aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-06-24ide: Convert read/write multiple commands to ide_cmd_table handlerKevin Wolf
Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-06-24ide: Convert verify commands to ide_cmd_table handlerKevin Wolf
Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-06-24ide: Convert cmd_nop commands to ide_cmd_table handlerKevin Wolf
cmd_nop handles all commands that don't really do anything in our implementation except setting status register flags. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-06-24ide: Convert WIN_IDENTIFY to ide_cmd_table handlerKevin Wolf
Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-06-24ide: Convert WIN_DSM to ide_cmd_table handlerKevin Wolf
Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-06-24ide: Add handler to ide_cmd_tableKevin Wolf
As a preparation for moving all IDE commands into their own function like in the ATAPI code, introduce a 'handler' callback to ide_cmd_table. Commands using this new infrastructure get some things handled automatically: * The BSY flag is set before calling the handler (in order to avoid bugs like the one fixed in f68ec837) and reset on completion. * The (obsolete) DSC flag in the status register is set on completion if the command is flagged with SET_DSC in the command table * An IRQ is triggered on completion. * The error register and the ERR flag in the status register are cleared before calling the handler and on completion it is asserted that either none or both of them are set. No commands are converted at this point. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-06-20Merge remote-tracking branch 'bonzini/iommu-for-anthony' into stagingAnthony Liguori
# By Paolo Bonzini (12) and others # Via Paolo Bonzini * bonzini/iommu-for-anthony: (25 commits) memory: render_memory_region: factor out fr constant setters memory: as_update_topology_pass: Improve comments memory: Fix comment typo memory: give name to every AddressSpace dma: eliminate DMAContext spapr_vio: take care of creating our own AddressSpace/DMAContext pci: use memory core for iommu support dma: eliminate old-style IOMMU support spapr: use memory core for iommu support spapr: make IOMMU translation go through IOMMUTLBEntry spapr: convert TCE API to use an opaque type vfio: abort if an emulated iommu is used memory: Add iommu map/unmap notifiers memory: iommu support memory: make section size a 128-bit integer exec: reorganize mem_add to match Int128 version Revert "s390x: reduce TARGET_PHYS_ADDR_SPACE_BITS to 62" Revert "memory: limit sections in the radix tree to the actual address space size" exec: return MemoryRegion from address_space_translate exec: Implement subpage_read/write via address_space_rw ... Message-id: 1371739493-10187-1-git-send-email-pbonzini@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-06-20Merge remote-tracking branch 'kiszka/queues/slirp' into stagingAnthony Liguori
# By Bas van Sisseren (1) and Gertjan Halkes (1) # Via Jan Kiszka * kiszka/queues/slirp: make user networking hostfwd work with restrict=y fix -net user checks by reordering checks Message-id: cover.1371638848.git.jan.kiszka@siemens.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-06-20memory: render_memory_region: factor out fr constant settersPeter Crosthwaite
These 4 replicated lines set properties of fr that are constant over the course of the function. Factor out their repeated setting (and also guards against them being set multiple times in the loop below). Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20memory: as_update_topology_pass: Improve commentsPeter Crosthwaite
These comments were a little difficult to read. First one had incorrect parenthesis. The part about attributes changing is really applicable to the region being 'in both' rather than 'in new' Second comment has an obscure parenthetic about 'Logging may have changed'. Made clearer, as this if is supposed to handle the case where the memory region is unchanged (with the notable exception re logging). Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20memory: Fix comment typoPeter Crosthwaite
s/ajacent/adjacent Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20memory: give name to every AddressSpaceAlexey Kardashevskiy
The "info mtree" command in QEMU console prints only "memory" and "I/O" address spaces while there are actually a lot more other AddressSpace structs created by PCI and VIO devices. Those devices do not normally have names and therefore not present in "info mtree" output. The patch fixes this. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20dma: eliminate DMAContextPaolo Bonzini
The DMAContext is a simple pointer to an AddressSpace that is now always already available. Make everyone hold the address space directly, and clean up the DMA API to use the AddressSpace directly. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20spapr_vio: take care of creating our own AddressSpace/DMAContextPaolo Bonzini
