John Snow [Tue, 1 Sep 2015 20:50:39 +0000 (16:50 -0400)]
ahci: fix signature generation
The initial register device-to-host FIS no longer needs to specially
set certain fields, as these can be handled generically by setting those
fields explicitly with the signatures we want at port reset time.
(1) Signatures are decomposed into their four component registers and
set upon (AHCI) port reset.
(2) the signature cache register is no longer set manually per-each
device type, but instead just once during ahci_init_d2h.
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id:
1441140641-17631-3-git-send-email-jsnow@redhat.com
John Snow [Tue, 1 Sep 2015 20:50:38 +0000 (16:50 -0400)]
ahci: remove dead reset code
This check is dead due to an earlier conditional.
AHCI does not currently support hotplugging, so
checks to see if devices are present or not are useless.
Remove it.
Reported-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id:
1441140641-17631-2-git-send-email-jsnow@redhat.com
John Snow [Thu, 17 Sep 2015 18:17:05 +0000 (14:17 -0400)]
atapi: abort transfers with 0 byte limits
We're supposed to abort on transfers like this, unless we fill
Word 125 of our IDENTIFY data with a default transfer size, which
we don't currently do.
This is an ATA error, not a SCSI/ATAPI one.
See ATA8-ACS3 sections 7.17.6.49 or 7.21.5.
If we don't do this, QEMU will loop forever trying to transfer
zero bytes, which isn't particularly useful.
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-id:
1442253685-23349-2-git-send-email-jsnow@redhat.com
John Snow [Thu, 17 Sep 2015 18:17:05 +0000 (14:17 -0400)]
ide: fix ATAPI command permissions
We're a little too lenient with what we'll let an ATAPI drive handle.
Clamp down on the IDE command execution table to remove CD_OK permissions
from commands that are not and have never been ATAPI commands.
For ATAPI command validity, please see:
- ATA4 Section 6.5 ("PACKET Command feature set")
- ATA8/ACS Section 4.3 ("The PACKET feature set")
- ACS3 Section 4.3 ("The PACKET feature set")
ACS3 has a historical command validity table in Table B.4
("Historical Command Assignments") that can be referenced to find when
a command was introduced, deprecated, obsoleted, etc.
The only reference for ATAPI command validity is by checking that
version's PACKET feature set section.
ATAPI was introduced by T13 into ATA4, all commands retired prior to ATA4
therefore are assumed to have never been ATAPI commands.
Mandatory commands, as listed in ATA8-ACS3, are:
- DEVICE RESET
- EXECUTE DEVICE DIAGNOSTIC
- IDENTIFY DEVICE
- IDENTIFY PACKET DEVICE
- NOP
- PACKET
- READ SECTOR(S)
- SET FEATURES
Optional commands as listed in ATA8-ACS3, are:
- FLUSH CACHE
- READ LOG DMA EXT
- READ LOG EXT
- WRITE LOG DMA EXT
- WRITE LOG EXT
All other commands are illegal to send to an ATAPI device and should
be rejected by the device.
CD_OK removal justifications:
0x06 WIN_DSM Defined in ACS2. Not valid for ATAPI.
0x21 WIN_READ_ONCE Retired in ATA5. Not ATAPI in ATA4.
0x94 WIN_STANDBYNOW2 Retired in ATA4. Did not coexist with ATAPI.
0x95 WIN_IDLEIMMEDIATE2 Retired in ATA4. Did not coexist with ATAPI.
0x96 WIN_STANDBY2 Retired in ATA4. Did not coexist with ATAPI.
0x97 WIN_SETIDLE2 Retired in ATA4. Did not coexist with ATAPI.
0x98 WIN_CHECKPOWERMODE2 Retired in ATA4. Did not coexist with ATAPI.
0x99 WIN_SLEEPNOW2 Retired in ATA4. Did not coexist with ATAPI.
0xE0 WIN_STANDBYNOW1 Not part of ATAPI in ATA4, ACS or ACS3.
0xE1 WIN_IDLEIMMDIATE Not part of ATAPI in ATA4, ACS or ACS3.
0xE2 WIN_STANDBY Not part of ATAPI in ATA4, ACS or ACS3.
0xE3 WIN_SETIDLE1 Not part of ATAPI in ATA4, ACS or ACS3.
0xE4 WIN_CHECKPOWERMODE1 Not part of ATAPI in ATA4, ACS or ACS3.
0xE5 WIN_SLEEPNOW1 Not part of ATAPI in ATA4, ACS or ACS3.
0xF8 WIN_READ_NATIVE_MAX Obsoleted in ACS3. Not ATAPI in ATA4 or ACS.
This patch fixes a divide by zero fault that can be caused by sending
the WIN_READ_NATIVE_MAX command to an ATAPI drive, which causes it to
attempt to use zeroed CHS values to perform sector arithmetic.
Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-id:
1441816082-21031-1-git-send-email-jsnow@redhat.com
CC: qemu-stable@nongnu.org
John Snow [Thu, 17 Sep 2015 18:17:05 +0000 (14:17 -0400)]
ide-test: add cdrom dma test
Now, test the DMA functionality of the ATAPI drive.
Signed-off-by: John Snow <jsnow@redhat.com>
Message-id:
1441926555-19471-5-git-send-email-jsnow@redhat.com
John Snow [Thu, 17 Sep 2015 18:17:04 +0000 (14:17 -0400)]
ide-test: add cdrom pio test
Add a simple read test for ATAPI devices,
using the PIO mechanism.
Signed-off-by: John Snow <jsnow@redhat.com>
Message-id:
1441926555-19471-4-git-send-email-jsnow@redhat.com
John Snow [Thu, 17 Sep 2015 18:17:04 +0000 (14:17 -0400)]
qtest/ahci: export generate_pattern
Share the pattern function for ide and ahci test.
Signed-off-by: John Snow <jsnow@redhat.com>
Message-id:
1441926555-19471-3-git-send-email-jsnow@redhat.com
John Snow [Thu, 17 Sep 2015 18:17:04 +0000 (14:17 -0400)]
qtest/ahci: use generate_pattern everywhere
Fix the pattern generation to actually be interesting,
and make sure all buffers in the ahci-test actually use it.
