Revision tags: v9.1.0 |
|
#
c8a76dbd |
| 06-Aug-2024 |
Eric Blake <eblake@redhat.com> |
nbd/server: CVE-2024-7409: Cap default max-connections to 100
Allowing an unlimited number of clients to any web service is a recipe for a rudimentary denial of service attack: the client merely nee
nbd/server: CVE-2024-7409: Cap default max-connections to 100
Allowing an unlimited number of clients to any web service is a recipe for a rudimentary denial of service attack: the client merely needs to open lots of sockets without closing them, until qemu no longer has any more fds available to allocate.
For qemu-nbd, we default to allowing only 1 connection unless more are explicitly asked for (-e or --shared); this was historically picked as a nice default (without an explicit -t, a non-persistent qemu-nbd goes away after a client disconnects, without needing any additional follow-up commands), and we are not going to change that interface now (besides, someday we want to point people towards qemu-storage-daemon instead of qemu-nbd).
But for qemu proper, and the newer qemu-storage-daemon, the QMP nbd-server-start command has historically had a default of unlimited number of connections, in part because unlike qemu-nbd it is inherently persistent until nbd-server-stop. Allowing multiple client sockets is particularly useful for clients that can take advantage of MULTI_CONN (creating parallel sockets to increase throughput), although known clients that do so (such as libnbd's nbdcopy) typically use only 8 or 16 connections (the benefits of scaling diminish once more sockets are competing for kernel attention). Picking a number large enough for typical use cases, but not unlimited, makes it slightly harder for a malicious client to perform a denial of service merely by opening lots of connections withot progressing through the handshake.
This change does not eliminate CVE-2024-7409 on its own, but reduces the chance for fd exhaustion or unlimited memory usage as an attack surface. On the other hand, by itself, it makes it more obvious that with a finite limit, we have the problem of an unauthenticated client holding 100 fds opened as a way to block out a legitimate client from being able to connect; thus, later patches will further add timeouts to reject clients that are not making progress.
This is an INTENTIONAL change in behavior, and will break any client of nbd-server-start that was not passing an explicit max-connections parameter, yet expects more than 100 simultaneous connections. We are not aware of any such client (as stated above, most clients aware of MULTI_CONN get by just fine on 8 or 16 connections, and probably cope with later connections failing by relying on the earlier connections; libvirt has not yet been passing max-connections, but generally creates NBD servers with the intent for a single client for the sake of live storage migration; meanwhile, the KubeSAN project anticipates a large cluster sharing multiple clients [up to 8 per node, and up to 100 nodes in a cluster], but it currently uses qemu-nbd with an explicit --shared=0 rather than qemu-storage-daemon with nbd-server-start).
We considered using a deprecation period (declare that omitting max-parameters is deprecated, and make it mandatory in 3 releases - then we don't need to pick an arbitrary default); that has zero risk of breaking any apps that accidentally depended on more than 100 connections, and where such breakage might not be noticed under unit testing but only under the larger loads of production usage. But it does not close the denial-of-service hole until far into the future, and requires all apps to change to add the parameter even if 100 was good enough. It also has a drawback that any app (like libvirt) that is accidentally relying on an unlimited default should seriously consider their own CVE now, at which point they are going to change to pass explicit max-connections sooner than waiting for 3 qemu releases. Finally, if our changed default breaks an app, that app can always pass in an explicit max-parameters with a larger value.
It is also intentional that the HMP interface to nbd-server-start is not changed to expose max-connections (any client needing to fine-tune things should be using QMP).
Suggested-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com> Message-ID: <20240807174943.771624-12-eblake@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> [ericb: Expand commit message to summarize Dan's argument for why we break corner-case back-compat behavior without a deprecation period] Signed-off-by: Eric Blake <eblake@redhat.com>
show more ...
|
#
01bed0ff |
| 29-Jul-2024 |
Markus Armbruster <armbru@redhat.com> |
qapi: Refill doc comments to conform to conventions
Sweep the entire documentation again. Last done in commit 209e64d9edf (qapi: Refill doc comments to conform to current conventions).
