aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-10-12e1000: use alias for default modelJason Wang
Instead of duplicating the "e1000-82540em" device model as "e1000", make the latter an alias for the former. Cc: Markus Armbruster <armbru@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com Reviewed-by: Markus Armbruster <armbru@redhat.com>
2015-10-12vmxnet3: Support reading IMR registers on bar0Shmulik Ladkani
Instead of asserting, return the actual IMR register value. This is aligned with what's returned on ESXi. Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com> Tested-by: Dana Rubin <dana.rubin@ravellosystems.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-12net/vmxnet3: Refine l2 header validationDana Rubin
Validation of l2 header length assumed minimal packet size as eth_header + 2 * vlan_header regardless of the actual protocol. This caused crash for valid non-IP packets shorter than 22 bytes, as 'tx_pkt->packet_type' hasn't been assigned for such packets, and 'vmxnet3_on_tx_done_update_stats()' expects it to be properly set. Refine header length validation in 'vmxnet_tx_pkt_parse_headers'. Check its return value during packet processing flow. As a side effect, in case IPv4 and IPv6 header validation failure, corrupt packets will be dropped. Signed-off-by: Dana Rubin <dana.rubin@ravellosystems.com> Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-06Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into ↵Peter Maydell
staging X86 queue, 2015-10-05 # gpg: Signature made Mon 05 Oct 2015 17:04:38 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>" * remotes/ehabkost/tags/x86-pull-request: icc_bus: drop the unused files cpu/apic: drop icc bus/bridge x86: use new method to correct reset sequence apic: move APIC's MMIO region mapping into APIC Correctly re-init EFER state during INIT IPI target-i386: add ABM to Haswell* and Broadwell* CPU models target-i386: get/put MSR_TSC_AUX across reset and migration target-i386: Make check_hw_breakpoints static target-i386: Move breakpoint related functions to new file target-i386: Convert kvm_default_*features to property/value pairs vl: Add another sanity check to smp_parse() function cpu: Introduce X86CPUTopoInfo structure for argument simplification Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-06Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into stagingPeter Maydell
# gpg: Signature made Mon 05 Oct 2015 17:01:11 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@redhat.com>" * remotes/jnsnow/tags/ide-pull-request: qtest/ide-test: ppc64be correction for ATAPI tests MAINTAINERS: Small IDE/FDC touchup qtest/ahci: fix redundant assertion Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-06tests: vhost-user: disable unless CONFIG_VHOST_NETMichael S. Tsirkin
vhost-user depends on vhost-net. We should probably fix that. For now, let's disable the test otherwise. Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-05qtest/ide-test: ppc64be correction for ATAPI testsJohn Snow
the 16bit ide data register is LE by definition. Signed-off-by: John Snow <jsnow@redhat.com> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Message-id: 1443461938-30039-1-git-send-email-jsnow@redhat.com
2015-10-05MAINTAINERS: Small IDE/FDC touchupJohn Snow
libqos/ahci and tests/fdc-test are under my purview also, include them in the appropriate stanzas. Signed-off-by: John Snow <jsnow@redhat.com> Message-id: 1443117055-29240-1-git-send-email-jsnow@redhat.com
2015-10-05qtest/ahci: fix redundant assertionJohn Snow
Fixes https://bugs.launchpad.net/qemu/+bug/1497711 (!ncq || (ncq && lba48)) is the same as (!ncq || lba48). The intention is simply: "If a command is NCQ, it must also be LBA48." Signed-off-by: John Snow <jsnow@redhat.com> Message-id: 1442868929-17777-1-git-send-email-jsnow@redhat.com
2015-10-02icc_bus: drop the unused filesZhu Guihua
ICC bus impl has been droped, so all icc related files are not useful any more; delete them. Signed-off-by: Zhu Guihua <zhugh.fnst@cn.fujitsu.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2015-10-02cpu/apic: drop icc bus/bridgeChen Fan
After CPU hotplug has been converted to BUS-less hot-plug infrastructure, the only function ICC bus performs is to propagate reset to LAPICs. However LAPIC could be reset by registering its reset handler after all device are initialized. Do so and drop ~30LOC of not needed anymore ICCBus related code. Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com> Signed-off-by: Zhu Guihua <zhugh.fnst@cn.fujitsu.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2015-10-02x86: use new method to correct reset sequenceZhu Guihua
