commit 9525982417a5af29a2d74a7991717572518f8d57 Author: Wolfgang Bumiller Date: Wed Apr 5 10:49:19 2017 +0200 import stable-4 build files diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..3a8ed66 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "qemu"] + path = qemu + url = ../mirror_qemu diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..da36a9f --- /dev/null +++ b/Makefile @@ -0,0 +1,54 @@ +# also update debian/changelog +KVMVER=2.7.1 +KVMPKGREL=4 + +KVMPACKAGE = pve-qemu-kvm +KVMSRC = qemu +BUILDSRC = $(KVMSRC).tmp + +SRCDIR := qemu + +ARCH := $(shell dpkg-architecture -qDEB_BUILD_ARCH) +GITVERSION := $(shell git rev-parse master) + +DEB = ${KVMPACKAGE}_${KVMVER}-${KVMPKGREL}_${ARCH}.deb +DEB_DBG = ${KVMPACKAGE}-dbg_${KVMVER}-${KVMPKGREL}_${ARCH}.deb +DEBS = $(DEB) $(DEB_DBG) + + +all: $(DEBS) + +.PHONY: submodule +submodule: + test -f "${SRCDIR}/debian/changelog" || git submodule update --init + +.PHONY: deb kvm +deb kvm: $(DEBS) +$(DEB_DBG): $(DEB) +$(DEB): | submodule + rm -f *.deb + rm -rf $(BUILDSRC) + mkdir $(BUILDSRC) + cp -a $(KVMSRC)/* $(BUILDSRC)/ + tar -C $(BUILDSRC) -xJf efi-roms-1182.tar.xz + cp -a debian $(BUILDSRC)/debian + echo "git clone git://git.proxmox.com/git/pve-qemu-kvm.git\\ngit checkout $(GITVERSION)" > $(BUILDSRC)/debian/SOURCE + # set package version + sed -i 's/^pkgversion="".*/pkgversion="${KVMPACKAGE}_${KVMVER}-${KVMPKGREL}"/' $(BUILDSRC)/configure + cd $(BUILDSRC); dpkg-buildpackage -b -rfakeroot -us -uc + lintian $(DEBS) || true + +.PHONY: upload +upload: $(DEBS) + tar cf - $(DEBS) | ssh repoman@repo.proxmox.com upload --produce pve --dist jessie + +.PHONY: distclean +distclean: clean + +.PHONY: clean +clean: + rm -rf $(BUILDSRC) $(KVMPACKAGE)_* $(DEBS) *.buildinfo + +.PHONY: dinstall +dinstall: $(DEBS) + dpkg -i $(DEBS) diff --git a/backup.txt b/backup.txt new file mode 100644 index 0000000..0605250 --- /dev/null +++ b/backup.txt @@ -0,0 +1,116 @@ +Efficient VM backup for qemu + +=Requirements= + +* Backup to a single archive file +* Backup needs to contain all data to restore VM (full backup) +* Do not depend on storage type or image format +* Avoid use of temporary storage +* store sparse images efficiently + +=Introduction= + +Most VM backup solutions use some kind of snapshot to get a consistent +VM view at a specific point in time. For example, we previously used +LVM to create a snapshot of all used VM images, which are then copied +into a tar file. + +That basically means that any data written during backup involve +considerable overhead. For LVM we get the following steps: + +1.) read original data (VM write) +2.) write original data into snapshot (VM write) +3.) write new data (VM write) +4.) read data from snapshot (backup) +5.) write data from snapshot into tar file (backup) + +Another approach to backup VM images is to create a new qcow2 image +which use the old image as base. During backup, writes are redirected +to the new image, so the old image represents a 'snapshot'. After +backup, data need to be copied back from new image into the old +one (commit). So a simple write during backup triggers the following +steps: + +1.) write new data to new image (VM write) +2.) read data from old image (backup) +3.) write data from old image into tar file (backup) + +4.) read data from new image (commit) +5.) write data to old image (commit) + +This is in fact the same overhead as before. Other tools like qemu +livebackup produces similar overhead (2 reads, 3 writes). + +Some storage types/formats supports internal snapshots using some kind +of reference counting (rados, sheepdog, dm-thin, qcow2). It would be possible +to use that for backups, but for now we want to be storage-independent. + +=Make it more efficient= + +The be more efficient, we simply need to avoid unnecessary steps. The +following steps are always required: + +1.) read old data before it gets overwritten +2.) write that data into the backup archive +3.) write new data (VM write) + +As you can see, this involves only one read, and two writes. + +To make that work, our backup archive need to be able to store image +data 'out of order'. It is important to notice that this will not work +with traditional archive formats like tar. + +During backup we simply intercept writes, then read existing data and +store that directly into the archive. After that we can continue the +write. + +==Advantages== + +* very good performance (1 read, 2 writes) +* works on any storage type and image format. +* avoid usage of temporary storage +* we can define a new and simple archive format, which is able to + store sparse files efficiently. + +Note: Storing sparse files is a mess with existing archive +formats. For example, tar requires information about holes at the +beginning of the archive. + +==Disadvantages== + +* we need to define a new archive format + +Note: Most existing archive formats are optimized to store small files +including file attributes. We simply do not need that for VM archives. + +* archive contains data 'out of order' + +If you want to access image data in sequential order, you need to +re-order archive data. It would be possible to to that on the fly, +using temporary files. + +Fortunately, a normal restore/extract works perfectly with 'out of +order' data, because the target files are seekable. + +* slow backup storage can slow down VM during backup + +It is important to note that we only do sequential writes to the +backup storage. Furthermore one can compress the backup stream. IMHO, +it is better to slow down the VM a bit. All other solutions creates +large amounts of temporary data during backup. + +=Archive format requirements= + +The basic requirement for such new format is that we can store image +date 'out of order'. It is also very likely that we have less than 256 +drives/images per VM, and we want to be able to store VM configuration +files. + +We have defined a very simply format with those properties, see: + +https://git.proxmox.com/?p=pve-qemu-kvm.git;a=blob;f=vma_spec.txt; + +Please let us know if you know an existing format which provides the +same functionality. + + diff --git a/debian/Logo.bmp b/debian/Logo.bmp new file mode 100644 index 0000000..4c46dd8 Binary files /dev/null and b/debian/Logo.bmp differ diff --git a/debian/OVMF_CODE-pure-efi.fd b/debian/OVMF_CODE-pure-efi.fd new file mode 100644 index 0000000..807676d Binary files /dev/null and b/debian/OVMF_CODE-pure-efi.fd differ diff --git a/debian/OVMF_README.txt b/debian/OVMF_README.txt new file mode 100644 index 0000000..7085e29 --- /dev/null +++ b/debian/OVMF_README.txt @@ -0,0 +1,11 @@ +The OVMF images were built through the edk2 github repository. + +git clone https://github.com/tianocore/edk2 + +set up the build environment + +copy the Logo.bmp to ./edk2/MdeModulePkg/Logo/ + +call ./edk2/OvmfPkg/build.sh -a X64 -b RELEASE + +The license is under ./edk2/OvmfPkg/License.txt diff --git a/debian/OVMF_VARS-pure-efi.fd b/debian/OVMF_VARS-pure-efi.fd new file mode 100644 index 0000000..3b8bb9b Binary files /dev/null and b/debian/OVMF_VARS-pure-efi.fd differ diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..699e451 --- /dev/null +++ b/debian/changelog @@ -0,0 +1,1328 @@ +pve-qemu-kvm (2.7.1-4) unstable; urgency=medium + + * fix CVE-2017-2620: display: cirrus: out-of-bounds access issue + + -- Proxmox Support Team Wed, 22 Feb 2017 14:19:57 +0100 + +pve-qemu-kvm (2.7.1-3) unstable; urgency=medium + + * more fixes for cirrus pattern fill operations + + -- Proxmox Support Team Fri, 10 Feb 2017 12:11:10 +0100 + +pve-qemu-kvm (2.7.1-2) unstable; urgency=medium + + * fix #1237: cirrus: fix pattern fill regressions + + * fix CVE-2017-2615: cirrus: out of bounds access on backward blits + + * fix CVE-2016-10028: virtio-gpu-3d: check virgl capabilities + + * fix CVE-2016-10155: memory leak on unplugging an Intel 6300ESB watchdog + + * remove debug output from LAPIC patch + + * added 'qemu-utils' to replaces & provides + + -- Proxmox Support Team Thu, 02 Feb 2017 10:01:53 +0100 + +pve-qemu-kvm (2.7.1-1) unstable; urgency=medium + + * update to qemu 2.7.1 + + -- Proxmox Support Team Tue, 03 Jan 2017 07:57:17 +0100 + +pve-qemu-kvm (2.7.0-10) unstable; urgency=medium + + * fix CVE-2016-9776: net: mcf: check receive buffer size register value + + * fix CVE-2016-9845: virtio-gpu: fix information leak in getting capset info dispatch + + * fix CVE-2016-9846: virtio-gpu: fix memory leak in update_cursor_data_virgl + + * fix CVE-2016-9907: usbredir: free vm_change_state_handler in usbredir destroy dispatch + + * fix CVE-2016-9908: virtio-gpu: fix information leak in capset get dispatch + + * fix CVE-2016-9911: usb: ehci: fix memory leak in ehci_init_transfer + + * fix CVE-2016-9912: virtio-gpu: call cleanup mapping function in resource destroy + + * fix CVE-2016-9913: 9pfs: adjust the order of resource cleanup in device unrealize + + * fix CVE-2016-9914: 9pfs: add cleanup operation in FileOperations + + * fix CVE-2016-9915: 9pfs: add cleanup operation for handle backend driver + + * fix CVE-2016-9916: 9pfs: add cleanup operation for proxy backend driver + + * fix CVE-2016-9921 and CVE-2016-9922: + display: cirrus: check vga bits per pixel(bpp) value + + -- Proxmox Support Team Mon, 12 Dec 2016 14:36:58 +0100 + +pve-qemu-kvm (2.7.0-9) unstable; urgency=medium + + * gluster: fix an issue with linked clones refusing to start + + -- Proxmox Support Team Thu, 01 Dec 2016 11:59:55 +0100 + +pve-qemu-kvm (2.7.0-8) unstable; urgency=medium + + * correctly report live snapshots as active + + -- Proxmox Support Team Tue, 15 Nov 2016 15:28:44 +0100 + +pve-qemu-kvm (2.7.0-7) unstable; urgency=medium + + * fix #1182: update EFI roms to include PXE fixes + + * fix snapshot-with-RAM stability with some file systems + + -- Proxmox Support Team Fri, 11 Nov 2016 15:02:28 +0100 + +pve-qemu-kvm (2.7.0-6) unstable; urgency=medium + + * fix deletion of snapshots on qcow2 while running with iothreads + + * fix #796: live snapshot never finishes with some guests + + * fix live snapshot while running with iothreads + + -- Proxmox Support Team Tue, 08 Nov 2016 11:45:02 +0100 + +pve-qemu-kvm (2.7.0-5) unstable; urgency=medium + + * fix a missing gluster dependency + + * fix #1193: RAM state of snapshots with RAM getting truncated at creation + + * fix CVE-2016-8909: audio: intel-hda: check stream entry count during transfer + + * fix CVE-2016-8910: net: rtl8139: limit processing of ring descriptors + + * fix CVE-2016-9101: net: eepro100: fix memory leak in device uninit + + * fix CVE-2016-9102: 9pfs: fix memory leak in v9fs_xattrcreate + + * fix CVE-2016-9103: 9pfs: fix information leak in xattr read + + * fix CVE-2016-9104: 9pfs: fix integer overflow issue in xattr read/write + + * fix CVE-2016-9105: 9pfs: fix memory leak in v9fs_link + + * fix CVE-2016-9106: 9pfs: fix memory leak in v9fs_write + + -- Proxmox Support Team Mon, 07 Nov 2016 11:14:31 +0100 + +pve-qemu-kvm (2.7.0-4) unstable; urgency=medium + + * fix #1178: glusterfs daemonization problem + + -- Proxmox Support Team Mon, 24 Oct 2016 09:35:49 +0200 + +pve-qemu-kvm (2.7.0-3) unstable; urgency=medium + + * fix a crash when doing an offline backup via vma + + * fix CVE-2016-8668: net: rocker: set limit to DMA buffer size + + * fix CVE-2016-8669: char: serial: check divider value against baud base + + -- Proxmox Support Team Fri, 21 Oct 2016 09:22:36 +0200 + +pve-qemu-kvm (2.7.0-2) unstable; urgency=medium + + * fix a crash when adding iothreads + + * fix CVE-2016-8576: xhci: limit the number of link trbs we are willing to process + + * fix CVE-2016-8577: 9pfs: fix potential host memory leak in v9fs_read + + * fix CVE-2016-8578: 9pfs: allocate space for guest originated empty strings + + -- Proxmox Support Team Thu, 13 Oct 2016 15:20:52 +0200 + +pve-qemu-kvm (2.7.0-1) unstable; urgency=medium + + * update to qemu 2.7.0 + + -- Proxmox Support Team Fri, 09 Sep 2016 15:55:35 +0200 + +pve-qemu-kvm (2.6.2-2) unstable; urgency=medium + + * fix CVE-2016-7466: memory leak in usb_xhci_exit + + -- Proxmox Support Team Fri, 07 Oct 2016 11:00:13 +0200 + +pve-qemu-kvm (2.6.2-1) unstable; urgency=medium + + * update to qemu 2.6.2 + + -- Proxmox Support Team Thu, 06 Oct 2016 14:12:07 +0200 + +pve-qemu-kvm (2.6.1-7) unstable; urgency=medium + + * fix CVE-2016-7161: hw/net: Fix a heap overflow in xlnx.xps-ethernetlite + + * fix CVE-2016-7422: virtio: add check for descriptor's mapped address + + * fix CVE-2016-7907: net: imx: limit buffer descriptor count + + * fix CVE-2016-7908: net: mcf: limit buffer descriptor count + + * fix CVE-2016-7909: net: pcnet: check rx/tx descriptor ring length + + -- Proxmox Support Team Thu, 06 Oct 2016 08:11:52 +0200 + +pve-qemu-kvm (2.6.1-6) unstable; urgency=medium + + * fix #615: Windows guests suddenly hangs after couple times of migration + + * fix CVE-2016-7170: vmsvga: correct bitmap and pixmap size checks + + * fix CVE-2016-7421: scsi: pvscsi: limit process IO loop to ring size + + * fix CVE-2016-7423: scsi: mptsas: use g_new0 to allocate MPTSASRequest + object + + -- Proxmox Support Team Tue, 20 Sep 2016 09:42:12 +0200 + +pve-qemu-kvm (2.6.1-5) unstable; urgency=medium + + * qmp_snapshot_drive : add aiocontext + + -- Proxmox Support Team Thu, 15 Sep 2016 13:27:14 +0200 + +pve-qemu-kvm (2.6.1-4) unstable; urgency=medium + + * add new and correct ovmf images + + -- Proxmox Support Team Thu, 08 Sep 2016 12:25:29 +0200 + +pve-qemu-kvm (2.6.1-3) unstable; urgency=medium + + * fix CVE-2016-7116: various 9pfs fixe + + * fix CVE-2016-7155: scsi: check page count while initialising + descriptor rings + + * fix CVE-2016-7156: scsi: pvscsi: avoid infinite loop while building SG list + + * fix CVE-2016-7157: scsi: mptconfig: fix an assert expression + + -- Proxmox Support Team Wed, 07 Sep 2016 12:14:02 +0200 + +pve-qemu-kvm (2.6.1-2) unstable; urgency=medium + + * virtio related live migration fixes + + * vnc server surface refresh fix + + * iscsi and network fixes + + -- Proxmox Support Team Thu, 25 Aug 2016 10:35:52 +0200 + +pve-qemu-kvm (2.6.1-1) unstable; urgency=medium + + * update to qemu 2.6.1 + + * Fix CVE-2016-6490: virtio: check vring descriptor buffer length + + * Fix CVE-2016-6833: net: vmxnet3: check for device_active before write + + * Fix CVE-2016-6834: net: check fragment length during fragmentation + + * Fix CVE-2016-6835: net: vmxnet: check IP header length + + * Fix CVE-2016-6836: net: vmxnet: initialise local tx descriptor + + * Fix CVE-2016-6888: net: vmxnet: use g_new for pkt initialisation + + * enable cache=unsafe for vma extract_content and qmp_savevm_start + + * rbd : disable cache_writethtrough_until_flush with cache=unsafe + + -- Proxmox Support Team Mon, 22 Aug 2016 11:55:38 +0200 + +pve-qemu-kvm (2.6-1) unstable; urgency=medium + + * update to qemu 2.6.0 + + -- Proxmox Support Team Fri, 01 Jul 2016 10:00:31 +0200 + +pve-qemu-kvm (2.5-19) unstable; urgency=medium + + * fix CVE-2016-5105: scsi: megasas: initialise local configuration data + buffer + + * fix CVE-2016-5106: scsi: megasas: use appropriate property buffer size + + * fix fix CVE-2016-5107: scsi: megasas: check 'read_queue_head' index value + + * fix fix CVE-2016-5126: block/iscsi: avoid potential overflow of + acb->task->cdb + + * fix CVE-2016-4454: vmsvga: move fifo sanity checks to vmsvga_fifo_length + + * fix CVE-2016-4453: vmsvga: don't process more than 1024 fifo commands at + + -- Proxmox Support Team Tue, 31 May 2016 18:04:31 +0200 + +pve-qemu-kvm (2.5-18) unstable; urgency=medium + + * Fix CVE-2016-4952 + + -- Proxmox Support Team Tue, 24 May 2016 17:15:00 +0200 + +pve-qemu-kvm (2.5-17) unstable; urgency=medium + + * add fix for freezing win7 with VGA #991 + + -- Proxmox Support Team Tue, 17 May 2016 12:51:10 +0200 + +pve-qemu-kvm (2.5-16) unstable; urgency=medium + + * update to qemu 2.5.1.1 + + -- Proxmox Support Team Tue, 10 May 2016 09:53:30 +0200 + +pve-qemu-kvm (2.5-15) unstable; urgency=medium + + * Fix #932: passing BDRV_O_PROTOCOL breaks qcow2 on gluster + + -- Proxmox Support Team Fri, 29 Apr 2016 08:55:53 +0200 + +pve-qemu-kvm (2.5-14) unstable; urgency=medium + + * Fix CVE-2016-4037 + + -- Proxmox Support Team Tue, 26 Apr 2016 15:43:48 +0200 + +pve-qemu-kvm (2.5-13) unstable; urgency=medium + + * fix 'i386: leakage of stack memory to guest in kvmvapic.c' + + -- Proxmox Support Team Thu, 14 Apr 2016 17:06:52 +0200 + +pve-qemu-kvm (2.5-12) unstable; urgency=medium + + * Fix #934: assume raw for /dev paths in vma extract + + -- Proxmox Support Team Wed, 13 Apr 2016 08:47:13 +0200 + +pve-qemu-kvm (2.5-11) unstable; urgency=medium + + * update to qemu 2.5.1 + + * target-i386: do not read/write MSR_TSC_AUX from KVM if CPUID + + -- Proxmox Support Team Fri, 01 Apr 2016 10:09:54 +0200 + +pve-qemu-kvm (2.5-10) unstable; urgency=medium + + * add the zeroinit block driver filter + + -- Proxmox Support Team Mon, 21 Mar 2016 09:47:53 +0100 + +pve-qemu-kvm (2.5-9) unstable; urgency=medium + + * Fix CVE-2016-2841, CVE-2016-2857, CVE-2016-2858 + + -- Proxmox Support Team Mon, 07 Mar 2016 17:08:23 +0100 + +pve-qemu-kvm (2.5-8) unstable; urgency=medium + + * Fix CVE-2016-2538 + + * vma: better driver guessing for bdrv_open + + -- Proxmox Support Team Wed, 24 Feb 2016 16:28:37 +0100 + +pve-qemu-kvm (2.5-7) unstable; urgency=medium + + * add fw_cfg-unbreak-migration-compatibility-for-2.4 patch + + -- Proxmox Support Team Fri, 19 Feb 2016 09:22:16 +0100 + +pve-qemu-kvm (2.5-6) unstable; urgency=medium + + * Fix CVE-2016-2392 and CVE-2016-2391 + + -- Proxmox Support Team Thu, 18 Feb 2016 09:44:37 +0100 + +pve-qemu-kvm (2.5-5) unstable; urgency=medium + + * Fix #885: vma-writer: don't bail out on zero length files + + -- Proxmox Support Team Mon, 08 Feb 2016 11:37:52 +0100 + +pve-qemu-kvm (2.5-4) unstable; urgency=medium + + * Fix CVE-2016-2197 and CVE-2016-2198 + + -- Proxmox Support Team Mon, 01 Feb 2016 17:16:09 +0100 + +pve-qemu-kvm (2.5-3) unstable; urgency=medium + + * Fix CVE-2016-1981 + + -- Proxmox Support Team Fri, 22 Jan 2016 09:09:27 +0100 + +pve-qemu-kvm (2.5-2) unstable; urgency=medium + + * recompile for test environment + + -- Proxmox Support Team Wed, 20 Jan 2016 08:37:49 +0100 + +pve-qemu-kvm (2.5-1) unstable; urgency=medium + + * update qemu to 2.5.0 + + * removed upstream CVE fixes + + -- Proxmox Support Team Fri, 08 Jan 2016 12:43:24 +0100 + +pve-qemu-kvm (2.4-21) unstable; urgency=medium + + * add correct fix for CVE-2015-8619 + + * close #849: iproute is a transitional package for iproute2 + + -- Proxmox Support Team Mon, 11 Jan 2016 15:23:23 +0100 + +pve-qemu-kvm (2.4-20) unstable; urgency=medium + + * Removing wrong CVE-2015-8619 + + -- Proxmox Support Team Fri, 08 Jan 2016 12:43:24 +0100 + +pve-qemu-kvm (2.4-19) unstable; urgency=medium + + * fix CVE-2015-8613 scsi: initialise info object with appropriate size + + * fix CVE-2015-8619 hmp: avoid redundant null termination of buffer + + * fix CVE-2015-8666 acpi: fix buffer overrun on migration + + * fix CVE-2015-8701 net: rocker: fix an incorrect array bounds check + + * fix CVE-2015-8743 net: ne2000: fix bounds check in ioport operations + + * fix CVE-2015-8744 net/vmxnet3: Refine l2 header validation + + * fix CVE-2015-8745 vmxnet3: Support reading IMR registers on bar0 + + -- Proxmox Support Team Thu, 07 Jan 2016 11:12:13 +0100 + +pve-qemu-kvm (2.4-18) unstable; urgency=medium + + * fixes for CVEs 2015-7549, 2015-8858 and for vmxnet3 + + -- Proxmox Support Team Fri, 18 Dec 2015 09:12:43 +0100 + +pve-qemu-kvm (2.4-17) unstable; urgency=medium + + * fix CVE-2015-8504 + + -- Proxmox Support Team Wed, 09 Dec 2015 12:09:03 +0100 + +pve-qemu-kvm (2.4-16) unstable; urgency=medium + + * added fixes for CVE-2015-7504 and CVE-2015-7512 + + -- Proxmox Support Team Tue, 01 Dec 2015 09:51:44 +0100 + +pve-qemu-kvm (2.4-15) unstable; urgency=medium + + * add ovmf uefi roms + + * add firewall config to qmp_backup + + -- Proxmox Support Team Thu, 26 Nov 2015 07:56:51 +0100 + +pve-qemu-kvm (2.4-14) unstable; urgency=medium + + * savevm async : setup raw format by default fo vmstate file + + -- Proxmox Support Team Mon, 09 Nov 2015 06:26:53 +0100 + +pve-qemu-kvm (2.4-13) unstable; urgency=medium + + * update qemu to 2.4.1 + + * remove patch mirror-fix-coroutine-reentrance.patch (now upstream) + + -- Proxmox Support Team Fri, 06 Nov 2015 09:47:21 +0100 + +pve-qemu-kvm (2.4-12) unstable; urgency=medium + + * define QEMU_PKGVERSION + + -- Proxmox Support Team Fri, 23 Oct 2015 09:40:37 +0200 + +pve-qemu-kvm (2.4-11) unstable; urgency=medium + + * update ipxe binaries, re-enable efi pxe ROMs + + -- Proxmox Support Team Thu, 22 Oct 2015 08:47:07 +0200 + +pve-qemu-kvm (2.4-10) unstable; urgency=medium + + * pve-qemu-kvm : block: mirror - fix full sync mode when target + does not support zeroes init + + -- Proxmox Support Team Tue, 13 Oct 2015 17:06:22 +0200 + +pve-qemu-kvm (2.4-9) unstable; urgency=medium + + * qemu :disable smm support + + -- Proxmox Support Team Wed, 30 Sep 2015 09:34:06 +0200 + +pve-qemu-kvm (2.4-8) unstable; urgency=medium + + * update qemu to 2.4.0.1 + + -- Proxmox Support Team Wed, 23 Sep 2015 06:40:27 +0200 + +pve-qemu-kvm (2.4-7) unstable; urgency=medium + + * savevm-async: move global_state_store to the end + + -- Proxmox Support Team Sun, 20 Sep 2015 10:08:02 +0200 + +pve-qemu-kvm (2.4-6) unstable; urgency=medium + + * fix snapshot/rollback of running vm + + -- Proxmox Support Team Tue, 15 Sep 2015 09:07:32 +0200 + +pve-qemu-kvm (2.4-5) unstable; urgency=medium + + * vma create: correctly create empty (config only) archives + + -- Proxmox Support Team Wed, 09 Sep 2015 11:27:06 +0200 + +pve-qemu-kvm (2.4-4) unstable; urgency=medium + + * fix q35 pci passthrough (revert commit b8eb5512) + + * add depend on libjpeg62-turbo to avoid problems when + updating from wheezy. + + -- Proxmox Support Team Sat, 05 Sep 2015 10:15:08 +0200 + +pve-qemu-kvm (2.4-3) unstable; urgency=medium + + * update to v2.4.0 final + + * add mirror-fix-coroutine-reentrance.patch + + -- Proxmox Support Team Thu, 13 Aug 2015 17:00:49 +0200 + +pve-qemu-kvm (2.4-2) unstable; urgency=medium + + * update to latest upstream (v2.4.0-rc4) + + -- Proxmox Support Team Sat, 08 Aug 2015 15:14:25 +0200 + +pve-qemu-kvm (2.4-1) unstable; urgency=medium + + * update to latest upstream (v2.4.0-rc3) + + -- Proxmox Support Team Thu, 30 Jul 2015 09:38:14 +0200 + +pve-qemu-kvm (2.3-8) unstable; urgency=medium + + * update to latest upstream (v2.4.0-rc2 + a few more patches) + + -- Proxmox Support Team Wed, 29 Jul 2015 10:07:20 +0200 + +pve-qemu-kvm (2.3-7) unstable; urgency=medium + + * update to latest upstream (v2.4.0-rc2 + a few patches) + + -- Proxmox Support Team Mon, 27 Jul 2015 09:59:07 +0200 + +pve-qemu-kvm (2.3-6) unstable; urgency=medium + + * qemu : add drive-mirror sleep patches + + -- Proxmox Support Team Wed, 01 Jul 2015 06:16:47 +0200 + +pve-qemu-kvm (2.3-5) unstable; urgency=medium + + * use jemalloc as default memory allocator + + -- Proxmox Support Team Fri, 19 Jun 2015 17:08:37 +0200 + +pve-qemu-kvm (2.3-4) unstable; urgency=medium + + * remove tcmalloc + + * Added patch for vvfat's file.label option + + -- Proxmox Support Team Thu, 18 Jun 2015 14:06:28 +0200 + +pve-qemu-kvm (2.3-3) unstable; urgency=medium + + * vma extract: add BlockDevice type to prevent warning + + -- Proxmox Support Team Wed, 10 Jun 2015 17:33:22 +0200 + +pve-qemu-kvm (2.3-2) unstable; urgency=medium + + * enable tcmalloc, depend on libgoogle-perftools4 + + -- Proxmox Support Team Wed, 10 Jun 2015 10:44:24 +0200 + +pve-qemu-kvm (2.3-1) unstable; urgency=medium + + * update to v2.3.0 + + -- Proxmox Support Team Fri, 05 Jun 2015 06:05:00 +0200 + +pve-qemu-kvm (2.2-8) unstable; urgency=medium + + * fix package dependencies for Debian Jessie + + * update to v2.2.1 + + * remove fix-mc146818rtc-wrong-subsection-name.patch (now upstream) + + * fix ballooning with memory hotplug + + -- Proxmox Support Team Wed, 11 Mar 2015 07:12:43 +0100 + +pve-qemu-kvm (2.2-7) unstable; urgency=low + + * fix mc146818rtc wrong subsection name to avoid + vmstate_subsection_load() fail. + + -- Proxmox Support Team Tue, 24 Feb 2015 17:38:31 +0100 + +pve-qemu-kvm (2.2-6) unstable; urgency=low + + * qmp: fix backup-cancel + + -- Proxmox Support Team Mon, 29 Dec 2014 07:21:24 +0100 + +pve-qemu-kvm (2.2-5) unstable; urgency=low + + * add new qmp command: get_link_status + + -- Proxmox Support Team Thu, 11 Dec 2014 10:42:20 +0100 + +pve-qemu-kvm (2.2-4) unstable; urgency=low + + * update to qemu v2.2.0 + + -- Proxmox Support Team Wed, 10 Dec 2014 06:18:34 +0100 + +pve-qemu-kvm (2.2-3) unstable; urgency=low + + * update to qemu v2.2.0-rc5 + + -- Proxmox Support Team Fri, 05 Dec 2014 13:27:35 +0100 + +pve-qemu-kvm (2.2-2) unstable; urgency=low + + * update to qemu v2.2.0-rc3+ (commit 4cae4d5acaea23f3def84c8dc67ef5106323e5cb) + + -- Proxmox Support Team Fri, 28 Nov 2014 11:50:25 +0100 + +pve-qemu-kvm (2.2-1) unstable; urgency=low + + * update to qemu v2.2.0-rc2 + + -- Proxmox Support Team Thu, 20 Nov 2014 07:56:27 +0100 + +pve-qemu-kvm (2.1-10) unstable; urgency=low + + * enable support for write_zeroes and discard for images on xfs filesystem + + -- Proxmox Support Team Mon, 13 Oct 2014 10:19:44 +0200 + +pve-qemu-kvm (2.1-9) unstable; urgency=low + + * update to v2.1.2 + + * remove temporary patches (now upstream) + - virtio-net_drop_assert_on_vm_stop.patch + - revert_virtio_dont_call_device_on_not_vm_running.patch + + -- Proxmox Support Team Fri, 26 Sep 2014 11:25:57 +0200 + +pve-qemu-kvm (2.1-8) unstable; urgency=low + + * apply patches/hotfix for virtio-net migration problem in 2.1.1 + - virtio-net_drop_assert_on_vm_stop.patch + - revert_virtio_dont_call_device_on_not_vm_running.patch + + -- Proxmox Support Team Tue, 16 Sep 2014 12:54:48 +0200 + +pve-qemu-kvm (2.1-7) unstable; urgency=low + + * update to v2.1.1 + + -- Proxmox Support Team Thu, 11 Sep 2014 09:27:38 +0200 + +pve-qemu-kvm (2.1-6) unstable; urgency=low + + * gluster: allow to specify a backup server + + -- Proxmox Support Team Tue, 26 Aug 2014 12:55:23 +0200 + +pve-qemu-kvm (2.1-5) unstable; urgency=low + + * glusterfs: do not log to stdout when daemonized + + -- Proxmox Support Team Fri, 22 Aug 2014 13:28:24 +0200 + +pve-qemu-kvm (2.1-4) unstable; urgency=low + + * depend on new libiscsi 1.12.0 + + * depend on new glusterfs 3.5.2 + + -- Proxmox Support Team Thu, 21 Aug 2014 08:18:43 +0200 + +pve-qemu-kvm (2.1-3) unstable; urgency=low + + * snapshot: fix reference counting bug + + -- Proxmox Support Team Thu, 07 Aug 2014 13:31:30 +0200 + +pve-qemu-kvm (2.1-2) unstable; urgency=low + + * update to v2.1.0 + + -- Proxmox Support Team Sat, 02 Aug 2014 15:00:58 +0200 + +pve-qemu-kvm (2.1-1) unstable; urgency=low + + * update to v2.1.0-rc2 + + -- Proxmox Support Team Wed, 16 Jul 2014 11:55:13 +0200 + +pve-qemu-kvm (2.0-2) unstable; urgency=low + + * update to latest qemu (commit 2a2c4830c0068d70443f3dddc4cc668f0c601b5c) + + -- Proxmox Support Team Thu, 12 Jun 2014 10:20:10 +0200 + +pve-qemu-kvm (2.0-1) unstable; urgency=low + + * update to qemu 2.0 + + * remove virtio-net-fix-guest-triggerable-buffer-overrun-CVE-2014-0150.patch + This is now included in upstream. + + * depend on libiscsi2 (>= 1.11.0) + + -- Proxmox Support Team Mon, 05 May 2014 06:57:34 +0200 + +pve-qemu-kvm (1.7-8) unstable; urgency=low + + * fix guest-triggerable buffer overrun in virtio-net (CVE-2014-0150) + + -- Proxmox Support Team Tue, 22 Apr 2014 06:47:02 +0200 + +pve-qemu-kvm (1.7-7) unstable; urgency=low + + * vma: allows the creation of vma files without data streams + + -- Proxmox Support Team Mon, 14 Apr 2014 11:13:36 +0200 + +pve-qemu-kvm (1.7-6) unstable; urgency=low + + * backup: remove async queue (avoid segmentation fault) + + -- Proxmox Support Team Thu, 27 Mar 2014 13:06:55 +0100 + +pve-qemu-kvm (1.7-5) unstable; urgency=low + + * update to 1.7.1 + + * backup: do not report errors to the VM when backup fails. + + -- Proxmox Support Team Wed, 26 Mar 2014 06:37:55 +0100 + +pve-qemu-kvm (1.7-4) unstable; urgency=low + + * disable efi enabled pxe boot roms (they do not work) + + -- Proxmox Support Team Wed, 29 Jan 2014 12:58:46 +0100 + +pve-qemu-kvm (1.7-3) unstable; urgency=low + + * vma: add 'vma config' command to easily extract VM configuration + + -- Proxmox Support Team Wed, 04 Dec 2013 10:39:36 +0100 + +pve-qemu-kvm (1.7-2) unstable; urgency=low + + * depend on latest spice server libs + + -- Proxmox Support Team Tue, 03 Dec 2013 13:40:56 +0100 + +pve-qemu-kvm (1.7-1) unstable; urgency=low + + * remove qemu-img-convert-skipcreate-option.patch (now upstream) + + -- Proxmox Support Team Wed, 27 Nov 2013 10:55:35 +0100 + +pve-qemu-kvm (1.4-17) unstable; urgency=low + + * enable glusterfs backend + + -- Proxmox Support Team Tue, 13 Aug 2013 06:48:32 +0200 + +pve-qemu-kvm (1.4-16) unstable; urgency=low + + * add patch to use pce certs for spice by default + + * disable spice-socket.patch + + * Allow to query spice ticket + + -- Proxmox Support Team Tue, 23 Jul 2013 10:02:14 +0200 + +pve-qemu-kvm (1.4-15) unstable; urgency=low + + * add usbredir support to spice + + -- Proxmox Support Team Fri, 19 Jul 2013 07:41:20 +0200 + +pve-qemu-kvm (1.4-14) unstable; urgency=low + + * add experimental code to support spice + + -- Proxmox Support Team Tue, 25 Jun 2013 06:41:52 +0200 + +pve-qemu-kvm (1.4-13) unstable; urgency=low + + * update to qemu 1.4.2 + + * remove rbd-add-an-asynchronous-flush.patch (upstream now) + + -- Proxmox Support Team Mon, 03 Jun 2013 06:28:32 +0200 + +pve-qemu-kvm (1.4-12) unstable; urgency=low + + * vma create: only store basename of config file. + patch: 0009-vma-only-store-the-basename-of-a-configuration-file.patch + + -- Proxmox Support Team Wed, 08 May 2013 10:07:50 +0200 + +pve-qemu-kvm (1.4-11) unstable; urgency=low + + * rbd: add an asynchronous flush + + -- Proxmox Support Team Tue, 07 May 2013 12:14:57 +0200 + +pve-qemu-kvm (1.4-10) unstable; urgency=low + + * bump version to 1.4-10 + + * this is based on qemu 1.4.1 + + -- Proxmox Support Team Tue, 16 Apr 2013 10:39:58 +0200 + +pve-qemu-kvm (1.4-9) unstable; urgency=low + + * vma restore: tolerate a size difference up to 4M + + -- Proxmox Support Team Tue, 26 Mar 2013 06:33:43 +0100 + +pve-qemu-kvm (1.4-8) unstable; urgency=low + + * vma: add 'vma verify' command to verify vma archives + + -- Proxmox Support Team Mon, 11 Mar 2013 11:10:34 +0100 + +pve-qemu-kvm (1.4-7) unstable; urgency=low + + * update seabios to 1.7.2.1 (fix freebsd boot) + + -- Proxmox Support Team Sat, 09 Mar 2013 09:02:48 +0100 + +pve-qemu-kvm (1.4-6) unstable; urgency=low + + * set default cpu model to kvm64 (to avoid problems with windows activation) + + -- Proxmox Support Team Mon, 25 Feb 2013 06:55:23 +0100 + +pve-qemu-kvm (1.4-5) unstable; urgency=low + + * update backup patches to v5 + + -- Proxmox Support Team Thu, 21 Feb 2013 12:30:57 +0100 + +pve-qemu-kvm (1.4-4) unstable; urgency=low + + * update backup patches + + -- Proxmox Support Team Wed, 20 Feb 2013 10:43:04 +0100 + +pve-qemu-kvm (1.4-3) unstable; urgency=low + + * update to qemu 1.4.0 final + + -- Proxmox Support Team Sat, 16 Feb 2013 09:24:06 +0100 + +pve-qemu-kvm (1.4-2) unstable; urgency=low + + * update to latest 1.4.0rc2 + + -- Proxmox Support Team Fri, 15 Feb 2013 15:57:56 +0100 + +pve-qemu-kvm (1.4-1) unstable; urgency=low + + * update to latest 1.4.0 (03ec2f83087de34924489eeae0ea6fe7785cc050) + + * remove ahci-add_migration-support.patch + + * remove balloon stat patches + + * remove always-update-expected-downtime.patch: seems latest qemu does + not set that value anymore? + + * configure with --disable-smartcard-nss (else we need to install + vscclient and dynamic libraries) + + -- Proxmox Support Team Tue, 12 Feb 2013 12:04:09 +0100 + +pve-qemu-kvm (1.3-18) unstable; urgency=low + + * update qemu to v1.3.1 + + -- Proxmox Support Team Tue, 29 Jan 2013 15:12:49 +0100 + +pve-qemu-kvm (1.3-17) unstable; urgency=low + + * update backup patches - removed threaded code - we use qemu-aio + instead to avoid problems in bdrv_drain_all(). + + -- Proxmox Support Team Tue, 22 Jan 2013 10:37:59 +0100 + +pve-qemu-kvm (1.3-14) unstable; urgency=low + + * update backup patches + + -- Proxmox Support Team Fri, 18 Jan 2013 10:53:21 +0100 + +pve-qemu-kvm (1.3-13) unstable; urgency=low + + * fix DSA-2608-1 qemu -- buffer overflow (see + http://www.debian.org/security/2013/dsa-2608) + + -- Proxmox Support Team Thu, 17 Jan 2013 06:58:47 +0100 + +pve-qemu-kvm (1.3-12) unstable; urgency=low + + * update vma patches + + -- Proxmox Support Team Fri, 04 Jan 2013 07:32:17 +0100 + +pve-qemu-kvm (1.3-10) unstable; urgency=low + + * include fixes for query-balloon + + * Update seabios to a810e4e72a0d42c7bc04eda57382f8e019add901 + + -- Proxmox Support Team Tue, 18 Dec 2012 12:38:36 +0100 + +pve-qemu-kvm (1.3-9) unstable; urgency=low + + * fixes for vma-reader + + -- Proxmox Support Team Thu, 13 Dec 2012 12:08:12 +0100 + +pve-qemu-kvm (1.3-8) unstable; urgency=low + + * re-enable balloon stats + + -- Proxmox Support Team Tue, 11 Dec 2012 12:48:26 +0100 + +pve-qemu-kvm (1.3-7) unstable; urgency=low + + * update seabios to e8a76b0f225bba5ba9d63ab227e0a37b3beb1059 + + * update vma patches + + -- Proxmox Support Team Tue, 11 Dec 2012 11:06:43 +0100 + +pve-qemu-kvm (1.3-6) unstable; urgency=low + + * include vma utility + + -- Proxmox Support Team Tue, 04 Dec 2012 10:49:54 +0100 + +pve-qemu-kvm (1.3-5) unstable; urgency=low + + * update to qemu 1.3 final + + * include fix-off-by-1-error-in-RAM-migration-code.patch + + -- Proxmox Support Team Tue, 04 Dec 2012 06:18:16 +0100 + +pve-qemu-kvm (1.3-4) unstable; urgency=low + + * update to qemu 1.3 rc2 (bios update, fix lsi bug) + + * rm stream-fix-ratelimit_set_speed.patch (upstream) + + * update qemu backup patches + + -- Proxmox Support Team Mon, 03 Dec 2012 06:32:00 +0100 + +pve-qemu-kvm (1.3-3) unstable; urgency=low + + * include qemu backup patches + + -- Proxmox Support Team Fri, 30 Nov 2012 12:23:37 +0100 + +pve-qemu-kvm (1.3-2) unstable; urgency=low + + * update to qemu 1.3 rc1 (fix usb tablet) + + -- Proxmox Support Team Wed, 28 Nov 2012 08:48:12 +0100 + +pve-qemu-kvm (1.3-1) unstable; urgency=low + + * update to qemu 1.3 rc0 + + * we now use qemu sources directly + + * remove update-cpus-x86_64.conf-to-rhel6.2-version.patch + + * remove ahci-properly-reset-pxcmd.patch (upstream) + + * remove sheepdog-fix-savevm-loadvm.patch (upstream) + + * remove set-max-nics.patch (no longer needed with -device syntax) + + -- Proxmox Support Team Wed, 21 Nov 2012 12:48:56 +0100 + +pve-qemu-kvm (1.2-7) unstable; urgency=low + + * cleanup snapshot support patches + + -- Proxmox Support Team Tue, 23 Oct 2012 09:45:48 +0200 + +pve-qemu-kvm (1.2-6) unstable; urgency=low + + * qemu-img: return success for non-existing snapshots on snapshot removal + + -- Proxmox Support Team Fri, 14 Sep 2012 11:09:09 +0200 + +pve-qemu-kvm (1.2-5) unstable; urgency=low + + * update to 1.2.0 + + -- Proxmox Support Team Fri, 07 Sep 2012 07:40:06 +0200 + +pve-qemu-kvm (1.2-4) unstable; urgency=low + + * update to 1.2.0-rc2 + + * add patch for experimental snapshot support + + -- Proxmox Support Team Tue, 04 Sep 2012 07:26:31 +0200 + +pve-qemu-kvm (1.2-3) unstable; urgency=low + + * fix ahci for win7 + + -- Proxmox Support Team Mon, 03 Sep 2012 14:22:17 +0200 + +pve-qemu-kvm (1.2-2) unstable; urgency=low + + * add ahci migration support + + -- Proxmox Support Team Fri, 31 Aug 2012 10:52:20 +0200 + +pve-qemu-kvm (1.2-1) unstable; urgency=low + + * update to 1.2.0-rc1 + + -- Proxmox Support Team Mon, 27 Aug 2012 14:12:22 +0200 + +pve-qemu-kvm (1.1-8) unstable; urgency=low + + * fix bug 241: compile it with alsa support instead of oss + + -- Proxmox Support Team Thu, 16 Aug 2012 09:11:19 +0200 + +pve-qemu-kvm (1.1-7) unstable; urgency=low + + * Enable VeNCrypt PLAIN authentication + + -- Proxmox Support Team Thu, 09 Aug 2012 10:05:52 +0200 + +pve-qemu-kvm (1.1-6) unstable; urgency=low + + * enable libiscsi + + -- Proxmox Support Team Tue, 17 Jul 2012 11:35:47 +0200 + +pve-qemu-kvm (1.1-5) unstable; urgency=low + + * update to latest stable-1.1 branch (qemu-kvm-1.1.1) + + -- Proxmox Support Team Tue, 17 Jul 2012 08:58:31 +0200 + +pve-qemu-kvm (1.1-4) unstable; urgency=low + + * update to latest stable-1.1 branch + + -- Proxmox Support Team Mon, 09 Jul 2012 07:11:06 +0200 + +pve-qemu-kvm (1.1-3) unstable; urgency=low + + * enable rbd support + + -- Proxmox Support Team Tue, 05 Jun 2012 06:49:52 +0200 + +pve-qemu-kvm (1.1-2) unstable; urgency=low + + * update to qemu-kvm-1.1-rc3 + + -- Proxmox Support Team Thu, 24 May 2012 09:24:57 +0200 + +pve-qemu-kvm (1.1-1) unstable; urgency=low + + * update to qemu-kvm-1.1-rc2 + + -- Proxmox Support Team Mon, 21 May 2012 06:15:49 +0200 + +pve-qemu-kvm (1.0-9) unstable; urgency=low + + * revert patch to change prefer_msi and share_intx defaults + + -- Proxmox Support Team Tue, 03 Apr 2012 07:29:27 +0200 + +pve-qemu-kvm (1.0-8) unstable; urgency=low + + * include latest changes from master (update to commit + a0bc8c313ce7da8937e190b1e0cfd051a9ba243e) + + -- Proxmox Support Team Mon, 26 Mar 2012 07:22:10 +0200 + +pve-qemu-kvm (1.0-7) unstable; urgency=low + + * include latest changes from master + + -- Proxmox Support Team Mon, 12 Mar 2012 07:11:15 +0100 + +pve-qemu-kvm (1.0-6) unstable; urgency=low + + * include changes from master + + -- Proxmox Support Team Fri, 02 Mar 2012 09:40:41 +0100 + +pve-qemu-kvm (1.0-5) unstable; urgency=low + + * fix usb tablet activation + + -- Proxmox Support Team Wed, 29 Feb 2012 09:54:52 +0100 + +pve-qemu-kvm (1.0-4) unstable; urgency=low + + * fix Westmere cpu definition + + -- Proxmox Support Team Thu, 23 Feb 2012 13:44:38 +0100 + +pve-qemu-kvm (1.0-3) unstable; urgency=low + + * include latest updates from master + + -- Proxmox Support Team Wed, 15 Feb 2012 11:32:23 +0100 + +pve-qemu-kvm (1.0-2) unstable; urgency=low + + * include post 1.0 changes from master + + * remove live-migration-fixes.diff: seem nobody needs that. + + -- Proxmox Support Team Thu, 09 Feb 2012 13:15:14 +0100 + +pve-qemu-kvm (1.0-1) unstable; urgency=low + + * update to upstream 1.0 + + -- Proxmox Support Team Wed, 07 Dec 2011 09:58:07 +0100 + +pve-qemu-kvm (0.15.0-1) unstable; urgency=low + + * update to upstream 0.15.0 + + * depend on libaio1 (--enable-linux-aio) + + * depend on libuuid1 (--enable-uuid) + + * use pxe roms from upstream qemu-kvm + + * do not use --disable-blobs (let qemu-kvm install files, and we remove + what we do not need) + + -- Proxmox Support Team Thu, 11 Aug 2011 10:00:44 +0200 + +pve-qemu-kvm (0.14.1-1) unstable; urgency=low + + * update to upstream 0.14.1 + + * remove enable-ksm.diff patch (newer libc already have those + definitions) + + * also install vgabios-qxl.bin vgabios-stdvga.bin vgabios-vmware.bin + + -- Proxmox Support Team Tue, 21 Jun 2011 06:30:29 +0200 + +pve-qemu-kvm (0.14.0-1) unstable; urgency=low + + * update to 0.14.0 + + * removed kvmtrace (removed from upstream?) + + * add vnc keyboard fixes for fr-ca (reported by Pierre-Yves) + + -- Proxmox Support Team Fri, 25 Feb 2011 08:17:56 +0100 + +pve-qemu-kvm (0.13.0-3) unstable; urgency=low + + * fix vnc keyboard altgr/shift emulation + + -- Proxmox Support Team Tue, 07 Dec 2010 12:45:16 +0100 + +pve-qemu-kvm (0.13.0-2) unstable; urgency=low + + * do not install unnecessary blobs (manually install blobs, use + --disable-blobs) + + * update migration and vnc keymap patches for 0.13.0 + + -- Proxmox Support Team Mon, 25 Oct 2010 13:46:03 +0200 + +pve-qemu-kvm (0.13.0-1) unstable; urgency=low + + * update to qemu-kvm-0.13.0 + + -- Proxmox Support Team Thu, 21 Oct 2010 13:38:14 +0200 + +pve-qemu-kvm (0.12.5-2) unstable; urgency=low + + * enable up to 32 NICs (as suggested in the forum) + + -- Proxmox Support Team Wed, 06 Oct 2010 08:23:07 +0200 + +pve-qemu-kvm (0.12.5-1) unstable; urgency=low + + * update to qemu-kvm-0.12.5 + + -- Proxmox Support Team Thu, 05 Aug 2010 11:01:56 +0200 + +pve-qemu-kvm (0.12.4-1) unstable; urgency=low + + * update to qemu-kvm-0.12.4 + + -- Proxmox Support Team Tue, 11 May 2010 08:14:29 +0200 + +pve-qemu-kvm (0.12.3-1) unstable; urgency=low + + * update to qemu-kvm-0.12.3 + + * include gPXE 1.0 network boot + + * remove multicore.diff patch + + * do not install ppc and sparc bios files + + -- Proxmox Support Team Wed, 14 Apr 2010 13:30:23 +0200 + +pve-qemu-kvm (0.11.1-2) unstable; urgency=low + + * Use/Include PXE boot ROMs from the Etherboot package + + -- Proxmox Support Team Tue, 26 Jan 2010 13:28:19 +0100 + +pve-qemu-kvm (0.11.1-1) unstable; urgency=low + + * update to qemu-kvm-0.11.1 + + * cleanup debian rules file + + * install kvmtrace kvmtrace_format and kvm_stat + + * configure with --disable-xen --with-kvm-trace + + * depend on python for scripts + + -- Proxmox Support Team Mon, 14 Dec 2009 14:44:56 +0100 + +pve-qemu-kvm (0.11.0-2) stable; urgency=low + + * fix live migration (live-migration-fxes.diff) + + -- Proxmox Support Team Wed, 30 Sep 2009 11:07:23 +0200 + +pve-qemu-kvm (0.11.0-1) stable; urgency=low + + * update to stable branch + + * rename packare to pve-qemu-kvm + + -- Proxmox Support Team Mon, 28 Sep 2009 10:35:05 +0200 + +pve-kvm (86-4) unstable; urgency=low + + * include multicore patch from amd + + -- Proxmox Support Team Mon, 14 Sep 2009 10:40:00 +0200 + +pve-kvm (86-3) unstable; urgency=low + + * fix "i8042.c: No controller found" problem + + -- Proxmox Support Team Mon, 15 Jun 2009 13:35:57 +0200 + +pve-kvm (86-2) unstable; urgency=low + + * add CPUID fix: http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commitdiff_plain;h=8fa3b3ce6e + + -- Proxmox Support Team Tue, 09 Jun 2009 09:50:28 +0200 + +pve-kvm (86-1) unstable; urgency=low + + * New upstream release + + -- Proxmox Support Team Fri, 22 May 2009 09:16:27 +0200 + +pve-kvm (85-1) unstable; urgency=low + + * New upstream release + + -- Proxmox Support Team Tue, 28 Apr 2009 07:41:21 +0200 + +pve-kvm (83-1) unstable; urgency=low + + * New upstream release + + -- Proxmox Support Team Wed, 7 Jan 2009 12:57:02 +0100 + +pve-kvm (75-1) unstable; urgency=low + + * New upstream release + + -- Proxmox Support Team Thu, 11 Sep 2008 10:03:51 +0200 + +pve-kvm (74-1) unstable; urgency=low + + * New upstream release + + * added fairsched options + + -- Proxmox Support Team Thu, 28 Aug 2008 12:40:32 +0200 + diff --git a/debian/compat b/debian/compat new file mode 100644 index 0000000..7ed6ff8 --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +5 diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..8c63066 --- /dev/null +++ b/debian/control @@ -0,0 +1,25 @@ +Source: pve-qemu-kvm +Section: admin +Priority: extra +Maintainer: Proxmox Support Team +Build-Depends: debhelper (>= 5), autotools-dev, libpci-dev, quilt, texinfo, texi2html, libgnutls28-dev, libsdl1.2-dev, check, libaio-dev, uuid-dev, librbd-dev (>= 0.48), libiscsi-dev (>= 1.12.0), libspice-protocol-dev (>= 0.12.5), pve-libspice-server-dev (>= 0.12.5-1), libusbredirparser-dev (>= 0.6-2), glusterfs-common (>= 3.5.2-1), libusb-1.0-0-dev (>= 1.0.17-1), xfslibs-dev, libnuma-dev, libjemalloc-dev, libjpeg-dev, libacl1-dev +Standards-Version: 3.7.2 + +Package: pve-qemu-kvm +Architecture: any +Depends: iproute2, bridge-utils, python, libsdl1.2debian, libaio1, libuuid1, ceph-common (>= 0.48), libiscsi4 (>= 1.12.0) | libiscsi7, pve-libspice-server1 (>= 0.12.5-1), ${shlibs:Depends}, ${misc:Depends}, libusbredirparser1 (>= 0.6-2), glusterfs-common (>= 3.5.2-1), libusb-1.0-0 (>= 1.0.17-1), numactl, libjemalloc1, libjpeg62-turbo +Conflicts: qemu, qemu-kvm, qemu-utils, kvm, pve-kvm, pve-qemu-kvm-2.6.18 +Provides: qemu-utils +Replaces: pve-kvm, pve-qemu-kvm-2.6.18, qemu-utils +Description: Full virtualization on x86 hardware + Using KVM, one can run multiple virtual PCs, each running unmodified Linux or + Windows images. Each virtual machine has private virtualized hardware: a + network card, disk, graphics adapter, etc. + +Package: pve-qemu-kvm-dbg +Architecture: any +Section: debug +Depends: pve-qemu-kvm (= ${binary:Version}) +Description: pve qemu debugging symbols + This package contains the debugging symbols for pve-qemu-kvm. + diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..5348fdb --- /dev/null +++ b/debian/copyright @@ -0,0 +1,92 @@ +This package was debianized by the proxmox support team + + +It was downloaded from + +git://git.kernel.org/pub/scm/virt/kvm/qemu-kvm.git + +Upstream Author: Fabrice Bellard + +Upstream Maintainers: Avi Kivity + Anthony Liguori + +Copyright: Copyright (C) 2006 Qumranet, Inc. + Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 Fabrice Bellard + +License: + + QEMU as a whole is released under the GNU General Public License version 2. + On Debian systems, the complete text of the GNU General Public License + version 2 can be found in the file /usr/share/common-licenses/GPL-2. + + Parts of QEMU have specific licenses which are compatible with the + GNU General Public License. Hence each source file contains its own + licensing information. + + In particular, the QEMU virtual CPU core library (libqemu.a) is + released under the GNU Lesser General Public License version 2 or later. + On Debian systems, the complete text of the GNU Lesser General Public + License can be found in the file /usr/share/common-licenses/LGPL. + + Some hardware device emulation sources and other QEMU functionality are + released under the BSD license, including: + * aes, bsd-user, sd, slirp, sys-queue + + Some hardware device emulation sources and other QEMU functionality are + released under the MIT/X11 (BSD-like) license, including: + * sdl, host-utils, vnc, keymaps, ioport, usb, hw/*, net, acl, block, + kqemu, monitor, curses, readline, vl, savevm, osdep, audio, tcg, + qemu-malloc, qemu-img + + The following points clarify the QEMU license: + 1) QEMU as a whole is released under the GNU General Public License + 2) Parts of QEMU have specific licenses which are compatible with the + GNU General Public License. Hence each source file contains its own + licensing information. + In particular, the QEMU virtual CPU core library (libqemu.a) is + released under the GNU Lesser General Public License. Many hardware + device emulation sources are released under the BSD license. + 3) The Tiny Code Generator (TCG) is released under the BSD license + (see license headers in files). + 4) QEMU is a trademark of Fabrice Bellard. + -- Fabrice Bellard. + + BIOS sources in QEMU: + bios.bin: Copyright (C) 2002 MandrakeSoft S.A. and others. This file + is licensed under the GNU LGPL, version 2, or (at your option) any later + version. + Homepage: http://sourceforge.net/projects/bochs + + vgabios.bin and vgabios-cirrus.bin: (C) 2003 the LGPL VGABios + developers Team. These files are licensed under the GNU LGPL, version 2, + or (at your option) any later version. + Homepage: http://savannah.nongnu.org/projects/vgabios + +BSD license: + +Copyright (c) The Regents of the University of California. +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. +3. Neither the name of the University nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. diff --git a/debian/docs b/debian/docs new file mode 100644 index 0000000..8696672 --- /dev/null +++ b/debian/docs @@ -0,0 +1 @@ +debian/SOURCE diff --git a/debian/kvm-ifdown b/debian/kvm-ifdown new file mode 100755 index 0000000..92b94c4 --- /dev/null +++ b/debian/kvm-ifdown @@ -0,0 +1,3 @@ +#!/bin/sh + +exit 0 \ No newline at end of file diff --git a/debian/kvm-ifup b/debian/kvm-ifup new file mode 100755 index 0000000..29dae84 --- /dev/null +++ b/debian/kvm-ifup @@ -0,0 +1,5 @@ +#!/bin/sh + +switch=$(/sbin/ip route list | awk '/^default / { print $NF }') +/sbin/ifconfig $1 0.0.0.0 promisc up +/sbin/brctl addif ${switch} $1 diff --git a/debian/patches/extra/0001-Revert-target-i386-disable-LINT0-after-reset.patch b/debian/patches/extra/0001-Revert-target-i386-disable-LINT0-after-reset.patch new file mode 100644 index 0000000..fdf5b7b --- /dev/null +++ b/debian/patches/extra/0001-Revert-target-i386-disable-LINT0-after-reset.patch @@ -0,0 +1,33 @@ +From 603c472d61c354c30bc898b0e9ff1914302cbca9 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Mon, 4 Jul 2016 15:02:26 +0200 +Subject: [PATCH 1/3] Revert "target-i386: disable LINT0 after reset" + +This reverts commit b8eb5512fd8a115f164edbbe897cdf8884920ccb. +--- + hw/intc/apic_common.c | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/hw/intc/apic_common.c b/hw/intc/apic_common.c +index 14ac43c..1ed0511 100644 +--- a/hw/intc/apic_common.c ++++ b/hw/intc/apic_common.c +@@ -246,6 +246,15 @@ static void apic_reset_common(DeviceState *dev) + info->vapic_base_update(s); + + apic_init_reset(dev); ++ ++ if (bsp) { ++ /* ++ * LINT0 delivery mode on CPU #0 is set to ExtInt at initialization ++ * time typically by BIOS, so PIC interrupt can be delivered to the ++ * processor when local APIC is enabled. ++ */ ++ s->lvt[APIC_LVT_LINT0] = 0x700; ++ } + } + + /* This function is only used for old state version 1 and 2 */ +-- +2.1.4 + diff --git a/debian/patches/extra/0001-cirrus-fix-patterncopy-checks.patch b/debian/patches/extra/0001-cirrus-fix-patterncopy-checks.patch new file mode 100644 index 0000000..d31da17 --- /dev/null +++ b/debian/patches/extra/0001-cirrus-fix-patterncopy-checks.patch @@ -0,0 +1,100 @@ +From 391a9e6fd8c6cf615f2ffe44bb85245df52cc2b6 Mon Sep 17 00:00:00 2001 +From: Gerd Hoffmann +Date: Thu, 9 Feb 2017 14:02:20 +0100 +Subject: [PATCH 1/2] cirrus: fix patterncopy checks + +The blit_region_is_unsafe checks don't work correctly for the +patterncopy source. It's a fixed-sized region, which doesn't +depend on cirrus_blt_{width,height}. So go do the check in +cirrus_bitblt_common_patterncopy instead, then tell blit_is_unsafe that +it doesn't need to verify the source. Also handle the case where we +blit from cirrus_bitbuf correctly. + +This patch replaces 5858dd1801883309bdd208d72ddb81c4e9fee30c. + +Security impact: I think for the most part error on the safe side this +time, refusing blits which should have been allowed. + +Only exception is placing the blit source at the end of the video ram, +so cirrus_blt_srcaddr + 256 goes beyond the end of video memory. But +even in that case I'm not fully sure this actually allows read access to +host memory. To trick the commit 5858dd18 security checks one has to +pick very small cirrus_blt_{width,height} values, which in turn implies +only a fraction of the blit source will actually be used. + +Cc: Wolfgang Bumiller +Cc: Dr. David Alan Gilbert +Signed-off-by: Gerd Hoffmann +--- + hw/display/cirrus_vga.c | 36 ++++++++++++++++++++++++++++++------ + 1 file changed, 30 insertions(+), 6 deletions(-) + +diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c +index 16f27e8..6bd13fc 100644 +--- a/hw/display/cirrus_vga.c ++++ b/hw/display/cirrus_vga.c +@@ -683,14 +683,39 @@ static void cirrus_invalidate_region(CirrusVGAState * s, int off_begin, + } + } + +-static int cirrus_bitblt_common_patterncopy(CirrusVGAState * s, +- const uint8_t * src) ++static int cirrus_bitblt_common_patterncopy(CirrusVGAState *s, bool videosrc) + { ++ uint32_t patternsize; + uint8_t *dst; ++ uint8_t *src; + + dst = s->vga.vram_ptr + s->cirrus_blt_dstaddr; + +- if (blit_is_unsafe(s, false, true)) { ++ if (videosrc) { ++ switch (s->vga.get_bpp(&s->vga)) { ++ case 8: ++ patternsize = 64; ++ break; ++ case 15: ++ case 16: ++ patternsize = 128; ++ break; ++ case 24: ++ case 32: ++ default: ++ patternsize = 256; ++ break; ++ } ++ s->cirrus_blt_srcaddr &= ~(patternsize - 1); ++ if (s->cirrus_blt_srcaddr + patternsize > s->vga.vram_size) { ++ return 0; ++ } ++ src = s->vga.vram_ptr + s->cirrus_blt_srcaddr; ++ } else { ++ src = s->cirrus_bltbuf; ++ } ++ ++ if (blit_is_unsafe(s, true, true)) { + return 0; + } + +@@ -731,8 +756,7 @@ static int cirrus_bitblt_solidfill(CirrusVGAState *s, int blt_rop) + + static int cirrus_bitblt_videotovideo_patterncopy(CirrusVGAState * s) + { +- return cirrus_bitblt_common_patterncopy(s, s->vga.vram_ptr + +- (s->cirrus_blt_srcaddr & ~7)); ++ return cirrus_bitblt_common_patterncopy(s, true); + } + + static int cirrus_do_copy(CirrusVGAState *s, int dst, int src, int w, int h) +@@ -831,7 +855,7 @@ static void cirrus_bitblt_cputovideo_next(CirrusVGAState * s) + + if (s->cirrus_srccounter > 0) { + if (s->cirrus_blt_mode & CIRRUS_BLTMODE_PATTERNCOPY) { +- cirrus_bitblt_common_patterncopy(s, s->cirrus_bltbuf); ++ cirrus_bitblt_common_patterncopy(s, false); + the_end: + s->cirrus_srccounter = 0; + cirrus_bitblt_reset(s); +-- +2.1.4 + diff --git a/debian/patches/extra/0001-cirrus-handle-negative-pitch-in-cirrus_invalidate_re.patch b/debian/patches/extra/0001-cirrus-handle-negative-pitch-in-cirrus_invalidate_re.patch new file mode 100644 index 0000000..a95cf1b --- /dev/null +++ b/debian/patches/extra/0001-cirrus-handle-negative-pitch-in-cirrus_invalidate_re.patch @@ -0,0 +1,51 @@ +From b3ce5aeaacdd0cec5bab1d83ee24bae73b0dd506 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 25 Jan 2017 14:48:57 +0100 +Subject: [PATCH 1/4] cirrus: handle negative pitch in + cirrus_invalidate_region() + +cirrus_invalidate_region() calls memory_region_set_dirty() +on a per-line basis, always ranging from off_begin to +off_begin+bytesperline. With a negative pitch off_begin +marks the top most used address and thus we need to do an +initial shift backwards by a line for negative pitches of +backward blits, otherwise the first iteration covers the +line going from the start offset forwards instead of +backwards. +Additionally since the start address is inclusive, if we +shift by a full `bytesperline` we move to the first address +*not* included in the blit, so we only shift by one less +than bytesperline. + +Signed-off-by: Wolfgang Bumiller +Message-id: 1485352137-29367-1-git-send-email-w.bumiller@proxmox.com + +[ kraxel: codestyle fixes ] + +Signed-off-by: Gerd Hoffmann +--- + hw/display/cirrus_vga.