Dmitry Fleytman [Wed, 1 Jun 2016 08:23:40 +0000 (11:23 +0300)]
rtl8139: Move more TCP definitions to common header
Signed-off-by: Dmitry Fleytman <dmitry.fleytman@ravellosystems.com> Signed-off-by: Leonid Bloch <leonid.bloch@ravellosystems.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Dmitry Fleytman <dmitry.fleytman@ravellosystems.com> Signed-off-by: Leonid Bloch <leonid.bloch@ravellosystems.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Dmitry Fleytman [Wed, 1 Jun 2016 08:23:38 +0000 (11:23 +0300)]
vmxnet3: Use common MAC address tracing macros
Signed-off-by: Dmitry Fleytman <dmitry.fleytman@ravellosystems.com> Signed-off-by: Leonid Bloch <leonid.bloch@ravellosystems.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Dmitry Fleytman [Wed, 1 Jun 2016 08:23:37 +0000 (11:23 +0300)]
net: Add macros for MAC address tracing
These macros will be used by future commits introducing
e1000e device emulation and by vmxnet3 tracing code.
Signed-off-by: Dmitry Fleytman <dmitry.fleytman@ravellosystems.com> Signed-off-by: Leonid Bloch <leonid.bloch@ravellosystems.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Dmitry Fleytman [Wed, 1 Jun 2016 08:23:36 +0000 (11:23 +0300)]
net: Introduce Toeplitz hash calculator
Signed-off-by: Dmitry Fleytman <dmitry.fleytman@ravellosystems.com> Signed-off-by: Leonid Bloch <leonid.bloch@ravellosystems.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Dmitry Fleytman [Wed, 1 Jun 2016 08:23:35 +0000 (11:23 +0300)]
vmxnet3: Use generic function for DSN capability definition
Signed-off-by: Dmitry Fleytman <dmitry.fleytman@ravellosystems.com> Signed-off-by: Leonid Bloch <leonid.bloch@ravellosystems.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Dmitry Fleytman [Wed, 1 Jun 2016 08:23:34 +0000 (11:23 +0300)]
pcie: Introduce function for DSN capability creation
Signed-off-by: Dmitry Fleytman <dmitry.fleytman@ravellosystems.com> Signed-off-by: Leonid Bloch <leonid.bloch@ravellosystems.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Dmitry Fleytman [Wed, 1 Jun 2016 08:23:33 +0000 (11:23 +0300)]
pcie: Add support for PCIe CAP v1
Added support for PCIe CAP v1, while reusing some of the existing v2
infrastructure.
Signed-off-by: Dmitry Fleytman <dmitry.fleytman@ravellosystems.com> Signed-off-by: Leonid Bloch <leonid.bloch@ravellosystems.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Dmitry Fleytman [Wed, 1 Jun 2016 08:23:32 +0000 (11:23 +0300)]
pci: Introduce define for PM capability version 1.1
Signed-off-by: Dmitry Fleytman <dmitry.fleytman@ravellosystems.com> Signed-off-by: Leonid Bloch <leonid.bloch@ravellosystems.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Dmitry Fleytman [Wed, 1 Jun 2016 08:23:31 +0000 (11:23 +0300)]
msix: make msix_clr_pending() visible for clients
This function will be used by e1000e device code.
Signed-off-by: Dmitry Fleytman <dmitry.fleytman@ravellosystems.com> Signed-off-by: Leonid Bloch <leonid.bloch@ravellosystems.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Dmitry Fleytman [Wed, 1 Jun 2016 08:23:30 +0000 (11:23 +0300)]
pci: fix unaligned access in pci_xxx_quad()
Replace legacy cpu_to_le64w()/le64_to_cpup()
calls with stq_le_p()/ldq_le_p().
Motivation for this modification is that
follow up patches add utility function
pcie_dev_ser_num_init() for PCIe DSN
capability creation which uses
pci_set_quad() with a misaligned offset.
