Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package qemu for openSUSE:Factory checked in at 2021-03-19 16:40:35 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/qemu (Old) and /work/SRC/openSUSE:Factory/.qemu.new.2401 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "qemu" Fri Mar 19 16:40:35 2021 rev:199 rq:879687 version:unknown Changes: -------- --- /work/SRC/openSUSE:Factory/qemu/qemu.changes 2021-03-08 15:15:50.853875227 +0100 +++ /work/SRC/openSUSE:Factory/.qemu.new.2401/qemu.changes 2021-03-19 16:40:37.101908506 +0100 @@ -1,0 +2,56 @@ +Wed Mar 17 13:07:33 UTC 2021 - Bruce Rogers <[email protected]> + +- Fix s390x "mediated device is in use" error condition + (bsc#1183634) + update-linux-headers-Include-const.h.patch + Update-linux-headers-to-5.11-rc2.patch + vfio-ccw-Connect-the-device-request-noti.patch + +------------------------------------------------------------------- +Tue Mar 16 22:33:26 UTC 2021 - Bruce Rogers <[email protected]> + +- Fix DoS in e1000 emulated device (CVE-2021-20257 bsc#1182577) + e1000-fail-early-for-evil-descriptor.patch + +------------------------------------------------------------------- +Mon Mar 15 17:52:47 UTC 2021 - Bruce Rogers <[email protected]> + +- Fix incorrect guest data in s390x PCI passthrough (bsc#1183372) + s390x-pci-restore-missing-Query-PCI-Func.patch + +------------------------------------------------------------------- +Fri Mar 12 20:00:30 UTC 2021 - Bruce Rogers <[email protected]> + +- Include upstream patches designated as stable material and + reviewed for applicability to include here + lsilogic-Use-PCIDevice-exit-instead-of-D.patch + vhost-user-blk-fix-blkcfg-num_queues-end.patch +- Fix potential privilege escalation in virtfs (CVE-2021-20181 + bsc#1182137) + 9pfs-Fully-restart-unreclaim-loop-CVE-20.patch +- Fix OOB access in vmxnet3 emulation (CVE-2021-20203 bsc#1181639) + net-vmxnet3-validate-configuration-value.patch + +------------------------------------------------------------------- +Fri Mar 12 19:22:46 UTC 2021 - Dominique Leuenberger <[email protected]> + +- Add #!ForceMultiversion to qemu.spec: + + As the spec file defines different Version: fiels for various + subpackages, we must instruct OBS to not ever reset the + checkin-counter, as it would by defalut on a version increase. + Resetting the version counter results in sub-packages reusing + their VERSION-RELEASE from the past (e.g. qemu-ipxe is version + 1.0.0+, and upon checkin of a new qemu version, RELEASE is + reset to 1.1, thus again producing + qemu-ipxe-1.0.0+-1.1.noarch.rpm. + +------------------------------------------------------------------- +Fri Mar 5 21:35:22 UTC 2021 - Bruce Rogers <[email protected]> + +- Fix GCC11 compiler issue in brotli (edk2) code (boo#1181922) + brotli-fix-actual-variable-array-paramet.patch +- Tweak a few submodule descriptions and summaries +- Fix a backward compatibility issue in ACPI data + i386-acpi-restore-device-paths-for-pre-5.patch + +------------------------------------------------------------------- New: ---- 9pfs-Fully-restart-unreclaim-loop-CVE-20.patch Update-linux-headers-to-5.11-rc2.patch brotli-fix-actual-variable-array-paramet.patch e1000-fail-early-for-evil-descriptor.patch i386-acpi-restore-device-paths-for-pre-5.patch lsilogic-Use-PCIDevice-exit-instead-of-D.patch net-vmxnet3-validate-configuration-value.patch s390x-pci-restore-missing-Query-PCI-Func.patch update-linux-headers-Include-const.h.patch vfio-ccw-Connect-the-device-request-noti.patch vhost-user-blk-fix-blkcfg-num_queues-end.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ qemu.spec ++++++ --- /var/tmp/diff_new_pack.GXzcmZ/_old 2021-03-19 16:40:39.289911458 +0100 +++ /var/tmp/diff_new_pack.GXzcmZ/_new 2021-03-19 16:40:39.289911458 +0100 @@ -1,5 +1,5 @@ # -# spec file for package qemu-linux-user +# spec file for package qemu # # Copyright (c) 2021 SUSE LLC # @@ -18,6 +18,8 @@ # !! IMPORTANT !! See README.PACKAGING before modifying package in any way +#!ForceMultiversion + %define _buildshell /bin/bash %define build_x86_firmware_from_source 0 @@ -143,66 +145,76 @@ Patch00010: target-arm-Fix-MTE0_ACTIVE.patch Patch00011: target-arm-Don-t-decode-insns-in-the-XSc.patch Patch00012: hw-net-lan9118-Fix-RX-Status-FIFO-PEEK-v.patch -Patch00013: target-arm-Introduce-PREDDESC-field-defi.patch -Patch00014: target-arm-Update-PFIRST-PNEXT-for-pred_.patch -Patch00015: target-arm-Update-ZIP-UZP-TRN-for-pred_d.patch -Patch00016: target-arm-Update-REV-PUNPK-for-pred_des.patch -Patch00017: net-Fix-handling-of-id-in-netdev_add-and.patch -Patch00018: block-Separate-blk_is_writable-and-blk_s.patch -Patch00019: hw-intc-arm_gic-Fix-interrupt-ID-in-GICD.patch -Patch00020: virtio-move-use-disabled-flag-property-t.patch -Patch00021: qemu-nbd-Use-SOMAXCONN-for-socket-listen.patch -Patch00022: qemu-storage-daemon-Enable-object-add.patch -Patch00023: blockjob-Fix-crash-with-IOthread-when-bl.patch -Patch00024: monitor-Fix-assertion-failure-on-shutdow.patch -Patch00025: spice-app-avoid-crash-when-core-spice-mo.patch -Patch00026: hw-s390x-fix-build-for-virtio-9p-ccw.patch -Patch00027: hw-s390x-modularize-virtio-gpu-ccw.patch -Patch00028: XXX-dont-dump-core-on-sigabort.patch -Patch00029: qemu-binfmt-conf-Modify-default-path.patch -Patch00030: qemu-cvs-gettimeofday.patch -Patch00031: qemu-cvs-ioctl_debug.patch -Patch00032: qemu-cvs-ioctl_nodirection.patch -Patch00033: linux-user-add-binfmt-wrapper-for-argv-0.patch -Patch00034: PPC-KVM-Disable-mmu-notifier-check.patch -Patch00035: linux-user-binfmt-support-host-binaries.patch -Patch00036: linux-user-Fake-proc-cpuinfo.patch -Patch00037: linux-user-use-target_ulong.patch -Patch00038: Make-char-muxer-more-robust-wrt-small-FI.patch -Patch00039: linux-user-lseek-explicitly-cast-non-set.patch -Patch00040: AIO-Reduce-number-of-threads-for-32bit-h.patch -Patch00041: xen_disk-Add-suse-specific-flush-disable.patch -Patch00042: qemu-bridge-helper-reduce-security-profi.patch -Patch00043: qemu-binfmt-conf-use-qemu-ARCH-binfmt.patch -Patch00044: roms-Makefile-pass-a-packaging-timestamp.patch -Patch00045: Raise-soft-address-space-limit-to-hard-l.patch -Patch00046: increase-x86_64-physical-bits-to-42.patch -Patch00047: i8254-Fix-migration-from-SLE11-SP2.patch -Patch00048: acpi_piix4-Fix-migration-from-SLE11-SP2.patch -Patch00049: Make-installed-scripts-explicitly-python.patch -Patch00050: hw-smbios-handle-both-file-formats-regar.patch -Patch00051: xen-add-block-resize-support-for-xen-dis.patch -Patch00052: tests-qemu-iotests-Triple-timeout-of-i-o.patch -Patch00053: tests-Fix-block-tests-to-be-compatible-w.patch -Patch00054: xen-ignore-live-parameter-from-xen-save-.patch -Patch00055: tests-change-error-message-in-test-162.patch -Patch00056: hw-intc-exynos4210_gic-provide-more-room.patch -Patch00057: configure-only-populate-roms-if-softmmu.patch -Patch00058: pc-bios-s390-ccw-net-avoid-warning-about.patch -Patch00059: roms-change-cross-compiler-naming-to-be-.patch -Patch00060: test-add-mapping-from-arch-of-i686-to-qe.patch -Patch00061: configure-remove-pkgversion-from-CONFIG_.patch -Patch00062: docs-add-SUSE-support-statements-to-html.patch -Patch00063: s390x-Fix-stringop-truncation-issue-repo.patch -Patch00064: Revert-qht-constify-qht_statistics_init.patch -Patch00065: qht-Revert-some-constification-in-qht.c.patch -Patch00066: meson-install-ivshmem-client-and-ivshmem.patch -Patch00067: Revert-roms-efirom-tests-uefi-test-tools.patch -Patch00068: Makefile-Don-t-check-pc-bios-as-pre-requ.patch -Patch00069: roms-Makefile-add-cross-file-to-qboot-me.patch -Patch00070: usb-Help-compiler-out-to-avoid-a-warning.patch -Patch00071: module-for-virtio-gpu-pre-load-module-to.patch -Patch00072: qom-handle-case-of-chardev-spice-module-.patch +Patch00013: 9pfs-Fully-restart-unreclaim-loop-CVE-20.patch +Patch00014: