Re: [Qemu-devel] [PATCH 2/2] hw/arm/virt: no ITS on older machine types

[Auger Eric]

Hi Peter,

On 20/01/2017 16:52, Peter Maydell wrote:
> On 10 October 2016 at 17:35, Andrew Jones  wrote:
>> We should avoid exposing new hardware (through DT and ACPI) on older
>> machine types. This patch keeps 2.7 and older from changing, despite
>> the introduction of ITS support for 2.8.
>>
>> Signed-off-by: Andrew Jones 
>> ---
>>
>> As Eduardo pointed out long ago for a different reason, we should
>> probably replace VirtGuestInfo with direct use of VirtMachineClass,
>> like x86 has done to replace PcGuestInfo with direct use of
>> PCMachineClass. I'll work on that, but wanted to get this ITS
>> fixup in sooner than later, so I'm posting this patch now, which
>> requires 'no_its' to be duplicated.
> 
> So this patch added a no_its flag which gets set for virt-2.7
> and earlier, but there's no user-facing way to say "I'd like
> a virt-2.8 board with no ITS", right? That's a bit unfortunate
> because the ITS can't be migrated, which means there's no way
> to ask for a post-2.7 virt board which can be migrated...

Sorry for the delay.

For 2.9 machine I can add a new property that would allow the user to
deselect the ITS. Would that make sense?

Thanks

Eric


> thanks
> -- PMM
> 

[Qemu-devel] [PATCH v3 0/3] linux-user: some patches for hppa

[Laurent Vivier]

This short series enables hppa in qemu-binfmt-conf.sh, and fixes
a bug in the netlink functions that has been found by Adrian Glaubitz
while he was testing a debian chroot with qemu-hppa. I think the problem
doesn't appear on other architectures I have tested as they should use
NR_socketcall syscall instead of NR_socket syscall.

v3:
fix UNAME_MACHINE instead of cpu_to_uname_machine()

v2:
added the hppa UTS machine name fix
added R-b and T-b

Laurent Vivier (3):
  linux-user: add hppa magic numbers in qemu-binfmt-conf.sh
  linux-user: fix "apt-get update" on linux-user hppa
  linux-user: define correct UTS machine name for hppa

 linux-user/hppa/target_syscall.h | 2 +-
 linux-user/syscall.c | 1 -
 scripts/qemu-binfmt-conf.sh  | 9 +++--
 3 files changed, 8 insertions(+), 4 deletions(-)

-- 
2.9.3

[Qemu-devel] [PATCH v3 1/3] linux-user: add hppa magic numbers in qemu-binfmt-conf.sh

[Laurent Vivier]

As we have now a linux-user HPPA target, we can add it to the list of
supported targets in qemu-binfmt-conf.sh

Signed-off-by: Laurent Vivier 
Reviewed-by: Richard Henderson 
---
 scripts/qemu-binfmt-conf.sh | 9 +++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/scripts/qemu-binfmt-conf.sh b/scripts/qemu-binfmt-conf.sh
index de4d1c1..0f1aa63 100755
--- a/scripts/qemu-binfmt-conf.sh
+++ b/scripts/qemu-binfmt-conf.sh
@@ -1,9 +1,10 @@
 #!/bin/sh
-# enable automatic i386/ARM/M68K/MIPS/SPARC/PPC/s390 program execution by the 
kernel
+# enable automatic i386/ARM/M68K/MIPS/SPARC/PPC/s390/HPPA
+# program execution by the kernel
 
 qemu_target_list="i386 i486 alpha arm sparc32plus ppc ppc64 ppc64le m68k \
 mips mipsel mipsn32 mipsn32el mips64 mips64el \
-sh4 sh4eb s390x aarch64"
+sh4 sh4eb s390x aarch64 hppa"
 
 
i386_magic='\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x03\x00'
 
i386_mask='\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
@@ -91,6 +92,10 @@ 
aarch64_magic='\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x
 
aarch64_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
 aarch64_family=arm
 
+hppa_magic='\x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x0f'
+hppa_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
+hppa_family=hppa
+
 qemu_get_family() {
 cpu=${HOST_ARCH:-$(uname -m)}
 case "$cpu" in
-- 
2.9.3

[Qemu-devel] [Bug 1254828] Re: qemu-sparc64-static: Segmentation Fault during debootstrap second stage

[Thomas Huth]

This sounds like a distribution specific bug to me, so moving the bug to
QEMU-Ubuntu.

** Project changed: qemu => qemu (Ubuntu)

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1254828

Title:
  qemu-sparc64-static: Segmentation Fault during debootstrap second
  stage

Status in Linaro QEMU:
  New
Status in qemu package in Ubuntu:
  New
Status in qemu-linaro package in Ubuntu:
  New

Bug description:
  Host: Ubuntu Precise amd64
  Guest: Debian Sid (ports) sparc64

  When attempting the second stage of a debootstrap for a sparc64 Debian
  Sid guest, a segmentation fault occurs.

  $ sudo qemu-debootstrap --no-check-gpg --arch=sparc64 sid sparc64 
http://ftp.debian-ports.org/debian
  I: Running command: debootstrap --arch sparc64 --foreign --no-check-gpg sid 
sparc64 http://ftp.debian-ports.org/debian
  [...]
  I: Running command: chroot sparc64 /debootstrap/debootstrap --second-stage
  /debootstrap/debootstrap: 22: .: Can't open /usr/share/debootstrap/functions
  Segmentation fault (core dumped)

  Running a simple "sudo chroot sparc64" exits silently on amd64, and
  reports a segfault on i386.

  ProblemType: Bug
  DistroRelease: Ubuntu 12.04
  Package: qemu-user-static 1.0.50-2012.03-0ubuntu2.1
  ProcVersionSignature: Ubuntu 3.8.0-33.48~precise1-generic 3.8.13.11
  Uname: Linux 3.8.0-33-generic x86_64
  NonfreeKernelModules: wl
  ApportVersion: 2.0.1-0ubuntu17.6
  Architecture: amd64
  Date: Mon Nov 25 17:49:34 2013
  Dependencies:
   
  InstallationMedia: Ubuntu 12.04.3 LTS "Precise Pangolin" - Release amd64 
(20130820.1)
  MarkForUpload: True
  ProcEnviron:
   LANGUAGE=en_GB:en
   TERM=xterm
   PATH=(custom, no user)
   LANG=en_GB.UTF-8
   SHELL=/bin/bash
  SourcePackage: qemu-linaro
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu-linaro/+bug/1254828/+subscriptions

[Qemu-devel] [Bug 1261320] Re: Virtual Disk with over 16TB

[Thomas Huth]

** Changed in: qemu
   Status: New => Won't Fix

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1261320

Title:
  Virtual Disk with over 16TB

Status in QEMU:
  Won't Fix

Bug description:
  Hi,

  is there a option to create a disk for a vm with a size over 16TB.

  the problem that after the diskfile reach 16TB, the disk get a state of 
read-only at this limit.
  I know, that 16TB file size is max, is there a option to create the disk in 
mutliple files?
  we want to use 22 TB. in the VM 

  To attach a partition directly to the vm, is not what we want to do.

  best regards

  Chris

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1261320/+subscriptions

[Qemu-devel] [PATCH v3 2/3] linux-user: fix "apt-get update" on linux-user hppa

[Laurent Vivier]

apt-get was hanging on linux-user hppa.

strace has shown the netlink data stream was not correctly byte swapped.

It appears the fd translator function is unregistered just after it
has been registered, so the translator function is not called.

This patch removes the fd_trans_unregister() after the do_socket()
in the TARGET_NR_socket case.

This fd_trans_unregister() was added by commit
e36800c linux-user: add signalfd/signalfd4 syscalls
when do_socket() was not registering any fd translator.
And as now it is, we must remove this fd_trans_unregister() to keep them.

Reported-by: John Paul Adrian Glaubitz 
Signed-off-by: Laurent Vivier 
Tested-by: John Paul Adrian Glaubitz 
---
 linux-user/syscall.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 11a311f..9be8e95 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -9343,7 +9343,6 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
 #ifdef TARGET_NR_socket
 case TARGET_NR_socket:
 ret = do_socket(arg1, arg2, arg3);
-fd_trans_unregister(ret);
 break;
 #endif
 #ifdef TARGET_NR_socketpair
-- 
2.9.3

[Qemu-devel] [PATCH v3 3/3] linux-user: define correct UTS machine name for hppa

[Laurent Vivier]

the correct UTS machine name (as expected by systemd) is "parisc",
not "hppa".

Signed-off-by: Laurent Vivier 
---
 linux-user/hppa/target_syscall.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/linux-user/hppa/target_syscall.h b/linux-user/hppa/target_syscall.h
index ac18a9c..e2f3668 100644
--- a/linux-user/hppa/target_syscall.h
+++ b/linux-user/hppa/target_syscall.h
@@ -19,7 +19,7 @@ struct target_pt_regs {
 target_ulong ipsw;
 };
 
-#define UNAME_MACHINE "hppa"
+#define UNAME_MACHINE "parisc"
 #define UNAME_MINIMUM_RELEASE "2.6.32"
 #define TARGET_CLONE_BACKWARDS
 #define TARGET_MINSIGSTKSZ   2048
-- 
2.9.3

[Qemu-devel] [Bug 1257352] Re: kvm hangs occasionally when switching out of the qemu console

[Thomas Huth]

Can you still reproduce this issue with the latest version of QEMU, or
could we close this ticket nowadays?

** Changed in: qemu
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1257352

Title:
  kvm hangs occasionally when switching out of the qemu console

Status in QEMU:
  Incomplete
Status in qemu package in Ubuntu:
  Confirmed

Bug description:
  To recreate (although this does *NOT* fail most of the time alas):

  1) press "ctrl-alt-2" to switch to the qemu console.
  2) type say "sendkey ctrl-alt-f1"
  3) press "ctrl-alt-1".

  Expected outcome: Switch to tty1 in the VM.

  Actual outcome: No switch to tty1 in the VM. and qemu console
  unresponsive to any keyboard input.

  
  Rather a vague problem description I'm afraid but this has happened to me 3 
times recently. No crash and no excessive CPU is observed.

  I'll grab an strace when it happens again and attach...

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: qemu-system-x86 1.6.0+dfsg-2ubuntu4
  ProcVersionSignature: Ubuntu 3.12.0-4.12-generic 3.12.1
  Uname: Linux 3.12.0-4-generic i686
  NonfreeKernelModules: nvidia
  ApportVersion: 2.12.7-0ubuntu1
  Architecture: i386
  CurrentDesktop: Unity
  Date: Tue Dec  3 15:41:40 2013
  InstallationDate: Installed on 2010-10-21 (1139 days ago)
  InstallationMedia: Ubuntu 10.10 "Maverick Meerkat" - Release i386 (20101007)
  SourcePackage: qemu
  UpgradeStatus: Upgraded to trusty on 2013-11-01 (31 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1257352/+subscriptions

[Qemu-devel] [Bug 1261450] Re: libvirtd reload and hooks problem routed-net

[Thomas Huth]

Closing, since this is not a QEMU bug.

** Changed in: qemu
   Status: New => Invalid

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1261450

Title:
  libvirtd reload and hooks problem routed-net

Status in QEMU:
  Invalid

Bug description:
  if we do a reload of libvirt, some iptables rules, which are created through 
/etc/libvirt/hooks/qemu are not working anymore.
  Every time a other (one or two,thee) vm is affected. 

  
  our qemu file:

  #!/bin/bash

  
  do_net() {
  local status=$2
  local ip=$3
  local in=$4
  local out=$5

  if [[ ! $status || ! $ip || ! $in || ! $out ]]; then
  echo "Not all parameters were passed!"
  exit 1
  fi

  if [ "$status" = "stopped" -o "$status" = "reconnect" ]; then
  ip route del $ip via 191.255.255.1 dev $out
  ip neigh del proxy $ip dev $in
  iptables -D FORWARD -i $in -o $out -s 0.0.0.0/0 -d $ip/32 -j 
ACCEPT
  iptables -D FORWARD -i $out -o $in -s $ip/32 -d 0.0.0.0/0 -j 
ACCEPT
  fi

  if [ "$status" = "start" -o "$status" = "reconnect" ]; then
  ip route add $ip via 191.255.255.1 dev $out
  ip neigh add proxy $ip dev $in
  iptables -I FORWARD 4 -i $in -o $out -s 0.0.0.0/0 -d $ip/32 
-j ACCEPT
  iptables -I FORWARD 4 -i $out -o $in -s $ip/32 -d 0.0.0.0/0 
-j ACCEPT
  fi
  }

  CONF=//etc/libvirt/hooks/vms/*
  for file in $CONF
  do
  guest_ipaddr=""
  guest_name=""
  type=""
  destination="0.0.0.0/0"

while read line;do
  eval $line
done < $file
  guest_ipaddrnet=$guest_ipaddr"/32"
for dest in ${destination}
do
  if [ "${1}" = "${guest_name}" ]; then
  echo "SRC-IP="$guest_ipaddr " " $guest_ipaddrnet " 
VM="$guest_name " Dest="$dest
  if [ "${2}" = "stopped" ]; then
  ip route del $guest_ipaddr via 
191.255.255.1 dev virbr1
 ip neigh del proxy $guest_ipaddr dev 
bond0
 iptables -D FORWARD -i bond0 -o virbr1 -s 
$dest -d $guest_ipaddrnet -j ACCEPT
 iptables -D FORWARD -i virbr1 -o bond0 -s 
$guest_ipaddrnet -d $dest -j ACCEPT
  fi
  if [ "${2}" = "start" ]; then
   ip route add $guest_ipaddr via 191.255.255.1 
dev virbr1
   ip neigh add proxy $guest_ipaddr dev bond0
   iptables -I FORWARD 4 -i bond0 -o virbr1 -s 
$dest -d $guest_ipaddrnet -j ACCEPT
   iptables -I FORWARD 4 -i virbr1 -o bond0 -s 
$guest_ipaddrnet -d $dest -j ACCEPT
  fi
  if [ "${2}" = "reconnect" ]; then
 ip route del $guest_ipaddr via 
191.255.255.1 dev virbr1
 ip neigh del proxy $guest_ipaddr dev 
bond0
 iptables -D FORWARD -i bond0 -o virbr1 -s 
$dest -d $guest_ipaddrnet -j ACCEPT
 iptables -D FORWARD -i virbr1 -o bond0 -s 
$guest_ipaddrnet -d $dest -j ACCEPT
 sleep 1
   ip route add $guest_ipaddr via 191.255.255.1 
dev virbr1
   ip neigh add proxy $guest_ipaddr dev bond0
 iptables -I FORWARD 4 -i bond0 -o virbr1 -s 
$dest -d $guest_ipaddrnet -j ACCEPT
 iptables -I FORWARD 4 -i virbr1 -o bond0 -s 
$guest_ipaddrnet -d $dest -j ACCEPT
  fi
  fi
  done
  done

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1261450/+subscriptions

[Qemu-devel] need help

[oussema ben khedher]

hello 

im an engineer student and im working in my educational project implementation 
of hardware tinstructions trace in qemu 

i don't know where i can implement it in qemu 

thanks 

Re: [Qemu-devel] [PATCH v3 0/3] linux-user: some patches for hppa

[no-reply]

Hi,

Your series seems to have some coding style problems. See output below for
more information:

Type: series
Subject: [Qemu-devel] [PATCH v3 0/3] linux-user: some patches for hppa
Message-id: 20170126080449.28255-1-laur...@vivier.eu

=== TEST SCRIPT BEGIN ===
#!/bin/bash

BASE=base
n=1
total=$(git log --oneline $BASE.. | wc -l)
failed=0

# Useful git options
git config --local diff.renamelimit 0
git config --local diff.renames True

commits="$(git log --format=%H --reverse $BASE..)"
for c in $commits; do
echo "Checking PATCH $n/$total: $(git log -n 1 --format=%s $c)..."
if ! git show $c --format=email | ./scripts/checkpatch.pl --mailback -; then
failed=1
echo
fi
n=$((n+1))
done

exit $failed
=== TEST SCRIPT END ===

Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
From https://github.com/patchew-project/qemu
 * [new tag] patchew/20170126080449.28255-1-laur...@vivier.eu -> 
patchew/20170126080449.28255-1-laur...@vivier.eu
Switched to a new branch 'test'
c3c9013 linux-user: define correct UTS machine name for hppa
7b0be21 linux-user: fix "apt-get update" on linux-user hppa
ab50177 linux-user: add hppa magic numbers in qemu-binfmt-conf.sh

=== OUTPUT BEGIN ===
Checking PATCH 1/3: linux-user: add hppa magic numbers in qemu-binfmt-conf.sh...
ERROR: line over 90 characters
#34: FILE: scripts/qemu-binfmt-conf.sh:95:
+hppa_magic='\x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x0f'

ERROR: line over 90 characters
#35: FILE: scripts/qemu-binfmt-conf.sh:96:
+hppa_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'

total: 2 errors, 0 warnings, 22 lines checked

Your patch has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.

Checking PATCH 2/3: linux-user: fix "apt-get update" on linux-user hppa...
Checking PATCH 3/3: linux-user: define correct UTS machine name for hppa...
=== OUTPUT END ===

Test command exited with code: 1


---
Email generated automatically by Patchew [http://patchew.org/].
Please send your feedback to patchew-de...@freelists.org

Re: [Qemu-devel] [PATCH v3] hw/usb/dev-hid: Improve guest compatibility of usb-tablet

[Gerd Hoffmann]

On Mi, 2017-01-25 at 18:36 +0100, Phil Dennis-Jordan wrote:
> On 25 January 2017 at 18:27,   wrote:
> > Your series seems to have some coding style problems. See output below for
> > more information:
> >
> > Type: series
> > Subject: [Qemu-devel] [PATCH v3] hw/usb/dev-hid: Improve guest 
> > compatibility of usb-tablet
> > Message-id: 1485365075-32702-1-git-send-email-p...@philjordan.eu
> >
> > === OUTPUT BEGIN ===
> > Checking PATCH 1/1: hw/usb/dev-hid: Improve guest compatibility of 
> > usb-tablet...
> > ERROR: code indent should never use tabs
> > #43: FILE: hw/usb/dev-hid.c:490:
> > +0x09, 0x02,^I^I/* Usage (Mouse) */$
> 
> Interestingly, the surrounding array initialisation already uses tabs,
> so replacing them with spaces on only the line I edited seems wrong as
> it'll mis-render in editors configured with a different tab width.
> Please let me know if I need to take action on this issue, and if so
> what to do. (I can add a whitespace-only patch to fix the surrounding
> area, for example. Coding guidelines suggest this might not be
> desirable though.)

I'll happily take the patch as-is.

thanks,
  Gerd

Re: [Qemu-devel] [PATCH v4 1/9] ACPI: Add a function for building named qword entries

[Laszlo Ersek]

On 01/26/17 06:35, Ben Warren wrote:
> 
>> On Jan 25, 2017, at 4:48 PM, Laszlo Ersek > > wrote:
>>
>> On 01/25/17 19:35, Michael S. Tsirkin wrote:
>>> On Wed, Jan 25, 2017 at 09:36:52AM -0800, Ben Warren wrote:
 Hi Laszlo,


On Jan 24, 2017, at 7:55 PM, Laszlo Ersek >>> > wrote:

Hi Ben,

sorry about being late to reviewing this series. I hope I can now
 spend
more time on it.

- Please do not try to address my comments immediately. It's very
possible (even likely) that Igor, MST and myself could have different
opinions on things, so first please await agreement between your
 reviewers.


 Thanks for the very detailed review.  I’ll give it a couple of days
 and then
 start work on the suggested changes.


- I think you should have CC'd Igor and Michael directly. I'm adding
them to this reply; hopefully that will be enough for them to monitor
this series.

- I'll likely be unable to review everything with 100% coverage; so
addressing (or sufficiently refuting) my comments might not guarantee
that the next version will be merged at once.

With all that said:

On 01/25/17 02:43, b...@skyportsystems.com
  wrote:

From: Ben Warren >>> >

This is initially used to patch a 64-bit address into the VM
 Generation
ID SSDT


(1) I think this commit message line is overlong; I think we wrap
 at 74
chars or so. Not critical, but worth mentioning.



Signed-off-by: Ben Warren >>> >
---
hw/acpi/aml-build.c | 28 
include/hw/acpi/aml-build.h |  4 
2 files changed, 32 insertions(+)

diff --git a/hw/acpi/aml-build.c b/hw/acpi/aml-build.c
index b2a1e40..dc4edc2 100644
--- a/hw/acpi/aml-build.c
+++ b/hw/acpi/aml-build.c
@@ -285,6 +285,34 @@ build_append_named_dword(GArray *array,
 const char
*name_format, ...)
return offset;
}

+/*
+ * Build NAME(, 0x) where 0x is encoded as a
qword,
+ * and return the offset to 0x for runtime patching.
+ *
+ * Warning: runtime patching is best avoided. Only use this as
+ * a replacement for DataTableRegion (for guests that don't
+ * support it).
+ */
>>>
>>> only one comment: QWords first appeared in ACPI 2.0 and
>>> XP does not like them. Not strictly a blocker as people can
>>> avoid using the feature, but nice to have.
>>
>> Does XP have a driver for VMGENID?
>>
>> If not, then I'd prefer to stick with the qword VGIA.
>>
>>> Will either UEFI or seabios allocate
>>> memory outside 4G range? If not you do not need a qword.
>>
>> Good point (assuming XP has a driver for VMGENID).
>>
>> OVMF keeps all such allocations (i.e., for COMMAND_ALLOCATE and the
>> upcoming COMMAND_ALLOCATE_RETURN_ADDR) under 4GB, so as far as OVMF is
>> concerned, using a dword for the VGIA named object should be fine.
>> Accordingly, a 4-byte wide ADD_POINTER command should be used for
>> patching VGIA.
>>
>> Considering the fw_cfg file that receives the address, and
>> COMMAND_ALLOCATE_RETURN_ADDR more generally, I'd still prefer if those
>> stayed 8-byte wide, regardless of XP's support for VMGENID.
>>
>>
>> Hm... It looks like VMGENID *can* be consumed on Windows XP SP3, as long
>> as "Hyper-V integration services" are installed:
>>
>> https://msdn.microsoft.com/en-us/library/jj643357(v=vs.85).aspx
>>
>>The virtual machine must be running a guest operating system that
>>has support for the virtual machine generation identifier.
>>Currently, these are the following.
>>The following operating systems have native support for the virtual
>>machine generation identifier.
>>  [...]
>>
>>The following operating can be used as the guest operating system
>>if the Hyper-V integration services from Windows 8 or Windows
>>Server 2012 are installed.
>>
>>  [...]
>>  * Windows XP with Service Pack 3 (SP3)
>>
>> Additionally, under
>> :
>>
>>Supported Windows client guest operating systems
>>
>>Windows XP with   [...] Install the integration  [...]
>>Service Pack 3 (SP3)services after you set
>>up the operating system
>>in the virtual machine.
>>
>> This seems to be consistent with the VMGENID spec requirement that the
>> ADDR method return a package of two 32-bit int

[Qemu-devel] [PATCH v2] m68k: Remove dummy machine

[Thomas Huth]

Since it is now possible to instantiate a CPU and RAM with the "none"
machine, too, and a kernel can be loaded there with the generic loader
device, there is no more need for the m68k "dummy" machine. Thus let's
remove this unmaintained file now.

Signed-off-by: Thomas Huth 
---
 v2: Updated the patch description

 MAINTAINERS   |  4 ---
 hw/m68k/Makefile.objs |  2 --
 hw/m68k/dummy_m68k.c  | 84 ---
 3 files changed, 90 deletions(-)
 delete mode 100644 hw/m68k/dummy_m68k.c

diff --git a/MAINTAINERS b/MAINTAINERS
index a428cb2..36eaf48 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -565,10 +565,6 @@ S: Orphan
 F: hw/m68k/an5206.c
 F: hw/m68k/mcf5206.c
 
-dummy_m68k
-S: Orphan
-F: hw/m68k/dummy_m68k.c
-
 mcf5208
 S: Orphan
 F: hw/m68k/mcf5208.c
diff --git a/hw/m68k/Makefile.objs b/hw/m68k/Makefile.objs
index c4352e7..d1f089c 100644
--- a/hw/m68k/Makefile.objs
+++ b/hw/m68k/Makefile.objs
@@ -1,4 +1,2 @@
 obj-y += an5206.o mcf5208.o
-obj-y += dummy_m68k.o
-
 obj-y += mcf5206.o mcf_intc.o
diff --git a/hw/m68k/dummy_m68k.c b/hw/m68k/dummy_m68k.c
deleted file mode 100644
index 0b11d20..000
--- a/hw/m68k/dummy_m68k.c
+++ /dev/null
@@ -1,84 +0,0 @@
-/*
- * Dummy board with just RAM and CPU for use as an ISS.
- *
- * Copyright (c) 2007 CodeSourcery.
- *
- * This code is licensed under the GPL
- */
-
-#include "qemu/osdep.h"
-#include "qemu-common.h"
-#include "cpu.h"
-#include "hw/hw.h"
-#include "hw/boards.h"
-#include "hw/loader.h"
-#include "elf.h"
-#include "exec/address-spaces.h"
-
-#define KERNEL_LOAD_ADDR 0x1
-
-/* Board init.  */
-
-static void dummy_m68k_init(MachineState *machine)
-{
-ram_addr_t ram_size = machine->ram_size;
-const char *cpu_model = machine->cpu_model;
-const char *kernel_filename = machine->kernel_filename;
-M68kCPU *cpu;
-CPUM68KState *env;
-MemoryRegion *address_space_mem =  get_system_memory();
-MemoryRegion *ram = g_new(MemoryRegion, 1);
-int kernel_size;
-uint64_t elf_entry;
-hwaddr entry;
-
-if (!cpu_model)
-cpu_model = "cfv4e";
-cpu = cpu_m68k_init(cpu_model);
-if (!cpu) {
-fprintf(stderr, "Unable to find m68k CPU definition\n");
-exit(1);
-}
-env = &cpu->env;
-
-/* Initialize CPU registers.  */
-env->vbr = 0;
-
-/* RAM at address zero */
-memory_region_allocate_system_memory(ram, NULL, "dummy_m68k.ram",
- ram_size);
-memory_region_add_subregion(address_space_mem, 0, ram);
-
-/* Load kernel.  */
-if (kernel_filename) {
-kernel_size = load_elf(kernel_filename, NULL, NULL, &elf_entry,
-   NULL, NULL, 1, EM_68K, 0, 0);
-entry = elf_entry;
-if (kernel_size < 0) {
-kernel_size = load_uimage(kernel_filename, &entry, NULL, NULL,
-  NULL, NULL);
-}
-if (kernel_size < 0) {
-kernel_size = load_image_targphys(kernel_filename,
-  KERNEL_LOAD_ADDR,
-  ram_size - KERNEL_LOAD_ADDR);
-entry = KERNEL_LOAD_ADDR;
-}
-if (kernel_size < 0) {
-fprintf(stderr, "qemu: could not load kernel '%s'\n",
-kernel_filename);
-exit(1);
-}
-} else {
-entry = 0;
-}
-env->pc = entry;
-}
-
-static void dummy_m68k_machine_init(MachineClass *mc)
-{
-mc->desc = "Dummy board";
-mc->init = dummy_m68k_init;
-}
-
-DEFINE_MACHINE("dummy", dummy_m68k_machine_init)
-- 
1.8.3.1

Re: [Qemu-devel] [PATCH v2] m68k: Remove dummy machine

[Laurent Vivier]

Le 26/01/2017 à 09:30, Thomas Huth a écrit :
> Since it is now possible to instantiate a CPU and RAM with the "none"
> machine, too, and a kernel can be loaded there with the generic loader
> device, there is no more need for the m68k "dummy" machine. Thus let's
> remove this unmaintained file now.
> 
> Signed-off-by: Thomas Huth 

Reviewed-by: Laurent Vivier 

> ---
>  v2: Updated the patch description
> 
>  MAINTAINERS   |  4 ---
>  hw/m68k/Makefile.objs |  2 --
>  hw/m68k/dummy_m68k.c  | 84 
> ---
>  3 files changed, 90 deletions(-)
>  delete mode 100644 hw/m68k/dummy_m68k.c
> 
> diff --git a/MAINTAINERS b/MAINTAINERS
> index a428cb2..36eaf48 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -565,10 +565,6 @@ S: Orphan
>  F: hw/m68k/an5206.c
>  F: hw/m68k/mcf5206.c
>  
> -dummy_m68k
> -S: Orphan
> -F: hw/m68k/dummy_m68k.c
> -
>  mcf5208
>  S: Orphan
>  F: hw/m68k/mcf5208.c
> diff --git a/hw/m68k/Makefile.objs b/hw/m68k/Makefile.objs
> index c4352e7..d1f089c 100644
> --- a/hw/m68k/Makefile.objs
> +++ b/hw/m68k/Makefile.objs
> @@ -1,4 +1,2 @@
>  obj-y += an5206.o mcf5208.o
> -obj-y += dummy_m68k.o
> -
>  obj-y += mcf5206.o mcf_intc.o
> diff --git a/hw/m68k/dummy_m68k.c b/hw/m68k/dummy_m68k.c
> deleted file mode 100644
> index 0b11d20..000
> --- a/hw/m68k/dummy_m68k.c
> +++ /dev/null
> @@ -1,84 +0,0 @@
> -/*
> - * Dummy board with just RAM and CPU for use as an ISS.
> - *
> - * Copyright (c) 2007 CodeSourcery.
> - *
> - * This code is licensed under the GPL
> - */
> -
> -#include "qemu/osdep.h"
> -#include "qemu-common.h"
> -#include "cpu.h"
> -#include "hw/hw.h"
> -#include "hw/boards.h"
> -#include "hw/loader.h"
> -#include "elf.h"
> -#include "exec/address-spaces.h"
> -
> -#define KERNEL_LOAD_ADDR 0x1
> -
> -/* Board init.  */
> -
> -static void dummy_m68k_init(MachineState *machine)
> -{
> -ram_addr_t ram_size = machine->ram_size;
> -const char *cpu_model = machine->cpu_model;
> -const char *kernel_filename = machine->kernel_filename;
> -M68kCPU *cpu;
> -CPUM68KState *env;
> -MemoryRegion *address_space_mem =  get_system_memory();
> -MemoryRegion *ram = g_new(MemoryRegion, 1);
> -int kernel_size;
> -uint64_t elf_entry;
> -hwaddr entry;
> -
> -if (!cpu_model)
> -cpu_model = "cfv4e";
> -cpu = cpu_m68k_init(cpu_model);
> -if (!cpu) {
> -fprintf(stderr, "Unable to find m68k CPU definition\n");
> -exit(1);
> -}
> -env = &cpu->env;
> -
> -/* Initialize CPU registers.  */
> -env->vbr = 0;
> -
> -/* RAM at address zero */
> -memory_region_allocate_system_memory(ram, NULL, "dummy_m68k.ram",
> - ram_size);
> -memory_region_add_subregion(address_space_mem, 0, ram);
> -
> -/* Load kernel.  */
> -if (kernel_filename) {
> -kernel_size = load_elf(kernel_filename, NULL, NULL, &elf_entry,
> -   NULL, NULL, 1, EM_68K, 0, 0);
> -entry = elf_entry;
> -if (kernel_size < 0) {
> -kernel_size = load_uimage(kernel_filename, &entry, NULL, NULL,
> -  NULL, NULL);
> -}
> -if (kernel_size < 0) {
> -kernel_size = load_image_targphys(kernel_filename,
> -  KERNEL_LOAD_ADDR,
> -  ram_size - KERNEL_LOAD_ADDR);
> -entry = KERNEL_LOAD_ADDR;
> -}
> -if (kernel_size < 0) {
> -fprintf(stderr, "qemu: could not load kernel '%s'\n",
> -kernel_filename);
> -exit(1);
> -}
> -} else {
> -entry = 0;
> -}
> -env->pc = entry;
> -}
> -
> -static void dummy_m68k_machine_init(MachineClass *mc)
> -{
> -mc->desc = "Dummy board";
> -mc->init = dummy_m68k_init;
> -}
> -
> -DEFINE_MACHINE("dummy", dummy_m68k_machine_init)
> 

Re: [Qemu-devel] [PATCH] hw/core/generic-loader: Fix crash when running without CPU

[Laurent Vivier]

Le 26/01/2017 à 06:50, Thomas Huth a écrit :
> On 26.01.2017 00:26, Alistair Francis wrote:
>> On Wed, Jan 25, 2017 at 12:52 PM, Laurent Vivier  wrote:
>>> Le 25/01/2017 à 21:45, Thomas Huth a écrit :
 When running QEMU with "-M none -device loader,file=kernel.elf", it
 currently crashes with a segmentation fault, because the "none"-machine
 does not have any CPU by default and the generic loader code tries
 to dereference s->cpu. Fix it by adding an appropriate check for a
 NULL pointer.

 Reported-by: Laurent Vivier 
 Signed-off-by: Thomas Huth 
 ---
  hw/core/generic-loader.c | 9 +
  1 file changed, 5 insertions(+), 4 deletions(-)

 diff --git a/hw/core/generic-loader.c b/hw/core/generic-loader.c
 index 58f1f02..4601267 100644
 --- a/hw/core/generic-loader.c
 +++ b/hw/core/generic-loader.c
 @@ -137,20 +137,21 @@ static void generic_loader_realize(DeviceState *dev, 
 Error **errp)
  #endif

  if (s->file) {
 +AddressSpace *as = s->cpu ? s->cpu->as :  NULL;
>>>
>>> Should we just abort if s->cpu is NULL?
>>
>> I agree, what is the use case where you are loading images without a CPU?
>>
>> If there is a use case (maybe some KVM thing?) then this patch looks fine to 
>> me.
> 
> I think there is no real use case yet. But this fix is 1) simpler than
> doing an error_report() + exit() here, and 2) maybe the vision of
> constructing machines on the fly with QEMU will eventually come true one
> day in the distant future, so with that patch here, the code would
> already be prepared for the case when QEMU gets started without CPUs and
> the CPUs are then later added via QOM...
> Well, I don't mind ... if you prefer an error message instead, feel free
> to suggest another patch. I'm fine as long as we do not simply crash
> with a segmentation fault here.

OK, the use of NULL as "as" seems reasonable (this is what uses
load_elf()), so:

Reviewed-by: Laurent Vivier 

Re: [Qemu-devel] [PATCH v2 4/7] tests/docker: add basic user mapping support

[Fam Zheng]

On Tue, 01/24 14:33, Alex Bennée wrote:
> Currently all docker builds are done by exporting a tarball to the
> docker container and running the build as the containers root user.
> Other use cases are possible however and it is possible to map a part
> of users file-system to the container. This is useful for example for
> doing cross-builds of arbitrary source trees. For this to work
> smoothly the container needs to have a user created that maps cleanly
> to the host system.
> 
> This adds a -u option to the docker script so that:
> 
>   DEB_ARCH=armhf DEB_TYPE=stable ./tests/docker/docker.py build \
> -u --include-executable=arm-linux-user/qemu-arm \
> debian:armhf ./tests/docker/dockerfiles/debian-bootstrap.docker
> 
> Will build a container that can then be run like:
> 
>   docker run --rm -it -v /home/alex/lsrc/qemu/risu.git/:/src \
> --user=alex:alex -w /src/ debian:armhf \
> sh -c "make clean && ./configure -s && make"
> 
> Signed-off-by: Alex Bennée 
> 
> ---
> v2
>   - write the useradd directly
>   - change long option to --add-current-user
> ---
>  tests/docker/docker.py | 15 +--
>  1 file changed, 13 insertions(+), 2 deletions(-)
> 
> diff --git a/tests/docker/docker.py b/tests/docker/docker.py
> index 37d83199e7..b85739a9e2 100755
> --- a/tests/docker/docker.py
> +++ b/tests/docker/docker.py
> @@ -25,6 +25,7 @@ import signal
>  from tarfile import TarFile, TarInfo
>  from StringIO import StringIO
>  from shutil import copy, rmtree
> +from pwd import getpwuid
>  
>  
>  DEVNULL = open(os.devnull, 'wb')
> @@ -149,13 +150,20 @@ class Docker(object):
>  labels = json.loads(resp)[0]["Config"].get("Labels", {})
>  return labels.get("com.qemu.dockerfile-checksum", "")
>  
> -def build_image(self, tag, docker_dir, dockerfile, quiet=True, 
> argv=None):
> +def build_image(self, tag, docker_dir, dockerfile,
> +quiet=True, user=False, argv=None):
>  if argv == None:
>  argv = []
>  
>  tmp_df = tempfile.NamedTemporaryFile(dir=docker_dir, 
> suffix=".docker")
>  tmp_df.write(dockerfile)
>  
> +if user:
> +uid = os.getuid()
> +uname = getpwuid(uid).pw_name
> +tmp_df.write("\n")
> +tmp_df.write("RUN useradd -u %d -U %s" % (uid, uname))
> +
>  tmp_df.write("\n")
>  tmp_df.write("LABEL com.qemu.dockerfile-checksum=%s" %
>   _text_checksum(dockerfile))
> @@ -225,6 +233,9 @@ class BuildCommand(SubCommand):
>  help="""Specify a binary that will be copied to 
> the
>  container together with all its dependent
>  libraries""")
> +parser.add_argument("--add-current-user", "-u", dest="user",
> +action="store_true",
> +help="Add the current user to images passwd")

s/images/image's/ ?

otherwise looks good. If you fix that, you can add

Reviewed-by: Fam Zheng 

>  parser.add_argument("tag",
>  help="Image Tag")
>  parser.add_argument("dockerfile",
> @@ -261,7 +272,7 @@ class BuildCommand(SubCommand):
> docker_dir)
>  
>  dkr.build_image(tag, docker_dir, dockerfile,
> -quiet=args.quiet, argv=argv)
> +quiet=args.quiet, user=args.user, argv=argv)
>  
>  rmtree(docker_dir)
>  
> -- 
> 2.11.0
> 
> 

[Qemu-devel] [PATCH] migrate: Migration aborts abruptly for machine "none"

[Ashijeet Acharya]

Migration of a "none" machine with no RAM crashes abruptly as
bitmap_new() fails and thus aborts. Instead, place a check for
last_ram_offset() being '0' at the start of ram_save_setup() and
error out with a meaningful error message.

