rpms/qemu-kvm
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import qemu-kvm-6.2.0-11.el9_0.2

Browse Source
This commit is contained in:
CentOS Sources 2022-04-05 06:21:07 -04:00 committed by Stepan Oksanichenko
parent 08c43ad4d9
commit b75f8fdbdb
26 changed files with 1653 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

110
SOURCES/kvm-RHEL-mark-old-machine-types-as-deprecated.patch Normal file
View File

@ -0,0 +1,110 @@
From dcc64971bf25e5c2303d551fb2fef448a5e8f4fd Mon Sep 17 00:00:00 2001
From: Cornelia Huck <cohuck@redhat.com>
Date: Thu, 3 Mar 2022 10:57:37 +0100
Subject: [PATCH 1/5] RHEL: mark old machine types as deprecated
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Cornelia Huck <cohuck@redhat.com>
RH-MergeRequest: 119: RHEL: mark old machine types as deprecated
RH-Commit: [1/1] 5d7531d23fac5dd67c3cc202f538b25f26393600 (cohuck/qemu-kvm)
RH-Bugzilla: 2052050
RH-Acked-by: Thomas Huth <thuth@redhat.com>
RH-Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
RH-Acked-by: Daniel P. Berrangé <berrange@redhat.com>
We want to make it obvious that we consider machine types for older
RHEL major releases to be deprecated; we only carry them for
compatibility purposes.
Let's mark all rhel-7.x and rhel-8.x machine type as deprecated via
QEMU's existing deprecation mechanism; those machine types will
continue to work as expected, but commands like 'virsh capabilities',
'virsh dominfo', or the libvirt log will tag the machine as
deprecated.
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
---
hw/core/machine.c | 6 ++++++
hw/i386/pc_piix.c | 4 ++++
hw/i386/pc_q35.c | 4 ++++
hw/s390x/s390-virtio-ccw.c | 3 +++
include/hw/boards.h | 2 ++
5 files changed, 19 insertions(+)
diff --git a/hw/core/machine.c b/hw/core/machine.c
index 669d3d8b91..5fae55d6cd 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -37,6 +37,12 @@
#include "hw/virtio/virtio.h"
#include "hw/virtio/virtio-pci.h"
+/*
+ * RHEL only: machine types for previous major releases are deprecated
+ */
+const char *rhel_old_machine_deprecation =
+ "machine types for previous major releases are deprecated";
+
/*
* Mostly the same as hw_compat_6_0 and hw_compat_6_1
*/
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index fccb7f5fc9..cf68d7498c 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -989,6 +989,10 @@ static void pc_machine_rhel760_options(MachineClass *m)
m->desc = "RHEL 7.6.0 PC (i440FX + PIIX, 1996)";
m->async_pf_vmexit_disable = true;
m->smbus_no_migration_support = true;
+
+ /* All RHEL machines for prior major releases are deprecated */
+ m->deprecation_reason = rhel_old_machine_deprecation;
+
pcmc->pvh_enabled = false;
pcmc->default_cpu_version = CPU_VERSION_LEGACY;
pcmc->kvmclock_create_always = false;
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index bf9ad32f0e..c8e06da084 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -674,6 +674,10 @@ static void pc_q35_machine_rhel860_options(MachineClass *m)
pc_q35_machine_rhel900_options(m);
m->desc = "RHEL-8.6.0 PC (Q35 + ICH9, 2009)";
m->alias = NULL;
+
+ /* All RHEL machines for prior major releases are deprecated */
+ m->deprecation_reason = rhel_old_machine_deprecation;
+
pcmc->smbios_stream_product = "RHEL-AV";
pcmc->smbios_stream_version = "8.6.0";
}
diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c
index 9da6e9b1d4..cc78a315e3 100644
--- a/hw/s390x/s390-virtio-ccw.c
+++ b/hw/s390x/s390-virtio-ccw.c
@@ -1121,6 +1121,9 @@ static void ccw_machine_rhel860_instance_options(MachineState *machine)
static void ccw_machine_rhel860_class_options(MachineClass *mc)
{
ccw_machine_rhel900_class_options(mc);
+
+ /* All RHEL machines for prior major releases are deprecated */
+ mc->deprecation_reason = rhel_old_machine_deprecation;
}
DEFINE_CCW_MACHINE(rhel860, "rhel8.6.0", false);
diff --git a/include/hw/boards.h b/include/hw/boards.h
index 3c3d2ad450..21d8d5528e 100644
--- a/include/hw/boards.h
+++ b/include/hw/boards.h
@@ -464,4 +464,6 @@ extern const size_t hw_compat_rhel_8_0_len;
extern GlobalProperty hw_compat_rhel_7_6[];
extern const size_t hw_compat_rhel_7_6_len;
+extern const char *rhel_old_machine_deprecation;
+
#endif
--
2.31.1

45
SOURCES/kvm-Revert-ui-clipboard-Don-t-use-g_autoptr-just-to-free.patch Normal file
View File

@ -0,0 +1,45 @@
From 213d2c6d3138f3570bca36edaacfd1ee86b18967 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Fri, 4 Feb 2022 06:45:51 +0100
Subject: [PATCH 1/6] Revert "ui/clipboard: Don't use g_autoptr just to free a
variable"
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Gerd Hoffmann <kraxel@redhat.com>
RH-MergeRequest: 75: fix vnc cut+paste crash
RH-Commit: [1/4] 0937d15054ad6e902bc22d1872231504f442ddcc (kraxel/centos-qemu-kvm)
RH-Bugzilla: 2042820
RH-Acked-by: Marc-André Lureau <marcandre.lureau@redhat.com>
RH-Acked-by: Daniel P. Berrangé <berrange@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
This reverts commit 8df1ea81ee6c674522967d056daa8d3748fa3883.
---
ui/clipboard.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/ui/clipboard.c b/ui/clipboard.c
index d53576b0f6..d7b008d62a 100644
--- a/ui/clipboard.c
+++ b/ui/clipboard.c
@@ -44,14 +44,13 @@ void qemu_clipboard_peer_release(QemuClipboardPeer *peer,
void qemu_clipboard_update(QemuClipboardInfo *info)
{
- QemuClipboardInfo *old = NULL;
+ g_autoptr(QemuClipboardInfo) old = NULL;
assert(info->selection < QEMU_CLIPBOARD_SELECTION__COUNT);
notifier_list_notify(&clipboard_notifiers, info);
old = cbinfo[info->selection];
cbinfo[info->selection] = qemu_clipboard_info_ref(info);
- g_free(old);
}
QemuClipboardInfo *qemu_clipboard_info(QemuClipboardSelection selection)
--
2.27.0

70
SOURCES/kvm-acpi-fix-OEM-ID-OEM-Table-ID-padding.patch Normal file
View File

@ -0,0 +1,70 @@
From 473b05bbdad50dc3877ab6da4ac52b5a4fc7d5e1 Mon Sep 17 00:00:00 2001
From: Igor Mammedov <imammedo@redhat.com>
Date: Wed, 12 Jan 2022 08:03:31 -0500
Subject: [PATCH 11/14] acpi: fix OEM ID/OEM Table ID padding
RH-Author: Igor Mammedov <imammedo@redhat.com>
RH-MergeRequest: 130: acpi: fix QEMU crash when started with SLIC table
RH-Commit: [7/10] 276af1aa7650e79f146c75ef4ec19f792e7e163c
RH-Bugzilla: 2043531
RH-Acked-by: Gerd Hoffmann <kraxel@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Acked-by: MST <None>
Commit [2] broke original '\0' padding of OEM ID and OEM Table ID
fields in headers of ACPI tables. While it doesn't have impact on
default values since QEMU uses 6 and 8 characters long values
respectively, it broke usecase where IDs are provided on QEMU CLI.
It shouldn't affect guest (but may cause licensing verification
issues in guest OS).
One of the broken usecases is user supplied SLIC table with IDs
shorter than max possible length, where [2] mangles IDs with extra
spaces in RSDT and FADT tables whereas guest OS expects those to
mirror the respective values of the used SLIC table.
Fix it by replacing whitespace padding with '\0' padding in
accordance with [1] and expectations of guest OS
1) ACPI spec, v2.0b
17.2 AML Grammar Definition
...
//OEM ID of up to 6 characters. If the OEM ID is
//shorter than 6 characters, it can be terminated
//with a NULL character.
2)
Fixes: 602b458201 ("acpi: Permit OEM ID and OEM table ID fields to be changed")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/707
Reported-by: Dmitry V. Orekhov <dima.orekhov@gmail.com>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Cc: qemu-stable@nongnu.org
Message-Id: <20220112130332.1648664-4-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Ani Sinha <ani@anisinha.ca>
Tested-by: Dmitry V. Orekhov dima.orekhov@gmail.com
(cherry picked from commit 748c030f360a940fe0c9382c8ca1649096c3a80d)
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
---
hw/acpi/aml-build.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/acpi/aml-build.c b/hw/acpi/aml-build.c
index b3b3310df3..65148d5b9d 100644
--- a/hw/acpi/aml-build.c
+++ b/hw/acpi/aml-build.c
@@ -1724,9 +1724,9 @@ void acpi_table_begin(AcpiTable *desc, GArray *array)
build_append_int_noprefix(array, 0, 4); /* Length */
build_append_int_noprefix(array, desc->rev, 1); /* Revision */
build_append_int_noprefix(array, 0, 1); /* Checksum */
- build_append_padded_str(array, desc->oem_id, 6, ' '); /* OEMID */
+ build_append_padded_str(array, desc->oem_id, 6, '\0'); /* OEMID */
/* OEM Table ID */
- build_append_padded_str(array, desc->oem_table_id, 8, ' ');
+ build_append_padded_str(array, desc->oem_table_id, 8, '\0');
build_append_int_noprefix(array, 1, 4); /* OEM Revision */
g_array_append_vals(array, ACPI_BUILD_APPNAME8, 4); /* Creator ID */
build_append_int_noprefix(array, 1, 4); /* Creator Revision */
--
2.31.1

