[PULL 09/16] hw/i386/sgx: Get rid of qemu_open_old()
From: Zhao Liu For qemu_open_old(), osdep.h said: > Don't introduce new usage of this function, prefer the following > qemu_open/qemu_create that take an "Error **errp". So replace qemu_open_old() with qemu_open(). And considering the SGX enablement description is useful, convert it into a error message hint. Cc: Paolo Bonzini Cc: Richard Henderson Cc: Eduardo Habkost Cc: "Michael S. Tsirkin" Cc: Marcel Apfelbaum Signed-off-by: Zhao Liu Reviewed-by: Michael Tokarev Signed-off-by: Michael Tokarev --- hw/i386/sgx.c | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/hw/i386/sgx.c b/hw/i386/sgx.c index de76397bcf..a14a84bc6f 100644 --- a/hw/i386/sgx.c +++ b/hw/i386/sgx.c @@ -157,10 +157,12 @@ SGXInfo *qmp_query_sgx_capabilities(Error **errp) { SGXInfo *info = NULL; uint32_t eax, ebx, ecx, edx; +Error *local_err = NULL; -int fd = qemu_open_old("/dev/sgx_vepc", O_RDWR); +int fd = qemu_open("/dev/sgx_vepc", O_RDWR, _err); if (fd < 0) { -error_setg(errp, "SGX is not enabled in KVM"); +error_append_hint(_err, "SGX is not enabled in KVM"); +error_propagate(errp, local_err); return NULL; } -- 2.39.2
[PULL 00/16] Trivial patches for 2024-07-17
The following changes since commit e2f346aa98646e84eabe0256f89d08e89b1837cf: Merge tag 'sdmmc-20240716' of https://github.com/philmd/qemu into staging (2024-07-17 07:59:31 +1000) are available in the Git repository at: https://gitlab.com/mjt0k/qemu.git tags/pull-trivial-patches for you to fetch changes up to 66a8de9889ceb929e2abe7fb0e424f45210d9dda: meson: Update meson-buildoptions.sh (2024-07-17 14:04:15 +0300) trivial patches for 2024-07-17 Michael Tokarev (1): block/curl: rewrite http header parsing function Thomas Huth (1): tests/avocado: Remove the non-working virtio_check_params test Zhao Liu (13): accel/kvm/kvm-all: Fix superfluous trailing semicolon hw/i386/x86: Fix superfluous trailing semicolon util/oslib-posix: Fix superfluous trailing semicolon target/hexagon/imported/mmvec: Fix superfluous trailing semicolon doc/net/l2tpv3: Update boolean fields' description to avoid short-form use hw/i386/sgx: Get rid of qemu_open_old() hw/usb/host-libusb: Get rid of qemu_open_old() hw/usb/u2f-passthru: Get rid of qemu_open_old() hw/vfio/container: Get rid of qemu_open_old() backends/hostmem-epc: Get rid of qemu_open_old() backends/iommufd: Get rid of qemu_open_old() backends/rng-random: Get rid of qemu_open_old() meson: Update meson-buildoptions.sh Zhihai Dong (1): README.rst: add the missing punctuations README.rst | 6 +- accel/kvm/kvm-all.c| 2 +- backends/hostmem-epc.c | 4 +- backends/iommufd.c | 3 +- backends/rng-random.c | 5 +- block/curl.c | 44 +- hw/i386/sgx.c | 6 +- hw/i386/x86.c | 2 +- hw/usb/host-libusb.c | 3 +- hw/usb/u2f-passthru.c | 4 +- hw/vfio/container.c| 6 +- qemu-options.hx| 10 +-- scripts/meson-buildoptions.sh | 14 ++-- target/hexagon/imported/mmvec/ext.idef | 2 +- tests/avocado/virtio_check_params.py | 143 - util/oslib-posix.c | 2 +- 16 files changed, 48 insertions(+), 208 deletions(-) delete mode 100644 tests/avocado/virtio_check_params.py
[PULL 14/16] backends/iommufd: Get rid of qemu_open_old()
From: Zhao Liu For qemu_open_old(), osdep.h said: > Don't introduce new usage of this function, prefer the following > qemu_open/qemu_create that take an "Error **errp". So replace qemu_open_old() with qemu_open(). Cc: Yi Liu Cc: Eric Auger Cc: Zhenzhong Duan Signed-off-by: Zhao Liu Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Yi Liu Reviewed-by: Michael Tokarev Signed-off-by: Michael Tokarev --- backends/iommufd.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/backends/iommufd.c b/backends/iommufd.c index 84fefbc9ee..cabd1b5002 100644 --- a/backends/iommufd.c +++ b/backends/iommufd.c @@ -77,9 +77,8 @@ bool iommufd_backend_connect(IOMMUFDBackend *be, Error **errp) int fd; if (be->owned && !be->users) { -fd = qemu_open_old("/dev/iommu", O_RDWR); +fd = qemu_open("/dev/iommu", O_RDWR, errp); if (fd < 0) { -error_setg_errno(errp, errno, "/dev/iommu opening failed"); return false; } be->fd = fd; -- 2.39.2
[PULL 12/16] hw/vfio/container: Get rid of qemu_open_old()
From: Zhao Liu For qemu_open_old(), osdep.h said: > Don't introduce new usage of this function, prefer the following > qemu_open/qemu_create that take an "Error **errp". So replace qemu_open_old() with qemu_open(). Cc: Alex Williamson Cc: "Cédric Le Goater" Signed-off-by: Zhao Liu Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Cédric Le Goater Reviewed-by: Michael Tokarev Signed-off-by: Michael Tokarev --- hw/vfio/container.c | 6 ++ 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/hw/vfio/container.c b/hw/vfio/container.c index 425db1a14c..38a9df3496 100644 --- a/hw/vfio/container.c +++ b/hw/vfio/container.c @@ -600,9 +600,8 @@ static bool vfio_connect_container(VFIOGroup *group, AddressSpace *as, } } -fd = qemu_open_old("/dev/vfio/vfio", O_RDWR); +fd = qemu_open("/dev/vfio/vfio", O_RDWR, errp); if (fd < 0) { -error_setg_errno(errp, errno, "failed to open /dev/vfio/vfio"); goto put_space_exit; } @@ -743,9 +742,8 @@ static VFIOGroup *vfio_get_group(int groupid, AddressSpace *as, Error **errp) group = g_malloc0(sizeof(*group)); snprintf(path, sizeof(path), "/dev/vfio/%d", groupid); -group->fd = qemu_open_old(path, O_RDWR); +group->fd = qemu_open(path, O_RDWR, errp); if (group->fd < 0) { -error_setg_errno(errp, errno, "failed to open %s", path); goto free_group_exit; } -- 2.39.2
[PULL 10/16] hw/usb/host-libusb: Get rid of qemu_open_old()
From: Zhao Liu For qemu_open_old(), osdep.h said: > Don't introduce new usage of this function, prefer the following > qemu_open/qemu_create that take an "Error **errp". So replace qemu_open_old() with qemu_open(). Signed-off-by: Zhao Liu Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Michael Tokarev Signed-off-by: Michael Tokarev --- hw/usb/host-libusb.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/hw/usb/host-libusb.c b/hw/usb/host-libusb.c index 80122b4125..691bc881fb 100644 --- a/hw/usb/host-libusb.c +++ b/hw/usb/host-libusb.c @@ -1212,9 +1212,8 @@ static void usb_host_realize(USBDevice *udev, Error **errp) if (s->hostdevice) { int fd; s->needs_autoscan = false; -fd = qemu_open_old(s->hostdevice, O_RDWR); +fd = qemu_open(s->hostdevice, O_RDWR, errp); if (fd < 0) { -error_setg_errno(errp, errno, "failed to open %s", s->hostdevice); return; } rc = usb_host_open(s, NULL, fd); -- 2.39.2
[PULL 08/16] tests/avocado: Remove the non-working virtio_check_params test
From: Thomas Huth The test has been marked as broken more than 4 years ago [*], and so far nobody ever cared to fix it. Thus let's simply remove it now ... if somebody ever needs it again, they can restore the file from an older version of QEMU. [*] https://lore.kernel.org/qemu-devel/4bbe9ff8-e1a8-917d-5a57-ce5185da1...@redhat.com/ Signed-off-by: Thomas Huth Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Michael Tokarev (mjt: add reference as suggested by philm) Signed-off-by: Michael Tokarev --- tests/avocado/virtio_check_params.py | 143 --- 1 file changed, 143 deletions(-) delete mode 100644 tests/avocado/virtio_check_params.py diff --git a/tests/avocado/virtio_check_params.py b/tests/avocado/virtio_check_params.py deleted file mode 100644 index 5fe370a179..00 --- a/tests/avocado/virtio_check_params.py +++ /dev/null @@ -1,143 +0,0 @@ -# -# Test virtio-scsi and virtio-blk queue settings for all machine types -# -# Copyright (c) 2019 Virtuozzo International GmbH -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. -# - -import sys -import os -import re -import logging - -from qemu.machine import QEMUMachine -from avocado_qemu import QemuSystemTest -from avocado import skip - -#list of machine types and virtqueue properties to test -VIRTIO_SCSI_PROPS = {'seg_max_adjust': 'seg_max_adjust'} -VIRTIO_BLK_PROPS = {'seg_max_adjust': 'seg-max-adjust'} - -DEV_TYPES = {'virtio-scsi-pci': VIRTIO_SCSI_PROPS, - 'virtio-blk-pci': VIRTIO_BLK_PROPS} - -VM_DEV_PARAMS = {'virtio-scsi-pci': ['-device', 'virtio-scsi-pci,id=scsi0'], - 'virtio-blk-pci': ['-device', -'virtio-blk-pci,id=scsi0,drive=drive0', -'-drive', -'driver=null-co,id=drive0,if=none']} - - -class VirtioMaxSegSettingsCheck(QemuSystemTest): -@staticmethod -def make_pattern(props): -pattern_items = [r'{0} = \w+'.format(prop) for prop in props] -return '|'.join(pattern_items) - -def query_virtqueue(self, vm, dev_type_name): -query_ok = False -error = None -props = None - -output = vm.cmd('human-monitor-command', -command_line = 'info qtree') -props_list = DEV_TYPES[dev_type_name].values(); -pattern = self.make_pattern(props_list) -res = re.findall(pattern, output) - -if len(res) != len(props_list): -props_list = set(props_list) -res = set(res) -not_found = props_list.difference(res) -not_found = ', '.join(not_found) -error = '({0}): The following properties not found: {1}'\ - .format(dev_type_name, not_found) -else: -query_ok = True -props = dict() -for prop in res: -p = prop.split(' = ') -props[p[0]] = p[1] -return query_ok, props, error - -def check_mt(self, mt, dev_type_name): -mt['device'] = dev_type_name # Only for the debug() call. -logger = logging.getLogger('machine') -logger.debug(mt) -with QEMUMachine(self.qemu_bin) as vm: -vm.set_machine(mt["name"]) -vm.add_args('-nodefaults') -for s in VM_DEV_PARAMS[dev_type_name]: -vm.add_args(s) -try: -vm.launch() -query_ok, props, error = self.query_virtqueue(vm, dev_type_name) -except: -query_ok = False -error = sys.exc_info()[0] - -if not query_ok: -self.fail('machine type {0}: {1}'.format(mt['name'], error)) - -for prop_name, prop_val in props.items(): -expected_val = mt[prop_name] -self.assertEqual(expected_val, prop_val) - -@staticmethod -def seg_max_adjust_enabled(mt): -# machine types >= 5.0 should have seg_max_adjust = true -# others seg_max_adjust = false -mt = mt.split("-") - -# machine types with one line name and name like pc-x.x -if len(mt) <= 2: -return False - -# machine types like pc--x.x[.x] -ver = mt[2] -ver = ver.split("."); - -# versions >= 5.0 goes with seg_max_adjust enabled -
[PULL 04/16] hw/i386/x86: Fix superfluous trailing semicolon
From: Zhao Liu Signed-off-by: Zhao Liu Reviewed-by: Peter Maydell Reviewed-by: Michael Tokarev Signed-off-by: Michael Tokarev --- hw/i386/x86.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/i386/x86.c b/hw/i386/x86.c index a4aa8e0810..01fc5e6562 100644 --- a/hw/i386/x86.c +++ b/hw/i386/x86.c @@ -242,7 +242,7 @@ static void x86_machine_get_pit(Object *obj, Visitor *v, const char *name, static void x86_machine_set_pit(Object *obj, Visitor *v, const char *name, void *opaque, Error **errp) { -X86MachineState *x86ms = X86_MACHINE(obj);; +X86MachineState *x86ms = X86_MACHINE(obj); visit_type_OnOffAuto(v, name, >pit, errp); } -- 2.39.2
[PULL 07/16] doc/net/l2tpv3: Update boolean fields' description to avoid short-form use
From: Zhao Liu The short-form boolean options has been deprecated since v6.0 (refer to docs/about/deprecated.rst). Update the description and example of boolean fields in l2tpv3 option to avoid deprecation warning. Cc: Jason Wang Signed-off-by: Zhao Liu Reviewed-by: Michael Tokarev Signed-off-by: Michael Tokarev --- qemu-options.hx | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/qemu-options.hx b/qemu-options.hx index ad6521ef5e..edeaefe2c7 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -3353,7 +3353,7 @@ SRST -device e1000,netdev=n1,mac=52:54:00:12:34:56 \\ -netdev socket,id=n1,mcast=239.192.168.1:1102,localaddr=1.2.3.4 -``-netdev l2tpv3,id=id,src=srcaddr,dst=dstaddr[,srcport=srcport][,dstport=dstport],txsession=txsession[,rxsession=rxsession][,ipv6=on|off][,udp=on|off][,cookie64][,counter][,pincounter][,txcookie=txcookie][,rxcookie=rxcookie][,offset=offset]`` +``-netdev l2tpv3,id=id,src=srcaddr,dst=dstaddr[,srcport=srcport][,dstport=dstport],txsession=txsession[,rxsession=rxsession][,ipv6=on|off][,udp=on|off][,cookie64=on|off][,counter=on|off][,pincounter=on|off][,txcookie=txcookie][,rxcookie=rxcookie][,offset=offset]`` Configure a L2TPv3 pseudowire host network backend. L2TPv3 (RFC3931) is a popular protocol to transport Ethernet (and other Layer 2) data frames between two systems. It is present in routers, firewalls and @@ -3368,7 +3368,7 @@ SRST ``dst=dstaddr`` destination address (mandatory) -``udp`` +``udp=on`` select udp encapsulation (default is ip). ``srcport=srcport`` @@ -3377,7 +3377,7 @@ SRST ``dstport=dstport`` destination udp port. -``ipv6`` +``ipv6=on`` force v6, otherwise defaults to v4. ``rxcookie=rxcookie``; \ ``txcookie=txcookie`` @@ -3385,7 +3385,7 @@ SRST Their function is mostly to prevent misconfiguration. By default they are 32 bit. -``cookie64`` +``cookie64=on`` Set cookie size to 64 bit instead of the default 32 ``counter=off`` @@ -3419,7 +3419,7 @@ SRST # launch QEMU instance - if your network has reorder or is very lossy add ,pincounter |qemu_system| linux.img -device e1000,netdev=n1 \\ --netdev l2tpv3,id=n1,src=4.2.3.1,dst=1.2.3.4,udp,srcport=16384,dstport=16384,rxsession=0x,txsession=0x,counter +-netdev l2tpv3,id=n1,src=4.2.3.1,dst=1.2.3.4,udp=on,srcport=16384,dstport=16384,rxsession=0x,txsession=0x,counter=on ``-netdev vde,id=id[,sock=socketpath][,port=n][,group=groupname][,mode=octalmode]`` Configure VDE backend to connect to PORT n of a vde switch running -- 2.39.2
[PULL 03/16] accel/kvm/kvm-all: Fix superfluous trailing semicolon
From: Zhao Liu Signed-off-by: Zhao Liu Reviewed-by: Peter Maydell Reviewed-by: Alex Bennée Reviewed-by: Michael Tokarev Signed-off-by: Michael Tokarev --- accel/kvm/kvm-all.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c index 2b4ab89679..64bf47a033 100644 --- a/accel/kvm/kvm-all.c +++ b/accel/kvm/kvm-all.c @@ -3878,7 +3878,7 @@ static StatsList *add_kvmstat_entry(struct kvm_stats_desc *pdesc, /* Alloc and populate data list */ stats = g_new0(Stats, 1); stats->name = g_strdup(pdesc->name); -stats->value = g_new0(StatsValue, 1);; +stats->value = g_new0(StatsValue, 1); if ((pdesc->flags & KVM_STATS_UNIT_MASK) == KVM_STATS_UNIT_BOOLEAN) { stats->value->u.boolean = *stats_data; -- 2.39.2
[PULL 06/16] target/hexagon/imported/mmvec: Fix superfluous trailing semicolon
From: Zhao Liu Fix the superfluous trailing semicolon in target/hexagon/imported/mmvec/ ext.idef. Cc: Brian Cain Signed-off-by: Zhao Liu Reviewed-by: Alex Bennée Reviewed-by: Brian Cain Reviewed-by: Michael Tokarev Signed-off-by: Michael Tokarev --- target/hexagon/imported/mmvec/ext.idef | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target/hexagon/imported/mmvec/ext.idef b/target/hexagon/imported/mmvec/ext.idef index 98daabfb07..03d31f6181 100644 --- a/target/hexagon/imported/mmvec/ext.idef +++ b/target/hexagon/imported/mmvec/ext.idef @@ -2855,7 +2855,7 @@ EXTINSN(V6_vscattermhw_add, "vscatter(Rt32,Mu2,Vvv32.w).h+=Vw32", ATTRIBS(A_EXT fVALIGN(RtV, element_size); fVFOREACH(32, i) { for(j = 0; j < 2; j++) { - EA = RtV + fVALIGN(VvvV.v[j].uw[i],ALIGNMENT);; + EA = RtV + fVALIGN(VvvV.v[j].uw[i],ALIGNMENT); fVLOG_VTCM_HALFWORD_INCREMENT_DV(EA,VvvV.v[j].uw[i],VwV,(2*i+j),i,j,ALIGNMENT,MuV); } } -- 2.39.2
[PULL 02/16] README.rst: add the missing punctuations
From: Zhihai Dong Make the README more clearly. Signed-off-by: Zhihai Dong Reviewed-by: Peter Maydell Reviewed-by: Michael Tokarev Signed-off-by: Michael Tokarev --- README.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.rst b/README.rst index 21df79ef43..b120a1f69e 100644 --- a/README.rst +++ b/README.rst @@ -82,7 +82,7 @@ guidelines set out in the `style section the Developers Guide. Additional information on submitting patches can be found online via -the QEMU website +the QEMU website: * `<https://wiki.qemu.org/Contribute/SubmitAPatch>`_ * `<https://wiki.qemu.org/Contribute/TrivialPatches>`_ @@ -102,7 +102,7 @@ requires a working 'git send-email' setup, and by default doesn't automate everything, so you may want to go through the above steps manually for once. -For installation instructions, please go to +For installation instructions, please go to: * `<https://github.com/stefanha/git-publish>`_ @@ -159,7 +159,7 @@ Contact === The QEMU community can be contacted in a number of ways, with the two -main methods being email and IRC +main methods being email and IRC: * `<mailto:qemu-devel@nongnu.org>`_ * `<https://lists.nongnu.org/mailman/listinfo/qemu-devel>`_ -- 2.39.2
[PULL 05/16] util/oslib-posix: Fix superfluous trailing semicolon
From: Zhao Liu Signed-off-by: Zhao Liu Reviewed-by: Peter Maydell Reviewed-by: Alex Bennée Reviewed-by: Michael Tokarev Signed-off-by: Michael Tokarev --- util/oslib-posix.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/util/oslib-posix.c b/util/oslib-posix.c index e76441695b..b090fe0eed 100644 --- a/util/oslib-posix.c +++ b/util/oslib-posix.c @@ -263,7 +263,7 @@ int qemu_socketpair(int domain, int type, int protocol, int sv[2]) return ret; } #endif -ret = socketpair(domain, type, protocol, sv);; +ret = socketpair(domain, type, protocol, sv); if (ret == 0) { qemu_set_cloexec(sv[0]); qemu_set_cloexec(sv[1]); -- 2.39.2
[PULL 13/16] backends/hostmem-epc: Get rid of qemu_open_old()
From: Zhao Liu For qemu_open_old(), osdep.h said: > Don't introduce new usage of this function, prefer the following > qemu_open/qemu_create that take an "Error **errp". So replace qemu_open_old() with qemu_open(). Cc: David Hildenbrand Cc: Igor Mammedov Signed-off-by: Zhao Liu Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Igor Mammedov Reviewed-by: Michael Tokarev Signed-off-by: Michael Tokarev --- backends/hostmem-epc.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/backends/hostmem-epc.c b/backends/hostmem-epc.c index f58fcf00a1..6c024d6217 100644 --- a/backends/hostmem-epc.c +++ b/backends/hostmem-epc.c @@ -29,10 +29,8 @@ sgx_epc_backend_memory_alloc(HostMemoryBackend *backend, Error **errp) return false; } -fd = qemu_open_old("/dev/sgx_vepc", O_RDWR); +fd = qemu_open("/dev/sgx_vepc", O_RDWR, errp); if (fd < 0) { -error_setg_errno(errp, errno, - "failed to open /dev/sgx_vepc to alloc SGX EPC"); return false; } -- 2.39.2
[PULL 11/16] hw/usb/u2f-passthru: Get rid of qemu_open_old()
From: Zhao Liu For qemu_open_old(), osdep.h said: > Don't introduce new usage of this function, prefer the following > qemu_open/qemu_create that take an "Error **errp". So replace qemu_open_old() with qemu_open(). Signed-off-by: Zhao Liu Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Michael Tokarev Signed-off-by: Michael Tokarev --- hw/usb/u2f-passthru.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/hw/usb/u2f-passthru.c b/hw/usb/u2f-passthru.c index b7025d303d..c4a783d128 100644 --- a/hw/usb/u2f-passthru.c +++ b/hw/usb/u2f-passthru.c @@ -482,10 +482,8 @@ static void u2f_passthru_realize(U2FKeyState *base, Error **errp) return; #endif } else { -fd = qemu_open_old(key->hidraw, O_RDWR); +fd = qemu_open(key->hidraw, O_RDWR, errp); if (fd < 0) { -error_setg(errp, "%s: Failed to open %s", TYPE_U2F_PASSTHRU, - key->hidraw); return; } -- 2.39.2
[PULL 15/16] backends/rng-random: Get rid of qemu_open_old()
From: Zhao Liu For qemu_open_old(), osdep.h said: > Don't introduce new usage of this function, prefer the following > qemu_open/qemu_create that take an "Error **errp". So replace qemu_open_old() with qemu_open(). And considering rng_random_opened() will lose its obvious error handling case after removing error_setg_file_open(), add comment to remind here. Cc: Laurent Vivier Cc: Amit Shah Signed-off-by: Zhao Liu Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Michael Tokarev (mjt: drop superfluous commit as suggested by philmd) Signed-off-by: Michael Tokarev --- backends/rng-random.c | 5 + 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/backends/rng-random.c b/backends/rng-random.c index 80eb5be138..489c0917f0 100644 --- a/backends/rng-random.c +++ b/backends/rng-random.c @@ -75,10 +75,7 @@ static void rng_random_opened(RngBackend *b, Error **errp) error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "filename", "a valid filename"); } else { -s->fd = qemu_open_old(s->filename, O_RDONLY | O_NONBLOCK); -if (s->fd == -1) { -error_setg_file_open(errp, errno, s->filename); -} +s->fd = qemu_open(s->filename, O_RDONLY | O_NONBLOCK, errp); } } -- 2.39.2
[PULL 16/16] meson: Update meson-buildoptions.sh
From: Zhao Liu Update meson-buildoptions.sh to stay in sync with meson_options.txt. Signed-off-by: Zhao Liu Reviewed-by: Daniel P. Berrangé Reviewed-by: Michael Tokarev Signed-off-by: Michael Tokarev --- scripts/meson-buildoptions.sh | 14 +++--- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/scripts/meson-buildoptions.sh b/scripts/meson-buildoptions.sh index cfadb5ea86..c97079a38c 100644 --- a/scripts/meson-buildoptions.sh +++ b/scripts/meson-buildoptions.sh @@ -83,7 +83,7 @@ meson_options_help() { printf "%s\n" ' (can be empty) [qemu]' printf "%s\n" ' --with-trace-file=VALUE Trace file prefix for simple backend [trace]' printf "%s\n" ' --x86-version=CHOICE tweak required x86_64 architecture version beyond' - printf "%s\n" ' compiler default [1] (choices: 0/1/2/3)' + printf "%s\n" ' compiler default [1] (choices: 0/1/2/3/4)' printf "%s\n" '' printf "%s\n" 'Optional features, enabled with --enable-FEATURE and' printf "%s\n" 'disabled with --disable-FEATURE, default is enabled if available' @@ -166,6 +166,7 @@ meson_options_help() { printf "%s\n" ' qcow1 qcow1 image format support' printf "%s\n" ' qed qed image format support' printf "%s\n" ' qga-vss build QGA VSS support (broken with MinGW)' + printf "%s\n" ' qpl Query Processing Library support' printf "%s\n" ' rbd Ceph block device driver' printf "%s\n" ' rdmaEnable RDMA-based migration' printf "%s\n" ' replication replication support' @@ -187,6 +188,7 @@ meson_options_help() { printf "%s\n" ' tools build support utilities that come with QEMU' printf "%s\n" ' tpm TPM support' printf "%s\n" ' u2f U2F emulation support' + printf "%s\n" ' uadkUADK Library support' printf "%s\n" ' usb-redir libusbredir support' printf "%s\n" ' vde vde network backend support' printf "%s\n" ' vdi vdi image format support' @@ -221,8 +223,6 @@ meson_options_help() { printf "%s\n" ' Xen PCI passthrough support' printf "%s\n" ' xkbcommon xkbcommon support' printf "%s\n" ' zstdzstd compression support' - printf "%s\n" ' qpl Query Processing Library support' - printf "%s\n" ' uadkUADK Library support' } _meson_option_parse() { case $1 in @@ -440,6 +440,8 @@ _meson_option_parse() { --disable-qga-vss) printf "%s" -Dqga_vss=disabled ;; --enable-qom-cast-debug) printf "%s" -Dqom_cast_debug=true ;; --disable-qom-cast-debug) printf "%s" -Dqom_cast_debug=false ;; +--enable-qpl) printf "%s" -Dqpl=enabled ;; +--disable-qpl) printf "%s" -Dqpl=disabled ;; --enable-rbd) printf "%s" -Drbd=enabled ;; --disable-rbd) printf "%s" -Drbd=disabled ;; --enable-rdma) printf "%s" -Drdma=enabled ;; @@ -501,6 +503,8 @@ _meson_option_parse() { --disable-tsan) printf "%s" -Dtsan=false ;; --enable-u2f) printf "%s" -Du2f=enabled ;; --disable-u2f) printf "%s" -Du2f=disabled ;; +--enable-uadk) printf "%s" -Duadk=enabled ;; +--disable-uadk) printf "%s" -Duadk=disabled ;; --enable-usb-redir) printf "%s" -Dusb_redir=enabled ;; --disable-usb-redir) printf "%s" -Dusb_redir=disabled ;; --enable-vde) printf "%s" -Dvde=enabled ;; @@ -560,10 +564,6 @@ _meson_option_parse() { --disable-xkbcommon) printf "%s" -Dxkbcommon=disabled ;; --enable-zstd) printf "%s" -Dzstd=enabled ;; --disable-zstd) printf "%s" -Dzstd=disabled ;; ---enable-qpl) printf "%s" -Dqpl=enabled ;; ---disable-qpl) printf "%s" -Dqpl=disabled ;; ---enable-uadk) printf "%s" -Duadk=enabled ;; ---disable-uadk) printf "%s" -Duadk=disabled ;; *) return 1 ;; esac } -- 2.39.2
[PULL 01/16] block/curl: rewrite http header parsing function
Existing code was long, unclear and twisty. This also relaxes the rules a tiny bit: allows to have whitespace before header name and colon and makes the header value match to be case-insensitive. Signed-off-by: Michael Tokarev Reviewed-by: Vladimir Sementsov-Ogievskiy --- block/curl.c | 44 ++-- 1 file changed, 18 insertions(+), 26 deletions(-) diff --git a/block/curl.c b/block/curl.c index ef5252d00b..0fdb6d39ac 100644 --- a/block/curl.c +++ b/block/curl.c @@ -210,37 +210,29 @@ static size_t curl_header_cb(void *ptr, size_t size, size_t nmemb, void *opaque) { BDRVCURLState *s = opaque; size_t realsize = size * nmemb; -const char *header = (char *)ptr; -const char *end = header + realsize; -const char *accept_ranges = "accept-ranges:"; -const char *bytes = "bytes"; +const char *p = ptr; +const char *end = p + realsize; +const char *t = "accept-ranges : bytes "; /* A lowercase template */ -if (realsize >= strlen(accept_ranges) -&& g_ascii_strncasecmp(header, accept_ranges, - strlen(accept_ranges)) == 0) { - -char *p = strchr(header, ':') + 1; - -/* Skip whitespace between the header name and value. */ -while (p < end && *p && g_ascii_isspace(*p)) { -p++; -} - -if (end - p >= strlen(bytes) -&& strncmp(p, bytes, strlen(bytes)) == 0) { - -/* Check that there is nothing but whitespace after the value. */ -p += strlen(bytes); -while (p < end && *p && g_ascii_isspace(*p)) { -p++; -} - -if (p == end || !*p) { -s->accept_range = true; +/* check if header matches the "t" template */ +for (;;) { +if (*t == ' ') { /* space in t matches any amount of isspace in p */ +if (p < end && g_ascii_isspace(*p)) { +++p; +} else { +++t; } +} else if (*t && p < end && *t == g_ascii_tolower(*p)) { +++p, ++t; +} else { +break; } } +if (!*t && p == end) { /* if we managed to reach ends of both strings */ +s->accept_range = true; +} + return realsize; } -- 2.39.2
[ANNOUNCE] QEMU 8.2.6 Stable released
