Commit Graph

91970 Commits

Author SHA1 Message Date
John Snow
a57cb3e23d python/aqmp: fix send_fd_scm for python 3.6.x
3.6 doesn't play keepaway with the socket object, so we don't need to go
fishing for it on this version. In fact, so long as 'sendmsg' is still
available, it's probably preferable to just use that method and only go
fishing for forbidden details when we absolutely have to.

Reported-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Message-id: 20211118204620.1897674-8-jsnow@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
2021-11-22 18:41:21 -05:00
John Snow
206439cd89 scripts/device-crash-test: Use a QMP timeout
Despite all the previous fixes, it's still possible for
device-crash-test to wedge itself in the case that QEMU terminates *so
quickly* that it doesn't even begin a connection attempt to our QMP
client. Python will just joyfully wait ad infinitum for a connection
that will now never arrive.

The real fix is to use asyncio to simultaneously poll both the health of
the launched process AND the connection attempt. That's quite a bit more
invasive than just setting a connection timeout, though.

Do the very simplest thing for now.

Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 20211118204620.1897674-7-jsnow@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
2021-11-22 18:41:21 -05:00
John Snow
1611e6cf4e python/machine: handle "fast" QEMU terminations
In the case that the QEMU process actually launches -- but then dies so
quickly that we can't establish a QMP connection to it -- QEMUMachine
currently calls _post_shutdown() assuming that it never launched the VM
process.

This isn't true, though: it "merely" may have failed to establish a QMP
connection and the process is in the middle of its own exit path.

If we don't wait for the subprocess, the caller may get a bogus `None`
return for .exitcode(). This behavior was observed from
device-crash-test; after the switch to Async QMP, the timings were
changed such that it was now seemingly possible to witness the failure
of "vm.launch()" *prior* to the exitcode becoming available.

The semantic of the `_launched` property is changed in this
patch. Instead of representing the condition "launch() executed
successfully", it will now represent "has forked a child process
successfully". This way, wait() when called in the exit path won't
become a no-op.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Message-id: 20211118204620.1897674-6-jsnow@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
2021-11-22 18:41:17 -05:00
John Snow
b1ca991993 python/machine: move more variable initializations to _pre_launch
No need to clear them only to set them later.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Message-id: 20211118204620.1897674-5-jsnow@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
2021-11-22 18:40:59 -05:00
John Snow
72b17fe715 python/machine: add instance disambiguator to default nickname
If you create two instances of QEMUMachine(), they'll both create the
same nickname by default -- which is not that helpful.

Luckily, they'll both create unique temporary directories ... but due to
user configuration, they may share logging and sockfile directories,
meaning two instances can collide. The Python logging will also be quite
confusing, with no differentiation between the two instances.

Add an instance disambiguator (The memory address of the instance) to
the default nickname to foolproof this in all cases.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Message-id: 20211118204620.1897674-4-jsnow@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
2021-11-22 18:40:59 -05:00
John Snow
6eeb3de7e1 python/machine: remove _remove_monitor_sockfile property
It doesn't matter if it was the user or the class itself that specified
where the sockfile should be created; the fact is that if we are using a
sockfile here, we created it and we can clean it up.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Message-id: 20211118204620.1897674-3-jsnow@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
2021-11-22 18:40:59 -05:00
John Snow
87bf1fe5cb python/machine: add @sock_dir property
Analogous to temp_dir and log_dir, add a sock_dir property that defaults
to @temp_dir -- instead of base_temp_dir -- when the user hasn't
overridden the sock dir value in the initializer.

This gives us a much more unique directory to put sockfiles in by default.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Message-id: 20211118204620.1897674-2-jsnow@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
2021-11-22 18:40:59 -05:00
Richard Henderson
89d2f9e4c6 target-arm queue:
* revert SMCCC/PSCI change, as it regresses some usecases for some boards
 -----BEGIN PGP SIGNATURE-----
 
 iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmGbnjsZHHBldGVyLm1h
 eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3qANEACGPK8M1HVvh2aVPlX+Dd2t
 RCA7XyQTWlQaLqppe3II6blCjPKWRfmmaJzolRvjpZnp4z4fBYDd7QvHb0mDFLIu
 nAyaLbtW103pDR1MaVs742tFVQCq7btE3FtNe0k6c9XbyNgGIGC7+Gzdx0jRMKFT
 C2zkN99LaDjz0yPQfn7Y/Opzjxfv+wplf0sDlqrL1r4ALdt3BM9Sm4r4GPzkIlqT
 BxxxB8FYwDWf746ounqsENDUt0yJ12zyh5xwvmQIu29cKuQqPSTTKASzljlK8Peg
 KuWPuNzjwgiYkPZoNhRlmN9v2tokC5rkdRz4is4apiW761hBqMX02iLVOHGx61io
 YddrimmaYUXLZrS7JCkvrXShFsbSExeSmg8yb/WvElInwJFao8x9EkKhtbfcFv9f
 meivFGsDil/m1evzmwUR9W+pz95pcZp5Xoi17jQfv7jgq+/16JT6/vULZaK144tq
 U/WnhIsDaVBQyjY9bGgUpA25hi+gW5Stk3uXHMk4wKLSWbqjqQIsXazAQCq5LtaY
 3d+TgcHdsqsHMU77eMK80J4dObBMxsQ8hpXA+Vbd3ANdjbH1jy3yPMgcuGxbJZAg
 5Eje5BCvBk8dk2pv20FFuSPbTKcr77UFCqW3eUG0Y04hBt+QpSSPeQzkAwjJTnQU
 k1XestD9DjxjHBQrVvDF4A==
 =gNAF
 -----END PGP SIGNATURE-----

