[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 4ce1e1: scsi/qemu-pr-helper: Fix out-of-bound
|
From: |
Peter Maydell |
|
Subject: |
[Qemu-commits] [qemu/qemu] 4ce1e1: scsi/qemu-pr-helper: Fix out-of-bounds access to t... |
|
Date: |
Tue, 17 Mar 2020 14:15:14 -0700 |
Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: 4ce1e15fbc7266a108a7c77a3962644b3935346e
https://github.com/qemu/qemu/commit/4ce1e15fbc7266a108a7c77a3962644b3935346e
Author: Christophe de Dinechin <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M scsi/qemu-pr-helper.c
Log Message:
-----------
scsi/qemu-pr-helper: Fix out-of-bounds access to trnptid_list[]
Compile error reported by gcc 10.0.1:
scsi/qemu-pr-helper.c: In function ‘multipath_pr_out’:
scsi/qemu-pr-helper.c:523:32: error: array subscript <unknown> is outside array
bounds of ‘struct transportid *[0]’ [-Werror=array-bounds]
523 | paramp.trnptid_list[paramp.num_transportid++] = id;
| ~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from scsi/qemu-pr-helper.c:36:
/usr/include/mpath_persist.h:168:22: note: while referencing ‘trnptid_list’
168 | struct transportid *trnptid_list[];
| ^~~~~~~~~~~~
scsi/qemu-pr-helper.c:424:35: note: defined here ‘paramp’
424 | struct prout_param_descriptor paramp;
| ^~~~~~
This highlights an actual implementation issue in function multipath_pr_out.
The variable paramp is declared with type `struct prout_param_descriptor`,
which is a struct terminated by an empty array in mpath_persist.h:
struct transportid *trnptid_list[];
That empty array was filled with code that looked like that:
trnptid_list[paramp.descr.num_transportid++] = id;
This is an actual out-of-bounds access.
The fix is to malloc `paramp`.
Signed-off-by: Christophe de Dinechin <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 770275ed0c0ab05677472efcf184b1a02ab14d07
https://github.com/qemu/qemu/commit/770275ed0c0ab05677472efcf184b1a02ab14d07
Author: Joe Richey <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M pc-bios/optionrom/pvh_main.c
Log Message:
-----------
optionrom/pvh: scan entire RSDP Area
Right now the PVH option rom scans for the RSDP from 0xE0000 to
0xE1FFF. This is probobly a typo, it should scan from 0xE0000 to
0xFFFFF.
This is actually an issue on some QEMU versions/machines. For example,
when I run QEMU the RSDP is placed at 0xf5ad0 which will not be picked
up by the current implementation.
This bug still allows a Linux guest to boot (in most configurations) as
the kernel will just scan for the RSDP if one isn't provided.
Signed-off-by: Joe Richey <address@hidden>
Reviewed-by: Stefano Garzarella <address@hidden>
Fixes: 2785dc7b17 ("optionrom: add new PVH option rom")
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: f7795e4096d8bd1c767c5ddb450fa859ff20490e
https://github.com/qemu/qemu/commit/f7795e4096d8bd1c767c5ddb450fa859ff20490e
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M block/linux-aio.c
M bsd-user/qemu.h
M contrib/libvhost-user/libvhost-user.h
M hw/acpi/nvdimm.c
M hw/dma/soc_dma.c
M hw/i386/x86.c
M hw/m68k/bootinfo.h
M hw/misc/omap_l4.c
M hw/nvram/eeprom93xx.c
M hw/rdma/vmw/pvrdma_qp_ops.c
M hw/usb/dev-network.c
M hw/usb/dev-smartcard-reader.c
M hw/virtio/virtio.c
M hw/xen/xen_pt.h
M include/hw/acpi/acpi-defs.h
M include/hw/arm/smmu-common.h
M include/hw/i386/intel_iommu.h
M include/hw/virtio/virtio-iommu.h
M include/sysemu/cryptodev.h
M include/tcg/tcg.h
M net/queue.c
M pc-bios/s390-ccw/bootmap.h
M pc-bios/s390-ccw/sclp.h
M tests/qtest/libqos/ahci.h
Log Message:
-----------
misc: Replace zero-length arrays with flexible array member (automatic)
Description copied from Linux kernel commit from Gustavo A. R. Silva
(see [3]):
--v-- description start --v--
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to
declare variable-length types such as these ones is a flexible
array member [1], introduced in C99:
struct foo {
int stuff;
struct boo array[];
};
By making use of the mechanism above, we will get a compiler
warning in case the flexible array does not occur last in the
structure, which will help us prevent some kind of undefined
behavior bugs from being unadvertenly introduced [2] to the
Linux codebase from now on.
--^-- description end --^--
Do the similar housekeeping in the QEMU codebase (which uses
C99 since commit 7be41675f7cb).
All these instances of code were found with the help of the
following Coccinelle script:
@@
identifier s, m, a;
type t, T;
@@
struct s {
...
t m;
- T a[0];
+ T a[];
};
@@
identifier s, m, a;
type t, T;
@@
struct s {
...
t m;
- T a[0];
+ T a[];
} QEMU_PACKED;
[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2]
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=76497732932f
[3]
https://git.kernel.org/pub/scm/linux/kernel/git/gustavoars/linux.git/commit/?id=17642a2fbd2c1
Inspired-by: Gustavo A. R. Silva <address@hidden>
Reviewed-by: David Hildenbrand <address@hidden>
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 880a7817c1a82a93d3f83dfb25dce1f0db629c66
https://github.com/qemu/qemu/commit/880a7817c1a82a93d3f83dfb25dce1f0db629c66
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M block/vmdk.c
M docs/interop/vhost-user.rst
M hw/char/sclpconsole-lm.c
M hw/char/sclpconsole.c
M hw/s390x/virtio-ccw.c
M include/hw/acpi/acpi-defs.h
M include/hw/boards.h
M include/hw/s390x/event-facility.h
M include/hw/s390x/sclp.h
M target/s390x/ioinst.c
Log Message:
-----------
misc: Replace zero-length arrays with flexible array member (manual)
Description copied from Linux kernel commit from Gustavo A. R. Silva
(see [3]):
--v-- description start --v--
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to
declare variable-length types such as these ones is a flexible
array member [1], introduced in C99:
struct foo {
int stuff;
struct boo array[];
};
By making use of the mechanism above, we will get a compiler
warning in case the flexible array does not occur last in the
structure, which will help us prevent some kind of undefined
behavior bugs from being unadvertenly introduced [2] to the
Linux codebase from now on.
--^-- description end --^--
Do the similar housekeeping in the QEMU codebase (which uses
C99 since commit 7be41675f7cb).
