aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-10-179pfs: allocate space for guest originated empty stringsLi Qiang
If a guest sends an empty string paramater to any 9P operation, the current code unmarshals it into a V9fsString equal to { .size = 0, .data = NULL }. This is unfortunate because it can cause NULL pointer dereference to happen at various locations in the 9pfs code. And we don't want to check str->data everywhere we pass it to strcmp() or any other function which expects a dereferenceable pointer. This patch enforces the allocation of genuine C empty strings instead, so callers don't have to bother. Out of all v9fs_iov_vunmarshal() users, only v9fs_xattrwalk() checks if the returned string is empty. It now uses v9fs_string_size() since name.data cannot be NULL anymore. Signed-off-by: Li Qiang <liqiang6-s@360.cn> [groug, rewritten title and changelog, fix empty string check in v9fs_xattrwalk()] Signed-off-by: Greg Kurz <groug@kaod.org>
2016-10-17Merge remote-tracking branch 'remotes/famz/tags/for-upstream' into stagingPeter Maydell
# gpg: Signature made Mon 17 Oct 2016 03:08:28 BST # gpg: using RSA key 0xCA35624C6A9171C6 # gpg: Good signature from "Fam Zheng <famz@redhat.com>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 5003 7CB7 9706 0F76 F021 AD56 CA35 624C 6A91 71C6 * remotes/famz/tags/for-upstream: tests/docker/Makefile.include: add a generic docker-run target tests/docker: make test-mingw honour TARGET_LIST tests/docker: test-build script tests/docker: add travis dockerfile Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-10-17Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20161014' ↵Peter Maydell
into staging migration/next for 20161014 # gpg: Signature made Fri 14 Oct 2016 16:24:13 BST # gpg: using RSA key 0xF487EF185872D723 # gpg: Good signature from "Juan Quintela <quintela@redhat.com>" # gpg: aka "Juan Quintela <quintela@trasno.org>" # Primary key fingerprint: 1899 FF8E DEBF 58CC EE03 4B82 F487 EF18 5872 D723 * remotes/juanquintela/tags/migration/20161014: docs/xbzrle: correction migrate: move max-bandwidth and downtime-limit to migrate_set_parameter migration: Fix seg with missing port migration/postcopy: Explicitly disallow huge pages RAMBlocks: Store page size Postcopy vs xbzrle: Don't send xbzrle pages once in postcopy [for 2.8] migrate: Fix bounds check for migration parameters in migration.c migrate: Use boxed qapi for migrate-set-parameters migrate: Share common MigrationParameters struct migrate: Fix cpu-throttle-increment regression in HMP migration/rdma: Don't flag an error when we've been told about one migration: Make failed migration load set file error migration/rdma: Pass qemu_file errors across link migration: Report values for comparisons migration: report an error giving the failed field Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-10-17tests/docker/Makefile.include: add a generic docker-run targetAlex Bennée
This re-factors the docker makefile to include a docker-run target which can be controlled entirely from environment variables specified on the make command line. This allows us to run against any given docker image we may have in our repository, for example: make docker-run TEST="test-quick" IMAGE="debian:arm64" \ EXECUTABLE=./aarch64-linux-user/qemu-aarch64 The existing docker-foo@bar targets still work but the inline verification has been dropped because we already don't hit that due to other pattern rules in rules.mak. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-Id: <20161011161625.9070-5-alex.bennee@linaro.org> Message-Id: <20161011161625.9070-6-alex.bennee@linaro.org> [Squash in the verification removal patch. - Fam] Signed-off-by: Fam Zheng <famz@redhat.com>
2016-10-17tests/docker: make test-mingw honour TARGET_LISTAlex Bennée
The other builders honour this variable, so should the mingw build. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-Id: <20161011161625.9070-4-alex.bennee@linaro.org> Signed-off-by: Fam Zheng <famz@redhat.com>
2016-10-17tests/docker: test-build scriptAlex Bennée
Much like test-quick but only builds. This is useful for some of the build targets like ThreadSanitizer that don't yet pass "make check". Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-Id: <20161011161625.9070-3-alex.bennee@linaro.org> Signed-off-by: Fam Zheng <famz@redhat.com>
2016-10-17tests/docker: add travis dockerfileAlex Bennée
