aboutsummaryrefslogtreecommitdiff
path: root/qapi
AgeCommit message (Collapse)Author
2021-07-14crypto: replace 'des-rfb' cipher with 'des'Daniel P. Berrangé
Currently the crypto layer exposes support for a 'des-rfb' algorithm which is just normal single-DES, with the bits in each key byte reversed. This special key munging is required by the RFB protocol password authentication mechanism. Since the crypto layer is generic shared code, it makes more sense to do the key byte munging in the VNC server code, and expose normal single-DES support. Replacing cipher 'des-rfb' by 'des' looks like an incompatible interface change, but it doesn't matter. While the QMP schema allows any QCryptoCipherAlgorithm for the 'cipher-alg' field in QCryptoBlockCreateOptionsLUKS, the code restricts what can be used at runtime. Thus the only effect is a change in error message. Original behaviour: $ qemu-img create -f luks --object secret,id=sec0,data=123 -o cipher-alg=des-rfb,key-secret=sec0 demo.luks 1G Formatting 'demo.luks', fmt=luks size=1073741824 key-secret=sec0 cipher-alg=des-rfb qemu-img: demo.luks: Algorithm 'des-rfb' not supported New behaviour: $ qemu-img create -f luks --object secret,id=sec0,data=123 -o cipher-alg=des-rfb,key-secret=sec0 demo.luks 1G Formatting 'demo.luks', fmt=luks size=1073741824 key-secret=sec0 cipher-alg=des-fish qemu-img: demo.luks: Invalid parameter 'des-rfb' Reviewed-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-07-12qemu-img: Make unallocated part of backing chain obvious in mapEric Blake
The recently-added NBD context qemu:allocation-depth is able to distinguish between locally-present data (even when that data is sparse) [shown as depth 1 over NBD], and data that could not be found anywhere in the backing chain [shown as depth 0]; and the libnbd project was recently patched to give the human-readable name "absent" to an allocation-depth of 0. But qemu-img map --output=json predates that addition, and has the unfortunate behavior that all portions of the backing chain that resolve without finding a hit in any backing layer report the same depth as the final backing layer. This makes it harder to reconstruct a qcow2 backing chain using just 'qemu-img map' output, especially when using "backing":null to artificially limit a backing chain, because it is impossible to distinguish between a QCOW2_CLUSTER_UNALLOCATED (which defers to a [missing] backing file) and a QCOW2_CLUSTER_ZERO_PLAIN cluster (which would override any backing file), since both types of clusters otherwise show as "data":false,"zero":true" (but note that we can distinguish a QCOW2_CLUSTER_ZERO_ALLOCATED, which would also have an "offset": listing). The task of reconstructing a qcow2 chain was made harder in commit 0da9856851 (nbd: server: Report holes for raw images), because prior to that point, it was possible to abuse NBD's block status command to see which portions of a qcow2 file resulted in BDRV_BLOCK_ALLOCATED (showing up as NBD_STATE_ZERO in isolation) vs. missing from the chain (showing up as NBD_STATE_ZERO|NBD_STATE_HOLE); but now qemu reports more accurate sparseness information over NBD. An obvious solution is to make 'qemu-img map --output=json' add an additional "present":false designation to any cluster lacking an allocation anywhere in the chain, without any change to the "depth" parameter to avoid breaking existing clients. The iotests have several examples where this distinction demonstrates the additional accuracy. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <20210701190655.2131223-3-eblake@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> [eblake: fix more iotest fallout] Signed-off-by: Eric Blake <eblake@redhat.com>
2021-07-09block: Make blockdev-reopen stable APIAlberto Garcia
This patch drops the 'x-' prefix from x-blockdev-reopen. Signed-off-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Message-Id: <20210708114709.206487-7-kwolf@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2021-07-09block: Support multiple reopening with x-blockdev-reopenAlberto Garcia
[ kwolf: Fixed AioContext locking ] Signed-off-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Message-Id: <20210708114709.206487-5-kwolf@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2021-07-09export/fuse: Add allow-other optionMax Reitz