Signed-off-by: Ashijeet Acharya 
---
 migration/ram.c | 5 +
 1 file changed, 5 insertions(+)

diff --git a/migration/ram.c b/migration/ram.c
index ef8fadf..bf05d69 100644
--- a/migration/ram.c
+++ b/migration/ram.c
@@ -1947,6 +1947,11 @@ static int ram_save_setup(QEMUFile *f, void *opaque)
 {
 RAMBlock *block;
 
+if (last_ram_offset() == 0) {
+error_report("Failed to migrate: No RAM available!");
+return -1;
+}
+
 /* migration has already setup the bitmap, reuse it. */
 if (!migration_in_colo_state()) {
 if (ram_save_init_globals() < 0) {
-- 
2.6.2

[Qemu-devel] [RFC 1/4] linux-headers: Partial update for vITS save/restore

[Eric Auger]

This is a partial update aiming at enhancing the KVM user
API with vITS save/restore capability. This consists in two
new groups for the ARM_VGIC_ITS KVM device, named:
KVM_DEV_ARM_VGIC_GRP_ITS_REGS, KVM_DEV_ARM_VGIC_GRP_ITS_TABLES.

Signed-off-by: Eric Auger 

---
The goal is to import KVM_DEV_ARM_VGIC_GRP_ITS_REGS. Applying
scripts/update-linux-headers.sh pulls other diffs and especially
a rename of KVM_DEV_ARM_VGIC_GRP_CPU_SYSREGS into
KVM_DEV_ARM_VGIC_CPU_SYSREGS.

Conflicts:
linux-headers/asm-arm/kvm.h
---
 linux-headers/asm-arm/kvm.h   | 25 +++--
 linux-headers/asm-arm64/kvm.h | 14 +-
 2 files changed, 28 insertions(+), 11 deletions(-)

diff --git a/linux-headers/asm-arm/kvm.h b/linux-headers/asm-arm/kvm.h
index e3dd0e1..84fdfb0 100644
--- a/linux-headers/asm-arm/kvm.h
+++ b/linux-headers/asm-arm/kvm.h
@@ -84,6 +84,15 @@ struct kvm_regs {
 #define KVM_VGIC_V2_DIST_SIZE  0x1000
 #define KVM_VGIC_V2_CPU_SIZE   0x2000
 
+/* Supported VGICv3 address types  */
+#define KVM_VGIC_V3_ADDR_TYPE_DIST 2
+#define KVM_VGIC_V3_ADDR_TYPE_REDIST   3
+#define KVM_VGIC_ITS_ADDR_TYPE 4
+
+#define KVM_VGIC_V3_DIST_SIZE  SZ_64K
+#define KVM_VGIC_V3_REDIST_SIZE(2 * SZ_64K)
+#define KVM_VGIC_V3_ITS_SIZE   (2 * SZ_64K)
+
 #define KVM_ARM_VCPU_POWER_OFF 0 /* CPU is started in OFF state */
 #define KVM_ARM_VCPU_PSCI_0_2  1 /* CPU uses PSCI v0.2 */
 
@@ -174,20 +183,22 @@ struct kvm_arch_memory_slot {
 #define   KVM_DEV_ARM_VGIC_CPUID_MASK  (0xffULL << 
KVM_DEV_ARM_VGIC_CPUID_SHIFT)
 #define   KVM_DEV_ARM_VGIC_V3_MPIDR_SHIFT 32
 #define   KVM_DEV_ARM_VGIC_V3_MPIDR_MASK \
-   (0xULL << KVM_DEV_ARM_VGIC_V3_MPIDR_SHIFT)
+   (0xULL << KVM_DEV_ARM_VGIC_V3_MPIDR_SHIFT)
 #define   KVM_DEV_ARM_VGIC_OFFSET_SHIFT0
 #define   KVM_DEV_ARM_VGIC_OFFSET_MASK (0xULL << 
KVM_DEV_ARM_VGIC_OFFSET_SHIFT)
 #define   KVM_DEV_ARM_VGIC_SYSREG_INSTR_MASK (0x)
 #define KVM_DEV_ARM_VGIC_GRP_NR_IRQS   3
 #define KVM_DEV_ARM_VGIC_GRP_CTRL   4
 #define KVM_DEV_ARM_VGIC_GRP_REDIST_REGS 5
-#define KVM_DEV_ARM_VGIC_GRP_CPU_SYSREGS 6
+#define KVM_DEV_ARM_VGIC_CPU_SYSREGS6
 #define KVM_DEV_ARM_VGIC_GRP_LEVEL_INFO 7
-#define KVM_DEV_ARM_VGIC_LINE_LEVEL_INFO_SHIFT 10
+#define KVM_DEV_ARM_VGIC_GRP_ITS_REGS  8
+#define KVM_DEV_ARM_VGIC_GRP_ITS_TABLES9
+#define KVM_DEV_ARM_VGIC_LINE_LEVEL_INFO_SHIFT 10
 #define KVM_DEV_ARM_VGIC_LINE_LEVEL_INFO_MASK \
-   (0x3fULL << KVM_DEV_ARM_VGIC_LINE_LEVEL_INFO_SHIFT)
-#define KVM_DEV_ARM_VGIC_LINE_LEVEL_INTID_MASK 0x3ff
-#define VGIC_LEVEL_INFO_LINE_LEVEL 0
+   (0x3fULL << KVM_DEV_ARM_VGIC_LINE_LEVEL_INFO_SHIFT)
+#define KVM_DEV_ARM_VGIC_LINE_LEVEL_INTID_MASK 0x3ff
+#define VGIC_LEVEL_INFO_LINE_LEVEL 0
 
 #define   KVM_DEV_ARM_VGIC_CTRL_INIT0
 
@@ -213,7 +224,9 @@ struct kvm_arch_memory_slot {
  * and only here to provide source code level compatibility with older
  * userland. The highest SPI number can be set via 
KVM_DEV_ARM_VGIC_GRP_NR_IRQS.
  */
+#ifndef __KERNEL__
 #define KVM_ARM_IRQ_GIC_MAX127
+#endif
 
 /* One single KVM irqchip, ie. the VGIC */
 #define KVM_NR_IRQCHIPS  1
diff --git a/linux-headers/asm-arm64/kvm.h b/linux-headers/asm-arm64/kvm.h
index 6698bdd..31e1137 100644
--- a/linux-headers/asm-arm64/kvm.h
+++ b/linux-headers/asm-arm64/kvm.h
@@ -203,19 +203,21 @@ struct kvm_arch_memory_slot {
 #define   KVM_DEV_ARM_VGIC_CPUID_MASK  (0xffULL << 
KVM_DEV_ARM_VGIC_CPUID_SHIFT)
 #define   KVM_DEV_ARM_VGIC_V3_MPIDR_SHIFT 32
 #define   KVM_DEV_ARM_VGIC_V3_MPIDR_MASK \
-   (0xULL << KVM_DEV_ARM_VGIC_V3_MPIDR_SHIFT)
+   (0xULL << KVM_DEV_ARM_VGIC_V3_MPIDR_SHIFT)
 #define   KVM_DEV_ARM_VGIC_OFFSET_SHIFT0
 #define   KVM_DEV_ARM_VGIC_OFFSET_MASK (0xULL << 
KVM_DEV_ARM_VGIC_OFFSET_SHIFT)
 #define   KVM_DEV_ARM_VGIC_SYSREG_INSTR_MASK (0x)
 #define KVM_DEV_ARM_VGIC_GRP_NR_IRQS   3
 #define KVM_DEV_ARM_VGIC_GRP_CTRL  4
 #define KVM_DEV_ARM_VGIC_GRP_REDIST_REGS 5
-#define KVM_DEV_ARM_VGIC_GRP_CPU_SYSREGS 6
+#define KVM_DEV_ARM_VGIC_CPU_SYSREGS6
 #define KVM_DEV_ARM_VGIC_GRP_LEVEL_INFO 7
-#define KVM_DEV_ARM_VGIC_LINE_LEVEL_INFO_SHIFT 10
+#define KVM_DEV_ARM_VGIC_GRP_ITS_REGS 8
+#define KVM_DEV_ARM_VGIC_GRP_ITS_TABLES 9
+#define KVM_DEV_ARM_VGIC_LINE_LEVEL_INFO_SHIFT 10
 #define KVM_DEV_ARM_VGIC_LINE_LEVEL_INFO_MASK \
-   (0x3fULL << KVM_DEV_ARM_VGIC_LINE_LEVEL_INFO_SHIFT)
-#define KVM_DEV_ARM_VGIC_LINE_LEVEL_INTID_MASK 0x3ff
+   (0x3fULL << KVM_DEV_ARM_VGIC_LINE_LEVEL_INFO_SHIFT)
+#define KVM_DEV_ARM_VGIC_LINE_LEVEL_INTID_MASK 0x3ff
 #define VGIC_LEVEL_INFO_LINE_LEVEL 0
 
 #define   KVM_DEV_ARM_VGIC_CTRL_INIT   0
@@ -247,7 +249,9 @@ struct kvm_arch_memory_slot {
  * and only here to provide source code level compa

[Qemu-devel] [RFC 4/4] hw/intc/arm_gicv3_its: Allow save/restore

[Eric Auger]

We change the restoration priority of both the GICv3 and ITS. The
GICv3 must be restored before the ITS and the ITS needs to be restored
before PCIe devices since it translates their MSI transactions.

We typically observe the virtio-pci-net device sending MSI transactions
very early (even before the first vcpu run) which looks weird. It
appears that not servicing those transactions cause the virtio-pci-net
to stall.

Signed-off-by: Eric Auger 
---
 hw/intc/arm_gicv3_common.c | 1 +
 hw/intc/arm_gicv3_its_common.c | 3 ++-
 hw/intc/arm_gicv3_its_kvm.c| 8 ++--
 include/migration/vmstate.h| 2 ++
 4 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/hw/intc/arm_gicv3_common.c b/hw/intc/arm_gicv3_common.c
index 0f8c4b8..f80e60d 100644
--- a/hw/intc/arm_gicv3_common.c
+++ b/hw/intc/arm_gicv3_common.c
@@ -84,6 +84,7 @@ static const VMStateDescription vmstate_gicv3 = {
 .minimum_version_id = 1,
 .pre_save = gicv3_pre_save,
 .post_load = gicv3_post_load,
+.priority = MIG_PRI_GICV3,
 .fields = (VMStateField[]) {
 VMSTATE_UINT32(gicd_ctlr, GICv3State),
 VMSTATE_UINT32_ARRAY(gicd_statusr, GICv3State, 2),
diff --git a/hw/intc/arm_gicv3_its_common.c b/hw/intc/arm_gicv3_its_common.c
index 75b9f04..854709f 100644
--- a/hw/intc/arm_gicv3_its_common.c
+++ b/hw/intc/arm_gicv3_its_common.c
@@ -48,7 +48,8 @@ static const VMStateDescription vmstate_its = {
 .name = "arm_gicv3_its",
 .pre_save = gicv3_its_pre_save,
 .post_load = gicv3_its_post_load,
-.unmigratable = true,
+.unmigratable = false,
+.priority = MIG_PRI_GICV3_ITS,
 .fields = (VMStateField[]) {
 VMSTATE_UINT32(ctlr, GICv3ITSState),
 VMSTATE_UINT64(cbaser, GICv3ITSState),
diff --git a/hw/intc/arm_gicv3_its_kvm.c b/hw/intc/arm_gicv3_its_kvm.c
index 3f8017d..7f81d33 100644
--- a/hw/intc/arm_gicv3_its_kvm.c
+++ b/hw/intc/arm_gicv3_its_kvm.c
@@ -95,8 +95,12 @@ static void kvm_arm_its_realize(DeviceState *dev, Error 
**errp)
  * Block migration of a KVM GICv3 ITS device: the API for saving and
  * restoring the state in the kernel is not yet available
  */
-error_setg(&s->migration_blocker, "vITS migration is not implemented");
-migrate_add_blocker(s->migration_blocker);
+if (!kvm_device_check_attr(s->dev_fd, KVM_DEV_ARM_VGIC_GRP_ITS_REGS,
+   GITS_CTLR)) {
+error_setg(&s->migration_blocker, "This operating system kernel does "
+  "not support vITS migration");
+migrate_add_blocker(s->migration_blocker);
+}
 
 kvm_msi_use_devid = true;
 kvm_gsi_direct_mapping = false;
diff --git a/include/migration/vmstate.h b/include/migration/vmstate.h
index 1a22887..ebd755c 100644
--- a/include/migration/vmstate.h
+++ b/include/migration/vmstate.h
@@ -188,6 +188,8 @@ enum VMStateFlags {
 
 typedef enum {
 MIG_PRI_DEFAULT = 0,
+MIG_PRI_GICV3_ITS,
+MIG_PRI_GICV3,
 MIG_PRI_MAX,
 } MigrationPriority;
 
-- 
2.5.5

[Qemu-devel] [RFC 0/4] vITS save/restore

[Eric Auger]

This series allows ITS save/restore and migration use cases.
It relies on not upstreamed kernel series ([1] & [2]) and
QEMU not upstreamed series [3].

ITS tables are flushed into guest RAM on VM stop while registers
are save on pre_save() callback. Tables and registers are restored
on ITS post_load().

The code is based on Vijaya's "GICv3 live migration support"
series [3], based on v2.8.0-rc4.

The series also uses one patch from Peter Xu that aims at allowing
the explicit ordering of save/restore handlers [4], now upstreamed.

That work was tested on Cavium ThunderX using virsh save/restore and
virt-manager live migration.

Best Regards

Eric

Host Kernel dependencies:
- [1] [RFC 00/13] vITS save/restore
  (https://www.spinics.net/lists/arm-kernel/msg553854.html)
- [2] [PATCH v10 0/8] arm/arm64: vgic: Implement API for vGICv3 live
  migration
  http://www.spinics.net/lists/arm-kernel/msg546383.html

QEMU dependencies:
- [3] [PATCH v6 0/2] GICv3 live migration support
- [4] migration: allow to prioritize save state entries

This QEMU series can be found at:
https://github.com/eauger/qemu/tree/mig-gicv3-v6-its-rfc

Eric Auger (4):
  linux-headers: Partial update for vITS save/restore
  hw/intc/arm_gicv3_kvm: Rename KVM_DEV_ARM_VGIC_GRP_CPU_SYSREGS
  hw/intc/arm_gicv3_its: Implement state save/restore
  hw/intc/arm_gicv3_its: Allow save/restore

 hw/intc/arm_gicv3_common.c |  1 +
 hw/intc/arm_gicv3_its_common.c | 11 +++-
 hw/intc/arm_gicv3_its_kvm.c| 94 +-
 hw/intc/arm_gicv3_kvm.c|  2 +-
 include/hw/intc/arm_gicv3_its_common.h |  6 +++
 include/migration/vmstate.h|  2 +
 linux-headers/asm-arm/kvm.h| 25 ++---
 linux-headers/asm-arm64/kvm.h  | 14 +++--
 8 files changed, 140 insertions(+), 15 deletions(-)

-- 
2.5.5

[Qemu-devel] [RFC 3/4] hw/intc/arm_gicv3_its: Implement state save/restore

[Eric Auger]

We need to handle both registers and ITS tables. While
register handling is standard, ITS table handling is more
challenging since the kernel API is devised so that the
tables are flushed into guest RAM and not in vmstate buffers.

Flushing the ITS tables on device pre_save() is too late
since the guest RAM had already been saved at this point.

Table flushing needs to happen when we are sure the vcpus
are stopped and before the last dirty page saving. The
right point is RUN_STATE_FINISH_MIGRATE but sometimes the
VM gets stopped before migration launch so let's simply
flush the tables each time the VM gets stopped.

For regular ITS registers we just can use vmstate pre_save
and post_load callbacks.

Signed-off-by: Eric Auger 

---
---
 hw/intc/arm_gicv3_its_common.c |  8 
 hw/intc/arm_gicv3_its_kvm.c| 86 ++
 include/hw/intc/arm_gicv3_its_common.h |  6 +++
 3 files changed, 100 insertions(+)

diff --git a/hw/intc/arm_gicv3_its_common.c b/hw/intc/arm_gicv3_its_common.c
index 9d67c5c..75b9f04 100644
--- a/hw/intc/arm_gicv3_its_common.c
+++ b/hw/intc/arm_gicv3_its_common.c
@@ -49,6 +49,14 @@ static const VMStateDescription vmstate_its = {
 .pre_save = gicv3_its_pre_save,
 .post_load = gicv3_its_post_load,
 .unmigratable = true,
+.fields = (VMStateField[]) {
+VMSTATE_UINT32(ctlr, GICv3ITSState),
+VMSTATE_UINT64(cbaser, GICv3ITSState),
+VMSTATE_UINT64(cwriter, GICv3ITSState),
+VMSTATE_UINT64(creadr, GICv3ITSState),
+VMSTATE_UINT64_ARRAY(baser, GICv3ITSState, 8),
+VMSTATE_END_OF_LIST()
+},
 };
 
 static MemTxResult gicv3_its_trans_read(void *opaque, hwaddr offset,
diff --git a/hw/intc/arm_gicv3_its_kvm.c b/hw/intc/arm_gicv3_its_kvm.c
index fc246e0..3f8017d 100644
--- a/hw/intc/arm_gicv3_its_kvm.c
+++ b/hw/intc/arm_gicv3_its_kvm.c
@@ -53,6 +53,24 @@ static int kvm_its_send_msi(GICv3ITSState *s, uint32_t 
value, uint16_t devid)
 return kvm_vm_ioctl(kvm_state, KVM_SIGNAL_MSI, &msi);
 }
 
+/**
+ * vm_change_state_handler - VM change state callback aiming at flushing
+ * ITS tables into guest RAM
+ *
+ * The tables get flushed to guest RAM whenever the VM gets stopped.
+ */
+static void vm_change_state_handler(void *opaque, int running,
+RunState state)
+{
+GICv3ITSState *s = (GICv3ITSState *)opaque;
+
+if (running) {
+return;
+}
+kvm_device_access(s->dev_fd, KVM_DEV_ARM_VGIC_GRP_ITS_TABLES,
+  0, NULL, false);
+}
+
 static void kvm_arm_its_realize(DeviceState *dev, Error **errp)
 {
 GICv3ITSState *s = ARM_GICV3_ITS_COMMON(dev);
@@ -83,6 +101,8 @@ static void kvm_arm_its_realize(DeviceState *dev, Error 
**errp)
 kvm_msi_use_devid = true;
 kvm_gsi_direct_mapping = false;
 kvm_msi_via_irqfd_allowed = kvm_irqfds_enabled();
+
+qemu_add_vm_change_state_handler(vm_change_state_handler, s);
 }
 
 static void kvm_arm_its_init(Object *obj)
@@ -96,6 +116,70 @@ static void kvm_arm_its_init(Object *obj)
  &error_abort);
 }
 
+/**
+ * kvm_arm_its_get - handles the saving of ITS registers.
+ * ITS tables, being flushed into guest RAM needs to be saved before
+ * the pre_save() callback, hence the migration state change notifiers
+ */
+static void kvm_arm_its_get(GICv3ITSState *s)
+{
+uint64_t reg;
+int i;
+
+for (i = 0; i < 8; i++) {
+kvm_device_access(s->dev_fd, KVM_DEV_ARM_VGIC_GRP_ITS_REGS,
+  GITS_BASER + i * 8, &s->baser[i], false);
+}
+
+kvm_device_access(s->dev_fd, KVM_DEV_ARM_VGIC_GRP_ITS_REGS,
+  GITS_CTLR, ®, false);
+s->ctlr = extract64(reg, 0, 32);
+
+kvm_device_access(s->dev_fd, KVM_DEV_ARM_VGIC_GRP_ITS_REGS,
+  GITS_CBASER, &s->cbaser, false);
+
+kvm_device_access(s->dev_fd, KVM_DEV_ARM_VGIC_GRP_ITS_REGS,
+  GITS_CREADR, &s->creadr, false);
+
+kvm_device_access(s->dev_fd, KVM_DEV_ARM_VGIC_GRP_ITS_REGS,
+  GITS_CWRITER, &s->cwriter, false);
+}
+
+/**
+ * kvm_arm_its_put - Restore both the ITS registers and guest RAM tables
+ * ITS tables, being flushed into guest RAM needs to be saved before
+ * the pre_save() callback. The restoration order matters since there
+ * are dependencies between register settings, as specified by the
+ * architecture specification
+ */
+static void kvm_arm_its_put(GICv3ITSState *s)
+{
+uint64_t reg;
+int i;
+
+/* must be written before GITS_CREADR since it resets this latter*/
+kvm_device_access(s->dev_fd, KVM_DEV_ARM_VGIC_GRP_ITS_REGS,
+  GITS_CBASER, &s->cbaser, true);
+
+kvm_device_access(s->dev_fd, KVM_DEV_ARM_VGIC_GRP_ITS_REGS,
+  GITS_CREADR, &s->creadr, true);
+
+kvm_device_access(s->dev_fd, KVM_DEV_ARM_VGIC_GRP_ITS_REGS,
+  GITS_CWRITER, &s->cwriter, true);
+
+for (i = 0; i < 8; i++) {
+kvm_de

[Qemu-devel] [RFC 2/4] hw/intc/arm_gicv3_kvm: Rename KVM_DEV_ARM_VGIC_GRP_CPU_SYSREGS

[Eric Auger]

Rename KVM_DEV_ARM_VGIC_GRP_CPU_SYSREGS into KVM_DEV_ARM_VGIC_CPU_SYSREGS
as exposed in the kernel user API and pulled by update-linux-headers.sh.

Signed-off-by: Eric Auger 

---

KVM_DEV_ARM_VGIC_CPU_SYSREGS may be fixed at kernel level instead
---
 hw/intc/arm_gicv3_kvm.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/intc/arm_gicv3_kvm.c b/hw/intc/arm_gicv3_kvm.c
index 267c2d6..d8ecbc3 100644
--- a/hw/intc/arm_gicv3_kvm.c
+++ b/hw/intc/arm_gicv3_kvm.c
@@ -108,7 +108,7 @@ static inline void kvm_gicr_access(GICv3State *s, int 
offset, int cpu,
 static inline void kvm_gicc_access(GICv3State *s, uint64_t reg, int cpu,
uint64_t *val, bool write)
 {
-kvm_device_access(s->dev_fd, KVM_DEV_ARM_VGIC_GRP_CPU_SYSREGS,
+kvm_device_access(s->dev_fd, KVM_DEV_ARM_VGIC_CPU_SYSREGS,
   KVM_VGIC_ATTR(reg, s->cpu[cpu].gicr_typer),
   val, write);
 }
-- 
2.5.5

Re: [Qemu-devel] [PATCH v2 30/30] target-sparc: fix up niagara machine

[Artyom Tarasenko]

On Thu, Jan 26, 2017 at 8:35 AM, Markus Armbruster  wrote:
> niagara_init() does something naughty, which conflicts with Max's
> "[PATCH v6 0/9] block: Drop BDS.filename".  Details inline.
>
> Artyom Tarasenko  writes:
>
>> Remove the Niagara stub implementation from sun4u.c and add a machine,
>> compatible with Legion simulator from the OpenSPARC T1 project.
>>
>> The machine uses the firmware supplied with the OpenSPARC T1 project,
>> http://download.oracle.com/technetwork/systems/opensparc/OpenSPARCT1_Arch.1.5.tar.bz2
>> in the directory S10image/, and is able to boot the supplied Solaris 10 
>> image.
>>
>> Note that for compatibility with the naming conventions for SPARC machines
>> the new machine name is lowercase niagara.
>>
>> Signed-off-by: Artyom Tarasenko 
>> Reviewed-by: Richard Henderson 
>> ---
>>  MAINTAINERS |  13 +--
>>  default-configs/sparc64-softmmu.mak |   2 +
>>  hw/sparc64/Makefile.objs|   1 +
>>  hw/sparc64/niagara.c| 177 
>> 
>>  hw/sparc64/sun4u.c  |  31 ---
>>  qemu-doc.texi   |  14 ++-
>>  6 files changed, 199 insertions(+), 39 deletions(-)
>>  create mode 100644 hw/sparc64/niagara.c
>>
>> diff --git a/MAINTAINERS b/MAINTAINERS
>> index 54588e5..b5ebfab 100644
>> --- a/MAINTAINERS
>> +++ b/MAINTAINERS
>> @@ -725,6 +725,13 @@ S: Maintained
>>  F: hw/sparc64/sun4u.c
>>  F: pc-bios/openbios-sparc64
>>
>> +Sun4v
>> +M: Artyom Tarasenko 
>> +S: Maintained
>> +F: hw/sparc64/sun4v.c
>> +F: hw/timer/sun4v-rtc.c
>> +F: include/hw/timer/sun4v-rtc.h
>> +
>>  Leon3
>>  M: Fabien Chouteau 
>>  S: Maintained
>> @@ -1098,12 +1105,6 @@ F: hw/nvram/chrp_nvram.c
>>  F: include/hw/nvram/chrp_nvram.h
>>  F: tests/prom-env-test.c
>>
>> -sun4v RTC
>> -M: Artyom Tarasenko 
>> -S: Maintained
>> -F: hw/timer/sun4v-rtc.c
>> -F: include/hw/timer/sun4v-rtc.h
>> -
>>  Subsystems
>>  --
>>  Audio
>> diff --git a/default-configs/sparc64-softmmu.mak 
>> b/default-configs/sparc64-softmmu.mak
>> index c0cdd64..c581e61 100644
>> --- a/default-configs/sparc64-softmmu.mak
>> +++ b/default-configs/sparc64-softmmu.mak
>> @@ -13,3 +13,5 @@ CONFIG_IDE_CMD646=y
>>  CONFIG_PCI_APB=y
>>  CONFIG_MC146818RTC=y
>>  CONFIG_ISA_TESTDEV=y
>> +CONFIG_EMPTY_SLOT=y
>> +CONFIG_SUN4V_RTC=y
>> diff --git a/hw/sparc64/Makefile.objs b/hw/sparc64/Makefile.objs
>> index a96b1f8..cf9de21 100644
>> --- a/hw/sparc64/Makefile.objs
>> +++ b/hw/sparc64/Makefile.objs
>> @@ -1,2 +1,3 @@
>>  obj-y += sparc64.o
>>  obj-y += sun4u.o
>> +obj-y += niagara.o
>> \ No newline at end of file
>> diff --git a/hw/sparc64/niagara.c b/hw/sparc64/niagara.c
>> new file mode 100644
>> index 000..b55d4bb
>> --- /dev/null
>> +++ b/hw/sparc64/niagara.c
>> @@ -0,0 +1,177 @@
>> +/*
>> + * QEMU Sun4v/Niagara System Emulator
>> + *
>> + * Copyright (c) 2016 Artyom Tarasenko
>> + *
>> + * Permission is hereby granted, free of charge, to any person obtaining a 
>> copy
>> + * of this software and associated documentation files (the "Software"), to 
>> deal
>> + * in the Software without restriction, including without limitation the 
>> rights
>> + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
>> + * copies of the Software, and to permit persons to whom the Software is
>> + * furnished to do so, subject to the following conditions:
>> + *
>> + * The above copyright notice and this permission notice shall be included 
>> in
>> + * all copies or substantial portions of the Software.
>> + *
>> + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 
>> OR
>> + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
>> + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
>> + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR 
>> OTHER
>> + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 
>> FROM,
>> + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
>> + * THE SOFTWARE.
>> + */
>> +
>> +#include "qemu/osdep.h"
>> +#include "qapi/error.h"
>> +#include "qemu-common.h"
>> +#include "cpu.h"
>> +#include "hw/hw.h"
>> +#include "hw/boards.h"
>> +#include "hw/char/serial.h"
>> +#include "hw/empty_slot.h"
>> +#include "hw/loader.h"
>> +#include "hw/sparc/sparc64.h"
>> +#include "hw/timer/sun4v-rtc.h"
>> +#include "exec/address-spaces.h"
>> +#include "sysemu/block-backend.h"
>> +
>> +
>> +typedef struct NiagaraBoardState {
>> +MemoryRegion hv_ram;
>> +MemoryRegion partition_ram;
>> +MemoryRegion nvram;
>> +MemoryRegion md_rom;
>> +MemoryRegion hv_rom;
>> +MemoryRegion vdisk_ram;
>> +MemoryRegion prom;
>> +} NiagaraBoardState;
>> +
>> +#define NIAGARA_HV_RAM_BASE 0x10ULL
>> +#define NIAGARA_HV_RAM_SIZE 0x3f0ULL /* 63 MiB */
>> +
>> +#define NIAGARA_PARTITION_RAM_BASE 0x8000ULL
>> +
>> +#define NIAGARA_UART_BASE   0x1f1000ULL
>> +
>> +#define

Re: [Qemu-devel] [PULL 26/36] hw/intc/arm_gicv3: Add accessors for ICH_ system registers

[Paolo Bonzini]

On 19/01/2017 15:09, Peter Maydell wrote:
> +uint64_t lr = cs->ich_lr_el2[i];
> +
> +if ((lr & ICH_LR_EL2_STATE_MASK) == 0 &&
> +((lr & ICH_LR_EL2_HW) == 1 || (lr & ICH_LR_EL2_EOI) == 0)) {

This should be "!= 0", not == 1 (reported by Coverity).

Paolo

> +value |= (1 << i);
> +}

[Qemu-devel] [PATCH v3 3/3] xen-platform: add missing disk unplug option

[Paul Durrant]

The Xen HVM unplug protocol [1] specifies a mechanism to allow guests to
request unplug of 'aux' disks (which is stated to mean all IDE disks,
except the primary master). This patch adds support for that unplug request.

NOTE: The semantics of what happens if unplug of all disks and 'aux' disks
  is simultaneously requests is not clear. The patch makes that
  assumption that an 'all' request overrides an 'aux' request.

[1] 
http://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=docs/misc/hvm-emulated-unplug.markdown

Signed-off-by: Paul Durrant 
Reviewed-by: Stefano Stabellini 

Cc: Anthony Perard 
Cc: Paolo Bonzini 
Cc: Richard Henderson 
Cc: Eduardo Habkost 
Cc: "Michael S. Tsirkin" 
Cc: John Snow 
---
 hw/i386/xen/xen_platform.c | 27 +++
 hw/ide/piix.c  |  4 ++--
 include/hw/ide.h   |  2 +-
 3 files changed, 18 insertions(+), 15 deletions(-)

diff --git a/hw/i386/xen/xen_platform.c b/hw/i386/xen/xen_platform.c
index 7d41ebb..6010f35 100644
--- a/hw/i386/xen/xen_platform.c
+++ b/hw/i386/xen/xen_platform.c
@@ -107,8 +107,12 @@ static void pci_unplug_nics(PCIBus *bus)
 pci_for_each_device(bus, 0, unplug_nic, NULL);
 }
 
-static void unplug_disks(PCIBus *b, PCIDevice *d, void *o)
+static void unplug_disks(PCIBus *b, PCIDevice *d, void *opaque)
 {
+uint32_t flags = *(uint32_t *)opaque;
+bool aux = (flags & UNPLUG_AUX_IDE_DISKS) &&
+!(flags & UNPLUG_ALL_DISKS);
+
 /* We have to ignore passthrough devices */
 if (!strcmp(d->name, "xen-pci-passthrough")) {
 return;
@@ -116,12 +120,14 @@ static void unplug_disks(PCIBus *b, PCIDevice *d, void *o)
 
 switch (pci_get_word(d->config + PCI_CLASS_DEVICE)) {
 case PCI_CLASS_STORAGE_IDE:
-pci_piix3_xen_ide_unplug(DEVICE(d));
+pci_piix3_xen_ide_unplug(DEVICE(d), aux);
 break;
 
 case PCI_CLASS_STORAGE_SCSI:
 case PCI_CLASS_STORAGE_EXPRESS:
-object_unparent(OBJECT(d));
+if (!aux) {
+object_unparent(OBJECT(d));
+}
 break;
 
 default:
@@ -129,9 +135,9 @@ static void unplug_disks(PCIBus *b, PCIDevice *d, void *o)
 }
 }
 
-static void pci_unplug_disks(PCIBus *bus)
+static void pci_unplug_disks(PCIBus *bus, uint32_t flags)
 {
-pci_for_each_device(bus, 0, unplug_disks, NULL);
+pci_for_each_device(bus, 0, unplug_disks, &flags);
 }
 
 static void platform_fixed_ioport_writew(void *opaque, uint32_t addr, uint32_t 
val)
@@ -144,17 +150,14 @@ static void platform_fixed_ioport_writew(void *opaque, 
uint32_t addr, uint32_t v
 /* Unplug devices.  Value is a bitmask of which devices to
unplug, with bit 0 the disk devices, bit 1 the network
devices, and bit 2 the non-primary-master IDE devices. */
-if (val & UNPLUG_ALL_DISKS) {
+if (val & (UNPLUG_ALL_DISKS | UNPLUG_AUX_IDE_DISKS)) {
 DPRINTF("unplug disks\n");
-pci_unplug_disks(pci_dev->bus);
+pci_unplug_disks(pci_dev->bus, val);
 }
 if (val & UNPLUG_ALL_NICS) {
 DPRINTF("unplug nics\n");
 pci_unplug_nics(pci_dev->bus);
 }
-if (val & UNPLUG_AUX_IDE_DISKS) {
-DPRINTF("unplug auxiliary disks not supported\n");
-}
 break;
 }
 case 2:
@@ -335,14 +338,14 @@ static void xen_platform_ioport_writeb(void *opaque, 
hwaddr addr,
  * If VMDP was to control both disk and LAN it would use 4.
  * If it controlled just disk or just LAN, it would use 8 below.
  */
-pci_unplug_disks(pci_dev->bus);
+pci_unplug_disks(pci_dev->bus, UNPLUG_ALL_DISKS);
 pci_unplug_nics(pci_dev->bus);
 }
 break;
 case 8:
 switch (val) {
 case 1:
-pci_unplug_disks(pci_dev->bus);
+pci_unplug_disks(pci_dev->bus, UNPLUG_ALL_DISKS);
 break;
 case 2:
 pci_unplug_nics(pci_dev->bus);
diff --git a/hw/ide/piix.c b/hw/ide/piix.c
index d5777fd..7e2d767 100644
--- a/hw/ide/piix.c
+++ b/hw/ide/piix.c
@@ -165,7 +165,7 @@ static void pci_piix_ide_realize(PCIDevice *dev, Error 
**errp)
 pci_piix_init_ports(d);
 }
 
-int pci_piix3_xen_ide_unplug(DeviceState *dev)
+int pci_piix3_xen_ide_unplug(DeviceState *dev, bool aux)
 {
 PCIIDEState *pci_ide;
 DriveInfo *di;
@@ -174,7 +174,7 @@ int pci_piix3_xen_ide_unplug(DeviceState *dev)
 
 pci_ide = PCI_IDE(dev);
 
-for (i = 0; i < 4; i++) {
+for (i = aux ? 1 : 0; i < 4; i++) {
 di = drive_get_by_index(IF_IDE, i);
 if (di != NULL && !di->media_cd) {
 BlockBackend *blk = blk_by_legacy_dinfo(di);
diff --git a/include/hw/ide.h b/include/hw/ide.h
index bc8bd32..3ae087c 100644
--- a/include/hw/ide.h
+++ b/include/hw/ide.h
@@ -17,7 +17,7 @@ void pci_cmd646_ide_init(PCIBus *bus, DriveInfo **hd_table,
 PCIDevice *pci_piix3_xen_ide_init(PCIBus *bus, DriveInfo **hd_table, int 
devfn);
 PCIDevice 

[Qemu-devel] [PATCH v3 2/3] xen-platform: add support for unplugging NVMe disks...

[Paul Durrant]

...not just IDE and SCSI.

This patch allows the Xen tool-stack to fully support of NVMe as an
emulated disk type. See [1] for the relevant tool-stack patch discussion.