To check th
qapi: Refill doc comments to conform to conventions
Sweep the entire documentation again. Last done in commit 209e64d9edf (qapi: Refill doc comments to conform to current conventions).
To check the generated documentation does not change, I compared the generated HTML before and after this commit with "wdiff -3". Finds no differences. Comparing with diff is not useful, as the reflown paragraphs are visible there.
Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-ID: <20240729065220.860163-1-armbru@redhat.com> [Straightforward conflict with commit 442110bc6f3 resolved]
show more ...
|
#
2746f060 |
| 27-Feb-2024 |
Markus Armbruster <armbru@redhat.com> |
qapi: Move error documentation to new "Errors" sections
Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-ID: <20240227113921.236097-5-armbru@redhat.com>
|
#
89a2273b |
| 05-Feb-2024 |
Markus Armbruster <armbru@redhat.com> |
qapi: Add missing union tag documentation
Low-hanging fruit, and except for StatsFilter, the only members of these unions lacking documentation.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
qapi: Add missing union tag documentation
Low-hanging fruit, and except for StatsFilter, the only members of these unions lacking documentation.
Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-ID: <20240205074709.3613229-16-armbru@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
show more ...
|
#
e3240ac5 |
| 29-Jan-2024 |
Markus Armbruster <armbru@redhat.com> |
qapi: Elide "Potential additional modes" from generated docs
Documentation of BlockExportRemoveMode has
Potential additional modes to be added in the future:
hide: Just hide export from ne
qapi: Elide "Potential additional modes" from generated docs
Documentation of BlockExportRemoveMode has
Potential additional modes to be added in the future:
hide: Just hide export from new clients, leave existing connections as is. Remove export after all clients are disconnected.
soft: Hide export from new clients, answer with ESHUTDOWN for all further requests from existing clients.
I think this is useful only for developers. Elide it from generated documentation by turning it into a TODO section.
This effectively reverts my own commit b71fd73cc45 (Revert "qapi: BlockExportRemoveMode: move comments to TODO"). At the time, I was about to elide TODO sections from the generated manual, I wasn't sure about this one, and decided to avoid change. And now I've made up my mind.
Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-ID: <20240129115008.674248-4-armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
show more ...
|
#
a937b6aa |
| 28-Apr-2023 |
Markus Armbruster <armbru@redhat.com> |
qapi: Reformat doc comments to conform to current conventions
Change
# @name: Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed # do eiusmod tempor incididunt ut labore et
qapi: Reformat doc comments to conform to current conventions
Change
# @name: Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed # do eiusmod tempor incididunt ut labore et dolore magna aliqua.
to
# @name: Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed # do eiusmod tempor incididunt ut labore et dolore magna aliqua.
See recent commit "qapi: Relax doc string @name: description indentation rules" for rationale.
Reflow paragraphs to 70 columns width, and consistently use two spaces to separate sentences.
To check the generated documentation does not change, I compared the generated HTML before and after this commit with "wdiff -3". Finds no differences. Comparing with diff is not useful, as the reflown paragraphs are visible there.
Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20230428105429.1687850-18-armbru@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Acked-by: Lukas Straub <lukasstraub2@web.de> [Straightforward conflicts in qapi/audio.json qapi/misc-target.json qapi/run-state.json resolved]
show more ...
|
#
b71fd73c |
| 28-Apr-2023 |
Markus Armbruster <armbru@redhat.com> |
Revert "qapi: BlockExportRemoveMode: move comments to TODO"
This reverts commit 97cd74f77231f3897838f8db32b659d94803e01f.
The next commit will hide TODO: sections. See there for rationale.
Signed
Revert "qapi: BlockExportRemoveMode: move comments to TODO"
This reverts commit 97cd74f77231f3897838f8db32b659d94803e01f.
The next commit will hide TODO: sections. See there for rationale.
Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20230428105429.1687850-6-armbru@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com>
show more ...
|
#
c1101028 |
| 25-Apr-2023 |
Markus Armbruster <armbru@redhat.com> |
qapi: Fix bullet list markup in documentation
Peter Maydell's commit 100cc4fe0f08 explains:
rST insists on a blank line before and after a bulleted list [...] Add some extra blank lines in
qapi: Fix bullet list markup in documentation
Peter Maydell's commit 100cc4fe0f08 explains:
rST insists on a blank line before and after a bulleted list [...] Add some extra blank lines in the doc comments so they're acceptable rST input.
It missed one in qapi/trace.json.
Paolo Bonzini later added another instance in qapi/stats.json, providing further, if unintended, evidence for his quip that rST is the Perl of ASCII-based markups.
Both are parsed as ordinary paragraph, resulting in garbled output.
John Snow missed the need for a blank line when converting docs/devel/qapi-code-gen.txt to rST.
Add the blank lines we need to get the bullet lists recognized as such.
Kevin Wolf and Lukas Straub added two more, but indented. Sphinx recognizes them as (indented) bullet lists. The indentation looks slightly off.
Insert a blank line and delete the extra indentation.
Fixes: 100cc4fe0f0827f8da1a5c05f9c65e2aaa40e03d (qapi: Add blank lines before bulleted lists) Fixes: 467ef823d83e (qmp: add filtering of statistics by target vCPU) Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20230425064223.820979-10-armbru@redhat.com> [Fix of docs/devel/qapi-code-gen.rst squashed, commit message adjusted]
show more ...
|
Revision tags: v8.0.0, v7.2.0 |
|
#
779d82e1 |
| 14-Jun-2022 |
Xie Yongji <xieyongji@bytedance.com> |
vduse-blk: Add name option
Currently we use 'id' option as the name of VDUSE device. It's a bit confusing since we use one value for two different purposes: the ID to identfy the export within QEMU
vduse-blk: Add name option
Currently we use 'id' option as the name of VDUSE device. It's a bit confusing since we use one value for two different purposes: the ID to identfy the export within QEMU (must be distinct from any other exports in the same QEMU process, but can overlap with names used by other processes), and the VDUSE name to uniquely identify it on the host (must be distinct from other VDUSE devices on the same host, but can overlap with other export types like NBD in the same process). To make it clear, this patch adds a separate 'name' option to specify the VDUSE name for the vduse-blk export instead.
Signed-off-by: Xie Yongji <xieyongji@bytedance.com> Message-Id: <20220614051532.92-7-xieyongji@bytedance.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
show more ...
|
#
0862a087 |
| 14-Jun-2022 |
Xie Yongji <xieyongji@bytedance.com> |
vduse-blk: Add serial option
Add a 'serial' option to allow user to specify this value explicitly. And the default value is changed to an empty string as what we did in "hw/block/virtio-blk.c".
Sig
vduse-blk: Add serial option
Add a 'serial' option to allow user to specify this value explicitly. And the default value is changed to an empty string as what we did in "hw/block/virtio-blk.c".
Signed-off-by: Xie Yongji <xieyongji@bytedance.com> Message-Id: <20220614051532.92-6-xieyongji@bytedance.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
show more ...
|
#
2a2359b8 |
| 23-May-2022 |
Xie Yongji <xieyongji@bytedance.com> |
vduse-blk: Implement vduse-blk export
This implements a VDUSE block backends based on the libvduse library. We can use it to export the BDSs for both VM and container (host) usage.
The new command-
vduse-blk: Implement vduse-blk export
This implements a VDUSE block backends based on the libvduse library. We can use it to export the BDSs for both VM and container (host) usage.
The new command-line syntax is:
$ qemu-storage-daemon \ --blockdev file,node-name=drive0,filename=test.img \ --export vduse-blk,node-name=drive0,id=vduse-export0,writable=on
After the qemu-storage-daemon started, we need to use the "vdpa" command to attach the device to vDPA bus:
$ vdpa dev add name vduse-export0 mgmtdev vduse
Also the device must be removed via the "vdpa" command before we stop the qemu-storage-daemon.