During reset some devices (such as hpet, rtc) might send IRQ to APIC which changes APIC's state from default one it's supposed to have at machine startup time. Fix this by resetting APIC after devices have been reset to cancel any changes that qemu_devices_reset() might have done to its state. Signed-off-by: Zhu Guihua <zhugh.fnst@cn.fujitsu.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2015-10-02apic: move APIC's MMIO region mapping into APICChen Fan
When ICC bus/bridge is removed, APIC MMIO will be left unmapped since it was mapped into system's address space indirectly by ICC bridge. Fix it by moving mapping into APIC code, so it would be possible to remove ICC bus/bridge code later. Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com> Signed-off-by: Zhu Guihua <zhugh.fnst@cn.fujitsu.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2015-10-02Correctly re-init EFER state during INIT IPIBill Paul
When doing a re-initialization of a CPU core, the default state is to _not_ have 64-bit long mode enabled. This means the LME (long mode enable) and LMA (long mode active) bits in the EFER model-specific register should be cleared. However, the EFER state is part of the CPU environment which is preserved by do_cpu_init(), so if EFER.LME and EFER.LMA were set at the time an INIT IPI was received, they will remain set after the init completes. This is contrary to what the Intel architecture manual describes and what happens on real hardware, and it leaves the CPU in a weird state that the guest can't clear. To fix this, the 'efer' member of the CPUX86State structure has been moved to an area outside the region preserved by do_cpu_init(), so that it can be properly re-initialized by x86_cpu_reset(). Signed-off-by: Bill Paul <wpaul@windriver.com> CC: Paolo Bonzini <pbonzini@redhat.com> CC: Richard Henderson <rth@twiddle.net> CC: Eduardo Habkost <ehabkost@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2015-10-02target-i386: add ABM to Haswell* and Broadwell* CPU modelsPaolo Bonzini
ABM is only implemented as a single instruction set by AMD; all AMD processors support both instructions or neither. Intel considers POPCNT as part of SSE4.2, and LZCNT as part of BMI1, but Intel also uses AMD's ABM flag to indicate support for both POPCNT and LZCNT. It has to be added to Haswell and Broadwell because Haswell, by adding LZCNT, has completed the ABM. Tested with "qemu-kvm -cpu Haswell-noTSX,enforce" (and also with older machine types) on an Haswell-EP machine. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2015-10-02target-i386: get/put MSR_TSC_AUX across reset and migrationAmit Shah
There's one report of migration breaking due to missing MSR_TSC_AUX save/restore. Fix this by adding a new subsection that saves the state of this MSR. https://bugzilla.redhat.com/show_bug.cgi?id=1261797 Reported-by: Xiaoqing Wei <xwei@redhat.com> Signed-off-by: Amit Shah <amit.shah@redhat.com> CC: Paolo Bonzini <pbonzini@redhat.com> CC: Juan Quintela <quintela@redhat.com> CC: "Dr. David Alan Gilbert" <dgilbert@redhat.com> CC: Marcelo Tosatti <mtosatti@redhat.com> CC: Richard Henderson <rth@twiddle.net> CC: Eduardo Habkost <ehabkost@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2015-10-02target-i386: Make check_hw_breakpoints staticRichard Henderson
The function is now only used from within a single file. Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2015-10-02target-i386: Move breakpoint related functions to new fileRichard Henderson
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2015-10-02target-i386: Convert kvm_default_*features to property/value pairsEduardo Habkost
Convert the kvm_default_features and kvm_default_unset_features arrays into a simple list of property/value pairs that will be applied to X86CPU objects when using KVM. Acked-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2015-10-02vl: Add another sanity check to smp_parse() functionThomas Huth
The code in smp_parse already checks the topology information for sockets * cores * threads < cpus and bails out with an error in that case. However, it is still possible to supply a bad configuration the other way round, e.g. with: qemu-system-xxx -smp 4,sockets=1,cores=4,threads=2 QEMU then still starts the guest, with topology configuration that is rather incomprehensible and likely not what the user wanted. So let's add another check to refuse such wrong configurations. Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com> Acked-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2015-10-02cpu: Introduce X86CPUTopoInfo structure for argument simplificationChen Fan
