Commit Graph

85950 Commits

Author SHA1 Message Date
Bin Meng
d6150ace2b hw/riscv: microchip_pfsoc: Map EMMC/SD mux register
Since HSS commit c20a89f8dcac, the Icicle Kit reference design has
been updated to use a register mapped at 0x4f000000 instead of a
GPIO to control whether eMMC or SD card is to be used. With this
support the same HSS image can be used for both eMMC and SD card
boot flow, while previously two different board configurations were
used. This is undocumented but one can take a look at the HSS code
HSS_MMCInit() in services/mmc/mmc_api.c.

With this commit, HSS image built from 2020.12 release boots again.

Signed-off-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20210322075248.136255-1-bmeng.cn@gmail.com
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2021-03-22 21:54:40 -04:00
Bin Meng
aac8e46e9d hw/block: m25p80: Support fast read for SST flashes
Per SST25VF016B datasheet [1], SST flash requires a dummy byte after
the address bytes. Note only SPI mode is supported by SST flashes.

[1] http://ww1.microchip.com/downloads/en/devicedoc/s71271_04.pdf

Signed-off-by: Bin Meng <bin.meng@windriver.com>
Acked-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20210306060152.7250-1-bmeng.cn@gmail.com
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2021-03-22 21:54:40 -04:00
Georg Kotheimer
ec352d0cab target/riscv: Add proper two-stage lookup exception detection
The current two-stage lookup detection in riscv_cpu_do_interrupt falls
short of its purpose, as all it checks is whether two-stage address
translation either via the hypervisor-load store instructions or the
MPRV feature would be allowed.

What we really need instead is whether two-stage address translation was
active when the exception was raised. However, in riscv_cpu_do_interrupt
we do not have the information to reliably detect this. Therefore, when
we raise a memory fault exception we have to record whether two-stage
address translation is active.

Signed-off-by: Georg Kotheimer <georg.kotheimer@kernkonzept.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20210319141459.1196741-1-georg.kotheimer@kernkonzept.com
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2021-03-22 21:54:40 -04:00
Georg Kotheimer
9d5451e077 target/riscv: Fix read and write accesses to vsip and vsie
The previous implementation was broken in many ways:
 - Used mideleg instead of hideleg to mask accesses
 - Used MIP_VSSIP instead of VS_MODE_INTERRUPTS to mask writes to vsie
 - Did not shift between S bits and VS bits (VSEIP <-> SEIP, ...)

Signed-off-by: Georg Kotheimer <georg.kotheimer@kernkonzept.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20210311094738.1376795-1-georg.kotheimer@kernkonzept.com
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2021-03-22 21:54:40 -04:00
Asherah Connor
c346749ee9 hw/riscv: allow ramfb on virt
Allow ramfb on virt.  This lets `-device ramfb' work.

Signed-off-by: Asherah Connor <ashe@kivikakk.ee>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20210318235041.17175-3-ashe@kivikakk.ee
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2021-03-22 21:54:40 -04:00
Asherah Connor
0489348d0d hw/riscv: Add fw_cfg support to virt
Provides fw_cfg for the virt machine on riscv.  This enables
using e.g.  ramfb later.

Signed-off-by: Asherah Connor <ashe@kivikakk.ee>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20210318235041.17175-2-ashe@kivikakk.ee
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2021-03-22 21:54:40 -04:00
Georg Kotheimer
db9ab38b81 target/riscv: Use background registers also for MSTATUS_MPV
The current condition for the use of background registers only
considers the hypervisor load and store instructions,
but not accesses from M mode via MSTATUS_MPRV+MPV.

Signed-off-by: Georg Kotheimer <georg.kotheimer@kernkonzept.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20210311103036.1401073-1-georg.kotheimer@kernkonzept.com
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2021-03-22 21:54:40 -04:00
Georg Kotheimer
e89b631cf4 target/riscv: Make VSTIP and VSEIP read-only in hip
Signed-off-by: Georg Kotheimer <georg.kotheimer@kernkonzept.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20210311094902.1377593-1-georg.kotheimer@kernkonzept.com
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2021-03-22 21:54:40 -04:00
Georg Kotheimer
90ec1cff76 target/riscv: Adjust privilege level for HLV(X)/HSV instructions
According to the specification the "field SPVP of hstatus controls the
privilege level of the access" for the hypervisor virtual-machine load
and store instructions HLV, HLVX and HSV.

Signed-off-by: Georg Kotheimer <georg.kotheimer@kernkonzept.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20210311103005.1400718-1-georg.kotheimer@kernkonzept.com
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2021-03-22 21:54:40 -04:00
Jim Shu
2c2e0f2842 target/riscv: flush TLB pages if PMP permission has been changed
If PMP permission of any address has been changed by updating PMP entry,
flush all TLB pages to prevent from getting old permission.

Signed-off-by: Jim Shu <cwshu@andestech.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 1613916082-19528-4-git-send-email-cwshu@andestech.com
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2021-03-22 21:54:40 -04:00
Jim Shu
663e119317 target/riscv: add log of PMP permission checking
Like MMU translation, add qemu log of PMP permission checking for
debugging.

Signed-off-by: Jim Shu <cwshu@andestech.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 1613916082-19528-3-git-send-email-cwshu@andestech.com
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2021-03-22 21:54:40 -04:00
Jim Shu
b297129ae1 target/riscv: propagate PMP permission to TLB page
Currently, PMP permission checking of TLB page is bypassed if TLB hits
Fix it by propagating PMP permission to TLB page permission.

PMP permission checking also use MMU-style API to change TLB permission
and size.

