#
873ec69a |
| 20-Jul-2020 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/cminyard/tags/for-qemu-i2c-5' into staging Minor changes to: Add an SMBus config entry Cleanup/simplify/document some I2C interfaces
Merge remote-tracking branch 'remotes/cminyard/tags/for-qemu-i2c-5' into staging Minor changes to: Add an SMBus config entry Cleanup/simplify/document some I2C interfaces # gpg: Signature made Thu 16 Jul 2020 18:46:55 BST # gpg: using RSA key FD0D5CE67CE0F59A6688268661F38C90919BFF81 # gpg: Good signature from "Corey Minyard <cminyard@mvista.com>" [unknown] # gpg: aka "Corey Minyard <minyard@acm.org>" [unknown] # gpg: aka "Corey Minyard <corey@minyard.net>" [unknown] # gpg: aka "Corey Minyard <minyard@mvista.com>" [unknown] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: FD0D 5CE6 7CE0 F59A 6688 2686 61F3 8C90 919B FF81 * remotes/cminyard/tags/for-qemu-i2c-5: hw/i2c: Document the I2C qdev helpers hw/i2c: Rename i2c_create_slave() as i2c_slave_create_simple() hw/i2c: Rename i2c_realize_and_unref() as i2c_slave_realize_and_unref() hw/i2c: Rename i2c_try_create_slave() as i2c_slave_new() hw/i2c/aspeed_i2c: Simplify aspeed_i2c_get_bus() hw/i2c/Kconfig: Add an entry for the SMBus Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
f1d59486 |
| 15-Jul-2020 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/philmd-gitlab/tags/mips-next-20200714' into staging MIPS patches for 5.1 - A pair of fixes, - Add Huacai Chen as MIPS KVM maintainer, -
Merge remote-tracking branch 'remotes/philmd-gitlab/tags/mips-next-20200714' into staging MIPS patches for 5.1 - A pair of fixes, - Add Huacai Chen as MIPS KVM maintainer, - Add Jiaxun Yang as designated MIPS TCG reviewer. CI jobs results: . https://travis-ci.org/github/philmd/qemu/builds/708079271 . https://gitlab.com/philmd/qemu/-/pipelines/166528104 . https://cirrus-ci.com/build/6483996878045184 # gpg: Signature made Tue 14 Jul 2020 20:59:58 BST # gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE # gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full] # Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE * remotes/philmd-gitlab/tags/mips-next-20200714: MAINTAINERS: Adjust MIPS maintainership (add Huacai Chen & Jiaxun Yang) target/mips: Fix ADD.S FPU instruction target/mips: Remove identical if/else branches Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
67320537 |
| 15-Jul-2020 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/philmd-gitlab/tags/python-next-20200714' into staging Python patches for 5.1 - Reduce race conditions on QEMUMachine::shutdown() 1. R
Merge remote-tracking branch 'remotes/philmd-gitlab/tags/python-next-20200714' into staging Python patches for 5.1 - Reduce race conditions on QEMUMachine::shutdown() 1. Remove the "bare except" pattern in the existing shutdown code, which can mask problems and make debugging difficult. 2. Ensure that post-shutdown cleanup is always performed, even when graceful termination fails. 3. Unify cleanup paths such that no matter how the VM is terminated, the same functions and steps are always taken to reset the object state. 4. Rewrite shutdown() such that any error encountered when attempting a graceful shutdown will be raised as an AbnormalShutdown exception. The pythonic idiom is to allow the caller to decide if this is a problem or not. - Modify part of the python/qemu library to comply with: . mypy --strict . pylint . flake8 - Script for the TCG Continuous Benchmarking project that uses callgrind to dissect QEMU execution into three main phases: . code generation . JIT execution . helpers execution CI jobs results: . https://cirrus-ci.com/build/5421349961203712 . https://gitlab.com/philmd/qemu/-/pipelines/166556001 . https://travis-ci.org/github/philmd/qemu/builds/708102347 # gpg: Signature made Tue 14 Jul 2020 21:40:05 BST # gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE # gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full] # Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE * remotes/philmd-gitlab/tags/python-next-20200714: python/qmp.py: add QMPProtocolError python/qmp.py: add casts to JSON deserialization python/qmp.py: Do not return None from cmd_obj python/qmp.py: re-absorb MonitorResponseError iotests.py: use qemu.qmp type aliases python/qmp.py: Define