rpms
/
qemu
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix ppc64 KVM failure (bz #1501936) 

CVE-2017-15038: 9p: information disclosure when reading extended attributes (bz #1499111)
CVE-2017-15268: potential memory exhaustion via websock connection to VNC (bz #1496882)
This commit is contained in:
Cole Robinson 2017-10-19 12:59:57 -04:00
parent b0a7742ccd
commit 59eb7ad892
25 changed files with 1146 additions and 463 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -12,3 +12,4 @@
/qemu-2.10.0-rc3.tar.xz
/qemu-2.10.0-rc4.tar.xz
/qemu-2.10.0.tar.xz
/qemu-2.10.1.tar.xz

24
1001-io-add-new-qio_channel_-readv-writev-read-write-_all.patch → 0001-io-add-new-qio_channel_-readv-writev-read-write-_all.patch
View File

@ -1,8 +1,7 @@
From 758d848ef10835108a75187d1a1a0418167f04b2 Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Wed, 30 Aug 2017 14:53:59 +0100
Subject: [PATCH 01/15] io: add new qio_channel_{readv, writev, read,
write}_all functions
Subject: [PATCH] io: add new qio_channel_{readv, writev, read, write}_all
functions
These functions wait until they are able to read / write the full
requested data buffer(s).
@ -19,10 +18,11 @@ diff --git a/include/io/channel.h b/include/io/channel.h
index db9bb022a1..e11a62ea50 100644
--- a/include/io/channel.h
+++ b/include/io/channel.h
@@ -269,6 +269,58 @@ ssize_t qio_channel_writev_full(QIOChannel *ioc,
@@ -268,6 +268,58 @@ ssize_t qio_channel_writev_full(QIOChannel *ioc,
size_t nfds,
Error **errp);
/**
+/**
+ * qio_channel_readv_all:
+ * @ioc: the channel object
+ * @iov: the array of memory regions to read data into
@ -74,14 +74,14 @@ index db9bb022a1..e11a62ea50 100644
+ size_t niov,
+ Error **erp);
+
+/**
/**
* qio_channel_readv:
* @ioc: the channel object
* @iov: the array of memory regions to read data into
@@ -331,6 +383,44 @@ ssize_t qio_channel_write(QIOChannel *ioc,
@@ -330,6 +382,44 @@ ssize_t qio_channel_write(QIOChannel *ioc,
size_t buflen,
Error **errp);
/**
+/**
+ * qio_channel_read_all:
+ * @ioc: the channel object
+ * @buf: the memory region to read data into
@ -119,10 +119,9 @@ index db9bb022a1..e11a62ea50 100644
+ size_t buflen,
+ Error **errp);
+
+/**
/**
* qio_channel_set_blocking:
* @ioc: the channel object
* @enabled: the blocking flag state
diff --git a/io/channel.c b/io/channel.c
index 1cfb8b33a2..5e8c2f0a91 100644
--- a/io/channel.c
@ -379,6 +378,3 @@ index 05e5579cf8..5430e1389d 100644
return NULL;
}
--
2.13.5

6
1002-io-Yield-rather-than-wait-when-already-in-coroutine.patch → 0002-io-Yield-rather-than-wait-when-already-in-coroutine.patch
View File

@ -1,7 +1,6 @@
From 5171f2cd3612ce2772b272e4dd8119fdb0c06124 Mon Sep 17 00:00:00 2001
From: Eric Blake <eblake@redhat.com>
Date: Tue, 5 Sep 2017 14:11:12 -0500
Subject: [PATCH 02/15] io: Yield rather than wait when already in coroutine
Subject: [PATCH] io: Yield rather than wait when already in coroutine
The new qio_channel_{read,write}{,v}_all functions are documented
as yielding until data is available. When used on a blocking
@ -51,6 +50,3 @@ index 5e8c2f0a91..9e62794cab 100644
continue;
}
if (len < 0) {
--
2.13.5

6
1004-scsi-Refactor-scsi-sense-interpreting-code.patch → 0003-scsi-Refactor-scsi-sense-interpreting-code.patch
View File

@ -1,7 +1,6 @@
From f35ef58b2bac932bbd379602fe23e7a190530075 Mon Sep 17 00:00:00 2001
From: Fam Zheng <famz@redhat.com>
Date: Mon, 21 Aug 2017 22:10:05 +0800
Subject: [PATCH 04/15] scsi: Refactor scsi sense interpreting code
Subject: [PATCH] scsi: Refactor scsi sense interpreting code
So that it can be reused outside of iscsi.c.
@ -189,6 +188,3 @@ index 0000000000..a6710799fc
+ return EIO;
+ }
+}
--
2.13.5

6
1005-scsi-Improve-scsi_sense_to_errno.patch → 0004-scsi-Improve-scsi_sense_to_errno.patch
View File

@ -1,7 +1,6 @@
From a7dc92dac7cedb3ba6b6d724c7579f05399e2f2e Mon Sep 17 00:00:00 2001
From: Fam Zheng <famz@redhat.com>
Date: Mon, 21 Aug 2017 22:10:06 +0800
Subject: [PATCH 05/15] scsi: Improve scsi_sense_to_errno
Subject: [PATCH] scsi: Improve scsi_sense_to_errno
Tweak the errno mapping to return more accurate/appropriate values.
@ -56,6 +55,3 @@ index a6710799fc..472eb5bea5 100644
default:
return EIO;
}
--
2.13.5

6
1006-scsi-Introduce-scsi_sense_buf_to_errno.patch → 0005-scsi-Introduce-scsi_sense_buf_to_errno.patch
View File

@ -1,7 +1,6 @@
From eadabcbc81d44ee0bc0d0d80697cc1142df61178 Mon Sep 17 00:00:00 2001
From: Fam Zheng <famz@redhat.com>
Date: Mon, 21 Aug 2017 22:10:07 +0800
Subject: [PATCH 06/15] scsi: Introduce scsi_sense_buf_to_errno
Subject: [PATCH] scsi: Introduce scsi_sense_buf_to_errno
This recognizes the "fixed" and "descriptor" format sense data, extracts
the sense key/asc/ascq fields then converts them to an errno.
@ -63,6 +62,3 @@ index 472eb5bea5..472293d59b 100644
+ }
+ return scsi_sense_to_errno(key, asc, ascq);
+}
--
2.13.5

6
1007-scsi-rename-scsi_build_sense-to-scsi_convert_sense.patch → 0006-scsi-rename-scsi_build_sense-to-scsi_convert_sense.patch
View File

@ -1,7 +1,6 @@
From ba83805030e07cade8d17b5d1b4bd1d296caff1b Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Tue, 22 Aug 2017 09:31:36 +0200
Subject: [PATCH 07/15] scsi: rename scsi_build_sense to scsi_convert_sense
Subject: [PATCH] scsi: rename scsi_build_sense to scsi_convert_sense
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
@ -87,6 +86,3 @@ index 6b85786dbf..6ef67fb504 100644
SCSIRequest *scsi_req_alloc(const SCSIReqOps *reqops, SCSIDevice *d,
uint32_t tag, uint32_t lun, void *hba_private);
--
2.13.5

6
1008-scsi-move-non-emulation-specific-code-to-scsi.patch → 0007-scsi-move-non-emulation-specific-code-to-scsi.patch
View File

@ -1,7 +1,6 @@
From 6949ca76b864b54a0ef1d2aa321c3df4dc102c90 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Tue, 22 Aug 2017 07:08:27 +0200
Subject: [PATCH 08/15] scsi: move non-emulation specific code to scsi/
Subject: [PATCH] scsi: move non-emulation specific code to scsi/
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
@ -1429,6 +1428,3 @@ index 472293d59b..0000000000
- }
- return scsi_sense_to_errno(key, asc, ascq);
-}
--
2.13.5

6
1009-scsi-introduce-scsi_build_sense.patch → 0008-scsi-introduce-scsi_build_sense.patch
View File

@ -1,7 +1,6 @@
From 82e922c8be1b32eeb0c8c22165cdeff39e12d3ef Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Tue, 22 Aug 2017 09:42:59 +0200
Subject: [PATCH 09/15] scsi: introduce scsi_build_sense
Subject: [PATCH] scsi: introduce scsi_build_sense
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
@ -72,6 +71,3 @@ index 2327e06da0..89d9167d9d 100644
/*
* Predefined sense codes
*/
--
2.13.5

6
1010-scsi-introduce-sg_io_sense_from_errno.patch → 0009-scsi-introduce-sg_io_sense_from_errno.patch
View File

@ -1,7 +1,6 @@
From 1ebf7935eca7f2a1f5a1376ee3b234f4fce98023 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Tue, 22 Aug 2017 09:43:14 +0200
Subject: [PATCH 10/15] scsi: introduce sg_io_sense_from_errno
Subject: [PATCH] scsi: introduce sg_io_sense_from_errno
Move more knowledge of SG_IO out of hw/scsi/scsi-generic.c, for
reusability.
@ -132,6 +131,3 @@ index 89d9167d9d..6ee9f4095b 100644
+ }
+}
+#endif
--
2.13.5

884
0010-scsi-move-block-scsi.h-to-include-scsi-constants.h.patch Normal file
View File