target-arm-Introduce-PREDDESC-field-defi.patch +Patch00015: target-arm-Update-PFIRST-PNEXT-for-pred_.patch +Patch00016: target-arm-Update-ZIP-UZP-TRN-for-pred_d.patch +Patch00017: target-arm-Update-REV-PUNPK-for-pred_des.patch +Patch00018: update-linux-headers-Include-const.h.patch +Patch00019: Update-linux-headers-to-5.11-rc2.patch +Patch00020: vfio-ccw-Connect-the-device-request-noti.patch +Patch00021: net-Fix-handling-of-id-in-netdev_add-and.patch +Patch00022: block-Separate-blk_is_writable-and-blk_s.patch +Patch00023: hw-intc-arm_gic-Fix-interrupt-ID-in-GICD.patch +Patch00024: virtio-move-use-disabled-flag-property-t.patch +Patch00025: qemu-nbd-Use-SOMAXCONN-for-socket-listen.patch +Patch00026: qemu-storage-daemon-Enable-object-add.patch +Patch00027: blockjob-Fix-crash-with-IOthread-when-bl.patch +Patch00028: monitor-Fix-assertion-failure-on-shutdow.patch +Patch00029: spice-app-avoid-crash-when-core-spice-mo.patch +Patch00030: i386-acpi-restore-device-paths-for-pre-5.patch +Patch00031: hw-s390x-fix-build-for-virtio-9p-ccw.patch +Patch00032: s390x-pci-restore-missing-Query-PCI-Func.patch +Patch00033: lsilogic-Use-PCIDevice-exit-instead-of-D.patch +Patch00034: vhost-user-blk-fix-blkcfg-num_queues-end.patch +Patch00035: e1000-fail-early-for-evil-descriptor.patch +Patch00036: hw-s390x-modularize-virtio-gpu-ccw.patch +Patch00037: net-vmxnet3-validate-configuration-value.patch +Patch00038: XXX-dont-dump-core-on-sigabort.patch +Patch00039: qemu-binfmt-conf-Modify-default-path.patch +Patch00040: qemu-cvs-gettimeofday.patch +Patch00041: qemu-cvs-ioctl_debug.patch +Patch00042: qemu-cvs-ioctl_nodirection.patch +Patch00043: linux-user-add-binfmt-wrapper-for-argv-0.patch +Patch00044: PPC-KVM-Disable-mmu-notifier-check.patch +Patch00045: linux-user-binfmt-support-host-binaries.patch +Patch00046: linux-user-Fake-proc-cpuinfo.patch +Patch00047: linux-user-use-target_ulong.patch +Patch00048: Make-char-muxer-more-robust-wrt-small-FI.patch +Patch00049: linux-user-lseek-explicitly-cast-non-set.patch +Patch00050: AIO-Reduce-number-of-threads-for-32bit-h.patch +Patch00051: xen_disk-Add-suse-specific-flush-disable.patch +Patch00052: qemu-bridge-helper-reduce-security-profi.patch +Patch00053: qemu-binfmt-conf-use-qemu-ARCH-binfmt.patch +Patch00054: roms-Makefile-pass-a-packaging-timestamp.patch +Patch00055: Raise-soft-address-space-limit-to-hard-l.patch +Patch00056: increase-x86_64-physical-bits-to-42.patch +Patch00057: i8254-Fix-migration-from-SLE11-SP2.patch +Patch00058: acpi_piix4-Fix-migration-from-SLE11-SP2.patch +Patch00059: Make-installed-scripts-explicitly-python.patch +Patch00060: hw-smbios-handle-both-file-formats-regar.patch +Patch00061: xen-add-block-resize-support-for-xen-dis.patch +Patch00062: tests-qemu-iotests-Triple-timeout-of-i-o.patch +Patch00063: tests-Fix-block-tests-to-be-compatible-w.patch +Patch00064: xen-ignore-live-parameter-from-xen-save-.patch +Patch00065: tests-change-error-message-in-test-162.patch +Patch00066: hw-intc-exynos4210_gic-provide-more-room.patch +Patch00067: configure-only-populate-roms-if-softmmu.patch +Patch00068: pc-bios-s390-ccw-net-avoid-warning-about.patch +Patch00069: roms-change-cross-compiler-naming-to-be-.patch +Patch00070: test-add-mapping-from-arch-of-i686-to-qe.patch +Patch00071: configure-remove-pkgversion-from-CONFIG_.patch +Patch00072: docs-add-SUSE-support-statements-to-html.patch +Patch00073: s390x-Fix-stringop-truncation-issue-repo.patch +Patch00074: Revert-qht-constify-qht_statistics_init.patch +Patch00075: qht-Revert-some-constification-in-qht.c.patch +Patch00076: meson-install-ivshmem-client-and-ivshmem.patch +Patch00077: Revert-roms-efirom-tests-uefi-test-tools.patch +Patch00078: Makefile-Don-t-check-pc-bios-as-pre-requ.patch +Patch00079: roms-Makefile-add-cross-file-to-qboot-me.patch +Patch00080: usb-Help-compiler-out-to-avoid-a-warning.patch +Patch00081: module-for-virtio-gpu-pre-load-module-to.patch +Patch00082: qom-handle-case-of-chardev-spice-module-.patch # Patches applied in roms/seabios/: Patch01000: seabios-use-python2-explicitly-as-needed.patch Patch01001: seabios-switch-to-python3-as-needed.patch @@ -220,6 +232,8 @@ Patch08000: Make-keycode-gen-output-reproducible-use.patch # Patches applied in roms/qboot/: Patch11000: qboot-add-cross.ini-file-to-handle-aarch.patch +# Patches applied in roms/edk2/BaseTools/Source/C/BrotliCompress/brotli/: +Patch27000: brotli-fix-actual-variable-array-paramet.patch # Please do not add patches manually here. @@ -636,7 +650,8 @@ %{qemu_module_conflicts} %description block-nfs -This package contains a module for directly accessing nfs based image files. +This package contains a module for directly accessing nfs based image files +for QEMU. %if 0%{?with_rbd} %package block-rbd @@ -647,7 +662,8 @@ %{qemu_module_conflicts} %description block-rbd -This package contains a module for accessing ceph (rbd,rados) image files. +This package contains a module for accessing ceph (rbd,rados) image files +for QEMU. %endif %package block-ssh @@ -670,7 +686,7 @@ %{qemu_module_conflicts} %description chardev-baum -This package contains a module for baum braille chardev support. +This package contains a module for baum braille chardev support for QEMU. %package chardev-spice Summary: Spice vmc and port chardev support for QEMU @@ -682,7 +698,7 @@ %{qemu_module_conflicts} %description chardev-spice -This package contains a module for Spice chardev support. +This package contains a module for Spice chardev support for QEMU. %package hw-display-qxl Summary: QXL display support for QEMU @@ -694,7 +710,7 @@ %{qemu_module_conflicts} %description hw-display-qxl -This package contains a module for QXL display support. +This package contains a module for QXL display support for QEMU. %package hw-display-virtio-gpu Summary: Virtio GPU display support for QEMU @@ -705,10 +721,10 @@ %{qemu_module_conflicts} %description hw-display-virtio-gpu -This package contains a module for Virtio GPU display support. +This package contains a module for Virtio GPU display support for QEMU. %package hw-display-virtio-gpu-pci -Summary: Virtio-gpu driver for QEMU +Summary: Virtio-gpu pci device for QEMU Group: System/Emulators/PC Version: %{qemuver} Release: 0 @@ -717,10 +733,10 @@ %{qemu_module_conflicts} %description hw-display-virtio-gpu-pci -This package contains a virtio gpu driver for QEMU +This package contains a module providing the virtio gpu pci device for QEMU. %package hw-display-virtio-vga -Summary: Virtio vga driver for QEMU +Summary: Virtio vga device for QEMU Group: System/Emulators/PC Version: %{qemuver} Release: 0 @@ -728,10 +744,10 @@ %{qemu_module_conflicts} %description hw-display-virtio-vga -This package contains a virtio vga driver for QEMU +This package contains a module providing the virtio vga device for QEMU. %package hw-s390x-virtio-gpu-ccw -Summary: S390x virtio-gpu driver for QEMU +Summary: S390x virtio-gpu ccw device for QEMU Group: System/Emulators/PC Version: %{qemuver} Release: 0 @@ -740,7 +756,8 @@ %{qemu_module_conflicts} %description hw-s390x-virtio-gpu-ccw -This package contains an s390x virtio gpu driver for QEMU +This package contains a module providing the s390x virtio gpu ccw device for +QEMU. %package hw-usb-redirect Summary: USB redirection support for QEMU @@ -751,7 +768,7 @@ %{qemu_module_conflicts} %description hw-usb-redirect -This package contains a module for USB redirection support. +This package contains a module for USB redirection support for QEMU. %package hw-usb-smartcard Summary: USB smartcard support for QEMU @@ -762,7 +779,7 @@ %{qemu_module_conflicts} %description hw-usb-smartcard -This package contains a modules for USB smartcard support. +This package contains a modules for USB smartcard support for QEMU. %package ui-curses Summary: Curses based UI support for QEMU @@ -830,7 +847,8 @@ %{qemu_module_conflicts} %description vhost-user-gpu -This package contains a vhost user mode virtio-gpu 2D/3D rendering backend for QEMU +This package contains a vhost user mode virtio-gpu 2D/3D rendering backend for +QEMU. %package tools Summary: Tools for QEMU @@ -887,8 +905,8 @@ BuildArch: noarch %description microvm -This package provides minimal x86 firmware for booting certain guests. -qboot provides the minimum resources needed to boot PVH and bzImages. +This package provides minimal x86 firmware for booting certain guests under +QEMU. qboot provides the minimum resources needed to boot PVH and bzImages. bios-microvm, created from a minimal seabios configuration, provides slightly wider support than qboot, but still focuses on quick boot up. @@ -915,7 +933,7 @@ %description vgabios VGABIOS provides the video ROM BIOSes for the following variants of VGA emulated devices: Std VGA, QXL, Cirrus CLGD 5446 and VMware emulated -video card. +video card. For use with QEMU. %package sgabios Summary: Serial Graphics Adapter BIOS for QEMU @@ -928,7 +946,7 @@ %description sgabios The Google Serial Graphics Adapter BIOS or SGABIOS provides a means for legacy x86 software to communicate with an attached serial console as if a video card -were attached. +were attached. For use with QEMU. %package ipxe Summary: PXE ROMs for QEMU NICs @@ -1087,23 +1105,33 @@ %patch00059 -p1 %patch00060 -p1 %patch00061 -p1 -%if %{legacy_qemu_kvm} %patch00062 -p1 -%endif %patch00063 -p1 %patch00064 -p1 %patch00065 -p1 %patch00066 -p1 %patch00067 -p1 %patch00068 -p1 -%ifarch aarch64 %patch00069 -p1 -%endif -%ifarch %arm %ix86 ppc %patch00070 -p1 -%endif %patch00071 -p1 +%if %{legacy_qemu_kvm} %patch00072 -p1 +%endif +%patch00073 -p1 +%patch00074 -p1 +%patch00075 -p1 +%patch00076 -p1 +%patch00077 -p1 +%patch00078 -p1 +%ifarch aarch64 +%patch00079 -p1 +%endif +%ifarch %arm %ix86 ppc +%patch00080 -p1 +%endif +%patch00081 -p1 +%patch00082 -p1 %patch01000 -p1 %patch01001 -p1 %patch01002 -p1 @@ -1118,6 +1146,7 @@ %patch03001 -p1 %patch08000 -p1 %patch11000 -p1 +%patch27000 -p1 %if "%{name}" != "qemu-linux-user" # for the record, this set of firmware files is installed, but we don't ++++++ 9pfs-Fully-restart-unreclaim-loop-CVE-20.patch ++++++ From: Greg Kurz <[email protected]> Date: Thu, 14 Jan 2021 17:04:12 +0100 Subject: 9pfs: Fully restart unreclaim loop (CVE-2021-20181) Git-commit: 89fbea8737e8f7b954745a1ffc4238d377055305 Reference: bsc#1182137 Depending on the client activity, the server can be asked to open a huge number of file descriptors and eventually hit RLIMIT_NOFILE. This is currently mitigated using a reclaim logic : the server closes the file descriptors of idle fids, based on the assumption that it will be able to re-open them later. This assumption doesn't hold of course if the client requests the file to be unlinked. In this case, we loop on the entire fid list and mark all related fids as unreclaimable (the reclaim logic will just ignore them) and, of course, we open or re-open their file descriptors if needed since we're about to unlink the file. This is the purpose of v9fs_mark_fids_unreclaim(). Since the actual opening of a file can cause the coroutine to yield, another client request could possibly add a new fid that we may want to mark as non-reclaimable as well. The loop is thus restarted if the re-open request was actually transmitted to the backend. This is achieved by keeping a reference on the first fid (head) before traversing the list. This is wrong in several ways: - a potential clunk request from the client could tear the first fid down and cause the reference to be stale. This leads to a use-after-free error that can be detected with ASAN, using a custom 9p client - fids are added at the head of the list : restarting from the previous head will always miss fids added by a some other potential request All these problems could be avoided if fids were being added at the end of the list. This can be achieved with a QSIMPLEQ, but this is probably too much change for a bug fix. For now let's keep it simple and just restart the loop from the current head. Fixes: CVE-2021-20181 Buglink: https://bugs.launchpad.net/qemu/+bug/1911666 Reported-by: Zero Day Initiative <[email protected]> Reviewed-by: Christian Schoenebeck <[email protected]> Reviewed-by: Stefano Stabellini <[email protected]> Message-Id: <[email protected]> Signed-off-by: Greg Kurz <[email protected]> Signed-off-by: Bruce Rogers <[email protected]> --- hw/9pfs/9p.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c index 94df440fc74004bfa45b3fe30540..6026b51a1c04ee82d6366cb13d50 100644 --- a/hw/9pfs/9p.c +++ b/hw/9pfs/9p.c @@ -502,9 +502,9 @@ static int coroutine_fn v9fs_mark_fids_unreclaim(V9fsPDU *pdu, V9fsPath *path) { int err; V9fsState *s = pdu->s; - V9fsFidState *fidp, head_fid; + V9fsFidState *fidp; - head_fid.next = s->fid_list; +again: for (fidp = s->fid_list; fidp; fidp = fidp->next) { if (fidp->path.size != path->size) { continue; @@ -524,7 +524,7 @@ static int coroutine_fn v9fs_mark_fids_unreclaim(V9fsPDU *pdu, V9fsPath *path) * switched to the worker thread */ if (err == 0) { - fidp = &head_fid; + goto again; } } } ++++++ Update-linux-headers-to-5.11-rc2.patch ++++++ ++++ 1017 lines (skipped) ++++++ _constraints ++++++ --- /var/tmp/diff_new_pack.GXzcmZ/_old 2021-03-19 16:40:39.453911679 +0100 +++ /var/tmp/diff_new_pack.GXzcmZ/_new 2021-03-19 16:40:39.453911679 +0100 @@ -1,5 +1,5 @@ <constraints> - <!-- All builds are fine with 9GB disk --> + <!-- All builds are fine with 10GB disk --> <overwrite> <conditions> <package>qemu</package> ++++++ brotli-fix-actual-variable-array-paramet.patch ++++++ From: Bruce Rogers <[email protected]> Date: Fri, 5 Mar 2021 13:25:44 -0700 Subject: brotli: fix actual variable-array parameters to match declaration References: boo#1181922 GCC 11 complains about the mismatch between the variable-array parameters not being defined as such in the actual function definition. Make them match. Signed-off-by: Bruce Rogers <[email protected]> --- c/dec/decode.c | 6 ++++-- c/enc/encode.c | 5 +++-- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/roms/edk2/BaseTools/Source/C/BrotliCompress/brotli/c/dec/decode.c b/roms/edk2/BaseTools/Source/C/BrotliCompress/brotli/c/dec/decode.c index 114c5057d7d91f5a634167e00d84..bb6f1ab6cc42f54720fd07f665e3 100644 --- a/roms/edk2/BaseTools/Source/C/BrotliCompress/brotli/c/dec/decode.c +++ b/roms/edk2/BaseTools/Source/C/BrotliCompress/brotli/c/dec/decode.c @@ -2030,8 +2030,10 @@ static BROTLI_NOINLINE BrotliDecoderErrorCode SafeProcessCommands( } BrotliDecoderResult BrotliDecoderDecompress( - size_t encoded_size, const uint8_t* encoded_buffer, size_t* decoded_size, - uint8_t* decoded_buffer) { + size_t encoded_size, + const uint8_t encoded_buffer[BROTLI_ARRAY_PARAM(encoded_size)], + size_t* decoded_size, + uint8_t decoded_buffer[BROTLI_ARRAY_PARAM(*decoded_size)]) { BrotliDecoderState s; BrotliDecoderResult result; size_t total_out = 0; diff --git a/roms/edk2/BaseTools/Source/C/BrotliCompress/brotli/c/enc/encode.c b/roms/edk2/BaseTools/Source/C/BrotliCompress/brotli/c/enc/encode.c index 68548ef55af8036d6f0fe720e721..ab0a4906060c98461102d45ab61d 100644 --- a/roms/edk2/BaseTools/Source/C/BrotliCompress/brotli/c/enc/encode.c +++ b/roms/edk2/BaseTools/Source/C/BrotliCompress/brotli/c/enc/encode.c @@ -1470,8 +1470,9 @@ static size_t MakeUncompressedStream( BROTLI_BOOL BrotliEncoderCompress( int quality, int lgwin, BrotliEncoderMode mode, size_t input_size, - const uint8_t* input_buffer, size_t* encoded_size, - uint8_t* encoded_buffer) { + const uint8_t input_buffer[BROTLI_ARRAY_PARAM(input_size)], + size_t* encoded_size, + uint8_t encoded_buffer[BROTLI_ARRAY_PARAM(*encoded_size)]) { BrotliEncoderState* s; size_t out_size = *encoded_size; const uint8_t* input_start = input_buffer; ++++++ bundles.tar.xz ++++++ Binary files old/553032db17440f8de011390e5a1cfddd13751b0b.bundle and new/553032db17440f8de011390e5a1cfddd13751b0b.bundle differ Binary files old/roms/edk2/BaseTools/Source/C/BrotliCompress/brotli/666c3280cc11dc433c303d79a83d4ffbdd12cc8d.bundle and new/roms/edk2/BaseTools/Source/C/BrotliCompress/brotli/666c3280cc11dc433c303d79a83d4ffbdd12cc8d.bundle differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/roms/edk2/BaseTools/Source/C/BrotliCompress/brotli/repo new/roms/edk2/BaseTools/Source/C/BrotliCompress/brotli/repo --- old/roms/edk2/BaseTools/Source/C/BrotliCompress/brotli/repo 1970-01-01 01:00:00.000000000 +0100 +++ new/roms/edk2/BaseTools/Source/C/BrotliCompress/brotli/repo 2021-03-17 00:12:01.000000000 +0100 @@ -0,0 +1 @@ +https://github.com/openSUSE/qemu-edk2-BrotliCompress-brotli.git ++++++ config.sh ++++++ --- /var/tmp/diff_new_pack.GXzcmZ/_old 2021-03-19 16:40:39.601911879 +0100 +++ /var/tmp/diff_new_pack.GXzcmZ/_new 2021-03-19 16:40:39.605911884 +0100 @@ -37,6 +37,9 @@ PATCH_RANGE=1000 +# For compatibility with old packages, we include this option +OVERRIDE_FIVE_DIGIT_NUMBERING=0 + # This array tracks all git submodule paths within the superproject (1st entry) PATCH_PATH_MAP=( "" ++++++ e1000-fail-early-for-evil-descriptor.patch ++++++ From: Jason Wang <[email protected]> Date: Wed, 24 Feb 2021 13:45:28 +0800 Subject: e1000: fail early for evil descriptor Git-commit: 3de46e6fc489c52c9431a8a832ad8170a7569bd8 References: bsc#1182577, CVE-2021-20257 During procss_tx_desc(), driver can try to chain data descriptor with legacy descriptor, when will lead underflow for the following calculation in process_tx_desc() for bytes: if (tp->size + bytes > msh) bytes = msh - tp->size; This will lead a infinite loop. So check and fail early if tp->size if greater or equal to msh. Reported-by: Alexander Bulekov <[email protected]> Reported-by: Cheolwoo Myung <[email protected]> Reported-by: Ruhr-University Bochum <[email protected]> Cc: Prasad J Pandit <[email protected]> Cc: [email protected] Signed-off-by: Jason Wang <[email protected]> Signed-off-by: Bruce Rogers <[email protected]> --- hw/net/e1000.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/hw/net/e1000.c b/hw/net/e1000.c index d7d05ae30afafb2e7979c74564a6..02a446b89bae0dec0acdefa54760 100644 --- a/hw/net/e1000.c +++ b/hw/net/e1000.c @@ -670,6 +670,9 @@ process_tx_desc(E1000State *s, struct e1000_tx_desc *dp) msh = tp->tso_props.hdr_len + tp->tso_props.mss; do { bytes = split_size; + if (tp->size >= msh) { + goto eop; + } if (tp->size + bytes > msh) bytes = msh - tp->size; @@ -695,6 +698,7 @@ process_tx_desc(E1000State *s, struct e1000_tx_desc *dp) tp->size += split_size; } +eop: if (!(txd_lower & E1000_TXD_CMD_EOP)) return; if (!(tp->cptse && tp->size < tp->tso_props.hdr_len)) { ++++++ hw-s390x-fix-build-for-virtio-9p-ccw.patch ++++++ --- /var/tmp/diff_new_pack.GXzcmZ/_old 2021-03-19 16:40:39.637911928 +0100 +++ /var/tmp/diff_new_pack.GXzcmZ/_new 2021-03-19 16:40:39.637911928 +0100 @@ -2,7 +2,7 @@ Date: Thu, 18 Feb 2021 04:40:59 +0100 Subject: hw/s390x: fix build for virtio-9p-ccw -Git-commit: 0000000000000000000000000000000000000000 +Git-commit: 24056cbfd577fd219d55c03f69df66e6351456e7 References: bsc#1182496 Commit 2c44220d05 ("meson: convert hw/arch*"), which migrated the old ++++++ i386-acpi-restore-device-paths-for-pre-5.patch ++++++ From: Vitaly Cheptsov <[email protected]> Date: Mon, 1 Mar 2021 22:59:18 +0300 Subject: i386/acpi: restore device paths for pre-5.1 vms Git-commit: 0a343a5add75f9f90c65e932863d57ddbcb28f5c After fixing the _UID value for the primary PCI root bridge in af1b80ae it was discovered that this change updates Windows configuration in an incompatible way causing network configuration failure unless DHCP is used. More details provided on the list: https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg08484.html This change reverts the _UID update from 1 to 0 for q35 and i440fx VMs before version 5.2 to maintain the original behaviour when upgrading. Cc: [email protected] Cc: [email protected] Reported-by: Thomas Lamprecht <[email protected]> Suggested-by: Michael S. Tsirkin <[email protected]> Signed-off-by: Vitaly Cheptsov <[email protected]> Message-Id: <[email protected]> Tested-by: Thomas Lamprecht <[email protected]> Reviewed-by: Igor Mammedov <[email protected]> Reviewed-by: Michael S. Tsirkin <[email protected]> Signed-off-by: Michael S. Tsirkin <[email protected]> Fixes: af1b80ae56c9 ("i386/acpi: fix inconsistent QEMU/OVMF device paths") Signed-off-by: Bruce Rogers <[email protected]> --- hw/i386/acpi-build.c | 4 ++-- hw/i386/pc_piix.c | 2 ++ hw/i386/pc_q35.c | 2 ++ include/hw/i386/pc.h | 1 + 4 files changed, 7 insertions(+), 2 deletions(-) diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c index 1f5c2112452a74bc19cb3a129fa9..b5616582a5d8395ab38080567356 100644 --- a/hw/i386/acpi-build.c +++ b/hw/i386/acpi-build.c @@ -1513,7 +1513,7 @@ build_dsdt(GArray *table_data, BIOSLinker *linker, dev = aml_device("PCI0"); aml_append(dev, aml_name_decl("_HID", aml_eisaid("PNP0A03"))); aml_append(dev, aml_name_decl("_ADR", aml_int(0))); - aml_append(dev, aml_name_decl("_UID", aml_int(0))); + aml_append(dev, aml_name_decl("_UID", aml_int(pcmc->pci_root_uid))); aml_append(sb_scope, dev); aml_append(dsdt, sb_scope); @@ -1530,7 +1530,7 @@ build_dsdt(GArray *table_data, BIOSLinker *linker, aml_append(dev, aml_name_decl("_HID", aml_eisaid("PNP0A08"))); aml_append(dev, aml_name_decl("_CID", aml_eisaid("PNP0A03"))); aml_append(dev, aml_name_decl("_ADR", aml_int(0))); - aml_append(dev, aml_name_decl("_UID", aml_int(0))); + aml_append(dev, aml_name_decl("_UID", aml_int(pcmc->pci_root_uid))); aml_append(dev, build_q35_osc_method()); aml_append(sb_scope, dev); diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c index 13d1628f13bfc537cbefaec47e27..2524c962161115d026cc810b8dc8 100644 --- a/hw/i386/pc_piix.c +++ b/hw/i386/pc_piix.c @@ -417,6 +417,7 @@ static void pc_i440fx_machine_options(MachineClass *m) { PCMachineClass *pcmc = PC_MACHINE_CLASS(m); pcmc->default_nic_model = "e1000"; + pcmc->pci_root_uid = 0; m->family = "pc_piix"; m->desc = "Standard PC (i440FX + PIIX, 1996)"; @@ -448,6 +449,7 @@ static void pc_i440fx_5_1_machine_options(MachineClass *m) compat_props_add(m->compat_props, hw_compat_5_1, hw_compat_5_1_len); compat_props_add(m->compat_props, pc_compat_5_1, pc_compat_5_1_len); pcmc->kvmclock_create_always = false; + pcmc->pci_root_uid = 1; } DEFINE_I440FX_MACHINE(v5_1, "pc-i440fx-5.1", NULL, diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c index a3f4959c43575ad9809a0ac8b7a5..c58dad5ae37f7190f308c512c339 100644 --- a/hw/i386/pc_q35.c +++ b/hw/i386/pc_q35.c @@ -329,6 +329,7 @@ static void pc_q35_machine_options(MachineClass *m) { PCMachineClass *pcmc = PC_MACHINE_CLASS(m); pcmc->default_nic_model = "e1000e"; + pcmc->pci_root_uid = 0; m->family = "pc_q35"; m->desc = "Standard PC (Q35 + ICH9, 2009)"; @@ -364,6 +365,7 @@ static void pc_q35_5_1_machine_options(MachineClass *m) compat_props_add(m->compat_props, hw_compat_5_1, hw_compat_5_1_len); compat_props_add(m->compat_props, pc_compat_5_1, pc_compat_5_1_len); pcmc->kvmclock_create_always = false; + pcmc->pci_root_uid = 1; } DEFINE_Q35_MACHINE(v5_1, "pc-q35-5.1", NULL, diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h index 911e4600970c36de9371a46601c6..7f8e1a791f88ead6cd5cb2a91e8b 100644 --- a/include/hw/i386/pc.h +++ b/include/hw/i386/pc.h @@ -99,6 +99,7 @@ struct PCMachineClass { int legacy_acpi_table_size; unsigned acpi_data_size; bool do_not_add_smb_acpi; + int pci_root_uid; /* SMBIOS compat: */ bool smbios_defaults; ++++++ lsilogic-Use-PCIDevice-exit-instead-of-D.patch ++++++ From: Peng Liang <[email protected]> Date: Tue, 2 Mar 2021 21:30:16 +0800 Subject: lsilogic: Use PCIDevice::exit instead of DeviceState::unrealize Git-commit: faabca42cc4ff51110116dfe44d420c668b4d8d8 PCI_DEVICE has overwritten DeviceState::unrealize (pci_qdev_unrealize). However, LSI53C895A, which is a subclass of PCI_DEVICE, overwrites it again and doesn't save the parent's implementation so the PCI_DEVICE's implementation of DeviceState::unrealize will never be called when unrealize a LSI53C895A device. And it will lead to memory leak and unplug failure. For a PCI device, it's better to implement PCIDevice::exit instead of DeviceState::unrealize. So let's change to use PCIDevice::exit. Fixes: a8632434c7e9 ("lsi: implement I/O memory space for Memory Move instructions") Cc: [email protected] Signed-off-by: Peng Liang <[email protected]> Message-Id: <[email protected]> Signed-off-by: Paolo Bonzini <[email protected]> Signed-off-by: Bruce Rogers <[email protected]> --- hw/scsi/lsi53c895a.