Re: [PATCH v3 2/4] tests/acceptance: boot_linux_console: Add boot Linux with kvm tests

On Thu, Jan 23, 2020 at 07:47:19PM -0200, Wainer dos Santos Moschetta wrote: > > On 1/22/20 7:02 AM, Andrew Jones wrote: > > On Tue, Jan 21, 2020 at 10:27:51PM -0300, Wainer dos Santos Moschetta wrote: > > > +def test_aarch64_virt_kvm(self): > > > +""" > > > +:avocado: tags=arc

Re: [PATCH rc2 14/25] target/avr: Add section about AVR into QEMU documentation

On 24/01/2020 01.51, Philippe Mathieu-Daudé wrote: > From: Michael Rolnik > > Signed-off-by: Michael Rolnik > Message-Id: <20200118191416.19934-16-mrol...@gmail.com> > Signed-off-by: Richard Henderson > [PMD: Fixed typos] > Signed-off-by: Philippe Mathieu-Daudé > --- > rc2: Fixed typos, s/samp

Re: [PATCH rc2 00/25] target/avr merger

On 24/01/2020 01.51, Philippe Mathieu-Daudé wrote: > This is the AVR port from Michael release (merge) candidate 2. > > Since v1 [1]: > - Addressed Thomas comments > - Fixed a non-critical bug in ATmega (incorrect SRAM base address) > - Added ELF parsing requested by Aleksandar > - Dropped default

Re: [PATCH] tests/boot-serial-test: Allow the HPPA machine to shudown

On 23/01/2020 22.37, Philippe Mathieu-Daudé wrote: > On 1/23/20 7:29 PM, Philippe Mathieu-Daudé wrote: >> On 1/23/20 5:39 AM, Thomas Huth wrote: >>> On 23/01/2020 01.36, Philippe Mathieu-Daudé wrote: The boot-serial test uses SeaBIOS on HPPA, and expects to read the "SeaBIOS wants SYSTEM

Re: Making QEMU easier for management tools and applications

John Snow writes: > On 1/23/20 2:19 AM, Markus Armbruster wrote: [...] >> Any conventional parser can be made streaming by turning it into a >> coroutine. This is probably the simplest solution for handwritten >> streaming LL parsers, because it permits recursive descent. In Python, >> I'd try

Re: qemu-img convert vs writing another copy tool

"Richard W.M. Jones" writes: > On Thu, Jan 23, 2020 at 07:53:57PM +0100, Max Reitz wrote: >> On 23.01.20 19:35, Richard W.M. Jones wrote: >> > - NBD multi-conn. In my tests this makes a really massive >> >performance difference in certain situations. Again, virt-v2v has >> >a lot of in

Re: [Bug 1860553] Re: cmake crashes on qemu-alpha-user with Illegal Instruction

On 1/24/20 5:39 AM, Richard Henderson wrote: > # chroot $root > ... > # qemu-alpha-static -D logfile -d in_asm ./Bootstrap.cmk/cmake .. Last one seems to be a halt instruction: IN: 0x0040007fd988: halt Illegal instruction Full log in [1]. > [1] https://people.debian.org/

[Bug 1860553] Re: cmake crashes on qemu-alpha-user with Illegal Instruction

# chroot $root ... # qemu-alpha-static -D logfile -d in_asm ./Bootstrap.cmk/cmake .. -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1860553 Title: cmake crashes on qemu-alpha-user with Illegal Instr

[Bug 1860553] Re: cmake crashes on qemu-alpha-user with Illegal Instruction

Can someone remind me how I can print the disassembly in this case? root@epyc:~> qemu-alpha-static -cpu help Available CPUs: ev4-alpha-cpu ev5-alpha-cpu ev56-alpha-cpu ev6-alpha-cpu ev67-alpha-cpu ev68-alpha-cpu pca56-alpha-cpu root@epyc:~> export QEMU_CPU=ev68-alpha-cpu root@epyc:~>

[Bug 1860742] Re: xv6 Bootloop

** Description changed: Qemu Version: 4.2.0 - Launch command: + Launch command: qemu-system-x86_64 -nographic -drive file=fs.img,index=1,media=disk,format=raw -drive file=xv6.img,index=0,media=disk,format=raw -smp 2 -m 512 - How to reproduce? + How to reproduce? 1.) Use/install la

[Bug 1860742] [NEW] xv6 Bootloop

Public bug reported: Qemu Version: 4.2.0 Launch command: qemu-system-x86_64 -nographic -drive file=fs.img,index=1,media=disk,format=raw -drive file=xv6.img,index=0,media=disk,format=raw -smp 2 -m 512 How to reproduce? 1.) Use/install latest release of qemu (4.2.0 at time of writing) 2.) Do

Re: [PATCH] target/riscv: Disallow WFI instruction from U-mode

Haha, fair enough. I just copied that line from one of the other functions in that file, which all use the same style. The check is actually a bit worse than it looks because PRV_S is defined to be 1. Hence, the whole thing is equivalent to just writing `env->priv == PRV_U`. I can send out a new ve

