aboutsummaryrefslogtreecommitdiff
path: root/configure
AgeCommit message (Collapse)Author
2016-03-17crypto: add support for PBKDF2 algorithmDaniel P. Berrange
The LUKS data format includes use of PBKDF2 (Password-Based Key Derivation Function). The Nettle library can provide an implementation of this, but we don't want code directly depending on a specific crypto library backend. Introduce a new include/crypto/pbkdf.h header which defines a QEMU API for invoking PBKDK2. The initial implementations are backed by nettle & gcrypt, which are commonly available with distros shipping GNUTLS. The test suite data is taken from the cryptsetup codebase under the LGPLv2.1+ license. This merely aims to verify that whatever backend we provide for this function in QEMU will comply with the spec. Reviewed-by: Fam Zheng <famz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-03-17crypto: add cryptographic random byte sourceDaniel P. Berrange
There are three backend impls provided. The preferred is gnutls, which is backed by nettle in modern distros. The gcrypt impl is provided for cases where QEMU build against gnutls is disabled, but crypto is still desired. No nettle impl is provided, since it is non-trivial to use the nettle APIs for random numbers. Users of nettle should ensure gnutls is enabled for QEMU. Reviewed-by: Fam Zheng <famz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-03-08configure: detect ifunc and avx2 attributeLiang Li
Detect if the compiler can support the ifun and avx2, if so, set CONFIG_AVX2_OPT which will be used to turn on the avx2 instruction optimization. Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Suggested-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Liang Li <liang.z.li@intel.com> Message-Id: <1457416397-26671-2-git-send-email-liang.z.li@intel.com> Signed-off-by: Amit Shah <amit.shah@redhat.com>
2016-02-23configure: add dma-buf support detection.Gerd Hoffmann
Set CONFIG_OPENGL_DMABUF in case both mesa and libepoxy are new enough to have support for dma-buf import/export. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2016-02-12Merge remote-tracking branch 'remotes/sstabellini/tags/xen-2016-02-12' into ↵Peter Maydell
staging Xen 2016-02-12 # gpg: Signature made Fri 12 Feb 2016 17:28:09 GMT using RSA key ID 70E1AE90 # gpg: Good signature from "Stefano Stabellini <stefano.stabellini@eu.citrix.com>" * remotes/sstabellini/tags/xen-2016-02-12: xen: Drop __XEN_LATEST_INTERFACE_VERSION__ checks from prior to Xen 4.2 xen: move xenforeignmemory compat layer into common place xen: drop XenXC and associated interface wrappers xen: drop xen_xc_hvm_inject_msi wrapper xen: drop support for Xen 4.1 and older. Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-02-11remove libtool supportMichael Tokarev
Libtool support was needed to build shared library for libcacard. Now there's no need to use libtool, and since the build system is already complicated enough, we have a way to slightly de-complicate it. Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
2016-02-10xen: drop support for Xen 4.1 and older.Ian Campbell
Xen 4.2 become unsupported upstream in 09/2015 (see http://wiki.xen.org/wiki/Xen_Release_Features). However as far as the interfaces provided by the toolstack libraries go 4.2 and 4.3 are indistinguishable. Therefore drop support for Xen 4.1 and earlier which removes a whole pile of compatibility code which makes future work (to use stable library interfaces provided by upstream) more difficult. In particular all supported versions now use a pointer as a libxc handle (4.1 and earlier used an integer, resulting in various shim layers). Also Xen 4.2 was the first version of Xen to formally support upstream QEMU (as a preview) so that makes sense as a cut-off now. This change drops all the configure-y and resulting ifdefs in a mostly mechanical way. A follow up will refactor wrappers which are now unused. Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
2016-02-09configure: sanity check the glib library that pkg-config findsDaniel P. Berrange
