aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2018-11-19tests: exercise NBD server in TLS modeDaniel P. Berrangé4-0/+178
Add tests that validate it is possible to connect to an NBD server running TLS mode. Also test mis-matched TLS vs non-TLS connections correctly fail. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20181116155325.22428-7-berrange@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Tested-by: Eric Blake <eblake@redhat.com> [eblake: rebase to iotests shell cleanups, use ss instead of socat for port probing, sanitize port number in expected output] Signed-off-by: Eric Blake <eblake@redhat.com>
2018-11-19tests: add iotests helpers for dealing with TLS certificatesDaniel P. Berrangé1-0/+137
Add helpers to common.tls for creating TLS certificates for a CA, server and client. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20181116155325.22428-6-berrange@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> [eblake: spelling and quoting touchups] Signed-off-by: Eric Blake <eblake@redhat.com>
2018-11-19tests: check if qemu-nbd is still alive before waitingDaniel P. Berrangé1-1/+9
If the qemu-nbd UNIX socket has not shown up, the tests will sleep a bit and then check again repeatedly for up to 30 seconds. This is pointless if the qemu-nbd process has quit due to an error, so check whether the pid is still alive before waiting and retrying. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20181116155325.22428-5-berrange@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
2018-11-19tests: pull qemu-nbd iotest helpers into common.nbd fileDaniel P. Berrangé2-39/+64
The helpers for starting/stopping qemu-nbd in 058 will be useful in other test cases, so move them into a common.nbd file. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20181116155325.22428-4-berrange@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> [eblake: fix shell quoting] Signed-off-by: Eric Blake <eblake@redhat.com>
2018-11-19io: return 0 for EOF in TLS session read after shutdownDaniel P. Berrangé4-3/+12
GNUTLS takes a paranoid approach when seeing 0 bytes returned by the underlying OS read() function. It will consider this an error and return GNUTLS_E_PREMATURE_TERMINATION instead of propagating the 0 return value. It expects apps to arrange for clean termination at the protocol level and not rely on seeing EOF from a read call to detect shutdown. This is to harden apps against a malicious 3rd party causing termination of the sockets layer. This is unhelpful for the QEMU NBD code which does have a clean protocol level shutdown, but still relies on seeing 0 from the I/O channel read in the coroutine handling incoming replies. The upshot is that when using a plain NBD connection shutdown is silent, but when using TLS, the client spams the console with Cannot read from TLS channel: Broken pipe The NBD connection has, however, called qio_channel_shutdown() at this point to indicate that it is done with I/O. This gives the opportunity to optimize the code such that when the channel has been shutdown in the read direction, the error code GNUTLS_E_PREMATURE_TERMINATION gets turned into a '0' return instead of an error. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20181119134228.11031-1-berrange@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
2018-11-19nbd/server: Ignore write errors when replying to NBD_OPT_ABORTEric Blake1-4/+8
Commit 37ec36f6 intentionally ignores errors when trying to reply to an NBD_OPT_ABORT request for plaintext clients, but did not make the same change for a TLS server. Since NBD_OPT_ABORT is documented as being a potential for an EPIPE when the client hangs up without waiting for our reply, we don't need to pollute the server's output with that failure. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <20181117223221.2198751-1-eblake@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2018-11-19nbd: fix whitespace in server error messageDaniel P. Berrangé1-1/+1