Without the allow_other mount option, no user (not even root) but the one who started qemu/the storage daemon can access the export. Allow users to configure the export such that such accesses are possible. While allow_other is probably what users want, we cannot make it an unconditional default, because passing it is only possible (for non-root users) if the global fuse.conf configuration file allows it. Thus, the default is an 'auto' mode, in which we first try with allow_other, and then fall back to without. FuseExport.allow_other reports whether allow_other was actually used as a mount option or not. Currently, this information is not used, but a future patch will let this field decide whether e.g. an export's UID and GID can be changed through chmod. One notable thing about 'auto' mode is that libfuse may print error messages directly to stderr, and so may fusermount (which it executes). Our export code cannot really filter or hide them. Therefore, if 'auto' fails its first attempt and has to fall back, fusermount will print an error message that mounting with allow_other failed. This behavior necessitates a change to iotest 308, namely we need to filter out this error message (because if the first attempt at mounting with allow_other succeeds, there will be no such message). Furthermore, common.rc's _make_test_img should use allow-other=off for FUSE exports, because iotests generally do not need to access images from other users, so allow-other=on or allow-other=auto have no advantage. OTOH, allow-other=on will not work on systems where user_allow_other is disabled, and with allow-other=auto, we get said error message that we would need to filter out again. Just disabling allow-other is simplest. Signed-off-by: Max Reitz <mreitz@redhat.com> Message-Id: <20210625142317.271673-3-mreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2021-07-09block/rbd: Add support for rbd image encryptionOr Ozeri
Starting from ceph Pacific, RBD has built-in support for image-level encryption. Currently supported formats are LUKS version 1 and 2. There are 2 new relevant librbd APIs for controlling encryption, both expect an open image context: rbd_encryption_format: formats an image (i.e. writes the LUKS header) rbd_encryption_load: loads encryptor/decryptor to the image IO stack This commit extends the qemu rbd driver API to support the above. Signed-off-by: Or Ozeri <oro@il.ibm.com> Message-Id: <20210627114635.39326-1-oro@il.ibm.com> Reviewed-by: Ilya Dryomov <idryomov@gmail.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2021-06-30block/ssh: add support for sha256 host key fingerprintsDaniel P. Berrangé
Currently the SSH block driver supports MD5 and SHA1 for host key fingerprints. This is a cryptographically sensitive operation and so these hash algorithms are inadequate by modern standards. This adds support for SHA256 which has been supported in libssh since the 0.8.1 release. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210622115156.138458-1-berrange@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Acked-by: Richard W.M. Jones <rjones@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2021-06-28Merge remote-tracking branch 'remotes/bonzini-gitlab/tags/for-upstream' into ↵Peter Maydell
staging * Some Meson test conversions * KVM dirty page ring buffer fix * KVM TSC scaling support * Fixes for SG_IO with /dev/sdX devices * (Non)support for host devices on iOS * -smp cleanups # gpg: Signature made Fri 25 Jun 2021 15:16:18 BST # gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83 # gpg: issuer "pbonzini@redhat.com" # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full] # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full] # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini-gitlab/tags/for-upstream: (28 commits) machine: reject -smp dies!=1 for non-PC machines machine: pass QAPI struct to mc->smp_parse machine: add error propagation to mc->smp_parse machine: move common smp_parse code to caller machine: move dies from X86MachineState to CpuTopology file-posix: handle EINTR during ioctl block: detect DKIOCGETBLOCKCOUNT/SIZE before use block: try BSD disk size ioctls one after another block: check for sys/disk.h block: feature detection for host block support file-posix: try BLKSECTGET on block devices too, do not round to power of 2 block: add max_hw_transfer to BlockLimits block-backend: align max_transfer to request alignment osdep: provide ROUND_DOWN macro scsi-generic: pass max_segments via max_iov field in BlockLimits file-posix: fix max_iov for /dev/sg devices KVM: Fix dirty ring mmap incorrect size due to renaming accident configure, meson: convert libusbredir detection to meson configure, meson: convert libcacard detection to meson configure, meson: convert libusb detection to meson ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-06-25machine: pass QAPI struct to mc->smp_parsePaolo Bonzini
