| 1 | Only thing for Arm for rc1 is RTH's fix for the KVM SVE probe code. | 1 | It's been quiet on the arm front this week, so all I have is |
|---|---|---|---|
| 2 | these coverity fixes I posted a while back... | ||
| 2 | 3 | ||
| 3 | -- PMM | 4 | -- PMM |
| 4 | 5 | ||
| 5 | The following changes since commit 4e06b3fc1b5e1ec03f22190eabe56891dc9c2236: | 6 | The following changes since commit 853546f8128476eefb701d4a55b2781bb3a46faa: |
| 6 | 7 | ||
| 7 | Merge tag 'pull-hex-20220731' of https://github.com/quic/qemu into staging (2022-07-31 21:38:54 -0700) | 8 | Merge tag 'pull-loongarch-20240322' of https://gitlab.com/gaosong/qemu into staging (2024-03-22 10:59:57 +0000) |
| 8 | 9 | ||
| 9 | are available in the Git repository at: | 10 | are available in the Git repository at: |
| 10 | 11 | ||
| 11 | https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20220801 | 12 | https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20240325 |
| 12 | 13 | ||
| 13 | for you to fetch changes up to 5265d24c981dfdda8d29b44f7e84a514da75eedc: | 14 | for you to fetch changes up to 55c79639d553c1b7a82b4cde781ad5f316f45b0e: |
| 14 | 15 | ||
| 15 | target/arm: Move sve probe inside kvm >= 4.15 branch (2022-08-01 16:21:18 +0100) | 16 | tests/qtest/libqtest.c: Check for g_setenv() failure (2024-03-25 10:41:01 +0000) |
| 16 | 17 | ||
| 17 | ---------------------------------------------------------------- | 18 | ---------------------------------------------------------------- |
| 18 | target-arm queue: | 19 | target-arm queue: |
| 19 | * Fix KVM SVE ID register probe code | 20 | * Fixes for seven minor coverity issues |
| 20 | 21 | ||
| 21 | ---------------------------------------------------------------- | 22 | ---------------------------------------------------------------- |
| 22 | Richard Henderson (3): | 23 | Peter Maydell (7): |
| 23 | target/arm: Use kvm_arm_sve_supported in kvm_arm_get_host_cpu_features | 24 | tests/qtest/npcm7xx_emc_test: Don't leak cmd_line |
| 24 | target/arm: Set KVM_ARM_VCPU_SVE while probing the host | 25 | tests/unit/socket-helpers: Don't close(-1) |
| 25 | target/arm: Move sve probe inside kvm >= 4.15 branch | 26 | net/af-xdp.c: Don't leak sock_fds array in net_init_af_xdp() |
| 27 | hw/misc/pca9554: Correct error check bounds in get/set pin functions | ||
| 28 | hw/nvram/mac_nvram: Report failure to write data | ||
| 29 | tests/unit/test-throttle: Avoid unintended integer division | ||
| 30 | tests/qtest/libqtest.c: Check for g_setenv() failure | ||
| 26 | 31 | ||
| 27 | target/arm/kvm64.c | 45 ++++++++++++++++++++++----------------------- | 32 | hw/misc/pca9554.c | 4 ++-- |
| 28 | 1 file changed, 22 insertions(+), 23 deletions(-) | 33 | hw/nvram/mac_nvram.c | 5 ++++- |
| 34 | net/af-xdp.c | 3 +-- | ||
| 35 | tests/qtest/libqtest.c | 6 +++++- | ||
| 36 | tests/qtest/npcm7xx_emc-test.c | 4 ++-- | ||
| 37 | tests/unit/socket-helpers.c | 4 +++- | ||
| 38 | tests/unit/test-throttle.c | 4 ++-- | ||
| 39 | 7 files changed, 19 insertions(+), 11 deletions(-) | diff view generated by jsdifflib |
New patch | |||
|---|---|---|---|
| 1 | In test_rx() and test_tx() we allocate a GString *cmd_line | ||
| 2 | but never free it. This is pretty harmless in a test case, but | ||
| 3 | Coverity spotted it. | ||