Signed-off-by: Jim Shu <cwshu@andestech.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 1613916082-19528-2-git-send-email-cwshu@andestech.com
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2021-03-22 21:54:40 -04:00
Alexander Wagner
82a4ed8e50 hw/char: disable ibex uart receive if the buffer is full
Not disabling the UART leads to QEMU overwriting the UART receive buffer with
the newest received byte. The rx_level variable is added to allow the use of
the existing OpenTitan driver libraries.

Signed-off-by: Alexander Wagner <alexander.wagner@ulal.de>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20210309152130.13038-1-alexander.wagner@ulal.de
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2021-03-22 21:54:40 -04:00
Frank Chang
5e437d3ccd target/riscv: fix vs() to return proper error code
vs() should return -RISCV_EXCP_ILLEGAL_INST instead of -1 if rvv feature
is not enabled.

If -1 is returned, exception will be raised and cs->exception_index will
be set to the negative return value. The exception will then be treated
as an instruction access fault instead of illegal instruction fault.

Signed-off-by: Frank Chang <frank.chang@sifive.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20210223065935.20208-1-frank.chang@sifive.com
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2021-03-22 21:54:40 -04:00
Peter Maydell
c95bd5ff16 MIPS patches queue
- Fix array overrun (Coverity CID 1450831)
 - Deprecate KVM TE (Trap-and-Emul)
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmBYpHgACgkQ4+MsLN6t
 wN6fKRAAka2tmVbZw+2FD+T1hBGykNp0ZdFRB0g4qh9gns/l7jWs2lv22Ny9koYE
 VuTpHHyMRrSweZeCBaRbX5lcE1gIPAvCmbl/eosVBRsNiqQs5SPAMGlbr6kbAu2Z
 TTMH7mUp9Q6I8lxiACInE+Q3K0gKPtFse/CjQ3oJ2tnUMvjk0GAn//oI4TZHv4jl
 lIvJ+d1Y/pO7KYFH6VHMeoaUhIyaZ+YpmUBF5yRU9iCxGxKdW7xZaYwcTMS2+jah
 g+C/zVXxanrbfiUQZLkDNqPjPOTsXkf55rSdKn8MK1bvP+xwpTm+mtS8OG5jr20G
 BGGKwUJ3WE+BKB3C/NfRnnVlSQnmpBRaMSm1o3PTFUV8Dt0BJ8Qfqaycq8cxHPsG
 2e+H1WrtmoswalSGXS8b5u4WQKTucDNekjPEdBS5PIOPaY1W3/fUFjlVXpZ5kphm
 pnEk9yXAFvA45pyMzf4I4fZqMFQ+GhRUOUwtQ2Zm209Fucnxtn5iIviH4QcJFt5v
 t9B6liQuuZ/cLY0bUSD/LysW0c9gDKyVCim/GISHoyOQkeQaMAht9JS9zOybmLNa
 ooXfN+rpG+5OqtGdzsfkCQ/rk8jL4G1NbizH/jPlcWQqXhSH80fOKtrdEi26dOMb
 mOujcGKc4ZE33BKdFG/wSBucqsv/OZmcUwFxk9FFvszMLdXfOyg=
 =5qRC
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/philmd/tags/mips-fixes-20210322' into staging

MIPS patches queue

- Fix array overrun (Coverity CID 1450831)
- Deprecate KVM TE (Trap-and-Emul)

# gpg: Signature made Mon 22 Mar 2021 14:06:48 GMT
# gpg:                using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full]
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD  6BB2 E3E3 2C2C DEAD C0DE

* remotes/philmd/tags/mips-fixes-20210322:
  target/mips: Deprecate Trap-and-Emul KVM support
  target/mips/mxu_translate.c: Fix array overrun for D16MIN/D16MAX

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-03-22 14:26:13 +00:00
Jiaxun Yang
f071dc1f0c target/mips: Deprecate Trap-and-Emul KVM support
Upstream kernel had removed both host[1] and guest[2] support.

[1]: https://git.kernel.org/pub/scm/linux/kernel/git/mips/linux.git/commit/?id=45c7e8af4a5e3f0bea4ac209eea34118dd57ac64
[2]: https://git.kernel.org/pub/scm/linux/kernel/git/mips/linux.git/commit/?id=a1515ec7204edca770c07929df8538fcdb03ad46

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210317011235.7425-1-jiaxun.yang@flygoat.com>
[PMD: Specify mentioned kernel is Linux]
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2021-03-22 15:05:45 +01:00
Peter Maydell
20b42789aa target/mips/mxu_translate.c: Fix array overrun for D16MIN/D16MAX
Coverity reported (CID 1450831) an array overrun in
gen_mxu_D16MAX_D16MIN():

  1103     } else if (unlikely((XRb == 0) || (XRa == 0))) {
  ....
  1112         if (opc == OPC_MXU_D16MAX) {
  1113             tcg_gen_smax_i32(mxu_gpr[XRa - 1], t0, t1);
  1114         } else {
  1115             tcg_gen_smin_i32(mxu_gpr[XRa - 1], t0, t1);
  1116         }

>>> Overrunning array "mxu_gpr" of 15 8-byte elements at element
    index 4294967295 (byte offset 34359738367) using index "XRa - 1U"
    (which evaluates to 4294967295).

This happens because the code is confused about which of XRa, XRb and
XRc is the output, and which are the inputs.  XRa is the output, but
most of the conditions separating out different special cases are
written as if XRc is the output, with the result that we can end up
in the code path that assumes XRa is non-0 even when it is zero.