[1] https://lists.xen.org/archives/html/xen-devel/2017-01/msg01225.html

Signed-off-by: Paul Durrant 
---
Cc: Stefano Stabellini 
Cc: Anthony Perard 
Cc: "Michael S. Tsirkin" 
Cc: Paolo Bonzini 
Cc: Richard Henderson 
Cc: Eduardo Habkost 

v3:
- Add reference to xen-devel patch discussion in commit message as
  requested by Stefano.
---
 hw/i386/xen/xen_platform.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/hw/i386/xen/xen_platform.c b/hw/i386/xen/xen_platform.c
index f50915f..7d41ebb 100644
--- a/hw/i386/xen/xen_platform.c
+++ b/hw/i386/xen/xen_platform.c
@@ -120,6 +120,7 @@ static void unplug_disks(PCIBus *b, PCIDevice *d, void *o)
 break;
 
 case PCI_CLASS_STORAGE_SCSI:
+case PCI_CLASS_STORAGE_EXPRESS:
 object_unparent(OBJECT(d));
 break;
 
-- 
2.1.4

[Qemu-devel] [PATCH v3 0/3] xen-platform: disk unplug modifications

[Paul Durrant]

These patches modify the implementation of Xen HVM disk unplug.

Paul Durrant (3):
  xen-platform: re-structure unplug_disks
  xen-platform: add support for unplugging NVMe disks...
  xen-platform: add missing disk unplug option

 hw/i386/xen/xen_platform.c | 50 +++---
 hw/ide/piix.c  |  4 ++--
 include/hw/ide.h   |  2 +-
 3 files changed, 33 insertions(+), 23 deletions(-)

-- 
2.1.4

[Qemu-devel] [PATCH v3 1/3] xen-platform: re-structure unplug_disks

[Paul Durrant]

The current code is poorly structured and potentially leads to multiple
config space reads when one is sufficient. Also the UNPLUG_ALL_IDE_DISKS
flag is mis-named since it also results in SCSI disks being unplugged.

This patch renames the flag and re-structures the code to be more
efficient, and readable.

Signed-off-by: Paul Durrant 
Reviewed-by: Stefano Stabellini 
---
Cc: Anthony Perard 
Cc: Paolo Bonzini 
Cc: Richard Henderson 
Cc: Eduardo Habkost 
Cc: "Michael S. Tsirkin" 

v2:
- Fix style issue
---
 hw/i386/xen/xen_platform.c | 25 -
 1 file changed, 16 insertions(+), 9 deletions(-)

diff --git a/hw/i386/xen/xen_platform.c b/hw/i386/xen/xen_platform.c
index 2e1e543..f50915f 100644
--- a/hw/i386/xen/xen_platform.c
+++ b/hw/i386/xen/xen_platform.c
@@ -88,7 +88,7 @@ static void log_writeb(PCIXenPlatformState *s, char val)
 }
 
 /* Xen Platform, Fixed IOPort */
-#define UNPLUG_ALL_IDE_DISKS 1
+#define UNPLUG_ALL_DISKS 1
 #define UNPLUG_ALL_NICS 2
 #define UNPLUG_AUX_IDE_DISKS 4
 
@@ -110,14 +110,21 @@ static void pci_unplug_nics(PCIBus *bus)
 static void unplug_disks(PCIBus *b, PCIDevice *d, void *o)
 {
 /* We have to ignore passthrough devices */
-if (pci_get_word(d->config + PCI_CLASS_DEVICE) ==
-PCI_CLASS_STORAGE_IDE
-&& strcmp(d->name, "xen-pci-passthrough") != 0) {
+if (!strcmp(d->name, "xen-pci-passthrough")) {
+return;
+}
+
+switch (pci_get_word(d->config + PCI_CLASS_DEVICE)) {
+case PCI_CLASS_STORAGE_IDE:
 pci_piix3_xen_ide_unplug(DEVICE(d));
-} else if (pci_get_word(d->config + PCI_CLASS_DEVICE) ==
-PCI_CLASS_STORAGE_SCSI
-&& strcmp(d->name, "xen-pci-passthrough") != 0) {
+break;
+
+case PCI_CLASS_STORAGE_SCSI:
 object_unparent(OBJECT(d));
+break;
+
+default:
+break;
 }
 }
 
@@ -134,9 +141,9 @@ static void platform_fixed_ioport_writew(void *opaque, 
uint32_t addr, uint32_t v
 case 0: {
 PCIDevice *pci_dev = PCI_DEVICE(s);
 /* Unplug devices.  Value is a bitmask of which devices to
-   unplug, with bit 0 the IDE devices, bit 1 the network
+   unplug, with bit 0 the disk devices, bit 1 the network
devices, and bit 2 the non-primary-master IDE devices. */
-if (val & UNPLUG_ALL_IDE_DISKS) {
+if (val & UNPLUG_ALL_DISKS) {
 DPRINTF("unplug disks\n");
 pci_unplug_disks(pci_dev->bus);
 }
-- 
2.1.4

Re: [Qemu-devel] [PATCH 0/9] QOM'ify work for sparc

[Mark Cave-Ayland]

On 30/12/16 18:32, Mark Cave-Ayland wrote:

> On 25/12/16 04:02, 赵小强 wrote:
> 
>> ping  
>>
>> At 2016-10-23 14:31:26, "xiaoqiang zhao"  wrote:
>>> This patch set aims for QOM'ifying code relate with sparc.
>>> It is part of my QOM'ify work of qemu code base.
>>>
>>> xiaoqiang zhao (9):
>>>  hw/misc: QOM'ify eccmemctl.c
>>>  hw/dma: QOM'ify sparc32_dma.c
>>>  hw/dma: QOM'ify sun4m_iommu.c
>>>  hw/misc: QOM'ify slavio_misc.c
>>>  hw/timer: QOM'ify m48txx_sysbus (pass 1)
>>>  hw/timer: QOM'ify m48txx_sysbus (pass 2)
>>>  hw/timer: QOM'ify slavio_timer
>>>  hw/sparc: QOM'ify sun4m.c
>>>  hw/sparc64: QOM'ify sun4u.c
>>>
>>> hw/dma/sparc32_dma.c| 25 
>>> hw/dma/sun4m_iommu.c| 12 --
>>> hw/misc/eccmemctl.c | 25 
>>> hw/misc/slavio_misc.c   | 43 ++
>>> hw/sparc/sun4m.c| 54 +++
>>> hw/sparc64/sun4u.c  | 20 
>>> hw/timer/m48t59.c   | 61 
>>> ++---
>>> hw/timer/slavio_timer.c | 12 --
>>> 8 files changed, 128 insertions(+), 124 deletions(-)
>>>
>>> -- 
>>> 2.9.3
> 
> Thanks for the patch!
> 
> Given that Artyom's sun4v work has been waiting since before freeze, I'd
> like to see that merged first and then this patch rebased on top if
> required.

The sun4v patchset has now been applied, so please can you rebase
against master and repost for review?


ATB,

Mark.

Re: [Qemu-devel] [PATCH] arm_gicv3: Fix broken logic in ELRSR calculation

[Thomas Huth]

On 24.01.2017 12:06, Peter Maydell wrote:
> Fix a broken expression in the calculation of ELRSR
> register bits: instead of "(lr & ICH_LR_EL2_HW) == 1"
> we want to check for != 0, because the HW bit is not
> bit 0 so a test for == 1 is always false.
> 
> Fixes: https://bugs.launchpad.net/bugs/1658506
> 
> Signed-off-by: Peter Maydell 
> ---
>  hw/intc/arm_gicv3_cpuif.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/hw/intc/arm_gicv3_cpuif.c b/hw/intc/arm_gicv3_cpuif.c
> index a9ee7fd..c25ee03 100644
> --- a/hw/intc/arm_gicv3_cpuif.c
> +++ b/hw/intc/arm_gicv3_cpuif.c
> @@ -2430,7 +2430,7 @@ static uint64_t ich_elrsr_read(CPUARMState *env, const 
> ARMCPRegInfo *ri)
>  uint64_t lr = cs->ich_lr_el2[i];
>  
>  if ((lr & ICH_LR_EL2_STATE_MASK) == 0 &&
> -((lr & ICH_LR_EL2_HW) == 1 || (lr & ICH_LR_EL2_EOI) == 0)) {
> +((lr & ICH_LR_EL2_HW) != 0 || (lr & ICH_LR_EL2_EOI) == 0)) {
>  value |= (1 << i);
>  }
>  }
> 

Reviewed-by: Thomas Huth 

Re: [Qemu-devel] [PULL 26/36] hw/intc/arm_gicv3: Add accessors for ICH_ system registers

[Thomas Huth]

On 26.01.2017 10:35, Paolo Bonzini wrote:
> 
> 
> On 19/01/2017 15:09, Peter Maydell wrote:
>> +uint64_t lr = cs->ich_lr_el2[i];
>> +
>> +if ((lr & ICH_LR_EL2_STATE_MASK) == 0 &&
>> +((lr & ICH_LR_EL2_HW) == 1 || (lr & ICH_LR_EL2_EOI) == 0)) {
> 
> This should be "!= 0", not == 1 (reported by Coverity).

A patch for this issue is already on the mailing list - see "arm_gicv3:
Fix broken logic in ELRSR calculation"

 Thomas

[Qemu-devel] [PATCH V2 04/10] qemu-clk: introduce an init array to help the device construction

[fred . konrad]

From: KONRAD Frederic 

This introduces a clock init array to ease the clock tree construction.

Signed-off-by: KONRAD Frederic 
---
 include/qemu/qemu-clock.h | 23 +++
 qemu-clock.c  | 17 +
 2 files changed, 40 insertions(+)

diff --git a/include/qemu/qemu-clock.h b/include/qemu/qemu-clock.h
index 6d30299..45f8766 100644
--- a/include/qemu/qemu-clock.h
+++ b/include/qemu/qemu-clock.h
@@ -49,6 +49,29 @@ struct ClkList {
 QLIST_ENTRY(ClkList) node;
 };
 
+typedef struct ClockInitElement {
+const char *name;  /* Name to give to the clock. */
+size_t offset; /* Offset of the qemu_clk field in the object. */
+QEMUClkRateUpdateCallback *cb;
+} ClockInitElement;
+
+#define DEVICE_CLOCK(_state, _field, _cb) {  \
+.name = #_field, \
+.offset = offsetof(_state, _field),  \
+.cb = _cb\
+}
+
+#define DEVICE_CLOCK_END() { \
+.name = NULL \
+}
+
+/**
+ * qemu_clk_init_device:
+ * @obj: the Object which need to be initialized.
+ * @array: the array of ClockInitElement to be used.
+ */
+void qemu_clk_init_device(Object *obj, ClockInitElement *array);
+
 /**
  * qemu_clk_device_add_clock:
  * @dev: the device on which the clock needs to be added.
diff --git a/qemu-clock.c b/qemu-clock.c
index 8c12368..300e38f 100644
--- a/qemu-clock.c
+++ b/qemu-clock.c
@@ -26,6 +26,7 @@
 #include "hw/hw.h"
 #include "qemu/log.h"
 #include "qapi/error.h"
+#include "hw/qdev-core.h"
 
 #ifndef DEBUG_QEMU_CLOCK
 #define DEBUG_QEMU_CLOCK 0
@@ -37,6 +38,22 @@
 }\
 } while (0);
 
+void qemu_clk_init_device(Object *obj, ClockInitElement *array)
+{
+qemu_clk *cur = NULL;
+
+while (array->name != NULL) {
+DPRINTF("init clock named %s\n", array->name);
+cur = (((void *)obj) + array->offset);
+*cur = QEMU_CLOCK(object_new(TYPE_CLOCK));
+qemu_clk_device_add_clock(DEVICE(obj), *cur, array->name);
+if (array->cb) {
+qemu_clk_set_callback(*cur, array->cb, obj);
+}
+array++;
+}
+}
+
 void qemu_clk_refresh(qemu_clk clk)
 {
 qemu_clk_update_rate(clk, clk->in_rate);
-- 
1.8.3.1

[Qemu-devel] [PATCH V2 00/10] Clock framework API.

[fred . konrad]

From: KONRAD Frederic 

Hi,

This is the second version of the clock framework API it contains:

  * The first 6 patches which introduce the framework.
  * The 7th patch which introduces a fixed-clock model.
  * The rest which gives an example how to model a PLL from the existing
zynqmp-crf extracted from the qemu xilinx tree.

No specific behavior is expected yet when the CRF register set is accessed but
the user can see for example the dp_video_ref and vpll_to_lpd rate changing in
the monitor with the "info qtree" command when the vpll_ctrl register is
modified.

bus: main-system-bus
  type System
  dev: xlnx.zynqmp_crf, id ""
gpio-out "sysbus-irq" 1
qemu-clk "dbg_trace" 0
qemu-clk "dp_stc_ref" 0
qemu-clk "dpll_to_lpd" 1250
qemu-clk "acpu_clk" 0
qemu-clk "pcie_ref" 0
qemu-clk "topsw_main" 0
qemu-clk "topsw_lsbus" 0
qemu-clk "dp_audio_ref" 0
qemu-clk "sata_ref" 0
qemu-clk "dp_video_ref" 1428571
qemu-clk "vpll_clk" 5000
qemu-clk "apll_to_lpd" 1250
qemu-clk "dpll_clk" 5000
qemu-clk "gpu_ref" 0
qemu-clk "aux_refclk" 0
qemu-clk "video_clk" 2700
qemu-clk "gdma_ref" 0
qemu-clk "gt_crx_ref_clk" 0
qemu-clk "dbg_fdp" 0
qemu-clk "apll_clk" 5000
qemu-clk "pss_alt_ref_clk" 0
qemu-clk "ddr" 0
qemu-clk "dbg_tstmp" 0
qemu-clk "pss_ref_clk" 5000
qemu-clk "dpdma_ref" 0
qemu-clk "vpll_to_lpd" 1250
mmio fd1a/010c

This series is based on the current master
(a9e404600a9bd1e6a26431fc89e5069092e67f14).

Thanks,
Fred

V1 -> V2:
  * Rebased on current master.
  * Some function renamed and documentation fixed.

RFC -> V1:
  * Rebased on current master.
  * The docs has been fixed.
  * qemu_clk_init_device helper has been provided to ease the initialization
of the devices.

KONRAD Frederic (10):
  qemu-clk: introduce qemu-clk qom object
  qemu-clk: allow to add a clock to a device
  qemu-clk: allow to bind two clocks together
  qemu-clk: introduce an init array to help the device construction
  qdev-monitor: print the device's clock with info qtree
  docs: add qemu-clock documentation
  introduce fixed-clock
  introduce zynqmp_crf
  zynqmp: add the zynqmp_crf to the platform
  zynqmp: add reference clock

 Makefile.objs |   1 +
 docs/clock.txt| 108 +
 hw/arm/xlnx-zynqmp.c  |  56 +++
 hw/misc/Makefile.objs |   2 +
 hw/misc/fixed-clock.c |  88 
 hw/misc/xilinx_zynqmp_crf.c   | 968 ++
 include/hw/arm/xlnx-zynqmp.h  |   8 +
 include/hw/misc/fixed-clock.h |  30 ++
 include/qemu/qemu-clock.h | 161 +++
 qdev-monitor.c|   2 +
 qemu-clock.c  | 174 
 11 files changed, 1598 insertions(+)
 create mode 100644 docs/clock.txt
 create mode 100644 hw/misc/fixed-clock.c
 create mode 100644 hw/misc/xilinx_zynqmp_crf.c
 create mode 100644 include/hw/misc/fixed-clock.h
 create mode 100644 include/qemu/qemu-clock.h
 create mode 100644 qemu-clock.c

-- 
1.8.3.1

[Qemu-devel] [PATCH V2 02/10] qemu-clk: allow to add a clock to a device

[fred . konrad]

From: KONRAD Frederic 

This allows to add a clock to a DeviceState.
Contrary to gpios, the clock pins are not contained in the DeviceState but
with the child property so they can appears in the qom-tree.

Signed-off-by: KONRAD Frederic 

V1 -> V2:
  * Rename the function use 'add' instead of 'attach'
---
 include/qemu/qemu-clock.h | 24 +++-
 qemu-clock.c  | 23 +++
 2 files changed, 46 insertions(+), 1 deletion(-)

diff --git a/include/qemu/qemu-clock.h b/include/qemu/qemu-clock.h
index e7acd68..3e692d3 100644
--- a/include/qemu/qemu-clock.h
+++ b/include/qemu/qemu-clock.h
@@ -33,8 +33,30 @@
 typedef struct qemu_clk {
 /*< private >*/
 Object parent_obj;
+char *name;/* name of this clock in the device. */
 } *qemu_clk;
 
-#endif /* QEMU_CLOCK_H */
+/**
+ * qemu_clk_device_add_clock:
+ * @dev: the device on which the clock needs to be added.
+ * @clk: the clock which needs to be added.
+ * @name: the name of the clock can't be NULL.
+ *
+ * Add @clk to device @dev as a clock named @name.
+ *
+ */
+void qemu_clk_device_add_clock(DeviceState *dev, qemu_clk clk,
+   const char *name);
 
+/**
+ * qemu_clk_device_get_clock:
+ * @dev: the device which contains the clock.
+ * @name: the name of the clock.
+ *
+ * Get the clock named @name contained in the device @dev, or NULL if not 
found.
+ *
+ * Returns the clock named @name contained in @dev.
+ */
+qemu_clk qemu_clk_device_get_clock(DeviceState *dev, const char *name);
 
+#endif /* QEMU_CLOCK_H */
diff --git a/qemu-clock.c b/qemu-clock.c
index ceea98d..803deb3 100644
--- a/qemu-clock.c
+++ b/qemu-clock.c
@@ -25,6 +25,7 @@
 #include "qemu/qemu-clock.h"
 #include "hw/hw.h"
 #include "qemu/log.h"
+#include "qapi/error.h"
 
 #ifndef DEBUG_QEMU_CLOCK
 #define DEBUG_QEMU_CLOCK 0
@@ -36,6 +37,28 @@
 }\
 } while (0);
 
+void qemu_clk_device_add_clock(DeviceState *dev, qemu_clk clk,
+   const char *name)
+{
+assert(name);
+assert(!clk->name);
+object_property_add_child(OBJECT(dev), name, OBJECT(clk), &error_abort);
+clk->name = g_strdup(name);
+}
+
+qemu_clk qemu_clk_device_get_clock(DeviceState *dev, const char *name)
+{
+gchar *path = NULL;
+Object *clk;
+bool ambiguous;
+
+path = g_strdup_printf("%s/%s", object_get_canonical_path(OBJECT(dev)),
+   name);
+clk = object_resolve_path(path, &ambiguous);
+g_free(path);
+return QEMU_CLOCK(clk);
+}
+
 static const TypeInfo qemu_clk_info = {
 .name  = TYPE_CLOCK,
 .parent= TYPE_OBJECT,
-- 
1.8.3.1

[Qemu-devel] [PATCH V2 03/10] qemu-clk: allow to bind two clocks together

[fred . konrad]

From: KONRAD Frederic 

This introduces the clock binding and the update part.
When the qemu_clk_rate_update(qemu_clk, int) function is called:
  * The clock callback is called on the qemu_clk so it can change the rate.
  * The qemu_clk_rate_update function is called on all the driven clock.

Signed-off-by: KONRAD Frederic 

V1 -> V2:
  * Rename qemu_clk_on_rate_update_cb to QEMUClkRateUpdateCallback and
move the pointer to the structure instead of having a pointer-to-function
type.
---
 include/qemu/qemu-clock.h | 67 +++
 qemu-clock.c  | 56 +++
 2 files changed, 123 insertions(+)

diff --git a/include/qemu/qemu-clock.h b/include/qemu/qemu-clock.h
index 3e692d3..6d30299 100644
--- a/include/qemu/qemu-clock.h
+++ b/include/qemu/qemu-clock.h
@@ -30,12 +30,25 @@
 #define TYPE_CLOCK "qemu-clk"
 #define QEMU_CLOCK(obj) OBJECT_CHECK(struct qemu_clk, (obj), TYPE_CLOCK)
 
+typedef struct ClkList ClkList;
+typedef uint64_t QEMUClkRateUpdateCallback(void *opaque, uint64_t rate);
+
 typedef struct qemu_clk {
 /*< private >*/
 Object parent_obj;
 char *name;/* name of this clock in the device. */
+uint64_t in_rate;  /* rate of the clock which drive this pin. */
+uint64_t out_rate; /* rate of this clock pin. */
+void *opaque;
+QEMUClkRateUpdateCallback *cb;
+QLIST_HEAD(, ClkList) bound;
 } *qemu_clk;
 
+struct ClkList {
+qemu_clk clk;
+QLIST_ENTRY(ClkList) node;
+};
+
 /**
  * qemu_clk_device_add_clock:
  * @dev: the device on which the clock needs to be added.
@@ -59,4 +72,58 @@ void qemu_clk_device_add_clock(DeviceState *dev, qemu_clk 
clk,
  */
 qemu_clk qemu_clk_device_get_clock(DeviceState *dev, const char *name);
 
+/**
+ * qemu_clk_bind_clock:
+ * @out: the clock output.
+ * @in: the clock input.
+ *
+ * Connect the clock together. This is unidirectional so a
+ * qemu_clk_update_rate will go from @out to @in.
+ *
+ */
+void qemu_clk_bind_clock(qemu_clk out, qemu_clk in);
+
+/**
+ * qemu_clk_unbind:
+ * @out: the clock output.
+ * @in: the clock input.
+ *
+ * Disconnect the clocks if they were bound together.
+ *
+ */
+void qemu_clk_unbind(qemu_clk out, qemu_clk in);
+
+/**
+ * qemu_clk_update_rate:
+ * @clk: the clock to update.
+ * @rate: the new rate in Hz.
+ *
+ * Update the @clk to the new @rate.
+ *
+ */
+void qemu_clk_update_rate(qemu_clk clk, uint64_t rate);
+
+/**
+ * qemu_clk_refresh:
+ * @clk: the clock to be refreshed.
+ *
+ * If a model alters the topology of a clock tree, it must call this function 
on
+ * the clock source to refresh the clock tree.
+ *
+ */
+void qemu_clk_refresh(qemu_clk clk);
+
+/**
+ * qemu_clk_set_callback:
+ * @clk: the clock associated to the callback.
+ * @cb: the function which is called when a refresh happen on the clock @clk.
+ * @opaque: the opaque data passed to the callback.
+ *
+ * Set the callback @cb which will be called when the clock @clk is updated.
+ *
+ */
+void qemu_clk_set_callback(qemu_clk clk,
+   QEMUClkRateUpdateCallback *cb,
+   void *opaque);
+
 #endif /* QEMU_CLOCK_H */
diff --git a/qemu-clock.c b/qemu-clock.c
index 803deb3..8c12368 100644
--- a/qemu-clock.c
+++ b/qemu-clock.c
@@ -37,6 +37,62 @@
 }\
 } while (0);
 
+void qemu_clk_refresh(qemu_clk clk)
+{
+qemu_clk_update_rate(clk, clk->in_rate);
+}
+
+void qemu_clk_update_rate(qemu_clk clk, uint64_t rate)
+{
+ClkList *child;
+
+clk->in_rate = rate;
+clk->out_rate = rate;
+
+if (clk->cb) {
+clk->out_rate = clk->cb(clk->opaque, rate);
+}
+
+DPRINTF("%s output rate updated to %" PRIu64 "\n",
+object_get_canonical_path(OBJECT(clk)),
+clk->out_rate);
+
+QLIST_FOREACH(child, &clk->bound, node) {
+qemu_clk_update_rate(child->clk, clk->out_rate);
+}
+}
+
+void qemu_clk_bind_clock(qemu_clk out, qemu_clk in)
+{
+ClkList *child;
+
+child = g_malloc(sizeof(child));
+assert(child);
+child->clk = in;
+QLIST_INSERT_HEAD(&out->bound, child, node);
+qemu_clk_update_rate(in, out->out_rate);
+}
+
+void qemu_clk_unbind(qemu_clk out, qemu_clk in)
+{
+ClkList *child, *next;
+
+QLIST_FOREACH_SAFE(child, &out->bound, node, next) {
+if (child->clk == in) {
+QLIST_REMOVE(child, node);
+g_free(child);
+}
+}
+}
+
+void qemu_clk_set_callback(qemu_clk clk,
+   QEMUClkRateUpdateCallback *cb,
+   void *opaque)
+{
+clk->cb = cb;
+clk->opaque = opaque;
+}
+
 void qemu_clk_device_add_clock(DeviceState *dev, qemu_clk clk,
const char *name)
 {
-- 
1.8.3.1

[Qemu-devel] [PATCH V2 08/10] introduce zynqmp_crf

[fred . konrad]

From: KONRAD Frederic 

This introduce Xilinx zynqmp-crf.
It is extracted from the qemu xilinx tree 
(02d2f0203dd489ed30d9c8d90c14a52c57332b25) and is used as
an example for the clock framework.
---
 hw/misc/Makefile.objs   |   1 +
 hw/misc/xilinx_zynqmp_crf.c | 968 
 2 files changed, 969 insertions(+)
 create mode 100644 hw/misc/xilinx_zynqmp_crf.c

diff --git a/hw/misc/Makefile.objs b/hw/misc/Makefile.objs
index 2670c2d..60f9f4d 100644
--- a/hw/misc/Makefile.objs
+++ b/hw/misc/Makefile.objs
@@ -43,6 +43,7 @@ obj-$(CONFIG_RASPI) += bcm2835_property.o
 obj-$(CONFIG_SLAVIO) += slavio_misc.o
 obj-$(CONFIG_ZYNQ) += zynq_slcr.o
 obj-$(CONFIG_ZYNQ) += zynq-xadc.o
+obj-$(CONFIG_ZYNQ) += xilinx_zynqmp_crf.o
 obj-$(CONFIG_STM32F2XX_SYSCFG) += stm32f2xx_syscfg.o
 obj-$(CONFIG_MIPS_CPS) += mips_cmgcr.o
 obj-$(CONFIG_MIPS_CPS) += mips_cpc.o
diff --git a/hw/misc/xilinx_zynqmp_crf.c b/hw/misc/xilinx_zynqmp_crf.c
new file mode 100644
index 000..e4b9225
--- /dev/null
+++ b/hw/misc/xilinx_zynqmp_crf.c
@@ -0,0 +1,968 @@
+/*
+ * QEMU model of the CRF_APB APB control registers for clock controller. The
+ * RST_ctrl_fpd will be added to this as well
+ *
+ * Copyright (c) 2014 Xilinx Inc.
+ *
+ * Autogenerated by xregqemu.py 2014-01-22.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to 
deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 
FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "qemu/osdep.h"
+#include "hw/sysbus.h"
+#include "hw/register.h"
+#include "qemu/bitops.h"
+#include "qemu/log.h"
+#include "qemu/qemu-clock.h"
+
+#ifndef XILINX_CRF_APB_ERR_DEBUG
+#define XILINX_CRF_APB_ERR_DEBUG 0
+#endif
+
+#define TYPE_XILINX_CRF_APB "xlnx.zynqmp_crf"
+
+#define XILINX_CRF_APB(obj) \
+ OBJECT_CHECK(CRF_APB, (obj), TYPE_XILINX_CRF_APB)
+
+REG32(ERR_CTRL, 0x0)
+FIELD(ERR_CTRL, SLVERR_ENABLE, 0, 1)
+REG32(IR_STATUS, 0x4)
+FIELD(IR_STATUS, ADDR_DECODE_ERR, 0, 1)
+REG32(IR_MASK, 0x8)
+FIELD(IR_MASK, ADDR_DECODE_ERR, 0, 1)
+REG32(IR_ENABLE, 0xc)
+FIELD(IR_ENABLE, ADDR_DECODE_ERR, 0, 1)
+REG32(IR_DISABLE, 0x10)
+FIELD(IR_DISABLE, ADDR_DECODE_ERR, 0, 1)
+REG32(CRF_ECO, 0x18)
+REG32(APLL_CTRL, 0x20)
+FIELD(APLL_CTRL, POST_SRC, 24, 3)
+FIELD(APLL_CTRL, PRE_SRC, 20, 3)
+FIELD(APLL_CTRL, CLKOUTDIV, 17, 1)
+FIELD(APLL_CTRL, DIV2, 16, 1)
+FIELD(APLL_CTRL, FBDIV, 8, 7)
+FIELD(APLL_CTRL, BYPASS, 3, 1)
+FIELD(APLL_CTRL, RESET, 0, 1)
+REG32(APLL_CFG, 0x24)
+FIELD(APLL_CFG, LOCK_DLY, 25, 7)
+FIELD(APLL_CFG, LOCK_CNT, 13, 10)
+FIELD(APLL_CFG, LFHF, 10, 2)
+FIELD(APLL_CFG, CP, 5, 4)
+FIELD(APLL_CFG, RES, 0, 4)
+REG32(APLL_FRAC_CFG, 0x28)
+FIELD(APLL_FRAC_CFG, ENABLED, 31, 1)
+FIELD(APLL_FRAC_CFG, SEED, 22, 3)
+FIELD(APLL_FRAC_CFG, ALGRTHM, 19, 1)
+FIELD(APLL_FRAC_CFG, ORDER, 18, 1)
+FIELD(APLL_FRAC_CFG, DATA, 0, 16)
+REG32(DPLL_CTRL, 0x2c)
+FIELD(DPLL_CTRL, POST_SRC, 24, 3)
+FIELD(DPLL_CTRL, PRE_SRC, 20, 3)
+FIELD(DPLL_CTRL, CLKOUTDIV, 17, 1)
+FIELD(DPLL_CTRL, DIV2, 16, 1)
+FIELD(DPLL_CTRL, FBDIV, 8, 7)
+FIELD(DPLL_CTRL, BYPASS, 3, 1)
+FIELD(DPLL_CTRL, RESET, 0, 1)
+REG32(DPLL_CFG, 0x30)
+FIELD(DPLL_CFG, LOCK_DLY, 25, 7)
+FIELD(DPLL_CFG, LOCK_CNT, 13, 10)
+FIELD(DPLL_CFG, LFHF, 10, 2)
+FIELD(DPLL_CFG, CP, 5, 4)
+FIELD(DPLL_CFG, RES, 0, 4)
+REG32(DPLL_FRAC_CFG, 0x34)
+FIELD(DPLL_FRAC_CFG, ENABLED, 31, 1)
+FIELD(DPLL_FRAC_CFG, SEED, 22, 3)
+FIELD(DPLL_FRAC_CFG, ALGRTHM, 19, 1)
+FIELD(DPLL_FRAC_CFG, ORDER, 18, 1)
+FIELD(DPLL_FRAC_CFG, DATA, 0, 16)
+REG32(VPLL_CTRL, 0x38)
+FIELD(VPLL_CTRL, POST_SRC, 24, 3)
+FIELD(VPLL_CTRL, PRE_SRC, 20, 3)
+FIELD(VPLL_CTRL, CLKOUTDIV, 17, 1)
+FIELD(VPLL_CTRL, DIV2, 16, 1)
+FIELD(VPLL_CTRL, FBDIV, 8, 7)
+FIELD(VPLL_CTRL, BYPASS, 3, 1)
+FIELD(VPLL_CTRL, RESET, 0, 1)
+REG32(VPLL_CFG, 0x3c)
+FIELD(VPLL_CFG, LOCK_DLY, 25, 7)
+FIELD(VPLL_CFG, LOCK_CNT, 13, 10)
+FIELD(VPLL_CFG, LFHF, 10, 2)
+FIELD(VPLL_CFG, CP, 5, 4)
+FIELD(VP

[Qemu-devel] [PATCH V2 06/10] docs: add qemu-clock documentation

[fred . konrad]

From: KONRAD Frederic 

This adds the qemu-clock documentation.

Signed-off-by: KONRAD Frederic 

V1 -> V2:
  * Fixed in accordance with the changes in the previous patches.
---
 docs/clock.txt | 108 +
 1 file changed, 108 insertions(+)
 create mode 100644 docs/clock.txt

diff --git a/docs/clock.txt b/docs/clock.txt
new file mode 100644
index 000..aa23910
--- /dev/null
+++ b/docs/clock.txt
@@ -0,0 +1,108 @@
+
+What is a QEMU_CLOCK
+
+
+A QEMU_CLOCK is a QOM Object developed for the purpose of modeling a clock tree
+with QEMU.
+
+It only simulates the clock by keeping a copy of the current frequency and
+doesn't model the signal itself such as pin toggle or duty cycle.
+
+It allows to model the impact of badly configured PLL, clock source selection
+or disabled clock on the models.
+
+Binding the clock together to create a tree
+===
+
+In order to create a clock tree with QEMU_CLOCK two or more clock must be bound
+together. Let's say there are two clocks clk_a and clk_b:
+Using qemu_clk_bind(clk_a, clk_b) will bind clk_a and clk_b.
+
+Binding two qemu-clk together creates a unidirectional link which means that
+changing the rate of clk_a will propagate to clk_b and not the opposite.
+The binding process automatically refreshes clk_b rate.
+
+Clock can be bound and unbound during execution for modeling eg: a clock
+selector.
+
+A clock can drive more than one other clock. eg with this code:
+qemu_clk_bind(clk_a, clk_b);
+qemu_clk_bind(clk_a, clk_c);
+
+A clock rate change one clk_a will propagate to clk_b and clk_c.
+
+Implementing a callback on a rate change
+
+
+The function prototype is the following:
+typedef uint64_t QEMUClkRateUpdateCallback(void *opaque, uint64_t rate);
+
+It's main goal is to modify the rate before it's passed to the next clocks in
+the tree.
+
+eg: for a 4x PLL the function will be:
+uint64_t qemu_clk_rate_change_cb(void *opaque, uint64_t rate)
+{
+return 4 * rate;
+}
+
+To set the callback for the clock:
+void qemu_clk_set_callback(qemu_clk clk, QEMUClkRateUpdateCallback *cb,
+   void *opaque);
+can be called.
+
+The rate update process
+===
+
+The rate update happen in this way:
+When a model wants to update a clock frequency (eg: based on a register change
+or something similar) it will call qemu_clk_update_rate(..) on the clock:
+  * The callback associated to the clock is called with the new rate.
+  * qemu_clk_update_rate(..) is then called on all bound clocks with the value
+returned by the callback.
+
+NOTE: When no callback is attached, the clock qemu_clk_update_rate(..) is 
called
+with the unmodified rate.
+
+Adding a QEMU_CLOCK to a DeviceState
+
+
+Adding a qemu-clk to a DeviceState is required to be able to get the clock
+outside the model through qemu_clk_device_get_clock(..).
+
+It is also required to be able to print the clock and its rate with info qtree.
+For example:
+
+  type System
+  dev: xlnx.zynqmp_crf, id ""
+gpio-out "sysbus-irq" 1
+gpio-out "RST_A9" 4
+qemu-clk "dbg_trace" 0
+qemu-clk "vpll_to_lpd" 62500
+qemu-clk "dp_stc_ref" 0
+qemu-clk "dpll_to_lpd" 1250
+qemu-clk "acpu_clk" 0
+qemu-clk "pcie_ref" 0
+qemu-clk "topsw_main" 0
+qemu-clk "topsw_lsbus" 0
+qemu-clk "dp_audio_ref" 0
+qemu-clk "sata_ref" 0
+qemu-clk "dp_video_ref" 71428568
+qemu-clk "vpll_clk" 25
+qemu-clk "apll_to_lpd" 1250
+qemu-clk "dpll_clk" 5000
+qemu-clk "gpu_ref" 0
+qemu-clk "aux_refclk" 0
+qemu-clk "video_clk" 2700
+qemu-clk "gdma_ref" 0
+qemu-clk "gt_crx_ref_clk" 0
+qemu-clk "dbg_fdp" 0
+qemu-clk "apll_clk" 5000
+qemu-clk "pss_alt_ref_clk" 0
+qemu-clk "ddr" 0
+qemu-clk "pss_ref_clk" 5000
+qemu-clk "dpdma_ref" 0
+qemu-clk "dbg_tstmp" 0
+mmio fd1a/010c
+
+This way a DeviceState can have multiple clock input or output.
-- 
1.8.3.1

[Qemu-devel] [PATCH V2 05/10] qdev-monitor: print the device's clock with info qtree

[fred . konrad]

From: KONRAD Frederic 

This prints the clock attached to a DeviceState when using "info qtree" monitor
command.