| 1 | 4 | ||
| 5 | Resolves: Coverity CID 1507122 | ||
| 6 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 7 | Reviewed-by: Richard Henderson <richard.henderson@linaro.org> | ||
| 8 | Reviewed-by: Thomas Huth <thuth@redhat.com> | ||
| 9 | Message-id: 20240312183810.557768-2-peter.maydell@linaro.org | ||
| 10 | --- | ||
| 11 | tests/qtest/npcm7xx_emc-test.c | 4 ++-- | ||
| 12 | 1 file changed, 2 insertions(+), 2 deletions(-) | ||
| 13 | |||
| 14 | diff --git a/tests/qtest/npcm7xx_emc-test.c b/tests/qtest/npcm7xx_emc-test.c | ||
| 15 | index XXXXXXX..XXXXXXX 100644 | ||
| 16 | --- a/tests/qtest/npcm7xx_emc-test.c | ||
| 17 | +++ b/tests/qtest/npcm7xx_emc-test.c | ||
| 18 | @@ -XXX,XX +XXX,XX @@ static void emc_test_ptle(QTestState *qts, const EMCModule *mod, int fd) | ||
| 19 | static void test_tx(gconstpointer test_data) | ||
| 20 | { | ||
| 21 | const TestData *td = test_data; | ||
| 22 | - GString *cmd_line = g_string_new("-machine quanta-gsj"); | ||
| 23 | + g_autoptr(GString) cmd_line = g_string_new("-machine quanta-gsj"); | ||
| 24 | int *test_sockets = packet_test_init(emc_module_index(td->module), | ||
| 25 | cmd_line); | ||
| 26 | QTestState *qts = qtest_init(cmd_line->str); | ||
| 27 | @@ -XXX,XX +XXX,XX @@ static void test_tx(gconstpointer test_data) | ||
| 28 | static void test_rx(gconstpointer test_data) | ||
| 29 | { | ||
| 30 | const TestData *td = test_data; | ||
| 31 | - GString *cmd_line = g_string_new("-machine quanta-gsj"); | ||
| 32 | + g_autoptr(GString) cmd_line = g_string_new("-machine quanta-gsj"); | ||
| 33 | int *test_sockets = packet_test_init(emc_module_index(td->module), | ||
| 34 | cmd_line); | ||
| 35 | QTestState *qts = qtest_init(cmd_line->str); | ||
| 36 | -- | ||
| 37 | 2.34.1 | diff view generated by jsdifflib |
New patch | |||
|---|---|---|---|
| 1 | In socket_check_afunix_support() we call socket(PF_UNIX, SOCK_STREAM, 0) | ||
| 2 | to see if it works, but we call close() on the result whether it | ||
| 3 | worked or not. Only close the fd if the socket() call succeeded. | ||
| 4 | Spotted by Coverity. | ||
| 1 | 5 | ||
| 6 | Resolves: Coverity CID 1497481 | ||
| 7 | |||
| 8 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 9 | Reviewed-by: Richard Henderson <richard.henderson@linaro.org> | ||
| 10 | Reviewed-by: Thomas Huth <thuth@redhat.com> | ||
| 11 | Message-id: 20240312183810.557768-3-peter.maydell@linaro.org | ||
| 12 | --- | ||
| 13 | tests/unit/socket-helpers.c | 4 +++- | ||
| 14 | 1 file changed, 3 insertions(+), 1 deletion(-) | ||
| 15 | |||
| 16 | diff --git a/tests/unit/socket-helpers.c b/tests/unit/socket-helpers.c | ||
| 17 | index XXXXXXX..XXXXXXX 100644 | ||
| 18 | --- a/tests/unit/socket-helpers.c | ||
| 19 | +++ b/tests/unit/socket-helpers.c | ||
| 20 | @@ -XXX,XX +XXX,XX @@ void socket_check_afunix_support(bool *has_afunix) | ||
| 21 | int fd; | ||
| 22 | |||
| 23 | fd = socket(PF_UNIX, SOCK_STREAM, 0); | ||
| 24 | - close(fd); | ||
| 25 | |||
| 26 | #ifdef _WIN32 | ||
| 27 | *has_afunix = (fd != (int)INVALID_SOCKET); | ||
| 28 | @@ -XXX,XX +XXX,XX @@ void socket_check_afunix_support(bool *has_afunix) | ||
| 29 | *has_afunix = (fd >= 0); | ||
| 30 | #endif | ||
| 31 | |||
| 32 | + if (*has_afunix) { | ||
| 33 | + close(fd); | ||
