[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 4da117: fuzz: ignore address_space_map is_wri
From: |
Peter Maydell |
Subject: |
[Qemu-commits] [qemu/qemu] 4da117: fuzz: ignore address_space_map is_write flag |
Date: |
Tue, 02 Feb 2021 05:34:14 -0800 |
Branch: refs/heads/staging
Home: https://github.com/qemu/qemu
Commit: 4da1172b3e2669a06c6b3d2acf73fc212644f4ea
https://github.com/qemu/qemu/commit/4da1172b3e2669a06c6b3d2acf73fc212644f4ea
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M include/exec/memory.h
M include/exec/memory_ldst_cached.h.inc
M memory_ldst.c.inc
M softmmu/memory.c
M softmmu/physmem.c
M tests/qtest/fuzz/generic_fuzz.c
Log Message:
-----------
fuzz: ignore address_space_map is_write flag
We passed an is_write flag to the fuzz_dma_read_cb function to
differentiate between the mapped DMA regions that need to be populated
with fuzzed data, and those that don't. We simply passed through the
address_space_map is_write parameter. The goal was to cut down on
unnecessarily populating mapped DMA regions, when they are not read
from.
Unfortunately, nothing precludes code from reading from regions mapped
with is_write=true. For example, see:
https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg04729.html
This patch removes the is_write parameter to fuzz_dma_read_cb. As a
result, we will fill all mapped DMA regions with fuzzed data, ignoring
the specified transfer direction.
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Message-Id: <20210120060255.558535-1-alxndr@bu.edu>
Commit: c3a320541b4ac93b67844ac749e552488b17954d
https://github.com/qemu/qemu/commit/c3a320541b4ac93b67844ac749e552488b17954d
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M tests/qtest/fuzz/generic_fuzz_configs.h
Log Message:
-----------
fuzz: refine the ide/ahci fuzzer configs
Disks work differently depending on the x86 machine type (SATA vs PATA).
Additionally, we should fuzz the atapi code paths, which might contain
vulnerabilities such as CVE-2020-29443. This patch adds hard-disk and
cdrom generic-fuzzer configs for both the pc (PATA) and q35 (SATA)
machine types.
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Acked-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Message-Id: <20210120152211.109782-1-alxndr@bu.edu>
Commit: d04ffcd377183db1ec62f5a06569484b7e471b49
https://github.com/qemu/qemu/commit/d04ffcd377183db1ec62f5a06569484b7e471b49
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M docs/devel/fuzzing.rst
Log Message:
-----------
docs/fuzz: fix pre-meson path
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210117201014.271610-2-alxndr@bu.edu>
Commit: b51b70fa8be1ac0462f6b7d8398bfb325f375070
https://github.com/qemu/qemu/commit/b51b70fa8be1ac0462f6b7d8398bfb325f375070
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M tests/qtest/fuzz/fuzz.c
Log Message:
-----------
fuzz: log the arguments used to initialize QEMU
This is useful for building reproducers. Instead checking the code or
the QEMU_FUZZ_ARGS, the arguments are at the top of the crash log.