Signed-off-by: Dmitry Fleytman <dmitry.fleytman@ravellosystems.com> Signed-off-by: Leonid Bloch <leonid.bloch@ravellosystems.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
When receiving packets over MIPSnet network device, it uses
receive buffer of size 1514 bytes. In case the controller
accepts large(MTU) packets, it could lead to memory corruption.
Add check to avoid it.
Reported by: Oleksandr Bazhaniuk <oleksandr.bazhaniuk@intel.com> Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> Signed-off-by: Jason Wang <jasowang@redhat.com>
Peter Maydell [Tue, 24 May 2016 12:06:32 +0000 (13:06 +0100)]
Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging
X86 queue, 2016-05-23
# gpg: Signature made Mon 23 May 2016 23:48:27 BST using RSA key ID 984DC5A6
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>"
* remotes/ehabkost/tags/x86-pull-request:
target-i386: kvm: Eliminate kvm_msr_entry_set()
target-i386: kvm: Simplify MSR setting functions
target-i386: kvm: Simplify MSR array construction
target-i386: kvm: Increase MSR_BUF_SIZE
target-i386: kvm: Allocate kvm_msrs struct once per VCPU
target-i386: Call cpu_exec_init() on realize
target-i386: Move TCG initialization to realize time
target-i386: Move TCG initialization check to tcg_x86_init()
cpu: Eliminate cpudef_init(), cpudef_setup()
target-i386: Set constant model_id for qemu64/qemu32/athlon
pc: Set CPU model-id on compat_props for pc <= 2.4
osdep: Move default qemu_hw_version() value to a macro
target-i386: kvm: Use X86XSaveArea struct for xsave save/load
target-i386: Use xsave structs for ext_save_area
target-i386: Define structs for layout of xsave area
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Tue, 24 May 2016 11:21:07 +0000 (12:21 +0100)]
Merge remote-tracking branch 'remotes/amit-migration/tags/migration-2.7-1' into staging
migration fixes:
- ensure src block devices continue fine after a failed migration
- fail on migration blockers; helps 9p savevm/loadvm
- move autoconverge commands out of experimental state
- move the migration-specific qjson in migration/
# gpg: Signature made Mon 23 May 2016 18:15:09 BST using RSA key ID 657EF670
# gpg: Good signature from "Amit Shah <amit@amitshah.net>"
# gpg: aka "Amit Shah <amit@kernel.org>"
# gpg: aka "Amit Shah <amitshah@gmx.net>"
* remotes/amit-migration/tags/migration-2.7-1:
migration: regain control of images when migration fails to complete
savevm: fail if migration blockers are present
migration: Promote improved autoconverge commands out of experimental state
migration/qjson: Drop gratuitous use of QOM
migration: Move qjson.[ch] to migration/
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Tue, 24 May 2016 10:38:22 +0000 (11:38 +0100)]
Merge remote-tracking branch 'remotes/amit-virtio-rng/tags/rng-2.7-1' into staging
rng: rename RndRandom to RndRandom
# gpg: Signature made Mon 23 May 2016 16:44:58 BST using RSA key ID 657EF670
# gpg: Good signature from "Amit Shah <amit@amitshah.net>"
# gpg: aka "Amit Shah <amit@kernel.org>"
# gpg: aka "Amit Shah <amitshah@gmx.net>"
* remotes/amit-virtio-rng/tags/rng-2.7-1:
rng-random: rename RndRandom to RngRandom
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Tue, 24 May 2016 09:19:45 +0000 (10:19 +0100)]
Merge remote-tracking branch 'remotes/xtensa/tags/20160523-opencores_eth' into staging
opencores_eth cleanups:
- use mii.h
- reduce stack usage in open_eth_start_xmit.