All these instances of code were found with the help of the
following command (then manual analysis, without modifying
structures only having a single flexible array member, such
QEDTable in block/qed.h):
git grep -F '[0];'
[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2]
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=76497732932f
[3]
https://git.kernel.org/pub/scm/linux/kernel/git/gustavoars/linux.git/commit/?id=17642a2fbd2c1
Inspired-by: Gustavo A. R. Silva <address@hidden>
Reviewed-by: David Hildenbrand <address@hidden>
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 6b8cd447efdad1d8bb637904e5077900d063e05d
https://github.com/qemu/qemu/commit/6b8cd447efdad1d8bb637904e5077900d063e05d
Author: Robert Hoo <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M configure
Log Message:
-----------
configure: add configure option avx512f_opt
If it is enabled, config-host.mak will have CONFIG_AVX512F_OPT defined.
AVX512F instruction set is available since Intel Skylake, and can be enabled in
compiling with -mavx512f.
More info:
https://software.intel.com/sites/default/files/managed/c5/15/architecture-instruction-set-extensions-programming-reference.pdf
Signed-off-by: Robert Hoo <address@hidden>
Reviewed-by: Richard Henderson <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 27f08ea1c7abf04125f6f9f23b8ba2f8c20e95b6
https://github.com/qemu/qemu/commit/27f08ea1c7abf04125f6f9f23b8ba2f8c20e95b6
Author: Robert Hoo <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M include/qemu/cpuid.h
M util/bufferiszero.c
Log Message:
-----------
util: add util function buffer_zero_avx512()
And intialize buffer_is_zero() with it, when Intel AVX512F is
available on host.
This function utilizes Intel AVX512 fundamental instructions which
is faster than its implementation with AVX2 (in my unit test, with
4K buffer, on CascadeLake SP, ~36% faster, buffer_zero_avx512() V.S.
buffer_zero_avx2()).
Signed-off-by: Robert Hoo <address@hidden>
Reviewed-by: Richard Henderson <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 6785e767017a3fcc39e245b7bca2c383b8bf39ef
https://github.com/qemu/qemu/commit/6785e767017a3fcc39e245b7bca2c383b8bf39ef
Author: Sunil Muthuswamy <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M include/sysemu/whpx.h
M target/i386/whp-dispatch.h
M target/i386/whpx-all.c
Log Message:
-----------
WHPX: TSC get and set should be dependent on VM state
Currently, TSC is set as part of the VM runtime state. Setting TSC at
runtime is heavy and additionally can have side effects on the guest,
which are not very resilient to variances in the TSC. This patch uses
the VM state to determine whether to set TSC or not. Some minor
enhancements for getting TSC values as well that considers the VM state.
Additionally, while setting the TSC, the partition is suspended to
reduce the variance in the TSC value across vCPUs.
Signed-off-by: Sunil Muthuswamy <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: dadf3011c85d5cb165e3cc4434df187ed3d294dd
https://github.com/qemu/qemu/commit/dadf3011c85d5cb165e3cc4434df187ed3d294dd
Author: Sunil Muthuswamy <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M target/i386/whpx-all.c
Log Message:
-----------
WHPX: Use QEMU values for trapped CPUID
Currently, WHPX is using some default values for the trapped CPUID
functions. These were not in sync with the QEMU values because the
CPUID values were never set with WHPX during VCPU initialization.
Additionally, at the moment, WHPX doesn't support setting CPUID
values in the hypervisor at runtime (i.e. after the partition has
been setup). That is needed to be able to set the CPUID values in
the hypervisor during VCPU init.
Until that support comes, use the QEMU values for the trapped CPUIDs.
Signed-off-by: Sunil Muthuswamy <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 6c94b95274b7a602243f8ab5a9c3e54d4f5acc6b
https://github.com/qemu/qemu/commit/6c94b95274b7a602243f8ab5a9c3e54d4f5acc6b
Author: Colin Xu <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M MAINTAINERS
Log Message:
-----------
MAINTAINERS: Add entry for Guest X86 HAXM CPUs
HAXM covers below files:
include/sysemu/hax.h
target/i386/hax-*
V2: Add HAXM github page for wiki and issue tracking.
Cc: Wenchao Wang <address@hidden>
Cc: Hang Yuan <address@hidden>
Reviewed-by: Hang Yuan <address@hidden>
Signed-off-by: Colin Xu <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 3c507c26ecda8f072c80338592d7894543448fe4
https://github.com/qemu/qemu/commit/3c507c26ecda8f072c80338592d7894543448fe4
Author: Jan Kiszka <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M hw/i386/intel_iommu.c
Log Message:
-----------
hw/i386/intel_iommu: Fix out-of-bounds access on guest IRT
vtd_irte_get failed to check the index against the configured table
size, causing an out-of-bounds access on guest memory and potentially
misinterpreting the result.
Signed-off-by: Jan Kiszka <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 78b3f67acdf0f646d35ebdf98b9e91fb04ab9a07
https://github.com/qemu/qemu/commit/78b3f67acdf0f646d35ebdf98b9e91fb04ab9a07
Author: Paolo Bonzini <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M util/oslib-posix.c
Log Message:
-----------
oslib-posix: initialize mutex and condition variable
The mutex and condition variable were never initialized, causing
-mem-prealloc to abort with an assertion failure.
Fixes: 037fb5eb3941c80a2b7c36a843e47207ddb004d4
Reported-by: Marc Hartmayer <address@hidden>
Cc: bauerchen <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 5b42bc5ce9ab4a3171819feea5042931817211fd
https://github.com/qemu/qemu/commit/5b42bc5ce9ab4a3171819feea5042931817211fd
Author: Marc-André Lureau <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M contrib/vhost-user-gpu/Makefile.objs
R contrib/vhost-user-gpu/main.c
A contrib/vhost-user-gpu/vhost-user-gpu.c
Log Message:
-----------
build-sys: do not make qemu-ga link with pixman
Since commit d52c454aadcdae74506f315ebf8b58bb79a05573 ("contrib: add
vhost-user-gpu"), qemu-ga is linking with pixman.
This is because the Make-based build-system use a global namespace for
variables, and we rely on "main.o-libs" for different linking targets.
Note: this kind of variable clashing is hard to fix or prevent
currently. meson should help, as declarations have a linear
dependency and doesn't rely so much on variables and clever tricks.
Note2: we have a lot of main.c (or other duplicated names!) in
tree. Imho, it would be annoying and a bad workaroud to rename all
those to avoid conflicts like I did here.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1811670
Signed-off-by: Marc-André Lureau <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: bd83c861c0628a64997b7bd95c3bcc2e916baf2e
https://github.com/qemu/qemu/commit/bd83c861c0628a64997b7bd95c3bcc2e916baf2e
Author: Christian Ehrhardt <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M configure
M util/module.c
Log Message:
-----------
modules: load modules from versioned /var/run dir
On upgrades the old .so files usually are replaced. But on the other
hand since a qemu process represents a guest instance it is usually kept
around.
That makes late addition of dynamic features e.g. 'hot-attach of a ceph
disk' fail by trying to load a new version of e.f. block-rbd.so into an
old still running qemu binary.
