sdk/emulator/qemu.git
12 years agobt: replace fragile snprintf use and unwarranted strncpy
Jim Meyering [Thu, 4 Oct 2012 11:09:55 +0000 (13:09 +0200)]
bt: replace fragile snprintf use and unwarranted strncpy

In bt_hci_name_req a failed snprintf could return len larger than
sizeof(params.name), which means the following memset call would
have a "length" value of (size_t)-1, -2, etc...  Sounds scary.
But currently, one can deduce that there is no problem:
strlen(slave->lmp_name) is guaranteed to be smaller than
CHANGE_LOCAL_NAME_CP_SIZE, which is the same as sizeof(params.name),
so this cannot happen.  Regardless, there is no justification for
using snprintf+memset.  Use pstrcpy instead.

Also, in bt_hci_event_complete_read_local_name, use pstrcpy in place
of unwarranted strncpy.

Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoui/vnc: simplify and avoid strncpy
Jim Meyering [Thu, 4 Oct 2012 11:09:54 +0000 (13:09 +0200)]
ui/vnc: simplify and avoid strncpy

Don't bother with strncpy.  There's no need for its zero-fill.
Use g_strndup in place of g_malloc+strncpy+NUL-terminate.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agolinux-user: remove two unchecked uses of strdup
Jim Meyering [Thu, 4 Oct 2012 11:09:53 +0000 (13:09 +0200)]
linux-user: remove two unchecked uses of strdup

Remove two uses of strdup (use g_path_get_basename instead),
and add a comment that this strncpy use is ok.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoppc: avoid buffer overrun: use pstrcpy, not strncpy
Jim Meyering [Thu, 4 Oct 2012 11:09:52 +0000 (13:09 +0200)]
ppc: avoid buffer overrun: use pstrcpy, not strncpy

A terminal NUL is required by caller's use of strchr.
It's better not to use strncpy at all, since there is no need
to zero out hundreds of trailing bytes for each iteration.

Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoos-posix: avoid buffer overrun
Jim Meyering [Thu, 4 Oct 2012 11:09:51 +0000 (13:09 +0200)]
os-posix: avoid buffer overrun

os_set_proc_name: Use pstrcpy, in place of strncpy and the
ineffectual preceding assignment: name[sizeof(name) - 1] = 0;

Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agolm32: avoid buffer overrun
Jim Meyering [Thu, 4 Oct 2012 11:09:50 +0000 (13:09 +0200)]
lm32: avoid buffer overrun

Actually do what the comment says, using pstrcpy NUL-terminate:
strncpy does not always do that.

Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agohw/9pfs: avoid buffer overrun
Jim Meyering [Thu, 4 Oct 2012 11:09:49 +0000 (13:09 +0200)]
hw/9pfs: avoid buffer overrun

v9fs_add_dir_node and qemu_v9fs_synth_add_file used strncpy
to form node->name, which requires NUL-termination, but
strncpy does not ensure NUL-termination.
Use pstrcpy, which does.

Acked-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agovmdk: relative_path: use pstrcpy in place of strncpy
Jim Meyering [Thu, 4 Oct 2012 11:09:48 +0000 (13:09 +0200)]
vmdk: relative_path: use pstrcpy in place of strncpy

Avoid strncpy+manual-NUL-terminate.  Use pstrcpy instead.

Acked-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agosheepdog: avoid a few buffer overruns
Jim Meyering [Thu, 4 Oct 2012 11:09:47 +0000 (13:09 +0200)]
sheepdog: avoid a few buffer overruns

* parse_vdiname: Use pstrcpy, not strncpy, when the destination
buffer must be NUL-terminated.
* sd_open: Likewise, avoid buffer overrun.
* do_sd_create: Likewise.  Leave the preceding memset, since
pstrcpy does not NUL-fill, and filename needs that.
* sd_snapshot_create: Add a comment/question.
* find_vdi_name: Remove a useless memset.
* sd_snapshot_goto: Remove a useless memset.
Use pstrcpy to NUL-terminate, because find_vdi_name requires
that its vdi arg (filename parameter) be NUL-terminated.
It seems ok not to NUL-fill the buffer.
Do the same for snapid: remove useless memset-0 (instead,
zero tag[0]).  Use pstrcpy, not strncpy.
* sd_snapshot_list: Use pstrcpy, not strncpy to write
into the ->name member.  Each must be NUL-terminated.

Acked-by: Kevin Wolf <kwolf@redhat.com>
Acked-by: MORITA Kazutaka <morita.kazutaka@lab.ntt.co.jp>
Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoblock: avoid buffer overrun by using pstrcpy, not strncpy
Jim Meyering [Thu, 4 Oct 2012 11:09:46 +0000 (13:09 +0200)]
block: avoid buffer overrun by using pstrcpy, not strncpy

Also, use PATH_MAX, rather than the arbitrary 1024.
Using PATH_MAX is more consistent with other filename-related
variables in this file, like backing_filename and tmp_filename.

Acked-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agosparc: use g_strdup in place of unchecked strdup
Jim Meyering [Thu, 4 Oct 2012 11:09:45 +0000 (13:09 +0200)]
sparc: use g_strdup in place of unchecked strdup

This avoids a NULL-deref upon strdup failure.
Also update matching free to g_free.

Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoscsi, pci, qdev, isa-bus, sysbus: don't let *_get_fw_dev_path return NULL
Jim Meyering [Thu, 4 Oct 2012 11:09:44 +0000 (13:09 +0200)]
scsi, pci, qdev, isa-bus, sysbus: don't let *_get_fw_dev_path return NULL

Use g_strdup rather than strdup, because the sole caller
(qdev_get_fw_dev_path_helper) assumes it gets non-NULL, and dereferences
it.  Besides, in that caller, the allocated buffer is already freed with
g_free, so it's better to allocate with a matching g_strdup.

In one case, (scsi-bus.c) it was trivial, so I replaced an snprintf+
g_strdup combination with an equivalent g_strdup_printf use.

Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoMerge remote-tracking branch 'sstabellini/xen-2012-10-03' into staging
Anthony Liguori [Fri, 5 Oct 2012 00:56:26 +0000 (19:56 -0500)]
Merge remote-tracking branch 'sstabellini/xen-2012-10-03' into staging

* sstabellini/xen-2012-10-03:
  xen: Set the vram dirty when an error occur.
  exec, memory: Call to xen_modified_memory.
  exec: Introduce helper to set dirty flags.
  xen: Introduce xen_modified_memory.
  QMP, Introduce xen-set-global-dirty-log command.
  qemu/xen: Add 64 bits big bar support on qemu
  xen: Fix, no unplug of pt device by platform device.

