target-arm: Make vbar_write writeback to any CPREG
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1400980132-25949-22-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
target-arm: A64: Generalize update_spsel for the various ELs
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1400980132-25949-21-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Adds support for ERET to and from AArch64 EL2 and 3.
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1400980132-25949-20-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
target-arm: A64: Trap ERET from EL0 at translation time
Suggested-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1400980132-25949-19-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
target-arm: A64: Forbid ERET to higher or unimplemented ELs
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1400980132-25949-18-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1400980132-25949-17-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1400980132-25949-16-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1400980132-25949-15-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1400980132-25949-14-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Add aarch64_banked_spsr_index(), used to map an Exception Level
to an index in the banked_spsr array.
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1400980132-25949-13-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
target-arm: Add SPSR entries for EL2/HYP and EL3/MON
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1400980132-25949-12-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1400980132-25949-11-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1400980132-25949-10-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
No functional change.
Preparation for adding EL2 and 3 versions of this reg.
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1400980132-25949-9-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
No functional change.
Prepares for future addtion of EL2 and 3 versions of this reg.
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1400980132-25949-8-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
No functional change.
Prepares for future additions of the EL2 and 3 versions of this reg.
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1400980132-25949-7-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
target-arm: Use a 1:1 mapping between EL and MMU index
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Message-id: 1400980132-25949-6-git-send-email-edgar.iglesias@gmail.com
Message-id: 1400805738-11889-7-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
target-arm: A32: Use get_mem_index for load/stores
Avoid using IS_USER directly as the MMU-idx to simplify future
changes to the MMU layout.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1400980132-25949-5-git-send-email-edgar.iglesias@gmail.com
Message-id: 1400805738-11889-6-git-send-email-edgar.iglesias@gmail.com
[PMM: parts relating to LDRT/STRT moved into earlier patches] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Tue, 27 May 2014 16:09:50 +0000 (17:09 +0100)]
target-arm/translate.c: Use get_mem_index() for SRS memory accesses
The SRS instruction was using a hardcoded 0 for the memory
accesses. This happens to be OK since the SRS instruction is
UNPREDICTABLE in User and System modes, but is awkward if we
want to rearrange the MMU index uses. Switch to using
get_mem_index() like all the other accesses.
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1400980132-25949-4-git-send-email-edgar.iglesias@gmail.com
Peter Maydell [Tue, 27 May 2014 16:09:50 +0000 (17:09 +0100)]
target-arm/translate.c: Clean up mmu index handling for ldrt/strt
Clean up the mmu index handling for ldrt/strt insns: instead
of a flag 'user' indicating whether to treat the store as user
mode or not, use 'memidx' to indicate the correct memory index to use.
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1400980132-25949-3-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1400980132-25949-2-git-send-email-edgar.iglesias@gmail.com
Message-id: 1400805738-11889-5-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Fabian Aggeler [Tue, 27 May 2014 16:09:49 +0000 (17:09 +0100)]
target-arm: implement CPACR register logic for ARMv7
In ARMv7 the CPACR register allows to control access rights to
coprocessor 0-13 interfaces. Bits corresponding to unimplemented
coprocessors should be RAZ/WI. Bits ASEDIS, D32DIS, TRCDIS are
UNK/SBZP if VFP is not implemented and RAO/WI in some cases.
Treating TRCDIS as RAZ/WI since we neither implement a trace
macrocell nor a CP14 interface to the trace macrocell registers.
Since CPACR bits for VFP/Neon access are honoured with the CPACR_FPEN
bit in the TB flags, flushing the TLB is not necessary anymore.
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Message-id: 1400532968-30668-1-git-send-email-aggelerf@ethz.ch Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Tue, 27 May 2014 16:09:49 +0000 (17:09 +0100)]
hw/display/pxa2xx_lcd: Fix 16bpp+alpha and 18bpp+alpha palette formats
The pxa2xx palette entry "16bpp plus transparency" format is
xxxxxxxTRRRRR000GGGGGG00BBBBB000, and "18bpp plus transparency" is
xxxxxxxTRRRRRR00GGGGGG00BBBBBB00.
