Anthony Liguori [Thu, 10 Oct 2013 17:03:38 +0000 (10:03 -0700)]
Merge remote-tracking branch 'sstabellini/xen-2013-10-10' into staging
# By Matthew Daley (1) and Roger Pau Monné (1)
# Via Stefano Stabellini
* sstabellini/xen-2013-10-10:
qemu/xen: make use of xenstore relative paths
xen_disk: mark ioreq as mapped before unmapping in error case
Anthony Liguori [Thu, 10 Oct 2013 17:03:00 +0000 (10:03 -0700)]
Merge remote-tracking branch 'bonzini/scsi-next' into staging
# By Asias He (1) and Peter Lieven (1)
# Via Paolo Bonzini
* bonzini/scsi-next:
scsi: Allocate SCSITargetReq r->buf dynamically [CVE-2013-4344]
block/iscsi: reenable iscsi_co_get_block_status
Message-id: 1381332391-8781-1-git-send-email-pbonzini@redhat.com Signed-off-by: Anthony Liguori <aliguori@amazon.com>
Roger Pau Monné [Thu, 10 Oct 2013 14:25:52 +0000 (14:25 +0000)]
qemu/xen: make use of xenstore relative paths
Qemu has several hardcoded xenstore paths that are only valid on Dom0.
Attempts to launch a Qemu instance (to act as a userspace backend for
PV disks) will fail because Qemu is not able to access those paths
when running on a domain different than Dom0.
Instead make the xenstore paths relative to the domain where Qemu is
actually running.
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Reviewed-by: Anthony PERARD <anthony.perard@citrix.com> Cc: xen-devel@lists.xenproject.org Cc: Anthony PERARD <anthony.perard@citrix.com>
Matthew Daley [Thu, 10 Oct 2013 14:10:48 +0000 (14:10 +0000)]
xen_disk: mark ioreq as mapped before unmapping in error case
Commit 4472beae modified the semantics of ioreq_{un,}map so that they are
idempotent if called when they're not needed (ie., twice in a row). However,
it neglected to handle the case where batch mapping is not being used (the
default), and one of the grants fails to map. In this case, ioreq_unmap will
be called to unwind and unmap any mappings already performed, but ioreq_unmap
simply returns due to the aforementioned change (the ioreq has not already
been marked as mapped).
The frontend user can therefore force xen_disk to leak grant mappings, a
per-domain limited resource.
Fix by marking the ioreq as mapped before calling ioreq_unmap in this
situation.
Signed-off-by: Matthew Daley <mattjd@gmail.com> Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
r->buf is hardcoded to 2056 which is (256 + 1) * 8, allowing 256 luns at
most. If more than 256 luns are specified by user, we have buffer
overflow in scsi_target_emulate_report_luns.
To fix, we allocate the buffer dynamically.
Signed-off-by: Asias He <asias@redhat.com> Tested-by: Michael Roth <mdroth@linux.vnet.ibm.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Anthony Liguori [Wed, 9 Oct 2013 14:54:42 +0000 (07:54 -0700)]
Merge remote-tracking branch 'stefanha/block' into staging
# By Max Reitz (5) and others
# Via Stefan Hajnoczi
* stefanha/block:
block: use correct filename
qemu-iotests: Correct 026 output
qcow2: Free allocated L2 cluster on error
qcow2: Switch L1 table in a single sequence
block: vhdx - add migration blocker
block: use correct filename for error report
qcow2: CHECK_OFLAG_COPIED is obsolete
qcow2: Correct endianness in overlap check
Message-id: 1381145289-6591-1-git-send-email-stefanha@redhat.com Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
Anthony Liguori [Wed, 9 Oct 2013 14:54:20 +0000 (07:54 -0700)]
Merge remote-tracking branch 'mjt/trivial-patches' into staging
# By Stefan Weil (5) and others
# Via Michael Tokarev
* mjt/trivial-patches:
migration: Fix compiler warning ('caps' may be used uninitialized)
util/path: Fix type which is longer than 8 bit for MinGW
hw/9pfs: Fix errno value for xattr functions
vl: Clean up unnecessary boot_order complications
qemu-char: Fix potential out of bounds access to local arrays
pci-ohci: Add missing 'break' in ohci_service_td
sh4: Fix serial line access for Linux kernels later than 3.2
hw/alpha: Fix compiler warning (integer constant is too large)
target-i386: Fix compiler warning (integer constant is too large)
block: Remove unused assignment (fixes warning from clang)
exec: cleanup DEBUG_SUBPAGE
tests: Fix schema parser test for in-tree build
tests: Update .gitignore for test-int128 and test-bitops
.gitignore: ignore tests/qemu-iotests/socket_scm_helper
Message-id: 1381051979-25742-1-git-send-email-mjt@msgid.tls.msk.ru Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
