diff options
| -rw-r--r-- | Makefile | 2 | ||||
| -rw-r--r-- | block/nbd-client.c | 37 | ||||
| -rwxr-xr-x | configure | 3 | ||||
| -rw-r--r-- | crypto/cipher.c | 5 | ||||
| -rw-r--r-- | crypto/hash.c | 13 | ||||
| -rw-r--r-- | crypto/hmac.c | 4 | ||||
| -rw-r--r-- | disas.c | 96 | ||||
| -rw-r--r-- | hw/display/sm501.c | 2 | ||||
| -rw-r--r-- | hw/display/vga.c | 4 | ||||
| -rw-r--r-- | hw/display/virtio-gpu.c | 16 | ||||
| -rw-r--r-- | hw/display/vmware_vga.c | 5 | ||||
| -rw-r--r-- | hw/ppc/e500.c | 32 | ||||
| -rw-r--r-- | hw/s390x/s390-pci-bus.c | 2 | ||||
| -rw-r--r-- | include/block/nbd.h | 18 | ||||
| -rw-r--r-- | include/disas/bfd.h | 2 | ||||
| -rw-r--r-- | nbd/client.c | 4 | ||||
| -rw-r--r-- | nbd/server.c | 26 | ||||
| -rw-r--r-- | nbd/trace-events | 3 | ||||
| -rw-r--r-- | slirp/tcp_subr.c | 11 | ||||
| -rw-r--r-- | target/arm/cpu.c | 6 | ||||
| -rw-r--r-- | target/i386/cpu.c | 2 | ||||
| -rw-r--r-- | target/ppc/compat.c | 2 | ||||
| -rw-r--r-- | target/s390x/translate.c | 9 | ||||
| -rw-r--r-- | tests/docker/Makefile.include | 2 | ||||
| -rwxr-xr-x | tests/docker/docker.py | 24 | ||||
| -rwxr-xr-x | tests/qemu-iotests/058 | 8 | ||||
| -rwxr-xr-x | tests/qemu-iotests/140 | 4 | ||||
| -rwxr-xr-x | tests/qemu-iotests/147 | 1 | ||||
| -rw-r--r-- | tests/test-aio-multithread.c | 5 | ||||
| -rw-r--r-- | tests/test-crypto-block.c | 3 | ||||
| -rw-r--r-- | util/async.c | 2 |
31 files changed, 260 insertions, 93 deletions
@@ -405,7 +405,7 @@ CAP_CFLAGS += -DCAPSTONE_HAS_POWERPC CAP_CFLAGS += -DCAPSTONE_HAS_X86 subdir-capstone: .git-submodule-status - $(call quiet-command,$(MAKE) -C $(SRC_PATH)/capstone CAPSTONE_SHARED=no BUILDDIR="$(BUILD_DIR)/capstone" CC="$(CC)" AR="$(AR)" LD="$(LD)" CFLAGS="$(CAP_CFLAGS)" $(SUBDIR_MAKEFLAGS) $(BUILD_DIR)/capstone/$(LIBCAPSTONE)) + $(call quiet-command,$(MAKE) -C $(SRC_PATH)/capstone CAPSTONE_SHARED=no BUILDDIR="$(BUILD_DIR)/capstone" CC="$(CC)" AR="$(AR)" LD="$(LD)" RANLIB="$(RANLIB)" CFLAGS="$(CAP_CFLAGS)" $(SUBDIR_MAKEFLAGS) $(BUILD_DIR)/capstone/$(LIBCAPSTONE)) $(SUBDIR_RULES): libqemuutil.a $(common-obj-y) $(chardev-obj-y) \ $(qom-obj-y) $(crypto-aes-obj-$(CONFIG_USER_ONLY)) diff --git a/block/nbd-client.c b/block/nbd-client.c index b44d4d4a01..bcfed0133d 100644 --- a/block/nbd-client.c +++ b/block/nbd-client.c @@ -216,7 +216,7 @@ static int nbd_parse_offset_hole_payload(NBDStructuredReplyChunk *chunk, offset = payload_advance64(&payload); hole_size = payload_advance32(&payload); - if (offset < orig_offset || hole_size > qiov->size || + if (!hole_size || offset < orig_offset || hole_size > qiov->size || offset > orig_offset + qiov->size - hole_size) { error_setg(errp, "Protocol error: server sent chunk exceeding requested" " region"); @@ -248,7 +248,7 @@ static int nbd_parse_error_payload(NBDStructuredReplyChunk *chunk, error = nbd_errno_to_system_errno(payload_advance32(&payload)); if (error == 0) { - error_setg(errp, "Protocol error: server sent structured error chunk" + error_setg(errp, "Protocol error: server sent structured error chunk " "with error = 0"); return -EINVAL; } @@ -257,7 +257,7 @@ static int nbd_parse_error_payload(NBDStructuredReplyChunk *chunk, message_size = payload_advance16(&payload); if (message_size > chunk->length - sizeof(error) - sizeof(message_size)) { - error_setg(errp, "Protocol error: server sent structured error chunk" + error_setg(errp, "Protocol error: server sent structured error chunk " "with incorrect message size"); return -EINVAL; } @@ -281,7 +281,8 @@ static int nbd_co_receive_offset_data_payload(NBDClientSession *s, assert(nbd_reply_is_structured(&s->reply)); - if (chunk->length < sizeof(offset)) { + /* The NBD spec requires at least one byte of payload */ + if (chunk->length <= sizeof(offset)) { error_setg(errp, "Protocol error: invalid payload for " "NBD_REPLY_TYPE_OFFSET_DATA"); return -EINVAL; @@ -293,6 +294,7 @@ static int nbd_co_receive_offset_data_payload(NBDClientSession *s, be64_to_cpus(&offset); data_size = chunk->length - sizeof(offset); + assert(data_size); if (offset < orig_offset || data_size > qiov->size || offset > orig_offset + qiov->size - data_size) { error_setg(errp, "Protocol error: server sent chunk exceeding requested" @@ -408,7 +410,12 @@ static coroutine_fn int nbd_co_do_receive_one_chunk( if (chunk->type == NBD_REPLY_TYPE_NONE) { if (!