This adds a fallback to also load modules from a versioned directory in the
temporary /var/run path. That way qemu is providing a way for packaging
to store modules of an upgraded qemu package as needed until the next reboot.
An example how that can then be used in packaging can be seen in:
https://git.launchpad.net/~paelzer/ubuntu/+source/qemu/log/?h=bug-1847361-miss-old-so-on-upgrade-UBUNTU
Fixes: https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1847361
Signed-off-by: Christian Ehrhardt <address@hidden>
Reviewed-by: Daniel P. Berrangé <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: bd702ffc506b62623bb5c246f7b706be098038b8
https://github.com/qemu/qemu/commit/bd702ffc506b62623bb5c246f7b706be098038b8
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M configure
Log Message:
-----------
configure: Fix building with SASL on Windows
The Simple Authentication and Security Layer (SASL) library
re-defines the struct iovec on Win32 [*]. QEMU also re-defines
it in "qemu/osdep.h". The two definitions then clash on a MinGW
build.
We can avoid the SASL definition by defining STRUCT_IOVEC_DEFINED.
Since QEMU already defines 'struct iovec' if it is missing, add
the definition to vnc_sasl_cflags to avoid SASL re-defining it.
[*]
https://github.com/cyrusimap/cyrus-sasl/blob/cyrus-sasl-2.1.27/include/sasl.h#L187
Cc: Alexey Pavlov <address@hidden>
Cc: Biswapriyo Nath <address@hidden>
Reported-by: Youry Metlitsky <address@hidden>
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: a4aad716cbda2ea480ba294cfc7690bef3927f3a
https://github.com/qemu/qemu/commit/a4aad716cbda2ea480ba294cfc7690bef3927f3a
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M tests/docker/dockerfiles/debian-amd64.docker
Log Message:
-----------
tests/docker: Install SASL library to extend code coverage on amd64
Install the SASL library to build the VNC SASL auth protocol code.
Reviewed-by: Daniel P. Berrangé <address@hidden>
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 25aa6b3718b6bc936b24045e8f8ba98b47170320
https://github.com/qemu/qemu/commit/25aa6b3718b6bc936b24045e8f8ba98b47170320
Author: Matt Borgerson <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M exec.c
Log Message:
-----------
memory: Fix start offset for bitmap log_clear hook
Currently only the final page offset is being passed to the `log_clear`
hook via `memory_region_clear_dirty_bitmap` after it is used as an
iterator in `cpu_physical_memory_test_and_clear_dirty`. This patch
corrects the start address and size of the region.
Signed-off-by: Matt Borgerson <address@hidden>
Reviewed-by: Peter Xu <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 836e1b3813c522a9e46f70a10d427f70ff590d77
https://github.com/qemu/qemu/commit/836e1b3813c522a9e46f70a10d427f70ff590d77
Author: Felipe Franciosi <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M hw/acpi/ich9.c
M hw/acpi/pcihp.c
M hw/acpi/piix4.c
M hw/isa/lpc_ich9.c
M hw/ppc/spapr_drc.c
M include/qom/object.h
M qom/object.c
M ui/console.c
Log Message:
-----------
qom/object: enable setter for uint types
Traditionally, the uint-specific property helpers only offer getters.
When adding object (or class) uint types, one must therefore use the
generic property helper if a setter is needed (and probably duplicate
some code writing their own getters/setters).
This enhances the uint-specific property helper APIs by adding a
bitwise-or'd 'flags' field and modifying all clients of that API to set
this paramater to OBJ_PROP_FLAG_READ. This maintains the current
behaviour whilst allowing others to also set OBJ_PROP_FLAG_WRITE (or use
the more convenient OBJ_PROP_FLAG_READWRITE) in the future (which will
automatically install a setter). Other flags may be added later.
Signed-off-by: Felipe Franciosi <address@hidden>
Reviewed-by: Marc-André Lureau <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 1f63daa0150599165e42d8779a037dd2bc302a4b
https://github.com/qemu/qemu/commit/1f63daa0150599165e42d8779a037dd2bc302a4b
Author: Felipe Franciosi <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M hw/isa/lpc_ich9.c
Log Message:
-----------
ich9: fix getter type for sci_int property
When QOM APIs were added to ich9 in 6f1426ab, the getter for sci_int was
written using uint32_t. However, the object property is uint8_t. This
fixes the getter for correctness.
Signed-off-by: Felipe Franciosi <address@hidden>
Reviewed-by: Marc-André Lureau <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: a8c1e3bbeeb567239cd5a7f0910ab87b91b0872d
https://github.com/qemu/qemu/commit/a8c1e3bbeeb567239cd5a7f0910ab87b91b0872d
Author: Felipe Franciosi <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M hw/isa/lpc_ich9.c
Log Message:
-----------
ich9: Simplify ich9_lpc_initfn
Currently, ich9_lpc_initfn simply serves as a caller to
ich9_lpc_add_properties. This simplifies the code a bit by eliminating
ich9_lpc_add_properties altogether and executing its logic in the parent
object initialiser function.
Signed-off-by: Felipe Franciosi <address@hidden>
Reviewed-by: Marc-André Lureau <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 64a7b8de42aff54dce4d82585f25060a741531d1
https://github.com/qemu/qemu/commit/64a7b8de42aff54dce4d82585f25060a741531d1
Author: Felipe Franciosi <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M hw/acpi/ich9.c
M hw/isa/lpc_ich9.c
M hw/misc/edu.c
M hw/pci-host/q35.c
M hw/ppc/spapr.c
M memory.c
M target/arm/cpu.c
M target/i386/sev.c
Log Message:
-----------
qom/object: Use common get/set uint helpers
Several objects implemented their own uint property getters and setters,
despite them being straightforward (without any checks/validations on
the values themselves) and identical across objects. This makes use of
an enhanced API for object_property_add_uintXX_ptr() which offers
default setters.
Some of these setters used to update the value even if the type visit
failed (eg. because the value being set overflowed over the given type).
The new setter introduces a check for these errors, not updating the
value if an error occurred. The error is propagated.
Signed-off-by: Felipe Franciosi <address@hidden>
Reviewed-by: Marc-André Lureau <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: acb9f95a7c6fda1e488e117af582d5c7db7a218e
https://github.com/qemu/qemu/commit/acb9f95a7c6fda1e488e117af582d5c7db7a218e
Author: Julio Faracco <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M target/i386/hax-posix.c
M target/i386/hax-windows.c
Log Message:
-----------
i386: Fix GCC warning with snprintf when HAX is enabled
When HAX is enabled (--enable-hax), GCC 9.2.1 reports issues with
snprintf(). Replacing old snprintf() by g_strdup_printf() fixes the
problem with boundary checks of vm_id and vcpu_id and finally the
warnings produced by GCC.
