aboutsummaryrefslogtreecommitdiff
path: root/docs
AgeCommit message (Collapse)AuthorFilesLines
2022-03-09Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2022-03-07' into ↵Peter Maydell1-0/+13
staging nbd patches for 2022-03-07 - Dan Berrange: Allow qemu-nbd to support TLS over Unix sockets - Eric Blake: Minor cleanups related to 64-bit block operations # gpg: Signature made Tue 08 Mar 2022 01:41:35 GMT # gpg: using RSA key 71C2CC22B1C4602927D2F3AAA7A16B4A2527436A # gpg: Good signature from "Eric Blake <eblake@redhat.com>" [full] # gpg: aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>" [full] # gpg: aka "[jpeg image of size 6874]" [full] # Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2 F3AA A7A1 6B4A 2527 436A * remotes/ericb/tags/pull-nbd-2022-03-07: qemu-io: Allow larger write zeroes under no fallback qemu-io: Utilize 64-bit status during map nbd/server: Minor cleanups tests/qemu-iotests: validate NBD TLS with UNIX sockets and PSK tests/qemu-iotests: validate NBD TLS with UNIX sockets tests/qemu-iotests: validate NBD TLS with hostname mismatch tests/qemu-iotests: convert NBD TLS test to use standard filters tests/qemu-iotests: introduce filter for qemu-nbd export list tests/qemu-iotests: expand _filter_nbd rules tests/qemu-iotests: add QEMU_IOTESTS_REGEN=1 to update reference file block/nbd: don't restrict TLS usage to IP sockets qemu-nbd: add --tls-hostname option for TLS certificate validation block/nbd: support override of hostname for TLS certificate validation block: pass desired TLS hostname through from block driver client crypto: mandate a hostname when checking x509 creds on a client Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-03-08Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into stagingPeter Maydell6-0/+345
virtio,pc,pci: features, cleanups, fixes vhost-user enabled on non-linux systems beginning of nvme sriov support bigger tx queue for vdpa virtio iommu bypass FADT flag to detect legacy keyboards Fixes, cleanups all over the place Signed-off-by: Michael S. Tsirkin <mst@redhat.com> # gpg: Signature made Mon 07 Mar 2022 22:43:31 GMT # gpg: using RSA key 5D09FD0871C8F85B94CA8A0D281F0DB8D28D5469 # gpg: issuer "mst@redhat.com" # gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full] # gpg: aka "Michael S. Tsirkin <mst@redhat.com>" [full] # Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67 # Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469 * remotes/mst/tags/for_upstream: (47 commits) hw/acpi/microvm: turn on 8042 bit in FADT boot architecture flags if present tests/acpi: i386: update FACP table differences hw/acpi: add indication for i8042 in IA-PC boot flags of the FADT table tests/acpi: i386: allow FACP acpi table changes docs: vhost-user: add subsection for non-Linux platforms configure, meson: allow enabling vhost-user on all POSIX systems vhost: use wfd on functions setting vring call fd event_notifier: add event_notifier_get_wfd() pci: drop COMPAT_PROP_PCP for 2.0 machine types hw/smbios: Add table 4 parameter, "processor-id" x86: cleanup unused compat_apic_id_mode vhost-vsock: detach the virqueue element in case of error pc: add option to disable PS/2 mouse/keyboard acpi: pcihp: pcie: set power on cap on parent slot pci: expose TYPE_XIO3130_DOWNSTREAM name pci: show id info when pci BDF conflict hw/misc/pvpanic: Use standard headers instead headers: Add pvpanic.h pci-bridge/xio3130_downstream: Fix error handling pci-bridge/xio3130_upstream: Fix error handling ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org> # Conflicts: # docs/specs/index.rst
2022-03-07qemu-nbd: add --tls-hostname option for TLS certificate validationDaniel P. Berrangé1-0/+13
When using the --list option, qemu-nbd acts as an NBD client rather than a server. As such when using TLS, it has a need to validate the server certificate. This adds a --tls-hostname option which can be used to override the default hostname used for certificate validation. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20220304193610.3293146-5-berrange@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
2022-03-06docs: vhost-user: add subsection for non-Linux platformsSergio Lopez1-0/+20
Add a section explaining how vhost-user is supported on platforms other than Linux. Signed-off-by: Sergio Lopez <slp@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Message-Id: <20220304100854.14829-5-slp@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-03-06pcie: Add some SR/IOV API documentation in docs/pcie_sriov.txtKnut Omang1-0/+115
Add a small intro + minimal documentation for how to implement SR/IOV support for an emulated device. Signed-off-by: Knut Omang <knuto@ifi.uio.no> Message-Id: <20220217174504.1051716-3-lukasz.maniak@linux.intel.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-03-06hw/i386/pc_piix: Mark the machine types from version 1.4 to 1.7 as deprecatedThomas Huth1-0/+8
The list of machine types grows larger and larger each release ... and it is unlikely that many people still use the very old ones for live migration. QEMU v1.7 has been released more than 8 years ago, so most people should have updated their machines to a newer version in those 8 years at least once. Thus let's mark the very old 1.x machine types as deprecated now. Signed-off-by: Thomas Huth <thuth@redhat.com> Message-Id: <20220117191639.278497-1-thuth@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-03-05Merge remote-tracking branch 'remotes/kwolf-gitlab/tags/for-upstream' into ↵Peter Maydell1-0/+7