@ -0,0 +1,884 @@
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Tue, 22 Aug 2017 09:23:55 +0200
Subject: [PATCH] scsi: move block/scsi.h to include/scsi/constants.h
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Complete the transition by renaming this header, which was
shared by block/iscsi.c and the SCSI emulation code.
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
block/iscsi.c | 2 +-
hw/block/virtio-blk.c | 2 +-
hw/scsi/megasas.c | 2 +-
hw/scsi/mptendian.c | 2 +-
hw/scsi/mptsas.c | 2 +-
hw/scsi/scsi-bus.c | 2 +-
hw/scsi/scsi-disk.c | 2 +-
hw/scsi/scsi-generic.c | 2 +-
hw/scsi/spapr_vscsi.c | 2 +-
hw/scsi/virtio-scsi-dataplane.c | 2 +-
hw/scsi/virtio-scsi.c | 2 +-
hw/scsi/vmw_pvscsi.c | 2 +-
hw/usb/dev-uas.c | 2 +-
include/block/scsi.h | 314 ----------------------------------------
include/hw/ide/internal.h | 2 +-
include/scsi/constants.h | 314 ++++++++++++++++++++++++++++++++++++++++
scsi/utils.c | 2 +-
tests/virtio-scsi-test.c | 2 +-
18 files changed, 330 insertions(+), 330 deletions(-)
delete mode 100644 include/block/scsi.h
create mode 100644 include/scsi/constants.h
diff --git a/block/iscsi.c b/block/iscsi.c
index 40adc3c493..c4586be720 100644
--- a/block/iscsi.c
+++ b/block/iscsi.c
@@ -34,7 +34,7 @@
#include "qemu/bitops.h"
#include "qemu/bitmap.h"
#include "block/block_int.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "qemu/iov.h"
#include "qemu/uuid.h"
#include "qmp-commands.h"
diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c
index a16ac75090..05d1440786 100644
--- a/hw/block/virtio-blk.c
+++ b/hw/block/virtio-blk.c
@@ -22,7 +22,7 @@
#include "sysemu/blockdev.h"
#include "hw/virtio/virtio-blk.h"
#include "dataplane/virtio-blk.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#ifdef __linux__
# include <scsi/sg.h>
#endif
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index 734fdaef90..0db68aacee 100644
--- a/hw/scsi/megasas.c
+++ b/hw/scsi/megasas.c
@@ -27,7 +27,7 @@
#include "hw/pci/msix.h"
#include "qemu/iov.h"
#include "hw/scsi/scsi.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "trace.h"
#include "qapi/error.h"
#include "mfi.h"
diff --git a/hw/scsi/mptendian.c b/hw/scsi/mptendian.c
index b7fe2a2a36..3415229b5e 100644
--- a/hw/scsi/mptendian.c
+++ b/hw/scsi/mptendian.c
@@ -28,7 +28,7 @@
#include "hw/pci/msi.h"
#include "qemu/iov.h"
#include "hw/scsi/scsi.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "trace.h"
#include "mptsas.h"
diff --git a/hw/scsi/mptsas.c b/hw/scsi/mptsas.c
index 765ab53c34..8bae8f543e 100644
--- a/hw/scsi/mptsas.c
+++ b/hw/scsi/mptsas.c
@@ -30,7 +30,7 @@
#include "hw/pci/msi.h"
#include "qemu/iov.h"
#include "hw/scsi/scsi.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "trace.h"
#include "qapi/error.h"
#include "mptsas.h"
diff --git a/hw/scsi/scsi-bus.c b/hw/scsi/scsi-bus.c
index 652ab046ab..977f7bce1f 100644
--- a/hw/scsi/scsi-bus.c
+++ b/hw/scsi/scsi-bus.c
@@ -3,7 +3,7 @@
#include "qapi/error.h"
#include "qemu/error-report.h"
#include "hw/scsi/scsi.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "hw/qdev.h"
#include "sysemu/block-backend.h"
#include "sysemu/blockdev.h"
diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c
index 0a1f4ef0c7..5faf6682c5 100644
--- a/hw/scsi/scsi-disk.c
+++ b/hw/scsi/scsi-disk.c
@@ -32,7 +32,7 @@ do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
#include "qapi/error.h"
#include "qemu/error-report.h"
#include "hw/scsi/scsi.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "sysemu/sysemu.h"
#include "sysemu/block-backend.h"
#include "sysemu/blockdev.h"
diff --git a/hw/scsi/scsi-generic.c b/hw/scsi/scsi-generic.c
index 04c687ee76..bd0d9ff355 100644
--- a/hw/scsi/scsi-generic.c
+++ b/hw/scsi/scsi-generic.c
@@ -34,7 +34,7 @@ do { printf("scsi-generic: " fmt , ## __VA_ARGS__); } while (0)
do { fprintf(stderr, "scsi-generic: " fmt , ## __VA_ARGS__); } while (0)
#include <scsi/sg.h>
-#include "block/scsi.h"
+#include "scsi/constants.h"
#ifndef MAX_UINT
#define MAX_UINT ((unsigned int)-1)
diff --git a/hw/scsi/spapr_vscsi.c b/hw/scsi/spapr_vscsi.c
index 55ee48c4da..360db53ac8 100644
--- a/hw/scsi/spapr_vscsi.c
+++ b/hw/scsi/spapr_vscsi.c
@@ -36,7 +36,7 @@
#include "cpu.h"
#include "hw/hw.h"
#include "hw/scsi/scsi.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "srp.h"
#include "hw/qdev.h"
#include "hw/ppc/spapr.h"
diff --git a/hw/scsi/virtio-scsi-dataplane.c b/hw/scsi/virtio-scsi-dataplane.c
index 944ea4eb53..add4b3f4a4 100644
--- a/hw/scsi/virtio-scsi-dataplane.c
+++ b/hw/scsi/virtio-scsi-dataplane.c
@@ -17,7 +17,7 @@
#include "qemu/error-report.h"
#include "sysemu/block-backend.h"
#include "hw/scsi/scsi.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "hw/virtio/virtio-bus.h"
#include "hw/virtio/virtio-access.h"
diff --git a/hw/scsi/virtio-scsi.c b/hw/scsi/virtio-scsi.c
index eb639442d1..823a1e9a42 100644
--- a/hw/scsi/virtio-scsi.c
+++ b/hw/scsi/virtio-scsi.c
@@ -21,7 +21,7 @@
#include "qemu/iov.h"
#include "sysemu/block-backend.h"
#include "hw/scsi/scsi.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "hw/virtio/virtio-bus.h"
#include "hw/virtio/virtio-access.h"
diff --git a/hw/scsi/vmw_pvscsi.c b/hw/scsi/vmw_pvscsi.c
index 77d8b6f9e2..6d3f0bf11d 100644
--- a/hw/scsi/vmw_pvscsi.c
+++ b/hw/scsi/vmw_pvscsi.c
@@ -28,7 +28,7 @@
#include "qemu/osdep.h"
#include "qapi/error.h"
#include "hw/scsi/scsi.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "hw/pci/msi.h"
#include "vmw_pvscsi.h"
#include "trace.h"
diff --git a/hw/usb/dev-uas.c b/hw/usb/dev-uas.c
index fffc424396..c218b53f09 100644
--- a/hw/usb/dev-uas.c
+++ b/hw/usb/dev-uas.c
@@ -19,7 +19,7 @@
#include "hw/usb.h"
#include "hw/usb/desc.h"
#include "hw/scsi/scsi.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
/* --------------------------------------------------------------------- */
diff --git a/include/block/scsi.h b/include/block/scsi.h
deleted file mode 100644
index a141dd71f8..0000000000
--- a/include/block/scsi.h
+++ /dev/null
@@ -1,314 +0,0 @@
-/* Copyright (C) 1998, 1999 Free Software Foundation, Inc.
- This file is part of the GNU C Library.
-
- The GNU C Library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation; either
- version 2.1 of the License, or (at your option) any later version.
-
- The GNU C Library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public
- License along with this library; if not, see <http://www.gnu.org/licenses/>.
-*/
-
-/*
- * This header file contains public constants and structures used by
- * the scsi code for linux.
- */
-
-#ifndef BLOCK_SCSI_H
-#define BLOCK_SCSI_H
-
-/*
- * SCSI opcodes
- */
-
-#define TEST_UNIT_READY 0x00
-#define REWIND 0x01
-#define REQUEST_SENSE 0x03
-#define FORMAT_UNIT 0x04
-#define READ_BLOCK_LIMITS 0x05
-#define INITIALIZE_ELEMENT_STATUS 0x07
-#define REASSIGN_BLOCKS 0x07
-#define READ_6 0x08
-#define WRITE_6 0x0a
-#define SET_CAPACITY 0x0b
-#define READ_REVERSE 0x0f
-#define WRITE_FILEMARKS 0x10
-#define SPACE 0x11
-#define INQUIRY 0x12
-#define RECOVER_BUFFERED_DATA 0x14
-#define MODE_SELECT 0x15
-#define RESERVE 0x16
-#define RELEASE 0x17
-#define COPY 0x18
-#define ERASE 0x19
-#define MODE_SENSE 0x1a
-#define LOAD_UNLOAD 0x1b
-#define SCAN 0x1b
-#define START_STOP 0x1b
-#define RECEIVE_DIAGNOSTIC 0x1c
-#define SEND_DIAGNOSTIC 0x1d
-#define ALLOW_MEDIUM_REMOVAL 0x1e
-#define SET_WINDOW 0x24
-#define READ_CAPACITY_10 0x25
-#define GET_WINDOW 0x25
-#define READ_10 0x28
-#define WRITE_10 0x2a
-#define SEND 0x2a
-#define SEEK_10 0x2b
-#define LOCATE_10 0x2b
-#define POSITION_TO_ELEMENT 0x2b
-#define WRITE_VERIFY_10 0x2e
-#define VERIFY_10 0x2f
-#define SEARCH_HIGH 0x30
-#define SEARCH_EQUAL 0x31
-#define OBJECT_POSITION 0x31
-#define SEARCH_LOW 0x32
-#define SET_LIMITS 0x33
-#define PRE_FETCH 0x34
-#define READ_POSITION 0x34
-#define GET_DATA_BUFFER_STATUS 0x34
-#define SYNCHRONIZE_CACHE 0x35
-#define LOCK_UNLOCK_CACHE 0x36
-#define INITIALIZE_ELEMENT_STATUS_WITH_RANGE 0x37
-#define READ_DEFECT_DATA 0x37
-#define MEDIUM_SCAN 0x38
-#define COMPARE 0x39
-#define COPY_VERIFY 0x3a
-#define WRITE_BUFFER 0x3b
-#define READ_BUFFER 0x3c
-#define UPDATE_BLOCK 0x3d
-#define READ_LONG_10 0x3e
-#define WRITE_LONG_10 0x3f
-#define CHANGE_DEFINITION 0x40
-#define WRITE_SAME_10 0x41
-#define UNMAP 0x42
-#define READ_TOC 0x43
-#define REPORT_DENSITY_SUPPORT 0x44
-#define GET_CONFIGURATION 0x46
-#define SANITIZE 0x48
-#define GET_EVENT_STATUS_NOTIFICATION 0x4a
-#define LOG_SELECT 0x4c
-#define LOG_SENSE 0x4d
-#define READ_DISC_INFORMATION 0x51
-#define RESERVE_TRACK 0x53
-#define MODE_SELECT_10 0x55
-#define RESERVE_10 0x56
-#define RELEASE_10 0x57
-#define MODE_SENSE_10 0x5a
-#define SEND_CUE_SHEET 0x5d
-#define PERSISTENT_RESERVE_IN 0x5e
-#define PERSISTENT_RESERVE_OUT 0x5f
-#define VARLENGTH_CDB 0x7f
-#define WRITE_FILEMARKS_16 0x80
-#define READ_REVERSE_16 0x81
-#define ALLOW_OVERWRITE 0x82
-#define EXTENDED_COPY 0x83
-#define ATA_PASSTHROUGH_16 0x85
-#define ACCESS_CONTROL_IN 0x86
-#define ACCESS_CONTROL_OUT 0x87
-#define READ_16 0x88
-#define COMPARE_AND_WRITE 0x89
-#define WRITE_16 0x8a
-#define WRITE_VERIFY_16 0x8e
-#define VERIFY_16 0x8f
-#define PRE_FETCH_16 0x90
-#define SPACE_16 0x91
-#define SYNCHRONIZE_CACHE_16 0x91
-#define LOCATE_16 0x92
-#define WRITE_SAME_16 0x93
-#define ERASE_16 0x93
-#define SERVICE_ACTION_IN_16 0x9e
-#define WRITE_LONG_16 0x9f
-#define REPORT_LUNS 0xa0
-#define ATA_PASSTHROUGH_12 0xa1
-#define MAINTENANCE_IN 0xa3
-#define MAINTENANCE_OUT 0xa4
-#define MOVE_MEDIUM 0xa5
-#define EXCHANGE_MEDIUM 0xa6
-#define SET_READ_AHEAD 0xa7
-#define READ_12 0xa8
-#define WRITE_12 0xaa
-#define SERVICE_ACTION_IN_12 0xab
-#define ERASE_12 0xac
-#define READ_DVD_STRUCTURE 0xad
-#define WRITE_VERIFY_12 0xae
-#define VERIFY_12 0xaf
-#define SEARCH_HIGH_12 0xb0
-#define SEARCH_EQUAL_12 0xb1
-#define SEARCH_LOW_12 0xb2
-#define READ_ELEMENT_STATUS 0xb8
-#define SEND_VOLUME_TAG 0xb6
-#define READ_DEFECT_DATA_12 0xb7
-#define SET_CD_SPEED 0xbb
-#define MECHANISM_STATUS 0xbd
-#define READ_CD 0xbe
-#define SEND_DVD_STRUCTURE 0xbf
-
-/*
- * SERVICE ACTION IN subcodes
- */
-#define SAI_READ_CAPACITY_16 0x10
-
-/*
- * READ POSITION service action codes
- */
-#define SHORT_FORM_BLOCK_ID 0x00
-#define SHORT_FORM_VENDOR_SPECIFIC 0x01
-#define LONG_FORM 0x06
-#define EXTENDED_FORM 0x08
-
-/*
- * SAM Status codes
- */
-
-#define GOOD 0x00
-#define CHECK_CONDITION 0x02
-#define CONDITION_GOOD 0x04
-#define BUSY 0x08
-#define INTERMEDIATE_GOOD 0x10
-#define INTERMEDIATE_C_GOOD 0x14
-#define RESERVATION_CONFLICT 0x18
-#define COMMAND_TERMINATED 0x22
-#define TASK_SET_FULL 0x28
-#define ACA_ACTIVE 0x30
-#define TASK_ABORTED 0x40
-
-#define STATUS_MASK 0x3e
-
-/*
- * SENSE KEYS
- */
-
-#define NO_SENSE 0x00
-#define RECOVERED_ERROR 0x01
-#define NOT_READY 0x02
-#define MEDIUM_ERROR 0x03
-#define HARDWARE_ERROR 0x04
-#define ILLEGAL_REQUEST 0x05
-#define UNIT_ATTENTION 0x06
-#define DATA_PROTECT 0x07
-#define BLANK_CHECK 0x08
-#define COPY_ABORTED 0x0a
-#define ABORTED_COMMAND 0x0b
-#define VOLUME_OVERFLOW 0x0d
-#define MISCOMPARE 0x0e
-
-
-/*
- * DEVICE TYPES
- */
-
-#define TYPE_DISK 0x00
-#define TYPE_TAPE 0x01
-#define TYPE_PRINTER 0x02
-#define TYPE_PROCESSOR 0x03 /* HP scanners use this */
-#define TYPE_WORM 0x04 /* Treated as ROM by our system */
-#define TYPE_ROM 0x05
-#define TYPE_SCANNER 0x06
-#define TYPE_MOD 0x07 /* Magneto-optical disk -
- * - treated as TYPE_DISK */
-#define TYPE_MEDIUM_CHANGER 0x08
-#define TYPE_STORAGE_ARRAY 0x0c /* Storage array device */
-#define TYPE_ENCLOSURE 0x0d /* Enclosure Services Device */
-#define TYPE_RBC 0x0e /* Simplified Direct-Access Device */
-#define TYPE_OSD 0x11 /* Object-storage Device */
-#define TYPE_WLUN 0x1e /* Well known LUN */
-#define TYPE_NOT_PRESENT 0x1f
-#define TYPE_INACTIVE 0x20
-#define TYPE_NO_LUN 0x7f
-
-/* Mode page codes for mode sense/set */
-#define MODE_PAGE_R_W_ERROR 0x01
-#define MODE_PAGE_HD_GEOMETRY 0x04
-#define MODE_PAGE_FLEXIBLE_DISK_GEOMETRY 0x05
-#define MODE_PAGE_CACHING 0x08
-#define MODE_PAGE_AUDIO_CTL 0x0e
-#define MODE_PAGE_POWER 0x1a
-#define MODE_PAGE_FAULT_FAIL 0x1c
-#define MODE_PAGE_TO_PROTECT 0x1d
-#define MODE_PAGE_CAPABILITIES 0x2a
-#define MODE_PAGE_ALLS 0x3f
-/* Not in Mt. Fuji, but in ATAPI 2.6 -- deprecated now in favor
- * of MODE_PAGE_SENSE_POWER */
-#define MODE_PAGE_CDROM 0x0d
-
-/* Event notification classes for GET EVENT STATUS NOTIFICATION */
-#define GESN_NO_EVENTS 0
-#define GESN_OPERATIONAL_CHANGE 1
-#define GESN_POWER_MANAGEMENT 2
