target-i386: Attach ICC bus to CPU on its creation
X86CPU should have parent bus so it could provide bus for child APIC.
The commit makes it mandatory to pass a valid ICC bus to cpu_x86_create,
but cpu_x86_init just passes NULL to it.
xen_machine_pv uses cpu_x86_init, therefore it has been broken.
This patch fixes the problem by removing the dummy CPU creation
altogether from xen_init_pv, relying on the fact that QEMU can now cope
with a machine without an emulated CPU.
Anthony Liguori [Mon, 3 Jun 2013 13:37:54 +0000 (08:37 -0500)]
Merge remote-tracking branch 'kraxel/usb.83' into staging
# By Gerd Hoffmann (5) and others
# Via Gerd Hoffmann
* kraxel/usb.83:
xhci: add live migration support
xhci: add xhci_init_epctx
xhci: add xhci_alloc_epctx
xhci: add XHCISlot->addressed
pci: add VMSTATE_MSIX
host-libusb: Correct test for USB packet state
Fix usage of USB_DEV_FLAG_IS_HOST flag.
Anthony Liguori [Mon, 3 Jun 2013 13:37:44 +0000 (08:37 -0500)]
Merge remote-tracking branch 'mjt/trivial-patches' into staging
# By Ed Maste (3) and others
# Via Michael Tokarev
* mjt/trivial-patches:
do not check pointers after dereferencing them
m25p80: Add Micron n25q032a
qemu: fix out of tree cross compile
slirp: cleanup leftovers from misc.h
migration: Remove duplicate bandwidth_limit set
docs: Fix typo and update file in migration
configure: try pkg-config ncurses first
rtc: remove rtc_set_date
linux-user: Fix typo in comment
configure: remove confusing file manipulation
debugcon: fix compiler warning when open DEBUG_DEBUGCON
debugcon: make debug message more readable
debugcon: fix always print "addr=0x0, val=0x0" bug when use DEBUG_DEBUGCON
Remove unnecessary break statements
don't run pkg-config for features explicitly disabled
Commit d08151bf (conversion of tcx to the memory API) broke the 24-bit mode of
the tcx display adapter by accidentally passing in the final address of the
dirty region to memory_region_reset_dirty() instead of its size.
Remove some code duplication by adding a
function to look up the fw cfg file.
This way, we don't need to duplicate same strings everywhere.
Use by both fw cfg and pvpanic device.
firmware_abi.h with structs for OpenBIOS landed in hw/sparc/ by mistake
- move it to hw/nvram/ alongside fw_cfg.h. In addition to sparc it's
included from ppc mac_nvram.c and will need to include it from prep.c in
the future.
Ed Maste [Fri, 24 May 2013 20:07:00 +0000 (16:07 -0400)]
configure: try pkg-config ncurses first
When probing for ncurses, try pkg-config first rather than after
explicit -lncurses and -lcurses. This fixes static linking in the case
that ncurses has additional dependencies, such as -ltinfo (as on FreeBSD).
Ed Maste [Wed, 22 May 2013 13:21:39 +0000 (09:21 -0400)]
configure: remove confusing file manipulation
The configure script had some code to manipulate config-host.ld~ (i.e.,
a common backup filename), comparing it with the newly-generated file.
I believe the sense of the comparison was backwards.
Since it seemed to serve little purpose anyway, remove it to avoid any
confusion.
liguang [Fri, 24 May 2013 02:47:33 +0000 (10:47 +0800)]
debugcon: fix compiler warning when open DEBUG_DEBUGCON
compiler warnings:
CC hw/char/debugcon.o
hw/char/debugcon.c: In function ‘debugcon_ioport_write’:
hw/char/debugcon.c:58: warning: format ‘%02x’ expects type ‘unsigned int’, but argument 3 has type ‘uint64_t’
hw/char/debugcon.c: In function ‘debugcon_ioport_read’:
hw/char/debugcon.c:70: warning: format ‘%04x’ expects type ‘unsigned int’, but argument 2 has type ‘hwaddr’
target-i386: Fix aflag logic for CODE64 and the 0x67 prefix
The code reorganization in commit 4a6fd938 broke handling of PREFIX_ADR.
While fixing this, tidy and comment the code so that it's more obvious
what's going on in setting both aflag and dflag.
The TARGET_X86_64 ifdef can be eliminated because CODE64 expands to the
constant zero when TARGET_X86_64 is undefined.
With the ccw ipl code sometimes an error message like
"virtio: trying to map MMIO memory" or
"Guest moved used index from %u to %u" appeared. Turns out
that the ccw bios did not zero out the vring, which might
cause stale values in avail->idx and friends, especially
on reboot.