Correct errors in the code for reading these and converting
them to the internal format. In particular, the buggy code
was attempting to mask out bit 24 of a uint16_t, which
Coverity spotted as an error.
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1400233901-31785-1-git-send-email-peter.maydell@linaro.org
Rob Herring [Tue, 27 May 2014 16:09:49 +0000 (17:09 +0100)]
MAINTAINERS: update Calxeda Highbank maintainer and status
Signed-off-by: Rob Herring <rob.herring@linaro.org>
Message-id: 1400116198-3155-1-git-send-email-robherring2@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Christoffer Dall [Tue, 27 May 2014 12:37:43 +0000 (14:37 +0200)]
target-arm: Fix segfault on startup when KVM enabled
Commit 50a2c6e55fa introduced a bug where QEMU would segfault on startup
when using KVM on ARM hosts, because kvm_arm_reset_cpu() accesses
cpu->cpreg_reset_values, which is not allocated before
kvm_arch_init_vcpu(). Fix this by not calling cpu_reset() until after
qemu_init_vcpu().
Acked-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Andreas Faerber <afaerber@suse.de> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Message-id: 1401194263-13010-1-git-send-email-christoffer.dall@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Thu, 22 May 2014 18:04:48 +0000 (19:04 +0100)]
Merge remote-tracking branch 'remotes/qmp-unstable/queue/qmp' into staging
* remotes/qmp-unstable/queue/qmp:
qapi: zero-initialize all QMP command parameters
scripts/qapi.py: Avoid syntax not supported by Python 2.4
doc: add "setup" to list of migration states
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Thu, 22 May 2014 17:14:01 +0000 (18:14 +0100)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-chardev-2' into staging
purge error_is_set()
# gpg: Signature made Wed 21 May 2014 11:43:44 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg: aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
* remotes/kraxel/tags/pull-chardev-2:
error: error_is_set() is finally unused; remove
char: Explain qmp_chardev_add()'s unusual error handling
char: Clean up fragile use of error_is_set()
char: Use return values instead of error_is_set(errp)
qemu-socket: Clean up inet_connect_opts()
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Thu, 22 May 2014 15:14:01 +0000 (16:14 +0100)]
Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20140520' into staging
some s390 patches:
- Enable irqfds on s390 via the new adapter interrupt routing type.
As a prereq, fix the kvm enable_cap helpers for some compilers and
split the s390 flic into kvm and non-kvm parts.
- Enable software and hardware debugging support on s390. This needs a
kernel headers update.
# gpg: Signature made Tue 20 May 2014 12:30:54 BST using RSA key ID C6F02FAF
# gpg: Can't check signature: public key not found
* remotes/cohuck/tags/s390x-20140520:
s390x/kvm: hw debugging support via guest PER facility
s390x/kvm: software breakpoint support
s390x: remove duplicate definitions of DIAG 501
linux-headers: update
s390x/virtio-ccw: wire up irq routing and irqfds
s390x/virtio-ccw: reference-counted indicators
s390x: add I/O adapter registration
s390x: split flic into kvm and non-kvm parts
kvm: Fix enable_cap helpers on older gcc
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Thu, 22 May 2014 14:27:46 +0000 (15:27 +0100)]
Merge remote-tracking branch 'remotes/bonzini/scsi-next' into staging
* remotes/bonzini/scsi-next:
megasas: remove buildtime strings
block: iscsi build fix if LIBISCSI_FEATURE_IOVECTOR is not defined
virtio-scsi: Plug memory leak on virtio_scsi_push_event() error path
scsi: Document intentional fall through in scsi_req_length()
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Michael Roth [Tue, 20 May 2014 17:20:39 +0000 (12:20 -0500)]
qapi: zero-initialize all QMP command parameters
In general QMP command parameter values are specified by consumers of the
QMP/HMP interface, but in the case of optional parameters these values may
be left uninitialized.
