Re: [Qemu-devel] [RFC PATCH v2 00/22] remove i386/pc dependency: generic SuperIO

2018-03-07 Thread Paolo Bonzini
On 05/03/2018 22:50, no-re...@patchew.org wrote: > CC hw/misc/applesmc.o > CC hw/misc/max111x.o > /tmp/qemu-test/src/hw/isa/isa-superio.c: In function 'isa_superio_realize': > /tmp/qemu-test/src/hw/isa/isa-superio.c:39:46: error: format '%ld' expects > argument of type 'long int',

[Qemu-devel] [PATCH] sdl: workaround bug in sdl 2.0.8 headers

2018-03-07 Thread Gerd Hoffmann
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892087 Signed-off-by: Gerd Hoffmann --- configure | 1 + 1 file changed, 1 insertion(+) diff --git a/configure b/configure index 6f3921c02a..86240f97ac 100755 --- a/configure +++ b/configure @@ -2874,6 +2874,7 @@ if test

Re: [Qemu-devel] QEMU fails to configure on non-x86 hosts with recent SDL2

2018-03-07 Thread Gerd Hoffmann
On Wed, Mar 07, 2018 at 02:18:02PM +, Peter Maydell wrote: > On 7 March 2018 at 14:11, Gerd Hoffmann wrote: > > Hi, > > > >> Drop -Wundef when running the configiure test, or override it with > >> -Wno-undef > >> > >> If the actual ui/sdl* files fail for same reason, we

[Qemu-devel] [PATCH] hw/ppc/prep: Fix implicit creation of "-drive if=scsi" devices

2018-03-07 Thread Thomas Huth
The global hack for creating SCSI devices has recently been removed, but this apparently broke SCSI devices on some boards that were not ready for this change yet. For the 40p machine you now get: $ ppc64-softmmu/qemu-system-ppc64 -M 40p -cdrom x.iso qemu-system-ppc64: -cdrom x.iso: machine type

Re: [Qemu-devel] [PATCH v3 11/29] vhost+postcopy: Transmit 'listen' to client

2018-03-07 Thread Peter Xu
On Tue, Mar 06, 2018 at 11:20:56AM +, Dr. David Alan Gilbert wrote: > * Peter Xu (pet...@redhat.com) wrote: > > On Mon, Mar 05, 2018 at 05:42:42PM +, Dr. David Alan Gilbert wrote: > > > * Peter Xu (pet...@redhat.com) wrote: > > > > On Fri, Feb 16, 2018 at 01:16:07PM +, Dr. David Alan

Re: [Qemu-devel] [PATCH v5 05/11] linux-user: fix mmap/munmap/mprotect/mremap/shmat

2018-03-07 Thread Laurent Vivier
Le 07/03/2018 à 07:36, Max Filippov a écrit : > In linux-user QEMU that runs for a target with TARGET_ABI_BITS bigger > than L1_MAP_ADDR_SPACE_BITS an assertion in page_set_flags fires when > mmap, munmap, mprotect, mremap or shmat is called for an address outside > the guest address space. mmap

Re: [Qemu-devel] [Qemu-block] [PATCH 2/2] iotests: add 208 nbd-server + blockdev-snapshot-sync test case

2018-03-07 Thread Max Reitz
On 2018-03-07 11:55, Stefan Hajnoczi wrote: > On Tue, Mar 6, 2018 at 11:25 PM, Stefano Panella wrote: >> I have applied this patch and when I run the following qmp commands I I do >> not see the crash anymore but there is still something wrong because only >> /root/a is opened

Re: [Qemu-devel] [Qemu-block] [PATCH 2/2] iotests: add 208 nbd-server + blockdev-snapshot-sync test case

2018-03-07 Thread Max Reitz
On 2018-03-07 17:43, Stefano Panella wrote: > > > On Wed, Mar 7, 2018 at 4:16 PM, Stefan Hajnoczi > wrote: >> >> On Wed, Mar 7, 2018 at 1:57 PM, Stefano Panella > wrote: >> > On Wed, Mar 7, 2018 at

[Qemu-devel] [PATCH v11 03/28] exec: add debug version of physical memory read and write API

2018-03-07 Thread Brijesh Singh
Adds the following new APIs - cpu_physical_memory_read_debug - cpu_physical_memory_write_debug - cpu_physical_memory_rw_debug - ldl_phys_debug - ldq_phys_debug Cc: Paolo Bonzini Cc: Peter Crosthwaite Cc: Richard Henderson

[Qemu-devel] [PATCH v11 01/28] memattrs: add debug attribute

2018-03-07 Thread Brijesh Singh
Extend the MemTxAttrs to include 'debug' flag. The flag can be used as general indicator that operation was triggered by the debugger. Later in the patch series we set the debug=1 when issuing a memory access from the gdbstub or HMP commands. This patch is prerequisite to support debugging the

[Qemu-devel] [PATCH v11 00/28] x86: Secure Encrypted Virtualization (AMD)

2018-03-07 Thread Brijesh Singh
This patch series provides support for AMD's new Secure Encrypted Virtualization (SEV) feature. SEV is an extension to the AMD-V architecture which supports running multiple VMs under the control of a hypervisor. The SEV feature allows the memory contents of a virtual machine (VM) to be

[Qemu-devel] [PATCH v11 02/28] exec: add ram_debug_ops support

2018-03-07 Thread Brijesh Singh
Currently, the guest memory access for the debug purpose is performed using the memcpy(). Lets extend the 'struct MemoryRegion' to include ram_debug_ops callbacks. The ram_debug_ops can be used to override memcpy() with something else. The feature can be used by encrypted guest -- which can

[Qemu-devel] [PATCH v11 07/28] docs: add AMD Secure Encrypted Virtualization (SEV)

2018-03-07 Thread Brijesh Singh
Create a documentation entry to describe the AMD Secure Encrypted Virtualization (SEV) feature. Cc: Paolo Bonzini Signed-off-by: Brijesh Singh --- docs/amd-memory-encryption.txt | 92 ++ 1 file changed, 92

[Qemu-devel] [PATCH v11 04/28] monitor/i386: use debug APIs when accessing guest memory

2018-03-07 Thread Brijesh Singh
Updates HMP commands to use the debug version of APIs when accessing the guest memory. Cc: Paolo Bonzini Cc: Peter Crosthwaite Cc: Richard Henderson Cc: "Dr. David Alan Gilbert" Cc: Markus Armbruster

[Qemu-devel] [PATCH v11 05/28] machine: add -memory-encryption property

2018-03-07 Thread Brijesh Singh
When CPU supports memory encryption feature, the property can be used to specify the encryption object to use when launching an encrypted guest. Cc: Paolo Bonzini Cc: Eduardo Habkost Cc: Marcel Apfelbaum Cc: Stefan Hajnoczi

[Qemu-devel] [PATCH v11 09/28] qmp: add query-sev command

2018-03-07 Thread Brijesh Singh
The QMP query command can used to retrieve the SEV information when memory encryption is enabled on AMD platform. Cc: Eric Blake Cc: "Daniel P. Berrangé" Cc: "Dr. David Alan Gilbert" Cc: Markus Armbruster

[Qemu-devel] [PATCH v11 06/28] kvm: update kvm.h to include memory encryption ioctls

2018-03-07 Thread Brijesh Singh
Updates kmv.h to include memory encryption ioctls and SEV commands. Cc: Christian Borntraeger Cc: Cornelia Huck Cc: Paolo Bonzini Signed-off-by: Brijesh Singh --- linux-headers/linux/kvm.h | 90

[Qemu-devel] [PATCH v11 12/28] sev/i386: register the guest memory range which may contain encrypted data

2018-03-07 Thread Brijesh Singh
When SEV is enabled, the hardware encryption engine uses a tweak such that the two identical plaintext at different location will have a different ciphertexts. So swapping or moving a ciphertexts of two guest pages will not result in plaintexts being swapped. Hence relocating a physical backing

[Qemu-devel] [PATCH v11 10/28] include: add psp-sev.h header file

2018-03-07 Thread Brijesh Singh
The header file provide the ioctl command and structure to communicate with /dev/sev device. Cc: Paolo Bonzini Cc: Richard Henderson Cc: Eduardo Habkost Signed-off-by: Brijesh Singh ---

[Qemu-devel] [PATCH v11 14/28] hmp: add 'info sev' command

2018-03-07 Thread Brijesh Singh
The command can be used to show the SEV information when memory encryption is enabled on AMD platform. Cc: Eric Blake Cc: "Daniel P. Berrangé" Cc: "Dr. David Alan Gilbert" Cc: Markus Armbruster Reviewed-by: "Dr.