A space was missing after the option number was printed: Option 0x8not permitted before TLS becomes Option 0x8 not permitted before TLS This fixes commit 3668328303429f3bc93ab3365c66331600b06a2d Author: Eric Blake <eblake@redhat.com> Date: Fri Oct 14 13:33:09 2016 -0500 nbd: Send message along with server NBD_REP_ERR errors Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20181116155325.22428-2-berrange@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> [eblake: move lone space to next line] Signed-off-by: Eric Blake <eblake@redhat.com>
2018-11-19qemu-iotests: Modern shell scripting (use $() instead of ``)Mao Zhongyi2-32/+32
Various shell files contain a mix between obsolete `` and modern $(); It would be nice to convert to using $() everywhere. For now, just do the qemu-iotests directory. Cc: kwolf@redhat.com Cc: mreitz@redhat.com Cc: eblake@redhat.com Suggested-by: Eric Blake <eblake@redhat.com> Signed-off-by: Mao Zhongyi <maozhongyi@cmss.chinamobile.com> Message-Id: <20181024094051.4470-4-maozhongyi@cmss.chinamobile.com> Reviewed-by: Eric Blake <eblake@redhat.com> [eblake: tweak commit message] Signed-off-by: Eric Blake <eblake@redhat.com>
2018-11-19qemu-iotests: convert `pwd` and $(pwd) to $PWDMao Zhongyi6-9/+7
POSIX requires $PWD to be reliable, and we expect all shells used by qemu scripts to be relatively close to POSIX. Thus, it is smarter to avoid forking the pwd executable for something that is already available in the environment. So replace it with the following: sed -i 's/\(`pwd`\|\$(pwd)\)/$PWD/g' $(git grep -l pwd) Then delete a pointless line assigning PWD to itself. Cc: kwolf@redhat.com Cc: mreitz@redhat.com Cc: eblake@redhat.com Suggested-by: Eric Blake <eblake@redhat.com> Signed-off-by: Mao Zhongyi <maozhongyi@cmss.chinamobile.com> Message-Id: <20181024094051.4470-2-maozhongyi@cmss.chinamobile.com> Reviewed-by: Eric Blake <eblake@redhat.com> [eblake: touch up commit message, reorder series, tweak a couple more files] Signed-off-by: Eric Blake <eblake@redhat.com>
2018-11-19qemu-iotests: remove unused variable 'here'Mao Zhongyi170-170/+0
Running git grep '\$here' tests/qemu-iotests has 0 hits, which means we are setting a variable that has no use. It appears that commit e8f8624d removed the last use. So execute the following cmd to remove all of the 'here=...' lines as dead code. sed -i '/^here=/d' $(git grep -l '^here=' tests/qemu-iotests) Cc: kwolf@redhat.com Cc: mreitz@redhat.com Cc: eblake@redhat.com Suggested-by: Eric Blake <eblake@redhat.com> Signed-off-by: Mao Zhongyi <maozhongyi@cmss.chinamobile.com> Message-Id: <20181024094051.4470-3-maozhongyi@cmss.chinamobile.com> Reviewed-by: Eric Blake <eblake@redhat.com> [eblake: touch up commit message, reorder series, rebase to master] Signed-off-by: Eric Blake <eblake@redhat.com>
2018-11-19Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into stagingPeter Maydell13-14/+310
Block layer patches: - file-posix: Fix shared permission locks after reopen - block: Fix error path for failed .bdrv_reopen_prepare - qcow2: Catch invalid allocations when the image becomes too large - vvfat/fdc/nvme: Fix segfaults and leaks # gpg: Signature made Mon 19 Nov 2018 14:28:18 GMT # gpg: using RSA key 7F09B272C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" # Primary key fingerprint: DC3D EB15 9A9A F95D 3D74 56FE 7F09 B272 C88F 2FD6 * remotes/kevin/tags/for-upstream: iotests: Test file-posix locking and reopen file-posix: Fix shared locks on reopen commit block: Always abort reopen after prepare succeeded iotests: Add new test 220 for max compressed cluster offset qcow2: Don't allow overflow during cluster allocation qcow2: Document some maximum size constraints vvfat: Fix memory leak fdc: fix segfault in fdctrl_stop_transfer() when DMA is disabled nvme: fix oob access issue(CVE-2018-16847) Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-11-19iotests: Test file-posix locking and reopenMax Reitz2-0/+80
Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-11-19file-posix: Fix shared locks on reopen commitMax Reitz1-1/+1
s->locked_shared_perm is the set of bits locked in the file, which is the inverse of the permissions actually shared. So we need to pass them as they are to raw_apply_lock_bytes() instead of inverting them again. Reported-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-11-19block: Always abort reopen after prepare succeededMax Reitz1-0/+12