In order to simplify arguments of function, introduce a new struct named X86CPUTopoInfo. Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com> Signed-off-by: Zhu Guihua <zhugh.fnst@cn.fujitsu.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2015-10-02Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into stagingPeter Maydell
virtio,pc features, fixes New features: guest RAM buffer overrun mitigation RAM physical address gaps for memory hotplug (except refactoring which got some review comments) Signed-off-by: Michael S. Tsirkin <mst@redhat.com> # gpg: Signature made Fri 02 Oct 2015 15:04:56 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" # gpg: aka "Michael S. Tsirkin <mst@redhat.com>" * remotes/mst/tags/for_upstream: vhost-user-test: fix predictable filename on tmpfs vhost-user-test: use tmpfs by default pc: memhp: force gaps between DIMM's GPA memhp: extend address auto assignment to support gaps vhost-user: unit test for new messages vhost-user-test: do not reinvent glib-compat.h virtio: Notice when the system doesn't support MSIx at all pc: Add a comment explaining why pc_compat_2_4() doesn't exist exec: allocate PROT_NONE pages on top of RAM oslib: allocate PROT_NONE pages on top of RAM oslib: rework anonimous RAM allocation virtio-net: correctly drop truncated packets virtio: introduce virtqueue_discard() virtio: introduce virtqueue_unmap_sg() Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-02Merge remote-tracking branch 'remotes/riku/tags/pull-linux-user-20151002' ↵Peter Maydell
into staging First set of Linux-user que patches for 2.5 # gpg: Signature made Fri 02 Oct 2015 13:38:00 BST using RSA key ID DE3C9BC0 # gpg: Good signature from "Riku Voipio <riku.voipio@iki.fi>" # gpg: aka "Riku Voipio <riku.voipio@linaro.org>" * remotes/riku/tags/pull-linux-user-20151002: linux-user: assert that target_mprotect cannot fail linux-user/signal.c: Use setup_rt_frame() instead of setup_frame() for target openrisc linux-user/syscall.c: Add EAGAIN to host_to_target_errno_table for linux-user: add name_to_handle_at/open_by_handle_at linux-user: Return target error number in do_fork() linux-user: fix cmsg conversion in case of multiple headers linux-user: remove MAX_ARG_PAGES limit linux-user: remove unused image_info members linux-user: Treat --foo options the same as -foo linux-user: use EXIT_SUCCESS and EXIT_FAILURE linux-user: Add proper error messages for bad options linux-user: Add -help linux-user: Exit 0 when -h is used Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-02vhost-user-test: fix predictable filename on tmpfsMichael S. Tsirkin
vhost-user-test uses getpid to create a unique filename. This name is predictable, and a security problem. Instead, use a tmp directory created by mkdtemp, which is a suggested best practice. Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2015-10-02vhost-user-test: use tmpfs by defaultMichael S. Tsirkin
Most people don't run make check by default, so they skip vhost-user unit tests. Solve this by using tmpfs instead, unless hugetlbfs is specified (using an environment variable). Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2015-10-02pc: memhp: force gaps between DIMM's GPAIgor Mammedov
mapping DIMMs non contiguously allows to workaround virtio bug reported earlier: http://lists.nongnu.org/archive/html/qemu-devel/2015-08/msg00522.html in this case guest kernel doesn't allocate buffers that can cross DIMM boundary keeping each buffer local to a DIMM. Suggested-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Igor Mammedov <imammedo@redhat.com> Acked-by: Eduardo Habkost <ehabkost@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-10-02memhp: extend address auto assignment to support gapsIgor Mammedov
setting gap to TRUE will make sparse DIMM address auto allocation, leaving gaps between a new DIMM address and preceeding existing DIMM. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-10-02vhost-user: unit test for new messagesMichael S. Tsirkin
Data is empty for now, but do make sure master sets the new feature bit flag. Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
2015-10-02vhost-user-test: do not reinvent glib-compat.hPaolo Bonzini
glib-compat.h has the gunk to support both old-style and new-style gthread functions. Use it instead of reinventing it. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Tested-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2015-10-02Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into stagingPeter Maydell
