[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 96ccfd: fuzz: ignore address_space_map is_wri
|
From: |
Peter Maydell |
|
Subject: |
[Qemu-commits] [qemu/qemu] 96ccfd: fuzz: ignore address_space_map is_write flag |
|
Date: |
Wed, 03 Feb 2021 06:14:37 -0800 |
Branch: refs/heads/staging
Home: https://github.com/qemu/qemu
Commit: 96ccfde8d85210e47fad87a11893564fb99feb2b
https://github.com/qemu/qemu/commit/96ccfde8d85210e47fad87a11893564fb99feb2b
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M include/exec/memory.h
M include/exec/memory_ldst_cached.h.inc
M memory_ldst.c.inc
M softmmu/memory.c
M softmmu/physmem.c
M tests/qtest/fuzz/generic_fuzz.c
Log Message:
-----------
fuzz: ignore address_space_map is_write flag
We passed an is_write flag to the fuzz_dma_read_cb function to
differentiate between the mapped DMA regions that need to be populated
with fuzzed data, and those that don't. We simply passed through the
address_space_map is_write parameter. The goal was to cut down on
unnecessarily populating mapped DMA regions, when they are not read
from.
Unfortunately, nothing precludes code from reading from regions mapped
with is_write=true. For example, see:
https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg04729.html
This patch removes the is_write parameter to fuzz_dma_read_cb. As a
result, we will fill all mapped DMA regions with fuzzed data, ignoring
the specified transfer direction.
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Message-Id: <20210120060255.558535-1-alxndr@bu.edu>
Commit: 3682f42b09c7d01fd96a51bd02744e91999362ad
https://github.com/qemu/qemu/commit/3682f42b09c7d01fd96a51bd02744e91999362ad
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M tests/qtest/fuzz/generic_fuzz_configs.h
Log Message:
-----------
fuzz: refine the ide/ahci fuzzer configs
Disks work differently depending on the x86 machine type (SATA vs PATA).
Additionally, we should fuzz the atapi code paths, which might contain
vulnerabilities such as CVE-2020-29443. This patch adds hard-disk and
cdrom generic-fuzzer configs for both the pc (PATA) and q35 (SATA)
machine types.
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Acked-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Message-Id: <20210120152211.109782-1-alxndr@bu.edu>
Commit: 551258c15fea27fb364ebbe47418ea49d50ce59b
https://github.com/qemu/qemu/commit/551258c15fea27fb364ebbe47418ea49d50ce59b
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M docs/devel/fuzzing.rst
Log Message:
-----------
docs/fuzz: fix pre-meson path
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210117201014.271610-2-alxndr@bu.edu>
Commit: 89631ade26384a2d651d49cc5ed0226f8b9d38f6
https://github.com/qemu/qemu/commit/89631ade26384a2d651d49cc5ed0226f8b9d38f6
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M tests/qtest/fuzz/fuzz.c
Log Message:
-----------
fuzz: log the arguments used to initialize QEMU
This is useful for building reproducers. Instead checking the code or
the QEMU_FUZZ_ARGS, the arguments are at the top of the crash log.
