Hello community, here is the log from the commit of package qemu for openSUSE:Factory checked in at 2019-02-25 17:47:08 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/qemu (Old) and /work/SRC/openSUSE:Factory/.qemu.new.28833 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "qemu" Mon Feb 25 17:47:08 2019 rev:151 rq:678239 version:3.1.0 Changes: -------- --- /work/SRC/openSUSE:Factory/qemu/qemu-linux-user.changes 2019-02-04 21:25:08.527599451 +0100 +++ /work/SRC/openSUSE:Factory/.qemu.new.28833/qemu-linux-user.changes 2019-02-25 17:47:15.402860698 +0100 @@ -1,0 +2,9 @@ +Fri Feb 15 22:49:26 UTC 2019 - Bruce Rogers <[email protected]> + +- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1 +* Patches added: + 0058-Revert-target-i386-kvm-add-VMX-migr.patch + 0059-memory-Fix-the-memory-region-type-a.patch + 0060-target-i386-sev-Do-not-pin-the-ram-.patch + +------------------------------------------------------------------- --- /work/SRC/openSUSE:Factory/qemu/qemu-testsuite.changes 2019-02-04 21:25:08.595599434 +0100 +++ /work/SRC/openSUSE:Factory/.qemu.new.28833/qemu-testsuite.changes 2019-02-25 17:47:16.830860112 +0100 @@ -1,0 +2,43 @@ +Fri Feb 22 08:52:45 UTC 2019 - Guillaume GARDET <[email protected]> + +- Package and cross-build rom files for aarch64 from + SLE15/Leap15.0 to fix boo#1125964 +- Add patch to fix seabios cross-compilation: + * seabios-fix_cross_compilation.patch +- Add patch to fix sgabios cross-compilation: + * sgabios-fix-cross-build.patch + +------------------------------------------------------------------- +Thu Feb 21 14:07:37 UTC 2019 - Guillaume GARDET <[email protected]> + +- Fix _constraints to include all architectures for disk size + (fix aarch64) + +------------------------------------------------------------------- +Fri Feb 15 22:49:24 UTC 2019 - Bruce Rogers <[email protected]> + +- Revert upstream patch which declares x86 vmx feature a migration + blocker. Given the proliferation of using vm's with host features + passed through and the general knowledge that nested + virtualization has many usage caveats, but still gets put in use + in restricted scenarios, this patch did more harm than good, I + feel. So despite this relaxation, please consider yourself warned + that nested virtualization is not yet a supportable feature. + (bsc#1121604) + 0058-Revert-target-i386-kvm-add-VMX-migr.patch +- Fix SEV VM device assignment (bsc#1123205) + 0059-memory-Fix-the-memory-region-type-a.patch + 0060-target-i386-sev-Do-not-pin-the-ram-.patch +- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1 + +------------------------------------------------------------------- +Mon Feb 11 15:41:02 UTC 2019 - Bruce Rogers <[email protected]> + +- Remove 71-sev.rules, which modifies the default permissions of + /dev/sev by adding the kvm group as reader/writer. Upstream + decided to take a different approach for libvirt to manage SEV + due to security concerns which I agree overrides the convenience + of providing /dev/sev access to all the kvm group (bsc#1124842 + bsc#1102604) + +------------------------------------------------------------------- qemu.changes: same change Old: ---- 71-sev.rules New: ---- 0058-Revert-target-i386-kvm-add-VMX-migr.patch 0059-memory-Fix-the-memory-region-type-a.patch 0060-target-i386-sev-Do-not-pin-the-ram-.patch seabios-fix_cross_compilation.patch sgabios-fix-cross-build.