Merge tag 'pull-target-arm-20211122' of https://git.linaro.org/people/pmaydell/qemu-arm into staging

target-arm queue:
 * revert SMCCC/PSCI change, as it regresses some usecases for some boards

# gpg: Signature made Mon 22 Nov 2021 02:42:19 PM CET
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [full]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [full]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [full]

* tag 'pull-target-arm-20211122' of https://git.linaro.org/people/pmaydell/qemu-arm:
  Revert "arm: tcg: Adhere to SMCCC 1.3 section 5.2"

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-22 16:35:54 +01:00
Peter Maydell
4825eaae4f Revert "arm: tcg: Adhere to SMCCC 1.3 section 5.2"
This reverts commit 9fcd15b919.

This change turns out to cause regressions, for instance on the
imx6ul boards as described here:
https://lore.kernel.org/qemu-devel/c8b89685-7490-328b-51a3-48711c140a84@tribudubois.net/

The primary cause of that regression is that the guest code running
at EL3 expects SMCs (not related to PSCI) to do what they would if
our PSCI emulation was not present at all, but after this change
they instead set a value in R0/X0 and continue.

We could fix that by a refactoring that allowed us to only turn on
the PSCI emulation if we weren't booting the guest at EL3, but there
is a more tangled problem with the highbank board, which:
 (1) wants to enable PSCI emulation
 (2) has a bit of guest code that it wants to run at EL3 and
     to perform SMC calls that trap to the monitor vector table:
     this is the boot stub code that is written to memory by
     arm_write_secure_board_setup_dummy_smc() and which the
     highbank board enables by setting bootinfo->secure_board_setup

We can't satisfy both of those and also have the PSCI emulation
handle all SMC instruction executions regardless of function
identifier value.

This is too tricky to try to sort out before 6.2 is released;
revert this commit so we can take the time to get it right in
the 7.0 release.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20211119163419.557623-1-peter.maydell@linaro.org
2021-11-22 13:41:48 +00:00
Richard Henderson
5d1f437fb4 fixes for 6.2: microvm, ui, modules.
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEoDKM/7k6F6eZAf59TLbY7tPocTgFAmGbj5kACgkQTLbY7tPo
 cTiJrw//afZiIXG9/7nSkQety3L+IG5kNR+TpEGspo7alP4swIbdpndkpWL9+ipz
 Z+hLFekkDPQ56Ml8Q3qyBrDOVMZYxeHOrLeNcNtR2cxFLeXkrCjjY5apS5aDV9Yu
 ZI5WkGP57Hy2syUempFJEQsMNVjvXAe1Uwe692SZh4EPOW4qXoHlqui5iL7AfxjK
 XCThoY2MRRzdEuAO8gMNHUrB5URsDP85DMIGPtG3grM+CezxFeoj3WW+BYSuY0mn
 JO8BciZPSteh9bkjyYx70z2k159ue/99pjM81uRKOBFHv8KFOaUMfr8RmC1L+3Dx
 krc31misEDwvxumOEBp8SGTR5ZgcRdeW1iAzlQR7fXOCcSbEPuRuxmE3Bhc+1/qg
 8of2KWqayVFfIap6cSGE6A4lWl3RkFsOsqC7DZiwoYtDIt7nVT3BtpFTKvqeVIs9
 YRiCN3YQSxXhi2oxPnezNFcltBX2hZMdHnKS9Bkhfpmyxc2peEkWB18F+lTlEj2/
 KdUwCLGDonZ/LTh1sfU0SSqdTvw6Uw5ZUHThbftmPCEi8rf5RtF0G+/cvsypmJsv
 fch62M0J2urG0Oj0FygrTO4XIUR/PX/GU3Pt6MimeduL6t/hz3jUlCLrmriCnPMq
 BbDS/fOmCN3PjZtNtMZu4l/WYxaPeH/9BQJ/GahpTg57bUBoY4I=
 =QR2E
 -----END PGP SIGNATURE-----

Merge tag 'fixes-20211122-pull-request' of git://git.kraxel.org/qemu into staging

fixes for 6.2: microvm, ui, modules.

# gpg: Signature made Mon 22 Nov 2021 01:39:53 PM CET
# gpg:                using RSA key A0328CFFB93A17A79901FE7D4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full]
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>" [full]
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full]

* tag 'fixes-20211122-pull-request' of git://git.kraxel.org/qemu:
  microvm: check g_file_set_contents() return value
  microvm: add missing g_free() call
  hw/i386/microvm: Reduce annoying debug message in dt_setup_microvm()
  migration: fix dump-vmstate with modules
  ui/vnc-clipboard: fix adding notifier twice
  ui/gtk: graphic_hw_gl_flushed after closing dmabuf->fence_fd
  ui: fix incorrect pointer position on highdpi with gtk
  ui: fix incorrect scaling on highdpi with gtk/opengl

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-22 14:17:14 +01:00
Gerd Hoffmann
b9e5628ca5 microvm: check g_file_set_contents() return value
Fixes: CID 1465239
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-Id: <20211108130718.840216-3-kraxel@redhat.com>
2021-11-22 11:14:28 +01:00
Gerd Hoffmann
1b38ccc9a1 microvm: add missing g_free() call
Fixes: CID 1465240
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20211108130718.840216-2-kraxel@redhat.com>
2021-11-22 11:14:28 +01:00
Philippe Mathieu-Daudé
d612405ed2 hw/i386/microvm: Reduce annoying debug message in dt_setup_microvm()
Fixes: f5918a9928 ("microvm: add device tree support.")
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Sergio Lopez <slp@redhat.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Message-Id: <20211117174331.1715144-1-philmd@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2021-11-22 11:14:28 +01:00
Laurent Vivier
4067691a2f migration: fix dump-vmstate with modules
To work correctly -dump-vmstate and vmstate-static-checker.py need to
dump all the supported vmstates.

