Re: [PATCH v2] audio/jack: fix use after free segfault
Hi, > > > schedule a bottom half calling qjack_client_fini() > > > > Does QEMU have such a mechanism for doing this? > > There could also be a possible race here if `jack_client_connect` is called > before the scheduled shutdown takes place. You can cancel a scheduled bottom half, and checking ->state on connect should tell you whenever this is needed or not. I think you can even just cancel unconditionally (when not scheduled the cancel is a nop). HTH, Gerd
Re: [PATCH] hw: dev-wacom: Support wacom tablet emulation in linux qemu
Hi, > > > Have another small question. Do you know how force show cursor working > > > in this case? > > > > Which display and which vga do you use? > > -vga std \ So stdvga (has no hardware cursor support). display not specified, so it is the default. i.e. gtk or sdl depending on what configure finds. > But I need to use the framebuffer. So what happens for instance in > software like ts_calibrate you can not see the cursor Does -vga virtio work better? take care, Gerd
RE: device compatibility interface for live migration with assigned devices
> From: Yan Zhao
> Sent: Wednesday, August 19, 2020 9:01 AM
> On Tue, Aug 18, 2020 at 09:39:24AM +, Parav Pandit wrote:
> > Please refer to my previous email which has more example and details.
> hi Parav,
> the example is based on a new vdpa tool running over netlink, not based on
> devlink, right?
Right.
> For vfio migration compatibility, we have to deal with both mdev and physical
> pci devices, I don't think it's a good idea to write a new tool for it, given
> we are
> able to retrieve the same info from sysfs and there's already an mdevctl from
mdev attribute should be visible in the mdev's sysfs tree.
I do not propose to write a new mdev tool over netlink. I am sorry if I implied
that with my suggestion of vdpa tool.
If underlying device is vdpa, mdev might be able to understand vdpa device and
query from it and populate in mdev sysfs tree.
The vdpa tool I propose is usable even without mdevs.
vdpa tool's role is to create one or more vdpa devices and place on the "vdpa"
bus which is the lowest layer here.
Additionally this tool let user query virtqueue stats, db stats.
When a user creates vdpa net device, user may need to configure features of the
vdpa device such as VIRTIO_NET_F_MAC, default VIRTIO_NET_F_MTU.
These are vdpa level features, attributes. Mdev is layer above it.
> Alex
> (https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.
> com%2Fmdevctl%2Fmdevctldata=02%7C01%7Cparav%40nvidia.com%7C
> 0c2691d430304f5ea11308d843f2d84e%7C43083d15727340c1b7db39efd9ccc17
> a%7C0%7C0%7C637334057571911357sdata=KxH7PwxmKyy9JODut8BWr
> LQyOBylW00%2Fyzc4rEvjUvA%3Dreserved=0).
>
Sorry for above link mangling. Our mail server is still transitioning due to
company acquisition.
I am less familiar on below points to comment.
> hi All,
> could we decide that sysfs is the interface that every VFIO vendor driver
> needs
> to provide in order to support vfio live migration, otherwise the userspace
> management tool would not list the device into the compatible list?
>
> if that's true, let's move to the standardizing of the sysfs interface.
> (1) content
> common part: (must)
>- software_version: (in major.minor.bugfix scheme)
>- device_api: vfio-pci or vfio-ccw ...
>- type: mdev type for mdev device or
>a signature for physical device which is a counterpart for
> mdev type.
>
> device api specific part: (must)
> - pci id: pci id of mdev parent device or pci id of physical pci
> device (device_api is vfio-pci)
> - subchannel_type (device_api is vfio-ccw)
>
> vendor driver specific part: (optional)
> - aggregator
> - chpid_type
> - remote_url
>
> NOTE: vendors are free to add attributes in this part with a restriction that
> this
> attribute is able to be configured with the same name in sysfs too. e.g.
> for aggregator, there must be a sysfs attribute in device node
> /sys/devices/pci:00/:00:02.0/882cc4da-dede-11e7-9180-
> 078a62063ab1/intel_vgpu/aggregator,
> so that the userspace tool is able to configure the target device according to
> source device's aggregator attribute.
>
>
> (2) where and structure
> proposal 1:
> |- [path to device]
> |--- migration
> | |--- self
> | ||-software_version
> | ||-device_api
> | ||-type
> | ||-[pci_id or subchannel_type]
> | ||-
> | |--- compatible
> | ||-software_version
> | ||-device_api
> | ||-type
> | ||-[pci_id or subchannel_type]
> | ||-
> multiple compatible is allowed.
> attributes should be ASCII text files, preferably with only one value per
> file.
>
>
> proposal 2: use bin_attribute.
> |- [path to device]
> |--- migration
> | |--- self
> | |--- compatible
>
> so we can continue use multiline format. e.g.
> cat compatible
> software_version=0.1.0
> device_api=vfio_pci
> type=i915-GVTg_V5_{val1:int:1,2,4,8}
> pci_id=80865963
> aggregator={val1}/2
>
> Thanks
> Yan
[PULL 08/17] hw/usb: Add U2F key base class implementation
From: César Belley
This patch adds the U2F key base class implementation.
The U2F key base mainly takes care of the HID interfacing with guest.
On the one hand, it retrieves the guest U2FHID packets and transmits
them to the variant associated according to the mode: pass-through
or emulated.
On the other hand, it provides the public API used by its variants to
send U2FHID packets to the guest.
Signed-off-by: César Belley
Message-id: 20200812094135.20550-5-cesar.bel...@lse.epita.fr
Signed-off-by: Gerd Hoffmann
---
hw/usb/u2f.c | 352 +++
1 file changed, 352 insertions(+)
create mode 100644 hw/usb/u2f.c
diff --git a/hw/usb/u2f.c b/hw/usb/u2f.c
new file mode 100644
index ..bc09191f063e
--- /dev/null
+++ b/hw/usb/u2f.c
@@ -0,0 +1,352 @@
+/*
+ * U2F USB device.
+ *
+ * Copyright (c) 2020 César Belley
+ * Written by César Belley
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to
deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/module.h"
+#include "qapi/error.h"
+#include "hw/usb.h"
+#include "hw/usb/hid.h"
+#include "migration/vmstate.h"
+#include "desc.h"
+
+#include "u2f.h"
+
+/* U2F key Vendor / Product */
+#define U2F_KEY_VENDOR_NUM 0x46f4 /* CRC16() of "QEMU" */
+#define U2F_KEY_PRODUCT_NUM0x0005
+
+enum {
+STR_MANUFACTURER = 1,
+STR_PRODUCT,
+STR_SERIALNUMBER,
+STR_CONFIG,
+STR_INTERFACE
+};
+
+static const USBDescStrings desc_strings = {
+[STR_MANUFACTURER] = "QEMU",
+[STR_PRODUCT] = "U2F USB key",
+[STR_SERIALNUMBER] = "0",
+[STR_CONFIG] = "U2F key config",
+[STR_INTERFACE]= "U2F key interface"
+};
+
+static const USBDescIface desc_iface_u2f_key = {
+.bInterfaceNumber = 0,
+.bNumEndpoints = 2,
+.bInterfaceClass = USB_CLASS_HID,
+.bInterfaceSubClass= 0x0,
+.bInterfaceProtocol= 0x0,
+.ndesc = 1,
+.descs = (USBDescOther[]) {
+{
+/* HID descriptor */
+.data = (uint8_t[]) {
+0x09, /* u8 bLength */
+USB_DT_HID,/* u8 bDescriptorType */
+0x10, 0x01,/* u16 HID_class */
+0x00, /* u8 country_code */
+0x01, /* u8 num_descriptors */
+USB_DT_REPORT, /* u8 type: Report */
+0x22, 0, /* u16 len */
+},
+},
+},
+.eps = (USBDescEndpoint[]) {
+{
+.bEndpointAddress = USB_DIR_IN | 0x01,
+.bmAttributes = USB_ENDPOINT_XFER_INT,
+.wMaxPacketSize= U2FHID_PACKET_SIZE,
+.bInterval = 0x05,
+}, {
+.bEndpointAddress = USB_DIR_OUT | 0x01,
+.bmAttributes = USB_ENDPOINT_XFER_INT,
+.wMaxPacketSize= U2FHID_PACKET_SIZE,
+.bInterval = 0x05,
+},
+},
+
+};
+
+static const USBDescDevice desc_device_u2f_key = {
+.bcdUSB= 0x0100,
+.bMaxPacketSize0 = U2FHID_PACKET_SIZE,
+.bNumConfigurations= 1,
+.confs = (USBDescConfig[]) {
+{
+.bNumInterfaces= 1,
+.bConfigurationValue = 1,
+.iConfiguration= STR_CONFIG,
+.bmAttributes = USB_CFG_ATT_ONE,
+.bMaxPower = 15,
+.nif = 1,
+.ifs = _iface_u2f_key,
+},
+},
+};
+
+static const USBDesc desc_u2f_key = {
+.id = {
+.idVendor = U2F_KEY_VENDOR_NUM,
+.idProduct = U2F_KEY_PRODUCT_NUM,
+.bcdDevice = 0,
+.iManufacturer = STR_MANUFACTURER,
+.iProduct = STR_PRODUCT,
+.iSerialNumber = STR_SERIALNUMBER,
+},
+.full =
[PULL 06/17] docs: Add USB U2F key device documentation
From: César Belley Add USB U2F key device documentation: - USB U2F key device - Building - Using u2f-emulated - Using u2f-passthru - Libu2f-emu Signed-off-by: César Belley Message-id: 20200812094135.20550-3-cesar.bel...@lse.epita.fr Signed-off-by: Gerd Hoffmann --- docs/u2f.txt | 101 +++ 1 file changed, 101 insertions(+) create mode 100644 docs/u2f.txt diff --git a/docs/u2f.txt b/docs/u2f.txt new file mode 100644 index ..f60052882ec3 --- /dev/null +++ b/docs/u2f.txt @@ -0,0 +1,101 @@ +QEMU U2F Key Device Documentation. + +Contents +1. USB U2F key device +2. Building +3. Using u2f-emulated +4. Using u2f-passthru +5. Libu2f-emu + +1. USB U2F key device + +U2F is an open authentication standard that enables relying parties +exposed to the internet to offer a strong second factor option for end +user authentication. + +The standard brings many advantages to both parties, client and server, +allowing to reduce over-reliance on passwords, it increases authentication +security and simplifies passwords. + +The second factor is materialized by a device implementing the U2F +protocol. In case of a USB U2F security key, it is a USB HID device +that implements the U2F protocol. + +In Qemu, the USB U2F key device offers a dedicated support of U2F, allowing +guest USB FIDO/U2F security keys operating in two possible modes: +pass-through and emulated. + +The pass-through mode consists of passing all requests made from the guest +to the physical security key connected to the host machine and vice versa. +In addition, the dedicated pass-through allows to have a U2F security key +shared on several guests which is not possible with a simple host device +assignment pass-through. + +The emulated mode consists of completely emulating the behavior of an +U2F device through software part. Libu2f-emu is used for that. + + +2. Building + +To ensure the build of the u2f-emulated device variant which depends +on libu2f-emu: configuring and building: + +./configure --enable-u2f && make + + +3. Using u2f-emulated + +To work, an emulated U2F device must have four elements: + * ec x509 certificate + * ec private key + * counter (four bytes value) + * 48 bytes of entropy (random bits) + +To use this type of device, this one has to be configured, and these +four elements must be passed one way or another. + +Assuming that you have a working libu2f-emu installed on the host. +There are three possible ways of configurations: + * ephemeral + * setup directory + * manual + +Ephemeral is the simplest way to configure, it lets the device generate +all the elements it needs for a single use of the lifetime of the device. + +qemu -usb -device u2f-emulated + +Setup directory allows to configure the device from a directory containing +four files: + * certificate.pem: ec x509 certificate + * private-key.pem: ec private key + * counter: counter value + * entropy: 48 bytes of entropy + +qemu -usb -device u2f-emulated,dir=$dir + +Manual allows to configure the device more finely by specifying each +of the elements necessary for the device: + * cert + * priv + * counter + * entropy + +qemu -usb -device u2f-emulated,cert=$DIR1/$FILE1,priv=$DIR2/$FILE2,counter=$DIR3/$FILE3,entropy=$DIR4/$FILE4 + + +4. Using u2f-passthru + +On the host specify the u2f-passthru device with a suitable hidraw: + +qemu -usb -device u2f-passthru,hidraw=/dev/hidraw0 + + +5. Libu2f-emu + +The u2f-emulated device uses libu2f-emu for the U2F key emulation. Libu2f-emu +implements completely the U2F protocol device part for all specified +transport given by the FIDO Alliance. + +For more information about libu2f-emu see this page: +https://github.com/MattGorko/libu2f-emu. -- 2.18.4
[PULL 10/17] hw/usb: Add U2F key emulated mode
From: César Belley
This patch adds the U2F key emulated mode.
The emulated mode consists of completely emulating the behavior of a
U2F device through software part. Libu2f-emu is used for that.
The emulated mode is associated with a device inheriting from
u2f-key base.
To work, an emulated U2F device must have differents elements which
can be given in different ways. This is detailed in docs/u2f.txt.
The Ephemeral one is the simplest way to configure, it lets the device
generate all the elements it needs for a single use of the lifetime
of the device:
qemu -usb -device u2f-emulated
For more information about libu2f-emu see this page:
https://github.com/MattGorko/libu2f-emu.
Signed-off-by: César Belley
Message-id: 20200812094135.20550-7-cesar.bel...@lse.epita.fr
Signed-off-by: Gerd Hoffmann
---
hw/usb/u2f-emulated.c | 405 ++
1 file changed, 405 insertions(+)
create mode 100644 hw/usb/u2f-emulated.c
diff --git a/hw/usb/u2f-emulated.c b/hw/usb/u2f-emulated.c
new file mode 100644
index ..9e1b829f3d32
--- /dev/null
+++ b/hw/usb/u2f-emulated.c
@@ -0,0 +1,405 @@
+/*
+ * U2F USB Emulated device.
+ *
+ * Copyright (c) 2020 César Belley
+ * Written by César Belley
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to
deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/module.h"
+#include "qemu/thread.h"
+#include "qemu/main-loop.h"
+#include "qapi/error.h"
+#include "hw/usb.h"
+#include "hw/qdev-properties.h"
+
+#include
+
+#include "u2f.h"
+
+/* Counter which sync with a file */
+struct synced_counter {
+/* Emulated device counter */
+struct u2f_emu_vdev_counter vdev_counter;
+
+/* Private attributes */
+uint32_t value;
+FILE *fp;
+};
+
+static void counter_increment(struct u2f_emu_vdev_counter *vdev_counter)
+{
+struct synced_counter *counter = (struct synced_counter *)vdev_counter;
+++counter->value;
+
+/* Write back */
+if (fseek(counter->fp, 0, SEEK_SET) == -1) {
+return;
+}
+fprintf(counter->fp, "%u\n", counter->value);
+}
+
+static uint32_t counter_read(struct u2f_emu_vdev_counter *vdev_counter)
+{
+struct synced_counter *counter = (struct synced_counter *)vdev_counter;
+return counter->value;
+}
+
+typedef struct U2FEmulatedState U2FEmulatedState;
+
+#define PENDING_OUT_NUM 32
+
+struct U2FEmulatedState {
+U2FKeyState base;
+
+/* U2F virtual emulated device */
+u2f_emu_vdev *vdev;
+QemuMutex vdev_mutex;
+
+/* Properties */
+char *dir;
+char *cert;
+char *privkey;
+char *entropy;
+char *counter;
+struct synced_counter synced_counter;
+
+/* Pending packets received from the guest */
+uint8_t pending_out[PENDING_OUT_NUM][U2FHID_PACKET_SIZE];
+uint8_t pending_out_start;
+uint8_t pending_out_end;
+uint8_t pending_out_num;
+QemuMutex pending_out_mutex;
+
+/* Emulation thread and sync */
+QemuCond key_cond;
+QemuMutex key_mutex;
+QemuThread key_thread;
+bool stop_thread;
+EventNotifier notifier;
+};
+
+#define TYPE_U2F_EMULATED "u2f-emulated"
+#define EMULATED_U2F_KEY(obj) \
+OBJECT_CHECK(U2FEmulatedState, (obj), TYPE_U2F_EMULATED)
+
+static void u2f_emulated_reset(U2FEmulatedState *key)
+{
+key->pending_out_start = 0;
+key->pending_out_end = 0;
+key->pending_out_num = 0;
+}
+
+static void u2f_pending_out_add(U2FEmulatedState *key,
+const uint8_t packet[U2FHID_PACKET_SIZE])
+{
+int index;
+
+if (key->pending_out_num >= PENDING_OUT_NUM) {
+return;
+}
+
+index = key->pending_out_end;
+key->pending_out_end = (index + 1) % PENDING_OUT_NUM;
+++key->pending_out_num;
+
+memcpy(>pending_out[index], packet, U2FHID_PACKET_SIZE);
+}
+
+static uint8_t *u2f_pending_out_get(U2FEmulatedState *key)
+{
+int index;
+
+if (key->pending_out_num == 0) {
+return NULL;
+}
+
+index =
[Bug 1886811] Re: systemd complains Failed to enqueue loopback interface start request: Operation not supported
To fully work this also needs the fix for bug 1890881 as identified there. ** Changed in: qemu (Ubuntu Focal) Status: New => Triaged -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1886811 Title: systemd complains Failed to enqueue loopback interface start request: Operation not supported Status in QEMU: Fix Committed Status in qemu package in Ubuntu: Fix Released Status in qemu source package in Focal: Triaged Status in qemu package in Debian: Fix Released Bug description: This symptom seems similar to https://bugs.launchpad.net/qemu/+bug/1823790 Host Linux: Debian 11 Bullseye (testing) on x84-64 architecture qemu version: latest git of git commit hash eb2c66b10efd2b914b56b20ae90655914310c925 compiled with "./configure --static --disable-system" Down stream bug report at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964289 Bug report (closed) to systemd: https://github.com/systemd/systemd/issues/16359 systemd in armhf and armel (both little endian 32-bit) containers fail to start with Failed to enqueue loopback interface start request: Operation not supported How to reproduce on Debian (and probably Ubuntu): mmdebstrap --components="main contrib non-free" --architectures=armhf --variant=important bullseye /var/lib/machines/armhf-bullseye systemd-nspawn -D /var/lib/machines/armhf-bullseye -b When "armhf" architecture is replaced with "mips" (32-bit big endian) or "ppc64" (64-bit big endian), the container starts up fine. The same symptom is also observed with "powerpc" (32-bit big endian) architecture. To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1886811/+subscriptions
[PULL 07/17] hw/usb: Add U2F key base class
From: César Belley
This patch adds the specification for the U2F key base class.
Used to group the common characteristics, this device class will be
inherited by its two variants, corresponding to the two modes:
passthrough and emulated
This prepares the U2F devices hierarchy which is as follow:
USB device -> u2f-key -> {u2f-passthru, u2f-emulated}.
Signed-off-by: César Belley
Message-id: 20200812094135.20550-4-cesar.bel...@lse.epita.fr
Signed-off-by: Gerd Hoffmann
---
hw/usb/u2f.h | 92
1 file changed, 92 insertions(+)
create mode 100644 hw/usb/u2f.h
diff --git a/hw/usb/u2f.h b/hw/usb/u2f.h
new file mode 100644
index ..db30f3586bf7
--- /dev/null
+++ b/hw/usb/u2f.h
@@ -0,0 +1,92 @@
+/*
+ * U2F USB device.
+ *
+ * Copyright (c) 2020 César Belley
+ * Written by César Belley
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to
deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#ifndef U2F_H
+#define U2F_H
+
+#include "hw/qdev-core.h"
+
+#define U2FHID_PACKET_SIZE 64
+#define U2FHID_PENDING_IN_NUM 32
+
+typedef struct U2FKeyState U2FKeyState;
+typedef struct U2FKeyInfo U2FKeyInfo;
+
+#define TYPE_U2F_KEY "u2f-key"
+#define U2F_KEY(obj) \
+OBJECT_CHECK(U2FKeyState, (obj), TYPE_U2F_KEY)
+#define U2F_KEY_CLASS(klass) \
+OBJECT_CLASS_CHECK(U2FKeyClass, (klass), TYPE_U2F_KEY)
+#define U2F_KEY_GET_CLASS(obj) \
+OBJECT_GET_CLASS(U2FKeyClass, (obj), TYPE_U2F_KEY)
+
+/*
+ * Callbacks to be used by the U2F key base device (i.e. hw/u2f.c)
+ * to interact with its variants (i.e. hw/u2f-*.c)
+ */
+typedef struct U2FKeyClass {
+/*< private >*/
+USBDeviceClass parent_class;
+
+/*< public >*/
+void (*recv_from_guest)(U2FKeyState *key,
+const uint8_t packet[U2FHID_PACKET_SIZE]);
+void (*realize)(U2FKeyState *key, Error **errp);
+void (*unrealize)(U2FKeyState *key);
+} U2FKeyClass;
+
+/*
+ * State of the U2F key base device (i.e. hw/u2f.c)
+ */
+typedef struct U2FKeyState {
+USBDevice dev;
+USBEndpoint *ep;
+uint8_t idle;
+
+/* Pending packets to be send to the guest */
+uint8_t pending_in[U2FHID_PENDING_IN_NUM][U2FHID_PACKET_SIZE];
+uint8_t pending_in_start;
+uint8_t pending_in_end;
+uint8_t pending_in_num;
+} U2FKeyState;
+
+/*
+ * API to be used by the U2F key device variants (i.e. hw/u2f-*.c)
+ * to interact with the the U2F key base device (i.e. hw/u2f.c)
+ */
+void u2f_send_to_guest(U2FKeyState *key,
+ const uint8_t packet[U2FHID_PACKET_SIZE]);
+
+extern const VMStateDescription vmstate_u2f_key;
+
+#define VMSTATE_U2F_KEY(_field, _state) {\
+.name = (stringify(_field)), \
+.size = sizeof(U2FKeyState), \
+.vmsd = _u2f_key, \
+.flags = VMS_STRUCT,\
+.offset = vmstate_offset_value(_state, _field, U2FKeyState), \
+}
+
+#endif /* U2F_H */
--
2.18.4
[PULL 09/17] hw/usb: Add U2F key passthru mode
From: César Belley
This patch adds the U2F key pass-through mode.
The pass-through mode consists of passing all requests made from the
guest to the physical security key connected to the host machine and
vice versa.
In addition, the dedicated pass-through allows to have a U2F security key
shared on several guests which is not possible with a simple host device
assignment pass-through.
The pass-through mode is associated with a device inheriting from
u2f-key base.
To work, it needs the path to a U2F hidraw, obtained from the Qemu
command line, and passed by the user:
qemu -usb -device u2f-passthru,hidraw=/dev/hidrawX
Autoscan and U2F compatibility checking features are given at the end
of the patch series.
Signed-off-by: César Belley
Message-id: 20200812094135.20550-6-cesar.bel...@lse.epita.fr
Signed-off-by: Gerd Hoffmann
---
hw/usb/u2f-passthru.c | 423 ++
1 file changed, 423 insertions(+)
create mode 100644 hw/usb/u2f-passthru.c
diff --git a/hw/usb/u2f-passthru.c b/hw/usb/u2f-passthru.c
new file mode 100644
index ..106b5abf9ecc
--- /dev/null
+++ b/hw/usb/u2f-passthru.c
@@ -0,0 +1,423 @@
+/*
+ * U2F USB Passthru device.
+ *
+ * Copyright (c) 2020 César Belley
+ * Written by César Belley
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to
deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/module.h"
+#include "qemu/main-loop.h"
+#include "qemu/error-report.h"
+#include "qapi/error.h"
+#include "hw/qdev-properties.h"
+#include "hw/usb.h"
+#include "migration/vmstate.h"
+
+#include "u2f.h"
+
+#define NONCE_SIZE 8
+#define BROADCAST_CID 0x
+#define TRANSACTION_TIMEOUT 12
+
+struct transaction {
+uint32_t cid;
+uint16_t resp_bcnt;
+uint16_t resp_size;
+
+/* Nonce for broadcast isolation */
+uint8_t nonce[NONCE_SIZE];
+};
+
+typedef struct U2FPassthruState U2FPassthruState;
+
+#define CURRENT_TRANSACTIONS_NUM 4
+
+struct U2FPassthruState {
+U2FKeyState base;
+
+/* Host device */
+char *hidraw;
+int hidraw_fd;
+
+/* Current Transactions */
+struct transaction current_transactions[CURRENT_TRANSACTIONS_NUM];
+uint8_t current_transactions_start;
+uint8_t current_transactions_end;
+uint8_t current_transactions_num;
+
+/* Transaction time checking */
+int64_t last_transaction_time;
+QEMUTimer timer;
+};
+
+#define TYPE_U2F_PASSTHRU "u2f-passthru"
+#define PASSTHRU_U2F_KEY(obj) \
+OBJECT_CHECK(U2FPassthruState, (obj), TYPE_U2F_PASSTHRU)
+
+/* Init packet sizes */
+#define PACKET_INIT_HEADER_SIZE 7
+#define PACKET_INIT_DATA_SIZE (U2FHID_PACKET_SIZE - PACKET_INIT_HEADER_SIZE)
+
+/* Cont packet sizes */
+#define PACKET_CONT_HEADER_SIZE 5
+#define PACKET_CONT_DATA_SIZE (U2FHID_PACKET_SIZE - PACKET_CONT_HEADER_SIZE)
+
+struct packet_init {
+uint32_t cid;
+uint8_t cmd;
+uint8_t bcnth;
+uint8_t bcntl;
+uint8_t data[PACKET_INIT_DATA_SIZE];
+} QEMU_PACKED;
+
+static inline uint32_t packet_get_cid(const void *packet)
+{
+return *((uint32_t *)packet);
+}
+
+static inline bool packet_is_init(const void *packet)
+{
+return ((uint8_t *)packet)[4] & (1 << 7);
+}
+
+static inline uint16_t packet_init_get_bcnt(
+const struct packet_init *packet_init)
+{
+uint16_t bcnt = 0;
+bcnt |= packet_init->bcnth << 8;
+bcnt |= packet_init->bcntl;
+
+return bcnt;
+}
+
+static void u2f_passthru_reset(U2FPassthruState *key)
+{
+timer_del(>timer);
+qemu_set_fd_handler(key->hidraw_fd, NULL, NULL, key);
+key->last_transaction_time = 0;
+key->current_transactions_start = 0;
+key->current_transactions_end = 0;
+key->current_transactions_num = 0;
+}
+
+static void u2f_timeout_check(void *opaque)
+{
+U2FPassthruState *key = opaque;
+int64_t time = qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL);
+
+if (time > key->last_transaction_time + TRANSACTION_TIMEOUT) {
+u2f_passthru_reset(key);
+} else {
[PULL 00/17] Usb 20200819 patches
The following changes since commit d0ed6a69d399ae193959225cdeaa9382746c91cc: Update version for v5.1.0 release (2020-08-11 17:07:03 +0100) are available in the Git repository at: git://git.kraxel.org/qemu tags/usb-20200819-pull-request for you to fetch changes up to d7e5b2e1a4035fb81517a2034bb955e58f28d5b9: hw/usb: Add U2F device autoscan to passthru mode (2020-08-19 07:35:27 +0200) usb: usb_packet_map error handling for xhci/ehci usb: add U2F devices (GSoC). César Belley (13): hw/usb: Regroup USB HID protocol values docs: Add USB U2F key device documentation hw/usb: Add U2F key base class hw/usb: Add U2F key base class implementation hw/usb: Add U2F key passthru mode hw/usb: Add U2F key emulated mode hw/usb: Add U2F key build recipe configure: Add USB U2F key device docs/system: Add U2F key to the USB devices examples docs/qdev-device-use.txt: Add USB U2F key to the QDEV devices examples scripts: Add u2f-setup-gen script hw/usb: Add U2F device check to passthru mode hw/usb: Add U2F device autoscan to passthru mode Gerd Hoffmann (1): ehci: drop pointless warn_report for guest bugs. Li Qiang (3): hw: xhci: check return value of 'usb_packet_map' hw: ehci: destroy sglist in error path hw: ehci: check return value of 'usb_packet_map' configure| 27 ++ docs/qdev-device-use.txt | 1 + docs/u2f.txt | 110 scripts/u2f-setup-gen.py | 170 hw/usb/u2f.h | 92 +++ include/hw/usb/hid.h | 17 ++ hw/usb/dev-hid.c | 26 +- hw/usb/dev-wacom.c | 12 +- hw/usb/hcd-ehci.c| 12 +- hw/usb/hcd-xhci.c| 5 +- hw/usb/u2f-emulated.c| 405 hw/usb/u2f-passthru.c| 551 +++ hw/usb/u2f.c | 352 + docs/system/usb.rst | 3 + hw/usb/Kconfig | 5 + hw/usb/Makefile.objs | 9 + 16 files changed, 1765 insertions(+), 32 deletions(-) create mode 100644 docs/u2f.txt create mode 100755 scripts/u2f-setup-gen.py create mode 100644 hw/usb/u2f.h create mode 100644 include/hw/usb/hid.h create mode 100644 hw/usb/u2f-emulated.c create mode 100644 hw/usb/u2f-passthru.c create mode 100644 hw/usb/u2f.c -- 2.18.4
[PULL 16/17] hw/usb: Add U2F device check to passthru mode
From: César Belley
This patchs adds a check to verify that the device passed through the
hidraw property is a U2F device.
The check is done by ensuring that the first values of the report
descriptor (USAGE PAGE and USAGE) correspond to those of a U2F device.
Signed-off-by: César Belley
Message-id: 20200812094135.20550-13-cesar.bel...@lse.epita.fr
Signed-off-by: Gerd Hoffmann
---
hw/usb/u2f-passthru.c | 41 +
hw/usb/Makefile.objs | 3 ++-
2 files changed, 43 insertions(+), 1 deletion(-)
diff --git a/hw/usb/u2f-passthru.c b/hw/usb/u2f-passthru.c
index 106b5abf9ecc..f8771966c747 100644
--- a/hw/usb/u2f-passthru.c
+++ b/hw/usb/u2f-passthru.c
@@ -34,6 +34,12 @@
#include "u2f.h"
+#ifdef CONFIG_LIBUDEV
+#include
+#endif
+#include
+#include
+
#define NONCE_SIZE 8
#define BROADCAST_CID 0x
#define TRANSACTION_TIMEOUT 12
@@ -344,6 +350,34 @@ static void u2f_passthru_recv_from_guest(U2FKeyState *base,
}
}
+static bool u2f_passthru_is_u2f_device(int fd)
+{
+int ret, rdesc_size;
+struct hidraw_report_descriptor rdesc;
+const uint8_t u2f_hid_report_desc_header[] = {
+0x06, 0xd0, 0xf1, /* Usage Page (FIDO) */
+0x09, 0x01, /* Usage (FIDO) */
+};
+
+/* Get report descriptor size */
+ret = ioctl(fd, HIDIOCGRDESCSIZE, _size);
+if (ret < 0 || rdesc_size < sizeof(u2f_hid_report_desc_header)) {
+return false;
+}
+
+/* Get report descriptor */
+memset(, 0x0, sizeof(rdesc));
+rdesc.size = rdesc_size;
+ret = ioctl(fd, HIDIOCGRDESC, );
+if (ret < 0) {
+return false;
+}
+
+/* Header bytes cover specific U2F rdesc values */
+return memcmp(u2f_hid_report_desc_header, rdesc.value,
+ sizeof(u2f_hid_report_desc_header)) == 0;
+}
+
static void u2f_passthru_unrealize(U2FKeyState *base)
{
U2FPassthruState *key = PASSTHRU_U2F_KEY(base);
@@ -368,6 +402,13 @@ static void u2f_passthru_realize(U2FKeyState *base, Error
**errp)
key->hidraw);
return;
}
+
+if (!u2f_passthru_is_u2f_device(fd)) {
+qemu_close(fd);
+error_setg(errp, "%s: Passed hidraw does not represent "
+ "a U2F HID device", TYPE_U2F_PASSTHRU);
+return;
+}
key->hidraw_fd = fd;
u2f_passthru_reset(key);
}
diff --git a/hw/usb/Makefile.objs b/hw/usb/Makefile.objs
index 7842a3175f8f..9e7e1f33a51e 100644
--- a/hw/usb/Makefile.objs
+++ b/hw/usb/Makefile.objs
@@ -38,7 +38,8 @@ endif
endif
ifeq ($(CONFIG_USB_U2F),y)
-common-obj-y += u2f.o u2f-passthru.o
+common-obj-y += u2f.o
+common-obj-$(CONFIG_LINUX)+= u2f-passthru.o
common-obj-$(CONFIG_U2F) += u2f-emulated.o
u2f-emulated.o-cflags = $(U2F_CFLAGS)
u2f-emulated.o-libs = $(U2F_LIBS)
--
2.18.4
[PULL 11/17] hw/usb: Add U2F key build recipe
From: César Belley Signed-off-by: César Belley Message-id: 20200812094135.20550-8-cesar.bel...@lse.epita.fr Signed-off-by: Gerd Hoffmann --- hw/usb/Kconfig | 5 + hw/usb/Makefile.objs | 7 +++ 2 files changed, 12 insertions(+) diff --git a/hw/usb/Kconfig b/hw/usb/Kconfig index 5e63dc75f815..3fc8fbe3c74c 100644 --- a/hw/usb/Kconfig +++ b/hw/usb/Kconfig @@ -96,6 +96,11 @@ config USB_STORAGE_MTP default y depends on USB +config USB_U2F +bool +default y +depends on USB + config IMX_USBPHY bool default y diff --git a/hw/usb/Makefile.objs b/hw/usb/Makefile.objs index e342ff59fab0..7842a3175f8f 100644 --- a/hw/usb/Makefile.objs +++ b/hw/usb/Makefile.objs @@ -37,6 +37,13 @@ smartcard.mo-libs := $(SMARTCARD_LIBS) endif endif +ifeq ($(CONFIG_USB_U2F),y) +common-obj-y += u2f.o u2f-passthru.o +common-obj-$(CONFIG_U2F) += u2f-emulated.o +u2f-emulated.o-cflags = $(U2F_CFLAGS) +u2f-emulated.o-libs = $(U2F_LIBS) +endif + ifeq ($(CONFIG_POSIX),y) common-obj-$(CONFIG_USB_STORAGE_MTP) += dev-mtp.o endif -- 2.18.4
[PULL 17/17] hw/usb: Add U2F device autoscan to passthru mode
From: César Belley
This patch adds an autoscan to let u2f-passthru choose the first U2F
device it finds.
The autoscan is performed using libudev with an enumeration of all the
hidraw devices present on the host.
The first device which happens to be a U2F device is taken to do the
pass-through.
Signed-off-by: César Belley
Message-id: 20200812094135.20550-14-cesar.bel...@lse.epita.fr
Signed-off-by: Gerd Hoffmann
---
docs/u2f.txt | 9
hw/usb/u2f-passthru.c | 113 +-
hw/usb/Makefile.objs | 1 +
3 files changed, 110 insertions(+), 13 deletions(-)
diff --git a/docs/u2f.txt b/docs/u2f.txt
index f60052882ec3..8f44994818a2 100644
--- a/docs/u2f.txt
+++ b/docs/u2f.txt
@@ -42,6 +42,10 @@ on libu2f-emu: configuring and building:
./configure --enable-u2f && make
+The pass-through mode is built by default on Linux. To take advantage
+of the autoscan option it provides, make sure you have a working libudev
+installed on the host.