It is considered a bug for code to make use of optional parameters that have
not been flagged as being present by the marshalling code (via corresponding
has_<parameter> parameter), however our marshalling code will still pass
these uninitialized values on to the corresponding QMP function (to then
be ignored). Some compilers (clang in particular) consider this unsafe
however, and generate warnings as a result. As reported by Peter Maydell:
This is something clang's -fsanitize=undefined spotted. The
code generated by qapi-commands.py in qmp-marshal.c for
qmp_marshal_* functions where there are some optional
arguments looks like this:
bool has_force = false;
bool force;
mi = qmp_input_visitor_new_strict(QOBJECT(args));
v = qmp_input_get_visitor(mi);
visit_type_str(v, &device, "device", errp);
visit_start_optional(v, &has_force, "force", errp);
if (has_force) {
visit_type_bool(v, &force, "force", errp);
}
visit_end_optional(v, errp);
qmp_input_visitor_cleanup(mi);
if (error_is_set(errp)) {
goto out;
}
qmp_eject(device, has_force, force, errp);
In the case where has_force is false, we never initialize
force, but then we use it by passing it to qmp_eject.
I imagine we don't then actually use the value, but clang
complains in particular for 'bool' variables because the value
that ends up being loaded from memory for 'force' is not either
0 or 1 (being uninitialized stack contents).
Fix this by initializing all QMP command parameters to {0} in the
marshalling code prior to passing them on to the QMP functions.
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com> Reported-by: Peter Maydell <peter.maydell@linaro.org> Tested-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Luiz Capitulino [Tue, 20 May 2014 17:50:19 +0000 (13:50 -0400)]
scripts/qapi.py: Avoid syntax not supported by Python 2.4
The Python "except Foo as x" syntax was only introduced in
Python 2.6, but we aim to support Python 2.4 and later.
Use the old-style "except Foo, x" syntax instead, thus
fixing configure/compile on systems with older Python.
Reported-by: Peter Maydell <peter.maydell@linaro.org> Tested-by: Andreas Färber <andreas.faerber@web.de> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Character backend open hasn't been fully converted to the Error API.
Some opens fail without setting an error. qmp_chardev_add() needs to
detect when that happens, and set a generic error. Explain that in a
comment, and inline error_is_set() for clarity.
Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Using error_is_set(ERRP) to find out whether a function failed is
either wrong, fragile, or unnecessarily opaque. It's wrong when ERRP
may be null, because errors go undetected when it is. It's fragile
when proving ERRP non-null involves a non-local argument. Else, it's
unnecessarily opaque (see commit 84d18f0).
The error_is_set(errp) in qemu_chr_new_from_opts() is merely fragile,
because the callers never pass a null errp argument.
Make the code more robust and more obviously correct: receive the
error in a local variable, then propagate it through the parameter.
Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
char: Use return values instead of error_is_set(errp)
Using error_is_set(errp) to check whether a function call failed is
fragile: it breaks when errp is null. Check perfectly suitable return
values instead when possible. As far as I can tell, errp can't be
null there, but this is more robust and more obviously correct
Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Olaf Hering [Thu, 3 Apr 2014 13:47:34 +0000 (15:47 +0200)]
megasas: remove buildtime strings
Using __DATE__ or __TIME__ in binary pkgs changes the checksum of
compiled binaries if they get rebuilt, even if there are no other
source changes. Replace the dynamic strings with some equally
informative static strings.
Signed-off-by: Olaf Hering <olaf@aepfle.de> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
s390x/kvm: hw debugging support via guest PER facility
This patch makes use of the hw debugging support in kvm (provided by the guest's
PER facility) on s390. It enables the following features, available using the
gdbserver:
- single-stepping
- hw breakpoints
- hw watchpoints
This patch allows to insert and remove sw breakpoints using the QEMU gdbserver
on s390 as well as to interrupt execution on a breakpoint hit when running
with KVM enabled.
Whenever a software breakpoint is inserted, common code calls kvm ioctl
KVM_UPDATE_GUEST_DEBUG. As this method's default on s390 is to return an error
if not implement, the insertion will fail. Therefore, KVM also has to be
updated in order to make use of software breakpoints.
When restoring the previously saved instruction in
kvm_arch_remove_sw_breakpoint(), we only restored one byte. Let's use
the sizeof() operator to make sure we restore the entire instruction.