As part of converting -smp to a property with a QAPI type, define the struct and use it to do the actual parsing. machine_smp_parse takes care of doing the QemuOpts->QAPI conversion by hand, for now. Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-Id: <20210617155308.928754-10-pbonzini@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-06-25block: feature detection for host block supportJoelle van Dyne
On Darwin (iOS), there are no system level APIs for directly accessing host block devices. We detect this at configure time. Signed-off-by: Joelle van Dyne <j@getutm.app> Message-Id: <20210315180341.31638-2-j@getutm.app> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-06-23ui: Make the DisplayType enum entries conditionalThomas Huth
Libvirt's "domcapabilities" command has a way to state whether certain graphic frontends are available in QEMU or not. Originally, libvirt looked at the "--help" output of the QEMU binary to determine whether SDL was available or not (by looking for the "-sdl" parameter in the help text), but since libvirt stopped doing this analysis of the help text, the detection of SDL is currently broken, see: https://bugzilla.redhat.com/show_bug.cgi?id=1790902 QEMU should provide a way via the QMP interface instead. A simple way, without introducing additional commands, is to make the DisplayType enum entries conditional, so that the enum only contains the entries if the corresponding CONFIG_xxx switches have been set. This of course only gives an indication which possibilities have been enabled during compile-time of QEMU (and does not take into account whether modules are later available or not for example - for this we'd need a separate command), but anyway, this should already be good enough for the above bug ticket, and it's a good idea anyway to make the QMP interface conditional here, so let's simply do it. Signed-off-by: Thomas Huth <thuth@redhat.com> Message-Id: <20210615090439.70926-1-thuth@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2021-06-23input: Add lang1 and lang2 to QKeyCodeAkihiko Odaki
lang1 and lang2 represents the keys with the same names in the keyboard/keypad usage page (0x07) included in the "HID Usage Tables for Universal Serial Bus (USB)" version 1.22. Although the keys are described as "Hangul/English toggle key" and "Hanja conversion key" in the specification, the meaning depends on the variety of the keyboard, and it will be used as the representations of Kana and Eisu keys on Japanese Macs in qemu_input_map_osx_to_qcode, which is used by ui/gtk. Signed-off-by: Akihiko Odaki <akihiko.odaki@gmail.com> Message-Id: <20210617023113.2441-2-akihiko.odaki@gmail.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2021-06-17Merge remote-tracking branch 'remotes/bonzini-gitlab/tags/for-upstream' into ↵Peter Maydell
staging * avoid deprecation warnings for SASL on macOS 10.11 or newer * fix -readconfig when config blocks have an id (like [chardev "qmp"]) * Error* initialization fixes * Improvements to ESP emulation (Mark) * Allow creating noreserve memory backends (David) * Improvements to query-memdev (David) * Bump compiler to C11 (Richard) * First round of SVM fixes from GSoC project (Lara) # gpg: Signature made Wed 16 Jun 2021 16:37:49 BST # gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83 # gpg: issuer "pbonzini@redhat.com" # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full] # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full] # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini-gitlab/tags/for-upstream: (45 commits) configure: Remove probe for _Static_assert qemu/compiler: Remove QEMU_GENERIC include/qemu/lockable: Use _Generic instead of QEMU_GENERIC util: Use unique type for QemuRecMutex in thread-posix.h util: Pass file+line to qemu_rec_mutex_unlock_impl util: Use real functions for thread-posix QemuRecMutex softfloat: Use _Generic instead of QEMU_GENERIC configure: Use -std=gnu11 target/i386: Added Intercept CR0 writes check target/i386: Added consistency checks for CR0 target/i386: Added consistency checks for VMRUN intercept and ASID target/i386: Refactored intercept checks into cpu_svm_has_intercept configure: map x32 to cpu_family x86_64 for meson hmp: Print "reserve" property of memory backends with "info memdev" qmp: Include "reserve" property of memory backends hmp: Print "share" property of memory backends with "info memdev" qmp: Include "share" property of memory backends qmp: Clarify memory backend properties returned via query-memdev hostmem: Wire up RAM_NORESERVE via "reserve" property util/mmap-alloc: Support RAM_NORESERVE via MAP_NORESERVE under Linux ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-06-15qmp: Include "reserve" property of memory backendsDavid Hildenbrand
