Commit Graph

70806 Commits

Author SHA1 Message Date
Alex Bennée
7887289441 shippable: re-enable the windows cross builds
The pkg.mxe.cc repo has been restored.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-07-23 15:53:25 +01:00
Alex Bennée
67bd36beda tests/dockerfiles: update the win cross builds to stretch
While fixing up pkg.mxe.cc they move the URLs around a bit and dropped
Jessie support in favour of Stretch. We also need to update the keys
used to verify the packages.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-07-23 15:53:25 +01:00
Alex Bennée
601b5575e2 tests/migration-test: don't spam the logs when we fail
Quite often the information about which test failed is hidden by the
wall of repeated failures for each page. Stop outputting the error
after 10 bad pages and just summarise the total damage at the end.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
2019-07-23 15:53:25 +01:00
Philippe Mathieu-Daudé
56e89a310b tests/docker: Install Ubuntu images noninteractively
We correctly use the DEBIAN_FRONTEND environment variable on
the Debian images, but forgot the Ubuntu ones are based on it.

Since building docker images is not interactive, we need to
inform the APT tools about it using the DEBIAN_FRONTEND
environment variable (we already use it on our Debian images).

This fixes:

  $ make docker-image-ubuntu V=1
  [...]
  Setting up tzdata (2019b-0ubuntu0.19.04) ...
  debconf: unable to initialize frontend: Dialog
  debconf: (TERM is not set, so the dialog frontend is not usable.)
  debconf: falling back to frontend: Readline
  Configuring tzdata
  ------------------

  Please select the geographic area in which you live. Subsequent configuration
  questions will narrow this down by presenting a list of cities, representing
  the time zones in which they are located.

    1. Africa      4. Australia  7. Atlantic  10. Pacific  13. Etc
    2. America     5. Arctic     8. Europe    11. SystemV
    3. Antarctica  6. Asia       9. Indian    12. US
  Geographic area: 12
  [HANG]

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20190711124805.26476-1-philmd@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
2019-07-23 15:53:25 +01:00
Philippe Mathieu-Daudé
8109b7986a tests/docker: Install Sphinx in the Fedora image
Since commit 5f71eac06e the Sphinx tool is required
to build the rST documentation.

This fixes:

 $ ./configure --enable-docs

 ERROR: User requested feature docs
        configure was not able to find it.
        Install texinfo, Perl/perl-podlators and python-sphinx

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20190711102710.2263-1-philmd@redhat.com>
[AJB: also add /usr/libexec/python3-sphinx/ to PATH]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
2019-07-23 15:53:25 +01:00
Philippe Mathieu-Daudé
6d7b9c8c06 tests/docker: Install Sphinx in the Ubuntu images
Since commit 5f71eac06e the Sphinx tool is required
to build the rST documentation.

This fixes:

 $ ./configure --enable-docs

 ERROR: User requested feature docs
        configure was not able to find it.
        Install texinfo, Perl/perl-podlators and python-sphinx

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190711120609.12773-1-philmd@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
2019-07-23 15:53:25 +01:00
Alex Bennée
3c237b5c65 tests/docker: add test-misc for building tools & docs
Add yet another test type so we cna quickly exercise the miscellaneous
build products of the build system under various docer configurations.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-07-23 15:53:25 +01:00
Marc-André Lureau
84963b5bbf archive-source: also create a stash for submodules
"git archive" fails when a submodule has a modification, because "git
stash create" doesn't handle submodules. Let's teach our
archive-source.sh to handle modifications in submodules the same way
as qemu tree, by creating a stash.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20190708200250.12017-1-marcandre.lureau@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
2019-07-23 15:53:25 +01:00
Peter Maydell
4da6c0f9eb MIPS queue for July 23rd, 2019
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJdNfOlAAoJENSXKoln91ploGoH/2Y1eSXlPL1ZWTy+7esI3S8x
 6De9vFz1N8qROOnRMvgCiV+Oh2XwHHZVBHlNYZXt/qWwZnLY36U7TeBgGxfr/fLJ
 K9THDWHD4mwKDR+anvVUBe6NkRetmkY9iszvD3OhMcC/KPFx37rn1+l8aRI8kY3y
 cswp5ySYbGe1OdhjH11zPOT8jIm3mL0hKpMvRYEEXKn9wUJ59++JO1c5q9KobCvw
 1FRWr5weoYbuxwzxvhV854veYglTYFMeQa12O+gmWkG7REFRTXDCiarUKowznHT2
 ZtSO9dFjs9cIBl4coypHX+8Z/OWnxJpkzstkJvgZ4zevy8U1YjS+FWfm6as92JI=
 =Dqa6
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/amarkovic2/tags/mips-queue-jul-23-2019' into staging

MIPS queue for July 23rd, 2019

# gpg: Signature made Mon 22 Jul 2019 18:34:29 BST
# gpg:                using RSA key D4972A8967F75A65
# gpg: Good signature from "Aleksandar Markovic <amarkovic@wavecomp.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8526 FBF1 5DA3 811F 4A01  DD75 D497 2A89 67F7 5A65

* remotes/amarkovic2/tags/mips-queue-jul-23-2019:
  target/mips: Fix emulation of MSA pack instructions on big endian hosts
  target/mips: Add 'fall through' comments for handling nanoMips' SHXS, SWXS