Signed-off-by: Xie Yongji <xieyongji@bytedance.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Message-Id: <20220523084611.91-7-xieyongji@bytedance.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
show more ...
|
Revision tags: v7.0.0, v6.2.0, v6.1.0, v5.2.0 |
|
#
f55ba801 |
| 03-Nov-2020 |
Paolo Bonzini <pbonzini@redhat.com> |
block: add more commands to preconfig mode
Of the block device commands, those that are available outside system emulators do not require a fully constructed machine by definition. Allow running the
block: add more commands to preconfig mode
Of the block device commands, those that are available outside system emulators do not require a fully constructed machine by definition. Allow running them before machine initialization has concluded.
Of the ones that are available inside system emulation, allow querying the PR managers, and setting up accounting and throttling.
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
show more ...
|
#
23e46452 |
| 03-May-2022 |
Andrea Bolognani <abologna@redhat.com> |
qapi: Drop unnecessary whitespace in comments
The only instances that get changed are those in which the additional whitespace was not (or couldn't possibly be) used for alignment purposes.
Signed-
qapi: Drop unnecessary whitespace in comments
The only instances that get changed are those in which the additional whitespace was not (or couldn't possibly be) used for alignment purposes.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Message-Id: <20220503073737.84223-7-abologna@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
show more ...
|
#
58a6fdcc |
| 11-May-2022 |
Eric Blake <eblake@redhat.com> |
nbd/server: Allow MULTI_CONN for shared writable exports
According to the NBD spec, a server that advertises NBD_FLAG_CAN_MULTI_CONN promises that multiple client connections will not see any cache
nbd/server: Allow MULTI_CONN for shared writable exports
According to the NBD spec, a server that advertises NBD_FLAG_CAN_MULTI_CONN promises that multiple client connections will not see any cache inconsistencies: when properly separated by a single flush, actions performed by one client will be visible to another client, regardless of which client did the flush.
We always satisfy these conditions in qemu - even when we support multiple clients, ALL clients go through a single point of reference into the block layer, with no local caching. The effect of one client is instantly visible to the next client. Even if our backend were a network device, we argue that any multi-path caching effects that would cause inconsistencies in back-to-back actions not seeing the effect of previous actions would be a bug in that backend, and not the fault of caching in qemu. As such, it is safe to unconditionally advertise CAN_MULTI_CONN for any qemu NBD server situation that supports parallel clients.
Note, however, that we don't want to advertise CAN_MULTI_CONN when we know that a second client cannot connect (for historical reasons, qemu-nbd defaults to a single connection while nbd-server-add and QMP commands default to unlimited connections; but we already have existing means to let either style of NBD server creation alter those defaults). This is visible by no longer advertising MULTI_CONN for 'qemu-nbd -r' without -e, as in the iotest nbd-qemu-allocation.
The harder part of this patch is setting up an iotest to demonstrate behavior of multiple NBD clients to a single server. It might be possible with parallel qemu-io processes, but I found it easier to do in python with the help of libnbd, and help from Nir and Vladimir in writing the test.
Signed-off-by: Eric Blake <eblake@redhat.com> Suggested-by: Nir Soffer <nsoffer@redhat.com> Suggested-by: Vladimir Sementsov-Ogievskiy <v.sementsov-og@mail.ru> Message-Id: <20220512004924.417153-3-eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
show more ...
|
#
e5fb29d5 |
| 14-Mar-2022 |
Vladimir Sementsov-Ogievskiy <vsementsov@openvz.org> |
qapi: nbd-export: allow select bitmaps by node/name pair
Hi all! Current logic of relying on search through backing chain is not safe neither convenient.
Sometimes it leads to necessity of extra bi
qapi: nbd-export: allow select bitmaps by node/name pair
Hi all! Current logic of relying on search through backing chain is not safe neither convenient.