100
SOURCES/kvm-acpi-fix-QEMU-crash-when-started-with-SLIC-table.patch Normal file
View File

@ -0,0 +1,100 @@
From 636a09dbe361517ac2b8d810166676b5006a6ca2 Mon Sep 17 00:00:00 2001
From: Igor Mammedov <imammedo@redhat.com>
Date: Mon, 27 Dec 2021 14:31:17 -0500
Subject: [PATCH 05/14] acpi: fix QEMU crash when started with SLIC table
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Igor Mammedov <imammedo@redhat.com>
RH-MergeRequest: 130: acpi: fix QEMU crash when started with SLIC table
RH-Commit: [1/10] 67c1d1d2358d0ba746f260dfc3c1cfc165357fd1
RH-Bugzilla: 2043531
RH-Acked-by: Gerd Hoffmann <kraxel@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Acked-by: MST <None>
if QEMU is started with used provided SLIC table blob,
-acpitable sig=SLIC,oem_id='CRASH ',oem_table_id="ME",oem_rev=00002210,asl_compiler_id="",asl_compiler_rev=00000000,data=/dev/null
it will assert with:
hw/acpi/aml-build.c:61:build_append_padded_str: assertion failed: (len <= maxlen)
and following backtrace:
...
build_append_padded_str (array=0x555556afe320, str=0x555556afdb2e "CRASH ME", maxlen=0x6, pad=0x20) at hw/acpi/aml-build.c:61
acpi_table_begin (desc=0x7fffffffd1b0, array=0x555556afe320) at hw/acpi/aml-build.c:1727
build_fadt (tbl=0x555556afe320, linker=0x555557ca3830, f=0x7fffffffd318, oem_id=0x555556afdb2e "CRASH ME", oem_table_id=0x555556afdb34 "ME") at hw/acpi/aml-build.c:2064
...
which happens due to acpi_table_begin() expecting NULL terminated
oem_id and oem_table_id strings, which is normally the case, but
in case of user provided SLIC table, oem_id points to table's blob
directly and as result oem_id became longer than expected.
Fix issue by handling oem_id consistently and make acpi_get_slic_oem()
return NULL terminated strings.
PS:
After [1] refactoring, oem_id semantics became inconsistent, where
NULL terminated string was coming from machine and old way pointer
into byte array coming from -acpitable option. That used to work
since build_header() wasn't expecting NULL terminated string and
blindly copied the 1st 6 bytes only.
However commit [2] broke that by replacing build_header() with
acpi_table_begin(), which was expecting NULL terminated string
and was checking oem_id size.
1) 602b45820 ("acpi: Permit OEM ID and OEM table ID fields to be changed")
2)
Fixes: 4b56e1e4eb08 ("acpi: build_fadt: use acpi_table_begin()/acpi_table_end() instead of build_header()")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/786
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20211227193120.1084176-2-imammedo@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Denis Lisov <dennis.lissov@gmail.com>
Tested-by: Alexander Tsoy <alexander@tsoy.me>
Cc: qemu-stable@nongnu.org
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
(cherry picked from commit 8cdb99af45365727ac17f45239a9b8c1d5155c6d)
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
---
hw/acpi/core.c | 4 ++--
hw/i386/acpi-build.c | 2 ++
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/hw/acpi/core.c b/hw/acpi/core.c
index 1e004d0078..3e811bf03c 100644
--- a/hw/acpi/core.c
+++ b/hw/acpi/core.c
@@ -345,8 +345,8 @@ int acpi_get_slic_oem(AcpiSlicOem *oem)
struct acpi_table_header *hdr = (void *)(u - sizeof(hdr->_length));
if (memcmp(hdr->sig, "SLIC", 4) == 0) {
- oem->id = hdr->oem_id;
- oem->table_id = hdr->oem_table_id;
+ oem->id = g_strndup(hdr->oem_id, 6);
+ oem->table_id = g_strndup(hdr->oem_table_id, 8);
return 0;
}
}
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 8383b83ee3..0234fe7588 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -2723,6 +2723,8 @@ void acpi_build(AcpiBuildTables *tables, MachineState *machine)
/* Cleanup memory that's no longer used. */
g_array_free(table_offsets, true);
+ g_free(slic_oem.id);
+ g_free(slic_oem.table_id);
}
static void acpi_ram_update(MemoryRegion *mr, GArray *data)
--
2.31.1

130
SOURCES/kvm-acpi-pcihp-pcie-set-power-on-cap-on-parent-slot.patch Normal file
View File

@ -0,0 +1,130 @@
From a3a4fd1733e71d029e38136366e73ace8e78298b Mon Sep 17 00:00:00 2001
From: Igor Mammedov <imammedo@redhat.com>
Date: Tue, 1 Mar 2022 10:11:59 -0500
Subject: [PATCH 02/14] acpi: pcihp: pcie: set power on cap on parent slot
RH-Author: Igor Mammedov <imammedo@redhat.com>
RH-MergeRequest: 124: RHEL-9.0 Fix broken PCIe device after migration
RH-Commit: [2/2] 135602421e5fed803f7d71121380306633d490d8
RH-Bugzilla: 2053584
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: MST <None>
RH-Acked-by: Gerd Hoffmann <kraxel@redhat.com>
on creation a PCIDevice has power turned on at the end of pci_qdev_realize()
however later on if PCIe slot isn't populated with any children
it's power is turned off. It's fine if native hotplug is used
as plug callback will power slot on among other things.
However when ACPI hotplug is enabled it replaces native PCIe plug
callbacks with ACPI specific ones (acpi_pcihp_device_*plug_cb) and
as result slot stays powered off. It works fine as ACPI hotplug
on guest side takes care of enumerating/initializing hotplugged
device. But when later guest is migrated, call chain introduced by]
commit d5daff7d312 (pcie: implement slot power control for pcie root ports)
pcie_cap_slot_post_load()
-> pcie_cap_update_power()
-> pcie_set_power_device()
-> pci_set_power()
-> pci_update_mappings()
will disable earlier initialized BARs for the hotplugged device
in powered off slot due to commit 23786d13441 (pci: implement power state)
which disables BARs if power is off.
Fix it by setting PCI_EXP_SLTCTL_PCC to PCI_EXP_SLTCTL_PWR_ON
on slot (root port/downstream port) at the time a device
hotplugged into it. As result PCI_EXP_SLTCTL_PWR_ON is migrated
to target and above call chain keeps device plugged into it
powered on.
Fixes: d5daff7d312 ("pcie: implement slot power control for pcie root ports")
Fixes: 23786d13441 ("pci: implement power state")
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2053584
Suggested-by: "Michael S. Tsirkin" <mst@redhat.com>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20220301151200.3507298-3-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
(cherry picked from commit 6b0969f1ec825984cd74619f0730be421b0c46fb)
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
---
hw/acpi/pcihp.c | 12 +++++++++++-
hw/pci/pcie.c | 11 +++++++++++
include/hw/pci/pcie.h | 1 +
3 files changed, 23 insertions(+), 1 deletion(-)
diff --git a/hw/acpi/pcihp.c b/hw/acpi/pcihp.c
index 30405b5113..3d5610e02d 100644
--- a/hw/acpi/pcihp.c
+++ b/hw/acpi/pcihp.c
@@ -32,6 +32,7 @@
#include "hw/pci/pci_bridge.h"
#include "hw/pci/pci_host.h"
#include "hw/pci/pcie_port.h"
+#include "hw/pci-bridge/xio3130_downstream.h"
#include "hw/i386/acpi-build.h"
#include "hw/acpi/acpi.h"
#include "hw/pci/pci_bus.h"
@@ -341,6 +342,8 @@ void acpi_pcihp_device_plug_cb(HotplugHandler *hotplug_dev, AcpiPciHpState *s,
{
PCIDevice *pdev = PCI_DEVICE(dev);
int slot = PCI_SLOT(pdev->devfn);
+ PCIDevice *bridge;
+ PCIBus *bus;
int bsel;
/* Don't send event when device is enabled during qemu machine creation:
@@ -370,7 +373,14 @@ void acpi_pcihp_device_plug_cb(HotplugHandler *hotplug_dev, AcpiPciHpState *s,
return;
}
- bsel = acpi_pcihp_get_bsel(pci_get_bus(pdev));
+ bus = pci_get_bus(pdev);
+ bridge = pci_bridge_get_device(bus);
+ if (object_dynamic_cast(OBJECT(bridge), TYPE_PCIE_ROOT_PORT) ||
+ object_dynamic_cast(OBJECT(bridge), TYPE_XIO3130_DOWNSTREAM)) {
+ pcie_cap_slot_enable_power(bridge);
+ }
+
+ bsel = acpi_pcihp_get_bsel(bus);
g_assert(bsel >= 0);
s->acpi_pcihp_pci_status[bsel].up |= (1U << slot);
acpi_send_event(DEVICE(hotplug_dev), ACPI_PCI_HOTPLUG_STATUS);
diff --git a/hw/pci/pcie.c b/hw/pci/pcie.c
index d7d73a31e4..996f0e24fe 100644
--- a/hw/pci/pcie.c
+++ b/hw/pci/pcie.c
@@ -366,6 +366,17 @@ static void hotplug_event_clear(PCIDevice *dev)
}
}
+void pcie_cap_slot_enable_power(PCIDevice *dev)
+{
+ uint8_t *exp_cap = dev->config + dev->exp.exp_cap;
+ uint32_t sltcap = pci_get_long(exp_cap + PCI_EXP_SLTCAP);
+
+ if (sltcap & PCI_EXP_SLTCAP_PCP) {
+ pci_set_word_by_mask(exp_cap + PCI_EXP_SLTCTL,
+ PCI_EXP_SLTCTL_PCC, PCI_EXP_SLTCTL_PWR_ON);
+ }
+}
+
static void pcie_set_power_device(PCIBus *bus, PCIDevice *dev, void *opaque)
{
bool *power = opaque;
diff --git a/include/hw/pci/pcie.h b/include/hw/pci/pcie.h
index 6063bee0ec..c27368d077 100644
--- a/include/hw/pci/pcie.h
+++ b/include/hw/pci/pcie.h
@@ -112,6 +112,7 @@ void pcie_cap_slot_write_config(PCIDevice *dev,
uint32_t addr, uint32_t val, int len);
int pcie_cap_slot_post_load(void *opaque, int version_id);
void pcie_cap_slot_push_attention_button(PCIDevice *dev);
+void pcie_cap_slot_enable_power(PCIDevice *dev);
void pcie_cap_root_init(PCIDevice *dev);
void pcie_cap_root_reset(PCIDevice *dev);
--
2.31.1