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c +index 379910d..0f05e45 100644 +--- a/hw/display/cirrus_vga.c ++++ b/hw/display/cirrus_vga.c +@@ -661,9 +661,14 @@ static void cirrus_invalidate_region(CirrusVGAState * s, int off_begin, + int off_cur; + int off_cur_end; + ++ if (off_pitch < 0) { ++ off_begin -= bytesperline - 1; ++ } ++ + for (y = 0; y < lines; y++) { + off_cur = off_begin; + off_cur_end = (off_cur + bytesperline) & s->cirrus_addr_mask; ++ assert(off_cur_end >= off_cur); + memory_region_set_dirty(&s->vga.vram, off_cur, off_cur_end - off_cur); + off_begin += off_pitch; + } +-- +2.1.4 + diff --git a/debian/patches/extra/0001-display-cirrus-ignore-source-pitch-value-as-needed-i.patch b/debian/patches/extra/0001-display-cirrus-ignore-source-pitch-value-as-needed-i.patch new file mode 100644 index 0000000..2b24cdd --- /dev/null +++ b/debian/patches/extra/0001-display-cirrus-ignore-source-pitch-value-as-needed-i.patch @@ -0,0 +1,72 @@ +From f5dc8e6b503fda1ed87c0f4f53c6d2c76a584872 Mon Sep 17 00:00:00 2001 +From: Bruce Rogers +Date: Mon, 9 Jan 2017 13:35:20 -0700 +Subject: [PATCH 1/5] display: cirrus: ignore source pitch value as needed in + blit_is_unsafe + +Commit 4299b90 added a check which is too broad, given that the source +pitch value is not required to be initialized for solid fill operations. +This patch refines the blit_is_unsafe() check to ignore source pitch in +that case. After applying the above commit as a security patch, we +noticed the SLES 11 SP4 guest gui failed to initialize properly. + +Signed-off-by: Bruce Rogers +Message-id: 20170109203520.5619-1-brogers@suse.com +Signed-off-by: Gerd Hoffmann +--- + hw/display/cirrus_vga.c | 11 +++++++---- + 1 file changed, 7 insertions(+), 4 deletions(-) + +diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c +index bdb092e..379910d 100644 +--- a/hw/display/cirrus_vga.c ++++ b/hw/display/cirrus_vga.c +@@ -294,7 +294,7 @@ static bool blit_region_is_unsafe(struct CirrusVGAState *s, + return false; + } + +-static bool blit_is_unsafe(struct CirrusVGAState *s) ++static bool blit_is_unsafe(struct CirrusVGAState *s, bool dst_only) + { + /* should be the case, see cirrus_bitblt_start */ + assert(s->cirrus_blt_width > 0); +@@ -308,6 +308,9 @@ static bool blit_is_unsafe(struct CirrusVGAState *s) + s->cirrus_blt_dstaddr & s->cirrus_addr_mask)) { + return true; + } ++ if (dst_only) { ++ return false; ++ } + if (blit_region_is_unsafe(s, s->cirrus_blt_srcpitch, + s->cirrus_blt_srcaddr & s->cirrus_addr_mask)) { + return true; +@@ -673,7 +676,7 @@ static int cirrus_bitblt_common_patterncopy(CirrusVGAState * s, + + dst = s->vga.vram_ptr + (s->cirrus_blt_dstaddr & s->cirrus_addr_mask); + +- if (blit_is_unsafe(s)) ++ if (blit_is_unsafe(s, false)) + return 0; + + (*s->cirrus_rop) (s, dst, src, +@@ -691,7 +694,7 @@ static int cirrus_bitblt_solidfill(CirrusVGAState *s, int blt_rop) + { + cirrus_fill_t rop_func; + +- if (blit_is_unsafe(s)) { ++ if (blit_is_unsafe(s, true)) { + return 0; + } + rop_func = cirrus_fill[rop_to_index[blt_rop]][s->cirrus_blt_pixelwidth - 1]; +@@ -795,7 +798,7 @@ static int cirrus_do_copy(CirrusVGAState *s, int dst, int src, int w, int h) + + static int cirrus_bitblt_videotovideo_copy(CirrusVGAState * s) + { +- if (blit_is_unsafe(s)) ++ if (blit_is_unsafe(s, false)) + return 0; + + return cirrus_do_copy(s, s->cirrus_blt_dstaddr - s->vga.start_addr, +-- +2.1.4 + diff --git a/debian/patches/extra/0002-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil.patch b/debian/patches/extra/0002-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil.patch new file mode 100644 index 0000000..0b8e6ed --- /dev/null +++ b/debian/patches/extra/0002-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil.patch @@ -0,0 +1,101 @@ +From cba280fe94eaed53952e2997cac1ee2bed6cfdee Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Fri, 10 Feb 2017 08:34:03 +0100 +Subject: [PATCH 2/2] Revert "cirrus: allow zero source pitch in pattern fill + rops" + +This reverts commit cf9c099a7694eb47ded529e1ed40ee8789f32d31. + +Conflicts: + hw/display/cirrus_vga.c +--- + hw/display/cirrus_vga.c | 29 +++++++++-------------------- + 1 file changed, 9 insertions(+), 20 deletions(-) + +diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c +index 6bd13fc..92e7951 100644 +--- a/hw/display/cirrus_vga.c ++++ b/hw/display/cirrus_vga.c +@@ -272,6 +272,9 @@ static void cirrus_update_memory_access(CirrusVGAState *s); + static bool blit_region_is_unsafe(struct CirrusVGAState *s, + int32_t pitch, int32_t addr) + { ++ if (!pitch) { ++ return true; ++ } + if (pitch < 0) { + int64_t min = addr + + ((int64_t)s->cirrus_blt_height - 1) * pitch +@@ -290,11 +293,8 @@ static bool blit_region_is_unsafe(struct CirrusVGAState *s, + return false; + } + +-static bool blit_is_unsafe(struct CirrusVGAState *s, bool dst_only, +- bool zero_src_pitch_ok) ++static bool blit_is_unsafe(struct CirrusVGAState *s, bool dst_only) + { +- int32_t check_pitch; +- + /* should be the case, see cirrus_bitblt_start */ + assert(s->cirrus_blt_width > 0); + assert(s->cirrus_blt_height > 0); +@@ -303,10 +303,6 @@ static bool blit_is_unsafe(struct CirrusVGAState *s, bool dst_only, + return true; + } + +- if (!s->cirrus_blt_dstpitch) { +- return true; +- } +- + if (blit_region_is_unsafe(s, s->cirrus_blt_dstpitch, + s->cirrus_blt_dstaddr)) { + return true; +@@ -314,14 +310,8 @@ static bool blit_is_unsafe(struct CirrusVGAState *s, bool dst_only, + if (dst_only) { + return false; + } +- +- check_pitch = s->cirrus_blt_srcpitch; +- if (!zero_src_pitch_ok && !check_pitch) { +- check_pitch = s->cirrus_blt_width; +- } +- +- if (blit_region_is_unsafe(s, check_pitch, +- s->cirrus_blt_srcaddr)) { ++ if (blit_region_is_unsafe(s, s->cirrus_blt_srcpitch, ++ s->cirrus_blt_srcaddr & s->cirrus_addr_mask)) { + return true; + } + +@@ -715,9 +705,8 @@ static int cirrus_bitblt_common_patterncopy(CirrusVGAState *s, bool videosrc) + src = s->cirrus_bltbuf; + } + +- if (blit_is_unsafe(s, true, true)) { ++ if (blit_is_unsafe(s, true)) + return 0; +- } + + (*s->cirrus_rop) (s, dst, src, + s->cirrus_blt_dstpitch, 0, +@@ -734,7 +723,7 @@ static int cirrus_bitblt_solidfill(CirrusVGAState *s, int blt_rop) + { + cirrus_fill_t rop_func; + +- if (blit_is_unsafe(s, true, true)) { ++ if (blit_is_unsafe(s, true)) { + return 0; + } + rop_func = cirrus_fill[rop_to_index[blt_rop]][s->cirrus_blt_pixelwidth - 1]; +@@ -834,7 +823,7 @@ static int cirrus_do_copy(CirrusVGAState *s, int dst, int src, int w, int h) + + static int cirrus_bitblt_videotovideo_copy(CirrusVGAState * s) + { +- if (blit_is_unsafe(s, false, false)) ++ if (blit_is_unsafe(s, false)) + return 0; + + return cirrus_do_copy(s, s->cirrus_blt_dstaddr - s->vga.start_addr, +-- +2.1.4 + diff --git a/debian/patches/extra/0002-cirrus-allow-zero-source-pitch-in-pattern-fill-rops.patch b/debian/patches/extra/0002-cirrus-allow-zero-source-pitch-in-pattern-fill-rops.patch new file mode 100644 index 0000000..7431baf --- /dev/null +++ b/debian/patches/extra/0002-cirrus-allow-zero-source-pitch-in-pattern-fill-rops.patch @@ -0,0 +1,102 @@ +From cf9c099a7694eb47ded529e1ed40ee8789f32d31 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Tue, 24 Jan 2017 16:35:38 +0100 +Subject: [PATCH 2/4] cirrus: allow zero source pitch in pattern fill rops + +The rops used by cirrus_bitblt_common_patterncopy only use +the destination pitch, so the source pitch shoul allowed to +be zero and the blit with used for the range check around the +source address. + +Signed-off-by: Wolfgang Bumiller +Message-id: 1485272138-23249-1-git-send-email-w.bumiller@proxmox.com +Signed-off-by: Gerd Hoffmann +--- + hw/display/cirrus_vga.c | 27 +++++++++++++++++++-------- + 1 file changed, 19 insertions(+), 8 deletions(-) + +diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c +index 0f05e45..98f089e 100644 +--- a/hw/display/cirrus_vga.c ++++ b/hw/display/cirrus_vga.c +@@ -272,9 +272,6 @@ static void cirrus_update_memory_access(CirrusVGAState *s); + static bool blit_region_is_unsafe(struct CirrusVGAState *s, + int32_t pitch, int32_t addr) + { +- if (!pitch) { +- return true; +- } + if (pitch < 0) { + int64_t min = addr + + ((int64_t)s->cirrus_blt_height-1) * pitch; +@@ -294,8 +291,11 @@ static bool blit_region_is_unsafe(struct CirrusVGAState *s, + return false; + } + +-static bool blit_is_unsafe(struct CirrusVGAState *s, bool dst_only) ++static bool blit_is_unsafe(struct CirrusVGAState *s, bool dst_only, ++ bool zero_src_pitch_ok) + { ++ int32_t check_pitch; ++ + /* should be the case, see cirrus_bitblt_start */ + assert(s->cirrus_blt_width > 0); + assert(s->cirrus_blt_height > 0); +@@ -304,6 +304,10 @@ static bool blit_is_unsafe(struct CirrusVGAState *s, bool dst_only) + return true; + } + ++ if (!s->cirrus_blt_dstpitch) { ++ return true; ++ } ++ + if (blit_region_is_unsafe(s, s->cirrus_blt_dstpitch, + s->cirrus_blt_dstaddr & s->cirrus_addr_mask)) { + return true; +@@ -311,7 +315,13 @@ static bool blit_is_unsafe(struct CirrusVGAState *s, bool dst_only) + if (dst_only) { + return false; + } +- if (blit_region_is_unsafe(s, s->cirrus_blt_srcpitch, ++ ++ check_pitch = s->cirrus_blt_srcpitch; ++ if (!zero_src_pitch_ok && !check_pitch) { ++ check_pitch = s->cirrus_blt_width; ++ } ++ ++ if (blit_region_is_unsafe(s, check_pitch, + s->cirrus_blt_srcaddr & s->cirrus_addr_mask)) { + return true; + } +@@ -681,8 +691,9 @@ static int cirrus_bitblt_common_patterncopy(CirrusVGAState * s, + + dst = s->vga.vram_ptr + (s->cirrus_blt_dstaddr & s->cirrus_addr_mask); + +- if (blit_is_unsafe(s, false)) ++ if (blit_is_unsafe(s, false, true)) { + return 0; ++ } + + (*s->cirrus_rop) (s, dst, src, + s->cirrus_blt_dstpitch, 0, +@@ -699,7 +710,7 @@ static int cirrus_bitblt_solidfill(CirrusVGAState *s, int blt_rop) + { + cirrus_fill_t rop_func; + +- if (blit_is_unsafe(s, true)) { ++ if (blit_is_unsafe(s, true, true)) { + return 0; + } + rop_func = cirrus_fill[rop_to_index[blt_rop]][s->cirrus_blt_pixelwidth - 1]; +@@ -803,7 +814,7 @@ static int cirrus_do_copy(CirrusVGAState *s, int dst, int src, int w, int h) + + static int cirrus_bitblt_videotovideo_copy(CirrusVGAState * s) + { +- if (blit_is_unsafe(s, false)) ++ if (blit_is_unsafe(s, false, false)) + return 0; + + return cirrus_do_copy(s, s->cirrus_blt_dstaddr - s->vga.start_addr, +-- +2.1.4 + diff --git a/debian/patches/extra/0002-net-vmxnet-initialise-local-tx-descriptor.patch b/debian/patches/extra/0002-net-vmxnet-initialise-local-tx-descriptor.patch new file mode 100644 index 0000000..5090662 --- /dev/null +++ b/debian/patches/extra/0002-net-vmxnet-initialise-local-tx-descriptor.patch @@ -0,0 +1,31 @@ +From 1313d27fc347633d0cf6fc2ff8cbe17a740dd658 Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Thu, 11 Aug 2016 00:42:20 +0530 +Subject: [PATCH 2/3] net: vmxnet: initialise local tx descriptor + +In Vmxnet3 device emulator while processing transmit(tx) queue, +when it reaches end of packet, it calls vmxnet3_complete_packet. +In that local 'txcq_descr' object is not initialised, which could +leak host memory bytes a guest. + +Reported-by: Li Qiang +Signed-off-by: Prasad J Pandit +--- + hw/net/vmxnet3.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c +index 90f6943..92f6af9 100644 +--- a/hw/net/vmxnet3.c ++++ b/hw/net/vmxnet3.c +@@ -531,6 +531,7 @@ static void vmxnet3_complete_packet(VMXNET3State *s, int qidx, uint32_t tx_ridx) + + VMXNET3_RING_DUMP(VMW_RIPRN, "TXC", qidx, &s->txq_descr[qidx].comp_ring); + ++ memset(&txcq_descr, 0, sizeof(txcq_descr)); + txcq_descr.txdIdx = tx_ridx; + txcq_descr.gen = vmxnet3_ring_curr_gen(&s->txq_descr[qidx].comp_ring); + +-- +2.1.4 + diff --git a/debian/patches/extra/0003-cirrus-fix-blit-address-mask-handling.patch b/debian/patches/extra/0003-cirrus-fix-blit-address-mask-handling.patch new file mode 100644 index 0000000..39a410a --- /dev/null +++ b/debian/patches/extra/0003-cirrus-fix-blit-address-mask-handling.patch @@ -0,0 +1,104 @@ +From a173829e6ebd8b2d7f29028f106173ba067c8b8c Mon Sep 17 00:00:00 2001 +From: Gerd Hoffmann +Date: Wed, 25 Jan 2017 11:09:56 +0100 +Subject: [PATCH 3/4] cirrus: fix blit address mask handling + +Apply the cirrus_addr_mask to cirrus_blt_dstaddr and cirrus_blt_srcaddr +right after assigning them, in cirrus_bitblt_start(), instead of having +this all over the place in the cirrus code, and missing a few places. + +Reported-by: Wolfgang Bumiller +Signed-off-by: Gerd Hoffmann +Message-id: 1485338996-17095-1-git-send-email-kraxel@redhat.com +--- + hw/display/cirrus_vga.c | 25 ++++++++++++------------- + 1 file changed, 12 insertions(+), 13 deletions(-) + +diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c +index 98f089e..7db6409 100644 +--- a/hw/display/cirrus_vga.c ++++ b/hw/display/cirrus_vga.c +@@ -309,7 +309,7 @@ static bool blit_is_unsafe(struct CirrusVGAState *s, bool dst_only, + } + + if (blit_region_is_unsafe(s, s->cirrus_blt_dstpitch, +- s->cirrus_blt_dstaddr & s->cirrus_addr_mask)) { ++ s->cirrus_blt_dstaddr)) { + return true; + } + if (dst_only) { +@@ -322,7 +322,7 @@ static bool blit_is_unsafe(struct CirrusVGAState *s, bool dst_only, + } + + if (blit_region_is_unsafe(s, check_pitch, +- s->cirrus_blt_srcaddr & s->cirrus_addr_mask)) { ++ s->cirrus_blt_srcaddr)) { + return true; + } + +@@ -689,7 +689,7 @@ static int cirrus_bitblt_common_patterncopy(CirrusVGAState * s, + { + uint8_t *dst; + +- dst = s->vga.vram_ptr + (s->cirrus_blt_dstaddr & s->cirrus_addr_mask); ++ dst = s->vga.vram_ptr + s->cirrus_blt_dstaddr; + + if (blit_is_unsafe(s, false, true)) { + return 0; +@@ -714,7 +714,7 @@ static int cirrus_bitblt_solidfill(CirrusVGAState *s, int blt_rop) + return 0; + } + rop_func = cirrus_fill[rop_to_index[blt_rop]][s->cirrus_blt_pixelwidth - 1]; +- rop_func(s, s->vga.vram_ptr + (s->cirrus_blt_dstaddr & s->cirrus_addr_mask), ++ rop_func(s, s->vga.vram_ptr + s->cirrus_blt_dstaddr, + s->cirrus_blt_dstpitch, + s->cirrus_blt_width, s->cirrus_blt_height); + cirrus_invalidate_region(s, s->cirrus_blt_dstaddr, +@@ -732,9 +732,8 @@ static int cirrus_bitblt_solidfill(CirrusVGAState *s, int blt_rop) + + static int cirrus_bitblt_videotovideo_patterncopy(CirrusVGAState * s) + { +- return cirrus_bitblt_common_patterncopy(s, +- s->vga.vram_ptr + ((s->cirrus_blt_srcaddr & ~7) & +- s->cirrus_addr_mask)); ++ return cirrus_bitblt_common_patterncopy(s, s->vga.vram_ptr + ++ (s->cirrus_blt_srcaddr & ~7)); + } + + static int cirrus_do_copy(CirrusVGAState *s, int dst, int src, int w, int h) +@@ -788,10 +787,8 @@ static int cirrus_do_copy(CirrusVGAState *s, int dst, int src, int w, int h) + if (notify) + graphic_hw_update(s->vga.con); + +- (*s->cirrus_rop) (s, s->vga.vram_ptr + +- (s->cirrus_blt_dstaddr & s->cirrus_addr_mask), +- s->vga.vram_ptr + +- (s->cirrus_blt_srcaddr & s->cirrus_addr_mask), ++ (*s->cirrus_rop) (s, s->vga.vram_ptr + s->cirrus_blt_dstaddr, ++ s->vga.vram_ptr + s->cirrus_blt_srcaddr, + s->cirrus_blt_dstpitch, s->cirrus_blt_srcpitch, + s->cirrus_blt_width, s->cirrus_blt_height); + +@@ -842,8 +839,7 @@ static void cirrus_bitblt_cputovideo_next(CirrusVGAState * s) + } else { + /* at least one scan line */ + do { +- (*s->cirrus_rop)(s, s->vga.vram_ptr + +- (s->cirrus_blt_dstaddr & s->cirrus_addr_mask), ++ (*s->cirrus_rop)(s, s->vga.vram_ptr + s->cirrus_blt_dstaddr, + s->cirrus_bltbuf, 0, 0, s->cirrus_blt_width, 1); + cirrus_invalidate_region(s, s->cirrus_blt_dstaddr, 0, + s->cirrus_blt_width, 1); +@@ -962,6 +958,9 @@ static void cirrus_bitblt_start(CirrusVGAState * s) + s->cirrus_blt_modeext = s->vga.gr[0x33]; + blt_rop = s->vga.gr[0x32]; + ++ s->cirrus_blt_dstaddr &= s->cirrus_addr_mask; ++ s->cirrus_blt_srcaddr &= s->cirrus_addr_mask; ++ + #ifdef DEBUG_BITBLT + printf("rop=0x%02x mode=0x%02x modeext=0x%02x w=%d h=%d dpitch=%d spitch=%d daddr=0x%08x saddr=0x%08x writemask=0x%02x\n", + blt_rop, +-- +2.1.4 + diff --git a/debian/patches/extra/0003-net-limit-allocation-in-nc_sendv_compat.patch b/debian/patches/extra/0003-net-limit-allocation-in-nc_sendv_compat.patch new file mode 100644 index 0000000..0bdb236 --- /dev/null +++ b/debian/patches/extra/0003-net-limit-allocation-in-nc_sendv_compat.patch @@ -0,0 +1,37 @@ +From 2705772316ff905f3ed08871c602fca1c636f332 Mon Sep 17 00:00:00 2001 +From: Peter Lieven +Date: Thu, 30 Jun 2016 11:49:40 +0200 +Subject: [PATCH 3/3] net: limit allocation in nc_sendv_compat + +we only need to allocate enough memory to hold the packet. This might be +less than NET_BUFSIZE. Additionally fail early if the packet is larger +than NET_BUFSIZE. + +Signed-off-by: Peter Lieven +--- + net/net.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/net/net.c b/net/net.c +index c94d93d..2ac46a6 100644 +--- a/net/net.c ++++ b/net/net.c +@@ -690,9 +690,13 @@ static ssize_t nc_sendv_compat(NetClientState *nc, const struct iovec *iov, + buffer = iov[0].iov_base; + offset = iov[0].iov_len; + } else { +- buf = g_new(uint8_t, NET_BUFSIZE); ++ offset = iov_size(iov, iovcnt); ++ if (offset > NET_BUFSIZE) { ++ return -1; ++ } ++ buf = g_malloc(offset); + buffer = buf; +- offset = iov_to_buf(iov, iovcnt, 0, buf, NET_BUFSIZE); ++ offset = iov_to_buf(iov, iovcnt, 0, buf, offset); + } + + if (flags & QEMU_NET_PACKET_FLAG_RAW && nc->info->receive_raw) { +-- +2.1.4 + diff --git a/debian/patches/extra/0003-sd-sdhci-check-transfer-mode-register-in-multi-block.patch b/debian/patches/extra/0003-sd-sdhci-check-transfer-mode-register-in-multi-block.patch new file mode 100644 index 0000000..017f55a --- /dev/null +++ b/debian/patches/extra/0003-sd-sdhci-check-transfer-mode-register-in-multi-block.patch @@ -0,0 +1,61 @@ +From da4c6050712be98934918e348aa34a74be0e4e57 Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit +Date: Tue, 31 Jan 2017 17:54:15 +0530 +Subject: [PATCH 3/8] sd: sdhci: check transfer mode register in multi block + transfer + +In SDHCI device emulation the transfer mode register value +is used during multi block transfer to check if block count +register is enabled and should be updated. Transfer mode +register could be set such that, block count register would +not be updated, thus leading to an infinite loop. Add check +to avoid it. + +Reported-by: Wjjzhang +Reported-by: Jiang Xin +Signed-off-by: Prasad J Pandit +--- + hw/sd/sdhci.c | 13 +++++++------ + 1 file changed, 7 insertions(+), 6 deletions(-) + +diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c +index 01fbf22..35f953a 100644 +--- a/hw/sd/sdhci.c ++++ b/hw/sd/sdhci.c +@@ -486,6 +486,12 @@ static void sdhci_sdma_transfer_multi_blocks(SDHCIState *s) + uint32_t boundary_chk = 1 << (((s->blksize & 0xf000) >> 12) + 12); + uint32_t boundary_count = boundary_chk - (s->sdmasysad % boundary_chk); + ++ if (!(s->trnmod & SDHC_TRNS_MULTI) ++ || !(s->trnmod & SDHC_TRNS_BLK_CNT_EN) ++ || !s->blkcnt) { ++ return; ++ } ++ + /* XXX: Some sd/mmc drivers (for example, u-boot-slp) do not account for + * possible stop at page boundary if initial address is not page aligned, + * allow them to work properly */ +@@ -797,11 +803,6 @@ static void sdhci_data_transfer(void *opaque) + if (s->trnmod & SDHC_TRNS_DMA) { + switch (SDHC_DMA_TYPE(s->hostctl)) { + case SDHC_CTRL_SDMA: +- if ((s->trnmod & SDHC_TRNS_MULTI) && +- (!(s->trnmod & SDHC_TRNS_BLK_CNT_EN) || s->blkcnt == 0)) { +- break; +- } +- + if ((s->blkcnt == 1) || !(s->trnmod & SDHC_TRNS_MULTI)) { + sdhci_sdma_transfer_single_block(s); + } else { +@@ -1050,7 +1051,7 @@ sdhci_write(void *opaque, hwaddr offset, uint64_t val, unsigned size) + if (!(s->capareg & SDHC_CAN_DO_DMA)) { + value &= ~SDHC_TRNS_DMA; + } +- MASKED_WRITE(s->trnmod, mask, value); ++ MASKED_WRITE(s->trnmod, mask, value & 0x0037); + MASKED_WRITE(s->cmdreg, mask >> 16, value >> 16); + + /* Writing to the upper byte of CMDREG triggers SD command generation */ +-- +2.1.4 + diff --git a/debian/patches/extra/0004-cirrus-fix-oob-access-issue-CVE-2017-2615.patch b/debian/patches/extra/0004-cirrus-fix-oob-access-issue-CVE-2017-2615.patch new file mode 100644 index 0000000..fb59147 --- /dev/null +++ b/debian/patches/extra/0004-cirrus-fix-oob-access-issue-CVE-2017-2615.patch @@ -0,0 +1,50 @@ +From e3ff618899e53791fdff5dbd3f8fa889a2ed7b1d Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Wed, 1 Feb 2017 09:35:01 +0100 +Subject: [PATCH 4/4] cirrus: fix oob access issue (CVE-2017-2615) + +When doing bitblt copy in backward mode, we should minus the +blt width first just like the adding in the forward mode. This +can avoid the oob access of the front of vga's vram. + +Signed-off-by: Li Qiang +Reviewed-by: Laszlo Ersek +Signed-off-by: Gerd Hoffmann +Message-id: 1485938101-26602-1-git-send-email-kraxel@redhat.com +Message-id: 5887254f.863a240a.2c122.5500@mx.google.com + +{ kraxel: with backward blits (negative pitch) addr is the topmost + address, so check it as-is against vram size ] + +Cc: qemu-stable@nongnu.org +Cc: P J P +Cc: Laszlo Ersek +Cc: Paolo Bonzini +Cc: Wolfgang Bumiller +Fixes: d3532a0db02296e687711b8cdc7791924efccea0 (CVE-2014-8106) +Signed-off-by: Gerd Hoffmann +--- + hw/display/cirrus_vga.c | 7 +++---- + 1 file changed, 3 insertions(+), 4 deletions(-) + +diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c +index 7db6409..16f27e8 100644 +--- a/hw/display/cirrus_vga.c ++++ b/hw/display/cirrus_vga.c +@@ -274,10 +274,9 @@ static bool blit_region_is_unsafe(struct CirrusVGAState *s, + { + if (pitch < 0) { + int64_t min = addr +- + ((int64_t)s->cirrus_blt_height-1) * pitch; +- int32_t max = addr +- + s->cirrus_blt_width; +- if (min < 0 || max > s->vga.vram_size) { ++ + ((int64_t)s->cirrus_blt_height - 1) * pitch ++ - s->cirrus_blt_width; ++ if (min < -1 || addr >= s->vga.vram_size) { + return true; + } + } else { +-- +2.1.4 + diff --git a/debian/patches/extra/0004-sd-sdhci-block-count-enable-not-relevant-in-single-b.patch b/debian/patches/extra/0004-sd-sdhci-block-count-enable-not-relevant-in-single-b.patch new file mode 100644 index 0000000..aeca0a1 --- /dev/null +++ b/debian/patches/extra/0004-sd-sdhci-block-count-enable-not-relevant-in-single-b.patch @@ -0,0 +1,42 @@ +From b9bc05a3a687f9993c5c2a8890b53ab9e8dbc96c Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit +Date: Tue, 31 Jan 2017 17:54:16 +0530 +Subject: [PATCH 4/8] sd: sdhci: block count enable not relevant in single + block transfer + +In SDHCI device emulation the 'Block count enable' bit +of the Transfer Mode register is only relevant in multi block +transfers. We need not check it in single block transfers. + +Signed-off-by: Prasad J Pandit +--- + hw/sd/sdhci.c | 6 +----- + 1 file changed, 1 insertion(+), 5 deletions(-) + +diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c +index 35f953a..85cac42 100644 +--- a/hw/sd/sdhci.c ++++ b/hw/sd/sdhci.c +@@ -570,7 +570,6 @@ static void sdhci_sdma_transfer_multi_blocks(SDHCIState *s) + } + + /* single block SDMA transfer */ +- + static void sdhci_sdma_transfer_single_block(SDHCIState *s) + { + int n; +@@ -589,10 +588,7 @@ static void sdhci_sdma_transfer_single_block(SDHCIState *s) + sdbus_write_data(&s->sdbus, s->fifo_buffer[n]); + } + } +- +- if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) { +- s->blkcnt--; +- } ++ s->blkcnt--; + + sdhci_end_transfer(s); + } +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-10028-display-virtio-gpu-3d-check-virgl-capabilities-max_s.patch b/debian/patches/extra/CVE-2016-10028-display-virtio-gpu-3d-check-virgl-capabilities-max_s.patch new file mode 100644 index 0000000..19e7599 --- /dev/null +++ b/debian/patches/extra/CVE-2016-10028-display-virtio-gpu-3d-check-virgl-capabilities-max_s.patch @@ -0,0 +1,44 @@ +From b891912de9c0ef615955fccc043915eb36ce3c02 Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit +Date: Wed, 14 Dec 2016 12:31:56 +0530 +Subject: [PATCH 2/8] display: virtio-gpu-3d: check virgl capabilities max_size + +Virtio GPU device while processing 'VIRTIO_GPU_CMD_GET_CAPSET' +command, retrieves the maximum capabilities size to fill in the +response object. It continues to fill in capabilities even if +retrieved 'max_size' is zero(0), thus resulting in OOB access. +Add check to avoid it. + +Reported-by: Zhenhao Hong +Signed-off-by: Prasad J Pandit +Message-id: 20161214070156.23368-1-ppandit@redhat.com +Signed-off-by: Gerd Hoffmann +--- + +Notes: + CVE-2016-10028 + + hw/display/virtio-gpu-3d.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c +index d98b140..cdd03a4 100644 +--- a/hw/display/virtio-gpu-3d.c ++++ b/hw/display/virtio-gpu-3d.c +@@ -371,8 +371,12 @@ static void virgl_cmd_get_capset(VirtIOGPU *g, + + virgl_renderer_get_cap_set(gc.capset_id, &max_ver, + &max_size); +- resp = g_malloc0(sizeof(*resp) + max_size); ++ if (!max_size) { ++ cmd->error = VIRTIO_GPU_RESP_ERR_INVALID_PARAMETER; ++ return; ++ } + ++ resp = g_malloc0(sizeof(*resp) + max_size); + resp->hdr.type = VIRTIO_GPU_RESP_OK_CAPSET; + virgl_renderer_fill_caps(gc.capset_id, + gc.capset_version, +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-10155-watchdog-6300esb-add-exit-function.patch b/debian/patches/extra/CVE-2016-10155-watchdog-6300esb-add-exit-function.patch new file mode 100644 index 0000000..06567fc --- /dev/null +++ b/debian/patches/extra/CVE-2016-10155-watchdog-6300esb-add-exit-function.patch @@ -0,0 +1,50 @@ +From a8341ea109259c17ad18b02597e5e03e99db60ae Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Mon, 28 Nov 2016 17:49:04 -0800 +Subject: [PATCH 1/8] watchdog: 6300esb: add exit function + +When the Intel 6300ESB watchdog is hot unplug. The timer allocated +in realize isn't freed thus leaking memory leak. This patch avoid +this through adding the exit function. + +Signed-off-by: Li Qiang +Message-Id: <583cde9c.3223ed0a.7f0c2.886e@mx.google.com> +Signed-off-by: Paolo Bonzini +--- + +Notes: + CVE-2016-10155 + + hw/watchdog/wdt_i6300esb.c | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/hw/watchdog/wdt_i6300esb.c b/hw/watchdog/wdt_i6300esb.c +index a83d951..49b3cd1 100644 +--- a/hw/watchdog/wdt_i6300esb.c ++++ b/hw/watchdog/wdt_i6300esb.c +@@ -428,6 +428,14 @@ static void i6300esb_realize(PCIDevice *dev, Error **errp) + /* qemu_register_coalesced_mmio (addr, 0x10); ? */ + } + ++static void i6300esb_exit(PCIDevice *dev) ++{ ++ I6300State *d = WATCHDOG_I6300ESB_DEVICE(dev); ++ ++ timer_del(d->timer); ++ timer_free(d->timer); ++} ++ + static WatchdogTimerModel model = { + .wdt_name = "i6300esb", + .wdt_description = "Intel 6300ESB", +@@ -441,6 +449,7 @@ static void i6300esb_class_init(ObjectClass *klass, void *data) + k->config_read = i6300esb_config_read; + k->config_write = i6300esb_config_write; + k->realize = i6300esb_realize; ++ k->exit = i6300esb_exit; + k->vendor_id = PCI_VENDOR_ID_INTEL; + k->device_id = PCI_DEVICE_ID_INTEL_ESB_9; + k->class_id = PCI_CLASS_SYSTEM_OTHER; +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-7156-scsi-pvscsi-avoid-infinite-loop-while-building-SG-li.patch b/debian/patches/extra/CVE-2016-7156-scsi-pvscsi-avoid-infinite-loop-while-building-SG-li.patch new file mode 100644 index 0000000..d4a133a --- /dev/null +++ b/debian/patches/extra/CVE-2016-7156-scsi-pvscsi-avoid-infinite-loop-while-building-SG-li.patch @@ -0,0 +1,63 @@ +From a8ceb006190b9072b0b9866ec5a07bd6de4eca6d Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit +Date: Tue, 6 Sep 2016 23:23:17 +0530 +Subject: [PATCH 5/6] scsi: pvscsi: avoid infinite loop while building SG list + +In PVSCSI paravirtual SCSI bus, pvscsi_convert_sglist can take a very +long time or go into an infinite loop due to two different bugs: + +1) the request descriptor data length is defined to be 64 bit. While +building SG list from a request descriptor, it gets truncated to 32bit +in routine 'pvscsi_convert_sglist'. This could lead to an infinite loop +situation for large 'dataLen' values, when data_length is cast to uint32_t +and chunk_size becomes always zero. Fix this by removing the incorrect +cast. + +2) pvscsi_get_next_sg_elem can be called arbitrarily many times if the +element has a zero length. Get out of the loop early when this happens, +by introducing an upper limit on the number of SG list elements. + +Reported-by: Li Qiang +Signed-off-by: Prasad J Pandit +--- + hw/scsi/vmw_pvscsi.c | 11 ++++++----- + 1 file changed, 6 insertions(+), 5 deletions(-) + +diff --git a/hw/scsi/vmw_pvscsi.c b/hw/scsi/vmw_pvscsi.c +index 22f872c..e43e0a4 100644 +--- a/hw/scsi/vmw_pvscsi.c ++++ b/hw/scsi/vmw_pvscsi.c +@@ -40,6 +40,8 @@ + #define PVSCSI_MAX_DEVS (64) + #define PVSCSI_MSIX_NUM_VECTORS (1) + ++#define PVSCSI_MAX_SG_ELEM 2048 ++ + #define PVSCSI_MAX_CMD_DATA_WORDS \ + (sizeof(PVSCSICmdDescSetupRings)/sizeof(uint32_t)) + +@@ -629,17 +631,16 @@ pvscsi_queue_pending_descriptor(PVSCSIState *s, SCSIDevice **d, + static void + pvscsi_convert_sglist(PVSCSIRequest *r) + { +- int chunk_size; ++ uint32_t chunk_size, elmcnt = 0; + uint64_t data_length = r->req.dataLen; + PVSCSISGState sg = r->sg; +- while (data_length) { +- while (!sg.resid) { ++ while (data_length && elmcnt < PVSCSI_MAX_SG_ELEM) { ++ while (!sg.resid && elmcnt++ < PVSCSI_MAX_SG_ELEM) { + pvscsi_get_next_sg_elem(&sg); + trace_pvscsi_convert_sglist(r->req.context, r->sg.dataAddr, + r->sg.resid); + } +- assert(data_length > 0); +- chunk_size = MIN((unsigned) data_length, sg.resid); ++ chunk_size = MIN(data_length, sg.resid); + if (chunk_size) { + qemu_sglist_add(&r->sgl, sg.dataAddr, chunk_size); + } +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-7161-hw-net-Fix-a-heap-overflow-in-xlnx.xps-ethernetlite.patch b/debian/patches/extra/CVE-2016-7161-hw-net-Fix-a-heap-overflow-in-xlnx.xps-ethernetlite.patch new file mode 100644 index 0000000..1c14d8c --- /dev/null +++ b/debian/patches/extra/CVE-2016-7161-hw-net-Fix-a-heap-overflow-in-xlnx.xps-ethernetlite.patch @@ -0,0 +1,35 @@ +From b5cfb53ba6a976d0d478eb438a5ada3b719e8d59 Mon Sep 17 00:00:00 2001 +From: chaojianhu +Date: Tue, 9 Aug 2016 11:52:54 +0800 +Subject: [PATCH 2/5] hw/net: Fix a heap overflow in xlnx.xps-ethernetlite + +The .receive callback of xlnx.xps-ethernetlite doesn't check the length +of data before calling memcpy. As a result, the NetClientState object in +heap will be overflowed. All versions of qemu with xlnx.xps-ethernetlite +will be affected. + +Reported-by: chaojianhu +Signed-off-by: chaojianhu +Signed-off-by: Jason Wang +--- + hw/net/xilinx_ethlite.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/hw/net/xilinx_ethlite.c b/hw/net/xilinx_ethlite.c +index bc846e7..12b7419 100644 +--- a/hw/net/xilinx_ethlite.c ++++ b/hw/net/xilinx_ethlite.c +@@ -197,6 +197,10 @@ static ssize_t eth_rx(NetClientState *nc, const uint8_t *buf, size_t size) + } + + D(qemu_log("%s %zd rxbase=%x\n", __func__, size, rxbase)); ++ if (size > (R_MAX - R_RX_BUF0 - rxbase) * 4) { ++ D(qemu_log("ethlite packet is too big, size=%x\n", size)); ++ return -1; ++ } + memcpy(&s->regs[rxbase + R_RX_BUF0], buf, size); + + s->regs[rxbase + R_RX_CTRL0] |= CTRL_S; +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-7170-vmsvga-correct-bitmap-and-pixmap-size-checks.patch b/debian/patches/extra/CVE-2016-7170-vmsvga-correct-bitmap-and-pixmap-size-checks.patch new file mode 100644 index 0000000..732f679 --- /dev/null +++ b/debian/patches/extra/CVE-2016-7170-vmsvga-correct-bitmap-and-pixmap-size-checks.patch @@ -0,0 +1,45 @@ +From 167d97a3def77ee2dbf6e908b0ecbfe2103977db Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit +Date: Thu, 8 Sep 2016 18:15:54 +0530 +Subject: [PATCH] vmsvga: correct bitmap and pixmap size checks + +When processing svga command DEFINE_CURSOR in vmsvga_fifo_run, +the computed BITMAP and PIXMAP size are checked against the +'cursor.mask[]' and 'cursor.image[]' array sizes in bytes. +Correct these checks to avoid OOB memory access. + +Reported-by: Qinghao Tang +Reported-by: Li Qiang +Signed-off-by: Prasad J Pandit +Message-id: 1473338754-15430-1-git-send-email-ppandit@redhat.com +Signed-off-by: Gerd Hoffmann +--- + hw/display/vmware_vga.c | 12 +++++++----- + 1 file changed, 7 insertions(+), 5 deletions(-) + +diff --git a/hw/display/vmware_vga.c b/hw/display/vmware_vga.c +index e51a05e..6599cf0 100644 +--- a/hw/display/vmware_vga.c ++++ b/hw/display/vmware_vga.c +@@ -676,11 +676,13 @@ static void vmsvga_fifo_run(struct vmsvga_state_s *s) + cursor.bpp = vmsvga_fifo_read(s); + + args = SVGA_BITMAP_SIZE(x, y) + SVGA_PIXMAP_SIZE(x, y, cursor.bpp); +- if (cursor.width > 256 || +- cursor.height > 256 || +- cursor.bpp > 32 || +- SVGA_BITMAP_SIZE(x, y) > sizeof cursor.mask || +- SVGA_PIXMAP_SIZE(x, y, cursor.bpp) > sizeof cursor.image) { ++ if (cursor.width > 256 ++ || cursor.height > 256 ++ || cursor.bpp > 32 ++ || SVGA_BITMAP_SIZE(x, y) ++ > sizeof(cursor.mask) / sizeof(cursor.mask[0]) ++ || SVGA_PIXMAP_SIZE(x, y, cursor.bpp) ++ > sizeof(cursor.image) / sizeof(cursor.image[0])) { + goto badcmd; + } + +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-7422-virtio-add-check-for-descriptor-s-mapped-address.patch b/debian/patches/extra/CVE-2016-7422-virtio-add-check-for-descriptor-s-mapped-address.patch new file mode 100644 index 0000000..6ee65d1 --- /dev/null +++ b/debian/patches/extra/CVE-2016-7422-virtio-add-check-for-descriptor-s-mapped-address.patch @@ -0,0 +1,38 @@ +From 1723b5e7962eb077353bab0772ca8114774b6c60 Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit +Date: Mon, 19 Sep 2016 23:55:45 +0530 +Subject: [PATCH 4/7] virtio: add check for descriptor's mapped address + +virtio back end uses set of buffers to facilitate I/O operations. +If its size is too large, 'cpu_physical_memory_map' could return +a null address. This would result in a null dereference while +un-mapping descriptors. Add check to avoid it. + +Reported-by: Qinghao Tang +Signed-off-by: Prasad J Pandit +Reviewed-by: Michael S. Tsirkin +Signed-off-by: Michael S. Tsirkin +Reviewed-by: Laszlo Ersek +--- + hw/virtio/virtio.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c +index 74c085c..eabe573 100644 +--- a/hw/virtio/virtio.c ++++ b/hw/virtio/virtio.c +@@ -473,6 +473,11 @@ static void virtqueue_map_desc(unsigned int *p_num_sg, hwaddr *addr, struct iove + } + + iov[num_sg].iov_base = cpu_physical_memory_map(pa, &len, is_write); ++ if (!iov[num_sg].iov_base) { ++ error_report("virtio: bogus descriptor or out of resources"); ++ exit(1); ++ } ++ + iov[num_sg].iov_len = len; + addr[num_sg] = pa; + +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-7466-usb-xhci-fix-memory-leak-in-usb_xhci_exit.patch b/debian/patches/extra/CVE-2016-7466-usb-xhci-fix-memory-leak-in-usb_xhci_exit.patch new file mode 100644 index 0000000..c463161 --- /dev/null +++ b/debian/patches/extra/CVE-2016-7466-usb-xhci-fix-memory-leak-in-usb_xhci_exit.patch @@ -0,0 +1,32 @@ +From b53dd4495ced2432a0b652ea895e651d07336f7e Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Tue, 13 Sep 2016 03:20:03 -0700 +Subject: [PATCH] usb:xhci:fix memory leak in usb_xhci_exit + +If the xhci uses msix, it doesn't free the corresponding +memory, thus leading a memory leak. This patch avoid this. + +Signed-off-by: Li Qiang +Message-id: 57d7d2e0.d4301c0a.d13e9.9a55@mx.google.com +Signed-off-by: Gerd Hoffmann +--- + hw/usb/hcd-xhci.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c +index 37c1493..726435c 100644 +--- a/hw/usb/hcd-xhci.c ++++ b/hw/usb/hcd-xhci.c +@@ -3715,8 +3715,7 @@ static void usb_xhci_exit(PCIDevice *dev) + /* destroy msix memory region */ + if (dev->msix_table && dev->msix_pba + && dev->msix_entry_used) { +- memory_region_del_subregion(&xhci->mem, &dev->msix_table_mmio); +- memory_region_del_subregion(&xhci->mem, &dev->msix_pba_mmio); ++ msix_uninit(dev, &xhci->mem, &xhci->mem); + } + + usb_bus_release(&xhci->bus); +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-7907-net-imx-limit-buffer-descriptor-count.patch b/debian/patches/extra/CVE-2016-7907-net-imx-limit-buffer-descriptor-count.patch new file mode 100644 index 0000000..108219c --- /dev/null +++ b/debian/patches/extra/CVE-2016-7907-net-imx-limit-buffer-descriptor-count.patch @@ -0,0 +1,48 @@ +From 3798522afcf58abbce6de67446fcae7a34ae919d Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit +Date: Thu, 22 Sep 2016 16:01:38 +0530 +Subject: [PATCH 5/7] net: imx: limit buffer descriptor count + +i.MX Fast Ethernet Controller uses buffer descriptors to manage +data flow to/fro receive & transmit queues. While transmitting +packets, it could continue to read buffer descriptors if a buffer +descriptor has length of zero and has crafted values in bd.flags. +Set an upper limit to number of buffer descriptors. + +Reported-by: Li Qiang +Signed-off-by: Prasad J Pandit +--- + hw/net/imx_fec.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/hw/net/imx_fec.c b/hw/net/imx_fec.c +index 1c415ab..1d74827 100644 +--- a/hw/net/imx_fec.c ++++ b/hw/net/imx_fec.c +@@ -220,6 +220,8 @@ static const VMStateDescription vmstate_imx_eth = { + #define PHY_INT_PARFAULT (1 << 2) + #define PHY_INT_AUTONEG_PAGE (1 << 1) + ++#define IMX_MAX_DESC 1024 ++ + static void imx_eth_update(IMXFECState *s); + + /* +@@ -402,12 +404,12 @@ static void imx_eth_update(IMXFECState *s) + + static void imx_fec_do_tx(IMXFECState *s) + { +- int frame_size = 0; ++ int frame_size = 0, descnt = 0; + uint8_t frame[ENET_MAX_FRAME_SIZE]; + uint8_t *ptr = frame; + uint32_t addr = s->tx_descriptor; + +- while (1) { ++ while (descnt++ < IMX_MAX_DESC) { + IMXFECBufDesc bd; + int len; + +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-7908-net-mcf-limit-buffer-descriptor-count.patch b/debian/patches/extra/CVE-2016-7908-net-mcf-limit-buffer-descriptor-count.patch new file mode 100644 index 0000000..fc15768 --- /dev/null +++ b/debian/patches/extra/CVE-2016-7908-net-mcf-limit-buffer-descriptor-count.patch @@ -0,0 +1,52 @@ +From 94087c0cbe014b4a60d96930d7cb43d54a05c701 Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit +Date: Thu, 22 Sep 2016 16:02:37 +0530 +Subject: [PATCH 6/7] net: mcf: limit buffer descriptor count + +ColdFire Fast Ethernet Controller uses buffer descriptors to manage +data flow to/fro receive & transmit queues. While transmitting +packets, it could continue to read buffer descriptors if a buffer +descriptor has length of zero and has crafted values in bd.flags. +Set upper limit to number of buffer descriptors. + +Reported-by: Li Qiang +Signed-off-by: Prasad J Pandit +Reviewed-by: Paolo Bonzini +Signed-off-by: Jason Wang +--- + hw/net/mcf_fec.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/hw/net/mcf_fec.c b/hw/net/mcf_fec.c +index 0ee8ad9..d31fea1 100644 +--- a/hw/net/mcf_fec.c ++++ b/hw/net/mcf_fec.c +@@ -23,6 +23,7 @@ do { printf("mcf_fec: " fmt , ## __VA_ARGS__); } while (0) + #define DPRINTF(fmt, ...) do {} while(0) + #endif + ++#define FEC_MAX_DESC 1024 + #define FEC_MAX_FRAME_SIZE 2032 + + typedef struct { +@@ -149,7 +150,7 @@ static void mcf_fec_do_tx(mcf_fec_state *s) + uint32_t addr; + mcf_fec_bd bd; + int frame_size; +- int len; ++ int len, descnt = 0; + uint8_t frame[FEC_MAX_FRAME_SIZE]; + uint8_t *ptr; + +@@ -157,7 +158,7 @@ static void mcf_fec_do_tx(mcf_fec_state *s) + ptr = frame; + frame_size = 0; + addr = s->tx_descriptor; +- while (1) { ++ while (descnt++ < FEC_MAX_DESC) { + mcf_fec_read_bd(&bd, addr); + DPRINTF("tx_bd %x flags %04x len %d data %08x\n", + addr, bd.flags, bd.length, bd.data); +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-7909-net-pcnet-check-rx-tx-descriptor-ring-length.patch b/debian/patches/extra/CVE-2016-7909-net-pcnet-check-rx-tx-descriptor-ring-length.patch new file mode 100644 index 0000000..c255871 --- /dev/null +++ b/debian/patches/extra/CVE-2016-7909-net-pcnet-check-rx-tx-descriptor-ring-length.patch @@ -0,0 +1,36 @@ +From ed825b783750cbe88aa67bbe83cf662082828efa Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit +Date: Fri, 30 Sep 2016 00:27:33 +0530 +Subject: [PATCH 7/7] net: pcnet: check rx/tx descriptor ring length + +The AMD PC-Net II emulator has set of control and status(CSR) +registers. Of these, CSR76 and CSR78 hold receive and transmit +descriptor ring length respectively. This ring length could range +from 1 to 65535. Setting ring length to zero leads to an infinite +loop in pcnet_rdra_addr. Add check to avoid it. + +Reported-by: Li Qiang +Signed-off-by: Prasad J Pandit +--- + hw/net/pcnet.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/hw/net/pcnet.c b/hw/net/pcnet.c +index 198a01f..3078de8 100644 +--- a/hw/net/pcnet.c ++++ b/hw/net/pcnet.c +@@ -1429,8 +1429,11 @@ static void pcnet_csr_writew(PCNetState *s, uint32_t rap, uint32_t new_value) + case 47: /* POLLINT */ + case 72: + case 74: ++ break; + case 76: /* RCVRL */ + case 78: /* XMTRL */ ++ val = (val > 0) ? val : 512; ++ break; + case 112: + if (CSR_STOP(s) || CSR_SPND(s)) + break; +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-7994-virtio-gpu-fix-memory-leak-in-virtio_gpu_resource_cr.patch b/debian/patches/extra/CVE-2016-7994-virtio-gpu-fix-memory-leak-in-virtio_gpu_resource_cr.patch new file mode 100644 index 0000000..cddc70f --- /dev/null +++ b/debian/patches/extra/CVE-2016-7994-virtio-gpu-fix-memory-leak-in-virtio_gpu_resource_cr.patch @@ -0,0 +1,30 @@ +From 594fa98211f92ab07ee6d6b6a9eda93a416a1f57 Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Sun, 18 Sep 2016 19:07:11 -0700 +Subject: [PATCH 1/2] virtio-gpu: fix memory leak in + virtio_gpu_resource_create_2d + +In virtio gpu resource create dispatch, if the pixman format is zero +it doesn't free the resource object allocated previously. Thus leading +a host memory leak issue. This patch avoid this. + +Signed-off-by: Li Qiang +--- + hw/display/virtio-gpu.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c +index 7fe6ed8..5b6d17b 100644 +--- a/hw/display/virtio-gpu.c ++++ b/hw/display/virtio-gpu.c +@@ -333,6 +333,7 @@ static void virtio_gpu_resource_create_2d(VirtIOGPU *g, + qemu_log_mask(LOG_GUEST_ERROR, + "%s: host couldn't handle guest format %d\n", + __func__, c2d.format); ++ g_free(res); + cmd->error = VIRTIO_GPU_RESP_ERR_INVALID_PARAMETER; + return; + } +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-7995-usb-ehci-fix-memory-leak-in-ehci_process_itd.patch b/debian/patches/extra/CVE-2016-7995-usb-ehci-fix-memory-leak-in-ehci_process_itd.patch new file mode 100644 index 0000000..fc1c382 --- /dev/null +++ b/debian/patches/extra/CVE-2016-7995-usb-ehci-fix-memory-leak-in-ehci_process_itd.patch @@ -0,0 +1,32 @@ +From 91a16e6e51a4e046d59379fc83b9dfc1e860e9c7 Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Sat, 8 Oct 2016 11:58:03 +0300 +Subject: [PATCH 2/2] usb: ehci: fix memory leak in ehci_process_itd + +While processing isochronous transfer descriptors(iTD), if the page +select(PG) field value is out of bands it will return. In this +situation the ehci's sg list is not freed thus leading to a memory +leak issue. This patch avoid this. + +Signed-off-by: Li Qiang +Reviewed-by: Thomas Huth +Signed-off-by: Michael Tokarev +--- + hw/usb/hcd-ehci.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c +index b093db7..f4ece9a 100644 +--- a/hw/usb/hcd-ehci.c ++++ b/hw/usb/hcd-ehci.c +@@ -1426,6 +1426,7 @@ static int ehci_process_itd(EHCIState *ehci, + if (off + len > 4096) { + /* transfer crosses page border */ + if (pg == 6) { ++ qemu_sglist_destroy(&ehci->isgl); + return -1; /* avoid page pg + 1 */ + } + ptr2 = (itd->bufptr[pg + 1] & ITD_BUFPTR_MASK); +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-8576-xhci-limit-the-number-of-link-trbs-we-are-willing-to.patch b/debian/patches/extra/CVE-2016-8576-xhci-limit-the-number-of-link-trbs-we-are-willing-to.patch new file mode 100644 index 0000000..7019960 --- /dev/null +++ b/debian/patches/extra/CVE-2016-8576-xhci-limit-the-number-of-link-trbs-we-are-willing-to.patch @@ -0,0 +1,69 @@ +From b5ef1754de94247de307044b19e6bc3fa0ad5ba8 Mon Sep 17 00:00:00 2001 +From: Gerd Hoffmann +Date: Mon, 10 Oct 2016 12:46:22 +0200 +Subject: [PATCH 2/4] xhci: limit the number of link trbs we are willing to + process + +Needed to avoid we run in circles forever in case the guest builds +an endless loop with link trbs. + +Reported-by: Li Qiang +Tested-by: P J P +Signed-off-by: Gerd Hoffmann +Message-id: 1476096382-7981-1-git-send-email-kraxel@redhat.com +--- + hw/usb/hcd-xhci.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c +index 281a2a5..8a9a31a 100644 +--- a/hw/usb/hcd-xhci.c ++++ b/hw/usb/hcd-xhci.c +@@ -54,6 +54,8 @@ + * to the specs when it gets them */ + #define ER_FULL_HACK + ++#define TRB_LINK_LIMIT 4 ++ + #define LEN_CAP 0x40 + #define LEN_OPER (0x400 + 0x10 * MAXPORTS) + #define LEN_RUNTIME ((MAXINTRS + 1) * 0x20) +@@ -1000,6 +1002,7 @@ static TRBType xhci_ring_fetch(XHCIState *xhci, XHCIRing *ring, XHCITRB *trb, + dma_addr_t *addr) + { + PCIDevice *pci_dev = PCI_DEVICE(xhci); ++ uint32_t link_cnt = 0; + + while (1) { + TRBType type; +@@ -1026,6 +1029,9 @@ static TRBType xhci_ring_fetch(XHCIState *xhci, XHCIRing *ring, XHCITRB *trb, + ring->dequeue += TRB_SIZE; + return type; + } else { ++ if (++link_cnt > TRB_LINK_LIMIT) { ++ return 0; ++ } + ring->dequeue = xhci_mask64(trb->parameter); + if (trb->control & TRB_LK_TC) { + ring->ccs = !ring->ccs; +@@ -1043,6 +1049,7 @@ static int xhci_ring_chain_length(XHCIState *xhci, const XHCIRing *ring) + bool ccs = ring->ccs; + /* hack to bundle together the two/three TDs that make a setup transfer */ + bool control_td_set = 0; ++ uint32_t link_cnt = 0; + + while (1) { + TRBType type; +@@ -1058,6 +1065,9 @@ static int xhci_ring_chain_length(XHCIState *xhci, const XHCIRing *ring) + type = TRB_TYPE(trb); + + if (type == TR_LINK) { ++ if (++link_cnt > TRB_LINK_LIMIT) { ++ return -length; ++ } + dequeue = xhci_mask64(trb.parameter); + if (trb.control & TRB_LK_TC) { + ccs = !ccs; +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-8577-9pfs-fix-potential-host-memory-leak-in-v9fs_read.patch b/debian/patches/extra/CVE-2016-8577-9pfs-fix-potential-host-memory-leak-in-v9fs_read.patch new file mode 100644 index 0000000..6583894 --- /dev/null +++ b/debian/patches/extra/CVE-2016-8577-9pfs-fix-potential-host-memory-leak-in-v9fs_read.patch @@ -0,0 +1,39 @@ +From 8794fc68736fda80d7191f100c03c960a5ef1224 Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Tue, 11 Oct 2016 09:27:45 +0200 +Subject: [PATCH 3/4] 9pfs: fix potential host memory leak in v9fs_read + +In 9pfs read dispatch function, it doesn't free two QEMUIOVector +object thus causing potential memory leak. This patch avoid this. + +Signed-off-by: Li Qiang +Signed-off-by: Greg Kurz +--- + hw/9pfs/9p.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c +index dfe293d..54e18a2 100644 +--- a/hw/9pfs/9p.c ++++ b/hw/9pfs/9p.c +@@ -1812,14 +1812,15 @@ static void v9fs_read(void *opaque) + if (len < 0) { + /* IO error return the error */ + err = len; +- goto out; ++ goto out_free_iovec; + } + } while (count < max_count && len > 0); + err = pdu_marshal(pdu, offset, "d", count); + if (err < 0) { +- goto out; ++ goto out_free_iovec; + } + err += offset + count; ++out_free_iovec: + qemu_iovec_destroy(&qiov); + qemu_iovec_destroy(&qiov_full); + } else if (fidp->fid_type == P9_FID_XATTR) { +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-8578-9pfs-allocate-space-for-guest-originated-empty-strin.patch b/debian/patches/extra/CVE-2016-8578-9pfs-allocate-space-for-guest-originated-empty-strin.patch new file mode 100644 index 0000000..3ba78c8 --- /dev/null +++ b/debian/patches/extra/CVE-2016-8578-9pfs-allocate-space-for-guest-originated-empty-strin.patch @@ -0,0 +1,58 @@ +From 630abd0c70f272b36361348e9ee7d6a71577b72f Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Tue, 11 Oct 2016 09:27:45 +0200 +Subject: [PATCH 4/4] 9pfs: allocate space for guest originated empty strings + +If a guest sends an empty string paramater to any 9P operation, the current +code unmarshals it into a V9fsString equal to { .size = 0, .data = NULL }. + +This is unfortunate because it can cause NULL pointer dereference to happen +at various locations in the 9pfs code. And we don't want to check str->data +everywhere we pass it to strcmp() or any other function which expects a +dereferenceable pointer. + +This patch enforces the allocation of genuine C empty strings instead, so +callers don't have to bother. + +Out of all v9fs_iov_vunmarshal() users, only v9fs_xattrwalk() checks if +the returned string is empty. It now uses v9fs_string_size() since +name.data cannot be NULL anymore. + +Signed-off-by: Li Qiang +[groug, rewritten title and changelog, + fix empty string check in v9fs_xattrwalk()] +Signed-off-by: Greg Kurz +--- + fsdev/9p-iov-marshal.c | 2 +- + hw/9pfs/9p.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/fsdev/9p-iov-marshal.c b/fsdev/9p-iov-marshal.c +index 663cad5..1d16f8d 100644 +--- a/fsdev/9p-iov-marshal.c ++++ b/fsdev/9p-iov-marshal.c +@@ -125,7 +125,7 @@ ssize_t v9fs_iov_vunmarshal(struct iovec *out_sg, int out_num, size_t offset, + str->data = g_malloc(str->size + 1); + copied = v9fs_unpack(str->data, out_sg, out_num, offset, + str->size); +- if (copied > 0) { ++ if (copied >= 0) { + str->data[str->size] = 0; + } else { + v9fs_string_free(str); +diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c +index 54e18a2..75ba5f1 100644 +--- a/hw/9pfs/9p.c ++++ b/hw/9pfs/9p.c +@@ -3161,7 +3161,7 @@ static void v9fs_xattrwalk(void *opaque) + goto out; + } + v9fs_path_copy(&xattr_fidp->path, &file_fidp->path); +- if (name.data == NULL) { ++ if (!v9fs_string_size(&name)) { + /* + * listxattr request. Get the size first + */ +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-8668-net-rocker-set-limit-to-DMA-buffer-size.patch b/debian/patches/extra/CVE-2016-8668-net-rocker-set-limit-to-DMA-buffer-size.patch new file mode 100644 index 0000000..be0743d --- /dev/null +++ b/debian/patches/extra/CVE-2016-8668-net-rocker-set-limit-to-DMA-buffer-size.patch @@ -0,0 +1,34 @@ +From 0d3ac427e34f12b1a33646d47ef3dc390a9b569d Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit +Date: Wed, 12 Oct 2016 14:40:55 +0530 +Subject: [PATCH 1/2] net: rocker: set limit to DMA buffer size + +Rocker network switch emulator has test registers to help debug +DMA operations. While testing host DMA access, a buffer address +is written to register 'TEST_DMA_ADDR' and its size is written to +register 'TEST_DMA_SIZE'. When performing TEST_DMA_CTRL_INVERT +test, if DMA buffer size was greater than 'INT_MAX', it leads to +an invalid buffer access. Limit the DMA buffer size to avoid it. + +Reported-by: Huawei PSIRT +Signed-off-by: Prasad J Pandit +--- + hw/net/rocker/rocker.