Block layer patches # gpg: Signature made Fri 02 Oct 2015 12:49:13 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" * remotes/kevin/tags/for-upstream: block/raw-posix: Open file descriptor O_RDWR to work around glibc posix_fallocate emulation issue. block: disable I/O limits at the beginning of bdrv_close() iotests: Fix test 128 for password-less sudo tests: Fix test 049 fallout from improved HMP error messages raw-win32: Fix write request error handling Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-02block/raw-posix: Open file descriptor O_RDWR to work around glibc ↵Richard W.M. Jones
posix_fallocate emulation issue. https://bugzilla.redhat.com/show_bug.cgi?id=1265196 The following command fails on an NFS mountpoint: $ qemu-img create -f qcow2 -o preallocation=falloc disk.img 262144 Formatting 'disk.img', fmt=qcow2 size=262144 encryption=off cluster_size=65536 preallocation='falloc' lazy_refcounts=off qemu-img: disk.img: Could not preallocate data for the new file: Bad file descriptor The reason turns out to be because NFS doesn't support the posix_fallocate call. glibc emulates it instead. However glibc's emulation involves using the pread(2) syscall. The pread syscall fails with EBADF if the file descriptor is opened without the read open-flag (ie. open (..., O_WRONLY)). I contacted glibc upstream about this, and their response is here: https://bugzilla.redhat.com/show_bug.cgi?id=1265196#c9 There are two possible fixes: Use Linux fallocate directly, or (this fix) work around the problem in qemu by opening the file with O_RDWR instead of O_WRONLY. Signed-off-by: Richard W.M. Jones <rjones@redhat.com> BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1265196 Reviewed-by: Jeff Cody <jcody@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-10-02block: disable I/O limits at the beginning of bdrv_close()Alberto Garcia
Disabling I/O limits from a BDS also drains all pending throttled requests, so it should be done at the beginning of bdrv_close() with the rest of the bdrv_drain() calls before the BlockDriver is closed. Signed-off-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-10-02iotests: Fix test 128 for password-less sudoMax Reitz
As of 934659c460d46c948cf348822fda1d38556ed9a4, $QEMU_IO is generally no longer a program name, and therefore "sudo -n $QEMU_IO" will no longer work. Fix this by copying the qemu-io invocation function from common.config, making it use $sudo for invoking $QEMU_IO_PROG, and then use that function instead of $QEMU_IO. Reported-by: Fam Zheng <famz@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-10-02tests: Fix test 049 fallout from improved HMP error messagesEric Blake
Commit 50b7b000 improved HMP error messages, but forgot to update qemu-iotests to match. Reported-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com> Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-10-02raw-win32: Fix write request error handlingKevin Wolf
aio_worker() wrote the return code to the wrong variable. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Tested-by: Guangmu Zhu <guangmuzhu@gmail.com> Reviewed-by: Eric Blake <eblake@redhat.com>
2015-10-02Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into stagingPeter Maydell
# gpg: Signature made Thu 01 Oct 2015 20:02:33 BST using RSA key ID C0DE3057 # gpg: Good signature from "Jeffrey Cody <jcody@redhat.com>" # gpg: aka "Jeffrey Cody <jeff@codyprime.org>" # gpg: aka "Jeffrey Cody <codyprime@gmail.com>" * remotes/cody/tags/block-pull-request: block: mirror - fix full sync mode when target does not support zero init Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-01target-microblaze: Set the PC in reset instead of realizeAlistair Francis
Set the Microblaze CPU PC in the reset instead of setting it in the realize. This is required as the PC is zeroed in the reset function and causes problems in some situations. Signed-off-by: Alistair Francis <alistair.francis@xilinx.com> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-10-01disas/cris: Fix typo in commentStefan Weil
Signed-off-by: Stefan Weil <sw@weilnetz.de> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-10-01block: mirror - fix full sync mode when target does not support zero initJeff Cody
During mirror, if the target device does not support zero init, a mirror may result in a corrupted image for sync="full" mode. This is due to how the initial dirty bitmap is set up prior to copying data - we did not mark sectors as dirty that are unallocated. This means those unallocated sectors are skipped over on the target, and for a device without zero init, invalid data may reside in those holes. If both of the following conditions are true, then we will explicitly mark all sectors as dirty: 1.) sync = "full" 2.) bdrv_has_zero_init(target) == false If the target does support zero init, but a target image is passed in with data already present (i.e. an "existing" image), it is assumed the data present in the existing image is valid data for those sectors. Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 91ed4bc5bda7e2b09eb508b07c83f4071fe0b3c9.1443705220.git.jcody@redhat.com Signed-off-by: Jeff Cody <jcody@redhat.com>