For example:

bus: main-system-bus
  type System
  dev: xlnx.zynqmp_crf, id ""
gpio-out "sysbus-irq" 1
gpio-out "RST_A9" 4
qemu-clk "dbg_trace" 0.0
qemu-clk "vpll_to_lpd" 1250.0
qemu-clk "dp_stc_ref" 0.0
qemu-clk "dpll_to_lpd" 1250.0
qemu-clk "acpu_clk" 0.0
qemu-clk "pcie_ref" 0.0
qemu-clk "topsw_main" 0.0
qemu-clk "topsw_lsbus" 0.0
qemu-clk "dp_audio_ref" 0.0
qemu-clk "sata_ref" 0.0
qemu-clk "dp_video_ref" 1428571.4
qemu-clk "vpll_clk" 5000.0
qemu-clk "apll_to_lpd" 1250.0
qemu-clk "dpll_clk" 5000.0
qemu-clk "gpu_ref" 0.0
qemu-clk "aux_refclk" 0.0
qemu-clk "video_clk" 2700.0
qemu-clk "gdma_ref" 0.0
qemu-clk "gt_crx_ref_clk" 0.0
qemu-clk "dbg_fdp" 0.0
qemu-clk "apll_clk" 5000.0
qemu-clk "pss_alt_ref_clk" 0.0
qemu-clk "ddr" 0.0
qemu-clk "pss_ref_clk" 5000.0
qemu-clk "dpdma_ref" 0.0
qemu-clk "dbg_tstmp" 0.0
mmio fd1a/010c

Signed-off-by: KONRAD Frederic 
---
 include/qemu/qemu-clock.h |  9 +
 qdev-monitor.c|  2 ++
 qemu-clock.c  | 28 
 3 files changed, 39 insertions(+)

diff --git a/include/qemu/qemu-clock.h b/include/qemu/qemu-clock.h
index 45f8766..ccc381c 100644
--- a/include/qemu/qemu-clock.h
+++ b/include/qemu/qemu-clock.h
@@ -149,4 +149,13 @@ void qemu_clk_set_callback(qemu_clk clk,
QEMUClkRateUpdateCallback *cb,
void *opaque);
 
+/**
+ * qemu_clk_print:
+ * @dev: the device for which the clock need to be printed.
+ *
+ * Print the clock information for a given device.
+ *
+ */
+void qemu_clk_print(Monitor *mon, DeviceState *dev, int indent);
+
 #endif /* QEMU_CLOCK_H */
diff --git a/qdev-monitor.c b/qdev-monitor.c
index c73410c..8f6bbdf 100644
--- a/qdev-monitor.c
+++ b/qdev-monitor.c
@@ -29,6 +29,7 @@
 #include "qemu/error-report.h"
 #include "qemu/help_option.h"
 #include "sysemu/block-backend.h"
+#include "qemu/qemu-clock.h"
 
 /*
  * Aliases were a bad idea from the start.  Let's keep them
@@ -689,6 +690,7 @@ static void qdev_print(Monitor *mon, DeviceState *dev, int 
indent)
 ngl->num_out);
 }
 }
+qemu_clk_print(mon, dev, indent);
 class = object_get_class(OBJECT(dev));
 do {
 qdev_print_props(mon, dev, DEVICE_CLASS(class)->props, indent);
diff --git a/qemu-clock.c b/qemu-clock.c
index 300e38f..b34021c 100644
--- a/qemu-clock.c
+++ b/qemu-clock.c
@@ -27,6 +27,7 @@
 #include "qemu/log.h"
 #include "qapi/error.h"
 #include "hw/qdev-core.h"
+#include "monitor/monitor.h"
 
 #ifndef DEBUG_QEMU_CLOCK
 #define DEBUG_QEMU_CLOCK 0
@@ -132,6 +133,33 @@ qemu_clk qemu_clk_device_get_clock(DeviceState *dev, const 
char *name)
 return QEMU_CLOCK(clk);
 }
 
+struct print_opaque {
+Monitor *mon;
+int indent;
+};
+
+static int qemu_clk_print_rec(Object *obj, void *opaque)
+{
+qemu_clk clk = (qemu_clk)(object_dynamic_cast(obj, TYPE_CLOCK));
+struct print_opaque *po = opaque;
+
+if (clk) {
+monitor_printf(po->mon, "%*s" "qemu-clk \"%s\" %" PRIu64 "\n",
+   po->indent, " ", clk->name, clk->out_rate);
+}
+
+return 0;
+}
+
+void qemu_clk_print(Monitor *mon, DeviceState *dev, int indent)
+{
+struct print_opaque po;
+
+po.indent = indent;
+po.mon = mon;
+object_child_foreach(OBJECT(dev), qemu_clk_print_rec, &po);
+}
+
 static const TypeInfo qemu_clk_info = {
 .name  = TYPE_CLOCK,
 .parent= TYPE_OBJECT,
-- 
1.8.3.1

[Qemu-devel] [PATCH V2 09/10] zynqmp: add the zynqmp_crf to the platform

[fred . konrad]

From: KONRAD Frederic 

This adds the zynqmp_crf to the zynqmp platform.

Signed-off-by: KONRAD Frederic 
---
 hw/arm/xlnx-zynqmp.c | 7 +++
 include/hw/arm/xlnx-zynqmp.h | 2 ++
 2 files changed, 9 insertions(+)

diff --git a/hw/arm/xlnx-zynqmp.c b/hw/arm/xlnx-zynqmp.c
index bc4e66b..27dccdb 100644
--- a/hw/arm/xlnx-zynqmp.c
+++ b/hw/arm/xlnx-zynqmp.c
@@ -177,6 +177,11 @@ static void xlnx_zynqmp_init(Object *obj)
 
 object_initialize(&s->dpdma, sizeof(s->dpdma), TYPE_XLNX_DPDMA);
 qdev_set_parent_bus(DEVICE(&s->dpdma), sysbus_get_default());
+
+s->crf = object_new("xlnx.zynqmp_crf");
+qdev_set_parent_bus(DEVICE(s->crf), sysbus_get_default());
+object_property_add_child(obj, "xlnx.zynqmp_crf", OBJECT(s->crf),
+  &error_abort);
 }
 
 static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp)
@@ -424,6 +429,8 @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error 
**errp)
  &error_abort);
 sysbus_mmio_map(SYS_BUS_DEVICE(&s->dpdma), 0, DPDMA_ADDR);
 sysbus_connect_irq(SYS_BUS_DEVICE(&s->dpdma), 0, gic_spi[DPDMA_IRQ]);
+
+sysbus_mmio_map(SYS_BUS_DEVICE(s->crf), 0, 0xFD1A);
 }
 
 static Property xlnx_zynqmp_props[] = {
diff --git a/include/hw/arm/xlnx-zynqmp.h b/include/hw/arm/xlnx-zynqmp.h
index c2931bf..379a17a 100644
--- a/include/hw/arm/xlnx-zynqmp.h
+++ b/include/hw/arm/xlnx-zynqmp.h
@@ -86,6 +86,8 @@ typedef struct XlnxZynqMPState {
 XlnxDPState dp;
 XlnxDPDMAState dpdma;
 
+Object *crf;
+
 char *boot_cpu;
 ARMCPU *boot_cpu_ptr;
 
-- 
1.8.3.1

[Qemu-devel] [PATCH V2 10/10] zynqmp: add reference clock

[fred . konrad]

From: KONRAD Frederic 

This adds some fixed reference clock to the zynqmp platform.
They will feed the zynqmp_crf block.

Signed-off-by: KONRAD Frederic 
---
 hw/arm/xlnx-zynqmp.c | 49 
 include/hw/arm/xlnx-zynqmp.h |  6 ++
 2 files changed, 55 insertions(+)

diff --git a/hw/arm/xlnx-zynqmp.c b/hw/arm/xlnx-zynqmp.c
index 27dccdb..1bef77d 100644
--- a/hw/arm/xlnx-zynqmp.c
+++ b/hw/arm/xlnx-zynqmp.c
@@ -24,6 +24,7 @@
 #include "exec/address-spaces.h"
 #include "sysemu/kvm.h"
 #include "kvm_arm.h"
+#include "qemu/qemu-clock.h"
 
 #define GIC_NUM_SPI_INTR 160
 
@@ -182,6 +183,22 @@ static void xlnx_zynqmp_init(Object *obj)
 qdev_set_parent_bus(DEVICE(s->crf), sysbus_get_default());
 object_property_add_child(obj, "xlnx.zynqmp_crf", OBJECT(s->crf),
   &error_abort);
+
+s->pss_ref_clk = object_new(TYPE_FIXED_CLOCK);
+object_property_add_child(obj, "pss_ref_clk", s->pss_ref_clk,
+  &error_abort);
+object_property_set_int(s->pss_ref_clk, 5000, "rate", &error_abort);
+s->video_clk = object_new(TYPE_FIXED_CLOCK);
+object_property_add_child(obj, "video_clk", s->video_clk, &error_abort);
+object_property_set_int(s->video_clk, 2700, "rate", &error_abort);
+s->pss_alt_ref_clk = object_new(TYPE_FIXED_CLOCK);
+object_property_add_child(obj, "pss_alt_ref_clk", s->pss_alt_ref_clk,
+  &error_abort);
+s->aux_refclk = object_new(TYPE_FIXED_CLOCK);
+object_property_add_child(obj, "aux_refclk", s->aux_refclk, &error_abort);
+s->gt_crx_ref_clk = object_new(TYPE_FIXED_CLOCK);
+object_property_add_child(obj, "gt_crx_ref_clk", s->gt_crx_ref_clk,
+  &error_abort);
 }
 
 static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp)
@@ -431,6 +448,38 @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error 
**errp)
 sysbus_connect_irq(SYS_BUS_DEVICE(&s->dpdma), 0, gic_spi[DPDMA_IRQ]);
 
 sysbus_mmio_map(SYS_BUS_DEVICE(s->crf), 0, 0xFD1A);
+
+/* Bind the clock */
+qemu_clk_bind_clock(qemu_clk_device_get_clock(DEVICE(s->pss_ref_clk),
+  "clk_out"),
+qemu_clk_device_get_clock(DEVICE(s->crf),
+  "pss_ref_clk"));
+
+qemu_clk_bind_clock(qemu_clk_device_get_clock(DEVICE(s->video_clk),
+  "clk_out"),
+qemu_clk_device_get_clock(DEVICE(s->crf), 
"video_clk"));
+
+qemu_clk_bind_clock(qemu_clk_device_get_clock(DEVICE(s->pss_alt_ref_clk),
+  "clk_out"),
+qemu_clk_device_get_clock(DEVICE(s->crf),
+  "pss_alt_ref_clk"));
+
+qemu_clk_bind_clock(qemu_clk_device_get_clock(DEVICE(s->aux_refclk),
+  "clk_out"),
+qemu_clk_device_get_clock(DEVICE(s->crf),
+  "aux_refclk"));
+
+qemu_clk_bind_clock(qemu_clk_device_get_clock(DEVICE(s->gt_crx_ref_clk),
+  "clk_out"),
+qemu_clk_device_get_clock(DEVICE(s->crf),
+  "gt_crx_ref_clk"));
+
+object_property_set_bool(s->crf, true, "realized", &err);
+object_property_set_bool(s->pss_ref_clk, true, "realized", &err);
+object_property_set_bool(s->video_clk, true, "realized", &err);
+object_property_set_bool(s->pss_alt_ref_clk, true, "realized", &err);
+object_property_set_bool(s->aux_refclk, true, "realized", &err);
+object_property_set_bool(s->gt_crx_ref_clk, true, "realized", &err);
 }
 
 static Property xlnx_zynqmp_props[] = {
diff --git a/include/hw/arm/xlnx-zynqmp.h b/include/hw/arm/xlnx-zynqmp.h
index 379a17a..d0cc57f 100644
--- a/include/hw/arm/xlnx-zynqmp.h
+++ b/include/hw/arm/xlnx-zynqmp.h
@@ -28,6 +28,7 @@
 #include "hw/ssi/xilinx_spips.h"
 #include "hw/dma/xlnx_dpdma.h"
 #include "hw/display/xlnx_dp.h"
+#include "hw/misc/fixed-clock.h"
 
 #define TYPE_XLNX_ZYNQMP "xlnx,zynqmp"
 #define XLNX_ZYNQMP(obj) OBJECT_CHECK(XlnxZynqMPState, (obj), \
@@ -86,6 +87,11 @@ typedef struct XlnxZynqMPState {
 XlnxDPState dp;
 XlnxDPDMAState dpdma;
 
+Object *pss_ref_clk;
+Object *video_clk;
+Object *pss_alt_ref_clk;
+Object *aux_refclk;
+Object *gt_crx_ref_clk;
 Object *crf;
 
 char *boot_cpu;
-- 
1.8.3.1

[Qemu-devel] [PATCH V2 01/10] qemu-clk: introduce qemu-clk qom object

[fred . konrad]

From: KONRAD Frederic 

This introduces qemu-clk qom object.

Signed-off-by: KONRAD Frederic 
---
 Makefile.objs |  1 +
 include/qemu/qemu-clock.h | 40 +
 qemu-clock.c  | 50 +++
 3 files changed, 91 insertions(+)
 create mode 100644 include/qemu/qemu-clock.h
 create mode 100644 qemu-clock.c

diff --git a/Makefile.objs b/Makefile.objs
index 01cef86..de0219d 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -78,6 +78,7 @@ common-obj-y += backends/
 common-obj-$(CONFIG_SECCOMP) += qemu-seccomp.o
 
 common-obj-$(CONFIG_FDT) += device_tree.o
+common-obj-y += qemu-clock.o
 
 ##
 # qapi
diff --git a/include/qemu/qemu-clock.h b/include/qemu/qemu-clock.h
new file mode 100644
index 000..e7acd68
--- /dev/null
+++ b/include/qemu/qemu-clock.h
@@ -0,0 +1,40 @@
+/*
+ * QEMU Clock
+ *
+ *  Copyright (C) 2016 : GreenSocs Ltd
+ *  http://www.greensocs.com/ , email: i...@greensocs.com
+ *
+ *  Frederic Konrad 
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see .
+ *
+ */
+
+#ifndef QEMU_CLOCK_H
+#define QEMU_CLOCK_H
+
+#include "qemu/osdep.h"
+#include "qom/object.h"
+
+#define TYPE_CLOCK "qemu-clk"
+#define QEMU_CLOCK(obj) OBJECT_CHECK(struct qemu_clk, (obj), TYPE_CLOCK)
+
+typedef struct qemu_clk {
+/*< private >*/
+Object parent_obj;
+} *qemu_clk;
+
+#endif /* QEMU_CLOCK_H */
+
+
diff --git a/qemu-clock.c b/qemu-clock.c
new file mode 100644
index 000..ceea98d
--- /dev/null
+++ b/qemu-clock.c
@@ -0,0 +1,50 @@
+/*
+ * QEMU Clock
+ *
+ *  Copyright (C) 2016 : GreenSocs Ltd
+ *  http://www.greensocs.com/ , email: i...@greensocs.com
+ *
+ *  Frederic Konrad 
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see .
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/qemu-clock.h"
+#include "hw/hw.h"
+#include "qemu/log.h"
+
+#ifndef DEBUG_QEMU_CLOCK
+#define DEBUG_QEMU_CLOCK 0
+#endif
+
+#define DPRINTF(fmt, args...) do {   \
+if (DEBUG_QEMU_CLOCK) {  \
+qemu_log("%s: " fmt, __func__, ## args); \
+}\
+} while (0);
+
+static const TypeInfo qemu_clk_info = {
+.name  = TYPE_CLOCK,
+.parent= TYPE_OBJECT,
+.instance_size = sizeof(struct qemu_clk),
+};
+
+static void qemu_clk_register_types(void)
+{
+type_register_static(&qemu_clk_info);
+}
+
+type_init(qemu_clk_register_types);
-- 
1.8.3.1

[Qemu-devel] [PATCH V2 07/10] introduce fixed-clock

[fred . konrad]

From: KONRAD Frederic 

This is a fixed clock device.
It justs behave as an empty device with a parametrable output rate.

Signed-off-by: KONRAD Frederic 
---
 hw/misc/Makefile.objs |  1 +
 hw/misc/fixed-clock.c | 88 +++
 include/hw/misc/fixed-clock.h | 30 +++
 3 files changed, 119 insertions(+)
 create mode 100644 hw/misc/fixed-clock.c
 create mode 100644 include/hw/misc/fixed-clock.h

diff --git a/hw/misc/Makefile.objs b/hw/misc/Makefile.objs
index 1a89615..2670c2d 100644
--- a/hw/misc/Makefile.objs
+++ b/hw/misc/Makefile.objs
@@ -53,3 +53,4 @@ obj-$(CONFIG_EDU) += edu.o
 obj-$(CONFIG_HYPERV_TESTDEV) += hyperv_testdev.o
 obj-$(CONFIG_AUX) += auxbus.o
 obj-$(CONFIG_ASPEED_SOC) += aspeed_scu.o aspeed_sdmc.o
+obj-y += fixed-clock.o
diff --git a/hw/misc/fixed-clock.c b/hw/misc/fixed-clock.c
new file mode 100644
index 000..aa124d8
--- /dev/null
+++ b/hw/misc/fixed-clock.c
@@ -0,0 +1,88 @@
+/*
+ * Fixed clock
+ *
+ *  Copyright (C) 2016 : GreenSocs Ltd
+ *  http://www.greensocs.com/ , email: i...@greensocs.com
+ *
+ *  Frederic Konrad   
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see .
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "hw/qdev.h"
+#include "hw/misc/fixed-clock.h"
+#include "qemu/qemu-clock.h"
+#include "qapi/error.h"
+
+#ifndef DEBUG_FIXED_CLOCK
+#define DEBUG_FIXED_CLOCK 0
+#endif
+
+#define DPRINTF(fmt, ...) do {   \
+if (DEBUG_FIXED_CLOCK) { \
+qemu_log(__FILE__": " fmt , ## __VA_ARGS__); \
+}\
+} while (0);
+
+typedef struct {
+DeviceState parent_obj;
+
+uint32_t rate;
+struct qemu_clk out;
+} FixedClock;
+
+static Property fixed_clock_properties[] = {
+DEFINE_PROP_UINT32("rate", FixedClock, rate, 0),
+DEFINE_PROP_END_OF_LIST()
+};
+
+static void fixed_clock_realizefn(DeviceState *dev, Error **errp)
+{
+FixedClock *s = FIXED_CLOCK(dev);
+
+qemu_clk_update_rate(&s->out, s->rate);
+}
+
+static void fixed_clock_instance_init(Object *obj)
+{
+FixedClock *s = FIXED_CLOCK(obj);
+
+object_initialize(&s->out, sizeof(s->out), TYPE_CLOCK);
+qemu_clk_device_add_clock(DEVICE(obj), &s->out, "clk_out");
+}
+
+static void fixed_clock_class_init(ObjectClass *klass, void *data)
+{
+DeviceClass *dc = DEVICE_CLASS(klass);
+
+dc->realize = fixed_clock_realizefn;
+dc->props = fixed_clock_properties;
+}
+
+static const TypeInfo fixed_clock_info = {
+.name  = TYPE_FIXED_CLOCK,
+.parent= TYPE_DEVICE,
+.instance_size = sizeof(FixedClock),
+.instance_init = fixed_clock_instance_init,
+.class_init= fixed_clock_class_init,
+};
+
+static void fixed_clock_register_types(void)
+{
+type_register_static(&fixed_clock_info);
+}
+
+type_init(fixed_clock_register_types);
diff --git a/include/hw/misc/fixed-clock.h b/include/hw/misc/fixed-clock.h
new file mode 100644
index 000..1376444
--- /dev/null
+++ b/include/hw/misc/fixed-clock.h
@@ -0,0 +1,30 @@
+/*
+ * Fixed clock
+ *
+ *  Copyright (C) 2016 : GreenSocs Ltd
+ *  http://www.greensocs.com/ , email: i...@greensocs.com
+ *
+ *  Frederic Konrad   
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see .
+ *
+ */
+
+#ifndef FIXED_CLOCK_H
+#define FIXED_CLOCK_H
+
+#define TYPE_FIXED_CLOCK "fixed-clock"
+#define FIXED_CLOCK(obj) OBJECT_CHECK(FixedClock, (obj), TYPE_FIXED_CLOCK)
+
+#endif /* FIXED_CLOCK_H */
-- 
1.8.3.1

[Qemu-devel] [PATCH] 9pfs: fix v9fs_lock error case

[Paolo Bonzini]

In this case, we are marshaling an error status instead of the errno value.
Reorganize the out and out_nofid labels to look like all the other cases.
Coverity reports this because the "err = -ENOENT" and "err = -EINVAL"
assignments above are dead, overwritten by the call to pdu_marshal.

Signed-off-by: Paolo Bonzini 
---
 hw/9pfs/9p.c | 11 ++-
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
index 99e9472..d028eca 100644
--- a/hw/9pfs/9p.c
+++ b/hw/9pfs/9p.c
@@ -3045,14 +3045,15 @@ static void coroutine_fn v9fs_lock(void *opaque)
 goto out;
 }
 status = P9_LOCK_SUCCESS;
-out:
-put_fid(pdu, fidp);
-out_nofid:
 err = pdu_marshal(pdu, offset, "b", status);
-if (err > 0) {
-err += offset;
+if (err < 0) {
+goto out;
 }
+err += offset;
 trace_v9fs_lock_return(pdu->tag, pdu->id, status);
+out:
+put_fid(pdu, fidp);
+out_nofid:
 pdu_complete(pdu, err);
 v9fs_string_free(&flock.client_id);
 }
-- 
2.9.3

Re: [Qemu-devel] [RFC 4/4] hw/intc/arm_gicv3_its: Allow save/restore

[Dr. David Alan Gilbert]

* Eric Auger (eric.au...@redhat.com) wrote:
> We change the restoration priority of both the GICv3 and ITS. The
> GICv3 must be restored before the ITS and the ITS needs to be restored
> before PCIe devices since it translates their MSI transactions.
> 
> We typically observe the virtio-pci-net device sending MSI transactions
> very early (even before the first vcpu run) which looks weird. It
> appears that not servicing those transactions cause the virtio-pci-net
> to stall.
> 
> Signed-off-by: Eric Auger 



> diff --git a/hw/intc/arm_gicv3_its_kvm.c b/hw/intc/arm_gicv3_its_kvm.c
> index 3f8017d..7f81d33 100644
> --- a/hw/intc/arm_gicv3_its_kvm.c
> +++ b/hw/intc/arm_gicv3_its_kvm.c
> @@ -95,8 +95,12 @@ static void kvm_arm_its_realize(DeviceState *dev, Error 
> **errp)
>   * Block migration of a KVM GICv3 ITS device: the API for saving and
>   * restoring the state in the kernel is not yet available
>   */
> -error_setg(&s->migration_blocker, "vITS migration is not implemented");
> -migrate_add_blocker(s->migration_blocker);
> +if (!kvm_device_check_attr(s->dev_fd, KVM_DEV_ARM_VGIC_GRP_ITS_REGS,
> +   GITS_CTLR)) {
> +error_setg(&s->migration_blocker, "This operating system kernel does 
> "
> +  "not support vITS migration");
> +migrate_add_blocker(s->migration_blocker);
> +}

Watch out, a change went in to the parameters/return value of 
migrate_add_blocker
earlier in the week - it can now fail.

>  kvm_msi_use_devid = true;
>  kvm_gsi_direct_mapping = false;
> diff --git a/include/migration/vmstate.h b/include/migration/vmstate.h
> index 1a22887..ebd755c 100644
> --- a/include/migration/vmstate.h
> +++ b/include/migration/vmstate.h
> @@ -188,6 +188,8 @@ enum VMStateFlags {
>  
>  typedef enum {
>  MIG_PRI_DEFAULT = 0,
> +MIG_PRI_GICV3_ITS,
> +MIG_PRI_GICV3,
>  MIG_PRI_MAX,

Can we keep this commented so it's trivially easy to see the order, something 
like:

 typedef enum {
 MIG_PRI_DEFAULT = 0,
+MIG_PRI_GICV3_ITS,/* Needs to be before PCI devices */
+MIG_PRI_GICV3,/* Must be before ITS */
 MIG_PRI_MAX,
 } MigrationPriority;

Dave

>  
> -- 
> 2.5.5
> 
--
Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK

[Qemu-devel] [PATCH] net: e1000e: fix dead code in e1000e_write_packet_to_guest

[Paolo Bonzini]

Because is_first is declared inside a loop, it is always true.  The store
is dead, and so is the "else" branch of "if (is_first)".  is_last is
okay though.

Reported by Coverity.

Signed-off-by: Paolo Bonzini 
---
 hw/net/e1000e_core.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/net/e1000e_core.c b/hw/net/e1000e_core.c
index 2b11499..c99e2fb 100644
--- a/hw/net/e1000e_core.c
+++ b/hw/net/e1000e_core.c
@@ -1507,6 +1507,7 @@ e1000e_write_packet_to_guest(E1000ECore *core, struct 
NetRxPkt *pkt,
 const E1000E_RingInfo *rxi;
 size_t ps_hdr_len = 0;
 bool do_ps = e1000e_do_ps(core, pkt, &ps_hdr_len);
+bool is_first = true;
 
 rxi = rxr->i;
 
@@ -1514,7 +1515,6 @@ e1000e_write_packet_to_guest(E1000ECore *core, struct 
NetRxPkt *pkt,
 hwaddr ba[MAX_PS_BUFFERS];
 e1000e_ba_state bastate = { { 0 } };
 bool is_last = false;
-bool is_first = true;
 
 desc_size = total_size - desc_offset;
 
-- 
2.9.3

[Qemu-devel] [PATCH v2.1] target-ppc: Add MMU model check for booke machines

[Valentin Plotkin]

From: Valentin Plotkin 

Machines bamboo, e500 and virtex-ml507 assume a certain MMU model,
otherwise resulting in unpredictable behavior. Add apropriate checks
into *_init functions.

Signed-off-by: Valentin Plotkin 
---
 hw/ppc/e500.c  | 6 ++
 hw/ppc/ppc440_bamboo.c | 6 ++
 hw/ppc/virtex_ml507.c  | 7 +++
 3 files changed, 19 insertions(+)

diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c
index cf8b122..5b1958c 100644
--- a/hw/ppc/e500.c
+++ b/hw/ppc/e500.c
@@ -827,6 +827,12 @@ void ppce500_init(MachineState *machine, PPCE500Params 
*params)
 env = &cpu->env;
 cs = CPU(cpu);
 
+if (env->mmu_model != POWERPC_MMU_BOOKE206) {
+fprintf(stderr, "MMU model %i not supported by this machine.\n",
+env->mmu_model);
+exit(1);
+}
+
 if (!firstenv) {
 firstenv = env;
 }
diff --git a/hw/ppc/ppc440_bamboo.c b/hw/ppc/ppc440_bamboo.c
index 5c535b1..9d997bf 100644
--- a/hw/ppc/ppc440_bamboo.c
+++ b/hw/ppc/ppc440_bamboo.c
@@ -193,6 +193,12 @@ static void bamboo_init(MachineState *machine)
 }
 env = &cpu->env;
 
+if (env->mmu_model != POWERPC_MMU_BOOKE) {
+fprintf(stderr, "MMU model %i not supported by this machine.\n",
+env->mmu_model);
+exit(1);
+}
+
 qemu_register_reset(main_cpu_reset, cpu);
 ppc_booke_timers_init(cpu, 4, 0);
 ppc_dcr_init(env, NULL, NULL);
diff --git a/hw/ppc/virtex_ml507.c b/hw/ppc/virtex_ml507.c
index b97d966..fdbcf22 100644
--- a/hw/ppc/virtex_ml507.c
+++ b/hw/ppc/virtex_ml507.c
@@ -221,6 +221,13 @@ static void virtex_init(MachineState *machine)
 
 cpu = ppc440_init_xilinx(&ram_size, 1, machine->cpu_model, 4);
 env = &cpu->env;
+
+if (env->mmu_model != POWERPC_MMU_BOOKE) {
+fprintf(stderr, "MMU model %i not supported by this machine.\n",
+env->mmu_model);
+exit(1);
+}
+
 qemu_register_reset(main_cpu_reset, cpu);
 
 memory_region_allocate_system_memory(phys_ram, NULL, "ram", ram_size);
-- 
2.5.5


This fixes 'qemu-system-ppc -nographic -cpu G2leGP3 -M ppce500; bug from
BiteSizedTasks.

Version 2: fixed style, moved checks from mmubooke_create_initial_mapping
to *_init. Thanks to Thomas Huth .

Version 2.1: seems like my mailer added linebreaks without ever notyfing.
Sorry for the mess, will use git send-mail from now on.

[Qemu-devel] [PATCH v3 01/18] block: expose crypto option names / defs to other drivers

[Daniel P. Berrange]

The block/crypto.c defines a set of QemuOpts that provide
parameters for encryption. This will also be needed by
the qcow/qcow2 integration, so expose the relevant pieces
in a new block/crypto.h header.

Reviewed-by: Max Reitz 
Reviewed-by: Eric Blake 
Signed-off-by: Daniel P. Berrange 
---
 block/crypto.c | 61 +++
 block/crypto.h | 91 ++
 2 files changed, 102 insertions(+), 50 deletions(-)
 create mode 100644 block/crypto.h

diff --git a/block/crypto.c b/block/crypto.c
index 7aa7eb5..d281de6 100644
--- a/block/crypto.c
+++ b/block/crypto.c
@@ -26,14 +26,7 @@
 #include "qapi/opts-visitor.h"
 #include "qapi-visit.h"
 #include "qapi/error.h"
-
-#define BLOCK_CRYPTO_OPT_LUKS_KEY_SECRET "key-secret"
-#define BLOCK_CRYPTO_OPT_LUKS_CIPHER_ALG "cipher-alg"
-#define BLOCK_CRYPTO_OPT_LUKS_CIPHER_MODE "cipher-mode"
-#define BLOCK_CRYPTO_OPT_LUKS_IVGEN_ALG "ivgen-alg"
-#define BLOCK_CRYPTO_OPT_LUKS_IVGEN_HASH_ALG "ivgen-hash-alg"
-#define BLOCK_CRYPTO_OPT_LUKS_HASH_ALG "hash-alg"
-#define BLOCK_CRYPTO_OPT_LUKS_ITER_TIME "iter-time"
+#include "block/crypto.h"
 
 typedef struct BlockCrypto BlockCrypto;
 
@@ -135,11 +128,7 @@ static QemuOptsList block_crypto_runtime_opts_luks = {
 .name = "crypto",
 .head = QTAILQ_HEAD_INITIALIZER(block_crypto_runtime_opts_luks.head),
 .desc = {
-{
-.name = BLOCK_CRYPTO_OPT_LUKS_KEY_SECRET,
-.type = QEMU_OPT_STRING,
-.help = "ID of the secret that provides the encryption key",
-},
+BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET,
 { /* end of list */ }
 },
 };
@@ -154,47 +143,19 @@ static QemuOptsList block_crypto_create_opts_luks = {
 .type = QEMU_OPT_SIZE,
 .help = "Virtual disk size"
 },
-{
-.name = BLOCK_CRYPTO_OPT_LUKS_KEY_SECRET,
-.type = QEMU_OPT_STRING,
-.help = "ID of the secret that provides the encryption key",
-},
-{
-.name = BLOCK_CRYPTO_OPT_LUKS_CIPHER_ALG,
-.type = QEMU_OPT_STRING,
-.help = "Name of encryption cipher algorithm",
-},
-{
-.name = BLOCK_CRYPTO_OPT_LUKS_CIPHER_MODE,
-.type = QEMU_OPT_STRING,
-.help = "Name of encryption cipher mode",
-},
-{
-.name = BLOCK_CRYPTO_OPT_LUKS_IVGEN_ALG,
-.type = QEMU_OPT_STRING,
-.help = "Name of IV generator algorithm",
-},
-{
-.name = BLOCK_CRYPTO_OPT_LUKS_IVGEN_HASH_ALG,
-.type = QEMU_OPT_STRING,
-.help = "Name of IV generator hash algorithm",
-},
-{
-.name = BLOCK_CRYPTO_OPT_LUKS_HASH_ALG,
-.type = QEMU_OPT_STRING,
-.help = "Name of encryption hash algorithm",
-},
-{
-.name = BLOCK_CRYPTO_OPT_LUKS_ITER_TIME,
-.type = QEMU_OPT_NUMBER,
-.help = "Time to spend in PBKDF in milliseconds",
-},
+BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET,
+BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_ALG,
+BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_MODE,
+BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_ALG,
+BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_HASH_ALG,
+BLOCK_CRYPTO_OPT_DEF_LUKS_HASH_ALG,
+BLOCK_CRYPTO_OPT_DEF_LUKS_ITER_TIME,
 { /* end of list */ }
 },
 };
 
 
-static QCryptoBlockOpenOptions *
+QCryptoBlockOpenOptions *
 block_crypto_open_opts_init(QCryptoBlockFormat format,
 QemuOpts *opts,
 Error **errp)
@@ -240,7 +201,7 @@ block_crypto_open_opts_init(QCryptoBlockFormat format,
 }
 
 
-static QCryptoBlockCreateOptions *
+QCryptoBlockCreateOptions *
 block_crypto_create_opts_init(QCryptoBlockFormat format,
   QemuOpts *opts,
   Error **errp)
diff --git a/block/crypto.h b/block/crypto.h
new file mode 100644
index 000..e42f20e
--- /dev/null
+++ b/block/crypto.h
@@ -0,0 +1,91 @@
+/*
+ * QEMU block full disk encryption
+ *
+ * Copyright (c) 2015-2016 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see .
+ *
+ */
+
+#ifndef BLOCK_CRYPTO_H__
+#define BLOCK_CRYPTO_H__
+
+#define BLOCK_CRYPTO_OPT_LUKS_KEY_SECRET "key-secret"
+#define BLOCK_CRY

[Qemu-devel] [PATCH v3 05/18] iotests: skip 042 with qcow which dosn't support zero sized images

[Daniel P. Berrange]

Test 042 is designed to verify operation with zero sized images.
Such images are not supported with qcow (v1), so this test has
always failed.

Reviewed-by: Max Reitz 
Signed-off-by: Daniel P. Berrange 
---
 tests/qemu-iotests/042 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/qemu-iotests/042 b/tests/qemu-iotests/042
index 351b283..a53e7cb 100755
--- a/tests/qemu-iotests/042
+++ b/tests/qemu-iotests/042
@@ -37,7 +37,7 @@ trap "_cleanup; exit \$status" 0 1 2 3 15
 . ./common.rc
 . ./common.filter
 
-_supported_fmt qcow2 qcow qed
+_supported_fmt qcow2 qed
 _supported_proto file
 _supported_os Linux
 
-- 
2.9.3

[Qemu-devel] [PATCH v3 02/18] block: add ability to set a prefix for opt names

[Daniel P. Berrange]

When integrating the crypto support with qcow/qcow2, we don't
want to use the bare LUKS option names "hash-alg", "key-secret",
etc. We want to namespace them "luks-hash-alg", "luks-key-secret"
so that they don't clash with any general qcow options at a later
date.

Reviewed-by: Max Reitz 
Signed-off-by: Daniel P. Berrange 
---
 block/crypto.c | 111 +
 block/crypto.h |  42 +++---
 2 files changed, 119 insertions(+), 34 deletions(-)

diff --git a/block/crypto.c b/block/crypto.c
index d281de6..876eabc 100644
--- a/block/crypto.c
+++ b/block/crypto.c
@@ -27,6 +27,7 @@
 #include "qapi-visit.h"
 #include "qapi/error.h"
 #include "block/crypto.h"
+#include "qemu/cutils.h"
 
 typedef struct BlockCrypto BlockCrypto;
 
@@ -128,7 +129,7 @@ static QemuOptsList block_crypto_runtime_opts_luks = {
 .name = "crypto",
 .head = QTAILQ_HEAD_INITIALIZER(block_crypto_runtime_opts_luks.head),
 .desc = {
-BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET,
+BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET(""),
 { /* end of list */ }
 },
 };
@@ -143,31 +144,101 @@ static QemuOptsList block_crypto_create_opts_luks = {
 .type = QEMU_OPT_SIZE,
 .help = "Virtual disk size"
 },
-BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET,
-BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_ALG,
-BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_MODE,
-BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_ALG,
-BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_HASH_ALG,
-BLOCK_CRYPTO_OPT_DEF_LUKS_HASH_ALG,
-BLOCK_CRYPTO_OPT_DEF_LUKS_ITER_TIME,
+BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET(""),
+BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_ALG(""),
+BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_MODE(""),
+BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_ALG(""),
+BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_HASH_ALG(""),
+BLOCK_CRYPTO_OPT_DEF_LUKS_HASH_ALG(""),
+BLOCK_CRYPTO_OPT_DEF_LUKS_ITER_TIME(""),
 { /* end of list */ }
 },
 };
 
+static QemuOptsList empty_opts = {
+.name = "crypto-empty",
+.merge_lists = false,
+.head = QTAILQ_HEAD_INITIALIZER(empty_opts.head),
+.desc = {
+/* no elements => accept any params */
+{ /* end of list */ }
+},
+};
+
+
+struct BlockCryptoCopyData {
+QemuOpts *opts;
+const char *prefix;
+};
+
+static int block_crypto_copy_value(void *opaque, const char *name,
+   const char *value, Error **errp)
+{
+struct BlockCryptoCopyData *data = opaque;
+const char *newname;
+
+if (strstart(name, data->prefix, &newname)) {
+Error *local_err = NULL;
+
+qemu_opt_set(data->opts, newname, value, &local_err);
+if (local_err) {
+error_propagate(errp, local_err);
+return -1;
+}
+}
+
+return 0;
+}
+
+/*
+ * Create a copy of @opts containing only the fields with
+ * a prefix of @prefix, stripping the prefix in the returned
+ * opts
+ */
+static QemuOpts *
+block_crypto_copy_opts(QemuOpts *opts,
+   const char *prefix,
+   Error **errp)
+{
+struct BlockCryptoCopyData data = {
+.opts = qemu_opts_create(&empty_opts, NULL, false, errp),
+.prefix = prefix
+};
+if (!data.opts) {
+return NULL;
+}
+
+if (qemu_opt_foreach(opts, block_crypto_copy_value, &data, errp) < 0) {
+qemu_opts_del(data.opts);
+return NULL;
+}
+
+return data.opts;
+}
 
 QCryptoBlockOpenOptions *
 block_crypto_open_opts_init(QCryptoBlockFormat format,
 QemuOpts *opts,
+const char *prefix,
 Error **errp)
 {
-Visitor *v;
+Visitor *v = NULL;
 QCryptoBlockOpenOptions *ret = NULL;
 Error *local_err = NULL;
+QemuOpts *newopts = NULL;
 
 ret = g_new0(QCryptoBlockOpenOptions, 1);
 ret->format = format;
 
-v = opts_visitor_new(opts);
+if (prefix != NULL) {
+newopts = block_crypto_copy_opts(opts, prefix, &local_err);
+if (local_err) {
+goto out;
+}
+v = opts_visitor_new(newopts);
+} else {
+v = opts_visitor_new(opts);
+}
 
 visit_start_struct(v, NULL, NULL, 0, &local_err);
 if (local_err) {
@@ -196,6 +267,7 @@ block_crypto_open_opts_init(QCryptoBlockFormat format,
 qapi_free_QCryptoBlockOpenOptions(ret);
 ret = NULL;
 }
+qemu_opts_del(newopts);
 visit_free(v);
 return ret;
 }
@@ -204,16 +276,26 @@ block_crypto_open_opts_init(QCryptoBlockFormat format,
 QCryptoBlockCreateOptions *
 block_crypto_create_opts_init(QCryptoBlockFormat format,
   QemuOpts *opts,
+  const char *prefix,
   Error **errp)
 {
-Visitor *v;
+Visitor *v = NULL;
 QCryptoBlockCreateOptions *ret = NULL;
 Error *local_err = NULL;
+QemuOpts *newopts = NULL;

[Qemu-devel] [PATCH v3 00/18] Convert QCow[2] to QCryptoBlock & add LUKS support

[Daniel P. Berrange]

This series is a continuation of previous work to support LUKS in
QEMU. The existing merged code supports LUKS as a standalone
driver which can be layered over/under any other QEMU block device
driver. This works well when using LUKS over protocol drivers (file,
rbd, iscsi, etc, etc), but has some downsides when combined with
format drivers like qcow2.