Anthony Liguori [Wed, 9 Oct 2013 14:52:57 +0000 (07:52 -0700)]
Merge remote-tracking branch 'rth/tcg-arm-pull' into staging
# By Richard Henderson
# Via Richard Henderson
* rth/tcg-arm-pull:
tcg-arm: Move the tlb addend load earlier
tcg-arm: Remove restriction on qemu_ld output register
tcg-arm: Return register containing tlb addend
tcg-arm: Move load of tlb addend into tcg_out_tlb_read
tcg-arm: Use QEMU_BUILD_BUG_ON to verify constraints on tlb
tcg-arm: Use strd for tcg_out_arg_reg64
tcg-arm: Rearrange slow-path qemu_ld/st
tcg-arm: Use ldrd/strd for appropriate qemu_ld/st64
Message-id: 1380663109-14434-1-git-send-email-rth@twiddle.net Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
Anthony Liguori [Wed, 9 Oct 2013 14:52:21 +0000 (07:52 -0700)]
Merge remote-tracking branch 'sweil/mingw' into staging
# By Sebastian Ottlik
# Via Stefan Weil
* sweil/mingw:
util: call socket_set_fast_reuse instead of setting SO_REUSEADDR
slirp: call socket_set_fast_reuse instead of setting SO_REUSEADDR
net: call socket_set_fast_reuse instead of setting SO_REUSEADDR
gdbstub: call socket_set_fast_reuse instead of setting SO_REUSEADDR
util: add socket_set_fast_reuse function which will replace setting SO_REUSEADDR
Message-id: 1380735690-24009-1-git-send-email-sw@weilnetz.de Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
Anthony Liguori [Wed, 9 Oct 2013 14:50:37 +0000 (07:50 -0700)]
Merge remote-tracking branch 'sweil/tci' into staging
# By Stefan Weil
# Via Stefan Weil
* sweil/tci:
misc: Use new rotate functions
bitops: Add rotate functions (rol8, ror8, ...)
tci: Add implementation of rotl_i64, rotr_i64
Message-id: 1380137693-3729-1-git-send-email-sw@weilnetz.de Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
Peter Lieven [Wed, 2 Oct 2013 11:52:08 +0000 (13:52 +0200)]
block/iscsi: reenable iscsi_co_get_block_status
Commit f35c934a accidently disabled iscsi_co_get_block_status for all
libiscsi versions. Its not possible to check for enumeration constants
in the C preprocessor. This patch changes the check to the preprocessor
constant LIBISCSI_FEATURE_IOVECTOR which was introduced shortly after
get_lba_status support was added to libiscsi.
Signed-off-by: Peter Lieven <pl@kamp.de> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Stefan Weil [Wed, 2 Oct 2013 20:40:29 +0000 (22:40 +0200)]
util/path: Fix type which is longer than 8 bit for MinGW
While dirent->d_type is 8 bit for most systems, it is 32 bit for MinGW.
Reducing it to 8 bit results in a compiler warning because the macro
is_dir_maybe compares that 8 bit value with 32 bit constants.
Using 'unsigned' instead of 'unsigned char' matches the declaration for
MinGW and does not harm the other systems.
MinGW-w64 is not affected: it does not declare d_type.
Signed-off-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
If there is no operation driver for the xattr type the
functions return '-1' and set errno to '-EOPNOTSUPP'.
When the calling code sets 'ret = -errno' this turns
into a large positive number.
In Linux 3.11, the kernel has switched to using 9p
version 9p2000.L, instead of 9p2000.u, which enables
support for xattr operations. This on its own is harmless,
but for another change which makes it request the xattr
with a name 'security.capability'.
The result is that the guest sees a succesful return
of 95 bytes of data, instead of a failure with errno
set to 95. Since the kernel expects a maximum of 20
bytes for an xattr return this gets translated to the
unexpected errno ERANGE.
This all means that when running a binary off a 9p fs
in 3.11 kernels you get a fun result of:
# ./date
sh: ./date: Numerical result out of range
The only workaround is to pass 'version=9p2000.u' when
mounting the 9p fs in the guest, to disable all use of
xattrs.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Reviewed-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Stefan Weil [Mon, 30 Sep 2013 21:04:49 +0000 (23:04 +0200)]
qemu-char: Fix potential out of bounds access to local arrays
Latest gcc-4.8 supports a new option -fsanitize=address which activates
an AddressSanitizer. This AddressSanitizer stops the QEMU system emulation
very early because two character arrays of size 8 are potentially written
with 9 bytes.
There is no obvious reason why width or height could need 8 characters,
so reduce it to 7 characters which together with the terminating '\0'
fit into the arrays.