12 years agoMerge remote-tracking branch 'kwolf/for-anthony' into staging
Anthony Liguori [Fri, 5 Oct 2012 00:53:50 +0000 (19:53 -0500)]
Merge remote-tracking branch 'kwolf/for-anthony' into staging

* kwolf/for-anthony: (30 commits)
  qemu-iotests: add tests for streaming error handling
  qemu-iotests: map underscore to dash in QMP argument names
  blkdebug: process all set_state rules in the old state
  stream: add on-error argument
  block: introduce block job error
  iostatus: reorganize io error code
  iostatus: change is_read to a bool
  iostatus: move BlockdevOnError declaration to QAPI
  iostatus: rename BlockErrorAction, BlockQMPEventAction
  qemu-iotests: add test for pausing a streaming operation
  qmp: add block-job-pause and block-job-resume
  block: add support for job pause/resume
  qmp: add 'busy' member to BlockJobInfo
  block: add block_job_query
  block: move job APIs to separate files
  block: fix documentation of block_job_cancel_sync
  qerror/block: introduce QERR_BLOCK_JOB_NOT_ACTIVE
  qemu-iotests: add initial tests for live block commit
  QAPI: add command for live block commit, 'block-commit'
  block: helper function, to find the base image of a chain
  ...

12 years agoMerge remote-tracking branch 'qmp/queue/qmp' into staging
Anthony Liguori [Fri, 5 Oct 2012 00:52:09 +0000 (19:52 -0500)]
Merge remote-tracking branch 'qmp/queue/qmp' into staging

* qmp/queue/qmp:
  block: live snapshot documentation tweaks
  input: index_from_key(): drop unused code
  qmp: qmp_send_key(): accept key codes in hex
  input: qmp_send_key(): simplify
  hmp: dump-guest-memory: hardcode protocol argument to "file:"
  qmp: dump-guest-memory: don't spin if non-blocking fd would block
  qmp: dump-guest-memory: improve schema doc (again)
  qapi: convert add_client
  monitor: add Error * argument to monitor_get_fd
  pci-assign: use monitor_handle_fd_param
  qapi: add "unix" to the set of reserved words
  qapi: do not protect enum values from namespace pollution
  Add qemu-ga-client script
  Support settimeout in QEMUMonitorProtocol
  Make negotiation optional in QEMUMonitorProtocol

12 years agoMerge remote-tracking branch 'mst/tags/for_anthony' into staging
Anthony Liguori [Fri, 5 Oct 2012 00:50:33 +0000 (19:50 -0500)]
Merge remote-tracking branch 'mst/tags/for_anthony' into staging

* mst/tags/for_anthony:
  virtio-serial-bus: let chardev know the exact number of bytes requested
  virtio: Introduce virtqueue_get_avail_bytes()
  virtio: use unsigned int for counting bytes in vq
  iov: add const annotation
  virtio-net: fix used len for tx
  virtio: don't mark unaccessed memory as dirty

12 years agoMerge remote-tracking branch 'kraxel/usb.66' into staging
Anthony Liguori [Fri, 5 Oct 2012 00:49:15 +0000 (19:49 -0500)]
Merge remote-tracking branch 'kraxel/usb.66' into staging

* kraxel/usb.66:
  usb: Fix usb_packet_map() in the presence of IOMMUs
  usb-redir: Adjust pkg-config check for usbredirparser .pc file rename (v2)
  ehci: Fix interrupt packet MULT handling
  xhci: create a memory region for each port
  xhci: route string & usb hub support
  xhci: tweak limits
  compat: turn off msi/msix on xhci for old machine types
  add pc-1.3 machine type

Conflicts:
hw/pc_piix.c

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoMake target_phys_addr_t 64 bits unconditionally
Avi Kivity [Thu, 4 Oct 2012 10:36:04 +0000 (12:36 +0200)]
Make target_phys_addr_t 64 bits unconditionally

The hassle and compile time overhead of maintaining both 32-bit and 64-bit
capable source isn't worth the tiny performance advantage which is seen on
a minority of configurations.  Switch to compiling libhw only once, with
target_phys_addr_t unconditionally typedefed to uint64_t.

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoxen: Set the vram dirty when an error occur.
Anthony PERARD [Wed, 3 Oct 2012 13:49:40 +0000 (13:49 +0000)]
xen: Set the vram dirty when an error occur.

If the call to xc_hvm_track_dirty_vram() fails, then we set dirtybit on all the
video ram. This case happens during migration.

Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
12 years agoexec, memory: Call to xen_modified_memory.
Anthony PERARD [Wed, 3 Oct 2012 13:49:22 +0000 (13:49 +0000)]
exec, memory: Call to xen_modified_memory.

This patch add some calls to xen_modified_memory to notify Xen about dirtybits
during migration.

Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Reviewed-by: Avi Kivity <avi@redhat.com>
12 years agoexec: Introduce helper to set dirty flags.
Anthony PERARD [Wed, 3 Oct 2012 13:49:05 +0000 (13:49 +0000)]
exec: Introduce helper to set dirty flags.

This new helper/hook is used in the next patch to add an extra call in a single
place.

Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Reviewed-by: Avi Kivity <avi@redhat.com>
12 years agoxen: Introduce xen_modified_memory.
Anthony PERARD [Wed, 3 Oct 2012 13:48:45 +0000 (13:48 +0000)]
xen: Introduce xen_modified_memory.

This function is to be used during live migration. Every write access to the
guest memory should call this funcion so the Xen tools knows which pages are
dirty.

Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
12 years agoQMP, Introduce xen-set-global-dirty-log command.
Anthony PERARD [Wed, 3 Oct 2012 13:48:19 +0000 (13:48 +0000)]
QMP, Introduce xen-set-global-dirty-log command.

This command is used during a migration of a guest under Xen. It calls
memory_global_dirty_log_start or memory_global_dirty_log_stop according to the
argument pass to the command.

Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
12 years agoqemu/xen: Add 64 bits big bar support on qemu
Xudong Hao [Wed, 3 Oct 2012 13:46:23 +0000 (13:46 +0000)]
qemu/xen: Add 64 bits big bar support on qemu

Currently it is assumed PCI device BAR access < 4G memory. If there is such a
device whose BAR size is larger than 4G, it must access > 4G memory address.
This patch enable the 64bits big BAR support on qemu.

Signed-off-by: Xudong Hao <xudong.hao@intel.com>
Signed-off-by: Xiantao Zhang <xiantao.zhang@intel.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
12 years agoxen: Fix, no unplug of pt device by platform device.
Anthony PERARD [Wed, 3 Oct 2012 13:45:24 +0000 (13:45 +0000)]
xen: Fix, no unplug of pt device by platform device.

The Xen platform device will unplug any NICs if requested by the guest (PVonHVM)
including a NIC that would have been passthrough. This patch makes sure that a
passthrough device will not be unplug.

Reported-by: "Zhang, Yang Z" <yang.z.zhang@intel.com>
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
12 years agofpu/softfloat.c: Return correctly signed values from uint64_to_float32
Peter Maydell [Fri, 28 Sep 2012 15:17:03 +0000 (16:17 +0100)]
fpu/softfloat.c: Return correctly signed values from uint64_to_float32

The uint64_to_float32() conversion function was incorrectly always
returning numbers with the sign bit set (ie negative numbers). Correct
this so we return positive numbers instead.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agofpu/softfloat.c: Remove pointless shift of always-zero value
Peter Maydell [Mon, 24 Sep 2012 16:28:35 +0000 (17:28 +0100)]
fpu/softfloat.c: Remove pointless shift of always-zero value

In float16_to_float32, when returning an infinity, just pass zero
as the mantissa argument to packFloat32(), rather than shifting
a value which we know must be zero.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agovfio_pci: fix build on 32-bit systems
Anthony Liguori [Mon, 1 Oct 2012 18:40:15 +0000 (13:40 -0500)]
vfio_pci: fix build on 32-bit systems

We cannot cast directly from pointer to uint64.

Cc: Alex Williamson <alex.williamson@redhat.com>
Cc: Alex Barcelo <abarcelo@ac.upc.edu>
Reported-by: Alex Barcelo <abarcelo@ac.upc.edu>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agovfio: Enable vfio-pci and mark supported
Alex Williamson [Wed, 26 Sep 2012 17:19:39 +0000 (11:19 -0600)]
vfio: Enable vfio-pci and mark supported

Enabled for all softmmu guests supporting PCI on Linux hosts.  Note
that currently only x86 hosts have the kernel side VFIO IOMMU support
for this.  PPC (g3beige) is the only non-x86 guest known to work.
ARM (veratile) hangs in firmware, others untested.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agovfio: vfio-pci device assignment driver
Alex Williamson [Wed, 26 Sep 2012 17:19:32 +0000 (11:19 -0600)]
vfio: vfio-pci device assignment driver

This adds the core of the QEMU VFIO-based PCI device assignment driver.
To make use of this driver, enable CONFIG_VFIO, CONFIG_VFIO_IOMMU_TYPE1,
and CONFIG_VFIO_PCI in your host Linux kernel config.  Load the vfio-pci
module.  To assign device 0000:05:00.0 to a guest, do the following:

for dev in $(ls /sys/bus/pci/devices/0000:05:00.0/iommu_group/devices); do
    vendor=$(cat /sys/bus/pci/devices/$dev/vendor)
    device=$(cat /sys/bus/pci/devices/$dev/device)
    if [ -e /sys/bus/pci/devices/$dev/driver ]; then
        echo $dev > /sys/bus/pci/devices/$dev/driver/unbind
    fi
    echo $vendor $device > /sys/bus/pci/drivers/vfio-pci/new_id
done

See Documentation/vfio.txt in the Linux kernel tree for further
description of IOMMU groups and VFIO.

Then launch qemu including the option:

-device vfio-pci,host=0000:05:00.0

Legacy PCI interrupts (INTx) currently makes use of a kludge where we
trap BAR accesses and assume the access is in response to an interrupt,
therefore de-asserting and unmasking the interrupt.  It's not quite as
targetted as using the EOI for this, but it's self contained and seems
to work across all architectures.  The side-effect is a significant
performance slow-down for device in INTx mode.  Some devices, like
graphics cards, don't really use their interrupt, so this can be turned
off with the x-intx=off option, which disables INTx alltogether.  This
should be considered an experimental option until we refine this code.
Both MSI and MSI-X are supported and avoid these issues.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoUpdate Linux kernel headers
Alex Williamson [Wed, 26 Sep 2012 17:19:25 +0000 (11:19 -0600)]
Update Linux kernel headers

Based on Linux as of 1a95620.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoUpdate kernel header script to include vfio
Alex Williamson [Wed, 26 Sep 2012 17:19:18 +0000 (11:19 -0600)]
Update kernel header script to include vfio

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agox86: Implement SMEP and SMAP
H. Peter Anvin [Wed, 26 Sep 2012 20:18:43 +0000 (13:18 -0700)]
x86: Implement SMEP and SMAP

This patch implements Supervisor Mode Execution Prevention (SMEP) and
Supervisor Mode Access Prevention (SMAP) for x86.  The purpose of the
patch, obviously, is to help kernel developers debug the support for
those features.

A fair bit of the code relates to the handling of CPUID features.  The
CPUID code probably would get greatly simplified if all the feature
bit words were unified into a single vector object, but in the
interest of producing a minimal patch for SMEP/SMAP, and because I had
very limited time for this project, I followed the existing style.

[ v2: don't change the definition of the qemu64 CPU shorthand, since
  that breaks loading old snapshots.  Per Anthony Liguori this can be
  fixed once the CPU feature set is snapshot.

  Change the coding style slightly to conform to checkpatch.pl. ]

Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoi386: -cpu help: remove reference to specific CPUID leaves/registers
Eduardo Habkost [Thu, 6 Sep 2012 10:05:39 +0000 (10:05 +0000)]
i386: -cpu help: remove reference to specific CPUID leaves/registers

The -cpu configuration interface is based on a list of feature names or
properties, on a single namespace, so there's no need to mention on
which CPUID leaf/register each flag is located.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Don Slutz <Don@CloudSwitch.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
12 years agoi386: cpu: eliminate duplicate feature names
Eduardo Habkost [Thu, 6 Sep 2012 10:05:38 +0000 (10:05 +0000)]
i386: cpu: eliminate duplicate feature names

Instead of having duplicate feature names on the ext2_feature array for
the AMD feature bit aliases, we keep the feature names only on the
feature_name[] array, and copy the corresponding bits to
cpuid_ext2_features in case the CPU vendor is AMD.