If you layer LUKS under qcow2 (eg qcow2 -> luks -> file) then you
cannot get any information about the qcow2 file without first
decrypting it, as both the header and payload are encrypted.

If you layer LUKS over qcow2 (eg luks -> qcow2 -> file) then you
cannot distinguish between a qcow2 file where the guest has done
LUKS encryption from a qcow2 file which qemu has done encryption.
More seriously, when encrypting sectors the guest virtual sector
is used as the input for deriving the initialization vectors.
When internal snapshots are used, this means that multiple sectors
in the qcow2 file may be encrypted with the same initialization
vector. This is a security weakness when combined with certain
cryptographic modes.

Integrating LUKS natively into qcow2 allows us to combine the
best aspects of both layering strategies above. In particular
the header remains unecrypted, but initialization vectors are
generated using physical sector numbers preserving security
when snapshots are used. This is a change from previous postings
of this work, where the IVs were (incorrectly) generated based
on the virtual disk sector.

In a previous posting of this work, Fam had suggested that we
do integration by layering luks over qcow2, but having QEMU
block layer automatically create the luks driver above qcow2
based on the qcow2 header crypt_method field. This is not
possible though, because such a scheme would suffer from the
problem of IVs being generated from the virtual disk sector
instead of physical disk sector. So having LUKS specific
code in the qcow2 block driver is unavoidable. In comparison
to the previous posting though, the amount of code in qcow2.c
has been reduced by allowing re-use of code from block/crypto.c
for handling QemuOpts -> QAPI conversion. So extra lines of
code in qcow2 to support LUKS is < 200.

I have also split the changes to qcow2 up into 2 patches. The
first patch simply introduces use of the QCryptoBlock framework
to qcow2 for the existing (deprecated) AES-CBC encryption method.
The second patch wires up the LUKS support for qcow2. This makes
it clearer which parts of the changes are related to plain code
refactoring, vs enabling the new features. Specifically we can
now see that the LUKS enablement in qcow2 has this footprint:

Changed in v3:

 - Modify qemu-img to check for 'encryption-format' option too
   and reject it when combined with compression
 - Add check to prevent 'qemu-img amend' changing encryption
   format
 - Ensure crypto layer is able to report correct option names
   in errors. ie luks-key-secret rather than just key-secret
 - Use read -P 0 in test case 174

Changed in v2:

 - Split qcow2 LUKS tests into separate patch
 - Split qcow2 LUKS spec addition into separate patch
 - Use strstart instead of g_str_has_prefix + pointer manipulation
 - Use -1 instead of 1 for error condition when iterating over opts
 - Fix formatting of qemu-img manpage for qcow2 AES flaws list
 - Fix writing zeros in qcow when encrypting sector
 - Don't overwrite input data buffer in qcow2 when encrypting data
 - Use TODO instead of XXX markers
 - Rename qcow2_change_encryption to qcow2_set_up_encryption
 - Add missing QEMU_IO_OPTIONS_NO_FMT variable to iotests
 - Explicitly fill crypto header unused space with zeros
 - Fix byte-swapping of crypto header in qcow2
 - Enforce crypto header offset is multiple of cluster size
 - Move setting of crypt_physical_offset flag
 - Fix docs for 'encryption-format' option
 - Deprecate legacy 'encryption' option
 - Drop redundant test scenarios
 - Use small file sizes for iotests
 - Drop pbkdf iteration time to 10ms during iotests
 - Use separate passphrase for top vs backing file in iotests
 - Mark 'encryption_key_missing@ field as deprecated

Daniel P. Berrange (18):
  block: expose crypto option names / defs to other drivers
  block: add ability to set a prefix for opt names
  qcow: document another weakness of qcow AES encryption
  qcow: require image size to be > 1 for new images
  iotests: skip 042 with qcow which dosn't support zero sized images
  iotests: skip 048 with qcow which doesn't support resize
  iotests: fix 097 when run with qcow
  qcow: make encrypt_sectors encrypt in place
  qcow: convert QCow to use QCryptoBlock for encryption
  qcow2: make qcow2_encrypt_sectors encrypt in place
  qcow2: convert QCow2 to use QCryptoBlock for encryption
  qcow2: extend specification to cover LUKS encryption
  qcow2: add support for LUKS encryption format
  qcow2: add iotests to cover LUKS encryption support
  iotests: enable tests 134 and 158 to work with qcow (v1)
  block: rip out all traces of password prom

[Qemu-devel] [PATCH v3 03/18] qcow: document another weakness of qcow AES encryption

[Daniel P. Berrange]

Document that use of guest virtual sector numbers as the basis for
the initialization vectors is a potential weakness, when combined
with internal snapshots or multiple images using the same passphrase.
This fixes the formatting of the itemized list too.

Signed-off-by: Daniel P. Berrange 
---
 qemu-img.texi | 19 ---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/qemu-img.texi b/qemu-img.texi
index 174aae3..db4534b 100644
--- a/qemu-img.texi
+++ b/qemu-img.texi
@@ -544,16 +544,29 @@ The use of encryption in qcow and qcow2 images is 
considered to be flawed by
 modern cryptography standards, suffering from a number of design problems:
 
 @itemize @minus
-@item The AES-CBC cipher is used with predictable initialization vectors based
+@item
+The AES-CBC cipher is used with predictable initialization vectors based
 on the sector number. This makes it vulnerable to chosen plaintext attacks
 which can reveal the existence of encrypted data.
-@item The user passphrase is directly used as the encryption key. A poorly
+@item
+The user passphrase is directly used as the encryption key. A poorly
 chosen or short passphrase will compromise the security of the encryption.
-@item In the event of the passphrase being compromised there is no way to
+@item
+In the event of the passphrase being compromised there is no way to
 change the passphrase to protect data in any qcow images. The files must
 be cloned, using a different encryption passphrase in the new file. The
 original file must then be securely erased using a program like shred,
 though even this is ineffective with many modern storage technologies.
+@item
+Initialization vectors used to encrypt sectors are based on the
+guest virtual sector number, instead of the host physical sector. When
+a disk image has multiple internal snapshots this means that data in
+multiple physical sectors is encrypted with the same initialization
+vector. With the CBC mode, this opens the possibility of watermarking
+attacks if the attack can collect multiple sectors encrypted with the
+same IV and some predictable data. Having multiple qcow2 images with
+the same passphrase also exposes this weakness since the passphrase
+is directly used as the key.
 @end itemize
 
 Use of qcow / qcow2 encryption is thus strongly discouraged. Users are
-- 
2.9.3

[Qemu-devel] [PATCH v3 04/18] qcow: require image size to be > 1 for new images

[Daniel P. Berrange]

The qcow driver refuses to open images which are less than
2 bytes in size, but will happily create such images. Add
a check in the create path to avoid this discrepancy.

Reviewed-by: Max Reitz 
Signed-off-by: Daniel P. Berrange 
---
 block/qcow.c | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/block/qcow.c b/block/qcow.c
index 7540f43..101c973 100644
--- a/block/qcow.c
+++ b/block/qcow.c
@@ -799,6 +799,12 @@ static int qcow_create(const char *filename, QemuOpts 
*opts, Error **errp)
 /* Read out options */
 total_size = ROUND_UP(qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0),
   BDRV_SECTOR_SIZE);
+if (total_size <= 1) {
+error_setg(errp, "Image size is too small, cannot be zero length");
+ret = -EINVAL;
+goto cleanup;
+}
+
 backing_file = qemu_opt_get_del(opts, BLOCK_OPT_BACKING_FILE);
 if (qemu_opt_get_bool_del(opts, BLOCK_OPT_ENCRYPT, false)) {
 flags |= BLOCK_FLAG_ENCRYPT;
-- 
2.9.3

[Qemu-devel] [PATCH v3 06/18] iotests: skip 048 with qcow which doesn't support resize

[Daniel P. Berrange]

Test 048 is designed to verify data preservation during an
image resize. The qcow (v1) format impl has never supported
resize so always fails.

Reviewed-by: Max Reitz 
Signed-off-by: Daniel P. Berrange 
---
 tests/qemu-iotests/048 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/qemu-iotests/048 b/tests/qemu-iotests/048
index 203c04f..9ed04a0 100755
--- a/tests/qemu-iotests/048
+++ b/tests/qemu-iotests/048
@@ -46,7 +46,7 @@ _compare()
 . ./common.filter
 . ./common.pattern
 
-_supported_fmt raw qcow qcow2 qed luks
+_supported_fmt raw qcow2 qed luks
 _supported_proto file
 _supported_os Linux
 
-- 
2.9.3

[Qemu-devel] [PATCH v3 12/18] qcow2: extend specification to cover LUKS encryption

[Daniel P. Berrange]

Update the qcow2 specification to describe how the LUKS header is
placed inside a qcow2 file, when using LUKS encryption for the
qcow2 payload instead of the legacy AES-CBC encryption

Signed-off-by: Daniel P. Berrange 
---
 docs/specs/qcow2.txt | 96 
 1 file changed, 96 insertions(+)

diff --git a/docs/specs/qcow2.txt b/docs/specs/qcow2.txt
index 80cdfd0..ab07e99 100644
--- a/docs/specs/qcow2.txt
+++ b/docs/specs/qcow2.txt
@@ -45,6 +45,7 @@ The first cluster of a qcow2 image contains the file header:
  32 - 35:   crypt_method
 0 for no encryption
 1 for AES encryption
+2 for LUKS encryption
 
  36 - 39:   l1_size
 Number of entries in the active L1 table
@@ -135,6 +136,7 @@ be stored. Each extension has a structure like the 
following:
 0xE2792ACA - Backing file format name
 0x6803f857 - Feature name table
 0x23852875 - Bitmaps extension
+0x0537be77 - Full disk encryption header pointer
 other  - Unknown header extension, can be safely
  ignored
 
@@ -207,6 +209,100 @@ The fields of the bitmaps extension are:
Offset into the image file at which the bitmap directory
starts. Must be aligned to a cluster boundary.
 
+== Full disk encryption header pointer ==
+
+The full disk encryption header must be present if, and only if, the
+'crypt_method' header requires metadata. Currently this is only true
+of the 'LUKS' crypt method. The header extension must be absent for
+other methods.
+
+This header provides the offset at which the crypt method can store
+its additional data, as well as the length of such data.
+
+Byte  0 -  7:   Offset into the image file at which the encryption
+header starts in bytes. Must be aligned to a cluster
+   boundary.
+Byte  8 - 15:   Length of the written encryption header in bytes.
+Note actual space allocated in the qcow2 file may
+   be larger than this value, since it will be rounded
+   to the nearest multiple of the cluster size. Any
+   unused bytes in the allocated space will be initialized
+   to 0.
+
+For the LUKS crypt method, the encryption header works as follows.
+
+The first 592 bytes of the header clusters will contain the LUKS
+partition header. This is then followed by the key material data areas.
+The size of the key material data areas is determined by the number of
+stripes in the key slot and key size. Refer to the LUKS format
+specification ('docs/on-disk-format.pdf' in the cryptsetup source
+package) for details of the LUKS partition header format.
+
+In the LUKS partition header, the "payload-offset" field will be
+calculated as normal for the LUKS spec. ie the size of the LUKS
+header, plus key material regions, plus padding. Its value is not
+used, however, since the qcow2 file format itself defines where
+the real payload offset is.
+
+In the LUKS key slots header, the "key-material-offset" is relative
+to the start of the LUKS header clusters in the qcow2 container,
+not the start of the qcow2 file.
+
+Logically the layout looks like
+
+  +-+
+  | QCow2 header|
+  +-+
+  | QCow2 header extension X|
+  | QCow2 header extension FDE  |
+  | QCow2 header extension ...  |
+  | QCow2 header extension Z|
+  +-+
+  | other QCow2 tables  |
+  . .
+  . .
+  +-+
+  | +-+ |
+  | | LUKS partition header   | |
+  | +-+ |
+  | | LUKS key material 1 | |
+  | +-+ |
+  | | LUKS key material 2 | |
+  | +-+ |
+  | | LUKS key material ...   | |
+  | +-+ |
+  | | LUKS key material 8 | |
+  | +-+ |
+  +-+
+  | QCow2 cluster payload   |
+  . .
+  . .
+  . .
+  | |
+  +-+
+
+== Data encryption ==
+
+When an encryption method is requested in the header, the image payload
+data must be encrypted/decrypted on every write/read. The image headers
+and metadata is never encrypted.
+
+The algorithms used for encryption vary depending on the method
+
+ - AES:
+
+   The AES cipher, in CBC mode, with 256 bit keys.
+
+   Initialization vectors generated using plain64 method, with
+   the virtual disk sector as the input tweak.
+
+ - LUKS:
+
+   The algorithms are specified in the LUKS header.
+
+   Initia

[Qemu-devel] [PATCH v3 09/18] qcow: convert QCow to use QCryptoBlock for encryption

[Daniel P. Berrange]

This converts the qcow2 driver to make use of the QCryptoBlock
APIs for encrypting image content. This is only wired up to
permit use of the legacy QCow encryption format. Users who wish
to have the strong LUKS format should switch to qcow2 instead.

With this change it is now required to use the QCryptoSecret
object for providing passwords, instead of the current block
password APIs / interactive prompting.

  $QEMU \
-object secret,id=sec0,filename=/home/berrange/encrypted.pw \
-drive file=/home/berrange/encrypted.qcow,aes-key-secret=sec0

Reviewed-by: Max Reitz 
Signed-off-by: Daniel P. Berrange 
---
 block/crypto.c   |  10 +++
 block/crypto.h   |   9 +++
 block/qcow.c | 184 +++
 qapi/block-core.json |  17 -
 4 files changed, 117 insertions(+), 103 deletions(-)

diff --git a/block/crypto.c b/block/crypto.c
index 876eabc..9201cb0 100644
--- a/block/crypto.c
+++ b/block/crypto.c
@@ -251,6 +251,11 @@ block_crypto_open_opts_init(QCryptoBlockFormat format,
 v, &ret->u.luks, &local_err);
 break;
 
+case Q_CRYPTO_BLOCK_FORMAT_QCOW:
+visit_type_QCryptoBlockOptionsQCow_members(
+v, &ret->u.qcow, &local_err);
+break;
+
 default:
 error_setg(&local_err, "Unsupported block format %d", format);
 break;
@@ -308,6 +313,11 @@ block_crypto_create_opts_init(QCryptoBlockFormat format,
 v, &ret->u.luks, &local_err);
 break;
 
+case Q_CRYPTO_BLOCK_FORMAT_QCOW:
+visit_type_QCryptoBlockOptionsQCow_members(
+v, &ret->u.qcow, &local_err);
+break;
+
 default:
 error_setg(&local_err, "Unsupported block format %d", format);
 break;
diff --git a/block/crypto.h b/block/crypto.h
index e70e2f0..1d64676 100644
--- a/block/crypto.h
+++ b/block/crypto.h
@@ -21,6 +21,15 @@
 #ifndef BLOCK_CRYPTO_H__
 #define BLOCK_CRYPTO_H__
 
+#define BLOCK_CRYPTO_OPT_QCOW_KEY_SECRET "key-secret"
+
+#define BLOCK_CRYPTO_OPT_DEF_QCOW_KEY_SECRET(prefix)\
+{   \
+.name = prefix BLOCK_CRYPTO_OPT_QCOW_KEY_SECRET,\
+.type = QEMU_OPT_STRING,\
+.help = "ID of the secret that provides the AES encryption key", \
+}
+
 #define BLOCK_CRYPTO_OPT_LUKS_KEY_SECRET "key-secret"
 #define BLOCK_CRYPTO_OPT_LUKS_CIPHER_ALG "cipher-alg"
 #define BLOCK_CRYPTO_OPT_LUKS_CIPHER_MODE "cipher-mode"
diff --git a/block/qcow.c b/block/qcow.c
index 38d7298..9bec081 100644
--- a/block/qcow.c
+++ b/block/qcow.c
@@ -31,8 +31,9 @@
 #include "qemu/bswap.h"
 #include 
 #include "qapi/qmp/qerror.h"
-#include "crypto/cipher.h"
+#include "crypto/block.h"
 #include "migration/migration.h"
+#include "block/crypto.h"
 
 /**/
 /* QEMU COW block driver with compression and encryption support */
@@ -77,7 +78,7 @@ typedef struct BDRVQcowState {
 uint8_t *cluster_cache;
 uint8_t *cluster_data;
 uint64_t cluster_cache_offset;
-QCryptoCipher *cipher; /* NULL if no key yet */
+QCryptoBlock *crypto; /* Disk encryption format driver */
 uint32_t crypt_method_header;
 CoMutex lock;
 Error *migration_blocker;
@@ -97,6 +98,15 @@ static int qcow_probe(const uint8_t *buf, int buf_size, 
const char *filename)
 return 0;
 }
 
+static QemuOptsList qcow_runtime_opts = {
+.name = "qcow",
+.head = QTAILQ_HEAD_INITIALIZER(qcow_runtime_opts.head),
+.desc = {
+BLOCK_CRYPTO_OPT_DEF_QCOW_KEY_SECRET("aes-"),
+{ /* end of list */ }
+},
+};
+
 static int qcow_open(BlockDriverState *bs, QDict *options, int flags,
  Error **errp)
 {
@@ -104,6 +114,18 @@ static int qcow_open(BlockDriverState *bs, QDict *options, 
int flags,
 unsigned int len, i, shift;
 int ret;
 QCowHeader header;
+QemuOpts *opts = NULL;
+Error *local_err = NULL;
+QCryptoBlockOpenOptions *crypto_opts = NULL;
+unsigned int cflags = 0;
+
+opts = qemu_opts_create(&qcow_runtime_opts, NULL, 0, &error_abort);
+qemu_opts_absorb_qdict(opts, options, &local_err);
+if (local_err) {
+error_propagate(errp, local_err);
+ret = -EINVAL;
+goto fail;
+}
 
 ret = bdrv_pread(bs->file, 0, &header, sizeof(header));
 if (ret < 0) {
@@ -148,17 +170,6 @@ static int qcow_open(BlockDriverState *bs, QDict *options, 
int flags,
 goto fail;
 }
 
-if (header.crypt_method > QCOW_CRYPT_AES) {
-error_setg(errp, "invalid encryption method in qcow header");
-ret = -EINVAL;
-goto fail;
-}
-if (!qcrypto_cipher_supports(QCRYPTO_CIPHER_ALG_AES_128,
- QCRYPTO_CIPHER_MODE_CBC)) {
-error_setg(errp, "AES cipher not available");
-ret = -EINVAL;
-goto fail;
-}
 s->crypt_method_header = he

[Qemu-devel] [PATCH v3 08/18] qcow: make encrypt_sectors encrypt in place

[Daniel P. Berrange]

Instead of requiring separate input/output buffers for
encrypting data, change encrypt_sectors() to assume
use of a single buffer, encrypting in place. One current
caller uses the same buffer for input/output already
and the other two callers are easily converted to do so.

Signed-off-by: Daniel P. Berrange 
---
 block/qcow.c | 44 +++-
 1 file changed, 15 insertions(+), 29 deletions(-)

diff --git a/block/qcow.c b/block/qcow.c
index 101c973..38d7298 100644
--- a/block/qcow.c
+++ b/block/qcow.c
@@ -310,11 +310,10 @@ static int qcow_set_key(BlockDriverState *bs, const char 
*key)
 }
 
 /* The crypt function is compatible with the linux cryptoloop
-   algorithm for < 4 GB images. NOTE: out_buf == in_buf is
-   supported */
+   algorithm for < 4 GB images. */
 static int encrypt_sectors(BDRVQcowState *s, int64_t sector_num,
-   uint8_t *out_buf, const uint8_t *in_buf,
-   int nb_sectors, bool enc, Error **errp)
+   uint8_t *buf, int nb_sectors, bool enc,
+   Error **errp)
 {
 union {
 uint64_t ll[2];
@@ -333,14 +332,12 @@ static int encrypt_sectors(BDRVQcowState *s, int64_t 
sector_num,
 }
 if (enc) {
 ret = qcrypto_cipher_encrypt(s->cipher,
- in_buf,
- out_buf,
+ buf, buf,
  512,
  errp);
 } else {
 ret = qcrypto_cipher_decrypt(s->cipher,
- in_buf,
- out_buf,
+ buf, buf,
  512,
  errp);
 }
@@ -348,8 +345,7 @@ static int encrypt_sectors(BDRVQcowState *s, int64_t 
sector_num,
 return -1;
 }
 sector_num++;
-in_buf += 512;
-out_buf += 512;
+buf += 512;
 }
 return 0;
 }
@@ -469,13 +465,12 @@ static uint64_t get_cluster_offset(BlockDriverState *bs,
 uint64_t start_sect;
 assert(s->cipher);
 start_sect = (offset & ~(s->cluster_size - 1)) >> 9;
-memset(s->cluster_data + 512, 0x00, 512);
 for(i = 0; i < s->cluster_sectors; i++) {
 if (i < n_start || i >= n_end) {
 Error *err = NULL;
+memset(s->cluster_data, 0x00, 512);
 if (encrypt_sectors(s, start_sect + i,
-s->cluster_data,
-s->cluster_data + 512, 1,
+s->cluster_data, 1,
 true, &err) < 0) {
 error_free(err);
 errno = EIO;
@@ -653,7 +648,7 @@ static coroutine_fn int qcow_co_readv(BlockDriverState *bs, 
int64_t sector_num,
 }
 if (bs->encrypted) {
 assert(s->cipher);
-if (encrypt_sectors(s, sector_num, buf, buf,
+if (encrypt_sectors(s, sector_num, buf,
 n, false, &err) < 0) {
 goto fail;
 }
@@ -688,9 +683,7 @@ static coroutine_fn int qcow_co_writev(BlockDriverState 
*bs, int64_t sector_num,
 BDRVQcowState *s = bs->opaque;
 int index_in_cluster;
 uint64_t cluster_offset;
-const uint8_t *src_buf;
 int ret = 0, n;
-uint8_t *cluster_data = NULL;
 struct iovec hd_iov;
 QEMUIOVector hd_qiov;
 uint8_t *buf;
@@ -698,7 +691,9 @@ static coroutine_fn int qcow_co_writev(BlockDriverState 
*bs, int64_t sector_num,
 
 s->cluster_cache_offset = -1; /* disable compressed cache */
 
-if (qiov->niov > 1) {
+/* We must always copy the iov when encrypting, so we
+ * don't modify the original data buffer during encryption */
+if (bs->encrypted || qiov->niov > 1) {
 buf = orig_buf = qemu_try_blockalign(bs, qiov->size);
 if (buf == NULL) {
 return -ENOMEM;
@@ -728,21 +723,15 @@ static coroutine_fn int qcow_co_writev(BlockDriverState 
*bs, int64_t sector_num,
 if (bs->encrypted) {
 Error *err = NULL;
 assert(s->cipher);
-if (!cluster_data) {
-cluster_data = g_malloc0(s->cluster_size);
-}
-if (encrypt_sectors(s, sector_num, cluster_data, buf,
+if (encrypt_sectors(s, sector_num, buf,
 n, true, &err) < 0) {
 error_free(err);
 ret = -EIO;
 break;
 }
-src_buf = cluster_da

[Qemu-devel] [PULL 0/1] Block patches

[Stefan Hajnoczi]

The following changes since commit c7f1cf01b8245762ca5864e835d84f6677ae8b1f:

  Merge remote-tracking branch 'remotes/gkurz/tags/for-upstream' into staging 
(2017-01-25 17:54:14 +)

are available in the git repository at:

  git://github.com/stefanha/qemu.git tags/block-pull-request

for you to fetch changes up to 59c9f437c59a4bf0594ed300d28fb24c645963a5:

  aio-posix: honor is_external in AioContext polling (2017-01-26 10:02:33 +)





Stefan Hajnoczi (1):
  aio-posix: honor is_external in AioContext polling

 aio-posix.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

-- 
2.9.3

[Qemu-devel] [PATCH v3 11/18] qcow2: convert QCow2 to use QCryptoBlock for encryption

[Daniel P. Berrange]

This converts the qcow2 driver to make use of the QCryptoBlock
APIs for encrypting image content, using the legacyy QCow2 AES
scheme.

With this change it is now required to use the QCryptoSecret
object for providing passwords, instead of the current block
password APIs / interactive prompting.

  $QEMU \
-object secret,id=sec0,filename=/home/berrange/encrypted.pw \
-drive file=/home/berrange/encrypted.qcow2,aes-key-secret=sec0

The test 087 could be simplified since there is no longer a
difference in behaviour when using blockdev_add with encrypted
images for the running vs stopped CPU state.

Signed-off-by: Daniel P. Berrange 
---
 block/qcow2-cluster.c  |  47 +--
 block/qcow2.c  | 190 +
 block/qcow2.h  |   5 +-
 qapi/block-core.json   |   8 +-
 tests/qemu-iotests/049 |   2 +-
 tests/qemu-iotests/049.out |   4 +-
 tests/qemu-iotests/082.out |  27 +++
 tests/qemu-iotests/087 |  27 +++
 tests/qemu-iotests/087.out |  12 +--
 tests/qemu-iotests/134 |  18 +++--
 tests/qemu-iotests/134.out |  10 +--
 tests/qemu-iotests/158 |  19 +++--
 tests/qemu-iotests/158.out |  14 +---
 tests/qemu-iotests/common  |  10 ++-
 14 files changed, 212 insertions(+), 181 deletions(-)

diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index 907e869..a2103dc 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -345,47 +345,6 @@ static int count_contiguous_clusters_by_type(int 
nb_clusters,
 return i;
 }
 
-/* The crypt function is compatible with the linux cryptoloop
-   algorithm for < 4 GB images. */
-int qcow2_encrypt_sectors(BDRVQcow2State *s, int64_t sector_num,
-  uint8_t *buf, int nb_sectors, bool enc,
-  Error **errp)
-{
-union {
-uint64_t ll[2];
-uint8_t b[16];
-} ivec;
-int i;
-int ret;
-
-for(i = 0; i < nb_sectors; i++) {
-ivec.ll[0] = cpu_to_le64(sector_num);
-ivec.ll[1] = 0;
-if (qcrypto_cipher_setiv(s->cipher,
- ivec.b, G_N_ELEMENTS(ivec.b),
- errp) < 0) {
-return -1;
-}
-if (enc) {
-ret = qcrypto_cipher_encrypt(s->cipher,
- buf, buf,
- 512,
- errp);
-} else {
-ret = qcrypto_cipher_decrypt(s->cipher,
- buf, buf,
- 512,
- errp);
-}
-if (ret < 0) {
-return -1;
-}
-sector_num++;
-buf += 512;
-}
-return 0;
-}
-
 static int coroutine_fn do_perform_cow(BlockDriverState *bs,
uint64_t src_cluster_offset,
uint64_t cluster_offset,
@@ -426,11 +385,11 @@ static int coroutine_fn do_perform_cow(BlockDriverState 
*bs,
 Error *err = NULL;
 int64_t sector = (src_cluster_offset + offset_in_cluster)
  >> BDRV_SECTOR_BITS;
-assert(s->cipher);
 assert((offset_in_cluster & ~BDRV_SECTOR_MASK) == 0);
 assert((bytes & ~BDRV_SECTOR_MASK) == 0);
-if (qcow2_encrypt_sectors(s, sector, iov.iov_base,
-  bytes >> BDRV_SECTOR_BITS, true, &err) < 0) {
+assert(s->crypto);
+if (qcrypto_block_encrypt(s->crypto, sector, iov.iov_base,
+  bytes, &err) < 0) {
 ret = -EIO;
 error_free(err);
 goto out;
diff --git a/block/qcow2.c b/block/qcow2.c
index 3c14c86..6f5095b 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -37,6 +37,9 @@
 #include "qemu/option_int.h"
 #include "qemu/cutils.h"
 #include "qemu/bswap.h"
+#include "qapi/opts-visitor.h"
+#include "qapi-visit.h"
+#include "block/crypto.h"
 
 /*
   Differences with QCOW:
@@ -461,6 +464,7 @@ static QemuOptsList qcow2_runtime_opts = {
 .type = QEMU_OPT_NUMBER,
 .help = "Clean unused cache entries after this time (in seconds)",
 },
+BLOCK_CRYPTO_OPT_DEF_QCOW_KEY_SECRET("aes-"),
 { /* end of list */ }
 },
 };
@@ -578,6 +582,7 @@ static void read_cache_sizes(BlockDriverState *bs, QemuOpts 
*opts,
 }
 }
 
+
 typedef struct Qcow2ReopenState {
 Qcow2Cache *l2_table_cache;
 Qcow2Cache *refcount_block_cache;
@@ -585,6 +590,7 @@ typedef struct Qcow2ReopenState {
 int overlap_check;
 bool discard_passthrough[QCOW2_DISCARD_MAX];
 uint64_t cache_clean_interval;
+QCryptoBlockOpenOptions *crypto_opts; /* Disk encryption runtime options */
 } Qcow2ReopenState;
 
 static int qcow2_update_options_prepare(BlockDriverState *bs,
@@ -751,6 +757,23 @@ static int qcow2_update_options_prepare(BlockDriverState 
*bs,
 r->discard

[Qemu-devel] [PATCH v3 07/18] iotests: fix 097 when run with qcow

[Daniel P. Berrange]

The previous commit:

  commit a3e1505daec31ef56f0489f8c8fff1b8e4ca92bd
  Author: Eric Blake 
  Date:   Mon Dec 5 09:49:34 2016 -0600

qcow2: Don't strand clusters near 2G intervals during commit

extended the 097 test case so that it did two passes, once
with an internal snapshot, once without.

qcow (v1) does not support internal snapshots, so this change
broke test 097 when run against qcow.

This splits 097 in two, creating a new 173 that tests the
internal snapshot codepath, effectively putting 097 back
to its content before the above commit.

Reviewed-by: Max Reitz 
Signed-off-by: Daniel P. Berrange 
---
 tests/qemu-iotests/097 |  10 +---
 tests/qemu-iotests/097.out | 125 ++--
 tests/qemu-iotests/173 | 126 +
 tests/qemu-iotests/173.out | 119 ++
 tests/qemu-iotests/group   |   1 +
 5 files changed, 251 insertions(+), 130 deletions(-)
 create mode 100755 tests/qemu-iotests/173
 create mode 100644 tests/qemu-iotests/173.out

diff --git a/tests/qemu-iotests/097 b/tests/qemu-iotests/097
index 4c33e80..1d28aff 100755
--- a/tests/qemu-iotests/097
+++ b/tests/qemu-iotests/097
@@ -56,26 +56,19 @@ _supported_os Linux
 #  3: Two-layer backing chain, commit to lower backing file
 # (in this case, the top image will implicitly stay unchanged)
 #
-# Each pass is run twice, since qcow2 has different code paths for cleaning
-# an image depending on whether it has a snapshot.
-#
 # 020 already tests committing, so this only tests whether image chains are
 # working properly and that all images above the base are emptied; therefore,
 # no complicated patterns are necessary.  Check near the 2G mark, as qcow2
 # has been buggy at that boundary in the past.
 for i in 0 1 2 3; do
-for j in 0 1; do
 
 echo
-echo "=== Test pass $i.$j ==="
+echo "=== Test pass $i ==="
 echo
 
 TEST_IMG="$TEST_IMG.base" _make_test_img 2100M
 TEST_IMG="$TEST_IMG.itmd" _make_test_img -b "$TEST_IMG.base" 2100M
 _make_test_img -b "$TEST_IMG.itmd" 2100M
-if [ $j -eq 0 ]; then
-$QEMU_IMG snapshot -c snap "$TEST_IMG"
-fi
 
 $QEMU_IO -c 'write -P 1 0x7ffd 192k' "$TEST_IMG.base" | _filter_qemu_io
 $QEMU_IO -c 'write -P 2 0x7ffe 128k' "$TEST_IMG.itmd" | _filter_qemu_io
@@ -121,7 +114,6 @@ $QEMU_IMG map "$TEST_IMG.itmd" | _filter_qemu_img_map
 $QEMU_IMG map "$TEST_IMG" | _filter_qemu_img_map
 
 done
-done
 
 
 # success, all done
diff --git a/tests/qemu-iotests/097.out b/tests/qemu-iotests/097.out
index 8106cc9..81fc225 100644
--- a/tests/qemu-iotests/097.out
+++ b/tests/qemu-iotests/097.out
@@ -1,6 +1,6 @@
 QA output created by 097
 
-=== Test pass 0.0 ===
+=== Test pass 0 ===
 
 Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202009600
 Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202009600 
backing_file=TEST_DIR/t.IMGFMT.base
@@ -29,66 +29,7 @@ Offset  Length  File
 0x7ffd  0x1 TEST_DIR/t.IMGFMT.base
 0x7ffe  0x2 TEST_DIR/t.IMGFMT.itmd
 
-=== Test pass 0.1 ===
-
-Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202009600
-Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202009600 
backing_file=TEST_DIR/t.IMGFMT.base
-Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=2202009600 
backing_file=TEST_DIR/t.IMGFMT.itmd
-wrote 196608/196608 bytes at offset 2147287040
-192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-wrote 131072/131072 bytes at offset 2147352576
-128 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-wrote 65536/65536 bytes at offset 2147418112
-64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-Image committed.
-read 196608/196608 bytes at offset 2147287040
-192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-read 65536/65536 bytes at offset 2147287040
-64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-read 65536/65536 bytes at offset 2147352576
-64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-read 65536/65536 bytes at offset 2147418112
-64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-Offset  Length  File
-0x7ffd  0x3 TEST_DIR/t.IMGFMT.base
-Offset  Length  File
-0x7ffd  0x1 TEST_DIR/t.IMGFMT.base
-0x7ffe  0x2 TEST_DIR/t.IMGFMT.itmd
-Offset  Length  File
-0x7ffd  0x1 TEST_DIR/t.IMGFMT.base
-0x7ffe  0x2 TEST_DIR/t.IMGFMT.itmd
-
-=== Test pass 1.0 ===
-
-Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202009600
-Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202009600 
backing_file=TEST_DIR/t.IMGFMT.base
-Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=2202009600 
backing_file=TEST_DIR/t.IMGFMT.itmd
-wrote 196608/196608 bytes at offset 2147287040
-192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-wrote 131072/131072 bytes at offset 2147352576
-128 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-

[Qemu-devel] [PATCH v3 10/18] qcow2: make qcow2_encrypt_sectors encrypt in place

[Daniel P. Berrange]

Instead of requiring separate input/output buffers for
encrypting data, change qcow2_encrypt_sectors() to assume
use of a single buffer, encrypting in place. The current
callers all used the same buffer for input/output already.