common types python/machine.py: change default wait timeout to 3 seconds python/machine.py: re-add sigkill warning suppression python/machine.py: split shutdown into hard and soft flavors tests/acceptance: Don't test reboot on cubieboard tests/acceptance: wait() instead of shutdown() where appropriate python/machine.py: Make wait() call shutdown() python/machine.py: Add a configurable timeout to shutdown() python/machine.py: Prohibit multiple shutdown() calls python/machine.py: Perform early cleanup for wait() calls, too python/machine.py: Add _early_cleanup hook python/machine.py: Close QMP socket in cleanup python/machine.py: consolidate _post_shutdown() scripts/performance: Add dissect.py script Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
3a9163af |
| 15-Jul-2020 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/philmd-gitlab/tags/sdcard-CVE-2020-13253-pull-request' into staging Fix CVE-2020-13253 By using invalidated address, guest can do out-of-bounds
Merge remote-tracking branch 'remotes/philmd-gitlab/tags/sdcard-CVE-2020-13253-pull-request' into staging Fix CVE-2020-13253 By using invalidated address, guest can do out-of-bounds accesses. These patches fix the issue by only allowing SD card image sizes power of 2, and not switching to SEND_DATA state when the address is invalid (out of range). This issue was found using QEMU fuzzing mode (using --enable-fuzzing, see docs/devel/fuzzing.txt) and reported by Alexander Bulekov. Reproducer: https://bugs.launchpad.net/qemu/+bug/1880822/comments/1 CI jobs results: . https://cirrus-ci.com/build/5157142548185088 . https://gitlab.com/philmd/qemu/-/pipelines/166381731 . https://travis-ci.org/github/philmd/qemu/builds/707956535 # gpg: Signature made Tue 14 Jul 2020 14:54:44 BST # gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE # gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full] # Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE * remotes/philmd-gitlab/tags/sdcard-CVE-2020-13253-pull-request: hw/sd/sdcard: Do not switch to ReceivingData if address is invalid hw/sd/sdcard: Update coding style to make checkpatch.pl happy hw/sd/sdcard: Do not allow invalid SD card sizes hw/sd/sdcard: Simplify realize() a bit hw/sd/sdcard: Restrict Class 6 commands to SCSD cards tests/acceptance/boot_linux: Expand SD card image to power of 2 tests/acceptance/boot_linux: Tag tests using a SD card with 'device:sd' docs/orangepi: Add instructions for resizing SD image to power of two MAINTAINERS: Cc qemu-block mailing list Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
c920fdba |
| 14-Jul-2020 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2020-07-13-tag' into staging qemu-ga patch queue for hard-freeze * fix erroneously reporting stale hostname in guest-get-h
Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2020-07-13-tag' into staging qemu-ga patch queue for hard-freeze * fix erroneously reporting stale hostname in guest-get-host-name * fix regression where guest-shutdown asserts when called * fix race condition with guest-fs-freeze/thaw on w32 # gpg: Signature made Tue 14 Jul 2020 05:47:11 BST # gpg: using RSA key CEACC9E15534EBABB82D3FA03353C9CEF108B584 # gpg: issuer "mdroth@linux.vnet.ibm.com" # gpg: Good signature from "Michael Roth <flukshun@gmail.com>" [full] # gpg: aka "Michael Roth <mdroth@utexas.edu>" [full] # gpg: aka "Michael Roth <mdroth@linux.vnet.ibm.com>" [full] # Primary key fingerprint: CEAC C9E1 5534 EBAB B82D 3FA0 3353 C9CE F108 B584 * remotes/mdroth/tags/qga-pull-2020-07-13-tag: qga: Use qemu_get_host_name() instead of g_get_host_name() util: Introduce qemu_get_host_name() qga: fix assert regression on guest-shutdown qga-win: Fix QGA VSS Provider service stop failure Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
8bfa25a4 |
| 14-Jul-2020 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-5.1-pull-request' into staging linux-user branch 20200714 Fix strace errno management Fix Coverity erros in ioc
Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-5.1-pull-request' into staging linux-user branch 20200714 Fix strace errno management Fix Coverity erros in ioctl straces Fix some netlinks errors Fix semtimedop # gpg: Signature made Tue 14 Jul 2020 08:31:56 BST # gpg: using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C # gpg: issuer "laurent@vivier.eu" # gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full] # gpg: aka "Laurent Vivier <laurent@vivier.eu>" [full] # gpg: aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full] # Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F 5173 F30C 38BD 3F2F BE3C * remotes/vivier2/tags/linux-user-for-5.1-pull-request: linux-user: fix print_syscall_err() when syscall returned value is negative linux-user: fix the errno value in print_syscall_err() linux-user: add netlink RTM_SETLINK command linux-user: add new netlink types linux-user: Fix Coverity CID 1430271 / CID 1430272 linux-user: refactor ipc syscall and support of semtimedop syscall linux-user: Use EPROTONOSUPPORT for unimplemented netlink protocols Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
d2628b1e |
| 14-Jul-2020 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches: - file-posix: Mitigate file fragmentation with extent size hints - Tighten qemu-
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches: - file-posix: Mitigate file fragmentation with extent size hints - Tighten qemu-img rules on missing backing format - qemu-img map: Don't limit block status request size - Fix crash with virtio-scsi and iothreads # gpg: Signature made Tue 14 Jul 2020 14:24:19 BST # gpg: using RSA key DC3DEB159A9AF95D3D7456FE7F09B272C88F2FD6 # gpg: issuer "kwolf@redhat.com" # gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full] # Primary key fingerprint: DC3D EB15 9A9A F95D 3D74 56FE 7F09 B272 C88F 2FD6 * remotes/kevin/tags/for-upstream: block: Avoid stale pointer dereference in blk_get_aio_context() qemu-img: Deprecate use of -b without -F block: Add support to warn on backing file change without format iotests: Specify explicit backing format where sensible qcow2: Deprecate use of qemu-img amend to change backing file block: Error if backing file fails during creation without -u qcow: Tolerate backing_fmt= vmdk: Add trivial backing_fmt support sheepdog: Add trivial backing_fmt support block: Finish deprecation of 'qemu-img convert -n -o' qemu-img: Flush stdout before before potential stderr messages file-posix: Mitigate file fragmentation with extent size hints iotests/059: Filter out disk size with more standard filter qemu-img map: Don't limit block status request size iotests: Simplify _filter_img_create() a bit Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
b66ff2c2 |
| 06-Jul-2020 |
Eric Blake <eblake@redhat.com> |
iotests: Specify explicit backing format where sensible There are many existing qcow2 images that specify a backing file but no format. This has been the source of CVEs in the past, but
iotests: Specify explicit backing format where sensible There are many existing qcow2 images that specify a backing file but no format. This has been the source of CVEs in the past, but has become more prominent of a problem now that libvirt has switched to -blockdev. With older -drive, at least the probing was always done by qemu (so the only risk of a changed format between successive boots of a guest was if qemu was upgraded and probed differently). But with newer -blockdev, libvirt must specify a format; if libvirt guesses raw where the image was formatted, this results in data corruption visible to the guest; conversely, if libvirt guesses qcow2 where qemu was using raw, this can result in potential security holes, so modern libvirt instead refuses to use images without explicit backing format. The change in libvirt to reject images without explicit backing format has pointed out that a number of tools have been far too reliant on probing in the past. It's time to set a better example in our own iotests of properly setting this parameter. iotest calls to create, rebase, and convert are all impacted to some degree. It's a bit annoying that we are inconsistent on command line - while all of those accept -o backing_file=...,backing_fmt=..., the shortcuts are different: create and rebase have -b and -F, while convert has -B but no -F. (amend has no shortcuts, but the previous patch just deprecated the use of amend to change backing chains). Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <20200706203954.341758-9-eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
show more ...
