aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2011-07-20spice: add sanity check for spice portsGerd Hoffmann
Make sure at least one port (port=.. or tls-port=...) is specified. Also apply range checks to the port numbers. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-07-19Merge remote-tracking branch 'agraf/xen-next' into stagingAnthony Liguori
2011-07-19Merge remote-tracking branch 'kraxel/usb.19' into stagingAnthony Liguori
2011-07-19Merge remote-tracking branch 'spice/spice.v38' into stagingAnthony Liguori
2011-07-19Merge remote-tracking branch 'mst/for_anthony' into stagingAnthony Liguori
2011-07-19Merge remote-tracking branch 'riku/linux-user-for-upstream' into stagingAnthony Liguori
2011-07-18virtio-console: Prevent abort()s in case of host chardev closeAmit Shah
A host chardev could close just before the guest sends some data to be written. This will cause an -EPIPE error. This shouldn't be propagated to virtio-serial-bus. Ideally we should close the port once -EPIPE is received, but since the chardev interface doesn't return such meaningful values to its users, all we get is -1 for any kind of error. Just return 0 for now and wait for chardevs to return better error messages to act better on the return messages. Signed-off-by: Amit Shah <amit.shah@redhat.com>
2011-07-18virtio-serial-bus: Fix trailing \n in error_report stringAmit Shah
Markus fixed offenders in the file but one instance sneaked in via another patch. Fix it. Signed-off-by: Amit Shah <amit.shah@redhat.com>
2011-07-18virtio-console: Add some trace eventsAmit Shah
Add some trace events for messages passed between the char layer and the virtio-serial bus. Signed-off-by: Amit Shah <amit.shah@redhat.com>
2011-07-18virtio-serial-bus: Add trace eventsAmit Shah
Add some trace events for messages passed between the guest and host. Signed-off-by: Amit Shah <amit.shah@redhat.com>
2011-07-17virtio: fix indirect descriptor buffer overflowMichael S. Tsirkin
We were previously allowing arbitrarily-long indirect descriptors, which could lead to a buffer overflow in qemu-kvm process. CVE-2011-2212 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2011-07-17xen: move to new pci initializersMichael S. Tsirkin
move ids to pci info structure Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2011-07-17hw/piix_pci.c: Fix PIIX3-xen to initialize idsAnthony PERARD
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2011-07-17pci_ids: tweak names to match linux/pci_ids.hMichael S. Tsirkin
Sync xen names to ones used by linux. Add xen platform device id as well. Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2011-07-17vhost: fix double free on device stopMichael S. Tsirkin
vhost dev stop failed to clear the log field. Typically not an issue as dev start overwrites this field, but if logging gets disabled before the following start, it doesn't so this causes a double free. Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2011-07-17xen_console: fall back to qemu serial deviceAlexander Graf
The new xen_console protocol changed the default xen_console output device from whatever Qemu chose to whatever xenstore choses and "pty" as fallback. This is not how Qemu works. It has its own serial redirection semantics. So it xenstore doesn't contain information on what to do, Qemu is the place to ask. Signed-off-by: Alexander Graf <agraf@suse.de>
2011-07-17xen_console: support the new extended xenstore protocolStefano Stabellini
Since CS 21994 on xen-unstable.hg and CS 466608f3a32e1f9808acdf832a5843af37e5fcec on qemu-xen-unstable.git, few changes have been introduced to the PV console xenstore protocol, as described by the document docs/misc/console.txt under xen-unstable.hg. From the Qemu point of view, very few modifications are needed to correctly support the protocol: read from xenstore the "output" node that tell us what the output of the PV console is going to be. In case the output is a tty, write to xenstore the device name. Changes in v2: - fix error paths: free malloc'ed strings and close the xenstore connection before returning; - remove useless snprintf in xenstore_store_pv_console_info if i == 0. Changes in v3: - replace xs_daemon_open/xs_daemon_close with xs_open/xs_close. Changes in v4: - add a compatibility implementation of xs_open/xs_close. Changes in v5: - fix code style. [agraf] fix build error due to missing stub Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-07-17checkpatch: don't error out on },{ linesAlexander Graf
