1. 10 11月, 2015 1 次提交
  2. 06 11月, 2015 2 次提交
  3. 05 11月, 2015 1 次提交
    • J
      configure: disable FORTIFY_SOURCE under clang · b553a042
      John Snow 提交于
      Some versions of clang may have difficulty compiling glibc headers when
      -D_FORTIFY_SOURCE is used. For example, Clang++ 3.5.0-9.fc22 cannot
      compile glibc's stdio headers when -D_FORTIFY_SOURCE=2 is used. This
      manifests currently as build failures with clang and any arm target.
      
      According to LLVM dev Richard Smith, clang does not target or support
      FORTIFY_SOURCE + glibc, and it should not be relied on.
      "It's still an unsupported combination, and while it might compile, some
      of the checks are unlikely to work because they require a frontend
      inliner to be useful"
      
      See: http://lists.llvm.org/pipermail/cfe-dev/2015-November/045846.html
      
      Conclusion: disable fortify-source if we appear to be using clang instead
      of testing for compile success or failure, which may be incidental or not
      indicative of proper support of the feature.
      Signed-off-by: NJohn Snow <jsnow@redhat.com>
      Message-Id: <1446583422-10153-1-git-send-email-jsnow@redhat.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      b553a042
  4. 04 11月, 2015 1 次提交
    • J
      configure: disallow ccache during compile tests · 5e4dfd3d
      John Snow 提交于
      If the user is using ccache during the configuration step,
      it may interfere with some of the configuration tests,
      particularly the "Is ccache interfering with macro analysis" step,
      which is a bit of a poetic problem.
      
      1) Disallow ccache from reading from the cache during configure,
         but don't disable it entirely to allow us to see if it causes other
         problems.
      
      2) Force off CCACHE_CPP2 during the ccache test to get a deterministic
         answer over whether or not we need to enable that feature later.
      Signed-off-by: NJohn Snow <jsnow@redhat.com>
      Message-Id: <1446055000-29150-1-git-send-email-jsnow@redhat.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      5e4dfd3d
  5. 03 11月, 2015 1 次提交
    • O
      ui/opengl: Reduce build required libraries for opengl · fb719563
      OGAWA Hirofumi 提交于
      We now use epoxy to load opengl libraries. This means we don't need to
      link opengl libraries directly if interfaces handled by epoxy. With
      this, we just need epoxy headers and epoxy's *.so to build.
      
      Tested with epoxy-1.3.1.
      
      - sdl2/gtk/console egl stuff doesn't require other than epoxy
      - milkymist-tmu2 glx stuff doesn't require other than epoxy
      
      (lm32 test is limited, because can't find mmone-bios.bin, so just test
      to load libGL with "./lm32-softmmu/qemu-system-lm32 -M milkymist,accel=qtest")
      Signed-off-by: NOGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
      
      [ lm32 tested by kraxel ]
      Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
      fb719563
  6. 25 10月, 2015 1 次提交
  7. 23 10月, 2015 2 次提交
    • D
      configure: avoid polluting global CFLAGS with tasn1 flags · 90246037
      Daniel P. Berrange 提交于
      The previous commit
      
        commit 9a2fd434
        Author: Daniel P. Berrange <berrange@redhat.com>
        Date:   Mon Apr 13 14:01:39 2015 +0100
      
          crypto: add sanity checking of TLS x509 credentials
      
      defined new variables $TEST_LIBS and $TEST_CFLAGS and
      used them in tests/Makefile to augment $LIBS and $CFLAGS.
      
      Unfortunately this overlooks the fact that tests/Makefile
      is not executed via recursive-make, it is just pulled into
      the top level Makefile via an include statement. So rather
      than just augmenting the compiler/linker flags for tests
      it polluted the global flags.
      
      This is thought to be behind a reported failure when
      building the pixman module as a sub-module, since global
      $CFLAGS are passed down to configure in pixman.
      
      This change removes the $TEST_LIBS and $TEST_CFLAGS
      replacing them with $TASN1_LIBS and $TASN1_CFLAGS,
      setting only against specific objects/executables
      that need them.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      90246037
    • D
      crypto: allow use of nettle/gcrypt to be selected explicitly · 91bfcdb0
      Daniel P. Berrange 提交于
      Currently the choice of whether to use nettle or gcrypt is
      made based on what gnutls is linked to. There are times
      when it is desirable to be able to force build against a
      specific library. For example, if testing changes to QEMU's
      crypto code all 3 possible backends need to be checked
      regardless of what the local gnutls uses.
      
      It is also desirable to be able to enable nettle/gcrypt
      for cipher/hash algorithms, without enabling gnutls
      for TLS support.
      
