From nobody Sun May 5 17:39:52 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1557493638; cv=none; d=zoho.com; s=zohoarc; b=ST21wSZUU0IueZs6yziTiD7eIYcLMMnB2DjGDedZmNbsKm9io7CYdGTl3EKWkXzPl2/jcp/EVv351xhPOGjUHckVpAt49avb+A23TtZor1HzAF/CtdJidq+1b5TNIb+pCPZa3dqjgvbhM05YncwfQHF1fgN6krKFVK31l1p996Q= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1557493638; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=YteD3Db77HYCll7bGl/8j+NPVAaFI5MYCfqEiAdChXQ=; b=aT69KtXJW56qs26ccg8UW4Y7GrcS1MjlgmWQmShybBE91LIeotqSRouijjNhYpkOv6KcnmFrz6oyaKWbAXS/c4M+eqQxUnCAHVTWK1zKzT1SzDJcRzVHBzUKTuzG50iZdvhs7zyr3l9ZkCm+Lx2FtEOB60Gfot3/RVx1P6i5QE4= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1557493638426139.5264924430909; Fri, 10 May 2019 06:07:18 -0700 (PDT) Received: from localhost ([127.0.0.1]:43010 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hP5F4-0007gg-9q for importer@patchew.org; Fri, 10 May 2019 09:07:14 -0400 Received: from eggs.gnu.org ([209.51.188.92]:52529) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hP5Au-0004Ko-2n for qemu-devel@nongnu.org; Fri, 10 May 2019 09:02:57 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hP5As-00047a-SR for qemu-devel@nongnu.org; Fri, 10 May 2019 09:02:56 -0400 Received: from mx1.redhat.com ([209.132.183.28]:60351) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hP5Aq-00040V-3l; Fri, 10 May 2019 09:02:52 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 54DC93004151; Fri, 10 May 2019 13:02:51 +0000 (UTC) Received: from localhost (ovpn-116-89.ams2.redhat.com [10.36.116.89]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7E2255E7B8; Fri, 10 May 2019 13:02:48 +0000 (UTC) From: Stefan Hajnoczi To: qemu-devel@nongnu.org Date: Fri, 10 May 2019 14:02:36 +0100 Message-Id: <20190510130243.8887-2-stefanha@redhat.com> In-Reply-To: <20190510130243.8887-1-stefanha@redhat.com> References: <20190510130243.8887-1-stefanha@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.46]); Fri, 10 May 2019 13:02:51 +0000 (UTC) Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 1/8] util/readline: add a space to fix errors by checkpatch tool X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Fam Zheng , Peter Maydell , Jules Irenge , qemu-block@nongnu.org, Thomas Huth , Max Reitz , Stefan Hajnoczi , Paolo Bonzini , Kevin Wolf Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Type: text/plain; charset="utf-8" From: Jules Irenge util/readline: add a space to fix errors reported by checkpatch.pl tool "ERROR: space required before the open parenthesis" "ERROR: space required after that ..." within "util/redline.c" file Signed-off-by: Jules Irenge Reviewed-by: Thomas Huth Message-id: 20190401024406.10819-2-jbi.octave@gmail.com Message-Id: <20190401024406.10819-2-jbi.octave@gmail.com> Signed-off-by: Stefan Hajnoczi --- util/readline.c | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/util/readline.c b/util/readline.c index ec91ee0fea..db399d3948 100644 --- a/util/readline.c +++ b/util/readline.c @@ -48,13 +48,13 @@ static void readline_update(ReadLineState *rs) =20 if (rs->cmd_buf_size !=3D rs->last_cmd_buf_size || memcmp(rs->cmd_buf, rs->last_cmd_buf, rs->cmd_buf_size) !=3D 0) { - for(i =3D 0; i < rs->last_cmd_buf_index; i++) { + for (i =3D 0; i < rs->last_cmd_buf_index; i++) { rs->printf_func(rs->opaque, "\033[D"); } rs->cmd_buf[rs->cmd_buf_size] =3D '\0'; if (rs->read_password) { len =3D strlen(rs->cmd_buf); - for(i =3D 0; i < len; i++) + for (i =3D 0; i < len; i++) rs->printf_func(rs->opaque, "*"); } else { rs->printf_func(rs->opaque, "%s", rs->cmd_buf); @@ -67,12 +67,12 @@ static void readline_update(ReadLineState *rs) if (rs->cmd_buf_index !=3D rs->last_cmd_buf_index) { delta =3D rs->cmd_buf_index - rs->last_cmd_buf_index; if (delta > 0) { - for(i =3D 0;i < delta; i++) { + for (i =3D 0; i < delta; i++) { rs->printf_func(rs->opaque, "\033[C"); } } else { delta =3D -delta; - for(i =3D 0;i < delta; i++) { + for (i =3D 0; i < delta; i++) { rs->printf_func(rs->opaque, "\033[D"); } } @@ -301,7 +301,7 @@ static void readline_completion(ReadLineState *rs) return; if (rs->nb_completions =3D=3D 1) { len =3D strlen(rs->completions[0]); - for(i =3D rs->completion_index; i < len; i++) { + for (i =3D rs->completion_index; i < len; i++) { readline_insert_char(rs, rs->completions[0][i]); } /* extra space for next argument. XXX: make it more generic */ @@ -312,15 +312,15 @@ static void readline_completion(ReadLineState *rs) completion_comp); rs->printf_func(rs->opaque, "\n"); max_width =3D 0; - max_prefix =3D 0;=09 - for(i =3D 0; i < rs->nb_completions; i++) { + max_prefix =3D 0; + for (i =3D 0; i < rs->nb_completions; i++) { len =3D strlen(rs->completions[i]); - if (i=3D=3D0) { + if (i =3D=3D 0) { max_prefix =3D len; } else { if (len < max_prefix) max_prefix =3D len; - for(j=3D0; jcompletions[i][j] !=3D rs->completions[0][j]) max_prefix =3D j; } @@ -328,8 +328,8 @@ static void readline_completion(ReadLineState *rs) if (len > max_width) max_width =3D len; } - if (max_prefix > 0)=20 - for(i =3D rs->completion_index; i < max_prefix; i++) { + if (max_prefix > 0) + for (i =3D rs->completion_index; i < max_prefix; i++) { readline_insert_char(rs, rs->completions[0][i]); } max_width +=3D 2; @@ -339,7 +339,7 @@ static void readline_completion(ReadLineState *rs) max_width =3D 80; nb_cols =3D 80 / max_width; j =3D 0; - for(i =3D 0; i < rs->nb_completions; i++) { + for (i =3D 0; i < rs->nb_completions; i++) { rs->printf_func(rs->opaque, "%-*s", max_width, rs->completions= [i]); if (++j =3D=3D nb_cols || i =3D=3D (rs->nb_completions - 1)) { rs->printf_func(rs->opaque, "\n"); @@ -362,9 +362,9 @@ static void readline_clear_screen(ReadLineState *rs) /* return true if command handled */ void readline_handle_byte(ReadLineState *rs, int ch) { - switch(rs->esc_state) { + switch (rs->esc_state) { case IS_NORM: - switch(ch) { + switch (ch) { case 1: readline_bol(rs); break; @@ -425,7 +425,7 @@ void readline_handle_byte(ReadLineState *rs, int ch) } break; case IS_CSI: - switch(ch) { + switch (ch) { case 'A': case 'F': readline_up_char(rs); @@ -444,7 +444,7 @@ void readline_handle_byte(ReadLineState *rs, int ch) rs->esc_param =3D rs->esc_param * 10 + (ch - '0'); goto the_end; case '~': - switch(rs->esc_param) { + switch (rs->esc_param) { case 1: readline_bol(rs); break; @@ -463,7 +463,7 @@ void readline_handle_byte(ReadLineState *rs, int ch) the_end: break; case IS_SS3: - switch(ch) { + switch (ch) { case 'F': readline_eol(rs); break; --=20 2.21.0 From nobody