Gerd Hoffmann [Mon, 27 Feb 2012 10:05:09 +0000 (11:05 +0100)]
qxl: properly handle upright and non-shared surfaces
Although qxl creates a shared displaysurface when the qxl surface is
upright and doesn't need to be flipped there is no guarantee that the
surface doesn't become unshared for some reason. Rename qxl_flip to
qxl_blit and fix it to handle both flip and non-flip cases.
Error out when tls-channel option is used without TLS
It's currently possible to setup spice channels using TLS when
no TLS port has been specified (ie TLS is disabled). This cannot
work, so better to error out in such a situation.
Error message reporting during spice startup wasn't consistent, it was done
with fprintf(stderr, "") but sometimes the message didn't have a trailing
\n. Using error_report make the intent of the message clearer and deal
with the final \n for us.
Gerd Hoffmann [Fri, 14 Oct 2011 16:05:48 +0000 (18:05 +0200)]
qxl: add optinal 64bit vram bar
This patch adds an 64bit pci bar for vram. It is turned off by default.
It can be enabled by setting the size of the 64bit bar to be larger than
the 32bit bar. Both 32bit and 64bit bar refer to the same memory. Only
the first part of the memory is available via 32bit bar.
The intention is to allow large vram sizes for 64bit guests, by allowing
the vram bar being mapped above 4G, so we don't have to squeeze it into
the pci I/O window below 4G.
With vram_size_mb=16 and vram64_size_mb=256 it looks like this:
00:02.0 VGA compatible controller: Red Hat, Inc. Device 0100 (rev 02) (prog-if 00 [VGA controller])
Subsystem: Red Hat, Inc Device 1100
Physical Slot: 2
Flags: fast devsel, IRQ 10
Memory at f8000000 (32-bit, non-prefetchable) [size=64M]
Memory at fc000000 (32-bit, non-prefetchable) [size=16M]
Memory at fd020000 (32-bit, non-prefetchable) [size=8K]
I/O ports at c5a0 [size=32]
Memory at ffe0000000 (64-bit, prefetchable) [size=256M]
Expansion ROM at fd000000 [disabled] [size=64K]
Jan Kiszka [Mon, 27 Feb 2012 14:18:47 +0000 (15:18 +0100)]
usb: Resolve warnings about unassigned bus on usb device creation
When creating an USB device the old way, there is no way to specify the
target bus. Thus the warning issued by usb_create makes no sense and
rather confuses our users.
Resolve this by passing a bus reference to the usbdevice_init handler
and letting those handlers forward it to usb_create.
David Gibson [Fri, 24 Feb 2012 00:23:28 +0000 (01:23 +0100)]
slirp: Fix assertion failure on rejected DHCP requests
The guest network stack might DHCPREQUEST an address that the slirp built
in dhcp server can't let it have - for example if the guest has an old
leases file from another network configuration. In this case the dhcp
server should and does reject the request and prepares to send a DHCPNAK
to the client.
However, in this case the daddr variable in bootp_reply() is set to
0.0.0.0. Shortly afterwards, it unconditionally attempts to pre-insert the
new client address into the ARP table. This causes an assertion failure in
arp_address_add() because of the 0.0.0.0 address.
According to RFC2131, DHCPNAK messages for clients on the same subnet
must be sent to the broadcast address (S3.2, subpoint 2).
Jan Kiszka [Fri, 17 Feb 2012 15:26:38 +0000 (16:26 +0100)]
slirp: Fix requeuing of batchq packets in if_start
In case we requeued a packet that was the head of a longer session
queue, we failed to restore this ordering. Also, we did not properly
deal with changes to Slirp::next_m.
Instead of a cumbersome roll back, this fix simply avoids any changes
until we know if the packet was actually sent. Both fixes crashes due
to inconsistent queues and simplifies the logic.
Thanks to Zhi Yong Wu who found the reason for these crashes.
Hans de Goede [Sun, 26 Feb 2012 15:14:46 +0000 (16:14 +0100)]
usb-redir: Limit return values returned by iso packets
The usbredir protocol uses a status of usb_redir_stall to indicate that
an iso data stream has stopped (ie because the urbs failed on resubmit),
but iso packets should never return a result of USB_RET_STALL, since iso
endpoints cannot stall. So instead simply always return USB_RET_NAK on
iso stream errors.