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c index 7d13c7dc1c46e8a32ed0e3e090ff..af46c62f0d78268b52d19ca9fd07 100644 --- a/hw/scsi/lsi53c895a.c +++ b/hw/scsi/lsi53c895a.c @@ -2312,7 +2312,7 @@ static void lsi_scsi_realize(PCIDevice *dev, Error **errp) scsi_bus_new(&s->bus, sizeof(s->bus), d, &lsi_scsi_info, NULL); } -static void lsi_scsi_unrealize(DeviceState *dev) +static void lsi_scsi_exit(PCIDevice *dev) { LSIState *s = LSI53C895A(dev); @@ -2325,11 +2325,11 @@ static void lsi_class_init(ObjectClass *klass, void *data) PCIDeviceClass *k = PCI_DEVICE_CLASS(klass); k->realize = lsi_scsi_realize; + k->exit = lsi_scsi_exit; k->vendor_id = PCI_VENDOR_ID_LSI_LOGIC; k->device_id = PCI_DEVICE_ID_LSI_53C895A; k->class_id = PCI_CLASS_STORAGE_SCSI; k->subsystem_id = 0x1000; - dc->unrealize = lsi_scsi_unrealize; dc->reset = lsi_scsi_reset; dc->vmsd = &vmstate_lsi_scsi; set_bit(DEVICE_CATEGORY_STORAGE, dc->categories); ++++++ net-vmxnet3-validate-configuration-value.patch ++++++ From: Prasad J Pandit <[email protected]> Date: Sat, 30 Jan 2021 18:46:52 +0530 Subject: net: vmxnet3: validate configuration values during activate (CVE-2021-20203) Git-commit: 0000000000000000000000000000000000000000 References: bsc#1181639 While activating device in vmxnet3_acticate_device(), it does not validate guest supplied configuration values against predefined minimum - maximum limits. This may lead to integer overflow or OOB access issues. Add checks to avoid it. Fixes: CVE-2021-20203 Buglink: https://bugs.launchpad.net/qemu/+bug/1913873 Reported-by: Gaoning Pan <[email protected]> Signed-off-by: Prasad J Pandit <[email protected]> Signed-off-by: Bruce Rogers <[email protected]> --- hw/net/vmxnet3.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c index eff299f6290cee3e784d93561798..4a910ca97188df056219062c30da 100644 --- a/hw/net/vmxnet3.c +++ b/hw/net/vmxnet3.c @@ -1420,6 +1420,7 @@ static void vmxnet3_activate_device(VMXNET3State *s) vmxnet3_setup_rx_filtering(s); /* Cache fields from shared memory */ s->mtu = VMXNET3_READ_DRV_SHARED32(d, s->drv_shmem, devRead.misc.mtu); + assert(VMXNET3_MIN_MTU <= s->mtu && s->mtu < VMXNET3_MAX_MTU); VMW_CFPRN("MTU is %u", s->mtu); s->max_rx_frags = @@ -1473,6 +1474,9 @@ static void vmxnet3_activate_device(VMXNET3State *s) /* Read rings memory locations for TX queues */ pa = VMXNET3_READ_TX_QUEUE_DESCR64(d, qdescr_pa, conf.txRingBasePA); size = VMXNET3_READ_TX_QUEUE_DESCR32(d, qdescr_pa, conf.txRingSize); + if (size > VMXNET3_TX_RING_MAX_SIZE) { + size = VMXNET3_TX_RING_MAX_SIZE; + } vmxnet3_ring_init(d, &s->txq_descr[i].tx_ring, pa, size, sizeof(struct Vmxnet3_TxDesc), false); @@ -1483,6 +1487,9 @@ static void vmxnet3_activate_device(VMXNET3State *s) /* TXC ring */ pa = VMXNET3_READ_TX_QUEUE_DESCR64(d, qdescr_pa, conf.compRingBasePA); size = VMXNET3_READ_TX_QUEUE_DESCR32(d, qdescr_pa, conf.compRingSize); + if (size > VMXNET3_TC_RING_MAX_SIZE) { + size = VMXNET3_TC_RING_MAX_SIZE; + } vmxnet3_ring_init(d, &s->txq_descr[i].comp_ring, pa, size, sizeof(struct Vmxnet3_TxCompDesc), true); VMXNET3_RING_DUMP(VMW_CFPRN, "TXC", i, &s->txq_descr[i].comp_ring); @@ -1524,6 +1531,9 @@ static void vmxnet3_activate_device(VMXNET3State *s) /* RX rings */ pa = VMXNET3_READ_RX_QUEUE_DESCR64(d, qd_pa, conf.rxRingBasePA[j]); size = VMXNET3_READ_RX_QUEUE_DESCR32(d, qd_pa, conf.rxRingSize[j]); + if (size > VMXNET3_RX_RING_MAX_SIZE) { + size = VMXNET3_RX_RING_MAX_SIZE; + } vmxnet3_ring_init(d, &s->rxq_descr[i].rx_ring[j], pa, size, sizeof(struct Vmxnet3_RxDesc), false); VMW_CFPRN("RX queue %d:%d: Base: %" PRIx64 ", Size: %d", @@ -1533,6 +1543,9 @@ static void vmxnet3_activate_device(VMXNET3State *s) /* RXC ring */ pa = VMXNET3_READ_RX_QUEUE_DESCR64(d, qd_pa, conf.compRingBasePA); size = VMXNET3_READ_RX_QUEUE_DESCR32(d, qd_pa, conf.compRingSize); + if (size > VMXNET3_RC_RING_MAX_SIZE) { + size = VMXNET3_RC_RING_MAX_SIZE; + } vmxnet3_ring_init(d, &s->rxq_descr[i].comp_ring, pa, size, sizeof(struct Vmxnet3_RxCompDesc), true); VMW_CFPRN("RXC queue %d: Base: %" PRIx64 ", Size: %d", i, pa, size); ++++++ qemu.spec.in ++++++ --- /var/tmp/diff_new_pack.GXzcmZ/_old 2021-03-19 16:40:39.817912171 +0100 +++ /var/tmp/diff_new_pack.GXzcmZ/_new 2021-03-19 16:40:39.817912171 +0100 @@ -1,5 +1,5 @@ # -# spec file for package qemu%{name_suffix} +# spec file for package qemu # # Copyright (c) 2021 SUSE LLC # @@ -18,6 +18,8 @@ # !! IMPORTANT !! See README.PACKAGING before modifying package in any way +#!ForceMultiversion + %define _buildshell /bin/bash %define build_x86_firmware_from_source 0 @@ -543,7 +545,8 @@ %{qemu_module_conflicts} %description block-nfs -This package contains a module for directly accessing nfs based image files. +This package contains a module for directly accessing nfs based image files +for QEMU. %if 0%{?with_rbd} %package block-rbd @@ -554,7 +557,8 @@ %{qemu_module_conflicts} %description block-rbd -This package contains a module for accessing ceph (rbd,rados) image files. +This package contains a module for accessing ceph (rbd,rados) image files +for QEMU. %endif %package block-ssh @@ -577,7 +581,7 @@ %{qemu_module_conflicts} %description chardev-baum -This package contains a module for baum braille chardev support. +This package contains a module for baum braille chardev support for QEMU. %package chardev-spice Summary: Spice vmc and port chardev support for QEMU @@ -589,7 +593,7 @@ %{qemu_module_conflicts} %description chardev-spice -This package contains a module for Spice chardev support. +This package contains a module for Spice chardev support for QEMU. %package hw-display-qxl Summary: QXL display support for QEMU @@ -601,7 +605,7 @@ %{qemu_module_conflicts} %description hw-display-qxl -This package contains a module for QXL display support. +This package contains a module for QXL display support for QEMU. %package hw-display-virtio-gpu Summary: Virtio GPU display support for QEMU @@ -612,10 +616,10 @@ %{qemu_module_conflicts} %description hw-display-virtio-gpu -This package contains a module for Virtio GPU display support. +This package contains a module for Virtio GPU display support for QEMU. %package hw-display-virtio-gpu-pci -Summary: Virtio-gpu driver for QEMU +Summary: Virtio-gpu pci device for QEMU Group: System/Emulators/PC Version: %{qemuver} Release: 0 @@ -624,10 +628,10 @@ %{qemu_module_conflicts} %description hw-display-virtio-gpu-pci -This package contains a virtio gpu driver for QEMU +This package contains a module providing the virtio gpu pci device for QEMU. %package hw-display-virtio-vga -Summary: Virtio vga driver for QEMU +Summary: Virtio vga device for QEMU Group: System/Emulators/PC Version: %{qemuver} Release: 0 @@ -635,10 +639,10 @@ %{qemu_module_conflicts} %description hw-display-virtio-vga -This package contains a virtio vga driver for QEMU +This package contains a module providing the virtio vga device for QEMU. %package hw-s390x-virtio-gpu-ccw -Summary: S390x virtio-gpu driver for QEMU +Summary: S390x virtio-gpu ccw device for QEMU Group: System/Emulators/PC Version: %{qemuver} Release: 0 @@ -647,7 +651,8 @@ %{qemu_module_conflicts} %description hw-s390x-virtio-gpu-ccw -This package contains an s390x virtio gpu driver for QEMU +This package contains a module providing the s390x virtio gpu ccw device for +QEMU. %package hw-usb-redirect Summary: USB redirection support for QEMU @@ -658,7 +663,7 @@ %{qemu_module_conflicts} %description hw-usb-redirect -This package contains a module for USB redirection support. +This package contains a module for USB redirection support for QEMU. %package hw-usb-smartcard Summary: USB smartcard support for QEMU @@ -669,7 +674,7 @@ %{qemu_module_conflicts} %description hw-usb-smartcard -This package contains a modules for USB smartcard support. +This package contains a modules for USB smartcard support for QEMU. %package ui-curses Summary: Curses based UI support for QEMU @@ -737,7 +742,8 @@ %{qemu_module_conflicts} %description vhost-user-gpu -This package contains a vhost user mode virtio-gpu 2D/3D rendering backend for QEMU +This package contains a vhost user mode virtio-gpu 2D/3D rendering backend for +QEMU. %package tools Summary: Tools for QEMU @@ -794,8 +800,8 @@ BuildArch: noarch %description microvm -This package provides minimal x86 firmware for booting certain guests. -qboot provides the minimum resources needed to boot PVH and bzImages. +This package provides minimal x86 firmware for booting certain guests under +QEMU. qboot provides the minimum resources needed to boot PVH and bzImages. bios-microvm, created from a minimal seabios configuration, provides slightly wider support than qboot, but still focuses on quick boot up. @@ -822,7 +828,7 @@ %description vgabios VGABIOS provides the video ROM BIOSes for the following variants of VGA emulated devices: Std VGA, QXL, Cirrus CLGD 5446 and VMware emulated -video card. +video card. For use with QEMU. %package sgabios Summary: Serial Graphics Adapter BIOS for QEMU @@ -835,7 +841,7 @@ %description sgabios The Google Serial Graphics Adapter BIOS or SGABIOS provides a means for legacy x86 software to communicate with an attached serial console as if a video card -were attached. +were attached. For use with QEMU. %package ipxe Summary: PXE ROMs for QEMU NICs ++++++ s390x-pci-restore-missing-Query-PCI-Func.patch ++++++ From: Matthew Rosato <[email protected]> Date: Thu, 18 Feb 2021 15:53:29 -0500 Subject: s390x/pci: restore missing Query PCI Function CLP data Git-commit: 403af209db8c030ed1e000640cd3cd80c6882883 References: bsc#1183372 Some CLP response data was accidentally dropped when fixing endianness issues with the Query PCI Function CLP response. All of these values are sent as 0s to the guest for emulated devices, so the impact is only observed on passthrough devices. Fixes: a4e2fff1b104 ("s390x/pci: fix endianness issues") Signed-off-by: Matthew Rosato <[email protected]> Message-Id: <[email protected]> Signed-off-by: Cornelia Huck <[email protected]> Signed-off-by: Bruce Rogers <[email protected]> --- hw/s390x/s390-pci-inst.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/hw/s390x/s390-pci-inst.c b/hw/s390x/s390-pci-inst.c index 70bfd91bf70edafaa7c93469f459..f0ed9ea6f96b1202521ae434e680 100644 --- a/hw/s390x/s390-pci-inst.c +++ b/hw/s390x/s390-pci-inst.c @@ -284,10 +284,15 @@ int clp_service_call(S390CPU *cpu, uint8_t r2, uintptr_t ra) stq_p(&resquery->sdma, pbdev->zpci_fn.sdma); stq_p(&resquery->edma, pbdev->zpci_fn.edma); stw_p(&resquery->pchid, pbdev->zpci_fn.pchid); + stw_p(&resquery->vfn, pbdev->zpci_fn.vfn); resquery->flags = pbdev->zpci_fn.flags; resquery->pfgid = pbdev->zpci_fn.pfgid; + resquery->pft = pbdev->zpci_fn.pft; + resquery->fmbl = pbdev->zpci_fn.fmbl; stl_p(&resquery->fid, pbdev->zpci_fn.fid); stl_p(&resquery->uid, pbdev->zpci_fn.uid); + memcpy(resquery->pfip, pbdev->zpci_fn.pfip, CLP_PFIP_NR_SEGMENTS); + memcpy(resquery->util_str, pbdev->zpci_fn.util_str, CLP_UTIL_STR_LEN); for (i = 0; i < PCI_BAR_COUNT; i++) { uint32_t data = pci_get_long(pbdev->pdev->config + ++++++ update-linux-headers-Include-const.h.patch ++++++ From: Eric Farman <[email protected]> Date: Mon, 4 Jan 2021 21:20:55 +0100 Subject: update-linux-headers: Include const.h MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Git-commit: ab5ec23f9cc25215c1281d575c07c0f35e8e9e26 References: bsc#1183634 Kernel commit a85cbe6159ff ("uapi: move constants from <linux/kernel.h> to <linux/const.h>") breaks our script because of the unrecognized include. Let's add that to our processing. Signed-off-by: Eric Farman <[email protected]> Reviewed-by: Peter Xu <[email protected]> Reviewed-by: Philippe Mathieu-Daud?? <[email protected]> Message-Id: <[email protected]> Signed-off-by: Cornelia Huck <[email protected]> Signed-off-by: Bruce Rogers <[email protected]> --- scripts/update-linux-headers.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/scripts/update-linux-headers.sh b/scripts/update-linux-headers.sh index 9efbaf2f84b38bee183517934b84..fa6f2b6272b78223d28f4c823858 100755 --- a/scripts/update-linux-headers.sh +++ b/scripts/update-linux-headers.sh @@ -41,6 +41,7 @@ cp_portable() { -e 'pvrdma_verbs' \ -e 'drm.h' \ -e 'limits' \ + -e 'linux/const' \ -e 'linux/kernel' \ -e 'linux/sysinfo' \ -e 'asm-generic/kvm_para' \ @@ -190,7 +191,9 @@ for i in "$tmpdir"/include/linux/*virtio*.h \ "$tmpdir/include/linux/input.h" \ "$tmpdir/include/linux/input-event-codes.h" \ "$tmpdir/include/linux/pci_regs.h" \ - "$tmpdir/include/linux/ethtool.h" "$tmpdir/include/linux/kernel.h" \ + "$tmpdir/include/linux/ethtool.h" \ + "$tmpdir/include/linux/const.h" \ + "$tmpdir/include/linux/kernel.h" \ "$tmpdir/include/linux/vhost_types.h" \ "$tmpdir/include/linux/sysinfo.h"; do cp_portable "$i" "$output/include/standard-headers/linux" ++++++ update_git.sh ++++++ --- /var/tmp/diff_new_pack.GXzcmZ/_old 2021-03-19 16:40:39.937912333 +0100 +++ /var/tmp/diff_new_pack.GXzcmZ/_new 2021-03-19 16:40:39.941912338 +0100 @@ -1,5 +1,7 @@ #!/bin/bash +set -e + # update_git.sh: script to manage package maintenance using a git-based # workflow. Commands are as follows: # git2pkg (update package spec file and patches from git) @@ -8,10 +10,22 @@ # # (default is git2pkg) +# As an aid to bypassing issues with our multibuild package and obs (see code +# below following the osc localrun of osc service localrun format_spec_file), +# provide an automated way to checkin without needing to type so much +if [ "$1" = "ci" ]; then + osc ci -f -n --noservice + exit +fi + #============================================================================== check_requirements() { RC=0 + if [[ ! -e ./config.sh ]]; then + echo "ERROR: Missing config.sh configuration script" + RC=1 + fi if [[ ! $(rpm -q git-core) ]]; then echo "ERROR: Missing dependency: git-core" RC=1 @@ -51,11 +65,9 @@ #============================================================================== -set -e - source ./config.sh -# If you're using LATEST, we assume you are an expert! +# If you're using LATEST, we assume you are an expert so no basic help provided if [ "$GIT_UPSTREAM_COMMIT_ISH" != "LATEST" ]; then if [ "$1" = "" ]; then set -- git2pkg @@ -91,7 +103,11 @@ # Zero based numbering, so we subtract 1 here: if (( (REPO_COUNT * PATCH_RANGE) - 1 > 9999 )); then - FIVE_DIGIT_POTENTIAL=1 + if [[ "$OVERRIDE_FIVE_DIGIT_NUMBERING" = "1" ]]; then + FIVE_DIGIT_POTENTIAL=0 + else + FIVE_DIGIT_POTENTIAL=1 + fi else FIVE_DIGIT_POTENTIAL=0 fi @@ -99,7 +115,7 @@ declare -A COMMIT_IDS_BY_SUBMODULE_PATH # Get version info from the packages' tarball - decode and do some checks -BASE_RE="qemu-[[:digit:]]+(\.[[:digit:]]+){2}(-rc[[:digit:]])?" +BASE_RE="qemu-[[:digit:]]+(\.[[:digit:]]+){2,3}(-rc[[:digit:]])?" EXTRA_RE="\+git\.[[:digit:]]+\.