Peter Lieven [Mon, 30 Jun 2014 08:57:51 +0000 (10:57 +0200)]
ui/vnc: fix potential memory corruption issues
this patch makes the VNC server work correctly if the
server surface and the guest surface have different sizes.
Basically the server surface is adjusted to not exceed VNC_MAX_WIDTH
x VNC_MAX_HEIGHT and additionally the width is rounded up to multiple of
VNC_DIRTY_PIXELS_PER_BIT.
If we have a resolution whose width is not dividable by VNC_DIRTY_PIXELS_PER_BIT
we now get a small black bar on the right of the screen.
If the surface is too big to fit the limits only the upper left area is shown.
On top of that this fixes 2 memory corruption issues:
The first was actually discovered during playing
around with a Windows 7 vServer. During resolution
change in Windows 7 it happens sometimes that Windows
changes to an intermediate resolution where
server_stride % cmp_bytes != 0 (in vnc_refresh_server_surface).
This happens only if width % VNC_DIRTY_PIXELS_PER_BIT != 0.
The second is a theoretical issue, but is maybe exploitable
by the guest. If for some reason the guest surface size is bigger
than VNC_MAX_WIDTH x VNC_MAX_HEIGHT we end up in severe corruption since
this limit is nowhere enforced.
Peter Lieven [Mon, 30 Jun 2014 08:07:54 +0000 (10:07 +0200)]
ui/vnc: limit client_cut_text msg payload size
currently a malicious client could define a payload
size of 2^32 - 1 bytes and send up to that size of
data to the vnc server. The server would allocated
that amount of memory which could easily create an
out of memory condition.
This patch limits the payload size to 1MB max.
Please note that client_cut_text messages are currently
silently ignored.
Peter Maydell [Tue, 1 Jul 2014 09:28:52 +0000 (10:28 +0100)]
Merge remote-tracking branch 'remotes/bonzini/scsi-next' into staging
* remotes/bonzini/scsi-next:
configure: Fix -lm test, so that tools can be compiled on hosts that require -lm
virtio-scsi: scsi events must be converted to target endianness
virtio-scsi: virtio_scsi_push_event() lacks VirtIOSCSIReq parsing
configure: Fix -lm test, so that tools can be compiled on hosts that require -lm
The existing test whether "-lm" needs to be included or not is
insufficient as it reports false negative on Fedora20/ppc64.
This happens because sin(0.0) is a constant value which compiler
can safely throw away and therefore there is no need to add "-lm".
As the result, qemu-nbd/qemu-io/qemu-img tools cannot compile.
This adds a global variable and uses it in the test to prevent
from optimization.
Signed-off-by: Alexey Kardashevskiy <[email protected]>
[Use Peter's improvement on the test to fool LTO, and remove the
now useless -lm addition in Makefile.target. - Paolo] Signed-off-by: Paolo Bonzini <[email protected]>
Cédric Le Goater [Mon, 30 Jun 2014 15:17:17 +0000 (17:17 +0200)]
virtio-scsi: scsi events must be converted to target endianness
Virtio SCSI Events need to be byteswapped before being pushed
when host and guest have a different endianness. Not doing so
breaks hotplug of virtio scsi disks, with the following error
message being printed in the guest console:
This issue got uncovered while testing disk hotplug with a PowerKVM
ppc64le guest. I have checked that this issue also affects a x86_64
guest run on a ppc64 host.
Hotplug of a virtio scsi disk is currently broken: no disk appears in the
guest (verified with a fedora 20 host running a fedora 20 guest with KVM).
Bisect leeds to Paolo's patches to support any_layout, especially this
commit:
It modifies virtio_scsi_pop_req() so that it is up to the callers to parse
the virtio scsi request. It seems that virtio_scsi_push_event() was not
modified accordingly...
This patch adds a call to virtio_scsi_parse_req(). It also drops some
sanity checks that are already performed by virtio_scsi_parse_req().
Andreas Färber [Wed, 18 Jun 2014 07:57:08 +0000 (00:57 -0700)]
irq: Slim conversion of qemu_irq to QOM
As a prequel to any big Pin refactoring plans, do an in-place conversion
of qemu_irq to an Object, so that we can reference it in link<> properties.