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ qemu-linux-user.spec ++++++ --- /var/tmp/diff_new_pack.jAj23W/_old 2019-02-25 17:47:23.830857236 +0100 +++ /var/tmp/diff_new_pack.jAj23W/_new 2019-02-25 17:47:23.834857235 +0100 @@ -89,6 +89,9 @@ Patch0055: 0055-xen-Add-xen-v4.12-based-xc_domain_c.patch Patch0056: 0056-slirp-check-data-length-while-emula.patch Patch0057: 0057-s390x-Return-specification-exceptio.patch +Patch0058: 0058-Revert-target-i386-kvm-add-VMX-migr.patch +Patch0059: 0059-memory-Fix-the-memory-region-type-a.patch +Patch0060: 0060-target-i386-sev-Do-not-pin-the-ram-.patch # Please do not add QEMU patches manually here. # Run update_git.sh to regenerate this queue. ExcludeArch: s390 @@ -177,6 +180,9 @@ %patch0055 -p1 %patch0056 -p1 %patch0057 -p1 +%patch0058 -p1 +%patch0059 -p1 +%patch0060 -p1 %build ./configure \ ++++++ qemu-testsuite.spec ++++++ --- /var/tmp/diff_new_pack.jAj23W/_old 2019-02-25 17:47:23.850857229 +0100 +++ /var/tmp/diff_new_pack.jAj23W/_new 2019-02-25 17:47:23.854857226 +0100 @@ -23,13 +23,20 @@ %define legacy_qemu_kvm 0 %define force_fit_virtio_pxe_rom 1 +%if 0%{?suse_version} > 1315 +# cross-x86_64-gcc7 is available from SLE15/Leap15.0 +%define build_rom_arch %ix86 x86_64 aarch64 +%else +%define build_rom_arch %ix86 x86_64 +%endif + %if "%{?distribution}" == "" %define distro private-build %else %define distro %{distribution} %endif -%ifarch %ix86 x86_64 +%ifarch %{build_rom_arch} # choice of building all from source or using provided binary x86 blobs %if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 ) %define build_x86_firmware_from_source 1 @@ -118,7 +125,7 @@ Source99: https://wiki.qemu.org/download/%{srcname}-%{srcver}.tar.xz.sig Source100: %{srcname}.keyring Source1: 80-kvm.rules -Source2: 71-sev.rules +Source2: kvm.conf Source3: qemu-ifup Source4: bridge.conf Source5: qemu-kvm.1.gz @@ -126,11 +133,10 @@ Source7: [email protected] Source8: 80-qemu-ga.rules Source9: qemu-supportconfig -Source10: kvm.conf +Source10: supported.arm.txt Source11: supported.ppc.txt Source12: supported.x86.txt Source13: supported.s390.txt -Source14: supported.arm.txt # this is to make lint happy Source300: qemu-rpmlintrc Source301: ipxe-stub-out-the-SAN-req-s-in-int13.patch @@ -194,12 +200,16 @@ Patch0055: 0055-xen-Add-xen-v4.12-based-xc_domain_c.patch Patch0056: 0056-slirp-check-data-length-while-emula.patch Patch0057: 0057-s390x-Return-specification-exceptio.patch +Patch0058: 0058-Revert-target-i386-kvm-add-VMX-migr.patch +Patch0059: 0059-memory-Fix-the-memory-region-type-a.patch +Patch0060: 0060-target-i386-sev-Do-not-pin-the-ram-.patch # Please do not add QEMU patches manually here. # Run update_git.sh to regenerate this queue. # SeaBIOS / SeaVGABIOS - path: roms/seabios (patch range 1100-1199) Patch1100: seabios-use-python2-explicitly-as-needed.patch Patch1101: seabios-switch-to-python3-as-needed.patch +Patch1102: seabios-fix_cross_compilation.patch # ipxe - path: roms/ipxe (patch range 1200-1299) Patch1200: ipxe-stable-buildid.patch @@ -211,6 +221,7 @@ # sgabios - path: roms/sgabios (patch range 1300-1399) Patch1300: sgabios-stable-buildid.patch +Patch1301: sgabios-fix-cross-build.patch # SLOF - path: roms/SLOF (patch range 1400-1499) (Currently no patches) @@ -236,7 +247,13 @@ %endif BuildRequires: alsa-devel %if %{build_x86_firmware_from_source} +BuildRequires: acpica BuildRequires: binutils-devel +%ifnarch %{ix86} x86_64 +# We must cross-compile on non-x86* +BuildRequires: cross-x86_64-binutils +BuildRequires: cross-x86_64-gcc7 +%endif %endif BuildRequires: bluez-devel BuildRequires: brlapi-devel @@ -852,7 +869,7 @@ This package contains the QEMU guest agent. It is installed in the linux guest to provide information and control at the guest OS level. -%ifarch %ix86 x86_64 +%ifarch %{build_rom_arch} %package seabios Summary: x86 Legacy BIOS for QEMU Group: System/Emulators/PC @@ -981,12 +998,16 @@ %patch0055 -p1 %patch0056 -p1 %patch0057 -p1 +%patch0058 -p1 +%patch0059 -p1 +%patch0060 -p1 pushd roms/seabios %patch1100 -p1 %if 0%{?suse_version} > 1320 %patch1101 -p1 %endif +%patch1102 -p1 popd pushd roms/ipxe @@ -1002,6 +1023,7 @@ pushd roms/sgabios %patch1300 -p1 +%patch1301 -p1 popd pushd roms/SLOF @@ -1251,14 +1273,29 @@ %endif %if %{build_x86_firmware_from_source} -make %{?