+
3. Using u2f-emulated
@@ -90,6 +94,11 @@ On the host specify the u2f-passthru device with a suitable
hidraw:
qemu -usb -device u2f-passthru,hidraw=/dev/hidraw0
+Alternately, the u2f-passthru device can autoscan to take the first
+U2F device it finds on the host (this requires a working libudev):
+
+qemu -usb -device u2f-passthru
+
5. Libu2f-emu
diff --git a/hw/usb/u2f-passthru.c b/hw/usb/u2f-passthru.c
index f8771966c747..1311530ee5ba 100644
--- a/hw/usb/u2f-passthru.c
+++ b/hw/usb/u2f-passthru.c
@@ -378,6 +378,84 @@ static bool u2f_passthru_is_u2f_device(int fd)
sizeof(u2f_hid_report_desc_header)) == 0;
}
+#ifdef CONFIG_LIBUDEV
+static int u2f_passthru_open_from_device(struct udev_device *device)
+{
+const char *devnode = udev_device_get_devnode(device);
+
+int fd = qemu_open(devnode, O_RDWR);
+if (fd < 0) {
+return -1;
+} else if (!u2f_passthru_is_u2f_device(fd)) {
+qemu_close(fd);
+return -1;
+}
+return fd;
+}
+
+static int u2f_passthru_open_from_enumerate(struct udev *udev,
+struct udev_enumerate *enumerate)
+{
+struct udev_list_entry *devices, *entry;
+int ret, fd;
+
+ret = udev_enumerate_scan_devices(enumerate);
+if (ret < 0) {
+return -1;
+}
+
+devices = udev_enumerate_get_list_entry(enumerate);
+udev_list_entry_foreach(entry, devices) {
+struct udev_device *device;
+const char *syspath = udev_list_entry_get_name(entry);
+
+if (syspath == NULL) {
+continue;
+}
+
+device = udev_device_new_from_syspath(udev, syspath);
+if (device == NULL) {
+continue;
+}
+
+fd = u2f_passthru_open_from_device(device);
+udev_device_unref(device);
+if (fd >= 0) {
+return fd;
+}
+}
+return -1;
+}
+
+static int u2f_passthru_open_from_scan(void)
+{
+struct udev *udev;
+struct udev_enumerate *enumerate;
+int ret, fd = -1;
+
+udev = udev_new();
+if (udev == NULL) {
+return -1;
+}
+
+enumerate = udev_enumerate_new(udev);
+if (enumerate == NULL) {
+udev_unref(udev);
+return -1;
+}
+
+ret = udev_enumerate_add_match_subsystem(enumerate, "hidraw");
+if (ret >= 0) {
+fd = u2f_passthru_open_from_enumerate(udev, enumerate);
+}
+
+udev_enumerate_unref(enumerate);
+udev_unref(udev);
+
+return fd;
+}
+#endif
+
static void u2f_passthru_unrealize(U2FKeyState *base)
{
U2FPassthruState *key = PASSTHRU_U2F_KEY(base);
@@ -392,22 +470,31 @@ static void u2f_passthru_realize(U2FKeyState *base, Error
**errp)
int fd;
if (key->hidraw == NULL) {
+#ifdef CONFIG_LIBUDEV
+fd = u2f_passthru_open_from_scan();
+if (fd < 0) {
+error_setg(errp, "%s: Failed to find a U2F USB device",
+ TYPE_U2F_PASSTHRU);
+return;
+}
+#else
error_setg(errp, "%s: Missing hidraw", TYPE_U2F_PASSTHRU);
return;
-}
+#endif
+} else {
+fd = qemu_open(key->hidraw, O_RDWR);
+if (fd < 0) {
+error_setg(errp, "%s: Failed to open %s", TYPE_U2F_PASSTHRU,
+ key->hidraw);
+return;
+}
-fd = qemu_open(key->hidraw, O_RDWR);
-if (fd < 0) {
-error_setg(errp, "%s: Failed to open %s", TYPE_U2F_PASSTHRU,
- key->hidraw);
-return;
-}
-
-if (!u2f_passthru_is_u2f_device(fd)) {
-qemu_close(fd);
-error_setg(errp, "%s: Passed hidraw does not represent "
- "a U2F HID device", TYPE_U2F_PASSTHRU);
-return;
+if (!u2f_passthru_is_u2f_device(fd)) {
+qemu_close(fd);
+error_setg(errp, "%s: Passed hidraw does not represent "
+ "a U2F HID device", TYPE_U2F_PASSTHRU);
+return;
+}
}
[PULL 05/17] hw/usb: Regroup USB HID protocol values
From: César Belley
Group some HID values that are used pretty much everywhere when
dealing with HID devices.
Signed-off-by: César Belley
Message-id: 20200812094135.20550-2-cesar.bel...@lse.epita.fr
Signed-off-by: Gerd Hoffmann
---
include/hw/usb/hid.h | 17 +
hw/usb/dev-hid.c | 26 +++---
hw/usb/dev-wacom.c | 12 +++-
3 files changed, 27 insertions(+), 28 deletions(-)
create mode 100644 include/hw/usb/hid.h
diff --git a/include/hw/usb/hid.h b/include/hw/usb/hid.h
new file mode 100644
index ..1c142584ffab
--- /dev/null
+++ b/include/hw/usb/hid.h
@@ -0,0 +1,17 @@
+#ifndef HW_USB_HID_H
+#define HW_USB_HID_H
+
+/* HID interface requests */
+#define HID_GET_REPORT 0xa101
+#define HID_GET_IDLE 0xa102
+#define HID_GET_PROTOCOL 0xa103
+#define HID_SET_REPORT 0x2109
+#define HID_SET_IDLE 0x210a
+#define HID_SET_PROTOCOL 0x210b
+
+/* HID descriptor types */
+#define USB_DT_HID0x21
+#define USB_DT_REPORT 0x22
+#define USB_DT_PHY0x23
+
+#endif
diff --git a/hw/usb/dev-hid.c b/hw/usb/dev-hid.c
index 89f63b698b8a..c73f7b2fe2c5 100644
--- a/hw/usb/dev-hid.c
+++ b/hw/usb/dev-hid.c
@@ -32,21 +32,9 @@
#include "qemu/module.h"
#include "qemu/timer.h"
#include "hw/input/hid.h"
+#include "hw/usb/hid.h"
#include "hw/qdev-properties.h"
-/* HID interface requests */
-#define GET_REPORT 0xa101
-#define GET_IDLE 0xa102
-#define GET_PROTOCOL 0xa103
-#define SET_REPORT 0x2109
-#define SET_IDLE 0x210a
-#define SET_PROTOCOL 0x210b
-
-/* HID descriptor types */
-#define USB_DT_HID0x21
-#define USB_DT_REPORT 0x22
-#define USB_DT_PHY0x23
-
typedef struct USBHIDState {
USBDevice dev;
USBEndpoint *intr;
@@ -618,38 +606,38 @@ static void usb_hid_handle_control(USBDevice *dev,
USBPacket *p,
goto fail;
}
break;
-case GET_REPORT:
+case HID_GET_REPORT:
if (hs->kind == HID_MOUSE || hs->kind == HID_TABLET) {
p->actual_length = hid_pointer_poll(hs, data, length);
} else if (hs->kind == HID_KEYBOARD) {
p->actual_length = hid_keyboard_poll(hs, data, length);
}
break;
-case SET_REPORT:
+case HID_SET_REPORT:
if (hs->kind == HID_KEYBOARD) {
p->actual_length = hid_keyboard_write(hs, data, length);
} else {
goto fail;
}
break;
-case GET_PROTOCOL:
+case HID_GET_PROTOCOL:
if (hs->kind != HID_KEYBOARD && hs->kind != HID_MOUSE) {
goto fail;
}
data[0] = hs->protocol;
p->actual_length = 1;
break;
-case SET_PROTOCOL:
+case HID_SET_PROTOCOL:
if (hs->kind != HID_KEYBOARD && hs->kind != HID_MOUSE) {
goto fail;
}
hs->protocol = value;
break;
-case GET_IDLE:
+case HID_GET_IDLE:
data[0] = hs->idle;
p->actual_length = 1;
break;
-case SET_IDLE:
+case HID_SET_IDLE:
hs->idle = (uint8_t) (value >> 8);
hid_set_next_idle(hs);
if (hs->kind == HID_MOUSE || hs->kind == HID_TABLET) {
diff --git a/hw/usb/dev-wacom.c b/hw/usb/dev-wacom.c
index 8aba44b8bc3d..76fc5a5dabf3 100644
--- a/hw/usb/dev-wacom.c
+++ b/hw/usb/dev-wacom.c
@@ -29,6 +29,7 @@
#include "qemu/osdep.h"
#include "ui/console.h"
#include "hw/usb.h"
+#include "hw/usb/hid.h"
#include "migration/vmstate.h"
#include "qemu/module.h"
#include "desc.h"
@@ -37,13 +38,6 @@
#define WACOM_GET_REPORT 0x2101
#define WACOM_SET_REPORT 0x2109
-/* HID interface requests */
-#define HID_GET_REPORT 0xa101
-#define HID_GET_IDLE 0xa102
-#define HID_GET_PROTOCOL 0xa103
-#define HID_SET_IDLE 0x210a
-#define HID_SET_PROTOCOL 0x210b
-
typedef struct USBWacomState {
USBDevice dev;
USBEndpoint *intr;
@@ -86,11 +80,11 @@ static const USBDescIface desc_iface_wacom = {
/* HID descriptor */
.data = (uint8_t[]) {
0x09, /* u8 bLength */
-0x21, /* u8 bDescriptorType */
+USB_DT_HID,/* u8 bDescriptorType */
0x01, 0x10,/* u16 HID_class */
0x00, /* u8 country_code */
0x01, /* u8 num_descriptors */
-0x22, /* u8 type: Report */
+USB_DT_REPORT, /* u8 type: Report */
0x6e, 0, /* u16 len */
},
},
--
2.18.4
[PULL 12/17] configure: Add USB U2F key device
From: César Belley Signed-off-by: César Belley Message-id: 20200812094135.20550-9-cesar.bel...@lse.epita.fr Signed-off-by: Gerd Hoffmann --- configure | 27 +++ 1 file changed, 27 insertions(+) diff --git a/configure b/configure index 2acc4d1465f8..3ea5e561ff43 100755 --- a/configure +++ b/configure @@ -447,6 +447,7 @@ trace_file="trace" spice="" rbd="" smartcard="" +u2f="" libusb="" usb_redir="" opengl="" @@ -1390,6 +1391,10 @@ for opt do ;; --enable-smartcard) smartcard="yes" ;; + --disable-u2f) u2f="no" + ;; + --enable-u2f) u2f="yes" + ;; --disable-libusb) libusb="no" ;; --enable-libusb) libusb="yes" @@ -1899,6 +1904,7 @@ disabled with --disable-FEATURE, default is enabled if available: libiscsiiscsi support libnfs nfs support smartcard smartcard support (libcacard) + u2f U2F support (u2f-emu) libusb libusb (for usb passthrough) live-block-migration Block migration in the main migration stream usb-redir usb network redirection support @@ -5250,6 +5256,20 @@ if test "$smartcard" != "no"; then fi fi +# check for u2f support +if test "$u2f" != "no"; then +if $pkg_config --atleast-version=0.0.0 u2f-emu; then +u2f_emu_cflags=$($pkg_config --cflags u2f-emu) +u2f_emu_libs=$($pkg_config --libs u2f-emu) +u2f="yes" +else +if test "$u2f" = "yes"; then +feature_not_found "u2f" "Install u2f-emu" +fi +u2f="no" +fi +fi + # check for libusb if test "$libusb" != "no" ; then if $pkg_config --atleast-version=1.0.13 libusb-1.0; then @@ -6965,6 +6985,7 @@ echo "spice support $spice $(echo_version $spice $spice_protocol_version/$sp echo "rbd support $rbd" echo "xfsctl support$xfs" echo "smartcard support $smartcard" +echo "U2F support $u2f" echo "libusb$libusb" echo "usb net redir $usb_redir" echo "OpenGL support$opengl" @@ -7543,6 +7564,12 @@ if test "$smartcard" = "yes" ; then echo "SMARTCARD_LIBS=$libcacard_libs" >> $config_host_mak fi +if test "$u2f" = "yes" ; then + echo "CONFIG_U2F=y" >> $config_host_mak + echo "U2F_CFLAGS=$u2f_emu_cflags" >> $config_host_mak + echo "U2F_LIBS=$u2f_emu_libs" >> $config_host_mak +fi + if test "$libusb" = "yes" ; then echo "CONFIG_USB_LIBUSB=y" >> $config_host_mak echo "LIBUSB_CFLAGS=$libusb_cflags" >> $config_host_mak -- 2.18.4
[PULL 04/17] ehci: drop pointless warn_report for guest bugs.
We have a tracepoint at the same place which can be enabled if needed.
Buglink: https://bugzilla.redhat.com//show_bug.cgi?id=1859236
Signed-off-by: Gerd Hoffmann
Reviewed-by: Philippe Mathieu-Daudé
Message-Id: <20200722072613.10390-1-kra...@redhat.com>
---
hw/usb/hcd-ehci.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
index 4da446d2de6b..2b995443fbfd 100644
--- a/hw/usb/hcd-ehci.c
+++ b/hw/usb/hcd-ehci.c
@@ -352,7 +352,6 @@ static void ehci_trace_sitd(EHCIState *s, hwaddr addr,
static void ehci_trace_guest_bug(EHCIState *s, const char *message)
{
trace_usb_ehci_guest_bug(message);
-warn_report("%s", message);
}
static inline bool ehci_enabled(EHCIState *s)
--
2.18.4
[PULL 03/17] hw: ehci: check return value of 'usb_packet_map'
From: Li Qiang
If 'usb_packet_map' fails, we should stop to process the usb
request.
Signed-off-by: Li Qiang
Message-Id: <20200812161727.29412-1-liq...@163.com>
Signed-off-by: Gerd Hoffmann
---
hw/usb/hcd-ehci.c | 10 --
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
index 58cceacbf83a..4da446d2de6b 100644
--- a/hw/usb/hcd-ehci.c
+++ b/hw/usb/hcd-ehci.c
@@ -1373,7 +1373,10 @@ static int ehci_execute(EHCIPacket *p, const char
*action)
spd = (p->pid == USB_TOKEN_IN && NLPTR_TBIT(p->qtd.altnext) == 0);
usb_packet_setup(>packet, p->pid, ep, 0, p->qtdaddr, spd,
(p->qtd.token & QTD_TOKEN_IOC) != 0);
-usb_packet_map(>packet, >sgl);
+if (usb_packet_map(>packet, >sgl)) {
+qemu_sglist_destroy(>sgl);
+return -1;
+}
p->async = EHCI_ASYNC_INITIALIZED;
}
@@ -1453,7 +1456,10 @@ static int ehci_process_itd(EHCIState *ehci,
if (ep && ep->type == USB_ENDPOINT_XFER_ISOC) {
usb_packet_setup(>ipacket, pid, ep, 0, addr, false,
(itd->transact[i] & ITD_XACT_IOC) != 0);
-usb_packet_map(>ipacket, >isgl);
+if (usb_packet_map(>ipacket, >isgl)) {
+qemu_sglist_destroy(>isgl);
+return -1;
+}
usb_handle_packet(dev, >ipacket);
usb_packet_unmap(>ipacket, >isgl);
} else {
--
2.18.4
[PULL 14/17] docs/qdev-device-use.txt: Add USB U2F key to the QDEV devices examples
From: César Belley
Signed-off-by: César Belley
Message-id: 20200812094135.20550-11-cesar.bel...@lse.epita.fr
Signed-off-by: Gerd Hoffmann
---
docs/qdev-device-use.txt | 1 +
1 file changed, 1 insertion(+)
diff --git a/docs/qdev-device-use.txt b/docs/qdev-device-use.txt
index f8d0d2fe297a..9889521e3c07 100644
--- a/docs/qdev-device-use.txt
+++ b/docs/qdev-device-use.txt
@@ -325,6 +325,7 @@ The new way is -device DEVNAME,DEV-OPTS... Details depend
on DRIVER:
* mouse -device usb-mouse
* tablet -device usb-tablet
* wacom-tablet-device usb-wacom-tablet
+* u2f -device u2f-{emulated,passthru}
* braille See "Character Devices"
=== Watchdog Devices ===
--
2.18.4
[PULL 15/17] scripts: Add u2f-setup-gen script
From: César Belley
This patch adds the script used to generate setup directories, needed
for the device u2f-emulated configuration in directory mode:
python u2f-setup-gen.py $DIR
qemu -usb -device u2f-emulated,dir=$DIR
Signed-off-by: César Belley
Message-id: 20200812094135.20550-12-cesar.bel...@lse.epita.fr
Signed-off-by: Gerd Hoffmann
---
scripts/u2f-setup-gen.py | 170 +++
1 file changed, 170 insertions(+)
create mode 100755 scripts/u2f-setup-gen.py
diff --git a/scripts/u2f-setup-gen.py b/scripts/u2f-setup-gen.py
new file mode 100755
index ..2122598fed8e
--- /dev/null
+++ b/scripts/u2f-setup-gen.py
@@ -0,0 +1,170 @@
+#!/usr/bin/env python3
+#
+# Libu2f-emu setup directory generator for USB U2F key emulation.
+#
+# Copyright (c) 2020 César Belley
+# Written by César Belley
+#
+# This work is licensed under the terms of the GNU GPL, version 2
+# or, at your option, any later version. See the COPYING file in
+# the top-level directory.
+
+import sys
+import os
+from random import randint
+from typing import Tuple
+
+from cryptography.hazmat.backends import default_backend
+from cryptography.hazmat.primitives.asymmetric import ec
+from cryptography.hazmat.primitives.serialization import Encoding, \
+NoEncryption, PrivateFormat, PublicFormat
+from OpenSSL import crypto
+
+
+def write_setup_dir(dirpath: str, privkey_pem: bytes, cert_pem: bytes,
+entropy: bytes, counter: int) -> None:
+"""
+Write the setup directory.
+
+Args:
+dirpath: The directory path.
+key_pem: The private key PEM.
+cert_pem: The certificate PEM.
+entropy: The 48 bytes of entropy.
+counter: The counter value.
+"""
+# Directory
+os.mkdir(dirpath)
+
+# Private key
+with open(f'{dirpath}/private-key.pem', 'bw') as f:
+f.write(privkey_pem)
+
+# Certificate
+with open(f'{dirpath}/certificate.pem', 'bw') as f:
+f.write(cert_pem)
+
+# Entropy
+with open(f'{dirpath}/entropy', 'wb') as f:
+f.write(entropy)
+
+# Counter
+with open(f'{dirpath}/counter', 'w') as f:
+f.write(f'{str(counter)}\n')
+
+
+def generate_ec_key_pair() -> Tuple[str, str]:
+"""
+Generate an ec key pair.
+
+Returns:
+The private and public key PEM.
+"""
+# Key generation
+privkey = ec.generate_private_key(ec.SECP256R1, default_backend())
+pubkey = privkey.public_key()
+
+# PEM serialization
+privkey_pem = privkey.private_bytes(encoding=Encoding.PEM,
+
format=PrivateFormat.TraditionalOpenSSL,
+encryption_algorithm=NoEncryption())
+pubkey_pem = pubkey.public_bytes(encoding=Encoding.PEM,
+ format=PublicFormat.SubjectPublicKeyInfo)
+return privkey_pem, pubkey_pem
+
+
+def generate_certificate(privkey_pem: str, pubkey_pem: str) -> str:
+"""
+Generate a x509 certificate from a key pair.
+
+Args:
+privkey_pem: The private key PEM.
+pubkey_pem: The public key PEM.
+
+Returns:
+The certificate PEM.
+"""
+# Convert key pair
+privkey = crypto.load_privatekey(crypto.FILETYPE_PEM, privkey_pem)
+pubkey = crypto.load_publickey(crypto.FILETYPE_PEM, pubkey_pem)
+
+# New x509v3 certificate
+cert = crypto.X509()
+cert.set_version(0x2)
+
+# Serial number
+cert.set_serial_number(randint(1, 2 ** 64))
+
+# Before / After
+cert.gmtime_adj_notBefore(0)
+cert.gmtime_adj_notAfter(4 * (365 * 24 * 60 * 60))
+
+# Public key
+cert.set_pubkey(pubkey)
+
+# Subject name and issueer
+cert.get_subject().CN = "U2F emulated"
+cert.set_issuer(cert.get_subject())
+
+# Extensions
+cert.add_extensions([
+crypto.X509Extension(b"subjectKeyIdentifier",
+ False, b"hash", subject=cert),
+])
+cert.add_extensions([
+crypto.X509Extension(b"authorityKeyIdentifier",
+ False, b"keyid:always", issuer=cert),
+])
+cert.add_extensions([
+crypto.X509Extension(b"basicConstraints", True, b"CA:TRUE")
+])
+
+# Signature
+cert.sign(privkey, 'sha256')
+
+return crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
+
+
+def generate_setup_dir(dirpath: str) -> None:
+"""
+Generates the setup directory.
+
+Args:
+dirpath: The directory path.
+"""
+# Key pair
+privkey_pem, pubkey_pem = generate_ec_key_pair()
+
+# Certificate
+certificate_pem = generate_certificate(privkey_pem, pubkey_pem)
+
+# Entropy
+entropy = os.urandom(48)
+
+# Counter
+counter = 0
+
+# Write
+write_setup_dir(dirpath, privkey_pem, certificate_pem, entropy, counter)
+
+
+def main() -> None:
+"""
+Main function
+"""
+# Dir path
+if len(sys.argv) != 2:
+sys.stderr.write(f'Usage:
Re: [PATCH 00/13] Introduce USB U2F key device
On Wed, Aug 12, 2020 at 11:41:22AM +0200, César Belley wrote: > This patch series adds the U2F dedicated support to Qemu through a USB > U2F key device that can operate in two modes: pass-through and emulated. > > This work is also part of the GSoC program of this year and follows the > proposal I made for the 'Virtual FIDO2/U2F security key' subject, > suggested and mentored by by Gerd Hoffmann. > > U2F is an open authentication standard. It enables relying parties > exposed to the internet to offer a strong second factor option for end > user authentication. > > The standard brings many advantages to both parties, client and server, > allowing to reduce over-reliance on passwords, it increases > authentication security and simplifies passwords. > > The second factor is materialized by a device implementing the U2F > protocol. In case of a USB U2F security key, it is a USB HID device > that implements the U2F protocol. > > The USB U2F key device given in this patch series allows to add guest > U2F security keys via two possible modes: pass-through and emulated. > > The pass-through mode consists of passing all requests made from the > guest to the physical security key connected to the host machine and > vice versa. In addition, the dedicated pass-through allows to have a > U2F security key shared on several guests which is not possible with > a simple host device assignment pass-through. > > The emulated mode consists of completely emulating the behavior of an > U2F device through software part. Libu2f-emu is used for that. Reviewed & tested. Nice job. Queued up for merge, pull req goes out in a moment. Note there is a pending patch series converting the qemu build system to meson which very likely conflicts with the Makefile changes. So there is a chance that the series needs a rebase because of that. take care, Gerd
[PULL 13/17] docs/system: Add U2F key to the USB devices examples
From: César Belley
Signed-off-by: César Belley
Message-id: 20200812094135.20550-10-cesar.bel...@lse.epita.fr
Signed-off-by: Gerd Hoffmann
---
docs/system/usb.rst | 3 +++
1 file changed, 3 insertions(+)
diff --git a/docs/system/usb.rst b/docs/system/usb.rst
index ddfa828d74ae..9a2f1927c451 100644
--- a/docs/system/usb.rst
+++ b/docs/system/usb.rst
@@ -81,6 +81,9 @@ option or the ``device_add`` monitor command. Available
devices are:
``usb-audio``
USB audio device
+``u2f-{emulated,passthru}``
+ Universal Second Factor device
+
.. _host_005fusb_005fdevices:
Using host USB devices on a Linux host
--
2.18.4
[PULL 01/17] hw: xhci: check return value of 'usb_packet_map'
From: Li Qiang
Currently we don't check the return value of 'usb_packet_map',
this will cause an UAF issue. This is LP#1891341.
Following is the reproducer provided in:
-->https://bugs.launchpad.net/qemu/+bug/1891341
cat << EOF | ./i386-softmmu/qemu-system-i386 -device nec-usb-xhci \
-trace usb\* -device usb-audio -device usb-storage,drive=mydrive \
-drive id=mydrive,file=null-co://,size=2M,format=raw,if=none \
-nodefaults -nographic -qtest stdio
outl 0xcf8 0x80001016
outl 0xcfc 0x3c009f0d
outl 0xcf8 0x80001004
outl 0xcfc 0xc77695e
writel 0x9f0d0040 0x3655
writeq 0x9f0d2000 0xff2f9e00
write 0x1d 0x1 0x27
write 0x2d 0x1 0x2e
write 0x17232 0x1 0x03
write 0x17254 0x1 0x06
write 0x17278 0x1 0x34
write 0x3d 0x1 0x27
write 0x40 0x1 0x2e
write 0x41 0x1 0x72
write 0x42 0x1 0x01
write 0x4d 0x1 0x2e
write 0x4f 0x1 0x01
writeq 0x9f0d2000 0x5c051a01
write 0x34001d 0x1 0x13
write 0x340026 0x1 0x30
write 0x340028 0x1 0x08
write 0x34002c 0x1 0xfe
write 0x34002d 0x1 0x08
write 0x340037 0x1 0x5e
write 0x34003a 0x1 0x05
write 0x34003d 0x1 0x05
write 0x34004d 0x1 0x13
writeq 0x9f0d2000 0xff0001010049
EOF
This patch fixes this.
Buglink: https://bugs.launchpad.net/qemu/+bug/1891341
Reported-by: Alexander Bulekov
Signed-off-by: Li Qiang
Message-id: 20200812153139.15146-1-liq...@163.com
Signed-off-by: Gerd Hoffmann
---
hw/usb/hcd-xhci.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
index 67a18fe2b64c..46a2186d912a 100644
--- a/hw/usb/hcd-xhci.c
+++ b/hw/usb/hcd-xhci.c
@@ -1615,7 +1615,10 @@ static int xhci_setup_packet(XHCITransfer *xfer)
xhci_xfer_create_sgl(xfer, dir == USB_TOKEN_IN); /* Also sets int_req */
usb_packet_setup(>packet, dir, ep, xfer->streamid,
xfer->trbs[0].addr, false, xfer->int_req);
-usb_packet_map(>packet, >sgl);
+if (usb_packet_map(>packet, >sgl)) {
+qemu_sglist_destroy(>sgl);
+return -1;
+}
DPRINTF("xhci: setup packet pid 0x%x addr %d ep %d\n",
xfer->packet.pid, ep->dev->addr, ep->nr);
return 0;
--
2.18.4
[PULL 02/17] hw: ehci: destroy sglist in error path
From: Li Qiang
This may cause resource leak.
Signed-off-by: Li Qiang
Message-Id: <20200812161712.29361-1-liq...@163.com>
Signed-off-by: Gerd Hoffmann
---
hw/usb/hcd-ehci.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
index 1495e8f7fab1..58cceacbf83a 100644
--- a/hw/usb/hcd-ehci.c
+++ b/hw/usb/hcd-ehci.c
@@ -1445,6 +1445,7 @@ static int ehci_process_itd(EHCIState *ehci,
dev = ehci_find_device(ehci, devaddr);
if (dev == NULL) {
ehci_trace_guest_bug(ehci, "no device found");
+qemu_sglist_destroy(>isgl);
return -1;
}
pid = dir ? USB_TOKEN_IN : USB_TOKEN_OUT;
--
2.18.4
Re: [PATCH v2] audio/jack: fix use after free segfault
Hi, > > schedule a bottom half calling qjack_client_fini() > > Does QEMU have such a mechanism for doing this? Yes, look for QEMUBH in include/qemu/main-loop.h HTH, Gerd
Re: [PATCH v2] audio/jack: fix use after free segfault
On 2020-08-19 15:28, Geoffrey McRae wrote: On 2020-08-19 15:04, Gerd Hoffmann wrote: Hi, As JACK1 and JACK2 are interchangeable and JACK2 has "cleanup" routine that JACK1 does not have, we need to determine which version is in use at runtime. Unfortunatly there is no way to determine which is in use other then to look for symbols that are missing in JACK1, which in this case is `jack_get_version`. No. That'll quickly becomes a maintainance nightmare. How about moving the qjack_client_fini() call to qjack_shutdown()? Or, if that isn't an option due to qjack_shutdown being called from a signal handler, schedule a bottom half calling qjack_client_fini()? You are correct, you can not perform such actions in the callback. schedule a bottom half calling qjack_client_fini() Does QEMU have such a mechanism for doing this? There could also be a possible race here if `jack_client_connect` is called before the scheduled shutdown takes place. take care, Gerd
Re: [PATCH v2] audio/jack: fix use after free segfault
On 2020-08-19 15:04, Gerd Hoffmann wrote: Hi, As JACK1 and JACK2 are interchangeable and JACK2 has "cleanup" routine that JACK1 does not have, we need to determine which version is in use at runtime. Unfortunatly there is no way to determine which is in use other then to look for symbols that are missing in JACK1, which in this case is `jack_get_version`. No. That'll quickly becomes a maintainance nightmare. How about moving the qjack_client_fini() call to qjack_shutdown()? Or, if that isn't an option due to qjack_shutdown being called from a signal handler, schedule a bottom half calling qjack_client_fini()? You are correct, you can not perform such actions in the callback. schedule a bottom half calling qjack_client_fini() Does QEMU have such a mechanism for doing this? take care, Gerd
RE: device compatibility interface for live migration with assigned devices
> From: Jason Wang
> Sent: Wednesday, August 19, 2020 8:16 AM
> On 2020/8/18 下午5:32, Parav Pandit wrote:
> > Hi Jason,
> >
> > From: Jason Wang
> > Sent: Tuesday, August 18, 2020 2:32 PM
> >
> >
> > On 2020/8/18 下午4:55, Daniel P. Berrangé wrote:
> > On Tue, Aug 18, 2020 at 11:24:30AM +0800, Jason Wang wrote:
> > On 2020/8/14 下午1:16, Yan Zhao wrote:
> > On Thu, Aug 13, 2020 at 12:24:50PM +0800, Jason Wang wrote:
> > On 2020/8/10 下午3:46, Yan Zhao wrote:
> > driver is it handled by?
> > It looks that the devlink is for network device specific, and in
> > devlink.h, it says include/uapi/linux/devlink.h - Network physical
> > device Netlink interface, Actually not, I think there used to have
> > some discussion last year and the conclusion is to remove this
> > comment.
> >
> > [...]
> >
> >> Yes, but it could be hard. E.g vDPA will chose to use devlink (there's a
> >> long
> debate on sysfs vs devlink). So if we go with sysfs, at least two APIs needs
> to be
> supported ...
> > We had internal discussion and proposal on this topic.
> > I wanted Eli Cohen to be back from vacation on Wed 8/19, but since this is
> active discussion right now, I will share the thoughts anyway.
> >
> > Here are the initial round of thoughts and proposal.
> >
> > User requirements:
> > ---
> > 1. User might want to create one or more vdpa devices per PCI PF/VF/SF.
> > 2. User might want to create one or more vdpa devices of type net/blk or
> other type.
> > 3. User needs to look and dump at the health of the queues for debug
> > purpose.
> > 4. During vdpa net device creation time, user may have to provide a MAC
> address and/or VLAN.
> > 5. User should be able to set/query some of the attributes for
> > debug/compatibility check 6. When user wants to create vdpa device, it needs
> to know which device supports creation.
> > 7. User should be able to see the queue statistics of doorbells, wqes
> > etc regardless of class type
>
>
> Note that wqes is probably not something common in all of the vendors.
Yes. I virtq descriptors stats is better to monitor the virtqueues.
>
>
> >
> > To address above requirements, there is a need of vendor agnostic tool, so
> that user can create/config/delete vdpa device(s) regardless of the vendor.
> >
> > Hence,
> > We should have a tool that lets user do it.
> >
> > Examples:
> > -
> > (a) List parent devices which supports creating vdpa devices.
> > It also shows which class types supported by this parent device.
> > In below command two parent devices support vdpa device creation.
> > First is PCI VF whose bdf is 03.00:5.
> > Second is PCI SF whose name is mlx5_sf.1
> >
> > $ vdpa list pd
>
>
> What did "pd" mean?
>
Parent device which support creation of one or more vdpa devices.
In a system there can be multiple parent devices which may be support vdpa
creation.
User should be able to know which devices support it, and when user creates a
vdpa device, it tells which parent device to use for creation as done in below
vdpa dev add example.
>
> > pci/:03.00:5
> >class_supports
> > net vdpa
> > virtbus/mlx5_sf.1
>
>
> So creating mlx5_sf.1 is the charge of devlink?
>
Yes.
But here vdpa tool is working at the parent device identifier {bus+name}
instead of devlink identifier.
>
> >class_supports
> > net
> >
> > (b) Now add a vdpa device and show the device.
> > $ vdpa dev add pci/:03.00:5 type net
>
>
> So if you want to create devices types other than vdpa on
> pci/:03.00:5 it needs some synchronization with devlink?
Please refer to FAQ-1, a new tool is not linked to devlink because vdpa will
evolve with time and devlink will fall short.
So no, it doesn't need any synchronization with devlink.
As long as parent device exist, user can create it.
All synchronization will be within drivers/vdpa/vdpa.c
This user interface is exposed via new netlink family by doing
genl_register_family() with new name "vdpa" in drivers/vdpa/vdpa.c.
>
>
> > $ vdpa dev show
> > vdpa0@pci/:03.00:5 type net state inactive maxqueues 8 curqueues 4
> >
> > (c) vdpa dev show features vdpa0
> > iommu platform
> > version 1
> >
> > (d) dump vdpa statistics
> > $ vdpa dev stats show vdpa0
> > kickdoorbells 10
> > wqes 100
> >
> > (e) Now delete a vdpa device previously created.
> > $ vdpa dev del vdpa0
> >
> > Design overview:
> > ---
> > 1. Above example tool runs over netlink socket interface.
> > 2. This enables users to return meaningful error strings in addition to
> > code so
> that user can be more informed.
> > Often this is missing in ioctl()/configfs/sysfs interfaces.
> > 3. This tool over netlink enables syscaller tests to be more usable like
> > other
> subsystems to keep kernel robust
> > 4. This provides vendor agnostic view of all vdpa capable parent and vdpa
> devices.
> >
> > 5. Each driver which supports vdpa device creation, registers the parent
> > device
> along with supported
Re: [PATCH v3 1/1] audio/jack: fix use after free segfault
On 2020-08-19 14:46, Philippe Mathieu-Daudé wrote:
On 8/19/20 5:36 AM, Geoffrey McRae wrote:
On 2020-08-19 13:32, Philippe Mathieu-Daudé wrote:
Hi Geoffrey,
On 8/19/20 3:18 AM, Geoffrey McRae wrote:
The client may have been freed already by a secondary audio device
recovering its session as JACK2 has some cleanup code to work around
broken clients, which doesn't account for well behaved clients.
https://github.com/jackaudio/jack2/issues/627
As JACK1 and JACK2 are interchangeable and JACK2 has "cleanup"
routine
that JACK1 does not have, we need to determine which version is in
use
at runtime. Unfortunatly there is no way to determine which is in
use
other then to look for symbols that are missing in JACK1, which in
this
case is `jack_get_version`.
An issue has been raised over this, but to be compatible with older
versions we must use this method to determine which library is in
use.
If at some time the jack developers implement `jack_get_version` in
JACK1, this code will need to be revisited.
At worst the workaround will be enabled and this will introduce a
small
memory leak if the jack server is restarted. This however is better
then
the alternative which would be a use after free segfault.
Signed-off-by: Geoffrey McRae
---
audio/jackaudio.c | 37 -
configure | 4 +++-
2 files changed, 39 insertions(+), 2 deletions(-)
diff --git a/audio/jackaudio.c b/audio/jackaudio.c
index 72ed7c4929..d1685999c3 100644
--- a/audio/jackaudio.c
+++ b/audio/jackaudio.c
@@ -31,6 +31,7 @@
#define AUDIO_CAP "jack"
#include "audio_int.h"
+#include
#include
#include
@@ -84,6 +85,7 @@ typedef struct QJackIn {
}
QJackIn;
+static int QJackWorkaroundCloseBug;
static int qjack_client_init(QJackClient *c);
static void qjack_client_connect_ports(QJackClient *c);
static void qjack_client_fini(QJackClient *c);
@@ -563,7 +565,10 @@ static void qjack_client_fini(QJackClient *c)
/* fallthrough */
case QJACK_STATE_SHUTDOWN:
- jack_client_close(c->client);
+ if (!QJackWorkaroundCloseBug) {
+ jack_client_close(c->client);
+ }
+ c->client = NULL;
/* fallthrough */
case QJACK_STATE_DISCONNECTED:
@@ -662,6 +667,36 @@ static void qjack_info(const char *msg)
static void register_audio_jack(void)
{
+ void *handle;
+
+ /*
+ * As JACK1 and JACK2 are interchangeable and JACK2 has
"cleanup" routine
+ * that JACK1 does not have, we need to determine which version
is in use at
+ * runtime. Unfortunatly there is no way to determine which is
in use other
+ * then to look for symbols that are missing in JACK1, which in
this case is
+ * `jack_get_version`. An issue has been raised over this, but
to be
+ * compatible with older versions we must use this method to
determine which
+ * library is in use. If at some time the jack developers
implement
+ * `jack_get_version` in JACK1, this code will need to be
revisited.
+ *
+ * At worst the workaround will be enabled and we will
introduce
a small
+ * memory leak if the jack server is restarted. This is better
then the
+ * alternative which would be a use after free segfault.
+ */
+
+ handle = dlopen("libjack.so", RTLD_LAZY | RTLD_NOLOAD);
+ if (!handle) {
+ dolog("unable to open libjack.so to determine version\n");
+ dolog("assuming JACK2 and enabling the close bug
workaround\n");
+ QJackWorkaroundCloseBug = 1;
+ } else {
+ if (dlsym(handle, "jack_get_version")) {
+ dolog("JACK2 detected, enabling close bug
workaround\n");
+ QJackWorkaroundCloseBug = 1;
+ }
+ dlclose(handle);
+ }
+
audio_driver_register(_driver);
jack_set_thread_creator(qjack_thread_creator);
jack_set_error_function(qjack_error);
diff --git a/configure b/configure
index 2acc4d1465..43d2893fbb 100755
--- a/configure
+++ b/configure
@@ -3754,7 +3754,8 @@ for drv in $audio_drv_list; do
jack | try-jack)
if $pkg_config jack --exists; then
- jack_libs=$($pkg_config jack --libs)
+ # dl is needed to check at runtime if jack1 or jack2 is in
use
+ jack_libs="$($pkg_config jack --libs) -ldl"
if test "$drv" = "try-jack"; then
audio_drv_list=$(echo "$audio_drv_list" | sed -e
's/try-jack/jack/')
fi
Why not checking jack_get_version() using compile_prog here?
Thanks,
Phil.
Hi Phil,
Because the library can be swapped out after compile time as the
versions are ABI compatible by design.
IIUC in the GH issue you linked you describe a problem from v1.9.1
to v1.9.14. I see jack_get_version() is already available in v1.9.1:
https://github.com/jackaudio/jack2/blob/1.9.1/common/jack/jack.h#L55
Do not confuse 1.9.1 with JACK1, this project has very strange
versioning.
JACK1 uses the headers located here.
https://github.com/jackaudio/headers/blob/master/jack.h
Why would someone link
Re: [PATCH v2] audio/jack: fix use after free segfault
Hi, > As JACK1 and JACK2 are interchangeable and JACK2 has "cleanup" routine > that JACK1 does not have, we need to determine which version is in use > at runtime. Unfortunatly there is no way to determine which is in use > other then to look for symbols that are missing in JACK1, which in this > case is `jack_get_version`. No. That'll quickly becomes a maintainance nightmare. How about moving the qjack_client_fini() call to qjack_shutdown()? Or, if that isn't an option due to qjack_shutdown being called from a signal handler, schedule a bottom half calling qjack_client_fini()? take care, Gerd
Re: [PATCH v3 1/1] audio/jack: fix use after free segfault
On 8/19/20 5:36 AM, Geoffrey McRae wrote:
>
>
> On 2020-08-19 13:32, Philippe Mathieu-Daudé wrote:
>> Hi Geoffrey,
>>
>> On 8/19/20 3:18 AM, Geoffrey McRae wrote:
>>> The client may have been freed already by a secondary audio device
>>> recovering its session as JACK2 has some cleanup code to work around
>>> broken clients, which doesn't account for well behaved clients.
>>>
>>> https://github.com/jackaudio/jack2/issues/627
>>>
>>> As JACK1 and JACK2 are interchangeable and JACK2 has "cleanup" routine
>>> that JACK1 does not have, we need to determine which version is in use
>>> at runtime. Unfortunatly there is no way to determine which is in use
>>> other then to look for symbols that are missing in JACK1, which in this
>>> case is `jack_get_version`.
>>>
>>> An issue has been raised over this, but to be compatible with older
>>> versions we must use this method to determine which library is in use.
>>> If at some time the jack developers implement `jack_get_version` in
>>> JACK1, this code will need to be revisited.
>>>
>>> At worst the workaround will be enabled and this will introduce a small
>>> memory leak if the jack server is restarted. This however is better then
>>> the alternative which would be a use after free segfault.
>>>
>>> Signed-off-by: Geoffrey McRae
>>> ---
>>> audio/jackaudio.c | 37 -
>>> configure | 4 +++-
>>> 2 files changed, 39 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/audio/jackaudio.c b/audio/jackaudio.c
>>> index 72ed7c4929..d1685999c3 100644
>>> --- a/audio/jackaudio.c
>>> +++ b/audio/jackaudio.c
>>> @@ -31,6 +31,7 @@
>>> #define AUDIO_CAP "jack"
>>> #include "audio_int.h"
>>>
>>> +#include
>>> #include
>>> #include
>>>
>>> @@ -84,6 +85,7 @@ typedef struct QJackIn {
>>> }
>>> QJackIn;
>>>
>>> +static int QJackWorkaroundCloseBug;
>>> static int qjack_client_init(QJackClient *c);
>>> static void qjack_client_connect_ports(QJackClient *c);
>>> static void qjack_client_fini(QJackClient *c);
>>> @@ -563,7 +565,10 @@ static void qjack_client_fini(QJackClient *c)
>>> /* fallthrough */
>>>
>>> case QJACK_STATE_SHUTDOWN:
>>> - jack_client_close(c->client);
>>> + if (!QJackWorkaroundCloseBug) {
>>> + jack_client_close(c->client);
>>> + }
>>> + c->client = NULL;
>>> /* fallthrough */
>>>
>>> case QJACK_STATE_DISCONNECTED:
>>> @@ -662,6 +667,36 @@ static void qjack_info(const char *msg)
>>>
>>> static void register_audio_jack(void)
>>> {
>>> + void *handle;
>>> +
>>> + /*
>>> + * As JACK1 and JACK2 are interchangeable and JACK2 has
>>> "cleanup" routine
>>> + * that JACK1 does not have, we need to determine which version
>>> is in use at
>>> + * runtime. Unfortunatly there is no way to determine which is
>>> in use other
>>> + * then to look for symbols that are missing in JACK1, which in
>>> this case is
>>> + * `jack_get_version`. An issue has been raised over this, but
>>> to be
>>> + * compatible with older versions we must use this method to
>>> determine which
>>> + * library is in use. If at some time the jack developers implement
>>> + * `jack_get_version` in JACK1, this code will need to be
>>> revisited.
>>> + *
>>> + * At worst the workaround will be enabled and we will introduce
>>> a small
>>> + * memory leak if the jack server is restarted. This is better
>>> then the
>>> + * alternative which would be a use after free segfault.
>>> + */
>>> +
>>> + handle = dlopen("libjack.so", RTLD_LAZY | RTLD_NOLOAD);
>>> + if (!handle) {
>>> + dolog("unable to open libjack.so to determine version\n");
>>> + dolog("assuming JACK2 and enabling the close bug
>>> workaround\n");
>>> + QJackWorkaroundCloseBug = 1;
>>> + } else {
>>> + if (dlsym(handle, "jack_get_version")) {
>>> + dolog("JACK2 detected, enabling close bug workaround\n");
>>> + QJackWorkaroundCloseBug = 1;
>>> + }
>>> + dlclose(handle);
>>> + }
>>> +
>>> audio_driver_register(_driver);
>>> jack_set_thread_creator(qjack_thread_creator);
>>> jack_set_error_function(qjack_error);
>>> diff --git a/configure b/configure
>>> index 2acc4d1465..43d2893fbb 100755
>>> --- a/configure
>>> +++ b/configure
>>> @@ -3754,7 +3754,8 @@ for drv in $audio_drv_list; do
>>>
>>> jack | try-jack)
>>> if $pkg_config jack --exists; then
>>> - jack_libs=$($pkg_config jack --libs)
>>> + # dl is needed to check at runtime if jack1 or jack2 is in use
>>> + jack_libs="$($pkg_config jack --libs) -ldl"
>>> if test "$drv" = "try-jack"; then
>>> audio_drv_list=$(echo "$audio_drv_list" | sed -e
>>> 's/try-jack/jack/')
>>> fi
>>
>> Why not checking jack_get_version() using compile_prog here?
>>
>> Thanks,
>>
>> Phil.
>
> Hi Phil,
>
> Because the library can be swapped out after compile time as the
> versions are
Re: device compatibility interface for live migration with assigned devices
On Tue, Aug 18, 2020 at 09:39:24AM +, Parav Pandit wrote: > Hi Cornelia, > > > From: Cornelia Huck > > Sent: Tuesday, August 18, 2020 3:07 PM > > To: Daniel P. Berrangé > > Cc: Jason Wang ; Yan Zhao > > ; k...@vger.kernel.org; libvir-l...@redhat.com; > > qemu-devel@nongnu.org; Kirti Wankhede ; > > eau...@redhat.com; xin-ran.w...@intel.com; cor...@lwn.net; openstack- > > disc...@lists.openstack.org; shaohe.f...@intel.com; kevin.t...@intel.com; > > Parav Pandit ; jian-feng.d...@intel.com; > > dgilb...@redhat.com; zhen...@linux.intel.com; hejie...@intel.com; > > bao.yum...@zte.com.cn; Alex Williamson ; > > eskul...@redhat.com; smoo...@redhat.com; intel-gvt- > > d...@lists.freedesktop.org; Jiri Pirko ; > > dinec...@redhat.com; de...@ovirt.org > > Subject: Re: device compatibility interface for live migration with assigned > > devices > > > > On Tue, 18 Aug 2020 10:16:28 +0100 > > Daniel P. Berrangé wrote: > > > > > On Tue, Aug 18, 2020 at 05:01:51PM +0800, Jason Wang wrote: > > > >On 2020/8/18 下午4:55, Daniel P. Berrangé wrote: > > > > > > > > On Tue, Aug 18, 2020 at 11:24:30AM +0800, Jason Wang wrote: > > > > > > > > On 2020/8/14 下午1:16, Yan Zhao wrote: > > > > > > > > On Thu, Aug 13, 2020 at 12:24:50PM +0800, Jason Wang wrote: > > > > > > > > On 2020/8/10 下午3:46, Yan Zhao wrote: > > > > > > > we actually can also retrieve the same information through sysfs, > > > > .e.g > > > > > > > > |- [path to device] > > > > |--- migration > > > > | |--- self > > > > | | |---device_api > > > > || |---mdev_type > > > > || |---software_version > > > > || |---device_id > > > > || |---aggregator > > > > | |--- compatible > > > > | | |---device_api > > > > || |---mdev_type > > > > || |---software_version > > > > || |---device_id > > > > || |---aggregator > > > > > > > > > > > > Yes but: > > > > > > > > - You need one file per attribute (one syscall for one attribute) > > > > - Attribute is coupled with kobject > > > > Is that really that bad? You have the device with an embedded kobject > > anyway, and you can just put things into an attribute group? > > > > [Also, I think that self/compatible split in the example makes things > > needlessly complex. Shouldn't semantic versioning and matching already > > cover nearly everything? I would expect very few cases that are more > > complex than that. Maybe the aggregation stuff, but I don't think we need > > that self/compatible split for that, either.] > > > > > > > > > > All of above seems unnecessary. > > > > > > > > Another point, as we discussed in another thread, it's really hard > > > > to make sure the above API work for all types of devices and > > > > frameworks. So having a vendor specific API looks much better. > > > > > > > > From the POV of userspace mgmt apps doing device compat checking / > > > > migration, we certainly do NOT want to use different vendor > > > > specific APIs. We want to have an API that can be used / controlled in > > > > a > > standard manner across vendors. > > > > > > > >Yes, but it could be hard. E.g vDPA will chose to use devlink > > > > (there's a > > > >long debate on sysfs vs devlink). So if we go with sysfs, at least > > > > two > > > >APIs needs to be supported ... > > > > > > NB, I was not questioning devlink vs sysfs directly. If devlink is > > > related to netlink, I can't say I'm enthusiastic as IMKE sysfs is > > > easier to deal with. I don't know enough about devlink to have much of an > > opinion though. > > > The key point was that I don't want the userspace APIs we need to deal > > > with to be vendor specific. > > > > From what I've seen of devlink, it seems quite nice; but I understand why > > sysfs might be easier to deal with (especially as there's likely already a > > lot of > > code using it.) > > > > I understand that some users would like devlink because it is already widely > > used for network drivers (and some others), but I don't think the majority > > of > > devices used with vfio are network (although certainly a lot of them are.) > > > > > > > > What I care about is that we have a *standard* userspace API for > > > performing device compatibility checking / state migration, for use by > > > QEMU/libvirt/ OpenStack, such that we can write code without countless > > > vendor specific code paths. > > > > > > If there is vendor specific stuff on the side, that's fine as we can > > > ignore that, but the core functionality for device compat / migration > > > needs to be standardized. > > > > To summarize: > > - choose one of sysfs or devlink > > - have a common interface, with a standardized way to add > > vendor-specific attributes > > ? > > Please refer to my previous email which has more example and details. hi Parav, the example is based on a new vdpa tool running over netlink, not based on devlink, right? For vfio migration compatibility,
Re: [PATCH v3 1/1] audio/jack: fix use after free segfault
On 2020-08-19 13:32, Philippe Mathieu-Daudé wrote:
Hi Geoffrey,
On 8/19/20 3:18 AM, Geoffrey McRae wrote:
The client may have been freed already by a secondary audio device
recovering its session as JACK2 has some cleanup code to work around
broken clients, which doesn't account for well behaved clients.
https://github.com/jackaudio/jack2/issues/627
As JACK1 and JACK2 are interchangeable and JACK2 has "cleanup" routine
that JACK1 does not have, we need to determine which version is in use
at runtime. Unfortunatly there is no way to determine which is in use
other then to look for symbols that are missing in JACK1, which in
this
case is `jack_get_version`.
An issue has been raised over this, but to be compatible with older
versions we must use this method to determine which library is in use.
If at some time the jack developers implement `jack_get_version` in
JACK1, this code will need to be revisited.
At worst the workaround will be enabled and this will introduce a
small
memory leak if the jack server is restarted. This however is better
then
the alternative which would be a use after free segfault.
Signed-off-by: Geoffrey McRae
---
audio/jackaudio.c | 37 -
configure | 4 +++-
2 files changed, 39 insertions(+), 2 deletions(-)
diff --git a/audio/jackaudio.c b/audio/jackaudio.c
index 72ed7c4929..d1685999c3 100644
--- a/audio/jackaudio.c
+++ b/audio/jackaudio.c
@@ -31,6 +31,7 @@
#define AUDIO_CAP "jack"
#include "audio_int.h"
+#include
#include
#include
@@ -84,6 +85,7 @@ typedef struct QJackIn {
}
QJackIn;
+static int QJackWorkaroundCloseBug;
static int qjack_client_init(QJackClient *c);
static void qjack_client_connect_ports(QJackClient *c);
static void qjack_client_fini(QJackClient *c);
@@ -563,7 +565,10 @@ static void qjack_client_fini(QJackClient *c)
/* fallthrough */
case QJACK_STATE_SHUTDOWN:
-jack_client_close(c->client);
+if (!QJackWorkaroundCloseBug) {
+jack_client_close(c->client);
+}
+c->client = NULL;
/* fallthrough */
case QJACK_STATE_DISCONNECTED:
@@ -662,6 +667,36 @@ static void qjack_info(const char *msg)
static void register_audio_jack(void)
{
+void *handle;
+
+/*
+ * As JACK1 and JACK2 are interchangeable and JACK2 has "cleanup"
routine
+ * that JACK1 does not have, we need to determine which version
is in use at
+ * runtime. Unfortunatly there is no way to determine which is in
use other
+ * then to look for symbols that are missing in JACK1, which in
this case is
+ * `jack_get_version`. An issue has been raised over this, but to
be
+ * compatible with older versions we must use this method to
determine which
+ * library is in use. If at some time the jack developers
implement
+ * `jack_get_version` in JACK1, this code will need to be
revisited.
+ *
+ * At worst the workaround will be enabled and we will introduce
a small
+ * memory leak if the jack server is restarted. This is better
then the
+ * alternative which would be a use after free segfault.
+ */
+
+handle = dlopen("libjack.so", RTLD_LAZY | RTLD_NOLOAD);
+if (!handle) {
+dolog("unable to open libjack.so to determine version\n");
+dolog("assuming JACK2 and enabling the close bug
workaround\n");
+QJackWorkaroundCloseBug = 1;
+} else {
+if (dlsym(handle, "jack_get_version")) {
+dolog("JACK2 detected, enabling close bug workaround\n");
+QJackWorkaroundCloseBug = 1;
+}
+dlclose(handle);
+}
+
audio_driver_register(_driver);
jack_set_thread_creator(qjack_thread_creator);
jack_set_error_function(qjack_error);
diff --git a/configure b/configure
index 2acc4d1465..43d2893fbb 100755
--- a/configure
+++ b/configure
@@ -3754,7 +3754,8 @@ for drv in $audio_drv_list; do
jack | try-jack)
if $pkg_config jack --exists; then
-jack_libs=$($pkg_config jack --libs)
+# dl is needed to check at runtime if jack1 or jack2 is in
use
+jack_libs="$($pkg_config jack --libs) -ldl"
if test "$drv" = "try-jack"; then
audio_drv_list=$(echo "$audio_drv_list" | sed -e
's/try-jack/jack/')
fi
Why not checking jack_get_version() using compile_prog here?
Thanks,
Phil.
Hi Phil,
Because the library can be swapped out after compile time as the
versions are ABI compatible by design.
-Geoff
Re: [EXTERNAL] Re: [PATCH v2 0/3] testing: Build WHPX enabled binaries
On 8/18/20 11:20 PM, Sunil Muthuswamy wrote: It's still shameful that MS is forcing developers to waste time rewriting API headers, just because the MS legal departments are not able to understand the needs of Open Source development. >>> There has be a big switch from Microsoft toward Open Source, I attended >>> some of there talk at the Open Source Summit in 2018. Maybe we simply >>> haven't contacted the right persons to make the changes...? >> >> >> Maybe, but it is difficult to find the right person in a large company >> like MS, and legal departments are often somehow special. >> >> And yes, they learned that Open Source can help them for their business, >> too. >> >> Stefan > > Mike Battista is the program manager owner of the SDK license and should be > able to take/respond to any feedback about the SDK licensing for open source > projects (I have added him here). He has also been added to previous threads > about the licensing and is also included in this conversation: > https://bugs.launchpad.net/qemu/+bug/1879672 Hi Mike, thanks for helping us with this issue! And thanks a lot Sunil to bring Mike here :) > > - Sunil > >
Re: [PATCH v3 1/1] audio/jack: fix use after free segfault
Hi Geoffrey,
On 8/19/20 3:18 AM, Geoffrey McRae wrote:
> The client may have been freed already by a secondary audio device
> recovering its session as JACK2 has some cleanup code to work around
> broken clients, which doesn't account for well behaved clients.
>
> https://github.com/jackaudio/jack2/issues/627
>
> As JACK1 and JACK2 are interchangeable and JACK2 has "cleanup" routine
> that JACK1 does not have, we need to determine which version is in use
> at runtime. Unfortunatly there is no way to determine which is in use
> other then to look for symbols that are missing in JACK1, which in this
> case is `jack_get_version`.
>
> An issue has been raised over this, but to be compatible with older
> versions we must use this method to determine which library is in use.
> If at some time the jack developers implement `jack_get_version` in
> JACK1, this code will need to be revisited.
>
> At worst the workaround will be enabled and this will introduce a small
> memory leak if the jack server is restarted. This however is better then
> the alternative which would be a use after free segfault.
>
> Signed-off-by: Geoffrey McRae
> ---
> audio/jackaudio.c | 37 -
> configure | 4 +++-
> 2 files changed, 39 insertions(+), 2 deletions(-)
>
> diff --git a/audio/jackaudio.c b/audio/jackaudio.c
> index 72ed7c4929..d1685999c3 100644
> --- a/audio/jackaudio.c
> +++ b/audio/jackaudio.c
> @@ -31,6 +31,7 @@
> #define AUDIO_CAP "jack"
> #include "audio_int.h"
>
> +#include
> #include
> #include
>
> @@ -84,6 +85,7 @@ typedef struct QJackIn {
> }
> QJackIn;
>
> +static int QJackWorkaroundCloseBug;
> static int qjack_client_init(QJackClient *c);
> static void qjack_client_connect_ports(QJackClient *c);
> static void qjack_client_fini(QJackClient *c);
> @@ -563,7 +565,10 @@ static void qjack_client_fini(QJackClient *c)
> /* fallthrough */
>
> case QJACK_STATE_SHUTDOWN:
> -jack_client_close(c->client);
> +if (!QJackWorkaroundCloseBug) {
> +jack_client_close(c->client);
> +}
> +c->client = NULL;
> /* fallthrough */
>
> case QJACK_STATE_DISCONNECTED:
> @@ -662,6 +667,36 @@ static void qjack_info(const char *msg)
>
> static void register_audio_jack(void)
> {
> +void *handle;
> +
> +/*
> + * As JACK1 and JACK2 are interchangeable and JACK2 has "cleanup" routine
> + * that JACK1 does not have, we need to determine which version is in
> use at
> + * runtime. Unfortunatly there is no way to determine which is in use
> other
> + * then to look for symbols that are missing in JACK1, which in this
> case is
> + * `jack_get_version`. An issue has been raised over this, but to be
> + * compatible with older versions we must use this method to determine
> which
> + * library is in use. If at some time the jack developers implement
> + * `jack_get_version` in JACK1, this code will need to be revisited.
> + *
> + * At worst the workaround will be enabled and we will introduce a small
> + * memory leak if the jack server is restarted. This is better then the
> + * alternative which would be a use after free segfault.
> + */
> +
> +handle = dlopen("libjack.so", RTLD_LAZY | RTLD_NOLOAD);
> +if (!handle) {
> +dolog("unable to open libjack.so to determine version\n");
> +dolog("assuming JACK2 and enabling the close bug workaround\n");
> +QJackWorkaroundCloseBug = 1;
> +} else {
> +if (dlsym(handle, "jack_get_version")) {
> +dolog("JACK2 detected, enabling close bug workaround\n");
> +QJackWorkaroundCloseBug = 1;
> +}
> +dlclose(handle);
> +}
> +
> audio_driver_register(_driver);
> jack_set_thread_creator(qjack_thread_creator);
> jack_set_error_function(qjack_error);
> diff --git a/configure b/configure
> index 2acc4d1465..43d2893fbb 100755
> --- a/configure
> +++ b/configure
> @@ -3754,7 +3754,8 @@ for drv in $audio_drv_list; do
>
> jack | try-jack)
> if $pkg_config jack --exists; then
> -jack_libs=$($pkg_config jack --libs)
> +# dl is needed to check at runtime if jack1 or jack2 is in use
> +jack_libs="$($pkg_config jack --libs) -ldl"
> if test "$drv" = "try-jack"; then
> audio_drv_list=$(echo "$audio_drv_list" | sed -e
> 's/try-jack/jack/')
> fi
Why not checking jack_get_version() using compile_prog here?
Thanks,
Phil.
Re: [RFC PATCH v2 2/4] hw/i386/acpi-build: Add ACPI PCI hot-plug methods to q35
Hi Julia,
On 8/18/20 11:52 PM, Julia Suvorova wrote:
> Implement notifications and gpe to support q35 ACPI PCI hot-plug.
> Use 0xcc4 - 0xcd7 range for 'acpi-pci-hotplug' io ports.
>
> Signed-off-by: Julia Suvorova
> ---
> include/hw/acpi/pcihp.h | 3 ++-
> hw/acpi/pcihp.c | 10 ++
> hw/acpi/piix4.c | 2 +-
> hw/i386/acpi-build.c| 25 ++---
> 4 files changed, 23 insertions(+), 17 deletions(-)
>
> diff --git a/include/hw/acpi/pcihp.h b/include/hw/acpi/pcihp.h
> index 8bc4a4c01d..1e9d246f57 100644
> --- a/include/hw/acpi/pcihp.h
> +++ b/include/hw/acpi/pcihp.h
> @@ -54,7 +54,8 @@ typedef struct AcpiPciHpState {
> } AcpiPciHpState;
>
> void acpi_pcihp_init(Object *owner, AcpiPciHpState *, PCIBus *root,
> - MemoryRegion *address_space_io, bool bridges_enabled);
> + MemoryRegion *address_space_io, bool bridges_enabled,
> + bool is_piix4);
>
> void acpi_pcihp_device_pre_plug_cb(HotplugHandler *hotplug_dev,
> DeviceState *dev, Error **errp);
> diff --git a/hw/acpi/pcihp.c b/hw/acpi/pcihp.c
> index 9e31ab2da4..9a35ed6c83 100644
> --- a/hw/acpi/pcihp.c
> +++ b/hw/acpi/pcihp.c
> @@ -38,7 +38,8 @@
> #include "qom/qom-qobject.h"
> #include "trace.h"
>
> -#define ACPI_PCIHP_ADDR 0xae00
> +#define ACPI_PCIHP_ADDR_PIIX4 0xae00
> +#define ACPI_PCIHP_ADDR_Q35 0x0cc4
> #define ACPI_PCIHP_SIZE 0x0014
> #define PCI_UP_BASE 0x
> #define PCI_DOWN_BASE 0x0004
> @@ -359,12 +360,13 @@ static const MemoryRegionOps acpi_pcihp_io_ops = {
> };
>
> void acpi_pcihp_init(Object *owner, AcpiPciHpState *s, PCIBus *root_bus,
> - MemoryRegion *address_space_io, bool bridges_enabled)
> + MemoryRegion *address_space_io, bool bridges_enabled,
> + bool is_piix4)
Instead of adding implementation knowledge to this generic function, can
you instead pass it a 'io_base' argument (or 'pcihp_addr')?
> {
> s->io_len = ACPI_PCIHP_SIZE;
> -s->io_base = ACPI_PCIHP_ADDR;
> +s->io_base = is_piix4 ? ACPI_PCIHP_ADDR_PIIX4 : ACPI_PCIHP_ADDR_Q35;
>
> -s->root= root_bus;
> +s->root = root_bus;
> s->legacy_piix = !bridges_enabled;
>
> memory_region_init_io(>io, owner, _pcihp_io_ops, s,
> diff --git a/hw/acpi/piix4.c b/hw/acpi/piix4.c
> index cdfa0e2998..1f27bfbd06 100644
> --- a/hw/acpi/piix4.c
> +++ b/hw/acpi/piix4.c
> @@ -596,7 +596,7 @@ static void piix4_acpi_system_hot_add_init(MemoryRegion
> *parent,
> memory_region_add_subregion(parent, GPE_BASE, >io_gpe);
>
> acpi_pcihp_init(OBJECT(s), >acpi_pci_hotplug, bus, parent,
> -s->use_acpi_hotplug_bridge);
> +s->use_acpi_hotplug_bridge, true);
>
> s->cpu_hotplug_legacy = true;
> object_property_add_bool(OBJECT(s), "cpu-hotplug-legacy",
> diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
> index b7bc2a..f3cd52bd06 100644
> --- a/hw/i386/acpi-build.c
> +++ b/hw/i386/acpi-build.c
> @@ -201,10 +201,6 @@ static void acpi_get_pm_info(MachineState *machine,
> AcpiPmInfo *pm)
> /* w2k requires FADT(rev1) or it won't boot, keep PC compatible */
> pm->fadt.rev = 1;
> pm->cpu_hp_io_base = PIIX4_CPU_HOTPLUG_IO_BASE;
> -pm->pcihp_io_base =
> -object_property_get_uint(obj, ACPI_PCIHP_IO_BASE_PROP, NULL);
> -pm->pcihp_io_len =
> -object_property_get_uint(obj, ACPI_PCIHP_IO_LEN_PROP, NULL);
> }
> if (lpc) {
> struct AcpiGenericAddress r = { .space_id = AML_AS_SYSTEM_IO,
> @@ -214,6 +210,10 @@ static void acpi_get_pm_info(MachineState *machine,
> AcpiPmInfo *pm)
> pm->fadt.flags |= 1 << ACPI_FADT_F_RESET_REG_SUP;
> pm->cpu_hp_io_base = ICH9_CPU_HOTPLUG_IO_BASE;
> }
> +pm->pcihp_io_base =
> +object_property_get_uint(obj, ACPI_PCIHP_IO_BASE_PROP, NULL);
> +pm->pcihp_io_len =
> +object_property_get_uint(obj, ACPI_PCIHP_IO_LEN_PROP, NULL);
>
> /* The above need not be conditional on machine type because the reset
> port
> * happens to be the same on PIIX (pc) and ICH9 (q35). */
> @@ -472,7 +472,7 @@ static void build_append_pci_bus_devices(Aml
> *parent_scope, PCIBus *bus,
> QLIST_FOREACH(sec, >child, sibling) {
> int32_t devfn = sec->parent_dev->devfn;
>
> -if (pci_bus_is_root(sec) || pci_bus_is_express(sec)) {
> +if (pci_bus_is_root(sec)) {
Different patch?
> continue;
> }
>
> @@ -1368,7 +1368,7 @@ static void build_piix4_isa_bridge(Aml *table)
> aml_append(table, scope);
> }
>
> -static void build_piix4_pci_hotplug(Aml *table)
> +static void build_i386_pci_hotplug(Aml *table, uint64_t pcihp_addr)
Being common to 32/64-bit, I'd name that build_x86_pci_hotplug().
> {
> Aml *scope;
> Aml *field;
> @@ -1377,20 +1377,22 @@ static void
Re: [RFC PATCH v2 1/4] hw/acpi/ich9: Trace ich9_gpe_readb()/writeb()
On 8/18/20 11:52 PM, Julia Suvorova wrote:
> Add trace events similar to piix4_gpe_readb() to check gpe status.
>
> Signed-off-by: Julia Suvorova
> Reviewed-by: Igor Mammedov
> ---
> hw/acpi/ich9.c | 7 ++-
> hw/acpi/trace-events | 4
> 2 files changed, 10 insertions(+), 1 deletion(-)
>
> diff --git a/hw/acpi/ich9.c b/hw/acpi/ich9.c
> index 6a19070cec..a2a1742aa6 100644
> --- a/hw/acpi/ich9.c
> +++ b/hw/acpi/ich9.c
> @@ -36,6 +36,7 @@
> #include "hw/acpi/acpi.h"
> #include "hw/acpi/tco.h"
> #include "exec/address-spaces.h"
> +#include "trace.h"
>
> #include "hw/i386/ich9.h"
> #include "hw/mem/pc-dimm.h"
> @@ -59,13 +60,17 @@ static void ich9_pm_update_sci_fn(ACPIREGS *regs)
> static uint64_t ich9_gpe_readb(void *opaque, hwaddr addr, unsigned width)
> {
> ICH9LPCPMRegs *pm = opaque;
> -return acpi_gpe_ioport_readb(>acpi_regs, addr);
> +uint64_t val = acpi_gpe_ioport_readb(>acpi_regs, addr);
> +
> +trace_ich9_gpe_readb(addr, width, val);
> +return val;
> }
>
> static void ich9_gpe_writeb(void *opaque, hwaddr addr, uint64_t val,
> unsigned width)
> {
> ICH9LPCPMRegs *pm = opaque;
> +trace_ich9_gpe_writeb(addr, width, val);
> acpi_gpe_ioport_writeb(>acpi_regs, addr, val);
> acpi_update_sci(>acpi_regs, pm->irq);
> }
> diff --git a/hw/acpi/trace-events b/hw/acpi/trace-events
> index afbc77de1c..b9f4827afc 100644
> --- a/hw/acpi/trace-events
> +++ b/hw/acpi/trace-events
> @@ -32,6 +32,10 @@ cpuhp_acpi_ejecting_cpu(uint32_t idx) "0x%"PRIx32
> cpuhp_acpi_write_ost_ev(uint32_t slot, uint32_t ev) "idx[0x%"PRIx32"] OST
> EVENT: 0x%"PRIx32
> cpuhp_acpi_write_ost_status(uint32_t slot, uint32_t st) "idx[0x%"PRIx32"]
> OST STATUS: 0x%"PRIx32
>
> +# ich9.c
> +ich9_gpe_readb(uint64_t addr, unsigned width, uint64_t val) "addr: 0x%"
> PRIx64 " width: %d ==> 0x%" PRIx64
> +ich9_gpe_writeb(uint64_t addr, unsigned width, uint64_t val) "addr: 0x%"
> PRIx64 " width: %d <== 0x%" PRIx64
Nitpick, val could be uint8_t.
Otherwise:
Reviewed-by: Philippe Mathieu-Daudé
> +
> # pcihp.c
> acpi_pci_eject_slot(unsigned bsel, unsigned slot) "bsel: %u slot: %u"
> acpi_pci_unplug(int bsel, int slot) "bsel: %d slot: %d"
>
Re: [PATCH v5 8/8] target/s390x: Use start-powered-off CPUState property
On 8/19/20 4:42 AM, Thiago Jung Bauermann wrote: > Instead of setting CPUState::halted to 1 in s390_cpu_initfn(), use the > start-powered-off property which makes cpu_common_reset() initialize it > to 1 in common code. > > Note that this changes behavior by setting cs->halted to 1 on reset, which > didn't happen before. > > Acked-by: Cornelia Huck > Signed-off-by: Thiago Jung Bauermann Reviewed-by: Philippe Mathieu-Daudé > --- > target/s390x/cpu.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/target/s390x/cpu.c b/target/s390x/cpu.c > index 08eb674d22..73d7d6007e 100644 > --- a/target/s390x/cpu.c > +++ b/target/s390x/cpu.c > @@ -291,7 +291,7 @@ static void s390_cpu_initfn(Object *obj) > S390CPU *cpu = S390_CPU(obj); > > cpu_set_cpustate_pointers(cpu); > -cs->halted = 1; > +cs->start_powered_off = true; > cs->exception_index = EXCP_HLT; > #if !defined(CONFIG_USER_ONLY) > object_property_add(obj, "crash-information", "GuestPanicInformation", >
Re: [PATCH v5 7/8] sparc/sun4m: Use start-powered-off CPUState property
On 8/19/20 4:42 AM, Thiago Jung Bauermann wrote:
> Instead of setting CPUState::halted to 1 in secondary_cpu_reset(), use the
> start-powered-off property which makes cpu_common_reset() initialize it
> to 1 in common code.
>
> This makes secondary_cpu_reset() unnecessary, so remove it.
>
> Also remove setting of cs->halted from cpu_devinit(), which seems out of
> place when compared to similar code in other architectures (e.g.,
> ppce500_init() in hw/ppc/e500.c).
>
> Finally, change creation of CPU object from cpu_create() to object_new()
> and qdev_realize_and_unref() because cpu_create() realizes the CPU and it's
> not possible to set a property after the object is realized.
>
> Suggested-by: Philippe Mathieu-Daudé
> Signed-off-by: Thiago Jung Bauermann
> ---
> hw/sparc/sun4m.c | 21 +
> 1 file changed, 5 insertions(+), 16 deletions(-)
>
> diff --git a/hw/sparc/sun4m.c b/hw/sparc/sun4m.c
> index 22c51dac8a..1925f415e7 100644
> --- a/hw/sparc/sun4m.c
> +++ b/hw/sparc/sun4m.c
> @@ -218,15 +218,6 @@ static void dummy_cpu_set_irq(void *opaque, int irq, int
> level)
> {
> }
>
> -static void secondary_cpu_reset(void *opaque)
> -{
> -SPARCCPU *cpu = opaque;
> -CPUState *cs = CPU(cpu);
> -
> -cpu_reset(cs);
> -cs->halted = 1;
> -}
> -
> static void cpu_halt_signal(void *opaque, int irq, int level)
> {
> if (level && current_cpu) {
> @@ -810,21 +801,19 @@ static const TypeInfo ram_info = {
> static void cpu_devinit(const char *cpu_type, unsigned int id,
> uint64_t prom_addr, qemu_irq **cpu_irqs)
> {
> -CPUState *cs;
> SPARCCPU *cpu;
> CPUSPARCState *env;
>
> -cpu = SPARC_CPU(cpu_create(cpu_type));
> +cpu = SPARC_CPU(object_new(cpu_type));
> env = >env;
>
> cpu_sparc_set_id(env, id);
> -if (id != 0) {
> -qemu_register_reset(secondary_cpu_reset, cpu);
> -cs = CPU(cpu);
> -cs->halted = 1;
> -}
> +object_property_set_bool(OBJECT(cpu), "start-powered-off", id != 0,
> + _fatal);
Why not call here:
qdev_realize_and_unref(DEVICE(cpu), NULL, _fatal);
?
> *cpu_irqs = qemu_allocate_irqs(cpu_set_irq, cpu, MAX_PILS);
> env->prom_addr = prom_addr;
> +
> +qdev_realize_and_unref(DEVICE(cpu), NULL, _fatal);
> }
>
> static void dummy_fdc_tc(void *opaque, int irq, int level)
>
Re: [PATCH v5 6/8] sparc/sun4m: Remove main_cpu_reset()
On 8/19/20 4:42 AM, Thiago Jung Bauermann wrote:
> We rely on cpu_common_reset() to set cs->halted to 0, so main_cpu_reset()
> is pointless.
