- 16 3月, 2018 2 次提交
-
-
由 Peter Maydell 提交于
# gpg: Signature made Tue 13 Mar 2018 17:33:03 GMT # gpg: using RSA key F30C38BD3F2FBE3C # gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" # gpg: aka "Laurent Vivier <laurent@vivier.eu>" # gpg: aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" # Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F 5173 F30C 38BD 3F2F BE3C * remotes/vivier2/tags/linux-user-for-2.12-pull-request: linux-user: init_guest_space: Add a comment about search strategy linux-user: init_guest_space: Don't try to align if we'll reject it linux-user: init_guest_space: Clean up control flow a bit linux-user: init_guest_commpage: Add a comment about size check linux-user: init_guest_space: Clarify page alignment logic linux-user: init_guest_space: Correctly handle guest_start in commpage initialization linux-user: init_guest_space: Clean up if we can't initialize the commpage linux-user: Rename validate_guest_space => init_guest_commpage linux-user: Use #if to only call validate_guest_space for 32-bit ARM target qemu-binfmt-conf.sh: add qemu-xtensa linux-user: drop unused target_msync function linux-user: fix target_mprotect/target_munmap error return values linux-user: fix assertion in shmdt linux-user: fix mmap/munmap/mprotect/mremap/shmat linux-user: Support f_flags in statfs when available. linux-user: allows to use "--systemd ALL" with qemu-binfmt-conf.sh linux-user: Remove the unused "not implemented" signal handling stubs linux-user: Drop unicore32 code Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Peter Maydell 提交于
* Migrate MSR_SMI_COUNT (Liran) * Update kernel headers (Gerd, myself) * SEV support (Brijesh) I have not tested non-x86 compilation, but I reordered the SEV patches so that all non-x86-specific changes go first to catch any possible issues (which weren't there anyway :)). # gpg: Signature made Tue 13 Mar 2018 16:37:06 GMT # gpg: using RSA key BFFBD25F78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream-sev: (22 commits) sev/i386: add sev_get_capabilities() sev/i386: qmp: add query-sev-capabilities command sev/i386: qmp: add query-sev-launch-measure command sev/i386: hmp: add 'info sev' command cpu/i386: populate CPUID 0x8000_001F when SEV is active sev/i386: add migration blocker sev/i386: finalize the SEV guest launch flow sev/i386: add support to LAUNCH_MEASURE command target/i386: encrypt bios rom sev/i386: add command to encrypt guest memory region sev/i386: add command to create launch memory encryption context sev/i386: register the guest memory range which may contain encrypted data sev/i386: add command to initialize the memory encryption context include: add psp-sev.h header file sev/i386: qmp: add query-sev command target/i386: add Secure Encrypted Virtualization (SEV) object kvm: introduce memory encryption APIs kvm: add memory encryption context docs: add AMD Secure Encrypted Virtualization (SEV) machine: add memory-encryption option ... Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
- 15 3月, 2018 2 次提交
-
-
由 Peter Maydell 提交于
Some updates to reduce timeouts in Travis # gpg: Signature made Tue 13 Mar 2018 16:44:46 GMT # gpg: using RSA key FBD0DB095A9E2A44 # gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" # Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44 * remotes/stsquad/tags/pull-travis-speedup-130318-1: .travis.yml: add --disable-user with the rest of the disables .travis.yml: split default config into system and user .travis.yml: drop setting default log output Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Peter Maydell 提交于
# gpg: Signature made Tue 13 Mar 2018 15:58:42 GMT # gpg: using RSA key F30C38BD3F2FBE3C # gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" # gpg: aka "Laurent Vivier <laurent@vivier.eu>" # gpg: aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" # Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F 5173 F30C 38BD 3F2F BE3C * remotes/vivier/tags/m68k-for-2.12-pull-request: target/m68k: implement fcosh target/m68k: implement fsinh target/m68k: implement ftanh target/m68k: implement fatanh target/m68k: implement facos target/m68k: implement fasin target/m68k: implement fatan target/m68k: implement fsincos target/m68k: implement fcos target/m68k: implement fsin target/m68k: implement ftan Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
- 14 3月, 2018 18 次提交