This target grabs the latest Travis containers from their repository at quay.io and then installs QEMU's build dependencies. With this it is possible to run on broadly the same setup as they have on travis-ci.org. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-Id: <20161011161625.9070-2-alex.bennee@linaro.org> Signed-off-by: Fam Zheng <famz@redhat.com>
2016-10-13docs/xbzrle: correctionCao jin
1. Default cache size is 64MB. 2. Semantics correction. Signed-off-by: Cao jin <caoj.fnst@cn.fujitsu.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com>
2016-10-13migrate: move max-bandwidth and downtime-limit to migrate_set_parameterAshijeet Acharya
Mark the old commands 'migrate_set_speed' and 'migrate_set_downtime' as deprecated. Move max-bandwidth and downtime-limit into migrate-set-parameters for setting maximum migration speed and expected downtime limit parameters respectively. Change downtime units to milliseconds (only for new-command) and set its upper bound limit to 2000 seconds. Update the query part in both hmp and qmp qemu control interfaces. Signed-off-by: Ashijeet Acharya <ashijeetacharya@gmail.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com>
2016-10-13migration: Fix seg with missing portDr. David Alan Gilbert
The command : migrate tcp:localhost: currently segs; fix it so it now says: error parsing address 'localhost:' and the same for -incoming. Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com>
2016-10-13migration/postcopy: Explicitly disallow huge pagesDr. David Alan Gilbert
At the moment postcopy will fail as soon as qemu tries to register userfault on the RAMBlock pages that are backed by hugepages. However, the kernel is going to get userfault support for hugepage at some point, and we've not got the rest of the QEMU code to support it yet, so fail neatly with an error like: Postcopy doesn't support hugetlbfs yet (/objects/mem1) Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com>
2016-10-13RAMBlocks: Store page sizeDr. David Alan Gilbert
Store the page size in each RAMBlock, we need it later. Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com>
2016-10-13Postcopy vs xbzrle: Don't send xbzrle pages once in postcopy [for 2.8]Dr. David Alan Gilbert
xbzrle relies on reading pages that have already been sent to the destination and then applying the modifications; we can't do that in postcopy because the destination may well have modified the page already or the page has been discarded. I already didn't allow reception of xbzrle pages, but I forgot to add the test to stop them being sent. Enabling both xbzrle and postcopy can make some sense; if you think that your migration might finish if you have xbzrle, then when it doesn't complete you flick over to postcopy and stop xbzrle'ing. This corresponds to RH bug: https://bugzilla.redhat.com/show_bug.cgi?id=1368422 Symptom is: Unknown combination of migration flags: 0x60 (postcopy mode) (either 0x60 or 0x40) Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com>
2016-10-13migrate: Fix bounds check for migration parameters in migration.cAshijeet Acharya
This patch fixes the out-of-bounds check of migration parameters in qmp_migrate_set_parameters() for cpu-throttle-initial and cpu-throttle-increment by adding a return statement for both as they were broken since their introduction in 2.5 via commit 1626fee. Due to the missing return statements, parameters were getting set to out-of-bounds values despite the error. Signed-off-by: Ashijeet Acharya <ashijeetacharya@gmail.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Amit Shah <amit.shah@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com>
2016-10-13migrate: Use boxed qapi for migrate-set-parametersEric Blake
Now that QAPI makes it easy to pass a struct around, we don't have to declare as many parameters or local variables. Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com>
2016-10-13migrate: Share common MigrationParameters structEric Blake
It is rather verbose, and slightly error-prone, to repeat the same set of parameters for input (migrate-set-parameters) as for output (query-migrate-parameters), where the only difference is whether the members are optional. We can just document that the optional members will always be present on output, and then share a common struct between both commands. The next patch can then reduce the amount of code needed on input. Also, we made a mistake in qemu 2.7 of returning an empty string during 'query-migrate-parameters' when there is no TLS, rather than omitting TLS details entirely. Technically, this change risks breaking any 2.7 client that is hard-coded to expect the parameter's existence; on the other hand, clients that are portable to 2.6 already must be prepared for those members to not be present. And this gets rid of yet one more place where the QMP output visitor is silently converting a NULL string into "" (which is a hack I ultimately want to kill off). Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com>
