Paolo Bonzini [Mon, 14 Jun 2010 17:11:54 +0000 (19:11 +0200)]
lsi53c895a: fix Phase Mismatch Jump
lsi_bad_phase has a bug in the choice of pmjad1/pmjad2. This does
not matter with Linux guests because it uses just one routine for
both, but it breaks Windows 64-bit guests. This is the text
from the spec:
"[The PMJCTL] bit controls which decision mechanism is used
when jumping on phase mismatch. When this bit is cleared the
LSI53C895A will use Phase Mismatch Jump Address 1 (PMJAD1) when
the WSR bit is cleared and Phase Mismatch Jump Address 2 (PMJAD2)
when the WSR bit is set. When this bit is set the LSI53C895A will
use jump address one (PMJAD1) on data out (data out, command,
message out) transfers and jump address two (PMJAD2) on data in
(data in, status, message in) transfers."
Which means:
CCNTL0.PMJCTL
0 SCNTL2.WSR = 0 PMJAD1
0 SCNTL2.WSR = 1 PMJAD2
1 out PMJAD1
1 in PMJAD2
In qemu, what you get instead is:
CCNTL0.PMJCTL
0 out PMJAD1
0 in PMJAD2 <<<<<
1 out PMJAD1
1 in PMJAD1 <<<<<
Considering that qemu always has SCNTL2.WSR cleared, the two marked cases
(corresponding to phase mismatch on input) are always jumping to the
wrong PMJAD register. The patch implements the correct semantics.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Andre Przywara [Wed, 2 Jun 2010 09:57:47 +0000 (11:57 +0200)]
fix CPUID vendor override
the meaning of vendor_override is actually the opposite of how it
is currently used :-(
Fix it to allow KVM to export the non-native CPUID vendor if
explicitly requested by the user.
The intended behavior is:
With TCG:
- always inject the configured vendor (either hard-coded, in config
files or via ",vendor=" commandline)
With KVM:
- by default inject the host's vendor
- if the user specifies ",vendor=" on the commandline, use this
instead of the host's vendor
- all pre-configured vendors (hard-coded, config file) are ignored
Signed-off-by: Andre Przywara <andre.przywara@amd.com> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Wed, 19 May 2010 22:28:45 +0000 (00:28 +0200)]
kvm: Switch kvm_update_guest_debug to run_on_cpu
Guest debugging under KVM is currently broken once io-threads are
enabled. Easily fixable by switching the fake on_vcpu to the real
run_on_cpu implementation.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Avi Kivity <avi@redhat.com>
Stefan Weil [Thu, 24 Jun 2010 20:41:33 +0000 (22:41 +0200)]
win32: Add define for missing EPROTONOSUPPORT
mingw32 does not define EPROTONOSUPPORT (which is used by
migration.c and maybe future patches), so add a
definition which uses a supported errno value.
Signed-off-by: Stefan Weil <weil@mail.berlios.de> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Artyom Tarasenko [Mon, 21 Jun 2010 18:23:21 +0000 (20:23 +0200)]
mask all interrupts when MASTER_DISABLE is set
The MASTER_DISABLE bit (aka mask-all) masks all the interrupts.
According to Sun-4M System Architecture
"The level–15 interrupt sources [...] are maskable with the Interrupt Target
Mask Register. While these interrupts are considered ’non–maskable’ within
the SPARC IU, a mask capability is provided to allow the boot firmware
to establish a basic environment before receiving any level–15 interrupts,
which are non–maskable within SPARC. A mask–all bit is provided to allow
disabling of all external interrupts during change of the CIT."
Signed-off-by: Artyom Tarasenko <atar4qemu@gmail.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Sun, 27 Jun 2010 16:04:31 +0000 (16:04 +0000)]
Remove useless device dependency of HAS_AUDIO
System architecture dictates whether HAS_AUDIO is defined. It's then
useless to check for HAS_AUDIO in files which are only used on those
architectures which always have audio.
Alex Williamson [Thu, 17 Jun 2010 15:15:02 +0000 (09:15 -0600)]
virtio-pci: fix bus master bug setting on load
The comment suggests we're checking for the driver in the ready
state and bus master disabled, but the code is checking that it's
not in the ready state.
Signed-off-by: Alex Williamson <alex.williamson@redhat.com> Found-by: Amit Shah <amit.shah@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Mapped mode stores extended attributes in the user space of the extended
attributes. Given that the user space extended attributes are available
to regular files only, special files are created as regular files on the
fileserver and appropriate mode bits are added to the extended attributes.
