aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--MAINTAINERS7
-rwxr-xr-xconfigure12
-rw-r--r--hw/acpi/pcihp.c18
-rw-r--r--hw/i2c/pm_smbus.c63
-rw-r--r--hw/i2c/smbus.c68
-rw-r--r--hw/i386/acpi-build.c13
-rw-r--r--hw/i386/pc_piix.c4
-rw-r--r--hw/i386/pc_q35.c4
-rw-r--r--hw/intc/apic.c2
-rw-r--r--hw/intc/apic_common.c1
-rw-r--r--hw/intc/i8259.c3
-rw-r--r--include/hw/i2c/smbus.h18
-rw-r--r--include/hw/i386/apic_internal.h1
-rw-r--r--include/hw/i386/pc.h12
14 files changed, 159 insertions, 67 deletions
diff --git a/MAINTAINERS b/MAINTAINERS
index bf77713776..97c9fa1f7f 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -52,6 +52,13 @@ General Project Administration
------------------------------
M: Anthony Liguori <aliguori@amazon.com>
+Responsible Disclosure, Reporting Security Issues
+------------------------------
+W: http://wiki.qemu.org/SecurityProcess
+M: Michael S. Tsirkin <mst@redhat.com>
+M: Anthony Liguori <aliguori@amazon.com>
+L: secalert@redhat.com
+
Guest CPU cores (TCG):
----------------------
Alpha
diff --git a/configure b/configure
index 8c50d78f87..b18f531606 100755
--- a/configure
+++ b/configure
@@ -403,6 +403,14 @@ fi
# make source path absolute
source_path=`cd "$source_path"; pwd`
+# running configure in the source tree?
+# we know that's the case if configure is there.
+if test -f "./configure"; then
+ pwd_is_source_path="y"
+else
+ pwd_is_source_path="n"
+fi
+
check_define() {
cat > $TMPC <<EOF
#if !defined($1)
@@ -2940,7 +2948,7 @@ EOF
fdt=yes
dtc_internal="yes"
mkdir -p dtc
- if [ "$source_path" != `pwd` ] ; then
+ if [ "$pwd_is_source_path" != "y" ] ; then
symlink "$source_path/dtc/Makefile" "dtc/Makefile"
symlink "$source_path/dtc/scripts" "dtc/scripts"
fi
@@ -5176,7 +5184,7 @@ do
done
mkdir -p $DIRS
for f in $FILES ; do
- if [ -e "$source_path/$f" ] && [ "$source_path" != `pwd` ]; then
+ if [ -e "$source_path/$f" ] && [ "$pwd_is_source_path" != "y" ]; then
symlink "$source_path/$f" "$f"
fi
done
diff --git a/hw/acpi/pcihp.c b/hw/acpi/pcihp.c
index f80c48008c..3b143b371b 100644
--- a/hw/acpi/pcihp.c
+++ b/hw/acpi/pcihp.c
@@ -63,16 +63,18 @@ typedef struct AcpiPciHpFind {
static int acpi_pcihp_get_bsel(PCIBus *bus)
{
- QObject *o = object_property_get_qobject(OBJECT(bus),
- ACPI_PCIHP_PROP_BSEL, NULL);
- int64_t bsel = -1;
- if (o) {
- bsel = qint_get_int(qobject_to_qint(o));
- }
- if (bsel < 0) {
+ Error *local_err = NULL;
+ int64_t bsel = object_property_get_int(OBJECT(bus), ACPI_PCIHP_PROP_BSEL,
+ &local_err);
+
+ if (local_err || bsel < 0 || bsel >= ACPI_PCIHP_MAX_HOTPLUG_BUS) {
+ if (local_err) {
+ error_free(local_err);
+ }
return -1;
+ } else {
+ return bsel;
}
- return bsel;
}
static void acpi_pcihp_test_hotplug_bus(PCIBus *bus, void *opaque)
diff --git a/hw/i2c/pm_smbus.c b/hw/i2c/pm_smbus.c
index 9f50067735..fedb5fb4d4 100644
--- a/hw/i2c/pm_smbus.c
+++ b/hw/i2c/pm_smbus.c
@@ -60,59 +60,78 @@ static void smb_transaction(PMSMBus *s)
uint8_t cmd = s->smb_cmd;
uint8_t addr = s->smb_addr >> 1;
I2CBus *bus = s->smbus;
+ int ret;
SMBUS_DPRINTF("SMBus trans addr=0x%02x prot=0x%02x\n", addr, prot);
/* Transaction isn't exec if STS_DEV_ERR bit set */
if ((s->smb_stat & STS_DEV_ERR) != 0) {
