aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-03-08Merge remote-tracking branch ↵Peter Maydell
'remotes/thuth-gitlab/tags/pull-request-2022-03-07' into staging * Fixes for s390x TCG tests * Update Haiku VM to a usable level * Some other miscellaneous small fixes # gpg: Signature made Mon 07 Mar 2022 18:07:00 GMT # gpg: using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5 # gpg: issuer "thuth@redhat.com" # gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full] # gpg: aka "Thomas Huth <thuth@redhat.com>" [full] # gpg: aka "Thomas Huth <huth@tuxfamily.org>" [full] # gpg: aka "Thomas Huth <th.huth@posteo.de>" [unknown] # Primary key fingerprint: 27B8 8847 EEE0 2501 18F3 EAB9 2ED9 D774 FE70 2DB5 * remotes/thuth-gitlab/tags/pull-request-2022-03-07: Check and report for incomplete 'global' option format tests/vm: Update haiku test vm to R1/Beta3 tests/avocado: Cancel BootLinux tests in case there is no free port MAINTAINERS: Update the files in the FreeBSD section tests/tcg/s390x: Cleanup of mie3 tests. tests/tcg/s390x: Fix the exrl-trt* tests with Clang tests/tcg/s390x: Fix mvc, mvo and pack tests with Clang Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-03-08Merge remote-tracking branch ↵Peter Maydell
'remotes/pmaydell/tags/pull-target-arm-20220307' into staging target-arm queue: * cleanups of qemu_oom_check() and qemu_memalign() * target/arm/translate-neon: UNDEF if VLD1/VST1 stride bits are non-zero * target/arm/translate-neon: Simplify align field check for VLD3 * GICv3 ITS: add more trace events * GICv3 ITS: implement 8-byte accesses properly * GICv3: fix minor issues with some trace/log messages * ui/cocoa: Use the standard about panel * target/arm: Provide cpu property for controling FEAT_LPA2 * hw/arm/virt: Disable LPA2 for -machine virt-6.2 # gpg: Signature made Mon 07 Mar 2022 16:46:06 GMT # gpg: using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE # gpg: issuer "peter.maydell@linaro.org" # gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate] # gpg: aka "Peter Maydell <pmaydell@gmail.com>" [ultimate] # gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate] # Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE * remotes/pmaydell/tags/pull-target-arm-20220307: hw/arm/virt: Disable LPA2 for -machine virt-6.2 target/arm: Provide cpu property for controling FEAT_LPA2 ui/cocoa: Use the standard about panel hw/intc/arm_gicv3_cpuif: Fix register names in ICV_HPPIR read trace event hw/intc/arm_gicv3: Fix missing spaces in error log messages hw/intc/arm_gicv3: Specify valid and impl in MemoryRegionOps hw/intc/arm_gicv3_its: Add trace events for table reads and writes hw/intc/arm_gicv3_its: Add trace events for commands target/arm/translate-neon: Simplify align field check for VLD3 target/arm/translate-neon: UNDEF if VLD1/VST1 stride bits are non-zero osdep: Move memalign-related functions to their own header util: Put qemu_vfree() in memalign.c util: Use meson checks for valloc() and memalign() presence util: Share qemu_try_memalign() implementation between POSIX and Windows meson.build: Don't misdetect posix_memalign() on Windows util: Return valid allocation for qemu_try_memalign() with zero size util: Unify implementations of qemu_memalign() util: Make qemu_oom_check() a static function Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-03-08tests/tcg/ppc64le: change signal_save_restore_xer to use SIGTRAPMatheus Ferst
Now that linux-user delivers the signal on tw, we can change signal_save_restore_xer to use SIGTRAP instead of SIGILL. Suggested-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Matheus Ferst <matheus.ferst@eldorado.org.br> Message-Id: <20220113170456.1796911-3-matheus.ferst@eldorado.org.br> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2022-03-08linux-user/ppc: deliver SIGTRAP on POWERPC_EXCP_TRAPMatheus Ferst
Handle POWERPC_EXCP_TRAP in cpu_loop to deliver SIGTRAP on tw[i]/td[i]. The si_code comes from do_program_check in the kernel source file arch/powerpc/kernel/traps.c Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Matheus Ferst <matheus.ferst@eldorado.org.br> Message-Id: <20220113170456.1796911-2-matheus.ferst@eldorado.org.br> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2022-03-08linux-user: Remove stale "not threadsafe" commentsPeter Maydell
