Skip to content
Snippets Groups Projects
Select Git revision
  • feature/libtcg-rebase default protected
1 result
Search by author
  • Any Author
  • Anton Anton anjo
1 author
  1. Jan 18, 2022
  3. Jan 16, 2022
    • Peter Maydell's avatar
      Merge remote-tracking branch 'remotes/mcayland/tags/qemu-openbios-20220115' into staging · 6621441d
      Peter Maydell authored 
      
qemu-openbios queue

# gpg: Signature made Sat 15 Jan 2022 17:35:58 GMT
# gpg:                using RSA key CC621AB98E82200D915CC9C45BC2C56FAE0F321F
# gpg:                issuer "mark.cave-ayland@ilande.co.uk"
# gpg: Good signature from "Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>" [full]
# Primary key fingerprint: CC62 1AB9 8E82 200D 915C  C9C4 5BC2 C56F AE0F 321F

* remotes/mcayland/tags/qemu-openbios-20220115:
  roms/openbios: update OpenBIOS images to 04dfc98 built from submodule

Signed-off-by: default avatarPeter Maydell <peter.maydell@linaro.org>
      6621441d
    • Peter Maydell's avatar
      Merge remote-tracking branch 'remotes/konstantin/tags/qga-win32-pull-2022-01-10' into staging · 69353c33
      Peter Maydell authored 
      
[PULL 0/9] qemu-ga-win patches

# gpg: Signature made Sat 15 Jan 2022 22:04:01 GMT
# gpg:                using RSA key C2C2C109EA43C63C1423EB84EF5D5E8161BA84E7
# gpg: Good signature from "Kostiantyn Kostiuk (Upstream PR sign) <kkostiuk@redhat.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: C2C2 C109 EA43 C63C 1423  EB84 EF5D 5E81 61BA 84E7

* remotes/konstantin/tags/qga-win32-pull-2022-01-10:
  qga-win: Detect Windows 11 by build number
  qga-win: Detect OS based on Windows 10 by first build number
  gqa-win: get_pci_info: Replace 'while' with 2 calls of the function
  gqa-win: get_pci_info: Add g_autofree for few variables
  gqa-win: get_pci_info: Split logic to separate functions
  gqa-win: get_pci_info: Free parent_dev_info properly
  gqa-win: get_pci_info: Use common 'end' label
  gqa-win: get_pci_info: Clean dev_info if handle is valid
  MAINTAINERS: Add entry for QEMU Guest Agent Windows components

Signed-off-by: default avatarPeter Maydell <peter.maydell@linaro.org>
      69353c33
  5. Jan 15, 2022
  7. Jan 14, 2022
    • Peter Maydell's avatar
      Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging · 1cd2ad11
      Peter Maydell authored 
      
Block layer patches

- qemu-storage-daemon: Add vhost-user-blk help
- block-backend: Fix use-after-free for BDS pointers after aio_poll()
- qemu-img: Fix sparseness of output image with unaligned ranges
- vvfat: Fix crashes in read-write mode
- Fix device deletion events with -device JSON syntax
- Code cleanups

# gpg: Signature made Fri 14 Jan 2022 13:50:16 GMT
# gpg:                using RSA key DC3DEB159A9AF95D3D7456FE7F09B272C88F2FD6
# gpg:                issuer "kwolf@redhat.com"
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full]
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream:
  iotests/testrunner.py: refactor test_field_width
  block: drop BLK_PERM_GRAPH_MOD
  qemu-img: make is_allocated_sectors() more efficient
  iotests: Test qemu-img convert of zeroed data cluster
  vvfat: Fix vvfat_write() for writes before the root directory
  vvfat: Fix size of temporary qcow file
  iotests/308: Fix for CAP_DAC_OVERRIDE
  iotests/stream-error-on-reset: New test
  block-backend: prevent dangling BDS pointers across aio_poll()
  qapi/block: Restrict vhost-user-blk to CONFIG_VHOST_USER_BLK_SERVER
  qemu-storage-daemon: Add vhost-user-blk help
  docs: Correct 'vhost-user-blk' spelling
  softmmu: fix device deletion events with -device JSON syntax
  include/sysemu/blockdev.h: remove drive_get_max_devs
  include/sysemu/blockdev.h: remove drive_mark_claimed_by_board and inline drive_def
  block_int: make bdrv_backing_overridden static