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210117201014.271610-3-alxndr@bu.edu>
Commit: a7222b2c9aa09d7788fe80508cc9249cd249cf3c
https://github.com/qemu/qemu/commit/a7222b2c9aa09d7788fe80508cc9249cd249cf3c
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M tests/qtest/fuzz/generic_fuzz.c
M tests/qtest/fuzz/generic_fuzz_configs.h
Log Message:
-----------
fuzz: enable dynamic args for generic-fuzz configs
For some device configurations, it is useful to configure some
resources, and adjust QEMU arguments at runtime, prior to fuzzing. This
patch adds an "argfunc" to generic the generic_fuzz_config. When
specified, it is responsible for configuring the resources and returning
a string containing the corresponding QEMU arguments. This can be useful
for targets that rely on e.g.:
* a temporary qcow2 image
* a temporary directory
* an unused TCP port used to bind the VNC server
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210117230924.449676-2-alxndr@bu.edu>
Commit: 9c38296aec8e4c3b3f2319ed16e16d4a3b5b9d03
https://github.com/qemu/qemu/commit/9c38296aec8e4c3b3f2319ed16e16d4a3b5b9d03
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M docs/devel/fuzzing.rst
Log Message:
-----------
docs/fuzz: add some information about OSS-Fuzz
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Message-Id: <20210117230924.449676-3-alxndr@bu.edu>
Commit: fd6833b670762ffd3cc63750ee7b3a0a76d89092
https://github.com/qemu/qemu/commit/fd6833b670762ffd3cc63750ee7b3a0a76d89092
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M tests/qtest/fuzz/generic_fuzz_configs.h
Log Message:
-----------
fuzz: add virtio-9p configurations for fuzzing
virtio-9p devices are often used to expose a virtual-filesystem to the
guest. There have been some bugs reported in this device, such as
CVE-2018-19364, and CVE-2021-20181. We should fuzz this device
This patch adds two virtio-9p configurations:
* One with the widely used -fsdev local driver. This driver leaks some
state in the form of files/directories created in the shared dir.
* One with the synth driver. While it is not used in the real world, this
driver won't leak leak state between fuzz inputs.
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Message-Id: <20210117230924.449676-4-alxndr@bu.edu>
Commit: f6eebca2258299af8933a13287dabe4667a24dc9
https://github.com/qemu/qemu/commit/f6eebca2258299af8933a13287dabe4667a24dc9
Author: Paolo Bonzini <pbonzini@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M target/i386/cpu.c
Log Message:
-----------
target/i386: do not set LM for 32-bit emulation "-cpu host/max"
32-bit targets by definition do not support long mode; therefore, the
bit must be masked in the features supported by the accelerator.
As a side effect, this avoids setting up the 0x80000008 CPUID leaf
for
qemu-system-i386 -cpu host
which since commit 5a140b255d ("x86/cpu: Use max host physical address
if -cpu max option is applied") would have printed this error:
qemu-system-i386: phys-bits should be between 32 and 36 (but is 48)
Reported-by: Nathan Chancellor <natechancellor@gmail.com>
Tested-by: Nathan Chancellor <natechancellor@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 7a17144ac129bc9faced64cdb7774d15cff80a04
https://github.com/qemu/qemu/commit/7a17144ac129bc9faced64cdb7774d15cff80a04
Author: Igor Mammedov <imammedo@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M backends/hostmem.c
M qemu-options.hx
Log Message:
-----------
machine: add missing doc for memory-backend option
Add documentation for '-machine memory-backend' CLI option and
how to use it.
And document that x-use-canonical-path-for-ramblock-id,
is considered to be stable to make sure it won't go away by accident.
x- was intended for unstable/iternal properties, and not supposed to
be stable option. However it's too late to rename (drop x-)
it as it would mean that users will have to mantain both
x-use-canonical-path-for-ramblock-id (for QEMU 5.0-5.2) versions
and prefix-less for later versions.
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20210121161504.1007247-1-imammedo@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 7652fd90d2c44103639d6e03d68cc4841f5a1cff
https://github.com/qemu/qemu/commit/7652fd90d2c44103639d6e03d68cc4841f5a1cff
Author: Paolo Bonzini <pbonzini@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M docs/devel/build-system.rst
M meson.build
Log Message:
-----------
meson: accept either shared or static libraries if --disable-static
Meson's "static" argument to cc.find_library is a tri-state. By default
Meson *prefers* a shared library, which basically means using -l to
look for it; instead, "static: false" *requires* a shared library. Of
course, "static: true" requires a static library, which is all good
for --enable-static builds.
For --disable-static, "static: false" is rarely desirable; it does not
match what the configure script used to do and the test is more complex
(and harder to debug if it fails, which was reported by Peter Lieven
for librbd).