In linux-user/signal.c we have two FIXME comments claiming that parts of the signal-handling code are not threadsafe. These are very old, as they were first introduced in commit 624f7979058 in 2008. Since then we've radically overhauled the signal-handling logic, while carefully preserving these FIXME comments. It's unclear exactly what thread-safety issue the original author was trying to point out -- the relevant data structures are in the TaskStruct, which makes them per-thread and only operated on by that thread. The old code at the time of that commit did have various races involving signal handlers being invoked at awkward times; possibly this was what was meant. Delete these FIXME comments: * they were written at a time when the way we handled signals was completely different * the code today appears to us to not have thread-safety issues * nobody knows what the problem the comments were trying to point out was so they are serving no useful purpose for us today. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Warner Losh <imp@bsdimp.com> Message-Id: <20220114155032.3767771-1-peter.maydell@linaro.org> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2022-03-08Merge remote-tracking branch ↵Peter Maydell
'remotes/kraxel/tags/seabios-20220307-pull-request' into staging update seabios to 1.16.0 # gpg: Signature made Mon 07 Mar 2022 11:02:40 GMT # gpg: using RSA key A0328CFFB93A17A79901FE7D4CB6D8EED3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full] # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" [full] # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full] # Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138 * remotes/kraxel/tags/seabios-20220307-pull-request: update seabios binaries to 1.16.0 update seabios submodule to 1.16.0 Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-03-08Merge remote-tracking branch 'remotes/cschoenebeck/tags/pull-9p-20220307' ↵Peter Maydell
into staging 9pfs: introduce macOS host support and cleanup * Add support for Darwin (a.k.a. macOS) hosts. * Code cleanup (move qemu_dirent_dup() from osdep -> 9p-util). * API doc cleanup (convert Doxygen -> kerneldoc format). # gpg: Signature made Mon 07 Mar 2022 11:14:45 GMT # gpg: using RSA key 96D8D110CF7AF8084F88590134C2B58765A47395 # gpg: issuer "qemu_oss@crudebyte.com" # gpg: Good signature from "Christian Schoenebeck <qemu_oss@crudebyte.com>" [unknown] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: ECAB 1A45 4014 1413 BA38 4926 30DB 47C3 A012 D5F4 # Subkey fingerprint: 96D8 D110 CF7A F808 4F88 5901 34C2 B587 65A4 7395 * remotes/cschoenebeck/tags/pull-9p-20220307: fsdev/p9array.h: convert Doxygen -> kerneldoc format 9pfs/coth.h: drop Doxygen format on v9fs_co_run_in_worker() 9pfs/9p-util.h: convert Doxygen -> kerneldoc format 9pfs/9p.c: convert Doxygen -> kerneldoc format 9pfs/codir.c: convert Doxygen -> kerneldoc format 9pfs/9p.h: convert Doxygen -> kerneldoc format 9pfs: drop Doxygen format from qemu_dirent_dup() API comment 9pfs: move qemu_dirent_dup() from osdep -> 9p-util 9p: darwin: meson: Allow VirtFS on Darwin 9p: darwin: Adjust assumption on virtio-9p-test 9p: darwin: Implement compatibility for mknodat 9p: darwin: Compatibility for f/l*xattr 9p: darwin: *xattr_nofollow implementations 9p: darwin: Move XATTR_SIZE_MAX->P9_XATTR_SIZE_MAX 9p: darwin: Ignore O_{NOATIME, DIRECT} 9p: darwin: Handle struct dirent differences 9p: darwin: Handle struct stat(fs) differences 9p: Rename 9p-util -> 9p-util-linux 9p: linux: Fix a couple Linux assumptions Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-03-08hw: aspeed_gpio: Cleanup stray semicolon after switchAndrew Jeffery
Not sure how that got there. Signed-off-by: Andrew Jeffery <andrew@aj.id.au> Message-Id: <20220207150409.358888-2-andrew@aj.id.au> Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-03-08hw/arm/aspeed: add Bletchley machine typePatrick Williams