| 34 | + } | ||
| 35 | return; | ||
| 36 | } | ||
| 37 | -- | ||
| 38 | 2.34.1 | diff view generated by jsdifflib |
New patch | |||
|---|---|---|---|
| 1 | In net_init_af_xdp() we parse the arguments and allocate | ||
| 2 | a buffer of ints into sock_fds. However, although we | ||
| 3 | free this in the error exit path, we don't ever free it | ||
| 4 | in the successful return path. Coverity spots this leak. | ||
| 1 | 5 | ||
| 6 | Switch to g_autofree so we don't need to manually free the | ||
| 7 | array. | ||
| 8 | |||
| 9 | Resolves: Coverity CID 1534906 | ||
| 10 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 11 | Reviewed-by: Richard Henderson <richard.henderson@linaro.org> | ||
| 12 | Reviewed-by: Thomas Huth <thuth@redhat.com> | ||
| 13 | Message-id: 20240312183810.557768-4-peter.maydell@linaro.org | ||
| 14 | --- | ||
| 15 | net/af-xdp.c | 3 +-- | ||
| 16 | 1 file changed, 1 insertion(+), 2 deletions(-) | ||
| 17 | |||
| 18 | diff --git a/net/af-xdp.c b/net/af-xdp.c | ||
| 19 | index XXXXXXX..XXXXXXX 100644 | ||
| 20 | --- a/net/af-xdp.c | ||
| 21 | +++ b/net/af-xdp.c | ||
| 22 | @@ -XXX,XX +XXX,XX @@ int net_init_af_xdp(const Netdev *netdev, | ||
| 23 | NetClientState *nc, *nc0 = NULL; | ||
| 24 | unsigned int ifindex; | ||
| 25 | uint32_t prog_id = 0; | ||
| 26 | - int *sock_fds = NULL; | ||
| 27 | + g_autofree int *sock_fds = NULL; | ||
| 28 | int64_t i, queues; | ||
| 29 | Error *err = NULL; | ||
| 30 | AFXDPState *s; | ||
| 31 | @@ -XXX,XX +XXX,XX @@ int net_init_af_xdp(const Netdev *netdev, | ||
| 32 | return 0; | ||
| 33 | |||
| 34 | err: | ||
| 35 | - g_free(sock_fds); | ||
| 36 | if (nc0) { | ||
| 37 | qemu_del_net_client(nc0); | ||
| 38 | } | ||
| 39 | -- | ||
| 40 | 2.34.1 | diff view generated by jsdifflib |
New patch | |||
|---|---|---|---|
| 1 | In pca9554_get_pin() and pca9554_set_pin(), we try to detect an | ||
| 2 | incorrect pin value, but we get the condition wrong, using ">" | ||
| 3 | when ">=" was intended. | ||
| 1 | 4 | ||
| 5 | This has no actual effect, because in pca9554_initfn() we | ||
| 6 | use the correct test when creating the properties and so | ||
| 7 | we'll never be called with an out of range value. However, | ||
| 8 | Coverity complains about the mismatch between the check and | ||
| 9 | the later use of the pin value in a shift operation. | ||
| 10 | |||
| 11 | Use the correct condition. | ||
| 12 | |||
| 13 | Resolves: Coverity CID 1534917 | ||
| 14 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 15 | Reviewed-by: Richard Henderson <richard.henderson@linaro.org> | ||
| 16 | Reviewed-by: Thomas Huth <thuth@redhat.com> | ||
| 17 | Message-id: 20240312183810.557768-5-peter.maydell@linaro.org | ||
| 18 | --- | ||
| 19 | hw/misc/pca9554.c | 4 ++-- | ||
| 20 | 1 file changed, 2 insertions(+), 2 deletions(-) | ||
| 21 | |||
| 22 | diff --git a/hw/misc/pca9554.c b/hw/misc/pca9554.c | ||
| 23 | index XXXXXXX..XXXXXXX 100644 | ||
| 24 | --- a/hw/misc/pca9554.c | ||
| 25 | +++ b/hw/misc/pca9554.c | ||
| 26 | @@ -XXX,XX +XXX,XX @@ static void pca9554_get_pin(Object *obj, Visitor *v, const char *name, | ||
| 27 | error_setg(errp, "%s: error reading %s", __func__, name); | ||
| 28 | return; | ||
| 29 | } | ||
| 30 | - if (pin < 0 || pin > PCA9554_PIN_COUNT) { | ||