Fix the erroneous code, bringing it in to line with the structure
used in functions like gen_mxu_S32MAX_S32MIN() and
gen_mxu_Q8MAX_Q8MIN().

Fixes: CID 1450831
Fixes: bb84cbf385
Cc: qemu-stable@nongnu.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210316131353.4533-1-peter.maydell@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2021-03-22 15:05:41 +01:00
Peter Maydell
b184750926 -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
 
 iQEcBAABAgAGBQJgWGTMAAoJEO8Ells5jWIRLUQIAJ6xxOKldqyo9n9N2vP+6O1J
 lLSC0NT2d0ACptl/8o+KKlf9z2n7o/SKykLUXwCjgLeT2xTKhJ+p8tPOXJ4gns3D
 U3GGc20gUkuGwNl0g2Rr2Yz4EJXlxx5Sl9LJz9quyx0Yp0SV8fYgQpj3mLgRye6T
 hbVSDnQiSyo1iSx+Q/Qc6+Gr4a+sV4pExhrVP1n61JFCB95DUMNqjBsHv+urowHh
 WCN9JbHuiZRHeIGIZujJxzMrh8jlP4pPFIrXvsdwHm/xJlVTgMXFvfIjfi3IrYWU
 NbI0PluSfPbeAB8V+aPb9386K4UFpEEHJipIm+4HSVpVsAuoRVnEVoIWGubXfWo=
 =9Tij
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging

# gpg: Signature made Mon 22 Mar 2021 09:35:08 GMT
# gpg:                using RSA key EF04965B398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F  3562 EF04 965B 398D 6211

* remotes/jasowang/tags/net-pull-request:
  net/eth: Add an assert() and invert if() statement to simplify code
  net/eth: Read ip6_ext_hdr_routing buffer before accessing it
  net/eth: Check iovec has enough data earlier
  net/eth: Check size earlier in _eth_get_rss_ex_dst_addr()
  net/eth: Better describe _eth_get_rss_ex_dst_addr's offset argument
  net/eth: Simplify _eth_get_rss_ex_dst_addr()
  net/eth: Use correct in6_address offset in _eth_get_rss_ex_dst_addr()
  net/colo-compare.c: Optimize removal of secondary packet
  net/colo-compare.c: Fix memory leak for non-tcp packet
  hw/net: virtio-net: Initialize nc->do_not_pad to true
  net: Pad short frames to minimum size before sending from SLiRP/TAP
  net: Add a 'do_not_pad" to NetClientState
  net: eth: Add a helper to pad a short Ethernet frame

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-03-22 11:24:55 +00:00
Peter Maydell
f0f20022a0 * Small fixes for the unit tests
* Compilation fixes for Illumos et al.
 * Update the FreeBSD VM to 12.2
 -----BEGIN PGP SIGNATURE-----
 
 iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmBXeZ4RHHRodXRoQHJl
 ZGhhdC5jb20ACgkQLtnXdP5wLbXrtw//SWtVgXYlifD8JTJcF40CcXB4/hFzPPvs
 syFBtm7mFikgkiXa0oKPVpiHeEmvYvE7F9H30xbxEb3eqg194K+KBHOL8PBH03Mv
 3P7IjEs+MOIUvpYcCwoJWS1r9Dpw4IMfGSljdkYWW4iO9TJBt+xOOIQy68eJnXkw
 eEEZ9NjBq6cSKSEoIyaRiGIi1OsLMGatsXEgKhaKBiLaKFagNLEzTOxKafSyJkWt
 jRgESoLbUH3EbkmKrUZGYhVpKgFiXSJMz1j35ujqVhMY3FeCi69xjcvpiXRN1NMS
 kQO6CKkkVa5WpCPhqUPBI5pKzIAax180v7Qes+hlOgecNCjy76wVY2ZJVUf1kuxL
 aHdgs77Tmq6dwCjuDu2Jon78Rge89cKCIXCDI70BYQUv7zHxwxVyO6Fwn889k3D/
 7xIsze0oELbHYSperMm2wyOmswevyUOGCCBprtgrDUW/CtFMBQBHI5kvs4PV0dx9
 GssCl9xkzNtGqeH/pHy5gr8NkYxSfAQRdv4NQen4lrpZpGDltOa3eJ+EDuIYYLdR
 fsPMVuc5AKuw4lgNyIzPrIq7SAhbhlYxhsNLKFh+XpvEF3/d0OHkT02o10iXH9Py
 I2S4qdVbKp5ZYa8Fj9fTksxAU3qn0DR8zAMh5RIFkce0u6M05UZ/2KaOW4WQVEbJ
 NFRresAmcgw=
 =fkgL
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/thuth-gitlab/tags/pull-request-2021-03-21' into staging

* Small fixes for the unit tests
* Compilation fixes for Illumos et al.
* Update the FreeBSD VM to 12.2

# gpg: Signature made Sun 21 Mar 2021 16:51:42 GMT
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg:                issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* remotes/thuth-gitlab/tags/pull-request-2021-03-21:
  FreeBSD: Upgrade to 12.2 release
  contrib: ivshmem client and server build fix for SunOS.
  configure: fix for SunOS based systems
  tests/unit/test-block-iothread: fix maybe-uninitialized error on GCC 11
  docs/devel/testing.rst: Fix references to unit tests

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-03-22 10:05:45 +00:00
Philippe Mathieu-Daudé
c7274b5ef4 net/eth: Add an assert() and invert if() statement to simplify code
To simplify the function body, invert the if() statement, returning
earlier.
Since we already checked there is enough data in the iovec buffer,
simply add an assert() call to consume the bytes_read variable.

Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: Miroslav Rezanina <mrezanin@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-03-22 17:34:31 +08:00
Philippe Mathieu-Daudé
7d6a4f123e net/eth: Read ip6_ext_hdr_routing buffer before accessing it
We can't know the caller read enough data in the memory pointed
by ext_hdr to cast it as a ip6_ext_hdr_routing.
Declare rt_hdr on the stack and fill it again from the iovec.

Since we already checked there is enough data in the iovec buffer,
simply add an assert() call to consume the bytes_read variable.

This fix a 2 bytes buffer overrun in eth_parse_ipv6_hdr() reported
by QEMU fuzzer:

  $ cat << EOF | ./qemu-system-i386 -M pc-q35-5.0 \
    -accel qtest -monitor none \
    -serial none -nographic -qtest stdio
  outl 0xcf8 0x80001010
  outl 0xcfc 0xe1020000
  outl 0xcf8 0x80001004
  outw 0xcfc 0x7
  write 0x25 0x1 0x86
  write 0x26 0x1 0xdd
  write 0x4f 0x1 0x2b
  write 0xe1020030 0x4 0x190002e1
  write 0xe102003a 0x2 0x0807
  write 0xe1020048 0x4 0x12077cdd
  write 0xe1020400 0x4 0xba077cdd
  write 0xe1020420 0x4 0x190002e1
  write 0xe1020428 0x4 0x3509d807
  write 0xe1020438 0x1 0xe2
  EOF
  =================================================================
  ==2859770==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffdef904902 at pc 0x561ceefa78de bp 0x7ffdef904820 sp 0x7ffdef904818
  READ of size 1 at 0x7ffdef904902 thread T0
      #0 0x561ceefa78dd in _eth_get_rss_ex_dst_addr net/eth.c:410:17
      #1 0x561ceefa41fb in eth_parse_ipv6_hdr net/eth.c:532:17
      #2 0x561cef7de639 in net_tx_pkt_parse_headers hw/net/net_tx_pkt.c:228:14
      #3 0x561cef7dbef4 in net_tx_pkt_parse hw/net/net_tx_pkt.c:273:9
      #4 0x561ceec29f22 in e1000e_process_tx_desc hw/net/e1000e_core.c:730:29
      #5 0x561ceec28eac in e1000e_start_xmit hw/net/e1000e_core.c:927:9
      #6 0x561ceec1baab in e1000e_set_tdt hw/net/e1000e_core.c:2444:9
      #7 0x561ceebf300e in e1000e_core_write hw/net/e1000e_core.c:3256:9
      #8 0x561cef3cd4cd in e1000e_mmio_write hw/net/e1000e.c:110:5

  Address 0x7ffdef904902 is located in stack of thread T0 at offset 34 in frame
      #0 0x561ceefa320f in eth_parse_ipv6_hdr net/eth.c:486

    This frame has 1 object(s):
      [32, 34) 'ext_hdr' (line 487) <== Memory access at offset 34 overflows this variable
  HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork
        (longjmp and C++ exceptions *are* supported)
  SUMMARY: AddressSanitizer: stack-buffer-overflow net/eth.c:410:17 in _eth_get_rss_ex_dst_addr
  Shadow bytes around the buggy address:
    0x10003df188d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    0x10003df188e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    0x10003df188f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    0x10003df18900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    0x10003df18910: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1
  =>0x10003df18920:[02]f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
    0x10003df18930: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    0x10003df18940: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    0x10003df18950: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    0x10003df18960: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    0x10003df18970: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  Shadow byte legend (one shadow byte represents 8 application bytes):
    Addressable:           00
    Partially addressable: 01 02 03 04 05 06 07
    Stack left redzone:      f1
    Stack right redzone:     f3
  ==2859770==ABORTING

Add the corresponding qtest case with the fuzzer reproducer.

FWIW GCC 11 similarly reported:

  net/eth.c: In function 'eth_parse_ipv6_hdr':
  net/eth.c:410:15: error: array subscript 'struct ip6_ext_hdr_routing[0]' is partly outside array bounds of 'struct ip6_ext_hdr[1]' [-Werror=array-bounds]
    410 |     if ((rthdr->rtype == 2) && (rthdr->segleft == 1)) {
        |          ~~~~~^~~~~~~
  net/eth.c:485:24: note: while referencing 'ext_hdr'
    485 |     struct ip6_ext_hdr ext_hdr;
        |                        ^~~~~~~
  net/eth.c:410:38: error: array subscript 'struct ip6_ext_hdr_routing[0]' is partly outside array bounds of 'struct ip6_ext_hdr[1]' [-Werror=array-bounds]
    410 |     if ((rthdr->rtype == 2) && (rthdr->segleft == 1)) {
        |                                 ~~~~~^~~~~~~~~
  net/eth.c:485:24: note: while referencing 'ext_hdr'
    485 |     struct ip6_ext_hdr ext_hdr;
        |                        ^~~~~~~

Cc: qemu-stable@nongnu.org
Buglink: https://bugs.launchpad.net/qemu/+bug/1879531
Reported-by: Alexander Bulekov <alxndr@bu.edu>
Reported-by: Miroslav Rezanina <mrezanin@redhat.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: Miroslav Rezanina <mrezanin@redhat.com>
Fixes: eb700029c7 ("net_pkt: Extend packet abstraction as required by e1000e functionality")
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-03-22 17:34:31 +08:00
Philippe Mathieu-Daudé
ef763586c9 net/eth: Check iovec has enough data earlier
We want to check fields from ip6_ext_hdr_routing structure
and if correct read the full in6_address. Let's directly check
if our iovec contains enough data for everything, else return
early.