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-07-23 12:49:39 +01:00
Peter Maydell
cec9f94f2d One bugfix and silent a fallthru warning.
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJdNtRuAAoJEOPjLCzercDeVu8QALV4B8h4BVh8TJTWxwmu2FLo
 XmMESbwDr4tSaqSZXxW1XNEl4sKFEgCSTkE4t5ULGDFIqXH4WENAbArN+zef0gEn
 LKtJRk0zDTELmYU99fuIfDZTTYZiDfi92NObB51Uk3Qkk1c+DclK+MnBfabl2hNR
 0KcdSx3Idna1WaB2nWod9+URdRA//3uwmQBRsiiTCWyw4yXYYIZqRb4NBOH5dDqa
 Lpl5nL3rDBaubM/I73SwRTTXbvz9BT4A+QKSgsOFPFiui/YgItunGij8f8vRWJ6K
 90C0CapYtO5Dysrc6yACTe9ZXFqjosmGSmtZd8WXFh7oM7BLiZnog+6ZaPnTwloR
 dBHcFFZqY7q3/MDv8j/FkZNYrgE/+VC5CBFTl3FVp/oTrf05uOlNG7pJPWyS0pe3
 fr86diBLoLamirgVOig81683SB7LerN763qEs9980DXs9gzLEHIWfDA8VnRITi4O
 EeCfccYz6eE1kiBmsgw8LZaA/GMlvfPrsDQudYbrWAzPdFC7lCPjFJr1Rep8i+JR
 ofTXlyvjAlVrIME4KelTwbAClYfCVynTiZZv2QXRZL/9XtzHODm3rk5maPkBiDvB
 HdVnAnfuMmNDfP3BN4/nD6F0JY9c9OVvSkmDfJI7SSloAq1ghbz3SFkbSrQ046S8
 VcUP2136f94pw1euETEN
 =F4cf
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/philmd-gitlab/tags/pflash-next-20190723' into staging

One bugfix and silent a fallthru warning.

# gpg: Signature made Tue 23 Jul 2019 10:33:34 BST
# gpg:                using RSA key E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full]
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD  6BB2 E3E3 2C2C DEAD C0DE

* remotes/philmd-gitlab/tags/pflash-next-20190723:
  hw/block/pflash_cfi02: Rewrite a fall through comment
  hw/block/pflash_cfi01: Add missing DeviceReset() handler

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-07-23 10:51:15 +01:00
Philippe Mathieu-Daudé
124e4cfaa4 hw/block/pflash_cfi02: Rewrite a fall through comment
GCC9 is confused by this comment when building with CFLAG
-Wimplicit-fallthrough=2:

  hw/block/pflash_cfi02.c: In function ‘pflash_write’:
  hw/block/pflash_cfi02.c:574:16: error: this statement may fall through [-Werror=implicit-fallthrough=]
    574 |             if (boff == 0x55 && cmd == 0x98) {
        |                ^
  hw/block/pflash_cfi02.c:581:9: note: here
    581 |         default:
        |         ^~~~~~~
  cc1: all warnings being treated as errors

Rewrite the comment using 'fall through' which is recognized by
GCC and static analyzers.

Reported-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20190719131425.10835-4-philmd@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-07-23 11:31:07 +02:00
Philippe Mathieu-Daudé
3a283507c0 hw/block/pflash_cfi01: Add missing DeviceReset() handler
To avoid incoherent states when the machine resets (see bug report
below), add the device reset callback.

A "system reset" sets the device state machine in READ_ARRAY mode
and, after some delay, set the SR.7 READY bit.

Since we do not model timings, we set the SR.7 bit directly.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1678713
Reported-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
[Laszlo Ersek: Regression tested EDK2 OVMF IA32X64, ArmVirtQemu Aarch64
 https://lists.gnu.org/archive/html/qemu-devel/2019-07/msg04373.html]
Message-Id: <20190718104837.13905-2-philmd@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-07-23 11:31:07 +02:00
Peter Maydell
ecb199b177 Block patches for 4.1.0-rc2:
- NVMe block driver fixes
 - Drain/AioContext fixes
 -----BEGIN PGP SIGNATURE-----
 
 iQFGBAABCAAwFiEEkb62CjDbPohX0Rgp9AfbAGHVz0AFAl015/0SHG1yZWl0ekBy
 ZWRoYXQuY29tAAoJEPQH2wBh1c9A1hEIAMS9GgCsLksWCZEvSOCp36TyJFwZfGcb
 bh33eUC4pGQi4S/7cFawdK3lfbvv+ays1t0nh1oWpTHEL/D2+zOjJ3Ip7yxFnoc5
 ckM+mev0GoS0B660ogRHhWNzMPheJavPQHfNrIZnVJpYzr+Ru20rFTDFSiSxdqd/
 qbZfQkqdE1nj7iOR3TT2DGmIqRrNPLIfgmveYKBY7+NlUrCtfSnmRDp5A/NWsH/W
 EecsiwREiDsNMB/ztGgaHzVZBtVYYbIPPnOqXznFcY5EYrbNA4jagx4Y8iqtopdm
 LxXeHrKZI5VQQ9GAG9mvwShWDEaWesEisHXpM1HDsBuE3At9B7b258Y=
 =6syY
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/maxreitz/tags/pull-block-2019-07-22' into staging

Block patches for 4.1.0-rc2:
- NVMe block driver fixes
- Drain/AioContext fixes

# gpg: Signature made Mon 22 Jul 2019 17:44:45 BST
# gpg:                using RSA key 91BEB60A30DB3E8857D11829F407DB0061D5CF40
# gpg:                issuer "mreitz@redhat.com"
# gpg: Good signature from "Max Reitz <mreitz@redhat.com>" [full]
# Primary key fingerprint: 91BE B60A 30DB 3E88 57D1  1829 F407 DB00 61D5 CF40

* remotes/maxreitz/tags/pull-block-2019-07-22:
  block: Only the main loop can change AioContexts
  block: Dec. drained_end_counter before bdrv_wakeup
  block/nvme: don't touch the completion entries
  block/nvme: support larger that 512 bytes sector devices
  block/nvme: fix doorbell stride

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-07-22 18:42:29 +01:00
Aleksandar Markovic
5122958258 target/mips: Fix emulation of MSA pack instructions on big endian hosts
Fix emulation of MSA pack instructions on big endian hosts.

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Message-Id: <1563812573-30309-3-git-send-email-aleksandar.markovic@rt-rk.com>
2019-07-22 19:33:09 +02:00
Aleksandar Markovic
45152d0502 target/mips: Add 'fall through' comments for handling nanoMips' SHXS, SWXS
This was found by GCC 8.3 static analysis.

