Stefan Weil [Sat, 2 Apr 2011 11:36:31 +0000 (13:36 +0200)]
Fix conversions from pointer to tcg_target_long
tcg_gen_exit_tb takes a parameter of type tcg_target_long,
so the type casts of pointer to long should be replaced by
type casts of pointer to tcg_target_long (suggested by Blue Swirl).
These changes are needed for build environments where
sizeof(long) != sizeof(void *), especially for w64.
Signed-off-by: Stefan Weil <weil@mail.berlios.de> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Michael Tokarev [Mon, 21 Mar 2011 08:34:35 +0000 (09:34 +0100)]
vnc: tight: Fix crash after 2GB of output
fix 2Gb integer overflow in in VNC tight and zlib encodings
As found by Roland Dreier <roland@purestorage.com> (excellent
catch!), when amount of VNC compressed data produced by zlib
and sent to client exceeds 2Gb, integer overflow occurs because
currently, we calculate amount of data produced at each step by
comparing saved total_out with new total_out, and total_out is
something which grows without bounds. Compare it with previous
avail_out instead of total_out, and leave total_out alone.
The same code is used in vnc-enc-tight.c and vnc-enc-zlib.c,
so fix both cases.
There, there's no actual need to save previous_out value, since
capacity-offset (which is how that value is calculated) stays
the same so it can be recalculated again after call to deflate(),
but whole thing becomes less readable this way.
Reported-by: Roland Dreier <roland@purestorage.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Corentin Chary <corentin.chary@gmail.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
On Mon, 4 Apr 2011 20:15:30 +0200, Aurelien Jarno <aurelien@aurel32.net> wrote:
> Is it really safe ignoring write to this register? If yes, it's probably
> a good idea to explain why in a comment. In any case, if supporting this
> register is easy to do, it would be the best option.
I think it is safe. Please see an updated comment below.
And though implementing this register might be possible, I suppose it
is not worth to supporting FrameTooLong detection, for now at least.
Since linux 2.6.38, smsc911x driver writes to VLAN1 registger.
Since this register only affects FrameTooLong detection, ignoring
write to this register should be safe.
Isaku Yamahata [Fri, 25 Mar 2011 10:54:38 +0000 (19:54 +0900)]
acpi, acpi_piix, vt82c686: factor out PM_TMR logic
factor out PM_TMR logic. Later This will be used by ich9 acpi.
Also fixes the same bug in vt82c686.c that was fixed by the following
commits.
> commit 055479feab63607b8042bb8ebb2e0523f17cbc4e
> Author: aliguori <aliguori@c046a42c-6fe2-441c-8c8c-71466251a162>
> Date: Wed Jan 21 16:31:20 2009 +0000
>
> Always return latest pmsts instead of the old one (Xiantao Zhang)
>
> It may lead to the issue when booting windows guests with acpi=1
> if return the old pmsts.
>
> Signed-off-by: Xiantao Zhang <xiantao.zhang@intel.com>
> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jordan Justen [Sun, 3 Apr 2011 20:16:26 +0000 (13:16 -0700)]
hw/pflash_cfi02: Fix lazy reset of ROMD mode
When checking pfl->rom_mode for when to lazily reenter ROMD mode,
the value was check was the opposite of what it should have been.
This prevent the part from returning to ROMD mode after a write
was made to the CFI rom region.
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Scott Wood [Fri, 8 Apr 2011 22:06:37 +0000 (17:06 -0500)]
mpc85xx_pci_map_irq: change "unknow" to "unknown"
Signed-off-by: Scott Wood <scottwood@freescale.com> Acked-by: Alexander Graf <agraf@suse.de> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Quote filename in error message to spot possible whitespace character in
the filename and make error message more meaningful.
Signed-off-by: Adam Lackorzynski <adam@os.inf.tu-dresden.de> Acked-by: Alexander Graf <agraf@suse.de> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
David Gibson [Fri, 8 Apr 2011 10:08:25 +0000 (20:08 +1000)]
ppce500_mpc8544ds: Fix compile with --enable-debug and --disable-kvm
When configured with --enable-debug, we compile without optimization.
This means that the function mpc8544_copy_soc_cell() in ppce500_mpc8544ds.c
is not optimized out, even though it is never called without kvm. That in
turn causes a link failure, because it calls the function
kvmppc_read_host_property() which is in kvm_ppc.o and therefore not
included in a --disable-kvm build.