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210117201014.271610-3-alxndr@bu.edu>
Commit: f862ee759ea45fbcb591c47df73dad054ccf72e5
https://github.com/qemu/qemu/commit/f862ee759ea45fbcb591c47df73dad054ccf72e5
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M tests/qtest/fuzz/generic_fuzz.c
M tests/qtest/fuzz/generic_fuzz_configs.h
Log Message:
-----------
fuzz: enable dynamic args for generic-fuzz configs
For some device configurations, it is useful to configure some
resources, and adjust QEMU arguments at runtime, prior to fuzzing. This
patch adds an "argfunc" to generic the generic_fuzz_config. When
specified, it is responsible for configuring the resources and returning
a string containing the corresponding QEMU arguments. This can be useful
for targets that rely on e.g.:
* a temporary qcow2 image
* a temporary directory
* an unused TCP port used to bind the VNC server
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210117230924.449676-2-alxndr@bu.edu>
Commit: a315b28c6a1c0d077adcd3d9d59df61f121e1a9d
https://github.com/qemu/qemu/commit/a315b28c6a1c0d077adcd3d9d59df61f121e1a9d
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M docs/devel/fuzzing.rst
Log Message:
-----------
docs/fuzz: add some information about OSS-Fuzz
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Message-Id: <20210117230924.449676-3-alxndr@bu.edu>
Commit: 25d079214464cc63bc5eb1c9aa8cc51231bc8d39
https://github.com/qemu/qemu/commit/25d079214464cc63bc5eb1c9aa8cc51231bc8d39
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M tests/qtest/fuzz/generic_fuzz_configs.h
Log Message:
-----------
fuzz: add virtio-9p configurations for fuzzing
virtio-9p devices are often used to expose a virtual-filesystem to the
guest. There have been some bugs reported in this device, such as
CVE-2018-19364, and CVE-2021-20181. We should fuzz this device
This patch adds two virtio-9p configurations:
* One with the widely used -fsdev local driver. This driver leaks some
state in the form of files/directories created in the shared dir.
* One with the synth driver. While it is not used in the real world, this
driver won't leak leak state between fuzz inputs.
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Message-Id: <20210117230924.449676-4-alxndr@bu.edu>
Commit: 2e5b286def63c336f9c480458d2daddcc3ad1303
https://github.com/qemu/qemu/commit/2e5b286def63c336f9c480458d2daddcc3ad1303
Author: Paolo Bonzini <pbonzini@redhat.com>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M target/i386/cpu.c
Log Message:
-----------
target/i386: do not set LM for 32-bit emulation "-cpu host/max"
32-bit targets by definition do not support long mode; therefore, the
bit must be masked in the features supported by the accelerator.
As a side effect, this avoids setting up the 0x80000008 CPUID leaf
for
qemu-system-i386 -cpu host
which since commit 5a140b255d ("x86/cpu: Use max host physical address
if -cpu max option is applied") would have printed this error:
qemu-system-i386: phys-bits should be between 32 and 36 (but is 48)
Reported-by: Nathan Chancellor <natechancellor@gmail.com>
Tested-by: Nathan Chancellor <natechancellor@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: c66b0d551accac8f6cb2cce9a272302a26d32aeb
https://github.com/qemu/qemu/commit/c66b0d551accac8f6cb2cce9a272302a26d32aeb
Author: Igor Mammedov <imammedo@redhat.com>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M backends/hostmem.c
M qemu-options.hx
Log Message:
-----------
machine: add missing doc for memory-backend option
Add documentation for '-machine memory-backend' CLI option and
how to use it.
And document that x-use-canonical-path-for-ramblock-id,
is considered to be stable to make sure it won't go away by accident.
x- was intended for unstable/iternal properties, and not supposed to
be stable option. However it's too late to rename (drop x-)
it as it would mean that users will have to mantain both
x-use-canonical-path-for-ramblock-id (for QEMU 5.0-5.2) versions
and prefix-less for later versions.
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20210121161504.1007247-1-imammedo@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 4761dd14fcf2edd5e4c35188e499fb82b70fca65
https://github.com/qemu/qemu/commit/4761dd14fcf2edd5e4c35188e499fb82b70fca65
Author: Paolo Bonzini <pbonzini@redhat.com>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M docs/devel/build-system.rst
M meson.build
Log Message:
-----------
meson: accept either shared or static libraries if --disable-static
Meson's "static" argument to cc.find_library is a tri-state. By default
Meson *prefers* a shared library, which basically means using -l to
look for it; instead, "static: false" *requires* a shared library. Of
course, "static: true" requires a static library, which is all good
for --enable-static builds.
For --disable-static, "static: false" is rarely desirable; it does not
match what the configure script used to do and the test is more complex
(and harder to debug if it fails, which was reported by Peter Lieven
for librbd).