Hi everyone, The QEMU v8.2.6 stable release is now available. You can grab the tarball from our download page here: https://www.qemu.org/download/#source https://download.qemu.org/qemu-8.2.6.tar.xz https://download.qemu.org/qemu-8.2.6.tar.xz.sig (signature) v8.2.6 is now tagged in the official qemu.git repository, and the stable-8.2 branch has been updated accordingly: https://gitlab.com/qemu-project/qemu/-/commits/stable-8.2 There are 23 changes since the previous v8.2.5 release, including a fix for CVE-2024-4467 (qemu-img info command lack of input validation). This is supposed to be the last release in 8.2.x series. Thank you everyone who has been involved and helped with the stable series! /mjt Changelog (stable-8.2-hash master-hash Author Name: Commmit-Subject): 46300ebc38 Michael Tokarev: Update version for 8.2.6 release 57d9378af9 3936bbdf9a Vincent Fu: hw/nvme: fix number of PIDs for FDP RUH update 55b151b6a6 e389929d19 Markus Armbruster: sphinx/qapidoc: Fix to generate doc for explicit, unboxed arguments 8f7bb1266f a0124e333e Maxim Mikityanskiy: char-stdio: Restore blocking mode of stdout on exit b932f9fbd4 7aa6492401 Stefano Garzarella: virtio: remove virtio_tswap16s() call in vring_packed_event_read() 0d2c267638 a113d041e8 Cindy Lu: virtio-pci: Fix the failure process in kvm_virtio_pci_vector_use_one() aea89f4179 7ead946998 Kevin Wolf: block: Parse filenames only when explicitly requested 46fdbe667d 7e1110664e Kevin Wolf: iotests/270: Don't store data-file with json: prefix in image 6a2774e8ae 2eb42a728d Kevin Wolf: iotests/244: Don't store data-file with protocol in image d7e7f342c6 bd385a5298 Kevin Wolf: qcow2: Don't open data_file with BDRV_O_NO_IO 38fb9d1edc 7619129f0d Richard Henderson: target/arm: Fix FJCVTZS vs flush-to-zero 8c56d9f61a 76bccf3cb9 Richard Henderson: target/arm: Fix VCMLA Dd, Dn, Dm[idx] 40e04161b3 903916f0a0 Chuang Xu: i386/cpu: fixup number of addressable IDs for processor cores in the physi= cal package df0e72dc86 641b1efe01 Thomas Huth: tests: Update our CI to use CentOS Stream 9 instead of 8 5d9f2461b4 6d3279655a Fabiano Rosas: migration: Fix file migration with fdset 1229d60714 521d7fb3eb Richard Henderson: tcg/loongarch64: Fix tcg_out_movi vs some pcrel pointers f4564fc8d2 6b4965373e Cl=C3=A9ment Chigot: target/sparc: use signed denominator in sdiv helper 1649e9559b 54b2792102 Ilya Leoshkevich: linux-user: Make TARGET_NR_setgroups affect only the current thread 40682cfcea 3b279f73fa Anton Johansson: accel/tcg: Fix typo causing tb->page_addr[1] to not be recorded d08c1fd6db b1cf266c82 Gerd Hoffmann: stdvga: fix screen blanking 1798f38242 a276ec8e26 Philippe Mathieu-Daud=C3=A9: hw/audio/virtio-snd: Always use little endian audio format fdbeeb454c 77bf310084 Dongwon Kim: ui/gtk: Draw guest frame at refresh cycle fa275f2211 2c3e4e2de6 Alexey Dobriyan: virtio-net: drop too short packets early 3e09472893 3973615e7f Mark Cave-Ayland: target/i386: fix size of EBP writeback in gen_enter()
[ANNOUNCE] QEMU 9.0.2 Stable released
Hi everyone, The QEMU v9.0.2 stable release is now available. You can grab the tarball from our download page here: https://www.qemu.org/download/#source https://download.qemu.org/qemu-9.0.2.tar.xz https://download.qemu.org/qemu-9.0.2.tar.xz.sig (signature) v9.0.2 is now tagged in the official qemu.git repository, and the stable-9.0 branch has been updated accordingly: https://gitlab.com/qemu-project/qemu/-/commits/stable-9.0 There are 27 changes since the previous v9.0.1 release, including a fix for CVE-2024-4467 (qemu-img info command lack of input validation). Thank you everyone who has been involved and helped with the stable series! /mjt Changelog (stable-9.0-hash master-hash Author Name: Commmit-Subject): 5ebde3b5c0 Michael Tokarev: Update version for 9.0.2 release e0d660aeea 3936bbdf9a Vincent Fu: hw/nvme: fix number of PIDs for FDP RUH update e4a9b44f7a e389929d19 Markus Armbruster: sphinx/qapidoc: Fix to generate doc for explicit, unboxed arguments 837864aa6c a0124e333e Maxim Mikityanskiy: char-stdio: Restore blocking mode of stdout on exit 8c86d8aa6c 7aa6492401 Stefano Garzarella: virtio: remove virtio_tswap16s() call in vring_packed_event_read() c13615f78f a113d041e8 Cindy Lu: virtio-pci: Fix the failure process in kvm_virtio_pci_vector_use_one() b4efc4ce2c a71d9dfbf6 Richard Henderson: tcg/optimize: Fix TCG_COND_TST* simplification of setcond2 5be2bb40e3 7ead946998 Kevin Wolf: block: Parse filenames only when explicitly requested 8c022d8af6 7e1110664e Kevin Wolf: iotests/270: Don't store data-file with json: prefix in image 0bbe8f9b12 2eb42a728d Kevin Wolf: iotests/244: Don't store data-file with protocol in image 312ca4065b bd385a5298 Kevin Wolf: qcow2: Don't open data_file with BDRV_O_NO_IO 68473fdd22 e68dcbb079 Daniel P. Berrang=C3=A9: tests: add testing of parameter=3D1 for SMP topology a4fd014e33 9d7950edb0 Daniel P. Berrang=C3=A9: hw/core: allow parameter=3D1 for SMP topology on any machine 10f230bd61 7619129f0d Richard Henderson: target/arm: Fix FJCVTZS vs flush-to-zero 10b9e0c546 76bccf3cb9 Richard Henderson: target/arm: Fix VCMLA Dd, Dn, Dm[idx] 50a8a6b4d6 903916f0a0 Chuang Xu: i386/cpu: fixup number of addressable IDs for processor cores in the physi= cal package c048a5 641b1efe01 Thomas Huth: tests: Update our CI to use CentOS Stream 9 instead of 8 d7a4a38a03 6d3279655a Fabiano Rosas: migration: Fix file migration with fdset 658fb89bdc 521d7fb3eb Richard Henderson: tcg/loongarch64: Fix tcg_out_movi vs some pcrel pointers c8fdbb5bab 6b4965373e Cl=C3=A9ment Chigot: target/sparc: use signed denominator in sdiv helper 0556f5fc13 54b2792102 Ilya Leoshkevich: linux-user: Make TARGET_NR_setgroups affect only the current thread 7ee955223e 3b279f73fa Anton Johansson: accel/tcg: Fix typo causing tb->page_addr[1] to not be recorded 37f037cb69 b1cf266c82 Gerd Hoffmann: stdvga: fix screen blanking 1608a7f81f a276ec8e26 Philippe Mathieu-Daud=C3=A9: hw/audio/virtio-snd: Always use little endian audio format 35e5ce5bd6 719c6819ed Stefan Hajnoczi: Revert "monitor: use aio_co_reschedule_self()" 0d90c36d9c 77bf310084 Dongwon Kim: ui/gtk: Draw guest frame at refresh cycle 09f36a1f3f 2c3e4e2de6 Alexey Dobriyan: virtio-net: drop too short packets early db0a21257e 3973615e7f Mark Cave-Ayland: target/i386: fix size of EBP writeback in gen_enter()
[ANNOUNCE] QEMU 7.2.13 Stable released
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi everyone, The QEMU v7.2.13 stable release is now available. You can grab the tarball from our download page here: https://www.qemu.org/download/#source https://download.qemu.org/qemu-7.2.13.tar.xz https://download.qemu.org/qemu-7.2.13.tar.xz.sig (signature) v7.2.13 is now tagged in the official qemu.git repository, and the stable-7.2 branch has been updated accordingly: https://gitlab.com/qemu-project/qemu/-/commits/stable-7.2 There are 19 changes since the previous v7.2.12 release, including a fix for CVE-2024-4467 (qemu-img info command lack of input validation). Thank you everyone who has been involved and helped with the stable series! /mjt Changelog (stable-7.2-hash master-hash Author Name: Commmit-Subject): ee29e78fce Michael Tokarev: Update version for 7.2.13 release 6807403eed a0124e333e Maxim Mikityanskiy: char-stdio: Restore blocking mode of stdout on exit f0654b8d91 7aa6492401 Stefano Garzarella: virtio: remove virtio_tswap16s() call in vring_packed_event_read() 0408443ecb 7ead946998 Kevin Wolf: block: Parse filenames only when explicitly requested 35eb3e49a7 7e1110664e Kevin Wolf: iotests/270: Don't store data-file with json: prefix in image 7e3a2a0ee6 2eb42a728d Kevin Wolf: iotests/244: Don't store data-file with protocol in image 149bc216f2 bd385a5298 Kevin Wolf: qcow2: Don't open data_file with BDRV_O_NO_IO df3768b1a4 76bccf3cb9 Richard Henderson: target/arm: Fix VCMLA Dd, Dn, Dm[idx] 9804d797b9 903916f0a0 Chuang Xu: i386/cpu: fixup number of addressable IDs for processor cores in the physi= cal package 3d7fa1b3e2 f51f90c65e Thomas Huth: gitlab-ci: Disable the riscv64-debian-cross-container by default 0b27d262d1 7c7d369b33 Alex Benn=C3=A9e: tests: don't run benchmarks for the tsan build ece3cc28df 641b1efe01 Thomas Huth: tests: Update our CI to use CentOS Stream 9 instead of 8 c57fe3ac66 d639cf7978 Paolo Bonzini: ci, docker: update CentOS and OpenSUSE Python to non-EOL versions e4213c3dcb 0054dc8bde Marc-Andr=C3=A9 Lureau: Update lcitool and fedora to 37 bd650df6f7 e030d08c2f Thomas Huth: gitlab-ci.d/buildtest: Merge the --without-default-* jobs ca5d7bb952 521d7fb3eb Richard Henderson: tcg/loongarch64: Fix tcg_out_movi vs some pcrel pointers b07ff6d447 54b2792102 Ilya Leoshkevich: linux-user: Make TARGET_NR_setgroups affect only the current thread c53db9c66d b1cf266c82 Gerd Hoffmann: stdvga: fix screen blanking 6ce909 2c3e4e2de6 Alexey Dobriyan: virtio-net: drop too short packets early afb890bf17 3973615e7f Mark Cave-Ayland: target/i386: fix size of EBP writeback in gen_enter() -BEGIN PGP SIGNATURE- iQEzBAEBCAAdFiEEe3O61ovnosKJMUsicBtPaxppPlkFAmaWRxAACgkQcBtPaxpp PllFYwf+Nszvl1tugCYBSNGu01fnfFTSs//KIeueF5go3U5AaOXLXJaZpycAhQbL TURBqlPxEkX4eQL0ivTNA4vyg/YBTz8J/SrF9A+BnLAcbA5RWxdgyC61TNBxIo6N EeG7PwzMZLUidzUz3MN8ZPpxnIyzV01nLx2hx80OhBkak7I3PMlx8lh3OM0KcSY0 K0vuxGHfyeO+qIAsltG2BykRHRlDKVIYfGBNy7M4lFbnL8u5w2JiYQI3KgJsK1Lg MqNkbK++kiF7w2sCutJgPLhhFqD2n8EZiGmoBtpMm4pp1Ai9T+HGbabp/R6NDdjb bO43NLeyQeUGaISUYN3uKpzGRdbMVA== =A4oy -END PGP SIGNATURE-
Re: [PATCH v3 00/27] qemu-img: refersh options and --help handling, cleanups
A friendly ping? 24.04.2024 11:50, Michael Tokarev wrote: Quite big patchset trying to implement normal, readable qemu-img --help (and qemu-img COMMAND --help) output with readable descriptions, and adding many long options in the process. In the end I stopped using qemu-img-opts.hx in qemu-img.c, perhaps this can be avoided, with only list of commands and their desrciptions kept there, but I don't see big advantage here. The same list should be included in docs/tools/qemu-img.rst, - this is not done now. Also each command syntax isn't reflected in the doc for now, because I want to give good names for options first, - and there, we've quite some inconsistences and questions. For example, measure --output=OFMT -O OFMT, - this is priceless :) I've no idea why we have this ugly --output=json thing, why not have --json? ;) I gave the desired format long name --target-format to avoid clash with --output. For rebase, src vs tgt probably should be renamed in local variables too, and I'm not even sure I've got the caches right. For caches, the thing is inconsistent across commands. For compare, I used --a-format/--b-format (for -f/-F), - this can be made --souce-format and --target-format, to compare source (file1) with target (file2). For bitmap, things are scary, I'm not sure what -b SRC_FILENAME really means, - for now I gave it --source option, but this does not make it more clear, suggestions welcome. There are many other inconsistencies, I can't fix them all in one go. Changes since v2: - added Dan's R-Bs - refined couple cvtnum conversions - dropped "stop printing error twice in a few places" Michael Tokarev (27): qemu-img: measure: convert img_size to signed, simplify handling qemu-img: create: convert img_size to signed, simplify handling qemu-img: global option processing and error printing qemu-img: pass current cmd info into command handlers qemu-img: create: refresh options/--help qemu-img: factor out parse_output_format() and use it in the code qemu-img: check: refresh options/--help qemu-img: simplify --repair error message qemu-img: commit: refresh options/--help qemu-img: compare: refresh options/--help qemu-img: convert: refresh options/--help qemu-img: info: refresh options/--help qemu-img: map: refresh options/--help qemu-img: snapshot: allow specifying -f fmt qemu-img: snapshot: make -l (list) the default, simplify option handling qemu-img: snapshot: refresh options/--help qemu-img: rebase: refresh options/--help qemu-img: resize: do not always eat last argument qemu-img: resize: refresh options/--help qemu-img: amend: refresh options/--help qemu-img: bench: refresh options/--help qemu-img: bitmap: refresh options/--help qemu-img: dd: refresh options/--help qemu-img: measure: refresh options/--help qemu-img: implement short --help, remove global help() function qemu-img: inline list of supported commands, remove qemu-img-cmds.h include qemu-img: extend cvtnum() and use it in more places docs/tools/qemu-img.rst|4 +- qemu-img-cmds.hx |4 +- qemu-img.c | 1311 ++-- tests/qemu-iotests/049.out |9 +- 4 files changed, 821 insertions(+), 507 deletions(-) -- GPG Key transition (from rsa2048 to rsa4096) since 2024-04-24. New key: rsa4096/61AD3D98ECDF2C8E 9D8B E14E 3F2A 9DD7 9199 28F1 61AD 3D98 ECDF 2C8E Old key: rsa2048/457CE0A0804465C5 6EE1 95D1 886E 8FFB 810D 4324 457C E0A0 8044 65C5 Transition statement: http://www.corpit.ru/mjt/gpg-transition-2024.txt
Re: [PATCH v4 0/7] util: Introduce qemu_get_runtime_dir()
16.07.2024 12:32, Akihiko Odaki wrote: On 2024/07/16 17:06, Michael Tokarev wrote: Since runtime dir is always used with a filename within, how about char *qemu_get_runtime_path(const char *filename) which return RUNTIME_DIR/filename instead of just RUNTIME_DIR ? I'm not sure. Such a function would be certainly useful, but I slightly feel such a function concerns with too many responsibilities. Getting a runtime directory is one responsibility, and how to use is another. They are clearly distinguished; it does not matter how the path to the runtime directory is used after acquiring it. For example, you can keep the path to the runtime directory, and derive the paths to two files in the directory. You can pass NULL as filename and get the directory itself. /mjt -- GPG Key transition (from rsa2048 to rsa4096) since 2024-04-24. New key: rsa4096/61AD3D98ECDF2C8E 9D8B E14E 3F2A 9DD7 9199 28F1 61AD 3D98 ECDF 2C8E Old key: rsa2048/457CE0A0804465C5 6EE1 95D1 886E 8FFB 810D 4324 457C E0A0 8044 65C5 Transition statement: http://www.corpit.ru/mjt/gpg-transition-2024.txt
Re: [PATCH v4 0/7] util: Introduce qemu_get_runtime_dir()
16.07.2024 10:27, Akihiko Odaki wrote: qemu_get_runtime_dir() returns a dynamically allocated directory path that is appropriate for storing runtime files. It corresponds to "run" directory in Unix. Since runtime dir is always used with a filename within, how about char *qemu_get_runtime_path(const char *filename) which return RUNTIME_DIR/filename instead of just RUNTIME_DIR ? Thanks, /mjt -- GPG Key transition (from rsa2048 to rsa4096) since 2024-04-24. New key: rsa4096/61AD3D98ECDF2C8E 9D8B E14E 3F2A 9DD7 9199 28F1 61AD 3D98 ECDF 2C8E Old key: rsa2048/457CE0A0804465C5 6EE1 95D1 886E 8FFB 810D 4324 457C E0A0 8044 65C5 Transition statement: http://www.corpit.ru/mjt/gpg-transition-2024.txt
Re: [PATCH 7/7] backends/rng-random: Get rid of qemu_open_old()
15.07.2024 13:10, Zhao Liu wrote: ... Thanks Philippe! I'll wait patch 1's comment, after that I can post a new version with the change you mentioned. I don't think either of this is necessary. Patch 1 LGTM, and I'll drop the comment while applying. /mjt -- GPG Key transition (from rsa2048 to rsa4096) since 2024-04-24. New key: rsa4096/61AD3D98ECDF2C8E 9D8B E14E 3F2A 9DD7 9199 28F1 61AD 3D98 ECDF 2C8E Old key: rsa2048/457CE0A0804465C5 6EE1 95D1 886E 8FFB 810D 4324 457C E0A0 8044 65C5 Transition statement: http://www.corpit.ru/mjt/gpg-transition-2024.txt
Re: [PATCH 0/4] trivial: Fix superfluous trailing semicolon
04.07.2024 11:47, Zhao Liu wrote: Hi, I checked the files in QEMU to fix these few errors about "superfluous trailing semicolon" to honor the requirement in checkpatch.pl. Applied to the trivial-patches queue (pending confirmation from Brian for the 4th patch). Thanks, /mjt -- GPG Key transition (from rsa2048 to rsa4096) since 2024-04-24. New key: rsa4096/61AD3D98ECDF2C8E 9D8B E14E 3F2A 9DD7 9199 28F1 61AD 3D98 ECDF 2C8E Old key: rsa2048/457CE0A0804465C5 6EE1 95D1 886E 8FFB 810D 4324 457C E0A0 8044 65C5 Transition statement: http://www.corpit.ru/mjt/gpg-transition-2024.txt
Re: [PATCH 4/4] target/hexagon/imported/mmvec: Fix superfluous trailing semicolon
06.07.2024 00:50, Brian Cain wrote: On 7/4/2024 3:47 AM, Zhao Liu wrote: Fix the superfluous trailing semicolon in target/hexagon/imported/mmvec/ ext.idef. Cc: Brian Cain Signed-off-by: Zhao Liu Reviewed-by: Brian Cain Brian, is it okay to fix this in something "imported" ? I realize you added your R-b, but do you realize it's "imported"? Thanks, /mjt --- target/hexagon/imported/mmvec/ext.idef | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target/hexagon/imported/mmvec/ext.idef b/target/hexagon/imported/mmvec/ext.idef index 98daabfb07c4..03d31f6181d7 100644 --- a/target/hexagon/imported/mmvec/ext.idef +++ b/target/hexagon/imported/mmvec/ext.idef @@ -2855,7 +2855,7 @@ EXTINSN(V6_vscattermhw_add, "vscatter(Rt32,Mu2,Vvv32.w).h+=Vw32", ATTRIBS(A_EXT fVALIGN(RtV, element_size); fVFOREACH(32, i) { for(j = 0; j < 2; j++) { - EA = RtV + fVALIGN(VvvV.v[j].uw[i],ALIGNMENT);; + EA = RtV + fVALIGN(VvvV.v[j].uw[i],ALIGNMENT); fVLOG_VTCM_HALFWORD_INCREMENT_DV(EA,VvvV.v[j].uw[i],VwV,(2*i+j),i,j,ALIGNMENT,MuV); } }
[Stable-9.0.2 27/27] hw/nvme: fix number of PIDs for FDP RUH update
From: Vincent Fu The number of PIDs is in the upper 16 bits of cdw10. So we need to right-shift by 16 bits instead of only a single bit. Fixes: 73064edfb864 ("hw/nvme: flexible data placement emulation") Cc: qemu-sta...@nongnu.org Signed-off-by: Vincent Fu Reviewed-by: Klaus Jensen Signed-off-by: Klaus Jensen (cherry picked from commit 3936bbdf9a2e9233875f850c7576c79d06add261) Signed-off-by: Michael Tokarev diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c index 127c3d2383..e89f9f7808 100644 --- a/hw/nvme/ctrl.c +++ b/hw/nvme/ctrl.c @@ -4352,7 +4352,7 @@ static uint16_t nvme_io_mgmt_send_ruh_update(NvmeCtrl *n, NvmeRequest *req) NvmeNamespace *ns = req->ns; uint32_t cdw10 = le32_to_cpu(cmd->cdw10); uint16_t ret = NVME_SUCCESS; -uint32_t npid = (cdw10 >> 1) + 1; +uint32_t npid = (cdw10 >> 16) + 1; unsigned int i = 0; g_autofree uint16_t *pids = NULL; uint32_t maxnpid; -- 2.39.2
[Stable-9.0.2 24/27] virtio: remove virtio_tswap16s() call in vring_packed_event_read()
From: Stefano Garzarella Commit d152cdd6f6 ("virtio: use virtio accessor to access packed event") switched using of address_space_read_cached() to virito_lduw_phys_cached() to access packed descriptor event. When we used address_space_read_cached(), we needed to call virtio_tswap16s() to handle the endianess of the field, but virito_lduw_phys_cached() already handles it internally, so we no longer need to call virtio_tswap16s() (as the commit had done for `off_wrap`, but forgot for `flags`). Fixes: d152cdd6f6 ("virtio: use virtio accessor to access packed event") Cc: jasow...@redhat.com Cc: qemu-sta...@nongnu.org Reported-by: Xoykie Link: https://lore.kernel.org/qemu-devel/cafu8rb_pjr77zmlsm0unf9xpnxfr_--tjr49f_ex32zbc5o...@mail.gmail.com Signed-off-by: Stefano Garzarella Message-Id: <20240701075208.19634-1-sgarz...@redhat.com> Acked-by: Jason Wang Reviewed-by: Peter Maydell Reviewed-by: Eugenio Pérez Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin (cherry picked from commit 7aa6492401e95fb296dec7cda81e67d91f6037d7) Signed-off-by: Michael Tokarev diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c index 871674f9be..fd2dfe3a6b 100644 --- a/hw/virtio/virtio.c +++ b/hw/virtio/virtio.c @@ -322,7 +322,6 @@ static void vring_packed_event_read(VirtIODevice *vdev, /* Make sure flags is seen before off_wrap */ smp_rmb(); e->off_wrap = virtio_lduw_phys_cached(vdev, cache, off_off); -virtio_tswap16s(vdev, >flags); } static void vring_packed_off_wrap_write(VirtIODevice *vdev, -- 2.39.2
[Stable-9.0.2 26/27] sphinx/qapidoc: Fix to generate doc for explicit, unboxed arguments
From: Markus Armbruster When a command's arguments are specified as an explicit type T, generated documentation points to the members of T. Example: ## # @announce-self: # # Trigger generation of broadcast RARP frames to update network [...] ## { 'command': 'announce-self', 'boxed': true, 'data' : 'AnnounceParameters'} generates "announce-self" (Command) - Trigger generation of broadcast RARP frames to update network [...] Arguments ~ The members of "AnnounceParameters" Except when the command takes its arguments unboxed , i.e. it doesn't have 'boxed': true, we generate *nothing*. A few commands have a reference in their doc comment to compensate, but most don't. Example: ## # @blockdev-snapshot-sync: # # Takes a synchronous snapshot of a block device. # # For the arguments, see the documentation of BlockdevSnapshotSync. [...] ## { 'command': 'blockdev-snapshot-sync', 'data': 'BlockdevSnapshotSync', 'allow-preconfig': true } generates "blockdev-snapshot-sync" (Command) ~~ Takes a synchronous snapshot of a block device. For the arguments, see the documentation of BlockdevSnapshotSync. [...] Same for event data. Fix qapidoc.py to generate the reference regardless of boxing. Delete now redundant references in the doc comments. Fixes: 4078ee5469e5 (docs/sphinx: Add new qapi-doc Sphinx extension) Cc: qemu-sta...@nongnu.org Signed-off-by: Markus Armbruster Message-ID: <20240628112756.794237-1-arm...@redhat.com> Reviewed-by: John Snow (cherry picked from commit e389929d19a543ea5b34d02553b355f9f1c03162) Signed-off-by: Michael Tokarev diff --git a/docs/sphinx/qapidoc.py b/docs/sphinx/qapidoc.py index 8d428c64b0..8d3518e887 100644 --- a/docs/sphinx/qapidoc.py +++ b/docs/sphinx/qapidoc.py @@ -219,15 +219,15 @@ def _nodes_for_enum_values(self, doc): section += dlnode return [section] -def _nodes_for_arguments(self, doc, boxed_arg_type): +def _nodes_for_arguments(self, doc, arg_type): """Return list of doctree nodes for the arguments section""" -if boxed_arg_type: +if arg_type and not arg_type.is_implicit(): assert not doc.args section = self._make_section('Arguments') dlnode = nodes.definition_list() dlnode += self._make_dlitem( [nodes.Text('The members of '), - nodes.literal('', boxed_arg_type.name)], + nodes.literal('', arg_type.name)], None) section += dlnode return [section] @@ -331,8 +331,7 @@ def visit_command(self, name, info, ifcond, features, arg_type, allow_preconfig, coroutine): doc = self._cur_doc self._add_doc('Command', - self._nodes_for_arguments(doc, -arg_type if boxed else None) + self._nodes_for_arguments(doc, arg_type) + self._nodes_for_features(doc) + self._nodes_for_sections(doc) + self._nodes_for_if_section(ifcond)) @@ -340,8 +339,7 @@ def visit_command(self, name, info, ifcond, features, arg_type, def visit_event(self, name, info, ifcond, features, arg_type, boxed): doc = self._cur_doc self._add_doc('Event', - self._nodes_for_arguments(doc, -arg_type if boxed else None) + self._nodes_for_arguments(doc, arg_type) + self._nodes_for_features(doc) + self._nodes_for_sections(doc) + self._nodes_for_if_section(ifcond)) diff --git a/qapi/block-core.json b/qapi/block-core.json index 746d1694c2..4b18e01b85 100644 --- a/qapi/block-core.json +++ b/qapi/block-core.json @@ -1671,8 +1671,6 @@ # # Takes a synchronous snapshot of a block device. # -# For the arguments, see the documentation of BlockdevSnapshotSync. -# # Errors: # - If @device is not a valid block device, DeviceNotFound # @@ -1701,8 +1699,6 @@ # device, the block device changes to using 'overlay' as its new # active image. # -# For the arguments, see the documentation of BlockdevSnapshot. -# # Features: # # @allow-write-only-overlay: If present, the check whether this @@ -6061,9 +6057,6 @@ # string, or a snapshot with name already exists, the operation will # fail. # -# For the arguments, see the documentation of -# BlockdevSnapshotInternal. -# # Errors: # - If @device is not a valid block device, GenericError # - If any snapshot matching @name exists, or @name is empty, -- 2.39.2
[Stable-9.0.2 25/27] char-stdio: Restore blocking mode of stdout on exit
From: Maxim Mikityanskiy qemu_chr_open_fd() sets stdout into non-blocking mode. Restore the old fd flags on exit to avoid breaking unsuspecting applications that run on the same terminal after qemu and don't expect to get EAGAIN. While at at, also ensure term_exit is called once (at the moment it's called both from char_stdio_finalize() and as the atexit() hook. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2423 Signed-off-by: Maxim Mikityanskiy Link: https://lore.kernel.org/r/20240703190812.3459514-1-maxtra...@gmail.com Signed-off-by: Paolo Bonzini (cherry picked from commit a0124e333e2176640f233e5ea57a2f413985d9b5) Signed-off-by: Michael Tokarev diff --git a/chardev/char-stdio.c b/chardev/char-stdio.c index 3c648678ab..b960ddd4e4 100644 --- a/chardev/char-stdio.c +++ b/chardev/char-stdio.c @@ -41,6 +41,7 @@ /* init terminal so that we can grab keys */ static struct termios oldtty; static int old_fd0_flags; +static int old_fd1_flags; static bool stdio_in_use; static bool stdio_allow_signal; static bool stdio_echo_state; @@ -50,6 +51,8 @@ static void term_exit(void) if (stdio_in_use) { tcsetattr(0, TCSANOW, ); fcntl(0, F_SETFL, old_fd0_flags); +fcntl(1, F_SETFL, old_fd1_flags); +stdio_in_use = false; } } @@ -102,6 +105,7 @@ static void qemu_chr_open_stdio(Chardev *chr, stdio_in_use = true; old_fd0_flags = fcntl(0, F_GETFL); +old_fd1_flags = fcntl(1, F_GETFL); tcgetattr(0, ); if (!g_unix_set_fd_nonblocking(0, true, NULL)) { error_setg_errno(errp, errno, "Failed to set FD nonblocking"); -- 2.39.2
[Stable-9.0.2 23/27] virtio-pci: Fix the failure process in kvm_virtio_pci_vector_use_one()