This patch fixes the problem by providing a dummy stub for
kvmppc_read_host_property() in kvm_ppc.h when !CONFIG_KVM.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
David Gibson [Tue, 5 Apr 2011 05:12:11 +0000 (15:12 +1000)]
Use existing helper function to implement popcntd instruction
The recent patches adding partial support for POWER7 cpu emulation included
implementing the popcntd instruction. The support for this was open coded,
but host-utils.h already included a function implementing an equivalent
population count function, which uses a gcc builtin (which can use special
host instructions) if available.
This patch makes the popcntd implementation use the existing, potentially
faster, implementation.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
David Gibson [Tue, 5 Apr 2011 05:12:10 +0000 (15:12 +1000)]
Delay creation of pseries device tree until reset
At present, the 'pseries' machine creates a flattened device tree in the
machine->init function to pass to either the guest kernel or to firmware.
However, the machine->init function runs before processing of -device
command line options, which means that the device tree so created will
be (incorrectly) missing devices specified that way.
Supplying a correct device tree is, in any case, part of the required
platform entry conditions. Therefore, this patch moves the creation and
loading of the device tree from machine->init to a reset callback. The
setup of entry point address and initial register state moves with it,
which leads to a slight cleanup.
This is not, alas, quite enough to make a fully working reset for pseries.
For that we would need to reload the firmware images, which on this
machine are loaded into RAM. It's a step in the right direction, though.
Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
David Gibson [Tue, 5 Apr 2011 05:12:09 +0000 (15:12 +1000)]
pseries: Abolish envs array
Currently the pseries machine init code builds up an array, envs, of
CPUState pointers for all the cpus in the system. This is kind of
pointless, given the generic code already has a perfectly good linked list
of the cpus.
In addition, there are a number of places which assume that the cpu's
cpu_index field is equal to its index in this array. This is true in
practice, because cpu_index values are just assigned sequentially, but
it's conceptually incorrect and may not always be true.
Therefore, this patch abolishes the envs array, and explicitly uses the
generic cpu linked list and cpu_index values throughout.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
Like all block drivers virtio-blk should not allow small than block size
granularity access. But given that the protocol specifies a
byte unit length field we currently accept such requests, which cause
qemu to abort() in lower layers. Add checks to the main read and
write handlers to catch them early.
Reported-by: Conor Murphy <conor_murphy_virt@hotmail.com> Tested-by: Conor Murphy <conor_murphy_virt@hotmail.com> Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
virtio-balloon: fixed endianness bug in the config space
The specification for the virtio balloon device requres that the values
in the config space be encoded little-endian. This differs from most
virtio things, where guest-native endian is the norm.
Currently, the qemu virtio-balloon code correctly makes the conversion
on get_config(), but doesn't on set_config for the 'actual' field. The
kernel driver, on the other hand, correctly converts when setting the
actual field, but does not convert when reading the config space. The
upshot is that virtio-balloon will only work correctly if both host and
guest are LE, making all the conversions nops.
This patch corrects the qemu side, correctly doing host-native <-> LE
conversions when accessing the config space. This won't break any setups
that aren't already broken, and fixes the case of BE host, LE guest.
Fixing the BE guest case will require kernel fixes as well.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
virtio-9p: fixed LE-to-host conversion bug when QEMU is called from guest
The 9p code already contains an attempt at the necessary endian
conversions, but it's broken.
The code which does conversion from host to guest does it correctly
and this code was copied to the function which does guest to host
conversion. However the copied code hasn't been correctly updated, so
it first endian converts some garbage on the stack and then overwrites
it with a field from incoming packet without conversion.
The patch fixes the mistakes.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Michael Tokarev [Wed, 6 Apr 2011 13:51:59 +0000 (17:51 +0400)]
qdev: Fix comment around qdev_init_nofail()
In previous life qdev_init_nofail() used to call hw_error() which
did register dump and other scary things. Now it calls
error_report() and does a regular exit(1). Fix the comment
to match reality.
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Fix integer overflow in block migration bandwidth calculation
block_mig_state.reads is an int, and multiplying by BLOCK_SIZE yielded a
negative number, resulting in a negative bandwidth (running on a 32-bit
machine). Change order to avoid.