Reported-by: Peter Lieven <pl@kamp.de>
Tested-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: dd1dcb812195873fe5664cbef3b53b6019ac24e7
https://github.com/qemu/qemu/commit/dd1dcb812195873fe5664cbef3b53b6019ac24e7
Author: Paolo Bonzini <pbonzini@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M meson.build
Log Message:
-----------
meson: honor --enable-rbd if cc.links test fails
If the link test failed, compilation proceeded with RBD disabled,
even if --enable-rbd was used on the configure command line.
Fix that.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: c744b8c94d796f4dcdee40889533df19e0db37fa
https://github.com/qemu/qemu/commit/c744b8c94d796f4dcdee40889533df19e0db37fa
Author: Wei Huang <wei.huang2@amd.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M target/i386/cpu.c
M target/i386/cpu.h
Log Message:
-----------
x86/cpu: Populate SVM CPUID feature bits
Newer AMD CPUs will add CPUID_0x8000000A_EDX[28] bit, which indicates
that SVM instructions (VMRUN/VMSAVE/VMLOAD) will trigger #VMEXIT before
CPU checking their EAX against reserved memory regions. This change will
allow the hypervisor to avoid intercepting #GP and emulating SVM
instructions. KVM turns on this CPUID bit for nested VMs. In order to
support it, let us populate this bit, along with other SVM feature bits,
in FEAT_SVM.
Signed-off-by: Wei Huang <wei.huang2@amd.com>
Message-Id: <20210126202456.589932-1-wei.huang2@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: f711d2e36c23b778fd111ab90d82d0e3cb4a2d4e
https://github.com/qemu/qemu/commit/f711d2e36c23b778fd111ab90d82d0e3cb4a2d4e
Author: Qiuhao Li <Qiuhao.Li@outlook.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M scripts/oss-fuzz/minimize_qtest_trace.py
Log Message:
-----------
fuzz: fix wrong index in clear_bits
Signed-off-by: Qiuhao Li <Qiuhao.Li@outlook.com>
Message-Id:
<SYCPR01MB3502E9F6EB06DEDCD484F738FCBA9@SYCPR01MB3502.ausprd01.prod.outlook.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 19d5a2445def802f53491952e85acdb78667bfa2
https://github.com/qemu/qemu/commit/19d5a2445def802f53491952e85acdb78667bfa2
Author: Stefan Reiter <s.reiter@proxmox.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M docs/meson.build
Log Message:
-----------
docs: don't install corresponding man page if guest agent is disabled
No sense outputting the qemu-ga and qemu-ga-ref man pages when the guest
agent binary itself is disabled. This mirrors behaviour from before the
meson switch.
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
Message-Id: <20210128145801.14384-1-s.reiter@proxmox.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 4ea8a7bc744da341d0128f6a2dd311d278c5bd74
https://github.com/qemu/qemu/commit/4ea8a7bc744da341d0128f6a2dd311d278c5bd74
Author: Maxim Levitsky <mlevitsk@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M hw/scsi/virtio-scsi-dataplane.c
Log Message:
-----------
virtio-scsi: don't uninitialize queues that we didn't initialize
Count number of queues that we initialized and only deinitialize these that we
initialized successfully.
Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
Message-Id: <20201217150040.906961-3-mlevitsk@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: ef4676fa6c995d572b83079ecee75a78d5f2d0e9
https://github.com/qemu/qemu/commit/ef4676fa6c995d572b83079ecee75a78d5f2d0e9
Author: Maxim Levitsky <mlevitsk@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M include/qemu/event_notifier.h
M util/event_notifier-posix.c
Log Message:
-----------
event_notifier: handle initialization failure better
Add 'initialized' field and use it to avoid touching event notifiers which are
either not initialized or if their initialization failed.
This is somewhat a hack, but it seems the less intrusive way to make
virtio code deal with event notifiers that failed initialization.
Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
Message-Id: <20201217150040.906961-4-mlevitsk@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 8066f2db6d74e9087473f9e1081bb8c52d96c08b
https://github.com/qemu/qemu/commit/8066f2db6d74e9087473f9e1081bb8c52d96c08b
Author: David Greenaway <dgreenaway@google.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M target/i386/tcg/translate.c
Log Message:
-----------
target/i386: Fix decoding of certain BMI instructions
This patch fixes a translation bug for a subset of x86 BMI instructions
such as the following:
c4 e2 f9 f7 c0 shlxq %rax, %rax, %rax
Currently, these incorrectly generate an undefined instruction exception
when SSE is disabled via CR4, while instructions like "shrxq" work fine.
The problem appears to be related to BMI instructions encoded using VEX
and with a mandatory prefix of "0x66" (data). Instructions with this
data prefix (such as shlxq) are currently rejected. Instructions with
other mandatory prefixes (such as shrxq) translate as expected.
This patch removes the incorrect check in "gen_sse" that causes the
exception to be generated. For the non-BMI cases, the check is
redundant: prefixes are already checked at line 3696.
Buglink: https://bugs.launchpad.net/qemu/+bug/1748296
Signed-off-by: David Greenaway <dgreenaway@google.com>
Message-Id: <20210114063958.1508050-1-dgreenaway@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 06a032fc81096cc066bf037087435455a9f3dc61
https://github.com/qemu/qemu/commit/06a032fc81096cc066bf037087435455a9f3dc61
Author: Paolo Bonzini <pbonzini@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M target/i386/cpu.c
M target/i386/cpu.h
M target/i386/helper.c
M target/i386/machine.c
M target/i386/tcg/excp_helper.c
M target/i386/tcg/misc_helper.c
Log Message:
-----------
target/i86: implement PKS
Protection Keys for Supervisor-mode pages is a simple extension of
the PKU feature that QEMU already implements. For supervisor-mode
pages, protection key restrictions come from a new MSR. The MSR
has no XSAVE state associated to it.
PKS is only respected in long mode. However, in principle it is
possible to set the MSR even outside long mode, and in fact
even the XSAVE state for PKRU could be set outside long mode
using XRSTOR. So do not limit the migration subsections for
PKRU and PKRS to long mode.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 2ff6cacba5ecf86ca45d6903367747115136fbb0
https://github.com/qemu/qemu/commit/2ff6cacba5ecf86ca45d6903367747115136fbb0
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M configure
Log Message:
-----------
configure: Fix --enable-tcg-interpreter
The configure option was backward, and we failed to
pass the value on to meson.
Fixes: 23a77b2d18b ("build-system: clean up TCG/TCI configury")
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210124211119.35563-1-richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Tested-by: Stefan Weil <sw@weilnetz.de>
Message-Id: <20210125144530.2837481-2-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: d2ca3555e3da2d7c2094c991bc47b6c25143c5a9
https://github.com/qemu/qemu/commit/d2ca3555e3da2d7c2094c991bc47b6c25143c5a9
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M configure
M meson_options.txt
Log Message:
-----------
configure: Improve TCI feature description
Users might want to enable all features, without realizing some
features have negative effect. Mention the TCI feature is slow
and experimental, hoping it will be selected knowingly.
Suggested-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20210125144530.2837481-3-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 2dcfbe53cc6c5198753c0921501c61cb95411eb0
https://github.com/qemu/qemu/commit/2dcfbe53cc6c5198753c0921501c61cb95411eb0
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M meson.build
Log Message:
-----------
meson: Explicit TCG backend used
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20210125144530.2837481-4-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 3d27995a8d7cdaf9e875e3880aa710bbe3ecdd77
https://github.com/qemu/qemu/commit/3d27995a8d7cdaf9e875e3880aa710bbe3ecdd77
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M meson.build
Log Message:
-----------
meson: Warn when TCI is selected but TCG backend is available
Some new users get confused with 'TCG' and 'TCI', and enable TCI
support expecting to enable TCG.