Signed-off-by: Andreas Färber <[email protected]>
[ PC Changes:
* Removed array-alloctor ref counting logic (limit changes just to
* single IRQ allocator)
* Removed WIP marking from subject line
] Reviewed-by: Peter Maydell <[email protected]> Signed-off-by: Peter Crosthwaite <[email protected]> Acked-by: Paolo Bonzini <[email protected]> Signed-off-by: Andreas Färber <[email protected]>
Allocate each IRQ individually on array allocations. This prepares for
QOMification of IRQs, where pointers to individual IRQs may be taken
and handed around for usage as QOM Links. The g_renew() scheme used here
is too fragile and would break all existing links should an IRQ list
be extended.
We now have to pass the IRQ count to qemu_free_irqs(). We have so few
call sites however, so this change is reasonably trivial.
Certain parts of the QOM framework test this pointer to determine if
an object is parented. Nuke it when the object is unparented to allow
for reuse of an object after unparenting.
Paolo Bonzini [Mon, 30 Jun 2014 15:56:08 +0000 (09:56 -0600)]
vfio: use correct runstate
io-error is for block device errors; it should always be preceded
by a BLOCK_IO_ERROR event. I think vfio wants to use
RUN_STATE_INTERNAL_ERROR instead.
Slow BAR access path is used when VFIO fails to mmap() BAR.
Since this is just a transport between the guest and a device, there is
no need to do endianness swapping.
This changes BARs to use native endianness. Since non-ROM BARs were
doing byte swapping, we need to remove it so does the patch.
As the result, this eliminates cancelling byte swaps and there is
no change in behavior for non-ROM BARs.
ROM BARs were declared little endian too but byte swapping was not
implemented for them so they never actually worked on big endian systems
as there was no cancelling byte swap. This fixes endiannes for ROM BARs
by declaring them native endian and only fixing access sizes as it is
done for non-ROM BARs.
Alex Williamson [Mon, 30 Jun 2014 15:50:33 +0000 (09:50 -0600)]
vfio-pci: Fix MSI-X masking performance
There are still old guests out there that over-exercise MSI-X masking.
The current code completely sets-up and tears-down an MSI-X vector on
the "use" and "release" callbacks. While this is functional, it can
slow an old guest to a crawl. We can easily skip the KVM parts of
this so that we keep the MSI route and irqfd setup. We do however
need to switch VFIO to trigger a different eventfd while masked.
Actually, we have the option of continuing to use -1 to disable the
trigger, but by using another EventNotifier we can allow the MSI-X
core to emulate pending bits and re-fire the vector once unmasked.
MSI code gets updated as well to use the same setup and teardown
structures and functions.
Prior to this change, an igbvf assigned to a RHEL5 guest gets about
20Mbps and 50 transactions/s with netperf (remote or VF->PF). With
this change, we get line rate and 3k transactions/s remote or 2Gbps
and 6k+ transactions/s to the PF. No significant change is expected
for newer guests with more well behaved MSI-X support.
Peter Maydell [Mon, 30 Jun 2014 15:13:32 +0000 (16:13 +0100)]
Merge remote-tracking branch 'remotes/bonzini/nbd-next' into staging
* remotes/bonzini/nbd-next:
nbd: Handle NBD_OPT_LIST option.
nbd: Handle fixed new-style clients.
nbd: Shutdown socket before closing.
nbd: Don't validate from and len in NBD_CMD_DISC.
nbd: Don't export a block device with no medium.
Peter Maydell [Mon, 30 Jun 2014 14:42:35 +0000 (15:42 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-cocoa-20140630' into staging
cocoa.next:
* Honour -show-cursor option
* Fix handling of absolute positioning devices
* Cope with first surface being same as initial window size
# gpg: Signature made Mon 30 Jun 2014 13:48:46 BST using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <[email protected]>"
* remotes/pmaydell/tags/pull-cocoa-20140630:
ui/cocoa: Honour -show-cursor command line option
ui/cocoa: Fix handling of absolute positioning devices
ui/cocoa: Add utility method to check if point is within window
ui/cocoa: Cope with first surface being same as initial window size
Peter Maydell [Mon, 30 Jun 2014 14:16:25 +0000 (15:16 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20140630' into staging
target-arm:
* provide PL031 RTC in virt board
* fix missing pxa2xx and strongarm vmstate
* convert cadence_ttc to instance_init
* fix libvixl format strings and README
# gpg: Signature made Mon 30 Jun 2014 13:44:33 BST using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <[email protected]>"
* remotes/pmaydell/tags/pull-target-arm-20140630:
disas/libvixl: Fix wrong format strings
disas/libvixl: Update README for version base
timer: cadence_ttc: Convert to instance_init
hw/arm/pxa2xx_gpio: Correct and register vmstate
hw/arm/pxa2xx_gpio: Fix handling of GPSR/GPCR reads
hw/arm/strongarm: Wire up missing GPIO and PPC vmstate
hw/arm/strongarm: Fix handling of GPSR/GPCR reads
hw/arm/virt: Provide PL031 RTC
Roger Pau Monne [Fri, 23 May 2014 15:57:49 +0000 (17:57 +0200)]
serial: poll the serial console with G_IO_HUP
On FreeBSD polling a master pty while the other end is not connected
with G_IO_OUT only results in an endless wait. This is different from
the Linux behaviour, that returns immediately. In order to demonstrate
this, I have the following example code:
http://xenbits.xen.org/people/royger/test_poll.c
When executed on Linux:
$ ./test_poll
In callback
On FreeBSD instead, the callback never gets called:
$ ./test_poll
So, in order to workaround this, poll the source with G_IO_HUP (which
makes the code behave the same way on both Linux and FreeBSD).
