Select Git revision
Search by author
- Any Author
- authors
-
Aihua Liang aliang1
-
Alex Bennée stsquad
-
Alex Williamson alex.williamson
-
Alexander Bulekov a1xndr
-
Alexander Graf agraf
-
Alistair Francis alistair23
-
Ani Sinha
anisinha
-
Bastian Koppelmann kbastian-qemu
-
Bin Meng lbmeng
-
Christian Borntraeger cborntra
-
Christian Schoenebeck schoenebeck
-
Cleber Rosa cleber.gnu
-
Cornelia Huck cohuck
-
Cédric Le Goater
legoater
-
Cédric Le Goater
clegoate
-
Daniel Henrique Barboza
danielhb
-
Daniel P. Berrangé
berrange
-
David Hildenbrand davidhildenbrand
-
David Woodhouse
dwmw2
-
Dr. David Alan Gilbert
dagrh
- Jul 04, 2021
-
-
Marcel Apfelbaum authored
Ensure mremap boundaries not trusting the guest kernel to pass the correct buffer length. Fixes: CVE-2021-3582 Reported-by:
VictorV (Kunlun Lab) <vv474172261@gmail.com> Tested-by:
Marcel Apfelbaum <marcel@redhat.com> Message-Id: <20210616110600.20889-1-marcel.apfelbaum@gmail.com> Reviewed-by:
Yuval Shaia <yuval.shaia.ml@gmail.com> Tested-by:
Prasad J Pandit <pjp@fedoraproject.org> Signed-off-by:
Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
-
- Jul 02, 2021
-
-
Peter Maydell authored
Block layer patches - Supporting changing 'file' in x-blockdev-reopen - ssh: add support for sha256 host key fingerprints - vhost-user-blk: Implement reconnection during realize - introduce QEMU_AUTO_VFREE - Don't require password of encrypted backing file for image creation - Code cleanups # gpg: Signature made Wed 30 Jun 2021 17:00:55 BST # gpg: using RSA key DC3DEB159A9AF95D3D7456FE7F09B272C88F2FD6 # gpg: issuer "kwolf@redhat.com" # gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full] # Primary key fingerprint: DC3D EB15 9A9A F95D 3D74 56FE 7F09 B272 C88F 2FD6 * remotes/kevin/tags/for-upstream: (24 commits) vhost-user-blk: Implement reconnection during realize vhost-user-blk: Factor out vhost_user_blk_realize_connect() vhost: Distinguish errors in vhost_dev_get_config() vhost-user-blk: Add Error parameter to vhost_user_blk_start() vhost: Return 0/-errno in vhost_dev_init() vhost: Distinguish errors in vhost_backend_init() vhost: Add Error parameter to vhost_dev_init() block/ssh: add support for sha256 host key fingerprints block/commit: use QEMU_AUTO_VFREE introduce QEMU_AUTO_VFREE iotests: Test replacing files with x-blockdev-reopen block: Allow changing bs->file on reopen block: BDRVReopenState: drop replace_backing_bs field block: move supports_backing check to bdrv_set_file_or_backing_noperm() block: bdrv_reopen_parse_backing(): simplify handling implicit filters block: bdrv_reopen_parse_backing(): don't check frozen child block: bdrv_reopen_parse_backing(): don't check aio context block: introduce bdrv_set_file_or_backing_noperm() block: introduce bdrv_remove_file_or_backing_child() block: comment graph-modifying function not updating permissions ... Signed-off-by:Peter Maydell <peter.maydell@linaro.org>
-
Peter Maydell authored
Hide build time dependancy on gnutls fom non-crypto code # gpg: Signature made Wed 30 Jun 2021 12:18:47 BST # gpg: using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF # gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full] # gpg: aka "Daniel P. Berrange <berrange@redhat.com>" [full] # Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF * remotes/berrange-gitlab/tags/tls-deps-pull-request: crypto: Make QCryptoTLSCreds* structures private ui/vnc: Use qcrypto_tls_creds_check_endpoint() migration/tls: Use qcrypto_tls_creds_check_endpoint() chardev/socket: Use qcrypto_tls_creds_check_endpoint() qemu-nbd: Use qcrypto_tls_creds_check_endpoint() block/nbd: Use qcrypto_tls_creds_check_endpoint() crypto/tlscreds: Introduce qcrypto_tls_creds_check_endpoint() helper Signed-off-by:
-
- Jul 01, 2021
-
-
Peter Maydell authored
TranslatorOps conversion for target/avr TranslatorOps conversion for target/cris TranslatorOps conversion for target/nios2 Simple vector operations on TCGv_i32 Host signal fixes for *BSD Improvements to tcg bswap operations # gpg: Signature made Tue 29 Jun 2021 19:51:03 BST # gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F # gpg: issuer "richard.henderson@linaro.org" # gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full] # Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F * remotes/rth-gitlab/tags/pull-tcg-20210629: (63 commits) tcg/riscv: Remove MO_BSWAP handling tcg/aarch64: Unset TCG_TARGET_HAS_MEMORY_BSWAP tcg/arm: Unset TCG_TARGET_HAS_MEMORY_BSWAP target/mips: Fix gen_mxu_s32ldd_s32lddr target/sh4: Improve swap.b translation target/i386: Improve bswap translation target/arm: Improve REVSH target/arm: Improve vector REV target/arm: Improve REV32 tcg: Make use of bswap flags in tcg_gen_qemu_st_* tcg: Make use of bswap flags in tcg_gen_qemu_ld_* tcg: Add flags argument to tcg_gen_bswap16_*, tcg_gen_bswap32_i64 tcg: Handle new bswap flags during optimize tcg/tci: Support bswap flags tcg/mips: Support bswap flags in tcg_out_bswap32 tcg/mips: Support bswap flags in tcg_out_bswap16 tcg/s390: Support bswap flags tcg/ppc: Use power10 byte-reverse instructions tcg/ppc: Support bswap flags tcg/ppc: Split out tcg_out_bswap64 ... Signed-off-by: -