(chunk->flags & NBD_REPLY_FLAG_DONE)) { error_setg(errp, "Protocol error: NBD_REPLY_TYPE_NONE chunk without" - "NBD_REPLY_FLAG_DONE flag set"); + " NBD_REPLY_FLAG_DONE flag set"); + return -EINVAL; + } + if (chunk->length) { + error_setg(errp, "Protocol error: NBD_REPLY_TYPE_NONE chunk with" + " nonzero length"); return -EINVAL; } return 0; @@ -674,6 +681,9 @@ int nbd_client_co_preadv(BlockDriverState *bs, uint64_t offset, assert(bytes <= NBD_MAX_BUFFER_SIZE); assert(!flags); + if (!bytes) { + return 0; + } ret = nbd_co_send_request(bs, &request, NULL); if (ret < 0) { return ret; @@ -697,6 +707,7 @@ int nbd_client_co_pwritev(BlockDriverState *bs, uint64_t offset, .len = bytes, }; + assert(!(client->info.flags & NBD_FLAG_READ_ONLY)); if (flags & BDRV_REQ_FUA) { assert(client->info.flags & NBD_FLAG_SEND_FUA); request.flags |= NBD_CMD_FLAG_FUA; @@ -704,6 +715,9 @@ int nbd_client_co_pwritev(BlockDriverState *bs, uint64_t offset, assert(bytes <= NBD_MAX_BUFFER_SIZE); + if (!bytes) { + return 0; + } return nbd_co_request(bs, &request, qiov); } @@ -717,6 +731,7 @@ int nbd_client_co_pwrite_zeroes(BlockDriverState *bs, int64_t offset, .len = bytes, }; + assert(!(client->info.flags & NBD_FLAG_READ_ONLY)); if (!(client->info.flags & NBD_FLAG_SEND_WRITE_ZEROES)) { return -ENOTSUP; } @@ -729,6 +744,9 @@ int nbd_client_co_pwrite_zeroes(BlockDriverState *bs, int64_t offset, request.flags |= NBD_CMD_FLAG_NO_HOLE; } + if (!bytes) { + return 0; + } return nbd_co_request(bs, &request, NULL); } @@ -756,7 +774,8 @@ int nbd_client_co_pdiscard(BlockDriverState *bs, int64_t offset, int bytes) .len = bytes, }; - if (!(client->info.flags & NBD_FLAG_SEND_TRIM)) { + assert(!(client->info.flags & NBD_FLAG_READ_ONLY)); + if (!(client->info.flags & NBD_FLAG_SEND_TRIM) || !bytes) { return 0; } @@ -814,6 +833,12 @@ int nbd_client_init(BlockDriverState *bs, logout("Failed to negotiate with the NBD server\n"); return ret; } + if (client->info.flags & NBD_FLAG_READ_ONLY && + !bdrv_is_read_only(bs)) { + error_setg(errp, + "request for write access conflicts with read-only export"); + return -EACCES; + } if (client->info.flags & NBD_FLAG_SEND_FUA) { bs->supported_write_flags = BDRV_REQ_FUA; bs->supported_zero_flags |= BDRV_REQ_FUA; @@ -482,6 +482,7 @@ ccas="${CCAS-$cc}" cpp="${CPP-$cc -E}" objcopy="${OBJCOPY-${cross_prefix}objcopy}" ld="${LD-${cross_prefix}ld}" +ranlib="${RANLIB-${cross_prefix}ranlib}" nm="${NM-${cross_prefix}nm}" strip="${STRIP-${cross_prefix}strip}" windres="${WINDRES-${cross_prefix}windres}" @@ -6288,6 +6289,7 @@ echo "CCAS=$ccas" >> $config_host_mak echo "CPP=$cpp" >> $config_host_mak echo "OBJCOPY=$objcopy" >> $config_host_mak echo "LD=$ld" >> $config_host_mak +echo "RANLIB=$ranlib" >> $config_host_mak echo "NM=$nm" >> $config_host_mak echo "WINDRES=$windres" >> $config_host_mak echo "CFLAGS=$CFLAGS" >> $config_host_mak @@ -6782,6 +6784,7 @@ for rom in seabios vgabios ; do echo "OBJCOPY=objcopy" >> $config_mak echo "IASL=$iasl" >> $config_mak echo "LD=$ld" >> $config_mak + echo "RANLIB=$ranlib" >> $config_mak done # set up tests data directory diff --git a/crypto/cipher.c b/crypto/cipher.c index 0aad9d6d79..bcbfb3d5b8 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -164,11 +164,10 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, { QCryptoCipher *cipher; void *ctx = NULL; - Error *err2 = NULL; QCryptoCipherDriver *drv = NULL; #ifdef CONFIG_AF_ALG - ctx = qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, &err2); + ctx = qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, NULL); if (ctx) { drv = &qcrypto_cipher_afalg_driver; } @@ -177,12 +176,10 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, if (!ctx) { ctx = qcrypto_cipher_ctx_new(alg, mode, key, nkey, errp); if (!ctx) { - error_free(err2); return NULL; } drv = &qcrypto_cipher_lib_driver; - error_free(err2); } cipher = g_new0(QCryptoCipher, 1); diff --git a/crypto/hash.c b/crypto/hash.c index ac59c63d5f..8dab25d9ea 100644 --- a/crypto/hash.c +++ b/crypto/hash.c @@ -48,19 +48,16 @@ int qcrypto_hash_bytesv(QCryptoHashAlgorithm alg, { #ifdef CONFIG_AF_ALG int ret; - + /* + * TODO: + * Maybe we should treat some afalg errors as fatal + */ ret = qcrypto_hash_afalg_driver.hash_bytesv(alg, iov, niov, result, resultlen, - errp); + NULL); if (ret == 0) { return ret; } - - /* - * TODO: - * Maybe we should treat some afalg errors as fatal - */ - error_free(*errp); #endif return qcrypto_hash_lib_driver.hash_bytesv(alg, iov, niov, diff --git a/crypto/hmac.c b/crypto/hmac.c index 82b0055adf..f6c2d8db60 100644 --- a/crypto/hmac.c +++ b/crypto/hmac.c @@ -90,11 +90,10 @@ QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg, { QCryptoHmac *hmac; void *ctx = NULL; - Error *err2 = NULL; QCryptoHmacDriver *drv = NULL; #ifdef CONFIG_AF_ALG - ctx = qcrypto_afalg_hmac_ctx_new(alg, key, nkey, &err2); + ctx = qcrypto_afalg_hmac_ctx_new(alg, key, nkey, NULL); if (ctx) { drv = &qcrypto_hmac_afalg_driver; } @@ -107,7 +106,6 @@ QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg, } drv = &qcrypto_hmac_lib_driver; - error_free(err2); } hmac = g_new0(QCryptoHmac, 1); @@ -220,6 +220,77 @@ static cs_err cap_disas_start(disassemble_info *info, csh *handle) return CS_ERR_OK; } +static void cap_dump_insn_units(disassemble_info *info, cs_insn *insn, + int i, int n) +{ + fprintf_function print = info->fprintf_func; + FILE *stream = info->stream; + + switch (info->cap_insn_unit) { + case 4: + if (info->endian == BFD_ENDIAN_BIG) { + for (; i < n; i += 4) { + print(stream, " %08x", ldl_be_p(insn->bytes + i)); + + } + } else { + for (; i < n; i += 4) { + print(stream, " %08x", ldl_le_p(insn->bytes + i)); + } + } + break; + + case 2: + if (info->endian == BFD_ENDIAN_BIG) { + for (; i < n; i += 2) { + print(stream, " %04x", lduw_be_p(insn->bytes + i)); + } + } else { + for (; i < n; i += 2) { + print(stream, " %04x", lduw_le_p(insn->bytes + i)); + } + } + break; + + default: + for (; i < n; i++) { + print(stream, " %02x", insn->bytes[i]); + } + break; + } +} + +static void cap_dump_insn(disassemble_info *info, cs_insn *insn) +{ + fprintf_function print = info->fprintf_func; + int i, n, split; + + print(info->stream, "0x%08" PRIx64 ": ", insn->address); + + n = insn->size; + split = info->cap_insn_split; + + /* Dump the first SPLIT bytes of the instruction. */ + cap_dump_insn_units(info, insn, 0, MIN(n, split)); + + /* Add padding up to SPLIT so that mnemonics line up. */ + if (n < split) { + int width = (split - n) / info->cap_insn_unit; + width *= (2 * info->cap_insn_unit + 1); + print(info->stream, "%*s", width, ""); + } + + /* Print the actual instruction. */ + print(info->stream, " %-8s %s\n", insn->mnemonic, insn->op_str); + + /* Dump any remaining part of the insn on subsequent lines. */ + for (i = split; i < n; i += split) { + print(info->stream, "0x%08" PRIx64 ": ", insn->address + i); + cap_dump_insn_units(info, insn, i, MIN(n, i + split)); + print(info->stream, "\n"); + } +} + /* Disassemble SIZE bytes at PC for the target. */ static bool cap_disas_target(disassemble_info *info, uint64_t pc, size_t size) { @@ -242,10 +313,7 @@ static bool cap_disas_target(disassemble_info *info, uint64_t pc, size_t size) size -= tsize; while (cs_disasm_iter(handle, &cbuf, &csize, &pc, insn)) { - (*info->fprintf_func)(info->stream, - "0x%08" PRIx64 ": %-12s %s\n", - insn->address, insn->mnemonic, - insn->op_str); + cap_dump_insn(info, insn); } /* If the target memory is not consumed, go back for more... */ @@ -290,10 +358,7 @@ static bool cap_disas_host(disassemble_info *info, void *code, size_t size) pc = (uintptr_t)code; while (cs_disasm_iter(handle, &cbuf, &size, &pc, insn)) { - (*info->fprintf_func)(info->stream, - "0x%08" PRIx64 ": %-12s %s\n", - insn->address, insn->mnemonic, - insn->op_str); + cap_dump_insn(info, insn); } if (size != 0) { (*info->fprintf_func)(info->stream, @@ -337,10 +402,7 @@ static bool cap_disas_monitor(disassemble_info *info, uint64_t pc, int count) csize += tsize; if (cs_disasm_iter(handle, &cbuf, &csize, &pc, insn)) { - (*info->fprintf_func)(info->stream, - "0x%08" PRIx64 ": %-12s %s\n", - insn->address, insn->mnemonic, - insn->op_str); + cap_dump_insn(info, insn); if (--count <= 0) { break; } @@ -376,6 +438,8 @@ void target_disas(FILE *out, CPUState *cpu, target_ulong code, s.info.print_address_func = generic_print_address; s.info.cap_arch = -1; s.info.cap_mode = 0; + s.info.cap_insn_unit = 4; + s.info.cap_insn_split = 4; #ifdef TARGET_WORDS_BIGENDIAN s.info.endian = BFD_ENDIAN_BIG; @@ -427,6 +491,8 @@ void disas(FILE *out, void *code, unsigned long size) s.info.buffer_length = size; s.info.cap_arch = -1; s.info.cap_mode = 0; + s.info.cap_insn_unit = 4; + s.info.cap_insn_split = 4; #ifdef HOST_WORDS_BIGENDIAN s.info.endian = BFD_ENDIAN_BIG; @@ -440,11 +506,15 @@ void disas(FILE *out, void *code, unsigned long size) print_insn = print_insn_i386; s.info.cap_arch = CS_ARCH_X86; s.info.cap_mode = CS_MODE_32; + s.info.cap_insn_unit = 1; + s.info.cap_insn_split = 8; #elif defined(__x86_64__) s.info.mach = bfd_mach_x86_64; print_insn = print_insn_i386; s.info.cap_arch = CS_ARCH_X86; s.info.cap_mode = CS_MODE_64; + s.info.cap_insn_unit = 1; + s.info.cap_insn_split = 8; #elif