From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552136056778.9551448783232; Wed, 21 Feb 2024 13:48:56 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuR8-0000hx-F4; Wed, 21 Feb 2024 16:47:30 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuR6-0000f3-Kj; Wed, 21 Feb 2024 16:47:28 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuR4-0007K2-H0; Wed, 21 Feb 2024 16:47:28 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 03AC84F85D; Thu, 22 Feb 2024 00:47:46 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id A2820869DE; Thu, 22 Feb 2024 00:47:23 +0300 (MSK) Received: (nullmailer pid 2339826 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Fabiano Rosas , Peter Xu , Michael Tokarev Subject: [Stable-7.2.10 01/33] migration: Fix use-after-free of migration state object Date: Thu, 22 Feb 2024 00:46:44 +0300 Message-Id: <20240221214723.2339742-1-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552136724100001 Content-Type: text/plain; charset="utf-8" From: Fabiano Rosas We're currently allowing the process_incoming_migration_bh bottom-half to run without holding a reference to the 'current_migration' object, which leads to a segmentation fault if the BH is still live after migration_shutdown() has dropped the last reference to current_migration. In my system the bug manifests as migrate_multifd() returning true when it shouldn't and multifd_load_shutdown() calling multifd_recv_terminate_threads() which crashes due to an uninitialized multifd_recv_state. Fix the issue by holding a reference to the object when scheduling the BH and dropping it before returning from the BH. The same is already done for the cleanup_bh at migrate_fd_cleanup_schedule(). Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1969 Signed-off-by: Fabiano Rosas Link: https://lore.kernel.org/r/20240119233922.32588-2-farosas@suse.de Signed-off-by: Peter Xu (cherry picked from commit 27eb8499edb2bc952c29ddae0bdac9fc959bf7b1) Signed-off-by: Michael Tokarev diff --git a/migration/migration.c b/migration/migration.c index c8ca7927b4..9b496cce1d 100644 --- a/migration/migration.c +++ b/migration/migration.c @@ -572,6 +572,7 @@ static void process_incoming_migration_bh(void *opaque) MIGRATION_STATUS_COMPLETED); qemu_bh_delete(mis->bh); migration_incoming_state_destroy(); + object_unref(OBJECT(migrate_get_current())); } =20 static void coroutine_fn @@ -638,6 +639,7 @@ process_incoming_migration_co(void *opaque) goto fail; } mis->bh =3D qemu_bh_new(process_incoming_migration_bh, mis); + object_ref(OBJECT(migrate_get_current())); qemu_bh_schedule(mis->bh); mis->migration_incoming_co =3D NULL; return; --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552114664464.6037991731108; Wed, 21 Feb 2024 13:48:34 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuRC-0000ju-EF; Wed, 21 Feb 2024 16:47:34 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuRA-0000jI-Pn; Wed, 21 Feb 2024 16:47:32 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuR8-0007Kf-1L; Wed, 21 Feb 2024 16:47:31 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 118BE4F85E; Thu, 22 Feb 2024 00:47:46 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id B187A869DF; Thu, 22 Feb 2024 00:47:23 +0300 (MSK) Received: (nullmailer pid 2339829 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Yihuan Pan , Michael Tokarev Subject: [Stable-7.2.10 02/33] qemu-docs: Update options for graphical frontends Date: Thu, 22 Feb 2024 00:46:45 +0300 Message-Id: <20240221214723.2339742-2-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552116675100013 Content-Type: text/plain; charset="utf-8" From: Yihuan Pan The command line options `-ctrl-grab` and `-alt-grab` have been removed in QEMU 7.1. Instead, use the `-display sdl,grab-mod=3D` option to specify the grab modifiers. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2103 Signed-off-by: Yihuan Pan Signed-off-by: Michael Tokarev (cherry picked from commit db101376af52e81f740a27f5fa38260ad171323c) diff --git a/docs/system/keys.rst.inc b/docs/system/keys.rst.inc index bd9b8e5f6f..2e2c97aa23 100644 --- a/docs/system/keys.rst.inc +++ b/docs/system/keys.rst.inc @@ -1,8 +1,9 @@ -During the graphical emulation, you can use special key combinations to -change modes. The default key mappings are shown below, but if you use -``-alt-grab`` then the modifier is Ctrl-Alt-Shift (instead of Ctrl-Alt) -and if you use ``-ctrl-grab`` then the modifier is the right Ctrl key -(instead of Ctrl-Alt): +During the graphical emulation, you can use special key combinations from +the following table to change modes. By default the modifier is Ctrl-Alt +(used in the table below) which can be changed with ``-display`` suboption +``mod=3D`` where appropriate. For example, ``-display sdl, +grab-mod=3Dlshift-lctrl-lalt`` changes the modifier key to Ctrl-Alt-Shift, +while ``-display sdl,grab-mod=3Drctrl`` changes it to the right Ctrl key. =20 Ctrl-Alt-f Toggle full screen --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552329601102.8321808115453; Wed, 21 Feb 2024 13:52:09 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuRD-0000kQ-9D; Wed, 21 Feb 2024 16:47:35 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuRB-0000jf-PT; Wed, 21 Feb 2024 16:47:33 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuR9-0007Kq-3P; Wed, 21 Feb 2024 16:47:33 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 20F764F85F; Thu, 22 Feb 2024 00:47:46 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id BF8E0869E0; Thu, 22 Feb 2024 00:47:23 +0300 (MSK) Received: (nullmailer pid 2339832 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, "Richard W.M. Jones" , Stefan Hajnoczi , Michael Tokarev Subject: [Stable-7.2.10 03/33] block/blkio: Make s->mem_region_alignment be 64 bits Date: Thu, 22 Feb 2024 00:46:46 +0300 Message-Id: <20240221214723.2339742-3-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552331276100005 From: "Richard W.M. Jones" With GCC 14 the code failed to compile on i686 (and was wrong for any version of GCC): ../block/blkio.c: In function =E2=80=98blkio_file_open=E2=80=99: ../block/blkio.c:857:28: error: passing argument 3 of =E2=80=98blkio_get_ui= nt64=E2=80=99 from incompatible pointer type [-Wincompatible-pointer-types] 857 | &s->mem_region_alignment); | ^~~~~~~~~~~~~~~~~~~~~~~~ | | | size_t * {aka unsigned int *} In file included from ../block/blkio.c:12: /usr/include/blkio.h:49:67: note: expected =E2=80=98uint64_t *=E2=80=99 {ak= a =E2=80=98long long unsigned int *=E2=80=99} but argument is of type =E2= =80=98size_t *=E2=80=99 {aka =E2=80=98unsigned int *=E2=80=99} 49 | int blkio_get_uint64(struct blkio *b, const char *name, uint64_t *v= alue); | ~~~~~~~~~~^= ~~~~ Signed-off-by: Richard W.M. Jones Message-id: 20240130122006.2977938-1-rjones@redhat.com Signed-off-by: Stefan Hajnoczi (cherry picked from commit 615eaeab3d318ba239d54141a4251746782f65c1) Signed-off-by: Michael Tokarev diff --git a/block/blkio.c b/block/blkio.c index 5eae3adfaf..cb66160268 100644 --- a/block/blkio.c +++ b/block/blkio.c @@ -74,7 +74,7 @@ typedef struct { CoQueue bounce_available; =20 /* The value of the "mem-region-alignment" property */ - size_t mem_region_alignment; + uint64_t mem_region_alignment; =20 /* Can we skip adding/deleting blkio_mem_regions? */ bool needs_mem_regions; --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552138534404.59044092218164; Wed, 21 Feb 2024 13:48:58 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuRE-0000kw-E5; Wed, 21 Feb 2024 16:47:36 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuRD-0000kP-1o; Wed, 21 Feb 2024 16:47:35 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuRB-0007LA-5K; Wed, 21 Feb 2024 16:47:34 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 323874F860; Thu, 22 Feb 2024 00:47:46 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id CF522869E1; Thu, 22 Feb 2024 00:47:23 +0300 (MSK) Received: (nullmailer pid 2339835 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, =?UTF-8?q?Jan=20Kl=C3=B6tzke?= , Richard Henderson , Peter Maydell , Michael Tokarev Subject: [Stable-7.2.10 04/33] target/arm: fix exception syndrome for AArch32 bkpt insn Date: Thu, 22 Feb 2024 00:46:47 +0300 Message-Id: <20240221214723.2339742-4-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552140742100003 From: Jan Kl=C3=B6tzke Debug exceptions that target AArch32 Hyp mode are reported differently than on AAarch64. Internally, Qemu uses the AArch64 syndromes. Therefore such exceptions need to be either converted to a prefetch abort (breakpoints, vector catch) or a data abort (watchpoints). Cc: qemu-stable@nongnu.org Signed-off-by: Jan Kl=C3=B6tzke Reviewed-by: Richard Henderson Message-id: 20240127202758.3326381-1-jan.kloetzke@kernkonzept.com Signed-off-by: Peter Maydell (cherry picked from commit f670be1aad33e801779af580398895b9455747ee) Signed-off-by: Michael Tokarev diff --git a/target/arm/helper.c b/target/arm/helper.c index 02cfeece45..343acfab3a 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -9836,6 +9836,24 @@ static void arm_cpu_do_interrupt_aarch32(CPUState *c= s) } =20 if (env->exception.target_el =3D=3D 2) { + /* Debug exceptions are reported differently on AArch32 */ + switch (syn_get_ec(env->exception.syndrome)) { + case EC_BREAKPOINT: + case EC_BREAKPOINT_SAME_EL: + case EC_AA32_BKPT: + case EC_VECTORCATCH: + env->exception.syndrome =3D syn_insn_abort(arm_current_el(env)= =3D=3D 2, + 0, 0, 0x22); + break; + case EC_WATCHPOINT: + env->exception.syndrome =3D syn_set_ec(env->exception.syndrome, + EC_DATAABORT); + break; + case EC_WATCHPOINT_SAME_EL: + env->exception.syndrome =3D syn_set_ec(env->exception.syndrome, + EC_DATAABORT_SAME_EL); + break; + } arm_cpu_do_interrupt_aarch32_hyp(cs); return; } diff --git a/target/arm/syndrome.h b/target/arm/syndrome.h index 15334a3d15..75a3327a30 100644 --- a/target/arm/syndrome.h +++ b/target/arm/syndrome.h @@ -25,6 +25,8 @@ #ifndef TARGET_ARM_SYNDROME_H #define TARGET_ARM_SYNDROME_H =20 +#include "qemu/bitops.h" + /* Valid Syndrome Register EC field values */ enum arm_exception_class { EC_UNCATEGORIZED =3D 0x00, @@ -76,6 +78,7 @@ typedef enum { SME_ET_InactiveZA, } SMEExceptionType; =20 +#define ARM_EL_EC_LENGTH 6 #define ARM_EL_EC_SHIFT 26 #define ARM_EL_IL_SHIFT 25 #define ARM_EL_ISV_SHIFT 24 @@ -87,6 +90,11 @@ static inline uint32_t syn_get_ec(uint32_t syn) return syn >> ARM_EL_EC_SHIFT; } =20 +static inline uint32_t syn_set_ec(uint32_t syn, uint32_t ec) +{ + return deposit32(syn, ARM_EL_EC_SHIFT, ARM_EL_EC_LENGTH, ec); +} + /* * Utility functions for constructing various kinds of syndrome value. * Note that in general we follow the AArch64 syndrome values; in a --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552246511629.6517005653876; Wed, 21 Feb 2024 13:50:46 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuRG-0000sy-GG; Wed, 21 Feb 2024 16:47:38 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuRF-0000ox-0R; Wed, 21 Feb 2024 16:47:37 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuRD-0007LQ-71; Wed, 21 Feb 2024 16:47:36 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 44E694F861; Thu, 22 Feb 2024 00:47:46 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id E0545869E2; Thu, 22 Feb 2024 00:47:23 +0300 (MSK) Received: (nullmailer pid 2339838 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Peter Maydell , Bohdan Kostiv , =?UTF-8?q?Daniel=20P=20=2E=20Berrang=C3=A9?