|
#
ea0ec714 |
| 24-Oct-2019 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/xtensa/tags/20191023-xtensa' into staging target/xtensa improvements for v4.2: - regenerate and reimport test_mmuhifi_c3 core; - add virt m
Merge remote-tracking branch 'remotes/xtensa/tags/20191023-xtensa' into staging target/xtensa improvements for v4.2: - regenerate and reimport test_mmuhifi_c3 core; - add virt machine. # gpg: Signature made Wed 23 Oct 2019 23:56:42 BST # gpg: using RSA key 2B67854B98E5327DCDEB17D851F9CC91F83FA044 # gpg: issuer "jcmvbkbc@gmail.com" # gpg: Good signature from "Max Filippov <filippov@cadence.com>" [unknown] # gpg: aka "Max Filippov <max.filippov@cogentembedded.com>" [full] # gpg: aka "Max Filippov <jcmvbkbc@gmail.com>" [full] # Primary key fingerprint: 2B67 854B 98E5 327D CDEB 17D8 51F9 CC91 F83F A044 * remotes/xtensa/tags/20191023-xtensa: hw/xtensa: add virt machine target/xtensa: regenerate and re-import test_mmuhifi_c3 core Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
f22f553e |
| 17-Oct-2019 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20191013' into staging Host vector support for tcg/ppc. Fix thread=single cpu kicking. # gpg: Signature made Mon 14 Oct 2
Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20191013' into staging Host vector support for tcg/ppc. Fix thread=single cpu kicking. # gpg: Signature made Mon 14 Oct 2019 15:11:55 BST # gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F # gpg: issuer "richard.henderson@linaro.org" # gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full] # Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F * remotes/rth/tags/pull-tcg-20191013: (23 commits) cpus: kick all vCPUs when running thread=single tcg/ppc: Update vector support for v3.00 dup/dupi tcg/ppc: Update vector support for v3.00 load/store tcg/ppc: Update vector support for v3.00 Altivec tcg/ppc: Update vector support for v2.07 FP tcg/ppc: Update vector support for v2.07 VSX tcg/ppc: Update vector support for v2.07 Altivec tcg/ppc: Update vector support for VSX tcg/ppc: Enable Altivec detection tcg/ppc: Support vector dup2 tcg/ppc: Support vector multiply tcg/ppc: Support vector shift by immediate tcg/ppc: Add support for vector saturated add/subtract tcg/ppc: Add support for vector add/subtract tcg/ppc: Add support for vector maximum/minimum tcg/ppc: Add support for load/store/logic/comparison tcg/ppc: Enable tcg backend vector compilation tcg/ppc: Replace HAVE_ISEL macro with a variable tcg/ppc: Replace HAVE_ISA_2_06 tcg/ppc: Create TCGPowerISA and have_isa ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
39b68bc4 |
| 17-Oct-2019 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio, vhost, acpi: features, fixes, tests ARM ACPI memory hotplug support + tests for new arm/virt AC
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio, vhost, acpi: features, fixes, tests ARM ACPI memory hotplug support + tests for new arm/virt ACPI tables. Virtio fs support (no migration). A vhost-user reconnect bugfix. Signed-off-by: Michael S. Tsirkin <mst@redhat.com> # gpg: Signature made Tue 15 Oct 2019 22:02:19 BST # gpg: using RSA key 281F0DB8D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full] # gpg: aka "Michael S. Tsirkin <mst@redhat.com>" [full] # Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67 # Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469 * remotes/mst/tags/for_upstream: virtio: add vhost-user-fs-pci device virtio: add vhost-user-fs base device virtio: Add virtio_fs linux headers tests/acpi: add expected tables for arm/virt tests: document how to update acpi tables tests: Add bios tests to arm/virt tests: allow empty expected files tests/acpi: add empty files tests: Update ACPI tables list for upcoming arm/virt tests docs/specs: Add ACPI GED documentation hw/arm: Use GED for system_powerdown event hw/arm: Factor out powerdown notifier from GPIO hw/arm/virt-acpi-build: Add PC-DIMM in SRAT hw/arm/virt: Enable device memory cold/hot plug with ACPI boot hw/arm/virt: Add memory hotplug framework hw/acpi: Add ACPI Generic Event Device Support hw/acpi: Do not create memory hotplug method when handler is not defined hw/acpi: Make ACPI IO address space configurable vhost-user: save features if the char dev is closed Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
