| Age | Commit message (Collapse) | Author |
|---|
|
Some targets already had this within their logic, but make sure
it's present for all targets.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
|
|
staging
target-i386: finally enable "check" mode by default
# gpg: Signature made Wed 28 Oct 2015 14:13:10 GMT using RSA key ID 984DC5A6
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>"
* remotes/ehabkost/tags/x86-pull-request:
target-i386: Enable "check" mode by default
target-i386: Don't left shift negative constant
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
into staging
Update OpenBIOS images
# gpg: Signature made Wed 28 Oct 2015 00:02:46 GMT using RSA key ID AE0F321F
# gpg: Good signature from "Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>"
* remotes/mcayland/tags/qemu-openbios-signed:
Update OpenBIOS images
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Update OpenBIOS images to SVN r1353 built from submodule.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
|
|
Current default behavior of QEMU is to silently disable features that
are not supported by the host when a CPU model is requested in the
command-line. This means that in addition to risking breaking guest ABI
by default, we are silent about it.
I would like to enable "enforce" by default, but this can easily break
existing production systems because of the way libvirt makes assumptions
about CPU models today (this will change in the future, once QEMU
provide a proper interface for checking if a CPU model is runnable).
But there's no reason we should be silent about it. So, change
target-i386 to enable "check" mode by default so at least we have some
warning printed to stderr (and hopefully logged somewhere) when QEMU
disables a feature that is not supported by the host system.
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
Left shift of negative values is undefined behavior. Detected by clang:
qemu/target-i386/translate.c:2423:26: runtime error:
left shift of negative value -8
This changes the code to reverse the sign after the left shift.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
'remotes/pmaydell/tags/pull-target-arm-20151027-1' into staging
target-arm queue:
* more EL2 preparation: handling for stage 2 translations
* standardize debug macros in i.MX devices
* improve error message in a corner case for virt board
* disable live migration of KVM GIC if the kernel can't handle it
* add SPSR_(ABT|UND|IRQ|FIQ) registers
* handle non-executable page-straddling Thumb instructions
* fix a "no 64-bit EL2" assumption in arm_excp_unmasked()
# gpg: Signature made Tue 27 Oct 2015 16:03:31 GMT using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg: aka "Peter Maydell <pmaydell@gmail.com>"
# gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
* remotes/pmaydell/tags/pull-target-arm-20151027-1: (27 commits)
target-arm: Add support for S1 + S2 MMU translations
target-arm: Route S2 MMU faults to EL2
target-arm: Add S2 translation to 32bit S1 PTWs
target-arm: Add S2 translation to 64bit S1 PTWs
target-arm: Add ARMMMUFaultInfo
target-arm: Avoid inline for get_phys_addr
target-arm: Add support for S2 page-table protection bits
target-arm: Add computation of starting level for S2 PTW
target-arm: lpae: Rename granule_sz to stride
target-arm: lpae: Replace tsz with computed inputsize
target-arm: Add support for AArch32 S2 negative t0sz
target-arm: lpae: Move declaration of t0sz and t1sz
target-arm: lpae: Make t0sz and t1sz signed integers
target-arm: Add HPFAR_EL2
i.MX: Standardize i.MX GPT debug
i.MX: Standardize i.MX EPIT debug
i.MX: Standardize i.MX FEC debug
i.MX: Standardize i.MX CCM debug
i.MX: Standardize i.MX AVIC debug
i.MX: Standardize i.MX I2C debug
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-15-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-14-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Add support for applying S2 translation to 32bit S1
page-table walks.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-13-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Add support for applying S2 translation to 64bit S1
page-table walks.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-12-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Introduce ARMMMUFaultInfo to propagate MMU Fault information
across the MMU translation code path. This is in preparation for
adding Stage-2 translation.
No functional changes.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-11-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Avoid inline for get_phys_addr() to prepare for future recursive use.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-10-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-9-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
The starting level for S2 pagetable walks is computed
differently from the S1 starting level. Implement the S2
variant.
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-8-git-send-email-edgar.iglesias@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Rename granule_sz to stride to better match the reference manuals.
No functional change.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-7-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Remove the tsz variable and introduce inputsize.
This simplifies the code a little and makes it easier to
compare with the reference manuals.
No functional change.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-6-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Add support for AArch32 S2 negative t0sz. In preparation for
using 40bit IPAs on AArch32.
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-5-git-send-email-edgar.iglesias@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Move declaration of t0sz and t1sz to the top of the function
avoiding a mix of code and variable declarations.
No functional change.
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-4-git-send-email-edgar.iglesias@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Make t0sz and t1sz signed integers to match tsz and to make
it easier to implement support for AArch32 negative t0sz.
t1sz is changed for consistensy.
No functional change.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-3-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1445864527-14520-2-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
The goal is to have debug code always compiled during build.
We standardize all debug output on the following format:
[QOM_TYPE_NAME]reporting_function: debug message
We also replace IPRINTF with qemu_log_mask(). The qemu_log_mask() output
is following the same format as the above debug.
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Message-id: b7ce7e98a051479453744aded122789531d80a44.1445781957.git.jcd@tribudubois.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
The goal is to have debug code always compiled during build.
We standardize all debug output on the following format:
[QOM_TYPE_NAME]reporting_function: debug message
We also replace IPRINTF with qemu_log_mask(). The qemu_log_mask() output
is following the same format as the above debug.