Developers on 64-bit machines will often try to perform a 32-bit build of QEMU by running ./configure --extra-cflags="-m32" Unfortunately if PKG_CONFIG_LIBDIR is not set to point to the location of the 32-bit pkg-config files, then configure will silently pick up the 64-bit pkg-config files and still succeed. This causes a problem for glib because it means QEMU will be pulling in /usr/lib64/glib-2.0/include/glibconfig.h instead of /usr/lib/glib-2.0/include/glibconfig.h This causes problems because the 'gsize' type (defined as 'unsigned long') will no longer be fully compatible with the 'size_t' type (defined as 'unsigned int'). Although both are the same size, the compiler refuses to allow casts from 'unsigned long *' to 'unsigned int *' as they are different pointer types. This results in non-obvious compiler errors when building QEMU eg qga/commands-posix.c: In function ‘qmp_guest_set_user_password’: qga/commands-posix.c:1912:55: error: passing argument 2 of ‘g_base64_decode’ from incompatible pointer type [-Werror=incompatible-pointer-types] rawpasswddata = (char *)g_base64_decode(password, &rawpasswdlen); ^ In file included from /usr/include/glib-2.0/glib.h:35:0, from qga/commands-posix.c:14: /usr/include/glib-2.0/glib/gbase64.h:52:9: note: expected ‘gsize * {aka long unsigned int *}’ but argument is of type ‘size_t * {aka unsigned int *}’ guchar *g_base64_decode (const gchar *text, ^ cc1: all warnings being treated as errors To detect this problem, add a check to configure that verifies that GLIB_SIZEOF_SIZE_T matches sizeof(size_t). If this fails print a warning suggesting that the dev probably needs to set PKG_CONFIG_LIBDIR. On Fedora x86_64 it passes with any of: # ./configure # PKG_CONFIG_LIBDIR=/usr/lib/pkgconfig ./configure --extra-cflags="-m32" # PKG_CONFIG_LIBDIR=/usr/lib64/pkgconfig ./configure --extra-cflags="-m64" And fails with a mis-match # PKG_CONFIG_LIBDIR=/usr/lib64/pkgconfig ./configure --extra-cflags="-m32" # PKG_CONFIG_LIBDIR=/usr/lib/pkgconfig ./configure --extra-cflags="-m64" ERROR: sizeof(size_t) doesn't match GLIB_SIZEOF_SIZE_T. You probably need to set PKG_CONFIG_LIBDIR to point to the right pkg-config files for your build target Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-Id: <1453885245-15562-1-git-send-email-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-02-03trace: switch default backend to "log"Paolo Bonzini
This enables integration with other QEMU logging facilities. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Denis V. Lunev <den@openvz.org> Acked-by: Christian Borntraeger <borntraeger@de.ibm.com> Message-id: 1452174932-28657-11-git-send-email-den@openvz.org Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-02-03trace: convert stderr backend to logPaolo Bonzini
[Also update .travis.yml --enable-trace-backends=stderr --Stefan] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Denis V. Lunev <den@openvz.org> Acked-by: Christian Borntraeger <borntraeger@de.ibm.com> Message-id: 1452174932-28657-10-git-send-email-den@openvz.org Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-01-30target-ppc: gdbstub: Add VSX supportAnton Blanchard
Add the XML and functions to get and set VSX registers. Signed-off-by: Anton Blanchard <anton@samba.org> (fixed little-endian guests) Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-01-26xen: make it possible to build without the Xen PV domain builderIan Campbell
Until the previous patch this relied on xc_fd(), which was only implemented for Xen 4.0 and earlier. Given this wasn't working since Xen 4.0 I have marked this as disabled by default. Removing this support drops the use of a bunch of symbols from libxenctrl, specifically: - xc_domain_create - xc_domain_destroy - xc_domain_getinfo - xc_domain_max_vcpus - xc_domain_setmaxmem - xc_domain_unpause - xc_evtchn_alloc_unbound - xc_linux_build This is another step towards only using Xen libraries which provide a stable inteface. Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
2016-01-26xen: Use stable library interfaces when they are available.Ian Campbell
In Xen 4.7 we are refactoring parts libxenctrl into a number of separate libraries which will provide backward and forward API and ABI compatiblity. Specifically libxenevtchn, libxengnttab and libxenforeignmemory. Previous patches have already laid the groundwork for using these by switching the existing compatibility shims to reflect the intefaces to these libraries. So all which remains is to update configure to detect the libraries and enable their use. Although they are notionally independent we take an all or nothing approach to the three libraries since they were added at the same time. The only non-obvious bit is that we now open a proper xenforeignmemory handle for xen_fmem instead of reusing the xen_xc handle. Build tested with 4.0 .. 4.6 (inclusive) and the patches targetting 4.7 which adds these libraries. This uses CONFIG_XEN_CTRL_INTERFACE_VERSION == 471 to cover the introduction of these new interfaces. Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
2016-01-11configure: fix trace backend checkMarc-André Lureau
Found thanks to shellcheck! Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-12-18configure: Fix shell syntax to placate OpenBSD's pdkshPeter Maydell