- goto error;
- }
+ goto error;
+ }
switch(prot) {
case 0x0:
- smbus_quick_command(bus, addr, read);
- s->smb_stat |= STS_BYTE_DONE | STS_INTR;
- break;
+ ret = smbus_quick_command(bus, addr, read);
+ goto done;
case 0x1:
if (read) {
- s->smb_data0 = smbus_receive_byte(bus, addr);
+ ret = smbus_receive_byte(bus, addr);
+ goto data8;
} else {
- smbus_send_byte(bus, addr, cmd);
+ ret = smbus_send_byte(bus, addr, cmd);
+ goto done;
}
- s->smb_stat |= STS_BYTE_DONE | STS_INTR;
- break;
case 0x2:
if (read) {
- s->smb_data0 = smbus_read_byte(bus, addr, cmd);
+ ret = smbus_read_byte(bus, addr, cmd);
+ goto data8;
} else {
- smbus_write_byte(bus, addr, cmd, s->smb_data0);
+ ret = smbus_write_byte(bus, addr, cmd, s->smb_data0);
+ goto done;
}
- s->smb_stat |= STS_BYTE_DONE | STS_INTR;
break;
case 0x3:
if (read) {
- uint16_t val;
- val = smbus_read_word(bus, addr, cmd);
- s->smb_data0 = val;
- s->smb_data1 = val >> 8;
+ ret = smbus_read_word(bus, addr, cmd);
+ goto data16;
} else {
- smbus_write_word(bus, addr, cmd, (s->smb_data1 << 8) | s->smb_data0);
+ ret = smbus_write_word(bus, addr, cmd, (s->smb_data1 << 8) | s->smb_data0);
+ goto done;
}
- s->smb_stat |= STS_BYTE_DONE | STS_INTR;
break;
case 0x5:
if (read) {
- s->smb_data0 = smbus_read_block(bus, addr, cmd, s->smb_data);
+ ret = smbus_read_block(bus, addr, cmd, s->smb_data);
+ goto data8;
} else {
- smbus_write_block(bus, addr, cmd, s->smb_data, s->smb_data0);
+ ret = smbus_write_block(bus, addr, cmd, s->smb_data, s->smb_data0);
+ goto done;
}
- s->smb_stat |= STS_BYTE_DONE | STS_INTR;
break;
default:
goto error;
}
+ abort();
+
+data16:
+ if (ret < 0) {
+ goto error;
+ }
+ s->smb_data1 = ret >> 8;
+data8:
+ if (ret < 0) {
+ goto error;
+ }
+ s->smb_data0 = ret;
+done:
+ if (ret < 0) {
+ goto error;
+ }
+ s->smb_stat |= STS_BYTE_DONE | STS_INTR;
return;
- error:
+error:
s->smb_stat |= STS_DEV_ERR;
+ return;
+
}
static void smb_ioport_writeb(void *opaque, hwaddr addr, uint64_t val,
diff --git a/hw/i2c/smbus.c b/hw/i2c/smbus.c
index 3febf3c258..6e27ae8bd2 100644
--- a/hw/i2c/smbus.c
+++ b/hw/i2c/smbus.c
@@ -208,34 +208,44 @@ static int smbus_device_init(I2CSlave *i2c)
}
/* Master device commands. */
-void smbus_quick_command(I2CBus *bus, uint8_t addr, int read)
+int smbus_quick_command(I2CBus *bus, uint8_t addr, int read)
{
- i2c_start_transfer(bus, addr, read);
+ if (i2c_start_transfer(bus, addr, read)) {
+ return -1;
+ }
i2c_end_transfer(bus);
+ return 0;
}
-uint8_t smbus_receive_byte(I2CBus *bus, uint8_t addr)
+int smbus_receive_byte(I2CBus *bus, uint8_t addr)
{
uint8_t data;
- i2c_start_transfer(bus, addr, 1);
+ if (i2c_start_transfer(bus, addr, 1)) {
+ return -1;
+ }
data = i2c_recv(bus);
i2c_nack(bus);
i2c_end_transfer(bus);
return data;
}
-void smbus_send_byte(I2CBus *bus, uint8_t addr, uint8_t data)
+int smbus_send_byte(I2CBus *bus, uint8_t addr, uint8_t data)
{
- i2c_start_transfer(bus, addr, 0);
+ if (i2c_start_transfer(bus, addr, 0)) {
+ return -1;
+ }
i2c_send(bus, data);
i2c_end_transfer(bus);
+ return 0;
}
-uint8_t smbus_read_byte(I2CBus *bus, uint8_t addr, uint8_t command)
+int smbus_read_byte(I2CBus *bus, uint8_t addr, uint8_t command)
{
uint8_t data;