      This gives two new configure flags, which allow the
      following possibilities
      
      Automatically determine nettle vs gcrypt from what
      gnutls links to (recommended to minimize number of
      crypto libraries linked to)
      
       ./configure
      
      Automatically determine nettle vs gcrypt based on
      which is installed
      
       ./configure --disable-gnutls
      
      Force use of nettle
      
       ./configure --enable-nettle
      
      Force use of gcrypt
      
       ./configure --enable-gcrypt
      
      Force use of built-in AES & crippled-DES
      
       ./configure --disable-nettle --disable-gcrypt
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      91bfcdb0
  8. 22 10月, 2015 1 次提交
  9. 20 10月, 2015 1 次提交
    • M
      build: qemu-ga: add 'qemu-ga' build target for w32 · fafcaf1d
      Michael Roth 提交于
      Currently POSIX builds rely on 'qemu-ga' target to do qga-only
      distributable build. On w32, as with most standalone binary targets,
      we rely on 'qemu-ga.exe' target.
      
      Unlike with POSIX, qemu-ga for w32 has a number of related targets
      such as VSS DLL and MSI package. We can do the full distributable
      qga-only build on w32 with:
      
        make qemu-ga.exe
      
      or:
      
        make msi
      
      To make that work, we tie VSS dependencies onto qemu-ga.exe.
      However, in reality the DLL isn't part of the binary, so we use a
      filter to pull them out of the LINK recipe, which attempts to link
      against prereqs for binary targets. Additionally, it could be argued
      that VSS is a separate distributable, and shouldn't be implied by
      qemu-ga.exe binary target.
      
      To avoid this, we can tie the VSS dependencies only to the 'msi'
      target, but that would make it impossible to do a qga-only build of
      the w32 distributable without building the 'msi' package, which was
      supported in the past.
      
      An alternative approach is to add a new target to build the whole
      distributable. w32 allows us to use the same build target we use
      on POSIX, 'qemu-ga', since the current binary-only target on w32
      is 'qemu-ga.exe'.
      
      To further simplify the build, we also make 'qemu-ga' build the MSI
      package if the appropriate ./configure options are set, making the
      full qga-only build the same on both POSIX and w32: `make qemu-ga`
      
      Cc: Paolo Bonzini <pbonzini@redhat.com>
      Cc: Marc-André Lureau <marcandre.lureau@redhat.com>
      Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
      fafcaf1d
  10. 13 10月, 2015 1 次提交
  11. 08 10月, 2015 2 次提交
  12. 02 10月, 2015 1 次提交
  13. 25 9月, 2015 1 次提交
    • D
      oslib-win32: only provide localtime_r/gmtime_r if missing · 4d9310f4
      Daniel P. Berrange 提交于
      The oslib-win32 file currently provides a localtime_r and
      gmtime_r replacement unconditionally. Some versions of
      Mingw-w64 would provide crude macros for localtime_r/gmtime_r
      which QEMU takes care to disable. Latest versions of Mingw-w64
      now provide actual functions for localtime_r/gmtime_r, but
      with a twist that you have to include unistd.h or pthread.h
      before including time.h.  By luck some files in QEMU have
      such an include order, resulting in compile errors:
      
        CC    util/osdep.o
      In file included from include/qemu-common.h:48:0,
                       from util/osdep.c:48:
      include/sysemu/os-win32.h:77:12: error: redundant redeclaration of 'gmtime_r' [-Werror=redundant-decls]
       struct tm *gmtime_r(const time_t *timep, struct tm *result);
                  ^
      In file included from include/qemu-common.h:35:0,
                       from util/osdep.c:48:
      /usr/i686-w64-mingw32/sys-root/mingw/include/time.h:272:107: note: previous definition of 'gmtime_r' was here
      In file included from include/qemu-common.h:48:0,
                       from util/osdep.c:48:
      include/sysemu/os-win32.h:79:12: error: redundant redeclaration of 'localtime_r' [-Werror=redundant-decls]
       struct tm *localtime_r(const time_t *timep, struct tm *result);
                  ^
      In file included from include/qemu-common.h:35:0,
                       from util/osdep.c:48:
      /usr/i686-w64-mingw32/sys-root/mingw/include/time.h:269:107: note: previous definition of 'localtime_r' was here
      
      This change adds a configure test to see if localtime_r
      exits, and only enables the QEMU impl if missing. We also
      re-arrange qemu-common.h try attempt to guarantee that all
      source files get unistd.h before time.h and thus see the
      localtime_r/gmtime_r defs.
      