_smp_mflags} -C roms bios +%ifnarch %{ix86} x86_64 +export CC=x86_64-suse-linux-gcc +export LD=x86_64-suse-linux-ld +%endif + +make %{?_smp_mflags} -C roms bios \ +%ifnarch %ix86 x86_64 + HOSTCC=cc \ +%endif + +make %{?_smp_mflags} -C roms seavgabios \ +%ifnarch %ix86 x86_64 + HOSTCC=cc \ +%endif -make %{?_smp_mflags} -C roms seavgabios make %{?_smp_mflags} -C roms pxerom -%ifarch x86_64 + +%ifnarch %ix86 make %{?_smp_mflags} -C roms efirom %endif -make -C roms sgabios + +make -C roms sgabios \ + HOSTCC=cc %if %{force_fit_virtio_pxe_rom} pushd roms/ipxe @@ -1345,7 +1382,7 @@ touch -r config-host.mak pc-bios make install DESTDIR=%{buildroot} -%ifnarch %ix86 x86_64 +%ifnarch %{build_rom_arch} for f in %{x86_extra_built_firmware_list} \ %{x86_64_only_extra_built_firmware_list}; do unlink %{buildroot}%_datadir/%name/$f @@ -1360,10 +1397,10 @@ mkdir -p %{buildroot}%_libexecdir/supportconfig/plugins install -D -m 0755 %{SOURCE9} %{buildroot}%_libexecdir/supportconfig/plugins/%name %if 0%{?is_opensuse} == 0 +install -D -m 0644 %{SOURCE10} %{buildroot}%_docdir/qemu-arm/supported.txt install -D -m 0644 %{SOURCE11} %{buildroot}%_docdir/qemu-ppc/supported.txt install -D -m 0644 %{SOURCE12} %{buildroot}%_docdir/qemu-x86/supported.txt install -D -m 0644 %{SOURCE13} %{buildroot}%_docdir/qemu-s390/supported.txt -install -D -m 0644 %{SOURCE14} %{buildroot}%_docdir/qemu-arm/supported.txt %endif %if %{legacy_qemu_kvm} cat > %{buildroot}%_bindir/qemu-kvm << 'EOF' @@ -1387,9 +1424,6 @@ %endif %endif %if %{kvm_available} -%ifarch %ix86 x86_64 -install -D -m 0644 %{SOURCE2} %{buildroot}%{_udevrulesdir}/71-sev.rules -%endif install -D -m 0644 %{SOURCE1} %{buildroot}%{_udevrulesdir}/80-kvm.rules %endif install -D -p -m 0644 %{SOURCE7} %{buildroot}%{_unitdir}/[email protected] @@ -1397,7 +1431,7 @@ install -D -p -m 0644 %{SOURCE6} %{buildroot}%{_unitdir}/ksm.service %endif %ifarch s390x -install -D -m 0644 %{SOURCE10} %{buildroot}%_libexecdir/modules-load.d/kvm.conf +install -D -m 0644 %{SOURCE2} %{buildroot}%_libexecdir/modules-load.d/kvm.conf %endif %fdupes -s %{buildroot} @@ -1429,9 +1463,6 @@ fi %endif %udev_rules_update - %ifarch %ix86 x86_64 - %_bindir/udevadm trigger -y sev || : - %endif %_bindir/udevadm trigger -y kvm || : %ifarch s390x sysctl vm.allocate_pgste=1 || : @@ -1508,9 +1539,6 @@ %dir %_libexecdir/supportconfig/plugins %_libexecdir/supportconfig/plugins/%name %if %{kvm_available} -%ifarch %ix86 x86_64 -%{_udevrulesdir}/71-sev.rules -%endif %{_udevrulesdir}/80-kvm.rules %ifarch s390x %_libexecdir/modules-load.d/kvm.conf @@ -1699,7 +1727,7 @@ %files lang -f %name.lang %defattr(-, root, root) -%ifarch %ix86 x86_64 +%ifarch %{build_rom_arch} %files seabios %defattr(-, root, root) %dir %_datadir/%name ++++++ qemu.spec ++++++ --- /var/tmp/diff_new_pack.jAj23W/_old 2019-02-25 17:47:23.870857220 +0100 +++ /var/tmp/diff_new_pack.jAj23W/_new 2019-02-25 17:47:23.874857218 +0100 @@ -23,13 +23,20 @@ %define legacy_qemu_kvm 0 %define force_fit_virtio_pxe_rom 1 +%if 0%{?suse_version} > 1315 +# cross-x86_64-gcc7 is available from