Commit Graph

6344 Commits

Author SHA1 Message Date
Peter Maydell
72fc7d7f79 * Latest fuzzer patches from Alexander
* Fixes for the qtest bios-tables-test
 * LGPL information cleanup in qtest code
 * sh4 acceptance test
 * Improved submodule handling for the s390x CI test
 -----BEGIN PGP SIGNATURE-----
 
 iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAl7oexoRHHRodXRoQHJl
 ZGhhdC5jb20ACgkQLtnXdP5wLbVF/A//U2l79c2xM+9u95treESERb8XH7DXq8z0
 uB5/3hEorGhF3XcnJoxHjzKlGtwKYdcn+h8fYba3efroT8QRh84D+y+7at5Ag9r9
 jDB7MKIIn4pw0Zti4/s26xwccSlL1Sr24dzeJfGMfAXzve7wP4QZkAU9jwOu6TFW
 5o5zd8DnPT9IpXnqJZgX0K+A1dLvnkyxqiWAFAok/8PHyhdLx7UPkGG+hIyOezSi
 j0vadrihUSUO88zChgq1Lfbr2r82YaIUIve9PYCMwMW9gYARH0fDFXKv55wHAmzJ
 NuO3DNy3FtobrZFPfJ9/x5P9ri806uATLI9ioF7U7tGD0xmsoypORxo8ueFfL1hD
 V31k052mSOpfYZKMdltMhlBMHxVjNZt7lHu2MEilC1j+cDbBE4JWgipbEkvrKnKR
 jCO6ur0f1UTrNt93S5xhCH2muGtGoAwv4i96e2/XhRoP4t8x7KyNUwzNbV3Y0Uvf
 HXBFz8S/J743Pd+j0aSp12ma+z5awtC5L1C0X5DaIu5jR1dQ9VK+G13x7tAjNdT8
 wCHoOXwtveYLxWJ235Rx6pzdvk625plDlCYXmhRjyBNbW+XWuLAVwbNBwZSfKcLr
 Dj+vbHGpWiNpXnPTtnTZS4Lec9w4dCZdNGXq54nypIxDYukTjjPldTc20bbz6JoM
 4OcE3na8bMA=
 =Pdab
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2020-06-16' into staging

* Latest fuzzer patches from Alexander
* Fixes for the qtest bios-tables-test
* LGPL information cleanup in qtest code
* sh4 acceptance test
* Improved submodule handling for the s390x CI test

# gpg: Signature made Tue 16 Jun 2020 08:56:10 BST
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg:                issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* remotes/huth-gitlab/tags/pull-request-2020-06-16:
  configure: Let SLOF be initialized by ./scripts/git-submodule.sh
  tests/acceptance: Add boot tests for sh4 QEMU advent calendar image
  tests/qtest: Fix LGPL information in the file headers
  fuzz: add oss-fuzz build-script
  fuzz: Add support for logging QTest commands
  fuzz: skip QTest serialization
  bios-tables-test: Fix "-tpmdev: invalid option"

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-06-16 10:06:57 +01:00
Thomas Huth
8662404650 tests/acceptance: Add boot tests for sh4 QEMU advent calendar image
Now that we can select the second serial console in the acceptance tests
(see commit 746f244d97 "Allow to use other serial consoles than default"),
we can also test the sh4 image from the QEMU advent calendar 2018.

Message-Id: <20200515164337.4899-1-thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2020-06-15 18:26:47 +02:00
Thomas Huth
dc0ad02df9 tests/qtest: Fix LGPL information in the file headers
It's either "GNU *Library* General Public License version 2" or "GNU
Lesser General Public License version *2.1*", but there was no "version
2.0" of the "Lesser" license. So assume that version 2.1 is meant here.

Message-Id: <20200605100645.6506-1-thuth@redhat.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2020-06-15 18:26:46 +02:00
Alexander Bulekov
8efebd4e01 fuzz: Add support for logging QTest commands
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Message-Id: <20200529221450.26673-3-alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2020-06-15 18:26:46 +02:00
Alexander Bulekov
d92e1b6d54 fuzz: skip QTest serialization
The QTest server usually parses ASCII commands from clients. Since we
fuzz within the QEMU process, skip the QTest serialization and server
for most QTest commands. Leave the option to use the ASCII protocol, to
generate readable traces for crash reproducers.

Inspired-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Message-Id: <20200529221450.26673-2-alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2020-06-15 18:26:46 +02:00
Eric Auger
55b9757c7e bios-tables-test: Fix "-tpmdev: invalid option"
When configure is run with "--disable-tpm", the bios-tables-test
q35/tis test fails with "-tpmdev: invalid option".

Skip the test if CONFIG_TPM is unset.

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reported-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20200615135051.2213-1-eric.auger@redhat.com>
Tested-by: Stefan Berger <stefanb@linux.ibm.com>
Fixes: 5da7c35e25 ("bios-tables-test: Add Q35/TPM-TIS test")
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2020-06-15 18:26:46 +02:00
Alexey Krasikov
9250036221 test-crypto-secret: add 'secret_keyring' object tests.
Add tests:
  test_secret_keyring_good;
  test_secret_keyring_revoked_key;
  test_secret_keyring_expired_key;
  test_secret_keyring_bad_serial_key;
  test_secret_keyring_bad_key_access_right;

Added tests require libkeyutils. The absence of this library is not
critical, because these tests will be skipped in this case.

