay_put_array(const uint8_t *buf, size_t size)
{
if (replay_file) {
replay_put_dword(size);
- if (fwrite(buf, 1, size, replay_file) != size) {
- replay_write_error();
- }
+ fwrite(buf, 1, size, replay_file);
}
}

View File

@ -0,0 +1,680 @@
From 844d663fad2ad36a2960d21a93f36ab29de8215f Mon Sep 17 00:00:00 2001
From: Bruce Rogers <brogers@suse.com>
Date: Fri, 25 May 2018 09:10:26 -0600
Subject: [PATCH] Revert "replay: push replay_mutex_lock up the call tree"
This reverts commit d759c951f3287fad04210a52f2dc93f94cf58c7f.
[BR: BSC#1094406]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
cpus.c | 24 ++----------------------
docs/replay.txt | 22 ----------------------
replay/replay-audio.c | 14 ++++++++++----
replay/replay-char.c | 21 +++++++++++++--------
replay/replay-events.c | 19 ++++++++++++-------
replay/replay-internal.c | 24 ++++++++----------------
replay/replay-time.c | 10 +++++-----
replay/replay.c | 34 +++++++++++++++++++++-------------
util/main-loop.c | 15 ++++-----------
vl.c | 1 -
10 files changed, 75 insertions(+), 109 deletions(-)
diff --git a/cpus.c b/cpus.c
index b13112b8e2..7ea0d1c560 100644
--- a/cpus.c
+++ b/cpus.c
@@ -1325,8 +1325,6 @@ static void prepare_icount_for_run(CPUState *cpu)
insns_left = MIN(0xffff, cpu->icount_budget);
cpu->icount_decr.u16.low = insns_left;
cpu->icount_extra = cpu->icount_budget - insns_left;
-
- replay_mutex_lock();
}
}
@@ -1342,8 +1340,6 @@ static void process_icount_data(CPUState *cpu)
cpu->icount_budget = 0;
replay_account_executed_instructions();
-
- replay_mutex_unlock();
}
}
@@ -1358,9 +1354,11 @@ static int tcg_cpu_exec(CPUState *cpu)
#ifdef CONFIG_PROFILER
ti = profile_getclock();
#endif
+ qemu_mutex_unlock_iothread();
cpu_exec_start(cpu);
ret = cpu_exec(cpu);
cpu_exec_end(cpu);
+ qemu_mutex_lock_iothread();
#ifdef CONFIG_PROFILER
tcg_time += profile_getclock() - ti;
#endif
@@ -1427,9 +1425,6 @@ static void *qemu_tcg_rr_cpu_thread_fn(void *arg)
cpu->exit_request = 1;
while (1) {
- qemu_mutex_unlock_iothread();
- replay_mutex_lock();
- qemu_mutex_lock_iothread();
/* Account partial waits to QEMU_CLOCK_VIRTUAL. */
qemu_account_warp_timer();
@@ -1438,8 +1433,6 @@ static void *qemu_tcg_rr_cpu_thread_fn(void *arg)
*/
handle_icount_deadline();
- replay_mutex_unlock();
-
if (!cpu) {
cpu = first_cpu;
}
@@ -1455,13 +1448,11 @@ static void *qemu_tcg_rr_cpu_thread_fn(void *arg)
if (cpu_can_run(cpu)) {
int r;
- qemu_mutex_unlock_iothread();
prepare_icount_for_run(cpu);
r = tcg_cpu_exec(cpu);
process_icount_data(cpu);
- qemu_mutex_lock_iothread();
if (r == EXCP_DEBUG) {
cpu_handle_guest_debug(cpu);
@@ -1651,9 +1642,7 @@ static void *qemu_tcg_cpu_thread_fn(void *arg)
do {
if (cpu_can_run(cpu)) {
int r;
- qemu_mutex_unlock_iothread();
r = tcg_cpu_exec(cpu);
- qemu_mutex_lock_iothread();
switch (r) {
case EXCP_DEBUG:
cpu_handle_guest_debug(cpu);
@@ -1800,21 +1789,12 @@ void pause_all_vcpus(void)
}
}
- /* We need to drop the replay_lock so any vCPU threads woken up
- * can finish their replay tasks
- */
- replay_mutex_unlock();
-
while (!all_vcpus_paused()) {
qemu_cond_wait(&qemu_pause_cond, &qemu_global_mutex);
CPU_FOREACH(cpu) {
qemu_cpu_kick(cpu);
}
}
-
- qemu_mutex_unlock_iothread();
- replay_mutex_lock();
- qemu_mutex_lock_iothread();
}
void cpu_resume(CPUState *cpu)
diff --git a/docs/replay.txt b/docs/replay.txt
index 2e21e9ccb0..91875db3cd 100644
--- a/docs/replay.txt
+++ b/docs/replay.txt
@@ -68,28 +68,6 @@ Modifications of qemu include:
* block driver for making block layer deterministic
* serial port input record and replay
-Locking and thread synchronisation
-----------------------------------
-
-Previously the synchronisation of the main thread and the vCPU thread
-was ensured by the holding of the BQL. However the trend has been to
-reduce the time the BQL was held across the system including under TCG
-system emulation. As it is important that batches of events are kept
-in sequence (e.g. expiring timers and checkpoints in the main thread
-while instruction checkpoints are written by the vCPU thread) we need
-another lock to keep things in lock-step. This role is now handled by
-the replay_mutex_lock. It used to be held only for each event being
-written but now it is held for a whole execution period. This results
-in a deterministic ping-pong between the two main threads.
-
-As the BQL is now a finer grained lock than the replay_lock it is almost
-certainly a bug, and a source of deadlocks, to take the
-replay_mutex_lock while the BQL is held. This is enforced by an assert.
-While the unlocks are usually in the reverse order, this is not
-necessary; you can drop the replay_lock while holding the BQL, without
-doing a more complicated unlock_iothread/replay_unlock/lock_iothread
-sequence.
-
Non-deterministic events
------------------------
diff --git a/replay/replay-audio.c b/replay/replay-audio.c
index b113836de4..3d837434d4 100644
--- a/replay/replay-audio.c
+++ b/replay/replay-audio.c
@@ -19,17 +19,20 @@
void replay_audio_out(int *played)
{
if (replay_mode == REPLAY_MODE_RECORD) {
- g_assert(replay_mutex_locked());
replay_save_instructions();
+ replay_mutex_lock();
replay_put_event(EVENT_AUDIO_OUT);
replay_put_dword(*played);
+ replay_mutex_unlock();
} else if (replay_mode == REPLAY_MODE_PLAY) {
- g_assert(replay_mutex_locked());
replay_account_executed_instructions();
+ replay_mutex_lock();
if (replay_next_event_is(EVENT_AUDIO_OUT)) {
*played = replay_get_dword();
replay_finish_event();
+ replay_mutex_unlock();
} else {
+ replay_mutex_unlock();
error_report("Missing audio out event in the replay log");
abort();
}
@@ -41,8 +44,8 @@ void replay_audio_in(int *recorded, void *samples, int *wpos, int size)
int pos;
uint64_t left, right;
if (replay_mode == REPLAY_MODE_RECORD) {
- g_assert(replay_mutex_locked());
replay_save_instructions();
+ replay_mutex_lock();
replay_put_event(EVENT_AUDIO_IN);
replay_put_dword(*recorded);
replay_put_dword(*wpos);
@@ -52,9 +55,10 @@ void replay_audio_in(int *recorded, void *samples, int *wpos, int size)
replay_put_qword(left);
replay_put_qword(right);
}
+ replay_mutex_unlock();
} else if (replay_mode == REPLAY_MODE_PLAY) {