Add the 'bletchley-bmc' machine type based on the kernel DTS[1] and hardware schematics available to me. The i2c model is as complete as the current QEMU models support, but in some cases I substituted devices that are close enough for present functionality. Strap registers are kept the same as the AST2600-EVB until I'm able to confirm correct values with physical hardware. This has been tested with an openbmc image built from [2] plus a kernel patch[3] for the SPI flash module. 1. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/arch/arm/boot/dts/aspeed-bmc-facebook-bletchley.dts?id=a8c729e966c4e9d033242d948b0e53c2a62d32e2 2. https://github.com/openbmc/openbmc/commit/b9432b980d7f63f7512ffbcc7124386ba896dfc6 3. https://github.com/openbmc/linux/commit/25b566b9a9d7f5d4f10c1b7304007bdb286eefd7 Signed-off-by: Patrick Williams <patrick@stwcx.xyz> Reviewed-by: Cédric Le Goater <clg@kaod.org> [ clg : increased number of FMC devices to 2 to match Linux dts ] Message-Id: <20220305000656.1944589-2-patrick@stwcx.xyz> Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-03-08hw/arm/aspeed: allow missing spi_modelPatrick Williams
Generally all BMCs will use the fmc_model to hold their own flash and most will have a spi_model to hold the managed system's flash, but not all systems do. Add a simple NULL check to allow a system to set the spi_model as NULL to indicate it should not be instantiated. Signed-off-by: Patrick Williams <patrick@stwcx.xyz> Message-Id: <20220305000656.1944589-1-patrick@stwcx.xyz> Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-03-08hw/block: m25p80: Add support for w25q01jvqPatrick Williams
The w25q01jvq is a 128MB part. Support is being added to the kernel[1] and the two have been tested together. 1. https://lore.kernel.org/lkml/20220222092222.23108-1-potin.lai@quantatw.com/ Signed-off-by: Patrick Williams <patrick@stwcx.xyz> Cc: Potin Lai <potin.lai@quantatw.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Francisco Iglesias <frasse.iglesias@gmail.com> Message-Id: <20220304180920.1780992-1-patrick@stwcx.xyz> Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-03-08aspeed/smc: Fix error logCédric Le Goater
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20220307071856.1410731-7-clg@kaod.org> Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-03-08aspeed/smc: Let the SSI core layer define the bus nameCédric Le Goater
If no id is provided, qdev automatically assigns an unique name with the following pattern "<type>.<index>" which avoids bus name collision when using multiple buses. Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20220307071856.1410731-6-clg@kaod.org> Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-03-08aspeed/smc: Rename 'max_peripherals' to 'cs_num_max'Cédric Le Goater
The naming makes more sense in a SPI controller model. Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20220307071856.1410731-5-clg@kaod.org> Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-03-08aspeed/smc: Remove 'num_cs' fieldCédric Le Goater
It is not used anymore. Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20220307071856.1410731-4-clg@kaod.org> Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-03-08aspeed: Rework aspeed_board_init_flashes() interfaceCédric Le Goater
Currently, the allocation of the flash devices uses the number of slave selects configured in the SoC realize routine. It is simpler to use directly the number of FMC devices defined in the machine class and 1 for spi devices (which is what the SoC does in the back of the machine). Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20220307071856.1410731-3-clg@kaod.org> Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-03-08aspeed/smc: Use max number of CE instead of 'num_cs'Cédric Le Goater
The Aspeed SMC model uses the 'num_cs' field to allocate resources fitting the number of devices of the machine. This is a small optimization without real need in the controller. Simplify modelling and use the max_peripherals field instead. Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20220307071856.1410731-2-clg@kaod.org> Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-03-08aspeed: Fix a potential memory leak bug in write_boot_rom()Wentao_Liang
A memory chunk is allocated with g_new0() and assigned to the variable 'storage'. However, if the branch takes true, there will be only an error report but not a free operation for 'storage' before function returns. As a result, a memory leak bug is triggered. Use g_autofree to fix the issue. Suggested-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Wentao_Liang <Wentao_Liang_g@163.com> [ clg: reworked the commit log ] Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-03-07qemu-io: Allow larger write zeroes under no fallbackEric Blake