Hani Benhabiles [Sat, 7 Jun 2014 00:32:31 +0000 (01:32 +0100)]
nbd: Handle fixed new-style clients.
When this flag is set, the server tells the client that it can send another
option if the server received a request with an option that it doesn't
understand instead of directly closing the connection.
Also add link to the most up-to-date documentation.
Peter Maydell [Mon, 23 Jun 2014 09:35:25 +0000 (10:35 +0100)]
ui/cocoa: Honour -show-cursor command line option
Honour the -show-cursor command line option (which forces the mouse pointer
to always be displayed even when input is grabbed) in the Cocoa UI backend.
Peter Maydell [Mon, 23 Jun 2014 09:35:24 +0000 (10:35 +0100)]
ui/cocoa: Fix handling of absolute positioning devices
Fix handling of absolute positioning devices, which were basically
unusable for two separate reasons:
(1) as soon as you pressed the left mouse button we would call
CGAssociateMouseAndMouseCursorPosition(FALSE), which means that
the absolute coordinates of the mouse events are never updated
(2) we didn't account for MacOSX coordinate origin being bottom left
rather than top right, and so all the Y values sent to the guest
were inverted
We fix (1) by aligning our behaviour with the SDL UI backend for
absolute devices:
* when the mouse moves into the window we do a grab (which means
hiding the host cursor and sending special keys to the guest)
* when the mouse moves out of the window we un-grab
and fix (2) by doing the correct transformation in the call to
qemu_input_queue_abs().
Peter Maydell [Mon, 23 Jun 2014 09:35:23 +0000 (10:35 +0100)]
ui/cocoa: Add utility method to check if point is within window
Add a utility method to check whether a point is within the current window
bounds, and use it in the various places in the mouse handling code that
were opencoding the check.
Peter Maydell [Mon, 23 Jun 2014 09:35:22 +0000 (10:35 +0100)]
ui/cocoa: Cope with first surface being same as initial window size
Do the recalculation of the content dimensions in switchSurface if the
current cdx is zero as well as if the new surface is a different size to
the current window. This catches the case where the first surface registered
happens to be 640x480 (our current window size), and fixes a bug where we
would always display a black screen until the first surface of a different
size was registered.
Peter Maydell [Sun, 29 Jun 2014 17:38:40 +0000 (18:38 +0100)]
hw/arm/pxa2xx_gpio: Correct and register vmstate
The pxa2xx-gpio device has a VMStateDescription, but it was accidentally
never actually registered, and it wasn't quite correct. Remove the
'lines' field (this is a device property, not mutable state), add the
missing 'prev_level' field, and set dc->vmsd so it actually gets used.
Peter Maydell [Sun, 29 Jun 2014 17:38:40 +0000 (18:38 +0100)]
hw/arm/pxa2xx_gpio: Fix handling of GPSR/GPCR reads
The PXA2xx GPIO GPSR and GPCR registers are write-only, with reads being
undefined behaviour. Instead of having GPCR return 31337 and GPSR return
the value last written, make both log the guest error and return 0.
Peter Maydell [Sun, 29 Jun 2014 17:38:39 +0000 (18:38 +0100)]
hw/arm/strongarm: Fix handling of GPSR/GPCR reads
The StrongARM GPIO GPSR and GPCR registers are write-only, with reads being
undefined behaviour. Instead of having GPCR return 31337 and GPSR return
the value last written, make both log the guest error and return 0.
Peter Maydell [Sun, 29 Jun 2014 17:38:39 +0000 (18:38 +0100)]
hw/arm/virt: Provide PL031 RTC
UEFI mandates that the platform must include an RTC, so provide
one in 'virt', using the PL031. This is also useful for directly
booting Linux kernels which would otherwise have to run ntpdate.