Re: [PATCH v29 00/22] Add RX archtecture support

> > Chanegs for v20. > Reorderd patches. > Squashed v19 changes. > > Changes for v19. > Follow tcg changes. > Cleanup cpu.c. > simplify rx_cpu_class_by_name and rx_load_image move to rx-virt. > > My git repository is bellow. > git://git.pf.osdn.net/git

[PATCH] tcg: gdbstub: Fix missing breakpoint issue

When inserting breakpoints, we need to invalidate related TBs to apply helper call. This is done by breakpoint_invalidate(). But many users found the BPs sometimes never hit. In system mode emulation, the BPs are global in guest but not particular address space. The issue is that the current imple

Re: [PATCH rc2 00/25] target/avr merger

On Fri, Jan 24, 2020 at 1:51 AM Philippe Mathieu-Daudé wrote: > > This is the AVR port from Michael release (merge) candidate 2. > > Since v1 [1]: > - Addressed Thomas comments > - Fixed a non-critical bug in ATmega (incorrect SRAM base address) > - Added ELF parsing requested by Aleksandar > - Dr

[PATCH rc2 25/25] .travis.yml: Run the AVR acceptance tests

We have one test so far, and it is very fast: $ avocado --show=app run -t arch:avr tests/acceptance/ (1/1) tests/acceptance/machine_avr6.py:AVR6Machine.test_freertos: PASS (2.13 s) RESULTS: PASS 1 | ERROR 0 | FAIL 0 | SKIP 0 | WARN 0 | INTERRUPT 0 | CANCEL 0 JOB TIME : 2.30 s Sign

[PATCH rc2 24/25] tests/acceptance: Test the Arduino MEGA2560 board

From: Michael Rolnik The test is based on https://github.com/seharris/qemu-avr-tests/tree/master/free-rtos/Demo demo which. If working correctly, prints 'ABCDEFGHIJKLMNOPQRSTUVWX' out. it also demostrates that timer and IRQ are working As the path name demonstrates, the FreeRTOS tests target a b

[PATCH rc2 22/25] target/avr: Update build system

From: Michael Rolnik Make AVR support buildable Signed-off-by: Michael Rolnik Tested-by: Philippe Mathieu-Daudé Reviewed-by: Aleksandar Markovic Message-Id: <20200118191416.19934-19-mrol...@gmail.com> Signed-off-by: Richard Henderson --- configure | 7 +++ default

[PATCH rc2 23/25] tests/boot-serial-test: Test some Arduino boards (AVR based)

From: Michael Rolnik Print out 'T' through serial port The Arduino Duemilanove is based on a AVR5 CPU, while the Arduino MEGA2560 on a AVR6 CPU. Signed-off-by: Michael Rolnik Reviewed-by: Philippe Mathieu-Daudé Tested-by: Philippe Mathieu-Daudé Acked-by: Thomas Huth Signed-off-by: Philippe

[PATCH rc2 16/25] target/avr: Add machine none test

From: Michael Rolnik Signed-off-by: Michael Rolnik Tested-by: Philippe Mathieu-Daudé Reviewed-by: Aleksandar Markovic Message-Id: <20200118191416.19934-18-mrol...@gmail.com> Reviewed-by: Thomas Huth Signed-off-by: Richard Henderson --- tests/qtest/machine-none-test.c | 1 + 1 file changed,

[PATCH rc2 21/25] hw/avr: Add some Arduino boards

Arduino boards are build with AVR chipsets. Add some of the popular boards: - Arduino Duemilanove - Arduino Uno - Arduino Mega For more information: https://www.arduino.cc/en/Main/Products https://store.arduino.cc/arduino-genuino/most-popular Reviewed-by: Igor Mammedov Signed-off-by: Philip

[PATCH rc2 18/25] hw/core/loader: Let load_elf populate the processor-specific flags

One some architectures (like AVR) we can determine the cpu type by reading the ELF flags. Signed-off-by: Michael Rolnik Reviewed-by: Aleksandar Markovic Message-Id: <<20191218210329.1960-16-mrol...@gmail.com> [PMD: Extracted from bigger patch, Replaced 'uint32_t *pe_flags' by 'int proc_fla

[PATCH rc2 11/25] hw/char: Add limited support for Atmel USART peripheral

From: Michael Rolnik These were designed to facilitate testing but should provide enough function to be useful in other contexts. Only a subset of the functions of each peripheral is implemented, mainly due to the lack of a standard way to handle electrical connections (like GPIO pins). Signed-

[PATCH rc2 17/25] target/avr: Update MAINTAINERS file

From: Michael Rolnik Include AVR maintaners in MAINTAINERS file Signed-off-by: Michael Rolnik Message-Id: <20200118191416.19934-22-mrol...@gmail.com> Signed-off-by: Philippe Mathieu-Daudé [rth: Squash ordering fixes from f4bug] Signed-off-by: Richard Henderson --- rc2: Remove hw/misc/avr_mask

[PATCH rc2 12/25] hw/timer: Add limited support for Atmel 16 bit timer peripheral