Signed-off-by: John Snow <jsnow@redhat.com>
Message-id:
1441926555-19471-2-git-send-email-jsnow@redhat.com
John Snow [Thu, 17 Sep 2015 18:17:04 +0000 (14:17 -0400)]
ide: unify io_buffer_offset increments
IDEState's io_buffer_offset was originally added to keep track of offsets
in AHCI rather exclusively, but it was added to IDEState instead of an
AHCI-specific structure.
AHCI fakes all PIO transfers using DMA and a scatter-gather list. When
the core or atapi layers invoke HBA-specific mechanisms for transfers,
they do not always know that it is being backed by DMA or a sglist, so
this offset is not always updated by the HBA code everywhere.
If we modify it in dma_buf_commit, however, any HBA that needs to use
this offset to manage operating on only part of a sglist will have
access to it.
This will fix ATAPI PIO transfers performed through the AHCI HBA,
which were previously not modifying this value appropriately.
This will fix ATAPI PIO transfers larger than one sector.
Reported-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Message-id:
1440546331-29087-2-git-send-email-jsnow@redhat.com
CC: qemu-stable@nongnu.org
Juan Quintela [Fri, 4 May 2012 10:54:34 +0000 (12:54 +0200)]
target-cris: update CPU state save/load to use VMStateDescription
Update the CRIS CPU state save/load to use a VMStateDescription struct
rather than cpu_save/cpu_load functions.
Have to define TLBSet struct.
Multidimensional arrays in C are a mess, just unroll them.
Signed-off-by: Juan Quintela <quintela@redhat.com>
[PMM:
* expand commit message a little since it's no longer one patch in
a 35-patch series
* add header/copyright comment to machine.c; credited copyright is
Red Hat and author is Juan, since this commit gives the file all-new
contents; license is LGPL-2-or-later, to match other target-cris code
* remove hardcoded tab
* add fields for locked_irq, interrupt_vector, fault_vector, trap_vector
* drop minimum_version_id_old fields
* bump version_id to 2 as we are not compatible with old state format
* remove unnecessary hw/boards.h include
* update to register via dc->vmsd]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Peter Maydell [Thu, 17 Sep 2015 12:07:50 +0000 (13:07 +0100)]
Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging
# gpg: Signature made Thu 17 Sep 2015 12:43:56 BST using RSA key ID
81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>"
* remotes/stefanha/tags/net-pull-request:
net: smc91c111: flush packets on RCR register changes
net: smc91c111: gate can_receive() on rx FIFO having a slot
net: smc91c111: guard flush_queued_packets() on can_rx()
MAINTAINERS: Stefan will not maintain net subsystem
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Crosthwaite [Fri, 11 Sep 2015 04:24:12 +0000 (21:24 -0700)]
net: smc91c111: flush packets on RCR register changes
The SOFT_RST or RXEN in the control register can be used as a condition
to unblock the net layer via can_receive(). So check for possible
flushes on RCR changes. This will drop all pending packets on soft
reset or disable which is the functional intent of the can_receive()
logic.
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Tested-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Message-id:
b114d4c96f4afbdaa15f1361d9c07e3021755915.
1441873621.git.crosthwaite.peter@gmail.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Peter Crosthwaite [Fri, 11 Sep 2015 04:23:57 +0000 (21:23 -0700)]
net: smc91c111: gate can_receive() on rx FIFO having a slot
Return false from can_receive() when the FIFO doesn't have a free RX
slot. This fixes a bug in the current code where the allocated buffer
is freed before the fifo pop, triggering a premature flush of queued RX
packets. It also will handle a corner case, where the guest manually
frees the allocated buffer before popping the rx FIFO (hence it is not
enough to just delay the flush_queued_packets()).
Reported-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Tested-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Message-id:
97bfdfc5cbce0bd5e0cbbbff35ce7a1bf6f8603d.
1441873621.git.crosthwaite.peter@gmail.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Peter Crosthwaite [Fri, 11 Sep 2015 04:23:43 +0000 (21:23 -0700)]
net: smc91c111: guard flush_queued_packets() on can_rx()
Check that the core can once again receive packets before asking the
net layer to do a flush. This will make it more convenient to flush
packets when adding new conditions to can_receive.
Add missing if braces while moving the can_receive() core code.
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Tested-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Message-id:
92e15e12a6964274f4bc0eb71b61a7d94326f6c6.
1441873621.git.crosthwaite.peter@gmail.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Peter Maydell [Wed, 16 Sep 2015 17:06:54 +0000 (18:06 +0100)]
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
* Linux header update and cleanup
* Support for HyperV crash report
* Cleanup of target-specific HMP commands
* Multiarch batch
* Checkpatch fix for Perl 5.22
* NBD fix
* Revert incorrect commit
5243722376
# gpg: Signature made Wed 16 Sep 2015 16:39:01 BST using RSA key ID
78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>"
* remotes/bonzini/tags/for-upstream: (24 commits)
nbd: release exp->blk after all clients are closed
checkpatch: Escape left braces in regex
monitor: uninclude cpu_ldst
include/exec: Move cputlb exec.c defs out
cputlb: Change tlb_set_dirty() arg to cpu
cputlb: move CPU_LOOP() for tlb_reset() to exec.c
translate: move real_host_page setting to -common
tcg: Move tci_tb_ptr to -common
tcg: split tcg_op_defs to -common
translate-all: Move tcg_handle_interrupt() to -common
cpu-exec: Migrate some generic fns to cpu-exec-common
qemu-char: Use g_new() & friends where that makes obvious sense
monitor: added generation of documentation for hmp-commands-info.hx
hmp-commands.hx: fix end of table info
monitor: remove target-specific code from monitor.c
hmp-commands-info: move info_cmds content out of monitor.c
i386/kvm: Hyper-v crash msrs set/get'ers and migration
kvm: Add kvm system event crash handler
cpu: Add crash_occurred flag into CPUState
target-i386: move asm-x86/hyperv.h to standard-headers
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Wen Congyang [Wed, 16 Sep 2015 08:35:46 +0000 (16:35 +0800)]
nbd: release exp->blk after all clients are closed
If the socket fd is shutdown, there may be some data which is received before
shutdown. We will read the data and do read/write in nbd_trip(). But the exp's
blk is NULL, and it will cause qemu crashed.