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/net/rocker/rocker.c b/hw/net/rocker/rocker.c +index 30f2ce4..e9d215a 100644 +--- a/hw/net/rocker/rocker.c ++++ b/hw/net/rocker/rocker.c +@@ -860,7 +860,7 @@ static void rocker_io_writel(void *opaque, hwaddr addr, uint32_t val) + rocker_msix_irq(r, val); + break; + case ROCKER_TEST_DMA_SIZE: +- r->test_dma_size = val; ++ r->test_dma_size = val & 0xFFFF; + break; + case ROCKER_TEST_DMA_ADDR + 4: + r->test_dma_addr = ((uint64_t)val) << 32 | r->lower32; +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-8669-char-serial-check-divider-value-against-baud-base.patch b/debian/patches/extra/CVE-2016-8669-char-serial-check-divider-value-against-baud-base.patch new file mode 100644 index 0000000..4ccf213 --- /dev/null +++ b/debian/patches/extra/CVE-2016-8669-char-serial-check-divider-value-against-baud-base.patch @@ -0,0 +1,35 @@ +From 7e0ebfd13e55a706396197437f375692bbf75d15 Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit +Date: Wed, 12 Oct 2016 11:28:08 +0530 +Subject: [PATCH 2/2] char: serial: check divider value against baud base + +16550A UART device uses an oscillator to generate frequencies +(baud base), which decide communication speed. This speed could +be changed by dividing it by a divider. If the divider is +greater than the baud base, speed is set to zero, leading to a +divide by zero error. Add check to avoid it. + +Reported-by: Huawei PSIRT +Signed-off-by: Prasad J Pandit +--- + hw/char/serial.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/hw/char/serial.c b/hw/char/serial.c +index 3442f47..eec72b7 100644 +--- a/hw/char/serial.c ++++ b/hw/char/serial.c +@@ -153,8 +153,9 @@ static void serial_update_parameters(SerialState *s) + int speed, parity, data_bits, stop_bits, frame_size; + QEMUSerialSetParams ssp; + +- if (s->divider == 0) ++ if (s->divider == 0 || s->divider > s->baudbase) { + return; ++ } + + /* Start bit. */ + frame_size = 1; +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-8909-audio-intel-hda-check-stream-entry-count-during-tran.patch b/debian/patches/extra/CVE-2016-8909-audio-intel-hda-check-stream-entry-count-during-tran.patch new file mode 100644 index 0000000..d8102b3 --- /dev/null +++ b/debian/patches/extra/CVE-2016-8909-audio-intel-hda-check-stream-entry-count-during-tran.patch @@ -0,0 +1,39 @@ +From ad0e6e88e0432aa1e6c75f52a6b3b4bf463e2563 Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit +Date: Thu, 20 Oct 2016 13:10:24 +0530 +Subject: [PATCH 1/8] audio: intel-hda: check stream entry count during + transfer + +Intel HDA emulator uses stream of buffers during DMA data +transfers. Each entry has buffer length and buffer pointer +position, which are used to derive bytes to 'copy'. If this +length and buffer pointer were to be same, 'copy' could be +set to zero(0), leading to an infinite loop. Add check to +avoid it. + +Reported-by: Huawei PSIRT +Signed-off-by: Prasad J Pandit +Reviewed-by: Stefan Hajnoczi +Message-id: 1476949224-6865-1-git-send-email-ppandit@redhat.com +Signed-off-by: Gerd Hoffmann +--- + hw/audio/intel-hda.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/hw/audio/intel-hda.c b/hw/audio/intel-hda.c +index cd95340..537face 100644 +--- a/hw/audio/intel-hda.c ++++ b/hw/audio/intel-hda.c +@@ -416,7 +416,8 @@ static bool intel_hda_xfer(HDACodecDevice *dev, uint32_t stnr, bool output, + } + + left = len; +- while (left > 0) { ++ s = st->bentries; ++ while (left > 0 && s-- > 0) { + copy = left; + if (copy > st->bsize - st->lpib) + copy = st->bsize - st->lpib; +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-9101-net-eepro100-fix-memory-leak-in-device-uninit.patch b/debian/patches/extra/CVE-2016-9101-net-eepro100-fix-memory-leak-in-device-uninit.patch new file mode 100644 index 0000000..0ae895a --- /dev/null +++ b/debian/patches/extra/CVE-2016-9101-net-eepro100-fix-memory-leak-in-device-uninit.patch @@ -0,0 +1,30 @@ +From 1fab838b55ee7cc199b105d80de4a80f336231b3 Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Sat, 8 Oct 2016 05:07:25 -0700 +Subject: [PATCH 3/8] net: eepro100: fix memory leak in device uninit + +The exit dispatch of eepro100 network card device doesn't free +the 's->vmstate' field which was allocated in device realize thus +leading a host memory leak. This patch avoid this. + +Signed-off-by: Li Qiang +Signed-off-by: Jason Wang +--- + hw/net/eepro100.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/hw/net/eepro100.c b/hw/net/eepro100.c +index bab4dbf..4bf71f2 100644 +--- a/hw/net/eepro100.c ++++ b/hw/net/eepro100.c +@@ -1843,6 +1843,7 @@ static void pci_nic_uninit(PCIDevice *pci_dev) + EEPRO100State *s = DO_UPCAST(EEPRO100State, dev, pci_dev); + + vmstate_unregister(&pci_dev->qdev, s->vmstate, s); ++ g_free(s->vmstate); + eeprom93xx_free(&pci_dev->qdev, s->eeprom); + qemu_del_nic(s->nic); + } +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-9102-9pfs-fix-memory-leak-in-v9fs_xattrcreate.patch b/debian/patches/extra/CVE-2016-9102-9pfs-fix-memory-leak-in-v9fs_xattrcreate.patch new file mode 100644 index 0000000..cad4baf --- /dev/null +++ b/debian/patches/extra/CVE-2016-9102-9pfs-fix-memory-leak-in-v9fs_xattrcreate.patch @@ -0,0 +1,34 @@ +From f132108afabf074403afadf822ad2d2275d115cd Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Mon, 17 Oct 2016 14:13:58 +0200 +Subject: [PATCH 5/8] 9pfs: fix memory leak in v9fs_xattrcreate + +The 'fs.xattr.value' field in V9fsFidState object doesn't consider the +situation that this field has been allocated previously. Every time, it +will be allocated directly. This leads to a host memory leak issue if +the client sends another Txattrcreate message with the same fid number +before the fid from the previous time got clunked. + +Signed-off-by: Li Qiang +Reviewed-by: Greg Kurz +[groug, updated the changelog to indicate how the leak can occur] +Signed-off-by: Greg Kurz +--- + hw/9pfs/9p.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c +index 3becdd0..f5af4e3 100644 +--- a/hw/9pfs/9p.c ++++ b/hw/9pfs/9p.c +@@ -3269,6 +3269,7 @@ static void v9fs_xattrcreate(void *opaque) + xattr_fidp->fs.xattr.flags = flags; + v9fs_string_init(&xattr_fidp->fs.xattr.name); + v9fs_string_copy(&xattr_fidp->fs.xattr.name, &name); ++ g_free(xattr_fidp->fs.xattr.value); + xattr_fidp->fs.xattr.value = g_malloc0(size); + err = offset; + put_fid(pdu, file_fidp); +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-9103-9pfs-fix-information-leak-in-xattr-read.patch b/debian/patches/extra/CVE-2016-9103-9pfs-fix-information-leak-in-xattr-read.patch new file mode 100644 index 0000000..7d84422 --- /dev/null +++ b/debian/patches/extra/CVE-2016-9103-9pfs-fix-information-leak-in-xattr-read.patch @@ -0,0 +1,32 @@ +From 644566ea6fe2896b6b171797cfe6e7219939d968 Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Mon, 17 Oct 2016 14:13:58 +0200 +Subject: [PATCH 4/8] 9pfs: fix information leak in xattr read + +9pfs uses g_malloc() to allocate the xattr memory space, if the guest +reads this memory before writing to it, this will leak host heap memory +to the guest. This patch avoid this. + +Signed-off-by: Li Qiang +Reviewed-by: Greg Kurz +Signed-off-by: Greg Kurz +--- + hw/9pfs/9p.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c +index 75ba5f1..3becdd0 100644 +--- a/hw/9pfs/9p.c ++++ b/hw/9pfs/9p.c +@@ -3269,7 +3269,7 @@ static void v9fs_xattrcreate(void *opaque) + xattr_fidp->fs.xattr.flags = flags; + v9fs_string_init(&xattr_fidp->fs.xattr.name); + v9fs_string_copy(&xattr_fidp->fs.xattr.name, &name); +- xattr_fidp->fs.xattr.value = g_malloc(size); ++ xattr_fidp->fs.xattr.value = g_malloc0(size); + err = offset; + put_fid(pdu, file_fidp); + out_nofid: +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-9104-9pfs-fix-integer-overflow-issue-in-xattr-read-write.patch b/debian/patches/extra/CVE-2016-9104-9pfs-fix-integer-overflow-issue-in-xattr-read-write.patch new file mode 100644 index 0000000..eec6b2a --- /dev/null +++ b/debian/patches/extra/CVE-2016-9104-9pfs-fix-integer-overflow-issue-in-xattr-read-write.patch @@ -0,0 +1,92 @@ +From 86a37b0a0ed8f32db819782ca4a367712ece1453 Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Tue, 1 Nov 2016 12:00:40 +0100 +Subject: [PATCH 8/8] 9pfs: fix integer overflow issue in xattr read/write +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The v9fs_xattr_read() and v9fs_xattr_write() are passed a guest +originated offset: they must ensure this offset does not go beyond +the size of the extended attribute that was set in v9fs_xattrcreate(). +Unfortunately, the current code implement these checks with unsafe +calculations on 32 and 64 bit values, which may allow a malicious +guest to cause OOB access anyway. + +Fix this by comparing the offset and the xattr size, which are +both uint64_t, before trying to compute the effective number of bytes +to read or write. + +Suggested-by: Greg Kurz +Signed-off-by: Li Qiang +Reviewed-by: Greg Kurz +Reviewed-By: Guido Günther +Signed-off-by: Greg Kurz +--- + hw/9pfs/9p.c | 32 ++++++++++++-------------------- + 1 file changed, 12 insertions(+), 20 deletions(-) + +diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c +index af07846..fc4f2cd 100644 +--- a/hw/9pfs/9p.c ++++ b/hw/9pfs/9p.c +@@ -1628,20 +1628,17 @@ static int v9fs_xattr_read(V9fsState *s, V9fsPDU *pdu, V9fsFidState *fidp, + { + ssize_t err; + size_t offset = 7; +- int read_count; +- int64_t xattr_len; ++ uint64_t read_count; + V9fsVirtioState *v = container_of(s, V9fsVirtioState, state); + VirtQueueElement *elem = v->elems[pdu->idx]; + +- xattr_len = fidp->fs.xattr.len; +- read_count = xattr_len - off; ++ if (fidp->fs.xattr.len < off) { ++ read_count = 0; ++ } else { ++ read_count = fidp->fs.xattr.len - off; ++ } + if (read_count > max_count) { + read_count = max_count; +- } else if (read_count < 0) { +- /* +- * read beyond XATTR value +- */ +- read_count = 0; + } + err = pdu_marshal(pdu, offset, "d", read_count); + if (err < 0) { +@@ -1969,23 +1966,18 @@ static int v9fs_xattr_write(V9fsState *s, V9fsPDU *pdu, V9fsFidState *fidp, + { + int i, to_copy; + ssize_t err = 0; +- int write_count; +- int64_t xattr_len; ++ uint64_t write_count; + size_t offset = 7; + + +- xattr_len = fidp->fs.xattr.len; +- write_count = xattr_len - off; +- if (write_count > count) { +- write_count = count; +- } else if (write_count < 0) { +- /* +- * write beyond XATTR value len specified in +- * xattrcreate +- */ ++ if (fidp->fs.xattr.len < off) { + err = -ENOSPC; + goto out; + } ++ write_count = fidp->fs.xattr.len - off; ++ if (write_count > count) { ++ write_count = count; ++ } + err = pdu_marshal(pdu, offset, "d", write_count); + if (err < 0) { + return err; +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-9105-9pfs-fix-memory-leak-in-v9fs_link.patch b/debian/patches/extra/CVE-2016-9105-9pfs-fix-memory-leak-in-v9fs_link.patch new file mode 100644 index 0000000..9138249 --- /dev/null +++ b/debian/patches/extra/CVE-2016-9105-9pfs-fix-memory-leak-in-v9fs_link.patch @@ -0,0 +1,32 @@ +From 94979ec1a852871eaee150cb56f0e8cac4316e35 Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Mon, 17 Oct 2016 14:13:58 +0200 +Subject: [PATCH 6/8] 9pfs: fix memory leak in v9fs_link + +The v9fs_link() function keeps a reference on the source fid object. This +causes a memory leak since the reference never goes down to 0. This patch +fixes the issue. + +Signed-off-by: Li Qiang +Reviewed-by: Greg Kurz +[groug, rephrased the changelog] +Signed-off-by: Greg Kurz +--- + hw/9pfs/9p.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c +index f5af4e3..aa2b8c0 100644 +--- a/hw/9pfs/9p.c ++++ b/hw/9pfs/9p.c +@@ -2403,6 +2403,7 @@ static void v9fs_link(void *opaque) + if (!err) { + err = offset; + } ++ put_fid(pdu, oldfidp); + out: + put_fid(pdu, dfidp); + out_nofid: +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-9106-9pfs-fix-memory-leak-in-v9fs_write.patch b/debian/patches/extra/CVE-2016-9106-9pfs-fix-memory-leak-in-v9fs_write.patch new file mode 100644 index 0000000..3ee8b50 --- /dev/null +++ b/debian/patches/extra/CVE-2016-9106-9pfs-fix-memory-leak-in-v9fs_write.patch @@ -0,0 +1,33 @@ +From 2c5bcb2d5f32ffcf5064d3557e44836fa70700be Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Mon, 17 Oct 2016 14:13:58 +0200 +Subject: [PATCH 7/8] 9pfs: fix memory leak in v9fs_write + +If an error occurs when marshalling the transfer length to the guest, the +v9fs_write() function doesn't free an IO vector, thus leading to a memory +leak. This patch fixes the issue. + +Signed-off-by: Li Qiang +Reviewed-by: Greg Kurz +[groug, rephrased the changelog] +Signed-off-by: Greg Kurz +--- + hw/9pfs/9p.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c +index aa2b8c0..af07846 100644 +--- a/hw/9pfs/9p.c ++++ b/hw/9pfs/9p.c +@@ -2080,7 +2080,7 @@ static void v9fs_write(void *opaque) + offset = 7; + err = pdu_marshal(pdu, offset, "d", total); + if (err < 0) { +- goto out; ++ goto out_qiov; + } + err += offset; + trace_v9fs_write_return(pdu->tag, pdu->id, total, err); +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-9776-net-mcf-check-receive-buffer-size-register-value.patch b/debian/patches/extra/CVE-2016-9776-net-mcf-check-receive-buffer-size-register-value.patch new file mode 100644 index 0000000..85fa543 --- /dev/null +++ b/debian/patches/extra/CVE-2016-9776-net-mcf-check-receive-buffer-size-register-value.patch @@ -0,0 +1,34 @@ +From 2a4848046ad64db5cb1c1090565a28a5cb2c518e Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit +Date: Tue, 29 Nov 2016 00:38:39 +0530 +Subject: [PATCH 01/12] net: mcf: check receive buffer size register value + +ColdFire Fast Ethernet Controller uses a receive buffer size +register(EMRBR) to hold maximum size of all receive buffers. +It is set by a user before any operation. If it was set to be +zero, ColdFire emulator would go into an infinite loop while +receiving data in mcf_fec_receive. Add check to avoid it. + +Reported-by: Wjjzhang +Signed-off-by: Prasad J Pandit +Signed-off-by: Jason Wang +--- + hw/net/mcf_fec.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/net/mcf_fec.c b/hw/net/mcf_fec.c +index d31fea1..3d4b3b3 100644 +--- a/hw/net/mcf_fec.c ++++ b/hw/net/mcf_fec.c +@@ -393,7 +393,7 @@ static void mcf_fec_write(void *opaque, hwaddr addr, + s->tx_descriptor = s->etdsr; + break; + case 0x188: +- s->emrbr = value & 0x7f0; ++ s->emrbr = value > 0 ? value & 0x7F0 : 0x7F0; + break; + default: + hw_error("mcf_fec_write Bad address 0x%x\n", (int)addr); +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-9845-virtio-gpu-fix-information-leak-in-getting-capset-in.patch b/debian/patches/extra/CVE-2016-9845-virtio-gpu-fix-information-leak-in-getting-capset-in.patch new file mode 100644 index 0000000..8bec00a --- /dev/null +++ b/debian/patches/extra/CVE-2016-9845-virtio-gpu-fix-information-leak-in-getting-capset-in.patch @@ -0,0 +1,37 @@ +From 71ee39ea06cbcbd1971213aa1f3a9036c50b6a57 Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Tue, 1 Nov 2016 02:53:11 -0700 +Subject: [PATCH 02/12] virtio-gpu: fix information leak in getting capset info + dispatch +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +In virgl_cmd_get_capset_info dispatch function, the 'resp' hasn't +been full initialized before writing to the guest. This will leak +the 'resp.padding' and 'resp.hdr.padding' fieds to the guest. This +patch fix this issue. + +Signed-off-by: Li Qiang +Message-id: 5818661e.0860240a.77264.7a56@mx.google.com +Reviewed-by: Marc-André Lureau +Signed-off-by: Gerd Hoffmann +--- + hw/display/virtio-gpu-3d.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c +index 758d33a..23f39de 100644 +--- a/hw/display/virtio-gpu-3d.c ++++ b/hw/display/virtio-gpu-3d.c +@@ -347,6 +347,7 @@ static void virgl_cmd_get_capset_info(VirtIOGPU *g, + + VIRTIO_GPU_FILL_CMD(info); + ++ memset(&resp, 0, sizeof(resp)); + if (info.capset_index == 0) { + resp.capset_id = VIRTIO_GPU_CAPSET_VIRGL; + virgl_renderer_get_cap_set(resp.capset_id, +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-9846-virtio-gpu-fix-memory-leak-in-update_cursor_data_vir.patch b/debian/patches/extra/CVE-2016-9846-virtio-gpu-fix-memory-leak-in-update_cursor_data_vir.patch new file mode 100644 index 0000000..4ba5aa7 --- /dev/null +++ b/debian/patches/extra/CVE-2016-9846-virtio-gpu-fix-memory-leak-in-update_cursor_data_vir.patch @@ -0,0 +1,36 @@ +From 74a46afa58632277063ca4990cf0c954f342dd7d Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Tue, 1 Nov 2016 04:06:58 -0700 +Subject: [PATCH 03/12] virtio-gpu: fix memory leak in update_cursor_data_virgl +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +In update_cursor_data_virgl function, if the 'width'/ 'height' +is not equal to current cursor's width/height it will return +without free the 'data' allocated previously. This will lead +a memory leak issue. This patch fix this issue. + +Signed-off-by: Li Qiang +Message-id: 58187760.41d71c0a.cca75.4cb9@mx.google.com +Reviewed-by: Marc-André Lureau +Signed-off-by: Gerd Hoffmann +--- + hw/display/virtio-gpu.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c +index 5b6d17b..41f8096 100644 +--- a/hw/display/virtio-gpu.c ++++ b/hw/display/virtio-gpu.c +@@ -84,6 +84,7 @@ static void update_cursor_data_virgl(VirtIOGPU *g, + + if (width != s->current_cursor->width || + height != s->current_cursor->height) { ++ free(data); + return; + } + +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-9907-usbredir-free-vm_change_state_handler-in-usbredir-de.patch b/debian/patches/extra/CVE-2016-9907-usbredir-free-vm_change_state_handler-in-usbredir-de.patch new file mode 100644 index 0000000..39a5622 --- /dev/null +++ b/debian/patches/extra/CVE-2016-9907-usbredir-free-vm_change_state_handler-in-usbredir-de.patch @@ -0,0 +1,54 @@ +From 5bbb994dd062eb3950d67db3c6189dab0df7ec9b Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Mon, 7 Nov 2016 21:57:46 -0800 +Subject: [PATCH 04/12] usbredir: free vm_change_state_handler in usbredir + destroy dispatch +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +In usbredir destroy dispatch function, it doesn't free the vm change +state handler once registered in usbredir_realize function. This will +lead a memory leak issue. This patch avoid this. + +Signed-off-by: Li Qiang +Reviewed-by: Marc-André Lureau +Message-id: 58216976.d0236b0a.77b99.bcd6@mx.google.com +Signed-off-by: Gerd Hoffmann +--- + hw/usb/redirect.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c +index 444672a..42aeaa4 100644 +--- a/hw/usb/redirect.c ++++ b/hw/usb/redirect.c +@@ -132,6 +132,7 @@ struct USBRedirDevice { + struct usbredirfilter_rule *filter_rules; + int filter_rules_count; + int compatible_speedmask; ++ VMChangeStateEntry *vmstate; + }; + + #define TYPE_USB_REDIR "usb-redir" +@@ -1409,7 +1410,8 @@ static void usbredir_realize(USBDevice *udev, Error **errp) + qemu_chr_add_handlers(dev->cs, usbredir_chardev_can_read, + usbredir_chardev_read, usbredir_chardev_event, dev); + +- qemu_add_vm_change_state_handler(usbredir_vm_state_change, dev); ++ dev->vmstate = ++ qemu_add_vm_change_state_handler(usbredir_vm_state_change, dev); + } + + static void usbredir_cleanup_device_queues(USBRedirDevice *dev) +@@ -1446,6 +1448,7 @@ static void usbredir_handle_destroy(USBDevice *udev) + } + + free(dev->filter_rules); ++ qemu_del_vm_change_state_handler(dev->vmstate); + } + + static int usbredir_check_filter(USBRedirDevice *dev) +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-9908-virtio-gpu-fix-information-leak-in-capset-get-dispat.patch b/debian/patches/extra/CVE-2016-9908-virtio-gpu-fix-information-leak-in-capset-get-dispat.patch new file mode 100644 index 0000000..7fe0533 --- /dev/null +++ b/debian/patches/extra/CVE-2016-9908-virtio-gpu-fix-information-leak-in-capset-get-dispat.patch @@ -0,0 +1,31 @@ +From bde803ceb42d6bddc06a1881c00acdf203214772 Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Tue, 1 Nov 2016 05:37:57 -0700 +Subject: [PATCH 10/12] virtio-gpu: fix information leak in capset get dispatch + +In virgl_cmd_get_capset function, it uses g_malloc to allocate +a response struct to the guest. As the 'resp'struct hasn't been full +initialized it will lead the 'resp->padding' field to the guest. +Use g_malloc0 to avoid this. + +Signed-off-by: Li Qiang +--- + hw/display/virtio-gpu-3d.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c +index 23f39de..d98b140 100644 +--- a/hw/display/virtio-gpu-3d.c ++++ b/hw/display/virtio-gpu-3d.c +@@ -371,7 +371,7 @@ static void virgl_cmd_get_capset(VirtIOGPU *g, + + virgl_renderer_get_cap_set(gc.capset_id, &max_ver, + &max_size); +- resp = g_malloc(sizeof(*resp) + max_size); ++ resp = g_malloc0(sizeof(*resp) + max_size); + + resp->hdr.type = VIRTIO_GPU_RESP_OK_CAPSET; + virgl_renderer_fill_caps(gc.capset_id, +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-9911-usb-ehci-fix-memory-leak-in-ehci_init_transfer.patch b/debian/patches/extra/CVE-2016-9911-usb-ehci-fix-memory-leak-in-ehci_init_transfer.patch new file mode 100644 index 0000000..fbe7cd5 --- /dev/null +++ b/debian/patches/extra/CVE-2016-9911-usb-ehci-fix-memory-leak-in-ehci_init_transfer.patch @@ -0,0 +1,31 @@ +From 824f78bb0135cff4cb29e26c3de1cb4c2da35b46 Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Tue, 8 Nov 2016 04:11:10 -0800 +Subject: [PATCH 05/12] usb: ehci: fix memory leak in ehci_init_transfer + +In ehci_init_transfer function, if the 'cpage' is bigger than 4, +it doesn't free the 'p->sgl' once allocated previously thus leading +a memory leak issue. This patch avoid this. + +Signed-off-by: Li Qiang +Message-id: 5821c0f4.091c6b0a.e0c92.e811@mx.google.com +Signed-off-by: Gerd Hoffmann +--- + hw/usb/hcd-ehci.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c +index f4ece9a..7622a3a 100644 +--- a/hw/usb/hcd-ehci.c ++++ b/hw/usb/hcd-ehci.c +@@ -1190,6 +1190,7 @@ static int ehci_init_transfer(EHCIPacket *p) + while (bytes > 0) { + if (cpage > 4) { + fprintf(stderr, "cpage out of range (%d)\n", cpage); ++ qemu_sglist_destroy(&p->sgl); + return -1; + } + +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-9912-virtio-gpu-call-cleanup-mapping-function-in-resource.patch b/debian/patches/extra/CVE-2016-9912-virtio-gpu-call-cleanup-mapping-function-in-resource.patch new file mode 100644 index 0000000..94f51c8 --- /dev/null +++ b/debian/patches/extra/CVE-2016-9912-virtio-gpu-call-cleanup-mapping-function-in-resource.patch @@ -0,0 +1,39 @@ +From efc44f269fe72bab2c496f21809f6bef20d9c398 Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Mon, 28 Nov 2016 21:29:25 -0500 +Subject: [PATCH 11/12] virtio-gpu: call cleanup mapping function in resource + destroy + +If the guest destroy the resource before detach banking, the 'iov' +and 'addrs' field in resource is not freed thus leading memory +leak issue. This patch avoid this. + +Signed-off-by: Li Qiang +--- + hw/display/virtio-gpu.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c +index 41f8096..8903dee 100644 +--- a/hw/display/virtio-gpu.c ++++ b/hw/display/virtio-gpu.c +@@ -28,6 +28,8 @@ + static struct virtio_gpu_simple_resource* + virtio_gpu_find_resource(VirtIOGPU *g, uint32_t resource_id); + ++static void virtio_gpu_cleanup_mapping(struct virtio_gpu_simple_resource *res); ++ + #ifdef CONFIG_VIRGL + #include + #define VIRGL(_g, _virgl, _simple, ...) \ +@@ -359,6 +361,7 @@ static void virtio_gpu_resource_destroy(VirtIOGPU *g, + struct virtio_gpu_simple_resource *res) + { + pixman_image_unref(res->image); ++ virtio_gpu_cleanup_mapping(res); + QTAILQ_REMOVE(&g->reslist, res, next); + g_free(res); + } +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-9913-9pfs-adjust-the-order-of-resource-cleanup-in-device-.patch b/debian/patches/extra/CVE-2016-9913-9pfs-adjust-the-order-of-resource-cleanup-in-device-.patch new file mode 100644 index 0000000..9db7466 --- /dev/null +++ b/debian/patches/extra/CVE-2016-9913-9pfs-adjust-the-order-of-resource-cleanup-in-device-.patch @@ -0,0 +1,43 @@ +From 9be364d4b3bc173103bec0dc76259f40d232eb88 Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Wed, 23 Nov 2016 13:53:34 +0100 +Subject: [PATCH 06/12] 9pfs: adjust the order of resource cleanup in device + unrealize + +Unrealize should undo things that were set during realize in +reverse order. So should do in the error path in realize. + +Signed-off-by: Li Qiang +Reviewed-by: Greg Kurz +Signed-off-by: Greg Kurz +--- + hw/9pfs/9p.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c +index fc4f2cd..ced7b4c 100644 +--- a/hw/9pfs/9p.c ++++ b/hw/9pfs/9p.c +@@ -3490,8 +3490,8 @@ int v9fs_device_realize_common(V9fsState *s, Error **errp) + rc = 0; + out: + if (rc) { +- g_free(s->ctx.fs_root); + g_free(s->tag); ++ g_free(s->ctx.fs_root); + v9fs_path_free(&path); + } + return rc; +@@ -3499,8 +3499,8 @@ out: + + void v9fs_device_unrealize_common(V9fsState *s, Error **errp) + { +- g_free(s->ctx.fs_root); + g_free(s->tag); ++ g_free(s->ctx.fs_root); + } + + static void __attribute__((__constructor__)) v9fs_set_fd_limit(void) +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-9914-9pfs-add-cleanup-operation-in-FileOperations.patch b/debian/patches/extra/CVE-2016-9914-9pfs-add-cleanup-operation-in-FileOperations.patch new file mode 100644 index 0000000..c6fc38d --- /dev/null +++ b/debian/patches/extra/CVE-2016-9914-9pfs-add-cleanup-operation-in-FileOperations.patch @@ -0,0 +1,56 @@ +From f2ef9ae2a512fca1df0d56c226adc24ddf002b8b Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Wed, 23 Nov 2016 13:53:34 +0100 +Subject: [PATCH 07/12] 9pfs: add cleanup operation in FileOperations + +Currently, the backend of VirtFS doesn't have a cleanup +function. This will lead resource leak issues if the backed +driver allocates resources. This patch addresses this issue. + +Signed-off-by: Li Qiang +Reviewed-by: Greg Kurz +Signed-off-by: Greg Kurz +--- + fsdev/file-op-9p.h | 1 + + hw/9pfs/9p.c | 6 ++++++ + 2 files changed, 7 insertions(+) + +diff --git a/fsdev/file-op-9p.h b/fsdev/file-op-9p.h +index 6db9fea..a56dc84 100644 +--- a/fsdev/file-op-9p.h ++++ b/fsdev/file-op-9p.h +@@ -100,6 +100,7 @@ struct FileOperations + { + int (*parse_opts)(QemuOpts *, struct FsDriverEntry *); + int (*init)(struct FsContext *); ++ void (*cleanup)(struct FsContext *); + int (*lstat)(FsContext *, V9fsPath *, struct stat *); + ssize_t (*readlink)(FsContext *, V9fsPath *, char *, size_t); + int (*chmod)(FsContext *, V9fsPath *, FsCred *); +diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c +index ced7b4c..f2a90d4 100644 +--- a/hw/9pfs/9p.c ++++ b/hw/9pfs/9p.c +@@ -3490,6 +3490,9 @@ int v9fs_device_realize_common(V9fsState *s, Error **errp) + rc = 0; + out: + if (rc) { ++ if (s->ops->cleanup && s->ctx.private) { ++ s->ops->cleanup(&s->ctx); ++ } + g_free(s->tag); + g_free(s->ctx.fs_root); + v9fs_path_free(&path); +@@ -3499,6 +3502,9 @@ out: + + void v9fs_device_unrealize_common(V9fsState *s, Error **errp) + { ++ if (s->ops->cleanup) { ++ s->ops->cleanup(&s->ctx); ++ } + g_free(s->tag); + g_free(s->ctx.fs_root); + } +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-9915-9pfs-add-cleanup-operation-for-handle-backend-driver.patch b/debian/patches/extra/CVE-2016-9915-9pfs-add-cleanup-operation-for-handle-backend-driver.patch new file mode 100644 index 0000000..cc78623 --- /dev/null +++ b/debian/patches/extra/CVE-2016-9915-9pfs-add-cleanup-operation-for-handle-backend-driver.patch @@ -0,0 +1,47 @@ +From 4196726e44c437793294af15d95e53164cf9a02d Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Wed, 23 Nov 2016 13:53:34 +0100 +Subject: [PATCH 08/12] 9pfs: add cleanup operation for handle backend driver + +In the init operation of handle backend dirver, it allocates a +handle_data struct and opens a mount file. We should free these +resources when the 9pfs device is unrealized. This is what this +patch does. + +Signed-off-by: Li Qiang +Reviewed-by: Greg Kurz +Signed-off-by: Greg Kurz +--- + hw/9pfs/9p-handle.c | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/hw/9pfs/9p-handle.c b/hw/9pfs/9p-handle.c +index 3d77594..1687661 100644 +--- a/hw/9pfs/9p-handle.c ++++ b/hw/9pfs/9p-handle.c +@@ -649,6 +649,14 @@ out: + return ret; + } + ++static void handle_cleanup(FsContext *ctx) ++{ ++ struct handle_data *data = ctx->private; ++ ++ close(data->mountfd); ++ g_free(data); ++} ++ + static int handle_parse_opts(QemuOpts *opts, struct FsDriverEntry *fse) + { + const char *sec_model = qemu_opt_get(opts, "security_model"); +@@ -671,6 +679,7 @@ static int handle_parse_opts(QemuOpts *opts, struct FsDriverEntry *fse) + FileOperations handle_ops = { + .parse_opts = handle_parse_opts, + .init = handle_init, ++ .cleanup = handle_cleanup, + .lstat = handle_lstat, + .readlink = handle_readlink, + .close = handle_close, +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-9916-9pfs-add-cleanup-operation-for-proxy-backend-driver.patch b/debian/patches/extra/CVE-2016-9916-9pfs-add-cleanup-operation-for-proxy-backend-driver.patch new file mode 100644 index 0000000..78c49cb --- /dev/null +++ b/debian/patches/extra/CVE-2016-9916-9pfs-add-cleanup-operation-for-proxy-backend-driver.patch @@ -0,0 +1,47 @@ +From ae9b5c9dae96dd8d3bdf9bb6b9a0f7a2d6f532f7 Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Wed, 23 Nov 2016 13:53:34 +0100 +Subject: [PATCH 09/12] 9pfs: add cleanup operation for proxy backend driver + +In the init operation of proxy backend dirver, it allocates a +V9fsProxy struct and some other resources. We should free these +resources when the 9pfs device is unrealized. This is what this +patch does. + +Signed-off-by: Li Qiang +Reviewed-by: Greg Kurz +Signed-off-by: Greg Kurz +--- + hw/9pfs/9p-proxy.c | 13 +++++++++++++ + 1 file changed, 13 insertions(+) + +diff --git a/hw/9pfs/9p-proxy.c b/hw/9pfs/9p-proxy.c +index f265501..336e9fe 100644 +--- a/hw/9pfs/9p-proxy.c ++++ b/hw/9pfs/9p-proxy.c +@@ -1179,9 +1179,22 @@ static int proxy_init(FsContext *ctx) + return 0; + } + ++static void proxy_cleanup(FsContext *ctx) ++{ ++ V9fsProxy *proxy = ctx->private; ++ ++ g_free(proxy->out_iovec.iov_base); ++ g_free(proxy->in_iovec.iov_base); ++ if (ctx->export_flags & V9FS_PROXY_SOCK_NAME) { ++ close(proxy->sockfd); ++ } ++ g_free(proxy); ++} ++ + FileOperations proxy_ops = { + .parse_opts = proxy_parse_opts, + .init = proxy_init, ++ .cleanup = proxy_cleanup, + .lstat = proxy_lstat, + .readlink = proxy_readlink, + .close = proxy_close, +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2016-9921-display-cirrus-check-vga-bits-per-pixel-bpp-value.patch b/debian/patches/extra/CVE-2016-9921-display-cirrus-check-vga-bits-per-pixel-bpp-value.patch new file mode 100644 index 0000000..acaeb95 --- /dev/null +++ b/debian/patches/extra/CVE-2016-9921-display-cirrus-check-vga-bits-per-pixel-bpp-value.patch @@ -0,0 +1,81 @@ +From 9ec3cbedab41f93d2fbf742f2ca6705c2d68c3e1 Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit +Date: Tue, 18 Oct 2016 13:15:17 +0530 +Subject: [PATCH 12/12] display: cirrus: check vga bits per pixel(bpp) value + +In Cirrus CLGD 54xx VGA Emulator, if cirrus graphics mode is VGA, +'cirrus_get_bpp' returns zero(0), which could lead to a divide +by zero error in while copying pixel data. The same could occur +via blit pitch values. Add check to avoid it. + +Reported-by: Huawei PSIRT +Signed-off-by: Prasad J Pandit +Message-id: 1476776717-24807-1-git-send-email-ppandit@redhat.com +Signed-off-by: Gerd Hoffmann +--- + +Notes: + CVE-2016-9921 + CVE-2016-9922 + + hw/display/cirrus_vga.c | 14 ++++++++++---- + 1 file changed, 10 insertions(+), 4 deletions(-) + +diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c +index 3d712d5..bdb092e 100644 +--- a/hw/display/cirrus_vga.c ++++ b/hw/display/cirrus_vga.c +@@ -272,6 +272,9 @@ static void cirrus_update_memory_access(CirrusVGAState *s); + static bool blit_region_is_unsafe(struct CirrusVGAState *s, + int32_t pitch, int32_t addr) + { ++ if (!pitch) { ++ return true; ++ } + if (pitch < 0) { + int64_t min = addr + + ((int64_t)s->cirrus_blt_height-1) * pitch; +@@ -715,7 +718,7 @@ static int cirrus_bitblt_videotovideo_patterncopy(CirrusVGAState * s) + s->cirrus_addr_mask)); + } + +-static void cirrus_do_copy(CirrusVGAState *s, int dst, int src, int w, int h) ++static int cirrus_do_copy(CirrusVGAState *s, int dst, int src, int w, int h) + { + int sx = 0, sy = 0; + int dx = 0, dy = 0; +@@ -729,6 +732,9 @@ static void cirrus_do_copy(CirrusVGAState *s, int dst, int src, int w, int h) + int width, height; + + depth = s->vga.get_bpp(&s->vga) / 8; ++ if (!depth) { ++ return 0; ++ } + s->vga.get_resolution(&s->vga, &width, &height); + + /* extra x, y */ +@@ -783,6 +789,8 @@ static void cirrus_do_copy(CirrusVGAState *s, int dst, int src, int w, int h) + cirrus_invalidate_region(s, s->cirrus_blt_dstaddr, + s->cirrus_blt_dstpitch, s->cirrus_blt_width, + s->cirrus_blt_height); ++ ++ return 1; + } + + static int cirrus_bitblt_videotovideo_copy(CirrusVGAState * s) +@@ -790,11 +798,9 @@ static int cirrus_bitblt_videotovideo_copy(CirrusVGAState * s) + if (blit_is_unsafe(s)) + return 0; + +- cirrus_do_copy(s, s->cirrus_blt_dstaddr - s->vga.start_addr, ++ return cirrus_do_copy(s, s->cirrus_blt_dstaddr - s->vga.start_addr, + s->cirrus_blt_srcaddr - s->vga.start_addr, + s->cirrus_blt_width, s->cirrus_blt_height); +- +- return 1; + } + + /*************************************** +-- +2.1.4 + diff --git a/debian/patches/extra/CVE-2017-2620_cirrus_add_blit_is_unsafe_call_to_cirrus_bitblt_cputovideo.patch b/debian/patches/extra/CVE-2017-2620_cirrus_add_blit_is_unsafe_call_to_cirrus_bitblt_cputovideo.patch new file mode 100644 index 0000000..36f1158 --- /dev/null +++ b/debian/patches/extra/CVE-2017-2620_cirrus_add_blit_is_unsafe_call_to_cirrus_bitblt_cputovideo.patch @@ -0,0 +1,52 @@ +From d775c497a84a5c4be3f15cca85ca8440dd5880a0 Mon Sep 17 00:00:00 2001 +From: Gerd Hoffmann +Date: Wed, 22 Feb 2017 13:42:31 +0100 +Subject: [PATCH qemu] cirrus: add blit_is_unsafe call to + cirrus_bitblt_cputovideo (CVE-2017-2620) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +CIRRUS_BLTMODE_MEMSYSSRC blits do NOT check blit destination +and blit width, at all. Oops. Fix it. + +Security impact: high. + +The missing blit destination check allows to write to host memory. +Basically same as CVE-2014-8106 for the other blit variants. + +Signed-off-by: Gerd Hoffmann +Message-id: 1487679663-3264-1-git-send-email-kraxel@redhat.com +--- + hw/display/cirrus_vga.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c +index 1deb520..b9e7cb1 100644 +--- a/hw/display/cirrus_vga.c ++++ b/hw/display/cirrus_vga.c +@@ -900,6 +900,10 @@ static int cirrus_bitblt_cputovideo(CirrusVGAState * s) + { + int w; + ++ if (blit_is_unsafe(s, true)) { ++ return 0; ++ } ++ + s->cirrus_blt_mode &= ~CIRRUS_BLTMODE_MEMSYSSRC; + s->cirrus_srcptr = &s->cirrus_bltbuf[0]; + s->cirrus_srcptr_end = &s->cirrus_bltbuf[0]; +@@ -925,6 +929,10 @@ static int cirrus_bitblt_cputovideo(CirrusVGAState * s) + } + s->cirrus_srccounter = s->cirrus_blt_srcpitch * s->cirrus_blt_height; + } ++ ++ /* the blit_is_unsafe call above should catch this */ ++ assert(s->cirrus_blt_srcpitch <= CIRRUS_BLTBUFSIZE); ++ + s->cirrus_srcptr = s->cirrus_bltbuf; + s->cirrus_srcptr_end = s->cirrus_bltbuf + s->cirrus_blt_srcpitch; + cirrus_update_memory_access(s); +-- +2.1.4 + diff --git a/debian/patches/extra/x86-lapic-Load-LAPIC-state-at-post_load.patch b/debian/patches/extra/x86-lapic-Load-LAPIC-state-at-post_load.patch new file mode 100644 index 0000000..2f77865 --- /dev/null +++ b/debian/patches/extra/x86-lapic-Load-LAPIC-state-at-post_load.patch @@ -0,0 +1,133 @@ +From 385c66564aad5fbbe303e0d2ee5e8ffd9c10bc23 Mon Sep 17 00:00:00 2001 +From: "Dr. David Alan Gilbert" +Date: Mon, 12 Sep 2016 18:18:35 +0100 +Subject: [PATCH 04/36] x86/lapic: Load LAPIC state at post_load + +Load the LAPIC state during post_load (rather than when the CPU +starts). + +This allows an interrupt to be delivered from the ioapic to +the lapic prior to cpu loading, in particular the RTC that starts +ticking as soon as we load it's state. + +Fixes a case where Windows hangs after migration due to RTC interrupts +disappearing. + +Signed-off-by: Dr. David Alan Gilbert +Suggested-by: Paolo Bonzini +Signed-off-by: Paolo Bonzini +--- + hw/i386/kvm/apic.c | 26 ++++++++++++++++++++++++-- + include/sysemu/kvm.h | 1 - + target-i386/kvm.c | 17 ----------------- + 3 files changed, 24 insertions(+), 20 deletions(-) + +diff --git a/hw/i386/kvm/apic.c b/hw/i386/kvm/apic.c +index 2bd0de8..feb0002 100644 +--- a/hw/i386/kvm/apic.c ++++ b/hw/i386/kvm/apic.c +@@ -28,9 +28,8 @@ static inline uint32_t kvm_apic_get_reg(struct kvm_lapic_state *kapic, + return *((uint32_t *)(kapic->regs + (reg_id << 4))); + } + +-void kvm_put_apic_state(DeviceState *dev, struct kvm_lapic_state *kapic) ++static void kvm_put_apic_state(APICCommonState *s, struct kvm_lapic_state *kapic) + { +- APICCommonState *s = APIC_COMMON(dev); + int i; + + memset(kapic, 0, sizeof(*kapic)); +@@ -125,6 +124,26 @@ static void kvm_apic_vapic_base_update(APICCommonState *s) + } + } + ++static void kvm_apic_put(void *data) ++{ ++ APICCommonState *s = data; ++ struct kvm_lapic_state kapic; ++ int ret; ++ ++ kvm_put_apic_state(s, &kapic); ++ ++ ret = kvm_vcpu_ioctl(CPU(s->cpu), KVM_SET_LAPIC, &kapic); ++ if (ret < 0) { ++ fprintf(stderr, "KVM_SET_LAPIC failed: %s\n", strerror(ret)); ++ abort(); ++ } ++} ++ ++static void kvm_apic_post_load(APICCommonState *s) ++{ ++ run_on_cpu(CPU(s->cpu), kvm_apic_put, s); ++} ++ + static void do_inject_external_nmi(void *data) + { + APICCommonState *s = data; +@@ -178,6 +197,8 @@ static void kvm_apic_reset(APICCommonState *s) + { + /* Not used by KVM, which uses the CPU mp_state instead. */ + s->wait_for_sipi = 0; ++ ++ run_on_cpu(CPU(s->cpu), kvm_apic_put, s); + } + + static void kvm_apic_realize(DeviceState *dev, Error **errp) +@@ -206,6 +227,7 @@ static void kvm_apic_class_init(ObjectClass *klass, void *data) + k->set_base = kvm_apic_set_base; + k->set_tpr = kvm_apic_set_tpr; + k->get_tpr = kvm_apic_get_tpr; ++ k->post_load = kvm_apic_post_load; + k->enable_tpr_reporting = kvm_apic_enable_tpr_reporting; + k->vapic_base_update = kvm_apic_vapic_base_update; + k->external_nmi = kvm_apic_external_nmi; +diff --git a/include/sysemu/kvm.h b/include/sysemu/kvm.h +index c9c2436..ae5d81b 100644 +--- a/include/sysemu/kvm.h ++++ b/include/sysemu/kvm.h +@@ -372,7 +372,6 @@ int kvm_irqchip_send_msi(KVMState *s, MSIMessage msg); + + void kvm_irqchip_add_irq_route(KVMState *s, int gsi, int irqchip, int pin); + +-void kvm_put_apic_state(DeviceState *d, struct kvm_lapic_state *kapic); + void kvm_get_apic_state(DeviceState *d, struct kvm_lapic_state *kapic); + + struct kvm_guest_debug; +diff --git a/target-i386/kvm.c b/target-i386/kvm.c +index d1a25c5..f1ad805 100644 +--- a/target-i386/kvm.c ++++ b/target-i386/kvm.c +@@ -2416,19 +2416,6 @@ static int kvm_get_apic(X86CPU *cpu) + return 0; + } + +-static int kvm_put_apic(X86CPU *cpu) +-{ +- DeviceState *apic = cpu->apic_state; +- struct kvm_lapic_state kapic; +- +- if (apic && kvm_irqchip_in_kernel()) { +- kvm_put_apic_state(apic, &kapic); +- +- return kvm_vcpu_ioctl(CPU(cpu), KVM_SET_LAPIC, &kapic); +- } +- return 0; +-} +- + static int kvm_put_vcpu_events(X86CPU *cpu, int level) + { + CPUState *cs = CPU(cpu); +@@ -2670,10 +2657,6 @@ int kvm_arch_put_registers(CPUState *cpu, int level) + if (ret < 0) { + return ret; + } +- ret = kvm_put_apic(x86_cpu); +- if (ret < 0) { +- return ret; +- } + } + + ret = kvm_put_tscdeadline_msr(x86_cpu); +-- +2.1.4 + diff --git a/debian/patches/pve/0001-fr-ca-keymap-corrections.patch b/debian/patches/pve/0001-fr-ca-keymap-corrections.patch new file mode 100644 index 0000000..3fe1bb1 --- /dev/null +++ b/debian/patches/pve/0001-fr-ca-keymap-corrections.patch @@ -0,0 +1,48 @@ +From 109c1a773ac37b2dc3d9781ce203a804d3e77651 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 14:15:49 +0100 +Subject: [PATCH 01/47] fr-ca keymap corrections + +--- + pc-bios/keymaps/fr-ca | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/pc-bios/keymaps/fr-ca b/pc-bios/keymaps/fr-ca +index b645208..9291240 100644 +--- a/pc-bios/keymaps/fr-ca ++++ b/pc-bios/keymaps/fr-ca +@@ -14,22 +14,31 @@ bar 0x29 shift + twosuperior 0x9 altgr + threesuperior 0xa altgr + onequarter 0xb altgr ++minus 0x0c + onehalf 0xc altgr ++equal 0xd + threequarters 0xd altgr + section 0x18 altgr + paragraph 0x19 altgr + bracketleft 0x1a altgr + bracketright 0x1b altgr ++semicolon 0x27 ++colon 0x27 shift + asciitilde 0x27 altgr + braceleft 0x28 altgr ++numbersign 0x29 + braceright 0x2b altgr + less 0x2b + greater 0x2b shift + guillemotleft 0x56 + guillemotright 0x56 shift + degree 0x56 altgr ++comma 0x33 + mu 0x32 altgr ++apostrophe 0x33 shift ++period 0x34 shift + eacute 0x35 ++Eacute 0x35 shift + dead_acute 0x35 altgr + dead_grave 0x28 + dead_circumflex 0x1a +-- +2.1.4 + diff --git a/debian/patches/pve/0002-Adjust-network-script-path-to-etc-kvm.patch b/debian/patches/pve/0002-Adjust-network-script-path-to-etc-kvm.patch new file mode 100644 index 0000000..4272294 --- /dev/null +++ b/debian/patches/pve/0002-Adjust-network-script-path-to-etc-kvm.patch @@ -0,0 +1,28 @@ +From 1dfa1a8df7b065e15639d078c0f137f2dec7c3fa Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 14:16:49 +0100 +Subject: [PATCH 02/47] Adjust network script path to /etc/kvm/ + +--- + include/net/net.h | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/include/net/net.h b/include/net/net.h +index e8d9e9e..375e81d 100644 +--- a/include/net/net.h ++++ b/include/net/net.h +@@ -216,8 +216,9 @@ void qmp_netdev_add(QDict *qdict, QObject **ret, Error **errp); + int net_hub_id_for_client(NetClientState *nc, int *id); + NetClientState *net_hub_port_find(int hub_id); + +-#define DEFAULT_NETWORK_SCRIPT "/etc/qemu-ifup" +-#define DEFAULT_NETWORK_DOWN_SCRIPT "/etc/qemu-ifdown" ++#define DEFAULT_NETWORK_SCRIPT "/etc/kvm/kvm-ifup" ++#define DEFAULT_NETWORK_DOWN_SCRIPT "/etc/kvm/kvm-ifdown" ++ + #define DEFAULT_BRIDGE_HELPER CONFIG_QEMU_HELPERDIR "/qemu-bridge-helper" + #define DEFAULT_BRIDGE_INTERFACE "br0" + +-- +2.1.4 + diff --git a/debian/patches/pve/0003-vnc-altgr-emulation.patch b/debian/patches/pve/0003-vnc-altgr-emulation.patch new file mode 100644 index 0000000..272e74f --- /dev/null +++ b/debian/patches/pve/0003-vnc-altgr-emulation.patch @@ -0,0 +1,65 @@ +From cf2ef62fc7d4ff7e64eed5a01e499c91b62121b9 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 14:17:38 +0100 +Subject: [PATCH 03/47] vnc: altgr emulation + +--- + ui/vnc.c | 26 +++++++++++++++++++++++++- + 1 file changed, 25 insertions(+), 1 deletion(-) + +diff --git a/ui/vnc.c b/ui/vnc.c +index 76a3273..b9f36b5 100644 +--- a/ui/vnc.c ++++ b/ui/vnc.c +@@ -1733,6 +1733,10 @@ static void kbd_leds(void *opaque, int ledstate) + + static void do_key_event(VncState *vs, int down, int keycode, int sym) + { ++ int mods = keycode & 0xf00; ++ ++ keycode &= SCANCODE_KEYMASK; ++ + /* QEMU console switch */ + switch(keycode) { + case 0x2a: /* Left Shift */ +@@ -1813,8 +1817,27 @@ static void do_key_event(VncState *vs, int down, int keycode, int sym) + } + + if (qemu_console_is_graphic(NULL)) { ++ ++ /* our java vnc client never sends ALTGR, so we create ++ an artificial up/down event */ ++ ++ int emul_altgr = (mods & SCANCODE_ALTGR) && ++ !vs->modifiers_state[0xb8]; ++ ++ if (emul_altgr) { ++ reset_keys(vs); ++ qemu_input_event_send_key_number(vs->vd->dcl.con, 0xb8, true); ++ qemu_input_event_send_key_delay(vs->vd->key_delay_ms); ++ } ++ + qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, down); + qemu_input_event_send_key_delay(vs->vd->key_delay_ms); ++ ++ if (emul_altgr) { ++ qemu_input_event_send_key_number(vs->vd->dcl.con, 0xb8, false); ++ qemu_input_event_send_key_delay(vs->vd->key_delay_ms); ++ } ++ + } else { + bool numlock = vs->modifiers_state[0x45]; + bool control = (vs->modifiers_state[0x1d] || +@@ -1954,7 +1977,8 @@ static void key_event(VncState *vs, int down, uint32_t sym) + lsym = lsym - 'A' + 'a'; + } + +- keycode = keysym2scancode(vs->vd->kbd_layout, lsym & 0xFFFF) & SCANCODE_KEYMASK; ++ keycode = keysym2scancode(vs->vd->kbd_layout, lsym & 0xFFFF); ++ + trace_vnc_key_event_map(down, sym, keycode, code2name(keycode)); + do_key_event(vs, down, keycode, sym); + } +-- +2.1.4 + diff --git a/debian/patches/pve/0004-qemu-img-return-success-on-info-without-snapshots.patch b/debian/patches/pve/0004-qemu-img-return-success-on-info-without-snapshots.patch new file mode 100644 index 0000000..b56797f --- /dev/null +++ b/debian/patches/pve/0004-qemu-img-return-success-on-info-without-snapshots.patch @@ -0,0 +1,26 @@ +From baf469b28e3f1bfd5b03e449ffcd8f41c80a5387 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 14:18:46 +0100 +Subject: [PATCH 04/47] qemu-img: return success on info without snapshots + +--- + qemu-img.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/qemu-img.c b/qemu-img.c +index f204d041..99be68f 100644 +--- a/qemu-img.c ++++ b/qemu-img.c +@@ -2389,7 +2389,8 @@ static int img_info(int argc, char **argv) + + list = collect_image_info_list(image_opts, filename, fmt, chain); + if (!list) { +- return 1; ++ // return success if snapshot does not exists ++ return 0; + } + + switch (output_format) { +-- +2.1.4 + diff --git a/debian/patches/pve/0005-use-kvm-by-default.patch b/debian/patches/pve/0005-use-kvm-by-default.patch new file mode 100644 index 0000000..ff48982 --- /dev/null +++ b/debian/patches/pve/0005-use-kvm-by-default.patch @@ -0,0 +1,27 @@ +From c5405c552945f19b36ecc748a2a0e0ec14dff31e Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 14:27:05 +0100 +Subject: [PATCH 05/47] use kvm by default + +--- + accel.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/accel.c b/accel.c +index 403eb5e..dd2ebea 100644 +--- a/accel.c ++++ b/accel.c +@@ -88,8 +88,8 @@ void configure_accelerator(MachineState *ms) + + p = qemu_opt_get(qemu_get_machine_opts(), "accel"); + if (p == NULL) { +- /* Use the default "accelerator", tcg */ +- p = "tcg"; ++ /* Use the default "accelerator", kvm */ ++ p = "kvm"; + } + + while (!accel_initialised && *p != '\0') { +-- +2.1.4 + diff --git a/debian/patches/pve/0006-virtio-balloon-fix-query.patch b/debian/patches/pve/0006-virtio-balloon-fix-query.patch new file mode 100644 index 0000000..4d0f546 --- /dev/null +++ b/debian/patches/pve/0006-virtio-balloon-fix-query.patch @@ -0,0 +1,169 @@ +From 132444451193736847c68d91f74c09cb76a16e6a Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 14:27:49 +0100 +Subject: [PATCH 06/47] virtio-balloon: fix query + +Actually provide memory information via the query-balloon +command. +--- + hmp.c | 30 +++++++++++++++++++++++++++++- + hw/virtio/virtio-balloon.c | 33 +++++++++++++++++++++++++++++++-- + qapi-schema.json | 23 +++++++++++++++++++++-- + qmp-commands.hx | 13 +++++++++++++ + 4 files changed, 94 insertions(+), 5 deletions(-) + +diff --git a/hmp.c b/hmp.c +index bb45f7f..3b0dd81 100644 +--- a/hmp.c ++++ b/hmp.c +@@ -704,7 +704,35 @@ void hmp_info_balloon(Monitor *mon, const QDict *qdict) + return; + } + +- monitor_printf(mon, "balloon: actual=%" PRId64 "\n", info->actual >> 20); ++ monitor_printf(mon, "balloon: actual=%" PRId64, info->actual >> 20); ++ monitor_printf(mon, " max_mem=%" PRId64, info->max_mem >> 20); ++ if (info->has_total_mem) { ++ monitor_printf(mon, " total_mem=%" PRId64, info->total_mem >> 20); ++ } ++ if (info->has_free_mem) { ++ monitor_printf(mon, " free_mem=%" PRId64, info->free_mem >> 20); ++ } ++ ++ if (info->has_mem_swapped_in) { ++ monitor_printf(mon, " mem_swapped_in=%" PRId64, info->mem_swapped_in); ++ } ++ if (info->has_mem_swapped_out) { ++ monitor_printf(mon, " mem_swapped_out=%" PRId64, info->mem_swapped_out); ++ } ++ if (info->has_major_page_faults) { ++ monitor_printf(mon, " major_page_faults=%" PRId64, ++ info->major_page_faults); ++ } ++ if (info->has_minor_page_faults) { ++ monitor_printf(mon, " minor_page_faults=%" PRId64, ++ info->minor_page_faults); ++ } ++ if (info->has_last_update) { ++ monitor_printf(mon, " last_update=%" PRId64, ++ info->last_update); ++ } ++ ++ monitor_printf(mon, "\n"); + + qapi_free_BalloonInfo(info); + } +diff --git a/hw/virtio/virtio-balloon.c b/hw/virtio/virtio-balloon.c +index ad4189a..b3a17f4 100644 +--- a/hw/virtio/virtio-balloon.c ++++ b/hw/virtio/virtio-balloon.c +@@ -376,8 +376,37 @@ static uint64_t virtio_balloon_get_features(VirtIODevice *vdev, uint64_t f, + static void virtio_balloon_stat(void *opaque, BalloonInfo *info) + { + VirtIOBalloon *dev = opaque; +- info->actual = get_current_ram_size() - ((uint64_t) dev->actual << +- VIRTIO_BALLOON_PFN_SHIFT); ++ ram_addr_t ram_size = get_current_ram_size(); ++ info->actual = ram_size - ((uint64_t) dev->actual << ++ VIRTIO_BALLOON_PFN_SHIFT); ++ ++ info->max_mem = ram_size; ++ ++ if (!(balloon_stats_enabled(dev) && balloon_stats_supported(dev) && ++ dev->stats_last_update)) { ++ return; ++ } ++ ++ info->last_update = dev->stats_last_update; ++ info->has_last_update = true; ++ ++ info->mem_swapped_in = dev->stats[VIRTIO_BALLOON_S_SWAP_IN]; ++ info->has_mem_swapped_in = info->mem_swapped_in >= 0 ? true : false; ++ ++ info->mem_swapped_out = dev->stats[VIRTIO_BALLOON_S_SWAP_OUT]; ++ info->has_mem_swapped_out = info->mem_swapped_out >= 0 ? true : false; ++ ++ info->major_page_faults = dev->stats[VIRTIO_BALLOON_S_MAJFLT]; ++ info->has_major_page_faults = info->major_page_faults >= 0 ? true : false; ++ ++ info->minor_page_faults = dev->stats[VIRTIO_BALLOON_S_MINFLT]; ++ info->has_minor_page_faults = info->minor_page_faults >= 0 ? true : false; ++ ++ info->free_mem = dev->stats[VIRTIO_BALLOON_S_MEMFREE]; ++ info->has_free_mem = info->free_mem >= 0 ? true : false; ++ ++ info->total_mem = dev->stats[VIRTIO_BALLOON_S_MEMTOT]; ++ info->has_total_mem = info->total_mem >= 0 ? true : false; + } + + static void virtio_balloon_to_target(void *opaque, ram_addr_t target) +diff --git a/qapi-schema.json b/qapi-schema.json +index 5658723..4bf7222 100644 +--- a/qapi-schema.json ++++ b/qapi-schema.json +@@ -1278,10 +1278,29 @@ + # + # @actual: the number of bytes the balloon currently contains + # +-# Since: 0.14.0 ++# @last_update: #optional time when stats got updated from guest ++# ++# @mem_swapped_in: #optional number of pages swapped in within the guest ++# ++# @mem_swapped_out: #optional number of pages swapped out within the guest ++# ++# @major_page_faults: #optional number of major page faults within the guest + # ++# @minor_page_faults: #optional number of minor page faults within the guest ++# ++# @free_mem: #optional amount of memory (in bytes) free in the guest ++# ++# @total_mem: #optional amount of memory (in bytes) visible to the guest ++# ++# @max_mem: amount of memory (in bytes) assigned to the guest ++# ++# Since: 0.14.0 + ## +-{ 'struct': 'BalloonInfo', 'data': {'actual': 'int' } } ++{ 'struct': 'BalloonInfo', ++ 'data': {'actual': 'int', '*last_update': 'int', '*mem_swapped_in': 'int', ++ '*mem_swapped_out': 'int', '*major_page_faults': 'int', ++ '*minor_page_faults': 'int', '*free_mem': 'int', ++ '*total_mem': 'int', 'max_mem': 'int' } } + + ## + # @query-balloon: +diff --git a/qmp-commands.hx b/qmp-commands.hx +index 6866264..6de28d4 100644 +--- a/qmp-commands.hx ++++ b/qmp-commands.hx +@@ -3854,6 +3854,13 @@ Make an asynchronous request for balloon info. When the request completes a + json-object will be returned containing the following data: + + - "actual": current balloon value in bytes (json-int) ++- "mem_swapped_in": Amount of memory swapped in bytes (json-int, optional) ++- "mem_swapped_out": Amount of memory swapped out in bytes (json-int, optional) ++- "major_page_faults": Number of major faults (json-int, optional) ++- "minor_page_faults": Number of minor faults (json-int, optional) ++- "free_mem": Total amount of free and unused memory in ++ bytes (json-int, optional) ++- "total_mem": Total amount of available memory in bytes (json-int, optional) + + Example: + +@@ -3861,6 +3868,12 @@ Example: + <- { + "return":{ + "actual":1073741824, ++ "mem_swapped_in":0, ++ "mem_swapped_out":0, ++ "major_page_faults":142, ++ "minor_page_faults":239245, ++ "free_mem":1014185984, ++ "total_mem":1044668416 + } + } + +-- +2.1.4 + diff --git a/debian/patches/pve/0007-set-the-CPU-model-to-kvm64-32-instead-of-qemu64-32.patch b/debian/patches/pve/0007-set-the-CPU-model-to-kvm64-32-instead-of-qemu64-32.patch new file mode 100644 index 0000000..f5d31bf --- /dev/null +++ b/debian/patches/pve/0007-set-the-CPU-model-to-kvm64-32-instead-of-qemu64-32.patch @@ -0,0 +1,28 @@ +From 118ca6343a48aaab7d1a8f252fb36008c823e551 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 14:30:21 +0100 +Subject: [PATCH 07/47] set the CPU model to kvm64/32 instead of qemu64/32 + +--- + hw/i386/pc.