Reviewed-by: Eric Blake 
Reviewed-by: Fam Zheng 
Signed-off-by: Daniel P. Berrange 
---
 block/qcow2-cluster.c | 17 ++---
 block/qcow2.c |  4 ++--
 block/qcow2.h |  3 +--
 3 files changed, 9 insertions(+), 15 deletions(-)

diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index 928c1e2..907e869 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -346,11 +346,9 @@ static int count_contiguous_clusters_by_type(int 
nb_clusters,
 }
 
 /* The crypt function is compatible with the linux cryptoloop
-   algorithm for < 4 GB images. NOTE: out_buf == in_buf is
-   supported */
+   algorithm for < 4 GB images. */
 int qcow2_encrypt_sectors(BDRVQcow2State *s, int64_t sector_num,
-  uint8_t *out_buf, const uint8_t *in_buf,
-  int nb_sectors, bool enc,
+  uint8_t *buf, int nb_sectors, bool enc,
   Error **errp)
 {
 union {
@@ -370,14 +368,12 @@ int qcow2_encrypt_sectors(BDRVQcow2State *s, int64_t 
sector_num,
 }
 if (enc) {
 ret = qcrypto_cipher_encrypt(s->cipher,
- in_buf,
- out_buf,
+ buf, buf,
  512,
  errp);
 } else {
 ret = qcrypto_cipher_decrypt(s->cipher,
- in_buf,
- out_buf,
+ buf, buf,
  512,
  errp);
 }
@@ -385,8 +381,7 @@ int qcow2_encrypt_sectors(BDRVQcow2State *s, int64_t 
sector_num,
 return -1;
 }
 sector_num++;
-in_buf += 512;
-out_buf += 512;
+buf += 512;
 }
 return 0;
 }
@@ -434,7 +429,7 @@ static int coroutine_fn do_perform_cow(BlockDriverState *bs,
 assert(s->cipher);
 assert((offset_in_cluster & ~BDRV_SECTOR_MASK) == 0);
 assert((bytes & ~BDRV_SECTOR_MASK) == 0);
-if (qcow2_encrypt_sectors(s, sector, iov.iov_base, iov.iov_base,
+if (qcow2_encrypt_sectors(s, sector, iov.iov_base,
   bytes >> BDRV_SECTOR_BITS, true, &err) < 0) {
 ret = -EIO;
 error_free(err);
diff --git a/block/qcow2.c b/block/qcow2.c
index 96fb8a8..3c14c86 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -1530,7 +1530,7 @@ static coroutine_fn int qcow2_co_preadv(BlockDriverState 
*bs, uint64_t offset,
 assert((cur_bytes & (BDRV_SECTOR_SIZE - 1)) == 0);
 Error *err = NULL;
 if (qcow2_encrypt_sectors(s, offset >> BDRV_SECTOR_BITS,
-  cluster_data, cluster_data,
+  cluster_data,
   cur_bytes >> BDRV_SECTOR_BITS,
   false, &err) < 0) {
 error_free(err);
@@ -1626,7 +1626,7 @@ static coroutine_fn int qcow2_co_pwritev(BlockDriverState 
*bs, uint64_t offset,
 qemu_iovec_to_buf(&hd_qiov, 0, cluster_data, hd_qiov.size);
 
 if (qcow2_encrypt_sectors(s, offset >> BDRV_SECTOR_BITS,
-  cluster_data, cluster_data,
+  cluster_data,
   cur_bytes >>BDRV_SECTOR_BITS,
   true, &err) < 0) {
 error_free(err);
diff --git a/block/qcow2.h b/block/qcow2.h
index 1823414..033d8c0 100644
--- a/block/qcow2.h
+++ b/block/qcow2.h
@@ -530,8 +530,7 @@ int qcow2_grow_l1_table(BlockDriverState *bs, uint64_t 
min_size,
 int qcow2_write_l1_entry(BlockDriverState *bs, int l1_index);
 int qcow2_decompress_cluster(BlockDriverState *bs, uint64_t cluster_offset);
 int qcow2_encrypt_sectors(BDRVQcow2State *s, int64_t sector_num,
-  uint8_t *out_buf, const uint8_t *in_buf,
-  int nb_sectors, bool enc, Error **errp);
+  uint8_t *buf, int nb_sectors, bool enc, Error 
**errp);
 
 int qcow2_get_cluster_offset(BlockDriverState *bs, uint64_t offset,
  unsigned int *bytes, uint64_t *cluster_offset);
-- 
2.9.3

[Qemu-devel] [PATCH v3 14/18] qcow2: add iotests to cover LUKS encryption support

[Daniel P. Berrange]

This extends the 087 iotest to cover LUKS encryption when doing
blockdev-add.

Two further tests are added to validate read/write of LUKS
encrypted images with a single file and with a backing file.

Signed-off-by: Daniel P. Berrange 
---
 tests/qemu-iotests/087 | 32 -
 tests/qemu-iotests/087.out | 14 +++-
 tests/qemu-iotests/174 | 76 
 tests/qemu-iotests/174.out | 19 ++
 tests/qemu-iotests/175 | 86 ++
 tests/qemu-iotests/175.out | 26 ++
 tests/qemu-iotests/group   |  2 ++
 7 files changed, 253 insertions(+), 2 deletions(-)
 create mode 100755 tests/qemu-iotests/174
 create mode 100644 tests/qemu-iotests/174.out
 create mode 100755 tests/qemu-iotests/175
 create mode 100644 tests/qemu-iotests/175.out

diff --git a/tests/qemu-iotests/087 b/tests/qemu-iotests/087
index 55a9e06..1c3ca9f 100755
--- a/tests/qemu-iotests/087
+++ b/tests/qemu-iotests/087
@@ -121,7 +121,7 @@ run_qemu .
+#
+
+# creator
+owner=berra...@redhat.com
+
+seq=`basename $0`
+echo "QA output created by $seq"
+
+here=`pwd`
+status=1   # failure is the default!
+
+_cleanup()
+{
+   _cleanup_test_img
+}
+trap "_cleanup; exit \$status" 0 1 2 3 15
+
+# get standard environment, filters and checks
+. ./common.rc
+. ./common.filter
+
+_supported_fmt qcow2
+_supported_proto generic
+_supported_os Linux
+
+
+size=16M
+
+SECRET="secret,id=sec0,data=astrochicken"
+SECRETALT="secret,id=sec0,data=platypus"
+
+_make_test_img --object $SECRET -o 
"encryption-format=luks,luks-key-secret=sec0,luks-iter-time=10" $size
+
+IMGSPEC="driver=$IMGFMT,file.filename=$TEST_IMG,luks-key-secret=sec0"
+
+QEMU_IO_OPTIONS=$QEMU_IO_OPTIONS_NO_FMT
+
+echo
+echo "== reading whole image =="
+$QEMU_IO --object $SECRET -c "read -P 0 0 $size" --image-opts $IMGSPEC | 
_filter_qemu_io | _filter_testdir
+
+echo
+echo "== rewriting whole image =="
+$QEMU_IO --object $SECRET -c "write -P 0xa 0 $size" --image-opts $IMGSPEC | 
_filter_qemu_io | _filter_testdir
+
+echo
+echo "== verify pattern =="
+$QEMU_IO --object $SECRET -c "read -P 0xa 0 $size"  --image-opts $IMGSPEC | 
_filter_qemu_io | _filter_testdir
+
+echo
+echo "== verify open failure with wrong password =="
+$QEMU_IO --object $SECRETALT -c "read -P 0xa 0 $size" --image-opts $IMGSPEC | 
_filter_qemu_io | _filter_testdir
+
+
+# success, all done
+echo "*** done"
+rm -f $seq.full
+status=0
diff --git a/tests/qemu-iotests/174.out b/tests/qemu-iotests/174.out
new file mode 100644
index 000..bf1a23a
--- /dev/null
+++ b/tests/qemu-iotests/174.out
@@ -0,0 +1,19 @@
+QA output created by 174
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=16777216 
encryption-format=luks luks-key-secret=sec0 luks-iter-time=10
+
+== reading whole image ==
+read 16777216/16777216 bytes at offset 0
+16 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+
+== rewriting whole image ==
+wrote 16777216/16777216 bytes at offset 0
+16 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+
+== verify pattern ==
+read 16777216/16777216 bytes at offset 0
+16 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+
+== verify open failure with wrong password ==
+can't open: Invalid password, cannot unlock any keyslot
+no file open, try 'help open'
+*** done
diff --git a/tests/qemu-iotests/175 b/tests/qemu-iotests/175
new file mode 100755
index 000..9dd03d5
--- /dev/null
+++ b/tests/qemu-iotests/175
@@ -0,0 +1,86 @@
+#!/bin/bash
+#
+# Test encrypted read/write using backing files
+#
+# Copyright (C) 2017 Red Hat, Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see .
+#
+
+# creator
+owner=berra...@redhat.com
+
+seq=`basename $0`
+echo "QA output created by $seq"
+
+here=`pwd`
+status=1   # failure is the default!
+
+_cleanup()
+{
+   _cleanup_test_img
+}
+trap "_cleanup; exit \$status" 0 1 2 3 15
+
+# get standard environment, filters and checks
+. ./common.rc
+. ./common.filter
+
+_supported_fmt qcow2
+_supported_proto generic
+_supported_os Linux
+
+
+size=16M
+TEST_IMG_BASE=$TEST_IMG.base
+SECRET0="secret,id=sec0,data=astrochicken"
+SECRET1="secret,id=sec1,data=furby"
+
+TEST_IMG_SAVE=$TEST_IMG
+TEST_IMG=$TEST_IMG_BASE
+echo "== create base =="
+_make_test_img --object $SECRET0 -o 
"encryption-format=luks,luks-key-secret=sec0,luks-iter-time=10" $size
+TEST_IMG=$TEST_IMG_SAVE
+
+IMGSPECBA

[Qemu-devel] [PATCH v3 15/18] iotests: enable tests 134 and 158 to work with qcow (v1)

[Daniel P. Berrange]

The 138 and 158 iotests exercise the legacy qcow2 aes encryption
code path and they work fine with qcow v1 too.

Reviewed-by: Max Reitz 
Signed-off-by: Daniel P. Berrange 
---
 tests/qemu-iotests/134 | 2 +-
 tests/qemu-iotests/158 | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/qemu-iotests/134 b/tests/qemu-iotests/134
index dd080a2..1a24a70 100755
--- a/tests/qemu-iotests/134
+++ b/tests/qemu-iotests/134
@@ -37,7 +37,7 @@ trap "_cleanup; exit \$status" 0 1 2 3 15
 . ./common.rc
 . ./common.filter
 
-_supported_fmt qcow2
+_supported_fmt qcow qcow2
 _supported_proto generic
 _supported_os Linux
 
diff --git a/tests/qemu-iotests/158 b/tests/qemu-iotests/158
index 7a1eb5c..2b53d9f 100755
--- a/tests/qemu-iotests/158
+++ b/tests/qemu-iotests/158
@@ -37,7 +37,7 @@ trap "_cleanup; exit \$status" 0 1 2 3 15
 . ./common.rc
 . ./common.filter
 
-_supported_fmt qcow2
+_supported_fmt qcow qcow2
 _supported_proto generic
 _supported_os Linux
 
-- 
2.9.3

[Qemu-devel] [PATCH v3 16/18] block: rip out all traces of password prompting

[Daniel P. Berrange]

Now that qcow & qcow2 are wired up to get encryption keys
via the QCryptoSecret object, nothing is relying on the
interactive prompting for passwords. All the code related
to password prompting can thus be ripped out.

Reviewed-by: Max Reitz 
Signed-off-by: Daniel P. Berrange 
---
 hmp.c | 31 -
 include/monitor/monitor.h |  7 -
 include/qemu/osdep.h  |  2 --
 monitor.c | 68 ---
 qapi-schema.json  | 10 +--
 qemu-img.c| 31 -
 qemu-io.c | 20 --
 qmp.c | 12 +
 util/oslib-posix.c| 66 -
 util/oslib-win32.c| 24 -
 10 files changed, 2 insertions(+), 269 deletions(-)

diff --git a/hmp.c b/hmp.c
index 8522efe..87ca1e0 100644
--- a/hmp.c
+++ b/hmp.c
@@ -1070,37 +1070,12 @@ void hmp_ringbuf_read(Monitor *mon, const QDict *qdict)
 g_free(data);
 }
 
-static void hmp_cont_cb(void *opaque, int err)
-{
-if (!err) {
-qmp_cont(NULL);
-}
-}
-
-static bool key_is_missing(const BlockInfo *bdev)
-{
-return (bdev->inserted && bdev->inserted->encryption_key_missing);
-}
-
 void hmp_cont(Monitor *mon, const QDict *qdict)
 {
-BlockInfoList *bdev_list, *bdev;
 Error *err = NULL;
 
-bdev_list = qmp_query_block(NULL);
-for (bdev = bdev_list; bdev; bdev = bdev->next) {
-if (key_is_missing(bdev->value)) {
-monitor_read_block_device_key(mon, bdev->value->device,
-  hmp_cont_cb, NULL);
-goto out;
-}
-}
-
 qmp_cont(&err);
 hmp_handle_error(mon, &err);
-
-out:
-qapi_free_BlockInfoList(bdev_list);
 }
 
 void hmp_system_wakeup(Monitor *mon, const QDict *qdict)
@@ -1536,12 +1511,6 @@ void hmp_change(Monitor *mon, const QDict *qdict)
 qmp_blockdev_change_medium(true, device, false, NULL, target,
!!arg, arg, !!read_only, read_only_mode,
&err);
-if (err &&
-error_get_class(err) == ERROR_CLASS_DEVICE_ENCRYPTED) {
-error_free(err);
-monitor_read_block_device_key(mon, device, NULL, NULL);
-return;
-}
 }
 
 hmp_handle_error(mon, &err);
diff --git a/include/monitor/monitor.h b/include/monitor/monitor.h
index 8cc532e..2183aac 100644
--- a/include/monitor/monitor.h
+++ b/include/monitor/monitor.h
@@ -22,13 +22,6 @@ void monitor_cleanup(void);
 int monitor_suspend(Monitor *mon);
 void monitor_resume(Monitor *mon);
 
-int monitor_read_bdrv_key_start(Monitor *mon, BlockDriverState *bs,
-BlockCompletionFunc *completion_cb,
-void *opaque);
-int monitor_read_block_device_key(Monitor *mon, const char *device,
-  BlockCompletionFunc *completion_cb,
-  void *opaque);
-
 int monitor_get_fd(Monitor *mon, const char *fdname, Error **errp);
 int monitor_fd_param(Monitor *mon, const char *fdname, Error **errp);
 
diff --git a/include/qemu/osdep.h b/include/qemu/osdep.h
index 689f253..d79e9a5 100644
--- a/include/qemu/osdep.h
+++ b/include/qemu/osdep.h
@@ -396,8 +396,6 @@ void qemu_set_tty_echo(int fd, bool echo);
 
 void os_mem_prealloc(int fd, char *area, size_t sz, Error **errp);
 
-int qemu_read_password(char *buf, int buf_size);
-
 /**
  * qemu_get_pid_name:
  * @pid: pid of a process
diff --git a/monitor.c b/monitor.c
index 8b06b63..ef2c843 100644
--- a/monitor.c
+++ b/monitor.c
@@ -4035,74 +4035,6 @@ void monitor_cleanup(void)
 qemu_mutex_unlock(&monitor_lock);
 }
 
-static void bdrv_password_cb(void *opaque, const char *password,
- void *readline_opaque)
-{
-Monitor *mon = opaque;
-BlockDriverState *bs = readline_opaque;
-int ret = 0;
-Error *local_err = NULL;
-
-bdrv_add_key(bs, password, &local_err);
-if (local_err) {
-error_report_err(local_err);
-ret = -EPERM;
-}
-if (mon->password_completion_cb)
-mon->password_completion_cb(mon->password_opaque, ret);
-
-monitor_read_command(mon, 1);
-}
-
-int monitor_read_bdrv_key_start(Monitor *mon, BlockDriverState *bs,
-BlockCompletionFunc *completion_cb,
-void *opaque)
-{
-int err;
-
-monitor_printf(mon, "%s (%s) is encrypted.\n", bdrv_get_device_name(bs),
-   bdrv_get_encrypted_filename(bs));
-
-mon->password_completion_cb = completion_cb;
-mon->password_opaque = opaque;
-
-err = monitor_read_password(mon, bdrv_password_cb, bs);
-
-if (err && completion_cb)
-completion_cb(opaque, err);
-
-return err;
-}
-
-int monitor_read_block_device_key(Monitor *mon, const char *device,
-  BlockCompletio

[Qemu-devel] [PATCH v3 18/18] block: pass option prefix down to crypto layer

[Daniel P. Berrange]

While the crypto layer uses a fixed option name "key-secret",
the upper block layer may have a prefix on the options. e.g.
"luks-key-secret", "aes-key-secret", in order to avoid clashes
between crypto option names & other block option names. To
ensure the crypto layer can report accurate error messages,
we must tell it what option name prefix was used.

Signed-off-by: Daniel P. Berrange 
---
 block/crypto.c |  4 ++--
 block/qcow.c   |  7 ---
 block/qcow2.c  | 15 +--
 crypto/block-luks.c|  8 ++--
 crypto/block-qcow.c|  8 ++--
 crypto/block.c |  6 --
 crypto/blockpriv.h |  2 ++
 include/crypto/block.h |  6 +-
 8 files changed, 38 insertions(+), 18 deletions(-)

diff --git a/block/crypto.c b/block/crypto.c
index 6d6bd90..22bc6ba 100644
--- a/block/crypto.c
+++ b/block/crypto.c
@@ -369,7 +369,7 @@ static int block_crypto_open_generic(QCryptoBlockFormat 
format,
 if (flags & BDRV_O_NO_IO) {
 cflags |= QCRYPTO_BLOCK_OPEN_NO_IO;
 }
-crypto->block = qcrypto_block_open(open_opts,
+crypto->block = qcrypto_block_open(open_opts, NULL,
block_crypto_read_func,
bs,
cflags,
@@ -409,7 +409,7 @@ static int block_crypto_create_generic(QCryptoBlockFormat 
format,
 return -1;
 }
 
-crypto = qcrypto_block_create(create_opts,
+crypto = qcrypto_block_create(create_opts, NULL,
   block_crypto_init_func,
   block_crypto_write_func,
   &data,
diff --git a/block/qcow.c b/block/qcow.c
index cf05449..8047415 100644
--- a/block/qcow.c
+++ b/block/qcow.c
@@ -197,8 +197,8 @@ static int qcow_open(BlockDriverState *bs, QDict *options, 
int flags,
 if (flags & BDRV_O_NO_IO) {
 cflags |= QCRYPTO_BLOCK_OPEN_NO_IO;
 }
-s->crypto = qcrypto_block_open(crypto_opts, NULL, NULL,
-   cflags, errp);
+s->crypto = qcrypto_block_open(crypto_opts, "aes-",
+   NULL, NULL, cflags, errp);
 if (!s->crypto) {
 ret = -EINVAL;
 goto fail;
@@ -819,7 +819,8 @@ static int qcow_create(const char *filename, QemuOpts 
*opts, Error **errp)
 goto exit;
 }
 
-crypto = qcrypto_block_create(crypto_opts, NULL, NULL, NULL, errp);
+crypto = qcrypto_block_create(crypto_opts, "aes-",
+  NULL, NULL, NULL, errp);
 if (!crypto) {
 ret = -EINVAL;
 goto exit;
diff --git a/block/qcow2.c b/block/qcow2.c
index 7c8e602..4f2da2f 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -284,7 +284,7 @@ static int qcow2_read_extensions(BlockDriverState *bs, 
uint64_t start_offset,
  * provide the same key-secret property against the full
  * backing chain
  */
-s->crypto = qcrypto_block_open(s->crypto_opts,
+s->crypto = qcrypto_block_open(s->crypto_opts, "luks-",
qcow2_crypto_hdr_read_func,
bs, cflags, errp);
 if (!s->crypto) {
@@ -1291,8 +1291,8 @@ static int qcow2_open(BlockDriverState *bs, QDict 
*options, int flags,
  * provide the same key-secret property against the full
  * backing chain
  */
-s->crypto = qcrypto_block_open(s->crypto_opts, NULL, NULL,
-   cflags, errp);
+s->crypto = qcrypto_block_open(s->crypto_opts, "aes-",
+   NULL, NULL, cflags, errp);
 if (!s->crypto) {
 ret = -EINVAL;
 goto fail;
@@ -2209,14 +2209,17 @@ static int qcow2_set_up_encryption(BlockDriverState 
*bs, QemuOpts *opts,
 QCryptoBlockCreateOptions *cryptoopts = NULL;
 QCryptoBlock *crypto = NULL;
 int ret = -EINVAL;
+const char *optprefix;
 
 if (g_str_equal(format, "luks")) {
+optprefix = "luks-";
 cryptoopts = block_crypto_create_opts_init(
-Q_CRYPTO_BLOCK_FORMAT_LUKS, opts, "luks-", errp);
+Q_CRYPTO_BLOCK_FORMAT_LUKS, opts, optprefix, errp);
 s->crypt_method_header = QCOW_CRYPT_LUKS;
 } else if (g_str_equal(format, "aes")) {
+optprefix = "aes-";
 cryptoopts = block_crypto_create_opts_init(
-Q_CRYPTO_BLOCK_FORMAT_QCOW, opts, "aes-", errp);
+Q_CRYPTO_BLOCK_FORMAT_QCOW, opts, optprefix, errp);
 s->crypt_method_header = QCOW_CRYPT_AES;
 } else {
 error_setg(errp, "Unknown encryption format %s", format);
@@ -2228,7 +2231,7 @@ static int qcow2_set_up_encryption(BlockDriverState *bs, 
QemuOpts *opts,
 goto out;
 }
 
-c

[Qemu-devel] [PATCH v3 17/18] block: remove all encryption handling APIs

[Daniel P. Berrange]

Now that all encryption keys must be provided upfront via
the QCryptoSecret API and associated block driver properties
there is no need for any explicit encryption handling APIs
in the block layer. Encryption can be handled transparently
within the block driver. We only retain an API for querying
whether an image is encrypted or not, since that is a
potentially useful piece of metadata to report to the user.

Reviewed-by: Max Reitz 
Signed-off-by: Daniel P. Berrange 
---
 block.c   | 77 +--
 block/crypto.c|  1 -
 block/qapi.c  |  2 +-
 block/qcow.c  |  1 -
 block/qcow2.c |  1 -
 blockdev.c| 37 ++-
 include/block/block.h |  3 --
 include/block/block_int.h |  1 -
 include/qapi/error.h  |  1 -
 qapi/block-core.json  |  3 +-
 qapi/common.json  |  5 +--
 11 files changed, 6 insertions(+), 126 deletions(-)

diff --git a/block.c b/block.c
index 39ddea3..27cca49 100644
--- a/block.c
+++ b/block.c
@@ -1865,15 +1865,7 @@ static BlockDriverState *bdrv_open_inherit(const char 
*filename,
 goto close_and_fail;
 }
 
-if (!bdrv_key_required(bs)) {
-bdrv_parent_cb_change_media(bs, true);
-} else if (!runstate_check(RUN_STATE_PRELAUNCH)
-   && !runstate_check(RUN_STATE_INMIGRATE)
-   && !runstate_check(RUN_STATE_PAUSED)) { /* HACK */
-error_setg(errp,
-   "Guest must be stopped for opening of encrypted image");
-goto close_and_fail;
-}
+bdrv_parent_cb_change_media(bs, true);
 
 QDECREF(options);
 
@@ -2354,7 +2346,6 @@ static void bdrv_close(BlockDriverState *bs)
 bs->backing_format[0] = '\0';
 bs->total_sectors = 0;
 bs->encrypted = false;
-bs->valid_key = false;
 bs->sg = false;
 QDECREF(bs->options);
 QDECREF(bs->explicit_options);
@@ -2723,72 +2714,6 @@ bool bdrv_is_encrypted(BlockDriverState *bs)
 return bs->encrypted;
 }
 
-bool bdrv_key_required(BlockDriverState *bs)
-{
-BdrvChild *backing = bs->backing;
-
-if (backing && backing->bs->encrypted && !backing->bs->valid_key) {
-return true;
-}
-return (bs->encrypted && !bs->valid_key);
-}
-
-int bdrv_set_key(BlockDriverState *bs, const char *key)
-{
-int ret;
-if (bs->backing && bs->backing->bs->encrypted) {
-ret = bdrv_set_key(bs->backing->bs, key);
-if (ret < 0)
-return ret;
-if (!bs->encrypted)
-return 0;
-}
-if (!bs->encrypted) {
-return -EINVAL;
-} else if (!bs->drv || !bs->drv->bdrv_set_key) {
-return -ENOMEDIUM;
-}
-ret = bs->drv->bdrv_set_key(bs, key);
-if (ret < 0) {
-bs->valid_key = false;
-} else if (!bs->valid_key) {
-/* call the change callback now, we skipped it on open */
-bs->valid_key = true;
-bdrv_parent_cb_change_media(bs, true);
-}
-return ret;
-}
-
-/*
- * Provide an encryption key for @bs.
- * If @key is non-null:
- * If @bs is not encrypted, fail.
- * Else if the key is invalid, fail.
- * Else set @bs's key to @key, replacing the existing key, if any.
- * If @key is null:
- * If @bs is encrypted and still lacks a key, fail.
- * Else do nothing.
- * On failure, store an error object through @errp if non-null.
- */
-void bdrv_add_key(BlockDriverState *bs, const char *key, Error **errp)
-{
-if (key) {
-if (!bdrv_is_encrypted(bs)) {
-error_setg(errp, "Node '%s' is not encrypted",
-  bdrv_get_device_or_node_name(bs));
-} else if (bdrv_set_key(bs, key) < 0) {
-error_setg(errp, QERR_INVALID_PASSWORD);
-}
-} else {
-if (bdrv_key_required(bs)) {
-error_set(errp, ERROR_CLASS_DEVICE_ENCRYPTED,
-  "'%s' (%s) is encrypted",
-  bdrv_get_device_or_node_name(bs),
-  bdrv_get_encrypted_filename(bs));
-}
-}
-}
-
 const char *bdrv_get_format_name(BlockDriverState *bs)
 {
 return bs->drv ? bs->drv->format_name : NULL;
diff --git a/block/crypto.c b/block/crypto.c
index 9201cb0..6d6bd90 100644
--- a/block/crypto.c
+++ b/block/crypto.c
@@ -381,7 +381,6 @@ static int block_crypto_open_generic(QCryptoBlockFormat 
format,
 }
 
 bs->encrypted = true;
-bs->valid_key = true;
 
 ret = 0;
  cleanup:
diff --git a/block/qapi.c b/block/qapi.c
index a62e862..68cab56 100644
--- a/block/qapi.c
+++ b/block/qapi.c
@@ -45,7 +45,7 @@ BlockDeviceInfo *bdrv_block_device_info(BlockBackend *blk,
 info->ro = bs->read_only;
 info->drv= g_strdup(bs->drv->format_name);
 info->encrypted  = bs->encrypted;
-info->encryption_key_missing = bdrv_key_required(bs);
+info->encryption_key_missing = false;
 
 info->cache = g_new(BlockdevCacheInfo, 1);

[Qemu-devel] [PULL v1] Merge io/ 2017/01/26

[Daniel P. Berrange]

The following changes since commit c7f1cf01b8245762ca5864e835d84f6677ae8b1f:

  Merge remote-tracking branch 'remotes/gkurz/tags/for-upstream' into staging 
(2017-01-25 17:54:14 +)

are available in the git repository at:

  git://github.com/berrange/qemu tags/pull-qio-2017-01-26-1

for you to fetch changes up to 80fb34eda099e7cc519a91e9701ab3c0262717b3:

  io: fix possible double free of task error object (2017-01-26 10:26:18 +)


Merge io/ 2017/01/26


Daniel P. Berrange (1):
  io: fix possible double free of task error object

 io/task.c| 1 +
 tests/test-io-task.c | 4 +++-
 2 files changed, 4 insertions(+), 1 deletion(-)

-- 
2.9.3

[Qemu-devel] [PULL 1/1] aio-posix: honor is_external in AioContext polling

[Stefan Hajnoczi]

AioHandlers marked ->is_external must be skipped when aio_node_check()
fails.  bdrv_drained_begin() needs this to prevent dataplane from
submitting new I/O requests while another thread accesses the device and
relies on it being quiesced.

This patch fixes the following segfault:

  Program terminated with signal SIGSEGV, Segmentation fault.
  #0  0x5577f6127dad in bdrv_io_plug (bs=0x5577f7ae52f0) at 
qemu/block/io.c:2650
  2650bdrv_io_plug(child->bs);
  [Current thread is 1 (Thread 0x7ff5c4bd1c80 (LWP 10917))]
  (gdb) bt
  #0  0x5577f6127dad in bdrv_io_plug (bs=0x5577f7ae52f0) at 
qemu/block/io.c:2650
  #1  0x5577f6114363 in blk_io_plug (blk=0x5577f7b8ba20) at 
qemu/block/block-backend.c:1561
  #2  0x5577f5d4091d in virtio_blk_handle_vq (s=0x5577f9ada030, 
vq=0x5577f9b3d2a0) at qemu/hw/block/virtio-blk.c:589
  #3  0x5577f5d4240d in virtio_blk_data_plane_handle_output 
(vdev=0x5577f9ada030, vq=0x5577f9b3d2a0) at 
qemu/hw/block/dataplane/virtio-blk.c:158
  #4  0x5577f5d88acd in virtio_queue_notify_aio_vq (vq=0x5577f9b3d2a0) at 
qemu/hw/virtio/virtio.c:1304
  #5  0x5577f5d8aaaf in virtio_queue_host_notifier_aio_poll 
(opaque=0x5577f9b3d308) at qemu/hw/virtio/virtio.c:2134
  #6  0x5577f60ca077 in run_poll_handlers_once (ctx=0x5577f79ddbb0) at 
qemu/aio-posix.c:493
  #7  0x5577f60ca268 in try_poll_mode (ctx=0x5577f79ddbb0, blocking=true) 
at qemu/aio-posix.c:569
  #8  0x5577f60ca331 in aio_poll (ctx=0x5577f79ddbb0, blocking=true) at 
qemu/aio-posix.c:601
  #9  0x5577f612722a in bdrv_flush (bs=0x5577f7c20970) at 
qemu/block/io.c:2403
  #10 0x5577f60c1b2d in bdrv_close (bs=0x5577f7c20970) at qemu/block.c:2322
  #11 0x5577f60c20e7 in bdrv_delete (bs=0x5577f7c20970) at qemu/block.c:2465
  #12 0x5577f60c3ecf in bdrv_unref (bs=0x5577f7c20970) at qemu/block.c:3425
  #13 0x5577f60bf951 in bdrv_root_unref_child (child=0x5577f7a2de70) at 
qemu/block.c:1361
  #14 0x5577f6112162 in blk_remove_bs (blk=0x5577f7b8ba20) at 
qemu/block/block-backend.c:491
  #15 0x5577f6111b1b in blk_remove_all_bs () at 
qemu/block/block-backend.c:245
  #16 0x5577f60c1db6 in bdrv_close_all () at qemu/block.c:2382
  #17 0x5577f5e60cca in main (argc=20, argv=0x7ffea6eb8398, 
envp=0x7ffea6eb8440) at qemu/vl.c:4684

The key thing is that bdrv_close() uses bdrv_drained_begin() and
virtio_queue_host_notifier_aio_poll() must not be called.

Thanks to Fam Zheng  for identifying the root cause of
this crash.

Reported-by: Alberto Garcia 
Signed-off-by: Stefan Hajnoczi 
Reviewed-by: Fam Zheng 
Tested-by: Alberto Garcia 
Message-id: 20170124095350.16679-1-stefa...@redhat.com
Signed-off-by: Stefan Hajnoczi 
---
 aio-posix.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/aio-posix.c b/aio-posix.c
index 9453d83..a8d7090 100644
--- a/aio-posix.c
+++ b/aio-posix.c
@@ -508,7 +508,8 @@ static bool run_poll_handlers_once(AioContext *ctx)
 
 QLIST_FOREACH_RCU(node, &ctx->aio_handlers, node) {
 if (!node->deleted && node->io_poll &&
-node->io_poll(node->opaque)) {
+aio_node_check(ctx, node->is_external) &&
+node->io_poll(node->opaque)) {
 progress = true;
 }
 
-- 
2.9.3

[Qemu-devel] [PULL v1] io: fix possible double free of task error object

[Daniel P. Berrange]

If a QIOTask has an error set and the calling code uses
qio_task_propagate_error() to steal the reference to
that Error object, the task would not clear its own
reference. This would lead to a double-free when
qio_task_free runs, if the caller had (correctly) freed
the Error object they now owned.

Signed-off-by: Daniel P. Berrange 
---
 io/task.c| 1 +
 tests/test-io-task.c | 4 +++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/io/task.c b/io/task.c
index 60bf1a9..3ce5560 100644
--- a/io/task.c
+++ b/io/task.c
@@ -157,6 +157,7 @@ bool qio_task_propagate_error(QIOTask *task,
 {
 if (task->err) {
 error_propagate(errp, task->err);
+task->err = NULL;
 return true;
 }
 
diff --git a/tests/test-io-task.c b/tests/test-io-task.c
index ff62272..141aa2c 100644
--- a/tests/test-io-task.c
+++ b/tests/test-io-task.c
@@ -127,7 +127,7 @@ static void test_task_failure(void)
 g_assert(data.source == obj);
 g_assert(data.err == err);
 g_assert(data.freed == false);
-
+error_free(data.err);
 }
 
 
@@ -238,6 +238,8 @@ static void test_task_thread_failure(void)
 g_assert(data.source == obj);
 g_assert(data.err != NULL);
 
+error_free(data.err);
+
 self = g_thread_self();
 
 /* Make sure the test_task_thread_worker actually got
-- 
2.9.3

[Qemu-devel] [PATCH v3 13/18] qcow2: add support for LUKS encryption format

[Daniel P. Berrange]

This adds support for using LUKS as an encryption format
with the qcow2 file. The use of the existing 'encryption=on'
parameter is replaced by a new parameter 'encryption-format'
which takes the values 'aes' or 'luks'. e.g.

  # qemu-img create --object secret,data=123456,id=sec0 \
   -f qcow2 -o encryption-format=luks,luks-key-secret=sec0 \
   test.qcow2 10G

results in the creation of an image using the LUKS format.
Use of the legacy 'encryption=on' parameter still results
in creation of the old qcow2 AES format, and is equivalent
to the new 'encryption-format=aes'. e.g. the following are
equivalent:

  # qemu-img create --object secret,data=123456,id=sec0 \
   -f qcow2 -o encryption=on,aes-key-secret=sec0 \
   test.qcow2 10G

 # qemu-img create --object secret,data=123456,id=sec0 \
   -f qcow2 -o encryption-format=aes,aes-key-secret=sec0 \
   test.qcow2 10G

With the LUKS format it is necessary to store the LUKS
partition header and key material in the QCow2 file. This
data can be many MB in size, so cannot go into the QCow2
header region directly. Thus the spec defines a FDE
(Full Disk Encryption) header extension that specifies
the offset of a set of clusters to hold the FDE headers,
as well as the length of that region. The LUKS header is
thus stored in these extra allocated clusters before the
main image payload.

Aside from all the cryptographic differences implied by
use of the LUKS format, there is one further key difference
between the use of legacy AES and LUKS encryption in qcow2.
For LUKS, the initialiazation vectors are generated using
the host physical sector as the input, rather than the
guest virtual sector. This guarantees unique initialization
vectors for all sectors when qcow2 internal snapshots are
used, thus giving stronger protection against watermarking
attacks.