-
-
由 Peter Maydell 提交于
# gpg: Signature made Tue 13 Mar 2018 12:28:21 GMT # gpg: using RSA key BDBE7B27C0DE3057 # gpg: Good signature from "Jeffrey Cody <jcody@redhat.com>" # gpg: aka "Jeffrey Cody <jeff@codyprime.org>" # gpg: aka "Jeffrey Cody <codyprime@gmail.com>" # Primary key fingerprint: 9957 4B4D 3474 90E7 9D98 D624 BDBE 7B27 C0DE 3057 * remotes/cody/tags/block-pull-request: block: include original filename when reporting invalid URIs Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Brijesh Singh 提交于
The function can be used to get the current SEV capabilities. The capabilities include platform diffie-hellman key (pdh) and certificate chain. The key can be provided to the external entities which wants to establish a trusted channel between SEV firmware and guest owner. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Brijesh Singh 提交于
The command can be used by libvirt to query the SEV capabilities. Cc: "Daniel P. Berrangé" <berrange@redhat.com> Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com> Cc: Markus Armbruster <armbru@redhat.com> Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Brijesh Singh 提交于
The command can be used by libvirt to retrieve the measurement of SEV guest. This measurement is a signature of the memory contents that was encrypted through the LAUNCH_UPDATE_DATA. Cc: "Daniel P. Berrangé" <berrange@redhat.com> Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com> Cc: Markus Armbruster <armbru@redhat.com> Reviewed-by: NEric Blake <eblake@redhat.com> Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Brijesh Singh 提交于
The command can be used to show the SEV information when memory encryption is enabled on AMD platform. Cc: Eric Blake <eblake@redhat.com> Cc: "Daniel P. Berrangé" <berrange@redhat.com> Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com> Cc: Markus Armbruster <armbru@redhat.com> Reviewed-by: N"Dr. David Alan Gilbert" <dgilbert@redhat.com> Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Brijesh Singh 提交于
When SEV is enabled, CPUID 0x8000_001F should provide additional information regarding the feature (such as which page table bit is used to mark the pages as encrypted etc). The details for memory encryption CPUID is available in AMD APM (https://support.amd.com/TechDocs/24594.pdf) Section E.4.17 Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Reviewed-by: NEduardo Habkost <ehabkost@redhat.com> Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Brijesh Singh 提交于
SEV guest migration is not implemented yet. Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com> Reviewed-by: NDr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Brijesh Singh 提交于
SEV launch flow requires us to issue LAUNCH_FINISH command before guest is ready to run. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Brijesh Singh 提交于
During machine creation we encrypted the guest bios image, the LAUNCH_MEASURE command can be used to retrieve the measurement of the encrypted memory region. This measurement is a signature of the memory contents that can be sent to the guest owner as an attestation that the memory was encrypted correctly by the firmware. VM management tools like libvirt can query the measurement using query-sev-launch-measure QMP command. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Brijesh Singh 提交于
SEV requires that guest bios must be encrypted before booting the guest. Cc: "Michael S. Tsirkin" <mst@redhat.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Brijesh Singh 提交于
The KVM_SEV_LAUNCH_UPDATE_DATA command is used to encrypt a guest memory region using the VM Encryption Key created using LAUNCH_START. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Brijesh Singh 提交于
The KVM_SEV_LAUNCH_START command creates a new VM encryption key (VEK). The encryption key created with the command will be used for encrypting the bootstrap images (such as guest bios). Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Brijesh Singh 提交于
