git.maquefel.me Git - qemu.git/log

Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging

* Optional use of Meson wrap for slirp
* Coverity fixes
* Avoid -Werror=maybe-uninitialized
* Mark coroutine QMP command functions as coroutine_fn
* Mark functions that suspend as coroutine_mixed_fn
* target/i386: Fix SGX CPUID leaf
* First batch of qatomic_mb_read() removal
* Small atomic.rst improvement
* NBD cleanup
* Update libvirt-ci submodule

# -----BEGIN PGP SIGNATURE-----
#
# iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmRBAzwUHHBib256aW5p
# QHJlZGhhdC5jb20ACgkQv/vSX3jHroP64gf+NzLW95tylCfhKuuLq/TjuOTQqHCD
# KVLlA1I3pwJfk4SUuigrnaJtwfa/tBiWxfaivUdPAzPzeXyxcVSOps0neohrmFBh
# 2e3ylBWWz22K0gkLtrFwJT99TVy6w6Xhj9SX8HPRfxl4k8yMPrUJNW78hh6APAwq
# /etZY6+ieHC7cwG4xluhxsHnxnBYBYD+18hUd+b5LchD/yvCSCNNiursutpa0Ar/
# r/HtDwNFKlaApO3sU4R3yYgdS1Fvcas4tDZaumADsQlSG5z+UeJldc98LiRlFrAA
# gnskBSaaly/NgWqY3hVCYaBGyjD4lWPkX/FEChi0XX6Fl1P0umQAv/7z3w==
# =XSAs
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 20 Apr 2023 10:17:48 AM BST
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [undefined]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* tag 'for-upstream' of https://gitlab.com/bonzini/qemu: (25 commits)
  tests: lcitool: Switch to OpenSUSE Leap 15.4
  tests: libvirt-ci: Update to commit '2fa24dce8bc'
  configure: Honour cross-prefix when finding ObjC compiler
  coverity: unify Fedora dockerfiles
  nbd: a BlockExport always has a BlockBackend
  docs: explain effect of smp_read_barrier_depends() on modern architectures
  qemu-coroutine: remove qatomic_mb_read()
  postcopy-ram: do not use qatomic_mb_read
  block-backend: remove qatomic_mb_read()
  target/i386: Change wrong XFRM value in SGX CPUID leaf
  monitor: mark mixed functions that can suspend
  migration: mark mixed functions that can suspend
  io: mark mixed functions that can suspend
  qapi-gen: mark coroutine QMP command functions as coroutine_fn
  target/mips: tcg: detect out-of-bounds accesses to cpu_gpr and cpu_gpr_hi
  coverity: update COMPONENTS.md
  lasi: fix RTC migration
  target/i386: Avoid unreachable variable declaration in mmu_translate()
  configure: Avoid -Werror=maybe-uninitialized
  tests: bios-tables-test: replace memset with initializer
  ...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Merge tag 'pull-tpm-2023-04-20-1' of https://github.com/stefanberger/qemu-tpm into staging

Merge tpm 2023/04/20 v1

# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCAAdFiEEuBi5yt+QicLVzsZrda1lgCoLQhEFAmRBLgoACgkQda1lgCoL
# QhEPyQf/WfEg8k2hDLExobsSgup1IsnT+mHHTBOZVJvq2efg2YXUTHA56fmD9X6d
# crqTq68L5oaMES5iYEZhA7EAgfk3RvxDQGrlXBByPzrc6SSwEHHMR4Zzi5zrbCoW
# t6TmaKQrlQqYwkhhsbyqnG46bj0ugCDagkBLfJdVl96fjkYgTspcDxaNwqwy/DPn
# GTmQlvdRY09D1nylIdtcLBIfsM+sIkRslyngbUEIy+Bx8EWRy2a8Qw0BdY9g1XoE
# e0CaRaFMpju1KOIjq0YSIzt0LSQDFfPc1IlUAC0ZALhNmp+PPNtr4E7+4kFfO2ym
# 1sT2w25ho8dYDdm/m8tIauCdGoHw4A==
# =ML27
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 20 Apr 2023 01:20:26 PM BST
# gpg:                using RSA key B818B9CADF9089C2D5CEC66B75AD65802A0B4211
# gpg: Good signature from "Stefan Berger <stefanb@linux.vnet.ibm.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: B818 B9CA DF90 89C2 D5CE  C66B 75AD 6580 2A0B 4211

* tag 'pull-tpm-2023-04-20-1' of https://github.com/stefanberger/qemu-tpm:
  qtest: Add a test case for TPM TIS I2C connected to Aspeed I2C controller
  qtest: Move tpm_util_tis_transmit() into tpm-tis-utils.c and rename it
  qtest: Add functions for accessing devices on Aspeed I2C controller
  tests/avocado/aspeed: Add TPM TIS I2C test
  tpm: Add support for TPM device over I2C bus
  tpm: Extend common APIs to support TPM TIS I2C
  docs: Add support for TPM devices over I2C bus

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Merge tag 'pull-request-2023-04-20' of https://gitlab.com/thuth/qemu into staging

* Compat machines for version 8.1
* Allow setting a chardev input file on the command line
* Fix .travis.yml to work with non-public Travis instances, too
* Move a lot of code from specifc_ss into softmmu_ss
* Add a test case for TPM TIS I2C connected to Aspeed I2C controller
* Update tests/vm/freebsd to version 13
* Some more misc minor fixes here and there

# -----BEGIN PGP SIGNATURE-----
#
# iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmRBDtMRHHRodXRoQHJl
# ZGhhdC5jb20ACgkQLtnXdP5wLbXfjw//UYytlyZsDOLAMfFNGQViMmVf29KbrDRe
# doDh4Nl1oZLNKm9C5XlQExhsRbLm6Hi9nyQvSCJs4CvZ1jBY6U7GfgMNIaozXWb3
# 4gQyJb9ACe/z8bQmPUVF2sdW1QZ9zpf8LWpCOTGUZiI2Tevzkz7b/F5ZxiQiseG6
# dXe8UIwdZhG4jz2+6viqjHiGlKoBkegGYoJthcwnR07aRz2woiNr7rKRiJEiv2G7
# UfMVB96uLkpEhaDoohz440/rjviazO1nt6HDvgEajXT1X5P/8phT9IvT7olAZXZH
# R2Qm6YyYcSWavoPms3AryAWG8FjomcyBjuebfAVW5/x+fl/401sn9quBMoZrYPEX
# dfzF64vVokdXNQEH6+qc95PdB6/+d0CZPY8ilMRtAttf2sMw7IgqhG3zDLbj9t6R
# dns2/DY9zu2pp07IEAXn/iVbW4rl2HADUQncr6B/cPy++lYiFvv7LX8OE+YWOsk0
# gvxzYx6rRhr5j7xT1sP30pLwsG3mX7qRDfba1Bt19CzSbu7UGN+w+S1xclgZDoqE
# 0AZIeVUuqqNTEoBLoa2xHUDGs9NjeI2+qIh0R5csS/bqDscLXj0cOluvJO48n4Rt
# +SGQSCSmU/lxn6EbBz4tw3orlp0clBH9fEaSg9lYxuUTYvQOpdYS7u4d63VQFvzp
# dwQ9LRDFNsA=
# =8ZFL
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 20 Apr 2023 11:07:15 AM BST
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg:                issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [undefined]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [undefined]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* tag 'pull-request-2023-04-20' of https://gitlab.com/thuth/qemu: (23 commits)
  tests/vm/freebsd: Update to FreeBSD 13.2
  qtest: Add a test case for TPM TIS I2C connected to Aspeed I2C controller
  qtest: Move tpm_util_tis_transmit() into tpm-tis-utils.c and rename it
  qtest: Add functions for accessing devices on Aspeed I2C controller
  MAINTAINERS: Add Juan Quintela to developer guides review
  cpu: Remove parameter of list_cpus()
  hw/core: Move numa.c into the target independent source set
  softmmu: Move dirtylimit.c into the target independent source set
  hw/display: Compile vga.c as target-independent code
  softmmu: Make qtest.c target independent
  include/exec: Provide the tswap() functions for target independent code, too
  softmmu/qtest: Move the target-specific pseries RTAS code out of qtest.c
  hw/char: Move two more files from specific_ss to softmmu_ss
  target/i386: Set family/model/stepping of the "max" CPU according to LM bit
  tests/migration: Only run auto_converge in slow mode
  travis.yml: Add missing 'flex', 'bison' packages to 'GCC (user)' job
  travis.yml: Add missing clang-10 package to the 'Clang (disable-tcg)' job
  chardev: Allow setting file chardev input file on the command line
  qtest: Don't assert on "-qtest chardev:myid"
  test: Fix test-crypto-secret when compiling without keyring support
  ...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Merge tag 'pull-target-arm-20230420' of https://git.linaro.org/people/pmaydell/qemu-arm into staging