Suggested-by: Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: Miroslav Rezanina <mrezanin@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-03-22 17:34:31 +08:00
Philippe Mathieu-Daudé
6f10f77dcd net/eth: Check size earlier in _eth_get_rss_ex_dst_addr()
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: Miroslav Rezanina <mrezanin@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-03-22 17:34:31 +08:00
Philippe Mathieu-Daudé
dbd8d3f959 net/eth: Better describe _eth_get_rss_ex_dst_addr's offset argument
The 'offset' argument represents the offset to the ip6_ext_hdr
header, rename it as 'ext_hdr_offset'.

Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: Miroslav Rezanina <mrezanin@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-03-22 17:34:31 +08:00
Philippe Mathieu-Daudé
38462440ca net/eth: Simplify _eth_get_rss_ex_dst_addr()
The length field is already contained in the ip6_ext_hdr structure.
Check it direcly in eth_parse_ipv6_hdr() before calling
_eth_get_rss_ex_dst_addr(), which gets a bit simplified.

Reviewed-by: Miroslav Rezanina <mrezanin@redhat.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-03-22 17:34:31 +08:00
Philippe Mathieu-Daudé
b565b44ec2 net/eth: Use correct in6_address offset in _eth_get_rss_ex_dst_addr()
The in6_address comes after the ip6_ext_hdr_routing header,
not after the ip6_ext_hdr one. Fix the offset.

Cc: qemu-stable@nongnu.org
Reported-by: Stefano Garzarella <sgarzare@redhat.com>
Fixes: eb700029c7 ("net_pkt: Extend packet abstraction as required by e1000e functionality")
Reviewed-by: Miroslav Rezanina <mrezanin@redhat.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-03-22 17:34:31 +08:00
Lukas Straub
739128e43b net/colo-compare.c: Optimize removal of secondary packet
g_queue_remove needs to look up the list entry first, but we
already have it as result and can remove it directly with
g_queue_delete_link.

Signed-off-by: Lukas Straub <lukasstraub2@web.de>
Signed-off-by: Zhang Chen <chen.zhang@intel.com>
Reviewed-by: Zhang Chen <chen.zhang@intel.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-03-22 17:34:31 +08:00
Lukas Straub
9162ed6649 net/colo-compare.c: Fix memory leak for non-tcp packet
Additional to removing the packet from the secondary queue,
we also need to free it.

Signed-off-by: Lukas Straub <lukasstraub2@web.de>
Signed-off-by: Zhang Chen <chen.zhang@intel.com>
Reviewed-by: Zhang Chen <chen.zhang@intel.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-03-22 17:34:31 +08:00
Bin Meng
d4c6293041 hw/net: virtio-net: Initialize nc->do_not_pad to true
For virtio-net, there is no need to pad the Ethernet frame size to
60 bytes before sending to it.

Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-03-22 17:34:31 +08:00
Bin Meng
969e50b61a net: Pad short frames to minimum size before sending from SLiRP/TAP
The minimum Ethernet frame length is 60 bytes. For short frames with
smaller length like ARP packets (only 42 bytes), on a real world NIC
it can choose either padding its length to the minimum required 60
bytes, or sending it out directly to the wire. Such behavior can be
hardcoded or controled by a register bit. Similarly on the receive
path, NICs can choose either dropping such short frames directly or
handing them over to software to handle.

On the other hand, for the network backends like SLiRP/TAP, they
don't expose a way to control the short frame behavior. As of today
they just send/receive data from/to the other end connected to them,
which means any sized packet is acceptable. So they can send and
receive short frames without any problem. It is observed that ARP
packets sent from SLiRP/TAP are 42 bytes, and SLiRP/TAP just send
these ARP packets to the other end which might be a NIC model that
does not allow short frames to pass through.

To provide better compatibility, for packets sent from QEMU network
backends like SLiRP/TAP, we change to pad short frames before sending
it out to the other end, if the other end does not forbid it via the
nc->do_not_pad flag. This ensures a backend as an Ethernet sender
does not violate the spec. But with this change, the behavior of
dropping short frames from SLiRP/TAP interfaces in the NIC model
cannot be emulated because it always receives a packet that is spec
complaint. The capability of sending short frames from NIC models is
still supported and short frames can still pass through SLiRP/TAP.

This commit should be able to fix the issue as reported with some
NIC models before, that ARP requests get dropped, preventing the
guest from becoming visible on the network. It was workarounded in
these NIC models on the receive path, that when a short frame is
received, it is padded up to 60 bytes.

The following 2 commits seem to be the one to workaround this issue
in e1000 and vmxenet3 before, and should probably be reverted.

  commit 78aeb23ede ("e1000: Pad short frames to minimum size (60 bytes)")
  commit 40a87c6c9b ("vmxnet3: Pad short frames to minimum size (60 bytes)")

Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-03-22 17:34:31 +08:00
Bin Meng
935344bed6 net: Add a 'do_not_pad" to NetClientState
This adds a flag in NetClientState, so that a net client can tell
its peer that the packets do not need to be padded to the minimum
size of an Ethernet frame (60 bytes) before sending to it.

Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-03-22 17:34:31 +08:00
Bin Meng
af774513f7 net: eth: Add a helper to pad a short Ethernet frame
Add a helper to pad a short Ethernet frame to the minimum required
length, which can be used by backends' code.

Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-03-22 17:34:31 +08:00
Warner Losh
262fd27392 FreeBSD: Upgrade to 12.2 release
FreeBSD 12.1 has reached end of life. Use 12.2 instead so that FreeBSD's
project's packages will work.  Update which timezone to pick. Work around a QEMU
bug that incorrectly raises an exception on a CRC32 instruction with the FPU
disabled.  The qemu bug is described here:
https://www.mail-archive.com/qemu-devel@nongnu.org/msg784158.html

Signed-off-by: Warner Losh <imp@bsdimp.com>
Message-Id: <20210307155654.993-2-imp@bsdimp.com>
[thuth: Disable gnutls to work-around a problem with libtasn1]
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-03-20 06:33:17 +01:00
David CARLIER
7e47061d93 contrib: ivshmem client and server build fix for SunOS.
sun is a macro on these systems, thus renaming the variables on the
client and server.

Signed-off-by: David Carlier <devnexen@gmail.com>
Message-Id: <CA+XhMqzHPG5ezqY-YxbA+tMoadA3VDFWBX8_LaLC5YsQOMrz+A@mail.gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-03-20 06:33:17 +01:00
David CARLIER
630d86b7f2 configure: fix for SunOS based systems
local directive make the configure fails on these systems.

Signed-off-by: David Carlier <devnexen@gmail.com>
Message-Id: <CA+XhMqy95D8X-QvBcEfL=a-Rkgy6aJtheskkqZwQkreru+T_Wg@mail.gmail.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-03-20 06:33:17 +01:00
Emanuele Giuseppe Esposito
d8b2e5639a tests/unit/test-block-iothread: fix maybe-uninitialized error on GCC 11
When building qemu with GCC 11, test-block-iothread produces the following
warning:

../tests/unit/test-block-iothread.c:148:11: error: ‘buf’ may be used
uninitialized [-Werror=maybe-uninitialized]

This is caused by buf[512] left uninitialized and passed to
bdrv_save_vmstate() that expects a const uint8_t *, so the compiler
assumes it will be read and expects the parameter to be initialized.

Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210319112218.49609-1-eesposit@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-03-20 06:17:09 +01:00
Wainer dos Santos Moschetta
8db5c3e216 docs/devel/testing.rst: Fix references to unit tests
With the recent move of the unit tests to tests/unit directory some
instructions under the "Unit tests" section became imprecise, which
are fixed by this change.

Fixes: da668aa15b ("tests: Move unit tests into a separate directory")
Signed-off-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Message-Id: <20210318174407.2299930-1-wainersm@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-03-20 06:15:45 +01:00
Peter Maydell
bdee969c0e * fixes for i386 TCG paging
* fixes for Hyper-V enlightenments
 * avoid uninitialized variable warning
 -----BEGIN PGP SIGNATURE-----
 
 iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmBUt1QUHHBib256aW5p
 QHJlZGhhdC5jb20ACgkQv/vSX3jHroNa+QgAjcOo9t4cP9CMAM+BwI3qe+iVo1Ug
 OzfLEtACd7BWeB7gZLzbX0ga926/ZQ5WJpgvKQmIdOOCM1PY07WbFogOkpk1B3IZ
 XyCSBneyqrlojSBsSzW3L//GNCyCD0aY8dIWPipsNenz5S/ObS7VMDzEoWOOElva
 wDctnxNRcGmRjs1HnXADyG3yBm8+vEhMImMXxTZdWAlxyL+wI/Aq+VdfkeAD47kZ
 uO0Z291KgYy3iyeZGxqJJJtVZGK8RPp8toM/ociMrk65gG+igctJdR/FRZY6SP7x
 2TkPoohJLwEehTBM7qP+36VVRvskwKwG/jwVxwORXFv4KNxBRaOCtaAMVQ==
 =OBel
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini-gitlab/tags/for-upstream' into staging

* fixes for i386 TCG paging
* fixes for Hyper-V enlightenments
* avoid uninitialized variable warning

# gpg: Signature made Fri 19 Mar 2021 14:38:12 GMT
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini-gitlab/tags/for-upstream:
  tests/qtest: cleanup the testcase for bug 1878642
  hw/intc/i8259: Refactor pic_read_irq() to avoid uninitialized variable
  i386: Make migration fail when Hyper-V reenlightenment was enabled but 'user_tsc_khz' is unset
  i386: Fix 'hypercall_hypercall' typo
  target/i386: svm: do not discard high 32 bits of EXITINFO1
  target/i386: fail if toggling LA57 in 64-bit mode
  target/i386: allow modifying TCG phys-addr-bits
  qom: use qemu_printf to print help for user-creatable objects