- g_assert(replay_mutex_locked());
replay_account_executed_instructions();
+ replay_mutex_lock();
if (replay_next_event_is(EVENT_AUDIO_IN)) {
*recorded = replay_get_dword();
*wpos = replay_get_dword();
@@ -65,7 +69,9 @@ void replay_audio_in(int *recorded, void *samples, int *wpos, int size)
audio_sample_from_uint64(samples, pos, left, right);
}
replay_finish_event();
+ replay_mutex_unlock();
} else {
+ replay_mutex_unlock();
error_report("Missing audio in event in the replay log");
abort();
}
diff --git a/replay/replay-char.c b/replay/replay-char.c
index 736cc8c2e6..cbf7c04a9f 100755
--- a/replay/replay-char.c
+++ b/replay/replay-char.c
@@ -96,24 +96,25 @@ void *replay_event_char_read_load(void)
void replay_char_write_event_save(int res, int offset)
{
- g_assert(replay_mutex_locked());
-
replay_save_instructions();
+ replay_mutex_lock();
replay_put_event(EVENT_CHAR_WRITE);
replay_put_dword(res);
replay_put_dword(offset);
+ replay_mutex_unlock();
}
void replay_char_write_event_load(int *res, int *offset)
{
- g_assert(replay_mutex_locked());
-
replay_account_executed_instructions();
+ replay_mutex_lock();
if (replay_next_event_is(EVENT_CHAR_WRITE)) {
*res = replay_get_dword();
*offset = replay_get_dword();
replay_finish_event();
+ replay_mutex_unlock();
} else {
+ replay_mutex_unlock();
error_report("Missing character write event in the replay log");
exit(1);
}
@@ -121,21 +122,23 @@ void replay_char_write_event_load(int *res, int *offset)
int replay_char_read_all_load(uint8_t *buf)
{
- g_assert(replay_mutex_locked());
-
+ replay_mutex_lock();
if (replay_next_event_is(EVENT_CHAR_READ_ALL)) {
size_t size;
int res;
replay_get_array(buf, &size);
replay_finish_event();
+ replay_mutex_unlock();
res = (int)size;
assert(res >= 0);
return res;
} else if (replay_next_event_is(EVENT_CHAR_READ_ALL_ERROR)) {
int res = replay_get_dword();
replay_finish_event();
+ replay_mutex_unlock();
return res;
} else {
+ replay_mutex_unlock();
error_report("Missing character read all event in the replay log");
exit(1);
}
@@ -143,17 +146,19 @@ int replay_char_read_all_load(uint8_t *buf)
void replay_char_read_all_save_error(int res)
{
- g_assert(replay_mutex_locked());
assert(res < 0);
replay_save_instructions();
+ replay_mutex_lock();
replay_put_event(EVENT_CHAR_READ_ALL_ERROR);
replay_put_dword(res);
+ replay_mutex_unlock();
}
void replay_char_read_all_save_buf(uint8_t *buf, int offset)
{
- g_assert(replay_mutex_locked());
replay_save_instructions();
+ replay_mutex_lock();
replay_put_event(EVENT_CHAR_READ_ALL);
replay_put_array(buf, offset);
+ replay_mutex_unlock();
}
diff --git a/replay/replay-events.c b/replay/replay-events.c
index fc7d458b90..75d7e09ccc 100644
--- a/replay/replay-events.c
+++ b/replay/replay-events.c
@@ -75,14 +75,16 @@ bool replay_has_events(void)
void replay_flush_events(void)
{
- g_assert(replay_mutex_locked());
-
+ replay_mutex_lock();
while (!QTAILQ_EMPTY(&events_list)) {
Event *event = QTAILQ_FIRST(&events_list);
+ replay_mutex_unlock();
replay_run_event(event);
+ replay_mutex_lock();
QTAILQ_REMOVE(&events_list, event, events);
g_free(event);
}
+ replay_mutex_unlock();
}
void replay_disable_events(void)
@@ -96,14 +98,14 @@ void replay_disable_events(void)
void replay_clear_events(void)
{
- g_assert(replay_mutex_locked());
-
+ replay_mutex_lock();
while (!QTAILQ_EMPTY(&events_list)) {
Event *event = QTAILQ_FIRST(&events_list);
QTAILQ_REMOVE(&events_list, event, events);
g_free(event);
}
+ replay_mutex_unlock();
}
/*! Adds specified async event to the queue */
@@ -130,8 +132,9 @@ void replay_add_event(ReplayAsyncEventKind event_kind,
event->opaque2 = opaque2;
event->id = id;
- g_assert(replay_mutex_locked());
+ replay_mutex_lock();
QTAILQ_INSERT_TAIL(&events_list, event, events);
+ replay_mutex_unlock();
}
void replay_bh_schedule_event(QEMUBH *bh)
@@ -200,11 +203,13 @@ static void replay_save_event(Event *event, int checkpoint)
/* Called with replay mutex locked */
void replay_save_events(int checkpoint)
{
- g_assert(replay_mutex_locked());
while (!QTAILQ_EMPTY(&events_list)) {
Event *event = QTAILQ_FIRST(&events_list);
replay_save_event(event, checkpoint);
+
+ replay_mutex_unlock();
replay_run_event(event);
+ replay_mutex_lock();
QTAILQ_REMOVE(&events_list, event, events);
g_free(event);
}
@@ -285,7 +290,6 @@ static Event *replay_read_event(int checkpoint)
/* Called with replay mutex locked */
void replay_read_events(int checkpoint)
{
- g_assert(replay_mutex_locked());
while (replay_state.data_kind == EVENT_ASYNC) {
Event *event = replay_read_event(checkpoint);
if (!event) {
@@ -294,6 +298,7 @@ void replay_read_events(int checkpoint)
replay_finish_event();
replay_state.read_event_kind = -1;
replay_run_event(event);
+ replay_mutex_lock();
g_free(event);
}
diff --git a/replay/replay-internal.c b/replay/replay-internal.c
index 8e7474f787..fa7bba6dfd 100644
--- a/replay/replay-internal.c
+++ b/replay/replay-internal.c
@@ -174,9 +174,6 @@ static __thread bool replay_locked;
void replay_mutex_init(void)
{
qemu_mutex_init(&lock);
- /* Hold the mutex while we start-up */
- qemu_mutex_lock(&lock);
- replay_locked = true;
}
bool replay_mutex_locked(void)
@@ -184,31 +181,25 @@ bool replay_mutex_locked(void)
return replay_locked;
}
-/* Ordering constraints, replay_lock must be taken before BQL */
void replay_mutex_lock(void)
{
- if (replay_mode != REPLAY_MODE_NONE) {
- g_assert(!qemu_mutex_iothread_locked());
- g_assert(!replay_mutex_locked());
- qemu_mutex_lock(&lock);
- replay_locked = true;
- }
+ g_assert(!replay_mutex_locked());
+ qemu_mutex_lock(&lock);
+ replay_locked = true;
}
void replay_mutex_unlock(void)
{
- if (replay_mode != REPLAY_MODE_NONE) {
- g_assert(replay_mutex_locked());
- replay_locked = false;
- qemu_mutex_unlock(&lock);
- }
+ g_assert(replay_mutex_locked());
+ replay_locked = false;
+ qemu_mutex_unlock(&lock);
}
/*! Saves cached instructions. */
void replay_save_instructions(void)
{
if (replay_file && replay_mode == REPLAY_MODE_RECORD) {
- g_assert(replay_mutex_locked());
+ replay_mutex_lock();
int diff = (int)(replay_get_current_step() - replay_state.current_step);
/* Time can only go forward */
