The TriCore documentation was wrong on how to calculate ovf bits for those two
instructions, which I confirmed with real hardware (TC1796 chip). An ovf
actually happens, if the result (without remainder) does not fit into 8/16 bits.
RRPW_DEXTR used r1 for the low part and r2 for the high part. It should be the
other way round. This also fixes that the result of the first shift was not
saved in a temp and could overwrite registers that were needed for the second
shift.
Stefan Weil [Sat, 7 Mar 2015 14:43:32 +0000 (15:43 +0100)]
target-tricore: Fix two helper functions (clang warnings)
clang report:
target-tricore/op_helper.c:1247:24: warning:
taking the absolute value of unsigned type 'uint32_t' (aka 'unsigned int')
has no effect [-Wabsolute-value]
target-tricore/op_helper.c:1248:25: warning:
taking the absolute value of unsigned type 'uint32_t' (aka 'unsigned int')
has no effect [-Wabsolute-value]
target-tricore/op_helper.c:1249:19: warning:
taking the absolute value of unsigned type 'uint32_t' (aka 'unsigned int')
has no effect [-Wabsolute-value]
target-tricore/op_helper.c:1297:24: warning:
taking the absolute value of unsigned type 'uint32_t' (aka 'unsigned int')
has no effect [-Wabsolute-value]
target-tricore/op_helper.c:1298:25: warning:
taking the absolute value of unsigned type 'uint32_t' (aka 'unsigned int')
has no effect [-Wabsolute-value]
target-tricore/op_helper.c:1299:19: warning:
taking the absolute value of unsigned type 'uint32_t' (aka 'unsigned int')
has no effect [-Wabsolute-value]
Fix also the divisor which was taken from the wrong register
(thanks to Peter Maydell for this hint).
John Snow [Fri, 20 Mar 2015 00:24:16 +0000 (20:24 -0400)]
ahci-test: improve rw buffer patterns
My pattern was cyclical every 256 bytes, so it missed a fairly obvious
failure case. Add some rand() pepper into the test pattern, and for large
patterns that exceed 256 sectors, start writing an ID per-sector so that
we never generate identical sector patterns.
Andreas Schwab [Tue, 10 Mar 2015 16:11:35 +0000 (17:11 +0100)]
linux-user: fix emulation of splice syscall
The second and fourth argument are in/out parameters, store them back
after the syscall. Also, the fourth argument was mishandled, and EFAULT
handling was missing.
Chen Gang S [Sun, 25 Jan 2015 11:03:29 +0000 (19:03 +0800)]
linux-user/main.c: Remove redundant end_exclusive() in arm_kernel_cmpxchg64_helper()
start/end_exclusive() need be pairs, except the start_exclusive() in
stop_all_tasks() which is only used by force_sig(), which will be abort.
So at present, start_exclusive() in stop_all_task() need not be paired.
queue_signal() may call force_sig(), or return after kill pid (or queue
signal). If could return from queue_signal(), stop_all_task() would not
be called in time, the next end_exclusive() would be issue.
So in arm_kernel_cmpxchg64_helper() for ARM, need remove end_exclusive()
after queue_signal(). The related commit: "97cc756 linux-user: Implement
new ARM 64 bit cmpxchg kernel helper".
