diff --git a/qemu.spec b/qemu.spec index b52cf7bf60991cc6a2ce6920dae3898504bd2ec5..c5e8a200dfe333ece10316eb5eb39769acea4a3a 100644 --- a/qemu.spec +++ b/qemu.spec @@ -1,6 +1,6 @@ Name: qemu Version: 6.2.0 -Release: 9 +Release: 10 Epoch: 2 Summary: QEMU is a generic and open source machine emulator and virtualizer License: GPLv2 and BSD and MIT and CC-BY-SA-4.0 @@ -78,6 +78,12 @@ Patch0065: freeclock-set-rtc_date_diff-for-X86.patch Patch0066: hw-usb-reduce-the-vpcu-cost-of-UHCI-when-VNC-disconn.patch Patch0067: hw-net-rocker-fix-security-vulnerability.patch Patch0068: tests-Disable-filemonitor-testcase.patch +Patch0069: seabios-convert-value-of-be16_to_cpu-to-u64-before-s.patch +Patch0070: seabios-do-not-give-back-high-ram.patch +Patch0071: seabios-drop-yield-in-smp_setup.patch +Patch0072: seabios-fix-memory-leak-when-pci-check.patch +Patch0073: seabios-increase-the-seabios-high-mem-zone-size.patch +Patch0074: seabios-increase-the-seabios-minibiostable.patch BuildRequires: flex BuildRequires: gcc @@ -522,6 +528,14 @@ getent passwd qemu >/dev/null || \ %endif %changelog +* Sat Feb 12 2022 jiangdongxu +- seabios: convert value of be16_to_cpu to u64 before shifting +- seabios: do not give back high ram +- seabios: fix memory leak when pci check +- seabios: drop yield() in smp_setup() +- seabios: increase the seabios minibiostable +- seabios: increase the seabios high mem zone size + * Fri Feb 11 2022 Chen Qun - hw/net/rocker: fix security vulnerability - tests: Disable filemonitor testcase diff --git a/seabios-convert-value-of-be16_to_cpu-to-u64-before-s.patch b/seabios-convert-value-of-be16_to_cpu-to-u64-before-s.patch new file mode 100644 index 0000000000000000000000000000000000000000..be0218f935178a0cd5ad9bfdbef24199acdbba2f --- /dev/null +++ b/seabios-convert-value-of-be16_to_cpu-to-u64-before-s.patch @@ -0,0 +1,31 @@ +From c2ec0efb903e27f83cb9a54041764f76e2e1d390 Mon Sep 17 00:00:00 2001 +From: jiangdongxu +Date: Fri, 11 Feb 2022 16:12:21 +0800 +Subject: [PATCH 1/6] seabios: convert value of be16_to_cpu to u64 before + shifting + +be16_to_cpu(scsi_lun->lun[i]) is 16 bits and left shifting by more than 16 will have undefined behaviour. +convert it to u64 before shifting. + +Signed-off-by: liuxiangdong +Signed-off-by: jiangdongxu +--- + roms/seabios/src/hw/blockcmd.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/roms/seabios/src/hw/blockcmd.c b/roms/seabios/src/hw/blockcmd.c +index 6b6fea9707..af6d33544f 100644 +--- a/roms/seabios/src/hw/blockcmd.c ++++ b/roms/seabios/src/hw/blockcmd.c +@@ -210,7 +210,7 @@ static u64 scsilun2u64(struct scsi_lun *scsi_lun) + int i; + u64 ret = 0; + for (i = 0; i < ARRAY_SIZE(scsi_lun->lun); i++) +- ret |= be16_to_cpu(scsi_lun->lun[i]) << (16 * i); ++ ret |= (u64)be16_to_cpu(scsi_lun->lun[i]) << (16 * i); + return ret; + } + +-- +2.27.0 + diff --git a/seabios-do-not-give-back-high-ram.patch b/seabios-do-not-give-back-high-ram.patch new file mode 100644 index 0000000000000000000000000000000000000000..df40892f44b00f51ba244ae5d8af14e69c99e7e5 --- /dev/null +++ b/seabios-do-not-give-back-high-ram.patch @@ -0,0 +1,43 @@ +From 74f052de33cb14d7a1656079a53102a7cbbb6e75 Mon Sep 17 00:00:00 2001 +From: jiangdongxu +Date: Fri, 11 Feb 2022 16:16:05 +0800 +Subject: [PATCH 2/6] seabios: do not give back high ram + +Oracle 6 and 7 series virtual machines will use the high ram returned by +sebios. Since these high ram will not be initialized before kernel used, +this will cause a system exception. This patch removes the logic for +returning high ram, making the virtual machine will not use this part +of the memory, thus avoiding this kernel bug. + +Signed-off-by: wangxin +Signed-off-by: Fangyi +Signed-off-by: jiangdongxu +--- + roms/seabios/src/malloc.