Signed-off-by: Avishay Traeger <avishay@il.ibm.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Jason Wang [Wed, 6 Apr 2011 10:34:31 +0000 (18:34 +0800)]
floppy: save and restore DIR register
We need to keep DIR register unchanged across migration, but currently it
depends on the media_changed flags from block layer. Since we do not
save/restore it and the bdrv_open() called in dest node may set the
media_changed flag when trying to open floppy image, guest driver may think the
floppy have changed after migration. To fix this, a new filed media_changed in
FDrive strcutre was introduced in order to save and restore the it from block
layer through pre_save/post_load callbacks.
Signed-off-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Acked-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Nick Thomas [Tue, 22 Feb 2011 15:44:53 +0000 (15:44 +0000)]
NBD: Use qemu_socket functions to open TCP and UNIX sockets
This commit has the side-effect of making the qemu-nbd binary
capable of binding to IPv6 addresses. ("-b ::1", for instance).
block/nbd.c fails to parse IPv6 IP addresses correctly at this
point, but will work over IPv6 when given a hostname. It still
works over IPv4 as before.
We move the qemu-sockets object from the 'common' to the 'block'
list in the Makefile. The common list includes the block list,
so this is effectively a no-op for the rest of the code.
We also add 32-bit 'magic' attributes to nbd_(request|reply) to
facilitate calculating maximum request/response sizes later.
Signed-off-by: Nick Thomas <nick@bytemark.co.uk> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Michael Tokarev [Wed, 30 Mar 2011 12:31:05 +0000 (16:31 +0400)]
exit if -drive specified is invalid instead of ignoring the "wrong" -drive
This fixes the problem when qemu continues even if -drive specification
is somehow invalid, resulting in a mess. Applicable for both current
master and for stable-0.14 (and the same issue exist 0.13 and 0.12 too).
The prob can actually be seriuos: when you start guest with two drives
and make an error in the specification of one of them, and the guest
has something like a raid array on the two drives, guest may start failing
that array or kick "missing" drives which may result in a mess - this is
what actually happened to me, I did't want a resync at all, and a resync
resulted in re-writing (and allocating) a 4TB virtual drive I used for
testing, which in turn resulted in my filesystem filling up and whole
thing failing badly. Yes it was just testing VM, I experimented with
larger raid arrays, but the end result was quite, well, unexpected.
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Acked-by: Jes Sorensen <Jes.Sorensen@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Jes Sorensen [Wed, 30 Mar 2011 12:16:25 +0000 (14:16 +0200)]
qemu-img: Initial progress printing support
This adds the basic infrastructure for supporting progress output
on the command line, as well as progress support for qemu-img commands
'rebase' and 'convert'.
Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Stefan Hajnoczi [Tue, 29 Mar 2011 19:04:41 +0000 (20:04 +0100)]
block: Do not cache device size for removable media
The block layer caches the device size to avoid doing lseek(fd, 0,
SEEK_END) every time this value is needed. For removable media the
device size becomes stale if a new medium is inserted. This patch
simply prevents device size caching for removable media.
A smarter solution is to update the cached device size when a new medium
is inserted. Given that there are currently bugs with CD-ROM media
change I do not want to implement that approach until we've gotten
things correct first.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Ryan Harper [Wed, 30 Mar 2011 01:51:47 +0000 (20:51 -0500)]
Do not delete BlockDriverState when deleting the drive
When removing a drive from the host-side via drive_del we currently have
the following path:
drive_del
qemu_aio_flush()
bdrv_close() // zaps bs->drv, which makes any subsequent I/O get
// dropped. Works as designed
drive_uninit()
bdrv_delete() // frees the bs. Since the device is still connected to
// bs, any subsequent I/O is a use-after-free.
The value of bs->drv becomes unpredictable on free. As long as it
remains null, I/O still gets dropped, however it could become non-null
at any point after the free resulting SEGVs or other QEMU state
corruption.
To resolve this issue as simply as possible, we can chose to not
actually delete the BlockDriverState pointer. Since bdrv_close()
handles setting the drv pointer to NULL, we just need to remove the
BlockDriverState from the QLIST that is used to enumerate the block
devices. This is currently handled within bdrv_delete, so move this
into its own function, bdrv_make_anon().
The result is that we can now invoke drive_del, this closes the file
descriptors and sets BlockDriverState->drv to NULL which prevents futher
IO to the device, and since we do not free BlockDriverState, we don't
have to worry about the copy retained in the block devices.
We also don't attempt to remove the qdev property since we are no longer
deleting the BlockDriverState on drives with associated drives. This
also allows for removing Drives with no devices associated either.
Reported-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Ryan Harper <ryanh@us.ibm.com> Acked-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Feiran Zheng [Tue, 29 Mar 2011 01:00:15 +0000 (09:00 +0800)]
hw/xen_disk: ioreq not finished on error
Bug fix: routines 'ioreq_runio_qemu_sync' and 'ioreq_runio_qemu_aio'
won't call 'ioreq_unmap' or 'ioreq_finish' on errors, leaving ioreq in
the blkdev->inflight list and a leak.
Signed-off-by: Feiran Zheng <famcool@gmail.com> Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Mike Frysinger [Thu, 7 Apr 2011 05:12:28 +0000 (01:12 -0400)]
configure: add --version flag
Standard autoconf scripts include a --version flag so people can easily
query things. Add this to qemu's configure so it too can integrate with
build systems that have standard autotool helpers.
Signed-off-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Peter Maydell [Mon, 4 Apr 2011 11:09:22 +0000 (12:09 +0100)]
cpu-all.h: Remove unnecessary target-specific ifdef for CPU_QuadU
CPU_QuadU isn't used on all targets, but there's no harm in defining the
typedef anyway. It only needs to be guarded by CONFIG_SOFTFLOAT, because
softfloat-native doesn't have a float128 type. This avoids the need for
every new target which uses CPU_QuadU to add itself to an #ifdef in
what ought to be target-agnostic code.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Peter Maydell [Mon, 4 Apr 2011 10:46:35 +0000 (11:46 +0100)]
target-arm: Make Neon helper routines use correct FP status
Make the Neon helper routines use the correct FP status from
the CPUEnv rather than using a dummy static one. This means
they will correctly handle denormals and NaNs and will set
FPSCR exception bits properly.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Peter Maydell [Mon, 4 Apr 2011 10:46:32 +0000 (11:46 +0100)]
Makefile.target: Allow target helpers to be in any *_helper.c file
Build all files matching *_helper.c with HELPER_CFLAGS, not just
op_helper.c. This allows you to put target helper functions which
use the global 'env' variable in multiple source files.
This only affects the ARM target as all the other targets currently only
have op_helper.c.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
David Gibson [Mon, 4 Apr 2011 04:48:08 +0000 (14:48 +1000)]
Fix non-portable format string in usb-ccid.c
At one point, usb-ccid.c attempts to use a %lX format specifier to print
a uint64_t, which is only correct on some host platforms. This patch
corrects the statement to use the stdint specified PRIX64 constant instead.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Michael Walle [Mon, 7 Mar 2011 22:32:40 +0000 (23:32 +0100)]
lm32: add Milkymist TMU2 support
This patch adds support for Milkymist's texture mapping unit. For fast
computation this model needs hardware accelerated 3D graphics support
(OpenGL). There is no graphical output, all computations belong to internal
framebuffers only.
Signed-off-by: Michael Walle <michael@walle.cc> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Michael Walle [Mon, 7 Mar 2011 22:32:38 +0000 (23:32 +0100)]
lm32: add Milkymist System Controller support
This patch adds support for Milkymist's System Controller core. The model
has the following features:
- support for shutting down and restarting the board
- provide two timers and GPIO
- provide registers for system identification and reading the boards
capabilities
Signed-off-by: Michael Walle <michael@walle.cc> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Michael Walle [Mon, 7 Mar 2011 22:32:37 +0000 (23:32 +0100)]
lm32: add Milkymist SoftUSB support
This patch adds support for Milkymist's SoftUSB core. This model differ
from the real hardware in its functionality. The real hardware consits of a
tiny freely programmable microcontroller which controls the USB ports. For
simplicity reasons, this model emulates only keyboard and mouse input
devices, eg. input events translates directly to the corresponding expected
messages.
Signed-off-by: Michael Walle <michael@walle.cc> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Michael Walle [Mon, 7 Mar 2011 22:32:33 +0000 (23:32 +0100)]
lm32: add Milkymist HPDMC support
This patch adds support for the Milkymist's High Performance Dynamic Memory
Controller. This is just a dumb model without any functionality. While the
real hardware acts for example as a bridge between software and hardware
for sending SDRAM commans, this model will only eat up these commands and
always returns the expected hardware states, eg. PLL locked etc.
Signed-off-by: Michael Walle <michael@walle.cc> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Alexander Graf [Tue, 29 Mar 2011 13:29:30 +0000 (15:29 +0200)]
s390x: fix KVM target
During Jan's rework of the generic KVM layer, he added some more error checks
and actually aborted if something went wrong. Unfortunately, one of the s390
internal error codes slipped through, aborting the VM without needing to.
This patch fixes booting of S390x virtual machines in KVM.
Signed-off-by: Alexander Graf <agraf@suse.de> CC: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Alexander Graf [Tue, 29 Mar 2011 13:29:29 +0000 (15:29 +0200)]
virtio: use generic name when possible
We have two different virtio buses: pci and s390. The abstraction path
taken in qemu is to have generic aliases for each device type in the
architecture specific qdev devices.
So let's make use of these aliases whenever we can and define them
whenever we can.
Signed-off-by: Alexander Graf <agraf@suse.de> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Gleb Natapov [Thu, 31 Mar 2011 09:27:23 +0000 (11:27 +0200)]
register signal handler after initializing SDL.
SDL library initialization mangles signal handlers, so QEMU should
register them after initializing SDL. This was the case before and code
even have a comment about that. Fix it to be so again.
Peter Maydell [Wed, 30 Mar 2011 21:03:38 +0000 (22:03 +0100)]
vl.c: Tidy up message printed when we exit on a signal
Tidy up the message printed when qemu exits due to a signal, so that
it's clearer where the message is coming from and that it's not just
stray debug output.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Acked-by: Gleb Natapov <gleb@redhat.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Stefan Hajnoczi [Mon, 28 Mar 2011 21:00:30 +0000 (22:00 +0100)]
net: Remove unused net-checksum.c file
The common checksum functions were moved to net/checksum.c in commit 7200ac3c7c8eefe574193b49eeff09f120e11ec7 but the original net-checksum.c
was never deleted from the source tree. Remove it now since all users
of the checksum functions link against net/checksum.o and net-checksum.c
is not even compiled anymore.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Kevin Wolf [Sat, 26 Mar 2011 18:37:56 +0000 (19:37 +0100)]
e1000: Mask out lower bits of RDBAL/TDBAL
Rx and Tx descriptors are 16 byte aligned, so the lower bits are
ignored by real hardware. In fact, they always read back as zero on real
hardware, but probably nobody relies on that.
Signed-off-by: Kevin Wolf <mail@kevin-wolf.de> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Jan Kiszka [Tue, 22 Mar 2011 10:02:09 +0000 (11:02 +0100)]
gdbstub: Catch and report more vmstop reasons
When the VM goes into stop state while there is a gdb frontend attached,
it makes sense to inform gdb about this fact and at least a bit about
the stop reason. Basically, all stops are interesting except for the
temporary VMSTOP_SAVE/LOADVM.
The patch maps the relevant VMSTOP reasons on unique and more or less
associatable signals that gdb understands.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Stefan Weil [Sun, 3 Apr 2011 19:36:36 +0000 (21:36 +0200)]
tests/cris: Fix some errors and potential crashes
These errors were reported by cppcheck:
tests/cris/check_openpf1.c:30: error:
Mismatching allocation and deallocation: f
tests/cris/check_openpf2.c:13: error:
Mismatching allocation and deallocation: f
tests/cris/check_stat3.c:16: error:
Buffer overrun possible for long cmd-line args
tests/cris/check_stat4.c:18: error:
Buffer overrun possible for long cmd-line args
The first two are obvious coding errors (fopen needs fclose, not close).
The last two may seem less important (nobody will start test code
with an argument of more than 1022 characters which raises a buffer
overrun). Fixing them nevertheless helps with static code checks
like those done by cppcheck.
Signed-off-by: Stefan Weil <weil@mail.berlios.de> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Isaku Yamahata [Wed, 16 Mar 2011 09:05:01 +0000 (18:05 +0900)]
ioapic: when switches to level trigger mode, interrupts raised repeatedly.
- the trigger mode is edge at first
- During initializatoin, the interrupt is raised as edge which is masked.
The corresponding bit of irr is set.
- Then the mode is switched to level and it's unmasked.
- the bit of irr is set, so the interrupt is raised repeatedly by
ioapic_service().
- OS considers that the irq line is broken and falls back to polling mode.
This patch fixes the issues.
After raising edige, clear the bit of irr.
Peter Maydell [Mon, 14 Mar 2011 07:23:11 +0000 (07:23 +0000)]
target-arm/helper.c: For float-int conversion helpers pass ints as ints
Correct the argument and return types for the float<->int conversion helper
functions so that integer arguments and return values are declared as
uint32_t/uint64_t, not float32/float64. This allows us to remove the
hand-rolled functions which were doing bitwise copies between the types
via unions.