Sun May 5 17:39:52 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1557493762; cv=none; d=zoho.com; s=zohoarc; b=YhJd9sfHn9rIThzpgmdgMEf3qztjV6uVRkSPfisB0HbKbMzE2SbEjp/bRF1kBtKst82MyFtySzDTOsK9XHt9JrdlVr4hyuGWrGQ/YmiTjWJKaCuGvlcz7QCXbDG91nP8HFVhlfJr5DNUpFP9oCFYFB7kx4S0qOq20LBL+gGAVfw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1557493762; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=aMMIcdS42PICbaU3DyfikwaX1ACLCNqvz+zmy8pQ9MU=; b=hWpbDyi82W9oAiSvSTTSuw5lNGdM1paZgRD8WGqP/3aE6v3TwtftBoWs2CVa0bkAOoTCNdSnfz5SpG1owJellUHycXMEJzWcwh3oP0RDia/uO0BeuERTb8A1wtgSj6nj0y5b2+VizMnBJnU3jlwgwgc51OpyceKizxzP8yBU49s= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (209.51.188.17 [209.51.188.17]) by mx.zohomail.com with SMTPS id 1557493762409596.0580845957354; Fri, 10 May 2019 06:09:22 -0700 (PDT) Received: from localhost ([127.0.0.1]:43033 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hP5H2-0001A1-AF for importer@patchew.org; Fri, 10 May 2019 09:09:16 -0400 Received: from eggs.gnu.org ([209.51.188.92]:52562) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hP5Av-0004MD-NW for qemu-devel@nongnu.org; Fri, 10 May 2019 09:02:59 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hP5Au-0004AH-Ht for qemu-devel@nongnu.org; Fri, 10 May 2019 09:02:57 -0400 Received: from mx1.redhat.com ([209.132.183.28]:56062) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hP5Ar-00044l-SB; Fri, 10 May 2019 09:02:54 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 26C8B821EF; Fri, 10 May 2019 13:02:53 +0000 (UTC) Received: from localhost (ovpn-116-89.ams2.redhat.com [10.36.116.89]) by smtp.corp.redhat.com (Postfix) with ESMTP id ADFF21001E86; Fri, 10 May 2019 13:02:52 +0000 (UTC) From: Stefan Hajnoczi To: qemu-devel@nongnu.org Date: Fri, 10 May 2019 14:02:37 +0100 Message-Id: <20190510130243.8887-3-stefanha@redhat.com> In-Reply-To: <20190510130243.8887-1-stefanha@redhat.com> References: <20190510130243.8887-1-stefanha@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Fri, 10 May 2019 13:02:53 +0000 (UTC) Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 2/8] util: readline: replace tab indent by four spaces to fix checkpatch errors X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Fam Zheng , Peter Maydell , Jules Irenge , qemu-block@nongnu.org, Thomas Huth , Max Reitz , Stefan Hajnoczi , Paolo Bonzini , Kevin Wolf Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Type: text/plain; charset="utf-8" From: Jules Irenge Replace tab indent by four spaces to fix errors issued by checkpatch.pl tool "ERROR: code indent should never use tabs" within "util/readline.c" file. Signed-off-by: Jules Irenge Reviewed-by: Thomas Huth Message-id: 20190401024406.10819-3-jbi.octave@gmail.com Message-Id: <20190401024406.10819-3-jbi.octave@gmail.com> Signed-off-by: Stefan Hajnoczi --- util/readline.c | 98 ++++++++++++++++++++++++------------------------- 1 file changed, 49 insertions(+), 49 deletions(-) diff --git a/util/readline.c b/util/readline.c index db399d3948..3eb5a66dfc 100644 --- a/util/readline.c +++ b/util/readline.c @@ -179,20 +179,20 @@ static void readline_up_char(ReadLineState *rs) int idx; =20 if (rs->hist_entry =3D=3D 0) - return; + return; if (rs->hist_entry =3D=3D -1) { - /* Find latest entry */ - for (idx =3D 0; idx < READLINE_MAX_CMDS; idx++) { - if (rs->history[idx] =3D=3D NULL) - break; - } - rs->hist_entry =3D idx; + /* Find latest entry */ + for (idx =3D 0; idx < READLINE_MAX_CMDS; idx++) { + if (rs->history[idx] =3D=3D NULL) + break; + } + rs->hist_entry =3D idx; } rs->hist_entry--; if (rs->hist_entry >=3D 0) { - pstrcpy(rs->cmd_buf, sizeof(rs->cmd_buf), + pstrcpy(rs->cmd_buf, sizeof(rs->cmd_buf), rs->history[rs->hist_entry]); - rs->cmd_buf_index =3D rs->cmd_buf_size =3D strlen(rs->cmd_buf); + rs->cmd_buf_index =3D rs->cmd_buf_size =3D strlen(rs->cmd_buf); } } =20 @@ -202,11 +202,11 @@ static void readline_down_char(ReadLineState *rs) return; if (rs->hist_entry < READLINE_MAX_CMDS - 1 && rs->history[++rs->hist_entry] !=3D NULL) { - pstrcpy(rs->cmd_buf, sizeof(rs->cmd_buf), + pstrcpy(rs->cmd_buf, sizeof(rs->cmd_buf), rs->history[rs->hist_entry]); } else { rs->cmd_buf[0] =3D 0; - rs->hist_entry =3D -1; + rs->hist_entry =3D -1; } rs->cmd_buf_index =3D rs->cmd_buf_size =3D strlen(rs->cmd_buf); } @@ -217,42 +217,42 @@ static void readline_hist_add(ReadLineState *rs, cons= t char *cmdline) int idx; =20 if (cmdline[0] =3D=3D '\0') - return; + return; new_entry =3D NULL; if (rs->hist_entry !=3D -1) { - /* We were editing an existing history entry: replace it */ - hist_entry =3D rs->history[rs->hist_entry]; - idx =3D rs->hist_entry; - if (strcmp(hist_entry, cmdline) =3D=3D 0) { - goto same_entry; - } + /* We were editing an existing history entry: replace it */ + hist_entry =3D rs->history[rs->hist_entry]; + idx =3D rs->hist_entry; + if (strcmp(hist_entry, cmdline) =3D=3D 0) { + goto same_entry; + } } /* Search cmdline in history buffers */ for (idx =3D 0; idx < READLINE_MAX_CMDS; idx++) { - hist_entry =3D rs->history[idx]; - if (hist_entry =3D=3D NULL) - break; - if (strcmp(hist_entry, cmdline) =3D=3D 0) { - same_entry: - new_entry =3D hist_entry; - /* Put this entry at the end of history */ - memmove(&rs->history[idx], &rs->history[idx + 1], - (READLINE_MAX_CMDS - (idx + 1)) * sizeof(char *)); - rs->history[READLINE_MAX_CMDS - 1] =3D NULL; - for (; idx < READLINE_MAX_CMDS; idx++) { - if (rs->history[idx] =3D=3D NULL) - break; - } - break; - } + hist_entry =3D rs->history[idx]; + if (hist_entry =3D=3D NULL) + break; + if (strcmp(hist_entry, cmdline) =3D=3D 0) { + same_entry: + new_entry =3D hist_entry; + /* Put this entry at the end of history */ + memmove(&rs->history[idx], &rs->history[idx + 1], + (READLINE_MAX_CMDS - (idx + 1)) * sizeof(char *)); + rs->history[READLINE_MAX_CMDS - 1] =3D NULL; + for (; idx < READLINE_MAX_CMDS; idx++) { + if (rs->history[idx] =3D=3D NULL) + break; + } + break; + } } if (idx =3D=3D READLINE_MAX_CMDS) { - /* Need to get one free slot */ + /* Need to get one free slot */ g_free(rs->history[0]); - memmove(rs->history, &rs->history[1], - (READLINE_MAX_CMDS - 1) * sizeof(char *)); - rs->history[READLINE_MAX_CMDS - 1] =3D NULL; - idx =3D READLINE_MAX_CMDS - 1; + memmove(rs->history, &rs->history[1], + (READLINE_MAX_CMDS - 1) * sizeof(char *)); + rs->history[READLINE_MAX_CMDS - 1] =3D NULL; + idx =3D READLINE_MAX_CMDS - 1; } if (new_entry =3D=3D NULL) new_entry =3D g_strdup(cmdline); @@ -403,9 +403,9 @@ void readline_handle_byte(ReadLineState *rs, int ch) case 8: readline_backspace(rs); break; - case 155: + case 155: rs->esc_state =3D IS_CSI; - break; + break; default: if (ch >=3D 32) { readline_insert_char(rs, ch); @@ -426,14 +426,14 @@ void readline_handle_byte(ReadLineState *rs, int ch) break; case IS_CSI: switch (ch) { - case 'A': - case 'F': - readline_up_char(rs); - break; - case 'B': - case 'E': - readline_down_char(rs); - break; + case 'A': + case 'F': + readline_up_char(rs); + break; + case 'B': + case 'E': + readline_down_char(rs); + break; case 'D': readline_backward_char(rs); break; --=20 2.21.0 From nobody Sun May 5 17:39:52 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1557493865; cv=none; d=zoho.com; s=zohoarc; b=RFOqHC/MjoeMacgEBZhpdjCUdRwnwprreYFb6y+0ipzYhnqoHFLWGoA7VCxnxYshzspq4Ay8ovru5WLgYHgyM9kJlBo8qXo4mdNw0K9SQkZCCcge6/7WJ7t5ltyb/xwnbxngptJwU58c7kAleyQNbTtiqM3xQLbaIHxy9xEE0r8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1557493865; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=gblNC3DfKjIPwf6SW6MYsps22b/M8kMcmf+tFwPfpNw=; b=ooqOqGz4LvZEc8DNwUtoGtUKTdQMn+hB0OABme962u+h6TeTX+VwN5boOXoOz6ga5pKUIQz0qYh4o/tHytazqqHtG+vfZIZpLvMF4OjTTKOG3aaXXW9i0D8fVaQT1+bbEOTeq+PII/z6xbh2PRq47lmCCER2H94LkALWo8hLGeQ= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1557493865061190.95785550149822; Fri, 10 May 2019 06:11:05 -0700 (PDT) Received: from localhost ([127.0.0.1]:43075 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hP5Id-0002EJ-QW for importer@patchew.org; Fri, 10 May 2019 09:10:55 -0400 Received: from eggs.gnu.org ([209.51.188.92]:52607) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hP5Az-0004Nn-Ab for qemu-devel@nongnu.org; Fri, 10 May 2019 09:03:02 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hP5Ax-0004KE-Vr for qemu-devel@nongnu.org; Fri, 10 May 2019 09:03:01 -0400 Received: from mx1.redhat.com ([209.132.183.28]:42926) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hP5At-000485-OV; Fri, 10 May 2019 09:02:55 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 1609B753F5; Fri, 10 May 2019 13:02:55 +0000 (UTC) Received: from localhost (ovpn-116-89.ams2.redhat.com [10.36.116.89]) by smtp.corp.redhat.com (Postfix) with ESMTP id 87A091001E86; Fri, 10 May 2019 13:02:54 +0000 (UTC) From: Stefan Hajnoczi To: qemu-devel@nongnu.org Date: Fri, 10 May 2019 14:02:38 +0100 Message-Id: <20190510130243.8887-4-stefanha@redhat.com> In-Reply-To: <20190510130243.8887-1-stefanha@redhat.com> References: <20190510130243.8887-1-stefanha@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Fri, 10 May 2019 13:02:55 +0000 (UTC) Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 3/8] util/readline: Add braces to fix checkpatch errors X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Fam Zheng , Peter Maydell , Jules Irenge , qemu-block@nongnu.org, Max Reitz , Stefan Hajnoczi , Paolo Bonzini , Kevin Wolf Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Type: text/plain; charset="utf-8" From: Jules Irenge Add braces to fix errors issued by checkpatch.pl tool "ERROR: braces {} are necessary for all arms of this statement" Within "util/readline.c" file Message-Id: <20190330112142.14082-1-jbi.octave@gmail.com> Signed-off-by: Stefan Hajnoczi --- util/readline.c | 50 ++++++++++++++++++++++++++++++++----------------- 1 file changed, 33 insertions(+), 17 deletions(-) diff --git a/util/readline.c b/util/readline.c index 3eb5a66dfc..a7672b51c1 100644 --- a/util/readline.c +++ b/util/readline.c @@ -54,8 +54,9 @@ static void readline_update(ReadLineState *rs) rs->cmd_buf[rs->cmd_buf_size] =3D '\0'; if (rs->read_password) { len =3D strlen(rs->cmd_buf); - for (i =3D 0; i < len; i++) + for (i =3D 0; i < len; i++) { rs->printf_func(rs->opaque, "*"); + } } else { rs->printf_func(rs->opaque, "%s", rs->cmd_buf); } @@ -178,13 +179,15 @@ static void readline_up_char(ReadLineState *rs) { int idx; =20 - if (rs->hist_entry =3D=3D 0) + if (rs->hist_entry =3D=3D 0) { return; + } if (rs->hist_entry =3D=3D -1) { /* Find latest entry */ for (idx =3D 0; idx < READLINE_MAX_CMDS; idx++) { - if (rs->history[idx] =3D=3D NULL) + if (rs->history[idx] =3D=3D NULL) { break; + } } rs->hist_entry =3D idx; } @@ -198,8 +201,9 @@ static void readline_up_char(ReadLineState *rs) =20 static void readline_down_char(ReadLineState *rs) { - if (rs->hist_entry =3D=3D -1) + if (rs->hist_entry =3D=3D -1) { return; + } if (rs->hist_entry < READLINE_MAX_CMDS - 1 && rs->history[++rs->hist_entry] !=3D NULL) { pstrcpy(rs->cmd_buf, sizeof(rs->cmd_buf), @@ -216,8 +220,9 @@ static void readline_hist_add(ReadLineState *rs, const = char *cmdline) char *hist_entry, *new_entry; int idx; =20 - if (cmdline[0] =3D=3D '\0') + if (cmdline[0] =3D=3D '\0') { return; + } new_entry =3D NULL; if (rs->hist_entry !=3D -1) { /* We were editing an existing history entry: replace it */ @@ -230,8 +235,9 @@ static void readline_hist_add(ReadLineState *rs, const = char *cmdline) /* Search cmdline in history buffers */ for (idx =3D 0; idx < READLINE_MAX_CMDS; idx++) { hist_entry =3D rs->history[idx]; - if (hist_entry =3D=3D NULL) + if (hist_entry =3D=3D NULL) { break; + } if (strcmp(hist_entry, cmdline) =3D=3D 0) { same_entry: new_entry =3D hist_entry; @@ -240,8 +246,9 @@ static void readline_hist_add(ReadLineState *rs, const = char *cmdline) (READLINE_MAX_CMDS - (idx + 1)) * sizeof(char *)); rs->history[READLINE_MAX_CMDS - 1] =3D NULL; for (; idx < READLINE_MAX_CMDS; idx++) { - if (rs->history[idx] =3D=3D NULL) + if (rs->history[idx] =3D=3D NULL) { break; + } } break; } @@ -254,8 +261,9 @@ static void readline_hist_add(ReadLineState *rs, const = char *cmdline) rs->history[READLINE_MAX_CMDS - 1] =3D NULL; idx =3D READLINE_MAX_CMDS - 1; } - if (new_entry =3D=3D NULL) + if (new_entry =3D=3D NULL) { new_entry =3D g_strdup(cmdline); + } rs->history[idx] =3D new_entry; rs->hist_entry =3D -1; } @@ -297,16 +305,18 @@ static void readline_completion(ReadLineState *rs) g_free(cmdline); =20 /* no completion found */ - if (rs->nb_completions <=3D 0) + if (rs->nb_completions <=3D 0) { return; + } if (rs->nb_completions =3D=3D 1) { len =3D strlen(rs->completions[0]); for (i =3D rs->completion_index; i < len; i++) { readline_insert_char(rs, rs->completions[0][i]); } /* extra space for next argument. XXX: make it more generic */ - if (len > 0 && rs->completions[0][len - 1] !=3D '/') + if (len > 0 && rs->completions[0][len - 1] !