Fetch the root region from the sPAPRTCETable, and use it to build an AddressSpace and DMAContext. Now, everywhere we have a DMAContext we also have access to the corresponding AddressSpace (either because we create it just before the DMAContext, or because dma_context_memory's AddressSpace is trivially address_space_memory). Acked-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20pci: use memory core for iommu supportAvi Kivity
Use the new iommu support in the memory core for iommu support. The only user, spapr, is also converted, but it still provides a DMAContext interface until the non-PCI bits switch to AddressSpace. Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Avi Kivity <avi.kivity@gmail.com> [ Do not calls memory_region_del_subregion() on the device's bus_master_enable_region, it is an alias; return an AddressSpace from the IOMMU hook and remove the destructor hook. - David Gibson ] Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20dma: eliminate old-style IOMMU supportPaolo Bonzini
The translate function in the DMAContext is now always NULL. Remove every reference to it. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20spapr: use memory core for iommu supportPaolo Bonzini
Now we can stop using a "translating" DMAContext, but we do not yet modify the sPAPRTCETable users to get an AddressSpace; they keep using the table via a DMAContext. Acked-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20spapr: make IOMMU translation go through IOMMUTLBEntryPaolo Bonzini
The next step is to introduce the translation code that will be used for IOMMU MemoryRegions, but still do the actual translation in a DMAContext. Acked-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20spapr: convert TCE API to use an opaque typePaolo Bonzini
The TCE table is currently returned as a DMAContext, and non-type-safe APIs are called later passing back the DMAContext. Since we want to move away from DMAContext, use an opaque type instead, and add an accessor to retrieve the DMAContext from it. Acked-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20vfio: abort if an emulated iommu is usedAvi Kivity
vfio doesn't support guest iommus yet, indicate it to the user by gently depositing a core on their disk. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Avi Kivity <avi.kivity@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20memory: Add iommu map/unmap notifiersDavid Gibson
This patch adds a NotifierList to MemoryRegions which represent IOMMUs allowing other parts of the code to register interest in mappings or unmappings from the IOMMU. All IOMMU implementations will need to call memory_region_notify_iommu() to inform those waiting on the notifier list, whenever an IOMMU mapping is made or removed. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20memory: iommu supportAvi Kivity
Add a new memory region type that translates addresses it is given, then forwards them to a target address space. This is similar to an alias, except that the mapping is more flexible than a linear translation and trucation, and also less efficient since the translation happens at runtime. The implementation uses an AddressSpace mapping the target region to avoid hierarchical dispatch all the way to the resolved region; only iommu regions are looked up dynamically. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Avi Kivity <avi.kivity@gmail.com> [Modified to put translation in address_space_translate; assume IOMMUs are not reachable from TCG. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20memory: make section size a 128-bit integerPaolo Bonzini
So far, the size of all regions passed to listeners could fit in 64 bits, because artificial regions (containers and aliases) are eliminated by the memory core, leaving only device regions which have reasonable sizes An IOMMU however cannot be eliminated by the memory core, and may have an artificial size, hence we may need 65 bits to represent its size. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20exec: reorganize mem_add to match Int128 versionPaolo Bonzini
When adding support for 2^64-byte sections, we will have to change the structure of mem_add to avoid failures in int128_get64. Reorganize the code now before introducing Int128. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20Revert "s390x: reduce TARGET_PHYS_ADDR_SPACE_BITS to 62"Paolo Bonzini
This reverts commit 311f83ca08c011b048c063c2fd3038a8957970bc. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20Revert "memory: limit sections in the radix tree to the actual address space ↵Paolo Bonzini
size" This reverts commit 86a8623692b1b559a419a92eb8b6897c221bca74. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20exec: return MemoryRegion from address_space_translatePaolo Bonzini
Only address_space_translate_for_iotlb needs to return the section. Every caller of address_space_translate now uses only section->mr, return it directly. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20exec: Implement subpage_read/write via address_space_rwJan Kiszka
This will allow to add support for unaligned memory regions: the subpage container region can activate unaligned support unconditionally because the read/write handler will now ensure that accesses are split as required by calling address_space_rw. We can furthermore drop the special handling of RAM subpages, address_space_rw takes care of this already. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20exec: Resolve subpages in one step except for IOTLB fillsJan Kiszka