Hans de Goede [Sun, 26 Feb 2012 15:14:45 +0000 (16:14 +0100)]
usb-redir: Let the usb-host know about our device filtering
libusbredirparser-0.3.4 adds 2 new packets which allows us to notify
the usb-host:
-about the usb device filter we have (if any), so that it knows not the even
try to redirect certain devices
-when we reject a device based on filtering (in case it tries anyways)
Hans de Goede [Sun, 26 Feb 2012 15:14:48 +0000 (16:14 +0100)]
usb-ehci: Handle ISO packets failing with an error other then NAK
Before this patch the ehci code was not checking for any other errors other
then USB_RET_NAK. This causes 2 problems:
1) Other errors are not reported to the guest.
2) When transactions with the ITD_XACT_IOC bit set completing with another
error would not result in USBSTS_INT getting set.
I hit this problem when unplugging devices while iso data was streaming from
the device to the guest. When this happens it takes a while for the guest to
process the unplugging and remove ISO transactions from the ehci schedule, in
the mean time these transactions would complete with a result of USB_RET_NODEV,
which was not handled. This lead to the Linux guest's usb subsystem "hanging",
that is it would no longer see new usb devices getting plugged in and running
for example lsusb would lead to a stuck (D state) lsusb process. This patch
fixes this.
Alon Levy [Sun, 26 Feb 2012 16:09:23 +0000 (17:09 +0100)]
usb-ccid: advertise SELF_POWERED
Before commit ed5a83ddd8c1d8ec7b1015315530cf29949e7c48 each device
provided it's own response to USB_REQ_GET_STATUS, but after it that
response was based on bmAttributes, which was errounously set for
usb-ccid as 0xa0 and not 0xe0.
Alon Levy [Sun, 26 Feb 2012 16:09:21 +0000 (17:09 +0100)]
usb-desc: fix user trigerrable segfaults (!config)
Check for dev->config being NULL in two places:
USB_REQ_GET_CONFIGURATION and USB_REQ_GET_STATUS.
The behavior of USB_REQ_GET_STATUS is unspecified in the Default state,
that corresponds to dev->config being NULL (it defaults to NULL and is
reset whenever a SET_CONFIGURATION with value 0, or attachment). I
implemented it to correspond with the state before ed5a83ddd8c1d8ec7b1015315530cf29949e7c48, the commit moving SET_STATUS
to usb-desc; if dev->config is not set we return whatever is in the
first configuration.
The behavior of USB_REQ_GET_CONFIGURATION is also undefined before any
SET_CONFIGURATION, but here we just return 0 (same as specified for the
Address state).
A win7 guest failed to initialize the device before this patch,
segfaulting when GET_STATUS was called with dev->config == NULL. With
this patch the passthrough device still doesn't work but the failure is
unrelated.
Gerd Hoffmann [Mon, 27 Feb 2012 10:23:08 +0000 (11:23 +0100)]
usb-ehci: sanity-check iso xfers
This patch adds a sanity check to itd processing to make sure the
endpoint addressed by the guest is actually an iso endpoint. Also
verify that usb drivers don't return USB_RET_ASYNC which is illegal for
iso xfers.
Gerd Hoffmann [Fri, 27 Jan 2012 16:27:31 +0000 (17:27 +0100)]
usb-uhci: implement packet queuing
When a usb device is busy processing a packet (and returns
USB_RET_ASYNC), continue walking the transfer descriptor list
and process them to fill the request queue.
Gerd Hoffmann [Thu, 23 Feb 2012 13:24:00 +0000 (14:24 +0100)]
usb-ehci: fix reset
Two reset fixes:
* pick up s->usbcmd value after ehci_reset call to make sure it
keeps the reset value and doesn't get rubbish filled in when
val is written back to the mmio register array later on.
* make sure the frame timer is zapped on reset.
Alon Levy [Fri, 24 Feb 2012 21:19:31 +0000 (23:19 +0200)]
qxl: make qxl_render_update async
RHBZ# 747011
Removes the last user of QXL_SYNC when using update drivers that use the
_ASYNC io ports.
The last user is qxl_render_update, it is called both by qxl_hw_update
which is the vga_hw_update_ptr passed to graphic_console_init, and by
qxl_hw_screen_dump.
At the same time the QXLRect area being passed to the red_worker thread
is passed as a copy, as part of the QXLCookie.
The implementation uses interface_update_area_complete with a bh to make
sure dpy_update and qxl_flip are called from the io thread, otherwise
the vga->ds->surface.data can change under our feet.
With this patch sdl+spice works fine. But spice by itself doesn't
produce the expected screendumps unless repeated a few times, due to
ppm_save being called before update_area (rendering done in spice server
thread) having a chance to complete. Fixed by next patch, but see commit
message for problem introduced by it.