defined(_ARCH_PPC) s.info.disassembler_options = (char *)"any"; print_insn = print_insn_ppc; @@ -537,6 +607,8 @@ void monitor_disas(Monitor *mon, CPUState *cpu, s.info.buffer_vma = pc; s.info.cap_arch = -1; s.info.cap_mode = 0; + s.info.cap_insn_unit = 4; + s.info.cap_insn_split = 4; #ifdef TARGET_WORDS_BIGENDIAN s.info.endian = BFD_ENDIAN_BIG; diff --git a/hw/display/sm501.c b/hw/display/sm501.c index 6eddac911e..7f1822421a 100644 --- a/hw/display/sm501.c +++ b/hw/display/sm501.c @@ -1758,7 +1758,7 @@ static void sm501_sysbus_class_init(ObjectClass *klass, void *data) dc->reset = sm501_reset_sysbus; dc->vmsd = &vmstate_sm501_sysbus; /* Note: pointer property "chr-state" may remain null, thus - * no need for dc->cannot_instantiate_with_device_add_yet = true; + * no need for dc->user_creatable = false; */ } diff --git a/hw/display/vga.c b/hw/display/vga.c index 1d19f6bc48..a64a0942da 100644 --- a/hw/display/vga.c +++ b/hw/display/vga.c @@ -1666,9 +1666,9 @@ static void vga_draw_graphic(VGACommonState *s, int full_update) /* scanline wraps from end of video memory to the start */ assert(force_shadow); update = memory_region_snapshot_get_dirty(&s->vram, snap, - page0, 0); + page0, s->vbe_size - page0); update |= memory_region_snapshot_get_dirty(&s->vram, snap, - page1, 0); + 0, page1); } else { update = memory_region_snapshot_get_dirty(&s->vram, snap, page0, page1 - page0); diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c index 43bbe09ea0..274e365713 100644 --- a/hw/display/virtio-gpu.c +++ b/hw/display/virtio-gpu.c @@ -322,6 +322,18 @@ static pixman_format_code_t get_pixman_format(uint32_t virtio_gpu_format) } } +static uint32_t calc_image_hostmem(pixman_format_code_t pformat, + uint32_t width, uint32_t height) +{ + /* Copied from pixman/pixman-bits-image.c, skip integer overflow check. + * pixman_image_create_bits will fail in case it overflow. + */ + + int bpp = PIXMAN_FORMAT_BPP(pformat); + int stride = ((width * bpp + 0x1f) >> 5) * sizeof(uint32_t); + return height * stride; +} + static void virtio_gpu_resource_create_2d(VirtIOGPU *g, struct virtio_gpu_ctrl_command *cmd) { @@ -366,7 +378,7 @@ static void virtio_gpu_resource_create_2d(VirtIOGPU *g, return; } - res->hostmem = PIXMAN_FORMAT_BPP(pformat) * c2d.width * c2d.height; + res->hostmem = calc_image_hostmem(pformat, c2d.width, c2d.height); if (res->hostmem + g->hostmem < g->conf.max_hostmem) { res->image = pixman_image_create_bits(pformat, c2d.width, @@ -1087,7 +1099,7 @@ static int virtio_gpu_load(QEMUFile *f, void *opaque, size_t size, return -EINVAL; } - res->hostmem = PIXMAN_FORMAT_BPP(pformat) * res->width * res->height; + res->hostmem = calc_image_hostmem(pformat, res->width, res->height); res->addrs = g_new(uint64_t, res->iov_cnt); res->iov = g_new(struct iovec, res->iov_cnt); diff --git a/hw/display/vmware_vga.c b/hw/display/vmware_vga.c index cdc3fed6ca..0e6673a911 100644 --- a/hw/display/vmware_vga.c +++ b/hw/display/vmware_vga.c @@ -679,10 +679,9 @@ static void vmsvga_fifo_run(struct vmsvga_state_s *s) if (cursor.width > 256 || cursor.height > 256 || cursor.bpp > 32 - || SVGA_BITMAP_SIZE(x, y) - > sizeof(cursor.mask) / sizeof(cursor.mask[0]) + || SVGA_BITMAP_SIZE(x, y) > ARRAY_SIZE(cursor.mask) || SVGA_PIXMAP_SIZE(x, y, cursor.bpp) - > sizeof(cursor.image) / sizeof(cursor.image[0])) { + > ARRAY_SIZE(cursor.image)) { goto badcmd; } diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c index 9178e70132..5cf0dabef3 100644 --- a/hw/ppc/e500.c +++ b/hw/ppc/e500.c @@ -729,15 +729,13 @@ static DeviceState *ppce500_init_mpic_kvm(PPCE500Params *params, return dev; } -static qemu_irq *ppce500_init_mpic(MachineState *machine, PPCE500Params *params, - MemoryRegion *ccsr, qemu_irq **irqs) +static DeviceState *ppce500_init_mpic(MachineState *machine, + PPCE500Params *params, + MemoryRegion *ccsr, + qemu_irq **irqs) { - qemu_irq *mpic; DeviceState *dev = NULL; SysBusDevice *s; - int i; - - mpic = g_new0(qemu_irq, 256); if (kvm_enabled()) { Error *err = NULL; @@ -756,15 +754,11 @@ static qemu_irq *ppce500_init_mpic(MachineState *machine, PPCE500Params *params, dev = ppce500_init_mpic_qemu(params, irqs); } - for (i = 0; i < 256; i++) { - mpic[i] = qdev_get_gpio_in(dev, i); - } - s = SYS_BUS_DEVICE(dev); memory_region_add_subregion(ccsr, MPC8544_MPIC_REGS_OFFSET, s->mmio[0].memory); - return mpic; + return dev; } static void ppce500_power_off(void *opaque, int line, int on) @@ -796,8 +790,8 @@ void ppce500_init(MachineState *machine, PPCE500Params *params) /* irq