But as some devices can be modules, they are not loaded at startup and not
dumped. Fix that by loading all available modules before dumping the
machine vmstate.

Fixes: 7ab6e7fcce ("qdev: device module support")
Cc: kraxel@redhat.com
Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20211116072840.132731-1-lvivier@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2021-11-22 11:14:28 +01:00
Vladimir Sementsov-Ogievskiy
2e572baf65 ui/vnc-clipboard: fix adding notifier twice
vnc_server_cut_text_caps() is not guaranteed to be called only once.

If it called twice, we finally call notifier_list_add() twice with same
element. Which leads to loopback QLIST. So, on next
notifier_list_notify() we'll loop forever and QEMU stuck.

So, let's only register new notifier if it's not yet registered.

Note, that similar check is used in vdagent_chr_recv_caps() (before
call qemu_clipboard_peer_register()), and also before
qemu_clipboard_peer_unregister() call in vdagent_disconnect() and in
vnc_disconnect_finish().

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20211110103800.2266729-1-vsementsov@virtuozzo.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2021-11-22 11:14:28 +01:00
Dongwon Kim
c3abdb2faf ui/gtk: graphic_hw_gl_flushed after closing dmabuf->fence_fd
The dmabuf often becomes invalid right after unblocking pipeline
and graphic_hw_gl_flushed in case a new scanout blob is submitted
because the dmabuf associated with the current guest scanout is
freed after swapping.

So both graphic_hw_gl_block and graphic_hw_gl_flushed should be
executed after closing fence_fd for the current dmabuf.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Vivek Kasireddy <vivek.kasireddy@intel.com>
Signed-off-by: Dongwon Kim <dongwon.kim@intel.com>
Message-Id: <20211121172237.14937-1-dongwon.kim@intel.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2021-11-22 11:14:28 +01:00
Alexander Orzechowski
f14aab420c ui: fix incorrect pointer position on highdpi with gtk
Signed-off-by: Alexander Orzechowski <orzechowski.alexander@gmail.com>
Message-Id: <20211121065504.29101-3-orzechowski.alexander@gmail.com>

[ kraxel: codestyle fix ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2021-11-22 11:14:01 +01:00
Alexander Orzechowski
4323118cad ui: fix incorrect scaling on highdpi with gtk/opengl
Signed-off-by: Alexander Orzechowski <orzechowski.alexander@gmail.com>
Message-Id: <20211121065504.29101-2-orzechowski.alexander@gmail.com>

[ kraxel: codestyle fix ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2021-11-22 11:13:12 +01:00
Richard Henderson
49aaac3548 linux-user pull request 20211122
Fixes for CID 1464101 and gilab #704
 -----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEEzS913cjjpNwuT1Fz8ww4vT8vvjwFAmGbU00SHGxhdXJlbnRA
 dml2aWVyLmV1AAoJEPMMOL0/L748pFAP/RQiwsG5q8WILlsb+MUhObr0v9dJPbAM
 el4Fo21OHYL9Jc/gPrOCRgP1Ey3EJzxwtzAIQojf2hm/KgUuTWZMdpjTc6pv3epl
 VB2Fi+Kz4sUznTWWB7Hbp+vX9VDlxzOIvbGJqwiasm9pKhffhsIRDOJgii7yQTSh
 qX2dOBkN5i4uSia/FAMpldf/uqz8J4/zVFM/IB52LnF5h8+qnTKWfcq8UpkfFF9s
 wKw6hgtaYZw+bcP1n+d2Lovz8gdXTXHw4KFl5g3+wx7Aj9tizzbkytJbUcc14pEu
 DoHPDqJxx3DULtza1hKuEYbB4onG2z0xw+MXtIbqqK3tp3UDLmgOXTlr7VBnqiLH
 mKzZL0eDDQVA5dgBnaKyE0lHl44G7PhOOPZZ8jDKnytyK1A3VEH6D6GJGe5nQhrG
 NJaTN91c6FtHM0iVQHMJsm9Un/EDDOb/kRzBUDpihFmlvZq6sgwDXlobMN4CAsDa
 1YXU0sZfDUBFRChL9gfvJgrVBmnLAjpgDbXRURH+GwFuzlAvC56FAokFQwUxNuiW
 JwHhV+rudvAy2KuEYNAsTd1LP+Di7x5wNhPHKvKTPIf6pxL7JW2oAt1IPow/nlMc
 GtvWYWDhyI37pI8/BkyErqwmxaMDfmn5ATJsHi/hCFLn8JkxJDpKSiIhLqdrhgkS
 DWHJ9rrOPmnd
 =UZXm
 -----END PGP SIGNATURE-----

Merge tag 'linux-user-for-6.2-pull-request' of git://github.com/vivier/qemu into staging

linux-user pull request 20211122

Fixes for CID 1464101 and gilab #704

# gpg: Signature made Mon 22 Nov 2021 09:22:37 AM CET
# gpg:                using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C
# gpg:                issuer "laurent@vivier.eu"
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full]
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>" [full]
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full]

* tag 'linux-user-for-6.2-pull-request' of git://github.com/vivier/qemu:
  linux-user: fix Coverity CID 1464101
  linux-user: Rewrite do_getdents, do_getdents64
  linux-user: Fix member types of target_dirent64
  linux-user: Always use flexible arrays for dirent d_name
  linux-user: Split out do_getdents, do_getdents64

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-22 10:33:13 +01:00
Laurent Vivier
802ae45e94 linux-user: fix Coverity CID 1464101
target_mmap() can fail and return -1, but we don't check for that and
instead assume it's always valid.