Missed in commit fb32f8c856.

Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <1563812573-30309-2-git-send-email-aleksandar.markovic@rt-rk.com>
2019-07-22 19:33:04 +02:00
Max Reitz
43eaaaef0e block: Only the main loop can change AioContexts
bdrv_set_aio_context_ignore() can only work in the main loop:
bdrv_drained_begin() only works in the main loop and the node's (old)
AioContext; and bdrv_drained_end() really only works in the main loop
and the node's (new) AioContext (contrary to its current comment, which
is just wrong).

Consequentially, bdrv_set_aio_context_ignore() must be called from the
main loop.  Luckily, assuming that we can make block graph changes only
from the main loop as well, all its callers do that already.

Note that changing a node's context in a sense is an operation that
changes the block graph, so it actually makes sense to require this
function to be called from the main loop.

Also, fix bdrv_drained_end()'s description.  You can only use it from
the main loop or the node's AioContext, and in the latter case, the
whole subtree must be in the same context.

Fixes: e037c09c78
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20190722133054.21781-3-mreitz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2019-07-22 18:41:43 +02:00
Max Reitz
65181d6381 block: Dec. drained_end_counter before bdrv_wakeup
Decrementing drained_end_counter after bdrv_dec_in_flight() (which in
turn invokes bdrv_wakeup() and thus aio_wait_kick()) is not very clever.
We should decrement it beforehand, so that any waiting aio_poll() that
is woken by bdrv_dec_in_flight() sees the decremented
drained_end_counter.

Because the time window between decrementing drained_end_counter and
aio_wait_kick() is very small, I cannot supply a reliable regression
test.  However, running e.g. the /bdrv-drain/blockjob/iothread/drain_all
test in test-bdrv-drain has a small chance of hanging without this
patch (about 1/200 or so; it gets to nearly 100 % if you add e.g. an
fputc(' ', stderr); after the bdrv_dec_in_flight()).

Fixes: e037c09c78
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20190722133054.21781-2-mreitz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2019-07-22 18:41:35 +02:00
Maxim Levitsky
258867d1dc block/nvme: don't touch the completion entries
Completion entries are meant to be only read by the host and written by the device.
The driver is supposed to scan the completions from the last point where it left,
and until it sees a completion with non flipped phase bit.

Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-id: 20190716163020.13383-4-mlevitsk@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2019-07-22 18:40:32 +02:00
Maxim Levitsky
118d1b6a81 block/nvme: support larger that 512 bytes sector devices
Currently the driver hardcodes the sector size to 512,
and doesn't check the underlying device. Fix that.

Also fail if underlying nvme device is formatted with metadata
as this needs special support.

Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
Message-id: 20190716163020.13383-3-mlevitsk@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2019-07-22 18:40:32 +02:00
Maxim Levitsky
461bba04bf block/nvme: fix doorbell stride
Fix the math involving non standard doorbell stride

Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-id: 20190716163020.13383-2-mlevitsk@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2019-07-22 18:40:32 +02:00
Peter Maydell
23da9e297b target-arm queue:
* target/arm: Add missing break statement for Hypervisor Trap Exception
    (fixes handling of SMC insn taken to AArch32 Hyp mode via HCR.TSC)
  * hw/arm/fsl-imx6ul.c: Remove dead SMP-related code
  * target/arm: Limit ID register assertions to TCG
  * configure: Clarify URL to source downloads
  * contrib/elf2dmp: Build download.o with CURL_CFLAGS
 -----BEGIN PGP SIGNATURE-----
 
 iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAl01tnsZHHBldGVyLm1h
 eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3oqrEACkTEsgLU4jkksB3suL2uCP
 6Tk2f/+uyTtVh/vCBZFnvToMJC/iII1EESID/va1R7lI8kNxx08hFC09y64OGxqJ
 GXbSU5PUYQ4iNccop9IIU/lo7MXvAXlUL83OygMdZeifRoicNE+K2DIMQrgKyiDz
 91PaCNRdZzo7b7E7ojqlDXwNeCx6d0z76a7uv0BUTaU7Cx57tYDpCGdg6AXgkFHH
 WsKvAJmGhtrNLhOV/lRZcBZzo6TfBK51TEgQrNN8/wgpzhxfxhfmhtxiRDVJpQ73
 iGMy6xeGSWbbzn73FHwIBcvz5lUWCogw0WlunTm6BBabzhGylwbj2TkaGkq5NdsE
 0eCa5v2193xV5cG+hVq5zezhaRSSOt5WgrJu84VJ7EWckYgjH/aqx3fHRLgopPXV
 W07eXZ+LA1VjLDTAPX+siN46ZDQNZ4DTr3Vw6pPlshAmO9X8QtjhOmkfsB+gHKjN
 w9TGsCXWA/2wnWJ87Ex+5p501EwF8M/EZyiK09piSj042yidpg4ChLU/zLgX2OQv
 TaZrhjHf1iqvoYpcBv5X6FPPts+EmT0c2kcXhLdg/TPS4nrO4IDj9dBTsBWYuoAN
 pQqR69xJUAses8fM81ZCIxYqhYyg+LItRcy4WT3DiysgY+R1dmKxMLsXwVQqObdb
 vSCLh6wJNdvRRTkIWtP7+w==
 =6GBN
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20190722' into staging

target-arm queue:
 * target/arm: Add missing break statement for Hypervisor Trap Exception
   (fixes handling of SMC insn taken to AArch32 Hyp mode via HCR.TSC)
 * hw/arm/fsl-imx6ul.c: Remove dead SMP-related code
 * target/arm: Limit ID register assertions to TCG
 * configure: Clarify URL to source downloads
 * contrib/elf2dmp: Build download.o with CURL_CFLAGS

# gpg: Signature made Mon 22 Jul 2019 14:13:31 BST
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20190722:
  contrib/elf2dmp: Build download.o with CURL_CFLAGS
  configure: Clarify URL to source downloads
  target/arm: Limit ID register assertions to TCG
  hw/arm/fsl-imx6ul.c: Remove dead SMP-related code
  target/arm: Add missing break statement for Hypervisor Trap Exception

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-07-22 15:16:48 +01:00
Peter Maydell
ddb45afbfb contrib/elf2dmp: Build download.o with CURL_CFLAGS
contrib/elf2dmp has a source file which uses curl/curl.h;
although we link the final executable with CURL_LIBS, we
forgot to build this source file with CURL_CFLAGS, so if
the curl header is in a place that's not already on the
system include path then it will fail to build.