bdrv_reopen_multiple() does not invoke bdrv_reopen_abort() for the element of the reopen queue for which bdrv_reopen_prepare() failed, because it assumes that the prepare function will have rolled back all changes already. However, bdrv_reopen_prepare() does not do this in every case: It may notice an error after BlockDriver.bdrv_reopen_prepare() succeeded, and it will not invoke BlockDriver.bdrv_reopen_abort() then; and neither will bdrv_reopen_multiple(), as explained above. This is wrong because we must always call .bdrv_reopen_commit() or .bdrv_reopen_abort() after .bdrv_reopen_prepare() has succeeded. Otherwise, the block driver has no chance to undo what it has done in its implementation of .bdrv_reopen_prepare(). To fix this, bdrv_reopen_prepare() has to call .bdrv_reopen_abort() if it wants to return an error after .bdrv_reopen_prepare() has succeeded. Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-11-19iotests: Add new test 220 for max compressed cluster offsetEric Blake3-0/+151
If you have a capable file system (tmpfs is good, ext4 not so much; run ./check with TEST_DIR pointing to a good location so as not to skip the test), it's actually possible to create a qcow2 file that expands to a sparse 512T image with just over 38M of content. The test is not the world's fastest (qemu crawling through 256M bits of refcount table to find the next cluster to allocate takes several seconds, as does qemu-img check reporting millions of leaked clusters); but it DOES catch the problem that the previous patch just fixed where writing a compressed cluster to a full image ended up overwriting the wrong cluster. Suggested-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-11-19qcow2: Don't allow overflow during cluster allocationEric Blake2-7/+19
Our code was already checking that we did not attempt to allocate more clusters than what would fit in an INT64 (the physical maximimum if we can access a full off_t's worth of data). But this does not catch smaller limits enforced by various spots in the qcow2 image description: L1 and normal clusters of L2 are documented as having bits 63-56 reserved for other purposes, capping our maximum offset at 64PB (bit 55 is the maximum bit set). And for compressed images with 2M clusters, the cap drops the maximum offset to bit 48, or a maximum offset of 512TB. If we overflow that offset, we would write compressed data into one place, but try to decompress from another, which won't work. It's actually possible to prove that overflow can cause image corruption without this patch; I'll add the iotests separately in the next commit. Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-11-19qcow2: Document some maximum size constraintsEric Blake1-2/+36
Although off_t permits up to 63 bits (8EB) of file offsets, in practice, we're going to hit other limits first. Document some of those limits in the qcow2 spec (some are inherent, others are implementation choices of qemu), and how choice of cluster size can influence some of the limits. While we cannot map any uncompressed virtual cluster to any address higher than 64 PB (56 bits) (due to the current L1/L2 field encoding stopping at bit 55), qemu's cap of 8M for the refcount table can still access larger host addresses for some combinations of large clusters and small refcount_order. For comparison, ext4 with 4k blocks caps files at 16PB. Another interesting limit: for compressed clusters, the L2 layout requires an ever-smaller maximum host offset as cluster size gets larger, down to a 512 TB maximum with 2M clusters. In particular, note that with a cluster size of 8k or smaller, the L2 entry for a compressed cluster could technically point beyond the 64PB mark, but when you consider that with 8k clusters and refcount_order = 0, you cannot access beyond 512T without exceeding qemu's limit of an 8M cap on the refcount table, it is unlikely that any image in the wild has attempted to do so. To be safe, let's document that bits beyond 55 in a compressed cluster must be 0. Signed-off-by: Eric Blake <eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-11-19vvfat: Fix memory leakKevin Wolf1-3/+3