| 31 | + if (pin < 0 || pin >= PCA9554_PIN_COUNT) { | ||
| 32 | error_setg(errp, "%s invalid pin %s", __func__, name); | ||
| 33 | return; | ||
| 34 | } | ||
| 35 | @@ -XXX,XX +XXX,XX @@ static void pca9554_set_pin(Object *obj, Visitor *v, const char *name, | ||
| 36 | error_setg(errp, "%s: error reading %s", __func__, name); | ||
| 37 | return; | ||
| 38 | } | ||
| 39 | - if (pin < 0 || pin > PCA9554_PIN_COUNT) { | ||
| 40 | + if (pin < 0 || pin >= PCA9554_PIN_COUNT) { | ||
| 41 | error_setg(errp, "%s invalid pin %s", __func__, name); | ||
| 42 | return; | ||
| 43 | } | ||
| 44 | -- | ||
| 45 | 2.34.1 | diff view generated by jsdifflib |
| 1 | From: Richard Henderson <richard.henderson@linaro.org> | 1 | There's no way for the macio_nvram device to report failure to write |
|---|---|---|---|
| 2 | data, but we can at least report it to the user with error_report() | ||
| 3 | as we do in other devices like xlnx-efuse. | ||
| 2 | 4 | ||
| 3 | The test for the IF block indicates no ID registers are exposed, much | 5 | Spotted by Coverity. |
| 4 | less host support for SVE. Move the SVE probe into the ELSE block. | ||
| 5 | 6 | ||
| 6 | Signed-off-by: Richard Henderson <richard.henderson@linaro.org> | 7 | Resolves: Coverity CID 1507628 |
| 7 | Message-id: 20220726045828.53697-4-richard.henderson@linaro.org | ||
| 8 | Reviewed-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 9 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> | 8 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> |
| 9 | Reviewed-by: Richard Henderson <richard.henderson@linaro.org> | ||
| 10 | Reviewed-by: Thomas Huth <thuth@redhat.com> | ||
| 11 | Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> | ||
| 12 | Message-id: 20240312183810.557768-6-peter.maydell@linaro.org | ||
| 10 | --- | 13 | --- |
| 11 | target/arm/kvm64.c | 22 +++++++++++----------- | 14 | hw/nvram/mac_nvram.c | 5 ++++- |
| 12 | 1 file changed, 11 insertions(+), 11 deletions(-) | 15 | 1 file changed, 4 insertions(+), 1 deletion(-) |
| 13 | 16 | ||
| 14 | diff --git a/target/arm/kvm64.c b/target/arm/kvm64.c | 17 | diff --git a/hw/nvram/mac_nvram.c b/hw/nvram/mac_nvram.c |
| 15 | index XXXXXXX..XXXXXXX 100644 | 18 | index XXXXXXX..XXXXXXX 100644 |
| 16 | --- a/target/arm/kvm64.c | 19 | --- a/hw/nvram/mac_nvram.c |
| 17 | +++ b/target/arm/kvm64.c | 20 | +++ b/hw/nvram/mac_nvram.c |
| 18 | @@ -XXX,XX +XXX,XX @@ bool kvm_arm_get_host_cpu_features(ARMHostCPUFeatures *ahcf) | 21 | @@ -XXX,XX +XXX,XX @@ static void macio_nvram_writeb(void *opaque, hwaddr addr, |
| 19 | err |= read_sys_reg64(fdarray[2], &ahcf->isar.reset_pmcr_el0, | 22 | trace_macio_nvram_write(addr, value); |
| 20 | ARM64_SYS_REG(3, 3, 9, 12, 0)); | 23 | s->data[addr] = value; |
| 21 | } | 24 | if (s->blk) { |
| 22 | - } | 25 | - blk_pwrite(s->blk, addr, 1, &s->data[addr], 0); |
| 23 | 26 | + if (blk_pwrite(s->blk, addr, 1, &s->data[addr], 0) < 0) { | |
| 24 | - if (sve_supported) { | 27 | + error_report("%s: write of NVRAM data to backing store failed", |
| 25 | - /* | 28 | + blk_name(s->blk)); |
| 26 | - * There is a range of kernels between kernel commit 73433762fcae | ||
| 27 | - * and f81cb2c3ad41 which have a bug where the kernel doesn't expose | ||