-#define GESN_EXTERNAL_REQUEST 3
-#define GESN_MEDIA 4
-#define GESN_MULTIPLE_HOSTS 5
-#define GESN_DEVICE_BUSY 6
-
-/* Event codes for MEDIA event status notification */
-#define MEC_NO_CHANGE 0
-#define MEC_EJECT_REQUESTED 1
-#define MEC_NEW_MEDIA 2
-#define MEC_MEDIA_REMOVAL 3 /* only for media changers */
-#define MEC_MEDIA_CHANGED 4 /* only for media changers */
-#define MEC_BG_FORMAT_COMPLETED 5 /* MRW or DVD+RW b/g format completed */
-#define MEC_BG_FORMAT_RESTARTED 6 /* MRW or DVD+RW b/g format restarted */
-
-#define MS_TRAY_OPEN 1
-#define MS_MEDIA_PRESENT 2
-
-/*
- * Based on values from <linux/cdrom.h> but extending CD_MINS
- * to the maximum common size allowed by the Orange's Book ATIP
- *
- * 90 and 99 min CDs are also available but using them as the
- * upper limit reduces the effectiveness of the heuristic to
- * detect DVDs burned to less than 25% of their maximum capacity
- */
-
-/* Some generally useful CD-ROM information */
-#define CD_MINS 80 /* max. minutes per CD */
-#define CD_SECS 60 /* seconds per minute */
-#define CD_FRAMES 75 /* frames per second */
-#define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */
-#define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE)
-#define CD_MAX_SECTORS (CD_MAX_BYTES / 512)
-
-/*
- * The MMC values are not IDE specific and might need to be moved
- * to a common header if they are also needed for the SCSI emulation
- */
-
-/* Profile list from MMC-6 revision 1 table 91 */
-#define MMC_PROFILE_NONE 0x0000
-#define MMC_PROFILE_CD_ROM 0x0008
-#define MMC_PROFILE_CD_R 0x0009
-#define MMC_PROFILE_CD_RW 0x000A
-#define MMC_PROFILE_DVD_ROM 0x0010
-#define MMC_PROFILE_DVD_R_SR 0x0011
-#define MMC_PROFILE_DVD_RAM 0x0012
-#define MMC_PROFILE_DVD_RW_RO 0x0013
-#define MMC_PROFILE_DVD_RW_SR 0x0014
-#define MMC_PROFILE_DVD_R_DL_SR 0x0015
-#define MMC_PROFILE_DVD_R_DL_JR 0x0016
-#define MMC_PROFILE_DVD_RW_DL 0x0017
-#define MMC_PROFILE_DVD_DDR 0x0018
-#define MMC_PROFILE_DVD_PLUS_RW 0x001A
-#define MMC_PROFILE_DVD_PLUS_R 0x001B
-#define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A
-#define MMC_PROFILE_DVD_PLUS_R_DL 0x002B
-#define MMC_PROFILE_BD_ROM 0x0040
-#define MMC_PROFILE_BD_R_SRM 0x0041
-#define MMC_PROFILE_BD_R_RRM 0x0042
-#define MMC_PROFILE_BD_RE 0x0043
-#define MMC_PROFILE_HDDVD_ROM 0x0050
-#define MMC_PROFILE_HDDVD_R 0x0051
-#define MMC_PROFILE_HDDVD_RAM 0x0052
-#define MMC_PROFILE_HDDVD_RW 0x0053
-#define MMC_PROFILE_HDDVD_R_DL 0x0058
-#define MMC_PROFILE_HDDVD_RW_DL 0x005A
-#define MMC_PROFILE_INVALID 0xFFFF
-
-#endif
diff --git a/include/hw/ide/internal.h b/include/hw/ide/internal.h
index 482a9512be..63a99e0366 100644
--- a/include/hw/ide/internal.h
+++ b/include/hw/ide/internal.h
@@ -11,7 +11,7 @@
#include "sysemu/dma.h"
#include "sysemu/sysemu.h"
#include "hw/block/block.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
/* debug IDE devices */
//#define DEBUG_IDE
diff --git a/include/scsi/constants.h b/include/scsi/constants.h
new file mode 100644
index 0000000000..a141dd71f8
--- /dev/null
+++ b/include/scsi/constants.h
@@ -0,0 +1,314 @@
+/* Copyright (C) 1998, 1999 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with this library; if not, see <http://www.gnu.org/licenses/>.
+*/
+
+/*
+ * This header file contains public constants and structures used by
+ * the scsi code for linux.
+ */
+
+#ifndef BLOCK_SCSI_H
+#define BLOCK_SCSI_H
+
+/*
+ * SCSI opcodes
+ */
+
+#define TEST_UNIT_READY 0x00
+#define REWIND 0x01
+#define REQUEST_SENSE 0x03
+#define FORMAT_UNIT 0x04
+#define READ_BLOCK_LIMITS 0x05
+#define INITIALIZE_ELEMENT_STATUS 0x07
+#define REASSIGN_BLOCKS 0x07
+#define READ_6 0x08
+#define WRITE_6 0x0a
+#define SET_CAPACITY 0x0b
+#define READ_REVERSE 0x0f
+#define WRITE_FILEMARKS 0x10
+#define SPACE 0x11
+#define INQUIRY 0x12
+#define RECOVER_BUFFERED_DATA 0x14
+#define MODE_SELECT 0x15
+#define RESERVE 0x16
+#define RELEASE 0x17
+#define COPY 0x18
+#define ERASE 0x19
+#define MODE_SENSE 0x1a
+#define LOAD_UNLOAD 0x1b
+#define SCAN 0x1b
+#define START_STOP 0x1b
+#define RECEIVE_DIAGNOSTIC 0x1c
+#define SEND_DIAGNOSTIC 0x1d
+#define ALLOW_MEDIUM_REMOVAL 0x1e
+#define SET_WINDOW 0x24
+#define READ_CAPACITY_10 0x25
+#define GET_WINDOW 0x25
+#define READ_10 0x28
+#define WRITE_10 0x2a
+#define SEND 0x2a
+#define SEEK_10 0x2b
+#define LOCATE_10 0x2b
+#define POSITION_TO_ELEMENT 0x2b
+#define WRITE_VERIFY_10 0x2e
+#define VERIFY_10 0x2f
+#define SEARCH_HIGH 0x30
+#define SEARCH_EQUAL 0x31
+#define OBJECT_POSITION 0x31
+#define SEARCH_LOW 0x32
+#define SET_LIMITS 0x33
+#define PRE_FETCH 0x34
+#define READ_POSITION 0x34
+#define GET_DATA_BUFFER_STATUS 0x34
+#define SYNCHRONIZE_CACHE 0x35
+#define LOCK_UNLOCK_CACHE 0x36
+#define INITIALIZE_ELEMENT_STATUS_WITH_RANGE 0x37
+#define READ_DEFECT_DATA 0x37
+#define MEDIUM_SCAN 0x38
+#define COMPARE 0x39
+#define COPY_VERIFY 0x3a
+#define WRITE_BUFFER 0x3b
+#define READ_BUFFER 0x3c
+#define UPDATE_BLOCK 0x3d
+#define READ_LONG_10 0x3e
+#define WRITE_LONG_10 0x3f
+#define CHANGE_DEFINITION 0x40
+#define WRITE_SAME_10 0x41
+#define UNMAP 0x42
+#define READ_TOC 0x43
+#define REPORT_DENSITY_SUPPORT 0x44
+#define GET_CONFIGURATION 0x46
+#define SANITIZE 0x48
+#define GET_EVENT_STATUS_NOTIFICATION 0x4a
+#define LOG_SELECT 0x4c
+#define LOG_SENSE 0x4d
+#define READ_DISC_INFORMATION 0x51
+#define RESERVE_TRACK 0x53
+#define MODE_SELECT_10 0x55
+#define RESERVE_10 0x56
+#define RELEASE_10 0x57
+#define MODE_SENSE_10 0x5a
+#define SEND_CUE_SHEET 0x5d
+#define PERSISTENT_RESERVE_IN 0x5e
+#define PERSISTENT_RESERVE_OUT 0x5f
+#define VARLENGTH_CDB 0x7f
+#define WRITE_FILEMARKS_16 0x80
+#define READ_REVERSE_16 0x81
+#define ALLOW_OVERWRITE 0x82
+#define EXTENDED_COPY 0x83
+#define ATA_PASSTHROUGH_16 0x85
+#define ACCESS_CONTROL_IN 0x86
+#define ACCESS_CONTROL_OUT 0x87
+#define READ_16 0x88
+#define COMPARE_AND_WRITE 0x89
+#define WRITE_16 0x8a
+#define WRITE_VERIFY_16 0x8e
+#define VERIFY_16 0x8f
+#define PRE_FETCH_16 0x90
+#define SPACE_16 0x91
+#define SYNCHRONIZE_CACHE_16 0x91
+#define LOCATE_16 0x92
+#define WRITE_SAME_16 0x93
+#define ERASE_16 0x93
+#define SERVICE_ACTION_IN_16 0x9e
+#define WRITE_LONG_16 0x9f
+#define REPORT_LUNS 0xa0
+#define ATA_PASSTHROUGH_12 0xa1
+#define MAINTENANCE_IN 0xa3
+#define MAINTENANCE_OUT 0xa4
+#define MOVE_MEDIUM 0xa5
+#define EXCHANGE_MEDIUM 0xa6
+#define SET_READ_AHEAD 0xa7
+#define READ_12 0xa8
+#define WRITE_12 0xaa
+#define SERVICE_ACTION_IN_12 0xab
+#define ERASE_12 0xac
+#define READ_DVD_STRUCTURE 0xad
+#define WRITE_VERIFY_12 0xae
+#define VERIFY_12 0xaf
+#define SEARCH_HIGH_12 0xb0
+#define SEARCH_EQUAL_12 0xb1
+#define SEARCH_LOW_12 0xb2
+#define READ_ELEMENT_STATUS 0xb8
+#define SEND_VOLUME_TAG 0xb6
+#define READ_DEFECT_DATA_12 0xb7
+#define SET_CD_SPEED 0xbb
+#define MECHANISM_STATUS 0xbd
+#define READ_CD 0xbe
+#define SEND_DVD_STRUCTURE 0xbf
+
+/*
+ * SERVICE ACTION IN subcodes
+ */
+#define SAI_READ_CAPACITY_16 0x10
+
+/*
+ * READ POSITION service action codes
+ */
+#define SHORT_FORM_BLOCK_ID 0x00
+#define SHORT_FORM_VENDOR_SPECIFIC 0x01
+#define LONG_FORM 0x06
+#define EXTENDED_FORM 0x08
+
+/*
+ * SAM Status codes
+ */
+
+#define GOOD 0x00
+#define CHECK_CONDITION 0x02
+#define CONDITION_GOOD 0x04
+#define BUSY 0x08
+#define INTERMEDIATE_GOOD 0x10
+#define INTERMEDIATE_C_GOOD 0x14
+#define RESERVATION_CONFLICT 0x18
+#define COMMAND_TERMINATED 0x22
+#define TASK_SET_FULL 0x28
+#define ACA_ACTIVE 0x30
+#define TASK_ABORTED 0x40
+
+#define STATUS_MASK 0x3e
+
+/*
+ * SENSE KEYS
+ */
+
+#define NO_SENSE 0x00
+#define RECOVERED_ERROR 0x01
+#define NOT_READY 0x02
+#define MEDIUM_ERROR 0x03
+#define HARDWARE_ERROR 0x04
+#define ILLEGAL_REQUEST 0x05
+#define UNIT_ATTENTION 0x06
+#define DATA_PROTECT 0x07
+#define BLANK_CHECK 0x08
+#define COPY_ABORTED 0x0a
+#define ABORTED_COMMAND 0x0b
+#define VOLUME_OVERFLOW 0x0d
+#define MISCOMPARE 0x0e
+
+
+/*
+ * DEVICE TYPES
+ */
+
+#define TYPE_DISK 0x00
+#define TYPE_TAPE 0x01
+#define TYPE_PRINTER 0x02
+#define TYPE_PROCESSOR 0x03 /* HP scanners use this */
+#define TYPE_WORM 0x04 /* Treated as ROM by our system */
+#define TYPE_ROM 0x05
+#define TYPE_SCANNER 0x06
+#define TYPE_MOD 0x07 /* Magneto-optical disk -
+ * - treated as TYPE_DISK */
+#define TYPE_MEDIUM_CHANGER 0x08
+#define TYPE_STORAGE_ARRAY 0x0c /* Storage array device */
+#define TYPE_ENCLOSURE 0x0d /* Enclosure Services Device */
+#define TYPE_RBC 0x0e /* Simplified Direct-Access Device */
+#define TYPE_OSD 0x11 /* Object-storage Device */
+#define TYPE_WLUN 0x1e /* Well known LUN */
+#define TYPE_NOT_PRESENT 0x1f
+#define TYPE_INACTIVE 0x20
+#define TYPE_NO_LUN 0x7f
+
+/* Mode page codes for mode sense/set */
+#define MODE_PAGE_R_W_ERROR 0x01
+#define MODE_PAGE_HD_GEOMETRY 0x04
+#define MODE_PAGE_FLEXIBLE_DISK_GEOMETRY 0x05
+#define MODE_PAGE_CACHING 0x08
+#define MODE_PAGE_AUDIO_CTL 0x0e
+#define MODE_PAGE_POWER 0x1a
+#define MODE_PAGE_FAULT_FAIL 0x1c
+#define MODE_PAGE_TO_PROTECT 0x1d
+#define MODE_PAGE_CAPABILITIES 0x2a
+#define MODE_PAGE_ALLS 0x3f
+/* Not in Mt. Fuji, but in ATAPI 2.6 -- deprecated now in favor
+ * of MODE_PAGE_SENSE_POWER */
+#define MODE_PAGE_CDROM 0x0d
+
+/* Event notification classes for GET EVENT STATUS NOTIFICATION */
+#define GESN_NO_EVENTS 0
+#define GESN_OPERATIONAL_CHANGE 1
+#define GESN_POWER_MANAGEMENT 2
+#define GESN_EXTERNAL_REQUEST 3
+#define GESN_MEDIA 4
+#define GESN_MULTIPLE_HOSTS 5
+#define GESN_DEVICE_BUSY 6
+
+/* Event codes for MEDIA event status notification */
+#define MEC_NO_CHANGE 0
+#define MEC_EJECT_REQUESTED 1
+#define MEC_NEW_MEDIA 2
+#define MEC_MEDIA_REMOVAL 3 /* only for media changers */
+#define MEC_MEDIA_CHANGED 4 /* only for media changers */
+#define MEC_BG_FORMAT_COMPLETED 5 /* MRW or DVD+RW b/g format completed */
+#define MEC_BG_FORMAT_RESTARTED 6 /* MRW or DVD+RW b/g format restarted */
+
+#define MS_TRAY_OPEN 1
+#define MS_MEDIA_PRESENT 2
+
+/*
+ * Based on values from <linux/cdrom.h> but extending CD_MINS
+ * to the maximum common size allowed by the Orange's Book ATIP
+ *
+ * 90 and 99 min CDs are also available but using them as the
+ * upper limit reduces the effectiveness of the heuristic to
+ * detect DVDs burned to less than 25% of their maximum capacity
+ */
+
+/* Some generally useful CD-ROM information */
+#define CD_MINS 80 /* max. minutes per CD */
+#define CD_SECS 60 /* seconds per minute */
+#define CD_FRAMES 75 /* frames per second */
+#define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */
+#define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE)
+#define CD_MAX_SECTORS (CD_MAX_BYTES / 512)
+
+/*
+ * The MMC values are not IDE specific and might need to be moved
+ * to a common header if they are also needed for the SCSI emulation
+ */
+
+/* Profile list from MMC-6 revision 1 table 91 */
+#define MMC_PROFILE_NONE 0x0000
+#define MMC_PROFILE_CD_ROM 0x0008
+#define MMC_PROFILE_CD_R 0x0009
+#define MMC_PROFILE_CD_RW 0x000A
+#define MMC_PROFILE_DVD_ROM 0x0010
+#define MMC_PROFILE_DVD_R_SR 0x0011
+#define MMC_PROFILE_DVD_RAM 0x0012
+#define MMC_PROFILE_DVD_RW_RO 0x0013
+#define MMC_PROFILE_DVD_RW_SR 0x0014
+#define MMC_PROFILE_DVD_R_DL_SR 0x0015
+#define MMC_PROFILE_DVD_R_DL_JR 0x0016
+#define MMC_PROFILE_DVD_RW_DL 0x0017
+#define MMC_PROFILE_DVD_DDR 0x0018
+#define MMC_PROFILE_DVD_PLUS_RW 0x001A
+#define MMC_PROFILE_DVD_PLUS_R 0x001B
+#define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A
+#define MMC_PROFILE_DVD_PLUS_R_DL 0x002B
+#define MMC_PROFILE_BD_ROM 0x0040
+#define MMC_PROFILE_BD_R_SRM 0x0041
+#define MMC_PROFILE_BD_R_RRM 0x0042
+#define MMC_PROFILE_BD_RE 0x0043
+#define MMC_PROFILE_HDDVD_ROM 0x0050
+#define MMC_PROFILE_HDDVD_R 0x0051
+#define MMC_PROFILE_HDDVD_RAM 0x0052
+#define MMC_PROFILE_HDDVD_RW 0x0053
+#define MMC_PROFILE_HDDVD_R_DL 0x0058
+#define MMC_PROFILE_HDDVD_RW_DL 0x005A
+#define MMC_PROFILE_INVALID 0xFFFF
+
+#endif
diff --git a/scsi/utils.c b/scsi/utils.c
index 6ee9f4095b..fab60bdf20 100644
--- a/scsi/utils.c
+++ b/scsi/utils.c
@@ -14,7 +14,7 @@
*/
#include "qemu/osdep.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "scsi/utils.h"
#include "qemu/bswap.h"
diff --git a/tests/virtio-scsi-test.c b/tests/virtio-scsi-test.c
index 87a3b6e81a..082d323541 100644
--- a/tests/virtio-scsi-test.c
+++ b/tests/virtio-scsi-test.c
@@ -10,7 +10,7 @@
#include "qemu/osdep.h"
#include "libqtest.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "libqos/libqos-pc.h"
#include "libqos/libqos-spapr.h"
#include "libqos/virtio.h"