This will:

- Make sure we don't set the feature bit aliases on Intel CPUs;
- Make it easier to convert feature bits to CPU properties, as now we
  have a single bit on the x86_def_t struct for each CPU feature.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Don Slutz <Don@CloudSwitch.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
12 years agoi386: cpu: replace EXT2_FEATURE_MASK with CPUID_EXT2_AMD_ALIASES
Eduardo Habkost [Thu, 6 Sep 2012 10:05:37 +0000 (10:05 +0000)]
i386: cpu: replace EXT2_FEATURE_MASK with CPUID_EXT2_AMD_ALIASES

Both constants have the same value, but CPUID_EXT2_AMD_ALIASES is
defined without using magic numbers.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Don Slutz <Don@CloudSwitch.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
12 years agoi386: kvm: use a #define for the set of alias feature bits
Eduardo Habkost [Thu, 6 Sep 2012 10:05:36 +0000 (10:05 +0000)]
i386: kvm: use a #define for the set of alias feature bits

Instea of using a hardcoded hex constant, define CPUID_EXT2_AMD_ALIASES
as the set of CPUID[8000_0001].EDX bits that on AMD are the same as the
bits of CPUID[1].EDX.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-By: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Don Slutz <Don@CloudSwitch.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
12 years agoi386: kvm: bit 10 of CPUID[8000_0001].EDX is reserved
Eduardo Habkost [Thu, 6 Sep 2012 10:05:35 +0000 (10:05 +0000)]
i386: kvm: bit 10 of CPUID[8000_0001].EDX is reserved

Bit 10 of CPUID[8000_0001].EDX is not defined as an alias of
CPUID[1].EDX[10], so do not duplicate it on
kvm_arch_get_supported_cpuid().

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-By: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Don Slutz <Don@CloudSwitch.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
12 years agoqemu-iotests: add tests for streaming error handling
Paolo Bonzini [Fri, 28 Sep 2012 15:23:02 +0000 (17:23 +0200)]
qemu-iotests: add tests for streaming error handling

Add a test for each of report/ignore/stop.  The tests use blkdebug
to generate an error in the middle of a script.  The error is
recoverable (once = "on") so that we can test resuming a job after
stopping for an error.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoqemu-iotests: map underscore to dash in QMP argument names
Paolo Bonzini [Fri, 28 Sep 2012 15:23:01 +0000 (17:23 +0200)]
qemu-iotests: map underscore to dash in QMP argument names

iotests.py provides a convenience function that uses Python keyword
arguments to represent QMP command arguments.  However, almost all
QMP commands use dashes for argument names (the sole exception is
block_set_io_throttle), and dashes are not allowed in a keyword
argument name.  Hence provide automatic conversion of underscores
to dashes.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblkdebug: process all set_state rules in the old state
Paolo Bonzini [Fri, 28 Sep 2012 15:23:00 +0000 (17:23 +0200)]
blkdebug: process all set_state rules in the old state

Currently it is impossible to write a blkdebug script that ping-pongs
between two states, because the second set-state rule will use the
state that is set in the first.  If you have

    [set-state]
    event = "..."
    state = "1"
    new_state = "2"

    [set-state]
    event = "..."
    state = "2"
    new_state = "1"

for example the state will remain locked at 1.  This can be fixed
by first processing all rules, and then setting the state.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agostream: add on-error argument
Paolo Bonzini [Fri, 28 Sep 2012 15:22:59 +0000 (17:22 +0200)]
stream: add on-error argument

This patch adds support for error management to streaming.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: introduce block job error
Paolo Bonzini [Fri, 28 Sep 2012 15:22:58 +0000 (17:22 +0200)]
block: introduce block job error

The following behaviors are possible:

'report': The behavior is the same as in 1.1.  An I/O error,
respectively during a read or a write, will complete the job immediately
with an error code.

'ignore': An I/O error, respectively during a read or a write, will be
ignored.  For streaming, the job will complete with an error and the
backing file will be left in place.  For mirroring, the sector will be
marked again as dirty and re-examined later.

'stop': The job will be paused and the job iostatus will be set to
failed or nospace, while the VM will keep running.  This can only be
specified if the block device has rerror=stop and werror=stop or enospc.

'enospc': Behaves as 'stop' for ENOSPC errors, 'report' for others.

In all cases, even for 'report', the I/O error is reported as a QMP
event BLOCK_JOB_ERROR, with the same arguments as BLOCK_IO_ERROR.

It is possible that while stopping the VM a BLOCK_IO_ERROR event will be
reported and will clobber the event from BLOCK_JOB_ERROR, or vice versa.
This is not really avoidable since stopping the VM completes all pending
I/O requests.  In fact, it is already possible now that a series of
BLOCK_IO_ERROR events are reported with rerror=stop, because vm_stop
calls bdrv_drain_all and this can generate further errors.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoiostatus: reorganize io error code
Paolo Bonzini [Fri, 28 Sep 2012 15:22:57 +0000 (17:22 +0200)]
iostatus: reorganize io error code

Move the common part of IDE/SCSI/virtio error handling to the block
layer.  The new function bdrv_error_action subsumes all three of
bdrv_emit_qmp_error_event, vm_stop, bdrv_iostatus_set_err.

The same scheme will be used for errors in block jobs.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoiostatus: change is_read to a bool
Paolo Bonzini [Fri, 28 Sep 2012 15:22:56 +0000 (17:22 +0200)]
iostatus: change is_read to a bool

Do this while we are touching this part of the code, before introducing
more uses of "int is_read".

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoiostatus: move BlockdevOnError declaration to QAPI
Paolo Bonzini [Fri, 28 Sep 2012 15:22:55 +0000 (17:22 +0200)]
iostatus: move BlockdevOnError declaration to QAPI

This will let block-stream reuse the enum.  Places that used the enums
are renamed accordingly.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoiostatus: rename BlockErrorAction, BlockQMPEventAction
Paolo Bonzini [Fri, 28 Sep 2012 15:22:54 +0000 (17:22 +0200)]
iostatus: rename BlockErrorAction, BlockQMPEventAction

We want to remove knowledge of BLOCK_ERR_STOP_ENOSPC from drivers;
drivers should only be told whether to stop/report/ignore the error.
On the other hand, we want to keep using the nicer BlockErrorAction
name in the drivers.  So rename the enums, while leaving aside the
names of the enum values for now.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoqemu-iotests: add test for pausing a streaming operation
Paolo Bonzini [Fri, 28 Sep 2012 15:22:52 +0000 (17:22 +0200)]
qemu-iotests: add test for pausing a streaming operation

These check that a paused streaming job does not advance its offset.

Sometimes the new test fails; the map is different between the source
and the destination of the streaming because qemu-io does not always
pack adjacent clusters that have the same allocated/unallocated state.
However, this also happens with the existing test_stream testcase, and
is better fixed in qemu-io.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoqmp: add block-job-pause and block-job-resume
Paolo Bonzini [Fri, 28 Sep 2012 15:22:51 +0000 (17:22 +0200)]
qmp: add block-job-pause and block-job-resume

Add QMP commands matching the functionality.

Paused jobs cannot be canceled without first resuming them.  This
ensures that I/O errors are never missed by management.  However, an
optional force argument can be specified to allow that.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: add support for job pause/resume
Paolo Bonzini [Fri, 28 Sep 2012 15:22:50 +0000 (17:22 +0200)]
block: add support for job pause/resume

Job pausing reuses the existing support for cancellable sleeps.  A pause
happens at the next sleeping point and lasts until the coroutine is
re-entered explicitly.  Cancellation was already doing a forced resume,
so implement it explicitly in terms of resume.

Paused jobs cannot be canceled without first resuming them.  This ensures
that I/O errors are never missed by management.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoqmp: add 'busy' member to BlockJobInfo
Paolo Bonzini [Fri, 28 Sep 2012 15:22:49 +0000 (17:22 +0200)]
qmp: add 'busy' member to BlockJobInfo

Because pausing a job is asynchronous, we need to know whether it has
completed.  This is described by the "busy" field of BlockJob; copy it
to BlockJobInfo.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: add block_job_query
Paolo Bonzini [Fri, 28 Sep 2012 15:22:48 +0000 (17:22 +0200)]
block: add block_job_query

Extract it out of the implementation of info block-jobs.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: move job APIs to separate files
Paolo Bonzini [Fri, 28 Sep 2012 15:22:47 +0000 (17:22 +0200)]
block: move job APIs to separate files

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: fix documentation of block_job_cancel_sync
Paolo Bonzini [Fri, 28 Sep 2012 15:22:46 +0000 (17:22 +0200)]
block: fix documentation of block_job_cancel_sync

Do this in a separate commit before we move the functions to
blockjob.h.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoqerror/block: introduce QERR_BLOCK_JOB_NOT_ACTIVE
Paolo Bonzini [Fri, 28 Sep 2012 15:22:44 +0000 (17:22 +0200)]
qerror/block: introduce QERR_BLOCK_JOB_NOT_ACTIVE

The DeviceNotActive text is not a particularly good match, add
a separate text while keeping the same class.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoqemu-iotests: add initial tests for live block commit
Jeff Cody [Thu, 27 Sep 2012 17:29:17 +0000 (13:29 -0400)]
qemu-iotests: add initial tests for live block commit

Derived from the streaming test cases (030), this adds the
following 9 tests:

1. For the following image chain, commit [mid] into [backing],
   and use qemu-io to verify [backing] has its original data, as
   well as the data from [mid]

           [backing] <-- [mid] <-- [test]

2. Verifies that 'block-commit' with the 'speed' parameter sets the
   speed parameter, as reported by 'query-block-jobs'

3. Verifies that a bogus 'device' parameter to 'block-commit'
   results in error

4-9: Appropriate error values returned for the following argument errors:
    * top == base
    * top is nonexistent
    * base is nonexistent
    * top == active layer (this is currently not supported)
    * top and base arguments are reversed
    * top argument is omitted

Signed-off-by: Jeff Cody <jcody@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoQAPI: add command for live block commit, 'block-commit'
Jeff Cody [Thu, 27 Sep 2012 17:29:16 +0000 (13:29 -0400)]
QAPI: add command for live block commit, 'block-commit'

The command for live block commit is added, which has the following
arguments:

device: the block device to perform the commit on (mandatory)
base:   the base image to commit into; optional (if not specified,
        it is the underlying original image)
top:    the top image of the commit - all data from inside top down
        to base will be committed into base (mandatory for now; see
        note, below)

speed:  maximum speed, in bytes/sec

Note: Eventually this command will support merging down the active layer,
      but that code is not yet complete.  If the active layer is passed
      in as top, then an error will be returned.  Once merging down the
      active layer is supported, the 'top' argument may become optional,
      and default to the active layer.

The is done as a block job, so upon completion a BLOCK_JOB_COMPLETED will
be emitted.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: helper function, to find the base image of a chain
Jeff Cody [Thu, 27 Sep 2012 17:29:15 +0000 (13:29 -0400)]
block: helper function, to find the base image of a chain

This is a simple helper function, that will return the base image
of a given image chain.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblockdev: rename block_stream_cb to a generic block_job_cb
Jeff Cody [Thu, 27 Sep 2012 17:29:14 +0000 (13:29 -0400)]
blockdev: rename block_stream_cb to a generic block_job_cb

Signed-off-by: Jeff Cody <jcody@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: add live block commit functionality
Jeff Cody [Thu, 27 Sep 2012 17:29:13 +0000 (13:29 -0400)]
block: add live block commit functionality

This adds the live commit coroutine.  This iteration focuses on the
commit only below the active layer, and not the active layer itself.

The behaviour is similar to block streaming; the sectors are walked
through, and anything that exists above 'base' is committed back down
into base.  At the end, intermediate images are deleted, and the
chain stitched together.  Images are restored to their original open
flags upon completion.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: add support functions for live commit, to find and delete images.
Jeff Cody [Thu, 27 Sep 2012 17:29:12 +0000 (13:29 -0400)]
block: add support functions for live commit, to find and delete images.

