mirror of
				https://github.com/kata-containers/kata-containers.git
				synced 2025-10-24 21:51:37 +00:00 
			
		
		
		
	packaging: Drop support for qemu < 5.0
We only test qemu 5.2 in the CI (5.1 for ARM), and I believe we already have some subtle dependencies that will stop things working on older qemu versions. We just updated govmm to a version that explicitly only works with qemu 5.0 and later, so we can drop stale checks for older qemu versions. More specifically that means we can drop patches for older qemu versions, and remove checks for older qemu versions from configure-hypervisor.sh. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
This commit is contained in:
		| @@ -1,98 +0,0 @@ | |||||||
| From 894a8ae5524fff4ad9d3551c515788c5650e1fc7 Mon Sep 17 00:00:00 2001 |  | ||||||
| From: Yang Zhong <yang.zhong@intel.com> |  | ||||||
| Date: Wed, 28 Mar 2018 20:14:53 +0800 |  | ||||||
| Subject: [PATCH 1/2] 9p: removing coroutines of 9p to increase the I/O |  | ||||||
|  performance |  | ||||||
|  |  | ||||||
| This is a quick workaround, need to be fixed. |  | ||||||
|  |  | ||||||
| Signed-off-by: Chao Peng <chao.p.peng@linux.intel.com> |  | ||||||
| --- |  | ||||||
|  hw/9pfs/9p.c   | 12 +++++------- |  | ||||||
|  hw/9pfs/9p.h   |  6 +++--- |  | ||||||
|  hw/9pfs/coth.h |  3 +++ |  | ||||||
|  3 files changed, 11 insertions(+), 10 deletions(-) |  | ||||||
|  |  | ||||||
| diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c |  | ||||||
| index 55821343e5..c5f089860d 100644 |  | ||||||
| --- a/hw/9pfs/9p.c |  | ||||||
| +++ b/hw/9pfs/9p.c |  | ||||||
| @@ -690,10 +690,7 @@ static void coroutine_fn pdu_complete(V9fsPDU *pdu, ssize_t len) |  | ||||||
|  out_notify: |  | ||||||
|      pdu->s->transport->push_and_notify(pdu); |  | ||||||
|   |  | ||||||
| -    /* Now wakeup anybody waiting in flush for this request */ |  | ||||||
| -    if (!qemu_co_queue_next(&pdu->complete)) { |  | ||||||
| -        pdu_free(pdu); |  | ||||||
| -    } |  | ||||||
| +    pdu_free(pdu); |  | ||||||
|  } |  | ||||||
|   |  | ||||||
|  static mode_t v9mode_to_mode(uint32_t mode, V9fsString *extension) |  | ||||||
| @@ -3525,7 +3522,7 @@ static inline bool is_read_only_op(V9fsPDU *pdu) |  | ||||||
|   |  | ||||||
|  void pdu_submit(V9fsPDU *pdu, P9MsgHeader *hdr) |  | ||||||
|  { |  | ||||||
| -    Coroutine *co; |  | ||||||
| +//    Coroutine *co; |  | ||||||
|      CoroutineEntry *handler; |  | ||||||
|      V9fsState *s = pdu->s; |  | ||||||
|   |  | ||||||
| @@ -3543,8 +3540,9 @@ void pdu_submit(V9fsPDU *pdu, P9MsgHeader *hdr) |  | ||||||
|      } |  | ||||||
|   |  | ||||||
|      qemu_co_queue_init(&pdu->complete); |  | ||||||
| -    co = qemu_coroutine_create(handler, pdu); |  | ||||||
| -    qemu_coroutine_enter(co); |  | ||||||
| +    handler(pdu); |  | ||||||
| +    //co = qemu_coroutine_create(handler, pdu); |  | ||||||
| +    //qemu_coroutine_enter(co); |  | ||||||
|  } |  | ||||||
|   |  | ||||||
|  /* Returns 0 on success, 1 on failure. */ |  | ||||||
| diff --git a/hw/9pfs/9p.h b/hw/9pfs/9p.h |  | ||||||
| index 8883761b2c..24aeba03f7 100644 |  | ||||||
| --- a/hw/9pfs/9p.h |  | ||||||
| +++ b/hw/9pfs/9p.h |  | ||||||
| @@ -320,21 +320,21 @@ extern int total_open_fd; |  | ||||||
|  static inline void v9fs_path_write_lock(V9fsState *s) |  | ||||||
|  { |  | ||||||
|      if (s->ctx.export_flags & V9FS_PATHNAME_FSCONTEXT) { |  | ||||||
| -        qemu_co_rwlock_wrlock(&s->rename_lock); |  | ||||||
| +    //    qemu_co_rwlock_wrlock(&s->rename_lock); |  | ||||||
|      } |  | ||||||
|  } |  | ||||||
|   |  | ||||||
|  static inline void v9fs_path_read_lock(V9fsState *s) |  | ||||||
|  { |  | ||||||
|      if (s->ctx.export_flags & V9FS_PATHNAME_FSCONTEXT) { |  | ||||||
| -        qemu_co_rwlock_rdlock(&s->rename_lock); |  | ||||||
| +     //   qemu_co_rwlock_rdlock(&s->rename_lock); |  | ||||||
|      } |  | ||||||
|  } |  | ||||||
|   |  | ||||||
|  static inline void v9fs_path_unlock(V9fsState *s) |  | ||||||
|  { |  | ||||||
|      if (s->ctx.export_flags & V9FS_PATHNAME_FSCONTEXT) { |  | ||||||
| -        qemu_co_rwlock_unlock(&s->rename_lock); |  | ||||||
| +     //   qemu_co_rwlock_unlock(&s->rename_lock); |  | ||||||
|      } |  | ||||||
|  } |  | ||||||
|   |  | ||||||
| diff --git a/hw/9pfs/coth.h b/hw/9pfs/coth.h |  | ||||||
| index 19e4d9287e..728a25865d 100644 |  | ||||||
| --- a/hw/9pfs/coth.h |  | ||||||
| +++ b/hw/9pfs/coth.h |  | ||||||
| @@ -47,6 +47,9 @@ |  | ||||||
|          qemu_coroutine_yield();                                         \ |  | ||||||
|      } while (0) |  | ||||||