60
SOURCES/kvm-hw-virtio-vdpa-Fix-leak-of-host-notifier-memory-regi.patch Normal file
View File

@ -0,0 +1,60 @@
From 2005e3bb97fba4889829b58331a057b9cb35a65d Mon Sep 17 00:00:00 2001
From: Laurent Vivier <lvivier@redhat.com>
Date: Fri, 11 Feb 2022 18:02:59 +0100
Subject: [PATCH 2/5] hw/virtio: vdpa: Fix leak of host-notifier memory-region
RH-Author: Laurent Vivier <lvivier@redhat.com>
RH-MergeRequest: 123: hw/virtio: vdpa: Fix leak of host-notifier memory-region
RH-Commit: [1/1] ddd64cac5c29786edf652f5fa97767b261ccfcdd
RH-Bugzilla: 2059786
RH-Acked-by: Jason Wang <jasowang@redhat.com>
RH-Acked-by: Cindy Lu <lulu@redhat.com>
RH-Acked-by: MST <mst@redhat.com>
RH-Acked-by: Stefano Garzarella <sgarzare@redhat.com>
BZ: https://bugzilla.redhat.com/2059786
BRANCH: rhel-9.0.0
BREW: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=43688388
UPTREAM: Merged
If call virtio_queue_set_host_notifier_mr fails, should free
host-notifier memory-region.
This problem can trigger a coredump with some vDPA drivers (mlx5,
but not with the vdpasim), if we unplug the virtio-net card from
the guest after a stop/start.
The same fix has been done for vhost-user:
1f89d3b91e3e ("hw/virtio: Fix leak of host-notifier memory-region")
Fixes: d0416d487bd5 ("vhost-vdpa: map virtqueue notification area if possible")
Cc: jasowang@redhat.com
Resolves: https://bugzilla.redhat.com/2027208
Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Message-Id: <20220211170259.1388734-1-lvivier@redhat.com>
Cc: qemu-stable@nongnu.org
Acked-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
(cherry picked from commit 98f7607ecda00dea3cbb2ed7b4427c96846efb83)
Signed-off-by: Laurent Vivier <lvivier@redhat.com>
---
hw/virtio/vhost-vdpa.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/hw/virtio/vhost-vdpa.c b/hw/virtio/vhost-vdpa.c
index bcaf00e09f..78da48a333 100644
--- a/hw/virtio/vhost-vdpa.c
+++ b/hw/virtio/vhost-vdpa.c
@@ -415,6 +415,7 @@ static int vhost_vdpa_host_notifier_init(struct vhost_dev *dev, int queue_index)
g_free(name);
if (virtio_queue_set_host_notifier_mr(vdev, queue_index, &n->mr, true)) {
+ object_unparent(OBJECT(&n->mr));
munmap(addr, page_size);
goto err;
}
--
2.31.1

60
SOURCES/kvm-i386-Add-Icelake-Server-v6-CPU-model-with-5-level-EP.patch Normal file
View File

@ -0,0 +1,60 @@
From 575ca409fa21db088c76e57f7285021dd8da1569 Mon Sep 17 00:00:00 2001
From: Vitaly Kuznetsov <vkuznets@redhat.com>
Date: Wed, 16 Mar 2022 09:36:19 +0100
Subject: [PATCH 04/14] i386: Add Icelake-Server-v6 CPU model with 5-level EPT
support
RH-Author: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-MergeRequest: 126: i386: Add Icelake-Server-v6 CPU model with 5-level EPT support
RH-Commit: [2/2] a047caa01fafd8ca6a5fa0704b379edab91d4ccc
RH-Bugzilla: 2038051
RH-Acked-by: Igor Mammedov <imammedo@redhat.com>
RH-Acked-by: Cornelia Huck <cohuck@redhat.com>
RH-Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2038051
Brew: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=43862630
commit 12cab535db6440af41ed8dfefe908a594321b6ce
Author: Vitaly Kuznetsov <vkuznets@redhat.com>
Date: Mon Feb 21 15:53:15 2022 +0100
i386: Add Icelake-Server-v6 CPU model with 5-level EPT support
Windows 11 with WSL2 enabled (Hyper-V) fails to boot with Icelake-Server
{-v5} CPU model but boots well with '-cpu host'. Apparently, it expects
5-level paging and 5-level EPT support to come in pair but QEMU's
Icelake-Server CPU model lacks the later. Introduce 'Icelake-Server-v6'
CPU model with 'vmx-page-walk-5' enabled by default.
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Message-Id: <20220221145316.576138-1-vkuznets@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
---
target/i386/cpu.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index aa9e636800..6e25d13339 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -3505,6 +3505,14 @@ static const X86CPUDefinition builtin_x86_defs[] = {
{ /* end of list */ }
},
},
+ {
+ .version = 6,
+ .note = "5-level EPT",
+ .props = (PropValue[]) {
+ { "vmx-page-walk-5", "on" },
+ { /* end of list */ }
+ },
+ },
{ /* end of list */ }
}
},
--
2.31.1

97
SOURCES/kvm-memory-Fix-incorrect-calls-of-log_global_start-stop.patch Normal file
View File

@ -0,0 +1,97 @@
From b169059c8fbf15c3ffeec0f68b938cb9febd8db7 Mon Sep 17 00:00:00 2001
From: Peter Xu <peterx@redhat.com>
Date: Tue, 30 Nov 2021 16:00:28 +0800
Subject: [PATCH 5/6] memory: Fix incorrect calls of log_global_start/stop
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Peter Xu <peterx@redhat.com>
RH-MergeRequest: 77: memory: Fix qemu crash on continuous migrations of stopped VM
RH-Commit: [1/2] 6271ee689266b24d29d4c87f60e5b096ef5f5d63 (peterx/qemu-kvm)
RH-Bugzilla: 2044818
RH-Acked-by: Paolo Bonzini <None>
RH-Acked-by: David Hildenbrand <david@redhat.com>
RH-Acked-by: quintela1 <quintela@redhat.com>
We should only call the log_global_start/stop when the global dirty track
bitmask changes from zero<->non-zero.
No real issue reported for this yet probably because no immediate user to
enable both dirty rate measurement and migration at the same time. However
it'll be good to be prepared for it.
Fixes: 63b41db4bc ("memory: make global_dirty_tracking a bitmask")
Cc: qemu-stable@nongnu.org
Cc: Hyman Huang <huangy81@chinatelecom.cn>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Cc: Juan Quintela <quintela@redhat.com>
Cc: David Hildenbrand <david@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Message-Id: <20211130080028.6474-1-peterx@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
(cherry picked from commit 7b0538ed3a22ce30817f818449d10701fb0821f9)
Signed-off-by: Peter Xu <peterx@redhat.com>
---
softmmu/memory.c | 27 ++++++++++++++-------------
1 file changed, 14 insertions(+), 13 deletions(-)
diff --git a/softmmu/memory.c b/softmmu/memory.c
index 7340e19ff5..81d4bf1454 100644
--- a/softmmu/memory.c
+++ b/softmmu/memory.c
@@ -2773,6 +2773,8 @@ static VMChangeStateEntry *vmstate_change;
void memory_global_dirty_log_start(unsigned int flags)
{
+ unsigned int old_flags = global_dirty_tracking;
+
if (vmstate_change) {
qemu_del_vm_change_state_handler(vmstate_change);
vmstate_change = NULL;
@@ -2781,15 +2783,14 @@ void memory_global_dirty_log_start(unsigned int flags)
assert(flags && !(flags & (~GLOBAL_DIRTY_MASK)));
assert(!(global_dirty_tracking & flags));
global_dirty_tracking |= flags;
-
trace_global_dirty_changed(global_dirty_tracking);
- MEMORY_LISTENER_CALL_GLOBAL(log_global_start, Forward);
-
- /* Refresh DIRTY_MEMORY_MIGRATION bit. */
- memory_region_transaction_begin();
- memory_region_update_pending = true;
- memory_region_transaction_commit();
+ if (!old_flags) {
+ MEMORY_LISTENER_CALL_GLOBAL(log_global_start, Forward);
+ memory_region_transaction_begin();
+ memory_region_update_pending = true;
+ memory_region_transaction_commit();
+ }
}
static void memory_global_dirty_log_do_stop(unsigned int flags)
@@ -2800,12 +2801,12 @@ static void memory_global_dirty_log_do_stop(unsigned int flags)
trace_global_dirty_changed(global_dirty_tracking);
- /* Refresh DIRTY_MEMORY_MIGRATION bit. */
- memory_region_transaction_begin();
- memory_region_update_pending = true;
- memory_region_transaction_commit();
-
- MEMORY_LISTENER_CALL_GLOBAL(log_global_stop, Reverse);
+ if (!global_dirty_tracking) {
+ memory_region_transaction_begin();
+ memory_region_update_pending = true;
+ memory_region_transaction_commit();
+ MEMORY_LISTENER_CALL_GLOBAL(log_global_stop, Reverse);
+ }
}
static void memory_vm_change_state_handler(void *opaque, bool running,
--
2.27.0