Unfortunately the OpenBSD pdksh does not like brackets inside the right part of a ${variable+word} parameter expansion: $ echo "${a+($b)}" ksh: ${a+($b)}": bad substitution though both bash and dash accept them. In any case this line was causing odd output in the case where nettle is not present: nettle no () (because if nettle is not present then $nettle will be "no", not a null string or unset). Rewrite it to just use an if. This bug was originally introduced in becaeb726 and was present in the 2.4.0 release. Fixes: https://bugs.launchpad.net/qemu/+bug/1525682 Reported-by: Dmitrij D. Czarkoff Cc: qemu-stable@nongnu.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 1450105357-8516-1-git-send-email-peter.maydell@linaro.org
2015-12-18io: add QIOChannelSocket classDaniel P. Berrange
Implement a QIOChannel subclass that supports sockets I/O. The implementation is able to manage a single socket file descriptor, whether a TCP/UNIX listener, TCP/UNIX connection, or a UDP datagram. It provides APIs which can listen and connect either asynchronously or synchronously. Since there is no asynchronous DNS lookup API available, it uses the QIOTask helper for spawning a background thread to ensure non-blocking operation. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-04configure: use appropriate code fragment for -fstack-protector checksRodrigo Rebello
The check for stack-protector support consisted in compiling and linking the test program below (output by function write_c_skeleton()) with the compiler flag -fstack-protector-strong first and then with -fstack-protector-all if the first one failed to work: int main(void) { return 0; } This caused false positives when using certain toolchains in which the compiler accepted -fstack-protector-strong but no support was provided by the C library, since for this stack-protector variant the compiler emits canary code only for functions that meet specific conditions (local arrays, memory references to local variables, etc.) and the code fragment under test included none of them (hence no stack protection code generated, no link failure). This fix changes the test program used for -fstack-protector checks to include a function that meets conditions which cause the compiler to generate canary code in all variants. Signed-off-by: Rodrigo Rebello <rprebello@gmail.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-12-04configure: Diagnose broken linkers directlyPeter Maydell
Currently if the user's compiler works for creating .o files but their linker is broken such that compiling an executable from a C file does not work, we will report a misleading error message about the compiler not supporting __thread (since that happens to be the first test we run which requires a working linker). Explicitly check that compile_prog works as well as compile_object, so that people whose toolchain setup is broken get a more helpful error message. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-11-30w32: Use gcc option -mthreadsStefan Weil
QEMU uses threads / coroutines, therefore support for thread local storage and thread safe libraries (-D_MT) must be enabled by using -mthreads. Signed-off-by: Stefan Weil <sw@weilnetz.de>
2015-11-25Merge remote-tracking branch 'remotes/sstabellini/tags/xen-20151125' into ↵Peter Maydell
staging Xen 2015/11/25 # gpg: Signature made Wed 25 Nov 2015 11:19:26 GMT using RSA key ID 70E1AE90 # gpg: Good signature from "Stefano Stabellini <stefano.stabellini@eu.citrix.com>" * remotes/sstabellini/tags/xen-20151125: xen_disk: Remove ioreq.postsync xen: fix usage of xc_domain_create in domain builder Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-11-19Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into stagingPeter Maydell
vhost, pc: fixes for 2.5 Fixes all over the place. This also re-enables a test we disabled in 2.5 cycle now that there's a way not to get a warning from it. Signed-off-by: Michael S. Tsirkin <mst@redhat.com> # gpg: Signature made Thu 19 Nov 2015 13:27:43 GMT using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" # gpg: aka "Michael S. Tsirkin <mst@redhat.com>" * remotes/mst/tags/for_upstream: exec: silence hugetlbfs warning under qtest tests: re-enable vhost-user-test acpi: fix buffer overrun on migration vhost-user: fix log size vhost-user: ignore qemu-only features specs/vhost-user: fix spec to match reality tests/vhost-user-bridge: implement logging of dirty pages i440fx: print an error message if user tries to enable iommu q35: Check propery to determine if iommu is set vhost-user: start/stop all rings vhost-user: print original request on error vhost-user-test: support VHOST_USER_SET_VRING_ENABLE vhost-user: update spec description vhost: don't send RESET_OWNER at stop vhost: let SET_VRING_ENABLE message depends on protocol feature Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-11-19tests: re-enable vhost-user-testMarc-André Lureau