For more details, one example of warning:
CC i386-softmmu/target/i386/hax-posix.o
qemu/target/i386/hax-posix.c: In function ‘hax_host_open_vm’:
qemu/target/i386/hax-posix.c:124:56: error: ‘%02d’ directive output may be
truncated writing between 2 and 11 bytes into a region of size 3
[-Werror=format-truncation=]
124 | snprintf(name, sizeof HAX_VM_DEVFS, "/dev/hax_vm/vm%02d", vm_id);
| ^~~~
qemu/target/i386/hax-posix.c:124:41: note: directive argument in the range
[-2147483648, 64]
124 | snprintf(name, sizeof HAX_VM_DEVFS, "/dev/hax_vm/vm%02d", vm_id);
| ^~~~~~~~~~~~~~~~~~~~
In file included from /usr/include/stdio.h:867,
from qemu/include/qemu/osdep.h:99,
from qemu/target/i386/hax-posix.c:14:
/usr/include/bits/stdio2.h:67:10: note: ‘__builtin___snprintf_chk’ output
between 17 and 26 bytes into a destination of size 17
67 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
68 | __bos (__s), __fmt, __va_arg_pack ());
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Julio Faracco <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 4df28c93528b3189b0e918de6579217cc67e4175
https://github.com/qemu/qemu/commit/4df28c93528b3189b0e918de6579217cc67e4175
Author: Sunil Muthuswamy <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M target/i386/whpx-all.c
Log Message:
-----------
WHPX: Use proper synchronization primitives while processing
WHPX wasn't using the proper synchronization primitives while
processing async events, which can cause issues with SMP.
Signed-off-by: Sunil Muthuswamy <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: c355de59aedd746a6b80b804bdd0bd494e9cac2a
https://github.com/qemu/qemu/commit/c355de59aedd746a6b80b804bdd0bd494e9cac2a
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M Makefile
Log Message:
-----------
Makefile: Align 'help' target output
The 'help' target is displayed unaligned. Add a print-help
function and use it. Now if someone want to change the
indentation, there is a single place to modify.
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 81ed0a5778cf2d942f33492b0832f86850cc180d
https://github.com/qemu/qemu/commit/81ed0a5778cf2d942f33492b0832f86850cc180d
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M Makefile
Log Message:
-----------
Makefile: Let the 'help' target list the tools targets
List the name of the tool targets when calling 'make help':
$ make help
[...]
Tools targets:
qemu-ga - Build qemu-ga tool
qemu-keymap - Build qemu-keymap tool
elf2dmp - Build elf2dmp tool
ivshmem-client - Build ivshmem-client tool
ivshmem-server - Build ivshmem-server tool
qemu-nbd - Build qemu-nbd tool
qemu-img - Build qemu-img tool
qemu-io - Build qemu-io tool
qemu-edid - Build qemu-edid tool
fsdev/virtfs-proxy-helper - Build virtfs-proxy-helper tool
scsi/qemu-pr-helper - Build qemu-pr-helper tool
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 2eea51bd018fa48a952010e9bb7480e9d6390ba3
https://github.com/qemu/qemu/commit/2eea51bd018fa48a952010e9bb7480e9d6390ba3
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M hw/audio/fmopl.c
Log Message:
-----------
hw/audio/fmopl: Move ENV_CURVE to .heap to save 32KiB of .bss
This buffer is only used by the adlib audio device. Move it to
the .heap to release 32KiB of .bss (size reported on x86_64 host).
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Reviewed-by: Stefano Garzarella <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: a9d8ba2be58e067bdfbff830eb9ff438d8db7f10
https://github.com/qemu/qemu/commit/a9d8ba2be58e067bdfbff830eb9ff438d8db7f10
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M hw/audio/intel-hda.c
Log Message:
-----------
hw/audio/intel-hda: Use memory region alias to reduce .rodata by 4.34MB
The intel-hda model uses an array of register indexed by the
register address. This array also contains a pair of aliased
registers at offset 0x2000. This creates a huge hole in the
array, which ends up eating 4.6MiB of .rodata (size reported
on x86_64 host, building with --extra-cflags=-Os).
By using a memory region alias, we reduce this array to 132kB.
Before:
(qemu) info mtree
00000000febd4000-00000000febd7fff (prio 1, i/o): intel-hda
After:
(qemu) info mtree
00000000febd4000-00000000febd7fff (prio 1, i/o): intel-hda
00000000febd4000-00000000febd7fff (prio 1, i/o): intel-hda-container
00000000febd4000-00000000febd5fff (prio 0, i/o): intel-hda
00000000febd6000-00000000febd7fff (prio 0, i/o): alias intel-hda-alias
@intel-hda 0000000000000000-0000000000001fff
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 092b6d1e885c27222a3ff929c56cb71d3f5df8ab
https://github.com/qemu/qemu/commit/092b6d1e885c27222a3ff929c56cb71d3f5df8ab
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M hw/usb/quirks.c
M hw/usb/quirks.h
Log Message:
-----------
hw/usb/quirks: Use smaller types to reduce .rodata by 10KiB
The USB descriptor sizes are specified as 16-bit for idVendor /
idProduct, and 8-bit for bInterfaceClass / bInterfaceSubClass /
bInterfaceProtocol. Doing so we reduce the usbredir_raw_serial_ids[]
and usbredir_ftdi_serial_ids[] arrays from 16KiB to 6KiB (size
reported on x86_64 host, building with --extra-cflags=-Os).
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 80e8c2ed1c4c3b77fe66ac64b7c3e9348d813e9a
https://github.com/qemu/qemu/commit/80e8c2ed1c4c3b77fe66ac64b7c3e9348d813e9a
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M ui/curses.c
Log Message:
-----------
ui/curses: Make control_characters[] array const
As we only use this array as input, make it const.
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Reviewed-by: Stefano Garzarella <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 76c51fc3af34a02a5b6ecebe87dc2c2830251d16
https://github.com/qemu/qemu/commit/76c51fc3af34a02a5b6ecebe87dc2c2830251d16
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M ui/curses.c
Log Message:
-----------
ui/curses: Move arrays to .heap to save 74KiB of .bss
We only need these arrays when using the curses display.
Move them from the .bss to the .heap (sizes reported on
x86_64 host: screen[] is 64KiB, vga_to_curses 7KiB).
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 3b2c52c017fa74783435bc1a429a96ae5e5b164b
https://github.com/qemu/qemu/commit/3b2c52c017fa74783435bc1a429a96ae5e5b164b
Author: Kashyap Chamarthy <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M docs/system/cpu-models-x86.rst.inc
Log Message:
-----------
qemu-cpu-models.rst: Document -noTSX, mds-no, taa-no, and tsx-ctrl
- Add the '-noTSX' variants for CascadeLake and SkyLake.
- Document the three MSR bits: 'mds-no', 'taa-no', and 'tsx-ctrl'
Two confusing things about 'mds-no' (and the first point applies to
the other two MSRs too):
(1) The 'mds-no' bit will _not_ show up in the guest's /proc/cpuinfo.