Let's include the new property. Instead of relying on CONFIG_LINUX, let's try to unconditionally grab the property and treat errors as "does not exist". Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Acked-by: Eduardo Habkost <ehabkost@redhat.com> for memory backend and machine core Cc: Eric Blake <eblake@redhat.com> Cc: Markus Armbruster <armbru@redhat.com> Cc: Igor Mammedov <imammedo@redhat.com> Signed-off-by: David Hildenbrand <david@redhat.com> Message-Id: <20210510114328.21835-15-david@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-06-15qmp: Include "share" property of memory backendsDavid Hildenbrand
Let's include the property, which can be helpful when debugging, for example, to spot misuse of MAP_PRIVATE which can result in some ugly corner cases (e.g., double-memory consumption on shmem). Use the same description we also use for describing the property. Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Acked-by: Eduardo Habkost <ehabkost@redhat.com> for memory backend and machine core Cc: Eric Blake <eblake@redhat.com> Cc: Markus Armbruster <armbru@redhat.com> Cc: Igor Mammedov <imammedo@redhat.com> Signed-off-by: David Hildenbrand <david@redhat.com> Message-Id: <20210510114328.21835-13-david@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-06-15qmp: Clarify memory backend properties returned via query-memdevDavid Hildenbrand
We return information on the currently configured memory backends and don't configure them, so decribe what the currently set properties express. Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Suggested-by: Markus Armbruster <armbru@redhat.com> Acked-by: Eduardo Habkost <ehabkost@redhat.com> for memory backend and machine core Cc: Eric Blake <eblake@redhat.com> Cc: Markus Armbruster <armbru@redhat.com> Cc: Igor Mammedov <imammedo@redhat.com> Signed-off-by: David Hildenbrand <david@redhat.com> Message-Id: <20210510114328.21835-12-david@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-06-15hostmem: Wire up RAM_NORESERVE via "reserve" propertyDavid Hildenbrand
Let's provide a way to control the use of RAM_NORESERVE via memory backends using the "reserve" property which defaults to true (old behavior). Only Linux currently supports clearing the flag (and support is checked at runtime, depending on the setting of "/proc/sys/vm/overcommit_memory"). Windows and other POSIX systems will bail out with "reserve=false". The target use case is virtio-mem, which dynamically exposes memory inside a large, sparse memory area to the VM. This essentially allows avoiding to set "/proc/sys/vm/overcommit_memory == 0") when using virtio-mem and also supporting hugetlbfs in the future. As really only Linux implements RAM_NORESERVE right now, let's expose the property only with CONFIG_LINUX. Setting the property to "false" will then only fail in corner cases -- for example on very old kernels or when memory overcommit was completely disabled by the admin. Reviewed-by: Peter Xu <peterx@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Acked-by: Eduardo Habkost <ehabkost@redhat.com> for memory backend and machine core Cc: Markus Armbruster <armbru@redhat.com> Cc: Eric Blake <eblake@redhat.com> Cc: Igor Mammedov <imammedo@redhat.com> Signed-off-by: David Hildenbrand <david@redhat.com> Message-Id: <20210510114328.21835-11-david@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-06-15tpm: Return QMP error when TPM is disabled in buildPhilippe Mathieu-Daudé
When the management layer queries a binary built using --disable-tpm for TPM devices, it gets confused by getting empty responses: { "execute": "query-tpm" } { "return": [ ] } { "execute": "query-tpm-types" } { "return": [ ] } { "execute": "query-tpm-models" } { "return": [ ] } To make it clearer by returning an error: - Make the TPM QAPI schema conditional All of tpm.json is now 'if': 'defined(CONFIG_TPM)'. - Adapt the HMP command - Remove stubs which became unnecessary The management layer now gets a 'CommandNotFound' error: { "execute": "query-tpm" } { "error": { "class": "CommandNotFound", "desc": "The command query-tpm has not been found" } } Suggested-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2021-06-11netdev: add more commands to preconfig modePaolo Bonzini
Creating and destroying network backend does not require a fully constructed machine. Allow the related monitor commands to run before machine initialization has concluded. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-06-08migration/dirtyrate: make sample page count configurableHyman Huang(黄勇)