Commit 7fe34ca9c2e actually disabled vhost-user-test altogether, since CONFIG_VHOST_NET is a per-target config variable. tests/vhost-user-test is already x86/x64 softmmu specific test, in order to enable it correctly, kvm & vhost-net are also conditions. To check that, set CONFIG_VHOST_NET_TEST_$target when kvm is also enabled. Since "check-qtest-x86_64-y = $(check-qtest-i386-y)", avoid duplication when both x86 & x64 are enabled. Other targets than x86 aren't enabled yet, and is intentionally left as a future improvement, since I can't easily test those. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-11-16seccomp: loosen library version dependencydann frazier
Drop the libseccomp required version back to 2.1.0, restoring the ability to build w/ --enable-seccomp on Ubuntu 14.04. Commit 4cc47f8b3cc4f32586ba2f7fce1dc267da774a69 tightened the dependency on libseccomp from version 2.1.0 to 2.1.1. This broke building on Ubuntu 14.04, the current Ubuntu LTS release. The commit message didn't mention any specific functional need for 2.1.1, just that it was the most recent stable version at the time. I reviewed the changes between 2.1.0 and 2.1.1, but it looks like that update just contained minor fixes and cleanups - no obvious (to me) new interfaces or critical bug fixes. Signed-off-by: dann frazier <dann.frazier@canonical.com> Acked-by: Eduardo Otubo <eduardo.otubo@profitbricks.com>
2015-11-16configure: arm/aarch64: allow enable-seccompAndrew Jones
This is a revert of ae6e8ef11e6cb, but with a bit of refactoring, and also specifically adding arm/aarch64, rather than all architectures. Currently, libseccomp code appears to also support mips, ppc, and s390. We could therefore allow qemu to enable seccomp for those platforms as well, with additional configure patches, given they're tested and proven to work. Signed-off-by: Andrew Jones <drjones@redhat.com> Acked-by: Eduardo Otubo <eduardo.otubo@profitbricks.com>
2015-11-13xen: fix usage of xc_domain_create in domain builderRoger Pau Monne
Due to the addition of HVMlite and the requirement to always provide a valid xc_domain_configuration_t, xc_domain_create now always takes an arch domain config, which can be NULL in order to mimic previous behaviour. Add a small stub called xen_domain_create that encapsulates the correct call to xc_domain_create depending on the libxc version detected. Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
2015-11-12configure: check for $cxx before useJohn Snow
I broke this when adding checks for clang++. Reported-by: Laurent Vivier <lvivier@redhat.com> Signed-off-by: John Snow <jsnow@redhat.com> Message-id: 1447345789-840-1-git-send-email-jsnow@redhat.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-11-09configure: Don't disable optimization for non-fortify buildsPeter Maydell
Commit b553a0428014636bc inadvertently disabled optimization for all non-fortify builds. Fix this bug so we only do an unoptimized build if we want debug. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1447082049-25099-1-git-send-email-peter.maydell@linaro.org
2015-11-06configure: remove help string for 'vnc-tls' optionDaniel P. Berrange
The '--enable-vnc-tls' option to configure was removed in commit 3e305e4a4752f70c0b5c3cf5b43ec957881714f7 Author: Daniel P. Berrange <berrange@redhat.com> Date: Thu Aug 6 14:39:32 2015 +0100 ui: convert VNC server to use QCryptoTLSSession This removes the corresponding help string. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-11-06configure: add missing --disable-modules optionStefan Hajnoczi
According to ./configure all options should have both --enable-foo and --disable-foo: # Always add --enable-foo and --disable-foo command line args. # Distributions want to ensure that several features are compiled in, and it # is impossible without a --enable-foo that exits if a feature is not found. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com> Message-id: 1446473183-24250-1-git-send-email-stefanha@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-11-05Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into stagingPeter Maydell