2016-10-13migrate: Fix cpu-throttle-increment regression in HMPEric Blake
Commit 69ef1f3 accidentally broke migrate_set_parameter's ability to set the cpu-throttle-increment to anything other than the default, because it forgot to parse the user's string into an integer. CC: qemu-stable@nongnu.org Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com>
2016-10-13migration/rdma: Don't flag an error when we've been told about oneDr. David Alan Gilbert
If the other side tells us there's been an error and we fail the migration, we don't need to signal that failure to the other side because it already knew. Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Michael R. Hines <michael@hinespot.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com>
2016-10-13migration: Make failed migration load set file errorDr. David Alan Gilbert
If an error occurs in a section load, set the file error flag so that the transport can get notified to do a cleanup. Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Michael R. Hines <michael@hinespot.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com>
2016-10-13migration/rdma: Pass qemu_file errors across linkDr. David Alan Gilbert
If we fail for some reason (e.g. a mismatched RAMBlock) and it's set the qemu_file error flag, pass that error back to the peer so it can clean up rather than waiting for some higher level progress. Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Michael R. Hines <michael@hinespot.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com>
2016-10-13migration: Report values for comparisonsDr. David Alan Gilbert
Report the values when a comparison fails; together with the previous patch that prints the device and field names this should give a good idea of why loading the migration failed. Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com>
2016-10-13migration: report an error giving the failed fieldDr. David Alan Gilbert
When a field fails to load (typically due to a limit check, or a call to a get/put) report the device and field to give an indication of the cause. Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com>
2016-10-13Merge remote-tracking branch 'remotes/kraxel/tags/pull-ui-20161013-1' into ↵Peter Maydell
staging ui: vnc cleanups, input-linux kbd fix. # gpg: Signature made Thu 13 Oct 2016 09:47:43 BST # gpg: using RSA key 0x4CB6D8EED3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" # Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138 * remotes/kraxel/tags/pull-ui-20161013-1: input-linux: initialize key state ui: rename vnc_init_state to vnc_start_protocol ui: move some initialization out of vnc_init_state ui: remove bogus call to reset_keys() in vnc_init_state ui: remove bogus call to graphic_hw_update() in vnc_listen_io ui: refactor method for setting up VncDisplay auth types ui: rename misleading 'VncDisplay' variables ui: remove 'ws_tls' field from VncState ui: remove 'enabled' and 'ws_enabled' fields from VncState ui: remove misleading comment from vnc_init_state Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-10-13Revert "char: use a fixed idx for child muxed chr"Marc-André Lureau
That commit mis-used mux char: the frontend are multiplexed, not the backend. Fix the regression preventing "c-a c" to switch the focus. The following patches will fix the crash (when leaving or removing frontend) by tracking frontends with handler tags. This reverts commit 949055a2549afc4cde06b7972072c7288bb43722. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-10-13Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.7-20161013' ↵Peter Maydell
into staging [stable] ppc-for-2.7 queue # gpg: Signature made Thu 13 Oct 2016 06:03:37 BST # gpg: using RSA key 0x6C38CACA20D9B392 # gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>" # gpg: aka "David Gibson (Red Hat) <dgibson@redhat.com>" # gpg: aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>" # gpg: aka "David Gibson (kernel.org) <dwg@kernel.org>" # Primary key fingerprint: 75F4 6586 AE61 A66C C44E 87DC 6C38 CACA 20D9 B392 * remotes/dgibson/tags/ppc-for-2.7-20161013: ppc: Check the availability of transactional memory hw/ppc/spapr: Fix the selection of the processor features hw/ppc/spapr: Move code related to "ibm,pa-features" to a separate function linux-headers: update Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-10-13input-linux: initialize key stateGerd Hoffmann