@@ -219,5 +210,6 @@ void replay_save_instructions(void)
replay_put_dword(diff);
replay_state.current_step += diff;
}
+ replay_mutex_unlock();
}
}
diff --git a/replay/replay-time.c b/replay/replay-time.c
index 6a7565ec8d..f70382a88f 100644
--- a/replay/replay-time.c
+++ b/replay/replay-time.c
@@ -17,13 +17,13 @@
int64_t replay_save_clock(ReplayClockKind kind, int64_t clock)
{
+ replay_save_instructions();
if (replay_file) {
- g_assert(replay_mutex_locked());
-
- replay_save_instructions();
+ replay_mutex_lock();
replay_put_event(EVENT_CLOCK + kind);
replay_put_qword(clock);
+ replay_mutex_unlock();
}
return clock;
@@ -46,16 +46,16 @@ void replay_read_next_clock(ReplayClockKind kind)
/*! Reads next clock event from the input. */
int64_t replay_read_clock(ReplayClockKind kind)
{
- g_assert(replay_file && replay_mutex_locked());
-
replay_account_executed_instructions();
if (replay_file) {
int64_t ret;
+ replay_mutex_lock();
if (replay_next_event_is(EVENT_CLOCK + kind)) {
replay_read_next_clock(kind);
}
ret = replay_state.cached_clock[kind];
+ replay_mutex_unlock();
return ret;
}
diff --git a/replay/replay.c b/replay/replay.c
index 90f98b7490..5d05ee0460 100644
--- a/replay/replay.c
+++ b/replay/replay.c
@@ -81,7 +81,7 @@ int replay_get_instructions(void)
void replay_account_executed_instructions(void)
{
if (replay_mode == REPLAY_MODE_PLAY) {
- g_assert(replay_mutex_locked());
+ replay_mutex_lock();
if (replay_state.instructions_count > 0) {
int count = (int)(replay_get_current_step()
- replay_state.current_step);
@@ -100,22 +100,24 @@ void replay_account_executed_instructions(void)
qemu_notify_event();
}
}
+ replay_mutex_unlock();
}
}
bool replay_exception(void)
{
-
if (replay_mode == REPLAY_MODE_RECORD) {
- g_assert(replay_mutex_locked());
replay_save_instructions();
+ replay_mutex_lock();
replay_put_event(EVENT_EXCEPTION);
+ replay_mutex_unlock();
return true;
} else if (replay_mode == REPLAY_MODE_PLAY) {
- g_assert(replay_mutex_locked());
bool res = replay_has_exception();
if (res) {
+ replay_mutex_lock();
replay_finish_event();
+ replay_mutex_unlock();
}
return res;
}
@@ -127,9 +129,10 @@ bool replay_has_exception(void)
{
bool res = false;
if (replay_mode == REPLAY_MODE_PLAY) {
- g_assert(replay_mutex_locked());
replay_account_executed_instructions();
+ replay_mutex_lock();
res = replay_next_event_is(EVENT_EXCEPTION);
+ replay_mutex_unlock();
}
return res;
@@ -138,15 +141,17 @@ bool replay_has_exception(void)
bool replay_interrupt(void)
{
if (replay_mode == REPLAY_MODE_RECORD) {
- g_assert(replay_mutex_locked());
replay_save_instructions();
+ replay_mutex_lock();
replay_put_event(EVENT_INTERRUPT);
+ replay_mutex_unlock();
return true;
} else if (replay_mode == REPLAY_MODE_PLAY) {
- g_assert(replay_mutex_locked());
bool res = replay_has_interrupt();
if (res) {
+ replay_mutex_lock();
replay_finish_event();
+ replay_mutex_unlock();
}
return res;
}
@@ -158,9 +163,10 @@ bool replay_has_interrupt(void)
{
bool res = false;
if (replay_mode == REPLAY_MODE_PLAY) {
- g_assert(replay_mutex_locked());
replay_account_executed_instructions();
+ replay_mutex_lock();
res = replay_next_event_is(EVENT_INTERRUPT);
+ replay_mutex_unlock();
}
return res;
}
@@ -168,8 +174,9 @@ bool replay_has_interrupt(void)
void replay_shutdown_request(ShutdownCause cause)
{
if (replay_mode == REPLAY_MODE_RECORD) {
- g_assert(replay_mutex_locked());
+ replay_mutex_lock();
replay_put_event(EVENT_SHUTDOWN + cause);
+ replay_mutex_unlock();
}
}
@@ -183,9 +190,9 @@ bool replay_checkpoint(ReplayCheckpoint checkpoint)
return true;
}
+ replay_mutex_lock();
if (replay_mode == REPLAY_MODE_PLAY) {
- g_assert(replay_mutex_locked());
if (replay_next_event_is(EVENT_CHECKPOINT + checkpoint)) {
replay_finish_event();
} else if (replay_state.data_kind != EVENT_ASYNC) {
@@ -198,12 +205,12 @@ bool replay_checkpoint(ReplayCheckpoint checkpoint)
checkpoint were processed */
res = replay_state.data_kind != EVENT_ASYNC;
} else if (replay_mode == REPLAY_MODE_RECORD) {
- g_assert(replay_mutex_locked());
replay_put_event(EVENT_CHECKPOINT + checkpoint);
replay_save_events(checkpoint);
res = true;
}
out:
+ replay_mutex_unlock();
return res;
}
@@ -226,6 +233,8 @@ static void replay_enable(const char *fname, int mode)
atexit(replay_finish);
+ replay_mutex_init();
+
replay_file = fopen(fname, fmode);
if (replay_file == NULL) {
fprintf(stderr, "Replay: open %s: %s\n", fname, strerror(errno));
@@ -233,9 +242,8 @@ static void replay_enable(const char *fname, int mode)
}
replay_filename = g_strdup(fname);
- replay_mode = mode;
- replay_mutex_init();
+ replay_mode = mode;
replay_state.data_kind = -1;
replay_state.instructions_count = 0;
replay_state.current_step = 0;
diff --git a/util/main-loop.c b/util/main-loop.c
index 992f9b0f34..7558eb5f53 100644
--- a/util/main-loop.c
+++ b/util/main-loop.c
@@ -29,7 +29,6 @@
#include "qemu/sockets.h" // struct in_addr needed for libslirp.h
#include "sysemu/qtest.h"
#include "sysemu/cpus.h"
-#include "sysemu/replay.h"
#include "slirp/libslirp.h"
#include "qemu/main-loop.h"
#include "block/aio.h"
@@ -246,19 +245,18 @@ static int os_host_main_loop_wait(int64_t timeout)
timeout = SCALE_MS;
}
-
if (timeout) {
spin_counter = 0;
+ qemu_mutex_unlock_iothread();
} else {
spin_counter++;
}
- qemu_mutex_unlock_iothread();
- replay_mutex_unlock();
ret = qemu_poll_ns((GPollFD *)gpollfds->data, gpollfds->len, timeout);
- replay_mutex_lock();
- qemu_mutex_lock_iothread();
+ if (timeout) {
+ qemu_mutex_lock_iothread();
+ }
glib_pollfds_poll();
@@ -465,13 +463,8 @@ static int os_host_main_loop_wait(int64_t timeout)
poll_timeout_ns = qemu_soonest_timeout(poll_timeout_ns, timeout);
qemu_mutex_unlock_iothread();
-
- replay_mutex_unlock();
-
g_poll_ret = qemu_poll_ns(poll_fds, n_poll_fds + w->num, poll_timeout_ns);
- replay_mutex_lock();
-
qemu_mutex_lock_iothread();
if (g_poll_ret > 0) {
for (i = 0; i < w->num; i++) {
diff --git a/vl.c b/vl.c
index c00a250831..7b55c5ae7f 100644
--- a/vl.c
+++ b/vl.c
@@ -3066,7 +3066,6 @@ int main(int argc, char **argv, char **envp)
qemu_init_cpu_list();
qemu_init_cpu_loop();
-
qemu_mutex_lock_iothread();
/*