Cc: qemu-stable <qemu-stable@nongnu.org> Signed-off-by: Stefan Weil <sw@weilnetz.de> Reviewed-by: Alex Bennée <alex@bennee.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Stefan Weil [Sun, 29 Sep 2013 15:51:20 +0000 (17:51 +0200)]
hw/alpha: Fix compiler warning (integer constant is too large)
From buildbot default_i386_rhel61:
CC alpha-softmmu/hw/alpha/typhoon.o
hw/alpha/typhoon.c: In function 'typhoon_translate_iommu':
hw/alpha/typhoon.c:703: warning: integer constant is too large for 'long' type
hw/alpha/typhoon.c:703: warning: integer constant is too large for 'long' type
Signed-off-by: Stefan Weil <sw@weilnetz.de> Acked-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Stefan Weil [Sun, 29 Sep 2013 15:55:56 +0000 (17:55 +0200)]
target-i386: Fix compiler warning (integer constant is too large)
From buildbot default_i386_rhel61:
CC i386-softmmu/target-i386/arch_memory_mapping.o
target-i386/arch_memory_mapping.c: In function 'walk_pde':
target-i386/arch_memory_mapping.c:110: warning:
integer constant is too large for 'long' type
Signed-off-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Commit 4f193e3 added the test, but screwed up in-tree builds
(SRCDIR=.): the tests's output overwrites the expected output, and is
thus compared to itself.
Cc: qemu-stable@nongnu.org Reported-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Andreas Färber <afaerber@suse.de> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
util: call socket_set_fast_reuse instead of setting SO_REUSEADDR
SO_REUSEADDR should be avoided on Windows but is desired on other operating
systems. So instead of setting it we call socket_set_fast_reuse that will result
in the appropriate behaviour on all operating systems.
Signed-off-by: Sebastian Ottlik <ottlik@fzi.de> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Stefan Weil <sw@weilnetz.de>
slirp: call socket_set_fast_reuse instead of setting SO_REUSEADDR
SO_REUSEADDR should be avoided on Windows but is desired on other operating
systems. So instead of setting it we call socket_set_fast_reuse that will result
in the appropriate behaviour on all operating systems.
Signed-off-by: Sebastian Ottlik <ottlik@fzi.de> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Stefan Weil <sw@weilnetz.de>
net: call socket_set_fast_reuse instead of setting SO_REUSEADDR
SO_REUSEADDR should be avoided on Windows but is desired on other operating
systems. So instead of setting it we call socket_set_fast_reuse that will result
in the appropriate behaviour on all operating systems.
An exception to this rule are multicast sockets where it is sensible to have
multiple sockets listen on the same ip and port and we should set SO_REUSEADDR
on windows.
Signed-off-by: Sebastian Ottlik <ottlik@fzi.de> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Stefan Weil <sw@weilnetz.de>
gdbstub: call socket_set_fast_reuse instead of setting SO_REUSEADDR
SO_REUSEADDR should be avoided on Windows but is desired on other operating
systems. So instead of setting it we call socket_set_fast_reuse that will result
in the appropriate behaviour on all operating systems.
Signed-off-by: Sebastian Ottlik <ottlik@fzi.de> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Stefan Weil <sw@weilnetz.de>
util: add socket_set_fast_reuse function which will replace setting SO_REUSEADDR
If a socket is closed it remains in TIME_WAIT state for some time. On operating
systems using BSD sockets the endpoint of the socket may not be reused while in
this state unless SO_REUSEADDR was set on the socket. On windows on the other
hand the default behaviour is to allow reuse (i.e. identical to SO_REUSEADDR on
other operating systems) and setting SO_REUSEADDR on a socket allows it to be
bound to a endpoint even if the endpoint is already used by another socket
independently of the other sockets state. This can even result in undefined
behaviour.
Many sockets used by QEMU should not block the use of their endpoint after being
closed while they are still in TIME_WAIT state. Currently QEMU sets SO_REUSEADDR
for such sockets, which can lead to problems on Windows. This patch introduces
the function socket_set_fast_reuse that should be used instead of setting
SO_REUSEADDR when fast socket reuse is desired and behaves correctly on all
operating systems.
As a failure of this function can only be caused by bad QEMU internal errors, an
assertion handles these situations. The return value is still passed on, to
minimize changes in client code and prevent unused variable warnings if NDEBUG
is defined.
Signed-off-by: Sebastian Ottlik <ottlik@fzi.de> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Stefan Weil <sw@weilnetz.de>
Max Reitz [Mon, 30 Sep 2013 15:57:21 +0000 (17:57 +0200)]
qcow2: Switch L1 table in a single sequence
Switching the L1 table in memory should be an atomic operation, as far
as possible. Calling qcow2_free_clusters on the old L1 table on disk is
not a good idea when the old L1 table is no longer valid and the address
to the new one hasn't yet been written into the corresponding
BDRVQcowState field. To be more specific, this can lead to segfaults due
to qcow2_check_metadata_overlap trying to access the L1 table during the
free operation.
Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Max Reitz [Mon, 30 Sep 2013 07:21:07 +0000 (09:21 +0200)]
qcow2: CHECK_OFLAG_COPIED is obsolete
CHECK_OFLAG_COPIED as a parameter to check_refcounts_l1 and
check_refcounts_l2 is obselete now, since the OFLAG_COPIED consistency
check is actually no longer performed by these functions (but by
check_oflag_copied).
Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
There are free scheduling slots between the sequence of
comparison instructions. This requires changing the
register in use to avoid conflict with those compares.
Signed-off-by: Richard Henderson <rth@twiddle.net>
tcg-arm: Remove restriction on qemu_ld output register
The main intent of the patch is to allow the tlb addend register
to be changed, without tying that change to the constraint. But
the most common side-effect seems to be to enable usage of ldrd
with the r0,r1 pair.
Signed-off-by: Richard Henderson <rth@twiddle.net>
tcg-arm: Move load of tlb addend into tcg_out_tlb_read
This allows us to make more intelligent decisions about the relative
offsets of the tlb comparator and the addend, avoiding any need of
writeback addressing.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Use the new helper_ret_*_mmu routines. Use a conditional call
to arrange for a tail-call from the store path, and to load the
return address for the helper for the load path.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Anthony Liguori [Mon, 30 Sep 2013 22:15:01 +0000 (17:15 -0500)]
Merge remote-tracking branch 'mst/tags/for_anthony' into staging
pc,pci,virtio fixes and cleanups
This includes pc and pci cleanups and enhancements,
and a virtio-net bugfix related to softmac programming.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Sun 29 Sep 2013 01:51:16 AM CDT using RSA key ID D28D5469
# gpg: Can't check signature: public key not found
# By Michael S. Tsirkin (8) and others
# Via Michael S. Tsirkin
* mst/tags/for_anthony:
smbios: Factor out smbios_maybe_add_str()
smbios: Make multiple -smbios type= accumulate sanely
smbios: Improve diagnostics for conflicting entries
smbios: Convert to QemuOpts
smbios: Normalize smbios_entry_add()'s error handling to exit(1)
virtio-net: fix up HMP NIC info string on reset
pci: remove explicit check to 64K ioport size
piix4: disable io on reset
piix: use 64 bit window programmed by guest
q35: use 64 bit window programmed by guest
pci: add helper to retrieve the 64-bit range
range: add min/max operations on ranges
range: add Range to typedefs
q35: make pci window address/size match guest cfg
Anthony Liguori [Mon, 30 Sep 2013 22:14:49 +0000 (17:14 -0500)]
Merge remote-tracking branch 'kwolf/for-anthony' into staging
# By Max Reitz (10) and others
# Via Kevin Wolf
* kwolf/for-anthony: (30 commits)
qcow2: Remove useless count_contiguous_clusters() parameter
qcow2: COMPRESSED on count_contiguous_clusters
qcow2: count_contiguous_clusters and compression
qcow2: Free only newly allocated clusters on error
qcow2: Always use error path in l2_allocate
qcow2: Don't put invalid L2 table into cache
qemu-iotests: Preallocated zero clusters in 061
qcow2: Correct bitmap size in zero expansion
qemu-iotests: Quote $TEST_IMG* and $TEST_DIR usage
qemu-iotests: Add basic ability to use binary sample images
qemu-iotests: fix qmp.py search path
block: use DIV_ROUND_UP in bdrv_co_do_readv
qcow2: Assert against currently impossible overflow
block: qed - use QEMU_PACKED for on-disk structures
block: qcow2 - used QEMU_PACKED for on-disk structures
block: vpc - use QEMU_PACKED for on-disk structures
block: vdi - use QEMU_PACKED for on-disk structures
rbd: avoid qemu_rbd_snap_list() memory leaks
qdict: Extract qdict_extract_subqdict
block: Fix compiler warning (-Werror=uninitialized)
...
Anthony Liguori [Mon, 30 Sep 2013 22:14:01 +0000 (17:14 -0500)]
Merge remote-tracking branch 'rth/tcg-ppc-pull' into staging
# By Richard Henderson (19) and Paolo Bonzini (2)
# Via Richard Henderson
* rth/tcg-ppc-pull: (21 commits)
tcg-ppc64: Implement CONFIG_QEMU_LDST_OPTIMIZATION
tcg-ppc64: Add _noaddr functions for emitting forward branches
tcg-ppc64: Streamline tcg_out_tlb_read
tcg-ppc64: Implement tcg_register_jit
tcg-ppc64: Handle long offsets better
tcg-ppc64: Tidy register allocation order
tcg-ppc64: Look through a constant function descriptor
tcg-ppc64: Fold constant call address into descriptor load
tcg-ppc64: Don't load the static chain from TCG
tcg-ppc64: Avoid code for nop move
tcg-ppc64: Use tcg_out64
tcg-ppc64: Use TCG_REG_Rn constants
tcg-ppc64: More use of TAI and SAI helper macros
tcg-ppc64: Reformat tcg-target.c
tcg-ppc: Fix and cleanup tcg_out_tlb_check
tcg-ppc: Use conditional branch and link to slow path
tcg-ppc: Cleanup tcg_out_qemu_ld/st_slow_path
tcg-ppc: Avoid code for nop move
tcg-ppc: use new return-argument ld/st helpers
tcg-ppc: fix qemu_ld/qemu_st for AIX ABI
...
