git.maquefel.me Git - qemu.git/log

Merge tag 'pull-tcg-20241022' of https://gitlab.com/rth7680/qemu into staging

tcg: Reset data_gen_ptr correctly
tcg/riscv: Implement host vector support
tcg/ppc: Fix tcg_out_rlw_rc
target/i386: Walk NPT in guest real mode
target/i386: Use probe_access_full_mmu in ptw_translate
linux-user: Fix build failure caused by missing __u64 on musl
linux-user: Emulate /proc/self/maps under mmap_lock
linux-user/riscv: Fix definition of RISCV_HWPROBE_EXT_ZVFHMIN
linux-user/ppc: Fix sigmask endianness issue in sigreturn

# -----BEGIN PGP SIGNATURE-----
#
# iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmcYbccdHHJpY2hhcmQu
# aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV97TwgAmg27QFCdiTrqZgs2
# P1AO40zTgyTAwWx2gykaEuDWNhz/uSWvlBRN0/636wqGPkbJtrRHYM26og4BAThh
# o172/IwiZqfKOR1ndHl9j3BrtmrlIlaEEjiikqy1MTZF127irV6JWoJE1mSUrAxy
# 3Cm1K4gnK/e1+LdWf4Lj+K2lE6PpAK/ppKggzOXhtEgKiH1l4bUCl/Fq54wqphUn
# YS+cpmgQDCkXFfmPbQqie0HDpe3bhb75qIDQrbC5JcZdHqV73rTwSZvfUOmS/5Re
# 18K6nfAXXT+Zm0IrJMey/7b1jUWF3nMUVCTuLvmhSOwBAkIvTVYHko9CjvLtM6YH
# UHu3yA==
# =V393
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 23 Oct 2024 04:30:15 BST
# gpg:                using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg:                issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A  05C0 64DF 38E8 AF7E 215F

* tag 'pull-tcg-20241022' of https://gitlab.com/rth7680/qemu: (24 commits)
  linux-user/riscv: Fix definition of RISCV_HWPROBE_EXT_ZVFHMIN
  linux-user: Fix build failure caused by missing __u64 on musl
  linux-user: Trace rt_sigprocmask's sigsets
  linux-user/ppc: Fix sigmask endianness issue in sigreturn
  linux-user: Emulate /proc/self/maps under mmap_lock
  target/i386: Remove ra parameter from ptw_translate
  target/i386: Use probe_access_full_mmu in ptw_translate
  target/i386: Walk NPT in guest real mode
  include/exec: Improve probe_access_full{, _mmu} documentation
  tcg/ppc: Fix tcg_out_rlw_rc
  tcg/riscv: Enable native vector support for TCG host
  tcg/riscv: Implement vector roti/v/x ops
  tcg/riscv: Implement vector shi/s/v ops
  tcg/riscv: Implement vector min/max ops
  tcg/riscv: Implement vector sat/mul ops
  tcg/riscv: Accept constant first argument to sub_vec
  tcg/riscv: Implement vector neg ops
  tcg/riscv: Implement vector cmp/cmpsel ops
  tcg/riscv: Add support for basic vector opcodes
  tcg/riscv: Implement vector mov/dup{m/i}
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Merge tag 'for-upstream' of https://repo.or.cz/qemu/kevin into staging

Block layer patches

- Event throttling for BLOCK_IO_ERROR
- iotests: Fix backup-discard-source test for XFS
- Coverity fixes
- raw-format: Fix error message for invalid offset/size

# -----BEGIN PGP SIGNATURE-----
#
# iQJFBAABCAAvFiEE3D3rFZqa+V09dFb+fwmycsiPL9YFAmcX1wQRHGt3b2xmQHJl
# ZGhhdC5jb20ACgkQfwmycsiPL9aWKA//cyG+Q3EXLouSu2Ob04RArX8HgAzLmHL3
# Fx9x6BbDtusPfzxKVLqhJhJ5/oRyk0QWkdZKGNSxinLD3DBJ6q6FMNaWhuvzOBcy
# iHnWlMfwEIBl5vFJwM5Q/d7F2afOUiVSeR7E4TQn063cBo96qIrAD7DRLM01jBEN
# d9+9nkBruwgmxZJIr3WTsqjDoTqflcjxA6Adp/WkzVXBMMYqcsuReXQtrgfFooKw
# yhjkHq5nFKzebvK+BLjA0ytuvUlsRqLYDXN+bAk/rC6oCgbzygAjNwL5kUEYnV1r
# lVRSOxRUlet4v2GFCvplxw5tX3aJzlWB50v7d+oaBYR72htTtPeIZzadBJySdtSk
# DxEUR5kTcGK/vSI+WOapTVK+qU+Wr+6lFwGOL0zEYZyfvpyoFwfAlkjAUbf27FzX
# BDIL+hi9aVr+ZDooqcs0XUjGe1/1B+8SaNqMexqDUjxGDN4OfZhdQKD6uTjabc07
# aiZqKH1ZWViQlNgMcqpXecXS+r+Qc+R6Qga/iwJuhhPKp3VhUEtuDaHajPiTx17q
# 157CedcXxXKPRnNC/IneU0lOageknCLpRpIHZi3pYgcyfX1evE8CgF0aLZsN8tTv
# cdFJh7S89CknvK1sL18pcbV5/mtpDH/0DIWGg4d98O9X8Y/vluYEqSf6kPrjg6lR
# aVHU4/E8p8Y=
# =c+28
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 22 Oct 2024 17:47:00 BST
# gpg:                using RSA key DC3DEB159A9AF95D3D7456FE7F09B272C88F2FD6
# gpg:                issuer "kwolf@redhat.com"
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full]
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* tag 'for-upstream' of https://repo.or.cz/qemu/kevin:
  raw-format: Fix error message for invalid offset/size
  block-backend: per-device throttling of BLOCK_IO_ERROR reports
  qapi: add qom-path to BLOCK_IO_ERROR event
  iotests/backup-discard-source: don't use actual-size
  iotests/backup-discard-source: convert size variable to be int
  block/vdi.c: Make SECTOR_SIZE constant 64-bits
  tests/qemu-iotests/211.out: Update to expect MapEntry 'compressed' field
  block/ssh.c: Don't double-check that characters are hex digits
  block/gluster: Use g_autofree for string in qemu_gluster_parse_json()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Merge tag 'misc-fixes-pull-request' of https://gitlab.com/berrange/qemu into staging

Misc sockets, crypto and VNC fixes

* Fix rare EADDRINUSE failures on OpenBSD platforms seen
  with migration
* Fix & test overwriting of hash output buffer
* Close connection instead of returning empty SASL mechlist to
  VNC clients
* Fix handling of SASL SSF on VNC server UNIX sockets
* Fix handling of NULL SASL server data in VNC server
* Validate trailing NUL padding byte from SASL client
* Fix & test AF_ALG crypto backend build
* Remove unused code in sockets and crypto subsystems

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEE2vOm/bJrYpEtDo4/vobrtBUQT98FAmcXscUACgkQvobrtBUQ
# T9+S+Q//W9fywFY42VnsPqIAi7Q+QPDvXrPVVQ1z817hcyxdMVWC+eAg97i3QsE8
# f/+nwrigV9CIv9jqdBdMUIRLm4XhyuDspksgBAQUJ1XYmmVSmFwh2ej31m/qI8fK
# fu0v6N6udkcg+5eoWEOL873hKAA+vjq30tM5Zp74fMHZahnvgjThgaJY6Z6OsCyX
# 6Pgxl3Z1gym1IqQFz0nOdTMnzsQrAJbV8z2FWMKgHayg01nVoXlo5FMnNgIdItJC
# v+4qX5sfRJIENJcRKMNY4dQUqbO1004+HXECLbge8pR7vsUli06xjLBkSbt/9M6r
# x3lfDGKavPrKfsPk1H+eTlge/43IjJk+mXMgZxmyvrvgnyVulxRvz7ABKJ+VBUeq
# CDrAuAK4tm5BIxKu6cg4CcmlqsDXwq6Sb+NdsbxTv0Deop73WZR3HCamRNU1JXkA
# eXBY4QSuVA96s5TnlfZWZytIY9NmyjN48ov+ly2fOkbv/xxoUNFBY8TApSJZ/Veo
# 4EvGlIfgxjv668n/2eyt67E00dGC3idTbaWYeGjgUKVyNPpxicDOnM3NTwMP3/0k
# DZbvfoJcwfhPVoFMdV7ZvJKA3i8v11HdaEI0urfjm5nJWbyik6+++skan9F/femL
# eRTnH2hr5sUV+eQAl2YhGuBElLmKf/HqTCeNs3lwrUQsnb9bPNc=
# =fK8K
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 22 Oct 2024 15:08:05 BST
# gpg:                using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full]
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>" [full]
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E  8E3F BE86 EBB4 1510 4FDF