View File

@ -1,3 +1,44 @@
-------------------------------------------------------------------
Fri May 25 15:13:19 UTC 2018 - brogers@suse.com
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.12
* Patches added:
0062-i386-define-the-ssbd-CPUID-feature-.patch
0063-i386-Define-the-Virt-SSBD-MSR-and-h.patch
0064-i386-define-the-AMD-virt-ssbd-CPUID.patch
0065-Revert-replay-don-t-process-async-e.patch
0066-Revert-replay-avoid-recursive-call-.patch
0067-Revert-replay-check-return-values-o.patch
0068-Revert-replay-push-replay_mutex_loc.patch
-------------------------------------------------------------------
Thu May 17 13:28:41 UTC 2018 - brogers@suse.com
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.12
* Patches added:
0040-device_tree-Increase-FDT_MAX_SIZE-t.patch
0041-vnc-fix-use-after-free.patch
0042-ccid-Fix-dwProtocols-advertisement-.patch
0043-tcg-arm-Fix-memory-barrier-encoding.patch
0044-s390-ccw-force-diag-308-subcode-to-.patch
0045-nbd-client-fix-nbd_negotiate_simple.patch
0046-migration-block-dirty-bitmap-fix-me.patch
0047-nbd-client-Fix-error-messages-durin.patch
0048-nbd-client-Relax-handling-of-large-.patch
0049-qxl-fix-local-renderer-crash.patch
0050-tcg-Limit-the-number-of-ops-in-a-TB.patch
0051-target-arm-Clear-SVE-high-bits-for-.patch
0052-cpus-tcg-fix-never-exiting-loop-on-.patch
0053-s390x-css-disabled-subchannels-cann.patch
0054-pc-bios-s390-ccw-struct-tpi_info-mu.patch
0055-virtio-ccw-common-reset-handler.patch
0056-s390x-ccw-make-sure-all-ccw-devices.patch
0057-blockjob-expose-error-string-via-qu.patch
0058-blockjob-Fix-assertion-in-block_job.patch
0059-qemu-io-Use-purely-string-blockdev-.patch
0060-qemu-img-Use-only-string-options-in.patch
0061-nfs-Remove-processed-options-from-Q.patch
-------------------------------------------------------------------
Fri Apr 27 20:54:16 UTC 2018 - brogers@suse.com

View File

@ -65,6 +65,35 @@ Patch0036: 0036-Remove-problematic-evdev-86-key-fro.patch
Patch0037: 0037-configure-Modify-python-used-for-io.patch
Patch0038: 0038-qemu-io-tests-comment-out-problemat.patch
Patch0039: 0039-tests-test-thread-pool-is-racy-add-.patch
Patch0040: 0040-device_tree-Increase-FDT_MAX_SIZE-t.patch
Patch0041: 0041-vnc-fix-use-after-free.patch
Patch0042: 0042-ccid-Fix-dwProtocols-advertisement-.patch
Patch0043: 0043-tcg-arm-Fix-memory-barrier-encoding.patch
Patch0044: 0044-s390-ccw-force-diag-308-subcode-to-.patch
Patch0045: 0045-nbd-client-fix-nbd_negotiate_simple.patch
Patch0046: 0046-migration-block-dirty-bitmap-fix-me.patch
Patch0047: 0047-nbd-client-Fix-error-messages-durin.patch
Patch0048: 0048-nbd-client-Relax-handling-of-large-.patch
Patch0049: 0049-qxl-fix-local-renderer-crash.patch
Patch0050: 0050-tcg-Limit-the-number-of-ops-in-a-TB.patch
Patch0051: 0051-target-arm-Clear-SVE-high-bits-for-.patch
Patch0052: 0052-cpus-tcg-fix-never-exiting-loop-on-.patch
Patch0053: 0053-s390x-css-disabled-subchannels-cann.patch
Patch0054: 0054-pc-bios-s390-ccw-struct-tpi_info-mu.patch
Patch0055: 0055-virtio-ccw-common-reset-handler.patch
Patch0056: 0056-s390x-ccw-make-sure-all-ccw-devices.patch
Patch0057: 0057-blockjob-expose-error-string-via-qu.patch
Patch0058: 0058-blockjob-Fix-assertion-in-block_job.patch
Patch0059: 0059-qemu-io-Use-purely-string-blockdev-.patch
Patch0060: 0060-qemu-img-Use-only-string-options-in.patch
Patch0061: 0061-nfs-Remove-processed-options-from-Q.patch
Patch0062: 0062-i386-define-the-ssbd-CPUID-feature-.patch
Patch0063: 0063-i386-Define-the-Virt-SSBD-MSR-and-h.patch
Patch0064: 0064-i386-define-the-AMD-virt-ssbd-CPUID.patch
Patch0065: 0065-Revert-replay-don-t-process-async-e.patch
Patch0066: 0066-Revert-replay-avoid-recursive-call-.patch
Patch0067: 0067-Revert-replay-check-return-values-o.patch
Patch0068: 0068-Revert-replay-push-replay_mutex_loc.patch
# Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue.
Source400: update_git.sh
@ -137,6 +166,35 @@ syscall layer occurs on the native hardware and operating system.
%patch0037 -p1
%patch0038 -p1
%patch0039 -p1
%patch0040 -p1
%patch0041 -p1
%patch0042 -p1
%patch0043 -p1
%patch0044 -p1
%patch0045 -p1
%patch0046 -p1
%patch0047 -p1
%patch0048 -p1
%patch0049 -p1
%patch0050 -p1
%patch0051 -p1
%patch0052 -p1
%patch0053 -p1
%patch0054 -p1
%patch0055 -p1
%patch0056 -p1
%patch0057 -p1
%patch0058 -p1
%patch0059 -p1
%patch0060 -p1
%patch0061 -p1
%patch0062 -p1
%patch0063 -p1
%patch0064 -p1
%patch0065 -p1
%patch0066 -p1
%patch0067 -p1
%patch0068 -p1
%build
./configure \
@ -261,7 +319,8 @@ install -m 755 scripts/qemu-binfmt-conf.sh %{buildroot}%_sbindir
%files
%defattr(-, root, root)
%doc COPYING COPYING.LIB COPYING.PYTHON Changelog README VERSION LICENSE
%doc Changelog README VERSION
%license COPYING COPYING.LIB COPYING.PYTHON LICENSE
%_bindir/qemu-aarch64
%_bindir/qemu-aarch64_be
%_bindir/qemu-alpha

View File

@ -185,7 +185,8 @@ install -m 755 scripts/qemu-binfmt-conf.sh %{buildroot}%_sbindir
%files
%defattr(-, root, root)
%doc COPYING COPYING.LIB COPYING.PYTHON Changelog README VERSION LICENSE
%doc Changelog README VERSION
%license COPYING COPYING.LIB COPYING.PYTHON LICENSE
%_bindir/qemu-aarch64
%_bindir/qemu-aarch64_be
%_bindir/qemu-alpha