[Qemu-devel] [PATCH v11 11/28] sev/i386: add command to initialize the memory encryption context

2018-03-07 Thread Brijesh Singh
When memory encryption is enabled, KVM_SEV_INIT command is used to initialize the platform. The command loads the SEV related persistent data from non-volatile storage and initializes the platform context. This command should be first issued before invoking any other guest commands provided by the

[Qemu-devel] [PATCH v11 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object

2018-03-07 Thread Brijesh Singh
Add a new memory encryption object 'sev-guest'. The object will be used to create enrypted VMs on AMD EPYC CPU. The object provides the properties to pass guest owner's public Diffie-hellman key, guest policy and session information required to create the memory encryption context within the SEV

[Qemu-devel] [PATCH v11 13/28] kvm: introduce memory encryption APIs

2018-03-07 Thread Brijesh Singh
Inorder to integerate the Secure Encryption Virtualization (SEV) support add few high-level memory encryption APIs which can be used for encrypting the guest memory region. Cc: Paolo Bonzini Cc: k...@vger.kernel.org Signed-off-by: Brijesh Singh ---

[Qemu-devel] [PATCH v11 15/28] sev/i386: add command to create launch memory encryption context

2018-03-07 Thread Brijesh Singh
The KVM_SEV_LAUNCH_START command creates a new VM encryption key (VEK). The encryption key created with the command will be used for encrypting the bootstrap images (such as guest bios). Cc: Paolo Bonzini Cc: Richard Henderson Cc: Eduardo Habkost

[Qemu-devel] [PATCH v11 20/28] hw/i386: set ram_debug_ops when memory encryption is enabled

2018-03-07 Thread Brijesh Singh
When memory encryption is enabled, the guest RAM and boot flash ROM will contain the encrypted data. By setting the debug ops allow us to invoke encryption APIs when accessing the memory for the debug purposes. Cc: Paolo Bonzini Cc: Richard Henderson Cc:

[Qemu-devel] [PATCH v11 19/28] sev/i386: finalize the SEV guest launch flow

2018-03-07 Thread Brijesh Singh
SEV launch flow requires us to issue LAUNCH_FINISH command before guest is ready to run. Cc: Paolo Bonzini Cc: Richard Henderson Cc: Eduardo Habkost Signed-off-by: Brijesh Singh --- target/i386/sev.c|

[Qemu-devel] [PATCH v11 17/28] target/i386: encrypt bios rom

2018-03-07 Thread Brijesh Singh
SEV requires that guest bios must be encrypted before booting the guest. Cc: "Michael S. Tsirkin" Cc: Paolo Bonzini Cc: Richard Henderson Cc: Eduardo Habkost Signed-off-by: Brijesh Singh ---

[Qemu-devel] [PATCH v11 16/28] sev/i386: add command to encrypt guest memory region

2018-03-07 Thread Brijesh Singh
The KVM_SEV_LAUNCH_UPDATE_DATA command is used to encrypt a guest memory region using the VM Encryption Key created using LAUNCH_START. Cc: Paolo Bonzini Cc: Richard Henderson Cc: Eduardo Habkost Signed-off-by: Brijesh Singh

[Qemu-devel] [PATCH v11 23/28] qmp: add query-sev-launch-measure command

2018-03-07 Thread Brijesh Singh
The command can be used by libvirt to retrieve the measurement of SEV guest. This measurement is a signature of the memory contents that was encrypted through the LAUNCH_UPDATE_DATA. Cc: "Daniel P. Berrangé" Cc: "Dr. David Alan Gilbert" Cc: Markus