staging Block layer patches - qemu-storage-daemon: Add --daemonize - Fix x-blockdev-amend and block node activation code which incorrectly executed code in the iothread that must run in the main thread. - Add macros for coroutine-safe TLS variables (required for correctness with LTO) - Fix crashes with concurrent I/O and bdrv_refresh_limits() - Split block APIs in global state and I/O - iotests: Don't refuse to run at all without GNU sed, just skip tests that need it # gpg: Signature made Fri 04 Mar 2022 17:18:31 GMT # gpg: using RSA key DC3DEB159A9AF95D3D7456FE7F09B272C88F2FD6 # gpg: issuer "kwolf@redhat.com" # gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full] # Primary key fingerprint: DC3D EB15 9A9A F95D 3D74 56FE 7F09 B272 C88F 2FD6 * remotes/kwolf-gitlab/tags/for-upstream: (50 commits) block/amend: Keep strong reference to BDS block/amend: Always call .bdrv_amend_clean() tests/qemu-iotests: Rework the checks and spots using GNU sed iotests/graph-changes-while-io: New test iotests: Allow using QMP with the QSD block: Make bdrv_refresh_limits() non-recursive job.h: assertions in the callers of JobDriver function pointers job.h: split function pointers in JobDriver block-backend-common.h: split function pointers in BlockDevOps block_int-common.h: assertions in the callers of BdrvChildClass function pointers block_int-common.h: split function pointers in BdrvChildClass block_int-common.h: assertions in the callers of BlockDriver function pointers block_int-common.h: split function pointers in BlockDriver block/coroutines: I/O and "I/O or GS" API block/copy-before-write.h: global state API + assertions include/block/snapshot: global state API + assertions assertions for blockdev.h global state API include/sysemu/blockdev.h: global state API assertions for blockjob.h global state API include/block/blockjob.h: global state API ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-03-04Merge remote-tracking branch ↵Peter Maydell2-0/+126
'remotes/kraxel/tags/kraxel-20220304-pull-request' into staging usb: fixes for ohci, xhci, mtp and redirect audio: latency fixes ui: opengl and cocoa fixes firmware: ovmf tabel aprser fixes # gpg: Signature made Fri 04 Mar 2022 14:18:47 GMT # gpg: using RSA key A0328CFFB93A17A79901FE7D4CB6D8EED3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full] # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" [full] # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full] # Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138 * remotes/kraxel/tags/kraxel-20220304-pull-request: (35 commits) hw/display/vmware_vga: replace fprintf calls with trace events edid: Fix clock of Detailed Timing Descriptor softmmu/qdev-monitor: Add virtio-gpu-gl aliases ui/cocoa: Add Services menu ui/clipboard: fix use-after-free regression ui: do not create a surface when resizing a GL scanout ui/console: fix texture leak when calling surface_gl_create_texture() ui/console: fix crash when using gl context with non-gl listeners docs: Add spec of OVMF GUIDed table for SEV guests hw/i386: Replace magic number with field length calculation hw/i386: Improve bounds checking in OVMF table parsing coreaudio: Notify error in coreaudio_init_out hw/usb/redirect.c: Stop using qemu_oom_check() sdlaudio: fix samples vs. frames mix-up paaudio: fix samples vs. frames mix-up ossaudio: reduce effective playback buffer size dsoundaudio: reduce effective playback buffer size paaudio: reduce effective playback buffer size audio: restore mixing-engine playback buffer size Revert "audio: fix wavcapture segfault" ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-03-04qsd: Add --daemonizeHanna Reitz1-0/+7
To implement this, we reuse the existing daemonizing functions from the system emulator, which mainly do the following: - Fork off a child process, and set up a pipe between parent and child - The parent process waits until the child sends a status byte over the pipe (0 means that the child was set up successfully; anything else (including errors or EOF) means that the child was not set up successfully), and then exits with an appropriate exit status - The child process enters a new session (forking off again), changes the umask, and will ignore terminal signals from then on - Once set-up is complete, the child will chdir to /, redirect all standard I/O streams to /dev/null, and tell the parent that set-up has been completed successfully In contrast to qemu-nbd's --fork implementation, during the set up phase, error messages are not piped through the parent process. qemu-nbd mainly does this to detect errors, though (while os_daemonize() has the child explicitly signal success after set up); because we do not redirect stderr after forking, error messages continue to appear on whatever the parent's stderr was (until set up is complete). Signed-off-by: Hanna Reitz <hreitz@redhat.com> Message-Id: <20220303164814.284974-4-hreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2022-03-04docs/acpi/erst: add device id for ACPI ERST device in pci-ids.txtAni Sinha1-0/+1