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/hw/i386/pc.c b/hw/i386/pc.c +index 022dd1b..ba8a5a1 100644 +--- a/hw/i386/pc.c ++++ b/hw/i386/pc.c +@@ -1160,9 +1160,9 @@ void pc_cpus_init(PCMachineState *pcms) + /* init CPUs */ + if (machine->cpu_model == NULL) { + #ifdef TARGET_X86_64 +- machine->cpu_model = "qemu64"; ++ machine->cpu_model = "kvm64"; + #else +- machine->cpu_model = "qemu32"; ++ machine->cpu_model = "kvm32"; + #endif + } + +-- +2.1.4 + diff --git a/debian/patches/pve/0008-qapi-modify-query-machines.patch b/debian/patches/pve/0008-qapi-modify-query-machines.patch new file mode 100644 index 0000000..d8cd15c --- /dev/null +++ b/debian/patches/pve/0008-qapi-modify-query-machines.patch @@ -0,0 +1,52 @@ +From dc5b92fbb2d405fd86228409b1f25c0bb2d6d973 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 14:31:18 +0100 +Subject: [PATCH 08/47] qapi: modify query machines + +provide '*is-current' in MachineInfo struct +--- + qapi-schema.json | 4 +++- + vl.c | 5 +++++ + 2 files changed, 8 insertions(+), 1 deletion(-) + +diff --git a/qapi-schema.json b/qapi-schema.json +index 4bf7222..63507f5 100644 +--- a/qapi-schema.json ++++ b/qapi-schema.json +@@ -3027,6 +3027,8 @@ + # + # @default: #optional whether the machine is default + # ++# @current: #optional whether this machine is currently used ++# + # @cpu-max: maximum number of CPUs supported by the machine type + # (since 1.5.0) + # +@@ -3036,7 +3038,7 @@ + ## + { 'struct': 'MachineInfo', + 'data': { 'name': 'str', '*alias': 'str', +- '*is-default': 'bool', 'cpu-max': 'int', ++ '*is-default': 'bool', '*is-current': 'bool', 'cpu-max': 'int', + 'hotpluggable-cpus': 'bool'} } + + ## +diff --git a/vl.c b/vl.c +index 6a218ce..b226e0b 100644 +--- a/vl.c ++++ b/vl.c +@@ -1509,6 +1509,11 @@ MachineInfoList *qmp_query_machines(Error **errp) + info->cpu_max = !mc->max_cpus ? 1 : mc->max_cpus; + info->hotpluggable_cpus = !!mc->query_hotpluggable_cpus; + ++ if (strcmp(mc->name, MACHINE_GET_CLASS(current_machine)->name) == 0) { ++ info->has_is_current = true; ++ info->is_current = true; ++ } ++ + entry = g_malloc0(sizeof(*entry)); + entry->value = info; + entry->next = mach_list; +-- +2.1.4 + diff --git a/debian/patches/pve/0009-qapi-modify-spice-query.patch b/debian/patches/pve/0009-qapi-modify-spice-query.patch new file mode 100644 index 0000000..673fc7e --- /dev/null +++ b/debian/patches/pve/0009-qapi-modify-spice-query.patch @@ -0,0 +1,49 @@ +From c09467afaf37989942076b45f6ffa7bb8ebde2ca Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 14:32:11 +0100 +Subject: [PATCH 09/47] qapi: modify spice query + +Provide the last ticket in the SpiceInfo struct optionally. +--- + qapi-schema.json | 3 +++ + ui/spice-core.c | 5 +++++ + 2 files changed, 8 insertions(+) + +diff --git a/qapi-schema.json b/qapi-schema.json +index 63507f5..518c2ea 100644 +--- a/qapi-schema.json ++++ b/qapi-schema.json +@@ -1253,11 +1253,14 @@ + # + # @channels: a list of @SpiceChannel for each active spice channel + # ++# @ticket: #optional The last ticket set with set_password ++# + # Since: 0.14.0 + ## + { 'struct': 'SpiceInfo', + 'data': {'enabled': 'bool', 'migrated': 'bool', '*host': 'str', '*port': 'int', + '*tls-port': 'int', '*auth': 'str', '*compiled-version': 'str', ++ '*ticket': 'str', + 'mouse-mode': 'SpiceQueryMouseMode', '*channels': ['SpiceChannel']} } + + ## +diff --git a/ui/spice-core.c b/ui/spice-core.c +index da05054..acf5a73 100644 +--- a/ui/spice-core.c ++++ b/ui/spice-core.c +@@ -543,6 +543,11 @@ SpiceInfo *qmp_query_spice(Error **errp) + micro = SPICE_SERVER_VERSION & 0xff; + info->compiled_version = g_strdup_printf("%d.%d.%d", major, minor, micro); + ++ if (auth_passwd) { ++ info->has_ticket = true; ++ info->ticket = g_strdup(auth_passwd); ++ } ++ + if (port) { + info->has_port = true; + info->port = port; +-- +2.1.4 + diff --git a/debian/patches/pve/0010-ui-spice-default-to-pve-certs-unless-otherwise-speci.patch b/debian/patches/pve/0010-ui-spice-default-to-pve-certs-unless-otherwise-speci.patch new file mode 100644 index 0000000..cf9ba57 --- /dev/null +++ b/debian/patches/pve/0010-ui-spice-default-to-pve-certs-unless-otherwise-speci.patch @@ -0,0 +1,59 @@ +From 78cc6a38bfa2c986ff75a322d750a548bf2291b9 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 14:33:34 +0100 +Subject: [PATCH 10/47] ui/spice: default to pve certs unless otherwise + specified + +--- + ui/spice-core.c | 15 +++++++++------ + 1 file changed, 9 insertions(+), 6 deletions(-) + +diff --git a/ui/spice-core.c b/ui/spice-core.c +index acf5a73..4f1cf45 100644 +--- a/ui/spice-core.c ++++ b/ui/spice-core.c +@@ -676,32 +676,35 @@ void qemu_spice_init(void) + + if (tls_port) { + x509_dir = qemu_opt_get(opts, "x509-dir"); +- if (!x509_dir) { +- x509_dir = "."; +- } + + str = qemu_opt_get(opts, "x509-key-file"); + if (str) { + x509_key_file = g_strdup(str); +- } else { ++ } else if (x509_dir) { + x509_key_file = g_strdup_printf("%s/%s", x509_dir, + X509_SERVER_KEY_FILE); ++ } else { ++ x509_key_file = g_strdup("/etc/pve/local/pve-ssl.key"); + } + + str = qemu_opt_get(opts, "x509-cert-file"); + if (str) { + x509_cert_file = g_strdup(str); +- } else { ++ } else if (x509_dir) { + x509_cert_file = g_strdup_printf("%s/%s", x509_dir, + X509_SERVER_CERT_FILE); ++ } else { ++ x509_cert_file = g_strdup("/etc/pve/local/pve-ssl.pem"); + } + + str = qemu_opt_get(opts, "x509-cacert-file"); + if (str) { + x509_cacert_file = g_strdup(str); +- } else { ++ } else if (x509_dir) { + x509_cacert_file = g_strdup_printf("%s/%s", x509_dir, + X509_CA_CERT_FILE); ++ } else { ++ x509_cacert_file = g_strdup("/etc/pve/pve-root-ca.pem"); + } + + x509_key_password = qemu_opt_get(opts, "x509-key-password"); +-- +2.1.4 + diff --git a/debian/patches/pve/0011-introduce-new-vma-archive-format.patch b/debian/patches/pve/0011-introduce-new-vma-archive-format.patch new file mode 100644 index 0000000..963c37d --- /dev/null +++ b/debian/patches/pve/0011-introduce-new-vma-archive-format.patch @@ -0,0 +1,2479 @@ +From 183d526538782e8c3644db303846cf0a70595009 Mon Sep 17 00:00:00 2001 +From: Dietmar Maurer +Date: Tue, 13 Nov 2012 11:11:38 +0100 +Subject: [PATCH 11/47] introduce new vma archive format + +This is a very simple archive format, see docs/specs/vma_spec.txt + +Signed-off-by: Dietmar Maurer +--- + Makefile | 3 +- + Makefile.objs | 1 + + vma-reader.c | 797 +++++++++++++++++++++++++++++++++++++++++++++++++++++ + vma-writer.c | 870 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + vma.c | 585 +++++++++++++++++++++++++++++++++++++++ + vma.h | 146 ++++++++++ + 6 files changed, 2401 insertions(+), 1 deletion(-) + create mode 100644 vma-reader.c + create mode 100644 vma-writer.c + create mode 100644 vma.c + create mode 100644 vma.h + +diff --git a/Makefile b/Makefile +index 50b4b3a..d92d905 100644 +--- a/Makefile ++++ b/Makefile +@@ -165,7 +165,7 @@ ifneq ($(wildcard config-host.mak),) + include $(SRC_PATH)/tests/Makefile.include + endif + +-all: $(DOCS) $(TOOLS) $(HELPERS-y) recurse-all modules ++all: $(DOCS) $(TOOLS) vma$(EXESUF) $(HELPERS-y) recurse-all modules + + qemu-version.h: FORCE + $(call quiet-command, \ +@@ -256,6 +256,7 @@ qemu-img.o: qemu-img-cmds.h + qemu-img$(EXESUF): qemu-img.o $(block-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) libqemuutil.a libqemustub.a + qemu-nbd$(EXESUF): qemu-nbd.o $(block-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) libqemuutil.a libqemustub.a + qemu-io$(EXESUF): qemu-io.o $(block-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) libqemuutil.a libqemustub.a ++vma$(EXESUF): vma.o vma-reader.o $(block-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) libqemuutil.a libqemustub.a + + qemu-bridge-helper$(EXESUF): qemu-bridge-helper.o libqemuutil.a libqemustub.a + +diff --git a/Makefile.objs b/Makefile.objs +index 6d5ddcf..845edd0 100644 +--- a/Makefile.objs ++++ b/Makefile.objs +@@ -15,6 +15,7 @@ block-obj-$(CONFIG_POSIX) += aio-posix.o + block-obj-$(CONFIG_WIN32) += aio-win32.o + block-obj-y += block/ + block-obj-y += qemu-io-cmds.o ++block-obj-y += vma-writer.o + + block-obj-m = block/ + +diff --git a/vma-reader.c b/vma-reader.c +new file mode 100644 +index 0000000..51dd8fe +--- /dev/null ++++ b/vma-reader.c +@@ -0,0 +1,797 @@ ++/* ++ * VMA: Virtual Machine Archive ++ * ++ * Copyright (C) 2012 Proxmox Server Solutions ++ * ++ * Authors: ++ * Dietmar Maurer (dietmar@proxmox.com) ++ * ++ * This work is licensed under the terms of the GNU GPL, version 2 or later. ++ * See the COPYING file in the top-level directory. ++ * ++ */ ++ ++#include "qemu/osdep.h" ++#include ++#include ++ ++#include "qemu-common.h" ++#include "qemu/timer.h" ++#include "qemu/ratelimit.h" ++#include "vma.h" ++#include "block/block.h" ++#include "sysemu/block-backend.h" ++ ++static unsigned char zero_vma_block[VMA_BLOCK_SIZE]; ++ ++typedef struct VmaRestoreState { ++ BlockDriverState *bs; ++ bool write_zeroes; ++ unsigned long *bitmap; ++ int bitmap_size; ++} VmaRestoreState; ++ ++struct VmaReader { ++ int fd; ++ GChecksum *md5csum; ++ GHashTable *blob_hash; ++ unsigned char *head_data; ++ VmaDeviceInfo devinfo[256]; ++ VmaRestoreState rstate[256]; ++ GList *cdata_list; ++ guint8 vmstate_stream; ++ uint32_t vmstate_clusters; ++ /* to show restore percentage if run with -v */ ++ time_t start_time; ++ int64_t cluster_count; ++ int64_t clusters_read; ++ int clusters_read_per; ++}; ++ ++static guint ++g_int32_hash(gconstpointer v) ++{ ++ return *(const uint32_t *)v; ++} ++ ++static gboolean ++g_int32_equal(gconstpointer v1, gconstpointer v2) ++{ ++ return *((const uint32_t *)v1) == *((const uint32_t *)v2); ++} ++ ++static int vma_reader_get_bitmap(VmaRestoreState *rstate, int64_t cluster_num) ++{ ++ assert(rstate); ++ assert(rstate->bitmap); ++ ++ unsigned long val, idx, bit; ++ ++ idx = cluster_num / BITS_PER_LONG; ++ ++ assert(rstate->bitmap_size > idx); ++ ++ bit = cluster_num % BITS_PER_LONG; ++ val = rstate->bitmap[idx]; ++ ++ return !!(val & (1UL << bit)); ++} ++ ++static void vma_reader_set_bitmap(VmaRestoreState *rstate, int64_t cluster_num, ++ int dirty) ++{ ++ assert(rstate); ++ assert(rstate->bitmap); ++ ++ unsigned long val, idx, bit; ++ ++ idx = cluster_num / BITS_PER_LONG; ++ ++ assert(rstate->bitmap_size > idx); ++ ++ bit = cluster_num % BITS_PER_LONG; ++ val = rstate->bitmap[idx]; ++ if (dirty) { ++ if (!(val & (1UL << bit))) { ++ val |= 1UL << bit; ++ } ++ } else { ++ if (val & (1UL << bit)) { ++ val &= ~(1UL << bit); ++ } ++ } ++ rstate->bitmap[idx] = val; ++} ++ ++typedef struct VmaBlob { ++ uint32_t start; ++ uint32_t len; ++ void *data; ++} VmaBlob; ++ ++static const VmaBlob *get_header_blob(VmaReader *vmar, uint32_t pos) ++{ ++ assert(vmar); ++ assert(vmar->blob_hash); ++ ++ return g_hash_table_lookup(vmar->blob_hash, &pos); ++} ++ ++static const char *get_header_str(VmaReader *vmar, uint32_t pos) ++{ ++ const VmaBlob *blob = get_header_blob(vmar, pos); ++ if (!blob) { ++ return NULL; ++ } ++ const char *res = (char *)blob->data; ++ if (res[blob->len-1] != '\0') { ++ return NULL; ++ } ++ return res; ++} ++ ++static ssize_t ++safe_read(int fd, unsigned char *buf, size_t count) ++{ ++ ssize_t n; ++ ++ do { ++ n = read(fd, buf, count); ++ } while (n < 0 && errno == EINTR); ++ ++ return n; ++} ++ ++static ssize_t ++full_read(int fd, unsigned char *buf, size_t len) ++{ ++ ssize_t n; ++ size_t total; ++ ++ total = 0; ++ ++ while (len > 0) { ++ n = safe_read(fd, buf, len); ++ ++ if (n == 0) { ++ return total; ++ } ++ ++ if (n <= 0) { ++ break; ++ } ++ ++ buf += n; ++ total += n; ++ len -= n; ++ } ++ ++ if (len) { ++ return -1; ++ } ++ ++ return total; ++} ++ ++void vma_reader_destroy(VmaReader *vmar) ++{ ++ assert(vmar); ++ ++ if (vmar->fd >= 0) { ++ close(vmar->fd); ++ } ++ ++ if (vmar->cdata_list) { ++ g_list_free(vmar->cdata_list); ++ } ++ ++ int i; ++ for (i = 1; i < 256; i++) { ++ if (vmar->rstate[i].bitmap) { ++ g_free(vmar->rstate[i].bitmap); ++ } ++ } ++ ++ if (vmar->md5csum) { ++ g_checksum_free(vmar->md5csum); ++ } ++ ++ if (vmar->blob_hash) { ++ g_hash_table_destroy(vmar->blob_hash); ++ } ++ ++ if (vmar->head_data) { ++ g_free(vmar->head_data); ++ } ++ ++ g_free(vmar); ++ ++}; ++ ++static int vma_reader_read_head(VmaReader *vmar, Error **errp) ++{ ++ assert(vmar); ++ assert(errp); ++ assert(*errp == NULL); ++ ++ unsigned char md5sum[16]; ++ int i; ++ int ret = 0; ++ ++ vmar->head_data = g_malloc(sizeof(VmaHeader)); ++ ++ if (full_read(vmar->fd, vmar->head_data, sizeof(VmaHeader)) != ++ sizeof(VmaHeader)) { ++ error_setg(errp, "can't read vma header - %s", ++ errno ? g_strerror(errno) : "got EOF"); ++ return -1; ++ } ++ ++ VmaHeader *h = (VmaHeader *)vmar->head_data; ++ ++ if (h->magic != VMA_MAGIC) { ++ error_setg(errp, "not a vma file - wrong magic number"); ++ return -1; ++ } ++ ++ uint32_t header_size = GUINT32_FROM_BE(h->header_size); ++ int need = header_size - sizeof(VmaHeader); ++ if (need <= 0) { ++ error_setg(errp, "wrong vma header size %d", header_size); ++ return -1; ++ } ++ ++ vmar->head_data = g_realloc(vmar->head_data, header_size); ++ h = (VmaHeader *)vmar->head_data; ++ ++ if (full_read(vmar->fd, vmar->head_data + sizeof(VmaHeader), need) != ++ need) { ++ error_setg(errp, "can't read vma header data - %s", ++ errno ? g_strerror(errno) : "got EOF"); ++ return -1; ++ } ++ ++ memcpy(md5sum, h->md5sum, 16); ++ memset(h->md5sum, 0, 16); ++ ++ g_checksum_reset(vmar->md5csum); ++ g_checksum_update(vmar->md5csum, vmar->head_data, header_size); ++ gsize csize = 16; ++ g_checksum_get_digest(vmar->md5csum, (guint8 *)(h->md5sum), &csize); ++ ++ if (memcmp(md5sum, h->md5sum, 16) != 0) { ++ error_setg(errp, "wrong vma header chechsum"); ++ return -1; ++ } ++ ++ /* we can modify header data after checksum verify */ ++ h->header_size = header_size; ++ ++ h->version = GUINT32_FROM_BE(h->version); ++ if (h->version != 1) { ++ error_setg(errp, "wrong vma version %d", h->version); ++ return -1; ++ } ++ ++ h->ctime = GUINT64_FROM_BE(h->ctime); ++ h->blob_buffer_offset = GUINT32_FROM_BE(h->blob_buffer_offset); ++ h->blob_buffer_size = GUINT32_FROM_BE(h->blob_buffer_size); ++ ++ uint32_t bstart = h->blob_buffer_offset + 1; ++ uint32_t bend = h->blob_buffer_offset + h->blob_buffer_size; ++ ++ if (bstart <= sizeof(VmaHeader)) { ++ error_setg(errp, "wrong vma blob buffer offset %d", ++ h->blob_buffer_offset); ++ return -1; ++ } ++ ++ if (bend > header_size) { ++ error_setg(errp, "wrong vma blob buffer size %d/%d", ++ h->blob_buffer_offset, h->blob_buffer_size); ++ return -1; ++ } ++ ++ while ((bstart + 2) <= bend) { ++ uint32_t size = vmar->head_data[bstart] + ++ (vmar->head_data[bstart+1] << 8); ++ if ((bstart + size + 2) <= bend) { ++ VmaBlob *blob = g_new0(VmaBlob, 1); ++ blob->start = bstart - h->blob_buffer_offset; ++ blob->len = size; ++ blob->data = vmar->head_data + bstart + 2; ++ g_hash_table_insert(vmar->blob_hash, &blob->start, blob); ++ } ++ bstart += size + 2; ++ } ++ ++ ++ int count = 0; ++ for (i = 1; i < 256; i++) { ++ VmaDeviceInfoHeader *dih = &h->dev_info[i]; ++ uint32_t devname_ptr = GUINT32_FROM_BE(dih->devname_ptr); ++ uint64_t size = GUINT64_FROM_BE(dih->size); ++ const char *devname = get_header_str(vmar, devname_ptr); ++ ++ if (size && devname) { ++ count++; ++ vmar->devinfo[i].size = size; ++ vmar->devinfo[i].devname = devname; ++ ++ if (strcmp(devname, "vmstate") == 0) { ++ vmar->vmstate_stream = i; ++ } ++ } ++ } ++ ++ if (!count) { ++ error_setg(errp, "vma does not contain data"); ++ return -1; ++ } ++ ++ for (i = 0; i < VMA_MAX_CONFIGS; i++) { ++ uint32_t name_ptr = GUINT32_FROM_BE(h->config_names[i]); ++ uint32_t data_ptr = GUINT32_FROM_BE(h->config_data[i]); ++ ++ if (!(name_ptr && data_ptr)) { ++ continue; ++ } ++ const char *name = get_header_str(vmar, name_ptr); ++ const VmaBlob *blob = get_header_blob(vmar, data_ptr); ++ ++ if (!(name && blob)) { ++ error_setg(errp, "vma contains invalid data pointers"); ++ return -1; ++ } ++ ++ VmaConfigData *cdata = g_new0(VmaConfigData, 1); ++ cdata->name = name; ++ cdata->data = blob->data; ++ cdata->len = blob->len; ++ ++ vmar->cdata_list = g_list_append(vmar->cdata_list, cdata); ++ } ++ ++ return ret; ++}; ++ ++VmaReader *vma_reader_create(const char *filename, Error **errp) ++{ ++ assert(filename); ++ assert(errp); ++ ++ VmaReader *vmar = g_new0(VmaReader, 1); ++ ++ if (strcmp(filename, "-") == 0) { ++ vmar->fd = dup(0); ++ } else { ++ vmar->fd = open(filename, O_RDONLY); ++ } ++ ++ if (vmar->fd < 0) { ++ error_setg(errp, "can't open file %s - %s\n", filename, ++ g_strerror(errno)); ++ goto err; ++ } ++ ++ vmar->md5csum = g_checksum_new(G_CHECKSUM_MD5); ++ if (!vmar->md5csum) { ++ error_setg(errp, "can't allocate cmsum\n"); ++ goto err; ++ } ++ ++ vmar->blob_hash = g_hash_table_new_full(g_int32_hash, g_int32_equal, ++ NULL, g_free); ++ ++ if (vma_reader_read_head(vmar, errp) < 0) { ++ goto err; ++ } ++ ++ return vmar; ++ ++err: ++ if (vmar) { ++ vma_reader_destroy(vmar); ++ } ++ ++ return NULL; ++} ++ ++VmaHeader *vma_reader_get_header(VmaReader *vmar) ++{ ++ assert(vmar); ++ assert(vmar->head_data); ++ ++ return (VmaHeader *)(vmar->head_data); ++} ++ ++GList *vma_reader_get_config_data(VmaReader *vmar) ++{ ++ assert(vmar); ++ assert(vmar->head_data); ++ ++ return vmar->cdata_list; ++} ++ ++VmaDeviceInfo *vma_reader_get_device_info(VmaReader *vmar, guint8 dev_id) ++{ ++ assert(vmar); ++ assert(dev_id); ++ ++ if (vmar->devinfo[dev_id].size && vmar->devinfo[dev_id].devname) { ++ return &vmar->devinfo[dev_id]; ++ } ++ ++ return NULL; ++} ++ ++int vma_reader_register_bs(VmaReader *vmar, guint8 dev_id, BlockDriverState *bs, ++ bool write_zeroes, Error **errp) ++{ ++ assert(vmar); ++ assert(bs != NULL); ++ assert(dev_id); ++ assert(vmar->rstate[dev_id].bs == NULL); ++ ++ int64_t size = bdrv_getlength(bs); ++ int64_t size_diff = size - vmar->devinfo[dev_id].size; ++ ++ /* storage types can have different size restrictions, so it ++ * is not always possible to create an image with exact size. ++ * So we tolerate a size difference up to 4MB. ++ */ ++ if ((size_diff < 0) || (size_diff > 4*1024*1024)) { ++ error_setg(errp, "vma_reader_register_bs for stream %s failed - " ++ "unexpected size %zd != %zd", vmar->devinfo[dev_id].devname, ++ size, vmar->devinfo[dev_id].size); ++ return -1; ++ } ++ ++ vmar->rstate[dev_id].bs = bs; ++ vmar->rstate[dev_id].write_zeroes = write_zeroes; ++ ++ int64_t bitmap_size = (size/BDRV_SECTOR_SIZE) + ++ (VMA_CLUSTER_SIZE/BDRV_SECTOR_SIZE) * BITS_PER_LONG - 1; ++ bitmap_size /= (VMA_CLUSTER_SIZE/BDRV_SECTOR_SIZE) * BITS_PER_LONG; ++ ++ vmar->rstate[dev_id].bitmap_size = bitmap_size; ++ vmar->rstate[dev_id].bitmap = g_new0(unsigned long, bitmap_size); ++ ++ vmar->cluster_count += size/VMA_CLUSTER_SIZE; ++ ++ return 0; ++} ++ ++static ssize_t safe_write(int fd, void *buf, size_t count) ++{ ++ ssize_t n; ++ ++ do { ++ n = write(fd, buf, count); ++ } while (n < 0 && errno == EINTR); ++ ++ return n; ++} ++ ++static size_t full_write(int fd, void *buf, size_t len) ++{ ++ ssize_t n; ++ size_t total; ++ ++ total = 0; ++ ++ while (len > 0) { ++ n = safe_write(fd, buf, len); ++ if (n < 0) { ++ return n; ++ } ++ buf += n; ++ total += n; ++ len -= n; ++ } ++ ++ if (len) { ++ /* incomplete write ? */ ++ return -1; ++ } ++ ++ return total; ++} ++ ++static int restore_write_data(VmaReader *vmar, guint8 dev_id, ++ BlockDriverState *bs, int vmstate_fd, ++ unsigned char *buf, int64_t sector_num, ++ int nb_sectors, Error **errp) ++{ ++ assert(vmar); ++ ++ if (dev_id == vmar->vmstate_stream) { ++ if (vmstate_fd >= 0) { ++ int len = nb_sectors * BDRV_SECTOR_SIZE; ++ int res = full_write(vmstate_fd, buf, len); ++ if (res < 0) { ++ error_setg(errp, "write vmstate failed %d", res); ++ return -1; ++ } ++ } ++ } else { ++ int res = bdrv_write(bs, sector_num, buf, nb_sectors); ++ if (res < 0) { ++ error_setg(errp, "bdrv_write to %s failed (%d)", ++ bdrv_get_device_name(bs), res); ++ return -1; ++ } ++ } ++ return 0; ++} ++static int restore_extent(VmaReader *vmar, unsigned char *buf, ++ int extent_size, int vmstate_fd, ++ bool verbose, Error **errp) ++{ ++ assert(vmar); ++ assert(buf); ++ ++ VmaExtentHeader *ehead = (VmaExtentHeader *)buf; ++ int start = VMA_EXTENT_HEADER_SIZE; ++ int i; ++ ++ for (i = 0; i < VMA_BLOCKS_PER_EXTENT; i++) { ++ uint64_t block_info = GUINT64_FROM_BE(ehead->blockinfo[i]); ++ uint64_t cluster_num = block_info & 0xffffffff; ++ uint8_t dev_id = (block_info >> 32) & 0xff; ++ uint16_t mask = block_info >> (32+16); ++ int64_t max_sector; ++ ++ if (!dev_id) { ++ continue; ++ } ++ ++ VmaRestoreState *rstate = &vmar->rstate[dev_id]; ++ BlockDriverState *bs = NULL; ++ ++ if (dev_id != vmar->vmstate_stream) { ++ bs = rstate->bs; ++ if (!bs) { ++ error_setg(errp, "got wrong dev id %d", dev_id); ++ return -1; ++ } ++ ++ if (vma_reader_get_bitmap(rstate, cluster_num)) { ++ error_setg(errp, "found duplicated cluster %zd for stream %s", ++ cluster_num, vmar->devinfo[dev_id].devname); ++ return -1; ++ } ++ vma_reader_set_bitmap(rstate, cluster_num, 1); ++ ++ max_sector = vmar->devinfo[dev_id].size/BDRV_SECTOR_SIZE; ++ } else { ++ max_sector = G_MAXINT64; ++ if (cluster_num != vmar->vmstate_clusters) { ++ error_setg(errp, "found out of order vmstate data"); ++ return -1; ++ } ++ vmar->vmstate_clusters++; ++ } ++ ++ vmar->clusters_read++; ++ ++ if (verbose) { ++ time_t duration = time(NULL) - vmar->start_time; ++ int percent = (vmar->clusters_read*100)/vmar->cluster_count; ++ if (percent != vmar->clusters_read_per) { ++ printf("progress %d%% (read %zd bytes, duration %zd sec)\n", ++ percent, vmar->clusters_read*VMA_CLUSTER_SIZE, ++ duration); ++ fflush(stdout); ++ vmar->clusters_read_per = percent; ++ } ++ } ++ ++ /* try to write whole clusters to speedup restore */ ++ if (mask == 0xffff) { ++ if ((start + VMA_CLUSTER_SIZE) > extent_size) { ++ error_setg(errp, "short vma extent - too many blocks"); ++ return -1; ++ } ++ int64_t sector_num = (cluster_num * VMA_CLUSTER_SIZE) / ++ BDRV_SECTOR_SIZE; ++ int64_t end_sector = sector_num + ++ VMA_CLUSTER_SIZE/BDRV_SECTOR_SIZE; ++ ++ if (end_sector > max_sector) { ++ end_sector = max_sector; ++ } ++ ++ if (end_sector <= sector_num) { ++ error_setg(errp, "got wrong block address - write bejond end"); ++ return -1; ++ } ++ ++ int nb_sectors = end_sector - sector_num; ++ if (restore_write_data(vmar, dev_id, bs, vmstate_fd, buf + start, ++ sector_num, nb_sectors, errp) < 0) { ++ return -1; ++ } ++ ++ start += VMA_CLUSTER_SIZE; ++ } else { ++ int j; ++ int bit = 1; ++ ++ for (j = 0; j < 16; j++) { ++ int64_t sector_num = (cluster_num*VMA_CLUSTER_SIZE + ++ j*VMA_BLOCK_SIZE)/BDRV_SECTOR_SIZE; ++ ++ int64_t end_sector = sector_num + ++ VMA_BLOCK_SIZE/BDRV_SECTOR_SIZE; ++ if (end_sector > max_sector) { ++ end_sector = max_sector; ++ } ++ ++ if (mask & bit) { ++ if ((start + VMA_BLOCK_SIZE) > extent_size) { ++ error_setg(errp, "short vma extent - too many blocks"); ++ return -1; ++ } ++ ++ if (end_sector <= sector_num) { ++ error_setg(errp, "got wrong block address - " ++ "write bejond end"); ++ return -1; ++ } ++ ++ int nb_sectors = end_sector - sector_num; ++ if (restore_write_data(vmar, dev_id, bs, vmstate_fd, ++ buf + start, sector_num, ++ nb_sectors, errp) < 0) { ++ return -1; ++ } ++ ++ start += VMA_BLOCK_SIZE; ++ ++ } else { ++ ++ if (rstate->write_zeroes && (end_sector > sector_num)) { ++ /* Todo: use bdrv_co_write_zeroes (but that need to ++ * be run inside coroutine?) ++ */ ++ int nb_sectors = end_sector - sector_num; ++ if (restore_write_data(vmar, dev_id, bs, vmstate_fd, ++ zero_vma_block, sector_num, ++ nb_sectors, errp) < 0) { ++ return -1; ++ } ++ } ++ } ++ ++ bit = bit << 1; ++ } ++ } ++ } ++ ++ if (start != extent_size) { ++ error_setg(errp, "vma extent error - missing blocks"); ++ return -1; ++ } ++ ++ return 0; ++} ++ ++int vma_reader_restore(VmaReader *vmar, int vmstate_fd, bool verbose, ++ Error **errp) ++{ ++ assert(vmar); ++ assert(vmar->head_data); ++ ++ int ret = 0; ++ unsigned char buf[VMA_MAX_EXTENT_SIZE]; ++ int buf_pos = 0; ++ unsigned char md5sum[16]; ++ VmaHeader *h = (VmaHeader *)vmar->head_data; ++ ++ vmar->start_time = time(NULL); ++ ++ while (1) { ++ int bytes = full_read(vmar->fd, buf + buf_pos, sizeof(buf) - buf_pos); ++ if (bytes < 0) { ++ error_setg(errp, "read failed - %s", g_strerror(errno)); ++ return -1; ++ } ++ ++ buf_pos += bytes; ++ ++ if (!buf_pos) { ++ break; /* EOF */ ++ } ++ ++ if (buf_pos < VMA_EXTENT_HEADER_SIZE) { ++ error_setg(errp, "read short extent (%d bytes)", buf_pos); ++ return -1; ++ } ++ ++ VmaExtentHeader *ehead = (VmaExtentHeader *)buf; ++ ++ /* extract md5sum */ ++ memcpy(md5sum, ehead->md5sum, sizeof(ehead->md5sum)); ++ memset(ehead->md5sum, 0, sizeof(ehead->md5sum)); ++ ++ g_checksum_reset(vmar->md5csum); ++ g_checksum_update(vmar->md5csum, buf, VMA_EXTENT_HEADER_SIZE); ++ gsize csize = 16; ++ g_checksum_get_digest(vmar->md5csum, ehead->md5sum, &csize); ++ ++ if (memcmp(md5sum, ehead->md5sum, 16) != 0) { ++ error_setg(errp, "wrong vma extent header chechsum"); ++ return -1; ++ } ++ ++ if (memcmp(h->uuid, ehead->uuid, sizeof(ehead->uuid)) != 0) { ++ error_setg(errp, "wrong vma extent uuid"); ++ return -1; ++ } ++ ++ if (ehead->magic != VMA_EXTENT_MAGIC || ehead->reserved1 != 0) { ++ error_setg(errp, "wrong vma extent header magic"); ++ return -1; ++ } ++ ++ int block_count = GUINT16_FROM_BE(ehead->block_count); ++ int extent_size = VMA_EXTENT_HEADER_SIZE + block_count*VMA_BLOCK_SIZE; ++ ++ if (buf_pos < extent_size) { ++ error_setg(errp, "short vma extent (%d < %d)", buf_pos, ++ extent_size); ++ return -1; ++ } ++ ++ if (restore_extent(vmar, buf, extent_size, vmstate_fd, verbose, ++ errp) < 0) { ++ return -1; ++ } ++ ++ if (buf_pos > extent_size) { ++ memmove(buf, buf + extent_size, buf_pos - extent_size); ++ buf_pos = buf_pos - extent_size; ++ } else { ++ buf_pos = 0; ++ } ++ } ++ ++ bdrv_drain_all(); ++ ++ int i; ++ for (i = 1; i < 256; i++) { ++ VmaRestoreState *rstate = &vmar->rstate[i]; ++ if (!rstate->bs) { ++ continue; ++ } ++ ++ if (bdrv_flush(rstate->bs) < 0) { ++ error_setg(errp, "vma bdrv_flush %s failed", ++ vmar->devinfo[i].devname); ++ return -1; ++ } ++ ++ if (vmar->devinfo[i].size && ++ (strcmp(vmar->devinfo[i].devname, "vmstate") != 0)) { ++ assert(rstate->bitmap); ++ ++ int64_t cluster_num, end; ++ ++ end = (vmar->devinfo[i].size + VMA_CLUSTER_SIZE - 1) / ++ VMA_CLUSTER_SIZE; ++ ++ for (cluster_num = 0; cluster_num < end; cluster_num++) { ++ if (!vma_reader_get_bitmap(rstate, cluster_num)) { ++ error_setg(errp, "detected missing cluster %zd " ++ "for stream %s", cluster_num, ++ vmar->devinfo[i].devname); ++ return -1; ++ } ++ } ++ } ++ } ++ ++ return ret; ++} ++ +diff --git a/vma-writer.c b/vma-writer.c +new file mode 100644 +index 0000000..b0cf529 +--- /dev/null ++++ b/vma-writer.c +@@ -0,0 +1,870 @@ ++/* ++ * VMA: Virtual Machine Archive ++ * ++ * Copyright (C) 2012 Proxmox Server Solutions ++ * ++ * Authors: ++ * Dietmar Maurer (dietmar@proxmox.com) ++ * ++ * This work is licensed under the terms of the GNU GPL, version 2 or later. ++ * See the COPYING file in the top-level directory. ++ * ++ */ ++ ++#include "qemu/osdep.h" ++#include ++#include ++ ++#include "vma.h" ++#include "block/block.h" ++#include "monitor/monitor.h" ++#include "qemu/main-loop.h" ++#include "qemu/coroutine.h" ++#include "qemu/cutils.h" ++ ++#define DEBUG_VMA 0 ++ ++#define DPRINTF(fmt, ...)\ ++ do { if (DEBUG_VMA) { printf("vma: " fmt, ## __VA_ARGS__); } } while (0) ++ ++#define WRITE_BUFFERS 5 ++ ++typedef struct VmaAIOCB VmaAIOCB; ++struct VmaAIOCB { ++ unsigned char buffer[VMA_MAX_EXTENT_SIZE]; ++ VmaWriter *vmaw; ++ size_t bytes; ++ Coroutine *co; ++}; ++ ++struct VmaWriter { ++ int fd; ++ FILE *cmd; ++ int status; ++ char errmsg[8192]; ++ uuid_t uuid; ++ bool header_written; ++ bool closed; ++ ++ /* we always write extents */ ++ unsigned char outbuf[VMA_MAX_EXTENT_SIZE]; ++ int outbuf_pos; /* in bytes */ ++ int outbuf_count; /* in VMA_BLOCKS */ ++ uint64_t outbuf_block_info[VMA_BLOCKS_PER_EXTENT]; ++ ++ VmaAIOCB *aiocbs[WRITE_BUFFERS]; ++ CoQueue wqueue; ++ ++ GChecksum *md5csum; ++ CoMutex writer_lock; ++ CoMutex flush_lock; ++ Coroutine *co_writer; ++ ++ /* drive informations */ ++ VmaStreamInfo stream_info[256]; ++ guint stream_count; ++ ++ guint8 vmstate_stream; ++ uint32_t vmstate_clusters; ++ ++ /* header blob table */ ++ char *header_blob_table; ++ uint32_t header_blob_table_size; ++ uint32_t header_blob_table_pos; ++ ++ /* store for config blobs */ ++ uint32_t config_names[VMA_MAX_CONFIGS]; /* offset into blob_buffer table */ ++ uint32_t config_data[VMA_MAX_CONFIGS]; /* offset into blob_buffer table */ ++ uint32_t config_count; ++}; ++ ++void vma_writer_set_error(VmaWriter *vmaw, const char *fmt, ...) ++{ ++ va_list ap; ++ ++ if (vmaw->status < 0) { ++ return; ++ } ++ ++ vmaw->status = -1; ++ ++ va_start(ap, fmt); ++ g_vsnprintf(vmaw->errmsg, sizeof(vmaw->errmsg), fmt, ap); ++ va_end(ap); ++ ++ DPRINTF("vma_writer_set_error: %s\n", vmaw->errmsg); ++} ++ ++static uint32_t allocate_header_blob(VmaWriter *vmaw, const char *data, ++ size_t len) ++{ ++ if (len > 65535) { ++ return 0; ++ } ++ ++ if (!vmaw->header_blob_table || ++ (vmaw->header_blob_table_size < ++ (vmaw->header_blob_table_pos + len + 2))) { ++ int newsize = vmaw->header_blob_table_size + ((len + 2 + 511)/512)*512; ++ ++ vmaw->header_blob_table = g_realloc(vmaw->header_blob_table, newsize); ++ memset(vmaw->header_blob_table + vmaw->header_blob_table_size, ++ 0, newsize - vmaw->header_blob_table_size); ++ vmaw->header_blob_table_size = newsize; ++ } ++ ++ uint32_t cpos = vmaw->header_blob_table_pos; ++ vmaw->header_blob_table[cpos] = len & 255; ++ vmaw->header_blob_table[cpos+1] = (len >> 8) & 255; ++ memcpy(vmaw->header_blob_table + cpos + 2, data, len); ++ vmaw->header_blob_table_pos += len + 2; ++ return cpos; ++} ++ ++static uint32_t allocate_header_string(VmaWriter *vmaw, const char *str) ++{ ++ assert(vmaw); ++ ++ size_t len = strlen(str) + 1; ++ ++ return allocate_header_blob(vmaw, str, len); ++} ++ ++int vma_writer_add_config(VmaWriter *vmaw, const char *name, gpointer data, ++ gsize len) ++{ ++ assert(vmaw); ++ assert(!vmaw->header_written); ++ assert(vmaw->config_count < VMA_MAX_CONFIGS); ++ assert(name); ++ assert(data); ++ assert(len); ++ ++ gchar *basename = g_path_get_basename(name); ++ uint32_t name_ptr = allocate_header_string(vmaw, basename); ++ g_free(basename); ++ ++ if (!name_ptr) { ++ return -1; ++ } ++ ++ uint32_t data_ptr = allocate_header_blob(vmaw, data, len); ++ if (!data_ptr) { ++ return -1; ++ } ++ ++ vmaw->config_names[vmaw->config_count] = name_ptr; ++ vmaw->config_data[vmaw->config_count] = data_ptr; ++ ++ vmaw->config_count++; ++ ++ return 0; ++} ++ ++int vma_writer_register_stream(VmaWriter *vmaw, const char *devname, ++ size_t size) ++{ ++ assert(vmaw); ++ assert(devname); ++ assert(!vmaw->status); ++ ++ if (vmaw->header_written) { ++ vma_writer_set_error(vmaw, "vma_writer_register_stream: header " ++ "already written"); ++ return -1; ++ } ++ ++ guint n = vmaw->stream_count + 1; ++ ++ /* we can have dev_ids form 1 to 255 (0 reserved) ++ * 255(-1) reseverd for safety ++ */ ++ if (n > 254) { ++ vma_writer_set_error(vmaw, "vma_writer_register_stream: " ++ "too many drives"); ++ return -1; ++ } ++ ++ if (size <= 0) { ++ vma_writer_set_error(vmaw, "vma_writer_register_stream: " ++ "got strange size %zd", size); ++ return -1; ++ } ++ ++ DPRINTF("vma_writer_register_stream %s %zu %d\n", devname, size, n); ++ ++ vmaw->stream_info[n].devname = g_strdup(devname); ++ vmaw->stream_info[n].size = size; ++ ++ vmaw->stream_info[n].cluster_count = (size + VMA_CLUSTER_SIZE - 1) / ++ VMA_CLUSTER_SIZE; ++ ++ vmaw->stream_count = n; ++ ++ if (strcmp(devname, "vmstate") == 0) { ++ vmaw->vmstate_stream = n; ++ } ++ ++ return n; ++} ++ ++static void vma_co_continue_write(void *opaque) ++{ ++ VmaWriter *vmaw = opaque; ++ ++ DPRINTF("vma_co_continue_write\n"); ++ qemu_coroutine_enter(vmaw->co_writer); ++} ++ ++static ssize_t coroutine_fn ++vma_co_write(VmaWriter *vmaw, const void *buf, size_t bytes) ++{ ++ size_t done = 0; ++ ssize_t ret; ++ ++ /* atomic writes (we cannot interleave writes) */ ++ qemu_co_mutex_lock(&vmaw->writer_lock); ++ ++ DPRINTF("vma_co_write enter %zd\n", bytes); ++ ++ assert(vmaw->co_writer == NULL); ++ ++ vmaw->co_writer = qemu_coroutine_self(); ++ ++ aio_set_fd_handler(qemu_get_aio_context(), vmaw->fd, false, NULL, vma_co_continue_write, vmaw); ++ ++ DPRINTF("vma_co_write wait until writable\n"); ++ qemu_coroutine_yield(); ++ DPRINTF("vma_co_write starting %zd\n", bytes); ++ ++ while (done < bytes) { ++ ret = write(vmaw->fd, buf + done, bytes - done); ++ if (ret > 0) { ++ done += ret; ++ DPRINTF("vma_co_write written %zd %zd\n", done, ret); ++ } else if (ret < 0) { ++ if (errno == EAGAIN || errno == EWOULDBLOCK) { ++ DPRINTF("vma_co_write yield %zd\n", done); ++ qemu_coroutine_yield(); ++ DPRINTF("vma_co_write restart %zd\n", done); ++ } else { ++ vma_writer_set_error(vmaw, "vma_co_write write error - %s", ++ g_strerror(errno)); ++ done = -1; /* always return failure for partial writes */ ++ break; ++ } ++ } else if (ret == 0) { ++ /* should not happen - simply try again */ ++ } ++ } ++ ++ aio_set_fd_handler(qemu_get_aio_context(), vmaw->fd, false, NULL, NULL, NULL); ++ ++ vmaw->co_writer = NULL; ++ ++ qemu_co_mutex_unlock(&vmaw->writer_lock); ++ ++ DPRINTF("vma_co_write leave %zd\n", done); ++ return done; ++} ++ ++static void coroutine_fn vma_co_writer_task(void *opaque) ++{ ++ VmaAIOCB *cb = opaque; ++ ++ DPRINTF("vma_co_writer_task start\n"); ++ ++ int64_t done = vma_co_write(cb->vmaw, cb->buffer, cb->bytes); ++ DPRINTF("vma_co_writer_task write done %zd\n", done); ++ ++ if (done != cb->bytes) { ++ DPRINTF("vma_co_writer_task failed write %zd %zd", cb->bytes, done); ++ vma_writer_set_error(cb->vmaw, "vma_co_writer_task failed write %zd", ++ done); ++ } ++ ++ cb->bytes = 0; ++ ++ qemu_co_queue_next(&cb->vmaw->wqueue); ++ ++ DPRINTF("vma_co_writer_task end\n"); ++} ++ ++static void coroutine_fn vma_queue_flush(VmaWriter *vmaw) ++{ ++ DPRINTF("vma_queue_flush enter\n"); ++ ++ assert(vmaw); ++ ++ while (1) { ++ int i; ++ VmaAIOCB *cb = NULL; ++ for (i = 0; i < WRITE_BUFFERS; i++) { ++ if (vmaw->aiocbs[i]->bytes) { ++ cb = vmaw->aiocbs[i]; ++ DPRINTF("FOUND USED AIO BUFFER %d %zd\n", i, ++ vmaw->aiocbs[i]->bytes); ++ break; ++ } ++ } ++ if (!cb) { ++ break; ++ } ++ qemu_co_queue_wait(&vmaw->wqueue); ++ } ++ ++ DPRINTF("vma_queue_flush leave\n"); ++} ++ ++/** ++ * NOTE: pipe buffer size in only 4096 bytes on linux (see 'ulimit -a') ++ * So we need to create a coroutione to allow 'parallel' execution. ++ */ ++static ssize_t coroutine_fn ++vma_queue_write(VmaWriter *vmaw, const void *buf, size_t bytes) ++{ ++ DPRINTF("vma_queue_write enter %zd\n", bytes); ++ ++ assert(vmaw); ++ assert(buf); ++ assert(bytes <= VMA_MAX_EXTENT_SIZE); ++ ++ VmaAIOCB *cb = NULL; ++ while (!cb) { ++ int i; ++ for (i = 0; i < WRITE_BUFFERS; i++) { ++ if (!vmaw->aiocbs[i]->bytes) { ++ cb = vmaw->aiocbs[i]; ++ break; ++ } ++ } ++ if (!cb) { ++ qemu_co_queue_wait(&vmaw->wqueue); ++ } ++ } ++ ++ memcpy(cb->buffer, buf, bytes); ++ cb->bytes = bytes; ++ cb->vmaw = vmaw; ++ ++ DPRINTF("vma_queue_write start %zd\n", bytes); ++ cb->co = qemu_coroutine_create(vma_co_writer_task); ++ qemu_coroutine_enter(cb->co, cb); ++ ++ DPRINTF("vma_queue_write leave\n"); ++ ++ return bytes; ++} ++ ++VmaWriter *vma_writer_create(const char *filename, uuid_t uuid, Error **errp) ++{ ++ const char *p; ++ ++ assert(sizeof(VmaHeader) == (4096 + 8192)); ++ assert(G_STRUCT_OFFSET(VmaHeader, config_names) == 2044); ++ assert(G_STRUCT_OFFSET(VmaHeader, config_data) == 3068); ++ assert(G_STRUCT_OFFSET(VmaHeader, dev_info) == 4096); ++ assert(sizeof(VmaExtentHeader) == 512); ++ ++ VmaWriter *vmaw = g_new0(VmaWriter, 1); ++ vmaw->fd = -1; ++ ++ vmaw->md5csum = g_checksum_new(G_CHECKSUM_MD5); ++ if (!vmaw->md5csum) { ++ error_setg(errp, "can't allocate cmsum\n"); ++ goto err; ++ } ++ ++ if (strstart(filename, "exec:", &p)) { ++ vmaw->cmd = popen(p, "w"); ++ if (vmaw->cmd == NULL) { ++ error_setg(errp, "can't popen command '%s' - %s\n", p, ++ g_strerror(errno)); ++ goto err; ++ } ++ vmaw->fd = fileno(vmaw->cmd); ++ ++ /* try to use O_NONBLOCK and O_DIRECT */ ++ fcntl(vmaw->fd, F_SETFL, fcntl(vmaw->fd, F_GETFL)|O_NONBLOCK); ++ fcntl(vmaw->fd, F_SETFL, fcntl(vmaw->fd, F_GETFL)|O_DIRECT); ++ ++ } else { ++ struct stat st; ++ int oflags; ++ const char *tmp_id_str; ++ ++ if ((stat(filename, &st) == 0) && S_ISFIFO(st.st_mode)) { ++ oflags = O_NONBLOCK|O_DIRECT|O_WRONLY; ++ vmaw->fd = qemu_open(filename, oflags, 0644); ++ } else if (strstart(filename, "/dev/fdset/", &tmp_id_str)) { ++ oflags = O_NONBLOCK|O_DIRECT|O_WRONLY; ++ vmaw->fd = qemu_open(filename, oflags, 0644); ++ } else if (strstart(filename, "/dev/fdname/", &tmp_id_str)) { ++ vmaw->fd = monitor_get_fd(cur_mon, tmp_id_str, errp); ++ if (vmaw->fd < 0) { ++ goto err; ++ } ++ /* try to use O_NONBLOCK and O_DIRECT */ ++ fcntl(vmaw->fd, F_SETFL, fcntl(vmaw->fd, F_GETFL)|O_NONBLOCK); ++ fcntl(vmaw->fd, F_SETFL, fcntl(vmaw->fd, F_GETFL)|O_DIRECT); ++ } else { ++ oflags = O_NONBLOCK|O_DIRECT|O_WRONLY|O_CREAT|O_EXCL; ++ vmaw->fd = qemu_open(filename, oflags, 0644); ++ } ++ ++ if (vmaw->fd < 0) { ++ error_setg(errp, "can't open file %s - %s\n", filename, ++ g_strerror(errno)); ++ goto err; ++ } ++ } ++ ++ /* we use O_DIRECT, so we need to align IO buffers */ ++ int i; ++ for (i = 0; i < WRITE_BUFFERS; i++) { ++ vmaw->aiocbs[i] = qemu_memalign(512, sizeof(VmaAIOCB)); ++ memset(vmaw->aiocbs[i], 0, sizeof(VmaAIOCB)); ++ } ++ ++ vmaw->outbuf_count = 0; ++ vmaw->outbuf_pos = VMA_EXTENT_HEADER_SIZE; ++ ++ vmaw->header_blob_table_pos = 1; /* start at pos 1 */ ++ ++ qemu_co_mutex_init(&vmaw->writer_lock); ++ qemu_co_mutex_init(&vmaw->flush_lock); ++ qemu_co_queue_init(&vmaw->wqueue); ++ ++ uuid_copy(vmaw->uuid, uuid); ++ ++ return vmaw; ++ ++err: ++ if (vmaw) { ++ if (vmaw->cmd) { ++ pclose(vmaw->cmd); ++ } else if (vmaw->fd >= 0) { ++ close(vmaw->fd); ++ } ++ ++ if (vmaw->md5csum) { ++ g_checksum_free(vmaw->md5csum); ++ } ++ ++ g_free(vmaw); ++ } ++ ++ return NULL; ++} ++ ++static int coroutine_fn vma_write_header(VmaWriter *vmaw) ++{ ++ assert(vmaw); ++ int header_clusters = 8; ++ char buf[65536*header_clusters]; ++ VmaHeader *head = (VmaHeader *)buf; ++ ++ int i; ++ ++ DPRINTF("VMA WRITE HEADER\n"); ++ ++ if (vmaw->status < 0) { ++ return vmaw->status; ++ } ++ ++ memset(buf, 0, sizeof(buf)); ++ ++ head->magic = VMA_MAGIC; ++ head->version = GUINT32_TO_BE(1); /* v1 */ ++ memcpy(head->uuid, vmaw->uuid, 16); ++ ++ time_t ctime = time(NULL); ++ head->ctime = GUINT64_TO_BE(ctime); ++ ++ if (!vmaw->stream_count) { ++ return -1; ++ } ++ ++ for (i = 0; i < VMA_MAX_CONFIGS; i++) { ++ head->config_names[i] = GUINT32_TO_BE(vmaw->config_names[i]); ++ head->config_data[i] = GUINT32_TO_BE(vmaw->config_data[i]); ++ } ++ ++ /* 32 bytes per device (12 used currently) = 8192 bytes max */ ++ for (i = 1; i <= 254; i++) { ++ VmaStreamInfo *si = &vmaw->stream_info[i]; ++ if (si->size) { ++ assert(si->devname); ++ uint32_t devname_ptr = allocate_header_string(vmaw, si->devname); ++ if (!devname_ptr) { ++ return -1; ++ } ++ head->dev_info[i].devname_ptr = GUINT32_TO_BE(devname_ptr); ++ head->dev_info[i].size = GUINT64_TO_BE(si->size); ++ } ++ } ++ ++ uint32_t header_size = sizeof(VmaHeader) + vmaw->header_blob_table_size; ++ head->header_size = GUINT32_TO_BE(header_size); ++ ++ if (header_size > sizeof(buf)) { ++ return -1; /* just to be sure */ ++ } ++ ++ uint32_t blob_buffer_offset = sizeof(VmaHeader); ++ memcpy(buf + blob_buffer_offset, vmaw->header_blob_table, ++ vmaw->header_blob_table_size); ++ head->blob_buffer_offset = GUINT32_TO_BE(blob_buffer_offset); ++ head->blob_buffer_size = GUINT32_TO_BE(vmaw->header_blob_table_pos); ++ ++ g_checksum_reset(vmaw->md5csum); ++ g_checksum_update(vmaw->md5csum, (const guchar *)buf, header_size); ++ gsize csize = 16; ++ g_checksum_get_digest(vmaw->md5csum, (guint8 *)(head->md5sum), &csize); ++ ++ return vma_queue_write(vmaw, buf, header_size); ++} ++ ++static int coroutine_fn vma_writer_flush(VmaWriter *vmaw) ++{ ++ assert(vmaw); ++ ++ int ret; ++ int i; ++ ++ if (vmaw->status < 0) { ++ return vmaw->status; ++ } ++ ++ if (!vmaw->header_written) { ++ vmaw->header_written = true; ++ ret = vma_write_header(vmaw); ++ if (ret < 0) { ++ vma_writer_set_error(vmaw, "vma_writer_flush: write header failed"); ++ return ret; ++ } ++ } ++ ++ DPRINTF("VMA WRITE FLUSH %d %d\n", vmaw->outbuf_count, vmaw->outbuf_pos); ++ ++ ++ VmaExtentHeader *ehead = (VmaExtentHeader *)vmaw->outbuf; ++ ++ ehead->magic = VMA_EXTENT_MAGIC; ++ ehead->reserved1 = 0; ++ ++ for (i = 0; i < VMA_BLOCKS_PER_EXTENT; i++) { ++ ehead->blockinfo[i] = GUINT64_TO_BE(vmaw->outbuf_block_info[i]); ++ } ++ ++ guint16 block_count = (vmaw->outbuf_pos - VMA_EXTENT_HEADER_SIZE) / ++ VMA_BLOCK_SIZE; ++ ++ ehead->block_count = GUINT16_TO_BE(block_count); ++ ++ memcpy(ehead->uuid, vmaw->uuid, sizeof(ehead->uuid)); ++ memset(ehead->md5sum, 0, sizeof(ehead->md5sum)); ++ ++ g_checksum_reset(vmaw->md5csum); ++ g_checksum_update(vmaw->md5csum, vmaw->outbuf, VMA_EXTENT_HEADER_SIZE); ++ gsize csize = 16; ++ g_checksum_get_digest(vmaw->md5csum, ehead->md5sum, &csize); ++ ++ int bytes = vmaw->outbuf_pos; ++ ret = vma_queue_write(vmaw, vmaw->outbuf, bytes); ++ if (ret != bytes) { ++ vma_writer_set_error(vmaw, "vma_writer_flush: failed write"); ++ } ++ ++ vmaw->outbuf_count = 0; ++ vmaw->outbuf_pos = VMA_EXTENT_HEADER_SIZE; ++ ++ for (i = 0; i < VMA_BLOCKS_PER_EXTENT; i++) { ++ vmaw->outbuf_block_info[i] = 0; ++ } ++ ++ return vmaw->status; ++} ++ ++static int vma_count_open_streams(VmaWriter *vmaw) ++{ ++ g_assert(vmaw != NULL); ++ ++ int i; ++ int open_drives = 0; ++ for (i = 0; i <= 255; i++) { ++ if (vmaw->stream_info[i].size && !vmaw->stream_info[i].finished) { ++ open_drives++; ++ } ++ } ++ ++ return open_drives; ++} ++ ++/** ++ * all jobs should call this when there is no more data ++ * Returns: number of remaining stream (0 ==> finished) ++ */ ++int coroutine_fn ++vma_writer_close_stream(VmaWriter *vmaw, uint8_t dev_id) ++{ ++ g_assert(vmaw != NULL); ++ ++ DPRINTF("vma_writer_set_status %d\n", dev_id); ++ if (!vmaw->stream_info[dev_id].size) { ++ vma_writer_set_error(vmaw, "vma_writer_close_stream: " ++ "no such stream %d", dev_id); ++ return -1; ++ } ++ if (vmaw->stream_info[dev_id].finished) { ++ vma_writer_set_error(vmaw, "vma_writer_close_stream: " ++ "stream already closed %d", dev_id); ++ return -1; ++ } ++ ++ vmaw->stream_info[dev_id].finished = true; ++ ++ int open_drives = vma_count_open_streams(vmaw); ++ ++ if (open_drives <= 0) { ++ DPRINTF("vma_writer_set_status all drives completed\n"); ++ qemu_co_mutex_lock(&vmaw->flush_lock); ++ int ret = vma_writer_flush(vmaw); ++ qemu_co_mutex_unlock(&vmaw->flush_lock); ++ if (ret < 0) { ++ vma_writer_set_error(vmaw, "vma_writer_close_stream: flush failed"); ++ } ++ } ++ ++ return open_drives; ++} ++ ++int vma_writer_get_status(VmaWriter *vmaw, VmaStatus *status) ++{ ++ int i; ++ ++ g_assert(vmaw != NULL); ++ ++ if (status) { ++ status->status = vmaw->status; ++ g_strlcpy(status->errmsg, vmaw->errmsg, sizeof(status->errmsg)); ++ for (i = 0; i <= 255; i++) { ++ status->stream_info[i] = vmaw->stream_info[i]; ++ } ++ ++ uuid_unparse_lower(vmaw->uuid, status->uuid_str); ++ } ++ ++ status->closed = vmaw->closed; ++ ++ return vmaw->status; ++} ++ ++static int vma_writer_get_buffer(VmaWriter *vmaw) ++{ ++ int ret = 0; ++ ++ qemu_co_mutex_lock(&vmaw->flush_lock); ++ ++ /* wait until buffer is available */ ++ while (vmaw->outbuf_count >= (VMA_BLOCKS_PER_EXTENT - 1)) { ++ ret = vma_writer_flush(vmaw); ++ if (ret < 0) { ++ vma_writer_set_error(vmaw, "vma_writer_get_buffer: flush failed"); ++ break; ++ } ++ } ++ ++ qemu_co_mutex_unlock(&vmaw->flush_lock); ++ ++ return ret; ++} ++ ++ ++int64_t coroutine_fn ++vma_writer_write(VmaWriter *vmaw, uint8_t dev_id, int64_t cluster_num, ++ unsigned char *buf, size_t *zero_bytes) ++{ ++ g_assert(vmaw != NULL); ++ g_assert(zero_bytes != NULL); ++ ++ *zero_bytes = 0; ++ ++ if (vmaw->status < 0) { ++ return vmaw->status; ++ } ++ ++ if (!dev_id || !vmaw->stream_info[dev_id].size) { ++ vma_writer_set_error(vmaw, "vma_writer_write: " ++ "no such stream %d", dev_id); ++ return -1; ++ } ++ ++ if (vmaw->stream_info[dev_id].finished) { ++ vma_writer_set_error(vmaw, "vma_writer_write: " ++ "stream already closed %d", dev_id); ++ return -1; ++ } ++ ++ ++ if (cluster_num >= (((uint64_t)1)<<32)) { ++ vma_writer_set_error(vmaw, "vma_writer_write: " ++ "cluster number out of range"); ++ return -1; ++ } ++ ++ if (dev_id == vmaw->vmstate_stream) { ++ if (cluster_num != vmaw->vmstate_clusters) { ++ vma_writer_set_error(vmaw, "vma_writer_write: " ++ "non sequential vmstate write"); ++ } ++ vmaw->vmstate_clusters++; ++ } else if (cluster_num >= vmaw->stream_info[dev_id].cluster_count) { ++ vma_writer_set_error(vmaw, "vma_writer_write: cluster number too big"); ++ return -1; ++ } ++ ++ /* wait until buffer is available */ ++ if (vma_writer_get_buffer(vmaw) < 0) { ++ vma_writer_set_error(vmaw, "vma_writer_write: " ++ "vma_writer_get_buffer failed"); ++ return -1; ++ } ++ ++ DPRINTF("VMA WRITE %d %zd\n", dev_id, cluster_num); ++ ++ uint16_t mask = 0; ++ ++ if (buf) { ++ int i; ++ int bit = 1; ++ for (i = 0; i < 16; i++) { ++ unsigned char *vmablock = buf + (i*VMA_BLOCK_SIZE); ++ if (!buffer_is_zero(vmablock, VMA_BLOCK_SIZE)) { ++ mask |= bit; ++ memcpy(vmaw->outbuf + vmaw->outbuf_pos, vmablock, ++ VMA_BLOCK_SIZE); ++ vmaw->outbuf_pos += VMA_BLOCK_SIZE; ++ } else { ++ DPRINTF("VMA WRITE %zd ZERO BLOCK %d\n", cluster_num, i); ++ vmaw->stream_info[dev_id].zero_bytes += VMA_BLOCK_SIZE; ++ *zero_bytes += VMA_BLOCK_SIZE; ++ } ++ ++ bit = bit << 1; ++ } ++ } else { ++ DPRINTF("VMA WRITE %zd ZERO CLUSTER\n", cluster_num); ++ vmaw->stream_info[dev_id].zero_bytes += VMA_CLUSTER_SIZE; ++ *zero_bytes += VMA_CLUSTER_SIZE; ++ } ++ ++ uint64_t block_info = ((uint64_t)mask) << (32+16); ++ block_info |= ((uint64_t)dev_id) << 32; ++ block_info |= (cluster_num & 0xffffffff); ++ vmaw->outbuf_block_info[vmaw->outbuf_count] = block_info; ++ ++ DPRINTF("VMA WRITE MASK %zd %zx\n", cluster_num, block_info); ++ ++ vmaw->outbuf_count++; ++ ++ /** NOTE: We allways write whole clusters, but we correctly set ++ * transferred bytes. So transferred == size when when everything ++ * went OK. ++ */ ++ size_t transferred = VMA_CLUSTER_SIZE; ++ ++ if (dev_id != vmaw->vmstate_stream) { ++ uint64_t last = (cluster_num + 1) * VMA_CLUSTER_SIZE; ++ if (last > vmaw->stream_info[dev_id].size) { ++ uint64_t diff = last - vmaw->stream_info[dev_id].size; ++ if (diff >= VMA_CLUSTER_SIZE) { ++ vma_writer_set_error(vmaw, "vma_writer_write: " ++ "read after last cluster"); ++ return -1; ++ } ++ transferred -= diff; ++ } ++ } ++ ++ vmaw->stream_info[dev_id].transferred += transferred; ++ ++ return transferred; ++} ++ ++int vma_writer_close(VmaWriter *vmaw, Error **errp) ++{ ++ g_assert(vmaw != NULL); ++ ++ int i; ++ ++ vma_queue_flush(vmaw); ++ ++ /* this should not happen - just to be sure */ ++ while (!qemu_co_queue_empty(&vmaw->wqueue)) { ++ DPRINTF("vma_writer_close wait\n"); ++ co_aio_sleep_ns(qemu_get_aio_context(), QEMU_CLOCK_REALTIME, 1000000); ++ } ++ ++ if (vmaw->cmd) { ++ if (pclose(vmaw->cmd) < 0) { ++ vma_writer_set_error(vmaw, "vma_writer_close: " ++ "pclose failed - %s", g_strerror(errno)); ++ } ++ } else { ++ if (close(vmaw->fd) < 0) { ++ vma_writer_set_error(vmaw, "vma_writer_close: " ++ "close failed - %s", g_strerror(errno)); ++ } ++ } ++ ++ for (i = 0; i <= 255; i++) { ++ VmaStreamInfo *si = &vmaw->stream_info[i]; ++ if (si->size) { ++ if (!si->finished) { ++ vma_writer_set_error(vmaw, "vma_writer_close: " ++ "detected open stream '%s'", si->devname); ++ } else if ((si->transferred != si->size) && ++ (i != vmaw->vmstate_stream)) { ++ vma_writer_set_error(vmaw, "vma_writer_close: " ++ "incomplete stream '%s' (%zd != %zd)", ++ si->devname, si->transferred, si->size); ++ } ++ } ++ } ++ ++ for (i = 0; i <= 255; i++) { ++ vmaw->stream_info[i].finished = 1; /* mark as closed */ ++ } ++ ++ vmaw->closed = 1; ++ ++ if (vmaw->status < 0 && *errp == NULL) { ++ error_setg(errp, "%s", vmaw->errmsg); ++ } ++ ++ return vmaw->status; ++} ++ ++void vma_writer_destroy(VmaWriter *vmaw) ++{ ++ assert(vmaw); ++ ++ int i; ++ ++ for (i = 0; i <= 255; i++) { ++ if (vmaw->stream_info[i].devname) { ++ g_free(vmaw->stream_info[i].devname); ++ } ++ } ++ ++ if (vmaw->md5csum) { ++ g_checksum_free(vmaw->md5csum); ++ } ++ ++ for (i = 0; i < WRITE_BUFFERS; i++) { ++ free(vmaw->aiocbs[i]); ++ } ++ ++ g_free(vmaw); ++} +diff --git a/vma.c b/vma.c +new file mode 100644 +index 0000000..8014090 +--- /dev/null ++++ b/vma.c +@@ -0,0 +1,585 @@ ++/* ++ * VMA: Virtual Machine Archive ++ * ++ * Copyright (C) 2012-2013 Proxmox Server Solutions ++ * ++ * Authors: ++ * Dietmar Maurer (dietmar@proxmox.com) ++ * ++ * This work is licensed under the terms of the GNU GPL, version 2 or later. ++ * See the COPYING file in the top-level directory. ++ * ++ */ ++ ++#include "qemu/osdep.h" ++#include ++ ++#include "vma.h" ++#include "qemu-common.h" ++#include "qemu/error-report.h" ++#include "qemu/main-loop.h" ++#include "sysemu/char.h" /* qstring_from_str */ ++ ++static void help(void) ++{ ++ const char *help_msg = ++ "usage: vma command [command options]\n" ++ "\n" ++ "vma list \n" ++ "vma create [-c config] pathname ...