Add a line specifying the cflags needed for download.o;
while we are here, bring the specification of the libs
into line with this, since using a per-object variable
setting is preferred over adding them to the final
executable link line.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 20190719100955.17180-1-peter.maydell@linaro.org
2019-07-22 14:07:39 +01:00
Peter Maydell
a3e3b5217b configure: Clarify URL to source downloads
If configure detects that it's being run on a source tree which
is missing git modules, it prints an error messages suggesting
that the user downloads a correct source archive from the project
website. However https://www.qemu.org/download/ is a link to a
page with multiple tabs, with the default being the one telling
users how to get binaries from their distro. Clarify the URL
we print to include the #source anchor, so that the browser will
go directly to the source-tarball instructions.

Reported-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20190718131659.20783-1-peter.maydell@linaro.org
Suggested-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-07-22 14:07:39 +01:00
Peter Maydell
8f4821d77e target/arm: Limit ID register assertions to TCG
In arm_cpu_realizefn() we make several assertions about the values of
guest ID registers:
 * if the CPU provides AArch32 v7VE or better it must advertise the
   ARM_DIV feature
 * if the CPU provides AArch32 A-profile v6 or better it must
   advertise the Jazelle feature

These are essentially consistency checks that our ID register
specifications in cpu.c didn't accidentally miss out a feature,
because increasingly the TCG emulation gates features on the values
in ID registers rather than using old-style checks of ARM_FEATURE_FOO
bits.

Unfortunately, these asserts can cause problems if we're running KVM,
because in that case we don't control the values of the ID registers
-- we read them from the host kernel.  In particular, if the host
kernel is older than 4.15 then it doesn't expose the ID registers via
the KVM_GET_ONE_REG ioctl, and we set up dummy values for some
registers and leave the rest at zero.  (See the comment in
target/arm/kvm64.c kvm_arm_get_host_cpu_features().) This set of
dummy values is not sufficient to pass our assertions, and so on
those kernels running an AArch32 guest on AArch64 will assert.

We could provide a more sophisticated set of dummy ID registers in
this case, but that still leaves the possibility of a host CPU which
reports bogus ID register values that would cause us to assert.  It's
more robust to only do these ID register checks if we're using TCG,
as that is the only case where this is truly a QEMU code bug.

Reported-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20190718125928.20147-1-peter.maydell@linaro.org
Fixes: https://bugs.launchpad.net/qemu/+bug/1830864
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-07-22 14:07:39 +01:00
Peter Maydell
bc8c2ecfd0 hw/arm/fsl-imx6ul.c: Remove dead SMP-related code
The i.MX6UL always has a single Cortex-A7 CPU (we set FSL_IMX6UL_NUM_CPUS
to 1 in line with this). This means that all the code in fsl-imx6ul.c to
handle multiple CPUs is dead code, and Coverity is now complaining that
it is unreachable (CID 1403008, 1403011).

Remove the unreachable code and the only-executes-once loops,
and replace the single-entry cpu[] array in the FSLIMX6ULState
with a simple cpu member.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190712115030.26895-1-peter.maydell@linaro.org
2019-07-22 14:07:39 +01:00
Philippe Mathieu-Daudé
9bbb4ef991 target/arm: Add missing break statement for Hypervisor Trap Exception
Reported by GCC9 when building with  -Wimplicit-fallthrough=2:

  target/arm/helper.c: In function ‘arm_cpu_do_interrupt_aarch32_hyp’:
  target/arm/helper.c:7958:14: error: this statement may fall through [-Werror=implicit-fallthrough=]
   7958 |         addr = 0x14;
        |         ~~~~~^~~~~~
  target/arm/helper.c:7959:5: note: here
   7959 |     default:
        |     ^~~~~~~
  cc1: all warnings being treated as errors

Fixes: b9bc21ff9f
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reported-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20190719111451.12406-1-philmd@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-07-22 14:07:38 +01:00
Peter Maydell
9d2e1fcd14 Mostly bugfixes, plus a patch to mark accelerator MemoryRegions in "info
mtree" that has been lingering for too long.
 -----BEGIN PGP SIGNATURE-----
 
 iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAl0yOgoUHHBib256aW5p
 QHJlZGhhdC5jb20ACgkQv/vSX3jHroMmdwf/WM4Su7hXnyp34Z6lcT4Wq25qb397
 Bmv3GSqA94Ex3mUAFPx8+PyF1KVxRGsFuobxZ9KartPt7VwLFONApN6D+Ul1GXMn
 aSZ/eR9K7GCdrjVCKMSEtIX2KSgyrAhNIKVF61DjWCGXXYVXllqbtaaCHAkl012g
 JR5nlCqRTYqODgwhkynoqNtq13gkRokiAO0BMsk3xwzJ9UO6aOIu71TtFy3jsUn5
 ff0Mm4G6SEP9IIAC3L9lbwZvEArnWbJlL7X1j5C1tbid+Gx5b/W5CWDWO84idZZh
 FctkRgCPoVHucQYZh+OdAveWuN24tBLfA1a4zu4vSKNkTKS/SHb5YpSXAA==
 =nIGk
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

Mostly bugfixes, plus a patch to mark accelerator MemoryRegions in "info
mtree" that has been lingering for too long.