This method presents all special files and symlinks as regular files on the
fileserver while they are represented as special files on the guest mount.
virtio-9p: Security model for symlink and readlink
Mapped mode stores extended attributes in the user space of the extended
attributes. Given that the user space extended attributes are available
to regular files only, special files are created as regular files on the
fileserver and appropriate mode bits are added to the extended attributes.
This method presents all special files and symlinks as regular files on the
fileserver while they are represented as special files on the guest mount.
Implemntation of symlink in mapped security model:
A regular file is created and the link target is written to it.
readlink() reads it back from the file.
In the mapped security model, VirtFS server intercepts and maps
the file object create and get/set attribute requests. Files on the fileserver
will be created with VirtFS servers (QEMU) user credentials and the
client-users credentials are stored in extended attributes. On the request
to get attributes, server extracts the client-users credentials
from extended attributes and sends them to the client.
On Host/Fileserver:
-rw-------. 2 virfsuid virtfsgid 0 2010-05-11 09:19 afile
On Guest/Client:
-rw-r--r-- 2 guestuser guestuser 0 2010-05-11 12:19 afile
Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
mapped model changes the owner in the extended attributes.
passthrough model does the change through lchown() as the
server don't need to follow the link and client will send the
actual filesystem object.
Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
virtio-9p: Make infrastructure for the new security model.
This patch adds required infrastructure for the new security model.
- A new configure option for attr/xattr.
- if CONFIG_VIRTFS will be defined if both CONFIG_LINUX and CONFIG_ATTR defined.
- Defines routines related to both security models.
Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
In the case of mapped security model, files are created with QEMU user
credentials and the client-user's credentials are saved in extended attributes.
Whereas in the case of passthrough security model, files on the
filesystem are directly created with client-user's credentials.
Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Michael Tokarev [Wed, 2 Jun 2010 17:33:01 +0000 (14:33 -0300)]
give some useful error messages when tap open
In net/tap-linux.c, when manipulation of /dev/net/tun fails, it prints
(with fprintf) something like this:
warning: could not open /dev/net/tun: no virtual network emulation
this has 2 issues:
1) it is not a warning really, it's a fatal error (kvm exits after
that),
2) there's no indication as of what's actually wrong: printing errno there
is helpful.
The patch below removes the "warning" prefix, uses %m (since it's linux,
%m is available as format modifier), and changes fprintf() to %qemu_error().
Now it prints something like this instead:
could not configure /dev/net/tun: Device or resource busy
(there are 2 messages like that in the same function)
This fixes Debian bug #578154, see
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578154
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
MORITA Kazutaka [Sun, 20 Jun 2010 19:03:52 +0000 (04:03 +0900)]
qemu-io: check registered fds in command_loop()
Some block drivers use an aio handler and do I/O completion routines
in it. However, the handler is not invoked if we only do
aio_read/write, because registered fds are not checked at all.
This patch registers an aio handler of STDIO to checks whether we can
read a command without blocking, and calls qemu_aio_wait() in
command_loop(). Any other handlers can be invoked when user input is
idle.
Signed-off-by: MORITA Kazutaka <morita.kazutaka@lab.ntt.co.jp> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Kevin Wolf [Wed, 16 Jun 2010 14:38:15 +0000 (16:38 +0200)]
block: Add bdrv_(p)write_sync
Add new functions that write and flush the written data to disk immediately.
This is what needs to be used for image format metadata to maintain integrity
for cache=... modes that don't use O_DSYNC. (Actually, we only need barriers,
and therefore the functions are defined as such, but flushes is what is
implemented in this patch - we can try to change that later)
The first eject command didn't work because the is_inserted() check
failed.
I have no clue why the code had the is_inserted() check, as it doesn't matter
if there is a disk present at the host drive, when the user wants the virtual
device to be disconnected from the host device.
The is_inserted() check has another side effect: a memory leak if the "change"
command is used multiple times, as do_change() calls eject_device() before
re-opening the block device, but bdrv_close() is never called.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
scsi-bus: Add MAINTENANCE_IN and MAINTENANCE_OUT SCSIRequest xfer and mode assignments
This patch updates hw/scsi-bus.c to add MAINTENANCE_IN and MAINTENANCE_OUT case in
scsi_req_length() for TYPE_ROM with MMC commands. It also adds the MAINTENANCE_OUT
case in scsi_req_xfer_mode() to set SCSI_XFER_TO_DEV for outgoing write data.
Signed-off-by: Nicholas A. Bellinger <nab@linux-iscsi.org> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Paul Brook [Wed, 16 Jun 2010 12:03:51 +0000 (13:03 +0100)]
Usermode exec-stack fix
When loading a shared library that requires an executable stack,
glibc uses the mprotext PROT_GROWSDOWN flag to achieve this.