| 28 | - * SYS_ID_AA64ZFR0_EL1 via the ONE_REG API unless the VM has enabled | ||
| 29 | - * SVE support, which resulted in an error rather than RAZ. | ||
| 30 | - * So only read the register if we set KVM_ARM_VCPU_SVE above. | ||
| 31 | - */ | ||
| 32 | - err |= read_sys_reg64(fdarray[2], &ahcf->isar.id_aa64zfr0, | ||
| 33 | - ARM64_SYS_REG(3, 0, 0, 4, 4)); | ||
| 34 | + if (sve_supported) { | ||
| 35 | + /* | ||
| 36 | + * There is a range of kernels between kernel commit 73433762fcae | ||
| 37 | + * and f81cb2c3ad41 which have a bug where the kernel doesn't | ||
| 38 | + * expose SYS_ID_AA64ZFR0_EL1 via the ONE_REG API unless the VM has | ||
| 39 | + * enabled SVE support, which resulted in an error rather than RAZ. | ||
| 40 | + * So only read the register if we set KVM_ARM_VCPU_SVE above. | ||
| 41 | + */ | ||
| 42 | + err |= read_sys_reg64(fdarray[2], &ahcf->isar.id_aa64zfr0, | ||
| 43 | + ARM64_SYS_REG(3, 0, 0, 4, 4)); | ||
| 44 | + } | 29 | + } |
| 45 | } | 30 | } |
| 46 | 31 | } | |
| 47 | kvm_arm_destroy_scratch_host_vcpu(fdarray); | 32 | |
| 48 | -- | 33 | -- |
| 49 | 2.25.1 | 34 | 2.34.1 |
| 35 | |||
| 36 | diff view generated by jsdifflib |
| 1 | From: Richard Henderson <richard.henderson@linaro.org> | 1 | In test_compute_wait() we do |
|---|---|---|---|
| 2 | double units = bkt.max / 10; | ||
| 3 | which does an integer division and then assigns it to a double variable, | ||
| 4 | and similarly later on in the expression for an assertion. | ||
| 2 | 5 | ||
| 3 | Because we weren't setting this flag, our probe of ID_AA64ZFR0 | 6 | Use 10.0 so that we do a floating point division and calculate the |
| 4 | was always returning zero. This also obviates the adjustment | 7 | exact value, rather than doing an integer division. |
| 5 | of ID_AA64PFR0, which had sanitized the SVE field. | ||
| 6 | 8 | ||
| 7 | The effects of the bug are not visible, because the only thing that | 9 | Spotted by Coverity. |
| 8 | ID_AA64ZFR0 is used for within qemu at present is tcg translation. | ||
| 9 | The other tests for SVE within KVM are via ID_AA64PFR0.SVE. | ||
| 10 | 10 | ||
| 11 | Reported-by: Zenghui Yu <yuzenghui@huawei.com> | 11 | Resolves: Coverity CID 1432564 |
| 12 | Signed-off-by: Richard Henderson <richard.henderson@linaro.org> | ||
| 13 | Message-id: 20220726045828.53697-3-richard.henderson@linaro.org | ||
| 14 | Reviewed-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 15 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> | 12 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> |
| 13 | Reviewed-by: Richard Henderson <richard.henderson@linaro.org> | ||
| 14 | Reviewed-by: Thomas Huth <thuth@redhat.com> | ||
| 15 | Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> | ||
| 16 | Message-id: 20240312183810.557768-7-peter.maydell@linaro.org | ||
| 16 | --- | 17 | --- |
| 17 | target/arm/kvm64.c | 27 +++++++++++++-------------- | 18 | tests/unit/test-throttle.c | 4 ++-- |
| 18 | 1 file changed, 13 insertions(+), 14 deletions(-) | 19 | 1 file changed, 2 insertions(+), 2 deletions(-) |
| 19 | 20 | ||
| 20 | diff --git a/target/arm/kvm64.c b/target/arm/kvm64.c | 21 | diff --git a/tests/unit/test-throttle.c b/tests/unit/test-throttle.c |
| 21 | index XXXXXXX..XXXXXXX 100644 | 22 | index XXXXXXX..XXXXXXX 100644 |