\n" ++ "vma extract [-r ] \n" ++ ; ++ ++ printf("%s", help_msg); ++ exit(1); ++} ++ ++static const char *extract_devname(const char *path, char **devname, int index) ++{ ++ assert(path); ++ ++ const char *sep = strchr(path, '='); ++ ++ if (sep) { ++ *devname = g_strndup(path, sep - path); ++ path = sep + 1; ++ } else { ++ if (index >= 0) { ++ *devname = g_strdup_printf("disk%d", index); ++ } else { ++ *devname = NULL; ++ } ++ } ++ ++ return path; ++} ++ ++static void print_content(VmaReader *vmar) ++{ ++ assert(vmar); ++ ++ VmaHeader *head = vma_reader_get_header(vmar); ++ ++ GList *l = vma_reader_get_config_data(vmar); ++ while (l && l->data) { ++ VmaConfigData *cdata = (VmaConfigData *)l->data; ++ l = g_list_next(l); ++ printf("CFG: size: %d name: %s\n", cdata->len, cdata->name); ++ } ++ ++ int i; ++ VmaDeviceInfo *di; ++ for (i = 1; i < 255; i++) { ++ di = vma_reader_get_device_info(vmar, i); ++ if (di) { ++ if (strcmp(di->devname, "vmstate") == 0) { ++ printf("VMSTATE: dev_id=%d memory: %zd\n", i, di->size); ++ } else { ++ printf("DEV: dev_id=%d size: %zd devname: %s\n", ++ i, di->size, di->devname); ++ } ++ } ++ } ++ /* ctime is the last entry we print */ ++ printf("CTIME: %s", ctime(&head->ctime)); ++ fflush(stdout); ++} ++ ++static int list_content(int argc, char **argv) ++{ ++ int c, ret = 0; ++ const char *filename; ++ ++ for (;;) { ++ c = getopt(argc, argv, "h"); ++ if (c == -1) { ++ break; ++ } ++ switch (c) { ++ case '?': ++ case 'h': ++ help(); ++ break; ++ default: ++ g_assert_not_reached(); ++ } ++ } ++ ++ /* Get the filename */ ++ if ((optind + 1) != argc) { ++ help(); ++ } ++ filename = argv[optind++]; ++ ++ Error *errp = NULL; ++ VmaReader *vmar = vma_reader_create(filename, &errp); ++ ++ if (!vmar) { ++ g_error("%s", error_get_pretty(errp)); ++ } ++ ++ print_content(vmar); ++ ++ vma_reader_destroy(vmar); ++ ++ return ret; ++} ++ ++typedef struct RestoreMap { ++ char *devname; ++ char *path; ++ bool write_zero; ++} RestoreMap; ++ ++static int extract_content(int argc, char **argv) ++{ ++ int c, ret = 0; ++ int verbose = 0; ++ const char *filename; ++ const char *dirname; ++ const char *readmap = NULL; ++ ++ for (;;) { ++ c = getopt(argc, argv, "hvr:"); ++ if (c == -1) { ++ break; ++ } ++ switch (c) { ++ case '?': ++ case 'h': ++ help(); ++ break; ++ case 'r': ++ readmap = optarg; ++ break; ++ case 'v': ++ verbose = 1; ++ break; ++ default: ++ help(); ++ } ++ } ++ ++ /* Get the filename */ ++ if ((optind + 2) != argc) { ++ help(); ++ } ++ filename = argv[optind++]; ++ dirname = argv[optind++]; ++ ++ Error *errp = NULL; ++ VmaReader *vmar = vma_reader_create(filename, &errp); ++ ++ if (!vmar) { ++ g_error("%s", error_get_pretty(errp)); ++ } ++ ++ if (mkdir(dirname, 0777) < 0) { ++ g_error("unable to create target directory %s - %s", ++ dirname, g_strerror(errno)); ++ } ++ ++ GList *l = vma_reader_get_config_data(vmar); ++ while (l && l->data) { ++ VmaConfigData *cdata = (VmaConfigData *)l->data; ++ l = g_list_next(l); ++ char *cfgfn = g_strdup_printf("%s/%s", dirname, cdata->name); ++ GError *err = NULL; ++ if (!g_file_set_contents(cfgfn, (gchar *)cdata->data, cdata->len, ++ &err)) { ++ g_error("unable to write file: %s", err->message); ++ } ++ } ++ ++ GHashTable *devmap = g_hash_table_new(g_str_hash, g_str_equal); ++ ++ if (readmap) { ++ print_content(vmar); ++ ++ FILE *map = fopen(readmap, "r"); ++ if (!map) { ++ g_error("unable to open fifo %s - %s", readmap, g_strerror(errno)); ++ } ++ ++ while (1) { ++ char inbuf[8192]; ++ char *line = fgets(inbuf, sizeof(inbuf), map); ++ if (!line || line[0] == '\0' || !strcmp(line, "done\n")) { ++ break; ++ } ++ int len = strlen(line); ++ if (line[len - 1] == '\n') { ++ line[len - 1] = '\0'; ++ if (len == 1) { ++ break; ++ } ++ } ++ ++ const char *path; ++ bool write_zero; ++ if (line[0] == '0' && line[1] == ':') { ++ path = inbuf + 2; ++ write_zero = false; ++ } else if (line[0] == '1' && line[1] == ':') { ++ path = inbuf + 2; ++ write_zero = true; ++ } else { ++ g_error("read map failed - parse error ('%s')", inbuf); ++ } ++ ++ char *devname = NULL; ++ path = extract_devname(path, &devname, -1); ++ if (!devname) { ++ g_error("read map failed - no dev name specified ('%s')", ++ inbuf); ++ } ++ ++ RestoreMap *map = g_new0(RestoreMap, 1); ++ map->devname = g_strdup(devname); ++ map->path = g_strdup(path); ++ map->write_zero = write_zero; ++ ++ g_hash_table_insert(devmap, map->devname, map); ++ ++ }; ++ } ++ ++ int i; ++ int vmstate_fd = -1; ++ guint8 vmstate_stream = 0; ++ ++ for (i = 1; i < 255; i++) { ++ VmaDeviceInfo *di = vma_reader_get_device_info(vmar, i); ++ if (di && (strcmp(di->devname, "vmstate") == 0)) { ++ vmstate_stream = i; ++ char *statefn = g_strdup_printf("%s/vmstate.bin", dirname); ++ vmstate_fd = open(statefn, O_WRONLY|O_CREAT|O_EXCL, 0644); ++ if (vmstate_fd < 0) { ++ g_error("create vmstate file '%s' failed - %s", statefn, ++ g_strerror(errno)); ++ } ++ g_free(statefn); ++ } else if (di) { ++ char *devfn = NULL; ++ int flags = BDRV_O_RDWR|BDRV_O_CACHE_WB; ++ bool write_zero = true; ++ ++ if (readmap) { ++ RestoreMap *map; ++ map = (RestoreMap *)g_hash_table_lookup(devmap, di->devname); ++ if (map == NULL) { ++ g_error("no device name mapping for %s", di->devname); ++ } ++ devfn = map->path; ++ write_zero = map->write_zero; ++ } else { ++ devfn = g_strdup_printf("%s/tmp-disk-%s.raw", ++ dirname, di->devname); ++ printf("DEVINFO %s %zd\n", devfn, di->size); ++ ++ bdrv_img_create(devfn, "raw", NULL, NULL, NULL, di->size, ++ flags, &errp, 0); ++ if (errp) { ++ g_error("can't create file %s: %s", devfn, ++ error_get_pretty(errp)); ++ } ++ ++ /* Note: we created an empty file above, so there is no ++ * need to write zeroes (so we generate a sparse file) ++ */ ++ write_zero = false; ++ } ++ ++ BlockDriverState *bs = bdrv_new(); ++ if (errp || bdrv_open(&bs, devfn, NULL, NULL, flags, &errp)) { ++ g_error("can't open file %s - %s", devfn, ++ error_get_pretty(errp)); ++ } ++ if (vma_reader_register_bs(vmar, i, bs, write_zero, &errp) < 0) { ++ g_error("%s", error_get_pretty(errp)); ++ } ++ ++ if (!readmap) { ++ g_free(devfn); ++ } ++ } ++ } ++ ++ if (vma_reader_restore(vmar, vmstate_fd, verbose, &errp) < 0) { ++ g_error("restore failed - %s", error_get_pretty(errp)); ++ } ++ ++ if (!readmap) { ++ for (i = 1; i < 255; i++) { ++ VmaDeviceInfo *di = vma_reader_get_device_info(vmar, i); ++ if (di && (i != vmstate_stream)) { ++ char *tmpfn = g_strdup_printf("%s/tmp-disk-%s.raw", ++ dirname, di->devname); ++ char *fn = g_strdup_printf("%s/disk-%s.raw", ++ dirname, di->devname); ++ if (rename(tmpfn, fn) != 0) { ++ g_error("rename %s to %s failed - %s", ++ tmpfn, fn, g_strerror(errno)); ++ } ++ } ++ } ++ } ++ ++ vma_reader_destroy(vmar); ++ ++ bdrv_close_all(); ++ ++ return ret; ++} ++ ++typedef struct BackupJob { ++ BlockDriverState *bs; ++ int64_t len; ++ VmaWriter *vmaw; ++ uint8_t dev_id; ++} BackupJob; ++ ++#define BACKUP_SECTORS_PER_CLUSTER (VMA_CLUSTER_SIZE / BDRV_SECTOR_SIZE) ++ ++static void coroutine_fn backup_run(void *opaque) ++{ ++ BackupJob *job = (BackupJob *)opaque; ++ struct iovec iov; ++ QEMUIOVector qiov; ++ ++ int64_t start, end; ++ int ret = 0; ++ ++ unsigned char *buf = qemu_blockalign(job->bs, VMA_CLUSTER_SIZE); ++ ++ start = 0; ++ end = DIV_ROUND_UP(job->len / BDRV_SECTOR_SIZE, ++ BACKUP_SECTORS_PER_CLUSTER); ++ ++ for (; start < end; start++) { ++ iov.iov_base = buf; ++ iov.iov_len = VMA_CLUSTER_SIZE; ++ qemu_iovec_init_external(&qiov, &iov, 1); ++ ++ ret = bdrv_co_readv(job->bs, start * BACKUP_SECTORS_PER_CLUSTER, ++ BACKUP_SECTORS_PER_CLUSTER, &qiov); ++ if (ret < 0) { ++ vma_writer_set_error(job->vmaw, "read error", -1); ++ goto out; ++ } ++ ++ size_t zb = 0; ++ if (vma_writer_write(job->vmaw, job->dev_id, start, buf, &zb) < 0) { ++ vma_writer_set_error(job->vmaw, "backup_dump_cb vma_writer_write failed", -1); ++ goto out; ++ } ++ } ++ ++ ++out: ++ if (vma_writer_close_stream(job->vmaw, job->dev_id) <= 0) { ++ Error *err = NULL; ++ if (vma_writer_close(job->vmaw, &err) != 0) { ++ g_warning("vma_writer_close failed %s", error_get_pretty(err)); ++ } ++ } ++} ++ ++static int create_archive(int argc, char **argv) ++{ ++ int i, c; ++ int verbose = 0; ++ const char *archivename; ++ GList *config_files = NULL; ++ ++ for (;;) { ++ c = getopt(argc, argv, "hvc:"); ++ if (c == -1) { ++ break; ++ } ++ switch (c) { ++ case '?': ++ case 'h': ++ help(); ++ break; ++ case 'c': ++ config_files = g_list_append(config_files, optarg); ++ break; ++ case 'v': ++ verbose = 1; ++ break; ++ default: ++ g_assert_not_reached(); ++ } ++ } ++ ++ ++ /* make sure we have archive name and at least one path */ ++ if ((optind + 2) > argc) { ++ help(); ++ } ++ ++ archivename = argv[optind++]; ++ ++ uuid_t uuid; ++ uuid_generate(uuid); ++ ++ Error *local_err = NULL; ++ VmaWriter *vmaw = vma_writer_create(archivename, uuid, &local_err); ++ ++ if (vmaw == NULL) { ++ g_error("%s", error_get_pretty(local_err)); ++ } ++ ++ GList *l = config_files; ++ while (l && l->data) { ++ char *name = l->data; ++ char *cdata = NULL; ++ gsize clen = 0; ++ GError *err = NULL; ++ if (!g_file_get_contents(name, &cdata, &clen, &err)) { ++ unlink(archivename); ++ g_error("Unable to read file: %s", err->message); ++ } ++ ++ if (vma_writer_add_config(vmaw, name, cdata, clen) != 0) { ++ unlink(archivename); ++ g_error("Unable to append config data %s (len = %zd)", ++ name, clen); ++ } ++ l = g_list_next(l); ++ } ++ ++ int ind = 0; ++ while (optind < argc) { ++ const char *path = argv[optind++]; ++ char *devname = NULL; ++ path = extract_devname(path, &devname, ind++); ++ ++ Error *errp = NULL; ++ BlockDriverState *bs; ++ ++ bs = bdrv_open(path, NULL, NULL, 0, &errp); ++ if (!bs) { ++ unlink(archivename); ++ g_error("bdrv_open '%s' failed - %s", path, error_get_pretty(errp)); ++ } ++ int64_t size = bdrv_getlength(bs); ++ int dev_id = vma_writer_register_stream(vmaw, devname, size); ++ if (dev_id <= 0) { ++ unlink(archivename); ++ g_error("vma_writer_register_stream '%s' failed", devname); ++ } ++ ++ BackupJob *job = g_new0(BackupJob, 1); ++ job->len = size; ++ job->bs = bs; ++ job->vmaw = vmaw; ++ job->dev_id = dev_id; ++ ++ Coroutine *co = qemu_coroutine_create(backup_run, job); ++ qemu_coroutine_enter(co); ++ } ++ ++ VmaStatus vmastat; ++ int percent = 0; ++ int last_percent = -1; ++ ++ while (1) { ++ main_loop_wait(false); ++ vma_writer_get_status(vmaw, &vmastat); ++ ++ if (verbose) { ++ ++ uint64_t total = 0; ++ uint64_t transferred = 0; ++ uint64_t zero_bytes = 0; ++ ++ int i; ++ for (i = 0; i < 256; i++) { ++ if (vmastat.stream_info[i].size) { ++ total += vmastat.stream_info[i].size; ++ transferred += vmastat.stream_info[i].transferred; ++ zero_bytes += vmastat.stream_info[i].zero_bytes; ++ } ++ } ++ percent = (transferred*100)/total; ++ if (percent != last_percent) { ++ fprintf(stderr, "progress %d%% %zd/%zd %zd\n", percent, ++ transferred, total, zero_bytes); ++ fflush(stderr); ++ ++ last_percent = percent; ++ } ++ } ++ ++ if (vmastat.closed) { ++ break; ++ } ++ } else { ++ Coroutine *co = qemu_coroutine_create(backup_run_empty, vmaw); ++ qemu_coroutine_enter(co); ++ while (1) { ++ main_loop_wait(false); ++ vma_writer_get_status(vmaw, &vmastat); ++ if (vmastat.closed) { ++ break; ++ } ++ } ++ } ++ ++ bdrv_drain_all(); ++ ++ vma_writer_get_status(vmaw, &vmastat); ++ ++ if (verbose) { ++ for (i = 0; i < 256; i++) { ++ VmaStreamInfo *si = &vmastat.stream_info[i]; ++ if (si->size) { ++ fprintf(stderr, "image %s: size=%zd zeros=%zd saved=%zd\n", ++ si->devname, si->size, si->zero_bytes, ++ si->size - si->zero_bytes); ++ } ++ } ++ } ++ ++ if (vmastat.status < 0) { ++ unlink(archivename); ++ g_error("creating vma archive failed"); ++ } ++ ++ return 0; ++} ++ ++int main(int argc, char **argv) ++{ ++ const char *cmdname; ++ Error *main_loop_err = NULL; ++ ++ error_set_progname(argv[0]); ++ ++ if (qemu_init_main_loop(&main_loop_err)) { ++ g_error("%s", error_get_pretty(main_loop_err)); ++ } ++ ++ bdrv_init(); ++ ++ if (argc < 2) { ++ help(); ++ } ++ ++ cmdname = argv[1]; ++ argc--; argv++; ++ ++ ++ if (!strcmp(cmdname, "list")) { ++ return list_content(argc, argv); ++ } else if (!strcmp(cmdname, "create")) { ++ return create_archive(argc, argv); ++ } else if (!strcmp(cmdname, "extract")) { ++ return extract_content(argc, argv); ++ } ++ ++ help(); ++ return 0; ++} +diff --git a/vma.h b/vma.h +new file mode 100644 +index 0000000..6625eb9 +--- /dev/null ++++ b/vma.h +@@ -0,0 +1,146 @@ ++/* ++ * VMA: Virtual Machine Archive ++ * ++ * Copyright (C) Proxmox Server Solutions ++ * ++ * Authors: ++ * Dietmar Maurer (dietmar@proxmox.com) ++ * ++ * This work is licensed under the terms of the GNU GPL, version 2 or later. ++ * See the COPYING file in the top-level directory. ++ * ++ */ ++ ++#ifndef BACKUP_VMA_H ++#define BACKUP_VMA_H ++ ++#include ++#include "qapi/error.h" ++#include "block/block.h" ++ ++#define VMA_BLOCK_BITS 12 ++#define VMA_BLOCK_SIZE (1< +Date: Mon, 11 Mar 2013 07:07:46 +0100 +Subject: [PATCH 12/47] vma: add verify command + +Users wants to verify the archive after backup. + +Examples: + + # vma verify -v test.vma + + # lzop -d -c test.vma.lzo |vma verify - + +Signed-off-by: Dietmar Maurer +--- + vma-reader.c | 121 ++++++++++++++++++++++++++++++++++++++++++++--------------- + vma.c | 55 +++++++++++++++++++++++++++ + vma.h | 1 + + 3 files changed, 147 insertions(+), 30 deletions(-) + +diff --git a/vma-reader.c b/vma-reader.c +index 51dd8fe..2aafb26 100644 +--- a/vma-reader.c ++++ b/vma-reader.c +@@ -45,6 +45,8 @@ struct VmaReader { + time_t start_time; + int64_t cluster_count; + int64_t clusters_read; ++ int64_t zero_cluster_data; ++ int64_t partial_zero_cluster_data; + int clusters_read_per; + }; + +@@ -425,6 +427,27 @@ VmaDeviceInfo *vma_reader_get_device_info(VmaReader *vmar, guint8 dev_id) + return NULL; + } + ++static void allocate_rstate(VmaReader *vmar, guint8 dev_id, ++ BlockDriverState *bs, bool write_zeroes) ++{ ++ assert(vmar); ++ assert(dev_id); ++ ++ vmar->rstate[dev_id].bs = bs; ++ vmar->rstate[dev_id].write_zeroes = write_zeroes; ++ ++ int64_t size = vmar->devinfo[dev_id].size; ++ ++ int64_t bitmap_size = (size/BDRV_SECTOR_SIZE) + ++ (VMA_CLUSTER_SIZE/BDRV_SECTOR_SIZE) * BITS_PER_LONG - 1; ++ bitmap_size /= (VMA_CLUSTER_SIZE/BDRV_SECTOR_SIZE) * BITS_PER_LONG; ++ ++ vmar->rstate[dev_id].bitmap_size = bitmap_size; ++ vmar->rstate[dev_id].bitmap = g_new0(unsigned long, bitmap_size); ++ ++ vmar->cluster_count += size/VMA_CLUSTER_SIZE; ++} ++ + int vma_reader_register_bs(VmaReader *vmar, guint8 dev_id, BlockDriverState *bs, + bool write_zeroes, Error **errp) + { +@@ -447,17 +470,7 @@ int vma_reader_register_bs(VmaReader *vmar, guint8 dev_id, BlockDriverState *bs, + return -1; + } + +- vmar->rstate[dev_id].bs = bs; +- vmar->rstate[dev_id].write_zeroes = write_zeroes; +- +- int64_t bitmap_size = (size/BDRV_SECTOR_SIZE) + +- (VMA_CLUSTER_SIZE/BDRV_SECTOR_SIZE) * BITS_PER_LONG - 1; +- bitmap_size /= (VMA_CLUSTER_SIZE/BDRV_SECTOR_SIZE) * BITS_PER_LONG; +- +- vmar->rstate[dev_id].bitmap_size = bitmap_size; +- vmar->rstate[dev_id].bitmap = g_new0(unsigned long, bitmap_size); +- +- vmar->cluster_count += size/VMA_CLUSTER_SIZE; ++ allocate_rstate(vmar, dev_id, bs, write_zeroes); + + return 0; + } +@@ -524,9 +537,10 @@ static int restore_write_data(VmaReader *vmar, guint8 dev_id, + } + return 0; + } ++ + static int restore_extent(VmaReader *vmar, unsigned char *buf, + int extent_size, int vmstate_fd, +- bool verbose, Error **errp) ++ bool verbose, bool verify, Error **errp) + { + assert(vmar); + assert(buf); +@@ -551,7 +565,7 @@ static int restore_extent(VmaReader *vmar, unsigned char *buf, + + if (dev_id != vmar->vmstate_stream) { + bs = rstate->bs; +- if (!bs) { ++ if (!verify && !bs) { + error_setg(errp, "got wrong dev id %d", dev_id); + return -1; + } +@@ -607,10 +621,13 @@ static int restore_extent(VmaReader *vmar, unsigned char *buf, + return -1; + } + +- int nb_sectors = end_sector - sector_num; +- if (restore_write_data(vmar, dev_id, bs, vmstate_fd, buf + start, +- sector_num, nb_sectors, errp) < 0) { +- return -1; ++ if (!verify) { ++ int nb_sectors = end_sector - sector_num; ++ if (restore_write_data(vmar, dev_id, bs, vmstate_fd, ++ buf + start, sector_num, nb_sectors, ++ errp) < 0) { ++ return -1; ++ } + } + + start += VMA_CLUSTER_SIZE; +@@ -640,26 +657,37 @@ static int restore_extent(VmaReader *vmar, unsigned char *buf, + return -1; + } + +- int nb_sectors = end_sector - sector_num; +- if (restore_write_data(vmar, dev_id, bs, vmstate_fd, +- buf + start, sector_num, +- nb_sectors, errp) < 0) { +- return -1; ++ if (!verify) { ++ int nb_sectors = end_sector - sector_num; ++ if (restore_write_data(vmar, dev_id, bs, vmstate_fd, ++ buf + start, sector_num, ++ nb_sectors, errp) < 0) { ++ return -1; ++ } + } + + start += VMA_BLOCK_SIZE; + + } else { + +- if (rstate->write_zeroes && (end_sector > sector_num)) { ++ ++ if (end_sector > sector_num) { + /* Todo: use bdrv_co_write_zeroes (but that need to + * be run inside coroutine?) + */ + int nb_sectors = end_sector - sector_num; +- if (restore_write_data(vmar, dev_id, bs, vmstate_fd, +- zero_vma_block, sector_num, +- nb_sectors, errp) < 0) { +- return -1; ++ int zero_size = BDRV_SECTOR_SIZE*nb_sectors; ++ vmar->zero_cluster_data += zero_size; ++ if (mask != 0) { ++ vmar->partial_zero_cluster_data += zero_size; ++ } ++ ++ if (rstate->write_zeroes && !verify) { ++ if (restore_write_data(vmar, dev_id, bs, vmstate_fd, ++ zero_vma_block, sector_num, ++ nb_sectors, errp) < 0) { ++ return -1; ++ } + } + } + } +@@ -677,8 +705,9 @@ static int restore_extent(VmaReader *vmar, unsigned char *buf, + return 0; + } + +-int vma_reader_restore(VmaReader *vmar, int vmstate_fd, bool verbose, +- Error **errp) ++static int vma_reader_restore_full(VmaReader *vmar, int vmstate_fd, ++ bool verbose, bool verify, ++ Error **errp) + { + assert(vmar); + assert(vmar->head_data); +@@ -745,7 +774,7 @@ int vma_reader_restore(VmaReader *vmar, int vmstate_fd, bool verbose, + } + + if (restore_extent(vmar, buf, extent_size, vmstate_fd, verbose, +- errp) < 0) { ++ verify, errp) < 0) { + return -1; + } + +@@ -792,6 +821,38 @@ int vma_reader_restore(VmaReader *vmar, int vmstate_fd, bool verbose, + } + } + ++ if (verbose) { ++ printf("total bytes read %zd, sparse bytes %zd (%.3g%%)\n", ++ vmar->clusters_read*VMA_CLUSTER_SIZE, ++ vmar->zero_cluster_data, ++ (double)(100.0*vmar->zero_cluster_data)/ ++ (vmar->clusters_read*VMA_CLUSTER_SIZE)); ++ ++ int64_t datasize = vmar->clusters_read*VMA_CLUSTER_SIZE-vmar->zero_cluster_data; ++ if (datasize) { // this does not make sense for empty files ++ printf("space reduction due to 4K zero blocks %.3g%%\n", ++ (double)(100.0*vmar->partial_zero_cluster_data) / datasize); ++ } ++ } + return ret; + } + ++int vma_reader_restore(VmaReader *vmar, int vmstate_fd, bool verbose, ++ Error **errp) ++{ ++ return vma_reader_restore_full(vmar, vmstate_fd, verbose, false, errp); ++} ++ ++int vma_reader_verify(VmaReader *vmar, bool verbose, Error **errp) ++{ ++ guint8 dev_id; ++ ++ for (dev_id = 1; dev_id < 255; dev_id++) { ++ if (vma_reader_get_device_info(vmar, dev_id)) { ++ allocate_rstate(vmar, dev_id, NULL, false); ++ } ++ } ++ ++ return vma_reader_restore_full(vmar, -1, verbose, true, errp); ++} ++ +diff --git a/vma.c b/vma.c +index 8014090..d55874a 100644 +--- a/vma.c ++++ b/vma.c +@@ -28,6 +28,7 @@ static void help(void) + "vma list \n" + "vma create [-c config] pathname ...\n" + "vma extract [-r ] \n" ++ "vma verify [-v]\n" + ; + + printf("%s", help_msg); +@@ -332,6 +333,58 @@ static int extract_content(int argc, char **argv) + return ret; + } + ++static int verify_content(int argc, char **argv) ++{ ++ int c, ret = 0; ++ int verbose = 0; ++ const char *filename; ++ ++ for (;;) { ++ c = getopt(argc, argv, "hv"); ++ if (c == -1) { ++ break; ++ } ++ switch (c) { ++ case '?': ++ case 'h': ++ help(); ++ break; ++ case 'v': ++ verbose = 1; ++ break; ++ default: ++ help(); ++ } ++ } ++ ++ /* Get the filename */ ++ if ((optind + 1) != argc) { ++ help(); ++ } ++ filename = argv[optind++]; ++ ++ Error *errp = NULL; ++ VmaReader *vmar = vma_reader_create(filename, &errp); ++ ++ if (!vmar) { ++ g_error("%s", error_get_pretty(errp)); ++ } ++ ++ if (verbose) { ++ print_content(vmar); ++ } ++ ++ if (vma_reader_verify(vmar, verbose, &errp) < 0) { ++ g_error("verify failed - %s", error_get_pretty(errp)); ++ } ++ ++ vma_reader_destroy(vmar); ++ ++ bdrv_close_all(); ++ ++ return ret; ++} ++ + typedef struct BackupJob { + BlockDriverState *bs; + int64_t len; +@@ -578,6 +631,8 @@ int main(int argc, char **argv) + return create_archive(argc, argv); + } else if (!strcmp(cmdname, "extract")) { + return extract_content(argc, argv); ++ } else if (!strcmp(cmdname, "verify")) { ++ return verify_content(argc, argv); + } + + help(); +diff --git a/vma.h b/vma.h +index 6625eb9..9bb6ea4 100644 +--- a/vma.h ++++ b/vma.h +@@ -142,5 +142,6 @@ int vma_reader_register_bs(VmaReader *vmar, guint8 dev_id, + Error **errp); + int vma_reader_restore(VmaReader *vmar, int vmstate_fd, bool verbose, + Error **errp); ++int vma_reader_verify(VmaReader *vmar, bool verbose, Error **errp); + + #endif /* BACKUP_VMA_H */ +-- +2.1.4 + diff --git a/debian/patches/pve/0013-vma-add-config-command-to-dump-the-config.patch b/debian/patches/pve/0013-vma-add-config-command-to-dump-the-config.patch new file mode 100644 index 0000000..c16c8e5 --- /dev/null +++ b/debian/patches/pve/0013-vma-add-config-command-to-dump-the-config.patch @@ -0,0 +1,101 @@ +From 48896281bebc5c69760f4e47625e4db81e3a9004 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 14:46:49 +0100 +Subject: [PATCH 13/47] vma: add 'config' command to dump the config + +--- + vma.c | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 64 insertions(+) + +diff --git a/vma.c b/vma.c +index d55874a..79bdd00 100644 +--- a/vma.c ++++ b/vma.c +@@ -26,6 +26,7 @@ static void help(void) + "usage: vma command [command options]\n" + "\n" + "vma list \n" ++ "vma config [-c config]\n" + "vma create [-c config] pathname ...\n" + "vma extract [-r ] \n" + "vma verify [-v]\n" +@@ -604,6 +605,67 @@ static int create_archive(int argc, char **argv) + return 0; + } + ++static int dump_config(int argc, char **argv) ++{ ++ int c, ret = 0; ++ const char *filename; ++ const char *config_name = "qemu-server.conf"; ++ ++ for (;;) { ++ c = getopt(argc, argv, "hc:"); ++ if (c == -1) { ++ break; ++ } ++ switch (c) { ++ case '?': ++ case 'h': ++ help(); ++ break; ++ case 'c': ++ config_name = optarg; ++ break; ++ default: ++ help(); ++ } ++ } ++ ++ /* Get the filename */ ++ if ((optind + 1) != argc) { ++ help(); ++ } ++ filename = argv[optind++]; ++ ++ Error *errp = NULL; ++ VmaReader *vmar = vma_reader_create(filename, &errp); ++ ++ if (!vmar) { ++ g_error("%s", error_get_pretty(errp)); ++ } ++ ++ int found = 0; ++ GList *l = vma_reader_get_config_data(vmar); ++ while (l && l->data) { ++ VmaConfigData *cdata = (VmaConfigData *)l->data; ++ l = g_list_next(l); ++ if (strcmp(cdata->name, config_name) == 0) { ++ found = 1; ++ fwrite(cdata->data, cdata->len, 1, stdout); ++ break; ++ } ++ } ++ ++ vma_reader_destroy(vmar); ++ ++ bdrv_close_all(); ++ ++ if (!found) { ++ fprintf(stderr, "unable to find configuration data '%s'\n", config_name); ++ return -1; ++ } ++ ++ return ret; ++} ++ + int main(int argc, char **argv) + { + const char *cmdname; +@@ -633,6 +695,8 @@ int main(int argc, char **argv) + return extract_content(argc, argv); + } else if (!strcmp(cmdname, "verify")) { + return verify_content(argc, argv); ++ } else if (!strcmp(cmdname, "config")) { ++ return dump_config(argc, argv); + } + + help(); +-- +2.1.4 + diff --git a/debian/patches/pve/0014-backup-modify-job-api.patch b/debian/patches/pve/0014-backup-modify-job-api.patch new file mode 100644 index 0000000..4a4b671 --- /dev/null +++ b/debian/patches/pve/0014-backup-modify-job-api.patch @@ -0,0 +1,236 @@ +From 1078c0f6acc1bfba04b7d5cdfdeb02b161b5f7c4 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 15:04:57 +0100 +Subject: [PATCH 14/47] backup: modify job api + +Introduces a BackupDump function callback and a pause_count +for backup_start. For a dump-backup the target parameter +can now be NULL so access to target needs to be guarded now. +--- + block/backup.c | 82 +++++++++++++++++++++++++++++++---------------- + blockdev.c | 6 ++-- + include/block/block_int.h | 5 +++ + 3 files changed, 63 insertions(+), 30 deletions(-) + +diff --git a/block/backup.c b/block/backup.c +index 2c05323..f3c0ba3 100644 +--- a/block/backup.c ++++ b/block/backup.c +@@ -41,6 +41,7 @@ typedef struct BackupBlockJob { + BdrvDirtyBitmap *sync_bitmap; + MirrorSyncMode sync_mode; + RateLimit limit; ++ BackupDumpFunc *dump_cb; + BlockdevOnError on_source_error; + BlockdevOnError on_target_error; + CoRwlock flush_rwlock; +@@ -149,12 +150,23 @@ static int coroutine_fn backup_do_cow(BackupBlockJob *job, + goto out; + } + ++ int64_t start_sec = start * sectors_per_cluster; + if (buffer_is_zero(iov.iov_base, iov.iov_len)) { +- ret = blk_co_pwrite_zeroes(job->target, start * job->cluster_size, +- bounce_qiov.size, BDRV_REQ_MAY_UNMAP); ++ if (job->dump_cb) { ++ ret = job->dump_cb(job->common.opaque, job->target, start_sec, n, NULL); ++ } ++ if (job->target) { ++ ret = blk_co_pwrite_zeroes(job->target, start * job->cluster_size, ++ bounce_qiov.size, BDRV_REQ_MAY_UNMAP); ++ } + } else { +- ret = blk_co_pwritev(job->target, start * job->cluster_size, +- bounce_qiov.size, &bounce_qiov, 0); ++ if (job->dump_cb) { ++ ret = job->dump_cb(job->common.opaque, job->target, start_sec, n, bounce_buffer); ++ } ++ if (job->target) { ++ ret = blk_co_pwritev(job->target, start * job->cluster_size, ++ bounce_qiov.size, &bounce_qiov, 0); ++ } + } + if (ret < 0) { + trace_backup_do_cow_write_fail(job, start, ret); +@@ -268,9 +280,11 @@ static BlockErrorAction backup_error_action(BackupBlockJob *job, + if (read) { + return block_job_error_action(&job->common, job->on_source_error, + true, error); +- } else { ++ } else if (job->target) { + return block_job_error_action(&job->common, job->on_target_error, + false, error); ++ } else { ++ return BLOCK_ERROR_ACTION_REPORT; + } + } + +@@ -393,6 +407,7 @@ static void coroutine_fn backup_run(void *opaque) + + job->done_bitmap = bitmap_new(end); + ++ + job->before_write.notify = backup_before_write_notify; + bdrv_add_before_write_notifier(bs, &job->before_write); + +@@ -467,7 +482,9 @@ static void coroutine_fn backup_run(void *opaque) + qemu_co_rwlock_unlock(&job->flush_rwlock); + g_free(job->done_bitmap); + +- bdrv_op_unblock_all(blk_bs(target), job->common.blocker); ++ if (target) { ++ bdrv_op_unblock_all(blk_bs(target), job->common.blocker); ++ } + + data = g_malloc(sizeof(*data)); + data->ret = ret; +@@ -479,7 +496,9 @@ void backup_start(const char *job_id, BlockDriverState *bs, + MirrorSyncMode sync_mode, BdrvDirtyBitmap *sync_bitmap, + BlockdevOnError on_source_error, + BlockdevOnError on_target_error, ++ BackupDumpFunc *dump_cb, + BlockCompletionFunc *cb, void *opaque, ++ int pause_count, + BlockJobTxn *txn, Error **errp) + { + int64_t len; +@@ -488,7 +507,7 @@ void backup_start(const char *job_id, BlockDriverState *bs, + int ret; + + assert(bs); +- assert(target); ++ assert(target || dump_cb); + + if (bs == target) { + error_setg(errp, "Source and target cannot be the same"); +@@ -501,7 +520,7 @@ void backup_start(const char *job_id, BlockDriverState *bs, + return; + } + +- if (!bdrv_is_inserted(target)) { ++ if (target && !bdrv_is_inserted(target)) { + error_setg(errp, "Device is not inserted: %s", + bdrv_get_device_name(target)); + return; +@@ -511,7 +530,7 @@ void backup_start(const char *job_id, BlockDriverState *bs, + return; + } + +- if (bdrv_op_is_blocked(target, BLOCK_OP_TYPE_BACKUP_TARGET, errp)) { ++ if (target && bdrv_op_is_blocked(target, BLOCK_OP_TYPE_BACKUP_TARGET, errp)) { + return; + } + +@@ -547,34 +566,43 @@ void backup_start(const char *job_id, BlockDriverState *bs, + goto error; + } + +- job->target = blk_new(); +- blk_insert_bs(job->target, target); ++ if (target) { ++ job->target = blk_new(); ++ blk_insert_bs(job->target, target); ++ } + ++ job->dump_cb = dump_cb; + job->on_source_error = on_source_error; + job->on_target_error = on_target_error; + job->sync_mode = sync_mode; + job->sync_bitmap = sync_mode == MIRROR_SYNC_MODE_INCREMENTAL ? + sync_bitmap : NULL; + +- /* If there is no backing file on the target, we cannot rely on COW if our +- * backup cluster size is smaller than the target cluster size. Even for +- * targets with a backing file, try to avoid COW if possible. */ +- ret = bdrv_get_info(target, &bdi); +- if (ret < 0 && !target->backing) { +- error_setg_errno(errp, -ret, +- "Couldn't determine the cluster size of the target image, " +- "which has no backing file"); +- error_append_hint(errp, +- "Aborting, since this may create an unusable destination image\n"); +- goto error; +- } else if (ret < 0 && target->backing) { +- /* Not fatal; just trudge on ahead. */ +- job->cluster_size = BACKUP_CLUSTER_SIZE_DEFAULT; ++ if (target) { ++ /* If there is no backing file on the target, we cannot rely on COW if our ++ * backup cluster size is smaller than the target cluster size. Even for ++ * targets with a backing file, try to avoid COW if possible. */ ++ ret = bdrv_get_info(target, &bdi); ++ if (ret < 0 && !target->backing) { ++ error_setg_errno(errp, -ret, ++ "Couldn't determine the cluster size of the target image, " ++ "which has no backing file"); ++ error_append_hint(errp, ++ "Aborting, since this may create an unusable destination image\n"); ++ goto error; ++ } else if (ret < 0 && target->backing) { ++ /* Not fatal; just trudge on ahead. */ ++ job->cluster_size = BACKUP_CLUSTER_SIZE_DEFAULT; ++ } else { ++ job->cluster_size = MAX(BACKUP_CLUSTER_SIZE_DEFAULT, bdi.cluster_size); ++ } ++ ++ bdrv_op_block_all(target, job->common.blocker); + } else { +- job->cluster_size = MAX(BACKUP_CLUSTER_SIZE_DEFAULT, bdi.cluster_size); ++ job->cluster_size = BACKUP_CLUSTER_SIZE_DEFAULT; + } + +- bdrv_op_block_all(target, job->common.blocker); ++ job->common.pause_count = pause_count; + job->common.len = len; + job->common.co = qemu_coroutine_create(backup_run, job); + block_job_txn_add_job(txn, &job->common); +diff --git a/blockdev.c b/blockdev.c +index 2161400..5e3707d 100644 +--- a/blockdev.c ++++ b/blockdev.c +@@ -3277,8 +3277,8 @@ static void do_drive_backup(const char *job_id, const char *device, + } + + backup_start(job_id, bs, target_bs, speed, sync, bmap, +- on_source_error, on_target_error, +- block_job_cb, bs, txn, &local_err); ++ on_source_error, on_target_error, NULL, ++ block_job_cb, bs, 0, txn, &local_err); + bdrv_unref(target_bs); + if (local_err != NULL) { + error_propagate(errp, local_err); +@@ -3371,7 +3371,7 @@ void do_blockdev_backup(const char *job_id, const char *device, + } + } + backup_start(job_id, bs, target_bs, speed, sync, NULL, on_source_error, +- on_target_error, block_job_cb, bs, txn, &local_err); ++ on_target_error, NULL, block_job_cb, bs, 0, txn, &local_err); + if (local_err != NULL) { + error_propagate(errp, local_err); + } +diff --git a/include/block/block_int.h b/include/block/block_int.h +index 1e939de..db4650e 100644 +--- a/include/block/block_int.h ++++ b/include/block/block_int.h +@@ -59,6 +59,9 @@ + + #define BLOCK_PROBE_BUF_SIZE 512 + ++typedef int BackupDumpFunc(void *opaque, BlockDriverState *bs, ++ int64_t sector_num, int n_sectors, unsigned char *buf); ++ + enum BdrvTrackedRequestType { + BDRV_TRACKED_READ, + BDRV_TRACKED_WRITE, +@@ -767,7 +770,9 @@ void backup_start(const char *job_id, BlockDriverState *bs, + MirrorSyncMode sync_mode, BdrvDirtyBitmap *sync_bitmap, + BlockdevOnError on_source_error, + BlockdevOnError on_target_error, ++ BackupDumpFunc *dump_cb, + BlockCompletionFunc *cb, void *opaque, ++ int pause_count, + BlockJobTxn *txn, Error **errp); + + void hmp_drive_add_node(Monitor *mon, const char *optstr); +-- +2.1.4 + diff --git a/debian/patches/pve/0015-backup-add-pve-monitor-commands.patch b/debian/patches/pve/0015-backup-add-pve-monitor-commands.patch new file mode 100644 index 0000000..ed76b3b --- /dev/null +++ b/debian/patches/pve/0015-backup-add-pve-monitor-commands.patch @@ -0,0 +1,797 @@ +From 798846b48b31d8231a3af5858285845d932d1d6b Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 15:20:56 +0100 +Subject: [PATCH 15/47] backup: add pve monitor commands + +--- + blockdev.c | 439 ++++++++++++++++++++++++++++++++++++++++++++++ + blockjob.c | 3 +- + hmp-commands-info.hx | 13 ++ + hmp-commands.hx | 29 +++ + hmp.c | 61 +++++++ + hmp.h | 3 + + include/block/block_int.h | 2 +- + qapi-schema.json | 89 ++++++++++ + qmp-commands.hx | 18 ++ + 9 files changed, 655 insertions(+), 2 deletions(-) + +diff --git a/blockdev.c b/blockdev.c +index 5e3707d..5417bb0 100644 +--- a/blockdev.c ++++ b/blockdev.c +@@ -52,6 +52,7 @@ + #include "sysemu/arch_init.h" + #include "qemu/cutils.h" + #include "qemu/help_option.h" ++#include "vma.h" + + static QTAILQ_HEAD(, BlockDriverState) monitor_bdrv_states = + QTAILQ_HEAD_INITIALIZER(monitor_bdrv_states); +@@ -2976,6 +2977,444 @@ static void block_job_cb(void *opaque, int ret) + } + } + ++/* PVE backup related function */ ++ ++static struct PVEBackupState { ++ Error *error; ++ bool cancel; ++ uuid_t uuid; ++ char uuid_str[37]; ++ int64_t speed; ++ time_t start_time; ++ time_t end_time; ++ char *backup_file; ++ VmaWriter *vmaw; ++ GList *di_list; ++ size_t total; ++ size_t transferred; ++ size_t zero_bytes; ++} backup_state; ++ ++typedef struct PVEBackupDevInfo { ++ BlockDriverState *bs; ++ size_t size; ++ uint8_t dev_id; ++ //bool started; ++ bool completed; ++} PVEBackupDevInfo; ++ ++static void pvebackup_run_next_job(void); ++ ++static int pvebackup_dump_cb(void *opaque, BlockBackend *target, ++ int64_t sector_num, int n_sectors, ++ unsigned char *buf) ++{ ++ PVEBackupDevInfo *di = opaque; ++ ++ if (sector_num & 0x7f) { ++ if (!backup_state.error) { ++ error_setg(&backup_state.error, ++ "got unaligned write inside backup dump " ++ "callback (sector %ld)", sector_num); ++ } ++ return -1; // not aligned to cluster size ++ } ++ ++ int64_t cluster_num = sector_num >> 7; ++ int size = n_sectors * BDRV_SECTOR_SIZE; ++ ++ int ret = -1; ++ ++ if (backup_state.vmaw) { ++ size_t zero_bytes = 0; ++ ret = vma_writer_write(backup_state.vmaw, di->dev_id, cluster_num, ++ buf, &zero_bytes); ++ backup_state.zero_bytes += zero_bytes; ++ } else { ++ ret = size; ++ if (!buf) { ++ backup_state.zero_bytes += size; ++ } ++ } ++ ++ backup_state.transferred += size; ++ ++ return ret; ++} ++ ++static void pvebackup_cleanup(void) ++{ ++ backup_state.end_time = time(NULL); ++ ++ if (backup_state.vmaw) { ++ Error *local_err = NULL; ++ vma_writer_close(backup_state.vmaw, &local_err); ++ error_propagate(&backup_state.error, local_err); ++ backup_state.vmaw = NULL; ++ } ++ ++ if (backup_state.di_list) { ++ GList *l = backup_state.di_list; ++ while (l) { ++ PVEBackupDevInfo *di = (PVEBackupDevInfo *)l->data; ++ l = g_list_next(l); ++ g_free(di); ++ } ++ g_list_free(backup_state.di_list); ++ backup_state.di_list = NULL; ++ } ++} ++ ++static void pvebackup_complete_cb(void *opaque, int ret) ++{ ++ PVEBackupDevInfo *di = opaque; ++ ++ assert(backup_state.vmaw); ++ ++ di->completed = true; ++ ++ if (ret < 0 && !backup_state.error) { ++ error_setg(&backup_state.error, "job failed with err %d - %s", ++ ret, strerror(-ret)); ++ } ++ ++ BlockDriverState *bs = di->bs; ++ ++ di->bs = NULL; ++ ++ vma_writer_close_stream(backup_state.vmaw, di->dev_id); ++ ++ block_job_cb(bs, ret); ++ ++ if (!backup_state.cancel) { ++ pvebackup_run_next_job(); ++ } ++} ++ ++static void pvebackup_cancel(void *opaque) ++{ ++ backup_state.cancel = true; ++ ++ if (!backup_state.error) { ++ error_setg(&backup_state.error, "backup cancelled"); ++ } ++ ++ /* drain all i/o (awake jobs waiting for aio) */ ++ bdrv_drain_all(); ++ ++ GList *l = backup_state.di_list; ++ while (l) { ++ PVEBackupDevInfo *di = (PVEBackupDevInfo *)l->data; ++ l = g_list_next(l); ++ if (!di->completed && di->bs) { ++ BlockJob *job = di->bs->job; ++ if (job) { ++ if (!di->completed) { ++ block_job_cancel_sync(job); ++ } ++ } ++ } ++ } ++ ++ pvebackup_cleanup(); ++} ++ ++void qmp_backup_cancel(Error **errp) ++{ ++ Coroutine *co = qemu_coroutine_create(pvebackup_cancel, NULL); ++ qemu_coroutine_enter(co); ++ ++ while (backup_state.vmaw) { ++ /* vma writer use main aio context */ ++ aio_poll(qemu_get_aio_context(), true); ++ } ++} ++ ++bool block_job_should_pause(BlockJob *job); ++static void pvebackup_run_next_job(void) ++{ ++ GList *l = backup_state.di_list; ++ while (l) { ++ PVEBackupDevInfo *di = (PVEBackupDevInfo *)l->data; ++ l = g_list_next(l); ++ if (!di->completed && di->bs && di->bs->job) { ++ BlockJob *job = di->bs->job; ++ if (block_job_should_pause(job)) { ++ bool cancel = backup_state.error || backup_state.cancel; ++ if (cancel) { ++ block_job_cancel(job); ++ } else { ++ block_job_resume(job); ++ } ++ } ++ return; ++ } ++ } ++ ++ pvebackup_cleanup(); ++} ++ ++UuidInfo *qmp_backup(const char *backup_file, bool has_format, ++ BackupFormat format, ++ bool has_config_file, const char *config_file, ++ bool has_devlist, const char *devlist, ++ bool has_speed, int64_t speed, Error **errp) ++{ ++ BlockBackend *blk; ++ BlockDriverState *bs = NULL; ++ Error *local_err = NULL; ++ uuid_t uuid; ++ VmaWriter *vmaw = NULL; ++ gchar **devs = NULL; ++ GList *di_list = NULL; ++ GList *l; ++ UuidInfo *uuid_info; ++ ++ if (backup_state.di_list) { ++ error_set(errp, ERROR_CLASS_GENERIC_ERROR, ++ "previous backup not finished"); ++ return NULL; ++ } ++ ++ /* Todo: try to auto-detect format based on file name */ ++ format = has_format ? format : BACKUP_FORMAT_VMA; ++ ++ if (format != BACKUP_FORMAT_VMA) { ++ error_set(errp, ERROR_CLASS_GENERIC_ERROR, "unknown backup format"); ++ return NULL; ++ } ++ ++ if (has_devlist) { ++ devs = g_strsplit_set(devlist, ",;:", -1); ++ ++ gchar **d = devs; ++ while (d && *d) { ++ blk = blk_by_name(*d); ++ if (blk) { ++ bs = blk_bs(blk); ++ if (bdrv_is_read_only(bs)) { ++ error_setg(errp, "Node '%s' is read only", *d); ++ goto err; ++ } ++ if (!bdrv_is_inserted(bs)) { ++ error_setg(errp, QERR_DEVICE_HAS_NO_MEDIUM, *d); ++ goto err; ++ } ++ PVEBackupDevInfo *di = g_new0(PVEBackupDevInfo, 1); ++ di->bs = bs; ++ di_list = g_list_append(di_list, di); ++ } else { ++ error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND, ++ "Device '%s' not found", *d); ++ goto err; ++ } ++ d++; ++ } ++ ++ } else { ++ BdrvNextIterator it; ++ ++ bs = NULL; ++ for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) { ++ if (!bdrv_is_inserted(bs) || bdrv_is_read_only(bs)) { ++ continue; ++ } ++ ++ PVEBackupDevInfo *di = g_new0(PVEBackupDevInfo, 1); ++ di->bs = bs; ++ di_list = g_list_append(di_list, di); ++ } ++ } ++ ++ if (!di_list) { ++ error_set(errp, ERROR_CLASS_GENERIC_ERROR, "empty device list"); ++ goto err; ++ } ++ ++ size_t total = 0; ++ ++ l = di_list; ++ while (l) { ++ PVEBackupDevInfo *di = (PVEBackupDevInfo *)l->data; ++ l = g_list_next(l); ++ if (bdrv_op_is_blocked(di->bs, BLOCK_OP_TYPE_BACKUP_SOURCE, errp)) { ++ goto err; ++ } ++ ++ ssize_t size = bdrv_getlength(di->bs); ++ if (size < 0) { ++ error_setg_errno(errp, -di->size, "bdrv_getlength failed"); ++ goto err; ++ } ++ di->size = size; ++ total += size; ++ } ++ ++ uuid_generate(uuid); ++ ++ vmaw = vma_writer_create(backup_file, uuid, &local_err); ++ if (!vmaw) { ++ if (local_err) { ++ error_propagate(errp, local_err); ++ } ++ goto err; ++ } ++ ++ /* register all devices for vma writer */ ++ l = di_list; ++ while (l) { ++ PVEBackupDevInfo *di = (PVEBackupDevInfo *)l->data; ++ l = g_list_next(l); ++ ++ const char *devname = bdrv_get_device_name(di->bs); ++ di->dev_id = vma_writer_register_stream(vmaw, devname, di->size); ++ if (di->dev_id <= 0) { ++ error_set(errp, ERROR_CLASS_GENERIC_ERROR, ++ "register_stream failed"); ++ goto err; ++ } ++ } ++ ++ /* add configuration file to archive */ ++ if (has_config_file) { ++ char *cdata = NULL; ++ gsize clen = 0; ++ GError *err = NULL; ++ if (!g_file_get_contents(config_file, &cdata, &clen, &err)) { ++ error_setg(errp, "unable to read file '%s'", config_file); ++ goto err; ++ } ++ ++ const char *basename = g_path_get_basename(config_file); ++ if (vma_writer_add_config(vmaw, basename, cdata, clen) != 0) { ++ error_setg(errp, "unable to add config data to vma archive"); ++ g_free(cdata); ++ goto err; ++ } ++ g_free(cdata); ++ } ++ ++ /* initialize global backup_state now */ ++ ++ backup_state.cancel = false; ++ ++ if (backup_state.error) { ++ error_free(backup_state.error); ++ backup_state.error = NULL; ++ } ++ ++ backup_state.speed = (has_speed && speed > 0) ? speed : 0; ++ ++ backup_state.start_time = time(NULL); ++ backup_state.end_time = 0; ++ ++ if (backup_state.backup_file) { ++ g_free(backup_state.backup_file); ++ } ++ backup_state.backup_file = g_strdup(backup_file); ++ ++ backup_state.vmaw = vmaw; ++ ++ uuid_copy(backup_state.uuid, uuid); ++ uuid_unparse_lower(uuid, backup_state.uuid_str); ++ ++ backup_state.di_list = di_list; ++ ++ backup_state.total = total; ++ backup_state.transferred = 0; ++ backup_state.zero_bytes = 0; ++ ++ /* start all jobs (paused state) */ ++ l = di_list; ++ while (l) { ++ PVEBackupDevInfo *di = (PVEBackupDevInfo *)l->data; ++ l = g_list_next(l); ++ ++ backup_start(NULL, di->bs, NULL, speed, MIRROR_SYNC_MODE_FULL, NULL, ++ BLOCKDEV_ON_ERROR_REPORT, BLOCKDEV_ON_ERROR_REPORT, ++ pvebackup_dump_cb, pvebackup_complete_cb, di, ++ 1, NULL, &local_err); ++ if (local_err != NULL) { ++ error_setg(&backup_state.error, "backup_job_create failed"); ++ pvebackup_cancel(NULL); ++ } ++ } ++ ++ if (!backup_state.error) { ++ pvebackup_run_next_job(); // run one job ++ } ++ ++ uuid_info = g_malloc0(sizeof(*uuid_info)); ++ uuid_info->UUID = g_strdup(backup_state.uuid_str); ++ return uuid_info; ++ ++err: ++ ++ l = di_list; ++ while (l) { ++ g_free(l->data); ++ l = g_list_next(l); ++ } ++ g_list_free(di_list); ++ ++ if (devs) { ++ g_strfreev(devs); ++ } ++ ++ if (vmaw) { ++ Error *err = NULL; ++ vma_writer_close(vmaw, &err); ++ unlink(backup_file); ++ } ++ ++ return NULL; ++} ++ ++BackupStatus *qmp_query_backup(Error **errp) ++{ ++ BackupStatus *info = g_malloc0(sizeof(*info)); ++ ++ if (!backup_state.start_time) { ++ /* not started, return {} */ ++ return info; ++ } ++ ++ info->has_status = true; ++ info->has_start_time = true; ++ info->start_time = backup_state.start_time; ++ ++ if (backup_state.backup_file) { ++ info->has_backup_file = true; ++ info->backup_file = g_strdup(backup_state.backup_file); ++ } ++ ++ info->has_uuid = true; ++ info->uuid = g_strdup(backup_state.uuid_str); ++ ++ if (backup_state.end_time) { ++ if (backup_state.error) { ++ info->status = g_strdup("error"); ++ info->has_errmsg = true; ++ info->errmsg = g_strdup(error_get_pretty(backup_state.error)); ++ } else { ++ info->status = g_strdup("done"); ++ } ++ info->has_end_time = true; ++ info->end_time = backup_state.end_time; ++ } else { ++ info->status = g_strdup("active"); ++ } ++ ++ info->has_total = true; ++ info->total = backup_state.total; ++ info->has_zero_bytes = true; ++ info->zero_bytes = backup_state.zero_bytes; ++ info->has_transferred = true; ++ info->transferred = backup_state.transferred; ++ ++ return info; ++} ++ + void qmp_block_stream(bool has_job_id, const char *job_id, const char *device, + bool has_base, const char *base, + bool has_backing_file, const char *backing_file, +diff --git a/blockjob.c b/blockjob.c +index a5ba3be..a550458 100644 +--- a/blockjob.c ++++ b/blockjob.c +@@ -331,7 +331,8 @@ void block_job_pause(BlockJob *job) + job->pause_count++; + } + +-static bool block_job_should_pause(BlockJob *job) ++bool block_job_should_pause(BlockJob *job); ++bool block_job_should_pause(BlockJob *job) + { + return job->pause_count > 0; + } +diff --git a/hmp-commands-info.hx b/hmp-commands-info.hx +index 74446c6..7616fe2 100644 +--- a/hmp-commands-info.hx ++++ b/hmp-commands-info.hx +@@ -502,6 +502,19 @@ STEXI + Show CPU statistics. + ETEXI + ++ { ++ .name = "backup", ++ .args_type = "", ++ .params = "", ++ .help = "show backup status", ++ .mhandler.cmd = hmp_info_backup, ++ }, ++ ++STEXI ++@item info backup ++show backup status ++ETEXI ++ + #if defined(CONFIG_SLIRP) + { + .name = "usernet", +diff --git a/hmp-commands.hx b/hmp-commands.hx +index 848efee..8f2f3e0 100644 +--- a/hmp-commands.hx ++++ b/hmp-commands.hx +@@ -87,6 +87,35 @@ STEXI + Copy data from a backing file into a block device. + ETEXI + ++ { ++ .name = "backup", ++ .args_type = "backupfile:s,speed:o?,devlist:s?", ++ .params = "backupfile [speed [devlist]]", ++ .help = "create a VM Backup.", ++ .mhandler.cmd = hmp_backup, ++ }, ++ ++STEXI ++@item backup ++@findex backup ++Create a VM backup. ++ETEXI ++ ++ { ++ .name = "backup_cancel", ++ .args_type = "", ++ .params = "", ++ .help = "cancel the current VM backup", ++ .mhandler.cmd = hmp_backup_cancel, ++ }, ++ ++STEXI ++@item backup_cancel ++@findex backup_cancel ++Cancel the current VM backup. ++ ++ETEXI ++ + { + .name = "block_job_set_speed", + .args_type = "device:B,speed:o", +diff --git a/hmp.c b/hmp.c +index 3b0dd81..95da164 100644 +--- a/hmp.c ++++ b/hmp.c +@@ -149,6 +149,44 @@ void hmp_info_mice(Monitor *mon, const QDict *qdict) + qapi_free_MouseInfoList(mice_list); + } + ++void hmp_info_backup(Monitor *mon, const QDict *qdict) ++{ ++ BackupStatus *info; ++ ++ info = qmp_query_backup(NULL); ++ if (info->has_status) { ++ if (info->has_errmsg) { ++ monitor_printf(mon, "Backup status: %s - %s\n", ++ info->status, info->errmsg); ++ } else { ++ monitor_printf(mon, "Backup status: %s\n", info->status); ++ } ++ } ++ ++ if (info->has_backup_file) { ++ monitor_printf(mon, "Start time: %s", ctime(&info->start_time)); ++ if (info->end_time) { ++ monitor_printf(mon, "End time: %s", ctime(&info->end_time)); ++ } ++ ++ int per = (info->has_total && info->total && ++ info->has_transferred && info->transferred) ? ++ (info->transferred * 100)/info->total : 0; ++ int zero_per = (info->has_total && info->total && ++ info->has_zero_bytes && info->zero_bytes) ? ++ (info->zero_bytes * 100)/info->total : 0; ++ monitor_printf(mon, "Backup file: %s\n", info->backup_file); ++ monitor_printf(mon, "Backup uuid: %s\n", info->uuid); ++ monitor_printf(mon, "Total size: %zd\n", info->total); ++ monitor_printf(mon, "Transferred bytes: %zd (%d%%)\n", ++ info->transferred, per); ++ monitor_printf(mon, "Zero bytes: %zd (%d%%)\n", ++ info->zero_bytes, zero_per); ++ } ++ ++ qapi_free_BackupStatus(info); ++} ++ + void hmp_info_migrate(Monitor *mon, const QDict *qdict) + { + MigrationInfo *info; +@@ -1493,6 +1531,29 @@ void hmp_block_stream(Monitor *mon, const QDict *qdict) + hmp_handle_error(mon, &error); + } + ++void hmp_backup_cancel(Monitor *mon, const QDict *qdict) ++{ ++ Error *error = NULL; ++ ++ qmp_backup_cancel(&error); ++ ++ hmp_handle_error(mon, &error); ++} ++ ++void hmp_backup(Monitor *mon, const QDict *qdict) ++{ ++ Error *error = NULL; ++ ++ const char *backup_file = qdict_get_str(qdict, "backupfile"); ++ const char *devlist = qdict_get_try_str(qdict, "devlist"); ++ int64_t speed = qdict_get_try_int(qdict, "speed", 0); ++ ++ qmp_backup(backup_file, true, BACKUP_FORMAT_VMA, false, NULL, !!devlist, ++ devlist, qdict_haskey(qdict, "speed"), speed, &error); ++ ++ hmp_handle_error(mon, &error); ++} ++ + void hmp_block_job_set_speed(Monitor *mon, const QDict *qdict) + { + Error *error = NULL; +diff --git a/hmp.h b/hmp.h +index 0876ec0..9a4c1f6 100644 +--- a/hmp.h ++++ b/hmp.h +@@ -30,6 +30,7 @@ void hmp_info_migrate(Monitor *mon, const QDict *qdict); + void hmp_info_migrate_capabilities(Monitor *mon, const QDict *qdict); + void hmp_info_migrate_parameters(Monitor *mon, const QDict *qdict); + void hmp_info_migrate_cache_size(Monitor *mon, const QDict *qdict); ++void hmp_info_backup(Monitor *mon, const QDict *qdict); + void hmp_info_cpus(Monitor *mon, const QDict *qdict); + void hmp_info_block(Monitor *mon, const QDict *qdict); + void hmp_info_blockstats(Monitor *mon, const QDict *qdict); +@@ -76,6 +77,8 @@ void hmp_eject(Monitor *mon, const QDict *qdict); + void hmp_change(Monitor *mon, const QDict *qdict); + void hmp_block_set_io_throttle(Monitor *mon, const QDict *qdict); + void hmp_block_stream(Monitor *mon, const QDict *qdict); ++void hmp_backup(Monitor *mon, const QDict *qdict); ++void hmp_backup_cancel(Monitor *mon, const QDict *qdict); + void hmp_block_job_set_speed(Monitor *mon, const QDict *qdict); + void hmp_block_job_cancel(Monitor *mon, const QDict *qdict); + void hmp_block_job_pause(Monitor *mon, const QDict *qdict); +diff --git a/include/block/block_int.h b/include/block/block_int.h +index db4650e..0f79b51 100644 +--- a/include/block/block_int.h ++++ b/include/block/block_int.h +@@ -59,7 +59,7 @@ + + #define BLOCK_PROBE_BUF_SIZE 512 + +-typedef int BackupDumpFunc(void *opaque, BlockDriverState *bs, ++typedef int BackupDumpFunc(void *opaque, BlockBackend *be, + int64_t sector_num, int n_sectors, unsigned char *buf); + + enum BdrvTrackedRequestType { +diff --git a/qapi-schema.json b/qapi-schema.json +index 518c2ea..89d9ea6 100644 +--- a/qapi-schema.json ++++ b/qapi-schema.json +@@ -356,6 +356,95 @@ + ## + { 'command': 'query-events', 'returns': ['EventInfo'] } + ++# @BackupStatus: ++# ++# Detailed backup status. ++# ++# @status: #optional string describing the current backup status. ++# This can be 'active', 'done', 'error'. If this field is not ++# returned, no backup process has been initiated ++# ++# @errmsg: #optional error message (only returned if status is 'error') ++# ++# @total: #optional total amount of bytes involved in the backup process ++# ++# @transferred: #optional amount of bytes already backed up. ++# ++# @zero-bytes: #optional amount of 'zero' bytes detected. ++# ++# @start-time: #optional time (epoch) when backup job started. ++# ++# @end-time: #optional time (epoch) when backup job finished. ++# ++# @backupfile: #optional backup file name ++# ++# @uuid: #optional uuid for this backup job ++# ++## ++{ 'struct': 'BackupStatus', ++ 'data': {'*status': 'str', '*errmsg': 'str', '*total': 'int', ++ '*transferred': 'int', '*zero-bytes': 'int', ++ '*start-time': 'int', '*end-time': 'int', ++ '*backup-file': 'str', '*uuid': 'str' } } ++ ++## ++# @BackupFormat ++# ++# An enumeration of supported backup formats. ++# ++# @vma: Proxmox vma backup format ++## ++{ 'enum': 'BackupFormat', ++ 'data': [ 'vma' ] } ++ ++## ++# @backup: ++# ++# Starts a VM backup. ++# ++# @backup-file: the backup file name ++# ++# @format: format of the backup file ++# ++# @config-filename: #optional name of a configuration file to include into ++# the backup archive. ++# ++# @speed: #optional the maximum speed, in bytes per second ++# ++# @devlist: #optional list of block device names (separated by ',', ';' ++# or ':'). By default the backup includes all writable block devices. ++# ++# Returns: the uuid of the backup job ++# ++## ++{ 'command': 'backup', 'data': { 'backup-file': 'str', ++ '*format': 'BackupFormat', ++ '*config-file': 'str', ++ '*devlist': 'str', '*speed': 'int' }, ++ 'returns': 'UuidInfo' } ++ ++## ++# @query-backup ++# ++# Returns information about current/last backup task. ++# ++# Returns: @BackupStatus ++# ++## ++{ 'command': 'query-backup', 'returns': 'BackupStatus' } ++ ++## ++# @backup-cancel ++# ++# Cancel the current executing backup process. ++# ++# Returns: nothing on success ++# ++# Notes: This command succeeds even if there is no backup process running. ++# ++## ++{ 'command': 'backup-cancel' } ++ + ## + # @MigrationStats + # +diff --git a/qmp-commands.hx b/qmp-commands.hx +index 6de28d4..a8e8522 100644 +--- a/qmp-commands.hx ++++ b/qmp-commands.hx +@@ -1314,6 +1314,24 @@ Example: + EQMP + + { ++ .name = "backup", ++ .args_type = "backup-file:s,format:s?,config-file:F?,speed:o?,devlist:s?", ++ .mhandler.cmd_new = qmp_marshal_backup, ++ }, ++ ++ { ++ .name = "backup-cancel", ++ .args_type = "", ++ .mhandler.cmd_new = qmp_marshal_backup_cancel, ++ }, ++ ++ { ++ .name = "query-backup", ++ .args_type = "", ++ .mhandler.cmd_new = qmp_marshal_query_backup, ++ }, ++ ++ { + .name = "block-job-set-speed", + .args_type = "device:B,speed:o", + .mhandler.cmd_new = qmp_marshal_block_job_set_speed, +-- +2.1.4 + diff --git a/debian/patches/pve/0016-backup-vma-add-dir-format.patch b/debian/patches/pve/0016-backup-vma-add-dir-format.patch new file mode 100644 index 0000000..3a53dd3 --- /dev/null +++ b/debian/patches/pve/0016-backup-vma-add-dir-format.patch @@ -0,0 +1,286 @@ +From 210be0fc498989e7b029de90b9d2599fdcc343d3 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 15:21:54 +0100 +Subject: [PATCH 16/47] backup: vma: add dir format + +--- + blockdev.c | 124 +++++++++++++++++++++++++++++++++++++++++-------------- + hmp-commands.hx | 8 ++-- + hmp.c | 4 +- + qapi-schema.json | 2 +- + vma.c | 2 +- + 5 files changed, 103 insertions(+), 37 deletions(-) + +diff --git a/blockdev.c b/blockdev.c +index 5417bb0..d8b1db8 100644 +--- a/blockdev.c ++++ b/blockdev.c +@@ -3001,6 +3001,8 @@ typedef struct PVEBackupDevInfo { + uint8_t dev_id; + //bool started; + bool completed; ++ char targetfile[PATH_MAX]; ++ BlockDriverState *target; + } PVEBackupDevInfo; + + static void pvebackup_run_next_job(void); +@@ -3069,8 +3071,6 @@ static void pvebackup_complete_cb(void *opaque, int ret) + { + PVEBackupDevInfo *di = opaque; + +- assert(backup_state.vmaw); +- + di->completed = true; + + if (ret < 0 && !backup_state.error) { +@@ -3081,8 +3081,11 @@ static void pvebackup_complete_cb(void *opaque, int ret) + BlockDriverState *bs = di->bs; + + di->bs = NULL; ++ di->target = NULL; + +- vma_writer_close_stream(backup_state.vmaw, di->dev_id); ++ if (backup_state.vmaw) { ++ vma_writer_close_stream(backup_state.vmaw, di->dev_id); ++ } + + block_job_cb(bs, ret); + +@@ -3162,6 +3165,7 @@ UuidInfo *qmp_backup(const char *backup_file, bool has_format, + { + BlockBackend *blk; + BlockDriverState *bs = NULL; ++ const char *backup_dir = NULL; + Error *local_err = NULL; + uuid_t uuid; + VmaWriter *vmaw = NULL; +@@ -3179,11 +3183,6 @@ UuidInfo *qmp_backup(const char *backup_file, bool has_format, + /* Todo: try to auto-detect format based on file name */ + format = has_format ? format : BACKUP_FORMAT_VMA; + +- if (format != BACKUP_FORMAT_VMA) { +- error_set(errp, ERROR_CLASS_GENERIC_ERROR, "unknown backup format"); +- return NULL; +- } +- + if (has_devlist) { + devs = g_strsplit_set(devlist, ",;:", -1); + +@@ -3252,27 +3251,62 @@ UuidInfo *qmp_backup(const char *backup_file, bool has_format, + + uuid_generate(uuid); + +- vmaw = vma_writer_create(backup_file, uuid, &local_err); +- if (!vmaw) { +- if (local_err) { +- error_propagate(errp, local_err); ++ if (format == BACKUP_FORMAT_VMA) { ++ vmaw = vma_writer_create(backup_file, uuid, &local_err); ++ if (!vmaw) { ++ if (local_err) { ++ error_propagate(errp, local_err); ++ } ++ goto err; + } +- goto err; +- } + +- /* register all devices for vma writer */ +- l = di_list; +- while (l) { +- PVEBackupDevInfo *di = (PVEBackupDevInfo *)l->data; +- l = g_list_next(l); ++ /* register all devices for vma writer */ ++ l = di_list; ++ while (l) { ++ PVEBackupDevInfo *di = (PVEBackupDevInfo *)l->data; ++ l = g_list_next(l); + +- const char *devname = bdrv_get_device_name(di->bs); +- di->dev_id = vma_writer_register_stream(vmaw, devname, di->size); +- if (di->dev_id <= 0) { +- error_set(errp, ERROR_CLASS_GENERIC_ERROR, +- "register_stream failed"); ++ const char *devname = bdrv_get_device_name(di->bs); ++ di->dev_id = vma_writer_register_stream(vmaw, devname, di->size); ++ if (di->dev_id <= 0) { ++ error_set(errp, ERROR_CLASS_GENERIC_ERROR, ++ "register_stream failed"); ++ goto err; ++ } ++ } ++ } else if (format == BACKUP_FORMAT_DIR) { ++ if (mkdir(backup_file, 0640) != 0) { ++ error_setg_errno(errp, errno, "can't