Anthony Liguori [Mon, 30 Sep 2013 22:13:43 +0000 (17:13 -0500)]
Merge remote-tracking branch 'quintela/migration.next' into staging
# By Isaku Yamahata (4) and others
# Via Juan Quintela
* quintela/migration.next:
migration: ram_handle_compressed
arch_init: make is_zero_page accept size
migration: Fix debug print type
migration: add version supporting macros for struct pointer
rdma: constify ram_chunk_{index, start, end}
rdma: clean up of qemu_rdma_cleanup()
arch_init: right return for ram_save_iterate
savevm: fix wrong initialization by ram_control_load_hook
savevm: add comments for qemu_file_get_error()
Anthony Liguori [Mon, 30 Sep 2013 22:13:32 +0000 (17:13 -0500)]
Merge remote-tracking branch 'kraxel/audio.1' into staging
# By Bandan Das (3) and Gerd Hoffmann (1)
# Via Gerd Hoffmann
* kraxel/audio.1:
audio: remove CONFIG_MIXEMU configure option
hda-codec: make mixemu selectable at runtime
hda-codec: refactor common definitions into a header file
audio maintainers update
Anthony Liguori [Mon, 30 Sep 2013 22:13:18 +0000 (17:13 -0500)]
Merge remote-tracking branch 'borntraeger/tags/s390-next-20130924' into staging
This is a bunch of fixes/changes for the s390 architecture. It also
contains the fixes from the previous pull request, which did not make
it yet.
Overall it contains
- a fix for kexec without kdump (which uses diag308 subcode 0 instead of 1)
- several sclp related fixes
- some initial sclp migration code
- the sclp line mode console
- A fix for a boot problem with the virtio ccw ipl bios
- zeroed out padding bytes for the notes section of dump-guest-memory
- some cleanups
# gpg: Signature made Tue 24 Sep 2013 02:18:44 AM CDT using RSA key ID B5A61C7C
# gpg: Can't check signature: public key not found
# By Christian Borntraeger (6) and others
# Via Christian Borntraeger
* borntraeger/tags/s390-next-20130924:
s390/sclplmconsole: Add support for SCLP line-mode console
s390/ebcdic: Move conversion tables to header file
s390/eventfacility: allow childs to handle more than 1 event type
s390/eventfacility: remove unused event_type variable
s390/eventfacility: Fix receive/send masks
s390/eventfacility: fix multiple Read Event Data sources
s390/sclp: add reset() functions
s390/sclpquiesce: Add code to support live migration
s390/sclpconsole: Add code to support live migration for sclpconsole
s390/sclpconsole: modify definition of input buffer
s390/kexec: Implement diag308 subcode 0
s390/ioinst: Moved the CC setting to the IO instruction handlers
s390/cpu: Make setcc() function available to other files
s390/ipl: Update the s390-ccw.img rom
s390/ipl: Fix waiting for virtio processing
s390/dump: zero out padding bytes in notes sections
s390/kvm: Add check for priviledged SCLP handler
Alex Williamson (4):
seabios q35: Enable all PIRQn IRQs at startup
seabios q35: Add new PCI slot to irq routing function
seabios: Add a dummy PCI slot to irq mapping function
pciinit: Enable default VGA device
Asias He (2):
virtio-scsi: Set _DRIVER_OK flag before scsi target scanning
virtio-scsi: Pack struct virtio_scsi_{req_cmd,resp_cmd}
Avik Sil (1):
USB-EHCI: Fix null pointer assignment
Christian Gmeiner (5):
geodevga: fix errors in geode_fp_* functions
geodevga: move framebuffer setup
geodevga: move output setup to own function
geodevga: add debug to msr functions
geodevga: fix wrong define name
David Woodhouse (26):
Add macros for pushing and popping struct bregs
Clean up #if in pirtable.c. CONFIG_PIRTABLE can't be set if CONFIG_COREBOOT is
post: Export functions which will be used individually by CSM
Export callrom() for CSM to use
Export copy_smbios() from biostables.c
Import LegacyBios.h from OVMF
Complete and checksum EFI_COMPATIBILITY16_TABLE at build time
Add pic_save_mask() and pic_restore_mask() functions
Add CSM support
Add README.CSM
Add find_pmtimer() function
Enable PMTIMER for CSM build
Fix rom_reserve()/rom_confirm() for CSM oprom dispatch
Don't calibrate TSC if PMTIMER is already set up
Move find_pmtimer() to ACPI table setup where it logically belongs
Use find_pmtimer() after copying Xen ACPI tables
Use find_pmtimer() after copying coreboot ACPI tables
Unify return path for CSM to go via csm_return()
Make CONFIG_OPTIONROMS_DEPLOYED depend on CONFIG_QEMU
Implement !CONFIG_OPTIONROMS support for CSM
Implement !CONFIG_BOOT for CSM
Enable VGA output when settings bochs-specific mode
Disable CONFIG_THREAD_OPTIONROMS for CSM build
Fix return type of le64_to_cpu() and be64_to_cpu()
Rename find_pmtimer() to find_acpi_features()
Add acpi_reboot() reset method using RESET_REG
Kevin O'Connor (101):
pmm: Use 'struct segoff_s' in pmm header.