| 22 | --- a/target/arm/kvm64.c | 23 | --- a/tests/unit/test-throttle.c |
| 23 | +++ b/target/arm/kvm64.c | 24 | +++ b/tests/unit/test-throttle.c |
| 24 | @@ -XXX,XX +XXX,XX @@ bool kvm_arm_get_host_cpu_features(ARMHostCPUFeatures *ahcf) | 25 | @@ -XXX,XX +XXX,XX @@ static void test_compute_wait(void) |
| 25 | bool sve_supported; | 26 | bkt.avg = 10; |
| 26 | bool pmu_supported = false; | 27 | bkt.max = 200; |
| 27 | uint64_t features = 0; | 28 | for (i = 0; i < 22; i++) { |
| 28 | - uint64_t t; | 29 | - double units = bkt.max / 10; |
| 29 | int err; | 30 | + double units = bkt.max / 10.0; |
| 30 | 31 | bkt.level += units; | |
| 31 | /* Old kernels may not know about the PREFERRED_TARGET ioctl: however | 32 | bkt.burst_level += units; |
| 32 | @@ -XXX,XX +XXX,XX @@ bool kvm_arm_get_host_cpu_features(ARMHostCPUFeatures *ahcf) | 33 | throttle_leak_bucket(&bkt, NANOSECONDS_PER_SECOND / 10); |
| 33 | struct kvm_vcpu_init init = { .target = -1, }; | 34 | wait = throttle_compute_wait(&bkt); |
| 34 | 35 | g_assert(double_cmp(bkt.burst_level, 0)); | |
| 35 | /* | 36 | - g_assert(double_cmp(bkt.level, (i + 1) * (bkt.max - bkt.avg) / 10)); |
| 36 | - * Ask for Pointer Authentication if supported. We can't play the | 37 | + g_assert(double_cmp(bkt.level, (i + 1) * (bkt.max - bkt.avg) / 10.0)); |
| 37 | - * SVE trick of synthesising the ID reg as KVM won't tell us | 38 | /* We can do bursts for the 2 seconds we have configured in |
| 38 | - * whether we have the architected or IMPDEF version of PAuth, so | 39 | * burst_length. We have 100 extra milliseconds of burst |
| 39 | - * we have to use the actual ID regs. | 40 | * because bkt.level has been leaking during this time. |
| 40 | + * Ask for SVE if supported, so that we can query ID_AA64ZFR0, | ||
| 41 | + * which is otherwise RAZ. | ||
| 42 | + */ | ||
| 43 | + sve_supported = kvm_arm_sve_supported(); | ||
| 44 | + if (sve_supported) { | ||
| 45 | + init.features[0] |= 1 << KVM_ARM_VCPU_SVE; | ||
| 46 | + } | ||
| 47 | + | ||
| 48 | + /* | ||
| 49 | + * Ask for Pointer Authentication if supported, so that we get | ||
| 50 | + * the unsanitized field values for AA64ISAR1_EL1. | ||
| 51 | */ | ||
| 52 | if (kvm_arm_pauth_supported()) { | ||
| 53 | init.features[0] |= (1 << KVM_ARM_VCPU_PTRAUTH_ADDRESS | | ||
| 54 | @@ -XXX,XX +XXX,XX @@ bool kvm_arm_get_host_cpu_features(ARMHostCPUFeatures *ahcf) | ||
| 55 | } | ||
| 56 | } | ||
| 57 | |||
| 58 | - sve_supported = kvm_arm_sve_supported(); | ||
| 59 | - | ||
| 60 | - /* Add feature bits that can't appear until after VCPU init. */ | ||
| 61 | if (sve_supported) { | ||
| 62 | - t = ahcf->isar.id_aa64pfr0; | ||
| 63 | - t = FIELD_DP64(t, ID_AA64PFR0, SVE, 1); | ||
| 64 | - ahcf->isar.id_aa64pfr0 = t; | ||
| 65 | - | ||
| 66 | /* | ||
| 67 | * There is a range of kernels between kernel commit 73433762fcae | ||
| 68 | * and f81cb2c3ad41 which have a bug where the kernel doesn't expose | ||
| 69 | * SYS_ID_AA64ZFR0_EL1 via the ONE_REG API unless the VM has enabled | ||
| 70 | - * SVE support, so we only read it here, rather than together with all | ||
| 71 | - * the other ID registers earlier. | ||
| 72 | + * SVE support, which resulted in an error rather than RAZ. | ||
| 73 | + * So only read the register if we set KVM_ARM_VCPU_SVE above. | ||