- i2c_start_transfer(bus, addr, 0);
+ if (i2c_start_transfer(bus, addr, 0)) {
+ return -1;
+ }
i2c_send(bus, command);
i2c_start_transfer(bus, addr, 1);
data = i2c_recv(bus);
@@ -244,18 +254,23 @@ uint8_t smbus_read_byte(I2CBus *bus, uint8_t addr, uint8_t command)
return data;
}
-void smbus_write_byte(I2CBus *bus, uint8_t addr, uint8_t command, uint8_t data)
+int smbus_write_byte(I2CBus *bus, uint8_t addr, uint8_t command, uint8_t data)
{
- i2c_start_transfer(bus, addr, 0);
+ if (i2c_start_transfer(bus, addr, 0)) {
+ return -1;
+ }
i2c_send(bus, command);
i2c_send(bus, data);
i2c_end_transfer(bus);
+ return 0;
}
-uint16_t smbus_read_word(I2CBus *bus, uint8_t addr, uint8_t command)
+int smbus_read_word(I2CBus *bus, uint8_t addr, uint8_t command)
{
uint16_t data;
- i2c_start_transfer(bus, addr, 0);
+ if (i2c_start_transfer(bus, addr, 0)) {
+ return -1;
+ }
i2c_send(bus, command);
i2c_start_transfer(bus, addr, 1);
data = i2c_recv(bus);
@@ -265,13 +280,16 @@ uint16_t smbus_read_word(I2CBus *bus, uint8_t addr, uint8_t command)
return data;
}
-void smbus_write_word(I2CBus *bus, uint8_t addr, uint8_t command, uint16_t data)
+int smbus_write_word(I2CBus *bus, uint8_t addr, uint8_t command, uint16_t data)
{
- i2c_start_transfer(bus, addr, 0);
+ if (i2c_start_transfer(bus, addr, 0)) {
+ return -1;
+ }
i2c_send(bus, command);
i2c_send(bus, data & 0xff);
i2c_send(bus, data >> 8);
i2c_end_transfer(bus);
+ return 0;
}
int smbus_read_block(I2CBus *bus, uint8_t addr, uint8_t command, uint8_t *data)
@@ -279,33 +297,41 @@ int smbus_read_block(I2CBus *bus, uint8_t addr, uint8_t command, uint8_t *data)
int len;
int i;
- i2c_start_transfer(bus, addr, 0);
+ if (i2c_start_transfer(bus, addr, 0)) {
+ return -1;
+ }
i2c_send(bus, command);
i2c_start_transfer(bus, addr, 1);
len = i2c_recv(bus);
- if (len > 32)
+ if (len > 32) {
len = 0;
- for (i = 0; i < len; i++)
+ }
+ for (i = 0; i < len; i++) {
data[i] = i2c_recv(bus);
+ }
i2c_nack(bus);
i2c_end_transfer(bus);
return len;
}
-void smbus_write_block(I2CBus *bus, uint8_t addr, uint8_t command, uint8_t *data,
- int len)
+int smbus_write_block(I2CBus *bus, uint8_t addr, uint8_t command, uint8_t *data,
+ int len)
{
int i;
if (len > 32)
len = 32;
- i2c_start_transfer(bus, addr, 0);
+ if (i2c_start_transfer(bus, addr, 0)) {
+ return -1;
+ }
i2c_send(bus, command);
i2c_send(bus, len);
- for (i = 0; i < len; i++)
+ for (i = 0; i < len; i++) {
i2c_send(bus, data[i]);
+ }
i2c_end_transfer(bus);
+ return 0;
}
static void smbus_device_class_init(ObjectClass *klass, void *data)
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index c98df88cd2..9fac589033 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -156,18 +156,21 @@ static void acpi_get_pm_info(AcpiPmInfo *pm)
} else {
pm->s3_disabled = false;
}
+ qobject_decref(o);
o = object_property_get_qobject(obj, ACPI_PM_PROP_S4_DISABLED, NULL);
if (o) {
pm->s4_disabled = qint_get_int(qobject_to_qint(o));
} else {
pm->s4_disabled = false;
}
+ qobject_decref(o);
o = object_property_get_qobject(obj, ACPI_PM_PROP_S4_VAL, NULL);
if (o) {
pm->s4_val = qint_get_int(qobject_to_qint(o));
} else {
pm->s4_val = false;
}
+ qobject_decref(o);
/* Fill in mandatory properties */