Signed-off-by: default avatarPeter Maydell <peter.maydell@linaro.org>
      1cd2ad11
    • Peter Maydell's avatar
      Merge remote-tracking branch 'remotes/kraxel/tags/kraxel-20220114-pull-request' into staging · 0b3f07eb
      Peter Maydell authored 
      
- bugfixes for ui, usb, audio, display
- change default display resolution
- add horizontal scrolling support

# gpg: Signature made Fri 14 Jan 2022 06:52:53 GMT
# gpg:                using RSA key A0328CFFB93A17A79901FE7D4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full]
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>" [full]
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full]
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/kraxel-20220114-pull-request:
  ui/input-legacy: pass horizontal scroll information
  ui/sdl2: pass horizontal scroll information to the device code
  ui/gtk: pass horizontal scroll information to the device code
  ui/cocoa: pass horizontal scroll information to the device code
  ps2: Initial horizontal scroll support
  edid: Added support for 4k@60 Hz monitor
  edid: set default resolution to 1280x800 (WXGA)
  hw/mips/jazz: Inline vga_mmio_init() and remove it
  hw/display/vga-mmio: QOM'ify vga_mmio_init() as TYPE_VGA_MMIO
  hw/display/vga-mmio: Inline vga_mm_init()
  hw/display: Rename VGA_ISA_MM -> VGA_MMIO
  uas: add missing return
  ui: fix gtk clipboard clear assertion
  ui/dbus: fix buffer-overflow detected by ASAN
  hw/audio/intel-hda: fix stream reset
  dsoundaudio: fix crackling audio recordings
  jackaudio: use ifdefs to hide unavailable functions
  ui/vnc.c: Fixed a deadlock bug.
  usb: allow max 8192 bytes for desc
  hw/usb/dev-wacom: add missing HID descriptor

Signed-off-by: default avatarPeter Maydell <peter.maydell@linaro.org>
      0b3f07eb
    • Vladimir Sementsov-Ogievskiy's avatar
      iotests/testrunner.py: refactor test_field_width · e5e74873
      Vladimir Sementsov-Ogievskiy authored 
      
A lot of Optional[] types doesn't make code beautiful.
test_field_width defaults to 8, but that is never used in the code.

More over, if we want some default behavior for single call of
test_run(), it should just print the whole test name, not limiting or
expanding its width, so 8 is bad default.

So, just drop the default as unused for now.

Signed-off-by: default avatarVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20211210201450.101576-1-vsementsov@virtuozzo.com>
Reviewed-by: default avatarJohn Snow <jsnow@redhat.com>
Signed-off-by: default avatarKevin Wolf <kwolf@redhat.com>
      e5e74873
    • Vladimir Sementsov-Ogievskiy's avatar
      block: drop BLK_PERM_GRAPH_MOD · 64631f36
      Vladimir Sementsov-Ogievskiy authored 
      
First, this permission never protected a node from being changed, as
generic child-replacing functions don't check it.

Second, it's a strange thing: it presents a permission of parent node
to change its child. But generally, children are replaced by different
mechanisms, like jobs or qmp commands, not by nodes.

Graph-mod permission is hard to understand. All other permissions
describe operations which done by parent node on its child: read,
write, resize. Graph modification operations are something completely
different.