From: Cindy Lu In function kvm_virtio_pci_vector_use_one(), the function will only use the irqfd/vector for itself. Therefore, in the undo label, the failing process is incorrect. To fix this, we can just remove this label. Fixes: f9a09ca3ea ("vhost: add support for configure interrupt") Cc: qemu-sta...@nongnu.org Signed-off-by: Cindy Lu Message-Id: <20240528084840.194538-1-l...@redhat.com> Reviewed-by: Peter Maydell Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin (cherry picked from commit a113d041e8d0b152d72a7c2bf47dd09aabf9ade2) Signed-off-by: Michael Tokarev diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c index cb159fd078..e04218a9fb 100644 --- a/hw/virtio/virtio-pci.c +++ b/hw/virtio/virtio-pci.c @@ -892,7 +892,7 @@ static int kvm_virtio_pci_vector_use_one(VirtIOPCIProxy *proxy, int queue_no) } ret = kvm_virtio_pci_vq_vector_use(proxy, vector); if (ret < 0) { -goto undo; +return ret; } /* * If guest supports masking, set up irqfd now. @@ -902,25 +902,11 @@ static int kvm_virtio_pci_vector_use_one(VirtIOPCIProxy *proxy, int queue_no) ret = kvm_virtio_pci_irqfd_use(proxy, n, vector); if (ret < 0) { kvm_virtio_pci_vq_vector_release(proxy, vector); -goto undo; +return ret; } } return 0; -undo: - -vector = virtio_queue_vector(vdev, queue_no); -if (vector >= msix_nr_vectors_allocated(dev)) { -return ret; -} -if (vdev->use_guest_notifier_mask && k->guest_notifier_mask) { -ret = virtio_pci_get_notifier(proxy, queue_no, , ); -if (ret < 0) { -return ret; -} -kvm_virtio_pci_irqfd_release(proxy, n, vector); -} -return ret; } static int kvm_virtio_pci_vector_vq_use(VirtIOPCIProxy *proxy, int nvqs) { -- 2.39.2
[Stable-9.0.2 00/27] Patch Round-up for stable 9.0.2, frozen on 2024-07-14
The following patches are queued for QEMU stable v9.0.2: https://gitlab.com/qemu-project/qemu/-/commits/staging-9.0 Patch freeze is 2024-07-14 (frozen), and the release is planned for 2024-07-16: https://wiki.qemu.org/Planning/9.0 Please respond here or CC qemu-sta...@nongnu.org on any additional patches you think should (or shouldn't) be included in the release. The changes which are staging for inclusion, with the original commit hash from master branch, are given below the bottom line. Thanks! /mjt -- 01* 3973615e7fba Mark Cave-Ayland: target/i386: fix size of EBP writeback in gen_enter() 02* 2c3e4e2de699 Alexey Dobriyan: virtio-net: drop too short packets early 03* 77bf310084da Dongwon Kim: ui/gtk: Draw guest frame at refresh cycle 04* 719c6819ed9a Stefan Hajnoczi: Revert "monitor: use aio_co_reschedule_self()" 05* a276ec8e2632 Philippe Mathieu-Daudé: hw/audio/virtio-snd: Always use little endian audio format 06* b1cf266c82cb Gerd Hoffmann: stdvga: fix screen blanking 07* 3b279f73fa37 Anton Johansson: accel/tcg: Fix typo causing tb->page_addr[1] to not be recorded 08* 54b27921026d Ilya Leoshkevich: linux-user: Make TARGET_NR_setgroups affect only the current thread 09* 6b4965373e56 Clément Chigot: target/sparc: use signed denominator in sdiv helper 10* 521d7fb3ebdf Richard Henderson: tcg/loongarch64: Fix tcg_out_movi vs some pcrel pointers 11* 6d3279655ac4 Fabiano Rosas: migration: Fix file migration with fdset 12* 641b1efe01b2 Thomas Huth: tests: Update our CI to use CentOS Stream 9 instead of 8 13* 903916f0a017 Chuang Xu: i386/cpu: fixup number of addressable IDs for processor cores in the physical package 14* 76bccf3cb9d9 Richard Henderson: target/arm: Fix VCMLA Dd, Dn, Dm[idx] 15* 7619129f0d4a Richard Henderson: target/arm: Fix FJCVTZS vs flush-to-zero 16* 9d7950edb0cd Daniel P. Berrangé: hw/core: allow parameter=1 for SMP topology on any machine 17* e68dcbb07923 Daniel P. Berrangé: tests: add testing of parameter=1 for SMP topology 18* bd385a5298d7 Kevin Wolf: qcow2: Don't open data_file with BDRV_O_NO_IO 19* 2eb42a728d27 Kevin Wolf: iotests/244: Don't store data-file with protocol in image 20* 7e1110664ecb Kevin Wolf: iotests/270: Don't store data-file with json: prefix in image 21* 7ead94699861 Kevin Wolf: block: Parse filenames only when explicitly requested 22* a71d9dfbf63d Richard Henderson: tcg/optimize: Fix TCG_COND_TST* simplification of setcond2 23 a113d041e8d0 Cindy Lu: virtio-pci: Fix the failure process in kvm_virtio_pci_vector_use_one() 24 7aa6492401e9 Stefano Garzarella: virtio: remove virtio_tswap16s() call in vring_packed_event_read() 25 a0124e333e21 Maxim Mikityanskiy: char-stdio: Restore blocking mode of stdout on exit 26 e389929d19a5 Markus Armbruster: sphinx/qapidoc: Fix to generate doc for explicit, unboxed arguments 27 3936bbdf9a2e Vincent Fu: hw/nvme: fix number of PIDs for FDP RUH update (commit(s) marked with * were in previous series and are not resent)
[Stable-8.2.6 22/23] sphinx/qapidoc: Fix to generate doc for explicit, unboxed arguments
From: Markus Armbruster When a command's arguments are specified as an explicit type T, generated documentation points to the members of T. Example: ## # @announce-self: # # Trigger generation of broadcast RARP frames to update network [...] ## { 'command': 'announce-self', 'boxed': true, 'data' : 'AnnounceParameters'} generates "announce-self" (Command) - Trigger generation of broadcast RARP frames to update network [...] Arguments ~ The members of "AnnounceParameters" Except when the command takes its arguments unboxed , i.e. it doesn't have 'boxed': true, we generate *nothing*. A few commands have a reference in their doc comment to compensate, but most don't. Example: ## # @blockdev-snapshot-sync: # # Takes a synchronous snapshot of a block device. # # For the arguments, see the documentation of BlockdevSnapshotSync. [...] ## { 'command': 'blockdev-snapshot-sync', 'data': 'BlockdevSnapshotSync', 'allow-preconfig': true } generates "blockdev-snapshot-sync" (Command) ~~ Takes a synchronous snapshot of a block device. For the arguments, see the documentation of BlockdevSnapshotSync. [...] Same for event data. Fix qapidoc.py to generate the reference regardless of boxing. Delete now redundant references in the doc comments. Fixes: 4078ee5469e5 (docs/sphinx: Add new qapi-doc Sphinx extension) Cc: qemu-sta...@nongnu.org Signed-off-by: Markus Armbruster Message-ID: <20240628112756.794237-1-arm...@redhat.com> Reviewed-by: John Snow (cherry picked from commit e389929d19a543ea5b34d02553b355f9f1c03162) Signed-off-by: Michael Tokarev (Mjt: context fixups in qapi/block-core.json due to missing v8.2.0-1951-g2746f060be18 "qapi: Move error documentation to new "Errors" sections" v8.2.0-1952-g53d5c36d8de3 "qapi: Delete useless "Returns" sections") diff --git a/docs/sphinx/qapidoc.py b/docs/sphinx/qapidoc.py index 658c288f8f..3d19853444 100644 --- a/docs/sphinx/qapidoc.py +++ b/docs/sphinx/qapidoc.py @@ -229,15 +229,15 @@ def _nodes_for_enum_values(self, doc): section += dlnode return [section] -def _nodes_for_arguments(self, doc, boxed_arg_type): +def _nodes_for_arguments(self, doc, arg_type): """Return list of doctree nodes for the arguments section""" -if boxed_arg_type: +if arg_type and not arg_type.is_implicit(): assert not doc.args section = self._make_section('Arguments') dlnode = nodes.definition_list() dlnode += self._make_dlitem( [nodes.Text('The members of '), - nodes.literal('', boxed_arg_type.name)], + nodes.literal('', arg_type.name)], None) section += dlnode return [section] @@ -341,8 +341,7 @@ def visit_command(self, name, info, ifcond, features, arg_type, allow_preconfig, coroutine): doc = self._cur_doc self._add_doc('Command', - self._nodes_for_arguments(doc, -arg_type if boxed else None) + self._nodes_for_arguments(doc, arg_type) + self._nodes_for_features(doc) + self._nodes_for_sections(doc) + self._nodes_for_if_section(ifcond)) @@ -350,8 +349,7 @@ def visit_command(self, name, info, ifcond, features, arg_type, def visit_event(self, name, info, ifcond, features, arg_type, boxed): doc = self._cur_doc self._add_doc('Event', - self._nodes_for_arguments(doc, -arg_type if boxed else None) + self._nodes_for_arguments(doc, arg_type) + self._nodes_for_features(doc) + self._nodes_for_sections(doc) + self._nodes_for_if_section(ifcond)) diff --git a/qapi/block-core.json b/qapi/block-core.json index ca390c5700..36f527882d 100644 --- a/qapi/block-core.json +++ b/qapi/block-core.json @@ -1660,8 +1660,6 @@ # # Takes a synchronous snapshot of a block device. # -# For the arguments, see the documentation of BlockdevSnapshotSync. -# # Returns: # - nothing on success # - If @device is not a valid block device, DeviceNotFound @@ -1691,8 +1689,6 @@ # device, the block device changes to using 'overlay' as its new # active image. # -# For the arguments, see the documentation of BlockdevSnapshot. -# # Features: # # @allow-write-only-overlay: If present, the check whether this @@ -6029,9 +6025,6 @@ # string, or a snapshot with name already exists, the operation will # fail. # -# For the arguments, see the do
[Stable-8.2.6 19/23] virtio-pci: Fix the failure process in kvm_virtio_pci_vector_use_one()
From: Cindy Lu In function kvm_virtio_pci_vector_use_one(), the function will only use the irqfd/vector for itself. Therefore, in the undo label, the failing process is incorrect. To fix this, we can just remove this label. Fixes: f9a09ca3ea ("vhost: add support for configure interrupt") Cc: qemu-sta...@nongnu.org Signed-off-by: Cindy Lu Message-Id: <20240528084840.194538-1-l...@redhat.com> Reviewed-by: Peter Maydell Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin (cherry picked from commit a113d041e8d0b152d72a7c2bf47dd09aabf9ade2) Signed-off-by: Michael Tokarev diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c index 08faefe29a..453861605e 100644 --- a/hw/virtio/virtio-pci.c +++ b/hw/virtio/virtio-pci.c @@ -892,7 +892,7 @@ static int kvm_virtio_pci_vector_use_one(VirtIOPCIProxy *proxy, int queue_no) } ret = kvm_virtio_pci_vq_vector_use(proxy, vector); if (ret < 0) { -goto undo; +return ret; } /* * If guest supports masking, set up irqfd now. @@ -902,25 +902,11 @@ static int kvm_virtio_pci_vector_use_one(VirtIOPCIProxy *proxy, int queue_no) ret = kvm_virtio_pci_irqfd_use(proxy, n, vector); if (ret < 0) { kvm_virtio_pci_vq_vector_release(proxy, vector); -goto undo; +return ret; } } return 0; -undo: - -vector = virtio_queue_vector(vdev, queue_no); -if (vector >= msix_nr_vectors_allocated(dev)) { -return ret; -} -if (vdev->use_guest_notifier_mask && k->guest_notifier_mask) { -ret = virtio_pci_get_notifier(proxy, queue_no, , ); -if (ret < 0) { -return ret; -} -kvm_virtio_pci_irqfd_release(proxy, n, vector); -} -return ret; } static int kvm_virtio_pci_vector_vq_use(VirtIOPCIProxy *proxy, int nvqs) { -- 2.39.2
[Stable-8.2.6 20/23] virtio: remove virtio_tswap16s() call in vring_packed_event_read()
From: Stefano Garzarella Commit d152cdd6f6 ("virtio: use virtio accessor to access packed event") switched using of address_space_read_cached() to virito_lduw_phys_cached() to access packed descriptor event. When we used address_space_read_cached(), we needed to call virtio_tswap16s() to handle the endianess of the field, but virito_lduw_phys_cached() already handles it internally, so we no longer need to call virtio_tswap16s() (as the commit had done for `off_wrap`, but forgot for `flags`). Fixes: d152cdd6f6 ("virtio: use virtio accessor to access packed event") Cc: jasow...@redhat.com Cc: qemu-sta...@nongnu.org Reported-by: Xoykie Link: https://lore.kernel.org/qemu-devel/cafu8rb_pjr77zmlsm0unf9xpnxfr_--tjr49f_ex32zbc5o...@mail.gmail.com Signed-off-by: Stefano Garzarella Message-Id: <20240701075208.19634-1-sgarz...@redhat.com> Acked-by: Jason Wang Reviewed-by: Peter Maydell Reviewed-by: Eugenio Pérez Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin (cherry picked from commit 7aa6492401e95fb296dec7cda81e67d91f6037d7) Signed-off-by: Michael Tokarev diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c index c177c31ca0..157567912e 100644 --- a/hw/virtio/virtio.c +++ b/hw/virtio/virtio.c @@ -322,7 +322,6 @@ static void vring_packed_event_read(VirtIODevice *vdev, /* Make sure flags is seen before off_wrap */ smp_rmb(); e->off_wrap = virtio_lduw_phys_cached(vdev, cache, off_off); -virtio_tswap16s(vdev, >flags); } static void vring_packed_off_wrap_write(VirtIODevice *vdev, -- 2.39.2
[Stable-8.2.6 21/23] char-stdio: Restore blocking mode of stdout on exit
From: Maxim Mikityanskiy qemu_chr_open_fd() sets stdout into non-blocking mode. Restore the old fd flags on exit to avoid breaking unsuspecting applications that run on the same terminal after qemu and don't expect to get EAGAIN. While at at, also ensure term_exit is called once (at the moment it's called both from char_stdio_finalize() and as the atexit() hook. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2423 Signed-off-by: Maxim Mikityanskiy Link: https://lore.kernel.org/r/20240703190812.3459514-1-maxtra...@gmail.com Signed-off-by: Paolo Bonzini (cherry picked from commit a0124e333e2176640f233e5ea57a2f413985d9b5) Signed-off-by: Michael Tokarev diff --git a/chardev/char-stdio.c b/chardev/char-stdio.c index 3c648678ab..b960ddd4e4 100644 --- a/chardev/char-stdio.c +++ b/chardev/char-stdio.c @@ -41,6 +41,7 @@ /* init terminal so that we can grab keys */ static struct termios oldtty; static int old_fd0_flags; +static int old_fd1_flags; static bool stdio_in_use; static bool stdio_allow_signal; static bool stdio_echo_state; @@ -50,6 +51,8 @@ static void term_exit(void) if (stdio_in_use) { tcsetattr(0, TCSANOW, ); fcntl(0, F_SETFL, old_fd0_flags); +fcntl(1, F_SETFL, old_fd1_flags); +stdio_in_use = false; } } @@ -102,6 +105,7 @@ static void qemu_chr_open_stdio(Chardev *chr, stdio_in_use = true; old_fd0_flags = fcntl(0, F_GETFL); +old_fd1_flags = fcntl(1, F_GETFL); tcgetattr(0, ); if (!g_unix_set_fd_nonblocking(0, true, NULL)) { error_setg_errno(errp, errno, "Failed to set FD nonblocking"); -- 2.39.2
[Stable-8.2.6 00/23] Patch Round-up for stable 8.2.6, frozen on 2024-07-14
The following patches are queued for QEMU stable v8.2.6: https://gitlab.com/qemu-project/qemu/-/commits/staging-8.2 Patch freeze is 2024-07-14 (frozen), and the release is planned for 2024-07-16: https://wiki.qemu.org/Planning/8.2 I expect this to be the last release in stable-8.2.x series. Please respond here or CC qemu-sta...@nongnu.org on any additional patches you think should (or shouldn't) be included in the release. The changes which are staging for inclusion, with the original commit hash from master branch, are given below the bottom line. Thanks! /mjt -- 01* 3973615e7fba Mark Cave-Ayland: target/i386: fix size of EBP writeback in gen_enter() 02* 2c3e4e2de699 Alexey Dobriyan: virtio-net: drop too short packets early 03* 77bf310084da Dongwon Kim: ui/gtk: Draw guest frame at refresh cycle 04* a276ec8e2632 Philippe Mathieu-Daudé: hw/audio/virtio-snd: Always use little endian audio format 05* b1cf266c82cb Gerd Hoffmann: stdvga: fix screen blanking 06* 3b279f73fa37 Anton Johansson: accel/tcg: Fix typo causing tb->page_addr[1] to not be recorded 07* 54b27921026d Ilya Leoshkevich: linux-user: Make TARGET_NR_setgroups affect only the current thread 08* 6b4965373e56 Clément Chigot: target/sparc: use signed denominator in sdiv helper 09* 521d7fb3ebdf Richard Henderson: tcg/loongarch64: Fix tcg_out_movi vs some pcrel pointers 10* 6d3279655ac4 Fabiano Rosas: migration: Fix file migration with fdset 11* 641b1efe01b2 Thomas Huth: tests: Update our CI to use CentOS Stream 9 instead of 8 12* 903916f0a017 Chuang Xu: i386/cpu: fixup number of addressable IDs for processor cores in the physical package 13* 76bccf3cb9d9 Richard Henderson: target/arm: Fix VCMLA Dd, Dn, Dm[idx] 14* 7619129f0d4a Richard Henderson: target/arm: Fix FJCVTZS vs flush-to-zero 15* bd385a5298d7 Kevin Wolf: qcow2: Don't open data_file with BDRV_O_NO_IO 16* 2eb42a728d27 Kevin Wolf: iotests/244: Don't store data-file with protocol in image 17* 7e1110664ecb Kevin Wolf: iotests/270: Don't store data-file with json: prefix in image 18* 7ead94699861 Kevin Wolf: block: Parse filenames only when explicitly requested 19 a113d041e8d0 Cindy Lu: virtio-pci: Fix the failure process in kvm_virtio_pci_vector_use_one() 20 7aa6492401e9 Stefano Garzarella: virtio: remove virtio_tswap16s() call in vring_packed_event_read() 21 a0124e333e21 Maxim Mikityanskiy: char-stdio: Restore blocking mode of stdout on exit 22 e389929d19a5 Markus Armbruster: sphinx/qapidoc: Fix to generate doc for explicit, unboxed arguments 23 3936bbdf9a2e Vincent Fu: hw/nvme: fix number of PIDs for FDP RUH update (commit(s) marked with * were in previous series and are not resent)
[Stable-8.2.6 23/23] hw/nvme: fix number of PIDs for FDP RUH update
From: Vincent Fu The number of PIDs is in the upper 16 bits of cdw10. So we need to right-shift by 16 bits instead of only a single bit. Fixes: 73064edfb864 ("hw/nvme: flexible data placement emulation") Cc: qemu-sta...@nongnu.org Signed-off-by: Vincent Fu Reviewed-by: Klaus Jensen Signed-off-by: Klaus Jensen (cherry picked from commit 3936bbdf9a2e9233875f850c7576c79d06add261) Signed-off-by: Michael Tokarev diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c index eaa6946604..2aa0aecfab 100644 --- a/hw/nvme/ctrl.c +++ b/hw/nvme/ctrl.c @@ -4352,7 +4352,7 @@ static uint16_t nvme_io_mgmt_send_ruh_update(NvmeCtrl *n, NvmeRequest *req) NvmeNamespace *ns = req->ns; uint32_t cdw10 = le32_to_cpu(cmd->cdw10); uint16_t ret = NVME_SUCCESS; -uint32_t npid = (cdw10 >> 1) + 1; +uint32_t npid = (cdw10 >> 16) + 1; unsigned int i = 0; g_autofree uint16_t *pids = NULL; uint32_t maxnpid; -- 2.39.2
[Stable-7.2.13 19/19] char-stdio: Restore blocking mode of stdout on exit
From: Maxim Mikityanskiy qemu_chr_open_fd() sets stdout into non-blocking mode. Restore the old fd flags on exit to avoid breaking unsuspecting applications that run on the same terminal after qemu and don't expect to get EAGAIN. While at at, also ensure term_exit is called once (at the moment it's called both from char_stdio_finalize() and as the atexit() hook. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2423 Signed-off-by: Maxim Mikityanskiy Link: https://lore.kernel.org/r/20240703190812.3459514-1-maxtra...@gmail.com Signed-off-by: Paolo Bonzini (cherry picked from commit a0124e333e2176640f233e5ea57a2f413985d9b5) Signed-off-by: Michael Tokarev diff --git a/chardev/char-stdio.c b/chardev/char-stdio.c index 3c648678ab..b960ddd4e4 100644 --- a/chardev/char-stdio.c +++ b/chardev/char-stdio.c @@ -41,6 +41,7 @@ /* init terminal so that we can grab keys */ static struct termios oldtty; static int old_fd0_flags; +static int old_fd1_flags; static bool stdio_in_use; static bool stdio_allow_signal; static bool stdio_echo_state; @@ -50,6 +51,8 @@ static void term_exit(void) if (stdio_in_use) { tcsetattr(0, TCSANOW, ); fcntl(0, F_SETFL, old_fd0_flags); +fcntl(1, F_SETFL, old_fd1_flags); +stdio_in_use = false; } } @@ -102,6 +105,7 @@ static void qemu_chr_open_stdio(Chardev *chr, stdio_in_use = true; old_fd0_flags = fcntl(0, F_GETFL); +old_fd1_flags = fcntl(1, F_GETFL); tcgetattr(0, ); if (!g_unix_set_fd_nonblocking(0, true, NULL)) { error_setg_errno(errp, errno, "Failed to set FD nonblocking"); -- 2.39.2
[Stable-7.2.13 18/19] virtio: remove virtio_tswap16s() call in vring_packed_event_read()
From: Stefano Garzarella Commit d152cdd6f6 ("virtio: use virtio accessor to access packed event") switched using of address_space_read_cached() to virito_lduw_phys_cached() to access packed descriptor event. When we used address_space_read_cached(), we needed to call virtio_tswap16s() to handle the endianess of the field, but virito_lduw_phys_cached() already handles it internally, so we no longer need to call virtio_tswap16s() (as the commit had done for `off_wrap`, but forgot for `flags`). Fixes: d152cdd6f6 ("virtio: use virtio accessor to access packed event") Cc: jasow...@redhat.com Cc: qemu-sta...@nongnu.org Reported-by: Xoykie Link: https://lore.kernel.org/qemu-devel/cafu8rb_pjr77zmlsm0unf9xpnxfr_--tjr49f_ex32zbc5o...@mail.gmail.com Signed-off-by: Stefano Garzarella Message-Id: <20240701075208.19634-1-sgarz...@redhat.com> Acked-by: Jason Wang Reviewed-by: Peter Maydell Reviewed-by: Eugenio Pérez Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin (cherry picked from commit 7aa6492401e95fb296dec7cda81e67d91f6037d7) Signed-off-by: Michael Tokarev diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c index 4a35d7cb0c..1227e3d692 100644 --- a/hw/virtio/virtio.c +++ b/hw/virtio/virtio.c @@ -732,7 +732,6 @@ static void vring_packed_event_read(VirtIODevice *vdev, /* Make sure flags is seen before off_wrap */ smp_rmb(); e->off_wrap = virtio_lduw_phys_cached(vdev, cache, off_off); -virtio_tswap16s(vdev, >flags); } static void vring_packed_off_wrap_write(VirtIODevice *vdev, -- 2.39.2
[Stable-7.2.13 00/19] Patch Round-up for stable 7.2.13, frozen on 2024-07-14
The following patches are queued for QEMU stable v7.2.13: https://gitlab.com/qemu-project/qemu/-/commits/staging-7.2 Patch freeze is 2024-07-14 (frozen), and the release is planned for 2024-07-16: https://wiki.qemu.org/Planning/7.2 Please respond here or CC qemu-sta...@nongnu.org on any additional patches you think should (or shouldn't) be included in the release. The changes which are staging for inclusion, with the original commit hash from master branch, are given below the bottom line. Thanks! /mjt -- 01* 3973615e7fba Mark Cave-Ayland: target/i386: fix size of EBP writeback in gen_enter() 02* 2c3e4e2de699 Alexey Dobriyan: virtio-net: drop too short packets early 03* b1cf266c82cb Gerd Hoffmann: stdvga: fix screen blanking 04* 54b27921026d Ilya Leoshkevich: linux-user: Make TARGET_NR_setgroups affect only the current thread 05* 521d7fb3ebdf Richard Henderson: tcg/loongarch64: Fix tcg_out_movi vs some pcrel pointers 06* e030d08c2fc0 Thomas Huth: gitlab-ci.d/buildtest: Merge the --without-default-* jobs 07* 0054dc8bde40 Marc-André Lureau: Update lcitool and fedora to 37 08* d639cf79783a Paolo Bonzini: ci, docker: update CentOS and OpenSUSE Python to non-EOL versions 09* 641b1efe01b2 Thomas Huth: tests: Update our CI to use CentOS Stream 9 instead of 8 10* 7c7d369b33f0 Alex Bennée: tests: don't run benchmarks for the tsan build 11* f51f90c65ed7 Thomas Huth: gitlab-ci: Disable the riscv64-debian-cross-container by default 12* 903916f0a017 Chuang Xu: i386/cpu: fixup number of addressable IDs for processor cores in the physical package 13* 76bccf3cb9d9 Richard Henderson: target/arm: Fix VCMLA Dd, Dn, Dm[idx] 14* bd385a5298d7 Kevin Wolf: qcow2: Don't open data_file with BDRV_O_NO_IO 15* 2eb42a728d27 Kevin Wolf: iotests/244: Don't store data-file with protocol in image 16* 7e1110664ecb Kevin Wolf: iotests/270: Don't store data-file with json: prefix in image 17* 7ead94699861 Kevin Wolf: block: Parse filenames only when explicitly requested 18 7aa6492401e9 Stefano Garzarella: virtio: remove virtio_tswap16s() call in vring_packed_event_read() 19 a0124e333e21 Maxim Mikityanskiy: char-stdio: Restore blocking mode of stdout on exit (commit(s) marked with * were in previous series and are not resent)
Re: [PATCH] net: Reinstate '-net nic, model=help' output as documented in man page
09.07.2024 15:34, David Woodhouse wrote: From: David Woodhouse While refactoring the NIC initialization code, I broke '-net nic,model=help' which no longer outputs a list of available NIC models. Fixes: 2cdeca04adab ("net: report list of available models according to platform") Signed-off-by: David Woodhouse Cc: qemu-sta...@nongnu.org Reviewed-by: Michael Tokarev Thanks, /mjt --- net/net.c | 25 ++--- 1 file changed, 22 insertions(+), 3 deletions(-) diff --git a/net/net.c b/net/net.c index 6938da05e0..2eb8bc9c0b 100644 --- a/net/net.c +++ b/net/net.c @@ -1139,6 +1139,21 @@ NICInfo *qemu_find_nic_info(const char *typename, bool match_default, return NULL; } +static bool is_nic_model_help_option(const char *model) +{ +if (model && is_help_option(model)) { +/* + * Trigger the help output by instantiating the hash table which + * will gather tha available models as they get registered. + */ +if (!nic_model_help) { +nic_model_help = g_hash_table_new_full(g_str_hash, g_str_equal, + g_free, NULL); +} +return true; +} +return false; +} /* "I have created a device. Please configure it if you can" */ bool qemu_configure_nic_device(DeviceState *dev, bool match_default, @@ -1722,6 +1737,12 @@ void net_check_clients(void) static int net_init_client(void *dummy, QemuOpts *opts, Error **errp) { +const char *model = qemu_opt_get_del(opts, "model"); + +if (is_nic_model_help_option(model)) { +return 0; +} + return net_client_init(opts, false, errp); } @@ -1778,9 +1799,7 @@ static int net_param_nic(void *dummy, QemuOpts *opts, Error **errp) memset(ni, 0, sizeof(*ni)); ni->model = qemu_opt_get_del(opts, "model"); -if (!nic_model_help && !g_strcmp0(ni->model, "help")) { -nic_model_help = g_hash_table_new_full(g_str_hash, g_str_equal, - g_free, NULL); +if (is_nic_model_help_option(ni->model)) { return 0; } -- GPG Key transition (from rsa2048 to rsa4096) since 2024-04-24. New key: rsa4096/61AD3D98ECDF2C8E 9D8B E14E 3F2A 9DD7 9199 28F1 61AD 3D98 ECDF 2C8E Old key: rsa2048/457CE0A0804465C5 6EE1 95D1 886E 8FFB 810D 4324 457C E0A0 8044 65C5 Transition statement: http://www.corpit.ru/mjt/gpg-transition-2024.txt
[Stable-9.0.2 07/22] accel/tcg: Fix typo causing tb->page_addr[1] to not be recorded
From: Anton Johansson For TBs crossing page boundaries, the 2nd page will never be recorded/removed, as the index of the 2nd page is computed from the address of the 1st page. This is due to a typo, fix it. Cc: qemu-sta...@nongnu.org Fixes: deba78709a ("accel/tcg: Always lock pages before translation") Signed-off-by: Anton Johansson Reviewed-by: Manos Pitsidianakis Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Alex Bennée Message-Id: <20240612133031.15298-1-a...@rev.ng> Signed-off-by: Richard Henderson (cherry picked from commit 3b279f73fa37bec8d3ba04a15f5153d6491cffaf) Signed-off-by: Michael Tokarev diff --git a/accel/tcg/tb-maint.c b/accel/tcg/tb-maint.c index da39a43bd8..653397eca3 100644 --- a/accel/tcg/tb-maint.c +++ b/accel/tcg/tb-maint.c @@ -712,7 +712,7 @@ static void tb_record(TranslationBlock *tb) tb_page_addr_t paddr0 = tb_page_addr0(tb); tb_page_addr_t paddr1 = tb_page_addr1(tb); tb_page_addr_t pindex0 = paddr0 >> TARGET_PAGE_BITS; -tb_page_addr_t pindex1 = paddr0 >> TARGET_PAGE_BITS; +tb_page_addr_t pindex1 = paddr1 >> TARGET_PAGE_BITS; assert(paddr0 != -1); if (unlikely(paddr1 != -1) && pindex0 != pindex1) { @@ -744,7 +744,7 @@ static void tb_remove(TranslationBlock *tb) tb_page_addr_t paddr0 = tb_page_addr0(tb); tb_page_addr_t paddr1 = tb_page_addr1(tb); tb_page_addr_t pindex0 = paddr0 >> TARGET_PAGE_BITS; -tb_page_addr_t pindex1 = paddr0 >> TARGET_PAGE_BITS; +tb_page_addr_t pindex1 = paddr1 >> TARGET_PAGE_BITS; assert(paddr0 != -1); if (unlikely(paddr1 != -1) && pindex0 != pindex1) { -- 2.39.2