When writing zeroes can fall back to a slow write, permitting an overly large request can become an amplification denial of service attack in triggering a large amount of work from a small request. But the whole point of the no fallback flag is to quickly determine if writing an entire device to zero can be done quickly (such as when it is already known that the device started with zero contents); in those cases, artificially capping things at 2G in qemu-io itself doesn't help us. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <20211203231539.3900865-4-eblake@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
2022-03-07qemu-io: Utilize 64-bit status during mapEric Blake
The block layer has supported 64-bit block status from drivers since commit 86a3d5c688 ("block: Add .bdrv_co_block_status() callback", v2.12) and friends, with individual driver callbacks responsible for capping things where necessary. Artificially capping things below 2G in the qemu-io 'map' command, added in commit d6a644bbfe ("block: Make bdrv_is_allocated() byte-based", v2.10) is thus no longer necessary. One way to test this is with qemu-nbd as server on a raw file larger than 4G (the entire file should show as allocated), plus 'qemu-io -f raw -c map nbd://localhost --trace=nbd_\*' as client. Prior to this patch, the NBD_CMD_BLOCK_STATUS requests are fragmented at 0x7ffffe00 distances; with this patch, the fragmenting changes to 0x7fffffff (since the NBD protocol is currently still limited to 32-bit transactions - see block/nbd.c:nbd_client_co_block_status). Then in later patches, once I add an NBD extension for a 64-bit block status, the same map command completes with just one NBD_CMD_BLOCK_STATUS. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <20211203231539.3900865-3-eblake@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
2022-03-07nbd/server: Minor cleanupsEric Blake
Spelling fixes, grammar improvements and consistent spacing, noticed while preparing other patches in this file. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <20211203231539.3900865-2-eblake@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
2022-03-07tests/qemu-iotests: validate NBD TLS with UNIX sockets and PSKDaniel P. Berrangé
This validates that connections to an NBD server running on a UNIX socket can use TLS with pre-shared keys (PSK). Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20220304193610.3293146-13-berrange@redhat.com> [eblake: squash in rebase fix] Tested-by: Eric Blake <eblake@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
2022-03-07tests/qemu-iotests: validate NBD TLS with UNIX socketsDaniel P. Berrangé
This validates that connections to an NBD server running on a UNIX socket can use TLS, and require a TLS hostname override to pass certificate validation. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20220304193610.3293146-12-berrange@redhat.com> [eblake: squash in rebase fix] Tested-by: Eric Blake <eblake@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
2022-03-07tests/qemu-iotests: validate NBD TLS with hostname mismatchDaniel P. Berrangé
This validates that connections to an NBD server where the certificate hostname does not match will fail. It further validates that using the new 'tls-hostname' override option can solve the failure. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20220304193610.3293146-11-berrange@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
2022-03-07tests/qemu-iotests: convert NBD TLS test to use standard filtersDaniel P. Berrangé
Using standard filters is more future proof than rolling our own. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20220304193610.3293146-10-berrange@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
2022-03-07tests/qemu-iotests: introduce filter for qemu-nbd export listDaniel P. Berrangé
Introduce a filter for the output of qemu-nbd export list so it can be reused in multiple tests. The filter is a bit more permissive that what test 241 currently uses, as its allows printing of the export count, along with any possible error messages that might be emitted. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20220304193610.3293146-9-berrange@redhat.com> Tested-by: Eric Blake <eblake@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
