[Qemu-commits] [qemu/qemu] 5ac067: checkpatch: Add xendevicemodel

qemu-commits
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 5ac067: checkpatch: Add xendevicemodel_handle

From:	GitHub
Subject:	[Qemu-commits] [qemu/qemu] 5ac067: checkpatch: Add xendevicemodel_handle to the list ...
Date:	Fri, 27 Apr 2018 00:56:46 -0700
  Branch: refs/heads/master
  Home:   https://github.com/qemu/qemu
  Commit: 5ac067a24a85fec57d2d87b2d12ae4ffa6aa2d9e
      
https://github.com/qemu/qemu/commit/5ac067a24a85fec57d2d87b2d12ae4ffa6aa2d9e
  Author: Ian Jackson <address@hidden>
  Date:   2018-04-26 (Thu, 26 Apr 2018)

  Changed paths:
    M scripts/checkpatch.pl

  Log Message:
  -----------
  checkpatch: Add xendevicemodel_handle to the list of types

This avoids checkpatch misparsing (as statements) long function
definitions or declarations, which sometimes start with constructs
like this:

  static inline int xendevicemodel_relocate_memory(
      xendevicemodel_handle *dmod, domid_t domid, ...

The type xendevicemodel_handle does not conform to Qemu CODING_STYLE,
which would suggest CamelCase.  However, it is a type defined by the
Xen Project in xen.git.  It would be possible to introduce a typedef
to allow the qemu code to refer to it by a differently-spelled name,
but that would obfuscate more than it would clarify.

CC: Eric Blake <address@hidden>
CC: Paolo Bonzini <address@hidden>
CC: Daniel P. Berrange <address@hidden>
Signed-off-by: Ian Jackson <address@hidden>
Reviewed-by: Eric Blake <address@hidden>


  Commit: 7a64c17f3b3015bf741593a019538275c764455f
      
https://github.com/qemu/qemu/commit/7a64c17f3b3015bf741593a019538275c764455f
  Author: Ian Jackson <address@hidden>
  Date:   2018-04-26 (Thu, 26 Apr 2018)

  Changed paths:
    M accel/accel.c
    M include/sysemu/accel.h
    M vl.c

  Log Message:
  -----------
  AccelClass: Introduce accel_setup_post

This is called just before os_setup_post.  Currently none of the
accelerators provide this hook, but the Xen one is going to provide
one in a moment.

Signed-off-by: Ian Jackson <address@hidden>
Reviewed-by: Eduardo Habkost <address@hidden>


  Commit: 58ea9a7a025243d3c34f869d4c5ea7c174235c4e
      
https://github.com/qemu/qemu/commit/58ea9a7a025243d3c34f869d4c5ea7c174235c4e
  Author: Anthony PERARD <address@hidden>
  Date:   2018-04-26 (Thu, 26 Apr 2018)

  Changed paths:
    M configure

  Log Message:
  -----------
  xen: link against xentoolcore

Xen libraries in 4.10 include a new xentoolcore library.  This
contains the xentoolcore_restrict_all function which we are about to
want to use.

Signed-off-by: Ian Jackson <address@hidden>
Acked-by: Stefano Stabellini <address@hidden>


  Commit: 0ef4d87da58dfe0e0e466414701c103b7a44df65
      
https://github.com/qemu/qemu/commit/0ef4d87da58dfe0e0e466414701c103b7a44df65
  Author: Ian Jackson <address@hidden>
  Date:   2018-04-26 (Thu, 26 Apr 2018)

  Changed paths:
    M include/hw/xen/xen_common.h

  Log Message:
  -----------
  xen: restrict: use xentoolcore_restrict_all

And insist that it works.

Drop individual use of xendevicemodel_restrict and
xenforeignmemory_restrict.  These are not actually effective in this
version of qemu, because qemu has a large number of fds open onto
various Xen control devices.

The restriction arrangements are still not right, because the
restriction needs to be done very late - after qemu has opened all of
its control fds.

xentoolcore_restrict_all and xentoolcore.h are available in Xen 4.10
and later, only.  Provide a compatibility stub.  And drop the
compatibility stubs for the old functions.

