update sources for v4.0.1

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
Thomas Lamprecht 2019-10-21 17:08:28 +02:00
parent 69cb18950a
commit b8d43c594b
39 changed files with 163 additions and 557 deletions

View File

@ -64,6 +64,3 @@ index 4807bbe811..daadbcdede 100644
static void monitor_qmp_caps_reset(Monitor *mon)
{
memset(mon->qmp.capab_offered, 0, sizeof(mon->qmp.capab_offered));
--
2.20.1

View File

@ -1,37 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Thu, 16 May 2019 20:53:20 +0200
Subject: [PATCH] target/i386: add MDS-NO feature
Microarchitectural Data Sampling is a hardware vulnerability which allows
unprivileged speculative access to data which is available in various CPU
internal buffers.
Some Intel processors use the ARCH_CAP_MDS_NO bit in the
IA32_ARCH_CAPABILITIES
MSR to report that they are not vulnerable, make it available to guests.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20190516185320.28340-1-pbonzini@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
---
target/i386/cpu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index d6bb57d210..ee4b8b47e2 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -1183,7 +1183,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
.type = MSR_FEATURE_WORD,
.feat_names = {
"rdctl-no", "ibrs-all", "rsba", "skip-l1dfl-vmentry",
- "ssb-no", NULL, NULL, NULL,
+ "ssb-no", "mds-no", NULL, NULL,
NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
--
2.20.1

View File

@ -1,33 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Wed, 15 May 2019 15:10:10 +0100
Subject: [PATCH] target/i386: define md-clear bit
md-clear is a new CPUID bit which is set when microcode provides the
mechanism to invoke a flush of various exploitable CPU buffers by invoking
the VERW instruction.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20190515141011.5315-2-berrange@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
---
target/i386/cpu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index ee4b8b47e2..331a364a1b 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -1076,7 +1076,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
.feat_names = {
NULL, NULL, "avx512-4vnniw", "avx512-4fmaps",
NULL, NULL, NULL, NULL,
- NULL, NULL, NULL, NULL,
+ NULL, NULL, "md-clear", NULL,
NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
--
2.20.1

View File

@ -1,127 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Wed, 10 Jul 2019 16:14:40 +0200
Subject: [PATCH] virtio-balloon: fix QEMU 4.0 config size migration
incompatibility
The virtio-balloon config size changed in QEMU 4.0 even for existing
machine types. Migration from QEMU 3.1 to 4.0 can fail in some
circumstances with the following error:
qemu-system-x86_64: get_pci_config_device: Bad config data: i=0x10 read: a1 device: 1 cmask: ff wmask: c0 w1cmask:0
This happens because the virtio-balloon config size affects the VIRTIO
Legacy I/O Memory PCI BAR size.
Introduce a qdev property called "qemu-4-0-config-size" and enable it
only for the QEMU 4.0 machine types. This way <4.0 machine types use
the old size, 4.0 uses the larger size, and >4.0 machine types use the
appropriate size depending on enabled virtio-balloon features.
Live migration to and from old QEMUs to QEMU 4.1 works again as long as
a versioned machine type is specified (do not use just "pc"!).
Originally-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
---
hw/core/machine.c | 1 +
hw/virtio/virtio-balloon.c | 28 +++++++++++++++++++++++++---
include/hw/virtio/virtio-balloon.h | 2 ++
3 files changed, 28 insertions(+), 3 deletions(-)
diff --git a/hw/core/machine.c b/hw/core/machine.c
index 743fef2898..f25c91875f 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -36,6 +36,7 @@ GlobalProperty hw_compat_3_1[] = {
{ "usb-kbd", "serial", "42" },
{ "virtio-blk-device", "discard", "false" },
{ "virtio-blk-device", "write-zeroes", "false" },
+ { "virtio-balloon-device", "qemu-4-0-config-size", "false" },
};
const size_t hw_compat_3_1_len = G_N_ELEMENTS(hw_compat_3_1);
diff --git a/hw/virtio/virtio-balloon.c b/hw/virtio/virtio-balloon.c
index d96e4aa96f..c8788ea18d 100644
--- a/hw/virtio/virtio-balloon.c
+++ b/hw/virtio/virtio-balloon.c
@@ -615,6 +615,22 @@ virtio_balloon_free_page_report_notify(NotifierWithReturn *n, void *data)
return 0;
}
+static size_t virtio_balloon_config_size(VirtIOBalloon *s)
+{
+ uint64_t features = s->host_features;
+
+ if (s->qemu_4_0_config_size) {
+ return sizeof(struct virtio_balloon_config);
+ }
+ if (virtio_has_feature(features, VIRTIO_BALLOON_F_PAGE_POISON)) {
+ return sizeof(struct virtio_balloon_config);
+ }
+ if (virtio_has_feature(features, VIRTIO_BALLOON_F_FREE_PAGE_HINT)) {
+ return offsetof(struct virtio_balloon_config, poison_val);
+ }
+ return offsetof(struct virtio_balloon_config, free_page_report_cmd_id);
+}
+
static void virtio_balloon_get_config(VirtIODevice *vdev, uint8_t *config_data)
{
VirtIOBalloon *dev = VIRTIO_BALLOON(vdev);
@@ -635,7 +651,7 @@ static void virtio_balloon_get_config(VirtIODevice *vdev, uint8_t *config_data)
}
trace_virtio_balloon_get_config(config.num_pages, config.actual);
- memcpy(config_data, &config, sizeof(struct virtio_balloon_config));
+ memcpy(config_data, &config, virtio_balloon_config_size(dev));
}
static int build_dimm_list(Object *obj, void *opaque)
@@ -679,7 +695,7 @@ static void virtio_balloon_set_config(VirtIODevice *vdev,
uint32_t oldactual = dev->actual;
ram_addr_t vm_ram_size = get_current_ram_size();
- memcpy(&config, config_data, sizeof(struct virtio_balloon_config));
+ memcpy(&config, config_data, virtio_balloon_config_size(dev));
dev->actual = le32_to_cpu(config.actual);
if (dev->actual != oldactual) {
qapi_event_send_balloon_change(vm_ram_size -
@@ -795,7 +811,7 @@ static void virtio_balloon_device_realize(DeviceState *dev, Error **errp)
int ret;
virtio_init(vdev, "virtio-balloon", VIRTIO_ID_BALLOON,
- sizeof(struct virtio_balloon_config));
+ virtio_balloon_config_size(s));
ret = qemu_add_balloon_handler(virtio_balloon_to_target,
virtio_balloon_stat, s);
@@ -926,6 +942,12 @@ static Property virtio_balloon_properties[] = {
VIRTIO_BALLOON_F_DEFLATE_ON_OOM, false),
DEFINE_PROP_BIT("free-page-hint", VirtIOBalloon, host_features,
VIRTIO_BALLOON_F_FREE_PAGE_HINT, false),
+ /* QEMU 4.0 accidentally changed the config size even when free-page-hint
+ * is disabled, resulting in QEMU 3.1 migration incompatibility. This
+ * property retains this quirk for QEMU 4.1 machine types.
+ */
+ DEFINE_PROP_BOOL("qemu-4-0-config-size", VirtIOBalloon,
+ qemu_4_0_config_size, false),
DEFINE_PROP_LINK("iothread", VirtIOBalloon, iothread, TYPE_IOTHREAD,
IOThread *),
DEFINE_PROP_END_OF_LIST(),
diff --git a/include/hw/virtio/virtio-balloon.h b/include/hw/virtio/virtio-balloon.h
index 1afafb12f6..5a99293a45 100644
--- a/include/hw/virtio/virtio-balloon.h
+++ b/include/hw/virtio/virtio-balloon.h
@@ -71,6 +71,8 @@ typedef struct VirtIOBalloon {
int64_t stats_poll_interval;
uint32_t host_features;
PartiallyBalloonedPage *pbp;
+
+ bool qemu_4_0_config_size;
} VirtIOBalloon;
#endif
--
2.20.1