156
SOURCES/kvm-memory-Fix-qemu-crash-on-starting-dirty-log-twice-wi.patch Normal file
View File

@ -0,0 +1,156 @@
From b3ed8e344c733bc8c2223c1b9e424a9fbcea56d4 Mon Sep 17 00:00:00 2001
From: Peter Xu <peterx@redhat.com>
Date: Mon, 7 Feb 2022 20:30:19 +0800
Subject: [PATCH 6/6] memory: Fix qemu crash on starting dirty log twice with
stopped VM
RH-Author: Peter Xu <peterx@redhat.com>
RH-MergeRequest: 77: memory: Fix qemu crash on continuous migrations of stopped VM
RH-Commit: [2/2] 98ed2ef6226ec80a1896ebb554015aded0dc0c18 (peterx/qemu-kvm)
RH-Bugzilla: 2044818
RH-Acked-by: Paolo Bonzini <None>
RH-Acked-by: David Hildenbrand <david@redhat.com>
RH-Acked-by: quintela1 <quintela@redhat.com>
QEMU can now easily crash with two continuous migration carried out:
(qemu) migrate -d exec:cat>out
(qemu) migrate_cancel
(qemu) migrate -d exec:cat>out
[crash] ../softmmu/memory.c:2782: memory_global_dirty_log_start: Assertion
`!(global_dirty_tracking & flags)' failed.
It's because memory API provides a way to postpone dirty log stop if the VM is
stopped, and that'll be re-done until the next VM start. It was added in 2017
with commit 1931076077 ("migration: optimize the downtime", 2017-08-01).
However the recent work on allowing dirty tracking to be bitmask broke it,
which is commit 63b41db4bc ("memory: make global_dirty_tracking a bitmask",
2021-11-01).
The fix proposed in this patch contains two things:
(1) Instead of passing over the flags to postpone stop dirty track, we add a
global variable (along with current vmstate_change variable) to record
what flags to stop dirty tracking.
(2) When start dirty tracking, instead if remove the vmstate hook directly,
we also execute the postponed stop process so that we make sure all the
starts and stops will be paired.
This procedure is overlooked in the bitmask-ify work in 2021.
Cc: Hyman Huang <huangy81@chinatelecom.cn>
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2044818
Fixes: 63b41db4bc ("memory: make global_dirty_tracking a bitmask")
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20220207123019.27223-1-peterx@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit a5c90c61a118027b86155cffdf4fe4e2e9de1020)
Signed-off-by: Peter Xu <peterx@redhat.com>
---
softmmu/memory.c | 61 +++++++++++++++++++++++++++++++++++-------------
1 file changed, 45 insertions(+), 16 deletions(-)
diff --git a/softmmu/memory.c b/softmmu/memory.c
index 81d4bf1454..0311e362ee 100644
--- a/softmmu/memory.c
+++ b/softmmu/memory.c
@@ -2769,19 +2769,32 @@ void memory_global_after_dirty_log_sync(void)
MEMORY_LISTENER_CALL_GLOBAL(log_global_after_sync, Forward);
}
+/*
+ * Dirty track stop flags that are postponed due to VM being stopped. Should
+ * only be used within vmstate_change hook.
+ */
+static unsigned int postponed_stop_flags;
static VMChangeStateEntry *vmstate_change;
+static void memory_global_dirty_log_stop_postponed_run(void);
void memory_global_dirty_log_start(unsigned int flags)
{
- unsigned int old_flags = global_dirty_tracking;
+ unsigned int old_flags;
+
+ assert(flags && !(flags & (~GLOBAL_DIRTY_MASK)));
if (vmstate_change) {
- qemu_del_vm_change_state_handler(vmstate_change);
- vmstate_change = NULL;
+ /* If there is postponed stop(), operate on it first */
+ postponed_stop_flags &= ~flags;
+ memory_global_dirty_log_stop_postponed_run();
}
- assert(flags && !(flags & (~GLOBAL_DIRTY_MASK)));
- assert(!(global_dirty_tracking & flags));
+ flags &= ~global_dirty_tracking;
+ if (!flags) {
+ return;
+ }
+
+ old_flags = global_dirty_tracking;
global_dirty_tracking |= flags;
trace_global_dirty_changed(global_dirty_tracking);
@@ -2809,29 +2822,45 @@ static void memory_global_dirty_log_do_stop(unsigned int flags)
}
}
+/*
+ * Execute the postponed dirty log stop operations if there is, then reset
+ * everything (including the flags and the vmstate change hook).
+ */
+static void memory_global_dirty_log_stop_postponed_run(void)
+{
+ /* This must be called with the vmstate handler registered */
+ assert(vmstate_change);
+
+ /* Note: postponed_stop_flags can be cleared in log start routine */
+ if (postponed_stop_flags) {
+ memory_global_dirty_log_do_stop(postponed_stop_flags);
+ postponed_stop_flags = 0;
+ }
+
+ qemu_del_vm_change_state_handler(vmstate_change);
+ vmstate_change = NULL;
+}
+
static void memory_vm_change_state_handler(void *opaque, bool running,
RunState state)
{
- unsigned int flags = (unsigned int)(uintptr_t)opaque;
if (running) {
- memory_global_dirty_log_do_stop(flags);
-
- if (vmstate_change) {
- qemu_del_vm_change_state_handler(vmstate_change);
- vmstate_change = NULL;
- }
+ memory_global_dirty_log_stop_postponed_run();
}
}
void memory_global_dirty_log_stop(unsigned int flags)
{
if (!runstate_is_running()) {
+ /* Postpone the dirty log stop, e.g., to when VM starts again */
if (vmstate_change) {
- return;
+ /* Batch with previous postponed flags */
+ postponed_stop_flags |= flags;
+ } else {
+ postponed_stop_flags = flags;
+ vmstate_change = qemu_add_vm_change_state_handler(
+ memory_vm_change_state_handler, NULL);
}
- vmstate_change = qemu_add_vm_change_state_handler(
- memory_vm_change_state_handler,
- (void *)(uintptr_t)flags);
return;
}
--
2.27.0

73
SOURCES/kvm-pci-expose-TYPE_XIO3130_DOWNSTREAM-name.patch Normal file
View File

@ -0,0 +1,73 @@
From 0a200d937e63554c38db577961ef4f09c836cb2f Mon Sep 17 00:00:00 2001
From: Igor Mammedov <imammedo@redhat.com>
Date: Tue, 1 Mar 2022 10:11:58 -0500
Subject: [PATCH 01/14] pci: expose TYPE_XIO3130_DOWNSTREAM name
RH-Author: Igor Mammedov <imammedo@redhat.com>
RH-MergeRequest: 124: RHEL-9.0 Fix broken PCIe device after migration
RH-Commit: [1/2] 38a5fef15d0b6c231b5ac268aad7d541e5303a7e
RH-Bugzilla: 2053584
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: MST <None>
RH-Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Type name will be used in followup patch for cast check
in pcihp code.
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20220301151200.3507298-2-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
(cherry picked from commit c41481af9a5d0d463607cc45b45c510875570817)
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
---
hw/pci-bridge/xio3130_downstream.c | 3 ++-
include/hw/pci-bridge/xio3130_downstream.h | 15 +++++++++++++++
2 files changed, 17 insertions(+), 1 deletion(-)
create mode 100644 include/hw/pci-bridge/xio3130_downstream.h
diff --git a/hw/pci-bridge/xio3130_downstream.c b/hw/pci-bridge/xio3130_downstream.c
index 04aae72cd6..b17cafd359 100644
--- a/hw/pci-bridge/xio3130_downstream.c
+++ b/hw/pci-bridge/xio3130_downstream.c
@@ -28,6 +28,7 @@
#include "migration/vmstate.h"
#include "qapi/error.h"
#include "qemu/module.h"
+#include "hw/pci-bridge/xio3130_downstream.h"
#define PCI_DEVICE_ID_TI_XIO3130D 0x8233 /* downstream port */
#define XIO3130_REVISION 0x1
@@ -173,7 +174,7 @@ static void xio3130_downstream_class_init(ObjectClass *klass, void *data)
}
static const TypeInfo xio3130_downstream_info = {
- .name = "xio3130-downstream",
+ .name = TYPE_XIO3130_DOWNSTREAM,
.parent = TYPE_PCIE_SLOT,
.class_init = xio3130_downstream_class_init,
.interfaces = (InterfaceInfo[]) {
diff --git a/include/hw/pci-bridge/xio3130_downstream.h b/include/hw/pci-bridge/xio3130_downstream.h
new file mode 100644
index 0000000000..1d10139aea
--- /dev/null
+++ b/include/hw/pci-bridge/xio3130_downstream.h
@@ -0,0 +1,15 @@
+/*
+ * TI X3130 pci express downstream port switch
+ *
+ * Copyright (C) 2022 Igor Mammedov <imammedo@redhat.com>
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#ifndef HW_PCI_BRIDGE_XIO3130_DOWNSTREAM_H
+#define HW_PCI_BRIDGE_XIO3130_DOWNSTREAM_H
+
+#define TYPE_XIO3130_DOWNSTREAM "xio3130-downstream"
+
+#endif
+
--
2.31.1

36
SOURCES/kvm-tests-acpi-SLIC-update-expected-blobs.patch Normal file
View File

@ -0,0 +1,36 @@
From 1dd4518bbf917158c9558dfb9e92be0a3f74b42b Mon Sep 17 00:00:00 2001
From: Igor Mammedov <imammedo@redhat.com>
Date: Mon, 27 Dec 2021 14:31:20 -0500
Subject: [PATCH 08/14] tests: acpi: SLIC: update expected blobs
RH-Author: Igor Mammedov <imammedo@redhat.com>
RH-MergeRequest: 130: acpi: fix QEMU crash when started with SLIC table
RH-Commit: [4/10] 9023e98b18b9145ef889eec912b222e039fcc76f
RH-Bugzilla: 2043531
RH-Acked-by: Gerd Hoffmann <kraxel@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Acked-by: MST <None>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20211227193120.1084176-5-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
(cherry picked from commit c8adb4d222c42951a9d0367e5f5d4e1f5e2c9ad7)
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
---
tests/data/acpi/q35/FACP.slic | Bin 244 -> 244 bytes
tests/data/acpi/q35/SLIC.slic | Bin 0 -> 36 bytes
tests/qtest/bios-tables-test-allowed-diff.h | 2 --
3 files changed, 2 deletions(-)
diff --git a/tests/qtest/bios-tables-test-allowed-diff.h b/tests/qtest/bios-tables-test-allowed-diff.h
index 49dbf8fa3e..dfb8523c8b 100644
--- a/tests/qtest/bios-tables-test-allowed-diff.h
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
@@ -1,3 +1 @@
/* List of comma-separated changed AML files to ignore */
-"tests/data/acpi/q35/FACP.slic",
-"tests/data/acpi/q35/SLIC.slic",
--
2.31.1