|   |  | ||||||
| +#undef v9fs_co_run_in_worker |  | ||||||
| +#define v9fs_co_run_in_worker(code_block) do {code_block} while(0); |  | ||||||
| + |  | ||||||
|  void co_run_in_worker_bh(void *); |  | ||||||
|  int coroutine_fn v9fs_co_readlink(V9fsPDU *, V9fsPath *, V9fsString *); |  | ||||||
|  int coroutine_fn v9fs_co_readdir(V9fsPDU *, V9fsFidState *, struct dirent **); |  | ||||||
| --  |  | ||||||
| 2.17.2 |  | ||||||
|  |  | ||||||
| @@ -1,73 +0,0 @@ | |||||||
| From b17fbbe55cba95ad323b27c2f9f3e22eb6364d4b Mon Sep 17 00:00:00 2001 |  | ||||||
| From: Peng Tao <tao.peng@linux.alibaba.com> |  | ||||||
| Date: Fri, 14 Jun 2019 14:35:13 +0800 |  | ||||||
| Subject: [PATCH] migration: allow private destination ram with x-ignore-shared |  | ||||||
|  |  | ||||||
| By removing the share ram check, qemu is able to migrate |  | ||||||
| to private destination ram when x-ignore-shared capability |  | ||||||
| is on. Then we can create multiple destination VMs based |  | ||||||
| on the same source VM. |  | ||||||
|  |  | ||||||
| This changes the x-ignore-shared migration capability to |  | ||||||
| work similar to Lai's original bypass-shared-memory |  | ||||||
| work(https://lists.gnu.org/archive/html/qemu-devel/2018-04/msg00003.html) |  | ||||||
| which enables kata containers (https://katacontainers.io) |  | ||||||
| to implement the VM templating feature. |  | ||||||
|  |  | ||||||
| An example usage in kata containers(https://katacontainers.io): |  | ||||||
| 1. Start the source VM: |  | ||||||
|    qemu-system-x86 -m 2G \ |  | ||||||
|      -object memory-backend-file,id=mem0,size=2G,share=on,mem-path=/tmpfs/template-memory \ |  | ||||||
|      -numa node,memdev=mem0 |  | ||||||
| 2. Stop the template VM, set migration x-ignore-shared capability, |  | ||||||
|    migrate "exec:cat>/tmpfs/state", quit it |  | ||||||
| 3. Start target VM: |  | ||||||
|    qemu-system-x86 -m 2G \ |  | ||||||
|      -object memory-backend-file,id=mem0,size=2G,share=off,mem-path=/tmpfs/template-memory \ |  | ||||||
|      -numa node,memdev=mem0 \ |  | ||||||
|      -incoming defer |  | ||||||
| 4. connect to target VM qmp, set migration x-ignore-shared capability, |  | ||||||
| migrate_incoming "exec:cat /tmpfs/state" |  | ||||||
| 5. create more target VMs repeating 3 and 4 |  | ||||||
|  |  | ||||||
| Cc: Dr. David Alan Gilbert <dgilbert@redhat.com> |  | ||||||
| Cc: Yury Kotov <yury-kotov@yandex-team.ru> |  | ||||||
| Cc: Jiangshan Lai <laijs@hyper.sh> |  | ||||||
| Cc: Xu Wang <xu@hyper.sh> |  | ||||||
| Signed-off-by: Peng Tao <tao.peng@linux.alibaba.com> |  | ||||||
| Reviewed-by: Juan Quintela <quintela@redhat.com> |  | ||||||
| Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> |  | ||||||
| Message-Id: <1560494113-1141-1-git-send-email-tao.peng@linux.alibaba.com> |  | ||||||
| Signed-off-by: Juan Quintela <quintela@redhat.com> |  | ||||||
| --- |  | ||||||
|  migration/ram.c | 7 ------- |  | ||||||
|  1 file changed, 7 deletions(-) |  | ||||||
|  |  | ||||||
| diff --git a/migration/ram.c b/migration/ram.c |  | ||||||
| index 8a6ad61d3d..8622b4dc49 100644 |  | ||||||
| --- a/migration/ram.c |  | ||||||
| +++ b/migration/ram.c |  | ||||||
| @@ -3426,7 +3426,6 @@ static int ram_save_setup(QEMUFile *f, void *opaque) |  | ||||||
|          } |  | ||||||
|          if (migrate_ignore_shared()) { |  | ||||||
|              qemu_put_be64(f, block->mr->addr); |  | ||||||
| -            qemu_put_byte(f, ramblock_is_ignored(block) ? 1 : 0); |  | ||||||
|          } |  | ||||||
|      } |  | ||||||
|   |  | ||||||
| @@ -4393,12 +4392,6 @@ static int ram_load(QEMUFile *f, void *opaque, int version_id) |  | ||||||
|                      } |  | ||||||
|                      if (migrate_ignore_shared()) { |  | ||||||
|                          hwaddr addr = qemu_get_be64(f); |  | ||||||
| -                        bool ignored = qemu_get_byte(f); |  | ||||||
| -                        if (ignored != ramblock_is_ignored(block)) { |  | ||||||
| -                            error_report("RAM block %s should %s be migrated", |  | ||||||
| -                                         id, ignored ? "" : "not"); |  | ||||||
| -                            ret = -EINVAL; |  | ||||||
| -                        } |  | ||||||
|                          if (ramblock_is_ignored(block) && |  | ||||||
|                              block->mr->addr != addr) { |  | ||||||
|                              error_report("Mismatched GPAs for block %s " |  | ||||||
| --  |  | ||||||
| 2.17.1 |  | ||||||
|  |  | ||||||
| @@ -1,43 +0,0 @@ | |||||||