View File

@ -1,38 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Samuel Thibault <samuel.thibault@ens-lyon.org>
Date: Sun, 28 Jul 2019 19:11:24 +0200
Subject: [PATCH] Fix heap overflow in ip_reass on big packet input
When the first fragment does not fit in the preallocated buffer, q will
already be pointing to the ext buffer, so we mustn't try to update it.
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
---
slirp/src/ip_input.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/slirp/src/ip_input.c b/slirp/src/ip_input.c
index a714fecd58..0ccb78317f 100644
--- a/slirp/src/ip_input.c
+++ b/slirp/src/ip_input.c
@@ -331,6 +331,8 @@ insert:
q = fp->frag_link.next;
m = dtom(slirp, q);
+ int was_ext = m->m_flags & M_EXT;
+
q = (struct ipasfrag *) q->ipf_next;
while (q != (struct ipasfrag*)&fp->frag_link) {
struct mbuf *t = dtom(slirp, q);
@@ -353,7 +355,7 @@ insert:
* the old buffer (in the mbuf), so we must point ip
* into the new buffer.
*/
- if (m->m_flags & M_EXT) {
+ if (!was_ext && m->m_flags & M_EXT) {
int delta = (char *)q - m->m_dat;
q = (struct ipasfrag *)(m->m_ext + delta);
}
--
2.20.1

View File

@ -14,7 +14,7 @@ Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/block/file-posix.c b/block/file-posix.c
index 1cf4ee49eb..89f014f39a 100644
index c185f34a2e..0613f59c7b 100644
--- a/block/file-posix.c
+++ b/block/file-posix.c
@@ -428,7 +428,7 @@ static QemuOptsList raw_runtime_opts = {
@ -35,6 +35,3 @@ index 1cf4ee49eb..89f014f39a 100644
break;
default:
abort();
--
2.20.1

View File

@ -24,6 +24,3 @@ index acf0451fc4..4a64633577 100644
#define DEFAULT_BRIDGE_HELPER CONFIG_QEMU_HELPERDIR "/qemu-bridge-helper"
#define DEFAULT_BRIDGE_INTERFACE "br0"
--
2.20.1

View File

@ -25,6 +25,3 @@ index 83fb522554..154a443071 100644
#endif
#define cpu_signal_handler cpu_x86_signal_handler
--
2.20.1

View File

@ -54,6 +54,3 @@ index 0632c74e9f..5593dfcb06 100644
}
x509_key_password = qemu_opt_get(opts, "x509-key-password");
--
2.20.1

View File

@ -10,10 +10,10 @@ Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index f2c15bf1f2..652eb72b2b 100644
index d98b737b8f..62ab2158f2 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -2530,7 +2530,7 @@ bool pc_machine_is_smm_enabled(PCMachineState *pcms)
@@ -2533,7 +2533,7 @@ bool pc_machine_is_smm_enabled(PCMachineState *pcms)
if (tcg_enabled() || qtest_enabled()) {
smm_available = true;
} else if (kvm_enabled()) {
@ -22,6 +22,3 @@ index f2c15bf1f2..652eb72b2b 100644
}
if (smm_available) {
--
2.20.1

View File

@ -48,6 +48,3 @@ index e664ca4462..70c59db107 100644
}
ret = glfs_init(glfs);
--
2.20.1

View File

@ -30,6 +30,3 @@ index 0c549c9935..7f7a5d4c35 100644
r = rados_connect(*cluster);
if (r < 0) {
error_setg_errno(errp, -r, "error connecting");
--
2.20.1

View File

@ -86,6 +86,3 @@ index 4bd1223637..d8facba0a2 100644
'ringbuf-read' ],
'name-case-whitelist': [
'ACPISlotType', # DIMM, visible through query-acpi-ospm-status
--
2.20.1

View File

@ -75,6 +75,3 @@ index 70c59db107..e8e2739b53 100644
ret = glfs_discard_async(s->fd, offset, size, gluster_finish_aiocb, &acb);
if (ret < 0) {
--
2.20.1

View File

@ -22,6 +22,3 @@ index aa6f81f1ea..4546198471 100644
}
switch (output_format) {
--
2.20.1