Rather it is used to fill in the guest's sysfs:
/sys/devices/system/cpu/vulnerabilities/mds:Not affected
Paolo confirmed on IRC as such.
(2) There are _three_ variants[+] of CascadeLake CPUs, with different
stepping levels: 5, 6, and 7. To quote wikichip.org[*]:
"note that while steppings 6 & 7 are fully mitigated, earlier
stepping 5 is not protected against MSBDS, MLPDS, nor MDSUM"
The above is also indicated in the Intel's document[+], as
indicated by "No" under the three columns of MFBDS, MSBDS, and
MLPDS.
I've expressed this in the docs without belabouring the details.
[+]
https://software.intel.com/security-software-guidance/insights/processors-affected-microarchitectural-data-sampling
[*]
https://en.wikichip.org/wiki/intel/microarchitectures/cascade_lake#Key_changes_from_Skylake
Signed-off-by: Kashyap Chamarthy <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 3df261b6676b5850e93d6fab3f7a98f8ee8f19c5
https://github.com/qemu/qemu/commit/3df261b6676b5850e93d6fab3f7a98f8ee8f19c5
Author: Peter Maydell <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M softmmu/vl.c
Log Message:
-----------
softmmu/vl.c: Handle '-cpu help' and '-device help' before 'no default
machine'
Currently if you try to ask for the list of CPUs for a target
architecture which does not specify a default machine type
you just get an error:
$ qemu-system-arm -cpu help
qemu-system-arm: No machine specified, and there is no default
Use -machine help to list supported machines
Since the list of CPUs doesn't depend on the machine, this is
unnecessarily unhelpful. "-device help" has a similar problem.
Move the checks for "did the user ask for -cpu help or -device help"
up so they precede the select_machine() call which checks that the
user specified a valid machine type.
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 67cf3f5cf590549b1b8f8e2eb92ca20ed80d8a0a
https://github.com/qemu/qemu/commit/67cf3f5cf590549b1b8f8e2eb92ca20ed80d8a0a
Author: Eduardo Habkost <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M Makefile.target
M configure
Log Message:
-----------
Use -isystem for linux-headers dir
glibc and Linux-provided headers are known to generate macro
redefinition warnings when used together. For example:
<linux/mman.h> and <sys/mman.h> duplicate some macro definitions.
We normally never see those warnings because GCC suppresses
warnings generated by system headers. We carry our own copy of
Linux header files, though, and this makes those warnings not be
suppressed when glibc headers are included before Linux headers
(e.g. if <sys/mman.h> is included before <linux/mman.h>).
Use -isystem instead of -I for linux-headers. This makes the
compiler treat our linux-headers directory the same way it treats
system-provided Linux headers, and suppress warnings generated by
them.
Signed-off-by: Eduardo Habkost <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 5073b5d3ea303d37f4a8e2ea451d7a2eb1817448
https://github.com/qemu/qemu/commit/5073b5d3ea303d37f4a8e2ea451d7a2eb1817448
Author: Dr. David Alan Gilbert <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M hw/core/loader.c
Log Message:
-----------
exec/rom_reset: Free rom data during inmigrate skip
Commit 355477f8c73e9 skips rom reset when we're an incoming migration
so as not to overwrite shared ram in the ignore-shared migration
optimisation.
However, it's got an unexpected side effect that because it skips
freeing the ROM data, when rom_reset gets called later on, after
migration (e.g. during a reboot), the ROM does get reset to the original
file contents. Because of seabios/x86's weird reboot process
this confuses a reboot into hanging after a migration.
Fixes: 355477f8c73e9 ("migration: do not rom_reset() during incoming migration")
https://bugzilla.redhat.com/show_bug.cgi?id=1809380
Signed-off-by: Dr. David Alan Gilbert <address@hidden>
Reviewed-by: Peter Maydell <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: f962cac4c24157aeceff59cbf9dac8b5e30c55da
https://github.com/qemu/qemu/commit/f962cac4c24157aeceff59cbf9dac8b5e30c55da
Author: Longpeng <address@hidden>
Date: 2020-03-16 (Mon, 16 Mar 2020)
Changed paths:
M cpus.c
Log Message:
-----------
cpus: avoid pause_all_vcpus getting stuck due to race
We found an issue when repeat reboot in guest during migration, it cause the
migration thread never be waken up again.
<main loop> |<migration_thread>
|
LOCK BQL |
... |
main_loop_should_exit |
pause_all_vcpus |
1. set all cpus ->stop=true |
and then kick |
2. return if all cpus is paused |
(by '->stopped == true'), else|
3. qemu_cond_wait [BQL UNLOCK] |
|LOCK BQL
|...
|do_vm_stop
| pause_all_vcpus
| (A)set all cpus ->stop=true
| and then kick
| (B)return if all cpus is paused
| (by '->stopped == true'), else
| (C)qemu_cond_wait [BQL UNLOCK]
4. be waken up and LOCK BQL | (D)be waken up BUT wait for BQL
5. goto 2. |
(BQL is still LOCKed) |
resume_all_vcpus |
1. set all cpus ->stop=false |
and ->stopped=false |
... |
BQL UNLOCK | (E)LOCK BQL
| (F)goto B. [but stopped is false now!]
|Finally, sleep at step 3 forever.
resume_all_vcpus should notice this race, so we need to move the change
of runstate before pause_all_vcpus in do_vm_stop() and ignore the resume
request if runstate is not running.
Cc: Dr. David Alan Gilbert <address@hidden>
Cc: Richard Henderson <address@hidden>
Signed-off-by: Longpeng <address@hidden>
Suggested-by: Paolo Bonzini <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 8834dcf47e8543b92e072706d3a5621762bfa106
https://github.com/qemu/qemu/commit/8834dcf47e8543b92e072706d3a5621762bfa106
Author: Paolo Bonzini <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M include/qemu/lockable.h
Log Message:
-----------
lockable: add QEMU_MAKE_LOCKABLE_NONNULL
This will be needed for lock guards, because if the lock is NULL the
dummy for loop of the lock guard never runs. This can cause confusion
and dummy warnings in the compiler, but even if it did not, aborting
with a NULL pointer dereference is a less surprising behavior.
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 3284c3ddc48ba8fc853858c95d87dcc2ab160b29
https://github.com/qemu/qemu/commit/3284c3ddc48ba8fc853858c95d87dcc2ab160b29
Author: Stefan Hajnoczi <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M include/qemu/lockable.h
M util/qemu-timer.c
Log Message:
-----------
lockable: add lock guards
This patch introduces two lock guard macros that automatically unlock a
lock object (QemuMutex and others):
void f(void) {
QEMU_LOCK_GUARD(&mutex);
if (!may_fail()) {
return; /* automatically unlocks mutex */
}
...