Adding device ID for ERST device in pci-ids.txt. It was missed when ERST related patches were reviewed. CC: Eric DeVolder <eric.devolder@oracle.com> Reviewed-by: Eric DeVolder <eric.devolder@oracle.com> Signed-off-by: Ani Sinha <ani@anisinha.ca> Message-Id: <20220223143322.927136-4-ani@anisinha.ca> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-03-04ACPI ERST: specification for ERST supportEric DeVolder2-0/+201
Information on the implementation of the ACPI ERST support. Signed-off-by: Eric DeVolder <eric.devolder@oracle.com> Acked-by: Ani Sinha <ani@anisinha.ca> Message-Id: <20220223143322.927136-2-ani@anisinha.ca> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-03-04docs: Add spec of OVMF GUIDed table for SEV guestsDov Murik2-0/+126
Add docs/specs/sev-guest-firmware.rst which describes the GUIDed table in the end of OVMF's image which is parsed by QEMU, and currently used to describe some values for SEV and SEV-ES guests. Signed-off-by: Dov Murik <dovmurik@linux.ibm.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20220103091413.2869-1-dovmurik@linux.ibm.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2022-03-03Merge remote-tracking branch ↵Peter Maydell1-0/+16
'remotes/alistair/tags/pull-riscv-to-apply-20220303' into staging Fifth RISC-V PR for QEMU 7.0 * Fixup checks for ext_zb[abcs] * Add AIA support for virt machine * Increase maximum number of CPUs in virt machine * Fixup OpenTitan SPI address * Add support for zfinx, zdinx and zhinx{min} extensions # gpg: Signature made Thu 03 Mar 2022 05:26:55 GMT # gpg: using RSA key F6C4AC46D4934868D3B8CE8F21E10D29DF977054 # gpg: Good signature from "Alistair Francis <alistair@alistair23.me>" [full] # Primary key fingerprint: F6C4 AC46 D493 4868 D3B8 CE8F 21E1 0D29 DF97 7054 * remotes/alistair/tags/pull-riscv-to-apply-20220303: target/riscv: expose zfinx, zdinx, zhinx{min} properties target/riscv: add support for zhinx/zhinxmin target/riscv: add support for zdinx target/riscv: add support for zfinx target/riscv: hardwire mstatus.FS to zero when enable zfinx target/riscv: add cfg properties for zfinx, zdinx and zhinx{min} hw: riscv: opentitan: fixup SPI addresses hw/riscv: virt: Increase maximum number of allowed CPUs docs/system: riscv: Document AIA options for virt machine hw/riscv: virt: Add optional AIA IMSIC support to virt machine hw/intc: Add RISC-V AIA IMSIC device emulation hw/riscv: virt: Add optional AIA APLIC support to virt machine target/riscv: fix inverted checks for ext_zb[abcs] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-03-03Merge remote-tracking branch ↵Peter Maydell1-0/+3
'remotes/pmaydell/tags/pull-target-arm-20220302' into staging target-arm queue: * mps3-an547: Add missing user ahb interfaces * hw/arm/mps2-tz.c: Update AN547 documentation URL * hw/input/tsc210x: Don't abort on bad SPI word widths * hw/i2c: flatten pca954x mux device * target/arm: Support PSCI 1.1 and SMCCC 1.0 * target/arm: Fix early free of TCG temp in handle_simd_shift_fpint_conv() * tests/qtest: add qtests for npcm7xx sdhci * Implement FEAT_LVA * Implement FEAT_LPA * Implement FEAT_LPA2 (but do not enable it yet) * Report KVM's actual PSCI version to guest in dtb * ui/cocoa.m: Fix updateUIInfo threading issues * ui/cocoa.m: Remove unnecessary NSAutoreleasePools # gpg: Signature made Wed 02 Mar 2022 20:52:06 GMT # gpg: using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE # gpg: issuer "peter.maydell@linaro.org" # gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate] # gpg: aka "Peter Maydell <pmaydell@gmail.com>" [ultimate] # gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate] # Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE * remotes/pmaydell/tags/pull-target-arm-20220302: (26 commits) ui/cocoa.m: Remove unnecessary NSAutoreleasePools ui/cocoa.m: Fix updateUIInfo threading issues target/arm: Report KVM's actual PSCI version to guest in dtb target/arm: Implement FEAT_LPA2 target/arm: Advertise all page sizes for -cpu max target/arm: Validate tlbi TG matches translation granule in use target/arm: Fix TLBIRange.base for 16k and 64k pages target/arm: Introduce tlbi_aa64_get_range target/arm: Extend arm_fi_to_lfsc to level -1 target/arm: Implement FEAT_LPA target/arm: Implement FEAT_LVA target/arm: Prepare DBGBVR and DBGWVR for FEAT_LVA target/arm: Honor TCR_ELx.{I}PS target/arm: Use MAKE_64BIT_MASK to compute indexmask target/arm: Pass outputsize down to check_s2_mmu_setup target/arm: Move arm_pamax out of line target/arm: Fault on invalid TCR_ELx.TxSZ target/arm: Set TCR_EL1.TSZ for user-only hw/registerfields: Add FIELD_SEX<N> and FIELD_SDP<N> tests/qtest: add qtests for npcm7xx sdhci ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-03-03docs/system: riscv: Document AIA options for virt machineAnup Patel1-0/+16
We have two new machine options "aia" and "aia-guests" available for the RISC-V virt machine so let's document these options. Signed-off-by: Anup Patel <anup.patel@wdc.com> Signed-off-by: Anup Patel <anup@brainfault.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Frank Chang <frank.chang@sifive.com> Message-Id: <20220220085526.808674-5-anup@brainfault.org> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2022-03-02target/arm: Implement FEAT_LPA2Richard Henderson1-0/+1