# gpg: Signature made Fri 19 Jul 2019 22:45:46 BST
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini/tags/for-upstream:
  target/i386: sev: fix failed message typos
  i386: indicate that 'pconfig' feature was removed intentionally
  build-sys: do no support modules on Windows
  qmp: don't emit the RESET event on wakeup
  hmp: Print if memory section is registered with an accelerator
  test-bitmap: add test for bitmap_set
  scsi-generic: Check sense key before request snooping and patching
  vhost-user-scsi: Call virtio_scsi_common_unrealize() when device realize failed
  vhost-scsi: Call virtio_scsi_common_unrealize() when device realize failed
  virtio-scsi: remove unused argument to virtio_scsi_common_realize
  target/i386: skip KVM_GET/SET_NESTED_STATE if VMX disabled, or for SVM
  target/i386: kvm: Demand nested migration kernel capabilities only when vCPU may have enabled VMX

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-07-22 13:20:49 +01:00
Peter Maydell
b9e02bb3f9 nbd patches for 2019-07-19
- silence harmless compiler/valgrind warning
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABCAAGBQJdMiVIAAoJEKeha0olJ0NqhSkH/RF4EViyGi/BW9rHHmZIKQjL
 h71g+Y5l0QvTHW2qkU9UCjYC7lrhTnD8r06v2qQZCk37Rb0z/y8BGpcZQVE92nPt
 GW5VbqWh4IdNCMUNXlfFo/U2t+hJL+BAAd8OkolKcDU4FUuN9QGkvQztBLb6Edzk
 oz4/NbnFsd87TRI61EjOEspTpTO6cukLRmE0HIsL8KOaYo3E7QhgxRvR45Y58sbN
 TvUTpI0teHzo4MiXD/yRH8oDz7zKttFwAj3E0oU9IcVTyBJXpE8lNA4J2a65KdbH
 S+43tlNDJA1a5+OqyfzFHcgz6nLCcntU4+5LH7YfTy753EurDVqsi7vTo4lJqHM=
 =uPfp
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2019-07-19' into staging

nbd patches for 2019-07-19

- silence harmless compiler/valgrind warning

# gpg: Signature made Fri 19 Jul 2019 21:17:12 BST
# gpg:                using RSA key A7A16B4A2527436A
# gpg: Good signature from "Eric Blake <eblake@redhat.com>" [full]
# gpg:                 aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>" [full]
# gpg:                 aka "[jpeg image of size 6874]" [full]
# Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2  F3AA A7A1 6B4A 2527 436A

* remotes/ericb/tags/pull-nbd-2019-07-19:
  nbd: Initialize reply on failure

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-07-22 10:11:28 +01:00
Jiri Slaby
d4b976c0a8 target/i386: sev: fix failed message typos
In these multiline messages, there were typos. Fix them -- add a missing
space and remove a superfluous apostrophe.

Inspired by Tom's patch.

Signed-off-by: Jiri Slaby <jslaby@suse.cz>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Cc: qemu-trivial@nongnu.org
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Message-Id: <20190719104118.17735-1-jslaby@suse.cz>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-07-19 23:45:28 +02:00
Denis V. Lunev
2924ab02c2 i386: indicate that 'pconfig' feature was removed intentionally
pconfig feature was added in 5131dc433d and removed in 712f807e19.
This patch mark this feature as known to QEMU and removed by
intentinally. This follows the convention of 9ccb9784b5 and f1a23522b0
dealing with 'osxsave' and 'ospke'.

Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Richard Henderson <rth@twiddle.net>
CC: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <20190719111222.14943-1-den@openvz.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-07-19 23:45:28 +02:00
Eric Blake
5cf42b1c1f nbd: Initialize reply on failure
We've had two separate reports of different callers running into use
of uninitialized data if s->quit is set (one detected by gcc -O3,
another by valgrind), due to checking 'nbd_reply_is_simple(reply) ||
s->quit' in the wrong order. Rather than chasing down which callers
need to pre-initialize reply, and whether there are any other
uninitialized uses, it's easier to guarantee that reply will always be
set by nbd_co_receive_one_chunk() even on failure.

The uninitialized use happens to be harmless (the only time the
variable is uninitialized is if s->quit is set, so the conditional
results in the same action regardless of what was read from reply),
and was introduced in commit 65e01d47.

In fixing the problem, it can also be seen that all (one) callers pass
in a non-NULL reply, so there is a dead conditional to also be cleaned
up.

Reported-by: Thomas Huth <thuth@redhat.com>
Reported-by: Andrey Shinkevich <andrey.shinkevich@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190719172001.19770-1-eblake@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-07-19 13:19:18 -05:00
Marc-André Lureau
21e709aa07 build-sys: do no support modules on Windows
Our module system does not support Windows, because it relies on
resolving symbols from the main executable.

If there is enough interest in supporting modules on Windows, we could
generate an import library for the executable and link with it:
https://stackoverflow.com/questions/15454968/dll-plugin-that-uses-functions-defined-in-the-main-executable

However, there is a small chicken egg problem, since the executable
link and exports extra symbols needed by the library...

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20190718120413.27678-1-marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-07-19 19:05:05 +02:00
Nicholas Piggin
3bf5de5240 qmp: don't emit the RESET event on wakeup
Commit 1405819637 ("qmp: don't emit the RESET event on wakeup from
S3") changed system wakeup to avoid calling qapi_event_send_reset.
Commit 76ed4b18de ("s390/ipl: fix ipl with -no-reboot") appears to
have inadvertently broken that logic.

Acked-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Message-Id: <20190718103951.10027-2-npiggin@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-07-19 19:04:59 +02:00
Alexey Kardashevskiy
8072aae377 hmp: Print if memory section is registered with an accelerator
This adds an accelerator name to the "into mtree -f" to tell the user if
a particular memory section is registered with the accelerator;
the primary user for this is KVM and such information is useful
for debugging purposes.

This adds a has_memory() callback to the accelerator class allowing any
accelerator to have a label in that memory tree dump.

Since memory sections are passed to memory listeners and get registered
in accelerators (rather than memory regions), this only prints new labels
for flatviews attached to the system address space.

