Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20210323' into staging
Workaround for macos mprotect
Workaround for target_page vs -flto
# gpg: Signature made Wed 24 Mar 2021 01:40:12 GMT
# gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg: issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F
* remotes/rth/tags/pull-tcg-20210323:
exec: Build page-vary-common.c with -fno-lto
exec: Extract 'page-vary.h' header
exec: Rename exec-vary.c as page-vary.c
tcg: Workaround macOS 11.2 mprotect bug
tcg: Do not set guard pages on the rx portion of code_gen_buffer
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
diff --git a/crypto/tlscredsx509.c b/crypto/tlscredsx509.c
index dbadad4..bc503ba 100644
--- a/crypto/tlscredsx509.c
+++ b/crypto/tlscredsx509.c
@@ -770,6 +770,51 @@
}
+#ifdef CONFIG_GNUTLS
+
+
+static bool
+qcrypto_tls_creds_x509_reload(QCryptoTLSCreds *creds, Error **errp)
+{
+ QCryptoTLSCredsX509 *x509_creds = QCRYPTO_TLS_CREDS_X509(creds);
+ Error *local_err = NULL;
+ gnutls_certificate_credentials_t creds_data = x509_creds->data;
+ gnutls_dh_params_t creds_dh_params = x509_creds->parent_obj.dh_params;
+
+ x509_creds->data = NULL;
+ x509_creds->parent_obj.dh_params = NULL;
+ qcrypto_tls_creds_x509_load(x509_creds, &local_err);
+ if (local_err) {
+ qcrypto_tls_creds_x509_unload(x509_creds);
+ x509_creds->data = creds_data;
+ x509_creds->parent_obj.dh_params = creds_dh_params;
+ error_propagate(errp, local_err);
+ return false;
+ }
+
+ if (creds_data) {
+ gnutls_certificate_free_credentials(creds_data);
+ }
+ if (creds_dh_params) {
+ gnutls_dh_params_deinit(creds_dh_params);
+ }
+ return true;
+}
+
+
+#else /* ! CONFIG_GNUTLS */
+
+
+static bool
+qcrypto_tls_creds_x509_reload(QCryptoTLSCreds *creds, Error **errp)
+{
+ return false;
+}
+
+
+#endif /* ! CONFIG_GNUTLS */
+
+
static void
qcrypto_tls_creds_x509_complete(UserCreatable *uc, Error **errp)
{
@@ -800,6 +845,9 @@
qcrypto_tls_creds_x509_class_init(ObjectClass *oc, void *data)
{
UserCreatableClass *ucc = USER_CREATABLE_CLASS(oc);
+ QCryptoTLSCredsClass *ctcc = QCRYPTO_TLS_CREDS_CLASS(oc);
+
+ ctcc->reload = qcrypto_tls_creds_x509_reload;
ucc->complete = qcrypto_tls_creds_x509_complete;
diff --git a/hw/display/edid-generate.c b/hw/display/edid-generate.c
index 1665b7c..a1bea9a 100644
--- a/hw/display/edid-generate.c
+++ b/hw/display/edid-generate.c
@@ -25,19 +25,20 @@
{ .xres = 1920, .yres = 1080, .dta = 31 },
/* additional standard timings 3 (all @ 60Hz) */
- { .xres = 1920, .yres = 1440, .xtra3 = 11, .bit = 5 },
{ .xres = 1920, .yres = 1200, .xtra3 = 10, .bit = 0 },
- { .xres = 1856, .yres = 1392, .xtra3 = 10, .bit = 3 },
- { .xres = 1792, .yres = 1344, .xtra3 = 10, .bit = 5 },
{ .xres = 1600, .yres = 1200, .xtra3 = 9, .bit = 2 },