10
1012-scsi-file-posix-add-support-for-persistent-reservati.patch → 0011-scsi-file-posix-add-support-for-persistent-reservati.patch
View File

@ -1,8 +1,7 @@
From 5c4a4b825189c2e9f322c8673104add7f76e38d5 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Mon, 21 Aug 2017 18:58:56 +0200
Subject: [PATCH 12/15] scsi, file-posix: add support for persistent
reservation management
Subject: [PATCH] scsi, file-posix: add support for persistent reservation
management
It is a common requirement for virtual machine to send persistent
reservations, but this currently requires either running QEMU with
@ -422,7 +421,7 @@ index 0000000000..45f5b6e49b
+pr_manager_execute(int fd, int cmd, int sa, void *opaque) "fd=%d cmd=0x%02x service action=0x%02x opaque=%p"
+pr_manager_run(int fd, int cmd, int sa) "fd=%d cmd=0x%02x service action=0x%02x"
diff --git a/vl.c b/vl.c
index 8e247cc2a2..af0e6576ab 100644
index d63269332f..acaf9eab39 100644
--- a/vl.c
+++ b/vl.c
@@ -2811,7 +2811,8 @@ static int machine_set_property(void *opaque,
@ -435,6 +434,3 @@ index 8e247cc2a2..af0e6576ab 100644
return false;
}
--
2.13.5