From: Michael Rolnik These were designed to facilitate testing but should provide enough function to be useful in other contexts. Only a subset of the functions of each peripheral is implemented, mainly due to the lack of a standard way to handle electrical connections (like GPIO pins). Signed-

[PATCH rc2 06/25] target/avr: Add instruction translation - Data Transfer Instructions

From: Michael Rolnik This includes: - MOV, MOVW - LDI, LDS LDX LDY LDZ - LDDY, LDDZ - STS, STX STY STZ - STDY, STDZ - LPM, LPMX - ELPM, ELPMX - SPM, SPMX - IN, OUT - PUSH, POP - XCH - LAS, LAC LAT Signed-off-by: Michael Rolnik Tested-by: Philippe

[PATCH rc2 14/25] target/avr: Add section about AVR into QEMU documentation

From: Michael Rolnik Signed-off-by: Michael Rolnik Message-Id: <20200118191416.19934-16-mrol...@gmail.com> Signed-off-by: Richard Henderson [PMD: Fixed typos] Signed-off-by: Philippe Mathieu-Daudé --- rc2: Fixed typos, s/sample/Arduino/, removed -serial section (thuth) --- qemu-doc.texi | 51

[PATCH rc2 15/25] target/avr: Register AVR support with the rest of QEMU

From: Michael Rolnik Add AVR related definitions into QEMU Signed-off-by: Michael Rolnik Tested-by: Philippe Mathieu-Daudé Reviewed-by: Aleksandar Markovic Message-Id: <20200118191416.19934-17-mrol...@gmail.com> Signed-off-by: Richard Henderson --- qapi/machine.json | 3 ++- inclu

[PATCH rc2 20/25] hw/avr: Add some ATmega microcontrollers

Add some microcontrollers from the megaAVR family (ATmega series): - middle range: ATmega168 and ATmega328 - high range: ATmega1280 and ATmega2560 For product comparison: https://www.microchip.com/wwwproducts/ProductCompare/ATmega168P/ATmega328P https://www.microchip.com/wwwproducts/ProductCo

[PATCH rc2 09/25] target/avr: Add instruction translation - CPU main translation function

From: Michael Rolnik Co-developed-by: Richard Henderson Co-developed-by: Michael Rolnik Signed-off-by: Michael Rolnik Tested-by: Philippe Mathieu-Daudé Message-Id: <20200118191416.19934-10-mrol...@gmail.com> Signed-off-by: Richard Henderson --- target/avr/translate.c | 234

[PATCH rc2 19/25] hw/avr: Add helper to load raw/ELF firmware binaries

Add avr_load_firmware() function to load firmware in ELF or raw binary format. Suggested-by: Aleksandar Markovic Signed-off-by: Philippe Mathieu-Daudé --- hw/avr/boot.h| 33 include/elf.h| 2 ++ hw/avr/boot.c| 74

[PATCH rc2 07/25] target/avr: Add instruction translation - Bit and Bit-test Instructions

From: Michael Rolnik This includes: - LSR, ROR - ASR - SWAP - SBI, CBI - BST, BLD - BSET, BCLR Signed-off-by: Michael Rolnik Tested-by: Philippe Mathieu-Daudé Message-Id: <20200118191416.19934-8-mrol...@gmail.com> Signed-off-by: Richard Henderson --- target/avr/transl

[PATCH rc2 13/25] hw/misc: Add Atmel power device

From: Michael Rolnik This is a simple device of just one register, whenver this register is written it calls qemu_set_irq function for each of 8 bits/IRQs.. It is used to implement AVR Power Reduction Signed-off-by: Michael Rolnik Message-Id: <20200118191416.19934-14-mrol...@gmail.com> Signed-o

[PATCH rc2 05/25] target/avr: Add instruction translation - Branch Instructions

From: Michael Rolnik This includes: - RJMP, IJMP, EIJMP, JMP - RCALL, ICALL, EICALL, CALL - RET, RETI - CPSE, CP, CPC, CPI - SBRC, SBRS, SBIC, SBIS - BRBC, BRBS Signed-off-by: Michael Rolnik Tested-by: Philippe Mathieu-Daudé Message-Id: <20200118191416.19934-6-mrol...@g

[PATCH rc2 08/25] target/avr: Add instruction translation - MCU Control Instructions

From: Michael Rolnik This includes: - BREAK - NOP - SLEEP - WDR Signed-off-by: Michael Rolnik Message-Id: <20200118191416.19934-9-mrol...@gmail.com> Signed-off-by: Richard Henderson --- target/avr/translate.c | 68 ++ target/avr/insn.dec

[PATCH rc2 04/25] target/avr: Add instruction translation - Arithmetic and Logic Instructions

From: Michael Rolnik This includes: - ADD, ADC, ADIW - SBIW, SUB, SUBI, SBC, SBCI - AND, ANDI - OR, ORI, EOR - COM, NEG - INC, DEC - MUL, MULS, MULSU - FMUL, FMULS, FMULSU - DES Signed-off-by: Michael Rolnik Tested-by: Philippe Mathieu-Daudé Message-Id: <20200118191416.19934-5-mrol...@gmail.co