=3D '/') { readline_insert_char(rs, ' '); + } } else { qsort(rs->completions, rs->nb_completions, sizeof(char *), completion_comp); @@ -318,25 +328,29 @@ static void readline_completion(ReadLineState *rs) if (i =3D=3D 0) { max_prefix =3D len; } else { - if (len < max_prefix) + if (len < max_prefix) { max_prefix =3D len; + } for (j =3D 0; j < max_prefix; j++) { - if (rs->completions[i][j] !=3D rs->completions[0][j]) + if (rs->completions[i][j] !=3D rs->completions[0][j]) { max_prefix =3D j; + } } } - if (len > max_width) + if (len > max_width) { max_width =3D len; + } } if (max_prefix > 0) for (i =3D rs->completion_index; i < max_prefix; i++) { readline_insert_char(rs, rs->completions[0][i]); } max_width +=3D 2; - if (max_width < 10) + if (max_width < 10) { max_width =3D 10; - else if (max_width > 80) + } else if (max_width > 80) { max_width =3D 80; + } nb_cols =3D 80 / max_width; j =3D 0; for (i =3D 0; i < rs->nb_completions; i++) { @@ -383,8 +397,9 @@ void readline_handle_byte(ReadLineState *rs, int ch) case 10: case 13: rs->cmd_buf[rs->cmd_buf_size] =3D '\0'; - if (!rs->read_password) + if (!rs->read_password) { readline_hist_add(rs, rs->cmd_buf); + } rs->printf_func(rs->opaque, "\n"); rs->cmd_buf_index =3D 0; rs->cmd_buf_size =3D 0; @@ -495,8 +510,9 @@ void readline_restart(ReadLineState *rs) =20 const char *readline_get_history(ReadLineState *rs, unsigned int index) { - if (index >=3D READLINE_MAX_CMDS) + if (index >=3D READLINE_MAX_CMDS) { return NULL; + } return rs->history[index]; } =20 --=20 2.21.0 From nobody Sun May 5 17:39:52 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1557493559; cv=none; d=zoho.com; s=zohoarc; b=ofhrih+erPLeYsA+OEpF4p11eDF7u5jgIClBgztzAX2bFblRt+cnkdjUL6FwTiUcDI/Fm0D71yBxPqf+ciXcNsIaOQxiP/b8//LmeqFVccO8gNzr3tU5omP8t/TQ1Le2l7YNyOGHvXxZFUb8DILTO07n0nO0XV9In0O6XrHexEk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1557493559; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=6hWYep/+n1KhITPESHqAi1e+wx/HWJ2WBH26yo/N5oo=; b=j47CmlAx4Skm0WsXFNM9FxK7ujpKKAGSQuYkKBWSKu5OfNgilJ5M4VtDc0PHgyZxu025qC/yICZjRFCJl7/BxIwsicFbKOn5in74x+akjvp/H/GwISY+X0WhBaWi42JAYuCkHIJyGvKBKXqc3rK2NdEzoQgxpG3ult4hsClqgwo= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1557493559370650.9307088989176; Fri, 10 May 2019 06:05:59 -0700 (PDT) Received: from localhost ([127.0.0.1]:42993 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hP5Do-00069M-Cn for importer@patchew.org; Fri, 10 May 2019 09:05:56 -0400 Received: from eggs.gnu.org ([209.51.188.92]:52623) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hP5B0-0004PF-T2 for qemu-devel@nongnu.org; Fri, 10 May 2019 09:03:03 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hP5B0-0004Nu-0x for qemu-devel@nongnu.org; Fri, 10 May 2019 09:03:02 -0400 Received: from mx1.redhat.com ([209.132.183.28]:16551) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hP5Ay-0004In-0A; Fri, 10 May 2019 09:03:00 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4CA2C3086211; Fri, 10 May 2019 13:02:59 +0000 (UTC) Received: from localhost (ovpn-116-89.ams2.redhat.com [10.36.116.89]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9380E60126; Fri, 10 May 2019 13:02:56 +0000 (UTC) From: Stefan Hajnoczi To: qemu-devel@nongnu.org Date: Fri, 10 May 2019 14:02:39 +0100 Message-Id: <20190510130243.8887-5-stefanha@redhat.com> In-Reply-To: <20190510130243.8887-1-stefanha@redhat.com> References: <20190510130243.8887-1-stefanha@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.42]); Fri, 10 May 2019 13:02:59 +0000 (UTC) Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 4/8] block: Add coroutine_fn to bdrv_check_co_entry X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Fam Zheng , Peter Maydell , qemu-block@nongnu.org, Max Reitz , Stefan Hajnoczi , Paolo Bonzini , Kevin Wolf , Nikita Alekseev Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Type: text/plain; charset="utf-8" From: Nikita Alekseev bdrv_check_co_entry calls bdrv_co_check, which is a coroutine function. Thus, it also needs to be marked as a coroutine. Signed-off-by: Nikita Alekseev Message-id: 20190401093051.16488-1-n.alekseev2104@gmail.com Message-Id: <20190401093051.16488-1-n.alekseev2104@gmail.com> Signed-off-by: Stefan Hajnoczi --- block.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/block.c b/block.c index 7dc8fe289a..5c2c6aa761 100644 --- a/block.c +++ b/block.c @@ -4121,7 +4121,7 @@ typedef struct CheckCo { int ret; } CheckCo; =20 -static void bdrv_check_co_entry(void *opaque) +static void coroutine_fn bdrv_check_co_entry(void *opaque) { CheckCo *cco =3D opaque; cco->ret =3D bdrv_co_check(cco->bs, cco->res, cco->fix); --=20 2.21.0 From nobody Sun May 5 17:39:52 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1557493502; cv=none; d=zoho.com; s=zohoarc; b=HpnXSN7ds7tos46Mf6aIZ1GK2W1B/04JdU05tdbFXRVxX7/Sgfga2TKYltbIun9sJw3TwpJUD5aEZNj+j65fTlwzP4gQUfkNtAQzyKf/3sNqbiatbYuQT6cPuztqqSW+mGSSoRJ0hO64Bhs1aq/+R25Y1j2cgslG4uRiJZUakCo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1557493502; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=IOdkjEj4rIzjMJY/67SqxKZeKk59gH1IxZaSCbyfags=; b=JbSqEP62w3dirw3afgqTVUno92cN65fHNgby3XHYkU4SIS4rupnSMtzt1DChQFxhcLPx8ddo7a0MWNPvAk4Nhw9aJ9YH5OdZUMa3qEFPl1egiOQOavSwxoEJ/WJEBfqQsCbQPTgFCQAldu/2Q+bD5hlLkeK23kn+i963p61F6rQ= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1557493502828218.84497777822435; Fri, 10 May 2019 06:05:02 -0700 (PDT) Received: from localhost ([127.0.0.1]:42960 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hP5Ct-0005TI-TY for importer@patchew.org; Fri, 10 May 2019 09:04:59 -0400 Received: from eggs.gnu.org ([209.51.188.92]:52684) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hP5B8-0004VM-Ks for qemu-devel@nongnu.org; Fri, 10 May 2019 09:03:14 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hP5B7-0004V9-MU for qemu-devel@nongnu.org; Fri, 10 May 2019 09:03:10 -0400 Received: from mx1.redhat.com ([209.132.183.28]:53346) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hP5B5-0004Sl-L7; Fri, 10 May 2019 09:03:07 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 3DB34300271C; Fri, 10 May 2019 13:03:05 +0000 (UTC) Received: from localhost (ovpn-116-89.ams2.redhat.com [10.36.116.89]) by smtp.corp.redhat.com (Postfix) with ESMTP id ABAF16013D; Fri, 10 May 2019 13:03:00 +0000 (UTC) From: Stefan Hajnoczi To: qemu-devel@nongnu.org Date: Fri, 10 May 2019 14:02:40 +0100 Message-Id: <20190510130243.8887-6-stefanha@redhat.com> In-Reply-To: <20190510130243.8887-1-stefanha@redhat.com> References: <20190510130243.8887-1-stefanha@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.46]); Fri, 10 May 2019 13:03:07 +0000 (UTC) Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 5/8] block/io.c: fix for the allocation failure X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Fam Zheng , Peter Maydell , qemu-block@nongnu.org, "Denis V . Lunev" , Max Reitz , Andrey Shinkevich , Stefan Hajnoczi , Paolo Bonzini , Kevin Wolf , John Snow Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Type: text/plain; charset="utf-8" From: Andrey Shinkevich On a file system used by the customer, fallocate() returns an error if the block is not properly aligned. So, bdrv_co_pwrite_zeroes() fails. We can handle that case the same way as it is done for the unsupported cases, namely, call to bdrv_driver_pwritev() that writes zeroes to an image for the unaligned chunk of the block. Suggested-by: Denis V. Lunev Signed-off-by: Andrey Shinkevich Reviewed-by: John Snow Message-id: 1554474244-553661-1-git-send-email-andrey.shinkevich@virtuozzo.