      [sw: Use "official" spellings for Mingw-w64, MinGW in comments.]
      [sw: Terminate sentences with a dot in comments.]
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      Reviewed-by: NDenis V. Lunev <den@openvz.org>
      Signed-off-by: NStefan Weil <sw@weilnetz.de>
      4d9310f4
  14. 24 9月, 2015 1 次提交
  15. 15 9月, 2015 3 次提交
    • C
      target-tilegx: Add TILE-Gx building files · 444e06b1
      Chen Gang 提交于
      Add related configuration and make files for tilegx.
      The target can now build, though not run anything.
      Signed-off-by: NChen Gang <gang.chen.5i5j@gmail.com>
      Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
      Message-Id: <BLU436-SMTP1588E5A03AD5E94B07E988B9660@phx.gbl>
      Signed-off-by: NRichard Henderson <rth@twiddle.net>
      444e06b1
    • D
      ui: convert VNC server to use QCryptoTLSSession · 3e305e4a
      Daniel P. Berrange 提交于
      Switch VNC server over to using the QCryptoTLSSession object
      for the TLS session. This removes the direct use of gnutls
      from the VNC server code. It also removes most knowledge
      about TLS certificate handling from the VNC server code.
      This has the nice effect that all the CONFIG_VNC_TLS
      conditionals go away and the user gets an actual error
      message when requesting TLS instead of it being silently
      ignored.
      
      With this change, the existing configuration options for
      enabling TLS with -vnc are deprecated.
      
      Old syntax for anon-DH credentials:
      
        -vnc hostname:0,tls
      
      New syntax:
      
        -object tls-creds-anon,id=tls0,endpoint=server \
        -vnc hostname:0,tls-creds=tls0
      
      Old syntax for x509 credentials, no client certs:
      
        -vnc hostname:0,tls,x509=/path/to/certs
      
      New syntax:
      
        -object tls-creds-x509,id=tls0,dir=/path/to/certs,endpoint=server,verify-peer=no \
        -vnc hostname:0,tls-creds=tls0
      
      Old syntax for x509 credentials, requiring client certs:
      
        -vnc hostname:0,tls,x509verify=/path/to/certs
      
      New syntax:
      
        -object tls-creds-x509,id=tls0,dir=/path/to/certs,endpoint=server,verify-peer=yes \
        -vnc hostname:0,tls-creds=tls0
      
      This aligns VNC with the way TLS credentials are to be
      configured in the future for chardev, nbd and migration
      backends. It also has the benefit that the same TLS
      credentials can be shared across multiple VNC server
      instances, if desired.
      
      If someone uses the deprecated syntax, it will internally
      result in the creation of a 'tls-creds' object with an ID
      based on the VNC server ID. This allows backwards compat
      with the CLI syntax, while still deleting all the original
      TLS code from the VNC server.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      3e305e4a
    • D
      crypto: add sanity checking of TLS x509 credentials · 9a2fd434
      Daniel P. Berrange 提交于
      If the administrator incorrectly sets up their x509 certificates,
      the errors seen at runtime during connection attempts are very
      obscure and difficult to diagnose. This has been a particular
      problem for people using openssl to generate their certificates
      instead of the gnutls certtool, because the openssl tools don't
      turn on the various x509 extensions that gnutls expects to be
      present by default.
      
      This change thus adds support in the TLS credentials object to
      sanity check the certificates when QEMU first loads them. This
      gives the administrator immediate feedback for the majority of
      common configuration mistakes, reducing the pain involved in
      setting up TLS. The code is derived from equivalent code that
      has been part of libvirt's TLS support and has been seen to be
      valuable in assisting admins.
      
      It is possible to disable the sanity checking, however, via
      the new 'sanity-check' property on the tls-creds object type,
      with a value of 'no'.
      
      Unit tests are included in this change to verify the correctness
      of the sanity checking code in all the key scenarios it is
      intended to cope with. As part of the test suite, the pkix_asn1_tab.c
      from gnutls is imported. This file is intentionally copied from the
      (long since obsolete) gnutls 1.6.3 source tree, since that version
      was still under GPLv2+, rather than the GPLv3+ of gnutls >= 2.0.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      9a2fd434
  16. 10 9月, 2015 2 次提交
  17. 09 9月, 2015 2 次提交
    • A
      configure: Add support for jemalloc · 7b01cb97
      Alexandre Derumier 提交于
      This adds "--enable-jemalloc" and "--disable-jemalloc" to allow linking
      to jemalloc memory allocator.
      
      We have already tcmalloc support,
      but it seem to not working well with a lot of iothreads/disks.
      