Emit a warning when native TCG backend is available on the
host architecture, mentioning this is a suboptimal configuration.
Reviewed-by: Thomas Huth <thuth@redhat.com>
Suggested-by: Daniel Berrangé <berrange@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20210125144530.2837481-5-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: bcce00e919422acd6b2510787d417a37f0bed87f
https://github.com/qemu/qemu/commit/bcce00e919422acd6b2510787d417a37f0bed87f
Author: Marc-André Lureau <marcandre.lureau@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M slirp
Log Message:
-----------
slirp: update to git master
git cherry-diff:
Commits on bacb71f1c3ed5f40e393afd8be81bedfba13a401 branch that is not on
8f43a99191afb47ca3f3c6972f6306209f367ece branch
+ 1021b0dc38d39f1dc95a296fe3e05a24a087cdc6 disable_dns option
+ 0f94ceec752592e4ac632a24e3c64a97dd09bf4c limit vnameserver_addr to port 53
+ b57bafa852ef16b133907a13678ec69e9531f177 libslirp.h: fix SlirpConfig v3
documentation
+ 1abf18b2b5edb462797629ed47ad4515a195686e Update CHANGELOG
+ ff4ecf9b6c6542b24b4ac6ea178be9d44e159f79 Release v4.3.0
+ 21f1d933050a40d62612c6274c32de60b811d9ea changelog: post-release
+ 376187c4b14c795763d472214812826eebe7e9c2 Release v4.3.1
+ 73336e08902a7e826f7d960453df037380266186 changelog: post-release
+ 5c1c9d43be61571608e9b14615045b67b830daf5 udp, udp6, icmp: handle TTL value
+ 73ed49ab71998d4288e71e954ef6214b70f23d79 icmp, icmp6: Add icmp_forward_error
and icmp6_forward_error
+ 7a4840a57ec7dbc37cca1ab96f058a9610b26950 udp, udp6, icmp, icmp6: Enable
forwarding errors on Linux
+ e9b2bc19ae652a2907f247e621b2e4773bdd2aab TCPIPHDR_DELTA: Fix potential
negative value
+ 39f9a363eec082f04513413046321abd04163148 .gitlab-ci: add a Coverity stage
+ 1b0093b973cfa0dc041522e5d4e6f576b2df642e sosendoob: better document what urgc
is used for
+ 5b9ad89ebbb8afa50162c9156fabd5fc56291088 Add G_GNUC_PRINTF to local function
slirp_vsnprintf
+ 8a808aa493980e212b4d5f5465330905c8294e59 meson: remove meson-dist script
+ 0b669b5fbe4d3c25a682a67f1059d8633c963b3d meson: support compiling as
subproject
+ 9f82a47b81f2864422b82c1e40e51a2ed9c6ac32 Add DNS resolving for iOS
+ c0eac03e8ce1b9a743231f2fe21e7cb579fc9339 Remove the QEMU-special make
build-system
+ 1bfd4d9368f9fa2e4f0731e1266bec05bbc83a80 socket: consume empty packets
+ 92413be68914f8cae2f5bad4bf3ab8491dcbc5d7 Release v4.4.0
+ 07e8cfac69766081871ab620d9f16a630543d302 changelog: post-release
+ 4c4e035813313d02b63fdeb920d56fb2fdc0a5b1 Remove some needless (void)casts
+ eee9db9d115d91aa82f33685c4e76d656db92976 fork_exec_child_setup: improve
signal handling
+ 216f434a018b3af182a4f31bbe5a00daee170343 Fix unused variables
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20210125073427.3970606-2-marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 031eedc4b81fdb6ebf1be31f71e8bd9f275e1e8f
https://github.com/qemu/qemu/commit/031eedc4b81fdb6ebf1be31f71e8bd9f275e1e8f
Author: Paolo Bonzini <pbonzini@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M .gitmodules
M configure
M meson.build
R slirp
A subprojects/libslirp
Log Message:
-----------
build-sys: make libslirp a meson subproject
Remove the manual build.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20210125073427.3970606-3-marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: c6ede2e4b04d29814479ad54abce52b7fbfe5e95
https://github.com/qemu/qemu/commit/c6ede2e4b04d29814479ad54abce52b7fbfe5e95
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M tests/meson.build
Log Message:
-----------
tests/meson: Only build softfloat objects if TCG is selected
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210122204441.2145197-3-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 02842f7d6efac77a9d1387a50391505acffc8117
https://github.com/qemu/qemu/commit/02842f7d6efac77a9d1387a50391505acffc8117
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M pc-bios/meson.build
Log Message:
-----------
pc-bios/meson: Only install EDK2 blob firmwares with system emulation
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210122204441.2145197-4-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 2a4e5b4f00df6658866df6c051d3602ad41dd19e