Except for the case of setting the IOTLB entry in TCG mode, we can avoid the subpage dispatching handlers and do the resolution directly on address_space_lookup_region. An IOTLB entry describes a full page, not only the region that the first access to a sub-divided page may return. This patch therefore introduces a special translation function, address_space_translate_for_iotlb, that avoids the subpage resolutions. In contrast, callers of the existing address_space_translate service will now always receive the terminal memory region section. This will be important for breaking the BQL and for enabling unaligned memory region. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20exec: Allow unaligned address_space_rwJan Kiszka
This will be needed for some corner cases with para-virtual I/O ports. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20memory: move private types to exec.cPaolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20memory: Introduce address_space_lookup_regionJan Kiszka
This introduces a wrapper for phys_page_find (before we complicate address_space_translate with IOMMU translation). This function will also encapsulate locking and reference counting when we introduce BQL-free dispatching. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20exec.c: address_space_translate: handle access to addr 0 of 2^64 sized regionPeter Maydell
The memory API allows a MemoryRegion's size to be 2^64, as a special case (otherwise the size always fits in a 64 bit integer). This meant that attempts to access address zero in a 2^64 sized region would assert in address_space_translate(): #3 0x00007ffff3e4d192 in __GI___assert_fail#(assertion=0x555555a43f32 "!a.hi", file=0x555555a43ef0 "include/qemu/int128.h", line=18, function=0x555555a4439f "int128_get64") at assert.c:103 #4 0x0000555555877642 in int128_get64 (a=...) at include/qemu/int128.h:18 #5 0x00005555558782f2 in address_space_translate (as=0x55555668d140, /addr=0, xlat=0x7fffafac9918, plen=0x7fffafac9920, is_write=false) at exec.c:221 Fix this by doing the 'min' operation in 128 bit arithmetic rather than 64 bit arithmetic (we know the result of the 'min' definitely fits in 64 bits because one of the inputs did). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-19doc: Drop ref to Bochs from -no-fd-bootchk documentationMarkus Armbruster
Manual page and qemu-doc on talk about "Bochs BIOS". We use SeaBIOS, and it implements the feature. Replace by just "BIOS", and drop the TODO line wondering about the Bochs reference. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Anthony Liguori <aliguori@us.ibm.com> Message-id: 1371208516-7857-7-git-send-email-armbru@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-06-19pc: Make -no-fd-bootchk stick across boot order changesMarkus Armbruster
Option -no-fd-bootchk asks the BIOS to attempt booting from a floppy even when the boot sector signature isn't there, by setting a bit in RTC CMOS. It was added back in 2006 (commit 52ca8d6a). Two years later, commit 0ecdffbb added monitor command boot_set. Implemented by new function pc_boot_set(). It unconditionally clears the floppy signature bit in CMOS. Commit e0f084bf added -boot option once to automatically change the boot order on first reset. Reuses pc_boot_set(), thus also clears the floppy signature bit. Commit d9346e81 took care to preserve this behavior. Thus, -no-fd-bootchk applies to any number of boots. Except it applies just to the first boot with -boot once, and never after boot_set. Weird. Make it stick instead: set the bit according to -no-fd-bootchk in pc_boot_set(). Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Anthony Liguori <aliguori@us.ibm.com> Message-id: 1371208516-7857-6-git-send-email-armbru@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-06-19vl: Rename *boot_devices to *boot_order, for consistencyMarkus Armbruster
Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Anthony Liguori <aliguori@us.ibm.com> Message-id: 1371208516-7857-5-git-send-email-armbru@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-06-19vl: Fix -boot order and once regressions, and related bugsMarkus Armbruster
Option "once" sets up a different boot order just for the initial boot. Boot order reverts back to normal on reset. Option "order" changes the normal boot order. The reversal is implemented by reset handler restore_boot_devices(), which takes the boot order to revert to as argument. restore_boot_devices() does nothing on its first call, because that must be the initial machine reset. On its second call, it changes the boot order back, and unregisters itself. Because we register the handler right when -boot gets parsed, we can revert to an incorrect normal boot order, and multiple -boot can interact in funny ways. Here's how things work without -boot once or order: * boot_devices is "". * main() passes machine->boot_order to to machine->init(), because boot_devices is "". machine->init() configures firmware accordingly. For PC machines, machine->boot_order is "cad", and