2022-03-07roms/openbios: update OpenBIOS images to 0e0afae6 built from submoduleMark Cave-Ayland
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
2022-03-07hw/acpi/microvm: turn on 8042 bit in FADT boot architecture flags if presentAni Sinha
The second bit of IAPC_BOOT_ARCH in FADT table indicates the presence of keyboard controller implemented as 8042 or equivalent micro controller. This change enables this flag for microvms if such a device exists (for example, when added explicitly from the QEMU commandline). Change 654701e292d98b308b0 ("hw/acpi: add indication for i8042 in IA-PC boot flags of the FADT table") enabled this flag for i386 q35 based machines. The reason for doing the same for micro-vms is to make sure we provide the correct tables to the guest OS uniformly in all cases when an i8042 device is present. When this bit is not enabled, guest OSes has to find other indirect methods to detect the device which we would like to avoid. Signed-off-by: Ani Sinha <ani@anisinha.ca> Message-Id: <20220304154032.2071585-5-ani@anisinha.ca> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-03-07tests/qemu-iotests: expand _filter_nbd rulesDaniel P. Berrangé
Some tests will want to use 'localhost' instead of '127.0.0.1', and some will use the image options syntax rather than the classic URI syntax. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20220304193610.3293146-8-berrange@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
2022-03-07tests/qemu-iotests: add QEMU_IOTESTS_REGEN=1 to update reference fileDaniel P. Berrangé
When developing an I/O test it is typical to add some logic to the test script, run it to view the output diff, and then apply the output diff to the reference file. This can be drastically simplified by letting the test runner update the reference file in place. By setting 'QEMU_IOTESTS_REGEN=1', the test runner will report the failure and show the diff, but at the same time update the reference file. So next time the I/O test is run it will succeed. Continuing to display the diff when updating the reference gives the developer a chance to review what was changed. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20220304193610.3293146-7-berrange@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
2022-03-07block/nbd: don't restrict TLS usage to IP socketsDaniel P. Berrangé
The TLS usage for NBD was restricted to IP sockets because validating x509 certificates requires knowledge of the hostname that the client is connecting to. TLS does not have to use x509 certificates though, as PSK (pre-shared keys) provide an alternative credential option. These have no requirement for a hostname and can thus be trivially used for UNIX sockets. Furthermore, with the ability to overide the default hostname for TLS validation in the previous patch, it is now also valid to want to use x509 certificates with FD passing and UNIX sockets. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20220304193610.3293146-6-berrange@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
2022-03-07qemu-nbd: add --tls-hostname option for TLS certificate validationDaniel P. Berrangé
When using the --list option, qemu-nbd acts as an NBD client rather than a server. As such when using TLS, it has a need to validate the server certificate. This adds a --tls-hostname option which can be used to override the default hostname used for certificate validation. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20220304193610.3293146-5-berrange@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
2022-03-07block/nbd: support override of hostname for TLS certificate validationDaniel P. Berrangé
When connecting to an NBD server with TLS and x509 credentials, the client must validate the hostname it uses for the connection, against that published in the server's certificate. If the client is tunnelling its connection over some other channel, however, the hostname it uses may not match the info reported in the server's certificate. In such a case, the user needs to explicitly set an override for the hostname to use for certificate validation. This is achieved by adding a 'tls-hostname' property to the NBD block driver. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20220304193610.3293146-4-berrange@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