[Qemu-devel] [PATCH v11 18/28] sev/i386: add support to LAUNCH_MEASURE command

2018-03-07 Thread Brijesh Singh
During machine creation we encrypted the guest bios image, the LAUNCH_MEASURE command can be used to retrieve the measurement of the encrypted memory region. This measurement is a signature of the memory contents that can be sent to the guest owner as an attestation that the memory was encrypted

[Qemu-devel] [PATCH v11 22/28] target/i386: clear C-bit when walking SEV guest page table

2018-03-07 Thread Brijesh Singh
In SEV-enabled guest the pte entry will have C-bit set, we need to clear the C-bit when walking the page table. Cc: Paolo Bonzini Cc: Richard Henderson Cc: Eduardo Habkost Signed-off-by: Brijesh Singh ---

[Qemu-devel] [PATCH v11 26/28] qmp: add query-sev-capabilities command

2018-03-07 Thread Brijesh Singh
The command can be used by libvirt to query the SEV capabilities. Cc: "Daniel P. Berrangé" Cc: "Dr. David Alan Gilbert" Cc: Markus Armbruster Signed-off-by: Brijesh Singh --- monitor.c | 7

[Qemu-devel] [PATCH v11 28/28] tests/qmp-test: blacklist sev specific qmp commands

2018-03-07 Thread Brijesh Singh
Blacklist the following commands to fix the 'make check' failure. query-sev-launch-measure: it returns meaninful data only when we launch SEV guest otherwise the command returns an error. query-sev: it return an error when SEV is not available on host (e.g non X86 platform or KVM is disabled at

[Qemu-devel] [PATCH v11 21/28] sev/i386: add debug encrypt and decrypt commands

2018-03-07 Thread Brijesh Singh
KVM_SEV_DBG_DECRYPT and KVM_SEV_DBG_ENCRYPT commands are used for decrypting and encrypting guest memory region. The command works only if the guest policy allows the debugging. Cc: Paolo Bonzini Cc: Richard Henderson Cc: Eduardo Habkost

[Qemu-devel] [PATCH v11 27/28] sev/i386: add sev_get_capabilities()

2018-03-07 Thread Brijesh Singh
The function can be used to get the current SEV capabilities. The capabilities include platform diffie-hellman key (pdh) and certificate chain. The key can be provided to the external entities which wants to establish a trusted channel between SEV firmware and guest owner. Cc: Paolo Bonzini

[Qemu-devel] [PATCH v11 25/28] cpu/i386: populate CPUID 0x8000_001F when SEV is active

2018-03-07 Thread Brijesh Singh
When SEV is enabled, CPUID 0x8000_001F should provide additional information regarding the feature (such as which page table bit is used to mark the pages as encrypted etc). The details for memory encryption CPUID is available in AMD APM (https://support.amd.com/TechDocs/24594.pdf) Section E.4.17

[Qemu-devel] [PATCH] make: switch language file build to be gtk module aware

2018-03-07 Thread Bruce Rogers
Now that gtk support builds as a module, CONFIG_GTK changed from y to m. Adjust Makefile correspondingly. Signed-off-by: Bruce Rogers --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 9a75c48ae0..026fa17dc0 100644 ---

Re: [Qemu-devel] [PATCH v5 1/1] s390x/sclp: extend SCLP event masks to 64 bits

2018-03-07 Thread Cornelia Huck
On Wed, 7 Mar 2018 16:10:34 +0100 Claudio Imbrenda wrote: > Extend the SCLP event masks to 64 bits. > > Notice that using any of the new bits results in a state that cannot be > migrated to an older version. > > Signed-off-by: Claudio Imbrenda

[Qemu-devel] [PATCH v2 4/8] ovmf: simplify SecurityStubDxe.inf inclusion

2018-03-07 Thread marcandre . lureau
From: Marc-André Lureau SecurityStubDxe.inf should be included unconditionally. Cc: Laszlo Ersek Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Marc-André Lureau --- OvmfPkg/OvmfPkgIa32.dsc