Minor: Update README - variable changes are now reset on soft-reboots.
Normalize POST initialization function name suffixes.
POST: Reorganize post init functions for better grouping and reusability.
Fix rebase error in commit 8a0a972f that broke LOWMEM variables.
Support calling a function other than maininit() from reloc_preinit().
Ensure exported symbols are visible in the final link
POST: Move QEMU specific ramsize and BIOS table setup to paravirt.c.
POST: Reorganize post entry and "preinit" functions.
POST: Move cpu caching and dma setup to platform_hardware_setup().
Undo incorrect assumptions about Xen in commit 6ca0460f.
Determine century during init and store in VARLOW mem during runtime.
No need to check both CONFIG_THREADS and CONFIG_THREAD_OPTIONROMS.
Add runningOnQEMU() and runningOnXen() for runtime platform detection.
Consistently use CONFIG_COREBOOT, CONFIG_QEMU, and runningOnXen().
Convert kvm_para_available() to runningOnKVM().
Minor - move definitions to paravirt.c from paravirt.h.
Only perform SMP setup on QEMU.
Start device_hardware_setup in mainint even with CONFIG_THREAD_OPTIONROMS.
The mathcp setup touches the PIC and thus move to the "setup" phase.
Update tools/acpi_extract.py to handle iasl 20130117 release.
Support skipping content when reading from QEMU fw_cfg romfile entries.
Convert fw_cfg ACPI entries into romfile entries.
Convert fw_cfg SMBIOS entries into romfile entries.
Convert basic integer fw_cfg entries into romfile entries.
Convert fw_cfg NUMA entries into a romfile entry.
Process fw_cfg e820 entries during the fw_cfg setup stage.
Integrate qemu_cfg_preinit() into qemu_romfile_init().
Group QEMU platform setup together and move to paravirt.c.
vgabios: Bochs/QEMU vgabios support should depend on CONFIG_QEMU.
Warn on unaligned PCI ROM structure in option roms.
Fix Makefile - don't reference "out/" directly, instead use "$(OUT)".
build: Don't require $(OUT) to be a sub-directory of the main directory.
Rename rom_get_top() to rom_get_max().
Report on f-segment UMB ram also.
Clarify build generated "zone low" values.
Verify CC is valid during build tests.
Disable handle_post() on CSM builds.
Remove unnecessary "export" declarations from assembler functions.
Minor assembler enhancements to __csm_return.
Introduce VARFSEG for variables that will reside in the f-segment.
Convert VAR16VISIBLE, VAR16EXPORT, and VAR32VISIBLE to VARFSEG.
Don't relocate "varlow" variable references at runtime.
Move malloc's ZoneFSeg and ZoneLow setup to malloc_init.
Calculate "RamSize" needed by 16bit interface dynamically.
Eliminate separate BiosTableSpace[] space for f-segment allocations.
Use CONFIG_ prefix for Kconfig variables; use BUILD_ for others.
Try to detect an unsuccessful hard-reboot to prevent soft-reboot loops.
Minor - fix confusing final_sec32low_start name in layoutrom.py.
Minor - introduce numeric defines for the IVT offset of hw irqs.
Separate out 16bit PCI-BIOS entry point from regular int 0x1a entry point.
Support using the "extra stack" for all 16bit irq entry points.
Minor - improve comments and grouping of handle_08().
floppy: Introduce 'struct floppy_pio_s' for floppy PIO ops.
floppy: Cleanup floppy irq wait handling.
floppy: Clean up Check Interrupt Status code.
floppy: Move recalibration and results parsing to floppy_cmd().
floppy: Improve floppy_pio() error checking.
floppy: Implement media format sensing.
floppy: Actually do controller reset in floppy_reset().
Minor - note that passing QEMU config via cmos is deprecated.
Cache boot-fail-wait to avoid romfile access after POST.
Rename src/ssdt-susp.dsl to src/ssdt-misc.dsl.
acpi: Eliminate BDAT parameter passing to DSDT code.
Add additional dependency checks to Makefile.
Don't use __FILE__ in virtio-ring.c.
shadow: Don't use PCIDevices list in make_bios_readonly().
smm: Don't use PCIDevices list in smm_setup().
Add VARVERIFY32INIT attribute for variables only available during "init".
Use VARVERIFY32INIT on global variables that point to "tmp" memory.
vgabios: Fix stdvga_perform_gray_scale_summing().
vgabios: Fix cirrus memory clear on mode switch.
Minor - add missing newline to floppy debug statement.