69
SOURCES/kvm-tests-acpi-add-SLIC-table-test.patch Normal file
View File

@ -0,0 +1,69 @@
From f897bc3aca1bb98b1907cfd76ba52cfa541b9b5c Mon Sep 17 00:00:00 2001
From: Igor Mammedov <imammedo@redhat.com>
Date: Mon, 27 Dec 2021 14:31:19 -0500
Subject: [PATCH 07/14] tests: acpi: add SLIC table test
RH-Author: Igor Mammedov <imammedo@redhat.com>
RH-MergeRequest: 130: acpi: fix QEMU crash when started with SLIC table
RH-Commit: [3/10] b72e6f11e4d86bf39fa440df3902d9259d16d5db
RH-Bugzilla: 2043531
RH-Acked-by: Gerd Hoffmann <kraxel@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Acked-by: MST <None>
When user uses '-acpitable' to add SLIC table, some ACPI
tables (FADT) will change its 'Oem ID'/'Oem Table ID' fields to
match that of SLIC. Test makes sure thati QEMU handles
those fields correctly when SLIC table is added with
'-acpitable' option.
Conflicts:
tests/qtest/bios-tables-test.c
due to missing 39d7554b2009 ("tests/acpi: add test case for VIOT")
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20211227193120.1084176-4-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
(cherry picked from commit 11edfabee443b149468a82b5efc88c96d1d259ec)
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
---
tests/qtest/bios-tables-test.c | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/tests/qtest/bios-tables-test.c b/tests/qtest/bios-tables-test.c
index 62745181a8..088609c196 100644
--- a/tests/qtest/bios-tables-test.c
+++ b/tests/qtest/bios-tables-test.c
@@ -1465,6 +1465,20 @@ static void test_acpi_virt_tcg(void)
free_test_data(&data);
}
+static void test_acpi_q35_slic(void)
+{
+ test_data data = {
+ .machine = MACHINE_Q35,
+ .variant = ".slic",
+ };
+
+ test_acpi_one("-acpitable sig=SLIC,oem_id='CRASH ',oem_table_id='ME',"
+ "oem_rev=00002210,asl_compiler_id='qemu',"
+ "asl_compiler_rev=00000000,data=/dev/null",
+ &data);
+ free_test_data(&data);
+}
+
static void test_oem_fields(test_data *data)
{
int i;
@@ -1639,6 +1653,7 @@ int main(int argc, char *argv[])
qtest_add_func("acpi/q35/kvm/xapic", test_acpi_q35_kvm_xapic);
qtest_add_func("acpi/q35/kvm/dmar", test_acpi_q35_kvm_dmar);
}
+ qtest_add_func("acpi/q35/slic", test_acpi_q35_slic);
} else if (strcmp(arch, "aarch64") == 0) {
if (has_tcg) {
qtest_add_func("acpi/virt", test_acpi_virt_tcg);
--
2.31.1

76
SOURCES/kvm-tests-acpi-manually-pad-OEM_ID-OEM_TABLE_ID-for-test.patch Normal file
View File

@ -0,0 +1,76 @@
From 80fdb82bab21ab0d094795287ce903d0d48974fc Mon Sep 17 00:00:00 2001
From: Igor Mammedov <imammedo@redhat.com>
Date: Wed, 12 Jan 2022 08:03:29 -0500
Subject: [PATCH 09/14] tests: acpi: manually pad OEM_ID/OEM_TABLE_ID for
test_oem_fields() test
RH-Author: Igor Mammedov <imammedo@redhat.com>
RH-MergeRequest: 130: acpi: fix QEMU crash when started with SLIC table
RH-Commit: [5/10] 7d55865be1e1574605734c2663bac233e87b8134
RH-Bugzilla: 2043531
RH-Acked-by: Gerd Hoffmann <kraxel@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Acked-by: MST <None>
The next commit will revert OEM fields padding with whitespace to
padding with '\0' as it was before [1]. As result test_oem_fields() will
fail due to unexpectedly smaller ID sizes read from QEMU ACPI tables.
Pad OEM_ID/OEM_TABLE_ID manually with spaces so that values the test
puts on QEMU CLI and expected values match.
1) 602b458201 ("acpi: Permit OEM ID and OEM table ID fields to be changed")
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20220112130332.1648664-2-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
(cherry picked from commit a849522f726767022203ef2b6c395ea19facb866)
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
---
tests/qtest/bios-tables-test.c | 15 ++++++---------
1 file changed, 6 insertions(+), 9 deletions(-)
diff --git a/tests/qtest/bios-tables-test.c b/tests/qtest/bios-tables-test.c
index 088609c196..cfccfd4408 100644
--- a/tests/qtest/bios-tables-test.c
+++ b/tests/qtest/bios-tables-test.c
@@ -71,9 +71,10 @@
#define ACPI_REBUILD_EXPECTED_AML "TEST_ACPI_REBUILD_AML"
-#define OEM_ID "TEST"
-#define OEM_TABLE_ID "OEM"
-#define OEM_TEST_ARGS "-machine x-oem-id="OEM_ID",x-oem-table-id="OEM_TABLE_ID
+#define OEM_ID "TEST "
+#define OEM_TABLE_ID "OEM "
+#define OEM_TEST_ARGS "-machine x-oem-id='" OEM_ID "',x-oem-table-id='" \
+ OEM_TABLE_ID "'"
typedef struct {
bool tcg_only;
@@ -1482,11 +1483,7 @@ static void test_acpi_q35_slic(void)
static void test_oem_fields(test_data *data)
{
int i;
- char oem_id[6];
- char oem_table_id[8];
- strpadcpy(oem_id, sizeof oem_id, OEM_ID, ' ');
- strpadcpy(oem_table_id, sizeof oem_table_id, OEM_TABLE_ID, ' ');
for (i = 0; i < data->tables->len; ++i) {
AcpiSdtTable *sdt;
@@ -1496,8 +1493,8 @@ static void test_oem_fields(test_data *data)
continue;
}
- g_assert(memcmp(sdt->aml + 10, oem_id, 6) == 0);
- g_assert(memcmp(sdt->aml + 16, oem_table_id, 8) == 0);
+ g_assert(memcmp(sdt->aml + 10, OEM_ID, 6) == 0);
+ g_assert(memcmp(sdt->aml + 16, OEM_TABLE_ID, 8) == 0);
}
}
--
2.31.1

69
SOURCES/kvm-tests-acpi-test-short-OEM_ID-OEM_TABLE_ID-values-in-.patch Normal file
View File

@ -0,0 +1,69 @@
From d08941e96003ea6bd26d73b4270912670e39e1bc Mon Sep 17 00:00:00 2001
From: Igor Mammedov <imammedo@redhat.com>
Date: Fri, 14 Jan 2022 09:26:41 -0500
Subject: [PATCH 13/14] tests: acpi: test short OEM_ID/OEM_TABLE_ID values in
test_oem_fields()
RH-Author: Igor Mammedov <imammedo@redhat.com>
RH-MergeRequest: 130: acpi: fix QEMU crash when started with SLIC table
RH-Commit: [9/10] f1f9991d5d7ef5afb2f98f4fa81aeb3e3cf32d8f
RH-Bugzilla: 2043531
RH-Acked-by: Gerd Hoffmann <kraxel@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Acked-by: MST <None>
Previous patch [1] added explicit whitespace padding to OEM_ID/OEM_TABLE_ID
values used in test_oem_fields() testcase to avoid false positive and
bisection issues when QEMU is switched to \0' padding. As result
testcase ceased to test values that were shorter than max possible
length values.
Update testcase to make sure that it's testing shorter IDs like it
used to before [2].
1) "tests: acpi: manually pad OEM_ID/OEM_TABLE_ID for test_oem_fields() test"
2) 602b458201 ("acpi: Permit OEM ID and OEM table ID fields to be changed")
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20220114142641.1727679-1-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
(cherry picked from commit 408ca92634770de5eac7965ed97c6260e770f2e7)
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
---
tests/qtest/bios-tables-test.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/tests/qtest/bios-tables-test.c b/tests/qtest/bios-tables-test.c
index cfccfd4408..0dd9a0a55b 100644
--- a/tests/qtest/bios-tables-test.c
+++ b/tests/qtest/bios-tables-test.c
@@ -71,10 +71,10 @@
#define ACPI_REBUILD_EXPECTED_AML "TEST_ACPI_REBUILD_AML"
-#define OEM_ID "TEST "
-#define OEM_TABLE_ID "OEM "
-#define OEM_TEST_ARGS "-machine x-oem-id='" OEM_ID "',x-oem-table-id='" \
- OEM_TABLE_ID "'"
+#define OEM_ID "TEST"
+#define OEM_TABLE_ID "OEM"
+#define OEM_TEST_ARGS "-machine x-oem-id=" OEM_ID ",x-oem-table-id=" \
+ OEM_TABLE_ID
typedef struct {
bool tcg_only;
@@ -1493,8 +1493,8 @@ static void test_oem_fields(test_data *data)
continue;
}
- g_assert(memcmp(sdt->aml + 10, OEM_ID, 6) == 0);
- g_assert(memcmp(sdt->aml + 16, OEM_TABLE_ID, 8) == 0);
+ g_assert(strncmp((char *)sdt->aml + 10, OEM_ID, 6) == 0);
+ g_assert(strncmp((char *)sdt->aml + 16, OEM_TABLE_ID, 8) == 0);
}
}
--
2.31.1

50
SOURCES/kvm-tests-acpi-update-expected-blobs.patch Normal file
View File

@ -0,0 +1,50 @@
From b8831f75d186639385d75a4df9c510c7435fcdaf Mon Sep 17 00:00:00 2001
From: Igor Mammedov <imammedo@redhat.com>
Date: Wed, 12 Jan 2022 08:03:32 -0500
Subject: [PATCH 12/14] tests: acpi: update expected blobs
RH-Author: Igor Mammedov <imammedo@redhat.com>
RH-MergeRequest: 130: acpi: fix QEMU crash when started with SLIC table
RH-Commit: [8/10] dddfa6e1b966bf7c5c00a20c98a778b060dc6983
RH-Bugzilla: 2043531
RH-Acked-by: Gerd Hoffmann <kraxel@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Acked-by: MST <None>
Expected changes caused by previous commit:
nvdimm ssdt (q35/pc/virt):
- * OEM Table ID "NVDIMM "
+ * OEM Table ID "NVDIMM"
SLIC test FADT (tests/data/acpi/q35/FACP.slic):
-[010h 0016 8] Oem Table ID : "ME "
+[010h 0016 8] Oem Table ID : "ME"
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20220112130332.1648664-5-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
(cherry picked from commit 5adc3aba875416b0e077d8a29ddd0357883746f4)
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
---
tests/data/acpi/pc/SSDT.dimmpxm | Bin 734 -> 734 bytes
tests/data/acpi/q35/FACP.slic | Bin 244 -> 244 bytes
tests/data/acpi/q35/SSDT.dimmpxm | Bin 734 -> 734 bytes
tests/data/acpi/virt/SSDT.memhp | Bin 736 -> 736 bytes
tests/qtest/bios-tables-test-allowed-diff.h | 4 ----
5 files changed, 4 deletions(-)
diff --git a/tests/qtest/bios-tables-test-allowed-diff.h b/tests/qtest/bios-tables-test-allowed-diff.h
index 7faa8f53be..dfb8523c8b 100644
--- a/tests/qtest/bios-tables-test-allowed-diff.h
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
@@ -1,5 +1 @@
/* List of comma-separated changed AML files to ignore */
-"tests/data/acpi/virt/SSDT.memhp",
-"tests/data/acpi/pc/SSDT.dimmpxm",
-"tests/data/acpi/q35/SSDT.dimmpxm",
-"tests/data/acpi/q35/FACP.slic",
--
2.31.1