[Qemu-devel] [PATCH v2 3/8] MdeModulePkg: fix REGISITER -> REGISTER

2018-03-07 Thread marcandre . lureau
From: Marc-André Lureau Cc: Laszlo Ersek Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Marc-André Lureau --- MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c | 18 +-

Re: [Qemu-devel] [PATCH] sdl: workaround bug in sdl 2.0.8 headers

2018-03-07 Thread Daniel P . Berrangé
On Wed, Mar 07, 2018 at 04:42:57PM +0100, Gerd Hoffmann wrote: > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892087 > > Signed-off-by: Gerd Hoffmann > --- > configure | 1 + > 1 file changed, 1 insertion(+) Reviewed-by: Daniel P. Berrangé > >

[Qemu-devel] [PATCH v2 0/8] RFC: ovmf: preliminary TPM2 support

2018-03-07 Thread marcandre . lureau
From: Marc-André Lureau Hi, The following series adds basic TPM2 support for OVMF-on-QEMU (I haven't tested TPM1, for lack of interest). It links with the modules to initializes the device in PEI phase, and do measurements (both PEI and DXE). The Tcg2Dxe module

[Qemu-devel] [PATCH v2 7/8] ovmf: link with Tcg2Dxe module

2018-03-07 Thread marcandre . lureau
From: Marc-André Lureau This module measures and log the boot environment. It also produces the Tcg2 protocol, which allows for example to read the log from OS. The linux kernel doesn't yet read the EFI_TCG2_EVENT_LOG_FORMAT_TCG_2, which is required for crypto-agile

[Qemu-devel] [PATCH v2 1/8] SecurityPkg: also clear HashInterfaceHob.SupportedHashMask

2018-03-07 Thread marcandre . lureau
From: Marc-André Lureau Commit 4cc2b63bd829426b05bad0d8952f1855a10d6ed7 fixed an out of bounds ZeroMem() call. However, as Laszlo Ersek pointed out, the intent was to clear all but the Identifier (to revert the effect of RegisterHashInterfaceLib()). For that, it

Re: [Qemu-devel] [Qemu-block] [PATCH 2/2] iotests: add 208 nbd-server + blockdev-snapshot-sync test case

2018-03-07 Thread Stefan Hajnoczi
On Wed, Mar 7, 2018 at 1:57 PM, Stefano Panella wrote: > On Wed, Mar 7, 2018 at 10:55 AM, Stefan Hajnoczi wrote: >> >> On Tue, Mar 6, 2018 at 11:25 PM, Stefano Panella >> wrote: >> > I have applied this patch and when I run the

Re: [Qemu-devel] [PATCH v9 03/14] hw/arm/smmu-common: VMSAv8-64 page table walk

2018-03-07 Thread Auger Eric
Hi Peter, On 06/03/18 20:43, Peter Maydell wrote: > On 17 February 2018 at 18:46, Eric Auger wrote: >> This patch implements the page table walk for VMSAv8-64. >> >> Signed-off-by: Eric Auger >> >> --- >> v8 -> v9: >> - remove guest error log on PTE

Re: [Qemu-devel] [PATCH v9 03/14] hw/arm/smmu-common: VMSAv8-64 page table walk

2018-03-07 Thread Peter Maydell
On 7 March 2018 at 16:23, Auger Eric wrote: > Hi Peter, > > On 06/03/18 20:43, Peter Maydell wrote: >> On 17 February 2018 at 18:46, Eric Auger wrote: >>> +int smmu_ptw(SMMUTransCfg *cfg, dma_addr_t iova, IOMMUAccessFlags perm, >>> +

Re: [Qemu-devel] [PATCH v2 2/8] SecurityPkg/Tcg2Pei: drop PeiReadOnlyVariable from Depex

2018-03-07 Thread Yao, Jiewen
Reviewed-by: jiewen@intel.com > -Original Message- > From: marcandre.lur...@redhat.com [mailto:marcandre.lur...@redhat.com] > Sent: Wednesday, March 7, 2018 11:58 PM > To: edk2-de...@lists.01.org > Cc: pjo...@redhat.com; Yao, Jiewen ; >