https://github.com/qemu/qemu/commit/2a4e5b4f00df6658866df6c051d3602ad41dd19e
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M meson.build
Log Message:
-----------
meson: Restrict block subsystem processing
Avoid generating module_block.h and block-gen.c if we are
not going to use them.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210122204441.2145197-6-philmd@redhat.com>
[Extend to nearby files and directories. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 5a6c15b51fb9d5903fa0ded5dfb2213e7db40fa3
https://github.com/qemu/qemu/commit/5a6c15b51fb9d5903fa0ded5dfb2213e7db40fa3
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M meson.build
Log Message:
-----------
meson: Merge trace_events_subdirs array
The trace_events_subdirs array is split in two different
locations, merge it as one.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Claudio Fontana <cfontana@suse.de>
Message-Id: <20210122204441.2145197-7-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 13c123afb80931b9711e81deb60d2c19d797b4ff
https://github.com/qemu/qemu/commit/13c123afb80931b9711e81deb60d2c19d797b4ff
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M meson.build
Log Message:
-----------
meson: Restrict some trace event directories to user/system emulation
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210122204441.2145197-8-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 607f66f076d35a22b568e478bee12dc14fbcce44
https://github.com/qemu/qemu/commit/607f66f076d35a22b568e478bee12dc14fbcce44
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M meson.build
Log Message:
-----------
meson: Restrict emulation code
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210122204441.2145197-9-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 899a878ec32ec05943d356506b7173f61cd9c75e
https://github.com/qemu/qemu/commit/899a878ec32ec05943d356506b7173f61cd9c75e
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M MAINTAINERS
M qapi/meson.build
M stubs/meson.build
A stubs/qdev.c
Log Message:
-----------
qapi/meson: Restrict qdev code to system-mode emulation
Beside a CPU device, user-mode emulation doesn't access
anything else from qdev subsystem.
Tools don't need anything from qdev.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210122204441.2145197-10-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 711118b22258d87d5fe9ce909eac98c35196dc94
https://github.com/qemu/qemu/commit/711118b22258d87d5fe9ce909eac98c35196dc94
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M qapi/meson.build
M tests/meson.build
Log Message:
-----------
qapi/meson: Remove QMP from user-mode emulation
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210122204441.2145197-11-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: af420bd7b1405ad812ece0ced995f6ca3fe16bbb
https://github.com/qemu/qemu/commit/af420bd7b1405ad812ece0ced995f6ca3fe16bbb
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M qapi/meson.build
Log Message:
-----------
qapi/meson: Restrict system-mode specific modules
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210122204441.2145197-12-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: f0591160f1cdc137164d25237d73704ffea56bcd
https://github.com/qemu/qemu/commit/f0591160f1cdc137164d25237d73704ffea56bcd
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M qapi/meson.build
Log Message:
-----------
qapi/meson: Restrict UI module to system emulation and tools
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210122204441.2145197-13-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 5d27034a0123483397967263cad0df4e8085578e
https://github.com/qemu/qemu/commit/5d27034a0123483397967263cad0df4e8085578e
Author: Alexander Graf <agraf@csgraf.de>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M target/i386/hvf/hvf.c
Log Message:
-----------
hvf: Fetch cr4 before evaluating CPUID(1)
The CPUID function 1 has a bit called OSXSAVE which tells user space the
status of the CR4.OSXSAVE bit. Our generic CPUID function injects that bit
based on the status of CR4.