[PATCH rc2 10/25] target/avr: Add instruction disassembly function

From: Michael Rolnik Provide function disassembles executed instruction when `-d in_asm` is provided Example: `./avr-softmmu/qemu-system-avr -bios free-rtos/Demo/AVR_ATMega2560_GCC/demo.elf -d in_asm` will produce something like the following ``` ... IN: 0x014a: CALL 0x38

[PATCH rc2 03/25] target/avr: Add instruction translation - Registers definition

From: Michael Rolnik Signed-off-by: Michael Rolnik Reviewed-by: Philippe Mathieu-Daudé Tested-by: Philippe Mathieu-Daudé Message-Id: <20200118191416.19934-4-mrol...@gmail.com> Signed-off-by: Richard Henderson --- target/avr/translate.c | 171 + 1 file

[PATCH rc2 02/25] target/avr: Add instruction helpers

From: Michael Rolnik Stubs for unimplemented instructions and helpers for instructions that need to interact with QEMU. SPM and WDR are unimplemented because they require emulation of complex peripherals. The implementation of SLEEP is very limited due to the lack of peripherals to generate wak

[PATCH rc2 01/25] target/avr: Add outward facing interfaces and core CPU logic

From: Michael Rolnik This includes: - CPU data structures - object model classes and functions - migration functions - GDB hooks Co-developed-by: Michael Rolnik Co-developed-by: Sarah Harris Signed-off-by: Michael Rolnik Signed-off-by: Sarah Harris Signed-off-by: Michael Rolnik Acked-by: Ig

[PATCH rc2 00/25] target/avr merger

This is the AVR port from Michael release (merge) candidate 2. Since v1 [1]: - Addressed Thomas comments - Fixed a non-critical bug in ATmega (incorrect SRAM base address) - Added ELF parsing requested by Aleksandar - Dropped default machine (as with the ARM port) Change since rc1: $ git backpor

QEMU for aarch64 with plugins seems to fail basic consistency checks

I wrote a QEMU plugin for aarch64 where the insn and mem callbacks print out the specifics of the guest instructions as they are "executed". I expect this trace stream to be well behaved but it is not. By well-behaved, I expect memory insns print out some memory details, non-memory insns don't

Re: [PATCH rc1 14/24] target/avr: Add section about AVR into QEMU documentation

On Thu, Jan 23, 2020 at 5:57 AM Thomas Huth wrote: > On 23/01/2020 01.02, Richard Henderson wrote: > > From: Michael Rolnik > > > > Signed-off-by: Michael Rolnik > > Message-Id: <20200118191416.19934-16-mrol...@gmail.com> > > Signed-off-by: Richard Henderson > > --- > > qemu-doc.texi | 51

Re: [PATCH rc1 19/24] hw/avr: Add some ATmega microcontrollers

On Thu, Jan 23, 2020 at 1:17 AM Richard Henderson wrote: > > From: Philippe Mathieu-Daudé > > Add some microcontrollers from the megaAVR family (ATmega series): > > - middle range: ATmega168 and ATmega328 > - high range: ATmega1280 and ATmega2560 > > For product comparison: > https://www.microc

Re: [PATCH] target/riscv: Disallow WFI instruction from U-mode

On 1/23/20 9:52 AM, Jonathan Behrens wrote: > +if (!(env->priv >= PRV_S) || For integers, !(x >= y) is a poor way to write x < y. r~

Re: [PULL v2 00/59] Misc (x86 and QOM) patches for 2020-01-23

On 1/23/20 9:20 AM, Paolo Bonzini wrote: > Il gio 23 gen 2020, 19:43 Peter Maydell > ha scritto: > When I try to build-test this merge, the clang sanitizer > build seems to fail whenever it tries to link anything: > (configure args '--cc=clang' '--cxx=c

[PATCH 4/5] target/s390x: Move DisasFields into DisasContext

I believe that the separate allocation of DisasFields from DisasContext was meant to limit the places from which we could access fields. But that plan did not go unchanged, and since DisasContext contains a pointer to fields, the substructure is accessible everywhere. By allocating the substructu

[PATCH 1/5] target/s390x: Move struct DisasFields definition earlier

We will want to include the struct in DisasContext. Signed-off-by: Richard Henderson --- target/s390x/translate.c | 164 --- 1 file changed, 83 insertions(+), 81 deletions(-) diff --git a/target/s390x/translate.c b/target/s390x/translate.c index b764ec3140..7

[PATCH 2/5] target/s390x: Remove DisasFields argument from callbacks

The DisasFields data is available from DisasContext. We do not need to pass a separate argument. Signed-off-by: Richard Henderson --- target/s390x/translate.c | 417 --- 1 file changed, 210 insertions(+), 207 deletions(-) diff --git a/target/s390x/translate.c

[PATCH 3/5] target/s390x: Pass DisasContext to get_field and have_field

All callers pass s->fields, so we might as well pass s directly. Signed-off-by: Richard Henderson --- target/s390x/translate.c| 534 ++-- target/s390x/translate_vx.inc.c | 609 2 files changed, 569 insertions(+), 574 deletions(-)