Re: [Qemu-devel] [PATCH v2 5/5] s390x/cpumodel: Set up CPU model for AP device support

2018-03-07 Thread Pierre Morel
On 07/03/2018 15:41, Cornelia Huck wrote: On Wed, 7 Mar 2018 11:09:46 +0100 Pierre Morel wrote: What I mean is the reverse implication ECA_APIE => ap=on But you can have ap = on and ECA_APIE = off This is interception or emulation. and the second thing is that we

[Qemu-devel] [PATCH v2 2/8] SecurityPkg/Tcg2Pei: drop PeiReadOnlyVariable from Depex

2018-03-07 Thread marcandre . lureau
From: Marc-André Lureau The module doesn't use read-only variable. Cc: Laszlo Ersek Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Marc-André Lureau --- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf |

[Qemu-devel] [PATCH v2 5/8] ovmf: add OvmfPkg Tcg2ConfigPei module

2018-03-07 Thread marcandre . lureau
From: Marc-André Lureau The Tcg2ConfigPei module informs the firmware globally about the TPM device type, by setting the PcdTpmInstanceGuid PCD to the appropriate GUID value. The original module under SecurityPkg can perform device detection, or read a cached value

[Qemu-devel] [PATCH v2 8/8] ovmf: add DxeTpm2MeasureBootLib

2018-03-07 Thread marcandre . lureau
From: Marc-André Lureau The library registers a security management handler, to measure images that are not measure in PEI phase. This seems to work for example with the qemu PXE rom: Loading driver at 0x0003E6C2000 EntryPoint=0x0003E6C9076 8086100e.efi And the

Re: [Qemu-devel] [RFC] qemu-img: Drop BLK_ZERO from convert

2018-03-07 Thread Max Reitz
On 2018-03-06 18:37, Kevin Wolf wrote: > Am 06.03.2018 um 14:47 hat Stefan Hajnoczi geschrieben: >> On Wed, Feb 28, 2018 at 09:11:32PM +0100, Max Reitz wrote: >>> On 2018-02-28 19:08, Max Reitz wrote: On 2018-02-27 17:17, Stefan Hajnoczi wrote: > On Mon, Feb 26, 2018 at 06:03:13PM +0100,

[Qemu-devel] [PATCH v2 6/8] ovmf: link with Tcg2Pei module

2018-03-07 Thread marcandre . lureau
From: Marc-André Lureau This module will initialize TPM device, measure reported FVs and BIOS version. We keep both SHA-1 and SHA-256 for the TCG 1.2 log format compatibility, but the SHA-256 measurements and TCG 2 log format are now recommended. Cc: Laszlo Ersek

[Qemu-devel] [PATCH] s390x/virtio: Convert virtio-ccw from *_exit to *_unrealize

2018-03-07 Thread Nia Alarie
Signed-off-by: Nia Alarie --- hw/s390x/virtio-ccw.c | 34 +- hw/s390x/virtio-ccw.h | 2 +- 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/hw/s390x/virtio-ccw.c b/hw/s390x/virtio-ccw.c index 8f7fbc2ab7..e51fbefd23 100644 ---

Re: [Qemu-devel] [RFC] qemu-img: Drop BLK_ZERO from convert

2018-03-07 Thread Paolo Bonzini
On 07/03/2018 16:57, Max Reitz wrote: (2) For sparse raw images, this is absolutely devastating. Reading them now takes more than (ext4) or nearly (xfs) twice as much time as reading a fully allocated image. So much for "if a filesystem driver has any sense". >> Are you sure

Re: [Qemu-devel] [Qemu-block] [PATCH 2/2] iotests: add 208 nbd-server + blockdev-snapshot-sync test case

2018-03-07 Thread Stefano Panella
On Wed, Mar 7, 2018 at 4:16 PM, Stefan Hajnoczi wrote: > > On Wed, Mar 7, 2018 at 1:57 PM, Stefano Panella wrote: > > On Wed, Mar 7, 2018 at 10:55 AM, Stefan Hajnoczi wrote: > >> > >> On Tue, Mar 6, 2018 at 11:25 PM, Stefano Panella

<    1   2   3   4