target-arm queue:
* hw/arm: Fix some typos in comments (most found by codespell)
* exynos: Fix out-of-bounds access in exynos4210_gcomp_find debug printf
* Orangepi-PC, Cubieboard: add Allwinner WDT watchdog emulation
* tests/avocado: Add reboot tests to Cubieboard
* hw/timer/imx_epit: Fix bugs in timer limit checking
* target/arm: Remove KVM AArch32 CPU definitions
* hw/arm/virt: Restrict Cortex-A7 check to TCG
* target/arm: Initialize debug capabilities only once
* target/arm: Implement FEAT_PAN3
* docs/devel/kconfig.rst: Fix incorrect markup
* target/arm: Report pauth information to gdb as 'pauth_v2'
* mcimxd7-sabre, mcimx6ul-evk: Correctly model the way the PHY
   on the second ethernet device must be configured via the
   first one

# -----BEGIN PGP SIGNATURE-----
#
# iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmRBDfkZHHBldGVyLm1h
# eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3rtLD/93hJ+CEUnATXx7Ic7g0EvN
# eXIMsgd80pd1gn4PKzP9lol6I40VDuozs9mb9jP6+Hc0tEoOua4KlIvyMlYy4wSx
# eJBqt/gx/N/V+jwVG8seY+ifLIzECMLMOQIRQqQoVk+scENuiJIXcJRH5A1eUWNb
# iV0QfJa1gQrKyyIG9vNfZ+cS+xy0bl0E9FlZ0ty3zeh0xBaMhUqnpraTVLISWelP
# OEovcIBEzvD/ngj+7F/xKBGgtSTZ1FuN5p/oOFDCH2Fihe2+wuw7B3Rc1SbHLG7n
# Wr4JZozdPbnudhrZgn+1A9SCFhH+B8k/QlKY2Qc+w+GrnC0JpJAmqtaF2aIaepPo
# kfbTUshDstIZ7MnCeAa+SWn2Exgrsn0Gv9nWdOrPgrvo0bqK6ceAhchi5nFmkkaJ
# MOy+Xx5GIAE91418wR8C2TlrTl58A81s15AYY1D7nZ0GeuZV5io7wPIAOWa14rOQ
# RdvQ/0rcZ+IkOFXz5Zj/L/Y/W4BpDyfuUVzLAah56zYkuV4im2cLt3YAOMFYZjjO
# 6W1sdbAcuA5QFmO4v5VmcTU8t/B423QzcnssE6sbM0nazMh/i6kjzvJUhdJTQmi+
# lKjIe+MHutTgrbjrwemjiafk3dOpFpKtso/4C/dhP2UfDIcKuGXNpSYxCvoknO2j
# TWvxRvir/PC7gzUzA4CrwQ==
# =YUUL
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 20 Apr 2023 11:03:37 AM BST
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [full]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [full]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [full]

* tag 'pull-target-arm-20230420' of https://git.linaro.org/people/pmaydell/qemu-arm: (21 commits)
  arm/mcimx7d-sabre: Set fec2-phy-connected property to false
  fsl-imx7: Add fec[12]-phy-connected properties
  arm/mcimx6ul-evk: Set fec1-phy-connected property to false
  fsl-imx6ul: Add fec[12]-phy-connected properties
  hw/net/imx_fec: Support two Ethernet interfaces connected to single MDIO bus
  target/arm: Report pauth information to gdb as 'pauth_v2'
  docs/devel/kconfig.rst: Fix incorrect markup
  target/arm: Implement FEAT_PAN3
  target/arm: Don't set ISV when reporting stage 1 faults in ESR_EL2
  target/arm: Pass ARMMMUFaultInfo to merge_syn_data_abort()
  target/arm: Initialize debug capabilities only once
  hw/arm/virt: Restrict Cortex-A7 check to TCG
  target/arm: Remove KVM AArch32 CPU definitions
  hw/timer/imx_epit: fix limit check
  hw/timer/imx_epit: don't shadow variable
  tests/avocado: Add reboot tests to Cubieboard
  hw/arm: Add WDT to Allwinner-H3 and Orangepi-PC
  hw/arm: Add WDT to Allwinner-A10 and Cubieboard
  hw/watchdog: Allwinner WDT emulation for system reset
  exynos: Fix out-of-bounds access in exynos4210_gcomp_find debug printf
  ...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

qtest: Add a test case for TPM TIS I2C connected to Aspeed I2C controller

Add a test case for the TPM TIS I2C device exercising most of its
functionality, including localities.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Tested-by: Cédric Le Goater <clg@kaod.org>
Tested-by: Ninad Palsule<ninad@linux.ibm.com>
Message-id: 20230331173051.3857801-4-stefanb@linux.ibm.com

qtest: Move tpm_util_tis_transmit() into tpm-tis-utils.c and rename it

To be able to remove tpm_tis_base_addr from test cases that do not really
need it move the tpm_util_tis_transmit() function into tpm-tis-utils.c and
rename it to tpm_tis_transmit().

Fix a locality parameter in a test case on the way.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Ninad Palsule <ninad@linux.ibm.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-id: 20230331173051.3857801-3-stefanb@linux.ibm.com

qtest: Add functions for accessing devices on Aspeed I2C controller

Add read and write functions for accessing registers of I2C devices
connected to the Aspeed I2C controller.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Ninad Palsule <ninad@linux.ibm.com>
Acked-by: Thomas Huth <thuth@redhat.com>
Message-id: 20230331173051.3857801-2-stefanb@linux.ibm.com

tests/avocado/aspeed: Add TPM TIS I2C test

Add a new buildroot image based test that attaches a TPM emulator to the
I2C bus and checks for a known PCR0 value for the image that was booted.

Note that this does not tear down swtpm process when qemu execution fails.
The swtpm process will exit when qemu exits if a connection has been
made, but if the test errors before connection then the swtpm process
will still be around.

Signed-off-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Ninad Palsule <ninad@linux.ibm.com>
Message-id: 20230328120844.190914-1-joel@jms.id.au

tpm: Add support for TPM device over I2C bus

Qemu already supports devices attached to ISA and sysbus. This drop adds
support for the I2C bus attached TPM devices. I2C model only supports
TPM2 protocol.

This commit includes changes for the common code.
- Added I2C emulation model. Logic was added in the model to temporarily
  cache the data as I2C interface works per byte basis.
- New tpm type "tpm-tis-i2c" added for I2C support. The user has to
  provide this string on command line.

Testing:
  TPM I2C device module is tested using SWTPM (software based TPM
  package). Qemu uses the rainier machine and is connected to swtpm over
  the socket interface.