# gpg: Signature made Mon 23 May 2016 20:14:20 BST using RSA key ID F83FA044
# gpg: Good signature from "Max Filippov <max.filippov@cogentembedded.com>"
# gpg: aka "Max Filippov <jcmvbkbc@gmail.com>"
* remotes/xtensa/tags/20160523-opencores_eth:
hw/net/opencores_eth: Allocating Large sized arrays to heap
hw/net/opencores_eth: use mii.h
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Eduardo Habkost [Wed, 16 Dec 2015 19:06:43 +0000 (17:06 -0200)]
target-i386: kvm: Increase MSR_BUF_SIZE
We are dangerously close to the array limits in kvm_put_msrs()
and kvm_get_msrs(): with the default mcg_cap configuration, we
can set up to 148 MSRs in kvm_put_msrs(), and if we allow mcg_cap
to be changed, we can write up to 236 MSRs.
Use 4096 bytes for the buffer, that can hold 255 kvm_msr_entry
structs.
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Eduardo Habkost [Fri, 13 Feb 2015 01:04:50 +0000 (23:04 -0200)]
target-i386: Call cpu_exec_init() on realize
QOM instance_init functions are not supposed to have any side-effects,
as new objects may be created at any moment for querying property
information (see qmp_device_list_properties()).
Calling cpu_exec_init() also affects QEMU's ability to handle errors
during CPU creation, as some actions done by cpu_exec_init() can't be
reverted.
Move cpu_exec_init() call to realize so a simple object_new() won't
trigger it, and so that it is called after some basic validation of CPU
parameters.
Reviewed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Eduardo Habkost [Fri, 13 Feb 2015 00:57:44 +0000 (22:57 -0200)]
target-i386: Move TCG initialization to realize time
QOM instance_init functions are not supposed to have any side-effects,
as new objects may be created at any moment for querying property
information (see qmp_device_list_properties()).
Move TCG initialization to realize time so it won't be called when just
doing object_new() on a X86CPU subclass.
Reviewed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
target-i386: Set constant model_id for qemu64/qemu32/athlon
Newer PC machines don't set hw_version, and older machines set
model-id on compat_props explicitly, so we don't need the
x86_cpudef_setup() code that sets model_id using
qemu_hw_version() anymore.
Zhou Jie [Wed, 27 Apr 2016 02:07:48 +0000 (10:07 +0800)]
hw/net/opencores_eth: Allocating Large sized arrays to heap
open_eth_start_xmit has a huge stack usage of 65536 bytes approx.
Moving large arrays to heap to reduce stack usage.
Reduce size of a buffer allocated on stack to 0x600 bytes, which is the
maximal frame length when HUGEN bit is not set in MODER, only allocate
buffer on heap when that is too small. Thus heap is not used in typical
use case.
Signed-off-by: Zhou Jie <zhoujie2011@cn.fujitsu.com> Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
If we try postcopy with a similar scenario, we also get the writev error
message but QEMU leaves the guest paused because entered_postcopy is true.
We could possibly do the same with precopy and leave the guest paused.
But since the historical default for migration errors is to restart the
source, this patch adds a call to bdrv_invalidate_cache_all() instead.
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Message-Id: <146357896785.6003.11983081732454362715.stgit@bahia.huguette.org> Signed-off-by: Amit Shah <amit.shah@redhat.com>
pc: Set CPU model-id on compat_props for pc <= 2.4
Instead of relying on x86_cpudef_setup() calling
qemu_hw_version(), just make old machines set model-id explicitly
on compat_props for qemu64, qemu32, and athlon. This will allow
us to eliminate x86_cpudef_setup() later.
Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Eduardo Habkost [Mon, 23 Nov 2015 12:43:26 +0000 (10:43 -0200)]
target-i386: kvm: Use X86XSaveArea struct for xsave save/load
Instead of using offset macros and bit operations in a uint32_t
array, use the X86XSaveArea struct to perform the loading/saving
operations in kvm_put_xsave() and kvm_get_xsave().
Eduardo Habkost [Sat, 28 Nov 2015 16:32:26 +0000 (14:32 -0200)]
target-i386: Use xsave structs for ext_save_area
This doesn't introduce any change in the code, as the offsets and
struct sizes match what was present in the table. This can be
validated by the QEMU_BUILD_BUG_ON lines on target-i386/cpu.h,
which ensures the struct sizes and offsets match the existing
values in ext_save_area.