Peter Maydell authored
Pull request Patch 01/15 fixes the check-python-tox test. # gpg: Signature made Thu 01 Jul 2021 03:01:20 BST # gpg: using RSA key F9B7ABDBBCACDF95BE76CBD07DEF8106AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@redhat.com>" [full] # Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB # Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E * remotes/jsnow-gitlab/tags/python-pull-request: python: Fix broken ReST docstrings python: remove auto-generated pyproject.toml file python: Update help text on 'make clean', 'make distclean' python: Update help text on 'make check', 'make develop' python: add 'make check-dev' invocation python: only check qemu/ subdir with flake8 python: Fix .PHONY Make specifiers python: update help text for check-tox python: rename 'venv-check' target to 'check-pipenv' python: Add no-install usage instructions python: README.rst touchups python: Re-lock pipenv at *oldest* supported versions python: Remove global pylint suppressions python: expose typing information via PEP 561 python/qom: Do not use 'err' name at module scope Signed-off-by: -
John Snow authoredThis patch *doesn't* update all of the docstring standards across the QEMU package directory to make our docstring usage consistent. It *doesn't* fix the formatting to make it look pretty or reasonable in generated output. It *does* fix a few small instances where Sphinx would emit a build warning because of malformed ReST -- If we built our Python docs with Sphinx. Signed-off-by:
John Snow <jsnow@redhat.com> Reviewed-by:
Willian Rampazzo <willianr@redhat.com> Reviewed-by:
Wainer dos Santos Moschetta <wainersm@redhat.com> Message-id: 20210629214323.1329806-16-jsnow@redhat.com Signed-off-by:
-
John Snow authored
For reasons that at-present escape me, pipenv insists on creating a stub pyproject.toml file. This file is a nuisance, because its mere presence changes the behavior of various tools. For instance, this stub file will cause "pip install --user -e ." to fail in spectacular fashion with misleading errors. "pip install -e ." works okay, but for some reason pip does not support editable installs to the user directory when using PEP517. References: https://github.com/pypa/pip/pull/9990 https://github.com/pypa/pip/issues/7953 As outlined in ea1213b7, it is still too early for us to consider moving to a PEP-517 exclusive package. We must support older distributions, so squash the annoyance for now. (Python 3.6 shipped Dec 2016, PEP517 support showed up in pip sometime in 2019 or so.) Add 'pyproject.toml' to the 'make clean' target, and also delete it after every pipenv invocation issued by the Makefile. Signed-off-by:
-
John Snow authored
Update for visual parity with all the remaining targets. Signed-off-by:
-
John Snow authored
Update for visual parity with the other targets. Signed-off-by:
-
John Snow authored
This is a *third* way to run the Python tests. Unlike the first two (check-pipenv, check-tox), this version does not require any specific interpreter version -- making it a lot easier to tell people to run it as a quick smoketest prior to submission to GitLab CI. Summary: Checked via GitLab CI: - check-pipenv: tests our oldest python & dependencies - check-tox: tests newest dependencies on all non-EOL python versions Executed only incidentally: - check-dev: tests newest dependencies on whichever python version ('make check' does not set up any environment at all, it just runs the tests in your current environment. All four invocations perform the exact same tests, just in different execution environments.) Signed-off-by: -
John Snow authored
flake8 is a little eager to check everything it can. Limit it to checking inside the qemu namespace directory only. Update setup.cfg now that the exclude patterns are no longer necessary. Signed-off-by:
-
John Snow authored