Peter Maydell [Fri, 11 Mar 2011 08:12:26 +0000 (08:12 +0000)]
target-arm: Use new softfloat min/max functions for VMAX, VMIN
Use the new softfloat min/max functions to implement the Neon VMAX
and VMIN instructions. This allows us to get the right behaviour
for NaN and negative zero.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Peter Maydell [Fri, 11 Mar 2011 08:12:25 +0000 (08:12 +0000)]
softfloat: Add float*_min() and float*_max() functions
Add min and max operations to softfloat. This allows us to implement
propagation of NaNs and handling of negative zero correctly (unlike
the approach of having target helper routines return one of the operands
based on the result of a comparison op).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Peter Maydell [Fri, 11 Mar 2011 08:12:24 +0000 (08:12 +0000)]
target-arm: Correct ABD's handling of negative zeroes
Implement ABD by taking the absolute value of the difference
of the operands (as the ARM ARM specifies) rather than by
flipping the order of the operands to the subtract based
on the results of a comparison. The latter approch gives
the wrong answers for some edge cases like negative zero.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Peter Maydell [Fri, 11 Mar 2011 08:12:23 +0000 (08:12 +0000)]
target-arm: Fix VCLE.F32 #0, VCLT.F32 #0 NaN handling
Implementing the floating-point versions of VCLE #0 and VCLT #0 by
doing a GT comparison and inverting the result gives the wrong
result if the input is a NaN. Implement as a GT comparison with the
operands swapped instead.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Peter Maydell [Fri, 11 Mar 2011 08:12:22 +0000 (08:12 +0000)]
target-arm: Return right result for Neon comparison with NaNs
Fix the helper functions implementing the Neon floating point comparison
ops (VCGE, VCGT, VCEQ, VACGT, VACGE) to return the right answer when
one of the values being compared is a NaN.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Peter Maydell [Fri, 11 Mar 2011 08:12:21 +0000 (08:12 +0000)]
target-arm/neon_helper.c: Use make_float32/float32_val macros
Use the softfloat make_float32 and float32_val macros to convert between
softfloat's float32 type and raw uint32_t types, rather than private
conversion functions.
Alon Levy [Sun, 24 Oct 2010 10:09:18 +0000 (12:09 +0200)]
ccid: add ccid-card-emulated device
This devices uses libcacard (internal) to emulate a smartcard conforming
to the CAC standard. It attaches to the usb-ccid bus. Usage instructions
(example command lines) are in the following patch in docs/ccid.txt. It
uses libcacard which uses nss, so it can work with both hw cards and
certificates (files).
Signed-off-by: Alon Levy <alevy@redhat.com>
---
changes from v20->v21: (Jes Sorenson review)
* cosmetics
* use qemu-thread and qemu_malloc/qemu_free
changes from v19->v20:
* checkpatch.pl
changes from v18->v19:
* add qdev.desc
* backend: drop the enumeration property, back to using a string one.
changes from v16->v17:
* use PROP_TYPE_ENUM for backend
changes from v15->v16:
* fix error reporting in initfn
* bump copyright year
* update copyright license
changes from v1:
* remove stale comments, use only c-style comments
* bugfix, forgot to set recv_len
* change reader name to 'Virtual Reader'
Robert Relyea [Thu, 17 Mar 2011 14:38:30 +0000 (16:38 +0200)]
libcacard: add vscclient
client to talk to ccid-card-passthru and use smartcard on client to
perform actual operations.
v23->v24 changes: (Jes Sorensen review 2)
* use qemu_socket instead of socket
* use fprintf(stderr,..) for errors
* remove unneccessary includes since using qemu_common.h
Robert Relyea [Sun, 28 Nov 2010 14:36:38 +0000 (16:36 +0200)]
libcacard: initial commit
libcacard emulates a Common Access Card (CAC) which is a standard
for smartcards. It is used by the emulated ccid card introduced in
a following patch. Docs are available in docs/libcacard.txt
Signed-off-by: Alon Levy <alevy@redhat.com>
---
changes from v24->v25:
* Fix out of tree builds.