Signed-off-by: Alexey Krasikov <alex-krasikov@yandex-team.ru>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-06-15 11:33:51 +01:00
Peter Maydell
7d3660e798 * Miscellaneous fixes and feature enablement (many)
* SEV refactoring (David)
 * Hyper-V initial support (Jon)
 * i386 TCG fixes (x87 and SSE, Joseph)
 * vmport cleanup and improvements (Philippe, Liran)
 * Use-after-free with vCPU hot-unplug (Nengyuan)
 * run-coverity-scan improvements (myself)
 * Record/replay fixes (Pavel)
 * -machine kernel_irqchip=split improvements for INTx (Peter)
 * Code cleanups (Philippe)
 * Crash and security fixes (PJP)
 * HVF cleanups (Roman)
 -----BEGIN PGP SIGNATURE-----
 
 iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAl7jpdAUHHBib256aW5p
 QHJlZGhhdC5jb20ACgkQv/vSX3jHroMfjwf/X7+0euuE9dwKFKDDMmIi+4lRWnq7
 gSOyE1BYSfDIUXRIukf64konXe0VpiotNYlyEaYnnQjkMdGm5E9iXKF+LgEwXj/t
 NSGkfj5J3VeWRG4JJp642CSN/aZWO8uzkenld3myCnu6TicuN351tDJchiFwAk9f
 wsXtgLKd67zE8MLVt8AP0rNTbzMHttPXnPaOXDCuwjMHNvMEKnC93UeOeM0M4H5s
 3Dl2HvsNWZ2SzUG9mAbWp0bWWuoIb+Ep9//87HWANvb7Z8jratRws18i6tYt1sPx
 8zOnUS87sVnh1CQlXBDd9fEcqBUVgR9pAlqaaYavNhFp5eC31euvpDU8Iw==
 =F4sU
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* Miscellaneous fixes and feature enablement (many)
* SEV refactoring (David)
* Hyper-V initial support (Jon)
* i386 TCG fixes (x87 and SSE, Joseph)
* vmport cleanup and improvements (Philippe, Liran)
* Use-after-free with vCPU hot-unplug (Nengyuan)
* run-coverity-scan improvements (myself)
* Record/replay fixes (Pavel)
* -machine kernel_irqchip=split improvements for INTx (Peter)
* Code cleanups (Philippe)
* Crash and security fixes (PJP)
* HVF cleanups (Roman)

# gpg: Signature made Fri 12 Jun 2020 16:57:04 BST
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini/tags/for-upstream: (116 commits)
  target/i386: Remove obsolete TODO file
  stubs: move Xen stubs to accel/
  replay: fix replay shutdown for console mode
  exec/cpu-common: Move MUSB specific typedefs to 'hw/usb/hcd-musb.h'
  hw/usb: Move device-specific declarations to new 'hcd-musb.h' header
  exec/memory: Remove unused MemoryRegionMmio type
  checkpatch: reversed logic with acpi test checks
  target/i386: sev: Unify SEVState and SevGuestState
  target/i386: sev: Remove redundant handle field
  target/i386: sev: Remove redundant policy field
  target/i386: sev: Remove redundant cbitpos and reduced_phys_bits fields
  target/i386: sev: Partial cleanup to sev_state global
  target/i386: sev: Embed SEVState in SevGuestState
  target/i386: sev: Rename QSevGuestInfo
  target/i386: sev: Move local structure definitions into .c file
  target/i386: sev: Remove unused QSevGuestInfoClass
  xen: fix build without pci passthrough
  i386: hvf: Drop HVFX86EmulatorState
  i386: hvf: Move mmio_buf into CPUX86State
  i386: hvf: Move lazy_flags into CPUX86State
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

# Conflicts:
#	hw/i386/acpi-build.c
2020-06-12 23:06:22 +01:00
Joseph Myers
bc921b2711 target/i386: correct fix for pcmpxstrx substring search
This corrects a bug introduced in my previous fix for SSE4.2 pcmpestri
/ pcmpestrm / pcmpistri / pcmpistrm substring search, commit
ae35eea7e4.

That commit fixed a bug that showed up in four GCC tests with one libc
implementation.  The tests in question generate random inputs to the
intrinsics and compare results to a C implementation, but they only
test 1024 possible random inputs, and when the tests use the cases of
those instructions that work with word rather than byte inputs, it's
easy to have problematic cases that show up much less frequently than
that.  Thus, testing with a different libc implementation, and so a
different random number generator, showed up a problem with the
previous patch.

When investigating the previous test failures, I found the description
of these instructions in the Intel manuals (starting from computing a
16x16 or 8x8 set of comparison results) confusing and hard to match up
with the more optimized implementation in QEMU, and referred to AMD
manuals which described the instructions in a different way.  Those
AMD descriptions are very explicit that the whole of the string being
searched for must be found in the other operand, not running off the
end of that operand; they say "If the prototype and the SUT are equal
in length, the two strings must be identical for the comparison to be
TRUE.".  However, that statement is incorrect.