The only place where BLK_PERM_GRAPH_MOD is used as "perm" (not shared
perm) is mirror_start_job, for s->target. Still modern code should use
bdrv_freeze_backing_chain() to protect from graph modification, if we
don't do it somewhere it may be considered as a bug. So, it's a bit
risky to drop GRAPH_MOD, and analyzing of possible loss of protection
is hard. But one day we should do it, let's do it now.

One more bit of information is that locking the corresponding byte in
file-posix doesn't make sense at all.

Signed-off-by: default avatarVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20210902093754.2352-1-vsementsov@virtuozzo.com>
Signed-off-by: default avatarKevin Wolf <kwolf@redhat.com>
      64631f36
    • Vladimir Sementsov-Ogievskiy's avatar
      qemu-img: make is_allocated_sectors() more efficient · 96054c76
      Vladimir Sementsov-Ogievskiy authored 
      
Consider the case when the whole buffer is zero and end is unaligned.

If i <= tail, we return 1 and do one unaligned WRITE, RMW happens.

If i > tail, we do on aligned WRITE_ZERO (or skip if target is zeroed)
and again one unaligned WRITE, RMW happens.

Let's do better: don't fragment the whole-zero buffer and report it as
ZERO: in case of zeroed target we just do nothing and avoid RMW. If
target is not zeroes, one unaligned WRITE_ZERO should not be much worse
than one unaligned WRITE.

Signed-off-by: default avatarVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20211217164654.1184218-3-vsementsov@virtuozzo.com>
Tested-by: default avatarPeter Lieven <pl@kamp.de>
Signed-off-by: default avatarKevin Wolf <kwolf@redhat.com>
      96054c76
    • Kevin Wolf's avatar
      iotests: Test qemu-img convert of zeroed data cluster · 51cd8bdd
      Kevin Wolf authored 
      
This demonstrates what happens when the block status changes in
sub-min_sparse granularity, but all of the parts are zeroed out. The
alignment logic in is_allocated_sectors() prevents that the target image
remains fully sparse as expected, but turns it into a data cluster of
explicit zeros.

Signed-off-by: default avatarKevin Wolf <kwolf@redhat.com>
Signed-off-by: default avatarVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20211217164654.1184218-2-vsementsov@virtuozzo.com>
Tested-by: default avatarPeter Lieven <pl@kamp.de>
Signed-off-by: default avatarKevin Wolf <kwolf@redhat.com>
      51cd8bdd
    • Kevin Wolf's avatar
      vvfat: Fix vvfat_write() for writes before the root directory · b9b8860d
      Kevin Wolf authored 
      
The calculation in sector2cluster() is done relative to the offset of
the root directory. Any writes to blocks before the start of the root
directory (in particular, writes to the FAT) result in negative values,
which are not handled correctly in vvfat_write().

This changes sector2cluster() to return a signed value, and makes sure
that vvfat_write() doesn't try to find mappings for negative cluster
number. It clarifies the code in vvfat_write() to make it more obvious
that the cluster numbers can be negative.

Signed-off-by: default avatarKevin Wolf <kwolf@redhat.com>
Message-Id: <20211209152231.23756-1-kwolf@redhat.com>
Signed-off-by: default avatarKevin Wolf <kwolf@redhat.com>
      b9b8860d
    • Kevin Wolf's avatar
      vvfat: Fix size of temporary qcow file · 2db9b9e9
      Kevin Wolf authored 
      
The size of the qcow size was calculated so that only the FAT partition
would fit on it, but not the whole disk. However, offsets relative to
the whole disk are used to access it, so increase its size to be large
enough for that.

Signed-off-by: default avatarKevin Wolf <kwolf@redhat.com>
Message-Id: <20211209151815.23495-1-kwolf@redhat.com>
Signed-off-by: default avatarKevin Wolf <kwolf@redhat.com>
      2db9b9e9
    • Hanna Reitz's avatar
      iotests/308: Fix for CAP_DAC_OVERRIDE · e2eec281
      Hanna Reitz authored 
      
With CAP_DAC_OVERRIDE (which e.g. root generally has), permission checks
will be bypassed when opening files.