42
SOURCES/kvm-tests-acpi-whitelist-expected-blobs-before-changing-.patch Normal file
View File

@ -0,0 +1,42 @@
From 9d8ab705fb0ffc55e78c22f4dd79c4c57437532e Mon Sep 17 00:00:00 2001
From: Igor Mammedov <imammedo@redhat.com>
Date: Mon, 27 Dec 2021 14:31:18 -0500
Subject: [PATCH 06/14] tests: acpi: whitelist expected blobs before changing
them
RH-Author: Igor Mammedov <imammedo@redhat.com>
RH-MergeRequest: 130: acpi: fix QEMU crash when started with SLIC table
RH-Commit: [2/10] 677ac6f62a40479f88cc0d47bfece74bb39ae7a7
RH-Bugzilla: 2043531
RH-Acked-by: Gerd Hoffmann <kraxel@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Acked-by: MST <None>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20211227193120.1084176-3-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
(cherry picked from commit e71f6ab9d93a7d01e833647e7010c1079c4cef30)
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
---
tests/data/acpi/q35/FACP.slic | Bin 0 -> 244 bytes
tests/data/acpi/q35/SLIC.slic | 0
tests/qtest/bios-tables-test-allowed-diff.h | 2 ++
3 files changed, 2 insertions(+)
create mode 100644 tests/data/acpi/q35/FACP.slic
create mode 100644 tests/data/acpi/q35/SLIC.slic
diff --git a/tests/data/acpi/q35/SLIC.slic b/tests/data/acpi/q35/SLIC.slic
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/tests/qtest/bios-tables-test-allowed-diff.h b/tests/qtest/bios-tables-test-allowed-diff.h
index dfb8523c8b..49dbf8fa3e 100644
--- a/tests/qtest/bios-tables-test-allowed-diff.h
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
@@ -1 +1,3 @@
/* List of comma-separated changed AML files to ignore */
+"tests/data/acpi/q35/FACP.slic",
+"tests/data/acpi/q35/SLIC.slic",
--
2.31.1

49
SOURCES/kvm-tests-acpi-whitelist-nvdimm-s-SSDT-and-FACP.slic-exp.patch Normal file
View File

@ -0,0 +1,49 @@
From 667b82b02f7f3a1e5c37e3ff77b146cc3fd9da80 Mon Sep 17 00:00:00 2001
From: Igor Mammedov <imammedo@redhat.com>
Date: Wed, 12 Jan 2022 08:03:30 -0500
Subject: [PATCH 10/14] tests: acpi: whitelist nvdimm's SSDT and FACP.slic
expected blobs
RH-Author: Igor Mammedov <imammedo@redhat.com>
RH-MergeRequest: 130: acpi: fix QEMU crash when started with SLIC table
RH-Commit: [6/10] 9b35b82e26499de3b7bdc0cdd089fda0a8ec031a
RH-Bugzilla: 2043531
RH-Acked-by: Gerd Hoffmann <kraxel@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Acked-by: MST <None>
The next commit will revert OEM fields whitespace padding to
padding with '\0' as it was before [1]. That will change OEM
Table ID for:
* SSDT.*: where it was padded from 6 characters to 8
* FACP.slic: where it was padded from 2 characters to 8
after reverting whitespace padding, it will be replaced with
'\0' which effectively will shorten OEM table ID to 6 and 2
characters.
Whitelist affected tables before introducing the change.
1) 602b458201 ("acpi: Permit OEM ID and OEM table ID fields to be changed")
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20220112130332.1648664-3-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
(cherry picked from commit d1e4a4654154925eddf0fc449fa9c92b806b9c8c)
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
---
tests/qtest/bios-tables-test-allowed-diff.h | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/tests/qtest/bios-tables-test-allowed-diff.h b/tests/qtest/bios-tables-test-allowed-diff.h
index dfb8523c8b..7faa8f53be 100644
--- a/tests/qtest/bios-tables-test-allowed-diff.h
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
@@ -1 +1,5 @@
/* List of comma-separated changed AML files to ignore */
+"tests/data/acpi/virt/SSDT.memhp",
+"tests/data/acpi/pc/SSDT.dimmpxm",
+"tests/data/acpi/q35/SSDT.dimmpxm",
+"tests/data/acpi/q35/FACP.slic",
--
2.31.1

63
SOURCES/kvm-ui-avoid-compiler-warnings-from-unused-clipboard-inf.patch Normal file
View File

@ -0,0 +1,63 @@
From c5ff43026547ea20fbb496c5b6734b7e64362151 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Mon, 14 Feb 2022 12:37:49 +0100
Subject: [PATCH 2/6] ui: avoid compiler warnings from unused clipboard info
variable
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Gerd Hoffmann <kraxel@redhat.com>
RH-MergeRequest: 75: fix vnc cut+paste crash
RH-Commit: [2/4] 6a7982a0bab86bf843fd65842e730a61b2fa2cb0 (kraxel/centos-qemu-kvm)
RH-Bugzilla: 2042820
RH-Acked-by: Marc-André Lureau <marcandre.lureau@redhat.com>
RH-Acked-by: Daniel P. Berrangé <berrange@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
With latest clang 13.0.0 we get
../ui/clipboard.c:47:34: error: variable 'old' set but not used [-Werror,-Wunused-but-set-variable]
g_autoptr(QemuClipboardInfo) old = NULL;
^
The compiler can't tell that we only declared this variable in
order to get the side effect of free'ing it when out of scope.
This pattern is a little dubious for a use of g_autoptr, so
rewrite the code to avoid it.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
[AJB: fix merge conflict]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20211215141949.3512719-2-berrange@redhat.com>
Message-Id: <20220105135009.1584676-2-alex.bennee@linaro.org>
(cherry picked from commit 70a54b01693eda3c61814b05d699aba41015ac48)
---
ui/clipboard.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/ui/clipboard.c b/ui/clipboard.c
index d7b008d62a..7672058e84 100644
--- a/ui/clipboard.c
+++ b/ui/clipboard.c
@@ -44,12 +44,11 @@ void qemu_clipboard_peer_release(QemuClipboardPeer *peer,
void qemu_clipboard_update(QemuClipboardInfo *info)
{
- g_autoptr(QemuClipboardInfo) old = NULL;
assert(info->selection < QEMU_CLIPBOARD_SELECTION__COUNT);
notifier_list_notify(&clipboard_notifiers, info);
- old = cbinfo[info->selection];
+ qemu_clipboard_info_unref(cbinfo[info->selection]);
cbinfo[info->selection] = qemu_clipboard_info_ref(info);
}
--
2.27.0

49
SOURCES/kvm-ui-clipboard-fix-use-after-free-regression.patch Normal file
View File

@ -0,0 +1,49 @@
From 965275cd87f8008f129509c6d6fd0096e8ac2d96 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com>
Date: Mon, 14 Feb 2022 15:59:17 +0400
Subject: [PATCH 3/6] ui/clipboard: fix use-after-free regression
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Gerd Hoffmann <kraxel@redhat.com>
RH-MergeRequest: 75: fix vnc cut+paste crash
RH-Commit: [3/4] d8f68e0eb60d9aaa9a703d969f215816bf35f6f0 (kraxel/centos-qemu-kvm)
RH-Bugzilla: 2042820
RH-Acked-by: Marc-André Lureau <marcandre.lureau@redhat.com>
RH-Acked-by: Daniel P. Berrangé <berrange@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
The same info may be used to update the clipboard, and may be freed
before being ref'ed again.
Fixes: 70a54b01693ed ("ui: avoid compiler warnings from unused clipboard info variable")
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20220214115917.1679568-1-marcandre.lureau@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
ui/clipboard.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/ui/clipboard.c b/ui/clipboard.c
index 7672058e84..d7dae13760 100644
--- a/ui/clipboard.c
+++ b/ui/clipboard.c
@@ -48,8 +48,10 @@ void qemu_clipboard_update(QemuClipboardInfo *info)
notifier_list_notify(&clipboard_notifiers, info);
- qemu_clipboard_info_unref(cbinfo[info->selection]);
- cbinfo[info->selection] = qemu_clipboard_info_ref(info);
+ if (cbinfo[info->selection] != info) {
+ qemu_clipboard_info_unref(cbinfo[info->selection]);
+ cbinfo[info->selection] = qemu_clipboard_info_ref(info);
+ }
}
QemuClipboardInfo *qemu_clipboard_info(QemuClipboardSelection selection)
--
2.27.0

