Commit Graph

68659 Commits

Author SHA1 Message Date
Markus Armbruster
e1ce7d747b block/qapi: Clean up how we print to monitor or stdout
bdrv_snapshot_dump(), bdrv_image_info_specific_dump(),
bdrv_image_info_dump() and their helpers take an fprintf()-like
callback and a FILE * to pass to it.

hmp.c passes monitor_printf() cast to fprintf_function and the current
monitor cast to FILE *.

qemu-img.c and qemu-io-cmds.c pass fprintf and stdout.

The type-punning is technically undefined behaviour, but works in
practice.  Clean up: drop the callback, and call qemu_printf()
instead.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20190417191805.28198-8-armbru@redhat.com>
2019-04-18 22:18:59 +02:00
Markus Armbruster
ac7ff4cf5f qsp: Simplify how qsp_report() prints
qsp_report() takes an fprintf()-like callback and a FILE * to pass to
it.

Its only caller hmp_sync_profile() passes monitor_fprintf() and the
current monitor cast to FILE *.  monitor_fprintf() casts it right
back, and is otherwise identical to monitor_printf().  The
type-punning is ugly.

Drop the callback, and call qemu_printf() instead.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20190417191805.28198-7-armbru@redhat.com>
2019-04-18 22:18:59 +02:00
Markus Armbruster
76c8661595 tcg: Simplify how dump_drift_info() prints
dump_drift_info() takes an fprintf()-like callback and a FILE * to pass
to it.

Its only caller hmp_info_jit() passes monitor_fprintf() and a Monitor
* cast to FILE *.  monitor_fprintf() casts it right back, and is
otherwise identical to monitor_printf().  The type-punning is ugly.

Drop the callback, and call qemu_printf() instead.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20190417191805.28198-6-armbru@redhat.com>
2019-04-18 22:18:59 +02:00
Markus Armbruster
3de2faa9a8 tcg: Simplify how dump_exec_info() prints
dump_exec_info() takes an fprintf()-like callback and a FILE * to pass
to it.

Its only caller hmp_info_jit() passes monitor_fprintf() and the
current monitor cast to FILE *.  monitor_fprintf() casts it right
back, and is otherwise identical to monitor_printf().  The
type-punning is ugly.

Drop the callback, and call qemu_printf() instead.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20190417191805.28198-5-armbru@redhat.com>
2019-04-18 22:18:59 +02:00
Markus Armbruster
d4c51a0af3 tcg: Simplify how dump_opcount_info() prints
dump_opcount_info() takes an fprintf()-like callback and a FILE * to
pass to it.

Its only caller hmp_info_opcount() passes monitor_fprintf() and the
current monitor cast to FILE *.  monitor_fprintf() casts it right
back, and is otherwise identical to monitor_printf().  The
type-punning is ugly.

Drop the callback, and call qemu_printf() instead.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20190417191805.28198-4-armbru@redhat.com>
2019-04-18 22:18:59 +02:00
Markus Armbruster
ba4912cb0d trace: Simplify how st_print_trace_file_status() prints
st_print_trace_file_status() takes an fprintf()-like callback and a
FILE * to pass to it.

Its only caller hmp_trace_file() passes monitor_fprintf() and the
current monitor cast to FILE *.  monitor_fprintf() casts it right
back, and is otherwise identical to monitor_printf().  The
type-punning is ugly.

Drop the callback, and call qemu_printf() instead.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20190417191805.28198-3-armbru@redhat.com>
2019-04-18 22:18:59 +02:00
Markus Armbruster
15ce35fcf1 include: Include fprintf-fn.h only where needed
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20190417191805.28198-2-armbru@redhat.com>
2019-04-18 22:18:59 +02:00
Markus Armbruster
8acb2a758b monitor: Simplify how -device/device_add print help
Commit a95db58f21 added monitor_vfprintf() as an error_printf()
generalized from stderr to arbitrary streams, then used it wrapped in
helper out_printf() to print -device/device_add help to stdout.  Use
qemu_printf() instead, and delete monitor_vfprintf() and out_printf().

Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20190417190641.26814-16-armbru@redhat.com>
2019-04-18 22:18:59 +02:00
Markus Armbruster
6ade45f2ac char-pty: Print "char device redirected" message to stdout
char_pty_open() prints a "char device redirected to PTY_NAME (label
LABEL)" message to the current monitor or else to stderr.  This is not
an error, so it shouldn't go to stderr.  Print it to stdout instead.

Why is it even printed?  No other ChardevClass::open() prints anything
on success.  It's because you need to know PTY_NAME to actually use
this char device, e.g. like e.g. "socat STDIO,cfmakeraw FILE:PTY_NAME"
to use the monitor's readline interface.  You can get PTY_NAME with
"info chardev" (a.k.a. query-chardev for QMP), but only if you already
have a monitor.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190417190641.26814-15-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2019-04-18 22:18:59 +02:00
Markus Armbruster
ef2fd6f1d1 char: Make -chardev help print to stdout
Command line help explicitly requested by the user should be printed
to stdout, not stderr.  We do elsewhere.  Adjust -chardev to match:
use qemu_printf() instead of error_printf().  Plain printf() would be
wrong because we need to print to the current monitor for "chardev-add
help".