Query input device keys, initialize state accordingly, so the correct state is reflected in case any key is pressed at initialization time. There is a high chance for this to actually happen for the 'enter' key in case you start qemu with a terminal command (directly or virsh). When finding any pressed keys the input grab is delayed until all keys are lifted, to avoid confusing guest and host with appearently stuck keys. Reported-by: Muted Bytes <mutedbytes@gmail.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 1476277384-30365-1-git-send-email-kraxel@redhat.com
2016-10-13ui: rename vnc_init_state to vnc_start_protocolDaniel P. Berrange
Rename the vnc_init_state method to reflect what its actual purpose is, to discourage future devs from using it for more general state initialization. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1475163940-26094-10-git-send-email-berrange@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-10-13ui: move some initialization out of vnc_init_stateDaniel P. Berrange
Most of the fields in VncState are initialized in the vnc_connect() method, but some are done in vnc_init_state() instead. The purpose of having vnc_init_state() is to delay starting of the VNC wire protocol until after the websockets handshake has completed. As such the vnc_init_state() method only needs to be used for initialization that is dependant on the wire protocol running. This also lets us get rid of the initialized boolean flag from the VncState struct. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1475163940-26094-9-git-send-email-berrange@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-10-13ui: remove bogus call to reset_keys() in vnc_init_stateDaniel P. Berrange
The vnc_init_state method calls reset_keys() to reset the modifier key state. This was originally added in commit 53762ddb277c690e486d0e17b10591774248c8cf Author: malc <malc@c046a42c-6fe2-441c-8c8c-71466251a162> Date: Mon Dec 1 20:57:52 2008 +0000 Reset the key modifiers upon client connect This was valid at this time because there was only the single VncState object which was persistent across client connections and so needed resetting. The persistent data was later split off into VncDisplay and VncState was allocated at time of client connection: commit 753b4053311ff1437d99726970b1e7e6bf38249b Author: aliguori <aliguori@c046a42c-6fe2-441c-8c8c-71466251a162> Date: Mon Feb 16 14:59:30 2009 +0000 Support multiple VNC clients (Brian Kress) at which point the modifier state is always 0 due to use of g_new0. As such the reset_keys() call has been a no-op ever since. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1475163940-26094-8-git-send-email-berrange@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-10-13ui: remove bogus call to graphic_hw_update() in vnc_listen_ioDaniel P. Berrange
Just before accepting a new client connection the vnc_listen_io method calls graphic_hw_update(). This is bogus because there is a call to this method already in vnc_state_init() and the client doesn't need up2date graphics console before reaching that. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1475163940-26094-7-git-send-email-berrange@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-10-13ui: refactor method for setting up VncDisplay auth typesDaniel P. Berrange
There is a lot of repeated code in the auth type setup method, particularly around checking TLS credential types. Refactor it to reduce duplication and instead of having one method do both plain and websockets at once, call it separately for each. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1475163940-26094-6-git-send-email-berrange@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-10-13ui: rename misleading 'VncDisplay' variablesDaniel P. Berrange
Normally code declares 'VncDisplay *vd' or 'VncState *vs' but there are a bunch of places which misleadingly declare 'VncDisplay *vs'. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1475163940-26094-5-git-send-email-berrange@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-10-13ui: remove 'ws_tls' field from VncStateDaniel P. Berrange