Add bdrv_find_overlay(), and bdrv_drop_intermediate().

bdrv_find_overlay():  given 'bs' and the active (topmost) BDS of an image chain,
                    find the image that is the immediate top of 'bs'

bdrv_drop_intermediate():
                    Given 3 BDS (active, top, base), drop images above
                    base up to and including top, and set base to be the
                    backing file of top's overlay node.

                    E.g., this converts:

                    bottom <- base <- intermediate <- top <- active

                    to

                    bottom <- base <- active

Signed-off-by: Jeff Cody <jcody@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: Support GlusterFS as a QEMU block backend.
Bharata B Rao [Thu, 27 Sep 2012 14:00:32 +0000 (19:30 +0530)]
block: Support GlusterFS as a QEMU block backend.

This patch adds gluster as the new block backend in QEMU. This gives
QEMU the ability to boot VM images from gluster volumes. Its already
possible to boot from VM images on gluster volumes using FUSE mount, but
this patchset provides the ability to boot VM images from gluster volumes
by by-passing the FUSE layer in gluster. This is made possible by
using libgfapi routines to perform IO on gluster volumes directly.

VM Image on gluster volume is specified like this:

file=gluster[+transport]://[server[:port]]/volname/image[?socket=...]

'gluster' is the protocol.

'transport' specifies the transport type used to connect to gluster
management daemon (glusterd). Valid transport types are
tcp, unix and rdma. If a transport type isn't specified, then tcp
type is assumed.

'server' specifies the server where the volume file specification for
the given volume resides. This can be either hostname, ipv4 address
or ipv6 address. ipv6 address needs to be within square brackets [ ].
If transport type is 'unix', then 'server' field should not be specifed.
The 'socket' field needs to be populated with the path to unix domain
socket.

'port' is the port number on which glusterd is listening. This is optional
and if not specified, QEMU will send 0 which will make gluster to use the
default port. If the transport type is unix, then 'port' should not be
specified.

'volname' is the name of the gluster volume which contains the VM image.

'image' is the path to the actual VM image that resides on gluster volume.

Examples:

file=gluster://1.2.3.4/testvol/a.img
file=gluster+tcp://1.2.3.4/testvol/a.img
file=gluster+tcp://1.2.3.4:24007/testvol/dir/a.img
file=gluster+tcp://[1:2:3:4:5:6:7:8]/testvol/dir/a.img
file=gluster+tcp://[1:2:3:4:5:6:7:8]:24007/testvol/dir/a.img
file=gluster+tcp://server.domain.com:24007/testvol/dir/a.img
file=gluster+unix:///testvol/dir/a.img?socket=/tmp/glusterd.socket
file=gluster+rdma://1.2.3.4:24007/testvol/a.img

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoconfigure: Add a config option for GlusterFS as block backend
Bharata B Rao [Mon, 24 Sep 2012 09:12:45 +0000 (14:42 +0530)]
configure: Add a config option for GlusterFS as block backend

GlusterFS support in QEMU depends on libgfapi, libgfrpc and
libgfxdr provided by GlusterFS.

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoaio: Another fix to the walking_handlers logic
Paolo Bonzini [Thu, 27 Sep 2012 13:57:43 +0000 (19:27 +0530)]
aio: Another fix to the walking_handlers logic

The AIO dispatch loop will call QLIST_REMOVE and g_free even if there
are other pending calls to qemu_aio_wait outside the current one.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoqemu: URI parsing library
Paolo Bonzini [Mon, 24 Sep 2012 09:12:02 +0000 (14:42 +0530)]
qemu: URI parsing library

Add a new URI parsing library to QEMU. The code has been borrowed from
libxml2 and libvirt.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoaio: Fix qemu_aio_wait() to maintain correct walking_handlers count
Paolo Bonzini [Mon, 24 Sep 2012 09:10:56 +0000 (14:40 +0530)]
aio: Fix qemu_aio_wait() to maintain correct walking_handlers count

Fix qemu_aio_wait() to ensure that registered aio handlers don't get
deleted when they are still active. This is ensured by maintaning the
right count of walking_handlers.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: after creating a live snapshot, make old image read-only
Jeff Cody [Tue, 25 Sep 2012 16:29:39 +0000 (12:29 -0400)]
block: after creating a live snapshot, make old image read-only

Currently, after a live snapshot of a drive, the image that has
been 'demoted' to be below the new active layer remains r/w.
This patch reopens it read-only.

Note that we do not check for error on the reopen(), because we
will not abort the snapshots if the reopen fails.

This patch depends on the bdrv_reopen() series.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock-migration: Flush requests in blk_mig_cleanup
Kevin Wolf [Tue, 25 Sep 2012 13:47:36 +0000 (15:47 +0200)]
block-migration: Flush requests in blk_mig_cleanup

When cancelling block migration, all in-flight requests of the block
migration must be completed before the data can be freed. This was
visible as failing assertions and segfaults.

Reported-by: Peter Lieven <pl@dlhnet.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agovirtio-serial-bus: let chardev know the exact number of bytes requested
Amit Shah [Mon, 24 Sep 2012 18:35:16 +0000 (00:05 +0530)]
virtio-serial-bus: let chardev know the exact number of bytes requested

Using the virtqueue_avail_bytes() function had an unnecessarily
crippling effect on the number of bytes needed by the guest as reported
to the chardev layer in the can_read() callback.

Using the new virtqueue_get_avail_bytes() function will let us advertise
the exact number of bytes we can send to the guest.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
12 years agovirtio: Introduce virtqueue_get_avail_bytes()
Amit Shah [Mon, 24 Sep 2012 18:35:15 +0000 (00:05 +0530)]
virtio: Introduce virtqueue_get_avail_bytes()

The current virtqueue_avail_bytes() is oddly named, and checks if a
particular number of bytes are available in a vq.  A better API is to
fetch the number of bytes available in the vq, and let the caller do
what's interesting with the numbers.