>
> Suggested-by: Philippe Mathieu-Daudé
> Reviewed-by: David Gibson
> Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Philippe Mathieu-Daudé
> ---
> hw/sparc/sun4m.c | 13 +
> 1 file changed, 1 insertion(+), 12 deletions(-)
>
> diff --git a/hw/sparc/sun4m.c b/hw/sparc/sun4m.c
> index cf7dfa4af5..22c51dac8a 100644
> --- a/hw/sparc/sun4m.c
> +++ b/hw/sparc/sun4m.c
> @@ -218,15 +218,6 @@ static void dummy_cpu_set_irq(void *opaque, int irq, int
> level)
> {
> }
>
> -static void main_cpu_reset(void *opaque)
> -{
> -SPARCCPU *cpu = opaque;
> -CPUState *cs = CPU(cpu);
> -
> -cpu_reset(cs);
> -cs->halted = 0;
> -}
> -
> static void secondary_cpu_reset(void *opaque)
> {
> SPARCCPU *cpu = opaque;
> @@ -827,9 +818,7 @@ static void cpu_devinit(const char *cpu_type, unsigned
> int id,
> env = >env;
>
> cpu_sparc_set_id(env, id);
> -if (id == 0) {
> -qemu_register_reset(main_cpu_reset, cpu);
> -} else {
> +if (id != 0) {
> qemu_register_reset(secondary_cpu_reset, cpu);
> cs = CPU(cpu);
> cs->halted = 1;
>
Re: [PATCH v5 5/8] mips/cps: Use start-powered-off CPUState property
On 8/19/20 4:42 AM, Thiago Jung Bauermann wrote:
> Instead of setting CPUState::halted to 1 in main_cpu_reset(), use the
> start-powered-off property which makes cpu_common_reset() initialize it
> to 1 in common code.
>
> Also change creation of CPU object from cpu_create() to object_new() and
> qdev_realize_and_unref() because cpu_create() realizes the CPU and it's not
> possible to set a property after the object is realized.
>
> Signed-off-by: Thiago Jung Bauermann
> ---
> hw/mips/cps.c | 14 ++
> 1 file changed, 10 insertions(+), 4 deletions(-)
>
> diff --git a/hw/mips/cps.c b/hw/mips/cps.c
> index 615e1a1ad2..4a98cf2287 100644
> --- a/hw/mips/cps.c
> +++ b/hw/mips/cps.c
> @@ -52,9 +52,6 @@ static void main_cpu_reset(void *opaque)
> CPUState *cs = CPU(cpu);
>
> cpu_reset(cs);
> -
> -/* All VPs are halted on reset. Leave powering up to CPC. */
> -cs->halted = 1;
> }
>
> static bool cpu_mips_itu_supported(CPUMIPSState *env)
> @@ -76,7 +73,7 @@ static void mips_cps_realize(DeviceState *dev, Error **errp)
> bool saar_present = false;
>
> for (i = 0; i < s->num_vp; i++) {
> -cpu = MIPS_CPU(cpu_create(s->cpu_type));
> +cpu = MIPS_CPU(object_new(s->cpu_type));
>
> /* Init internal devices */
> cpu_mips_irq_init_cpu(cpu);
> @@ -89,7 +86,16 @@ static void mips_cps_realize(DeviceState *dev, Error
> **errp)
> env->itc_tag = mips_itu_get_tag_region(>itu);
> env->itu = >itu;
> }
> +/* All VPs are halted on reset. Leave powering up to CPC. */
> +if (!object_property_set_bool(OBJECT(cpu), "start-powered-off", true,
> + errp)) {
> +return;
Ah, better :)
Reviewed-by: Philippe Mathieu-Daudé
> +}
> qemu_register_reset(main_cpu_reset, cpu);
> +
> +if (!qdev_realize_and_unref(DEVICE(cpu), NULL, errp)) {
> +return;
> +}
> }
>
> cpu = MIPS_CPU(first_cpu);
>
Re: [PATCH v5 4/8] ppc/e500: Use start-powered-off CPUState property
On 8/19/20 4:42 AM, Thiago Jung Bauermann wrote:
> Instead of setting CPUState::halted to 1 in ppce500_cpu_reset_sec(), use
> the start-powered-off property which makes cpu_common_reset() initialize it
> to 1 in common code.
>
> Also change creation of CPU object from cpu_create() to object_new() and
> qdev_realize_and_unref() because cpu_create() realizes the CPU and it's not
> possible to set a property after the object is realized.
>
> Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Philippe Mathieu-Daudé
> ---
> hw/ppc/e500.c | 14 ++
> 1 file changed, 10 insertions(+), 4 deletions(-)
>
> diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c
> index ab9884e315..d7b803ef26 100644
> --- a/hw/ppc/e500.c
> +++ b/hw/ppc/e500.c
> @@ -704,9 +704,6 @@ static void ppce500_cpu_reset_sec(void *opaque)
>
> cpu_reset(cs);
>
> -/* Secondary CPU starts in halted state for now. Needs to change when
> - implementing non-kernel boot. */
> -cs->halted = 1;
> cs->exception_index = EXCP_HLT;
> }
>
> @@ -865,7 +862,7 @@ void ppce500_init(MachineState *machine)
> CPUState *cs;
> qemu_irq *input;
>
> -cpu = POWERPC_CPU(cpu_create(machine->cpu_type));
> +cpu = POWERPC_CPU(object_new(machine->cpu_type));
> env = >env;
> cs = CPU(cpu);
>
> @@ -897,7 +894,16 @@ void ppce500_init(MachineState *machine)
> } else {
> /* Secondary CPUs */
> qemu_register_reset(ppce500_cpu_reset_sec, cpu);
> +
> +/*
> + * Secondary CPU starts in halted state for now. Needs to change
> + * when implementing non-kernel boot.
> + */
> +object_property_set_bool(OBJECT(cs), "start-powered-off", true,
> + _fatal);
> }
> +
> +qdev_realize_and_unref(DEVICE(cs), NULL, _fatal);
> }
>
> env = firstenv;
>
Re: device compatibility interface for live migration with assigned devices
On 2020/8/18 下午5:36, Cornelia Huck wrote: On Tue, 18 Aug 2020 10:16:28 +0100 Daniel P. Berrangé wrote: On Tue, Aug 18, 2020 at 05:01:51PM +0800, Jason Wang wrote: On 2020/8/18 下午4:55, Daniel P. Berrangé wrote: On Tue, Aug 18, 2020 at 11:24:30AM +0800, Jason Wang wrote: On 2020/8/14 下午1:16, Yan Zhao wrote: On Thu, Aug 13, 2020 at 12:24:50PM +0800, Jason Wang wrote: On 2020/8/10 下午3:46, Yan Zhao wrote: we actually can also retrieve the same information through sysfs, .e.g |- [path to device] |--- migration | |--- self | | |---device_api || |---mdev_type || |---software_version || |---device_id || |---aggregator | |--- compatible | | |---device_api || |---mdev_type || |---software_version || |---device_id || |---aggregator Yes but: - You need one file per attribute (one syscall for one attribute) - Attribute is coupled with kobject Is that really that bad? You have the device with an embedded kobject anyway, and you can just put things into an attribute group? Yes, but all of this could be done via devlink(netlink) as well with low overhead. [Also, I think that self/compatible split in the example makes things needlessly complex. Shouldn't semantic versioning and matching already cover nearly everything? That's my question as well. E.g for virtio, versioning may not even work, some of features are negotiated independently: Source features: A, B, C Dest features: A, B, C, E We just need to make sure the dest features is a superset of source then all set. I would expect very few cases that are more complex than that. Maybe the aggregation stuff, but I don't think we need that self/compatible split for that, either.] All of above seems unnecessary. Another point, as we discussed in another thread, it's really hard to make sure the above API work for all types of devices and frameworks. So having a vendor specific API looks much better. From the POV of userspace mgmt apps doing device compat checking / migration, we certainly do NOT want to use different vendor specific APIs. We want to have an API that can be used / controlled in a standard manner across vendors. Yes, but it could be hard. E.g vDPA will chose to use devlink (there's a long debate on sysfs vs devlink). So if we go with sysfs, at least two APIs needs to be supported ... NB, I was not questioning devlink vs sysfs directly. If devlink is related to netlink, I can't say I'm enthusiastic as IMKE sysfs is easier to deal with. I don't know enough about devlink to have much of an opinion though. The key point was that I don't want the userspace APIs we need to deal with to be vendor specific. From what I've seen of devlink, it seems quite nice; but I understand why sysfs might be easier to deal with (especially as there's likely already a lot of code using it.) I understand that some users would like devlink because it is already widely used for network drivers (and some others), but I don't think the majority of devices used with vfio are network (although certainly a lot of them are.) Note that though devlink could be popular only in network devices, netlink is widely used by a lot of subsystesm (e.g SCSI). Thanks What I care about is that we have a *standard* userspace API for performing device compatibility checking / state migration, for use by QEMU/libvirt/ OpenStack, such that we can write code without countless vendor specific code paths. If there is vendor specific stuff on the side, that's fine as we can ignore that, but the core functionality for device compat / migration needs to be standardized. To summarize: - choose one of sysfs or devlink - have a common interface, with a standardized way to add vendor-specific attributes ?
Re: device compatibility interface for live migration with assigned devices
On 2020/8/18 下午5:32, Parav Pandit wrote: Hi Jason, From: Jason Wang Sent: Tuesday, August 18, 2020 2:32 PM On 2020/8/18 下午4:55, Daniel P. Berrangé wrote: On Tue, Aug 18, 2020 at 11:24:30AM +0800, Jason Wang wrote: On 2020/8/14 下午1:16, Yan Zhao wrote: On Thu, Aug 13, 2020 at 12:24:50PM +0800, Jason Wang wrote: On 2020/8/10 下午3:46, Yan Zhao wrote: driver is it handled by? It looks that the devlink is for network device specific, and in devlink.h, it says include/uapi/linux/devlink.h - Network physical device Netlink interface, Actually not, I think there used to have some discussion last year and the conclusion is to remove this comment. [...] Yes, but it could be hard. E.g vDPA will chose to use devlink (there's a long debate on sysfs vs devlink). So if we go with sysfs, at least two APIs needs to be supported ... We had internal discussion and proposal on this topic. I wanted Eli Cohen to be back from vacation on Wed 8/19, but since this is active discussion right now, I will share the thoughts anyway. Here are the initial round of thoughts and proposal. User requirements: --- 1. User might want to create one or more vdpa devices per PCI PF/VF/SF. 2. User might want to create one or more vdpa devices of type net/blk or other type. 3. User needs to look and dump at the health of the queues for debug purpose. 4. During vdpa net device creation time, user may have to provide a MAC address and/or VLAN. 5. User should be able to set/query some of the attributes for debug/compatibility check 6. When user wants to create vdpa device, it needs to know which device supports creation. 7. User should be able to see the queue statistics of doorbells, wqes etc regardless of class type Note that wqes is probably not something common in all of the vendors. To address above requirements, there is a need of vendor agnostic tool, so that user can create/config/delete vdpa device(s) regardless of the vendor. Hence, We should have a tool that lets user do it. Examples: - (a) List parent devices which supports creating vdpa devices. It also shows which class types supported by this parent device. In below command two parent devices support vdpa device creation. First is PCI VF whose bdf is 03.00:5. Second is PCI SF whose name is mlx5_sf.1 $ vdpa list pd What did "pd" mean? pci/:03.00:5 class_supports net vdpa virtbus/mlx5_sf.1 So creating mlx5_sf.1 is the charge of devlink? class_supports net (b) Now add a vdpa device and show the device. $ vdpa dev add pci/:03.00:5 type net So if you want to create devices types other than vdpa on pci/:03.00:5 it needs some synchronization with devlink? $ vdpa dev show vdpa0@pci/:03.00:5 type net state inactive maxqueues 8 curqueues 4 (c) vdpa dev show features vdpa0 iommu platform version 1 (d) dump vdpa statistics $ vdpa dev stats show vdpa0 kickdoorbells 10 wqes 100 (e) Now delete a vdpa device previously created. $ vdpa dev del vdpa0 Design overview: --- 1. Above example tool runs over netlink socket interface. 2. This enables users to return meaningful error strings in addition to code so that user can be more informed. Often this is missing in ioctl()/configfs/sysfs interfaces. 3. This tool over netlink enables syscaller tests to be more usable like other subsystems to keep kernel robust 4. This provides vendor agnostic view of all vdpa capable parent and vdpa devices. 5. Each driver which supports vdpa device creation, registers the parent device along with supported classes. FAQs: 1. Why not using devlink? Ans: Because as vdpa echo system grows, devlink will fall short of extending vdpa specific params, attributes, stats. This should be fine but it's still not clear to me the difference between a vdpa netlink and a vdpa object in devlink. Thanks 2. Why not use sysfs? Ans: (a) Because running syscaller infrastructure can run well over netlink sockets like it runs for several subsystem. (b) it lacks the ability to return error messages. Doing via kernel log is just doesn't work. (c) Why not using some ioctl()? It will reinvent the wheel of netlink that has TLV formats for several attributes. 3. Why not configs? It follows same limitation as that of sysfs. Low level design and driver APIS: Will post once we discuss this further.
Re: [PATCH 01/41] pl1110: Rename PL1110 enum
Le mar. 18 août 2020 23:30, Eduardo Habkost a écrit :
> CCing maintainer (pmaydell).
>
> On Fri, Aug 14, 2020 at 07:45:40PM +0200, Philippe Mathieu-Daudé wrote:
> > On 8/14/20 12:25 AM, Eduardo Habkost wrote:
> > > The PL1110 enum value name will conflict with the PL1110 type
> > > cast checker, when we replace the existing macro with an inline
> > > function. Rename it to PL1110_STOCK.
> >
> > typo s/PL1110/PL110/ in subject and description.
>
> Thanks for spotting that! Will be fixed in v2.
>
> >
> > >
> > > Signed-off-by: Eduardo Habkost
> > > ---
> > > hw/display/pl110.c | 12 ++--
> > > 1 file changed, 6 insertions(+), 6 deletions(-)
> > >
> > > diff --git a/hw/display/pl110.c b/hw/display/pl110.c
> > > index c2991a28d2..4664fde3f2 100644
> > > --- a/hw/display/pl110.c
> > > +++ b/hw/display/pl110.c
> > > @@ -42,7 +42,7 @@ enum pl110_bppmode
> > > /* The Versatile/PB uses a slightly modified PL110 controller. */
> > > enum pl110_version
> > > {
> > > -PL110,
> > > +PL110_STOCK,
> > > PL110_VERSATILE,
> > > PL111
> >
> > For completeness I'd also rename PL111.
> >
> > What about:
> >
> > enum pl110_version
> > {
> > PL110_VERSION,
> > PL110_VERSATILE_VERSION,
> > PL111_VERSION
> > }
> >
> > ?
>
> That would work too, although I'm more used to enum values to
> have a common prefix instead of a common suffix.
>
> Any objections to:
>
> enum pl110_version
> {
> VERSION_PL110,
> VERSION_PL110_VERSATILE,
> VERSION_PL111
> }
>
> ?
>
Sounds good.
> --
> Eduardo
>
>
[PATCH v5 5/8] mips/cps: Use start-powered-off CPUState property
Instead of setting CPUState::halted to 1 in main_cpu_reset(), use the
start-powered-off property which makes cpu_common_reset() initialize it
to 1 in common code.
Also change creation of CPU object from cpu_create() to object_new() and
qdev_realize_and_unref() because cpu_create() realizes the CPU and it's not
possible to set a property after the object is realized.
Signed-off-by: Thiago Jung Bauermann
---
hw/mips/cps.c | 14 ++
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/hw/mips/cps.c b/hw/mips/cps.c
index 615e1a1ad2..4a98cf2287 100644
--- a/hw/mips/cps.c
+++ b/hw/mips/cps.c
@@ -52,9 +52,6 @@ static void main_cpu_reset(void *opaque)
CPUState *cs = CPU(cpu);
cpu_reset(cs);
-
-/* All VPs are halted on reset. Leave powering up to CPC. */
-cs->halted = 1;
}
static bool cpu_mips_itu_supported(CPUMIPSState *env)
@@ -76,7 +73,7 @@ static void mips_cps_realize(DeviceState *dev, Error **errp)
bool saar_present = false;
for (i = 0; i < s->num_vp; i++) {
-cpu = MIPS_CPU(cpu_create(s->cpu_type));
+cpu = MIPS_CPU(object_new(s->cpu_type));
/* Init internal devices */
cpu_mips_irq_init_cpu(cpu);
@@ -89,7 +86,16 @@ static void mips_cps_realize(DeviceState *dev, Error **errp)
env->itc_tag = mips_itu_get_tag_region(>itu);
env->itu = >itu;
}
+/* All VPs are halted on reset. Leave powering up to CPC. */
+if (!object_property_set_bool(OBJECT(cpu), "start-powered-off", true,
+ errp)) {
+return;
+}
qemu_register_reset(main_cpu_reset, cpu);
+
+if (!qdev_realize_and_unref(DEVICE(cpu), NULL, errp)) {
+return;
+}
}
cpu = MIPS_CPU(first_cpu);
[PATCH v5 7/8] sparc/sun4m: Use start-powered-off CPUState property
Instead of setting CPUState::halted to 1 in secondary_cpu_reset(), use the
start-powered-off property which makes cpu_common_reset() initialize it
to 1 in common code.
This makes secondary_cpu_reset() unnecessary, so remove it.
Also remove setting of cs->halted from cpu_devinit(), which seems out of
place when compared to similar code in other architectures (e.g.,
ppce500_init() in hw/ppc/e500.c).
Finally, change creation of CPU object from cpu_create() to object_new()
and qdev_realize_and_unref() because cpu_create() realizes the CPU and it's
not possible to set a property after the object is realized.
Suggested-by: Philippe Mathieu-Daudé
Signed-off-by: Thiago Jung Bauermann
---
hw/sparc/sun4m.c | 21 +
1 file changed, 5 insertions(+), 16 deletions(-)
diff --git a/hw/sparc/sun4m.c b/hw/sparc/sun4m.c
index 22c51dac8a..1925f415e7 100644
--- a/hw/sparc/sun4m.c
+++ b/hw/sparc/sun4m.c
@@ -218,15 +218,6 @@ static void dummy_cpu_set_irq(void *opaque, int irq, int
level)
{
}
-static void secondary_cpu_reset(void *opaque)
-{
-SPARCCPU *cpu = opaque;
-CPUState *cs = CPU(cpu);
-
-cpu_reset(cs);
-cs->halted = 1;
-}
-
static void cpu_halt_signal(void *opaque, int irq, int level)
{
if (level && current_cpu) {
@@ -810,21 +801,19 @@ static const TypeInfo ram_info = {
static void cpu_devinit(const char *cpu_type, unsigned int id,
uint64_t prom_addr, qemu_irq **cpu_irqs)
{
-CPUState *cs;
SPARCCPU *cpu;
CPUSPARCState *env;
-cpu = SPARC_CPU(cpu_create(cpu_type));
+cpu = SPARC_CPU(object_new(cpu_type));
env = >env;
cpu_sparc_set_id(env, id);
-if (id != 0) {
-qemu_register_reset(secondary_cpu_reset, cpu);
-cs = CPU(cpu);
-cs->halted = 1;
-}
+object_property_set_bool(OBJECT(cpu), "start-powered-off", id != 0,
+ _fatal);
*cpu_irqs = qemu_allocate_irqs(cpu_set_irq, cpu, MAX_PILS);
env->prom_addr = prom_addr;
+
+qdev_realize_and_unref(DEVICE(cpu), NULL, _fatal);
}
static void dummy_fdc_tc(void *opaque, int irq, int level)
[PATCH v5 6/8] sparc/sun4m: Remove main_cpu_reset()
We rely on cpu_common_reset() to set cs->halted to 0, so main_cpu_reset()
is pointless.
Suggested-by: Philippe Mathieu-Daudé
Reviewed-by: David Gibson
Signed-off-by: Thiago Jung Bauermann
---
hw/sparc/sun4m.c | 13 +
1 file changed, 1 insertion(+), 12 deletions(-)
diff --git a/hw/sparc/sun4m.c b/hw/sparc/sun4m.c
index cf7dfa4af5..22c51dac8a 100644
--- a/hw/sparc/sun4m.c
+++ b/hw/sparc/sun4m.c
@@ -218,15 +218,6 @@ static void dummy_cpu_set_irq(void *opaque, int irq, int
level)
{
}
-static void main_cpu_reset(void *opaque)
-{
-SPARCCPU *cpu = opaque;
-CPUState *cs = CPU(cpu);
-
-cpu_reset(cs);
-cs->halted = 0;
-}
-
static void secondary_cpu_reset(void *opaque)
{
SPARCCPU *cpu = opaque;
@@ -827,9 +818,7 @@ static void cpu_devinit(const char *cpu_type, unsigned int
id,
env = >env;
cpu_sparc_set_id(env, id);
-if (id == 0) {
-qemu_register_reset(main_cpu_reset, cpu);
-} else {
+if (id != 0) {
qemu_register_reset(secondary_cpu_reset, cpu);
cs = CPU(cpu);
cs->halted = 1;
[PATCH v5 4/8] ppc/e500: Use start-powered-off CPUState property
Instead of setting CPUState::halted to 1 in ppce500_cpu_reset_sec(), use
the start-powered-off property which makes cpu_common_reset() initialize it
to 1 in common code.
Also change creation of CPU object from cpu_create() to object_new() and
qdev_realize_and_unref() because cpu_create() realizes the CPU and it's not
possible to set a property after the object is realized.
Signed-off-by: Thiago Jung Bauermann
---
hw/ppc/e500.c | 14 ++
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c
index ab9884e315..d7b803ef26 100644
--- a/hw/ppc/e500.c
+++ b/hw/ppc/e500.c
@@ -704,9 +704,6 @@ static void ppce500_cpu_reset_sec(void *opaque)
cpu_reset(cs);
-/* Secondary CPU starts in halted state for now. Needs to change when
- implementing non-kernel boot. */
-cs->halted = 1;
cs->exception_index = EXCP_HLT;
}
@@ -865,7 +862,7 @@ void ppce500_init(MachineState *machine)
CPUState *cs;
qemu_irq *input;
-cpu = POWERPC_CPU(cpu_create(machine->cpu_type));
+cpu = POWERPC_CPU(object_new(machine->cpu_type));
env = >env;
cs = CPU(cpu);
@@ -897,7 +894,16 @@ void ppce500_init(MachineState *machine)
} else {
/* Secondary CPUs */
qemu_register_reset(ppce500_cpu_reset_sec, cpu);
+
+/*
+ * Secondary CPU starts in halted state for now. Needs to change
+ * when implementing non-kernel boot.
+ */
+object_property_set_bool(OBJECT(cs), "start-powered-off", true,
+ _fatal);
}
+
+qdev_realize_and_unref(DEVICE(cs), NULL, _fatal);
}
env = firstenv;
[PATCH v5 0/8] Generalize start-powered-off property from ARM
This version, like the previous one, tries to fix an issue found by David Gibson when running the Travis CI: Unexpected error in qdev_prop_set_after_realize() at /home/travis/build/dgibson/qemu/hw/core/qdev-properties.c:30: qemu-system-mips64el: Attempt to set property 'start-powered-off' on anonymous device (type 'I6400-mips64-cpu') after it was realized Broken pipe /home/travis/build/dgibson/qemu/tests/qtest/libqtest.c:175: kill_qemu() detected QEMU death from signal 6 (Aborted) (core dumped) Aborted (core dumped) ERROR qom-test - too few tests run (expected 8, got 0) /home/travis/build/dgibson/qemu/tests/Makefile.include:650: recipe for target 'check-qtest-mips64el' failed Philippe Mathieu-Daudé spotted the problem: > Good catch. hw/mips/cps.c, hw/ppc/e500.c and hw/sparc/sun4m.c are > incorrectly setting the property after the cpu is realized because > the cpu is created with cpu_create(). We need to create them with > object_initialize_child() and realize them manually with qdev_realize(). But I found very few examples of CPUs initialized with object_initialize_child() (e.g., atmega.c, rx62n.c, nrf51_soc.c) so instead of using object_initialize_child(), I replaced the call to cpu_create() with object_new() and a call to qdev_realize() shortly after the start-powered-off property is set. I thought this would be the more prudent change, keeping the code as close to the previous one as possible. I tried reproducing the Travis CI problem with `make docker-test-misc@debian-mips64el-cross` but I didn't succeed, so I'm not sure if this version solves the issue. Applies cleanly on dgibson/ppc-for-5.2. Original cover letter below, followed by changelog: The ARM code has a start-powered-off property in ARMCPU, which is a subclass of CPUState. This property causes arm_cpu_reset() to set CPUState::halted to 1, signalling that the CPU should start in a halted state. Other architectures also have code which aim to achieve the same effect, but without using a property. The ppc/spapr version has a bug where QEMU does a KVM_RUN on the vcpu before cs->halted is set to 1, causing the vcpu to run while it's still in an unitialized state (more details in patch 3). Peter Maydell mentioned the ARM start-powered-off property and Eduardo Habkost suggested making it generic, so this patch series does that, for all cases which I was able to find via grep in the code. The only problem is that I was only able to test these changes on a ppc64le pseries KVM guest, so except for patches 2 and 3, all others are only build-tested. Also, my grasp of QOM lifecycle is basically non-existant so please be aware of that when reviewing this series. The last patch may be wrong, as pointed out by Eduardo, so I marked it as RFC. It may make sense to drop it. Changes since v4: Patch "ppc/e500: Use start-powered-off CPUState property" Patch "sparc/sun4m: Use start-powered-off CPUState property" - Use qdev_realize_and_unref() instead of qdev_realize(), as suggested by Igor. - Pass _fatal to qdev_realize_and_unref() instead of manually reporting the error and exiting QEMU, as suggested by Philippe. - Changed object_property_set_bool() to use _fatal instead of _abort. Patch "mips/cps: Use start-powered-off CPUState property" - Use qdev_realize_and_unref() instead of qdev_realize(), as suggested by Igor. - Use existing errp argument to propagate error back to the caller, as suggested by Philippe. - Changed object_property_set_bool() to use existing errp argument to propagate error back to the caller instead of using _abort. Changes since v3: General: - Added David's, Greg's and Cornelia's Reviewed-by and Acked-by to some of the patches. - Rebased on top of dgibson/ppc-for-5.2. Patch "ppc/e500: Use start-powered-off CPUState property" Patch "mips/cps: Use start-powered-off CPUState property" Patch "sparc/sun4m: Use start-powered-off CPUState property" - Initialize CPU object with object_new() and qdev_realize() instead of cpu_create(). - Removed Reviewed-by's and Acked-by's from these patches because of these changes. Changes since v2: General: - Added Philippe's Reviewed-by to some of the patches. Patch "ppc/spapr: Use start-powered-off CPUState property" - Set the CPUState::start_powered_off variable directly rather than using object_property_set_bool(). Suggested by Philippe. Patch "sparc/sun4m: Remove main_cpu_reset()" - New patch. Suggested by Philippe. Patch "sparc/sun4m: Use start-powered-off CPUState property" - Remove secondary_cpu_reset(). Suggested by Philippe. - Remove setting of `cs->halted = 1` from cpu_devinit(). Suggested by Philippe. Patch "Don't set CPUState::halted in cpu_devinit()" - Squashed into previous patch. Suggested by Philippe. Patch "sparc/sun4m: Use one cpu_reset() function for main and secondary CPUs" - Dropped. Patch "target/s390x: Use start-powered-off CPUState property" - Set the CPUState::start_powered_off variable directly rather than using
[PATCH v5 1/8] target/arm: Move start-powered-off property to generic CPUState
There are other platforms which also have CPUs that start powered off, so
generalize the start-powered-off property so that it can be used by them.
Note that ARMv7MState also has a property of the same name but this patch
doesn't change it because that class isn't a subclass of CPUState so it
wouldn't be a trivial change.
This change should not cause any change in behavior.
Suggested-by: Eduardo Habkost
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: David Gibson
Reviewed-by: Greg Kurz
Signed-off-by: Thiago Jung Bauermann
---
exec.c| 1 +
include/hw/core/cpu.h | 4
target/arm/cpu.c | 5 ++---
target/arm/cpu.h | 3 ---
target/arm/kvm32.c| 2 +-
target/arm/kvm64.c| 2 +-
6 files changed, 9 insertions(+), 8 deletions(-)
diff --git a/exec.c b/exec.c
index 6f381f98e2..82e82fab09 100644
--- a/exec.c
+++ b/exec.c
@@ -899,6 +899,7 @@ Property cpu_common_props[] = {
DEFINE_PROP_LINK("memory", CPUState, memory, TYPE_MEMORY_REGION,
MemoryRegion *),
#endif
+DEFINE_PROP_BOOL("start-powered-off", CPUState, start_powered_off, false),
DEFINE_PROP_END_OF_LIST(),
};
diff --git a/include/hw/core/cpu.h b/include/hw/core/cpu.h
index 8f145733ce..9fc2696db5 100644
--- a/include/hw/core/cpu.h
+++ b/include/hw/core/cpu.h
@@ -374,6 +374,10 @@ struct CPUState {
bool created;
bool stop;
bool stopped;
+
+/* Should CPU start in powered-off state? */
+bool start_powered_off;
+
bool unplug;
bool crash_occurred;
bool exit_request;
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
index 111579554f..ec65c7653f 100644
--- a/target/arm/cpu.c
+++ b/target/arm/cpu.c
@@ -174,8 +174,8 @@ static void arm_cpu_reset(DeviceState *dev)
env->vfp.xregs[ARM_VFP_MVFR1] = cpu->isar.mvfr1;
env->vfp.xregs[ARM_VFP_MVFR2] = cpu->isar.mvfr2;
-cpu->power_state = cpu->start_powered_off ? PSCI_OFF : PSCI_ON;
-s->halted = cpu->start_powered_off;
+cpu->power_state = s->start_powered_off ? PSCI_OFF : PSCI_ON;
+s->halted = s->start_powered_off;
if (arm_feature(env, ARM_FEATURE_IWMMXT)) {
env->iwmmxt.cregs[ARM_IWMMXT_wCID] = 0x69051000 | 'Q';
@@ -2182,7 +2182,6 @@ static const ARMCPUInfo arm_cpus[] = {
};
static Property arm_cpu_properties[] = {
-DEFINE_PROP_BOOL("start-powered-off", ARMCPU, start_powered_off, false),
DEFINE_PROP_UINT32("psci-conduit", ARMCPU, psci_conduit, 0),
DEFINE_PROP_UINT64("midr", ARMCPU, midr, 0),
DEFINE_PROP_UINT64("mp-affinity", ARMCPU,
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index 9e8ed423ea..a925d26996 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -810,9 +810,6 @@ struct ARMCPU {
*/
uint32_t psci_version;
-/* Should CPU start in PSCI powered-off state? */
-bool start_powered_off;
-
/* Current power state, access guarded by BQL */
ARMPSCIState power_state;
diff --git a/target/arm/kvm32.c b/target/arm/kvm32.c
index 0af46b41c8..1f2b8f8b7a 100644
--- a/target/arm/kvm32.c
+++ b/target/arm/kvm32.c
@@ -218,7 +218,7 @@ int kvm_arch_init_vcpu(CPUState *cs)
/* Determine init features for this CPU */
memset(cpu->kvm_init_features, 0, sizeof(cpu->kvm_init_features));
-if (cpu->start_powered_off) {
+if (cs->start_powered_off) {
cpu->kvm_init_features[0] |= 1 << KVM_ARM_VCPU_POWER_OFF;
}
if (kvm_check_extension(cs->kvm_state, KVM_CAP_ARM_PSCI_0_2)) {
diff --git a/target/arm/kvm64.c b/target/arm/kvm64.c
index 1169237905..f8a6d905fb 100644
--- a/target/arm/kvm64.c
+++ b/target/arm/kvm64.c
@@ -775,7 +775,7 @@ int kvm_arch_init_vcpu(CPUState *cs)
/* Determine init features for this CPU */
memset(cpu->kvm_init_features, 0, sizeof(cpu->kvm_init_features));
-if (cpu->start_powered_off) {
+if (cs->start_powered_off) {
cpu->kvm_init_features[0] |= 1 << KVM_ARM_VCPU_POWER_OFF;
}
if (kvm_check_extension(cs->kvm_state, KVM_CAP_ARM_PSCI_0_2)) {
[PATCH v5 8/8] target/s390x: Use start-powered-off CPUState property
Instead of setting CPUState::halted to 1 in s390_cpu_initfn(), use the start-powered-off property which makes cpu_common_reset() initialize it to 1 in common code. Note that this changes behavior by setting cs->halted to 1 on reset, which didn't happen before. Acked-by: Cornelia Huck Signed-off-by: Thiago Jung Bauermann --- target/s390x/cpu.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target/s390x/cpu.c b/target/s390x/cpu.c index 08eb674d22..73d7d6007e 100644 --- a/target/s390x/cpu.c +++ b/target/s390x/cpu.c @@ -291,7 +291,7 @@ static void s390_cpu_initfn(Object *obj) S390CPU *cpu = S390_CPU(obj); cpu_set_cpustate_pointers(cpu); -cs->halted = 1; +cs->start_powered_off = true; cs->exception_index = EXCP_HLT; #if !defined(CONFIG_USER_ONLY) object_property_add(obj, "crash-information", "GuestPanicInformation",
[PATCH v5 2/8] target/arm: Move setting of CPU halted state to generic code
This change is in a separate patch because it's not so obvious that it
won't cause a regression.
Suggested-by: Eduardo Habkost
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: David Gibson
Reviewed-by: Greg Kurz
Signed-off-by: Thiago Jung Bauermann
---
hw/core/cpu.c| 2 +-
target/arm/cpu.c | 1 -
2 files changed, 1 insertion(+), 2 deletions(-)
diff --git a/hw/core/cpu.c b/hw/core/cpu.c
index 594441a150..71bb7859f1 100644
--- a/hw/core/cpu.c
+++ b/hw/core/cpu.c
@@ -258,7 +258,7 @@ static void cpu_common_reset(DeviceState *dev)
}
cpu->interrupt_request = 0;
-cpu->halted = 0;
+cpu->halted = cpu->start_powered_off;
cpu->mem_io_pc = 0;
cpu->icount_extra = 0;
atomic_set(>icount_decr_ptr->u32, 0);
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
index ec65c7653f..b6c65e4df6 100644
--- a/target/arm/cpu.c
+++ b/target/arm/cpu.c
@@ -175,7 +175,6 @@ static void arm_cpu_reset(DeviceState *dev)
env->vfp.xregs[ARM_VFP_MVFR2] = cpu->isar.mvfr2;
cpu->power_state = s->start_powered_off ? PSCI_OFF : PSCI_ON;
-s->halted = s->start_powered_off;
if (arm_feature(env, ARM_FEATURE_IWMMXT)) {
env->iwmmxt.cregs[ARM_IWMMXT_wCID] = 0x69051000 | 'Q';
[PATCH v5 3/8] ppc/spapr: Use start-powered-off CPUState property
PowerPC sPAPR CPUs start in the halted state, and spapr_reset_vcpu()
attempts to implement this by setting CPUState::halted to 1. But that's too
late for the case of hotplugged CPUs in a machine configure with 2 or more
threads per core.
By then, other parts of QEMU have already caused the vCPU to run in an
unitialized state a couple of times. For example, ppc_cpu_reset() calls
ppc_tlb_invalidate_all(), which ends up calling async_run_on_cpu(). This
kicks the new vCPU while it has CPUState::halted = 0, causing QEMU to issue
a KVM_RUN ioctl on the new vCPU before the guest is able to make the
start-cpu RTAS call to initialize its register state.
This problem doesn't seem to cause visible issues for regular guests, but
on a secure guest running under the Ultravisor it does. The Ultravisor
relies on being able to snoop on the start-cpu RTAS call to map vCPUs to
guests, and this issue causes it to see a stray vCPU that doesn't belong to
any guest.
Fix by setting the start-powered-off CPUState property in
spapr_create_vcpu(), which makes cpu_common_reset() initialize
CPUState::halted to 1 at an earlier moment.