  The command to start swtpm is as follows:
  $ swtpm socket --tpmstate dir=/tmp/mytpm1    \
                 --ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock  \
                 --tpm2 --log level=100

  The command to start qemu is as follows:
  $ qemu-system-arm -M rainier-bmc -nographic \
            -kernel ${IMAGEPATH}/fitImage-linux.bin \
            -dtb ${IMAGEPATH}/aspeed-bmc-ibm-rainier.dtb \
            -initrd ${IMAGEPATH}/obmc-phosphor-initramfs.rootfs.cpio.xz \
            -drive file=${IMAGEPATH}/obmc-phosphor-image.rootfs.wic.qcow2,if=sd,index=2 \
            -net nic -net user,hostfwd=:127.0.0.1:2222-:22,hostfwd=:127.0.0.1:2443-:443 \
            -chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
            -tpmdev emulator,id=tpm0,chardev=chrtpm \
            -device tpm-tis-i2c,tpmdev=tpm0,bus=aspeed.i2c.bus.12,address=0x2e

Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Tested-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Tested-by: Joel Stanley <joel@jms.id.au>
Message-id: 20230414220754.1191476-4-ninadpalsule@us.ibm.com

tpm: Extend common APIs to support TPM TIS I2C

Qemu already supports devices attached to ISA and sysbus. This drop adds
support for the I2C bus attached TPM devices.

This commit includes changes for the common code.
- Added support for the new checksum registers which are required for
  the I2C support. The checksum calculation is handled in the qemu
  common code.
- Added wrapper function for read and write data so that I2C code can
  call it without MMIO interface.

The TPM TIS I2C spec describes in the table in section "Interface Locality
Usage per Register" that the TPM_INT_ENABLE and TPM_INT_STATUS registers
must be writable for any locality even if the locality is not the active
locality. Therefore, remove the checks whether the writing locality is the
active locality for these registers.

Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Tested-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Tested-by: Joel Stanley <joel@jms.id.au>
Message-id: 20230414220754.1191476-3-ninadpalsule@us.ibm.com

docs: Add support for TPM devices over I2C bus

This is a documentation change for I2C TPM device support.

Qemu already supports devices attached to ISA and sysbus.
This drop adds support for the I2C bus attached TPM devices.

Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Message-id: 20230414220754.1191476-2-ninadpalsule@us.ibm.com

arm/mcimx7d-sabre: Set fec2-phy-connected property to false

On mcimx7d-sabre, the MDIO bus is connected to the first Ethernet
interface. Set fec2-phy-connected to false to reflect this.

Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Message-id: 20230315145248.1639364-6-linux@roeck-us.net
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

fsl-imx7: Add fec[12]-phy-connected properties

Add fec[12]-phy-connected properties and use it to set phy-connected
and phy-consumer properties for imx_fec.

Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Message-id: 20230315145248.1639364-5-linux@roeck-us.net
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

arm/mcimx6ul-evk: Set fec1-phy-connected property to false

On mcimx6ul-evk, the MDIO bus is connected to the second Ethernet
interface. Set fec1-phy-connected to false to reflect this.

Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Message-id: 20230315145248.1639364-4-linux@roeck-us.net
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

fsl-imx6ul: Add fec[12]-phy-connected properties

Add fec[12]-phy-connected properties and use it to set phy-connected
and phy-consumer properties for imx_fec.

Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Message-id: 20230315145248.1639364-3-linux@roeck-us.net
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

tests/vm/freebsd: Update to FreeBSD 13.2

According to QEMU's support policy, we stop supporting the previous
major release two years after the the new major release has been
published. So we can stop testing FreeBSD 12 now and should switch
our FreeBSD VM to version 13 instead.

Some changes are needed for this update: The downloadable .ISO images
do not use the serial port as console by default anymore, so they
are not usable in the same way as with FreeBSD 12. Fortunately, the
FreeBSD project now also offers some pre-installed CI images that
have the serial console enabled, so we can use those now, with the
benefit that we can skip almost all parts of the previous installation
process.

Message-Id: <20230419144553.719749-1-thuth@redhat.com>
Reviewed-by: Warner Losh <imp@bsdimp.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>

hw/net/imx_fec: Support two Ethernet interfaces connected to single MDIO bus

The SOC on i.MX6UL and i.MX7 has 2 Ethernet interfaces. The PHY on each may
be connected to separate MDIO busses, or both may be connected on the same
MDIO bus using different PHY addresses. Commit 461c51ad4275 ("Add a phy-num
property to the i.MX FEC emulator") added support for specifying PHY
addresses, but it did not provide support for linking the second PHY on
a given MDIO bus to the other Ethernet interface.

To be able to support two PHY instances on a single MDIO bus, two properties
are needed: First, there needs to be a flag indicating if the MDIO bus on
a given Ethernet interface is connected. If not, attempts to read from this
bus must always return 0xffff. Implement this property as phy-connected.
Second, if the MDIO bus on an interface is active, it needs a link to the
consumer interface to be able to provide PHY access for it. Implement this
property as phy-consumer.

Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Message-id: 20230315145248.1639364-2-linux@roeck-us.net
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

qtest: Add a test case for TPM TIS I2C connected to Aspeed I2C controller

Add a test case for the TPM TIS I2C device exercising most of its
functionality, including localities.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Tested-by: Cédric Le Goater <clg@kaod.org>
Tested-by: Ninad Palsule<ninad@linux.ibm.com>
Message-Id: <20230331173051.3857801-4-stefanb@linux.ibm.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>

qtest: Move tpm_util_tis_transmit() into tpm-tis-utils.c and rename it

To be able to remove tpm_tis_base_addr from test cases that do not really
need it move the tpm_util_tis_transmit() function into tpm-tis-utils.c and
rename it to tpm_tis_transmit().

Fix a locality parameter in a test case on the way.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Ninad Palsule <ninad@linux.ibm.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20230331173051.3857801-3-stefanb@linux.ibm.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>

qtest: Add functions for accessing devices on Aspeed I2C controller

Add read and write functions for accessing registers of I2C devices
connected to the Aspeed I2C controller.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Ninad Palsule <ninad@linux.ibm.com>
Message-Id: <20230331173051.3857801-2-stefanb@linux.ibm.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>

MAINTAINERS: Add Juan Quintela to developer guides review

Signed-off-by: Juan Quintela <quintela@redhat.com>
Message-Id: <20230419163457.17175-1-quintela@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>

cpu: Remove parameter of list_cpus()

The "optarg" parameter is completely unused, so let's drop it.

Message-Id: <20230419124831.678079-1-thuth@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>

hw/core: Move numa.c into the target independent source set

There is nothing that depends on target specific macros in this
file, so we can move it to the common source set to avoid that
we have to compile this file multiple times (one time for each
target).

Message-Id: <20230413182636.139356-1-thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>

softmmu: Move dirtylimit.c into the target independent source set

dirtylimit.c just uses one TARGET_PAGE_SIZE macro - change it to
qemu_target_page_size() so we can move thefile into the target
independent source set. Then we only have to compile this file
once during the build instead of multiple times (one time for
each target).

Message-Id: <20230413054509.54421-1-thuth@redhat.com>
Reviewed-by: Fabiano Rosas <farosas@suse.de>
Signed-off-by: Thomas Huth <thuth@redhat.com>

hw/display: Compile vga.c as target-independent code

The target checks here are only during the initialization, so they
are not performance critical. We can switch these to runtime checks
to avoid that we have to compile this file multiple times during
the build, and make the code ready for an universal build one day.

Message-Id: <20230412163501.36770-1-thuth@redhat.com>
Reviewed-by: Fabiano Rosas <farosas@suse.de>
Signed-off-by: Thomas Huth <thuth@redhat.com>

softmmu: Make qtest.c target independent

The code in this file is not performance critical, so we can use
the target independent endianess functions to only compile this
file once for all targets.

Message-Id: <20230411183418.1640500-4-thuth@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>

include/exec: Provide the tswap() functions for target independent code, too

In some cases of target independent code, it would be useful to have access
to the functions that swap endianess in case it differs between guest and
host. Thus re-implement the tswapXX() functions in a new header that can be
included separately. The check whether the swapping is needed continues to
be done at compile-time for target specific code, while it is done at
run-time in target-independent code.