Sometimes it leads to necessity of extra bitmap copying. Also, we are going to add "snapshot-access" driver, to access some snapshot state through NBD. And this driver is not formally a filter, and of course it's not a COW format driver. So, searching through backing chain will not work. Instead of widening the workaround of bitmap searching, let's extend the interface so that user can select bitmap precisely.
Note, that checking for bitmap active status is not copied to the new API, I don't see a reason for it, user should understand the risks. And anyway, bitmap from other node is unrelated to this export being read-only or read-write.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@openvz.org> Message-Id: <20220314213226.362217-3-v.sementsov-og@mail.ru> [eblake: Adjust S-o-b to Vladimir's new email, with permission] Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
show more ...
|
#
97cd74f7 |
| 28-Mar-2022 |
Victor Toso <victortoso@redhat.com> |
qapi: BlockExportRemoveMode: move comments to TODO
@hide and @soft are potential additions which fits the TODO section perfectly.
The main motivation is to avoid this whole block of comment enterin
qapi: BlockExportRemoveMode: move comments to TODO
@hide and @soft are potential additions which fits the TODO section perfectly.
The main motivation is to avoid this whole block of comment entering the wrong section in the python parser.
Signed-off-by: Victor Toso <victortoso@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com> Message-Id: <20220328140604.41484-2-victortoso@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
show more ...
|
#
3a8fa0ed |
| 19-Jan-2022 |
Philippe Mathieu-Daude <f4bug@amsat.org> |
qapi/block: Cosmetic change in BlockExportType schema
Fix long line introduced in commit bb01ea73110 ("qapi/block: Restrict vhost-user-blk to CONFIG_VHOST_USER_BLK_SERVER").
Suggested-by: Markus Ar
qapi/block: Cosmetic change in BlockExportType schema
Fix long line introduced in commit bb01ea73110 ("qapi/block: Restrict vhost-user-blk to CONFIG_VHOST_USER_BLK_SERVER").
Suggested-by: Markus Armbruster <armbru@redhat.com> Acked-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20220119121439.214821-1-f4bug@amsat.org> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
show more ...
|
#
bb01ea73 |
| 07-Jan-2022 |
Philippe Mathieu-Daudé <philmd@redhat.com> |
qapi/block: Restrict vhost-user-blk to CONFIG_VHOST_USER_BLK_SERVER
When building QEMU with --disable-vhost-user and using introspection, query-qmp-schema lists vhost-user-blk even though it's not a
qapi/block: Restrict vhost-user-blk to CONFIG_VHOST_USER_BLK_SERVER
When building QEMU with --disable-vhost-user and using introspection, query-qmp-schema lists vhost-user-blk even though it's not actually available:
{ "execute": "query-qmp-schema" } { "return": [ ... { "name": "312", "members": [ { "name": "nbd" }, { "name": "vhost-user-blk" } ], "meta-type": "enum", "values": [ "nbd", "vhost-user-blk" ] },
Restrict vhost-user-blk in BlockExportType when CONFIG_VHOST_USER_BLK_SERVER is disabled, so it doesn't end listed by query-qmp-schema.
Fixes: 90fc91d50b7 ("convert vhost-user-blk server to block export API") Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20220107105420.395011-4-f4bug@amsat.org> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
show more ...
|
#
8a9f1e1d |
| 04-Aug-2021 |
Marc-André Lureau <marcandre.lureau@redhat.com> |
qapi: make 'if' condition strings simple identifiers
Change the 'if' condition strings to be C-agnostic. It will accept '[A-Z][A-Z0-9_]*' identifiers. This allows to express configuration conditions
qapi: make 'if' condition strings simple identifiers
Change the 'if' condition strings to be C-agnostic. It will accept '[A-Z][A-Z0-9_]*' identifiers. This allows to express configuration conditions in other languages (Rust or Python for ex) or other more suitable forms.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Tested-by: John Snow <jsnow@redhat.com> Message-Id: <20210804083105.97531-11-marcandre.lureau@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> [Rebased with semantic conflict in redefined-event.json] Signed-off-by: Markus Armbruster <armbru@redhat.com>
show more ...