When SEV is enabled, the hardware encryption engine uses a tweak such that the two identical plaintext at different location will have a different ciphertexts. So swapping or moving a ciphertexts of two guest pages will not result in plaintexts being swapped. Hence relocating a physical backing pages of the SEV guest will require some additional steps in KVM driver. The KVM_MEMORY_ENCRYPT_{UN,}REG_REGION ioctl can be used to register/unregister the guest memory region which may contain the encrypted data. KVM driver will internally handle the relocating physical backing pages of registered memory regions. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Brijesh Singh 提交于
When memory encryption is enabled, KVM_SEV_INIT command is used to initialize the platform. The command loads the SEV related persistent data from non-volatile storage and initializes the platform context. This command should be first issued before invoking any other guest commands provided by the SEV firmware. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Peter Maydell 提交于
Python queue, 2018-03-12 # gpg: Signature made Mon 12 Mar 2018 22:10:36 GMT # gpg: using RSA key 2807936F984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>" # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/python-next-pull-request: device-crash-test: Use 'python' binary qmp.py: Encode json data before sending qemu.py: Use items() instead of iteritems() device-crash-test: New known crashes Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Alex Bennée 提交于
As all the disabled features only affect system emulation we might as well disable user mode to save compile time. Signed-off-by: NAlex Bennée <alex.bennee@linaro.org> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Alex Bennée 提交于
As the build times have risen we keep timing out. Split the default config into system and user builds. Signed-off-by: NAlex Bennée <alex.bennee@linaro.org> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Alex Bennée 提交于
The log backend is the default one, we don't need to explicitly set it. Signed-off-by: NAlex Bennée <alex.bennee@linaro.org> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
- 13 3月, 2018 18 次提交
-
-
由 Laurent Vivier 提交于
Using a local m68k floatx80_cosh() [copied from previous: Written by Andreas Grabher for Previous, NeXT Computer Emulator.] Signed-off-by: NLaurent Vivier <laurent@vivier.eu> Message-Id: <20180312202728.23790-12-laurent@vivier.eu>
-
由 Laurent Vivier 提交于
Using a local m68k floatx80_sinh() [copied from previous: Written by Andreas Grabher for Previous, NeXT Computer Emulator.] Signed-off-by: NLaurent Vivier <laurent@vivier.eu> Message-Id: <20180312202728.23790-11-laurent@vivier.eu>
-
由 Laurent Vivier 提交于
Using local m68k floatx80_tanh() and floatx80_etoxm1() [copied from previous: Written by Andreas Grabher for Previous, NeXT Computer Emulator.] Signed-off-by: NLaurent Vivier <laurent@vivier.eu> Message-Id: <20180312202728.23790-10-laurent@vivier.eu>
-
由 Laurent Vivier 提交于
Using a local m68k floatx80_atanh() [copied from previous: Written by Andreas Grabher for Previous, NeXT Computer Emulator.] Signed-off-by: NLaurent Vivier <laurent@vivier.eu> Message-Id: <20180312202728.23790-9-laurent@vivier.eu>
-
由 Laurent Vivier 提交于
Using a local m68k floatx80_acos() [copied from previous: Written by Andreas Grabher for Previous, NeXT Computer Emulator.] Signed-off-by: NLaurent Vivier <laurent@vivier.eu> Message-Id: <20180312202728.23790-8-laurent@vivier.eu>
-
由 Laurent Vivier 提交于
Using a local m68k floatx80_asin() [copied from previous: Written by Andreas Grabher for Previous, NeXT Computer Emulator.] Signed-off-by: NLaurent Vivier <laurent@vivier.eu> Message-Id: <20180312202728.23790-7-laurent@vivier.eu>
-
由 Laurent Vivier 提交于
Using a local m68k floatx80_atan() [copied from previous: Written by Andreas Grabher for Previous, NeXT Computer Emulator.] Signed-off-by: NLaurent Vivier <laurent@vivier.eu> Message-Id: <20180312202728.23790-6-laurent@vivier.eu>
-
由 Laurent Vivier 提交于
using floatx80_sin() and floatx80_cos() Signed-off-by: NLaurent Vivier <laurent@vivier.eu> Message-Id: <20180312202728.23790-5-laurent@vivier.eu>
-
由 Laurent Vivier 提交于
Using a local m68k floatx80_cos() [copied from previous: Written by Andreas Grabher for Previous, NeXT Computer Emulator.] Signed-off-by: NLaurent Vivier <laurent@vivier.eu> Message-Id: <20180312202728.23790-4-laurent@vivier.eu>
-
由 Laurent Vivier 提交于