Don't leak 'cluster' in the mapping == NULL case. Found by Coverity (CID 1055918). Fixes: 8d9401c2791ee2d2805b741b1ee3006041edcd3e Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Liam Merwick <liam.merwick@oracle.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2018-11-19fdc: fix segfault in fdctrl_stop_transfer() when DMA is disabledMark Cave-Ayland1-1/+1
Commit c8a35f1cf0f "fdc: use IsaDma interface instead of global DMA_* functions" accidentally introduced a segfault in fdctrl_stop_transfer() for non-DMA transfers. If fdctrl->dma_chann has not been configured then the fdctrl->dma interface reference isn't initialised during isabus_fdc_realize(). Unfortunately fdctrl_stop_transfer() unconditionally references the DMA interface when finishing the transfer causing a NULL pointer dereference. Fix the issue by adding a check in fdctrl_stop_transfer() so that the DMA interface reference and release method is only invoked if fdctrl->dma_chann has been set. (This issue was discovered by Martin testing a recent change in the NetBSD installer under qemu-system-sparc) Cc: qemu-stable@nongnu.org Reported-by: Martin Husemann <martin@duskware.de> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Hervé Poussineau <hpoussin@reactos.org> Reviewed-by: John Snow <jsnow@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-11-19nvme: fix oob access issue(CVE-2018-16847)Li Qiang1-0/+7
Currently, the nvme_cmb_ops mr doesn't check the addr and size. This can lead an oob access issue. This is triggerable in the guest. Add check to avoid this issue. Fixes CVE-2018-16847. Reported-by: Li Qiang <liq3ea@gmail.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Li Qiang <liq3ea@gmail.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-11-19MAINTAINERS: clarify some of the tagsCornelia Huck1-0/+5
The MAINTAINERS file is a bit sparse on information about what the different designators are. Let's add some more information to give contributors a better idea about what the different roles are. Signed-off-by: Cornelia Huck <cohuck@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Message-id: 20181026105711.29605-1-cohuck@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-11-19Merge remote-tracking branch ↵Peter Maydell4-343/+450
'remotes/amarkovic/tags/mips-queue-november-2018-v2' into staging MIPS queue for QEMU 3.1-rc2 - v2 # gpg: Signature made Sat 17 Nov 2018 18:30:46 GMT # gpg: using RSA key D4972A8967F75A65 # gpg: Good signature from "Aleksandar Markovic <amarkovic@wavecomp.com>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 8526 FBF1 5DA3 811F 4A01 DD75 D497 2A89 67F7 5A65 * remotes/amarkovic/tags/mips-queue-november-2018-v2: MAINTAINERS: Add Stefan Markovic as a MIPS reviewer target/mips: Disable R5900 support target/mips: Rename MMI-related functions target/mips: Rename MMI-related opcodes target/mips: Rename MMI-related masks target/mips: Guard check_insn with INSN_R5900 check target/mips: Guard check_insn_opc_user_only with INSN_R5900 check target/mips: Fix decoding mechanism of special R5900 opcodes target/mips: Fix decoding mechanism of R5900 DIV1 and DIVU1 target/mips: Fix decoding mechanism of R5900 MFLO1, MFHI1, MTLO1 and MTHI1 linux-user: Update MIPS specific prctl() implementation Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-11-19Merge remote-tracking branch 'remotes/riscv/tags/riscv-for-master-3.1-rc2' ↵Peter Maydell2-8/+17
into staging RISC-V Patches for 3.1-rc2 This pull request contains four patches that aren't really related to each other aside from all being bug fixes that I think should go in for 3.1.0: * The second half of Alistair's memory leak patch set that I missed last week. * A fix to make fclass.d availiable only on RV64IFD systems (without this it's availiable on RV32IFD systems, truncating the result). * A fix to make sfence.vm availiable only in priv-1.9.1, and sfence.vma only availiable in priv-1.10. * A change to respect fences in user-mode emulators, which were previously treated as NOPs. As usual, this builds and boot Linux for me. I don't think I have anything else planned for 3.1.0, but I may be wrong as things are a bit hectic this week. # gpg: Signature made Tue 13 Nov 2018 23:48:38 GMT # gpg: using RSA key EF4CA1502CCBAB41 # gpg: Good signature from "Palmer Dabbelt <palmer@dabbelt.com>" # gpg: aka "Palmer Dabbelt <palmer@sifive.com>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 00CE 76D1 8349 60DF CE88 6DF8 EF4C A150 2CCB AB41 * remotes/riscv/tags/riscv-for-master-3.1-rc2: RISC-V: Respect fences for user-only emulators target/riscv: Fix sfence.vm/a both available in any priv version target/riscv: Fix FCLASS_D being treated as RV64 only hw/riscv/virt: Free the test device tree node name Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-11-17MAINTAINERS: Add Stefan Markovic as a MIPS reviewerAleksandar Markovic1-0/+9