I missed the 'check-tox' target. Add that, but split the large .PHONY specifier at the top into its component pieces and move them near the targets they describe so that they're much harder to forget to update. Signed-off-by:
-
John Snow authored
Move it up near the check-pipenv help text, and update it to suggest parity. (At the time I first added it, I wasn't sure if I would be keeping it, but I've come to appreciate it as it has actually helped uncover bugs I would not have noticed without it. It should stay.) Signed-off-by:
-
John Snow authored
Well, Cleber was right, this is a better name. In preparation for adding a different kind of virtual environment check (One that simply uses whichever version of Python you happen to have), rename this test 'check-pipenv' so that it matches the CI job 'check-python-pipenv'. Remove the "If you don't know which test to run" hint, because it's not actually likely you have Python 3.6 installed to be able to run the test. It's still the test I'd most prefer you to run, but it's not the test you are most likely to be able to run. Rename the 'venv' target to 'pipenv' as well, and move the more pertinent help text under the 'check-pipenv' target. Signed-off-by:
-
John Snow authored
It's not encouraged, but it's legitimate to want to know how to do. Signed-off-by:
-
John Snow authored
Clarifying a few points; removing the reference to 'setuptools' because it isn't referenced anywhere else in this document and doesn't really provide any useful information to a Python newcomer. Adjusting the language elsewhere to be less ambiguous and have fewer run-on sentences. Signed-off-by:
-
John Snow authored
tox is already testing the most recent versions. Let's use pipenv to test the oldest versions we claim to support. This matches the stylistic choice to have pipenv always test our oldest supported Python version, 3.6. The effect of this is that the python-check-pipenv CI job on gitlab will now test against much older versions of these linters, which will help highlight incompatible changes that might otherwise go unnoticed. Update instructions for adding and bumping versions in setup.cfg. The reason for deleting the line that gets added to Pipfile is largely just to avoid having the version minimums specified in multiple places in config checked into the tree. (This patch was written by deleting Pipfile and Pipfile.lock, then explicitly installing each dependency manually at a specific version. Then, I restored the prior Pipfile and re-ran `pipenv lock --dev --keep-outdated` to re-add the qemu dependency back to the pipenv environment while keeping the "old" packages. It's annoying, yes, but I think the improvement to test coverage is worthwhile.) Signed-off-by:
-
John Snow authored
These suppressions only apply to a small handful of places. Instead of disabling them globally, disable them just in the cases where we need. The design of the machine class grew quite organically with tons of constructor and class instance variables -- there's little chance of meaningfully refactoring it in the near term, so just suppress the warnings for that class. Signed-off-by:
-
John Snow authored
https://www.python.org/dev/peps/pep-0561/#specification Create 'py.typed' files in each subpackage that indicate to mypy that this is a typed module, so that users of any of these packages can use mypy to check their code as well. Note: Theoretically it's possible to ditch MANIFEST.in in favor of using package_data in setup.cfg, but I genuinely could not figure out how to get it to include things from the *source root* into the *package root*; only how to include things from each subpackage. I tried! Signed-off-by:
-
John Snow authored
Pylint updated to 2.9.0 upstream, adding new warnings for things that re-use the 'err' variable. Luckily, this only breaks the python-check-tox job, which is allowed to fail as a warning. Signed-off-by:
-
- Jun 30, 2021
-
-
Peter Maydell authored