Reported-by: Li Zhijian <lizhijian@cn.fujitsu.com>
Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
Message-Id: <
55F929E2.1020501@cn.fujitsu.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Fam Zheng [Fri, 11 Sep 2015 11:07:36 +0000 (19:07 +0800)]
checkpatch: Escape left braces in regex
Latest perl now deprecates "{" literal in regex and print warnings like
"unescaped left brace in regex is deprecated". Add escape to keep it
happy.
Signed-off-by: Fam Zheng <famz@redhat.com>
Message-Id: <
1441969656-2640-1-git-send-email-famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Peter Crosthwaite [Fri, 11 Sep 2015 05:39:45 +0000 (22:39 -0700)]
monitor: uninclude cpu_ldst
This header is non-needed anymore and wont work in multi-arch where
this service is not provided to core code.
Cc: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-Id: <
4e96622ab5320603829b6f94b8c4e94d573d34fc.
1441614289.git.crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Peter Crosthwaite [Fri, 11 Sep 2015 05:39:43 +0000 (22:39 -0700)]
include/exec: Move cputlb exec.c defs out
Move the architecture agnostic function prototypes for exec.c out of
cputlb.h to exec-all.h. This allows hiding of the arch specific
cputlb.h from exec.c which should be getting close to having no
architecture specifics. Prepares support for multi-arch, which will have
a minimal cpu.h that services exec.c but not cputlb.h.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-Id: <
b4fe754c58c860315e35d44430c26b1c967ce2c9.
1441614289.git.crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Peter Crosthwaite [Fri, 11 Sep 2015 05:39:42 +0000 (22:39 -0700)]
cputlb: Change tlb_set_dirty() arg to cpu
Change tlb_set_dirty() to accept a CPU instead of an env pointer. This
allows for removal of another CPUArchState usage from prototypes that
need to be QOMified.
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-Id: <
d2b1dcbe7945112989861d8ba7369449c11cc273.
1441614289.git.crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Peter Crosthwaite [Fri, 11 Sep 2015 05:39:41 +0000 (22:39 -0700)]
cputlb: move CPU_LOOP() for tlb_reset() to exec.c
To prepare for multi-arch, cputlb.c should only have awareness of one
single architecture. This means it should not have access to the full
CPU lists which may be heterogeneous. Instead, push the CPU_LOOP() up
to the one and only caller in exec.c.
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-Id: <
db06dc6c49f8970caaf116d0385f00ee10a56f2f.
1441614289.git.crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Peter Crosthwaite [Fri, 11 Sep 2015 05:39:36 +0000 (22:39 -0700)]
translate: move real_host_page setting to -common
Move the size and mask globals for the "real" host page size to
translate-common. This is to allow system-level code to use
REAL_HOST_PAGE_ALIGN and friends in builds which hide translate-all
behind arch-obj.
Cc: dgilbert@redhat.com
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-Id: <
b437638691f044bc690a7f03b1240c8b0f34ab57.
1441614289.git.crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Peter Crosthwaite [Fri, 11 Sep 2015 05:39:35 +0000 (22:39 -0700)]
tcg: Move tci_tb_ptr to -common
This requires global visibility to common code. Move to tcg-common.
Cc: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-Id: <
cb0340eba225ab4945aa6cf7c9013f33aa05bcf8.
1441614289.git.crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Peter Crosthwaite [Fri, 11 Sep 2015 05:39:34 +0000 (22:39 -0700)]
tcg: split tcg_op_defs to -common
tcg_op_defs (and the _max) are both needed by the TCI disassembler. For
multi-arch, tcg.c will be multiple-compiled (arch-obj) with its symbols
hidden from common code. So split the definition off to new file,
tcg-common.c which will remain a regular obj-y for use by both the TCI
disas as well as the multiple tcg.c's.
Cc: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-Id: <
4b607425886d85aee65878e4935dfad46b3e6085.
1441614289.git.crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Peter Crosthwaite [Fri, 11 Sep 2015 05:39:33 +0000 (22:39 -0700)]
translate-all: Move tcg_handle_interrupt() to -common
Move this function to common code. It has no arch specific
dependencies. Prepares support for multi-arch where the translate-all
interface needs to be virtualised. One less thing to virtualise.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-Id: <
44a7c73604ed2552af47ed02b047b6a772b683e0.
1441614289.git.crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Peter Crosthwaite [Fri, 11 Sep 2015 05:39:31 +0000 (22:39 -0700)]
cpu-exec: Migrate some generic fns to cpu-exec-common
The goal is to split the functions such that cpu-exec is CPU specific
content, while cpus-exec-common.c is generic code only. The function
interface to cpu-exec needs to be virtualised to prepare support for
multi-arch and moving these definitions out saves bloating the QOM
interface. So move these definitions out of cpu-exec to a new module,
cpu-exec-common.
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-Id: <
3cefeb3fbbb33031670951a0e74de2778529da3f.
1441614289.git.crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Markus Armbruster [Mon, 14 Sep 2015 11:54:03 +0000 (13:54 +0200)]
qemu-char: Use g_new() & friends where that makes obvious sense
g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer,
for two reasons. One, it catches multiplication overflowing size_t.
Two, it returns T * rather than void *, which lets the compiler catch
more type errors.
This commit only touches allocations with size arguments of the form
sizeof(T). Same Coccinelle semantic patch as in commit b45c03f.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <
1442231643-23630-1-git-send-email-armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Pavel Butsykin [Thu, 10 Sep 2015 15:39:01 +0000 (18:39 +0300)]
monitor: added generation of documentation for hmp-commands-info.hx
It will be easier if you need to add info-commands to edit
only hmp-commands-info.hx, before this had to edit monitor.c and
hmp-commands.hx.