Reported-by: Peter Lieven <pl@kamp.de>
Tested-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 1c9ad66ab18072126d4c301ca9bce1a6c33016d4
https://github.com/qemu/qemu/commit/1c9ad66ab18072126d4c301ca9bce1a6c33016d4
Author: Paolo Bonzini <pbonzini@redhat.com>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M meson.build
Log Message:
-----------
meson: honor --enable-rbd if cc.links test fails
If the link test failed, compilation proceeded with RBD disabled,
even if --enable-rbd was used on the configure command line.
Fix that.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: c007c7e10ef28d274b169f19a26920d5a293394a
https://github.com/qemu/qemu/commit/c007c7e10ef28d274b169f19a26920d5a293394a
Author: Wei Huang <wei.huang2@amd.com>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M target/i386/cpu.c
M target/i386/cpu.h
Log Message:
-----------
x86/cpu: Populate SVM CPUID feature bits
Newer AMD CPUs will add CPUID_0x8000000A_EDX[28] bit, which indicates
that SVM instructions (VMRUN/VMSAVE/VMLOAD) will trigger #VMEXIT before
CPU checking their EAX against reserved memory regions. This change will
allow the hypervisor to avoid intercepting #GP and emulating SVM
instructions. KVM turns on this CPUID bit for nested VMs. In order to
support it, let us populate this bit, along with other SVM feature bits,
in FEAT_SVM.
Signed-off-by: Wei Huang <wei.huang2@amd.com>
Message-Id: <20210126202456.589932-1-wei.huang2@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: efd0d109ac0be8631617756f9c2f46776c84b9ea
https://github.com/qemu/qemu/commit/efd0d109ac0be8631617756f9c2f46776c84b9ea
Author: Qiuhao Li <Qiuhao.Li@outlook.com>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M scripts/oss-fuzz/minimize_qtest_trace.py
Log Message:
-----------
fuzz: fix wrong index in clear_bits
Signed-off-by: Qiuhao Li <Qiuhao.Li@outlook.com>
Message-Id:
<SYCPR01MB3502E9F6EB06DEDCD484F738FCBA9@SYCPR01MB3502.ausprd01.prod.outlook.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: d5a900090f1741c30f60e70e53b39dec28fe9942
https://github.com/qemu/qemu/commit/d5a900090f1741c30f60e70e53b39dec28fe9942
Author: Stefan Reiter <s.reiter@proxmox.com>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M docs/meson.build
Log Message:
-----------
docs: don't install corresponding man page if guest agent is disabled
No sense outputting the qemu-ga and qemu-ga-ref man pages when the guest
agent binary itself is disabled. This mirrors behaviour from before the
meson switch.
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
Message-Id: <20210128145801.14384-1-s.reiter@proxmox.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: cff9ff9d1b041f2d98c0ea1c0b86df67430c698e
https://github.com/qemu/qemu/commit/cff9ff9d1b041f2d98c0ea1c0b86df67430c698e
Author: Maxim Levitsky <mlevitsk@redhat.com>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M hw/scsi/virtio-scsi-dataplane.c
Log Message:
-----------
virtio-scsi: don't uninitialize queues that we didn't initialize
Count number of queues that we initialized and only deinitialize these that we
initialized successfully.
Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
Message-Id: <20201217150040.906961-3-mlevitsk@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 9ffc7f0a8afc047f7dc6fd8238e320fd4d2b0b13
https://github.com/qemu/qemu/commit/9ffc7f0a8afc047f7dc6fd8238e320fd4d2b0b13
Author: Maxim Levitsky <mlevitsk@redhat.com>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M include/qemu/event_notifier.h
M util/event_notifier-posix.c
Log Message:
-----------
event_notifier: handle initialization failure better
Add 'initialized' field and use it to avoid touching event notifiers which are
either not initialized or if their initialization failed.
This is somewhat a hack, but it seems the less intrusive way to make
virtio code deal with event notifiers that failed initialization.
Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
Message-Id: <20201217150040.906961-4-mlevitsk@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 2ef6a9583b642f1c5eacc02765335f3861c760d4
https://github.com/qemu/qemu/commit/2ef6a9583b642f1c5eacc02765335f3861c760d4
Author: David Greenaway <dgreenaway@google.com>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M target/i386/tcg/translate.c
Log Message:
-----------
target/i386: Fix decoding of certain BMI instructions
This patch fixes a translation bug for a subset of x86 BMI instructions
such as the following:
c4 e2 f9 f7 c0 shlxq %rax, %rax, %rax
Currently, these incorrectly generate an undefined instruction exception
when SSE is disabled via CR4, while instructions like "shrxq" work fine.
The problem appears to be related to BMI instructions encoded using VEX
and with a mandatory prefix of "0x66" (data). Instructions with this
data prefix (such as shlxq) are currently rejected. Instructions with
other mandatory prefixes (such as shrxq) translate as expected.
This patch removes the incorrect check in "gen_sse" that causes the
exception to be generated. For the non-BMI cases, the check is
redundant: prefixes are already checked at line 3696.
Buglink: https://bugs.launchpad.net/qemu/+bug/1748296
Signed-off-by: David Greenaway <dgreenaway@google.com>
Message-Id: <20210114063958.1508050-1-dgreenaway@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: af79d72172a5a34f57fbe706daa1d8ce494e2e7b
https://github.com/qemu/qemu/commit/af79d72172a5a34f57fbe706daa1d8ce494e2e7b
Author: Paolo Bonzini <pbonzini@redhat.com>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M target/i386/cpu.c
M target/i386/cpu.h
M target/i386/helper.c
M target/i386/machine.c
M target/i386/tcg/excp_helper.c
M target/i386/tcg/misc_helper.c
Log Message:
-----------
target/i86: implement PKS
Protection Keys for Supervisor-mode pages is a simple extension of
the PKU feature that QEMU already implements. For supervisor-mode
pages, protection key restrictions come from a new MSR. The MSR
has no XSAVE state associated to it.
PKS is only respected in long mode. However, in principle it is
possible to set the MSR even outside long mode, and in fact
even the XSAVE state for PKRU could be set outside long mode
using XRSTOR. So do not limit the migration subsections for
PKRU and PKRS to long mode.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 183ebdf4f85e7ea4280d4870d78da5386b97eb7c
https://github.com/qemu/qemu/commit/183ebdf4f85e7ea4280d4870d78da5386b97eb7c
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M configure
Log Message:
-----------
configure: Fix --enable-tcg-interpreter
The configure option was backward, and we failed to
pass the value on to meson.
Fixes: 23a77b2d18b ("build-system: clean up TCG/TCI configury")
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210124211119.35563-1-richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Tested-by: Stefan Weil <sw@weilnetz.de>
Message-Id: <20210125144530.2837481-2-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: d38437dfdadfabf0e36a831807dde7dca21e37a6
https://github.com/qemu/qemu/commit/d38437dfdadfabf0e36a831807dde7dca21e37a6
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M configure
M meson_options.txt
Log Message:
-----------
configure: Improve TCI feature description
Users might want to enable all features, without realizing some
features have negative effect. Mention the TCI feature is slow
and experimental, hoping it will be selected knowingly.
Suggested-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20210125144530.2837481-3-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 9e78de9dbfd13eee3943b52f118daca9ae7ea836
https://github.com/qemu/qemu/commit/9e78de9dbfd13eee3943b52f118daca9ae7ea836
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M meson.build
Log Message:
-----------
meson: Explicit TCG backend used
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20210125144530.2837481-4-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 21188e914a9bc3079f0de9afb867c0a5f20a8a6f
https://github.com/qemu/qemu/commit/21188e914a9bc3079f0de9afb867c0a5f20a8a6f
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-02 (Tue, 02 Feb 2021)
Changed paths:
M meson.build
Log Message:
-----------
meson: Warn when TCI is selected but TCG backend is available
Some new users get confused with 'TCG' and 'TCI', and enable TCI
support expecting to enable TCG.