Peter Maydell [Fri, 20 Mar 2015 12:26:09 +0000 (12:26 +0000)]
Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging
X86 queue 2015-03-19
# gpg: Signature made Thu Mar 19 19:40:17 2015 GMT using RSA key ID 984DC5A6
# gpg: Good signature from "Eduardo Habkost <[email protected]>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6
* remotes/ehabkost/tags/x86-pull-request:
target-i386: Haswell-noTSX and Broadwell-noTSX
Revert "target-i386: Disable HLE and RTM on Haswell & Broadwell"
Peter Maydell [Fri, 20 Mar 2015 10:37:03 +0000 (10:37 +0000)]
Merge remote-tracking branch 'remotes/ehabkost/tags/work/numa-verify-cpus-pull-request' into staging
NUMA queue 2015-03-19
# gpg: Signature made Thu Mar 19 19:25:53 2015 GMT using RSA key ID 984DC5A6
# gpg: Can't check signature: public key not found
* remotes/ehabkost/tags/work/numa-verify-cpus-pull-request:
numa: Print warning if no node is assigned to a CPU
pc: fix default VCPU to NUMA node mapping
numa: introduce machine callback for VCPU to node mapping
numa: Reject configuration if CPU appears on multiple nodes
numa: Reject CPU indexes > max_cpus
numa: Fix off-by-one error at MAX_CPUMASK_BITS check
Gonglei [Wed, 18 Mar 2015 09:33:47 +0000 (17:33 +0800)]
ehci: fix segfault when hot-unplugging ehci controller
When hot-unplugging the usb controllers (ehci/uhci),
we have to clean all resouce of these devices,
involved registered reset handler. Otherwise, it
may cause NULL pointer access and/or segmentation fault
if we reboot the guest os after hot-unplugging.
Let's hook up reset via DeviceClass->reset() and drop
the qemu_register_reset() call. Then Qemu will register
and unregister the reset handler automatically.
Gonglei [Wed, 18 Mar 2015 09:33:48 +0000 (17:33 +0800)]
ohci: fix resource cleanup leak
When hot-unplugging the usb controllers (ehci/uhci),
we have to clean all resouce of these devices,
involved registered reset handler. Otherwise, it
may cause NULL pointer access and/or segmentation fault
if we reboot the guest os after hot-unplugging.
Let's hook up reset via DeviceClass->reset() and drop
the qemu_register_reset() call. Then Qemu will register
and unregister the reset handler automatically.
Ohci does't support hotplugging/hotunplugging yet, but
existing resource cleanup leak logic likes ehci/uhci.
Gonglei [Wed, 18 Mar 2015 09:33:46 +0000 (17:33 +0800)]
uhci: fix segfault when hot-unplugging uhci controller
When hot-unplugging the usb controllers (ehci/uhci),
we have to clean all resouce of these devices,
involved registered reset handler. Otherwise, it
may cause NULL pointer access and/or segmentation fault
if we reboot the guest os after hot-unplugging.
Let's hook up reset via DeviceClass->reset() and drop
the qemu_register_reset() call. Then Qemu will register
and unregister the reset handler automatically.
Eduardo Habkost [Fri, 13 Mar 2015 18:58:09 +0000 (15:58 -0300)]
target-i386: Haswell-noTSX and Broadwell-noTSX
With the Intel microcode update that removed HLE and RTM, there will be
different kinds of Haswell and Broadwell CPUs out there: some that still
have the HLE and RTM features, and some that don't have the HLE and RTM
features. On both cases people may be willing to use the pc-*-2.3
machine-types.
So, to cover both cases, introduce Haswell-noTSX and Broadwell-noTSX CPU
models, for hosts that have Haswell and Broadwell CPUs without TSX support.
With the Intel microcode update that removed HLE and RTM, there will be
different kinds of Haswell and Broadwell CPUs out there: some that still
have the HLE and RTM features, and some that don't have the HLE and RTM
features. On both cases people may be willing to use the pc-*-2.3
machine-types.
So instead of making the CPU model results confusing by making it depend
on the machine-type, keep HLE and RTM on the existing Haswell and
Broadwell CPU models. The plan is to introduce "Haswell-noTSX" and
"Broadwell-noTSX" CPU models later, for people who have CPUs that don't
have TSX feature available.
Eduardo Habkost [Mon, 9 Feb 2015 19:35:04 +0000 (17:35 -0200)]
numa: Print warning if no node is assigned to a CPU
We need all possible CPUs (including hotplug ones) to be present in the
SRAT when QEMU starts. QEMU already does that correctly today, the only
problem is that when a CPU is omitted from the NUMA configuration, it is
silently assigned to node 0.