With Hypervisor.framework, we do not synchronize full CPU state often enough
for this function to see the CR4 update before guest user space asks for it.
To be on the save side, let's just always synchronize it when we receive a
CPUID(1) request. That way we can set the bit with real confidence.
Reported-by: Asad Ali <asad@osaro.com>
Signed-off-by: Alexander Graf <agraf@csgraf.de>
Message-Id: <20210123004129.6364-1-agraf@csgraf.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 26fa2004b82f22028a67811392b73869452ad697
https://github.com/qemu/qemu/commit/26fa2004b82f22028a67811392b73869452ad697
Author: Thomas Huth <thuth@redhat.com>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M accel/kvm/kvm-all.c
Log Message:
-----------
accel/kvm/kvm-all: Fix wrong return code handling in dirty log code
The kvm_vm_ioctl() wrapper already returns -errno if the ioctl itself
returned -1, so the callers of kvm_vm_ioctl() should not check for -1
but for a value < 0 instead.
This problem has been fixed once already in commit b533f658a98325d0e4
but that commit missed that the ENOENT error code is not fatal for
this ioctl, so the commit has been reverted in commit 50212d6346f33d6e
since the problem occurred close to a pending release at that point
in time. The plan was to fix it properly after the release, but it
seems like this has been forgotten. So let's do it now finally instead.
Resolves: https://bugs.launchpad.net/qemu/+bug/1294227
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210129084354.42928-1-thuth@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 470fd3f91bb4565bc14b0ec4c097a3b1da406cd3
https://github.com/qemu/qemu/commit/470fd3f91bb4565bc14b0ec4c097a3b1da406cd3
Author: Pavel Dovgalyuk <pavel.dovgalyuk@ispras.ru>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M accel/tcg/tcg-cpus-icount.c
Log Message:
-----------
replay: fix replay of the interrupts
Sometimes interrupt event comes at the same time with
the virtual timers. In this case replay tries to proceed
the timers, because deadline for them is zero.
This patch allows processing interrupts and exceptions
by entering the vCPU execution loop, when deadline is zero,
but checkpoint associated with virtual timers is not ready
to be replayed.
Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgalyuk@ispras.ru>
Message-Id: <161216312794.2030770.1709657858900983160.stgit@pasha-ThinkPad-X280>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: a365bda83444f142bb1b9c1b5fdcdefade87981d
https://github.com/qemu/qemu/commit/a365bda83444f142bb1b9c1b5fdcdefade87981d
Author: Sergei Trofimovich <slyfox@gentoo.org>
Date: 2021-02-01 (Mon, 01 Feb 2021)
Changed paths:
M pc-bios/descriptors/meson.build
Log Message:
-----------
pc-bios/descriptors: fix paths in json files
Before the change /usr/share/qemu/firmware/50-edk2-x86_64-secure.json
contained the relative path:
"filename": "share/qemu/edk2-x86_64-secure-code.fd",
"filename": "share/qemu/edk2-i386-vars.fd",
After then change the paths are absolute:
"filename": "/usr/share/qemu/edk2-x86_64-secure-code.fd",
"filename": "/usr/share/qemu/edk2-i386-vars.fd",
The regression appeared in qemu-5.2.0 (seems to be related
to meson port).
