Max Reitz [Wed, 9 May 2018 18:20:01 +0000 (20:20 +0200)]
qemu-img: Resolve relative backing paths in rebase
Currently, rebase interprets a relative path for the new backing image
as follows:
(1) Open the new backing image with the given relative path (thus relative to
qemu-img's working directory).
(2) Write it directly into the overlay's backing path field (thus
relative to the overlay).
If the overlay is not in qemu-img's working directory, both will be
different interpretations, which may either lead to an error somewhere
(either rebase fails because it cannot open the new backing image, or
your overlay becomes unusable because its backing path does not point to
a file), or, even worse, it may result in your rebase being performed
for a different backing file than what your overlay will point to after
the rebase.
Fix this by interpreting the target backing path as relative to the
overlay, like qemu-img does everywhere else.
Max Reitz [Wed, 9 May 2018 19:43:02 +0000 (21:43 +0200)]
iotests: Let 216 make use of qemu-io's exit code
As a showcase of how you can use qemu-io's exit code to determine
success or failure (same for qemu-img), this test is changed to use
qemu_io_silent() instead of qemu_io(), and to assert the exit code
instead of logging the filtered result.
One real advantage of this is that in case of an error, you get a
backtrace that helps you locate the issue in the test file quickly.
Max Reitz [Wed, 9 May 2018 19:43:01 +0000 (21:43 +0200)]
iotests.py: Add qemu_io_silent
With qemu-io now returning a useful exit code, some tests may find it
sufficient to just query that instead of logging (and filtering) the
whole output.
Max Reitz [Wed, 9 May 2018 19:43:00 +0000 (21:43 +0200)]
qemu-io: Exit with error when a command failed
Currently, qemu-io basically always returns success when it gets to
interactive mode (so once the whole command line has been parsed; even
before the commands on the command line are interpreted). That is not
very useful.
This patch makes qemu-io return failure when any of the executed
commands failed.
Max Reitz [Wed, 9 May 2018 19:42:58 +0000 (21:42 +0200)]
qemu-io: Drop command functions' return values
For qemu-io, a function returns an integer with two possible values: 0
for "qemu-io may continue execution", or 1 for "qemu-io should exit".
However, there is only a single command that returns 1, and that is
"quit".
So let's turn this case into a global variable instead so we can make
better use of the return value in a later patch.
Max Reitz [Wed, 9 May 2018 20:00:59 +0000 (22:00 +0200)]
iotests: Repairing error during snapshot deletion
This adds a test for an I/O error during snapshot deletion, and maybe
more importantly, for how to repair the resulting image. If the
snapshot has been deleted before the error occurs, the only negative
result will be leaked clusters -- and those should be repairable with
qemu-img check -r leaks.
Max Reitz [Wed, 9 May 2018 20:00:58 +0000 (22:00 +0200)]
qcow2: Repair OFLAG_COPIED when fixing leaks
Repairing OFLAG_COPIED is usually safe because it is done after the
refcounts have been repaired. Therefore, it we did not find anyone else
referencing a data or L2 cluster, it makes no sense to not set
OFLAG_COPIED -- and the other direction (clearing OFLAG_COPIED) is
always safe, anyway, it may just induce leaks.
Furthermore, if OFLAG_COPIED is actually consistent with a wrong (leaky)
refcount, we will decrement the refcount with -r leaks, but OFLAG_COPIED
will then be wrong. qemu-img check should not produce images that are
more corrupted afterwards then they were before.
Max Reitz [Wed, 9 May 2018 21:00:23 +0000 (23:00 +0200)]
iotests: Rework 113
This test case has been broken since 398e6ad014df261d (roughly half a
year). qemu-img amend requires its output image to be R/W, so it opens
it as such; the node is then turned into an read-only node automatically
which is now accompanied by a warning, however. This warning has not
been part of the reference output.
For one thing, this warning shows that we cannot keep the test case as
it is. We would need a format that has no create_opts but that does
have write support -- we do not have such a format, though.
Another thing is that qemu now actually checks whether an image format
supports amendment instead of whether it has create_opts (since the
former always implies the latter). So we can now use any format that
does not support amendment (even if it supports creation) and thus test
the same code path.
The reason nobody has noticed the breakage until now of course is the
fact that nobody runs the iotests for nbd+bochs. There actually was
never any reason to set the protocol to "nbd" but because that was
technically correct; functionally it made no difference. So that is the
first thing we are going to change: Make the protocol "file" instead so
that people might actually notice breakage here.