| From bf71d7d8e04e85517578c021804c77739f9fed72 Mon Sep 17 00:00:00 2001 |  | ||||||
| From: Julio Montes <julio.montes@intel.com> |  | ||||||
| Date: Mon, 8 Jul 2019 21:19:36 +0000 |  | ||||||
| Subject: [PATCH] memory-backend-file/nvdimm: support read-only files as |  | ||||||
|  memory-backends |  | ||||||
|  |  | ||||||
| Currently is not possible to use a file that is part of a read-only |  | ||||||
| filesystem as memory backend for nvdimm devices, even if this is not modified |  | ||||||
| in the guest. In order to improve the security of Virtual Machines that share |  | ||||||
| and do not modify the memory-backend-file, QEMU should support |  | ||||||
| read-only memory-backeds. |  | ||||||
|  |  | ||||||
| Use case: |  | ||||||
| * Kata Containers use a memory-backed-file as read-only rootfs, and this |  | ||||||
|   file is used to start all the virtual machines in the node. |  | ||||||
|   It would be really bad if somehow a malicious container modified it. |  | ||||||
|  |  | ||||||
| Signed-off-by: Julio Montes <julio.montes@intel.com> |  | ||||||
| Message-Id: <20190708211936.8037-1-julio.montes@intel.com> |  | ||||||
| --- |  | ||||||
|  exec.c | 6 ++++++ |  | ||||||
|  1 file changed, 6 insertions(+) |  | ||||||
|  |  | ||||||
| diff --git a/exec.c b/exec.c |  | ||||||
| index 3e78de3b8f..a1b6f939fb 100644 |  | ||||||
| --- a/exec.c |  | ||||||
| +++ b/exec.c |  | ||||||
| @@ -1865,6 +1865,12 @@ static int file_ram_open(const char *path, |  | ||||||
|                  break; |  | ||||||
|              } |  | ||||||
|              g_free(filename); |  | ||||||
| +        } else if (errno == EROFS) { |  | ||||||
| +            fd = open(path, O_RDONLY); |  | ||||||
| +            if (fd >= 0) { |  | ||||||
| +                /* @path names an existing read-only file, use it */ |  | ||||||
| +                break; |  | ||||||
| +            } |  | ||||||
|          } |  | ||||||
|          if (errno != EEXIST && errno != EINTR) { |  | ||||||
|              error_setg_errno(errp, errno, |  | ||||||
| --  |  | ||||||
| 2.17.2 |  | ||||||
|  |  | ||||||
| @@ -1,98 +0,0 @@ | |||||||
| From 493163ca322c87860492328c7898064051321c67 Mon Sep 17 00:00:00 2001 |  | ||||||
| From: Yang Zhong <yang.zhong@intel.com> |  | ||||||
| Date: Wed, 28 Mar 2018 20:14:53 +0800 |  | ||||||
| Subject: [PATCH 1/3] 9p: removing coroutines of 9p to increase the I/O |  | ||||||
|  performance |  | ||||||
|  |  | ||||||
| This is a quick workaround, need to be fixed. |  | ||||||
|  |  | ||||||
| Signed-off-by: Chao Peng <chao.p.peng@linux.intel.com> |  | ||||||
| --- |  | ||||||
|  hw/9pfs/9p.c   | 12 +++++------- |  | ||||||
|  hw/9pfs/9p.h   |  6 +++--- |  | ||||||
|  hw/9pfs/coth.h |  3 +++ |  | ||||||
|  3 files changed, 11 insertions(+), 10 deletions(-) |  | ||||||
|  |  | ||||||
| diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c |  | ||||||
| index 55821343e5..c5f089860d 100644 |  | ||||||
| --- a/hw/9pfs/9p.c |  | ||||||
| +++ b/hw/9pfs/9p.c |  | ||||||
| @@ -690,10 +690,7 @@ static void coroutine_fn pdu_complete(V9fsPDU *pdu, ssize_t len) |  | ||||||
|  out_notify: |  | ||||||
|      pdu->s->transport->push_and_notify(pdu); |  | ||||||
|   |  | ||||||
| -    /* Now wakeup anybody waiting in flush for this request */ |  | ||||||
| -    if (!qemu_co_queue_next(&pdu->complete)) { |  | ||||||
| -        pdu_free(pdu); |  | ||||||
| -    } |  | ||||||
| +    pdu_free(pdu); |  | ||||||
|  } |  | ||||||
|   |  | ||||||
|  static mode_t v9mode_to_mode(uint32_t mode, V9fsString *extension) |  | ||||||
| @@ -3525,7 +3522,7 @@ static inline bool is_read_only_op(V9fsPDU *pdu) |  | ||||||
|   |  | ||||||
|  void pdu_submit(V9fsPDU *pdu, P9MsgHeader *hdr) |  | ||||||
|  { |  | ||||||
| -    Coroutine *co; |  | ||||||
| +//    Coroutine *co; |  | ||||||
|      CoroutineEntry *handler; |  | ||||||
|      V9fsState *s = pdu->s; |  | ||||||
|   |  | ||||||
| @@ -3543,8 +3540,9 @@ void pdu_submit(V9fsPDU *pdu, P9MsgHeader *hdr) |  | ||||||
|      } |  | ||||||
|   |  | ||||||
|      qemu_co_queue_init(&pdu->complete); |  | ||||||
| -    co = qemu_coroutine_create(handler, pdu); |  | ||||||
| -    qemu_coroutine_enter(co); |  | ||||||
| +    handler(pdu); |  | ||||||
| +    //co = qemu_coroutine_create(handler, pdu); |  | ||||||
| +    //qemu_coroutine_enter(co); |  | ||||||
|  } |  | ||||||
|   |  | ||||||
|  /* Returns 0 on success, 1 on failure. */ |  | ||||||
| diff --git a/hw/9pfs/9p.h b/hw/9pfs/9p.h |  | ||||||
| index 8883761b2c..24aeba03f7 100644 |  | ||||||
| --- a/hw/9pfs/9p.h |  | ||||||