SLE15/Leap15.0 +%define build_rom_arch %ix86 x86_64 aarch64 +%else +%define build_rom_arch %ix86 x86_64 +%endif + %if "%{?distribution}" == "" %define distro private-build %else %define distro %{distribution} %endif -%ifarch %ix86 x86_64 +%ifarch %{build_rom_arch} # choice of building all from source or using provided binary x86 blobs %if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 ) %define build_x86_firmware_from_source 1 @@ -118,7 +125,7 @@ Source99: https://wiki.qemu.org/download/%{srcname}-%{srcver}.tar.xz.sig Source100: %{srcname}.keyring Source1: 80-kvm.rules -Source2: 71-sev.rules +Source2: kvm.conf Source3: qemu-ifup Source4: bridge.conf Source5: qemu-kvm.1.gz @@ -126,11 +133,10 @@ Source7: [email protected] Source8: 80-qemu-ga.rules Source9: qemu-supportconfig -Source10: kvm.conf +Source10: supported.arm.txt Source11: supported.ppc.txt Source12: supported.x86.txt Source13: supported.s390.txt -Source14: supported.arm.txt # this is to make lint happy Source300: qemu-rpmlintrc Source301: ipxe-stub-out-the-SAN-req-s-in-int13.patch @@ -194,12 +200,16 @@ Patch0055: 0055-xen-Add-xen-v4.12-based-xc_domain_c.patch Patch0056: 0056-slirp-check-data-length-while-emula.patch Patch0057: 0057-s390x-Return-specification-exceptio.patch +Patch0058: 0058-Revert-target-i386-kvm-add-VMX-migr.patch +Patch0059: 0059-memory-Fix-the-memory-region-type-a.patch +Patch0060: 0060-target-i386-sev-Do-not-pin-the-ram-.patch # Please do not add QEMU patches manually here. # Run update_git.sh to regenerate this queue. # SeaBIOS / SeaVGABIOS - path: roms/seabios (patch range 1100-1199) Patch1100: seabios-use-python2-explicitly-as-needed.patch Patch1101: seabios-switch-to-python3-as-needed.patch +Patch1102: seabios-fix_cross_compilation.patch # ipxe - path: roms/ipxe (patch range 1200-1299) Patch1200: ipxe-stable-buildid.patch @@ -211,6 +221,7 @@ # sgabios - path: roms/sgabios (patch range 1300-1399) Patch1300: sgabios-stable-buildid.patch +Patch1301: sgabios-fix-cross-build.patch # SLOF - path: roms/SLOF (patch range 1400-1499) (Currently no patches) @@ -236,7 +247,13 @@ %endif BuildRequires: alsa-devel %if %{build_x86_firmware_from_source} +BuildRequires: acpica BuildRequires: binutils-devel +%ifnarch %{ix86} x86_64 +# We must cross-compile on non-x86* +BuildRequires: cross-x86_64-binutils +BuildRequires: cross-x86_64-gcc7 +%endif %endif BuildRequires: bluez-devel BuildRequires: brlapi-devel @@ -852,7 +869,7 @@ This package contains the QEMU guest agent. It is installed in the linux guest to provide information and control at the guest OS level. -%ifarch %ix86 x86_64 +%ifarch %{build_rom_arch} %package seabios Summary: x86 Legacy BIOS for QEMU Group: System/Emulators/PC @@ -981,12 +998,16 @@ %patch0055 -p1 %patch0056 -p1 %patch0057 -p1 +%patch0058 -p1 +%patch0059 -p1 +%patch0060 -p1 pushd roms/seabios %patch1100 -p1 %if 0%{?suse_version} > 1320 %patch1101 -p1 %endif +%patch1102 -p1 popd pushd roms/ipxe @@ -1002,6 +1023,7 @@ pushd roms/sgabios %patch1300 -p1 +%patch1301 -p1 popd pushd roms/SLOF @@ -1251,14 +1273,29 @@ %endif %if %{build_x86_firmware_from_source} -make %{?_smp_mflags} -C roms bios +%ifnarch %{ix86} x86_64 +export CC=x86_64-suse-linux-gcc +export LD=x86_64-suse-linux-ld +%endif + +make %{?_smp_mflags} -C roms bios \ +%ifnarch %ix86 x86_64 + HOSTCC=cc \ +%endif + +make %{?_smp_mflags} -C roms seavgabios \ +%ifnarch %ix86 x86_64 + HOSTCC=cc \ +%endif -make %{?_smp_mflags} -C roms seavgabios make %{?_smp_mflags} -C roms pxerom -%ifarch x86_64 + +%ifnarch %ix86 make %{?