Add Stefan Markovic as a MIPS reviewer. He had several key contributions to QEMU for MIPS this year. He is a meticulous person with the ability to think and act on many levels. Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com> Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2018-11-17target/mips: Disable R5900 supportAleksandar Markovic1-59/+0
Disable R5900 support. There are some outstanding issues related to ABI support and emulation accuracy, that were not understood well during review process. Disable to avoid backward compatibility issues. Reverts commit ed4f49ba9bb56ebca6987b1083255daf6c89b5de. Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2018-11-17target/mips: Rename MMI-related functionsAleksandar Markovic1-16/+16
Rename MMI-related functions. Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com> Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2018-11-17target/mips: Rename MMI-related opcodesAleksandar Markovic1-236/+236
Rename MMI-related opcodes. Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com> Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2018-11-17target/mips: Rename MMI-related masksAleksandar Markovic1-10/+10
Rename MMI-related masks. Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com> Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2018-11-17target/mips: Guard check_insn with INSN_R5900 checkFredrik Noring1-3/+6
Explicitely mark handling of PREF instruction for R5900 as treating the same as NOP. Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com> Signed-off-by: Fredrik Noring <noring@nocrew.org> Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2018-11-17target/mips: Guard check_insn_opc_user_only with INSN_R5900 checkFredrik Noring1-4/+12
Avoid using check_opc_user_only() as a decision making code wrt various architectures. Use ctx->insn_flags checks instead. Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com> Signed-off-by: Fredrik Noring <noring@nocrew.org> Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2018-11-17target/mips: Fix decoding mechanism of special R5900 opcodesFredrik Noring1-4/+50
MOVN, MOVZ, MFHI, MFLO, MTHI, MTLO, MULT, MULTU, DIV, DIVU, DMULT, DMULTU, DDIV, DDIVU and JR are decoded in decode_opc_special_tx79 instead of the generic decode_opc_special_legacy. Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com> Signed-off-by: Fredrik Noring <noring@nocrew.org> Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2018-11-17target/mips: Fix decoding mechanism of R5900 DIV1 and DIVU1Fredrik Noring1-6/+59
DIV1 and DIVU1 are generated in gen_div1_tx79 instead of the generic gen_muldiv. Signed-off-by: Fredrik Noring <noring@nocrew.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2018-11-17target/mips: Fix decoding mechanism of R5900 MFLO1, MFHI1, MTLO1 and MTHI1Fredrik Noring1-11/+40
MFLO1, MFHI1, MTLO1 and MTHI1 are generated in gen_HILO1_tx79 instead of the generic gen_HILO. Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com> Signed-off-by: Fredrik Noring <noring@nocrew.org> Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2018-11-17linux-user: Update MIPS specific prctl() implementationStefan Markovic1-0/+18
Perform needed checks before actual prctl() PR_SET_FP_MODE and PR_GET_FP_MODE work based on kernel implementation. Also, update necessary hflags. Reviewed-by: Laurent Vivier <laurent@vivier.eu> Signed-off-by: Stefan Markovic <smarkovic@wavecomp.com> Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2018-11-16Merge remote-tracking branch ↵Peter Maydell3-3/+22