| +++ b/hw/9pfs/9p.h |  | ||||||
| @@ -320,21 +320,21 @@ extern int total_open_fd; |  | ||||||
|  static inline void v9fs_path_write_lock(V9fsState *s) |  | ||||||
|  { |  | ||||||
|      if (s->ctx.export_flags & V9FS_PATHNAME_FSCONTEXT) { |  | ||||||
| -        qemu_co_rwlock_wrlock(&s->rename_lock); |  | ||||||
| +    //    qemu_co_rwlock_wrlock(&s->rename_lock); |  | ||||||
|      } |  | ||||||
|  } |  | ||||||
|   |  | ||||||
|  static inline void v9fs_path_read_lock(V9fsState *s) |  | ||||||
|  { |  | ||||||
|      if (s->ctx.export_flags & V9FS_PATHNAME_FSCONTEXT) { |  | ||||||
| -        qemu_co_rwlock_rdlock(&s->rename_lock); |  | ||||||
| +     //   qemu_co_rwlock_rdlock(&s->rename_lock); |  | ||||||
|      } |  | ||||||
|  } |  | ||||||
|   |  | ||||||
|  static inline void v9fs_path_unlock(V9fsState *s) |  | ||||||
|  { |  | ||||||
|      if (s->ctx.export_flags & V9FS_PATHNAME_FSCONTEXT) { |  | ||||||
| -        qemu_co_rwlock_unlock(&s->rename_lock); |  | ||||||
| +     //   qemu_co_rwlock_unlock(&s->rename_lock); |  | ||||||
|      } |  | ||||||
|  } |  | ||||||
|   |  | ||||||
| diff --git a/hw/9pfs/coth.h b/hw/9pfs/coth.h |  | ||||||
| index 19e4d9287e..728a25865d 100644 |  | ||||||
| --- a/hw/9pfs/coth.h |  | ||||||
| +++ b/hw/9pfs/coth.h |  | ||||||
| @@ -47,6 +47,9 @@ |  | ||||||
|          qemu_coroutine_yield();                                         \ |  | ||||||
|      } while (0) |  | ||||||
|   |  | ||||||
| +#undef v9fs_co_run_in_worker |  | ||||||
| +#define v9fs_co_run_in_worker(code_block) do {code_block} while(0); |  | ||||||
| + |  | ||||||
|  void co_run_in_worker_bh(void *); |  | ||||||
|  int coroutine_fn v9fs_co_readlink(V9fsPDU *, V9fsPath *, V9fsString *); |  | ||||||
|  int coroutine_fn v9fs_co_readdir(V9fsPDU *, V9fsFidState *, struct dirent **); |  | ||||||
| --  |  | ||||||
| 2.17.2 |  | ||||||
|  |  | ||||||
| @@ -1,45 +0,0 @@ | |||||||
| From f116c58ab18762b1fdf5b5908af8612bf933d159 Mon Sep 17 00:00:00 2001 |  | ||||||
| From: Julio Montes <julio.montes@intel.com> |  | ||||||
| Date: Mon, 8 Jul 2019 21:19:36 +0000 |  | ||||||
| Subject: [PATCH 2/3] memory-backend-file/nvdimm: support read-only files as |  | ||||||
|  memory-backends |  | ||||||
|  |  | ||||||
| Currently it is not possible to use a file that is part of a read-only |  | ||||||
| filesystem as memory backend for nvdimm devices, even if the file itself  |  | ||||||
| is not modified in the guest. Same goes for files that do not have write access. |  | ||||||
| In order to improve the security of Virtual Machines that share |  | ||||||
| and do not modify the memory-backend-file, QEMU should support |  | ||||||
| read-only memory-backends. |  | ||||||
|  |  | ||||||
| Use case: |  | ||||||
| * Kata Containers use a memory-backed-file as read-only rootfs, and this |  | ||||||
|   file is used to start all the virtual machines in the node. |  | ||||||
|   It would be really bad if somehow a malicious container modified it. |  | ||||||
|  |  | ||||||
| Signed-off-by: Julio Montes <julio.montes@intel.com> |  | ||||||
| Signed-off-by: Archana Shinde <archana.m.shinde@intel.com> |  | ||||||
| Message-Id: <20190708211936.8037-1-julio.montes@intel.com> |  | ||||||
| --- |  | ||||||
|  exec.c | 6 ++++++ |  | ||||||
|  1 file changed, 6 insertions(+) |  | ||||||
|  |  | ||||||
| diff --git a/exec.c b/exec.c |  | ||||||
| index 3e78de3b8f..a1b6f939fb 100644 |  | ||||||
| --- a/exec.c |  | ||||||
| +++ b/exec.c |  | ||||||
| @@ -1865,6 +1865,12 @@ static int file_ram_open(const char *path, |  | ||||||
|                  break; |  | ||||||
|              } |  | ||||||
|              g_free(filename); |  | ||||||
| +        } else if (errno == EROFS || errno == EACCES) { |  | ||||||
| +            fd = open(path, O_RDONLY); |  | ||||||
| +            if (fd >= 0) { |  | ||||||
| +                /* @path names an existing read-only file, use it */ |  | ||||||
| +                break; |  | ||||||
| +            } |  | ||||||
|          } |  | ||||||
|          if (errno != EEXIST && errno != EINTR) { |  | ||||||
|              error_setg_errno(errp, errno, |  | ||||||
| --  |  | ||||||
| 2.17.2 |  | ||||||
|  |  | ||||||
| @@ -1,71 +0,0 @@ | |||||||
| From 19ec1516315083bb609a6683271dc19adb464522 Mon Sep 17 00:00:00 2001 |  | ||||||
| From: Cleber Rosa <crosa@redhat.com> |  | ||||||
| Date: Mon, 26 Aug 2019 11:58:32 -0400 |  | ||||||
| Subject: [PATCH 3/3] configure: more resilient Python version capture |  | ||||||
|  |  | ||||||
| The current approach to capture the Python version is fragile, as it |  | ||||||