Fixes: db2af69d6b ("linux-user: Add infrastructure for a signal trampoline page")
Cc: richard.henderson@linaro.org
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20211121151711.331653-1-laurent@vivier.eu>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2021-11-22 09:17:08 +01:00
Richard Henderson
edf1aa8d44 Seventh RISC-V PR for QEMU 6.2
- Deprecate IF_NONE for SiFive OTP
  - Don't reset SiFive OTP content
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEE9sSsRtSTSGjTuM6PIeENKd+XcFQFAmGbPewACgkQIeENKd+X
 cFTl1Qf/dTZHH/bgzanGvoU6Wx3cnUUGZ/wRvYlk2+FJ4ZtZiSEo7DcGVv1qgX+v
 z/2y6EhXWeuCDB/5fp6JDnwObMxDXwQm9huNzH4gM0JJgRZjXFnj2RLs/rD9OBs7
 OWG7zs4xYxWuEW/4WFzrWYiLRBA1lc6f/NpLnP7pOv3PvNrc3ax8N34WH9sfAi4E
 JYLnquBetNDsg9+0BEkXR8IJDI4fKfDEOWpptuWWNau3gnHeeRjEltAtvfWrQykK
 ZaESAthuJ2i+zAfD6EK2dtH5XCWot6+0SdeopgTM2iLVHgBPNfgP9iAx25a1fXF0
 SywYo03Jzu9wGvaYhzrjWZjn8OLJuA==
 =d0D3
 -----END PGP SIGNATURE-----

Merge tag 'pull-riscv-to-apply-20211122' of github.com:alistair23/qemu into staging

Seventh RISC-V PR for QEMU 6.2

 - Deprecate IF_NONE for SiFive OTP
 - Don't reset SiFive OTP content

# gpg: Signature made Mon 22 Nov 2021 07:51:24 AM CET
# gpg:                using RSA key F6C4AC46D4934868D3B8CE8F21E10D29DF977054
# gpg: Good signature from "Alistair Francis <alistair@alistair23.me>" [full]

* tag 'pull-riscv-to-apply-20211122' of github.com:alistair23/qemu:
  hw/misc/sifive_u_otp: Do not reset OTP content on hardware reset
  hw/misc/sifive_u_otp: Use IF_PFLASH for the OTP device instead of IF_NONE

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-22 08:53:05 +01:00
Philippe Mathieu-Daudé
526e744302 hw/misc/sifive_u_otp: Do not reset OTP content on hardware reset
Once a "One Time Programmable" is programmed, it shouldn't be reset.

Do not re-initialize the OTP content in the DeviceReset handler,
initialize it once in the DeviceRealize one.

Fixes: 9fb45c62ae ("riscv: sifive: Implement a model for SiFive FU540 OTP")
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20211119104757.331579-1-f4bug@amsat.org>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2021-11-22 10:46:22 +10:00
Thomas Huth
6b717a8d44 hw/misc/sifive_u_otp: Use IF_PFLASH for the OTP device instead of IF_NONE
Configuring a drive with "if=none" is meant for creation of a backend
only, it should not get automatically assigned to a device frontend.
Use "if=pflash" for the One-Time-Programmable device instead (like
it is e.g. also done for the efuse device in hw/arm/xlnx-zcu102.c).

Since the old way of configuring the device has already been published
with the previous QEMU versions, we cannot remove this immediately, but
have to deprecate it and support it for at least two more releases.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20211119102549.217755-1-thuth@redhat.com
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2021-11-22 10:43:54 +10:00
Richard Henderson
aee14c77f4 linux-user: Rewrite do_getdents, do_getdents64
Always allocate host storage; this ensures that the struct
is sufficiently aligned for the host.  Merge the three host
implementations of getdents via a few ifdefs.  Utilize the
same method for do_getdents64.

Resolves: https://gitlab.com/qemu-project/qemu/-/issues/704
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20211114103539.298686-5-richard.henderson@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2021-11-21 16:19:17 +01:00
Richard Henderson
1962cb0029 linux-user: Fix member types of target_dirent64
The host uint64_t (etc) does not have the correct
alignment constraint as the guest: use abi_* types.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20211114103539.298686-4-richard.henderson@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2021-11-21 16:19:17 +01:00
Richard Henderson
540a736f54 linux-user: Always use flexible arrays for dirent d_name
We currently use a flexible array member for target_dirent,
but use incorrectly fixed length arrays for target_dirent64,
linux_dirent and linux_dirent64.