2022-03-07block: pass desired TLS hostname through from block driver clientDaniel P. Berrangé
In commit a71d597b989fd701b923f09b3c20ac4fcaa55e81 Author: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Date: Thu Jun 10 13:08:00 2021 +0300 block/nbd: reuse nbd_co_do_establish_connection() in nbd_open() the use of the 'hostname' field from the BDRVNBDState struct was lost, and 'nbd_connect' just hardcoded it to match the IP socket address. This was a harmless bug at the time since we block use with anything other than IP sockets. Shortly though, we want to allow the caller to override the hostname used in the TLS certificate checks. This is to allow for TLS when doing port forwarding or tunneling. Thus we need to reinstate the passing along of the 'hostname'. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20220304193610.3293146-3-berrange@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
2022-03-07crypto: mandate a hostname when checking x509 creds on a clientDaniel P. Berrangé
Currently the TLS session object assumes that the caller will always provide a hostname when using x509 creds on a client endpoint. This relies on the caller to detect and report an error if the user has configured QEMU with x509 credentials on a UNIX socket. The migration code has such a check, but it is too broad, reporting an error when the user has configured QEMU with PSK credentials on a UNIX socket, where hostnames are irrelevant. Putting the check into the TLS session object credentials validation code ensures we report errors in only the scenario that matters. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20220304193610.3293146-2-berrange@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
2022-03-07scripts/qmp-shell-wrap: Fix import pathJohn Snow
Mea culpa. Dan's patch wound up with the wrong import path because I re-ordered my most recent pull request and missed that this needed a fix on rebase. Fixes: 43912529 Reported-by: Kashyap Chamarthy <kchamart@redhat.com> Signed-off-by: John Snow <jsnow@redhat.com> Tested-by: Kashyap Chamarthy <kchamart@redhat.com> Message-id: 20220225170828.3418305-1-jsnow@redhat.com Signed-off-by: John Snow <jsnow@redhat.com>
2022-03-07python/aqmp: drop _bind_hack()John Snow
_bind_hack() was a quick fix to allow async QMP to call bind(2) prior to calling listen(2) and accept(2). This wasn't sufficient to fully address the race condition present in synchronous clients. With the race condition in legacy.py fixed (see the previous commit), there are no longer any users of _bind_hack(). Drop it. Fixes: b0b662bb2b3 Signed-off-by: John Snow <jsnow@redhat.com> Acked-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-id: 20220225205948.3693480-11-jsnow@redhat.com [Expanded commit message. --js] Signed-off-by: John Snow <jsnow@redhat.com>
2022-03-07python/aqmp: fix race condition in legacy.pyJohn Snow
legacy.py provides a synchronous model. iotests frequently uses this paradigm: - create QMP client object - start QEMU process - await connection from QEMU process In the switch from sync to async QMP, the QMP client object stopped calling bind() and listen() during the QMP object creation step, which creates a race condition if the QEMU process dials in too quickly. With refactoring out of the way, restore the former behavior of calling bind() and listen() during __init__() to fix this race condition. Signed-off-by: John Snow <jsnow@redhat.com> Acked-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-id: 20220225205948.3693480-10-jsnow@redhat.com [Expanded commit message. --js] Signed-off-by: John Snow <jsnow@redhat.com>
2022-03-07python/aqmp: add start_server() and accept() methodsJohn Snow
Add start_server() and accept() methods that can be used instead of start_server_and_accept() to allow more fine-grained control over the incoming connection process. (Eagle-eyed reviewers will surely notice that it's a bit weird that "CONNECTING" is a state that's shared between both the start_server() and connect() states. That's absolutely true, and it's very true that checking on the presence of _accepted as an indicator of state is a hack. That's also very certainly true. But ... this keeps client code an awful lot simpler, as it doesn't have to care exactly *how* the connection is being made, just that it *is*. Is it worth disrupting that simplicity in order to provide a better state guard on `accept()`? Hm.) Signed-off-by: John Snow <jsnow@redhat.com> Acked-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-id: 20220225205948.3693480-9-jsnow@redhat.com Signed-off-by: John Snow <jsnow@redhat.com>