[Stable-9.0.2 18/22] qcow2: Don't open data_file with BDRV_O_NO_IO
From: Kevin Wolf One use case for 'qemu-img info' is verifying that untrusted images don't reference an unwanted external file, be it as a backing file or an external data file. To make sure that calling 'qemu-img info' can't already have undesired side effects with a malicious image, just don't open the data file at all with BDRV_O_NO_IO. If nothing ever tries to do I/O, we don't need to have it open. This changes the output of iotests case 061, which used 'qemu-img info' to show that opening an image with an invalid data file fails. After this patch, it succeeds. Replace this part of the test with a qemu-io call, but keep the final 'qemu-img info' to show that the invalid data file is correctly displayed in the output. Fixes: CVE-2024-4467 Cc: qemu-sta...@nongnu.org Signed-off-by: Kevin Wolf Reviewed-by: Eric Blake Reviewed-by: Stefan Hajnoczi Reviewed-by: Hanna Czenczek (cherry picked from commit bd385a5298d7062668e804d73944d52aec9549f1) Signed-off-by: Michael Tokarev diff --git a/block/qcow2.c b/block/qcow2.c index 956128b409..4c78665bcb 100644 --- a/block/qcow2.c +++ b/block/qcow2.c @@ -1636,7 +1636,22 @@ qcow2_do_open(BlockDriverState *bs, QDict *options, int flags, goto fail; } -if (open_data_file) { +if (open_data_file && (flags & BDRV_O_NO_IO)) { +/* + * Don't open the data file for 'qemu-img info' so that it can be used + * to verify that an untrusted qcow2 image doesn't refer to external + * files. + * + * Note: This still makes has_data_file() return true. + */ +if (s->incompatible_features & QCOW2_INCOMPAT_DATA_FILE) { +s->data_file = NULL; +} else { +s->data_file = bs->file; +} +qdict_extract_subqdict(options, NULL, "data-file."); +qdict_del(options, "data-file"); +} else if (open_data_file) { /* Open external data file */ bdrv_graph_co_rdunlock(); s->data_file = bdrv_co_open_child(NULL, options, "data-file", bs, diff --git a/tests/qemu-iotests/061 b/tests/qemu-iotests/061 index 53c7d428e3..b71ac097d1 100755 --- a/tests/qemu-iotests/061 +++ b/tests/qemu-iotests/061 @@ -326,12 +326,14 @@ $QEMU_IMG amend -o "data_file=foo" "$TEST_IMG" echo _make_test_img -o "compat=1.1,data_file=$TEST_IMG.data" 64M $QEMU_IMG amend -o "data_file=foo" "$TEST_IMG" -_img_info --format-specific +$QEMU_IO -c "read 0 4k" "$TEST_IMG" 2>&1 | _filter_testdir | _filter_imgfmt +$QEMU_IO -c "open -o data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG" -c "read 0 4k" | _filter_qemu_io TEST_IMG="data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG" _img_info --format-specific --image-opts echo $QEMU_IMG amend -o "data_file=" --image-opts "data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG" -_img_info --format-specific +$QEMU_IO -c "read 0 4k" "$TEST_IMG" 2>&1 | _filter_testdir | _filter_imgfmt +$QEMU_IO -c "open -o data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG" -c "read 0 4k" | _filter_qemu_io TEST_IMG="data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG" _img_info --format-specific --image-opts echo diff --git a/tests/qemu-iotests/061.out b/tests/qemu-iotests/061.out index 139fc68177..24c33add7c 100644 --- a/tests/qemu-iotests/061.out +++ b/tests/qemu-iotests/061.out @@ -545,7 +545,9 @@ Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864 qemu-img: data-file can only be set for images that use an external data file Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864 data_file=TEST_DIR/t.IMGFMT.data -qemu-img: Could not open 'TEST_DIR/t.IMGFMT': Could not open 'foo': No such file or directory +qemu-io: can't open device TEST_DIR/t.IMGFMT: Could not open 'foo': No such file or directory +read 4096/4096 bytes at offset 0 +4 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) image: TEST_DIR/t.IMGFMT file format: IMGFMT virtual size: 64 MiB (67108864 bytes) @@ -560,7 +562,9 @@ Format specific information: corrupt: false extended l2: false -qemu-img: Could not open 'TEST_DIR/t.IMGFMT': 'data-file' is required for this image +qemu-io: can't open device TEST_DIR/t.IMGFMT: 'data-file' is required for this image +read 4096/4096 bytes at offset 0 +4 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) image: TEST_DIR/t.IMGFMT file format: IMGFMT virtual size: 64 MiB (67108864 bytes) -- 2.39.2
[Stable-9.0.2 17/22] tests: add testing of parameter=1 for SMP topology
From: Daniel P. Berrangé Validate that it is possible to pass 'parameter=1' for any SMP topology parameter, since unsupported parameters are implicitly considered to always have a value of 1. Signed-off-by: Daniel P. Berrangé Reviewed-by: Zhao Liu Reviewed-by: Ján Tomko Message-ID: <20240513123358.612355-3-berra...@redhat.com> Signed-off-by: Philippe Mathieu-Daudé (cherry picked from commit e68dcbb07923df0886802727edc3b21a10b0d342) Signed-off-by: Michael Tokarev diff --git a/tests/unit/test-smp-parse.c b/tests/unit/test-smp-parse.c index 56165e6644..9fdba24fce 100644 --- a/tests/unit/test-smp-parse.c +++ b/tests/unit/test-smp-parse.c @@ -330,6 +330,14 @@ static const struct SMPTestData data_generic_valid[] = { .config = SMP_CONFIG_GENERIC(T, 8, T, 2, T, 4, T, 2, T, 16), .expect_prefer_sockets = CPU_TOPOLOGY_GENERIC(8, 2, 4, 2, 16), .expect_prefer_cores = CPU_TOPOLOGY_GENERIC(8, 2, 4, 2, 16), +}, { +/* + * Unsupported parameters are always allowed to be set to '1' + * config: -smp 8,books=1,drawers=1,sockets=2,modules=1,dies=1,cores=2,threads=2,maxcpus=8 + * expect: cpus=8,sockets=2,cores=2,threads=2,maxcpus=8 */ +.config = SMP_CONFIG_WITH_FULL_TOPO(8, 1, 1, 2, 1, 1, 2, 2, 8), +.expect_prefer_sockets = CPU_TOPOLOGY_GENERIC(8, 2, 2, 2, 8), +.expect_prefer_cores = CPU_TOPOLOGY_GENERIC(8, 2, 2, 2, 8), }, }; -- 2.39.2
[Stable-9.0.2 05/22] hw/audio/virtio-snd: Always use little endian audio format
From: Philippe Mathieu-Daudé The VIRTIO Sound Device conforms with the Virtio spec v1.2, thus only use little endianness. Remove the suspicious target_words_bigendian() noticed during code review. Cc: qemu-sta...@nongnu.org Fixes: eb9ad377bb ("virtio-sound: handle control messages and streams") Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Michael S. Tsirkin Message-Id: <20240422211830.25606-1-phi...@linaro.org> (cherry picked from commit a276ec8e2632c9015d0f9b4e47194e4e91dfa8bb) Signed-off-by: Michael Tokarev diff --git a/hw/audio/virtio-snd.c b/hw/audio/virtio-snd.c index c80b58bf5d..4a56c00ec9 100644 --- a/hw/audio/virtio-snd.c +++ b/hw/audio/virtio-snd.c @@ -401,7 +401,7 @@ static void virtio_snd_get_qemu_audsettings(audsettings *as, as->nchannels = MIN(AUDIO_MAX_CHANNELS, params->channels); as->fmt = virtio_snd_get_qemu_format(params->format); as->freq = virtio_snd_get_qemu_freq(params->rate); -as->endianness = target_words_bigendian() ? 1 : 0; +as->endianness = 0; /* Conforming to VIRTIO 1.0: always little endian. */ } /* -- 2.39.2
[Stable-9.0.2 03/22] ui/gtk: Draw guest frame at refresh cycle
From: Dongwon Kim Draw routine needs to be manually invoked in the next refresh if there is a scanout blob from the guest. This is to prevent a situation where there is a scheduled draw event but it won't happen bacause the window is currently in inactive state (minimized or tabified). If draw is not done for a long time, gl_block timeout and/or fence timeout (on the guest) will happen eventually. v2: Use gd_gl_area_draw(vc) in gtk-gl-area.c Suggested-by: Vivek Kasireddy Cc: Gerd Hoffmann Cc: Marc-André Lureau Cc: Daniel P. Berrangé Signed-off-by: Dongwon Kim Acked-by: Marc-André Lureau Message-Id: <20240426225059.3871283-1-dongwon@intel.com> (cherry picked from commit 77bf310084dad38b3a2badf01766c659056f1cf2) Signed-off-by: Michael Tokarev diff --git a/ui/gtk-egl.c b/ui/gtk-egl.c index 955234429d..bceeeb0352 100644 --- a/ui/gtk-egl.c +++ b/ui/gtk-egl.c @@ -150,6 +150,7 @@ void gd_egl_refresh(DisplayChangeListener *dcl) vc, vc->window ? vc->window : vc->gfx.drawing_area); if (vc->gfx.guest_fb.dmabuf && vc->gfx.guest_fb.dmabuf->draw_submitted) { +gd_egl_draw(vc); return; } diff --git a/ui/gtk-gl-area.c b/ui/gtk-gl-area.c index 7fffd0544e..b490727402 100644 --- a/ui/gtk-gl-area.c +++ b/ui/gtk-gl-area.c @@ -126,6 +126,7 @@ void gd_gl_area_refresh(DisplayChangeListener *dcl) gd_update_monitor_refresh_rate(vc, vc->window ? vc->window : vc->gfx.drawing_area); if (vc->gfx.guest_fb.dmabuf && vc->gfx.guest_fb.dmabuf->draw_submitted) { +gd_gl_area_draw(vc); return; } -- 2.39.2
[Stable-9.0.2 15/22] target/arm: Fix FJCVTZS vs flush-to-zero
From: Richard Henderson Input denormals cause the Javascript inexact bit (output to Z) to be set. Cc: qemu-sta...@nongnu.org Fixes: 6c1f6f2733a ("target/arm: Implement ARMv8.3-JSConv") Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2375 Reviewed-by: Peter Maydell Signed-off-by: Richard Henderson Message-id: 20240625183536.1672454-4-richard.hender...@linaro.org [PMM: fixed hardcoded tab in test case] Signed-off-by: Peter Maydell (cherry picked from commit 7619129f0d4a14d918227c5c47ad7433662e9ccc) Signed-off-by: Michael Tokarev diff --git a/target/arm/vfp_helper.c b/target/arm/vfp_helper.c index 3e5e37abbe..ff59bc5522 100644 --- a/target/arm/vfp_helper.c +++ b/target/arm/vfp_helper.c @@ -1121,8 +1121,8 @@ const FloatRoundMode arm_rmode_to_sf_map[] = { uint64_t HELPER(fjcvtzs)(float64 value, void *vstatus) { float_status *status = vstatus; -uint32_t inexact, frac; -uint32_t e_old, e_new; +uint32_t frac, e_old, e_new; +bool inexact; e_old = get_float_exception_flags(status); set_float_exception_flags(0, status); @@ -1130,13 +1130,13 @@ uint64_t HELPER(fjcvtzs)(float64 value, void *vstatus) e_new = get_float_exception_flags(status); set_float_exception_flags(e_old | e_new, status); -if (value == float64_chs(float64_zero)) { -/* While not inexact for IEEE FP, -0.0 is inexact for JavaScript. */ -inexact = 1; -} else { -/* Normal inexact or overflow or NaN */ -inexact = e_new & (float_flag_inexact | float_flag_invalid); -} +/* Normal inexact, denormal with flush-to-zero, or overflow or NaN */ +inexact = e_new & (float_flag_inexact | + float_flag_input_denormal | + float_flag_invalid); + +/* While not inexact for IEEE FP, -0.0 is inexact for JavaScript. */ +inexact |= value == float64_chs(float64_zero); /* Pack the result and the env->ZF representation of Z together. */ return deposit64(frac, 32, 32, inexact); diff --git a/tests/tcg/aarch64/Makefile.target b/tests/tcg/aarch64/Makefile.target index 70d728ae9a..4ecbca6a41 100644 --- a/tests/tcg/aarch64/Makefile.target +++ b/tests/tcg/aarch64/Makefile.target @@ -41,8 +41,9 @@ endif # Pauth Tests ifneq ($(CROSS_CC_HAS_ARMV8_3),) -AARCH64_TESTS += pauth-1 pauth-2 pauth-4 pauth-5 +AARCH64_TESTS += pauth-1 pauth-2 pauth-4 pauth-5 test-2375 pauth-%: CFLAGS += -march=armv8.3-a +test-2375: CFLAGS += -march=armv8.3-a run-pauth-1: QEMU_OPTS += -cpu max run-pauth-2: QEMU_OPTS += -cpu max # Choose a cpu with FEAT_Pauth but without FEAT_FPAC for pauth-[45]. diff --git a/tests/tcg/aarch64/test-2375.c b/tests/tcg/aarch64/test-2375.c new file mode 100644 index 00..84c7e7de71 --- /dev/null +++ b/tests/tcg/aarch64/test-2375.c @@ -0,0 +1,21 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ +/* Copyright (c) 2024 Linaro Ltd */ +/* See https://gitlab.com/qemu-project/qemu/-/issues/2375 */ + +#include + +int main(void) +{ + int r, z; + + asm("msr fpcr, %2\n\t" + "fjcvtzs %w0, %d3\n\t" + "cset %1, eq" + : "=r"(r), "=r"(z) + : "r"(0x0100L), /* FZ = 1 */ + "w"(0xfcff00L)); /* denormal */ + +assert(r == 0); +assert(z == 0); +return 0; +} -- 2.39.2
[Stable-9.0.2 08/22] linux-user: Make TARGET_NR_setgroups affect only the current thread
From: Ilya Leoshkevich Like TARGET_NR_setuid, TARGET_NR_setgroups should affect only the calling thread, and not the entire process. Therefore, implement it using a syscall, and not a libc call. Cc: qemu-sta...@nongnu.org Fixes: 19b84f3c35d7 ("added setgroups and getgroups syscalls") Signed-off-by: Ilya Leoshkevich Reviewed-by: Philippe Mathieu-Daudé Message-Id: <20240614154710.1078766-1-...@linux.ibm.com> Reviewed-by: Richard Henderson Signed-off-by: Richard Henderson (cherry picked from commit 54b27921026df384f67df86f04c39539df375c60) Signed-off-by: Michael Tokarev diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 59fb3e911f..2edbd1ef15 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -7210,11 +7210,17 @@ static inline int tswapid(int id) #else #define __NR_sys_setresgid __NR_setresgid #endif +#ifdef __NR_setgroups32 +#define __NR_sys_setgroups __NR_setgroups32 +#else +#define __NR_sys_setgroups __NR_setgroups +#endif _syscall1(int, sys_setuid, uid_t, uid) _syscall1(int, sys_setgid, gid_t, gid) _syscall3(int, sys_setresuid, uid_t, ruid, uid_t, euid, uid_t, suid) _syscall3(int, sys_setresgid, gid_t, rgid, gid_t, egid, gid_t, sgid) +_syscall2(int, sys_setgroups, int, size, gid_t *, grouplist) void syscall_init(void) { @@ -11892,7 +11898,7 @@ static abi_long do_syscall1(CPUArchState *cpu_env, int num, abi_long arg1, unlock_user(target_grouplist, arg2, gidsetsize * sizeof(target_id)); } -return get_errno(setgroups(gidsetsize, grouplist)); +return get_errno(sys_setgroups(gidsetsize, grouplist)); } case TARGET_NR_fchown: return get_errno(fchown(arg1, low2highuid(arg2), low2highgid(arg3))); @@ -12228,7 +12234,7 @@ static abi_long do_syscall1(CPUArchState *cpu_env, int num, abi_long arg1, } unlock_user(target_grouplist, arg2, 0); } -return get_errno(setgroups(gidsetsize, grouplist)); +return get_errno(sys_setgroups(gidsetsize, grouplist)); } #endif #ifdef TARGET_NR_fchown32 -- 2.39.2
[Stable-9.0.2 12/22] tests: Update our CI to use CentOS Stream 9 instead of 8
From: Thomas Huth RHEL 9 (and thus also the derivatives) have been available since two years now, so according to QEMU's support policy, we can drop the active support for the previous major version 8 now. Another reason for doing this is that Centos Stream 8 will go EOL soon: https://blog.centos.org/2023/04/end-dates-are-coming-for-centos-stream-8-and-centos-linux-7/ "After May 31, 2024, CentOS Stream 8 will be archived and no further updates will be provided." Thus upgrade our CentOS Stream container to major version 9 now. Reviewed-by: Daniel P. Berrangé Message-ID: <20240418101056.302103-5-th...@redhat.com> Signed-off-by: Thomas Huth (cherry picked from commit 641b1efe01b2dd6e7ac92f23d392dcee73508746) Signed-off-by: Michael Tokarev diff --git a/.gitlab-ci.d/buildtest.yml b/.gitlab-ci.d/buildtest.yml index 92e65bb78e..8440bc8ef6 100644 --- a/.gitlab-ci.d/buildtest.yml +++ b/.gitlab-ci.d/buildtest.yml @@ -158,9 +158,9 @@ build-system-centos: - .native_build_job_template - .native_build_artifact_template needs: -job: amd64-centos8-container +job: amd64-centos9-container variables: -IMAGE: centos8 +IMAGE: centos9 CONFIGURE_ARGS: --disable-nettle --enable-gcrypt --enable-vfio-user-server --enable-modules --enable-trace-backends=dtrace --enable-docs TARGETS: ppc64-softmmu or1k-softmmu s390x-softmmu @@ -242,7 +242,7 @@ check-system-centos: - job: build-system-centos artifacts: true variables: -IMAGE: centos8 +IMAGE: centos9 MAKE_CHECK_ARGS: check avocado-system-centos: @@ -251,7 +251,7 @@ avocado-system-centos: - job: build-system-centos artifacts: true variables: -IMAGE: centos8 +IMAGE: centos9 MAKE_CHECK_ARGS: check-avocado AVOCADO_TAGS: arch:ppc64 arch:or1k arch:s390x arch:x86_64 arch:rx arch:sh4 arch:nios2 @@ -327,9 +327,9 @@ avocado-system-flaky: build-tcg-disabled: extends: .native_build_job_template needs: -job: amd64-centos8-container +job: amd64-centos9-container variables: -IMAGE: centos8 +IMAGE: centos9 script: - mkdir build - cd build @@ -654,9 +654,9 @@ build-tci: build-without-defaults: extends: .native_build_job_template needs: -job: amd64-centos8-container +job: amd64-centos9-container variables: -IMAGE: centos8 +IMAGE: centos9 CONFIGURE_ARGS: --without-default-devices --without-default-features diff --git a/.gitlab-ci.d/container-core.yml b/.gitlab-ci.d/container-core.yml index 08f8450fa1..5459447676 100644 --- a/.gitlab-ci.d/container-core.yml +++ b/.gitlab-ci.d/container-core.yml @@ -1,10 +1,10 @@ include: - local: '/.gitlab-ci.d/container-template.yml' -amd64-centos8-container: +amd64-centos9-container: extends: .container_job_template variables: -NAME: centos8 +NAME: centos9 amd64-fedora-container: extends: .container_job_template diff --git a/tests/docker/dockerfiles/centos8.docker b/tests/docker/dockerfiles/centos9.docker similarity index 82% rename from tests/docker/dockerfiles/centos8.docker rename to tests/docker/dockerfiles/centos9.docker index d97c30e96a..9fc9b27eb7 100644 --- a/tests/docker/dockerfiles/centos8.docker +++ b/tests/docker/dockerfiles/centos9.docker @@ -1,15 +1,14 @@ # THIS FILE WAS AUTO-GENERATED # -# $ lcitool dockerfile --layers all centos-stream-8 qemu +# $ lcitool dockerfile --layers all centos-stream-9 qemu # # https://gitlab.com/libvirt/libvirt-ci -FROM quay.io/centos/centos:stream8 +FROM quay.io/centos/centos:stream9 RUN dnf distro-sync -y && \ dnf install 'dnf-command(config-manager)' -y && \ -dnf config-manager --set-enabled -y powertools && \ -dnf install -y centos-release-advanced-virtualization && \ +dnf config-manager --set-enabled -y crb && \ dnf install -y epel-release && \ dnf install -y epel-next-release && \ dnf install -y \ @@ -42,7 +41,6 @@ RUN dnf distro-sync -y && \ glib2-static \ glibc-langpack-en \ glibc-static \ -glusterfs-api-devel \ gnutls-devel \ gtk3-devel \ hostname \ @@ -82,6 +80,7 @@ RUN dnf distro-sync -y && \ lzo-devel \ make \ mesa-libgbm-devel \ +meson \ mtools \ ncurses-devel \ nettle-devel \ @@ -95,25 +94,25 @@ RUN dnf distro-sync -y && \ pixman-devel \ pkgconfig \ pulseaudio-libs-devel \ -python38 \ -python38-PyYAML \ -python38-numpy \ -python38-pip \ -python38-setuptools \ -python38-wheel \ +python3 \ +python3-PyYAML \ +python3-numpy \ +python3-pillow \ +python3-pip \ +python3-sphinx \ +python3-sphinx_rtd_theme \ +python3-tomli \ rdma-core-devel \ sed \ snappy
[Stable-9.0.2 19/22] iotests/244: Don't store data-file with protocol in image
From: Kevin Wolf We want to disable filename parsing for data files because it's too easy to abuse in malicious image files. Make the test ready for the change by passing the data file explicitly in command line options. Cc: qemu-sta...@nongnu.org Signed-off-by: Kevin Wolf Reviewed-by: Eric Blake Reviewed-by: Stefan Hajnoczi Reviewed-by: Hanna Czenczek (cherry picked from commit 2eb42a728d27a43fdcad5f37d3f65706ce6deba5) Signed-off-by: Michael Tokarev diff --git a/tests/qemu-iotests/244 b/tests/qemu-iotests/244 index 3e61fa25bb..bb9cc6512f 100755 --- a/tests/qemu-iotests/244 +++ b/tests/qemu-iotests/244 @@ -215,9 +215,22 @@ $QEMU_IMG convert -f $IMGFMT -O $IMGFMT -n -C "$TEST_IMG.src" "$TEST_IMG" $QEMU_IMG compare -f $IMGFMT -F $IMGFMT "$TEST_IMG.src" "$TEST_IMG" # blkdebug doesn't support copy offloading, so this tests the error path -$QEMU_IMG amend -f $IMGFMT -o "data_file=blkdebug::$TEST_IMG.data" "$TEST_IMG" -$QEMU_IMG convert -f $IMGFMT -O $IMGFMT -n -C "$TEST_IMG.src" "$TEST_IMG" -$QEMU_IMG compare -f $IMGFMT -F $IMGFMT "$TEST_IMG.src" "$TEST_IMG" +test_img_with_blkdebug="json:{ +'driver': 'qcow2', +'file': { +'driver': 'file', +'filename': '$TEST_IMG' +}, +'data-file': { +'driver': 'blkdebug', +'image': { +'driver': 'file', +'filename': '$TEST_IMG.data' +} +} +}" +$QEMU_IMG convert -f $IMGFMT -O $IMGFMT -n -C "$TEST_IMG.src" "$test_img_with_blkdebug" +$QEMU_IMG compare -f $IMGFMT -F $IMGFMT "$TEST_IMG.src" "$test_img_with_blkdebug" echo echo "=== Flushing should flush the data file ===" -- 2.39.2
[Stable-9.0.2 21/22] block: Parse filenames only when explicitly requested
From: Kevin Wolf When handling image filenames from legacy options such as -drive or from tools, these filenames are parsed for protocol prefixes, including for the json:{} pseudo-protocol. This behaviour is intended for filenames that come directly from the command line and for backing files, which may come from the image file itself. Higher level management tools generally take care to verify that untrusted images don't contain a bad (or any) backing file reference; 'qemu-img info' is a suitable tool for this. However, for other files that can be referenced in images, such as qcow2 data files or VMDK extents, the string from the image file is usually not verified by management tools - and 'qemu-img info' wouldn't be suitable because in contrast to backing files, it already opens these other referenced files. So here the string should be interpreted as a literal local filename. More complex configurations need to be specified explicitly on the command line or in QMP. This patch changes bdrv_open_inherit() so that it only parses filenames if a new parameter parse_filename is true. It is set for the top level in bdrv_open(), for the file child and for the backing file child. All other callers pass false and disable filename parsing this way. Cc: qemu-sta...@nongnu.org Signed-off-by: Kevin Wolf Reviewed-by: Eric Blake Reviewed-by: Stefan Hajnoczi Reviewed-by: Hanna Czenczek (cherry picked from commit 7ead946998610657d38d1a505d5f25300d4ca613) Signed-off-by: Michael Tokarev diff --git a/block.c b/block.c index 468cf5e67d..50bdd197b7 100644 --- a/block.c +++ b/block.c @@ -86,6 +86,7 @@ static BlockDriverState *bdrv_open_inherit(const char *filename, BlockDriverState *parent, const BdrvChildClass *child_class, BdrvChildRole child_role, + bool parse_filename, Error **errp); static bool bdrv_recurse_has_child(BlockDriverState *bs, @@ -2058,7 +2059,8 @@ static void parse_json_protocol(QDict *options, const char **pfilename, * block driver has been specified explicitly. */ static int bdrv_fill_options(QDict **options, const char *filename, - int *flags, Error **errp) + int *flags, bool allow_parse_filename, + Error **errp) { const char *drvname; bool protocol = *flags & BDRV_O_PROTOCOL; @@ -2100,7 +2102,7 @@ static int bdrv_fill_options(QDict **options, const char *filename, if (protocol && filename) { if (!qdict_haskey(*options, "filename")) { qdict_put_str(*options, "filename", filename); -parse_filename = true; +parse_filename = allow_parse_filename; } else { error_setg(errp, "Can't specify 'file' and 'filename' options at " "the same time"); @@ -3663,7 +3665,8 @@ int bdrv_open_backing_file(BlockDriverState *bs, QDict *parent_options, } backing_hd = bdrv_open_inherit(backing_filename, reference, options, 0, bs, - _of_bds, bdrv_backing_role(bs), errp); + _of_bds, bdrv_backing_role(bs), true, + errp); if (!backing_hd) { bs->open_flags |= BDRV_O_NO_BACKING; error_prepend(errp, "Could not open backing file: "); @@ -3697,7 +3700,8 @@ free_exit: static BlockDriverState * bdrv_open_child_bs(const char *filename, QDict *options, const char *bdref_key, BlockDriverState *parent, const BdrvChildClass *child_class, - BdrvChildRole child_role, bool allow_none, Error **errp) + BdrvChildRole child_role, bool allow_none, + bool parse_filename, Error **errp) { BlockDriverState *bs = NULL; QDict *image_options; @@ -3728,7 +3732,8 @@ bdrv_open_child_bs(const char *filename, QDict *options, const char *bdref_key, } bs = bdrv_open_inherit(filename, reference, image_options, 0, - parent, child_class, child_role, errp); + parent, child_class, child_role, parse_filename, + errp); if (!bs) { goto done; } @@ -3738,6 +3743,33 @@ done: return bs; } +static BdrvChild *bdrv_open_child_common(const char *filename, + QDict *options, const char *bdref_key, + BlockDriverState *parent, + const BdrvChildClass *child_class, + BdrvChildRole child_role, + bool allow_none, bool parse_filename, +
[Stable-9.0.2 22/22] tcg/optimize: Fix TCG_COND_TST* simplification of setcond2
From: Richard Henderson Argument ordering for setcond2 is: output, a_low, a_high, b_low, b_high, cond The test is supposed to be against b_low, not a_high. Cc: qemu-sta...@nongnu.org Fixes: ceb9ee06b71 ("tcg/optimize: Handle TCG_COND_TST{EQ,NE}") Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2413 Signed-off-by: Richard Henderson Tested-by: Alex Bennée Message-Id: <20240701024623.1265028-1-richard.hender...@linaro.org> (cherry picked from commit a71d9dfbf63db42d6e6ae87fc112d1f5502183bd) Signed-off-by: Michael Tokarev diff --git a/tcg/optimize.c b/tcg/optimize.c index 2e9e5725a9..8c49229d6f 100644 --- a/tcg/optimize.c +++ b/tcg/optimize.c @@ -2274,7 +2274,7 @@ static bool fold_setcond2(OptContext *ctx, TCGOp *op) case TCG_COND_TSTEQ: case TCG_COND_TSTNE: -if (arg_is_const_val(op->args[2], 0)) { +if (arg_is_const_val(op->args[3], 0)) { goto do_setcond_high; } if (arg_is_const_val(op->args[4], 0)) { diff --git a/tests/tcg/x86_64/Makefile.target b/tests/tcg/x86_64/Makefile.target index e64aab1b81..1d427cdc2c 100644 --- a/tests/tcg/x86_64/Makefile.target +++ b/tests/tcg/x86_64/Makefile.target @@ -8,6 +8,8 @@ include $(SRC_PATH)/tests/tcg/i386/Makefile.target +X86_64_TESTS += test-2413 + ifeq ($(filter %-linux-user, $(TARGET)),$(TARGET)) X86_64_TESTS += vsyscall X86_64_TESTS += noexec diff --git a/tests/tcg/x86_64/test-2413.c b/tests/tcg/x86_64/test-2413.c new file mode 100644 index 00..456e5332fc --- /dev/null +++ b/tests/tcg/x86_64/test-2413.c @@ -0,0 +1,30 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ +/* Copyright 2024 Linaro, Ltd. */ +/* See https://gitlab.com/qemu-project/qemu/-/issues/2413 */ + +#include + +void test(unsigned long *a, unsigned long *d, unsigned long c) +{ +asm("xorl %%eax, %%eax\n\t" +"xorl %%edx, %%edx\n\t" +"testb $0x20, %%cl\n\t" +"sete %%al\n\t" +"setne %%dl\n\t" +"shll %%cl, %%eax\n\t" +"shll %%cl, %%edx\n\t" +: "=a"(*a), "=d"(*d) +: "c"(c)); +} + +int main(void) +{ +unsigned long a, c, d; + +for (c = 0; c < 64; c++) { +test(, , c); +assert(a == (c & 0x20 ? 0 : 1u << (c & 0x1f))); +assert(d == (c & 0x20 ? 1u << (c & 0x1f) : 0)); +} +return 0; +} -- 2.39.2
[Stable-9.0.2 13/22] i386/cpu: fixup number of addressable IDs for processor cores in the physical package