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/roms/seabios/src/malloc.c b/roms/seabios/src/malloc.c +index 3733855caf..5827a6523a 100644 +--- a/roms/seabios/src/malloc.c ++++ b/roms/seabios/src/malloc.c +@@ -549,6 +549,9 @@ malloc_prepboot(void) + dprintf(1, "Space available for UMB: %x-%x, %x-%x\n" + , RomEnd, base, info->range_start, info->range_end); + ++ // We should not give back unused high ram, to support some special ++ // guest OS, like oracle linux series. ++#ifdef HIGH_MEM_BACK + // Give back unused high ram. + info = alloc_find_lowest(&ZoneHigh); + if (info) { +@@ -556,6 +559,7 @@ malloc_prepboot(void) + e820_add(info->range_start, giveback, E820_RAM); + dprintf(1, "Returned %d bytes of ZoneHigh\n", giveback); + } ++#endif + + calcRamSize(); + } +-- +2.27.0 + diff --git a/seabios-drop-yield-in-smp_setup.patch b/seabios-drop-yield-in-smp_setup.patch new file mode 100644 index 0000000000000000000000000000000000000000..1c55aa0da4c4eecf6eeeb5b0d9dc5451d99672e6 --- /dev/null +++ b/seabios-drop-yield-in-smp_setup.patch @@ -0,0 +1,39 @@ +From 1a8defda890d6fe3efe2238cff1ef2ae6ca8928c Mon Sep 17 00:00:00 2001 +From: jiangdongxu +Date: Fri, 11 Feb 2022 16:31:25 +0800 +Subject: [PATCH 4/6] seabios: drop yield() in smp_setup() + +Fix SeaBIOS stuck problem becuase SeaBIOS open hardware interrupt +by invoking yield(). That's dangerous and unnecessary. Let's drop +it, and make the processing of setup smp more security in SeaBIOS. + +Signed-off-by: liuxiangdong +Signed-off-by: jiangdongxu +--- + roms/seabios/src/fw/smp.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/roms/seabios/src/fw/smp.c b/roms/seabios/src/fw/smp.c +index 46d1da1784..e5e407be0c 100644 +--- a/roms/seabios/src/fw/smp.c ++++ b/roms/seabios/src/fw/smp.c +@@ -149,6 +149,7 @@ smp_scan(void) + + // Wait for other CPUs to process the SIPI. + u16 expected_cpus_count = qemu_get_present_cpus_count(); ++ dprintf(1,"expected_cpus_count=%d\n", expected_cpus_count); + while (expected_cpus_count != CountCPUs) + asm volatile( + // Release lock and allow other processors to use the stack. +@@ -160,7 +161,7 @@ smp_scan(void) + " jc 1b\n" + : "+m" (SMPLock), "+m" (SMPStack) + : : "cc", "memory"); +- yield(); ++ dprintf(1, "finish smp\n"); + + // Restore memory. + *(u64*)BUILD_AP_BOOT_ADDR = old; +-- +2.27.0 + diff --git a/seabios-fix-memory-leak-when-pci-check.patch b/seabios-fix-memory-leak-when-pci-check.patch new file mode 100644 index 0000000000000000000000000000000000000000..01d1ea06864f719c1bcd057b05506a546e9de4bc --- /dev/null +++ b/seabios-fix-memory-leak-when-pci-check.patch @@ -0,0 +1,34 @@ +From 73cb83af0649f958bb31b5b76f46c164c6f2952c Mon Sep 17 00:00:00 2001 +From: jiangdongxu +Date: Fri, 11 Feb 2022 16:28:55 +0800 +Subject: [PATCH 3/6] seabios: fix memory leak when pci check + +fix code memory leak when pci check failed +free busses memory when pci_bios_check_devices function returns error in pci_setup() + +Signed-off-by: liuxiangodng +Signed-off-by: jiangdongxu +--- + roms/seabios/src/fw/pciinit.