View File

@ -1,3 +1,68 @@
-------------------------------------------------------------------
Fri May 25 15:13:16 UTC 2018 - brogers@suse.com
- Spectre v4 vulnerability mitigation support for KVM guests.
High level description of vulnerability: Systems with microprocessors
utilizing speculative execution and speculative execution of memory
reads before the addresses of all prior memory writes are known may
allow unauthorized disclosure of information to an attacker with
local user access via a side-channel analysis.
This change permits the new x86 cpu feature flag named "ssbd" to be
presented to the guest, given that the host has this feature, and
KVM exposes it to the guest as well.
For this feature to be enabled, via adding it to the qemu commandline
(eg: -cpu <model>,+spec-ctrl,+ssbd), so the guest OS can take advantage
of the feature, spec-ctrl and ssbd support is also required in the host.
Another new x86 cpu feature flag named "virt-ssbd" is also added to
handle this vulnerability for AMD processors.
(CVE-2018-3639 bsc#1092885)
0062-i386-define-the-ssbd-CPUID-feature-.patch
0063-i386-Define-the-Virt-SSBD-MSR-and-h.patch
0064-i386-define-the-AMD-virt-ssbd-CPUID.patch
- Replay code introduced an issue for AHCI emulation, where on Windows 10
I/O would stop randomly, and Windows would then reset the AHCI device.
The issue is not yet fully identified, but reverting some of those
changes is at least for now a workaround. (bsc#1094406)
0065-Revert-replay-don-t-process-async-e.patch
0066-Revert-replay-avoid-recursive-call-.patch
0067-Revert-replay-check-return-values-o.patch
0068-Revert-replay-push-replay_mutex_loc.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.12
-------------------------------------------------------------------
Thu May 17 13:28:37 UTC 2018 - brogers@suse.com
- Add some upstream fixes targeted for the next stable release
0040-device_tree-Increase-FDT_MAX_SIZE-t.patch
0041-vnc-fix-use-after-free.patch
0042-ccid-Fix-dwProtocols-advertisement-.patch
0043-tcg-arm-Fix-memory-barrier-encoding.patch
0044-s390-ccw-force-diag-308-subcode-to-.patch
0045-nbd-client-fix-nbd_negotiate_simple.patch
0046-migration-block-dirty-bitmap-fix-me.patch
0047-nbd-client-Fix-error-messages-durin.patch
0048-nbd-client-Relax-handling-of-large-.patch
0049-qxl-fix-local-renderer-crash.patch
0050-tcg-Limit-the-number-of-ops-in-a-TB.patch
0051-target-arm-Clear-SVE-high-bits-for-.patch
0052-cpus-tcg-fix-never-exiting-loop-on-.patch
0053-s390x-css-disabled-subchannels-cann.patch
0054-pc-bios-s390-ccw-struct-tpi_info-mu.patch
0055-virtio-ccw-common-reset-handler.patch
0056-s390x-ccw-make-sure-all-ccw-devices.patch
0057-blockjob-expose-error-string-via-qu.patch
0058-blockjob-Fix-assertion-in-block_job.patch
0059-qemu-io-Use-purely-string-blockdev-.patch
0060-qemu-img-Use-only-string-options-in.patch
0061-nfs-Remove-processed-options-from-Q.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.12
-------------------------------------------------------------------
Wed May 16 21:49:16 UTC 2018 - brogers@suse.com
- Fix qemu-guest-agent uninstall (bsc#1093169)
- Minor tweak to qemu spec file
-------------------------------------------------------------------
Fri Apr 27 20:54:01 UTC 2018 - brogers@suse.com

View File

@ -169,6 +169,35 @@ Patch0036: 0036-Remove-problematic-evdev-86-key-fro.patch
Patch0037: 0037-configure-Modify-python-used-for-io.patch
Patch0038: 0038-qemu-io-tests-comment-out-problemat.patch
Patch0039: 0039-tests-test-thread-pool-is-racy-add-.patch
Patch0040: 0040-device_tree-Increase-FDT_MAX_SIZE-t.patch
Patch0041: 0041-vnc-fix-use-after-free.patch
Patch0042: 0042-ccid-Fix-dwProtocols-advertisement-.patch
Patch0043: 0043-tcg-arm-Fix-memory-barrier-encoding.patch
Patch0044: 0044-s390-ccw-force-diag-308-subcode-to-.patch
Patch0045: 0045-nbd-client-fix-nbd_negotiate_simple.patch
Patch0046: 0046-migration-block-dirty-bitmap-fix-me.patch
Patch0047: 0047-nbd-client-Fix-error-messages-durin.patch
Patch0048: 0048-nbd-client-Relax-handling-of-large-.patch
Patch0049: 0049-qxl-fix-local-renderer-crash.patch
Patch0050: 0050-tcg-Limit-the-number-of-ops-in-a-TB.patch
Patch0051: 0051-target-arm-Clear-SVE-high-bits-for-.patch
Patch0052: 0052-cpus-tcg-fix-never-exiting-loop-on-.patch
Patch0053: 0053-s390x-css-disabled-subchannels-cann.patch
Patch0054: 0054-pc-bios-s390-ccw-struct-tpi_info-mu.patch
Patch0055: 0055-virtio-ccw-common-reset-handler.patch
Patch0056: 0056-s390x-ccw-make-sure-all-ccw-devices.patch
Patch0057: 0057-blockjob-expose-error-string-via-qu.patch
Patch0058: 0058-blockjob-Fix-assertion-in-block_job.patch
Patch0059: 0059-qemu-io-Use-purely-string-blockdev-.patch
Patch0060: 0060-qemu-img-Use-only-string-options-in.patch
Patch0061: 0061-nfs-Remove-processed-options-from-Q.patch
Patch0062: 0062-i386-define-the-ssbd-CPUID-feature-.patch
Patch0063: 0063-i386-Define-the-Virt-SSBD-MSR-and-h.patch
Patch0064: 0064-i386-define-the-AMD-virt-ssbd-CPUID.patch
Patch0065: 0065-Revert-replay-don-t-process-async-e.patch
Patch0066: 0066-Revert-replay-avoid-recursive-call-.patch
Patch0067: 0067-Revert-replay-check-return-values-o.patch
Patch0068: 0068-Revert-replay-push-replay_mutex_loc.patch
# Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue.
@ -342,30 +371,30 @@ BuildRequires: zlib-devel
BuildRequires: python-base
%endif
BuildRequires: bc
BuildRequires: qemu-arm = %version
BuildRequires: qemu-block-curl = %version
BuildRequires: qemu-block-dmg = %version
BuildRequires: qemu-extra = %version
BuildRequires: qemu-guest-agent = %version
BuildRequires: qemu-ppc = %version
BuildRequires: qemu-s390 = %version
BuildRequires: qemu-tools = %version
BuildRequires: qemu-ui-curses = %version
BuildRequires: qemu-ui-gtk = %version
BuildRequires: qemu-arm = %{version}
BuildRequires: qemu-block-curl = %{version}
BuildRequires: qemu-block-dmg = %{version}
BuildRequires: qemu-extra = %{version}
BuildRequires: qemu-guest-agent = %{version}
BuildRequires: qemu-ppc = %{version}
BuildRequires: qemu-s390 = %{version}
BuildRequires: qemu-tools = %{version}
BuildRequires: qemu-ui-curses = %{version}
BuildRequires: qemu-ui-gtk = %{version}
%if 0%{?is_opensuse}
BuildRequires: qemu-ui-sdl = %version
BuildRequires: qemu-ui-sdl = %{version}
%endif
BuildRequires: qemu-x86 = %version
BuildRequires: qemu-x86 = %{version}
%if 0%{?with_glusterfs}
BuildRequires: qemu-block-gluster = %version
BuildRequires: qemu-block-gluster = %{version}
%endif
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
BuildRequires: qemu-block-iscsi = %version
BuildRequires: qemu-block-iscsi = %{version}
%endif
%if 0%{?with_rbd}
BuildRequires: qemu-block-rbd = %version
BuildRequires: qemu-block-rbd = %{version}
%endif
BuildRequires: qemu-block-ssh = %version
BuildRequires: qemu-block-ssh = %{version}
%endif
Requires(pre): shadow
Requires(post): coreutils
@ -487,7 +516,7 @@ This package acts as an umbrella package to the other QEMU sub-packages.
%package x86
Summary: Machine emulator and virtualizer for x86 architectures
Group: System/Emulators/PC
Requires: qemu = %version
Requires: qemu = %{version}
Requires: qemu-ipxe
Requires: qemu-seabios
Requires: qemu-sgabios
@ -507,7 +536,7 @@ This package provides i386 and x86_64 emulation.
%package ppc
Summary: Machine emulator and virtualizer for Power architectures
Group: System/Emulators/PC
Requires: qemu = %version
Requires: qemu = %{version}
Recommends: qemu-ipxe
Recommends: qemu-vgabios
@ -523,7 +552,7 @@ This package provides ppc and ppc64 emulation.
%package s390
Summary: Machine emulator and virtualizer for S/390 architectures
Group: System/Emulators/PC
Requires: qemu = %version
Requires: qemu = %{version}
%description s390
QEMU provides full machine emulation and cross architecture usage. It closely
@ -537,7 +566,7 @@ This package provides s390x emulation.
%package arm
Summary: Machine emulator and virtualizer for ARM architectures
Group: System/Emulators/PC
Requires: qemu = %version
Requires: qemu = %{version}
Recommends: qemu-ipxe
Recommends: qemu-vgabios
Recommends: ovmf
@ -555,7 +584,7 @@ This package provides arm emulation.
%package extra
Summary: Machine emulator and virtualizer for "extra" architectures
Group: System/Emulators/PC
Requires: qemu = %version
Requires: qemu = %{version}
Recommends: qemu-ipxe
Recommends: qemu-vgabios
@ -576,13 +605,13 @@ Url: http://www.linux-kvm.org
Summary: Wrapper to enable KVM acceleration under QEMU
Group: System/Emulators/PC
%ifarch %ix86 x86_64
Requires: qemu-x86 = %version
Requires: qemu-x86 = %{version}
%endif
%ifarch s390x
Requires: qemu-s390 = %version
Requires: qemu-s390 = %{version}
%endif
Provides: kvm = %version
Obsoletes: kvm < %version
Provides: kvm = %{version}
Obsoletes: kvm < %{version}
%description kvm
QEMU provides full machine emulation and cross architecture usage. It closely
@ -612,10 +641,10 @@ in QEMU are not localized.
# Nor can we have modules require the right version of qemu and qemu-tools
# as Xen reuses our qemu-tools but does not want our qemu and qemu-x86.
%define qemu_module_conflicts \
Conflicts: qemu < %version-%release \
Conflicts: qemu > %version-%release \
Conflicts: qemu-tools < %version-%release \
Conflicts: qemu-tools > %version-%release
Conflicts: qemu < %{version}-%{release} \
Conflicts: qemu > %{version}-%{release} \
Conflicts: qemu-tools < %{version}-%{release} \
Conflicts: qemu-tools > %{version}-%{release}
%package block-curl
Summary: cURL block support for QEMU
@ -876,6 +905,35 @@ This package provides a service file for starting and stopping KSM.
%patch0037 -p1
%patch0038 -p1
%patch0039 -p1
%patch0040 -p1
%patch0041 -p1
%patch0042 -p1
%patch0043 -p1
%patch0044 -p1
%patch0045 -p1
%patch0046 -p1
%patch0047 -p1
%patch0048 -p1
%patch0049 -p1
%patch0050 -p1
%patch0051 -p1
%patch0052 -p1
%patch0053 -p1
%patch0054 -p1
%patch0055 -p1
%patch0056 -p1
%patch0057 -p1
%patch0058 -p1
%patch0059 -p1
%patch0060 -p1
%patch0061 -p1
%patch0062 -p1
%patch0063 -p1
%patch0064 -p1
%patch0065 -p1
%patch0066 -p1
%patch0067 -p1
%patch0068 -p1
%if 0%{?suse_version} > 1320
%patch1000 -p1
@ -1327,15 +1385,17 @@ fi
%{_bindir}/getent group kvm >/dev/null || %{_sbindir}/groupadd -r kvm
%service_add_pre qemu-ga@.service
%preun guest-agent
%service_del_preun qemu-ga@.service
%post guest-agent
%service_add_post qemu-ga@.service
if [ -e /dev/virtio-ports/org.qemu.guest_agent.0 ]; then
/usr/bin/systemctl start qemu-ga@virtio\\x2dports-org.qemu.guest_agent.0.service || :
fi
%preun guest-agent
if [ -e /dev/virtio-ports/org.qemu.guest_agent.0 ]; then
/usr/bin/systemctl stop qemu-ga@virtio\\x2dports-org.qemu.guest_agent.0.service || :
fi
%postun guest-agent
%service_del_postun qemu-ga@.service
@ -1358,7 +1418,8 @@ fi
%files
%defattr(-, root, root)
%if "%{name}" != "qemu-testsuite"
%doc COPYING COPYING.LIB COPYING.PYTHON Changelog README VERSION LICENSE
%doc Changelog README VERSION
%license COPYING COPYING.LIB COPYING.PYTHON LICENSE
%_docdir/%name/qemu-doc.txt
%_docdir/%name/qemu-doc.html
%_docdir/%name/qemu-qmp-ref.txt