Using a local m68k floatx80_sin() [copied from previous: Written by Andreas Grabher for Previous, NeXT Computer Emulator.] Signed-off-by: NLaurent Vivier <laurent@vivier.eu> Message-Id: <20180312202728.23790-3-laurent@vivier.eu>
-
由 Laurent Vivier 提交于
Using a local m68k floatx80_tan() [copied from previous: Written by Andreas Grabher for Previous, NeXT Computer Emulator.] Signed-off-by: NLaurent Vivier <laurent@vivier.eu> Message-Id: <20180312202728.23790-2-laurent@vivier.eu>
-
由 Luke Shumaker 提交于
Signed-off-by: NLuke Shumaker <lukeshu@parabola.nu> Message-Id: <20171228180814.9749-10-lukeshu@lukeshu.com> Reviewed-by: NPeter Maydell <peter.maydell@linaro.org> Signed-off-by: NLaurent Vivier <laurent@vivier.eu>
-
由 Peter Maydell 提交于
x86 queue, 2018-03-12 * Intel Processor Trace support * KVM_HINTS_DEDICATED # gpg: Signature made Mon 12 Mar 2018 19:58:39 GMT # gpg: using RSA key 2807936F984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>" # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/x86-next-pull-request: i386: Add support to get/set/migrate Intel Processor Trace feature i386: Add Intel Processor Trace feature support target-i386: add KVM_HINTS_DEDICATED performance hint Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Luke Shumaker 提交于
If the ensure-alignment code gets triggered, then the "if (host_start && real_start != current_start)" check will always trigger, so save 2 syscalls and put that check first. Note that we can't just switch to using MAP_FIXED for that check, because then we couldn't differentiate between a failure because "there isn't enough space" and "there isn't enough space *here*". Signed-off-by: NLuke Shumaker <lukeshu@parabola.nu> Message-Id: <20171228180814.9749-9-lukeshu@lukeshu.com> Reviewed-by: NPeter Maydell <peter.maydell@linaro.org> Signed-off-by: NLaurent Vivier <laurent@vivier.eu>
-
由 Luke Shumaker 提交于
Instead of doing if (check1) { if (check2) { success; } } retry; Do a clearer if (!check1) { goto try_again; } if (!check2) { goto try_again; } success; try_again: retry; Besides being clearer, this makes it easier to insert more checks that need to trigger a retry on check failure, or rearrange them, or anything like that. Because some indentation is changing, "ignore space change" may be useful for viewing this patch. Signed-off-by: NLuke Shumaker <lukeshu@parabola.nu> Message-Id: <20171228180814.9749-8-lukeshu@lukeshu.com> Reviewed-by: NPeter Maydell <peter.maydell@linaro.org> [lv: modified to try again fi valid == 0, not valid == -1 (error case)] Signed-off-by: NLaurent Vivier <laurent@vivier.eu>
-
由 Daniel P. Berrangé 提交于
Consider passing a JSON based block driver to "qemu-img commit" $ qemu-img commit 'json:{"driver":"qcow2","file":{"driver":"gluster",\ "volume":"gv0","path":"sn1.qcow2", "server":[{"type":\ "tcp","host":"10.73.199.197","port":"24007"}]},}' Currently it will commit the content and then report an incredibly useless error message when trying to re-open the committed image: qemu-img: invalid URI Usage: file=gluster[+transport]://[host[:port]]volume/path[?socket=...][,file.debug=N][,file.logfile=/path/filename.log] With this fix we get: qemu-img: invalid URI json:{"server.0.host": "10.73.199.197", "driver": "gluster", "path": "luks.qcow2", "server.0.type": "tcp", "server.0.port": "24007", "volume": "gv0"} Of course the root cause problem still exists, but now we know what actually needs fixing. Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com> Reviewed-by: NEric Blake <eblake@redhat.com> Message-id: 20180206105204.14817-1-berrange@redhat.com Signed-off-by: NJeff Cody <jcody@redhat.com>
-
由 Peter Maydell 提交于
docker patches # gpg: Signature made Mon 12 Mar 2018 17:25:57 GMT # gpg: using RSA key CA35624C6A9171C6 # gpg: Good signature from "Fam Zheng <famz@redhat.com>" # Primary key fingerprint: 5003 7CB7 9706 0F76 F021 AD56 CA35 624C 6A91 71C6 * remotes/famz/tags/staging-pull-request: tests: make docker-test-debug@fedora run sanitizers Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Brijesh Singh 提交于
The header file provide the ioctl command and structure to communicate with /dev/sev device. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com> Signed-off-by: NBrijesh Singh <brijesh.singh@amd.com>
-