Peter Maydell [Sun, 29 Jun 2014 17:09:51 +0000 (18:09 +0100)]
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
pc,vhost,virtio fixes, enhancements
virtio bi-endian support
new command to resync RTC
misc bugfixes and cleanups
Signed-off-by: Michael S. Tsirkin <[email protected]>
# gpg: Signature made Sun 29 Jun 2014 17:41:13 BST using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <[email protected]>"
# gpg: aka "Michael S. Tsirkin <[email protected]>"
* remotes/mst/tags/for_upstream: (37 commits)
tests: add human format test for string output visitor
vhost-net: disable when cross-endian
target-ppc: enable virtio endian ambivalent support
virtio-9p: use virtio wrappers to access headers
virtio-serial-bus: use virtio wrappers to access headers
virtio-scsi: use virtio wrappers to access headers
virtio-blk: use virtio wrappers to access headers
virtio-balloon: use virtio wrappers to access page frame numbers
virtio-net: use virtio wrappers to access headers
virtio: allow byte swapping for vring
virtio: memory accessors for endian-ambivalent targets
virtio: add endian-ambivalent support to VirtIODevice
cpu: introduce CPUClass::virtio_is_big_endian()
exec: introduce target_words_bigendian() helper
virtio: add subsections to the migration stream
virtio-rng: implement per-device migration calls
virtio-balloon: implement per-device migration calls
virtio-serial: implement per-device migration calls
virtio-blk: implement per-device migration calls
virtio-net: implement per-device migration calls
...
Greg Kurz [Tue, 24 Jun 2014 17:55:03 +0000 (19:55 +0200)]
vhost-net: disable when cross-endian
As of today, vhost assumes guest and host have the same endianness.
This is definitely not compatible with modern PPC64 and ARM that
can change endianness at runtime. Let's disable vhost-net and print
an error message when we detect such a case:
qemu-system-ppc64: vhost-net does not support cross-endian
qemu-system-ppc64: unable to start vhost net: 38: falling back on userspace virtio
This way users can continue to run VMs without changing their setup and
have a chance to know that performance will be impacted.
Greg Kurz [Tue, 24 Jun 2014 17:39:55 +0000 (19:39 +0200)]
virtio: memory accessors for endian-ambivalent targets
This is the virtio-access.h header file taken from Rusty's "endian-ambivalent
targets using legacy virtio" patch. It introduces helpers that should be used
when accessing vring data or by drivers for data that contains headers.
The virtio config space is also target endian, but the current code already
handles that with the virtio_is_big_endian() helper. There is no obvious
benefit at using the virtio accessors in this case.
Now we have two distinct paths: a fast inline one for fixed endian targets,
and a slow out-of-line one for targets that define the new TARGET_IS_BIENDIAN
macro.
Signed-off-by: Rusty Russell <[email protected]>
[ relicensed virtio-access.h to GPLv2+ on Rusty's request,
pass &address_space_memory to physical memory accessors,
per-device endianness,
virtio tswap16 and tswap64 helpers,
faspath for fixed endian targets,
Greg Kurz <[email protected]> ] Cc: Cédric Le Goater <[email protected]> Signed-off-by: Greg Kurz <[email protected]> Reviewed-by: Alexander Graf <[email protected]> Reviewed-by: Michael S. Tsirkin <[email protected]> Signed-off-by: Michael S. Tsirkin <[email protected]>
Greg Kurz [Tue, 24 Jun 2014 17:38:54 +0000 (19:38 +0200)]
virtio: add endian-ambivalent support to VirtIODevice
Some CPU families can dynamically change their endianness. This means we
can have little endian ppc or big endian arm guests for example. This has
an impact on legacy virtio data structures since they are target endian.
We hence introduce a new property to track the endianness of each virtio
device. It is reasonnably assumed that endianness won't change while the
device is in use : we hence capture the device endianness when it gets
reset.
We migrate this property in a subsection, after the device descriptor. This
means the load code must not rely on it until it is restored. As a consequence,
the vring sanity checks had to be moved after the call to vmstate_load_state().
We enforce paranoia by poisoning the property at the begining of virtio_load().
Greg Kurz [Tue, 24 Jun 2014 17:33:21 +0000 (19:33 +0200)]
cpu: introduce CPUClass::virtio_is_big_endian()
If we want to support targets that can change endianness (modern PPC and
ARM for the moment), we need to add a per-CPU class method to be called
from the virtio code. The virtio_ prefix in the name is a hint for people
to avoid misusage (aka. anywhere but from the virtio code).