}
and:
WITH_QEMU_LOCK_GUARD(&mutex) {
if (!may_fail()) {
return; /* automatically unlocks mutex */
}
}
/* automatically unlocks mutex here */
...
Convert qemu-timer.c functions that benefit from these macros as an
example. Manual qemu_mutex_lock/unlock() callers are left unmodified in
cases where clarity would not improve by switching to the macros.
Many other QemuMutex users remain in the codebase that might benefit
from lock guards. Over time they can be converted, if that is
desirable.
Signed-off-by: Stefan Hajnoczi <address@hidden>
[Use QEMU_MAKE_LOCKABLE_NONNULL. - Paolo]
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: ac90871cf8030753a7bcef26fa1662c4e3c90078
https://github.com/qemu/qemu/commit/ac90871cf8030753a7bcef26fa1662c4e3c90078
Author: Stefan Hajnoczi <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M include/qemu/lockable.h
M plugins/core.c
M plugins/loader.c
Log Message:
-----------
lockable: add QemuRecMutex support
The polymorphic locking macros don't support QemuRecMutex yet. Add it
so that lock guards can be used with QemuRecMutex.
Convert TCG plugins functions that benefit from these macros. Manual
qemu_rec_mutex_lock/unlock() callers are left unmodified in cases where
clarity would not improve by switching to the macros.
Signed-off-by: Stefan Hajnoczi <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 39fa93c4438e7c5efb93d859224d27d04e5c2160
https://github.com/qemu/qemu/commit/39fa93c4438e7c5efb93d859224d27d04e5c2160
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M memory.c
Log Message:
-----------
memory: Correctly return alias region type
Since memory region aliases are neither rom nor ram, they are
described as i/o, which is often incorrect. Return instead the
type of the original region we are aliasing.
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: 83696c8f78303d916fd8d126bc28b67f25320acb
https://github.com/qemu/qemu/commit/83696c8f78303d916fd8d126bc28b67f25320acb
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M memory.c
Log Message:
-----------
memory: Simplify memory_region_init_rom_nomigrate() to ease review
memory_region_init_rom_nomigrate() has the same content than
memory_region_init_ram_shared_nomigrate(), with setting the
readonly mode. The code is easier to review as creating a
readonly ram/shared/nomigrate region.
Reviewed-by: Alistair Francis <address@hidden>
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: 044e2af9f5f55d81be754a0e2ba1d206ad2b3bc6
https://github.com/qemu/qemu/commit/044e2af9f5f55d81be754a0e2ba1d206ad2b3bc6
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M MAINTAINERS
A scripts/coccinelle/memory-region-housekeeping.cocci
R scripts/coccinelle/memory-region-init-ram.cocci
Log Message:
-----------
scripts/cocci: Rename memory-region-{init-ram -> housekeeping}
As we are going to add various semantic changes related to the memory
region API, rename this script to be more generic.
Add a 'usage' header, and an entry in MAINTAINERS to avoid checkpatch
warning.
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: d3ec684d70d98a9fbc56fda1b611d039c90d0c5f
https://github.com/qemu/qemu/commit/d3ec684d70d98a9fbc56fda1b611d039c90d0c5f
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M scripts/coccinelle/memory-region-housekeeping.cocci
Log Message:
-----------
scripts/cocci: Patch to replace memory_region_init_{ram,readonly -> rom}
Add a semantic patch to replace memory_region_init_ram(readonly)
by memory_region_init_rom().
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: 16260006acf8f3aee589b3fd26a1bbbf7b78ae4b
https://github.com/qemu/qemu/commit/16260006acf8f3aee589b3fd26a1bbbf7b78ae4b
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M hw/arm/exynos4210.c
M hw/arm/mainstone.c
M hw/arm/omap_sx1.c
M hw/arm/palm.c
M hw/arm/spitz.c
M hw/arm/stellaris.c
M hw/arm/tosa.c
Log Message:
-----------
hw/arm: Use memory_region_init_rom() with read-only regions
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: 52013bcea02530bb18691356489dd2612f0eab8f
https://github.com/qemu/qemu/commit/52013bcea02530bb18691356489dd2612f0eab8f
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M hw/display/cg3.c
M hw/display/tcx.c
Log Message:
-----------
hw/display: Use memory_region_init_rom() with read-only regions
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: 9400f3435d4c69d906326c27fdf0f96c3a4a9998
https://github.com/qemu/qemu/commit/9400f3435d4c69d906326c27fdf0f96c3a4a9998
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M hw/m68k/q800.c
Log Message:
-----------
hw/m68k: Use memory_region_init_rom() with read-only regions
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: fcd3b0855ea43bc7ce0a75527cd53c734c236be3
https://github.com/qemu/qemu/commit/fcd3b0855ea43bc7ce0a75527cd53c734c236be3
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M hw/net/dp8393x.c
Log Message:
-----------
hw/net: Use memory_region_init_rom() with read-only regions
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: 4f1c3fd35eb56dbe479e6d66ce296ccc67a440fe
https://github.com/qemu/qemu/commit/4f1c3fd35eb56dbe479e6d66ce296ccc67a440fe
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M hw/pci-host/prep.c
Log Message:
-----------
hw/pci-host: Use memory_region_init_rom() with read-only regions
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Acked-by: David Gibson <address@hidden>
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: 1bbd95cb0838c249ea8994def90b509c5a30803e
https://github.com/qemu/qemu/commit/1bbd95cb0838c249ea8994def90b509c5a30803e
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M hw/ppc/mac_newworld.c
M hw/ppc/mac_oldworld.c
Log Message:
-----------
hw/ppc: Use memory_region_init_rom() with read-only regions
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Acked-by: David Gibson <address@hidden>
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: cc588b2a127d78be7707f9968f4a5b90aed042b5
https://github.com/qemu/qemu/commit/cc588b2a127d78be7707f9968f4a5b90aed042b5
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M hw/riscv/sifive_e.c
Log Message:
-----------
hw/riscv: Use memory_region_init_rom() with read-only regions
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: 5ccc751ef8cd74757966a066cfd938ac2e4efd78
https://github.com/qemu/qemu/commit/5ccc751ef8cd74757966a066cfd938ac2e4efd78
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M hw/sh4/shix.c
Log Message:
-----------
hw/sh4: Use memory_region_init_rom() with read-only regions
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: ec7b217510c06aaa8bb4ab49022ef990a3cac9a9
https://github.com/qemu/qemu/commit/ec7b217510c06aaa8bb4ab49022ef990a3cac9a9
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M hw/sparc/leon3.c
Log Message:
-----------
hw/sparc: Use memory_region_init_rom() with read-only regions
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Reviewed-by: KONRAD Frederic <address@hidden>
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: cf949cbb7079d3856ba61ceab44880ac88f0d7eb
https://github.com/qemu/qemu/commit/cf949cbb7079d3856ba61ceab44880ac88f0d7eb
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M scripts/coccinelle/memory-region-housekeeping.cocci
Log Message:
-----------
scripts/cocci: Patch to detect potential use of memory_region_init_rom
Add a semantic patch to detect potential replacement of
memory_region_init_ram(readonly) by memory_region_init_rom().