3af78db6 |
| 15-Oct-2019 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches: - block: Fix crash with qcow2 partial cluster COW with small cluster sizes (mi
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches: - block: Fix crash with qcow2 partial cluster COW with small cluster sizes (misaligned write requests with BDRV_REQ_NO_FALLBACK) - qcow2: Fix integer overflow potentially causing corruption with huge requests - vhdx: Detect truncated image files - tools: Support help options for --object - Various block-related replay improvements - iotests/028: Fix for long $TEST_DIRs # gpg: Signature made Mon 14 Oct 2019 17:02:54 BST # gpg: using RSA key 7F09B272C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full] # Primary key fingerprint: DC3D EB15 9A9A F95D 3D74 56FE 7F09 B272 C88F 2FD6 * remotes/kevin/tags/for-upstream: iotests: Test large write request to qcow2 file qcow2: Limit total allocation range to INT_MAX qemu-nbd: Support help options for --object qemu-img: Support help options for --object qemu-io: Support help options for --object vl: Split off user_creatable_print_help() iotests/028: Fix for long $TEST_DIRs block: Reject misaligned write requests with BDRV_REQ_NO_FALLBACK replay: add BH oneshot event for block layer replay: finish record/replay before closing the disks replay: don't drain/flush bdrv queue while RR is working replay: update docs for record/replay with block devices replay: disable default snapshot for record/replay block: implement bdrv_snapshot_goto for blkreplay block/vhdx: add check for truncated image files Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
a1406a92 |
| 10-Oct-2019 |
Max Reitz <mreitz@redhat.com> |
iotests: Test large write request to qcow2 file Without HEAD^, the following happens when you attempt a large write request to a qcow2 file such that the number of bytes covered by all
iotests: Test large write request to qcow2 file Without HEAD^, the following happens when you attempt a large write request to a qcow2 file such that the number of bytes covered by all clusters involved in a single allocation will exceed INT_MAX: (A) handle_alloc_space() decides to fill the whole area with zeroes and fails because bdrv_co_pwrite_zeroes() fails (the request is too large). (B) If handle_alloc_space() does not do anything, but merge_cow() decides that the requests can be merged, it will create a too long IOV that later cannot be written. (C) Otherwise, all parts will be written separately, so those requests will work. In either B or C, though, qcow2_alloc_cluster_link_l2() will have an overflow: We use an int (i) to iterate over nb_clusters, and then calculate the L2 entry based on "i << s->cluster_bits" -- which will overflow if the range covers more than INT_MAX bytes. This then leads to image corruption because the L2 entry will be wrong (it will be recognized as a compressed cluster). Even if that were not the case, the .cow_end area would be empty (because handle_alloc() will cap avail_bytes and nb_bytes at INT_MAX, so their difference (which is the .cow_end size) will be 0). So this test checks that on such large requests, the image will not be corrupted. Unfortunately, we cannot check whether COW will be handled correctly, because that data is discarded when it is written to null-co (but we have to use null-co, because writing 2 GB of data in a test is not quite reasonable). Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
show more ...
|