* tag 'misc-fixes-pull-request' of https://gitlab.com/berrange/qemu:
  gitlab: enable afalg tests in fedora system test
  ui: validate NUL byte padding in SASL client data more strictly
  ui: fix handling of NULL SASL server data
  ui/vnc: don't check for SSF after SASL authentication on UNIX sockets
  ui/vnc: fix skipping SASL SSF on UNIX sockets
  ui/vnc: don't raise error formatting socket address for non-inet
  ui/vnc: don't return an empty SASL mechlist to the client
  crypto/hash-afalg: Fix broken build
  include/crypto: clarify @result/@result_len for hash/hmac APIs
  tests: correctly validate result buffer in hash/hmac tests
  crypto/hash: avoid overwriting user supplied result pointer
  util: don't set SO_REUSEADDR on client sockets
  sockets: Remove deadcode
  crypto: Remove unused DER string functions

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

linux-user/riscv: Fix definition of RISCV_HWPROBE_EXT_ZVFHMIN

Current definition yields a negative 32bits value, messing up hwprobe
result when Zvfhmin extension presents. Replace it by using a 1ULL bit
shift value as done in kernel upstream.

Link: https://github.com/torvalds/linux/commit/5ea6764d9095e234b024054f75ebbccc4f0eb146
Fixes: a3432cf227 ("linux-user/riscv: Sync hwprobe keys with Linux")
Cc: qemu-stable@nongnu.org
Signed-off-by: Yao Zi <ziyao@disroot.org>
Message-ID: <20241022160136.21714-2-ziyao@disroot.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

linux-user: Fix build failure caused by missing __u64 on musl

Commit 9651cead2f ("linux-user: add openat2 support in linux-user")
ships a definition of struct open_how_ver0 while assuming type __u64 is
available in code, which is not the case when building QEMU on musl.
Let's replaces __u64 with uint64_t.

Fixes: 9651cead2f ("linux-user: add openat2 support in linux-user")
Signed-off-by: Yao Zi <ziyao@disroot.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-ID: <20241022122929.17465-2-ziyao@disroot.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

linux-user: Trace rt_sigprocmask's sigsets

Add a function for formatting target sigsets. It can be useful for
other syscalls in the future, so put it into the beginning of strace.c.
For simplicity, do not implement the strace's ~[] output syntax.

Add a rt_sigprocmask return handler.

Example outputs:

    753914 rt_sigprocmask(SIG_BLOCK,[SIGCHLD SIGTSTP SIGTTIN SIGTTOU],0x00007f80fddfe380,8) = 0 (oldset=[SIGTTOU])
    753914 rt_sigprocmask(SIG_SETMASK,[SIGCHLD],NULL,8) = 0
    753914 rt_sigprocmask(SIG_BLOCK,NULL,0x00007f80fddff3c0,8) = 0 (oldset=[])

Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Message-ID: <20241022102726.18520-1-iii@linux.ibm.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

linux-user/ppc: Fix sigmask endianness issue in sigreturn

do_setcontext() copies the target sigmask without endianness handling
and then uses target_to_host_sigset_internal(), which expects a
byte-swapped one. Use target_to_host_sigset() instead.

Fixes: bcd4933a23f1 ("linux-user: ppc signal handling")
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20241017125811.447961-2-iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

linux-user: Emulate /proc/self/maps under mmap_lock

If one thread modifies the mappings and another thread prints them,
a situation may occur that the printer thread sees a guest mapping
without a corresponding host mapping, leading to a crash in
open_self_maps_2().

Cc: qemu-stable@nongnu.org
Fixes: 7b7a3366e142 ("linux-user: Use walk_memory_regions for open_self_maps")
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241014203441.387560-1-iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

target/i386: Remove ra parameter from ptw_translate

This argument is no longer used.

Suggested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241013184733.1423747-4-richard.henderson@linaro.org>

target/i386: Use probe_access_full_mmu in ptw_translate

The probe_access_full_mmu function was designed for this purpose,
and does not report the memory operation event to plugins.

Cc: qemu-stable@nongnu.org
Fixes: 6d03226b422 ("plugins: force slow path when plugins instrument memory ops")
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241013184733.1423747-3-richard.henderson@linaro.org>

target/i386: Walk NPT in guest real mode

When translating virtual to physical address with a guest CPU that
supports nested paging (NPT), we need to perform every page table walk
access indirectly through the NPT, which we correctly do.

However, we treat real mode (no page table walk) special: In that case,
we currently just skip any walks and translate VA -> PA. With NPT
enabled, we also need to then perform NPT walk to do GVA -> GPA -> HPA
which we fail to do so far.

The net result of that is that TCG VMs with NPT enabled that execute
real mode code (like SeaBIOS) end up with GPA==HPA mappings which means
the guest accesses host code and data. This typically shows as failure
to boot guests.

This patch changes the page walk logic for NPT enabled guests so that we
always perform a GVA -> GPA translation and then skip any logic that
requires an actual PTE.

That way, all remaining logic to walk the NPT stays and we successfully
walk the NPT in real mode.

Cc: qemu-stable@nongnu.org
Fixes: fe441054bb3f0 ("target-i386: Add NPT support")
Signed-off-by: Alexander Graf <graf@amazon.com>
Reported-by: Eduard Vlad <evlad@amazon.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20240921085712.28902-1-graf@amazon.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

include/exec: Improve probe_access_full{, _mmu} documentation

Suggested-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241013184733.1423747-2-richard.henderson@linaro.org>

tcg/ppc: Fix tcg_out_rlw_rc

The TCG IR sequence:

  mov_i32 tmp97,$0xc4240000             dead: 1  pref=0xffffffff
  mov_i32 tmp98,$0x0                    pref=0xffffffff
  rotr_i32 tmp97,tmp97,tmp98            dead: 1 2  pref=0xffffffff

was translated to `slwi r15, r14, 0` instead of `slwi r14, r14, 0`
due to SH field overflow.  SH field is 5 bits, and tcg_out_rlw is called
in some situations with `32-n`, when `n` is 0 it results in an overflow
to RA field.

This commit prevents overflow of that field and adds debug assertions
for the other fields

Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Dani Szebenyi <szedani@linux.ibm.com>
Message-ID: <20241022133535.69351-2-szedani@linux.ibm.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

tcg/riscv: Enable native vector support for TCG host

Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241007025700.47259-13-zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

tcg/riscv: Implement vector roti/v/x ops

Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com>
Message-ID: <20241007025700.47259-12-zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

tcg/riscv: Implement vector shi/s/v ops

Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241007025700.47259-11-zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

tcg/riscv: Implement vector min/max ops

Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241007025700.47259-10-zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

tcg/riscv: Implement vector sat/mul ops

Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241007025700.47259-9-zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

tcg/riscv: Accept constant first argument to sub_vec

Use vrsub.vi to subtract from a constant.

Reviewed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

tcg/riscv: Implement vector neg ops

Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241007025700.47259-8-zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

tcg/riscv: Implement vector cmp/cmpsel ops

Extend comparison results from mask registers to SEW-width elements,
following recommendations in The RISC-V SPEC Volume I (Version 20240411).
This aligns with TCG's cmp_vec behavior by expanding compare results to
full element width: all 1s for true, all 0s for false.

Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241007025700.47259-7-zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

tcg/riscv: Add support for basic vector opcodes

Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241007025700.47259-6-zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

tcg/riscv: Implement vector mov/dup{m/i}

Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241007025700.47259-5-zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

tcg/riscv: Add basic support for vector

The RISC-V vector instruction set utilizes the LMUL field to group
multiple registers, enabling variable-length vector registers. This
implementation uses only the first register number of each group while
reserving the other register numbers within the group.

In TCG, each VEC_IR can have 3 types (TCG_TYPE_V64/128/256), and the
host runtime needs to adjust LMUL based on the type to use different
register groups.

This presents challenges for TCG's register allocation. Currently, we
avoid modifying the register allocation part of TCG and only expose the
minimum number of vector registers.

For example, when the host vlen is 64 bits and type is TCG_TYPE_V256, with
LMUL equal to 4, we use 4 vector registers as one register group. We can
use a maximum of 8 register groups, but the V0 register number is reserved
as a mask register, so we can effectively use at most 7 register groups.
Moreover, when type is smaller than TCG_TYPE_V256, only 7 registers are
forced to be used. This is because TCG cannot yet dynamically constrain
registers with type; likewise, when the host vlen is 128 bits and
TCG_TYPE_V256, we can use at most 15 registers.

There is not much pressure on vector register allocation in TCG now, so
using 7 registers is feasible and will not have a major impact on code
generation.

This patch:
1. Reserves vector register 0 for use as a mask register.
2. When using register groups, reserves the additional registers within
each group.

Signed-off-by: Huang Shiyuan <swung0x48@outlook.com>
Co-authored-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241007025700.47259-3-zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

util: Add RISC-V vector extension probe in cpuinfo

Add support for probing RISC-V vector extension availability in
the backend. This information will be used when deciding whether
to use vector instructions in code generation.

Cache lg2(vlenb) for the backend. The storing of lg2(vlenb) means
we can convert all of the division into subtraction.

While the compiler doesn't support RISCV_HWPROBE_EXT_ZVE64X,
we use RISCV_HWPROBE_IMA_V instead. RISCV_HWPROBE_IMA_V is more
strictly constrainted than RISCV_HWPROBE_EXT_ZVE64X. At least in
current QEMU implemenation, the V vector extension depends on the
zve64d extension.

Signed-off-by: TANG Tiancheng <tangtiancheng.ttc@alibaba-inc.com>
Reviewed-by: Liu Zhiwei <zhiwei_liu@linux.alibaba.com>
Tested-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Message-ID: <20241007025700.47259-2-zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

disas/riscv: Fix vsetivli disassembly

The first immediate field is unsigned, whereas operand_vimm
extracts a signed value. There is no need to mask the result
with 'u'; just print the immediate with 'i'.

Fixes: 07f4964d178 ("disas/riscv.c: rvv: Add disas support for vector instructions")
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

tcg: Reset data_gen_ptr correctly

This pointer needs to be reset after overflow just like
code_buf and code_ptr.

Cc: qemu-stable@nongnu.org
Fixes: 57a269469db ("tcg: Infrastructure for managing constant pools")
Acked-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

raw-format: Fix error message for invalid offset/size

s->offset and s->size are only set at the end of the function and still
contain the old values when formatting the error message. Print the
parameters with the new values that we actually checked instead.

Fixes: 500e2434207d ('raw-format: Split raw_read_options()')
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-ID: <20240829185527.47152-1-kwolf@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Hanna Czenczek <hreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

block-backend: per-device throttling of BLOCK_IO_ERROR reports

BLOCK_IO_ERROR events comes from guest, so we must throttle them.
We still want per-device throttling, so let's use device id as a key.

Signed-off-by: Leonid Kaplan <xeor@yandex-team.ru>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Message-ID: <20241002151806.592469-3-vsementsov@yandex-team.ru>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

qapi: add qom-path to BLOCK_IO_ERROR event

We need something more reliable than "device" (which absent in modern
interfaces) and "node-name" (which may absent, and actually don't
specify the device, which is a source of error) to make a per-device
throttling for the event in the following commit.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Message-ID: <20241002151806.592469-2-vsementsov@yandex-team.ru>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

iotests/backup-discard-source: don't use actual-size

Relying on disk usage is bad thing, and test just doesn't work on XFS.

Let's instead add a dirty bitmap to track writes to test image.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Message-ID: <20240620144402.65896-3-vsementsov@yandex-team.ru>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Tested-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

iotests/backup-discard-source: convert size variable to be int

Make variable reusable in code for checks. Don't care to change "512 *
1024" invocations as they will be dropped in the next commit.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Message-ID: <20240620144402.65896-2-vsementsov@yandex-team.ru>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

block/vdi.c: Make SECTOR_SIZE constant 64-bits

Make the VDI SECTOR_SIZE define be a 64-bit constant; this matches
how we define BDRV_SECTOR_SIZE.  The benefit is that it means that we
don't need to carefully cast to 64-bits when doing operations like
"n_sectors * SECTOR_SIZE" to avoid doing a 32x32->32 multiply, which
might overflow, and which Coverity and other static analysers tend to
warn about.

The specific potential overflow Coverity is highlighting is the one
at the end of vdi_co_pwritev() where we write out n_sectors sectors
to the block map.  This is very unlikely to actually overflow, since
the block map has 4 bytes per block and the maximum number of blocks
in the image must fit into a 32-bit integer.  So this commit is not
fixing a real-world bug.

An inspection of all the places currently using SECTOR_SIZE in the
file shows none which care about the change in its type, except for
one call to error_setg() which needs the format string adjusting.

Resolves: Coverity CID 1508076
Suggested-by: Kevin Wolf <kwolf@redhat.com>
Message-ID: <20241008164708.2966400-5-peter.maydell@linaro.org>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

tests/qemu-iotests/211.out: Update to expect MapEntry 'compressed' field

In commit 52b10c9c0c68e90f in 2023 the QAPI MapEntry struct was
updated to add a 'compressed' field. That commit updated a number
of iotest expected-output files, but missed 211, which is vdi
specific. The result is that
./check -vdi
and more specifically
./check -vdi 211
fails because the expected and actual output don't match.

Update the reference output.

Cc: qemu-stable@nongnu.org
Fixes: 52b10c9c0c68e90f ("qemu-img: map: report compressed data blocks")
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-ID: <20241008164708.2966400-4-peter.maydell@linaro.org>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

block/ssh.c: Don't double-check that characters are hex digits

In compare_fingerprint() we effectively check whether the characters
in the fingerprint are valid hex digits twice: first we do so with
qemu_isxdigit(), but then the hex2decimal() function also has a code
path where it effectively detects an invalid digit and returns -1.
This causes Coverity to complain because it thinks that we might use
that -1 value in an expression where it would be an integer overflow.

Avoid the double-check of hex digit validity by testing the return
values from hex2decimal() rather than doing separate calls to
qemu_isxdigit().

Since this means we now use the illegal-character return value
from hex2decimal(), rewrite it from "-1" to "UINT_MAX", which
has the same effect since the return type is "unsigned" but
looks less confusing at the callsites when we detect it with
"c0 > 0xf".

Resolves: Coverity CID 1547813
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-ID: <20241008164708.2966400-3-peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

block/gluster: Use g_autofree for string in qemu_gluster_parse_json()

In the loop in qemu_gluster_parse_json() we do:

    char *str = NULL;
    for(...) {
        str = g_strdup_printf(...);
        ...
        if (various errors) {
            goto out;
        }
        ...
        g_free(str);
        str = NULL;
    }
    return 0;
out:
    various cleanups;
    g_free(str);
    ...
    return -errno;

Coverity correctly complains that the assignment "str = NULL" at the
end of the loop is unnecessary, because we will either go back to the
top of the loop and overwrite it, or else we will exit the loop and
then exit the function without ever reading str again. The assignment
is there as defensive coding to ensure that str is only non-NULL if
it's a live allocation, so this is intentional.