Check if all CPUs up to max_cpus are present in the NUMA configuration
and warn about missing CPUs.
Make it just a warning, to allow management software to be updated if
necessary. In the future we may make it a fatal error instead.
$ qemu-system-x86_64 -smp 2,maxcpus=4 -numa node,cpus=0
qemu-system-x86_64: warning: CPU(s) not present in any NUMA nodes: 1 2 3
qemu-system-x86_64: warning: All CPU(s) up to maxcpus should be described in NUMA config
$ qemu-system-x86_64 -smp 2,maxcpus=4 -numa node,cpus=0-2
qemu-system-x86_64: warning: CPU(s) not present in any NUMA nodes: 3
qemu-system-x86_64: warning: All CPU(s) up to maxcpus should be described in NUMA config
Igor Mammedov [Thu, 19 Mar 2015 17:09:22 +0000 (17:09 +0000)]
pc: fix default VCPU to NUMA node mapping
Since commit dd0247e0 pc: acpi: mark all possible CPUs as enabled in SRAT
Linux kernel actually tries to use CPU to Node mapping from
QEMU provided SRAT table instead of discarding it, and that
in some cases breaks build_sched_domains() which expects
sane mapping where cores/threads belonging to the same socket
are on the same NUMA node.
With current default round-robin mapping of VCPUs to nodes
guest ends-up with cores/threads belonging to the same socket
being on different NUMA nodes.
2.6.32 based kernels will hang on boot due to incorrectly built
sched_group-s list in update_sd_lb_stats()
Replacing default mapping with a manual, where VCPUs belonging to
the same socket are on the same NUMA node, fixes the issue for
guests which can't handle nonsense topology i.e. changing CLI to:
-numa node,nodeid=0,cpus=0-3 -numa node,nodeid=1,cpus=4-7
So instead of simply scattering VCPUs around nodes, provide
callback to map the same socket VCPUs to the same NUMA node,
which is what guests would expect from a sane hardware/BIOS.
Igor Mammedov [Thu, 19 Mar 2015 17:09:21 +0000 (17:09 +0000)]
numa: introduce machine callback for VCPU to node mapping
Current default round-robin way of distributing VCPUs among
NUMA nodes might be wrong in case on multi-core/threads
CPUs. Making guests confused wrt topology where cores from
the same socket are on different nodes.
Allow a machine to override default mapping by providing
MachineClass::cpu_index_to_socket_id()
callback which would allow it group VCPUs from a socket
on the same NUMA node.
Peter Maydell [Thu, 19 Mar 2015 17:47:08 +0000 (17:47 +0000)]
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging
Block patches for 2.3.0-rc1
# gpg: Signature made Thu Mar 19 15:03:26 2015 GMT using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <[email protected]>"
* remotes/kevin/tags/for-upstream:
block: Fix blockdev-backup not to use funky error class
raw-posix: Deprecate aio=threads fallback without O_DIRECT
raw-posix: Deprecate host floppy passthrough
block: Fix blockdev-backup not to use funky error class
Error classes are a leftover from the days of "rich" error objects.
New code should always use ERROR_CLASS_GENERIC_ERROR. Commit b7b9d39..7c6a4ab added uses of ERROR_CLASS_DEVICE_NOT_FOUND. Replace
them.
Peter Maydell [Thu, 19 Mar 2015 13:04:07 +0000 (13:04 +0000)]
Merge remote-tracking branch 'remotes/lalrae/tags/mips-20150318' into staging
MIPS patches 2015-03-18
Changes:
* bug fixes
# gpg: Signature made Wed Mar 18 10:06:00 2015 GMT using RSA key ID 0B29DA6B
# gpg: Can't check signature: public key not found
* remotes/lalrae/tags/mips-20150318:
target-mips: save cpu state before calling MSA load and store helpers
target-mips: fix hflags modified in delay / forbidden slot
target-mips: fix CP0.BadVAddr by stopping translation on Address Error
Peter Maydell [Thu, 19 Mar 2015 12:12:21 +0000 (12:12 +0000)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-vnc-20150318-1' into staging
vnc: fix websockets & QMP.