Lets zero out the relevant fields. To activate the patch we
need to rebuild s390-ccw.img as well.
Anthony Liguori [Fri, 31 May 2013 16:33:02 +0000 (11:33 -0500)]
Merge remote-tracking branch 'mdroth/qga-pull-2013-05-30' into staging
# By Laszlo Ersek
# Via Michael Roth
* mdroth/qga-pull-2013-05-30:
Makefile: create ".../var/run" when installing the POSIX guest agent
qga: save state directory in ga_install_service()
qga: remove undefined behavior in ga_install_service()
qga: create state directory on win32
configure: don't save any fixed local_statedir for win32
qga: determine default state dir and pidfile dynamically
osdep: add qemu_get_local_state_pathname()
Anthony Liguori [Fri, 31 May 2013 16:32:32 +0000 (11:32 -0500)]
Merge remote-tracking branch 'luiz/queue/qmp' into staging
# By Luiz Capitulino (1) and others
# Via Luiz Capitulino
* luiz/queue/qmp:
target-i386: Fix mask of pte index in memory mapping
target-i386: fix abort on bad PML4E/PDPTE/PDE/PTE addresses
qapi: pad GenericList value fields to 64 bits
Anthony Liguori [Fri, 31 May 2013 16:32:25 +0000 (11:32 -0500)]
Merge remote-tracking branch 'bonzini/iommu-for-anthony' into staging
# By Paolo Bonzini
# Via Paolo Bonzini
* bonzini/iommu-for-anthony: (22 commits)
memory: add return value to address_space_rw/read/write
memory: propagate errors on I/O dispatch
exec: just use io_mem_read/io_mem_write for 8-byte I/O accesses
memory: correctly handle endian-swapped 64-bit accesses
memory: split accesses even when the old MMIO callbacks are used
memory: add big endian support to access_with_adjusted_size
memory: accept mismatching sizes in memory_region_access_valid
memory: add address_space_access_valid
exec: implement .valid.accepts for subpages
memory: export memory_region_access_valid to exec.c
exec: introduce memory_access_size
exec: introduce memory_access_is_direct
exec: expect mr->ops to be initialized for ROM
memory: assign MemoryRegionOps to all regions
memory: move unassigned_mem_ops to memory.c
memory: add address_space_translate
memory: dispatch unassigned accesses based on .valid.accepts
exec: do not use error_mem_read
exec: make io_mem_unassigned private
cputlb: simplify tlb_set_page
...
Qiao Nuohan [Thu, 30 May 2013 15:07:54 +0000 (17:07 +0200)]
target-i386: Fix mask of pte index in memory mapping
Function walk_pte() needs pte index to calculate virtual address.
However, pte index of PAE paging or IA-32e paging is 9 bit, so the mask
should be 0x1ff.
Luiz Capitulino [Tue, 28 May 2013 18:19:22 +0000 (14:19 -0400)]
target-i386: fix abort on bad PML4E/PDPTE/PDE/PTE addresses
The code used to walk IA-32e page-tables, and possibly PAE page-tables,
uses the bit mask ~0xfff to get the next PML4E/PDPTE/PDE/PTE address.
However, as we use a uint64_t to store the resulting address, that mask
gets expanded to 0xfffffffffffff000 which not only ends up selecting
reserved bits but also selects the XD bit (execute-disable) which
happens to be enabled by Windows 8, causing qemu_get_ram_ptr() to abort.
This commit fixes that problem by replacing ~0xfff by a correct mask
that only selects the address bit range (ie. bits 51:12).
Amos Kong [Wed, 29 May 2013 07:56:42 +0000 (15:56 +0800)]
qdev: fix get_fw_dev_path to support to add nothing to fw_dev_path
Recent virtio refactoring in QEMU made virtio-bus become the parent bus
of scsi-bus, and virtio-bus doesn't have get_fw_dev_path implementation,
typename will be added to fw_dev_path by default, the new fw_dev_path
could not be identified by seabios. It causes that bootindex parameter
of scsi device doesn't work.
This patch implements get_fw_dev_path() in BusClass, it will be called
if bus doesn't implement the method, tyename will be added to
fw_dev_path. If the implemented method returns NULL, nothing will be
added to fw_dev_path.
It also implements virtio_bus_get_fw_dev_path() to return NULL. Then
QEMU will still pass original style of fw_dev_path to seabios.