We don't support PROT_GROWSDOWN.
Add a special case to handle changing the stack permissions in this way.
tcg: Optionally sign-extend 32-bit arguments for 64-bit hosts.
Some hosts (amd64, ia64) have an ABI that ignores the high bits
of the 64-bit register when passing 32-bit arguments. Others
require the value to be properly sign-extended for the type.
I.e. "int32_t" must be sign-extended and "uint32_t" must be
zero-extended to 64-bits.
To effect this, extend the "sizemask" parameter to tcg_gen_callN
to include the signedness of the type of each parameter. If the
tcg target requires it, extend each 32-bit argument into a 64-bit
temp and pass that to the function call.
This ABI feature is required by sparc64, ppc64 and s390x.
Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Stefan Weil [Tue, 15 Jun 2010 21:03:28 +0000 (23:03 +0200)]
Fix comparison which always returned false
Comparing an 8 bit value with ~0 does not work as expected.
Replace ~0 by UINT8_MAX in comparison and also in assignment
(and fix coding style, too).
Cc: Gleb Natapov <gleb@redhat.com> Cc: Anthony Liguori <aliguori@us.ibm.com> Signed-off-by: Stefan Weil <weil@mail.berlios.de> Signed-off-by: malc <av1474@comtv.ru>
Blue Swirl [Mon, 14 Jun 2010 18:55:33 +0000 (18:55 +0000)]
block: fix a warning and possible truncation
Fix a warning from OpenBSD gcc (3.3.5 (propolice)):
/src/qemu/block.c: In function `bdrv_info_stats_bs':
/src/qemu/block.c:1548: warning: long long int format, long unsigned
int arg (arg 6)
There may be also truncation effects.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Jes Sorensen [Fri, 11 Jun 2010 14:02:34 +0000 (16:02 +0200)]
Correct definitions for FD_CMD_SAVE and FD_CMD_RESTORE
Correct definitions for FD_CMD_SAVE and FD_CMD_RESTORE in hw/fdc.c
Per https://bugs.launchpad.net/qemu/+bug/424453 the correct values
for FD_CMD_SAVE is 0x2e and FD_CMD_RESTORE is 0x4e. Verified against
the Intel 82078 manual which can be found at:
http://wiki.qemu.org/Documentation/HardwareManuals page 22.
Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
We find snapshots by iterating over the list of drives defined with
drive_init(). This misses host block devices defined by other means.
Such means don't exist now, but will be introduced later in this
series.
Iterate over all host block devices instead, with bdrv_next().
Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
block: Decouple block device "commit all" from DriveInfo
do_commit() and mux_proc_byte() iterate over the list of drives
defined with drive_init(). This misses host block devices defined by
other means. Such means don't exist now, but will be introduced later
in this series.
Change them to use new bdrv_commit_all(), which iterates over all host
block devices.
Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Use bdrv_pwrite to access the backing device instead of pread, and
convert the driver to implementing the bdrv_open method which gives
it an already opened BlockDriverState for the underlying device.
Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
We don't have an equivalent to mmap in the qemu block API, so read and
write the bitmap directly. At least in the dumb implementation added
in this patch this is a lot less efficient, but it means cow can also
work on windows, and over nbd or curl. And it fixes qemu-iotests testcase
012 which did not work properly due to issues with read-only mmap access.
In addition we can also get rid of the now unused get_mmap_addr function.
Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Empty file used to create an empty drive (no media). Since commit 9dfd7c7a, it's an error: "qemu: could not open disk image : No such
file or directory". Older versions of libvirt can choke on this.
Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
savevm: Really verify if a drive supports snapshots
Both bdrv_can_snapshot() and bdrv_has_snapshot() does not work as advertized.
First issue: Their names implies different porpouses, but they do the same thing
and have exactly the same code. Maybe copied and pasted and forgotten?
bdrv_has_snapshot() is called in various places for actually checking if there
is snapshots or not.
Second issue: the way bdrv_can_snapshot() verifies if a block driver supports or
not snapshots does not catch all cases. E.g.: a raw image.
So when do_savevm() is called, first thing it does is to set a global
BlockDriverState to save the VM memory state calling get_bs_snapshots().
bdrv_can_snapshot() may return a BlockDriverState that does not support
snapshots and do_savevm() goes on.