This feature widens physical addresses (and intermediate physical addresses for 2-stage translation) from 48 to 52 bits, when using 4k or 16k pages. This introduces the DS bit to TCR_ELx, which is RES0 unless the page size is enabled and supports LPA2, resulting in the effective value of DS for a given table walk. The DS bit changes the format of the page table descriptor slightly, moving the PS field out to TCR so that all pages have the same sharability and repurposing those bits of the page table descriptor for the highest bits of the output address. Do not yet enable FEAT_LPA2; we need extra plumbing to avoid tickling an old kernel bug. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20220301215958.157011-17-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-03-02target/arm: Implement FEAT_LPARichard Henderson1-0/+1
This feature widens physical addresses (and intermediate physical addresses for 2-stage translation) from 48 to 52 bits, when using 64k pages. The only thing left at this point is to handle the extra bits in the TTBR and in the table descriptors. Note that PAR_EL1 and HPFAR_EL2 are nominally extended, but we don't mask out the high bits when writing to those registers, so no changes are required there. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20220301215958.157011-11-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-03-02target/arm: Implement FEAT_LVARichard Henderson1-0/+1
This feature is relatively small, as it applies only to 64k pages and thus requires no additional changes to the table descriptor walking algorithm, only a change to the minimum TSZ (which is the inverse of the maximum virtual address space size). Note that this feature widens VBAR_ELx, but we already treat the register as being 64 bits wide. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20220301215958.157011-10-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-03-02migration: Remove load_state_old and minimum_version_id_oldPeter Maydell1-9/+3
There are no longer any VMStateDescription structs in the tree which use the load_state_old support for custom handling of incoming migration from very old QEMU. Remove the mechanism entirely. This includes removing one stray useless setting of minimum_version_id_old in a VMStateDescription with no load_state_old function, which crept in after the global weeding-out of them in commit 17e313406126. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-Id: <20220215175705.3846411-1-peter.maydell@linaro.org> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Francisco Iglesias <francisco.iglesias@xilinx.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2022-03-02Merge remote-tracking branch ↵Peter Maydell1-0/+7
'remotes/stsquad/tags/pull-testing-and-semihosting-280222-1' into staging Testing and semihosting updates: - restore TESTS/IMAGES filtering to docker tests - add NOUSER to alpine image - bump lcitool version - move arm64/s390x cross build images to lcitool - add aarch32 runner CI scripts - expand testing to more vectors - update s390x jobs to focal for gitlab/travis - disable threadcount for all sh4 - fix semihosting SYS_HEAPINFO and test # gpg: Signature made Mon 28 Feb 2022 18:46:41 GMT # gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44 # gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [full] # Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44 * remotes/stsquad/tags/pull-testing-and-semihosting-280222-1: tests/tcg: port SYS_HEAPINFO to a system test semihosting/arm-compat: replace heuristic for softmmu SYS_HEAPINFO tests/tcg: completely disable threadcount for sh4 gitlab: upgrade the job definition for s390x to 20.04 travis.yml: Update the s390x jobs to Ubuntu Focal tests/tcg: add vectorised sha512 versions tests/tcg: add sha512 test tests/tcg: build sha1-vector with O3 and compare tests/tcg/ppc64: clean-up handling of byte-reverse gitlab: add a new aarch32 custom runner definition scripts/ci: allow for a secondary runner scripts/ci: add build env rules for aarch32 on aarch64 tests/docker: introduce debian-riscv64-test-cross tests/docker: update debian-s390x-cross with lcitool tests/docker: update debian-arm64-cross with lcitool tests/lcitool: update to latest version tests/docker: add NOUSER for alpine image tests/docker: restore TESTS/IMAGES filtering Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-02-28Merge remote-tracking branch 'remotes/legoater/tags/pull-aspeed-20220227' ↵Peter Maydell3-8/+5
into staging aspeed queue: * Removal of the swift-bmc machine * New Secure Boot Controller model * Improvements on the rainier machine * Various small cleanups # gpg: Signature made Sun 27 Feb 2022 08:45:45 GMT # gpg: using RSA key A0F66548F04895EBFE6B0B6051A343C7CFFBECA1 # gpg: Good signature from "Cédric Le Goater <clg@kaod.org>" [undefined] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: A0F6 6548 F048 95EB FE6B 0B60 51A3 43C7 CFFB ECA1 * remotes/legoater/tags/pull-aspeed-20220227: aspeed/sdmc: Add trace events aspeed/smc: Add an address mask on segment registers aspeed: Introduce a create_pca9552() helper aspeed: rainier: Add strap values taken from hardware aspeed: rainier: Add i2c LED devices ast2600: Add Secure Boot Controller model arm: Remove swift-bmc machine Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-02-28gitlab: add a new aarch32 custom runner definitionAlex Bennée1-0/+7
Although running on aarch64 hardware we can still target 32bit builds with a cross compiler and run the resulting binaries. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-Id: <20220225172021.3493923-10-alex.bennee@linaro.org>