View File

@ -33,8 +33,8 @@ Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
---
qemu-img-cmds.hx | 4 +-
qemu-img.c | 194 +++++++++++++++++++++++++++++------------------
2 files changed, 123 insertions(+), 75 deletions(-)
qemu-img.c | 192 +++++++++++++++++++++++++++++------------------
2 files changed, 122 insertions(+), 74 deletions(-)
diff --git a/qemu-img-cmds.hx b/qemu-img-cmds.hx
index 4b47f7495d..db1df8f60b 100644
@ -136,36 +136,6 @@ index 4546198471..6e1a3b8933 100644
- drv = bdrv_find_format(out_fmt);
- if (!drv) {
- error_report("Unknown file format");
- ret = -1;
- goto out;
- }
- proto_drv = bdrv_find_protocol(out.filename, true, &local_err);
-
- if (!proto_drv) {
- error_report_err(local_err);
- ret = -1;
- goto out;
- }
- if (!drv->create_opts) {
- error_report("Format driver '%s' does not support image creation",
- drv->format_name);
- ret = -1;
- goto out;
- }
- if (!proto_drv->create_opts) {
- error_report("Protocol driver '%s' does not support image creation",
- proto_drv->format_name);
- ret = -1;
- goto out;
- }
- create_opts = qemu_opts_append(create_opts, drv->create_opts);
- create_opts = qemu_opts_append(create_opts, proto_drv->create_opts);
-
- opts = qemu_opts_create(create_opts, NULL, 0, &error_abort);
-
- size = blk_getlength(blk1);
- if (size < 0) {
- error_report("Failed to get size for '%s'", in.filename);
+ if (dd.flags & C_OSIZE) {
+ size = dd.osize;
+ } else if (dd.flags & C_IF) {
@ -182,21 +152,32 @@ index 4546198471..6e1a3b8933 100644
ret = -1;
goto out;
}
- proto_drv = bdrv_find_protocol(out.filename, true, &local_err);
- if (dd.flags & C_COUNT && dd.count <= INT64_MAX / in.bsz &&
+ if (!(dd.flags & C_OSIZE) && dd.flags & C_COUNT && dd.count <= INT64_MAX / in.bsz &&
dd.count * in.bsz < size) {
size = dd.count * in.bsz;
}
- /* Overflow means the specified offset is beyond input image's size */
- if (dd.flags & C_SKIP && (in.offset > INT64_MAX / in.bsz ||
- size < in.bsz * in.offset)) {
- qemu_opt_set_number(opts, BLOCK_OPT_SIZE, 0, &error_abort);
- } else {
- qemu_opt_set_number(opts, BLOCK_OPT_SIZE,
- size - in.bsz * in.offset, &error_abort);
- if (!proto_drv) {
- error_report_err(local_err);
- ret = -1;
- goto out;
- }
- if (!drv->create_opts) {
- error_report("Format driver '%s' does not support image creation",
- drv->format_name);
- ret = -1;
- goto out;
- }
- if (!proto_drv->create_opts) {
- error_report("Protocol driver '%s' does not support image creation",
- proto_drv->format_name);
- ret = -1;
- goto out;
+ if (!(dd.flags & C_OSIZE) && dd.flags & C_COUNT && dd.count <= INT64_MAX / in.bsz &&
+ dd.count * in.bsz < size) {
+ size = dd.count * in.bsz;
}
- create_opts = qemu_opts_append(create_opts, drv->create_opts);
- create_opts = qemu_opts_append(create_opts, proto_drv->create_opts);
- opts = qemu_opts_create(create_opts, NULL, 0, &error_abort);
+ if (dd.flags & C_OF) {
+ drv = bdrv_find_format(out_fmt);
+ if (!drv) {
@ -206,11 +187,9 @@ index 4546198471..6e1a3b8933 100644
+ }
+ proto_drv = bdrv_find_protocol(out.filename, true, &local_err);
- ret = bdrv_create(drv, out.filename, opts, &local_err);
- if (ret < 0) {
- error_reportf_err(local_err,
- "%s: error while creating output image: ",
- out.filename);
- size = blk_getlength(blk1);
- if (size < 0) {
- error_report("Failed to get size for '%s'", in.filename);
- ret = -1;
- goto out;
- }
@ -234,18 +213,20 @@ index 4546198471..6e1a3b8933 100644
+ create_opts = qemu_opts_append(create_opts, drv->create_opts);
+ create_opts = qemu_opts_append(create_opts, proto_drv->create_opts);
- /* TODO, we can't honour --image-opts for the target,
- * since it needs to be given in a format compatible
- * with the bdrv_create() call above which does not
- * support image-opts style.
- */
- blk2 = img_open_file(out.filename, NULL, out_fmt, BDRV_O_RDWR,
- false, false, false);
- if (dd.flags & C_COUNT && dd.count <= INT64_MAX / in.bsz &&
- dd.count * in.bsz < size) {
- size = dd.count * in.bsz;
- }
+ opts = qemu_opts_create(create_opts, NULL, 0, &error_abort);
- if (!blk2) {
- ret = -1;
- goto out;
- /* Overflow means the specified offset is beyond input image's size */
- if (dd.flags & C_SKIP && (in.offset > INT64_MAX / in.bsz ||
- size < in.bsz * in.offset)) {
- qemu_opt_set_number(opts, BLOCK_OPT_SIZE, 0, &error_abort);
- } else {
- qemu_opt_set_number(opts, BLOCK_OPT_SIZE,
- size - in.bsz * in.offset, &error_abort);
- }
+ /* Overflow means the specified offset is beyond input image's size */
+ if (dd.flags & C_OSIZE) {
+ qemu_opt_set_number(opts, BLOCK_OPT_SIZE, size, &error_abort);
@ -256,7 +237,15 @@ index 4546198471..6e1a3b8933 100644
+ qemu_opt_set_number(opts, BLOCK_OPT_SIZE,
+ size - in.bsz * in.offset, &error_abort);
+ }
+
- ret = bdrv_create(drv, out.filename, opts, &local_err);
- if (ret < 0) {
- error_reportf_err(local_err,
- "%s: error while creating output image: ",
- out.filename);
- ret = -1;
- goto out;
- }
+ ret = bdrv_create(drv, out.filename, opts, &local_err);
+ if (ret < 0) {
+ error_reportf_err(local_err,
@ -265,7 +254,14 @@ index 4546198471..6e1a3b8933 100644
+ ret = -1;
+ goto out;
+ }
+
- /* TODO, we can't honour --image-opts for the target,
- * since it needs to be given in a format compatible
- * with the bdrv_create() call above which does not
- * support image-opts style.
- */
- blk2 = img_open_file(out.filename, NULL, out_fmt, BDRV_O_RDWR,
- false, false, false);
+ /* TODO, we can't honour --image-opts for the target,
+ * since it needs to be given in a format compatible
+ * with the bdrv_create() call above which does not
@ -273,7 +269,10 @@ index 4546198471..6e1a3b8933 100644
+ */
+ blk2 = img_open_file(out.filename, NULL, out_fmt, BDRV_O_RDWR,
+ false, false, false);
+
- if (!blk2) {
- ret = -1;
- goto out;
+ if (!blk2) {
+ ret = -1;
+ goto out;
@ -319,6 +318,3 @@ index 4546198471..6e1a3b8933 100644
error_report("error while writing to output image file: %s",
strerror(-out_ret));
ret = -1;
--
2.20.1

View File

@ -98,6 +98,3 @@ index 6e1a3b8933..6a76897c01 100644
/* early EOF is considered an error */
error_report("Input ended unexpectedly");
ret = -1;
--
2.20.1

View File

@ -63,6 +63,3 @@ index 6a76897c01..506ae959af 100644
}
/* TODO, we can't honour --image-opts for the target,
--
2.20.1