* Guest ABI fixes for PC machines (hw_version) * Fixes for recent Perl * John Snow's configure fixes * file-backed RAM improvements (Igor, Pavel) * -Werror=clobbered fixes (Stefan) * Kill -d ioport * Fix qemu-system-s390x * Performance improvement for kvmclock migration # gpg: Signature made Thu 05 Nov 2015 13:42:27 GMT using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" * remotes/bonzini/tags/for-upstream: iscsi: Translate scsi sense into error code Revert "Introduce cpu_clean_all_dirty" kvmclock: add a new function to update env->tsc. configure: disable FORTIFY_SOURCE under clang backends/hostmem-file: Allow to specify full pathname for backing file configure: disallow ccache during compile tests cpu-exec: Fix compiler warning (-Werror=clobbered) memory: call begin, log_start and commit when registering a new listener megasas: Use qemu_hw_version() instead of QEMU_VERSION osdep: Rename qemu_{get, set}_version() to qemu_{, set_}hw_version() pc: Set hw_version on all machine classes qemu-log: remove -d ioport ioport: do not use CPU_LOG_IOPORT target-i386: fix pcmpxstrx equal-ordered (strstr) mode scripts/text2pod.pl: Escape left brace file_ram_alloc: propagate error to caller instead of terminating QEMU Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-11-05configure: disable FORTIFY_SOURCE under clangJohn Snow
Some versions of clang may have difficulty compiling glibc headers when -D_FORTIFY_SOURCE is used. For example, Clang++ 3.5.0-9.fc22 cannot compile glibc's stdio headers when -D_FORTIFY_SOURCE=2 is used. This manifests currently as build failures with clang and any arm target. According to LLVM dev Richard Smith, clang does not target or support FORTIFY_SOURCE + glibc, and it should not be relied on. "It's still an unsupported combination, and while it might compile, some of the checks are unlikely to work because they require a frontend inliner to be useful" See: http://lists.llvm.org/pipermail/cfe-dev/2015-November/045846.html Conclusion: disable fortify-source if we appear to be using clang instead of testing for compile success or failure, which may be incidental or not indicative of proper support of the feature. Signed-off-by: John Snow <jsnow@redhat.com> Message-Id: <1446583422-10153-1-git-send-email-jsnow@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-11-04configure: disallow ccache during compile testsJohn Snow
If the user is using ccache during the configuration step, it may interfere with some of the configuration tests, particularly the "Is ccache interfering with macro analysis" step, which is a bit of a poetic problem. 1) Disallow ccache from reading from the cache during configure, but don't disable it entirely to allow us to see if it causes other problems. 2) Force off CCACHE_CPP2 during the ccache test to get a deterministic answer over whether or not we need to enable that feature later. Signed-off-by: John Snow <jsnow@redhat.com> Message-Id: <1446055000-29150-1-git-send-email-jsnow@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-11-03ui/opengl: Reduce build required libraries for openglOGAWA Hirofumi
We now use epoxy to load opengl libraries. This means we don't need to link opengl libraries directly if interfaces handled by epoxy. With this, we just need epoxy headers and epoxy's *.so to build. Tested with epoxy-1.3.1. - sdl2/gtk/console egl stuff doesn't require other than epoxy - milkymist-tmu2 glx stuff doesn't require other than epoxy (lm32 test is limited, because can't find mmone-bios.bin, so just test to load libGL with "./lm32-softmmu/qemu-system-lm32 -M milkymist,accel=qtest") Signed-off-by: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp> [ lm32 tested by kraxel ] Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-10-24contrib: add ivshmem client and serverDavid Marchand
When using ivshmem devices, notifications between guests can be sent as interrupts using a ivshmem-server (typical use described in documentation). The client is provided as a debug tool. Signed-off-by: Olivier Matz <olivier.matz@6wind.com> Signed-off-by: David Marchand <david.marchand@6wind.com> [fix a valgrind warning, option and server_close() segvs, extra server headers includes, getopt() return type, out-of-tree build, use qemu event_notifier instead of eventfd, fix x86/osx warnings - Marc-André] Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2015-10-22configure: avoid polluting global CFLAGS with tasn1 flagsDaniel P. Berrange
The previous commit commit 9a2fd4347c40321f5cbb4ab4220e759fcbf87d03 Author: Daniel P. Berrange <berrange@redhat.com> Date: Mon Apr 13 14:01:39 2015 +0100 crypto: add sanity checking of TLS x509 credentials defined new variables $TEST_LIBS and $TEST_CFLAGS and used them in tests/Makefile to augment $LIBS and $CFLAGS. Unfortunately this overlooks the fact that tests/Makefile is not executed via recursive-make, it is just pulled into the top level Makefile via an include statement. So rather than just augmenting the compiler/linker flags for tests it polluted the global flags. This is thought to be behind a reported failure when building the pixman module as a sub-module, since global $CFLAGS are passed down to configure in pixman. This change removes the $TEST_LIBS and $TEST_CFLAGS replacing them with $TASN1_LIBS and $TASN1_CFLAGS, setting only against specific objects/executables that need them. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-10-22crypto: allow use of nettle/gcrypt to be selected explicitlyDaniel P. Berrange