The 'ws_tls' field in VncState is only ever representing the result of 'tlscreds != NULL' and is thus pointless. Replace use of 'ws_tls' with a direct check against 'tlscreds' Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1475163940-26094-4-git-send-email-berrange@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-10-13ui: remove 'enabled' and 'ws_enabled' fields from VncStateDaniel P. Berrange
The 'ws_enabled' field is never used outside of the vnc_display_open method, so can be a local variable. The 'enabled' field is easily replaced by a check for whether 'lsock' is non-NULL. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1475163940-26094-3-git-send-email-berrange@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-10-13ui: remove misleading comment from vnc_init_stateDaniel P. Berrange
The last line in vnc_init_state() says /* vs might be free()ed here */ This was added in commit 198a0039c5fca224a77e9761e2350dd9cc102ad0 Author: Gerd Hoffmann <kraxel@redhat.com> Date: Tue Jun 16 14:19:48 2009 +0200 vnc: rework VncState release workflow. because the preceeding 'vnc_update_client()' could indeed release the VncState instance. The call to vnc_update_client() was removed not long after though in commit 1fc624122fb923c7fc4c1f426541d953e7df13c9 Author: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Date: Mon Aug 3 10:54:32 2009 +0100 single vnc server surface and so the comment has been wrong ever since Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1475163940-26094-2-git-send-email-berrange@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-10-13ppc: Check the availability of transactional memoryThomas Huth
KVM-PR currently does not support transactional memory, and the implementation in TCG is just a fake. We should not announce TM support in the ibm,pa-features property when running on such a system, so disable it by default and only enable it if the KVM implementation supports it (i.e. recent versions of KVM-HV). These changes are based on some earlier work from Anton Blanchard (thanks!). Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> (cherry picked from commit bac3bf287ab60e264b636f5f00c116a19b655762)
2016-10-13hw/ppc/spapr: Fix the selection of the processor featuresThomas Huth
The current code uses pa_features_206 for POWERPC_MMU_2_06, and for everything else, it uses pa_features_207. This is bad in some cases because there is also a "degraded" MMU version of ISA 2.06, called POWERPC_MMU_2_06a, which should of course use the flags for 2.06 instead. And there is also the possibility that the user runs the pseries machine with a POWER5+ or even 970 processor. In that case we certainly do not want to set the flags for 2.07, and rather simply skip the setting of the pa-features property instead. Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> (cherry picked from commit 4cbec30d769a73853b60dc7f275e6e7da9ab5162)
2016-10-13hw/ppc/spapr: Move code related to "ibm,pa-features" to a separate functionThomas Huth
The function spapr_populate_cpu_dt() has become quite big already, and since we likely have to extend the pa-features property for every new processor generation, it is nicer if we put the related code into a separate function. Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> (cherry picked from commit 230bf719d3a3b144a4ffa441e5d6170ef0ad8999)
2016-10-13linux-headers: updateCornelia Huck
Update headers against 4.8-rc2. Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
2016-10-12Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20161012-1' into ↵Peter Maydell
staging various usb bugfixes some xhci cleanups # gpg: Signature made Wed 12 Oct 2016 13:38:27 BST # gpg: using RSA key 0x4CB6D8EED3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" # Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138 * remotes/kraxel/tags/pull-usb-20161012-1: usb-redir: allocate buffers before waking up the host adapter usb: Fix incorrect default DMA offset. usb: fix serial generator xhci: make xhci_epid_to_usbep accept XHCIEPContext xhci: drop XHCITransfer->{slotid,epid} xhci: add & use xhci_kick_epctx() xhci: drop XHCITransfer->xhci xhci: use linked list for transfers xhci: drop unused comp_xfer field xhci: decouple EV_QUEUE from TD_QUEUE xhci: limit the number of link trbs we are willing to process Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-10-12usb-redir: allocate buffers before waking up the host adapterHans de Goede