While we are at it, let's remove the duplicate definitions of DIAG 501
and replace its size (used when reading/writing the instruction) with
a sizeof() operator to make the code self explaining and less error-prone.
Make use of the new s390 adapter irq routing support to enable real
in-kernel irqfds for virtio-ccw with adapter interrupts.
Note that s390 doesn't provide the common KVM_CAP_IRQCHIP capability, but
rather needs KVM_CAP_S390_IRQCHIP to be enabled. This is to ensure backward
compatibility.
Reviewed-by: Thomas Huth <thuth@linux.vnet.ibm.com> Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com> Acked-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Introduce a common parent class for both cases, where kvm and non-kvm
can hook up callbacks. This will be used by follow-on patches for
adapter registration and mapping.
We now always have a flic, regardless of whether we use kvm; the
non-kvm implementation just doesn't do anything.
Alexander Graf [Mon, 12 May 2014 09:51:37 +0000 (11:51 +0200)]
kvm: Fix enable_cap helpers on older gcc
Commit 40f1ee27aa1 introduced handy helpers for enable_cap calls on
vcpu and vm level. Unfortunately some older gcc versions (4.7.1, 4.6)
seem to choke on signedness detection in inline created variables:
target-ppc/kvm.c: In function 'kvmppc_booke_watchdog_enable':
target-ppc/kvm.c:1302:21: error: comparison of unsigned expression < 0 is always false [-Werror=type-limits]
target-ppc/kvm.c: In function 'kvmppc_set_papr':
target-ppc/kvm.c:1504:21: error: comparison of unsigned expression < 0 is always false [-Werror=type-limits]
However - thanks to Thomas Huth for the suggestion - we can just cast the
offending potentially 0 value to a signed type, making the comparison signed.
Reviewed-by: Thomas Huth <thuth@linux.vnet.ibm.com> Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de> Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Peter Maydell [Tue, 20 May 2014 10:57:52 +0000 (11:57 +0100)]
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging
Block patches
# gpg: Signature made Mon 19 May 2014 15:21:14 BST using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
* remotes/kevin/tags/for-upstream: (22 commits)
block: optimize zero writes with bdrv_write_zeroes
blockdev: add a function to parse enum ids from strings
util: add qemu_iovec_is_zero
qcow1: Stricter backing file length check
qcow1: Validate image size (CVE-2014-0223)
qcow1: Validate L2 table size (CVE-2014-0222)
qcow1: Check maximum cluster size
qcow1: Make padding in the header explicit
curl: Add usage documentation
curl: Add sslverify option
curl: Remove broken parsing of options from url
curl: Fix build when curl_multi_socket_action isn't available
qemu-iotests: Fix blkdebug in VM drive in 030
qemu-iotests: Fix core dump suppression in test 039
iotests: Add test for the JSON protocol
block: Allow JSON filenames
check-qdict: Add test for qdict_join()
qdict: Add qdict_join()
block: add test for vhdx image created by Disk2VHD
block: vhdx - account for identical header sections
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Jeff Cody [Mon, 19 May 2014 21:13:06 +0000 (17:13 -0400)]
block: iscsi build fix if LIBISCSI_FEATURE_IOVECTOR is not defined
Commit b03c380 introduced the function
iscsi_allocationmap_is_allocated(), however it is only used within a
code block that is conditionally compiled. This produces a warning
(error with -werror) of "defined but not used" for the the function, if
LIBISCSI_FEATURE_IOVECTOR is not defined.
This wraps iscsi_allocationmap_is_allocated() in the same conditional.