| 74 | */ | ||
| 75 | err |= read_sys_reg64(fdarray[2], &ahcf->isar.id_aa64zfr0, | ||
| 76 | ARM64_SYS_REG(3, 0, 0, 4, 4)); | ||
| 77 | -- | 41 | -- |
| 78 | 2.25.1 | 42 | 2.34.1 |
| 43 | |||
| 44 | diff view generated by jsdifflib |
| 1 | From: Richard Henderson <richard.henderson@linaro.org> | 1 | Coverity points out that g_setenv() can fail and we don't |
|---|---|---|---|
| 2 | check for this in qtest_inproc_init(). In practice this will | ||
| 3 | only fail if a memory allocation failed in setenv() or if | ||
| 4 | the caller passed an invalid architecture name (e.g. one | ||
| 5 | with an '=' in it), so rather than requiring the callsite | ||
| 6 | to check for failure, make g_setenv() failure fatal here, | ||
| 7 | similarly to what we did in commit aca68d95c515. | ||
| 2 | 8 | ||
| 3 | Indication for support for SVE will not depend on whether we | 9 | Resolves: Coverity CID 1497485 |
| 4 | perform the query on the main kvm_state or the temp vcpu. | 10 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> |
| 11 | Reviewed-by: Richard Henderson <richard.henderson@linaro.org> | ||
| 12 | Reviewed-by: Thomas Huth <thuth@redhat.com> | ||
| 13 | Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> | ||
| 14 | Message-id: 20240312183810.557768-8-peter.maydell@linaro.org | ||
| 15 | --- | ||
| 16 | tests/qtest/libqtest.c | 6 +++++- | ||
| 17 | 1 file changed, 5 insertions(+), 1 deletion(-) | ||
| 5 | 18 | ||
| 6 | Signed-off-by: Richard Henderson <richard.henderson@linaro.org> | 19 | diff --git a/tests/qtest/libqtest.c b/tests/qtest/libqtest.c |
| 7 | Message-id: 20220726045828.53697-2-richard.henderson@linaro.org | 20 | index XXXXXXX..XXXXXXX 100644 |
| 8 | Reviewed-by: Peter Maydell <peter.maydell@linaro.org> | 21 | --- a/tests/qtest/libqtest.c |
| 9 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> | 22 | +++ b/tests/qtest/libqtest.c |
| 10 | --- | 23 | @@ -XXX,XX +XXX,XX @@ QTestState *qtest_inproc_init(QTestState **s, bool log, const char* arch, |
| 11 | target/arm/kvm64.c | 2 +- | 24 | * way, qtest_get_arch works for inproc qtest. |
| 12 | 1 file changed, 1 insertion(+), 1 deletion(-) | 25 | */ |
| 26 | gchar *bin_path = g_strconcat("/qemu-system-", arch, NULL); | ||
| 27 | - g_setenv("QTEST_QEMU_BINARY", bin_path, 0); | ||
| 28 | + if (!g_setenv("QTEST_QEMU_BINARY", bin_path, 0)) { | ||
| 29 | + fprintf(stderr, | ||
| 30 | + "Could not set environment variable QTEST_QEMU_BINARY\n"); | ||
| 31 | + exit(1); | ||
| 32 | + } | ||
| 33 | g_free(bin_path); | ||
| 34 | |||
| 35 | return qts; | ||
| 36 | -- | ||
| 37 | 2.34.1 | ||
| 13 | 38 | ||
| 14 | diff --git a/target/arm/kvm64.c b/target/arm/kvm64.c | 39 | |
| 15 | index XXXXXXX..XXXXXXX 100644 | ||
| 16 | --- a/target/arm/kvm64.c | ||
| 17 | +++ b/target/arm/kvm64.c | ||
| 18 | @@ -XXX,XX +XXX,XX @@ bool kvm_arm_get_host_cpu_features(ARMHostCPUFeatures *ahcf) | ||
| 19 | } | ||
| 20 | } | ||
| 21 | |||
| 22 | - sve_supported = ioctl(fdarray[0], KVM_CHECK_EXTENSION, KVM_CAP_ARM_SVE) > 0; | ||
| 23 | + sve_supported = kvm_arm_sve_supported(); | ||
| 24 | |||
| 25 | /* Add feature bits that can't appear until after VCPU init. */ | ||
| 26 | if (sve_supported) { | ||
| 27 | -- | ||
| 28 | 2.25.1 | diff view generated by jsdifflib |