View File

@ -55,10 +55,10 @@ index 8eec768088..25fe18cbcf 100644
qapi_free_BalloonInfo(info);
}
diff --git a/hw/virtio/virtio-balloon.c b/hw/virtio/virtio-balloon.c
index 2112874055..d96e4aa96f 100644
index adde97fe4b..e7f91a3cec 100644
--- a/hw/virtio/virtio-balloon.c
+++ b/hw/virtio/virtio-balloon.c
@@ -701,8 +701,37 @@ static uint64_t virtio_balloon_get_features(VirtIODevice *vdev, uint64_t f,
@@ -712,8 +712,37 @@ static uint64_t virtio_balloon_get_features(VirtIODevice *vdev, uint64_t f,
static void virtio_balloon_stat(void *opaque, BalloonInfo *info)
{
VirtIOBalloon *dev = opaque;
@ -134,6 +134,3 @@ index 8b3ca4fdd3..c98bb4b559 100644
##
# @query-balloon:
--
2.20.1

View File

@ -34,7 +34,7 @@ index c98bb4b559..4a0e26720e 100644
##
diff --git a/vl.c b/vl.c
index c696ad2a13..5c4b1a281e 100644
index c3dee09c9b..98efed1a79 100644
--- a/vl.c
+++ b/vl.c
@@ -1531,6 +1531,11 @@ MachineInfoList *qmp_query_machines(Error **errp)
@ -49,6 +49,3 @@ index c696ad2a13..5c4b1a281e 100644
entry = g_malloc0(sizeof(*entry));
entry->value = info;
entry->next = mach_list;
--
2.20.1

View File

@ -46,6 +46,3 @@ index 5593dfcb06..bd80c18210 100644
if (port) {
info->has_port = true;
info->port = port;
--
2.20.1

View File

@ -776,10 +776,10 @@ index 0000000000..2149010bb8
+ return ret;
+}
diff --git a/vl.c b/vl.c
index 5c4b1a281e..577e9b0f40 100644
index 98efed1a79..68ca370e19 100644
--- a/vl.c
+++ b/vl.c
@@ -3006,6 +3006,7 @@ int main(int argc, char **argv, char **envp)
@@ -3005,6 +3005,7 @@ int main(int argc, char **argv, char **envp)
int optind;
const char *optarg;
const char *loadvm = NULL;
@ -787,7 +787,7 @@ index 5c4b1a281e..577e9b0f40 100644
MachineClass *machine_class;
const char *cpu_model;
const char *vga_model = NULL;
@@ -3573,6 +3574,9 @@ int main(int argc, char **argv, char **envp)
@@ -3572,6 +3573,9 @@ int main(int argc, char **argv, char **envp)
case QEMU_OPTION_loadvm:
loadvm = optarg;
break;
@ -797,7 +797,7 @@ index 5c4b1a281e..577e9b0f40 100644
case QEMU_OPTION_full_screen:
dpy.has_full_screen = true;
dpy.full_screen = true;
@@ -4580,6 +4584,12 @@ int main(int argc, char **argv, char **envp)
@@ -4579,6 +4583,12 @@ int main(int argc, char **argv, char **envp)
autostart = 0;
exit(1);
}
@ -810,6 +810,3 @@ index 5c4b1a281e..577e9b0f40 100644
}
if (replay_mode != REPLAY_MODE_NONE) {
replay_vmstate_init();
--
2.20.1

View File

@ -231,6 +231,3 @@ index 0000000000..64c49ad0e0
+}
+
+block_init(bdrv_zeroinit_init);
--
2.20.1

View File

@ -18,10 +18,10 @@ Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
5 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/block/backup.c b/block/backup.c
index 9988753249..51c36d291b 100644
index 381659d5ef..9ee43981e8 100644
--- a/block/backup.c
+++ b/block/backup.c
@@ -572,6 +572,7 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
@@ -560,6 +560,7 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
BlockdevOnError on_target_error,
int creation_flags,
BlockCompletionFunc *cb, void *opaque,
@ -29,7 +29,7 @@ index 9988753249..51c36d291b 100644
JobTxn *txn, Error **errp)
{
int64_t len;
@@ -705,6 +706,7 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
@@ -677,6 +678,7 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
block_job_add_bdrv(&job->common, "target", target, 0, BLK_PERM_ALL,
&error_abort);
job->len = len;
@ -51,10 +51,10 @@ index 3d4dedddfc..0a265db1b5 100644
error_propagate(errp, local_err);
backup_job_cleanup(bs);
diff --git a/blockdev.c b/blockdev.c
index 4775a07d93..ce4506f3af 100644
index d358169995..a3542db57a 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -3550,7 +3550,7 @@ static BlockJob *do_drive_backup(DriveBackup *backup, JobTxn *txn,
@@ -3546,7 +3546,7 @@ static BlockJob *do_drive_backup(DriveBackup *backup, JobTxn *txn,
job = backup_job_create(backup->job_id, bs, target_bs, backup->speed,
backup->sync, bmap, backup->compress,
backup->on_source_error, backup->on_target_error,
@ -63,7 +63,7 @@ index 4775a07d93..ce4506f3af 100644
bdrv_unref(target_bs);
if (local_err != NULL) {
error_propagate(errp, local_err);
@@ -3660,7 +3660,7 @@ BlockJob *do_blockdev_backup(BlockdevBackup *backup, JobTxn *txn,
@@ -3656,7 +3656,7 @@ BlockJob *do_blockdev_backup(BlockdevBackup *backup, JobTxn *txn,
job = backup_job_create(backup->job_id, bs, target_bs, backup->speed,
backup->sync, bmap, backup->compress,
backup->on_source_error, backup->on_target_error,
@ -97,6 +97,3 @@ index da8e4b7bf2..86161bd9f3 100644
job_state_transition(job, JOB_STATUS_RUNNING);
aio_co_enter(job->aio_context, job->co);
}
--
2.20.1

View File

@ -566,7 +566,7 @@ index 0000000000..b911b198dc
+
+block_init(bdrv_vma_init);
diff --git a/blockdev.c b/blockdev.c
index ce4506f3af..9210494b47 100644
index a3542db57a..5d524b9a74 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -31,11 +31,13 @@
@ -591,7 +591,7 @@ index ce4506f3af..9210494b47 100644
#include "qapi/qmp/qdict.h"
#include "qapi/qmp/qnum.h"
#include "qapi/qmp/qstring.h"
@@ -3152,6 +3155,539 @@ out:
@@ -3148,6 +3151,539 @@ out:
aio_context_release(aio_context);
}
@ -1560,6 +1560,3 @@ index 49dfda0b28..376f26002a 100644
##
# @query-uuid:
#
--
2.20.1