We can make Coverity happier and simplify the code here by using
g_autofree, since we never need 'str' outside the loop.

Resolves: Coverity CID 1527385
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20241008164708.2966400-2-peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

Merge tag 'pull-trivial-patches' of https://gitlab.com/mjt0k/qemu into staging

trivial patches for 2024-10-22

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCgAdFiEEZKoqtTHVaQM2a/75gqpKJDselHgFAmcXQugACgkQgqpKJDse
# lHjSfg//ZVmwp7zuGJC6dFwgCIoVc1IqERliuiBQNosw/IYSPwt6S4+lECR6Hu+N
# 4ktKAO6MKwQgBDoqw9Wz+lDASHKJ3VbDkyxfE4wfOz7C1UrCxGEsUzy43wI3Ms5J
# fM175GWTQZiJZkmf0hLmRKtgmouq7YbjPqPvCQTQP/NT8k6f2KiY+YKLmo2cMoUJ
# Ra+JPOKMTQhGTCCOtijdK/6whtUuym7X6hW3LaXC8cjehfwE+dRf7gcApZG8fcKE
# 1ALFbXRlRL+FFM5GfsWr39rtJI0XXdm8fa+dIOuXJQe8X9xns/Ha8fLqiKVo+9k+
# Axk+B2xFopIf6CBPxfXyxzcDnx5KBhIIO86D/M+rSK+pqTaNYcad8OY9ciSBQien
# EgDJDp8DtM6gmY0xa7kMXEKy127l4DWlIp2bM3Ufuv3r5+FS1tSsz5Tfx/d9LRfV
# JPt/9Xl/gW5XAB3+HEc7nkP+/YW4C79nZbkxEYiDIFKa9SrAxbBkuTPGzReAly4y
# zUAaxk0qbtqfYrufz1oiEz3eCoY7zTmey015AfMPwQMHhqPIAYOjv6bwYVOzVTFj
# Vh7xhS+qn/iLDhEB10XqOALIuQu+PCtQjIwHakwGD0IEjG0G1b363p3eYO/+UpDl
# E3ydNh/K61/oCvQJcAJM0lY3KdlVxDCY499KwNDAjSnZL8i8gFY=
# =zFvF
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 22 Oct 2024 07:15:04 BST
# gpg:                using RSA key 64AA2AB531D56903366BFEF982AA4A243B1E9478
# gpg: Good signature from "Michael Tokarev <mjt@debian.org>" [full]
# gpg:                 aka "Michael Tokarev <mjt@corpit.ru>" [full]
# gpg:                 aka "Michael Tokarev <mjt@tls.msk.ru>" [full]
# Primary key fingerprint: 9D8B E14E 3F2A 9DD7 9199  28F1 61AD 3D98 ECDF 2C8E
#      Subkey fingerprint: 64AA 2AB5 31D5 6903 366B  FEF9 82AA 4A24 3B1E 9478

* tag 'pull-trivial-patches' of https://gitlab.com/mjt0k/qemu:
  replace error_setg(&error_fatal, ...) with error_report()
  meson.build: Remove ncurses workaround for OpenBSD
  configure: Replace literally printed '\n' with newline
  ui/console-vc: Silence warning about sprintf() on OpenBSD
  linux-user: Clean up unused header

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

gitlab: enable afalg tests in fedora system test

The AF_ALG crypto integration for Linux is not being tested in
any CI scenario. It always requires an explicit configure time
flag to be passed to turn it on. The Fedora system test is
arbitrarily picked as the place to test it.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

ui: validate NUL byte padding in SASL client data more strictly

When the SASL data is non-NULL, the SASL protocol spec requires that
it is padded with a trailing NUL byte. QEMU discards the trailing
byte, but does not currently validate that it was in fact a NUL.
Apply strict validation to better detect any broken clients.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

ui: fix handling of NULL SASL server data

The code is supposed to distinguish between SASL server data that
is NULL, vs non-NULL but zero-length. It was incorrectly checking
the 'serveroutlen' variable, rather than 'serverout' though, so
failing to distinguish the cases.

Fortunately we can fix this without breaking compatibility with
clients, as clients already know how to decode the input data
correctly.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

ui/vnc: don't check for SSF after SASL authentication on UNIX sockets

Although we avoid requesting an SSF when querying SASL mechanisms for a
UNIX socket client, we still mistakenly checked for availability of an
SSF once the SASL auth process is complete.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

ui/vnc: fix skipping SASL SSF on UNIX sockets

The 'is_unix' flag is set on the VNC server during startup, however,
a regression in:

  commit 8bd22f477f68bbd7a9c88e926e7a58bf65605e39
  Author: Daniel P. Berrangé <berrange@redhat.com>
  Date:   Fri Feb 3 12:06:46 2017 +0000

    ui: extract code to connect/listen from vnc_display_open

meant we stopped setting the 'is_unix' flag when QEMU listens for
VNC sockets, only setting when QEMU does a reverse VNC connection.

Rather than fixing setting of the 'is_unix' flag, remove it, and
directly check the live client socket address. This is more robust
to a possible situation where the VNC server was listening on a
mixture of INET and UNIX sockets.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

ui/vnc: don't raise error formatting socket address for non-inet

The SASL library requires the connection's local & remote IP address to
be passed in, since some mechanism may use this information. Currently
QEMU raises an error for non-inet sockets, but it is valid to pass NULL
to the SASL library. Doing so makes SASL work on UNIX sockets.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

ui/vnc: don't return an empty SASL mechlist to the client

The SASL initialization phase may determine that there are no valid
mechanisms available to use. This may be because the host OS admin
forgot to install some packages, or it might be because the requested
SSF level is incompatible with available mechanisms, or other unknown
reasons.

If we return an empty mechlist to the client, they're going to get a
failure from the SASL library on their end and drop the connection.
Thus there is no point even sending this back to the client, we can
just drop the connection immediately.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

crypto/hash-afalg: Fix broken build

Fux build broken by semantic conflict with commit
8f525028bc6 (qapi/crypto: Rename QCryptoAFAlg to QCryptoAFAlgo).

Fixes: 90c3dc60735a (crypto/hash-afalg: Implement new hash API)
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

include/crypto: clarify @result/@result_len for hash/hmac APIs

The @result parameter passed to hash/hmac APIs may either contain
a pre-allocated buffer, or a buffer can be allocated on the fly.
Clarify these two different usage models in the API docs.

Reviewed-by: Dorjoy Chowdhury <dorjoychy111@gmail.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

tests: correctly validate result buffer in hash/hmac tests

Validate that the pre-allocated buffer pointer was not overwritten
by the hash/hmac APIs.

Reviewed-by: Dorjoy Chowdhury <dorjoychy111@gmail.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

crypto/hash: avoid overwriting user supplied result pointer

If the user provides a pre-allocated buffer for the hash result,
we must use that rather than re-allocating a new buffer.

Reported-by: Dorjoy Chowdhury <dorjoychy111@gmail.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

util: don't set SO_REUSEADDR on client sockets

Setting the SO_REUSEADDR property on a socket allows binding to a port
number that is in the TIMED_WAIT state. This is usually done on listener
sockets, to enable a server to restart itself without having to wait for
the completion of TIMED_WAIT on the port.

It is also possible, but highly unusual, to set it on client sockets. It
is rare to explicitly bind() a client socket, since it is almost always
fine to allow the kernel to auto-bind a client socket to a random free
port. Most systems will have many 10's of 1000's of free ports that
client sockets will be bound to.

eg on Linux

  $ sysctl -a | grep local_port
  net.ipv4.ip_local_port_range = 32768 60999

eg on OpenBSD

  $ sysctl -a | grep net.inet.ip.port
  net.inet.ip.portfirst=1024
  net.inet.ip.portlast=49151
  net.inet.ip.porthifirst=49152
  net.inet.ip.porthilast=65535

A connected socket must have a unique set of value for

(protocol, localip, localport, remoteip, remoteport)

otherwise it is liable to get EADDRINUSE.