Eduardo Habkost [Thu, 19 Nov 2015 18:52:33 +0000 (16:52 -0200)]
target-i386: Define structs for layout of xsave area
Add structs that define the layout of the xsave areas used by
Intel processors. Add some QEMU_BUILD_BUG_ON lines to ensure the
structs match the XSAVE_* macros in target-i386/kvm.c and the
offsets and sizes at target-i386/cpu.c:ext_save_areas.
Greg Kurz [Wed, 4 May 2016 19:44:19 +0000 (21:44 +0200)]
savevm: fail if migration blockers are present
QEMU has currently two ways to prevent migration to occur:
- migration blocker when it depends on runtime state
- VMStateDescription.unmigratable when migration is not supported at all
This patch gathers all the logic into a single function to be called from
both the savevm and the migrate paths.
This fixes a bug with 9p, at least, where savevm would succeed and the
following would happen in the guest after loadvm:
$ ls /host
ls: cannot access /host: Protocol error
With this patch:
(qemu) savevm foo
Migration is disabled when VirtFS export path '/' is mounted in the guest
using mount_tag 'host'
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <146239057139.11271.9011797645454781543.stgit@bahia.huguette.org>
[Update subject according to Paolo's suggestion - Amit]
Peter Maydell [Mon, 23 May 2016 15:15:51 +0000 (16:15 +0100)]
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
* NMI cleanups (Bandan)
* RAMBlock/Memory cleanups and fixes (Dominik, Gonglei, Fam, me)
* first part of linuxboot support for fw_cfg DMA (Richard)
* IOAPIC fix (Peter Xu)
* iSCSI SG_IO fix (Vadim)
* Various infrastructure bug fixes (Zhijian, Peter M., Stefan)
* CVE fixes (Prasad)
# gpg: Signature made Mon 23 May 2016 16:06:18 BST using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>"
* remotes/bonzini/tags/for-upstream: (24 commits)
cpus: call the core nmi injection function
nmi: remove x86 specific nmi handling
target-i386: add a generic x86 nmi handler
coccinelle: add g_assert_cmp* to macro file
iscsi: pass SCSI status back for SG_IO
esp: check dma length before reading scsi command(CVE-2016-4441)
esp: check command buffer length before write(CVE-2016-4439)
scripts/signrom.py: Check for magic in option ROMs.
scripts/signrom.py: Allow option ROM checksum script to write the size header.
Remove config-devices.mak on 'make clean'
cpus.c: Use pthread_sigmask() rather than sigprocmask()
memory: remove unnecessary masking of MemoryRegion ram_addr
memory: Drop FlatRange.romd_mode
memory: Remove code for mr->may_overlap
exec: adjust rcu_read_lock requirement
memory: drop find_ram_block()
vl: change runstate only if new state is different from current state
ioapic: clear remote irr bit for edge-triggered interrupts
ioapic: keep RO bits for IOAPIC entry
target-i386: key sfence availability on CPUID_SSE, not CPUID_SSE2
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Bandan Das [Fri, 20 May 2016 16:28:37 +0000 (12:28 -0400)]
cpus: call the core nmi injection function
We can call the common function here directly since
x86 specific actions will be taken care of by the arch
specific nmi handler
Signed-off-by: Bandan Das <bsd@redhat.com>
Message-Id: <1463761717-26558-4-git-send-email-bsd@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Bandan Das [Fri, 20 May 2016 16:28:36 +0000 (12:28 -0400)]
nmi: remove x86 specific nmi handling
nmi_monitor_handle is wired to call the x86 nmi
handler. So, we can directly use it at call sites.