num for pin INTA, INTB, INTC and INTD is 1, 2, 3 and * 4 respectively */ unsigned int pci_irq_nrs[PCI_NUM_PINS] = {1, 2, 3, 4}; - qemu_irq **irqs, *mpic; - DeviceState *dev; + qemu_irq **irqs; + DeviceState *dev, *mpicdev; CPUPPCState *firstenv = NULL; MemoryRegion *ccsr_addr_space; SysBusDevice *s; @@ -866,18 +860,18 @@ void ppce500_init(MachineState *machine, PPCE500Params *params) memory_region_add_subregion(address_space_mem, params->ccsrbar_base, ccsr_addr_space); - mpic = ppce500_init_mpic(machine, params, ccsr_addr_space, irqs); + mpicdev = ppce500_init_mpic(machine, params, ccsr_addr_space, irqs); /* Serial */ if (serial_hds[0]) { serial_mm_init(ccsr_addr_space, MPC8544_SERIAL0_REGS_OFFSET, - 0, mpic[42], 399193, + 0, qdev_get_gpio_in(mpicdev, 42), 399193, serial_hds[0], DEVICE_BIG_ENDIAN); } if (serial_hds[1]) { serial_mm_init(ccsr_addr_space, MPC8544_SERIAL1_REGS_OFFSET, - 0, mpic[42], 399193, + 0, qdev_get_gpio_in(mpicdev, 42), 399193, serial_hds[1], DEVICE_BIG_ENDIAN); } @@ -895,7 +889,7 @@ void ppce500_init(MachineState *machine, PPCE500Params *params) qdev_init_nofail(dev); s = SYS_BUS_DEVICE(dev); for (i = 0; i < PCI_NUM_PINS; i++) { - sysbus_connect_irq(s, i, mpic[pci_irq_nrs[i]]); + sysbus_connect_irq(s, i, qdev_get_gpio_in(mpicdev, pci_irq_nrs[i])); } memory_region_add_subregion(ccsr_addr_space, MPC8544_PCI_REGS_OFFSET, @@ -926,7 +920,7 @@ void ppce500_init(MachineState *machine, PPCE500Params *params) dev = qdev_create(NULL, "mpc8xxx_gpio"); s = SYS_BUS_DEVICE(dev); qdev_init_nofail(dev); - sysbus_connect_irq(s, 0, mpic[MPC8XXX_GPIO_IRQ]); + sysbus_connect_irq(s, 0, qdev_get_gpio_in(mpicdev, MPC8XXX_GPIO_IRQ)); memory_region_add_subregion(ccsr_addr_space, MPC8XXX_GPIO_OFFSET, sysbus_mmio_get_region(s, 0)); @@ -946,7 +940,7 @@ void ppce500_init(MachineState *machine, PPCE500Params *params) for (i = 0; i < params->platform_bus_num_irqs; i++) { int irqn = params->platform_bus_first_irq + i; - sysbus_connect_irq(s, i, mpic[irqn]); + sysbus_connect_irq(s, i, qdev_get_gpio_in(mpicdev, irqn)); } memory_region_add_subregion(address_space_mem, diff --git a/hw/s390x/s390-pci-bus.c b/hw/s390x/s390-pci-bus.c index e7a58e81f7..2b1e1409bf 100644 --- a/hw/s390x/s390-pci-bus.c +++ b/hw/s390x/s390-pci-bus.c @@ -715,7 +715,7 @@ static void s390_pcihost_hot_plug(HotplugHandler *hotplug_dev, pbdev->pdev = pdev; pbdev->iommu = s390_pci_get_iommu(s, pdev->bus, pdev->devfn); pbdev->iommu->pbdev = pbdev; - pbdev->state = ZPCI_FS_STANDBY; + pbdev->state = ZPCI_FS_DISABLED; if (s390_pci_msix_init(pbdev)) { error_setg(errp, "MSI-X support is mandatory " diff --git a/include/block/nbd.h b/include/block/nbd.h index 92d1723d7c..113c707a5e 100644 --- a/include/block/nbd.h +++ b/include/block/nbd.h @@ -86,15 +86,23 @@ typedef union NBDReply { } QEMU_PACKED; } NBDReply; -/* Header of NBD_REPLY_TYPE_OFFSET_DATA, complete NBD_REPLY_TYPE_OFFSET_HOLE */ -typedef struct NBDStructuredRead { - NBDStructuredReplyChunk h; +/* Header of chunk for NBD_REPLY_TYPE_OFFSET_DATA */ +typedef struct NBDStructuredReadData { + NBDStructuredReplyChunk h; /* h.length >= 9 */ uint64_t offset; -} QEMU_PACKED NBDStructuredRead; + /* At least one byte of data payload follows, calculated from h.length */ +} QEMU_PACKED NBDStructuredReadData; + +/* Complete chunk for NBD_REPLY_TYPE_OFFSET_HOLE */ +typedef struct NBDStructuredReadHole { + NBDStructuredReplyChunk h; /* h.length == 12 */ + uint64_t offset; + uint32_t length; +} QEMU_PACKED NBDStructuredReadHole; /* Header of all NBD_REPLY_TYPE_ERROR* errors */ typedef struct NBDStructuredError { - NBDStructuredReplyChunk h; + NBDStructuredReplyChunk h; /* h.length >= 6 */ uint32_t error; uint16_t message_length; } QEMU_PACKED NBDStructuredError; diff --git a/include/disas/bfd.h b/include/disas/bfd.h index 1f88c9e9d5..46c7ec3376 100644 --- a/include/disas/bfd.h +++ b/include/disas/bfd.h @@ -374,6 +374,8 @@ typedef struct disassemble_info { /* Options for Capstone disassembly. */ int cap_arch; int cap_mode; + int cap_insn_unit; + int cap_insn_split; } disassemble_info; diff --git a/nbd/client.c b/nbd/client.c index 3d680e63e1..1880103d2a 100644 --- a/nbd/client.c +++ b/nbd/client.c @@ -979,6 +979,7 @@ static int nbd_receive_structured_reply_chunk(QIOChannel *ioc, int nbd_receive_reply(QIOChannel *ioc, NBDReply *reply, Error **errp) { int ret; + const char *type; ret = nbd_read_eof(ioc, &reply->magic, sizeof(reply->magic), errp); if (ret <= 0) { @@ -1008,8 +1009,9 @@ int nbd_receive_reply(QIOChannel *ioc, NBDReply *reply, Error **errp) if (ret < 0) { break; } + type = nbd_reply_type_lookup(reply->structured.type); trace_nbd_receive_structured_reply_chunk(reply->structured.flags, - reply->structured.type, + reply->structured.type, type, reply->structured.handle, reply->structured.length); break; diff --git a/nbd/server.c b/nbd/server.c index 70b40ed27e..df771fd42f 100644 --- a/nbd/server.c +++ b/nbd/server.c @@ -423,6 +423,7 @@ static int nbd_negotiate_handle_info(NBDClient *client, uint32_t length, break; } } + assert(length == 0); exp = nbd_export_find(name); if (!exp) { @@ -433,7 +434,7 @@ static int nbd_negotiate_handle_info(NBDClient *client, uint32_t length, /* Don't bother sending NBD_INFO_NAME unless client requested it */ if (sendname) { - rc = nbd_negotiate_send_info(client, opt, NBD_INFO_NAME, length, name, + rc = nbd_negotiate_send_info(client, opt, NBD_INFO_NAME, namelen, name, errp); if (rc < 0) { return rc; @@ -1272,6 +1273,21 @@ static inline void set_be_chunk(NBDStructuredReplyChunk *chunk, uint16_t flags, stl_be_p(&chunk->length, length); } +static int coroutine_fn nbd_co_send_structured_done(NBDClient *client, + uint64_t handle, + Error **errp) +{ + NBDStructuredReplyChunk chunk; + struct iovec iov[] = { + {.iov_base = &chunk, .iov_len = sizeof(chunk)}, + }; + + trace_nbd_co_send_structured_done(handle); + set_be_chunk(&chunk, NBD_REPLY_FLAG_DONE, NBD_REPLY_TYPE_NONE, handle, 0); + + return nbd_co_send_iov(client, iov, 1, errp); +} + static int coroutine_fn nbd_co_send_structured_read(NBDClient *client, uint64_t handle, uint64_t offset, @@ -1279,12 +1295,13 @@ static int coroutine_fn nbd_co_send_structured_read(NBDClient *client, size_t size, Error **errp) { - NBDStructuredRead chunk; + NBDStructuredReadData chunk; struct iovec iov[] = { {.iov_base = &chunk, .iov_len = sizeof(chunk)}, {.iov_base = data, .iov_len = size} }; + assert(size); trace_nbd_co_send_structured_read(handle, offset, data, size); set_be_chunk(&chunk.h, NBD_REPLY_FLAG_DONE, NBD_REPLY_TYPE_OFFSET_DATA, handle, sizeof(chunk) - sizeof(chunk.h) + size); @@ -1543,10 +1560,13 @@ reply: if (ret < 0) { ret = nbd_co_send_structured_error(req->client, request.handle, -ret, msg, &local_err); - } else { + } else if (reply_data_len) { ret = nbd_co_send_structured_read(req->client, request.handle, request.from, req->data, reply_data_len, &local_err); + } else { + ret = nbd_co_send_structured_done(req->client, request.handle, + &local_err); } } else { ret = nbd_co_send_simple_reply(req->client, request.handle, diff --git a/nbd/trace-events b/nbd/trace-events index 4a13757524..92568edce5 100644 --- a/nbd/trace-events +++ b/nbd/trace-events @@ -27,7 +27,7 @@ nbd_client_clear_queue(void) "Clearing NBD queue" nbd_client_clear_socket(void) "Clearing NBD socket" nbd_send_request(uint64_t from, uint32_t len, uint64_t handle, uint16_t flags, uint16_t type, const char *name) "Sending request to server: { .from = %" PRIu64", .len = %" PRIu32 ", .handle = %" PRIu64 ", .flags = 0x%" PRIx16 ", .type = %" PRIu16 " (%s) }" nbd_receive_simple_reply(int32_t error, const char *errname, uint64_t handle) "Got simple reply: { .error = %" PRId32 " (%s), handle = %" PRIu64" }" -nbd_receive_structured_reply_chunk(uint16_t flags, uint16_t type, uint64_t handle, uint32_t length) "Got structured reply chunk: { flags = 0x%" PRIx16 ", type = %d, handle = %" PRIu64 ", length = %" PRIu32 " }" +nbd_receive_structured_reply_chunk(uint16_t flags, uint16_t type, const char *name, uint64_t handle, uint32_t length) "Got structured reply chunk: { flags = 0x%" PRIx16 ", type = %d (%s), handle = %" PRIu64 ", length = %" PRIu32 " }" # nbd/common.c nbd_unknown_error(int err) "Squashing unexpected error %d to EINVAL" @@ -55,6 +55,7 @@ nbd_receive_request(uint32_t magic, uint16_t flags, uint16_t type, uint64_t from nbd_blk_aio_attached(const char *name, void *ctx) "Export %s: Attaching clients to AIO context %p\n" nbd_blk_aio_detach(const char *name, void *ctx) "Export %s: Detaching clients from AIO context %p\n" nbd_co_send_simple_reply(uint64_t handle, uint32_t error, const char *errname, int len) "Send simple reply: handle = %" PRIu64 ", error = %" PRIu32 " (%s), len = %d" +nbd_co_send_structured_done(uint64_t handle) "Send structured reply done: handle = %" PRIu64 nbd_co_send_structured_read(uint64_t handle, uint64_t offset, void *data, size_t size) "Send structured read data reply: handle = %" PRIu64 ", offset = %" PRIu64 ", data = %p, len = %zu" nbd_co_send_structured_error(uint64_t handle, int