# gpg: Signature made Wed Mar 18 13:12:35 2015 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <[email protected]>"
# gpg: aka "Gerd Hoffmann <[email protected]>"
# gpg: aka "Gerd Hoffmann (private) <[email protected]>"
* remotes/kraxel/tags/pull-vnc-20150318-1:
ui: ensure VNC websockets server checks the ACL if requested
ui: remove separate gnutls_session for websockets server
ui: enforce TLS when using websockets server
ui: fix setup of VNC websockets auth scheme with TLS
ui: split setup of VNC auth scheme into separate method
ui: report error if user requests VNC option that is unsupported
ui: replace printf() calls with VNC_DEBUG
ui: remove unused 'wiremode' variable in VncState struct
vnc: Fix QMP change not to use funky error class
Amit Shah [Thu, 17 Jul 2014 14:32:45 +0000 (20:02 +0530)]
virtio: serial: expose a 'guest_writable' callback for users
Users of virtio-serial may want to know when a port becomes writable. A
port can stop accepting writes if the guest port is open but not being
read from. In this case, data gets queued up in the virtqueue, and
after the vq is full, writes to the port do not succeed.
When the guest reads off a vq element, and adds a new one for the host
to put data in, we can tell users the port is available for more writes,
via the new ->guest_writable() callback.
Kevin Wolf [Tue, 17 Mar 2015 12:45:21 +0000 (13:45 +0100)]
raw-posix: Deprecate aio=threads fallback without O_DIRECT
Currently, if the user requests aio=native, but forgets to choose a
cache mode that sets O_DIRECT, that request is silently ignored and raw
falls back to aio=threads.
Deprecate that behaviour so we can make it an error in future qemu
versions.
Peter Maydell [Thu, 19 Mar 2015 11:12:21 +0000 (11:12 +0000)]
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
pci, virtio bugfixes for 2.3
Just a bunch of bugfixes. Should be nothing remarkable here.
Signed-off-by: Michael S. Tsirkin <[email protected]>
# gpg: Signature made Wed Mar 18 12:31:03 2015 GMT using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <[email protected]>"
# gpg: aka "Michael S. Tsirkin <[email protected]>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67
# Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469
* remotes/mst/tags/for_upstream:
pcie_aer: fix comment to match pcie spec
pci: fix several trivial typos in comment
aer: fix a wrong init PCI_ERR_COR_STATUS w1cmask type register
pcie_aer: fix typos in pcie_aer_inject_error comment
aer: fix wrong check on expose aer tlp prefix log
pcie: correct mistaken register bit for End-End TLP Prefix Blocking
virtio: Fix memory leaks reported by Coverity
virtio: validate the existence of handle_output before calling it
Raise your hand if you have a physical floppy drive in a computer
you've powered on in 2015. Okay, I see we got a few weirdos in the
audience. That's okay, weirdos are welcome here.
Kidding aside, media change detection doesn't fully work, isn't going
to be fixed, and floppy passthrough just isn't earning its keep
anymore.
Deprecate block driver host_floppy now, so we can drop it after a
grace period.