* Fix build with linux-user targets.
changes from v23->v24: (Jes Sorensen review 2)
* Makefile.target: use obj-$(CONFIG_*) +=
* remove unrequired includes, include qemu-common before qemu-thread
* required adding #define NO_NSPR_10_SUPPORT (harmless)
changes from v22->v23:
* configure fixes: (reported by Stefan Hajnoczi)
* test a = b, not a == b (second isn't portable)
* quote $source_path in case it contains spaces
- this doesn't really help since there are many other places
that need similar fixes, not introduced by this patch.
changes from v21->v22:
* fix configure to not link libcacard if nss not found
(reported by Stefan Hajnoczi)
* fix vscclient linkage with simpletrace backend
(reported by Stefan Hajnoczi)
* card_7816.c: add missing break in ERROR_DATA_NOT_FOUND
(reported by William van de Velde)
changes from v20->v21: (Jes Sorensen review)
* use qemu infrastructure: qemu-thread, qemu-common (qemu_malloc
and qemu_free), error_report
* assert instead of ASSERT
* cosmetic fixes
* use strpbrk and isspace
* add --disable-nss --enable-nss here, instead of in the final patch.
* split vscclient, passthru and docs to following patches.
changes from v19->v20:
* checkpatch.pl
changes from v15->v16:
Build:
* don't erase self with distclean
* fix make clean after make distclean
* Makefile: make vscclient link quiet
Behavioral:
* vcard_emul_nss: load coolkey in more situations
* vscclient:
* use hton,ntoh
* send init on connect, only start vevent thread on response
* read payload after header check, before type switch
* remove Reconnect
* update for vscard_common changes, empty Flush implementation
Style/Whitespace:
* fix wrong variable usage
* remove unused variable
* use only C style comments
* add copyright header
* fix tabulation
Signed-off-by: Alon Levy <alevy@redhat.com>
libcacard: fix out of tree builds
Alon Levy [Sun, 17 Oct 2010 11:10:32 +0000 (13:10 +0200)]
ccid: add passthru card device
The passthru ccid card is a device sitting on the usb-ccid bus and
using a chardevice to communicate with a remote device using the
VSCard protocol defined in libcacard/vscard_common.h
Usage docs available in following patch in docs/ccid.txt
Signed-off-by: Alon Levy <alevy@redhat.com>
---
Changes from v23->v24:
* fixed double license line in header.
Changes from v20->v21: (Jes Sorensen review)
* add reference to COPYING in header
* long comment reformatting
Changes from v19->v20:
* checkpatch.pl
Changes from v18->v19:
* add qdev.desc
* remove .qdev.unplug (no hot unplug support for ccid bus)
Changes from v16->v17:
* fix wrong cast when receiving VSC_Error
* ccid-card-passthru: force chardev user wakeup by sending Init
see lengthy comment below.
Changes from v15->v16:
Behavioral changes:
* return correct size
* return error instead of assert if client sent too large ATR
* don't assert if client sent too large a size, but add asserts for indices to buffer
* reset vscard_in indices on chardev disconnect
* handle init from client
* error if no chardev supplied
* use ntoh, hton
* eradicate reader_id_t
* remove Reconnect usage (removed from VSCARD protocol)
* send VSC_SUCCESS on card insert/remove and reader add/remove
Style fixes:
* width of line fix
* update copyright
* remove old TODO's
* update file header comment
* use macros for debug levels
* c++ style comment replacement
* update copyright license
* fix ATR size comment
* fix whitespace in struct def
* fix DPRINTF prefix
* line width fix
ccid-card-passthru: force chardev user wakeup by sending Init
The problem: how to wakeup the user of the smartcard when the smartcard
device is initialized?
Long term solution: have a callback interface. This was done via
the deprecated so called chardev ioctl interface.
Short term solution: do a write. Specifically we write an Init message.
And we change the client to send it's own Init message regardless of
receiving this one. Additional Init messages will be regarded as
acceptable, the first one received after connection establishment is
the determining one wrt capabilities.
Alon Levy [Wed, 2 Feb 2011 19:48:04 +0000 (21:48 +0200)]
introduce libcacard/vscard_common.h
---
Signed-off-by: Alon Levy <alevy@redhat.com>
v20->v21 changes: (Jes Sorensen review)
* license set to 2+
* long comment fixes, remove empty line at eof.
* add reference to COPYING
v19->v20 changes:
* checkpatch.pl
v15->v16 changes:
Protocol change:
* VSCMsgInit capabilities and magic
* removed ReaderResponse, will use Error instead with code==VSC_SUCCESS.
* adaded Flush and FlushComplete, remove Reconnect.
* define VSCARD_MAGIC
* added error code VSC_SUCCESS.