_smp_mflags} -C roms efirom %endif -make -C roms sgabios + +make -C roms sgabios \ + HOSTCC=cc %if %{force_fit_virtio_pxe_rom} pushd roms/ipxe @@ -1345,7 +1382,7 @@ touch -r config-host.mak pc-bios make install DESTDIR=%{buildroot} -%ifnarch %ix86 x86_64 +%ifnarch %{build_rom_arch} for f in %{x86_extra_built_firmware_list} \ %{x86_64_only_extra_built_firmware_list}; do unlink %{buildroot}%_datadir/%name/$f @@ -1360,10 +1397,10 @@ mkdir -p %{buildroot}%_libexecdir/supportconfig/plugins install -D -m 0755 %{SOURCE9} %{buildroot}%_libexecdir/supportconfig/plugins/%name %if 0%{?is_opensuse} == 0 +install -D -m 0644 %{SOURCE10} %{buildroot}%_docdir/qemu-arm/supported.txt install -D -m 0644 %{SOURCE11} %{buildroot}%_docdir/qemu-ppc/supported.txt install -D -m 0644 %{SOURCE12} %{buildroot}%_docdir/qemu-x86/supported.txt install -D -m 0644 %{SOURCE13} %{buildroot}%_docdir/qemu-s390/supported.txt -install -D -m 0644 %{SOURCE14} %{buildroot}%_docdir/qemu-arm/supported.txt %endif %if %{legacy_qemu_kvm} cat > %{buildroot}%_bindir/qemu-kvm << 'EOF' @@ -1387,9 +1424,6 @@ %endif %endif %if %{kvm_available} -%ifarch %ix86 x86_64 -install -D -m 0644 %{SOURCE2} %{buildroot}%{_udevrulesdir}/71-sev.rules -%endif install -D -m 0644 %{SOURCE1} %{buildroot}%{_udevrulesdir}/80-kvm.rules %endif install -D -p -m 0644 %{SOURCE7} %{buildroot}%{_unitdir}/[email protected] @@ -1397,7 +1431,7 @@ install -D -p -m 0644 %{SOURCE6} %{buildroot}%{_unitdir}/ksm.service %endif %ifarch s390x -install -D -m 0644 %{SOURCE10} %{buildroot}%_libexecdir/modules-load.d/kvm.conf +install -D -m 0644 %{SOURCE2} %{buildroot}%_libexecdir/modules-load.d/kvm.conf %endif %fdupes -s %{buildroot} @@ -1429,9 +1463,6 @@ fi %endif %udev_rules_update - %ifarch %ix86 x86_64 - %_bindir/udevadm trigger -y sev || : - %endif %_bindir/udevadm trigger -y kvm || : %ifarch s390x sysctl vm.allocate_pgste=1 || : @@ -1508,9 +1539,6 @@ %dir %_libexecdir/supportconfig/plugins %_libexecdir/supportconfig/plugins/%name %if %{kvm_available} -%ifarch %ix86 x86_64 -%{_udevrulesdir}/71-sev.rules -%endif %{_udevrulesdir}/80-kvm.rules %ifarch s390x %_libexecdir/modules-load.d/kvm.conf @@ -1699,7 +1727,7 @@ %files lang -f %name.lang %defattr(-, root, root) -%ifarch %ix86 x86_64 +%ifarch %{build_rom_arch} %files seabios %defattr(-, root, root) %dir %_datadir/%name ++++++ 0058-Revert-target-i386-kvm-add-VMX-migr.patch ++++++ From: Bruce Rogers <[email protected]> Date: Fri, 15 Feb 2019 15:12:04 -0700 Subject: Revert "target/i386: kvm: add VMX migration blocker" This reverts commit d98f26073bebddcd3da0ba1b86c3a34e840c0fb8. Here is some text explaining the revert: I've thought about this some more, and with upstream discussions about it having stagnated, at this point I think the best solution is to revert the patch which considers it a migration blocker to have the vmx feature enabled. It's worth noting that not only are migrations blocked, but saving of the vm state via save/restore and snapshots. Given that it is still widely known that Nested Virtualization is not supported by SUSE and other vendors, but is still used by quite a few people who understand that there are caveats with it's usage, I believe this migration blocker is more hurtful than helpful. The fact that as of the v4.20 kernel, nested virtualization is enabled by default (for vmx), was partly why the patch was added in the first place. But my perspective is that perhaps enabling nested was still a bit premature. I will make sure our qemu changelog explains that despite removing that migration blocker, the user is warned that nested virtualization is still a "use at your own risk feature". [BR: BSC#1121604] Signed-off-by: Bruce Rogers <[email protected]> --- target/i386/kvm.c | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/target/i386/kvm.c b/target/i386/kvm.c index b2401d13ea..f97bfc164d 100644 --- a/target/i386/kvm.c +++ b/target/i386/kvm.c @@ -855,7 +855,6 @@ static int hyperv_init_vcpu(X86CPU *cpu) } static Error *invtsc_mig_blocker; -static Error *vmx_mig_blocker; #define KVM_MAX_CPUID_ENTRIES 100 @@ -1248,17 +1247,6 @@ int kvm_arch_init_vcpu(CPUState *cs) !!