2022-02-26arm: Remove swift-bmc machineJoel Stanley3-8/+5
It was scheduled for removal in 7.0. Signed-off-by: Joel Stanley <joel@jms.id.au> Reviewed-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-02-23Merge remote-tracking branch ↵Peter Maydell2-12/+72
'remotes/berrange-gitlab/tags/misc-next-pull-request' into staging This misc series of changes: - Improves documentation of SSH fingerprint checking - Fixes SHA256 fingerprints with non-blockdev usage - Blocks the clone3, setns, unshare & execveat syscalls with seccomp - Blocks process spawning via clone syscall, but allows threads, with seccomp - Takes over seccomp maintainer role - Expands firmware descriptor spec to allow flash without NVRAM # gpg: Signature made Thu 17 Feb 2022 11:57:13 GMT # gpg: using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF # gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full] # gpg: aka "Daniel P. Berrange <berrange@redhat.com>" [full] # Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF * remotes/berrange-gitlab/tags/misc-next-pull-request: docs: expand firmware descriptor to allow flash without NVRAM MAINTAINERS: take over seccomp from Eduardo Otubo seccomp: block setns, unshare and execveat syscalls seccomp: block use of clone3 syscall seccomp: fix blocking of process spawning seccomp: add unit test for seccomp filtering seccomp: allow action to be customized per syscall block: print the server key type and fingerprint on failure block: support sha256 fingerprint with pre-blockdev options block: better document SSH host key fingerprint checking Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-02-21Merge remote-tracking branch 'remotes/bonzini-gitlab/tags/for-upstream' into ↵Peter Maydell2-3/+1
staging * More Meson conversions (0.59.x now required rather than suggested) * UMIP support for TCG x86 * Fix migration crash * Restore error output for check-block # gpg: Signature made Mon 21 Feb 2022 09:35:59 GMT # gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83 # gpg: issuer "pbonzini@redhat.com" # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full] # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full] # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini-gitlab/tags/for-upstream: (29 commits) configure, meson: move CONFIG_IASL to a Meson option meson, configure: move ntddscsi API check to meson meson: require dynamic linking for VSS support qga/vss-win32: require widl/midl, remove pre-built TLB file meson: do not make qga/vss-win32/meson.build conditional on C++ presence configure, meson: replace VSS SDK checks and options with --enable-vss-sdk qga/vss: use standard windows headers location qga/vss-win32: use widl if available meson: drop --with-win-sdk qga/vss-win32: fix midl arguments meson: refine check for whether to look for virglrenderer configure, meson: move guest-agent, tools to meson configure, meson: move smbd options to meson_options.txt configure, meson: move coroutine options to meson_options.txt configure, meson: move some default-disabled options to meson_options.txt meson: define qemu_cflags/qemu_ldflags configure, meson: move block layer options to meson_options.txt configure, meson: move image format options to meson_options.txt configure, meson: cleanup qemu-ga libraries configure, meson: move TPM check to meson ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-02-21hw/arm: add initial mori-bmc boardPatrick Venture1-0/+1
This is the BMC attached to the OpenBMC Mori board. Signed-off-by: Patrick Venture <venture@google.com> Reviewed-by: Chris Rauer <crauer@google.com> Reviewed-by: Ilkyun Choi <ikchoi@google.com> Message-id: 20220208233104.284425-1-venture@google.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-02-21Kconfig: Add I2C_DEVICES device groupPeter Maydell1-2/+6
Currently there is no way for a board model's Kconfig stanza to say "I have an i2c bus which the user can plug an i2c device into, build all the free-standing i2c devices". The Kconfig mechanism for this is the "device group". Add an I2C_DEVICES group along the same lines as the existing PCI_DEVICES. Simple free-standing i2c devices which a user might plausibly want to be able to plug in on the QEMU commandline should have default y if I2C_DEVICES and board models which have an i2c bus that is user-accessible should use imply I2C_DEVICES to cause those pluggable devices to be built. In this commit we mark only a fairly conservative set of i2c devices as belonging to the I2C_DEVICES group: the simple sensors and RTCs (not including PMBus devices or devices which need GPIO lines to be connected). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Acked-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Hao Wu <wuhaotsh@google.com> Message-id: 20220208155911.3408455-2-peter.maydell@linaro.org
2022-02-21configure, meson: move guest-agent, tools to mesonPaolo Bonzini1-2/+0
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-02-21configure, meson: move TPM check to mesonPaolo Bonzini1-1/+1
The check is simply for a POSIX system. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-02-17virtiofsd: Add an option to enable/disable security labelVivek Goyal1-0/+32