'remotes/kraxel/tags/fixes-31-20181116-pull-request' into staging ui: add rendernode arg for egl-headless (fixes permission issues with libvirt) # gpg: Signature made Fri 16 Nov 2018 13:29:15 GMT # gpg: using RSA key 4CB6D8EED3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" # Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138 * remotes/kraxel/tags/fixes-31-20181116-pull-request: help: Provide help for egl-headless ui: Allow specifying 'rendernode' display option for egl-headless qapi: Add "rendernode" display option for egl-headless Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-11-16help: Provide help for egl-headlessErik Skultety1-1/+5
EGL headless has been missing from QEMU's help or man page, we should mention that such a thing exists, especially since projects like libvirt might rely on that. This patch also adds the newly introduced option for egl-headless 'rendernode'. Signed-off-by: Erik Skultety <eskultet@redhat.com> Message-id: 87ef678b0934d3abba66c46c9e65b57119d29295.1542362949.git.eskultet@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-11-16ui: Allow specifying 'rendernode' display option for egl-headlessErik Skultety1-1/+1
As libvirt can't predict which rendernode QEMU would pick, it won't adjust the permissions on the device, hence QEMU getting "Permission denied" when opening the DRI device. Therefore, enable 'rendernode' option for egl-headless display type. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1648236 Signed-off-by: Erik Skultety <eskultet@redhat.com> Message-id: 27f4617f19aa1072114f10f1aa9dd199735ef982.1542362949.git.eskultet@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-11-16qapi: Add "rendernode" display option for egl-headlessErik Skultety1-1/+16
Unlike SPICE, egl-headless doesn't offer a way of specifying the DRM node used for OpenGL, hence QEMU always selecting the first one that is available. Thus, add the 'rendernode' option for egl-headless to QAPI. Signed-off-by: Erik Skultety <eskultet@redhat.com> Message-id: 7658e15eca72d520e7a5fb1c2e724702d83d4f7f.1542362949.git.eskultet@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-11-16Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into ↵Peter Maydell1-1/+2
staging # gpg: Signature made Fri 16 Nov 2018 03:38:58 GMT # gpg: using RSA key EF04965B398D6211 # gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211 * remotes/jasowang/tags/net-pull-request: net/filter-rewriter.c: Fix coverity static analysis issue Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-11-16net/filter-rewriter.c: Fix coverity static analysis issueZhang Chen1-1/+2
The original code just follow the TCP state diagram, but in this case, we can skip the TCPS_TIME_WAIT state to simplify the implementation. Signed-off-by: Zhang Chen <zhangckid@gmail.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2018-11-15Merge remote-tracking branch ↵Peter Maydell2-2/+2
'remotes/stefanberger/tags/pull-tpm-2018-11-15-1' into staging Merge tpm 2018/11/15 v1 # gpg: Signature made Thu 15 Nov 2018 14:03:45 GMT # gpg: using RSA key 75AD65802A0B4211 # gpg: Good signature from "Stefan Berger <stefanb@linux.vnet.ibm.com>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: B818 B9CA DF90 89C2 D5CE C66B 75AD 6580 2A0B 4211 * remotes/stefanberger/tags/pull-tpm-2018-11-15-1: tests: tpm: Use g_test_message rather than fprintf tpm: use loop iterator to set sts data field Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-11-15linux-user/sparc/signal.c: Remove dead codePeter Maydell1-8/+8
Coverity complains (CID 1390847) about some dead code in do_sigreturn(). This is an if (err) clause that can never be true, copied from the kernel (where __get_user returns an error). The one code path that could report an error is in the currently commented-out pseudocode for handling FPU register restoring, so move the if into that comment (and fix the broken indent in the comment in the process). (The new position for the error check is also the semantically correct one -- we should not restore the signal mask from the signal frame if we get an error here, so the check must be done before set_sigmask(), not after.) Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Laurent Vivier <laurent@vivier.eu> Message-id: 20181115114616.26265-1-peter.maydell@linaro.org
2018-11-15make-release: add skiboot .version fileMichael Roth1-0/+1