{ .xres = 1680, .yres = 1050, .xtra3 = 9, .bit = 5 },
- { .xres = 1440, .yres = 1050, .xtra3 = 8, .bit = 1 },
{ .xres = 1440, .yres = 900, .xtra3 = 8, .bit = 5 },
- { .xres = 1360, .yres = 768, .xtra3 = 8, .bit = 7 },
{ .xres = 1280, .yres = 1024, .xtra3 = 7, .bit = 1 },
{ .xres = 1280, .yres = 960, .xtra3 = 7, .bit = 3 },
{ .xres = 1280, .yres = 768, .xtra3 = 7, .bit = 6 },
+ { .xres = 1920, .yres = 1440, .xtra3 = 11, .bit = 5 },
+ { .xres = 1856, .yres = 1392, .xtra3 = 10, .bit = 3 },
+ { .xres = 1792, .yres = 1344, .xtra3 = 10, .bit = 5 },
+ { .xres = 1440, .yres = 1050, .xtra3 = 8, .bit = 1 },
+ { .xres = 1360, .yres = 768, .xtra3 = 8, .bit = 7 },
+
/* established timings (all @ 60Hz) */
{ .xres = 1024, .yres = 768, .byte = 36, .bit = 3 },
{ .xres = 800, .yres = 600, .byte = 35, .bit = 0 },
@@ -109,13 +110,13 @@
if (mode->byte) {
edid[mode->byte] |= (1 << mode->bit);
- } else if (mode->xtra3 && xtra3) {
- xtra3[mode->xtra3] |= (1 << mode->bit);
} else if (std < 54) {
rc = edid_std_mode(edid + std, mode->xres, mode->yres);
if (rc == 0) {
std += 2;
}
+ } else if (mode->xtra3 && xtra3) {
+ xtra3[mode->xtra3] |= (1 << mode->bit);
}
if (dta && mode->dta) {
diff --git a/include/crypto/tlscreds.h b/include/crypto/tlscreds.h
index 079e376..d0808e3 100644
--- a/include/crypto/tlscreds.h
+++ b/include/crypto/tlscreds.h
@@ -30,14 +30,15 @@
#define TYPE_QCRYPTO_TLS_CREDS "tls-creds"
typedef struct QCryptoTLSCreds QCryptoTLSCreds;
-DECLARE_INSTANCE_CHECKER(QCryptoTLSCreds, QCRYPTO_TLS_CREDS,
- TYPE_QCRYPTO_TLS_CREDS)
-
typedef struct QCryptoTLSCredsClass QCryptoTLSCredsClass;
+DECLARE_OBJ_CHECKERS(QCryptoTLSCreds, QCryptoTLSCredsClass, QCRYPTO_TLS_CREDS,
+ TYPE_QCRYPTO_TLS_CREDS)
+
#define QCRYPTO_TLS_CREDS_DH_PARAMS "dh-params.pem"
+typedef bool (*CryptoTLSCredsReload)(QCryptoTLSCreds *, Error **);
/**
* QCryptoTLSCreds:
*
@@ -61,6 +62,7 @@
struct QCryptoTLSCredsClass {
ObjectClass parent_class;
+ CryptoTLSCredsReload reload;
};
diff --git a/include/ui/console.h b/include/ui/console.h
index c960b70..ca3c7af 100644
--- a/include/ui/console.h
+++ b/include/ui/console.h
@@ -267,16 +267,6 @@
DisplaySurface *qemu_create_displaysurface(int width, int height);
void qemu_free_displaysurface(DisplaySurface *surface);
-static inline int is_surface_bgr(DisplaySurface *surface)
-{
- if (PIXMAN_FORMAT_BPP(surface->format) == 32 &&
- PIXMAN_FORMAT_TYPE(surface->format) == PIXMAN_TYPE_ABGR) {
- return 1;
- } else {
- return 0;
- }
-}
-
static inline int is_buffer_shared(DisplaySurface *surface)
{
return !(surface->flags & QEMU_ALLOCATED_FLAG);
@@ -476,6 +466,7 @@
int vnc_display_pw_expire(const char *id, time_t expires);
void vnc_parse(const char *str);
int vnc_init_func(void *opaque, QemuOpts *opts, Error **errp);