From: Chuang Xu When QEMU is started with: -cpu host,host-cache-info=on,l3-cache=off \ -smp 2,sockets=1,dies=1,cores=1,threads=2 Guest can't acquire maximum number of addressable IDs for processor cores in the physical package from CPUID[04H]. When creating a CPU topology of 1 core per package, host-cache-info only uses the Host's addressable core IDs field (CPUID.04H.EAX[bits 31-26]), resulting in a conflict (on the multicore Host) between the Guest core topology information in this field and the Guest's actual cores number. Fix it by removing the unnecessary condition to cover 1 core per package case. This is safe because cores_per_pkg will not be 0 and will be at least 1. Fixes: d7caf13b5fcf ("x86: cpu: fixup number of addressable IDs for logical processors sharing cache") Signed-off-by: Guixiong Wei Signed-off-by: Yipeng Yin Signed-off-by: Chuang Xu Reviewed-by: Zhao Liu Message-ID: <20240611032314.64076-1-xuchuangxc...@bytedance.com> Signed-off-by: Paolo Bonzini (cherry picked from commit 903916f0a017fe4b7789f1c6c6982333a5a71876) Signed-off-by: Michael Tokarev (Mjt: fixup for 9.0 due to other changes in this area past 9.0) diff --git a/target/i386/cpu.c b/target/i386/cpu.c index e693f8ca9a..02a2da04a7 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -6097,10 +6097,8 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count, if (*eax & 31) { int host_vcpus_per_cache = 1 + ((*eax & 0x3FFC000) >> 14); int vcpus_per_socket = cs->nr_cores * cs->nr_threads; -if (cs->nr_cores > 1) { -*eax &= ~0xFC00; -*eax |= (pow2ceil(cs->nr_cores) - 1) << 26; -} +*eax &= ~0xFC00; +*eax |= (pow2ceil(cs->nr_cores) - 1) << 26; if (host_vcpus_per_cache > vcpus_per_socket) { *eax &= ~0x3FFC000; *eax |= (pow2ceil(vcpus_per_socket) - 1) << 14; -- 2.39.2
[Stable-9.0.2 14/22] target/arm: Fix VCMLA Dd, Dn, Dm[idx]
From: Richard Henderson The inner loop, bounded by eltspersegment, must not be larger than the outer loop, bounded by elements. Cc: qemu-sta...@nongnu.org Fixes: 18fc2405781 ("target/arm: Implement SVE fp complex multiply add (indexed)") Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2376 Reviewed-by: Peter Maydell Signed-off-by: Richard Henderson Message-id: 20240625183536.1672454-2-richard.hender...@linaro.org Signed-off-by: Peter Maydell (cherry picked from commit 76bccf3cb9d9383da0128bbc6d1300cddbe3ae8f) Signed-off-by: Michael Tokarev diff --git a/target/arm/tcg/vec_helper.c b/target/arm/tcg/vec_helper.c index 1f93510b85..cc7cab338c 100644 --- a/target/arm/tcg/vec_helper.c +++ b/target/arm/tcg/vec_helper.c @@ -843,7 +843,7 @@ void HELPER(gvec_fcmlah_idx)(void *vd, void *vn, void *vm, void *va, intptr_t index = extract32(desc, SIMD_DATA_SHIFT + 2, 2); uint32_t neg_real = flip ^ neg_imag; intptr_t elements = opr_sz / sizeof(float16); -intptr_t eltspersegment = 16 / sizeof(float16); +intptr_t eltspersegment = MIN(16 / sizeof(float16), elements); intptr_t i, j; /* Shift boolean to the sign bit so we can xor to negate. */ @@ -905,7 +905,7 @@ void HELPER(gvec_fcmlas_idx)(void *vd, void *vn, void *vm, void *va, intptr_t index = extract32(desc, SIMD_DATA_SHIFT + 2, 2); uint32_t neg_real = flip ^ neg_imag; intptr_t elements = opr_sz / sizeof(float32); -intptr_t eltspersegment = 16 / sizeof(float32); +intptr_t eltspersegment = MIN(16 / sizeof(float32), elements); intptr_t i, j; /* Shift boolean to the sign bit so we can xor to negate. */ -- 2.39.2
[Stable-9.0.2 06/22] stdvga: fix screen blanking
From: Gerd Hoffmann In case the display surface uses a shared buffer (i.e. uses vga vram directly instead of a shadow) go unshare the buffer before clearing it. This avoids vga memory corruption, which in turn fixes unblanking not working properly with X11. Cc: qemu-sta...@nongnu.org Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2067 Signed-off-by: Gerd Hoffmann Reviewed-by: Marc-André Lureau Message-ID: <20240605131444.797896-2-kra...@redhat.com> Signed-off-by: Philippe Mathieu-Daudé (cherry picked from commit b1cf266c82cb1211ee2785f1813a6a3f3e693390) Signed-off-by: Michael Tokarev diff --git a/hw/display/vga.c b/hw/display/vga.c index 77f59e8c11..40adeb3e2f 100644 --- a/hw/display/vga.c +++ b/hw/display/vga.c @@ -1772,6 +1772,13 @@ static void vga_draw_blank(VGACommonState *s, int full_update) if (s->last_scr_width <= 0 || s->last_scr_height <= 0) return; +if (is_buffer_shared(surface)) { +/* unshare buffer, otherwise the blanking corrupts vga vram */ +surface = qemu_create_displaysurface(s->last_scr_width, + s->last_scr_height); +dpy_gfx_replace_surface(s->con, surface); +} + w = s->last_scr_width * surface_bytes_per_pixel(surface); d = surface_data(surface); for(i = 0; i < s->last_scr_height; i++) { -- 2.39.2
[Stable-9.0.2 20/22] iotests/270: Don't store data-file with json: prefix in image
From: Kevin Wolf We want to disable filename parsing for data files because it's too easy to abuse in malicious image files. Make the test ready for the change by passing the data file explicitly in command line options. Cc: qemu-sta...@nongnu.org Signed-off-by: Kevin Wolf Reviewed-by: Eric Blake Reviewed-by: Stefan Hajnoczi Reviewed-by: Hanna Czenczek (cherry picked from commit 7e1110664ecbc4826f3c978ccb06b6c1bce823e6) Signed-off-by: Michael Tokarev diff --git a/tests/qemu-iotests/270 b/tests/qemu-iotests/270 index 74352342db..c37b674aa2 100755 --- a/tests/qemu-iotests/270 +++ b/tests/qemu-iotests/270 @@ -60,8 +60,16 @@ _make_test_img -o cluster_size=2M,data_file="$TEST_IMG.orig" \ # "write" 2G of data without using any space. # (qemu-img create does not like it, though, because null-co does not # support image creation.) -$QEMU_IMG amend -o data_file="json:{'driver':'null-co',,'size':'4294967296'}" \ -"$TEST_IMG" +test_img_with_null_data="json:{ +'driver': '$IMGFMT', +'file': { +'filename': '$TEST_IMG' +}, +'data-file': { +'driver': 'null-co', +'size':'4294967296' +} +}" # This gives us a range of: # 2^31 - 512 + 768 - 1 = 2^31 + 255 > 2^31 @@ -74,7 +82,7 @@ $QEMU_IMG amend -o data_file="json:{'driver':'null-co',,'size':'4294967296'}" \ # on L2 boundaries, we need large L2 tables; hence the cluster size of # 2 MB. (Anything from 256 kB should work, though, because then one L2 # table covers 8 GB.) -$QEMU_IO -c "write 768 $((2 ** 31 - 512))" "$TEST_IMG" | _filter_qemu_io +$QEMU_IO -c "write 768 $((2 ** 31 - 512))" "$test_img_with_null_data" | _filter_qemu_io _check_test_img -- 2.39.2
[Stable-9.0.2 16/22] hw/core: allow parameter=1 for SMP topology on any machine
From: Daniel P. Berrangé This effectively reverts commit 54c4ea8f3ae614054079395842128a856a73dbf9 Author: Zhao Liu Date: Sat Mar 9 00:01:37 2024 +0800 hw/core/machine-smp: Deprecate unsupported "parameter=1" SMP configurations but is not done as a 'git revert' since the part of the changes to the file hw/core/machine-smp.c which add 'has_XXX' checks remain desirable. Furthermore, we have to tweak the subsequently added unit test to account for differing warning message. The rationale for the original deprecation was: "Currently, it was allowed for users to specify the unsupported topology parameter as "1". For example, x86 PC machine doesn't support drawer/book/cluster topology levels, but user could specify "-smp drawers=1,books=1,clusters=1". This is meaningless and confusing, so that the support for this kind of configurations is marked deprecated since 9.0." There are varying POVs on the topic of 'unsupported' topology levels. It is common to say that on a system without hyperthreading, that there is always 1 thread. Likewise when new CPUs introduced a concept of multiple "dies', it was reasonable to say that all historical CPUs before that implicitly had 1 'die'. Likewise for the more recently introduced 'modules' and 'clusters' parameter'. From this POV, it is valid to set 'parameter=1' on the -smp command line for any machine, only a value > 1 is strictly an error condition. It doesn't cause any functional difficulty for QEMU, because internally the QEMU code is itself assuming that all "unsupported" parameters implicitly have a value of '1'. At the libvirt level, we've allowed applications to set 'parameter=1' when configuring a guest, and pass that through to QEMU. Deprecating this creates extra difficulty for because there's no info exposed from QEMU about which machine types "support" which parameters. Thus, libvirt can't know whether it is valid to pass 'parameter=1' for a given machine type, or whether it will trigger deprecation messages. Since there's no apparent functional benefit to deleting this deprecated behaviour from QEMU, and it creates problems for consumers of QEMU, remove this deprecation. Signed-off-by: Daniel P. Berrangé Reviewed-by: Zhao Liu Reviewed-by: Ján Tomko Message-ID: <20240513123358.612355-2-berra...@redhat.com> Signed-off-by: Philippe Mathieu-Daudé (cherry picked from commit 9d7950edb0cdf8f4e5746e220e6e8a9e713bad16) Signed-off-by: Michael Tokarev (Mjt: remove hunk about modules in hw/core/machine-smp.c introduced in v9.0.0-155-g8ec0a4634798 "hw/core/machine: Support modules in -smp") diff --git a/hw/core/machine-smp.c b/hw/core/machine-smp.c index 27864c9507..b5e3849d3d 100644 --- a/hw/core/machine-smp.c +++ b/hw/core/machine-smp.c @@ -112,62 +112,38 @@ void machine_parse_smp_config(MachineState *ms, } /* - * If not supported by the machine, a topology parameter must be - * omitted. + * If not supported by the machine, a topology parameter must + * not be set to a value greater than 1. */ -if (!mc->smp_props.clusters_supported && config->has_clusters) { -if (config->clusters > 1) { -error_setg(errp, "clusters not supported by this " - "machine's CPU topology"); -return; -} else { -/* Here clusters only equals 1 since we've checked zero case. */ -warn_report("Deprecated CPU topology (considered invalid): " -"Unsupported clusters parameter mustn't be " -"specified as 1"); -} +if (!mc->smp_props.clusters_supported && +config->has_clusters && config->clusters > 1) { +error_setg(errp, + "clusters > 1 not supported by this machine's CPU topology"); +return; } clusters = clusters > 0 ? clusters : 1; -if (!mc->smp_props.dies_supported && config->has_dies) { -if (config->dies > 1) { -error_setg(errp, "dies not supported by this " - "machine's CPU topology"); -return; -} else { -/* Here dies only equals 1 since we've checked zero case. */ -warn_report("Deprecated CPU topology (considered invalid): " -"Unsupported dies parameter mustn't be " -"specified as 1"); -} +if (!mc->smp_props.dies_supported && +config->has_dies && config->dies > 1) { +error_setg(errp, + "dies > 1 not supported by this machine's CPU topology"); +return; } dies = dies > 0 ? dies : 1; -if
[Stable-9.0.2 04/22] Revert "monitor: use aio_co_reschedule_self()"
From: Stefan Hajnoczi Commit 1f25c172f837 ("monitor: use aio_co_reschedule_self()") was a code cleanup that uses aio_co_reschedule_self() instead of open coding coroutine rescheduling. Bug RHEL-34618 was reported and Kevin Wolf identified the root cause. I missed that aio_co_reschedule_self() -> qemu_get_current_aio_context() only knows about qemu_aio_context/IOThread AioContexts and not about iohandler_ctx. It does not function correctly when going back from the iohandler_ctx to qemu_aio_context. Go back to open coding the AioContext transitions to avoid this bug. This reverts commit 1f25c172f83704e350c0829438d832384084a74d. Cc: qemu-sta...@nongnu.org Buglink: https://issues.redhat.com/browse/RHEL-34618 Signed-off-by: Stefan Hajnoczi Message-ID: <20240506190622.56095-2-stefa...@redhat.com> Reviewed-by: Kevin Wolf Signed-off-by: Kevin Wolf (cherry picked from commit 719c6819ed9a9838520fa732f9861918dc693bda) Signed-off-by: Michael Tokarev diff --git a/qapi/qmp-dispatch.c b/qapi/qmp-dispatch.c index f3488afeef..176b549473 100644 --- a/qapi/qmp-dispatch.c +++ b/qapi/qmp-dispatch.c @@ -212,7 +212,8 @@ QDict *coroutine_mixed_fn qmp_dispatch(const QmpCommandList *cmds, QObject *requ * executing the command handler so that it can make progress if it * involves an AIO_WAIT_WHILE(). */ -aio_co_reschedule_self(qemu_get_aio_context()); +aio_co_schedule(qemu_get_aio_context(), qemu_coroutine_self()); +qemu_coroutine_yield(); } monitor_set_cur(qemu_coroutine_self(), cur_mon); @@ -226,7 +227,9 @@ QDict *coroutine_mixed_fn qmp_dispatch(const QmpCommandList *cmds, QObject *requ * Move back to iohandler_ctx so that nested event loops for * qemu_aio_context don't start new monitor commands. */ -aio_co_reschedule_self(iohandler_get_aio_context()); +aio_co_schedule(iohandler_get_aio_context(), +qemu_coroutine_self()); +qemu_coroutine_yield(); } } else { /* -- 2.39.2
[Stable-9.0.2 11/22] migration: Fix file migration with fdset
From: Fabiano Rosas When the "file:" migration support was added we missed the special case in the qemu_open_old implementation that allows for a particular file name format to be used to refer to a set of file descriptors that have been previously provided to QEMU via the add-fd QMP command. When using this fdset feature, we should not truncate the migration file because being given an fd means that the management layer is in control of the file and will likely already have some data written to it. This is further indicated by the presence of the 'offset' argument, which indicates the start of the region where QEMU is allowed to write. Fix the issue by replacing the O_TRUNC flag on open by an ftruncate call, which will take the offset into consideration. Fixes: 385f510df5 ("migration: file URI offset") Suggested-by: Daniel P. Berrangé Reviewed-by: Prasad Pandit Reviewed-by: Peter Xu Reviewed-by: Daniel P. Berrangé Signed-off-by: Fabiano Rosas (cherry picked from commit 6d3279655ac49b806265f08415165f471d33e032) Signed-off-by: Michael Tokarev diff --git a/migration/file.c b/migration/file.c index ab18ba505a..ba5b5c44ff 100644 --- a/migration/file.c +++ b/migration/file.c @@ -84,12 +84,19 @@ void file_start_outgoing_migration(MigrationState *s, trace_migration_file_outgoing(filename); -fioc = qio_channel_file_new_path(filename, O_CREAT | O_WRONLY | O_TRUNC, - 0600, errp); +fioc = qio_channel_file_new_path(filename, O_CREAT | O_WRONLY, 0600, errp); if (!fioc) { return; } +if (ftruncate(fioc->fd, offset)) { +error_setg_errno(errp, errno, + "failed to truncate migration file to offset %" PRIx64, + offset); +object_unref(OBJECT(fioc)); +return; +} + outgoing_args.fname = g_strdup(filename); ioc = QIO_CHANNEL(fioc); -- 2.39.2
[Stable-9.0.2 10/22] tcg/loongarch64: Fix tcg_out_movi vs some pcrel pointers
From: Richard Henderson Simplify the logic for two-part, 32-bit pc-relative addresses. Rather than assume all such fit in int32_t, do some arithmetic and assert a result, do some arithmetic first and then check to see if the pieces are in range. Cc: qemu-sta...@nongnu.org Fixes: dacc51720db ("tcg/loongarch64: Implement tcg_out_mov and tcg_out_movi") Reviewed-by: Song Gao Reported-by: Song Gao Signed-off-by: Richard Henderson (cherry picked from commit 521d7fb3ebdf88112ed13556a93e3037742b9eb8) Signed-off-by: Michael Tokarev diff --git a/tcg/loongarch64/tcg-target.c.inc b/tcg/loongarch64/tcg-target.c.inc index 06ca1ab11c..8f68bd3e51 100644 --- a/tcg/loongarch64/tcg-target.c.inc +++ b/tcg/loongarch64/tcg-target.c.inc @@ -366,8 +366,7 @@ static void tcg_out_movi(TCGContext *s, TCGType type, TCGReg rd, * back to the slow path. */ -intptr_t pc_offset; -tcg_target_long val_lo, val_hi, pc_hi, offset_hi; +intptr_t src_rx, pc_offset; tcg_target_long hi12, hi32, hi52; /* Value fits in signed i32. */ @@ -377,24 +376,23 @@ static void tcg_out_movi(TCGContext *s, TCGType type, TCGReg rd, } /* PC-relative cases. */ -pc_offset = tcg_pcrel_diff(s, (void *)val); -if (pc_offset == sextreg(pc_offset, 0, 22) && (pc_offset & 3) == 0) { -/* Single pcaddu2i. */ -tcg_out_opc_pcaddu2i(s, rd, pc_offset >> 2); -return; +src_rx = (intptr_t)tcg_splitwx_to_rx(s->code_ptr); +if ((val & 3) == 0) { +pc_offset = val - src_rx; +if (pc_offset == sextreg(pc_offset, 0, 22)) { +/* Single pcaddu2i. */ +tcg_out_opc_pcaddu2i(s, rd, pc_offset >> 2); +return; +} } -if (pc_offset == (int32_t)pc_offset) { -/* Offset within 32 bits; load with pcalau12i + ori. */ -val_lo = sextreg(val, 0, 12); -val_hi = val >> 12; -pc_hi = (val - pc_offset) >> 12; -offset_hi = val_hi - pc_hi; - -tcg_debug_assert(offset_hi == sextreg(offset_hi, 0, 20)); -tcg_out_opc_pcalau12i(s, rd, offset_hi); +pc_offset = (val >> 12) - (src_rx >> 12); +if (pc_offset == sextreg(pc_offset, 0, 20)) { +/* Load with pcalau12i + ori. */ +tcg_target_long val_lo = val & 0xfff; +tcg_out_opc_pcalau12i(s, rd, pc_offset); if (val_lo != 0) { -tcg_out_opc_ori(s, rd, rd, val_lo & 0xfff); +tcg_out_opc_ori(s, rd, rd, val_lo); } return; } -- 2.39.2
[Stable-9.0.2 02/22] virtio-net: drop too short packets early
From: Alexey Dobriyan Reproducer from https://gitlab.com/qemu-project/qemu/-/issues/1451 creates small packet (1 segment, len = 10 == n->guest_hdr_len), then destroys queue. "if (n->host_hdr_len != n->guest_hdr_len)" is triggered, if body creates zero length/zero segment packet as there is nothing after guest header. qemu_sendv_packet_async() tries to send it. slirp discards it because it is smaller than Ethernet header, but returns 0 because tx hooks are supposed to return total length of data. 0 is propagated upwards and is interpreted as "packet has been sent" which is terrible because queue is being destroyed, nobody is waiting for TX to complete and assert it triggered. Fix is discard such empty packets instead of sending them. Length 1 packets will go via different codepath: virtqueue_push(q->tx_vq, elem, 0); virtio_notify(vdev, q->tx_vq); g_free(elem); and aren't problematic. Signed-off-by: Alexey Dobriyan Signed-off-by: Jason Wang (cherry picked from commit 2c3e4e2de699cd4d9f6c71f30a22d8f125cd6164) Signed-off-by: Michael Tokarev diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c index 24e5e7d347..3644bfd91b 100644 --- a/hw/net/virtio-net.c +++ b/hw/net/virtio-net.c @@ -2749,18 +2749,14 @@ static int32_t virtio_net_flush_tx(VirtIONetQueue *q) out_sg = elem->out_sg; if (out_num < 1) { virtio_error(vdev, "virtio-net header not in first element"); -virtqueue_detach_element(q->tx_vq, elem, 0); -g_free(elem); -return -EINVAL; +goto detach; } if (n->has_vnet_hdr) { if (iov_to_buf(out_sg, out_num, 0, , n->guest_hdr_len) < n->guest_hdr_len) { virtio_error(vdev, "virtio-net header incorrect"); -virtqueue_detach_element(q->tx_vq, elem, 0); -g_free(elem); -return -EINVAL; +goto detach; } if (n->needs_vnet_hdr_swap) { virtio_net_hdr_swap(vdev, (void *) ); @@ -2791,6 +2787,11 @@ static int32_t virtio_net_flush_tx(VirtIONetQueue *q) n->guest_hdr_len, -1); out_num = sg_num; out_sg = sg; + +if (out_num < 1) { +virtio_error(vdev, "virtio-net nothing to send"); +goto detach; +} } ret = qemu_sendv_packet_async(qemu_get_subqueue(n->nic, queue_index), @@ -2811,6 +2812,11 @@ drop: } } return num_packets; + +detach: +virtqueue_detach_element(q->tx_vq, elem, 0); +g_free(elem); +return -EINVAL; } static void virtio_net_tx_timer(void *opaque); -- 2.39.2
[Stable-9.0.2 09/22] target/sparc: use signed denominator in sdiv helper
From: Clément Chigot The result has to be done with the signed denominator (b32) instead of the unsigned value passed in argument (b). Cc: qemu-sta...@nongnu.org Fixes: 1326010322d6 ("target/sparc: Remove CC_OP_DIV") Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2319 Signed-off-by: Clément Chigot Reviewed-by: Richard Henderson Message-Id: <20240606144331.698361-1-chi...@adacore.com> Signed-off-by: Richard Henderson (cherry picked from commit 6b4965373e561b77f91cfbdf41353635c9661358) Signed-off-by: Michael Tokarev diff --git a/target/sparc/helper.c b/target/sparc/helper.c index 2247e243b5..7846ddd6f6 100644 --- a/target/sparc/helper.c +++ b/target/sparc/helper.c @@ -121,7 +121,7 @@ uint64_t helper_sdiv(CPUSPARCState *env, target_ulong a, target_ulong b) return (uint32_t)(b32 < 0 ? INT32_MAX : INT32_MIN) | (-1ull << 32); } -a64 /= b; +a64 /= b32; r = a64; if (unlikely(r != a64)) { return (uint32_t)(a64 < 0 ? INT32_MIN : INT32_MAX) | (-1ull << 32); -- 2.39.2
[Stable-9.0.2 00/22] Patch Round-up for stable 9.0.2, freeze on 2024-07-14
The following patches are queued for QEMU stable v9.0.2: https://gitlab.com/qemu-project/qemu/-/commits/staging-9.0 Patch freeze is 2024-07-14, and the release is planned for 2024-07-16: https://wiki.qemu.org/Planning/9.0 Please respond here or CC qemu-sta...@nongnu.org on any additional patches you think should (or shouldn't) be included in the release. The changes which are staging for inclusion, with the original commit hash from master branch, are given below the bottom line. Thanks! /mjt -- 01 3973615e7fba Mark Cave-Ayland: target/i386: fix size of EBP writeback in gen_enter() 02 2c3e4e2de699 Alexey Dobriyan: virtio-net: drop too short packets early 03 77bf310084da Dongwon Kim: ui/gtk: Draw guest frame at refresh cycle 04 719c6819ed9a Stefan Hajnoczi: Revert "monitor: use aio_co_reschedule_self()" 05 a276ec8e2632 Philippe Mathieu-Daudé: hw/audio/virtio-snd: Always use little endian audio format 06 b1cf266c82cb Gerd Hoffmann: stdvga: fix screen blanking 07 3b279f73fa37 Anton Johansson: accel/tcg: Fix typo causing tb->page_addr[1] to not be recorded 08 54b27921026d Ilya Leoshkevich: linux-user: Make TARGET_NR_setgroups affect only the current thread 09 6b4965373e56 Clément Chigot: target/sparc: use signed denominator in sdiv helper 10 521d7fb3ebdf Richard Henderson: tcg/loongarch64: Fix tcg_out_movi vs some pcrel pointers 11 6d3279655ac4 Fabiano Rosas: migration: Fix file migration with fdset 12 641b1efe01b2 Thomas Huth: tests: Update our CI to use CentOS Stream 9 instead of 8 13 903916f0a017 Chuang Xu: i386/cpu: fixup number of addressable IDs for processor cores in the physical package 14 76bccf3cb9d9 Richard Henderson: target/arm: Fix VCMLA Dd, Dn, Dm[idx] 15 7619129f0d4a Richard Henderson: target/arm: Fix FJCVTZS vs flush-to-zero 16 9d7950edb0cd Daniel P. Berrangé: hw/core: allow parameter=1 for SMP topology on any machine 17 e68dcbb07923 Daniel P. Berrangé: tests: add testing of parameter=1 for SMP topology 18 bd385a5298d7 Kevin Wolf: qcow2: Don't open data_file with BDRV_O_NO_IO 19 2eb42a728d27 Kevin Wolf: iotests/244: Don't store data-file with protocol in image 20 7e1110664ecb Kevin Wolf: iotests/270: Don't store data-file with json: prefix in image 21 7ead94699861 Kevin Wolf: block: Parse filenames only when explicitly requested 22 a71d9dfbf63d Richard Henderson: tcg/optimize: Fix TCG_COND_TST* simplification of setcond2
[Stable-9.0.2 01/22] target/i386: fix size of EBP writeback in gen_enter()
From: Mark Cave-Ayland The calculation of FrameTemp is done using the size indicated by mo_pushpop() before being written back to EBP, but the final writeback to EBP is done using the size indicated by mo_stacksize(). In the case where mo_pushpop() is MO_32 and mo_stacksize() is MO_16 then the final writeback to EBP is done using MO_16 which can leave junk in the top 16-bits of EBP after executing ENTER. Change the writeback of EBP to use the same size indicated by mo_pushpop() to ensure that the full value is written back. Signed-off-by: Mark Cave-Ayland Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2198 Message-ID: <20240606095319.229650-5-mark.cave-ayl...@ilande.co.uk> Cc: qemu-sta...@nongnu.org Signed-off-by: Paolo Bonzini (cherry picked from commit 3973615e7fbaeef1deeaa067577e373781ced70a) Signed-off-by: Michael Tokarev diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c index a55df176c6..26ed900f34 100644 --- a/target/i386/tcg/translate.c +++ b/target/i386/tcg/translate.c @@ -2684,7 +2684,7 @@ static void gen_enter(DisasContext *s, int esp_addend, int level) } /* Copy the FrameTemp value to EBP. */ -gen_op_mov_reg_v(s, a_ot, R_EBP, s->T1); +gen_op_mov_reg_v(s, d_ot, R_EBP, s->T1); /* Compute the final value of ESP. */ tcg_gen_subi_tl(s->T1, s->T1, esp_addend + size * level); -- 2.39.2
[Stable-8.2.6 02/18] virtio-net: drop too short packets early
From: Alexey Dobriyan Reproducer from https://gitlab.com/qemu-project/qemu/-/issues/1451 creates small packet (1 segment, len = 10 == n->guest_hdr_len), then destroys queue. "if (n->host_hdr_len != n->guest_hdr_len)" is triggered, if body creates zero length/zero segment packet as there is nothing after guest header. qemu_sendv_packet_async() tries to send it. slirp discards it because it is smaller than Ethernet header, but returns 0 because tx hooks are supposed to return total length of data. 0 is propagated upwards and is interpreted as "packet has been sent" which is terrible because queue is being destroyed, nobody is waiting for TX to complete and assert it triggered. Fix is discard such empty packets instead of sending them. Length 1 packets will go via different codepath: virtqueue_push(q->tx_vq, elem, 0); virtio_notify(vdev, q->tx_vq); g_free(elem); and aren't problematic. Signed-off-by: Alexey Dobriyan Signed-off-by: Jason Wang (cherry picked from commit 2c3e4e2de699cd4d9f6c71f30a22d8f125cd6164) Signed-off-by: Michael Tokarev diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c index 8451dbee41..0467b3bd8a 100644 --- a/hw/net/virtio-net.c +++ b/hw/net/virtio-net.c @@ -2709,18 +2709,14 @@ static int32_t virtio_net_flush_tx(VirtIONetQueue *q) out_sg = elem->out_sg; if (out_num < 1) { virtio_error(vdev, "virtio-net header not in first element"); -virtqueue_detach_element(q->tx_vq, elem, 0); -g_free(elem); -return -EINVAL; +goto detach; } if (n->has_vnet_hdr) { if (iov_to_buf(out_sg, out_num, 0, , n->guest_hdr_len) < n->guest_hdr_len) { virtio_error(vdev, "virtio-net header incorrect"); -virtqueue_detach_element(q->tx_vq, elem, 0); -g_free(elem); -return -EINVAL; +goto detach; } if (n->needs_vnet_hdr_swap) { virtio_net_hdr_swap(vdev, (void *) ); @@ -2751,6 +2747,11 @@ static int32_t virtio_net_flush_tx(VirtIONetQueue *q) n->guest_hdr_len, -1); out_num = sg_num; out_sg = sg; + +if (out_num < 1) { +virtio_error(vdev, "virtio-net nothing to send"); +goto detach; +} } ret = qemu_sendv_packet_async(qemu_get_subqueue(n->nic, queue_index), @@ -2771,6 +2772,11 @@ drop: } } return num_packets; + +detach: +virtqueue_detach_element(q->tx_vq, elem, 0); +g_free(elem); +return -EINVAL; } static void virtio_net_tx_timer(void *opaque); -- 2.39.2
