From b3fbad895777bff127fa4a8619968e0cd2eb1dcc Mon Sep 17 00:00:00 2001 From: "Danilo C. L. de Paula" Date: Tue, 23 Jul 2019 15:53:44 +0100 Subject: [PATCH] * Tue Jul 23 2019 Danilo Cesar Lemes de Paula - 4.0.0-6.el8 - kvm-x86_64-rh-devices-add-missing-TPM-passthrough.patch [bz#1519013] - kvm-x86_64-rh-devices-enable-TPM-emulation.patch [bz#1519013] - kvm-vfio-increase-the-cap-on-number-of-assigned-devices-.patch [bz#1719823] - Resolves: bz#1519013 ([RFE] QEMU Software TPM support (vTPM, or TPM emulation)) - Resolves: bz#1719823 ([RHEL 8.1] [RFE] increase the maximum of vfio devices to more than 32 in qemu-kvm) --- ...e-cap-on-number-of-assigned-devices-.patch | 111 ++++++++++++++++++ ...-devices-add-missing-TPM-passthrough.patch | 40 +++++++ ...6_64-rh-devices-enable-TPM-emulation.patch | 53 +++++++++ qemu-kvm.spec | 17 ++- 4 files changed, 220 insertions(+), 1 deletion(-) create mode 100644 kvm-vfio-increase-the-cap-on-number-of-assigned-devices-.patch create mode 100644 kvm-x86_64-rh-devices-add-missing-TPM-passthrough.patch create mode 100644 kvm-x86_64-rh-devices-enable-TPM-emulation.patch diff --git a/kvm-vfio-increase-the-cap-on-number-of-assigned-devices-.patch b/kvm-vfio-increase-the-cap-on-number-of-assigned-devices-.patch new file mode 100644 index 0000000..61a853a --- /dev/null +++ b/kvm-vfio-increase-the-cap-on-number-of-assigned-devices-.patch @@ -0,0 +1,111 @@ +From 2b89558946fc396c6ecb10249b69960d2a74e18f Mon Sep 17 00:00:00 2001 +From: Bandan Das +Date: Wed, 12 Jun 2019 16:56:23 +0100 +Subject: [PATCH 3/3] vfio: increase the cap on number of assigned devices to + 64 + +RH-Author: Bandan Das +Message-id: +Patchwork-id: 88653 +O-Subject: [RHEL-AV-8.1.0 qemu-kvm PATCH] vfio: increase the cap on number of assigned devices to 64 +Bugzilla: 1719823 +RH-Acked-by: Alex Williamson +RH-Acked-by: Auger Eric +RH-Acked-by: Laszlo Ersek + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1719823 +Brew: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=22124174 +Branch: rhel-av-8.1.0/master-4.0.0 +Upstrea: N/A, the device limit change is downstream only + +In addition to bumping up the limit, also add a property for +future-proofing. This needs to be set for every assigned device +or via "global": -global vfio-pci.x-assigned-device-limit + +RHEL Notes: +For each vm using vfio, there is at least a container fd. For +each assigned device, there is likely a group fd, a device fd, +an error signaling fd and a device request fd. Assuming SR-IOV +VFs, vectors/device considering MSI/MSI-X could be ~3-5. Therefore, +we have ~14 file descriptors per device or 897 for 64 devices. +The default open fd limit is 1024 on Linux but libvirt bumps it to +8192 and the qemu process inherits that value as well. + +Signed-off-by: Bandan Das +Signed-off-by: Danilo C. L. de Paula +--- + hw/vfio/pci.c | 20 +++++++++++++++++--- + hw/vfio/pci.h | 1 + + 2 files changed, 18 insertions(+), 3 deletions(-) + +diff --git a/hw/vfio/pci.c b/hw/vfio/pci.c +index 7c998af..7c0d93a 100644 +--- a/hw/vfio/pci.c ++++ b/hw/vfio/pci.c +@@ -36,11 +36,13 @@ + #include "qapi/error.h" + + #define MSIX_CAP_LENGTH 12 +-#define MAX_DEV_ASSIGN_CMDLINE 32 + + #define TYPE_VFIO_PCI "vfio-pci" + #define PCI_VFIO(obj) OBJECT_CHECK(VFIOPCIDevice, obj, TYPE_VFIO_PCI) + ++/* RHEL only: Set once for the first assigned dev */ ++static uint16_t device_limit; ++ + static void vfio_disable_interrupts(VFIOPCIDevice *vdev); + static void vfio_mmap_set_enabled(VFIOPCIDevice *vdev, bool enabled); + +@@ -2810,15 +2812,24 @@ static void vfio_realize(PCIDevice *pdev, Error **errp) + int ret, i = 0; + bool is_mdev; + ++ if (device_limit && device_limit != vdev->assigned_device_limit) { ++ error_setg(errp, "Assigned device limit has been redefined. " ++ "Old:%d, New:%d", ++ device_limit, vdev->assigned_device_limit); ++ return; ++ } else { ++ device_limit = vdev->assigned_device_limit; ++ } ++ + QLIST_FOREACH(group, &vfio_group_list, next) { + QLIST_FOREACH(vbasedev_iter, &group->device_list, next) { + i++; + } + } + +- if (i >= MAX_DEV_ASSIGN_CMDLINE) { ++ if (i >= vdev->assigned_device_limit) { + error_setg(errp, "Maximum supported vfio devices (%d) " +- "already attached", MAX_DEV_ASSIGN_CMDLINE); ++ "already attached", vdev->assigned_device_limit); + return; + } + +@@ -3223,6 +3234,9 @@ static Property vfio_pci_dev_properties[] = { + DEFINE_PROP_BOOL("x-no-kvm-msix", VFIOPCIDevice, no_kvm_msix, false), + DEFINE_PROP_BOOL("x-no-geforce-quirks", VFIOPCIDevice, + no_geforce_quirks, false), ++ /* RHEL only */ ++ DEFINE_PROP_UINT16("x-assigned-device-limit", VFIOPCIDevice, ++ assigned_device_limit, 64), + DEFINE_PROP_BOOL("x-no-kvm-ioeventfd", VFIOPCIDevice, no_kvm_ioeventfd, + false), + DEFINE_PROP_BOOL("x-no-vfio-ioeventfd", VFIOPCIDevice, no_vfio_ioeventfd, +diff --git a/hw/vfio/pci.h b/hw/vfio/pci.h +index c11c3f1..29a8add 100644 +--- a/hw/vfio/pci.h ++++ b/hw/vfio/pci.h +@@ -136,6 +136,7 @@ typedef struct VFIOPCIDevice { + EventNotifier err_notifier; + EventNotifier req_notifier; + int (*resetfn)(struct VFIOPCIDevice *); ++ uint16_t assigned_device_limit; + uint32_t vendor_id; + uint32_t device_id; + uint32_t sub_vendor_id; +-- +1.8.3.1 + diff --git a/kvm-x86_64-rh-devices-add-missing-TPM-passthrough.patch b/kvm-x86_64-rh-devices-add-missing-TPM-passthrough.patch new file mode 100644 index 0000000..0f52f10 --- /dev/null +++ b/kvm-x86_64-rh-devices-add-missing-TPM-passthrough.patch @@ -0,0 +1,40 @@ +From 495a27daa8ca91bb357a065c986552c3375eda82 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= +Date: Fri, 24 May 2019 18:40:01 +0100 +Subject: [PATCH 1/3] x86_64-rh-devices: add missing TPM passthrough +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Marc-André Lureau +Message-id: <20190524184002.14050-2-marcandre.lureau@redhat.com> +Patchwork-id: 88230 +O-Subject: [RHEL-AV-8.1.0 qemu-kvm PATCH 1/2] x86_64-rh-devices: add missing TPM passthrough +Bugzilla: 1519013 +RH-Acked-by: Philippe Mathieu-Daudé +RH-Acked-by: Laszlo Ersek +RH-Acked-by: Dr. David Alan Gilbert + +The TPM passthrough support got lost with 4.0 rebase, due to +configure/Kconfig changes. + +Signed-off-by: Marc-André Lureau +Signed-off-by: Danilo C. L. de Paula +--- + default-configs/x86_64-rh-devices.mak | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/default-configs/x86_64-rh-devices.mak b/default-configs/x86_64-rh-devices.mak +index 05ad6cf..8079fa7 100644 +--- a/default-configs/x86_64-rh-devices.mak ++++ b/default-configs/x86_64-rh-devices.mak +@@ -92,3 +92,6 @@ CONFIG_VTD=y + CONFIG_WDT_IB6300ESB=y + CONFIG_WDT_IB700=y + CONFIG_XIO3130=y ++CONFIG_TPM_CRB=y ++CONFIG_TPM_TIS=y ++CONFIG_TPM_PASSTHROUGH=y +-- +1.8.3.1 + diff --git a/kvm-x86_64-rh-devices-enable-TPM-emulation.patch b/kvm-x86_64-rh-devices-enable-TPM-emulation.patch new file mode 100644 index 0000000..e5c7beb --- /dev/null +++ b/kvm-x86_64-rh-devices-enable-TPM-emulation.patch @@ -0,0 +1,53 @@ +From e1fe9feada882ece852c66f123535a98ea2230ce Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= +Date: Fri, 24 May 2019 18:40:02 +0100 +Subject: [PATCH 2/3] x86_64-rh-devices: enable TPM emulation +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Marc-André Lureau +Message-id: <20190524184002.14050-3-marcandre.lureau@redhat.com> +Patchwork-id: 88229 +O-Subject: [RHEL-AV-8.1.0 qemu-kvm PATCH 2/2] x86_64-rh-devices: enable TPM emulation +Bugzilla: 1519013 +RH-Acked-by: Philippe Mathieu-Daudé +RH-Acked-by: Laszlo Ersek +RH-Acked-by: Dr. David Alan Gilbert + +Remove the useless & misleading configure lines. + +Signed-off-by: Marc-André Lureau +Signed-off-by: Danilo C. L. de Paula +--- + configure | 3 --- + default-configs/x86_64-rh-devices.mak | 1 + + 2 files changed, 1 insertion(+), 3 deletions(-) + +diff --git a/configure b/configure +index 8cb6740..638c881 100755 +--- a/configure ++++ b/configure +@@ -2412,9 +2412,6 @@ if test "$seccomp" != "no" ; then + fi + fi + +-# RHEL8-specific, only passthrough for now, rhbz#1688312 +-tpm_emulator=no +- + ########################################## + # xen probe + +diff --git a/default-configs/x86_64-rh-devices.mak b/default-configs/x86_64-rh-devices.mak +index 8079fa7..906b42d 100644 +--- a/default-configs/x86_64-rh-devices.mak ++++ b/default-configs/x86_64-rh-devices.mak +@@ -94,4 +94,5 @@ CONFIG_WDT_IB700=y + CONFIG_XIO3130=y + CONFIG_TPM_CRB=y + CONFIG_TPM_TIS=y ++CONFIG_TPM_EMULATOR=y + CONFIG_TPM_PASSTHROUGH=y +-- +1.8.3.1 + diff --git a/qemu-kvm.spec b/qemu-kvm.spec index 3e46a8a..16c7a39 100644 --- a/qemu-kvm.spec +++ b/qemu-kvm.spec @@ -67,7 +67,7 @@ Obsoletes: %1-rhev Summary: QEMU is a machine emulator and virtualizer Name: qemu-kvm Version: 4.0.0 -Release: 5%{?dist} +Release: 6%{?dist} # Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped Epoch: 15 License: GPLv2 and GPLv2+ and CC-BY @@ -164,6 +164,12 @@ Patch39: kvm-block-file-posix-Unaligned-O_DIRECT-block-status.patch Patch40: kvm-iotests-Test-unaligned-raw-images-with-O_DIRECT.patch # For bz#1707118 - enable device: bochs-display (QEMU) Patch41: kvm-rh-set-CONFIG_BOCHS_DISPLAY-y-for-x86.patch +# For bz#1519013 - [RFE] QEMU Software TPM support (vTPM, or TPM emulation) +Patch42: kvm-x86_64-rh-devices-add-missing-TPM-passthrough.patch +# For bz#1519013 - [RFE] QEMU Software TPM support (vTPM, or TPM emulation) +Patch43: kvm-x86_64-rh-devices-enable-TPM-emulation.patch +# For bz#1719823 - [RHEL 8.1] [RFE] increase the maximum of vfio devices to more than 32 in qemu-kvm +Patch44: kvm-vfio-increase-the-cap-on-number-of-assigned-devices-.patch BuildRequires: zlib-devel BuildRequires: glib2-devel @@ -1087,6 +1093,15 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \ %changelog +* Tue Jul 23 2019 Danilo Cesar Lemes de Paula - 4.0.0-6.el8 +- kvm-x86_64-rh-devices-add-missing-TPM-passthrough.patch [bz#1519013] +- kvm-x86_64-rh-devices-enable-TPM-emulation.patch [bz#1519013] +- kvm-vfio-increase-the-cap-on-number-of-assigned-devices-.patch [bz#1719823] +- Resolves: bz#1519013 + ([RFE] QEMU Software TPM support (vTPM, or TPM emulation)) +- Resolves: bz#1719823 + ([RHEL 8.1] [RFE] increase the maximum of vfio devices to more than 32 in qemu-kvm) + * Mon Jul 08 2019 Miroslav Rezanina - 4.0.0-5.el8 - kvm-qemu-kvm.spec-bump-libseccomp-2.4.0.patch [bz#1720306] - kvm-qxl-check-release-info-object.patch [bz#1712717]