hw/nvme patches * namespace eui64 support (Heinrich) * aiocb refactoring (Klaus) * controller parameter for auto zone transitioning (Niklas) * misc fixes and additions (Gollu, Klaus, Keith) # gpg: Signature made Tue 29 Jun 2021 19:46:55 BST # gpg: using RSA key 522833AA75E2DCE6A24766C04DE1AF316D4F0DE9 # gpg: Good signature from "Klaus Jensen <its@irrelevant.dk>" [unknown] # gpg: aka "Klaus Jensen <k.jensen@samsung.com>" [unknown] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: DDCA 4D9C 9EF9 31CC 3468 4272 63D5 6FC5 E55D A838 # Subkey fingerprint: 5228 33AA 75E2 DCE6 A247 66C0 4DE1 AF31 6D4F 0DE9 * remotes/nvme/tags/nvme-next-pull-request: (23 commits) hw/nvme: add 'zoned.zasl' to documentation hw/nvme: fix pin-based interrupt behavior (again) hw/nvme: fix missing check for PMR capability hw/nvme: documentation fix hw/nvme: fix endianess conversion and add controller list Partially revert "hw/block/nvme: drain namespaces on sq deletion" hw/nvme: reimplement format nvm to allow cancellation hw/nvme: reimplement zone reset to allow cancellation hw/nvme: reimplement the copy command to allow aio cancellation hw/nvme: add dw0/1 to the req completion trace event hw/nvme: use prinfo directly in nvme_check_prinfo and nvme_dif_check hw/nvme: remove assert from nvme_get_zone_by_slba hw/nvme: save reftag when generating pi hw/nvme: reimplement dsm to allow cancellation hw/nvme: add nvme_block_status_all helper hw/nvme: reimplement flush to allow cancellation hw/nvme: default for namespace EUI-64 hw/nvme: namespace parameter for EUI-64 hw/nvme: fix csi field for cns 0x00 and 0x11 hw/nvme: add param to control auto zone transitioning to zone state closed ... Signed-off-by: -
Peter Maydell authored
Fixes for bugs found by inspection and internal testing Tests added to tests/tcg/hexagon/misc.c # gpg: Signature made Tue 29 Jun 2021 17:50:16 BST # gpg: using RSA key 7B0244FB12DE4422 # gpg: Good signature from "Taylor Simpson (Rock on) <tsimpson@quicinc.com>" [undefined] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 3635 C788 CE62 B91F D4C5 9AB4 7B02 44FB 12DE 4422 * remotes/quic/tags/pull-hex-20210629: Hexagon (target/hexagon) remove unused TCG variables Hexagon (target/hexagon) cleanup gen_store_conditional[48] functions Hexagon (target/hexagon) fix l2fetch instructions Hexagon (target/hexagon) fix bug in fLSBNEW* Signed-off-by: -
Kevin Wolf authored
Commit dabefdd6 removed code that was supposed to try reconnecting during .realize(), but actually just crashed and had several design problems. This adds the feature back without the crash in simple cases while also fixing some design problems: Reconnection is now only tried if there was a problem with the connection and not an error related to the content (which would fail again the same way in the next attempt). Reconnection is limited to three attempts (four with the initial attempt) so that we won't end up in an infinite loop if a problem is permanent. If the backend restarts three times in the very short time window of device initialisation, we have bigger problems and erroring out is the right course of action. In the case that a connection error occurs and we reconnect, the error message is printed using error_report_err(), but otherwise ignored. Signed-off-by:
Kevin Wolf <kwolf@redhat.com> Message-Id: <20210609154658.350308-8-kwolf@redhat.com> Reviewed-by:
Raphael Norwitz <raphael.norwitz@nutanix.com> Signed-off-by:
-
Kevin Wolf authored
This function is the part that we will want to retry if the connection is lost during initialisation, so factor it out to keep the following patch simpler. The error path for vhost_dev_get_config() forgot disconnecting the chardev, add this while touching the code. Signed-off-by:
Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: -
Kevin Wolf authored
Instead of just returning 0/-1 and letting the caller make up a meaningless error message, add an Error parameter to allow reporting the real error and switch to 0/-errno so that different kind of errors can be distinguished in the caller. config_len in vhost_user_get_config() is defined by the device, so if it's larger than VHOST_USER_MAX_CONFIG_SIZE, this is a programming error. Turn the corresponding check into an assertion. Signed-off-by:
Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: -
Kevin Wolf authored
Instead of letting the caller make up a meaningless error message, add an Error parameter to allow reporting the real error. Signed-off-by:
Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: -
Kevin Wolf authored
Instead of just returning 0/-1 and letting the caller make up a meaningless error message, switch to 0/-errno so that different kinds of errors can be distinguished in the caller. This involves changing a few more callbacks in VhostOps to return 0/-errno: .vhost_set_owner(), .vhost_get_features() and .vhost_virtqueue_set_busyloop_timeout(). The implementations of these functions are trivial as they generally just send a message to the backend. Signed-off-by:
Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: -
Kevin Wolf authored