[Stable-8.2.6 05/18] stdvga: fix screen blanking
From: Gerd Hoffmann In case the display surface uses a shared buffer (i.e. uses vga vram directly instead of a shadow) go unshare the buffer before clearing it. This avoids vga memory corruption, which in turn fixes unblanking not working properly with X11. Cc: qemu-sta...@nongnu.org Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2067 Signed-off-by: Gerd Hoffmann Reviewed-by: Marc-André Lureau Message-ID: <20240605131444.797896-2-kra...@redhat.com> Signed-off-by: Philippe Mathieu-Daudé (cherry picked from commit b1cf266c82cb1211ee2785f1813a6a3f3e693390) Signed-off-by: Michael Tokarev diff --git a/hw/display/vga.c b/hw/display/vga.c index 37557c3442..cb6b6ee2ca 100644 --- a/hw/display/vga.c +++ b/hw/display/vga.c @@ -1748,6 +1748,13 @@ static void vga_draw_blank(VGACommonState *s, int full_update) if (s->last_scr_width <= 0 || s->last_scr_height <= 0) return; +if (is_buffer_shared(surface)) { +/* unshare buffer, otherwise the blanking corrupts vga vram */ +surface = qemu_create_displaysurface(s->last_scr_width, + s->last_scr_height); +dpy_gfx_replace_surface(s->con, surface); +} + w = s->last_scr_width * surface_bytes_per_pixel(surface); d = surface_data(surface); for(i = 0; i < s->last_scr_height; i++) { -- 2.39.2
[Stable-8.2.6 08/18] target/sparc: use signed denominator in sdiv helper
From: Clément Chigot The result has to be done with the signed denominator (b32) instead of the unsigned value passed in argument (b). Cc: qemu-sta...@nongnu.org Fixes: 1326010322d6 ("target/sparc: Remove CC_OP_DIV") Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2319 Signed-off-by: Clément Chigot Reviewed-by: Richard Henderson Message-Id: <20240606144331.698361-1-chi...@adacore.com> Signed-off-by: Richard Henderson (cherry picked from commit 6b4965373e561b77f91cfbdf41353635c9661358) Signed-off-by: Michael Tokarev diff --git a/target/sparc/helper.c b/target/sparc/helper.c index bd10b60e4b..8820c59e7c 100644 --- a/target/sparc/helper.c +++ b/target/sparc/helper.c @@ -121,7 +121,7 @@ uint64_t helper_sdiv(CPUSPARCState *env, target_ulong a, target_ulong b) return (uint32_t)(b32 < 0 ? INT32_MAX : INT32_MIN) | (-1ull << 32); } -a64 /= b; +a64 /= b32; r = a64; if (unlikely(r != a64)) { return (uint32_t)(a64 < 0 ? INT32_MIN : INT32_MAX) | (-1ull << 32); -- 2.39.2
[Stable-8.2.6 06/18] accel/tcg: Fix typo causing tb->page_addr[1] to not be recorded
From: Anton Johansson For TBs crossing page boundaries, the 2nd page will never be recorded/removed, as the index of the 2nd page is computed from the address of the 1st page. This is due to a typo, fix it. Cc: qemu-sta...@nongnu.org Fixes: deba78709a ("accel/tcg: Always lock pages before translation") Signed-off-by: Anton Johansson Reviewed-by: Manos Pitsidianakis Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Alex Bennée Message-Id: <20240612133031.15298-1-a...@rev.ng> Signed-off-by: Richard Henderson (cherry picked from commit 3b279f73fa37bec8d3ba04a15f5153d6491cffaf) Signed-off-by: Michael Tokarev diff --git a/accel/tcg/tb-maint.c b/accel/tcg/tb-maint.c index 0d069a081e..1510f111d6 100644 --- a/accel/tcg/tb-maint.c +++ b/accel/tcg/tb-maint.c @@ -712,7 +712,7 @@ static void tb_record(TranslationBlock *tb) tb_page_addr_t paddr0 = tb_page_addr0(tb); tb_page_addr_t paddr1 = tb_page_addr1(tb); tb_page_addr_t pindex0 = paddr0 >> TARGET_PAGE_BITS; -tb_page_addr_t pindex1 = paddr0 >> TARGET_PAGE_BITS; +tb_page_addr_t pindex1 = paddr1 >> TARGET_PAGE_BITS; assert(paddr0 != -1); if (unlikely(paddr1 != -1) && pindex0 != pindex1) { @@ -744,7 +744,7 @@ static void tb_remove(TranslationBlock *tb) tb_page_addr_t paddr0 = tb_page_addr0(tb); tb_page_addr_t paddr1 = tb_page_addr1(tb); tb_page_addr_t pindex0 = paddr0 >> TARGET_PAGE_BITS; -tb_page_addr_t pindex1 = paddr0 >> TARGET_PAGE_BITS; +tb_page_addr_t pindex1 = paddr1 >> TARGET_PAGE_BITS; assert(paddr0 != -1); if (unlikely(paddr1 != -1) && pindex0 != pindex1) { -- 2.39.2
[Stable-8.2.6 10/18] migration: Fix file migration with fdset
From: Fabiano Rosas When the "file:" migration support was added we missed the special case in the qemu_open_old implementation that allows for a particular file name format to be used to refer to a set of file descriptors that have been previously provided to QEMU via the add-fd QMP command. When using this fdset feature, we should not truncate the migration file because being given an fd means that the management layer is in control of the file and will likely already have some data written to it. This is further indicated by the presence of the 'offset' argument, which indicates the start of the region where QEMU is allowed to write. Fix the issue by replacing the O_TRUNC flag on open by an ftruncate call, which will take the offset into consideration. Fixes: 385f510df5 ("migration: file URI offset") Suggested-by: Daniel P. Berrangé Reviewed-by: Prasad Pandit Reviewed-by: Peter Xu Reviewed-by: Daniel P. Berrangé Signed-off-by: Fabiano Rosas (cherry picked from commit 6d3279655ac49b806265f08415165f471d33e032) Signed-off-by: Michael Tokarev (Mjt: context fixup in migration/file.c due to missing v8.2.0-1958-gb7b03eb614d0 "migration/multifd: Add outgoing QIOChannelFile support") diff --git a/migration/file.c b/migration/file.c index 5d4975f43e..fb3f743e54 100644 --- a/migration/file.c +++ b/migration/file.c @@ -46,12 +46,19 @@ void file_start_outgoing_migration(MigrationState *s, trace_migration_file_outgoing(filename); -fioc = qio_channel_file_new_path(filename, O_CREAT | O_WRONLY | O_TRUNC, - 0600, errp); +fioc = qio_channel_file_new_path(filename, O_CREAT | O_WRONLY, 0600, errp); if (!fioc) { return; } +if (ftruncate(fioc->fd, offset)) { +error_setg_errno(errp, errno, + "failed to truncate migration file to offset %" PRIx64, + offset); +object_unref(OBJECT(fioc)); +return; +} + ioc = QIO_CHANNEL(fioc); if (offset && qio_channel_io_seek(ioc, offset, SEEK_SET, errp) < 0) { return; -- 2.39.2
[Stable-8.2.6 13/18] target/arm: Fix VCMLA Dd, Dn, Dm[idx]
From: Richard Henderson The inner loop, bounded by eltspersegment, must not be larger than the outer loop, bounded by elements. Cc: qemu-sta...@nongnu.org Fixes: 18fc2405781 ("target/arm: Implement SVE fp complex multiply add (indexed)") Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2376 Reviewed-by: Peter Maydell Signed-off-by: Richard Henderson Message-id: 20240625183536.1672454-2-richard.hender...@linaro.org Signed-off-by: Peter Maydell (cherry picked from commit 76bccf3cb9d9383da0128bbc6d1300cddbe3ae8f) Signed-off-by: Michael Tokarev diff --git a/target/arm/tcg/vec_helper.c b/target/arm/tcg/vec_helper.c index 1f93510b85..cc7cab338c 100644 --- a/target/arm/tcg/vec_helper.c +++ b/target/arm/tcg/vec_helper.c @@ -843,7 +843,7 @@ void HELPER(gvec_fcmlah_idx)(void *vd, void *vn, void *vm, void *va, intptr_t index = extract32(desc, SIMD_DATA_SHIFT + 2, 2); uint32_t neg_real = flip ^ neg_imag; intptr_t elements = opr_sz / sizeof(float16); -intptr_t eltspersegment = 16 / sizeof(float16); +intptr_t eltspersegment = MIN(16 / sizeof(float16), elements); intptr_t i, j; /* Shift boolean to the sign bit so we can xor to negate. */ @@ -905,7 +905,7 @@ void HELPER(gvec_fcmlas_idx)(void *vd, void *vn, void *vm, void *va, intptr_t index = extract32(desc, SIMD_DATA_SHIFT + 2, 2); uint32_t neg_real = flip ^ neg_imag; intptr_t elements = opr_sz / sizeof(float32); -intptr_t eltspersegment = 16 / sizeof(float32); +intptr_t eltspersegment = MIN(16 / sizeof(float32), elements); intptr_t i, j; /* Shift boolean to the sign bit so we can xor to negate. */ -- 2.39.2
[Stable-8.2.6 04/18] hw/audio/virtio-snd: Always use little endian audio format
From: Philippe Mathieu-Daudé The VIRTIO Sound Device conforms with the Virtio spec v1.2, thus only use little endianness. Remove the suspicious target_words_bigendian() noticed during code review. Cc: qemu-sta...@nongnu.org Fixes: eb9ad377bb ("virtio-sound: handle control messages and streams") Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Michael S. Tsirkin Message-Id: <20240422211830.25606-1-phi...@linaro.org> (cherry picked from commit a276ec8e2632c9015d0f9b4e47194e4e91dfa8bb) Signed-off-by: Michael Tokarev diff --git a/hw/audio/virtio-snd.c b/hw/audio/virtio-snd.c index 823f9ab084..092ba2302b 100644 --- a/hw/audio/virtio-snd.c +++ b/hw/audio/virtio-snd.c @@ -401,7 +401,7 @@ static void virtio_snd_get_qemu_audsettings(audsettings *as, as->nchannels = MIN(AUDIO_MAX_CHANNELS, params->channels); as->fmt = virtio_snd_get_qemu_format(params->format); as->freq = virtio_snd_get_qemu_freq(params->rate); -as->endianness = target_words_bigendian() ? 1 : 0; +as->endianness = 0; /* Conforming to VIRTIO 1.0: always little endian. */ } /* -- 2.39.2
[Stable-8.2.6 11/18] tests: Update our CI to use CentOS Stream 9 instead of 8
From: Thomas Huth RHEL 9 (and thus also the derivatives) have been available since two years now, so according to QEMU's support policy, we can drop the active support for the previous major version 8 now. Another reason for doing this is that Centos Stream 8 will go EOL soon: https://blog.centos.org/2023/04/end-dates-are-coming-for-centos-stream-8-and-centos-linux-7/ "After May 31, 2024, CentOS Stream 8 will be archived and no further updates will be provided." Thus upgrade our CentOS Stream container to major version 9 now. Reviewed-by: Daniel P. Berrangé Message-ID: <20240418101056.302103-5-th...@redhat.com> Signed-off-by: Thomas Huth (cherry picked from commit 641b1efe01b2dd6e7ac92f23d392dcee73508746) Signed-off-by: Michael Tokarev diff --git a/.gitlab-ci.d/buildtest.yml b/.gitlab-ci.d/buildtest.yml index 96d6744525..0ac3124c23 100644 --- a/.gitlab-ci.d/buildtest.yml +++ b/.gitlab-ci.d/buildtest.yml @@ -158,9 +158,9 @@ build-system-centos: - .native_build_job_template - .native_build_artifact_template needs: -job: amd64-centos8-container +job: amd64-centos9-container variables: -IMAGE: centos8 +IMAGE: centos9 CONFIGURE_ARGS: --disable-nettle --enable-gcrypt --enable-vfio-user-server --enable-modules --enable-trace-backends=dtrace --enable-docs TARGETS: ppc64-softmmu or1k-softmmu s390x-softmmu @@ -173,7 +173,7 @@ check-system-centos: - job: build-system-centos artifacts: true variables: -IMAGE: centos8 +IMAGE: centos9 MAKE_CHECK_ARGS: check avocado-system-centos: @@ -182,7 +182,7 @@ avocado-system-centos: - job: build-system-centos artifacts: true variables: -IMAGE: centos8 +IMAGE: centos9 MAKE_CHECK_ARGS: check-avocado AVOCADO_TAGS: arch:ppc64 arch:or1k arch:390x arch:x86_64 arch:rx arch:sh4 arch:nios2 @@ -258,9 +258,9 @@ avocado-system-flaky: build-tcg-disabled: extends: .native_build_job_template needs: -job: amd64-centos8-container +job: amd64-centos9-container variables: -IMAGE: centos8 +IMAGE: centos9 script: - mkdir build - cd build @@ -585,9 +585,9 @@ build-tci: build-without-defaults: extends: .native_build_job_template needs: -job: amd64-centos8-container +job: amd64-centos9-container variables: -IMAGE: centos8 +IMAGE: centos9 CONFIGURE_ARGS: --without-default-devices --without-default-features diff --git a/.gitlab-ci.d/container-core.yml b/.gitlab-ci.d/container-core.yml index 08f8450fa1..5459447676 100644 --- a/.gitlab-ci.d/container-core.yml +++ b/.gitlab-ci.d/container-core.yml @@ -1,10 +1,10 @@ include: - local: '/.gitlab-ci.d/container-template.yml' -amd64-centos8-container: +amd64-centos9-container: extends: .container_job_template variables: -NAME: centos8 +NAME: centos9 amd64-fedora-container: extends: .container_job_template diff --git a/tests/docker/dockerfiles/centos8.docker b/tests/docker/dockerfiles/centos9.docker similarity index 82% rename from tests/docker/dockerfiles/centos8.docker rename to tests/docker/dockerfiles/centos9.docker index d97c30e96a..9fc9b27eb7 100644 --- a/tests/docker/dockerfiles/centos8.docker +++ b/tests/docker/dockerfiles/centos9.docker @@ -1,15 +1,14 @@ # THIS FILE WAS AUTO-GENERATED # -# $ lcitool dockerfile --layers all centos-stream-8 qemu +# $ lcitool dockerfile --layers all centos-stream-9 qemu # # https://gitlab.com/libvirt/libvirt-ci -FROM quay.io/centos/centos:stream8 +FROM quay.io/centos/centos:stream9 RUN dnf distro-sync -y && \ dnf install 'dnf-command(config-manager)' -y && \ -dnf config-manager --set-enabled -y powertools && \ -dnf install -y centos-release-advanced-virtualization && \ +dnf config-manager --set-enabled -y crb && \ dnf install -y epel-release && \ dnf install -y epel-next-release && \ dnf install -y \ @@ -42,7 +41,6 @@ RUN dnf distro-sync -y && \ glib2-static \ glibc-langpack-en \ glibc-static \ -glusterfs-api-devel \ gnutls-devel \ gtk3-devel \ hostname \ @@ -82,6 +80,7 @@ RUN dnf distro-sync -y && \ lzo-devel \ make \ mesa-libgbm-devel \ +meson \ mtools \ ncurses-devel \ nettle-devel \ @@ -95,25 +94,25 @@ RUN dnf distro-sync -y && \ pixman-devel \ pkgconfig \ pulseaudio-libs-devel \ -python38 \ -python38-PyYAML \ -python38-numpy \ -python38-pip \ -python38-setuptools \ -python38-wheel \ +python3 \ +python3-PyYAML \ +python3-numpy \ +python3-pillow \ +python3-pip \ +python3-sphinx \ +python3-sphinx_rtd_theme \ +python3-tomli \ rdma-core-devel \ sed \ snappy
[Stable-8.2.6 15/18] qcow2: Don't open data_file with BDRV_O_NO_IO
From: Kevin Wolf One use case for 'qemu-img info' is verifying that untrusted images don't reference an unwanted external file, be it as a backing file or an external data file. To make sure that calling 'qemu-img info' can't already have undesired side effects with a malicious image, just don't open the data file at all with BDRV_O_NO_IO. If nothing ever tries to do I/O, we don't need to have it open. This changes the output of iotests case 061, which used 'qemu-img info' to show that opening an image with an invalid data file fails. After this patch, it succeeds. Replace this part of the test with a qemu-io call, but keep the final 'qemu-img info' to show that the invalid data file is correctly displayed in the output. Fixes: CVE-2024-4467 Cc: qemu-sta...@nongnu.org Signed-off-by: Kevin Wolf Reviewed-by: Eric Blake Reviewed-by: Stefan Hajnoczi Reviewed-by: Hanna Czenczek (cherry picked from commit bd385a5298d7062668e804d73944d52aec9549f1) Signed-off-by: Michael Tokarev diff --git a/block/qcow2.c b/block/qcow2.c index 13e032bd5e..7af7c0bee4 100644 --- a/block/qcow2.c +++ b/block/qcow2.c @@ -1636,7 +1636,22 @@ qcow2_do_open(BlockDriverState *bs, QDict *options, int flags, goto fail; } -if (open_data_file) { +if (open_data_file && (flags & BDRV_O_NO_IO)) { +/* + * Don't open the data file for 'qemu-img info' so that it can be used + * to verify that an untrusted qcow2 image doesn't refer to external + * files. + * + * Note: This still makes has_data_file() return true. + */ +if (s->incompatible_features & QCOW2_INCOMPAT_DATA_FILE) { +s->data_file = NULL; +} else { +s->data_file = bs->file; +} +qdict_extract_subqdict(options, NULL, "data-file."); +qdict_del(options, "data-file"); +} else if (open_data_file) { /* Open external data file */ bdrv_graph_co_rdunlock(); s->data_file = bdrv_co_open_child(NULL, options, "data-file", bs, diff --git a/tests/qemu-iotests/061 b/tests/qemu-iotests/061 index 53c7d428e3..b71ac097d1 100755 --- a/tests/qemu-iotests/061 +++ b/tests/qemu-iotests/061 @@ -326,12 +326,14 @@ $QEMU_IMG amend -o "data_file=foo" "$TEST_IMG" echo _make_test_img -o "compat=1.1,data_file=$TEST_IMG.data" 64M $QEMU_IMG amend -o "data_file=foo" "$TEST_IMG" -_img_info --format-specific +$QEMU_IO -c "read 0 4k" "$TEST_IMG" 2>&1 | _filter_testdir | _filter_imgfmt +$QEMU_IO -c "open -o data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG" -c "read 0 4k" | _filter_qemu_io TEST_IMG="data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG" _img_info --format-specific --image-opts echo $QEMU_IMG amend -o "data_file=" --image-opts "data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG" -_img_info --format-specific +$QEMU_IO -c "read 0 4k" "$TEST_IMG" 2>&1 | _filter_testdir | _filter_imgfmt +$QEMU_IO -c "open -o data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG" -c "read 0 4k" | _filter_qemu_io TEST_IMG="data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG" _img_info --format-specific --image-opts echo diff --git a/tests/qemu-iotests/061.out b/tests/qemu-iotests/061.out index 139fc68177..24c33add7c 100644 --- a/tests/qemu-iotests/061.out +++ b/tests/qemu-iotests/061.out @@ -545,7 +545,9 @@ Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864 qemu-img: data-file can only be set for images that use an external data file Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864 data_file=TEST_DIR/t.IMGFMT.data -qemu-img: Could not open 'TEST_DIR/t.IMGFMT': Could not open 'foo': No such file or directory +qemu-io: can't open device TEST_DIR/t.IMGFMT: Could not open 'foo': No such file or directory +read 4096/4096 bytes at offset 0 +4 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) image: TEST_DIR/t.IMGFMT file format: IMGFMT virtual size: 64 MiB (67108864 bytes) @@ -560,7 +562,9 @@ Format specific information: corrupt: false extended l2: false -qemu-img: Could not open 'TEST_DIR/t.IMGFMT': 'data-file' is required for this image +qemu-io: can't open device TEST_DIR/t.IMGFMT: 'data-file' is required for this image +read 4096/4096 bytes at offset 0 +4 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) image: TEST_DIR/t.IMGFMT file format: IMGFMT virtual size: 64 MiB (67108864 bytes) -- 2.39.2
[Stable-8.2.6 07/18] linux-user: Make TARGET_NR_setgroups affect only the current thread
From: Ilya Leoshkevich Like TARGET_NR_setuid, TARGET_NR_setgroups should affect only the calling thread, and not the entire process. Therefore, implement it using a syscall, and not a libc call. Cc: qemu-sta...@nongnu.org Fixes: 19b84f3c35d7 ("added setgroups and getgroups syscalls") Signed-off-by: Ilya Leoshkevich Reviewed-by: Philippe Mathieu-Daudé Message-Id: <20240614154710.1078766-1-...@linux.ibm.com> Reviewed-by: Richard Henderson Signed-off-by: Richard Henderson (cherry picked from commit 54b27921026df384f67df86f04c39539df375c60) Signed-off-by: Michael Tokarev diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 2b1a3ee094..d9212aa966 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -7198,11 +7198,17 @@ static inline int tswapid(int id) #else #define __NR_sys_setresgid __NR_setresgid #endif +#ifdef __NR_setgroups32 +#define __NR_sys_setgroups __NR_setgroups32 +#else +#define __NR_sys_setgroups __NR_setgroups +#endif _syscall1(int, sys_setuid, uid_t, uid) _syscall1(int, sys_setgid, gid_t, gid) _syscall3(int, sys_setresuid, uid_t, ruid, uid_t, euid, uid_t, suid) _syscall3(int, sys_setresgid, gid_t, rgid, gid_t, egid, gid_t, sgid) +_syscall2(int, sys_setgroups, int, size, gid_t *, grouplist) void syscall_init(void) { @@ -11790,7 +11796,7 @@ static abi_long do_syscall1(CPUArchState *cpu_env, int num, abi_long arg1, unlock_user(target_grouplist, arg2, gidsetsize * sizeof(target_id)); } -return get_errno(setgroups(gidsetsize, grouplist)); +return get_errno(sys_setgroups(gidsetsize, grouplist)); } case TARGET_NR_fchown: return get_errno(fchown(arg1, low2highuid(arg2), low2highgid(arg3))); @@ -12126,7 +12132,7 @@ static abi_long do_syscall1(CPUArchState *cpu_env, int num, abi_long arg1, } unlock_user(target_grouplist, arg2, 0); } -return get_errno(setgroups(gidsetsize, grouplist)); +return get_errno(sys_setgroups(gidsetsize, grouplist)); } #endif #ifdef TARGET_NR_fchown32 -- 2.39.2
[Stable-8.2.6 12/18] i386/cpu: fixup number of addressable IDs for processor cores in the physical package
From: Chuang Xu When QEMU is started with: -cpu host,host-cache-info=on,l3-cache=off \ -smp 2,sockets=1,dies=1,cores=1,threads=2 Guest can't acquire maximum number of addressable IDs for processor cores in the physical package from CPUID[04H]. When creating a CPU topology of 1 core per package, host-cache-info only uses the Host's addressable core IDs field (CPUID.04H.EAX[bits 31-26]), resulting in a conflict (on the multicore Host) between the Guest core topology information in this field and the Guest's actual cores number. Fix it by removing the unnecessary condition to cover 1 core per package case. This is safe because cores_per_pkg will not be 0 and will be at least 1. Fixes: d7caf13b5fcf ("x86: cpu: fixup number of addressable IDs for logical processors sharing cache") Signed-off-by: Guixiong Wei Signed-off-by: Yipeng Yin Signed-off-by: Chuang Xu Reviewed-by: Zhao Liu Message-ID: <20240611032314.64076-1-xuchuangxc...@bytedance.com> Signed-off-by: Paolo Bonzini (cherry picked from commit 903916f0a017fe4b7789f1c6c6982333a5a71876) Signed-off-by: Michael Tokarev (Mjt: fixup for 8.2 due to other changes in this area past 9.0) diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 4dbfbfbd65..8f318a5dc3 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -6097,10 +6097,8 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count, if (*eax & 31) { int host_vcpus_per_cache = 1 + ((*eax & 0x3FFC000) >> 14); int vcpus_per_socket = cs->nr_cores * cs->nr_threads; -if (cs->nr_cores > 1) { -*eax &= ~0xFC00; -*eax |= (pow2ceil(cs->nr_cores) - 1) << 26; -} +*eax &= ~0xFC00; +*eax |= (pow2ceil(cs->nr_cores) - 1) << 26; if (host_vcpus_per_cache > vcpus_per_socket) { *eax &= ~0x3FFC000; *eax |= (pow2ceil(vcpus_per_socket) - 1) << 14; -- 2.39.2
[Stable-8.2.6 18/18] block: Parse filenames only when explicitly requested
From: Kevin Wolf When handling image filenames from legacy options such as -drive or from tools, these filenames are parsed for protocol prefixes, including for the json:{} pseudo-protocol. This behaviour is intended for filenames that come directly from the command line and for backing files, which may come from the image file itself. Higher level management tools generally take care to verify that untrusted images don't contain a bad (or any) backing file reference; 'qemu-img info' is a suitable tool for this. However, for other files that can be referenced in images, such as qcow2 data files or VMDK extents, the string from the image file is usually not verified by management tools - and 'qemu-img info' wouldn't be suitable because in contrast to backing files, it already opens these other referenced files. So here the string should be interpreted as a literal local filename. More complex configurations need to be specified explicitly on the command line or in QMP. This patch changes bdrv_open_inherit() so that it only parses filenames if a new parameter parse_filename is true. It is set for the top level in bdrv_open(), for the file child and for the backing file child. All other callers pass false and disable filename parsing this way. Cc: qemu-sta...@nongnu.org Signed-off-by: Kevin Wolf Reviewed-by: Eric Blake Reviewed-by: Stefan Hajnoczi Reviewed-by: Hanna Czenczek (cherry picked from commit 7ead946998610657d38d1a505d5f25300d4ca613) Signed-off-by: Michael Tokarev (Mjt: backport patch to 8.2, without: v8.2.0-132-g6bc30f194985 "graph-lock: remove AioContext locking" v8.2.0-133-gb49f4755c7fa "block: remove AioContext locking") diff --git a/block.c b/block.c index bfb0861ec6..f89bc98e0e 100644 --- a/block.c +++ b/block.c @@ -86,6 +86,7 @@ static BlockDriverState *bdrv_open_inherit(const char *filename, BlockDriverState *parent, const BdrvChildClass *child_class, BdrvChildRole child_role, + bool parse_filename, Error **errp); static bool bdrv_recurse_has_child(BlockDriverState *bs, @@ -2047,7 +2048,8 @@ static void parse_json_protocol(QDict *options, const char **pfilename, * block driver has been specified explicitly. */ static int bdrv_fill_options(QDict **options, const char *filename, - int *flags, Error **errp) + int *flags, bool allow_parse_filename, + Error **errp) { const char *drvname; bool protocol = *flags & BDRV_O_PROTOCOL; @@ -2089,7 +2091,7 @@ static int bdrv_fill_options(QDict **options, const char *filename, if (protocol && filename) { if (!qdict_haskey(*options, "filename")) { qdict_put_str(*options, "filename", filename); -parse_filename = true; +parse_filename = allow_parse_filename; } else { error_setg(errp, "Can't specify 'file' and 'filename' options at " "the same time"); @@ -3675,7 +3677,8 @@ int bdrv_open_backing_file(BlockDriverState *bs, QDict *parent_options, } backing_hd = bdrv_open_inherit(backing_filename, reference, options, 0, bs, - _of_bds, bdrv_backing_role(bs), errp); + _of_bds, bdrv_backing_role(bs), true, + errp); if (!backing_hd) { bs->open_flags |= BDRV_O_NO_BACKING; error_prepend(errp, "Could not open backing file: "); @@ -3712,7 +3715,8 @@ free_exit: static BlockDriverState * bdrv_open_child_bs(const char *filename, QDict *options, const char *bdref_key, BlockDriverState *parent, const BdrvChildClass *child_class, - BdrvChildRole child_role, bool allow_none, Error **errp) + BdrvChildRole child_role, bool allow_none, + bool parse_filename, Error **errp) { BlockDriverState *bs = NULL; QDict *image_options; @@ -3743,7 +3747,8 @@ bdrv_open_child_bs(const char *filename, QDict *options, const char *bdref_key, } bs = bdrv_open_inherit(filename, reference, image_options, 0, - parent, child_class, child_role, errp); + parent, child_class, child_role, parse_filename, + errp); if (!bs) { goto done; } @@ -3753,6 +3758,37 @@ done: return bs; } +static BdrvChild *bdrv_open_child_common(const char *filename, + QDict *options, const char *bdref_key, + BlockDriverState *parent, + const BdrvChildC
[Stable-8.2.6 17/18] iotests/270: Don't store data-file with json: prefix in image