18
1013-scsi-build-qemu-pr-helper.patch → 0012-scsi-build-qemu-pr-helper.patch
View File

@ -1,7 +1,6 @@
From 226e00649123536737dcd20ccb5bd3d54d074338 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Tue, 22 Aug 2017 06:50:18 +0200
Subject: [PATCH 13/15] scsi: build qemu-pr-helper
Subject: [PATCH] scsi: build qemu-pr-helper
Introduce a privileged helper to run persistent reservation commands.
This lets virtual machines send persistent reservations without using
@ -30,10 +29,10 @@ Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
create mode 100644 scsi/qemu-pr-helper.c
diff --git a/Makefile b/Makefile
index eb831b98d1..8406aeb8cb 100644
index 81447b1f08..f07c0d7e9c 100644
--- a/Makefile
+++ b/Makefile
@@ -372,6 +372,8 @@ qemu-bridge-helper$(EXESUF): qemu-bridge-helper.o $(COMMON_LDADDS)
@@ -382,6 +382,8 @@ qemu-bridge-helper$(EXESUF): qemu-bridge-helper.o $(COMMON_LDADDS)
fsdev/virtfs-proxy-helper$(EXESUF): fsdev/virtfs-proxy-helper.o fsdev/9p-marshal.o fsdev/9p-iov-marshal.o $(COMMON_LDADDS)
fsdev/virtfs-proxy-helper$(EXESUF): LIBS += -lcap
@ -42,7 +41,7 @@ index eb831b98d1..8406aeb8cb 100644
qemu-img-cmds.h: $(SRC_PATH)/qemu-img-cmds.hx $(SRC_PATH)/scripts/hxtool
$(call quiet-command,sh $(SRC_PATH)/scripts/hxtool -h < $< > $@,"GEN","$@")
@@ -488,7 +490,7 @@ clean:
@@ -489,7 +491,7 @@ clean:
rm -f *.msi
find . \( -name '*.so' -o -name '*.dll' -o -name '*.mo' -o -name '*.[oda]' \) -type f -exec rm {} +
rm -f $(filter-out %.tlb,$(TOOLS)) $(HELPERS-y) qemu-ga TAGS cscope.* *.pod *~ */*~
@ -52,10 +51,10 @@ index eb831b98d1..8406aeb8cb 100644
rm -f ui/shader/*-vert.h ui/shader/*-frag.h
@# May not be present in GENERATED_FILES
diff --git a/configure b/configure
index cb0f7ed0ab..becc21a0fe 100755
index dd73cce62f..14bdf9bb31 100755
--- a/configure
+++ b/configure
@@ -5034,16 +5034,22 @@ if test "$want_tools" = "yes" ; then
@@ -5070,16 +5070,22 @@ if test "$want_tools" = "yes" ; then
fi
fi
if test "$softmmu" = yes ; then
@ -81,7 +80,7 @@ index cb0f7ed0ab..becc21a0fe 100755
fi
fi
@@ -6506,7 +6512,7 @@ fi
@@ -6545,7 +6551,7 @@ fi
# build tree in object directory in case the source is not in the current directory
DIRS="tests tests/tcg tests/tcg/cris tests/tcg/lm32 tests/libqos tests/qapi-schema tests/tcg/xtensa tests/qemu-iotests"
@ -1008,6 +1007,3 @@ index 0000000000..e39efbd529
+
+ exit(EXIT_SUCCESS);
+}
--
2.13.5

54
1014-scsi-add-multipath-support-to-qemu-pr-helper.patch → 0013-scsi-add-multipath-support-to-qemu-pr-helper.patch
View File

@ -1,7 +1,6 @@
From 43fedb8ae2c2b3bbb43023c118be708226e38179 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Tue, 22 Aug 2017 06:50:55 +0200
Subject: [PATCH 14/15] scsi: add multipath support to qemu-pr-helper
Subject: [PATCH] scsi: add multipath support to qemu-pr-helper
Proper support of persistent reservation for multipath devices requires
communication with the multipath daemon, so that the reservation is
@ -13,18 +12,18 @@ to libmpathpersist.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
Makefile | 3 +
configure | 46 +++++++
configure | 54 ++++++++
docs/pr-manager.rst | 27 ++++
include/scsi/utils.h | 4 +
scsi/qemu-pr-helper.c | 346 +++++++++++++++++++++++++++++++++++++++++++++++++-
scsi/qemu-pr-helper.c | 357 +++++++++++++++++++++++++++++++++++++++++++++++++-
scsi/utils.c | 10 ++
6 files changed, 433 insertions(+), 3 deletions(-)
6 files changed, 452 insertions(+), 3 deletions(-)
diff --git a/Makefile b/Makefile
index 8406aeb8cb..4eb40376d2 100644
index f07c0d7e9c..060c089af9 100644
--- a/Makefile
+++ b/Makefile
@@ -373,6 +373,9 @@ fsdev/virtfs-proxy-helper$(EXESUF): fsdev/virtfs-proxy-helper.o fsdev/9p-marshal
@@ -383,6 +383,9 @@ fsdev/virtfs-proxy-helper$(EXESUF): fsdev/virtfs-proxy-helper.o fsdev/9p-marshal
fsdev/virtfs-proxy-helper$(EXESUF): LIBS += -lcap
scsi/qemu-pr-helper$(EXESUF): scsi/qemu-pr-helper.o scsi/utils.o $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) $(COMMON_LDADDS)
@ -35,10 +34,10 @@ index 8406aeb8cb..4eb40376d2 100644
qemu-img-cmds.h: $(SRC_PATH)/qemu-img-cmds.hx $(SRC_PATH)/scripts/hxtool
$(call quiet-command,sh $(SRC_PATH)/scripts/hxtool -h < $< > $@,"GEN","$@")
diff --git a/configure b/configure
index becc21a0fe..f6edc2a33f 100755
index 14bdf9bb31..9eeb3ebf70 100755
--- a/configure
+++ b/configure
@@ -290,6 +290,7 @@ netmap="no"
@@ -286,6 +286,7 @@ pixman=""
sdl=""
sdlabi=""
virtfs=""
@ -46,7 +45,7 @@ index becc21a0fe..f6edc2a33f 100755
vnc="yes"
sparse="no"
vde=""
@@ -936,6 +937,10 @@ for opt do
@@ -948,6 +949,10 @@ for opt do
;;
--enable-virtfs) virtfs="yes"
;;
@ -57,7 +56,7 @@ index becc21a0fe..f6edc2a33f 100755
--disable-vnc) vnc="no"
;;
--enable-vnc) vnc="yes"
@@ -1479,6 +1484,7 @@ disabled with --disable-FEATURE, default is enabled if available:
@@ -1491,6 +1496,7 @@ disabled with --disable-FEATURE, default is enabled if available:
vnc-png PNG compression for VNC server
cocoa Cocoa UI (Mac OS X only)
virtfs VirtFS
@ -65,10 +64,11 @@ index becc21a0fe..f6edc2a33f 100755
xen xen backend driver support
xen-pci-passthrough
brlapi BrlAPI (Braile)
@@ -3300,6 +3306,38 @@ else
@@ -3335,6 +3341,38 @@ else
pixman_libs="-L\$(BUILD_DIR)/pixman/pixman/.libs -lpixman-1"
fi
##########################################
+##########################################
+# libmpathpersist probe
+
+if test "$mpath" != "no" ; then
@ -100,11 +100,10 @@ index becc21a0fe..f6edc2a33f 100755
+ mpathpersist=no
+fi
+
+##########################################
##########################################
# libcap probe
if test "$cap" != "no" ; then
@@ -5044,12 +5074,24 @@ if test "$softmmu" = yes ; then
@@ -5080,12 +5118,24 @@ if test "$softmmu" = yes ; then
fi
virtfs=no
fi
@ -129,7 +128,7 @@ index becc21a0fe..f6edc2a33f 100755
fi
fi
@@ -5295,6 +5337,7 @@ echo "Audio drivers $audio_drv_list"
@@ -5332,6 +5382,7 @@ echo "Audio drivers $audio_drv_list"
echo "Block whitelist (rw) $block_drv_rw_whitelist"
echo "Block whitelist (ro) $block_drv_ro_whitelist"
echo "VirtFS support $virtfs"
@ -137,7 +136,7 @@ index becc21a0fe..f6edc2a33f 100755
echo "VNC support $vnc"
if test "$vnc" = "yes" ; then
echo "VNC SASL support $vnc_sasl"
@@ -5738,6 +5781,9 @@ fi
@@ -5779,6 +5830,9 @@ fi
if test "$virtfs" = "yes" ; then
echo "CONFIG_VIRTFS=y" >> $config_host_mak
fi
@ -209,7 +208,7 @@ index d301b31768..00a4bdb080 100644
extern const struct SCSISense sense_code_UNIT_ATTENTION_NO_MEDIUM;
/* Unit attention, Power on, reset or bus device reset occurred */
diff --git a/scsi/qemu-pr-helper.c b/scsi/qemu-pr-helper.c
index e39efbd529..5f77c873e1 100644
index e39efbd529..be6d1fbade 100644
--- a/scsi/qemu-pr-helper.c
+++ b/scsi/qemu-pr-helper.c
@@ -30,6 +30,12 @@
@ -561,7 +560,7 @@ index e39efbd529..5f77c873e1 100644
return do_sgio(fd, cdb, sense, data, resp_sz,
SG_DXFER_FROM_DEV);
}
@@ -214,7 +528,14 @@ static int do_pr_in(int fd, const uint8_t *cdb, uint8_t *sense,
@@ -214,7 +539,14 @@ static int do_pr_in(int fd, const uint8_t *cdb, uint8_t *sense,
static int do_pr_out(int fd, const uint8_t *cdb, uint8_t *sense,
const uint8_t *param, int sz)
{
@ -577,7 +576,7 @@ index e39efbd529..5f77c873e1 100644
return do_sgio(fd, cdb, sense, (uint8_t *)param, &resp_sz,
SG_DXFER_TO_DEV);
}
@@ -525,6 +846,14 @@ static int drop_privileges(void)
@@ -525,6 +857,14 @@ static int drop_privileges(void)
return -1;
}
@ -592,7 +591,7 @@ index e39efbd529..5f77c873e1 100644
/* Change user/group id, retaining the capabilities. Because file descriptors
* are passed via SCM_RIGHTS, we don't need supplementary groups (and in
* fact the helper can run as "nobody").
@@ -541,7 +870,7 @@ static int drop_privileges(void)
@@ -541,7 +881,7 @@ static int drop_privileges(void)
int main(int argc, char **argv)
{
@ -601,7 +600,7 @@ index e39efbd529..5f77c873e1 100644
struct option lopt[] = {
{ "help", no_argument, NULL, 'h' },
{ "version", no_argument, NULL, 'V' },
@@ -551,10 +880,12 @@ int main(int argc, char **argv)
@@ -551,10 +891,12 @@ int main(int argc, char **argv)
{ "trace", required_argument, NULL, 'T' },
{ "user", required_argument, NULL, 'u' },
{ "group", required_argument, NULL, 'g' },
@ -614,7 +613,7 @@ index e39efbd529..5f77c873e1 100644
int quiet = 0;
char ch;
Error *local_err = NULL;
@@ -631,6 +962,9 @@ int main(int argc, char **argv)
@@ -631,6 +973,9 @@ int main(int argc, char **argv)
case 'q':
quiet = 1;
break;
@ -624,7 +623,7 @@ index e39efbd529..5f77c873e1 100644
case 'T':
g_free(trace_file);
trace_file = trace_opt_parse(optarg);
@@ -650,7 +984,8 @@ int main(int argc, char **argv)
@@ -650,7 +995,8 @@ int main(int argc, char **argv)
}
/* set verbosity */
@ -634,7 +633,7 @@ index e39efbd529..5f77c873e1 100644
if (!trace_init_backends()) {
exit(EXIT_FAILURE);
@@ -658,6 +993,11 @@ int main(int argc, char **argv)
@@ -658,6 +1004,11 @@ int main(int argc, char **argv)
trace_init_file(trace_file);
qemu_set_log(LOG_TRACE);
@ -674,6 +673,3 @@ index fab60bdf20..5684951b12 100644
/* Unit attention, No medium */
const struct SCSISense sense_code_UNIT_ATTENTION_NO_MEDIUM = {
.key = UNIT_ATTENTION, .asc = 0x3a, .ascq = 0x00
--
2.13.5