= , Richard Henderson , Michael Tokarev Subject: [Stable-7.2.10 05/33] system/vl.c: Fix handling of '-serial none -serial something' Date: Thu, 22 Feb 2024 00:46:48 +0300 Message-Id: <20240221214723.2339742-5-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552247004100001 From: Peter Maydell Currently if the user passes multiple -serial options on the command line, we mostly treat those as applying to the different serial devices in order, so that for example -serial stdio -serial file:filename will connect the first serial port to stdio and the second to the named file. The exception to this is the '-serial none' serial device type. This means "don't allocate this serial device", but a bug means that following -serial options are not correctly handled, so that -serial none -serial stdio has the unexpected effect that stdio is connected to the first serial port, not the second. This is a very long-standing bug that dates back at least as far as commit 998bbd74b9d81 from 2009. Make the 'none' serial type move forward in the indexing of serial devices like all the other serial types, so that any subsequent -serial options are correctly handled. Note that if your commandline mistakenly had a '-serial none' that was being overridden by a following '-serial something' option, you should delete the unnecessary '-serial none'. This will give you the same behaviour as before, on QEMU versions both with and without this bug fix. Cc: qemu-stable@nongnu.org Reported-by: Bohdan Kostiv Signed-off-by: Peter Maydell Reviewed-by: Daniel P. Berrang=C3=A9 Reviewed-by: Richard Henderson Message-id: 20240122163607.459769-2-peter.maydell@linaro.org Fixes: 998bbd74b9d81 ("default devices: core code & serial lines") Signed-off-by: Peter Maydell (cherry picked from commit d2019a9d0c34a4fdcb5b5df550d73040dc0637d9) Signed-off-by: Michael Tokarev diff --git a/softmmu/vl.c b/softmmu/vl.c index ce88869618..ab4394c53d 100644 --- a/softmmu/vl.c +++ b/softmmu/vl.c @@ -1363,18 +1363,22 @@ static void qemu_create_default_devices(void) static int serial_parse(const char *devname) { int index =3D num_serial_hds; - char label[32]; =20 - if (strcmp(devname, "none") =3D=3D 0) - return 0; - snprintf(label, sizeof(label), "serial%d", index); serial_hds =3D g_renew(Chardev *, serial_hds, index + 1); =20 - serial_hds[index] =3D qemu_chr_new_mux_mon(label, devname, NULL); - if (!serial_hds[index]) { - error_report("could not connect serial device" - " to character backend '%s'", devname); - return -1; + if (strcmp(devname, "none") =3D=3D 0) { + /* Don't allocate a serial device for this index */ + serial_hds[index] =3D NULL; + } else { + char label[32]; + snprintf(label, sizeof(label), "serial%d", index); + + serial_hds[index] =3D qemu_chr_new_mux_mon(label, devname, NULL); + if (!serial_hds[index]) { + error_report("could not connect serial device" + " to character backend '%s'", devname); + return -1; + } } num_serial_hds++; return 0; --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552327688807.8321718523431; Wed, 21 Feb 2024 13:52:07 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuRI-0000w3-Qh; Wed, 21 Feb 2024 16:47:40 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuRG-0000sn-8Q; Wed, 21 Feb 2024 16:47:38 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuRE-0007Ld-EP; Wed, 21 Feb 2024 16:47:37 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 593514F862; Thu, 22 Feb 2024 00:47:46 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id F39B2869E3; Thu, 22 Feb 2024 00:47:23 +0300 (MSK) Received: (nullmailer pid 2339841 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Peter Maydell , =?UTF-8?q?Daniel=20P=20=2E=20Berrang=C3=A9?= , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Michael Tokarev Subject: [Stable-7.2.10 06/33] qemu-options.hx: Improve -serial option documentation Date: Thu, 22 Feb 2024 00:46:49 +0300 Message-Id: <20240221214723.2339742-6-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552329269100001 From: Peter Maydell The -serial option documentation is a bit brief about '-serial none' and '-serial null'. In particular it's not very clear about the difference between them, and it doesn't mention that it's up to the machine model whether '-serial none' means "don't create the serial port" or "don't wire the serial port up to anything". Expand on these points. Signed-off-by: Peter Maydell Reviewed-by: Daniel P. Berrang=C3=A9 Reviewed-by: Philippe Mathieu-Daud=C3=A9 Message-id: 20240122163607.459769-3-peter.maydell@linaro.org (cherry picked from commit 747bfaf3a9d2f3cd51674763dc1f7575100cd200) Signed-off-by: Michael Tokarev diff --git a/qemu-options.hx b/qemu-options.hx index 379692da86..7f798ce47e 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -3968,7 +3968,8 @@ SRST This option can be used several times to simulate up to 4 serial ports. =20 - Use ``-serial none`` to disable all serial ports. + You can use ``-serial none`` to suppress the creation of default + serial devices. =20 Available character devices are: =20 @@ -3990,10 +3991,17 @@ SRST [Linux only] Pseudo TTY (a new PTY is automatically allocated) =20 ``none`` - No device is allocated. + No device is allocated. Note that for machine types which + emulate systems where a serial device is always present in + real hardware, this may be equivalent to the ``null`` option, + in that the serial device is still present but all output + is discarded. For boards where the number of serial ports is + truly variable, this suppresses the creation of the device. =20 ``null`` - void device + A guest will see the UART or serial device as present in the + machine, but all output is discarded, and there is no input. + Conceptually equivalent to redirecting the output to ``/dev/null``. =20 ``chardev:id`` Use a named character device defined with the ``-chardev`` --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552114865289.8647850989122; Wed, 21 Feb 2024 13:48:34 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuRM-00011r-6M; Wed, 21 Feb 2024 16:47:44 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuRI-0000vT-3W; Wed, 21 Feb 2024 16:47:40 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuRG-0007Lq-DB; Wed, 21 Feb 2024 16:47:39 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 6C68A4F863; Thu, 22 Feb 2024 00:47:46 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 13D7C869E4; Thu, 22 Feb 2024 00:47:24 +0300 (MSK) Received: (nullmailer pid 2339844 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Guenter Roeck , Andrey Smirnov , Nikita Ostrenkov , Peter Maydell , Michael Tokarev Subject: [Stable-7.2.10 07/33] pci-host: designware: Limit value range of iATU viewport register Date: Thu, 22 Feb 2024 00:46:50 +0300 Message-Id: <20240221214723.2339742-7-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552116675100014 Content-Type: text/plain; charset="utf-8" From: Guenter Roeck The latest version of qemu (v8.2.0-869-g7a1dc45af5) crashes when booting the mcimx7d-sabre emulation with Linux v5.11 and later. qemu-system-arm: ../system/memory.c:2750: memory_region_set_alias_offset: A= ssertion `mr->alias' failed. Problem is that the Designware PCIe emulation accepts the full value range for the iATU Viewport Register. However, both hardware and emulation only support four inbound and four outbound viewports. The Linux kernel determines the number of supported viewports by writing 0xff into the viewport register and reading the value back. The expected value when reading the register is the highest supported viewport index. Match that code by masking the supported viewport value range when the register is written. With this change, the Linux kernel reports imx6q-pcie 33800000.pcie: iATU: unroll F, 4 ob, 4 ib, align 0K, limit 4G as expected and supported. Fixes: d64e5eabc4c7 ("pci: Add support for Designware IP block") Cc: Andrey Smirnov Cc: Nikita Ostrenkov Signed-off-by: Guenter Roeck Message-id: 20240129060055.2616989-1-linux@roeck-us.net Reviewed-by: Peter Maydell Signed-off-by: Peter Maydell (cherry picked from commit 8a73152020337a7fbf34daf0a006d4d89ec1494e) Signed-off-by: Michael Tokarev diff --git a/hw/pci-host/designware.c b/hw/pci-host/designware.c index bde3a343a2..c235b9daa3 100644 --- a/hw/pci-host/designware.c +++ b/hw/pci-host/designware.c @@ -340,6 +340,8 @@ static void designware_pcie_root_config_write(PCIDevice= *d, uint32_t address, break; =20 case DESIGNWARE_PCIE_ATU_VIEWPORT: + val &=3D DESIGNWARE_PCIE_ATU_REGION_INBOUND | + (DESIGNWARE_PCIE_NUM_VIEWPORTS - 1); root->atu_viewport =3D val; break; =20 --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552112699914.3143208922874; Wed, 21 Feb 2024 13:48:32 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuRL-000103-QO; Wed, 21 Feb 2024 16:47:44 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuRJ-0000wR-9B; Wed, 21 Feb 2024 16:47:41 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuRH-0007M4-LB; Wed, 21 Feb 2024 16:47:41 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 7CE254F864; Thu, 22 Feb 2024 00:47:46 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 2660F869E5; Thu, 22 Feb 2024 00:47:24 +0300 (MSK) Received: (nullmailer pid 2339847 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Akihiko Odaki , Michael Tokarev , Ani Sinha , "Michael S . Tsirkin" Subject: [Stable-7.2.10 08/33] hw/smbios: Fix OEM strings table option validation Date: Thu, 22 Feb 2024 00:46:51 +0300 Message-Id: <20240221214723.2339742-8-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552114645100007 Content-Type: text/plain; charset="utf-8" From: Akihiko Odaki qemu_smbios_type11_opts did not have the list terminator and that resulted in out-of-bound memory access. It also needs to have an element for the type option. Cc: qemu-stable@nongnu.org Fixes: 2d6dcbf93fb0 ("smbios: support setting OEM strings table") Signed-off-by: Akihiko Odaki Reviewed-by: Michael Tokarev Reviewed-by: Ani Sinha Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael Tokarev (cherry picked from commit cd8a35b913c24248267c682cb9a348461c106139) diff --git a/hw/smbios/smbios.c b/hw/smbios/smbios.c index cd43185417..7a58d50d80 100644 --- a/hw/smbios/smbios.c +++ b/hw/smbios/smbios.c @@ -368,6 +368,11 @@ static const QemuOptDesc qemu_smbios_type8_opts[] =3D { }; =20 static const QemuOptDesc qemu_smbios_type11_opts[] =3D { + { + .name =3D "type", + .type =3D QEMU_OPT_NUMBER, + .help =3D "SMBIOS element type", + }, { .name =3D "value", .type =3D QEMU_OPT_STRING, @@ -378,6 +383,7 @@ static const QemuOptDesc qemu_smbios_type11_opts[] =3D { .type =3D QEMU_OPT_STRING, .help =3D "OEM string data from file", }, + { /* end of list */ } }; =20 static const QemuOptDesc qemu_smbios_type17_opts[] =3D { --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552109432497.0240067638473; Wed, 21 Feb 2024 13:48:29 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuRQ-0001ED-Aq; Wed, 21 Feb 2024 16:47:48 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuRN-00017N-97; Wed, 21 Feb 2024 16:47:45 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuRL-0007MK-FC; Wed, 21 Feb 2024 16:47:44 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 8D2FB4F865; Thu, 22 Feb 2024 00:47:46 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 36BC0869E6; Thu, 22 Feb 2024 00:47:24 +0300 (MSK) Received: (nullmailer pid 2339850 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Akihiko Odaki , Michael Tokarev , Ani Sinha , "Michael S . Tsirkin" Subject: [Stable-7.2.10 09/33] hw/smbios: Fix port connector option validation Date: Thu, 22 Feb 2024 00:46:52 +0300 Message-Id: <20240221214723.2339742-9-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552110678100001 Content-Type: text/plain; charset="utf-8" From: Akihiko Odaki qemu_smbios_type8_opts did not have the list terminator and that resulted in out-of-bound memory access. It also needs to have an element for the type option. Cc: qemu-stable@nongnu.org Fixes: fd8caa253c56 ("hw/smbios: support for type 8 (port connector)") Signed-off-by: Akihiko Odaki Reviewed-by: Michael Tokarev Reviewed-by: Ani Sinha Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael Tokarev (cherry picked from commit 196578c9d051d19c23e6c13e97b791a41b318315) diff --git a/hw/smbios/smbios.c b/hw/smbios/smbios.c index 7a58d50d80..9f4d007d96 100644 --- a/hw/smbios/smbios.c +++ b/hw/smbios/smbios.c @@ -345,6 +345,11 @@ static const QemuOptDesc qemu_smbios_type4_opts[] =3D { }; =20 static const QemuOptDesc qemu_smbios_type8_opts[] =3D { + { + .name =3D "type", + .type =3D QEMU_OPT_NUMBER, + .help =3D "SMBIOS element type", + }, { .name =3D "internal_reference", .type =3D QEMU_OPT_STRING, @@ -365,6 +370,7 @@ static const QemuOptDesc qemu_smbios_type8_opts[] =3D { .type =3D QEMU_OPT_NUMBER, .help =3D "port type", }, + { /* end of list */ } }; =20 static const QemuOptDesc qemu_smbios_type11_opts[] =3D { --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552130225936.2124933278417; Wed, 21 Feb 2024 13:48:50 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuRZ-0001Vg-Ew; Wed, 21 Feb 2024 16:47:57 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuRX-0001Sq-6h; Wed, 21 Feb 2024 16:47:55 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuRK-0007Mg-M9; Wed, 21 Feb 2024 16:47:54 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 9BF444F866; Thu, 22 Feb 2024 00:47:46 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 46D25869E7; Thu, 22 Feb 2024 00:47:24 +0300 (MSK) Received: (nullmailer pid 2339853 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Andrey Ignatov , "Michael S . Tsirkin" , Michael Tokarev Subject: [Stable-7.2.10 10/33] vhost-user.rst: Fix vring address description Date: Thu, 22 Feb 2024 00:46:53 +0300 Message-Id: <20240221214723.2339742-10-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552130698100005 Content-Type: text/plain; charset="utf-8" From: Andrey Ignatov There is no "size" field in vring address structure. Remove it. Fixes: 5fc0e00291 ("Add vhost-user protocol documentation") Signed-off-by: Andrey Ignatov Message-Id: <20240112004555.64900-1-rdna@apple.com> Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin (cherry picked from commit aa05bd9ef4073ccb72d04ad78de32916af31c7c3) Signed-off-by: Michael Tokarev diff --git a/docs/interop/vhost-user.rst b/docs/interop/vhost-user.rst index 3f18ab424e..936de705e1 100644 --- a/docs/interop/vhost-user.rst +++ b/docs/interop/vhost-user.rst @@ -111,9 +111,9 @@ A vring state description A vring address description ^^^^^^^^^^^^^^^^^^^^^^^^^^^ =20 -+-------+-------+------+------------+------+-----------+-----+ -| index | flags | size | descriptor | used | available | log | -+-------+-------+------+------------+------+-----------+-----+ ++-------+-------+------------+------+-----------+-----+ +| index | flags | descriptor | used | available | log | ++-------+-------+------------+------+-----------+-----+ =20 :index: a 32-bit vring index =20 --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 170855233464011.141277956609656; Wed, 21 Feb 2024 13:52:14 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuRW-0001QR-Mp; Wed, 21 Feb 2024 16:47:54 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuRU-0001PY-HS; Wed, 21 Feb 2024 16:47:52 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuRO-0007N6-QI; Wed, 21 Feb 2024 16:47:52 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id B04684F867; Thu, 22 Feb 2024 00:47:46 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 554F8869E8; Thu, 22 Feb 2024 00:47:24 +0300 (MSK) Received: (nullmailer pid 2339856 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Ira Weiny , Huai-Cheng Kuo , Dave Jiang , Fan Ni , Jonathan Cameron , "Michael S . Tsirkin" , Michael Tokarev Subject: [Stable-7.2.10 11/33] cxl/cdat: Handle cdat table build errors Date: Thu, 22 Feb 2024 00:46:54 +0300 Message-Id: <20240221214723.2339742-11-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552335279100002 Content-Type: text/plain; charset="utf-8" From: Ira Weiny The callback for building CDAT tables may return negative error codes. This was previously unhandled and will result in potentially huge allocations later on in ct3_build_cdat() Detect the negative error code and defer cdat building. Fixes: f5ee7413d592 ("hw/mem/cxl-type3: Add CXL CDAT Data Object Exchange") Cc: Huai-Cheng Kuo Reviewed-by: Dave Jiang Reviewed-by: Fan Ni Signed-off-by: Ira Weiny Signed-off-by: Jonathan Cameron Message-Id: <20240126120132.24248-2-Jonathan.Cameron@huawei.com> Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin (cherry picked from commit c62926f730d08450502d36548e28dd727c998ace) Signed-off-by: Michael Tokarev diff --git a/hw/cxl/cxl-cdat.c b/hw/cxl/cxl-cdat.c index 3653aa56f0..931693f02d 100644 --- a/hw/cxl/cxl-cdat.c +++ b/hw/cxl/cxl-cdat.c @@ -62,7 +62,7 @@ static void ct3_build_cdat(CDATObject *cdat, Error **errp) =20 cdat->built_buf_len =3D cdat->build_cdat_table(&cdat->built_buf, cdat-= >private); =20 - if (!cdat->built_buf_len) { + if (cdat->built_buf_len <=3D 0) { /* Build later as not all data available yet */ cdat->to_update =3D true; return; --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552181218509.91961182722684; Wed, 21 Feb 2024 13:49:41 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuRa-0001WJ-Ls; Wed, 21 Feb 2024 16:47:58 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuRY-0001Ug-OU; Wed, 21 Feb 2024 16:47:56 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuRV-0007Q2-Th; Wed, 21 Feb 2024 16:47:56 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id C47454F868; Thu, 22 Feb 2024 00:47:46 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 6A61E869E9; Thu, 22 Feb 2024 00:47:24 +0300 (MSK) Received: (nullmailer pid 2339859 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Ira Weiny , Huai-Cheng Kuo , Dave Jiang , Fan Ni , Jonathan Cameron , "Michael S . Tsirkin" , Michael Tokarev Subject: [Stable-7.2.10 12/33] cxl/cdat: Fix header sum value in CDAT checksum Date: Thu, 22 Feb 2024 00:46:55 +0300 Message-Id: <20240221214723.2339742-12-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552182844100002 Content-Type: text/plain; charset="utf-8" From: Ira Weiny The addition of the DCD support for CXL type-3 devices extended the CDAT table large enough that the checksum being returned was incorrect.[1] This was because the checksum value was using the header length field rather than each of the 4 bytes of the length field. This was previously not seen because the length of the CDAT data was less than 256 thus resulting in an equivalent checksum value. Properly calculate the checksum for the CDAT header. [1] https://lore.kernel.org/all/20231116-fix-cdat-devm-free-v1-1-b148b40707= d7@intel.com/ Fixes: aba578bdace5 ("hw/cxl/cdat: CXL CDAT Data Object Exchange implementa= tion") Cc: Huai-Cheng Kuo Signed-off-by: Ira Weiny Reviewed-by: Dave Jiang Reviewed-by: Fan Ni Signed-off-by: Jonathan Cameron Message-Id: <20240126120132.24248-5-Jonathan.Cameron@huawei.com> Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin (cherry picked from commit 64fdad5e67587e88c2f1d8f294e89403856a4a31) Signed-off-by: Michael Tokarev diff --git a/hw/cxl/cxl-cdat.c b/hw/cxl/cxl-cdat.c index 931693f02d..0cde11854e 100644 --- a/hw/cxl/cxl-cdat.c +++ b/hw/cxl/cxl-cdat.c @@ -49,6 +49,7 @@ static void ct3_build_cdat(CDATObject *cdat, Error **errp) g_autofree CDATTableHeader *cdat_header =3D NULL; g_autofree CDATEntry *cdat_st =3D NULL; uint8_t sum =3D 0; + uint8_t *hdr_buf; int ent, i; =20 /* Use default table if fopen =3D=3D NULL */ @@ -94,8 +95,12 @@ static void ct3_build_cdat(CDATObject *cdat, Error **err= p) /* For now, no runtime updates */ cdat_header->sequence =3D 0; cdat_header->length +=3D sizeof(CDATTableHeader); - sum +=3D cdat_header->revision + cdat_header->sequence + - cdat_header->length; + + hdr_buf =3D (uint8_t *)cdat_header; + for (i =3D 0; i < sizeof(*cdat_header); i++) { + sum +=3D hdr_buf[i]; + } + /* Sum of all bytes including checksum must be 0 */ cdat_header->checksum =3D ~sum + 1; =20 --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552127739531.1951491380333; Wed, 21 Feb 2024 13:48:47 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuS8-0002vR-9u; Wed, 21 Feb 2024 16:48:32 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuS6-0002kM-HS; Wed, 21 Feb 2024 16:48:30 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuRs-0007Qd-KI; Wed, 21 Feb 2024 16:48:30 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id D666E4F869; Thu, 22 Feb 2024 00:47:46 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 7EA0B869EA; Thu, 22 Feb 2024 00:47:24 +0300 (MSK) Received: (nullmailer pid 2339862 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Li Zhijian , Fan Ni , Jonathan Cameron , "Michael S . Tsirkin" , Michael Tokarev Subject: [Stable-7.2.10 13/33] hw/cxl: Pass CXLComponentState to cache_mem_ops Date: Thu, 22 Feb 2024 00:46:56 +0300 Message-Id: <20240221214723.2339742-13-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_HELO_TEMPERROR=0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552128757100001 Content-Type: text/plain; charset="utf-8" From: Li Zhijian cache_mem_ops.