Cc: "Marc-André Lureau" <marcandre.lureau@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190417190641.26814-14-armbru@redhat.com>
2019-04-18 22:18:59 +02:00
Markus Armbruster
cdcd436120 blockdev: Make -drive format=help print to stdout
Command line help explicitly requested by the user should be printed
to stdout, not stderr.  We do elsewhere.  Adjust -drive to match: use
qemu_printf() instead of error_printf().  Plain printf() would be
wrong because we need to print to the current monitor for "drive_add
... format=help".

Cc: Kevin Wolf <kwolf@redhat.com>
Cc: Max Reitz <mreitz@redhat.com>
Cc: qemu-block@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190417190641.26814-13-armbru@redhat.com>
2019-04-18 22:18:59 +02:00
Markus Armbruster
637de4dba2 qemu-print: New qemu_printf(), qemu_vprintf() etc.
We commonly want to print to the current monitor if we have one, else
to stdout/stderr.  For stderr, have error_printf().  For stdout, all
we have is monitor_vfprintf(), which is rather unwieldy.  We often
print to stderr just because error_printf() is easier.

New qemu_printf() and qemu_vprintf() do exactly what's needed.  The
next commits will put them to use.

Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20190417190641.26814-12-armbru@redhat.com>
2019-04-18 22:18:59 +02:00
Markus Armbruster
679cb8e1a1 monitor error: Make printf()-like functions return a value
printf() & friends return the number of characters written on success,
negative value on error.

monitor_printf(), monitor_vfprintf(), monitor_vprintf(),
error_printf(), error_printf_unless_qmp(), error_vprintf(), and
error_vprintf_unless_qmp() return void.  Some of them carry a TODO
comment asking for int instead.

Improve them to return int like printf() does.

This makes our use of monitor_printf() as fprintf_function slightly
less dirty: the function cast no longer adds a return value that isn't
there.  It still changes a parameter's pointer type.  That will be
addressed in a future commit.

monitor_vfprintf() always returns zero.  Improve it to return the
proper value.

Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20190417190641.26814-11-armbru@redhat.com>
2019-04-18 22:18:59 +02:00
Markus Armbruster
26eaf2cd0d vl: Make -machine $TYPE,help and -accel help print to stdout
Command line help help explicitly requested by the user should be
printed to stdout, not stderr.  We do elsewhere.  Adjust -machine
$TYPE,help and -accel help to match: use printf() instead of
error_printf().

Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Message-Id: <20190417190641.26814-10-armbru@redhat.com>
2019-04-18 22:18:59 +02:00
Markus Armbruster
5ab77f9aa3 s390x/kvm: Report warnings with warn_report(), not error_printf()
kvm_s390_mem_op() can fail in two ways: when !cap_mem_op, it returns
-ENOSYS, and when kvm_vcpu_ioctl() fails, it returns -errno set by
ioctl().  Its caller s390_cpu_virt_mem_rw() recovers from both
failures.

kvm_s390_mem_op() prints "KVM_S390_MEM_OP failed" with error_printf()
in the latter failure mode.  Since this is obviously a warning, use
warn_report().

Perhaps the reporting should be left to the caller.  It could warn on
failure other than -ENOSYS.

Cc: Thomas Huth <thuth@redhat.com>
Cc: qemu-s390x@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Message-Id: <20190417190641.26814-9-armbru@redhat.com>
2019-04-18 22:18:59 +02:00
Markus Armbruster
8f8f588565 vfio: Report warnings with warn_report(), not error_printf()
Cc: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190417190641.26814-8-armbru@redhat.com>
Acked-by: Alex Williamson <alex.williamson@redhat.com>
2019-04-18 22:18:59 +02:00
Markus Armbruster
d081cedd68 hpet: Report warnings with warn_report(), not error_printf()
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190417190641.26814-7-armbru@redhat.com>
2019-04-17 21:21:49 +02:00
Markus Armbruster
eaf27fab21 pci: Report fatal errors with error_report(), not error_printf()
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Message-Id: <20190417190641.26814-6-armbru@redhat.com>
2019-04-17 21:21:49 +02:00
Markus Armbruster
036a26046f mips/boston: Report errors with error_report(), not error_printf()
Cc: Paul Burton <pburton@wavecomp.com>
Cc: Aleksandar Rikalo <arikalo@wavecomp.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190417190641.26814-5-armbru@redhat.com>
2019-04-17 21:21:49 +02:00
Markus Armbruster
3eb99edb48 loader-fit: Wean off error_printf()
load_fit() reports errors with error_printf() instead of
error_report().  Worse, it even reports errors it actually recovers
from, in fit_cfg_compatible() and fit_load_fdt().  Messed up in
initial commit 51b58561c1.

Convert the helper functions for load_fit() to Error.  Make sure each
failure path sets an error.

Fix fit_cfg_compatible() and fit_load_fdt() not to report errors they
actually recover from.

Convert load_fit() to error_report().