Alon Levy [Fri, 24 Feb 2012 21:19:29 +0000 (23:19 +0200)]
qxl: remove flipped
Tested on linux and windows guests. For negative stride, qxl_flip copies
directly to vga->ds->surface->data, for positive it's reallocated to
share qxl->guest_primary.data
Alon Levy [Fri, 24 Feb 2012 21:19:28 +0000 (23:19 +0200)]
qxl: require spice >= 0.8.2
drop all ifdefs on SPICE_INTERFACE_QXL_MINOR >= 1 as a result,
any check for SPICE_SERVER_VERSION that is now always satisfied,
and SPICE_INTERFACE_CORE_MINOR >= 3 tests, because
0.8.2 has SPICE_INTERFACE_QXL_MINOR == 1 and
SPICE_INTERFACE_CORE_MINOR == 3.
Peter Maydell [Thu, 23 Feb 2012 16:20:05 +0000 (16:20 +0000)]
configure: Check whether makecontext() is a glibc stub function
On some systems (notably ARM Linux) glibc provides implementations
of makecontext(), getcontext() and friends which are stubs which
always return failure. Make the configure test for makecontext()
also check for the presence of the __stub_makecontext macro which
indicates the presence of these stubs, so we can avoid trying to use
them and fall back to a different coroutine implementation instead.
Peter Maydell [Wed, 22 Feb 2012 22:40:00 +0000 (22:40 +0000)]
vl.c: Avoid segfault when started with no arguments
Fix a bug (introduced in commit a0abe47) where a command line which
specified no machine arguments (either explicitly or implicitly via
-kernel &co) would result in a segfault because of a NULL pointer
returned from qemu_opts_find(qemu_find_opts("machine"), 0).
Gerd Hoffmann [Wed, 8 Feb 2012 15:02:11 +0000 (16:02 +0100)]
nic: zap obsolote romloading bits from ne2k + pcnet
These days one just needs to specify the romfile in PCiDeviceInfo and
everything magically works. It also allows to disable pxe rom loading
via "romfile=<emptystring>" like it is possible for all other nics.
Gerd Hoffmann [Wed, 8 Feb 2012 12:54:13 +0000 (13:54 +0100)]
build: allow turning off debuginfo
This patch adds --{enable,disable}-debug-info switches to configure
which allows to include/exclude the '-g' switch on the gcc & ld
command lines. Not building debug info reduces ressource usage
(especially disk) alot and is quite useful for test builds.
Gerd Hoffmann [Fri, 24 Feb 2012 11:43:45 +0000 (12:43 +0100)]
optimize screendump for the common non-switch case
switch console only if needed, also pass down whenever the console was
switched or not because a displaysurface redraw is only needed in case
the console was switched.
Gerd Hoffmann [Fri, 24 Feb 2012 11:43:44 +0000 (12:43 +0100)]
Remove screendump dummy functions.
The code in console.c verifies whenever a screen_dump function
pointer is present before calling it, so there is no need to supply an
dummy function. Remove them. Also report an error to notify the user
that he didn't got a screenshot.
Gerd Hoffmann [Thu, 23 Feb 2012 12:45:23 +0000 (13:45 +0100)]
suspend: make serial ports wakeup the guest.
Add a 'wakeup' property to the serial port. It is off by default. When
enabled any incoming character on the serial line will wake up the
guest. Useful for guests which have a serial console configured.
Gerd Hoffmann [Thu, 23 Feb 2012 12:45:22 +0000 (13:45 +0100)]
suspend: make ps/2 devices wakeup the guest
This patch adds wakeup support to ps/2 emulation. Any key press on the
ps/2 keyboard will wakeup the guest. Likewise any mouse button press
will wakeup the guest. Mouse moves are ignored, so the guest will not
wakeup in case your mouse crosses the vnc window of a suspended guest by
accident.
Gerd Hoffmann [Thu, 23 Feb 2012 12:45:20 +0000 (13:45 +0100)]
suspend: switch acpi s3 to new infrastructure.
This patch switches pc s3 suspend over to the new infrastructure.
The cmos_s3 qemu_irq is killed, the new notifier is used instead.
The xen hack goes away with that too, the hypercall can simply be
done in a notifier function now.
This patch also makes the guest actually stay suspended instead
of leaving suspend instantly, so it is useful for more than just
testing whenever the suspend/resume cycle actually works.
Gerd Hoffmann [Thu, 23 Feb 2012 12:45:19 +0000 (13:45 +0100)]
suspend: add infrastructure
This patch adds some infrastructure to handle suspend and resume to
qemu. First there are two functions to switch state and second there
is a suspend notifier:
* qemu_system_suspend_request is supposed to be called when the
guest asks for being be suspended, for example via ACPI.
* qemu_system_wakeup_request is supposed to be called on events
which should wake up the guest.
* qemu_register_suspend_notifier can be used to register a notifier
which will be called when the guest is suspended. Machine types
and device models can hook in there to modify state if needed.
* qemu_register_wakeup_notifier can be used to register a notifier
which will be called when the guest is woken up. Machine types
and device models can hook in there to modify state if needed.
* qemu_system_wakeup_enable can be used to enable/disable wakeup
events.
Gerd Hoffmann [Thu, 23 Feb 2012 12:45:16 +0000 (13:45 +0100)]
acpi: add ACPIREGS
All those acpi structs are not independent from each other.
Various acpi functions expecting multiple acpi structs passed
in are a clean indicator for that ;)
So this patch bundles all acpi structs in the new ACPIREGS
struct, then use it everythere pass around acpi state.
Anthony Liguori [Fri, 24 Feb 2012 15:50:37 +0000 (09:50 -0600)]
Merge remote-tracking branch 'mdroth/qga-win32-pull-2-23-12' into staging
* mdroth/qga-win32-pull-2-23-12:
qemu-ga: add win32 guest-shutdown command
qemu-ga: add Windows service integration
qemu-ga: add initial win32 support
qemu-ga: fixes for win32 build of qemu-ga
qemu-ga: rename guest-agent-commands.c -> commands-posix.c
qemu-ga: separate out common commands from posix-specific ones
qemu-ga: move channel/transport functionality into wrapper class
qemu-ga: Add schema documentation for types
Anthony Liguori [Fri, 24 Feb 2012 15:45:22 +0000 (09:45 -0600)]
Merge remote-tracking branch 'qmp/queue/qmp' into staging
* qmp/queue/qmp:
qmp: add DEVICE_TRAY_MOVED event
ide: drop ide_tray_state_post_load()
block: Don't call bdrv_eject() if the tray state didn't change
block: bdrv_eject(): Make eject_flag a real bool
block: Rename bdrv_mon_event() & BlockMonEventAction
Anthony Liguori [Fri, 24 Feb 2012 15:37:27 +0000 (09:37 -0600)]
Merge remote-tracking branch 'kwolf/for-anthony' into staging
* kwolf/for-anthony: (46 commits)
qemu-iotests: common.config: Allow use of arbitrary qemu* paths
qemu-iotests: check: print relevant path information
qemu-iotests: test loading internal snapshots
qemu-iotests: Update filter for default cluster size
qemu-iotests: add qed support to 025 image resize test
qemu-iotests: Update rbd support
qemu-iotests: common.config: Fix no $TEST_DIR directory
qemu-iotests: only run 016 for file and sheepdog protocols
qemu-iotests: Use zero-based offsets for IO patterns
qemu-iotests: add support for rbd and sheepdog protocols
qemu-iotests: filter IMGFMT correctly in 019
qemu-iotests: README: Fix spelling
qemu-iotests: add support for qed format
qemu-iotests: filter TEST_DIR correctly in 019
qemu-iotests: fix 019 golden output
qemu-iotests: update expected results after qemu-img changes
qemu-iotests: add read/write from smaller backing image test
qemu-iotests: add sub-cluster allocating write test for sparse image formats
qemu-iotests: improve test for qemu-img convert with backing file
qemu-iotests: consider more cases in parsing qemu-io output
...
I'm trying to improve this code's error reporting, and the debug code
is getting in my way: it clutters the code, it clobbers errno in
inconvenient places, and it uses the same fprintf() both for error
reporting and debug output in a few places.
Get rid of it. Once decent error reporting is in place, adding back
whatever debug code we need shouldn't be hard.
Revert "qemu-char: Print strerror message on failure" and deps
The commit's purpose is laudable:
The only way for chardev drivers to communicate an error was to
return a NULL pointer, which resulted in an error message that
said _that_ something went wrong, but not _why_.