A client connection should trivially avoid EADDRINUSE if letting the
kernel auto-assign the 'localport' value, which QEMU always does.

When QEMU sets SO_REUSEADDR on a client socket on OpenBSD, however, it
upsets this situation.

The OpenBSD kernel appears to happily pick a 'localport' that is in the
TIMED_WAIT state, even if there are many other available local ports
available for use that are not in the TIMED_WAIT state.

A test program that just loops opening client sockets will start seeing
EADDRINUSE on OpenBSD when as few as 2000 ports are in TIMED_WAIT,
despite 10's of 1000's ports still being unused. This contrasts with
Linux which appears to avoid picking local ports in TIMED_WAIT state.

This problem on OpenBSD exhibits itself periodically with the migration
test failing with a message like[1]:

  qemu-system-ppc64: Failed to connect to '127.0.0.1:24109': Address already in use

While I have not been able to reproduce the OpenBSD failure in my own
testing, given the scope of what QEMU tests do, it is entirely possible
that there could be a lot of ports in TIMED_WAIT state when the
migration test runs.

Removing SO_REUSEADDR from the client sockets should not affect normal
QEMU usage, and should improve reliability on OpenBSD.

This use of SO_REUSEADDR on client sockets is highly unusual, and
appears to have been present since the very start of the QEMU socket
helpers in 2008. The orignal commit has no comment about the use of
SO_REUSEADDR on the client, so is most likely just an 16 year old
copy+paste bug.

[1] https://lists.nongnu.org/archive/html/qemu-devel/2024-10/msg03427.html
    https://lists.nongnu.org/archive/html/qemu-devel/2024-02/msg01572.html

Fixes: d247d25f18764402899b37c381bb696a79000b4e
Reviewed-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Fabiano Rosas <farosas@suse.de>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

sockets: Remove deadcode

socket_remote_address hasn't been used since it was added in
17c55decec ("sockets: add helpers for creating SocketAddress from a socket")

inet_connect hasn't been used since 2017's
8ecc2f9eab ("sheepdog: Use SocketAddress and socket_connect()")

Remove them.

Signed-off-by: Dr. David Alan Gilbert <dave@treblig.org>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

crypto: Remove unused DER string functions

qcrypto_der_encode_octet_str_begin and _end have been unused
since they were added in
3b34ccad66 ("crypto: Support DER encodings")

Remove them.

Signed-off-by: Dr. David Alan Gilbert <dave@treblig.org>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

replace error_setg(&error_fatal, ...) with error_report()

According to include/qapi/error.h:
* Please don't error_setg(&error_fatal, ...), use error_report() and
* exit(), because that's more obvious.

Patch updates all instances of error_setg(&error_fatal, ...) with
error_report(...), adds the explicit exit(1) and removes redundant
return statements.

Signed-off-by: Tudor Gheorghiu <tudor.reda@gmail.com>
Suggested-by: Thomas Huth <thuth@redhat.com>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2587
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
(Mjt: also fold __func__ to previous line)

meson.build: Remove ncurses workaround for OpenBSD

meson.build: Remove ncurses workaround for OpenBSD

OpenBSD 7.5 has upgraded to ncurses 6.4.

Signed-off-by: Brad Smith <brad@comstyle.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

configure: Replace literally printed '\n' with newline

The idea here was to leave an empty line before the message, but by
default, echo prints '\n' literally instead of interpreting it. Use a
separate echo without parameter instead like in other places in the
script.

Fixes: 6fdc5bc173188f5e4942616b16d589500b874a15
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

ui/console-vc: Silence warning about sprintf() on OpenBSD

The linker on OpenBSD complains:

ld: warning: console-vc.c:824 (../src/ui/console-vc.c:824)([...]):
warning: sprintf() is often misused, please use snprintf()

Using g_strdup_printf() is certainly better here, so let's switch
to that function instead.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

linux-user: Clean up unused header

Clean up unused (already commented-out) header from syscall.c.

Signed-off-by: Gustavo Romero <gustavo.romero@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

Merge tag 'pull-request-2024-10-21' of https://gitlab.com/thuth/qemu into staging

* Convert most Tuxrun Avocado tests to the new functional framework
* Update the OpenBSD CI image to OpenBSD v7.6
* Bump timeout of the ide-test
* New maintainer for the QTests
* Disable the pci-bridge on s390x by default

# -----BEGIN PGP SIGNATURE-----
#
# iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmcWfCgRHHRodXRoQHJl
# ZGhhdC5jb20ACgkQLtnXdP5wLbV6kQ//YwRebyA192IBM+XQK5YYmguieHmWxV8J
# fZf0a1dWN8oiT3jzI48YWttiU9P6AMa/dwiuepVl4G9+d+w1c3RhS6kQqJljNbDb
# NGw+LVZZcwY1FJpEsEwbDfePkugYHmNXUU672kxz3I8bv/8NmLDc7R3cI5U/7+SP
# N4lxVM6Hd3XZZdc+O2S8En20E1oAJ6IvJwwhCqjLlT36Ez8P69KQhE0V8MtLnrBg
# FsXZuzmaxt/ZDMhTsiHNl6f7N1oD7Y2TPJrdq7V2aihpDA+zx0RlvBPpzD98ZgeS
# PtdkqjL63B5S3RL4fjJUSb/gbL4oChQ5TZDb2Dfw7Q5qPMZ1cgeJLBwdzHZEZrzF
# RTtn4fObYUqtRF3M0Ha4xXc8odSzJTV2fvpSVXcljG1E4AMcD6CMK0E472XbhkMS
# txZHW+C/IDVJ4OoSncrH8ybi1JasEqJZ0YaPfb+aTsPV058b65l+0jQJtlxLoTIf
# p5LluL3exwr0sS3Aq5tcV3pNITtCv1FkcUk7So8sohO2OLQtC9QA300CSXna8XhQ
# OxgRA1c3HXw23MTJKSWjseDIt1bajvBu+cr/pmDxlYnWWsSCcEFaAoQohwhOMA6Z
# JfJF0tSv+koUsw6hSl7146aylSvDYUKPilAGgAUAy1yscgglMvtmQqWkEta/XGP2
# U8qvX8nUwOM=
# =DJf9
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 21 Oct 2024 17:07:04 BST
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg:                issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* tag 'pull-request-2024-10-21' of https://gitlab.com/thuth/qemu:
  tests/functional: Convert the Avocado sh4 tuxrun test
  Revert "hw/sh4/r2d: Realize IDE controller before accessing it"
  tests/functional: Convert the Avocado ppc32 tuxrun test
  tests/functional: Convert the Avocado mips64el tuxrun test
  tests/functional: Convert the Avocado mips64 tuxrun test
  tests/functional: Convert the Avocado mipsel tuxrun test
  tests/functional: Convert the Avocado mips tuxrun test
  tests/functional: Convert the Avocado x86_64 tuxrun test
  tests/functional: Convert the Avocado i386 tuxrun test
  tests/functional: Convert the Avocado riscv64 tuxrun tests
  tests/functional: Convert the Avocado riscv32 tuxrun tests
  tests/functional: Convert the Avocado arm tuxrun tests
  tests/functional: Convert the Avocado s390x tuxrun test
  tests/functional: Convert the Avocado sparc64 tuxrun test
  tests/functional: Convert the Avocado ppc64 tuxrun tests
  tests/functional: Add a base class for the TuxRun tests
  hw/pci-bridge: Add a Kconfig switch for the normal PCI bridge
  MAINTAINERS: A new maintainer for the qtests
  tests/qtest: Raise the ide-test timeout
  tests/vm: update openbsd image to 7.6

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Merge tag 'edgar/xen-queue-2024-10-21.for-upstream' of https://gitlab.com/edgar.iglesias/qemu into staging

Edgars Xen queue.

# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEErET+3BT38evtv0FRKcWWeA9ryoMFAmcV7NYACgkQKcWWeA9r
# yoM0pAgA2RNMysVe9IhoAlZ6ThGRvAE9epuHtoPERSTfqtFPOOY3UOU7zxrsX9Ov
# YPh41I5YtbV3fB3X8kp51pqcTOWZBBdyCLtj0EFB0XTArPvpOFPueL1q2LgEnlLV
# 77mBHnMarb3SI4INRm/tWWpk7ljgXMA6TSd2JlmO5l1OcZGlURdhLFWBBIRnTg1n
# K+ZqQyq2KMANhIYvN0JAvM45FkwXntUzbxVMIjo0ICk2/EDgcFnGn9V0TgMkcIs3
# ctBEk6reZrdvNghX02r1wsH0HKGn78358G5uZAo9YEQOoTeGDswujHOVsn73ia2a
# 6DChqCfyvlrJt4ljip2WoaoCMlZGdA==
# =QB2W
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 21 Oct 2024 06:55:34 BST
# gpg:                using RSA key AC44FEDC14F7F1EBEDBF415129C596780F6BCA83
# gpg: Good signature from "Edgar E. Iglesias (Xilinx key) <edgar.iglesias@xilinx.com>" [unknown]
# gpg:                 aka "Edgar E. Iglesias <edgar.iglesias@gmail.com>" [full]
# Primary key fingerprint: AC44 FEDC 14F7 F1EB EDBF  4151 29C5 9678 0F6B CA83

* tag 'edgar/xen-queue-2024-10-21.for-upstream' of https://gitlab.com/edgar.iglesias/qemu:
  hw/xen: Avoid use of uninitialized bufioreq_evtchn

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

tests/functional: Convert the Avocado sh4 tuxrun test

Move the test into a new file so that it can be run via
qemu-system-sh4 in the functional framework.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-18-thuth@redhat.com>

Revert "hw/sh4/r2d: Realize IDE controller before accessing it"

This reverts commit 3c5f86a22686ef475a8259c0d8ee714f61c770c9.

Changing the order here caused a regression with the "tuxrun"
kernels (from https://storage.tuxboot.com/20230331/) - ATA commands
fail with a "ata1: lost interrupt (Status 0x58)" message.
Apparently we need to wire the interrupt here first before
realizing the device, so revert the change to the original
behavior.

Reported-by: Guenter Roeck <linux@roeck-us.net>
Acked-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-17-thuth@redhat.com>

tests/functional: Convert the Avocado ppc32 tuxrun test

Move the test into a new file so that it can be run via
qemu-system-ppc in the functional framework.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-16-thuth@redhat.com>

tests/functional: Convert the Avocado mips64el tuxrun test

Move the test into a new file so that it can be run via
qemu-system-mips64el in the functional framework.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-15-thuth@redhat.com>

tests/functional: Convert the Avocado mips64 tuxrun test

Move the test into a new file so that it can be run via
qemu-system-mips64 in the functional framework.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-14-thuth@redhat.com>

tests/functional: Convert the Avocado mipsel tuxrun test

Move the test into a new file so that it can be run via
qemu-system-mipsel in the functional framework.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-13-thuth@redhat.com>

tests/functional: Convert the Avocado mips tuxrun test

Move the test into a new file so that it can be run via
qemu-system-mips in the functional framework.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-12-thuth@redhat.com>

tests/functional: Convert the Avocado x86_64 tuxrun test

Move the tests to a new file so that they can be run via
qemu-system-x86_64 in the functional framework.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-11-thuth@redhat.com>

tests/functional: Convert the Avocado i386 tuxrun test

Move the tests to a new file so that they can be run via
qemu-system-i386 in the functional framework.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-10-thuth@redhat.com>

tests/functional: Convert the Avocado riscv64 tuxrun tests

Move the tests to a new file so that they can be run via
qemu-system-riscv64 in the functional framework.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-9-thuth@redhat.com>

tests/functional: Convert the Avocado riscv32 tuxrun tests

Move the tests to a new file so that they can be run via
qemu-system-riscv32 in the functional framework.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-8-thuth@redhat.com>

tests/functional: Convert the Avocado arm tuxrun tests

Move the tests to a new file so that they can be run via
qemu-system-arm in the functional framework.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-7-thuth@redhat.com>

tests/functional: Convert the Avocado s390x tuxrun test

Move the test to a new file so that it can be run via
qemu-system-s390x in the functional framework.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-6-thuth@redhat.com>

tests/functional: Convert the Avocado sparc64 tuxrun test

Move the test to a new file so that it can be run via
qemu-system-sparc64 in the functional framework.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-5-thuth@redhat.com>

tests/functional: Convert the Avocado ppc64 tuxrun tests

Move the tests to a new file so that they can be run via
qemu-system-ppc64 in the functional framework.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-3-thuth@redhat.com>

tests/functional: Add a base class for the TuxRun tests

Add a base class for the TuxRun tests, based on the code from
tests/avocado/tuxrun_baselines.py (the test have to be put into
separate file in the following commits, depending on the target
architecture that gets tested).

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241011131937.377223-2-thuth@redhat.com>

hw/pci-bridge: Add a Kconfig switch for the normal PCI bridge

The pci-bridge device is not usable on s390x, so introduce a Kconfig
switch that allows to disable it.

Message-ID: <20240913144844.427899-1-thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>

MAINTAINERS: A new maintainer for the qtests

Since I blundered into becoming the maintainer of the new functional
test framework in QEMU (tests/functional/) recently, I need to drop
some other duties - it's getting too much for me otherwise. Laurent
is also quite busy with other projects nowadays, so I looked around
for help.
Fabiano did quite a lot of work in the qtests in the past already,
and is also already a maintainer for migration, so I thought he
would be a very good fit, thus I asked him whether he would be
interested to help out with the qtests and he agreed.
Thank you very much, Fabiano!

Message-ID: <20241011141344.379781-1-thuth@redhat.com>
Acked-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Fabiano Rosas <farosas@suse.de>
Signed-off-by: Thomas Huth <thuth@redhat.com>

tests/qtest: Raise the ide-test timeout

The ide-test occasionally times out: on the system I run
vm-build-openbsd on, it usually takes about 18 seconds, but
occasionally hits the 60s timeout, likely when the host machine is
under heavy load. I have also seen this test hit its time limit on
the s390x CI runner.

Double the timeout for this test so that it won't hit its timeout
even when the host is running more slowly than usual.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20241015113705.239067-1-peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>

tests/vm: update openbsd image to 7.6

Remove tomli as Python has been updated to 3.11.

[thuth: The "Time appears wrong" line is now necessary since the server
seems to provide a wrong timestamp. We likely have to remove that again
later once the server is running with the correct time again]

Signed-off-by: Brad Smith <brad@comstyle.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Message-ID: <ZwtmfVlWgFRF9G8W@humpty.home.comstyle.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>

hw/xen: Avoid use of uninitialized bufioreq_evtchn

Avoid use of uninitialized bufioreq_evtchn. It should only
be used if buffered IOREQs are enabled.