308 in one instance tries to open a read-only file (FUSE export) with
qemu-io as read/write, and expects this to fail.  However, when running
it as root, opening will succeed (thanks to CAP_DAC_OVERRIDE) and only
the actual write operation will fail.

Note this as "Case not run", but have the test pass in either case.

Reported-by: default avatarVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Fixes: 2c7dd057
       ("export/fuse: Pass default_permissions for mount")
Signed-off-by: default avatarHanna Reitz <hreitz@redhat.com>
Message-Id: <20220103120014.13061-1-hreitz@redhat.com>
Signed-off-by: default avatarKevin Wolf <kwolf@redhat.com>
      e2eec281
    • Hanna Reitz's avatar
      iotests/stream-error-on-reset: New test · 2ca1d5d6
      Hanna Reitz authored 
      Test the following scenario:
- Simple stream block in two-layer backing chain (base and top)
- The job is drained via blk_drain(), then an error occurs while the job
  settles the ongoing request
- And so the job completes while in blk_drain()

This was reported as a segfault, but is fixed by "block-backend: prevent
dangling BDS pointers across aio_poll()".

Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=2036178


Signed-off-by: default avatarHanna Reitz <hreitz@redhat.com>
Signed-off-by: default avatarStefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20220111153613.25453-3-stefanha@redhat.com>
Signed-off-by: default avatarKevin Wolf <kwolf@redhat.com>
      2ca1d5d6
    • Stefan Hajnoczi's avatar
      block-backend: prevent dangling BDS pointers across aio_poll() · 1e3552db
      Stefan Hajnoczi authored 
      The BlockBackend root child can change when aio_poll() is invoked. This
happens when a temporary filter node is removed upon blockjob
completion, for example.

Functions in block/block-backend.c must be aware of this when using a
blk_bs() pointer across aio_poll() because the BlockDriverState refcnt
may reach 0, resulting in a stale pointer.

One example is scsi_device_purge_requests(), which calls blk_drain() to
wait for in-flight requests to cancel. If the backup blockjob is active,
then the BlockBackend root child is a temporary filter BDS owned by the
blockjob. The blockjob can complete during bdrv_drained_begin() and the
last reference to the BDS is released when the temporary filter node is
removed. This results in a use-after-free when blk_drain() calls
bdrv_drained_end(bs) on the dangling pointer.

Explicitly hold a reference to bs across block APIs that invoke
aio_poll().

Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=2021778
Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=2036178


Signed-off-by: default avatarStefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20220111153613.25453-2-stefanha@redhat.com>
Signed-off-by: default avatarKevin Wolf <kwolf@redhat.com>
      1e3552db
    • Philippe Mathieu-Daudé's avatar
      qapi/block: Restrict vhost-user-blk to CONFIG_VHOST_USER_BLK_SERVER · bb01ea73
      Philippe Mathieu-Daudé authored 
      
When building QEMU with --disable-vhost-user and using introspection,
query-qmp-schema lists vhost-user-blk even though it's not actually
available:

  { "execute": "query-qmp-schema" }
  {
      "return": [
          ...
          {
              "name": "312",
              "members": [
                  {
                      "name": "nbd"
                  },
                  {
                      "name": "vhost-user-blk"
                  }
              ],
              "meta-type": "enum",
              "values": [
                  "nbd",
                  "vhost-user-blk"
              ]
          },

Restrict vhost-user-blk in BlockExportType when
CONFIG_VHOST_USER_BLK_SERVER is disabled, so it
doesn't end listed by query-qmp-schema.

Fixes: 90fc91d5 ("convert vhost-user-blk server to block export API")
Signed-off-by: default avatarPhilippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: default avatarPhilippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220107105420.395011-4-f4bug@amsat.org>
Signed-off-by: default avatarKevin Wolf <kwolf@redhat.com>
      bb01ea73