Suggested-by: Eduardo Habkost
Acked-by: David Gibson
Reviewed-by: Greg Kurz
Signed-off-by: Thiago Jung Bauermann
---
hw/ppc/spapr_cpu_core.c | 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/hw/ppc/spapr_cpu_core.c b/hw/ppc/spapr_cpu_core.c
index c4f47dcc04..2125fdac34 100644
--- a/hw/ppc/spapr_cpu_core.c
+++ b/hw/ppc/spapr_cpu_core.c
@@ -36,11 +36,6 @@ static void spapr_reset_vcpu(PowerPCCPU *cpu)
cpu_reset(cs);
-/* All CPUs start halted. CPU0 is unhalted from the machine level
- * reset code and the rest are explicitly started up by the guest
- * using an RTAS call */
-cs->halted = 1;
-
env->spr[SPR_HIOR] = 0;
lpcr = env->spr[SPR_LPCR];
@@ -274,6 +269,11 @@ static PowerPCCPU *spapr_create_vcpu(SpaprCpuCore *sc, int
i, Error **errp)
cs = CPU(obj);
cpu = POWERPC_CPU(obj);
+/*
+ * All CPUs start halted. CPU0 is unhalted from the machine level reset
code
+ * and the rest are explicitly started up by the guest using an RTAS call.
+ */
+cs->start_powered_off = true;
cs->cpu_index = cc->core_id + i;
spapr_set_vcpu_id(cpu, cs->cpu_index, _err);
if (local_err) {
Re: device compatibility interface for live migration with assigned devices
On 2020/8/18 下午5:16, Daniel P. Berrangé wrote: Your mail came through as HTML-only so all the quoting and attribution is mangled / lost now :-( My bad, sorry. On Tue, Aug 18, 2020 at 05:01:51PM +0800, Jason Wang wrote: On 2020/8/18 下午4:55, Daniel P. Berrangé wrote: On Tue, Aug 18, 2020 at 11:24:30AM +0800, Jason Wang wrote: On 2020/8/14 下午1:16, Yan Zhao wrote: On Thu, Aug 13, 2020 at 12:24:50PM +0800, Jason Wang wrote: On 2020/8/10 下午3:46, Yan Zhao wrote: we actually can also retrieve the same information through sysfs, .e.g |- [path to device] |--- migration | |--- self | | |---device_api || |---mdev_type || |---software_version || |---device_id || |---aggregator | |--- compatible | | |---device_api || |---mdev_type || |---software_version || |---device_id || |---aggregator Yes but: - You need one file per attribute (one syscall for one attribute) - Attribute is coupled with kobject All of above seems unnecessary. Another point, as we discussed in another thread, it's really hard to make sure the above API work for all types of devices and frameworks. So having a vendor specific API looks much better. From the POV of userspace mgmt apps doing device compat checking / migration, we certainly do NOT want to use different vendor specific APIs. We want to have an API that can be used / controlled in a standard manner across vendors. Yes, but it could be hard. E.g vDPA will chose to use devlink (there's a long debate on sysfs vs devlink). So if we go with sysfs, at least two APIs needs to be supported ... NB, I was not questioning devlink vs sysfs directly. If devlink is related to netlink, I can't say I'm enthusiastic as IMKE sysfs is easier to deal with. I don't know enough about devlink to have much of an opinion though. The key point was that I don't want the userspace APIs we need to deal with to be vendor specific. What I care about is that we have a *standard* userspace API for performing device compatibility checking / state migration, for use by QEMU/libvirt/ OpenStack, such that we can write code without countless vendor specific code paths. If there is vendor specific stuff on the side, that's fine as we can ignore that, but the core functionality for device compat / migration needs to be standardized. Ok, I agree with you. Thanks Regards, Daniel
[Bug 1890545] Re: (ARM64) qemu-x86_64+schroot(Debian bullseye) can't run chrome and can't load HTML
This is where the error occurred: (gdb) x/30i 0x40007ff2c0 0x40007ff2c0:xor%al,%dh 0x40007ff2c2:(bad) 0x40007ff2c3:add%al,(%rax) 0x40007ff2c5:add%al,(%rax) 0x40007ff2c7:add%ch,0x0(%rbp) 0x40007ff2cd:add%al,(%rax) 0x40007ff2cf:add%dl,0x62d7(%rax) 0x40007ff2d5:add%al,(%rax) 0x40007ff2d7:add%cl,-0x16(%rdx) 0x40007ff2da:test %ecx,(%rdx) 0x40007ff2dc:add%al,(%rax) 0x40007ff2df:add%al,(%rcx) 0x40007ff2e1:repz jg 0x40007ff2e4 0x40007ff2e4:add%al,(%rax) 0x40007ff2e7:add%bl,-0xd(%rax) 0x40007ff2ea:jg 0x40007ff2ec 0x40007ff2ec:add%al,(%rax) 0x40007ff2ef:add%bl,-0xd(%rax) 0x40007ff2f2:jg 0x40007ff2f4 0x40007ff2f4:add%al,(%rax) 0x40007ff2f7:add%dh,(%rax) 0x40007ff2f9:repz jg 0x40007ff2fc 0x40007ff2fc:add%al,(%rax) (bad)?? What's it mean? -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1890545 Title: (ARM64) qemu-x86_64+schroot(Debian bullseye) can't run chrome and can't load HTML Status in QEMU: New Bug description: First I creat a file system that is debian(bullseye amd64)on arm64 machine,then I download google-chrome,however, when I ran Google browser, some errors occurred. $ google-chrome --no-sandbox or $ qemu-x86_64-static google-chrome --no-sandbox qemu: uncaught target signal 5 (Trace/breakpoint trap) - core dumped qemu: uncaught target signal 5 (Trace/breakpoint trap) - core dumped [1661:1661:0806/074307.502638:ERROR:nacl_fork_delegate_linux.cc(323)] Bad NaCl helper startup ack (0 bytes) [1664:1664:0806/074307.504159:ERROR:nacl_fork_delegate_linux.cc(323)] Bad NaCl helper startup ack (0 bytes) qemu: uncaught target signal 5 (Trace/breakpoint trap) - core dumped qemu: uncaught target signal 5 (Trace/breakpoint trap) - core dumped [1637:1678:0806/074308.337567:ERROR:file_path_watcher_linux.cc(315)] inotify_init() failed: Function not implemented (38) Fontconfig warning: "/etc/fonts/fonts.conf", line 100: unknown element "blank" qemu: unknown option 'type=utility' [1637:1680:0806/074313.598432:FATAL:gpu_data_manager_impl_private.cc(439)] GPU process isn't usable. Goodbye. qemu: uncaught target signal 5 (Trace/breakpoint trap) - core dumped Trace/breakpoint trap Why? And then I run firefox,it can be opened, but it can't load any web pages and HTML. I really need help! Thank. To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1890545/+subscriptions
Re: [PULL 147/150] meson: convert po/
On 8/18/2020 10:10 AM, Paolo Bonzini wrote:
From: Marc-André Lureau
Meson warns if xgettext is not found. In the future we may want to add
a required argument to i18n.gettext(); in the meanwhile, I am adding a
--enable-gettext/--disable-gettext option and feature detection in
configure. This preserves QEMU's default behavior of detecting system
features, without any warning, if neither --enable-* nor --disable-*
is requested.
Signed-off-by: Marc-André Lureau
Signed-off-by: Paolo Bonzini
---
Makefile | 5 +---
configure | 21 +-
meson.build | 3 ++
meson_options.txt | 1 +
po/LINGUAS| 8 +
po/Makefile | 52 -
po/POTFILES | 1 +
po/meson.build| 7 +
po/messages.po| 74 ---
tests/vm/freebsd | 1 +
tests/vm/netbsd | 1 +
tests/vm/openbsd | 1 +
12 files changed, 44 insertions(+), 131 deletions(-)
create mode 100644 po/LINGUAS
delete mode 100644 po/Makefile
create mode 100644 po/POTFILES
create mode 100644 po/meson.build
delete mode 100644 po/messages.po
diff --git a/Makefile b/Makefile
index bbb27f7981..8ba5990504 100644
--- a/Makefile
+++ b/Makefile
@@ -210,7 +210,7 @@ distclean: clean ninja-distclean
rm -f config-host.mak config-host.h*
rm -f tests/tcg/config-*.mak
rm -f config-all-disas.mak config.status
- rm -f po/*.mo tests/qemu-iotests/common.env
+ rm -f tests/qemu-iotests/common.env
rm -f roms/seabios/config.mak roms/vgabios/config.mak
rm -f qemu-plugins-ld.symbols qemu-plugins-ld64.symbols
rm -f *-config-target.h *-config-devices.mak *-config-devices.h
@@ -288,9 +288,6 @@ endif
mkdir -p "$(DESTDIR)$(qemu_desktopdir)"
$(INSTALL_DATA) $(SRC_PATH)/ui/qemu.desktop \
"$(DESTDIR)$(qemu_desktopdir)/qemu.desktop"
-ifdef CONFIG_GTK
- $(MAKE) -C po $@
-endif
$(INSTALL_DIR) "$(DESTDIR)$(qemu_datadir)/keymaps"
set -e; for x in $(KEYMAPS); do \
$(INSTALL_DATA) $(SRC_PATH)/pc-bios/keymaps/$$x
"$(DESTDIR)$(qemu_datadir)/keymaps"; \
diff --git a/configure b/configure
index 86f384be29..0167822204 100755
--- a/configure
+++ b/configure
@@ -522,6 +522,7 @@ rng_none="no"
secret_keyring=""
libdaxctl=""
meson=""
+gettext=""
bogus_os="no"
malloc_trim=""
@@ -1112,6 +1113,10 @@ for opt do
;;
--enable-vnc) vnc="enabled"
;;
+ --disable-gettext) gettext="false"
+ ;;
+ --enable-gettext) gettext="true"
+ ;;
--oss-lib=*) oss_lib="$optarg"
;;
--audio-drv-list=*) audio_drv_list="$optarg"
@@ -2983,6 +2988,19 @@ if test "$whpx" != "no" ; then
fi
fi
+##
+# gettext probe
+if test "$gettext" != "false" ; then
+ if has xgettext; then
+gettext=true
+ else
+if test "$gettext" = "true" ; then
+ feature_not_found "gettext" "Install xgettext binary"
+fi
+gettext=false
+ fi
+fi
+
##
# Sparse probe
if test "$sparse" != "no" ; then
@@ -8047,7 +8065,7 @@ DIRS="$DIRS docs docs/interop fsdev scsi"
DIRS="$DIRS pc-bios/optionrom pc-bios/s390-ccw"
DIRS="$DIRS roms/seabios"
LINKS="Makefile"
-LINKS="$LINKS tests/tcg/lm32/Makefile po/Makefile"
+LINKS="$LINKS tests/tcg/lm32/Makefile"
LINKS="$LINKS tests/tcg/Makefile.target"
LINKS="$LINKS pc-bios/optionrom/Makefile pc-bios/keymaps"
LINKS="$LINKS pc-bios/s390-ccw/Makefile"
@@ -8179,6 +8197,7 @@ NINJA=$PWD/ninjatool $meson setup \
-Db_coverage=$(if test "$gcov" = yes; then echo true; else echo
false; fi) \
-Dsdl=$sdl -Dsdl_image=$sdl_image \
-Dvnc=$vnc -Dvnc_sasl=$vnc_sasl -Dvnc_jpeg=$vnc_jpeg -Dvnc_png=$vnc_png
\
+ -Dgettext=$gettext \
$cross_arg \
"$PWD" "$source_path"
diff --git a/meson.build b/meson.build
index afe684cbad..57cfa8723d 100644
--- a/meson.build
+++ b/meson.build
@@ -1108,6 +1108,9 @@ subdir('tools')
subdir('pc-bios')
subdir('tests')
subdir('docs')
+if 'CONFIG_GTK' in config_host
+ subdir('po')
+endif
if build_docs
makeinfo = find_program('makeinfo', required: build_docs)
diff --git a/meson_options.txt b/meson_options.txt
index 67455c57bc..e5f45243ce 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -1,3 +1,4 @@
+option('gettext', type : 'boolean', value : true)
option('sdl', type : 'feature', value : 'auto')
option('sdl_image', type : 'feature', value : 'auto')
option('vnc', type : 'feature', value : 'enabled')
diff --git a/po/LINGUAS b/po/LINGUAS
new file mode 100644
index 00..cc4b5c3b36
--- /dev/null
+++ b/po/LINGUAS
@@ -0,0 +1,8 @@
+bg
+de_DE
+fr_FR
+hu
+it
+sv
+tr
+zh_CN
diff --git a/po/Makefile b/po/Makefile
deleted file mode 100644
index c041f4c858..00
--- a/po/Makefile
+++ /dev/null
@@ -1,52 +0,0 @@
-# This makefile is very special as it's meant to build as part of the build
-# process and
[PATCH v2] qemu-img: Explicit number replaced by a constant
Signed-off-by: Yi Li
---
qemu-img.c | 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/qemu-img.c b/qemu-img.c
index 5308773811..aa2e31c8ae 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -1200,10 +1200,10 @@ static int is_allocated_sectors(const uint8_t *buf, int
n, int *pnum,
*pnum = 0;
return 0;
}
-is_zero = buffer_is_zero(buf, 512);
+is_zero = buffer_is_zero(buf, BDRV_SECTOR_SIZE);
for(i = 1; i < n; i++) {
-buf += 512;
-if (is_zero != buffer_is_zero(buf, 512)) {
+buf += BDRV_SECTOR_SIZE;
+if (is_zero != buffer_is_zero(buf, BDRV_SECTOR_SIZE)) {
break;
}
}
@@ -2489,8 +2489,8 @@ static int img_convert(int argc, char **argv)
}
}
-qemu_opt_set_number(opts, BLOCK_OPT_SIZE, s.total_sectors * 512,
-_abort);
+qemu_opt_set_number(opts, BLOCK_OPT_SIZE,
+s.total_sectors * BDRV_SECTOR_SIZE, _abort);
ret = add_old_style_options(out_fmt, opts, out_baseimg, NULL);
if (ret < 0) {
goto out;
--
2.25.3
Re: [PATCH 00/18] hw/riscv: Add Microchip PolarFire SoC Icicle Kit board support
On Tue, Aug 18, 2020 at 9:55 PM Anup Patel wrote: > > On Tue, Aug 18, 2020 at 6:39 PM wrote: > > > > On 8/18/20 7:17 AM, Anup Patel wrote: > > > EXTERNAL EMAIL: Do not click links or open attachments unless you know > > > the content is safe > > > > > > On Tue, Aug 18, 2020 at 1:23 AM wrote: > > >> On 8/17/20 8:28 PM, Alistair Francis wrote: > > >>> EXTERNAL EMAIL: Do not click links or open attachments unless you know > > >>> the content is safe > > >>> > > >>> On Mon, Aug 17, 2020 at 11:12 AM via wrote: > > Hi Anup, > > > > On 8/17/20 11:30 AM, Bin Meng wrote: > > > EXTERNAL EMAIL: Do not click links or open attachments unless you > > > know the content is safe > > > > > > Hi Anup, > > > > > > On Sat, Aug 15, 2020 at 1:44 AM Anup Patel > > > wrote: > > >> On Fri, Aug 14, 2020 at 10:12 PM Bin Meng wrote: > > >>> From: Bin Meng > > >>> > > >>> This adds support for Microchip PolarFire SoC Icicle Kit board. > > >>> The Icicle Kit board integrates a PolarFire SoC, with one SiFive's > > >>> E51 plus four U54 cores and many on-chip peripherals and an FPGA. > > >> Nice Work !!! This is very helpful. > > > Thanks! > > > > > >> The Microchip HSS is quite convoluted. It has: > > >> 1. DDR Init > > >> 2. Boot device support > > >> 3. SBI support using OpenSBI as library > > >> 4. Simple TEE support > > >> > > >> I think point 1) and 2) above should be part of U-Boot SPL. > > >> The point 3) can be OpenSBI FW_DYNAMIC. > > >> > > >> Lastly,for point 4), we are working on a new OpenSBI feature using > > >> which we can run independent Secure OS and Non-Secure OS using > > >> U-Boot_SPL+OpenSBI (for both SiFive Unleashed and Microchip > > >> PolarFire). > > >> > > >> Do you have plans for adding U-Boot SPL support for this board ?? > > > + Cyril Jean from Microchip > > > > > > I will have to leave this question to Cyril to comment. > > > > > I currently do not have a plan to support U-Boot SPL. The idea of the > > HSS is to contain all the silicon specific initialization and > > configuration code within the HSS before jumping to U-Boot S-mode. I > > would rather keep all this within the HSS for the time being. I would > > wait until we reach production silicon before attempting to move this > > to > > U-Boot SPL as the HSS is likely to contain some opaque silicon related > > changes for another while. > > >>> That is unfortunate, a lot of work has gone into making the boot flow > > >>> simple and easy to use. > > >>> > > >>> QEMU now includes OpenSBI by default to make it easy for users to boot > > >>> Linux. The Icicle Kit board is now the most difficult QEMU board to > > >>> boot Linux on. Not to mention it makes it hard to impossible to > > >>> support it in standard tool flows such as meta-riscv. > > >>> > > >>> Alistair > > >> If it is such a problem we can add a U-Boot SPL stage and the HSS can be > > >> treated as standard SoC ROM code. > > > It's not mandatory for U-Boot SPL to have stable DRAM calibration settings > > > from the start itself. The initial U-Boot SPL support for most > > > platforms (accross > > > architectures) usually include basic working DRAM calibration settings > > > which > > > is later on updated with separate patches. Also, we don't need all U-Boot > > > drivers to be upstreamed in one-go as this can be done in phases. > > > > > > The advantage we have with PolarFire SoC Icicle board is that we already > > > have a U-Boot S-mode. and we believe the OpenSBI generic platform will > > > work fine for PolarFire SoC Icicle board so the only thing missing right > > > now > > > is the U-Boot SPL support for OpenSource boot-flow. > > > > > > It will certainly accelerate open-source development if we have boot-flow > > > U-Boot_SPL => OpenSBI (FW_DYNAMIC) => U-Boot_S-mode working > > > on PolarFire SoC Icicle board. Initially, we just need DRAM, SD/eMMC, > > > and Serial port support for U-Boot SPL and U-Boot S-mode. Later on, > > > more patches can add ethernet and other booting device drivers to U-Boot. > > > > > > Regarding security services of HSS, we are working on a OpenSBI > > > feature which will allow HSS security services to run as independent > > > binary in M-mode (not linked to OpenSBI) and OpenSBI FW_DYNAMIC > > > will be a separate binary acting as a secure monitor. > > > > > > Regards, > > > Anup > > > > What I have in mind is that the external memory will be up and running > > by the time we get to U-Boot SPL. In the case of PolarFire SoC the ROM > > code equivalent brings up the DDR memory interface so we do not need to > > worry about this as part of U-Boot. > > Keeping DRAM configuration as part of a separate ROM booting stage prior > to the U-Boot SPL sounds good to me. This will lead to following boot-flow: > > ROM/HSS (M-mode) => U-Boot SPL (M-mode) => OpenSBI
[Bug 1890545] Re: (ARM64) qemu-x86_64+schroot(Debian bullseye) can't run chrome and can't load HTML
Now, I found something new when I use gdb: => 0x400523c858:ud2 0x400523c85a:pushq $0xd 0x400523c85c:mov-0x230(%rbp),%rax 0x400523c863:mov-0x240(%rbp),%rdi 0x400523c86a:mov$0x1,%esi 0x400523c86f:movq $0x0,-0x230(%rbp) 0x400523c87a:mov%rax,-0x220(%rbp) 0x400523c881:callq 0x40051ccf00 0x400523c886:callq 0x400266c540 0x400523c88b:cmp$0x1,%eax 0x400523c88e:je 0x400523c8ed 0x400523c890:lea-0x220(%rbp),%rdi 0x400523c897:callq 0x40040fe8e0 0x400523c89c:jmpq 0x400523c60c 0x400523c8a1:int3 0x400523c8a2:ud2 0x400523c8a4:pushq $0x10 0x400523c8a6:int3 0x400523c8a7:ud2 0x400523c8a9:pushq $0x11 0x400523c8ab:mov-0x200(%rbp),%rax 0x400523c8b2:lea-0x1c0(%rbp),%rbx 0x400523c8b9:movq $0x0,-0x200(%rbp) -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1890545 Title: (ARM64) qemu-x86_64+schroot(Debian bullseye) can't run chrome and can't load HTML Status in QEMU: New Bug description: First I creat a file system that is debian(bullseye amd64)on arm64 machine,then I download google-chrome,however, when I ran Google browser, some errors occurred. $ google-chrome --no-sandbox or $ qemu-x86_64-static google-chrome --no-sandbox qemu: uncaught target signal 5 (Trace/breakpoint trap) - core dumped qemu: uncaught target signal 5 (Trace/breakpoint trap) - core dumped [1661:1661:0806/074307.502638:ERROR:nacl_fork_delegate_linux.cc(323)] Bad NaCl helper startup ack (0 bytes) [1664:1664:0806/074307.504159:ERROR:nacl_fork_delegate_linux.cc(323)] Bad NaCl helper startup ack (0 bytes) qemu: uncaught target signal 5 (Trace/breakpoint trap) - core dumped qemu: uncaught target signal 5 (Trace/breakpoint trap) - core dumped [1637:1678:0806/074308.337567:ERROR:file_path_watcher_linux.cc(315)] inotify_init() failed: Function not implemented (38) Fontconfig warning: "/etc/fonts/fonts.conf", line 100: unknown element "blank" qemu: unknown option 'type=utility' [1637:1680:0806/074313.598432:FATAL:gpu_data_manager_impl_private.cc(439)] GPU process isn't usable. Goodbye. qemu: uncaught target signal 5 (Trace/breakpoint trap) - core dumped Trace/breakpoint trap Why? And then I run firefox,it can be opened, but it can't load any web pages and HTML. I really need help! Thank. To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1890545/+subscriptions
[PATCH v3 0/1] audio/jack: fix use after free segfault
Fixed accidental eof newline strip from `configure` Geoffrey McRae (1): audio/jack: fix use after free segfault audio/jackaudio.c | 37 - configure | 4 +++- 2 files changed, 39 insertions(+), 2 deletions(-) -- 2.20.1
[PATCH v3 1/1] audio/jack: fix use after free segfault
The client may have been freed already by a secondary audio device
recovering its session as JACK2 has some cleanup code to work around
broken clients, which doesn't account for well behaved clients.
https://github.com/jackaudio/jack2/issues/627
As JACK1 and JACK2 are interchangeable and JACK2 has "cleanup" routine
that JACK1 does not have, we need to determine which version is in use
at runtime. Unfortunatly there is no way to determine which is in use
other then to look for symbols that are missing in JACK1, which in this
case is `jack_get_version`.
An issue has been raised over this, but to be compatible with older
versions we must use this method to determine which library is in use.
If at some time the jack developers implement `jack_get_version` in
JACK1, this code will need to be revisited.
At worst the workaround will be enabled and this will introduce a small
memory leak if the jack server is restarted. This however is better then
the alternative which would be a use after free segfault.
Signed-off-by: Geoffrey McRae
---
audio/jackaudio.c | 37 -
configure | 4 +++-
2 files changed, 39 insertions(+), 2 deletions(-)
diff --git a/audio/jackaudio.c b/audio/jackaudio.c
index 72ed7c4929..d1685999c3 100644
--- a/audio/jackaudio.c
+++ b/audio/jackaudio.c
@@ -31,6 +31,7 @@
#define AUDIO_CAP "jack"
#include "audio_int.h"
+#include
#include
#include
@@ -84,6 +85,7 @@ typedef struct QJackIn {
}
QJackIn;
+static int QJackWorkaroundCloseBug;
static int qjack_client_init(QJackClient *c);
static void qjack_client_connect_ports(QJackClient *c);
static void qjack_client_fini(QJackClient *c);
@@ -563,7 +565,10 @@ static void qjack_client_fini(QJackClient *c)
/* fallthrough */
case QJACK_STATE_SHUTDOWN:
-jack_client_close(c->client);
+if (!QJackWorkaroundCloseBug) {
+jack_client_close(c->client);
+}
+c->client = NULL;
/* fallthrough */
case QJACK_STATE_DISCONNECTED:
@@ -662,6 +667,36 @@ static void qjack_info(const char *msg)
static void register_audio_jack(void)
{
+void *handle;
+
+/*
+ * As JACK1 and JACK2 are interchangeable and JACK2 has "cleanup" routine
+ * that JACK1 does not have, we need to determine which version is in use
at
+ * runtime. Unfortunatly there is no way to determine which is in use other
+ * then to look for symbols that are missing in JACK1, which in this case
is
+ * `jack_get_version`. An issue has been raised over this, but to be
+ * compatible with older versions we must use this method to determine
which
+ * library is in use. If at some time the jack developers implement
+ * `jack_get_version` in JACK1, this code will need to be revisited.
+ *
+ * At worst the workaround will be enabled and we will introduce a small
+ * memory leak if the jack server is restarted. This is better then the
+ * alternative which would be a use after free segfault.
+ */
+
+handle = dlopen("libjack.so", RTLD_LAZY | RTLD_NOLOAD);
+if (!handle) {
+dolog("unable to open libjack.so to determine version\n");
+dolog("assuming JACK2 and enabling the close bug workaround\n");
+QJackWorkaroundCloseBug = 1;
+} else {
+if (dlsym(handle, "jack_get_version")) {
+dolog("JACK2 detected, enabling close bug workaround\n");
+QJackWorkaroundCloseBug = 1;
+}
+dlclose(handle);
+}
+
audio_driver_register(_driver);
jack_set_thread_creator(qjack_thread_creator);
jack_set_error_function(qjack_error);
diff --git a/configure b/configure
index 2acc4d1465..43d2893fbb 100755
--- a/configure
+++ b/configure
@@ -3754,7 +3754,8 @@ for drv in $audio_drv_list; do
jack | try-jack)
if $pkg_config jack --exists; then
-jack_libs=$($pkg_config jack --libs)
+# dl is needed to check at runtime if jack1 or jack2 is in use
+jack_libs="$($pkg_config jack --libs) -ldl"
if test "$drv" = "try-jack"; then
audio_drv_list=$(echo "$audio_drv_list" | sed -e
's/try-jack/jack/')
fi
--
2.20.1
[PATCH v2] audio/jack: fix use after free segfault
The client may have been freed already by a secondary audio device
recovering its session as JACK2 has some cleanup code to work around
broken clients, which doesn't account for well behaved clients.
https://github.com/jackaudio/jack2/issues/627
As JACK1 and JACK2 are interchangeable and JACK2 has "cleanup" routine
that JACK1 does not have, we need to determine which version is in use
at runtime. Unfortunatly there is no way to determine which is in use
other then to look for symbols that are missing in JACK1, which in this
case is `jack_get_version`.
An issue has been raised over this, but to be compatible with older
versions we must use this method to determine which library is in use.
If at some time the jack developers implement `jack_get_version` in
JACK1, this code will need to be revisited.
At worst the workaround will be enabled and this will introduce a small
memory leak if the jack server is restarted. This however is better then
the alternative which would be a use after free segfault.
Signed-off-by: Geoffrey McRae
---
audio/jackaudio.c | 37 -
configure | 5 +++--
2 files changed, 39 insertions(+), 3 deletions(-)
diff --git a/audio/jackaudio.c b/audio/jackaudio.c
index 72ed7c4929..d1685999c3 100644
--- a/audio/jackaudio.c
+++ b/audio/jackaudio.c
@@ -31,6 +31,7 @@
#define AUDIO_CAP "jack"
#include "audio_int.h"
+#include
#include
#include
@@ -84,6 +85,7 @@ typedef struct QJackIn {
}
QJackIn;
+static int QJackWorkaroundCloseBug;
static int qjack_client_init(QJackClient *c);
static void qjack_client_connect_ports(QJackClient *c);
static void qjack_client_fini(QJackClient *c);
@@ -563,7 +565,10 @@ static void qjack_client_fini(QJackClient *c)
/* fallthrough */
case QJACK_STATE_SHUTDOWN:
-jack_client_close(c->client);
+if (!QJackWorkaroundCloseBug) {
+jack_client_close(c->client);
+}
+c->client = NULL;
/* fallthrough */
case QJACK_STATE_DISCONNECTED:
@@ -662,6 +667,36 @@ static void qjack_info(const char *msg)
static void register_audio_jack(void)
{
+void *handle;
+
+/*
+ * As JACK1 and JACK2 are interchangeable and JACK2 has "cleanup" routine
+ * that JACK1 does not have, we need to determine which version is in use
at
+ * runtime. Unfortunatly there is no way to determine which is in use other
+ * then to look for symbols that are missing in JACK1, which in this case
is
+ * `jack_get_version`. An issue has been raised over this, but to be
+ * compatible with older versions we must use this method to determine
which
+ * library is in use. If at some time the jack developers implement
+ * `jack_get_version` in JACK1, this code will need to be revisited.
+ *
+ * At worst the workaround will be enabled and we will introduce a small
+ * memory leak if the jack server is restarted. This is better then the
+ * alternative which would be a use after free segfault.
+ */
+
+handle = dlopen("libjack.so", RTLD_LAZY | RTLD_NOLOAD);
+if (!handle) {
+dolog("unable to open libjack.so to determine version\n");
+dolog("assuming JACK2 and enabling the close bug workaround\n");
+QJackWorkaroundCloseBug = 1;
+} else {
+if (dlsym(handle, "jack_get_version")) {
+dolog("JACK2 detected, enabling close bug workaround\n");
+QJackWorkaroundCloseBug = 1;
+}
+dlclose(handle);
+}
+
audio_driver_register(_driver);
jack_set_thread_creator(qjack_thread_creator);
jack_set_error_function(qjack_error);
diff --git a/configure b/configure
index 2acc4d1465..e65ec5c5e3 100755
--- a/configure
+++ b/configure
@@ -3754,7 +3754,8 @@ for drv in $audio_drv_list; do
jack | try-jack)
if $pkg_config jack --exists; then
-jack_libs=$($pkg_config jack --libs)
+# dl is needed to check at runtime if jack1 or jack2 is in use
+jack_libs="$($pkg_config jack --libs) -ldl"
if test "$drv" = "try-jack"; then
audio_drv_list=$(echo "$audio_drv_list" | sed -e
's/try-jack/jack/')
fi
@@ -8644,4 +8645,4 @@ printf " '%s'" "$0" "$@" >>config.status
echo ' "$@"' >>config.status
chmod +x config.status
-rm -r "$TMPDIR1"
+rm -r "$TMPDIR1"
\ No newline at end of file
--
2.20.1
Re: [PATCH v4 5/8] mips/cps: Use start-powered-off CPUState property
Philippe Mathieu-Daudé writes:
> On 8/18/20 5:33 AM, Thiago Jung Bauermann wrote:
>> Instead of setting CPUState::halted to 1 in main_cpu_reset(), use the
>> start-powered-off property which makes cpu_common_reset() initialize it
>> to 1 in common code.
>>
>> Also change creation of CPU object from cpu_create() to object_new() and
>> qdev_realize() because cpu_create() realizes the CPU and it's not possible to
>> set a property after the object is realized.
>>
>> Signed-off-by: Thiago Jung Bauermann
>> ---
>> hw/mips/cps.c | 16
>> 1 file changed, 12 insertions(+), 4 deletions(-)
>>
>> diff --git a/hw/mips/cps.c b/hw/mips/cps.c
>> index 615e1a1ad2..be85357dc0 100644
>> --- a/hw/mips/cps.c
>> +++ b/hw/mips/cps.c
>> @@ -52,9 +52,6 @@ static void main_cpu_reset(void *opaque)
>> CPUState *cs = CPU(cpu);
>>
>> cpu_reset(cs);
>> -
>> -/* All VPs are halted on reset. Leave powering up to CPC. */
>> -cs->halted = 1;
>> }
>>
>> static bool cpu_mips_itu_supported(CPUMIPSState *env)
>> @@ -76,7 +73,9 @@ static void mips_cps_realize(DeviceState *dev, Error
>> **errp)
>> bool saar_present = false;
>>
>> for (i = 0; i < s->num_vp; i++) {
>> -cpu = MIPS_CPU(cpu_create(s->cpu_type));
>> +Error *err = NULL;
>> +
>> +cpu = MIPS_CPU(object_new(s->cpu_type));
>>
>> /* Init internal devices */
>> cpu_mips_irq_init_cpu(cpu);
>> @@ -89,7 +88,16 @@ static void mips_cps_realize(DeviceState *dev, Error
>> **errp)
>> env->itc_tag = mips_itu_get_tag_region(>itu);
>> env->itu = >itu;
>> }
>> +/* All VPs are halted on reset. Leave powering up to CPC. */
>> +object_property_set_bool(OBJECT(cpu), "start-powered-off", true,
>> + _abort);
>> qemu_register_reset(main_cpu_reset, cpu);
>> +
>> +if (!qdev_realize(DEVICE(cpu), NULL, )) {
>> +error_report_err(err);
>> +object_unref(OBJECT(cpu));
>> +exit(EXIT_FAILURE);
>> +}
>
> Here errp is available, so we can propagate the error to the caller:
>
>if (!qdev_realize(DEVICE(cpu), NULL, errp)) {
>return;
>}
Ah, nice. I made this change (using qdev_realize_and_unref()).
I also changed object_property_set_bool() to use errp as well instead of
_abort (and also early return on error).
> For example in hw/mips/boston.c:
>
> object_initialize_child(OBJECT(machine), "cps", >cps, TYPE_MIPS_CPS);
> object_property_set_str(OBJECT(>cps), "cpu-type", machine->cpu_type,
> _fatal);
> object_property_set_int(OBJECT(>cps), "num-vp", machine->smp.cpus,
> _fatal);
> sysbus_realize(SYS_BUS_DEVICE(>cps), _fatal);
>
> This will be propagated here ---^
Interesting. Thanks for the explanation.
--
Thiago Jung Bauermann
IBM Linux Technology Center
Re: [PATCH v4 4/8] ppc/e500: Use start-powered-off CPUState property
Thiago Jung Bauermann writes:
> Hello Philippe,
>
> Thanks for your review.
>
> Philippe Mathieu-Daudé writes:
>
>> On 8/18/20 9:22 AM, Philippe Mathieu-Daudé wrote:
@@ -897,6 +895,19 @@ void ppce500_init(MachineState *machine)
} else {
/* Secondary CPUs */
qemu_register_reset(ppce500_cpu_reset_sec, cpu);
+
+/*
+ * Secondary CPU starts in halted state for now. Needs to
change
+ * when implementing non-kernel boot.
+ */
+object_property_set_bool(OBJECT(cs), "start-powered-off",
true,
+ _abort);
>>>
>>> [*]
>>>
+}
+
+if (!qdev_realize(DEVICE(cs), NULL, )) {
+error_report_err(err);
+object_unref(OBJECT(cs));
+exit(EXIT_FAILURE);
}
>>>
>>> The last 4 lines are equivalent to:
>>>
>>>qdev_realize(DEVICE(cs), NULL, _fatal)) {
>>
>> I meant:
>>
>> qdev_realize(DEVICE(cs), NULL, _fatal);
>
> Ah! Thanks for pointing it out. I'll use that (along with
> qdev_realize_and_unref()).
>
>>
>>>
>>> This is also the preferred form, as we can not propagate errors
>>> from the machine_init() handler.
>>>
>>> Since you use _abort in [*], maybe you want to use it here too.
>
> I think _fatal is better since it preserves the behavior from
> cpu_create().
I'll change [*] to _fatal as well, for consistency.
--
Thiago Jung Bauermann
IBM Linux Technology Center
Re: [PATCH v4 4/8] ppc/e500: Use start-powered-off CPUState property
Hello Philippe,
Thanks for your review.
Philippe Mathieu-Daudé writes:
> On 8/18/20 9:22 AM, Philippe Mathieu-Daudé wrote:
>> On 8/18/20 5:33 AM, Thiago Jung Bauermann wrote:
>>> Instead of setting CPUState::halted to 1 in ppce500_cpu_reset_sec(), use
>>> the start-powered-off property which makes cpu_common_reset() initialize it
>>> to 1 in common code.
>>>
>>> Also change creation of CPU object from cpu_create() to object_new() and
>>> qdev_realize() because cpu_create() realizes the CPU and it's not possible
>>> to set a property after the object is realized.