This requires that we adjust the definition of the VFAT READDIR
ioctls which hard-code the 256 namelen size into the ioctl constant.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20211114103539.298686-3-richard.henderson@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2021-11-21 16:19:17 +01:00
Richard Henderson
fd08ddb9cb linux-user: Split out do_getdents, do_getdents64
Retain all 3 implementations of getdents for now.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20211114103539.298686-2-richard.henderson@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2021-11-21 16:19:17 +01:00
Richard Henderson
c5fbdd60cf qemu-sparc queue
-----BEGIN PGP SIGNATURE-----
 
 iQFSBAABCgA8FiEEzGIauY6CIA2RXMnEW8LFb64PMh8FAmGaF+0eHG1hcmsuY2F2
 ZS1heWxhbmRAaWxhbmRlLmNvLnVrAAoJEFvCxW+uDzIf8GsH/iEcrjlhzXUgpjZ/
 PNsE/negj+HWJnmOeoXUKwB+C/+ppHSKnC4FBOgeA6YC5bkfkqm1rENkHlGOzBFt
 PGO7t7T9jyskdyBYB0N5a/m9B0zVH0XE38OMCsv8rzZXr249QUg+3SLmcbdWTnj0
 0KF2wK9tVYip3eL7RnRche4YKjgqCIWK9SpFsSZXvS6FS4yx/tnPTmnAPBOcp2rH
 KF2Z/sC4O663C9sD4//ghH40OzsUn64TEOdZlMSADBfzE5kWcZN13B7EfVUJhAGF
 6Xh0z4G6T1NMEKJeZByo1lcLvq+o+hhXOKmH4dA6rpz4iPraUEMRrIFpv8Nb7G6l
 oppYkmI=
 =2pFX
 -----END PGP SIGNATURE-----

Merge tag 'qemu-sparc-20211121' of git://github.com/mcayland/qemu into staging

qemu-sparc queue

# gpg: Signature made Sun 21 Nov 2021 10:57:01 AM CET
# gpg:                using RSA key CC621AB98E82200D915CC9C45BC2C56FAE0F321F
# gpg:                issuer "mark.cave-ayland@ilande.co.uk"
# gpg: Good signature from "Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>" [full]

* tag 'qemu-sparc-20211121' of git://github.com/mcayland/qemu:
  escc: update the R_SPEC register SPEC_ALLSENT bit when writing to W_TXCTRL1
  escc: always set STATUS_TXEMPTY in R_STATUS on device reset

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-21 14:12:25 +01:00
Mark Cave-Ayland
319e89cdc3 escc: update the R_SPEC register SPEC_ALLSENT bit when writing to W_TXCTRL1
The ESCC datasheet states that SPEC_ALLSENT is always set in sync mode and set
in async mode once all characters have cleared the transmitter. Since writes to
SERIAL_DATA use a synchronous chardev API, the guest can never see the state when
transmission is in progress so it is possible to set SPEC_ALLSENT in the
R_SPEC register unconditionally.

This fixes a hang when using the Sun PROM as it attempts to enumerate the
onboard serial devices, and a similar hang in OpenBSD SPARC32 where in both cases
the boot process will not proceed until SPEC_ALLSENT has been set after writing
to W_TXCTRL1.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20211118181835.18497-3-mark.cave-ayland@ilande.co.uk>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2021-11-21 09:56:52 +00:00
Mark Cave-Ayland
c29cd47e82 escc: always set STATUS_TXEMPTY in R_STATUS on device reset
The "Transmit Interrupts and Transmit Buffer Empty Bit" section of the ESCC
datasheet states the following about the STATUS_TXEMPTY bit: "After a hardware
reset (including a hardware reset by software), or a channel reset, this bit
is set to 1".

Update escc_reset() to set the STATUS_TXEMPTY bit in the R_STATUS register
on device reset as described which fixes a regression whereby the Sun PROM
checks this bit early on startup and gets stuck in an infinite loop if it is
not set.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20211118181835.18497-2-mark.cave-ayland@ilande.co.uk>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
2021-11-21 09:56:52 +00:00
Richard Henderson
8627edfb3f Bugfixes for 6.2.
-----BEGIN PGP SIGNATURE-----
 
 iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmGXb2kUHHBib256aW5p
 QHJlZGhhdC5jb20ACgkQv/vSX3jHroNkQggArLP8V1vL9XW9LJ6v4UdO4dp78MRb
 mP5zZhzY6CZ9NnbLW3rtS8GLrQ7XJdHl4huVIckIF3HW+TOBas2gXOiyWdskZRFS
 UGSoeejj2RHmTzBKWZN77G/GB0ElyKt3wvXeCEx0F8yiJXZhkw6n6tp3U/lGnic3
 sJmniTBZ+m3GGtrAaEL11x8ITdtdGEE4uIhspqN8X0kU+WkSsklm8+GAORzMpWGq
 Fqo46dd1C+st1GvbDOnghltYOEPPyKE6pZYOnZwB8X8hi01Ex53wXBXl98G8r8rt
 qA6P0lc5Eh8E3M7xm+kJBw1XNSkxjQioJ1SElmQFW5w5rVtYVSDEsaL4MQ==
 =3kjz
 -----END PGP SIGNATURE-----

Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging

Bugfixes for 6.2.

# gpg: Signature made Fri 19 Nov 2021 10:33:29 AM CET
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]

* tag 'for-upstream' of https://gitlab.com/bonzini/qemu:
  chardev/wctable: don't free the instance in wctablet_chr_finalize
  meson.build: Support ncurses on MacOS and OpenBSD
  docs: Spell QEMU all caps
  qtest/am53c974-test: add test for reset before transfer
  esp: ensure that async_len is reset to 0 during esp_hard_reset()
  nvmm: Fix support for stable version
  meson: fix botched compile check conversions