7
1015-scsi-add-persistent-reservation-manager-using-qemu-p.patch → 0014-scsi-add-persistent-reservation-manager-using-qemu-p.patch
View File

@ -1,8 +1,6 @@
From 3caf122d29ecc3317671a9f651a236e8d02e2e90 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Mon, 21 Aug 2017 18:58:56 +0200
Subject: [PATCH 15/15] scsi: add persistent reservation manager using
qemu-pr-helper
Subject: [PATCH] scsi: add persistent reservation manager using qemu-pr-helper
This adds a concrete subclass of pr-manager that talks to qemu-pr-helper.
@ -330,6 +328,3 @@ index 0000000000..82ff6b6123
+}
+
+type_init(pr_manager_helper_register_types);
--
2.13.5

4
1016-crypto-fix-test-cert-generation-to-not-use-SHA1-algo.patch → 0101-crypto-fix-test-cert-generation-to-not-use-SHA1-algo.patch
View File

@ -1,4 +1,3 @@
From 23c1595b0297e6ca8f37559af6f0b8533aa1fd99 Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Tue, 29 Aug 2017 17:03:30 +0100
Subject: [PATCH] crypto: fix test cert generation to not use SHA1 algorithm
@ -29,6 +28,3 @@ index 64073d3bd3..173d4e28fb 100644
if (err < 0) {
g_critical("Failed to sign certificate %s",
gnutls_strerror(err));
--
2.13.5

6
1017-io-fix-check-for-handshake-completion-in-TLS-test.patch → 0102-io-fix-check-for-handshake-completion-in-TLS-test.patch
View File

@ -1,4 +1,3 @@
From 689ed13e73bdb5a5ca3366524475e3065fae854a Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Tue, 29 Aug 2017 17:04:52 +0100
Subject: [PATCH] io: fix check for handshake completion in TLS test
@ -17,7 +16,7 @@ Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/test-io-channel-tls.c b/tests/test-io-channel-tls.c
index ff96877323..a210d01ba5 100644
index 8eaa208e1b..e7c80f46cf 100644
--- a/tests/test-io-channel-tls.c
+++ b/tests/test-io-channel-tls.c
@@ -218,7 +218,7 @@ static void test_io_channel_tls(const void *opaque)
@ -29,6 +28,3 @@ index ff96877323..a210d01ba5 100644
!serverHandshake.finished);
g_assert(clientHandshake.failed == data->expectClientFail);
--
2.13.5

6
1018-io-fix-temp-directory-used-by-test-io-channel-tls-te.patch → 0103-io-fix-temp-directory-used-by-test-io-channel-tls-te.patch
View File

@ -1,4 +1,3 @@
From d4adf9675801cd90e66ecfcd6a54ca1abc5a6698 Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Fri, 21 Jul 2017 12:47:39 +0100
Subject: [PATCH] io: fix temp directory used by test-io-channel-tls test
@ -15,7 +14,7 @@ Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tests/test-io-channel-tls.c b/tests/test-io-channel-tls.c
index 8eaa208e1b..ff96877323 100644
index e7c80f46cf..a210d01ba5 100644
--- a/tests/test-io-channel-tls.c
+++ b/tests/test-io-channel-tls.c
@@ -127,8 +127,8 @@ static void test_io_channel_tls(const void *opaque)
@ -29,6 +28,3 @@ index 8eaa208e1b..ff96877323 100644
mkdir(CLIENT_CERT_DIR, 0700);
mkdir(SERVER_CERT_DIR, 0700);
--
2.13.5

76
0104-spapr-fallback-to-raw-mode-if-best-compat-mode-canno.patch Normal file
View File

@ -0,0 +1,76 @@
From: Greg Kurz <groug@kaod.org>
Date: Thu, 17 Aug 2017 13:23:50 +0200
Subject: [PATCH] spapr: fallback to raw mode if best compat mode cannot be set
during CAS
KVM PR doesn't allow to set a compat mode. This causes ppc_set_compat_all()
to fail and we return H_HARDWARE to the guest right away.
This is excessive: even if we favor compat mode since commit 152ef803ceb19,
we should at least fallback to raw mode if the guest supports it.
This patch modifies cas_check_pvr() so that it also reports that the real
PVR was found in the table supplied by the guest. Note that this is only
makes sense if raw mode isn't explicitely disabled (ie, the user didn't
set the machine "max-cpu-compat" property). If this is the case, we can
simply ignore ppc_set_compat_all() failures, and let the guest run in raw
mode.
Signed-off-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
(cherry picked from commit cc7b35b169e96600c09947a31c610c84a3eda3ff)
---
hw/ppc/spapr_hcall.c | 18 ++++++++++++++----
1 file changed, 14 insertions(+), 4 deletions(-)
diff --git a/hw/ppc/spapr_hcall.c b/hw/ppc/spapr_hcall.c
index 07b3da8dc4..2f4c4f59e1 100644
--- a/hw/ppc/spapr_hcall.c
+++ b/hw/ppc/spapr_hcall.c
@@ -1441,7 +1441,8 @@ static target_ulong h_signal_sys_reset(PowerPCCPU *cpu,
}
static uint32_t cas_check_pvr(sPAPRMachineState *spapr, PowerPCCPU *cpu,
- target_ulong *addr, Error **errp)
+ target_ulong *addr, bool *raw_mode_supported,
+ Error **errp)
{
bool explicit_match = false; /* Matched the CPU's real PVR */
uint32_t max_compat = spapr->max_compat_pvr;
@@ -1481,6 +1482,8 @@ static uint32_t cas_check_pvr(sPAPRMachineState *spapr, PowerPCCPU *cpu,
return 0;
}
+ *raw_mode_supported = explicit_match;
+
/* Parsing finished */
trace_spapr_cas_pvr(cpu->compat_pvr, explicit_match, best_compat);
@@ -1499,8 +1502,9 @@ static target_ulong h_client_architecture_support(PowerPCCPU *cpu,
sPAPROptionVector *ov1_guest, *ov5_guest, *ov5_cas_old, *ov5_updates;
bool guest_radix;
Error *local_err = NULL;
+ bool raw_mode_supported = false;
- cas_pvr = cas_check_pvr(spapr, cpu, &addr, &local_err);
+ cas_pvr = cas_check_pvr(spapr, cpu, &addr, &raw_mode_supported, &local_err);
if (local_err) {
error_report_err(local_err);
return H_HARDWARE;
@@ -1510,8 +1514,14 @@ static target_ulong h_client_architecture_support(PowerPCCPU *cpu,
if (cpu->compat_pvr != cas_pvr) {
ppc_set_compat_all(cas_pvr, &local_err);
if (local_err) {
- error_report_err(local_err);
- return H_HARDWARE;
+ /* We fail to set compat mode (likely because running with KVM PR),
+ * but maybe we can fallback to raw mode if the guest supports it.
+ */
+ if (!raw_mode_supported) {
+ error_report_err(local_err);
+ return H_HARDWARE;
+ }
+ local_err = NULL;
}
}

40
0105-9pfs-use-g_malloc0-to-allocate-space-for-xattr.patch Normal file
View File