|
#
57e28d34 |
| 12-Jul-2021 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/cohuck-gitlab/tags/s390x-20210708' into staging s390x updates: - add gen16 cpumodels - refactor/cleanup some code - bugfixes # gpg:
Merge remote-tracking branch 'remotes/cohuck-gitlab/tags/s390x-20210708' into staging s390x updates: - add gen16 cpumodels - refactor/cleanup some code - bugfixes # gpg: Signature made Thu 08 Jul 2021 12:26:21 BST # gpg: using EDDSA key 69A3B536F5CBFC65208026C1DE88BB5641DE66C1 # gpg: issuer "cohuck@redhat.com" # gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>" [unknown] # gpg: aka "Cornelia Huck <huckc@linux.vnet.ibm.com>" [full] # gpg: aka "Cornelia Huck <cornelia.huck@de.ibm.com>" [full] # gpg: aka "Cornelia Huck <cohuck@kernel.org>" [unknown] # gpg: aka "Cornelia Huck <cohuck@redhat.com>" [unknown] # Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0 18CE DECF 6B93 C6F0 2FAF # Subkey fingerprint: 69A3 B536 F5CB FC65 2080 26C1 DE88 BB56 41DE 66C1 * remotes/cohuck-gitlab/tags/s390x-20210708: target/s390x: split sysemu part of cpu models target/s390x: move kvm files into kvm/ target/s390x: remove kvm-stub.c target/s390x: use kvm_enabled() to wrap call to kvm_s390_get_hpage_1m target/s390x: make helper.c sysemu-only target/s390x: split cpu-dump from helper.c target/s390x: move sysemu-only code out to cpu-sysemu.c target/s390x: start moving TCG-only code to tcg/ target/s390x: rename internal.h to s390x-internal.h target/s390x: remove tcg-stub.c hw/s390x: only build tod-tcg from the CONFIG_TCG build hw/s390x: tod: make explicit checks for accelerators when initializing hw/s390x: rename tod-qemu.c to tod-tcg.c target/s390x: meson: add target_user_arch s390x/tcg: Fix m5 vs. m4 field for VECTOR MULTIPLY SUM LOGICAL target/s390x: Fix CC set by CONVERT TO FIXED/LOGICAL s390x/cpumodel: add 3931 and 3932 Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
bd38ae26 |
| 12-Jul-2021 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/rth-gitlab/tags/pull-tcg-20210710' into staging Add translator_use_goto_tb. Cleanups in prep of breakpoint fixes. Misc fixes. # gpg: Si
Merge remote-tracking branch 'remotes/rth-gitlab/tags/pull-tcg-20210710' into staging Add translator_use_goto_tb. Cleanups in prep of breakpoint fixes. Misc fixes. # gpg: Signature made Sat 10 Jul 2021 16:29:14 BST # gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F # gpg: issuer "richard.henderson@linaro.org" # gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full] # Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F * remotes/rth-gitlab/tags/pull-tcg-20210710: (41 commits) cpu: Add breakpoint tracepoints tcg: Remove TCG_TARGET_HAS_goto_ptr accel/tcg: Log tb->cflags with -d exec accel/tcg: Split out log_cpu_exec accel/tcg: Move tb_lookup to cpu-exec.c accel/tcg: Move helper_lookup_tb_ptr to cpu-exec.c target/i386: Use cpu_breakpoint_test in breakpoint_handler tcg: Fix prologue disassembly target/xtensa: Use translator_use_goto_tb target/tricore: Use tcg_gen_lookup_and_goto_ptr target/tricore: Use translator_use_goto_tb target/sparc: Use translator_use_goto_tb target/sh4: Use translator_use_goto_tb target/s390x: Remove use_exit_tb target/s390x: Use translator_use_goto_tb target/rx: Use translator_use_goto_tb target/riscv: Use translator_use_goto_tb target/ppc: Use translator_use_goto_tb target/openrisc: Use translator_use_goto_tb target/nios2: Use translator_use_goto_tb ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
d1987c81 |
| 11-Jul-2021 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/bonzini-gitlab/tags/for-upstream' into staging * More SVM fixes (Lara) * Module annotation database (Gerd) * Memory leak fixes (myself) * Bu