Emit a warning when native TCG backend is available on the
host architecture, mentioning this is a suboptimal configuration.
Reviewed-by: Thomas Huth <thuth@redhat.com>
Suggested-by: Daniel Berrangé <berrange@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20210125144530.2837481-5-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 0e21f0c988bd1cc76d9182f9e392865d1602bc63
https://github.com/qemu/qemu/commit/0e21f0c988bd1cc76d9182f9e392865d1602bc63
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M tests/meson.build
Log Message:
-----------
tests/meson: Only build softfloat objects if TCG is selected
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210122204441.2145197-3-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: cfd4a39369b632f895558d4ce8a898b295e4468e
https://github.com/qemu/qemu/commit/cfd4a39369b632f895558d4ce8a898b295e4468e
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M pc-bios/meson.build
Log Message:
-----------
pc-bios/meson: Only install EDK2 blob firmwares with system emulation
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210122204441.2145197-4-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 2cb56771c5550f98c9435dc7c79c5c7c2cd1b458
https://github.com/qemu/qemu/commit/2cb56771c5550f98c9435dc7c79c5c7c2cd1b458
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M meson.build
Log Message:
-----------
meson: Restrict block subsystem processing
Avoid generating module_block.h and block-gen.c if we are
not going to use them.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210122204441.2145197-6-philmd@redhat.com>
[Extend to nearby files and directories. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 2c60120ea520c5cfe99432c559bcb958206f756d
https://github.com/qemu/qemu/commit/2c60120ea520c5cfe99432c559bcb958206f756d
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M meson.build
Log Message:
-----------
meson: Merge trace_events_subdirs array
The trace_events_subdirs array is split in two different
locations, merge it as one.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Claudio Fontana <cfontana@suse.de>
Message-Id: <20210122204441.2145197-7-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 2f46cce2b3606f240a4461cf53bfd92965055be2
https://github.com/qemu/qemu/commit/2f46cce2b3606f240a4461cf53bfd92965055be2
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M meson.build
Log Message:
-----------
meson: Restrict some trace event directories to user/system emulation
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210122204441.2145197-8-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 1b3b827a6a47eacbd78798e325f0d9a638f67a09
https://github.com/qemu/qemu/commit/1b3b827a6a47eacbd78798e325f0d9a638f67a09
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M meson.build
Log Message:
-----------
meson: Restrict emulation code
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210122204441.2145197-9-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: f613d6f4356b7176b1f8b20e2a1044ddcbff0e27
https://github.com/qemu/qemu/commit/f613d6f4356b7176b1f8b20e2a1044ddcbff0e27
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M MAINTAINERS
M qapi/meson.build
M stubs/meson.build
A stubs/qdev.c
Log Message:
-----------
qapi/meson: Restrict qdev code to system-mode emulation
Beside a CPU device, user-mode emulation doesn't access
anything else from qdev subsystem.
Tools don't need anything from qdev.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210122204441.2145197-10-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 66de15d16bec60d4c78ab55882de7be2ee30181a
https://github.com/qemu/qemu/commit/66de15d16bec60d4c78ab55882de7be2ee30181a
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M qapi/meson.build
M tests/meson.build
Log Message:
-----------
qapi/meson: Remove QMP from user-mode emulation
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210122204441.2145197-11-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: c33ae384e8198a4744dff835be0bce4212aab34a
https://github.com/qemu/qemu/commit/c33ae384e8198a4744dff835be0bce4212aab34a
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M qapi/meson.build
Log Message:
-----------
qapi/meson: Restrict system-mode specific modules
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210122204441.2145197-12-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: ab0ade186b8ed18dd5370bed03f114fb50e2b2f0
https://github.com/qemu/qemu/commit/ab0ade186b8ed18dd5370bed03f114fb50e2b2f0
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M qapi/meson.build
Log Message:
-----------
qapi/meson: Restrict UI module to system emulation and tools
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210122204441.2145197-13-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 290c9dc5fa1038414cd0f31eb45ebe857c79767a
https://github.com/qemu/qemu/commit/290c9dc5fa1038414cd0f31eb45ebe857c79767a
Author: Alexander Graf <agraf@csgraf.de>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M target/i386/hvf/hvf.c
Log Message:
-----------
hvf: Fetch cr4 before evaluating CPUID(1)
The CPUID function 1 has a bit called OSXSAVE which tells user space the
status of the CR4.OSXSAVE bit. Our generic CPUID function injects that bit
based on the status of CR4.