Introduce virtqueue_get_avail_bytes(), which returns the number of bytes
for buffers marked for both, in as well as out.  virtqueue_avail_bytes()
is made a wrapper over this new function.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
12 years agovirtio: use unsigned int for counting bytes in vq
Amit Shah [Mon, 24 Sep 2012 18:35:14 +0000 (00:05 +0530)]
virtio: use unsigned int for counting bytes in vq

The virtqueue_avail_bytes() function counts bytes in an int.  Use an
unsigned int instead.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
12 years agoiov: add const annotation
Michael S. Tsirkin [Mon, 24 Sep 2012 10:50:32 +0000 (12:50 +0200)]
iov: add const annotation

iov_from_buf does not change iov, make it const.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
12 years agovirtio-net: fix used len for tx
Michael S. Tsirkin [Mon, 24 Sep 2012 13:15:43 +0000 (15:15 +0200)]
virtio-net: fix used len for tx

There is no out sg for TX, so used buf length for tx
should always be 0.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
12 years agovirtio: don't mark unaccessed memory as dirty
Michael S. Tsirkin [Mon, 24 Sep 2012 13:09:30 +0000 (15:09 +0200)]
virtio: don't mark unaccessed memory as dirty

offset of accessed buffer is calculated using iov_length, so it
can exceed accessed len. If that happens
math in len - offset wraps around, and size becomes wrong.
As real value is 0, so this is harmless but unnecessary.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
12 years agoMerge branch 'arm-devs.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm
Aurelien Jarno [Thu, 27 Sep 2012 19:48:56 +0000 (21:48 +0200)]
Merge branch 'arm-devs.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm

* 'arm-devs.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm:
  Versatile Express: Add modelling of NOR flash
  Versatile Express: Fix NOR flash 0 address and remove flash alias
  hw/armv7m_nvic: Correctly register GIC region when setting up NVIC
  pl190: fix read of VECTADDR

12 years agotarget-s390x: Tidy cpu_dump_state
Richard Henderson [Mon, 24 Sep 2012 21:55:53 +0000 (14:55 -0700)]
target-s390x: Tidy cpu_dump_state

The blank lines inside the single dump make it difficult for the
eye to pick out the block.  Worse, with interior newlines, but
no blank line following, the PSW line appears to belong to the
next dump block.

Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotarget-s390x: Avoid double CPU_LOG_TB_CPU
Richard Henderson [Mon, 24 Sep 2012 21:55:52 +0000 (14:55 -0700)]
target-s390x: Avoid double CPU_LOG_TB_CPU

This is already handled generically in cpu_exec.

Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotarget-s390x: Use CPU_LOG_INT
Richard Henderson [Mon, 24 Sep 2012 21:55:51 +0000 (14:55 -0700)]
target-s390x: Use CPU_LOG_INT

Three places in the interrupt code did we not honor the mask.

Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotarget-unicore32: Call tcg_gen_debug_insn_start
Richard Henderson [Mon, 24 Sep 2012 21:55:50 +0000 (14:55 -0700)]
target-unicore32: Call tcg_gen_debug_insn_start

Acked-by: Guan Xuetao <gxt@mprc.pku.edu.cn>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotarget-s390x: Call tcg_gen_debug_insn_start
Richard Henderson [Mon, 24 Sep 2012 21:55:49 +0000 (14:55 -0700)]
target-s390x: Call tcg_gen_debug_insn_start

Cc: Alexander Graf <agraf@suse.de>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotarget-m68k: Call tcg_gen_debug_insn_start
Richard Henderson [Mon, 24 Sep 2012 21:55:48 +0000 (14:55 -0700)]
target-m68k: Call tcg_gen_debug_insn_start

Cc: Paul Brook <paul@codesourcery.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agoEmit debug_insn for CPU_LOG_TB_OP_OPT as well.
Richard Henderson [Mon, 24 Sep 2012 21:55:47 +0000 (14:55 -0700)]
Emit debug_insn for CPU_LOG_TB_OP_OPT as well.

For all targets that currently call tcg_gen_debug_insn_start,
add CPU_LOG_TB_OP_OPT to the condition that gates it.

This is useful for comparing optimization dumps, when the
pre-optimization dump is merely noise.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotci: Fix for AREG0 free mode
Stefan Weil [Tue, 18 Sep 2012 20:43:38 +0000 (22:43 +0200)]
tci: Fix for AREG0 free mode

Support for helper functions with 5 arguments was missing
in the code generator and in the interpreter.

There is no need to pass the constant TCG_AREG0 from the
code generator to the interpreter. Remove that code for
the INDEX_op_qemu_st* opcodes.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agoblock: live snapshot documentation tweaks
Paolo Bonzini [Wed, 26 Sep 2012 14:34:29 +0000 (16:34 +0200)]
block: live snapshot documentation tweaks

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
12 years agoinput: index_from_key(): drop unused code
Luiz Capitulino [Thu, 20 Sep 2012 17:47:02 +0000 (14:47 -0300)]
input: index_from_key(): drop unused code

The hex key conversion is unused since last commit.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
12 years agoqmp: qmp_send_key(): accept key codes in hex
Luiz Capitulino [Thu, 20 Sep 2012 17:19:47 +0000 (14:19 -0300)]
qmp: qmp_send_key(): accept key codes in hex

Before the qapi conversion, the sendkey command could be used to
send key codes in hex directly to the guest. In HMP, this would
be like:

 (qemu) sendkey 0xdc

However, the qapi conversion broke this, as it only supports sending
QKeyCode values to the guest. That's a regression.

This commit fixes the problem by adding hex value support down
the QMP interface, qmp_send_key().

In more detail, this commit:

 1. Adds the KeyValue union. This can represent an hex value or
    a QKeyCode value

 2. *Changes* the QMP send-key command to take an KeyValue argument
    instead of a QKeyCode one

 3. Adapt hmp_send_key() to the QMP interface changes

Item 2 is an incompatible change, but as we're in development phase
(and this command has been merged a few weeks ago) this shouldn't be
a problem.

Finally, it's not possible to split this commit without breaking the
build.

Reported-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
12 years agoinput: qmp_send_key(): simplify
Luiz Capitulino [Thu, 20 Sep 2012 16:44:28 +0000 (13:44 -0300)]
input: qmp_send_key(): simplify

The current code duplicates the QKeyCodeList keys in order to store
the key values for release_keys() late run. This is a bit complicated
though, as we have to care about correct ordering and then release_keys()
will have to index key_defs[] over again.

Switch to an array of integers, which is dynamically allocated and stores
the already converted key value.