The default behaviour is to return the compile-time default target
endianness.
Greg Kurz [Tue, 24 Jun 2014 17:26:29 +0000 (19:26 +0200)]
exec: introduce target_words_bigendian() helper
We currently have a virtio_is_big_endian() helper that provides the target
endianness to the virtio code. As of today, the helper returns a fixed
compile-time value. Of course, this will have to change if we want to
support target endianness changes at run-time.
Let's move the TARGET_WORDS_BIGENDIAN bits out to a new helper and have
virtio_is_big_endian() implemented on top of it.
Greg Kurz [Tue, 24 Jun 2014 17:22:30 +0000 (19:22 +0200)]
virtio: add subsections to the migration stream
There is a need to add some more fields to VirtIODevice that should be
migrated (broken status, endianness). The problem is that we do not
want to break compatibility while adding a new feature... This issue has
been addressed in the generic VMState code with the use of optional
subsections. As a *temporary* alternative to port the whole virtio
migration code to VMState, this patch mimics a similar subsectionning
ability for virtio, using the VMState code.
Since each virtio device is streamed in its own section, the idea is to
stream subsections between the end of the device section and the start
of the next sections. This allows an older QEMU to complain and exit
when fed with subsections:
Unknown savevm section type 5
load of migration failed
Greg Kurz [Tue, 24 Jun 2014 17:15:31 +0000 (19:15 +0200)]
virtio: introduce device specific migration calls
In order to migrate virtio subsections, they should be streamed after
the device itself. We need the device specific code to be called from
the common migration code to achieve this. This patch introduces load
and save methods for this purpose.
Alexander Graf [Tue, 24 Jun 2014 17:13:50 +0000 (19:13 +0200)]
virtio-serial: don't migrate the config space
The device configuration is set at realize time and never changes. It
should not be migrated as it is done today. For the sake of compatibility,
let's just skip them at load time.
Cédric Le Goater [Tue, 24 Jun 2014 17:11:32 +0000 (19:11 +0200)]
virtio-net: byteswap virtio-net header
TCP connectivity fails when the guest has a different endianness.
The packets are silently dropped on the host by the tap backend
when they are read from user space because the endianness of the
virtio-net header is in the wrong order. These lines may appear
in the guest console:
[ 454.709327] skbuff: bad partial csum: csum=8704/4096 len=74
[ 455.702554] skbuff: bad partial csum: csum=8704/4096 len=74
The issue that got first spotted with a ppc64le PowerKVM guest,
but it also exists for the less common case of a x86_64 guest run
by a big-endian ppc64 TCG hypervisor.
Damjan Marion [Thu, 26 Jun 2014 21:01:32 +0000 (23:01 +0200)]
vhost-user: fix regions provied with VHOST_USER_SET_MEM_TABLE message
Old code was affected by memory gaps which resulted in buffer pointers
pointing to address outside of the mapped regions.
Here we are introducing following changes:
- new function qemu_get_ram_block_host_ptr() returns host pointer
to the ram block, it is needed to calculate offset of specific
region in the host memory
- new field mmap_offset is added to the VhostUserMemoryRegion. It
contains offset where specific region starts in the mapped memory.
As there is stil no wider adoption of vhost-user agreement was made
that we will not bump version number due to this change
- other fileds in VhostUserMemoryRegion struct are not changed, as
they are all needed for usermode app implementation
- region data is not taken from ram_list.blocks anymore, instead we
use region data which is alredy calculated for use in vhost-net
- Now multiple regions can have same FD and user applicaton can call
mmap() multiple times with the same FD but with different offset
(user needs to take care for offset page alignment)
Eduardo Habkost [Thu, 26 Jun 2014 21:33:19 +0000 (18:33 -0300)]
numa: Reject duplicate node IDs
The same nodeid shouldn't appear multiple times in the command-line.
In addition to detecting command-line mistakes, this will fix a bug
where nb_numa_nodes may become larger than MAX_NODES (and cause
out-of-bounds access on the numa_info array).
Eduardo Habkost [Thu, 26 Jun 2014 21:33:18 +0000 (18:33 -0300)]
numa: Keep track of NUMA nodes present on the command-line
Based on "enable sparse node numbering" patch from Nishanth Aravamudan,
but without the code to actually support sparse node IDs. This just adds
the code to keep track of present/non-present nodes on the command-line,
without changing any behavior.