Currently the choice of whether to use nettle or gcrypt is made based on what gnutls is linked to. There are times when it is desirable to be able to force build against a specific library. For example, if testing changes to QEMU's crypto code all 3 possible backends need to be checked regardless of what the local gnutls uses. It is also desirable to be able to enable nettle/gcrypt for cipher/hash algorithms, without enabling gnutls for TLS support. This gives two new configure flags, which allow the following possibilities Automatically determine nettle vs gcrypt from what gnutls links to (recommended to minimize number of crypto libraries linked to) ./configure Automatically determine nettle vs gcrypt based on which is installed ./configure --disable-gnutls Force use of nettle ./configure --enable-nettle Force use of gcrypt ./configure --enable-gcrypt Force use of built-in AES & crippled-DES ./configure --disable-nettle --disable-gcrypt Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-10-22Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into stagingPeter Maydell
vhost, pc, virtio features, fixes, cleanups New features: VT-d support for devices behind a bridge vhost-user migration support Signed-off-by: Michael S. Tsirkin <mst@redhat.com> # gpg: Signature made Thu 22 Oct 2015 12:39:19 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" # gpg: aka "Michael S. Tsirkin <mst@redhat.com>" * remotes/mst/tags/for_upstream: (37 commits) hw/isa/lpc_ich9: inject the SMI on the VCPU that is writing to APM_CNT i386: keep cpu_model field in MachineState uptodate vhost: set the correct queue index in case of migration with multiqueue piix: fix resource leak reported by Coverity seccomp: add memfd_create to whitelist vhost-user-test: check ownership during migration vhost-user-test: add live-migration test vhost-user-test: learn to tweak various qemu arguments vhost-user-test: wrap server in TestServer struct vhost-user-test: remove useless static check vhost-user-test: move wait_for_fds() out vhost: add migration block if memfd failed vhost-user: use an enum helper for features mask vhost user: add rarp sending after live migration for legacy guest vhost user: add support of live migration net: add trace_vhost_user_event vhost-user: document migration log vhost: use a function for each call vhost-user: add a migration blocker vhost-user: send log shm fd along with log_base ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-22configure: probe for memfdMarc-André Lureau
Check if memfd_create() is part of system libc. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Tested-by: Thibaut Collet <thibaut.collet@6wind.com>
2015-10-19build: qemu-ga: add 'qemu-ga' build target for w32Michael Roth
Currently POSIX builds rely on 'qemu-ga' target to do qga-only distributable build. On w32, as with most standalone binary targets, we rely on 'qemu-ga.exe' target. Unlike with POSIX, qemu-ga for w32 has a number of related targets such as VSS DLL and MSI package. We can do the full distributable qga-only build on w32 with: make qemu-ga.exe or: make msi To make that work, we tie VSS dependencies onto qemu-ga.exe. However, in reality the DLL isn't part of the binary, so we use a filter to pull them out of the LINK recipe, which attempts to link against prereqs for binary targets. Additionally, it could be argued that VSS is a separate distributable, and shouldn't be implied by qemu-ga.exe binary target. To avoid this, we can tie the VSS dependencies only to the 'msi' target, but that would make it impossible to do a qga-only build of the w32 distributable without building the 'msi' package, which was supported in the past. An alternative approach is to add a new target to build the whole distributable. w32 allows us to use the same build target we use on POSIX, 'qemu-ga', since the current binary-only target on w32 is 'qemu-ga.exe'. To further simplify the build, we also make 'qemu-ga' build the MSI package if the appropriate ./configure options are set, making the full qga-only build the same on both POSIX and w32: `make qemu-ga` Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