| was demonstrated by a very specific build of Python 3 on Fedora 29 |  | ||||||
| that, under non-interactive shells would print multiline version |  | ||||||
| information. |  | ||||||
|  |  | ||||||
| The (badly) stripped version output would be sent to config-host.mak, |  | ||||||
| producing bad syntax and rendering the makefiles unusable.  Now, the |  | ||||||
| Python versions is printed by configure, but only a simple (and better |  | ||||||
| controlled variable) indicating whether the build system is using |  | ||||||
| Python 2 is kept on config-host.mak. |  | ||||||
|  |  | ||||||
| Signed-off-by: Cleber Rosa <crosa@redhat.com> |  | ||||||
|  |  | ||||||
| Message-Id: <20190826155832.17427-1-crosa@redhat.com> |  | ||||||
| Reviewed-by: Tony Nguyen <tony.nguyen@bt.com> |  | ||||||
| --- |  | ||||||
|  configure              | 5 +++-- |  | ||||||
|  tests/Makefile.include | 2 +- |  | ||||||
|  2 files changed, 4 insertions(+), 3 deletions(-) |  | ||||||
|  |  | ||||||
| diff --git a/configure b/configure |  | ||||||
| index 714e7fb6a1..0a6a617fa3 100755 |  | ||||||
| --- a/configure |  | ||||||
| +++ b/configure |  | ||||||
| @@ -1864,7 +1864,7 @@ if ! $python -c 'import sys; sys.exit(sys.version_info < (2,7))'; then |  | ||||||
|  fi |  | ||||||
|   |  | ||||||
|  # Preserve python version since some functionality is dependent on it |  | ||||||
| -python_version=$($python -V 2>&1 | sed -e 's/Python\ //') |  | ||||||
| +python_version=$($python -c 'import sys; print("%d.%d.%d" % (sys.version_info[0], sys.version_info[1], sys.version_info[2]))' 2>/dev/null) |  | ||||||
|   |  | ||||||
|  # Suppress writing compiled files |  | ||||||
|  python="$python -B" |  | ||||||
| @@ -6514,6 +6514,7 @@ if ! $python -c 'import sys; sys.exit(sys.version_info < (3,0))'; then |  | ||||||
|    echo |  | ||||||
|    echo "warning: Python 2 support is deprecated" >&2 |  | ||||||
|    echo "warning: Python 3 will be required for building future versions of QEMU" >&2 |  | ||||||
| +  python2="y" |  | ||||||
|  fi |  | ||||||
|   |  | ||||||
|  config_host_mak="config-host.mak" |  | ||||||
| @@ -7333,7 +7334,7 @@ echo "INSTALL_DATA=$install -c -m 0644" >> $config_host_mak |  | ||||||
|  echo "INSTALL_PROG=$install -c -m 0755" >> $config_host_mak |  | ||||||
|  echo "INSTALL_LIB=$install -c -m 0644" >> $config_host_mak |  | ||||||
|  echo "PYTHON=$python" >> $config_host_mak |  | ||||||
| -echo "PYTHON_VERSION=$python_version" >> $config_host_mak |  | ||||||
| +echo "PYTHON2=$python2" >> $config_host_mak |  | ||||||
|  echo "CC=$cc" >> $config_host_mak |  | ||||||
|  if $iasl -h > /dev/null 2>&1; then |  | ||||||
|    echo "IASL=$iasl" >> $config_host_mak |  | ||||||
| diff --git a/tests/Makefile.include b/tests/Makefile.include |  | ||||||
| index fd7fdb8658..fc67846431 100644 |  | ||||||
| --- a/tests/Makefile.include |  | ||||||
| +++ b/tests/Makefile.include |  | ||||||
| @@ -1132,7 +1132,7 @@ TESTS_RESULTS_DIR=$(BUILD_DIR)/tests/results |  | ||||||
|  AVOCADO_SHOW=app |  | ||||||
|  AVOCADO_TAGS=$(patsubst %-softmmu,-t arch:%, $(filter %-softmmu,$(TARGET_DIRS))) |  | ||||||
|   |  | ||||||
| -ifneq ($(findstring v2,"v$(PYTHON_VERSION)"),v2) |  | ||||||
| +ifneq ($(PYTHON2),y) |  | ||||||
|  $(TESTS_VENV_DIR): $(TESTS_VENV_REQ) |  | ||||||
|  	$(call quiet-command, \ |  | ||||||
|              $(PYTHON) -m venv --system-site-packages $@, \ |  | ||||||
| --  |  | ||||||
| 2.17.2 |  | ||||||
|  |  | ||||||
| @@ -1,98 +0,0 @@ | |||||||
| From 4400ea745b2a073186061a04dc07d90a8fb8a51f Mon Sep 17 00:00:00 2001 |  | ||||||
| From: Yang Zhong <yang.zhong@intel.com> |  | ||||||
| Date: Wed, 28 Mar 2018 20:14:53 +0800 |  | ||||||
| Subject: [PATCH 1/2] 9p: removing coroutines of 9p to increase the I/O |  | ||||||
|  performance |  | ||||||
|  |  | ||||||
| This is a quick workaround, need to be fixed. |  | ||||||
|  |  | ||||||
| Signed-off-by: Chao Peng <chao.p.peng@linux.intel.com> |  | ||||||
| --- |  | ||||||
|  hw/9pfs/9p.c   | 12 +++++------- |  | ||||||
|  hw/9pfs/9p.h   |  6 +++--- |  | ||||||
|  hw/9pfs/coth.h |  3 +++ |  | ||||||
|  3 files changed, 11 insertions(+), 10 deletions(-) |  | ||||||
|  |  | ||||||
| diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c |  | ||||||
| index 520177f40c..191c43e42d 100644 |  | ||||||
| --- a/hw/9pfs/9p.c |  | ||||||
| +++ b/hw/9pfs/9p.c |  | ||||||
| @@ -1082,10 +1082,7 @@ static void coroutine_fn pdu_complete(V9fsPDU *pdu, ssize_t len) |  | ||||||
|  out_notify: |  | ||||||
|      pdu->s->transport->push_and_notify(pdu); |  | ||||||
|   |  | ||||||