In my previous commit message, I noted:

  The operation in this case is a search for a string (argument d to
  the helper) in another string (argument s to the helper); if a copy
  of d at a particular position would run off the end of s, the
  resulting output bit should be 0 whether or not the strings match in
  the region where they overlap, but the QEMU implementation was
  wrongly comparing only up to the point where s ends and counting it
  as a match if an initial segment of d matched a terminal segment of
  s.  Here, "run off the end of s" means that some byte of d would
  overlap some byte outside of s; thus, if d has zero length, it is
  considered to match everywhere, including after the end of s.

The description "some byte of d would overlap some byte outside of s"
is accurate only when understood to refer to overlapping some byte
*within the 16-byte operand* but at or after the zero terminator; it
is valid to run over the end of s if the end of s is the end of the
16-byte operand.  So the fix in the previous patch for the case of d
being empty was correct, but the other part of that patch was not
correct (as it never allowed partial matches even at the end of the
16-byte operand).  Nor was the code before the previous patch correct
for the case of d nonempty, as it would always have allowed partial
matches at the end of s.

Fix with a partial revert of my previous change, combined with
inserting a check for the special case of s having maximum length to
determine where it is necessary to check for matches.

In the added test, test 1 is for the case of empty strings, which
failed before my 2017 patch, test 2 is for the bug introduced by my
2017 patch and test 3 deals with the case where a match of an initial
segment at the end of the string is not valid when the string ends
before the end of the 16-byte operand (that is, the case that would be
broken by a simple revert of the non-empty-string part of my 2017
patch).

Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.2006121344290.9881@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-12 11:10:39 -04:00
Peter Maydell
9e3903136d virtio,acpi,pci: features, fixes, cleanups, tests
Max slots negotiation for vhost-user.
 Free page reporting for balloon.
 Partial TPM2 ACPI support for ARM.
 Support for NVDIMMs having their own proximity domains.
 New vhost-user-vsock device.
 
 Fixes, cleanups in ACPI, PCI, virtio.
 New tests for TPM ACPI.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 
 iQFDBAABCAAtFiEEXQn9CHHI+FuUyooNKB8NuNKNVGkFAl7jjpwPHG1zdEByZWRo
 YXQuY29tAAoJECgfDbjSjVRp9AEH/RH+o9fT+Jvwv1yiCF44kjrfQ9MHzT+hDo96
 vd6Ynj6O49M+ObL3f9fI5ICYHAmZQFzouJ671/FcQQF/CrMot1HBnHAWAzS2YoFu
 3iNOA6PmWn0fWoVAuIfmhtE0PKNJdsuyyJMbcKY5d5bSPugO3b/bIPvo8oVAIXiM
 3xf0KbicB6m0z24ssZoI7KP7PSJcacDViFXUJkgCIMce68od4CDEQ8TGi6jBmAzQ
 VdriGnOCJ9Wo60GC4KL4v8HKZWnq4Nz4qfwQtHdY/MUL30eFDjYcgF0AMYLHrymy
 DInh/GRQMxtD0VvOxtq1BUV0tHk/qH4XyEohSyBOrIrH+ifnjds=
 =hh+M
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

virtio,acpi,pci: features, fixes, cleanups, tests

Max slots negotiation for vhost-user.
Free page reporting for balloon.
Partial TPM2 ACPI support for ARM.
Support for NVDIMMs having their own proximity domains.
New vhost-user-vsock device.

Fixes, cleanups in ACPI, PCI, virtio.
New tests for TPM ACPI.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Fri 12 Jun 2020 15:18:04 BST
# gpg:                using RSA key 5D09FD0871C8F85B94CA8A0D281F0DB8D28D5469
# gpg:                issuer "mst@redhat.com"
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full]
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>" [full]
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream: (58 commits)
  virtio-pci: fix queue_enable write
  pci: Display PCI IRQ pin in "info pci"
  Fix parameter type in vhost migration log path
  acpi: ged: rename event memory region
  acpi: fadt: add hw-reduced sleep register support
  acpi: madt: skip pci override on pci-less systems.
  acpi: create acpi-common.c and move madt code
  acpi: make build_madt() more generic.
  virtio: add vhost-user-vsock-pci device
  virtio: add vhost-user-vsock base device
  vhost-vsock: add vhost-vsock-common abstraction
  hw/pci: Fix crash when running QEMU with "-nic model=rocker"
  libvhost-user: advertise vring features
  Lift max ram slots limit in libvhost-user
  Support individual region unmap in libvhost-user
  Support adding individual regions in libvhost-user
  Support ram slot configuration in libvhost-user
  Refactor out libvhost-user fault generation logic
  Lift max memory slots limit imposed by vhost-user
  Transmit vhost-user memory regions individually
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-06-12 15:53:49 +01:00
Peter Maydell
9f1f264edb NBD patches for 2020-06-09
- fix iotest 194 race
 - fix CVE-2020-10761: server DoS from assertion on long NBD error messages
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEccLMIrHEYCkn0vOqp6FrSiUnQ2oFAl7hH3cACgkQp6FrSiUn
 Q2qPwAf+Le4m5AhAv9rLT+B9LGZFdD17dd7Dqj0CBeUyfVJKD9RtmcWIoVOsnI9Z
 RspYZwRgbYLZQZxKjqTKq1d1BNhK/73suGklkGQC554dik9QJOsHOmkcdK4KPwSD
 L0UG9muBKsmwUueGQusKFLixx39IkhQgLwLdno0wLGCao2PZUd1Z+4f/QmgLhxzI
 /cHzqqPtM97PFjf/lPWHvAZBcQVYmsf6SNMEqrSR30Tff5Lb5vsDFlEoaoPviEWA
 T2Yv1AQJwKcOrMuzmzbGeAIYeqip/WzH5mC4b8ZcKeSZ0pRcG4KoJRjuKIH78D8i
 iA34mc+fyUoctoyLSEFNA/v5Zdde3w==
 =m3k2
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2020-06-09-v2' into staging