2015-10-12configure: Require Python 2.6Markus Armbruster
RHEL-6 and SLES-11 provide Python 2.6. It'll also work on OS X back to 10.6. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1441396383-17304-1-git-send-email-armbru@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-09Merge remote-tracking branch 'remotes/kraxel/tags/pull-virgl-20151008-1' ↵Peter Maydell
into staging virtio-gpu: add 3d rendering support using virgl, misc fixes. ui/gtk: add opengl context and scanout support (for virtio-gpu). # gpg: Signature made Thu 08 Oct 2015 10:35:39 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" * remotes/kraxel/tags/pull-virgl-20151008-1: gtk/opengl: add opengl context and scanout support (GtkGLArea) gtk/opengl: add opengl context and scanout support (egl) opengl: add egl-context.[ch] helpers virtio-gpu: add cursor update tracepoint virtio-gpu: add 3d mode and virgl rendering support. virtio-gpu: update headers for virgl/3d virtio-gpu: change licence from GPLv2 to GPLv2+ virtio-gpu: move iov free to virtio_gpu_cleanup_mapping_iov ui/console: add opengl context and scanout support interfaces. sdl2: stop flickering shaders: initialize vertexes once Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-08gtk/opengl: add opengl context and scanout support (GtkGLArea)Gerd Hoffmann
This allows virtio-gpu to render in 3d mode. Uses native opengl support which is present in gtk versions 3.16 and newer. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-10-08virtio-gpu: add 3d mode and virgl rendering support.Gerd Hoffmann
Add virglrenderer library detection. Add 3d mode to virtio-gpu, wire up virglrenderer library. When in 3d mode render using the new context management and texture scanout callbacks. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com>
2015-10-02s390x/gdb: expose virtualization specific registersDavid Hildenbrand
Let's expose some virtual/fake registers as virtualization specific registers. Signed-off-by: David Hildenbrand <dahi@linux.vnet.ibm.com> Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com> Message-Id: <1443689387-34473-3-git-send-email-jfrei@linux.vnet.ibm.com> Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2015-09-24oslib-win32: only provide localtime_r/gmtime_r if missingDaniel P. Berrange
The oslib-win32 file currently provides a localtime_r and gmtime_r replacement unconditionally. Some versions of Mingw-w64 would provide crude macros for localtime_r/gmtime_r which QEMU takes care to disable. Latest versions of Mingw-w64 now provide actual functions for localtime_r/gmtime_r, but with a twist that you have to include unistd.h or pthread.h before including time.h. By luck some files in QEMU have such an include order, resulting in compile errors: CC util/osdep.o In file included from include/qemu-common.h:48:0, from util/osdep.c:48: include/sysemu/os-win32.h:77:12: error: redundant redeclaration of 'gmtime_r' [-Werror=redundant-decls] struct tm *gmtime_r(const time_t *timep, struct tm *result); ^ In file included from include/qemu-common.h:35:0, from util/osdep.c:48: /usr/i686-w64-mingw32/sys-root/mingw/include/time.h:272:107: note: previous definition of 'gmtime_r' was here In file included from include/qemu-common.h:48:0, from util/osdep.c:48: include/sysemu/os-win32.h:79:12: error: redundant redeclaration of 'localtime_r' [-Werror=redundant-decls] struct tm *localtime_r(const time_t *timep, struct tm *result); ^ In file included from include/qemu-common.h:35:0, from util/osdep.c:48: /usr/i686-w64-mingw32/sys-root/mingw/include/time.h:269:107: note: previous definition of 'localtime_r' was here This change adds a configure test to see if localtime_r exits, and only enables the QEMU impl if missing. We also re-arrange qemu-common.h try attempt to guarantee that all source files get unistd.h before time.h and thus see the localtime_r/gmtime_r defs. [sw: Use "official" spellings for Mingw-w64, MinGW in comments.] [sw: Terminate sentences with a dot in comments.] Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Reviewed-by: Denis V. Lunev <den@openvz.org> Signed-off-by: Stefan Weil <sw@weilnetz.de>
2015-09-23libcacard: use the standalone projectMarc-André Lureau
libcacard is now a standalone project hosted with the Spice project (see the 2.5.0 release announcement), remove it from qemu tree. Use the library if found during configure or if --enable-smartcard. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Tested-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-15Merge remote-tracking branch 'remotes/rth/tags/pull-tile-20150915' into stagingPeter Maydell