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: "Marc-André Lureau" <marcandre.lureau@redhat.com>
CC: "Philippe Mathieu-Daudé" <philmd@redhat.com>
Bug: https://bugs.gentoo.org/766743
Bug: https://bugs.launchpad.net/qemu/+bug/1913012
Signed-off-by: Jannik Glückert <jannik.glueckert@gmail.com>
Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
Message-Id: <20210131143434.2513363-1-slyfox@gentoo.org>
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 3ccdfb4d61e87e2778b0bef4d2a3fa89b96917aa
https://github.com/qemu/qemu/commit/3ccdfb4d61e87e2778b0bef4d2a3fa89b96917aa
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M .gitmodules
M MAINTAINERS
M accel/kvm/kvm-all.c
M accel/tcg/tcg-cpus-icount.c
M backends/hostmem.c
M configure
M docs/devel/build-system.rst
M docs/devel/fuzzing.rst
M docs/meson.build
M hw/scsi/virtio-scsi-dataplane.c
M include/exec/memory.h
M include/exec/memory_ldst_cached.h.inc
M include/qemu/event_notifier.h
M memory_ldst.c.inc
M meson.build
M meson_options.txt
M pc-bios/descriptors/meson.build
M pc-bios/meson.build
M qapi/meson.build
M qemu-options.hx
M scripts/oss-fuzz/minimize_qtest_trace.py
R slirp
M softmmu/memory.c
M softmmu/physmem.c
M stubs/meson.build
A stubs/qdev.c
A subprojects/libslirp
M target/i386/cpu.c
M target/i386/cpu.h
M target/i386/helper.c
M target/i386/hvf/hvf.c
M target/i386/machine.c
M target/i386/tcg/excp_helper.c
M target/i386/tcg/misc_helper.c
M target/i386/tcg/translate.c
M tests/meson.build
M tests/qtest/fuzz/fuzz.c
M tests/qtest/fuzz/generic_fuzz.c
M tests/qtest/fuzz/generic_fuzz_configs.h
M util/event_notifier-posix.c
Log Message:
-----------
Merge remote-tracking branch 'remotes/bonzini-gitlab/tags/for-upstream' into
staging
* Fuzzing improvements (Qiuhao, Alexander)
* i386: Fix BMI decoding for instructions with the 0x66 prefix (David)
* slirp update (Marc-André)
* initial attempt at fixing event_notifier emulation (Maxim)
* i386: PKS emulation, fix for "qemu-system-i386 -cpu host" (myself)
* meson: RBD test fixes (myself)
* meson: TCI warnings (Philippe)
* Leaner build for --disable-guest-agent, --disable-system and
--disable-tools (Philippe, Stefan)
* --enable-tcg-interpreter fix (Richard)
* i386: SVM feature bits (Wei)
* HVF bugfix (Alex)
* KVM bugfix (Thomas)
# gpg: Signature made Mon 01 Feb 2021 16:35:04 GMT
# gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg: issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* remotes/bonzini-gitlab/tags/for-upstream: (38 commits)
pc-bios/descriptors: fix paths in json files
replay: fix replay of the interrupts
accel/kvm/kvm-all: Fix wrong return code handling in dirty log code
hvf: Fetch cr4 before evaluating CPUID(1)
qapi/meson: Restrict UI module to system emulation and tools
qapi/meson: Restrict system-mode specific modules
qapi/meson: Remove QMP from user-mode emulation
qapi/meson: Restrict qdev code to system-mode emulation
meson: Restrict emulation code
meson: Restrict some trace event directories to user/system emulation
meson: Merge trace_events_subdirs array
meson: Restrict block subsystem processing
pc-bios/meson: Only install EDK2 blob firmwares with system emulation
tests/meson: Only build softfloat objects if TCG is selected
build-sys: make libslirp a meson subproject
slirp: update to git master
meson: Warn when TCI is selected but TCG backend is available
meson: Explicit TCG backend used
configure: Improve TCI feature description
configure: Fix --enable-tcg-interpreter
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Compare: https://github.com/qemu/qemu/compare/a108ee9ad4e2...3ccdfb4d61e8
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] 4da117: fuzz: ignore address_space_map is_write flag,
Peter Maydell <=