From the build point of view all documentation is saved into
qemu-monitor-info.texi which from now on is used for all user
documentation building.
Signed-off-by: Pavel Butsykin <pbutsykin@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <
1441899541-1856-5-git-send-email-den@openvz.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Pavel Butsykin [Thu, 10 Sep 2015 15:39:00 +0000 (18:39 +0300)]
hmp-commands.hx: fix end of table info
The table info(information about the system state) closes earlier
and some of its elements are outside(trace-events, rocker, etc). This
can be confusing and lead to additional bugs.
Signed-off-by: Pavel Butsykin <pbutsykin@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <
1441899541-1856-4-git-send-email-den@openvz.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Pavel Butsykin [Thu, 10 Sep 2015 15:38:59 +0000 (18:38 +0300)]
monitor: remove target-specific code from monitor.c
Move target-specific code out of /monitor.c to /target-*/monitor.c,
this will avoid code cluttering and using random ifdeffery. The solution
is quite simple, but solves the issue of the separation of target-specific
code from monitor.
Signed-off-by: Pavel Butsykin <pbutsykin@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <
1441899541-1856-3-git-send-email-den@openvz.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Pavel Butsykin [Thu, 10 Sep 2015 15:38:58 +0000 (18:38 +0300)]
hmp-commands-info: move info_cmds content out of monitor.c
For moving target- and device-specific code from monitor.c,
to beginning we move info_cmds content to hmp-commands-info.hx
Signed-off-by: Pavel Butsykin <pbutsykin@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <
1441899541-1856-2-git-send-email-den@openvz.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Andrey Smetanin [Wed, 9 Sep 2015 12:41:30 +0000 (14:41 +0200)]
i386/kvm: Hyper-v crash msrs set/get'ers and migration
KVM Hyper-V based guests can notify hypervisor about
occurred guest crash by writing into Hyper-V crash MSR's.
This patch does handling and migration of HV_X64_MSR_CRASH_P0-P4,
HV_X64_MSR_CRASH_CTL msrs. User can enable these MSR's by
'hv-crash' option.
Signed-off-by: Andrey Smetanin <asmetanin@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Andreas Färber <afaerber@suse.de>
Message-Id: <
1435924905-8926-13-git-send-email-den@openvz.org>
[Folks, stop abrviating variable names!!! Also fix compilation on
non-Linux/x86. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Andrey Smetanin [Fri, 3 Jul 2015 12:01:43 +0000 (15:01 +0300)]
kvm: Add kvm system event crash handler
KVM kernel can send guest crash events into userspace.
Appropriate guest crash handler is called when kernel guest
crash event received. Guest crash event recognized by a
KVM_SYSTEM_EVENT_CRASH type of system event.
Signed-off-by: Andrey Smetanin <asmetanin@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Andreas Färber <afaerber@suse.de>
Message-Id: <
1435924905-8926-11-git-send-email-den@openvz.org>
[Rebase: add lock/unlock iothread around qemu_system_guest_panicked - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Andrey Smetanin [Fri, 3 Jul 2015 12:01:44 +0000 (15:01 +0300)]
cpu: Add crash_occurred flag into CPUState
CPUState::crash_occurred field inside CPUState marks
that guest crash occurred. This value is added into
cpu common migration subsection.
Signed-off-by: Andrey Smetanin <asmetanin@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Andreas Färber <afaerber@suse.de>
Message-Id: <
1435924905-8926-12-git-send-email-den@openvz.org>
[Document the new field. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 9 Sep 2015 13:25:52 +0000 (15:25 +0200)]
target-i386: move asm-x86/hyperv.h to standard-headers
The Hyper-V definitions are an industry standard and can be used
from code that is not KVM-specific.
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 9 Sep 2015 13:25:52 +0000 (15:25 +0200)]
update-linux-headers: copy standard-headers files one by one
cp_virtio is called for both the asm-s390/ and linux/ directories,
so it looks for pci_regs.h and input.h files in asm-s390/ too. This
makes little sense. In the next patch we will have the opposite
problem; we want to add asm-x86/hyperv.h, and there's also a
linux/hyperv.h file with unwanted dependencies on additional Linux
uapi headers. We do not want to copy linux/hyperv.h.
The solution is to make cp_virtio (now renamed to cp_portable) copy
one file only, instead of using the "find" command, and call it multiple
times. The new function is really just a reindentation of the old one.
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 9 Sep 2015 12:50:17 +0000 (14:50 +0200)]
update Linux headers to 4.3-rc1
The update to 4.2 was reviewed by Michael S. Tsirkin and Cornelia
Huck. The further update to 4.3-rc1 only touches KVM files.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Thu, 10 Sep 2015 09:31:12 +0000 (11:31 +0200)]
pci: remove Link Training error from AER error list
The spec says:
Undefined – The value read from this bit is
undefined. In previous versions of this
specification, this bit was used to indicate a Link
Training Error. System software must ignore the
value read from this bit. System software is
permitted to write any value to this bit.
Do not allow injecting it.
Suggested-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 16 Sep 2015 12:26:59 +0000 (14:26 +0200)]
Revert "rcu: init rcu_registry_lock after fork"
This reverts commit
5243722376873a48e9852a58b91f4d4101ee66e4.
The patch forgot about rcu_sync_lock and was committed by mistake.
Reported-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Peter Maydell [Wed, 16 Sep 2015 15:19:49 +0000 (16:19 +0100)]
Merge remote-tracking branch 'remotes/rth/tags/pull-target-i386-
20150915' into staging
Exception handling improvments from Pavel Dovgalyuk.
# gpg: Signature made Tue 15 Sep 2015 20:36:14 BST using RSA key ID
4DD0279B
# gpg: Good signature from "Richard Henderson <rth7680@gmail.com>"
# gpg: aka "Richard Henderson <rth@redhat.com>"
# gpg: aka "Richard Henderson <rth@twiddle.net>"
* remotes/rth/tags/pull-target-i386-
20150915:
target-i386: exception handling for other helper functions
target-i386: exception handling for seg_helper functions
target-i386: exception handling for memory helpers
target-i386: exception handling for div instructions
target-i386: exception handling for FPU instructions
target-i386: introduce new raise_exception functions
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Jason Wang [Wed, 16 Sep 2015 03:05:30 +0000 (11:05 +0800)]
MAINTAINERS: Stefan will not maintain net subsystem
Talked with Stefan, he will not maintain net subsystem.