([[:xdigit:]]+)" SUFFIX_RE="\.tar\.xz" SIG_SUFFIX_RE="\.tar\.xz\.sig" @@ -149,6 +165,10 @@ exit fi else +#TODO: Is there a better way to do this (we don't want the old bundle commit id's relied on HERE for LATEST) + if [[ "$GIT_UPSTREAM_COMMIT_ISH" = "LATEST" ]]; then + rm bundles.tar.xz + fi if [[ -e bundles.tar.xz ]]; then tar --extract --xz -f bundles.tar.xz -C $BUNDLE_DIR . else @@ -234,7 +254,7 @@ fi done if [[ "$i" = "REPO_COUNT" ]]; then - echo "ERROR! BUNDLE SUBPROJECT NOT MENTIONED IN config.sh! Fix!" + echo "ERROR! BUNDLE SUBPROJECT $SUBDIR NOT MENTIONED IN config.sh! Fix!" exit fi @@ -283,7 +303,7 @@ (cd $GIT_DIR && git remote add upstream \ $UPSTREAM_GIT_REPO &>/dev/null) (cd $GIT_DIR && git remote update upstream &>/dev/null) -(cd $GIT_DIR && git reset --hard $NEW_COMMIT_ISH &>/dev/null) +(cd $GIT_DIR && git reset --hard --recurse-submodules $NEW_COMMIT_ISH &>/dev/null) # As an alternative, we could add a --recurse-submodules to the checkout instead here as well, right? #UPSTREAM DOESNT DO THIS (time takes 17 minutes!): # (cd $GIT_DIR && git submodule update --init --recursive &>/dev/null) @@ -342,25 +362,18 @@ bundle2local #!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -# REBASE frombundle patches USING COMMIT_IDS_BY_SUBMODULE, ALSO USING OLD ID'S STORED IN OLD BUNDLE +# REBASE $GIT_BRANCH's on latest COMMIT_IDS_FROM_SUBMODULE_PATH, after reseting branch to frombundle branch #!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -mkdir -p $BUNDLE_DIR -tar xJf bundles.tar.xz -C $BUNDLE_DIR -# Now go through all the submodule local repos that are present and create a bundle file for the patches found there for (( i=0; i <$REPO_COUNT; i++ )); do if [[ -e $(readlink -f ${LOCAL_REPO_MAP[$i]}) ]]; then if $(git -C ${LOCAL_REPO_MAP[$i]} branch | grep -F "frombundle" >/dev/null); then SUBDIR=${PATCH_PATH_MAP[$i]} - GITREPO_COMMIT_ISH=($BUNDLE_DIR/$SUBDIR*.id) - if [[ $GITREPO_COMMIT_ISH =~ .*(.{40})[.]id ]]; then - GITREPO_COMMIT_ISH=${BASH_REMATCH[1]} - fi git -C ${LOCAL_REPO_MAP[$i]} checkout -B $GIT_BRANCH frombundle if [[ "$SUBDIR" = "" ]]; then SUBDIR=SUPERPROJECT fi - if ! $(git -C ${LOCAL_REPO_MAP[$i]} rebase $GITREPO_COMMIT_ISH >/dev/null); then + if ! $(git -C ${LOCAL_REPO_MAP[$i]} rebase ${COMMIT_IDS_BY_SUBMODULE_PATH[$SUBDIR]} >/dev/null); then echo "Rebase of ${LOCAL_REPO_MAP[$i]}, branch $GIT_BRANCH needs manual help" REBASE_FAILS="${LOCAL_REPO_MAP[$i]} $REBASE_FAILS" fi @@ -665,17 +678,22 @@ fi done elif [ "$line" = "PATCH_EXEC" ]; then + unset PREV_S for i in [0-9][0-9][0-9][0-9]*-*.patch; do S=$(grep "^Include-If: " $i) || true NUM=${i%%-*} - if [ "$S" != "" ]; then - echo "${S:12}" - echo "%patch$NUM -p1" + if [ "$PREV_S" != "" -a "$PREV_S" != "$S" ]; then echo "%endif" - else - echo "%patch$NUM -p1" fi + if [ "$S" != "" -a "$S" != "$PREV_S" ]; then + echo "${S:12}" + fi + echo "%patch$NUM -p1" + PREV_S=$S done + if [ "$PREV_S" != "" ]; then + echo "%endif" + fi elif [ "$line" = "INSERT_VERSIONING" ]; then echo "%define qemuver $QEMU_VERSION$VERSION_EXTRA" echo "%define srcver $SOURCE_VERSION$VERSION_EXTRA" @@ -733,12 +751,13 @@ rm -rf $CMP_DIR rm -rf checkdir -osc service localrun format_spec_file -# First, make the results of the older format_spec_file look like what I believe is the intended output -# And then change THE POSSIBLY BROKEN OUTPUT from the new format_spec_file look like what I -# believe is the intended output -sed -i 's/^# spec file for package qemu$/# spec file for package qemu%{name_suffix}/g' qemu.spec -sed -i 's/^# spec file for package qemu-linux-user$/# spec file for package qemu%{name_suffix}/g' qemu.spec +osc service localrun format_spec_file || true +# Repair what I feel is incorrect modification of the package name in the header. +# Be aware that when checking into build service you should use --noservice, since we've +# already run this and --noservice will prevent the modification from happening at checkin +# time. +sed -i 's/^# spec file for package qemu%{name_suffix}$/# spec file for package qemu/g' qemu.spec +sed -i 's/^# spec file for package qemu-linux-user$/# spec file for package qemu/g' qemu.spec } #============================================================================== @@ -796,14 +815,13 @@ if [[ $REPLY =~ ^[Yy]$ ]]; then echo "Got an affirmative answer, proceeding..." setup_common_vars - # TODO: The following doesn't really do what we need (we adjust later) FIX!!! - # git clone --depth 1 -b $GIT_BRANCH --single-branch $PACKAGE_MAIN_GIT_REPO ${LOCAL_REPO_MAP[0]} git -c init.defaultBranch=$GIT_BRANCH init ${LOCAL_REPO_MAP[0]} git -C ${LOCAL_REPO_MAP[0]} remote add origin $PACKAGE_MAIN_GIT_REPO &>/dev/null git -C ${LOCAL_REPO_MAP[0]} fetch origin +refs/tags/initial:refs/tags/initial --no-tags - git -C ${LOCAL_REPO_MAP[0]} reset --hard initial + git -C ${LOCAL_REPO_MAP[0]} reset --hard --recurse-submodules initial +#TODO: The next is not actually used - get rid of when we decide for sure it won't get used GIT_UPSTREAM_COMMIT=$(git -C ${LOCAL_REPO_MAP[0]} ls-remote origin |grep -F "$GIT_UPSTREAM_COMMIT_ISH^{}"|awk '{print $1}') - # Here we use *COMMIT_ISH, not *_COMMIT - is that an issue? +# Here we've changed to use *COMMIT_ISH, not *_COMMIT - is that an issue? git -C ${LOCAL_REPO_MAP[0]} fetch --depth=1 origin +refs/tags/$GIT_UPSTREAM_COMMIT_ISH:refs/tags/$GIT_UPSTREAM_COMMIT_ISH --no-tags git -C ${LOCAL_REPO_MAP[0]} remote add upstream $UPSTREAM_GIT_REPO &>/dev/null bundle2local @@ -826,10 +844,8 @@ fi exit fi -# There are some req's on needing a recent git, and a recent osc (double chk the osc part - I guess it's related to the osc service ) - -# get the current state of the git superproject -# TODO: This sends output to stdout which we don't want to see +# TODO: Perhaps useful: get the current state of the git superproject +# The following sends output to stdout which we don't want to see #git -C ${LOCAL_REPO_MAP[0]} status --untracked-files=no --branch --porcelain=2 \ # | awk '{print "var"NR"="$3}' # $var1 is the current commit @@ -837,11 +853,16 @@ # $var3 is the current upstream branch (if set), as in eg 'origin/opensuse-5.0' # $var4 is not of use to us +if [ "$GIT_UPSTREAM_COMMIT_ISH" != "LATEST" ]; then + if [ ! "$GIT_UPSTREAM_COMMIT_ISH" = "v$OLD_SOURCE_VERSION_AND_EXTRA" ]; then + echo "Tarball name (which we decode) doesn't correspond to the \$GIT_UPSTREAM_COMMIT_ISH in config.sh" + exit + fi + setup_common_vars +fi # TODO: What checks should be different between LATEST and non-LATEST? -# If we don't actually patch from the submodule repo, we shouldn't care about what's in the local one -# Does non-LATEST really require master? (indeed - get rid of use or need of master as much as possible) -echo "WARNING: Script using local git repos. Some operations may be time consuming..." -# TODO: Most of these checks are not necessary +echo "ALERT: Script using local git repos. Some operations may be time consuming..." +# TODO: Some of these checks are perhaps not necessary for (( i=0; i <$REPO_COUNT; i++ )); do if [[ -e $(readlink -f ${LOCAL_REPO_MAP[$i]}) ]]; then if [[ -e ${LOCAL_REPO_MAP[$i]}/.git/shallow ]]; then @@ -853,7 +874,7 @@ echo "ERROR! Rebase appears to be in progress in ${LOCAL_REPO_MAP[$i]}. Please resolve" exit fi - # !! Does this presume the branch as indicated in config is the current branch? (I believe that's been my modus operandi to date, so perhaps THAT should be enforced at this point?) + # TODO: We've not even verified what branch we're on here - so this is a bit misguided! if ! git -C ${LOCAL_REPO_MAP[$i]} submodule update --init --recursive &> /dev/null; then echo "Please clean up state of local repo ${LOCAL_REPO_MAP[$i]} before using script" echo "(ensure git submodule update --init --recursive is successful)" @@ -864,15 +885,34 @@ echo "(ensure git status --porcelain produces no output)" exit fi - if ! git -C ${LOCAL_REPO_MAP[$i]} checkout $GIT_BRANCH --recurse-submodules -f &> /dev/null; then - echo "Please clean up state of local repo ${LOCAL_REPO_MAP[$i]} before using script" - echo "(cannot check out $GIT_BRANCH, incl. it's submodules)" - exit + # TODO: See about doing the following better (also see what needs to happen for LATEST) + if [ "$GIT_UPSTREAM_COMMIT_ISH" != "LATEST" ]; then + if $(git -C ${LOCAL_REPO_MAP[$i]} branch --remote | grep -F "origin/$GIT_BRANCH" >/dev/null); then + if ! $(git -C ${LOCAL_REPO_MAP[$i]} branch | grep -F "$GIT_BRANCH" >/dev/null); then + echo "Please clean up state of local repo ${LOCAL_REPO_MAP[$i]} before using script" + echo "(cannot find branch $GIT_BRANCH, please create a tracking branch of remote origin/$GIT_BRANCH)" + exit + fi + if ! git -C ${LOCAL_REPO_MAP[$i]} checkout $GIT_BRANCH --recurse-submodules -f &> /dev/null; then + echo "Please clean up state of local repo ${LOCAL_REPO_MAP[$i]} before using script" + echo "(cannot check out $GIT_BRANCH, incl. it's submodules)" + exit + fi + fi + fi + # The following is unfortunately needed due to an improper removal of roms/openhackware + # in the qemu v5.0.0 timeframe. After checking out a new $GIT_BRANCH, check for + # whether commit b2ce76a0730e48e60633a698cd876d55917ac9bc is in ancestry and + # if so, make sure that roms/openhackware is gone, so we have a clean local repo dir + if [[ "$i" = "0" ]]; then + if $(git -C ${LOCAL_REPO_MAP[$i]} merge-base --is-ancestor b2ce76a0730e48e60633a698cd876d55917ac9bc HEAD); then + (cd ${LOCAL_REPO_MAP[$i]} && rm -rf roms/openhackware/ >/dev/null) + fi fi # This does additional setup now that we've possibly grabbed additional submodules if ! git -C ${LOCAL_REPO_MAP[$i]} submodule update --init --recursive &> /dev/null; then echo "Please clean up state of local repo ${LOCAL_REPO_MAP[$i]} before using script" - echo "(cannot init and update $GIT_BRANCH branch submodules)" + echo "(cannot init and update current branch submodules)" exit fi if [ "$(git -C ${LOCAL_REPO_MAP[$i]} status --porcelain)" ]; then @@ -950,12 +990,7 @@ echo "SUCCESS" tail -9 /tmp/latest.log else # not LATEST - if [ ! "$GIT_UPSTREAM_COMMIT_ISH" = "v$OLD_SOURCE_VERSION_AND_EXTRA" ]; then - echo "Tarball name (which we decode) doesn't correspond to the \$GIT_UPSTREAM_COMMIT_ISH in config.sh" - exit - fi - git -C ${LOCAL_REPO_MAP[0]} checkout $GIT_UPSTREAM_COMMIT_ISH --recurse-submodules -f &> /dev/null - setup_common_vars +#NOTNEEDED? git -C ${LOCAL_REPO_MAP[0]} checkout $GIT_UPSTREAM_COMMIT_ISH --recurse-submodules -f &> /dev/null NEW_COMMIT_ISH= WRITE_LOG=1 case $1 in ++++++ vfio-ccw-Connect-the-device-request-noti.patch ++++++ From: Eric Farman <[email protected]> Date: Mon, 4 Jan 2021 21:20:57 +0100 Subject: vfio-ccw: Connect the device request notifier Git-commit: b2f96f9e4f5fbc8f2770a436191cb328da4d5350 References: 1183634 Now that the vfio-ccw code has a notifier interface to request that a device be unplugged, let's wire that together. Signed-off-by: Eric Farman <[email protected]> Reviewed-by: Cornelia Huck <[email protected]> Message-Id: <[email protected]> Signed-off-by: Cornelia Huck <[email protected]> Signed-off-by: Bruce Rogers <[email protected]> --- hw/vfio/ccw.c | 40 ++++++++++++++++++++++++++++++++++++---- 1 file changed, 36 insertions(+), 4 deletions(-) diff --git a/hw/vfio/ccw.c b/hw/vfio/ccw.c index d2755d7fc5cace038ca7e4f87822..bc78a0ad7638c329bbc06a69a432 100644 --- a/hw/vfio/ccw.c +++ b/hw/vfio/ccw.c @@ -49,6 +49,7 @@ struct VFIOCCWDevice { struct ccw_crw_region *crw_region; EventNotifier io_notifier; EventNotifier crw_notifier; + EventNotifier req_notifier; bool force_orb_pfch; bool warned_orb_pfch; }; @@ -287,6 +288,21 @@ static void vfio_ccw_crw_read(VFIOCCWDevice *vcdev) } while (1); } +static void vfio_ccw_req_notifier_handler(void *opaque) +{ + VFIOCCWDevice *vcdev = opaque; + Error *err = NULL; + + if (!event_notifier_test_and_clear(&vcdev->req_notifier)) { + return; + } + + qdev_unplug(DEVICE(vcdev), &err); + if (err) { + warn_reportf_err(err, VFIO_MSG_PREFIX, vcdev->vdev.name); + } +} + static void vfio_ccw_crw_notifier_handler(void *opaque) { VFIOCCWDevice *vcdev = opaque; @@ -386,6 +402,10 @@ static void vfio_ccw_register_irq_notifier(VFIOCCWDevice *vcdev, notifier = &vcdev->crw_notifier; fd_read = vfio_ccw_crw_notifier_handler; break; + case VFIO_CCW_REQ_IRQ_INDEX: + notifier = &vcdev->req_notifier; + fd_read = vfio_ccw_req_notifier_handler; + break; default: error_setg(errp, "vfio: Unsupported device irq(%d)", irq); return; @@ -440,6 +460,9 @@ static void vfio_ccw_unregister_irq_notifier(VFIOCCWDevice *vcdev, case VFIO_CCW_CRW_IRQ_INDEX: notifier = &vcdev->crw_notifier; break; + case VFIO_CCW_REQ_IRQ_INDEX: + notifier = &vcdev->req_notifier; + break; default: error_report("vfio: Unsupported device irq(%d)", irq); return; @@ -661,20 +684,28 @@ static void vfio_ccw_realize(DeviceState *dev, Error **errp) vfio_ccw_register_irq_notifier(vcdev, VFIO_CCW_IO_IRQ_INDEX, &err); if (err) { - goto out_notifier_err; + goto out_io_notifier_err; } if (vcdev->crw_region) { vfio_ccw_register_irq_notifier(vcdev, VFIO_CCW_CRW_IRQ_INDEX, &err); if (err) { - vfio_ccw_unregister_irq_notifier(vcdev, VFIO_CCW_IO_IRQ_INDEX); - goto out_notifier_err; + goto out_crw_notifier_err; } } + vfio_ccw_register_irq_notifier(vcdev, VFIO_CCW_REQ_IRQ_INDEX, &err); + if (err) { + goto out_req_notifier_err; + } + return; -out_notifier_err: +out_req_notifier_err: + vfio_ccw_unregister_irq_notifier(vcdev, VFIO_CCW_CRW_IRQ_INDEX); +out_crw_notifier_err: + vfio_ccw_unregister_irq_notifier(vcdev, VFIO_CCW_IO_IRQ_INDEX); +out_io_notifier_err: vfio_ccw_put_region(vcdev); out_region_err: vfio_ccw_put_device(vcdev); @@ -696,6 +727,7 @@ static void vfio_ccw_unrealize(DeviceState *dev) S390CCWDeviceClass *cdc = S390_CCW_DEVICE_GET_CLASS(cdev); VFIOGroup *group = vcdev->vdev.group; + vfio_ccw_unregister_irq_notifier(vcdev, VFIO_CCW_REQ_IRQ_INDEX); vfio_ccw_unregister_irq_notifier(vcdev, VFIO_CCW_CRW_IRQ_INDEX); vfio_ccw_unregister_irq_notifier(vcdev, VFIO_CCW_IO_IRQ_INDEX); vfio_ccw_put_region(vcdev); ++++++ vhost-user-blk-fix-blkcfg-num_queues-end.patch ++++++ From: Stefan Hajnoczi <[email protected]> Date: Tue, 23 Feb 2021 14:46:42 +0000 Subject: vhost-user-blk: fix blkcfg->num_queues endianness Git-commit: 535255b43898d2e96744057eb86f8497d4d7a461 Treat the num_queues field as virtio-endian. On big-endian hosts the vhost-user-blk num_queues field was in the wrong endianness. Move the blkcfg.num_queues store operation from realize to vhost_user_blk_update_config() so feature negotiation has finished and we know the endianness of the device. VIRTIO 1.0 devices are little-endian, but in case someone wants to use legacy VIRTIO we support all endianness cases. Cc: [email protected] Signed-off-by: Stefan Hajnoczi <[email protected]> Reviewed-by: Raphael Norwitz <[email protected]> Reviewed-by: Michael S. Tsirkin <[email protected]> Message-Id: <[email protected]> Signed-off-by: Kevin Wolf <[email protected]> Signed-off-by: Bruce Rogers <[email protected]> --- hw/block/vhost-user-blk.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/hw/block/vhost-user-blk.c b/hw/block/vhost-user-blk.c index 2dd3d93ca02f077b9fe8aaaa4d14..d9d9dc8a890d9d24b772c029e57f 100644 --- a/hw/block/vhost-user-blk.c +++ b/hw/block/vhost-user-blk.c @@ -53,6 +53,9 @@ static void vhost_user_blk_update_config(VirtIODevice *vdev, uint8_t *config) { VHostUserBlk *s = VHOST_USER_BLK(vdev); + /* Our num_queues overrides the device backend */ + virtio_stw_p(vdev, &s->blkcfg.num_queues, s->num_queues); + memcpy(config, &s->blkcfg, sizeof(struct virtio_blk_config)); } @@ -490,10 +493,6 @@ reconnect: goto reconnect; } - if (s->blkcfg.num_queues != s->num_queues) { - s->blkcfg.num_queues = s->num_queues; - } - return; virtio_err:
