Amit Shah [Wed, 27 Jul 2011 08:30:32 +0000 (14:00 +0530)]
virtio: Plug memleak by freeing vdev
virtio_common_init() allocates RAM for the vdev struct (and any
additional memory, depending on the size passed to the function). This
memory wasn't being freed until now.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Amit Shah [Wed, 27 Jul 2011 08:30:31 +0000 (14:00 +0530)]
virtio-net: don't use vdev after virtio_cleanup
virtio_cleanup() will be changed by the following patch to remove the
VirtIONet struct that gets allocated via virtio_common_init(). Ensure
we don't dereference the structure after calling the cleanup function.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Amit Shah [Wed, 27 Jul 2011 08:30:30 +0000 (14:00 +0530)]
virtio-blk: Fix memleak on exit
Calling virtio_cleanup() will free up memory allocated in
virtio_common_init().
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Michael S. Tsirkin [Wed, 27 Jul 2011 08:08:20 +0000 (11:08 +0300)]
virtio-pci: use generic logic for command access
In practice, guests don't generate config requests
that cross a word boundary, so the logic to
detect command word access is correct because
PCI_COMMAND is 0x4. But depending on this is
tricky, further, it will break with guests
that do try to generate a misaligned access
as we pass it to devices without splitting.
Better to use the generic range_covers_byte for this.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Jan Kiszka [Fri, 22 Jul 2011 09:05:01 +0000 (11:05 +0200)]
pci: Common overflow prevention
Introduce pci_config_read/write_common helpers to prevent passing
accesses down the callback chain that go beyond the config space limits.
Adjust length assertions as they are no longer correct (cutting may
generate valid 3 byte accesses).
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Markus Armbruster [Thu, 16 Jun 2011 16:45:37 +0000 (18:45 +0200)]
Fix netdev name lookup in -device, device_add, netdev_del
qemu_find_netdev() looks up members of non_vlan_clients by name. It
happily returns the first match. Trouble is the names need not be
unique.
non_vlan_clients contains host parts (netdevs) and guest parts (NICs).
Netdevs have unique names: a netdev's name is a (mandatory)
qemu_netdev_opts ID, and these are unique.
NIC names are not unique. If a NIC has a qdev ID (which is unique),
that's its name. Else, we make up a name. The made-up names are
unique, but they can clash with qdev IDs. Even if NICs had unique
names, they could still clash with netdev names.
Callers of qemu_find_netdev():
* net_init_nic() wants a netdev. It happens to work because it runs
before NICs get added to non_vlan_clients.
* do_netdev_del() wants a netdev. If it gets a NIC, it complains and
fails. Bug: a netdev with the same name that comes later in
non_vlan_clients can't be deleted:
$ qemu-system-x86_64 -nodefaults -vnc :0 -S -monitor stdio -netdev user,id=hostnet0 -device virtio-net-pci,netdev=hostnet0,id=virtio1
[...]
(qemu) netdev_add user,id=virtio1
(qemu) info network
Devices not on any VLAN:
hostnet0: net=10.0.2.0, restricted=n peer=virtio1
virtio1: model=virtio-net-pci,macaddr=52:54:00:12:34:56 peer=hostnet0
virtio1: net=10.0.2.0, restricted=n
(qemu) netdev_del virtio1
Device 'virtio1' not found
* parse_netdev() wants a netdev. If it gets a NIC, it gets confused.
With the test setup above:
(qemu) device_add virtio-net-pci,netdev=virtio1
Property 'virtio-net-pci.netdev' can't take value 'virtio1', it's in use
You can even connect two NICs to each other:
$ qemu-system-x86_64 -nodefaults -vnc :0 -S -monitor stdio -device virtio-net-pci,id=virtio1 -device e1000,netdev=virtio1
[...]
Devices not on any VLAN:
virtio1: model=virtio-net-pci,macaddr=52:54:00:12:34:56 peer=e1000.0
e1000.0: model=e1000,macaddr=52:54:00:12:34:57 peer=virtio1
(qemu) q
Segmentation fault (core dumped)
* do_set_link() works fine for both netdevs and NICs. Whether it
really makes sense for netdevs is debatable, but that's outside this
patch's scope.
Change qemu_find_netdev() to return only netdevs. This fixes the
netdev_del and device_add/-device bugs demonstrated above.
To avoid changing set_link, make do_set_link() search non_vlan_clients
by hand instead of calling qemu_find_netdev().
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Markus Armbruster [Thu, 16 Jun 2011 16:45:36 +0000 (18:45 +0200)]
Fix automatically assigned network names for netdev
If a network client doesn't have a name, we make one up, with
assign_name(). assign_name() creates a name MODEL.NUM, where MODEL is
the client's model, and NUM is the number of MODELs that already
exist.
Bug: it misses clients that are not on a VLAN, i.e. netdevs and the
NICs using them:
$ qemu-system-x86_64 -nodefaults -vnc :0 -S -monitor stdio -netdev user,id=hostnet0 -net nic,netdev=hostnet0 -netdev user,id=hostnet1 -net nic,netdev=hostnet1
QEMU 0.14.50 monitor - type 'help' for more information
(qemu) info network
Devices not on any VLAN:
hostnet0: net=10.0.2.0, restricted=n peer=e1000.0
hostnet1: net=10.0.2.0, restricted=n peer=e1000.0
e1000.0: model=e1000,macaddr=52:54:00:12:34:56 peer=hostnet0
e1000.0: model=e1000,macaddr=52:54:00:12:34:57 peer=hostnet1
Fix that.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Michael S. Tsirkin [Mon, 20 Jun 2011 10:42:27 +0000 (13:42 +0300)]
virtio: fix indirect descriptor buffer overflow
We were previously allowing arbitrarily-long indirect descriptors, which
could lead to a buffer overflow in qemu-kvm process.
CVE-2011-2212
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Michael S. Tsirkin [Sun, 26 Jun 2011 13:30:45 +0000 (16:30 +0300)]
xen: move to new pci initializers
move ids to pci info structure
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Anthony PERARD [Wed, 22 Jun 2011 15:58:31 +0000 (16:58 +0100)]
hw/piix_pci.c: Fix PIIX3-xen to initialize ids
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Michael S. Tsirkin [Sun, 26 Jun 2011 13:17:27 +0000 (16:17 +0300)]
pci_ids: tweak names to match linux/pci_ids.h
Sync xen names to ones used by linux. Add
xen platform device id as well.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Michael S. Tsirkin [Tue, 21 Jun 2011 17:34:17 +0000 (20:34 +0300)]
vhost: fix double free on device stop
vhost dev stop failed to clear the log field.
Typically not an issue as dev start overwrites this field,
but if logging gets disabled before the following start,
it doesn't so this causes a double free.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Alexandre Raymond [Wed, 15 Jun 2011 05:20:31 +0000 (01:20 -0400)]
Fix signal handling of SIG_IPI when io-thread is enabled
Both the signal thread (via sigwait()) and the cpu thread (via
a normal signal handler) were attempting to catch SIG_IPI.
This resulted in random freezes under Darwin.
This patch separates SIG_IPI from the rest of the signals handled
by the signal thread, because it is independently caught by the cpu
thread.
Signed-off-by: Alexandre Raymond <cerbere@gmail.com>
Acked-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Alexandre Raymond [Tue, 14 Jun 2011 14:05:36 +0000 (10:05 -0400)]
Fix signal handling when io-thread is disabled
Changes since v1:
- take pthread_sigmask() out of the ifdef as it is now common
to both parts.
This fix effectively blocks, in the main thread, the signals handled
by signalfd or the compatibility signal thread.
This way, such signals are received synchronously in the main thread
through sigfd_handler() instead of triggering the signal handler
directly, asynchronously.
Signed-off-by: Alexandre Raymond <cerbere@gmail.com>
Acked-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Peter Maydell [Wed, 22 Jun 2011 14:40:06 +0000 (15:40 +0100)]
tcg/README: Expand advice on number of TCG ops per target insn
Expand the note on the number of TCG ops generated per target insn,
to be clearer about the range of applicability of the 20 op rule
of thumb. Also add a note about the hard MAX_OP_PER_INSTR limit.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Artyom Tarasenko [Thu, 14 Jul 2011 17:37:06 +0000 (19:37 +0200)]
set ELF_HWCAP for SPARC and SPARC64
setting ELF_HWCAP fixes dynamic library loading for Linux/sparc64
This patch allows loading busybox from Debian 6 initrd
Signed-off-by: Artyom Tarasenko <atar4qemu@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Thu, 14 Jul 2011 17:30:43 +0000 (17:30 +0000)]
Sparc: fix FPU and AM enable checks for translation
Translation used incorrectly CPUState fields directly to check
for FPU enable state and 32 bit address masking on Sparc64.