@ -0,0 +1,40 @@
From: Prasad J Pandit <pjp@fedoraproject.org>
Date: Mon, 16 Oct 2017 14:21:59 +0200
Subject: [PATCH] 9pfs: use g_malloc0 to allocate space for xattr
9p back-end first queries the size of an extended attribute,
allocates space for it via g_malloc() and then retrieves its
value into allocated buffer. Race between querying attribute
size and retrieving its could lead to memory bytes disclosure.
Use g_malloc0() to avoid it.
Reported-by: Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Signed-off-by: Greg Kurz <groug@kaod.org>
(cherry picked from commit 7bd92756303f2158a68d5166264dc30139b813b6)
---
hw/9pfs/9p.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
index 8e9490c5f5..c41c0eb106 100644
--- a/hw/9pfs/9p.c
+++ b/hw/9pfs/9p.c
@@ -3236,7 +3236,7 @@ static void coroutine_fn v9fs_xattrwalk(void *opaque)
xattr_fidp->fid_type = P9_FID_XATTR;
xattr_fidp->fs.xattr.xattrwalk_fid = true;
if (size) {
- xattr_fidp->fs.xattr.value = g_malloc(size);
+ xattr_fidp->fs.xattr.value = g_malloc0(size);
err = v9fs_co_llistxattr(pdu, &xattr_fidp->path,
xattr_fidp->fs.xattr.value,
xattr_fidp->fs.xattr.len);
@@ -3269,7 +3269,7 @@ static void coroutine_fn v9fs_xattrwalk(void *opaque)
xattr_fidp->fid_type = P9_FID_XATTR;
xattr_fidp->fs.xattr.xattrwalk_fid = true;
if (size) {
- xattr_fidp->fs.xattr.value = g_malloc(size);
+ xattr_fidp->fs.xattr.value = g_malloc0(size);
err = v9fs_co_lgetxattr(pdu, &xattr_fidp->path,
&name, xattr_fidp->fs.xattr.value,
xattr_fidp->fs.xattr.len);

51
0106-io-monitor-encoutput-buffer-size-from-websocket-GSou.patch Normal file
View File

@ -0,0 +1,51 @@
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Mon, 9 Oct 2017 14:43:42 +0100
Subject: [PATCH] io: monitor encoutput buffer size from websocket GSource
The websocket GSource is monitoring the size of the rawoutput
buffer to determine if the channel can accepts more writes.
The rawoutput buffer, however, is merely a temporary staging
buffer before data is copied into the encoutput buffer. Thus
its size will always be zero when the GSource runs.
This flaw causes the encoutput buffer to grow without bound
if the other end of the underlying data channel doesn't
read data being sent. This can be seen with VNC if a client
is on a slow WAN link and the guest OS is sending many screen
updates. A malicious VNC client can act like it is on a slow
link by playing a video in the guest and then reading data
very slowly, causing QEMU host memory to expand arbitrarily.
This issue is assigned CVE-2017-15268, publically reported in
https://bugs.launchpad.net/qemu/+bug/1718964
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit a7b20a8efa28e5f22c26c06cd06c2f12bc863493)
---
io/channel-websock.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/io/channel-websock.c b/io/channel-websock.c
index 5a3badbec2..c02c2a66c9 100644
--- a/io/channel-websock.c
+++ b/io/channel-websock.c
@@ -26,7 +26,7 @@
#include "trace.h"
-/* Max amount to allow in rawinput/rawoutput buffers */
+/* Max amount to allow in rawinput/encoutput buffers */
#define QIO_CHANNEL_WEBSOCK_MAX_BUFFER 8192
#define QIO_CHANNEL_WEBSOCK_CLIENT_KEY_LEN 24
@@ -1006,7 +1006,7 @@ qio_channel_websock_source_prepare(GSource *source,
if (wsource->wioc->rawinput.offset) {
cond |= G_IO_IN;
}
- if (wsource->wioc->rawoutput.offset < QIO_CHANNEL_WEBSOCK_MAX_BUFFER) {
+ if (wsource->wioc->encoutput.offset < QIO_CHANNEL_WEBSOCK_MAX_BUFFER) {
cond |= G_IO_OUT;
}

71
1003-scsi-bus-correct-responses-for-INQUIRY-and-REQUEST-S.patch
View File

@ -1,71 +0,0 @@
From b07725e3e5e05610691815ee921a6b3307685815 Mon Sep 17 00:00:00 2001
From: Hannes Reinecke <hare@suse.de>
Date: Fri, 18 Aug 2017 11:37:02 +0200
Subject: [PATCH 03/15] scsi-bus: correct responses for INQUIRY and REQUEST
SENSE
According to SPC-3 INQUIRY and REQUEST SENSE should return GOOD
even on unsupported LUNS.
Signed-off-by: Hannes Reinecke <hare@suse.com>
Message-Id: <1503049022-14749-1-git-send-email-hare@suse.de>
Reported-by: Laszlo Ersek <lersek@redhat.com>
Fixes: ded6ddc5a7b95217557fa360913d1213e12d4a6d
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Hannes Reinecke <hare@suse.de>
---
hw/scsi/scsi-bus.c | 29 +++++++++++++++++++++++++----
1 file changed, 25 insertions(+), 4 deletions(-)
diff --git a/hw/scsi/scsi-bus.c b/hw/scsi/scsi-bus.c
index e364410a23..ade31c11f5 100644
--- a/hw/scsi/scsi-bus.c
+++ b/hw/scsi/scsi-bus.c
@@ -516,8 +516,10 @@ static size_t scsi_sense_len(SCSIRequest *req)
static int32_t scsi_target_send_command(SCSIRequest *req, uint8_t *buf)
{
SCSITargetReq *r = DO_UPCAST(SCSITargetReq, req, req);
+ int fixed_sense = (req->cmd.buf[1] & 1) == 0;
- if (req->lun != 0) {
+ if (req->lun != 0 &&
+ buf[0] != INQUIRY && buf[0] != REQUEST_SENSE) {
scsi_req_build_sense(req, SENSE_CODE(LUN_NOT_SUPPORTED));
scsi_req_complete(req, CHECK_CONDITION);
return 0;
@@ -535,9 +537,28 @@ static int32_t scsi_target_send_command(SCSIRequest *req, uint8_t *buf)
break;
case REQUEST_SENSE:
scsi_target_alloc_buf(&r->req, scsi_sense_len(req));
- r->len = scsi_device_get_sense(r->req.dev, r->buf,
- MIN(req->cmd.xfer, r->buf_len),
- (req->cmd.buf[1] & 1) == 0);
+ if (req->lun != 0) {
+ const struct SCSISense sense = SENSE_CODE(LUN_NOT_SUPPORTED);
+
+ if (fixed_sense) {
+ r->buf[0] = 0x70;
+ r->buf[2] = sense.key;
+ r->buf[10] = 10;
+ r->buf[12] = sense.asc;
+ r->buf[13] = sense.ascq;
+ r->len = MIN(req->cmd.xfer, SCSI_SENSE_LEN);
+ } else {
+ r->buf[0] = 0x72;
+ r->buf[1] = sense.key;
+ r->buf[2] = sense.asc;
+ r->buf[3] = sense.ascq;
+ r->len = 8;
+ }
+ } else {
+ r->len = scsi_device_get_sense(r->req.dev, r->buf,
+ MIN(req->cmd.xfer, r->buf_len),
+ fixed_sense);
+ }
if (r->req.dev->sense_is_ua) {
scsi_device_unit_attention_reported(req->dev);
r->req.dev->sense_len = 0;
--
2.13.5