Secondly, now that bochs no longer works for the amend test case, we
have to change the format there anyway. Set let us just bend the truth
a bit, declare this test a raw test. In fact, that does not even
concern the bochs test cases, other than the output now reading 'bochs'
instead of 'IMGFMT'.
So with this test now being a raw test, we can rework the amend test
case to use raw instead.
Max Reitz [Wed, 9 May 2018 21:00:21 +0000 (23:00 +0200)]
qemu-img: Recognize no creation support in -o help
The only users of print_block_option_help() are qemu-img create and
qemu-img convert for the output image, so this function is always used
for image creation (it used to be used for amendment also, but that is
no longer the case).
So if image creation is not supported by either the format or the
protocol, there is no need to print any option description, because the
user cannot create an image like this anyway.
Max Reitz [Wed, 9 May 2018 21:00:20 +0000 (23:00 +0200)]
qemu-img: Add print_amend_option_help()
The more generic print_block_option_help() function is not really
suitable for qemu-img amend, for a couple of reasons:
(1) We do not need to append the protocol-level options, as amendment
happens only on one node and does not descend downwards to its
children.
(2) print_block_option_help() says those options are "supported". For
option amendment, we do not really know that. So this new function
explicitly says that those options are the creation options, and not
all of them may be supported.
(3) If the driver does not support option amendment, we should not print
anything (except for an error message that amendment is not
supported).
Max Reitz [Wed, 9 May 2018 21:00:18 +0000 (23:00 +0200)]
block: Add Error parameter to bdrv_amend_options
Looking at the qcow2 code that is riddled with error_report() calls,
this is really how it should have been from the start.
Along the way, turn the target_version/current_version comparisons at
the beginning of qcow2_downgrade() into assertions (the caller has to
make sure these conditions are met), and rephrase the error message on
using compat=1.1 to get refcount widths other than 16 bits.
Max Reitz [Wed, 9 May 2018 21:00:17 +0000 (23:00 +0200)]
qemu-img: Amendment support implies create_opts
Instead of checking whether a driver has a non-NULL create_opts we
should check whether it supports image amendment in the first place. If
it does, it must have create_opts.
On the other hand, if it does not have create_opts (so it does not
support amendment either), the error message "does not support any
options" is a bit useless. Stating clearly that the driver has no
amendment support whatsoever is probably better.
Max Reitz [Wed, 9 May 2018 21:53:36 +0000 (23:53 +0200)]
iotests: Add creation test to 153
This patch adds a test case to 153 which tries to overwrite an image
(using qemu-img create) while it is in use. Without the original user
explicitly sharing the necessary permissions (writing and truncation),
this should not be allowed.
Max Reitz [Wed, 9 May 2018 21:53:35 +0000 (23:53 +0200)]
block/file-posix: File locking during creation
When creating a file, we should take the WRITE and RESIZE permissions.
We do not need either for the creation itself, but we do need them for
clearing and resizing it. So we can take the proper permissions by
replacing O_TRUNC with an explicit truncation to 0, and by taking the
appropriate file locks between those two steps.
Max Reitz [Wed, 9 May 2018 21:53:34 +0000 (23:53 +0200)]
block/file-posix: Pass FD to locking helpers
raw_apply_lock_bytes() and raw_check_lock_bytes() currently take a
BDRVRawState *, but they only use the lock_fd field. During image
creation, we do not have a BDRVRawState, but we do have an FD; so if we
want to reuse the functions there, we should modify them to receive only
the FD.
* remotes/vivier/tags/m68k-for-3.0-pull-request:
target/m68k: Merge disas_m68k_insn into m68k_tr_translate_insn
target/m68k: Improve ending TB at page boundaries
target/m68k: Convert to TranslatorOps
target/m68k: Convert to DisasContextBase
target/m68k: Rename DISAS_UPDATE and gen_lookup_tb
target/m68k: Use lookup_and_goto_tb for DISAS_JUMP
target/m68k: Remove DISAS_JUMP_NEXT as unused
target/m68k: Replace DISAS_TB_JUMP with DISAS_NORETURN
target/m68k: Use DISAS_NORETURN for exceptions
Rather than limit total TB size to PAGE-32 bytes, end the TB when
near the end of a page. This should provide proper semantics of
SIGSEGV when executing near the end of a page.