| -    /* Now wakeup anybody waiting in flush for this request */ |  | ||||||
| -    if (!qemu_co_queue_next(&pdu->complete)) { |  | ||||||
| -        pdu_free(pdu); |  | ||||||
| -    } |  | ||||||
| +    pdu_free(pdu); |  | ||||||
|  } |  | ||||||
|   |  | ||||||
|  static mode_t v9mode_to_mode(uint32_t mode, V9fsString *extension) |  | ||||||
| @@ -3968,7 +3965,7 @@ static inline bool is_read_only_op(V9fsPDU *pdu) |  | ||||||
|   |  | ||||||
|  void pdu_submit(V9fsPDU *pdu, P9MsgHeader *hdr) |  | ||||||
|  { |  | ||||||
| -    Coroutine *co; |  | ||||||
| +//    Coroutine *co; |  | ||||||
|      CoroutineEntry *handler; |  | ||||||
|      V9fsState *s = pdu->s; |  | ||||||
|   |  | ||||||
| @@ -3986,8 +3983,9 @@ void pdu_submit(V9fsPDU *pdu, P9MsgHeader *hdr) |  | ||||||
|      } |  | ||||||
|   |  | ||||||
|      qemu_co_queue_init(&pdu->complete); |  | ||||||
| -    co = qemu_coroutine_create(handler, pdu); |  | ||||||
| -    qemu_coroutine_enter(co); |  | ||||||
| +    handler(pdu); |  | ||||||
| +    //co = qemu_coroutine_create(handler, pdu); |  | ||||||
| +    //qemu_coroutine_enter(co); |  | ||||||
|  } |  | ||||||
|   |  | ||||||
|  /* Returns 0 on success, 1 on failure. */ |  | ||||||
| diff --git a/hw/9pfs/9p.h b/hw/9pfs/9p.h |  | ||||||
| index 3904f82901..30ecab2b2e 100644 |  | ||||||
| --- a/hw/9pfs/9p.h |  | ||||||
| +++ b/hw/9pfs/9p.h |  | ||||||
| @@ -380,21 +380,21 @@ extern int total_open_fd; |  | ||||||
|  static inline void v9fs_path_write_lock(V9fsState *s) |  | ||||||
|  { |  | ||||||
|      if (s->ctx.export_flags & V9FS_PATHNAME_FSCONTEXT) { |  | ||||||
| -        qemu_co_rwlock_wrlock(&s->rename_lock); |  | ||||||
| +    //    qemu_co_rwlock_wrlock(&s->rename_lock); |  | ||||||
|      } |  | ||||||
|  } |  | ||||||
|   |  | ||||||
|  static inline void v9fs_path_read_lock(V9fsState *s) |  | ||||||
|  { |  | ||||||
|      if (s->ctx.export_flags & V9FS_PATHNAME_FSCONTEXT) { |  | ||||||
| -        qemu_co_rwlock_rdlock(&s->rename_lock); |  | ||||||
| +     //   qemu_co_rwlock_rdlock(&s->rename_lock); |  | ||||||
|      } |  | ||||||
|  } |  | ||||||
|   |  | ||||||
|  static inline void v9fs_path_unlock(V9fsState *s) |  | ||||||
|  { |  | ||||||
|      if (s->ctx.export_flags & V9FS_PATHNAME_FSCONTEXT) { |  | ||||||
| -        qemu_co_rwlock_unlock(&s->rename_lock); |  | ||||||
| +     //   qemu_co_rwlock_unlock(&s->rename_lock); |  | ||||||
|      } |  | ||||||
|  } |  | ||||||
|   |  | ||||||
| diff --git a/hw/9pfs/coth.h b/hw/9pfs/coth.h |  | ||||||
| index c2cdc7a9ea..0fe971d1f5 100644 |  | ||||||
| --- a/hw/9pfs/coth.h |  | ||||||
| +++ b/hw/9pfs/coth.h |  | ||||||
| @@ -46,6 +46,9 @@ |  | ||||||
|          qemu_coroutine_yield();                                         \ |  | ||||||
|      } while (0) |  | ||||||
|   |  | ||||||
| +#undef v9fs_co_run_in_worker |  | ||||||
| +#define v9fs_co_run_in_worker(code_block) do {code_block} while(0); |  | ||||||
| + |  | ||||||
|  void co_run_in_worker_bh(void *); |  | ||||||
|  int coroutine_fn v9fs_co_readlink(V9fsPDU *, V9fsPath *, V9fsString *); |  | ||||||
|  int coroutine_fn v9fs_co_readdir(V9fsPDU *, V9fsFidState *, struct dirent **); |  | ||||||
| --  |  | ||||||
| 2.21.0 |  | ||||||
|  |  | ||||||
| @@ -1,45 +0,0 @@ | |||||||
| From f06edce09ed88568a743c6aa36343081e35cca54 Mon Sep 17 00:00:00 2001 |  | ||||||
| From: Julio Montes <julio.montes@intel.com> |  | ||||||
| Date: Mon, 8 Jul 2019 21:19:36 +0000 |  | ||||||
| Subject: [PATCH 2/2] memory-backend-file/nvdimm: support read-only files as |  | ||||||
|  memory-backends |  | ||||||
|  |  | ||||||
| Currently it is not possible to use a file that is part of a read-only |  | ||||||
| filesystem as memory backend for nvdimm devices, even if the file itself |  | ||||||
| is not modified in the guest. Same goes for files that do not have write access. |  | ||||||
| In order to improve the security of Virtual Machines that share |  | ||||||
| and do not modify the memory-backend-file, QEMU should support |  | ||||||
| read-only memory-backends. |  | ||||||
|  |  | ||||||
| Use case: |  | ||||||
| * Kata Containers use a memory-backed-file as read-only rootfs, and this |  | ||||||
|   file is used to start all the virtual machines in the node. |  | ||||||
|   It would be really bad if somehow a malicious container modified it. |  | ||||||
|  |  | ||||||
| Signed-off-by: Julio Montes <julio.montes@intel.com> |  | ||||||
| Signed-off-by: Archana Shinde <archana.m.shinde@intel.com> |  | ||||||
| Message-Id: <20190708211936.8037-1-julio.montes@intel.com> |  | ||||||
| --- |  | ||||||
|  exec.c | 6 ++++++ |  | ||||||