err, const char *errname, const char *msg) "Send structured error reply: handle = %" PRIu64 ", error = %d (%s), msg = '%s'" nbd_co_receive_request_decode_type(uint64_t handle, uint16_t type, const char *name) "Decoding type: handle = %" PRIu64 ", type = %" PRIu16 " (%s)" diff --git a/slirp/tcp_subr.c b/slirp/tcp_subr.c index dc8b4bbb50..da0d53743f 100644 --- a/slirp/tcp_subr.c +++ b/slirp/tcp_subr.c @@ -148,7 +148,16 @@ tcp_respond(struct tcpcb *tp, struct tcpiphdr *ti, struct mbuf *m, m->m_data += IF_MAXLINKHDR; *mtod(m, struct tcpiphdr *) = *ti; ti = mtod(m, struct tcpiphdr *); - memset(&ti->ti, 0, sizeof(ti->ti)); + switch (af) { + case AF_INET: + ti->ti.ti_i4.ih_x1 = 0; + break; + case AF_INET6: + ti->ti.ti_i6.ih_x1 = 0; + break; + default: + g_assert_not_reached(); + } flags = TH_ACK; } else { /* diff --git a/target/arm/cpu.c b/target/arm/cpu.c index 47c8b2a85c..7f7a3d1e32 100644 --- a/target/arm/cpu.c +++ b/target/arm/cpu.c @@ -489,13 +489,19 @@ static void arm_disas_set_info(CPUState *cpu, disassemble_info *info) info->print_insn = print_insn_arm_a64; #endif info->cap_arch = CS_ARCH_ARM64; + info->cap_insn_unit = 4; + info->cap_insn_split = 4; } else { int cap_mode; if (env->thumb) { info->print_insn = print_insn_thumb1; + info->cap_insn_unit = 2; + info->cap_insn_split = 4; cap_mode = CS_MODE_THUMB; } else { info->print_insn = print_insn_arm; + info->cap_insn_unit = 4; + info->cap_insn_split = 4; cap_mode = CS_MODE_ARM; } if (arm_feature(env, ARM_FEATURE_V8)) { diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 6f21a5e518..1edcf29e27 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -4109,6 +4109,8 @@ static void x86_disas_set_info(CPUState *cs, disassemble_info *info) info->cap_mode = (env->hflags & HF_CS64_MASK ? CS_MODE_64 : env->hflags & HF_CS32_MASK ? CS_MODE_32 : CS_MODE_16); + info->cap_insn_unit = 1; + info->cap_insn_split = 8; } static Property x86_cpu_properties[] = { diff --git a/target/ppc/compat.c b/target/ppc/compat.c index f8729fe46d..ad8f93c064 100644 --- a/target/ppc/compat.c +++ b/target/ppc/compat.c @@ -141,7 +141,7 @@ void ppc_set_compat(PowerPCCPU *cpu, uint32_t compat_pvr, Error **errp) cpu_synchronize_state(CPU(cpu)); if (kvm_enabled() && cpu->compat_pvr != compat_pvr) { - int ret = kvmppc_set_compat(cpu, cpu->compat_pvr); + int ret = kvmppc_set_compat(cpu, compat_pvr); if (ret < 0) { error_setg_errno(errp, -ret, "Unable to set CPU compatibility mode in KVM"); diff --git a/target/s390x/translate.c b/target/s390x/translate.c index dee72a787d..85d0a6c3af 100644 --- a/target/s390x/translate.c +++ b/target/s390x/translate.c @@ -3432,6 +3432,7 @@ static ExitStatus op_risbg(DisasContext *s, DisasOps *o) /* Adjust the arguments for the specific insn. */ switch (s->fields->op2) { case 0x55: /* risbg */ + case 0x59: /* risbgn */ i3 &= 63; i4 &= 63; pmask = ~0; @@ -3447,7 +3448,7 @@ static ExitStatus op_risbg(DisasContext *s, DisasOps *o) pmask = 0x00000000ffffffffull; break; default: - abort(); + g_assert_not_reached(); } /* MASK is the set of bits to be inserted from R2. @@ -3464,11 +3465,7 @@ static ExitStatus op_risbg(DisasContext *s, DisasOps *o) insns, we need to keep the other half of the register. */ imask = ~mask | ~pmask; if (do_zero) { - if (s->fields->op2 == 0x55) { - imask = 0; - } else { - imask = ~pmask; - } + imask = ~pmask; } len = i4 - i3 + 1; diff --git a/tests/docker/Makefile.include b/tests/docker/Makefile.include index f1a398e9fa..de87341528 100644 --- a/tests/docker/Makefile.include +++ b/tests/docker/Makefile.include @@ -109,7 +109,7 @@ docker: @echo ' DEBUG=1 Stop and drop to shell in the created container' @echo ' before running the command.' @echo ' NETWORK=1 Enable virtual network interface with default backend.' - @echo ' NETWORK=$BACKEND Enable virtual network interface with $BACKEND.' + @echo ' NETWORK=$$BACKEND Enable virtual network interface with $$BACKEND.' @echo ' NOUSER Define to disable adding current user to containers passwd.' @echo ' NOCACHE=1 Ignore cache when build images.' @echo ' EXECUTABLE=<path> Include executable in image.' diff --git a/tests/docker/docker.py b/tests/docker/docker.py index 08122ca17d..1246ba9578 100755 --- a/tests/docker/docker.py +++ b/tests/docker/docker.py @@ -105,6 +105,28 @@ def _copy_binary_with_libs(src, dest_dir): so_path = os.path.dirname(l) _copy_with_mkdir(l , dest_dir, so_path) +def _read_qemu_dockerfile(img_name): + df = os.path.join(os.path.dirname(__file__), "dockerfiles", + img_name + ".docker") + return