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: bb2f4e8d77c4b39ffc04614e0bbd71b3b3c3b340
https://github.com/qemu/qemu/commit/bb2f4e8d77c4b39ffc04614e0bbd71b3b3c3b340
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M scripts/coccinelle/memory-region-housekeeping.cocci
Log Message:
-----------
scripts/cocci: Patch to remove unnecessary memory_region_set_readonly()
Add a semantic patch to remove memory_region_set_readonly() calls
on ROM memory regions.
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: 84969111e656eb594ac123a23aa120ff5e157ee4
https://github.com/qemu/qemu/commit/84969111e656eb594ac123a23aa120ff5e157ee4
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M scripts/coccinelle/memory-region-housekeeping.cocci
Log Message:
-----------
scripts/cocci: Patch to let devices own their MemoryRegions
When a device creates a MemoryRegion without setting its ownership,
the MemoryRegion is added to the machine "/unattached" container in
the QOM tree.
Example with the Samsung SMDKC210 board:
$ arm-softmmu/qemu-system-arm -M smdkc210 -S -monitor stdio
(qemu) info qom-tree
/machine (smdkc210-machine)
/unattached (container)
/io[0] (qemu:memory-region)
/exynos4210.dram0[0] (qemu:memory-region)
/exynos4210.irom[0] (qemu:memory-region)
/exynos4210.iram[0] (qemu:memory-region)
/exynos4210.chipid[0] (qemu:memory-region)
...
/device[26] (exynos4210.uart)
/exynos4210.uart[0] (qemu:memory-region)
/soc (exynos4210)
^
\__ [*]
The irom/iram/chipid regions should go under 'soc' at [*].
Add a semantic patch to let the device own the memory region.
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: de95af9967a777263894165e3ba576581a82da4e
https://github.com/qemu/qemu/commit/de95af9967a777263894165e3ba576581a82da4e
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M hw/core/platform-bus.c
Log Message:
-----------
hw/core: Let devices own the MemoryRegion they create
Avoid orphan memory regions being added in the /unattached QOM
container.
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: b9fc4f6e6218439684abbae863bbcb2ecef9201e
https://github.com/qemu/qemu/commit/b9fc4f6e6218439684abbae863bbcb2ecef9201e
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M hw/display/g364fb.c
M hw/display/macfb.c
Log Message:
-----------
hw/display: Let devices own the MemoryRegion they create
Avoid orphan memory regions being added in the /unattached QOM
container.
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: a8457764877c7d4070e5369e98d27876470ac6d0
https://github.com/qemu/qemu/commit/a8457764877c7d4070e5369e98d27876470ac6d0
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M hw/dma/i8257.c
M hw/dma/rc4030.c
Log Message:
-----------
hw/dma: Let devices own the MemoryRegion they create
Avoid orphan memory regions being added in the /unattached QOM
container.
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: 414c47d234d6b12756d987bd93b9c8a04d009675
https://github.com/qemu/qemu/commit/414c47d234d6b12756d987bd93b9c8a04d009675
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M hw/riscv/sifive_e.c
M hw/riscv/sifive_u.c
Log Message:
-----------
hw/riscv: Let devices own the MemoryRegion they create
Avoid orphan memory regions being added in the /unattached QOM
container.
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: 41e82da57dbb6cad8ef1c9a281a9aac2265a0586
https://github.com/qemu/qemu/commit/41e82da57dbb6cad8ef1c9a281a9aac2265a0586
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M hw/char/serial.c
Log Message:
-----------
hw/char: Let devices own the MemoryRegion they create
Avoid orphan memory regions being added in the /unattached QOM
container.
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: 30ade0c41653e94954971921d2ebeb25e5a206db
https://github.com/qemu/qemu/commit/30ade0c41653e94954971921d2ebeb25e5a206db
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M hw/arm/stm32f205_soc.c
M hw/arm/stm32f405_soc.c
Log Message:
-----------
hw/arm/stm32: Use memory_region_init_rom() with read-only regions
The scripts/coccinelle/memory-region-housekeeping.cocci reported:
* TODO
[[view:./hw/arm/stm32f205_soc.c::face=ovl-face1::linb=96::colb=4::cole=26][potential
use of memory_region_init_rom*() in ./hw/arm/stm32f205_soc.c::96]]
* TODO
[[view:./hw/arm/stm32f405_soc.c::face=ovl-face1::linb=98::colb=4::cole=26][potential
use of memory_region_init_rom*() in ./hw/arm/stm32f405_soc.c::98]]
We can indeed replace the memory_region_init_ram() and
memory_region_set_readonly() calls by memory_region_init_rom().
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: 34b7645880750f0b8b7819249a3e039795137508
https://github.com/qemu/qemu/commit/34b7645880750f0b8b7819249a3e039795137508
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M hw/ppc/ppc405_boards.c
Log Message:
-----------
hw/ppc/ppc405: Use memory_region_init_rom() with read-only regions
The scripts/coccinelle/memory-region-housekeeping.cocci reported:
* TODO
[[view:./hw/ppc/ppc405_boards.c::face=ovl-face1::linb=195::colb=8::cole=30][potential
use of memory_region_init_rom*() in ./hw/ppc/ppc405_boards.c::195]]
* TODO
[[view:./hw/ppc/ppc405_boards.c::face=ovl-face1::linb=464::colb=8::cole=30][potential
use of memory_region_init_rom*() in ./hw/ppc/ppc405_boards.c::464]]
We can indeed replace the memory_region_init_ram() and
memory_region_set_readonly() calls by memory_region_init_rom().
Acked-by: David Gibson <address@hidden>
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: 5b871c1b62036ef06eaf96ec03bbad801fcf9b89
https://github.com/qemu/qemu/commit/5b871c1b62036ef06eaf96ec03bbad801fcf9b89
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M hw/arm/exynos4210.c
M hw/arm/stm32f205_soc.c
M hw/arm/stm32f405_soc.c
Log Message:
-----------
hw/arm: Remove unnecessary memory_region_set_readonly() on ROM alias
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: 32b9523ad5b44dea87792d5d8f71a87e8cc5803b
https://github.com/qemu/qemu/commit/32b9523ad5b44dea87792d5d8f71a87e8cc5803b
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M hw/arm/exynos4210.c
M hw/arm/fsl-imx25.c
M hw/arm/fsl-imx31.c
M hw/arm/fsl-imx6.c
M hw/arm/fsl-imx6ul.c
M hw/arm/msf2-soc.c
M hw/arm/nrf51_soc.c
M hw/arm/stm32f205_soc.c
M hw/arm/stm32f405_soc.c
M hw/arm/xlnx-zynqmp.c
Log Message:
-----------
hw/arm: Let devices own the MemoryRegion they create
Avoid orphan memory regions being added in the /unattached QOM
container.