Later on in do_savevm(), we find:
QTAILQ_FOREACH(dinfo, &drives, next) {
bs1 = dinfo->bdrv;
if (bdrv_has_snapshot(bs1)) {
/* Write VM state size only to the image that contains the state */
sn->vm_state_size = (bs == bs1 ? vm_state_size : 0);
ret = bdrv_snapshot_create(bs1, sn);
if (ret < 0) {
monitor_printf(mon, "Error while creating snapshot on '%s'\n",
bdrv_get_device_name(bs1));
}
}
}
bdrv_has_snapshot(bs1) is not checking if the device does support or has
snapshots as explained above. Only in bdrv_snapshot_create() the device is
actually checked for snapshot support.
So, in cases where the first device supports snapshots, and the second does not,
the snapshot on the first will happen anyways. I believe this is not a good
behavior. It should be an all or nothing process.
This patch addresses these issues by making bdrv_can_snapshot() actually do
what it must do and enforces better tests to avoid errors in the middle of
do_savevm(). bdrv_has_snapshot() is removed and replaced by bdrv_can_snapshot()
where appropriate.
bdrv_can_snapshot() was moved from savevm.c to block.c. It makes more sense to me.
The loadvm_state() function was updated too to enforce that when loading a VM at
least all writable devices must support snapshots too.
Signed-off-by: Miguel Di Ciurcio Filho <miguel.filho@gmail.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Kevin Wolf [Fri, 4 Jun 2010 09:22:39 +0000 (11:22 +0200)]
qcow2: Allow alloc_clusters_noref to return errors
Currently it would consider blocks for which get_refcount fails used. However,
it's unlikely that get_refcount would succeed for the next cluster, so it's not
really helpful. Return an error instead.
Kevin Wolf [Fri, 4 Jun 2010 09:16:11 +0000 (11:16 +0200)]
qcow2: Allow get_refcount to return errors
get_refcount might need to load a refcount block from disk, so errors may
happen. Return the error code instead of assuming a refcount of 1 and change
the callers to respect error return values.
Gerd Hoffmann [Fri, 4 Jun 2010 12:08:07 +0000 (14:08 +0200)]
Add exit notifiers.
Hook up any cleanup work which needs to be done here. Advantages over
using atexit(3):
(1) You get passed in a pointer to the notifier. If you embed that
into your state struct you can use container_of() to get get your
state info.
(2) You can unregister, say when un-plugging a device.
[ v2: move code out of #ifndef _WIN32 ]
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
qdev: Revert the hack to let -net nic and pci_add set qdev ID
Setting the ID in pci_nic_init() is a blatant violation of the
DeviceState abstraction. Which even carries a comment advising
against this:
/* This structure should not be accessed directly. We declare it here
so that it can be embedded in individual device state structures. */
What's worse, it bypasses the code ensuring unique qdev IDs: "-device
virtio-net-pci,id=foo -net nic,id=foo -net nic,name=foo" happily
creates three qdevs with ID "foo". That's because qdev relies on
qemu_opts_create() to ensure unique IDs, but -net nic uses a different
QemuOptsList, which means id is in a different namespace. And its
name is not checked for uniqueness at all.
-net nic and pci_add are legacy. Use -device and device_add if you
want a NIC with a qdev ID.
This reverts what's still left of commit eb54b6dc "qdev: add id=
support for pci nics."
Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Clarify error message when a PCI slot is already in use (v2)
When mistakenly configuring two devices in the same PCI slot,
QEMU gives a not entirely obvious message about a 'devfn' being
in use:
$ qemu -device rtl8139 -device virtio-balloon-pci,bus=pci.0,addr=0x3
qemu-kvm: -device virtio-balloon-pci,bus=pci.0,addr=0x3: PCI: devfn 24 not available for virtio-balloon-pci, in use by rtl8139
The user does not configure 'devfn' numbers, they use slot+function.
Thus the error messages should be reported back to the user with that
same terminology rather than the internal QEMU terminology. This
patch makes it report:
$ qemu -device rtl8139 -device virtio-balloon-pci,bus=pci.0,addr=0x3
qemu: -device virtio-balloon-pci,bus=pci.0,addr=0x3.7: PCI: slot 3 function 0 not available for virtio-balloon-pci, in use by rtl8139
Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Pass the MultiReqBuffer structure down all the way to the I/O submission
instead of takin it apart. Also mark num_writes unsigned as it can't
go negative, and take the check for any pending I/O requests into the
submission function. Last but not least rename do_multiwrite to
virtio_submit_multiwrite to fit the general naming scheme and make clear
what it does.
Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jes Sorensen [Tue, 8 Jun 2010 13:12:18 +0000 (15:12 +0200)]
un-register kbd driver in case of USB kbd unplug.
If a USB keyboard is unplugged, the keyboard eventhandler is never
removed, and events will continue to be passed through to the device,
causing crashes or memory corruption.
Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
projects / qemu-xen.git / log