Signed-off-by: Ian Jackson <address@hidden>
Reviewed-by: Anthony PERARD <address@hidden>
Acked-by: Stefano Stabellini <address@hidden>


  Commit: 4564e63f80ace744093157782c3db45fc50a4836
      
https://github.com/qemu/qemu/commit/4564e63f80ace744093157782c3db45fc50a4836
  Author: Ian Jackson <address@hidden>
  Date:   2018-04-26 (Thu, 26 Apr 2018)

  Changed paths:
    M hw/i386/xen/xen-hvm.c
    M hw/xen/xen-common.c

  Log Message:
  -----------
  xen: defer call to xen_restrict until just before os_setup_post

We need to restrict *all* the control fds that qemu opens.  Looking in
/proc/PID/fd shows there are many; their allocation seems scattered
throughout Xen support code in qemu.

We must postpone the restrict call until roughly the same time as qemu
changes its uid, chroots (if applicable), and so on.

There doesn't seem to be an appropriate hook already.  The RunState
change hook fires at different times depending on exactly what mode
qemu is operating in.

And it appears that no-one but the Xen code wants a hook at this phase
of execution.  So, introduce a bare call to a new function
xen_setup_post, just before os_setup_post.  Also provide the
appropriate stub for when Xen compilation is disabled.

We do the restriction before rather than after os_setup_post, because
xen_restrict may need to open /dev/null, and os_setup_post might have
called chroot.

Currently this does not work with migration, because when running as
the Xen device model qemu needs to signal to the toolstack that it is
ready.  It currently does this using xenstore, and for incoming
migration (but not for ordinary startup) that happens after
os_setup_post.

It is correct that this happens late: we want the incoming migration
stream to be processed by a restricted qemu.  The fix for this will be
to do the startup notification a different way, without using
xenstore.  (QMP is probably a reasonable choice.)

So for now this restriction feature cannot be used in conjunction with
migration.  (Note that this is not a regression in this patch, because
previously the -xen-restrict-domid call was, in fact, simply
ineffective!)  We will revisit this in the Xen 4.11 release cycle.

Signed-off-by: Ian Jackson <address@hidden>
CC: Paolo Bonzini <address@hidden> (maintainer:X86)
CC: Richard Henderson <address@hidden> (maintainer:X86)
CC: Eduardo Habkost <address@hidden> (maintainer:X86)
CC: Michael S. Tsirkin <address@hidden> (supporter:PC)
Acked-by: Anthony PERARD <address@hidden>


  Commit: 74aae6bff4fec3a655a2da7053ac2edbaf51e7b6
      
https://github.com/qemu/qemu/commit/74aae6bff4fec3a655a2da7053ac2edbaf51e7b6
  Author: Ian Jackson <address@hidden>
  Date:   2018-04-26 (Thu, 26 Apr 2018)

  Changed paths:
    M hw/i386/xen/xen-hvm.c

  Log Message:
  -----------
  xen: destroy_hvm_domain: Move reason into a variable

We are going to want to reuse this.

No functional change.

Signed-off-by: Ian Jackson <address@hidden>
Reviewed-by: Anthony PERARD <address@hidden>
Acked-by: Stefano Stabellini <address@hidden>


  Commit: 85f3c64da3235ae9f7c66a5264170f5101145b30
      
https://github.com/qemu/qemu/commit/85f3c64da3235ae9f7c66a5264170f5101145b30
  Author: Ian Jackson <address@hidden>
  Date:   2018-04-26 (Thu, 26 Apr 2018)

  Changed paths:
    M include/hw/xen/xen_common.h

  Log Message:
  -----------
  xen: move xc_interface compatibility fallback further up the file

We are going to want to use the dummy xendevicemodel_handle type in
new stub functions in the CONFIG_XEN_CTRL_INTERFACE_VERSION < 41000
section.  So we need to provide that definition, or (as applicable)
include the appropriate header, earlier in the file.