View File

@ -8,7 +8,7 @@ Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
---
Makefile | 3 +-
Makefile.objs | 1 +
block/backup.c | 103 +++--
block/backup.c | 93 +++--
block/replication.c | 1 +
blockdev.c | 208 +++++----
include/block/block_int.h | 4 +
@ -17,14 +17,14 @@ Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
vma-writer.c | 771 ++++++++++++++++++++++++++++++++++
vma.c | 756 +++++++++++++++++++++++++++++++++
vma.h | 150 +++++++
11 files changed, 2752 insertions(+), 105 deletions(-)
11 files changed, 2739 insertions(+), 108 deletions(-)
create mode 100644 vma-reader.c
create mode 100644 vma-writer.c
create mode 100644 vma.c
create mode 100644 vma.h
diff --git a/Makefile b/Makefile
index 04a0d45050..0b5a8353ea 100644
index d4c5750256..a14995fdb3 100644
--- a/Makefile
+++ b/Makefile
@@ -419,7 +419,7 @@ dummy := $(call unnest-vars,, \
@ -57,7 +57,7 @@ index 559486973a..9477a23ca2 100644
block-obj-m = block/
diff --git a/block/backup.c b/block/backup.c
index 51c36d291b..18598fd491 100644
index 9ee43981e8..5240f71bb5 100644
--- a/block/backup.c
+++ b/block/backup.c
@@ -41,6 +41,7 @@ typedef struct BackupBlockJob {
@ -68,7 +68,7 @@ index 51c36d291b..18598fd491 100644
BlockdevOnError on_source_error;
BlockdevOnError on_target_error;
CoRwlock flush_rwlock;
@@ -130,12 +131,20 @@ static int coroutine_fn backup_cow_with_bounce_buffer(BackupBlockJob *job,
@@ -131,12 +132,20 @@ static int coroutine_fn backup_cow_with_bounce_buffer(BackupBlockJob *job,
}
if (qemu_iovec_is_zero(&qiov)) {
@ -94,20 +94,22 @@ index 51c36d291b..18598fd491 100644
}
if (ret < 0) {
trace_backup_do_cow_write_fail(job, start, ret);
@@ -213,7 +222,11 @@ static int coroutine_fn backup_do_cow(BackupBlockJob *job,
@@ -220,8 +229,12 @@ static int coroutine_fn backup_do_cow(BackupBlockJob *job,
trace_backup_do_cow_process(job, start);
if (job->use_copy_range) {
- ret = backup_cow_with_offload(job, start, end, is_write_notifier);
- ret = backup_cow_with_offload(job, start, dirty_end,
- is_write_notifier);
+ if (job->dump_cb) {
+ ret = - 1;
+ } else {
+ ret = backup_cow_with_offload(job, start, end, is_write_notifier);
+ ret = backup_cow_with_offload(job, start, dirty_end,
+ is_write_notifier);
+ }
if (ret < 0) {
job->use_copy_range = false;
}
@@ -297,7 +310,9 @@ static void backup_abort(Job *job)
@@ -306,7 +319,9 @@ static void backup_abort(Job *job)
static void backup_clean(Job *job)
{
BackupBlockJob *s = container_of(job, BackupBlockJob, common.job);
@ -117,8 +119,8 @@ index 51c36d291b..18598fd491 100644
+ }
blk_unref(s->target);
s->target = NULL;
}
@@ -306,7 +321,9 @@ static void backup_attached_aio_context(BlockJob *job, AioContext *aio_context)
@@ -320,7 +335,9 @@ static void backup_attached_aio_context(BlockJob *job, AioContext *aio_context)
{
BackupBlockJob *s = container_of(job, BackupBlockJob, common);
@ -129,7 +131,7 @@ index 51c36d291b..18598fd491 100644
}
void backup_do_checkpoint(BlockJob *job, Error **errp)
@@ -347,9 +364,11 @@ static BlockErrorAction backup_error_action(BackupBlockJob *job,
@@ -359,9 +376,11 @@ static BlockErrorAction backup_error_action(BackupBlockJob *job,
if (read) {
return block_job_error_action(&job->common, job->on_source_error,
true, error);
@ -142,7 +144,7 @@ index 51c36d291b..18598fd491 100644
}
}
@@ -571,6 +590,7 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
@@ -559,6 +578,7 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
BlockdevOnError on_source_error,
BlockdevOnError on_target_error,
int creation_flags,
@ -150,8 +152,8 @@ index 51c36d291b..18598fd491 100644
BlockCompletionFunc *cb, void *opaque,
int pause_count,
JobTxn *txn, Error **errp)
@@ -581,7 +601,7 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
int ret;
@@ -570,7 +590,7 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
HBitmap *copy_bitmap = NULL;
assert(bs);
- assert(target);
@ -159,7 +161,7 @@ index 51c36d291b..18598fd491 100644
if (bs == target) {
error_setg(errp, "Source and target cannot be the same");
@@ -594,13 +614,13 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
@@ -583,23 +603,23 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
return NULL;
}
@ -175,7 +177,10 @@ index 51c36d291b..18598fd491 100644
error_setg(errp, "Compression is not supported for this drive %s",
bdrv_get_device_name(target));
return NULL;
@@ -610,7 +630,7 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
}
- if (bdrv_op_is_blocked(bs, BLOCK_OP_TYPE_BACKUP_SOURCE, errp)) {
+ if (target && bdrv_op_is_blocked(bs, BLOCK_OP_TYPE_BACKUP_SOURCE, errp)) {
return NULL;
}
@ -184,7 +189,16 @@ index 51c36d291b..18598fd491 100644
return NULL;
}
@@ -650,15 +670,18 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
@@ -629,7 +649,7 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
goto error;
}
- cluster_size = backup_calculate_cluster_size(target, errp);
+ cluster_size = backup_calculate_cluster_size(target ? target : bs, errp);
if (cluster_size < 0) {
goto error;
}
@@ -646,15 +666,18 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
goto error;
}
@ -210,59 +224,34 @@ index 51c36d291b..18598fd491 100644
job->on_source_error = on_source_error;
job->on_target_error = on_target_error;
job->sync_mode = sync_mode;
@@ -669,6 +692,9 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
/* Detect image-fleecing (and similar) schemes */
job->serialize_target_writes = bdrv_chain_contains(target, bs);
+ if (!target) {
+ goto use_default_cluster_size;
+ }
/* If there is no backing file on the target, we cannot rely on COW if our
* backup cluster size is smaller than the target cluster size. Even for
* targets with a backing file, try to avoid COW if possible. */
@@ -693,18 +719,35 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
/* Not fatal; just trudge on ahead. */
job->cluster_size = BACKUP_CLUSTER_SIZE_DEFAULT;
} else {
- job->cluster_size = MAX(BACKUP_CLUSTER_SIZE_DEFAULT, bdi.cluster_size);
+ use_default_cluster_size:
+ ret = bdrv_get_info(bs, &bdi);
+ if (ret < 0) {
+ job->cluster_size = BACKUP_CLUSTER_SIZE_DEFAULT;
+ } else {
+ /* round down to nearest BACKUP_CLUSTER_SIZE_DEFAULT */
+ job->cluster_size = (bdi.cluster_size / BACKUP_CLUSTER_SIZE_DEFAULT) * BACKUP_CLUSTER_SIZE_DEFAULT;
+ if (job->cluster_size == 0) {
+ /* but we can't go below it */
+ job->cluster_size = BACKUP_CLUSTER_SIZE_DEFAULT;
+ }
+ }
+ }
+ if (target) {
+ job->use_copy_range = true;
+ job->copy_range_size = MIN_NON_ZERO(blk_get_max_transfer(job->common.blk),
+ blk_get_max_transfer(job->target));
+ job->copy_range_size = MAX(job->cluster_size,
+ QEMU_ALIGN_UP(job->copy_range_size,
+ job->cluster_size));
+ } else {
+ job->use_copy_range = false;
}
- job->use_copy_range = true;
@@ -667,16 +690,20 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
job->cluster_size = cluster_size;
job->copy_bitmap = copy_bitmap;
copy_bitmap = NULL;
- job->use_copy_range = !compress; /* compression isn't supported for it */
- job->copy_range_size = MIN_NON_ZERO(blk_get_max_transfer(job->common.blk),
- blk_get_max_transfer(job->target));
- job->copy_range_size = MAX(job->cluster_size,
- QEMU_ALIGN_UP(job->copy_range_size,
- job->cluster_size));
-
- /* Required permissions are already taken with target's blk_new() */