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/roms/seabios/src/fw/pciinit.c b/roms/seabios/src/fw/pciinit.c +index d25931bb05..9df35d05d1 100644 +--- a/roms/seabios/src/fw/pciinit.c ++++ b/roms/seabios/src/fw/pciinit.c +@@ -1171,8 +1171,11 @@ pci_setup(void) + return; + } + memset(busses, 0, sizeof(*busses) * (MaxPCIBus + 1)); +- if (pci_bios_check_devices(busses)) ++ if (pci_bios_check_devices(busses)) { ++ dprintf(1, "pci_bios_check_devices(busses) failed!\n"); ++ free(busses); + return; ++ } + + dprintf(1, "=== PCI new allocation pass #2 ===\n"); + pci_bios_map_devices(busses); +-- +2.27.0 + diff --git a/seabios-increase-the-seabios-high-mem-zone-size.patch b/seabios-increase-the-seabios-high-mem-zone-size.patch new file mode 100644 index 0000000000000000000000000000000000000000..01c16d1db2827e6948158e9bcac0823467668554 --- /dev/null +++ b/seabios-increase-the-seabios-high-mem-zone-size.patch @@ -0,0 +1,34 @@ +From bf72a9439d06fe35e3c7246b60e1c5b7b8058459 Mon Sep 17 00:00:00 2001 +From: jiangdongxu +Date: Fri, 11 Feb 2022 16:34:23 +0800 +Subject: [PATCH 6/6] seabios: increase the seabios high mem zone size + +In terms of version and specification, under the maximum configuration +specification of the number of vcpus, virtio blocks and other features, +there exists bottleneck in seabios high_mem_zone, which results in the +memory application failure and causes the vm to fail to start. + +Increase BUILD_MAX_HIGHTABLE to 512k. + +Signed-off-by: liuxiangdong +Signed-off-by: jiangdongxu +--- + roms/seabios/src/config.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/roms/seabios/src/config.h b/roms/seabios/src/config.h +index 93c8dbc2d5..9abd43474e 100644 +--- a/roms/seabios/src/config.h ++++ b/roms/seabios/src/config.h +@@ -17,7 +17,7 @@ + // Maximum number of map entries in the e820 map + #define BUILD_MAX_E820 32 + // Space to reserve in high-memory for tables +-#define BUILD_MAX_HIGHTABLE (256*1024) ++#define BUILD_MAX_HIGHTABLE (512*1024) + // Largest supported externaly facing drive id + #define BUILD_MAX_EXTDRIVE 16 + // Number of bytes the smbios may be and still live in the f-segment +-- +2.27.0 + diff --git a/seabios-increase-the-seabios-minibiostable.patch b/seabios-increase-the-seabios-minibiostable.patch new file mode 100644 index 0000000000000000000000000000000000000000..bd3cfa461ecc6b436b43ac55775ece42b62d4aea --- /dev/null +++ b/seabios-increase-the-seabios-minibiostable.patch @@ -0,0 +1,33 @@ +From 764113a4a24e1d842a45fb62fc09279c87057616 Mon Sep 17 00:00:00 2001 +From: jiangdongxu +Date: Fri, 11 Feb 2022 16:33:04 +0800 +Subject: [PATCH 5/6] seabios: increase the seabios minibiostable + +Increase the BUILD_MIN_BIOSTABLE to 4096; +support 25 virtio-blk(data) + 1 virtio-scsi(sys) + 1 virtio-net + +Increase the BUILD_MIN_BIOSTABLE to 5120; +support 18 virtio-scsi while vm starts with IDE boot disk + +Signed-off-by: liuxiangdong +Signed-off-by: jiangdongxu +--- + roms/seabios/scripts/layoutrom.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/roms/seabios/scripts/layoutrom.py b/roms/seabios/scripts/layoutrom.py +index abebf0211f..e2732db8f9 100755 +--- a/roms/seabios/scripts/layoutrom.py ++++ b/roms/seabios/scripts/layoutrom.py +@@ -66,7 +66,7 @@ def setSectionsStart(sections, endaddr, minalign=1, segoffset=0): + BUILD_ROM_START = 0xc0000 + BUILD_LOWRAM_END = 0xa0000 + # Space to reserve in f-segment for dynamic allocations +-BUILD_MIN_BIOSTABLE = 2048 ++BUILD_MIN_BIOSTABLE = 5120 + + # Layout the 16bit code. This ensures sections with fixed offset + # requirements are placed in the correct location. It also places the +-- +2.27.0 +