Signed-off-by: Amos Kong <[email protected]> Reviewed-by: Paolo Bonzini <[email protected]> Reviewed-by: Laszlo Ersek <[email protected]>
Message-id: 1369814202[email protected]
--
v2: only add nothing to fw_dev_path when get_fw_dev_path() is
implemented and returns NULL. then it will not effect other devices
don't have get_fw_dev_path() implementation.
v3: implement default get_fw_dev_path() in BusClass Signed-off-by: Anthony Liguori <[email protected]>
Laszlo Ersek [Sat, 18 May 2013 04:31:49 +0000 (06:31 +0200)]
qga: determine default state dir and pidfile dynamically
No effective change on POSIX, but on Win32 the defaults come from the
environment / session.
Since commit 39097daf ("qemu-ga: use key-value store to avoid recycling fd
handles after restart") we've relied on the state directory for the fd
handles' key-value store. Even though we don't support the guest-file-*
commands on win32 yet, the key-value store is written, and it's the first
use of the state directory on win32. We should have a sensible default for
its location.
[...] This folder is used for application data that is not user
specific. For example, an application can store a spell-check
dictionary, a database of clip art, or a log file in the
CSIDL_COMMON_APPDATA folder. [...]
Michael Roth [Mon, 27 May 2013 03:20:58 +0000 (22:20 -0500)]
qapi: pad GenericList value fields to 64 bits
With the introduction of native list types, we now have types such as
int64List where the 'value' field is not a pointer, but the actual
64-bit value.
On 32-bit architectures, this can lead to situations where 'next' field
offset in GenericList does not correspond to the 'next' field in the
types that we cast to GenericList when using the visit_next_list()
interface, causing issues when we attempt to traverse linked list
structures of these types.
To fix this, pad the 'value' field of GenericList and other
schema-defined/native *List types out to 64-bits.
This is less memory-efficient for 32-bit architectures, but allows us to
continue to rely on list-handling interfaces that target GenericList to
simply visitor implementations.
In the future we can improve efficiency by defaulting to using native C
array backends to handle list of non-pointer types, which would be more
memory efficient in itself and allow us to roll back this change.
Paolo Bonzini [Fri, 24 May 2013 15:48:52 +0000 (17:48 +0200)]
memory: accept mismatching sizes in memory_region_access_valid
The memory API is able to use smaller/wider accesses than requested,
match that in memory_region_access_valid. Of course, the accepts
callback is still free to reject those accesses.
Paolo Bonzini [Thu, 11 Apr 2013 13:40:59 +0000 (15:40 +0200)]
memory: add address_space_access_valid
The old-style IOMMU lets you check whether an access is valid in a
given DMAContext. There is no equivalent for AddressSpace in the
memory API, implement it with a lookup of the dispatch tree.
Paolo Bonzini [Fri, 24 May 2013 11:55:52 +0000 (13:55 +0200)]
memory: assign MemoryRegionOps to all regions
This allows to remove the checks on section->readonly. Simply,
write accesses to ROM will not be considered "direct" and will
go through mr->ops without any special intervention.
Paolo Bonzini [Fri, 24 May 2013 10:59:37 +0000 (12:59 +0200)]
memory: add address_space_translate
Using phys_page_find to translate an AddressSpace to a MemoryRegionSection
is unwieldy. It requires to pass the page index rather than the address,
and later memory_region_section_addr has to be called. Replace
memory_region_section_addr with a function that does all of it: call
phys_page_find, compute the offset within the region, and check how
big the current mapping is. This way, a large flat region can be written
with a single lookup rather than a page at a time.
address_space_translate will also provide a single point where IOMMU
forwarding is implemented.
Paolo Bonzini [Fri, 24 May 2013 12:48:38 +0000 (14:48 +0200)]
memory: dispatch unassigned accesses based on .valid.accepts
This provides the basics for detecting accesses to unassigned memory
as soon as they happen, and also for a simple implementation of
address_space_access_valid.
Stefan Hajnoczi [Mon, 27 May 2013 13:28:51 +0000 (15:28 +0200)]
tests: set MALLOC_PERTURB_ to expose memory bugs
glibc wipes malloc(3) memory when the MALLOC_PERTURB_ environment
variable is set. The value of the environment variable determines the
bit pattern used to wipe memory. For more information, see
http://udrepper.livejournal.com/11429.html.
Set MALLOC_PERTURB_ for gtester and qemu-iotests. Note we pick a random
value from 1 to 255 to expose more bugs. If you need to reproduce a
crash use 'show environment' in gdb to extract the MALLOC_PERTURB_
value from a core dump.
Both make check and qemu-iotests pass with MALLOC_PERTURB_ enabled.