pm->sci_int = object_property_get_int(obj, ACPI_PM_PROP_SCI_INT, NULL);
@@ -973,6 +976,7 @@ static void build_pci_bus_end(PCIBus *bus, void *bus_state)
}
}
+ qobject_decref(bsel);
build_free_array(bus_table);
build_pci_bus_state_cleanup(child);
g_free(child);
@@ -1362,10 +1366,12 @@ static bool acpi_get_mcfg(AcpiMcfgInfo *mcfg)
return false;
}
mcfg->mcfg_base = qint_get_int(qobject_to_qint(o));
+ qobject_decref(o);
o = object_property_get_qobject(pci_host, PCIE_HOST_MCFG_SIZE, NULL);
assert(o);
mcfg->mcfg_size = qint_get_int(qobject_to_qint(o));
+ qobject_decref(o);
return true;
}
@@ -1410,15 +1416,16 @@ void acpi_build(PcGuestInfo *guest_info, AcpiBuildTables *tables)
/* ACPI tables pointed to by RSDT */
acpi_add_table(table_offsets, tables->table_data);
build_fadt(tables->table_data, tables->linker, &pm, facs, dsdt);
- acpi_add_table(table_offsets, tables->table_data);
+ acpi_add_table(table_offsets, tables->table_data);
build_ssdt(tables->table_data, tables->linker, &cpu, &pm, &misc, &pci,
guest_info);
- acpi_add_table(table_offsets, tables->table_data);
- build_madt(tables->table_data, tables->linker, &cpu, guest_info);
acpi_add_table(table_offsets, tables->table_data);
+ build_madt(tables->table_data, tables->linker, &cpu, guest_info);
+
if (misc.has_hpet) {
+ acpi_add_table(table_offsets, tables->table_data);
build_hpet(tables->table_data, tables->linker);
}
if (guest_info->numa_nodes) {
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index ea72502420..eaf3e61994 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -414,6 +414,10 @@ static QEMUMachine pc_i440fx_machine_v2_0 = {
PC_I440FX_2_0_MACHINE_OPTIONS,
.name = "pc-i440fx-2.0",
.init = pc_init_pci_2_0,
+ .compat_props = (GlobalProperty[]) {
+ PC_COMPAT_2_0,
+ { /* end of list */ }
+ },
};
#define PC_I440FX_1_7_MACHINE_OPTIONS PC_I440FX_MACHINE_OPTIONS
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index 3306f89b9e..9517ec653f 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -327,6 +327,10 @@ static QEMUMachine pc_q35_machine_v2_0 = {
PC_Q35_2_0_MACHINE_OPTIONS,
.name = "pc-q35-2.0",
.init = pc_q35_init_2_0,
+ .compat_props = (GlobalProperty[]) {
+ PC_Q35_COMPAT_2_0,
+ { /* end of list */ }
+ },
};
#define PC_Q35_1_7_MACHINE_OPTIONS PC_Q35_MACHINE_OPTIONS
diff --git a/hw/intc/apic.c b/hw/intc/apic.c
index 2f40cbad2d..ef19e5515c 100644
--- a/hw/intc/apic.c
+++ b/hw/intc/apic.c
@@ -675,7 +675,7 @@ static uint32_t apic_mem_readl(void *opaque, hwaddr addr)
val = s->id << 24;
break;
case 0x03: /* version */
- val = 0x11 | ((APIC_LVT_NB - 1) << 16); /* version 0x11 */
+ val = s->version | ((APIC_LVT_NB - 1) << 16);
break;
case 0x08:
apic_sync_vapic(s, SYNC_FROM_VAPIC);
diff --git a/hw/intc/apic_common.c b/hw/intc/apic_common.c
index 7ecce2dcce..71376533ca 100644
--- a/hw/intc/apic_common.c
+++ b/hw/intc/apic_common.c
@@ -380,6 +380,7 @@ static const VMStateDescription vmstate_apic_common = {
static Property apic_properties_common[] = {
DEFINE_PROP_UINT8("id", APICCommonState, id, -1),
+ DEFINE_PROP_UINT8("version", APICCommonState, version, 0x14),
DEFINE_PROP_BIT("vapic", APICCommonState, vapic_control, VAPIC_ENABLE_BIT,
true),
DEFINE_PROP_END_OF_LIST(),