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Message-id:
1442372730-11360-1-git-send-email-jasowang@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Pavel Dovgalyuk [Fri, 10 Jul 2015 09:57:41 +0000 (12:57 +0300)]
target-i386: exception handling for other helper functions
This patch fixes exception handling for other helper functions.
Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Pavel Dovgalyuk [Fri, 10 Jul 2015 09:57:36 +0000 (12:57 +0300)]
target-i386: exception handling for seg_helper functions
This patch fixes exception handling for seg_helper functions.
Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Pavel Dovgalyuk [Fri, 10 Jul 2015 09:57:30 +0000 (12:57 +0300)]
target-i386: exception handling for memory helpers
This patch fixes exception handling for memory helpers
and removes obsolete PC update from translate.c.
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Pavel Dovgalyuk [Fri, 10 Jul 2015 09:57:25 +0000 (12:57 +0300)]
target-i386: exception handling for div instructions
This patch fixes exception handling for div instructions
and removes obsolete PC update from translate.c.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Pavel Dovgalyuk [Fri, 10 Jul 2015 09:57:19 +0000 (12:57 +0300)]
target-i386: exception handling for FPU instructions
This patch fixes exception handling for FPU instructions
and removes obsolete PC update from translate.c.
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Pavel Dovgalyuk [Fri, 10 Jul 2015 09:57:13 +0000 (12:57 +0300)]
target-i386: introduce new raise_exception functions
This patch introduces new versions of raise_exception functions
that receive TB return address as an argument.
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Peter Maydell [Tue, 15 Sep 2015 16:24:27 +0000 (17:24 +0100)]
Merge remote-tracking branch 'remotes/rth/tags/pull-tile-
20150915' into staging
TileGX basic instructions
# gpg: Signature made Tue 15 Sep 2015 15:57:08 BST using RSA key ID
4DD0279B
# gpg: Good signature from "Richard Henderson <rth7680@gmail.com>"
# gpg: aka "Richard Henderson <rth@redhat.com>"
# gpg: aka "Richard Henderson <rth@twiddle.net>"
* remotes/rth/tags/pull-tile-
20150915: (35 commits)
target-tilegx: Handle v1shl, v1shru, v1shrs
target-tilegx: Handle v1shli, v1shrui
target-tilegx: Handle v4int_l/h
target-tilegx: Handle atomic instructions
target-tilegx: Handle mtspr, mfspr
target-tilegx: Handle v1cmpeq, v1cmpne
target-tilegx: Handle mask instructions
target-tilegx: Handle scalar multiply instructions
target-tilegx: Handle conditional move instructions
target-tilegx: Handle shift instructions
target-tilegx: Handle bitfield instructions
target-tilegx: Implement system and memory management instructions
target-tilegx: Handle comparison instructions
target-tilegx: Handle conditional branch instructions
target-tilegx: Handle unconditional jump instructions
target-tilegx: Handle post-increment load and store instructions
target-tilegx: Handle basic load and store instructions
target-tilegx: Handle most bit manipulation instructions
target-arm: Use new revbit functions
host-utils: Add revbit functions
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Richard Henderson [Mon, 24 Aug 2015 15:56:45 +0000 (08:56 -0700)]
target-tilegx: Handle v1shl, v1shru, v1shrs
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Mon, 24 Aug 2015 15:13:59 +0000 (08:13 -0700)]
target-tilegx: Handle v1shli, v1shrui
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Mon, 24 Aug 2015 15:01:52 +0000 (08:01 -0700)]
target-tilegx: Handle v4int_l/h
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Mon, 24 Aug 2015 14:55:47 +0000 (07:55 -0700)]
target-tilegx: Handle atomic instructions
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Sat, 22 Aug 2015 21:19:45 +0000 (14:19 -0700)]
target-tilegx: Handle mtspr, mfspr
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Sat, 22 Aug 2015 19:37:59 +0000 (12:37 -0700)]
target-tilegx: Handle v1cmpeq, v1cmpne
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Sat, 22 Aug 2015 17:42:44 +0000 (10:42 -0700)]
target-tilegx: Handle mask instructions
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Sat, 22 Aug 2015 17:37:38 +0000 (10:37 -0700)]
target-tilegx: Handle scalar multiply instructions
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Sat, 22 Aug 2015 07:15:07 +0000 (00:15 -0700)]
target-tilegx: Handle conditional move instructions
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Fri, 21 Aug 2015 21:41:41 +0000 (14:41 -0700)]
target-tilegx: Handle shift instructions
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Fri, 21 Aug 2015 21:06:57 +0000 (14:06 -0700)]
target-tilegx: Handle bitfield instructions
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Fri, 21 Aug 2015 20:14:25 +0000 (13:14 -0700)]
target-tilegx: Implement system and memory management instructions
Most of which are either nops or exceptions.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Fri, 21 Aug 2015 18:57:42 +0000 (11:57 -0700)]
target-tilegx: Handle comparison instructions
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Fri, 21 Aug 2015 18:03:37 +0000 (11:03 -0700)]
target-tilegx: Handle conditional branch instructions
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Fri, 21 Aug 2015 17:23:07 +0000 (10:23 -0700)]
target-tilegx: Handle unconditional jump instructions
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Fri, 21 Aug 2015 16:49:44 +0000 (09:49 -0700)]
target-tilegx: Handle post-increment load and store instructions
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Fri, 21 Aug 2015 16:47:56 +0000 (09:47 -0700)]
target-tilegx: Handle basic load and store instructions
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Fri, 21 Aug 2015 04:30:51 +0000 (21:30 -0700)]
target-tilegx: Handle most bit manipulation instructions
The crc instructions are omitted from this set.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Mon, 14 Sep 2015 20:38:53 +0000 (13:38 -0700)]
target-arm: Use new revbit functions
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Mon, 14 Sep 2015 20:00:34 +0000 (13:00 -0700)]
host-utils: Add revbit functions
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Fri, 21 Aug 2015 04:11:28 +0000 (21:11 -0700)]
target-tilegx: Handle arithmetic instructions
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Mon, 24 Aug 2015 15:31:10 +0000 (08:31 -0700)]
target-tilegx: Handle simple logical operations
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Chen Gang [Thu, 20 Aug 2015 21:43:37 +0000 (05:43 +0800)]
target-tilegx: Add TILE-Gx building files
Add related configuration and make files for tilegx.