Cc: Paul Burton <pburton@wavecomp.com>
Cc: Aleksandar Rikalo <arikalo@wavecomp.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190417190641.26814-4-armbru@redhat.com>
2019-04-17 21:21:49 +02:00
Markus Armbruster
6b3048cee0 block/ssh: Do not report read/write/flush errors to the user
Callbacks ssh_co_readv(), ssh_co_writev(), ssh_co_flush() report
errors to the user with error_printf().  They shouldn't, it's their
caller's job.  Replace by a suitable trace point.  While there, drop
the unreachable !s->sftp case.

Perhaps we should convert this part of the block driver interface to
Error, so block drivers can pass more detail to their callers.  Not
today.

Cc: "Richard W.M. Jones" <rjones@redhat.com>
Cc: Kevin Wolf <kwolf@redhat.com>
Cc: Max Reitz <mreitz@redhat.com>
Cc: qemu-block@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190417190641.26814-3-armbru@redhat.com>
2019-04-17 21:21:49 +02:00
Markus Armbruster
e9e1d92d1d qemu-img: Use error_vreport() in error_exit()
error_exit() uses low-level error_printf() to report errors.
Modernize it to use error_vreport().

Cc: Kevin Wolf <kwolf@redhat.com>
Cc: Max Reitz <mreitz@redhat.com>
Cc: qemu-block@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190417190641.26814-2-armbru@redhat.com>
2019-04-17 21:21:49 +02:00
Vladimir Sementsov-Ogievskiy
b922c0506a util/error: do not free error on error_abort
It would be nice to have Error object not freed away when debugging a
coredump.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20190415142519.73060-1-vsementsov@virtuozzo.com>
[error_printf_unless_qmp() replaced by error_printf()]
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2019-04-17 19:15:39 +02:00
Markus Armbruster
4c8b7c8b25 error: Fix error_report_err(), warn_report_err() hint printing
Before the from qerror_report() to error_setg(), hints looked like
this:

    qerror_report(QERR_MACRO, ... arguments ...);
    error_printf_unless_qmp(... hint ...);

error_printf_unless_qmp() made perfect sense: it printed exactly when
qerror_report() did.

After the conversion to error_setg():

    error_setg(errp, QERR_MACRO, ... arguments ...);
    error_printf_unless_qmp(... hint ...);

The "unless QMP part" still made some sense; in QMP context, the
caller generally uses the error as QMP response instead of printing
it.

However, everything else is wrong.  If the caller handles the error,
the hint gets printed anyway (unless QMP).  If the caller reports the
error, the hint gets printed *before* the report (unless QMP) or not
at all (if QMP).

Commit 50b7b000c9 fixed this by making hints a member of Error.  It
kept printing hints with error_printf_unless_qmp():

     void error_report_err(Error *err)
     {
	 error_report("%s", error_get_pretty(err));
    +    if (err->hint) {
    +        error_printf_unless_qmp("%s\n", err->hint->str);
    +    }
	 error_free(err);
     }

This is wrong.  We should (and now can) print the hint exactly when we
print the error.

The mistake has since been copied to warn_report_err() in commit
e43ead1d0b.

Fix both to use error_printf().

Reported-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Cc: Eric Blake <eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190416153850.5186-1-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
[Commit message tweaked]
2019-04-17 19:15:39 +02:00
Christophe Fergeau
f5852efa29 log: Make glib logging go through QEMU
This commit adds a error_init() helper which calls
g_log_set_default_handler() so that glib logs (g_log, g_warning, ...)
are handled similarly to other QEMU logs. This means they will get a
timestamp if timestamps are enabled, and they will go through the
HMP monitor if one is configured.

This commit also adds a call to error_init() to the binaries
installed by QEMU. Since error_init() also calls error_set_progname(),
this means that *-linux-user, *-bsd-user and qemu-pr-helper messages
output with error_report, info_report, ... will slightly change: they
will be prefixed by the binary name.

glib debug messages are enabled through G_MESSAGES_DEBUG similarly to
the glib default log handler.

At the moment, this change will mostly impact SPICE logging if your
spice version is >= 0.14.1. With older spice versions, this is not going
to work as expected, but will not have any ill effect, so this call is
not conditional on the SPICE version.

Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20190131164614.19209-3-cfergeau@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2019-04-17 19:08:27 +02:00
Christophe Fergeau
99e98d7c9f qemu-io: Use error_[gs]et_progname()
qemu-io reimplements itself what
error_get_progname()/error_set_progname() already does.
This commit switches it to use this API from qemu-error.h

Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20190131164614.19209-2-cfergeau@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2019-04-17 19:08:27 +02:00
Peter Maydell
eeba63fc7f Update version for v4.0.0-rc4 release
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-16 21:53:00 +01:00
Daniel P. Berrangé
375cb86d9f usb-mtp: fix bounds check for guest provided filename
The ObjectInfo struct has a variable length array containing the UTF-16
encoded filename. The number of characters of trailing data is given by
the 'length' field in the struct and this must be validated against the
size of the data packet received from the guest.