2022-03-07python/aqmp: stop the server during disconnect()John Snow
Before we allow the full separation of starting the server and accepting new connections, make sure that the disconnect cleans up the server and its new state, too. Signed-off-by: John Snow <jsnow@redhat.com> Acked-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-id: 20220225205948.3693480-8-jsnow@redhat.com Signed-off-by: John Snow <jsnow@redhat.com>
2022-03-07python/aqmp: refactor _do_accept() into two distinct stepsJohn Snow
Refactor _do_accept() into _do_start_server() and _do_accept(). As of this commit, the former calls the latter, but in subsequent commits they'll be split apart. (So please forgive the misnomer for _do_start_server(); it will live up to its name shortly, and the docstring will be updated then too. I'm just cutting down on some churn.) Signed-off-by: John Snow <jsnow@redhat.com> Acked-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-id: 20220225205948.3693480-7-jsnow@redhat.com Signed-off-by: John Snow <jsnow@redhat.com>
2022-03-07python/aqmp: squelch pylint warning for too many linesJohn Snow
I would really like to keep this under 1000 lines, I promise. Doesn't look like it's gonna happen. Signed-off-by: John Snow <jsnow@redhat.com> Acked-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-id: 20220225205948.3693480-6-jsnow@redhat.com Signed-off-by: John Snow <jsnow@redhat.com>
2022-03-07python/aqmp: split _client_connected_cb() out as _incoming()John Snow
As part of disentangling the monolithic nature of _do_accept(), split out the incoming callback to prepare for factoring out the "wait for a peer" step. Namely, this means using an event signal we can wait on from outside of this method. Signed-off-by: John Snow <jsnow@redhat.com> Acked-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-id: 20220225205948.3693480-5-jsnow@redhat.com Signed-off-by: John Snow <jsnow@redhat.com>
2022-03-07python/aqmp: remove _new_session and _establish_connectionJohn Snow
These two methods attempted to entirely envelop the logic of establishing a connection to a peer start to finish. However, we need to break apart the incoming connection step into more granular steps. We will no longer be able to reasonably constrain the logic inside of these helper functions. So, remove them - with _session_guard(), they no longer serve a real purpose. Although the public API doesn't change, the internal API does. Now that there are no intermediary methods between e.g. connect() and _do_connect(), there's no hook where the runstate is set. As a result, the test suite changes a little to cope with the new semantics of _do_accept() and _do_connect(). Lastly, take some pieces of the now-deleted docstrings and move them up to the public interface level. They were a little more detailed, and it won't hurt to keep them. Signed-off-by: John Snow <jsnow@redhat.com> Acked-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-id: 20220225205948.3693480-4-jsnow@redhat.com Signed-off-by: John Snow <jsnow@redhat.com>
2022-03-07python/aqmp: rename 'accept()' to 'start_server_and_accept()'John Snow
Previously, I had a method named "accept()" that under-the-hood calls bind(2), listen(2) *and* accept(2). I meant this as a simplification and counterpart to the one-shot "connect()" method. This is confusing to readers who expect accept() to mean *just* accept(2). Since I need to split apart the "accept()" method into multiple methods anyway (one of which strongly resembling accept(2)), it feels pertinent to rename this method *now*. Rename this all-in-one method "start_server_and_accept()" instead. Signed-off-by: John Snow <jsnow@redhat.com> Acked-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-id: 20220225205948.3693480-3-jsnow@redhat.com Signed-off-by: John Snow <jsnow@redhat.com>