Needed to make sure usb redirection is prepared to actually handle the callback from the usb host adapter. Without this interrupt endpoints don't work on xhci. Note: On ehci the usb_wakeup() call only schedules a BH for the actual work, which hides this bug because the allocation happens before ehci calls back even without this patch. Signed-off-by: Hans de Goede <hdegoede@redhat.com> Message-id: 1476096313-7730-1-git-send-email-kraxel@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-10-12usb: Fix incorrect default DMA offset.Vijay Kumar B
The default DMA offset is set to 3. When the property is not set by the consumer, the default causes DMA access to be shifted by 3 bytes. In PXA, this results in incorrect DMA access, leading to error notification in the USB controller driver. A better default would be 0, so that there is no offset, when the consumer does not specify one. Signed-off-by: Vijay Kumar B. <vijaykumar@zilogic.com> Reviewed-by: Deepak S. <deepak@zilogic.com> Message-id: 1475060958-7760-1-git-send-email-vijaykumar@zilogic.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-10-12usb: fix serial generatorGerd Hoffmann
snprintf return value is *not* the number of chars written into the buffer, but the number of chars needed. So in case the buffer is too small you can go alloc a bigger one and try again. But that also means you can't simply use the return value for the next snprintf call without checking beforehand that things did actually fit. Problem is that usb_desc_create_serial didn't perform that check, so a loooong path string (can happen with deep pci-bridge nesting) results in the third snprintf call smashing the stack. Fix this by throwing out all the snpintf calls and use g_strdup_printf instead. https://bugzilla.redhat.com/show_bug.cgi?id=1381630 Reported-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 1475659998-22045-1-git-send-email-kraxel@redhat.com
2016-10-12xhci: make xhci_epid_to_usbep accept XHCIEPContextGerd Hoffmann
All callsites have a XHCIEPContext pointer anyway, so we can just pass it directly instead of fiddeling with slotid and epid. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 1474965172-30321-9-git-send-email-kraxel@redhat.com
2016-10-12xhci: drop XHCITransfer->{slotid,epid}Gerd Hoffmann
We can use XHCITransfer->epctx->{slotid,epid} instead. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 1474965172-30321-8-git-send-email-kraxel@redhat.com
2016-10-12xhci: add & use xhci_kick_epctx()Gerd Hoffmann
xhci_kick_epctx is a xhci_kick_ep variant which takes an XHCIEPContext as input instead of slotid and epid. So in case we have a XHCIEPContext at hand at the callsite we can just pass it directly. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 1474965172-30321-7-git-send-email-kraxel@redhat.com
2016-10-12xhci: drop XHCITransfer->xhciGerd Hoffmann
Use XHCITransfer->epctx->xhci instead. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 1474965172-30321-6-git-send-email-kraxel@redhat.com
2016-10-12xhci: use linked list for transfersGerd Hoffmann
xhci has a fixed number of 24 (TD_QUEUE) XHCITransfer structs per endpoint, which turns out to be a problem for usb3 devices with 32 (or more) bulk streams. xhci re-checks the trb rings on every finished transfer to make sure it'll pick up any pending work. But that scheme breaks in case the first transfer of a ring can't be started because we ran out of XHCITransfer structs already. So remove static XHCITransfer array from XHCIEPContext. Use a linked list instead, and allocate/free XHCITransfer as needed. Add helper functions to allocate & initialize and to cleanup & release XHCITransfer structs. That also simplifies trb management, we never have to realloc XHCITransfer->trbs because we don't reuse XHCITransfer structs any more. New dynamic limit for in-flight xhci transfers per endpoint is number-of-streams + 16. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 1474965172-30321-5-git-send-email-kraxel@redhat.com
2016-10-12xhci: drop unused comp_xfer fieldGerd Hoffmann
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 1474965172-30321-4-git-send-email-kraxel@redhat.com
2016-10-12xhci: decouple EV_QUEUE from TD_QUEUEGerd Hoffmann
EV_QUEUE must not change because an array of that size is part of live migration data. Hard-code current value there, so we can touch TD_QUEUE without breaking live migration. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 1474965172-30321-3-git-send-email-kraxel@redhat.com