[PATCH 5/5] target/s390x: Remove DisasFields argument from extract_insn

The separate pointer is now redundant. Signed-off-by: Richard Henderson --- target/s390x/translate.c | 19 --- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/target/s390x/translate.c b/target/s390x/translate.c index 3674fee10c..0bd2073718 100644 --- a/target/s390x

[PATCH 0/5] target/s390x: Do not leak stack address in translate_one

Thomas' patch avoids the leak, but I think we can do a bit more to cleaning in this area, and move the structure inline to DisasContext. r~ Richard Henderson (5): target/s390x: Move struct DisasFields definition earlier target/s390x: Remove DisasFields argument from callbacks target/s390x

Re: [PATCH v2 5/5] iotests: Add test for image creation fallback

On Wed, 2020-01-22 at 17:45 +0100, Max Reitz wrote: > Signed-off-by: Max Reitz > --- > tests/qemu-iotests/259 | 61 ++ > tests/qemu-iotests/259.out | 14 + > tests/qemu-iotests/group | 1 + > 3 files changed, 76 insertions(+) > create mode 10075

Re: [PATCH] iscsi: Cap block count from GET LBA STATUS (CVE-2020-1711)

> Am 23.01.2020 um 22:29 schrieb Felipe Franciosi : > > Hi, > >> On Jan 23, 2020, at 5:46 PM, Philippe Mathieu-Daudé >> wrote: >> >>> On 1/23/20 1:44 PM, Felipe Franciosi wrote: >>> When querying an iSCSI server for the provisioning status of blocks (via >>> GET LBA STATUS), Qemu only vali

Re: [PATCH v2 2/5] block: Generic file creation fallback

On Wed, 2020-01-22 at 17:45 +0100, Max Reitz wrote: > If a protocol driver does not support image creation, we can see whether > maybe the file exists already. If so, just truncating it will be > sufficient. > > Signed-off-by: Max Reitz > --- > block.c | 159

Re: [PATCH v2 1/5] block/nbd: Fix hang in .bdrv_close()

On Wed, 2020-01-22 at 17:45 +0100, Max Reitz wrote: > When nbd_close() is called from a coroutine, the connection_co never > gets to run, and thus nbd_teardown_connection() hangs. > > This is because aio_co_enter() only puts the connection_co into the main > coroutine's wake-up queue, so this main

Re: [PATCH] iscsi: Don't access non-existent scsi_lba_status_descriptor

Am 23.01.2020 um 21:38 schrieb John Snow : > >  > >> On 1/23/20 12:05 PM, Kevin Wolf wrote: >> In iscsi_co_block_status(), we may have received num_descriptors == 0 >> from the iscsi server. Therefore, we can't unconditionally access >> lbas->descriptors[0]. Add the missing check. >> >> Signed-

Re: [PATCH REPOST v3 16/80] arm/kzm: drop RAM size fixup

Igor> If the user provided too large a RAM size, the code used to Igor> complain and trim it to the max size. Now tht RAM is allocated by Igor> generic code, that's no longer possible, so generate an error and Igor> exit instead. You can add my 'reviewed-by' to this. There's one really minor ty

[PULL v2 07/11] hppa: Add emulation of Artist graphics

From: Sven Schnelle This adds emulation of Artist graphics good enough to get a text console on both Linux and HP-UX. The X11 server from HP-UX also works. Adjust boot-serial-test to disable graphics, so that SeaBIOS outputs to the serial port, as expected by the test. Signed-off-by: Sven Schne

[PULL v2 00/11] target/hppa patch queue

Change since v1: * Incorporate Phil's -vga none fix for boot-serial-test (patch 7). r~ The following changes since commit 6918ab2570bcf942651e69f7ad975e137679738b: Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20200123-4' into staging (2020-01-23

[Bug 1859713] Re: ARM v8.3a pauth not working

Now upstream as commit de0b1bae6461f67243282555475f88b2384a1eb9. ** Changed in: qemu Status: Confirmed => Fix Committed -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1859713 Title: ARM v8.3

Re: [PATCH v3 2/4] tests/acceptance: boot_linux_console: Add boot Linux with kvm tests

On 1/22/20 7:02 AM, Andrew Jones wrote: On Tue, Jan 21, 2020 at 10:27:51PM -0300, Wainer dos Santos Moschetta wrote: +def test_aarch64_virt_kvm(self): +""" +:avocado: tags=arch:aarch64 +:avocado: tags=machine:virt +:avocado: tags=accel:kvm +""" +

Re: [PATCH] tests/boot-serial-test: Allow the HPPA machine to shudown

On 1/23/20 7:29 PM, Philippe Mathieu-Daudé wrote: On 1/23/20 5:39 AM, Thomas Huth wrote: On 23/01/2020 01.36, Philippe Mathieu-Daudé wrote: The boot-serial test uses SeaBIOS on HPPA, and expects to read the "SeaBIOS wants SYSTEM HALT" string, see [*]:   122 void __VISIBLE __noreturn hlt(void)

Re: [PATCH] iscsi: Cap block count from GET LBA STATUS (CVE-2020-1711)