Merge remote-tracking branch 'remotes/bonzini-gitlab/tags/for-upstream' into staging * More SVM fixes (Lara) * Module annotation database (Gerd) * Memory leak fixes (myself) * Build fixes (myself) * --with-devices-* support (Alex) # gpg: Signature made Fri 09 Jul 2021 17:23:52 BST # gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83 # gpg: issuer "pbonzini@redhat.com" # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full] # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full] # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini-gitlab/tags/for-upstream: (48 commits) meson: Use input/output for entitlements target configure: allow the selection of alternate config in the build configs: rename default-configs to configs and reorganise hw/arm: move CONFIG_V7M out of default-devices hw/arm: add dependency on OR_IRQ for XLNX_VERSAL meson: Introduce target-specific Kconfig meson: switch function tests from compilation to linking vl: fix leak of qdict_crumple return value target/i386: fix exceptions for MOV to DR target/i386: Added DR6 and DR7 consistency checks target/i386: Added MSRPM and IOPM size check monitor/tcg: move tcg hmp commands to accel/tcg, register them dynamically usb: build usb-host as module monitor/usb: register 'info usbhost' dynamically usb: drop usb_host_dev_is_scsi_storage hook monitor: allow register hmp commands accel: build tcg modular accel: add tcg module annotations accel: build qtest modular accel: add qtest module annotations ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
86108e23 |
| 11-Jul-2021 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/vivier2/tags/trivial-branch-for-6.1-pull-request' into staging Trivial patches pull request 20210709 # gpg: Signature made Fri 09 Jul 2021 21:2
Merge remote-tracking branch 'remotes/vivier2/tags/trivial-branch-for-6.1-pull-request' into staging Trivial patches pull request 20210709 # gpg: Signature made Fri 09 Jul 2021 21:26:52 BST # gpg: using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C # gpg: issuer "laurent@vivier.eu" # gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full] # gpg: aka "Laurent Vivier <laurent@vivier.eu>" [full] # gpg: aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full] # Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F 5173 F30C 38BD 3F2F BE3C * remotes/vivier2/tags/trivial-branch-for-6.1-pull-request: util/guest-random: Fix size arg to tail memcpy migration: fix typo in mig_throttle_guest_down comment target/xtensa/xtensa-semi: Fix compilation problem on Haiku hw/virtio: Document *_should_notify() are called within rcu_read_lock() misc: Remove redundant new line in perror() virtiofsd: Add missing newline in error message misc: Fix "havn't" typo memory: Display MemoryRegion name in read/write ops trace events qemu-option: Drop dead assertion Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
9516034d |
| 11-Jul-2021 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/cminyard/tags/for-qemu-6.1-2' into staging Some qemu updates for IPMI and I2C Move some ADC file to where they belong and move some sensors to
Merge remote-tracking branch 'remotes/cminyard/tags/for-qemu-6.1-2' into staging Some qemu updates for IPMI and I2C Move some ADC file to where they belong and move some sensors to a sensor directory, since with new BMCs coming in lots of different sensors should be coming in. Keep from cluttering things up. Add support for I2C PMBus devices. Replace the confusing and error-prone i2c_send_recv and i2c_transfer with specific send and receive functions. Several errors have already been made with these, avoid any new errors. Fix the watchdog_expired field in the IPMI watchdog, it's not a bool, it's a u8. After a vmstate transfer, the new value could be wrong. # gpg: Signature