(Ideally the newer compatibility layers would be at the bottom of the
file, so that they can naturally benefit from the compatibility layers
for earlier version.  But that's rather too much for this series.)

No functional change.

Signed-off-by: Ian Jackson <address@hidden>
Acked-by: Anthony PERARD <address@hidden>
Acked-by: Stefano Stabellini <address@hidden>


  Commit: 6b47c2aa780c98cea7a39cbe36c30d3923e5163e
      
https://github.com/qemu/qemu/commit/6b47c2aa780c98cea7a39cbe36c30d3923e5163e
  Author: Ian Jackson <address@hidden>
  Date:   2018-04-26 (Thu, 26 Apr 2018)

  Changed paths:
    M hw/i386/xen/xen-hvm.c
    M include/hw/xen/xen_common.h

  Log Message:
  -----------
  xen: destroy_hvm_domain: Try xendevicemodel_shutdown

xc_interface_open etc. is not going to work if we have dropped
privilege, but xendevicemodel_shutdown will if everything is new
enough.

xendevicemodel_shutdown is only availabe in Xen 4.10 and later, so
provide a stub for earlier versions.

Signed-off-by: Ian Jackson <address@hidden>
Reviewed-by: Anthony PERARD <address@hidden>


  Commit: f0a2171bf9f35b0430e18676a688b2c985f8917a
      
https://github.com/qemu/qemu/commit/f0a2171bf9f35b0430e18676a688b2c985f8917a
  Author: Ian Jackson <address@hidden>
  Date:   2018-04-26 (Thu, 26 Apr 2018)

  Changed paths:
    M os-posix.c

  Log Message:
  -----------
  os-posix: cleanup: Replace fprintfs with error_report in change_process_uid

I'm going to be editing this function and it makes sense to clean up
this style problem in advance.

Signed-off-by: Ian Jackson <address@hidden>
CC: Paolo Bonzini <address@hidden>
CC: Markus Armbruster <address@hidden>
CC: Daniel P. Berrange <address@hidden>
CC: Michael Tokarev <address@hidden>
Reviewed-by: Peter Maydell <address@hidden>
Reviewed-by: Thomas Huth <address@hidden>


  Commit: 2c42f1e80103cb926c0703d4c1ac1fb9c3e2c600
      
https://github.com/qemu/qemu/commit/2c42f1e80103cb926c0703d4c1ac1fb9c3e2c600
  Author: Ian Jackson <address@hidden>
  Date:   2018-04-26 (Thu, 26 Apr 2018)

  Changed paths:
    M os-posix.c
    M qemu-options.hx

  Log Message:
  -----------
  os-posix: Provide new -runas <uid>:<gid> facility

This allows the caller to specify a uid and gid to use, even if there
is no corresponding password entry.  This will be useful in certain
Xen configurations.

We don't support just -runas <uid> because: (i) deprivileging without
calling setgroups would be ineffective (ii) given only a uid we don't
know what gid we ought to use (since uids may eppear in multiple
passwd file entries with different gids).

Signed-off-by: Ian Jackson <address@hidden>
Reviewed-by: Anthony PERARD <address@hidden>
CC: Paolo Bonzini <address@hidden>
CC: Markus Armbruster <address@hidden>
CC: Daniel P. Berrange <address@hidden>
CC: Michael Tokarev <address@hidden>
Reviewed-by: Markus Armbruster <address@hidden>


  Commit: 2cbf8903530b936964dd3af7e2e5bf85c3955d5c
      
https://github.com/qemu/qemu/commit/2cbf8903530b936964dd3af7e2e5bf85c3955d5c
  Author: Ross Lagerwall <address@hidden>
  Date:   2018-04-26 (Thu, 26 Apr 2018)

  Changed paths:
    M configure
    M hw/i386/xen/xen-hvm.c
    M include/hw/xen/xen_common.h

  Log Message:
  -----------
  xen: Use newly added dmops for mapping VGA memory

Xen unstable (to be in 4.11) has two new dmops, relocate_memory and
pin_memory_cacheattr. Use these to set up the VGA memory, replacing the
previous calls to libxc. This allows the VGA console to work properly
when QEMU is running restricted (-xen-domid-restrict).