An example:
 Root memory region: system
  0000000000000000-0000002fffffffff (prio 0, ram): /objects/mem0 kvm
  0000003000000000-0000005fffffffff (prio 0, ram): /objects/mem1 kvm
  0000200000000020-000020000000003f (prio 1, i/o): virtio-pci
  0000200080000000-000020008000003f (prio 0, i/o): capabilities

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Message-Id: <20190614015237.82463-1-aik@ozlabs.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-07-19 19:04:49 +02:00
Wei Yang
2f950b1e44 test-bitmap: add test for bitmap_set
Add a test for bitmap_set. There are three cases:

  * Both start and end is BITS_PER_LONG aligned
  * Only start is BITS_PER_LONG aligned
  * Only end is BITS_PER_LONG aligned

Signed-off-by: Wei Yang <richardw.yang@linux.intel.com>
Message-Id: <20190718010456.4234-3-richardw.yang@linux.intel.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-07-19 19:04:49 +02:00
Shin'ichiro Kawasaki
1849f297f5 scsi-generic: Check sense key before request snooping and patching
When READ CAPACITY command completes, scsi_read_complete() function
snoops the command result and updates SCSIDevice members blocksize and
max_lba . However, this update is executed even when READ CAPACITY
command indicates an error in sense data. This causes unexpected
blocksize update with zero value for SCSI devices without
READ CAPACITY(10) command support and eventually results in a divide
by zero. An emulated device by TCMU-runner is an example of a device
that doesn't support READ CAPACITY(10) command.

To avoid the unexpected update, add sense key check in
scsi_read_complete() function. The function already checks the sense key
for VPD Block Limits emulation. Do the scsi_parse_sense_buf() call for
all requests rather than just for VPD Block Limits emulation, so that
blocksize and max_lba are only updated if READ CAPACITY returns zero
sense key.

Signed-off-by: Shin'ichiro Kawasaki <shinichiro.kawasaki@wdc.com>
[Extend the check to all requests, not just READ CAPACITY]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-07-19 19:04:49 +02:00
Xie Yongji
68fa7ca015 vhost-user-scsi: Call virtio_scsi_common_unrealize() when device realize failed
This avoids memory leak when device hotplug is failed.

Signed-off-by: Xie Yongji <xieyongji@baidu.com>
Message-Id: <20190717004606.12444-2-xieyongji@baidu.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-07-19 19:04:49 +02:00
Xie Yongji
934443c37b vhost-scsi: Call virtio_scsi_common_unrealize() when device realize failed
This avoids memory leak when device hotplug is failed.

Signed-off-by: Xie Yongji <xieyongji@baidu.com>
Message-Id: <20190717004606.12444-1-xieyongji@baidu.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-07-19 19:04:49 +02:00
Paolo Bonzini
12e1dc4939 virtio-scsi: remove unused argument to virtio_scsi_common_realize
The argument is not used and passing it clutters error propagation in the
callers.  So, get rid of it.

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-07-19 19:04:38 +02:00
Paolo Bonzini
1e44f3ab71 target/i386: skip KVM_GET/SET_NESTED_STATE if VMX disabled, or for SVM
Do not allocate env->nested_state unless we later need to migrate the
nested virtualization state.

With this change, nested_state_needed() will return false if the
VMX flag is not included in the virtual machine.  KVM_GET/SET_NESTED_STATE
is also disabled for SVM which is safer (we know that at least the NPT
root and paging mode have to be saved/loaded), and thus the corresponding
subsection can go away as well.

Inspired by a patch from Liran Alon.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-07-19 18:02:22 +02:00
Liran Alon
79a197ab18 target/i386: kvm: Demand nested migration kernel capabilities only when vCPU may have enabled VMX
Previous to this change, a vCPU exposed with VMX running on a kernel
without KVM_CAP_NESTED_STATE or KVM_CAP_EXCEPTION_PAYLOAD resulted in
adding a migration blocker. This was because when the code was written
it was thought there is no way to reliably know if a vCPU is utilising
VMX or not at runtime. However, it turns out that this can be known to
some extent:

In order for a vCPU to enter VMX operation it must have CR4.VMXE set.
Since it was set, CR4.VMXE must remain set as long as the vCPU is in
VMX operation. This is because CR4.VMXE is one of the bits set
in MSR_IA32_VMX_CR4_FIXED1.
There is one exception to the above statement when vCPU enters SMM mode.
When a vCPU enters SMM mode, it temporarily exits VMX operation and
may also reset CR4.VMXE during execution in SMM mode.
When the vCPU exits SMM mode, vCPU state is restored to be in VMX operation
and CR4.VMXE is restored to its original state of being set.
Therefore, when the vCPU is not in SMM mode, we can infer whether
VMX is being used by examining CR4.VMXE. Otherwise, we cannot
know for certain but assume the worse that vCPU may utilise VMX.

Summaring all the above, a vCPU may have enabled VMX in case
CR4.VMXE is set or vCPU is in SMM mode.

Therefore, remove migration blocker and check before migration
(cpu_pre_save()) if the vCPU may have enabled VMX. If true, only then
require relevant kernel capabilities.

While at it, demand KVM_CAP_EXCEPTION_PAYLOAD only when the vCPU is in
guest-mode and there is a pending/injected exception. Otherwise, this
kernel capability is not required for proper migration.