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-03-19 18:01:17 +00:00
Peter Maydell
2e1293cbaa QAPI patches patches for 2021-03-16
-----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEENUvIs9frKmtoZ05fOHC0AOuRhlMFAmBUvgwSHGFybWJydUBy
 ZWRoYXQuY29tAAoJEDhwtADrkYZTo6sP/icaemYrSu5XNjr3caoXTn0rAEYARhcD
 OLENnlDw2ipnXtB59d7J0AulVk7DR0Ejq0MmoNw2yDYdquhopu0XAxF0TnL51GS1
 gd+HygnLVlq/rkDLQn+GIvqzE8+Gx32zHhkQBft7GEHFt4YC5PeOWzG/yYxrt0Za
 VgjfT8WALx+pM8rYxAULbESZuw7eY7g8aNeJmcDmz7zWViVIZ0jEi3Mubdiq1gdc
 GM+qv/0BWPcQSba05RJlqY57s0JaoHcZy6Z5ReE11nyYxXssvNTKAg7Bvv/75H7c
 2Q4Ls2snqsNPpCzRKRtDbhiwLxQxycQ7Jb+BJ2wGMjOjgBl8B+3h70B/ub/OqEPz
 VY+T2ekhTPWRidTDjurAXEcT07M8fMI8feiN6WP+4YMtFZoF/L931JMolJtTZKv5
 D3Dy3QYpK+TjO6tnA93Jz8L5Am0aEngmHCTu6zWQuXauJxaYALf4tWbmKXZaQX2e
 ajqfvAT4xb8WI26I+LNcf37TCSl63xVCec6meS0QNBIM1PTl6ovFQhcSrXrOSrkU
 6HhCsIg7sZ/2MyW4zuINBdyoTAK+pXVSyutQ/OdMYPueDA64NCB5Mrptw/jejwtu
 5JwdevxrHGjnfLVlHFkTtYmH33hCiDtj5RswoONFcXxLanltJtFOtJXYUrkBIAZL
 j4rbal8z0RzR
 =DJOJ
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2021-03-16-v4' into staging

QAPI patches patches for 2021-03-16

# gpg: Signature made Fri 19 Mar 2021 15:06:52 GMT
# gpg:                using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg:                issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full]
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>" [full]
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-qapi-2021-03-16-v4:
  qapi: New -compat deprecated-input=crash
  qapi: Implement deprecated-input=reject for QMP command arguments
  qapi: Implement deprecated-input=reject for QMP commands
  test-util-sockets: Add stub for monitor_set_cur()
  qapi: Implement deprecated-output=hide for QMP introspection
  monitor: Drop query-qmp-schema 'gen': false hack
  qapi: Implement deprecated-output=hide for QMP event data
  qapi: Implement deprecated-output=hide for QMP events
  qapi: Implement deprecated-output=hide for QMP command results
  qemu-options: New -compat to set policy for deprecated interfaces
  qemuutil: remove qemu_set_fd_handler duplicate symbol

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-03-19 16:40:00 +00:00
Peter Maydell
8631a430e6 QOM and fdc patches patches for 2021-03-16
-----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEENUvIs9frKmtoZ05fOHC0AOuRhlMFAmBUsscSHGFybWJydUBy
 ZWRoYXQuY29tAAoJEDhwtADrkYZTYmwP/i5EbWro0zKsLNX/ezKTg3kNy4mAbYaz
 +HtzqS9DoSEbFEEglgoNvVzgiy+uvxbCtmr07ONEopR62MRqqANO9/kkI+vxKAIO
 RQx9VKA/P3iFhh5A4BmaNuLJOx5bznRVSfG8D0T10ELrJQ39EBnS/YqRpfblRpMo
 Ja33HMvGTWC2cx/tt5vKwlR8JYPr/lN8bQnxqY/rQIPCuAS6palYaj0k6+lGuNA/
 VOcBmJxix7bur+SfSkusYUBd44vbzvxwUTFLnckRUspy+cd9sjw34dFAf2cZx5FT
 0hwRtzzHxEiDHt23UCreyugRfETX9K2D87pBE9qLp9JfMjrgd9ycwUz3wQDlhl6h
 u88pV1CGjpMqeD7yLMgMGHoxmoPmkCtZLR/RHLZAKc/QaZb7ZDQWqtst+l9phrVH
 xRFBWWbJqKvND+XPvML9jHuS2BkqFmtq0dygw+u0L66SboiKEhuvWyfoKVpTPsmo
 7LuuAVphHzPA429hifM4/IgzfYsedsckYztANhWB5iqa3mVBLCIhHAZj1wdMnOhT
 xbO7/AOTeOF+n7TIazk8FBcVc1LVy9Gu0VcoVuvb34F6AuGP/cuepPERYP5PIAEx
 k9ijDfEXPXdklIRopotSzObpeBinhwnR2t9Qq0+0v4ZI/qz4hyw+lB8PViPMXFty
 /dpt07RvxH5U
 =6zPB
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-qom-fdc-2021-03-16-v5' into staging

QOM and fdc patches patches for 2021-03-16

# gpg: Signature made Fri 19 Mar 2021 14:18:47 GMT
# gpg:                using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg:                issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full]
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>" [full]
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-qom-fdc-2021-03-16-v5:
  memory: Drop "qemu:" prefix from QOM memory region type names
  hw: Replace anti-social QOM type names
  blockdev: Drop deprecated bogus -drive interface type
  fdc: Inline fdctrl_connect_drives() into fdctrl_realize_common()
  fdc: Drop deprecated floppy configuration
  docs/system/deprecated: Fix note on fdc drive properties
  fuzz: Avoid deprecated misuse of -drive if=sd

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-03-19 15:24:59 +00:00
Markus Armbruster
dbb675c19a qapi: New -compat deprecated-input=crash
Policy "crash" calls abort() when deprecated input is received.