* remotes/jnsnow/tags/ide-pull-request: (30 commits)
ide: introduce ide_transfer_start_norecurse
atapi: call ide_set_irq before ide_transfer_start
ide: make ide_transfer_stop idempotent
ide: call ide_cmd_done from ide_transfer_stop
ide: push end_transfer_func out of start_transfer callback, rename callback
ahci: move PIO Setup FIS before transfer, fix it for ATAPI commands
libqos/ahci: track sector size
MAINTAINERS: Add the cdrom-test to John's section
tests/cdrom-test: Test that -cdrom parameter is working
tests/cdrom-test: Test booting from CD-ROM ISO image file
tests/boot-sector: Add magic bytes to s390x boot code header
ahci: make ahci_mem_write traces more descriptive
ahci: delete old host register address definitions
ahci: adjust ahci_mem_write to work on registers
ahci: fix spacing damage on ahci_mem_write
ahci: make mem_read_32 traces more descriptive
ahci: modify ahci_mem_read_32 to work on register numbers
ahci: fix host register max address
ahci: add host register enumeration
ahci: delete old port register address definitions
...
target/m68k: Rename DISAS_UPDATE and gen_lookup_tb
The name gen_lookup_tb is at odds with tcg_gen_lookup_and_goto_tb.
For these cases, we do indeed want to exit back to the main loop.
Similarly, DISAS_UPDATE performs no actual update, whereas DISAS_EXIT
does what it says.
Paolo Bonzini [Wed, 6 Jun 2018 19:09:55 +0000 (15:09 -0400)]
ide: introduce ide_transfer_start_norecurse
For the case where the end_transfer_func is also the caller of
ide_transfer_start, the mutual recursion can lead to unlimited
stack usage. Introduce a new version that can be used to change
tail recursion into a loop, and use it in trace_ide_atapi_cmd_reply_end.
Paolo Bonzini [Wed, 6 Jun 2018 19:09:54 +0000 (15:09 -0400)]
atapi: call ide_set_irq before ide_transfer_start
The ATAPI_INT_REASON_IO interrupt is raised when I/O starts, but in the
AHCI case ide_set_irq was actually called at the end of a mutual recursion.
Move it early, with the side effect that ide_transfer_start becomes a tail
call in ide_atapi_cmd_reply_end.
Paolo Bonzini [Wed, 6 Jun 2018 19:09:53 +0000 (15:09 -0400)]
ide: make ide_transfer_stop idempotent
There is code checking s->end_transfer_func and it was not taught about
ide_transfer_cancel. We can just use ide_transfer_stop because
s->end_transfer_func is only ever called in the DRQ phase.
ide_transfer_cancel can then be removed, since it would just be
calling ide_transfer_halt.
Paolo Bonzini [Wed, 6 Jun 2018 19:09:51 +0000 (15:09 -0400)]
ide: push end_transfer_func out of start_transfer callback, rename callback
Now that end_transfer_func is a tail call in ahci_start_transfer,
formalize the fact that the callback (of which ahci_start_transfer is
the sole implementation) takes care of the transfer too: rename it to
pio_transfer and, if it is present, call the end_transfer_func as soon
as it returns.
John Snow [Wed, 6 Jun 2018 19:09:50 +0000 (15:09 -0400)]
ahci: move PIO Setup FIS before transfer, fix it for ATAPI commands
The PIO Setup FIS is written in the PIO:Entry state, which comes before
the ATA and ATAPI data transfer states. As a result, the PIO Setup FIS
interrupt is now raised before DMA ends for ATAPI commands, and tests have
to be adjusted.
This is also hinted by the description of the command header in the AHCI
specification, where the "A" bit is described as
When ‘1’, indicates that a PIO setup FIS shall be sent by the device
indicating a transfer for the ATAPI command.
and also by the description of the ACMD (ATAPI command region):
The ATAPI command must be either 12 or 16 bytes in length. The length
transmitted by the HBA is determined by the PIO setup FIS that is sent
by the device requesting the ATAPI command.
QEMU, which conflates the "generator" and the "receiver" of the FIS into
one device, always uses ATAPI_PACKET_SIZE, aka 12, for the length.
John Snow [Wed, 6 Jun 2018 19:09:49 +0000 (15:09 -0400)]
libqos/ahci: track sector size
It's not always 512, and it does wind up mattering for PIO tranfers,
because this means DRQ blocks are four times as big for ATAPI.
Replace an instance of 2048 with the correct define, too.
This patch by itself winds changing no behavior. fis->count is ignored
for CMD_PACKET, and sect_count only gets used in non-ATAPI cases.
Thomas Huth [Fri, 8 Jun 2018 17:17:39 +0000 (13:17 -0400)]
MAINTAINERS: Add the cdrom-test to John's section
The cdrom-test checks various block types - IDE, SCSI and
virtio, so it's a little bit hard to decide where this should
belong to in the MAINTAINERS file. But John volunteered to take
it, so let's put it into the IDE section for now.