This is needed to build skiboot from tarball-distributed sources since the git data the make_release.sh script relies on to generate it is not available. Cc: qemu-stable@nongnu.org Reported-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 20181109161352.29873-1-mdroth@linux.vnet.ibm.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-11-15Merge remote-tracking branch ↵Peter Maydell2-3/+9
'remotes/stsquad/tags/pull-testing-fixes-for-3.1-141118-1' into staging Testing tweaks: - split MacOSX build - fix for readdir() failures in check-tcg # gpg: Signature made Wed 14 Nov 2018 13:08:24 GMT # gpg: using RSA key FBD0DB095A9E2A44 # gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" # Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44 * remotes/stsquad/tags/pull-testing-fixes-for-3.1-141118-1: tests/tcg/multiarch: fix 32bit linux-test on 64bit host .travis.yml: split MacOSX builds and reduce target list Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-11-15Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20181114' into stagingPeter Maydell1-6/+19
Fix error handling during zpci device creation. # gpg: Signature made Wed 14 Nov 2018 10:08:43 GMT # gpg: using RSA key DECF6B93C6F02FAF # gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>" # gpg: aka "Cornelia Huck <huckc@linux.vnet.ibm.com>" # gpg: aka "Cornelia Huck <cornelia.huck@de.ibm.com>" # gpg: aka "Cornelia Huck <cohuck@kernel.org>" # gpg: aka "Cornelia Huck <cohuck@redhat.com>" # Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0 18CE DECF 6B93 C6F0 2FAF * remotes/cohuck/tags/s390x-20181114: s390x/pci: properly fail if the zPCI device cannot be created Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-11-14tests: tpm: Use g_test_message rather than fprintfStefan Berger1-1/+1
Display a message during the test using g_test_message rather than fprintf. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Thomas Huth <thuth@redhat.com>
2018-11-14tpm: use loop iterator to set sts data fieldPrasad J Pandit1-1/+1
When TIS request is done, set 'sts' data field across all localities. Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2018-11-14tests/tcg/multiarch: fix 32bit linux-test on 64bit hostLaurent Vivier1-2/+2
Fix: TEST linux-test on i386 .../tests/tcg/multiarch/linux-test.c:201: readdir readdir() calls getdents64() to have the list of the entries in a directory, and getdents64() can return 64bit d_off values (with ext4, for instance) that will not fit in the 32bit d_off field of the readdir() dirent structure. To avoid that, use readdir64() to use a 64bit d_off field too. Signed-off-by: Laurent Vivier <laurent@vivier.eu> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
2018-11-14.travis.yml: split MacOSX builds and reduce target listAlex Bennée1-1/+7
We have reached the point where the MacOSX build was regularly timing out. So as before I've reduced the target list to "major" architectures to try and bring the build time down. I've added an additional MacOSX build with the latest XCode with a minimal list of "most likely" targets on MacOS. Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
2018-11-13RISC-V: Respect fences for user-only emulatorsPalmer Dabbelt1-2/+0
Our current fence implementation ignores fences for the user-only configurations. This is incorrect but unlikely to manifest: it requires multi-threaded user-only code that takes advantage of the weakness in the host's memory model and can be inlined by TCG. This patch simply treats fences the same way for all our emulators. I've given it to testing as I don't want to construct a test that would actually trigger the failure. Our fence implementation has an additional deficiency where we map all RISC-V fences to full fences. Now that we have a formal memory model for RISC-V we can start to take advantage of the strength bits on our fence instructions. This requires a bit more though, so I'm going to split it out because the implementation is still correct without taking advantage of these weaker fences. Thanks to Richard Henderson for pointing out both of the issues. Signed-off-by: Palmer Dabbelt <palmer@sifive.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>