Fix bug in NUMA node setup - don't create SRAT if NUMA not present.
Update README - copy *.aml files for QEMU.
Add dependencies to vgafixup.py and buildversion.sh scripts.
Set ZF prior to keyboard read call in check_for_keystroke().
mptable: Don't describe pci-to-pci bridges.
mptable: Use same PCI irqs as ACPI code.
Cleanup QEMU_CFG_NUMA fw_cfg processing - split into two romfile entries.
Use container_of on romfile entries.
acpi: Move ACPI table definitions from acpi.c to acpi.h.
acpi: Remove dead code with descriptions of bit flags.
acpi: Use cpu_to_leXX() consistently.
Minor - explicitly close files in buildrom.py.
Minor - move "tracked memory alloc" code in pmm.c.
Introduce and convert pmm code to use standard list helpers.
Minor - relocate code in stacks.c to keep low-level thread code together.
Introduce helper function have_threads() in stacks.c.
Convert stacks.c to use standard list manipulation code.
Convert boot.c to use standard list manipulation code.
Convert pciinit.c to use standard list manipulation code.
Convert PCIDevices list to use standard list manipultion code.
Revert "Convert pciinit.c to use standard list manipulation code."
Fix error in hlist_for_each_entry_safe macro.
Convert pciinit.c to use standard list manipulation code.
make qemu_cfg_init depend on QEMU_HARDWARE instead of QEMU
Another fix for hlist_for_each_entry_safe.
Minor - remove debugging dprintf added to pciinit.c.
Fix USB EHCI detection that was broken in hlist conversion of PCIDevices.
Fix bug in CBFS file walking with compressed files.
Laszlo Ersek (1):
Enable VGA output when setting Cirrus-specific mode
Michael S. Tsirkin (2):
acpi: make default DSDT optional
acpi: sync FADT flags from PIIX4 to Q35
Add some logic to detect cross compilers. Add support for "make slof",
which should JustWork[tm] if you are on a ppx64 machine or have a ppc64
cross compiler installed somewhere in your path.
smbios: Make multiple -smbios type= accumulate sanely
Currently, -smbios type=T,NAME=VAL,... adds one field (T,NAME) with
value VAL to fw_cfg for each unique NAME. If NAME occurs multiple
times, the last one's VAL is used (before the QemuOpts conversion, the
first one was used).
Multiple -smbios can add multiple fields with the same (T, NAME).
SeaBIOS reads all of them from fw_cfg, but uses only the first field
(T, NAME). The others are ignored.
"First one wins, subsequent ones get ignored silently" isn't nice. We
commonly let the last option win. Useful, because it lets you
-readconfig first, then selectively override with command line
options.
Clean up -smbios to work the common way. Accumulate the settings,
with later ones overwriting earlier ones. Put the result into fw_cfg
(no more useless duplicates).
Bonus cleanup: qemu_uuid_parse() no longer sets SMBIOS system uuid by
side effect.
Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
smbios: Improve diagnostics for conflicting entries
We allow either tables or fields for the same type. Makes sense,
because SeaBIOS uses fields only when no tables are present.
We do this by searching the SMBIOS blob for a previously added table
or field. Error messages look like this:
qemu-system-x86_64: -smbios type=1,serial=42: SMBIOS type 1 table already defined, cannot add field
User needs to know that "table" is defined by -smbios file=..., and
"field" by -smbios type=...
Instead of searching the blob, record additions of interest, and check
that. Simpler, and makes better error messages possible:
qemu-system-x86_64: -smbios file=smbios_type_1.bin: Can't mix file= and type= for same type
qemu-system-x86_64: -smbios type=1,serial=42,serial=99: This is the conflicting setting
Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
So that it can be set in config file for -readconfig.
This tightens parsing of -smbios, and makes it more consistent with
other options: unknown parameters are rejected, numbers with trailing
junk are rejected, when a parameter is given multiple times, last
rather than first wins, ...
MST: drop one chunk to fix build errors
Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Max Reitz [Fri, 27 Sep 2013 10:14:15 +0000 (12:14 +0200)]
qcow2: count_contiguous_clusters and compression
The function is not intended to be used on compressed clusters and will
not work correctly, if used anyway, since L2E_OFFSET_MASK is not the
right mask for determining the offset of compressed clusters. Therefore,
assert that the first cluster is not compressed and always include the
compression flag in the mask of significant flags, i.e., stop the search
as soon as a compressed cluster occurs.
Signed-off-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Max Reitz [Fri, 27 Sep 2013 08:21:48 +0000 (10:21 +0200)]
qcow2: Free only newly allocated clusters on error
In expand_zero_clusters_in_l1, a new cluster is only allocated if it was
not already preallocated. On error, such preallocated clusters should
not be freed, but only the newly allocated ones.
Signed-off-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Max Reitz [Wed, 25 Sep 2013 14:37:20 +0000 (16:37 +0200)]
qcow2: Always use error path in l2_allocate
Just returning -errno in some cases prevents
trace_qcow2_l2_allocate_done from being executed (and, in one case, also
the unused allocated L2 table from being freed). Always going down the
error path fixes this.