>>>
>>> Signed-off-by: Thiago Jung Bauermann
>>> ---
>>> hw/ppc/e500.c | 19 +++
>>> 1 file changed, 15 insertions(+), 4 deletions(-)
>>>
>>> diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c
>>> index ab9884e315..0077aca74d 100644
>>> --- a/hw/ppc/e500.c
>>> +++ b/hw/ppc/e500.c
>>> @@ -704,9 +704,6 @@ static void ppce500_cpu_reset_sec(void *opaque)
>>>
>>> cpu_reset(cs);
>>>
>>> -/* Secondary CPU starts in halted state for now. Needs to change when
>>> - implementing non-kernel boot. */
>>> -cs->halted = 1;
>>> cs->exception_index = EXCP_HLT;
>>> }
>>>
>>> @@ -864,8 +861,9 @@ void ppce500_init(MachineState *machine)
>>> PowerPCCPU *cpu;
>>> CPUState *cs;
>>> qemu_irq *input;
>>> +Error *err = NULL;
>>>
>>> -cpu = POWERPC_CPU(cpu_create(machine->cpu_type));
>>> +cpu = POWERPC_CPU(object_new(machine->cpu_type));
>>> env = >env;
>>> cs = CPU(cpu);
>>>
>>> @@ -897,6 +895,19 @@ void ppce500_init(MachineState *machine)
>>> } else {
>>> /* Secondary CPUs */
>>> qemu_register_reset(ppce500_cpu_reset_sec, cpu);
>>> +
>>> +/*
>>> + * Secondary CPU starts in halted state for now. Needs to
>>> change
>>> + * when implementing non-kernel boot.
>>> + */
>>> +object_property_set_bool(OBJECT(cs), "start-powered-off", true,
>>> + _abort);
>>
>> [*]
>>
>>> +}
>>> +
>>> +if (!qdev_realize(DEVICE(cs), NULL, )) {
>>> +error_report_err(err);
>>> +object_unref(OBJECT(cs));
>>> +exit(EXIT_FAILURE);
>>> }
>>
>> The last 4 lines are equivalent to:
>>
>>qdev_realize(DEVICE(cs), NULL, _fatal)) {
>
> I meant:
>
> qdev_realize(DEVICE(cs), NULL, _fatal);
Ah! Thanks for pointing it out. I'll use that (along with
qdev_realize_and_unref()).
>
>>
>> This is also the preferred form, as we can not propagate errors
>> from the machine_init() handler.
>>
>> Since you use _abort in [*], maybe you want to use it here too.
I think _fatal is better since it preserves the behavior from
cpu_create().
--
Thiago Jung Bauermann
IBM Linux Technology Center
Re: [PATCH v4 4/8] ppc/e500: Use start-powered-off CPUState property
Hi Igor,
Thank you for reviewing these patches, and the tips you provided here
and on other messages on how to fix the refcount issues.
Igor Mammedov writes:
> On Tue, 18 Aug 2020 00:33:19 -0300
> Thiago Jung Bauermann wrote:
>
> [...]
>
>> Also change creation of CPU object from cpu_create() to object_new() and
>> qdev_realize() because cpu_create() realizes the CPU and it's not possible
>> to set a property after the object is realized.
>
> cpu_create was introduced to remove code duplication in simple cases where
> we do not need to set properties on created cpu.
>
> returning back to manual object_new + realize() is fine if it 's only
> small set of of boards. If it's tree-wide change then that would bring
> back all code duplication that cpu_create() got rid of.
This is only necessary for boards where the secondary CPUs start powered
off, so it's not a tree-wide change.
> An alternative way is to use 'hotplug' callbacks to let board set
> additional properties before cpu's realize is called.
>
> example:
> hw/ppc/spapr.c:
>spapr_machine_class_init()
> mc->get_hotplug_handler = spapr_get_hotplug_handler;
> hc->pre_plug = spapr_machine_device_pre_plug;
>...
>static const TypeInfo spapr_machine_info = {
>...
> { TYPE_HOTPLUG_HANDLER },
>
> that might work in generic case if it is put into generic machine code,
> and existing users of mc->get_hotplug_handler/hc->pre_plug were taken care of.
> In which case board would only need to set MachineClass:cpu-start-powered-of
> to gate property setting.
Thank you for this idea. Though if possible I'd like to keep the new
code as similar as possible to the original code to minimize unwanted
"perturbations" in how and when objects are created and initialized.
>> Signed-off-by: Thiago Jung Bauermann
>> ---
>> hw/ppc/e500.c | 19 +++
>> 1 file changed, 15 insertions(+), 4 deletions(-)
>>
>> diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c
>> index ab9884e315..0077aca74d 100644
>> --- a/hw/ppc/e500.c
>> +++ b/hw/ppc/e500.c
>> @@ -704,9 +704,6 @@ static void ppce500_cpu_reset_sec(void *opaque)
>>
>> cpu_reset(cs);
>>
>> -/* Secondary CPU starts in halted state for now. Needs to change when
>> - implementing non-kernel boot. */
>> -cs->halted = 1;
>> cs->exception_index = EXCP_HLT;
>> }
>>
>> @@ -864,8 +861,9 @@ void ppce500_init(MachineState *machine)
>> PowerPCCPU *cpu;
>> CPUState *cs;
>> qemu_irq *input;
>> +Error *err = NULL;
>>
>> -cpu = POWERPC_CPU(cpu_create(machine->cpu_type));
>> +cpu = POWERPC_CPU(object_new(machine->cpu_type));
>> env = >env;
>> cs = CPU(cpu);
>>
>> @@ -897,6 +895,19 @@ void ppce500_init(MachineState *machine)
>> } else {
>> /* Secondary CPUs */
>> qemu_register_reset(ppce500_cpu_reset_sec, cpu);
>> +
>> +/*
>> + * Secondary CPU starts in halted state for now. Needs to change
>> + * when implementing non-kernel boot.
>> + */
>> +object_property_set_bool(OBJECT(cs), "start-powered-off", true,
>> + _abort);
>> +}
>> +
>> +if (!qdev_realize(DEVICE(cs), NULL, )) {
>> +error_report_err(err);
>> +object_unref(OBJECT(cs));
>> +exit(EXIT_FAILURE);
>> }
>
> btw:
> board leaks cpu reference (from cpu_create()/object_new()) since
> qdev_realize()
> adds it's own and the caller of object_new() is suposed to free the original
> one.
>
> in this case qdev_realize_and_unref() fits nicely.
I will make this change.
--
Thiago Jung Bauermann
IBM Linux Technology Center
Re: [RFC PATCH v2 0/4] Use ACPI PCI hot-plug for q35
Patchew URL: https://patchew.org/QEMU/20200818215227.181654-1-jus...@redhat.com/ Hi, This series failed the docker-quick@centos7 build test. Please find the testing commands and their output below. If you have Docker installed, you can probably reproduce it locally. === TEST SCRIPT BEGIN === #!/bin/bash make docker-image-centos7 V=1 NETWORK=1 time make docker-test-quick@centos7 SHOW_ENV=1 J=14 NETWORK=1 === TEST SCRIPT END === acpi-test: Warning! DSDT binary file mismatch. Actual [aml:/tmp/aml-BFBCP0], Expected [aml:tests/data/acpi/pc/DSDT]. See source file tests/qtest/bios-tables-test.c for instructions on how to update expected files. to see ASL diff between mismatched files install IASL, rebuild QEMU from scratch and re-run tests with V=1 environment variable set** ERROR:/tmp/qemu-test/src/tests/qtest/bios-tables-test.c:494:test_acpi_asl: assertion failed: (all_tables_match) ERROR bios-tables-test - Bail out! ERROR:/tmp/qemu-test/src/tests/qtest/bios-tables-test.c:494:test_acpi_asl: assertion failed: (all_tables_match) make: *** [check-qtest-x86_64] Error 1 make: *** Waiting for unfinished jobs qemu-system-aarch64: -accel kvm: invalid accelerator kvm qemu-system-aarch64: falling back to tcg --- raise CalledProcessError(retcode, cmd) subprocess.CalledProcessError: Command '['sudo', '-n', 'docker', 'run', '--label', 'com.qemu.instance.uuid=89a74ccc1bb04197855ac348bd5b106a', '-u', '1003', '--security-opt', 'seccomp=unconfined', '--rm', '-e', 'TARGET_LIST=', '-e', 'EXTRA_CONFIGURE_OPTS=', '-e', 'V=', '-e', 'J=14', '-e', 'DEBUG=', '-e', 'SHOW_ENV=1', '-e', 'CCACHE_DIR=/var/tmp/ccache', '-v', '/home/patchew2/.cache/qemu-docker-ccache:/var/tmp/ccache:z', '-v', '/var/tmp/patchew-tester-tmp-0hn12f1e/src/docker-src.2020-08-18-18.16.37.21604:/var/tmp/qemu:z,ro', 'qemu/centos7', '/var/tmp/qemu/run', 'test-quick']' returned non-zero exit status 2. filter=--filter=label=com.qemu.instance.uuid=89a74ccc1bb04197855ac348bd5b106a make[1]: *** [docker-run] Error 1 make[1]: Leaving directory `/var/tmp/patchew-tester-tmp-0hn12f1e/src' make: *** [docker-run-test-quick@centos7] Error 2 real12m47.487s user0m8.668s The full log is available at http://patchew.org/logs/20200818215227.181654-1-jus...@redhat.com/testing.docker-quick@centos7/?type=message. --- Email generated automatically by Patchew [https://patchew.org/]. Please send your feedback to patchew-de...@redhat.com
Re: [PATCH] audio/jack: fix use after free segfault
On 2020-08-19 04:11, Christian Schoenebeck wrote: On Dienstag, 18. August 2020 14:40:36 CEST Geoffrey McRae wrote: Due to a ridiculous commit in the Jack library, the client may have been freed already by a secondary audio device recovering its session. https://github.com/jackaudio/jack2/issues/627 Until there is a proper fix for this we can not risk using the pointer at all if we have been notified of a shutdown as it may have been freed by the jack library, as such the close call is commented out to prevent a use after free segfault. At this time, this will not cause a memory leak as the recovery routine will trigger the "cleanup" code in the jack library, however, if this is ever corrected in the jack library this will need to be revisited. Signed-off-by: Geoffrey McRae --- audio/jackaudio.c | 17 - 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/audio/jackaudio.c b/audio/jackaudio.c index 72ed7c4929..e8faf1bb89 100644 --- a/audio/jackaudio.c +++ b/audio/jackaudio.c @@ -563,7 +563,22 @@ static void qjack_client_fini(QJackClient *c) /* fallthrough */ case QJACK_STATE_SHUTDOWN: -jack_client_close(c->client); +/* + * Due to a rediculous commit in the Jack library, the client may have + * been freed already. No need to be offending, and especially no need to insult Stéphane in QEMU code. Fair enough, I was not intending to offend Stéphane, and I apologize for this. I will revise this patch. Could you please describe in more detail how you ran into this situation with your 2nd audio device? Sure. Run a Windows guest with two audio devices, let it boot up, then restart the jack service to trigger the recovery routine, then attempt to use the 2nd (non-primary) audio device. Ie, go to windows audio settings to test the microphone of the second audio device. When windows try to use the 2nd audio device it goes through the recovery routine triggering this fault. + * + * Until there is a proper fix for this we can not risk using the + * pointer at all if we have been notified of a shutdown, as such the + * below line is commented out to prevent a use after free segfault. + * This will not cause a memory leak as the recovery routine will trigger + * the "cleanup" code in the jack library. + * + * https://github.com/jackaudio/jack2/commit/171a3c4a0ddd18d2afae56f3af6291c8e 96ee3ac + */ + +//jack_client_close(c->client); +c->client = NULL; + /* fallthrough */ Are you aware that there are two distinct variants of JACK? They are commonly referred to as JACK1 vs. JACK2 and despite their names, they are in fact completely separate implementations and there are people who prefer one over the other. Your change would affect JACK1 as well. I am aware and since these libraries are interchangeable I had assumed that JACK1 will have the same fault. If not I suppose we need to detect which is in use and change this code appropriately. Best regards, Christian Schoenebeck
Re: [PATCH 2/3] linux user: moving is proc functions to separate file
Ok, we may store these functions in syscall.c.
вт, 18 авг. 2020 г. в 18:56, Laurent Vivier :
> Le 18/08/2020 à 01:57, Andrew Aladjev a écrit :
> > Signed-off-by: Andrew Aladjev
> > ---
> > linux-user/Makefile.objs | 5 +++--
> > linux-user/syscall.c | 33 +
> > linux-user/syscall_proc.c | 32
> > linux-user/syscall_proc.h | 7 +++
> > 4 files changed, 43 insertions(+), 34 deletions(-)
> > create mode 100644 linux-user/syscall_proc.c
> > create mode 100644 linux-user/syscall_proc.h
> >
> > diff --git a/linux-user/Makefile.objs b/linux-user/Makefile.objs
> > index 1940910a73..20f8828b86 100644
> > --- a/linux-user/Makefile.objs
> > +++ b/linux-user/Makefile.objs
> > @@ -1,7 +1,8 @@
> > obj-y = main.o syscall.o strace.o mmap.o signal.o \
> > elfload.o linuxload.o uaccess.o uname.o \
> > - safe-syscall.o $(TARGET_ABI_DIR)/signal.o \
> > -$(TARGET_ABI_DIR)/cpu_loop.o exit.o fd-trans.o
> > + safe-syscall.o syscall_proc.o \
> > + $(TARGET_ABI_DIR)/cpu_loop.o $(TARGET_ABI_DIR)/signal.o \
> > +exit.o fd-trans.o
> >
>
> I think this will collide with Paolo's meson pull request.
>
> > obj-$(TARGET_HAS_BFLT) += flatload.o
> > obj-$(TARGET_I386) += vm86.o
> > diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> > index 5741c72733..01edc9b68d 100644
> > --- a/linux-user/syscall.c
> > +++ b/linux-user/syscall.c
> > @@ -125,6 +125,7 @@
> > #include "qapi/error.h"
> > #include "fd-trans.h"
> > #include "tcg/tcg.h"
> > +#include "syscall_proc.h"
> >
> > #ifndef CLONE_IO
> > #define CLONE_IO0x8000 /* Clone io context */
> > @@ -7482,38 +7483,6 @@ static int open_self_auxv(void *cpu_env, int fd)
> > return 0;
> > }
> >
> > -static int is_proc_myself(const char *filename, const char *entry)
> > -{
> > -if (!strncmp(filename, "/proc/", strlen("/proc/"))) {
> > -filename += strlen("/proc/");
> > -if (!strncmp(filename, "self/", strlen("self/"))) {
> > -filename += strlen("self/");
> > -} else if (*filename >= '1' && *filename <= '9') {
> > -char myself[80];
> > -snprintf(myself, sizeof(myself), "%d/", getpid());
> > -if (!strncmp(filename, myself, strlen(myself))) {
> > -filename += strlen(myself);
> > -} else {
> > -return 0;
> > -}
> > -} else {
> > -return 0;
> > -}
> > -if (!strcmp(filename, entry)) {
> > -return 1;
> > -}
> > -}
> > -return 0;
> > -}
> > -
> > -#if defined(HOST_WORDS_BIGENDIAN) != defined(TARGET_WORDS_BIGENDIAN) ||
> \
> > -defined(TARGET_SPARC) || defined(TARGET_M68K) ||
> defined(TARGET_HPPA)
> > -static int is_proc(const char *filename, const char *entry)
> > -{
> > -return strcmp(filename, entry) == 0;
> > -}
> > -#endif
> > -
> > #if defined(HOST_WORDS_BIGENDIAN) != defined(TARGET_WORDS_BIGENDIAN)
> > static int open_net_route(void *cpu_env, int fd)
> > {
> > diff --git a/linux-user/syscall_proc.c b/linux-user/syscall_proc.c
> > new file mode 100644
> > index 00..34051a8e6b
> > --- /dev/null
> > +++ b/linux-user/syscall_proc.c
> > @@ -0,0 +1,32 @@
> > +#include "qemu/osdep.h"
> > +
> > +#include "syscall_proc.h"
> > +
> > +int is_proc_myself(const char *filename, const char *entry)
> > +{
> > +if (!strncmp(filename, "/proc/", strlen("/proc/"))) {
> > +filename += strlen("/proc/");
> > +if (!strncmp(filename, "self/", strlen("self/"))) {
> > +filename += strlen("self/");
> > +} else if (*filename >= '1' && *filename <= '9') {
> > +char myself[80];
> > +snprintf(myself, sizeof(myself), "%d/", getpid());
> > +if (!strncmp(filename, myself, strlen(myself))) {
> > +filename += strlen(myself);
> > +} else {
> > +return 0;
> > +}
> > +} else {
> > +return 0;
> > +}
> > +if (!strcmp(filename, entry)) {
> > +return 1;
> > +}
> > +}
> > +return 0;
> > +}
> > +
> > +int is_proc(const char *filename, const char *entry)
> > +{
> > +return strcmp(filename, entry) == 0;
> > +}
> > diff --git a/linux-user/syscall_proc.h b/linux-user/syscall_proc.h
> > new file mode 100644
> > index 00..3098af931f
> > --- /dev/null
> > +++ b/linux-user/syscall_proc.h
> > @@ -0,0 +1,7 @@
> > +#ifndef SYSCALL_PROC_H
> > +#define SYSCALL_PROC_H
> > +
> > +int is_proc(const char *filename, const char *entry);
> > +int is_proc_myself(const char *filename, const char *entry);
> > +
> > +#endif
> >
>
> Please add a "SPDX-License-Identifier: GPL-2.0-or-later" header in the
> new files.
>
> Thanks,
> Laurent
>
>
>
>
>
[RFC PATCH v2 4/4] hw/acpi/ich9: Enable ACPI PCI hot-plug
Add acpi_pcihp to ich9_pm and use ACPI PCI hot-plug by default.
Signed-off-by: Julia Suvorova
---
Note: New pc_compats are usually added shortly after release.
I will switch to pc_compat_5_1 when it becomes available.
hw/i386/acpi-build.h | 1 +
include/hw/acpi/ich9.h | 3 +++
hw/acpi/ich9.c | 45 ++
hw/acpi/pcihp.c| 5 -
hw/i386/acpi-build.c | 2 +-
hw/i386/pc.c | 1 +
6 files changed, 55 insertions(+), 2 deletions(-)
diff --git a/hw/i386/acpi-build.h b/hw/i386/acpi-build.h
index 6f94312c39..f0bb080018 100644
--- a/hw/i386/acpi-build.h
+++ b/hw/i386/acpi-build.h
@@ -17,5 +17,6 @@ typedef enum {
} AcpiOSCField;
void acpi_setup(void);
+Object *acpi_get_i386_pci_host(void);
#endif
diff --git a/include/hw/acpi/ich9.h b/include/hw/acpi/ich9.h
index 28a53181cb..9947085e9c 100644
--- a/include/hw/acpi/ich9.h
+++ b/include/hw/acpi/ich9.h
@@ -24,6 +24,7 @@
#include "hw/acpi/acpi.h"
#include "hw/acpi/cpu_hotplug.h"
#include "hw/acpi/cpu.h"
+#include "hw/acpi/pcihp.h"
#include "hw/acpi/memory_hotplug.h"
#include "hw/acpi/acpi_dev_interface.h"
#include "hw/acpi/tco.h"
@@ -53,6 +54,8 @@ typedef struct ICH9LPCPMRegs {
AcpiCpuHotplug gpe_cpu;
CPUHotplugState cpuhp_state;
+bool use_acpi_hotplug_bridge;
+AcpiPciHpState acpi_pci_hotplug;
MemHotplugState acpi_memory_hotplug;
uint8_t disable_s3;
diff --git a/hw/acpi/ich9.c b/hw/acpi/ich9.c
index a2a1742aa6..fde86d12ae 100644
--- a/hw/acpi/ich9.c
+++ b/hw/acpi/ich9.c
@@ -265,6 +265,7 @@ static void pm_reset(void *opaque)
}
pm->smi_en_wmask = ~0;
+acpi_pcihp_reset(>acpi_pci_hotplug);
acpi_update_sci(>acpi_regs, pm->irq);
}
@@ -303,6 +304,17 @@ void ich9_pm_init(PCIDevice *lpc_pci, ICH9LPCPMRegs *pm,
pm->enable_tco = true;
acpi_pm_tco_init(>tco_regs, >io);
+if (pm->use_acpi_hotplug_bridge) {
+acpi_pcihp_init(OBJECT(lpc_pci),
+>acpi_pci_hotplug,
+pci_get_bus(lpc_pci),
+pci_address_space_io(lpc_pci),
+true, false);
+
+qbus_set_hotplug_handler(BUS(pci_get_bus(lpc_pci)),
+ OBJECT(lpc_pci));
+}
+
pm->irq = sci_irq;
qemu_register_reset(pm_reset, pm);
pm->powerdown_notifier.notify = pm_powerdown_req;
@@ -374,6 +386,20 @@ static void ich9_pm_set_enable_tco(Object *obj, bool
value, Error **errp)
s->pm.enable_tco = value;
}
+static bool ich9_pm_get_acpi_pci_hotplug(Object *obj, Error **errp)
+{
+ICH9LPCState *s = ICH9_LPC_DEVICE(obj);
+
+return s->pm.use_acpi_hotplug_bridge;
+}
+
+static void ich9_pm_set_acpi_pci_hotplug(Object *obj, bool value,
+ Error **errp)
+{
+ICH9LPCState *s = ICH9_LPC_DEVICE(obj);
+
+s->pm.use_acpi_hotplug_bridge = value;
+}
void ich9_pm_add_properties(Object *obj, ICH9LPCPMRegs *pm)
{
static const uint32_t gpe0_len = ICH9_PMIO_GPE0_LEN;
@@ -382,6 +408,7 @@ void ich9_pm_add_properties(Object *obj, ICH9LPCPMRegs *pm)
pm->disable_s3 = 0;
pm->disable_s4 = 0;
pm->s4_val = 2;
+pm->use_acpi_hotplug_bridge = true;
object_property_add_uint32_ptr(obj, ACPI_PM_PROP_PM_IO_BASE,
>pm_io_base, OBJ_PROP_FLAG_READ);
@@ -405,6 +432,9 @@ void ich9_pm_add_properties(Object *obj, ICH9LPCPMRegs *pm)
object_property_add_bool(obj, ACPI_PM_PROP_TCO_ENABLED,
ich9_pm_get_enable_tco,
ich9_pm_set_enable_tco);
+object_property_add_bool(obj, "acpi-pci-hotplug-with-bridge-support",
+ ich9_pm_get_acpi_pci_hotplug,
+ ich9_pm_set_acpi_pci_hotplug);
}
void ich9_pm_device_pre_plug_cb(HotplugHandler *hotplug_dev, DeviceState *dev,
@@ -412,6 +442,11 @@ void ich9_pm_device_pre_plug_cb(HotplugHandler
*hotplug_dev, DeviceState *dev,
{
ICH9LPCState *lpc = ICH9_LPC_DEVICE(hotplug_dev);
+if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
+acpi_pcihp_device_pre_plug_cb(hotplug_dev, dev, errp);
+return;
+}
+
if (object_dynamic_cast(OBJECT(dev), TYPE_PC_DIMM) &&
!lpc->pm.acpi_memory_hotplug.is_enabled)
error_setg(errp,
@@ -437,6 +472,9 @@ void ich9_pm_device_plug_cb(HotplugHandler *hotplug_dev,
DeviceState *dev,
} else {
acpi_cpu_plug_cb(hotplug_dev, >pm.cpuhp_state, dev, errp);
}
+} else if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
+acpi_pcihp_device_plug_cb(hotplug_dev, >pm.acpi_pci_hotplug,
+ dev, errp);
} else {
error_setg(errp, "acpi: device plug request for not supported device"
" type: %s", object_get_typename(OBJECT(dev)));
@@ -457,6 +495,10 @@ void ich9_pm_device_unplug_request_cb(HotplugHandler
*hotplug_dev,
[RFC PATCH v2 3/4] hw/i386/acpi-build: Turn off support of PCIe native hot-plug and SHPC in _OSC
Other methods may be used if the system is capable of this and the _OSC bit
is set. Disable them explicitly to force ACPI PCI hot-plug use. The older
versions will still use PCIe native.
Signed-off-by: Julia Suvorova
---
hw/i386/acpi-build.h | 11 +++
hw/i386/acpi-build.c | 21 +++--
2 files changed, 26 insertions(+), 6 deletions(-)
diff --git a/hw/i386/acpi-build.h b/hw/i386/acpi-build.h
index 74df5fc612..6f94312c39 100644
--- a/hw/i386/acpi-build.h
+++ b/hw/i386/acpi-build.h
@@ -5,6 +5,17 @@
extern const struct AcpiGenericAddress x86_nvdimm_acpi_dsmio;
+/* PCI Firmware Specification 3.2, Table 4-5 */
+typedef enum {
+ACPI_OSC_NATIVE_HP_EN = 0,
+ACPI_OSC_SHPC_EN = 1,
+ACPI_OSC_PME_EN = 2,
+ACPI_OSC_AER_EN = 3,
+ACPI_OSC_PCIE_CAP_EN = 4,
+ACPI_OSC_LTR_EN = 5,
+ACPI_OSC_ALLONES_INVALID = 6,
+} AcpiOSCField;
+
void acpi_setup(void);
#endif
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index f3cd52bd06..c5f4802b8c 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1411,7 +1411,7 @@ static void build_i386_pci_hotplug(Aml *table, uint64_t
pcihp_addr)
aml_append(table, scope);
}
-static Aml *build_q35_osc_method(void)
+static Aml *build_q35_osc_method(AcpiPmInfo *pm)
{
Aml *if_ctx;
Aml *if_ctx2;
@@ -1419,6 +1419,7 @@ static Aml *build_q35_osc_method(void)
Aml *method;
Aml *a_cwd1 = aml_name("CDW1");
Aml *a_ctrl = aml_local(0);
+unsigned osc_ctrl;
method = aml_method("_OSC", 4, AML_NOTSERIALIZED);
aml_append(method, aml_create_dword_field(aml_arg(3), aml_int(0), "CDW1"));
@@ -1430,11 +1431,19 @@ static Aml *build_q35_osc_method(void)
aml_append(if_ctx, aml_store(aml_name("CDW3"), a_ctrl));
+/* Always allow native PME, AER (depend on PCIE Capability Control) */
+osc_ctrl = BIT(ACPI_OSC_PME_EN) | BIT(ACPI_OSC_AER_EN) |
+ BIT(ACPI_OSC_PCIE_CAP_EN);
+
/*
- * Always allow native PME, AER (no dependencies)
- * Allow SHPC (PCI bridges can have SHPC controller)
+ * Guests seem to generally prefer native hot-plug control.
+ * Enable it only when we do not use ACPI hot-plug.
*/
-aml_append(if_ctx, aml_and(a_ctrl, aml_int(0x1F), a_ctrl));
+if (!pm->pcihp_bridge_en) {
+osc_ctrl |= BIT(ACPI_OSC_NATIVE_HP_EN) | BIT(ACPI_OSC_SHPC_EN);
+}
+
+aml_append(if_ctx, aml_and(a_ctrl, aml_int(osc_ctrl), a_ctrl));
if_ctx2 = aml_if(aml_lnot(aml_equal(aml_arg(1), aml_int(1;
/* Unknown revision */
@@ -1514,7 +1523,7 @@ build_dsdt(GArray *table_data, BIOSLinker *linker,
aml_append(dev, aml_name_decl("_CID", aml_eisaid("PNP0A03")));
aml_append(dev, aml_name_decl("_ADR", aml_int(0)));
aml_append(dev, aml_name_decl("_UID", aml_int(1)));
-aml_append(dev, build_q35_osc_method());
+aml_append(dev, build_q35_osc_method(pm));
aml_append(sb_scope, dev);
aml_append(dsdt, sb_scope);
@@ -1590,7 +1599,7 @@ build_dsdt(GArray *table_data, BIOSLinker *linker,
if (pci_bus_is_express(bus)) {
aml_append(dev, aml_name_decl("_HID", aml_eisaid("PNP0A08")));
aml_append(dev, aml_name_decl("_CID", aml_eisaid("PNP0A03")));
-aml_append(dev, build_q35_osc_method());
+aml_append(dev, build_q35_osc_method(pm));
} else {
aml_append(dev, aml_name_decl("_HID", aml_eisaid("PNP0A03")));
}
--
2.25.4
[RFC PATCH v2 1/4] hw/acpi/ich9: Trace ich9_gpe_readb()/writeb()
Add trace events similar to piix4_gpe_readb() to check gpe status.
Signed-off-by: Julia Suvorova
Reviewed-by: Igor Mammedov
---
hw/acpi/ich9.c | 7 ++-
hw/acpi/trace-events | 4
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/hw/acpi/ich9.c b/hw/acpi/ich9.c
index 6a19070cec..a2a1742aa6 100644
--- a/hw/acpi/ich9.c
+++ b/hw/acpi/ich9.c
@@ -36,6 +36,7 @@
#include "hw/acpi/acpi.h"
#include "hw/acpi/tco.h"
#include "exec/address-spaces.h"
+#include "trace.h"
#include "hw/i386/ich9.h"
#include "hw/mem/pc-dimm.h"
@@ -59,13 +60,17 @@ static void ich9_pm_update_sci_fn(ACPIREGS *regs)
static uint64_t ich9_gpe_readb(void *opaque, hwaddr addr, unsigned width)
{
ICH9LPCPMRegs *pm = opaque;
-return acpi_gpe_ioport_readb(>acpi_regs, addr);
+uint64_t val = acpi_gpe_ioport_readb(>acpi_regs, addr);
+
+trace_ich9_gpe_readb(addr, width, val);
+return val;
}
static void ich9_gpe_writeb(void *opaque, hwaddr addr, uint64_t val,
unsigned width)
{
ICH9LPCPMRegs *pm = opaque;
+trace_ich9_gpe_writeb(addr, width, val);
acpi_gpe_ioport_writeb(>acpi_regs, addr, val);
acpi_update_sci(>acpi_regs, pm->irq);
}
diff --git a/hw/acpi/trace-events b/hw/acpi/trace-events
index afbc77de1c..b9f4827afc 100644
--- a/hw/acpi/trace-events
+++ b/hw/acpi/trace-events
@@ -32,6 +32,10 @@ cpuhp_acpi_ejecting_cpu(uint32_t idx) "0x%"PRIx32
cpuhp_acpi_write_ost_ev(uint32_t slot, uint32_t ev) "idx[0x%"PRIx32"] OST
EVENT: 0x%"PRIx32
cpuhp_acpi_write_ost_status(uint32_t slot, uint32_t st) "idx[0x%"PRIx32"] OST
STATUS: 0x%"PRIx32
+# ich9.c
+ich9_gpe_readb(uint64_t addr, unsigned width, uint64_t val) "addr: 0x%" PRIx64
" width: %d ==> 0x%" PRIx64
+ich9_gpe_writeb(uint64_t addr, unsigned width, uint64_t val) "addr: 0x%"
PRIx64 " width: %d <== 0x%" PRIx64
+
# pcihp.c
acpi_pci_eject_slot(unsigned bsel, unsigned slot) "bsel: %u slot: %u"
acpi_pci_unplug(int bsel, int slot) "bsel: %d slot: %d"
--
2.25.4
[RFC PATCH v2 2/4] hw/i386/acpi-build: Add ACPI PCI hot-plug methods to q35
Implement notifications and gpe to support q35 ACPI PCI hot-plug.
Use 0xcc4 - 0xcd7 range for 'acpi-pci-hotplug' io ports.
Signed-off-by: Julia Suvorova
---
include/hw/acpi/pcihp.h | 3 ++-
hw/acpi/pcihp.c | 10 ++
hw/acpi/piix4.c | 2 +-
hw/i386/acpi-build.c| 25 ++---
4 files changed, 23 insertions(+), 17 deletions(-)
diff --git a/include/hw/acpi/pcihp.h b/include/hw/acpi/pcihp.h
index 8bc4a4c01d..1e9d246f57 100644
--- a/include/hw/acpi/pcihp.h
+++ b/include/hw/acpi/pcihp.h
@@ -54,7 +54,8 @@ typedef struct AcpiPciHpState {
} AcpiPciHpState;
void acpi_pcihp_init(Object *owner, AcpiPciHpState *, PCIBus *root,
- MemoryRegion *address_space_io, bool bridges_enabled);
+ MemoryRegion *address_space_io, bool bridges_enabled,
+ bool is_piix4);
void acpi_pcihp_device_pre_plug_cb(HotplugHandler *hotplug_dev,
DeviceState *dev, Error **errp);
diff --git a/hw/acpi/pcihp.c b/hw/acpi/pcihp.c
index 9e31ab2da4..9a35ed6c83 100644
--- a/hw/acpi/pcihp.c
+++ b/hw/acpi/pcihp.c
@@ -38,7 +38,8 @@
#include "qom/qom-qobject.h"
#include "trace.h"
-#define ACPI_PCIHP_ADDR 0xae00
+#define ACPI_PCIHP_ADDR_PIIX4 0xae00
+#define ACPI_PCIHP_ADDR_Q35 0x0cc4
#define ACPI_PCIHP_SIZE 0x0014
#define PCI_UP_BASE 0x
#define PCI_DOWN_BASE 0x0004
@@ -359,12 +360,13 @@ static const MemoryRegionOps acpi_pcihp_io_ops = {
};
void acpi_pcihp_init(Object *owner, AcpiPciHpState *s, PCIBus *root_bus,
- MemoryRegion *address_space_io, bool bridges_enabled)
+ MemoryRegion *address_space_io, bool bridges_enabled,
+ bool is_piix4)
{
s->io_len = ACPI_PCIHP_SIZE;
-s->io_base = ACPI_PCIHP_ADDR;
+s->io_base = is_piix4 ? ACPI_PCIHP_ADDR_PIIX4 : ACPI_PCIHP_ADDR_Q35;
-s->root= root_bus;
+s->root = root_bus;
s->legacy_piix = !bridges_enabled;
memory_region_init_io(>io, owner, _pcihp_io_ops, s,
diff --git a/hw/acpi/piix4.c b/hw/acpi/piix4.c
index cdfa0e2998..1f27bfbd06 100644
--- a/hw/acpi/piix4.c
+++ b/hw/acpi/piix4.c
@@ -596,7 +596,7 @@ static void piix4_acpi_system_hot_add_init(MemoryRegion
*parent,
memory_region_add_subregion(parent, GPE_BASE, >io_gpe);
acpi_pcihp_init(OBJECT(s), >acpi_pci_hotplug, bus, parent,
-s->use_acpi_hotplug_bridge);
+s->use_acpi_hotplug_bridge, true);
s->cpu_hotplug_legacy = true;
object_property_add_bool(OBJECT(s), "cpu-hotplug-legacy",
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index b7bc2a..f3cd52bd06 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -201,10 +201,6 @@ static void acpi_get_pm_info(MachineState *machine,
AcpiPmInfo *pm)
/* w2k requires FADT(rev1) or it won't boot, keep PC compatible */
pm->fadt.rev = 1;
pm->cpu_hp_io_base = PIIX4_CPU_HOTPLUG_IO_BASE;
-pm->pcihp_io_base =
-object_property_get_uint(obj, ACPI_PCIHP_IO_BASE_PROP, NULL);
-pm->pcihp_io_len =
-object_property_get_uint(obj, ACPI_PCIHP_IO_LEN_PROP, NULL);
}
if (lpc) {
struct AcpiGenericAddress r = { .space_id = AML_AS_SYSTEM_IO,
@@ -214,6 +210,10 @@ static void acpi_get_pm_info(MachineState *machine,
AcpiPmInfo *pm)
pm->fadt.flags |= 1 << ACPI_FADT_F_RESET_REG_SUP;
pm->cpu_hp_io_base = ICH9_CPU_HOTPLUG_IO_BASE;
}
+pm->pcihp_io_base =
+object_property_get_uint(obj, ACPI_PCIHP_IO_BASE_PROP, NULL);
+pm->pcihp_io_len =
+object_property_get_uint(obj, ACPI_PCIHP_IO_LEN_PROP, NULL);
/* The above need not be conditional on machine type because the reset port
* happens to be the same on PIIX (pc) and ICH9 (q35). */
@@ -472,7 +472,7 @@ static void build_append_pci_bus_devices(Aml *parent_scope,
PCIBus *bus,
QLIST_FOREACH(sec, >child, sibling) {
int32_t devfn = sec->parent_dev->devfn;
-if (pci_bus_is_root(sec) || pci_bus_is_express(sec)) {
+if (pci_bus_is_root(sec)) {
continue;
}
@@ -1368,7 +1368,7 @@ static void build_piix4_isa_bridge(Aml *table)
aml_append(table, scope);
}
-static void build_piix4_pci_hotplug(Aml *table)
+static void build_i386_pci_hotplug(Aml *table, uint64_t pcihp_addr)
{
Aml *scope;
Aml *field;
@@ -1377,20 +1377,22 @@ static void build_piix4_pci_hotplug(Aml *table)
scope = aml_scope("_SB.PCI0");
aml_append(scope,
-aml_operation_region("PCST", AML_SYSTEM_IO, aml_int(0xae00), 0x08));
+aml_operation_region("PCST", AML_SYSTEM_IO, aml_int(pcihp_addr),
0x08));
field = aml_field("PCST", AML_DWORD_ACC, AML_NOLOCK, AML_WRITE_AS_ZEROS);
aml_append(field, aml_named_field("PCIU", 32));
aml_append(field, aml_named_field("PCID", 32));
aml_append(scope, field);
aml_append(scope,
-
[RFC PATCH v2 0/4] Use ACPI PCI hot-plug for q35
PCIe native hot-plug has numerous problems with racing events and unpredictable guest behaviour (Windows). Switching to ACPI hot-plug for now. Tested on RHEL 8 and Windows 2019. pxb-pcie is not yet supported. v2: * new ioport range for acpiphp [Gerd] * drop find_pci_host() [Igor] * explain magic numbers in _OSC [Igor] * drop build_q35_pci_hotplug() wrapper [Igor] Julia Suvorova (4): hw/acpi/ich9: Trace ich9_gpe_readb()/writeb() hw/i386/acpi-build: Add ACPI PCI hot-plug methods to q35 hw/i386/acpi-build: Turn off support of PCIe native hot-plug and SHPC in _OSC hw/acpi/ich9: Enable ACPI PCI hot-plug hw/i386/acpi-build.h| 12 ++ include/hw/acpi/ich9.h | 3 +++ include/hw/acpi/pcihp.h | 3 ++- hw/acpi/ich9.c | 52 - hw/acpi/pcihp.c | 15 hw/acpi/piix4.c | 2 +- hw/i386/acpi-build.c| 48 +++-- hw/i386/pc.c| 1 + hw/acpi/trace-events| 4 9 files changed, 114 insertions(+), 26 deletions(-) -- 2.25.4
Re: [PATCH 06/41] allwinner-h3: Rename memmap enum constants
On Mon, Aug 17, 2020 at 09:07:58PM +0200, Niek Linnenbank wrote: > Hi, > > Interesting suggestion Philippe. I modelled the initial code of the H3 SoC > mostly in-line with the aspeed SoC, > to let it use commonly applied code structures where possible. And it looks > like in this series, aspeed_soc.h is also > getting the same change. I'll see if I can find some time to make a small > patch to move the enum to the local allwinner-h3.c file like you > suggested. > > For Eduardo's work, I'm OK with a rename for now to AW_H3_DEV_*. I see it > is also done like that in aspeed_soc.h and similar files. > I do have one follow-up question: which value(s) from the enum are actually > in conflict? Could you add that in the commit message perhaps, for clarity? For allwinner-h3, the conflicting macros are: AW_H3_CCU, AW_H3_SYSCTRL. v2 of the series will have the conflicting macros mentioned in the commit message in all the "rename enum constants" patches. > > With that answered: > Reviewed-by: Niek Linnenbank Thanks! -- Eduardo
Re: [PATCH 1/3] linux user: make execfd global (like exec path) and keep it open
Hello. I want to explain situation we have in qemu today.