Reviewed-by: Joao Martins <joao.m.martins@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Reviewed-by: Maran Wilson <maran.wilson@oracle.com>
Tested-by: Maran Wilson <maran.wilson@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-07-19 18:01:47 +02:00
Peter Maydell
4a10982c32 Block layer patches:
- block: Fix forbidden use of polling in drained_end
 - block: Don't wait for I/O throttling while exiting QEMU
 - iotests: Use read-zeroes for the null driver to be Valgrind-friendly
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJdMcXmAAoJEH8JsnLIjy/WD4MP/iQuIpHIxLy5YzOiOXEo+Ofj
 Zw9qVndHn8/6J8gEZUbjblS94OKmlNWdCsSMApg8GWmgaGwZyHX59jDhqe+ZcFnq
 l6J8Qu+MW4b+UEk8JaAH5Y0Q1ZMwEmJOoUha587cgMB6aatGEUfeuN5mE3DGMHAF
 BAYDPl4W0Gd/na/cEcLTX8wio7+nQZooUW0htPuOOwdtU1aUMo8KFTXjMfnAKbDI
 3Vje+mtt1ica1PCyEdud7mwkQcvOpsKNdDPKwMhpZY4BQ8xnAK5xhmd2XOyK8YoN
 Pkc0inyltqWwv9OhRp4CBxWorZJtULhKhwdYLZtCuAdujSACseZQDr+3ZxASCjkU
 auKQAwViBLB4e2bVsm/4xYNmAQug8RYixGjyiAxjb8YUfikQbsJnNYG64Yvs6uKJ
 miMKkjtNtcpkugKTY7gJI0uPO4Hyv9sSv/VRkxJIq5zq0avmUClA23MgbtteWHf6
 K1TW1pfVrBNOIsrTjtjH9YdZemJcEl2ecP/cYGZTnDW4ZQ8q1bbex4vuL1ssNhZX
 T3+yq0fIqtXvNHODmUeSkPRMValGiJA7+R31z4im0qefrB7zRJzuqz+RztiYBZn7
 bJKOFDySCkqmPHxwM4ZNn8+qXK5S6DCzpRKmc5b48yNRTf5ge4d12kNjhwOttgiJ
 KxgWkLWxjRwpRnVawXGZ
 =4ELS
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches:

- block: Fix forbidden use of polling in drained_end
- block: Don't wait for I/O throttling while exiting QEMU
- iotests: Use read-zeroes for the null driver to be Valgrind-friendly

# gpg: Signature made Fri 19 Jul 2019 14:30:14 BST
# gpg:                using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full]
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream:
  iotests: Test quitting with job on throttled node
  vl: Drain before (block) job cancel when quitting
  iotests: Test commit with a filter on the chain
  iotests: Add @has_quit to vm.shutdown()
  block: Loop unsafely in bdrv*drained_end()
  tests: Extend commit by drained_end test
  block: Do not poll in bdrv_do_drained_end()
  tests: Lock AioContexts in test-block-iothread
  block: Make bdrv_parent_drained_[^_]*() static
  block: Add @drained_end_counter
  tests: Add job commit by drained_end test
  block: Introduce BdrvChild.parent_quiesce_counter
  iotests: Set read-zeroes on in null block driver for Valgrind

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-07-19 14:59:13 +01:00
Peter Maydell
e2b47666fe Merge misc fixes
A collection of patches I have fixing crypto code and other pieces
 without an assigned maintainer
 
  * Fixes crypto function signatures to be compatible with
    both old and new versions of nettle
  * Fixes deprecation warnings on new nettle
  * Fixes GPL license header typos
  * Documents security implications of monitor usage
  * Optimize linking of capstone to avoid it in tools
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE2vOm/bJrYpEtDo4/vobrtBUQT98FAl0xxJUACgkQvobrtBUQ
 T98e/g/+MG0T2JUWs3RiG32frJQSogLle112Nyyoonbbf1nmJ2gBUfURR8b33eCH
 R+iS6NUoeeo7MxZ7DZDWJhAzqhJS/HwMtfBBf0JmpWZkRS9iitUAoPPMYOb+gYe/
 xEPW13AKAR2PgDBzpnIdN36x3WWo87vuA5x56qtdK7NYHWzS2GHjI4hzqI3+t9xB
 E7f3KWIHpNAXdnHlaweMu/qZ9Md+Zu4GbJQzsVGRR7PGSCKq50GEf3ssk6RFd3Hh
 dtz/oZiRlfDXwlJTaI8pW/JsvUyJtFG/iQjOiRYkvKnKxdskJki9v+fB/cv8220o
 ytGQKdFfc+E2+qFWd+OBZbExeRO2SYVKF9aLQiNeESKEL/UpVpJs1MO7FDN5CoNy
 6+PU7gVVjV40XVOLHdVza5wRwencR2fUmewE4INcFfiMqad8rbOZoCcodkfIxFpI
 UAj6js2/DfSMbrXL+7X9L2URUO1NS6YuB2OdP9E04IDTkGLdIs+3G56nZUM+E8eu
 Fhw1BMG6d4ytxF6QOtPCTJ7gwHMZWE3A64pwwMFZaDyCF++aIeVgpIvGNNSgOIVG
 tQIQ7WihDCuIgHFvd2tUSrLCVq6pDOWeiYde56AfrFJg34+GrsUlnrT38Us+aVaB
 rKC/bSO88y4Swz58PH2QvX0Sd1+yvcrk0GZEcNIRWXJUfhx/GTk=
 =iE4/
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/berrange/tags/misc-next-pull-request' into staging

Merge misc fixes

A collection of patches I have fixing crypto code and other pieces
without an assigned maintainer

 * Fixes crypto function signatures to be compatible with
   both old and new versions of nettle
 * Fixes deprecation warnings on new nettle
 * Fixes GPL license header typos
 * Documents security implications of monitor usage
 * Optimize linking of capstone to avoid it in tools

# gpg: Signature made Fri 19 Jul 2019 14:24:37 BST
# gpg:                using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full]
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>" [full]
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E  8E3F BE86 EBB4 1510 4FDF

* remotes/berrange/tags/misc-next-pull-request:
  crypto: Fix LGPL information in the file headers
  doc: document that the monitor console is a privileged control interface
  configure: only link capstone to emulation targets
  crypto: fix function signatures for nettle 2.7 vs 3
  crypto: switch to modern nettle AES APIs

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-07-19 14:29:13 +01:00
Thomas Huth
b7cbb8741b crypto: Fix LGPL information in the file headers
It's either "GNU *Library* General Public License version 2" or "GNU
Lesser General Public License version *2.1*", but there was no "version
2.0" of the "Lesser" license. So assume that version 2.1 is meant here.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-19 14:21:25 +01:00
Daniel P. Berrangé
4f24430821 doc: document that the monitor console is a privileged control interface
A supposed exploit of QEMU was recently announced as CVE-2019-12928
claiming that the monitor console was insecure because the "migrate"
command enabled arbitrary command execution for a remote attacker.