2022-03-07python/aqmp: add _session_guard()John Snow
In _new_session, there's a fairly complex except clause that's used to give semantic errors to callers of accept() and connect(). We need to create a new two-step replacement for accept(), so factoring out this piece of logic will be useful. Bolster the comments and docstring here to try and demystify what's going on in this fairly delicate piece of Python magic. (If we were using Python 3.7+, this would be an @asynccontextmanager. We don't have that very nice piece of magic, however, so this must take an Awaitable to manage the Exception contexts properly. We pay the price for platform compatibility.) Signed-off-by: John Snow <jsnow@redhat.com> Acked-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-id: 20220225205948.3693480-2-jsnow@redhat.com Signed-off-by: John Snow <jsnow@redhat.com>
2022-03-07target/mips: Remove duplicated MIPSCPU::cp0_count_ratePhilippe Mathieu-Daudé
Since the previous commit 9ea89876f9d ("target/mips: Fix cycle counter timing calculations"), MIPSCPU::cp0_count_rate is not used anymore. We don't need it since it is already expressed as mips_def_t::CCRes. Remove the duplicate and clean. Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <>20211213102340.1847248-1-f4bug@amsat.org>
2022-03-07target/mips: Fix cycle counter timing calculationsSimon Burge
The cp0_count_ns value is calculated from the CP0_COUNT_RATE_DEFAULT constant in target/mips/cpu.c. The cycle counter resolution is defined per-CPU in target/mips/cpu-defs.c.inc; use this value for calculating cp0_count_ns. Fixings timing problems on guest OSs for the 20Kc CPU which has a CCRes of 1. Signed-off-by: Simon Burge <simonb@NetBSD.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20211213135125.18378-1-simonb@NetBSD.org> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2022-03-07Merge remote-tracking branch ↵Peter Maydell
'remotes/philmd/tags/abstract-arch-cpu-20220307' into staging - Re-org accel/ and softmmu/ to have more target-agnostic objects. - Use CPUArchState as an abstract type, defined by each target (CPUState is our interface with generic code, CPUArchState is our interface with target-specific code). # gpg: Signature made Sun 06 Mar 2022 23:23:19 GMT # gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE # gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [unknown] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE * remotes/philmd/tags/abstract-arch-cpu-20220307: (33 commits) accel/tcg: Remove pointless CPUArchState casts target/i386: Remove pointless CPUArchState casts target: Use ArchCPU as interface to target CPU target: Introduce and use OBJECT_DECLARE_CPU_TYPE() macro target: Use CPUArchState as interface to target-specific CPU state target: Use forward declared type instead of structure type target/hexagon: Add missing 'hw/core/cpu.h' include target: Include missing 'cpu.h' Hexagon (target/hexagon) convert to OBJECT_DECLARE_TYPE target/i386/tcg/sysemu: Include missing 'exec/exec-all.h' header cpu: Add missing 'exec/exec-all.h' and 'qemu/accel.h' headers exec/cpu_ldst: Include 'cpu.h' to get target_ulong definition meson: Display libfdt as disabled when system emulation is disabled softmmu: Build target-agnostic objects once softmmu: Add qemu_init_arch_modules() exec/cpu: Make address_space_init/reloading_memory_map target agnostic exec/gdbstub: Make gdb_exit() / gdb_set_stop_cpu() target agnostic misc: Add missing "sysemu/cpu-timers.h" include misc: Remove unnecessary "sysemu/cpu-timers.h" include softmmu/cpu-timers: Remove unused 'exec/exec-all.h' header ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-03-07Check and report for incomplete 'global' option formatRohit Kumar
Qemu might crash when provided incomplete '-global' option. For example: qemu-system-x86_64 -global driver=isa-fdc qemu-system-x86_64: ../../devel/qemu/qapi/string-input-visitor.c:394: string_input_visitor_new: Assertion `str' failed. Aborted (core dumped) Fixes: 3751d7c43f795b ("vl: allow full-blown QemuOpts syntax for -global") Signed-off-by: Rohit Kumar <rohit.kumar3@nutanix.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Resolves: https://gitlab.com/qemu-project/qemu/-/issues/604 Message-Id: <20220216071508.412974-1-rohit.kumar3@nutanix.com> Signed-off-by: Thomas Huth <thuth@redhat.com>