When having code like this: static PCIDeviceInfo piix_ide_info[] = { { .qdev.name = "piix3-ide", .qdev.size = sizeof(PCIIDEState), .qdev.no_user = 1, .no_hotplug = 1, .init = pci_piix_ide_initfn, .vendor_id = PCI_VENDOR_ID_INTEL, .device_id = PCI_DEVICE_ID_INTEL_82371SB_1, .class_id = PCI_CLASS_STORAGE_IDE, },{ .qdev.name = "piix4-ide", .qdev.size = sizeof(PCIIDEState), .qdev.no_user = 1, .no_hotplug = 1, .init = pci_piix_ide_initfn, .vendor_id = PCI_VENDOR_ID_INTEL, .device_id = PCI_DEVICE_ID_INTEL_82371AB, .class_id = PCI_CLASS_STORAGE_IDE, },{ /* end of list */ } }; checkpatch currently errors out, claiming that spaces need to follow commas. However, this particular style of defining structs is pretty common in qemu code and very readable. So let's declare it as supported for the above case. Reported-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-07-17xen_disk: treat "aio" as "raw"Stefano Stabellini
Sometimes the toolstack uses "aio" without an additional format identifier, in such cases use "raw". Updated in v2: - fix code style. Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-07-17qemu_ram_ptr_length: take ram_addr_t as argumentsStefano Stabellini
qemu_ram_ptr_length should take ram_addr_t as argument rather than target_phys_addr_t because is doing comparisons with RAMBlock addresses. cpu_physical_memory_map should create a ram_addr_t address to pass to qemu_ram_ptr_length from PhysPageDesc phys_offset. Remove code after abort() in qemu_ram_ptr_length. Changes in v2: - handle 0 size in qemu_ram_ptr_length; - rename addr1 to raddr; - initialize raddr to ULONG_MAX. Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-07-17xen_disk: cope with missing xenstore "params" nodeStefano Stabellini
When disk is a cdrom and the drive is empty the "params" node in xenstore might be missing completely: cope with it instead of segfaulting. Updated in v2: - actually removed the strchr(blkdev->params, ':') that caused the segfault; - free all the allocated strings from xenstore before returning; Updated in v3: - set blkdev fields to NULL after free'ing them. Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-07-17xen: add vkbd support for PV on HVM guestsStefano Stabellini
Register the vkbd backend even when running as device emulator for HVM guests: it is useful because it doesn't need a frequent timer like usb. Check whether the XenInput DisplayState has been set in the initialise state, rather than the input state. In case the DisplayState hasn't been set and there is no vfb for this domain, then set the XenInput DisplayState to the default one. Changed in v2: - use qemu_free instead of free; Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-07-17xen_console: fix memory leakStefano Stabellini
con_init leaks the string "type", fix it. Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-07-17xen: enable console and disk backend in HVM modeStefano Stabellini
Initialize the Xen console backend and the Xen disk backend even when running in HVM mode so that PV on HVM drivers can connect to them. Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-07-17xen: Fold CONFIG_XEN_MAPCACHE into CONFIG_XENJan Kiszka
Xen won't be enabled if there is no backend support available for the host. And that also means the map cache will work. So drop the separate config switch and move the required stubs over to xen-stub.c. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-07-17xen: Clean up map cache API namingJan Kiszka
The map cache is a Xen thing, so its API should make this clear. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-07-17xen: Clean up build systemJan Kiszka
Introduce CONFIG_XEN_BACKEND so that this new config solely controls the target-independent backend build and CONFIG_XEN can focus on per-target building. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-07-16Fix signal handling of SIG_IPI when io-thread is enabledAlexandre Raymond