Signed-off-by: Nishanth Aravamudan <[email protected]>
[Rename max_numa_node to max_numa_nodeid -Eduardo]
[Initialize max_numa_nodeid to 0 -Eduardo]
[Use MAX() macro when setting max_numa_nodeid -Eduardo] Signed-off-by: Eduardo Habkost <[email protected]> Reviewed-by: Michael S. Tsirkin <[email protected]> Signed-off-by: Michael S. Tsirkin <[email protected]> Reviewed-by: Hu Tao <[email protected]> Reviewed-by: Eric Blake <[email protected]>
Commit 'virtio: validate config_len on load' restricted config_len
loaded from the wire to match the config_len that the device had.
Unfortunately, there are cases where this isn't true, the one
we found it on was the wce addition in virtio-blk.
Allow mismatched config-lengths:
*) If the version on the wire is shorter then fine
*) If the version on the wire is longer, load what we have space
for and skip the rest.
Don Slutz [Wed, 25 Jun 2014 20:19:07 +0000 (16:19 -0400)]
pc: make isapc and pc-0.10 to pc-0.13 have 1.7.0 memory layout
QEMU 2.0 changed memory layout for isapc and pc-0.10 to pc-0.13.
This prevents migration from QEMU 1.7.0 for these
machine types when -m 3.5G is specified.
It is necessary to reset RTC interrupt reinjection backlog if
guest time is synchronized via a different mechanism, such as
QGA's guest-set-time command.
Failing to do so causes both corrections to be applied (summed),
resulting in an incorrect guest time.
Eduardo Habkost [Wed, 25 Jun 2014 02:04:44 +0000 (23:04 -0300)]
pc: Move q35 compat props to PC_COMPAT_*
For each compat property on PC_Q35_COMPAT_*, there are only two
possibilities:
* If the device is never instantiated when using a machine other than
pc-q35, then the compat property can be safely added to
PC_COMPAT_*;
* If the device can be instantiated when using a machine other than
pc-q35, that means the other machines also need the compat property
to be set.
That means we don't need separate PC_Q35_COMPAT_* macros at all, today.
The hpet.hpet-intcap case is interesting: piix and q35 do have something
that emulates different defaults, but the machine-specific default is
applied _after_ compat_props are applied, by simply checking if the
property is zero (which is the real default on the hpet code).
The hpet.hpet-intcap=0x4 compat property can (should?) be applied to
piix too, because 0x4 was the default on both piix and q35 before the
hpet-intcap property was introduced.
Now, if one day we change the default HPET intcap on one of the PC
machine-types again, we may want to introduce PC_{Q35,I440FX}_COMPAT
macros. But while we don't need that, we can keep the code simple.
Peter Maydell [Sun, 29 Jun 2014 15:44:13 +0000 (16:44 +0100)]
Merge remote-tracking branch 'remotes/riku/linux-user-for-upstream' into staging
* remotes/riku/linux-user-for-upstream:
linux-user: support the SIOCGIFINDEX ioctl
linux-user: support the KDSIGACCEPT ioctl
linux-user: allow NULL tv argument for settimeofday
linux-user: respect timezone for settimeofday
linux-user: fix struct target_epoll_event layout for MIPS
linux-user: support strace of epoll_create1
linux-user: allow NULL arguments to mount
linux-user: support SO_PASSSEC setsockopt option
linux-user: support SO_{SND, RCV}BUFFORCE setsockopt options
linux-user: support SO_ACCEPTCONN getsockopt option
linux-user: translate the result of getsockopt SO_TYPE
linux-user: added fake open() for /proc/self/cmdline
Add support for MAP_NORESERVE mmap flag.
Peter Maydell [Sun, 29 Jun 2014 15:17:50 +0000 (16:17 +0100)]
Merge remote-tracking branch 'remotes/xtensa/tags/20140629-xtensa' into staging
Xtensa fixes and improvements queue 2014-06-29:
- fix FLASH mapping to boot region for KC705;
- clean up boot parameters passing;
- add uImage, DTB and initrd support.