Provide an option "-o security_label/no_security_label" to enable/disable security label functionality. By default these are turned off. If enabled, server will indicate to client that it is capable of handling one security label during file creation. Typically this is expected to be a SELinux label. File server will set this label on the file. It will try to set it atomically wherever possible. But its not possible in all the cases. Signed-off-by: Vivek Goyal <vgoyal@redhat.com> Message-Id: <20220208204813.682906-11-vgoyal@redhat.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2022-02-16docs: expand firmware descriptor to allow flash without NVRAMDaniel P. Berrangé1-8/+46
The current firmware descriptor schema for flash requires that both the executable to NVRAM template paths be provided. This is fine for the most common usage of EDK2 builds in virtualization where the separate _CODE and _VARS files are provided. With confidential computing technology like AMD SEV, persistent storage of variables may be completely disabled because the firmware requires a known clean state on every cold boot. There is no way to express this in the firmware descriptor today. Even with regular EDK2 builds it is possible to create a firmware that has both executable code and variable persistence in a single file. This hasn't been commonly used, since it would mean every guest bootup would need to clone the full firmware file, leading to redundant duplicate storage of the code portion. In some scenarios this may not matter and might even be beneficial. For example if a public cloud allows users to bring their own firmware, such that the user can pre-enroll their own secure boot keys, you're going to have this copied on disk for each tenant already. At this point the it can be simpler to just deal with a single file rather than split builds. The firmware descriptor ought to be able to express this combined firmware model too. This all points towards expanding the schema for flash with a 'mode' concept: - "split" - the current implicit behaviour with separate files for code and variables. - "combined" - the alternate behaviour where a single file contains both code and variables. - "stateless" - the confidential computing use case where storage of variables is completely disable, leaving only the code. Reviewed-by: Kashyap Chamarthy <kchamart@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2022-02-16block: better document SSH host key fingerprint checkingDaniel P. Berrangé1-4/+26
The docs still illustrate host key fingerprint checking using the old md5 hashes which are considered insecure and obsolete. Change it to illustrate using a sha256 hash. Also show how to extract the hash value from the known_hosts file. Reviewed-by: Hanna Reitz <hreitz@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2022-02-16docs/system: riscv: Update description of CPUYu Li1-3/+3
Since the hypervisor extension been non experimental and enabled for default CPU, the previous command is no longer available and the option `x-h=true` or `h=true` is also no longer required. Signed-off-by: Yu Li <liyu.yukiteru@bytedance.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <9040401e-8f87-ef4a-d840-6703f08d068c@bytedance.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2022-02-14Deprecate C virtiofsdDr. David Alan Gilbert1-0/+17
There's a nice new Rust implementation out there; recommend people do new work on that. Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-id: 20220210174714.19843-1-dgilbert@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2022-02-13Merge remote-tracking branch 'remotes/legoater/tags/pull-ppc-20220210' into ↵Peter Maydell5-55/+66
staging ppc-7.0 queue * Exception model rework (Fabiano) * Unused CPU models removal (Fabiano and Cédric) * Fix for VOF installation (Alexey) * Misc fixes # gpg: Signature made Thu 10 Feb 2022 12:59:07 GMT # gpg: using RSA key A0F66548F04895EBFE6B0B6051A343C7CFFBECA1 # gpg: Good signature from "Cédric Le Goater <clg@kaod.org>" [undefined] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: A0F6 6548 F048 95EB FE6B 0B60 51A3 43C7 CFFB ECA1 * remotes/legoater/tags/pull-ppc-20220210: (42 commits) spapr/vof: Install rom and nvram binaries docs: rstfy confidential guest documentation target/ppc: Change VSX instructions behavior to fill with zeros target/ppc: books: Remove excp_model argument from ppc_excp_apply_ail target/ppc: Assert if MSR bits differ from msr_mask during exceptions target/ppc: powerpc_excp: Move common code to the caller function target/ppc: Remove powerpc_excp_legacy target/ppc: 7xx: Set SRRs directly in exception code target/ppc: 7xx: Software TLB cleanup target/ppc: 7xx: System Reset cleanup target/ppc: 7xx: System Call exception cleanup target/ppc: 7xx: Program exception cleanup target/ppc: 7xx: External interrupt cleanup target/ppc: 7xx: Machine Check exception cleanup target/ppc: Simplify powerpc_excp_7xx target/ppc: Introduce powerpc_excp_7xx target/ppc: Merge 7x5 and 7x0 exception model IDs target/ppc: 6xx: Set SRRs directly in exception code target/ppc: 6xx: Software TLB exceptions cleanup target/ppc: 6xx: System Reset interrupt cleanup ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-02-09linux-user: Remove the deprecated ppc64abi32 targetThomas Huth3-8/+8