Fix by using TB flags instead.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Tsuneo Saito [Thu, 14 Jul 2011 09:41:43 +0000 (18:41 +0900)]
SPARC64: C99 comment fix for block-transfer ASIs
Fixed C99 comments on block-tranfer ASIs.
Signed-off-by: Tsuneo Saito <tsnsaito@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Tsuneo Saito [Thu, 14 Jul 2011 09:41:42 +0000 (18:41 +0900)]
SPARC64: Add JPS1 ASI_BLK_AIU[PS]L ASIs for ldfa and stfa
Support JPS1 little endian block transfer ASIs.
Signed-off-by: Tsuneo Saito <tsnsaito@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Tsuneo Saito [Thu, 14 Jul 2011 09:41:41 +0000 (18:41 +0900)]
SPARC64: Add UA2007 ASI_BLK_AIU[PS]L? ASIs for stfa
Support UA2007 block store ASIs for stfa instructions.
Signed-off-by: Tsuneo Saito <tsnsaito@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Tsuneo Saito [Thu, 14 Jul 2011 09:41:40 +0000 (18:41 +0900)]
SPARC64: Add UA2007 ASI_BLK_AIU[PS]L? ASIs for ldfa
Support UA2007 block load ASIs for ldfa instructions.
Signed-off-by: Tsuneo Saito <tsnsaito@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Tsuneo Saito [Thu, 14 Jul 2011 09:41:39 +0000 (18:41 +0900)]
SPARC64: fp_disabled checks on stfa/stdfa/stqfa
stfa/stdfa/stqfa instructions should raise fp_disabled exceptions
if %pstate.PEF==0 or %fprs.FEF==0.
Signed-off-by: Tsuneo Saito <tsnsaito@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Tsuneo Saito [Thu, 14 Jul 2011 09:41:38 +0000 (18:41 +0900)]
SPARC64: Implement stfa/stdfa/stqfa instrcutions properly
This patch implements sparcv9 stfa/stdfa/stqfa instructions
with non block-store ASIs.
Signed-off-by: Tsuneo Saito <tsnsaito@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Tsuneo Saito [Thu, 14 Jul 2011 09:41:37 +0000 (18:41 +0900)]
SPARC64: fp_disabled checks on ldfa/lddfa/ldqfa
ldfa/lddfa/ldqfa instructions should raise fp_disabled exceptions
if %pstate.PEF==0 or %fprs.FEF==0.
Signed-off-by: Tsuneo Saito <tsnsaito@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Tsuneo Saito [Thu, 14 Jul 2011 09:41:36 +0000 (18:41 +0900)]
SPARC64: Implement ldfa/lddfa/ldqfa instructions properly
This patch implements sparcv9 ldfa/lddfa/ldqfa instructions
with non block-load ASIs.
Signed-off-by: Tsuneo Saito <tsnsaito@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Stefan Hajnoczi [Sat, 9 Jul 2011 09:22:07 +0000 (10:22 +0100)]
os-posix: set groups properly for -runas
Andrew Griffiths reports that -runas does not set supplementary group
IDs. This means that gid 0 (root) is not dropped when switching to an
unprivileged user.
Add an initgroups(3) call to use the -runas user's /etc/groups
membership to update the supplementary group IDs.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Acked-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Hervé Poussineau [Sat, 9 Jul 2011 14:44:41 +0000 (16:44 +0200)]
esp: cancel current request only if some request is in flight
This bug was introduced in
94d3f98a3f3caddd7875f9a11776daeb84962a7b:
scsi_cancel_io was checking if some request was pending before trying
to cancel it, while scsi_req_cancel always cancels the request.
This may lead to a crash of Qemu due to dereferencing a NULL pointer,
as exhibited by NetBSD 5.1 installer on MIPS Magnum emulation.
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Peter Maydell [Mon, 4 Jul 2011 21:02:46 +0000 (22:02 +0100)]
target-alpha, target-ppc: Remove unnecessary setjmp.h include
Remove the include of setjmp.h from the cpu.h of target-alpha
and target-ppc. This is unnecessary because cpu-defs.h already
includes this header; this change brings these two targets
into line with all the rest.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Stefan Weil [Mon, 4 Jul 2011 18:52:38 +0000 (20:52 +0200)]
Remove unneeded setjmp.h (fix compilation on Debian "lenny")
Some versions of png.h cannot be included after setjmp.h,
even when PNG_SKIP_SETJMP_CHECK was defined.
setjmp.h was included from qemu-common.h and is not needed there.
Removing the include statement fixes compilation of ui/vnc-enc-tight.c
with CONFIG_VNC_PNG defined.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Jan Kiszka [Sat, 2 Jul 2011 07:50:51 +0000 (09:50 +0200)]
tcg: Reload local variables after return from longjmp
Recent compilers look deep into cpu_exec, find longjmp as a noreturn
function and decide to smash some stack variables as they won't be used
again. This may lead to env becoming invalid after return from setjmp,
causing crashes. Fix it by reloading env from cpu_single_env in that
case.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Peter Maydell [Wed, 22 Jun 2011 14:16:32 +0000 (15:16 +0100)]
exec-all.h: Make MAX_OP_PER_INSTR large enough for target-arm's uses
The target-arm frontend's worst-case TCG ops per instr is 194 (and in
general many of the "load multiple registers" ARM instructions generate
more than 100 TCG ops). Raise MAX_OP_PER_INSTR accordingly to avoid
possible buffer overruns.
Since it doesn't make any sense for the "64 bit guest on 32 bit host"
case to have a smaller limit than the normal case, we collapse the
two cases back into each other again.
(This increase costs us about 14K in extra static buffer space and
21K of extra margin at the end of a 32MB codegen buffer.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Peter Maydell [Wed, 22 Jun 2011 10:58:25 +0000 (11:58 +0100)]
exec.c: Fix calculation of code_gen_buffer_max_size
When calculating the point at which we should not try to put another
TB into the code gen buffer, we have to allow not just for OPC_MAX_SIZE
but OPC_BUF_SIZE. This is because the target translate.c will only
stop when an instruction has put it past the OPC_MAX_SIZE limit, so
we have to include the MAX_OP_PER_INSTR margin which that final insn
might have used.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Alexander Graf [Tue, 5 Jul 2011 16:28:10 +0000 (18:28 +0200)]
spapr: use specific endian ld/st_phys
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Alexander Graf [Tue, 5 Jul 2011 16:28:09 +0000 (18:28 +0200)]
s390-virtio: use specific endian ld/st_phys
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Alexander Graf [Tue, 5 Jul 2011 16:28:08 +0000 (18:28 +0200)]
ppc405_uc: use specific endian ld/st_phys
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Alexander Graf [Tue, 5 Jul 2011 16:28:07 +0000 (18:28 +0200)]
pl080: use specific endian ld/st_phys
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Alexander Graf [Tue, 5 Jul 2011 16:28:06 +0000 (18:28 +0200)]
msix: use specific endian ld/st_phys
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Alexander Graf [Tue, 5 Jul 2011 16:28:05 +0000 (18:28 +0200)]
msi: use specific endian ld/st_phys
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Alexander Graf [Tue, 5 Jul 2011 16:28:04 +0000 (18:28 +0200)]
intel-hda: use specific endian ld/st_phys
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Alexander Graf [Tue, 5 Jul 2011 16:28:03 +0000 (18:28 +0200)]
hpet: use specific endian ld/st_phys
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Alexander Graf [Wed, 6 Jul 2011 07:09:23 +0000 (09:09 +0200)]
exec: add endian specific phys ld/st functions
Device code some times needs to access physical memory and does that
through the ld./st._phys functions. However, these are the exact same
functions that the CPU uses to access memory, which means they will
be endianness swapped depending on the target CPU.
However, devices don't know about the CPU's endianness, but instead
access memory directly using their own interface to the memory bus,
so they need some way to read data with their native endianness.
This patch adds _le and _be functions to ld./st._phys.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Kevin Wolf [Mon, 4 Jul 2011 12:43:58 +0000 (14:43 +0200)]
ide: Initialise buffers with zeros
Just in case there's still a way how a guest can read out buffers when it's not
supposed to, let's zero the buffers during initialisation so that we don't leak
information to the guest.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Kevin Wolf [Mon, 4 Jul 2011 12:07:50 +0000 (14:07 +0200)]
ide: Ignore reads during PIO in and writes during PIO out
This fixes https://bugs.launchpad.net/qemu/+bug/786209:
When the DRQ_STAT bit is set, the IDE core permits both data reads
and data writes, regardless of whether the current transfer was
initiated as a read or write.
This potentially leaks uninitialized host memory into the guest,
if, before doing anything else to an IDE device, the guest begins a
write transaction (e.g. WIN_WRITE), but then *reads* from the IO
port instead of writing to it.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Luiz Capitulino [Fri, 1 Jul 2011 13:46:13 +0000 (10:46 -0300)]
block: drive_init(): Improve CHS setting error message
The current message doesn't clearly communicate the error cause.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Luiz Capitulino [Fri, 1 Jul 2011 13:46:12 +0000 (10:46 -0300)]
block: drive_init(): Simplify interface type setting
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Markus Armbruster [Mon, 20 Jun 2011 09:35:18 +0000 (11:35 +0200)]
virtio-blk: Turn drive serial into a qdev property
It needs to be a qdev property, because it belongs to the drive's
guest part. Precedence: commit
a0fef654 and
6ced55a5.
Bonus: info qtree now shows the serial number.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Johannes Stezenbach [Wed, 29 Jun 2011 14:25:17 +0000 (16:25 +0200)]
block/raw-posix: Linux compat-ioctl warning workaround
On Linux x86_64 host with 32bit userspace, running
qemu or even just "qemu-img create -f qcow2 some.img 1G"
causes a kernel warning:
ioctl32(qemu-img:5296): Unknown cmd fd(3) cmd(
00005326){t:'S';sz:0} arg(
7fffffff) on some.img
ioctl32(qemu-img:5296): Unknown cmd fd(3) cmd(
801c0204){t:02;sz:28} arg(
fff77350) on some.img
ioctl
00005326 is CDROM_DRIVE_STATUS,
ioctl
801c0204 is FDGETPRM.
The warning appears because the Linux compat-ioctl handler for these
ioctls only applies to block devices, while qemu also uses the ioctls on
plain files. Work around by calling fstat() the ensure the ioctls are
only used on block devices.
Signed-off-by: Johannes Stezenbach <js@sig21.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Federico Simoncelli [Mon, 20 Jun 2011 16:48:19 +0000 (12:48 -0400)]
qemu-img: Add cache command line option
qemu-img currently writes disk images using writeback and filling
up the cache buffers which are then flushed by the kernel preventing
other processes from accessing the storage.
This is particularly bad in cluster environments where time-based
algorithms might be in place and accessing the storage within
certain timeouts is critical.
This patch adds the option to choose a cache method when writing
disk images.
Signed-off-by: Federico Simoncelli <fsimonce@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Kevin Wolf [Tue, 28 Jun 2011 11:41:07 +0000 (13:41 +0200)]
Documentation: Remove outdated host_device note
People shouldn't explicitly specify host_device any more. raw is doing the
Right Thing.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Vasily Khoruzhick [Fri, 17 Jun 2011 10:04:36 +0000 (13:04 +0300)]
pxa2xx_lcd: add proper rotation support
Until now, pxa2xx_lcd only supported 90deg rotation, but
some machines (for example Zipit Z2) needs 270deg rotation.
Signed-off-by: Vasily Khoruzhick <anarsoul@gmail.com>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Stefan Weil [Thu, 23 Jun 2011 15:53:48 +0000 (17:53 +0200)]
arm: Add const attribute to some arm_boot_info pointers
Parameter 'info' is const, so add the missing attribute.
v2:
Add 'const' to the local variable info in do_cpu_reset() and to
the boot_info field in CPUARMState (suggested by Peter Maydell).
Cc: Andrzej Zaborowski <balrogg@gmail.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Hervé Poussineau [Sat, 2 Jul 2011 15:23:00 +0000 (17:23 +0200)]
esp: correctly fill bus id with requested lun
This bug showed up after
1455084ea2c48abf23c4e4e15e378ee43457f381, and
may be seen only on operating systems *not* using DMA to give commands
to SCSI adapter.
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Sat, 28 May 2011 08:27:20 +0000 (08:27 +0000)]
TCG/PPC: use stack for TCG temps
Use stack instead of temp_buf array in CPUState for TCG temps.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Artyom Tarasenko [Fri, 1 Jul 2011 19:28:42 +0000 (21:28 +0200)]
fix cpu_cc_src and cpu_cc_src2 corruption in udivx and sdivx
udivx and sdvix don't modify condition flags, so they shall not
overwrite cpu_cc_*
Signed-off-by: Artyom Tarasenko <atar4qemu@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Fri, 1 Jul 2011 21:12:50 +0000 (21:12 +0000)]
Merge branch 'ppc-next' of git://repo.or.cz/qemu/agraf
* 'ppc-next' of git://repo.or.cz/qemu/agraf:
PPC: move TLBs to their own arrays
PPC: 440: Use 440 style MMU as default, so Qemu knows the MMU type
PPC: E500: Use MAS registers instead of internal TLB representation
PPC: Only set lower 32bits with mtmsr
PPC: update openbios firmware
PPC: mpc8544ds: Add hypervisor node
PPC: calculate kernel,initrd,cmdline locations dynamically
target-ppc: Handle memory-forced I/O controller access
PPC: E500: Implement reboot controller
Richard Henderson [Mon, 20 Jun 2011 22:10:49 +0000 (15:10 -0700)]
tcg-hppa: Support deposit opcode.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Richard Henderson [Mon, 20 Jun 2011 22:02:29 +0000 (15:02 -0700)]
hppa: Fix printf warnings in hppa-dis.c.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Sat, 28 May 2011 07:55:47 +0000 (07:55 +0000)]
TCG/HPPA: use stack for TCG temps
Use stack instead of temp_buf array in CPUState for TCG temps.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Sat, 28 May 2011 07:49:35 +0000 (07:49 +0000)]
TCG/HPPA: use TCG_REG_CALL_STACK instead of TCG_REG_SP
Use TCG_REG_CALL_STACK instead of TCG_REG_SP for consistency.
Acked-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Edgar E. Iglesias [Thu, 30 Jun 2011 08:52:22 +0000 (10:52 +0200)]
etraxfs-ser: Correct default value for RW_REC_CTRL
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Edgar E. Iglesias [Tue, 28 Jun 2011 18:57:09 +0000 (20:57 +0200)]
user: Fix -d debug logging for usermode emulation
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Edgar E. Iglesias [Tue, 28 Jun 2011 18:52:37 +0000 (20:52 +0200)]
cris: Handle opcode zero
It's a valid branch pc + 2.
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
malc [Mon, 27 Jun 2011 22:27:52 +0000 (02:27 +0400)]
tcg/ppc64: Remove tcg_out_addi
The only user (within tcg.c) was removed
Signed-off-by: malc <av1474@comtv.ru>
malc [Mon, 27 Jun 2011 22:26:06 +0000 (02:26 +0400)]
tcg/ppc: Remove tcg_out_addi
The only user (within tcg.c) was removed
Signed-off-by: malc <av1474@comtv.ru>
Anthony Liguori [Mon, 27 Jun 2011 19:59:08 +0000 (14:59 -0500)]
Merge remote-tracking branch 'kraxel/usb.17' into staging
Anthony Liguori [Mon, 27 Jun 2011 16:27:15 +0000 (11:27 -0500)]
Merge remote-tracking branch 'amit/for-anthony' into staging
Anthony Liguori [Mon, 27 Jun 2011 16:26:47 +0000 (11:26 -0500)]
Merge remote-tracking branch 'riku/linux-user-for-upstream' into staging
Anthony Liguori [Mon, 27 Jun 2011 16:25:23 +0000 (11:25 -0500)]
Merge remote-tracking branch 'stefanha/trivial-patches' into staging
Stefan Weil [Sun, 26 Jun 2011 19:29:13 +0000 (19:29 +0000)]
vnc: Fix compilation with --enable-vnc-png
Commit
f26e428da505709ec03b2ed2c9eb3db82b30bd7b fixed compilation
with --enable-vnc-png, but broke it with --enable-vnc-png.
The breakage is caused by pngconfig.h which checks whether
setjmp.h was already included and fails because qemu-common.h
includes setjmp.h.
The check is disabled by defining PNG_SKIP_SETJMP_CHECK.
Cc: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Luiz Capitulino [Fri, 17 Jun 2011 18:58:08 +0000 (15:58 -0300)]
virtio-serial: Fix segfault on guest boot
If I start qemu with:
# qemu -hda disks/test.img -enable-kvm -m 1G -snapshot \
-device virtio-serial \
-chardev socket,host=localhost,port=1234,server,nowait,id=foo \
-device virtserialport,chardev=foo,name=org.qemu.guest_agent
I get a segfault when booting a Fedora 14 guest. The backtrace says:
Program terminated with signal 11, Segmentation fault.
#0 0x0000000000420850 in handle_control_message (vser=0x3732bd0, buf=0x2c173e0, len=8) at /home/lcapitulino/src/qmp-unstable/hw/virtio-serial-bus.c:335
335 info = DO_UPCAST(VirtIOSerialPortInfo, qdev, port->dev.info);
What's happening is VIRTIO_CONSOLE_DEVICE_READY is a message for the
whole device, not for an individual port. So port is NULL. This bug was
introduced by commit
a15bb0d6a981de749452a5180fc8084d625671da.
This commit fixes that by making the port returned by find_port_by_id()
be used only by the VIRTIO_CONSOLE_PORT_READY and
VIRTIO_CONSOLE_PORT_OPEN messages.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Roy Tam [Sat, 18 Jun 2011 05:13:39 +0000 (13:13 +0800)]
Fix MinGW compilation when --enable-vnc-jpeg is specified
Fix conflicting types for 'INT32' in basetsd.h and jmorecfg.h by
including qemu-common.h first.
Signed-off-by: Roy Tam <roytam@gmail.com>
Acked-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Sat, 14 May 2011 17:06:56 +0000 (17:06 +0000)]
TCG/Sparc64: use stack for TCG temps
Use stack instead of temp_buf array in CPUState for TCG temps.
On Sparc64, stack pointer is not aligned but there is a fixed bias of 2047,
so don't try to enforce alignment.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Sat, 14 May 2011 13:14:45 +0000 (13:14 +0000)]
TCG/x86: use stack for TCG temps
Use stack instead of temp_buf array in CPUState for TCG
temps.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Sat, 28 May 2011 06:51:52 +0000 (06:51 +0000)]
TCG/x86: use TCG_REG_CALL_STACK instead of TCG_REG_ESP
Except for specific cases where the use of %esp changes the encoding of
the instruction, it's cleaner to use TCG_REG_CALL_STACK instead of
TCG_REG_ESP.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Sat, 28 May 2011 07:13:05 +0000 (07:13 +0000)]
TCG: remove broken stack allocation for call arguments
The code for stack allocation for call arguments is way too simplistic
to actually work on targets with non-trivial stack allocation policies,
e.g. ppc64. We've also already allocated TCG_STATIC_CALL_ARGS_SIZE worth
of stack for calls which should be well more than any helper needs.
Remove broken dynamic stack allocation code and replace it with an assert.
Should dynamic stack allocation ever be needed again, target specific
functions should be added.
Thanks to Richard Henderson for the analysis.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Sat, 14 May 2011 14:03:22 +0000 (14:03 +0000)]
TCG: fix negative frame offset calculations
size_t is unsigned, so the frame offset calculations can be incorrect for
negative offsets.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Sat, 14 May 2011 12:58:04 +0000 (12:58 +0000)]
Delegate setup of TCG temporaries to targets
Delegate TCG temp_buf setup to targets, so that they can use a stack
frame later instead.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Sun, 15 May 2011 16:03:25 +0000 (16:03 +0000)]
cpu-exec.c: avoid AREG0 use
Make functions take a parameter for CPUState instead of relying
on global env. Pass CPUState pointer to TCG prologue, which moves
it to AREG0.
Thanks to Peter Maydell and Laurent Desnogues for the ARM prologue
change.
Revert the hacks to avoid AREG0 use on Sparc hosts.
Move cpu_has_work() and cpu_pc_from_tb() from exec.h to cpu.h.
Compile the file without HELPER_CFLAGS.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Sun, 19 Jun 2011 20:38:22 +0000 (20:38 +0000)]
Remove exec-all.h include directives
Most exec-all.h include directives are now useless, remove them.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Sat, 21 May 2011 07:10:23 +0000 (07:10 +0000)]
Move cpu_has_work and cpu_pc_from_tb to cpu.h
Move functions cpu_has_work() and cpu_pc_from_tb() from exec.h to cpu.h. This is
needed by later patches.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Sat, 21 May 2011 12:16:05 +0000 (12:16 +0000)]
exec.h: fix coding style and change cpu_has_work to return bool
Before the next patch, fix coding style of the areas affected.
Change the type of the return value from cpu_has_work() and
qemu_cpu_has_work() to bool.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Sat, 21 May 2011 08:17:08 +0000 (08:17 +0000)]
cpu-exec: unify do_interrupt call
Now that all targets use common function signature for do_interrupt(), there is no
need for the #ifdeffery anymore.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Sat, 21 May 2011 07:55:24 +0000 (07:55 +0000)]
m68k: use caller supplied CPUState for interrupt related stuff
Pass CPUState to do_interrupt(). This is needed by later patches.
It would be cleaner to move the function to helper.c, but there are
a few dependencies between do_interrupt() and other functions.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Mon, 16 May 2011 19:38:48 +0000 (19:38 +0000)]
x86: use caller supplied CPUState for interrupt related stuff
Several x86 specific functions are called from cpu-exec.c with the
assumption that global env register is valid. This will be changed
later, so make the functions use caller supplied CPUState parameter.