250
1011-scsi-move-block-scsi.h-to-include-scsi-constants.h.patch
View File

@ -1,250 +0,0 @@
From e2b560d9f9966d7256488d0a359200c65c2c07f8 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Tue, 22 Aug 2017 09:23:55 +0200
Subject: [PATCH 11/15] scsi: move block/scsi.h to include/scsi/constants.h
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Complete the transition by renaming this header, which was
shared by block/iscsi.c and the SCSI emulation code.
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
block/iscsi.c | 2 +-
hw/block/virtio-blk.c | 2 +-
hw/scsi/megasas.c | 2 +-
hw/scsi/mptendian.c | 2 +-
hw/scsi/mptsas.c | 2 +-
hw/scsi/scsi-bus.c | 2 +-
hw/scsi/scsi-disk.c | 2 +-
hw/scsi/scsi-generic.c | 2 +-
hw/scsi/spapr_vscsi.c | 2 +-
hw/scsi/virtio-scsi-dataplane.c | 2 +-
hw/scsi/virtio-scsi.c | 2 +-
hw/scsi/vmw_pvscsi.c | 2 +-
hw/usb/dev-uas.c | 2 +-
include/hw/ide/internal.h | 2 +-
include/{block/scsi.h => scsi/constants.h} | 0
scsi/utils.c | 2 +-
tests/virtio-scsi-test.c | 2 +-
17 files changed, 16 insertions(+), 16 deletions(-)
rename include/{block/scsi.h => scsi/constants.h} (100%)
diff --git a/block/iscsi.c b/block/iscsi.c
index 40adc3c493..c4586be720 100644
--- a/block/iscsi.c
+++ b/block/iscsi.c
@@ -34,7 +34,7 @@
#include "qemu/bitops.h"
#include "qemu/bitmap.h"
#include "block/block_int.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "qemu/iov.h"
#include "qemu/uuid.h"
#include "qmp-commands.h"
diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c
index a16ac75090..05d1440786 100644
--- a/hw/block/virtio-blk.c
+++ b/hw/block/virtio-blk.c
@@ -22,7 +22,7 @@
#include "sysemu/blockdev.h"
#include "hw/virtio/virtio-blk.h"
#include "dataplane/virtio-blk.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#ifdef __linux__
# include <scsi/sg.h>
#endif
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index 734fdaef90..0db68aacee 100644
--- a/hw/scsi/megasas.c
+++ b/hw/scsi/megasas.c
@@ -27,7 +27,7 @@
#include "hw/pci/msix.h"
#include "qemu/iov.h"
#include "hw/scsi/scsi.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "trace.h"
#include "qapi/error.h"
#include "mfi.h"
diff --git a/hw/scsi/mptendian.c b/hw/scsi/mptendian.c
index b7fe2a2a36..3415229b5e 100644
--- a/hw/scsi/mptendian.c
+++ b/hw/scsi/mptendian.c
@@ -28,7 +28,7 @@
#include "hw/pci/msi.h"
#include "qemu/iov.h"
#include "hw/scsi/scsi.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "trace.h"
#include "mptsas.h"
diff --git a/hw/scsi/mptsas.c b/hw/scsi/mptsas.c
index 765ab53c34..8bae8f543e 100644
--- a/hw/scsi/mptsas.c
+++ b/hw/scsi/mptsas.c
@@ -30,7 +30,7 @@
#include "hw/pci/msi.h"
#include "qemu/iov.h"
#include "hw/scsi/scsi.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "trace.h"
#include "qapi/error.h"
#include "mptsas.h"
diff --git a/hw/scsi/scsi-bus.c b/hw/scsi/scsi-bus.c
index 652ab046ab..977f7bce1f 100644
--- a/hw/scsi/scsi-bus.c
+++ b/hw/scsi/scsi-bus.c
@@ -3,7 +3,7 @@
#include "qapi/error.h"
#include "qemu/error-report.h"
#include "hw/scsi/scsi.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "hw/qdev.h"
#include "sysemu/block-backend.h"
#include "sysemu/blockdev.h"
diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c
index 0a1f4ef0c7..5faf6682c5 100644
--- a/hw/scsi/scsi-disk.c
+++ b/hw/scsi/scsi-disk.c
@@ -32,7 +32,7 @@ do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
#include "qapi/error.h"
#include "qemu/error-report.h"
#include "hw/scsi/scsi.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "sysemu/sysemu.h"
#include "sysemu/block-backend.h"
#include "sysemu/blockdev.h"
diff --git a/hw/scsi/scsi-generic.c b/hw/scsi/scsi-generic.c
index 04c687ee76..bd0d9ff355 100644
--- a/hw/scsi/scsi-generic.c
+++ b/hw/scsi/scsi-generic.c
@@ -34,7 +34,7 @@ do { printf("scsi-generic: " fmt , ## __VA_ARGS__); } while (0)
do { fprintf(stderr, "scsi-generic: " fmt , ## __VA_ARGS__); } while (0)
#include <scsi/sg.h>
-#include "block/scsi.h"
+#include "scsi/constants.h"
#ifndef MAX_UINT
#define MAX_UINT ((unsigned int)-1)
diff --git a/hw/scsi/spapr_vscsi.c b/hw/scsi/spapr_vscsi.c
index 55ee48c4da..360db53ac8 100644
--- a/hw/scsi/spapr_vscsi.c
+++ b/hw/scsi/spapr_vscsi.c
@@ -36,7 +36,7 @@
#include "cpu.h"
#include "hw/hw.h"
#include "hw/scsi/scsi.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "srp.h"
#include "hw/qdev.h"
#include "hw/ppc/spapr.h"
diff --git a/hw/scsi/virtio-scsi-dataplane.c b/hw/scsi/virtio-scsi-dataplane.c
index 944ea4eb53..add4b3f4a4 100644
--- a/hw/scsi/virtio-scsi-dataplane.c
+++ b/hw/scsi/virtio-scsi-dataplane.c
@@ -17,7 +17,7 @@
#include "qemu/error-report.h"
#include "sysemu/block-backend.h"
#include "hw/scsi/scsi.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "hw/virtio/virtio-bus.h"
#include "hw/virtio/virtio-access.h"
diff --git a/hw/scsi/virtio-scsi.c b/hw/scsi/virtio-scsi.c
index eb639442d1..823a1e9a42 100644
--- a/hw/scsi/virtio-scsi.c
+++ b/hw/scsi/virtio-scsi.c
@@ -21,7 +21,7 @@
#include "qemu/iov.h"
#include "sysemu/block-backend.h"
#include "hw/scsi/scsi.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "hw/virtio/virtio-bus.h"
#include "hw/virtio/virtio-access.h"
diff --git a/hw/scsi/vmw_pvscsi.c b/hw/scsi/vmw_pvscsi.c
index 77d8b6f9e2..6d3f0bf11d 100644
--- a/hw/scsi/vmw_pvscsi.c
+++ b/hw/scsi/vmw_pvscsi.c
@@ -28,7 +28,7 @@
#include "qemu/osdep.h"
#include "qapi/error.h"
#include "hw/scsi/scsi.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "hw/pci/msi.h"
#include "vmw_pvscsi.h"
#include "trace.h"
diff --git a/hw/usb/dev-uas.c b/hw/usb/dev-uas.c
index fffc424396..c218b53f09 100644
--- a/hw/usb/dev-uas.c
+++ b/hw/usb/dev-uas.c
@@ -19,7 +19,7 @@
#include "hw/usb.h"
#include "hw/usb/desc.h"
#include "hw/scsi/scsi.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
/* --------------------------------------------------------------------- */
diff --git a/include/hw/ide/internal.h b/include/hw/ide/internal.h
index 482a9512be..63a99e0366 100644
--- a/include/hw/ide/internal.h
+++ b/include/hw/ide/internal.h
@@ -11,7 +11,7 @@
#include "sysemu/dma.h"
#include "sysemu/sysemu.h"
#include "hw/block/block.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
/* debug IDE devices */
//#define DEBUG_IDE
diff --git a/include/block/scsi.h b/include/scsi/constants.h
similarity index 100%
rename from include/block/scsi.h
rename to include/scsi/constants.h
diff --git a/scsi/utils.c b/scsi/utils.c
index 6ee9f4095b..fab60bdf20 100644
--- a/scsi/utils.c
+++ b/scsi/utils.c
@@ -14,7 +14,7 @@
*/
#include "qemu/osdep.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "scsi/utils.h"
#include "qemu/bswap.h"
diff --git a/tests/virtio-scsi-test.c b/tests/virtio-scsi-test.c
index 87a3b6e81a..082d323541 100644
--- a/tests/virtio-scsi-test.c
+++ b/tests/virtio-scsi-test.c
@@ -10,7 +10,7 @@
#include "qemu/osdep.h"
#include "libqtest.h"
-#include "block/scsi.h"
+#include "scsi/constants.h"
#include "libqos/libqos-pc.h"
#include "libqos/libqos-spapr.h"
#include "libqos/virtio.h"
--
2.13.5

57
qemu.spec
View File

@ -106,8 +106,8 @@ Requires: %{name}-block-ssh = %{epoch}:%{version}-%{release}
Summary: QEMU is a FAST! processor emulator
Name: qemu
Version: 2.10.0
Release: 7%{?rcrel}%{?dist}
Version: 2.10.1
Release: 1%{?rcrel}%{?dist}
Epoch: 2
License: GPLv2+ and LGPLv2+ and BSD
Group: Development/Tools
@ -142,24 +142,34 @@ Source21: 50-kvm-s390x.conf
# /etc/security/limits.d/95-kvm-ppc64-memlock.conf
Source22: 95-kvm-ppc64-memlock.conf
Patch1001: 1001-io-add-new-qio_channel_-readv-writev-read-write-_all.patch
Patch1002: 1002-io-Yield-rather-than-wait-when-already-in-coroutine.patch
Patch1003: 1003-scsi-bus-correct-responses-for-INQUIRY-and-REQUEST-S.patch
Patch1004: 1004-scsi-Refactor-scsi-sense-interpreting-code.patch
Patch1005: 1005-scsi-Improve-scsi_sense_to_errno.patch
Patch1006: 1006-scsi-Introduce-scsi_sense_buf_to_errno.patch
Patch1007: 1007-scsi-rename-scsi_build_sense-to-scsi_convert_sense.patch
Patch1008: 1008-scsi-move-non-emulation-specific-code-to-scsi.patch
Patch1009: 1009-scsi-introduce-scsi_build_sense.patch
Patch1010: 1010-scsi-introduce-sg_io_sense_from_errno.patch
Patch1011: 1011-scsi-move-block-scsi.h-to-include-scsi-constants.h.patch
Patch1012: 1012-scsi-file-posix-add-support-for-persistent-reservati.patch
Patch1013: 1013-scsi-build-qemu-pr-helper.patch
Patch1014: 1014-scsi-add-multipath-support-to-qemu-pr-helper.patch
Patch1015: 1015-scsi-add-persistent-reservation-manager-using-qemu-p.patch
Patch1016: 1016-crypto-fix-test-cert-generation-to-not-use-SHA1-algo.patch
Patch1017: 1017-io-fix-check-for-handshake-completion-in-TLS-test.patch
Patch1018: 1018-io-fix-temp-directory-used-by-test-io-channel-tls-te.patch
# Backport persistent reservation manager in preparation for SELinux work
Patch0001: 0001-io-add-new-qio_channel_-readv-writev-read-write-_all.patch
Patch0002: 0002-io-Yield-rather-than-wait-when-already-in-coroutine.patch
Patch0003: 0003-scsi-Refactor-scsi-sense-interpreting-code.patch
Patch0004: 0004-scsi-Improve-scsi_sense_to_errno.patch
Patch0005: 0005-scsi-Introduce-scsi_sense_buf_to_errno.patch
Patch0006: 0006-scsi-rename-scsi_build_sense-to-scsi_convert_sense.patch
Patch0007: 0007-scsi-move-non-emulation-specific-code-to-scsi.patch
Patch0008: 0008-scsi-introduce-scsi_build_sense.patch
Patch0009: 0009-scsi-introduce-sg_io_sense_from_errno.patch
Patch0010: 0010-scsi-move-block-scsi.h-to-include-scsi-constants.h.patch
Patch0011: 0011-scsi-file-posix-add-support-for-persistent-reservati.patch
Patch0012: 0012-scsi-build-qemu-pr-helper.patch
Patch0013: 0013-scsi-add-multipath-support-to-qemu-pr-helper.patch
Patch0014: 0014-scsi-add-persistent-reservation-manager-using-qemu-p.patch
# Add patches from git master to fix TLS test suite with new GNUTLS
Patch0101: 0101-crypto-fix-test-cert-generation-to-not-use-SHA1-algo.patch
Patch0102: 0102-io-fix-check-for-handshake-completion-in-TLS-test.patch
Patch0103: 0103-io-fix-temp-directory-used-by-test-io-channel-tls-te.patch
# Fix ppc64 KVM failure (bz #1501936)
Patch0104: 0104-spapr-fallback-to-raw-mode-if-best-compat-mode-canno.patch
# CVE-2017-15038: 9p: information disclosure when reading extended
# attributes (bz #1499111)
Patch0105: 0105-9pfs-use-g_malloc0-to-allocate-space-for-xattr.patch
# CVE-2017-15268: potential memory exhaustion via websock connection to VNC
# (bz #1496882)
Patch0106: 0106-io-monitor-encoutput-buffer-size-from-websocket-GSou.patch
# documentation deps
BuildRequires: texinfo
@ -2029,6 +2039,13 @@ getent passwd qemu >/dev/null || \
%changelog
* Thu Oct 19 2017 Cole Robinson <crobinso@redhat.com> - 2:2.10.1-1
- Fix ppc64 KVM failure (bz #1501936)
- CVE-2017-15038: 9p: information disclosure when reading extended
attributes (bz #1499111)
- CVE-2017-15268: potential memory exhaustion via websock connection to VNC
(bz #1496882)
* Tue Oct 17 2017 Paolo Bonzini <pbonzini@redhat.com> - 2:2.10.0-7
- Update patch 1014 for new libmultipath/libmpathpersist API
- Force build to fail if multipath is not available

2
sources
View File

@ -1 +1 @@
SHA512 (qemu-2.10.0.tar.xz) = 67891e78a0df8538838c5fc6d5208e1e0c23f608013818ea8f2f6b7dcbf80404113559b4d33aea32daf25bd43c2d8b5befbebf9fab16adf74a50218239cead53
SHA512 (qemu-2.10.1.tar.xz) = 62e9717ede71a49f3ffd9b86c321470f64c90e575be1a9da01078cfc9466b0aeb08adf5d05bab7ee1e89dfce75def7b276af01f77b7151d406999e7af21b6711