|  1 file changed, 6 insertions(+) |  | ||||||
|  |  | ||||||
| diff --git a/exec.c b/exec.c |  | ||||||
| index ffdb518535..506a5af8c1 100644 |  | ||||||
| --- a/exec.c |  | ||||||
| +++ b/exec.c |  | ||||||
| @@ -1819,6 +1819,12 @@ static int file_ram_open(const char *path, |  | ||||||
|                  break; |  | ||||||
|              } |  | ||||||
|              g_free(filename); |  | ||||||
| +        } else if (errno == EROFS || errno == EACCES) { |  | ||||||
| +            fd = open(path, O_RDONLY); |  | ||||||
| +            if (fd >= 0) { |  | ||||||
| +                /* @path names an existing read-only file, use it */ |  | ||||||
| +                break; |  | ||||||
| +            } |  | ||||||
|          } |  | ||||||
|          if (errno != EEXIST && errno != EINTR) { |  | ||||||
|              error_setg_errno(errp, errno, |  | ||||||
| --  |  | ||||||
| 2.21.0 |  | ||||||
|  |  | ||||||
| @@ -222,17 +222,11 @@ generate_qemu_options() { | |||||||
|  |  | ||||||
| 	# Disabled options | 	# Disabled options | ||||||
|  |  | ||||||
| 	if gt_eq "${qemu_version}" "5.0.0" ; then |  | ||||||
| 	# Disable sheepdog block driver support | 	# Disable sheepdog block driver support | ||||||
| 	qemu_options+=(size:--disable-sheepdog) | 	qemu_options+=(size:--disable-sheepdog) | ||||||
|  |  | ||||||
| 	# Disable block migration in the main migration stream | 	# Disable block migration in the main migration stream | ||||||
| 	qemu_options+=(size:--disable-live-block-migration) | 	qemu_options+=(size:--disable-live-block-migration) | ||||||
| 	else |  | ||||||
| 		# Starting from QEMU 5.0, the bluetooth code has been removed without replacement. |  | ||||||
| 		# bluetooth support not required |  | ||||||
| 		qemu_options+=(size:--disable-bluez) |  | ||||||
| 	fi |  | ||||||
|  |  | ||||||
| 	# braille support not required | 	# braille support not required | ||||||
| 	qemu_options+=(size:--disable-brlapi) | 	qemu_options+=(size:--disable-brlapi) | ||||||
| @@ -256,7 +250,7 @@ generate_qemu_options() { | |||||||
|  |  | ||||||
| 	# Disable PAM authentication: it's a feature used together with VNC access | 	# Disable PAM authentication: it's a feature used together with VNC access | ||||||
| 	# that's not used. See QEMU commit 8953caf for more details | 	# that's not used. See QEMU commit 8953caf for more details | ||||||
| 	gt_eq "${qemu_version}" "4.0.0" && qemu_options+=(size:--disable-auth-pam) | 	qemu_options+=(size:--disable-auth-pam) | ||||||
|  |  | ||||||
| 	# Disable unused filesystem support | 	# Disable unused filesystem support | ||||||
| 	[ "$arch" == x86_64 ] && qemu_options+=(size:--disable-fdt) | 	[ "$arch" == x86_64 ] && qemu_options+=(size:--disable-fdt) | ||||||
| @@ -265,11 +259,7 @@ generate_qemu_options() { | |||||||
| 	qemu_options+=(size:--disable-libnfs) | 	qemu_options+=(size:--disable-libnfs) | ||||||
|  |  | ||||||
| 	# Starting from QEMU 4.1, libssh replaces to libssh2 | 	# Starting from QEMU 4.1, libssh replaces to libssh2 | ||||||
| 	if gt_eq "${qemu_version}" "4.1.0" ; then |  | ||||||
| 	qemu_options+=(size:--disable-libssh) | 	qemu_options+=(size:--disable-libssh) | ||||||
| 	else |  | ||||||
| 		qemu_options+=(size:--disable-libssh2) |  | ||||||
| 	fi |  | ||||||
|  |  | ||||||
| 	# Disable unused compression support | 	# Disable unused compression support | ||||||
| 	qemu_options+=(size:--disable-bzip2) | 	qemu_options+=(size:--disable-bzip2) | ||||||
| @@ -294,12 +284,6 @@ generate_qemu_options() { | |||||||
| 	s390x) qemu_options+=(size:--disable-tcg) ;; | 	s390x) qemu_options+=(size:--disable-tcg) ;; | ||||||
| 	esac | 	esac | ||||||
|  |  | ||||||
| 	# SECURITY: Don't build a static binary (lowers security) |  | ||||||
| 	# needed if qemu version is less than 2.7 |  | ||||||
| 	if ! gt_eq "${qemu_version}" "2.7.0" ; then |  | ||||||
| 		qemu_options+=(security:--disable-static) |  | ||||||
| 	fi |  | ||||||
|  |  | ||||||
| 	if [ "${static}" == "true" ]; then | 	if [ "${static}" == "true" ]; then | ||||||
| 		qemu_options+=(misc:--static) | 		qemu_options+=(misc:--static) | ||||||
| 	fi | 	fi | ||||||
| @@ -370,15 +354,11 @@ generate_qemu_options() { | |||||||
| 	# Disable Capstone | 	# Disable Capstone | ||||||
| 	qemu_options+=(size:--disable-capstone) | 	qemu_options+=(size:--disable-capstone) | ||||||
|  |  | ||||||
| 	if gt_eq "${qemu_version}" "3.0.0" ; then |  | ||||||
| 	# Disable graphics | 	# Disable graphics | ||||||
| 	qemu_options+=(size:--disable-virglrenderer) | 	qemu_options+=(size:--disable-virglrenderer) | ||||||
|  |  | ||||||