The target can now build, though not run anything.
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <BLU436-SMTP1588E5A03AD5E94B07E988B9660@phx.gbl>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Fri, 21 Aug 2015 18:49:38 +0000 (11:49 -0700)]
target-tilegx: Generate SEGV properly
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Peter Maydell [Tue, 15 Sep 2015 14:42:58 +0000 (15:42 +0100)]
Merge remote-tracking branch 'remotes/berrange/tags/vnc-crypto-v9-for-upstream' into staging
Merge vnc-crypto-v9
# gpg: Signature made Tue 15 Sep 2015 15:32:38 BST using RSA key ID
15104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>"
# gpg: aka "Daniel P. Berrange <berrange@redhat.com>"
* remotes/berrange/tags/vnc-crypto-v9-for-upstream:
ui: convert VNC server to use QCryptoTLSSession
ui: fix return type for VNC I/O functions to be ssize_t
crypto: introduce new module for handling TLS sessions
crypto: add sanity checking of TLS x509 credentials
crypto: introduce new module for TLS x509 credentials
crypto: introduce new module for TLS anonymous credentials
crypto: introduce new base module for TLS credentials
qom: allow QOM to be linked into tools binaries
crypto: move crypto objects out of libqemuutil.la
tests: remove repetition in unit test object deps
qapi: allow override of default enum prefix naming
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Richard Henderson [Fri, 21 Aug 2015 03:36:48 +0000 (20:36 -0700)]
target-tilegx: Framework for decoding bundles
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Chen Gang [Thu, 20 Aug 2015 21:41:51 +0000 (05:41 +0800)]
target-tilegx: Add several helpers for instructions translation
The related instructions are exception, cntlz, cnttz, shufflebytes.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Message-Id: <BLU436-SMTP83F96FD8422BE49AFDC9DFB9660@phx.gbl>
[rth: Remove incorrect implementation of add_saturate.]
Signed-off-by: Richard Henderson <rth@twiddle.net>
Chen Gang [Thu, 20 Aug 2015 21:41:01 +0000 (05:41 +0800)]
target-tilegx: Add cpu basic features for linux-user
It implements minimized cpu features for linux-user.
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <BLU436-SMTP114819BB03D853801AA9C3CB9660@phx.gbl>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Chen Gang [Thu, 20 Aug 2015 21:40:18 +0000 (05:40 +0800)]
target-tilegx: Add special register information from Tilera Corporation
The related copy is from Linux kernel "arch/tile/include/uapi/arch/
spr_def_64.h".
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <BLU436-SMTP1093D605AAE9B4837B564B8B9660@phx.gbl>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Fri, 21 Aug 2015 16:49:30 +0000 (09:49 -0700)]
target-tilegx: Fix LDNA_ADD_IMM8_OPCODE_X1
An obvious typo in the mnemonic here.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Richard Henderson [Fri, 21 Aug 2015 03:40:14 +0000 (20:40 -0700)]
target-tilegx: Modify _SPECIAL_ opcodes
Both ADDX_SPECIAL_0_OPCODE_Y1 and ADD_SPECIAL_0_OPCODE_Y1
do not appear to be "special" in any way, except that they
don't follow the normal naming convention using _RRR_.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Chen Gang [Thu, 20 Aug 2015 21:39:33 +0000 (05:39 +0800)]
target-tilegx: Modify opcode_tilegx.h to fit QEMU usage
Use 'inline' instead of '__inline', and also use 'uint64_t' instead of
"unsigned long long"
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <BLU436-SMTP1945B04384351D5EE7D9DECB9660@phx.gbl>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Chen Gang [Thu, 20 Aug 2015 21:38:46 +0000 (05:38 +0800)]
target-tilegx: Add opcode basic implementation from Tilera Corporation
It is copied from Linux kernel "arch/tile/include/uapi/arch/
opcode_tilegx.h".
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <BLU436-SMTP2087FA98B64A20B25155D9AB9660@phx.gbl>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Chen Gang [Thu, 20 Aug 2015 21:37:33 +0000 (05:37 +0800)]
linux-user: Conditionalize syscalls which are not defined in tilegx
Some of architectures (e.g. tilegx), several syscall macros are not
supported, so switch them.
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <BLU436-SMTP457D6FC9B2B9BA87AEB22CB9660@phx.gbl>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Chen Gang [Thu, 20 Aug 2015 21:36:37 +0000 (05:36 +0800)]
linux-user: Support tilegx architecture in linux-user
Add main working flow feature, system call processing feature, and elf64
tilegx binary loading feature, based on Linux kernel tilegx 64-bit
implementation.
[rth: Moved all of the implementation of atomic instructions to a later patch.]
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <BLU436-SMTP938552D42808AA60634582B9660@phx.gbl>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Daniel P. Berrange [Thu, 6 Aug 2015 13:39:32 +0000 (14:39 +0100)]
ui: convert VNC server to use QCryptoTLSSession
Switch VNC server over to using the QCryptoTLSSession object
for the TLS session. This removes the direct use of gnutls
from the VNC server code. It also removes most knowledge
about TLS certificate handling from the VNC server code.
This has the nice effect that all the CONFIG_VNC_TLS
conditionals go away and the user gets an actual error
message when requesting TLS instead of it being silently
ignored.
With this change, the existing configuration options for
enabling TLS with -vnc are deprecated.