It's likely broken, and nobody cared for picking it up again during the deprecation phase, so let's remove this now. Since this is the last entry in deprecated_targets_list, remove the related code in the configure script, too. Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Acked-by: Cédric Le Goater <clg@kaod.org> Acked-by: Alex Bennée <alex.bennee@linaro.org> Message-Id: <20211215084958.185214-1-thuth@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-Id: <20220112112722.3641051-32-alex.bennee@linaro.org>
2022-02-09docs: remove references to TCG tracingAlex Bennée2-85/+13
Users wanting this sort of functionality should turn to TCG plugins instead. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Cc: Luis Vilanova <vilanova@imperial.ac.uk> Cc: Stefan Hajnoczi <stefanha@redhat.com> Message-Id: <20220204204335.1689602-18-alex.bennee@linaro.org>
2022-02-09docs/devel: mention our .editorconfigAlex Bennée1-0/+4
Ideally we should keep all our automatic formatting gubins in here. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20220204204335.1689602-13-alex.bennee@linaro.org>
2022-02-09docs: rstfy confidential guest documentationCornelia Huck5-55/+66
Also rstfy the documentation for AMD SEV, and link it. The documentation for PEF had been merged into the pseries doc, fix the reference. Signed-off-by: Cornelia Huck <cohuck@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Message-Id: <20220204161251.241877-1-cohuck@redhat.com> Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-02-01qemu-img: Unify [-b [-F]] documentationHanna Reitz1-1/+1
qemu-img convert documents the backing file and backing format options as follows: [-B backing_file [-F backing_fmt]] whereas qemu-img create has this: [-b backing_file] [-F backing_fmt] That is, for convert, we document that -F cannot be given without -B, while for create, way say that they are independent. Indeed, it is technically possible to give -F without -b, because it is left to the block driver to decide whether this is an error or not, so sometimes it is: $ qemu-img create -f qed -F qed test.qed 64M Formatting 'test.qed', fmt=qed size=67108864 backing_fmt=qed [...] And sometimes it is not: $ qemu-img create -f qcow2 -F qcow2 test.qcow2 64M Formatting 'test.qcow2', fmt=qcow2 cluster_size=65536 [...] qemu-img: test.qcow2: Backing format cannot be used without backing file Generally, it does not make much sense, though, and users should only give -F with -b, so document it that way, as we have already done for qemu-img convert (commit 1899bf47375ad40555dcdff12ba49b4b8b82df38). Reported-by: Tingting Mao <timao@redhat.com> Signed-off-by: Hanna Reitz <hreitz@redhat.com> Message-Id: <20220131135908.32393-1-hreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2022-02-01qsd: Document fuse's allow-other optionHanna Reitz1-2/+7
We did not add documentation to the storage daemon's man page for fuse's allow-other option when it was introduced, so do that now. Fixes: 8fc54f9428b9763f800 ("export/fuse: Add allow-other option") Signed-off-by: Hanna Reitz <hreitz@redhat.com> Message-Id: <20220131103124.20325-1-hreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2022-01-28Merge remote-tracking branch ↵Peter Maydell1-1/+1
'remotes/pmaydell/tags/pull-target-arm-20220128' into staging target-arm queue: * Update copyright dates to 2022 * hw/armv7m: Fix broken VMStateDescription * hw/char/exynos4210_uart: Fix crash on trying to load VM state * rtc: Move RTC function prototypes to their own header * xlnx-versal-virt: Support PMC SLCR * xlnx-versal-virt: Support OSPI flash memory controller * scripts: Explain the difference between linux-headers and standard-headers * target/arm: Log CPU index in 'Taking exception' log * arm_gicv3_its: Various bugfixes and cleanups * arm_gicv3_its: Implement the missing MOVI and MOVALL commands * ast2600: Fix address mapping of second SPI controller * target/arm: Use correct entrypoint for SVC taken from Hyp to Hyp # gpg: Signature made Fri 28 Jan 2022 15:29:36 GMT # gpg: using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE # gpg: issuer "peter.maydell@linaro.org" # gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate] # gpg: aka "Peter Maydell <pmaydell@gmail.com>" [ultimate] # gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate] # Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE * remotes/pmaydell/tags/pull-target-arm-20220128: (32 commits) target/arm: Use correct entrypoint for SVC taken from Hyp to Hyp hw/arm: ast2600: Fix address mapping of second SPI controller hw/intc/arm_gicv3_its: Implement MOVI hw/intc/arm_gicv3_its: Implement MOVALL hw/intc/arm_gicv3_its: Check table bounds against correct limit hw/intc/arm_gicv3_its: Make GITS_BASER<n> RAZ/WI for unimplemented registers hw/intc/arm_gicv3_its: Provide read accessor for translation_ops hw/intc/arm_gicv3: Set GICR_CTLR.CES if LPIs are supported hw/intc/arm_gicv3_redist: Remove unnecessary zero checks hw/intc/arm_gicv3_its: Sort ITS command list into numeric order hw/intc/arm_gicv3: Honour GICD_CTLR.EnableGrp1NS for LPIs hw/intc/arm_gicv3_its: Don't clear GITS_CWRITER on writes to GITS_CBASER hw/intc/arm_gicv3_its: Don't clear GITS_CREADR when GITS_CTLR.ENABLED is set hw/intc/arm_gicv3: Initialise dma_as in GIC, not ITS hw/intc/arm_gicv3_its: Add tracepoints target/arm: Log CPU index in 'Taking exception' log scripts: Explain the difference between linux-headers and standard-headers MAINTAINERS: Remove myself (for raspi). MAINTAINERS: Add an entry for Xilinx Versal OSPI hw/arm/xlnx-versal-virt: Connect mt35xu01g flashes to the OSPI ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-01-28Update copyright dates to 2022Peter Maydell1-1/+1