- block_job_add_bdrv(&job->common, "target", target, 0, BLK_PERM_ALL,
- &error_abort);
+
+ if (target) {
+ job->use_copy_range = !compress; /* compression isn't supported for it */
+ job->copy_range_size = MIN_NON_ZERO(blk_get_max_transfer(job->common.blk),
+ blk_get_max_transfer(job->target));
+ job->copy_range_size = MAX(job->cluster_size,
+ QEMU_ALIGN_UP(job->copy_range_size,
+ job->cluster_size));
+
+ /* Required permissions are already taken with target's blk_new() */
+ block_job_add_bdrv(&job->common, "target", target, 0, BLK_PERM_ALL,
+ &error_abort);
+ }
+
job->len = len;
job->common.job.pause_count += pause_count;
@ -279,7 +268,7 @@ index 0a265db1b5..e85c62ba9c 100644
if (local_err) {
error_propagate(errp, local_err);
diff --git a/blockdev.c b/blockdev.c
index 9210494b47..f8ce285caa 100644
index 5d524b9a74..2466a02cbd 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -31,7 +31,6 @@
@ -298,7 +287,7 @@ index 9210494b47..f8ce285caa 100644
static QTAILQ_HEAD(, BlockDriverState) monitor_bdrv_states =
QTAILQ_HEAD_INITIALIZER(monitor_bdrv_states);
@@ -3160,15 +3160,14 @@ out:
@@ -3156,15 +3156,14 @@ out:
static struct PVEBackupState {
Error *error;
bool cancel;
@ -316,7 +305,7 @@ index 9210494b47..f8ce285caa 100644
size_t total;
size_t transferred;
size_t zero_bytes;
@@ -3187,6 +3186,71 @@ typedef struct PVEBackupDevInfo {
@@ -3183,6 +3182,71 @@ typedef struct PVEBackupDevInfo {
static void pvebackup_run_next_job(void);
@ -388,7 +377,7 @@ index 9210494b47..f8ce285caa 100644
static void pvebackup_cleanup(void)
{
qemu_mutex_lock(&backup_state.backup_mutex);
@@ -3198,9 +3262,11 @@ static void pvebackup_cleanup(void)
@@ -3194,9 +3258,11 @@ static void pvebackup_cleanup(void)
backup_state.end_time = time(NULL);
@ -403,7 +392,7 @@ index 9210494b47..f8ce285caa 100644
}
g_list_free(backup_state.di_list);
@@ -3208,6 +3274,13 @@ static void pvebackup_cleanup(void)
@@ -3204,6 +3270,13 @@ static void pvebackup_cleanup(void)
qemu_mutex_unlock(&backup_state.backup_mutex);
}
@ -417,7 +406,7 @@ index 9210494b47..f8ce285caa 100644
static void pvebackup_complete_cb(void *opaque, int ret)
{
// This always runs in the main loop
@@ -3224,9 +3297,9 @@ static void pvebackup_complete_cb(void *opaque, int ret)
@@ -3220,9 +3293,9 @@ static void pvebackup_complete_cb(void *opaque, int ret)
di->bs = NULL;
di->target = NULL;
@ -430,7 +419,7 @@ index 9210494b47..f8ce285caa 100644
}
// remove self from job queue
@@ -3254,14 +3327,9 @@ static void pvebackup_cancel(void *opaque)
@@ -3250,14 +3323,9 @@ static void pvebackup_cancel(void *opaque)
error_setg(&backup_state.error, "backup cancelled");
}
@ -447,7 +436,7 @@ index 9210494b47..f8ce285caa 100644
}
GList *l = backup_state.di_list;
@@ -3292,18 +3360,14 @@ void qmp_backup_cancel(Error **errp)
@@ -3288,18 +3356,14 @@ void qmp_backup_cancel(Error **errp)
Coroutine *co = qemu_coroutine_create(pvebackup_cancel, NULL);
qemu_coroutine_enter(co);
@ -469,7 +458,7 @@ index 9210494b47..f8ce285caa 100644
Error **errp)
{
char *cdata = NULL;
@@ -3317,7 +3381,12 @@ static int config_to_vma(const char *file, BackupFormat format,
@@ -3313,7 +3377,12 @@ static int config_to_vma(const char *file, BackupFormat format,
char *basename = g_path_get_basename(file);
if (format == BACKUP_FORMAT_VMA) {
@ -483,7 +472,7 @@ index 9210494b47..f8ce285caa 100644
} else if (format == BACKUP_FORMAT_DIR) {
char config_path[PATH_MAX];
snprintf(config_path, PATH_MAX, "%s/%s", backup_dir, basename);
@@ -3334,28 +3403,30 @@ static int config_to_vma(const char *file, BackupFormat format,
@@ -3330,28 +3399,30 @@ static int config_to_vma(const char *file, BackupFormat format,
return 0;
}
@ -523,7 +512,7 @@ index 9210494b47..f8ce285caa 100644
}
qemu_mutex_unlock(&backup_state.backup_mutex);
@@ -3366,7 +3437,7 @@ static void pvebackup_run_next_job(void)
@@ -3362,7 +3433,7 @@ static void pvebackup_run_next_job(void)
UuidInfo *qmp_backup(const char *backup_file, bool has_format,
BackupFormat format,
bool has_config_file, const char *config_file,
@ -532,7 +521,7 @@ index 9210494b47..f8ce285caa 100644
bool has_devlist, const char *devlist,
bool has_speed, int64_t speed, Error **errp)
{
@@ -3374,7 +3445,8 @@ UuidInfo *qmp_backup(const char *backup_file, bool has_format,
@@ -3370,7 +3441,8 @@ UuidInfo *qmp_backup(const char *backup_file, bool has_format,
BlockDriverState *bs = NULL;
const char *backup_dir = NULL;
Error *local_err = NULL;
@ -542,7 +531,7 @@ index 9210494b47..f8ce285caa 100644
gchar **devs = NULL;
GList *di_list = NULL;
GList *l;
@@ -3386,7 +3458,7 @@ UuidInfo *qmp_backup(const char *backup_file, bool has_format,
@@ -3382,7 +3454,7 @@ UuidInfo *qmp_backup(const char *backup_file, bool has_format,
backup_state.backup_mutex_initialized = true;
}
@ -551,7 +540,7 @@ index 9210494b47..f8ce285caa 100644
error_set(errp, ERROR_CLASS_GENERIC_ERROR,
"previous backup not finished");
return NULL;
@@ -3461,40 +3533,28 @@ UuidInfo *qmp_backup(const char *backup_file, bool has_format,
@@ -3457,40 +3529,28 @@ UuidInfo *qmp_backup(const char *backup_file, bool has_format,
total += size;
}
@ -600,7 +589,7 @@ index 9210494b47..f8ce285caa 100644
goto err;
}
}
@@ -3535,14 +3595,14 @@ UuidInfo *qmp_backup(const char *backup_file, bool has_format,
@@ -3531,14 +3591,14 @@ UuidInfo *qmp_backup(const char *backup_file, bool has_format,
/* add configuration file to archive */
if (has_config_file) {
@ -617,7 +606,7 @@ index 9210494b47..f8ce285caa 100644
goto err;
}
}
@@ -3565,12 +3625,13 @@ UuidInfo *qmp_backup(const char *backup_file, bool has_format,
@@ -3561,12 +3621,13 @@ UuidInfo *qmp_backup(const char *backup_file, bool has_format,
}
backup_state.backup_file = g_strdup(backup_file);
@ -634,7 +623,7 @@ index 9210494b47..f8ce285caa 100644
backup_state.total = total;
backup_state.transferred = 0;
@@ -3581,21 +3642,21 @@ UuidInfo *qmp_backup(const char *backup_file, bool has_format,
@@ -3577,21 +3638,21 @@ UuidInfo *qmp_backup(const char *backup_file, bool has_format,
while (l) {
PVEBackupDevInfo *di = (PVEBackupDevInfo *)l->data;
l = g_list_next(l);
@ -662,7 +651,7 @@ index 9210494b47..f8ce285caa 100644
}
qemu_mutex_unlock(&backup_state.backup_mutex);
@@ -3631,9 +3692,10 @@ err:
@@ -3627,9 +3688,10 @@ err:
g_strfreev(devs);
}
@ -676,7 +665,7 @@ index 9210494b47..f8ce285caa 100644
}
if (backup_dir) {
@@ -4086,7 +4148,7 @@ static BlockJob *do_drive_backup(DriveBackup *backup, JobTxn *txn,
@@ -4082,7 +4144,7 @@ static BlockJob *do_drive_backup(DriveBackup *backup, JobTxn *txn,
job = backup_job_create(backup->job_id, bs, target_bs, backup->speed,
backup->sync, bmap, backup->compress,
backup->on_source_error, backup->on_target_error,
@ -685,7 +674,7 @@ index 9210494b47..f8ce285caa 100644
bdrv_unref(target_bs);
if (local_err != NULL) {
error_propagate(errp, local_err);
@@ -4196,7 +4258,7 @@ BlockJob *do_blockdev_backup(BlockdevBackup *backup, JobTxn *txn,
@@ -4192,7 +4254,7 @@ BlockJob *do_blockdev_backup(BlockdevBackup *backup, JobTxn *txn,
job = backup_job_create(backup->job_id, bs, target_bs, backup->speed,
backup->sync, bmap, backup->compress,
backup->on_source_error, backup->on_target_error,
@ -3288,6 +3277,3 @@ index 0000000000..c895c97f6d
+int vma_reader_verify(VmaReader *vmar, bool verbose, Error **errp);
+
+#endif /* BACKUP_VMA_H */
--
2.20.1