= com Message-Id: <1554474244-553661-1-git-send-email-andrey.shinkevich@virtuozzo= .com> Signed-off-by: Stefan Hajnoczi --- block/io.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/block/io.c b/block/io.c index dfc153b8d8..0412a51314 100644 --- a/block/io.c +++ b/block/io.c @@ -1516,7 +1516,7 @@ static int coroutine_fn bdrv_co_do_pwrite_zeroes(Bloc= kDriverState *bs, assert(!bs->supported_zero_flags); } =20 - if (ret =3D=3D -ENOTSUP && !(flags & BDRV_REQ_NO_FALLBACK)) { + if (ret < 0 && !(flags & BDRV_REQ_NO_FALLBACK)) { /* Fall back to bounce buffer if write zeroes is unsupported */ BdrvRequestFlags write_flags =3D flags & ~BDRV_REQ_ZERO_WRITE; =20 --=20 2.21.0 From nobody Sun May 5 17:39:52 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1557493642; cv=none; d=zoho.com; s=zohoarc; b=Hcr9YTQmJeScb6fbRpdKC8pu+RlbmL1ljFrOEAyNbQlz5xjAIJHeif40C6fRbuxzpJHmHzUGisd1dasAcApJg/2+Z9iNtx5wio+hS6sSN6Ud/tytJy//AE4MihpCNqUUiYl7aOn2k3X8hQ2t8B65NkK6H2eeP1YjMPP1wNF93XE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1557493642; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=VAx5L7XkPKiBoRMUxH0rKijgvS751dVFyJIIrhoxyA0=; b=Qo20QoK6QURUQm3Cj5jRmYgD70tNbpIr1sl7Odi+ONb7Pag2PLlAmae0aydWX3KC0LOEv3yskoiIysK+jS5Xejy41UjQWzoZsRKBhs4SeOqavuaYJqVzt3Krrk5dcN1rvDJqjBAjsUfU9QYZ7xDTqW5dirlVOdgMAjfJZ+8o8HA= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1557493642629425.5695657338341; Fri, 10 May 2019 06:07:22 -0700 (PDT) Received: from localhost ([127.0.0.1]:43013 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hP5FB-0007nK-JD for importer@patchew.org; Fri, 10 May 2019 09:07:21 -0400 Received: from eggs.gnu.org ([209.51.188.92]:52766) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hP5BE-0004XE-1Q for qemu-devel@nongnu.org; Fri, 10 May 2019 09:03:17 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hP5BC-0004ab-Sm for qemu-devel@nongnu.org; Fri, 10 May 2019 09:03:15 -0400 Received: from mx1.redhat.com ([209.132.183.28]:53856) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hP5B8-0004Ve-LB; Fri, 10 May 2019 09:03:10 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id E8F9B30254A1; Fri, 10 May 2019 13:03:09 +0000 (UTC) Received: from localhost (ovpn-116-89.ams2.redhat.com [10.36.116.89]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9D40F60126; Fri, 10 May 2019 13:03:06 +0000 (UTC) From: Stefan Hajnoczi To: qemu-devel@nongnu.org Date: Fri, 10 May 2019 14:02:41 +0100 Message-Id: <20190510130243.8887-7-stefanha@redhat.com> In-Reply-To: <20190510130243.8887-1-stefanha@redhat.com> References: <20190510130243.8887-1-stefanha@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.43]); Fri, 10 May 2019 13:03:10 +0000 (UTC) Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 6/8] aio-posix: ensure poll mode is left when aio_notify is called X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Fam Zheng , Peter Maydell , Sergio Lopez , qemu-block@nongnu.org, Stefan Hajnoczi , Max Reitz , Stefan Hajnoczi , Paolo Bonzini , Kevin Wolf Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Type: text/plain; charset="utf-8" From: Paolo Bonzini With aio=3Dthread, adaptive polling makes latency worse rather than better, because it delays the execution of the ThreadPool's completion bottom half. event_notifier_poll() does run while polling, detecting that a bottom half was scheduled by a worker thread, but because ctx->notifier is explicitly ignored in run_poll_handlers_once(), scheduling the BH does not count as making progress and run_poll_handlers() keeps running. Fix this by recomputing the deadline after *timeout could have changed. With this change, ThreadPool still cannot participate in polling but at least it does not suffer from extra latency. Reported-by: Sergio Lopez Signed-off-by: Paolo Bonzini Message-id: 20190409122823.12416-1-pbonzini@redhat.com Cc: Stefan Hajnoczi Cc: Kevin Wolf Cc: qemu-block@nongnu.org Signed-off-by: Paolo Bonzini Message-Id: <1553692145-86728-1-git-send-email-pbonzini@redhat.com> Signed-off-by: Paolo Bonzini Message-Id: <20190409122823.12416-1-pbonzini@redhat.com> Signed-off-by: Stefan Hajnoczi --- util/aio-posix.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/util/aio-posix.c b/util/aio-posix.c index 6fbfa7924f..db11021287 100644 --- a/util/aio-posix.c +++ b/util/aio-posix.c @@ -519,6 +519,10 @@ static bool run_poll_handlers_once(AioContext *ctx, in= t64_t *timeout) if (!node->deleted && node->io_poll && aio_node_check(ctx, node->is_external) && node->io_poll(node->opaque)) { + /* + * Polling was successful, exit try_poll_mode immediately + * to adjust the next polling time. + */ *timeout =3D 0; if (node->opaque !=3D &ctx->notifier) { progress =3D true; @@ -558,8 +562,9 @@ static bool run_poll_handlers(AioContext *ctx, int64_t = max_ns, int64_t *timeout) do { progress =3D run_poll_handlers_once(ctx, timeout); elapsed_time =3D qemu_clock_get_ns(QEMU_CLOCK_REALTIME) - start_ti= me; - } while (!progress && elapsed_time < max_ns - && !atomic_read(&ctx->poll_disable_cnt)); + max_ns =3D qemu_soonest_timeout(*timeout, max_ns); + assert(!