# gpg: Signature made Sat 28 Jun 2014 23:40:32 BST using RSA key ID F83FA044
# gpg: Good signature from "Max Filippov <[email protected]>"
# gpg: aka "Max Filippov <[email protected]>"
* remotes/xtensa/tags/20140629-xtensa:
hw/xtensa/xtfpga: implement initrd loading
hw/xtensa/xtfpga: implement DTB loading
hw/xtensa/xtfpga: implement uImage loading
hw/xtensa/xtfpga: add memory info to bootparam
hw/xtensa/xtfpga: refactor bootparameters filling
hw/xtensa/xtfpga: use symbolic constants for bootparam tags
hw/xtensa/xtfpga: retrieve parameters from machine_opts
hw/xtensa: replace fprintfs with error_report
hw/xtensa: remove extraneous xtensa_ prefix from file names
hw/xtensa/xtfpga: fix FLASH mapping to boot region for KC705
Peter Maydell [Sun, 29 Jun 2014 14:24:54 +0000 (15:24 +0100)]
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging
Block patches for 2.1.0-rc0
# gpg: Signature made Fri 27 Jun 2014 19:50:32 BST using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <[email protected]>"
* remotes/kevin/tags/for-upstream: (47 commits)
iotests: Fix 083 for out-of-tree builds
iotests: Drop Python version from 065's Shebang
iotests: Use $PYTHON for Python scripts
iotests: Source common.env
configure: Enable out-of-tree iotests
iotests: Allow out-of-tree run
block.c: Don't return success for bdrv_append_temp_snapshot() failure
qemu-iotests: Add TestRepairQuorum to 041 to test drive-mirror node-name mode.
block: Add replaces argument to drive-mirror
blockjob: Fix recent BLOCK_JOB_ERROR regression
blockjob: Fix recent BLOCK_JOB_READY regression
virtio-blk: Rename complete_request_early to complete_request_vring
virtio-blk: Unify {non-,}dataplane's request handlings
virtio-blk: Schedule BH in the right context
virtio-blk: Export request handling functions to dataplane
virtio-blk: Make request completion function virtual
block: acquire AioContext in qmp_query_blockstats()
block: make bdrv_query_stats() static
virtio-blk: Fix and clean up the in_sg and out_sg check
virtio-blk: Fill in VirtIOBlockReq.out in dataplane code
...
Peter Maydell [Sun, 29 Jun 2014 12:39:04 +0000 (13:39 +0100)]
Merge remote-tracking branch 'remotes/qmp-unstable/queue/qmp' into staging
* remotes/qmp-unstable/queue/qmp:
docs/qmp: Fix documentation of BLOCK_JOB_READY to match code
char: report frontend open/closed state in 'query-chardev'
virtio-serial: report frontend connection state via monitor
qmp: add qmp-events.txt back
qapi event: clean up in callers
qapi script: clean up in scripts
qapi: ignore generated event files
qapi: move event defines
Peter Maydell [Sun, 29 Jun 2014 11:45:54 +0000 (12:45 +0100)]
Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging
Net patches
# gpg: Signature made Fri 27 Jun 2014 14:10:57 BST using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <[email protected]>"
# gpg: aka "Stefan Hajnoczi <[email protected]>"
* remotes/stefanha/tags/net-pull-request:
hw/net/eepro100: Implement read-only bits in MDI registers
net: move queue number into NICPeers
net: L2TPv3 transport
qemu-bridge-helper: Fix fd leak in main()
Paul Burton [Sun, 22 Jun 2014 10:25:41 +0000 (11:25 +0100)]
linux-user: allow NULL tv argument for settimeofday
The tv argument to the settimeofday syscall is allowed to be NULL, if
the program only wishes to provide the timezone. QEMU previously
returned -EFAULT when tv was NULL. Instead, execute the syscall &
provide NULL to the kernel as the target program expected.
Paul Burton [Sun, 22 Jun 2014 10:25:40 +0000 (11:25 +0100)]
linux-user: respect timezone for settimeofday
The settimeofday syscall accepts a tz argument indicating the desired
timezone to the kernel. QEMU previously ignored any argument provided
by the target program & always passed NULL to the kernel. Instead,
translate the argument & pass along the data userland provided.
Although this argument is described by the settimeofday man page as
obsolete, it is used by systemd as of version 213.
Paul Burton [Sun, 22 Jun 2014 10:25:38 +0000 (11:25 +0100)]
linux-user: support strace of epoll_create1
Add the epoll_create1 syscall to strace.list in order to display that
syscall when it occurs, rather than a message about the syscall being
unknown despite QEMU already implementing support for it.
Paul Burton [Sun, 22 Jun 2014 10:25:37 +0000 (11:25 +0100)]
linux-user: allow NULL arguments to mount
Calls to the mount syscall can legitimately provide NULL as the value
for the source of filesystemtype arguments, which QEMU would previously
reject & return -EFAULT to the target program. An example of this is
remounting an already mounted filesystem with different properties.