It attempts to achieve it by changing the interface to return 0/-errno
and update qemu_chr_open_opts() to use strerror() to display a more
helpful error message. Unfortunately, it has serious flaws:
1. Backends "socket" and "udp" return bogus error codes, because
qemu_chr_open_socket() and qemu_chr_open_udp() assume that
unix_listen_opts(), unix_connect_opts(), inet_listen_opts(),
inet_connect_opts() and inet_dgram_opts() fail with errno set
appropriately. That assumption is wrong, and the commit turns
unspecific error messages into misleading error messages. For
instance:
$ qemu-system-x86_64 -nodefaults -vnc :0 -chardev socket,id=bar,host=xxx
inet_connect: host and/or port not specified
chardev: opening backend "socket" failed: No such file or directory
ENOENT is what happens to be in my errno when the backend returns
-errno. Let's put ERANGE there just for giggles:
$ qemu-system-x86_64 -nodefaults -vnc :0 -chardev socket,id=bar,host=xxx -drive if=none,iops=99999999999999999999
inet_connect: host and/or port not specified
chardev: opening backend "socket" failed: Numerical result out of range
Worse: when errno happens to be zero, return -errno erroneously
signals success, and qemu_chr_new_from_opts() dies dereferencing
uninitialized chr. I observe this with "-serial unix:".
2. All qemu_chr_open_opts() knows about the error is an errno error
code. That's simply not enough for a decent message. For instance,
when inet_dgram() can't resolve the parameter host, which errno code
should it use? What if it can't resolve parameter localaddr?
Clue: many backends already report errors in their open methods.
Let's revert the flawed commit along with its dependencies, and fix up
the silent error paths instead.
Paolo Bonzini [Wed, 15 Feb 2012 08:22:54 +0000 (09:22 +0100)]
scsi: fix searching for an empty id
The conditions for detecting no free target or LUN were wrong.
The LUN loop was followed by an "if" condition that is never
true, because the loop is exited as soon as lun becomes equal
to bus->info->max_lun, and never becomes greater than it.
The target loop had a wrong condition (<= instead of <). Once
this is fixed, the loop would fail in the same way as the LUN
loop.
The fix is to see whether scsi_device_find returned the device with the
last (channel, target, LUN) pair, and fail if so.
Michael Roth [Sat, 21 Jan 2012 22:42:27 +0000 (16:42 -0600)]
qemu-ga: add Windows service integration
This allows qemu-ga to function as a Windows service:
- to install the service (will auto-start on boot):
qemu-ga --service install
- to start the service:
net start qemu-ga
- to stop the service:
net stop qemu-ga
- to uninstall service:
qemu-ga --service uninstall
Michael Roth [Sat, 21 Jan 2012 01:01:30 +0000 (19:01 -0600)]
qemu-ga: add initial win32 support
This adds a win32 channel implementation that makes qemu-ga functional
on Windows using virtio-serial (unix-listen/isa-serial not currently
implemented). Unlike with the posix implementation, we do not use
GIOChannel for the following reasons:
- glib calls stat() on an fd to check whether S_IFCHR is set, which is
the case for virtio-serial on win32. Because of that, a one-time
check to determine whether the channel is readable is done by making
a call to PeekConsoleInput(), which reports the underlying handle is
not a valid console handle, and thus we can never read from the
channel.
- if one goes as far as to "trick" glib into thinking it is a normal
file descripter, the buffering is done in such a way that data
written to the output stream will subsequently result in that same
data being read back as if it were input, causing an error loop.
furthermore, a forced flush of the channel only moves the data into a
secondary buffer managed by glib, so there's no way to prevent output
from getting read back as input.
The implementation here ties into the glib main loop by implementing a
custom GSource that continually submits asynchronous/overlapped I/O to
fill an GAChannel-managed read buffer, and tells glib to poll the
corresponding event handle for a completion whenever there is no
data/RPC in the read buffer to notify the main application about.
Michael Roth [Fri, 20 Jan 2012 04:04:34 +0000 (22:04 -0600)]
qemu-ga: fixes for win32 build of qemu-ga
Various stubs and #ifdefs to compile for Windows using mingw
cross-build. Still has 1 linker error due to a dependency on the
forthcoming win32 versions of the GAChannel/transport class.
Michael Roth [Fri, 20 Jan 2012 04:19:27 +0000 (22:19 -0600)]
qemu-ga: separate out common commands from posix-specific ones
Many of the current RPC implementations are very much POSIX-specific
and require complete re-writes for Windows. There are however a small
set of core guest agent commands that are common to both, and other
commands such as guest-file-* which *may* be portable. So we introduce
commands.c for the latter, and will rename guest-agent-commands.c to
commands-posix.c in a future commit. Windows implementations will go in
commands-win32.c, eventually.
projects / qemu.git / log