introduce optional sample-pages argument in calc-dirty-rate, making sample page count per GB configurable so that more accurate dirtyrate can be calculated. Signed-off-by: Hyman Huang(黄勇) <huangy81@chinatelecom.cn> Message-Id: <3103453a3b2796f929269c99a6ad81a9a7f1f405.1623027729.git.huangy81@chinatelecom.cn> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Wrapped a couple of long lines
2021-06-08sockets: Support multipath TCPDr. David Alan Gilbert
Multipath TCP allows combining multiple interfaces/routes into a single socket, with very little work for the user/admin. It's enabled by 'mptcp' on most socket addresses: ./qemu-system-x86_64 -nographic -incoming tcp:0:4444,mptcp Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Message-Id: <20210421112834.107651-6-dgilbert@redhat.com> Acked-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2021-06-02Merge remote-tracking branch ↵Peter Maydell
'remotes/thuth-gitlab/tags/pull-request-2021-06-02' into staging * Update the references to some doc files (use *.rst instead of *.txt) * Bump minimum versions of some requirements after removing CentOS 7 support # gpg: Signature made Wed 02 Jun 2021 08:12:18 BST # gpg: using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5 # gpg: issuer "thuth@redhat.com" # gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full] # gpg: aka "Thomas Huth <thuth@redhat.com>" [full] # gpg: aka "Thomas Huth <huth@tuxfamily.org>" [full] # gpg: aka "Thomas Huth <th.huth@posteo.de>" [unknown] # Primary key fingerprint: 27B8 8847 EEE0 2501 18F3 EAB9 2ED9 D774 FE70 2DB5 * remotes/thuth-gitlab/tags/pull-request-2021-06-02: configure: bump min required CLang to 6.0 / XCode 10.0 configure: bump min required GCC to 7.5.0 configure: bump min required glib version to 2.56 tests/docker: drop CentOS 7 container tests/vm: convert centos VM recipe to CentOS 8 crypto: drop used conditional check crypto: bump min gnutls to 3.5.18, dropping RHEL-7 support crypto: bump min gcrypt to 1.8.0, dropping RHEL-7 support crypto: drop back compatibility typedefs for nettle crypto: bump min nettle to 3.4, dropping RHEL-7 support patchew: move quick build job from CentOS 7 to CentOS 8 container block/ssh: Bump minimum libssh version to 0.8.7 docs: fix references to docs/devel/s390-dasd-ipl.rst docs: fix references to docs/specs/tpm.rst docs: fix references to docs/devel/build-system.rst docs: fix references to docs/devel/atomics.rst docs: fix references to docs/devel/tracing.rst Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-06-02docs: fix references to docs/devel/tracing.rstStefano Garzarella
Commit e50caf4a5c ("tracing: convert documentation to rST") converted docs/devel/tracing.txt to docs/devel/tracing.rst. We still have several references to the old file, so let's fix them with the following command: sed -i s/tracing.txt/tracing.rst/ $(git grep -l docs/devel/tracing.txt) Signed-off-by: Stefano Garzarella <sgarzare@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20210517151702.109066-2-sgarzare@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-06-01target/i386/sev: add support to query the attestation reportBrijesh Singh
The SEV FW >= 0.23 added a new command that can be used to query the attestation report containing the SHA-256 digest of the guest memory and VMSA encrypted with the LAUNCH_UPDATE and sign it with the PEK. Note, we already have a command (LAUNCH_MEASURE) that can be used to query the SHA-256 digest of the guest memory encrypted through the LAUNCH_UPDATE. The main difference between previous and this command is that the report is signed with the PEK and unlike the LAUNCH_MEASURE command the ATTESATION_REPORT command can be called while the guest is running. Add a QMP interface "query-sev-attestation-report" that can be used to get the report encoded in base64. Cc: James Bottomley <jejb@linux.ibm.com> Cc: Tom Lendacky <Thomas.Lendacky@amd.com> Cc: Eric Blake <eblake@redhat.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: kvm@vger.kernel.org Reviewed-by: James Bottomley <jejb@linux.ibm.com> Tested-by: James Bottomley <jejb@linux.ibm.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Reviewed-by: Connor Kuehl <ckuehl@redhat.com> Message-Id: <20210429170728.24322-1-brijesh.singh@amd.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2021-05-26qtest: add a QOM object for qtestPaolo Bonzini
The qtest server right now can only be created using the -qtest and -qtest-log options. Allow an alternative way to create it using "-object qtest,chardev=...,log=...". This is part of the long term plan to make more (or all) of QEMU configurable through QMP and preconfig mode. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-05-26object: add more commands to preconfig modePaolo Bonzini