View File

@ -1,3 +1,68 @@
-------------------------------------------------------------------
Fri May 25 15:13:16 UTC 2018 - brogers@suse.com
- Spectre v4 vulnerability mitigation support for KVM guests.
High level description of vulnerability: Systems with microprocessors
utilizing speculative execution and speculative execution of memory
reads before the addresses of all prior memory writes are known may
allow unauthorized disclosure of information to an attacker with
local user access via a side-channel analysis.
This change permits the new x86 cpu feature flag named "ssbd" to be
presented to the guest, given that the host has this feature, and
KVM exposes it to the guest as well.
For this feature to be enabled, via adding it to the qemu commandline
(eg: -cpu <model>,+spec-ctrl,+ssbd), so the guest OS can take advantage
of the feature, spec-ctrl and ssbd support is also required in the host.
Another new x86 cpu feature flag named "virt-ssbd" is also added to
handle this vulnerability for AMD processors.
(CVE-2018-3639 bsc#1092885)
0062-i386-define-the-ssbd-CPUID-feature-.patch
0063-i386-Define-the-Virt-SSBD-MSR-and-h.patch
0064-i386-define-the-AMD-virt-ssbd-CPUID.patch
- Replay code introduced an issue for AHCI emulation, where on Windows 10
I/O would stop randomly, and Windows would then reset the AHCI device.
The issue is not yet fully identified, but reverting some of those
changes is at least for now a workaround. (bsc#1094406)
0065-Revert-replay-don-t-process-async-e.patch
0066-Revert-replay-avoid-recursive-call-.patch
0067-Revert-replay-check-return-values-o.patch
0068-Revert-replay-push-replay_mutex_loc.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.12
-------------------------------------------------------------------
Thu May 17 13:28:37 UTC 2018 - brogers@suse.com
- Add some upstream fixes targeted for the next stable release
0040-device_tree-Increase-FDT_MAX_SIZE-t.patch
0041-vnc-fix-use-after-free.patch
0042-ccid-Fix-dwProtocols-advertisement-.patch
0043-tcg-arm-Fix-memory-barrier-encoding.patch
0044-s390-ccw-force-diag-308-subcode-to-.patch
0045-nbd-client-fix-nbd_negotiate_simple.patch
0046-migration-block-dirty-bitmap-fix-me.patch
0047-nbd-client-Fix-error-messages-durin.patch
0048-nbd-client-Relax-handling-of-large-.patch
0049-qxl-fix-local-renderer-crash.patch
0050-tcg-Limit-the-number-of-ops-in-a-TB.patch
0051-target-arm-Clear-SVE-high-bits-for-.patch
0052-cpus-tcg-fix-never-exiting-loop-on-.patch
0053-s390x-css-disabled-subchannels-cann.patch
0054-pc-bios-s390-ccw-struct-tpi_info-mu.patch
0055-virtio-ccw-common-reset-handler.patch
0056-s390x-ccw-make-sure-all-ccw-devices.patch
0057-blockjob-expose-error-string-via-qu.patch
0058-blockjob-Fix-assertion-in-block_job.patch
0059-qemu-io-Use-purely-string-blockdev-.patch
0060-qemu-img-Use-only-string-options-in.patch
0061-nfs-Remove-processed-options-from-Q.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.12
-------------------------------------------------------------------
Wed May 16 21:49:16 UTC 2018 - brogers@suse.com
- Fix qemu-guest-agent uninstall (bsc#1093169)
- Minor tweak to qemu spec file
-------------------------------------------------------------------
Fri Apr 27 20:54:01 UTC 2018 - brogers@suse.com