pc_cmos_init() writes it to RTC CMOS, where SeaBIOS picks it up. Now consider -boot order=: * boot_devices is "". * -boot order= sets boot_devices to "" (no change). * main() passes machine->boot_order to to machine->init(), because boot_devices is "", as above. Bug: -boot order= has no effect. Broken in commit e4ada29e. Next, consider -boot once=a: * boot_devices is "". * -boot once=a registers restore_boot_devices() with argument "", and sets boot_devices to "a". * main() passes boot_devices "a" to machine->init(), which configures firmware accordingly. For PC machines, pc_cmos_init() writes the boot order to RTC CMOS. * main() calls qemu_system_reset(). This runs reset handlers. - restore_boot_devices() gets called with argument "". Does nothing, because it's the first call. * Machine boots, boot order is "a". * Machine resets (e.g. monitor command). Reset handlers run. - restore_boot_devices() gets called with argument "". Calls qemu_boot_set("") to reconfigure firmware. For PC machines, pc_boot_set() writes it into RTC CMOS. Reset handler unregistered. Bug: boot order reverts to "" instead of machine->boot_order. The actual boot order depends on how firmware interprets "". Broken in commit e4ada29e. Next, consider -boot once=a -boot order=c: * boot_devices is "". * -boot once=a registers restore_boot_devices() with argument "", and sets boot_devices to "a". * -boot order=c sets boot_devices to "c". * main() passes boot_devices "c" to machine->init(), which configures firmware accordingly. For PC machines, pc_cmos_init() writes the boot order to RTC CMOS. * main() calls qemu_system_reset(). This runs reset handlers. - restore_boot_devices() gets called with argument "". Does nothing, because it's the first call. * Machine boots, boot order is "c". Bug: it should be "a". I figure this has always been broken. * Machine resets (e.g. monitor command). Reset handlers run. - restore_boot_devices() gets called with argument "". Calls qemu_boot_set("") to reconfigure firmware. For PC machines, pc_boot_set() writes it into RTC CMOS. Reset handler unregistered. Bug: boot order reverts to "" instead of "c". I figure this has always been broken, just differently broken before commit e4ada29e. Next, consider -boot once=a -boot once=b -boot once=c: * boot_devices is "". * -boot once=a registers restore_boot_devices() with argument "", and sets boot_devices to "a". * -boot once=b registers restore_boot_devices() with argument "a", and sets boot_devices to "b". * -boot once=c registers restore_boot_devices() with argument "b", and sets boot_devices to "c". * main() passes boot_devices "c" to machine->init(), which configures firmware accordingly. For PC machines, pc_cmos_init() writes the boot order to RTC CMOS. * main() calls qemu_system_reset(). This runs reset handlers. - restore_boot_devices() gets called with argument "". Does nothing, because it's the first call. - restore_boot_devices() gets called with argument "a". Calls qemu_boot_set("a") to reconfigure firmware. For PC machines, pc_boot_set() writes it into RTC CMOS. Reset handler unregistered. - restore_boot_devices() gets called with argument "b". Calls qemu_boot_set("b") to reconfigure firmware. For PC machines, pc_boot_set() writes it into RTC CMOS. Reset handler unregistered. * Machine boots, boot order is "b". Bug: should really be "c", because that came last, and for all other -boot options, the last one wins. I figure this was broken some time before commit 37905d6a, and fixed there only for a single occurence of "once". * Machine resets (e.g. monitor command). Reset handlers run. - restore_boot_devices() gets called with argument "". Calls qemu_boot_set("") to reconfigure firmware. For PC machines, pc_boot_set() writes it into RTC CMOS. Reset handler unregistered. Same bug as above: boot order reverts to "" instead of machine->boot_order. Fix by acting upon -boot options order, once and menu only after option parsing is complete, and the machine is known. This is how the other -boot options work already. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Anthony Liguori <aliguori@us.ibm.com> Message-id: 1371208516-7857-4-git-send-email-armbru@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-06-19qemu-option: check_params() is now unused, drop itMarkus Armbruster
Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Anthony Liguori <aliguori@us.ibm.com> Message-id: 1371208516-7857-3-git-send-email-armbru@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-06-19vl: Clean up parsing of -boot option argumentMarkus Armbruster
Commit 3d3b8303 threw in some QemuOpts parsing without replacing the existing ad hoc parser, resulting in a confusing mess. Clean it up. Two user-visible changes: 1. Invalid options are reported more nicely. Before: qemu: unknown boot parameter 'x' in 'x=y' After: qemu-system-x86_64: -boot x=y: Invalid parameter 'x' 2. If -boot is given multiple times, options accumulate, just like for -machine. Before, only options order, once and menu accumulated. For the other ones, all but the first -boot in non-legacy syntax got simply ignored. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Anthony Liguori <aliguori@us.ibm.com> Message-id: 1371208516-7857-2-git-send-email-armbru@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-06-19make user networking hostfwd work with restrict=yGertjan Halkes