View File

@ -185,6 +185,3 @@ index 1b59fd1555..f9f5c308fe 100644
if (argc < 2) {
help();
--
2.20.1

View File

@ -91,6 +91,3 @@ index f9f5c308fe..476b7bee00 100644
if (throttling_group) {
blk_io_limits_enable(blk, throttling_group);
}
--
2.20.1

View File

@ -26,6 +26,3 @@ index 476b7bee00..3289fd722f 100644
bool write_zero = true;
if (readmap) {
--
2.20.1

View File

@ -28,10 +28,10 @@ index 880c63dab2..6c98b2b510 100644
"-fda/-fdb file use 'file' as floppy disk 0/1 image\n", QEMU_ARCH_ALL)
DEF("fdb", HAS_ARG, QEMU_OPTION_fdb, "", QEMU_ARCH_ALL)
diff --git a/vl.c b/vl.c
index 577e9b0f40..88512e26e9 100644
index 68ca370e19..bb2cdb8ea9 100644
--- a/vl.c
+++ b/vl.c
@@ -2994,6 +2994,7 @@ static void user_register_global_props(void)
@@ -2993,6 +2993,7 @@ static void user_register_global_props(void)
int main(int argc, char **argv, char **envp)
{
int i;
@ -39,7 +39,7 @@ index 577e9b0f40..88512e26e9 100644
int snapshot, linux_boot;
const char *initrd_filename;
const char *kernel_filename, *kernel_cmdline;
@@ -3682,6 +3683,13 @@ int main(int argc, char **argv, char **envp)
@@ -3681,6 +3682,13 @@ int main(int argc, char **argv, char **envp)
exit(1);
}
break;
@ -53,6 +53,3 @@ index 577e9b0f40..88512e26e9 100644
case QEMU_OPTION_vnc:
vnc_parse(optarg, &error_fatal);
break;
--
2.20.1

View File

@ -30,6 +30,3 @@ index 78903ea909..cdfbec5e47 100644
}
/* This function is only used for old state version 1 and 2 */
--
2.20.1