Instead of just returning 0/-1 and letting the caller make up a meaningless error message, add an Error parameter to allow reporting the real error and switch to 0/-errno so that different kind of errors can be distinguished in the caller. Specifically, in vhost-user, EPROTO is used for all errors that relate to the connection itself, whereas other error codes are used for errors relating to the content of the connection. This will allow us later to automatically reconnect when the connection goes away, without ending up in an endless loop if it's a permanent error in the configuration. Signed-off-by:
Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: -
Kevin Wolf authored
This allows callers to return better error messages instead of making one up while the real error ends up on stderr. Most callers can immediately make use of this because they already have an Error parameter themselves. The others just keep printing the error with error_report_err(). Signed-off-by:
Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: -
Currently the SSH block driver supports MD5 and SHA1 for host key fingerprints. This is a cryptographically sensitive operation and so these hash algorithms are inadequate by modern standards. This adds support for SHA256 which has been supported in libssh since the 0.8.1 release. Signed-off-by:
Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210622115156.138458-1-berrange@redhat.com> Reviewed-by:
Philippe Mathieu-Daudé <philmd@redhat.com> Acked-by:
Richard W.M. Jones <rjones@redhat.com> Signed-off-by:
-
- Jun 29, 2021
-
-
Signed-off-by:
Keith Busch <kbusch@kernel.org> Reviewed-by:
Klaus Jensen <k.jensen@samsung.com> Signed-off-by:
-
Code consuming the "crypto/tlscreds*.h" APIs doesn't need to access its internals. Move the structure definitions to the "tlscredspriv.h" private header (only accessible by implementations). The public headers (in include/) still forward-declare the structures typedef. Note, tlscreds.c and 3 of the 5 modified source files already include "tlscredspriv.h", so only add it to tls-cipher-suites.c and tlssession.c. Removing the internals from the public header solves a bug introduced by commit 7de2e856 ("yank: Unregister function when using TLS migration") which made migration/qemu-file-channel.c include "io/channel-tls.h", itself sometime depends on GNUTLS, leading to a build failure on OSX: [2/35] Compiling C object libmigration.fa.p/migration_qemu-file-channel.c.o FAILED: libmigration.fa.p/migration_qemu-file-channel.c.o cc -Ilibmigration.fa.p -I. -I.. -Iqapi [ ... ] -o libmigration.fa.p/migration_qemu-file-channel.c.o -c ../migration/qemu-file-channel.c In file included from ../migration/qemu-file-channel.c:29: In file included from include/io/channel-tls.h:26: In file included from include/crypto/tlssession.h:24: include/crypto/tlscreds.h:28:10: fatal error: 'gnutls/gnutls.h' file not found #include <gnutls/gnutls.h> ^~~~~~~~~~~~~~~~~ 1 error generated. Reported-by:
Stefan Weil <sw@weilnetz.de> Suggested-by:
-
Avoid accessing QCryptoTLSCreds internals by using the qcrypto_tls_creds_check_endpoint() helper. Signed-off-by:
-
Avoid accessing QCryptoTLSCreds internals by using the qcrypto_tls_creds_check_endpoint() helper. Reviewed-by:
Richard Henderson <richard.henderson@linaro.org> Signed-off-by:
-
Avoid accessing QCryptoTLSCreds internals by using the qcrypto_tls_creds_check_endpoint() helper. Reviewed-by:
-
Avoid accessing QCryptoTLSCreds internals by using the qcrypto_tls_creds_check_endpoint() helper. Tested-by:
Akihiko Odaki <akihiko.odaki@gmail.com> Reviewed-by:
Eric Blake <eblake@redhat.com> Signed-off-by:
-
Avoid accessing QCryptoTLSCreds internals by using the qcrypto_tls_creds_check_endpoint() helper. Reviewed-by:
-
Introduce the qcrypto_tls_creds_check_endpoint() helper to access QCryptoTLSCreds internal 'endpoint' field. Reviewed-by:
-
Richard Henderson authoredTCG_TARGET_HAS_MEMORY_BSWAP is already unset for this backend, which means that MO_BSWAP be handled by the middle-end and will never be seen by the backend. Thus the indexes used with qemu_{ld,st}_helpers will always be zero. Tidy the comments and asserts in tcg_out_qemu_{ld,st}_direct. It is not that we do not handle bswap "yet", but never will. Acked-by:Alistair Francis <alistair.francis@wdc.com> Signed-off-by:
-
Richard Henderson authored
The memory bswap support in the aarch64 backend merely dates from a time when it was required. There is nothing special about the backend support that could not have been provided by the middle-end even prior to the introduction of the bswap flags. Reviewed-by:
-