Message-Id: <20230411183418.1640500-3-thuth@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>

softmmu/qtest: Move the target-specific pseries RTAS code out of qtest.c

Ideally, qtest.c should be independent from target specific code, so
we only have to compile it once for all targets. Thus start improving
the situation by moving the pseries related code to hw/ppc/spapr_rtas.c
instead and allow target code to register a callback handler for such
target specific commands.

Message-Id: <20230411183418.1640500-2-thuth@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>

hw/char: Move two more files from specific_ss to softmmu_ss

The code for these two devices seems to be independent from any
target specific macros. "riscv_htif.c" is used for both, riscv32 and
riscv64, so by moving this to the common code source set, we can
avoid to compile it twice every time.
"goldfish_tty.c" is only used for one target at the moment, but
since it is a paravirtualized device, it could get useful for other
targets one day, so let's move it now, too.

Message-Id: <20230411173206.1511621-1-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>

target/i386: Set family/model/stepping of the "max" CPU according to LM bit

We want to get rid of the "#ifdef TARGET_X86_64" compile-time switch
in the long run, so we can drop the separate compilation of the
"qemu-system-i386" binary one day - but we then still need a way to
run a guest with max. CPU settings in 32-bit mode. So the "max" CPU
should determine its family/model/stepping settings according to the
"large mode" (LM) CPU feature bit during runtime, so that it is
possible to run "qemu-system-x86_64 -cpu max,lm=off" and still get
a sane family/model/stepping setting for the guest CPU.

To be able to check the LM bit, we have to move the code that sets
up these properties to a "realize" function, since the LM setting is
not available yet when the "instance_init" function is being called.

Message-Id: <20230306154311.476458-1-thuth@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>

tests/migration: Only run auto_converge in slow mode

Signed-off-by: Juan Quintela <quintela@redhat.com>
Message-Id: <20230412142001.16501-3-quintela@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>

travis.yml: Add missing 'flex', 'bison' packages to 'GCC (user)' job

Since commit fd8171fe52b5e("target/hexagon: import lexer for idef-parser") the
hexagon target uses 'flex', 'bison' to generate idef-parser. However default
travis builder image for 'focal' may not have these pre-installed, consequently
following error is seen with travis when trying to execute the 'GCC (user)' job
that also tries to build hexagon user binary:

<snip>
export CONFIG="--disable-containers --disable-system"
<snip>
Program flex found: NO

../target/hexagon/meson.build:179:4: ERROR: Program 'flex' not found or not
executable
<snip>

Fix this by explicitly add 'flex' and 'bison' to the list of addon apt-packages
for the 'GCC (user)' job.

Signed-off-by: Vaibhav Jain <vaibhav@linux.ibm.com>
Message-Id: <20230417162354.186678-1-vaibhav@linux.ibm.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>

target/arm: Report pauth information to gdb as 'pauth_v2'

So that we can avoid the "older gdb crashes" problem described in
commit 5787d17a42f7af4 and which caused us to disable reporting pauth
information via the gdbstub, newer gdb is going to implement support
for recognizing the pauth information via a new feature name:
org.gnu.gdb.aarch64.pauth_v2

Older gdb won't recognize this feature name, so we can re-enable the
pauth support under the new name without risking them crashing.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20230406150827.3322670-1-peter.maydell@linaro.org

docs/devel/kconfig.rst: Fix incorrect markup

In rST markup syntax, the inline markup (*italics*, **bold** and
``monospaced``) must be separated from the surrending text by
non-word characters, otherwise it is not interpreted as markup.
To force interpretation as markup in the middle of a word,
you need to use a backslash-escaped space (which will not
appear as a space in the output).

Fix a missing backslash-space in this file, which meant that the ``
after "select" was output literally and the monospacing was
incorrectly extended all the way to the end of the next monospaced
word.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230411105424.3994585-1-peter.maydell@linaro.org

target/arm: Implement FEAT_PAN3

FEAT_PAN3 adds an EPAN bit to SCTLR_EL1 and SCTLR_EL2, which allows
the PAN bit to make memory non-privileged-read/write if it is
user-executable as well as if it is user-read/write.

Implement this feature and enable it in the AArch64 'max' CPU.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20230331145045.2584941-4-peter.maydell@linaro.org

target/arm: Don't set ISV when reporting stage 1 faults in ESR_EL2

The syndrome value reported to ESR_EL2 should only contain the
detailed instruction syndrome information when the fault has been
caused by a stage 2 abort, not when the fault was a stage 1 abort
(i.e. caused by execution at EL2). We were getting this wrong and
reporting the detailed ISV information all the time.

Fix the bug by checking fi->stage2. Add a TODO comment noting the
cases where we'll have to come back and revisit this when we
implement FEAT_LS64 and friends.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20230331145045.2584941-3-peter.maydell@linaro.org

target/arm: Pass ARMMMUFaultInfo to merge_syn_data_abort()

We already pass merge_syn_data_abort() two fields from the
ARMMMUFaultInfo struct, and we're about to want to use a third field.
Refactor to just pass a pointer to the fault info.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230331145045.2584941-2-peter.maydell@linaro.org

target/arm: Initialize debug capabilities only once

kvm_arm_init_debug() used to be called several times on a SMP system as
kvm_arch_init_vcpu() calls it. Move the call to kvm_arch_init() to make
sure it will be called only once; otherwise it will overwrite pointers
to memory allocated with the previous call and leak it.

Fixes: e4482ab7e3 ("target-arm: kvm - add support for HW assisted debug")
Suggested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Akihiko Odaki <akihiko.odaki@daynix.com>
Message-id: 20230405153644.25300-1-akihiko.odaki@daynix.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

hw/arm/virt: Restrict Cortex-A7 check to TCG

The Cortex-A7 core is only available when TCG is enabled (see
commit 80485d88f9 "target/arm: Restrict v7A TCG cpus to TCG accel").

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20230405100848.76145-3-philmd@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

target/arm: Remove KVM AArch32 CPU definitions

Missed in commit 80485d88f9 ("target/arm: Restrict
v7A TCG cpus to TCG accel").

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20230405100848.76145-2-philmd@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

hw/timer/imx_epit: fix limit check

Fix the limit check. If the limit is less than the compare value,
the timer can never reach this value, thus it will never fire.

Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1491
Signed-off-by: Axel Heider <axel.heider@hensoldt.net>
Message-id: 168070611775.20412.2883242077302841473-2@git.sr.ht
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

hw/timer/imx_epit: don't shadow variable

Fix issue reported by Coverity.

Signed-off-by: Axel Heider <axel.heider@hensoldt.net>
Message-id: 168070611775.20412.2883242077302841473-1@git.sr.ht
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

tests/avocado: Add reboot tests to Cubieboard

Cubieboard tests end with comment "reboot not functioning; omit test".
Fix this so reboot is done at the end of each test.

Signed-off-by: Strahinja Jankovic <strahinja.p.jankovic@gmail.com>
Reviewed-by: Niek Linnenbank <nieklinnenbank@gmail.com>
Tested-by: Niek Linnenbank <nieklinnenbank@gmail.com>
Message-id: 20230326202256.22980-5-strahinja.p.jankovic@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

hw/arm: Add WDT to Allwinner-H3 and Orangepi-PC

This patch adds WDT to Allwinner-H3 and Orangepi-PC.
WDT is added as an overlay to the Timer module memory area.

Signed-off-by: Strahinja Jankovic <strahinja.p.jankovic@gmail.com>
Reviewed-by: Niek Linnenbank <nieklinnenbank@gmail.com>
Message-id: 20230326202256.22980-4-strahinja.p.jankovic@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

hw/arm: Add WDT to Allwinner-A10 and Cubieboard

This patch adds WDT to Allwinner-A10 and Cubieboard.
WDT is added as an overlay to the Timer module memory map.