Signed-off-by: Bandan Das <bsd@redhat.com>
Message-Id: <1463761717-26558-3-git-send-email-bsd@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Bandan Das [Fri, 20 May 2016 16:28:35 +0000 (12:28 -0400)]
target-i386: add a generic x86 nmi handler
Instead of having x86 ifdefs in core nmi code, this
change adds a arch specific handler that the nmi common
code can call.
Signed-off-by: Bandan Das <bsd@redhat.com>
Message-Id: <1463761717-26558-2-git-send-email-bsd@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
esp: check dma length before reading scsi command(CVE-2016-4441)
The 53C9X Fast SCSI Controller(FSC) comes with an internal 16-byte
FIFO buffer. It is used to handle command and data transfer.
Routine get_cmd() uses DMA to read scsi commands into this buffer.
Add check to validate DMA length against buffer size to avoid any
overrun.
Fixes CVE-2016-4441.
Reported-by: Li Qiang <liqiang6-s@360.cn> Cc: qemu-stable@nongnu.org Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <1463654371-11169-3-git-send-email-ppandit@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
esp: check command buffer length before write(CVE-2016-4439)
The 53C9X Fast SCSI Controller(FSC) comes with an internal 16-byte
FIFO buffer. It is used to handle command and data transfer. While
writing to this command buffer 's->cmdbuf[TI_BUFSZ=16]', a check
was missing to validate input length. Add check to avoid OOB write
access.
Fixes CVE-2016-4439.
Reported-by: Li Qiang <liqiang6-s@360.cn> Cc: qemu-stable@nongnu.org Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <1463654371-11169-2-git-send-email-ppandit@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
scripts/signrom.py: Check for magic in option ROMs.
Because of the risk that compilers might not emit the asm() block at
the beginning of the option ROM, check that the ROM contains the
required magic signature.
Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
Message-Id: <1463000807-18015-3-git-send-email-rjones@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
scripts/signrom.py: Allow option ROM checksum script to write the size header.
Modify the signrom.py script so that if the size byte in the header is
0 (ie. not set) then the script will set the size. If the size byte
is non-zero then we do the same as before, so this doesn't require
changes to any existing ROM sourcecode.
Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
Message-Id: <1463000807-18015-2-git-send-email-rjones@redhat.com>
Peter Maydell [Tue, 17 May 2016 11:27:31 +0000 (12:27 +0100)]
Remove config-devices.mak on 'make clean'
Our dependency mechanism works like this:
* on first build there is neither a .o nor a .d
* we create the .d as a side effect of creating the .o
* for rebuilds we know when we need to update the .o,
which also updates the .d
This system requires that you're never in a situation where there is
a .o file but no .d (because then we will never realise we need to
build the .d, and we will not have the dependency information about
when to rebuild the .o).
This is working fine for our object files, but we also try to use it
for $TARGET/config-devices.mak (where the dependency file is
in $TARGET-config-devices.mak.d). Unfortunately "make clean" doesn't
remove config-devices.mak, which means that it puts us in the
forbidden situation of "object file exists but not its .d file".
This in turn means that we will fail to notice when we need to rebuild:
mkdir build/depbug
(cd build/depbug && '../../configure')
make -C build/depbug -j8
make -C build/depbug clean
echo "CONFIG_CANARY = y" >> default-configs/arm-softmmu.mak
make -C build/depbug
grep CANARY build/depbug/aarch64-softmmu/config-devices.mak
The CANARY token should show up in config-devices.mak but does not.
Fix this bug by making "make clean" delete the config-devices.mak files.
config-all-devices.mak doesn't have the same problem since it has
no .d file, but delete it too, since it is created by "make" and
logically should be removed by "make clean".