Hi, > On Jan 23, 2020, at 5:46 PM, Philippe Mathieu-Daudé wrote: > > On 1/23/20 1:44 PM, Felipe Franciosi wrote: >> When querying an iSCSI server for the provisioning status of blocks (via >> GET LBA STATUS), Qemu only validates that the response descriptor zero's >> LBA matches the one requeste

Re: Maintainers, please add Message-Id: when merging patches

On 01/23/20 18:18, Kevin Wolf wrote: > Am 22.01.2020 um 13:28 hat Kevin Wolf geschrieben: >> Am 22.01.2020 um 13:02 hat Stefan Hajnoczi geschrieben: >>> Around 66% of qemu.git commits since v4.1.0 include a Message-Id: tag. >>> Hooray! >>> >>> Message-Id: references the patch email that a commit

Re: [PATCH] iscsi: Don't access non-existent scsi_lba_status_descriptor

On 1/23/20 6:05 PM, Kevin Wolf wrote: In iscsi_co_block_status(), we may have received num_descriptors == 0 from the iscsi server. Therefore, we can't unconditionally access lbas->descriptors[0]. Add the missing check. Signed-off-by: Kevin Wolf --- block/iscsi.c | 2 +- 1 file changed, 1 ins

Re: [PATCH] iscsi: Don't access non-existent scsi_lba_status_descriptor

> On Jan 23, 2020, at 8:37 PM, John Snow wrote: > > > > On 1/23/20 12:05 PM, Kevin Wolf wrote: >> In iscsi_co_block_status(), we may have received num_descriptors == 0 >> from the iscsi server. Therefore, we can't unconditionally access >> lbas->descriptors[0]. Add the missing check. >> >>

Re: Making QEMU easier for management tools and applications

On 1/23/20 2:01 PM, Daniel P. Berrangé wrote: > On Thu, Jan 23, 2020 at 12:58:45PM -0500, John Snow wrote: >> Yes, I agree: Scrap and start over. >> >> What SHOULD the syntax look like, though? Clearly the idea of qmp-shell >> is that it offers a convenient way to enter the top-level keys of the

Re: [PATCH] iscsi: Don't access non-existent scsi_lba_status_descriptor

> On Jan 23, 2020, at 5:05 PM, Kevin Wolf wrote: > > In iscsi_co_block_status(), we may have received num_descriptors == 0 > from the iscsi server. Therefore, we can't unconditionally access > lbas->descriptors[0]. Add the missing check. > > Signed-off-by: Kevin Wolf > --- > block/iscsi.c |

Re: [PATCH] iscsi: Don't access non-existent scsi_lba_status_descriptor

On 1/23/20 12:05 PM, Kevin Wolf wrote: > In iscsi_co_block_status(), we may have received num_descriptors == 0 > from the iscsi server. Therefore, we can't unconditionally access > lbas->descriptors[0]. Add the missing check. > > Signed-off-by: Kevin Wolf > --- > block/iscsi.c | 2 +- > 1 fil

Re: Making QEMU easier for management tools and applications

On Thu, Jan 23, 2020 at 12:58:45PM -0500, John Snow wrote: > Yes, I agree: Scrap and start over. > > What SHOULD the syntax look like, though? Clearly the idea of qmp-shell > is that it offers a convenient way to enter the top-level keys of the > arguments dict. This works absolutely fine right up

Re: [Qemu-devel] [PATCH v5 1/6] machine: Convert the valid cpu types to use cpu_model

On 6/20/19 4:43 PM, Eduardo Habkost wrote: On Thu, Jun 20, 2019 at 11:02:39AM +0200, Igor Mammedov wrote: On Tue, 18 Jun 2019 10:55:16 -0300 Eduardo Habkost wrote: On Tue, Jun 18, 2019 at 01:34:10PM +0200, Igor Mammedov wrote: On Mon, 17 Jun 2019 13:27:00 -0300 Eduardo Habkost wrote: O

Re: Making QEMU easier for management tools and applications

On 1/23/20 2:19 AM, Markus Armbruster wrote: > John Snow writes: > >> On 12/24/19 8:41 AM, Daniel P. Berrangé wrote: * scripts/qmp/qmp-shell Half-hearted attempt at a human-friendly wrapper around the JSON syntax. I have no use for this myself. >>> I use this fairly of

Re: Maintainers, please add Message-Id: when merging patches

Am 22.01.2020 um 13:28 hat Kevin Wolf geschrieben: > Am 22.01.2020 um 13:02 hat Stefan Hajnoczi geschrieben: > > Around 66% of qemu.git commits since v4.1.0 include a Message-Id: tag. > > Hooray! > > > > Message-Id: references the patch email that a commit was merged from. > > This information i

Re: [PATCH rc1 18/24] hw/avr: Introduce ATMEL_ATMEGA_MCU config

On 1/23/20 6:04 AM, Thomas Huth wrote: On 23/01/2020 01.03, Richard Henderson wrote: From: Philippe Mathieu-Daudé Signed-off-by: Philippe Mathieu-Daudé Message-Id: <20200120220107.17825-13-f4...@amsat.org> Signed-off-by: Richard Henderson --- hw/avr/Kconfig | 5 + 1 file changed, 5 in