Signed-off-by: Strahinja Jankovic <strahinja.p.jankovic@gmail.com>
Reviewed-by: Niek Linnenbank <nieklinnenbank@gmail.com>
Message-id: 20230326202256.22980-3-strahinja.p.jankovic@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

hw/watchdog: Allwinner WDT emulation for system reset

This patch adds basic support for Allwinner WDT.
Both sun4i and sun6i variants are supported.
However, interrupt generation is not supported, so WDT can be used only to trigger system reset.

Signed-off-by: Strahinja Jankovic <strahinja.p.jankovic@gmail.com>
Reviewed-by: Niek Linnenbank <nieklinnenbank@gmail.com>
Tested-by: Niek Linnenbank <nieklinnenbank@gmail.com>
Message-id: 20230326202256.22980-2-strahinja.p.jankovic@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

exynos: Fix out-of-bounds access in exynos4210_gcomp_find debug printf

One of the debug printfs in exynos4210_gcomp_find() will
access outside the 's->g_timer.reg.comp[]' array if there
was no active comparator and 'res' is -1. Add a conditional
to avoid this.

This doesn't happen in normal use because the debug printfs
are by default not compiled in.

Signed-off-by: Feng Jiang <jiangfeng@kylinos.cn>
Message-id: 20230404074506.112615-1-jiangfeng@kylinos.cn
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: Adjusted commit message to clarify that the overrun
only happens if you've enabled debug printfs]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

hw/arm: Fix some typos in comments (most found by codespell)

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230409200526.1156456-1-sw@weilnetz.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

tests: lcitool: Switch to OpenSUSE Leap 15.4

Since OpenSUSE Leap 15 counts as a single major release of an LTS distribution,
lcitool has changed the target name to remove the minor version. Adjust the
mappings and refresh script.

This also updates the dockerfile to 15.4, since the 15.3 version is EOL now:

https://get.opensuse.org/leap/15.3

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <a408b7f241ac59e5944db6ae2360a792305c36e0.1681735482.git.pkrempa@redhat.com>
[Adjust for target name change and reword commit message. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

tests: libvirt-ci: Update to commit '2fa24dce8bc'

Update to commit which has fixes needed for OpenSUSE 15.4 and
re-generate output files.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Message-Id: <bd11b5954d3dd1e989699370af2b9e2e0c77194a.1681735482.git.pkrempa@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

configure: Honour cross-prefix when finding ObjC compiler

Currently when configure picks an ObjectiveC compiler it doesn't pay
attention to the cross-prefix. This isn't a big deal in practice,
because we only use ObjC on macos and you can't cross-compile to
macos. But it's a bit inconsistent.

Rearrange the handling of objcc in configure so that we do the
same thing that we do with cc and cxx. This means that the logic
for picking the ObjC compiler goes from:
if --objcc is specified, use that
otherwise if clang is available, use that
otherwise use $cc
to:
if --objcc is specified, use that
otherwise if --cross-prefix is specified, use ${cross_prefix}clang
otherwise if clang is available, use that
otherwise use $cc

Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1185
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20230418161554.744834-1-peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

coverity: unify Fedora dockerfiles

The Fedora CI and coverity runs are using a slightly different set of
packages. Copy most of the content over from tests/docker while
keeping the commands at the end that unpack the tools.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20230331174844.376300-1-pbonzini@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

nbd: a BlockExport always has a BlockBackend

exp->common.blk cannot be NULL, nbd_export_delete() is only called (through
a bottom half) from blk_exp_unref() and in turn that can only happen
after blk_exp_add() has asserted exp->blk != NULL.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

docs: explain effect of smp_read_barrier_depends() on modern architectures

The documentation for smp_read_barrier_depends() does not mention the architectures
for which it is an optimization, for example ARM and PPC. As a result, it is not
clear to the reader why one would use it. Relegate Alpha to a footnote together
with other architectures where it is equivalent to smp_rmb().

Suggested-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

qemu-coroutine: remove qatomic_mb_read()

Replace with an explicit barrier and a comment.

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

postcopy-ram: do not use qatomic_mb_read

It does not even pair with a qatomic_mb_set(), so it is clearer to use
load-acquire in this case; they are synonyms.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

block-backend: remove qatomic_mb_read()

There is already a barrier in AIO_WAIT_WHILE_INTERNAL(), thus the
qatomic_mb_read() is not adding anything.

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

target/i386: Change wrong XFRM value in SGX CPUID leaf

The previous patch wrongly replaced FEAT_XSAVE_XCR0_{LO|HI} with
FEAT_XSAVE_XSS_{LO|HI} in CPUID(EAX=12,ECX=1):{ECX,EDX}. As a result,
SGX enclaves only supported SSE and x87 feature (xfrm=0x3).

Fixes: 301e90675c3f ("target/i386: Enable support for XSAVES based features")
Signed-off-by: Yang Zhong <yang.zhong@linux.intel.com>
Reviewed-by: Yang Weijiang <weijiang.yang@intel.com>
Reviewed-by: Kai Huang <kai.huang@intel.com>
Message-Id: <20230406064041.420039-1-yang.zhong@linux.intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

monitor: mark mixed functions that can suspend

There should be no paths from a coroutine_fn to aio_poll, however in
practice coroutine_mixed_fn will call aio_poll in the !qemu_in_coroutine()
path. By marking mixed functions, we can track accurately the call paths
that execute entirely in coroutine context, and find more missing
coroutine_fn markers. This results in more accurate checks that
coroutine code does not end up blocking.

If the marking were extended transitively to all functions that call
these ones, static analysis could be done much more efficiently.
However, this is a start and makes it possible to use vrc's path-based
searches to find potential bugs where coroutine_fns call blocking functions.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

migration: mark mixed functions that can suspend

There should be no paths from a coroutine_fn to aio_poll, however in
practice coroutine_mixed_fn will call aio_poll in the !qemu_in_coroutine()
path. By marking mixed functions, we can track accurately the call paths
that execute entirely in coroutine context, and find more missing
coroutine_fn markers. This results in more accurate checks that
coroutine code does not end up blocking.

If the marking were extended transitively to all functions that call
these ones, static analysis could be done much more efficiently.
However, this is a start and makes it possible to use vrc's path-based
searches to find potential bugs where coroutine_fns call blocking functions.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

io: mark mixed functions that can suspend

There should be no paths from a coroutine_fn to aio_poll, however in
practice coroutine_mixed_fn will call aio_poll in the !qemu_in_coroutine()
path. By marking mixed functions, we can track accurately the call paths
that execute entirely in coroutine context, and find more missing
coroutine_fn markers. This results in more accurate checks that
coroutine code does not end up blocking.

If the marking were extended transitively to all functions that call
these ones, static analysis could be done much more efficiently.
However, this is a start and makes it possible to use vrc's path-based
searches to find potential bugs where coroutine_fns call blocking functions.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

qapi-gen: mark coroutine QMP command functions as coroutine_fn

Coroutine commands have to be declared as coroutine_fn, but the
marker does not show up in the qapi-comands-* headers; likewise, the
marshaling function calls the command and therefore must be coroutine_fn.
Static analysis would want coroutine_fn to match between prototype and
declaration, because in principle coroutines might be compiled to a
completely different calling convention. So we would like to add the
marker to the header.

Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

target/mips: tcg: detect out-of-bounds accesses to cpu_gpr and cpu_gpr_hi

In some cases (for example gen_compute_branch_nm in
nanomips_translate.c.inc) registers can be unused
on some paths and a negative value is passed in that case:

gen_compute_branch_nm(ctx, OPC_BPOSGE32, 4, -1, -2,
imm << 1);

To avoid an out of bounds access in those cases, introduce
assertions.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

coverity: update COMPONENTS.md

Hexagon is split into two components because it has hundreds of false positives
in the generated files.

capstone and slirp have been removed.

hw/nvme is added to block.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

lasi: fix RTC migration

Migrate rtc_ref (which only needs to be 32-bit because it is summed to
a 32-bit register), which requires bumping the migration version.
The HPPA machine does not have versioned machine types so it is okay
to block migration to old versions of QEMU.