Fixes:
* update VSCMsgInit comment
* fix message type enum
* remove underscore from wrapping define
* update copyright
* updated comments.
* Header comment updated
* remove C++ style comment
* fix comment for VSCMsgError
* give names to enums in typedefs
Alon Levy [Sun, 17 Oct 2010 09:40:07 +0000 (11:40 +0200)]
usb-ccid: add CCID bus
A CCID device is a smart card reader. It is a USB device, defined at [1].
This patch introduces the usb-ccid device that is a ccid bus. Next patches will
introduce two card types to use it, a passthru card and an emulated card.
changes from v20->v21: (Jes Sorenson review)
* cosmetic changes - fix multi line comments.
* reorder fields in USBCCIDState
* add reference to COPYING
* add --enable-smartcard and --disable-smartcard here (moved
from last patch)
changes from v19->v20:
* checkpatch.pl
changes from v18->v19:
* merged: ccid.h: add copyright, fix define and remove non C89 comments
* add qdev.desc
changes from v15->v16:
Behavioral changes:
* fix abort on client answer after card remove
* enable migration
* remove side affect code from asserts
* return consistent self-powered state
* mask out reserved bits in ccid_set_parameters
* add missing abRFU in SetParameters (no affect on linux guest)
whitefixes / comments / consts defines:
* remove stale comment
* remove ccid_print_pending_answers if no DEBUG_CCID
* replace printf's with DPRINTF, remove DEBUG_CCID, add verbosity defines
* use error_report
* update copyright (most of the code is not original)
* reword known bug comment
* add missing closing quote in comment
* add missing whitespace on one line
* s/CCID_SetParameter/CCID_SetParameters/
* add comments
* use define for max packet size
Comment for "return consistent self-powered state":
the Configuration Descriptor bmAttributes claims we are self powered,
but we were returning not self powered to USB_REQ_GET_STATUS control message.
In practice, this message is not sent by a linux 2.6.35.10-74.fc14.x86_64
guest (not tested on other guests), unless you issue lsusb -v as root (for
example).
Alon Levy [Mon, 14 Mar 2011 22:18:02 +0000 (00:18 +0200)]
qemu-thread.h: include inttypes.h
qemu-thread.h relies on uint64_t being defined, but doesn't include
inttypes.h explicitly. This makes it easier to use it from vscclient (part
of libcacard).
Peter Maydell [Tue, 22 Mar 2011 18:39:40 +0000 (18:39 +0000)]
net: Improve the warnings for dubious command line option combinations
Improve the warnings we give if the user specified a combination of -net
options which don't make much sense:
* Don't warn about anything if the config is the implicit default
"-net user -net nic" rather than one specified by the user (this will
only kick in for boards with no NIC or if CONFIG_SLIRP is not set)
* Diagnose the case where the user asked for NICs which the board
didn't instantiate (for example where the user asked for two NICs
but the board only supports one)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Peter Maydell [Tue, 22 Mar 2011 18:21:58 +0000 (18:21 +0000)]
hw/versatilepb, realview: Fix condition for instantiation of onboard NIC
Correct the condition determining whether we instantiate the onboard
NIC or a PCI card NIC on VersatilePB and Realview boards. This was broken
in two ways:
(1) if the user asked for two default NICs ("-net nic -net nic") we would
crash trying to strcmp() a NULL pointer
(2) if the user asked for two NICs explicitly of the same model as the
onboard NIC (eg "-net nic,model=smc91c111 -net nic,model=smc91c111")
we would try to instantiate two onboard NICs at the same address.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
"(S)->csr[29]" is a uint16_t, but "(S)->csr[29] << 16" gets promoted to
int, so the overall CSR_CRDA(s) is a (signed) int rather than a uint32_t.
This then gets assigned to a uint64_t using
target_phys_addr_t crda = CSR_CRDA(s);
so when (S)->csr[29] has the high bit set, we end up with
crda=0xffffffffxxxxxxxx.
From: Michael Brown <mcb30@ipxe.org> Signed-off-by: Alex Williamson <alex.williamson@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Peter Maydell [Tue, 15 Mar 2011 16:26:52 +0000 (16:26 +0000)]
target-arm: Don't leak TCG temp for UNDEFs in Neon load/store space
Move the allocation and freeing of the TCG temp used for the address for
Neon load/store instructions so that we don't allocate the temporary
until we've done enough decoding to know that the instruction is not
an UNDEF pattern; this avoids leaking the TCG temp in these cases.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
projects / qemu.git / log