Signed-off-by: Jeff Cody <jcody@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
linux kernel 3.12 has changed intel-hda
driver to always check for FIFORDY, this
causes long hangs in guest since QEMU
always has this bit set to 0. We now simply set
it to 1 always, since we're synchronous anyway
and always ready to receive the stream
Signed-off-by: Stanislav Vorobiov <s.vorobiov@samsung.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Peter Maydell [Mon, 19 May 2014 13:10:00 +0000 (14:10 +0100)]
Merge remote-tracking branch 'remotes/qmp-unstable/queue/qmp' into staging
* remotes/qmp-unstable/queue/qmp:
qapi: skip redundant includes
monitor: Add netdev_del id argument completion.
monitor: Add netdev_add type argument completion.
monitor: Add set_link arguments completion.
monitor: Add chardev-add backend argument completion.
monitor: Add chardev-remove command completion.
monitor: Convert sendkey to use command_completion.
qapi: Show qapi-commands.py invocation in qapi-code-gen.txt
qapi: Replace uncommon use of the error API by the common one
tests: Don't call visit_end_struct() after visit_start_struct() fails
hw: Don't call visit_end_struct() after visit_start_struct() fails
hmp: Call visit_end_struct() after visit_start_struct() succeeds
qapi: Un-inline visit of implicit struct
qapi-visit.py: Clean up a sloppy use of field prefix
qapi: Clean up shadowing of parameters and locals in inner scopes
qapi-visit.py: Clean up confusing push_indent() / pop_indent() use
qapi: Replace start_optional()/end_optional() by optional()
qapi: Remove unused Visitor callbacks start_handle(), end_handle()
qapi: Normalize marshalling's visitor initialization and cleanup
qapi: Update qapi-code-gen.txt example to match current code
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Mon, 19 May 2014 11:53:07 +0000 (12:53 +0100)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-input-8' into staging
Input code update:
- add keycode mapping helpers to core.
- start switching devices to new input api.
- misc bugfixes.
# gpg: Signature made Fri 16 May 2014 07:43:45 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg: aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
* remotes/kraxel/tags/pull-input-8:
input: sparc32 kbd: claim en-us layout
input: sparc32 kbd: fix some key mappings
input: remove sparc keymap hack
input: switch sparc32 kbd to new input api
input: switch ps/2 mouse to new input api
input: switch ps/2 kbd to new input api
input: use KeyValue directly in sendkey monitor command
input: add qemu_input_handler_deactivate
input: key mapping helpers
ps2: set ps/2 output buffer size as the same as kernel
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Mon, 19 May 2014 11:30:06 +0000 (12:30 +0100)]
Merge remote-tracking branch 'remotes/bonzini/scsi-next' into staging
* remotes/bonzini/scsi-next:
[PATCH] block/iscsi: bump year in copyright notice
block/iscsi: allow cluster_size of 4K and greater
block/iscsi: clarify the meaning of ISCSI_CHECKALLOC_THRES
block/iscsi: speed up read for unallocated sectors
block/iscsi: allow fall back to WRITE SAME without UNMAP
MAINTAINERS: mark megasas as maintained
megasas: Add MSI support
megasas: Enable MSI-X support
megasas: Implement LD_LIST_QUERY
scsi: Improve error messages more
scsi-disk: Improve error messager if can't get version number
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Kevin Wolf [Thu, 8 May 2014 11:08:20 +0000 (13:08 +0200)]
qcow1: Validate image size (CVE-2014-0223)
A huge image size could cause s->l1_size to overflow. Make sure that
images never require a L1 table larger than what fits in s->l1_size.
This cannot only cause unbounded allocations, but also the allocation of
a too small L1 table, resulting in out-of-bounds array accesses (both
reads and writes).
Cc: qemu-stable@nongnu.org Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Kevin Wolf [Thu, 15 May 2014 14:10:11 +0000 (16:10 +0200)]
qcow1: Validate L2 table size (CVE-2014-0222)
Too large L2 table sizes cause unbounded allocations. Images actually
created by qemu-img only have 512 byte or 4k L2 tables.
To keep things consistent with cluster sizes, allow ranges between 512
bytes and 64k (in fact, down to 1 entry = 8 bytes is technically
working, but L2 table sizes smaller than a cluster don't make a lot of
sense).
This also means that the number of bytes on the virtual disk that are
described by the same L2 table is limited to at most 8k * 64k or 2^29,
preventively avoiding any integer overflows.
Cc: qemu-stable@nongnu.org Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Benoit Canet <benoit@irqsave.net>
Kevin Wolf [Wed, 7 May 2014 15:30:30 +0000 (17:30 +0200)]
qcow1: Check maximum cluster size
Huge values for header.cluster_bits cause unbounded allocations (e.g.
for s->cluster_cache) and crash qemu this way. Less huge values may
survive those allocations, but can cause integer overflows later on.