NBD patches for 2020-06-09

- fix iotest 194 race
- fix CVE-2020-10761: server DoS from assertion on long NBD error messages

# gpg: Signature made Wed 10 Jun 2020 18:59:19 BST
# gpg:                using RSA key 71C2CC22B1C4602927D2F3AAA7A16B4A2527436A
# gpg: Good signature from "Eric Blake <eblake@redhat.com>" [full]
# gpg:                 aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>" [full]
# gpg:                 aka "[jpeg image of size 6874]" [full]
# Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2  F3AA A7A1 6B4A 2527 436A

* remotes/ericb/tags/pull-nbd-2020-06-09-v2:
  block: Call attention to truncation of long NBD exports
  nbd/server: Avoid long error message assertions CVE-2020-10761
  iotests: 194: wait for migration completion on target too

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-06-11 21:19:29 +01:00
Peter Maydell
3666f68476 bitmaps patches for 2020-06-09
- documenation fix
 - various improvements to qcow2.py program used in iotests
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEccLMIrHEYCkn0vOqp6FrSiUnQ2oFAl7f9hsACgkQp6FrSiUn
 Q2pLhAf+OrRJZFO5yY/r3UmNlWs9r3ZkE7nAOlRdDWmqeO0dwq+IOVa/TXoGf4vT
 dqqEqnFZ6adwQD9HFHKtL50qEwcBiHlNp65WnqfQs8wlFoDo2pckd0UTAR04yM8R
 d62Ip7l5Rv3cIT8R7/plwitypNvq8oUFKSwfnvlcHzP7/0Jspq784Nam7bNvj4L1
 lurdsYUrbPc1DKlDL1UNaLA0v9+9QoSICBzKV6qgFtpPyRAT1Y83f3QmpiMGE4rQ
 Djr3Hs8uGUskpv9yGFbakLscQO/Zws1VUnCsH97X1P1S5lXd2x/I//ydxGL+DkPY
 cdgu7PmziBLuTdnaOyJ/xd3CTUpddQ==
 =nhZT
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ericb/tags/pull-bitmaps-2020-06-09' into staging

bitmaps patches for 2020-06-09

- documenation fix
- various improvements to qcow2.py program used in iotests

# gpg: Signature made Tue 09 Jun 2020 21:50:35 BST
# gpg:                using RSA key 71C2CC22B1C4602927D2F3AAA7A16B4A2527436A
# gpg: Good signature from "Eric Blake <eblake@redhat.com>" [full]
# gpg:                 aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>" [full]
# gpg:                 aka "[jpeg image of size 6874]" [full]
# Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2  F3AA A7A1 6B4A 2527 436A

* remotes/ericb/tags/pull-bitmaps-2020-06-09:
  iotests: Fix 291 across more file systems
  qcow2_format.py: dump bitmaps header extension
  qcow2: QcowHeaderExtension print names for extension magics
  qcow2_format: refactor QcowHeaderExtension as a subclass of Qcow2Struct
  qcow2_format.py: QcowHeaderExtension: add dump method
  qcow2_format.py: add field-formatting class
  qcow2_format.py: separate generic functionality of structure classes
  qcow2_format.py: use strings to specify c-type of struct fields
  qcow2_format.py: use modern string formatting
  qcow2_format.py: use tuples instead of lists for fields
  qcow2_format.py: drop new line printing at end of dump()
  qcow2.py: move qcow2 format classes to separate module
  qcow2.py: add licensing blurb
  qcow2.py: python style fixes
  qemu-img: Fix doc typo for 'bitmap' subcommand