Peter Maydell [Thu, 19 Mar 2015 10:07:23 +0000 (10:07 +0000)]
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
- kvm: ioeventfd fix for PPC64LE
- virtio-scsi: misc fixes
- fix for --enable-profiler
- nbd: fixes from Max
- build: fix for scripts/make_device_config.sh
- exec: fix for address_space_translate
# gpg: Signature made Wed Mar 18 11:11:08 2015 GMT using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <[email protected]>"
# gpg: aka "Paolo Bonzini <[email protected]>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* remotes/bonzini/tags/for-upstream:
exec: Respect as_tranlsate_internal length clamp
virtio-scsi-dataplane: fix memory leak in virtio_scsi_vring_init
profiler: Reenable built-in profiler
kvm: fix ioeventfd endianness on bi-endian architectures
virtio-scsi: Fix assert in virtio_scsi_push_event
build: pass .d file name to scripts/make_device_config.sh, fix makefile target
coroutine-io: Return -errno in case of error
nbd: Drop unexpected data for NBD_OPT_LIST
nbd: Fix interpretation of the export flags
nbd: Fix nbd_receive_options()
nbd: Set block size to BDRV_SECTOR_SIZE
nbd: Fix potential signed overflow issues
qemu-nbd: fork() can fail
nbd: Handle blk_getlength() failure
nbd: Pass return value from nbd_handle_list()
nbd: Fix nbd_establish_connection()'s return value
qemu-nbd: Detect unused partitions by system == 0
util/uri: Add overflow check to rfc3986_parse_port
nbd: Fix overflow return value
Stefan Weil [Sat, 14 Mar 2015 08:37:08 +0000 (09:37 +0100)]
elf-loader: Fix truncation warning from coverity
Coverity reports a truncation due to cast operation on operand
reltab->sh_size from 64 bits to 32 bits for calls of load_at.
Fix the types of the function arguments to match their use in
function load_at: the offset is used for lseek which takes an
off_t parameter, the size is used for g_malloc and read.
Paulo Vital [Tue, 10 Mar 2015 11:25:51 +0000 (12:25 +0100)]
pc-dimm: Add description for device list.
The pc-dimm option presented on device list (by argument "-device \?")
is the unique option that don't have any information about it. This
patch adds a description for the pc-dimm device to help users to
identify it.
Michael Tokarev [Thu, 12 Mar 2015 06:13:45 +0000 (09:13 +0300)]
configure: enable kvm on x32
Here's a trivial change to enable kvm on x32 architecture.
I'm not 100% sure the result works correctly in all cases,
but this is a good start and in theory everything should
work.
qmp: Drop unused .user_print from command definitions
.user_print isn't used with QMP commands, only with HMP commands.
Copied over when QMP got its own command table in commit 82a56f0.
Most of them have been dropped since, but a few stragglers remain.
Drop them.
The command handler is a union of two function types. If
cmd->user_print is set, handle_user_command() calls
cmd->mhandler.cmd_new(), else cmd->mhandler.cmd().
Command definitions must therefore either set both user_print() and
mhandler.cmd_new(), or only mhandler.cmd().
quit's sets user_print and mhandler.cmd(). handle_user_command()
calls hmp_quit() through mhandler.cmd_new() rather than
mhandler.cmd(), i.e. through a function pointer with a different type.
Broken in commit 7a7f325, v1.0.
Works in practice because hmp_quit() doesn't use its arguments, and
handle_user_command() ignores its function value.
Chen Fan [Fri, 13 Mar 2015 03:18:04 +0000 (11:18 +0800)]
aer: fix wrong check on expose aer tlp prefix log
when specify TLP Prefix log as using pcie_aer_inject_error,
the TLP prefix log is always discarded. because the check
is incorrect, the End-End TLP Prefix Supported bit
(PCI_EXP_DEVCAP2_EETLPP) should be in Device Capabilities 2 Register.
address_space_translate_internal will clamp the *plen length argument
based on the size of the memory region being queried. The iommu walker
logic in addresss_space_translate was ignoring this by discarding the
post fn call value of *plen. Fix by just always using *plen as the
length argument throughout the fn, removing the len local variable.
This fixes a bootloader bug when a single elf section spans multiple
QEMU memory regions.
2ed1ebcf6 "timer: replace time() with QEMU_CLOCK_HOST" broke compile
when configured with --enable-profiler. Turned out the profiler has been
broken for a while.
This does s/qemu_time/tcg_time/ as the profiler only works in a TCG mode.
This also fixes the compile error.