Bugs in integration tests may mask the error from policy "reject".
Provide a larger hammer: crash outright.  Masking that seems unlikely.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210318155519.1224118-12-armbru@redhat.com>
2021-03-19 16:05:11 +01:00
Markus Armbruster
db29164103 qapi: Implement deprecated-input=reject for QMP command arguments
This policy rejects deprecated input, and thus permits "testing the
future".  Implement it for QMP command arguments: reject commands with
deprecated ones.  Example: when QEMU is run with -compat
deprecated-input=reject, then

    {"execute": "eject", "arguments": {"device": "cd"}}

fails like this

    {"error": {"class": "GenericError", "desc": "Deprecated parameter 'device' disabled by policy"}}

When the deprecated parameter is removed, the error will change to

    {"error": {"class": "GenericError", "desc": "Parameter 'device' is unexpected"}}

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210318155519.1224118-11-armbru@redhat.com>
2021-03-19 16:05:11 +01:00
Markus Armbruster
d2032598c4 qapi: Implement deprecated-input=reject for QMP commands
This policy rejects deprecated input, and thus permits "testing the
future".  Implement it for QMP commands: make deprecated ones fail.
Example: when QEMU is run with -compat deprecated-input=reject, then

    {"execute": "query-cpus"}

fails like this

    {"error": {"class": "CommandNotFound", "desc": "Deprecated command query-cpus disabled by policy"}}

When the deprecated command is removed, the error will change to

    {"error": {"class": "CommandNotFound", "desc": "The command query-cpus has not been found"}}

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210318155519.1224118-10-armbru@redhat.com>
2021-03-19 16:05:11 +01:00
Markus Armbruster
130d482422 test-util-sockets: Add stub for monitor_set_cur()
Without this stub, the next commit fails to link.  I suspect the real
cause is 947e47448d "monitor: Use getter/setter functions for
cur_mon".

Cc: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210318155519.1224118-9-armbru@redhat.com>
2021-03-19 16:05:11 +01:00
Markus Armbruster
2df68d777c qapi: Implement deprecated-output=hide for QMP introspection
This policy suppresses deprecated bits in output, and thus permits
"testing the future".  Implement it for QMP command query-qmp-schema:
suppress information on deprecated commands, events and object type
members, i.e. anything that has the special feature flag "deprecated".

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210318155519.1224118-8-armbru@redhat.com>
2021-03-19 16:05:11 +01:00
Markus Armbruster
624fa80c8c monitor: Drop query-qmp-schema 'gen': false hack
QMP commands return their response as a generated QAPI type, which the
monitor core converts to JSON via QObject.

query-qmp-schema's response is the generated introspection data.  This
is a QLitObject since commit 7d0f982bfb "qapi: generate a literal
qobject for introspection", v2.12).  Before, it was a string.  Instead
of converting QLitObject / string -> QObject -> QAPI type
SchemaInfoList -> QObject -> JSON, we take a shortcut: the command is
'gen': false, so it can return the QObject instead of the QAPI type.
Slightly simpler and more efficient.

The next commit will filter the response for output policy, and this
is easier in the SchemaInfoList representation.  Drop the shortcut.

This replaces the manual command registration by a generated one.  The
manual registration makes the command available before the machine is
built by passing flag QCO_ALLOW_PRECONFIG.  To keep it available
there, we need need to add 'allow-preconfig': true to its definition
in the schema.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210318155519.1224118-7-armbru@redhat.com>
2021-03-19 16:05:09 +01:00
Markus Armbruster
a291a38fa1 qapi: Implement deprecated-output=hide for QMP event data
This policy suppresses deprecated bits in output, and thus permits
"testing the future".  Implement it for QMP event data: suppress
deprecated members.

No QMP event data is deprecated right now.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210318155519.1224118-6-armbru@redhat.com>
2021-03-19 15:43:33 +01:00
Markus Armbruster
278fc2f7d3 qapi: Implement deprecated-output=hide for QMP events
This policy suppresses deprecated bits in output, and thus permits
"testing the future".  Implement it for QMP events: suppress
deprecated ones.

No QMP event is deprecated right now.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210318155519.1224118-5-armbru@redhat.com>
2021-03-19 15:43:33 +01:00
Markus Armbruster
91fa93e516 qapi: Implement deprecated-output=hide for QMP command results
This policy suppresses deprecated bits in output, and thus permits
"testing the future".  Implement it for QMP command results.  Example:
when QEMU is run with -compat deprecated-output=hide, then

    {"execute": "query-cpus-fast"}

yields

    {"return": [{"thread-id": 9805, "props": {"core-id": 0, "thread-id": 0, "socket-id": 0}, "qom-path": "/machine/unattached/device[0]", "cpu-index": 0, "target": "x86_64"}]}

instead of

    {"return": [{"arch": "x86", "thread-id": 22436, "props": {"core-id": 0, "thread-id": 0, "socket-id": 0}, "qom-path": "/machine/unattached/device[0]", "cpu-index": 0, "target": "x86_64"}]}

Note the suppression of deprecated member "arch".

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210318155519.1224118-4-armbru@redhat.com>
2021-03-19 15:43:33 +01:00
Markus Armbruster
6dd75472d5 qemu-options: New -compat to set policy for deprecated interfaces
New option -compat lets you configure what to do when deprecated
interfaces get used.  This is intended for testing users of the
management interfaces.  It is experimental.

-compat deprecated-input=<input-policy> configures what to do when
deprecated input is received.  Input policy can be "accept" (accept
silently), or "reject" (reject the request with an error).

-compat deprecated-output=<out-policy> configures what to do when
deprecated output is sent.  Output policy can be "accept" (pass on
unchanged), or "hide" (filter out the deprecated parts).

Default is "accept".  Policies other than "accept" are implemented
later in this series.

For now, -compat covers only syntactic aspects of QMP, i.e. stuff
tagged with feature 'deprecated'.  We may want to extend it to cover
semantic aspects, CLI, and experimental features.

Note that there is no good way for management application to detect
presence of -compat: it's not visible output of query-qmp-schema or
query-command-line-options.  Tolerable, because it's meant for
testing.  If running with -compat fails, skip the test.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210318155519.1224118-3-armbru@redhat.com>
2021-03-19 15:43:33 +01:00