Thomas Huth [Fri, 8 Jun 2018 17:17:39 +0000 (13:17 -0400)]
tests/cdrom-test: Test that -cdrom parameter is working
Commit 1454509726719e0933c800 recently broke the "-cdrom" parameter
on a couple of boards without us noticing it immediately. Thus let's
add a test which checks that "-cdrom" can at least be used to start
QEMU with certain machine types.
Thomas Huth [Fri, 8 Jun 2018 17:17:39 +0000 (13:17 -0400)]
tests/cdrom-test: Test booting from CD-ROM ISO image file
We already have the code for a boot file in tests/boot-sector.c,
so if the genisoimage program is available, we can easily create
a bootable CD ISO image that we can use for testing whether our
CD-ROM emulation and the BIOS CD-ROM boot works correctly.
Thomas Huth [Fri, 8 Jun 2018 17:17:39 +0000 (13:17 -0400)]
tests/boot-sector: Add magic bytes to s390x boot code header
We're going to use the s390x boot code for testing CD-ROM booting.
But the ISO loader of the s390-ccw bios is a little bit more picky
than the network loader and expects some magic bytes in the header
of the file (see linux_s390_magic in pc-bios/s390-ccw/bootmap.c), so
we've got to add them in our boot code here, too.
John Snow [Fri, 8 Jun 2018 17:17:36 +0000 (13:17 -0400)]
ahci: make port read traces more descriptive
A trace is added to let us watch unimplemented registers specifically,
as these are more likely to cause us trouble. Otherwise, the port read
traces now tell us what register is getting hit, which is nicer.
John Snow [Fri, 8 Jun 2018 17:17:36 +0000 (13:17 -0400)]
ahci: fix PxCI register race
Fixes: https://bugs.launchpad.net/qemu/+bug/1769189
AHCI presently signals completion prior to the PxCI register being
cleared to indicate completion. If a guest driver attempts to issue
a new command in its IRQ handler, it might be surprised to learn there
is still a command pending.
In the case of Windows 10's boot driver, it will actually poll the IRQ
register hoping to find out when the command is done running -- which
will never happen, as there isn't a command running.
Fix this: clear PxCI in ahci_cmd_done and not in the asynchronous BH.
Because it now runs synchronously, we don't need to check if the command
is actually done by spying on the ATA registers. We know it's done.
Peter Maydell [Fri, 8 Jun 2018 15:26:51 +0000 (16:26 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20180608' into staging
target-arm queue:
* arm_gicv3_kvm: fix migration of registers corresponding to
IRQs 992 to 1020 in the KVM GIC
* aspeed: remove ignore_memory_transaction_failures on all boards
* aspeed: add support for the witherspoon-bmc board
* aspeed: add an I2C RTC device and EEPROM I2C devices
* aspeed: add the pc9552 chips to the witherspoon machine
* ftgmac100: fix various bugs
* hw/arm: Remove the deprecated xlnx-ep108 machine
* hw/i2c: Add trace events
* add missing '\n' on various qemu_log() logging strings
* sdcard: clean up spec version support so we report the
right spec version to the guest and only implement the
commands that are supposed to be present in that version
CMD8 is newly added in the Physical Layer Specification Version
2.00 to support multiple voltage ranges and used to check whether
the card supports supplied voltage. The version 2.00 or later host
shall issue CMD8 and verify voltage before card initialization.
The host that does not support CMD8 shall supply high voltage range.
sdcard: Update the Configuration Register (SCR) to Spec Version 1.10
The initial implementation is based on the Specs v1.10 (see a1bb27b1e98).
However the SCR is anouncing the card being v1.01.
The new chapters added in version 1.10 are:
4.3.10 Switch function command
Switch function command (CMD6) 1 is used to switch or expand
memory card functions. [...]
This is a new feature, introduced in SD physical Layer
Specification Version 1.10. Therefore, cards that are
compatible with earlier versions of the spec do not support
it. The host shall check the "SD_SPEC" field in the SCR
register to recognize what version of the spec the card
complies with before using CMD6. It is mandatory for SD
memory card of Ver1.10 to support CMD6.
4.3.11 High-Speed mode (25MB/sec interface speed)
Though the Rev 1.01 SD memory card supports up to 12.5MB/sec
interface speed, the speed of 25MB/sec is necessary to support
increasing performance needs of the host and because of memory
size which continues to grow.
