* Questions about QEMU exception @ 2022-11-09 1:45 Li, Kevin 2022-11-09 10:00 ` Alex Bennée 2022-11-09 10:10 ` Peter Maydell 0 siblings, 2 replies; 4+ messages in thread From: Li, Kevin @ 2022-11-09 1:45 UTC (permalink / raw) To: qemu-devel@nongnu.org [-- Attachment #1: Type: text/plain, Size: 557 bytes --] Hi qemu community, We are working on some open source project which uses qemu on mac, and we have some signing process to sign qemu-system-x86_64. If qemu-system-x86_64 is not signed, we don’t see any problem, but after sign it, we got the following error: qemu-system-x86_64 -M none -netdev help]: stdout=\"Accelerators supported in QEMU binary:\\ntcg\\nhax\\nhvf\\n\", stderr=\"qemu-system-x86_64: allocate 1073741824 bytes for jit buffer: Invalid argument Does anyone has clue about what change may result in this failure? Thanks, Kevin [-- Attachment #2: Type: text/html, Size: 2476 bytes --] ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Questions about QEMU exception 2022-11-09 1:45 Questions about QEMU exception Li, Kevin @ 2022-11-09 10:00 ` Alex Bennée 2022-11-09 10:10 ` Peter Maydell 1 sibling, 0 replies; 4+ messages in thread From: Alex Bennée @ 2022-11-09 10:00 UTC (permalink / raw) To: Li, Kevin; +Cc: qemu-devel, Richard Henderson "Li, Kevin" <cnkevin@amazon.com> writes: > Hi qemu community, > > > > We are working on some open source project which uses qemu on mac, and we have some signing process to sign > qemu-system-x86_64. > > If qemu-system-x86_64 is not signed, we don’t see any problem, but after sign it, we got the following error: > > > > qemu-system-x86_64 -M none -netdev help]: stdout=\"Accelerators supported in QEMU binary:\\ntcg\\nhax\\nhvf\\n\", > stderr=\"qemu-system-x86_64: allocate 1073741824 bytes for jit buffer: Invalid argument > > > > Does anyone has clue about what change may result in this failure? Not sure about the details but I suspect this is something to do with the way we have to jump through hoops to allocate the code buffer on MacOSX. You could stick some printfs around: alloc_code_gen_buffer_splitwx_vmremap and alloc_code_gen_buffer_anon AIUI we have to allocate a non-executable but writable buffer for the code and then remap an executable view of the same region to execute the generated JIT code. Maybe being a signed binary adds more restrictions on which OS apis can be called? -- Alex Bennée ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Questions about QEMU exception 2022-11-09 1:45 Questions about QEMU exception Li, Kevin 2022-11-09 10:00 ` Alex Bennée @ 2022-11-09 10:10 ` Peter Maydell 2022-11-09 17:35 ` Li, Kevin 1 sibling, 1 reply; 4+ messages in thread From: Peter Maydell @ 2022-11-09 10:10 UTC (permalink / raw) To: Li, Kevin; +Cc: qemu-devel@nongnu.org On Wed, 9 Nov 2022 at 01:53, Li, Kevin <cnkevin@amazon.com> wrote: > > Hi qemu community, > > > > We are working on some open source project which uses qemu on mac, and we have some signing process to sign qemu-system-x86_64. > > If qemu-system-x86_64 is not signed, we don’t see any problem, but after sign it, we got the following error: > > > > qemu-system-x86_64 -M none -netdev help]: stdout=\"Accelerators supported in QEMU binary:\\ntcg\\nhax\\nhvf\\n\", stderr=\"qemu-system-x86_64: allocate 1073741824 bytes for jit buffer: Invalid argument > > > > Does anyone has clue about what change may result in this failure? You don't say which QEMU version you're using. Does it still happen with the most recent release? Does it still happen if you build from current head-of-git ? PS: I think the QEMU build process should already be signing the executable, so I'm not sure why you need to sign it again (see scripts/entitlement.sh). thanks -- PMM ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Questions about QEMU exception 2022-11-09 10:10 ` Peter Maydell @ 2022-11-09 17:35 ` Li, Kevin 0 siblings, 0 replies; 4+ messages in thread From: Li, Kevin @ 2022-11-09 17:35 UTC (permalink / raw) To: Peter Maydell; +Cc: qemu-devel@nongnu.org Hi Peter, We first install via homebrew and then extract the executables (qemu-img and qemu-system-xxx) out. We recently did this, so it should be the latest version of qemu via homebrew, and our package is for MacOS, which needs sign and notarize. If we extract in this way, and use it on other env without signing, it will show the unidentified developer, so we sign it along with other executables. We uses these executables to pack a pkg installer, so first we sign all the executables including qemu, and then sign the pkg, and finally notarize the pkg. I think the previous error I mentioned maybe caused by we didn't sign qemu with the entitlement, so I signed with the entitlement with following keys: <key>com.apple.security.cs.allow-jit</key> <true/> <key>com.apple.security.cs.allow-unsigned-executable-memory</key> <true/> <key>com.apple.security.cs.disable-library-validation</key> <true/> <key>com.apple.security.hypervisor</key> <true/> <key>com.apple.security.inherit</key> <true/> However, even I signed it, qemu still show unidentified developer pop up, which doesn't not happen to other executables. Please let me know if you have any clue or suggestion with it. Thanks in advance. Thanks, Kevin On 2022-11-09, 2:10 AM, "Peter Maydell" <peter.maydell@linaro.org> wrote: CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe. On Wed, 9 Nov 2022 at 01:53, Li, Kevin <cnkevin@amazon.com> wrote: > > Hi qemu community, > > > > We are working on some open source project which uses qemu on mac, and we have some signing process to sign qemu-system-x86_64. > > If qemu-system-x86_64 is not signed, we don’t see any problem, but after sign it, we got the following error: > > > > qemu-system-x86_64 -M none -netdev help]: stdout=\"Accelerators supported in QEMU binary:\\ntcg\\nhax\\nhvf\\n\", stderr=\"qemu-system-x86_64: allocate 1073741824 bytes for jit buffer: Invalid argument > > > > Does anyone has clue about what change may result in this failure? You don't say which QEMU version you're using. Does it still happen with the most recent release? Does it still happen if you build from current head-of-git ? PS: I think the QEMU build process should already be signing the executable, so I'm not sure why you need to sign it again (see scripts/entitlement.sh). thanks -- PMM ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-11-09 17:36 UTC | newest] Thread overview: 4+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2022-11-09 1:45 Questions about QEMU exception Li, Kevin 2022-11-09 10:00 ` Alex Bennée 2022-11-09 10:10 ` Peter Maydell 2022-11-09 17:35 ` Li, Kevin
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.