TileGX basic instructions # gpg: Signature made Tue 15 Sep 2015 15:57:08 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@gmail.com>" # gpg: aka "Richard Henderson <rth@redhat.com>" # gpg: aka "Richard Henderson <rth@twiddle.net>" * remotes/rth/tags/pull-tile-20150915: (35 commits) target-tilegx: Handle v1shl, v1shru, v1shrs target-tilegx: Handle v1shli, v1shrui target-tilegx: Handle v4int_l/h target-tilegx: Handle atomic instructions target-tilegx: Handle mtspr, mfspr target-tilegx: Handle v1cmpeq, v1cmpne target-tilegx: Handle mask instructions target-tilegx: Handle scalar multiply instructions target-tilegx: Handle conditional move instructions target-tilegx: Handle shift instructions target-tilegx: Handle bitfield instructions target-tilegx: Implement system and memory management instructions target-tilegx: Handle comparison instructions target-tilegx: Handle conditional branch instructions target-tilegx: Handle unconditional jump instructions target-tilegx: Handle post-increment load and store instructions target-tilegx: Handle basic load and store instructions target-tilegx: Handle most bit manipulation instructions target-arm: Use new revbit functions host-utils: Add revbit functions ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-15target-tilegx: Add TILE-Gx building filesChen Gang
Add related configuration and make files for tilegx. The target can now build, though not run anything. Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-Id: <BLU436-SMTP1588E5A03AD5E94B07E988B9660@phx.gbl> Signed-off-by: Richard Henderson <rth@twiddle.net>
2015-09-15ui: convert VNC server to use QCryptoTLSSessionDaniel P. Berrange
Switch VNC server over to using the QCryptoTLSSession object for the TLS session. This removes the direct use of gnutls from the VNC server code. It also removes most knowledge about TLS certificate handling from the VNC server code. This has the nice effect that all the CONFIG_VNC_TLS conditionals go away and the user gets an actual error message when requesting TLS instead of it being silently ignored. With this change, the existing configuration options for enabling TLS with -vnc are deprecated. Old syntax for anon-DH credentials: -vnc hostname:0,tls New syntax: -object tls-creds-anon,id=tls0,endpoint=server \ -vnc hostname:0,tls-creds=tls0 Old syntax for x509 credentials, no client certs: -vnc hostname:0,tls,x509=/path/to/certs New syntax: -object tls-creds-x509,id=tls0,dir=/path/to/certs,endpoint=server,verify-peer=no \ -vnc hostname:0,tls-creds=tls0 Old syntax for x509 credentials, requiring client certs: -vnc hostname:0,tls,x509verify=/path/to/certs New syntax: -object tls-creds-x509,id=tls0,dir=/path/to/certs,endpoint=server,verify-peer=yes \ -vnc hostname:0,tls-creds=tls0 This aligns VNC with the way TLS credentials are to be configured in the future for chardev, nbd and migration backends. It also has the benefit that the same TLS credentials can be shared across multiple VNC server instances, if desired. If someone uses the deprecated syntax, it will internally result in the creation of a 'tls-creds' object with an ID based on the VNC server ID. This allows backwards compat with the CLI syntax, while still deleting all the original TLS code from the VNC server. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-09-15crypto: add sanity checking of TLS x509 credentialsDaniel P. Berrange
If the administrator incorrectly sets up their x509 certificates, the errors seen at runtime during connection attempts are very obscure and difficult to diagnose. This has been a particular problem for people using openssl to generate their certificates instead of the gnutls certtool, because the openssl tools don't turn on the various x509 extensions that gnutls expects to be present by default. This change thus adds support in the TLS credentials object to sanity check the certificates when QEMU first loads them. This gives the administrator immediate feedback for the majority of common configuration mistakes, reducing the pain involved in setting up TLS. The code is derived from equivalent code that has been part of libvirt's TLS support and has been seen to be valuable in assisting admins. It is possible to disable the sanity checking, however, via the new 'sanity-check' property on the tls-creds object type, with a value of 'no'. Unit tests are included in this change to verify the correctness of the sanity checking code in all the key scenarios it is intended to cope with. As part of the test suite, the pkix_asn1_tab.c from gnutls is imported. This file is intentionally copied from the (long since obsolete) gnutls 1.6.3 source tree, since that version was still under GPLv2+, rather than the GPLv3+ of gnutls >= 2.0. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>