Resolves: Coverity CID 1563383
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Stefano Stabellini <sstabellini@kernel.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@amd.com>

Merge tag 'pull-tpm-2024-10-18-1' of https://github.com/stefanberger/qemu-tpm into staging

Merge tpm 2024/10/18 v1

# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCAAdFiEEuBi5yt+QicLVzsZrda1lgCoLQhEFAmcSXq4ACgkQda1lgCoL
# QhHTRQgAhlSeKfhK1iJsExOmkT/mgAsfoawRUl4DZW4nVmm1xjXmRYcGK8cgEFPn
# gw8UJp294cQqxzP9iehEvXP5zkrjmkIQm8fE3hh9nim6bREeo66uDfcfHJEnUK7i
# eLXLChsTvpCRO6TtILW65jXwvajPzC5ZBu2Wsbao4HUdEPWAm/g6+gMnaHMe4Dq/
# ml19bOhPJy7J7+0g8dBVannD2X/PKbXhBEjbBu15QdvzW8jQNp4s6z3YN84Fec6X
# IoDm+rr0ZZ7hZL/zrbLFT5yGPc23lyVWGyvXBUUNBZCy0jYUFwP7XJFuKwfHp1F1
# 323i4AWBF4fqCtodJje15L+xIJKi1A==
# =c7lX
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 18 Oct 2024 14:12:14 BST
# gpg:                using RSA key B818B9CADF9089C2D5CEC66B75AD65802A0B4211
# gpg: Good signature from "Stefan Berger <stefanb@linux.vnet.ibm.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: B818 B9CA DF90 89C2 D5CE  C66B 75AD 6580 2A0B 4211

* tag 'pull-tpm-2024-10-18-1' of https://github.com/stefanberger/qemu-tpm:
  tests: Wait for migration completion on destination QEMU to avoid failures
  tpm_emulator: Read control channel response in 2 passes
  tpm: Use new ptm_cap_n structure for PTM_GET_CAPABILITY

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Merge tag 'pull-error-2024-10-18' of https://repo.or.cz/qemu/armbru into staging

Error reporting patches for 2024-10-18

# -----BEGIN PGP SIGNATURE-----
#
# iQJGBAABCAAwFiEENUvIs9frKmtoZ05fOHC0AOuRhlMFAmcSXQQSHGFybWJydUBy
# ZWRoYXQuY29tAAoJEDhwtADrkYZTRKcP/R/nmE22MJBDT8LLZEaQpvkqEURpHFVY
# uHcLPBfezWy2A9qgWiPMKEs9Q7L3qpJq2FKCPFx7VyzctMcYt2W70AzVpaBOBkTN
# g5JAyFaJ3cGj6VT/HDZrBeIpySHZI1ynZyRqLvay5aV6l2dIzMWAcpFI4w6He0yJ
# 9CVV5z8K3zh7a7HjkBeWeKn75W2v6cE1PnRlPIsA4Q05LGVU6iHOhZ9LCJYpgIlL
# StJh1zlscSItMbHnfdx0iEiEuoP/nqwoFbA+XpDRzZOLX6+dm2oVwFoApv95bE+/
# CZ8QIy3zda6+V1AGhTfBqDV/NfZZCqzi58YPOo+ny4+sNKXsU7/z2OQzGNVd7NqF
# fpflJAPOe+1tuAd/c40VrJn/DN+TgYVV199kMNfbBojMNaoJh262uvQ9L0NuLcW+
# v0cKYRJsTIIHOFj7NwHR8ALY6ZlE3pdLvz9AivFuLLtK+RtfKw2YQvTDTmqXgRsG
# J6glqTeN+2M9cYb7/r6Kc/P9TGEaSEoCwmAadfmfwLSW/m1UkrqNzn+iC4m1iLe1
# bq+N1iW5T4nhibw8dFCvD4AwFSP9VQNAy5AlKW78Y+K/xAC2781A8PHV9QAIM1/t
# Kz6FRts0Jg6uyB0I7AAZ9k18i1oiEqoz3SjGWpQlTiI7VCMCpgHX6nvwWFPf3Zxa
# Rn0SUg10eUW9
# =sR8Q
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 18 Oct 2024 14:05:08 BST
# gpg:                using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg:                issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full]
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>" [full]
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* tag 'pull-error-2024-10-18' of https://repo.or.cz/qemu/armbru:
  qerror: QERR_PROPERTY_VALUE_OUT_OF_RANGE is no longer used, drop
  hw/intc/openpic: Improve errors for out of bounds property values
  target/i386/cpu: Improve errors for out of bounds property values
  target/i386/cpu: Avoid mixing signed and unsigned in property setters
  block: Adjust check_block_size() signature
  block: Improve errors about block sizes
  error: Drop superfluous #include "qapi/qmp/qerror.h"
  qga: Improve error for guest-set-user-password parameter @crypted
  qga/qapi-schema: Drop obsolete note on "unsupported" errors

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

qerror: QERR_PROPERTY_VALUE_OUT_OF_RANGE is no longer used, drop

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20241010150144.986655-8-armbru@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>

hw/intc/openpic: Improve errors for out of bounds property values

The error message doesn't matter much, as the "openpic" device isn't
user-creatable. But it's the last use of
QERR_PROPERTY_VALUE_OUT_OF_RANGE, which has to go. Change the message
just like the previous commit did for x86 CPUs.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20241010150144.986655-7-armbru@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>

target/i386/cpu: Improve errors for out of bounds property values

The error message for a "stepping" value that is out of bounds is a
bit odd:

    $ qemu-system-x86_64 -cpu qemu64,stepping=16
    qemu-system-x86_64: can't apply global qemu64-x86_64-cpu.stepping=16: Property .stepping doesn't take value 16 (minimum: 0, maximum: 15)

The "can't apply global" part is an unfortunate artifact of -cpu's
implementation.  Left for another day.

The remainder feels overly verbose.  Change it to

    qemu64-x86_64-cpu: can't apply global qemu64-x86_64-cpu.stepping=16: parameter 'stepping' can be at most 15

Likewise for "family", "model", and "tsc-frequency".

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20241010150144.986655-6-armbru@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>

target/i386/cpu: Avoid mixing signed and unsigned in property setters

Properties "family", "model", and "stepping" are visited as signed
integers.  They are backed by bits in CPUX86State member
@cpuid_version.  The code to extract and insert these bits mixes
signed and unsigned.  Not actually wrong, but avoiding such mixing is
good practice.

Visit them as unsigned integers instead.

This adds a few mildly ugly cast in arguments of error_setg().  The
next commit will get rid of them again.

Property "tsc-frequency" is also visited as signed integer.  The value
ultimately flows into the kernel, where it is 31 bits unsigned.  The
QEMU code freely mixes int, uint32_t, int64_t.  I elect not to attempt
draining this swamp today.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20241010150144.986655-5-armbru@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>

block: Adjust check_block_size() signature

Parameter @id is no longer used, drop. Return a bool to indicate
success / failure, as recommended by qapi/error.h.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20241010150144.986655-4-armbru@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>

block: Improve errors about block sizes

Block sizes need to be a power of two between 512 and an arbitrary
limit, currently 2MiB.

Commit 5937835ac4c factored block size checking out of set_blocksize()
into new check_block_size(), for reuse in block/export/.

Its two error messages are okay for the original purpose:

    $ qemu-system-x86_64 -device ide-hd,physical_block_size=1
    qemu-system-x86_64: -device ide-hd,physical_block_size=1: Property .physical_block_size doesn't take value 1 (minimum: 512, maximum: 2097152)
    $ qemu-system-x86_64 -device ide-hd,physical_block_size=513
    qemu-system-x86_64: -device ide-hd,physical_block_size=513: Property .physical_block_size doesn't take value '513', it's not a power of 2

They're mildly off for block exports:

    $ qemu-storage-daemon --blockdev node-name=nod0,driver=file,filename=foo.img --export type=vduse-blk,id=exp0,node-name=nod0,name=foo,logical-block-size=1
    qemu-storage-daemon: --export type=vduse-blk,id=exp0,node-name=nod0,name=foo,logical-block-size=1: Property exp0.logical-block-size doesn't take value 1 (minimum: 512, maximum: 2097152)

The error message talks about a property.  CLI options like --export
don't have properties, they have parameters.

Replace the two error messages by a single one that's okay for both
purposes.  Looks like this:

    qemu-storage-daemon: --export type=vduse-blk,id=exp0,node-name=nod0,name=foo,logical-block-size=1: parameter logical-block-size must be a power of 2 between 512 and 2097152

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20241010150144.986655-3-armbru@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>

error: Drop superfluous #include "qapi/qmp/qerror.h"

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20241010150144.986655-2-armbru@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>

qga: Improve error for guest-set-user-password parameter @crypted

The Windows version of guest-set-user-password rejects argument
"crypted": true with the rather useless "this feature or command is
not currently supported". Improve to "'crypted' must be off on this
host".