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-19 17:16:57 +01:00
Richard Henderson
d434a47905 ppc 6.2 queue:
* fix pmu vmstate
 * Fix compile of byte_reverse on new compilers
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEoPZlSPBIlev+awtgUaNDx8/77KEFAmGXj0oACgkQUaNDx8/7
 7KE2Yw//YonJIl8xqa179mC1RDRzVb7hFMYYmtcn0pbN732A4Fc3acXu29FyKJpR
 91ZV/y4gMJKCFyH3KlSHuQD0Oe2tXE7PZk5sxzd0o8fElLmMr1nAmNoT8Udfm2y0
 9IbnuPcGPz78fX6saN5MKlswHNuzDJGUpOzZjDkAjo3JZFbIg/YS76tMuc4GbkDH
 tDWa0mCm+vmJVd5lD35I2iUcRwZcF2kH3DWbS95s0yg4x20YUclELDty35xDdXK4
 wmTpgs2crMkP1ctWNkei+GOEzhmki7qcj+9iUJCV+2oLDWwUoVlXG0h4eke87/4d
 x0y2eeqJYn4PcDR8X0wktUPd532hP9hFn6l26UVwZk1bHYQqWxg3JR32c18WkQlz
 T2OhuEoTFUOJjTTReotZXdeZyaCsQkMUr7HL0y7p4hbvdGfdtCLNAgn5ppEWpb5+
 dHRb7sKv613qUN1zaqb6Trepjn0MwEjrdnNJwoXXP+ALimKRCwcGsMlSGehmCyTI
 kY2ZksQEq7z3TKCPi1VAS/gRbHBDn+FBGkptYv+N8xY1v+cmKpLogOsyLbACutZW
 EhNDZC0YlqXZS2+OQ91SuNzhQZvARP88bVJFn29syFgS8WA6qoWihdRBXxkRFvFe
 La8L3jwk5Z2kDLhdzp/NcZWv3ua210ITpt1/oSjtyJTUTQKeS+4=
 =jJBv
 -----END PGP SIGNATURE-----

Merge tag 'pull-ppc-20211119' of https://github.com/legoater/qemu into staging

ppc 6.2 queue:

* fix pmu vmstate
* Fix compile of byte_reverse on new compilers

# gpg: Signature made Fri 19 Nov 2021 12:49:30 PM CET
# gpg:                using RSA key A0F66548F04895EBFE6B0B6051A343C7CFFBECA1
# gpg: Good signature from "Cédric Le Goater <clg@kaod.org>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: A0F6 6548 F048 95EB FE6B  0B60 51A3 43C7 CFFB ECA1

* tag 'pull-ppc-20211119' of https://github.com/legoater/qemu:
  tests/tcg/ppc64le: Fix compile flags for byte_reverse
  pmu: fix pmu vmstate subsection list

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-19 13:39:19 +01:00
Richard Henderson
9c25e1db18 hw/nvme fixes
* Fix CVE-2021-3947
 * Controller hotplugging fixes
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEUigzqnXi3OaiR2bATeGvMW1PDekFAmGXWUcACgkQTeGvMW1P
 DelFZQgAjcyzkhxqCYRDIwCdnSa/E2kND5vkmF/CIb5CEi4TPOUygVKfW551fhJP
 0h8YfK2giD+d61iw+lgEED+4iCiqZzRqOQ62jNyEGejbw2ZTb7chGKEHzHznHx2w
 /2OamufO9rCS1bzqF0FyAi8dWBEXpIo88tWM717gCWmNEAKighI9gnJfEFqmsPkA
 g4GrxjtXdx5S0rhBUFKPRZ1fBheb2sUCDxPIV+kalCpYQn/ubjydBC7yAI7f5vNA
 GdKV8VjdXSEsGhtSSFgfJRyF/Tq4yrB9oWpq+h30QkqtuQlSvqxxxzsJKz7Y+YtA
 I/QaPATsq4qY8WPBKLvD9Kr4K1x0+Q==
 =BbXH
 -----END PGP SIGNATURE-----

Merge tag 'nvme-fixes-for-6.2-pull-request' of git://git.infradead.org/qemu-nvme into staging

hw/nvme fixes

* Fix CVE-2021-3947
* Controller hotplugging fixes

# gpg: Signature made Fri 19 Nov 2021 08:59:03 AM CET
# gpg:                using RSA key 522833AA75E2DCE6A24766C04DE1AF316D4F0DE9
# gpg: Good signature from "Klaus Jensen <its@irrelevant.dk>" [unknown]
# gpg:                 aka "Klaus Jensen <k.jensen@samsung.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: DDCA 4D9C 9EF9 31CC 3468  4272 63D5 6FC5 E55D A838
#      Subkey fingerprint: 5228 33AA 75E2 DCE6 A247  66C0 4DE1 AF31 6D4F 0DE9

* tag 'nvme-fixes-for-6.2-pull-request' of git://git.infradead.org/qemu-nvme:
  hw/nvme: fix buffer overrun in nvme_changed_nslist (CVE-2021-3947)
  hw/nvme: change nvme-ns 'shared' default
  hw/nvme: reattach subsystem namespaces on hotplug

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-19 11:01:46 +01:00
Daniil Tatianin
fdc6e16818 chardev/wctable: don't free the instance in wctablet_chr_finalize
Object is supposed to be freed by invoking obj->free, and not
obj->instance_finalize. This would lead to use-after-free followed by
double free in object_unref/object_finalize.

Signed-off-by: Daniil Tatianin <d-tatianin@yandex-team.ru>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20211117142349.836279-1-d-tatianin@yandex-team.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-11-19 10:24:50 +01:00
Stefan Weil
fbab8cc24d meson.build: Support ncurses on MacOS and OpenBSD
MacOS provides header files for curses 5.7 with support
for wide characters, but requires _XOPEN_SOURCE_EXTENDED=1
to activate that.