To be a security risk the user launching QEMU must have configured
the monitor in a way that allows for other users to access it. The
exploit report quoted use of the "tcp" character device backend for
QMP.

This would indeed allow any network user to connect to QEMU and
execute arbitrary commands, however, this is not a flaw in QEMU.
It is the normal expected behaviour of the monitor console and the
commands it supports. Given a monitor connection, there are many
ways to access host file system content besides the migrate command.

The reality is that the monitor console (whether QMP or HMP) is
considered a privileged interface to QEMU and as such must only
be made available to trusted users. IOW, making it available with
no authentication over TCP is simply a, very serious, user
configuration error not a security flaw in QEMU itself.

The one thing this bogus security report highlights though is that
we have not clearly documented the security implications around the
use of the monitor. Add a few paragraphs of text to the security
docs explaining why the monitor is a privileged interface and making
a recommendation to only use the UNIX socket character device backend.

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Prasad J Pandit <pjp@fedoraproject.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-19 14:21:08 +01:00
Max Reitz
49278ec065 iotests: Test quitting with job on throttled node
When qemu quits, all throttling should be ignored.  That means, if there
is a mirror job running from a throttled node, it should be cancelled
immediately and qemu close without blocking.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2019-07-19 15:17:55 +02:00
Max Reitz
e6f0ac4d52 vl: Drain before (block) job cancel when quitting
If the main loop cancels all block jobs while the block layer is not
drained, this cancelling may not happen instantaneously.  We can start a
drained section before vm_shutdown(), which entails another
bdrv_drain_all(); this nested bdrv_drain_all() will thus be a no-op,
basically.

We do not have to end the drained section, because we actually do not
want any requests to happen from this point on.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2019-07-19 15:17:54 +02:00
Peter Maydell
c054147ecc Add missing fallthrough annotations.
-----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEEw9DWbcNiT/aowBjO3s9rk8bwL68FAl0xqzkSHGNvaHVja0By
 ZWRoYXQuY29tAAoJEN7Pa5PG8C+vf78P/2b9JrNu1Pn8j/RRqwIqY/cHjtycxi7o
 N8GaElq+HTa7r98VZtqZ0a51Gk0IUyud6dZKosWuSFFV8izB3g0OMYR/7Nh8gtX4
 px/dNtudBVINQzL1ySwS4NBf+q3YvRdMik71YyTIU+iNacqSVciYa/fLTxj2IbVY
 krchoh8D/wIVp4ZLi4i2gmHa4cTh8xutKnbh+KyhQ+JpT1rhGjMHnqG5dTrKG4bX
 xITNhGpW77WqMzlVWjjNYk+yq7OIGX8XXPz73DjqE+YerqJvtMcf5pdEFDsSHi1q
 C7CDoDvsYCTGel8xzMeTFCJrIh9BnVWzbU9e6ZzM8AeC+8j8AX1h5XtntoEU1IsE
 XwFok9yHy0bk4Xs5ja5yJFlH23TGX+TXIv302NK+dMB4x4kSsP2FNgEhf0BpxoRk
 HobOyivvCVMHL/Yb6av0ntOi+KAwfuqXpDLdu4PBm/1Deo3Wtpu2HLf12Adh0Acx
 idyP6OHLgb6N+fbgkuaLgyUmFTkf04xR2VjpkIR0nP6Jd5iY9MMJIDXEX54ZKMqS
 zmXLIMBXPIJzMl60c3QMkP58wRFNqQTXL8d6zURcR1XtuBxlzkNo+Esw4YOu8OXX
 Mp0sAM2GQQSt8SzaWlhzlsLj+wbsQMUcxrQQ0YVKt5e09AF5IznfEUiNVZ8bXOxz
 sWUawVTFYLSD
 =23to
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20190719' into staging

Add missing fallthrough annotations.

# gpg: Signature made Fri 19 Jul 2019 12:36:25 BST
# gpg:                using RSA key C3D0D66DC3624FF6A8C018CEDECF6B93C6F02FAF
# gpg:                issuer "cohuck@redhat.com"
# gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>" [unknown]
# gpg:                 aka "Cornelia Huck <huckc@linux.vnet.ibm.com>" [full]
# gpg:                 aka "Cornelia Huck <cornelia.huck@de.ibm.com>" [full]
# gpg:                 aka "Cornelia Huck <cohuck@kernel.org>" [unknown]
# gpg:                 aka "Cornelia Huck <cohuck@redhat.com>" [unknown]
# Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0  18CE DECF 6B93 C6F0 2FAF

* remotes/cohuck/tags/s390x-20190719:
  s390x/pci: add some fallthrough annotations

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-07-19 12:52:36 +01:00
Daniel P. Berrangé
02f9135be6 configure: only link capstone to emulation targets
Only the emulators link to code that uses capstone, so adding it to the
global LIBs places undesirable dependancies on other binaries, in
particular the tools.

There is no variable that covers both user emulation and machine
emulation, so add a new "$libs_cpu" for this purpose.

In particular this removes the 8 MB capstone dep from the things
qemu-img links against, allowing for a more minimal installation
in scenarios that don't want system emulators installed.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-19 12:52:04 +01:00
Daniel P. Berrangé
f887849007 crypto: fix function signatures for nettle 2.7 vs 3
Nettle version 2.7.x used 'unsigned int' instead of 'size_t' for length
parameters in functions. Use a local typedef so that we can build with
the correct signature depending on nettle version, as we already do in
the cipher code.

Reported-by: Amol Surati <suratiamol@gmail.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Tested-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-19 12:48:22 +01:00