To achieve 25MB/sec interface speed, clock rate is increased to
50MHz and CLK/CMD/DAT signal timing and circuit conditions are
reconsidered and changed from Physical Layer Specification
Version 1.01.
4.3.12 Command system (This chapter is newly added in version 1.10)
SD commands CMD34-37, CMD50, CMD57 are reserved for SD command
system expansion via the switch command.
[These commands] will be considered as illegal commands (as
defined in revision 1.01 of the SD physical layer specification).
The SWITCH_FUNCTION is implemented since the first commit, a1bb27b1e98.
The 25MB/sec High-Speed mode was already updated in d7ecb867529.
The current implementation does not implements CMD34-37, CMD50 and
CMD57, thus these commands already return ILLEGAL.
With this patch, the SCR register now matches the description of the header:
* SD Memory Card emulation as defined in the "SD Memory Card Physical
* layer specification, Version 1.10."
Thomas Huth [Fri, 8 Jun 2018 12:15:32 +0000 (13:15 +0100)]
hw/arm: Remove the deprecated xlnx-ep108 machine
It has been marked as deprecated since QEMU v2.11, so it is time to
remove this now. The xlnx-zcu102 machine is very much the same and
can be used as a replacement instead.
The ftgmac100 NIC supports VLAN tag insertion and the MAC engine also
has a control to remove VLAN tags from received packets.
The VLAN control bits and VLAN tag information are contained in the
second word of the transmit and receive descriptors. The Insert VLAN
bit and the VLAN Tag available bit are only valid in the first segment
of the packet.
ftgmac100: compute maximum frame size depending on the protocol
The maximum frame size includes the CRC and depends if a VLAN tag is
inserted or not. Adjust the frame size limit in the transmit handler
using on the FTGMAC100State buffer size and in the receive handler use
the packet protocol.
This is an helper routine to add a single EEPROM on an I2C bus. It can
be directly used by smbus_eeprom_init() which adds a certain number of
EEPROMs on mips and x86 machines.
The Witherspoon boards are OpenPOWER system hosting POWER9 Processors.
Add support for their BMC including a couple of I2C devices as found
on real HW.
Shannon Zhao [Fri, 8 Jun 2018 12:15:32 +0000 (13:15 +0100)]
arm_gicv3_kvm: kvm_dist_get/put: skip the registers banked by GICR
While we skip the GIC_INTERNAL irqs, we don't change the register offset
accordingly. This will overlap the GICR registers value and leave the
last GIC_INTERNAL irq's registers out of update.
Fix this by skipping the registers banked by GICR.
Also for migration compatibility if the migration source (old version
qemu) doesn't send gicd_no_migration_shift_bug = 1 to destination, then
we shift the data of PPI to get the right data for SPI.
slirp: correct size computation while concatenating mbuf
While reassembling incoming fragmented datagrams, 'm_cat' routine
extends the 'mbuf' buffer, if it has insufficient room. It computes
a wrong buffer size, which leads to overwriting adjacent heap buffer
area. Correct this size computation in m_cat.
Peter Maydell [Thu, 7 Jun 2018 15:22:57 +0000 (16:22 +0100)]
Merge remote-tracking branch 'remotes/gkurz/tags/for-upstream' into staging
Mostly bug fixes and code sanitization motivated by the upcoming
support for Darwin hosts. Thanks to Keno Fischer.
# gpg: Signature made Thu 07 Jun 2018 11:30:56 BST
# gpg: using RSA key 71D4D5E5822F73D6
# gpg: Good signature from "Greg Kurz <[email protected]>"
# gpg: aka "Gregory Kurz <[email protected]>"
# gpg: aka "[jpeg image of size 3330]"
# Primary key fingerprint: B482 8BAF 9431 40CE F2A3 4910 71D4 D5E5 822F 73D6
* remotes/gkurz/tags/for-upstream:
9p: xattr: Properly translate xattrcreate flags
9p: Properly check/translate flags in unlinkat
9p: local: Avoid warning if FS_IOC_GETVERSION is not defined
9p: xattr: Fix crashes due to free of uninitialized value
9p: Move a couple xattr functions to 9p-util
9p: local: Properly set errp in fstatfs error path
9p: proxy: Fix size passed to `connect`
Keno Fischer [Thu, 7 Jun 2018 10:17:22 +0000 (12:17 +0200)]
9p: xattr: Properly translate xattrcreate flags
As with unlinkat, these flags come from the client and need to
be translated to their host values. The protocol values happen
to match linux, but that need not be true in general.
projects / qemu.git / log