(c->ecx & CPUID_EXT_SMX); } - if ((env->features[FEAT_1_ECX] & CPUID_EXT_VMX) && !vmx_mig_blocker) { - error_setg(&vmx_mig_blocker, - "Nested VMX virtualization does not support live migration yet"); - r = migrate_add_blocker(vmx_mig_blocker, &local_err); - if (local_err) { - error_report_err(local_err); - error_free(vmx_mig_blocker); - return r; - } - } - if (env->mcg_cap & MCG_LMCE_P) { has_msr_mcg_ext_ctl = has_msr_feature_control = true; } ++++++ 0059-memory-Fix-the-memory-region-type-a.patch ++++++ From: "Singh, Brijesh" <[email protected]> Date: Fri, 15 Feb 2019 14:22:21 -0700 Subject: memory: Fix the memory region type assignment order Currently, a callback registered through the RAMBlock notifier is not able to get the memory region type (i.e callback is not able to use memory_region_is_ram_device function). This is because mr->ram assignment happens _after_ the memory is allocated whereas the callback is executed during allocation. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1667249 Suggested-by: Alex Williamson <[email protected]> Cc: Paolo Bonzini <[email protected]> Reviewed-by: Alex Williamson <[email protected]> Signed-off-by: Brijesh Singh <[email protected]> [BSC#1123205] Signed-off-by: Bruce Rogers <[email protected]> --- memory.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/memory.c b/memory.c index d14c6dec1d..d1b68fdae8 100644 --- a/memory.c +++ b/memory.c @@ -1605,10 +1605,17 @@ void memory_region_init_ram_device_ptr(MemoryRegion *mr, uint64_t size, void *ptr) { - memory_region_init_ram_ptr(mr, owner, name, size, ptr); + memory_region_init(mr, owner, name, size); + mr->ram = true; + mr->terminates = true; mr->ram_device = true; mr->ops = &ram_device_mem_ops; mr->opaque = mr; + mr->destructor = memory_region_destructor_ram; + mr->dirty_log_mask = tcg_enabled() ? (1 << DIRTY_MEMORY_CODE) : 0; + /* qemu_ram_alloc_from_ptr cannot fail with ptr != NULL. */ + assert(ptr != NULL); + mr->ram_block = qemu_ram_alloc_from_ptr(size, ptr, mr, &error_fatal); } void memory_region_init_alias(MemoryRegion *mr, ++++++ 0060-target-i386-sev-Do-not-pin-the-ram-.patch ++++++ From: "Singh, Brijesh" <[email protected]> Date: Fri, 15 Feb 2019 14:24:21 -0700 Subject: target/i386: sev: Do not pin the ram device memory region The RAM device presents a memory region that should be handled as an IO region and should not be pinned. In the case of the vfio-pci, RAM device represents a MMIO BAR and the memory region is not backed by pages hence KVM_MEMORY_ENCRYPT_REG_REGION fails to lock the memory range. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1667249 Cc: Alex Williamson <[email protected]> Cc: Paolo Bonzini <[email protected]> Signed-off-by: Brijesh Singh <[email protected]> [BSC#1123205] Signed-off-by: Bruce Rogers <[email protected]> --- target/i386/sev.