Creating and destroying QOM objects does not require a fully constructed machine. Allow running object-add and object-del before machine initialization has concluded. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-05-21ui/vdagent: add clipboard supportGerd Hoffmann
This patch adds support for clipboard messages to the qemu vdagent implementation, which allows the guest exchange clipboard data with qemu. Clipboard support can be enabled/disabled using the new 'clipboard' parameter for the vdagent chardev. Default is off. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-id: 20210519053940.1888907-1-kraxel@redhat.com Message-Id: <20210519053940.1888907-7-kraxel@redhat.com>
2021-05-21ui/vdagent: add mouse supportGerd Hoffmann
This patch adds support for mouse messages to the vdagent implementation. This can be enabled/disabled using the new 'mouse' parameter for the vdagent chardev. Default is on. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Acked-by: Markus Armbruster <armbru@redhat.com> Message-id: 20210519053940.1888907-1-kraxel@redhat.com Message-Id: <20210519053940.1888907-6-kraxel@redhat.com>
2021-05-21ui/vdagent: core infrastructureGerd Hoffmann
The vdagent protocol allows the guest agent (spice-vdagent) and the spice client exchange messages to implement features which require guest cooperation, for example clipboard support. This is a qemu implementation of the spice client side. This allows the spice guest agent talk to qemu directly when not using the spice protocol. usage: qemu \ -chardev qemu-vdagent,id=vdagent \ -device virtserialport,chardev=vdagent,name=com.redhat.spice.0 This patch adds just the protocol basics: initial handshake and capability negotiation. The following patches will add actual functionality and also add fields to the initially empty ChardevVDAgent qapi struct. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-id: 20210519053940.1888907-1-kraxel@redhat.com Message-Id: <20210519053940.1888907-5-kraxel@redhat.com>
2021-05-17Merge remote-tracking branch ↵Peter Maydell
'remotes/vivier2/tags/trivial-branch-for-6.1-pull-request' into staging Pull request trivial-branch 20210515 # gpg: Signature made Sat 15 May 2021 11:02:59 BST # gpg: using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C # gpg: issuer "laurent@vivier.eu" # gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full] # gpg: aka "Laurent Vivier <laurent@vivier.eu>" [full] # gpg: aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full] # Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F 5173 F30C 38BD 3F2F BE3C * remotes/vivier2/tags/trivial-branch-for-6.1-pull-request: target/avr: Ignore unimplemented WDR opcode hw/avr/atmega.c: use the avr51 cpu for atmega1280 target/sh4: Return error if CPUClass::get_phys_page_debug() fails multi-process: Avoid logical AND of mutually exclusive tests hw/pci-host: Do not build gpex-acpi.c if GPEX is not selected hw/mem/meson: Fix linking sparse-mem device with fuzzer cutils: fix memory leak in get_relocated_path() hw/rtc/mc146818rtc: Convert to 3-phase reset (Resettable interface) hw/timer/etraxfs_timer: Convert to 3-phase reset (Resettable interface) hw/gpio/aspeed: spelling fix (addtional) qapi: spelling fix (addtional) virtiofsd: Fix check of chown()'s return value virtio-net: Constify VirtIOFeature feature_sizes[] virtio-blk: Constify VirtIOFeature feature_sizes[] hw/virtio: Pass virtio_feature_get_config_size() a const argument backends/tpm: Replace qemu_mutex_lock calls with QEMU_LOCK_GUARD Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-05-14Merge remote-tracking branch ↵Peter Maydell
'remotes/dgilbert/tags/pull-migration-20210513a' into staging Migration pull 2021-05-13 Fix of the 2021-05-11 version, with a fix to build on the armhf cross. The largest change in this set is David's changes for ram block size changing; then there's a pile of other cleanups and fixes. Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> # gpg: Signature made Thu 13 May 2021 18:36:06 BST # gpg: using RSA key 45F5C71B4A0CB7FB977A9FA90516331EBC5BFDE7 # gpg: Good signature from "Dr. David Alan Gilbert (RH2) <dgilbert@redhat.com>" [full] # Primary key fingerprint: 45F5 C71B 4A0C B7FB 977A 9FA9 0516 331E BC5B FDE7 * remotes/dgilbert/tags/pull-migration-20210513a: tests/migration: introduce multifd into guestperf tests/qtest/migration-test: Use g_autofree to avoid leaks on error paths tests/migration-test: Fix "true" vs true migration/ram: Use offset_in_ramblock() in range checks migration/multifd: Print used_length of memory block migration/ram: Handle RAM block resizes during postcopy migration/ram: Simplify host page handling in ram_load_postcopy() migration/ram: Discard RAM when growing RAM blocks after ram_postcopy_incoming_init() exec: Relax range check in ram_block_discard_range() migration/ram: Handle RAM block resizes during precopy numa: Make all callbacks of ram block notifiers optional numa: Teach ram block notifiers about resizeable ram blocks util: vfio-helpers: Factor out and fix processing of existing ram blocks migration: Drop redundant query-migrate result @blocked migration/ram: Optimize ram_save_host_page() migration/ram: Reduce unnecessary rate limiting migrate/ram: remove "ram_bulk_stage" and "fpo_enabled" Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-05-13migration: Drop redundant query-migrate result @blockedMarkus Armbruster
Result @blocked is redundant. Unfortunately, we realized this too close to the release to risk dropping it, so we deprecated it instead, in commit e11ce6c06. Since it was deprecated from the start, we can delete it without the customary grace period. Do so. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210429140424.2802929-1-armbru@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2021-05-13qapi: spelling fix (addtional)Michael Tokarev
Fixes: 3d0d3c30ae3a259bff176f85a3efa2d0816695af Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Message-Id: <20210508093315.393274-1-mjt@msgid.tls.msk.ru> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2021-05-12Drop the deprecated unicore32 targetMarkus Armbruster
Target unicore32 was deprecated in commit 8e4ff4a8d2b, v5.2.0. See there for rationale. Cc: Guan Xuetao <gxt@mprc.pku.edu.cn> Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20210503084034.3804963-3-armbru@redhat.com> Acked-by: Thomas Huth <thuth@redhat.com>
2021-05-12Drop the deprecated lm32 targetMarkus Armbruster
Target lm32 was deprecated in commit d8498005122, v5.2.0. See there for rationale. Some of its code lives on in device models derived from milkymist ones: hw/char/digic-uart.c and hw/display/bcm2835_fb.c. Cc: Michael Walle <michael@walle.cc> Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20210503084034.3804963-2-armbru@redhat.com> Acked-by: Michael Walle <michael@walle.cc> [Trivial conflicts resolved, reST markup fixed]
2021-05-12block: Drop the sheepdog block driverMarkus Armbruster
It was deprecated in commit e1c4269763, v5.2.0. See that commit message for rationale. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20210501075747.3293186-1-armbru@redhat.com> ACKed-by: Peter Krempa <pkrempa@redhat.com>
2021-05-12Remove the deprecated moxie targetThomas Huth
There are no known users of this CPU anymore, and there are no binaries available online which could be used for regression tests, so the code has likely completely bit-rotten already. It's been marked as deprecated since two releases now and nobody spoke up that there is still a need to keep it, thus let's remove it now. Signed-off-by: Thomas Huth <thuth@redhat.com> Message-Id: <20210430160355.698194-1-thuth@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> [Commit message typos fixed, trivial conflicts resolved] Signed-off-by: Markus Armbruster <armbru@redhat.com>
2021-04-20migration: Deprecate redundant query-migrate result @blockedMarkus Armbruster
Result @blocked is true when and only when result @blocked-reasons is present. It's always non-empty when present. @blocked is redundant. It was introduced in commit 3af8554bd0 "migration: Add blocker information", and has not been released. This gives us a chance to fix the interface with minimal fuss. Unfortunately, we're already too close to the release to risk dropping it. Deprecate it instead. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Message-id: 20210420051907.891470-1-armbru@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-04-14qapi/qom.json: Do not use CONFIG_VIRTIO_CRYPTO in common codeThomas Huth
The ObjectType enum and ObjectOptions are included from qapi-types-qom.h into common code. We should not use target-specific config switches like CONFIG_VIRTIO_CRYPTO here, since this is not defined in common code and thus the enum will look differently between common and target specific code. For this case, it's hopefully enough to check for CONFIG_VHOST_CRYPTO only (which is a host specific config switch, i.e. it's the same on all targets). Signed-off-by: Thomas Huth <thuth@redhat.com> Message-Id: <20210412160710.639800-1-thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-04-08Revert "qapi: net: Add query-netdev command"Jason Wang
Several issues has been reported for query-netdev series. Consider it's late in the rc, this reverts commit d32ad10a14d46dfe9304e3ed5858a11dcd5c71a0. Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-04-08Revert "hmp: Use QAPI NetdevInfo in hmp_info_network"Jason Wang