By default those old header files are used even if there
is a newer Homebrew installation of ncurses 6.2 available.

Change also the old macro definition of NCURSES_WIDECHAR
and set it to 1 like it is done in newer versions of
curses.h when _XOPEN_SOURCE_EXTENDED=1 is defined.

OpenBSD has the same version of ncurses and needs the same fix.

Suggested-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Tested-by: Brad Smith <brad@comstyle.com>
Message-Id: <20211117205355.1392292-1-sw@weilnetz.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-11-19 10:18:27 +01:00
Philippe Mathieu-Daudé
5135fe7110 docs: Spell QEMU all caps
Replace Qemu -> QEMU.

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20211118143401.4101497-1-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-11-19 10:16:58 +01:00
Mark Cave-Ayland
283191640c qtest/am53c974-test: add test for reset before transfer
Based upon the qtest reproducer posted to Gitlab issue #724 at
https://gitlab.com/qemu-project/qemu/-/issues/724.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Acked-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20211118100327.29061-3-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-11-19 10:14:30 +01:00
Mark Cave-Ayland
3f26c97577 esp: ensure that async_len is reset to 0 during esp_hard_reset()
If a reset command is sent after data has been transferred into the SCSI buffer
ensure that async_len is reset to 0. Otherwise a subsequent TI command assumes
the SCSI buffer contains data to be transferred to the device causing it to
dereference the stale async_buf pointer.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Fixes: https://gitlab.com/qemu-project/qemu/-/issues/724
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20211118100327.29061-2-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-11-19 10:14:30 +01:00
nia
0cc4965049 nvmm: Fix support for stable version
NVMM user version 1 is the version being shipped with netbsd-9,
which is the most recent stable branch of NetBSD. This makes it
possible to use the NVMM accelerator on the most recent NetBSD
release, 9.2, which lacks nvmm_cpu_stop.

(CC'ing maintainers)

Signed-off-by: Nia Alarie <nia@NetBSD.org>
Reviewed-by: Kamil Rytarowski <kamil@netbsd.org>
Message-Id: <YWblCe2J8GwCaV9U@homeworld.netbsd.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-11-19 10:13:44 +01:00
Richard Henderson
3760a04c35 -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
 
 iQEcBAABAgAGBQJhlx3cAAoJEO8Ells5jWIRS2QH/0o9xGF696ERTuxO4PtdEQRf
 Em9HmPSB2yMQNrPfo6/P5PTyXfrPSi9LrDjw0JR7WmAI8JbYuxUm8D9iFwCdWwHk
 SOKbShk+JPWD0j1C4DO40aXfelN+0yUa4bccvgr7vnt2LeZuJg7k4lG7U5GUdhHG
 OWxqR8wC4+obkQYuPOxocOaoYgFfgNkOayVKPZkSW3wOKwRj8w8pMT31V2xKMkPH
 OXeMiShbVKkcrBXZKxjQR3I0NWDJfjkYH2mcxq2uAHenzHuixd7LhbRiMtX991No
 ckOz1kjCBooXUBG/uXmqW5zqiRr0h7CBXVekfhX3iZPkr6oMfj6VVGZj3KwTPXQ=
 =m0td
 -----END PGP SIGNATURE-----

Merge tag 'net-pull-request' of https://github.com/jasowang/qemu into staging

# gpg: Signature made Fri 19 Nov 2021 04:45:32 AM CET
# gpg:                using RSA key EF04965B398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F  3562 EF04 965B 398D 6211

* tag 'net-pull-request' of https://github.com/jasowang/qemu:
  net/colo-compare.c: Fix incorrect return when input wrong size
  net/colo-compare.c: Fix ACK track reverse issue
  net: vmxnet3: validate configuration values during activate (CVE-2021-20203)

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-19 09:49:16 +01:00
Klaus Jensen
e2c57529c9 hw/nvme: fix buffer overrun in nvme_changed_nslist (CVE-2021-3947)
Fix missing offset verification.

Cc: qemu-stable@nongnu.org
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Reported-by: Qiuhao Li <Qiuhao.Li@outlook.com>
Fixes: f432fdfa12 ("support changed namespace asynchronous event")
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
2021-11-19 07:32:19 +01:00
Klaus Jensen
916b0f0b52 hw/nvme: change nvme-ns 'shared' default
Change namespaces to be shared namespaces by default (parameter
shared=on). Keep shared=off for older machine types.

Reviewed-by: Keith Busch <kbusch@kernel.org>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
2021-11-19 07:31:56 +01:00
Hannes Reinecke
9fc6e86e8b hw/nvme: reattach subsystem namespaces on hotplug
With commit 5ffbaeed16 ("hw/nvme: fix controller hot unplugging")
namespaces get moved from the controller to the subsystem if one
is specified.
That keeps the namespaces alive after a controller hot-unplug, but
after a controller hotplug we have to reconnect the namespaces
from the subsystem to the controller.

Fixes: 5ffbaeed16 ("hw/nvme: fix controller hot unplugging")
Cc: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Keith Busch <kbusch@kernel.org>
Signed-off-by: Hannes Reinecke <hare@suse.de>
[k.jensen: only attach to shared and non-detached namespaces]
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
2021-11-19 07:31:34 +01:00
Zhang Chen
0656fbc7dd net/colo-compare.c: Fix incorrect return when input wrong size
Signed-off-by: Zhang Chen <chen.zhang@intel.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-11-19 11:44:22 +08:00
Zhang Chen
fb5eca4a57 net/colo-compare.c: Fix ACK track reverse issue
The TCP protocol ACK maybe bigger than uint32_t MAX.
At this time, the ACK will reverse to 0. This patch
fix the max_ack and min_ack track issue.