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/target/i386/sev.c b/target/i386/sev.c index 2395171acf..7d6f4032d6 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -130,6 +130,17 @@ sev_ram_block_added(RAMBlockNotifier *n, void *host, size_t size) { int r; struct kvm_enc_region range; + ram_addr_t offset; + MemoryRegion *mr; + + /* + * The RAM device presents a memory region that should be treated + * as IO region and should not be pinned. + */ + mr = memory_region_from_host(host, &offset); + if (mr && memory_region_is_ram_device(mr)) { + return; + } range.addr = (__u64)(unsigned long)host; range.size = size; ++++++ _constraints ++++++ --- /var/tmp/diff_new_pack.jAj23W/_old 2019-02-25 17:47:24.038857151 +0100 +++ /var/tmp/diff_new_pack.jAj23W/_new 2019-02-25 17:47:24.038857151 +0100 @@ -2,11 +2,6 @@ <!-- All builds are fine with 8GB disk --> <overwrite> <conditions> - <arch>i586</arch> - <arch>x86_64</arch> - <arch>ppc64</arch> - <arch>ppc64le</arch> - <arch>s390x</arch> <package>qemu</package> <package>qemu-linux-user</package> <package>qemu-testsuite</package> ++++++ qemu.spec.in ++++++ --- /var/tmp/diff_new_pack.jAj23W/_old 2019-02-25 17:47:24.166857099 +0100 +++ /var/tmp/diff_new_pack.jAj23W/_new 2019-02-25 17:47:24.166857099 +0100 @@ -23,13 +23,20 @@ %define legacy_qemu_kvm 0 %define force_fit_virtio_pxe_rom 1 +%if 0%{?suse_version} > 1315 +# cross-x86_64-gcc7 is available from SLE15/Leap15.0 +%define build_rom_arch %ix86 x86_64 aarch64 +%else +%define build_rom_arch %ix86 x86_64 +%endif + %if "%{?distribution}" == "" %define distro private-build %else %define distro %{distribution} %endif -%ifarch %ix86 x86_64 +%ifarch %{build_rom_arch} # choice of building all from source or using provided binary x86 blobs %if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120100 ) %define build_x86_firmware_from_source 1 @@ -115,7 +122,7 @@ Source: https://wiki.qemu.org/download/%{srcname}-%{srcver}.tar.xz Source100: %{srcname}.keyring Source1: 80-kvm.rules -Source2: 71-sev.rules +Source2: kvm.conf Source3: qemu-ifup Source4: bridge.conf Source5: qemu-kvm.1.gz @@ -123,11 +130,10 @@ Source7: [email protected] Source8: 80-qemu-ga.rules Source9: qemu-supportconfig -Source10: kvm.conf +Source10: supported.arm.txt Source11: supported.ppc.txt Source12: supported.x86.txt Source13: supported.s390.txt -Source14: supported.arm.txt # this is to make lint happy Source300: qemu-rpmlintrc Source301: ipxe-stub-out-the-SAN-req-s-in-int13.patch @@ -141,6 +147,7 @@ # SeaBIOS / SeaVGABIOS - path: roms/seabios (patch range 1100-1199) Patch1100: seabios-use-python2-explicitly-as-needed.patch Patch1101: seabios-switch-to-python3-as-needed.patch +Patch1102: seabios-fix_cross_compilation.patch # ipxe - path: roms/ipxe (patch range 1200-1299) Patch1200: ipxe-stable-buildid.patch @@ -152,6 +159,7 @@ # sgabios - path: roms/sgabios (patch range 1300-1399) Patch1300: sgabios-stable-buildid.patch +Patch1301: sgabios-fix-cross-build.patch # SLOF - path: roms/SLOF (patch range 1400-1499) (Currently no patches) @@ -177,7 +185,13 @@ %endif BuildRequires: alsa-devel %if %{build_x86_firmware_from_source} +BuildRequires: acpica BuildRequires: binutils-devel +%ifnarch %{ix86} x86_64 +# We must cross-compile on non-x86* +BuildRequires: cross-x86_64-binutils +BuildRequires: cross-x86_64-gcc7 +%endif %endif BuildRequires: bluez-devel BuildRequires: brlapi-devel @@ -793,7 +807,7 @@ This package contains the QEMU guest agent. It is installed in the linux guest to provide information and control at the guest OS level. -%ifarch %ix86 x86_64 +%ifarch %{build_rom_arch} %package seabios Summary: x86 Legacy BIOS for QEMU Group: System/Emulators/PC @@ -872,6 +886,7 @@ %if 0%{?suse_version} > 1320 %patch1101 -p1 %endif +%patch1102 -p1 popd pushd roms/ipxe @@ -887,6 +902,7 @@ pushd roms/sgabios %patch1300 -p1 +%patch1301 -p1 popd pushd roms/SLOF @@ -1136,14 +1152,30 @@ %endif %if %{build_x86_firmware_from_source} -make %{?