It looks simple, but gives complex problems.
Please open "linux-user/main.c":
execfd = qemu_getauxval(AT_EXECFD);
if (execfd == 0) {
execfd = open(exec_path, O_RDONLY);
if (execfd < 0) { ... }
}
...
close(execfd);
We may take AT_EXECFD and than close it.
After that AT_EXECFD will store closed fd.
Kernel doesn't block closing of AT_EXECFD.
Same problem exists in linux-user/syscall.c:
if (is_proc_myself(pathname, "exe")) {
int execfd = qemu_getauxval(AT_EXECFD);
return execfd ? execfd : safe_openat(dirfd, exec_path, flags, mode);
}
We are providing AT_EXECFD value for user and he closes it.
Than we are providing same AT_EXECFD value once again.
This fd has already been closed.
I've just re-analyzed patch and agree with you that dup/clone will be
broken.
We shouldn't provide global execfd.
So these patches are wrong.
I am going to create new patches tomorrow.
It will block closing of AT_EXECFD and remove additional AT_EXECFD usage.
I will try to add several tests for this functionality.
Thank you.
вт, 18 авг. 2020 г. в 18:23, Laurent Vivier :
> Le 18/08/2020 à 01:57, Andrew Aladjev a écrit :
> > User opens /proc/self/exe symlink, than kernel should create
> /proc/self/fd/ symlink. We should be able to detect both exe and
> fd/ symlinks to provide common behaviour. The easiest solution is
> to make execfd global and keep it open. This solution looks acceptable
> because exec_path is already global.
> >
> > Signed-off-by: Andrew Aladjev
> > ---
> > linux-user/elfload.c | 3 ++-
> > linux-user/exit.c| 7 +--
> > linux-user/main.c| 2 +-
> > linux-user/qemu.h| 1 +
> > linux-user/syscall.c | 18 ++
> > 5 files changed, 23 insertions(+), 8 deletions(-)
> >
> > diff --git a/linux-user/elfload.c b/linux-user/elfload.c
> > index fe9dfe795d..dfaf937ab9 100644
> > --- a/linux-user/elfload.c
> > +++ b/linux-user/elfload.c
> > @@ -2363,6 +2363,7 @@ void probe_guest_base(const char *image_name,
> abi_ulong guest_loaddr,
> >
> > IMAGE_NAME is the filename of the image, to use in error messages.
> > IMAGE_FD is the open file descriptor for the image.
> > + WARNING: IMAGE_FD won't be closed.
> >
> > BPRM_BUF is a copy of the beginning of the file; this of course
> > contains the elf file header at offset 0. It is assumed that this
> > @@ -2632,7 +2633,6 @@ static void load_elf_image(const char *image_name,
> int image_fd,
> >
> > mmap_unlock();
> >
> > -close(image_fd);
> > return;
> >
> > exit_read:
> > @@ -2666,6 +2666,7 @@ static void load_elf_interp(const char *filename,
> struct image_info *info,
> > }
> >
> > load_elf_image(filename, fd, info, NULL, bprm_buf);
> > +close(fd);
> > return;
> >
> > exit_perror:
> > diff --git a/linux-user/exit.c b/linux-user/exit.c
> > index 1594015444..f0626fc432 100644
> > --- a/linux-user/exit.c
> > +++ b/linux-user/exit.c
> > @@ -28,12 +28,15 @@ extern void __gcov_dump(void);
> >
> > void preexit_cleanup(CPUArchState *env, int code)
> > {
> > +close(execfd);
> > +
> > #ifdef CONFIG_GPROF
> > _mcleanup();
> > #endif
> > #ifdef CONFIG_GCOV
> > __gcov_dump();
> > #endif
> > -gdb_exit(env, code);
> > -qemu_plugin_atexit_cb();
> > +
> > +gdb_exit(env, code);
> > +qemu_plugin_atexit_cb();
> > }
> > diff --git a/linux-user/main.c b/linux-user/main.c
> > index 75c9785157..27644a831a 100644
> > --- a/linux-user/main.c
> > +++ b/linux-user/main.c
> > @@ -49,6 +49,7 @@
> > #include "crypto/init.h"
> >
> > char *exec_path;
> > +int execfd;
> >
> > int singlestep;
> > static const char *argv0;
> > @@ -629,7 +630,6 @@ int main(int argc, char **argv, char **envp)
> > int target_argc;
> > int i;
> > int ret;
> > -int execfd;
> > int log_mask;
> > unsigned long max_reserved_va;
> >
> > diff --git a/linux-user/qemu.h b/linux-user/qemu.h
> > index 5c964389c1..f99be78d42 100644
> > --- a/linux-user/qemu.h
> > +++ b/linux-user/qemu.h
> > @@ -156,6 +156,7 @@ typedef struct TaskState {
> > } __attribute__((aligned(16))) TaskState;
> >
> > extern char *exec_path;
> > +extern int execfd;
> > void init_task_state(TaskState *ts);
> > void task_settid(TaskState *);
> > void stop_all_tasks(void);
> > diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> > index 945fc25279..5741c72733 100644
> > --- a/linux-user/syscall.c
> > +++ b/linux-user/syscall.c
> > @@ -7613,8 +7613,7 @@ static int do_openat(void *cpu_env, int dirfd,
> const char *pathname, int flags,
> > };
> >
> > if (is_proc_myself(pathname, "exe")) {
> > -int execfd = qemu_getauxval(AT_EXECFD);
> > -return execfd ? execfd : safe_openat(dirfd, exec_path, flags,
> mode);
> > +return execfd;
> > }
> >
> > for (fake_open = fakes; fake_open->filename; fake_open++) {
> > @@ -7872,8 +7871,19 @@ static abi_long do_syscall1(void *cpu_env, int
> num,
RE: [EXTERNAL] Re: [PATCH v2 0/3] testing: Build WHPX enabled binaries
> >> It's still shameful that MS is forcing developers to waste time > >> rewriting API headers, just because the MS legal departments are not > >> able to understand the needs of Open Source development. > > There has be a big switch from Microsoft toward Open Source, I attended > > some of there talk at the Open Source Summit in 2018. Maybe we simply > > haven't contacted the right persons to make the changes...? > > > Maybe, but it is difficult to find the right person in a large company > like MS, and legal departments are often somehow special. > > And yes, they learned that Open Source can help them for their business, > too. > > Stefan Mike Battista is the program manager owner of the SDK license and should be able to take/respond to any feedback about the SDK licensing for open source projects (I have added him here). He has also been added to previous threads about the licensing and is also included in this conversation: https://bugs.launchpad.net/qemu/+bug/1879672 - Sunil
Re: [PATCH 01/41] pl1110: Rename PL1110 enum
CCing maintainer (pmaydell).
On Fri, Aug 14, 2020 at 07:45:40PM +0200, Philippe Mathieu-Daudé wrote:
> On 8/14/20 12:25 AM, Eduardo Habkost wrote:
> > The PL1110 enum value name will conflict with the PL1110 type
> > cast checker, when we replace the existing macro with an inline
> > function. Rename it to PL1110_STOCK.
>
> typo s/PL1110/PL110/ in subject and description.
Thanks for spotting that! Will be fixed in v2.
>
> >
> > Signed-off-by: Eduardo Habkost
> > ---
> > hw/display/pl110.c | 12 ++--
> > 1 file changed, 6 insertions(+), 6 deletions(-)
> >
> > diff --git a/hw/display/pl110.c b/hw/display/pl110.c
> > index c2991a28d2..4664fde3f2 100644
> > --- a/hw/display/pl110.c
> > +++ b/hw/display/pl110.c
> > @@ -42,7 +42,7 @@ enum pl110_bppmode
> > /* The Versatile/PB uses a slightly modified PL110 controller. */
> > enum pl110_version
> > {
> > -PL110,
> > +PL110_STOCK,
> > PL110_VERSATILE,
> > PL111
>
> For completeness I'd also rename PL111.
>
> What about:
>
> enum pl110_version
> {
> PL110_VERSION,
> PL110_VERSATILE_VERSION,
> PL111_VERSION
> }
>
> ?
That would work too, although I'm more used to enum values to
have a common prefix instead of a common suffix.
Any objections to:
enum pl110_version
{
VERSION_PL110,
VERSION_PL110_VERSATILE,
VERSION_PL111
}
?
--
Eduardo
[PATCH v6 1/4] copy-on-read: Support preadv/pwritev_part functions
Add support for the recently introduced functions
bdrv_co_preadv_part()
and
bdrv_co_pwritev_part()
to the COR-filter driver.
Signed-off-by: Andrey Shinkevich
---
block/copy-on-read.c | 28
1 file changed, 16 insertions(+), 12 deletions(-)
diff --git a/block/copy-on-read.c b/block/copy-on-read.c
index 2816e61..cb03e0f 100644
--- a/block/copy-on-read.c
+++ b/block/copy-on-read.c
@@ -74,21 +74,25 @@ static int64_t cor_getlength(BlockDriverState *bs)
}
-static int coroutine_fn cor_co_preadv(BlockDriverState *bs,
- uint64_t offset, uint64_t bytes,
- QEMUIOVector *qiov, int flags)
+static int coroutine_fn cor_co_preadv_part(BlockDriverState *bs,
+ uint64_t offset, uint64_t bytes,
+ QEMUIOVector *qiov,
+ size_t qiov_offset,
+ int flags)
{
-return bdrv_co_preadv(bs->file, offset, bytes, qiov,
- flags | BDRV_REQ_COPY_ON_READ);
+return bdrv_co_preadv_part(bs->file, offset, bytes, qiov, qiov_offset,
+ flags | BDRV_REQ_COPY_ON_READ);
}
-static int coroutine_fn cor_co_pwritev(BlockDriverState *bs,
- uint64_t offset, uint64_t bytes,
- QEMUIOVector *qiov, int flags)
+static int coroutine_fn cor_co_pwritev_part(BlockDriverState *bs,
+uint64_t offset,
+uint64_t bytes,
+QEMUIOVector *qiov,
+size_t qiov_offset, int flags)
{
-
-return bdrv_co_pwritev(bs->file, offset, bytes, qiov, flags);
+return bdrv_co_pwritev_part(bs->file, offset, bytes, qiov, qiov_offset,
+flags);
}
@@ -137,8 +141,8 @@ static BlockDriver bdrv_copy_on_read = {
.bdrv_getlength = cor_getlength,
-.bdrv_co_preadv = cor_co_preadv,
-.bdrv_co_pwritev= cor_co_pwritev,
+.bdrv_co_preadv_part= cor_co_preadv_part,
+.bdrv_co_pwritev_part = cor_co_pwritev_part,
.bdrv_co_pwrite_zeroes = cor_co_pwrite_zeroes,
.bdrv_co_pdiscard = cor_co_pdiscard,
.bdrv_co_pwritev_compressed = cor_co_pwritev_compressed,
--
1.8.3.1
[PATCH v6 3/4] qapi: add filter-node-name to block-stream
Provide the possibility to pass the 'filter-node-name' parameter to the
block-stream job as it is done for the commit block job. That will be
needed for further iotests implementations.
Signed-off-by: Andrey Shinkevich
---
block/monitor/block-hmp-cmds.c | 4 ++--
block/stream.c | 4 +++-
blockdev.c | 8 +++-
include/block/block_int.h | 7 ++-
qapi/block-core.json | 6 ++
5 files changed, 24 insertions(+), 5 deletions(-)
diff --git a/block/monitor/block-hmp-cmds.c b/block/monitor/block-hmp-cmds.c
index 4d3db5e..4e66775 100644
--- a/block/monitor/block-hmp-cmds.c
+++ b/block/monitor/block-hmp-cmds.c
@@ -507,8 +507,8 @@ void hmp_block_stream(Monitor *mon, const QDict *qdict)
qmp_block_stream(true, device, device, base != NULL, base, false, NULL,
false, NULL, qdict_haskey(qdict, "speed"), speed, true,
- BLOCKDEV_ON_ERROR_REPORT, false, false, false, false,
- );
+ BLOCKDEV_ON_ERROR_REPORT, false, NULL, false, false,
false,
+ false, );
hmp_handle_error(mon, error);
}
diff --git a/block/stream.c b/block/stream.c
index b9c1141..8bf6b6d 100644
--- a/block/stream.c
+++ b/block/stream.c
@@ -221,7 +221,9 @@ static const BlockJobDriver stream_job_driver = {
void stream_start(const char *job_id, BlockDriverState *bs,
BlockDriverState *base, const char *backing_file_str,
int creation_flags, int64_t speed,
- BlockdevOnError on_error, Error **errp)
+ BlockdevOnError on_error,
+ const char *filter_node_name,
+ Error **errp)
{
StreamBlockJob *s;
BlockDriverState *iter;
diff --git a/blockdev.c b/blockdev.c
index 237fffb..800ecb3 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -2476,6 +2476,7 @@ void qmp_block_stream(bool has_job_id, const char
*job_id, const char *device,
bool has_backing_file, const char *backing_file,
bool has_speed, int64_t speed,
bool has_on_error, BlockdevOnError on_error,
+ bool has_filter_node_name, const char *filter_node_name,
bool has_auto_finalize, bool auto_finalize,
bool has_auto_dismiss, bool auto_dismiss,
Error **errp)
@@ -2491,6 +2492,10 @@ void qmp_block_stream(bool has_job_id, const char
*job_id, const char *device,
on_error = BLOCKDEV_ON_ERROR_REPORT;
}
+if (!has_filter_node_name) {
+filter_node_name = NULL;
+}
+
bs = bdrv_lookup_bs(device, device, errp);
if (!bs) {
return;
@@ -2558,7 +2563,8 @@ void qmp_block_stream(bool has_job_id, const char
*job_id, const char *device,
}
stream_start(has_job_id ? job_id : NULL, bs, base_bs, base_name,
- job_flags, has_speed ? speed : 0, on_error, _err);
+ job_flags, has_speed ? speed : 0, on_error,
+ filter_node_name, _err);
if (local_err) {
error_propagate(errp, local_err);
goto out;
diff --git a/include/block/block_int.h b/include/block/block_int.h
index 465a601..3efde33 100644
--- a/include/block/block_int.h
+++ b/include/block/block_int.h
@@ -1122,6 +1122,9 @@ int is_windows_drive(const char *filename);
* See @BlockJobCreateFlags
* @speed: The maximum speed, in bytes per second, or 0 for unlimited.
* @on_error: The action to take upon error.
+ * @filter_node_name: The node name that should be assigned to the filter
+ * driver that the commit job inserts into the graph above @bs. NULL means
+ * that a node name should be autogenerated.
* @errp: Error object.
*
* Start a streaming operation on @bs. Clusters that are unallocated
@@ -1134,7 +1137,9 @@ int is_windows_drive(const char *filename);
void stream_start(const char *job_id, BlockDriverState *bs,
BlockDriverState *base, const char *backing_file_str,
int creation_flags, int64_t speed,
- BlockdevOnError on_error, Error **errp);
+ BlockdevOnError on_error,
+ const char *filter_node_name,
+ Error **errp);
/**
* commit_start:
diff --git a/qapi/block-core.json b/qapi/block-core.json
index 0b8ccd3..1db6ce1 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -2524,6 +2524,11 @@
#'stop' and 'enospc' can only be used if the block device
#supports io-status (see BlockInfo). Since 1.3.
#
+# @filter-node-name: the node name that should be assigned to the
+#filter driver that the stream job inserts into the graph
+#above @device. If this option is not given, a node name is
+#autogenerated. (Since: 5.1)
+#
# @auto-finalize: When false, this job will wait in a PENDING state after it
has
[PATCH v6 4/4] block: apply COR-filter to block-stream jobs
The patch completes the series with the COR-filter insertion to any
block-stream operation. It also makes changes to the iotests 030.
The test case 'test_stream_parallel' was deleted due to multiple
errors.
Signed-off-by: Andrey Shinkevich
---
block/stream.c | 76 --
tests/qemu-iotests/030 | 50 +++---
tests/qemu-iotests/030.out | 4 +--
3 files changed, 61 insertions(+), 69 deletions(-)
diff --git a/block/stream.c b/block/stream.c
index 8bf6b6d..0b11979 100644
--- a/block/stream.c
+++ b/block/stream.c
@@ -19,6 +19,7 @@
#include "qapi/qmp/qerror.h"
#include "qemu/ratelimit.h"
#include "sysemu/block-backend.h"
+#include "block/copy-on-read.h"
enum {
/*
@@ -33,8 +34,11 @@ typedef struct StreamBlockJob {
BlockJob common;
BlockDriverState *base_overlay; /* COW overlay (stream from this) */
BlockDriverState *above_base; /* Node directly above the base */
+BlockDriverState *cor_filter_bs;
+BlockDriverState *target_bs;
BlockdevOnError on_error;
char *backing_file_str;
+char *base_fmt;
bool bs_read_only;
bool chain_frozen;
} StreamBlockJob;
@@ -53,34 +57,26 @@ static void stream_abort(Job *job)
StreamBlockJob *s = container_of(job, StreamBlockJob, common.job);
if (s->chain_frozen) {
-BlockJob *bjob = >common;
-bdrv_unfreeze_backing_chain(blk_bs(bjob->blk), s->above_base);
+bdrv_unfreeze_backing_chain(s->cor_filter_bs, s->above_base);
}
}
static int stream_prepare(Job *job)
{
StreamBlockJob *s = container_of(job, StreamBlockJob, common.job);
-BlockJob *bjob = >common;
-BlockDriverState *bs = blk_bs(bjob->blk);
+BlockDriverState *bs = s->target_bs;
BlockDriverState *unfiltered_bs = bdrv_skip_filters(bs);
BlockDriverState *base = bdrv_filter_or_cow_bs(s->above_base);
Error *local_err = NULL;
int ret = 0;
-bdrv_unfreeze_backing_chain(bs, s->above_base);
+bdrv_unfreeze_backing_chain(s->cor_filter_bs, s->above_base);
s->chain_frozen = false;
if (bdrv_cow_child(unfiltered_bs)) {
-const char *base_id = NULL, *base_fmt = NULL;
-if (base) {
-base_id = s->backing_file_str;
-if (base->drv) {
-base_fmt = base->drv->format_name;
-}
-}
bdrv_set_backing_hd(unfiltered_bs, base, _err);
-ret = bdrv_change_backing_file(unfiltered_bs, base_id, base_fmt);
+ret = bdrv_change_backing_file(unfiltered_bs, s->backing_file_str,
+ s->base_fmt);
if (local_err) {
error_report_err(local_err);
return -EPERM;
@@ -94,7 +90,9 @@ static void stream_clean(Job *job)
{
StreamBlockJob *s = container_of(job, StreamBlockJob, common.job);
BlockJob *bjob = >common;
-BlockDriverState *bs = blk_bs(bjob->blk);
+BlockDriverState *bs = s->target_bs;
+
+bdrv_cor_filter_drop(s->cor_filter_bs);
/* Reopen the image back in read-only mode if necessary */
if (s->bs_read_only) {
@@ -104,13 +102,14 @@ static void stream_clean(Job *job)
}
g_free(s->backing_file_str);
+g_free(s->base_fmt);
}
static int coroutine_fn stream_run(Job *job, Error **errp)
{
StreamBlockJob *s = container_of(job, StreamBlockJob, common.job);
BlockBackend *blk = s->common.blk;
-BlockDriverState *bs = blk_bs(blk);
+BlockDriverState *bs = s->target_bs;
BlockDriverState *unfiltered_bs = bdrv_skip_filters(bs);
bool enable_cor = !bdrv_cow_child(s->base_overlay);
int64_t len;
@@ -231,6 +230,12 @@ void stream_start(const char *job_id, BlockDriverState *bs,
int basic_flags = BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE_UNCHANGED;
BlockDriverState *base_overlay = bdrv_find_overlay(bs, base);
BlockDriverState *above_base;
+BlockDriverState *cor_filter_bs = NULL;
+char *base_fmt = NULL;
+
+if (base && base->drv) {
+base_fmt = g_strdup(base->drv->format_name);
+}
if (!base_overlay) {
error_setg(errp, "'%s' is not in the backing chain of '%s'",
@@ -264,17 +269,36 @@ void stream_start(const char *job_id, BlockDriverState
*bs,
}
}
-/* Prevent concurrent jobs trying to modify the graph structure here, we
- * already have our own plans. Also don't allow resize as the image size is
- * queried only at the job start and then cached. */
-s = block_job_create(job_id, _job_driver, NULL, bs,
- basic_flags | BLK_PERM_GRAPH_MOD,
- basic_flags | BLK_PERM_WRITE,
+cor_filter_bs = bdrv_cor_filter_append(bs, filter_node_name, errp);
+if (cor_filter_bs == NULL) {
+goto fail;
+}
+
+if (bdrv_freeze_backing_chain(cor_filter_bs, bs, errp) < 0) {
+bdrv_cor_filter_drop(cor_filter_bs);
+cor_filter_bs = NULL;
+goto fail;
+}
+
+s =
[PATCH v6 0/4] Apply COR-filter to the block-stream permanently
Note: this series is based on the another one "block: Deal with filters" by Max Reitz that could be found in the branches: https://git.xanclic.moe/XanClic/qemu child-access-functions-v6 https://github.com/XanClic/qemu child-access-functions-v6 v6: Re-based to the series "block: Deal with filters". The minimum number of patches were kept. Not all the iotests were checked for pass. 04: The test case iotests:030:test_stream_parallel was removed due to multiple errors. Andrey Shinkevich (4): copy-on-read: Support preadv/pwritev_part functions copy-on-read: add filter append/drop functions qapi: add filter-node-name to block-stream block: apply COR-filter to block-stream jobs block/copy-on-read.c | 131 + block/copy-on-read.h | 36 +++ block/monitor/block-hmp-cmds.c | 4 +- block/stream.c | 80 + blockdev.c | 8 ++- include/block/block_int.h | 7 ++- qapi/block-core.json | 6 ++ tests/qemu-iotests/030 | 50 ++-- tests/qemu-iotests/030.out | 4 +- 9 files changed, 240 insertions(+), 86 deletions(-) create mode 100644 block/copy-on-read.h -- 1.8.3.1
[PATCH v6 2/4] copy-on-read: add filter append/drop functions
Provide API for the COR-filter insertion/removal.
Also, drop the filter child permissions for an inactive state when the
filter node is being removed.
Signed-off-by: Andrey Shinkevich
---
block/copy-on-read.c | 103 +++
block/copy-on-read.h | 36 ++
2 files changed, 139 insertions(+)
create mode 100644 block/copy-on-read.h
diff --git a/block/copy-on-read.c b/block/copy-on-read.c
index cb03e0f..150d9b7 100644
--- a/block/copy-on-read.c
+++ b/block/copy-on-read.c
@@ -23,11 +23,21 @@
#include "qemu/osdep.h"
#include "block/block_int.h"
#include "qemu/module.h"
+#include "qapi/error.h"
+#include "qapi/qmp/qdict.h"
+#include "block/copy-on-read.h"
+
+
+typedef struct BDRVStateCOR {
+bool active;
+} BDRVStateCOR;
static int cor_open(BlockDriverState *bs, QDict *options, int flags,
Error **errp)
{
+BDRVStateCOR *state = bs->opaque;
+
bs->file = bdrv_open_child(NULL, options, "file", bs, _of_bds,
BDRV_CHILD_FILTERED | BDRV_CHILD_PRIMARY,
false, errp);
@@ -42,6 +52,8 @@ static int cor_open(BlockDriverState *bs, QDict *options, int
flags,
((BDRV_REQ_FUA | BDRV_REQ_MAY_UNMAP | BDRV_REQ_NO_FALLBACK) &
bs->file->bs->supported_zero_flags);
+state->active = true;
+
return 0;
}
@@ -57,6 +69,17 @@ static void cor_child_perm(BlockDriverState *bs, BdrvChild
*c,
uint64_t perm, uint64_t shared,
uint64_t *nperm, uint64_t *nshared)
{
+BDRVStateCOR *s = bs->opaque;
+
+if (!s->active) {
+/*
+ * While the filter is being removed
+ */
+*nperm = 0;
+*nshared = BLK_PERM_ALL;
+return;
+}
+
*nperm = perm & PERM_PASSTHROUGH;
*nshared = (shared & PERM_PASSTHROUGH) | PERM_UNCHANGED;
@@ -135,6 +158,7 @@ static void cor_lock_medium(BlockDriverState *bs, bool
locked)
static BlockDriver bdrv_copy_on_read = {
.format_name= "copy-on-read",
+.instance_size = sizeof(BDRVStateCOR),
.bdrv_open = cor_open,
.bdrv_child_perm= cor_child_perm,
@@ -159,4 +183,83 @@ static void bdrv_copy_on_read_init(void)
bdrv_register(_copy_on_read);
}
+
+static BlockDriverState *create_filter_node(BlockDriverState *bs,
+const char *filter_node_name,
+Error **errp)
+{
+QDict *opts = qdict_new();
+
+qdict_put_str(opts, "driver", "copy-on-read");
+qdict_put_str(opts, "file", bdrv_get_node_name(bs));
+if (filter_node_name) {
+qdict_put_str(opts, "node-name", filter_node_name);
+}
+
+return bdrv_open(NULL, NULL, opts, BDRV_O_RDWR, errp);
+}
+
+
+BlockDriverState *bdrv_cor_filter_append(BlockDriverState *bs,
+ const char *filter_node_name,
+ Error **errp)
+{
+BlockDriverState *cor_filter_bs;
+BDRVStateCOR *state;
+Error *local_err = NULL;
+
+cor_filter_bs = create_filter_node(bs, filter_node_name, errp);
+if (cor_filter_bs == NULL) {
+error_prepend(errp, "Could not create filter node: ");
+return NULL;
+}
+
+if (!filter_node_name) {
+cor_filter_bs->implicit = true;
+}
+
+bdrv_drained_begin(bs);
+bdrv_replace_node(bs, cor_filter_bs, _err);
+bdrv_drained_end(bs);
+
+if (local_err) {
+bdrv_unref(cor_filter_bs);
+error_propagate(errp, local_err);
+return NULL;
+}
+
+state = cor_filter_bs->opaque;
+state->active = true;
+
+return cor_filter_bs;
+}
+
+
+void bdrv_cor_filter_drop(BlockDriverState *cor_filter_bs)
+{
+BdrvChild *child;
+BlockDriverState *bs;
+BDRVStateCOR *s = cor_filter_bs->opaque;
+
+child = bdrv_filter_child(cor_filter_bs);
+if (!child) {
+return;
+}
+bs = child->bs;
+
+/* Retain the BDS until we complete the graph change. */
+bdrv_ref(bs);
+/* Hold a guest back from writing while permissions are being reset. */
+bdrv_drained_begin(bs);
+/* Drop permissions before the graph change. */
+s->active = false;
+bdrv_child_refresh_perms(cor_filter_bs, child, _abort);
+bdrv_replace_node(cor_filter_bs, bs, _abort);
+
+bdrv_drained_end(bs);
+bdrv_unref(bs);
+bdrv_unref(cor_filter_bs);
+}
+
+
block_init(bdrv_copy_on_read_init);
diff --git a/block/copy-on-read.h b/block/copy-on-read.h
new file mode 100644
index 000..db03c6c
--- /dev/null
+++ b/block/copy-on-read.h
@@ -0,0 +1,36 @@
+/*
+ * Copy-on-read filter block driver
+ *
+ * The filter driver performs Copy-On-Read (COR) operations
+ *
+ * Copyright (c) 2018-2020 Virtuozzo International GmbH.
+ *
+ * Author:
+ * Andrey Shinkevich
+ *
+ * This program is free software; you
[REPORT] Nightly Performance Tests - Tuesday, August 18, 2020
Host CPU : Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz Host Memory : 15.49 GB Start Time (UTC) : 2020-08-18 21:00:01 End Time (UTC) : 2020-08-18 21:00:11 Execution Time : 0:00:10.419271 Status : FAILURE ERROR LOGS 2020-08-18T21:00:01.542176 - Verifying executables of 8 benchmarks for 17 targets 2020-08-18T21:00:01.545389 - Verifying results of reference version v5.1.0 2020-08-18T21:00:01.552203 - Checking out master 2020-08-18T21:00:01.876017 - Pulling the latest changes from QEMU master fatal: unable to access 'https://git.qemu.org/git/qemu.git/': Could not resolve host: git.qemu.org Failed to pull latest changes in QEMU master.
Re: [PATCH 30/41] qom: Make type checker functions accept const pointers
On Mon, Aug 17, 2020 at 05:08:41PM +0100, Daniel P. Berrangé wrote: > On Thu, Aug 13, 2020 at 06:26:14PM -0400, Eduardo Habkost wrote: > > The existing type check macros all unconditionally drop const > > qualifiers from their arguments. Keep this behavior in the > > macros generated by DECLARE_*CHECKER* by now. > > > > In the future, we might use _Generic to preserve const-ness of > > the cast function arguments. > > I'm not sure what you mean by "use _Generic" ? I meant something like: #define OBJECT_CHECK(Type, obj, ...) \ _Generic((obj), void *: (Type *)object_dynamic_cast_assert(obj, ...), const void *: (const Type *)object_dynamic_cast_assert(obj, ...)) However, now we'll generate type checking functions instead of type checking macros, so making (for example) DEVICE((Object*)x) and DEVICE((const Object*)x) return a different type would be impossible. -- Eduardo
Re: [PATCH v7 14/47] stream: Deal with filters
Reviewed-by: Andrey Shinkevich
On 10.08.2020 14:04, Vladimir Sementsov-Ogievskiy wrote:
10.08.2020 11:12, Max Reitz wrote:
On 07.08.20 12:29, Vladimir Sementsov-Ogievskiy wrote:
16.07.2020 17:59, Max Reitz wrote:
On 10.07.20 19:41, Andrey Shinkevich wrote:
On 10.07.2020 18:24, Max Reitz wrote:
On 09.07.20 16:52, Andrey Shinkevich wrote:
On 25.06.2020 18:21, Max Reitz wrote:
Because of the (not so recent anymore) changes that make the
stream job
independent of the base node and instead track the node above
it, we
have to split that "bottom" node into two cases: The bottom COW
node,
and the node directly above the base node (which may be an R/W
filter
or the bottom COW node).
Signed-off-by: Max Reitz
---
qapi/block-core.json | 4 +++
block/stream.c | 63
blockdev.c | 4 ++-
3 files changed, 53 insertions(+), 18 deletions(-)
diff --git a/qapi/block-core.json b/qapi/block-core.json
index b20332e592..df87855429 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -2486,6 +2486,10 @@
# On successful completion the image file is updated to
drop the
backing file
# and the BLOCK_JOB_COMPLETED event is emitted.
#
+# In case @device is a filter node, block-stream modifies the
first
non-filter
+# overlay node below it to point to base's backing node (or
NULL if
@base was
+# not specified) instead of modifying @device itself.
+#
# @job-id: identifier for the newly-created block job. If
# omitted, the device name will be used. (Since 2.7)
#
diff --git a/block/stream.c b/block/stream.c
index aa2e7af98e..b9c1141656 100644
--- a/block/stream.c
+++ b/block/stream.c
@@ -31,7 +31,8 @@ enum {
typedef struct StreamBlockJob {
BlockJob common;
- BlockDriverState *bottom;
+ BlockDriverState *base_overlay; /* COW overlay (stream from
this) */
+ BlockDriverState *above_base; /* Node directly above the
base */
Keeping the base_overlay is enough to complete the stream job.
Depends on the definition. If we decide it isn’t enough, then it
isn’t
enough.
The above_base may disappear during the job and we can't rely on
it.
In this version of this series, it may not, because the chain is
frozen.
So the above_base cannot disappear.
Once we insert a filter above the top bs of the stream job, the
parallel
jobs in
the iotests #030 will fail with 'frozen link error'. It is because of
the
independent parallel stream or commit jobs that insert/remove their
filters
asynchroniously.
I’m not sure whether that’s a problem with this series specifically.
We can discuss whether we should allow it to disappear, but I think
not.
The problem is, we need something to set as the backing file after
streaming. How do we figure out what that should be? My proposal
is we
keep above_base and use its immediate child.
We can do the same with the base_overlay.
If the backing node turns out to be a filter, the proper backing
child will
be set after the filter is removed. So, we shouldn't care.
And what if the user manually added some filter above the base (i.e.
below base_overlay) that they want to keep after the job?
It's automatically kept, if we use base_overlay->backing->bs as final
backing node.
You mean, that they want it to be dropped?
Er, yes. Point is, the graph structure below with @base at the root may
be different than the one right below @base_overlay.
so, assuming the following:
top -(backing)-> manually-inserted-filter -(file)-> base
and user do stream with base=base, and expects filter to be removed by
stream job?
Hmm, yes, such use-case is broken with our proposed way...
Let me now clarify the problem we'll have with your way.
When stream don't have any filter, we can easily imagine two parallel
stream jobs:
top -(backing)-> mid1 -(backing)-> mid2 -(backing)-> base
stream1: top=top, base=mid2
stream2: top=mid2, base=NULL
final picture is obvious:
top (merged with mid1) -(backing)-> mid2 (merged with base)
Yes, and I don’t think this currently working case is broken by this
series.
But we want stream job has own filter, like mirror.
Which it does not have yet, right? Which is why I was saying that I
don’t think this is a problem with this series. We could try to address
it later.
Or do you think we can’t address it later because right now all filter
cases are broken anyway so now would be the time to make a breaking
change (which the suggestion to not use @base as the final backing
node is)?
I think, we can address it later, but it would be good to fit into one
release cycle with these series, to not make incompatible behavior
changes later.
So the picture becomes more complex.
Assume stream2 starts first.
top -(backing)-> mid1 -(backing)-> stream2-filter -(backing)-> mid2
-(backing)-> base
stream2-filter would be on top of mid2, right?