(Note that it is important not to remove config-devices.mak until
after we have recursively run 'make clean' in the subdirectories.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <1463484451-22979-1-git-send-email-peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Peter Maydell [Mon, 16 May 2016 17:33:59 +0000 (18:33 +0100)]
cpus.c: Use pthread_sigmask() rather than sigprocmask()
On Linux, sigprocmask() and pthread_sigmask() are in practice the
same thing (they only set the signal mask for the calling thread),
but the documentation states that the behaviour of sigprocmask() in a
multithreaded process is undefined. Use pthread_sigmask() instead
(which is what we do in almost all places in QEMU that alter the
signal mask already).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <1463420039-29761-1-git-send-email-peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Gonglei [Tue, 10 May 2016 02:04:59 +0000 (10:04 +0800)]
memory: drop find_ram_block()
On the one hand, we have already qemu_get_ram_block() whose function
is similar. On the other hand, we can directly use mr->ram_block but
searching RAMblock by ram_addr which is a kind of waste.
Peter Xu [Tue, 10 May 2016 10:21:22 +0000 (18:21 +0800)]
ioapic: clear remote irr bit for edge-triggered interrupts
This is to better emulate IOAPIC version 0x1X hardware. Linux kernel
leveraged this "feature" to do explicit EOI since EOI register is still
not introduced at that time. This will also fix the issue that level
triggered interrupts failed to work when IR enabled (tested with Linux
kernel version 4.5).
Reviewed-by: Radim Krčmář <rkrcmar@redhat.com> Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <1462875682-1349-3-git-send-email-peterx@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reported-by: Stefan Weil <sw@weilnetz.de> Fixes: 121f3157887f92268a3d6169e2d4601f9292020b Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Stefan Weil [Thu, 28 Apr 2016 21:33:41 +0000 (23:33 +0200)]
configure: Allow builds with extra warnings
The clang compiler supports a useful compiler option -Weverything,
and GCC also has other warnings not enabled by -Wall.
If glib header files trigger a warning, however, testing glib with
-Werror will always fail. A size mismatch is also detected without
-Werror, so simply remove it.
Cc: qemu-stable@nongnu.org Signed-off-by: Stefan Weil <sw@weilnetz.de>
Message-Id: <1461879221-13338-1-git-send-email-sw@weilnetz.de> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
When processing Task Priorty Register(TPR) access, it could leak
automatic stack variable 'imm32' in patch_instruction().
Initialise the variable to avoid it.
Peter Maydell [Mon, 23 May 2016 14:53:02 +0000 (15:53 +0100)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20160523-1' into staging
usb: add xen pvUSB backend, add num-ports check to ohci.
# gpg: Signature made Mon 23 May 2016 14:02:25 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg: aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
* remotes/kraxel/tags/pull-usb-20160523-1:
usb/ohci: Fix crash with when specifying too many num-ports
xen: add pvUSB backend
xen: write information about supported backends
xen: introduce dummy system device
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
# gpg: Signature made Mon 23 May 2016 13:30:26 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg: aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
* remotes/kraxel/tags/pull-vga-20160523-1:
vga: add sr_vbe register set
virtio-gpu: fix ui idx check
virtio-gpu: use VIRTIO_GPU_MAX_SCANOUTS
virtio-gpu: check max_outputs only
virtio-gpu: check max_outputs value
virtio-vga: propagate on gpu realized error
virtio-gpu: check early scanout id
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Thomas Huth [Mon, 23 May 2016 09:23:07 +0000 (11:23 +0200)]
usb/ohci: Fix crash with when specifying too many num-ports
QEMU currently crashes when an OHCI controller is instantiated with
too many ports, e.g. "-device pci-ohci,num-ports=100,masterbus=1".
Thus add a proper check in usb_ohci_init() to make sure that we
do not use more than OHCI_MAX_PORTS = 15 ports here.
Gerd Hoffmann [Tue, 17 May 2016 08:54:54 +0000 (10:54 +0200)]
vga: add sr_vbe register set
Commit "fd3c136 vga: make sure vga register setup for vbe stays intact
(CVE-2016-3712)." causes a regression. The win7 installer is unhappy
because it can't freely modify vga registers any more while in vbe mode.
This patch introduces a new sr_vbe register set. The vbe_update_vgaregs
will fill sr_vbe[] instead of sr[]. Normal vga register reads and
writes go to sr[]. Any sr register read access happens through a new
sr() helper function which will read from sr_vbe[] with vbe active and
from sr[] otherwise.