The only cluster sizes that qemu can create are 4k (for standalone
images) and 512 (for images with backing files), so we can limit it
to 64k.
Cc: qemu-stable@nongnu.org Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Benoit Canet <benoit@irqsave.net>
Kevin Wolf [Wed, 7 May 2014 14:56:10 +0000 (16:56 +0200)]
qcow1: Make padding in the header explicit
We were relying on all compilers inserting the same padding in the
header struct that is used for the on-disk format. Let's not do that.
Mark the struct as packed and insert an explicit padding field for
compatibility.
Cc: qemu-stable@nongnu.org Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Benoit Canet <benoit@irqsave.net>
Fam Zheng [Wed, 14 May 2014 12:30:45 +0000 (20:30 +0800)]
qemu-iotests: Fix blkdebug in VM drive in 030
The test test_stream_pause in this class uses vm.pause_drive, which
requires a blkdebug driver on top of image, otherwise it's no-op and the
test running is undeterministic.
So add it.
Signed-off-by: Fam Zheng <famz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This breaks the test hard unless the limit was zero to begin with!
ulimit sets both hard and soft limit by default, and (re-)raising the
hard limit requires privileges. Broken since it was added in commit dc68afe.
Could be fixed by adding -S to set only the soft limit, but I'm not
sure how portable that is in practice. Simply do it in a subshell
instead, like this:
(ulimit -c 0; exec $QEMU_IO arg...)
Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Max Reitz [Thu, 8 May 2014 18:12:41 +0000 (20:12 +0200)]
block: Allow JSON filenames
If the filename given to bdrv_open() is prefixed with "json:", parse the
rest as a JSON object and merge the result into the options QDict. If
there are conflicts, the options QDict takes precedence.
Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Max Reitz [Thu, 8 May 2014 18:12:40 +0000 (20:12 +0200)]
check-qdict: Add test for qdict_join()
Add some test cases for qdict_join().
Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Benoit Canet <benoit@irqsave.net> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Max Reitz [Thu, 8 May 2014 18:12:39 +0000 (20:12 +0200)]
qdict: Add qdict_join()
This function joins two QDicts by absorbing one into the other.
Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Benoit Canet <benoit@irqsave.net> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Jeff Cody [Tue, 13 May 2014 14:00:53 +0000 (10:00 -0400)]
block: add test for vhdx image created by Disk2VHD
This adds a test for VHDX images created by Microsoft's tool, Disk2VHD.
VHDX images created by this tool have 2 identical header sections, with
identical sequence numbers. This makes sure we detect VHDX images with
identical headers, and do not flag them as corrupt.
Signed-off-by: Jeff Cody <jcody@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Jeff Cody [Tue, 13 May 2014 14:00:52 +0000 (10:00 -0400)]
block: vhdx - account for identical header sections
The VHDX spec v1.00 declares that "a header is current if it is the only
valid header or if it is valid and its SequenceNumber field is greater
than the other header’s SequenceNumber field. The parser must only use
data from the current header. If there is no current header, then the
VHDX file is corrupt."
However, the Disk2VHD tool from Microsoft creates a VHDX image file that
has 2 identical headers, including matching checksums and matching
sequence numbers. Likely, as a shortcut the tool is just writing the
header twice, for the active and inactive headers, during the image
creation. Technically, this should be considered a corrupt VHDX file
(at least per the 1.00 spec, and that is how we currently treat it).
But in order to accomodate images created with Disk2VHD, we can safely
create an exception for this case. If we find identical sequence
numbers, then we check the VHDXHeader-sized chunks of each 64KB header
sections (we won't rely just on the crc32c to indicate the headers are
the same). If they are identical, then we go ahead and use the first
one.
Reported-by: Nerijus Baliūnas <nerijus@users.sourceforge.net> Signed-off-by: Jeff Cody <jcody@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Mike Day [Tue, 13 May 2014 21:11:06 +0000 (17:11 -0400)]
Remove g_sequence_lookup from qemu-img help function
g_sequence_lookup is not supported by glib < 2.28. The usage
of g_sequence_lookup is not essential in this context (it's a
safeguard against duplicate values in the help message).