Instead of rejecting such syscalls with -EFAULT, pass NULL along to the
kernel as the target program expects.
Additionally this patch fixes a potential memory leak when DEBUG_REMAP
is enabled and lock_user_string fails on the target or filesystemtype
arguments but a prior argument was non-NULL and already locked.
Since the patch already touched most lines of the TARGET_NR_mount case,
it fixes the indentation & coding style for good measure.
Paul Burton [Sun, 22 Jun 2014 10:25:35 +0000 (11:25 +0100)]
linux-user: support SO_{SND, RCV}BUFFORCE setsockopt options
Translate the SO_SNDBUFFORCE & SO_RCVBUFFORCE options to setsockopt to
the host values & perform the syscall as expected, allowing use of those
options by target programs.
Paul Burton [Sun, 22 Jun 2014 10:25:33 +0000 (11:25 +0100)]
linux-user: translate the result of getsockopt SO_TYPE
QEMU previously passed the result of the host syscall directly to the
target program. This is a problem if the host & target have different
representations of socket types, as is the case when running a MIPS
target program on an x86 host. Introduce a host_to_target_sock_type
helper function mirroring the existing target_to_host_sock_type, and
call it to translate the value provided by getsockopt when called for
the SO_TYPE option.
Peter Maydell [Sun, 29 Jun 2014 10:59:00 +0000 (11:59 +0100)]
Merge remote-tracking branch 'remotes/agraf/tags/signed-ppc-for-upstream' into staging
Patch queue for ppc - 2014-06-27
Changes include:
- instruction emulation fixes
- linux-user fixes
- mac99: layout fixes
- pseries: Initial VFIO support
- pseries: support for UUID
- pseries: support for -boot m
# gpg: Signature made Fri 27 Jun 2014 12:51:01 BST using RSA key ID 03FEDC60
# gpg: Can't check signature: public key not found
* remotes/agraf/tags/signed-ppc-for-upstream: (32 commits)
PPC: e500: Only create dt entries for existing serial ports
spapr_pci: Use XICS interrupt allocator and do not cache interrupts in PHB
vmstate: Add preallocation for migrating arrays (VMS_ALLOC flag)
xics: Implement xics_ics_free()
spapr: Remove @next_irq
spapr: Move interrupt allocator to xics
xics: Disable flags reset on xics reset
xics: Add xics_find_source()
xics: Add flags for interrupts
spapr: Add RTAS sysparm SPLPAR Characteristics
spapr: Add RTAS sysparm UUID
spapr: Fix RTAS sysparm DIAGNOSTICS_RUN_MODE
spapr: Add rtas_st_buffer utility function
spapr: Define a 2.1 pseries machine
spapr: Fix code design style (s/SPAPRMachine/sPAPRMachineState)
target-ppc: Add support for POWER8 pvr 0x4D0000
uninorth: Fix PCI hole size
mac99: Add motherboard devices before PCI cards
target-ppc: Remove unused gen_qemu_ld8s()
target-ppc: Remove unused IMM and d extract helpers
...
Peter Maydell [Sun, 29 Jun 2014 10:43:30 +0000 (11:43 +0100)]
Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20140627' into staging
A series of patches to the s390-ccw bios:
- code cleanup
- improved error reporting
- most important, support to ipl (boot) from ECKD DASD (CDL, LDL or CMS
formatted)
# gpg: Signature made Fri 27 Jun 2014 12:03:30 BST using RSA key ID C6F02FAF
# gpg: Can't check signature: public key not found
* remotes/cohuck/tags/s390x-20140627:
pc-bios/s390-ccw: update binary
pc-bios/s390-ccw: IPL from LDL/CMS-formatted ECKD DASD
pc-bios/s390-ccw: IPL from CDL-formatted ECKD DASD
pc-bios/s390-ccw: factor out ipl code
pc-bios/s390-ccw: Add fill_hex_val func to provide better msgs
pc-bios/s390-ccw: Unify error handling
pc-bios/s390-ccw: add some utility code
pc-bios/s390-ccw: handle different sector sizes
pc-bios/s390-ccw: cleanup and enhance bootmap defintions
pc-bios/s390-ccw: make checkpatch happy
Max Filippov [Mon, 4 Mar 2013 03:07:52 +0000 (07:07 +0400)]
hw/xtensa/xtfpga: implement uImage loading
Provide a simple bootloader code at the reset address that jumps to the
loaded image entry point when it's not equal to the reset address. This
is needed because the old method of setting pc doesn't work due to cpu
reset done after the machine setup.
projects / qemu.git / log