127
qemu.spec
View File

@ -169,6 +169,35 @@ Patch0036: 0036-Remove-problematic-evdev-86-key-fro.patch
Patch0037: 0037-configure-Modify-python-used-for-io.patch
Patch0038: 0038-qemu-io-tests-comment-out-problemat.patch
Patch0039: 0039-tests-test-thread-pool-is-racy-add-.patch
Patch0040: 0040-device_tree-Increase-FDT_MAX_SIZE-t.patch
Patch0041: 0041-vnc-fix-use-after-free.patch
Patch0042: 0042-ccid-Fix-dwProtocols-advertisement-.patch
Patch0043: 0043-tcg-arm-Fix-memory-barrier-encoding.patch
Patch0044: 0044-s390-ccw-force-diag-308-subcode-to-.patch
Patch0045: 0045-nbd-client-fix-nbd_negotiate_simple.patch
Patch0046: 0046-migration-block-dirty-bitmap-fix-me.patch
Patch0047: 0047-nbd-client-Fix-error-messages-durin.patch
Patch0048: 0048-nbd-client-Relax-handling-of-large-.patch
Patch0049: 0049-qxl-fix-local-renderer-crash.patch
Patch0050: 0050-tcg-Limit-the-number-of-ops-in-a-TB.patch
Patch0051: 0051-target-arm-Clear-SVE-high-bits-for-.patch
Patch0052: 0052-cpus-tcg-fix-never-exiting-loop-on-.patch
Patch0053: 0053-s390x-css-disabled-subchannels-cann.patch
Patch0054: 0054-pc-bios-s390-ccw-struct-tpi_info-mu.patch
Patch0055: 0055-virtio-ccw-common-reset-handler.patch
Patch0056: 0056-s390x-ccw-make-sure-all-ccw-devices.patch
Patch0057: 0057-blockjob-expose-error-string-via-qu.patch
Patch0058: 0058-blockjob-Fix-assertion-in-block_job.patch
Patch0059: 0059-qemu-io-Use-purely-string-blockdev-.patch
Patch0060: 0060-qemu-img-Use-only-string-options-in.patch
Patch0061: 0061-nfs-Remove-processed-options-from-Q.patch
Patch0062: 0062-i386-define-the-ssbd-CPUID-feature-.patch
Patch0063: 0063-i386-Define-the-Virt-SSBD-MSR-and-h.patch
Patch0064: 0064-i386-define-the-AMD-virt-ssbd-CPUID.patch
Patch0065: 0065-Revert-replay-don-t-process-async-e.patch
Patch0066: 0066-Revert-replay-avoid-recursive-call-.patch
Patch0067: 0067-Revert-replay-check-return-values-o.patch
Patch0068: 0068-Revert-replay-push-replay_mutex_loc.patch
# Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue.
@ -342,30 +371,30 @@ BuildRequires: zlib-devel
BuildRequires: python-base
%endif
BuildRequires: bc
BuildRequires: qemu-arm = %version
BuildRequires: qemu-block-curl = %version
BuildRequires: qemu-block-dmg = %version
BuildRequires: qemu-extra = %version
BuildRequires: qemu-guest-agent = %version
BuildRequires: qemu-ppc = %version
BuildRequires: qemu-s390 = %version
BuildRequires: qemu-tools = %version
BuildRequires: qemu-ui-curses = %version
BuildRequires: qemu-ui-gtk = %version
BuildRequires: qemu-arm = %{version}
BuildRequires: qemu-block-curl = %{version}
BuildRequires: qemu-block-dmg = %{version}
BuildRequires: qemu-extra = %{version}
BuildRequires: qemu-guest-agent = %{version}
BuildRequires: qemu-ppc = %{version}
BuildRequires: qemu-s390 = %{version}
BuildRequires: qemu-tools = %{version}
BuildRequires: qemu-ui-curses = %{version}
BuildRequires: qemu-ui-gtk = %{version}
%if 0%{?is_opensuse}
BuildRequires: qemu-ui-sdl = %version
BuildRequires: qemu-ui-sdl = %{version}
%endif
BuildRequires: qemu-x86 = %version
BuildRequires: qemu-x86 = %{version}
%if 0%{?with_glusterfs}
BuildRequires: qemu-block-gluster = %version
BuildRequires: qemu-block-gluster = %{version}
%endif
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
BuildRequires: qemu-block-iscsi = %version
BuildRequires: qemu-block-iscsi = %{version}
%endif
%if 0%{?with_rbd}
BuildRequires: qemu-block-rbd = %version
BuildRequires: qemu-block-rbd = %{version}
%endif
BuildRequires: qemu-block-ssh = %version
BuildRequires: qemu-block-ssh = %{version}
%endif
Requires(pre): shadow
Requires(post): coreutils
@ -487,7 +516,7 @@ This package acts as an umbrella package to the other QEMU sub-packages.
%package x86
Summary: Machine emulator and virtualizer for x86 architectures
Group: System/Emulators/PC
Requires: qemu = %version
Requires: qemu = %{version}
Requires: qemu-ipxe
Requires: qemu-seabios
Requires: qemu-sgabios
@ -507,7 +536,7 @@ This package provides i386 and x86_64 emulation.
%package ppc
Summary: Machine emulator and virtualizer for Power architectures
Group: System/Emulators/PC
Requires: qemu = %version
Requires: qemu = %{version}
Recommends: qemu-ipxe
Recommends: qemu-vgabios
@ -523,7 +552,7 @@ This package provides ppc and ppc64 emulation.
%package s390
Summary: Machine emulator and virtualizer for S/390 architectures
Group: System/Emulators/PC
Requires: qemu = %version
Requires: qemu = %{version}
%description s390
QEMU provides full machine emulation and cross architecture usage. It closely
@ -537,7 +566,7 @@ This package provides s390x emulation.
%package arm
Summary: Machine emulator and virtualizer for ARM architectures
Group: System/Emulators/PC
Requires: qemu = %version
Requires: qemu = %{version}
Recommends: qemu-ipxe
Recommends: qemu-vgabios
Recommends: ovmf
@ -555,7 +584,7 @@ This package provides arm emulation.
%package extra
Summary: Machine emulator and virtualizer for "extra" architectures
Group: System/Emulators/PC
Requires: qemu = %version
Requires: qemu = %{version}
Recommends: qemu-ipxe
Recommends: qemu-vgabios
@ -576,13 +605,13 @@ Url: http://www.linux-kvm.org
Summary: Wrapper to enable KVM acceleration under QEMU
Group: System/Emulators/PC
%ifarch %ix86 x86_64
Requires: qemu-x86 = %version
Requires: qemu-x86 = %{version}
%endif
%ifarch s390x
Requires: qemu-s390 = %version
Requires: qemu-s390 = %{version}
%endif
Provides: kvm = %version
Obsoletes: kvm < %version
Provides: kvm = %{version}
Obsoletes: kvm < %{version}
%description kvm
QEMU provides full machine emulation and cross architecture usage. It closely
@ -612,10 +641,10 @@ in QEMU are not localized.
# Nor can we have modules require the right version of qemu and qemu-tools
# as Xen reuses our qemu-tools but does not want our qemu and qemu-x86.
%define qemu_module_conflicts \
Conflicts: qemu < %version-%release \
Conflicts: qemu > %version-%release \
Conflicts: qemu-tools < %version-%release \
Conflicts: qemu-tools > %version-%release
Conflicts: qemu < %{version}-%{release} \
Conflicts: qemu > %{version}-%{release} \
Conflicts: qemu-tools < %{version}-%{release} \
Conflicts: qemu-tools > %{version}-%{release}
%package block-curl
Summary: cURL block support for QEMU
@ -876,6 +905,35 @@ This package provides a service file for starting and stopping KSM.
%patch0037 -p1
%patch0038 -p1
%patch0039 -p1
%patch0040 -p1
%patch0041 -p1
%patch0042 -p1
%patch0043 -p1
%patch0044 -p1
%patch0045 -p1
%patch0046 -p1
%patch0047 -p1
%patch0048 -p1
%patch0049 -p1
%patch0050 -p1
%patch0051 -p1
%patch0052 -p1
%patch0053 -p1
%patch0054 -p1
%patch0055 -p1
%patch0056 -p1
%patch0057 -p1
%patch0058 -p1
%patch0059 -p1
%patch0060 -p1
%patch0061 -p1
%patch0062 -p1
%patch0063 -p1
%patch0064 -p1
%patch0065 -p1
%patch0066 -p1
%patch0067 -p1
%patch0068 -p1
%if 0%{?suse_version} > 1320
%patch1000 -p1
@ -1327,15 +1385,17 @@ fi
%{_bindir}/getent group kvm >/dev/null || %{_sbindir}/groupadd -r kvm
%service_add_pre qemu-ga@.service
%preun guest-agent
%service_del_preun qemu-ga@.service
%post guest-agent
%service_add_post qemu-ga@.service
if [ -e /dev/virtio-ports/org.qemu.guest_agent.0 ]; then
/usr/bin/systemctl start qemu-ga@virtio\\x2dports-org.qemu.guest_agent.0.service || :
fi
%preun guest-agent
if [ -e /dev/virtio-ports/org.qemu.guest_agent.0 ]; then
/usr/bin/systemctl stop qemu-ga@virtio\\x2dports-org.qemu.guest_agent.0.service || :
fi
%postun guest-agent
%service_del_postun qemu-ga@.service
@ -1358,7 +1418,8 @@ fi
%files
%defattr(-, root, root)
%if "%{name}" != "qemu-testsuite"
%doc COPYING COPYING.LIB COPYING.PYTHON Changelog README VERSION LICENSE
%doc Changelog README VERSION
%license COPYING COPYING.LIB COPYING.PYTHON LICENSE
%_docdir/%name/qemu-doc.txt
%_docdir/%name/qemu-doc.html
%_docdir/%name/qemu-qmp-ref.txt