Signed-off-by: Daniel P. Berrange 
---
 block/qcow2-cluster.c  |   4 +-
 block/qcow2-refcount.c |  10 ++
 block/qcow2.c  | 284 +++--
 block/qcow2.h  |   9 ++
 include/block/block_int.h  |   1 +
 qapi/block-core.json   |  11 +-
 qemu-img.c |   4 +-
 tests/qemu-iotests/082.out | 270 +-
 8 files changed, 527 insertions(+), 66 deletions(-)

diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index a2103dc..866b122 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -383,7 +383,9 @@ static int coroutine_fn do_perform_cow(BlockDriverState *bs,
 
 if (bs->encrypted) {
 Error *err = NULL;
-int64_t sector = (src_cluster_offset + offset_in_cluster)
+int64_t sector = (s->crypt_physical_offset ?
+  (cluster_offset + offset_in_cluster) :
+  (src_cluster_offset + offset_in_cluster))
  >> BDRV_SECTOR_BITS;
 assert((offset_in_cluster & ~BDRV_SECTOR_MASK) == 0);
 assert((bytes & ~BDRV_SECTOR_MASK) == 0);
diff --git a/block/qcow2-refcount.c b/block/qcow2-refcount.c
index cbfb3fe..afa4636 100644
--- a/block/qcow2-refcount.c
+++ b/block/qcow2-refcount.c
@@ -1843,6 +1843,16 @@ static int calculate_refcounts(BlockDriverState *bs, 
BdrvCheckResult *res,
 return ret;
 }
 
+/* encryption */
+if (s->crypto_header.length) {
+ret = inc_refcounts(bs, res, refcount_table, nb_clusters,
+s->crypto_header.offset,
+s->crypto_header.length);
+if (ret < 0) {
+return ret;
+}
+}
+
 return check_refblocks(bs, res, fix, rebuild, refcount_table, nb_clusters);
 }
 
diff --git a/block/qcow2.c b/block/qcow2.c
index 6f5095b..4dc7a64 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -66,6 +66,7 @@ typedef struct {
 #define  QCOW2_EXT_MAGIC_END 0
 #define  QCOW2_EXT_MAGIC_BACKING_FORMAT 0xE2792ACA
 #define  QCOW2_EXT_MAGIC_FEATURE_TABLE 0x6803f857
+#define  QCOW2_EXT_MAGIC_CRYPTO_HEADER 0x0537be77
 
 static int qcow2_probe(const uint8_t *buf, int buf_size, const char *filename)
 {
@@ -80,6 +81,86 @@ static int qcow2_probe(const uint8_t *buf, int buf_size, 
const char *filename)
 }
 
 
+static ssize_t qcow2_crypto_hdr_read_func(QCryptoBlock *block, size_t offset,
+  uint8_t *buf, size_t buflen,
+  Error **errp, void *opaque)
+{
+BlockDriverState *bs = opaque;
+BDRVQcow2State *s = bs->opaque;
+ssize_t ret;
+
+if ((offset + buflen) > s->crypto_header.length) {
+error_setg(errp, "Request for data outside of extension header");
+return -1;
+}
+
+ret = bdrv_pread(bs->file,
+ s->crypto_header.offset + offset, buf, buflen);
+if (ret < 0) {
+error_setg_errno(errp, -ret, "Could not read encryption header");
+return -1;
+}
+return ret;
+}
+
+
+static ssize_t qcow2_crypto_hdr_init_func(QCryptoBlock *block, size

Re: [Qemu-devel] [PATCH 2/2] hw/arm/virt: no ITS on older machine types

[Peter Maydell]

On 26 January 2017 at 07:58, Auger Eric  wrote:
> On 20/01/2017 16:52, Peter Maydell wrote:
>> So this patch added a no_its flag which gets set for virt-2.7
>> and earlier, but there's no user-facing way to say "I'd like
>> a virt-2.8 board with no ITS", right? That's a bit unfortunate
>> because the ITS can't be migrated, which means there's no way
>> to ask for a post-2.7 virt board which can be migrated...
>
> Sorry for the delay.
>
> For 2.9 machine I can add a new property that would allow the user to
> deselect the ITS. Would that make sense?

Maybe, but Christoffer pointed out to me that we can't do
migration of the GICv3 yet anyway, so I was getting a bit
ahead of myself -- non-migratable ITS doesn't break something
that worked previously. So perhaps we're OK the way we are?

thanks
-- PMM

Re: [Qemu-devel] [PATCH] s390x/flic: fix compilation of kvm flic

[Cornelia Huck]

On Wed, 25 Jan 2017 13:17:10 +0100
Cornelia Huck  wrote:

> 2c21ee7 ("migration: extend VMStateInfo") missed a void -> int
> return conversion for kvm_flic_save().
> 
> Fixes: 2c21ee7 ("migration: extend VMStateInfo")
> Signed-off-by: Cornelia Huck 
> ---
>  hw/intc/s390_flic_kvm.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/hw/intc/s390_flic_kvm.c b/hw/intc/s390_flic_kvm.c
> index da8e4dfab6..e86a84e49a 100644
> --- a/hw/intc/s390_flic_kvm.c
> +++ b/hw/intc/s390_flic_kvm.c
> @@ -303,7 +303,7 @@ static int kvm_flic_save(QEMUFile *f, void *opaque, 
> size_t size,
>   * migration state */
>  error_report("flic: couldn't allocate memory");
>  qemu_put_be64(f, FLIC_FAILED);
> -return;
> +return 0;
>  }
> 
>  count = __get_all_irqs(flic, &buf, len);

Added to my s390-next branch.

Re: [Qemu-devel] [PATCH v5 02/18] vfio: introduce vfio_get_vaddr()

[Paolo Bonzini]

On 26/01/2017 08:12, Peter Xu wrote:
> 
> /*
>  * Here, we need to have the lock not only for vfio_get_vaddr(),
>  * but also needs to make sure that the vaddr will be valid for
>  * further operations.
>  *
>  * When we map new pages, we need the lock to make sure that vaddr
>  * is valid along the way we build up the IO page table (via
>  * vfio_dma_map()). Then, as long as the mapping is set up, we can
>  * unlock since those pages will be pinned in kernel (which makes
>  * sure that the RAM backend of vaddr will always be there, even
>  * if the memory object is destroyed and RAM released).
>  *
>  * For unmapping case, we don't really need the protection since
>  * the pages are in all cases locked in kernel, so we'll probably
>  * be safe even without the lock. However, it won't hurt we have
>  * the lock as well here.
>  */

Even simpler, just before the definition of vfio_get_vaddr:

/* Called with rcu_read_lock held.  */

and just before the vfio_dma_map call:

/* vaddr is only valid until rcu_read_unlock().  But after
 * vfio_dma_map has set up the mapping the pages will be pinned
 * by the kernel.  This makes sure that the RAM backend of vaddr
 * will always be there, even if the memory object is destroyed
 * and its backing memory munmap-ed.
 */

I'm not sure that you can get rid of the lock for the unmapping case.
Better remove that part of the comment.

Thanks,

Paolo

Re: [Qemu-devel] [PATCH v2 5/7] new debian-multiarch-cross.docker: a cross-compiling docker guest

[Fam Zheng]

On Tue, 01/24 14:33, Alex Bennée wrote:
> This provides a basic Debian install with access to the emdebian cross
> compilers for armhf, arm64, mipsel and ppc64el. On its own it provides
> the basic cross build essentials for building any of those
> architectures. More complex cross-compilations would need to install
> library dependencies on top of this image.
> 
> An example use:
> 
>   docker run --rm -it \
> -v /home/alex/lsrc/qemu/qemu.git/:/home/alex/lsrc/qemu/qemu.git/ \
> --user=alex:alex \
> -w /home/alex/lsrc/qemu/qemu.git/arm-linux-user/tests \
> -e CROSS_CC="arm-linux-gnueabihf-gcc" \
> debian:cross make -f ../../tests/tcg/arm/Makefile
> 
> Signed-off-by: Alex Bennée 
> 
> ---
> v2
>   - add clang (keep shippable happy)
>   - rm adduser code (done direct now)
>   - add aptitude (useful for debugging package clashes)
> ---
>  .../dockerfiles/debian-multiarch-cross.docker  | 45 
> ++
>  1 file changed, 45 insertions(+)
>  create mode 100644 tests/docker/dockerfiles/debian-multiarch-cross.docker
> 
> diff --git a/tests/docker/dockerfiles/debian-multiarch-cross.docker 
> b/tests/docker/dockerfiles/debian-multiarch-cross.docker
> new file mode 100644
> index 00..749fdf07e1
> --- /dev/null
> +++ b/tests/docker/dockerfiles/debian-multiarch-cross.docker
> @@ -0,0 +1,45 @@
> +#
> +# Docker multiarch cross-compiler target
> +#
> +# This docker target is builds on Debian and Emdebian's cross compiler 
> targets
> +# to build distro with a selection of cross compilers for building test 
> binaries.
> +#
> +# This does not include the build dependancies for QEMU as there are
> +# so many there are unresolvable clashes.
> +#
> +FROM debian:stable-slim
> +
> +# Setup some basic tools we need
> +RUN apt update
> +RUN apt install -yy curl aptitude
> +
> +# Setup Emdebian
> +RUN echo "deb http://emdebian.org/tools/debian/ jessie main" >> 
> /etc/apt/sources.list
> +RUN curl http://emdebian.org/tools/debian/emdebian-toolchain-archive.key | 
> apt-key add -
> +
> +# Duplicate deb line as deb-src
> +RUN cat /etc/apt/sources.list | sed "s/deb/deb-src/" >> /etc/apt/sources.list
> +
> +# Add the foriegn architectures we want
> +RUN dpkg --add-architecture armhf
> +RUN dpkg --add-architecture arm64
> +RUN dpkg --add-architecture mipsel
> +RUN dpkg --add-architecture ppc64el
> +
> +#FIXME: Currently these cause clashes due to multi-arch being an ongoig 
> process

"ongoing"?

> +#RUN dpkg --add-architecture mips
> +#RUN dpkg --add-architecture powerpc
> +
> +# Final update
> +RUN apt update
> +
> +# Install the crossbuild essential packages
> +# FIXME: crossbuild-essential-powerpc has a clash with '/lib/ld.so.1'
> +RUN apt install -yy clang crossbuild-essential-arm64 
> crossbuild-essential-armhf crossbuild-essential-mipsel 
> crossbuild-essential-ppc64el
> +
> +# Before you can actually build something you need to install its build 
> dependancies.
> +# This is best done in a child container as architecture specific -dev 
> packages have a habit of clashing with
> +# each other because not everything is fully complient with the multiarch 
> specififcation.

"compliant"?

> +#
> +# To install the QEMU build dependacnies you need to run:
> +# RUN apt-get build-dep -yy -a armhf qemu
> -- 
> 2.11.0
> 

Does this image work with our tests, such as "make
docker-test-quick@debian-multiarch-cross"? If not let's put it into a different
folder okay?

Fam

[Qemu-devel] [PULL 0/1] s390x build fix

[Cornelia Huck]

The following changes since commit c7f1cf01b8245762ca5864e835d84f6677ae8b1f:

  Merge remote-tracking branch 'remotes/gkurz/tags/for-upstream' into staging 
(2017-01-25 17:54:14 +)

are available in the git repository at:

  git://github.com/cohuck/qemu tags/s390x-20170126

for you to fetch changes up to a87adb6685bed1d4dffc55221197ea86ced48361:

  s390x/flic: fix compilation of kvm flic (2017-01-26 10:33:48 +0100)


One compile fix for s390x with kvm enabled.



Cornelia Huck (1):
  s390x/flic: fix compilation of kvm flic

 hw/intc/s390_flic_kvm.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

-- 
2.11.0

[Qemu-devel] [PULL 1/1] s390x/flic: fix compilation of kvm flic

[Cornelia Huck]

2c21ee7 ("migration: extend VMStateInfo") missed a void -> int
return conversion for kvm_flic_save().

Fixes: 2c21ee7 ("migration: extend VMStateInfo")
Signed-off-by: Cornelia Huck 
Reviewed-by: Dr. David Alan Gilbert 
---
 hw/intc/s390_flic_kvm.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/intc/s390_flic_kvm.c b/hw/intc/s390_flic_kvm.c
index da8e4dfab6..e86a84e49a 100644
--- a/hw/intc/s390_flic_kvm.c
+++ b/hw/intc/s390_flic_kvm.c
@@ -303,7 +303,7 @@ static int kvm_flic_save(QEMUFile *f, void *opaque, size_t 
size,
  * migration state */
 error_report("flic: couldn't allocate memory");
 qemu_put_be64(f, FLIC_FAILED);
-return;
+return 0;
 }
 
 count = __get_all_irqs(flic, &buf, len);
-- 
2.11.0

[Qemu-devel] [PATCH v1 6/6] qemu-img: copy *key-secret opts when opening newly created files

[Daniel P. Berrange]

The qemu-img dd/convert commands will create a image file and
then try to open it. Historically it has been possible to open
new files without passing any options. With encrypted files
though, the *key-secret options are mandatory, so we need to
provide those options when opening the newlky created file.

Signed-off-by: Daniel P. Berrange 
---
 qemu-img.c | 51 +++
 1 file changed, 47 insertions(+), 4 deletions(-)

diff --git a/qemu-img.c b/qemu-img.c
index a751781..130cec7 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -317,6 +317,49 @@ static BlockBackend *img_open_file(const char *filename,
 }
 
 
+static int img_add_key_secrets(void *opaque,
+   const char *name, const char *value,
+   Error **errp)
+{
+QDict **options = opaque;
+
+if (g_str_has_suffix(name, "key-secret")) {
+if (!*options) {
+*options = qdict_new();
+}
+qdict_put(*options, name, qstring_from_str(value));
+}
+
+return 0;
+}
+
+static BlockBackend *img_open_new_file(const char *filename,
+   QemuOpts *create_opts,
+   const char *fmt, int flags,
+   bool writethrough, bool quiet)
+{
+BlockBackend *blk;
+Error *local_err = NULL;
+QDict *options = NULL;
+
+if (fmt) {
+options = qdict_new();
+qdict_put(options, "driver", qstring_from_str(fmt));
+}
+
+qemu_opt_foreach(create_opts, img_add_key_secrets, &options, NULL);
+
+blk = blk_new_open(filename, NULL, options, flags, &local_err);
+if (!blk) {
+error_reportf_err(local_err, "Could not open '%s': ", filename);
+return NULL;
+}
+blk_set_enable_write_cache(blk, !writethrough);
+
+return blk;
+}
+
+
 static BlockBackend *img_open(bool image_opts,
   const char *filename,
   const char *fmt, int flags, bool writethrough,
@@ -2113,8 +2156,8 @@ static int img_convert(int argc, char **argv)
  * That has to wait for bdrv_create to be improved
  * to allow filenames in option syntax
  */
-out_blk = img_open_file(out_filename, out_fmt,
-flags, writethrough, quiet);
+out_blk = img_open_new_file(out_filename, opts, out_fmt,
+flags, writethrough, quiet);
 }
 if (!out_blk) {
 ret = -1;
@@ -4179,8 +4222,8 @@ static int img_dd(int argc, char **argv)
  * That has to wait for bdrv_create to be improved
  * to allow filenames in option syntax
  */
-blk2 = img_open_file(out.filename, out_fmt,
- BDRV_O_RDWR, false, false);
+blk2 = img_open_new_file(out.filename, opts, out_fmt,
+ BDRV_O_RDWR, false, false);
 }
 
 if (!blk2) {
-- 
2.9.3

[Qemu-devel] [PATCH v1 1/6] qemu-img: add support for --object with 'dd' command

[Daniel P. Berrange]

The qemu-img dd command added --image-opts support, but missed
the corresponding --object support. This prevented passing
secrets (eg auth passwords) needed by certain disk images.

Signed-off-by: Daniel P. Berrange 
---
 qemu-img.c | 16 
 1 file changed, 16 insertions(+)

diff --git a/qemu-img.c b/qemu-img.c
index 74e3362..391a141 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -3949,6 +3949,7 @@ static int img_dd(int argc, char **argv)
 };
 const struct option long_options[] = {
 { "help", no_argument, 0, 'h'},
+{ "object", required_argument, 0, OPTION_OBJECT},
 { "image-opts", no_argument, 0, OPTION_IMAGE_OPTS},
 { 0, 0, 0, 0 }
 };
@@ -3971,6 +3972,14 @@ static int img_dd(int argc, char **argv)
 case 'h':
 help();
 break;
+case OPTION_OBJECT: {
+QemuOpts *opts;
+opts = qemu_opts_parse_noisily(&qemu_object_opts,
+   optarg, true);
+if (!opts) {
+return 1;
+}
+}   break;
 case OPTION_IMAGE_OPTS:
 image_opts = true;
 break;
@@ -4015,6 +4024,13 @@ static int img_dd(int argc, char **argv)
 ret = -1;
 goto out;
 }
+
+if (qemu_opts_foreach(&qemu_object_opts,
+  user_creatable_add_opts_foreach,
+  NULL, NULL)) {
+return 1;
+}
+
 blk1 = img_open(image_opts, in.filename, fmt, 0, false, false);
 
 if (!blk1) {
-- 
2.9.3

[Qemu-devel] [PATCH v1 0/6] qemu-img: improve convert & dd commands

[Daniel P. Berrange]

This series is in response to Max pointing out that you cannot
use 'convert' for an encrypted target image.

The 'convert' and 'dd' commands need to first create the image
and then open it. The bdrv_create() method takes a set of options
for creating the image, which let us provide a key-secret for the
encryption key. When the commands then open the new image, they
don't provide any options, so the image is unable to be opened
due to lack of encryption key. It is also not possible to use
the --image-opts argument to provide structured options in the
target image name - it must be a plain filename to satisfy the
bdrv_create() API contract.

This series addresses these problems to some extent

 - Adds a new --target-image-opts flag which is used to say
   that the target filename is using structured options.
   It is *only* permitted to use this when -n is also set.
   ie the target image must be pre-created so convert/dd
   don't need to run bdrv_create().

 - When --target-image-opts is not used, add special case
   code that identifies options passed to bdrv_create()
   named "*key-secret" and adds them to the options used
   to open the new image

In future it is desirable to make --target-image-opts work
even when -n is *not* given. This requires considerable
work to create a new bdrv_create() API impl.

The first four patches improve the 'dd' command to address
feature gaps wrt the 'convert' command. The last two patches
implement the improvements described above.

Daniel P. Berrange (6):
  qemu-img: add support for --object with 'dd' command
  qemu-img: fix --image-opts usage with dd command
  qemu-img: add support for -n arg to dd command
  qemu-img: add support for -o arg to dd command
  qemu-img: introduce --target-image-opts for 'convert' command
  qemu-img: copy *key-secret opts when opening newly created files

 qemu-img-cmds.hx |   8 +-
 qemu-img.c   | 286 ++-
 qemu-img.texi|  23 -
 3 files changed, 244 insertions(+), 73 deletions(-)

-- 
2.9.3

[Qemu-devel] [PATCH v1 2/6] qemu-img: fix --image-opts usage with dd command

[Daniel P. Berrange]

The --image-opts flag can only be used to affect the parsing
of the source image. The target image has to be specified in
the traditional style regardless, since it needs to be passed
to the brdv_create() API which does not support the new style
opts.

Signed-off-by: Daniel P. Berrange 
---
 qemu-img.c | 9 +++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/qemu-img.c b/qemu-img.c
index 391a141..629f9e9 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -4098,8 +4098,13 @@ static int img_dd(int argc, char **argv)
 goto out;
 }
 
-blk2 = img_open(image_opts, out.filename, out_fmt, BDRV_O_RDWR,
-false, false);
+/* TODO, we can't honour --image-opts for the target,
+ * since it needs to be given in a format compatible
+ * with the bdrv_create() call above which does not
+ * support image-opts style.
+ */
+blk2 = img_open_file(out.filename, out_fmt, BDRV_O_RDWR,
+ false, false);
 
 if (!blk2) {
 ret = -1;
-- 
2.9.3

[Qemu-devel] [PATCH v1 3/6] qemu-img: add support for -n arg to dd command

[Daniel P. Berrange]

The -n arg to the convert command allows use of a pre-existing image,
rather than creating a new image. This adds a -n arg to the dd command
to get feature parity.

Signed-off-by: Daniel P. Berrange 
---
 qemu-img-cmds.hx |  4 +--
 qemu-img.c   | 79 
 qemu-img.texi|  7 -
 3 files changed, 59 insertions(+), 31 deletions(-)

diff --git a/qemu-img-cmds.hx b/qemu-img-cmds.hx
index f054599..6732713 100644
--- a/qemu-img-cmds.hx
+++ b/qemu-img-cmds.hx
@@ -46,9 +46,9 @@ STEXI
 ETEXI
 
 DEF("dd", img_dd,
-"dd [--image-opts] [-f fmt] [-O output_fmt] [bs=block_size] [count=blocks] 
[skip=blocks] if=input of=output")
+"dd [--image-opts] [-n] [-f fmt] [-O output_fmt] [bs=block_size] 
[count=blocks] [skip=blocks] if=input of=output")
 STEXI
-@item dd [--image-opts] [-f @var{fmt}] [-O @var{output_fmt}] 
[bs=@var{block_size}] [count=@var{blocks}] [skip=@var{blocks}] if=@var{input} 
of=@var{output}
+@item dd [--image-opts] [-n] [-f @var{fmt}] [-O @var{output_fmt}] 
[bs=@var{block_size}] [count=@var{blocks}] [skip=@var{blocks}] if=@var{input} 
of=@var{output}
 ETEXI
 
 DEF("info", img_info,
diff --git a/qemu-img.c b/qemu-img.c
index 629f9e9..4d8d041 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -3917,10 +3917,10 @@ static int img_dd(int argc, char **argv)
 QemuOptsList *create_opts = NULL;
 Error *local_err = NULL;
 bool image_opts = false;
-int c, i;
+int c, i, skip_create = 0;
 const char *out_fmt = "raw";
 const char *fmt = NULL;
-int64_t size = 0;
+int64_t size = 0, out_size;
 int64_t block_count = 0, out_pos, in_pos;
 struct DdInfo dd = {
 .flags = 0,
@@ -3954,7 +3954,7 @@ static int img_dd(int argc, char **argv)
 { 0, 0, 0, 0 }
 };
 
-while ((c = getopt_long(argc, argv, "hf:O:", long_options, NULL))) {
+while ((c = getopt_long(argc, argv, "hnf:O:", long_options, NULL))) {
 if (c == EOF) {
 break;
 }
@@ -3965,6 +3965,9 @@ static int img_dd(int argc, char **argv)
 case 'f':
 fmt = optarg;
 break;
+case 'n':
+skip_create = 1;
+break;
 case '?':
 error_report("Try 'qemu-img --help' for more information.");
 ret = -1;
@@ -4051,22 +4054,25 @@ static int img_dd(int argc, char **argv)
 ret = -1;
 goto out;
 }
-if (!drv->create_opts) {
-error_report("Format driver '%s' does not support image creation",
- drv->format_name);
-ret = -1;
-goto out;
-}
-if (!proto_drv->create_opts) {
-error_report("Protocol driver '%s' does not support image creation",
- proto_drv->format_name);
-ret = -1;
-goto out;
-}
-create_opts = qemu_opts_append(create_opts, drv->create_opts);
-create_opts = qemu_opts_append(create_opts, proto_drv->create_opts);
 
-opts = qemu_opts_create(create_opts, NULL, 0, &error_abort);
+if (!skip_create) {
+if (!drv->create_opts) {
+error_report("Format driver '%s' does not support image creation",
+ drv->format_name);
+ret = -1;
+goto out;
+}
+if (!proto_drv->create_opts) {
+error_report("Protocol driver '%s' does not support image 
creation",
+ proto_drv->format_name);
+ret = -1;
+goto out;
+}
+create_opts = qemu_opts_append(create_opts, drv->create_opts);
+create_opts = qemu_opts_append(create_opts, proto_drv->create_opts);
+
+opts = qemu_opts_create(create_opts, NULL, 0, &error_abort);
+}
 
 size = blk_getlength(blk1);
 if (size < 0) {
@@ -4083,19 +4089,22 @@ static int img_dd(int argc, char **argv)
 /* Overflow means the specified offset is beyond input image's size */
 if (dd.flags & C_SKIP && (in.offset > INT64_MAX / in.bsz ||
   size < in.bsz * in.offset)) {
-qemu_opt_set_number(opts, BLOCK_OPT_SIZE, 0, &error_abort);
+out_size = 0;
 } else {
-qemu_opt_set_number(opts, BLOCK_OPT_SIZE,
-size - in.bsz * in.offset, &error_abort);
+out_size = size - in.bsz * in.offset;
 }
 
-ret = bdrv_create(drv, out.filename, opts, &local_err);
-if (ret < 0) {
-error_reportf_err(local_err,
-  "%s: error while creating output image: ",
-  out.filename);
-ret = -1;
-goto out;
+if (!skip_create) {
+qemu_opt_set_number(opts, BLOCK_OPT_SIZE, out_size, &error_abort);
+
+ret = bdrv_create(drv, out.filename, opts, &local_err);
+if (ret < 0) {
+error_reportf_err(local_err,
+  "%s: error while creating output image: ",
+  out.filename);
+ret = -1;
+goto o

[Qemu-devel] [PATCH v1 5/6] qemu-img: introduce --target-image-opts for 'convert' command

[Daniel P. Berrange]

The '--image-opts' flags indicates whether the source filename
includes options. The target filename has to remain in the
plain filename format though, since it needs to be passed to
bdrv_create().  When using --skip-create though, it would be
possible to use image-opts syntax. This adds --target-image-opts
to indicate that the target filename includes options. Currently
this mandates use of the --skip-create flag too.

Signed-off-by: Daniel P. Berrange 
---
 qemu-img-cmds.hx |   8 ++--
 qemu-img.c   | 131 ---
 qemu-img.texi|  12 -
 3 files changed, 99 insertions(+), 52 deletions(-)

diff --git a/qemu-img-cmds.hx b/qemu-img-cmds.hx
index ef691fa..aba83b3 100644
--- a/qemu-img-cmds.hx
+++ b/qemu-img-cmds.hx
@@ -40,15 +40,15 @@ STEXI
 ETEXI
 
 DEF("convert", img_convert,
-"convert [--object objectdef] [--image-opts] [-c] [-p] [-q] [-n] [-f fmt] 
[-t cache] [-T src_cache] [-O output_fmt] [-o options] [-s snapshot_id_or_name] 
[-l snapshot_param] [-S sparse_size] filename [filename2 [...]] 
output_filename")
+"convert [--object objectdef] [--image-opts] [--target-image-opts] [-c] 
[-p] [-q] [-n] [-f fmt] [-t cache] [-T src_cache] [-O output_fmt] [-o options] 
[-s snapshot_id_or_name] [-l snapshot_param] [-S sparse_size] filename 
[filename2 [...]] output_filename")
 STEXI
-@item convert [--object @var{objectdef}] [--image-opts] [-c] [-p] [-q] [-n] 
[-f @var{fmt}] [-t @var{cache}] [-T @var{src_cache}] [-O @var{output_fmt}] [-o 
@var{options}] [-s @var{snapshot_id_or_name}] [-l @var{snapshot_param}] [-S 
@var{sparse_size}] @var{filename} [@var{filename2} [...]] @var{output_filename}
+@item convert [--object @var{objectdef}] [--image-opts] [--target-image-opts] 
[-c] [-p] [-q] [-n] [-f @var{fmt}] [-t @var{cache}] [-T @var{src_cache}] [-O 
@var{output_fmt}] [-o @var{options}] [-s @var{snapshot_id_or_name}] [-l 
@var{snapshot_param}] [-S @var{sparse_size}] @var{filename} [@var{filename2} 
[...]] @var{output_filename}
 ETEXI
 
 DEF("dd", img_dd,
-"dd [--image-opts] [-n] [-f fmt] [-O output_fmt] [-o options] 
[bs=block_size] [count=blocks] [skip=blocks] if=input of=output")
+"dd [--image-opts] [--target-image-opts] [-n] [-f fmt] [-O output_fmt] [-o 
options] [bs=block_size] [count=blocks] [skip=blocks] if=input of=output")
 STEXI
-@item dd [--image-opts] [-n] [-f @var{fmt}] [-O @var{output_fmt}] [-o 
@var{options}] [bs=@var{block_size}] [count=@var{blocks}] [skip=@var{blocks}] 
if=@var{input} of=@var{output}
+@item dd [--image-opts] [--target-image-opts] [-n] [-f @var{fmt}] [-O 
@var{output_fmt}] [-o @var{options}] [bs=@var{block_size}] [count=@var{blocks}] 
[skip=@var{blocks}] if=@var{input} of=@var{output}
 ETEXI
 
 DEF("info", img_info,
diff --git a/qemu-img.c b/qemu-img.c
index 8f91a95..a751781 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -59,6 +59,7 @@ enum {
 OPTION_PATTERN = 260,
 OPTION_FLUSH_INTERVAL = 261,
 OPTION_NO_DRAIN = 262,
+OPTION_TARGET_IMAGE_OPTS = 263,
 };
 
 typedef enum OutputFormat {
@@ -1763,7 +1764,7 @@ static int img_convert(int argc, char **argv)
 int progress = 0, flags, src_flags;
 bool writethrough, src_writethrough;
 const char *fmt, *out_fmt, *cache, *src_cache, *out_baseimg, *out_filename;
-BlockDriver *drv, *proto_drv;
+BlockDriver *drv = NULL, *proto_drv = NULL;
 BlockBackend **blk = NULL, *out_blk = NULL;
 BlockDriverState **bs = NULL, *out_bs = NULL;
 int64_t total_sectors;
@@ -1781,9 +1782,10 @@ static int img_convert(int argc, char **argv)
 QemuOpts *sn_opts = NULL;
 ImgConvertState state;
 bool image_opts = false;
+bool tgt_image_opts = false;
 
+out_fmt = NULL;
 fmt = NULL;
-out_fmt = "raw";
 cache = "unsafe";
 src_cache = BDRV_DEFAULT_CACHE;
 out_baseimg = NULL;
@@ -1794,6 +1796,7 @@ static int img_convert(int argc, char **argv)
 {"help", no_argument, 0, 'h'},
 {"object", required_argument, 0, OPTION_OBJECT},
 {"image-opts", no_argument, 0, OPTION_IMAGE_OPTS},
+{"target-image-opts", no_argument, 0, OPTION_TARGET_IMAGE_OPTS},
 {0, 0, 0, 0}
 };
 c = getopt_long(argc, argv, "hf:O:B:ce6o:s:l:S:pt:T:qn",
@@ -1898,15 +1901,27 @@ static int img_convert(int argc, char **argv)
 case OPTION_IMAGE_OPTS:
 image_opts = true;
 break;
+case OPTION_TARGET_IMAGE_OPTS:
+tgt_image_opts = true;
+break;
 }
 }
 
+if (!out_fmt && !tgt_image_opts) {
+out_fmt = "raw";
+}
+
 if (qemu_opts_foreach(&qemu_object_opts,
   user_creatable_add_opts_foreach,
   NULL, NULL)) {
 goto fail_getopt;
 }
 
+if (tgt_image_opts && !skip_create) {
+error_report("--target-image-opts requires use of -n flag");
+goto fail_getopt;
+}
+
 /* Initialize before goto out */
 if (quiet) {
 progress

[Qemu-devel] [PATCH v1 4/6] qemu-img: add support for -o arg to dd command

[Daniel P. Berrange]

The -o arg to the convert command allows specification of format/protocol
options for the newly created image. This adds a -o arg to the dd command
to get feature parity.

Signed-off-by: Daniel P. Berrange 
---
 qemu-img-cmds.hx |  4 ++--
 qemu-img.c   | 32 +++-
 qemu-img.texi|  6 --
 3 files changed, 37 insertions(+), 5 deletions(-)

diff --git a/qemu-img-cmds.hx b/qemu-img-cmds.hx
index 6732713..ef691fa 100644
--- a/qemu-img-cmds.hx
+++ b/qemu-img-cmds.hx
@@ -46,9 +46,9 @@ STEXI
 ETEXI
 
 DEF("dd", img_dd,
-"dd [--image-opts] [-n] [-f fmt] [-O output_fmt] [bs=block_size] 
[count=blocks] [skip=blocks] if=input of=output")
+"dd [--image-opts] [-n] [-f fmt] [-O output_fmt] [-o options] 
[bs=block_size] [count=blocks] [skip=blocks] if=input of=output")
 STEXI
-@item dd [--image-opts] [-n] [-f @var{fmt}] [-O @var{output_fmt}] 
[bs=@var{block_size}] [count=@var{blocks}] [skip=@var{blocks}] if=@var{input} 
of=@var{output}
+@item dd [--image-opts] [-n] [-f @var{fmt}] [-O @var{output_fmt}] [-o 
@var{options}] [bs=@var{block_size}] [count=@var{blocks}] [skip=@var{blocks}] 
if=@var{input} of=@var{output}
 ETEXI
 
 DEF("info", img_info,
diff --git a/qemu-img.c b/qemu-img.c
index 4d8d041..8f91a95 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -3920,6 +3920,7 @@ static int img_dd(int argc, char **argv)
 int c, i, skip_create = 0;
 const char *out_fmt = "raw";
 const char *fmt = NULL;
+char *optionstr = NULL;
 int64_t size = 0, out_size;
 int64_t block_count = 0, out_pos, in_pos;
 struct DdInfo dd = {
@@ -3954,7 +3955,7 @@ static int img_dd(int argc, char **argv)
 { 0, 0, 0, 0 }
 };
 
-while ((c = getopt_long(argc, argv, "hnf:O:", long_options, NULL))) {
+while ((c = getopt_long(argc, argv, "hno:f:O:", long_options, NULL))) {
 if (c == EOF) {
 break;
 }
@@ -3968,6 +3969,20 @@ static int img_dd(int argc, char **argv)
 case 'n':
 skip_create = 1;
 break;
+case 'o':
+if (!is_valid_option_list(optarg)) {
+error_report("Invalid option list: %s", optarg);
+ret = -1;
+goto out;
+}
+if (!optionstr) {
+optionstr = g_strdup(optarg);
+} else {
+char *old_options = optionstr;
+optionstr = g_strdup_printf("%s,%s", optionstr, optarg);
+g_free(old_options);
+}
+break;
 case '?':
 error_report("Try 'qemu-img --help' for more information.");
 ret = -1;
@@ -4028,6 +4043,11 @@ static int img_dd(int argc, char **argv)
 goto out;
 }
 
+if (optionstr && has_help_option(optionstr)) {
+ret = print_block_option_help(out.filename, out_fmt);
+goto out;
+}
+
 if (qemu_opts_foreach(&qemu_object_opts,
   user_creatable_add_opts_foreach,
   NULL, NULL)) {
@@ -4072,6 +4092,15 @@ static int img_dd(int argc, char **argv)
 create_opts = qemu_opts_append(create_opts, proto_drv->create_opts);
 
 opts = qemu_opts_create(create_opts, NULL, 0, &error_abort);
+
+if (optionstr) {
+qemu_opts_do_parse(opts, optionstr, NULL, &local_err);
+if (local_err) {
+error_report_err(local_err);
+ret = -1;
+goto out;
+}
+}
 }
 
 size = blk_getlength(blk1);
@@ -4176,6 +4205,7 @@ static int img_dd(int argc, char **argv)
 
 out:
 g_free(arg);
+g_free(optionstr);
 qemu_opts_del(opts);
 qemu_opts_free(create_opts);
 blk_unref(blk1);
diff --git a/qemu-img.texi b/qemu-img.texi
index b952d6a..9a391d4 100644
--- a/qemu-img.texi
+++ b/qemu-img.texi
@@ -326,10 +326,12 @@ skipped. This is useful for formats such as @code{rbd} if 
the target
 volume has already been created with site specific options that cannot
 be supplied through qemu-img.
 
-@item dd [-n] [-f @var{fmt}] [-O @var{output_fmt}] [bs=@var{block_size}] 
[count=@var{blocks}] [skip=@var{blocks}] if=@var{input} of=@var{output}
+@item dd [-n] [-f @var{fmt}] [-O @var{output_fmt}] [-o @var{options}] 
[bs=@var{block_size}] [count=@var{blocks}] [skip=@var{blocks}] if=@var{input} 
of=@var{output}
 
 Dd copies from @var{input} file to @var{output} file converting it from
-@var{fmt} format to @var{output_fmt} format.
+@var{fmt} format to @var{output_fmt} format. Depending on the output file
+format, you can add one or more @var{options} that enable additional
+features of this format.
 
 The data is by default read and written using blocks of 512 bytes but can be
 modified by specifying @var{block_size}. If count=@var{blocks} is specified
-- 
2.9.3

Re: [Qemu-devel] [PATCH v2 7/7] qemu-options: remove stray space

[Fam Zheng]

On Tue, 01/24 14:33, Alex Bennée wrote:
> Signed-off-by: Alex Bennée 
> ---
>  qemu-options.hx | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/qemu-options.hx b/qemu-options.hx
> index 80df52651a..55c68cecbb 100644
> --- a/qemu-options.hx
> +++ b/qemu-options.hx
> @@ -1705,7 +1705,7 @@ DEF("net", HAS_ARG, QEMU_OPTION_net,
>  "old way to initialize a host network interface\n"
>  "(use the -netdev option if possible instead)\n", 
> QEMU_ARCH_ALL)
>  STEXI
> -@item -net nic[,vlan=@var{n}][,macaddr=@var{mac}][,model=@var{type}] 
> [,name=@var{name}][,addr=@var{addr}][,vectors=@var{v}]
> +@item -net 
> nic[,vlan=@var{n}][,macaddr=@var{mac}][,model=@var{type}][,name=@var{name}][,addr=@var{addr}][,vectors=@var{v}]
>  @findex -net
>  Create a new Network Interface Card and connect it to VLAN @var{n} (@var{n}
>  = 0 is the default). The NIC is an e1000 by default on the PC
> -- 
> 2.11.0
> 
> 

Reviewed-by: Fam Zheng 

Re: [Qemu-devel] [PATCH] migrate: Migration aborts abruptly for machine "none"

[Kashyap Chamarthy]

On Thu, Jan 26, 2017 at 02:46:52PM +0530, Ashijeet Acharya wrote:
> Migration of a "none" machine with no RAM crashes abruptly as
> bitmap_new() fails and thus aborts. Instead, place a check for
> last_ram_offset() being '0' at the start of ram_save_setup() and
> error out with a meaningful error message.
> 
> Signed-off-by: Ashijeet Acharya 
> ---
>  migration/ram.c | 5 +
>  1 file changed, 5 insertions(+)

You state the problem in the one-line Git commit summary message, it's
usually preferred to summarize the _fix_ that you're making :-).  If the
below variant sounds any better, maybe the maintainer can reword it upon
applying:

  migrate: Gracefully handle crash of a 'none' machine with no RAM

[...]