Since the data is UTF-16, we must convert the byte count we have to a
character count before validating. This must take care to truncate if
a malicious guest sent an odd number of bytes.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-16 20:43:39 +01:00
Peter Maydell
dbfc49b69a Block layer patches:
- qcow2: Fix potential corruption for preallocated resize with external data file
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJcteVnAAoJEH8JsnLIjy/WNxMP/1Vca3Ws2lt/lHDqvyQtwbfu
 L0ZAEyZBonoVzxSRgtSj+ZDfgKKTCECDtCAB1mDxFK3GfbvlCDGf20UvOKeDXtLX
 nMfllTnvPOk1lveKjTu82r0aOOnnfaZF6fbJkaV214zipXXQIB1x3J724n+/0kvI
 AlYpgOtskNnAIYAL233IIuktvVJiPJsvsdKGhswcCVSmMcXZ9N+/1wd9sWIdxglW
 YpmkOBZfZRIG6T52ZNXLoeCZdSLpozPJPmAvUbfBdcevOjT2ljQ9Sk+j87mv0SWg
 Bk+Nc7aCC61SPlkjc2A1KtJi68rP6zTFyXMkjC9tXLPf6bMSJVTY8Xv8x8lgscf5
 9xIUhnJHNgILASI6KvJuHjrn0HU4ck4L5k1M3FMrQ/LbnI4wHPHmp4HGLxh/9NnU
 M70uUwVyWgZfFh20D6HvY7bA9Wv5JA3vh9EFwZMn/ZNyKqnAPyIl/DttILgjDEmM
 WItok/l3ri1wXFlaCIWrwm++LJhKFlnyJTfbuHZ96xWYil7cc111ler+WM0h+PFD
 cxsakE1efpOfbBcVNeLzDwNpt1AkxsUQbnTh37dICR7WbqbuXpcmXTb5xK3yYK2P
 WiQRnBZuKk8oGjhBpYtWt/yW5V8hZrZTRNO8u73vz5p+PnPsZFgiVYt2UXnQaPzy
 bKgnpYfa+GrGR/TexOQu
 =ezFB
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches:

- qcow2: Fix potential corruption for preallocated resize with external data file

# gpg: Signature made Tue 16 Apr 2019 15:23:35 BST
# gpg:                using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full]
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream:
  qcow2: Fix preallocation bdrv_pwrite to wrong file

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-16 15:33:38 +01:00
Kevin Wolf
93e32b3e20 qcow2: Fix preallocation bdrv_pwrite to wrong file
With an external data file, preallocate_co() must write the final byte
to the external data file, not to the qcow2 image file.

This is harmless for preallocation of newly created images (only the
qcow2 file size is increased to the virtual disk size while it should be
much smaller), but with preallocated resize, it could in theory cause
visible corruption if the metadata of the image is larger than the data
(e.g. lots of bitmaps).

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2019-04-16 16:23:24 +02:00
Marc-André Lureau
a9b305ba29 socket: allow wait=false for client socket
Commit 767abe7 ("chardev: forbid 'wait' option with client sockets")
is a bit too strict. Current libvirt always set wait=false, and will
thus fail to add client chardev.

Make the code more permissive, allowing wait=false with client socket
chardevs. Deprecate usage of 'wait' with client sockets.

Fixes: 767abe7f49
Cc: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-id: 20190415163337.2795-1-marcandre.lureau@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-16 10:40:43 +01:00
Peter Maydell
677746b39f Slirp updates
Dr. David Alan Gilbert (1):
   slirp: Gcc 9 -O3 fix
 -----BEGIN PGP SIGNATURE-----
 
 iQIyBAABCgAdFiEE5h27FdQXK97JfpLZ21UOifD6VPMFAly0x/MACgkQ21UOifD6
 VPOLBQ/3UNeMla5djuv7ZnsQdGUoaRbZiHRIIFm5S30tpX7DozRd/Wtx9Cyt2+/w
 GsfnNR+7b+rtzfYFqaBlU5RTsd6pqThX9ODcZ/80ecOn8RCgdjeipH7sZpj9wYne
 xjO+23SpWmKgnO798JmJou9w/URX4tmp9tqZJF1722BAbcgd48vIlztHl0gAaypP
 bytSvTmxuTmERLsuKJ6NbrEVM3W19upHEeUuCj3wmB50oU3WCoUcIkolfd7WUQ8D
 lMjkATFMa8lC0+feIo7ICNOeD/9Z9vRn+ffmPj9+Gt8aLI/8akzxIIYNGBKcnT2C
 ERkQFAOlZ34a39xcWMqJOOWFUonM+nEYrw3Fg6CHEREXuRMOp3fV1kKS+xq4jUf+
 miRxqw5jEcPYyxATfYFYcfIXSaKGSlaQ4UGjVANNUN8tLC1FKod5xD3KfDxik+3o
 SeLXrPRNrkHcj1OcpHNzL+mhnMvu9reLWiV/VccmgN6YAugPm19R7r3bLqbcCIkT
 jWzT2/AFg+L+ShAHyZVwbFeepI1CYx2ZstAmpX2VYYg4l7IUfozoOG8SwEn31MI9
 yQ9ZUfe4v8mPIzEMnZlgF9w6gclSfxSR3lKOB1TWnRGgyLIo0GAphQieWNajzM8g
 rUM+b8FGJWlXoLBT2nMOq0Va3zUiqeRTG2iyypBA7aASmYpmdw==
 =qwoq
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/thibault/tags/samuel-thibault' into staging