create directory '%s'\n", ++ backup_file); + goto err; + } ++ backup_dir = backup_file; ++ ++ l = di_list; ++ while (l) { ++ PVEBackupDevInfo *di = (PVEBackupDevInfo *)l->data; ++ l = g_list_next(l); ++ ++ const char *devname = bdrv_get_device_name(di->bs); ++ snprintf(di->targetfile, PATH_MAX, "%s/%s.raw", backup_dir, devname); ++ ++ int flags = BDRV_O_RDWR; ++ bdrv_img_create(di->targetfile, "raw", NULL, NULL, NULL, ++ di->size, flags, &local_err, false); ++ if (local_err) { ++ error_propagate(errp, local_err); ++ goto err; ++ } ++ ++ di->target = bdrv_open(di->targetfile, NULL, NULL, flags, &local_err); ++ if (!di->target) { ++ error_propagate(errp, local_err); ++ goto err; ++ } ++ } ++ } else { ++ error_set(errp, ERROR_CLASS_GENERIC_ERROR, "unknown backup format"); ++ goto err; + } + + /* add configuration file to archive */ +@@ -3285,12 +3319,27 @@ UuidInfo *qmp_backup(const char *backup_file, bool has_format, + goto err; + } + +- const char *basename = g_path_get_basename(config_file); +- if (vma_writer_add_config(vmaw, basename, cdata, clen) != 0) { +- error_setg(errp, "unable to add config data to vma archive"); +- g_free(cdata); +- goto err; ++ char *basename = g_path_get_basename(config_file); ++ ++ if (format == BACKUP_FORMAT_VMA) { ++ if (vma_writer_add_config(vmaw, basename, cdata, clen) != 0) { ++ error_setg(errp, "unable to add config data to vma archive"); ++ g_free(cdata); ++ g_free(basename); ++ goto err; ++ } ++ } else if (format == BACKUP_FORMAT_DIR) { ++ char config_path[PATH_MAX]; ++ snprintf(config_path, PATH_MAX, "%s/%s", backup_dir, basename); ++ if (!g_file_set_contents(config_path, cdata, clen, &err)) { ++ error_setg(errp, "unable to write config file '%s'", config_path); ++ g_free(cdata); ++ g_free(basename); ++ goto err; ++ } + } ++ ++ g_free(basename); + g_free(cdata); + } + +@@ -3330,7 +3379,7 @@ UuidInfo *qmp_backup(const char *backup_file, bool has_format, + PVEBackupDevInfo *di = (PVEBackupDevInfo *)l->data; + l = g_list_next(l); + +- backup_start(NULL, di->bs, NULL, speed, MIRROR_SYNC_MODE_FULL, NULL, ++ backup_start(NULL, di->bs, di->target, speed, MIRROR_SYNC_MODE_FULL, NULL, + BLOCKDEV_ON_ERROR_REPORT, BLOCKDEV_ON_ERROR_REPORT, + pvebackup_dump_cb, pvebackup_complete_cb, di, + 1, NULL, &local_err); +@@ -3352,8 +3401,17 @@ err: + + l = di_list; + while (l) { +- g_free(l->data); ++ PVEBackupDevInfo *di = (PVEBackupDevInfo *)l->data; + l = g_list_next(l); ++ ++ if (di->target) { ++ bdrv_unref(di->target); ++ } ++ ++ if (di->targetfile[0]) { ++ unlink(di->targetfile); ++ } ++ g_free(di); + } + g_list_free(di_list); + +@@ -3367,6 +3425,10 @@ err: + unlink(backup_file); + } + ++ if (backup_dir) { ++ rmdir(backup_dir); ++ } ++ + return NULL; + } + +diff --git a/hmp-commands.hx b/hmp-commands.hx +index 8f2f3e0..0e20ef9 100644 +--- a/hmp-commands.hx ++++ b/hmp-commands.hx +@@ -89,9 +89,11 @@ ETEXI + + { + .name = "backup", +- .args_type = "backupfile:s,speed:o?,devlist:s?", +- .params = "backupfile [speed [devlist]]", +- .help = "create a VM Backup.", ++ .args_type = "directory:-d,backupfile:s,speed:o?,devlist:s?", ++ .params = "[-d] backupfile [speed [devlist]]", ++ .help = "create a VM Backup." ++ "\n\t\t\t Use -d to dump data into a directory instead" ++ "\n\t\t\t of using VMA format.", + .mhandler.cmd = hmp_backup, + }, + +diff --git a/hmp.c b/hmp.c +index 95da164..c23cf2f 100644 +--- a/hmp.c ++++ b/hmp.c +@@ -1544,11 +1544,13 @@ void hmp_backup(Monitor *mon, const QDict *qdict) + { + Error *error = NULL; + ++ int dir = qdict_get_try_bool(qdict, "directory", 0); + const char *backup_file = qdict_get_str(qdict, "backupfile"); + const char *devlist = qdict_get_try_str(qdict, "devlist"); + int64_t speed = qdict_get_try_int(qdict, "speed", 0); + +- qmp_backup(backup_file, true, BACKUP_FORMAT_VMA, false, NULL, !!devlist, ++ qmp_backup(backup_file, true, dir ? BACKUP_FORMAT_DIR : BACKUP_FORMAT_VMA, ++ false, NULL, !!devlist, + devlist, qdict_haskey(qdict, "speed"), speed, &error); + + hmp_handle_error(mon, &error); +diff --git a/qapi-schema.json b/qapi-schema.json +index 89d9ea6..147137d 100644 +--- a/qapi-schema.json ++++ b/qapi-schema.json +@@ -395,7 +395,7 @@ + # @vma: Proxmox vma backup format + ## + { 'enum': 'BackupFormat', +- 'data': [ 'vma' ] } ++ 'data': [ 'vma', 'dir' ] } + + ## + # @backup: +diff --git a/vma.c b/vma.c +index 79bdd00..c88a4358 100644 +--- a/vma.c ++++ b/vma.c +@@ -263,7 +263,7 @@ static int extract_content(int argc, char **argv) + g_free(statefn); + } else if (di) { + char *devfn = NULL; +- int flags = BDRV_O_RDWR|BDRV_O_CACHE_WB; ++ int flags = BDRV_O_RDWR; + bool write_zero = true; + + if (readmap) { +-- +2.1.4 + diff --git a/debian/patches/pve/0017-backup-do-not-return-errors-in-dump-callback.patch b/debian/patches/pve/0017-backup-do-not-return-errors-in-dump-callback.patch new file mode 100644 index 0000000..48a914d --- /dev/null +++ b/debian/patches/pve/0017-backup-do-not-return-errors-in-dump-callback.patch @@ -0,0 +1,77 @@ +From 8a10cce2efa3d8906617939a5c644c9cb7104ef6 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 15:22:19 +0100 +Subject: [PATCH 17/47] backup: do not return errors in dump callback + +--- + blockdev.c | 26 ++++++++++++++++++++------ + 1 file changed, 20 insertions(+), 6 deletions(-) + +diff --git a/blockdev.c b/blockdev.c +index d8b1db8..fb71cdc 100644 +--- a/blockdev.c ++++ b/blockdev.c +@@ -3013,6 +3013,11 @@ static int pvebackup_dump_cb(void *opaque, BlockBackend *target, + { + PVEBackupDevInfo *di = opaque; + ++ int size = n_sectors * BDRV_SECTOR_SIZE; ++ if (backup_state.cancel) { ++ return size; // return success ++ } ++ + if (sector_num & 0x7f) { + if (!backup_state.error) { + error_setg(&backup_state.error, +@@ -3023,7 +3028,6 @@ static int pvebackup_dump_cb(void *opaque, BlockBackend *target, + } + + int64_t cluster_num = sector_num >> 7; +- int size = n_sectors * BDRV_SECTOR_SIZE; + + int ret = -1; + +@@ -3031,17 +3035,27 @@ static int pvebackup_dump_cb(void *opaque, BlockBackend *target, + size_t zero_bytes = 0; + ret = vma_writer_write(backup_state.vmaw, di->dev_id, cluster_num, + buf, &zero_bytes); +- backup_state.zero_bytes += zero_bytes; ++ if (ret < 0) { ++ if (!backup_state.error) { ++ error_setg(&backup_state.error, "vma_writer_write error %d", ret); ++ } ++ if (di->bs && di->bs->job) { ++ block_job_cancel(di->bs->job); ++ } ++ } else { ++ backup_state.zero_bytes += zero_bytes; ++ backup_state.transferred += size; ++ } + } else { +- ret = size; + if (!buf) { + backup_state.zero_bytes += size; + } ++ backup_state.transferred += size; + } + +- backup_state.transferred += size; ++ // Note: always return success, because we want that writes succeed anyways. + +- return ret; ++ return size; + } + + static void pvebackup_cleanup(void) +@@ -3113,7 +3127,7 @@ static void pvebackup_cancel(void *opaque) + BlockJob *job = di->bs->job; + if (job) { + if (!di->completed) { +- block_job_cancel_sync(job); ++ block_job_cancel_sync(job); + } + } + } +-- +2.1.4 + diff --git a/debian/patches/pve/0018-backup-vma-correctly-propagate-error.patch b/debian/patches/pve/0018-backup-vma-correctly-propagate-error.patch new file mode 100644 index 0000000..4da2832 --- /dev/null +++ b/debian/patches/pve/0018-backup-vma-correctly-propagate-error.patch @@ -0,0 +1,57 @@ +From c31ba8ff9485b7648ca45952b9e7ccd74c50ac40 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 15:39:36 +0100 +Subject: [PATCH 18/47] backup: vma: correctly propagate error + +--- + blockdev.c | 2 +- + vma-writer.c | 7 +++++++ + vma.h | 1 + + 3 files changed, 9 insertions(+), 1 deletion(-) + +diff --git a/blockdev.c b/blockdev.c +index fb71cdc..2e51913 100644 +--- a/blockdev.c ++++ b/blockdev.c +@@ -3037,7 +3037,7 @@ static int pvebackup_dump_cb(void *opaque, BlockBackend *target, + buf, &zero_bytes); + if (ret < 0) { + if (!backup_state.error) { +- error_setg(&backup_state.error, "vma_writer_write error %d", ret); ++ vma_writer_error_propagate(backup_state.vmaw, &backup_state.error); + } + if (di->bs && di->bs->job) { + block_job_cancel(di->bs->job); +diff --git a/vma-writer.c b/vma-writer.c +index b0cf529..689e988 100644 +--- a/vma-writer.c ++++ b/vma-writer.c +@@ -792,6 +792,13 @@ vma_writer_write(VmaWriter *vmaw, uint8_t dev_id, int64_t cluster_num, + return transferred; + } + ++void vma_writer_error_propagate(VmaWriter *vmaw, Error **errp) ++{ ++ if (vmaw->status < 0 && *errp == NULL) { ++ error_setg(errp, "%s", vmaw->errmsg); ++ } ++} ++ + int vma_writer_close(VmaWriter *vmaw, Error **errp) + { + g_assert(vmaw != NULL); +diff --git a/vma.h b/vma.h +index 9bb6ea4..98377e4 100644 +--- a/vma.h ++++ b/vma.h +@@ -116,6 +116,7 @@ typedef struct VmaDeviceInfo { + + VmaWriter *vma_writer_create(const char *filename, uuid_t uuid, Error **errp); + int vma_writer_close(VmaWriter *vmaw, Error **errp); ++void vma_writer_error_propagate(VmaWriter *vmaw, Error **errp); + void vma_writer_destroy(VmaWriter *vmaw); + int vma_writer_add_config(VmaWriter *vmaw, const char *name, gpointer data, + size_t len); +-- +2.1.4 + diff --git a/debian/patches/pve/0019-backup-vma-remove-async-queue.patch b/debian/patches/pve/0019-backup-vma-remove-async-queue.patch new file mode 100644 index 0000000..50a2063 --- /dev/null +++ b/debian/patches/pve/0019-backup-vma-remove-async-queue.patch @@ -0,0 +1,317 @@ +From fb3d52b336cd8404055bf0b3b8d825c6f5247fef Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 15:40:00 +0100 +Subject: [PATCH 19/47] backup: vma: remove async queue + +--- + blockdev.c | 6 ++ + vma-writer.c | 179 +++++++++++------------------------------------------------ + 2 files changed, 38 insertions(+), 147 deletions(-) + +diff --git a/blockdev.c b/blockdev.c +index 2e51913..1491c2d 100644 +--- a/blockdev.c ++++ b/blockdev.c +@@ -3116,6 +3116,11 @@ static void pvebackup_cancel(void *opaque) + error_setg(&backup_state.error, "backup cancelled"); + } + ++ if (backup_state.vmaw) { ++ /* make sure vma writer does not block anymore */ ++ vma_writer_set_error(backup_state.vmaw, "backup cancelled"); ++ } ++ + /* drain all i/o (awake jobs waiting for aio) */ + bdrv_drain_all(); + +@@ -3128,6 +3133,7 @@ static void pvebackup_cancel(void *opaque) + if (job) { + if (!di->completed) { + block_job_cancel_sync(job); ++ bdrv_drain_all(); /* drain all i/o (awake jobs waiting for aio) */ + } + } + } +diff --git a/vma-writer.c b/vma-writer.c +index 689e988..6d3119d 100644 +--- a/vma-writer.c ++++ b/vma-writer.c +@@ -28,14 +28,8 @@ + do { if (DEBUG_VMA) { printf("vma: " fmt, ## __VA_ARGS__); } } while (0) + + #define WRITE_BUFFERS 5 +- +-typedef struct VmaAIOCB VmaAIOCB; +-struct VmaAIOCB { +- unsigned char buffer[VMA_MAX_EXTENT_SIZE]; +- VmaWriter *vmaw; +- size_t bytes; +- Coroutine *co; +-}; ++#define HEADER_CLUSTERS 8 ++#define HEADERBUF_SIZE (VMA_CLUSTER_SIZE*HEADER_CLUSTERS) + + struct VmaWriter { + int fd; +@@ -47,16 +41,14 @@ struct VmaWriter { + bool closed; + + /* we always write extents */ +- unsigned char outbuf[VMA_MAX_EXTENT_SIZE]; ++ unsigned char *outbuf; + int outbuf_pos; /* in bytes */ + int outbuf_count; /* in VMA_BLOCKS */ + uint64_t outbuf_block_info[VMA_BLOCKS_PER_EXTENT]; + +- VmaAIOCB *aiocbs[WRITE_BUFFERS]; +- CoQueue wqueue; ++ unsigned char *headerbuf; + + GChecksum *md5csum; +- CoMutex writer_lock; + CoMutex flush_lock; + Coroutine *co_writer; + +@@ -217,38 +209,39 @@ static void vma_co_continue_write(void *opaque) + } + + static ssize_t coroutine_fn +-vma_co_write(VmaWriter *vmaw, const void *buf, size_t bytes) ++vma_queue_write(VmaWriter *vmaw, const void *buf, size_t bytes) + { +- size_t done = 0; +- ssize_t ret; ++ DPRINTF("vma_queue_write enter %zd\n", bytes); + +- /* atomic writes (we cannot interleave writes) */ +- qemu_co_mutex_lock(&vmaw->writer_lock); ++ assert(vmaw); ++ assert(buf); ++ assert(bytes <= VMA_MAX_EXTENT_SIZE); + +- DPRINTF("vma_co_write enter %zd\n", bytes); ++ size_t done = 0; ++ ssize_t ret; + + assert(vmaw->co_writer == NULL); + + vmaw->co_writer = qemu_coroutine_self(); + +- aio_set_fd_handler(qemu_get_aio_context(), vmaw->fd, false, NULL, vma_co_continue_write, vmaw); +- +- DPRINTF("vma_co_write wait until writable\n"); +- qemu_coroutine_yield(); +- DPRINTF("vma_co_write starting %zd\n", bytes); +- + while (done < bytes) { ++ aio_set_fd_handler(qemu_get_aio_context(), vmaw->fd, false, NULL, vma_co_continue_write, vmaw); ++ qemu_coroutine_yield(); ++ aio_set_fd_handler(qemu_get_aio_context(), vmaw->fd, false, NULL, NULL, NULL); ++ if (vmaw->status < 0) { ++ DPRINTF("vma_queue_write detected canceled backup\n"); ++ done = -1; ++ break; ++ } + ret = write(vmaw->fd, buf + done, bytes - done); + if (ret > 0) { + done += ret; +- DPRINTF("vma_co_write written %zd %zd\n", done, ret); ++ DPRINTF("vma_queue_write written %zd %zd\n", done, ret); + } else if (ret < 0) { + if (errno == EAGAIN || errno == EWOULDBLOCK) { +- DPRINTF("vma_co_write yield %zd\n", done); +- qemu_coroutine_yield(); +- DPRINTF("vma_co_write restart %zd\n", done); +- } else { +- vma_writer_set_error(vmaw, "vma_co_write write error - %s", ++ /* try again */ ++ } else { ++ vma_writer_set_error(vmaw, "vma_queue_write: write error - %s", + g_strerror(errno)); + done = -1; /* always return failure for partial writes */ + break; +@@ -258,102 +251,9 @@ vma_co_write(VmaWriter *vmaw, const void *buf, size_t bytes) + } + } + +- aio_set_fd_handler(qemu_get_aio_context(), vmaw->fd, false, NULL, NULL, NULL); +- + vmaw->co_writer = NULL; +- +- qemu_co_mutex_unlock(&vmaw->writer_lock); +- +- DPRINTF("vma_co_write leave %zd\n", done); +- return done; +-} +- +-static void coroutine_fn vma_co_writer_task(void *opaque) +-{ +- VmaAIOCB *cb = opaque; +- +- DPRINTF("vma_co_writer_task start\n"); +- +- int64_t done = vma_co_write(cb->vmaw, cb->buffer, cb->bytes); +- DPRINTF("vma_co_writer_task write done %zd\n", done); +- +- if (done != cb->bytes) { +- DPRINTF("vma_co_writer_task failed write %zd %zd", cb->bytes, done); +- vma_writer_set_error(cb->vmaw, "vma_co_writer_task failed write %zd", +- done); +- } +- +- cb->bytes = 0; +- +- qemu_co_queue_next(&cb->vmaw->wqueue); +- +- DPRINTF("vma_co_writer_task end\n"); +-} +- +-static void coroutine_fn vma_queue_flush(VmaWriter *vmaw) +-{ +- DPRINTF("vma_queue_flush enter\n"); +- +- assert(vmaw); +- +- while (1) { +- int i; +- VmaAIOCB *cb = NULL; +- for (i = 0; i < WRITE_BUFFERS; i++) { +- if (vmaw->aiocbs[i]->bytes) { +- cb = vmaw->aiocbs[i]; +- DPRINTF("FOUND USED AIO BUFFER %d %zd\n", i, +- vmaw->aiocbs[i]->bytes); +- break; +- } +- } +- if (!cb) { +- break; +- } +- qemu_co_queue_wait(&vmaw->wqueue); +- } +- +- DPRINTF("vma_queue_flush leave\n"); +-} +- +-/** +- * NOTE: pipe buffer size in only 4096 bytes on linux (see 'ulimit -a') +- * So we need to create a coroutione to allow 'parallel' execution. +- */ +-static ssize_t coroutine_fn +-vma_queue_write(VmaWriter *vmaw, const void *buf, size_t bytes) +-{ +- DPRINTF("vma_queue_write enter %zd\n", bytes); +- +- assert(vmaw); +- assert(buf); +- assert(bytes <= VMA_MAX_EXTENT_SIZE); +- +- VmaAIOCB *cb = NULL; +- while (!cb) { +- int i; +- for (i = 0; i < WRITE_BUFFERS; i++) { +- if (!vmaw->aiocbs[i]->bytes) { +- cb = vmaw->aiocbs[i]; +- break; +- } +- } +- if (!cb) { +- qemu_co_queue_wait(&vmaw->wqueue); +- } +- } +- +- memcpy(cb->buffer, buf, bytes); +- cb->bytes = bytes; +- cb->vmaw = vmaw; +- +- DPRINTF("vma_queue_write start %zd\n", bytes); +- cb->co = qemu_coroutine_create(vma_co_writer_task); +- qemu_coroutine_enter(cb->co, cb); +- +- DPRINTF("vma_queue_write leave\n"); +- +- return bytes; ++ ++ return (done == bytes) ? bytes : -1; + } + + VmaWriter *vma_writer_create(const char *filename, uuid_t uuid, Error **errp) +@@ -420,20 +320,16 @@ VmaWriter *vma_writer_create(const char *filename, uuid_t uuid, Error **errp) + } + + /* we use O_DIRECT, so we need to align IO buffers */ +- int i; +- for (i = 0; i < WRITE_BUFFERS; i++) { +- vmaw->aiocbs[i] = qemu_memalign(512, sizeof(VmaAIOCB)); +- memset(vmaw->aiocbs[i], 0, sizeof(VmaAIOCB)); +- } ++ ++ vmaw->outbuf = qemu_memalign(512, VMA_MAX_EXTENT_SIZE); ++ vmaw->headerbuf = qemu_memalign(512, HEADERBUF_SIZE); + + vmaw->outbuf_count = 0; + vmaw->outbuf_pos = VMA_EXTENT_HEADER_SIZE; + + vmaw->header_blob_table_pos = 1; /* start at pos 1 */ + +- qemu_co_mutex_init(&vmaw->writer_lock); + qemu_co_mutex_init(&vmaw->flush_lock); +- qemu_co_queue_init(&vmaw->wqueue); + + uuid_copy(vmaw->uuid, uuid); + +@@ -460,8 +356,7 @@ err: + static int coroutine_fn vma_write_header(VmaWriter *vmaw) + { + assert(vmaw); +- int header_clusters = 8; +- char buf[65536*header_clusters]; ++ unsigned char *buf = vmaw->headerbuf; + VmaHeader *head = (VmaHeader *)buf; + + int i; +@@ -472,7 +367,7 @@ static int coroutine_fn vma_write_header(VmaWriter *vmaw) + return vmaw->status; + } + +- memset(buf, 0, sizeof(buf)); ++ memset(buf, 0, HEADERBUF_SIZE); + + head->magic = VMA_MAGIC; + head->version = GUINT32_TO_BE(1); /* v1 */ +@@ -507,7 +402,7 @@ static int coroutine_fn vma_write_header(VmaWriter *vmaw) + uint32_t header_size = sizeof(VmaHeader) + vmaw->header_blob_table_size; + head->header_size = GUINT32_TO_BE(header_size); + +- if (header_size > sizeof(buf)) { ++ if (header_size > HEADERBUF_SIZE) { + return -1; /* just to be sure */ + } + +@@ -805,13 +700,7 @@ int vma_writer_close(VmaWriter *vmaw, Error **errp) + + int i; + +- vma_queue_flush(vmaw); +- +- /* this should not happen - just to be sure */ +- while (!qemu_co_queue_empty(&vmaw->wqueue)) { +- DPRINTF("vma_writer_close wait\n"); +- co_aio_sleep_ns(qemu_get_aio_context(), QEMU_CLOCK_REALTIME, 1000000); +- } ++ assert(vmaw->co_writer == NULL); + + if (vmaw->cmd) { + if (pclose(vmaw->cmd) < 0) { +@@ -869,9 +758,5 @@ void vma_writer_destroy(VmaWriter *vmaw) + g_checksum_free(vmaw->md5csum); + } + +- for (i = 0; i < WRITE_BUFFERS; i++) { +- free(vmaw->aiocbs[i]); +- } +- + g_free(vmaw); + } +-- +2.1.4 + diff --git a/debian/patches/pve/0020-backup-vma-run-flush-inside-coroutine.patch b/debian/patches/pve/0020-backup-vma-run-flush-inside-coroutine.patch new file mode 100644 index 0000000..6de18b2 --- /dev/null +++ b/debian/patches/pve/0020-backup-vma-run-flush-inside-coroutine.patch @@ -0,0 +1,56 @@ +From 3e0869f3ef3fc5537d90d22cde89f1384b164e70 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 15:40:42 +0100 +Subject: [PATCH 20/47] backup: vma: run flush inside coroutine + +--- + blockdev.c | 10 +++++++++- + vma-writer.c | 4 ++++ + 2 files changed, 13 insertions(+), 1 deletion(-) + +diff --git a/blockdev.c b/blockdev.c +index 1491c2d..f3c0c58 100644 +--- a/blockdev.c ++++ b/blockdev.c +@@ -3081,6 +3081,13 @@ static void pvebackup_cleanup(void) + } + } + ++static void coroutine_fn backup_close_vma_stream(void *opaque) ++{ ++ PVEBackupDevInfo *di = opaque; ++ ++ vma_writer_close_stream(backup_state.vmaw, di->dev_id); ++} ++ + static void pvebackup_complete_cb(void *opaque, int ret) + { + PVEBackupDevInfo *di = opaque; +@@ -3098,7 +3105,8 @@ static void pvebackup_complete_cb(void *opaque, int ret) + di->target = NULL; + + if (backup_state.vmaw) { +- vma_writer_close_stream(backup_state.vmaw, di->dev_id); ++ Coroutine *co = qemu_coroutine_create(backup_close_vma_stream, di); ++ qemu_coroutine_enter(co); + } + + block_job_cb(bs, ret); +diff --git a/vma-writer.c b/vma-writer.c +index 6d3119d..79b7fd4 100644 +--- a/vma-writer.c ++++ b/vma-writer.c +@@ -700,6 +700,10 @@ int vma_writer_close(VmaWriter *vmaw, Error **errp) + + int i; + ++ while (vmaw->co_writer) { ++ aio_poll(qemu_get_aio_context(), true); ++ } ++ + assert(vmaw->co_writer == NULL); + + if (vmaw->cmd) { +-- +2.1.4 + diff --git a/debian/patches/pve/0021-backup-do-not-use-bdrv_drain_all.patch b/debian/patches/pve/0021-backup-do-not-use-bdrv_drain_all.patch new file mode 100644 index 0000000..bc66245 --- /dev/null +++ b/debian/patches/pve/0021-backup-do-not-use-bdrv_drain_all.patch @@ -0,0 +1,36 @@ +From e7cf613192638f5ac24629961c4010a3b3575ad6 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 15:41:13 +0100 +Subject: [PATCH 21/47] backup: do not use bdrv_drain_all + +--- + blockdev.c | 6 +----- + 1 file changed, 1 insertion(+), 5 deletions(-) + +diff --git a/blockdev.c b/blockdev.c +index f3c0c58..2371cf3 100644 +--- a/blockdev.c ++++ b/blockdev.c +@@ -3129,9 +3129,6 @@ static void pvebackup_cancel(void *opaque) + vma_writer_set_error(backup_state.vmaw, "backup cancelled"); + } + +- /* drain all i/o (awake jobs waiting for aio) */ +- bdrv_drain_all(); +- + GList *l = backup_state.di_list; + while (l) { + PVEBackupDevInfo *di = (PVEBackupDevInfo *)l->data; +@@ -3140,8 +3137,7 @@ static void pvebackup_cancel(void *opaque) + BlockJob *job = di->bs->job; + if (job) { + if (!di->completed) { +- block_job_cancel_sync(job); +- bdrv_drain_all(); /* drain all i/o (awake jobs waiting for aio) */ ++ block_job_cancel_sync(job); + } + } + } +-- +2.1.4 + diff --git a/debian/patches/pve/0022-internal-snapshot-async.patch b/debian/patches/pve/0022-internal-snapshot-async.patch new file mode 100644 index 0000000..3c7cfcb --- /dev/null +++ b/debian/patches/pve/0022-internal-snapshot-async.patch @@ -0,0 +1,1000 @@ +From ddfc29076293a794f0d9cc74c0c822c144e7ecbc Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 16:04:32 +0100 +Subject: [PATCH 22/47] internal snapshot async + +--- + Makefile.objs | 1 + + block.c | 2 +- + hmp-commands-info.hx | 13 ++ + hmp-commands.hx | 32 +++ + hmp.c | 57 ++++++ + hmp.h | 5 + + include/block/block.h | 1 + + include/sysemu/sysemu.h | 5 +- + migration/savevm.c | 12 +- + qapi-schema.json | 46 +++++ + qemu-options.hx | 13 ++ + qmp-commands.hx | 30 +++ + savevm-async.c | 526 ++++++++++++++++++++++++++++++++++++++++++++++++ + vl.c | 8 + + 14 files changed, 743 insertions(+), 8 deletions(-) + create mode 100644 savevm-async.c + +diff --git a/Makefile.objs b/Makefile.objs +index 845edd0..7d9d2d7 100644 +--- a/Makefile.objs ++++ b/Makefile.objs +@@ -53,6 +53,7 @@ common-obj-$(CONFIG_LINUX) += fsdev/ + common-obj-y += migration/ + common-obj-y += qemu-char.o #aio.o + common-obj-y += page_cache.o ++common-obj-y += savevm-async.o + + common-obj-$(CONFIG_SPICE) += spice-qemu-char.o + +diff --git a/block.c b/block.c +index 30d64e6..95c1d32 100644 +--- a/block.c ++++ b/block.c +@@ -2288,7 +2288,7 @@ void bdrv_replace_in_backing_chain(BlockDriverState *old, BlockDriverState *new) + bdrv_unref(old); + } + +-static void bdrv_delete(BlockDriverState *bs) ++void bdrv_delete(BlockDriverState *bs) + { + assert(!bs->job); + assert(bdrv_op_blocker_is_empty(bs)); +diff --git a/hmp-commands-info.hx b/hmp-commands-info.hx +index 7616fe2..3046f9d 100644 +--- a/hmp-commands-info.hx ++++ b/hmp-commands-info.hx +@@ -588,6 +588,19 @@ Show current migration xbzrle cache size. + ETEXI + + { ++ .name = "savevm", ++ .args_type = "", ++ .params = "", ++ .help = "show savevm status", ++ .mhandler.cmd = hmp_info_savevm, ++ }, ++ ++STEXI ++@item info savevm ++show savevm status ++ETEXI ++ ++ { + .name = "balloon", + .args_type = "", + .params = "", +diff --git a/hmp-commands.hx b/hmp-commands.hx +index 0e20ef9..4d735cb 100644 +--- a/hmp-commands.hx ++++ b/hmp-commands.hx +@@ -1791,3 +1791,35 @@ ETEXI + STEXI + @end table + ETEXI ++ ++ { ++ .name = "savevm-start", ++ .args_type = "statefile:s?", ++ .params = "[statefile]", ++ .help = "Prepare for snapshot and halt VM. Save VM state to statefile.", ++ .mhandler.cmd = hmp_savevm_start, ++ }, ++ ++ { ++ .name = "snapshot-drive", ++ .args_type = "device:s,name:s", ++ .params = "device name", ++ .help = "Create internal snapshot.", ++ .mhandler.cmd = hmp_snapshot_drive, ++ }, ++ ++ { ++ .name = "delete-drive-snapshot", ++ .args_type = "device:s,name:s", ++ .params = "device name", ++ .help = "Delete internal snapshot.", ++ .mhandler.cmd = hmp_delete_drive_snapshot, ++ }, ++ ++ { ++ .name = "savevm-end", ++ .args_type = "", ++ .params = "", ++ .help = "Resume VM after snaphot.", ++ .mhandler.cmd = hmp_savevm_end, ++ }, +diff --git a/hmp.c b/hmp.c +index c23cf2f..030fd97 100644 +--- a/hmp.c ++++ b/hmp.c +@@ -2117,6 +2117,63 @@ void hmp_info_memory_devices(Monitor *mon, const QDict *qdict) + qapi_free_MemoryDeviceInfoList(info_list); + } + ++void hmp_savevm_start(Monitor *mon, const QDict *qdict) ++{ ++ Error *errp = NULL; ++ const char *statefile = qdict_get_try_str(qdict, "statefile"); ++ ++ qmp_savevm_start(statefile != NULL, statefile, &errp); ++ hmp_handle_error(mon, &errp); ++} ++ ++void hmp_snapshot_drive(Monitor *mon, const QDict *qdict) ++{ ++ Error *errp = NULL; ++ const char *name = qdict_get_str(qdict, "name"); ++ const char *device = qdict_get_str(qdict, "device"); ++ ++ qmp_snapshot_drive(device, name, &errp); ++ hmp_handle_error(mon, &errp); ++} ++ ++void hmp_delete_drive_snapshot(Monitor *mon, const QDict *qdict) ++{ ++ Error *errp = NULL; ++ const char *name = qdict_get_str(qdict, "name"); ++ const char *device = qdict_get_str(qdict, "device"); ++ ++ qmp_delete_drive_snapshot(device, name, &errp); ++ hmp_handle_error(mon, &errp); ++} ++ ++void hmp_savevm_end(Monitor *mon, const QDict *qdict) ++{ ++ Error *errp = NULL; ++ ++ qmp_savevm_end(&errp); ++ hmp_handle_error(mon, &errp); ++} ++ ++void hmp_info_savevm(Monitor *mon, const QDict *qdict) ++{ ++ SaveVMInfo *info; ++ info = qmp_query_savevm(NULL); ++ ++ if (info->has_status) { ++ monitor_printf(mon, "savevm status: %s\n", info->status); ++ monitor_printf(mon, "total time: %" PRIu64 " milliseconds\n", ++ info->total_time); ++ } else { ++ monitor_printf(mon, "savevm status: not running\n"); ++ } ++ if (info->has_bytes) { ++ monitor_printf(mon, "Bytes saved: %"PRIu64"\n", info->bytes); ++ } ++ if (info->has_error) { ++ monitor_printf(mon, "Error: %s\n", info->error); ++ } ++} ++ + void hmp_info_iothreads(Monitor *mon, const QDict *qdict) + { + IOThreadInfoList *info_list = qmp_query_iothreads(NULL); +diff --git a/hmp.h b/hmp.h +index 9a4c1f6..b74ddbf 100644 +--- a/hmp.h ++++ b/hmp.h +@@ -26,6 +26,7 @@ void hmp_info_status(Monitor *mon, const QDict *qdict); + void hmp_info_uuid(Monitor *mon, const QDict *qdict); + void hmp_info_chardev(Monitor *mon, const QDict *qdict); + void hmp_info_mice(Monitor *mon, const QDict *qdict); ++void hmp_info_savevm(Monitor *mon, const QDict *qdict); + void hmp_info_migrate(Monitor *mon, const QDict *qdict); + void hmp_info_migrate_capabilities(Monitor *mon, const QDict *qdict); + void hmp_info_migrate_parameters(Monitor *mon, const QDict *qdict); +@@ -92,6 +93,10 @@ void hmp_netdev_add(Monitor *mon, const QDict *qdict); + void hmp_netdev_del(Monitor *mon, const QDict *qdict); + void hmp_getfd(Monitor *mon, const QDict *qdict); + void hmp_closefd(Monitor *mon, const QDict *qdict); ++void hmp_savevm_start(Monitor *mon, const QDict *qdict); ++void hmp_snapshot_drive(Monitor *mon, const QDict *qdict); ++void hmp_delete_drive_snapshot(Monitor *mon, const QDict *qdict); ++void hmp_savevm_end(Monitor *mon, const QDict *qdict); + void hmp_sendkey(Monitor *mon, const QDict *qdict); + void hmp_screendump(Monitor *mon, const QDict *qdict); + void hmp_nbd_server_start(Monitor *mon, const QDict *qdict); +diff --git a/include/block/block.h b/include/block/block.h +index acddf3b..0f70a9d 100644 +--- a/include/block/block.h ++++ b/include/block/block.h +@@ -256,6 +256,7 @@ BlockDriverState *bdrv_find_backing_image(BlockDriverState *bs, + int bdrv_get_backing_file_depth(BlockDriverState *bs); + void bdrv_refresh_filename(BlockDriverState *bs); + int bdrv_truncate(BlockDriverState *bs, int64_t offset); ++void bdrv_delete(BlockDriverState *bs); + int64_t bdrv_nb_sectors(BlockDriverState *bs); + int64_t bdrv_getlength(BlockDriverState *bs); + int64_t bdrv_get_allocated_file_size(BlockDriverState *bs); +diff --git a/include/sysemu/sysemu.h b/include/sysemu/sysemu.h +index ee7c760..4875441 100644 +--- a/include/sysemu/sysemu.h ++++ b/include/sysemu/sysemu.h +@@ -79,6 +79,7 @@ void qemu_remove_machine_init_done_notifier(Notifier *notify); + + void hmp_savevm(Monitor *mon, const QDict *qdict); + int load_vmstate(const char *name); ++int load_state_from_blockdev(const char *filename); + void hmp_delvm(Monitor *mon, const QDict *qdict); + void hmp_info_snapshots(Monitor *mon, const QDict *qdict); + +@@ -106,13 +107,13 @@ enum qemu_vm_cmd { + #define MAX_VM_CMD_PACKAGED_SIZE (1ul << 24) + + bool qemu_savevm_state_blocked(Error **errp); +-void qemu_savevm_state_begin(QEMUFile *f, ++int qemu_savevm_state_begin(QEMUFile *f, + const MigrationParams *params); + void qemu_savevm_state_header(QEMUFile *f); + int qemu_savevm_state_iterate(QEMUFile *f, bool postcopy); + void qemu_savevm_state_cleanup(void); + void qemu_savevm_state_complete_postcopy(QEMUFile *f); +-void qemu_savevm_state_complete_precopy(QEMUFile *f, bool iterable_only); ++int qemu_savevm_state_complete_precopy(QEMUFile *f, bool iterable_only); + void qemu_savevm_state_pending(QEMUFile *f, uint64_t max_size, + uint64_t *res_non_postcopiable, + uint64_t *res_postcopiable); +diff --git a/migration/savevm.c b/migration/savevm.c +index 33a2911..b1bdfb6 100644 +--- a/migration/savevm.c ++++ b/migration/savevm.c +@@ -879,11 +879,11 @@ void qemu_savevm_state_header(QEMUFile *f) + + } + +-void qemu_savevm_state_begin(QEMUFile *f, ++int qemu_savevm_state_begin(QEMUFile *f, + const MigrationParams *params) + { + SaveStateEntry *se; +- int ret; ++ int ret = 0; + + trace_savevm_state_begin(); + QTAILQ_FOREACH(se, &savevm_state.handlers, entry) { +@@ -911,6 +911,7 @@ void qemu_savevm_state_begin(QEMUFile *f, + break; + } + } ++ return ret; + } + + /* +@@ -1014,7 +1015,7 @@ void qemu_savevm_state_complete_postcopy(QEMUFile *f) + qemu_fflush(f); + } + +-void qemu_savevm_state_complete_precopy(QEMUFile *f, bool iterable_only) ++int qemu_savevm_state_complete_precopy(QEMUFile *f, bool iterable_only) + { + QJSON *vmdesc; + int vmdesc_len; +@@ -1048,12 +1049,12 @@ void qemu_savevm_state_complete_precopy(QEMUFile *f, bool iterable_only) + save_section_footer(f, se); + if (ret < 0) { + qemu_file_set_error(f, ret); +- return; ++ return ret; + } + } + + if (iterable_only) { +- return; ++ return ret; + } + + vmdesc = qjson_new(); +@@ -1100,6 +1101,7 @@ void qemu_savevm_state_complete_precopy(QEMUFile *f, bool iterable_only) + qjson_destroy(vmdesc); + + qemu_fflush(f); ++ return qemu_file_get_error(f); + } + + /* Give an estimate of the amount left to be transferred, +diff --git a/qapi-schema.json b/qapi-schema.json +index 147137d..0c0faf7 100644 +--- a/qapi-schema.json ++++ b/qapi-schema.json +@@ -594,6 +594,42 @@ + '*cpu-throttle-percentage': 'int', + '*error-desc': 'str'} } + ++ ++# @SaveVMInfo ++# ++# Information about current migration process. ++# ++# @status: #optional string describing the current savevm status. ++# This can be 'active', 'completed', 'failed'. ++# If this field is not returned, no savevm process ++# has been initiated ++# ++# @error: #optional string containing error message is status is failed. ++# ++# @total-time: #optional total amount of milliseconds since savevm started. ++# If savevm has ended, it returns the total save time ++# ++# @bytes: #optional total amount of data transfered ++# ++# Since: 1.3 ++## ++{ 'struct': 'SaveVMInfo', ++ 'data': {'*status': 'str', '*error': 'str', ++ '*total-time': 'int', '*bytes': 'int'} } ++ ++## ++# @query-savevm ++# ++# Returns information about current savevm process. ++# ++# Returns: @SaveVMInfo ++# ++# Since: 1.3 ++## ++{ 'command': 'query-savevm', 'returns': 'SaveVMInfo' } ++ ++## ++ + ## + # @query-migrate + # +@@ -3286,8 +3322,18 @@ + # + # Since: 1.2.0 + ## ++ + { 'command': 'query-target', 'returns': 'TargetInfo' } + ++{ 'command': 'savevm-start', 'data': { '*statefile': 'str' } } ++ ++{ 'command': 'snapshot-drive', 'data': { 'device': 'str', 'name': 'str' } } ++ ++{ 'command': 'delete-drive-snapshot', 'data': { 'device': 'str', 'name': 'str' } } ++ ++{ 'command': 'savevm-end' } ++ ++ + ## + # @QKeyCode: + # +diff --git a/qemu-options.hx b/qemu-options.hx +index a71aaf8..37fad3b 100644 +--- a/qemu-options.hx ++++ b/qemu-options.hx +@@ -3302,6 +3302,19 @@ STEXI + Start right away with a saved state (@code{loadvm} in monitor) + ETEXI + ++DEF("loadstate", HAS_ARG, QEMU_OPTION_loadstate, \ ++ "-loadstate file\n" \ ++ " start right away with a saved state\n", ++ QEMU_ARCH_ALL) ++STEXI ++@item -loadstate @var{file} ++@findex -loadstate ++Start right away with a saved state. This option does not rollback ++disk state like @code{loadvm}, so user must make sure that disk ++have correct state. @var{file} can be any valid device URL. See the section ++for "Device URL Syntax" for more information. ++ETEXI ++ + #ifndef _WIN32 + DEF("daemonize", 0, QEMU_OPTION_daemonize, \ + "-daemonize daemonize QEMU after initializing\n", QEMU_ARCH_ALL) +diff --git a/qmp-commands.hx b/qmp-commands.hx +index a8e8522..6342cd2 100644 +--- a/qmp-commands.hx ++++ b/qmp-commands.hx +@@ -4904,6 +4904,36 @@ Example: + EQMP + + { ++ .name = "savevm-start", ++ .args_type = "statefile:s?", ++ .mhandler.cmd_new = qmp_marshal_savevm_start, ++ }, ++ ++ { ++ .name = "snapshot-drive", ++ .args_type = "device:s,name:s", ++ .mhandler.cmd_new = qmp_marshal_snapshot_drive, ++ }, ++ ++ { ++ .name = "delete-drive-snapshot", ++ .args_type = "device:s,name:s", ++ .mhandler.cmd_new = qmp_marshal_delete_drive_snapshot, ++ }, ++ ++ { ++ .name = "savevm-end", ++ .args_type = "", ++ .mhandler.cmd_new = qmp_marshal_savevm_end, ++ }, ++ ++ { ++ .name = "query-savevm", ++ .args_type = "", ++ .mhandler.cmd_new = qmp_marshal_query_savevm, ++ }, ++ ++ { + .name = "query-rocker", + .args_type = "name:s", + .mhandler.cmd_new = qmp_marshal_query_rocker, +diff --git a/savevm-async.c b/savevm-async.c +new file mode 100644 +index 0000000..ae7ea84 +--- /dev/null ++++ b/savevm-async.c +@@ -0,0 +1,526 @@ ++#include "qemu/osdep.h" ++#include "qemu-common.h" ++#include "qapi/qmp/qerror.h" ++#include "qemu/error-report.h" ++#include "sysemu/sysemu.h" ++#include "qmp-commands.h" ++#include "qemu-options.h" ++#include "migration/qemu-file.h" ++#include "qom/qom-qobject.h" ++#include "migration/migration.h" ++#include "block/snapshot.h" ++#include "block/qapi.h" ++#include "block/block.h" ++#include "qemu/timer.h" ++#include "sysemu/block-backend.h" ++#include "qapi/qmp/qstring.h" ++#include "qemu/rcu.h" ++#include "qemu/thread.h" ++#include "qemu/cutils.h" ++ ++/* #define DEBUG_SAVEVM_STATE */ ++ ++#ifdef DEBUG_SAVEVM_STATE ++#define DPRINTF(fmt, ...) \ ++ do { printf("savevm-async: " fmt, ## __VA_ARGS__); } while (0) ++#else ++#define DPRINTF(fmt, ...) \ ++ do { } while (0) ++#endif ++ ++enum { ++ SAVE_STATE_DONE, ++ SAVE_STATE_ERROR, ++ SAVE_STATE_ACTIVE, ++ SAVE_STATE_COMPLETED, ++ SAVE_STATE_CANCELLED ++}; ++ ++ ++static struct SnapshotState { ++ BlockDriverState *bs; ++ size_t bs_pos; ++ int state; ++ Error *error; ++ Error *blocker; ++ int saved_vm_running; ++ QEMUFile *file; ++ int64_t total_time; ++} snap_state; ++ ++SaveVMInfo *qmp_query_savevm(Error **errp) ++{ ++ SaveVMInfo *info = g_malloc0(sizeof(*info)); ++ struct SnapshotState *s = &snap_state; ++ ++ if (s->state != SAVE_STATE_DONE) { ++ info->has_bytes = true; ++ info->bytes = s->bs_pos; ++ switch (s->state) { ++ case SAVE_STATE_ERROR: ++ info->has_status = true; ++ info->status = g_strdup("failed"); ++ info->has_total_time = true; ++ info->total_time = s->total_time; ++ if (s->error) { ++ info->has_error = true; ++ info->error = g_strdup(error_get_pretty(s->error)); ++ } ++ break; ++ case SAVE_STATE_ACTIVE: ++ info->has_status = true; ++ info->status = g_strdup("active"); ++ info->has_total_time = true; ++ info->total_time = qemu_clock_get_ms(QEMU_CLOCK_REALTIME) ++ - s->total_time; ++ break; ++ case SAVE_STATE_COMPLETED: ++ info->has_status = true; ++ info->status = g_strdup("completed"); ++ info->has_total_time = true; ++ info->total_time = s->total_time; ++ break; ++ } ++ } ++ ++ return info; ++} ++ ++static int save_snapshot_cleanup(void) ++{ ++ int ret = 0; ++ ++ DPRINTF("save_snapshot_cleanup\n"); ++ ++ snap_state.total_time = qemu_clock_get_ms(QEMU_CLOCK_REALTIME) - ++ snap_state.total_time; ++ ++ if (snap_state.file) { ++ ret = qemu_fclose(snap_state.file); ++ } ++ ++ if (snap_state.bs) { ++ /* try to truncate, but ignore errors (will fail on block devices). ++ * note: bdrv_read() need whole blocks, so we round up ++ */ ++ size_t size = (snap_state.bs_pos + BDRV_SECTOR_SIZE) & BDRV_SECTOR_MASK; ++ bdrv_truncate(snap_state.bs, size); ++ bdrv_op_unblock_all(snap_state.bs, snap_state.blocker); ++ error_free(snap_state.blocker); ++ snap_state.blocker = NULL; ++ bdrv_unref(snap_state.bs); ++ snap_state.bs = NULL; ++ } ++ ++ return ret; ++} ++ ++static void save_snapshot_error(const char *fmt, ...) ++{ ++ va_list ap; ++ char *msg; ++ ++ va_start(ap, fmt); ++ msg = g_strdup_vprintf(fmt, ap); ++ va_end(ap); ++ ++ DPRINTF("save_snapshot_error: %s\n", msg); ++ ++ if (!snap_state.error) { ++ error_set(&snap_state.error, ERROR_CLASS_GENERIC_ERROR, "%s", msg); ++ } ++ ++ g_free (msg); ++ ++ snap_state.state = SAVE_STATE_ERROR; ++ ++ save_snapshot_cleanup(); ++} ++ ++static void save_snapshot_completed(void) ++{ ++ DPRINTF("save_snapshot_completed\n"); ++ ++ if (save_snapshot_cleanup() < 0) { ++ snap_state.state = SAVE_STATE_ERROR; ++ } else { ++ snap_state.state = SAVE_STATE_COMPLETED; ++ } ++} ++ ++static int block_state_close(void *opaque) ++{ ++ snap_state.file = NULL; ++ return bdrv_flush(snap_state.bs); ++} ++ ++static int block_state_put_buffer(void *opaque, const uint8_t *buf, ++ int64_t pos, int size) ++{ ++ int ret; ++ ++ assert(pos == snap_state.bs_pos); ++ ++ if ((ret = bdrv_pwrite(snap_state.bs, snap_state.bs_pos, buf, size)) > 0) { ++ snap_state.bs_pos += ret; ++ } ++ ++ return ret; ++} ++ ++static int store_and_stop(void) { ++ if (global_state_store()) { ++ save_snapshot_error("Error saving global state"); ++ return 1; ++ } ++ if (runstate_is_running()) { ++ vm_stop(RUN_STATE_SAVE_VM); ++ } ++ return 0; ++} ++ ++static void process_savevm_co(void *opaque) ++{ ++ int ret; ++ int64_t maxlen; ++ MigrationParams params = { ++ .blk = 0, ++ .shared = 0 ++ }; ++ ++ snap_state.state = SAVE_STATE_ACTIVE; ++ ++ qemu_mutex_unlock_iothread(); ++ qemu_savevm_state_header(snap_state.file); ++ ret = qemu_savevm_state_begin(snap_state.file, ¶ms); ++ qemu_mutex_lock_iothread(); ++ ++ if (ret < 0) { ++ save_snapshot_error("qemu_savevm_state_begin failed"); ++ return; ++ } ++ ++ while (snap_state.state == SAVE_STATE_ACTIVE) { ++ uint64_t pending_size; ++ ++ pending_size = qemu_savevm_state_pending(snap_state.file, 0); ++ ++ if (pending_size) { ++ ret = qemu_savevm_state_iterate(snap_state.file); ++ if (ret < 0) { ++ save_snapshot_error("qemu_savevm_state_iterate error %d", ret); ++ break; ++ } ++ DPRINTF("savevm inerate pending size %lu ret %d\n", pending_size, ret); ++ } else { ++ DPRINTF("done iterating\n"); ++ if (store_and_stop()) ++ break; ++ DPRINTF("savevm inerate finished\n"); ++ qemu_savevm_state_complete_precopy(snap_state.file); ++ DPRINTF("save complete\n"); ++ save_snapshot_completed(); ++ break; ++ } ++ ++ /* stop the VM if we get to the end of available space, ++ * or if pending_size is just a few MB ++ */ ++ maxlen = bdrv_getlength(snap_state.bs) - 30*1024*1024; ++ if ((pending_size < 100000) || ++ ((snap_state.bs_pos + pending_size) >= maxlen)) { ++ if (store_and_stop()) ++ break; ++ } ++ } ++ ++ if(snap_state.state == SAVE_STATE_CANCELLED) { ++ save_snapshot_completed(); ++ Error *errp = NULL; ++ qmp_savevm_end(&errp); ++ } ++ ++} ++ ++static const QEMUFileOps block_file_ops = { ++ .put_buffer = block_state_put_buffer, ++ .close = block_state_close, ++}; ++ ++ ++void qmp_savevm_start(bool has_statefile, const char *statefile, Error **errp) ++{ ++ BlockDriver *drv = NULL; ++ Error *local_err = NULL; ++ ++ int bdrv_oflags = BDRV_O_RDWR; ++ int ret; ++ ++ if (snap_state.state != SAVE_STATE_DONE) { ++ error_set(errp, ERROR_CLASS_GENERIC_ERROR, ++ "VM snapshot already started\n"); ++ return; ++ } ++ ++ /* initialize snapshot info */ ++ snap_state.saved_vm_running = runstate_is_running(); ++ snap_state.bs_pos = 0; ++ snap_state.total_time = qemu_clock_get_ms(QEMU_CLOCK_REALTIME); ++ snap_state.blocker = NULL; ++ ++ if (snap_state.error) { ++ error_free(snap_state.error); ++ snap_state.error = NULL; ++ } ++ ++ if (!has_statefile) { ++ vm_stop(RUN_STATE_SAVE_VM); ++ snap_state.state = SAVE_STATE_COMPLETED; ++ return; ++ } ++ ++ if (qemu_savevm_state_blocked(errp)) { ++ return; ++ } ++ ++ /* Open the image */ ++ snap_state.bs = bdrv_new(); ++ ++ QDict *options = NULL; ++ options = qdict_new(); ++ qdict_put(options, "driver", qstring_from_str("raw")); ++ ret = bdrv_open(&snap_state.bs, statefile, NULL, options, bdrv_oflags, drv, &local_err); ++ if (ret < 0) { ++ error_set(errp, ERROR_CLASS_GENERIC_ERROR, "failed to open '%s'", statefile); ++ goto restart; ++ } ++ ++ snap_state.file = qemu_fopen_ops(&snap_state, &block_file_ops); ++ ++ if (!snap_state.file) { ++ error_set(errp, ERROR_CLASS_GENERIC_ERROR, "failed to open '%s'", statefile); ++ goto restart; ++ } ++ ++ ++ error_setg(&snap_state.blocker, "block device is in use by savevm"); ++ bdrv_op_block_all(snap_state.bs, snap_state.blocker); ++ ++ Coroutine *co = qemu_coroutine_create(process_savevm_co); ++ qemu_coroutine_enter(co); ++ ++ return; ++ ++restart: ++ ++ save_snapshot_error("setup failed"); ++ ++ if (snap_state.saved_vm_running) { ++ vm_start(); ++ } ++} ++ ++void qmp_savevm_end(Error **errp) ++{ ++ if (snap_state.state == SAVE_STATE_DONE) { ++ error_set(errp, ERROR_CLASS_GENERIC_ERROR, ++ "VM snapshot not started\n"); ++ return; ++ } ++ ++ if (snap_state.state == SAVE_STATE_ACTIVE) { ++ snap_state.state = SAVE_STATE_CANCELLED; ++ return; ++ } ++ ++ if (snap_state.saved_vm_running) { ++ vm_start(); ++ } ++ ++ snap_state.state = SAVE_STATE_DONE; ++} ++ ++void qmp_snapshot_drive(const char *device, const char *name, Error **errp) ++{ ++ BlockBackend *blk; ++ BlockDriverState *bs; ++ QEMUSnapshotInfo sn1, *sn = &sn1; ++ int ret; ++#ifdef _WIN32 ++ struct _timeb tb; ++#else ++ struct timeval tv; ++#endif ++ ++ if (snap_state.state != SAVE_STATE_COMPLETED) { ++ error_set(errp, ERROR_CLASS_GENERIC_ERROR, ++ "VM snapshot not ready/started\n"); ++ return; ++ } ++ ++ blk = blk_by_name(device); ++ if (!blk) { ++ error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND, ++ "Device '%s' not found", device); ++ return; ++ } ++ ++ bs = blk_bs(blk); ++ if (!bdrv_is_inserted(bs)) { ++ error_setg(errp, QERR_DEVICE_HAS_NO_MEDIUM, device); ++ return; ++ } ++ ++ if (bdrv_is_read_only(bs)) { ++ error_setg(errp, "Node '%s' is read only", device); ++ return; ++ } ++ ++ if (!bdrv_can_snapshot(bs)) { ++ error_setg(errp, QERR_UNSUPPORTED); ++ return; ++ } ++ ++ if (bdrv_snapshot_find(bs, sn, name) >= 0) { ++ error_set(errp, ERROR_CLASS_GENERIC_ERROR, ++ "snapshot '%s' already exists", name); ++ return; ++ } ++ ++ sn = &sn1; ++ memset(sn, 0, sizeof(*sn)); ++ ++#ifdef _WIN32 ++ _ftime(&tb); ++ sn->date_sec = tb.time; ++ sn->date_nsec = tb.millitm * 1000000; ++#else ++ gettimeofday(&tv, NULL); ++ sn->date_sec = tv.tv_sec; ++ sn->date_nsec = tv.tv_usec * 1000; ++#endif ++ sn->vm_clock_nsec = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); ++ ++ pstrcpy(sn->name, sizeof(sn->name), name); ++ ++ sn->vm_state_size = 0; /* do not save state */ ++ ++ ret = bdrv_snapshot_create(bs, sn); ++ if (ret < 0) { ++ error_set(errp, ERROR_CLASS_GENERIC_ERROR, ++ "Error while creating snapshot on '%s'\n", device); ++ return; ++ } ++} ++ ++void qmp_delete_drive_snapshot(const char *device, const char *name, ++ Error **errp) ++{ ++ BlockBackend *blk; ++ BlockDriverState *bs; ++ QEMUSnapshotInfo sn1, *sn = &sn1; ++ Error *local_err = NULL; ++ ++ int ret; ++ ++ blk = blk_by_name(device); ++ if (!blk) { ++ error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND, ++ "Device '%s' not found", device); ++ return; ++ } ++ ++ bs = blk_bs(blk); ++ if (bdrv_is_read_only(bs)) { ++ error_setg(errp, "Node '%s' is read only", device); ++ return; ++ } ++ ++ if (!bdrv_can_snapshot(bs)) { ++ error_setg(errp, QERR_UNSUPPORTED); ++ return; ++ } ++ ++ if (bdrv_snapshot_find(bs, sn, name) < 0) { ++ /* return success if snapshot does not exists */ ++ return; ++ } ++ ++ ret = bdrv_snapshot_delete(bs, NULL, name, &local_err); ++ if (ret < 0) { ++ error_set(errp, ERROR_CLASS_GENERIC_ERROR, ++ "Error while deleting snapshot on '%s'\n", device); ++ return; ++ } ++} ++ ++static int loadstate_get_buffer(void *opaque, uint8_t *buf, int64_t pos, ++ int size) ++{ ++ BlockDriverState *bs = (BlockDriverState *)opaque; ++ int64_t maxlen = bdrv_getlength(bs); ++ if (pos > maxlen) { ++ return -EIO; ++ } ++ if ((pos + size) > maxlen) { ++ size = maxlen - pos - 1; ++ } ++ if (size == 0) { ++ return 0; ++ } ++ return bdrv_pread(bs, pos, buf, size); ++} ++ ++static const QEMUFileOps loadstate_file_ops = { ++ .get_buffer = loadstate_get_buffer, ++}; ++ ++int load_state_from_blockdev(const char *filename) ++{ ++ BlockDriverState *bs = NULL; ++ BlockDriver *drv = NULL; ++ Error *local_err = NULL; ++ Error *blocker = NULL; ++ ++ QEMUFile *f; ++ int ret; ++ ++ bs = bdrv_new(); ++ ret = bdrv_open(&bs, filename, NULL, NULL, 0, drv, &local_err); ++ error_setg(&blocker, "block device is in use by load state"); ++ bdrv_op_block_all(bs, blocker); ++ ++ if (ret < 0) { ++ error_report("Could not open VM state file"); ++ goto the_end; ++ } ++ ++ /* restore the VM state */ ++ f = qemu_fopen_ops(bs, &loadstate_file_ops); ++ if (!f) { ++ error_report("Could not open VM state file"); ++ ret = -EINVAL; ++ goto the_end; ++ } ++ ++ qemu_system_reset(VMRESET_SILENT); ++ migration_incoming_state_new(f); ++ ret = qemu_loadvm_state(f); ++ ++ qemu_fclose(f); ++ migration_incoming_state_destroy(); ++ if (ret < 0) { ++ error_report("Error %d while loading VM state", ret); ++ goto the_end; ++ } ++ ++ ret = 0; ++ ++ the_end: ++ if (bs) { ++ bdrv_op_unblock_all(bs, blocker); ++ error_free(blocker); ++ bdrv_unref(bs); ++ } ++ return ret; ++} +diff --git a/vl.c b/vl.c +index b226e0b..c01b1b5 100644 +--- a/vl.c ++++ b/vl.c +@@ -2962,6 +2962,7 @@ int main(int argc, char **argv, char **envp) + int optind; + const char *optarg; + const char *loadvm = NULL; ++ const char *loadstate = NULL; + MachineClass *machine_class; + const char *cpu_model; + const char *vga_model = NULL; +@@ -3603,6 +3604,9 @@ int main(int argc, char **argv, char **envp) + case QEMU_OPTION_loadvm: + loadvm = optarg; + break; ++ case QEMU_OPTION_loadstate: ++ loadstate = optarg; ++ break; + case QEMU_OPTION_full_screen: + full_screen = 1; + break; +@@ -4597,6 +4601,10 @@ int main(int argc, char **argv, char **envp) + if (load_vmstate(loadvm) < 0) { + autostart = 0; + } ++ } else if (loadstate) { ++ if (load_state_from_blockdev(loadstate) < 0) { ++ autostart = 0; ++ } + } + + qdev_prop_check_globals(); +-- +2.1.4 + diff --git a/debian/patches/pve/0023-backup-vma-allow-empty-backups.patch b/debian/patches/pve/0023-backup-vma-allow-empty-backups.patch new file mode 100644 index 0000000..d42a3d2 --- /dev/null +++ b/debian/patches/pve/0023-backup-vma-allow-empty-backups.patch @@ -0,0 +1,256 @@ +From e9b9fd9156a6631998ec4b4254fe2e91859b340a Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 16:31:51 +0100 +Subject: [PATCH 23/47] backup: vma: allow empty backups + +--- + vma-reader.c | 29 ++++++++++++------------- + vma-writer.c | 30 ++++++++++++++++---------- + vma.c | 70 ++++++++++++++++++++++++++++++++++++------------------------ + vma.h | 1 + + 4 files changed, 76 insertions(+), 54 deletions(-) + +diff --git a/vma-reader.c b/vma-reader.c +index 2aafb26..78f1de9 100644 +--- a/vma-reader.c ++++ b/vma-reader.c +@@ -326,11 +326,6 @@ static int vma_reader_read_head(VmaReader *vmar, Error **errp) + } + } + +- if (!count) { +- error_setg(errp, "vma does not contain data"); +- return -1; +- } +- + for (i = 0; i < VMA_MAX_CONFIGS; i++) { + uint32_t name_ptr = GUINT32_FROM_BE(h->config_names[i]); + uint32_t data_ptr = GUINT32_FROM_BE(h->config_data[i]); +@@ -822,16 +817,20 @@ static int vma_reader_restore_full(VmaReader *vmar, int vmstate_fd, + } + + if (verbose) { +- printf("total bytes read %zd, sparse bytes %zd (%.3g%%)\n", +- vmar->clusters_read*VMA_CLUSTER_SIZE, +- vmar->zero_cluster_data, +- (double)(100.0*vmar->zero_cluster_data)/ +- (vmar->clusters_read*VMA_CLUSTER_SIZE)); +- +- int64_t datasize = vmar->clusters_read*VMA_CLUSTER_SIZE-vmar->zero_cluster_data; +- if (datasize) { // this does not make sense for empty files +- printf("space reduction due to 4K zero blocks %.3g%%\n", +- (double)(100.0*vmar->partial_zero_cluster_data) / datasize); ++ if (vmar->clusters_read) { ++ printf("total bytes read %zd, sparse bytes %zd (%.3g%%)\n", ++ vmar->clusters_read*VMA_CLUSTER_SIZE, ++ vmar->zero_cluster_data, ++ (double)(100.0*vmar->zero_cluster_data)/ ++ (vmar->clusters_read*VMA_CLUSTER_SIZE)); ++ ++ int64_t datasize = vmar->clusters_read*VMA_CLUSTER_SIZE-vmar->zero_cluster_data; ++ if (datasize) { // this does not make sense for empty files ++ printf("space reduction due to 4K zero blocks %.3g%%\n", ++ (double)(100.0*vmar->partial_zero_cluster_data) / datasize); ++ } ++ } else { ++ printf("vma archive contains no image data\n"); + } + } + return ret; +diff --git a/vma-writer.c b/vma-writer.c +index 79b7fd4..0d26fc6 100644 +--- a/vma-writer.c ++++ b/vma-writer.c +@@ -252,7 +252,7 @@ vma_queue_write(VmaWriter *vmaw, const void *buf, size_t bytes) + } + + vmaw->co_writer = NULL; +- ++ + return (done == bytes) ? bytes : -1; + } + +@@ -376,10 +376,6 @@ static int coroutine_fn vma_write_header(VmaWriter *vmaw) + time_t ctime = time(NULL); + head->ctime = GUINT64_TO_BE(ctime); + +- if (!vmaw->stream_count) { +- return -1; +- } +- + for (i = 0; i < VMA_MAX_CONFIGS; i++) { + head->config_names[i] = GUINT32_TO_BE(vmaw->config_names[i]); + head->config_data[i] = GUINT32_TO_BE(vmaw->config_data[i]); +@@ -496,6 +492,23 @@ static int vma_count_open_streams(VmaWriter *vmaw) + return open_drives; + } + ++ ++/** ++ * You need to call this if the vma archive does not contain ++ * any data stream. ++ */ ++int coroutine_fn ++vma_writer_flush_output(VmaWriter *vmaw) ++{ ++ qemu_co_mutex_lock(&vmaw->flush_lock); ++ int ret = vma_writer_flush(vmaw); ++ qemu_co_mutex_unlock(&vmaw->flush_lock); ++ if (ret < 0) { ++ vma_writer_set_error(vmaw, "vma_writer_flush_header failed"); ++ } ++ return ret; ++} ++ + /** + * all jobs should call this when there is no more data + * Returns: number of remaining stream (0 ==> finished) +@@ -523,12 +536,7 @@ vma_writer_close_stream(VmaWriter *vmaw, uint8_t dev_id) + + if (open_drives <= 0) { + DPRINTF("vma_writer_set_status all drives completed\n"); +- qemu_co_mutex_lock(&vmaw->flush_lock); +- int ret = vma_writer_flush(vmaw); +- qemu_co_mutex_unlock(&vmaw->flush_lock); +- if (ret < 0) { +- vma_writer_set_error(vmaw, "vma_writer_close_stream: flush failed"); +- } ++ vma_writer_flush_output(vmaw); + } + + return open_drives; +diff --git a/vma.c b/vma.c +index c88a4358..08e4725 100644 +--- a/vma.c ++++ b/vma.c +@@ -27,7 +27,7 @@ static void help(void) + "\n" + "vma list \n" + "vma config [-c config]\n" +- "vma create [-c config] pathname ...\n" ++ "vma create [-c config] pathname ...