While at it, drop the write-only field rtc from LasiState.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

target/i386: Avoid unreachable variable declaration in mmu_translate()

Coverity complains (CID 1507880) that the declaration "int error_code;"
in mmu_translate() is unreachable code. Since this is only a declaration,
this isn't actually a bug, but:
* it's a bear-trap for future changes, because if it was changed to
   include an initialization 'int error_code = foo;' then the
   initialization wouldn't actually happen (being dead code)
* it's against our coding style, which wants declarations to be
   at the start of blocks
* it means that anybody reading the code has to go and look up
   exactly what the C rules are for skipping over variable declarations
   using a goto

Move the declaration to the top of the function.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20230406155946.3362077-1-peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

configure: Avoid -Werror=maybe-uninitialized

The configure script used to compile some code which dereferences memory
with ubsan to verify the compiler can link with ubsan library which
detects dereferencing of uninitialized memory. However, as the
dereferenced memory was allocated in the same code, GCC can statically
detect the unitialized memory dereference and emit maybe-uninitialized
warning. If -Werror is set, this becomes an error, and the configure
script incorrectly thinks the error indicates the compiler cannot use
ubsan.

Fix this error by replacing the code with another function which adds
1 to a signed integer argument. This brings in ubsan to detect if it
causes signed integer overflow. As the value of the argument cannot be
statically determined, the new function is also immune to compiler
warnings.

Signed-off-by: Akihiko Odaki <akihiko.odaki@daynix.com>
Message-Id: <20230405070030.23148-1-akihiko.odaki@daynix.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

tests: bios-tables-test: replace memset with initializer

Coverity complains that memset() writes over a const field. Use
an initializer instead, so that the const field is left to zero.
Tests that have to write the const field already use an initializer
for the whole struct, here I am choosing the smallest possible
patch (which is not that small already).

Cc: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

vnc: avoid underflow when accessing user-provided address

If hostlen is zero, there is a possibility that addrstr[hostlen - 1]
underflows and, if a closing bracked is there, hostlen - 2 is passed
to g_strndup() on the next line. If websocket==false then
addrstr[0] would be a colon, but if websocket==true this could in
principle happen.

Fix it by checking hostlen.

Reported by Coverity.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

nvme: remove constant argument to tracepoint

The last argument to -pci_nvme_err_startfail_virt_state is always "OFFLINE"
due to the enclosing "if" condition requiring !sctrl->scs. Reported by
Coverity.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

build-sys: add slirp.wrap

This allows to build with --enable-slirp / -D slirp=enabled, even when
libslirp is not installed on the system. "meson subprojects download"
will pull it from git in that case.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20230302131848.1527460-4-marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

build-sys: prevent meson from downloading wrapped subprojects

The following patches are going to introduce meson wrap dependencies,
which is a solution to download and build missing dependencies.

The QEMU build-system will do network access with no way to avoid the
fallback. As a start, hardcode "--wrap-mode=nodownload" in configure, so
that wraps would be used only after a conscious decision of the user to
use "meson subprojects download" (before running configure).

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20230302131848.1527460-3-marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

mtest2make.py: teach suite name that are just "PROJECT"

A subproject test may be simply in the "PROJECT" suite (such as
"qemu-common" with the following patches)

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20230302131848.1527460-2-marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

Open 8.1 development tree

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

travis.yml: Add missing clang-10 package to the 'Clang (disable-tcg)' job

Since commit 74a1b256d775("configure: Bump minimum Clang version to 10.0") qemu
needs Clang version 10.0 as the minimum version to build qemu with
Clang. However 'focal' ships by default with Clang version 7.0.0 which causes an
error while executing the 'Clang (disable-tcg)' travis job of the form below:

<snip>
$clang --version

clang version 7.0.0 (tags/RELEASE_700/final)

<snip>
ERROR: You need at least GCC v7.4 or Clang v10.0 (or XCode Clang v12.0)

# QEMU configure log Fri 14 Apr 2023 03:48:22 PM UTC

# Configured with: '../configure' '--disable-docs' '--disable-tools'
'--disable-containers' '--disable-tcg' '--enable-kvm' '--disable-tools'
'--enable-fdt=system' '--host-cc=clang' '--cxx=clang++'

Fix this by adding 'clang-10' to the 'apt_packages' section of the "[s390x]
Clang (disable-tcg)" job and updating the compiler to 'clang-10'.

Signed-off-by: Vaibhav Jain <vaibhav@linux.ibm.com>
Message-Id: <20230414210645.820204-1-vaibhav@linux.ibm.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>

chardev: Allow setting file chardev input file on the command line

Our 'file' chardev backend supports both "output from this chardev
is written to a file" and "input from this chardev should be read
from a file" (except on Windows). However, you can only set up
the input file if you're using the QMP interface -- there is no
command line syntax to do it.

Add command line syntax to allow specifying an input file
as well as an output file, using a new 'input-path' suboption.

The specific use case I have is that I'd like to be able to
feed fuzzer reproducer input into qtest without having to use
'-qtest stdio' and put the input onto stdin. Being able to
use a file chardev like this:
-chardev file,id=repro,path=/dev/null,input-path=repro.txt -qtest chardev:repro
means that stdio is free for use by gdb.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20230413150724.404304-3-peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
[thuth: Replace "input-file=" typo with "input-path="]
Signed-off-by: Thomas Huth <thuth@redhat.com>

qtest: Don't assert on "-qtest chardev:myid"

If the -qtest command line argument is passed a string that says
"use this chardev for I/O", then it will assert:

$ ./build/clang/qemu-system-i386 -chardev file,path=/dev/null,id=myid -qtest chardev:myid
Unexpected error in qtest_set_chardev() at ../../softmmu/qtest.c:1011:
qemu-system-i386: Cannot find character device 'qtest'
Aborted (core dumped)

This is because in qtest_server_init() we assume that when we create
the chardev with qemu_chr_new() it will always have the name "qtest".
This is true if qemu_chr_new() had to create a new chardev, but not
true if one already existed and is being referred to with
"chardev:myid".

Use the name of the chardev we get back from qemu_chr_new() as the
string to set the qtest 'chardev' property to, instead of hardcoding
it to "qtest".

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20230413150724.404304-2-peter.maydell@linaro.org>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>

test: Fix test-crypto-secret when compiling without keyring support

Linux keyring support is protected by CONFIG_KEYUTILS.
We also need CONFIG_SECRET_KEYRING.

Signed-off-by: Juan Quintela <quintela@redhat.com>
Message-Id: <20230414114252.1136-1-quintela@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>

docs/cxl: Fix sentence

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Message-Id: <20230409201828.1159568-1-sw@weilnetz.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Acked-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>

docs: Fix typo (wphx => whpx)

Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1529
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Message-Id: <20230409201007.1157671-1-sw@weilnetz.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>

hw: Add compat machines for 8.1

Add 8.1 machine types for arm/i440fx/m68k/q35/s390x/spapr.

Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Message-Id: <20230314173009.152667-1-cohuck@redhat.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Acked-by: Gavin Shan <gshan@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>

Update version for v8.0.0 release

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Update version for v8.0.0-rc4 release

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Merge tag 'migration-20230412-pull-request' of https://gitlab.com/juan.quintela/qemu into staging

Migration Pull request for 8.0

Last patches found:
- peter xu preempt channel fixes.
  needed for backward compatibility with old machine types.
- lukas fix to get compress working again.

- fix ram on s390x.  Get back to the old code, even when it shouldn't
  be needed, but as it fails on s390x, just revert.

Later, Juan.