With Hypervisor.framework, we do not synchronize full CPU state often enough
for this function to see the CR4 update before guest user space asks for it.
To be on the save side, let's just always synchronize it when we receive a
CPUID(1) request. That way we can set the bit with real confidence.
Reported-by: Asad Ali <asad@osaro.com>
Signed-off-by: Alexander Graf <agraf@csgraf.de>
Message-Id: <20210123004129.6364-1-agraf@csgraf.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: b47f35cb1988c34948f09bfdaa25a1028c27c08b
https://github.com/qemu/qemu/commit/b47f35cb1988c34948f09bfdaa25a1028c27c08b
Author: Thomas Huth <thuth@redhat.com>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M accel/kvm/kvm-all.c
Log Message:
-----------
accel/kvm/kvm-all: Fix wrong return code handling in dirty log code
The kvm_vm_ioctl() wrapper already returns -errno if the ioctl itself
returned -1, so the callers of kvm_vm_ioctl() should not check for -1
but for a value < 0 instead.
This problem has been fixed once already in commit b533f658a98325d0e4
but that commit missed that the ENOENT error code is not fatal for
this ioctl, so the commit has been reverted in commit 50212d6346f33d6e
since the problem occurred close to a pending release at that point
in time. The plan was to fix it properly after the release, but it
seems like this has been forgotten. So let's do it now finally instead.
Resolves: https://bugs.launchpad.net/qemu/+bug/1294227
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210129084354.42928-1-thuth@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: fc716dde44dcbe0296c220cbd49757a4e2a7124b
https://github.com/qemu/qemu/commit/fc716dde44dcbe0296c220cbd49757a4e2a7124b
Author: Pavel Dovgalyuk <pavel.dovgalyuk@ispras.ru>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M accel/tcg/tcg-cpus-icount.c
Log Message:
-----------
replay: fix replay of the interrupts
Sometimes interrupt event comes at the same time with
the virtual timers. In this case replay tries to proceed
the timers, because deadline for them is zero.
This patch allows processing interrupts and exceptions
by entering the vCPU execution loop, when deadline is zero,
but checkpoint associated with virtual timers is not ready
to be replayed.
Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgalyuk@ispras.ru>
Message-Id: <161216312794.2030770.1709657858900983160.stgit@pasha-ThinkPad-X280>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 4e1cd7b1d59727ae471bae95db4002739eda085b
https://github.com/qemu/qemu/commit/4e1cd7b1d59727ae471bae95db4002739eda085b
Author: Sergei Trofimovich <slyfox@gentoo.org>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M pc-bios/descriptors/meson.build
Log Message:
-----------
pc-bios/descriptors: fix paths in json files
Before the change /usr/share/qemu/firmware/50-edk2-x86_64-secure.json
contained the relative path:
"filename": "share/qemu/edk2-x86_64-secure-code.fd",
"filename": "share/qemu/edk2-i386-vars.fd",
After then change the paths are absolute:
"filename": "/usr/share/qemu/edk2-x86_64-secure-code.fd",
"filename": "/usr/share/qemu/edk2-i386-vars.fd",
The regression appeared in qemu-5.2.0 (seems to be related
to meson port).