From: Kevin Wolf We want to disable filename parsing for data files because it's too easy to abuse in malicious image files. Make the test ready for the change by passing the data file explicitly in command line options. Cc: qemu-sta...@nongnu.org Signed-off-by: Kevin Wolf Reviewed-by: Eric Blake Reviewed-by: Stefan Hajnoczi Reviewed-by: Hanna Czenczek (cherry picked from commit 7e1110664ecbc4826f3c978ccb06b6c1bce823e6) Signed-off-by: Michael Tokarev diff --git a/tests/qemu-iotests/270 b/tests/qemu-iotests/270 index 74352342db..c37b674aa2 100755 --- a/tests/qemu-iotests/270 +++ b/tests/qemu-iotests/270 @@ -60,8 +60,16 @@ _make_test_img -o cluster_size=2M,data_file="$TEST_IMG.orig" \ # "write" 2G of data without using any space. # (qemu-img create does not like it, though, because null-co does not # support image creation.) -$QEMU_IMG amend -o data_file="json:{'driver':'null-co',,'size':'4294967296'}" \ -"$TEST_IMG" +test_img_with_null_data="json:{ +'driver': '$IMGFMT', +'file': { +'filename': '$TEST_IMG' +}, +'data-file': { +'driver': 'null-co', +'size':'4294967296' +} +}" # This gives us a range of: # 2^31 - 512 + 768 - 1 = 2^31 + 255 > 2^31 @@ -74,7 +82,7 @@ $QEMU_IMG amend -o data_file="json:{'driver':'null-co',,'size':'4294967296'}" \ # on L2 boundaries, we need large L2 tables; hence the cluster size of # 2 MB. (Anything from 256 kB should work, though, because then one L2 # table covers 8 GB.) -$QEMU_IO -c "write 768 $((2 ** 31 - 512))" "$TEST_IMG" | _filter_qemu_io +$QEMU_IO -c "write 768 $((2 ** 31 - 512))" "$test_img_with_null_data" | _filter_qemu_io _check_test_img -- 2.39.2
[Stable-8.2.6 16/18] iotests/244: Don't store data-file with protocol in image
From: Kevin Wolf We want to disable filename parsing for data files because it's too easy to abuse in malicious image files. Make the test ready for the change by passing the data file explicitly in command line options. Cc: qemu-sta...@nongnu.org Signed-off-by: Kevin Wolf Reviewed-by: Eric Blake Reviewed-by: Stefan Hajnoczi Reviewed-by: Hanna Czenczek (cherry picked from commit 2eb42a728d27a43fdcad5f37d3f65706ce6deba5) Signed-off-by: Michael Tokarev diff --git a/tests/qemu-iotests/244 b/tests/qemu-iotests/244 index 3e61fa25bb..bb9cc6512f 100755 --- a/tests/qemu-iotests/244 +++ b/tests/qemu-iotests/244 @@ -215,9 +215,22 @@ $QEMU_IMG convert -f $IMGFMT -O $IMGFMT -n -C "$TEST_IMG.src" "$TEST_IMG" $QEMU_IMG compare -f $IMGFMT -F $IMGFMT "$TEST_IMG.src" "$TEST_IMG" # blkdebug doesn't support copy offloading, so this tests the error path -$QEMU_IMG amend -f $IMGFMT -o "data_file=blkdebug::$TEST_IMG.data" "$TEST_IMG" -$QEMU_IMG convert -f $IMGFMT -O $IMGFMT -n -C "$TEST_IMG.src" "$TEST_IMG" -$QEMU_IMG compare -f $IMGFMT -F $IMGFMT "$TEST_IMG.src" "$TEST_IMG" +test_img_with_blkdebug="json:{ +'driver': 'qcow2', +'file': { +'driver': 'file', +'filename': '$TEST_IMG' +}, +'data-file': { +'driver': 'blkdebug', +'image': { +'driver': 'file', +'filename': '$TEST_IMG.data' +} +} +}" +$QEMU_IMG convert -f $IMGFMT -O $IMGFMT -n -C "$TEST_IMG.src" "$test_img_with_blkdebug" +$QEMU_IMG compare -f $IMGFMT -F $IMGFMT "$TEST_IMG.src" "$test_img_with_blkdebug" echo echo "=== Flushing should flush the data file ===" -- 2.39.2
[Stable-8.2.6 03/18] ui/gtk: Draw guest frame at refresh cycle
From: Dongwon Kim Draw routine needs to be manually invoked in the next refresh if there is a scanout blob from the guest. This is to prevent a situation where there is a scheduled draw event but it won't happen bacause the window is currently in inactive state (minimized or tabified). If draw is not done for a long time, gl_block timeout and/or fence timeout (on the guest) will happen eventually. v2: Use gd_gl_area_draw(vc) in gtk-gl-area.c Suggested-by: Vivek Kasireddy Cc: Gerd Hoffmann Cc: Marc-André Lureau Cc: Daniel P. Berrangé Signed-off-by: Dongwon Kim Acked-by: Marc-André Lureau Message-Id: <20240426225059.3871283-1-dongwon@intel.com> (cherry picked from commit 77bf310084dad38b3a2badf01766c659056f1cf2) Signed-off-by: Michael Tokarev diff --git a/ui/gtk-egl.c b/ui/gtk-egl.c index 955234429d..bceeeb0352 100644 --- a/ui/gtk-egl.c +++ b/ui/gtk-egl.c @@ -150,6 +150,7 @@ void gd_egl_refresh(DisplayChangeListener *dcl) vc, vc->window ? vc->window : vc->gfx.drawing_area); if (vc->gfx.guest_fb.dmabuf && vc->gfx.guest_fb.dmabuf->draw_submitted) { +gd_egl_draw(vc); return; } diff --git a/ui/gtk-gl-area.c b/ui/gtk-gl-area.c index 7fffd0544e..b490727402 100644 --- a/ui/gtk-gl-area.c +++ b/ui/gtk-gl-area.c @@ -126,6 +126,7 @@ void gd_gl_area_refresh(DisplayChangeListener *dcl) gd_update_monitor_refresh_rate(vc, vc->window ? vc->window : vc->gfx.drawing_area); if (vc->gfx.guest_fb.dmabuf && vc->gfx.guest_fb.dmabuf->draw_submitted) { +gd_gl_area_draw(vc); return; } -- 2.39.2
[Stable-8.2.6 09/18] tcg/loongarch64: Fix tcg_out_movi vs some pcrel pointers
From: Richard Henderson Simplify the logic for two-part, 32-bit pc-relative addresses. Rather than assume all such fit in int32_t, do some arithmetic and assert a result, do some arithmetic first and then check to see if the pieces are in range. Cc: qemu-sta...@nongnu.org Fixes: dacc51720db ("tcg/loongarch64: Implement tcg_out_mov and tcg_out_movi") Reviewed-by: Song Gao Reported-by: Song Gao Signed-off-by: Richard Henderson (cherry picked from commit 521d7fb3ebdf88112ed13556a93e3037742b9eb8) Signed-off-by: Michael Tokarev diff --git a/tcg/loongarch64/tcg-target.c.inc b/tcg/loongarch64/tcg-target.c.inc index abdc8b7f4d..6c99e799b3 100644 --- a/tcg/loongarch64/tcg-target.c.inc +++ b/tcg/loongarch64/tcg-target.c.inc @@ -365,8 +365,7 @@ static void tcg_out_movi(TCGContext *s, TCGType type, TCGReg rd, * back to the slow path. */ -intptr_t pc_offset; -tcg_target_long val_lo, val_hi, pc_hi, offset_hi; +intptr_t src_rx, pc_offset; tcg_target_long hi12, hi32, hi52; /* Value fits in signed i32. */ @@ -376,24 +375,23 @@ static void tcg_out_movi(TCGContext *s, TCGType type, TCGReg rd, } /* PC-relative cases. */ -pc_offset = tcg_pcrel_diff(s, (void *)val); -if (pc_offset == sextreg(pc_offset, 0, 22) && (pc_offset & 3) == 0) { -/* Single pcaddu2i. */ -tcg_out_opc_pcaddu2i(s, rd, pc_offset >> 2); -return; +src_rx = (intptr_t)tcg_splitwx_to_rx(s->code_ptr); +if ((val & 3) == 0) { +pc_offset = val - src_rx; +if (pc_offset == sextreg(pc_offset, 0, 22)) { +/* Single pcaddu2i. */ +tcg_out_opc_pcaddu2i(s, rd, pc_offset >> 2); +return; +} } -if (pc_offset == (int32_t)pc_offset) { -/* Offset within 32 bits; load with pcalau12i + ori. */ -val_lo = sextreg(val, 0, 12); -val_hi = val >> 12; -pc_hi = (val - pc_offset) >> 12; -offset_hi = val_hi - pc_hi; - -tcg_debug_assert(offset_hi == sextreg(offset_hi, 0, 20)); -tcg_out_opc_pcalau12i(s, rd, offset_hi); +pc_offset = (val >> 12) - (src_rx >> 12); +if (pc_offset == sextreg(pc_offset, 0, 20)) { +/* Load with pcalau12i + ori. */ +tcg_target_long val_lo = val & 0xfff; +tcg_out_opc_pcalau12i(s, rd, pc_offset); if (val_lo != 0) { -tcg_out_opc_ori(s, rd, rd, val_lo & 0xfff); +tcg_out_opc_ori(s, rd, rd, val_lo); } return; } -- 2.39.2
[Stable-8.2.6 01/18] target/i386: fix size of EBP writeback in gen_enter()
From: Mark Cave-Ayland The calculation of FrameTemp is done using the size indicated by mo_pushpop() before being written back to EBP, but the final writeback to EBP is done using the size indicated by mo_stacksize(). In the case where mo_pushpop() is MO_32 and mo_stacksize() is MO_16 then the final writeback to EBP is done using MO_16 which can leave junk in the top 16-bits of EBP after executing ENTER. Change the writeback of EBP to use the same size indicated by mo_pushpop() to ensure that the full value is written back. Signed-off-by: Mark Cave-Ayland Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2198 Message-ID: <20240606095319.229650-5-mark.cave-ayl...@ilande.co.uk> Cc: qemu-sta...@nongnu.org Signed-off-by: Paolo Bonzini (cherry picked from commit 3973615e7fbaeef1deeaa067577e373781ced70a) Signed-off-by: Michael Tokarev diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c index 063727c912..716a747df7 100644 --- a/target/i386/tcg/translate.c +++ b/target/i386/tcg/translate.c @@ -2662,7 +2662,7 @@ static void gen_enter(DisasContext *s, int esp_addend, int level) } /* Copy the FrameTemp value to EBP. */ -gen_op_mov_reg_v(s, a_ot, R_EBP, s->T1); +gen_op_mov_reg_v(s, d_ot, R_EBP, s->T1); /* Compute the final value of ESP. */ tcg_gen_subi_tl(s->T1, s->T1, esp_addend + size * level); -- 2.39.2
[Stable-8.2.6 14/18] target/arm: Fix FJCVTZS vs flush-to-zero
From: Richard Henderson Input denormals cause the Javascript inexact bit (output to Z) to be set. Cc: qemu-sta...@nongnu.org Fixes: 6c1f6f2733a ("target/arm: Implement ARMv8.3-JSConv") Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2375 Reviewed-by: Peter Maydell Signed-off-by: Richard Henderson Message-id: 20240625183536.1672454-4-richard.hender...@linaro.org [PMM: fixed hardcoded tab in test case] Signed-off-by: Peter Maydell (cherry picked from commit 7619129f0d4a14d918227c5c47ad7433662e9ccc) Signed-off-by: Michael Tokarev diff --git a/target/arm/vfp_helper.c b/target/arm/vfp_helper.c index 3e5e37abbe..ff59bc5522 100644 --- a/target/arm/vfp_helper.c +++ b/target/arm/vfp_helper.c @@ -1121,8 +1121,8 @@ const FloatRoundMode arm_rmode_to_sf_map[] = { uint64_t HELPER(fjcvtzs)(float64 value, void *vstatus) { float_status *status = vstatus; -uint32_t inexact, frac; -uint32_t e_old, e_new; +uint32_t frac, e_old, e_new; +bool inexact; e_old = get_float_exception_flags(status); set_float_exception_flags(0, status); @@ -1130,13 +1130,13 @@ uint64_t HELPER(fjcvtzs)(float64 value, void *vstatus) e_new = get_float_exception_flags(status); set_float_exception_flags(e_old | e_new, status); -if (value == float64_chs(float64_zero)) { -/* While not inexact for IEEE FP, -0.0 is inexact for JavaScript. */ -inexact = 1; -} else { -/* Normal inexact or overflow or NaN */ -inexact = e_new & (float_flag_inexact | float_flag_invalid); -} +/* Normal inexact, denormal with flush-to-zero, or overflow or NaN */ +inexact = e_new & (float_flag_inexact | + float_flag_input_denormal | + float_flag_invalid); + +/* While not inexact for IEEE FP, -0.0 is inexact for JavaScript. */ +inexact |= value == float64_chs(float64_zero); /* Pack the result and the env->ZF representation of Z together. */ return deposit64(frac, 32, 32, inexact); diff --git a/tests/tcg/aarch64/Makefile.target b/tests/tcg/aarch64/Makefile.target index 70d728ae9a..4ecbca6a41 100644 --- a/tests/tcg/aarch64/Makefile.target +++ b/tests/tcg/aarch64/Makefile.target @@ -41,8 +41,9 @@ endif # Pauth Tests ifneq ($(CROSS_CC_HAS_ARMV8_3),) -AARCH64_TESTS += pauth-1 pauth-2 pauth-4 pauth-5 +AARCH64_TESTS += pauth-1 pauth-2 pauth-4 pauth-5 test-2375 pauth-%: CFLAGS += -march=armv8.3-a +test-2375: CFLAGS += -march=armv8.3-a run-pauth-1: QEMU_OPTS += -cpu max run-pauth-2: QEMU_OPTS += -cpu max # Choose a cpu with FEAT_Pauth but without FEAT_FPAC for pauth-[45]. diff --git a/tests/tcg/aarch64/test-2375.c b/tests/tcg/aarch64/test-2375.c new file mode 100644 index 00..84c7e7de71 --- /dev/null +++ b/tests/tcg/aarch64/test-2375.c @@ -0,0 +1,21 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ +/* Copyright (c) 2024 Linaro Ltd */ +/* See https://gitlab.com/qemu-project/qemu/-/issues/2375 */ + +#include + +int main(void) +{ + int r, z; + + asm("msr fpcr, %2\n\t" + "fjcvtzs %w0, %d3\n\t" + "cset %1, eq" + : "=r"(r), "=r"(z) + : "r"(0x0100L), /* FZ = 1 */ + "w"(0xfcff00L)); /* denormal */ + +assert(r == 0); +assert(z == 0); +return 0; +} -- 2.39.2
[Stable-8.2.6 00/18] Patch Round-up for stable 8.2.6, freeze on 2024-07-14
The following patches are queued for QEMU stable v8.2.6: https://gitlab.com/qemu-project/qemu/-/commits/staging-8.2 Patch freeze is 2024-07-14, and the release is planned for 2024-07-16: https://wiki.qemu.org/Planning/8.2 Please respond here or CC qemu-sta...@nongnu.org on any additional patches you think should (or shouldn't) be included in the release. The changes which are staging for inclusion, with the original commit hash from master branch, are given below the bottom line. Thanks! /mjt -- 01 3973615e7fba Mark Cave-Ayland: target/i386: fix size of EBP writeback in gen_enter() 02 2c3e4e2de699 Alexey Dobriyan: virtio-net: drop too short packets early 03 77bf310084da Dongwon Kim: ui/gtk: Draw guest frame at refresh cycle 04 a276ec8e2632 Philippe Mathieu-Daudé: hw/audio/virtio-snd: Always use little endian audio format 05 b1cf266c82cb Gerd Hoffmann: stdvga: fix screen blanking 06 3b279f73fa37 Anton Johansson: accel/tcg: Fix typo causing tb->page_addr[1] to not be recorded 07 54b27921026d Ilya Leoshkevich: linux-user: Make TARGET_NR_setgroups affect only the current thread 08 6b4965373e56 Clément Chigot: target/sparc: use signed denominator in sdiv helper 09 521d7fb3ebdf Richard Henderson: tcg/loongarch64: Fix tcg_out_movi vs some pcrel pointers 10 6d3279655ac4 Fabiano Rosas: migration: Fix file migration with fdset 11 641b1efe01b2 Thomas Huth: tests: Update our CI to use CentOS Stream 9 instead of 8 12 903916f0a017 Chuang Xu: i386/cpu: fixup number of addressable IDs for processor cores in the physical package 13 76bccf3cb9d9 Richard Henderson: target/arm: Fix VCMLA Dd, Dn, Dm[idx] 14 7619129f0d4a Richard Henderson: target/arm: Fix FJCVTZS vs flush-to-zero 15 bd385a5298d7 Kevin Wolf: qcow2: Don't open data_file with BDRV_O_NO_IO 16 2eb42a728d27 Kevin Wolf: iotests/244: Don't store data-file with protocol in image 17 7e1110664ecb Kevin Wolf: iotests/270: Don't store data-file with json: prefix in image 18 7ead94699861 Kevin Wolf: block: Parse filenames only when explicitly requested
[Stable-7.2.13 16/17] iotests/270: Don't store data-file with json: prefix in image
From: Kevin Wolf We want to disable filename parsing for data files because it's too easy to abuse in malicious image files. Make the test ready for the change by passing the data file explicitly in command line options. Cc: qemu-sta...@nongnu.org Signed-off-by: Kevin Wolf Reviewed-by: Eric Blake Reviewed-by: Stefan Hajnoczi Reviewed-by: Hanna Czenczek (cherry picked from commit 7e1110664ecbc4826f3c978ccb06b6c1bce823e6) Signed-off-by: Michael Tokarev diff --git a/tests/qemu-iotests/270 b/tests/qemu-iotests/270 index 74352342db..c37b674aa2 100755 --- a/tests/qemu-iotests/270 +++ b/tests/qemu-iotests/270 @@ -60,8 +60,16 @@ _make_test_img -o cluster_size=2M,data_file="$TEST_IMG.orig" \ # "write" 2G of data without using any space. # (qemu-img create does not like it, though, because null-co does not # support image creation.) -$QEMU_IMG amend -o data_file="json:{'driver':'null-co',,'size':'4294967296'}" \ -"$TEST_IMG" +test_img_with_null_data="json:{ +'driver': '$IMGFMT', +'file': { +'filename': '$TEST_IMG' +}, +'data-file': { +'driver': 'null-co', +'size':'4294967296' +} +}" # This gives us a range of: # 2^31 - 512 + 768 - 1 = 2^31 + 255 > 2^31 @@ -74,7 +82,7 @@ $QEMU_IMG amend -o data_file="json:{'driver':'null-co',,'size':'4294967296'}" \ # on L2 boundaries, we need large L2 tables; hence the cluster size of # 2 MB. (Anything from 256 kB should work, though, because then one L2 # table covers 8 GB.) -$QEMU_IO -c "write 768 $((2 ** 31 - 512))" "$TEST_IMG" | _filter_qemu_io +$QEMU_IO -c "write 768 $((2 ** 31 - 512))" "$test_img_with_null_data" | _filter_qemu_io _check_test_img -- 2.39.2
[Stable-7.2.13 14/17] qcow2: Don't open data_file with BDRV_O_NO_IO
From: Kevin Wolf One use case for 'qemu-img info' is verifying that untrusted images don't reference an unwanted external file, be it as a backing file or an external data file. To make sure that calling 'qemu-img info' can't already have undesired side effects with a malicious image, just don't open the data file at all with BDRV_O_NO_IO. If nothing ever tries to do I/O, we don't need to have it open. This changes the output of iotests case 061, which used 'qemu-img info' to show that opening an image with an invalid data file fails. After this patch, it succeeds. Replace this part of the test with a qemu-io call, but keep the final 'qemu-img info' to show that the invalid data file is correctly displayed in the output. Fixes: CVE-2024-4467 Cc: qemu-sta...@nongnu.org Signed-off-by: Kevin Wolf Reviewed-by: Eric Blake Reviewed-by: Stefan Hajnoczi Reviewed-by: Hanna Czenczek (cherry picked from commit bd385a5298d7062668e804d73944d52aec9549f1) Signed-off-by: Michael Tokarev diff --git a/block/qcow2.c b/block/qcow2.c index 4dd3ff..c810424feb 100644 --- a/block/qcow2.c +++ b/block/qcow2.c @@ -1614,7 +1614,22 @@ static int coroutine_fn qcow2_do_open(BlockDriverState *bs, QDict *options, goto fail; } -if (open_data_file) { +if (open_data_file && (flags & BDRV_O_NO_IO)) { +/* + * Don't open the data file for 'qemu-img info' so that it can be used + * to verify that an untrusted qcow2 image doesn't refer to external + * files. + * + * Note: This still makes has_data_file() return true. + */ +if (s->incompatible_features & QCOW2_INCOMPAT_DATA_FILE) { +s->data_file = NULL; +} else { +s->data_file = bs->file; +} +qdict_extract_subqdict(options, NULL, "data-file."); +qdict_del(options, "data-file"); +} else if (open_data_file) { /* Open external data file */ s->data_file = bdrv_open_child(NULL, options, "data-file", bs, _of_bds, BDRV_CHILD_DATA, diff --git a/tests/qemu-iotests/061 b/tests/qemu-iotests/061 index 509ad247cd..168a5831dd 100755 --- a/tests/qemu-iotests/061 +++ b/tests/qemu-iotests/061 @@ -326,12 +326,14 @@ $QEMU_IMG amend -o "data_file=foo" "$TEST_IMG" echo _make_test_img -o "compat=1.1,data_file=$TEST_IMG.data" 64M $QEMU_IMG amend -o "data_file=foo" "$TEST_IMG" -_img_info --format-specific +$QEMU_IO -c "read 0 4k" "$TEST_IMG" 2>&1 | _filter_testdir | _filter_imgfmt +$QEMU_IO -c "open -o data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG" -c "read 0 4k" | _filter_qemu_io TEST_IMG="data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG" _img_info --format-specific --image-opts echo $QEMU_IMG amend -o "data_file=" --image-opts "data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG" -_img_info --format-specific +$QEMU_IO -c "read 0 4k" "$TEST_IMG" 2>&1 | _filter_testdir | _filter_imgfmt +$QEMU_IO -c "open -o data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG" -c "read 0 4k" | _filter_qemu_io TEST_IMG="data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG" _img_info --format-specific --image-opts echo diff --git a/tests/qemu-iotests/061.out b/tests/qemu-iotests/061.out index 139fc68177..24c33add7c 100644 --- a/tests/qemu-iotests/061.out +++ b/tests/qemu-iotests/061.out @@ -545,7 +545,9 @@ Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864 qemu-img: data-file can only be set for images that use an external data file Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864 data_file=TEST_DIR/t.IMGFMT.data -qemu-img: Could not open 'TEST_DIR/t.IMGFMT': Could not open 'foo': No such file or directory +qemu-io: can't open device TEST_DIR/t.IMGFMT: Could not open 'foo': No such file or directory +read 4096/4096 bytes at offset 0 +4 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) image: TEST_DIR/t.IMGFMT file format: IMGFMT virtual size: 64 MiB (67108864 bytes) @@ -560,7 +562,9 @@ Format specific information: corrupt: false extended l2: false -qemu-img: Could not open 'TEST_DIR/t.IMGFMT': 'data-file' is required for this image +qemu-io: can't open device TEST_DIR/t.IMGFMT: 'data-file' is required for this image +read 4096/4096 bytes at offset 0 +4 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) image: TEST_DIR/t.IMGFMT file format: IMGFMT virtual size: 64 MiB (67108864 bytes) -- 2.39.2
[Stable-7.2.13 13/17] target/arm: Fix VCMLA Dd, Dn, Dm[idx]
From: Richard Henderson The inner loop, bounded by eltspersegment, must not be larger than the outer loop, bounded by elements. Cc: qemu-sta...@nongnu.org Fixes: 18fc2405781 ("target/arm: Implement SVE fp complex multiply add (indexed)") Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2376 Reviewed-by: Peter Maydell Signed-off-by: Richard Henderson Message-id: 20240625183536.1672454-2-richard.hender...@linaro.org Signed-off-by: Peter Maydell (cherry picked from commit 76bccf3cb9d9383da0128bbc6d1300cddbe3ae8f) Signed-off-by: Michael Tokarev diff --git a/target/arm/vec_helper.c b/target/arm/vec_helper.c index f59d3b26ea..859366e264 100644 --- a/target/arm/vec_helper.c +++ b/target/arm/vec_helper.c @@ -842,7 +842,7 @@ void HELPER(gvec_fcmlah_idx)(void *vd, void *vn, void *vm, void *va, intptr_t index = extract32(desc, SIMD_DATA_SHIFT + 2, 2); uint32_t neg_real = flip ^ neg_imag; intptr_t elements = opr_sz / sizeof(float16); -intptr_t eltspersegment = 16 / sizeof(float16); +intptr_t eltspersegment = MIN(16 / sizeof(float16), elements); intptr_t i, j; /* Shift boolean to the sign bit so we can xor to negate. */ @@ -904,7 +904,7 @@ void HELPER(gvec_fcmlas_idx)(void *vd, void *vn, void *vm, void *va, intptr_t index = extract32(desc, SIMD_DATA_SHIFT + 2, 2); uint32_t neg_real = flip ^ neg_imag; intptr_t elements = opr_sz / sizeof(float32); -intptr_t eltspersegment = 16 / sizeof(float32); +intptr_t eltspersegment = MIN(16 / sizeof(float32), elements); intptr_t i, j; /* Shift boolean to the sign bit so we can xor to negate. */ -- 2.39.2
[Stable-7.2.13 07/17] Update lcitool and fedora to 37
From: Marc-André Lureau Fedora 35 is EOL. Update to upstream lcitool, that dropped f35 and added f37. Signed-off-by: Marc-André Lureau Reviewed-by: Thomas Huth Reviewed-by: Philippe Mathieu-Daudé Message-Id: <20230110132700.833690-7-marcandre.lur...@redhat.com> Signed-off-by: Alex Bennée Message-Id: <20230124180127.1881110-11-alex.ben...@linaro.org> (cherry picked from commit 0054dc8bde408d61257bacdb489bbacc4ca5cde5) Signed-off-by: Michael Tokarev diff --git a/tests/docker/dockerfiles/fedora-win32-cross.docker b/tests/docker/dockerfiles/fedora-win32-cross.docker index 75383ba185..cc5d1ac4be 100644 --- a/tests/docker/dockerfiles/fedora-win32-cross.docker +++ b/tests/docker/dockerfiles/fedora-win32-cross.docker @@ -1,10 +1,10 @@ # THIS FILE WAS AUTO-GENERATED # -# $ lcitool dockerfile --layers all --cross mingw32 fedora-35 qemu +# $ lcitool dockerfile --layers all --cross mingw32 fedora-37 qemu # # https://gitlab.com/libvirt/libvirt-ci -FROM registry.fedoraproject.org/fedora:35 +FROM registry.fedoraproject.org/fedora:37 RUN dnf install -y nosync && \ echo -e '#!/bin/sh\n\ diff --git a/tests/docker/dockerfiles/fedora-win64-cross.docker b/tests/docker/dockerfiles/fedora-win64-cross.docker index 98c03dc13b..cabbf4edfc 100644 --- a/tests/docker/dockerfiles/fedora-win64-cross.docker +++ b/tests/docker/dockerfiles/fedora-win64-cross.docker @@ -1,10 +1,10 @@ # THIS FILE WAS AUTO-GENERATED # -# $ lcitool dockerfile --layers all --cross mingw64 fedora-35 qemu +# $ lcitool dockerfile --layers all --cross mingw64 fedora-37 qemu # # https://gitlab.com/libvirt/libvirt-ci -FROM registry.fedoraproject.org/fedora:35 +FROM registry.fedoraproject.org/fedora:37 RUN dnf install -y nosync && \ echo -e '#!/bin/sh\n\ diff --git a/tests/docker/dockerfiles/fedora.docker b/tests/docker/dockerfiles/fedora.docker index d200c7fc10..f44b005000 100644 --- a/tests/docker/dockerfiles/fedora.docker +++ b/tests/docker/dockerfiles/fedora.docker @@ -1,10 +1,10 @@ # THIS FILE WAS AUTO-GENERATED # -# $ lcitool dockerfile --layers all fedora-35 qemu +# $ lcitool dockerfile --layers all fedora-37 qemu # # https://gitlab.com/libvirt/libvirt-ci -FROM registry.fedoraproject.org/fedora:35 +FROM registry.fedoraproject.org/fedora:37 RUN dnf install -y nosync && \ echo -e '#!/bin/sh\n\ diff --git a/tests/lcitool/libvirt-ci b/tests/lcitool/libvirt-ci index e3eb28cf2e..319a534c22 16 --- a/tests/lcitool/libvirt-ci +++ b/tests/lcitool/libvirt-ci @@ -1 +1 @@ -Subproject commit e3eb28cf2e17fbcf7fe7e19505ee432b8ec5bbb5 +Subproject commit 319a534c220f53fc8670254cac25d6f662c82112 diff --git a/tests/lcitool/refresh b/tests/lcitool/refresh index fa966e4009..a5ea0efc3b 100755 --- a/tests/lcitool/refresh +++ b/tests/lcitool/refresh @@ -111,7 +111,7 @@ try: generate_dockerfile("centos8", "centos-stream-8") generate_dockerfile("debian-amd64", "debian-11", trailer="".join(debian11_extras)) -generate_dockerfile("fedora", "fedora-35") +generate_dockerfile("fedora", "fedora-37") generate_dockerfile("opensuse-leap", "opensuse-leap-153") generate_dockerfile("ubuntu2004", "ubuntu-2004", trailer="".join(ubuntu2004_tsanhack)) @@ -161,12 +161,12 @@ try: trailer=cross_build("s390x-linux-gnu-", "s390x-softmmu,s390x-linux-user")) -generate_dockerfile("fedora-win32-cross", "fedora-35", +generate_dockerfile("fedora-win32-cross", "fedora-37", cross="mingw32", trailer=cross_build("i686-w64-mingw32-", "i386-softmmu")) -generate_dockerfile("fedora-win64-cross", "fedora-35", +generate_dockerfile("fedora-win64-cross", "fedora-37", cross="mingw64", trailer=cross_build("x86_64-w64-mingw32-", "x86_64-softmmu")) -- 2.39.2
[Stable-7.2.13 02/17] virtio-net: drop too short packets early
From: Alexey Dobriyan Reproducer from https://gitlab.com/qemu-project/qemu/-/issues/1451 creates small packet (1 segment, len = 10 == n->guest_hdr_len), then destroys queue. "if (n->host_hdr_len != n->guest_hdr_len)" is triggered, if body creates zero length/zero segment packet as there is nothing after guest header. qemu_sendv_packet_async() tries to send it. slirp discards it because it is smaller than Ethernet header, but returns 0 because tx hooks are supposed to return total length of data. 0 is propagated upwards and is interpreted as "packet has been sent" which is terrible because queue is being destroyed, nobody is waiting for TX to complete and assert it triggered. Fix is discard such empty packets instead of sending them. Length 1 packets will go via different codepath: virtqueue_push(q->tx_vq, elem, 0); virtio_notify(vdev, q->tx_vq); g_free(elem); and aren't problematic. Signed-off-by: Alexey Dobriyan Signed-off-by: Jason Wang (cherry picked from commit 2c3e4e2de699cd4d9f6c71f30a22d8f125cd6164) Signed-off-by: Michael Tokarev diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c index b6177a6afe..beadea5bf8 100644 --- a/hw/net/virtio-net.c +++ b/hw/net/virtio-net.c @@ -2646,18 +2646,14 @@ static int32_t virtio_net_flush_tx(VirtIONetQueue *q) out_sg = elem->out_sg; if (out_num < 1) { virtio_error(vdev, "virtio-net header not in first element"); -virtqueue_detach_element(q->tx_vq, elem, 0); -g_free(elem); -return -EINVAL; +goto detach; } if (n->has_vnet_hdr) { if (iov_to_buf(out_sg, out_num, 0, , n->guest_hdr_len) < n->guest_hdr_len) { virtio_error(vdev, "virtio-net header incorrect"); -virtqueue_detach_element(q->tx_vq, elem, 0); -g_free(elem); -return -EINVAL; +goto detach; } if (n->needs_vnet_hdr_swap) { virtio_net_hdr_swap(vdev, (void *) ); @@ -2688,6 +2684,11 @@ static int32_t virtio_net_flush_tx(VirtIONetQueue *q) n->guest_hdr_len, -1); out_num = sg_num; out_sg = sg; + +if (out_num < 1) { +virtio_error(vdev, "virtio-net nothing to send"); +goto detach; +} } ret = qemu_sendv_packet_async(qemu_get_subqueue(n->nic, queue_index), @@ -2708,6 +2709,11 @@ drop: } } return num_packets; + +detach: +virtqueue_detach_element(q->tx_vq, elem, 0); +g_free(elem); +return -EINVAL; } static void virtio_net_tx_timer(void *opaque); -- 2.39.2