| 		# Due to qemu commit 3ebb9c4f52, we can't disable replication in v3.0 |  | ||||||
| 		if gt_eq "${qemu_version}" "3.1.0" ; then |  | ||||||
| 	# Disable block replication | 	# Disable block replication | ||||||
| 	qemu_options+=(size:--disable-replication) | 	qemu_options+=(size:--disable-replication) | ||||||
| 		fi |  | ||||||
|  |  | ||||||
| 	# Disable USB smart card reader | 	# Disable USB smart card reader | ||||||
| 	qemu_options+=(size:--disable-smartcard) | 	qemu_options+=(size:--disable-smartcard) | ||||||
| @@ -402,7 +382,6 @@ generate_qemu_options() { | |||||||
| 	if ! gt_eq "${qemu_version}" "5.1.0" ; then | 	if ! gt_eq "${qemu_version}" "5.1.0" ; then | ||||||
| 	    qemu_options+=(size:--disable-vxhs) | 	    qemu_options+=(size:--disable-vxhs) | ||||||
| 	fi | 	fi | ||||||
| 	fi |  | ||||||
|  |  | ||||||
| 	#--------------------------------------------------------------------- | 	#--------------------------------------------------------------------- | ||||||
| 	# Enabled options | 	# Enabled options | ||||||
| @@ -414,12 +393,6 @@ generate_qemu_options() { | |||||||
| 	# Required for fast network access | 	# Required for fast network access | ||||||
| 	qemu_options+=(speed:--enable-vhost-net) | 	qemu_options+=(speed:--enable-vhost-net) | ||||||
|  |  | ||||||
| 	# Always strip binaries |  | ||||||
| 	# needed if qemu version is less than 2.7 |  | ||||||
| 	if ! gt_eq "${qemu_version}" "2.7.0" ; then |  | ||||||
| 		qemu_options+=(size:--enable-strip) |  | ||||||
| 	fi |  | ||||||
|  |  | ||||||
| 	# Support Ceph RADOS Block Device (RBD) | 	# Support Ceph RADOS Block Device (RBD) | ||||||
| 	[ -z "${static}" ] && qemu_options+=(functionality:--enable-rbd) | 	[ -z "${static}" ] && qemu_options+=(functionality:--enable-rbd) | ||||||
|  |  | ||||||
| @@ -433,14 +406,11 @@ generate_qemu_options() { | |||||||
| 	qemu_options+=(functionality:--enable-cap-ng) | 	qemu_options+=(functionality:--enable-cap-ng) | ||||||
| 	qemu_options+=(functionality:--enable-seccomp) | 	qemu_options+=(functionality:--enable-seccomp) | ||||||
|  |  | ||||||
| 	if gt_eq "${qemu_version}" "3.1.0" ; then |  | ||||||
| 	# AVX2 is enabled by default by x86_64, make sure it's enabled only | 	# AVX2 is enabled by default by x86_64, make sure it's enabled only | ||||||
| 	# for that architecture | 	# for that architecture | ||||||
| 	if [ "$arch" == x86_64 ]; then | 	if [ "$arch" == x86_64 ]; then | ||||||
| 	    qemu_options+=(speed:--enable-avx2) | 	    qemu_options+=(speed:--enable-avx2) | ||||||
| 			if gt_eq "${qemu_version}" "5.0.0" ; then |  | ||||||
| 	    qemu_options+=(speed:--enable-avx512f) | 	    qemu_options+=(speed:--enable-avx512f) | ||||||
| 			fi |  | ||||||
| 	    # According to QEMU's nvdimm documentation: When 'pmem' is 'on' and QEMU is | 	    # According to QEMU's nvdimm documentation: When 'pmem' is 'on' and QEMU is | ||||||
| 	    # built with libpmem support, QEMU will take necessary operations to guarantee | 	    # built with libpmem support, QEMU will take necessary operations to guarantee | ||||||
| 	    # the persistence of its own writes to the vNVDIMM backend. | 	    # the persistence of its own writes to the vNVDIMM backend. | ||||||
| @@ -451,7 +421,6 @@ generate_qemu_options() { | |||||||
| 	fi | 	fi | ||||||
| 	# Enable libc malloc_trim() for memory optimization. | 	# Enable libc malloc_trim() for memory optimization. | ||||||
| 	qemu_options+=(speed:--enable-malloc-trim) | 	qemu_options+=(speed:--enable-malloc-trim) | ||||||
| 	fi |  | ||||||
|  |  | ||||||
| 	#--------------------------------------------------------------------- | 	#--------------------------------------------------------------------- | ||||||
| 	# Other options | 	# Other options | ||||||
| @@ -587,6 +556,10 @@ main() { | |||||||
| 	[ -n "${qemu_version}" ] || | 	[ -n "${qemu_version}" ] || | ||||||
| 		die "cannot determine qemu version from file $qemu_version_file" | 		die "cannot determine qemu version from file $qemu_version_file" | ||||||
|  |  | ||||||
|  | 	if ! gt_eq "${qemu_version}" "5.0.0" ; then | ||||||
|  | 	    die "Kata requires QEMU >= 5.0.0" | ||||||
|  | 	fi | ||||||
|  |  | ||||||
| 	local gcc_version_major=$(gcc -dumpversion | cut -f1 -d.) | 	local gcc_version_major=$(gcc -dumpversion | cut -f1 -d.) | ||||||
| 	[ -n "${gcc_version_major}" ] || | 	[ -n "${gcc_version_major}" ] || | ||||||
| 		die "cannot determine gcc major version, please ensure it is installed" | 		die "cannot determine gcc major version, please ensure it is installed" | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user