Old syntax for anon-DH credentials:
-vnc hostname:0,tls
New syntax:
-object tls-creds-anon,id=tls0,endpoint=server \
-vnc hostname:0,tls-creds=tls0
Old syntax for x509 credentials, no client certs:
-vnc hostname:0,tls,x509=/path/to/certs
New syntax:
-object tls-creds-x509,id=tls0,dir=/path/to/certs,endpoint=server,verify-peer=no \
-vnc hostname:0,tls-creds=tls0
Old syntax for x509 credentials, requiring client certs:
-vnc hostname:0,tls,x509verify=/path/to/certs
New syntax:
-object tls-creds-x509,id=tls0,dir=/path/to/certs,endpoint=server,verify-peer=yes \
-vnc hostname:0,tls-creds=tls0
This aligns VNC with the way TLS credentials are to be
configured in the future for chardev, nbd and migration
backends. It also has the benefit that the same TLS
credentials can be shared across multiple VNC server
instances, if desired.
If someone uses the deprecated syntax, it will internally
result in the creation of a 'tls-creds' object with an ID
based on the VNC server ID. This allows backwards compat
with the CLI syntax, while still deleting all the original
TLS code from the VNC server.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Chen Gang [Thu, 20 Aug 2015 21:35:43 +0000 (05:35 +0800)]
linux-user: tilegx: Add architecture related features
They are based on Linux kernel tilegx architecture for 64 bit binary,
and also based on tilegx ABI reference document, and also reference from
other targets implementations.
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <BLU436-SMTP2508945F92945BB525605A3B9660@phx.gbl>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Daniel P. Berrange [Thu, 6 Aug 2015 14:35:55 +0000 (15:35 +0100)]
ui: fix return type for VNC I/O functions to be ssize_t
Various VNC server I/O functions return 'long' and then
also pass this to a method accepting 'int'. All these
should be ssize_t to match the signature of read/write
APIs and thus avoid potential for integer truncation /
wraparound.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Daniel P. Berrange [Mon, 2 Mar 2015 17:23:31 +0000 (17:23 +0000)]
crypto: introduce new module for handling TLS sessions
Introduce a QCryptoTLSSession object that will encapsulate
all the code for setting up and using a client/sever TLS
session. This isolates the code which depends on the gnutls
library, avoiding #ifdefs in the rest of the codebase, as
well as facilitating any possible future port to other TLS
libraries, if desired. It makes use of the previously
defined QCryptoTLSCreds object to access credentials to
use with the session. It also includes further unit tests
to validate the correctness of the TLS session handshake
and certificate validation. This is functionally equivalent
to the current TLS session handling code embedded in the
VNC server, and will obsolete it.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Daniel P. Berrange [Mon, 13 Apr 2015 13:01:39 +0000 (14:01 +0100)]
crypto: add sanity checking of TLS x509 credentials
If the administrator incorrectly sets up their x509 certificates,
the errors seen at runtime during connection attempts are very
obscure and difficult to diagnose. This has been a particular
problem for people using openssl to generate their certificates
instead of the gnutls certtool, because the openssl tools don't
turn on the various x509 extensions that gnutls expects to be
present by default.
This change thus adds support in the TLS credentials object to
sanity check the certificates when QEMU first loads them. This
gives the administrator immediate feedback for the majority of
common configuration mistakes, reducing the pain involved in
setting up TLS. The code is derived from equivalent code that
has been part of libvirt's TLS support and has been seen to be
valuable in assisting admins.
It is possible to disable the sanity checking, however, via
the new 'sanity-check' property on the tls-creds object type,
with a value of 'no'.
Unit tests are included in this change to verify the correctness
of the sanity checking code in all the key scenarios it is
intended to cope with. As part of the test suite, the pkix_asn1_tab.c
from gnutls is imported. This file is intentionally copied from the
(long since obsolete) gnutls 1.6.3 source tree, since that version
was still under GPLv2+, rather than the GPLv3+ of gnutls >= 2.0.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Daniel P. Berrange [Fri, 13 Mar 2015 17:39:26 +0000 (17:39 +0000)]
crypto: introduce new module for TLS x509 credentials
Introduce a QCryptoTLSCredsX509 class which is used to
manage x509 certificate TLS credentials. This will be
the preferred credential type offering strong security
characteristics
Example CLI configuration:
$QEMU -object tls-creds-x509,id=tls0,endpoint=server,\
dir=/path/to/creds/dir,verify-peer=yes
The 'id' value in the -object args will be used to associate the
credentials with the network services. For example, when the VNC
server is later converted it would use
$QEMU -object tls-creds-x509,id=tls0,.... \
-vnc 127.0.0.1:1,tls-creds=tls0
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Daniel P. Berrange [Fri, 13 Mar 2015 17:39:26 +0000 (17:39 +0000)]
crypto: introduce new module for TLS anonymous credentials
Introduce a QCryptoTLSCredsAnon class which is used to
manage anonymous TLS credentials. Use of this class is
generally discouraged since it does not offer strong
security, but it is required for backwards compatibility
with the current VNC server implementation.
Simple example CLI configuration:
$QEMU -object tls-creds-anon,id=tls0,endpoint=server
Example using pre-created diffie-hellman parameters
$QEMU -object tls-creds-anon,id=tls0,endpoint=server,\
dir=/path/to/creds/dir
The 'id' value in the -object args will be used to associate the
credentials with the network services. For example, when the VNC
server is later converted it would use
$QEMU -object tls-creds-anon,id=tls0,.... \
-vnc 127.0.0.1:1,tls-creds=tls0
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Daniel P. Berrange [Fri, 13 Mar 2015 17:39:26 +0000 (17:39 +0000)]
crypto: introduce new base module for TLS credentials
Introduce a QCryptoTLSCreds class to act as the base class for
storing TLS credentials. This will be later subclassed to provide
handling of anonymous and x509 credential types. The subclasses
will be user creatable objects, so instances can be created &
deleted via 'object-add' and 'object-del' QMP commands respectively,
or via the -object command line arg.
If the credentials cannot be initialized an error will be reported
as a QMP reply, or on stderr respectively.