It's a new year; update the copyright strings for our help/version/about information and for our documentation. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 20220120124713.288303-1-peter.maydell@linaro.org
2022-01-28Merge remote-tracking branch 'remotes/bonzini-gitlab/tags/for-upstream' into ↵Peter Maydell2-1/+14
staging * configure and meson fixes * "meson test" switch for iotests * deprecation of old SGX QAPI * unexport InterruptStatsProviderClass-related functions # gpg: Signature made Fri 28 Jan 2022 10:13:36 GMT # gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83 # gpg: issuer "pbonzini@redhat.com" # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full] # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full] # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini-gitlab/tags/for-upstream: configure: fix parameter expansion of --cross-cc-cflags options qapi: Cleanup SGX related comments and restore @section-size check-block: replace -makecheck with TAP output qemu-iotests: require at least an argument to check-block.sh build: make check-block a meson test scripts/mtest2make: add support for SPEED=thorough check-block.sh: passthrough -jN flag of make to -j N flag of check meson: Use find_program() to resolve the entitlement.sh script exec/cpu: Make host pages variables / macros 'target agnostic' meson.build: Use a function from libfdt 1.5.1 for the library check intc: Unexport InterruptStatsProviderClass-related functions docker: add msitools to Fedora/mingw cross build-sys: fix undefined ARCH error build-sys: fix a meson deprecation warning Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-01-28configure: fix parameter expansion of --cross-cc-cflags optionsMatheus Ferst1-1/+1
Without this fix, any use of --cross-cc-cflags-* causes a message like: $ ../configure --cross-cc-ppc64le=clang --cross-cc-cflags-ppc64le="-target powerpc64le-unknown-linux-gnu -sysroot ..." ../configure: 1: eval: cross_cc_cflags_--cross-cc-cflags-ppc64le=-target: not found ../configure: 3816: export: cross_cc_cflags_--cross-cc-cflags-ppc64le: bad variable name Signed-off-by: Matheus Ferst <matheus.ferst@eldorado.org.br> Message-Id: <20220120173142.2755077-1-matheus.ferst@eldorado.org.br> [Fix other occurrences too, noted by Philippe Mathieu-Daudé. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-01-28qapi: Cleanup SGX related comments and restore @section-sizeYang Zhong1-0/+13
The SGX NUMA patches were merged into Qemu 7.0 release, we need clarify detailed version history information and also change some related comments, which make SGX related comments clearer. The QMP command schema promises backwards compatibility as standard. We temporarily restore "@section-size", which can avoid incompatible API breakage. The "@section-size" will be deprecated in 7.2 version. Suggested-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Yang Zhong <yang.zhong@intel.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20220120223104.437161-1-yang.zhong@intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-01-27docs/qapi-code-gen: update to cover trace events code generationVladimir Sementsov-Ogievskiy2-0/+25
Previous commits enabled trace events generation for most of QAPI generated code (except for tests/ and qga/). Let's update documentation to illustrate it. Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Message-Id: <20220126161130.3240892-6-vsementsov@virtuozzo.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
2022-01-27qapi/commands: refactor error handling codeVladimir Sementsov-Ogievskiy1-1/+1
Move error_propagate() to if (err) and make "if (err)" block mandatory. This is to simplify further commit, which will bring trace events generation for QMP commands. Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Message-Id: <20220126161130.3240892-3-vsementsov@virtuozzo.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
2022-01-20docs/can: convert to restructuredTextLucas Ramage2-51/+42
Buglink: https://gitlab.com/qemu-project/qemu/-/issues/527 Signed-off-by: Lucas Ramage <lucas.ramage@infinite-omicron.com> Message-id: 20220105205628.5491-1-oxr463@gmx.us Reviewed-by: Peter Maydell <peter.maydell@linaro.org> [PMM: Move to docs/system/devices/ rather than top-level; fix a pre-existing typo in passing] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-01-20hw/arm/virt: KVM: Enable PAuth when supported by the hostMarc Zyngier1-4/+0
Add basic support for Pointer Authentication when running a KVM guest and that the host supports it, loosely based on the SVE support. Although the feature is enabled by default when the host advertises it, it is possible to disable it by setting the 'pauth=off' CPU property. The 'pauth' comment is removed from cpu-features.rst, as it is now common to both TCG and KVM. Tested on an Apple M1 running 5.16-rc6. Cc: Eric Auger <eric.auger@redhat.com> Cc: Richard Henderson <richard.henderson@linaro.org> Cc: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Andrew Jones <drjones@redhat.com> Signed-off-by: Marc Zyngier <maz@kernel.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20220107150154.2490308-1-maz@kernel.org [PMM: fixed indentation] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>