Wrapper functions are provided to allow QEMU to work with older versions
of Xen.

Tweak the error handling while making this change:
* Report pin_memory_cacheattr errors.
* Report errors even when DEBUG_HVM is not set. This is useful for
trying to understand why VGA is not working, since otherwise it just
fails silently.
* Fix the return values when an error occurs. The functions now
consistently return -1 and set errno.

CC: Ian Jackson <address@hidden>
Signed-off-by: Ross Lagerwall <address@hidden>
Reviewed-by: Ian Jackson <address@hidden>
Signed-off-by: Ian Jackson <address@hidden>
Acked-by: Anthony PERARD <address@hidden>


  Commit: 1c4010fa09971bcb8c696aa1df350263a2bd0298
      
https://github.com/qemu/qemu/commit/1c4010fa09971bcb8c696aa1df350263a2bd0298
  Author: Ian Jackson <address@hidden>
  Date:   2018-04-26 (Thu, 26 Apr 2018)

  Changed paths:
    M include/hw/xen/xen_common.h

  Log Message:
  -----------
  xen: Remove now-obsolete xen_xc_domain_add_to_physmap

The last user was just removed; remove this function, accordingly.

Signed-off-by: Ian Jackson <address@hidden>
Acked-by: Anthony PERARD <address@hidden>


  Commit: 4473348adf6640ca12b95bc29d1b06796994afb2
      
https://github.com/qemu/qemu/commit/4473348adf6640ca12b95bc29d1b06796994afb2
  Author: Ross Lagerwall <address@hidden>
  Date:   2018-04-26 (Thu, 26 Apr 2018)

  Changed paths:
    M hw/xen/xen-common.c

  Log Message:
  -----------
  xen: Expect xenstore write to fail when restricted

Saving the current state to xenstore may fail when running restricted
(in particular, after a migration). Therefore, don't report the error or
exit when running restricted.  Toolstacks that want to allow running
QEMU restricted should instead make use of QMP events to listen for
state changes.

CC: Ian Jackson <address@hidden>
Signed-off-by: Ross Lagerwall <address@hidden>
Reviewed-by: Ian Jackson <address@hidden>
Acked-by: Anthony PERARD <address@hidden>


  Commit: 22cd4f4835b2053271e737b1679927b9b8aa4252
      
https://github.com/qemu/qemu/commit/22cd4f4835b2053271e737b1679927b9b8aa4252
  Author: Ian Jackson <address@hidden>
  Date:   2018-04-26 (Thu, 26 Apr 2018)

  Changed paths:
    M os-posix.c

  Log Message:
  -----------
  os-posix: cleanup: Replace fprintf with error_report in remaining call sites

Signed-off-by: Ian Jackson <address@hidden>
CC: Paolo Bonzini <address@hidden>
CC: Markus Armbruster <address@hidden>
CC: Daniel P. Berrange <address@hidden>
CC: Michael Tokarev <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Reviewed-by: Thomas Huth <address@hidden>


  Commit: a7aaec148e27193cc6f7d33d2f18f81eed011a5c
      
https://github.com/qemu/qemu/commit/a7aaec148e27193cc6f7d33d2f18f81eed011a5c
  Author: Ian Jackson <address@hidden>
  Date:   2018-04-26 (Thu, 26 Apr 2018)

  Changed paths:
    M os-posix.c

  Log Message:
  -----------
  os-posix: cleanup: Replace perror with error_report

perror() is defined to fprintf(stderr,...).  HACKING says
fprintf(stderr,...) is wrong.  So perror() is too.

Signed-off-by: Ian Jackson <address@hidden>
CC: Paolo Bonzini <address@hidden>
CC: Markus Armbruster <address@hidden>
CC: Daniel P. Berrange <address@hidden>
CC: Michael Tokarev <address@hidden>
CC: Alistair Francis <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Reviewed-by: Alistair Francis <address@hidden>


  Commit: 8bbe05d77360b73c1834808023016a778ccf55ca
      
https://github.com/qemu/qemu/commit/8bbe05d77360b73c1834808023016a778ccf55ca
  Author: Ian Jackson <address@hidden>
  Date:   2018-04-26 (Thu, 26 Apr 2018)

  Changed paths:
    M configure

  Log Message:
  -----------
  configure: do_compiler: Dump some extra info under bash

This makes it much easier to find a particular thing in config.log.