[Stable-7.2.13 10/17] tests: don't run benchmarks for the tsan build
From: Alex Bennée All we are really doing here is checking that TSAN builds compile and are therefor a tool available to developers. The benchmarks are not representative of QEMU's actual threading behaviour and they burn precious CI time. Indeed switching to check-unit reveals many unaddressed issues which have been logged at: https://gitlab.com/qemu-project/qemu/-/issues/1496 So for now disable the make check and make this a build only test. Signed-off-by: Alex Bennée Reviewed-by: Thomas Huth Reviewed-by: Richard Henderson Message-Id: <20230228190653.1602033-8-alex.ben...@linaro.org> (cherry picked from commit 7c7d369b33f01d3705a14c361689776de6bb5b7a) Signed-off-by: Michael Tokarev diff --git a/.gitlab-ci.d/buildtest.yml b/.gitlab-ci.d/buildtest.yml index dec57a3240..9b6da37582 100644 --- a/.gitlab-ci.d/buildtest.yml +++ b/.gitlab-ci.d/buildtest.yml @@ -469,7 +469,6 @@ tsan-build: CONFIGURE_ARGS: --enable-tsan --cc=clang-10 --cxx=clang++-10 --enable-trace-backends=ust --enable-fdt=system --disable-slirp TARGETS: x86_64-softmmu ppc64-softmmu riscv64-softmmu x86_64-linux-user -MAKE_CHECK_ARGS: bench V=1 # gprof/gcov are GCC features build-gprof-gcov: -- 2.39.2
[Stable-7.2.13 03/17] stdvga: fix screen blanking
From: Gerd Hoffmann In case the display surface uses a shared buffer (i.e. uses vga vram directly instead of a shadow) go unshare the buffer before clearing it. This avoids vga memory corruption, which in turn fixes unblanking not working properly with X11. Cc: qemu-sta...@nongnu.org Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2067 Signed-off-by: Gerd Hoffmann Reviewed-by: Marc-André Lureau Message-ID: <20240605131444.797896-2-kra...@redhat.com> Signed-off-by: Philippe Mathieu-Daudé (cherry picked from commit b1cf266c82cb1211ee2785f1813a6a3f3e693390) Signed-off-by: Michael Tokarev diff --git a/hw/display/vga.c b/hw/display/vga.c index 0cb26a791b..8e2d44bea3 100644 --- a/hw/display/vga.c +++ b/hw/display/vga.c @@ -1746,6 +1746,13 @@ static void vga_draw_blank(VGACommonState *s, int full_update) if (s->last_scr_width <= 0 || s->last_scr_height <= 0) return; +if (is_buffer_shared(surface)) { +/* unshare buffer, otherwise the blanking corrupts vga vram */ +surface = qemu_create_displaysurface(s->last_scr_width, + s->last_scr_height); +dpy_gfx_replace_surface(s->con, surface); +} + w = s->last_scr_width * surface_bytes_per_pixel(surface); d = surface_data(surface); for(i = 0; i < s->last_scr_height; i++) { -- 2.39.2
[Stable-7.2.13 09/17] tests: Update our CI to use CentOS Stream 9 instead of 8
From: Thomas Huth RHEL 9 (and thus also the derivatives) have been available since two years now, so according to QEMU's support policy, we can drop the active support for the previous major version 8 now. Another reason for doing this is that Centos Stream 8 will go EOL soon: https://blog.centos.org/2023/04/end-dates-are-coming-for-centos-stream-8-and-centos-linux-7/ "After May 31, 2024, CentOS Stream 8 will be archived and no further updates will be provided." Thus upgrade our CentOS Stream container to major version 9 now. Reviewed-by: Daniel P. Berrangé Message-ID: <20240418101056.302103-5-th...@redhat.com> Signed-off-by: Thomas Huth (cherry picked from commit 641b1efe01b2dd6e7ac92f23d392dcee73508746) (Mjt: numerous merge conflicts due to many changes in testing framework) Signed-off-by: Michael Tokarev diff --git a/.gitlab-ci.d/buildtest.yml b/.gitlab-ci.d/buildtest.yml index 956025f689..dec57a3240 100644 --- a/.gitlab-ci.d/buildtest.yml +++ b/.gitlab-ci.d/buildtest.yml @@ -162,9 +162,9 @@ crash-test-fedora: build-system-centos: extends: .native_build_job_template needs: -job: amd64-centos8-container +job: amd64-centos9-container variables: -IMAGE: centos8 +IMAGE: centos9 CONFIGURE_ARGS: --disable-nettle --enable-gcrypt --enable-fdt=system --enable-modules --enable-trace-backends=dtrace --enable-docs --enable-vfio-user-server @@ -182,7 +182,7 @@ check-system-centos: - job: build-system-centos artifacts: true variables: -IMAGE: centos8 +IMAGE: centos9 MAKE_CHECK_ARGS: check avocado-system-centos: @@ -191,7 +191,7 @@ avocado-system-centos: - job: build-system-centos artifacts: true variables: -IMAGE: centos8 +IMAGE: centos9 MAKE_CHECK_ARGS: check-avocado build-system-opensuse: @@ -237,9 +237,9 @@ avocado-system-opensuse: build-tcg-disabled: extends: .native_build_job_template needs: -job: amd64-centos8-container +job: amd64-centos9-container variables: -IMAGE: centos8 +IMAGE: centos9 script: - mkdir build - cd build @@ -563,9 +563,9 @@ build-coroutine-sigaltstack: build-without-defaults: extends: .native_build_job_template needs: -job: amd64-centos8-container +job: amd64-centos9-container variables: -IMAGE: centos8 +IMAGE: centos9 CONFIGURE_ARGS: --without-default-devices --without-default-features diff --git a/.gitlab-ci.d/container-core.yml b/.gitlab-ci.d/container-core.yml index 08f8450fa1..5459447676 100644 --- a/.gitlab-ci.d/container-core.yml +++ b/.gitlab-ci.d/container-core.yml @@ -1,10 +1,10 @@ include: - local: '/.gitlab-ci.d/container-template.yml' -amd64-centos8-container: +amd64-centos9-container: extends: .container_job_template variables: -NAME: centos8 +NAME: centos9 amd64-fedora-container: extends: .container_job_template diff --git a/tests/docker/dockerfiles/centos8.docker b/tests/docker/dockerfiles/centos9.docker similarity index 82% rename from tests/docker/dockerfiles/centos8.docker rename to tests/docker/dockerfiles/centos9.docker index cc09402eb3..62c4896191 100644 --- a/tests/docker/dockerfiles/centos8.docker +++ b/tests/docker/dockerfiles/centos9.docker @@ -1,15 +1,14 @@ # THIS FILE WAS AUTO-GENERATED # -# $ lcitool dockerfile --layers all centos-stream-8 qemu +# $ lcitool dockerfile --layers all centos-stream-9 qemu # # https://gitlab.com/libvirt/libvirt-ci -FROM quay.io/centos/centos:stream8 +FROM quay.io/centos/centos:stream9 RUN dnf distro-sync -y && \ dnf install 'dnf-command(config-manager)' -y && \ -dnf config-manager --set-enabled -y powertools && \ -dnf install -y centos-release-advanced-virtualization && \ +dnf config-manager --set-enabled -y crb && \ dnf install -y epel-release && \ dnf install -y epel-next-release && \ dnf install -y \ @@ -43,7 +42,6 @@ RUN dnf distro-sync -y && \ glib2-static \ glibc-langpack-en \ glibc-static \ -glusterfs-api-devel \ gnutls-devel \ gtk3-devel \ hostname \ @@ -82,6 +80,7 @@ RUN dnf distro-sync -y && \ lzo-devel \ make \ mesa-libgbm-devel \ +meson \ ncurses-devel \ nettle-devel \ ninja-build \ @@ -94,25 +93,25 @@ RUN dnf distro-sync -y && \ pixman-devel \ pkgconfig \ pulseaudio-libs-devel \ -python38 \ -python38-PyYAML \ -python38-numpy \ -python38-pip \ -python38-setuptools \ -python38-wheel \ +python3 \ +python3-PyYAML \ +python3-numpy \ +python3-pillow \ +python3-pip \ +python3-sphinx \ +python3-sphinx_rtd_theme \ +python3-tomli \ rdma-core-devel \ rpm \ sed \
[Stable-7.2.13 04/17] linux-user: Make TARGET_NR_setgroups affect only the current thread
From: Ilya Leoshkevich Like TARGET_NR_setuid, TARGET_NR_setgroups should affect only the calling thread, and not the entire process. Therefore, implement it using a syscall, and not a libc call. Cc: qemu-sta...@nongnu.org Fixes: 19b84f3c35d7 ("added setgroups and getgroups syscalls") Signed-off-by: Ilya Leoshkevich Reviewed-by: Philippe Mathieu-Daudé Message-Id: <20240614154710.1078766-1-...@linux.ibm.com> Reviewed-by: Richard Henderson Signed-off-by: Richard Henderson (cherry picked from commit 54b27921026df384f67df86f04c39539df375c60) Signed-off-by: Michael Tokarev diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 74240f99ad..53c46ae951 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -7228,11 +7228,17 @@ static inline int tswapid(int id) #else #define __NR_sys_setresgid __NR_setresgid #endif +#ifdef __NR_setgroups32 +#define __NR_sys_setgroups __NR_setgroups32 +#else +#define __NR_sys_setgroups __NR_setgroups +#endif _syscall1(int, sys_setuid, uid_t, uid) _syscall1(int, sys_setgid, gid_t, gid) _syscall3(int, sys_setresuid, uid_t, ruid, uid_t, euid, uid_t, suid) _syscall3(int, sys_setresgid, gid_t, rgid, gid_t, egid, gid_t, sgid) +_syscall2(int, sys_setgroups, int, size, gid_t *, grouplist) void syscall_init(void) { @@ -11453,7 +11459,7 @@ static abi_long do_syscall1(CPUArchState *cpu_env, int num, abi_long arg1, unlock_user(target_grouplist, arg2, gidsetsize * sizeof(target_id)); } -return get_errno(setgroups(gidsetsize, grouplist)); +return get_errno(sys_setgroups(gidsetsize, grouplist)); } case TARGET_NR_fchown: return get_errno(fchown(arg1, low2highuid(arg2), low2highgid(arg3))); @@ -11789,7 +11795,7 @@ static abi_long do_syscall1(CPUArchState *cpu_env, int num, abi_long arg1, } unlock_user(target_grouplist, arg2, 0); } -return get_errno(setgroups(gidsetsize, grouplist)); +return get_errno(sys_setgroups(gidsetsize, grouplist)); } #endif #ifdef TARGET_NR_fchown32 -- 2.39.2
[Stable-7.2.13 17/17] block: Parse filenames only when explicitly requested
From: Kevin Wolf When handling image filenames from legacy options such as -drive or from tools, these filenames are parsed for protocol prefixes, including for the json:{} pseudo-protocol. This behaviour is intended for filenames that come directly from the command line and for backing files, which may come from the image file itself. Higher level management tools generally take care to verify that untrusted images don't contain a bad (or any) backing file reference; 'qemu-img info' is a suitable tool for this. However, for other files that can be referenced in images, such as qcow2 data files or VMDK extents, the string from the image file is usually not verified by management tools - and 'qemu-img info' wouldn't be suitable because in contrast to backing files, it already opens these other referenced files. So here the string should be interpreted as a literal local filename. More complex configurations need to be specified explicitly on the command line or in QMP. This patch changes bdrv_open_inherit() so that it only parses filenames if a new parameter parse_filename is true. It is set for the top level in bdrv_open(), for the file child and for the backing file child. All other callers pass false and disable filename parsing this way. Cc: qemu-sta...@nongnu.org Signed-off-by: Kevin Wolf Reviewed-by: Eric Blake Reviewed-by: Stefan Hajnoczi Reviewed-by: Hanna Czenczek (cherry picked from commit 7ead946998610657d38d1a505d5f25300d4ca613) Signed-off-by: Michael Tokarev (Mjt: backport patch to 7.2, without: v8.0.0-2069-g8394c35ee148 "block: Fix AioContext locking in bdrv_open_child()" v8.1.0-801-gafdaeb9ea06e "block: Mark bdrv_attach_child() GRAPH_WRLOCK" v8.2.0-rc0-59-g6bc0bcc89f84 "block: Fix deadlocks in bdrv_graph_wrunlock()" v8.2.0-132-g6bc30f194985 "graph-lock: remove AioContext locking" v8.2.0-133-gb49f4755c7fa "block: remove AioContext locking") diff --git a/block.c b/block.c index a18f052374..ea369a3fe5 100644 --- a/block.c +++ b/block.c @@ -85,6 +85,7 @@ static BlockDriverState *bdrv_open_inherit(const char *filename, BlockDriverState *parent, const BdrvChildClass *child_class, BdrvChildRole child_role, + bool parse_filename, Error **errp); static bool bdrv_recurse_has_child(BlockDriverState *bs, @@ -2051,7 +2052,8 @@ static void parse_json_protocol(QDict *options, const char **pfilename, * block driver has been specified explicitly. */ static int bdrv_fill_options(QDict **options, const char *filename, - int *flags, Error **errp) + int *flags, bool allow_parse_filename, + Error **errp) { const char *drvname; bool protocol = *flags & BDRV_O_PROTOCOL; @@ -2093,7 +2095,7 @@ static int bdrv_fill_options(QDict **options, const char *filename, if (protocol && filename) { if (!qdict_haskey(*options, "filename")) { qdict_put_str(*options, "filename", filename); -parse_filename = true; +parse_filename = allow_parse_filename; } else { error_setg(errp, "Can't specify 'file' and 'filename' options at " "the same time"); @@ -3516,7 +3518,8 @@ int bdrv_open_backing_file(BlockDriverState *bs, QDict *parent_options, } backing_hd = bdrv_open_inherit(backing_filename, reference, options, 0, bs, - _of_bds, bdrv_backing_role(bs), errp); + _of_bds, bdrv_backing_role(bs), true, + errp); if (!backing_hd) { bs->open_flags |= BDRV_O_NO_BACKING; error_prepend(errp, "Could not open backing file: "); @@ -3549,7 +3552,8 @@ free_exit: static BlockDriverState * bdrv_open_child_bs(const char *filename, QDict *options, const char *bdref_key, BlockDriverState *parent, const BdrvChildClass *child_class, - BdrvChildRole child_role, bool allow_none, Error **errp) + BdrvChildRole child_role, bool allow_none, + bool parse_filename, Error **errp) { BlockDriverState *bs = NULL; QDict *image_options; @@ -3580,7 +3584,8 @@ bdrv_open_child_bs(const char *filename, QDict *options, const char *bdref_key, } bs = bdrv_open_inherit(filename, reference, image_options, 0, - parent, child_class, child_role, errp); + parent, child_class, child_role, parse_filename, + errp); if (!bs) { goto done; } @@ -3590,6 +3595,28 @@ done: return bs; } +static BdrvChild
[Stable-7.2.13 12/17] i386/cpu: fixup number of addressable IDs for processor cores in the physical package
From: Chuang Xu When QEMU is started with: -cpu host,host-cache-info=on,l3-cache=off \ -smp 2,sockets=1,dies=1,cores=1,threads=2 Guest can't acquire maximum number of addressable IDs for processor cores in the physical package from CPUID[04H]. When creating a CPU topology of 1 core per package, host-cache-info only uses the Host's addressable core IDs field (CPUID.04H.EAX[bits 31-26]), resulting in a conflict (on the multicore Host) between the Guest core topology information in this field and the Guest's actual cores number. Fix it by removing the unnecessary condition to cover 1 core per package case. This is safe because cores_per_pkg will not be 0 and will be at least 1. Fixes: d7caf13b5fcf ("x86: cpu: fixup number of addressable IDs for logical processors sharing cache") Signed-off-by: Guixiong Wei Signed-off-by: Yipeng Yin Signed-off-by: Chuang Xu Reviewed-by: Zhao Liu Message-ID: <20240611032314.64076-1-xuchuangxc...@bytedance.com> Signed-off-by: Paolo Bonzini (cherry picked from commit 903916f0a017fe4b7789f1c6c6982333a5a71876) Signed-off-by: Michael Tokarev (Mjt: fixup for 7.2 due to other changes in this area past 8.2) diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 52a3020032..9c3e64c54b 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -5297,10 +5297,8 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count, int host_vcpus_per_cache = 1 + ((*eax & 0x3FFC000) >> 14); int vcpus_per_socket = env->nr_dies * cs->nr_cores * cs->nr_threads; -if (cs->nr_cores > 1) { -*eax &= ~0xFC00; -*eax |= (pow2ceil(cs->nr_cores) - 1) << 26; -} +*eax &= ~0xFC00; +*eax |= (pow2ceil(cs->nr_cores) - 1) << 26; if (host_vcpus_per_cache > vcpus_per_socket) { *eax &= ~0x3FFC000; *eax |= (pow2ceil(vcpus_per_socket) - 1) << 14; -- 2.39.2
[Stable-7.2.13 15/17] iotests/244: Don't store data-file with protocol in image
From: Kevin Wolf We want to disable filename parsing for data files because it's too easy to abuse in malicious image files. Make the test ready for the change by passing the data file explicitly in command line options. Cc: qemu-sta...@nongnu.org Signed-off-by: Kevin Wolf Reviewed-by: Eric Blake Reviewed-by: Stefan Hajnoczi Reviewed-by: Hanna Czenczek (cherry picked from commit 2eb42a728d27a43fdcad5f37d3f65706ce6deba5) Signed-off-by: Michael Tokarev diff --git a/tests/qemu-iotests/244 b/tests/qemu-iotests/244 index 3e61fa25bb..bb9cc6512f 100755 --- a/tests/qemu-iotests/244 +++ b/tests/qemu-iotests/244 @@ -215,9 +215,22 @@ $QEMU_IMG convert -f $IMGFMT -O $IMGFMT -n -C "$TEST_IMG.src" "$TEST_IMG" $QEMU_IMG compare -f $IMGFMT -F $IMGFMT "$TEST_IMG.src" "$TEST_IMG" # blkdebug doesn't support copy offloading, so this tests the error path -$QEMU_IMG amend -f $IMGFMT -o "data_file=blkdebug::$TEST_IMG.data" "$TEST_IMG" -$QEMU_IMG convert -f $IMGFMT -O $IMGFMT -n -C "$TEST_IMG.src" "$TEST_IMG" -$QEMU_IMG compare -f $IMGFMT -F $IMGFMT "$TEST_IMG.src" "$TEST_IMG" +test_img_with_blkdebug="json:{ +'driver': 'qcow2', +'file': { +'driver': 'file', +'filename': '$TEST_IMG' +}, +'data-file': { +'driver': 'blkdebug', +'image': { +'driver': 'file', +'filename': '$TEST_IMG.data' +} +} +}" +$QEMU_IMG convert -f $IMGFMT -O $IMGFMT -n -C "$TEST_IMG.src" "$test_img_with_blkdebug" +$QEMU_IMG compare -f $IMGFMT -F $IMGFMT "$TEST_IMG.src" "$test_img_with_blkdebug" echo echo "=== Flushing should flush the data file ===" -- 2.39.2
[Stable-7.2.13 11/17] gitlab-ci: Disable the riscv64-debian-cross-container by default
From: Thomas Huth This job is failing since weeks. Let's mark it as manual until it gets fixed. Message-Id: <82aa015a-ca94-49ce-beec-679cc175b...@redhat.com> Acked-by: Michael Tokarev Signed-off-by: Thomas Huth (cherry picked from commit f51f90c65ed7706c3c4f7a889ce3d6b7ab75ef6a) Signed-off-by: Michael Tokarev diff --git a/.gitlab-ci.d/container-cross.yml b/.gitlab-ci.d/container-cross.yml index 2d560e9764..24343192ac 100644 --- a/.gitlab-ci.d/container-cross.yml +++ b/.gitlab-ci.d/container-cross.yml @@ -115,6 +115,7 @@ riscv64-debian-cross-container: allow_failure: true variables: NAME: debian-riscv64-cross +QEMU_JOB_OPTIONAL: 1 # we can however build TCG tests using a non-sid base riscv64-debian-test-cross-container: -- 2.39.2
[Stable-7.2.13 01/17] target/i386: fix size of EBP writeback in gen_enter()
From: Mark Cave-Ayland The calculation of FrameTemp is done using the size indicated by mo_pushpop() before being written back to EBP, but the final writeback to EBP is done using the size indicated by mo_stacksize(). In the case where mo_pushpop() is MO_32 and mo_stacksize() is MO_16 then the final writeback to EBP is done using MO_16 which can leave junk in the top 16-bits of EBP after executing ENTER. Change the writeback of EBP to use the same size indicated by mo_pushpop() to ensure that the full value is written back. Signed-off-by: Mark Cave-Ayland Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2198 Message-ID: <20240606095319.229650-5-mark.cave-ayl...@ilande.co.uk> Cc: qemu-sta...@nongnu.org Signed-off-by: Paolo Bonzini (cherry picked from commit 3973615e7fbaeef1deeaa067577e373781ced70a) Signed-off-by: Michael Tokarev diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c index 417bc26e8f..8eb6a974e5 100644 --- a/target/i386/tcg/translate.c +++ b/target/i386/tcg/translate.c @@ -2696,7 +2696,7 @@ static void gen_enter(DisasContext *s, int esp_addend, int level) } /* Copy the FrameTemp value to EBP. */ -gen_op_mov_reg_v(s, a_ot, R_EBP, s->T1); +gen_op_mov_reg_v(s, d_ot, R_EBP, s->T1); /* Compute the final value of ESP. */ tcg_gen_subi_tl(s->T1, s->T1, esp_addend + size * level); -- 2.39.2
[Stable-7.2.13 08/17] ci, docker: update CentOS and OpenSUSE Python to non-EOL versions
From: Paolo Bonzini Python 3.6 is at end-of-life. Update the libvirt-ci module to a version that supports overrides for targets and package mappings; this way, QEMU can use the newer versions provided by CentOS 8 (Python 3.8) and OpenSUSE 15.3 (Python 3.9). Reviewed-by: Daniel P. Berrangé Signed-off-by: Paolo Bonzini (cherry picked from commit d639cf79783a1eba349b7705e0fb270fa76118a4) Signed-off-by: Michael Tokarev diff --git a/docs/devel/testing.rst b/docs/devel/testing.rst index 98c26ecf18..b4c99be195 100644 --- a/docs/devel/testing.rst +++ b/docs/devel/testing.rst @@ -473,6 +473,12 @@ thus some extra preparation steps will be required first the ``libvirt-ci`` submodule to point to a commit that contains the ``mappings.yml`` update. +For enterprise distros that default to old, end-of-life versions of the +Python runtime, QEMU uses a separate set of mappings that work with more +recent versions. These can be found in ``tests/lcitool/mappings.yml``. +Modifying this file should not be necessary unless the new pre-requisite +is a Python library or tool. + Adding new OS distros ^ diff --git a/tests/docker/dockerfiles/centos8.docker b/tests/docker/dockerfiles/centos8.docker index 1f70d41aeb..cc09402eb3 100644 --- a/tests/docker/dockerfiles/centos8.docker +++ b/tests/docker/dockerfiles/centos8.docker @@ -82,7 +82,6 @@ RUN dnf distro-sync -y && \ lzo-devel \ make \ mesa-libgbm-devel \ -meson \ ncurses-devel \ nettle-devel \ ninja-build \ @@ -95,13 +94,12 @@ RUN dnf distro-sync -y && \ pixman-devel \ pkgconfig \ pulseaudio-libs-devel \ -python3 \ -python3-PyYAML \ -python3-numpy \ -python3-pillow \ -python3-pip \ -python3-sphinx \ -python3-sphinx_rtd_theme \ +python38 \ +python38-PyYAML \ +python38-numpy \ +python38-pip \ +python38-setuptools \ +python38-wheel \ rdma-core-devel \ rpm \ sed \ @@ -130,8 +128,14 @@ RUN dnf distro-sync -y && \ ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/g++ && \ ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc +RUN /usr/bin/pip3.8 install \ +meson==0.63.2 \ +pillow \ +sphinx \ +sphinx-rtd-theme + ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers" ENV LANG "en_US.UTF-8" ENV MAKE "/usr/bin/make" ENV NINJA "/usr/bin/ninja" -ENV PYTHON "/usr/bin/python3" +ENV PYTHON "/usr/bin/python3.8" diff --git a/tests/docker/dockerfiles/opensuse-leap.docker b/tests/docker/dockerfiles/opensuse-leap.docker index 4361b01464..4f1191dc05 100644 --- a/tests/docker/dockerfiles/opensuse-leap.docker +++ b/tests/docker/dockerfiles/opensuse-leap.docker @@ -90,16 +90,9 @@ RUN zypper update -y && \ pcre-devel-static \ perl-base \ pkgconfig \ - python3-Pillow \ - python3-PyYAML \ - python3-Sphinx \ - python3-base \ - python3-numpy \ - python3-opencv \ - python3-pip \ - python3-setuptools \ - python3-sphinx_rtd_theme \ - python3-wheel \ + python39-base \ + python39-pip \ + python39-setuptools \ rdma-core-devel \ rpm \ sed \ @@ -131,10 +124,15 @@ RUN zypper update -y && \ ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/g++ && \ ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc -RUN /usr/bin/pip3 install meson==0.56.0 +RUN /usr/bin/pip3.9 install \ +PyYAML \ +meson==0.63.2 \ +pillow \ +sphinx \ +sphinx-rtd-theme ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers" ENV LANG "en_US.UTF-8" ENV MAKE "/usr/bin/make" ENV NINJA "/usr/bin/ninja" -ENV PYTHON "/usr/bin/python3" +ENV PYTHON "/usr/bin/python3.9" diff --git a/tests/docker/dockerfiles/ubuntu2004.docker b/tests/docker/dockerfiles/ubuntu2004.docker index 9417bca2fa..39c744eba9 100644 --- a/tests/docker/dockerfiles/ubuntu2004.docker +++ b/tests/docker/dockerfiles/ubuntu2004.docker @@ -140,7 +140,7 @@ RUN export DEBIAN_FRONTEND=noninteractive && \ ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/g++ && \ ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc -RUN /usr/bin/pip3 install meson==0.56.0 +RUN /usr/bin/pip3 install meson==0.63.2 ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers" ENV LANG "en_US.UTF-8" diff --git a/tests/lcitool/mappings.yml b/tests/lcitool/mappings.yml new file mode 100644 index 00..e4719e4551 --- /dev/nul
[Stable-7.2.13 00/17] Patch Round-up for stable 7.2.13, freeze on 2024-07-14
The following patches are queued for QEMU stable v7.2.13: https://gitlab.com/qemu-project/qemu/-/commits/staging-7.2 Patch freeze is 2024-07-14, and the release is planned for 2024-07-16: https://wiki.qemu.org/Planning/7.2 Please respond here or CC qemu-sta...@nongnu.org on any additional patches you think should (or shouldn't) be included in the release. The changes which are staging for inclusion, with the original commit hash from master branch, are given below the bottom line. Thanks! /mjt -- 01 3973615e7fba Mark Cave-Ayland: target/i386: fix size of EBP writeback in gen_enter() 02 2c3e4e2de699 Alexey Dobriyan: virtio-net: drop too short packets early 03 b1cf266c82cb Gerd Hoffmann: stdvga: fix screen blanking 04 54b27921026d Ilya Leoshkevich: linux-user: Make TARGET_NR_setgroups affect only the current thread 05 521d7fb3ebdf Richard Henderson: tcg/loongarch64: Fix tcg_out_movi vs some pcrel pointers 06 e030d08c2fc0 Thomas Huth: gitlab-ci.d/buildtest: Merge the --without-default-* jobs 07 0054dc8bde40 Marc-André Lureau: Update lcitool and fedora to 37 08 d639cf79783a Paolo Bonzini: ci, docker: update CentOS and OpenSUSE Python to non-EOL versions 09 641b1efe01b2 Thomas Huth: tests: Update our CI to use CentOS Stream 9 instead of 8 10 7c7d369b33f0 Alex Bennée: tests: don't run benchmarks for the tsan build 11 f51f90c65ed7 Thomas Huth: gitlab-ci: Disable the riscv64-debian-cross-container by default 12 903916f0a017 Chuang Xu: i386/cpu: fixup number of addressable IDs for processor cores in the physical package 13 76bccf3cb9d9 Richard Henderson: target/arm: Fix VCMLA Dd, Dn, Dm[idx] 14 bd385a5298d7 Kevin Wolf: qcow2: Don't open data_file with BDRV_O_NO_IO 15 2eb42a728d27 Kevin Wolf: iotests/244: Don't store data-file with protocol in image 16 7e1110664ecb Kevin Wolf: iotests/270: Don't store data-file with json: prefix in image 17 7ead94699861 Kevin Wolf: block: Parse filenames only when explicitly requested