View File

@ -13,7 +13,7 @@ Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 files changed, 43 insertions(+), 21 deletions(-)
diff --git a/block/file-posix.c b/block/file-posix.c
index 89f014f39a..ad2f9bf243 100644
index 0613f59c7b..ef5c1bf487 100644
--- a/block/file-posix.c
+++ b/block/file-posix.c
@@ -2223,6 +2223,7 @@ raw_co_create(BlockdevCreateOptions *options, Error **errp)
@ -118,7 +118,7 @@ index 89f014f39a..ad2f9bf243 100644
},
};
return raw_co_create(&options, errp);
@@ -2773,7 +2794,7 @@ static int raw_check_perm(BlockDriverState *bs, uint64_t perm, uint64_t shared,
@@ -2789,7 +2810,7 @@ static int raw_check_perm(BlockDriverState *bs, uint64_t perm, uint64_t shared,
}
/* Copy locks to the new fd */
@ -141,6 +141,3 @@ index 6f97460806..0e9c239485 100644
##
# @BlockdevCreateOptionsGluster:
--
2.20.1

View File

@ -20,6 +20,3 @@ index 2149010bb8..0bbbbf51ba 100644
}
static ssize_t block_state_writev_buffer(void *opaque, struct iovec *iov,
--
2.20.1

View File

@ -1,47 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Wed, 15 May 2019 15:10:11 +0100
Subject: [PATCH] docs: recommend use of md-clear feature on all Intel CPUs
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Update x86 CPU model guidance to recommend that the md-clear feature is
manually enabled with all Intel CPU models, when supported by the host
microcode.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20190515141011.5315-3-berrange@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
(cherry picked from commit 2c7e82a30774730100da9dbe68d2360459030d91)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
---
docs/qemu-cpu-models.texi | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/docs/qemu-cpu-models.texi b/docs/qemu-cpu-models.texi
index 23c11dc86f..ad040cfc98 100644
--- a/docs/qemu-cpu-models.texi
+++ b/docs/qemu-cpu-models.texi
@@ -200,6 +200,18 @@ Not included by default in any Intel CPU model.
Should be explicitly turned on for all Intel CPU models.
Note that not all CPU hardware will support this feature.
+
+@item @code{md-clear}
+
+Required to confirm the MDS (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130,
+CVE-2019-11091) fixes.
+
+Not included by default in any Intel CPU model.
+
+Must be explicitly turned on for all Intel CPU models.
+
+Requires the host CPU microcode to support this feature before it
+can be used for guest CPUs.
@end table
--
2.20.1

View File

@ -36,6 +36,3 @@ index 0bbbbf51ba..f9355c5036 100644
DPRINTF("save complete\n");
break;
}
--
2.20.1

View File

@ -18,10 +18,10 @@ Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/monitor.c b/monitor.c
index 4807bbe811..f8d2338667 100644
index daadbcdede..0f79a7dfa4 100644
--- a/monitor.c
+++ b/monitor.c
@@ -4605,10 +4605,7 @@ void monitor_init(Chardev *chr, int flags)
@@ -4616,10 +4616,7 @@ void monitor_init(Chardev *chr, int flags)
bool use_readline = flags & MONITOR_USE_READLINE;
/* Note: we run QMP monitor in I/O thread when @chr supports that */
@ -33,6 +33,3 @@ index 4807bbe811..f8d2338667 100644
qemu_chr_fe_init(&mon->chr, chr, &error_abort);
mon->flags = flags;
--
2.20.1

View File

@ -15,7 +15,7 @@ index fd9567634d..b163fa2d3a 100644
@@ -199,12 +199,14 @@ int vma_writer_register_stream(VmaWriter *vmaw, const char *devname,
return n;
}
-static void vma_co_continue_write(void *opaque)
+static void coroutine_fn yield_until_fd_writable(int fd)
{
@ -30,11 +30,11 @@ index fd9567634d..b163fa2d3a 100644
+ qemu_coroutine_yield();
+ aio_set_fd_handler(ctx, fd, false, NULL, NULL, NULL, NULL);
}
static ssize_t coroutine_fn
@@ -224,14 +226,12 @@ vma_queue_write(VmaWriter *vmaw, const void *buf, size_t bytes)
vmaw->co_writer = qemu_coroutine_self();
while (done < bytes) {
- aio_set_fd_handler(qemu_get_aio_context(), vmaw->fd, false, NULL, vma_co_continue_write, NULL, vmaw);
- qemu_coroutine_yield();
@ -48,5 +48,3 @@ index fd9567634d..b163fa2d3a 100644
ret = write(vmaw->fd, buf + done, bytes - done);
if (ret > 0) {
done += ret;
--
2.20.1

15
debian/patches/series vendored
View File

@ -1,8 +1,4 @@
extra/0001-target-i386-add-MDS-NO-feature.patch
extra/0002-target-i386-define-md-clear-bit.patch
extra/0003-virtio-balloon-fix-QEMU-4.0-config-size-migration-in.patch
extra/0004-Fix-heap-overflow-in-ip_reass-on-big-packet-input.patch
extra/0005-monitor-qmp-resume-monitor-when-clearing-its-queue.patch
extra/0001-monitor-qmp-resume-monitor-when-clearing-its-queue.patch
pve/0001-PVE-Config-block-file-change-locking-default-to-off.patch
pve/0002-PVE-Config-Adjust-network-script-path-to-etc-kvm.patch
pve/0003-PVE-Config-set-the-CPU-model-to-kvm64-32-instead-of-.patch
@ -30,8 +26,7 @@ pve/0024-PVE-vma-remove-forced-NO_FLUSH-option.patch
pve/0025-PVE-Add-dummy-id-command-line-parameter.patch
pve/0026-PVE-Config-Revert-target-i386-disable-LINT0-after-re.patch
pve/0027-PVE-Up-Config-file-posix-make-locking-optiono-on-cre.patch
pve/0028-docs-recommend-use-of-md-clear-feature-on-all-Intel-.patch
pve/0029-PVE-savevm-async-kick-AIO-wait-on-block-state-write.patch
pve/0030-PVE-move-snapshot-cleanup-into-bottom-half.patch
pve/0031-PVE-monitor-disable-oob-capability.patch
pve/0032-PVE-bug-fix-1071-vma-writer.c-use-correct-AioContext.patch
pve/0028-PVE-savevm-async-kick-AIO-wait-on-block-state-write.patch
pve/0029-PVE-move-snapshot-cleanup-into-bottom-half.patch
pve/0030-PVE-monitor-disable-oob-capability.patch
pve/0031-PVE-bug-fix-1071-vma-writer.c-use-correct-AioContext.patch

2
qemu

@ -1 +1 @@
Subproject commit 131b9a05705636086699df15d4a6d328bb2585e8
Subproject commit 23967e5b2a6c6d04b8db766a8a149f3631a7b899