This changes profile_getclock() to return nanoseconds rather than
CPU ticks as the "profile" HMP command prints seconds and there is no
platform-independent way to get ticks-per-second rate.
Since TCG is quite slow and get_clock() returns nanoseconds (fine
enough), this should not affect precision much.
This removes unused qemu_time_start and tlb_flush_time.
This is introduced by commit 55783a55 (virtio-scsi: work around bug in
old BIOSes) which didn't check out_num when accessing out_sg[0].iov_len
(the same to in sg). For virtio_scsi_push_event, looking into out_sg
doesn't make sense because 0 req_size is intended.
Paolo Bonzini [Thu, 12 Mar 2015 15:00:05 +0000 (16:00 +0100)]
build: pass .d file name to scripts/make_device_config.sh, fix makefile target
The .d file name must match exactly what is used in the SUBDIR_DEVICES_MAK_DEP
variable. Instead of making assumptions in the make_device_config.sh script,
just pass it in.
Similarly, the makefile target may not match the output file name, because
Makefile uses a temporary file. Instead of making assumptions on what the
Makefile does, emit the config-devices.mak file to stdout, and use the
passed-in destination as the makefile target
Max Reitz [Wed, 25 Feb 2015 18:08:28 +0000 (13:08 -0500)]
coroutine-io: Return -errno in case of error
In case qemu_co_sendv_recvv() fails without any data read, there is no
reason not to return the perfectly fine error number retrieved from
socket_error().
Max Reitz [Wed, 25 Feb 2015 18:08:34 +0000 (13:08 -0500)]
nbd: Drop unexpected data for NBD_OPT_LIST
When requesting the list of exports, no data should be sent. If data is
sent, the NBD server should not just inform the client of the invalid
request, but also drop the data.
Max Reitz [Wed, 25 Feb 2015 18:08:32 +0000 (13:08 -0500)]
nbd: Fix interpretation of the export flags
The export flags are a 16 bit value, so be16_to_cpu() has to be used to
interpret them correctly. This makes discard and flush actually work
for named NBD exports (they did not work before, because the client
always assumed them to be unsupported because of the bug fixed by this
patch).
Max Reitz [Wed, 25 Feb 2015 18:08:19 +0000 (13:08 -0500)]
nbd: Pass return value from nbd_handle_list()
While it does not make a difference in practice, nbd_receive_options()
generally returns -errno, so it should do that here as well; and the
easiest way to achieve this is by passing on the value returned by
nbd_handle_list().
Max Reitz [Wed, 25 Feb 2015 18:08:16 +0000 (13:08 -0500)]
nbd: Fix nbd_establish_connection()'s return value
unix_connect_opts() and inet_connect_opts() do not necessarily set errno
(if at all); therefore, nbd_establish_connection() should not literally
return -errno on error.
Max Reitz [Wed, 25 Feb 2015 18:08:15 +0000 (13:08 -0500)]
qemu-nbd: Detect unused partitions by system == 0
Unused partitions do not necessarily have a total sector count of 0
(although they should have), but they always do have the system field
set to 0, so use that for testing whether a partition is in use rather
than the sector count field alone.
Thomas Huth [Tue, 17 Mar 2015 13:52:54 +0000 (14:52 +0100)]
hw/usb: Include USB files only if necessary
Boards that do not include an USB controller should not provide
USB devices. However, when running "qemu-system-s390x -device help"
for example, there's still a usb-hub, usb-kbd, usb-mouse and
usb-tablet in the list of "supported" devices. Let's fix that
by compiling and linking the USB files only if it is really
necessary.
Leon Alrae [Mon, 16 Mar 2015 16:29:34 +0000 (16:29 +0000)]
target-mips: save cpu state before calling MSA load and store helpers
PC needs to be saved if an exception can be generated by an helper.
This fixes a problem related to resuming the execution at unexpected address
after an exception (caused by MSA load/store instruction) has been serviced.