Jordan Justen [Wed, 29 May 2013 08:27:27 +0000 (01:27 -0700)]
pc_sysfw: allow flash (-pflash) memory to be used with KVM
When pc-sysfw.rom_only == 0, flash memory will be
usable with kvm. In order to enable flash memory mode,
a pflash device must be created. (For example, by
using the -pflash command line parameter.)
Usage of a flash memory device with kvm requires
KVM_CAP_READONLY_MEM, and kvm will abort if
a flash device is used with an older kvm which does
not support this capability.
If a flash device is not used, then qemu/kvm will
operate in the original rom-mode.
Jordan Justen [Wed, 29 May 2013 08:27:26 +0000 (01:27 -0700)]
kvm: support using KVM_MEM_READONLY flag for regions
For readonly memory regions and rom devices in romd_mode,
we make use of the KVM_MEM_READONLY. A slot that uses
KVM_MEM_READONLY can be read from and code can execute from the
region, but writes will exit to qemu.
For rom devices with !romd_mode, we force the slot to be
removed so reads or writes to the region will exit to qemu.
(Note that a memory region in this state is not executable
within kvm.)
v7:
* Update for readable => romd_mode rename (5f9a5ea1)
Anthony Liguori [Wed, 29 May 2013 13:13:20 +0000 (08:13 -0500)]
Merge remote-tracking branch 'aneesh/for-upstream' into staging
# By Aneesh Kumar K.V (3) and Gabriel de Perthuis (1)
# Via Aneesh Kumar K.V
* aneesh/for-upstream:
hw/9pfs: Be robust against paths without FS_IOC_GETVERSION
hw/9pfs: Use O_NOFOLLOW when opening files on server
hw/9pfs: use O_NOFOLLOW for mapped readlink operation
hw/9pfs: Fix segfault with 9p2000.u
In MacOSX 10.6 and above the NSOpenPanel beginSheetForDirectory
method is deprecated. Use the preferred replacements instead.
We retain the original code for use on earlier MacOSX versions
because the replacement methods don't exist before 10.6.
Avoid the NSOpenPanel filename method (deprecated in MacOSX 10.6)
in favour of using the URL method and extracting the path from the
resulting NSUrl object.
Peter Maydell [Mon, 22 Apr 2013 10:29:47 +0000 (10:29 +0000)]
cocoa: Avoid deprecated CPS* functions
The functions CPSGetCurrentProcess and CPSEnableForegroundOperation
are deprecated in newer versions of MacOSX and cause warning messages
to be logged to the system log. Instead, use the new preferred method
of promoting our console process up to a graphical app with menubar
and Dock icon, which is TransformProcessType. (This function came
in with MacOSX 10.3, so there's no need to retain the old method as
we don't support anything earlier than 10.3 anyway.)
Peter Maydell [Mon, 22 Apr 2013 10:29:46 +0000 (10:29 +0000)]
cocoa: Fix leaks of NSScreen and NSConcreteMapTable
On MacOSX 10.8 QEMU provokes system log messages:
11/03/2013 17:03:29.998 qemu-system-arm[42586]: objc[42586]: Object
0x7ffbf9c2f3b0 of class NSScreen autoreleased with no pool in place - just
leaking - break on objc_autoreleaseNoPool() to debug
11/03/2013 17:03:29.999 qemu-system-arm[42586]: objc[42586]: Object
0x7ffbf9c3a010 of class NSConcreteMapTable autoreleased with no pool in
place - just leaking - break on objc_autoreleaseNoPool() to debug
This is because we call back into Cocoa from threads other than
the UI thread (specifically from the CPU thread). Since we created
these threads via the POSIX API rather than NSThread, they don't have
automatically created autorelease pools. Guard all the functions where
QEMU can call back into the Cocoa UI code with autorelease pools
so that we don't leak any Cocoa objects.
hw/9pfs: use O_NOFOLLOW for mapped readlink operation
With mapped security models like mapped-xattr and mapped-file, we save the
symlink target as file contents. Now if we ever expose a normal directory
with mapped security model and find real symlinks in export path, never
follow them and return proper error.
When guest tries to chmod a block or char device file over 9pfs,
the qemu process segfaults. With 9p2000.u protocol we use wstat to
change mode bits and client don't send extension information for
chmod. We need to check for size field to check whether extension
info is present or not.
Gerd Hoffmann [Mon, 27 May 2013 10:41:24 +0000 (12:41 +0200)]
chardev: fix "info chardev" output
Fill unset CharDriverState->filename with the backend name, so
'info chardev' will return at least the chardev type. Don't
touch it in case the chardev init function filled it already,
like the socket+pty chardevs do for example.
projects / qemu.git / log