It would be cleaner to move the functions to helper.c, but there are
quite a lot of dependencies between do_interrupt() and other functions.
Add helpers for svm_check_intercept() and cpu_cc_compute_all() instead
of calling the helper (which uses global env, AREG0) directly.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Sun, 15 May 2011 16:11:04 +0000 (16:11 +0000)]
sparc: move do_interrupt to helper.c
do_interrupt() was mixing CPUState pointer passed from caller
and global env (AREG0).
Fix by moving the function to helper.c. Introduce a helper for calling
change_pstate() safely from outside of execution context.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Sat, 21 May 2011 11:41:50 +0000 (11:41 +0000)]
sparc: fix coding style of the area to be moved
Before the next patch, fix coding style of the areas affected.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Sat, 14 May 2011 12:52:35 +0000 (12:52 +0000)]
cpu_loop_exit: avoid using AREG0
Make cpu_loop_exit() take a parameter for CPUState instead of relying
on global env.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Sat, 18 Jun 2011 20:27:05 +0000 (20:27 +0000)]
Sparc32: dummy implementation of MXCC MMU breakpoint registers
Add dummy registers for SuperSPARC MXCC MMU counter breakpoints, save
and load all MXCC registers.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Jan Kiszka [Thu, 23 Jun 2011 08:05:12 +0000 (10:05 +0200)]
Fix fallouts from Linux header inclusion
This is an all-in-one fix for the smaller and bigger mistakes of the
build system changes for accompanied Linux headers:
- only enable KVM and vhost on Linux hosts
- fix powerpc asm header symlink
- do not use Linux headers on non-Linux hosts
- fix kvmclock for !CONFIG_KVM
- fix s390 build on non-Linux hosts
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Tested-by: Andreas Färber <andreas.faerber@web.de>
Tested-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Marc-Antoine Perennou [Fri, 29 Apr 2011 05:59:19 +0000 (05:59 +0000)]
qemu-kvm: fix pulseaudio detection in configure
pulse/simple.h does not include stdlib.h
We cannot use NULL since it may not be defined
Use 0 instead
Signed-off-by: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Juan Quintela [Thu, 2 Jun 2011 01:53:44 +0000 (01:53 +0000)]
exec: last_first_tb was only used in !ONLY_USER case
Once there, use a better variable name.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Stefan Weil [Fri, 24 Jun 2011 10:15:49 +0000 (12:15 +0200)]
w32: Remove redundant definitions of PRI*64
The PRI*64 macros are defined in MinGW's inttypes.h since 2002,
so they are not needed in qemu-common.h (which includes inttypes.h).
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Jan Kiszka [Thu, 23 Jun 2011 08:15:55 +0000 (10:15 +0200)]
Do not include compatfd for WIN32
sigset_t, used by that header, is not available in mingw32 environments.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Matthew Fernandez [Thu, 23 Jun 2011 00:59:26 +0000 (10:59 +1000)]
Fix comment typos in hw/armv7m.c
Fix a couple of typos in comments.
Signed-off-by: Matthew Fernandez <matthew.fernandez@gmail.com>
Acked-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Peter Maydell [Wed, 22 Jun 2011 14:45:01 +0000 (15:45 +0100)]
MAINTAINERS: Fix typo in email address
Fix a typo in one of the copies of Aurelien Jarno's email address.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Markus Armbruster [Wed, 22 Jun 2011 12:03:57 +0000 (14:03 +0200)]
blockdev: Put space after comma in error message
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Markus Armbruster [Wed, 22 Jun 2011 12:03:56 +0000 (14:03 +0200)]
Spell "unkown" correctly in error_report() arguments
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Markus Armbruster [Wed, 22 Jun 2011 12:03:55 +0000 (14:03 +0200)]
qemu-img: Don't prepend qemu-img to error messages twice.
error_report() prepends the location already. Example:
$ qemu-img convert -6
qemu-img: qemu-img: option -6 is deprecated, please use '-o compat6' instead!
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Markus Armbruster [Wed, 22 Jun 2011 12:03:54 +0000 (14:03 +0200)]
Strip trailing '\n' from error_report()'s first argument
error_report() prepends location, and appends a newline. The message
constructed from the arguments should not contain a newline. Fix the
obvious offenders.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Markus Armbruster [Wed, 22 Jun 2011 12:03:53 +0000 (14:03 +0200)]
sheepdog: qemu_bh_new() can't return null pointer, drop check
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>