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEGJn/jt6/WMzuA0uC9IfvGFhy1yMFAmQ3HgQACgkQ9IfvGFhy
# 1yPXGQ/+Pf6HepNUlIr7naYOcpRriXPQF+q1zqo74F9fy2vrGcwJOI6qmRTjsX4E
# 9KgXipOz7+b5wSemF7PDKcnBiwyt6UHCH+XXe0h4TpyuORbtABKRgtOhA1/sa84D
# HnKp0TwImpAO26tzPa7u49aau/EEVBKAzFVcyn4w56S9qiDWicOpd5kG0CJBIsMJ
# Mnvy5fXaqQRewnKiwFoJGWfyhzEToDO6Z/SkT5xYON94P+eiM2xMwXOC5WcGfmY7
# wFGDB+SuyEP8TTn7mV0mmnlFjYe4G07hVARHSDFX3ho4b6q5F+WzfW095G6QKiu9
# n3Pzr7IBGX3sgetPtYwOwGsE9JrfHMFzBRxQZZwq5GSmjk7+agkbXmV7RyV82EYs
# KYOhuNF91ca0qvCrGA/eGbbJqVrd7SR5FhS4SQ7oKd5n2au/ZHoKwAgm5lBdcvES
# 2TB0MBN1s0JPh6KMV8tPB2miZyqPRa++oA8qIX7Asoe1X4xVT1FwiDaFL8TO8i2A
# 7uBis3KLZqOHC6dAiXlCDtaADAWgQxjcdoS1l8jTF6MgBSe+zQhXG+pcIDuSiV9N
# WfDiUPY97iqPTvpzdz3Is+LbBax2uY5ZR05KSdmCBpIgfvSWMqXtwRydclt6G5h7
# ZiOcTwrgMpXdbhdsFZTqVWAJG2sTkj4TA+IezVpXzPeQNLZ+T8k=
# =kW3P
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 12 Apr 2023 22:09:24 BST
# gpg:                using RSA key 1899FF8EDEBF58CCEE034B82F487EF185872D723
# gpg: Good signature from "Juan Quintela <quintela@redhat.com>" [full]
# gpg:                 aka "Juan Quintela <quintela@trasno.org>" [full]
# Primary key fingerprint: 1899 FF8E DEBF 58CC EE03  4B82 F487 EF18 5872 D723

* tag 'migration-20230412-pull-request' of https://gitlab.com/juan.quintela/qemu:
  migration: fix ram_state_pending_exact()
  migration/ram.c: Fix migration with compress enabled
  migration: Recover behavior of preempt channel creation for pre-7.2
  migration: Fix potential race on postcopy_qemufile_src
  io: tls: Inherit QIO_CHANNEL_FEATURE_SHUTDOWN on server side

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

hw/xen: Fix double-free in xen_console store_con_info()

Coverity spotted a double-free (CID 1508254); we g_string_free(path) and
then for some reason immediately call free(path) too.

We should just use g_autoptr() for it anyway, which simplifies the code
a bit.

Fixes: 7a8a749da7d3 ("hw/xen: Move xenstore_store_pv_console_info to xen_console.c")
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

migration: fix ram_state_pending_exact()

I removed that bit on commit:

commit c8df4a7aeffcb46020f610526eea621fa5b0cd47
Author: Juan Quintela <quintela@redhat.com>
Date: Mon Oct 3 02:00:03 2022 +0200

migration: Split save_live_pending() into state_pending_*

Fixes: c8df4a7aeffcb46020f610526eea621fa5b0cd47
Suggested-by: Nina Schoetterl-Glausch <nsg@linux.ibm.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>

migration/ram.c: Fix migration with compress enabled

Since ec6f3ab9, migration with compress enabled was broken, because
the compress threads use a dummy QEMUFile which just acts as a
buffer and that commit accidentally changed it to use the outgoing
migration channel instead.

Fix this by using the dummy file again in the compress threads.

Signed-off-by: Lukas Straub <lukasstraub2@web.de>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>

migration: Recover behavior of preempt channel creation for pre-7.2

In 8.0 devel window we reworked preempt channel creation, so that there'll
be no race condition when the migration channel and preempt channel got
established in the wrong order in commit 5655aab079.

However no one noticed that the change will also be not compatible with
older qemus, majorly 7.1/7.2 versions where preempt mode started to be
supported.

Leverage the same pre-7.2 flag introduced in the previous patch to recover
the behavior hopefully before 8.0 releases, so we don't break migration
when we migrate from 8.0 to older qemu binaries.

Fixes: 5655aab079 ("migration: Postpone postcopy preempt channel to be after main")
Signed-off-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>

migration: Fix potential race on postcopy_qemufile_src

postcopy_qemufile_src object should be owned by one thread, either the main
thread (e.g. when at the beginning, or at the end of migration), or by the
return path thread (when during a preempt enabled postcopy migration).  If
that's not the case the access to the object might be racy.

postcopy_preempt_shutdown_file() can be potentially racy, because it's
called at the end phase of migration on the main thread, however during
which the return path thread hasn't yet been recycled; the recycle happens
in await_return_path_close_on_source() which is after this point.

It means, logically it's posslbe the main thread and the return path thread
are both operating on the same qemufile.  While I don't think qemufile is
thread safe at all.

postcopy_preempt_shutdown_file() used to be needed because that's where we
send EOS to dest so that dest can safely shutdown the preempt thread.

To avoid the possible race, remove this only place that a race can happen.
Instead we figure out another way to safely close the preempt thread on
dest.

The core idea during postcopy on deciding "when to stop" is that dest will
send a postcopy SHUT message to src, telling src that all data is there.
Hence to shut the dest preempt thread maybe better to do it directly on
dest node.

This patch proposed such a way that we change postcopy_prio_thread_created
into PreemptThreadStatus, so that we kick the preempt thread on dest qemu
by a sequence of:

  mis->preempt_thread_status = PREEMPT_THREAD_QUIT;
  qemu_file_shutdown(mis->postcopy_qemufile_dst);

While here shutdown() is probably so far the easiest way to kick preempt
thread from a blocked qemu_get_be64().  Then it reads preempt_thread_status
to make sure it's not a network failure but a willingness to quit the
thread.

We could have avoided that extra status but just rely on migration status.
The problem is postcopy_ram_incoming_cleanup() is just called early enough
so we're still during POSTCOPY_ACTIVE no matter what.. So just make it
simple to have the status introduced.

One flag x-preempt-pre-7-2 is added to keep old pre-7.2 behaviors of
postcopy preempt.

Fixes: 9358982744 ("migration: Send requested page directly in rp-return thread")
Signed-off-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>

io: tls: Inherit QIO_CHANNEL_FEATURE_SHUTDOWN on server side

TLS iochannel will inherit io_shutdown() from the master ioc, however we
missed to do that on the server side.

This will e.g. allow qemu_file_shutdown() to work on dest QEMU too for
migration.

Acked-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>

Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging

Fix NFS driver issue.

# -----BEGIN PGP SIGNATURE-----
#
# iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmQ22+MUHHBib256aW5p
# QHJlZGhhdC5jb20ACgkQv/vSX3jHroOYfwgAm3K121ALsF2kDplg+nDA/H69DbCi
# HG0iozJc//MmqF+15dgmClcBn+567U7evSesATv0Bx/UBVN8XtUoS/Krf+QSHd80
# Ycxw1TBgD2Ddc1MmVuYPZetvs8j2a+cYEQIW3ZP5o7Ng88o2BEYiyU1CXA/opfXy
# Lz1lQd3OHK7p00h0uHlqG41XZEuMkj5I6uorqvyDoqVkojtq2agbA7YWEsuiKyzj
# owztvajmh4v0vDSMVuFGr721VIiAm2sFh7JoL69E4EOig47QD3mPPDm8wX48O0dM
# ISKztYKlsSIcGFqpMPsjXioQOiMfp/StfsS1kr6X4B0q4r7UXrpQQ+TMkA==
# =sStc
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 12 Apr 2023 17:27:15 BST
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* tag 'for-upstream' of https://gitlab.com/bonzini/qemu:
  block/nfs: do not poll within a coroutine

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

block/nfs: do not poll within a coroutine

Since the former nfs_get_allocated_file_size is now a coroutine
function, it must suspend rather than poll. Switch BDRV_POLL_WHILE()
to a qemu_coroutine_yield() loop and schedule nfs_co_generic_bh_cb()
in place of the call to bdrv_wakeup().