Slirp updates

Dr. David Alan Gilbert (1):
  slirp: Gcc 9 -O3 fix

# gpg: Signature made Mon 15 Apr 2019 19:05:39 BST
# gpg:                using RSA key E61DBB15D4172BDEC97E92D9DB550E89F0FA54F3
# gpg: Good signature from "Samuel Thibault <samuel.thibault@aquilenet.fr>" [unknown]
# gpg:                 aka "Samuel Thibault <sthibault@debian.org>" [marginal]
# gpg:                 aka "Samuel Thibault <samuel.thibault@gnu.org>" [unknown]
# gpg:                 aka "Samuel Thibault <samuel.thibault@inria.fr>" [marginal]
# gpg:                 aka "Samuel Thibault <samuel.thibault@labri.fr>" [marginal]
# gpg:                 aka "Samuel Thibault <samuel.thibault@ens-lyon.org>" [marginal]
# gpg:                 aka "Samuel Thibault <samuel.thibault@u-bordeaux.fr>" [unknown]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 900C B024 B679 31D4 0F82  304B D017 8C76 7D06 9EE6
#      Subkey fingerprint: E61D BB15 D417 2BDE C97E  92D9 DB55 0E89 F0FA 54F3

* remotes/thibault/tags/samuel-thibault:
  slirp: Gcc 9 -O3 fix

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-16 09:27:35 +01:00
Dr. David Alan Gilbert
6fabae61a9 slirp: Gcc 9 -O3 fix
Gcc 9 needs some convincing that sopreprbuf really is going to fill
in iov in the call from soreadbuf, even though the failure case
shouldn't happen.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20190415121740.9881-1-dgilbert@redhat.com>
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
2019-04-15 20:01:18 +02:00
Peter Maydell
afccfc0c4c Block layer patches:
- iotests fixes
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJcsLb5AAoJEH8JsnLIjy/WtTIQAJBiNOGPVQoenGjxUhacFLB2
 Lylqif8kc0OXemhyiu6V36HCQbUH6+QY1NyjStiJXfzd9yMLyRpOFPhnZpfOZJuh
 xNeln6GxmSDyD5d+NlfVVvJylDzk13mV/s3RkTkw0VW7FwygfMWH4h7pa8jJT/b6
 dFdvBZB/+GhhYUVquxiNSYgIQ5KwK/oovZQnkeq//KVSf2wdHq9i7dvIT4BIXj5Z
 aINQlk48OBmlGmevMzhS99AKZpAz2j4zGVagrwj9dCrkDc29d1TOw75UcPTLw0OS
 2FqhHI+P435+O5VTQxEVW0sx5C5N8FNkjsA0E33XkgdSLHZSFWuyG73H8HtjwCkB
 BuQ3G+JQ5AexvCWdz+zBaE/aKbmcopasXcpzV+DxXVBXmj6Gx7rMvKY8RYiBwZWc
 oIPUCPc2vwKgnx3KPnAAJoKbhpiEhiXPQam20rIoySyzuEDHOQN/kiDQQB+b+PPK
 aYkdWHknkurG+ioUq1F5OwCw5cOw1AKbVNmtRFKD59wBQB/G/gDGgtlWhEALFMyf
 0ZpKaH+c+QJPbaMagCMgwPJ8DgKLb6yJGLwmK/M2CbIYW/2bVMel65YRT67Z+l2H
 Va0vxFqMeVkSRcezUAAXbxMaaLHa9AMQV1V+KAXguYPa7Uqz7p05d9N88r7q87Ui
 FNE+xchmUSdS695h0Gkl
 =46wR
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches:

- iotests fixes

# gpg: Signature made Fri 12 Apr 2019 17:04:09 BST
# gpg:                using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full]
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream:
  iotest: Fix 241 to run in generic directory
  iotests: Let 245 pass on tmpfs

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-12 17:06:49 +01:00
Eric Blake
9749636b00 iotest: Fix 241 to run in generic directory
Filter the qemu-nbd server output to get rid of a direct reference
to my build directory.

Fixes: e9dce9cb
Reported-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2019-04-12 18:03:01 +02:00
Max Reitz
23e1d05411 iotests: Let 245 pass on tmpfs
tmpfs does not support O_DIRECT.  Detect this case, and skip flipping
@direct if the filesystem does not support it.

Fixes: bf3e50f623
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2019-04-12 18:03:01 +02:00
John Snow
13c24edaa7 qemu-img: fix .hx and .texi disparity
It turns out that having options listed in three places continues to be
a bad idea. I'm still toying with the idea of an improved infrastructure
here, but in the meantime, another bandaid.

There are three locations:
(1) .hx file, formatted as texi
(2) .hx file, formatted as human readable.
(3) .texi file, as section headers, formatted as texi.

You can compare the two summaries within the .hx file like so:

Human-readable command summaries:
`./qemu-img --help | grep 'Command syntax' -A14`
Detokenized texi command summaries:
`grep "@item" qemu-img-cmds.hx | sed -E 's|@var\{([^\}]*?)\}|\1|g'`

You can compare the two separate texi summaries like so:

Texi command summaries:
`grep "@item" qemu-img-cmds.hx"`
Texi command headers:
grep -E "@item.*@var" qemu-img.texi | tail -14

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-id: 20190409210655.777-1-jsnow@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-12 14:17:10 +01:00
Gerd Hoffmann
e1be98540e curses: fix wchar_t printf warning
On some systems wchar_t is "long int", on others just "int".
So go cast to "long int" and adjust the printf format accordingly.