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-06-11 15:35:44 +01:00
Peter Maydell
c291aca63d Add non-overlapping groups
-----BEGIN PGP SIGNATURE-----
 
 iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAl7ftzkdHHJpY2hhcmQu
 aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV+N5Af9H2MaCN9Eka7VmHAd
 duob3PBkGsQ8jOCOtOQMVukkptkOk2cMycXlW77DJsVrjX3nzpJ6yZ52MH4WO0vn
 ddFeutkK4iaw+3mBQkEFaJC1H8GavuHz0dMK5NR3WtOvAnZ1eQyEbqFTkbMHJgFI
 TVyNUz3jfsqCLBDxEx8JU3v5dycMET3WKlvFP6aO2FnQNKBSZXnxTcd7eCN67KOs
 e+XmBvcsLuGp6fxrIrNFwakjy48jExytfMRdWVSDulC0ErUw9bV4fI9Z8kHV5ETd
 bL+q5ADFKvogEQeGW74+44zebtmgosO1GWDMfbSTjIdnUQrdAff+Y7huHateaXWs
 +FHszA==
 =Z5Ta
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/rth/tags/pull-dt-20200609' into staging

Add non-overlapping groups

# gpg: Signature made Tue 09 Jun 2020 17:22:17 BST
# gpg:                using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg:                issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A  05C0 64DF 38E8 AF7E 215F

* remotes/rth/tags/pull-dt-20200609:
  target/arm: Use a non-overlapping group for misc control
  decodetree: Drop check for less than 2 patterns in a group
  tests/decode: Test non-overlapping groups
  decodetree: Implement non-overlapping groups
  decodetree: Move semantic propagation into classes
  decodetree: Allow group covering the entire insn space
  decodetree: Split out MultiPattern from IncMultiPattern
  decodetree: Rename MultiPattern to IncMultiPattern
  decodetree: Tidy error_with_file

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-06-11 11:20:39 +01:00
Eric Blake
5c4fe018c0 nbd/server: Avoid long error message assertions CVE-2020-10761
Ever since commit 36683283 (v2.8), the server code asserts that error
strings sent to the client are well-formed per the protocol by not
exceeding the maximum string length of 4096.  At the time the server
first started sending error messages, the assertion could not be
triggered, because messages were completely under our control.
However, over the years, we have added latent scenarios where a client
could trigger the server to attempt an error message that would
include the client's information if it passed other checks first:

- requesting NBD_OPT_INFO/GO on an export name that is not present
  (commit 0cfae925 in v2.12 echoes the name)

- requesting NBD_OPT_LIST/SET_META_CONTEXT on an export name that is
  not present (commit e7b1948d in v2.12 echoes the name)

At the time, those were still safe because we flagged names larger
than 256 bytes with a different message; but that changed in commit
93676c88 (v4.2) when we raised the name limit to 4096 to match the NBD
string limit.  (That commit also failed to change the magic number
4096 in nbd_negotiate_send_rep_err to the just-introduced named
constant.)  So with that commit, long client names appended to server
text can now trigger the assertion, and thus be used as a denial of
service attack against a server.  As a mitigating factor, if the
server requires TLS, the client cannot trigger the problematic paths
unless it first supplies TLS credentials, and such trusted clients are
less likely to try to intentionally crash the server.

We may later want to further sanitize the user-supplied strings we
place into our error messages, such as scrubbing out control
characters, but that is less important to the CVE fix, so it can be a
later patch to the new nbd_sanitize_name.

Consideration was given to changing the assertion in
nbd_negotiate_send_rep_verr to instead merely log a server error and
truncate the message, to avoid leaving a latent path that could
trigger a future CVE DoS on any new error message.  However, this
merely complicates the code for something that is already (correctly)
flagging coding errors, and now that we are aware of the long message
pitfall, we are less likely to introduce such errors in the future,
which would make such error handling dead code.

Reported-by: Xueqiang Wei <xuwei@redhat.com>
CC: qemu-stable@nongnu.org
Fixes: https://bugzilla.redhat.com/1843684 CVE-2020-10761
Fixes: 93676c88d7
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20200610163741.3745251-2-eblake@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
2020-06-10 12:58:59 -05:00
Joseph Myers
975af797f1 target/i386: fix IEEE x87 floating-point exception raising
Most x87 instruction implementations fail to raise the expected IEEE
floating-point exceptions because they do nothing to convert the
exception state from the softfloat machinery into the exception flags
in the x87 status word.  There is special-case handling of division to
raise the divide-by-zero exception, but that handling is itself buggy:
it raises the exception in inappropriate cases (inf / 0 and nan / 0,
which should not raise any exceptions, and 0 / 0, which should raise
"invalid" instead).

Fix this by converting the floating-point exceptions raised during an
operation by the softfloat machinery into exceptions in the x87 status
word (passing through the existing fpu_set_exception function for
handling related to trapping exceptions).  There are special cases
where some functions convert to integer internally but exceptions from
that conversion are not always correct exceptions for the instruction
to raise.

There might be scope for some simplification if the softfloat
exception state either could always be assumed to be in sync with the
state in the status word, or could always be ignored at the start of
each instruction and just set to 0 then; I haven't looked into that in
detail, and it might run into interactions with the various ways the
emulation does not yet handle trapping exceptions properly.  I think
the approach taken here, of saving the softfloat state, setting
exceptions there to 0 and then merging the old exceptions back in
after carrying out the operation, is conservatively safe.

Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.2005152120280.3469@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10 12:10:51 -04:00
Edgar E. Iglesias
bbad173c74 tests: machine-none-test: Enable MicroBlaze testing
Enable MicroBlaze testing.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-Id: <20200416193303.23674-2-edgar.iglesias@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10 12:10:45 -04:00
Joseph Myers
c8af85b10c target/i386: fix fisttpl, fisttpll handling of out-of-range values
The fist / fistt family of instructions should all store the most
negative integer in the destination format when the rounded /
truncated integer result is out of range or the input is an invalid
encoding, infinity or NaN.  The fisttpl and fisttpll implementations
(32-bit and 64-bit results, truncate towards zero) failed to do this,
producing the most positive integer in some cases instead.  Fix this
by copying the code used to handle this issue for fistpl and fistpll,
adjusted to use the _round_to_zero functions for the actual
conversion (but without any other changes to that code).

Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.2005152119160.3469@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10 12:10:26 -04:00
Joseph Myers
374ff4d0a3 target/i386: fix fbstp handling of out-of-range values
The fbstp implementation fails to check for out-of-range and invalid
values, instead just taking the result of conversion to int64_t and
storing its sign and low 18 decimal digits.  Fix this by checking for
an out-of-range result (invalid conversions always result in INT64_MAX
or INT64_MIN from the softfloat code, which are large enough to be
considered as out-of-range by this code) and storing the packed BCD
indefinite encoding in that case.

Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.2005132351110.11687@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10 12:10:25 -04:00
Joseph Myers
18c53e1e73 target/i386: fix fbstp handling of negative zero
The fbstp implementation stores +0 when the rounded result should be
-0 because it compares an integer value with 0 to determine the sign.
Fix this by checking the sign bit of the operand instead.

Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.2005132350230.11687@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10 12:10:25 -04:00
Joseph Myers
34b9cc076f target/i386: fix fxam handling of invalid encodings
The fxam implementation does not check for invalid encodings, instead
treating them like NaN or normal numbers depending on the exponent.
Fix it to check that the high bit of the significand is set before
treating an encoding as NaN or normal, thus resulting in correct
handling (all of C0, C2 and C3 cleared) for invalid encodings.

Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.2005132349311.11687@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10 12:10:24 -04:00
Joseph Myers
80b4008c80 target/i386: fix floating-point load-constant rounding
The implementations of the fldl2t, fldl2e, fldpi, fldlg2 and fldln2
instructions load fixed constants independent of the rounding mode.
Fix them to load a value correctly rounded for the current rounding
mode (but always rounded to 64-bit precision independent of the
precision control, and without setting "inexact") as specified.

Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <alpine.DEB.2.21.2005132348310.11687@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10 12:10:24 -04:00
Joseph Myers
c535d68755 target/i386: fix fscale handling of rounding precision
The fscale implementation uses floatx80_scalbn for the final scaling
operation.  floatx80_scalbn ends up rounding the result using the
dynamic rounding precision configured for the FPU.  But only a limited
set of x87 floating-point instructions are supposed to respect the
dynamic rounding precision, and fscale is not in that set.  Fix the
implementation to save and restore the rounding precision around the
call to floatx80_scalbn.

Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.2005070045430.18350@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10 12:10:21 -04:00
Joseph Myers
c1c5fb8f90 target/i386: fix fscale handling of infinite exponents
The fscale implementation passes infinite exponents through to generic
code that rounds the exponent to a 32-bit integer before using
floatx80_scalbn.  In round-to-nearest mode, and ignoring exceptions,
this works in many cases.  But it fails to handle the special cases of
scaling 0 by a +Inf exponent or an infinity by a -Inf exponent, which
should produce a NaN, and because it produces an inexact result for
finite nonzero numbers being scaled, the result is sometimes incorrect
in other rounding modes.  Add appropriate handling of infinite
exponents to produce a NaN or an appropriately signed exact zero or
infinity as a result.

Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.2005070045010.18350@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10 12:10:18 -04:00
Joseph Myers
b40eec96b2 target/i386: fix fscale handling of invalid exponent encodings
The fscale implementation does not check for invalid encodings in the
exponent operand, thus treating them like INT_MIN (the value returned
for invalid encodings by floatx80_to_int32_round_to_zero).  Fix it to
treat them similarly to signaling NaN exponents, thus generating a
quiet NaN result.

Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.2005070044190.18350@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10 12:10:17 -04:00
Joseph Myers
0d48b43632 target/i386: fix fscale handling of signaling NaN
The implementation of the fscale instruction returns a NaN exponent
unchanged.  Fix it to return a quiet NaN when the provided exponent is
a signaling NaN.

Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.2005070043330.18350@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10 12:10:17 -04:00
Joseph Myers
c415f2c582 target/i386: implement special cases for fxtract
The implementation of the fxtract instruction treats all nonzero
operands as normal numbers, so yielding incorrect results for invalid
formats, infinities, NaNs and subnormal and pseudo-denormal operands.
Implement appropriate handling of all those cases.

Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Acked-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <alpine.DEB.2.21.2005070042360.18350@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10 12:10:16 -04:00
Philippe Mathieu-Daudé
78f8d4975c io/task: Move 'qom/object.h' header to source
We need "qom/object.h" to call object_ref()/object_unref(),
and to test the TYPE_DUMMY.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20200504115656.6045-3-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10 12:09:37 -04:00
Paolo Bonzini
af509738f8 docker.py/build: support binary files in --extra-files
Read the --extra-files in binary mode to avoid encoding errors.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10 12:09:31 -04:00
Paolo Bonzini
dfae628459 docker.py/build: support -t and -f arguments
The docker.py command line is subtly different from docker and podman's,
in that the tag and Dockerfile are passed via positional arguments.
Remove this gratuitous difference and just parse -f and -t.

-f was previously used by --extra-files, only keep the long option.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-10 12:09:31 -04:00
Vladimir Sementsov-Ogievskiy
93d487807b iotests: 194: wait for migration completion on target too
It is possible, that shutdown on target occurs earlier than migration
finish. In this case we crash in bdrv_release_dirty_bitmap_locked()
on assertion "assert(!bdrv_dirty_bitmap_busy(bitmap));" as we do have
busy bitmap, as bitmap migration is ongoing.

We'll fix bitmap migration to gracefully cancel on early shutdown soon.
Now let's fix iotest 194 to wait migration completion before shutdown.

Note that in this test dest_vm.shutdown() is called implicitly, as vms
used as context-providers, see __exit__() method of QEMUMachine class.

Actually, not waiting migration finish is a wrong thing, but the test
started to crash after commit ae00aa2398
"iotests: 194: test also migration of dirty bitmap", which added dirty
bitmaps here. So, Fixes: tag won't hurt.

Fixes: ae00aa2398
Reported-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[eblake: grammar tweak]
Message-Id: <20200604083341.26978-1-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2020-06-09 17:05:50 -05:00
Eric Blake
adf92f4645 iotests: Fix 291 across more file systems
Depending on the granularity of holes and amount of metadata consumed
by a file, the 'disk size:' number of 'qemu-img info' is not reliable.
Adjust our test to use a different set of filters to avoid spurious
failures.

Reported-by: Kevin Wolf <kwolf@redhat.com>
Fixes: cf2d1203dc
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20200608195629.3299649-1-eblake@redhat.com>
Acked-by: Kevin Wolf <kwolf@redhat.com>
[eblake: fix merge conflict]
Signed-off-by: Eric Blake <eblake@redhat.com>
2020-06-09 15:48:00 -05:00
Vladimir Sementsov-Ogievskiy
820c6bee53 qcow2_format.py: dump bitmaps header extension
Add class for bitmap extension and dump its fields. Further work is to
dump bitmap directory.

Test new functionality inside 291 iotest.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Andrey Shinkevich <andrey.shinkevich@virtuozzo.com>
Message-Id: <20200606081806.23897-14-vsementsov@virtuozzo.com>
[eblake: fix iotest output]
Signed-off-by: Eric Blake <eblake@redhat.com>
2020-06-09 15:47:10 -05:00
Vladimir Sementsov-Ogievskiy
aef87784f9 qcow2: QcowHeaderExtension print names for extension magics
Suggested-by: Andrey Shinkevich <andrey.shinkevich@virtuozzo.com>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20200606081806.23897-13-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2020-06-09 15:47:10 -05:00
Vladimir Sementsov-Ogievskiy
a9e750e1ce qcow2_format: refactor QcowHeaderExtension as a subclass of Qcow2Struct
Only two fields we can parse by generic code, but that is better than
nothing. Keep further refactoring of variable-length fields for another
day.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Andrey Shinkevich <andrey.shinkevich@virtuozzo.com>
Message-Id: <20200606081806.23897-12-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2020-06-09 15:47:09 -05:00
Vladimir Sementsov-Ogievskiy
0931fcc7be qcow2_format.py: QcowHeaderExtension: add dump method
Obviously, for-loop body in dump_extensions should be the dump method
of extension.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Andrey Shinkevich <andrey.shinkevich@virtuozzo.com>
Message-Id: <20200606081806.23897-11-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2020-06-09 15:47:09 -05:00
Vladimir Sementsov-Ogievskiy
860543f055 qcow2_format.py: add field-formatting class
Allow formatter class in structure definition instead of hacking with
'mask'. This will simplify further introduction of new formatters.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Andrey Shinkevich <andrey.shinkevich@virtuozzo.com>
Message-Id: <20200606081806.23897-10-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2020-06-09 15:47:09 -05:00
Vladimir Sementsov-Ogievskiy
0903e3b371 qcow2_format.py: separate generic functionality of structure classes
We are going to introduce more Qcow2 structure types, defined like
QcowHeader. Move generic functionality into base class to be reused for
further structure classes.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Andrey Shinkevich <andrey.shinkevich@virtuozzo.com>
Message-Id: <20200606081806.23897-9-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2020-06-09 15:47:09 -05:00
Vladimir Sementsov-Ogievskiy
5432a0db52 qcow2_format.py: use strings to specify c-type of struct fields
We are going to move field-parsing to super-class, this will be simpler
with simple string specifiers instead of variables.