{read,write}() interprets opaque as CXLComponentState(cxl_cstate) instead of ComponentRegisters(cregs). Fortunately, cregs is the first member of cxl_cstate, so their values are the same. Fixes: 9e58f52d3f8 ("hw/cxl/component: Introduce CXL components (8.1.x, 8.2= .5)") Reviewed-by: Fan Ni Signed-off-by: Li Zhijian Signed-off-by: Jonathan Cameron Message-Id: <20240126120132.24248-8-Jonathan.Cameron@huawei.com> Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin (cherry picked from commit 729d45a6af06753d3e330f589c248fe9687c5cd5) Signed-off-by: Michael Tokarev diff --git a/hw/cxl/cxl-component-utils.c b/hw/cxl/cxl-component-utils.c index 3edd303a33..5934b95848 100644 --- a/hw/cxl/cxl-component-utils.c +++ b/hw/cxl/cxl-component-utils.c @@ -126,7 +126,7 @@ void cxl_component_register_block_init(Object *obj, /* io registers controls link which we don't care about in QEMU */ memory_region_init_io(&cregs->io, obj, NULL, cregs, ".io", CXL2_COMPONENT_IO_REGION_SIZE); - memory_region_init_io(&cregs->cache_mem, obj, &cache_mem_ops, cregs, + memory_region_init_io(&cregs->cache_mem, obj, &cache_mem_ops, cxl_csta= te, ".cache_mem", CXL2_COMPONENT_CM_REGION_SIZE); =20 memory_region_add_subregion(&cregs->component_registers, 0, &cregs->io= ); --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552338080513.9303683740607; Wed, 21 Feb 2024 13:52:18 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuSM-0004fl-1h; Wed, 21 Feb 2024 16:48:46 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuSK-0004aN-00; Wed, 21 Feb 2024 16:48:44 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuRu-0007R3-5v; Wed, 21 Feb 2024 16:48:43 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id E72D44F86A; Thu, 22 Feb 2024 00:47:46 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 90461869EB; Thu, 22 Feb 2024 00:47:24 +0300 (MSK) Received: (nullmailer pid 2339865 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Zhenzhong Duan , Eric Auger , "Michael S . Tsirkin" , Michael Tokarev Subject: [Stable-7.2.10 14/33] virtio_iommu: Clear IOMMUPciBus pointer cache when system reset Date: Thu, 22 Feb 2024 00:46:57 +0300 Message-Id: <20240221214723.2339742-14-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552339280100001 Content-Type: text/plain; charset="utf-8" From: Zhenzhong Duan s->iommu_pcibus_by_bus_num is a IOMMUPciBus pointer cache indexed by bus number, bus number may not always be a fixed value, i.e., guest reboot to different kernel which set bus number with different algorithm. This could lead to endpoint binding to wrong iommu MR in virtio_iommu_get_endpoint(), then vfio device setup wrong mapping from other device. Remove the memset in virtio_iommu_device_realize() to avoid redundancy with memset in system reset. Signed-off-by: Zhenzhong Duan Message-Id: <20240125073706.339369-2-zhenzhong.duan@intel.com> Reviewed-by: Eric Auger Tested-by: Eric Auger Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin (cherry picked from commit 9a457383ce9d309d4679b079fafb51f0a2d949aa) Signed-off-by: Michael Tokarev diff --git a/hw/virtio/virtio-iommu.c b/hw/virtio/virtio-iommu.c index eb82462c95..95db19f144 100644 --- a/hw/virtio/virtio-iommu.c +++ b/hw/virtio/virtio-iommu.c @@ -1140,6 +1140,8 @@ static void virtio_iommu_system_reset(void *opaque) =20 trace_virtio_iommu_system_reset(); =20 + memset(s->iommu_pcibus_by_bus_num, 0, sizeof(s->iommu_pcibus_by_bus_nu= m)); + /* * config.bypass is sticky across device reset, but should be restored= on * system reset @@ -1156,8 +1158,6 @@ static void virtio_iommu_device_realize(DeviceState *= dev, Error **errp) =20 virtio_init(vdev, VIRTIO_ID_IOMMU, sizeof(struct virtio_iommu_config)); =20 - memset(s->iommu_pcibus_by_bus_num, 0, sizeof(s->iommu_pcibus_by_bus_nu= m)); - s->req_vq =3D virtio_add_queue(vdev, VIOMMU_DEFAULT_QUEUE_SIZE, virtio_iommu_handle_command); s->event_vq =3D virtio_add_queue(vdev, VIOMMU_DEFAULT_QUEUE_SIZE, NULL= ); --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552141791977.3883397298422; Wed, 21 Feb 2024 13:49:01 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuSC-0003RB-1H; Wed, 21 Feb 2024 16:48:36 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuSA-0003BT-0l; Wed, 21 Feb 2024 16:48:34 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuS8-0007VV-5O; Wed, 21 Feb 2024 16:48:33 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 03D124F86B; Thu, 22 Feb 2024 00:47:47 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id A12FD869EC; Thu, 22 Feb 2024 00:47:24 +0300 (MSK) Received: (nullmailer pid 2339868 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Zhenzhong Duan , Eric Auger , "Michael S . Tsirkin" , Michael Tokarev Subject: [Stable-7.2.10 15/33] smmu: Clear SMMUPciBus pointer cache when system reset Date: Thu, 22 Feb 2024 00:46:58 +0300 Message-Id: <20240221214723.2339742-15-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552142733100005 Content-Type: text/plain; charset="utf-8" From: Zhenzhong Duan s->smmu_pcibus_by_bus_num is a SMMUPciBus pointer cache indexed by bus number, bus number may not always be a fixed value, i.e., guest reboot to different kernel which set bus number with different algorithm. This could lead to smmu_iommu_mr() providing the wrong iommu MR. Suggested-by: Eric Auger Signed-off-by: Zhenzhong Duan Message-Id: <20240125073706.339369-3-zhenzhong.duan@intel.com> Reviewed-by: Eric Auger Tested-by: Eric Auger Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin (cherry picked from commit 8a6b3f4dc95a064e88adaca86374108da0ecb38d) Signed-off-by: Michael Tokarev diff --git a/hw/arm/smmu-common.c b/hw/arm/smmu-common.c index bbca3a8db3..7abc166eb3 100644 --- a/hw/arm/smmu-common.c +++ b/hw/arm/smmu-common.c @@ -529,6 +529,8 @@ static void smmu_base_reset(DeviceState *dev) { SMMUState *s =3D ARM_SMMU(dev); =20 + memset(s->smmu_pcibus_by_bus_num, 0, sizeof(s->smmu_pcibus_by_bus_num)= ); + g_hash_table_remove_all(s->configs); g_hash_table_remove_all(s->iotlb); } --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552273275892.011342438839; Wed, 21 Feb 2024 13:51:13 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuSG-00046x-MO; Wed, 21 Feb 2024 16:48:40 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuSD-0003gG-Ae; Wed, 21 Feb 2024 16:48:37 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuSB-0007WB-CO; Wed, 21 Feb 2024 16:48:36 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 13DAB4F86C; Thu, 22 Feb 2024 00:47:47 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id B1FD8869ED; Thu, 22 Feb 2024 00:47:24 +0300 (MSK) Received: (nullmailer pid 2339871 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Jonathan Cameron , "Michael S . Tsirkin" , Michael Tokarev Subject: [Stable-7.2.10 16/33] tests/acpi: Allow update of DSDT.cxl Date: Thu, 22 Feb 2024 00:46:59 +0300 Message-Id: <20240221214723.2339742-16-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552275146100003 Content-Type: text/plain; charset="utf-8" From: Jonathan Cameron The _STA value returned currently indicates the ACPI0017 device is not enabled. Whilst this isn't a real device, setting _STA like this may prevent an OS from enumerating it correctly and hence from parsing the CEDT table. Signed-off-by: Jonathan Cameron Message-Id: <20240126120132.24248-11-Jonathan.Cameron@huawei.com> Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin (cherry picked from commit 14ec4ff3e4293635240ba5a7afe7a0f3ba447d31) Signed-off-by: Michael Tokarev diff --git a/tests/qtest/bios-tables-test-allowed-diff.h b/tests/qtest/bios= -tables-test-allowed-diff.h index dfb8523c8b..9ce0f596cc 100644 --- a/tests/qtest/bios-tables-test-allowed-diff.h +++ b/tests/qtest/bios-tables-test-allowed-diff.h @@ -1 +1,2 @@ /* List of comma-separated changed AML files to ignore */ +"tests/data/acpi/q35/DSDT.cxl", --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552296771153.1962802038156; Wed, 21 Feb 2024 13:51:36 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuSI-0004SS-Vt; Wed, 21 Feb 2024 16:48:43 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuSH-0004L7-JY; Wed, 21 Feb 2024 16:48:41 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuSE-0007WS-Q4; Wed, 21 Feb 2024 16:48:41 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 22F534F86D; Thu, 22 Feb 2024 00:47:47 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id C1AFD869EE; Thu, 22 Feb 2024 00:47:24 +0300 (MSK) Received: (nullmailer pid 2339874 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Jonathan Cameron , "Michael S . Tsirkin" , Michael Tokarev Subject: [Stable-7.2.10 17/33] hw/i386: Fix _STA return value for ACPI0017 Date: Thu, 22 Feb 2024 00:47:00 +0300 Message-Id: <20240221214723.2339742-17-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552297188100001 Content-Type: text/plain; charset="utf-8" From: Jonathan Cameron Found whilst testing a series for the linux kernel that actually bothers to check if enabled is set. 0xB is the option used for vast majority of DSDT entries in QEMU. It is a little odd for a device that doesn't really exist and is simply a hook to tell the OS there is a CEDT table but 0xB seems a reasonable choice and avoids need to special case this device in the OS. Means: * Device present. * Device enabled and decoding it's resources. * Not shown in UI * Functioning properly * No battery (on this device!) Signed-off-by: Jonathan Cameron Message-Id: <20240126120132.24248-12-Jonathan.Cameron@huawei.com> Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin (cherry picked from commit d9ae5802f656f6fb53b788747ba557a826b6e740) Signed-off-by: Michael Tokarev diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c index d9eaa5fc4d..f9cdacadb1 100644 --- a/hw/i386/acpi-build.c +++ b/hw/i386/acpi-build.c @@ -1311,7 +1311,7 @@ static void build_acpi0017(Aml *table) aml_append(dev, aml_name_decl("_HID", aml_string("ACPI0017"))); =20 method =3D aml_method("_STA", 0, AML_NOTSERIALIZED); - aml_append(method, aml_return(aml_int(0x01))); + aml_append(method, aml_return(aml_int(0x0B))); aml_append(dev, method); =20 