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Commit: d649689a8ecb2e276cc20d3af6d416e3c299cb17
https://github.com/qemu/qemu/commit/d649689a8ecb2e276cc20d3af6d416e3c299cb17
Author: Peter Maydell <address@hidden>
Date: 2020-03-17 (Tue, 17 Mar 2020)
Changed paths:
M MAINTAINERS
M Makefile
M Makefile.target
M block/linux-aio.c
M block/vmdk.c
M bsd-user/qemu.h
M configure
M contrib/libvhost-user/libvhost-user.h
M contrib/vhost-user-gpu/Makefile.objs
R contrib/vhost-user-gpu/main.c
A contrib/vhost-user-gpu/vhost-user-gpu.c
M cpus.c
M docs/interop/vhost-user.rst
M docs/system/cpu-models-x86.rst.inc
M exec.c
M hw/acpi/ich9.c
M hw/acpi/nvdimm.c
M hw/acpi/pcihp.c
M hw/acpi/piix4.c
M hw/arm/exynos4210.c
M hw/arm/fsl-imx25.c
M hw/arm/fsl-imx31.c
M hw/arm/fsl-imx6.c
M hw/arm/fsl-imx6ul.c
M hw/arm/mainstone.c
M hw/arm/msf2-soc.c
M hw/arm/nrf51_soc.c
M hw/arm/omap_sx1.c
M hw/arm/palm.c
M hw/arm/spitz.c
M hw/arm/stellaris.c
M hw/arm/stm32f205_soc.c
M hw/arm/stm32f405_soc.c
M hw/arm/tosa.c
M hw/arm/xlnx-zynqmp.c
M hw/audio/fmopl.c
M hw/audio/intel-hda.c
M hw/char/sclpconsole-lm.c
M hw/char/sclpconsole.c
M hw/char/serial.c
M hw/core/loader.c
M hw/core/platform-bus.c
M hw/display/cg3.c
M hw/display/g364fb.c
M hw/display/macfb.c
M hw/display/tcx.c
M hw/dma/i8257.c
M hw/dma/rc4030.c
M hw/dma/soc_dma.c
M hw/i386/intel_iommu.c
M hw/i386/x86.c
M hw/isa/lpc_ich9.c
M hw/m68k/bootinfo.h
M hw/m68k/q800.c
M hw/misc/edu.c
M hw/misc/omap_l4.c
M hw/net/dp8393x.c
M hw/nvram/eeprom93xx.c
M hw/pci-host/prep.c
M hw/pci-host/q35.c
M hw/ppc/mac_newworld.c
M hw/ppc/mac_oldworld.c
M hw/ppc/ppc405_boards.c
M hw/ppc/spapr.c
M hw/ppc/spapr_drc.c
M hw/rdma/vmw/pvrdma_qp_ops.c
M hw/riscv/sifive_e.c
M hw/riscv/sifive_u.c
M hw/s390x/virtio-ccw.c
M hw/sh4/shix.c
M hw/sparc/leon3.c
M hw/usb/dev-network.c
M hw/usb/dev-smartcard-reader.c
M hw/usb/quirks.c
M hw/usb/quirks.h
M hw/virtio/virtio.c
M hw/xen/xen_pt.h
M include/hw/acpi/acpi-defs.h
M include/hw/arm/smmu-common.h
M include/hw/boards.h
M include/hw/i386/intel_iommu.h
M include/hw/s390x/event-facility.h
M include/hw/s390x/sclp.h
M include/hw/virtio/virtio-iommu.h
M include/qemu/cpuid.h
M include/qemu/lockable.h
M include/qom/object.h
M include/sysemu/cryptodev.h
M include/sysemu/whpx.h
M include/tcg/tcg.h
M memory.c
M net/queue.c
M pc-bios/optionrom/pvh_main.c
M pc-bios/s390-ccw/bootmap.h
M pc-bios/s390-ccw/sclp.h
M plugins/core.c
M plugins/loader.c
M qom/object.c
A scripts/coccinelle/memory-region-housekeeping.cocci
R scripts/coccinelle/memory-region-init-ram.cocci
M scsi/qemu-pr-helper.c
M softmmu/vl.c
M target/arm/cpu.c
M target/i386/hax-posix.c
M target/i386/hax-windows.c
M target/i386/sev.c
M target/i386/whp-dispatch.h
M target/i386/whpx-all.c
M target/s390x/ioinst.c
M tests/docker/dockerfiles/debian-amd64.docker
M tests/qtest/libqos/ahci.h
M ui/console.c
M ui/curses.c
M util/bufferiszero.c
M util/module.c
M util/oslib-posix.c
M util/qemu-timer.c
Log Message:
-----------
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
* Bugfixes all over the place
* get/set_uint cleanups (Felipe)
* Lock guard support (Stefan)
* MemoryRegion ownership cleanup (Philippe)
* AVX512 optimization for buffer_is_zero (Robert)
# gpg: Signature made Tue 17 Mar 2020 15:01:54 GMT
# gpg: using RSA key BFFBD25F78C7AE83
# gpg: Good signature from "Paolo Bonzini <address@hidden>" [full]
# gpg: aka "Paolo Bonzini <address@hidden>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* remotes/bonzini/tags/for-upstream: (62 commits)
hw/arm: Let devices own the MemoryRegion they create
hw/arm: Remove unnecessary memory_region_set_readonly() on ROM alias
hw/ppc/ppc405: Use memory_region_init_rom() with read-only regions
hw/arm/stm32: Use memory_region_init_rom() with read-only regions
hw/char: Let devices own the MemoryRegion they create
hw/riscv: Let devices own the MemoryRegion they create
hw/dma: Let devices own the MemoryRegion they create
hw/display: Let devices own the MemoryRegion they create
hw/core: Let devices own the MemoryRegion they create
scripts/cocci: Patch to let devices own their MemoryRegions
scripts/cocci: Patch to remove unnecessary memory_region_set_readonly()
scripts/cocci: Patch to detect potential use of memory_region_init_rom
hw/sparc: Use memory_region_init_rom() with read-only regions
hw/sh4: Use memory_region_init_rom() with read-only regions
hw/riscv: Use memory_region_init_rom() with read-only regions
hw/ppc: Use memory_region_init_rom() with read-only regions
hw/pci-host: Use memory_region_init_rom() with read-only regions
hw/net: Use memory_region_init_rom() with read-only regions
hw/m68k: Use memory_region_init_rom() with read-only regions
hw/display: Use memory_region_init_rom() with read-only regions
...
Signed-off-by: Peter Maydell <address@hidden>
Compare: https://github.com/qemu/qemu/compare/cc818a2148c5...d649689a8ecb
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] 4ce1e1: scsi/qemu-pr-helper: Fix out-of-bounds access to t...,
Peter Maydell <=