This simplifies the current code and the next commit.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
12 years agohmp: dump-guest-memory: hardcode protocol argument to "file:"
Luiz Capitulino [Fri, 21 Sep 2012 16:53:00 +0000 (13:53 -0300)]
hmp: dump-guest-memory: hardcode protocol argument to "file:"

Today, it's necessary to specify the protocol you want to use
when dumping the guest memory, for example:

 (qemu) dump-guest-memory file:/tmp/guest-memory

This has a few issues:

 1. It's cumbersome to type
 2. We loose file path autocompletion
 3. Being able to specify fd:X in HMP makes little sense for humans

Because of these reasons, hardcode the 'protocol' argument to
'file:' in HMP.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
12 years agoqmp: dump-guest-memory: don't spin if non-blocking fd would block
Luiz Capitulino [Fri, 21 Sep 2012 16:17:55 +0000 (13:17 -0300)]
qmp: dump-guest-memory: don't spin if non-blocking fd would block

fd_write_vmcore() will indefinitely spin for a non-blocking
file-descriptor that would block. However, if the fd is non-blocking,
how does it make sense to spin?

Change this behavior to return an error instead.

Note that this can only happen with an fd provided by a management
application. The fd opened internally by dump-guest-memory is blocking.

While there, also fix 'writen_size' variable name.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
12 years agoqmp: dump-guest-memory: improve schema doc (again)
Luiz Capitulino [Fri, 21 Sep 2012 16:10:58 +0000 (13:10 -0300)]
qmp: dump-guest-memory: improve schema doc (again)

 o Add a note about memory allocation with paging=true
 o Fix indentation

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
12 years agoVersatile Express: Add modelling of NOR flash
Francesco Lavra [Wed, 19 Sep 2012 05:57:21 +0000 (05:57 +0000)]
Versatile Express: Add modelling of NOR flash

This patch adds modelling of the two NOR flash banks found on the
Versatile Express motherboard. Tested with U-Boot running on an emulated
Versatile Express, with either A9 or A15 CoreTile.

Signed-off-by: Francesco Lavra <francescolavra.fl@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12 years agoVersatile Express: Fix NOR flash 0 address and remove flash alias
Francesco Lavra [Wed, 19 Sep 2012 05:51:58 +0000 (05:51 +0000)]
Versatile Express: Fix NOR flash 0 address and remove flash alias

In the A series memory map (implemented in the Cortex A15 CoreTile), the
first NOR flash bank (flash 0) is mapped to address 0x08000000, while
address 0x00000000 can be configured as alias to either the first or the
second flash bank. This patch fixes the definition of flash 0 address,
and for simplicity removes the alias definition.

Signed-off-by: Francesco Lavra <francescolavra.fl@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12 years agohw/armv7m_nvic: Correctly register GIC region when setting up NVIC
Meador Inge [Wed, 26 Sep 2012 15:46:28 +0000 (16:46 +0100)]
hw/armv7m_nvic: Correctly register GIC region when setting up NVIC

When setting up the NVIC memory regions the memory range
0x100..0xcff is aliased to an IO memory region that belongs
to the ARM GIC.  This aliased region should be added to the
NVIC memory container, but the actual GIC IO memory region
was being added instead.  This mixup was causing the wrong
IO memory access functions to be called when accessing parts
of the NVIC memory.

Signed-off-by: Meador Inge <meadori@codesourcery.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12 years agopl190: fix read of VECTADDR
Brendan Fennell [Wed, 26 Sep 2012 15:46:28 +0000 (16:46 +0100)]
pl190: fix read of VECTADDR

Reading VECTADDR was causing us to set the current priority to
the wrong value, the most obvious effect of which was that we
would return the vector for the wrong interrupt as the result
of the read.

Signed-off-by: Brendan Fennell <bfennell@skynet.ie>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12 years agoqapi: convert add_client
Luiz Capitulino [Thu, 13 Sep 2012 19:52:20 +0000 (16:52 -0300)]
qapi: convert add_client

Also fixes a few issues while there:

 1. The fd returned by monitor_get_fd() leaks in most error conditions
 2. monitor_get_fd() return value is not checked. Best case we get
    an error that is not correctly reported, worse case one of the
    functions using the fd (with value of -1) will explode
 3. A few error conditions aren't reported
 4. We now "use up" @fdname always.  Before, it was left alone for
    invalid @protocol

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
12 years agomonitor: add Error * argument to monitor_get_fd
Paolo Bonzini [Thu, 20 Sep 2012 14:50:32 +0000 (16:50 +0200)]
monitor: add Error * argument to monitor_get_fd

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
12 years agopci-assign: use monitor_handle_fd_param
Paolo Bonzini [Thu, 20 Sep 2012 14:50:32 +0000 (16:50 +0200)]
pci-assign: use monitor_handle_fd_param

There is no need to open-code the choice between a file descriptor
number or a named one.  Just use monitor_handle_fd_param, which
also takes care of printing the error message.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
12 years agoqapi: add "unix" to the set of reserved words
Paolo Bonzini [Wed, 19 Sep 2012 14:31:07 +0000 (16:31 +0200)]
qapi: add "unix" to the set of reserved words

It is #defined to 1.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
12 years agoqapi: do not protect enum values from namespace pollution
Paolo Bonzini [Wed, 19 Sep 2012 14:31:06 +0000 (16:31 +0200)]
qapi: do not protect enum values from namespace pollution

Enum values are always preceded by the uppercase name of the enum, so
they do not conflict with reserved words.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
12 years agoAdd qemu-ga-client script
Ryota Ozaki [Fri, 14 Sep 2012 12:44:22 +0000 (21:44 +0900)]
Add qemu-ga-client script

This is an easy-to-use QEMU guest agent client written in
Python. It simply provides commands to call guest agent
functions like ping, fsfreeze and shutdown. Additionally,
it provides extra useful commands, e.g, cat, ifconfig and
reboot, by using guet agent functions.

Examples:
  $ export QGA_CLIENT_ADDRESS=/tmp/qga.sock
  $ qemu-ga-client ping

  $ qemu-ga-client cat /etc/resolv.conf
  # Generated by NetworkManager
  nameserver 10.0.2.3

  $ qemu-ga-client fsfreeze status
  thawed
  $ qemu-ga-client fsfreeze freeze
  2 filesystems frozen

The script communicates with a guest agent by means of
qmp.QEMUMonitorProtocol. Every commands are called with
timeout (3 sec.) to avoid blocking. The script always
calls sync command prior to issuing an actual command
(except for ping which doesn't need sync).

Signed-off-by: Ryota Ozaki <ozaki.ryota@gmail.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>