+bool vnc_display_reload_certs(const char *id, Error **errp);
/* input.c */
int index_from_key(const char *key, size_t key_length);
diff --git a/monitor/qmp-cmds.c b/monitor/qmp-cmds.c
index c7df8c0..f7d64a6 100644
--- a/monitor/qmp-cmds.c
+++ b/monitor/qmp-cmds.c
@@ -334,3 +334,20 @@
return mem_info;
}
+
+void qmp_display_reload(DisplayReloadOptions *arg, Error **errp)
+{
+ switch (arg->type) {
+ case DISPLAY_RELOAD_TYPE_VNC:
+#ifdef CONFIG_VNC
+ if (arg->u.vnc.has_tls_certs && arg->u.vnc.tls_certs) {
+ vnc_display_reload_certs(NULL, errp);
+ }
+#else
+ error_setg(errp, "vnc is invalid, missing 'CONFIG_VNC'");
+#endif
+ break;
+ default:
+ abort();
+ }
+}
diff --git a/qapi/ui.json b/qapi/ui.json
index cc18821..1052ca9 100644
--- a/qapi/ui.json
+++ b/qapi/ui.json
@@ -1168,3 +1168,64 @@
##
{ 'command': 'query-display-options',
'returns': 'DisplayOptions' }
+
+##
+# @DisplayReloadType:
+#
+# Available DisplayReload types.
+#
+# @vnc: VNC display
+#
+# Since: 6.0
+#
+##
+{ 'enum': 'DisplayReloadType',
+ 'data': ['vnc'] }
+
+##
+# @DisplayReloadOptionsVNC:
+#
+# Specify the VNC reload options.
+#
+# @tls-certs: reload tls certs or not.
+#
+# Since: 6.0
+#
+##
+{ 'struct': 'DisplayReloadOptionsVNC',
+ 'data': { '*tls-certs': 'bool' } }
+
+##
+# @DisplayReloadOptions:
+#
+# Options of the display configuration reload.
+#
+# @type: Specify the display type.
+#
+# Since: 6.0
+#
+##
+{ 'union': 'DisplayReloadOptions',
+ 'base': {'type': 'DisplayReloadType'},
+ 'discriminator': 'type',
+ 'data': { 'vnc': 'DisplayReloadOptionsVNC' } }
+
+##
+# @display-reload:
+#
+# Reload display configuration.
+#
+# Returns: Nothing on success.
+#
+# Since: 6.0
+#
+# Example:
+#
+# -> { "execute": "display-reload",
+# "arguments": { "type": "vnc", "tls-certs": true } }
+# <- { "return": {} }
+#
+##
+{ 'command': 'display-reload',
+ 'data': 'DisplayReloadOptions',
+ 'boxed' : true }
diff --git a/ui/vnc.c b/ui/vnc.c
index e0fac21..456db47 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -585,6 +585,34 @@
return prev;
}
+bool vnc_display_reload_certs(const char *id, Error **errp)
+{
+ VncDisplay *vd = vnc_display_find(id);
+ QCryptoTLSCredsClass *creds = NULL;
+
+ if (!vd) {
+ error_setg(errp, "Can not find vnc display");
+ return false;
+ }
+
+ if (!vd->tlscreds) {
+ error_setg(errp, "vnc tls is not enable");
+ return false;
+ }
+
+ creds = QCRYPTO_TLS_CREDS_GET_CLASS(OBJECT(vd->tlscreds));
+ if (creds->reload == NULL) {
+ error_setg(errp, "%s doesn't support to reload TLS credential",
+ object_get_typename(OBJECT(vd->tlscreds)));
+ return false;
+ }
+ if (!creds->reload(vd->tlscreds, errp)) {
+ return false;
+ }
+
+ return true;
+}
+
/* TODO
1) Get the queue working for IO.
2) there is some weirdness when using the -S option (the screen is grey