\n" + "vma extract [-r ] \n" + "vma verify [-v]\n" + ; +@@ -395,6 +395,18 @@ typedef struct BackupJob { + + #define BACKUP_SECTORS_PER_CLUSTER (VMA_CLUSTER_SIZE / BDRV_SECTOR_SIZE) + ++static void coroutine_fn backup_run_empty(void *opaque) ++{ ++ VmaWriter *vmaw = (VmaWriter *)opaque; ++ ++ vma_writer_flush_output(vmaw); ++ ++ Error *err = NULL; ++ if (vma_writer_close(vmaw, &err) != 0) { ++ g_warning("vma_writer_close failed %s", error_get_pretty(err)); ++ } ++} ++ + static void coroutine_fn backup_run(void *opaque) + { + BackupJob *job = (BackupJob *)opaque; +@@ -468,8 +480,8 @@ static int create_archive(int argc, char **argv) + } + + +- /* make sure we have archive name and at least one path */ +- if ((optind + 2) > argc) { ++ /* make sure we an archive name */ ++ if ((optind + 1) > argc) { + help(); + } + +@@ -504,11 +516,11 @@ static int create_archive(int argc, char **argv) + l = g_list_next(l); + } + +- int ind = 0; ++ int devcount = 0; + while (optind < argc) { + const char *path = argv[optind++]; + char *devname = NULL; +- path = extract_devname(path, &devname, ind++); ++ path = extract_devname(path, &devname, devcount++); + + Error *errp = NULL; + BlockDriverState *bs; +@@ -539,37 +551,39 @@ static int create_archive(int argc, char **argv) + int percent = 0; + int last_percent = -1; + +- while (1) { +- main_loop_wait(false); +- vma_writer_get_status(vmaw, &vmastat); ++ if (devcount) { ++ while (1) { ++ main_loop_wait(false); ++ vma_writer_get_status(vmaw, &vmastat); ++ ++ if (verbose) { + +- if (verbose) { ++ uint64_t total = 0; ++ uint64_t transferred = 0; ++ uint64_t zero_bytes = 0; + +- uint64_t total = 0; +- uint64_t transferred = 0; +- uint64_t zero_bytes = 0; ++ int i; ++ for (i = 0; i < 256; i++) { ++ if (vmastat.stream_info[i].size) { ++ total += vmastat.stream_info[i].size; ++ transferred += vmastat.stream_info[i].transferred; ++ zero_bytes += vmastat.stream_info[i].zero_bytes; ++ } ++ } ++ percent = (transferred*100)/total; ++ if (percent != last_percent) { ++ fprintf(stderr, "progress %d%% %zd/%zd %zd\n", percent, ++ transferred, total, zero_bytes); ++ fflush(stderr); + +- int i; +- for (i = 0; i < 256; i++) { +- if (vmastat.stream_info[i].size) { +- total += vmastat.stream_info[i].size; +- transferred += vmastat.stream_info[i].transferred; +- zero_bytes += vmastat.stream_info[i].zero_bytes; ++ last_percent = percent; + } + } +- percent = (transferred*100)/total; +- if (percent != last_percent) { +- fprintf(stderr, "progress %d%% %zd/%zd %zd\n", percent, +- transferred, total, zero_bytes); +- fflush(stderr); + +- last_percent = percent; ++ if (vmastat.closed) { ++ break; + } + } +- +- if (vmastat.closed) { +- break; +- } + } else { + Coroutine *co = qemu_coroutine_create(backup_run_empty, vmaw); + qemu_coroutine_enter(co); +diff --git a/vma.h b/vma.h +index 98377e4..365ceb2 100644 +--- a/vma.h ++++ b/vma.h +@@ -128,6 +128,7 @@ int64_t coroutine_fn vma_writer_write(VmaWriter *vmaw, uint8_t dev_id, + size_t *zero_bytes); + + int coroutine_fn vma_writer_close_stream(VmaWriter *vmaw, uint8_t dev_id); ++int coroutine_fn vma_writer_flush_output(VmaWriter *vmaw); + + int vma_writer_get_status(VmaWriter *vmaw, VmaStatus *status); + void vma_writer_set_error(VmaWriter *vmaw, const char *fmt, ...); +-- +2.1.4 + diff --git a/debian/patches/pve/0024-qmp-add-get_link_status.patch b/debian/patches/pve/0024-qmp-add-get_link_status.patch new file mode 100644 index 0000000..ba944e3 --- /dev/null +++ b/debian/patches/pve/0024-qmp-add-get_link_status.patch @@ -0,0 +1,126 @@ +From e933992419bd8da2689a527ae95000891e687a2d Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 16:34:41 +0100 +Subject: [PATCH 24/47] qmp: add get_link_status + +--- + net/net.c | 27 +++++++++++++++++++++++++++ + qapi-schema.json | 15 +++++++++++++++ + qmp-commands.hx | 23 +++++++++++++++++++++++ + scripts/qapi.py | 2 ++ + 4 files changed, 67 insertions(+) + +diff --git a/net/net.c b/net/net.c +index 19b4d9e..5f890b7 100644 +--- a/net/net.c ++++ b/net/net.c +@@ -1362,6 +1362,33 @@ void hmp_info_network(Monitor *mon, const QDict *qdict) + } + } + ++int64_t qmp_get_link_status(const char *name, Error **errp) ++{ ++ NetClientState *ncs[MAX_QUEUE_NUM]; ++ NetClientState *nc; ++ int queues; ++ bool ret; ++ ++ queues = qemu_find_net_clients_except(name, ncs, ++ NET_CLIENT_DRIVER__MAX, ++ MAX_QUEUE_NUM); ++ ++ if (queues == 0) { ++ error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND, ++ "Device '%s' not found", name); ++ return (int64_t) -1; ++ } ++ ++ nc = ncs[0]; ++ ret = ncs[0]->link_down; ++ ++ if (nc->peer->info->type == NET_CLIENT_DRIVER_NIC) { ++ ret = ncs[0]->peer->link_down; ++ } ++ ++ return (int64_t) ret ? 0 : 1; ++} ++ + void qmp_set_link(const char *name, bool up, Error **errp) + { + NetClientState *ncs[MAX_QUEUE_NUM]; +diff --git a/qapi-schema.json b/qapi-schema.json +index 0c0faf7..d75e932 100644 +--- a/qapi-schema.json ++++ b/qapi-schema.json +@@ -1786,6 +1786,21 @@ + { 'command': 'set_link', 'data': {'name': 'str', 'up': 'bool'} } + + ## ++# @get_link_status ++# ++# Get the current link state of the nics or nic. ++# ++# @name: name of the nic you get the state of ++# ++# Return: If link is up 1 ++# If link is down 0 ++# If an error occure an empty string. ++# ++# Notes: this is an Proxmox VE extension and not offical part of Qemu. ++## ++{ 'command': 'get_link_status', 'data': {'name': 'str'}, 'returns': 'int'} ++ ++## + # @balloon: + # + # Request the balloon driver to change its balloon size. +diff --git a/qmp-commands.hx b/qmp-commands.hx +index 6342cd2..a84932a 100644 +--- a/qmp-commands.hx ++++ b/qmp-commands.hx +@@ -1883,6 +1883,29 @@ Example: + EQMP + + { ++ .name = "get_link_status", ++ .args_type = "name:s", ++ .mhandler.cmd_new = qmp_marshal_get_link_status, ++ }, ++ ++SQMP ++get_link_status ++-------- ++ ++Get the link status of a network adapter. ++ ++Arguments: ++ ++- "name": network device name (json-string) ++ ++Example: ++ ++-> { "execute": "get_link_status", "arguments": { "name": "e1000.0" } } ++<- { "return": {1} } ++ ++EQMP ++ ++ { + .name = "getfd", + .args_type = "fdname:s", + .params = "getfd name", +diff --git a/scripts/qapi.py b/scripts/qapi.py +index 21bc32f..f900659 100644 +--- a/scripts/qapi.py ++++ b/scripts/qapi.py +@@ -39,6 +39,8 @@ builtin_types = { + + # Whitelist of commands allowed to return a non-dictionary + returns_whitelist = [ ++ 'get_link_status', ++ + # From QMP: + 'human-monitor-command', + 'qom-get', +-- +2.1.4 + diff --git a/debian/patches/pve/0025-smm_available-false.patch b/debian/patches/pve/0025-smm_available-false.patch new file mode 100644 index 0000000..d51daee --- /dev/null +++ b/debian/patches/pve/0025-smm_available-false.patch @@ -0,0 +1,26 @@ +From e1682387e4bed2357e1030933481ab63f648249b Mon Sep 17 00:00:00 2001 +From: Alexandre Derumier +Date: Tue, 29 Sep 2015 15:37:44 +0200 +Subject: [PATCH 25/47] smm_available = false + +Signed-off-by: Alexandre Derumier +--- + hw/i386/pc.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/i386/pc.c b/hw/i386/pc.c +index ba8a5a1..9c206fc 100644 +--- a/hw/i386/pc.c ++++ b/hw/i386/pc.c +@@ -2084,7 +2084,7 @@ bool pc_machine_is_smm_enabled(PCMachineState *pcms) + if (tcg_enabled() || qtest_enabled()) { + smm_available = true; + } else if (kvm_enabled()) { +- smm_available = kvm_has_smm(); ++ smm_available = false; + } + + if (smm_available) { +-- +2.1.4 + diff --git a/debian/patches/pve/0026-use-whitespace-between-VERSION-and-PKGVERSION.patch b/debian/patches/pve/0026-use-whitespace-between-VERSION-and-PKGVERSION.patch new file mode 100644 index 0000000..b7547af --- /dev/null +++ b/debian/patches/pve/0026-use-whitespace-between-VERSION-and-PKGVERSION.patch @@ -0,0 +1,27 @@ +From 017016151cb8f9a364f0b0006603772620966d5a Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 16:50:05 +0100 +Subject: [PATCH 26/47] use whitespace between VERSION and PKGVERSION + +Our kvm version parser expects a white space or comma after +the version string, see PVE::QemuServer::kvm_user_version() +--- + vl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/vl.c b/vl.c +index c01b1b5..0b5a721 100644 +--- a/vl.c ++++ b/vl.c +@@ -1920,7 +1920,7 @@ static void main_loop(void) + + static void version(void) + { +- printf("QEMU emulator version " QEMU_VERSION QEMU_PKGVERSION ", " ++ printf("QEMU emulator version " QEMU_VERSION " " QEMU_PKGVERSION ", " + QEMU_COPYRIGHT "\n"); + } + +-- +2.1.4 + diff --git a/debian/patches/pve/0027-vma-add-firewall.patch b/debian/patches/pve/0027-vma-add-firewall.patch new file mode 100644 index 0000000..fbbefb2 --- /dev/null +++ b/debian/patches/pve/0027-vma-add-firewall.patch @@ -0,0 +1,158 @@ +From 3400a70a51015f119c12d3600943baae97aabb0f Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 9 Dec 2015 16:51:23 +0100 +Subject: [PATCH 27/47] vma: add firewall + +--- + blockdev.c | 78 ++++++++++++++++++++++++++++++++++---------------------- + hmp.c | 2 +- + qapi-schema.json | 1 + + qmp-commands.hx | 2 +- + 4 files changed, 51 insertions(+), 32 deletions(-) + +diff --git a/blockdev.c b/blockdev.c +index 2371cf3..bbb1502 100644 +--- a/blockdev.c ++++ b/blockdev.c +@@ -3157,6 +3157,44 @@ void qmp_backup_cancel(Error **errp) + } + } + ++static int config_to_vma(const char *file, BackupFormat format, ++ const char *backup_dir, VmaWriter *vmaw, ++ Error **errp) ++{ ++ char *cdata = NULL; ++ gsize clen = 0; ++ GError *err = NULL; ++ if (!g_file_get_contents(file, &cdata, &clen, &err)) { ++ error_setg(errp, "unable to read file '%s'", file); ++ return 1; ++ } ++ ++ char *basename = g_path_get_basename(file); ++ ++ if (format == BACKUP_FORMAT_VMA) { ++ if (vma_writer_add_config(vmaw, basename, cdata, clen) != 0) { ++ error_setg(errp, "unable to add %s config data to vma archive", file); ++ g_free(cdata); ++ g_free(basename); ++ return 1; ++ } ++ } else if (format == BACKUP_FORMAT_DIR) { ++ char config_path[PATH_MAX]; ++ snprintf(config_path, PATH_MAX, "%s/%s", backup_dir, basename); ++ if (!g_file_set_contents(config_path, cdata, clen, &err)) { ++ error_setg(errp, "unable to write config file '%s'", config_path); ++ g_free(cdata); ++ g_free(basename); ++ return 1; ++ } ++ } ++ ++ g_free(basename); ++ g_free(cdata); ++ ++ return 0; ++} ++ + bool block_job_should_pause(BlockJob *job); + static void pvebackup_run_next_job(void) + { +@@ -3184,6 +3222,7 @@ static void pvebackup_run_next_job(void) + UuidInfo *qmp_backup(const char *backup_file, bool has_format, + BackupFormat format, + bool has_config_file, const char *config_file, ++ bool has_firewall_file, const char *firewall_file, + bool has_devlist, const char *devlist, + bool has_speed, int64_t speed, Error **errp) + { +@@ -3335,38 +3374,17 @@ UuidInfo *qmp_backup(const char *backup_file, bool has_format, + + /* add configuration file to archive */ + if (has_config_file) { +- char *cdata = NULL; +- gsize clen = 0; +- GError *err = NULL; +- if (!g_file_get_contents(config_file, &cdata, &clen, &err)) { +- error_setg(errp, "unable to read file '%s'", config_file); +- goto err; +- } +- +- char *basename = g_path_get_basename(config_file); +- +- if (format == BACKUP_FORMAT_VMA) { +- if (vma_writer_add_config(vmaw, basename, cdata, clen) != 0) { +- error_setg(errp, "unable to add config data to vma archive"); +- g_free(cdata); +- g_free(basename); +- goto err; +- } +- } else if (format == BACKUP_FORMAT_DIR) { +- char config_path[PATH_MAX]; +- snprintf(config_path, PATH_MAX, "%s/%s", backup_dir, basename); +- if (!g_file_set_contents(config_path, cdata, clen, &err)) { +- error_setg(errp, "unable to write config file '%s'", config_path); +- g_free(cdata); +- g_free(basename); +- goto err; +- } +- } +- +- g_free(basename); +- g_free(cdata); ++ if(config_to_vma(config_file, format, backup_dir, vmaw, errp) != 0) { ++ goto err; ++ } + } + ++ /* add firewall file to archive */ ++ if (has_firewall_file) { ++ if(config_to_vma(firewall_file, format, backup_dir, vmaw, errp) != 0) { ++ goto err; ++ } ++ } + /* initialize global backup_state now */ + + backup_state.cancel = false; +diff --git a/hmp.c b/hmp.c +index 030fd97..5c5e8ed 100644 +--- a/hmp.c ++++ b/hmp.c +@@ -1550,7 +1550,7 @@ void hmp_backup(Monitor *mon, const QDict *qdict) + int64_t speed = qdict_get_try_int(qdict, "speed", 0); + + qmp_backup(backup_file, true, dir ? BACKUP_FORMAT_DIR : BACKUP_FORMAT_VMA, +- false, NULL, !!devlist, ++ false, NULL, false, NULL, !!devlist, + devlist, qdict_haskey(qdict, "speed"), speed, &error); + + hmp_handle_error(mon, &error); +diff --git a/qapi-schema.json b/qapi-schema.json +index d75e932..7bb0ee0 100644 +--- a/qapi-schema.json ++++ b/qapi-schema.json +@@ -420,6 +420,7 @@ + { 'command': 'backup', 'data': { 'backup-file': 'str', + '*format': 'BackupFormat', + '*config-file': 'str', ++ '*firewall-file': 'str', + '*devlist': 'str', '*speed': 'int' }, + 'returns': 'UuidInfo' } + +diff --git a/qmp-commands.hx b/qmp-commands.hx +index a84932a..94cfac2 100644 +--- a/qmp-commands.hx ++++ b/qmp-commands.hx +@@ -1315,7 +1315,7 @@ EQMP + + { + .name = "backup", +- .args_type = "backup-file:s,format:s?,config-file:F?,speed:o?,devlist:s?", ++ .args_type = "backup-file:s,format:s?,config-file:F?,firewall-file:F?,speed:o?,devlist:s?", + .mhandler.cmd_new = qmp_marshal_backup, + }, + +-- +2.1.4 + diff --git a/debian/patches/pve/0028-savevm-async-migration-and-bdrv_open-update.patch b/debian/patches/pve/0028-savevm-async-migration-and-bdrv_open-update.patch new file mode 100644 index 0000000..f4c8276 --- /dev/null +++ b/debian/patches/pve/0028-savevm-async-migration-and-bdrv_open-update.patch @@ -0,0 +1,101 @@ +From d5ef7dd4d2b53e4868289dca3770724cb9597ec5 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Thu, 10 Dec 2015 15:14:00 +0100 +Subject: [PATCH 28/47] savevm-async: migration and bdrv_open update + +--- + savevm-async.c | 25 ++++++++++++------------- + 1 file changed, 12 insertions(+), 13 deletions(-) + +diff --git a/savevm-async.c b/savevm-async.c +index ae7ea84..7979435 100644 +--- a/savevm-async.c ++++ b/savevm-async.c +@@ -154,10 +154,10 @@ static int block_state_close(void *opaque) + return bdrv_flush(snap_state.bs); + } + +-static int block_state_put_buffer(void *opaque, const uint8_t *buf, +- int64_t pos, int size) ++static ssize_t block_state_put_buffer(void *opaque, const uint8_t *buf, ++ int64_t pos, size_t size) + { +- int ret; ++ ssize_t ret; + + assert(pos == snap_state.bs_pos); + +@@ -201,12 +201,13 @@ static void process_savevm_co(void *opaque) + } + + while (snap_state.state == SAVE_STATE_ACTIVE) { +- uint64_t pending_size; ++ uint64_t pending_size, pend_post, pend_nonpost; + +- pending_size = qemu_savevm_state_pending(snap_state.file, 0); ++ qemu_savevm_state_pending(snap_state.file, 0, &pend_nonpost, &pend_post); ++ pending_size = pend_post + pend_nonpost; + + if (pending_size) { +- ret = qemu_savevm_state_iterate(snap_state.file); ++ ret = qemu_savevm_state_iterate(snap_state.file, false); + if (ret < 0) { + save_snapshot_error("qemu_savevm_state_iterate error %d", ret); + break; +@@ -217,7 +218,7 @@ static void process_savevm_co(void *opaque) + if (store_and_stop()) + break; + DPRINTF("savevm inerate finished\n"); +- qemu_savevm_state_complete_precopy(snap_state.file); ++ qemu_savevm_state_complete_precopy(snap_state.file, false); + DPRINTF("save complete\n"); + save_snapshot_completed(); + break; +@@ -250,7 +251,6 @@ static const QEMUFileOps block_file_ops = { + + void qmp_savevm_start(bool has_statefile, const char *statefile, Error **errp) + { +- BlockDriver *drv = NULL; + Error *local_err = NULL; + + int bdrv_oflags = BDRV_O_RDWR; +@@ -289,7 +289,7 @@ void qmp_savevm_start(bool has_statefile, const char *statefile, Error **errp) + QDict *options = NULL; + options = qdict_new(); + qdict_put(options, "driver", qstring_from_str("raw")); +- ret = bdrv_open(&snap_state.bs, statefile, NULL, options, bdrv_oflags, drv, &local_err); ++ ret = bdrv_open(&snap_state.bs, statefile, NULL, options, bdrv_oflags, &local_err); + if (ret < 0) { + error_set(errp, ERROR_CLASS_GENERIC_ERROR, "failed to open '%s'", statefile); + goto restart; +@@ -454,8 +454,8 @@ void qmp_delete_drive_snapshot(const char *device, const char *name, + } + } + +-static int loadstate_get_buffer(void *opaque, uint8_t *buf, int64_t pos, +- int size) ++static ssize_t loadstate_get_buffer(void *opaque, uint8_t *buf, int64_t pos, ++ size_t size) + { + BlockDriverState *bs = (BlockDriverState *)opaque; + int64_t maxlen = bdrv_getlength(bs); +@@ -478,7 +478,6 @@ static const QEMUFileOps loadstate_file_ops = { + int load_state_from_blockdev(const char *filename) + { + BlockDriverState *bs = NULL; +- BlockDriver *drv = NULL; + Error *local_err = NULL; + Error *blocker = NULL; + +@@ -486,7 +485,7 @@ int load_state_from_blockdev(const char *filename) + int ret; + + bs = bdrv_new(); +- ret = bdrv_open(&bs, filename, NULL, NULL, 0, drv, &local_err); ++ ret = bdrv_open(&bs, filename, NULL, NULL, 0, &local_err); + error_setg(&blocker, "block device is in use by load state"); + bdrv_op_block_all(bs, blocker); + +-- +2.1.4 + diff --git a/debian/patches/pve/0029-vnc-make-x509-imply-tls-again.patch b/debian/patches/pve/0029-vnc-make-x509-imply-tls-again.patch new file mode 100644 index 0000000..df15432 --- /dev/null +++ b/debian/patches/pve/0029-vnc-make-x509-imply-tls-again.patch @@ -0,0 +1,28 @@ +From d42052d75321a1af75b039f8e31127b98485ec93 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Tue, 12 Jan 2016 09:09:49 +0100 +Subject: [PATCH 29/47] vnc: make x509 imply tls again + +--- + ui/vnc.c | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +diff --git a/ui/vnc.c b/ui/vnc.c +index b9f36b5..acbe3bd 100644 +--- a/ui/vnc.c ++++ b/ui/vnc.c +@@ -3729,9 +3729,8 @@ void vnc_display_open(const char *id, Error **errp) + const char *path; + bool tls = false, x509 = false, x509verify = false; + tls = qemu_opt_get_bool(opts, "tls", false); +- if (tls) { +- path = qemu_opt_get(opts, "x509"); +- ++ path = qemu_opt_get(opts, "x509"); ++ if (tls || path) { + if (path) { + x509 = true; + } else { +-- +2.1.4 + diff --git a/debian/patches/pve/0030-PVE-VNC-authentication.patch b/debian/patches/pve/0030-PVE-VNC-authentication.patch new file mode 100644 index 0000000..5620655 --- /dev/null +++ b/debian/patches/pve/0030-PVE-VNC-authentication.patch @@ -0,0 +1,683 @@ +From 51dd4df80640e1671de73c014c6273b154df920a Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Mon, 11 Jan 2016 10:40:31 +0100 +Subject: [PATCH 30/47] PVE VNC authentication + +--- + crypto/tlscreds.c | 47 +++++++++++ + crypto/tlscredspriv.h | 2 + + crypto/tlscredsx509.c | 13 ++-- + crypto/tlssession.c | 1 + + include/crypto/tlscreds.h | 1 + + include/ui/console.h | 1 + + qemu-options.hx | 3 + + ui/vnc-auth-vencrypt.c | 194 ++++++++++++++++++++++++++++++++++++++-------- + ui/vnc.c | 140 ++++++++++++++++++++++++++++++++- + ui/vnc.h | 4 + + vl.c | 9 +++ + 11 files changed, 375 insertions(+), 40 deletions(-) + +diff --git a/crypto/tlscreds.c b/crypto/tlscreds.c +index a896553..e9ae13c 100644 +--- a/crypto/tlscreds.c ++++ b/crypto/tlscreds.c +@@ -158,6 +158,33 @@ qcrypto_tls_creds_prop_get_verify(Object *obj, + + + static void ++qcrypto_tls_creds_prop_set_pve(Object *obj, ++ bool value, ++ Error **errp G_GNUC_UNUSED) ++{ ++ QCryptoTLSCreds *creds = QCRYPTO_TLS_CREDS(obj); ++ ++ creds->pve = value; ++} ++ ++ ++static bool ++qcrypto_tls_creds_prop_get_pve(Object *obj, ++ Error **errp G_GNUC_UNUSED) ++{ ++ QCryptoTLSCreds *creds = QCRYPTO_TLS_CREDS(obj); ++ ++ return creds->pve; ++} ++ ++bool qcrypto_tls_creds_is_pve(QCryptoTLSCreds *creds) ++{ ++ Error *errp = NULL; ++ return qcrypto_tls_creds_prop_get_pve((Object*)creds, &errp); ++} ++ ++ ++static void + qcrypto_tls_creds_prop_set_dir(Object *obj, + const char *value, + Error **errp G_GNUC_UNUSED) +@@ -250,6 +277,26 @@ qcrypto_tls_creds_init(Object *obj) + QCryptoTLSCreds *creds = QCRYPTO_TLS_CREDS(obj); + + creds->verifyPeer = true; ++ creds->pve = false; ++ ++ object_property_add_bool(obj, "verify-peer", ++ qcrypto_tls_creds_prop_get_verify, ++ qcrypto_tls_creds_prop_set_verify, ++ NULL); ++ object_property_add_bool(obj, "pve", ++ qcrypto_tls_creds_prop_get_pve, ++ qcrypto_tls_creds_prop_set_pve, ++ NULL); ++ object_property_add_str(obj, "dir", ++ qcrypto_tls_creds_prop_get_dir, ++ qcrypto_tls_creds_prop_set_dir, ++ NULL); ++ object_property_add_enum(obj, "endpoint", ++ "QCryptoTLSCredsEndpoint", ++ QCryptoTLSCredsEndpoint_lookup, ++ qcrypto_tls_creds_prop_get_endpoint, ++ qcrypto_tls_creds_prop_set_endpoint, ++ NULL); + } + + +diff --git a/crypto/tlscredspriv.h b/crypto/tlscredspriv.h +index 13e9b6c..0356acc 100644 +--- a/crypto/tlscredspriv.h ++++ b/crypto/tlscredspriv.h +@@ -36,6 +36,8 @@ int qcrypto_tls_creds_get_dh_params_file(QCryptoTLSCreds *creds, + gnutls_dh_params_t *dh_params, + Error **errp); + ++bool qcrypto_tls_creds_is_pve(QCryptoTLSCreds *creds); ++ + #endif + + #endif /* QCRYPTO_TLSCREDSPRIV_H */ +diff --git a/crypto/tlscredsx509.c b/crypto/tlscredsx509.c +index 520d34d..1ba971c 100644 +--- a/crypto/tlscredsx509.c ++++ b/crypto/tlscredsx509.c +@@ -555,22 +555,23 @@ qcrypto_tls_creds_x509_load(QCryptoTLSCredsX509 *creds, + *key = NULL, *dhparams = NULL; + int ret; + int rv = -1; ++ bool pve = qcrypto_tls_creds_is_pve(&creds->parent_obj); + + trace_qcrypto_tls_creds_x509_load(creds, + creds->parent_obj.dir ? creds->parent_obj.dir : ""); + + if (creds->parent_obj.endpoint == QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) { + if (qcrypto_tls_creds_get_path(&creds->parent_obj, +- QCRYPTO_TLS_CREDS_X509_CA_CERT, ++ pve ? "pve-root-ca.pem" : QCRYPTO_TLS_CREDS_X509_CA_CERT, + true, &cacert, errp) < 0 || + qcrypto_tls_creds_get_path(&creds->parent_obj, + QCRYPTO_TLS_CREDS_X509_CA_CRL, + false, &cacrl, errp) < 0 || + qcrypto_tls_creds_get_path(&creds->parent_obj, +- QCRYPTO_TLS_CREDS_X509_SERVER_CERT, ++ pve ? "local/pve-ssl.pem" : QCRYPTO_TLS_CREDS_X509_SERVER_CERT, + true, &cert, errp) < 0 || + qcrypto_tls_creds_get_path(&creds->parent_obj, +- QCRYPTO_TLS_CREDS_X509_SERVER_KEY, ++ pve ? "local/pve-ssl.key" : QCRYPTO_TLS_CREDS_X509_SERVER_KEY, + true, &key, errp) < 0 || + qcrypto_tls_creds_get_path(&creds->parent_obj, + QCRYPTO_TLS_CREDS_DH_PARAMS, +@@ -579,13 +580,13 @@ qcrypto_tls_creds_x509_load(QCryptoTLSCredsX509 *creds, + } + } else { + if (qcrypto_tls_creds_get_path(&creds->parent_obj, +- QCRYPTO_TLS_CREDS_X509_CA_CERT, ++ pve ? "pve-root-ca.pem" : QCRYPTO_TLS_CREDS_X509_CA_CERT, + true, &cacert, errp) < 0 || + qcrypto_tls_creds_get_path(&creds->parent_obj, +- QCRYPTO_TLS_CREDS_X509_CLIENT_CERT, ++ pve ? "local/pve-ssl.pem" : QCRYPTO_TLS_CREDS_X509_CLIENT_CERT, + false, &cert, errp) < 0 || + qcrypto_tls_creds_get_path(&creds->parent_obj, +- QCRYPTO_TLS_CREDS_X509_CLIENT_KEY, ++ pve ? "local/pve-ssl.key" : QCRYPTO_TLS_CREDS_X509_CLIENT_KEY, + false, &key, errp) < 0) { + goto cleanup; + } +diff --git a/crypto/tlssession.c b/crypto/tlssession.c +index 2de42c6..768466a 100644 +--- a/crypto/tlssession.c ++++ b/crypto/tlssession.c +@@ -23,6 +23,7 @@ + #include "crypto/tlscredsanon.h" + #include "crypto/tlscredsx509.h" + #include "qapi/error.h" ++#include "crypto/tlscredspriv.h" + #include "qemu/acl.h" + #include "trace.h" + +diff --git a/include/crypto/tlscreds.h b/include/crypto/tlscreds.h +index ad47d88..f86d379 100644 +--- a/include/crypto/tlscreds.h ++++ b/include/crypto/tlscreds.h +@@ -55,6 +55,7 @@ struct QCryptoTLSCreds { + #endif + bool verifyPeer; + char *priority; ++ bool pve; + }; + + +diff --git a/include/ui/console.h b/include/ui/console.h +index 2703a3a..db6dd22 100644 +--- a/include/ui/console.h ++++ b/include/ui/console.h +@@ -456,6 +456,7 @@ static inline void cocoa_display_init(DisplayState *ds, int full_screen) + #endif + + /* vnc.c */ ++void pve_auth_setup(int vmid); + void vnc_display_init(const char *id); + void vnc_display_open(const char *id, Error **errp); + void vnc_display_add_client(const char *id, int csock, bool skipauth); +diff --git a/qemu-options.hx b/qemu-options.hx +index 37fad3b..f943ae6 100644 +--- a/qemu-options.hx ++++ b/qemu-options.hx +@@ -473,6 +473,9 @@ STEXI + @table @option + ETEXI + ++DEF("id", HAS_ARG, QEMU_OPTION_id, ++ "-id n set the VMID\n", QEMU_ARCH_ALL) ++ + DEF("fda", HAS_ARG, QEMU_OPTION_fda, + "-fda/-fdb file use 'file' as floppy disk 0/1 image\n", QEMU_ARCH_ALL) + DEF("fdb", HAS_ARG, QEMU_OPTION_fdb, "", QEMU_ARCH_ALL) +diff --git a/ui/vnc-auth-vencrypt.c b/ui/vnc-auth-vencrypt.c +index 11c8c9a..d11f1df 100644 +--- a/ui/vnc-auth-vencrypt.c ++++ b/ui/vnc-auth-vencrypt.c +@@ -28,6 +28,107 @@ + #include "vnc.h" + #include "qapi/error.h" + #include "qemu/main-loop.h" ++#include "qemu/sockets.h" ++ ++static int protocol_client_auth_plain(VncState *vs, uint8_t *data, size_t len) ++{ ++ const char *err = NULL; ++ char username[256]; ++ char passwd[512]; ++ ++ char clientip[256]; ++ clientip[0] = 0; ++ struct sockaddr_in client; ++ socklen_t addrlen = sizeof(client); ++ if (getpeername(vs->csock, &client, &addrlen) == 0) { ++ inet_ntop(client.sin_family, &client.sin_addr, ++ clientip, sizeof(clientip)); ++ } ++ ++ if ((len != (vs->username_len + vs->password_len)) || ++ (vs->username_len >= (sizeof(username)-1)) || ++ (vs->password_len >= (sizeof(passwd)-1)) ) { ++ err = "Got unexpected data length"; ++ goto err; ++ } ++ ++ strncpy(username, (char *)data, vs->username_len); ++ username[vs->username_len] = 0; ++ strncpy(passwd, (char *)data + vs->username_len, vs->password_len); ++ passwd[vs->password_len] = 0; ++ ++ VNC_DEBUG("AUTH PLAIN username: %s pw: %s\n", username, passwd); ++ ++ if (pve_auth_verify(clientip, username, passwd) == 0) { ++ vnc_write_u32(vs, 0); /* Accept auth completion */ ++ start_client_init(vs); ++ return 0; ++ } ++ ++ err = "Authentication failed"; ++err: ++ if (err) { ++ VNC_DEBUG("AUTH PLAIN ERROR: %s\n", err); ++ vnc_write_u32(vs, 1); /* Reject auth */ ++ if (vs->minor >= 8) { ++ int elen = strlen(err); ++ vnc_write_u32(vs, elen); ++ vnc_write(vs, err, elen); ++ } ++ } ++ vnc_flush(vs); ++ vnc_client_error(vs); ++ ++ return 0; ++ ++} ++ ++static int protocol_client_auth_plain_start(VncState *vs, uint8_t *data, size_t len) ++{ ++ uint32_t ulen = read_u32(data, 0); ++ uint32_t pwlen = read_u32(data, 4); ++ const char *err = NULL; ++ ++ VNC_DEBUG("AUTH PLAIN START %u %u\n", ulen, pwlen); ++ ++ if (!ulen) { ++ err = "No User name."; ++ goto err; ++ } ++ if (ulen >= 255) { ++ err = "User name too long."; ++ goto err; ++ } ++ if (!pwlen) { ++ err = "Password too short"; ++ goto err; ++ } ++ if (pwlen >= 511) { ++ err = "Password too long."; ++ goto err; ++ } ++ ++ vs->username_len = ulen; ++ vs->password_len = pwlen; ++ ++ vnc_read_when(vs, protocol_client_auth_plain, ulen + pwlen); ++ ++ return 0; ++err: ++ if (err) { ++ VNC_DEBUG("AUTH PLAIN ERROR: %s\n", err); ++ vnc_write_u32(vs, 1); /* Reject auth */ ++ if (vs->minor >= 8) { ++ int elen = strlen(err); ++ vnc_write_u32(vs, elen); ++ vnc_write(vs, err, elen); ++ } ++ } ++ vnc_flush(vs); ++ vnc_client_error(vs); ++ ++ return 0; ++} + + static void start_auth_vencrypt_subauth(VncState *vs) + { +@@ -39,6 +140,17 @@ static void start_auth_vencrypt_subauth(VncState *vs) + start_client_init(vs); + break; + ++ case VNC_AUTH_VENCRYPT_TLSPLAIN: ++ case VNC_AUTH_VENCRYPT_X509PLAIN: ++ VNC_DEBUG("Start TLS auth PLAIN\n"); ++ vnc_read_when(vs, protocol_client_auth_plain_start, 8); ++ break; ++ ++ case VNC_AUTH_VENCRYPT_PLAIN: ++ VNC_DEBUG("Start auth PLAIN\n"); ++ vnc_read_when(vs, protocol_client_auth_plain_start, 8); ++ break; ++ + case VNC_AUTH_VENCRYPT_TLSVNC: + case VNC_AUTH_VENCRYPT_X509VNC: + VNC_DEBUG("Start TLS auth VNC\n"); +@@ -87,44 +199,63 @@ static int protocol_client_vencrypt_auth(VncState *vs, uint8_t *data, size_t len + { + int auth = read_u32(data, 0); + +- if (auth != vs->subauth) { ++ if (auth != vs->subauth && auth != VNC_AUTH_VENCRYPT_PLAIN) { + VNC_DEBUG("Rejecting auth %d\n", auth); + vnc_write_u8(vs, 0); /* Reject auth */ + vnc_flush(vs); + vnc_client_error(vs); + } else { +- Error *err = NULL; +- QIOChannelTLS *tls; +- VNC_DEBUG("Accepting auth %d, setting up TLS for handshake\n", auth); +- vnc_write_u8(vs, 1); /* Accept auth */ +- vnc_flush(vs); +- +- if (vs->ioc_tag) { +- g_source_remove(vs->ioc_tag); +- vs->ioc_tag = 0; ++ if (auth == VNC_AUTH_VENCRYPT_PLAIN) { ++ vs->subauth = auth; ++ start_auth_vencrypt_subauth(vs); + } ++ else ++ { ++ Error *err = NULL; ++ QIOChannelTLS *tls; ++ VNC_DEBUG("Accepting auth %d, setting up TLS for handshake\n", auth); ++ vnc_write_u8(vs, 1); /* Accept auth */ ++ vnc_flush(vs); + +- tls = qio_channel_tls_new_server( +- vs->ioc, +- vs->vd->tlscreds, +- vs->vd->tlsaclname, +- &err); +- if (!tls) { +- VNC_DEBUG("Failed to setup TLS %s\n", error_get_pretty(err)); +- error_free(err); +- vnc_client_error(vs); +- return 0; +- } ++ if (vs->ioc_tag) { ++ g_source_remove(vs->ioc_tag); ++ vs->ioc_tag = 0; ++ } + +- VNC_DEBUG("Start TLS VeNCrypt handshake process\n"); +- object_unref(OBJECT(vs->ioc)); +- vs->ioc = QIO_CHANNEL(tls); +- vs->tls = qio_channel_tls_get_session(tls); ++ tls = qio_channel_tls_new_server( ++ vs->ioc, ++ vs->vd->tlscreds, ++ vs->vd->tlsaclname, ++ &err); ++ if (!tls) { ++ VNC_DEBUG("Failed to setup TLS %s\n", error_get_pretty(err)); ++ error_free(err); ++ vnc_client_error(vs); ++ return 0; ++ vs->tls = qcrypto_tls_session_new(vs->vd->tlscreds, ++ NULL, ++ vs->vd->tlsaclname, ++ QCRYPTO_TLS_CREDS_ENDPOINT_SERVER, ++ &err); ++ if (!vs->tls) { ++ VNC_DEBUG("Failed to setup TLS %s\n", ++ error_get_pretty(err)); ++ error_free(err); ++ vnc_client_error(vs); ++ return 0; ++ } ++ } + +- qio_channel_tls_handshake(tls, +- vnc_tls_handshake_done, +- vs, +- NULL); ++ VNC_DEBUG("Start TLS VeNCrypt handshake process\n"); ++ object_unref(OBJECT(vs->ioc)); ++ vs->ioc = QIO_CHANNEL(tls); ++ vs->tls = qio_channel_tls_get_session(tls); ++ ++ qio_channel_tls_handshake(tls, ++ vnc_tls_handshake_done, ++ vs, ++ NULL); ++ } + } + return 0; + } +@@ -138,10 +269,11 @@ static int protocol_client_vencrypt_init(VncState *vs, uint8_t *data, size_t len + vnc_flush(vs); + vnc_client_error(vs); + } else { +- VNC_DEBUG("Sending allowed auth %d\n", vs->subauth); ++ VNC_DEBUG("Sending allowed auths %d %d\n", vs->subauth, VNC_AUTH_VENCRYPT_PLAIN); + vnc_write_u8(vs, 0); /* Accept version */ +- vnc_write_u8(vs, 1); /* Number of sub-auths */ ++ vnc_write_u8(vs, 2); /* Number of sub-auths */ + vnc_write_u32(vs, vs->subauth); /* The supported auth */ ++ vnc_write_u32(vs, VNC_AUTH_VENCRYPT_PLAIN); /* Alternative supported auth */ + vnc_flush(vs); + vnc_read_when(vs, protocol_client_vencrypt_auth, 4); + } +diff --git a/ui/vnc.c b/ui/vnc.c +index acbe3bd..2a18a20 100644 +--- a/ui/vnc.c ++++ b/ui/vnc.c +@@ -55,6 +55,125 @@ static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 }; + #include "vnc_keysym.h" + #include "crypto/cipher.h" + ++static int pve_vmid = 0; ++ ++void pve_auth_setup(int vmid) { ++ pve_vmid = vmid; ++} ++ ++static char * ++urlencode(char *buf, const char *value) ++{ ++ static const char *hexchar = "0123456789abcdef"; ++ char *p = buf; ++ int i; ++ int l = strlen(value); ++ for (i = 0; i < l; i++) { ++ char c = value[i]; ++ if (('a' <= c && c <= 'z') || ++ ('A' <= c && c <= 'Z') || ++ ('0' <= c && c <= '9')) { ++ *p++ = c; ++ } else if (c == 32) { ++ *p++ = '+'; ++ } else { ++ *p++ = '%'; ++ *p++ = hexchar[c >> 4]; ++ *p++ = hexchar[c & 15]; ++ } ++ } ++ *p = 0; ++ ++ return p; ++} ++ ++int ++pve_auth_verify(const char *clientip, const char *username, const char *passwd) ++{ ++ struct sockaddr_in server; ++ ++ int sfd = socket(AF_INET, SOCK_STREAM, 0); ++ if (sfd == -1) { ++ perror("pve_auth_verify: socket failed"); ++ return -1; ++ } ++ ++ struct hostent *he; ++ if ((he = gethostbyname("localhost")) == NULL) { ++ fprintf(stderr, "pve_auth_verify: error resolving hostname\n"); ++ goto err; ++ } ++ ++ memcpy(&server.sin_addr, he->h_addr_list[0], he->h_length); ++ server.sin_family = AF_INET; ++ server.sin_port = htons(85); ++ ++ if (connect(sfd, (struct sockaddr *)&server, sizeof(server))) { ++ perror("pve_auth_verify: error connecting to server"); ++ goto err; ++ } ++ ++ char buf[8192]; ++ char form[8192]; ++ ++ char *p = form; ++ p = urlencode(p, "username"); ++ *p++ = '='; ++ p = urlencode(p, username); ++ ++ *p++ = '&'; ++ p = urlencode(p, "password"); ++ *p++ = '='; ++ p = urlencode(p, passwd); ++ ++ *p++ = '&'; ++ p = urlencode(p, "path"); ++ *p++ = '='; ++ char authpath[256]; ++ sprintf(authpath, "/vms/%d", pve_vmid); ++ p = urlencode(p, authpath); ++ ++ *p++ = '&'; ++ p = urlencode(p, "privs"); ++ *p++ = '='; ++ p = urlencode(p, "VM.Console"); ++ ++ sprintf(buf, "POST /api2/json/access/ticket HTTP/1.1\n" ++ "Host: localhost:85\n" ++ "Connection: close\n" ++ "PVEClientIP: %s\n" ++ "Content-Type: application/x-www-form-urlencoded\n" ++ "Content-Length: %zd\n\n%s\n", clientip, strlen(form), form); ++ ssize_t len = strlen(buf); ++ ssize_t sb = send(sfd, buf, len, 0); ++ if (sb < 0) { ++ perror("pve_auth_verify: send failed"); ++ goto err; ++ } ++ if (sb != len) { ++ fprintf(stderr, "pve_auth_verify: partial send error\n"); ++ goto err; ++ } ++ ++ len = recv(sfd, buf, sizeof(buf) - 1, 0); ++ if (len < 0) { ++ perror("pve_auth_verify: recv failed"); ++ goto err; ++ } ++ ++ buf[len] = 0; ++ ++ //printf("DATA:%s\n", buf); ++ ++ shutdown(sfd, SHUT_RDWR); ++ ++ return strncmp(buf, "HTTP/1.1 200 OK", 15); ++ ++err: ++ shutdown(sfd, SHUT_RDWR); ++ return -1; ++} ++ + static QTAILQ_HEAD(, VncDisplay) vnc_displays = + QTAILQ_HEAD_INITIALIZER(vnc_displays); + +@@ -3413,11 +3532,17 @@ vnc_display_setup_auth(VncDisplay *vs, + if (object_dynamic_cast(OBJECT(vs->tlscreds), + TYPE_QCRYPTO_TLS_CREDS_X509)) { + VNC_DEBUG("Initializing VNC server with x509 password auth\n"); +- vs->subauth = VNC_AUTH_VENCRYPT_X509VNC; ++ if (vs->tlscreds->pve) ++ vs->subauth = VNC_AUTH_VENCRYPT_X509PLAIN; ++ else ++ vs->subauth = VNC_AUTH_VENCRYPT_X509VNC; + } else if (object_dynamic_cast(OBJECT(vs->tlscreds), + TYPE_QCRYPTO_TLS_CREDS_ANON)) { + VNC_DEBUG("Initializing VNC server with TLS password auth\n"); +- vs->subauth = VNC_AUTH_VENCRYPT_TLSVNC; ++ if (vs->tlscreds->pve) ++ vs->subauth = VNC_AUTH_VENCRYPT_TLSPLAIN; ++ else ++ vs->subauth = VNC_AUTH_VENCRYPT_TLSVNC; + } else { + error_setg(errp, + "Unsupported TLS cred type %s", +@@ -3508,6 +3633,7 @@ vnc_display_create_creds(bool x509, + bool x509verify, + const char *dir, + const char *id, ++ bool pve, + Error **errp) + { + gchar *credsid = g_strdup_printf("tlsvnc%s", id); +@@ -3523,6 +3649,7 @@ vnc_display_create_creds(bool x509, + "endpoint", "server", + "dir", dir, + "verify-peer", x509verify ? "yes" : "no", ++ "pve", pve ? "yes" : "no", + NULL); + } else { + creds = object_new_with_props(TYPE_QCRYPTO_TLS_CREDS_ANON, +@@ -3530,6 +3657,7 @@ vnc_display_create_creds(bool x509, + credsid, + &err, + "endpoint", "server", ++ "pve", pve ? "yes" : "no", + NULL); + } + +@@ -3727,12 +3855,17 @@ void vnc_display_open(const char *id, Error **errp) + } + } else { + const char *path; +- bool tls = false, x509 = false, x509verify = false; ++ bool tls = false, x509 = false, x509verify = false, pve = false; + tls = qemu_opt_get_bool(opts, "tls", false); + path = qemu_opt_get(opts, "x509"); + if (tls || path) { + if (path) { + x509 = true; ++ if (!strcmp(path, "on")) { ++ /* magic to default to /etc/pve */ ++ path = "/etc/pve"; ++ pve = true; ++ } + } else { + path = qemu_opt_get(opts, "x509verify"); + if (path) { +@@ -3744,6 +3877,7 @@ void vnc_display_open(const char *id, Error **errp) + x509verify, + path, + vs->id, ++ pve, + errp); + if (!vs->tlscreds) { + goto fail; +diff --git a/ui/vnc.h b/ui/vnc.h +index ab5f244..2fde9d3 100644 +--- a/ui/vnc.h ++++ b/ui/vnc.h +@@ -282,6 +282,8 @@ struct VncState + int auth; + int subauth; /* Used by VeNCrypt */ + char challenge[VNC_AUTH_CHALLENGE_SIZE]; ++ int username_len; ++ int password_len; + QCryptoTLSSession *tls; /* Borrowed pointer from channel, don't free */ + #ifdef CONFIG_VNC_SASL + VncStateSASL sasl; +@@ -577,4 +579,6 @@ int vnc_zrle_send_framebuffer_update(VncState *vs, int x, int y, int w, int h); + int vnc_zywrle_send_framebuffer_update(VncState *vs, int x, int y, int w, int h); + void vnc_zrle_clear(VncState *vs); + ++int pve_auth_verify(const char *clientip, const char *username, const char *passwd); ++ + #endif /* QEMU_VNC_H */ +diff --git a/vl.c b/vl.c +index 0b5a721..4742300 100644 +--- a/vl.c ++++ b/vl.c +@@ -2950,6 +2950,7 @@ static int global_init_func(void *opaque, QemuOpts *opts, Error **errp) + int main(int argc, char **argv, char **envp) + { + int i; ++ long int vm_id_long = 0; + int snapshot, linux_boot; + const char *initrd_filename; + const char *kernel_filename, *kernel_cmdline; +@@ -3722,6 +3723,14 @@ int main(int argc, char **argv, char **envp) + exit(1); + } + break; ++ case QEMU_OPTION_id: ++ vm_id_long = strtol(optarg, (char **) &optarg, 10); ++ if (*optarg != 0 || vm_id_long < 100 || vm_id_long > INT_MAX) { ++ fprintf(stderr, "Invalid ID\n"); ++ exit(1); ++ } ++ pve_auth_setup(vm_id_long); ++ break; + case QEMU_OPTION_vnc: + vnc_parse(optarg, &error_fatal); + break; +-- +2.1.4 + diff --git a/debian/patches/pve/0031-vma-writer-don-t-bail-out-on-zero-length-files.patch b/debian/patches/pve/0031-vma-writer-don-t-bail-out-on-zero-length-files.patch new file mode 100644 index 0000000..90dadea --- /dev/null +++ b/debian/patches/pve/0031-vma-writer-don-t-bail-out-on-zero-length-files.patch @@ -0,0 +1,24 @@ +From e4958531f423dd635053559d05e8c86c208ceb02 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Mon, 8 Feb 2016 08:23:34 +0100 +Subject: [PATCH 31/47] vma-writer: don't bail out on zero-length files + +--- + vma-writer.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/vma-writer.c b/vma-writer.c +index 0d26fc6..a378762 100644 +--- a/vma-writer.c ++++ b/vma-writer.c +@@ -130,7 +130,6 @@ int vma_writer_add_config(VmaWriter *vmaw, const char *name, gpointer data, + assert(vmaw->config_count < VMA_MAX_CONFIGS); + assert(name); + assert(data); +- assert(len); + + gchar *basename = g_path_get_basename(name); + uint32_t name_ptr = allocate_header_string(vmaw, basename); +-- +2.1.4 + diff --git a/debian/patches/pve/0032-vma-better-driver-guessing-for-bdrv_open.patch b/debian/patches/pve/0032-vma-better-driver-guessing-for-bdrv_open.patch new file mode 100644 index 0000000..db45d26 --- /dev/null +++ b/debian/patches/pve/0032-vma-better-driver-guessing-for-bdrv_open.patch @@ -0,0 +1,42 @@ +From 2dc69ead56b7ecd60eb513ab5b6c9978e06070ef Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Tue, 23 Feb 2016 15:48:41 +0100 +Subject: [PATCH 32/47] vma: better driver guessing for bdrv_open + +Only use 'raw' when the file actually ends with .raw and +no protocol has been specified. With protocol pass the +BDRV_O_PROTOCOL flag to tell bdrv_fill_options() to take it +into account. +--- + vma.c | 15 ++++++++++++++- + 1 file changed, 14 insertions(+), 1 deletion(-) + +diff --git a/vma.c b/vma.c +index 08e4725..8a27704 100644 +--- a/vma.c ++++ b/vma.c +@@ -293,7 +293,20 @@ static int extract_content(int argc, char **argv) + } + + BlockDriverState *bs = bdrv_new(); +- if (errp || bdrv_open(&bs, devfn, NULL, NULL, flags, &errp)) { ++ ++ size_t devlen = strlen(devfn); ++ bool protocol = path_has_protocol(devfn); ++ QDict *options = NULL; ++ if (devlen > 4 && strcmp(devfn+devlen-4, ".raw") == 0 && !protocol) { ++ /* explicit raw format */ ++ options = qdict_new(); ++ qdict_put(options, "driver", qstring_from_str("raw")); ++ } else if (protocol) { ++ /* tell bdrv_open to honor the protocol */ ++ flags |= BDRV_O_PROTOCOL; ++ } ++ ++ if (errp || bdrv_open(&bs, devfn, NULL, options, flags, &errp)) { + g_error("can't open file %s - %s", devfn, + error_get_pretty(errp)); + } +-- +2.1.4 + diff --git a/debian/patches/pve/0033-block-add-the-zeroinit-block-driver-filter.patch b/debian/patches/pve/0033-block-add-the-zeroinit-block-driver-filter.patch new file mode 100644 index 0000000..f3fc5b7 --- /dev/null +++ b/debian/patches/pve/0033-block-add-the-zeroinit-block-driver-filter.patch @@ -0,0 +1,252 @@ +From 6f6f38d2ef8f22a12f72e4d60f8a1fa978ac569a Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Thu, 17 Mar 2016 11:33:37 +0100 +Subject: [PATCH 33/47] block: add the zeroinit block driver filter + +--- + block/Makefile.objs | 1 + + block/zeroinit.c | 220 ++++++++++++++++++++++++++++++++++++++++++++++++++++ + 2 files changed, 221 insertions(+) + create mode 100644 block/zeroinit.c + +diff --git a/block/Makefile.objs b/block/Makefile.objs +index 2593a2f..930ca33 100644 +--- a/block/Makefile.objs ++++ b/block/Makefile.objs +@@ -4,6 +4,7 @@ block-obj-y += qed.o qed-gencb.o qed-l2-cache.o qed-table.o qed-cluster.o + block-obj-y += qed-check.o + block-obj-$(CONFIG_VHDX) += vhdx.o vhdx-endian.o vhdx-log.o + block-obj-y += quorum.o ++block-obj-y += zeroinit.o + block-obj-y += parallels.o blkdebug.o blkverify.o blkreplay.o + block-obj-y += block-backend.o snapshot.o qapi.o + block-obj-$(CONFIG_WIN32) += raw-win32.o win32-aio.o +diff --git a/block/zeroinit.c b/block/zeroinit.c +new file mode 100644 +index 0000000..c56a446 +--- /dev/null ++++ b/block/zeroinit.c +@@ -0,0 +1,220 @@ ++/* ++ * Filter to fake a zero-initialized block device. ++ * ++ * Copyright (c) 2016 Wolfgang Bumiller ++ * Copyright (c) 2016 Proxmox Server Solutions GmbH ++ * ++ * This work is licensed under the terms of the GNU GPL, version 2 or later. ++ * See the COPYING file in the top-level directory. ++ */ ++ ++#include "qemu/osdep.h" ++#include "qapi/error.h" ++#include "block/block_int.h" ++#include "qapi/qmp/qdict.h" ++#include "qapi/qmp/qstring.h" ++#include "qemu/cutils.h" ++ ++typedef struct { ++ bool has_zero_init; ++ int64_t extents; ++} BDRVZeroinitState; ++ ++/* Valid blkverify filenames look like blkverify:path/to/raw_image:path/to/image */ ++static void zeroinit_parse_filename(const char *filename, QDict *options, ++ Error **errp) ++{ ++ QString *raw_path; ++ ++ /* Parse the blkverify: prefix */ ++ if (!strstart(filename, "zeroinit:", &filename)) { ++ /* There was no prefix; therefore, all options have to be already ++ present in the QDict (except for the filename) */ ++ return; ++ } ++ ++ raw_path = qstring_from_str(filename); ++ qdict_put(options, "x-next", raw_path); ++} ++ ++static QemuOptsList runtime_opts = { ++ .name = "zeroinit", ++ .head = QTAILQ_HEAD_INITIALIZER(runtime_opts.head), ++ .desc = { ++ { ++ .name = "x-next", ++ .type = QEMU_OPT_STRING, ++ .help = "[internal use only, will be removed]", ++ }, ++ { ++ .name = "x-zeroinit", ++ .type = QEMU_OPT_BOOL, ++ .help = "set has_initialized_zero flag", ++ }, ++ { /* end of list */ } ++ }, ++}; ++ ++static int zeroinit_open(BlockDriverState *bs, QDict *options, int flags, ++ Error **errp) ++{ ++ BDRVZeroinitState *s = bs->opaque; ++ QemuOpts *opts; ++ Error *local_err = NULL; ++ int ret; ++ ++ s->extents = 0; ++ ++ opts = qemu_opts_create(&runtime_opts, NULL, 0, &error_abort); ++ qemu_opts_absorb_qdict(opts, options, &local_err); ++ if (local_err) { ++ error_propagate(errp, local_err); ++ ret = -EINVAL; ++ goto fail; ++ } ++ ++ /* Open the raw file */ ++ bs->file = bdrv_open_child(qemu_opt_get(opts, "x-next"), options, "next", ++ bs, &child_file, false, &local_err); ++ if (local_err) { ++ ret = -EINVAL; ++ error_propagate(errp, local_err); ++ goto fail; ++ } ++ ++ /* set the options */ ++ s->has_zero_init = qemu_opt_get_bool(opts, "x-zeroinit", true); ++ ++ ret = 0; ++fail: ++ if (ret < 0) { ++ bdrv_unref_child(bs, bs->file); ++ } ++ qemu_opts_del(opts); ++ return ret; ++} ++ ++static void zeroinit_close(BlockDriverState *bs) ++{ ++ BDRVZeroinitState *s = bs->opaque; ++ (void)s; ++} ++ ++static int64_t zeroinit_getlength(BlockDriverState *bs) ++{ ++ return bdrv_getlength(bs->file->bs); ++} ++ ++static BlockAIOCB *zeroinit_aio_readv(BlockDriverState *bs, ++ int64_t sector_num, QEMUIOVector *qiov, int nb_sectors, ++ BlockCompletionFunc *cb, void *opaque) ++{ ++ return bdrv_aio_readv(bs->file, sector_num, qiov, nb_sectors, ++ cb, opaque); ++} ++ ++static int coroutine_fn zeroinit_co_pwrite_zeroes(BlockDriverState *bs, int64_t offset, ++ int count, BdrvRequestFlags flags) ++{ ++ BDRVZeroinitState *s = bs->opaque; ++ if (offset >= s->extents) ++ return 0; ++ return bdrv_pwrite_zeroes(bs->file, offset, count, flags); ++} ++ ++static BlockAIOCB *zeroinit_aio_writev(BlockDriverState *bs, ++ int64_t sector_num, QEMUIOVector *qiov, int nb_sectors, ++ BlockCompletionFunc *cb, void *opaque) ++{ ++ BDRVZeroinitState *s = bs->opaque; ++ int64_t extents = (sector_num << BDRV_SECTOR_BITS) + ((nb_sectors + 1) << BDRV_SECTOR_BITS); ++ if (extents > s->extents) ++ s->extents = extents; ++ return bdrv_aio_writev(bs->file, sector_num, qiov, nb_sectors, ++ cb, opaque); ++} ++ ++static BlockAIOCB *zeroinit_aio_flush(BlockDriverState *bs, ++ BlockCompletionFunc *cb, ++ void *opaque) ++{ ++ return bdrv_aio_flush(bs->file->bs, cb, opaque); ++} ++ ++static bool zeroinit_recurse_is_first_non_filter(BlockDriverState *bs, ++ BlockDriverState *candidate) ++{ ++ return bdrv_recurse_is_first_non_filter(bs->file->bs, candidate); ++} ++ ++static coroutine_fn int zeroinit_co_flush(BlockDriverState *bs) ++{ ++ return bdrv_co_flush(bs->file->bs); ++} ++ ++static int zeroinit_has_zero_init(BlockDriverState *bs) ++{ ++ BDRVZeroinitState *s = bs->opaque; ++ return s->has_zero_init; ++} ++ ++static int64_t coroutine_fn zeroinit_co_get_block_status(BlockDriverState *bs, ++ int64_t sector_num, ++ int nb_sectors, int *pnum, ++ BlockDriverState **file) ++{ ++ return bdrv_get_block_status(bs->file->bs, sector_num, nb_sectors, pnum, file); ++} ++ ++static coroutine_fn BlockAIOCB *zeroinit_aio_pdiscard(BlockDriverState *bs, ++ int64_t offset, int count, ++ BlockCompletionFunc *cb, void *opaque) ++{ ++ return bdrv_aio_pdiscard(bs->file->bs, offset, count, cb, opaque); ++} ++ ++static int zeroinit_truncate(BlockDriverState *bs, int64_t offset) ++{ ++ return bdrv_truncate(bs->file->bs, offset); ++} ++ ++static int zeroinit_get_info(BlockDriverState *bs, BlockDriverInfo *bdi) ++{ ++ return bdrv_get_info(bs->file->bs, bdi); ++} ++ ++static BlockDriver bdrv_zeroinit = { ++ .format_name = "zeroinit", ++ .protocol_name = "zeroinit", ++ .instance_size = sizeof(BDRVZeroinitState), ++ ++ .bdrv_parse_filename = zeroinit_parse_filename, ++ .bdrv_file_open = zeroinit_open, ++ .bdrv_close = zeroinit_close, ++ .bdrv_getlength = zeroinit_getlength, ++ .bdrv_co_flush_to_disk = zeroinit_co_flush, ++ ++ .bdrv_co_pwrite_zeroes = zeroinit_co_pwrite_zeroes, ++ .bdrv_aio_writev = zeroinit_aio_writev, ++ .bdrv_aio_readv = zeroinit_aio_readv, ++ .bdrv_aio_flush = zeroinit_aio_flush, ++ ++ .is_filter = true, ++ .bdrv_recurse_is_first_non_filter = zeroinit_recurse_is_first_non_filter, ++ ++ .bdrv_has_zero_init = zeroinit_has_zero_init, ++ ++ .bdrv_co_get_block_status = zeroinit_co_get_block_status, ++ ++ .bdrv_aio_pdiscard = zeroinit_aio_pdiscard, ++ ++ .bdrv_truncate = zeroinit_truncate, ++ .bdrv_get_info = zeroinit_get_info, ++}; ++ ++static void bdrv_zeroinit_init(void) ++{ ++ bdrv_register(&bdrv_zeroinit); ++} ++ ++block_init(bdrv_zeroinit_init); +-- +2.1.4 + diff --git a/debian/patches/pve/0034-vma-add-format-option-to-device-mapping.patch b/debian/patches/pve/0034-vma-add-format-option-to-device-mapping.patch new file mode 100644 index 0000000..90b75ae --- /dev/null +++ b/debian/patches/pve/0034-vma-add-format-option-to-device-mapping.patch @@ -0,0 +1,108 @@ +From 10ae69c411df788752628c8950bf9e76c8cf6af1 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Tue, 12 Apr 2016 13:49:44 +0200 +Subject: [PATCH 34/47] vma: add format option to device mapping + +The BDRV_O_PROTOCOL option breaks non-raw protocol devices, +so we instead now allow the format to be explicitly +specified from the outside. + +In other words we now too deprecate the automatic guessing +of raw formats, just like qemu already does, and have to +silence the warnings by passing the drive mapping. +--- + vma.c | 34 +++++++++++++++++++++++++++------- + 1 file changed, 27 insertions(+), 7 deletions(-) + +diff --git a/vma.c b/vma.c +index 8a27704..c8ad6c0 100644 +--- a/vma.c ++++ b/vma.c +@@ -130,6 +130,7 @@ static int list_content(int argc, char **argv) + typedef struct RestoreMap { + char *devname; + char *path; ++ char *format; + bool write_zero; + } RestoreMap; + +@@ -217,13 +218,24 @@ static int extract_content(int argc, char **argv) + } + } + ++ char *format = NULL; ++ if (strncmp(line, "format=", sizeof("format=")-1) == 0) { ++ format = line + sizeof("format=")-1; ++ char *colon = strchr(format, ':'); ++ if (!colon) { ++ g_error("read map failed - found only a format ('%s')", inbuf); ++ } ++ format = g_strndup(format, colon - format); ++ line = colon+1; ++ } ++ + const char *path; + bool write_zero; + if (line[0] == '0' && line[1] == ':') { +- path = inbuf + 2; ++ path = line + 2; + write_zero = false; + } else if (line[0] == '1' && line[1] == ':') { +- path = inbuf + 2; ++ path = line + 2; + write_zero = true; + } else { + g_error("read map failed - parse error ('%s')", inbuf); +@@ -239,6 +251,7 @@ static int extract_content(int argc, char **argv) + RestoreMap *map = g_new0(RestoreMap, 1); + map->devname = g_strdup(devname); + map->path = g_strdup(path); ++ map->format = format; + map->write_zero = write_zero; + + g_hash_table_insert(devmap, map->devname, map); +@@ -263,6 +276,7 @@ static int extract_content(int argc, char **argv) + g_free(statefn); + } else if (di) { + char *devfn = NULL; ++ const char *format = NULL; + int flags = BDRV_O_RDWR; + bool write_zero = true; + +@@ -273,6 +287,7 @@ static int extract_content(int argc, char **argv) + g_error("no device name mapping for %s", di->devname); + } + devfn = map->path; ++ format = map->format; + write_zero = map->write_zero; + } else { + devfn = g_strdup_printf("%s/tmp-disk-%s.raw", +@@ -295,15 +310,20 @@ static int extract_content(int argc, char **argv) + BlockDriverState *bs = bdrv_new(); + + size_t devlen = strlen(devfn); +- bool protocol = path_has_protocol(devfn); + QDict *options = NULL; +- if (devlen > 4 && strcmp(devfn+devlen-4, ".raw") == 0 && !protocol) { ++ if (format) { ++ /* explicit format from commandline */ ++ options = qdict_new(); ++ qdict_put(options, "driver", qstring_from_str(format)); ++ } else if ((devlen > 4 && strcmp(devfn+devlen-4, ".raw") == 0) || ++ strncmp(devfn, "/dev/", 5) == 0) ++ { ++ /* This part is now deprecated for PVE as well (just as qemu ++ * deprecated not specifying an explicit raw format, too. ++ */ + /* explicit raw format */ + options = qdict_new(); + qdict_put(options, "driver", qstring_from_str("raw")); +- } else if (protocol) { +- /* tell bdrv_open to honor the protocol */ +- flags |= BDRV_O_PROTOCOL; + } + + if (errp || bdrv_open(&bs, devfn, NULL, options, flags, &errp)) { +-- +2.1.4 + diff --git a/debian/patches/pve/0035-fix-possible-unitialised-return-value.patch b/debian/patches/pve/0035-fix-possible-unitialised-return-value.patch new file mode 100644 index 0000000..fb2dc2d --- /dev/null +++ b/debian/patches/pve/0035-fix-possible-unitialised-return-value.patch @@ -0,0 +1,25 @@ +From 927da5e2426aac5bef37c97604740deddedbda41 Mon Sep 17 00:00:00 2001 +From: Thomas Lamprecht +Date: Wed, 6 Apr 2016 16:45:15 +0200 +Subject: [PATCH 35/47] fix possible unitialised return value + +--- + migration/savevm.