2015-10-01virtio: Notice when the system doesn't support MSIx at allRichard Henderson
And do not issue an error_report in that case. Signed-off-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-10-01pc: Add a comment explaining why pc_compat_2_4() doesn't existEduardo Habkost
pc_compat_2_4() doesn't exist, and we shouldn't create one. Add a comment explaining why the function doesn't exist and why pc_compat_*() functions are deprecated. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-10-01exec: allocate PROT_NONE pages on top of RAMMichael S. Tsirkin
This inserts a read and write protected page between RAM and QEMU memory, for file-backend RAM. This makes it harder to exploit QEMU bugs resulting from buffer overflows in devices using variants of cpu_physical_memory_map, dma_memory_map etc. Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Acked-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-01oslib: allocate PROT_NONE pages on top of RAMMichael S. Tsirkin
This inserts a read and write protected page between RAM and QEMU memory. This makes it harder to exploit QEMU bugs resulting from buffer overflows in devices using variants of cpu_physical_memory_map, dma_memory_map etc. Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Acked-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-01oslib: rework anonimous RAM allocationMichael S. Tsirkin
At the moment we first allocate RAM, sometimes more than necessary for alignment reasons. We then free the extra RAM. Rework this to avoid the temporary allocation: reserve the range by mapping it with PROT_NONE, then use just the necessary range with MAP_FIXED. Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Acked-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-01virtio-net: correctly drop truncated packetsJason Wang
When packet is truncated during receiving, we drop the packets but neither discard the descriptor nor add and signal used descriptor. This will lead several issues: - sg mappings are leaked - rx will be stalled if a lots of packets were truncated In order to be consistent with vhost, fix by discarding the descriptor in this case. Cc: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-10-01virtio: introduce virtqueue_discard()Jason Wang
This patch introduces virtqueue_discard() to discard a descriptor and unmap the sgs. This will be used by the patch that will discard descriptor when packet is truncated. Cc: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-10-01virtio: introduce virtqueue_unmap_sg()Jason Wang
Factor out sg unmapping logic. This will be reused by the patch that can discard descriptor. Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Andrew James <andrew.james@hpe.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-10-01Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20150930' ↵Peter Maydell
into staging migration/next for 20150930 # gpg: Signature made Wed 30 Sep 2015 09:24:02 BST using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@redhat.com>" # gpg: aka "Juan Quintela <quintela@trasno.org>" * remotes/juanquintela/tags/migration/20150930: migration: Disambiguate MAX_THROTTLE qmp/hmp: Add throttle ratio to query-migrate and info migrate migration: Dynamic cpu throttling for auto-converge migration: Parameters for auto-converge cpu throttling cpu: Provide vcpu throttling interface migration: yet more possible state transitions Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-01linux-user: assert that target_mprotect cannot failPaolo Bonzini
All error conditions that target_mprotect checks are also checked by target_mmap. EACCESS cannot happen because we are just removing PROT_WRITE. ENOMEM should not happen because we are modifying a whole VMA (and we have bigger problems anyway if it happens). Fixes a Coverity false positive, where Coverity complains about target_mprotect's return value being passed to tb_invalidate_phys_range. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2015-10-01linux-user/signal.c: Use setup_rt_frame() instead of setup_frame() for ↵Chen Gang
target openrisc qemu has already considered about some targets may have no traditional signals. And openrisc's setup_frame() is dummy, but it can be supported by setup_rt_frame(). Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com> Signed-off-by: Riku Voipio <riku.voipio@linaro.org>