_smp_mflags} -C roms bios +%ifnarch %{ix86} x86_64 +export CC=x86_64-suse-linux-gcc +export LD=x86_64-suse-linux-ld +%endif + +make %{?_smp_mflags} -C roms bios \ +%ifnarch %ix86 x86_64 + HOSTCC=cc \ +%endif + +make %{?_smp_mflags} -C roms seavgabios \ +%ifnarch %ix86 x86_64 + HOSTCC=cc \ +%endif -make %{?_smp_mflags} -C roms seavgabios make %{?_smp_mflags} -C roms pxerom -%ifarch x86_64 + +%ifnarch %ix86 make %{?_smp_mflags} -C roms efirom %endif -make -C roms sgabios + +make -C roms sgabios \ + HOSTCC=cc + %if %{force_fit_virtio_pxe_rom} pushd roms/ipxe @@ -1230,7 +1262,7 @@ touch -r config-host.mak pc-bios make install DESTDIR=%{buildroot} -%ifnarch %ix86 x86_64 +%ifnarch %{build_rom_arch} for f in %{x86_extra_built_firmware_list} \ %{x86_64_only_extra_built_firmware_list}; do unlink %{buildroot}%_datadir/%name/$f @@ -1245,10 +1277,10 @@ mkdir -p %{buildroot}%_libexecdir/supportconfig/plugins install -D -m 0755 %{SOURCE9} %{buildroot}%_libexecdir/supportconfig/plugins/%name %if 0%{?is_opensuse} == 0 +install -D -m 0644 %{SOURCE10} %{buildroot}%_docdir/qemu-arm/supported.txt install -D -m 0644 %{SOURCE11} %{buildroot}%_docdir/qemu-ppc/supported.txt install -D -m 0644 %{SOURCE12} %{buildroot}%_docdir/qemu-x86/supported.txt install -D -m 0644 %{SOURCE13} %{buildroot}%_docdir/qemu-s390/supported.txt -install -D -m 0644 %{SOURCE14} %{buildroot}%_docdir/qemu-arm/supported.txt %endif %if %{legacy_qemu_kvm} cat > %{buildroot}%_bindir/qemu-kvm << 'EOF' @@ -1272,9 +1304,6 @@ %endif %endif %if %{kvm_available} -%ifarch %ix86 x86_64 -install -D -m 0644 %{SOURCE2} %{buildroot}%{_udevrulesdir}/71-sev.rules -%endif install -D -m 0644 %{SOURCE1} %{buildroot}%{_udevrulesdir}/80-kvm.rules %endif install -D -p -m 0644 %{SOURCE7} %{buildroot}%{_unitdir}/[email protected] @@ -1282,7 +1311,7 @@ install -D -p -m 0644 %{SOURCE6} %{buildroot}%{_unitdir}/ksm.service %endif %ifarch s390x -install -D -m 0644 %{SOURCE10} %{buildroot}%_libexecdir/modules-load.d/kvm.conf +install -D -m 0644 %{SOURCE2} %{buildroot}%_libexecdir/modules-load.d/kvm.conf %endif %fdupes -s %{buildroot} @@ -1314,9 +1343,6 @@ fi %endif %udev_rules_update - %ifarch %ix86 x86_64 - %_bindir/udevadm trigger -y sev || : - %endif %_bindir/udevadm trigger -y kvm || : %ifarch s390x sysctl vm.allocate_pgste=1 || : @@ -1393,9 +1419,6 @@ %dir %_libexecdir/supportconfig/plugins %_libexecdir/supportconfig/plugins/%name %if %{kvm_available} -%ifarch %ix86 x86_64 -%{_udevrulesdir}/71-sev.rules -%endif %{_udevrulesdir}/80-kvm.rules %ifarch s390x %_libexecdir/modules-load.d/kvm.conf @@ -1584,7 +1607,7 @@ %files lang -f %name.lang %defattr(-, root, root) -%ifarch %ix86 x86_64 +%ifarch %{build_rom_arch} %files seabios %defattr(-, root, root) %dir %_datadir/%name ++++++ seabios-fix_cross_compilation.patch ++++++ --- a/Makefile 2019-02-20 17:45:15.458665862 +0100 +++ b/Makefile 2019-02-20 17:45:01.578593929 +0100 @@ -13,7 +13,7 @@ export CONFIG_SHELL := sh export KCONFIG_AUTOHEADER := autoconf.h export KCONFIG_CONFIG := $(CURDIR)/.config export LC_ALL := C -CROSS_PREFIX= +CROSS_PREFIX=$(CROSS_COMPILE) ifneq ($(CROSS_PREFIX),) CC=$(CROSS_PREFIX)gcc endif ++++++ sgabios-fix-cross-build.patch ++++++ --- a/Makefile 2019-02-22 09:46:54.768180093 +0100 +++ b/Makefile 2019-02-22 09:47:05.544250815 +0100 @@ -55,7 +55,7 @@ sgabios.elf: .depend $(OBJS) $(LDSCRIPT) $(LD) $(LDFLAGS) $(OBJS) -o $@ csum8: csum8.c - $(CC) -Wall -O2 -o $@ $< + $(HOSTCC) -Wall -O2 -o $@ $< sgabios.o: buildinfo