Reported-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190402073018.17747-1-kraxel@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-12 12:58:00 +01:00
Peter Maydell
9e4a484b4a ppc patch queue for 2018-04-12
Here's a last minute pull request for 4.0.  Turns out my last pull
 request, to fix a regression in extended config space access for the
 pseries machine didn't fix things hard enough.  This PR has a single
 patch which improves the fix to work in more cases.
 
 It's a ghastly, ghastly hack, but it's simple and localized.  I
 already have patches almost ready to go in 4.1 that provides a simpler
 and cleaner solution to all this.
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEdfRlhq5hpmzETofcbDjKyiDZs5IFAlywI1gACgkQbDjKyiDZ
 s5JDchAAy5LBsVDPH3W/X3Btbrfmk8aY92pWbfZZBfCKVTRYD2HrQ9bqUgK8rDXe
 TIPhVLhZsZdxJX6aAMRgymeO8vDdoksSmldGSQe9nBrnywgwoWBMEC4P5anVNGQv
 8SSZBuhBaea3lBk8mF2vgJsP9QiLtQvHy/l9lTDaUSVNgws3fqGf5/YBjx7h6E+R
 aUdgTvlDvPkm14vZN7W1bkpGYk3J74rVo6qu91zRD9hKzHTuFnRxZE4EQpOKvaNa
 Tq8we05kfKdct5JoJXj+NvsT77lgynyt0AXT/TGtRdS2cgZ3JtHq2ZD/93dBMS/d
 A5fNClEQ45XW/0dLMzzTN4xP3yII5N4mY78kB58L5PNezxCa+7MvxW/2QEHFskyi
 MaWXN/2Dchx9cBvQuueulpaQHUiAYpFVIG9S0OPxG/SDdyqo929F2Z/P152scp3a
 ChG9JKVgXtp3JHMWlBPFdOPJhNhtUN9HiqTrydbVka1rMJyAU+8hXpo96BvPZGdf
 oH+nEqoDiJLGHp930esQ0F7wTQbSaIF+nEVkF8Q71NLDELnpTBMOc02TLhLocuqJ
 cwlDHkw+LN+h+gdzxKtOMMVmL3MG47zsgvY8pgqKItP5i7k3gqEq4lUc75P6Athe
 ULVHYQukowD4ns5ngBPZXZyv0zq7EAa8xoT/FAMx92UcNdshqKg=
 =sN2O
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-4.0-20190412' into staging

ppc patch queue for 2018-04-12

Here's a last minute pull request for 4.0.  Turns out my last pull
request, to fix a regression in extended config space access for the
pseries machine didn't fix things hard enough.  This PR has a single
patch which improves the fix to work in more cases.

It's a ghastly, ghastly hack, but it's simple and localized.  I
already have patches almost ready to go in 4.1 that provides a simpler
and cleaner solution to all this.

# gpg: Signature made Fri 12 Apr 2019 06:34:16 BST
# gpg:                using RSA key 75F46586AE61A66CC44E87DC6C38CACA20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>" [full]
# gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>" [full]
# gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>" [full]
# gpg:                 aka "David Gibson (kernel.org) <dwg@kernel.org>" [unknown]
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392

* remotes/dgibson/tags/ppc-for-4.0-20190412:
  spapr_pci: Fix broken naming of PCI bus

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-12 11:23:14 +01:00
Greg Kurz
4560116e42 spapr_pci: Fix broken naming of PCI bus
Recent commit 5cf0d326a0 fixed a regression which was preventing the
guest to access the extended config space of a PCIe device. This was
done by introducing a new PCI bus subtype for PAPR. The original fix
was causing PCI busses to be named "spapr-pci-host-bridge-root-bus.N"
instead of "pci.N", which was making upper layers unhappy of course.
This got worked around by hardcoding the PCI bus name to "pci.0", but
this only works for the default PHB. And we're now hitting:

# qemu-system-ppc64 \
             -device spapr-pci-host-bridge,index=1 \
             -device e1000e,bus=pci.0 \
             -device e1000e,bus=pci.1
qemu-system-ppc64: -device e1000e,bus=pci.1: Bus 'pci.1' not found

David already posted some patches [1] to control PCI extended config
space accesses with a new flag in the base PCI bus class instead of
subtyping. These patches are a bit more intrusive though, and
are targetted for 4.1.

When no name is passed to pci_register_bus(), the core device code
generates a lowercase name based on the QOM typename. The typename
for the base PCI bus class is "PCI", hence the "pci.0", "pci.1"
bus names. Rename the type of the PAPR PCI bus to "pci", so that
the QOM code can generate proper names. This is a hack but it is
enough to fix the regression. And all this will be reworked properly
in 4.1.