[PULL 107/108] virtiofsd: stop all queue threads on exit in virtio_loop()

From: Eryu Guan On guest graceful shutdown, virtiofsd receives VHOST_USER_GET_VRING_BASE request from VMM and shuts down virtqueues by calling fv_set_started(), which joins fv_queue_thread() threads. So when virtio_loop() returns, there should be no thread is still accessing data in fuse session

[PULL 106/108] virtiofsd/passthrough_ll: Pass errno to fuse_reply_err()

From: Xiao Yang lo_copy_file_range() passes -errno to fuse_reply_err() and then fuse_reply_err() changes it to errno again, so that subsequent fuse_send_reply_iov_nofree() catches the wrong errno.(i.e. reports "fuse: bad error value: ..."). Make fuse_send_reply_iov_nofree() accept the correct -

[PULL 101/108] virtiofsd: process requests in a thread pool

From: Stefan Hajnoczi Introduce a thread pool so that fv_queue_thread() just pops VuVirtqElements and hands them to the thread pool. For the time being only one worker thread is allowed since passthrough_ll.c is not thread-safe yet. Future patches will lift this restriction so that multiple FUS

[PULL 093/108] virtiofsd: introduce inode refcount to prevent use-after-free

From: Stefan Hajnoczi If thread A is using an inode it must not be deleted by thread B when processing a FUSE_FORGET request. The FUSE protocol itself already has a counter called nlookup that is used in FUSE_FORGET messages. We cannot trust this counter since the untrusted client can manipulat

[PULL 098/108] virtiofsd: passthrough_ll: Use cache_readdir for directory open

From: Misono Tomohiro Since keep_cache(FOPEN_KEEP_CACHE) has no effect for directory as described in fuse_common.h, use cache_readdir(FOPNE_CACHE_DIR) for diretory open when cache=always mode. Signed-off-by: Misono Tomohiro Signed-off-by: Dr. David Alan Gilbert --- tools/virtiofsd/passthrough

[PULL 097/108] virtiofsd: Fix data corruption with O_APPEND write in writeback mode

From: Misono Tomohiro When writeback mode is enabled (-o writeback), O_APPEND handling is done in kernel. Therefore virtiofsd clears O_APPEND flag when open. Otherwise O_APPEND flag takes precedence over pwrite() and write data may corrupt. Currently clearing O_APPEND flag is done in lo_open(),

[PULL 096/108] virtiofsd: Reset O_DIRECT flag during file open

From: Vivek Goyal If an application wants to do direct IO and opens a file with O_DIRECT in guest, that does not necessarily mean that we need to bypass page cache on host as well. So reset this flag on host. If somebody needs to bypass page cache on host as well (and it is safe to do so), we ca

[PULL 094/108] virtiofsd: do not always set FUSE_FLOCK_LOCKS

From: Peng Tao Right now we always enable it regardless of given commandlines. Fix it by setting the flag relying on the lo->flock bit. Signed-off-by: Peng Tao Reviewed-by: Misono Tomohiro Reviewed-by: Sergio Lopez Signed-off-by: Dr. David Alan Gilbert --- tools/virtiofsd/passthrough_ll.c |

[PULL 091/108] libvhost-user: Fix some memtable remap cases

From: "Dr. David Alan Gilbert" If a new setmemtable command comes in once the vhost threads are running, it will remap the guests address space and the threads will now be looking in the wrong place. Fortunately we're running this command under lock, so we can update the queue mappings so that t

[PULL 090/108] virtiofsd: rename inode->refcount to inode->nlookup

From: Stefan Hajnoczi This reference counter plays a specific role in the FUSE protocol. It's not a generic object reference counter and the FUSE kernel code calls it "nlookup". Signed-off-by: Stefan Hajnoczi Reviewed-by: Philippe Mathieu-Daudé Signed-off-by: Dr. David Alan Gilbert --- tool

Re: GraphViz extension on QEMU Wiki

Hey Jeff, Can you have a quick look at this, at least to see if it is doable? On 1/2/20 4:27 PM, Philippe Mathieu-Daudé wrote: On 1/2/20 4:09 PM, Stefan Hajnoczi wrote: On Thu, Dec 26, 2019 at 07:05:04PM +0100, Philippe Mathieu-Daudé wrote: I'm not sure who is responsible of this... Jeff ma

Re: [qemu-web PATCH v2] Add "Security Process" information to the main website

On 1/23/20 11:11 AM, Thomas Huth wrote: One reporter of a security issue recently complained that it might not be the best idea to store our "Security Process" in the Wiki. Well, while the page in the Wiki is protected (so that only some few people can edit it), it is still possible that someone

[PULL 088/108] virtiofsd: make lo_release() atomic

From: Stefan Hajnoczi Hold the lock across both lo_map_get() and lo_map_remove() to prevent races between two FUSE_RELEASE requests. In this case I don't see a serious bug but it's safer to do things atomically. Signed-off-by: Stefan Hajnoczi Reviewed-by: Daniel P. Berrangé Signed-off-by: Dr.