-- 
/kashyap

Re: [Qemu-devel] [PATCH v2 3/7] .travis.yml: DEBUG MacOSX build

[Fam Zheng]

On Tue, 01/24 14:33, Alex Bennée wrote:
> Currently the MacOSX build is failing. Dump some information to help
> with figuring out what has gone wrong.
> 
> Signed-off-by: Alex Bennée 
> ---
>  .travis.yml | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/.travis.yml b/.travis.yml
> index 9008a796f0..a9ce215f42 100644
> --- a/.travis.yml
> +++ b/.travis.yml
> @@ -92,6 +92,7 @@ matrix:
>  - env: CONFIG=""
>os: osx
>compiler: clang
> +  script: make -j3 || cat qemu-options.texi && false
>  # Plain Trusty System Build
>  - env: CONFIG="--disable-linux-user"
>sudo: required
> -- 
> 2.11.0
> 
> 

Why qemu-options.texi? This looks really ad-hocery, not sure it's useful for the
mainline.

Fam

Re: [Qemu-devel] [PULL 15/18] spapr: CPU hot unplug support

[Igor Mammedov]

On Fri, 17 Jun 2016 16:36:36 +1000
David Gibson  wrote:

> From: Bharata B Rao 
> 
> Remove the CPU core device by removing the underlying CPU thread devices.
> Hot removal of CPU for sPAPR guests is achieved by sending the hot unplug
> notification to the guest. Release the vCPU object after CPU hot unplug so
> that vCPU fd can be parked and reused.
> 
> Signed-off-by: Bharata B Rao 
> Signed-off-by: David Gibson 
[...]


Bharata,

Here is some notes I've made while auditing spapr cpu hotplug code.
  
spapr_core_release() should be spapr_core_unrealize()
except of machine related
 spapr->cores[cc->core_id / smt] = NULL;
which should go to spapr_core_unplug()

> +static void spapr_core_release(DeviceState *dev, void *opaque)
> +{
> +sPAPRCPUCore *sc = SPAPR_CPU_CORE(OBJECT(dev));
> +const char *typename = object_class_get_name(sc->cpu_class);
> +size_t size = object_type_get_instance_size(typename);
> +sPAPRMachineState *spapr = SPAPR_MACHINE(qdev_get_machine());
> +sPAPRCPUCore *core = SPAPR_CPU_CORE(OBJECT(dev));
> +CPUCore *cc = CPU_CORE(dev);
> +int smt = kvmppc_smt_threads();
> +int i;
> +
> +for (i = 0; i < cc->nr_threads; i++) {
> +void *obj = sc->threads + i * size;
> +DeviceState *dev = DEVICE(obj);
> +CPUState *cs = CPU(dev);
> +PowerPCCPU *cpu = POWERPC_CPU(cs);
> +
> +spapr_cpu_destroy(cpu);
> +cpu_remove_sync(cs);
> +object_unparent(obj);
> +}
> +
> +spapr->cores[cc->core_id / smt] = NULL;
> +
> +g_free(core->threads);
> +object_unparent(OBJECT(dev));
> +}
> +

spapr_core_[un]plug() functions belong to machine code and should
be in hw/ppc/spapr.c

> +void spapr_core_unplug(HotplugHandler *hotplug_dev, DeviceState *dev,
> +   Error **errp)
> +{
> +sPAPRCPUCore *core = SPAPR_CPU_CORE(OBJECT(dev));
> +PowerPCCPU *cpu = POWERPC_CPU(core->threads);
> +int id = ppc_get_vcpu_dt_id(cpu);
> +sPAPRDRConnector *drc =
> +spapr_dr_connector_by_id(SPAPR_DR_CONNECTOR_TYPE_CPU, id);
> +sPAPRDRConnectorClass *drck;
> +Error *local_err = NULL;
> +
> +g_assert(drc);
> +
> +drck = SPAPR_DR_CONNECTOR_GET_CLASS(drc);
> +drck->detach(drc, dev, spapr_core_release, NULL, &local_err);

Could you explain call flow during cpu unplug?

My expectations were that unplug_request() handler asks for CPU removal
and unplug() handler removes CPU.
It's obviously messed up somehow.

> +if (local_err) {
> +error_propagate(errp, local_err);
> +return;
> +}
> +
> +spapr_hotplug_req_remove_by_index(drc);
> +}
> +
>  void spapr_core_plug(HotplugHandler *hotplug_dev, DeviceState *dev,
>   Error **errp)
>  {
> diff --git a/include/hw/ppc/spapr_cpu_core.h b/include/hw/ppc/spapr_cpu_core.h
> index 7cb0515..1c9b319 100644
> --- a/include/hw/ppc/spapr_cpu_core.h
> +++ b/include/hw/ppc/spapr_cpu_core.h
> @@ -31,4 +31,6 @@ void spapr_core_pre_plug(HotplugHandler *hotplug_dev, 
> DeviceState *dev,
>  char *spapr_get_cpu_core_type(const char *model);
>  void spapr_core_plug(HotplugHandler *hotplug_dev, DeviceState *dev,
>   Error **errp);
> +void spapr_core_unplug(HotplugHandler *hotplug_dev, DeviceState *dev,
> +   Error **errp);
>  #endif

Re: [Qemu-devel] [PATCH 07/17] migration: Create x-multifd-group parameter

[Dr. David Alan Gilbert]

* Juan Quintela (quint...@redhat.com) wrote:
> Indicates how many pages we are going to send in each bach to a multifd
> thread.

bach->batch

> Signed-off-by: Juan Quintela 
> ---
>  hmp.c |  8 
>  include/migration/migration.h |  1 +
>  migration/migration.c | 23 +++
>  qapi-schema.json  | 11 +--
>  4 files changed, 41 insertions(+), 2 deletions(-)
> 
> diff --git a/hmp.c b/hmp.c
> index 8c7e302..e579766 100644
> --- a/hmp.c
> +++ b/hmp.c
> @@ -325,6 +325,9 @@ void hmp_info_migrate_parameters(Monitor *mon, const 
> QDict *qdict)
>  monitor_printf(mon, " %s: %" PRId64,
>  MigrationParameter_lookup[MIGRATION_PARAMETER_X_MULTIFD_THREADS],
>  params->x_multifd_threads);
> +monitor_printf(mon, " %s: %" PRId64,
> +MigrationParameter_lookup[MIGRATION_PARAMETER_X_MULTIFD_GROUP],
> +params->x_multifd_group);
>  monitor_printf(mon, "\n");
>  }
> 
> @@ -1401,6 +1404,10 @@ void hmp_migrate_set_parameter(Monitor *mon, const 
> QDict *qdict)
>  p.has_x_multifd_threads = true;
>  use_int_value = true;
>  break;
> +case MIGRATION_PARAMETER_X_MULTIFD_GROUP:
> +p.has_x_multifd_group = true;
> +use_int_value = true;
> +break;
>  }
> 
>  if (use_int_value) {
> @@ -1419,6 +1426,7 @@ void hmp_migrate_set_parameter(Monitor *mon, const 
> QDict *qdict)
>  p.downtime_limit = valueint;
>  p.x_checkpoint_delay = valueint;
>  p.x_multifd_threads = valueint;
> +p.x_multifd_group = valueint;
>  }
> 
>  qmp_migrate_set_parameters(&p, &err);
> diff --git a/include/migration/migration.h b/include/migration/migration.h
> index b35044c..515569d 100644
> --- a/include/migration/migration.h
> +++ b/include/migration/migration.h
> @@ -248,6 +248,7 @@ bool migration_in_postcopy_after_devices(MigrationState 
> *);
>  MigrationState *migrate_get_current(void);
> 
>  int migrate_multifd_threads(void);
> +int migrate_multifd_group(void);
> 
>  void migrate_compress_threads_create(void);
>  void migrate_compress_threads_join(void);
> diff --git a/migration/migration.c b/migration/migration.c
> index 2fe03d8..9bde01b 100644
> --- a/migration/migration.c
> +++ b/migration/migration.c
> @@ -68,6 +68,7 @@
>   */
>  #define DEFAULT_MIGRATE_X_CHECKPOINT_DELAY 200
>  #define DEFAULT_MIGRATE_MULTIFD_THREADS 2
> +#define DEFAULT_MIGRATE_MULTIFD_GROUP 16

See below ^^^

> 
>  static NotifierList migration_state_notifiers =
>  NOTIFIER_LIST_INITIALIZER(migration_state_notifiers);
> @@ -103,6 +104,7 @@ MigrationState *migrate_get_current(void)
>  .downtime_limit = DEFAULT_MIGRATE_SET_DOWNTIME,
>  .x_checkpoint_delay = DEFAULT_MIGRATE_X_CHECKPOINT_DELAY,
>  .x_multifd_threads = DEFAULT_MIGRATE_MULTIFD_THREADS,
> +.x_multifd_group = DEFAULT_MIGRATE_MULTIFD_GROUP,
>  },
>  };
> 
> @@ -595,6 +597,8 @@ MigrationParameters *qmp_query_migrate_parameters(Error 
> **errp)
>  params->x_checkpoint_delay = s->parameters.x_checkpoint_delay;
>  params->has_x_multifd_threads = true;
>  params->x_multifd_threads = s->parameters.x_multifd_threads;
> +params->has_x_multifd_group = true;
> +params->x_multifd_group = s->parameters.x_multifd_group;
> 
>  return params;
>  }
> @@ -865,6 +869,13 @@ void qmp_migrate_set_parameters(MigrationParameters 
> *params, Error **errp)
> "is invalid, it should be in the range of 1 to 255");
>  return;
>  }
> +if (params->has_x_multifd_group &&
> +(params->x_multifd_group < 1 || params->x_multifd_group > 
> 1)) {
> +error_setg(errp, QERR_INVALID_PARAMETER_VALUE,
> +   "multifd_group",
> +   "is invalid, it should be in the range of 1 to 1");
> +return;
> +}
> 
>  if (params->has_compress_level) {
>  s->parameters.compress_level = params->compress_level;
> @@ -906,6 +917,9 @@ void qmp_migrate_set_parameters(MigrationParameters 
> *params, Error **errp)
>  if (params->has_x_multifd_threads) {
>  s->parameters.x_multifd_threads = params->x_multifd_threads;
>  }
> +if (params->has_x_multifd_group) {
> +s->parameters.x_multifd_group = params->x_multifd_group;
> +}
>  }
> 
> 
> @@ -1351,6 +1365,15 @@ int migrate_multifd_threads(void)
>  return s->parameters.x_multifd_threads;
>  }
> 
> +int migrate_multifd_group(void)
> +{
> +MigrationState *s;
> +
> +s = migrate_get_current();
> +
> +return s->parameters.x_multifd_group;
> +}
> +
>  int migrate_use_xbzrle(void)
>  {
>  MigrationState *s;
> diff --git a/qapi-schema.json b/qapi-schema.json
> index 2273864..54232ee 100644
> --- a/qapi-schema.json
> +++ b/qapi-schema.json
> @@ -

Re: [Qemu-devel] [PATCH] 9pfs: fix v9fs_lock error case

[Greg Kurz]

On Thu, 26 Jan 2017 11:07:05 +0100
Paolo Bonzini  wrote:

> In this case, we are marshaling an error status instead of the errno value.
> Reorganize the out and out_nofid labels to look like all the other cases.
> Coverity reports this because the "err = -ENOENT" and "err = -EINVAL"
> assignments above are dead, overwritten by the call to pdu_marshal.
> 
> Signed-off-by: Paolo Bonzini 
> ---

There was a confusion indeed: if the server fails it should report it to the
client with an RERROR message.

Responding an RLOCK message with a P9_LOCK_ERROR status only makes sense
when actually implementing locking (i.e. calling flock() on the backend),
which isn't the case in QEMU as stated in the comment above v9fs_lock(). 
We should hence always report a P9_LOCK_SUCCESS status when responding
an RLOCK message.

Just to make it clear, I've modified your patch to open code this and
pushed it to https://github.com/gkurz/qemu/commits/9p-next .

BTW, I've registered to https://scan.coverity.com/projects/qemu as
Peter suggested on IRC. I'll have a look at the other 9pfs issues.

Cheers.

--
Greg

>  hw/9pfs/9p.c | 11 ++-
>  1 file changed, 6 insertions(+), 5 deletions(-)
> 
> diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
> index 99e9472..d028eca 100644
> --- a/hw/9pfs/9p.c
> +++ b/hw/9pfs/9p.c
> @@ -3045,14 +3045,15 @@ static void coroutine_fn v9fs_lock(void *opaque)
>  goto out;
>  }
>  status = P9_LOCK_SUCCESS;
> -out:
> -put_fid(pdu, fidp);
> -out_nofid:
>  err = pdu_marshal(pdu, offset, "b", status);
> -if (err > 0) {
> -err += offset;
> +if (err < 0) {
> +goto out;
>  }
> +err += offset;
>  trace_v9fs_lock_return(pdu->tag, pdu->id, status);
> +out:
> +put_fid(pdu, fidp);
> +out_nofid:
>  pdu_complete(pdu, err);
>  v9fs_string_free(&flock.client_id);
>  }

Re: [Qemu-devel] [PATCH] 9pfs: fix v9fs_lock error case

[Paolo Bonzini]

On 26/01/2017 12:54, Greg Kurz wrote:
> On Thu, 26 Jan 2017 11:07:05 +0100
> Paolo Bonzini  wrote:
> 
>> In this case, we are marshaling an error status instead of the errno value.
>> Reorganize the out and out_nofid labels to look like all the other cases.
>> Coverity reports this because the "err = -ENOENT" and "err = -EINVAL"
>> assignments above are dead, overwritten by the call to pdu_marshal.
>>
>> Signed-off-by: Paolo Bonzini 
>> ---
> 
> There was a confusion indeed: if the server fails it should report it to the
> client with an RERROR message.
> 
> Responding an RLOCK message with a P9_LOCK_ERROR status only makes sense
> when actually implementing locking (i.e. calling flock() on the backend),
> which isn't the case in QEMU as stated in the comment above v9fs_lock(). 
> We should hence always report a P9_LOCK_SUCCESS status when responding
> an RLOCK message.

Which my patch does in a very roundabout way: the first assignment to
status is now dead, and the pdu_marshal("b") always uses P9_LOCK_SUCCESS.

> Just to make it clear, I've modified your patch to open code this and
> pushed it to https://github.com/gkurz/qemu/commits/9p-next .

Much, better, thanks.

Paolo

> BTW, I've registered to https://scan.coverity.com/projects/qemu as
> Peter suggested on IRC. I'll have a look at the other 9pfs issues.
> 
> Cheers.
> 
> --
> Greg
> 
>>  hw/9pfs/9p.c | 11 ++-
>>  1 file changed, 6 insertions(+), 5 deletions(-)
>>
>> diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
>> index 99e9472..d028eca 100644
>> --- a/hw/9pfs/9p.c
>> +++ b/hw/9pfs/9p.c
>> @@ -3045,14 +3045,15 @@ static void coroutine_fn v9fs_lock(void *opaque)
>>  goto out;
>>  }
>>  status = P9_LOCK_SUCCESS;
>> -out:
>> -put_fid(pdu, fidp);
>> -out_nofid:
>>  err = pdu_marshal(pdu, offset, "b", status);
>> -if (err > 0) {
>> -err += offset;
>> +if (err < 0) {
>> +goto out;
>>  }
>> +err += offset;
>>  trace_v9fs_lock_return(pdu->tag, pdu->id, status);
>> +out:
>> +put_fid(pdu, fidp);
>> +out_nofid:
>>  pdu_complete(pdu, err);
>>  v9fs_string_free(&flock.client_id);
>>  }
> 

Re: [Qemu-devel] [PATCH v5 02/18] vfio: introduce vfio_get_vaddr()

[Peter Xu]

On Thu, Jan 26, 2017 at 11:55:22AM +0100, Paolo Bonzini wrote:
> 
> 
> On 26/01/2017 08:12, Peter Xu wrote:
> > 
> > /*
> >  * Here, we need to have the lock not only for vfio_get_vaddr(),
> >  * but also needs to make sure that the vaddr will be valid for
> >  * further operations.
> >  *
> >  * When we map new pages, we need the lock to make sure that vaddr
> >  * is valid along the way we build up the IO page table (via
> >  * vfio_dma_map()). Then, as long as the mapping is set up, we can
> >  * unlock since those pages will be pinned in kernel (which makes
> >  * sure that the RAM backend of vaddr will always be there, even
> >  * if the memory object is destroyed and RAM released).
> >  *
> >  * For unmapping case, we don't really need the protection since
> >  * the pages are in all cases locked in kernel, so we'll probably
> >  * be safe even without the lock. However, it won't hurt we have
> >  * the lock as well here.
> >  */
> 
> Even simpler, just before the definition of vfio_get_vaddr:
> 
> /* Called with rcu_read_lock held.  */
> 
> and just before the vfio_dma_map call:
> 
> /* vaddr is only valid until rcu_read_unlock().  But after
>  * vfio_dma_map has set up the mapping the pages will be pinned
>  * by the kernel.  This makes sure that the RAM backend of vaddr
>  * will always be there, even if the memory object is destroyed
>  * and its backing memory munmap-ed.
>  */
> 
> I'm not sure that you can get rid of the lock for the unmapping case.
> Better remove that part of the comment.

Sure. Let me take yours. Thanks!

-- peterx

Re: [Qemu-devel] [PULL 21/26] target-hppa: Implement branches

[Paolo Bonzini]

I haven't studied the code much, so I'm just reporting what Coverity
says.  Not sure if the code has a bug or can just be simplified.

On 23/01/2017 03:17, Richard Henderson wrote:
> +/* Emit a conditional branch to a direct target.  If the branch itself
> +   is nullified, we should have already used nullify_over.  */
> +static ExitStatus do_cbranch(DisasContext *ctx, target_long disp, bool is_n,
> + DisasCond *cond)
> +{
> +target_ulong dest = iaoq_dest(ctx, disp);
> +TCGLabel *taken = NULL;
> +TCGCond c = cond->c;
> +int which = 0;
> +bool n;
> +
> +assert(ctx->null_cond.c == TCG_COND_NEVER);
> +
> +/* Handle TRUE and NEVER as direct branches.  */
> +if (c == TCG_COND_ALWAYS) {
> +return do_dbranch(ctx, dest, 0, is_n && disp >= 0);
> +}
> +if (c == TCG_COND_NEVER) {
> +return do_dbranch(ctx, ctx->iaoq_n, 0, is_n && disp < 0);
> +}
> +
> +taken = gen_new_label();
> +cond_prep(cond);
> +tcg_gen_brcond_tl(c, cond->a0, cond->a1, taken);
> +cond_free(cond);
> +
> +/* Not taken: Condition not satisfied; nullify on backward branches. */
> +n = is_n && disp < 0;
> +if (n && use_nullify_skip(ctx)) {
> +nullify_set(ctx, 0);
> +gen_goto_tb(ctx, which++, ctx->iaoq_n, ctx->iaoq_n + 4);
> +} else {
> +if (!n && ctx->null_lab) {
> +gen_set_label(ctx->null_lab);
> +ctx->null_lab = NULL;
> +}
> +nullify_set(ctx, n);
> +gen_goto_tb(ctx, which++, ctx->iaoq_b, ctx->iaoq_n);
> +}

Both branches increment "which", so you can replace it with 0 and which
is always 1 now.

> +gen_set_label(taken);
> +
> +/* Taken: Condition satisfied; nullify on forward branches.  */
> +n = is_n && disp >= 0;
> +if (n && use_nullify_skip(ctx)) {
> +nullify_set(ctx, 0);
> +gen_goto_tb(ctx, which++, dest, dest + 4);
> +} else {
> +nullify_set(ctx, n);
> +gen_goto_tb(ctx, which++, ctx->iaoq_b, dest);
> +}

Both branches increment "which", so you can replace it with 1 and which
is always 2.

> +/* Not taken: the branch itself was nullified.  */
> +if (ctx->null_lab) {
> +gen_set_label(ctx->null_lab);
> +ctx->null_lab = NULL;
> +if (which < 2) {
> +nullify_set(ctx, 0);
> +gen_goto_tb(ctx, which, ctx->iaoq_b, ctx->iaoq_n);
> +return EXIT_GOTO_TB;

So this branch of the "if" is dead.

> +} else {
> +return EXIT_IAQ_N_STALE;
> +}
> +} else {
> +return EXIT_GOTO_TB;
> +}
> +}

Re: [Qemu-devel] [PULL 02/15] migration: extend VMStateInfo

[Cornelia Huck]

On Wed, 25 Jan 2017 14:44:20 +
"Dr. David Alan Gilbert"  wrote:

> * Cornelia Huck (cornelia.h...@de.ibm.com) wrote:
> > On Wed, 25 Jan 2017 13:22:55 +
> > "Dr. David Alan Gilbert"  wrote:
> > 
> > > * Cornelia Huck (cornelia.h...@de.ibm.com) wrote:
> > > > On Wed, 25 Jan 2017 12:00:53 +
> > > > "Dr. David Alan Gilbert"  wrote:

> > > > > OK, so it looks like that's a failure path, adding a return -ENOMEM 
> > > > > would seem to make
> > > > > sense there.
> > > > 
> > > > Just saw this. I don't think we want -ENOMEM, as that would change the
> > > > actual state being saved, no?
> > > 
> > > But isn't that the intention of this function?
> > > 
> > > buf = g_try_malloc0(len);
> > > if (!buf) {
> > > /* Storing FLIC_FAILED into the count field here will cause the
> > >  * target system to fail when attempting to load irqs from the
> > >  * migration state */
> > > error_report("flic: couldn't allocate memory");
> > > qemu_put_be64(f, FLIC_FAILED);
> > > return;
> > > }
> > > 
> > > What should happen on the destination - should the migration fail?
> > > If we want the migration to fail then we should now return an error
> > > status rather than 0, and then we see a failed migration on the source
> > > as well.
> > 
> > Yes. There's also another error case below where we should return an
> > error instead of putting FLIC_FAILED, then.
> > 
> > The problem is that this is rather hard to test: So I'd prefer to fix
> > the compile for now and introduce error return codes in a separate
> > patch.
> 
> OK, that's fair.

I've coded something up and tried to test it with error injection to
trigger the failed case, but I can't really see an improvement :(

Before: source logs error, target fails to load the flic with 'invalid
argument'

After: source logs error, target fails to load the flic with 'could not
allocate memory'

The migration code does not seem to do anything with the return code of
put methods for now, so that's not too surprising. Is anything in the
works?

For now, I'd prefer to keep the old behaviour as 'invalid argument'
seems like a more obvious error on the target.

diff --git a/hw/intc/s390_flic_kvm.c b/hw/intc/s390_flic_kvm.c
index e86a84e49a..3c62ef8258 100644
--- a/hw/intc/s390_flic_kvm.c
+++ b/hw/intc/s390_flic_kvm.c
@@ -293,27 +293,21 @@ static int kvm_flic_save(QEMUFile *f, void *opaque, 
size_t size,
 int len = FLIC_SAVE_INITIAL_SIZE;
 void *buf;
 int count;
+int r = 0;
 
 flic_disable_wait_pfault((struct KVMS390FLICState *) opaque);
 
 buf = g_try_malloc0(len);
 if (!buf) {
-/* Storing FLIC_FAILED into the count field here will cause the
- * target system to fail when attempting to load irqs from the
- * migration state */
 error_report("flic: couldn't allocate memory");
-qemu_put_be64(f, FLIC_FAILED);
-return 0;
+return -ENOMEM;
 }
 
 count = __get_all_irqs(flic, &buf, len);
 if (count < 0) {
 error_report("flic: couldn't retrieve irqs from kernel, rc %d",
  count);
-/* Storing FLIC_FAILED into the count field here will cause the
- * target system to fail when attempting to load irqs from the
- * migration state */
-qemu_put_be64(f, FLIC_FAILED);
+r = count;
 } else {
 qemu_put_be64(f, count);
 qemu_put_buffer(f, (uint8_t *) buf,
@@ -321,7 +315,7 @@ static int kvm_flic_save(QEMUFile *f, void *opaque, size_t 
size,
 }
 g_free(buf);
 
-return 0;
+return r;
 }
 
 /**

Re: [Qemu-devel] [PATCH v1 2/6] qemu-img: fix --image-opts usage with dd command

[Fam Zheng]

On Thu, 01/26 11:04, Daniel P. Berrange wrote:
> The --image-opts flag can only be used to affect the parsing
> of the source image. The target image has to be specified in
> the traditional style regardless, since it needs to be passed
> to the brdv_create() API which does not support the new style

"bdrv_create", if you respin :)

> opts.
> 
> Signed-off-by: Daniel P. Berrange 
> ---
>  qemu-img.c | 9 +++--
>  1 file changed, 7 insertions(+), 2 deletions(-)
> 
> diff --git a/qemu-img.c b/qemu-img.c
> index 391a141..629f9e9 100644
> --- a/qemu-img.c
> +++ b/qemu-img.c
> @@ -4098,8 +4098,13 @@ static int img_dd(int argc, char **argv)
>  goto out;
>  }
>  
> -blk2 = img_open(image_opts, out.filename, out_fmt, BDRV_O_RDWR,
> -false, false);
> +/* TODO, we can't honour --image-opts for the target,
> + * since it needs to be given in a format compatible
> + * with the bdrv_create() call above which does not
> + * support image-opts style.
> + */
> +blk2 = img_open_file(out.filename, out_fmt, BDRV_O_RDWR,
> + false, false);
>  
>  if (!blk2) {
>  ret = -1;
> -- 
> 2.9.3
> 
> 

[Qemu-devel] [PATCH v8 0/9] replay additions

[Pavel Dovgalyuk]

This set of patches includes several fixes for replay and vmstate.

This patches add rrsnapshot option for icount. rrshapshot option creates
start snapshot at record and loads it at replay. It allows preserving
the state of disk images used by virtual machine. This vm state can also
use used to roll back the execution while replaying.

With these patches operations with audio devices can also be recorded
and replayed. All interactions with passthrough audio (including
microphone input) are recorded automatically when -soundhw is specified
at the command line.

This set of patches includes fixes and additions for icount and
record/replay implementation:
 - VM start/stop in replay mode
 - overlay creation for blkreplay filter
 - rrsnapshot option for record/replay
 - vmstate fix for integratorcp ARM platform
 - vmstate fixes for apic and rtc
 - fixes for icount record/replay mode
 - record/replay for audio devices

v8 changes:
 - Refined replay exception processing (as suggested by Paolo Bonzini)
 - Saving/restoring static variable for APIC only once (as suggested by Paolo 
Bonzini)
 - Removed already queued patches
 - Minor fixes

v7 changes:
 - Fixed exception replaying when TB cache is full and
   when tb_find is called when there are no instructions about to execute
 - Added record/replay for audio devices

v6 changes:
 - Added overlay creation for blkreplay driver
 - Fixed vmstate loading for apic and rtc
 - Fixed instruction counting for apic instruction patching

v5 changes:
 - Recording is stopped when initial snapshot cannot be created
 - Minor changes

v4 changes:
 - Overlay option is removed from blkreplay driver (as suggested by Paolo 
Bonzini)
 - Minor changes

v3 changes:
 - Added rrsnapshot option for specifying the initial snapshot name (as 
suggested by Paolo Bonzini)
 - Minor changes

---

Pavel Dovgalyuk (9):
  replay: exception replay fix
  icount: exit cpu loop on expire
  apic: save apic_delivered flag
  integratorcp: adding vmstate for save/restore
  block: implement bdrv_snapshot_goto for blkreplay
  blkreplay: create temporary overlay for underlaying devices
  replay: disable default snapshot for record/replay
  audio: make audio poll timer deterministic
  replay: add record/replay for audio passthrough


 audio/audio.c   |   15 +--
 audio/audio.h   |5 ++
 audio/mixeng.c  |   31 ++
 block/blkreplay.c   |   84 +++
 cpu-exec.c  |   24 +--
 docs/replay.txt |7 +++
 hw/arm/integratorcp.c   |   62 +
 hw/intc/apic_common.c   |   37 +
 include/hw/i386/apic_internal.h |2 +
 include/sysemu/replay.h |7 +++
 replay/Makefile.objs|1 
 replay/replay-audio.c   |   79 +
 replay/replay-internal.h|4 ++
 stubs/replay.c  |1 
 translate-all.c |3 +
 vl.c|   10 -
 16 files changed, 361 insertions(+), 11 deletions(-)
 create mode 100644 replay/replay-audio.c

-- 
Pavel Dovgalyuk

[Qemu-devel] [PATCH v8 1/9] replay: exception replay fix

[Pavel Dovgalyuk]

This patch fixes replaying the exception when TB cache is full.
It breaks cpu loop execution through setting exception_index
to process such queued work as TB flush.

v8: moved setting of exeption_index to tb_gen_code

Signed-off-by: Pavel Dovgalyuk 
---
 translate-all.c |3 +++
 1 file changed, 3 insertions(+)

diff --git a/translate-all.c b/translate-all.c
index 2026293..abce8f1 100644
--- a/translate-all.c
+++ b/translate-all.c
@@ -1290,6 +1290,9 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
 /* flush must be done */
 tb_flush(cpu);
 mmap_unlock();
+/* Set exception index to make sure that the execution loop
+   will exit and go to flushing and other queued work. */
+cpu->exception_index = EXCP_INTERRUPT;
 cpu_loop_exit(cpu);
 }
 

[Qemu-devel] [PATCH v8 5/9] block: implement bdrv_snapshot_goto for blkreplay

[Pavel Dovgalyuk]

This patch enables making snapshots with blkreplay used in
block devices.

Signed-off-by: Pavel Dovgalyuk 
---
 block/blkreplay.c |8 
 1 file changed, 8 insertions(+)

diff --git a/block/blkreplay.c b/block/blkreplay.c
index a741654..8a03d62 100644
--- a/block/blkreplay.c
+++ b/block/blkreplay.c
@@ -130,6 +130,12 @@ static int coroutine_fn 
blkreplay_co_flush(BlockDriverState *bs)
 return ret;
 }
 
+static int blkreplay_snapshot_goto(BlockDriverState *bs,
+   const char *snapshot_id)
+{
+return bdrv_snapshot_goto(bs->file->bs, snapshot_id);
+}
+
 static BlockDriver bdrv_blkreplay = {
 .format_name= "blkreplay",
 .protocol_name  = "blkreplay",
@@ -145,6 +151,8 @@ static BlockDriver bdrv_blkreplay = {
 .bdrv_co_pwrite_zeroes  = blkreplay_co_pwrite_zeroes,
 .bdrv_co_pdiscard   = blkreplay_co_pdiscard,
 .bdrv_co_flush  = blkreplay_co_flush,
+
+.bdrv_snapshot_goto = blkreplay_snapshot_goto,
 };
 
 static void bdrv_blkreplay_init(void)

[Qemu-devel] [PATCH v8 7/9] replay: disable default snapshot for record/replay

[Pavel Dovgalyuk]

This patch disables setting '-snapshot' option on by default
in record/replay mode. This is needed for creating vmstates in record
and replay modes.

Signed-off-by: Pavel Dovgalyuk 
---
 vl.c |8 +++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/vl.c b/vl.c
index def0520..bddb2bc 100644
--- a/vl.c
+++ b/vl.c
@@ -3198,7 +3198,13 @@ int main(int argc, char **argv, char **envp)
 drive_add(IF_PFLASH, -1, optarg, PFLASH_OPTS);
 break;
 case QEMU_OPTION_snapshot:
-snapshot = 1;
+{
+Error *blocker = NULL;
+snapshot = 1;
+error_setg(&blocker, QERR_REPLAY_NOT_SUPPORTED,
+   "-snapshot");
+replay_add_blocker(blocker);
+}
 break;
 case QEMU_OPTION_hdachs:
 {

[Qemu-devel] [PATCH v8 3/9] apic: save apic_delivered flag

[Pavel Dovgalyuk]

This patch implements saving/restoring of static apic_delivered variable.

v8: saving static variable only for one of the APICs

Signed-off-by: Pavel Dovgalyuk 
---
 hw/intc/apic_common.c   |   37 +
 include/hw/i386/apic_internal.h |2 ++
 2 files changed, 39 insertions(+)

diff --git a/hw/intc/apic_common.c b/hw/intc/apic_common.c
index d78c885..edacb16 100644
--- a/hw/intc/apic_common.c
+++ b/hw/intc/apic_common.c
@@ -384,6 +384,29 @@ static bool apic_common_sipi_needed(void *opaque)
 return s->wait_for_sipi != 0;
 }
 
+static bool apic_irq_delivered_needed(void *opaque)
+{
+static APICCommonState *first_apic;
+APICCommonState *s = APIC_COMMON(opaque);
+if (!first_apic) {
+first_apic = s;
+}
+return s == first_apic;
+}
+
+static void apic_irq_delivered_pre_save(void *opaque)
+{
+APICCommonState *s = APIC_COMMON(opaque);
+s->apic_irq_delivered = apic_irq_delivered;
+}
+
+static int apic_irq_delivered_post_load(void *opaque, int version_id)
+{
+APICCommonState *s = APIC_COMMON(opaque);
+apic_irq_delivered = s->apic_irq_delivered;
+return 0;
+}
+
 static const VMStateDescription vmstate_apic_common_sipi = {
 .name = "apic_sipi",
 .version_id = 1,
@@ -396,6 +419,19 @@ static const VMStateDescription vmstate_apic_common_sipi = 
{
 }
 };
 
+static const VMStateDescription vmstate_apic_irq_delivered = {
+.name = "apic_irq_delivered",
+.version_id = 1,
+.minimum_version_id = 1,
+.needed = apic_irq_delivered_needed,
+.pre_save = apic_irq_delivered_pre_save,
+.post_load = apic_irq_delivered_post_load,
+.fields = (VMStateField[]) {
+VMSTATE_INT32(apic_irq_delivered, APICCommonState),
+VMSTATE_END_OF_LIST()
+}
+};
+
 static const VMStateDescription vmstate_apic_common = {
 .name = "apic",
 .version_id = 3,
@@ -430,6 +466,7 @@ static const VMStateDescription vmstate_apic_common = {
 },
 .subsections = (const VMStateDescription*[]) {
 &vmstate_apic_common_sipi,
+&vmstate_apic_irq_delivered,
 NULL
 }
 };
diff --git a/include/hw/i386/apic_internal.h b/include/hw/i386/apic_internal.h
index 1209eb4..20ad28c 100644
--- a/include/hw/i386/apic_internal.h
+++ b/include/hw/i386/apic_internal.h
@@ -189,6 +189,8 @@ struct APICCommonState {
 DeviceState *vapic;
 hwaddr vapic_paddr; /* note: persistence via kvmvapic */
 bool legacy_instance_id;
+
+int apic_irq_delivered; /* for saving static variable */
 };
 
 typedef struct VAPICState {

[Qemu-devel] [PATCH v8 2/9] icount: exit cpu loop on expire

[Pavel Dovgalyuk]

This patch adds check to break cpu loop when icount expires without
setting the TB_EXIT_ICOUNT_EXPIRED flag. It happens when there is no
available translated blocks and all instructions were executed.
In icount replay mode unnecessary tb_find will be called (which may
cause an exception) and execution will be non-deterministic.

v8: refactored loop exit code and moved it to separate function

Signed-off-by: Pavel Dovgalyuk 
---
 cpu-exec.c |   24 +++-
 1 file changed, 19 insertions(+), 5 deletions(-)

diff --git a/cpu-exec.c b/cpu-exec.c
index fa08c73..f9b8ec8 100644
--- a/cpu-exec.c
+++ b/cpu-exec.c
@@ -523,9 +523,25 @@ static inline void cpu_handle_interrupt(CPUState *cpu,
 *last_tb = NULL;
 }
 }
-if (unlikely(atomic_read(&cpu->exit_request) || replay_has_interrupt())) {
+}
+
+
+static void cpu_check_loop_exit(CPUState *cpu)
+{
+if (unlikely(atomic_read(&cpu->exit_request)
+/* icount has expired, we need to break the execution loop.
+   This check is needed before tb_find to make execution
+   deterministic - tb_find may cause an exception
+   while translating the code from non-mapped page. */
+|| (use_icount && ((cpu->icount_extra == 0
+&& cpu->icount_decr.u16.low == 0)
+|| (int32_t)cpu->icount_decr.u32 < 0 {
 atomic_set(&cpu->exit_request, 0);
-cpu->exception_index = EXCP_INTERRUPT;
+/* If there is an exception that wasn't replayed yet,
+   don't change exception_index. */
+if (cpu->exception_index == -1) {
+cpu->exception_index = EXCP_INTERRUPT;
+}
 cpu_loop_exit(cpu);
 }
 }
@@ -578,9 +594,6 @@ static inline void cpu_loop_exec_tb(CPUState *cpu, 
TranslationBlock *tb,
 cpu_exec_nocache(cpu, insns_left, *last_tb, false);
 align_clocks(sc, cpu);
 }
-cpu->exception_index = EXCP_INTERRUPT;
-*last_tb = NULL;
-cpu_loop_exit(cpu);
 }
 break;
 #endif
@@ -634,6 +647,7 @@ int cpu_exec(CPUState *cpu)
 
 for(;;) {
 cpu_handle_interrupt(cpu, &last_tb);
+cpu_check_loop_exit(cpu);
 tb = tb_find(cpu, last_tb, tb_exit);
 cpu_loop_exec_tb(cpu, tb, &last_tb, &tb_exit, &sc);
 /* Try to align the host and virtual clocks