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/migration/savevm.c b/migration/savevm.c +index b1bdfb6..cebba77 100644 +--- a/migration/savevm.c ++++ b/migration/savevm.c +@@ -1020,7 +1020,7 @@ int qemu_savevm_state_complete_precopy(QEMUFile *f, bool iterable_only) + QJSON *vmdesc; + int vmdesc_len; + SaveStateEntry *se; +- int ret; ++ int ret = -1; + bool in_postcopy = migration_in_postcopy(migrate_get_current()); + + trace_savevm_state_complete_precopy(); +-- +2.1.4 + diff --git a/debian/patches/pve/0036-vnc-refactor-to-QIOChannelSocket.patch b/debian/patches/pve/0036-vnc-refactor-to-QIOChannelSocket.patch new file mode 100644 index 0000000..8b4421f --- /dev/null +++ b/debian/patches/pve/0036-vnc-refactor-to-QIOChannelSocket.patch @@ -0,0 +1,87 @@ +From e6af4497017e37cb31f7cbd80137f41ce297d702 Mon Sep 17 00:00:00 2001 +From: Thomas Lamprecht +Date: Wed, 6 Apr 2016 16:47:54 +0200 +Subject: [PATCH 36/47] vnc: refactor to QIOChannelSocket + +--- + ui/vnc-auth-vencrypt.c | 31 ++++++++++++++++--------------- + 1 file changed, 16 insertions(+), 15 deletions(-) + +diff --git a/ui/vnc-auth-vencrypt.c b/ui/vnc-auth-vencrypt.c +index d11f1df..a529520 100644 +--- a/ui/vnc-auth-vencrypt.c ++++ b/ui/vnc-auth-vencrypt.c +@@ -28,27 +28,23 @@ + #include "vnc.h" + #include "qapi/error.h" + #include "qemu/main-loop.h" +-#include "qemu/sockets.h" ++#include "io/channel-socket.h" + + static int protocol_client_auth_plain(VncState *vs, uint8_t *data, size_t len) + { +- const char *err = NULL; ++ Error *err = NULL; + char username[256]; + char passwd[512]; + +- char clientip[256]; +- clientip[0] = 0; +- struct sockaddr_in client; +- socklen_t addrlen = sizeof(client); +- if (getpeername(vs->csock, &client, &addrlen) == 0) { +- inet_ntop(client.sin_family, &client.sin_addr, +- clientip, sizeof(clientip)); ++ SocketAddress *clientip = qio_channel_socket_get_remote_address(vs->sioc, &err); ++ if (err) { ++ goto err; + } + + if ((len != (vs->username_len + vs->password_len)) || + (vs->username_len >= (sizeof(username)-1)) || + (vs->password_len >= (sizeof(passwd)-1)) ) { +- err = "Got unexpected data length"; ++ error_setg(&err, "Got unexpected data length"); + goto err; + } + +@@ -59,26 +55,31 @@ static int protocol_client_auth_plain(VncState *vs, uint8_t *data, size_t len) + + VNC_DEBUG("AUTH PLAIN username: %s pw: %s\n", username, passwd); + +- if (pve_auth_verify(clientip, username, passwd) == 0) { ++ if (pve_auth_verify(clientip->u.inet.data->host, username, passwd) == 0) { + vnc_write_u32(vs, 0); /* Accept auth completion */ + start_client_init(vs); ++ qapi_free_SocketAddress(clientip); + return 0; + } + +- err = "Authentication failed"; ++ error_setg(&err, "Authentication failed"); + err: + if (err) { +- VNC_DEBUG("AUTH PLAIN ERROR: %s\n", err); ++ const char *err_msg = error_get_pretty(err); ++ VNC_DEBUG("AUTH PLAIN ERROR: %s\n", err_msg); + vnc_write_u32(vs, 1); /* Reject auth */ + if (vs->minor >= 8) { +- int elen = strlen(err); ++ int elen = strlen(err_msg); + vnc_write_u32(vs, elen); +- vnc_write(vs, err, elen); ++ vnc_write(vs, err_msg, elen); + } ++ error_free(err); + } + vnc_flush(vs); + vnc_client_error(vs); + ++ qapi_free_SocketAddress(clientip); ++ + return 0; + + } +-- +2.1.4 + diff --git a/debian/patches/pve/0037-vma-use-BlockBackend-on-extract.patch b/debian/patches/pve/0037-vma-use-BlockBackend-on-extract.patch new file mode 100644 index 0000000..9f836b7 --- /dev/null +++ b/debian/patches/pve/0037-vma-use-BlockBackend-on-extract.patch @@ -0,0 +1,75 @@ +From 0d4b69786584eec1386183b259c22f7cae6df69d Mon Sep 17 00:00:00 2001 +From: Thomas Lamprecht +Date: Fri, 1 Jul 2016 15:47:29 +0200 +Subject: [PATCH 37/47] vma: use BlockBackend on extract + +As we else rely on bdrv_close_all() do clean up, which was rewritten +in ca9bd24cf1d53775169ba9adc17e265554d1afed and fails on "dangling" +BDS pointers, such a pointer exists with *bs. +Use the BlockBackend to get our BDS and just unref the BlockBackend +when done, it handles the rest for us. + +The other two calls to bdrv_close_all() happen in verify_content() +and dump_config(), both do not have a BDS so no need to change here. +--- + vma.c | 13 ++++++++++--- + 1 file changed, 10 insertions(+), 3 deletions(-) + +diff --git a/vma.c b/vma.c +index c8ad6c0..a2ddd32 100644 +--- a/vma.c ++++ b/vma.c +@@ -19,6 +19,7 @@ + #include "qemu/error-report.h" + #include "qemu/main-loop.h" + #include "sysemu/char.h" /* qstring_from_str */ ++#include "sysemu/block-backend.h" + + static void help(void) + { +@@ -263,6 +264,8 @@ static int extract_content(int argc, char **argv) + int vmstate_fd = -1; + guint8 vmstate_stream = 0; + ++ BlockBackend *blk = NULL; ++ + for (i = 1; i < 255; i++) { + VmaDeviceInfo *di = vma_reader_get_device_info(vmar, i); + if (di && (strcmp(di->devname, "vmstate") == 0)) { +@@ -307,8 +310,6 @@ static int extract_content(int argc, char **argv) + write_zero = false; + } + +- BlockDriverState *bs = bdrv_new(); +- + size_t devlen = strlen(devfn); + QDict *options = NULL; + if (format) { +@@ -326,10 +327,14 @@ static int extract_content(int argc, char **argv) + qdict_put(options, "driver", qstring_from_str("raw")); + } + +- if (errp || bdrv_open(&bs, devfn, NULL, options, flags, &errp)) { ++ ++ if (errp || !(blk = blk_new_open(devfn, NULL, options, flags, &errp))) { + g_error("can't open file %s - %s", devfn, + error_get_pretty(errp)); + } ++ ++ BlockDriverState *bs = blk_bs(blk); ++ + if (vma_reader_register_bs(vmar, i, bs, write_zero, &errp) < 0) { + g_error("%s", error_get_pretty(errp)); + } +@@ -362,6 +367,8 @@ static int extract_content(int argc, char **argv) + + vma_reader_destroy(vmar); + ++ blk_unref(blk); ++ + bdrv_close_all(); + + return ret; +-- +2.1.4 + diff --git a/debian/patches/pve/0038-vma-byte-based-write-calls.patch b/debian/patches/pve/0038-vma-byte-based-write-calls.patch new file mode 100644 index 0000000..d2fe7b2 --- /dev/null +++ b/debian/patches/pve/0038-vma-byte-based-write-calls.patch @@ -0,0 +1,237 @@ +From 1209cadf111aaf73b53e568f78104340b4ffb0bd Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Fri, 9 Sep 2016 14:51:28 +0200 +Subject: [PATCH 38/47] vma: byte based write calls + +--- + vma-reader.c | 42 +++++++++++++++++++++--------------------- + vma.c | 22 ++++++++++------------ + vma.h | 2 +- + 3 files changed, 32 insertions(+), 34 deletions(-) + +diff --git a/vma-reader.c b/vma-reader.c +index 78f1de9..2000889 100644 +--- a/vma-reader.c ++++ b/vma-reader.c +@@ -25,7 +25,7 @@ + static unsigned char zero_vma_block[VMA_BLOCK_SIZE]; + + typedef struct VmaRestoreState { +- BlockDriverState *bs; ++ BlockBackend *target; + bool write_zeroes; + unsigned long *bitmap; + int bitmap_size; +@@ -423,12 +423,12 @@ VmaDeviceInfo *vma_reader_get_device_info(VmaReader *vmar, guint8 dev_id) + } + + static void allocate_rstate(VmaReader *vmar, guint8 dev_id, +- BlockDriverState *bs, bool write_zeroes) ++ BlockBackend *target, bool write_zeroes) + { + assert(vmar); + assert(dev_id); + +- vmar->rstate[dev_id].bs = bs; ++ vmar->rstate[dev_id].target = target; + vmar->rstate[dev_id].write_zeroes = write_zeroes; + + int64_t size = vmar->devinfo[dev_id].size; +@@ -443,15 +443,15 @@ static void allocate_rstate(VmaReader *vmar, guint8 dev_id, + vmar->cluster_count += size/VMA_CLUSTER_SIZE; + } + +-int vma_reader_register_bs(VmaReader *vmar, guint8 dev_id, BlockDriverState *bs, ++int vma_reader_register_bs(VmaReader *vmar, guint8 dev_id, BlockBackend *target, + bool write_zeroes, Error **errp) + { + assert(vmar); +- assert(bs != NULL); ++ assert(target != NULL); + assert(dev_id); +- assert(vmar->rstate[dev_id].bs == NULL); ++ assert(vmar->rstate[dev_id].target == NULL); + +- int64_t size = bdrv_getlength(bs); ++ int64_t size = blk_getlength(target); + int64_t size_diff = size - vmar->devinfo[dev_id].size; + + /* storage types can have different size restrictions, so it +@@ -465,7 +465,7 @@ int vma_reader_register_bs(VmaReader *vmar, guint8 dev_id, BlockDriverState *bs, + return -1; + } + +- allocate_rstate(vmar, dev_id, bs, write_zeroes); ++ allocate_rstate(vmar, dev_id, target, write_zeroes); + + return 0; + } +@@ -507,7 +507,7 @@ static size_t full_write(int fd, void *buf, size_t len) + } + + static int restore_write_data(VmaReader *vmar, guint8 dev_id, +- BlockDriverState *bs, int vmstate_fd, ++ BlockBackend *target, int vmstate_fd, + unsigned char *buf, int64_t sector_num, + int nb_sectors, Error **errp) + { +@@ -523,10 +523,10 @@ static int restore_write_data(VmaReader *vmar, guint8 dev_id, + } + } + } else { +- int res = bdrv_write(bs, sector_num, buf, nb_sectors); ++ int res = blk_pwrite(target, sector_num * BDRV_SECTOR_SIZE, buf, nb_sectors * BDRV_SECTOR_SIZE, 0); + if (res < 0) { +- error_setg(errp, "bdrv_write to %s failed (%d)", +- bdrv_get_device_name(bs), res); ++ error_setg(errp, "blk_pwrite to %s failed (%d)", ++ bdrv_get_device_name(blk_bs(target)), res); + return -1; + } + } +@@ -556,11 +556,11 @@ static int restore_extent(VmaReader *vmar, unsigned char *buf, + } + + VmaRestoreState *rstate = &vmar->rstate[dev_id]; +- BlockDriverState *bs = NULL; ++ BlockBackend *target = NULL; + + if (dev_id != vmar->vmstate_stream) { +- bs = rstate->bs; +- if (!verify && !bs) { ++ target = rstate->target; ++ if (!verify && !target) { + error_setg(errp, "got wrong dev id %d", dev_id); + return -1; + } +@@ -618,7 +618,7 @@ static int restore_extent(VmaReader *vmar, unsigned char *buf, + + if (!verify) { + int nb_sectors = end_sector - sector_num; +- if (restore_write_data(vmar, dev_id, bs, vmstate_fd, ++ if (restore_write_data(vmar, dev_id, target, vmstate_fd, + buf + start, sector_num, nb_sectors, + errp) < 0) { + return -1; +@@ -654,7 +654,7 @@ static int restore_extent(VmaReader *vmar, unsigned char *buf, + + if (!verify) { + int nb_sectors = end_sector - sector_num; +- if (restore_write_data(vmar, dev_id, bs, vmstate_fd, ++ if (restore_write_data(vmar, dev_id, target, vmstate_fd, + buf + start, sector_num, + nb_sectors, errp) < 0) { + return -1; +@@ -678,7 +678,7 @@ static int restore_extent(VmaReader *vmar, unsigned char *buf, + } + + if (rstate->write_zeroes && !verify) { +- if (restore_write_data(vmar, dev_id, bs, vmstate_fd, ++ if (restore_write_data(vmar, dev_id, target, vmstate_fd, + zero_vma_block, sector_num, + nb_sectors, errp) < 0) { + return -1; +@@ -786,12 +786,12 @@ static int vma_reader_restore_full(VmaReader *vmar, int vmstate_fd, + int i; + for (i = 1; i < 256; i++) { + VmaRestoreState *rstate = &vmar->rstate[i]; +- if (!rstate->bs) { ++ if (!rstate->target) { + continue; + } + +- if (bdrv_flush(rstate->bs) < 0) { +- error_setg(errp, "vma bdrv_flush %s failed", ++ if (blk_flush(rstate->target) < 0) { ++ error_setg(errp, "vma blk_flush %s failed", + vmar->devinfo[i].devname); + return -1; + } +diff --git a/vma.c b/vma.c +index a2ddd32..ff974bd 100644 +--- a/vma.c ++++ b/vma.c +@@ -333,9 +333,7 @@ static int extract_content(int argc, char **argv) + error_get_pretty(errp)); + } + +- BlockDriverState *bs = blk_bs(blk); +- +- if (vma_reader_register_bs(vmar, i, bs, write_zero, &errp) < 0) { ++ if (vma_reader_register_bs(vmar, i, blk, write_zero, &errp) < 0) { + g_error("%s", error_get_pretty(errp)); + } + +@@ -427,7 +425,7 @@ static int verify_content(int argc, char **argv) + } + + typedef struct BackupJob { +- BlockDriverState *bs; ++ BlockBackend *target; + int64_t len; + VmaWriter *vmaw; + uint8_t dev_id; +@@ -456,7 +454,7 @@ static void coroutine_fn backup_run(void *opaque) + int64_t start, end; + int ret = 0; + +- unsigned char *buf = qemu_blockalign(job->bs, VMA_CLUSTER_SIZE); ++ unsigned char *buf = blk_blockalign(job->target, VMA_CLUSTER_SIZE); + + start = 0; + end = DIV_ROUND_UP(job->len / BDRV_SECTOR_SIZE, +@@ -467,8 +465,8 @@ static void coroutine_fn backup_run(void *opaque) + iov.iov_len = VMA_CLUSTER_SIZE; + qemu_iovec_init_external(&qiov, &iov, 1); + +- ret = bdrv_co_readv(job->bs, start * BACKUP_SECTORS_PER_CLUSTER, +- BACKUP_SECTORS_PER_CLUSTER, &qiov); ++ ret = blk_co_preadv(job->target, start * BACKUP_SECTORS_PER_CLUSTER, ++ BACKUP_SECTORS_PER_CLUSTER, &qiov, 0); + if (ret < 0) { + vma_writer_set_error(job->vmaw, "read error", -1); + goto out; +@@ -563,14 +561,14 @@ static int create_archive(int argc, char **argv) + path = extract_devname(path, &devname, devcount++); + + Error *errp = NULL; +- BlockDriverState *bs; ++ BlockBackend *target; + +- bs = bdrv_open(path, NULL, NULL, 0, &errp); +- if (!bs) { ++ target = blk_new_open(path, NULL, NULL, 0, &errp); ++ if (!target) { + unlink(archivename); + g_error("bdrv_open '%s' failed - %s", path, error_get_pretty(errp)); + } +- int64_t size = bdrv_getlength(bs); ++ int64_t size = blk_getlength(target); + int dev_id = vma_writer_register_stream(vmaw, devname, size); + if (dev_id <= 0) { + unlink(archivename); +@@ -579,7 +577,7 @@ static int create_archive(int argc, char **argv) + + BackupJob *job = g_new0(BackupJob, 1); + job->len = size; +- job->bs = bs; ++ job->target = target; + job->vmaw = vmaw; + job->dev_id = dev_id; + +diff --git a/vma.h b/vma.h +index 365ceb2..fa6f4df 100644 +--- a/vma.h ++++ b/vma.h +@@ -140,7 +140,7 @@ VmaHeader *vma_reader_get_header(VmaReader *vmar); + GList *vma_reader_get_config_data(VmaReader *vmar); + VmaDeviceInfo *vma_reader_get_device_info(VmaReader *vmar, guint8 dev_id); + int vma_reader_register_bs(VmaReader *vmar, guint8 dev_id, +- BlockDriverState *bs, bool write_zeroes, ++ BlockBackend *target, bool write_zeroes, + Error **errp); + int vma_reader_restore(VmaReader *vmar, int vmstate_fd, bool verbose, + Error **errp); +-- +2.1.4 + diff --git a/debian/patches/pve/0039-rbd-disable-rbd_cache_writethrough_until_flush-with-.patch b/debian/patches/pve/0039-rbd-disable-rbd_cache_writethrough_until_flush-with-.patch new file mode 100644 index 0000000..0e1f752 --- /dev/null +++ b/debian/patches/pve/0039-rbd-disable-rbd_cache_writethrough_until_flush-with-.patch @@ -0,0 +1,29 @@ +From 8aaa1a8108aabdca93d866eeaa9308deae81cd70 Mon Sep 17 00:00:00 2001 +From: Alexandre Derumier +Date: Tue, 26 Jul 2016 16:51:00 +0200 +Subject: [PATCH 39/47] rbd: disable rbd_cache_writethrough_until_flush with + cache=unsafe + +Signed-off-by: Alexandre Derumier +--- + block/rbd.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/block/rbd.c b/block/rbd.c +index 5cefdbb..b0bb516 100644 +--- a/block/rbd.c ++++ b/block/rbd.c +@@ -552,6 +552,10 @@ static int qemu_rbd_open(BlockDriverState *bs, QDict *options, int flags, + rados_conf_set(s->cluster, "rbd_cache", "true"); + } + ++ if (flags & BDRV_O_NO_FLUSH) { ++ rados_conf_set(s->cluster, "rbd_cache_writethrough_until_flush", "false"); ++ } ++ + r = rados_connect(s->cluster); + if (r < 0) { + error_setg_errno(errp, -r, "error connecting"); +-- +2.1.4 + diff --git a/debian/patches/pve/0040-enable-cache-unsafe-for-vma-extract_content-and-qmp_.patch b/debian/patches/pve/0040-enable-cache-unsafe-for-vma-extract_content-and-qmp_.patch new file mode 100644 index 0000000..c4fbc64 --- /dev/null +++ b/debian/patches/pve/0040-enable-cache-unsafe-for-vma-extract_content-and-qmp_.patch @@ -0,0 +1,43 @@ +From 383a94de8f4f887a95b8089b2f0141321d94f5fe Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Mon, 1 Aug 2016 10:52:46 +0200 +Subject: [PATCH 40/47] enable cache=unsafe for vma extract_content and + qmp_savevm_start + +We don't send any flush here, so we need to open with cache=unsafe. + +Signed-off-by: Alexandre Derumier +--- + savevm-async.c | 2 +- + vma.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/savevm-async.c b/savevm-async.c +index 7979435..76cd8fa 100644 +--- a/savevm-async.c ++++ b/savevm-async.c +@@ -253,7 +253,7 @@ void qmp_savevm_start(bool has_statefile, const char *statefile, Error **errp) + { + Error *local_err = NULL; + +- int bdrv_oflags = BDRV_O_RDWR; ++ int bdrv_oflags = BDRV_O_RDWR | BDRV_O_NO_FLUSH; + int ret; + + if (snap_state.state != SAVE_STATE_DONE) { +diff --git a/vma.c b/vma.c +index ff974bd..a8fa4ff 100644 +--- a/vma.c ++++ b/vma.c +@@ -280,7 +280,7 @@ static int extract_content(int argc, char **argv) + } else if (di) { + char *devfn = NULL; + const char *format = NULL; +- int flags = BDRV_O_RDWR; ++ int flags = BDRV_O_RDWR | BDRV_O_NO_FLUSH; + bool write_zero = true; + + if (readmap) { +-- +2.1.4 + diff --git a/debian/patches/pve/0041-savevm-async-updates.patch b/debian/patches/pve/0041-savevm-async-updates.patch new file mode 100644 index 0000000..a427269 --- /dev/null +++ b/debian/patches/pve/0041-savevm-async-updates.patch @@ -0,0 +1,215 @@ +From 9ea20572325cbc6df31293b863ccb8d2ae0e1dbd Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Fri, 9 Sep 2016 15:21:19 +0200 +Subject: [PATCH 41/47] savevm-async updates + +--- + savevm-async.c | 79 +++++++++++++++++++++++++++++----------------------------- + 1 file changed, 39 insertions(+), 40 deletions(-) + +diff --git a/savevm-async.c b/savevm-async.c +index 76cd8fa..8c76137 100644 +--- a/savevm-async.c ++++ b/savevm-async.c +@@ -20,6 +20,8 @@ + + /* #define DEBUG_SAVEVM_STATE */ + ++#define NOT_DONE 0x7fffffff /* used while emulated sync operation in progress */ ++ + #ifdef DEBUG_SAVEVM_STATE + #define DPRINTF(fmt, ...) \ + do { printf("savevm-async: " fmt, ## __VA_ARGS__); } while (0) +@@ -38,7 +40,7 @@ enum { + + + static struct SnapshotState { +- BlockDriverState *bs; ++ BlockBackend *target; + size_t bs_pos; + int state; + Error *error; +@@ -99,17 +101,17 @@ static int save_snapshot_cleanup(void) + ret = qemu_fclose(snap_state.file); + } + +- if (snap_state.bs) { ++ if (snap_state.target) { + /* try to truncate, but ignore errors (will fail on block devices). + * note: bdrv_read() need whole blocks, so we round up + */ + size_t size = (snap_state.bs_pos + BDRV_SECTOR_SIZE) & BDRV_SECTOR_MASK; +- bdrv_truncate(snap_state.bs, size); +- bdrv_op_unblock_all(snap_state.bs, snap_state.blocker); ++ blk_truncate(snap_state.target, size); ++ blk_op_unblock_all(snap_state.target, snap_state.blocker); + error_free(snap_state.blocker); + snap_state.blocker = NULL; +- bdrv_unref(snap_state.bs); +- snap_state.bs = NULL; ++ blk_unref(snap_state.target); ++ snap_state.target = NULL; + } + + return ret; +@@ -151,21 +153,22 @@ static void save_snapshot_completed(void) + static int block_state_close(void *opaque) + { + snap_state.file = NULL; +- return bdrv_flush(snap_state.bs); ++ return blk_flush(snap_state.target); + } + +-static ssize_t block_state_put_buffer(void *opaque, const uint8_t *buf, +- int64_t pos, size_t size) ++static ssize_t block_state_writev_buffer(void *opaque, struct iovec *iov, ++ int iovcnt, int64_t pos) + { +- ssize_t ret; +- +- assert(pos == snap_state.bs_pos); ++ int ret; ++ QEMUIOVector qiov; + +- if ((ret = bdrv_pwrite(snap_state.bs, snap_state.bs_pos, buf, size)) > 0) { +- snap_state.bs_pos += ret; ++ qemu_iovec_init_external(&qiov, iov, iovcnt); ++ ret = blk_co_pwritev(snap_state.target, pos, qiov.size, &qiov, 0); ++ if (ret < 0) { ++ return ret; + } +- +- return ret; ++ snap_state.bs_pos += qiov.size; ++ return qiov.size; + } + + static int store_and_stop(void) { +@@ -227,7 +230,7 @@ static void process_savevm_co(void *opaque) + /* stop the VM if we get to the end of available space, + * or if pending_size is just a few MB + */ +- maxlen = bdrv_getlength(snap_state.bs) - 30*1024*1024; ++ maxlen = blk_getlength(snap_state.target) - 30*1024*1024; + if ((pending_size < 100000) || + ((snap_state.bs_pos + pending_size) >= maxlen)) { + if (store_and_stop()) +@@ -244,7 +247,7 @@ static void process_savevm_co(void *opaque) + } + + static const QEMUFileOps block_file_ops = { +- .put_buffer = block_state_put_buffer, ++ .writev_buffer = block_state_writev_buffer, + .close = block_state_close, + }; + +@@ -254,7 +257,6 @@ void qmp_savevm_start(bool has_statefile, const char *statefile, Error **errp) + Error *local_err = NULL; + + int bdrv_oflags = BDRV_O_RDWR | BDRV_O_NO_FLUSH; +- int ret; + + if (snap_state.state != SAVE_STATE_DONE) { + error_set(errp, ERROR_CLASS_GENERIC_ERROR, +@@ -284,13 +286,11 @@ void qmp_savevm_start(bool has_statefile, const char *statefile, Error **errp) + } + + /* Open the image */ +- snap_state.bs = bdrv_new(); +- + QDict *options = NULL; + options = qdict_new(); + qdict_put(options, "driver", qstring_from_str("raw")); +- ret = bdrv_open(&snap_state.bs, statefile, NULL, options, bdrv_oflags, &local_err); +- if (ret < 0) { ++ snap_state.target = blk_new_open(statefile, NULL, options, bdrv_oflags, &local_err); ++ if (!snap_state.target) { + error_set(errp, ERROR_CLASS_GENERIC_ERROR, "failed to open '%s'", statefile); + goto restart; + } +@@ -304,9 +304,9 @@ void qmp_savevm_start(bool has_statefile, const char *statefile, Error **errp) + + + error_setg(&snap_state.blocker, "block device is in use by savevm"); +- bdrv_op_block_all(snap_state.bs, snap_state.blocker); ++ blk_op_block_all(snap_state.target, snap_state.blocker); + +- Coroutine *co = qemu_coroutine_create(process_savevm_co); ++ Coroutine *co = qemu_coroutine_create(process_savevm_co, NULL); + qemu_coroutine_enter(co); + + return; +@@ -457,8 +457,8 @@ void qmp_delete_drive_snapshot(const char *device, const char *name, + static ssize_t loadstate_get_buffer(void *opaque, uint8_t *buf, int64_t pos, + size_t size) + { +- BlockDriverState *bs = (BlockDriverState *)opaque; +- int64_t maxlen = bdrv_getlength(bs); ++ BlockBackend *be = opaque; ++ int64_t maxlen = blk_getlength(be); + if (pos > maxlen) { + return -EIO; + } +@@ -468,7 +468,7 @@ static ssize_t loadstate_get_buffer(void *opaque, uint8_t *buf, int64_t pos, + if (size == 0) { + return 0; + } +- return bdrv_pread(bs, pos, buf, size); ++ return blk_pread(be, pos, buf, size); + } + + static const QEMUFileOps loadstate_file_ops = { +@@ -477,28 +477,27 @@ static const QEMUFileOps loadstate_file_ops = { + + int load_state_from_blockdev(const char *filename) + { +- BlockDriverState *bs = NULL; ++ BlockBackend *be; + Error *local_err = NULL; + Error *blocker = NULL; + + QEMUFile *f; +- int ret; ++ int ret = -EINVAL; + +- bs = bdrv_new(); +- ret = bdrv_open(&bs, filename, NULL, NULL, 0, &local_err); +- error_setg(&blocker, "block device is in use by load state"); +- bdrv_op_block_all(bs, blocker); ++ be = blk_new_open(filename, NULL, NULL, 0, &local_err); + +- if (ret < 0) { ++ if (!be) { + error_report("Could not open VM state file"); + goto the_end; + } + ++ error_setg(&blocker, "block device is in use by load state"); ++ blk_op_block_all(be, blocker); ++ + /* restore the VM state */ +- f = qemu_fopen_ops(bs, &loadstate_file_ops); ++ f = qemu_fopen_ops(be, &loadstate_file_ops); + if (!f) { + error_report("Could not open VM state file"); +- ret = -EINVAL; + goto the_end; + } + +@@ -516,10 +515,10 @@ int load_state_from_blockdev(const char *filename) + ret = 0; + + the_end: +- if (bs) { +- bdrv_op_unblock_all(bs, blocker); ++ if (be) { ++ blk_op_unblock_all(be, blocker); + error_free(blocker); +- bdrv_unref(bs); ++ blk_unref(be); + } + return ret; + } +-- +2.1.4 + diff --git a/debian/patches/pve/0042-qmp_snapshot_drive-add-aiocontext.patch b/debian/patches/pve/0042-qmp_snapshot_drive-add-aiocontext.patch new file mode 100644 index 0000000..c78ab68 --- /dev/null +++ b/debian/patches/pve/0042-qmp_snapshot_drive-add-aiocontext.patch @@ -0,0 +1,65 @@ +From 704d008790dbccfd38aa55463c9e8bd873d08a3d Mon Sep 17 00:00:00 2001 +From: Alexandre Derumier +Date: Tue, 13 Sep 2016 01:57:56 +0200 +Subject: [PATCH 42/47] qmp_snapshot_drive: add aiocontext + +Signed-off-by: Alexandre Derumier +--- + savevm-async.c | 15 +++++++++++---- + 1 file changed, 11 insertions(+), 4 deletions(-) + +diff --git a/savevm-async.c b/savevm-async.c +index 8c76137..99ba132 100644 +--- a/savevm-async.c ++++ b/savevm-async.c +@@ -345,6 +345,7 @@ void qmp_snapshot_drive(const char *device, const char *name, Error **errp) + BlockBackend *blk; + BlockDriverState *bs; + QEMUSnapshotInfo sn1, *sn = &sn1; ++ AioContext *aio_context; + int ret; + #ifdef _WIN32 + struct _timeb tb; +@@ -371,20 +372,23 @@ void qmp_snapshot_drive(const char *device, const char *name, Error **errp) + return; + } + ++ aio_context = bdrv_get_aio_context(bs); ++ aio_context_acquire(aio_context); ++ + if (bdrv_is_read_only(bs)) { + error_setg(errp, "Node '%s' is read only", device); +- return; ++ goto out; + } + + if (!bdrv_can_snapshot(bs)) { + error_setg(errp, QERR_UNSUPPORTED); +- return; ++ goto out; + } + + if (bdrv_snapshot_find(bs, sn, name) >= 0) { + error_set(errp, ERROR_CLASS_GENERIC_ERROR, + "snapshot '%s' already exists", name); +- return; ++ goto out; + } + + sn = &sn1; +@@ -409,8 +413,11 @@ void qmp_snapshot_drive(const char *device, const char *name, Error **errp) + if (ret < 0) { + error_set(errp, ERROR_CLASS_GENERIC_ERROR, + "Error while creating snapshot on '%s'\n", device); +- return; ++ goto out; + } ++ ++out: ++ aio_context_release(aio_context); + } + + void qmp_delete_drive_snapshot(const char *device, const char *name, +-- +2.1.4 + diff --git a/debian/patches/pve/0043-vma-sizes-passed-to-blk_co_preadv-should-be-bytes-no.patch b/debian/patches/pve/0043-vma-sizes-passed-to-blk_co_preadv-should-be-bytes-no.patch new file mode 100644 index 0000000..3d08a8d --- /dev/null +++ b/debian/patches/pve/0043-vma-sizes-passed-to-blk_co_preadv-should-be-bytes-no.patch @@ -0,0 +1,27 @@ +From ed8e3b7faeb3a36e1105aac4813cd9876735bd81 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Fri, 21 Oct 2016 09:09:26 +0200 +Subject: [PATCH 43/47] vma: sizes passed to blk_co_preadv should be bytes now + +--- + vma.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/vma.c b/vma.c +index a8fa4ff..752a21b 100644 +--- a/vma.c ++++ b/vma.c +@@ -465,8 +465,8 @@ static void coroutine_fn backup_run(void *opaque) + iov.iov_len = VMA_CLUSTER_SIZE; + qemu_iovec_init_external(&qiov, &iov, 1); + +- ret = blk_co_preadv(job->target, start * BACKUP_SECTORS_PER_CLUSTER, +- BACKUP_SECTORS_PER_CLUSTER, &qiov, 0); ++ ret = blk_co_preadv(job->target, start * VMA_CLUSTER_SIZE, ++ VMA_CLUSTER_SIZE, &qiov, 0); + if (ret < 0) { + vma_writer_set_error(job->vmaw, "read error", -1); + goto out; +-- +2.1.4 + diff --git a/debian/patches/pve/0044-glusterfs-daemonize.patch b/debian/patches/pve/0044-glusterfs-daemonize.patch new file mode 100644 index 0000000..16febf8 --- /dev/null +++ b/debian/patches/pve/0044-glusterfs-daemonize.patch @@ -0,0 +1,31 @@ +From a7613eb93e702d5de5b40d17c4d4e95e8e5a010d Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Mon, 24 Oct 2016 09:32:36 +0200 +Subject: [PATCH 44/47] glusterfs: daemonize + +--- + block/gluster.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/block/gluster.c b/block/gluster.c +index 01b479f..6dcf926 100644 +--- a/block/gluster.c ++++ b/block/gluster.c +@@ -341,9 +341,11 @@ static struct glfs *qemu_gluster_glfs_init(BlockdevOptionsGluster *gconf, + } + } + +- ret = glfs_set_logging(glfs, "-", gconf->debug_level); +- if (ret < 0) { +- goto out; ++ if (!is_daemonized()) { ++ ret = glfs_set_logging(glfs, "-", gconf->debug_level); ++ if (ret < 0) { ++ goto out; ++ } + } + + ret = glfs_init(glfs); +-- +2.1.4 + diff --git a/debian/patches/pve/0045-qmp_delete_drive_snapshot-add-aiocontext.patch b/debian/patches/pve/0045-qmp_delete_drive_snapshot-add-aiocontext.patch new file mode 100644 index 0000000..5841588 --- /dev/null +++ b/debian/patches/pve/0045-qmp_delete_drive_snapshot-add-aiocontext.patch @@ -0,0 +1,59 @@ +From 41cd2dcf03fe0187221a8d005f423cc091d76dfc Mon Sep 17 00:00:00 2001 +From: Alexandre Derumier +Date: Mon, 7 Nov 2016 11:47:50 +0100 +Subject: [PATCH 45/47] qmp_delete_drive_snapshot : add aiocontext + +this fix snapshot delete of qcow2 with iothread enabled + +Signed-off-by: Alexandre Derumier +--- + savevm-async.c | 13 ++++++++++--- + 1 file changed, 10 insertions(+), 3 deletions(-) + +diff --git a/savevm-async.c b/savevm-async.c +index 99ba132..660b25b 100644 +--- a/savevm-async.c ++++ b/savevm-async.c +@@ -427,6 +427,7 @@ void qmp_delete_drive_snapshot(const char *device, const char *name, + BlockDriverState *bs; + QEMUSnapshotInfo sn1, *sn = &sn1; + Error *local_err = NULL; ++ AioContext *aio_context; + + int ret; + +@@ -443,22 +444,28 @@ void qmp_delete_drive_snapshot(const char *device, const char *name, + return; + } + ++ aio_context = bdrv_get_aio_context(bs); ++ aio_context_acquire(aio_context); ++ + if (!bdrv_can_snapshot(bs)) { + error_setg(errp, QERR_UNSUPPORTED); +- return; ++ goto out; + } + + if (bdrv_snapshot_find(bs, sn, name) < 0) { + /* return success if snapshot does not exists */ +- return; ++ goto out; + } + + ret = bdrv_snapshot_delete(bs, NULL, name, &local_err); + if (ret < 0) { + error_set(errp, ERROR_CLASS_GENERIC_ERROR, + "Error while deleting snapshot on '%s'\n", device); +- return; ++ goto out; + } ++ ++out: ++ aio_context_release(aio_context); + } + + static ssize_t loadstate_get_buffer(void *opaque, uint8_t *buf, int64_t pos, +-- +2.1.4 + diff --git a/debian/patches/pve/0046-convert-savevm-async-to-threads.patch b/debian/patches/pve/0046-convert-savevm-async-to-threads.patch new file mode 100644 index 0000000..4391b09 --- /dev/null +++ b/debian/patches/pve/0046-convert-savevm-async-to-threads.patch @@ -0,0 +1,234 @@ +From 593664f6efe07973f54d3cbcc4203c05ad68f6cf Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Tue, 8 Nov 2016 11:13:06 +0100 +Subject: [PATCH 46/47] convert savevm-async to threads + +--- + savevm-async.c | 144 +++++++++++++++++++++++++++++++++++---------------------- + 1 file changed, 88 insertions(+), 56 deletions(-) + +diff --git a/savevm-async.c b/savevm-async.c +index 660b25b..7b4c219 100644 +--- a/savevm-async.c ++++ b/savevm-async.c +@@ -48,6 +48,8 @@ static struct SnapshotState { + int saved_vm_running; + QEMUFile *file; + int64_t total_time; ++ QEMUBH *cleanup_bh; ++ QemuThread thread; + } snap_state; + + SaveVMInfo *qmp_query_savevm(Error **errp) +@@ -135,19 +137,6 @@ static void save_snapshot_error(const char *fmt, ...) + g_free (msg); + + snap_state.state = SAVE_STATE_ERROR; +- +- save_snapshot_cleanup(); +-} +- +-static void save_snapshot_completed(void) +-{ +- DPRINTF("save_snapshot_completed\n"); +- +- if (save_snapshot_cleanup() < 0) { +- snap_state.state = SAVE_STATE_ERROR; +- } else { +- snap_state.state = SAVE_STATE_COMPLETED; +- } + } + + static int block_state_close(void *opaque) +@@ -156,51 +145,90 @@ static int block_state_close(void *opaque) + return blk_flush(snap_state.target); + } + ++typedef struct BlkRwCo { ++ int64_t offset; ++ QEMUIOVector *qiov; ++ int ret; ++} BlkRwCo; ++ ++static void block_state_write_entry(void *opaque) { ++ BlkRwCo *rwco = opaque; ++ rwco->ret = blk_co_pwritev(snap_state.target, rwco->offset, rwco->qiov->size, ++ rwco->qiov, 0); ++} ++ + static ssize_t block_state_writev_buffer(void *opaque, struct iovec *iov, + int iovcnt, int64_t pos) + { +- int ret; + QEMUIOVector qiov; ++ AioContext *aio_context; ++ Coroutine *co; ++ BlkRwCo rwco; ++ ++ assert(pos == snap_state.bs_pos); ++ rwco = (BlkRwCo) { ++ .offset = pos, ++ .qiov = &qiov, ++ .ret = NOT_DONE, ++ }; + + qemu_iovec_init_external(&qiov, iov, iovcnt); +- ret = blk_co_pwritev(snap_state.target, pos, qiov.size, &qiov, 0); +- if (ret < 0) { +- return ret; ++ ++ aio_context = blk_get_aio_context(snap_state.target); ++ aio_context_acquire(aio_context); ++ co = qemu_coroutine_create(&block_state_write_entry, &rwco); ++ qemu_coroutine_enter(co); ++ while (rwco.ret == NOT_DONE) { ++ aio_poll(aio_context, true); + } ++ aio_context_release(aio_context); ++ + snap_state.bs_pos += qiov.size; + return qiov.size; + } + +-static int store_and_stop(void) { +- if (global_state_store()) { +- save_snapshot_error("Error saving global state"); +- return 1; ++static void process_savevm_cleanup(void *opaque) ++{ ++ int ret; ++ qemu_bh_delete(snap_state.cleanup_bh); ++ snap_state.cleanup_bh = NULL; ++ qemu_mutex_unlock_iothread(); ++ qemu_thread_join(&snap_state.thread); ++ qemu_mutex_lock_iothread(); ++ ret = save_snapshot_cleanup(); ++ if (ret < 0) { ++ save_snapshot_error("save_snapshot_cleanup error %d", ret); ++ } else if (snap_state.state == SAVE_STATE_ACTIVE) { ++ snap_state.state = SAVE_STATE_COMPLETED; ++ } else { ++ save_snapshot_error("process_savevm_cleanup: invalid state: %d", ++ snap_state.state); + } +- if (runstate_is_running()) { +- vm_stop(RUN_STATE_SAVE_VM); ++ if (snap_state.saved_vm_running) { ++ vm_start(); ++ snap_state.saved_vm_running = false; + } +- return 0; + } + +-static void process_savevm_co(void *opaque) ++static void *process_savevm_thread(void *opaque) + { + int ret; + int64_t maxlen; ++ + MigrationParams params = { + .blk = 0, + .shared = 0 + }; + +- snap_state.state = SAVE_STATE_ACTIVE; ++ rcu_register_thread(); + +- qemu_mutex_unlock_iothread(); + qemu_savevm_state_header(snap_state.file); + ret = qemu_savevm_state_begin(snap_state.file, ¶ms); +- qemu_mutex_lock_iothread(); + + if (ret < 0) { + save_snapshot_error("qemu_savevm_state_begin failed"); +- return; ++ rcu_unregister_thread(); ++ return NULL; + } + + while (snap_state.state == SAVE_STATE_ACTIVE) { +@@ -209,41 +237,43 @@ static void process_savevm_co(void *opaque) + qemu_savevm_state_pending(snap_state.file, 0, &pend_nonpost, &pend_post); + pending_size = pend_post + pend_nonpost; + +- if (pending_size) { +- ret = qemu_savevm_state_iterate(snap_state.file, false); +- if (ret < 0) { +- save_snapshot_error("qemu_savevm_state_iterate error %d", ret); +- break; +- } +- DPRINTF("savevm inerate pending size %lu ret %d\n", pending_size, ret); ++ maxlen = blk_getlength(snap_state.target) - 30*1024*1024; ++ ++ if (pending_size > 400000 && snap_state.bs_pos + pending_size < maxlen) { ++ qemu_mutex_lock_iothread(); ++ ret = qemu_savevm_state_iterate(snap_state.file, false); ++ if (ret < 0) { ++ save_snapshot_error("qemu_savevm_state_iterate error %d", ret); ++ break; ++ } ++ qemu_mutex_unlock_iothread(); ++ DPRINTF("savevm inerate pending size %lu ret %d\n", pending_size, ret); + } else { +- DPRINTF("done iterating\n"); +- if (store_and_stop()) ++ qemu_mutex_lock_iothread(); ++ qemu_system_wakeup_request(QEMU_WAKEUP_REASON_OTHER); ++ ret = global_state_store(); ++ if (ret) { ++ save_snapshot_error("global_state_store error %d", ret); ++ break; ++ } ++ ret = vm_stop_force_state(RUN_STATE_FINISH_MIGRATE); ++ if (ret < 0) { ++ save_snapshot_error("vm_stop_force_state error %d", ret); + break; ++ } + DPRINTF("savevm inerate finished\n"); + qemu_savevm_state_complete_precopy(snap_state.file, false); ++ qemu_savevm_state_cleanup(); + DPRINTF("save complete\n"); +- save_snapshot_completed(); + break; + } +- +- /* stop the VM if we get to the end of available space, +- * or if pending_size is just a few MB +- */ +- maxlen = blk_getlength(snap_state.target) - 30*1024*1024; +- if ((pending_size < 100000) || +- ((snap_state.bs_pos + pending_size) >= maxlen)) { +- if (store_and_stop()) +- break; +- } + } + +- if(snap_state.state == SAVE_STATE_CANCELLED) { +- save_snapshot_completed(); +- Error *errp = NULL; +- qmp_savevm_end(&errp); +- } ++ qemu_bh_schedule(snap_state.cleanup_bh); ++ qemu_mutex_unlock_iothread(); + ++ rcu_unregister_thread(); ++ return NULL; + } + + static const QEMUFileOps block_file_ops = { +@@ -306,8 +336,10 @@ void qmp_savevm_start(bool has_statefile, const char *statefile, Error **errp) + error_setg(&snap_state.blocker, "block device is in use by savevm"); + blk_op_block_all(snap_state.target, snap_state.blocker); + +- Coroutine *co = qemu_coroutine_create(process_savevm_co, NULL); +- qemu_coroutine_enter(co); ++ snap_state.state = SAVE_STATE_ACTIVE; ++ snap_state.cleanup_bh = qemu_bh_new(process_savevm_cleanup, &snap_state); ++ qemu_thread_create(&snap_state.thread, "savevm-async", process_savevm_thread, ++ NULL, QEMU_THREAD_JOINABLE); + + return; + +-- +2.1.4 + diff --git a/debian/patches/pve/0047-glusterfs-allow-partial-reads.patch b/debian/patches/pve/0047-glusterfs-allow-partial-reads.patch new file mode 100644 index 0000000..6e2379a --- /dev/null +++ b/debian/patches/pve/0047-glusterfs-allow-partial-reads.patch @@ -0,0 +1,78 @@ +From 519bcfc6d86a42a643ee65a0741bb2418c7d2e67 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Wed, 30 Nov 2016 10:27:47 +0100 +Subject: [PATCH 47/47] glusterfs: allow partial reads + +This should deal with qemu bug #1644754 until upstream +decides which way to go. The general direction seems to be +away from sector based block APIs and with that in mind, and +when comparing to other network block backends (eg. nfs) +treating partial reads as errors doesn't seem to make much +sense. +--- + block/gluster.c | 10 +++++++++- + 1 file changed, 9 insertions(+), 1 deletion(-) + +diff --git a/block/gluster.c b/block/gluster.c +index 6dcf926..17c51ed 100644 +--- a/block/gluster.c ++++ b/block/gluster.c +@@ -39,6 +39,7 @@ typedef struct GlusterAIOCB { + QEMUBH *bh; + Coroutine *coroutine; + AioContext *aio_context; ++ bool is_write; + } GlusterAIOCB; + + typedef struct BDRVGlusterState { +@@ -623,8 +624,10 @@ static void gluster_finish_aiocb(struct glfs_fd *fd, ssize_t ret, void *arg) + acb->ret = 0; /* Success */ + } else if (ret < 0) { + acb->ret = -errno; /* Read/Write failed */ ++ } else if (acb->is_write) { ++ acb->ret = -EIO; /* Partial write - fail it */ + } else { +- acb->ret = -EIO; /* Partial read/write - fail it */ ++ acb->ret = 0; /* Success */ + } + + acb->bh = aio_bh_new(acb->aio_context, qemu_gluster_complete_aio, acb); +@@ -861,6 +864,7 @@ static coroutine_fn int qemu_gluster_co_pwrite_zeroes(BlockDriverState *bs, + acb.ret = 0; + acb.coroutine = qemu_coroutine_self(); + acb.aio_context = bdrv_get_aio_context(bs); ++ acb.is_write = true; + + ret = glfs_zerofill_async(s->fd, offset, size, gluster_finish_aiocb, &acb); + if (ret < 0) { +@@ -979,9 +983,11 @@ static coroutine_fn int qemu_gluster_co_rw(BlockDriverState *bs, + acb.aio_context = bdrv_get_aio_context(bs); + + if (write) { ++ acb.is_write = true; + ret = glfs_pwritev_async(s->fd, qiov->iov, qiov->niov, offset, 0, + gluster_finish_aiocb, &acb); + } else { ++ acb.is_write = false; + ret = glfs_preadv_async(s->fd, qiov->iov, qiov->niov, offset, 0, + gluster_finish_aiocb, &acb); + } +@@ -1044,6 +1050,7 @@ static coroutine_fn int qemu_gluster_co_flush_to_disk(BlockDriverState *bs) + acb.ret = 0; + acb.coroutine = qemu_coroutine_self(); + acb.aio_context = bdrv_get_aio_context(bs); ++ acb.is_write = true; + + ret = glfs_fsync_async(s->fd, gluster_finish_aiocb, &acb); + if (ret < 0) { +@@ -1090,6 +1097,7 @@ static coroutine_fn int qemu_gluster_co_pdiscard(BlockDriverState *bs, + acb.ret = 0; + acb.coroutine = qemu_coroutine_self(); + acb.aio_context = bdrv_get_aio_context(bs); ++ acb.is_write = true; + + ret = glfs_discard_async(s->fd, offset, size, gluster_finish_aiocb, &acb); + if (ret < 0) { +-- +2.1.4 + diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 0000000..ff76828 --- /dev/null +++ b/debian/patches/series @@ -0,0 +1,97 @@ +pve/0001-fr-ca-keymap-corrections.patch +pve/0002-Adjust-network-script-path-to-etc-kvm.patch +pve/0003-vnc-altgr-emulation.patch +pve/0004-qemu-img-return-success-on-info-without-snapshots.patch +pve/0005-use-kvm-by-default.patch +pve/0006-virtio-balloon-fix-query.patch +pve/0007-set-the-CPU-model-to-kvm64-32-instead-of-qemu64-32.patch +pve/0008-qapi-modify-query-machines.patch +pve/0009-qapi-modify-spice-query.patch +pve/0010-ui-spice-default-to-pve-certs-unless-otherwise-speci.patch +pve/0011-introduce-new-vma-archive-format.patch +pve/0012-vma-add-verify-command.patch +pve/0013-vma-add-config-command-to-dump-the-config.patch +pve/0014-backup-modify-job-api.patch +pve/0015-backup-add-pve-monitor-commands.patch +pve/0016-backup-vma-add-dir-format.patch +pve/0017-backup-do-not-return-errors-in-dump-callback.patch +pve/0018-backup-vma-correctly-propagate-error.patch +pve/0019-backup-vma-remove-async-queue.patch +pve/0020-backup-vma-run-flush-inside-coroutine.patch +pve/0021-backup-do-not-use-bdrv_drain_all.patch +pve/0022-internal-snapshot-async.patch +pve/0023-backup-vma-allow-empty-backups.patch +pve/0024-qmp-add-get_link_status.patch +pve/0025-smm_available-false.patch +pve/0026-use-whitespace-between-VERSION-and-PKGVERSION.patch +pve/0027-vma-add-firewall.patch +pve/0028-savevm-async-migration-and-bdrv_open-update.patch +pve/0029-vnc-make-x509-imply-tls-again.patch +pve/0030-PVE-VNC-authentication.patch +pve/0031-vma-writer-don-t-bail-out-on-zero-length-files.patch +pve/0032-vma-better-driver-guessing-for-bdrv_open.patch +pve/0033-block-add-the-zeroinit-block-driver-filter.patch +pve/0034-vma-add-format-option-to-device-mapping.patch +pve/0035-fix-possible-unitialised-return-value.patch +pve/0036-vnc-refactor-to-QIOChannelSocket.patch +pve/0037-vma-use-BlockBackend-on-extract.patch +pve/0038-vma-byte-based-write-calls.patch +pve/0039-rbd-disable-rbd_cache_writethrough_until_flush-with-.patch +pve/0040-enable-cache-unsafe-for-vma-extract_content-and-qmp_.patch +pve/0041-savevm-async-updates.patch +pve/0042-qmp_snapshot_drive-add-aiocontext.patch +pve/0043-vma-sizes-passed-to-blk_co_preadv-should-be-bytes-no.patch +pve/0044-glusterfs-daemonize.patch +pve/0045-qmp_delete_drive_snapshot-add-aiocontext.patch +pve/0046-convert-savevm-async-to-threads.patch +pve/0047-glusterfs-allow-partial-reads.patch +#see https://bugs.launchpad.net/qemu/+bug/1488363?comments=all +extra/x86-lapic-Load-LAPIC-state-at-post_load.patch +extra/0001-Revert-target-i386-disable-LINT0-after-reset.patch +extra/0002-net-vmxnet-initialise-local-tx-descriptor.patch +extra/0003-net-limit-allocation-in-nc_sendv_compat.patch +extra/CVE-2016-7156-scsi-pvscsi-avoid-infinite-loop-while-building-SG-li.patch +extra/CVE-2016-7170-vmsvga-correct-bitmap-and-pixmap-size-checks.patch +extra/CVE-2016-7422-virtio-add-check-for-descriptor-s-mapped-address.patch +extra/CVE-2016-7466-usb-xhci-fix-memory-leak-in-usb_xhci_exit.patch +extra/CVE-2016-7907-net-imx-limit-buffer-descriptor-count.patch +extra/CVE-2016-7908-net-mcf-limit-buffer-descriptor-count.patch +extra/CVE-2016-7909-net-pcnet-check-rx-tx-descriptor-ring-length.patch +extra/CVE-2016-7994-virtio-gpu-fix-memory-leak-in-virtio_gpu_resource_cr.patch +extra/CVE-2016-7995-usb-ehci-fix-memory-leak-in-ehci_process_itd.patch +extra/CVE-2016-8576-xhci-limit-the-number-of-link-trbs-we-are-willing-to.patch +extra/CVE-2016-8577-9pfs-fix-potential-host-memory-leak-in-v9fs_read.patch +extra/CVE-2016-8578-9pfs-allocate-space-for-guest-originated-empty-strin.patch +extra/CVE-2016-8668-net-rocker-set-limit-to-DMA-buffer-size.patch +extra/CVE-2016-8669-char-serial-check-divider-value-against-baud-base.patch +extra/CVE-2016-8909-audio-intel-hda-check-stream-entry-count-during-tran.patch +extra/CVE-2016-9103-9pfs-fix-information-leak-in-xattr-read.patch +extra/CVE-2016-9101-net-eepro100-fix-memory-leak-in-device-uninit.patch +extra/CVE-2016-9105-9pfs-fix-memory-leak-in-v9fs_link.patch +extra/CVE-2016-9102-9pfs-fix-memory-leak-in-v9fs_xattrcreate.patch +extra/CVE-2016-9106-9pfs-fix-memory-leak-in-v9fs_write.patch +extra/CVE-2016-9104-9pfs-fix-integer-overflow-issue-in-xattr-read-write.patch +extra/CVE-2016-9776-net-mcf-check-receive-buffer-size-register-value.patch +extra/CVE-2016-9845-virtio-gpu-fix-information-leak-in-getting-capset-in.patch +extra/CVE-2016-9846-virtio-gpu-fix-memory-leak-in-update_cursor_data_vir.patch +extra/CVE-2016-9907-usbredir-free-vm_change_state_handler-in-usbredir-de.patch +extra/CVE-2016-9908-virtio-gpu-fix-information-leak-in-capset-get-dispat.patch +extra/CVE-2016-9911-usb-ehci-fix-memory-leak-in-ehci_init_transfer.patch +extra/CVE-2016-9912-virtio-gpu-call-cleanup-mapping-function-in-resource.patch +extra/CVE-2016-9913-9pfs-adjust-the-order-of-resource-cleanup-in-device-.patch +extra/CVE-2016-9914-9pfs-add-cleanup-operation-in-FileOperations.patch +extra/CVE-2016-9915-9pfs-add-cleanup-operation-for-handle-backend-driver.patch +extra/CVE-2016-9916-9pfs-add-cleanup-operation-for-proxy-backend-driver.patch +extra/CVE-2016-9921-display-cirrus-check-vga-bits-per-pixel-bpp-value.patch +extra/0001-display-cirrus-ignore-source-pitch-value-as-needed-i.patch +extra/0001-cirrus-handle-negative-pitch-in-cirrus_invalidate_re.patch +extra/0002-cirrus-allow-zero-source-pitch-in-pattern-fill-rops.patch +extra/0003-cirrus-fix-blit-address-mask-handling.patch +extra/0004-cirrus-fix-oob-access-issue-CVE-2017-2615.patch +extra/CVE-2016-10028-display-virtio-gpu-3d-check-virgl-capabilities-max_s.patch +extra/CVE-2016-10155-watchdog-6300esb-add-exit-function.patch +extra/0003-sd-sdhci-check-transfer-mode-register-in-multi-block.patch +extra/0004-sd-sdhci-block-count-enable-not-relevant-in-single-b.patch +extra/0001-cirrus-fix-patterncopy-checks.patch +extra/0002-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil.patch +extra/CVE-2017-2620_cirrus_add_blit_is_unsafe_call_to_cirrus_bitblt_cputovideo.patch diff --git a/debian/postinst b/debian/postinst new file mode 100755 index 0000000..ddf9452 --- /dev/null +++ b/debian/postinst @@ -0,0 +1,66 @@ +#!/bin/bash + +# Abort if any command returns an error value +set -e + +case "$1" in + configure) + + # remove stale /etc/qemu (files are in /etc/kvm) + # file is now in /usr/share/kvm/cpus-x86_64.conf + rm -f /etc/qemu/target-x86_64.conf + if test -d /etc/qemu; then rmdir /etc/qemu; fi + rm -f /etc/kvm/target-x86_64.conf + + # There are three sub-cases: + if test "${2+set}" != set; then + # We're being installed by an ancient dpkg which doesn't remember + # which version was most recently configured, or even whether + # there is a most recently configured version. + : + + elif test -z "$2" -o "$2" = ""; then + # The package has not ever been configured on this system, or was + # purged since it was last configured. + : + + else + # Version $2 is the most recently configured version of this + # package. + : + + fi ;; + abort-upgrade) + # Back out of an attempt to upgrade this package FROM THIS VERSION + # to version $2. Undo the effects of "prerm upgrade $2". + : + + ;; + abort-remove) + if test "$2" != in-favour; then + echo "$0: undocumented call to \`postinst $*'" 1>&2 + exit 0 + fi + # Back out of an attempt to remove this package, which was due to + # a conflict with package $3 (version $4). Undo the effects of + # "prerm remove in-favour $3 $4". + : + + ;; + abort-deconfigure) + if test "$2" != in-favour -o "$5" != removing; then + echo "$0: undocumented call to \`postinst $*'" 1>&2 + exit 0 + fi + # Back out of an attempt to deconfigure this package, which was + # due to package $6 (version $7) which we depend on being removed + # to make way for package $3 (version $4). Undo the effects of + # "prerm deconfigure in-favour $3 $4 removing $6 $7". + : + + ;; + *) echo "$0: didn't understand being called with \`$1'" 1>&2 + exit 0;; +esac + +exit 0 diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..26a06a7 --- /dev/null +++ b/debian/rules @@ -0,0 +1,145 @@ +#!/usr/bin/make -f +# -*- makefile -*- +# Sample debian/rules that uses debhelper. +# This file was originally written by Joey Hess and Craig Small. +# As a special exception, when this file is copied by dh-make into a +# dh-make output file, you may use that output file without restriction. +# This special exception was added by Craig Small in version 0.37 of dh-make. + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + + +# These are used for cross-compiling and for saving the configure script +# from having to guess our platform (since we know it already) +DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) +DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) + +PACKAGE=pve-qemu-kvm +destdir := $(CURDIR)/debian/$(PACKAGE) + +ifneq "$(wildcard /usr/share/quilt/quilt.make)" "" +include /usr/share/quilt/quilt.make +endif + +CFLAGS = -Wall + +ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) + CFLAGS += -O0 +else + CFLAGS += -O2 +endif + +config.status: configure + dh_testdir + # Add here commands to configure the package. + ./configure --with-confsuffix="/kvm" --target-list=x86_64-softmmu --prefix=/usr --datadir=/usr/share --docdir=/usr/share/doc/pve-qemu-kvm --sysconfdir=/etc --localstatedir=/var --disable-xen --enable-gnutls --enable-sdl --enable-uuid --enable-linux-aio --enable-rbd --enable-libiscsi --disable-smartcard --audio-drv-list="alsa" --enable-spice --enable-usb-redir --enable-glusterfs --enable-libusb --disable-gtk --enable-xfsctl --enable-numa --disable-strip --enable-jemalloc --disable-libnfs --disable-fdt + +build: patch build-stamp + +build-stamp: config.status + dh_testdir + + # Add here commands to compile the package. + $(MAKE) + + #docbook-to-man debian/kvm.sgml > kvm.1 + + touch $@ + +clean: unpatch + dh_testdir + dh_testroot + rm -f build-stamp + + # Add here commands to clean up after the build process. + -$(MAKE) distclean +ifneq "$(wildcard /usr/share/misc/config.sub)" "" + cp -f /usr/share/misc/config.sub config.sub +endif +ifneq "$(wildcard /usr/share/misc/config.guess)" "" + cp -f /usr/share/misc/config.guess config.guess +endif + + + dh_clean + +install: build + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + + # Add here commands to install the package into debian/pve-kvm. + $(MAKE) DESTDIR=$(destdir) install + + mv $(destdir)/usr/bin/qemu-system-x86_64 $(destdir)/usr/bin/kvm + mv $(destdir)/usr/share/man/man1/qemu.1 $(destdir)/usr/share/man/man1/kvm.1 + + # Install the userspace utilities + install -s -m 0755 vma $(destdir)/usr/bin/ + + install -D -m 0755 $(CURDIR)/debian/kvm-ifup $(destdir)/etc/kvm/kvm-ifup + install -D -m 0755 $(CURDIR)/debian/kvm-ifdown $(destdir)/etc/kvm/kvm-ifdown + + #install ovmf uefi rom + install -D -m 0644 $(CURDIR)/debian/OVMF_CODE-pure-efi.fd $(destdir)/usr/share/kvm/OVMF_CODE-pure-efi.fd + install -D -m 0644 $(CURDIR)/debian/OVMF_VARS-pure-efi.fd $(destdir)/usr/share/kvm/OVMF_VARS-pure-efi.fd + + # we do not need openbios files (sparc/ppc) + rm -rf $(destdir)/usr/share/kvm/openbios-* + # remove ppc files + rm $(destdir)/usr/share/kvm/*.dtb + rm $(destdir)/usr/share/kvm/ppc_rom.bin + rm $(destdir)/usr/share/kvm/s390-ccw.img + rm $(destdir)/usr/share/kvm/slof.bin + rm $(destdir)/usr/share/kvm/spapr-rtas.bin + rm $(destdir)/usr/share/kvm/u-boot.e500 + # remove Aplha files + rm $(destdir)/usr/share/kvm/palcode-clipper + + # remove guest agent (that is only required for a guest) + rm $(destdir)/usr/bin/qemu-ga + + # Remove things we don't package at all, would be a "kvm-dev" package + rm -Rf $(destdir)/usr/include/linux/ + rm -Rf $(destdir)/usr/include + rm -Rf $(destdir)/usr/lib* + +# Build architecture-independent files here. +binary-indep: build install +# We have nothing to do by default. + +# Build architecture-dependent files here. +binary-arch: build install + dh_testdir + dh_testroot + dh_installchangelogs + dh_installdocs + dh_installexamples +# dh_install +# dh_installmenu +# dh_installdebconf +# dh_installlogrotate +# dh_installemacsen +# dh_installpam +# dh_installmime +# dh_python +# dh_installinit +# dh_installcron +# dh_installinfo + dh_installman + dh_link + dh_strip --dbg-package=pve-qemu-kvm-dbg + dh_compress + dh_fixperms +# dh_perl +# dh_makeshlibs + dh_installdeb + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary install diff --git a/efi-roms-1182.tar.xz b/efi-roms-1182.tar.xz new file mode 100644 index 0000000..d255c1b Binary files /dev/null and b/efi-roms-1182.tar.xz differ diff --git a/qemu b/qemu new file mode 160000 index 0000000..0d83fcc --- /dev/null +++ b/qemu @@ -0,0 +1 @@ +Subproject commit 0d83fccb4fb3140d21feeb37ba069ba71029aaa7 diff --git a/vma_spec.txt b/vma_spec.txt new file mode 100644 index 0000000..a99f5f9 --- /dev/null +++ b/vma_spec.txt @@ -0,0 +1,132 @@ += Virtual Machine Archive format (VMA) = + +This format contains a header which includes the VM configuration as +binary blobs, and a list of devices (dev_id, name). + +The actual VM image data is stored inside extents. An extent contains +up to 64 clusters, and start with a 512 byte header containing +additional information for those clusters. + +We use a cluster size of 65536, and use 8 bytes for each +cluster in the header to store the following information: + +* 1 byte dev_id (to identity the drive) +* 1 byte not used (reserved) +* 2 bytes zero indicator (mark zero regions (16x4096)) +* 4 bytes cluster number + +We only store non-zero blocks (such block is 4096 bytes). + +Each archive is marked with a uuid. The archive header and all +extent headers includes that uuid and a MD5 checksum (over header +data). + +All numbers in VMA archive are stored in Big Endian byte order. + +== VMA Header == + + Byte 0 - 3: magic + VMA magic string ("VMA\x00") + + 4 - 7: version + Version number (valid value is 1) + + 8 - 23: uuid + Unique ID, Same uuid is used to mark extents. + + 24 - 31: ctime + Backup time stamp (seconds since epoch) + + 32 - 47: md5sum + Header checksum (from byte 0 to header_size). This field + is filled with zero to generate the checksum. + + 48 - 51: blob_buffer_offset + Start of blob buffer (multiple of 512) + + 52 - 55: blob_buffer_size + Size of blob buffer (multiple of 512) + + 56 - 59: header_size + Overall size of this header (multiple of 512) + + 60 - 2043: reserved + + 2044 - 3067: uint32_t config_names[256] + Offsets into blob_buffer table + + 3068 - 4091: uint32_t config_data[256] + Offsets into blob_buffer table + + 4092 - 4095: reserved + + 4096 - 12287: VmaDeviceInfoHeader dev_info[256] + The offset in this table is used as 'dev_id' inside + the data streams. + + 12288 - header_size: Blob buffer + + +=== Devive Info Header (VmaDeviceInfoHeader) === + +This is use to store details about the contained disk images. + + Byte 0 - 3: devive name (offsets into blob_buffer table) + + 4 - 7: reserved + + 8 - 15: device size in bytes + + 16 - 31: reserved + +Note: Devive name 'vmstate' is reserved to store VM RAM state. + +=== Blob buffer === + +The blob buffer is used to store both configuration file names and +configuration data. + +This region contain a list of binary data blobs. Each blob starts with +a 2 byte size field, followed by the actual data. + +== Image Data Streams == + +The VMA header is followed by the image data stream. Image data is grouped +with extents, which contains up to 59 clusters from different images. + +=== VMA Extent Header === + + Byte 0 - 3: magic + VMA extent magic string ("VMAE") + + 4 - 5: reserved + + 6 - 7: block_count + Overall number of contained 4K block + + 8 - 23: uuid + Unique ID, Same uuid as used in the VMA header. + + 24 - 39: md5sum + Header checksum (from byte 0 to header_size). This field + is filled with zero to generate the checksum. + + 40 - 511: blockinfo[59] + + +Each 'blockinfo' (8 bytes) give further details about contained clusters: + + Byte 0 - 1: mask + Bitmap used to indicate non-zero 4K blocks inside the + cluster. + + 2: reserved + + 3: dev_id + Device ID (offset into dev_info table) + + 4 - 7: cluster_num + +The extend header if followed by the actual cluster data, where we only +store non-zero 4K blocks. +