open(df, "r").read() + +def _dockerfile_preprocess(df): + out = "" + for l in df.splitlines(): + if len(l.strip()) == 0 or l.startswith("#"): + continue + from_pref = "FROM qemu:" + if l.startswith(from_pref): + # TODO: Alternatively we could replace this line with "FROM $ID" + # where $ID is the image's hex id obtained with + # $ docker images $IMAGE --format="{{.Id}}" + # but unfortunately that's not supported by RHEL 7. + inlining = _read_qemu_dockerfile(l[len(from_pref):]) + out += _dockerfile_preprocess(inlining) + continue + out += l + "\n" + return out + class Docker(object): """ Running Docker commands """ def __init__(self): @@ -196,7 +218,7 @@ class Docker(object): checksum = self.get_image_dockerfile_checksum(tag) except Exception: return False - return checksum == _text_checksum(dockerfile) + return checksum == _text_checksum(_dockerfile_preprocess(dockerfile)) def run(self, cmd, keep, quiet): label = uuid.uuid1().hex diff --git a/tests/qemu-iotests/058 b/tests/qemu-iotests/058 index 2253c6a6d1..5eb8784669 100755 --- a/tests/qemu-iotests/058 +++ b/tests/qemu-iotests/058 @@ -117,15 +117,15 @@ _export_nbd_snapshot sn1 echo echo "== verifying the exported snapshot with patterns, method 1 ==" -$QEMU_IO_NBD -c 'read -P 0xa 0x1000 0x1000' "$nbd_snapshot_img" | _filter_qemu_io -$QEMU_IO_NBD -c 'read -P 0xb 0x2000 0x1000' "$nbd_snapshot_img" | _filter_qemu_io +$QEMU_IO_NBD -r -c 'read -P 0xa 0x1000 0x1000' "$nbd_snapshot_img" | _filter_qemu_io +$QEMU_IO_NBD -r -c 'read -P 0xb 0x2000 0x1000' "$nbd_snapshot_img" | _filter_qemu_io _export_nbd_snapshot1 sn1 echo echo "== verifying the exported snapshot with patterns, method 2 ==" -$QEMU_IO_NBD -c 'read -P 0xa 0x1000 0x1000' "$nbd_snapshot_img" | _filter_qemu_io -$QEMU_IO_NBD -c 'read -P 0xb 0x2000 0x1000' "$nbd_snapshot_img" | _filter_qemu_io +$QEMU_IO_NBD -r -c 'read -P 0xa 0x1000 0x1000' "$nbd_snapshot_img" | _filter_qemu_io +$QEMU_IO_NBD -r -c 'read -P 0xb 0x2000 0x1000' "$nbd_snapshot_img" | _filter_qemu_io $QEMU_IMG convert "$TEST_IMG" -l sn1 -O qcow2 "$converted_image" diff --git a/tests/qemu-iotests/140 b/tests/qemu-iotests/140 index f89d0d6789..a8fc95145c 100755 --- a/tests/qemu-iotests/140 +++ b/tests/qemu-iotests/140 @@ -78,7 +78,7 @@ _send_qemu_cmd $QEMU_HANDLE \ 'arguments': { 'device': 'drv' }}" \ 'return' -$QEMU_IO_PROG -f raw -c 'read -P 42 0 64k' \ +$QEMU_IO_PROG -f raw -r -c 'read -P 42 0 64k' \ "nbd+unix:///drv?socket=$TEST_DIR/nbd" 2>&1 \ | _filter_qemu_io | _filter_nbd @@ -87,7 +87,7 @@ _send_qemu_cmd $QEMU_HANDLE \ 'arguments': { 'device': 'drv' }}" \ 'return' -$QEMU_IO_PROG -f raw -c close \ +$QEMU_IO_PROG -f raw -r -c close \ "nbd+unix:///drv?socket=$TEST_DIR/nbd" 2>&1 \ | _filter_qemu_io | _filter_nbd diff --git a/tests/qemu-iotests/147 b/tests/qemu-iotests/147 index db34838cd0..90f40ed245 100755 --- a/tests/qemu-iotests/147 +++ b/tests/qemu-iotests/147 @@ -43,6 +43,7 @@ class NBDBlockdevAddBase(iotests.QMPTestCase): 'driver': 'raw', 'file': { 'driver': 'nbd', + 'read-only': True, 'server': address } } if export is not None: diff --git a/tests/test-aio-multithread.c b/tests/test-aio-multithread.c index 549d784915..d396185972 100644 --- a/tests/test-aio-multithread.c +++ b/tests/test-aio-multithread.c @@ -144,17 +144,16 @@ static void finish_cb(void *opaque) static coroutine_fn void test_multi_co_schedule_entry(void *opaque) { g_assert(to_schedule[id] == NULL); - atomic_mb_set(&to_schedule[id], qemu_coroutine_self()); while (!atomic_mb_read(&now_stopping)) { int n; n = g_test_rand_int_range(0, NUM_CONTEXTS); schedule_next(n); - qemu_coroutine_yield(); - g_assert(to_schedule[id] == NULL); atomic_mb_set(&to_schedule[id], qemu_coroutine_self()); + qemu_coroutine_yield(); + g_assert(to_schedule[id] == NULL); } } diff --git a/tests/test-crypto-block.c b/tests/test-crypto-block.c index bd7fe593e3..fd29a045d2 100644 --- a/tests/test-crypto-block.c +++ b/tests/test-crypto-block.c @@ -28,7 +28,8 @@ #include <sys/resource.h> #endif -#if (defined(_WIN32) || defined RUSAGE_THREAD) +#if (defined(_WIN32) || defined RUSAGE_THREAD) && \ + (defined(CONFIG_NETTLE_KDF) || defined(CONFIG_GCRYPT_KDF)) #define TEST_LUKS #else #undef TEST_LUKS diff --git a/util/async.c b/util/async.c index 355af73ee7..0e1bd8780a 100644 --- a/util/async.c +++ b/util/async.c @@ -174,7 +174,7 @@ void qemu_bh_schedule(QEMUBH *bh) */ void qemu_bh_cancel(QEMUBH *bh) { - bh->scheduled = 0; + atomic_mb_set(&bh->scheduled, 0); } /* This func is async.The bottom half will do the delete action at the finial |