Signed-off-by: Zhang Chen <chen.zhang@intel.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-11-19 11:44:22 +08:00
Prasad J Pandit
d05dcd94ae net: vmxnet3: validate configuration values during activate (CVE-2021-20203)
While activating device in vmxnet3_acticate_device(), it does not
validate guest supplied configuration values against predefined
minimum - maximum limits. This may lead to integer overflow or
OOB access issues. Add checks to avoid it.

Fixes: CVE-2021-20203
Buglink: https://bugs.launchpad.net/qemu/+bug/1913873
Reported-by: Gaoning Pan <pgn@zju.edu.cn>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-11-19 11:43:47 +08:00
Richard Henderson
44a3aa0608 Add property for requesting AMD SEV measured kernel launch
- The 'sev-guest' object gains a boolean 'kernel-hashes' property
    which must be enabled to request a measured kernel launch.
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE2vOm/bJrYpEtDo4/vobrtBUQT98FAmGWViUACgkQvobrtBUQ
 T9+nmw/+OIAj3gWwpPNrUdi2KeqmBdSBMG13CUCFXfAmQUDD8GkYZ78Cgzm7gkjm
 kH/bNiOWxA8QnteeEC6K1SF0z+wlyl0Q6SKxP+Zo+iRWw0fJkKivvtz/e7bE3E/K
 A8l7u5ZUUSGcP8fc/LbPzXKwS0C46B506MekeKbV4A03renXxfK0WLsNDcB29n7G
 /f4JEDbs96WyfRJdyzo9U4oumndKEvh6c8CazRk9g3PZQlULmLq5JpvbQzap/4HL
 Z/46ZalJkbrAMrby+0e9wNBE+5g+vkD/bVOJwHG9bv6ZEvp1vWMYwI0wF5T7Y0Wx
 2Uv4d0z+mjP5zPoxhKHmVrZNGoYKG80vnOIO45WqTWeJFsF7khLZ+oBEy6ito/Zy
 +DOo/FJCeCxdlh6JRB2xPM452iswx8moC/1fY6jeuVDF14s/Br5TpIYP+cqeBF1B
 YKzyzPSOUKZWoyVTHCVzEu4ddrlIyw9FHemG4RvBRuVd7ed12xzWHs3pa6i8smHf
 zmroL34X+//MorgFk5fzNbTmR65EzXTjR6gp/UbEmgaOZRpM2Gyh94DQttaOm3Kq
 FaLHP+jLFmuJPcfthJYRpzC7WvVoX2YT5mk3xQNXtEPzA6ESodzWPc1cTignth3t
 5/+sYkT+KCj5BhENqKWxUPmewpmgM3L+GxNWyucEqX62TNxRN8g=
 =1HDG
 -----END PGP SIGNATURE-----

Merge tag 'sev-hashes-pull-request' of https://gitlab.com/berrange/qemu into staging

Add property for requesting AMD SEV measured kernel launch

 - The 'sev-guest' object gains a boolean 'kernel-hashes' property
   which must be enabled to request a measured kernel launch.

# gpg: Signature made Thu 18 Nov 2021 02:33:25 PM CET
# gpg:                using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full]
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>" [full]

* tag 'sev-hashes-pull-request' of https://gitlab.com/berrange/qemu:
  target/i386/sev: Replace qemu_map_ram_ptr with address_space_map
  target/i386/sev: Perform padding calculations at compile-time
  target/i386/sev: Fail when invalid hashes table area detected
  target/i386/sev: Rephrase error message when no hashes table in guest firmware
  target/i386/sev: Add kernel hashes only if sev-guest.kernel-hashes=on
  qapi/qom,target/i386: sev-guest: Introduce kernel-hashes=on|off option

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-18 15:06:05 +01:00
Dov Murik
58603ba268 target/i386/sev: Replace qemu_map_ram_ptr with address_space_map
Use address_space_map/unmap and check for errors.

Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Acked-by: Brijesh Singh <brijesh.singh@amd.com>
[Two lines wrapped for length - Daniel]
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-11-18 13:28:32 +00:00
Dov Murik
ddcc0d898e target/i386/sev: Perform padding calculations at compile-time
In sev_add_kernel_loader_hashes, the sizes of structs are known at
compile-time, so calculate needed padding at compile-time.

No functional change intended.

Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-11-18 11:08:09 +00:00
Dov Murik
a0190bf150 target/i386/sev: Fail when invalid hashes table area detected
Commit cff03145ed ("sev/i386: Introduce sev_add_kernel_loader_hashes
for measured linux boot", 2021-09-30) introduced measured direct boot
with -kernel, using an OVMF-designated hashes table which QEMU fills.

However, no checks are performed on the validity of the hashes area
designated by OVMF.  Specifically, if OVMF publishes the
SEV_HASH_TABLE_RV_GUID entry but it is filled with zeroes, this will
cause QEMU to write the hashes entries over the first page of the
guest's memory (GPA 0).

Add validity checks to the published area.  If the hashes table area's
base address is zero, or its size is too small to fit the aligned hashes
table, display an error and stop the guest launch.  In such case, the
following error will be displayed:

    qemu-system-x86_64: SEV: guest firmware hashes table area is invalid (base=0x0 size=0x0)

Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Reported-by: Brijesh Singh <brijesh.singh@amd.com>
Acked-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-11-18 11:08:03 +00:00