(max_ns && progress)); + } while (elapsed_time < max_ns && !atomic_read(&ctx->poll_disable_cnt)= ); =20 /* If time has passed with no successful polling, adjust *timeout to * keep the same ending time. @@ -585,8 +590,7 @@ static bool run_poll_handlers(AioContext *ctx, int64_t = max_ns, int64_t *timeout) */ static bool try_poll_mode(AioContext *ctx, int64_t *timeout) { - /* See qemu_soonest_timeout() uint64_t hack */ - int64_t max_ns =3D MIN((uint64_t)*timeout, (uint64_t)ctx->poll_ns); + int64_t max_ns =3D qemu_soonest_timeout(*timeout, ctx->poll_ns); =20 if (max_ns && !atomic_read(&ctx->poll_disable_cnt)) { poll_set_started(ctx, true); --=20 2.21.0 From nobody Sun May 5 17:39:52 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1557493694; cv=none; d=zoho.com; s=zohoarc; b=OpVBIHDVAGhH18RmvBmZg4PHK9v4kgxCQy5EzICvzdlrhbuo1/KGcJbGDuFB5DvZajnwMQmOLaXG9J8aRAt7hl/8RLid6wgKTGHkixLCp0uw6jXtkzmcXAbT8B5jLxp8EDHr0et99bGIdTfMs/h4SWUEqFT2dQhU8Yoe3Z5CGww= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1557493694; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=vt9esgMqjfeynhr/KInJwIjBsjiGo+Jc0ArKzyzp1VQ=; b=Siq64QvMWSwJYhP5r+5BEyxptUliIwXr2Q2uOB/XFzQfXmeOuFTDeGxV3kvTE74jzaCDaktOw1PzQ2ehVlyffrwRH5A36s3huJARd6ZePoE9AcNEGe0ZGC0l56XdNc54Gvy8LQvzvuIqSoLcVHAbWZnzhJ1Zo+A2SzdTBjwtYbQ= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1557493694459721.8266771198255; Fri, 10 May 2019 06:08:14 -0700 (PDT) Received: from localhost ([127.0.0.1]:43015 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hP5G1-0000MX-BK for importer@patchew.org; Fri, 10 May 2019 09:08:13 -0400 Received: from eggs.gnu.org ([209.51.188.92]:52952) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hP5BS-0004kV-1O for qemu-devel@nongnu.org; Fri, 10 May 2019 09:03:31 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hP5BQ-0004pO-Bq for qemu-devel@nongnu.org; Fri, 10 May 2019 09:03:29 -0400 Received: from mx1.redhat.com ([209.132.183.28]:56418) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hP5BI-0004gS-OJ; Fri, 10 May 2019 09:03:20 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 038CE70D64; Fri, 10 May 2019 13:03:20 +0000 (UTC) Received: from localhost (ovpn-116-89.ams2.redhat.com [10.36.116.89]) by smtp.corp.redhat.com (Postfix) with ESMTP id 469711001E82; Fri, 10 May 2019 13:03:12 +0000 (UTC) From: Stefan Hajnoczi To: qemu-devel@nongnu.org Date: Fri, 10 May 2019 14:02:42 +0100 Message-Id: <20190510130243.8887-8-stefanha@redhat.com> In-Reply-To: <20190510130243.8887-1-stefanha@redhat.com> References: <20190510130243.8887-1-stefanha@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Fri, 10 May 2019 13:03:20 +0000 (UTC) Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 7/8] docs: add Secure Coding Practices to developer docs X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Fam Zheng , Peter Maydell , =?UTF-8?q?Daniel=20P=20=2E=20Berrang=C3=A9?= , qemu-block@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Li Qiang , Max Reitz , Stefan Hajnoczi , Paolo Bonzini , Kevin Wolf , =?UTF-8?q?Alex=20Benn=C3=A9e?= , Stefano Garzarella Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Type: text/plain; charset="utf-8" At KVM Forum 2018 I gave a presentation on security in QEMU: https://www.youtube.com/watch?v=3DYAdRf_hwxU8 (video) https://vmsplice.net/~stefan/stefanha-kvm-forum-2018.pdf (slides) This patch adds a guide to secure coding practices. This document covers things that developers should know about security in QEMU. It is just a starting point that we can expand on later. I hope it will be useful as a resource for new contributors and will save code reviewers from explaining the same concepts many times. Signed-off-by: Stefan Hajnoczi Acked-by: Stefano Garzarella Reviewed-by: Alex Benn=C3=A9e Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Daniel P. Berrang=C3=A9 Reviewed-by: Li Qiang Message-id: 20190509121820.16294-2-stefanha@redhat.com Message-Id: <20190509121820.16294-2-stefanha@redhat.com> Signed-off-by: Stefan Hajnoczi --- docs/devel/index.rst | 1 + docs/devel/secure-coding-practices.rst | 106 +++++++++++++++++++++++++ 2 files changed, 107 insertions(+) create mode 100644 docs/devel/secure-coding-practices.rst diff --git a/docs/devel/index.rst b/docs/devel/index.rst index ebbab636ce..2a4ddf40ad 100644 --- a/docs/devel/index.rst +++ b/docs/devel/index.rst @@ -20,3 +20,4 @@ Contents: stable-process testing decodetree + secure-coding-practices diff --git a/docs/devel/secure-coding-practices.rst b/docs/devel/secure-cod= ing-practices.rst new file mode 100644 index 0000000000..cbfc8af67e --- /dev/null +++ b/docs/devel/secure-coding-practices.rst @@ -0,0 +1,106 @@ +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +Secure Coding Practices +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +This document covers topics that both developers and security researchers = must +be aware of so that they can develop safe code and audit existing code +properly. + +Reporting Security Bugs +----------------------- +For details on how to report security bugs or ask questions about potential +security bugs, see the `Security Process wiki page +`_. + +General Secure C Coding Practices +--------------------------------- +Most CVEs (security bugs) reported against QEMU are not specific to +virtualization or emulation. They are simply C programming bugs. Therefo= re +it's critical to be aware of common classes of security bugs. + +There is a wide selection of resources available covering secure C coding.= For +example, the `CERT C Coding Standard += `_ +covers the most important classes of security bugs. + +Instead of describing them in detail here, only the names of the most impo= rtant +classes of security bugs are mentioned: + +* Buffer overflows +* Use-after-free and double-free +* Integer overflows +* Format string vulnerabilities + +Some of these classes of bugs can be detected by analyzers. Static analys= is is +performed regularly by Coverity and the most obvious of these bugs are even +reported by compilers. Dynamic analysis is possible with valgrind, tsan, = and +asan. + +Input Validation +---------------- +Inputs from the guest or external sources (e.g. network, files) cannot be +trusted and may be invalid. Inputs must be checked before using them in a= way +that could crash the program, expose host memory to the guest, or otherwis= e be +exploitable by an attacker. + +The most sensitive attack surface is device emulation. All hardware regis= ter +accesses and data read from guest memory must be validated. A typical exa= mple +is a device that contains multiple units that are selectable by the guest = via +an index register:: + + typedef struct { + ProcessingUnit unit[2]; + ... + } MyDeviceState; + + static void mydev_writel(void *opaque, uint32_t addr, uint32_t val) + { + MyDeviceState *mydev =3D opaque; + ProcessingUnit *unit; + + switch (addr) { + case MYDEV_SELECT_UNIT: + unit =3D &mydev->unit[val]; <-- this input wasn't validated! + ... + } + } + +If ``val`` is not in range [0, 1] then an out-of-bounds memory access will= take +place when ``unit`` is dereferenced. The code must check that ``val`` is = 0 or +1 and handle the case where it is invalid. + +Unexpected Device Accesses +-------------------------- +The guest may access device registers in unusual orders or at unexpected +moments. Device emulation code must not assume that the guest follows the +typical "theory of operation" presented in driver writer manuals. The gue= st +may make nonsense accesses to device registers such as starting operations +before the device has been fully initialized. + +A related issue is that device emulation code must be prepared for unexpec= ted +device register accesses while asynchronous operations are in progress. A +well-behaved guest might wait for a completion interrupt before accessing +certain device registers. Device emulation code must handle the case wher= e the +guest overwrites registers or submits further requests before an ongoing +request completes. Unexpected accesses must not cause memory corruption or +leaks in QEMU. + +Invalid device register accesses can be reported with +``qemu_log_mask(LOG_GUEST_ERROR, ...)``. The ``-d guest_errors`` command-= line +option enables these log messages. + +Live Migration +-------------- +Device state can be saved to disk image files and shared with other users. +Live migration code must validate inputs when loading device state so an +attacker cannot gain control by crafting invalid device states. Device st= ate +is therefore considered untrusted even though it is typically generated by= QEMU +itself. + +Guest Memory Access Races +------------------------- +Guests with multiple vCPUs may modify guest RAM while device emulation cod= e is +running. Device emulation code must copy in descriptors and other guest R= AM +structures and only process the local copy. This prevents +time-of-check-to-time-of-use (TOCTOU) race conditions that could cause QEM= U to +crash when a vCPU thread modifies guest RAM while device emulation is +processing it. --=20 2.21.0 From nobody Sun May 5 17:39:52 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1557493958; cv=none; d=zoho.com; s=zohoarc; b=Ezm3piwmKFGkuj27d+Pl2WD/FtHqQAkP+0cYEjlAIeReD7TqI3mm4UBSGFFX7OnV5n7IcY5DnoU4wK9tqsQw5YKZq8Ot+2/oeZAs9XyogUOOXWpIwdkMXjoikrbS9tb+J+zvSHZnB3nAFcVQaUufugJtyrxBgVo+I6iojw1NWT0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1557493958; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=II2fvub3snceg5GOHMQ7a8lcYJvLYD/TfBzK5j9BqJM=; b=Iobfe0CYiBmt6GPUqW0k5RqPihw4VHOvSwKAEO4W5MNLtkmmQHiLaWN6Aq802VI9EBG8DxzhC/5YQTk2SEq5dqcCWrf94qm2VE91unUJFMwyVV3fmmJ9k2EajhJH3eKXYzBRIZRWc1614RdsQqnd59utrkQASIlo8Y/45ya0Ia8= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 15574939584621010.3118698450193; Fri, 10 May 2019 06:12:38 -0700 (PDT) Received: from localhost ([127.0.0.1]:43101 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hP5KF-00045W-CN for importer@patchew.org; Fri, 10 May 2019 09:12:35 -0400 Received: from eggs.gnu.org ([209.51.188.92]:52937) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hP5BQ-0004iy-Cy for qemu-devel@nongnu.org; Fri, 10 May 2019 09:03:30 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hP5BO-0004nf-L4 for qemu-devel@nongnu.org; Fri, 10 May 2019 09:03:28 -0400 Received: from mx1.redhat.com ([209.132.183.28]:53984) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hP5BK-0004ig-Oj; Fri, 10 May 2019 09:03:22 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 12F62308FC5F; Fri, 10 May 2019 13:03:22 +0000 (UTC) Received: from localhost (ovpn-116-89.ams2.redhat.com [10.36.116.89]) by smtp.corp.redhat.com (Postfix) with ESMTP id 900201001E82; Fri, 10 May 2019 13:03:21 +0000 (UTC) From: Stefan Hajnoczi To: qemu-devel@nongnu.org Date: Fri, 10 May 2019 14:02:43 +0100 Message-Id: <20190510130243.8887-9-stefanha@redhat.com> In-Reply-To: <20190510130243.8887-1-stefanha@redhat.com> References: <20190510130243.8887-1-stefanha@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.43]); Fri, 10 May 2019 13:03:22 +0000 (UTC) Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 8/8] docs: add Security chapter to the documentation X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Fam Zheng , Peter Maydell , =?UTF-8?q?Daniel=20P=20=2E=20Berrang=C3=A9?= , qemu-block@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Li Qiang , Max Reitz , Stefan Hajnoczi , Paolo Bonzini , Kevin Wolf , =?UTF-8?q?Alex=20Benn=C3=A9e?= , Stefano Garzarella Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Type: text/plain; charset="utf-8" This new chapter in the QEMU documentation covers the security requirements that QEMU is designed to meet and principles for securely deploying QEMU. It is just a starting point that can be extended in the future with more information. Signed-off-by: Stefan Hajnoczi Acked-by: Stefano Garzarella Reviewed-by: Alex Benn=C3=A9e Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Daniel P. Berrang=C3=A9 Reviewed-by: Li Qiang Message-id: 20190509121820.16294-3-stefanha@redhat.com Message-Id: <20190509121820.16294-3-stefanha@redhat.com> Signed-off-by: Stefan Hajnoczi --- Makefile | 2 +- docs/security.texi | 131 +++++++++++++++++++++++++++++++++++++++++++++ qemu-doc.texi | 3 ++ 3 files changed, 135 insertions(+), 1 deletion(-) create mode 100644 docs/security.texi diff --git a/Makefile b/Makefile index a971247cac..4a8ae0ef95 100644 --- a/Makefile +++ b/Makefile @@ -976,7 +976,7 @@ qemu-doc.html qemu-doc.info qemu-doc.pdf qemu-doc.txt: \ qemu-img.texi qemu-nbd.texi qemu-options.texi qemu-option-trace.texi \ qemu-deprecated.texi qemu-monitor.texi qemu-img-cmds.texi qemu-ga.texi \ qemu-monitor-info.texi docs/qemu-block-drivers.texi \ - docs/qemu-cpu-models.texi + docs/qemu-cpu-models.texi docs/security.texi =20 docs/interop/qemu-ga-ref.dvi docs/interop/qemu-ga-ref.html \ docs/interop/qemu-ga-ref.info docs/interop/qemu-ga-ref.pdf \ diff --git a/docs/security.texi b/docs/security.texi new file mode 100644 index 0000000000..927764f1e6 --- /dev/null +++ b/docs/security.texi @@ -0,0 +1,131 @@ +@node Security +@chapter Security + +@section Overview + +This chapter explains the security requirements that QEMU is designed to m= eet +and principles for securely deploying QEMU. + +@section Security Requirements + +QEMU supports many different use cases, some of which have stricter securi= ty +requirements than others. The community has agreed on the overall security +requirements that