Fixes: 82618d7bc341 ("block: Convert bdrv_get_allocated_file_size() to co_wrapper", 2023-02-01)
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20230412112606.80983-1-pbonzini@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

Merge tag 'coverity-fixes-pull-request' of git://git.infradead.org/qemu-nvme into staging

hw/nvme coverity fixes

Fix two issues reported by coverity (CID 1451080 and 1451082).

# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEEUigzqnXi3OaiR2bATeGvMW1PDekFAmQ2gfEACgkQTeGvMW1P
# DemcEQf/V+arKs9OFhfqu3OtKQu5R4F2i2Tq3aRulrbZr/dPGkkLjSQjgGdkbg0F
# 8TZQYezFGZdg45QqxfxpVxPf8hrlGX6c/cbVZp9BnIGGXForLLHfrvNQpVVg5Ldm
# 8fA5zBccbnH2ER4nf12xf56WzjKWIpv5Xt/+hqOSoghThKfUxjIowR58fxoZySy6
# zl0cr6+FMnMZkLxGN0EslckNzYzpX5aXfJLMZKPG3G07EVmTgcGfJxjw0pWkzbq6
# ictMeP8BTbOU4IGLC2SIRppkiWEr3rUCL4aPhlPg90rIyXDU4onYP8dr0Y5ZI0gY
# QFtaZpTYEeRw84AJhgyR4U6h37UE/g==
# =kGwj
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 12 Apr 2023 11:03:29 BST
# gpg:                using RSA key 522833AA75E2DCE6A24766C04DE1AF316D4F0DE9
# gpg: Good signature from "Klaus Jensen <its@irrelevant.dk>" [full]
# gpg:                 aka "Klaus Jensen <k.jensen@samsung.com>" [full]
# Primary key fingerprint: DDCA 4D9C 9EF9 31CC 3468  4272 63D5 6FC5 E55D A838
#      Subkey fingerprint: 5228 33AA 75E2 DCE6 A247  66C0 4DE1 AF31 6D4F 0DE9

* tag 'coverity-fixes-pull-request' of git://git.infradead.org/qemu-nvme:
  hw/nvme: fix memory leak in nvme_dsm
  hw/nvme: fix memory leak in fdp ruhid parsing

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

hw/nvme: fix memory leak in nvme_dsm

The iocb (and the allocated memory to hold LBA ranges) leaks if reading
the LBA ranges fails.

Fix this by adding a free and an unref of the iocb.

Reported-by: Coverity (CID 1508281)
Fixes: d7d1474fd85d ("hw/nvme: reimplement dsm to allow cancellation")
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>

hw/nvme: fix memory leak in fdp ruhid parsing

Coverity reports a memory leak of memory when parsing ruhids at
namespace initialization. Since this is just working memory, not needed
beyond the scope of the functions, fix this by adding a g_autofree
annotation.

Reported-by: Coverity (CID 1507979)
Fixes: 73064edfb864 ("hw/nvme: flexible data placement emulation")
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>

Merge tag 'for-upstream' of https://repo.or.cz/qemu/kevin into staging

Block layer patches

- Fix VHDX image corruption bug
- Fix for performance regression: Remove bdrv_co_get_geometry coroutines
  from I/O hot path

# -----BEGIN PGP SIGNATURE-----
#
# iQJFBAABCAAvFiEE3D3rFZqa+V09dFb+fwmycsiPL9YFAmQ1dDARHGt3b2xmQHJl
# ZGhhdC5jb20ACgkQfwmycsiPL9ZM8BAArqnJjr2iAVT/yYHZKO8GUyrt3Ndq9aAb
# hlAoMud0Xkof588I1W4AelOBYz/Cm4OEeFNAYxFbWif6t1iSB/J3FG6EQMCRqOnV
# 1GHIrJO9tolhjGx9GcjbYjXVJDyIsKDhcNCFJ9gke7+zVZLT8bLA5ibdZ2xYEcAp
# DfH27pBa6dlLd2CnDfkatpUwqqUDju+iXLaB4kGN/AG4Xv61Jk9ZqpRIyl1lToXO
# C9HDbHh3U/7fT2q9lMUXecOQnRFhXhvYSyiU+vcCFJPdijYPacC/HqJo200fG67y
# NDw/xviip3nFQWpxB06qx5A/H3UtmacGRSeckPvN7ZuEG4qFJSgYFsJL2+Rd11gu
# y2it06WWpYz+CFtlbfTkDuKj35F9VGFcmdfwnWxcmpMYDBWLbCJuzMpZJkJj5ahm
# QT6cv138nSvhvMpXLLZXER9opdGqqTU7LS2NqSTDFDKlPOnhofl1+FK0dhjrecEf
# A3bVfY8z8j+R2CYRzFINf2FUJA91XJjbv2kaJkV6Jq3x1usmgsm+QmCEefPpYF2l
# nlx5wFewxlqg8skMKDrKPXpB7d3KiKHy829HRJJtgg9RBoI9yST9kSRQ/o1IXlnP
# xCPG23Trik0dj9W178MDrBwf9ug0EKg2a4Ny3ohLq48sJP9pzjL1bR6j0Zww+tcz
# XMvgFSKspeY=
# =4z1y
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 11 Apr 2023 15:52:32 BST
# gpg:                using RSA key DC3DEB159A9AF95D3D7456FE7F09B272C88F2FD6
# gpg:                issuer "kwolf@redhat.com"
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full]
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* tag 'for-upstream' of https://repo.or.cz/qemu/kevin:
  block, block-backend: write some hot coroutine wrappers by hand
  block-backend: ignore inserted state in blk_co_nb_sectors
  block-backend: inline bdrv_co_get_geometry
  migration/block: replace uses of blk_nb_sectors that do not check result
  block: remove has_variable_length from BlockDriver
  block: refresh bs->total_sectors on reopen
  block: remove has_variable_length from filters
  block: move has_variable_length to BlockLimits
  iotests: Regression test for vhdx log corruption
  block/vhdx: fix dynamic VHDX BAT corruption

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

block, block-backend: write some hot coroutine wrappers by hand

The introduction of the graph lock is causing blk_get_geometry, a hot function
used in the I/O path, to create a coroutine. However, the only part that really
needs to run in coroutine context is the call to bdrv_co_refresh_total_sectors,
which in turn only happens in the rare case of host CD-ROM devices.

So, write by hand the three wrappers on the path from blk_co_get_geometry to
bdrv_co_refresh_total_sectors, so that the coroutine wrapper is only created
if bdrv_nb_sectors actually calls bdrv_refresh_total_sectors.

Reported-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20230407153303.391121-9-pbonzini@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

block-backend: ignore inserted state in blk_co_nb_sectors

All callers of blk_co_nb_sectors (and blk_nb_sectors) are able to
handle a non-inserted CD-ROM as a zero-length file, they do not need
to raise an error.

Not using blk_co_is_available() aligns the function with
blk_co_get_geometry(), which becomes a simple wrapper for
blk_co_nb_sectors(). It will also make it possible to skip the creation
of a coroutine in the (common) case where bs->bl.has_variable_length
is false.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20230407153303.391121-8-pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

block-backend: inline bdrv_co_get_geometry

bdrv_co_get_geometry is only used in blk_co_get_geometry. Inline it in
there, to reduce the number of wrappers for bs->total_sectors.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20230407153303.391121-7-pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

migration/block: replace uses of blk_nb_sectors that do not check result

Uses of blk_nb_sectors must check whether the result is negative.
Otherwise, underflow can happen. Fortunately, alloc_aio_bitmap()
and bmds_aio_inflight() both have an alternative way to retrieve the
number of sectors in the file.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20230407153303.391121-6-pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>