Re: [PULL 000/108] virtiofs queue

* Dr. David Alan Gilbert (git) (dgilb...@redhat.com) wrote: > From: "Dr. David Alan Gilbert" > > The following changes since commit b7c359c748a2e3ccb97a184b9739feb2cd48de2f: > > Merge remote-tracking branch > 'remotes/vivier2/tags/linux-user-for-5.0-pull-request' into staging > (2020-01-23 1

[PULL 087/108] virtiofsd: prevent fv_queue_thread() vs virtio_loop() races

From: Stefan Hajnoczi We call into libvhost-user from the virtqueue handler thread and the vhost-user message processing thread without a lock. There is nothing protecting the virtqueue handler thread if the vhost-user message processing thread changes the virtqueue or memory table while it is r

Re: [PATCH] tests/boot-serial-test: Allow the HPPA machine to shudown

On 1/23/20 5:39 AM, Thomas Huth wrote: On 23/01/2020 01.36, Philippe Mathieu-Daudé wrote: The boot-serial test uses SeaBIOS on HPPA, and expects to read the "SeaBIOS wants SYSTEM HALT" string, see [*]: 122 void __VISIBLE __noreturn hlt(void) 123 { 124 if (pdc_debug) 125 p

[PULL 086/108] virtiofsd: use fuse_lowlevel_is_virtio() in fuse_session_destroy()

From: Stefan Hajnoczi vu_socket_path is NULL when --fd=FDNUM was used. Use fuse_lowlevel_is_virtio() instead. Signed-off-by: Stefan Hajnoczi Reviewed-by: Daniel P. Berrangé Signed-off-by: Dr. David Alan Gilbert --- tools/virtiofsd/fuse_lowlevel.c | 7 --- 1 file changed, 4 insertions(+)

Re: [PATCH 0/6] Fix more GCC9 -O3 warnings

Philippe Mathieu-Daudé writes: > On 1/23/20 12:28 PM, Alex Bennée wrote: >> Philippe Mathieu-Daudé writes: >> >>> On 12/17/19 6:32 PM, Philippe Mathieu-Daudé wrote: Fix some trivial warnings when building with -O3. Philippe Mathieu-Daudé (6): audio/audio: Add missing fall t

[PULL 084/108] Virtiofsd: fix memory leak on fuse queueinfo

From: Liu Bo For fuse's queueinfo, both queueinfo array and queueinfos are allocated in fv_queue_set_started() but not cleaned up when the daemon process quits. This fixes the leak in proper places. Signed-off-by: Liu Bo Signed-off-by: Eric Ren Reviewed-by: Misono Tomohiro Signed-off-by: Dr.

Re: qemu-img convert vs writing another copy tool

On 1/23/20 12:35 PM, Richard W.M. Jones wrote: I guess some people are aware that virt-v2v, which is a tool which converts guests from VMware to run on KVM, and some other OpenStack-OpenStack migration tools we have, use "qemu-img convert" to copy the data around. Historically we've had bugs her

[PULL 080/108] virtiofsd: add helper for lo_data cleanup

From: Liu Bo This offers an helper function for lo_data's cleanup. Signed-off-by: Liu Bo Reviewed-by: Daniel P. Berrangé Signed-off-by: Dr. David Alan Gilbert --- tools/virtiofsd/passthrough_ll.c | 37 ++-- 1 file changed, 21 insertions(+), 16 deletions(-) diff -

Re: qemu-img convert vs writing another copy tool

On Thu, Jan 23, 2020 at 07:53:57PM +0100, Max Reitz wrote: > On 23.01.20 19:35, Richard W.M. Jones wrote: > > - NBD multi-conn. In my tests this makes a really massive > >performance difference in certain situations. Again, virt-v2v has > >a lot of information that we cannot pass to qemu

[PULL 074/108] virtiofsd: passthrough_ll: use hashtable

From: Miklos Szeredi Improve performance of inode lookup by using a hash table. Signed-off-by: Miklos Szeredi Signed-off-by: Dr. David Alan Gilbert Signed-off-by: Liu Bo Reviewed-by: Daniel P. Berrangé Signed-off-by: Dr. David Alan Gilbert --- tools/virtiofsd/passthrough_ll.c | 81

Re: [PATCH 0/6] Fix more GCC9 -O3 warnings

On 1/23/20 12:28 PM, Alex Bennée wrote: Philippe Mathieu-Daudé writes: On 12/17/19 6:32 PM, Philippe Mathieu-Daudé wrote: Fix some trivial warnings when building with -O3. Philippe Mathieu-Daudé (6): audio/audio: Add missing fall through comment hw/display/tcx: Add missing fall throug

[PULL 067/108] virtiofsd: passthrough_ll: add renameat2 support

From: Miklos Szeredi Signed-off-by: Miklos Szeredi Signed-off-by: Dr. David Alan Gilbert --- tools/virtiofsd/passthrough_ll.c | 10 ++ 1 file changed, 10 insertions(+) diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c index 98114a3f4a..18d69abcbc 100644

  1   2   3   4   5   6   7   8   >