users may depend on. These requirements define what is +considered supported from a security perspective. + +@subsection Virtualization Use Case + +The virtualization use case covers cloud and virtual private server (VPS) +hosting, as well as traditional data center and desktop virtualization. T= hese +use cases rely on hardware virtualization extensions to execute guest code +safely on the physical CPU at close-to-native speed. + +The following entities are untrusted, meaning that they may be buggy or +malicious: + +@itemize +@item Guest +@item User-facing interfaces (e.g. VNC, SPICE, WebSocket) +@item Network protocols (e.g. NBD, live migration) +@item User-supplied files (e.g. disk images, kernels, device trees) +@item Passthrough devices (e.g. PCI, USB) +@end itemize + +Bugs affecting these entities are evaluated on whether they can cause dama= ge in +real-world use cases and treated as security bugs if this is the case. + +@subsection Non-virtualization Use Case + +The non-virtualization use case covers emulation using the Tiny Code Gener= ator +(TCG). In principle the TCG and device emulation code used in conjunction= with +the non-virtualization use case should meet the same security requirements= as +the virtualization use case. However, for historical reasons much of the +non-virtualization use case code was not written with these security +requirements in mind. + +Bugs affecting the non-virtualization use case are not considered security +bugs at this time. Users with non-virtualization use cases must not rely = on +QEMU to provide guest isolation or any security guarantees. + +@section Architecture + +This section describes the design principles that ensure the security +requirements are met. + +@subsection Guest Isolation + +Guest isolation is the confinement of guest code to the virtual machine. = When +guest code gains control of execution on the host this is called escaping = the +virtual machine. Isolation also includes resource limits such as throttli= ng of +CPU, memory, disk, or network. Guests must be unable to exceed their reso= urce +limits. + +QEMU presents an attack surface to the guest in the form of emulated devic= es. +The guest must not be able to gain control of QEMU. Bugs in emulated devi= ces +could allow malicious guests to gain code execution in QEMU. At this poin= t the +guest has escaped the virtual machine and is able to act in the context of= the +QEMU process on the host. + +Guests often interact with other guests and share resources with them. A +malicious guest must not gain control of other guests or access their data. +Disk image files and network traffic must be protected from other guests u= nless +explicitly shared between them by the user. + +@subsection Principle of Least Privilege + +The principle of least privilege states that each component only has acces= s to +the privileges necessary for its function. In the case of QEMU this means= that +each process only has access to resources belonging to the guest. + +The QEMU process should not have access to any resources that are inaccess= ible +to the guest. This way the guest does not gain anything by escaping into = the +QEMU process since it already has access to those same resources from with= in +the guest. + +Following the principle of least privilege immediately fulfills guest isol= ation +requirements. For example, guest A only has access to its own disk image = file +@code{a.img} and not guest B's disk image file @code{b.img}. + +In reality certain resources are inaccessible to the guest but must be +available to QEMU to perform its function. For example, host system calls= are +necessary for QEMU but are not exposed to guests. A guest that escapes in= to +the QEMU process can then begin invoking host system calls. + +New features must be designed to follow the principle of least privilege. +Should this not be possible for technical reasons, the security risk must = be +clearly documented so users are aware of the trade-off of enabling the fea= ture. + +@subsection Isolation mechanisms + +Several isolation mechanisms are available to realize this architecture of +guest isolation and the principle of least privilege. With the exception = of +Linux seccomp, these mechanisms are all deployed by management tools that +launch QEMU, such as libvirt. They are also platform-specific so they are= only +described briefly for Linux here. + +The fundamental isolation mechanism is that QEMU processes must run as +unprivileged users. Sometimes it seems more convenient to launch QEMU as +root to give it access to host devices (e.g. @code{/dev/net/tun}) but this= poses a +huge security risk. File descriptor passing can be used to give an otherw= ise +unprivileged QEMU process access to host devices without running QEMU as r= oot. +It is also possible to launch QEMU as a non-root user and configure UNIX g= roups +for access to @code{/dev/kvm}, @code{/dev/net/tun}, and other device nodes. +Some Linux distros already ship with UNIX groups for these devices by defa= ult. + +@itemize +@item SELinux and AppArmor make it possible to confine processes beyond the +traditional UNIX process and file permissions model. They restrict the QE= MU +process from accessing processes and files on the host system that are not +needed by QEMU. + +@item Resource limits and cgroup controllers provide throughput and utiliz= ation +limits on key resources such as CPU time, memory, and I/O bandwidth. + +@item Linux namespaces can be used to make process, file system, and other= system +resources unavailable to QEMU. A namespaced QEMU process is restricted to= only +those resources that were granted to it. + +@item Linux seccomp is available via the QEMU @option{--sandbox} option. = It disables +system calls that are not needed by QEMU, thereby reducing the host kernel +attack surface. +@end itemize diff --git a/qemu-doc.texi b/qemu-doc.texi index ae3c3f9632..577d1e8376 100644 --- a/qemu-doc.texi +++ b/qemu-doc.texi @@ -38,6 +38,7 @@ * QEMU Guest Agent:: * QEMU User space emulator:: * System requirements:: +* Security:: * Implementation notes:: * Deprecated features:: * Supported build platforms:: @@ -2878,6 +2879,8 @@ added with Linux 4.5 which is supported by the major = distros. And even if RHEL7 has kernel 3.10, KVM there has the required functionality there to make it close to a 4.5 or newer kernel. =20 +@include docs/security.texi + @include qemu-tech.texi =20 @include qemu-deprecated.texi --=20 2.21.0