[1] https://patchwork.ozlabs.org/project/qemu-devel/list/?series=100486

Fixes: 5cf0d326a0
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <155500034416.646888.1307366522340665522.stgit@bahia.lab.toulouse-stg.fr.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-04-12 12:23:02 +10:00
Peter Maydell
532cc6da74 Update version for v4.0.0-rc3 release
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-10 15:38:59 +01:00
Peter Maydell
6523516f32 Single device tree fix for 4.0
A single patch to avoid an overflow when loading device trees.
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEE9sSsRtSTSGjTuM6PIeENKd+XcFQFAlytMDAACgkQIeENKd+X
 cFRsGwf/ZdJ+HKAClxK2oFb2Z6bk1kqb1zbeJ1rQlSHD7r9CHnVCs3DBqnY7Oilw
 4VGhZiMdS6zCDRb+g+rKBFpfRU3XTygKYTr9na+ADpLcSGeLZlwbbDDFvABvKPpx
 4MDVemNRCyaHHdJeZpRxTlALUFBeNCRQWGtUcCp1BP/xjRQc1IbMj/6gEi7rSD13
 y7zFVfwLM7QiJpQHTw9VBAgCtLVfRPP7S27Ey+CnKwf97kqLsLspZw0nXfNgm9sk
 vrZ1XWcYDO/5BusYo9Kcdie8C1ykiSGMtJax5DFnOhNjK9A8tIx70v24dL5mQMJg
 HKzHuXeX4wdL0L12+fBRsL1wAZDtfg==
 =6l+a
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/alistair/tags/pull-device-tree-20190409-1' into staging

Single device tree fix for 4.0

A single patch to avoid an overflow when loading device trees.

# gpg: Signature made Wed 10 Apr 2019 00:52:16 BST
# gpg:                using RSA key F6C4AC46D4934868D3B8CE8F21E10D29DF977054
# gpg: Good signature from "Alistair Francis <alistair@alistair23.me>" [full]
# Primary key fingerprint: F6C4 AC46 D493 4868 D3B8  CE8F 21E1 0D29 DF97 7054

* remotes/alistair/tags/pull-device-tree-20190409-1:
  device_tree: Fix integer overflowing in load_device_tree()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-10 08:57:19 +01:00
Markus Armbruster
065e6298a7 device_tree: Fix integer overflowing in load_device_tree()
If the value of get_image_size() exceeds INT_MAX / 2 - 10000, the
computation of @dt_size overflows to a negative number, which then
gets converted to a very large size_t for g_malloc0() and
load_image_size().  In the (fortunately improbable) case g_malloc0()
succeeds and load_image_size() survives, we'd assign the negative
number to *sizep.  What that would do to the callers I can't say, but
it's unlikely to be good.

Fix by rejecting images whose size would overflow.

Reported-by: Kurtis Miller <kurtis.miller@nccgroup.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20190409174018.25798-1-armbru@redhat.com>
2019-04-09 16:35:40 -07:00
Peter Maydell
f151f8aca5 migration/ram.c: Fix use-after-free in multifd_recv_unfill_packet()
Coverity points out (CID 1400442) that in this code:

    if (packet->pages_alloc > p->pages->allocated) {
        multifd_pages_clear(p->pages);
        multifd_pages_init(packet->pages_alloc);
    }

we free p->pages in multifd_pages_clear() but continue to
use it in the following code. We also leak memory, because
multifd_pages_init() returns the pointer to a new MultiFDPages_t
struct but we are ignoring its return value.

Fix both of these bugs by adding the missing assignment of
the newly created struct to p->pages.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Message-id: 20190409151830.6024-1-peter.maydell@linaro.org
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-04-09 20:46:34 +01:00
Peter Maydell
4b9a21c344 * fixes for Alpine and SuSE
* fix crash when hot-plugging nvdimm on older machine types
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQEcBAABAgAGBQJcrMmTAAoJEL/70l94x66DrZYH/jHgRDg+8OucuAdobG5UAaMR
 24doCVFvblyjYvB1+GPw3lsU7B1BOQ7ihPGmAGV5hEhZIequYfM8aC2Fm5ZvHEwv
 rFtMiau5hYcLSkG6iQvNeEsUajZoD5tJJ4X437R5kr4IdvL2DIRrhGFEsAHi/obf
 9ZV5klaT3A87CEO9dIG22Or8e/qRcVUN3LKQ2ZZAv6Ij05g7nf+mwtolKbFUTtG4
 xxog0T05fREQXFmjLWEwl2QyCF11/dVOBeYwwRdppd8a43avBoi24lOc4NKa+KXs
 WWOkWK7EPgXVQ99TVmuoIvt4mJNGChl8ubfPPUK7SykO2iuLqv4CE9PlCJK27IE=
 =FfJt
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* fixes for Alpine and SuSE
* fix crash when hot-plugging nvdimm on older machine types

# gpg: Signature made Tue 09 Apr 2019 17:34:27 BST
# gpg:                using RSA key BFFBD25F78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini/tags/for-upstream:
  tests: Make check-block a phony target
  hw/i386/pc: Fix crash when hot-plugging nvdimm on older machine types
  include/qemu/bswap.h: Use __builtin_memcpy() in accessor functions
  roms: Allow passing configure options to the EDK2 build tools
  roms: Rename the EFIROM variable to avoid clashing with iPXE

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-09 17:36:01 +01:00
Markus Armbruster
3e20c81ed8 tests: Make check-block a phony target
Fixes: b93b63f574 "test makefile overhaul"