The idea is to make it possible to represent and manage TLS
credentials independently of the network service that is using
them. This will enable multiple services to use the same set of
credentials and minimize code duplication. A later patch will
convert the current VNC server TLS code over to use this object.
The representation of credentials will be functionally equivalent
to that currently implemented in the VNC server with one exception.
The new code has the ability to (optionally) load a pre-generated
set of diffie-hellman parameters, if the file dh-params.pem exists,
whereas the current VNC server will always generate them on startup.
This is beneficial for admins who wish to avoid the (small) time
sink of generating DH parameters at startup and/or avoid depleting
entropy.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Daniel P. Berrange [Wed, 2 Sep 2015 10:18:16 +0000 (11:18 +0100)]
qom: allow QOM to be linked into tools binaries
The qom objects are currently added to common-obj-y
which is only linked into the system emulators. The
later crypto patches will depend on QOM infrastructure
and will also be used from tools binaries. Thus the QOM
objects are moved into a new qom-obj-y variable which
can be referenced when linking tools, system emulators
and tests.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Daniel P. Berrange [Wed, 2 Sep 2015 09:57:27 +0000 (10:57 +0100)]
crypto: move crypto objects out of libqemuutil.la
Future patches will be adding more crypto related APIs which
rely on QOM infrastructure. This creates a problem, because
QOM relies on library constructors to register objects. When
you have a file in a static .a library though which is only
referenced by a constructor the linker is dumb and will drop
that file when linking to the final executable :-( The only
workaround for this is to link the .a library to the executable
using the -Wl,--whole-archive flag, but this creates its own
set of problems because QEMU is relying on lazy linking for
libqemuutil.a. Using --whole-archive majorly increases the
size of final executables as they now contain a bunch of
object code they don't actually use.
The least bad option is to thus not include the crypto objects
in libqemuutil.la, and instead define a crypto-obj-y variable
that is referenced directly by all the executables that need
this code (tools + softmmu, but not qemu-ga). We avoid pulling
entire of crypto-obj-y into the userspace emulators as that
would force them to link to gnutls too, which is not required.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Peter Maydell [Tue, 15 Sep 2015 13:11:28 +0000 (14:11 +0100)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-gtk-
20150915-1' into staging
gtk: misc grab tweaks, locale fix.
# gpg: Signature made Tue 15 Sep 2015 11:35:36 BST using RSA key ID
D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg: aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
* remotes/kraxel/tags/pull-gtk-
20150915-1:
gtk: use setlocale() for LC_MESSAGES only
gtk: don't grab input when entering fullscreen.
gtk: set free_scale when setting zoom_fit
gtk: trace input grab reason
gtk: move gd_update_caption calls to gd_{grab,ungrab}_{pointer,keyboard}
gtk: check for existing grabs in gd_grab_{pointer,keyboard}
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Tue, 15 Sep 2015 12:03:53 +0000 (13:03 +0100)]
Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging
This net pull request contains security fixes for qemu.git/master. The patches
should also be applied to stable trees.
The ne2000 NIC model has QEMU memory corruption issue. Both ne2000 and e1000
have an infinite loop.
Please see the patches for CVE numbers and details on the bugs.
# gpg: Signature made Tue 15 Sep 2015 13:02:21 BST using RSA key ID
81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>"
* remotes/stefanha/tags/net-pull-request:
net: avoid infinite loop when receiving packets(CVE-2015-5278)
net: add checks to validate ring buffer pointers(CVE-2015-5279)
e1000: Avoid infinite loop in processing transmit descriptor (CVE-2015-6815)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
P J P [Tue, 15 Sep 2015 11:16:59 +0000 (16:46 +0530)]
net: avoid infinite loop when receiving packets(CVE-2015-5278)
Ne2000 NIC uses ring buffer of NE2000_MEM_SIZE(49152)
bytes to process network packets. While receiving packets
via ne2000_receive() routine, a local 'index' variable
could exceed the ring buffer size, leading to an infinite
loop situation.
Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: P J P <pjp@fedoraproject.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
P J P [Tue, 15 Sep 2015 11:10:49 +0000 (16:40 +0530)]
net: add checks to validate ring buffer pointers(CVE-2015-5279)
Ne2000 NIC uses ring buffer of NE2000_MEM_SIZE(49152)
bytes to process network packets. While receiving packets
via ne2000_receive() routine, a local 'index' variable
could exceed the ring buffer size, which could lead to a
memory buffer overflow. Added other checks at initialisation.
Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: P J P <pjp@fedoraproject.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
P J P [Fri, 4 Sep 2015 16:21:06 +0000 (17:21 +0100)]
e1000: Avoid infinite loop in processing transmit descriptor (CVE-2015-6815)
While processing transmit descriptors, it could lead to an infinite
loop if 'bytes' was to become zero; Add a check to avoid it.
[The guest can force 'bytes' to 0 by setting the hdr_len and mss
descriptor fields to 0.
--Stefan]
Signed-off-by: P J P <pjp@fedoraproject.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-id:
1441383666-6590-1-git-send-email-stefanha@redhat.com
Alberto Garcia [Thu, 10 Sep 2015 15:19:32 +0000 (18:19 +0300)]
gtk: use setlocale() for LC_MESSAGES only
The QEMU code is not internationalized and assumes that it runs under
the C locale, but if we use the GTK+ UI we'll end up importing the
locale settings from the environment. This can break things, such as
the JSON generator and iotest 120 in locales that use a decimal comma.
We do however have translations for a few simple strings for the GTK+
menu items, so in order to run QEMU using the C locale, and yet have a
translated UI let's use setlocale() for LC_MESSAGES only.
Cc: qemu-stable@nongnu.org
Signed-off-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Gerd Hoffmann [Wed, 9 Sep 2015 08:14:54 +0000 (10:14 +0200)]
gtk: don't grab input when entering fullscreen.
Kick off all grabbing logic from fullscreen mode. In the current state
it seems to create more problems than it solves. Try running qemu/gtk
fullscreen on one head of a multihead host for example ...
There probably was a reason the grab-on-fullscreen logic was added in
the first place. So please test and report any issues so we can try to
find a sane way to handle it.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>