aml_append(scope, dev); --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552219859224.3360492382551; Wed, 21 Feb 2024 13:50:19 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuSN-0004o1-9s; Wed, 21 Feb 2024 16:48:48 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuSK-0004c1-Nb; Wed, 21 Feb 2024 16:48:44 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuSJ-0007X6-14; Wed, 21 Feb 2024 16:48:44 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 31F7A4F86E; Thu, 22 Feb 2024 00:47:47 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id D0E72869EF; Thu, 22 Feb 2024 00:47:24 +0300 (MSK) Received: (nullmailer pid 2339877 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Jonathan Cameron , "Michael S . Tsirkin" , Michael Tokarev Subject: [Stable-7.2.10 18/33] tests/acpi: Update DSDT.cxl to reflect change _STA return value. Date: Thu, 22 Feb 2024 00:47:01 +0300 Message-Id: <20240221214723.2339742-18-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552220915100001 Content-Type: text/plain; charset="utf-8" From: Jonathan Cameron _STA will now return 0xB (in common with most other devices) rather than not setting the bits to indicate this fake device has not been enabled, and self tests haven't passed. Signed-off-by: Jonathan Cameron Message-Id: <20240126120132.24248-13-Jonathan.Cameron@huawei.com> Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin (cherry picked from commit b24a981b9f1c4767aaea815e504a2c7aeb405d72) Signed-off-by: Michael Tokarev (Mjt: rebuild tests/data/acpi/q35/DSDT.cxl for 7.2.x) diff --git a/tests/data/acpi/q35/DSDT.cxl b/tests/data/acpi/q35/DSDT.cxl index f9c6dd4ee0..267709e4e4 100644 Binary files a/tests/data/acpi/q35/DSDT.cxl and b/tests/data/acpi/q35/DSDT.= cxl differ diff --git a/tests/qtest/bios-tables-test-allowed-diff.h b/tests/qtest/bios= -tables-test-allowed-diff.h index 9ce0f596cc..dfb8523c8b 100644 --- a/tests/qtest/bios-tables-test-allowed-diff.h +++ b/tests/qtest/bios-tables-test-allowed-diff.h @@ -1,2 +1 @@ /* List of comma-separated changed AML files to ignore */ -"tests/data/acpi/q35/DSDT.cxl", --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552169644593.8569601439021; Wed, 21 Feb 2024 13:49:29 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuST-0005PD-Dd; Wed, 21 Feb 2024 16:48:53 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuSQ-0005Ad-C1; Wed, 21 Feb 2024 16:48:50 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuSL-0007XU-Cu; Wed, 21 Feb 2024 16:48:50 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 42EBE4F86F; Thu, 22 Feb 2024 00:47:47 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id E0545869F0; Thu, 22 Feb 2024 00:47:24 +0300 (MSK) Received: (nullmailer pid 2339880 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Richard Henderson , Gustavo Romero , Peter Maydell , Michael Tokarev Subject: [Stable-7.2.10 19/33] linux-user/aarch64: Choose SYNC as the preferred MTE mode Date: Thu, 22 Feb 2024 00:47:02 +0300 Message-Id: <20240221214723.2339742-19-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_TEMPERROR=0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552170796100001 Content-Type: text/plain; charset="utf-8" From: Richard Henderson The API does not generate an error for setting ASYNC | SYNC; that merely constrains the selection vs the per-cpu default. For qemu linux-user, choose SYNC as the default. Cc: qemu-stable@nongnu.org Reported-by: Gustavo Romero Signed-off-by: Richard Henderson Tested-by: Gustavo Romero Message-id: 20240207025210.8837-2-richard.henderson@linaro.org Signed-off-by: Peter Maydell (cherry picked from commit 681dfc0d552963d4d598350d26097a692900b408) Signed-off-by: Michael Tokarev diff --git a/linux-user/aarch64/target_prctl.h b/linux-user/aarch64/target_= prctl.h index 907c314146..d9f6648e27 100644 --- a/linux-user/aarch64/target_prctl.h +++ b/linux-user/aarch64/target_prctl.h @@ -171,21 +171,26 @@ static abi_long do_prctl_set_tagged_addr_ctrl(CPUArch= State *env, abi_long arg2) env->tagged_addr_enable =3D arg2 & PR_TAGGED_ADDR_ENABLE; =20 if (cpu_isar_feature(aa64_mte, cpu)) { - switch (arg2 & PR_MTE_TCF_MASK) { - case PR_MTE_TCF_NONE: - case PR_MTE_TCF_SYNC: - case PR_MTE_TCF_ASYNC: - break; - default: - return -EINVAL; - } - /* * Write PR_MTE_TCF to SCTLR_EL1[TCF0]. - * Note that the syscall values are consistent with hw. + * + * The kernel has a per-cpu configuration for the sysadmin, + * /sys/devices/system/cpu/cpu/mte_tcf_preferred, + * which qemu does not implement. + * + * Because there is no performance difference between the modes, a= nd + * because SYNC is most useful for debugging MTE errors, choose SY= NC + * as the preferred mode. With this preference, and the way the A= PI + * uses only two bits, there is no way for the program to select + * ASYMM mode. */ - env->cp15.sctlr_el[1] =3D - deposit64(env->cp15.sctlr_el[1], 38, 2, arg2 >> PR_MTE_TCF_SHI= FT); + unsigned tcf =3D 0; + if (arg2 & PR_MTE_TCF_SYNC) { + tcf =3D 1; + } else if (arg2 & PR_MTE_TCF_ASYNC) { + tcf =3D 2; + } + env->cp15.sctlr_el[1] =3D deposit64(env->cp15.sctlr_el[1], 38, 2, = tcf); =20 /* * Write PR_MTE_TAG to GCR_EL1[Exclude]. --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 17085521735364.39095959244878; Wed, 21 Feb 2024 13:49:33 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuSk-00076p-Ip; Wed, 21 Feb 2024 16:49:10 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuSi-0006y5-0g; Wed, 21 Feb 2024 16:49:08 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuSg-0007Xf-5X; Wed, 21 Feb 2024 16:49:07 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 539A74F870; Thu, 22 Feb 2024 00:47:47 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id F0F16869F1; Thu, 22 Feb 2024 00:47:24 +0300 (MSK) Received: (nullmailer pid 2339883 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Richard Henderson , Gustavo Romero , Peter Maydell , Michael Tokarev Subject: [Stable-7.2.10 20/33] target/arm: Fix nregs computation in do_{ld, st}_zpa Date: Thu, 22 Feb 2024 00:47:03 +0300 Message-Id: <20240221214723.2339742-20-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552174837100001 Content-Type: text/plain; charset="utf-8" From: Richard Henderson The field is encoded as [0-3], which is convenient for indexing our array of function pointers, but the true value is [1-4]. Adjust before calling do_mem_zpa. Add an assert, and move the comment re passing ZT to the helper back next to the relevant code. Cc: qemu-stable@nongnu.org Fixes: 206adacfb8d ("target/arm: Add mte helpers for sve scalar + int loads= ") Signed-off-by: Richard Henderson Tested-by: Gustavo Romero Message-id: 20240207025210.8837-3-richard.henderson@linaro.org Reviewed-by: Peter Maydell Signed-off-by: Peter Maydell (cherry picked from commit 64c6e7444dff64b42d11b836b9aec9acfbe8ecc2) Signed-off-by: Michael Tokarev diff --git a/target/arm/translate-sve.c b/target/arm/translate-sve.c index 621a2abb22..7388e1dbc7 100644 --- a/target/arm/translate-sve.c +++ b/target/arm/translate-sve.c @@ -4587,11 +4587,7 @@ static void do_mem_zpa(DisasContext *s, int zt, int = pg, TCGv_i64 addr, TCGv_ptr t_pg; int desc =3D 0; =20 - /* - * For e.g. LD4, there are not enough arguments to pass all 4 - * registers as pointers, so encode the regno into the data field. - * For consistency, do this even for LD1. - */ + assert(mte_n >=3D 1 && mte_n <=3D 4); if (s->mte_active[0]) { int msz =3D dtype_msz(dtype); =20 @@ -4605,6 +4601,11 @@ static void do_mem_zpa(DisasContext *s, int zt, int = pg, TCGv_i64 addr, addr =3D clean_data_tbi(s, addr); } =20 + /* + * For e.g. LD4, there are not enough arguments to pass all 4 + * registers as pointers, so encode the regno into the data field. + * For consistency, do this even for LD1. + */ desc =3D simd_desc(vsz, vsz, zt | desc); t_pg =3D tcg_temp_new_ptr(); =20 @@ -4744,7 +4745,7 @@ static void do_ld_zpa(DisasContext *s, int zt, int pg, * accessible via the instruction encoding. */ assert(fn !=3D NULL); - do_mem_zpa(s, zt, pg, addr, dtype, nreg, false, fn); + do_mem_zpa(s, zt, pg, addr, dtype, nreg + 1, false, fn); } =20 static bool trans_LD_zprr(DisasContext *s, arg_rprr_load *a) @@ -5320,14 +5321,13 @@ static void do_st_zpa(DisasContext *s, int zt, int = pg, TCGv_i64 addr, if (nreg =3D=3D 0) { /* ST1 */ fn =3D fn_single[s->mte_active[0]][be][msz][esz]; - nreg =3D 1; } else { /* ST2, ST3, ST4 -- msz =3D=3D esz, enforced by encoding */ assert(msz =3D=3D esz); fn =3D fn_multiple[s->mte_active[0]][be][nreg - 1][msz]; } assert(fn !=3D NULL); - do_mem_zpa(s, zt, pg, addr, msz_dtype(s, msz), nreg, true, fn); + do_mem_zpa(s, zt, pg, addr, msz_dtype(s, msz), nreg + 1, true, fn); } =20 static bool trans_ST_zprr(DisasContext *s, arg_rprr_store *a) --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552181160995.4362883452299; Wed, 21 Feb 2024 13:49:41 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuSp-0007aU-PC; Wed, 21 Feb 2024 16:49:15 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuSn-0007QF-U3; Wed, 21 Feb 2024 16:49:13 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuSl-0007YC-SV; Wed, 21 Feb 2024 16:49:13 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 64B414F871; Thu, 22 Feb 2024 00:47:47 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 0DD58869F2; Thu, 22 Feb 2024 00:47:25 +0300 (MSK) Received: (nullmailer pid 2339887 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Richard Henderson , Peter Maydell , Gustavo Romero , Michael Tokarev Subject: [Stable-7.2.10 21/33] target/arm: Fix SVE/SME gross MTE suppression checks Date: Thu, 22 Feb 2024 00:47:04 +0300 Message-Id: <20240221214723.2339742-21-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552182824100001 Content-Type: text/plain; charset="utf-8" From: Richard Henderson The TBI and TCMA bits are located within mtedesc, not desc. Cc: qemu-stable@nongnu.org Reviewed-by: Peter Maydell Signed-off-by: Richard Henderson Tested-by: Gustavo Romero Message-id: 20240207025210.8837-7-richard.henderson@linaro.org Signed-off-by: Peter Maydell (cherry picked from commit 855f94eca80c85a99f459e36684ea2f98f6a3243) Signed-off-by: Michael Tokarev diff --git a/target/arm/sme_helper.c b/target/arm/sme_helper.c index 8856773635..d592c78ec9 100644 --- a/target/arm/sme_helper.c +++ b/target/arm/sme_helper.c @@ -606,8 +606,8 @@ void sme_ld1_mte(CPUARMState *env, void *za, uint64_t *= vg, desc =3D extract32(desc, 0, SIMD_DATA_SHIFT + SVE_MTEDESC_SHIFT); =20 /* Perform gross MTE suppression early. */ - if (!tbi_check(desc, bit55) || - tcma_check(desc, bit55, allocation_tag_from_addr(addr))) { + if (!tbi_check(mtedesc, bit55) || + tcma_check(mtedesc, bit55, allocation_tag_from_addr(addr))) { mtedesc =3D 0; } =20 @@ -783,8 +783,8 @@ void sme_st1_mte(CPUARMState *env, void *za, uint64_t *= vg, target_ulong addr, desc =3D extract32(desc, 0, SIMD_DATA_SHIFT + SVE_MTEDESC_SHIFT); =20 /* Perform gross MTE suppression early. */ - if (!tbi_check(desc, bit55) || - tcma_check(desc, bit55, allocation_tag_from_addr(addr))) { + if (!tbi_check(mtedesc, bit55) || + tcma_check(mtedesc, bit55, allocation_tag_from_addr(addr))) { mtedesc =3D 0; } =20 diff --git a/target/arm/sve_helper.c b/target/arm/sve_helper.c index 27838fb6e2..45a93755fe 100644 --- a/target/arm/sve_helper.c +++ b/target/arm/sve_helper.c @@ -5803,8 +5803,8 @@ void sve_ldN_r_mte(CPUARMState *env, uint64_t *vg, ta= rget_ulong addr, desc =3D extract32(desc, 0, SIMD_DATA_SHIFT + SVE_MTEDESC_SHIFT); =20 /* Perform gross MTE suppression early. */ - if (!tbi_check(desc, bit55) || - tcma_check(desc, bit55, allocation_tag_from_addr(addr))) { + if (!tbi_check(mtedesc, bit55) || + tcma_check(mtedesc, bit55, allocation_tag_from_addr(addr))) { mtedesc =3D 0; } =20 @@ -6159,8 +6159,8 @@ void sve_ldnfff1_r_mte(CPUARMState *env, void *vg, ta= rget_ulong addr, desc =3D extract32(desc, 0, SIMD_DATA_SHIFT + SVE_MTEDESC_SHIFT); =20 /* Perform gross MTE suppression early. */ - if (!tbi_check(desc, bit55) || - tcma_check(desc, bit55, allocation_tag_from_addr(addr))) { + if (!tbi_check(mtedesc, bit55) || + tcma_check(mtedesc, bit55, allocation_tag_from_addr(addr))) { mtedesc =3D 0; } =20 @@ -6413,8 +6413,8 @@ void sve_stN_r_mte(CPUARMState *env, uint64_t *vg, ta= rget_ulong addr, desc =3D extract32(desc, 0, SIMD_DATA_SHIFT + SVE_MTEDESC_SHIFT); =20 /* Perform gross MTE suppression early. */ - if (!tbi_check(desc, bit55) || - tcma_check(desc, bit55, allocation_tag_from_addr(addr))) { + if (!tbi_check(mtedesc, bit55) || + tcma_check(mtedesc, bit55, allocation_tag_from_addr(addr))) { mtedesc =3D 0; } =20 --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552157466667.4610494758393; Wed, 21 Feb 2024 13:49:17 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuSm-0007KI-RZ; Wed, 21 Feb 2024 16:49:13 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuSl-0007FK-Jb; Wed, 21 Feb 2024 16:49:11 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuSj-0007bB-DV; Wed, 21 Feb 2024 16:49:11 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 757D94F872; Thu, 22 Feb 2024 00:47:47 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 1ECF3869F3; Thu, 22 Feb 2024 00:47:25 +0300 (MSK) Received: (nullmailer pid 2339890 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Peter Maydell , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Richard Henderson , Michael Tokarev Subject: [Stable-7.2.10 22/33] target/arm: Don't get MDCR_EL2 in pmu_counter_enabled() before checking ARM_FEATURE_PMU Date: Thu, 22 Feb 2024 00:47:05 +0300 Message-Id: <20240221214723.2339742-22-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552158772100001 From: Peter Maydell It doesn't make sense to read the value of MDCR_EL2 on a non-A-profile CPU, and in fact if you try to do it we will assert: #6 0x00007ffff4b95e96 in __GI___assert_fail (assertion=3D0x5555565a8c70 "!arm_feature(env, ARM_FEATURE_M)", file=3D= 0x5555565a6e5c "../../target/arm/helper.c", line=3D12600, function=3D0x5555= 565a9560 <__PRETTY_FUNCTION__.0> "arm_security_space_below_el3") at ./asser= t/assert.c:101 #7 0x0000555555ebf412 in arm_security_space_below_el3 (env=3D0x555557bc819= 0) at ../../target/arm/helper.c:12600 #8 0x0000555555ea6f89 in arm_is_el2_enabled (env=3D0x555557bc8190) at ../.= ./target/arm/cpu.h:2595 #9 0x0000555555ea942f in arm_mdcr_el2_eff (env=3D0x555557bc8190) at ../../= target/arm/internals.h:1512 We might call pmu_counter_enabled() on an M-profile CPU (for example from the migration pre/post hooks in machine.c); this should always return false because these CPUs don't set ARM_FEATURE_PMU. Avoid the assertion by not calling arm_mdcr_el2_eff() before we have done the early return for "PMU not present". This fixes an assertion failure if you try to do a loadvm or savevm for an M-profile board. Cc: qemu-stable@nongnu.org Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2155 Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Richard Henderson Message-id: 20240208153346.970021-1-peter.maydell@linaro.org (cherry picked from commit ac1d88e9e7ca0bed83e91e07ce6d0597f10cc77d) Signed-off-by: Michael Tokarev diff --git a/target/arm/helper.c b/target/arm/helper.c index 343acfab3a..2e284e048c 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -1125,13 +1125,21 @@ static bool pmu_counter_enabled(CPUARMState *env, u= int8_t counter) bool enabled, prohibited =3D false, filtered; bool secure =3D arm_is_secure(env); int el =3D arm_current_el(env); - uint64_t mdcr_el2 =3D arm_mdcr_el2_eff(env); - uint8_t hpmn =3D mdcr_el2 & MDCR_HPMN; + uint64_t mdcr_el2; + uint8_t hpmn; =20 + /* + * We might be called for M-profile cores where MDCR_EL2 doesn't + * exist and arm_mdcr_el2_eff() will assert, so this early-exit check + * must be before we read that value. + */ if (!arm_feature(env, ARM_FEATURE_PMU)) { return false; } =20 + mdcr_el2 =3D arm_mdcr_el2_eff(env); + hpmn =3D mdcr_el2 & MDCR_HPMN; + if (!arm_feature(env, ARM_FEATURE_EL2) || (counter < hpmn || counter =3D=3D 31)) { e =3D env->cp15.c9_pmcr & PMCRE; --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 170855224715456.33685508235567; Wed, 21 Feb 2024 13:50:47 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuSq-0007gk-GC; Wed, 21 Feb 2024 16:49:16 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuSo-0007X3-W5; Wed, 21 Feb 2024 16:49:15 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuSn-0007bZ-1G; Wed, 21 Feb 2024 16:49:14 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 8656E4F873; Thu, 22 Feb 2024 00:47:47 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 2F6C0869F4; Thu, 22 Feb 2024 00:47:25 +0300 (MSK) Received: (nullmailer pid 2339893 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Kevin Wolf , Stefan Hajnoczi , Peter Maydell , Michael Tokarev Subject: [Stable-7.2.10 23/33] iotests: Make 144 deterministic again Date: Thu, 22 Feb 2024 00:47:06 +0300 Message-Id: <20240221214723.2339742-23-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552249005100007 Content-Type: text/plain; charset="utf-8" From: Kevin Wolf Since commit effd60c8 changed how QMP commands are processed, the order of the block-commit return value and job events in iotests 144 wasn't fixed and more and caused the test to fail intermittently. Change the test to cache events first and then print them in a predefined order. Waiting three times for JOB_STATUS_CHANGE is a bit uglier than just waiting for the JOB_STATUS_CHANGE that has "status": "ready", but the tooling we have doesn't seem to allow the latter easily. Fixes: effd60c878176bcaf97fa7ce2b12d04bb8ead6f7 Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2126 Signed-off-by: Kevin Wolf Reviewed-by: Stefan Hajnoczi Message-id: 20240209173103.239994-1-kwolf@redhat.com Signed-off-by: Peter Maydell (cherry picked from commit cc29c12ec629ba68a4a6cb7d165c94cc8502815a) Signed-off-by: Michael Tokarev diff --git a/tests/qemu-iotests/144 b/tests/qemu-iotests/144 index bdcc498fa2..d284a0e442 100755 --- a/tests/qemu-iotests/144 +++ b/tests/qemu-iotests/144 @@ -83,12 +83,22 @@ echo echo =3D=3D=3D Performing block-commit on active layer =3D=3D=3D echo =20 +capture_events=3D"BLOCK_JOB_READY JOB_STATUS_CHANGE" + # Block commit on active layer, push the new overlay into base _send_qemu_cmd $h "{ 'execute': 'block-commit', 'arguments': { 'device': 'virtio0' } - }" "READY" + }" "return" + +_wait_event $h "JOB_STATUS_CHANGE" +_wait_event $h "JOB_STATUS_CHANGE" +_wait_event $h "JOB_STATUS_CHANGE" + +_wait_event $h "BLOCK_JOB_READY" + +capture_events=3D =20 _send_qemu_cmd $h "{ 'execute': 'block-job-complete', 'arguments': { diff --git a/tests/qemu-iotests/144.out b/tests/qemu-iotests/144.out index b3b4812015..2245ddfa10 100644 --- a/tests/qemu-iotests/144.out +++ b/tests/qemu-iotests/144.out @@ -25,9 +25,9 @@ Formatting 'TEST_DIR/tmp.qcow2', fmt=3Dqcow2 cluster_size= =3D65536 extended_l2=3Doff co 'device': 'virtio0' } } +{"return": {}} {"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event"= : "JOB_STATUS_CHANGE", "data": {"status": "created", "id": "virtio0"}} {"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event"= : "JOB_STATUS_CHANGE", "data": {"status": "running", "id": "virtio0"}} -{"return": {}} {"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event"= : "JOB_STATUS_CHANGE", "data": {"status": "ready", "id": "virtio0"}} {"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event"= : "BLOCK_JOB_READY", "data": {"device": "virtio0", "len": 0, "offset": 0, "= speed": 0, "type": "commit"}} { 'execute': 'block-job-complete', --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552334244581.1790928158601; Wed, 21 Feb 2024 13:52:14 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuSs-0007u8-C9; Wed, 21 Feb 2024 16:49:18 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuSr-0007ml-0u; Wed, 21 Feb 2024 16:49:17 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuSp-0007bu-BA; Wed, 21 Feb 2024 16:49:16 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 973114F874; Thu, 22 Feb 2024 00:47:47 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 40121869F5; Thu, 22 Feb 2024 00:47:25 +0300 (MSK) Received: (nullmailer pid 2339896 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Xiaoyao Li , Yang Weijiang , Paolo Bonzini , Michael Tokarev Subject: [Stable-7.2.10 24/33] i386/cpu: Clear FEAT_XSAVE_XSS_LO/HI leafs when CPUID_EXT_XSAVE is not available Date: Thu, 22 Feb 2024 00:47:07 +0300 Message-Id: <20240221214723.2339742-24-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552335274100001 Content-Type: text/plain; charset="utf-8" From: Xiaoyao Li Leaf FEAT_XSAVE_XSS_LO and FEAT_XSAVE_XSS_HI also need to be cleared when CPUID_EXT_XSAVE is not set. Fixes: 301e90675c3f ("target/i386: Enable support for XSAVES based features= ") Signed-off-by: Xiaoyao Li Reviewed-by: Yang Weijiang Message-ID: <20240115091325.1904229-2-xiaoyao.li@intel.com> Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini (cherry picked from commit 81f5cad3858f27623b1b14467926032d229b76cc) Signed-off-by: Michael Tokarev diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 0f71ff9fea..952fa5780f 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -6114,6 +6114,8 @@ static void x86_cpu_enable_xsave_components(X86CPU *c= pu) if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) { env->features[FEAT_XSAVE_XCR0_LO] =3D 0; env->features[FEAT_XSAVE_XCR0_HI] =3D 