QERR_UNSUPPORTED is now unused. Drop.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20240911131206.2503035-3-armbru@redhat.com>

qga/qapi-schema: Drop obsolete note on "unsupported" errors

The note talks about "unsupported" errors and QERR_UNSUPPORTED. The
former is vague, and the latter makes sense only in C, not in external
interface documentation. Fortunately, we don't have to address this
anymore: recent merge commit 3b5efc553eb got rid of these errors.
Delete the note.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20240911131206.2503035-2-armbru@redhat.com>

tests: Wait for migration completion on destination QEMU to avoid failures

Rather than waiting for the completion of migration on the source side,
wait for it on the destination QEMU side to avoid accessing the TPM TIS
memory mapped registers before QEMU could restore their state. This
error condition could be triggered on busy systems where the destination
QEMU did not have enough time to restore the TIS state while the test case
was already reading its registers. The test case was for example reading
the STS register and received an unexpected value (0xffffffff), which
lead to a segmentation fault later on due to trying to read 0xffff bytes
from the TIS into a buffer.

Cc: <qemu-stable@nongnu.org>
Reported-by: Fabiano Rosas <farosas@suse.de>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

tpm_emulator: Read control channel response in 2 passes

Error responses from swtpm are typically only 4 bytes long with the
exception of a few commands that return more bytes. Therefore, read the
entire response in 2 steps and stop if the first few bytes indicate an
error response with no subsequent bytes readable. Read the rest in a 2nd
step, if needed. This avoids getting stuck while waiting for too many
bytes in case of an error. The 'getting stuck' condition has not been
observed in practice so far, though.

Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2615
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

tpm: Use new ptm_cap_n structure for PTM_GET_CAPABILITY

Use the new ptm_cap_n structure for getting the PTM_GET_CAPABILITY response
from swtpm. Previously only 17 bits could possibly have been set in ptm_cap
(uint64_t) in big endian order and those bits are now found in the 2nd
32bit word in the response in the caps field.

This data structure makes it now clear that the 1st 32bit word carries the
tpm_result like all the other response structures of all other commands
do.

The changes are taken from the swtpm project's tpm_ioctl.h.

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging

* tcg/s390x: Fix for TSTEQ/TSTNE
* target/i386: Fixes for IN and OUT with REX prefix
* target/i386: New CPUID features and logic fixes
* target/i386: Add support save/load HWCR MSR
* target/i386: Move more instructions to new decoder; separate decoding
  and IR generation
* target/i386/tcg: Use DPL-level accesses for interrupts and call gates
* accel/kvm: perform capability checks on VM file descriptor when necessary
* accel/kvm: dynamically sized kvm memslots array
* target/i386: fixes for Hyper-V
* docs/system: Add recommendations to Hyper-V enlightenments doc

# -----BEGIN PGP SIGNATURE-----
#
# iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmcRTIoUHHBib256aW5p
# QHJlZGhhdC5jb20ACgkQv/vSX3jHroMCewf8DnZbz7/0beql2YycrdPJZ3xnmfWW
# JenWKIThKHGWRTW2ODsac21n0TNXE0vsOYjw/Z/dNLO+72sLcqvmEB18+dpHAD2J
# ltb8OvuROc3nn64OEi08qIj7JYLmJ/osroI+6NnZrCOHo8nCirXoCHB7ZPqAE7/n
# yDnownWaduXmXt3+Vs1mpqlBklcClxaURDDEQ8CGsxjC3jW03cno6opJPZpJqk0t
# 6aX92vX+3lNhIlije3QESsDX0cP1CFnQmQlNNg/xzk+ZQO+vSRrPV+A/N9xf8m1b
# HiaCrlBWYef/sLgOHziOSrJV5/N8W0GDEVYDmpEswHE81BZxrOTZLxqzWw==
# =qwfc
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 17 Oct 2024 18:42:34 BST
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* tag 'for-upstream' of https://gitlab.com/bonzini/qemu: (26 commits)
  target/i386: Use only 16 and 32-bit operands for IN/OUT
  accel/kvm: check for KVM_CAP_MEMORY_ATTRIBUTES on vm
  accel/kvm: check for KVM_CAP_MULTI_ADDRESS_SPACE on vm
  accel/kvm: check for KVM_CAP_READONLY_MEM on VM
  target/i386/tcg: Use DPL-level accesses for interrupts and call gates
  KVM: Rename KVMState->nr_slots to nr_slots_max
  KVM: Rename KVMMemoryListener.nr_used_slots to nr_slots_used
  KVM: Define KVM_MEMSLOTS_NUM_MAX_DEFAULT
  KVM: Dynamic sized kvm memslots array
  target/i386: assert that cc_op* and pc_save are preserved
  target/i386: list instructions still in translate.c
  target/i386: do not check PREFIX_LOCK in old-style decoder
  target/i386: convert CMPXCHG8B/CMPXCHG16B to new decoder
  target/i386: decode address before going back to translate.c
  target/i386: convert bit test instructions to new decoder
  tcg/s390x: fix constraint for 32-bit TSTEQ/TSTNE
  docs/system: Add recommendations to Hyper-V enlightenments doc
  target/i386: Make sure SynIC state is really updated before KVM_RUN
  target/i386: Exclude 'hv-syndbg' from 'hv-passthrough'
  target/i386: Fix conditional CONFIG_SYNDBG enablement
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

target/i386: Use only 16 and 32-bit operands for IN/OUT

The REX.W prefix is ignored for these instructions.
Mirror the solution already used for INS/OUTS: X86_SIZE_z.

Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2581
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Cc: qemu-stable@nongnu.org
Link: https://lore.kernel.org/r/20241015004144.2111817-1-richard.henderson@linaro.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

accel/kvm: check for KVM_CAP_MEMORY_ATTRIBUTES on vm

The exact set of available memory attributes can vary by VM. In the
future it might vary depending on enabled capabilities, too. Query the
extension on the VM level instead of on the KVM level, and only after
architecture-specific initialization.

Inspired by an analogous patch by Tom Dohrmann.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

accel/kvm: check for KVM_CAP_MULTI_ADDRESS_SPACE on vm

KVM_CAP_MULTI_ADDRESS_SPACE used to be a global capability, but with the
introduction of AMD SEV-SNP confidential VMs, the number of address spaces
can vary by VM type.

Query the extension on the VM level instead of on the KVM level.

Inspired by an analogous patch by Tom Dohrmann.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

accel/kvm: check for KVM_CAP_READONLY_MEM on VM

KVM_CAP_READONLY_MEM used to be a global capability, but with the
introduction of AMD SEV-SNP confidential VMs, this extension is not
always available on all VM types [1,2].

Query the extension on the VM level instead of on the KVM level.

[1] https://patchwork.kernel.org/project/kvm/patch/20240809190319.1710470-2-seanjc@google.com/
[2] https://patchwork.kernel.org/project/kvm/patch/20240902144219.3716974-1-erbse.13@gmx.de/

Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Tom Dohrmann <erbse.13@gmx.de>
Link: https://lore.kernel.org/r/20240903062953.3926498-1-erbse.13@gmx.de
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

target/i386/tcg: Use DPL-level accesses for interrupts and call gates

Stack accesses should be explicit and use the privilege level of the
target stack. This ensures that SMAP is not applied when the target
stack is in ring 3.

This fixes a bug wherein i386/tcg assumed that an interrupt return, or a
far call using the CALL or JMP instruction, was always going from kernel
or user mode to kernel mode when using a call gate. This assumption is
violated if the call gate has a DPL that is greater than 0.

Analyzed-by: Robert R. Henry <rrh.henry@gmail.com>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/249
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

KVM: Rename KVMState->nr_slots to nr_slots_max

This value used to reflect the maximum supported memslots from KVM kernel.
Rename it to be clearer.

Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Link: https://lore.kernel.org/r/20240917163835.194664-5-peterx@redhat.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>