We have to use the ${BASH_LINENO[*]} syntax which is a syntax error in
other shells, so test what shell we are running and use eval.

The extra output is only printed if configure is run with bash.  On
systems where /bin/sh is not bash, it is necessary to say bash
./configure to get the extra debug info in the log.

Suggested-by: Eric Blake <address@hidden>
Signed-off-by: Ian Jackson <address@hidden>
CC: Kent R. Spillner <address@hidden>
CC: Janosch Frank <address@hidden>
CC: Thomas Huth <address@hidden>
CC: Peter Maydell <address@hidden>
CC: Paolo Bonzini <address@hidden>
Tested-by: Thomas Huth <address@hidden>


  Commit: ca92651697bdb2f15b36d347a498fbc31f4a4893
      
https://github.com/qemu/qemu/commit/ca92651697bdb2f15b36d347a498fbc31f4a4893
  Author: Peter Maydell <address@hidden>
  Date:   2018-04-26 (Thu, 26 Apr 2018)

  Changed paths:
    M accel/accel.c
    M configure
    M hw/i386/xen/xen-hvm.c
    M hw/xen/xen-common.c
    M include/hw/xen/xen_common.h
    M include/sysemu/accel.h
    M os-posix.c
    M qemu-options.hx
    M scripts/checkpatch.pl
    M vl.c

  Log Message:
  -----------
  Merge remote-tracking branch 'remotes/iwj/tags/for-upstream.depriv-2' into 
staging

xen: xen-domid-restrict improvements

# gpg: Signature made Thu 26 Apr 2018 19:11:22 BST
# gpg:                using RSA key E3E3392348B50D39
# gpg: Good signature from "Ian Jackson (new general purpose key) 
<address@hidden>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 559A E46C 2D6B 6D32 65E7  CBA1 E3E3 3923 48B5 0D39

* remotes/iwj/tags/for-upstream.depriv-2:
  configure: do_compiler: Dump some extra info under bash
  os-posix: cleanup: Replace perror with error_report
  os-posix: cleanup: Replace fprintf with error_report in remaining call sites
  xen: Expect xenstore write to fail when restricted
  xen: Remove now-obsolete xen_xc_domain_add_to_physmap
  xen: Use newly added dmops for mapping VGA memory
  os-posix: Provide new -runas <uid>:<gid> facility
  os-posix: cleanup: Replace fprintfs with error_report in change_process_uid
  xen: destroy_hvm_domain: Try xendevicemodel_shutdown
  xen: move xc_interface compatibility fallback further up the file
  xen: destroy_hvm_domain: Move reason into a variable
  xen: defer call to xen_restrict until just before os_setup_post
  xen: restrict: use xentoolcore_restrict_all
  xen: link against xentoolcore
  AccelClass: Introduce accel_setup_post
  checkpatch: Add xendevicemodel_handle to the list of types

Signed-off-by: Peter Maydell <address@hidden>


Compare: https://github.com/qemu/qemu/compare/b8846a4d6352...ca92651697bd
[Prev in Thread]
Current Thread
[Next in Thread]
[Qemu-commits] [qemu/qemu] 5ac067: checkpatch: Add xendevicemodel_handle to the list ..., GitHub <=
Prev by Date: [Qemu-commits] [qemu/qemu] 47c4f8: hw/char/serial: Allow disconnected chardevs
Next by Date: [Qemu-commits] [qemu/qemu] 4d309c: uninorth: trivial style fixups
Previous by thread: [Qemu-commits] [qemu/qemu] 47c4f8: hw/char/serial: Allow disconnected chardevs
Next by thread: [Qemu-commits] [qemu/qemu] 4d309c: uninorth: trivial style fixups
Index(es):
- Date
- Thread