made Fri 09 Jul 2021 17:25:04 BST # gpg: using RSA key FD0D5CE67CE0F59A6688268661F38C90919BFF81 # gpg: Good signature from "Corey Minyard <cminyard@mvista.com>" [unknown] # gpg: aka "Corey Minyard <minyard@acm.org>" [unknown] # gpg: aka "Corey Minyard <corey@minyard.net>" [unknown] # gpg: aka "Corey Minyard <minyard@mvista.com>" [unknown] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: FD0D 5CE6 7CE0 F59A 6688 2686 61F3 8C90 919B FF81 * remotes/cminyard/tags/for-qemu-6.1-2: (24 commits) tests/qtest: add tests for MAX34451 device model hw/misc: add MAX34451 device tests/qtest: add tests for ADM1272 device model hw/misc: add ADM1272 device hw/i2c: add support for PMBus ipmi/sim: fix watchdog_expired data type error in IPMIBmcSim struct hw/i2c: Introduce i2c_start_recv() and i2c_start_send() hw/i2c: Extract i2c_do_start_transfer() from i2c_start_transfer() hw/i2c: Make i2c_start_transfer() direction argument a boolean hw/i2c: Rename i2c_set_slave_address() -> i2c_slave_set_address() hw/i2c: Remove confusing i2c_send_recv() hw/misc/auxbus: Replace i2c_send_recv() by i2c_recv() & i2c_send() hw/misc/auxbus: Replace 'is_write' boolean by its value hw/misc/auxbus: Explode READ_I2C / WRITE_I2C_MOT cases hw/misc/auxbus: Fix MOT/classic I2C mode hw/i2c/ppc4xx_i2c: Replace i2c_send_recv() by i2c_recv() & i2c_send() hw/i2c/ppc4xx_i2c: Add reference to datasheet hw/display/sm501: Replace i2c_send_recv() by i2c_recv() & i2c_send() hw/display/sm501: Simplify sm501_i2c_write() logic hw/input/lm832x: Define TYPE_LM8323 in public header ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
3cfcc329 |
| 11-Jul-2021 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20210709' into staging target-arm queue: * New machine type: stm32vldiscovery * hw/intc/arm_gicv3_cpuif: Fix vir
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20210709' into staging target-arm queue: * New machine type: stm32vldiscovery * hw/intc/arm_gicv3_cpuif: Fix virtual irq number check in icv_[dir|eoir]_write * hw/gpio/pl061: Honour Luminary PL061 PUR and PDR registers * virt: Fix implementation of GPIO-based powerdown/shutdown mechanism * Correct the encoding of MDCCSR_EL0 and DBGDSCRint * hw/intc: Improve formatting of MEMTX_ERROR guest error message # gpg: Signature made Fri 09 Jul 2021 17:09:10 BST # gpg: using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE # gpg: issuer "peter.maydell@linaro.org" # gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate] # gpg: aka "Peter Maydell <pmaydell@gmail.com>" [ultimate] # gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate] # Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE * remotes/pmaydell/tags/pull-target-arm-20210709: hw/intc: Improve formatting of MEMTX_ERROR guest error message target/arm: Correct the encoding of MDCCSR_EL0 and DBGDSCRint hw/arm/stellaris: Expand comment about handling of OLED chipselect hw/gpio/pl061: Document a shortcoming in our implementation hw/gpio/pl061: Convert to 3-phase reset and assert GPIO lines correctly on reset hw/arm/virt: Make PL061 GPIO lines pulled low, not high hw/gpio/pl061: Make pullup/pulldown of outputs configurable hw/gpio/pl061: Honour Luminary PL061 PUR and PDR registers hw/gpio/pl061: Document the interface of this device hw/gpio/pl061: Add tracepoints for register read and write hw/gpio/pl061: Clean up read/write offset handling logic hw/gpio/pl061: Convert DPRINTF to tracepoints hw/intc/arm_gicv3_cpuif: Fix virtual irq number check in icv_[dir|eoir]_write tests/boot-serial-test: Add STM32VLDISCOVERY board testcase docs/system: arm: Add stm32 boards description stm32vldiscovery: Add the STM32VLDISCOVERY Machine stm32f100: Add the stm32f100 SoC Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|