diff --git a/hw/intc/i8259.c b/hw/intc/i8259.c
index ec01393e4f..d0b0c52b97 100644
--- a/hw/intc/i8259.c
+++ b/hw/intc/i8259.c
@@ -265,7 +265,8 @@ static void pic_ioport_write(void *opaque, hwaddr addr64,
s->init4 = val & 1;
s->single_mode = val & 2;
if (val & 0x08) {
- hw_error("level sensitive irq not supported");
+ qemu_log_mask(LOG_UNIMP,
+ "i8259: level sensitive irq not supported\n");
}
} else if (val & 0x08) {
if (val & 0x04) {
diff --git a/include/hw/i2c/smbus.h b/include/hw/i2c/smbus.h
index 63f0cc4788..544bbc1957 100644
--- a/include/hw/i2c/smbus.h
+++ b/include/hw/i2c/smbus.h
@@ -66,16 +66,16 @@ struct SMBusDevice {
};
/* Master device commands. */
-void smbus_quick_command(I2CBus *bus, uint8_t addr, int read);
-uint8_t smbus_receive_byte(I2CBus *bus, uint8_t addr);
-void smbus_send_byte(I2CBus *bus, uint8_t addr, uint8_t data);
-uint8_t smbus_read_byte(I2CBus *bus, uint8_t addr, uint8_t command);
-void smbus_write_byte(I2CBus *bus, uint8_t addr, uint8_t command, uint8_t data);
-uint16_t smbus_read_word(I2CBus *bus, uint8_t addr, uint8_t command);
-void smbus_write_word(I2CBus *bus, uint8_t addr, uint8_t command, uint16_t data);
+int smbus_quick_command(I2CBus *bus, uint8_t addr, int read);
+int smbus_receive_byte(I2CBus *bus, uint8_t addr);
+int smbus_send_byte(I2CBus *bus, uint8_t addr, uint8_t data);
+int smbus_read_byte(I2CBus *bus, uint8_t addr, uint8_t command);
+int smbus_write_byte(I2CBus *bus, uint8_t addr, uint8_t command, uint8_t data);
+int smbus_read_word(I2CBus *bus, uint8_t addr, uint8_t command);
+int smbus_write_word(I2CBus *bus, uint8_t addr, uint8_t command, uint16_t data);
int smbus_read_block(I2CBus *bus, uint8_t addr, uint8_t command, uint8_t *data);
-void smbus_write_block(I2CBus *bus, uint8_t addr, uint8_t command, uint8_t *data,
- int len);
+int smbus_write_block(I2CBus *bus, uint8_t addr, uint8_t command, uint8_t *data,
+ int len);
void smbus_eeprom_init(I2CBus *smbus, int nb_eeprom,
const uint8_t *eeprom_spd, int size);
diff --git a/include/hw/i386/apic_internal.h b/include/hw/i386/apic_internal.h
index 70542a6f43..83e2a42cc1 100644
--- a/include/hw/i386/apic_internal.h
+++ b/include/hw/i386/apic_internal.h
@@ -98,6 +98,7 @@ struct APICCommonState {
X86CPU *cpu;
uint32_t apicbase;
uint8_t id;
+ uint8_t version;
uint8_t arb_id;
uint8_t tpr;
uint32_t spurious_vec;
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 9f26e14bef..32a76876c7 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -242,8 +242,12 @@ int e820_add_entry(uint64_t, uint64_t, uint32_t);
int e820_get_num_entries(void);
bool e820_get_entry(int, uint32_t, uint64_t *, uint64_t *);
+#define PC_Q35_COMPAT_2_0 \
+ PC_COMPAT_2_0
+
#define PC_Q35_COMPAT_1_7 \
PC_COMPAT_1_7, \
+ PC_Q35_COMPAT_2_0, \
{\
.driver = "hpet",\
.property = HPET_INTCAP,\
@@ -262,7 +266,15 @@ bool e820_get_entry(int, uint32_t, uint64_t *, uint64_t *);
PC_COMPAT_1_4, \
PC_Q35_COMPAT_1_5
+#define PC_COMPAT_2_0 \
+ {\
+ .driver = "apic",\
+ .property = "version",\
+ .value = stringify(0x11),\
+ }
+
#define PC_COMPAT_1_7 \
+ PC_COMPAT_2_0, \
{\
.driver = TYPE_USB_DEVICE,\
.property = "msos-desc",\
generated by cgit v1.2.3 (git 2.26.2) at 2024-12-21 17:52:14 +0000