Leon Alrae [Thu, 29 Jan 2015 16:15:00 +0000 (16:15 +0000)]
target-mips: fix hflags modified in delay / forbidden slot
All instructions which may change hflags terminate tb. However, this doesn't
work if such an instruction is placed in delay or forbidden slot.
gen_branch() clears MIPS_HFLAG_BMASK in ctx->hflags and then generates code
to overwrite hflags with ctx->hflags, consequently we loose any execution-time
hflags modifications. For example, in the following scenario hflag related to
Status.CU1 will not be updated:
/* Set Status.CU1 in delay slot */
mfc0 $24, $12, 0
lui $25, 0x2000
or $25, $25, $24
b check_Status_CU1
mtc0 $25, $12, 0
With this change we clear MIPS_HFLAG_BMASK in execution-time hflags if
instruction in delay or forbidden slot wants to terminate tb for some reason
(i.e. ctx->bstate != BS_NONE).
Also, die early and loudly if "unknown branch" is encountered as this should
never happen.
Leon Alrae [Mon, 16 Mar 2015 16:54:42 +0000 (16:54 +0000)]
target-mips: fix CP0.BadVAddr by stopping translation on Address Error
CP0.BadVAddr is supposed to capture the most recent virtual address that caused
the exception. Currently this does not work correctly for unaligned instruction
fetch as translation is not stopped and CP0.BadVAddr is updated with subsequent
addresses.
ui: ensure VNC websockets server checks the ACL if requested
If the x509verify option is requested, the VNC websockets server
was failing to validate that the websockets client provided an
x509 certificate matching the ACL rules.
ui: remove separate gnutls_session for websockets server
The previous change to the auth scheme handling guarantees we
can never have nested TLS sessions in the VNC websockets server.
Thus we can remove the separate gnutls_session instance.
When TLS is required, the primary VNC server considers it to be
mandatory. ie the server admin decides whether or not TLS is used,
and the client has to comply with this decision. The websockets
server, however, treated it as optional, allowing non-TLS clients
to connect to a server which had setup TLS. Thus enabling websockets
lowers the security of the VNC server leaving the admin no way to
enforce use of TLS.
This removes the code that allows non-TLS fallback in the websockets
server, so that if TLS is requested for VNC it is now mandatory for
both the primary VNC server and the websockets VNC server.
ui: fix setup of VNC websockets auth scheme with TLS
The way the websockets TLS code was integrated into the VNC server
made it essentially useless. The only time that the websockets TLS
support could be used is if the primary VNC server had its existing
TLS support disabled. ie QEMU had to be launched with:
Note the absence of the 'tls' flag. This is already a bug, because
the docs indicate that 'x509' is ignored unless 'tls' is given.
If the primary VNC server had TLS turned on via the 'tls' flag,
then this prevented the websockets TLS support from being used,
because it activates the VeNCrypt auth which would have resulted
in TLS being run over a TLS session. Of course no websockets VNC
client supported VeNCrypt so in practice, since the browser clients
cannot setup a nested TLS session over the main HTTPS connection,
so it would not even get past auth.
This patch causes us to decide our auth scheme separately for the
main VNC server vs the websockets VNC server. We take account of
the fact that if TLS is enabled, then the websockets client will
use https, so setting up VeNCrypt is thus redundant as it would
lead to nested TLS sessions.
ui: report error if user requests VNC option that is unsupported
If the VNC server is built without tls, sasl or websocket support
and the user requests one of these features, they are just silently
ignored. This is bad because it means the VNC server ends up running
in a configuration that is less secure than the user asked for.
It also leads to an tangled mass of preprocessor conditionals when
configuring the VNC server.
This ensures that the tls, sasl & websocket options are always
processed and an error is reported back to the user if any of
them were disabled at build time.
Handling of VNC audio messages results in printfs to the console.
This is of no use to anyone in production, so should be using the
normal VNC_DEBUG macro instead.
projects / qemu.git / log