This patch allows the hostfwd option to override the restrict=y setting in the user network stack, as explicitly stated in the documentation on the restrict option: restrict=on|off If this option is enabled, the guest will be isolated, i.e. it will not be able to contact the host and no guest IP packets will be routed over the host to the outside. This option does not affect any explicitly set forwarding rules. Qemu bug tracker: https://bugs.launchpad.net/qemu/+bug/829455 Signed-off-by: Gertjan Halkes <qemu@ghalkes.nl> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2013-06-19fix -net user checks by reordering checksBas van Sisseren
reorder slirp config options. first check the dns-server-address, then check the first-dhcp-address. the original code was comparing the first-dhcp-address with the default dns-server-address, not the configured dns-server-address. Signed-off-by: Bas van Sisseren <bas@quarantainenet.nl> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2013-06-18wdt_i6300esb: fix vmstate versioningMichael Roth
When this VMSD was introduced it's version fields were set to sizeof(I6300State), making them essentially random from build to build, version to version. To fix this, we lock in a high version id and low minimum version id to support old->new migration from all prior versions of this device's state. This should work since the device state has not changed since its introduction. The potentially breaks migration from 1.5+ to 1.5, but since the versioning was essentially random prior to this patch, new->old migration was not consistently functional to begin with. Reported-by: Nicholas Thomas <nick@bytemark.co.uk> Suggested-by: Peter Maydell <peter.maydell@linaro.org> Cc: qemu-stable@nongnu.org Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-06-18Merge remote-tracking branch 'bonzini/scsi-next' into stagingAnthony Liguori
# By Paolo Bonzini (3) and others # Via Paolo Bonzini * bonzini/scsi-next: iscsi: reorganize iscsi_readcapacity_sync iscsi: simplify freeing of tasks vhost-scsi: fix k->set_guest_notifiers() NULL dereference scsi-disk: scsi-block device for scsi pass-through should not be removable scsi-generic: check the return value of bdrv_aio_ioctl in execute_command scsi-generic: fix sign extension of READ CAPACITY(10) data scsi: reset cdrom tray statuses on scsi_disk_reset Message-id: 1371565016-2643-1-git-send-email-pbonzini@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-06-18Merge remote-tracking branch 'bonzini/nbd-next' into stagingAnthony Liguori
# By Ján Tomko # Via Paolo Bonzini * bonzini/nbd-next: nbd: strip braces from literal IPv6 address in URI qemu-socket: allow hostnames starting with a digit
2013-06-18virtio-rng: Fix crash with non-default backendCole Robinson
'default_backend' isn't always set, but 'rng' is, so use that. $ ./x86_64-softmmu/qemu-system-x86_64 -object rng-random,id=rng0,filename=/dev/random -device virtio-rng-pci,rng=rng0 Segmentation fault (core dumped) Regressed with virtio refactoring in 59ccd20a9ac719cff82180429458728f03ec612f CC: qemu-stable@nongnu.org Signed-off-by: Cole Robinson <crobinso@redhat.com> Acked-by: Amit Shah <amit.shah@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Tested-by: Michael Roth <mdroth@linux.vnet.ibm.com> Message-id: bf4505014a0a941dbd3c62068f3cf2c496b69e6a.1370023944.git.crobinso@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-06-18iscsi: reorganize iscsi_readcapacity_syncPaolo Bonzini
Avoid the goto, and use the same retry logic for the 10- and 16- byte versions. Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-18iscsi: simplify freeing of tasksPaolo Bonzini
Always free them in the iscsi_aio_*_acb functions and remove the checks in their callers. Remove ifs when the task struct was previously dereferenced (spotted by Coverity). Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-18vhost-scsi: fix k->set_guest_notifiers() NULL dereferenceStefan Hajnoczi
Coverity picked up a copy-paste bug. In vhost_scsi_start() we check for !k->set_guest_notifiers and error out. The check probably got copied but instead of erroring we actually use the function pointer! Cc: Nicholas Bellinger <nab@linux-iscsi.org> Cc: Asias He <asias@redhat.com> Cc: qemu-stable@nongnu.org Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-18scsi-disk: scsi-block device for scsi pass-through should not be removablePavel Hrdina
This patch adds a new SCSI_DISK_F_NO_REMOVABLE_DEVOPS feature. By this feature we can set that the scsi-block (scsi pass-through) device will still be removable from the guest side, but from monitor it cannot be removed. Cc: qemu-stable@nongnu.org Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-18scsi-generic: check the return value of bdrv_aio_ioctl in execute_commandPavel Hrdina
This fixes the bug introduced by this commit ad54ae80c73f. The bdrv_aio_ioctl() still could return null and we should return an error in that case. Cc: qemu-stable@nongnu.org Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>