Several issues has been reported for query-netdev info series. Consider it's late in the rc, this reverts commit a0724776c5a98a08fc946bb5a4ad16410ca64c0e. Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-04-01qapi: qom: do not use target-specific conditionalsPaolo Bonzini
ObjectType and ObjectOptions are defined in a target-independent file, therefore they do not have access to target-specific configuration symbols such as CONFIG_PSERIES or CONFIG_SEV. For this reason, pef-guest and sev-guest are currently omitted when compiling the generated QAPI files. In addition, this causes ObjectType to have different definitions depending on the file that is including qapi-types-qom.h (currently this is not causing any issues, but it is wrong). Define the two enum entries and the SevGuestProperties type unconditionally to avoid the issue. We do not expect to have many target-dependent user-creatable classes, so it is not particularly problematic. Reported-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-03-23Merge remote-tracking branch 'remotes/kraxel/tags/ui-20210323-pull-request' ↵Peter Maydell
into staging fixes for 6.0 # gpg: Signature made Tue 23 Mar 2021 15:36:06 GMT # gpg: using RSA key A0328CFFB93A17A79901FE7D4CB6D8EED3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full] # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" [full] # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full] # Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138 * remotes/kraxel/tags/ui-20210323-pull-request: edid: prefer standard timings include/ui/console.h: Delete is_surface_bgr() qmp: add new qmp display-reload vnc: support reload x509 certificates for vnc crypto: add reload for QCryptoTLSCredsClass Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-03-23block: Remove monitor command block_passwdMarkus Armbruster
Command block_passwd always fails since Commit c01c214b69 "block: remove all encryption handling APIs" (v2.10.0) turned block_passwd into a stub that always fails, and hardcoded encryption_key_missing to false in query-named-block-nodes and query-block. Commit ad1324e044 "block: remove 'encryption_key_missing' flag from QAPI" just landed. Complete the cleanup job: remove block_passwd. Cc: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20210323101951.3686029-1-armbru@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-03-23qapi: Enforce enum member naming rulesMarkus Armbruster
Enum members should use '-', not '_'. Enforce this. Fix the fixable offenders (all in tests/), and add the remainder to pragma member-name-exceptions. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20210323094025.3569441-28-armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
2021-03-23qapi: Enforce struct member naming rulesMarkus Armbruster
Struct members, including command arguments, event data, and union inline base members, should use '-', not '_'. Enforce this. Fix the fixable offenders (all in tests/), and add the remainder to pragma member-name-exceptions. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20210323094025.3569441-27-armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
2021-03-23qapi: Enforce command naming rulesMarkus Armbruster
Command names should be lower-case. Enforce this. Fix the fixable offenders (all in tests/), and add the remainder to pragma command-name-exceptions. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20210323094025.3569441-25-armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
2021-03-23qapi/pragma: Streamline comments on member-name-exceptionsMarkus Armbruster
Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20210323094025.3569441-21-armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
2021-03-23qapi: Rename pragma *-whitelist to *-exceptionsMarkus Armbruster
Rename pragma returns-whitelist to command-returns-exceptions, and name-case-whitelist to member-name-case-exceptions. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20210323094025.3569441-20-armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
2021-03-23qapi/pragma: Tidy up after removal of deprecated commandsMarkus Armbruster
Commit cbde7be900 "migrate: remove QMP/HMP commands for speed, downtime and cache size" neglected to remove query-migrate-cache-size from pragma returns-whitelist. Commit 8af54b9172 "machine: remove 'query-cpus' QMP command" neglected to remove CpuInfo & friends from pragma name-case-exceptions. Remove these now. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20210323094025.3569441-2-armbru@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com>