0; + env->features[FEAT_XSAVE_XSS_LO] =3D 0; + env->features[FEAT_XSAVE_XSS_HI] =3D 0; return; } =20 --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552281966825.1114157892882; Wed, 21 Feb 2024 13:51:21 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuTI-0001bi-OQ; Wed, 21 Feb 2024 16:49:44 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuTD-0001NF-K6; Wed, 21 Feb 2024 16:49:40 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuTA-0007c6-Ez; Wed, 21 Feb 2024 16:49:38 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id A7E4A4F875; Thu, 22 Feb 2024 00:47:47 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 50D9A869F6; Thu, 22 Feb 2024 00:47:25 +0300 (MSK) Received: (nullmailer pid 2339899 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Xiaoyao Li , Yang Weijiang , Paolo Bonzini , Michael Tokarev Subject: [Stable-7.2.10 25/33] i386/cpu: Mask with XCR0/XSS mask for FEAT_XSAVE_XCR0_HI and FEAT_XSAVE_XSS_HI leafs Date: Thu, 22 Feb 2024 00:47:08 +0300 Message-Id: <20240221214723.2339742-25-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552283163100001 Content-Type: text/plain; charset="utf-8" From: Xiaoyao Li The value of FEAT_XSAVE_XCR0_HI leaf and FEAT_XSAVE_XSS_HI leaf also need to be masked by XCR0 and XSS mask respectively, to make it logically correct. Fixes: 301e90675c3f ("target/i386: Enable support for XSAVES based features= ") Signed-off-by: Xiaoyao Li Reviewed-by: Yang Weijiang Message-ID: <20240115091325.1904229-3-xiaoyao.li@intel.com> Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini (cherry picked from commit a11a365159b944e05be76f3ec3b98c8b38cb70fd) Signed-off-by: Michael Tokarev diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 952fa5780f..52a3020032 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -6134,9 +6134,9 @@ static void x86_cpu_enable_xsave_components(X86CPU *c= pu) } =20 env->features[FEAT_XSAVE_XCR0_LO] =3D mask & CPUID_XSTATE_XCR0_MASK; - env->features[FEAT_XSAVE_XCR0_HI] =3D mask >> 32; + env->features[FEAT_XSAVE_XCR0_HI] =3D (mask & CPUID_XSTATE_XCR0_MASK) = >> 32; env->features[FEAT_XSAVE_XSS_LO] =3D mask & CPUID_XSTATE_XSS_MASK; - env->features[FEAT_XSAVE_XSS_HI] =3D mask >> 32; + env->features[FEAT_XSAVE_XSS_HI] =3D (mask & CPUID_XSTATE_XSS_MASK) >>= 32; } =20 /***** Steps involved on loading and filtering CPUID data --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552233661746.0945245257773; Wed, 21 Feb 2024 13:50:33 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuTK-00020S-Oh; Wed, 21 Feb 2024 16:49:46 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuTD-0001NH-U7; Wed, 21 Feb 2024 16:49:40 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuTC-0007cR-DX; Wed, 21 Feb 2024 16:49:39 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id B6F344F876; Thu, 22 Feb 2024 00:47:47 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 615C3869F7; Thu, 22 Feb 2024 00:47:25 +0300 (MSK) Received: (nullmailer pid 2339902 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Xiaoyao Li , Paolo Bonzini , Michael Tokarev Subject: [Stable-7.2.10 26/33] i386/cpuid: Decrease cpuid_i when skipping CPUID leaf 1F Date: Thu, 22 Feb 2024 00:47:09 +0300 Message-Id: <20240221214723.2339742-26-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552234937100001 Content-Type: text/plain; charset="utf-8" From: Xiaoyao Li Existing code misses a decrement of cpuid_i when skip leaf 0x1F. There's a blank CPUID entry(with leaf, subleaf as 0, and all fields stuffed 0s) left in the CPUID array. It conflicts with correct CPUID leaf 0. Signed-off-by: Xiaoyao Li Reviewed-by:Yang Weijiang Message-ID: <20240125024016.2521244-2-xiaoyao.li@intel.com> Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini (cherry picked from commit 10f92799af8ba3c3cef2352adcd4780f13fbab31) Signed-off-by: Michael Tokarev diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index 002b699030..5779b80ecb 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -1859,6 +1859,7 @@ int kvm_arch_init_vcpu(CPUState *cs) } case 0x1f: if (env->nr_dies < 2) { + cpuid_i--; break; } /* fallthrough */ --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552343617311.08743991080314; Wed, 21 Feb 2024 13:52:23 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuTP-0002r8-R2; Wed, 21 Feb 2024 16:49:51 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuTG-0001aY-Tz; Wed, 21 Feb 2024 16:49:43 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuTF-0007hD-74; Wed, 21 Feb 2024 16:49:42 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id CA7444F877; Thu, 22 Feb 2024 00:47:47 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 7506A869F8; Thu, 22 Feb 2024 00:47:25 +0300 (MSK) Received: (nullmailer pid 2339905 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Xiaoyao Li , Paolo Bonzini , Michael Tokarev Subject: [Stable-7.2.10 27/33] i386/cpuid: Move leaf 7 to correct group Date: Thu, 22 Feb 2024 00:47:10 +0300 Message-Id: <20240221214723.2339742-27-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552345288100004 Content-Type: text/plain; charset="utf-8" From: Xiaoyao Li CPUID leaf 7 was grouped together with SGX leaf 0x12 by commit b9edbadefb9e ("i386: Propagate SGX CPUID sub-leafs to KVM") by mistake. SGX leaf 0x12 has its specific logic to check if subleaf (starting from 2) is valid or not by checking the bit 0:3 of corresponding EAX is 1 or not. Leaf 7 follows the logic that EAX of subleaf 0 enumerates the maximum valid subleaf. Fixes: b9edbadefb9e ("i386: Propagate SGX CPUID sub-leafs to KVM") Signed-off-by: Xiaoyao Li Message-ID: <20240125024016.2521244-4-xiaoyao.li@intel.com> Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini (cherry picked from commit 0729857c707535847d7fe31d3d91eb8b2a118e3c) Signed-off-by: Michael Tokarev diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index 5779b80ecb..4d83bb5784 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -1900,7 +1900,6 @@ int kvm_arch_init_vcpu(CPUState *cs) c =3D &cpuid_data.entries[cpuid_i++]; } break; - case 0x7: case 0x12: for (j =3D 0; ; j++) { c->function =3D i; @@ -1920,6 +1919,7 @@ int kvm_arch_init_vcpu(CPUState *cs) c =3D &cpuid_data.entries[cpuid_i++]; } break; + case 0x7: case 0x14: case 0x1d: case 0x1e: { --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552205636616.0747181596346; Wed, 21 Feb 2024 13:50:05 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuTK-0001tN-7p; Wed, 21 Feb 2024 16:49:46 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuTH-0001aZ-6t; Wed, 21 Feb 2024 16:49:43 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuTF-0007hJ-Hm; Wed, 21 Feb 2024 16:49:42 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id DA5724F878; Thu, 22 Feb 2024 00:47:47 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 84223869F9; Thu, 22 Feb 2024 00:47:25 +0300 (MSK) Received: (nullmailer pid 2339908 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Ziqiao Kong , Paolo Bonzini , Michael Tokarev Subject: [Stable-7.2.10 28/33] target/i386: Generate an illegal opcode exception on cmp instructions with lock prefix Date: Thu, 22 Feb 2024 00:47:11 +0300 Message-Id: <20240221214723.2339742-28-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552206876100001 Content-Type: text/plain; charset="utf-8" From: Ziqiao Kong target/i386: As specified by Intel Manual Vol2 3-180, cmp instructions are not allowed to have lock prefix and a `UD` should be raised. Without this patch, s1->T0 will be uninitialized and used in the case OP_CMPL. Signed-off-by: Ziqiao Kong Message-ID: <20240215095015.570748-2-ziqiaokong@gmail.com> Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini (cherry picked from commit 99d0dcd7f102c07a510200d768cae65e5db25d23) Signed-off-by: Michael Tokarev diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c index 68c42fd9ff..abacb91ddf 100644 --- a/target/i386/tcg/translate.c +++ b/target/i386/tcg/translate.c @@ -1501,12 +1501,13 @@ static bool check_iopl(DisasContext *s) /* if d =3D=3D OR_TMP0, it means memory operand (address in A0) */ static void gen_op(DisasContext *s1, int op, MemOp ot, int d) { + /* Invalid lock prefix when destination is not memory or OP_CMPL. */ + if ((d !=3D OR_TMP0 || op =3D=3D OP_CMPL) && s1->prefix & PREFIX_LOCK)= { + gen_illegal_opcode(s1); + return; + } + if (d !=3D OR_TMP0) { - if (s1->prefix & PREFIX_LOCK) { - /* Lock prefix when destination is not memory. */ - gen_illegal_opcode(s1); - return; - } gen_op_mov_v_reg(s1, ot, s1->T0, d); } else if (!(s1->prefix & PREFIX_LOCK)) { gen_op_ld_v(s1, ot, s1->T0, s1->A0); --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552238528748.0439873250687; Wed, 21 Feb 2024 13:50:38 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuTO-0002rG-RV; Wed, 21 Feb 2024 16:49:51 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuTK-0001xK-64; Wed, 21 Feb 2024 16:49:46 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuTI-0007iB-EX; Wed, 21 Feb 2024 16:49:45 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id E8C094F879; Thu, 22 Feb 2024 00:47:47 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 935C0869FA; Thu, 22 Feb 2024 00:47:25 +0300 (MSK) Received: (nullmailer pid 2339911 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Michael Tokarev Subject: [Stable-7.2.10 29/33] ui: reject extended clipboard message if not activated Date: Thu, 22 Feb 2024 00:47:12 +0300 Message-Id: <20240221214723.2339742-29-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552238941100001 From: Daniel P. Berrang=C3=A9 The extended clipboard message protocol requires that the client activate the extension by requesting a psuedo encoding. If this is not done, then any extended clipboard messages from the client should be considered invalid and the client dropped. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Marc-Andr=C3=A9 Lureau Message-Id: <20240115095119.654271-1-berrange@redhat.com> (cherry picked from commit 4cba8388968b70fe20e290221dc421c717051fdd) Signed-off-by: Michael Tokarev diff --git a/ui/vnc.c b/ui/vnc.c index 1ca16c0ff6..629a500adc 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -2456,6 +2456,11 @@ static int protocol_client_msg(VncState *vs, uint8_t= *data, size_t len) } =20 if (read_s32(data, 4) < 0) { + if (!vnc_has_feature(vs, VNC_FEATURE_CLIPBOARD_EXT)) { + error_report("vnc: extended clipboard message while disabl= ed"); + vnc_client_error(vs); + break; + } if (dlen < 4) { error_report("vnc: malformed payload (header less than 4 b= ytes)" " in extended clipboard pseudo-encoding."); --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552322775992.3261103046478; Wed, 21 Feb 2024 13:52:02 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuTo-0004UO-Pu; Wed, 21 Feb 2024 16:50:17 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuTf-0004EA-0L; Wed, 21 Feb 2024 16:50:07 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuTc-0007iH-NW; Wed, 21 Feb 2024 16:50:06 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 112D64F87A; Thu, 22 Feb 2024 00:47:48 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id A2BF9869FB; Thu, 22 Feb 2024 00:47:25 +0300 (MSK) Received: (nullmailer pid 2339914 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Fiona Ebner , Markus Frank , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Michael Tokarev Subject: [Stable-7.2.10 30/33] ui/clipboard: mark type as not available when there is no data Date: Thu, 22 Feb 2024 00:47:13 +0300 Message-Id: <20240221214723.2339742-30-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552323616100001 From: Fiona Ebner With VNC, a client can send a non-extended VNC_MSG_CLIENT_CUT_TEXT message with len=3D0. In qemu_clipboard_set_data(), the clipboard info will be updated setting data to NULL (because g_memdup(data, size) returns NULL when size is 0). If the client does not set the VNC_ENCODING_CLIPBOARD_EXT feature when setting up the encodings, then the 'request' callback for the clipboard peer is not initialized. Later, because data is NULL, qemu_clipboard_request() can be reached via vdagent_chr_write() and vdagent_clipboard_recv_request() and there, the clipboard owner's 'request' callback will be attempted to be called, but that is a NULL pointer. In particular, this can happen when using the KRDC (22.12.3) VNC client. Another scenario leading to the same issue is with two clients (say noVNC and KRDC): The noVNC client sets the extension VNC_FEATURE_CLIPBOARD_EXT and initializes its cbpeer. The KRDC client does not, but triggers a vnc_client_cut_text() (note it's not the _ext variant)). There, a new clipboard info with it as the 'owner' is created and via qemu_clipboard_set_data() is called, which in turn calls qemu_clipboard_update() with that info. In qemu_clipboard_update(), the notifier for the noVNC client will be called, i.e. vnc_clipboard_notify() and also set vs->cbinfo for the noVNC client. The 'owner' in that clipboard info is the clipboard peer for the KRDC client, which did not initialize the 'request' function. That sounds correct to me, it is the owner of that clipboard info. Then when noVNC sends a VNC_MSG_CLIENT_CUT_TEXT message (it did set the VNC_FEATURE_CLIPBOARD_EXT feature correctly, so a check for it passes), that clipboard info is passed to qemu_clipboard_request() and the original segfault still happens. Fix the issue by handling updates with size 0 differently. In particular, mark in the clipboard info that the type is not available. While at it, switch to g_memdup2(), because g_memdup() is deprecated. Cc: qemu-stable@nongnu.org Fixes: CVE-2023-6683 Reported-by: Markus Frank Suggested-by: Marc-Andr=C3=A9 Lureau Signed-off-by: Fiona Ebner Reviewed-by: Marc-Andr=C3=A9 Lureau Tested-by: Markus Frank Message-ID: <20240124105749.204610-1-f.ebner@proxmox.com> (cherry picked from commit 405484b29f6548c7b86549b0f961b906337aa68a) Signed-off-by: Michael Tokarev diff --git a/ui/clipboard.c b/ui/clipboard.c index 3d14bffaf8..b3f6fa3c9e 100644 --- a/ui/clipboard.c +++ b/ui/clipboard.c @@ -163,9 +163,15 @@ void qemu_clipboard_set_data(QemuClipboardPeer *peer, } =20 g_free(info->types[type].data); - info->types[type].data =3D g_memdup(data, size); - info->types[type].size =3D size; - info->types[type].available =3D true; + if (size) { + info->types[type].data =3D g_memdup2(data, size); + info->types[type].size =3D size; + info->types[type].available =3D true; + } else { + info->types[type].data =3D NULL; + info->types[type].size =3D 0; + info->types[type].available =3D false; + } =20 if (update) { qemu_clipboard_update(info); --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552330142892.8411258100911; Wed, 21 Feb 2024 13:52:10 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuU0-0004zw-BU; Wed, 21 Feb 2024 16:50:29 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuTl-0004KE-U8; Wed, 21 Feb 2024 16:50:14 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuTf-0007in-Jy; Wed, 21 Feb 2024 16:50:13 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 1FED94F87B; Thu, 22 Feb 2024 00:47:48 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id BED9B869FC; Thu, 22 Feb 2024 00:47:25 +0300 (MSK) Received: (nullmailer pid 2339918 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Fiona Ebner , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Michael Tokarev Subject: [Stable-7.2.10 31/33] ui/clipboard: add asserts for update and request Date: Thu, 22 Feb 2024 00:47:14 +0300 Message-Id: <20240221214723.2339742-31-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_TEMPERROR=0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552331281100006 From: Fiona Ebner Should an issue like CVE-2023-6683 ever appear again in the future, it will be more obvious which assumption was violated. Suggested-by: Marc-Andr=C3=A9 Lureau Signed-off-by: Fiona Ebner Reviewed-by: Marc-Andr=C3=A9 Lureau Message-ID: <20240124105749.204610-2-f.ebner@proxmox.com> (cherry picked from commit 9c416582611b7495bdddb4c5456c7acb64b78938) Signed-off-by: Michael Tokarev diff --git a/ui/clipboard.c b/ui/clipboard.c index b3f6fa3c9e..4264884a6c 100644 --- a/ui/clipboard.c +++ b/ui/clipboard.c @@ -65,12 +65,24 @@ bool qemu_clipboard_check_serial(QemuClipboardInfo *inf= o, bool client) =20 void qemu_clipboard_update(QemuClipboardInfo *info) { + uint32_t type; QemuClipboardNotify notify =3D { .type =3D QEMU_CLIPBOARD_UPDATE_INFO, .info =3D info, }; assert(info->selection < QEMU_CLIPBOARD_SELECTION__COUNT); =20 + for (type =3D 0; type < QEMU_CLIPBOARD_TYPE__COUNT; type++) { + /* + * If data is missing, the clipboard owner's 'request' callback ne= eds to + * be set. Otherwise, there is no way to get the clipboard data and + * qemu_clipboard_request() cannot be called. + */ + if (info->types[type].available && !info->types[type].data) { + assert(info->owner && info->owner->request); + } + } + notifier_list_notify(&clipboard_notifiers, ¬ify); =20 if (cbinfo[info->selection] !=3D info) { @@ -132,6 +144,8 @@ void qemu_clipboard_request(QemuClipboardInfo *info, !info->owner) return; =20 + assert(info->owner->request); + info->types[type].requested =3D true; info->owner->request(info, type); } --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708552300481661.7061621110336; Wed, 21 Feb 2024 13:51:40 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuTp-0004dd-VQ; Wed, 21 Feb 2024 16:50:18 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuTm-0004KH-L4; Wed, 21 Feb 2024 16:50:14 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuTj-0007xz-NS; Wed, 21 Feb 2024 16:50:14 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 2F94E4F87C; Thu, 22 Feb 2024 00:47:48 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id CE3AC869FD; Thu, 22 Feb 2024 00:47:25 +0300 (MSK) Received: (nullmailer pid 2339921 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Tianlan Zhou , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Michael Tokarev Subject: [Stable-7.2.10 32/33] ui/console: Fix console resize with placeholder surface Date: Thu, 22 Feb 2024 00:47:15 +0300 Message-Id: <20240221214723.2339742-32-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552301196100001 From: Tianlan Zhou In `qemu_console_resize()`, the old surface of the console is keeped if the= new console size is the same as the old one. If the old surface is a placeholde= r, and the new size of console is the same as the placeholder surface (640*480= ), the surface won't be replace. In this situation, the surface's `QEMU_PLACEHOLDER_FLAG` flag is still set,= so the console won't be displayed in SDL display mode. This patch fixes this problem by forcing a new surface if the old one is a placeholder. Signed-off-by: Tianlan Zhou Reviewed-by: Marc-Andr=C3=A9 Lureau Message-ID: <20240207172024.8-1-bobby825@126.com> (cherry picked from commit 95b08fee8f68d284a5028d37fd28be7a70c8e92b) Signed-off-by: Michael Tokarev diff --git a/ui/console.c b/ui/console.c index 52414d6aa3..269cf27163 100644 --- a/ui/console.c +++ b/ui/console.c @@ -2583,7 +2583,7 @@ void qemu_console_resize(QemuConsole *s, int width, i= nt height) assert(s->console_type =3D=3D GRAPHIC_CONSOLE); =20 if ((s->scanout.kind !=3D SCANOUT_SURFACE || - (surface && surface->flags & QEMU_ALLOCATED_FLAG)) && + (surface && !is_buffer_shared(surface) && !is_placeholder(surface= ))) && qemu_console_get_width(s, -1) =3D=3D width && qemu_console_get_height(s, -1) =3D=3D height) { return; --=20 2.39.2 From nobody Tue Nov 26 08:48:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 170855234397410.516247759330327; Wed, 21 Feb 2024 13:52:23 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rcuU9-0005MD-Ta; Wed, 21 Feb 2024 16:50:41 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuTv-0004tn-B1; Wed, 21 Feb 2024 16:50:24 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rcuTo-0007yp-HX; Wed, 21 Feb 2024 16:50:22 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 3F6D44F87D; Thu, 22 Feb 2024 00:47:48 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id DDBFA869FE; Thu, 22 Feb 2024 00:47:25 +0300 (MSK) Received: (nullmailer pid 2339924 invoked by uid 1000); Wed, 21 Feb 2024 21:47:23 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Akihiko Odaki , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Michael Tokarev Subject: [Stable-7.2.10 33/33] audio: Depend on dbus_display1_dep Date: Thu, 22 Feb 2024 00:47:16 +0300 Message-Id: <20240221214723.2339742-33-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1708552345288100003 From: Akihiko Odaki dbusaudio needs dbus_display1_dep. Fixes: 739362d4205c ("audio: add "dbus" audio backend") Signed-off-by: Akihiko Odaki Reviewed-by: Marc-Andr=C3=A9 Lureau Message-Id: <20240214-dbus-v7-1-7eff29f04c34@daynix.com> (cherry picked from commit d67611907590a1e6c998b7c5a5cb4394acf84329) Signed-off-by: Michael Tokarev (Mjt: fixup in audio/meson.build due to missing v8.0.0-2306-ga95a464777 "audio: dbus requires pixman") diff --git a/audio/meson.build b/audio/meson.build index 34aed78342..ce171f710d 100644 --- a/audio/meson.build +++ b/audio/meson.build @@ -29,7 +29,8 @@ endforeach =20 if dbus_display module_ss =3D ss.source_set() - module_ss.add(when: gio, if_true: files('dbusaudio.c')) + module_ss.add(when: [gio, dbus_display1_dep], + if_true: files('dbusaudio.c')) audio_modules +=3D {'dbus': module_ss} endif =20 --=20 2.39.2