Right. In my picture, "-(backing)->" means backing link.
Re: [PULL 000/150] Meson-based build system
On 18/08/20 22:10, Paolo Bonzini wrote: > Ok I can see the -mms-bitfields here too, hopefully that's enough to > debug it. Hrm no, I don't see it anymore with ea922aa50b2a8688. Can you send me the config-host.mak, build.ninja and Makefile.ninja files? Here I get: $ make target/s390x/gen-features V=1 cc -Itarget/s390x/gen-features.p -Itarget/s390x -I../target/s390x -fdiagnostics-color=always -pipe -D_FILE_OFFSET_BITS=64 -Wall -Winvalid-pch -Werror -O2 -g -fPIE -MD -MQ target/s390x/gen-features.p/gen-features.c.o -MF target/s390x/gen-features.p/gen-features.c.o.d -o target/s390x/gen-features.p/gen-features.c.o -c ../target/s390x/gen-features.c cc -o target/s390x/gen-features target/s390x/gen-features.p/gen-features.c.o -Wl,--as-needed -Wl,--allow-shlib-undefined -pie > This is supposed to be building an executable for the > host, but something has gone wrong with the flags passed > to cc for the link. This should be handled by the "native: false" in add_project_link_arguments(config_host['QEMU_LDFLAGS'].split(), native: false, language: ['c', 'cpp', 'objc']) (which is what was added to supposedly fix this). Paolo
Re: [PATCH v3] linux-user: Fix 'semop()' and 'semtimedop()' implementation
Le 18/08/2020 à 20:07, Filip Bozuta a écrit :
> The implementations of syscalls 'semop()' and 'semtimedop()' in
> file 'syscall.c' use function 'target_to_host_sembuf()' to convert
> values of 'struct sembuf' from host to target. However, before this
> conversion it should be check whether the number of semaphore operations
> 'nsops' is not bigger than maximum allowed semaphor operations per
> syscall: 'SEMOPM'. In these cases, errno 'E2BIG' ("Arg list too long")
> should be set. But the implementation will set errno 'EFAULT' ("Bad address")
> in this case since the conversion from target to host in this case fails.
>
> This was confirmed with the LTP test for 'semop()' ('ipc/semop/semop02') in
> test case where 'nsops' is greater than SEMOPM with unaproppriate errno
> EFAULT:
>
> semop02.c:130: FAIL: semop failed unexpectedly; expected: E2BIG: EFAULT (14)
>
> This patch changes this by adding a check whether 'nsops' is bigger than
> 'SEMOPM' before the conversion function 'target_to_host_sembuf()' is called.
> After the changes from this patch, the test works fine along with the other
> LTP testcases for 'semop()'):
>
> semop02.c:126: PASS: semop failed as expected: E2BIG (7)
>
> Implementation notes:
>
> A target value ('TARGET_SEMOPM') was added for 'SEMOPM' as to be sure
> in case the value is not available for some targets.
>
> Signed-off-by: Filip Bozuta
> ---
> linux-user/syscall.c | 13 +++--
> linux-user/syscall_defs.h | 2 ++
> 2 files changed, 13 insertions(+), 2 deletions(-)
>
> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> index 1211e759c2..e4d12c29d3 100644
> --- a/linux-user/syscall.c
> +++ b/linux-user/syscall.c
> @@ -3904,7 +3904,7 @@ static inline abi_long do_semtimedop(int semid,
> unsigned nsops,
> abi_long timeout)
> {
> -struct sembuf sops[nsops];
> +struct sembuf *sops;
> struct timespec ts, *pts = NULL;
> abi_long ret;
>
> @@ -3915,8 +3915,16 @@ static inline abi_long do_semtimedop(int semid,
> }
> }
>
> -if (target_to_host_sembuf(sops, ptr, nsops))
> +if (nsops > TARGET_SEMOPM) {
> +return -TARGET_E2BIG;
> +}
> +
> +sops = g_new(struct sembuf, nsops);
> +
> +if (target_to_host_sembuf(sops, ptr, nsops)) {
> +g_free(sops);
> return -TARGET_EFAULT;
> +}
>
> ret = -TARGET_ENOSYS;
> #ifdef __NR_semtimedop
> @@ -3928,6 +3936,7 @@ static inline abi_long do_semtimedop(int semid,
> SEMTIMEDOP_IPC_ARGS(nsops, sops,
> (long)pts)));
> }
> #endif
> +g_free(sops);
> return ret;
> }
> #endif
> diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
> index 3c261cff0e..f7f77346be 100644
> --- a/linux-user/syscall_defs.h
> +++ b/linux-user/syscall_defs.h
> @@ -46,6 +46,8 @@
> #define IPCOP_shmget 23
> #define IPCOP_shmctl 24
>
> +#define TARGET_SEMOPM 500
> +
> /*
> * The following is for compatibility across the various Linux
> * platforms. The i386 ioctl numbering scheme doesn't really enforce
>
Reviewed-by: Laurent Vivier
Re: [PULL 000/150] Meson-based build system
Ok I can see the -mms-bitfields here too, hopefully that's enough to debug it. Il mar 18 ago 2020, 21:27 Peter Maydell ha scritto: > On Tue, 18 Aug 2020 at 15:14, Paolo Bonzini wrote: > > > > The following changes since commit > d0ed6a69d399ae193959225cdeaa9382746c91cc: > > > > Update version for v5.1.0 release (2020-08-11 17:07:03 +0100) > > > > are available in the Git repository at: > > > > https://gitlab.com/bonzini/qemu.git tags/for-upstream > > > > for you to fetch changes up to 3aecbe785d65e3b92a3617c60e4d226362d9bdd5: > > > > docs: convert build system documentation to rST (2020-08-18 10:02:43 > -0400) > > > With what I think is the latest version of this pullreq > (commit ea922aa50b2a8688) w32 crossbuilds still fail, even > after a complete blow-away-builddir and rebuild from scratch. > > ccache cc -Itarget/s390x/gen-features.p -Itarget/s390x > -I../../target/s390x -fdiagnostics-color=always -pipe > -D_FILE_OFFSET_BITS=64 -Wall -Winvalid-pch -Werror -g -MD -MQ > target/s390x/gen-features.p/gen-features.c.o -MF > target/s390x/gen-features.p/gen-features.c.o.d -o > target/s390x/gen-features.p/gen-features.c.o -c > ../../target/s390x/gen-features.c > cc -Ilibqemu-s390x-softmmu.fa.p -I. -I../.. -Itarget/s390x > -I../../target/s390x -Iqapi -Itrace -Iui -Iui/shader > -I/usr/lib/mxe/usr/i686-w64-mingw32.shared/include/pixman-1 > -I/home/petmay01/qemu-for-merges/dtc/libfdt > -I/usr/lib/mxe/usr/i686-w64-mingw32.shared/include/glib-2.0 > -I/usr/lib/mxe/usr/i686-w64-mingw32.shared/lib/glib-2.0/include > -I/home/petmay01/qemu-for-merges/capstone/include > -fdiagnostics-color=always -pipe -Wall -Winvalid-pch -Werror > -std=gnu99 -g -Werror -mms-bitfields -m32 -D_GNU_SOURCE > -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes > -Wredundant-decls -Wundef -Wwrite-strings -Wmissing-prototypes > -fno-strict-aliasing -fno-common -fwrapv -Werror > -Wold-style-declaration -Wold-style-definition -Wtype-limits > -Wformat-security -Wformat-y2k -Winit-self -Wignored-qualifiers > -Wempty-body -Wnested-externs -Wendif-labels -Wno-missing-include-dirs > -Wno-psabi -fstack-protector-strong -iquote > /home/petmay01/qemu-for-merges/tcg/i386 -iquote . -iquote > /home/petmay01/qemu-for-merges -iquote > /home/petmay01/qemu-for-merges/accel/tcg -iquote > /home/petmay01/qemu-for-merges/include -iquote > /home/petmay01/qemu-for-merges/disas/libvixl -DNEED_CPU_H > '-DCONFIG_TARGET="s390x-softmmu-config-target.h"' > '-DCONFIG_DEVICES="s390x-softmmu-config-devices.h"' -MP -o > target/s390x/gen-features target/s390x/gen-features.p/gen-features.c.o > -Wl,--as-needed -Wl,--allow-shlib-undefined > /usr/bin/ld: i386:x86-64 architecture of input file > `target/s390x/gen-features.p/gen-features.c.o' is incompatible with > i386 output > /usr/bin/ld: target/s390x/gen-features.p/gen-features.c.o: file class > ELFCLASS64 incompatible with ELFCLASS32 > /usr/bin/ld: final link failed: File in wrong format > collect2: error: ld returned 1 exit status > > This is supposed to be building an executable for the > host, but something has gone wrong with the flags passed > to cc for the link. In particular: > > -I/usr/lib/mxe/usr/i686-w64-mingw32.shared/include/pixman-1 > and similar are for target-compiles, not host-compiles; > -m32 is the immediate cause of the linker failure since > it's asking the host cc to do a 32-bit build, which then > barfs when fed the 64-bit .o file; > -mms-bitfields is an option that only makes sense for the > target windows builds. > > The flags used for the cc-to-build-o-file look more reasonable > (though they're missing a lot of -W options that we could > probably pass it). > > thanks > -- PMM > >
Re: [PULL 000/150] Meson-based build system
On Tue, 18 Aug 2020 at 15:14, Paolo Bonzini wrote: > > The following changes since commit d0ed6a69d399ae193959225cdeaa9382746c91cc: > > Update version for v5.1.0 release (2020-08-11 17:07:03 +0100) > > are available in the Git repository at: > > https://gitlab.com/bonzini/qemu.git tags/for-upstream > > for you to fetch changes up to 3aecbe785d65e3b92a3617c60e4d226362d9bdd5: > > docs: convert build system documentation to rST (2020-08-18 10:02:43 -0400) With what I think is the latest version of this pullreq (commit ea922aa50b2a8688) w32 crossbuilds still fail, even after a complete blow-away-builddir and rebuild from scratch. ccache cc -Itarget/s390x/gen-features.p -Itarget/s390x -I../../target/s390x -fdiagnostics-color=always -pipe -D_FILE_OFFSET_BITS=64 -Wall -Winvalid-pch -Werror -g -MD -MQ target/s390x/gen-features.p/gen-features.c.o -MF target/s390x/gen-features.p/gen-features.c.o.d -o target/s390x/gen-features.p/gen-features.c.o -c ../../target/s390x/gen-features.c cc -Ilibqemu-s390x-softmmu.fa.p -I. -I../.. -Itarget/s390x -I../../target/s390x -Iqapi -Itrace -Iui -Iui/shader -I/usr/lib/mxe/usr/i686-w64-mingw32.shared/include/pixman-1 -I/home/petmay01/qemu-for-merges/dtc/libfdt -I/usr/lib/mxe/usr/i686-w64-mingw32.shared/include/glib-2.0 -I/usr/lib/mxe/usr/i686-w64-mingw32.shared/lib/glib-2.0/include -I/home/petmay01/qemu-for-merges/capstone/include -fdiagnostics-color=always -pipe -Wall -Winvalid-pch -Werror -std=gnu99 -g -Werror -mms-bitfields -m32 -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wundef -Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common -fwrapv -Werror -Wold-style-declaration -Wold-style-definition -Wtype-limits -Wformat-security -Wformat-y2k -Winit-self -Wignored-qualifiers -Wempty-body -Wnested-externs -Wendif-labels -Wno-missing-include-dirs -Wno-psabi -fstack-protector-strong -iquote /home/petmay01/qemu-for-merges/tcg/i386 -iquote . -iquote /home/petmay01/qemu-for-merges -iquote /home/petmay01/qemu-for-merges/accel/tcg -iquote /home/petmay01/qemu-for-merges/include -iquote /home/petmay01/qemu-for-merges/disas/libvixl -DNEED_CPU_H '-DCONFIG_TARGET="s390x-softmmu-config-target.h"' '-DCONFIG_DEVICES="s390x-softmmu-config-devices.h"' -MP -o target/s390x/gen-features target/s390x/gen-features.p/gen-features.c.o -Wl,--as-needed -Wl,--allow-shlib-undefined /usr/bin/ld: i386:x86-64 architecture of input file `target/s390x/gen-features.p/gen-features.c.o' is incompatible with i386 output /usr/bin/ld: target/s390x/gen-features.p/gen-features.c.o: file class ELFCLASS64 incompatible with ELFCLASS32 /usr/bin/ld: final link failed: File in wrong format collect2: error: ld returned 1 exit status This is supposed to be building an executable for the host, but something has gone wrong with the flags passed to cc for the link. In particular: -I/usr/lib/mxe/usr/i686-w64-mingw32.shared/include/pixman-1 and similar are for target-compiles, not host-compiles; -m32 is the immediate cause of the linker failure since it's asking the host cc to do a 32-bit build, which then barfs when fed the 64-bit .o file; -mms-bitfields is an option that only makes sense for the target windows builds. The flags used for the cc-to-build-o-file look more reasonable (though they're missing a lot of -W options that we could probably pass it). thanks -- PMM
Re: deprecation of in-tree builds
On Mon, 23 Mar 2020 at 13:32, Stefan Hajnoczi wrote: > On Sat, Mar 21, 2020 at 11:50:23PM +0100, BALATON Zoltan wrote: > > This was discussed before. I think instead of annoying people with a > > warning, rather configure should be changed to create a build dir if run > > from source and have a Makefile in top dir that runs make -C builddir so > > people don't have to care about this or change their ways and can continue > > to run configure && make from source dir but you don't have to support > > in-tree build. Then you can deprecate in-tree builds but supporting only > > out-of-tree without this convenience would not just unnecessarily annoy > > those who prefer working in a single tree but people (and apparently some > > tools) expect sources to build with usual configure; make; make install so > > that should be the minimum to support. > > Yes, please! I use in-tree builds and find it tedious to cd into a > build dir manually. > > Also, many build scripts (packaging, etc) we'll break if we simply > remove in-tree builds. I think make && make install should continue to > work. Paolo's conversion-to-Meson patchseries is about to land, so now is the time for people who would like this "automatically create a build directory and use it" behaviour to write the necessary patches. Any volunteers ? My current plan is to land the Meson series first, because it is really painful for Paolo to try to keep rebasing it as other changes to the old build system occur. This would break in-tree builds temporarily until the "automatic creation and use of a builddir" patches go in on top of it. thanks -- PMM
[Bug 1892081] Re: Performance improvement when using "QEMU_FLATTEN" with softfloat type conversions
** Attachment added: "before.png" https://bugs.launchpad.net/qemu/+bug/1892081/+attachment/5402578/+files/before.png -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1892081 Title: Performance improvement when using "QEMU_FLATTEN" with softfloat type conversions Status in QEMU: New Bug description: Attached below is a matrix multiplication program for double data types. The program performs the casting operation "(double)rand()" when generating random numbers. This operation calls the integer to float softfloat conversion function "int32_to_float_64". Adding the "QEMU_FLATTEN" attribute to the function definition decreases the instructions per call of the function by about 63%. Attached are before and after performance screenshots from KCachegrind. To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1892081/+subscriptions
[Bug 1892081] [NEW] Performance improvement when using "QEMU_FLATTEN" with softfloat type conversions
Public bug reported: Attached below is a matrix multiplication program for double data types. The program performs the casting operation "(double)rand()" when generating random numbers. This operation calls the integer to float softfloat conversion function "int32_to_float_64". Adding the "QEMU_FLATTEN" attribute to the function definition decreases the instructions per call of the function by about 63%. Attached are before and after performance screenshots from KCachegrind. ** Affects: qemu Importance: Undecided Status: New ** Attachment added: "matmult_double.c" https://bugs.launchpad.net/bugs/1892081/+attachment/5402577/+files/matmult_double.c -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1892081 Title: Performance improvement when using "QEMU_FLATTEN" with softfloat type conversions Status in QEMU: New Bug description: Attached below is a matrix multiplication program for double data types. The program performs the casting operation "(double)rand()" when generating random numbers. This operation calls the integer to float softfloat conversion function "int32_to_float_64". Adding the "QEMU_FLATTEN" attribute to the function definition decreases the instructions per call of the function by about 63%. Attached are before and after performance screenshots from KCachegrind. To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1892081/+subscriptions
[Bug 1892081] Re: Performance improvement when using "QEMU_FLATTEN" with softfloat type conversions
** Attachment added: "after.png" https://bugs.launchpad.net/qemu/+bug/1892081/+attachment/5402579/+files/after.png -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1892081 Title: Performance improvement when using "QEMU_FLATTEN" with softfloat type conversions Status in QEMU: New Bug description: Attached below is a matrix multiplication program for double data types. The program performs the casting operation "(double)rand()" when generating random numbers. This operation calls the integer to float softfloat conversion function "int32_to_float_64". Adding the "QEMU_FLATTEN" attribute to the function definition decreases the instructions per call of the function by about 63%. Attached are before and after performance screenshots from KCachegrind. To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1892081/+subscriptions
Re: guest agent public ssh key add/remove support?
On Dienstag, 18. August 2020 15:25:56 CEST David Vossel wrote: > - Guest Agent SSH add/remove Support? > > As a PoC, I cobbled together some guest agent exec and file write client > commands which can technically achieve the desired result of > adding/removing entries in a /home//.ssh/authorized_keys file. It's a > little unwieldy, but it works. > > This got me thinking, an officially supported guest agent api for this ssh > key management would be really nice. There's already a somewhat related > precedent with the "guest-set-user-password" guest agent command. > > So here's the question. What would you all think about the guest agent API > being expanded with new commands for adding/removing ssh public keys from > authorized_keys files? There are two pass-through file systems in QEMU: 9pfs and virtiofs. Don't you think they would be sufficient for the use case? Best regards, Christian Schoenebeck
[PATCH v3] linux-user: Fix 'semop()' and 'semtimedop()' implementation
The implementations of syscalls 'semop()' and 'semtimedop()' in
file 'syscall.c' use function 'target_to_host_sembuf()' to convert
values of 'struct sembuf' from host to target. However, before this
conversion it should be check whether the number of semaphore operations
'nsops' is not bigger than maximum allowed semaphor operations per
syscall: 'SEMOPM'. In these cases, errno 'E2BIG' ("Arg list too long")
should be set. But the implementation will set errno 'EFAULT' ("Bad address")
in this case since the conversion from target to host in this case fails.
This was confirmed with the LTP test for 'semop()' ('ipc/semop/semop02') in
test case where 'nsops' is greater than SEMOPM with unaproppriate errno EFAULT:
semop02.c:130: FAIL: semop failed unexpectedly; expected: E2BIG: EFAULT (14)
This patch changes this by adding a check whether 'nsops' is bigger than
'SEMOPM' before the conversion function 'target_to_host_sembuf()' is called.
After the changes from this patch, the test works fine along with the other
LTP testcases for 'semop()'):
semop02.c:126: PASS: semop failed as expected: E2BIG (7)
Implementation notes:
A target value ('TARGET_SEMOPM') was added for 'SEMOPM' as to be sure
in case the value is not available for some targets.
Signed-off-by: Filip Bozuta
---
linux-user/syscall.c | 13 +++--
linux-user/syscall_defs.h | 2 ++
2 files changed, 13 insertions(+), 2 deletions(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 1211e759c2..e4d12c29d3 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -3904,7 +3904,7 @@ static inline abi_long do_semtimedop(int semid,
unsigned nsops,
abi_long timeout)
{
-struct sembuf sops[nsops];
+struct sembuf *sops;
struct timespec ts, *pts = NULL;
abi_long ret;
@@ -3915,8 +3915,16 @@ static inline abi_long do_semtimedop(int semid,
}
}
-if (target_to_host_sembuf(sops, ptr, nsops))
+if (nsops > TARGET_SEMOPM) {
+return -TARGET_E2BIG;
+}
+
+sops = g_new(struct sembuf, nsops);
+
+if (target_to_host_sembuf(sops, ptr, nsops)) {
+g_free(sops);
return -TARGET_EFAULT;
+}
ret = -TARGET_ENOSYS;
#ifdef __NR_semtimedop
@@ -3928,6 +3936,7 @@ static inline abi_long do_semtimedop(int semid,
SEMTIMEDOP_IPC_ARGS(nsops, sops, (long)pts)));
}
#endif
+g_free(sops);
return ret;
}
#endif
diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
index 3c261cff0e..f7f77346be 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h
@@ -46,6 +46,8 @@
#define IPCOP_shmget 23
#define IPCOP_shmctl 24
+#define TARGET_SEMOPM 500
+
/*
* The following is for compatibility across the various Linux
* platforms. The i386 ioctl numbering scheme doesn't really enforce
--
2.25.1
Re: [PATCH] audio/jack: fix use after free segfault
On Dienstag, 18. August 2020 14:40:36 CEST Geoffrey McRae wrote: > Due to a ridiculous commit in the Jack library, the client may have been > freed already by a secondary audio device recovering its session. > > https://github.com/jackaudio/jack2/issues/627 > > Until there is a proper fix for this we can not risk using the pointer > at all if we have been notified of a shutdown as it may have been freed > by the jack library, as such the close call is commented out to prevent > a use after free segfault. > > At this time, this will not cause a memory leak as the recovery routine > will trigger the "cleanup" code in the jack library, however, if this is > ever corrected in the jack library this will need to be revisited. > > Signed-off-by: Geoffrey McRae > --- > audio/jackaudio.c | 17 - > 1 file changed, 16 insertions(+), 1 deletion(-) > > diff --git a/audio/jackaudio.c b/audio/jackaudio.c > index 72ed7c4929..e8faf1bb89 100644 > --- a/audio/jackaudio.c > +++ b/audio/jackaudio.c > @@ -563,7 +563,22 @@ static void qjack_client_fini(QJackClient *c) > /* fallthrough */ > > case QJACK_STATE_SHUTDOWN: > -jack_client_close(c->client); > +/* > + * Due to a rediculous commit in the Jack library, the client may > have + * been freed already. No need to be offending, and especially no need to insult Stéphane in QEMU code. Could you please describe in more detail how you ran into this situation with your 2nd audio device? > + * > + * Until there is a proper fix for this we can not risk using the > + * pointer at all if we have been notified of a shutdown, as such > the + * below line is commented out to prevent a use after free > segfault. + * This will not cause a memory leak as the recovery > routine will trigger + * the "cleanup" code in the jack library. > + * > + * > https://github.com/jackaudio/jack2/commit/171a3c4a0ddd18d2afae56f3af6291c8e > 96ee3ac + */ > + > +//jack_client_close(c->client); > +c->client = NULL; > + > /* fallthrough */ Are you aware that there are two distinct variants of JACK? They are commonly referred to as JACK1 vs. JACK2 and despite their names, they are in fact completely separate implementations and there are people who prefer one over the other. Your change would affect JACK1 as well. Best regards, Christian Schoenebeck
Re: [PULL 000/150] Meson-based build system
Patchew URL:
https://patchew.org/QEMU/20200818141025.21608-1-pbonz...@redhat.com/
Hi,
This series seems to have some coding style problems. See output below for
more information:
Type: series
Message-id: 20200818141025.21608-1-pbonz...@redhat.com
Subject: [PULL 000/150] Meson-based build system
=== TEST SCRIPT BEGIN ===
#!/bin/bash
git rev-parse base > /dev/null || exit 0
git config --local diff.renamelimit 0
git config --local diff.renames True
git config --local diff.algorithm histogram
./scripts/checkpatch.pl --mailback base..
=== TEST SCRIPT END ===
Switched to a new branch 'test'
c16b03f docs: convert build system documentation to rST
8b02ad8 meson: update build-system documentation
55b78f7 meson: avoid unstable module warning with Meson 0.56.0 or newer
36279d0 meson: convert po/
b89a5e1 meson: convert VNC and dependent libraries to meson
771a8e0 meson: move SDL and SDL-image detection to meson
0afcda0 meson: convert sample plugins
bb8fb6f meson: replace create-config with meson configure_file
7a04e60 rules.mak: drop unneeded macros
1cf918a meson: convert check-block
5a485c9 meson: build texi doc
65dc514 docs: automatically track manual dependencies
d47eece meson: sphinx-build
64b8aed remove Makefile.target
076ca6b rules.mak: remove version.o
a11fda4 meson: convert systemtap files
5ef3419 meson: link emulators without Makefile.target
50a6cf7 meson: plugins
93baf31 meson: cpu-emu
06dd45b meson: bsd-user
7134f65 meson: linux-user
bdb6007 meson: accel
e201a0c meson: target
432e10a meson: convert hw/arch*
cbd0621 meson: convert hw/9pfs, cleanup
c451370 meson: convert hw/acpi
cc4e3e8 meson: convert hw/adc
63c4992 meson: convert hw/audio
df77951 meson: convert hw/block
d09ccc6 meson: convert hw/char
cc426dd meson: convert hw/cpu
7ef9e9c meson: convert hw/display
681954d meson: convert hw/dma
24e88c1 meson: convert hw/gpio
9dc8ec9 meson: convert hw/hyperv
8528513 meson: convert hw/i2c
0c6b6e0 meson: convert hw/ide
d71a43f meson: convert hw/input
3458e81 meson: convert hw/intc
4938322 meson: convert hw/ipack
6e4d60c2 meson: convert hw/ipmi
8f82824 meson: convert hw/isa
e98dfbe meson: convert hw/misc
d76f87d meson: convert hw/net
062f93d meson: convert hw/rdma
8418e9c meson: convert hw/nvram
fab524d meson: convert hw/pci
7767999 meson: convert hw/pci-bridge
43249b2 meson: convert hw/pci-host
faa8446 meson: convert hw/pcmcia
2aed805 meson: convert hw/scsi
b286704 meson: convert hw/sd
f3c8984 meson: convert hw/ssi
4031a4d meson: convert hw/rtc
6879ddc meson: convert hw/timer
ccd3ece meson: convert hw/tpm
b865f5b meson: convert hw/usb
ba4283d meson: convert hw/vfio
a851650 meson: convert hw/virtio
dce7a6b meson: convert hw/watchdog
74ab5a6 meson: convert hw/mem
31c2cf1 meson: convert hw/smbios
5f271aa meson: convert hw/nubus
91511e9 meson: convert hw/semihosting
761b45c meson: convert hw/core
4f429ae meson: convert hw/xen
c4b83c4 meson: convert qapi-specific to meson
a536458 meson: convert disas directory to Meson
53a99cf meson: convert fsdev/
0eacf03 meson: convert backends directory to Meson
3c5b300 meson: convert net directory to Meson
7278fb5 meson: convert migration directory to Meson
e8bab19 meson: convert replay directory to Meson
bf785d2 meson: convert qemu-storage-daemon
3d90a69 meson: convert common QMP bits for qemu and qemu-storage-daemon
99e207e meson: convert dump/
c55c2d1 meson: convert trace/
1527dfd meson: convert most of softmmu/
31425f7 meson: convert root directory to Meson
a1913dc meson: convert ui directory to Meson
68e0d6c meson: convert audio directory to Meson
e0f1837 meson: convert tests/qtest to meson
4edf889 meson: convert chardev directory to Meson (emulator part)
5b7cd3c configure, Makefile; remove TOOLS and HELPERS-y variable
3bdbf8f meson: qemu-pr-helper
dd734ff meson: qemu-{img,io,nbd}
1fce06f meson: convert block
dd86ec9 meson: convert chardev directory to Meson (tools part)
b7a03d1 meson: add modules infrastructure
b488a70 meson: infrastructure for building emulators
f366739 meson: convert target/s390x/gen-features.h
7981db7 meson: convert io directory to Meson
c71517a meson: convert crypto directory to Meson
55631a6 meson: convert authz directory to Meson
09e3f19 meson: convert qom directory to Meson (tools part)
2ad5943 meson: convert check-qapi-schema
6d6646c meson: convert tests/fp and check-softfloat
aac90d6 meson: convert check-decodetree
6ebb41e meson: handle edk2 bios and descriptors
0d4684c meson: generate hxtool files
b0b6477 meson: generate shader headers
e56da56 meson: generate qemu-version.h
7dc71ca meson: keymap-gen
580940a meson: add virtfs-proxy-helper
5af19c9 meson: add qemu-edid
089e994 meson: add qemu-keymap
1ba9579 meson: add qemu-bridge-helper
804311a meson: convert dummy Windows qga/qemu-ga target
0f354fa meson: add msi generation
46a5baa meson: convert vss-win32
cdbf46e meson: convert qemu-ga
1af6797 meson: add solaris and Haiku libraries
ec7748a meson: add macos dependencies
90c6bf8 contrib/elf2dmp: convert to meson
bcc9499 contrib/ivshmem:
Re: [RFC PATCH v3 4/5] util/vfio-helpers: Introduce qemu_vfio_pci_init_msix_irqs()
On Tue, 18 Aug 2020 18:45:08 +0200
Philippe Mathieu-Daudé wrote:
> qemu_vfio_pci_init_irq() allows us to initialize any type of IRQ,
> but only one. Introduce qemu_vfio_pci_init_msix_irqs() which is
> specific to MSIX IRQ type, and allow us to use multiple IRQs
> (thus passing multiple eventfd notifiers).
>
> Signed-off-by: Philippe Mathieu-Daudé
> ---
> include/qemu/vfio-helpers.h | 2 ++
> util/vfio-helpers.c | 53 +
> 2 files changed, 55 insertions(+)
>
> diff --git a/include/qemu/vfio-helpers.h b/include/qemu/vfio-helpers.h
> index 1f057c2b9e4..63108ebc8da 100644
> --- a/include/qemu/vfio-helpers.h
> +++ b/include/qemu/vfio-helpers.h
> @@ -28,5 +28,7 @@ void qemu_vfio_pci_unmap_bar(QEMUVFIOState *s, int index,
> void *bar,
> uint64_t offset, uint64_t size);
> int qemu_vfio_pci_init_irq(QEMUVFIOState *s, EventNotifier *e,
> int irq_type, Error **errp);
> +int qemu_vfio_pci_init_msix_irqs(QEMUVFIOState *s, EventNotifier *e,
> + unsigned irq_count, Error **errp);
>
> #endif
> diff --git a/util/vfio-helpers.c b/util/vfio-helpers.c
> index 696f2d51712..fb3a79a5bcb 100644
> --- a/util/vfio-helpers.c
> +++ b/util/vfio-helpers.c
> @@ -215,6 +215,59 @@ int qemu_vfio_pci_init_irq(QEMUVFIOState *s,
> EventNotifier *e,
> return 0;
> }
>
> +/**
> + * Initialize device MSIX IRQs and register event notifiers.
> + * @irq_count: number of MSIX IRQs to initialize
> + * @e: Array of @irq_count notifiers (each corresponding to a MSIX IRQ)
> + */
> +int qemu_vfio_pci_init_msix_irqs(QEMUVFIOState *s, EventNotifier *e,
> + unsigned irq_count, Error **errp)
> +{
> +int r;
> +struct vfio_irq_set *irq_set;
> +size_t irq_set_size;
> +struct vfio_irq_info irq_info = { .argsz = sizeof(irq_info) };
> +
> +irq_info.index = VFIO_PCI_MSIX_IRQ_INDEX;
Nit, this could be initialized in the declaration with argsz.
> +if (ioctl(s->device, VFIO_DEVICE_GET_IRQ_INFO, _info)) {
> +error_setg_errno(errp, errno, "Failed to get device interrupt info");
> +return -errno;
> +}
> +if (irq_info.count <= irq_count) {
Shouldn't this only test strictly less than? The API seems to leave
the problem of determining how many vectors might be available as an
exercise for the caller. Thanks,
Alex
> +error_setg(errp,
> + "Not enough device interrupts available (only %" PRIu32
> ")",
> + irq_info.count);
> +return -EINVAL;
> +}
> +if (!(irq_info.flags & VFIO_IRQ_INFO_EVENTFD)) {
> +error_setg(errp, "Device interrupt doesn't support eventfd");
> +return -EINVAL;
> +}
> +
> +irq_set_size = sizeof(*irq_set) + irq_count * sizeof(int32_t);
> +irq_set = g_malloc0(irq_set_size);
> +
> +/* Get to a known IRQ state */
> +*irq_set = (struct vfio_irq_set) {
> +.argsz = irq_set_size,
> +.flags = VFIO_IRQ_SET_DATA_EVENTFD | VFIO_IRQ_SET_ACTION_TRIGGER,
> +.index = irq_info.index,
> +.start = 0,
> +.count = irq_count,
> +};
> +
> +for (unsigned i = 0; i < irq_count; i++) {
> +((int32_t *)_set->data)[i] = event_notifier_get_fd([i]);
> +}
> +r = ioctl(s->device, VFIO_DEVICE_SET_IRQS, irq_set);
> +g_free(irq_set);
> +if (r) {
> +error_setg_errno(errp, errno, "Failed to setup device interrupts");
> +return -errno;
> +}
> +return 0;
> +}
> +
> static int qemu_vfio_pci_read_config(QEMUVFIOState *s, void *buf,
> int size, int ofs)
> {
Re: [RFC PATCH v3 2/5] util/vfio-helpers: Report error on unsupported host architectures
On 8/18/20 7:12 PM, Alex Williamson wrote:
> On Tue, 18 Aug 2020 18:45:06 +0200
> Philippe Mathieu-Daudé wrote:
>
>> The vfio-helpers implementation expects a TYPEv1 IOMMU, see
>> qemu_vfio_init_pci:
>>
>> 263 if (!ioctl(s->container, VFIO_CHECK_EXTENSION, VFIO_TYPE1_IOMMU)) {
>> 264 error_setg_errno(errp, errno, "VFIO IOMMU check failed");
>>
>> Thus POWER SPAPR IOMMU is obviously not supported.
>>
>> The implementation only cares about host page size alignment
>> (usually 4KB on X86), not the IOMMU one, which is be problematic
>> on Aarch64, when 64MB page size is used. So Aarch64 is not
>> supported neither.
>>
>> Report an error when the host architecture is different than X86:
>>
>> $ qemu-system-aarch64 \
>> -drive file=nvme://0001:01:00.0/1,if=none,id=drive0 \
>> -device virtio-blk-pci,drive=drive0
>> qemu-system-aarch64: -drive file=nvme://0001:01:00.0/1,if=none,id=drive0:
>> QEMU VFIO utility is not supported on this architecture
>>
>> Signed-off-by: Philippe Mathieu-Daudé
>> ---
>> Cc: Eric Auger
>> Cc: Drew Jones
>> Cc: Laurent Vivier
>> Cc: David Gibson
>> ---
>> util/vfio-helpers.c | 26 +-
>> 1 file changed, 25 insertions(+), 1 deletion(-)
>>
>> diff --git a/util/vfio-helpers.c b/util/vfio-helpers.c
>> index e399e330e26..60017936e3e 100644
>> --- a/util/vfio-helpers.c
>> +++ b/util/vfio-helpers.c
>> @@ -420,14 +420,38 @@ static void qemu_vfio_open_common(QEMUVFIOState *s)
>> qemu_ram_foreach_block(qemu_vfio_init_ramblock, s);
>> }
>>
>> +/**
>> + * Return if the host architecture is supported.
>> + *
>> + * aarch64: IOMMU page alignment not respected
>> + * ppc64: SPAPR IOMMU window not configured
>> + * x86-64: Only architecture validated
>> + * other: Untested
>> + */
>> +static bool qemu_vfio_arch_supported(void)
>> +{
>> +bool supported = false;
>> +
>> +#if defined(HOST_X86_64)
>> +supported = true;
>> +#endif
>> +
>> +return supported;
>> +}
>
> Why does this need to be hard coded to specific architectures rather
> than probing for type1 IOMMU support and looking at the iova_pgsizes
> from VFIO_IOMMU_GET_INFO to see if there's a compatible size? It
> requires us to get a bit deeper into the device initialization, but we
> should still be able to unwind out of the device realize. Otherwise
> we're throwing out aarch64 running of 4KB for no reason, right? Thanks,
Ah yes, much clever! Thanks Alex :)
>
> Alex
>
>
>> /**
>> * Open a PCI device, e.g. ":00:01.0".
>> */
>> QEMUVFIOState *qemu_vfio_open_pci(const char *device, Error **errp)
>> {
>> int r;
>> -QEMUVFIOState *s = g_new0(QEMUVFIOState, 1);
>> +QEMUVFIOState *s;
>>
>> +if (!qemu_vfio_arch_supported()) {
>> +error_setg(errp,
>> + "QEMU VFIO utility is not supported on this
>> architecture");
>> +return NULL;
>> +}
>> +s = g_new0(QEMUVFIOState, 1);
>> r = qemu_vfio_init_pci(s, device, errp);
>> if (r) {
>> g_free(s);
>