This way we can allow guests update sr[] registers as they want, without
allowing them disrupt vbe video modes that way.
Juergen Gross [Thu, 12 May 2016 14:13:40 +0000 (16:13 +0200)]
xen: write information about supported backends
Add a Xenstore directory for each supported pv backend. This will allow
Xen tools to decide which backend type to use in case there are
multiple possibilities.
The information is added under
/local/domain/<backend-domid>/device-model/<domid>/backends
before the "running" state is written to Xenstore. Using a directory
for each backend enables us to add parameters for specific backends
in the future.
This interface is documented in the Xen source repository in the file
docs/misc/qemu-backends.txt
In order to reuse the Xenstore directory creation already present in
hw/xen/xen_devconfig.c move the related functions to
hw/xen/xen_backend.c where they fit better.
Signed-off-by: Juergen Gross <jgross@suse.com> Acked-by: Anthony PERARD <anthony.perard@citrix.com> Reviewed-by: Wei Liu <wei.liu2@citrix.com>
Message-id: 1463062421-613-3-git-send-email-jgross@suse.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Juergen Gross [Thu, 12 May 2016 14:13:39 +0000 (16:13 +0200)]
xen: introduce dummy system device
Introduce a new dummy system device serving as parent for virtual
buses. This will enable new pv backends to introduce virtual buses
which are removable again opposed to system buses which are meant
to stay once added.
Signed-off-by: Juergen Gross <jgross@suse.com> Acked-by: Anthony PERARD <anthony.perard@citrix.com> Reviewed-by: Wei Liu <wei.liu2@citrix.com>
Message-id: 1463062421-613-2-git-send-email-jgross@suse.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Jason J. Herne [Thu, 21 Apr 2016 18:07:18 +0000 (14:07 -0400)]
migration: Promote improved autoconverge commands out of experimental state
The new autoconverge throttling commands have been tested for a release now. It
is time to move them out of the experimental state.
Signed-off-by: Jason J. Herne <jjherne@linux.vnet.ibm.com>
Message-Id: <1461262038-8197-1-git-send-email-jjherne@linux.vnet.ibm.com> Signed-off-by: Amit Shah <amit.shah@redhat.com>
Peter Maydell [Mon, 23 May 2016 09:30:41 +0000 (10:30 +0100)]
Merge remote-tracking branch 'remotes/ehabkost/tags/machine-pull-request' into staging
Machine Core queue, 2016-05-20
# gpg: Signature made Fri 20 May 2016 21:26:49 BST using RSA key ID 984DC5A6
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>"
* remotes/ehabkost/tags/machine-pull-request: (21 commits)
Use &error_fatal when initializing crypto on qemu-{img,io,nbd}
vl: Use &error_fatal when parsing monitor options
vl: Use &error_fatal when parsing VNC options
machine: add properties to compat_props incrementaly
vl: Simplify global property registration
vl: Make display_remote a local variable
vl: Move DisplayType typedef to vl.c
vl: Make display_type a local variable
vl: Replace DT_NOGRAPHIC with machine option
milkymist: Move DT_NOGRAPHIC check outside milkymist_tmu2_create()
spice: Initialization stubs on qemu-spice.h
gtk: Initialization stubs
cocoa: cocoa_display_init() stub
sdl: Initialization stubs
curses: curses_display_init() stub
vnc: Initialization stubs
vl: Add DT_COCOA DisplayType value
vl: Replace *_vga_available() functions with class_names field
vl: Table-based select_vgahw()
vl: Use exit(1) when requested VGA interface is unavailable
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
All the use of QOM buys us here is the ability to destroy the thing
with object_unref(OBJECT(vmdesc)). Not worth the notational overhead.
Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <1462380558-2030-3-git-send-email-armbru@redhat.com> Signed-off-by: Amit Shah <amit.shah@redhat.com>
Type QJSON lets you build JSON text. Its interface mirrors (a subset
of) abstract JSON syntax.
QAPI output visitors also produce JSON text. They assert their
preconditions and invariants, and therefore abort on incorrect use.
Contrastingly, QJSON does *not* detect incorrect use. It happily
produces invalid JSON then. This is what migration wants.
QJSON was designed for migration, and migration is its only user.
Move it to migration/ for proper coverage by MAINTAINERS, and to deter
accidental use outside migration.
[Pointed out by Eric: QJSON was added in commits 0457d07..b174257
-- Amit]
Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <1462380558-2030-2-git-send-email-armbru@redhat.com> Signed-off-by: Amit Shah <amit.shah@redhat.com>
Usually, Random Number Generator is abbreviated to RNG/rng.
so replacing RndRandom with RngRandom seems more reasonable
and keep consistent with RngBackend.
Signed-off-by: Wei Jiangang <weijg.fnst@cn.fujitsu.com> Reviewed-by: Pankaj Gupta <pagupta@redhat.com>
Message-Id: <1460684168-5403-1-git-send-email-weijg.fnst@cn.fujitsu.com> Signed-off-by: Amit Shah <amit.shah@redhat.com>
Eduardo Habkost [Thu, 12 May 2016 14:10:04 +0000 (11:10 -0300)]
Use &error_fatal when initializing crypto on qemu-{img,io,nbd}
In addition to making the code simpler, this will replace the
long error messages:
cannot initialize crypto: Unable to initialize GNUTLS library: [...]
cannot initialize crypto: Unable to initialize gcrypt
with shorter messages:
Unable to initialize GNUTLS library: [...]
Unable to initialize gcrypt
Igor Mammedov [Thu, 28 Jan 2016 10:58:08 +0000 (11:58 +0100)]
machine: add properties to compat_props incrementaly
Switch to adding compat properties incrementaly instead of
completly overwriting compat_props per machine type.
That removes data duplication which we have due to nested
[PC|SPAPR]_COMPAT_* macros.
It also allows to set default device properties from
default foo_machine_options() hook, which will be used
in following patch for putting VMGENID device as
a function if ISA bridge on pc/q35 machines.
Eduardo Habkost [Thu, 28 Jan 2016 15:11:04 +0000 (13:11 -0200)]
vl: Simplify global property registration
There's no need to use qdev_prop_register_global_list() and an
array, if we are registering a single GlobalProperty struct. Use
qdev_prop_register_global() instead.
Reviewed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
All DisplayType values are just UI options that don't affect any
hardware emulation code, except for DT_NOGRAPHIC. Replace
DT_NOGRAPHIC with DT_NONE plus a new "-machine graphics=on|off"
option, so hardware emulation code don't need to use the
display_type variable.
Cc: Michael Walle <michael@walle.cc> Cc: Blue Swirl <blauwirbel@gmail.com> Cc: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
This reduces the number of CONFIG_VNC #ifdefs in the vl.c code.
The only user-visible difference is that this will make QEMU
complain about syntax when using "-display vnc" ("VNC requires a
display argument vnc=<display>") even if CONFIG_VNC is disabled.
Instead of reusing DT_SDL for Cocoa, use DT_COCOA to indicate
that a Cocoa display was requested.
configure already ensures CONFIG_COCOA and CONFIG_SDL are never
set at the same time. The only case where DT_SDL is used outside
a #ifdef CONFIG_SDL block is in the no_frame/alt_grab/ctrl_grab
check. That means the only user-visible change is that we will
start printing a warning if the SDL-specific options are used in
Cocoa mode. This is a bugfix, because no_frame/alt_grab/ctrl_grab
are not used by Cocoa code.
Cc: Andreas Färber <andreas.faerber@web.de> Cc: Peter Maydell <peter.maydell@linaro.org> Acked-by: Andreas Färber <andreas.faerber@web.de> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
projects / qemu-xen.git / log