For some reason, python doesn't allow the definition of ctypes variable
in the class alongside fields: it would not be available then for use
by the 'for' operator. Don't worry: ctypes will be moved to metaclass
soon.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Andrey Shinkevich <andrey.shinkevich@virtuozzo.com>
Message-Id: <20200606081806.23897-8-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2020-06-09 15:47:09 -05:00
Vladimir Sementsov-Ogievskiy
621ca4988a qcow2_format.py: use modern string formatting
Use .format and f-strings instead of old %style. Also, the file uses
both '' and "" quotes, for consistency let's use '', except for cases
when we need '' inside the string (use "" to avoid extra escaping).

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Andrey Shinkevich <andrey.shinkevich@virtuozzo.com>
Message-Id: <20200606081806.23897-7-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2020-06-09 15:47:09 -05:00
Vladimir Sementsov-Ogievskiy
b2f1415444 qcow2_format.py: use tuples instead of lists for fields
No need in lists: it's a constant variable.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Andrey Shinkevich <andrey.shinkevich@virtuozzo.com>
Message-Id: <20200606081806.23897-6-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2020-06-09 15:47:09 -05:00
Vladimir Sementsov-Ogievskiy
eeafed5f6e qcow2_format.py: drop new line printing at end of dump()
This will simplify further conversion. To compensate, print this empty
line directly in cmd_dump_header().

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Andrey Shinkevich <andrey.shinkevich@virtuozzo.com>
Message-Id: <20200606081806.23897-5-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2020-06-09 15:47:09 -05:00
Vladimir Sementsov-Ogievskiy
d5262c7124 qcow2.py: move qcow2 format classes to separate module
We are going to enhance qcow2 format parsing by adding more structure
classes. Let's split format parsing from utility code.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20200606081806.23897-4-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2020-06-09 15:47:09 -05:00
Vladimir Sementsov-Ogievskiy
16306a7b39 qcow2.py: add licensing blurb
Add classic heading, which is missing here. Keep copyright place empty,
prior authors may add a line later.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20200606081806.23897-3-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[eblake: tweak commit message]
Signed-off-by: Eric Blake <eblake@redhat.com>
2020-06-09 15:47:09 -05:00
Vladimir Sementsov-Ogievskiy
02756054e1 qcow2.py: python style fixes
Fix flake8 complaints.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20200606081806.23897-2-vsementsov@virtuozzo.com>
Tested-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[eblake: commit message improved]
Signed-off-by: Eric Blake <eblake@redhat.com>
2020-06-09 15:47:09 -05:00
Eric Auger
cae98d8c86 bios-tables-test: Generate reference tables for Q35/TPM-TIS
TPM2, DSDT tables were generated using
tests/data/acpi/rebuild-expected-aml.sh

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Message-Id: <20200609125409.24179-6-eric.auger@redhat.com>

Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-06-09 14:18:04 -04:00
Eric Auger
5da7c35e25 bios-tables-test: Add Q35/TPM-TIS test
Test tables specific to the TPM-TIS instantiation.
The TPM2 is added in the framework. Also the DSDT
is updated with the TPM. The new function should be
be usable for CRB as well, later one.

Signed-off-by: Eric Auger <eric.auger@redhat.com>

Message-Id: <20200609125409.24179-5-eric.auger@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-06-09 14:18:04 -04:00
Eric Auger
c7504b9f32 tests: tpm-emu: Remove assert on TPM2_ST_NO_SESSIONS
bios-tables-test executes SeaBIOS. Indeed FW is needed to
fetch tables from QEMU and put them into the guest RAM. Also
the FW patches cross table pointers. At some point, SeaBIOS
ends up calling the TPM2_CC_HierarchyControl command with
TPM2_ST_SESSIONS tag, most probably steming from
tpm_set_failure/tpm20_hierarchycontrol SeaBIOS call path.
This causes an assert() in the qtest tpm emulation code.

As the goal here is not to boot SeaBIOS completely but just
let it grab the ACPI tables and consolidate them, let's just
remove the assert().

Signed-off-by: Eric Auger <eric.auger@redhat.com>

Message-Id: <20200609125409.24179-4-eric.auger@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-06-09 14:18:04 -04:00
Eric Auger
6d6d1a23fc tests/acpi: Add void tables for Q35/TPM-TIS bios-tables-test
Add placeholders for TPM and DSDT reference tables for
Q35 TPM-TIS tests and ignore them for the time being.

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>

Message-Id: <20200609125409.24179-3-eric.auger@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-06-09 14:18:04 -04:00
Eric Auger
266345a867 test/tpm-emu: include sockets and channel headers in tpm-emu header
Include sockets and channel headers to that the header is
self-contained.

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Message-Id: <20200609125409.24179-2-eric.auger@redhat.com>
2020-06-09 14:18:04 -04:00
Michael S. Tsirkin
bab16ab330 tests/acpi: update DSDT expected files
Update DSDT after CRS changes and _STA methods dropped.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-06-09 12:46:45 -04:00