      The main problem is that tcmalloc use a shared thread cache of 16MB
      by default.
      With more threads, this cache is shared, and some bad garbage collections
      can occur if the cache is too low.
      
      It's possible to tcmalloc cache increase it with a env var:
      TCMALLOC_MAX_TOTAL_THREAD_CACHE_BYTES=256MB
      
      With default 16MB, performances are  really bad with more than 2 disks.
      Increasing to 256MB, it's helping but still have problem with 16 disks/iothreads.
      
      Jemalloc don't have performance problem with default configuration.
      
      Here the benchmark results in iops of 1 qemu vm randread 4K iodepth=32,
      with rbd block backend (librbd is doing a lot of memory allocation),
      1 iothread by disk
      
      glibc malloc
      ------------
      
      1 disk      29052
      2 disks     55878
      4 disks     127899
      8 disks     240566
      15 disks    269976
      
      jemalloc
      --------
      
      1 disk      41278
      2 disks     75781
      4 disks     195351
      8 disks     294241
      15 disks    298199
      
      tcmalloc 2.2.1 default 16M cache
      --------------------------------
      
      1 disk   37911
      2 disks  67698
      4 disks  41076
      8 disks  43312
      15 disks 37569
      
      tcmalloc : 256M cache
      ---------------------------
      
      1 disk     33914
      2 disks    58839
      4 disks    148205
      8 disks    213298
      15 disks   218383
      Signed-off-by: NAlexandre Derumier <aderumier@odiso.com>
      Message-Id: <1434711418-20429-1-git-send-email-aderumier@odiso.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      7b01cb97
    • P
      configure: factor out adding disas configure · c765fcac
      Peter Crosthwaite 提交于
      Every arch adds its disas configury to both its own config as well
      config_disas_all. Make a small function do to both at once.
      Signed-off-by: NPeter Crosthwaite <crosthwaite.peter@gmail.com>
      Message-Id: <1440844439-19391-1-git-send-email-crosthwaite.peter@gmail.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      c765fcac
  18. 07 9月, 2015 1 次提交
  19. 02 9月, 2015 5 次提交
  20. 25 8月, 2015 1 次提交
  21. 20 8月, 2015 1 次提交
    • P
      configure: Don't permit SDL or GTK on OSX · a30878e7
      Peter Maydell 提交于
      The cocoa GUI frontend assumes it is the only GUI (it redefines
      main() so it always gets control before the rest of QEMU), so
      it does not play well with other UIs like SDL or GTK. (Mostly
      people building QEMU on OSX don't have the necessary dependencies
      available for configure to build those other front ends, so
      mostly this problem goes unnoticed.)
      
      Make configure automatically disable the SDL and GTK front ends
      if the cocoa front end is enabled. (We were sort of attempting
      to do this for SDL before, but not in a way that worked very well.)
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      Reviewed-by: NDaniel P. Berrange <berrange@redhat.com>
      Reviewed-by: NJohn Arbuckle <programmingkidx@gmail.com>
      Message-id: 1439565052-3457-1-git-send-email-peter.maydell@linaro.org
      a30878e7
  22. 15 8月, 2015 1 次提交
  23. 03 8月, 2015 1 次提交
  24. 27 7月, 2015 1 次提交
  25. 17 7月, 2015 1 次提交
    • R
      crypto: fix build with nettle >= 3.0.0 · becaeb72
      Radim Krčmář 提交于
      In nettle 3, cbc_encrypt() accepts 'nettle_cipher_func' instead of
      'nettle_crypt_func' and these two differ in 'const' qualifier of the
      first argument.  The build fails with:
      
        In file included from crypto/cipher.c:71:0:
        ./crypto/cipher-nettle.c: In function ‘qcrypto_cipher_encrypt’:
        ./crypto/cipher-nettle.c:154:38: error: passing argument 2 of
        ‘nettle_cbc_encrypt’ from incompatible pointer type
                 cbc_encrypt(ctx->ctx_encrypt, ctx->alg_encrypt,
                                                     ^
        In file included from ./crypto/cipher-nettle.c:24:0,
                         from crypto/cipher.c:71:
        /usr/include/nettle/cbc.h:48:1: note: expected
        ‘void (*)(const void *, size_t, uint8_t *, const uint8_t *)
        but argument is of type
        ‘void (*)(      void *, size_t, uint8_t *, const uint8_t *)
      
      To allow both versions, we switch to the new definition and #if typedef
      it for old versions.
      Signed-off-by: NRadim Krčmář <rkrcmar@redhat.com>
      Message-Id: <1436548682-9315-2-git-send-email-rkrcmar@redhat.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      becaeb72
  26. 08 7月, 2015 4 次提交