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: "Marc-André Lureau" <marcandre.lureau@redhat.com>
CC: "Philippe Mathieu-Daudé" <philmd@redhat.com>
Bug: https://bugs.gentoo.org/766743
Bug: https://bugs.launchpad.net/qemu/+bug/1913012
Signed-off-by: Jannik Glückert <jannik.glueckert@gmail.com>
Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
Message-Id: <20210131143434.2513363-1-slyfox@gentoo.org>
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 3d1abb8e2db3f2bf3d30758a81fb33a9c27f305f
https://github.com/qemu/qemu/commit/3d1abb8e2db3f2bf3d30758a81fb33a9c27f305f
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2021-02-03 (Wed, 03 Feb 2021)
Changed paths:
M MAINTAINERS
M accel/kvm/kvm-all.c
M accel/tcg/tcg-cpus-icount.c
M backends/hostmem.c
M configure
M docs/devel/build-system.rst
M docs/devel/fuzzing.rst
M docs/meson.build
M hw/scsi/virtio-scsi-dataplane.c
M include/exec/memory.h
M include/exec/memory_ldst_cached.h.inc
M include/qemu/event_notifier.h
M memory_ldst.c.inc
M meson.build
M meson_options.txt
M pc-bios/descriptors/meson.build
M pc-bios/meson.build
M qapi/meson.build
M qemu-options.hx
M scripts/oss-fuzz/minimize_qtest_trace.py
M softmmu/memory.c
M softmmu/physmem.c
M stubs/meson.build
A stubs/qdev.c
M target/i386/cpu.c
M target/i386/cpu.h
M target/i386/helper.c
M target/i386/hvf/hvf.c
M target/i386/machine.c
M target/i386/tcg/excp_helper.c
M target/i386/tcg/misc_helper.c
M target/i386/tcg/translate.c
M tests/meson.build
M tests/qtest/fuzz/fuzz.c
M tests/qtest/fuzz/generic_fuzz.c
M tests/qtest/fuzz/generic_fuzz_configs.h
M util/event_notifier-posix.c
Log Message:
-----------
Merge remote-tracking branch 'remotes/bonzini-gitlab/tags/for-upstream' into
staging
* Fuzzing improvements (Qiuhao, Alexander)
* i386: Fix BMI decoding for instructions with the 0x66 prefix (David)
* initial attempt at fixing event_notifier emulation (Maxim)
* i386: PKS emulation, fix for "qemu-system-i386 -cpu host" (myself)
* meson: RBD test fixes (myself)
* meson: TCI warnings (Philippe)
* Leaner build for --disable-guest-agent, --disable-system and
--disable-tools (Philippe, Stefan)
* --enable-tcg-interpreter fix (Richard)
* i386: SVM feature bits (Wei)
* HVF bugfix (Alex)
* KVM bugfix (Thomas)
# gpg: Signature made Wed 03 Feb 2021 13:21:24 GMT
# gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg: issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* remotes/bonzini-gitlab/tags/for-upstream: (36 commits)
pc-bios/descriptors: fix paths in json files
replay: fix replay of the interrupts
accel/kvm/kvm-all: Fix wrong return code handling in dirty log code
hvf: Fetch cr4 before evaluating CPUID(1)
qapi/meson: Restrict UI module to system emulation and tools
qapi/meson: Restrict system-mode specific modules
qapi/meson: Remove QMP from user-mode emulation
qapi/meson: Restrict qdev code to system-mode emulation
meson: Restrict emulation code
meson: Restrict some trace event directories to user/system emulation
meson: Merge trace_events_subdirs array
meson: Restrict block subsystem processing
pc-bios/meson: Only install EDK2 blob firmwares with system emulation
tests/meson: Only build softfloat objects if TCG is selected
meson: Warn when TCI is selected but TCG backend is available
meson: Explicit TCG backend used
configure: Improve TCI feature description
configure: Fix --enable-tcg-interpreter
target/i86: implement PKS
target/i386: Fix decoding of certain BMI instructions
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Compare: https://github.com/qemu/qemu/compare/99ae0cd90d3e...3d1abb8e2db3
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] 96ccfd: fuzz: ignore address_space_map is_write flag,
Peter Maydell <=