Signed-off-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Max Reitz [Wed, 25 Sep 2013 14:37:18 +0000 (16:37 +0200)]
qcow2: Don't put invalid L2 table into cache
In l2_allocate, the fail path is executed if qcow2_cache_flush fails.
However, the L2 table has not yet been fetched from the L2 table cache.
The qcow2_cache_put in the fail path therefore basically gives an
undefined argument as the L2 table address (in this case).
Signed-off-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Max Reitz [Wed, 25 Sep 2013 10:07:22 +0000 (12:07 +0200)]
qcow2: Correct bitmap size in zero expansion
Since the expanded_clusters bitmap is addressed using host offsets in
the underlying image file, the correct size to use for allocating the
bitmap is not determined by the guest disk image but by the underlying
host image file.
Furthermore, this size may change during the expansion due to cluster
allocations on growable image files. In this case, the bitmap needs to
be resized as well to reflect the growth.
Signed-off-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Jeff Cody [Wed, 25 Sep 2013 12:12:20 +0000 (08:12 -0400)]
qemu-iotests: Add basic ability to use binary sample images
For image formats that are not "QEMU native", but supported for
compatibility, it is useful to verify that an image created with
the 'gold standard' native tool can be read / written to successfully
by QEMU.
In addition to testing non-native images, this could also be useful to
test against image files created by older versions of QEMU.
This provides a directory to store small sample images, for use by
scripts in tests/qemu-iotests.
Image files should be compressed with bzip2.
To use a sample image from a bash script, the _use_sample_img function
will copy and decompress the image into $TEST_DIR, and set $TEST_IMG to
be the decompressed sample image copy. To cleanup, call
_cleanup_test_img as normal.
Signed-off-by: Jeff Cody <jcody@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Max Reitz [Wed, 25 Sep 2013 15:48:55 +0000 (17:48 +0200)]
qcow2: Assert against currently impossible overflow
If qcow2_alloc_cluster_link_l2 is called with a QCowL2Meta describing a
request crossing L2 boundaries, a buffer overflow will occur. This is
impossible right now since such requests are never generated (every
request is shortened to L2 boundaries before) and probably also
completely unintended (considering the name "QCowL2Meta"), however, it
is still worth an assertion.
Signed-off-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Jeff Cody [Wed, 25 Sep 2013 16:08:51 +0000 (12:08 -0400)]
block: qed - use QEMU_PACKED for on-disk structures
QEDHeader is read, and written, directly from on-disk images
via bdrv_pread()/write(). To avoid any unintentional padding,
these structs should be packed.
Signed-off-by: Jeff Cody <jcody@redhat.com> Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Jeff Cody [Wed, 25 Sep 2013 16:08:50 +0000 (12:08 -0400)]
block: qcow2 - used QEMU_PACKED for on-disk structures
QCowHeader and QCowExtension are structs that reside in the on-disk
image format, and are read and written directly via bdrv_pread()/write(),
and as such should be packed to avoid any unintentional struct padding.
Signed-off-by: Jeff Cody <jcody@redhat.com> Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Jeff Cody [Wed, 25 Sep 2013 16:08:49 +0000 (12:08 -0400)]
block: vpc - use QEMU_PACKED for on-disk structures
The VHD footer and header structs (vhd_footer and vhd_dyndisk_header)
are on-disk structures for the image format, and as such should be
packed.
Go ahead and make these typedefs as well, with the preferred QEMU
naming convention, so that the packed attribute is used consistently
with the struct.
Signed-off-by: Jeff Cody <jcody@redhat.com> Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This patch is qemu patch 2 to fix Xen HVM S3 bug, adding qemu
xen logic. When qemu wakeup, qemu xen logic is notified and
hypercall to xen hypervisor to unpause domain.
Signed-off-by: Liu Jinsong <jinsong.liu@intel.com> Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Reviewed-by: Anthony PERARD <anthony.perard@citrix.com>
Currently Xen hvm s3 has a bug coming from the difference between
qemu-traditioanl and qemu-xen. For qemu-traditional, the way to
resume from hvm s3 is via 'xl trigger' command. However, for
qemu-xen, the way to resume from hvm s3 inherited from standard
qemu, i.e. via QMP, and it doesn't work under Xen.
The root cause is, for qemu-xen, 'xl trigger' command didn't reset
devices, while QMP didn't unpause hvm domain though they did qemu
system reset.
We have two qemu patches and one xl patch to fix Xen hvm s3 bug.
This patch is the qemu patch 1. It adjusts qemu wakeup so that
Xen s3 resume logic (which will be implemented at qemu patch 2)
will be notified after qemu system reset.
Signed-off-by: Liu Jinsong <jinsong.liu@intel.com> Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Anthony PERARD <anthony.perard@citrix.com>
projects / mirror_qemu.git / log