Both the signal thread (via sigwait()) and the cpu thread (via a normal signal handler) were attempting to catch SIG_IPI. This resulted in random freezes under Darwin. This patch separates SIG_IPI from the rest of the signals handled by the signal thread, because it is independently caught by the cpu thread. Signed-off-by: Alexandre Raymond <cerbere@gmail.com> Acked-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-16Fix signal handling when io-thread is disabledAlexandre Raymond
Changes since v1: - take pthread_sigmask() out of the ifdef as it is now common to both parts. This fix effectively blocks, in the main thread, the signals handled by signalfd or the compatibility signal thread. This way, such signals are received synchronously in the main thread through sigfd_handler() instead of triggering the signal handler directly, asynchronously. Signed-off-by: Alexandre Raymond <cerbere@gmail.com> Acked-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-16tcg/README: Expand advice on number of TCG ops per target insnPeter Maydell
Expand the note on the number of TCG ops generated per target insn, to be clearer about the range of applicability of the 20 op rule of thumb. Also add a note about the hard MAX_OP_PER_INSTR limit. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-14set ELF_HWCAP for SPARC and SPARC64Artyom Tarasenko
setting ELF_HWCAP fixes dynamic library loading for Linux/sparc64 This patch allows loading busybox from Debian 6 initrd Signed-off-by: Artyom Tarasenko <atar4qemu@gmail.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-14Sparc: fix FPU and AM enable checks for translationBlue Swirl
Translation used incorrectly CPUState fields directly to check for FPU enable state and 32 bit address masking on Sparc64. Fix by using TB flags instead. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-14SPARC64: C99 comment fix for block-transfer ASIsTsuneo Saito
Fixed C99 comments on block-tranfer ASIs. Signed-off-by: Tsuneo Saito <tsnsaito@gmail.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-14SPARC64: Add JPS1 ASI_BLK_AIU[PS]L ASIs for ldfa and stfaTsuneo Saito
Support JPS1 little endian block transfer ASIs. Signed-off-by: Tsuneo Saito <tsnsaito@gmail.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-14SPARC64: Add UA2007 ASI_BLK_AIU[PS]L? ASIs for stfaTsuneo Saito
Support UA2007 block store ASIs for stfa instructions. Signed-off-by: Tsuneo Saito <tsnsaito@gmail.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-14SPARC64: Add UA2007 ASI_BLK_AIU[PS]L? ASIs for ldfaTsuneo Saito
Support UA2007 block load ASIs for ldfa instructions. Signed-off-by: Tsuneo Saito <tsnsaito@gmail.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-14SPARC64: fp_disabled checks on stfa/stdfa/stqfaTsuneo Saito
stfa/stdfa/stqfa instructions should raise fp_disabled exceptions if %pstate.PEF==0 or %fprs.FEF==0. Signed-off-by: Tsuneo Saito <tsnsaito@gmail.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-14SPARC64: Implement stfa/stdfa/stqfa instrcutions properlyTsuneo Saito
This patch implements sparcv9 stfa/stdfa/stqfa instructions with non block-store ASIs. Signed-off-by: Tsuneo Saito <tsnsaito@gmail.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-14SPARC64: fp_disabled checks on ldfa/lddfa/ldqfaTsuneo Saito
ldfa/lddfa/ldqfa instructions should raise fp_disabled exceptions if %pstate.PEF==0 or %fprs.FEF==0. Signed-off-by: Tsuneo Saito <tsnsaito@gmail.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-14SPARC64: Implement ldfa/lddfa/ldqfa instructions properlyTsuneo Saito
This patch implements sparcv9 ldfa/lddfa/ldqfa instructions with non block-load ASIs. Signed-off-by: Tsuneo Saito <tsnsaito@gmail.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-13linux-user/signal.c: Rename s390 target_ucontext fields to fix ia64Peter Maydell
The ia64 sys/ucontext.h defines macros 'uc_link', 'uc_sigmask' and 'uc_stack'. Rename the s390 target_ucontext struct members to tuc_*, bringing them into line with the other targets and fixing a compile failure on ia64 hosts caused by this clash. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2011-07-13linux-user: make MIPS and ARM eabi use same argument reorderingRiku Voipio