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190319072104.32591-1-armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-04-09 18:34:21 +02:00
Thomas Huth
ae909496e9 hw/i386/pc: Fix crash when hot-plugging nvdimm on older machine types
QEMU currently crashes when you try to hot-plug an "nvdimm" device
on older machine types:

$ qemu-system-x86_64 -monitor stdio -M pc-1.1
QEMU 3.1.92 monitor - type 'help' for more information
(qemu) device_add nvdimm,id=nvdimmn1
qemu-system-x86_64: /home/thuth/devel/qemu/util/error.c:57: error_setv:
 Assertion `*errp == ((void *)0)' failed.
Aborted (core dumped)

The call to hotplug_handler_pre_plug() in pc_memory_pre_plug() has been
added recently before the check whether nvdimm is enabled. It should
be done after the check. And while we're at it, also check the errp
after the hotplug_handler_pre_plug(), otherwise errors are silently
ignored here.

Fixes: 9040e6dfa8
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20190407092314.11066-1-thuth@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-04-09 18:34:21 +02:00
Peter Maydell
77b1757090 include/qemu/bswap.h: Use __builtin_memcpy() in accessor functions
In the accessor functions ld*_he_p() and st*_he_p() we use memcpy()
to perform a load or store to a pointer which might not be aligned
for the size of the type. We rely on the compiler to optimize this
memcpy() into an efficient load or store instruction where possible.
This is required for good performance, but at the moment it is also
required for correct operation, because some users of these functions
require that the access is atomic if the pointer is aligned, which
will only be the case if the compiler has optimized out the memcpy().
(The particular example where we discovered this is the virtio
vring_avail_idx() which calls virtio_lduw_phys_cached() which
eventually ends up calling lduw_he_p().)

Unfortunately some compile environments, such as the fortify-source
setup used in Alpine Linux, define memcpy() to a wrapper function
in a way that inhibits this compiler optimization.

The correct long-term fix here is to add a set of functions for
doing atomic accesses into AddressSpaces (and to other relevant
families of accessor functions like the virtio_*_phys_cached()
ones), and make sure that callsites which want atomic behaviour
use the correct functions.

In the meantime, switch to using __builtin_memcpy() in the
bswap.h accessor functions. This will make us robust against things
like this fortify library in the short term. In the longer term
it will mean that we don't end up with these functions being really
badly-performing even if the semantics of the out-of-line memcpy()
are correct.

Reported-by: Fernando Casas Schössow <casasfernando@outlook.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20190318112938.8298-1-peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-04-09 18:34:21 +02:00
Philippe Mathieu-Daudé
1cab464136 roms: Allow passing configure options to the EDK2 build tools
Since commit f590a812c2 we build the EDK2 EfiRom utility
unconditionally.

Some distributions require to use extra compiler/linker flags,
i.e. SUSE which enforces the PIE protection (see [*]).

EDK2 build tools already provide a set of variables for that,
use them to allow the caller to easily inject compiler/linker
options..

Now build scripts can pass extra options, example:

  $ make -C roms \
      EDK2_BASETOOLS_OPTFLAGS='-fPIE' \
      efirom

[*] https://lists.opensuse.org/opensuse-factory/2017-06/msg00403.html

Reported-by: Olaf Hering <olaf@aepfle.de>
Suggested-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190409134536.15548-3-philmd@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-04-09 18:33:55 +02:00
Philippe Mathieu-Daudé
d912e795e0 roms: Rename the EFIROM variable to avoid clashing with iPXE
The iPXE's 'veryclean' recipe removes $(EFIROM) even if the EFIROM
macro originates from elsewhere:

  $ git checkout f590a812c21~
  $ make -C roms clean EFIROM=$(type -P EfiRom)
  make: Entering directory '/source/qemu/roms'
  [...]
  make -C ipxe/src veryclean
  make[1]: Entering directory '/source/qemu/roms/ipxe/src'
  rm -f bin{,-*}/*.* bin{,-*}/.certificate.* bin{,-*}/.certificates.* bin{,-*}/.private_key.* bin{,-*}/errors bin{,-*}/NIC ./util/zbin ./util/elf2efi32 ./util/elf2efi64 /usr/bin/EfiRom ./util/efifatbin ./util/iccfix ./util/einfo TAGS bin{,-*}/symtab
  rm: cannot remove '/usr/bin/EfiRom': Permission denied
  make[1]: *** [Makefile.housekeeping:1564: clean] Error 1
  make[1]: Leaving directory '/source/qemu/roms/ipxe/src'
  make: *** [Makefile:152: clean] Error 2
  make: Leaving directory '/source/qemu/roms'

Before f590a812c2 this variable could be overridden or unset,
and the 'veryclean' Makefile rule would not complain.

Commit f590a812c2 enforces this variable to the Intel EfiRom
tool provided by the EDK2 project.

To avoid the name clash and make the difference between the
projects obvious, rename the variable used by the EDK2 project
as EDK2_EFIROM.

Fixes: f590a812c2
Reported-by: Olaf Hering <olaf@aepfle.de>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190409134536.15548-2-philmd@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-04-09 18:33:45 +02:00