80
SOURCES/kvm-ui-vnc.c-Fixed-a-deadlock-bug.patch Normal file
View File

@ -0,0 +1,80 @@
From 14582cfec72e52894f16ed5c3fb14adb2d6d8e25 Mon Sep 17 00:00:00 2001
From: Rao Lei <lei.rao@intel.com>
Date: Wed, 5 Jan 2022 10:08:08 +0800
Subject: [PATCH 4/6] ui/vnc.c: Fixed a deadlock bug.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Gerd Hoffmann <kraxel@redhat.com>
RH-MergeRequest: 75: fix vnc cut+paste crash
RH-Commit: [4/4] 5321e447de974d91e9a6c0cf01f4352166ffb7ce (kraxel/centos-qemu-kvm)
RH-Bugzilla: 2042820
RH-Acked-by: Marc-André Lureau <marcandre.lureau@redhat.com>
RH-Acked-by: Daniel P. Berrangé <berrange@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
The GDB statck is as follows:
(gdb) bt
0 __lll_lock_wait (futex=futex@entry=0x56211df20360, private=0) at lowlevellock.c:52
1 0x00007f263caf20a3 in __GI___pthread_mutex_lock (mutex=0x56211df20360) at ../nptl/pthread_mutex_lock.c:80
2 0x000056211a757364 in qemu_mutex_lock_impl (mutex=0x56211df20360, file=0x56211a804857 "../ui/vnc-jobs.h", line=60)
at ../util/qemu-thread-posix.c:80
3 0x000056211a0ef8c7 in vnc_lock_output (vs=0x56211df14200) at ../ui/vnc-jobs.h:60
4 0x000056211a0efcb7 in vnc_clipboard_send (vs=0x56211df14200, count=1, dwords=0x7ffdf1701338) at ../ui/vnc-clipboard.c:138
5 0x000056211a0f0129 in vnc_clipboard_notify (notifier=0x56211df244c8, data=0x56211dd1bbf0) at ../ui/vnc-clipboard.c:209
6 0x000056211a75dde8 in notifier_list_notify (list=0x56211afa17d0 <clipboard_notifiers>, data=0x56211dd1bbf0) at ../util/notify.c:39
7 0x000056211a0bf0e6 in qemu_clipboard_update (info=0x56211dd1bbf0) at ../ui/clipboard.c:50
8 0x000056211a0bf05d in qemu_clipboard_peer_release (peer=0x56211df244c0, selection=QEMU_CLIPBOARD_SELECTION_CLIPBOARD)
at ../ui/clipboard.c:41
9 0x000056211a0bef9b in qemu_clipboard_peer_unregister (peer=0x56211df244c0) at ../ui/clipboard.c:19
10 0x000056211a0d45f3 in vnc_disconnect_finish (vs=0x56211df14200) at ../ui/vnc.c:1358
11 0x000056211a0d4c9d in vnc_client_read (vs=0x56211df14200) at ../ui/vnc.c:1611
12 0x000056211a0d4df8 in vnc_client_io (ioc=0x56211ce70690, condition=G_IO_IN, opaque=0x56211df14200) at ../ui/vnc.c:1649
13 0x000056211a5b976c in qio_channel_fd_source_dispatch
(source=0x56211ce50a00, callback=0x56211a0d4d71 <vnc_client_io>, user_data=0x56211df14200) at ../io/channel-watch.c:84
14 0x00007f263ccede8e in g_main_context_dispatch () at /lib/x86_64-linux-gnu/libglib-2.0.so.0
15 0x000056211a77d4a1 in glib_pollfds_poll () at ../util/main-loop.c:232
16 0x000056211a77d51f in os_host_main_loop_wait (timeout=958545) at ../util/main-loop.c:255
17 0x000056211a77d630 in main_loop_wait (nonblocking=0) at ../util/main-loop.c:531
18 0x000056211a45bc8e in qemu_main_loop () at ../softmmu/runstate.c:726
19 0x000056211a0b45fa in main (argc=69, argv=0x7ffdf1701778, envp=0x7ffdf17019a8) at ../softmmu/main.c:50
From the call trace, we can see it is a deadlock bug.
vnc_disconnect_finish will acquire the output_mutex.
But, the output_mutex will be acquired again in vnc_clipboard_send.
Repeated locking will cause deadlock. So, I move
qemu_clipboard_peer_unregister() behind vnc_unlock_output();
Fixes: 0bf41cab93e ("ui/vnc: clipboard support")
Signed-off-by: Lei Rao <lei.rao@intel.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20220105020808.597325-1-lei.rao@intel.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit 1dbbe6f172810026c51dc84ed927a3cc23017949)
---
ui/vnc.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ui/vnc.c b/ui/vnc.c
index af02522e84..b253e85c65 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -1354,12 +1354,12 @@ void vnc_disconnect_finish(VncState *vs)
/* last client gone */
vnc_update_server_surface(vs->vd);
}
+ vnc_unlock_output(vs);
+
if (vs->cbpeer.update.notify) {
qemu_clipboard_peer_unregister(&vs->cbpeer);
}
- vnc_unlock_output(vs);
-
qemu_mutex_destroy(&vs->output_mutex);
if (vs->bh != NULL) {
qemu_bh_delete(vs->bh);
--
2.27.0

49
SOURCES/kvm-vmxcap-Add-5-level-EPT-bit.patch Normal file
View File

@ -0,0 +1,49 @@
From 5d8e4aefe49d4ea5237efc8132e44183b99ebabc Mon Sep 17 00:00:00 2001
From: Vitaly Kuznetsov <vkuznets@redhat.com>
Date: Wed, 16 Mar 2022 09:35:23 +0100
Subject: [PATCH 03/14] vmxcap: Add 5-level EPT bit
RH-Author: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-MergeRequest: 126: i386: Add Icelake-Server-v6 CPU model with 5-level EPT support
RH-Commit: [1/2] 3f74e192278b8886de5dbeaf607521e9d3b744eb
RH-Bugzilla: 2038051
RH-Acked-by: Igor Mammedov <imammedo@redhat.com>
RH-Acked-by: Cornelia Huck <cohuck@redhat.com>
RH-Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2038051
Brew: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=43862630
commit d312378e59658473aa91aa15c67ec6200d92e5ff
Author: Vitaly Kuznetsov <vkuznets@redhat.com>
Date: Mon Feb 21 15:53:16 2022 +0100
vmxcap: Add 5-level EPT bit
5-level EPT is present in Icelake Server CPUs and is supported by QEMU
('vmx-page-walk-5').
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Message-Id: <20220221145316.576138-2-vkuznets@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
---
scripts/kvm/vmxcap | 1 +
1 file changed, 1 insertion(+)
diff --git a/scripts/kvm/vmxcap b/scripts/kvm/vmxcap
index 6fe66d5f57..f140040104 100755
--- a/scripts/kvm/vmxcap
+++ b/scripts/kvm/vmxcap
@@ -249,6 +249,7 @@ controls = [
bits = {
0: 'Execute-only EPT translations',
6: 'Page-walk length 4',
+ 7: 'Page-walk length 5',
8: 'Paging-structure memory type UC',
14: 'Paging-structure memory type WB',
16: '2MB EPT pages',
--
2.31.1

BIN
SOURCES/tests_data_acpi_pc_SSDT.dimmpxm Normal file
View File

Binary file not shown.

BIN
SOURCES/tests_data_acpi_q35_FACP.slic Normal file
View File

Binary file not shown.

BIN
SOURCES/tests_data_acpi_q35_SSDT.dimmpxm Normal file
View File

Binary file not shown.

BIN
SOURCES/tests_data_acpi_virt_SSDT.memhp Normal file
View File

Binary file not shown.