View File

@ -305,30 +305,30 @@ BuildRequires: zlib-devel
BuildRequires: python-base
%endif
BuildRequires: bc
BuildRequires: qemu-arm = %version
BuildRequires: qemu-block-curl = %version
BuildRequires: qemu-block-dmg = %version
BuildRequires: qemu-extra = %version
BuildRequires: qemu-guest-agent = %version
BuildRequires: qemu-ppc = %version
BuildRequires: qemu-s390 = %version
BuildRequires: qemu-tools = %version
BuildRequires: qemu-ui-curses = %version
BuildRequires: qemu-ui-gtk = %version
BuildRequires: qemu-arm = %{version}
BuildRequires: qemu-block-curl = %{version}
BuildRequires: qemu-block-dmg = %{version}
BuildRequires: qemu-extra = %{version}
BuildRequires: qemu-guest-agent = %{version}
BuildRequires: qemu-ppc = %{version}
BuildRequires: qemu-s390 = %{version}
BuildRequires: qemu-tools = %{version}
BuildRequires: qemu-ui-curses = %{version}
BuildRequires: qemu-ui-gtk = %{version}
%if 0%{?is_opensuse}
BuildRequires: qemu-ui-sdl = %version
BuildRequires: qemu-ui-sdl = %{version}
%endif
BuildRequires: qemu-x86 = %version
BuildRequires: qemu-x86 = %{version}
%if 0%{?with_glusterfs}
BuildRequires: qemu-block-gluster = %version
BuildRequires: qemu-block-gluster = %{version}
%endif
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 )
BuildRequires: qemu-block-iscsi = %version
BuildRequires: qemu-block-iscsi = %{version}
%endif
%if 0%{?with_rbd}
BuildRequires: qemu-block-rbd = %version
BuildRequires: qemu-block-rbd = %{version}
%endif
BuildRequires: qemu-block-ssh = %version
BuildRequires: qemu-block-ssh = %{version}
%endif
Requires(pre): shadow
Requires(post): coreutils
@ -450,7 +450,7 @@ This package acts as an umbrella package to the other QEMU sub-packages.
%package x86
Summary: Machine emulator and virtualizer for x86 architectures
Group: System/Emulators/PC
Requires: qemu = %version
Requires: qemu = %{version}
Requires: qemu-ipxe
Requires: qemu-seabios
Requires: qemu-sgabios
@ -470,7 +470,7 @@ This package provides i386 and x86_64 emulation.
%package ppc
Summary: Machine emulator and virtualizer for Power architectures
Group: System/Emulators/PC
Requires: qemu = %version
Requires: qemu = %{version}
Recommends: qemu-ipxe
Recommends: qemu-vgabios
@ -486,7 +486,7 @@ This package provides ppc and ppc64 emulation.
%package s390
Summary: Machine emulator and virtualizer for S/390 architectures
Group: System/Emulators/PC
Requires: qemu = %version
Requires: qemu = %{version}
%description s390
QEMU provides full machine emulation and cross architecture usage. It closely
@ -500,7 +500,7 @@ This package provides s390x emulation.
%package arm
Summary: Machine emulator and virtualizer for ARM architectures
Group: System/Emulators/PC
Requires: qemu = %version
Requires: qemu = %{version}
Recommends: qemu-ipxe
Recommends: qemu-vgabios
Recommends: ovmf
@ -518,7 +518,7 @@ This package provides arm emulation.
%package extra
Summary: Machine emulator and virtualizer for "extra" architectures
Group: System/Emulators/PC
Requires: qemu = %version
Requires: qemu = %{version}
Recommends: qemu-ipxe
Recommends: qemu-vgabios
@ -539,13 +539,13 @@ Url: http://www.linux-kvm.org
Summary: Wrapper to enable KVM acceleration under QEMU
Group: System/Emulators/PC
%ifarch %ix86 x86_64
Requires: qemu-x86 = %version
Requires: qemu-x86 = %{version}
%endif
%ifarch s390x
Requires: qemu-s390 = %version
Requires: qemu-s390 = %{version}
%endif
Provides: kvm = %version
Obsoletes: kvm < %version
Provides: kvm = %{version}
Obsoletes: kvm < %{version}
%description kvm
QEMU provides full machine emulation and cross architecture usage. It closely
@ -575,10 +575,10 @@ in QEMU are not localized.
# Nor can we have modules require the right version of qemu and qemu-tools
# as Xen reuses our qemu-tools but does not want our qemu and qemu-x86.
%define qemu_module_conflicts \
Conflicts: qemu < %version-%release \
Conflicts: qemu > %version-%release \
Conflicts: qemu-tools < %version-%release \
Conflicts: qemu-tools > %version-%release
Conflicts: qemu < %{version}-%{release} \
Conflicts: qemu > %{version}-%{release} \
Conflicts: qemu-tools < %{version}-%{release} \
Conflicts: qemu-tools > %{version}-%{release}
%package block-curl
Summary: cURL block support for QEMU
@ -1252,15 +1252,17 @@ fi
%{_bindir}/getent group kvm >/dev/null || %{_sbindir}/groupadd -r kvm
%service_add_pre qemu-ga@.service
%preun guest-agent
%service_del_preun qemu-ga@.service
%post guest-agent
%service_add_post qemu-ga@.service
if [ -e /dev/virtio-ports/org.qemu.guest_agent.0 ]; then
/usr/bin/systemctl start qemu-ga@virtio\\x2dports-org.qemu.guest_agent.0.service || :
fi
%preun guest-agent
if [ -e /dev/virtio-ports/org.qemu.guest_agent.0 ]; then
/usr/bin/systemctl stop qemu-ga@virtio\\x2dports-org.qemu.guest_agent.0.service || :
fi
%postun guest-agent
%service_del_postun qemu-ga@.service
@ -1283,7 +1285,8 @@ fi
%files
%defattr(-, root, root)
%if "%{name}" != "qemu-testsuite"
%doc COPYING COPYING.LIB COPYING.PYTHON Changelog README VERSION LICENSE
%doc Changelog README VERSION
%license COPYING COPYING.LIB COPYING.PYTHON LICENSE
%_docdir/%name/qemu-doc.txt
%_docdir/%name/qemu-doc.html
%_docdir/%name/qemu-qmp-ref.txt