MIPS uses similar calling convention than ARM eabi, where when using 64-bit values some registers are skipped. This patch makes MIPS and ARM eabi share the argument reordering code. This affects ftruncate64, creating insane sized fails (or just failing). Cc: Wesley W. Terpstra <terpstra@debian.org> Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2011-07-13linux-user: correct syscall 123 on sh4Riku Voipio
As reported by Cédric VINCENT: The syscall #123 on SH4 should be "TARGET_NR_cacheflush" instead of "TARGET_NR_modify_ldt" [1]. The only consequence of this misnaming is that many "Unsupported syscall" warnings are issued when emulating JIT compilers. Reported-by: Cédric VINCENT <cedric.vincent@st.com> Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2011-07-12os-posix: set groups properly for -runasStefan Hajnoczi
Andrew Griffiths reports that -runas does not set supplementary group IDs. This means that gid 0 (root) is not dropped when switching to an unprivileged user. Add an initgroups(3) call to use the -runas user's /etc/groups membership to update the supplementary group IDs. Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Acked-by: Chris Wright <chrisw@sous-sol.org> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-12esp: cancel current request only if some request is in flightHervé Poussineau
This bug was introduced in 94d3f98a3f3caddd7875f9a11776daeb84962a7b: scsi_cancel_io was checking if some request was pending before trying to cancel it, while scsi_req_cancel always cancels the request. This may lead to a crash of Qemu due to dereferencing a NULL pointer, as exhibited by NetBSD 5.1 installer on MIPS Magnum emulation. Signed-off-by: Hervé Poussineau <hpoussin@reactos.org> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-12target-alpha, target-ppc: Remove unnecessary setjmp.h includePeter Maydell
Remove the include of setjmp.h from the cpu.h of target-alpha and target-ppc. This is unnecessary because cpu-defs.h already includes this header; this change brings these two targets into line with all the rest. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-12Remove unneeded setjmp.h (fix compilation on Debian "lenny")Stefan Weil
Some versions of png.h cannot be included after setjmp.h, even when PNG_SKIP_SETJMP_CHECK was defined. setjmp.h was included from qemu-common.h and is not needed there. Removing the include statement fixes compilation of ui/vnc-enc-tight.c with CONFIG_VNC_PNG defined. Signed-off-by: Stefan Weil <weil@mail.berlios.de> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-12tcg: Reload local variables after return from longjmpJan Kiszka
Recent compilers look deep into cpu_exec, find longjmp as a noreturn function and decide to smash some stack variables as they won't be used again. This may lead to env becoming invalid after return from setjmp, causing crashes. Fix it by reloading env from cpu_single_env in that case. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-12exec-all.h: Make MAX_OP_PER_INSTR large enough for target-arm's usesPeter Maydell
The target-arm frontend's worst-case TCG ops per instr is 194 (and in general many of the "load multiple registers" ARM instructions generate more than 100 TCG ops). Raise MAX_OP_PER_INSTR accordingly to avoid possible buffer overruns. Since it doesn't make any sense for the "64 bit guest on 32 bit host" case to have a smaller limit than the normal case, we collapse the two cases back into each other again. (This increase costs us about 14K in extra static buffer space and 21K of extra margin at the end of a 32MB codegen buffer.) Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-12exec.c: Fix calculation of code_gen_buffer_max_sizePeter Maydell
When calculating the point at which we should not try to put another TB into the code gen buffer, we have to allow not just for OPC_MAX_SIZE but OPC_BUF_SIZE. This is because the target translate.c will only stop when an instruction has put it past the OPC_MAX_SIZE limit, so we have to include the MAX_OP_PER_INSTR margin which that final insn might have used. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>