141
SPECS/qemu-kvm.spec
View File

@ -135,16 +135,23 @@ Requires: %{name}-audio-pa = %{epoch}:%{version}-%{release}
# removes {name}-ui-spice for upgrades from RHEL-8
# The "<= {version}" assumes RHEL-9 version >= RHEL-8 version (in
# other words RHEL-9 rebases are done together/before RHEL-8 ones)
# In addition, we obsolete some block drivers as we are no longer support
# them in default qemu-kvm installation.
# Note: ssh driver wasn't removed yet just disabled due to late handling
%global obsoletes_some_modules \
Obsoletes: %{name}-ui-spice <= %{version} \
Obsoletes: %{name}-block-gluster <= %{version} \
Obsoletes: %{name}-block-iscsi <= %{version} \
Obsoletes: %{name}-ui-spice <= %{epoch}:%{version} \
Obsoletes: %{name}-block-gluster <= %{epoch}:%{version} \
Obsoletes: %{name}-block-iscsi <= %{epoch}:%{version} \
Obsoletes: %{name}-block-ssh <= %{epoch}:%{version} \
Summary: QEMU is a machine emulator and virtualizer
Name: qemu-kvm
Version: 6.2.0
Release: 9%{?rcrel}%{?dist}%{?cc_suffix}
Release: 11%{?rcrel}%{?dist}%{?cc_suffix}.2
# Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped
# Epoch 15 used for RHEL 8
# Epoch 17 used for RHEL 9 (due to release versioning offset in RHEL 8.5)
@ -167,6 +174,10 @@ Source28: 95-kvm-memlock.conf
Source30: kvm-s390x.conf
Source31: kvm-x86.conf
Source36: README.tests
Source37: tests_data_acpi_pc_SSDT.dimmpxm
Source38: tests_data_acpi_q35_FACP.slic
Source39: tests_data_acpi_q35_SSDT.dimmpxm
Source40: tests_data_acpi_virt_SSDT.memhp
Patch0001: 0001-ui-clipboard-Don-t-use-g_autoptr-just-to-free-a-vari.patch
@ -267,6 +278,48 @@ Patch61: kvm-iotests-281-Test-lingering-timers.patch
Patch62: kvm-block-nbd-Move-s-ioc-on-AioContext-change.patch
# For bz#2033626 - Qemu core dump when start guest with nbd node or do block jobs to nbd node
Patch63: kvm-iotests-281-Let-NBD-connection-yield-in-iothread.patch
# For bz#2042820 - qemu crash when try to copy and paste contents from client to VM
Patch64: kvm-Revert-ui-clipboard-Don-t-use-g_autoptr-just-to-free.patch
# For bz#2042820 - qemu crash when try to copy and paste contents from client to VM
Patch65: kvm-ui-avoid-compiler-warnings-from-unused-clipboard-inf.patch
# For bz#2042820 - qemu crash when try to copy and paste contents from client to VM
Patch66: kvm-ui-clipboard-fix-use-after-free-regression.patch
# For bz#2042820 - qemu crash when try to copy and paste contents from client to VM
Patch67: kvm-ui-vnc.c-Fixed-a-deadlock-bug.patch
# For bz#2044818 - Qemu Core Dumped when migrate -> migrate_cancel -> migrate again during guest is paused
Patch68: kvm-memory-Fix-incorrect-calls-of-log_global_start-stop.patch
# For bz#2044818 - Qemu Core Dumped when migrate -> migrate_cancel -> migrate again during guest is paused
Patch69: kvm-memory-Fix-qemu-crash-on-starting-dirty-log-twice-wi.patch
# For bz#2052050 - Mark all RHEL-8 and earlier machine types as deprecated
Patch70: kvm-RHEL-mark-old-machine-types-as-deprecated.patch
# For bz#2059786 - [virtual network][rhel9][vDPA] qemu crash after hot unplug vdpa device
Patch71: kvm-hw-virtio-vdpa-Fix-leak-of-host-notifier-memory-regi.patch
# For bz#2053584 - watchdog: BUG: soft lockup - CPU#3 stuck for 22s! [cat:2843]
Patch72: kvm-pci-expose-TYPE_XIO3130_DOWNSTREAM-name.patch
# For bz#2053584 - watchdog: BUG: soft lockup - CPU#3 stuck for 22s! [cat:2843]
Patch73: kvm-acpi-pcihp-pcie-set-power-on-cap-on-parent-slot.patch
# For bz#2038051 - Win11 (q35+edk2) guest broke after install wsl2 through 'wsl --install -d Ubuntu-20.04'
Patch74: kvm-vmxcap-Add-5-level-EPT-bit.patch
# For bz#2038051 - Win11 (q35+edk2) guest broke after install wsl2 through 'wsl --install -d Ubuntu-20.04'
Patch75: kvm-i386-Add-Icelake-Server-v6-CPU-model-with-5-level-EP.patch
# For bz#2043531 - Guest can not start with SLIC acpi table
Patch76: kvm-acpi-fix-QEMU-crash-when-started-with-SLIC-table.patch
# For bz#2043531 - Guest can not start with SLIC acpi table
Patch77: kvm-tests-acpi-whitelist-expected-blobs-before-changing-.patch
# For bz#2043531 - Guest can not start with SLIC acpi table
Patch78: kvm-tests-acpi-add-SLIC-table-test.patch
# For bz#2043531 - Guest can not start with SLIC acpi table
Patch79: kvm-tests-acpi-SLIC-update-expected-blobs.patch
# For bz#2043531 - Guest can not start with SLIC acpi table
Patch80: kvm-tests-acpi-manually-pad-OEM_ID-OEM_TABLE_ID-for-test.patch
# For bz#2043531 - Guest can not start with SLIC acpi table
Patch81: kvm-tests-acpi-whitelist-nvdimm-s-SSDT-and-FACP.slic-exp.patch
# For bz#2043531 - Guest can not start with SLIC acpi table
Patch82: kvm-acpi-fix-OEM-ID-OEM-Table-ID-padding.patch
# For bz#2043531 - Guest can not start with SLIC acpi table
Patch83: kvm-tests-acpi-update-expected-blobs.patch
# For bz#2043531 - Guest can not start with SLIC acpi table
Patch84: kvm-tests-acpi-test-short-OEM_ID-OEM_TABLE_ID-values-in-.patch
# Source-git patches
@ -431,15 +484,6 @@ This package provides the qemu-pr-helper utility that is required for certain
SCSI features.
%package -n qemu-virtiofsd
Summary: QEMU virtio-fs shared file system daemon
Provides: virtiofsd
%description -n qemu-virtiofsd
This package provides virtiofsd daemon. This program is a vhost-user backend
that implements the virtio-fs device that is used for sharing a host directory
tree with a guest.
%package -n qemu-img
Summary: QEMU command line tool for manipulating disk images
%description -n qemu-img
@ -591,6 +635,7 @@ Summary: QEMU usbredir support
Requires: %{name}-common%{?_isa} = %{epoch}:%{version}-%{release}
Requires: usbredir >= 0.7.1
Provides: %{name}-hw-usbredir
Obsoletes: %{name}-hw-usbredir <= %{epoch}:%{version}
%description device-usb-redirect
This package provides usbredir support.
@ -603,6 +648,10 @@ This package provides usbredir support.
%global qemu_kvm_build qemu_kvm_build
mkdir -p %{qemu_kvm_build}
cp -f %{SOURCE37} tests/data/acpi/pc/SSDT.dimmpxm
cp -f %{SOURCE38} tests/data/acpi/q35/FACP.slic
cp -f %{SOURCE39} tests/data/acpi/q35/SSDT.dimmpxm
cp -f %{SOURCE40} tests/data/acpi/virt/SSDT.memhp
%build
%define disable_everything \\\
@ -1097,6 +1146,10 @@ rm -rf %{buildroot}%{_datadir}/%{name}/vgabios*bin
rm -rf %{buildroot}%{_datadir}/%{name}/bios*.bin
rm -rf %{buildroot}%{_datadir}/%{name}/sgabios.bin
# Remove virtiofsd (we use separate package for virtiofsd)
rm -rf %{buildroot}%{_mandir}/man1/virtiofsd.1*
rm -rf %{buildroot}%{_libexecdir}/virtiofsd
rm -rf %{buildroot}%{_datadir}/qemu/vhost-user/50-qemu-virtiofsd.json
%if %{have_modules_load}
install -D -p -m 644 %{_sourcedir}/modules-load.conf %{buildroot}%{_sysconfdir}/modules-load.d/kvm.conf
@ -1210,14 +1263,6 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \
%{_unitdir}/qemu-pr-helper.socket
%{_mandir}/man8/qemu-pr-helper.8*
%files -n qemu-virtiofsd
%{_mandir}/man1/virtiofsd.1*
%{_libexecdir}/virtiofsd
# This is the standard location for vhost-user JSON files defined in the
# vhost-user specification for interoperability with other software. Unlike
# most other paths we use it's "qemu" instead of "qemu-kvm".
%{_datadir}/qemu/vhost-user/50-qemu-virtiofsd.json
%files docs
%doc %{qemudocdir}
@ -1325,6 +1370,60 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \
%endif
%changelog
* Tue Mar 22 2022 <cconte@redhat.com> - 6.2.0-11.el9_0.2
- kvm-pci-expose-TYPE_XIO3130_DOWNSTREAM-name.patch [bz#2053584]
- kvm-acpi-pcihp-pcie-set-power-on-cap-on-parent-slot.patch [bz#2053584]
- kvm-vmxcap-Add-5-level-EPT-bit.patch [bz#2038051]
- kvm-i386-Add-Icelake-Server-v6-CPU-model-with-5-level-EP.patch [bz#2038051]
- kvm-acpi-fix-QEMU-crash-when-started-with-SLIC-table.patch [bz#2043531]
- kvm-tests-acpi-whitelist-expected-blobs-before-changing-.patch [bz#2043531]
- kvm-tests-acpi-add-SLIC-table-test.patch [bz#2043531]
- kvm-tests-acpi-SLIC-update-expected-blobs.patch [bz#2043531]
- kvm-tests-acpi-manually-pad-OEM_ID-OEM_TABLE_ID-for-test.patch [bz#2043531]
- kvm-tests-acpi-whitelist-nvdimm-s-SSDT-and-FACP.slic-exp.patch [bz#2043531]
- kvm-acpi-fix-OEM-ID-OEM-Table-ID-padding.patch [bz#2043531]
- kvm-tests-acpi-update-expected-blobs.patch [bz#2043531]
- kvm-tests-acpi-test-short-OEM_ID-OEM_TABLE_ID-values-in-.patch [bz#2043531]
- kvm-rhel-workaround-for-lack-of-binary-patches-in-SRPM.patch [bz#2043531]
- Resolves: bz#2053584
(watchdog: BUG: soft lockup - CPU#3 stuck for 22s! [cat:2843])
- Resolves: bz#2038051
(Win11 (q35+edk2) guest broke after install wsl2 through 'wsl --install -d Ubuntu-20.04')
- Resolves: bz#2043531
(Guest can not start with SLIC acpi table)
* Tue Mar 15 2022 Miroslav Rezanina <mrezanin@redhat.com> - 6.2.0-11.el9_0.1
- kvm-RHEL-mark-old-machine-types-as-deprecated.patch [bz#2052050]
- kvm-hw-virtio-vdpa-Fix-leak-of-host-notifier-memory-regi.patch [bz#2059786]
- kvm-spec-Fix-obsolete-for-spice-subpackages.patch [bz#2059175 bz#2059146]
- kvm-spec-Obsolete-old-usb-redir-subpackage.patch [bz#2059175 bz#2059146]
- kvm-spec-Obsolete-ssh-driver.patch [bz#2059175 bz#2059146]
- Resolves: bz#2052050
(Mark all RHEL-8 and earlier machine types as deprecated)
- Resolves: bz#2059786
([virtual network][rhel9][vDPA] qemu crash after hot unplug vdpa device)
- Resolves: bz#2059175
(Broken upgrade path due to qemu-kvm-hw-usbredir rename)
- Resolves: bz#2059146
(Missing qemu-kvm-block-ssh obsolete breaks upgrade path)
* Tue Mar 01 2022 Miroslav Rezanina <mrezanin@redhat.com> - 6.2.0-11
- kvm-spec-Remove-qemu-virtiofsd.patch [bz#2055284]
- Resolves: bz#2055284
(Remove the qemu-virtiofsd subpackage)
* Thu Feb 24 2022 Miroslav Rezanina <mrezanin@redhat.com> - 6.2.0-10
- kvm-Revert-ui-clipboard-Don-t-use-g_autoptr-just-to-free.patch [bz#2042820]
- kvm-ui-avoid-compiler-warnings-from-unused-clipboard-inf.patch [bz#2042820]
- kvm-ui-clipboard-fix-use-after-free-regression.patch [bz#2042820]
- kvm-ui-vnc.c-Fixed-a-deadlock-bug.patch [bz#2042820]
- kvm-memory-Fix-incorrect-calls-of-log_global_start-stop.patch [bz#2044818]
- kvm-memory-Fix-qemu-crash-on-starting-dirty-log-twice-wi.patch [bz#2044818]
- Resolves: bz#2042820
(qemu crash when try to copy and paste contents from client to VM)
- Resolves: bz#2044818
(Qemu Core Dumped when migrate -> migrate_cancel -> migrate again during guest is paused)
* Thu Feb 17 2022 Miroslav Rezanina <mrezanin@redhat.com> - 6.2.0-9
- kvm-block-Lock-AioContext-for-drain_end-in-blockdev-reop.patch [bz#2046659]
- kvm-iotests-Test-blockdev-reopen-with-iothreads-and-thro.patch [bz#2046659]