Removing the call enables the build on all platforms and
does not change the operation of the help function.
Signed-off-by: Mike Day <ncmike@ncultra.org> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Kevin Wolf [Tue, 6 May 2014 13:25:36 +0000 (15:25 +0200)]
block: Fix bdrv_is_allocated() for short backing files
bdrv_is_allocated() shouldn't return true for sectors that are
unallocated, but after the end of a short backing file, even though
such sectors are (correctly) marked as containing zeros.
Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com>
Benoît Canet [Fri, 16 May 2014 10:51:56 +0000 (12:51 +0200)]
qapi: skip redundant includes
The purpose of this change is to help create a json file containing
common definitions; each bit of generated C code must be emitted
only one time.
A second history global to all QAPISchema instances has been added
to detect when a file is included more than one time and skip these
includes.
It does not act as a stack and the changes made to it by the
__init__ function are propagated back to the caller so it's really
a global state.
Gerd Hoffmann [Tue, 25 Mar 2014 12:16:21 +0000 (13:16 +0100)]
input: switch sparc32 kbd to new input api
Nasty 0xe0 logic is gone. We map through QKeyCode now, giving us a
nice, readable mapping table.
Quick smoke test in OpenFirmware looks ok. Careful check from arch
maintainers would be very nice, especially on the capslock and numlock
logic. I'm not fully sure whenever I got it translated correctly and
also what it is supposed to do in the first place ...
Gerd Hoffmann [Tue, 11 Mar 2014 11:15:39 +0000 (12:15 +0100)]
input: key mapping helpers
Add helper functions to translate KeyValue (qapi key representation)
into other representations: traditional qemu key numbers, qapi key
codes (Q_KEY_CODE_*) and scancode sequences.
ps2: set ps/2 output buffer size as the same as kernel
According to the PS/2 Mouse/Keyboard Protocol, the keyboard outupt buffer size
is 16 bytes. And the PS2_QUEUE_SIZE 256 was introduced in Qemu from the very
beginning.
When I started a redhat5.6 32bit guest, meanwhile tapped the keyboard as quickly as
possible, the screen would show me "i8042.c: No controller found". As a result,
I couldn't use the keyboard in the VNC client.
Previous discussion about the issue in maillist:
http://thread.gmane.org/gmane.comp.emulators.qemu/43294/focus=47180
This patch has been tested on redhat5.6 32-bit/suse11sp3 64-bit guests.
More easy meathod to reproduce:
1.boot a guest with libvirt.
2.connect to VNC client.
3.as you see the BIOS, bootloader, Linux booting, run the follow simply shell script:
for((i=0;i<10000000;i++)) do virsh send-key redhat5.6 KEY_A; done
Actual results:
dmesg show "i8042.c: No controller found." And the keyboard is out of work.
Every error source is checked separately. The second function is only
called when the first one succeeds. Both functions are free to pass
their argument to error_set(). Because error_set() asserts no error
has been set, this effectively means they must not be called with an
error set.
The qapi-generated code uses the error API differently:
// *errp was initialized to NULL somewhere up the call chain
frob(..., errp);
gnat(..., errp);
Errors accumulate in *errp: first error wins, subsequent errors get
dropped. To make this work, the second function does nothing when
called with an error set. Requires non-null errp, or else the second
function can't see the first one fail.
This usage has also bled into visitor tests, and two device model
object property getters rtc_get_date() and balloon_stats_get_all().
With the "accumulate" technique, you need fewer error checks in
callers, and buy that with an error check in every callee. Can be
nice.
However, mixing the two techniques is confusing. You can't use the
"accumulate" technique with functions designed for the "check
separately" technique. You can use the "check separately" technique
with functions designed for the "accumulate" technique, but then
error_set() can't catch you setting an error more than once.
Standardize on the "check separately" technique for now, because it's
overwhelmingly prevalent.
Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
projects / qemu-upstream-4.6-testing.git / log