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Message-id: 5bbad71517ca728d8865f7b9f998baa0df022794.1445781957.git.jcd@tribudubois.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
The goal is to have debug code always compiled during build.
We standardize all debug output on the following format:
[QOM_TYPE_NAME]reporting_function: debug message
The qemu_log_mask() output is following the same format as the
above debug.
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Message-id: 57e565982db94fb433c32dfa17608888464d21de.1445781957.git.jcd@tribudubois.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
The goal is to have debug code always compiled during build.
We standardize all debug output on the following format:
[QOM_TYPE_NAME]reporting_function: debug message
The qemu_log_mask() output is following the same format as the
above debug.
Adding some missing qemu_log_mask call for bad registers.
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Message-id: 293e08f31cbb4df84d58f693243e61e770c73b3a.1445781957.git.jcd@tribudubois.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
The goal is to have debug code always compiled during build.
We standardize all debug output on the following format:
[QOM_TYPE_NAME]reporting_function: debug message
We also replace IPRINTF with qemu_log_mask(). The qemu_log_mask() output
is following the same format as the above debug.
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Message-id: 29885ffea2577eaf2288c1d17fd87ee951748b49.1445781957.git.jcd@tribudubois.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
The goal is to have debug code always compiled during build.
We standardize all debug output on the following format:
[QOM_TYPE_NAME]reporting_function: debug message
The qemu_log_mask() output is following the same format as
the above debug.
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Message-id: 328acfe6fc09a5afdbfbfd5220e0869fd5082660.1445781957.git.jcd@tribudubois.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
The goal is to have debug code always compiled during build.
We standardize all debug output on the following format:
[QOM_TYPE_NAME]reporting_function: debug message
The qemu_log_mask() outputis following the same format as
the above debug.
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Message-id: 4f2007adcf0f579864bb4dd8a825824e0e9098b8.1445781957.git.jcd@tribudubois.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
The goal is to have debug code always compiled during build.
We standardize all debug output on the following format:
[QOM_TYPE_NAME]reporting_function: debug message
We also replace IPRINTF with qemu_log_mask(). The qemu_log_mask() output
is following the same format as the above debug.
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Message-id: 47b8759b251d356c633faf7ea34f897f340aea4e.1445781957.git.jcd@tribudubois.net
[PMM: Drop attempt to print the ram_addr of a memory region in
one DPRINTF, which (a) was using the wrong format string so
didn't build on 32-bit and (b) was incorrectly looking at a
private field of a MemoryRegion struct]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
We should always go through VirtBoardInfo when we need the memmap.
To avoid using a15memmap directly, in this case, we need to defer
the max-cpus check from class init time to instance init time. In
class init we now use MAX_CPUMASK_BITS for max_cpus initialization,
which is the maximum QEMU supports, and also, incidentally, the
maximum KVM/gicv3 currently supports. Also, a nice side-effect of
delaying the max-cpus check is that we now get more appropriate
error messages for gicv2 machines that try to configure more than
123 cpus. Before this patch it would complain that the requested
number of cpus was greater than 123, but for gicv2 configs, it
should complain that the number is greater than 8.
Signed-off-by: Andrew Jones <drjones@redhat.com>
Message-id: 1445189728-860-3-git-send-email-drjones@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Currently, if the kernel does not have live migration API, the migration
will still be attempted, but vGIC save/restore functions will just not do
anything. This will result in a broken machine state.
This patch fixes the problem by adding migration blocker if kernel API is
not supported.
Signed-off-by: Pavel Fedin <p.fedin@samsung.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Signed-off-by: Soren Brinkmann <soren.brinkmann@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
When the memory we're trying to translate code from is not executable we have
to turn this into a guest fault. In order to report the correct PC for this
fault, and to make sure it is not reported until after any other possible
faults for instructions earlier in execution, we must terminate TBs at
the end of a page, in case the next instruction is in a non-executable page.
This is simple for T16, A32 and A64 instructions, which are always aligned
to their size. However T32 instructions may be 32-bits but only 16-aligned,
so they can straddle a page boundary.
Correct the condition that checks whether the next instruction will touch
the following page, to ensure that if we're 2 bytes before the boundary
and this insn is T32 then we end the TB.
Reported-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru>
Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
The code in arm_excp_unmasked() suppresses the ability of PSTATE.AIF
to mask exceptions from a lower EL targeting EL2 or EL3 if the
CPU is 64-bit. This is correct for a target of EL3, but not correct
for targeting EL2. Further, we go to some effort to calculate
scr and hcr values which are not used at all for the 64-bit CPU
case.
Rearrange the code to correctly implement the 64-bit CPU logic
and keep the hcr/scr calculations in the 32-bit CPU codepath.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1444327729-4120-1-git-send-email-peter.maydell@linaro.org
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Tested-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
|
|
staging
# gpg: Signature made Tue 27 Oct 2015 05:47:28 GMT using RSA key ID 398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211
* remotes/jasowang/tags/net-pull-request:
net: free the string returned by object_get_canonical_path_component
net: make iov_to_buf take right size argument in nc_sendv_compat()
net: Remove duplicate data from query-rx-filter on multiqueue net devices
vmxnet3: Do not fill stats if device is inactive
options: Add documentation for filter-dump
net/dump: Provide the dumping facility as a net-filter
net/dump: Separate the NetClientState from the DumpState
net/dump: Rework net-dump init functions
net/dump: Add support for receive_iov function
net: cadence_gem: Set initial MAC address
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
The value returned from object_get_canonical_path_component
must be freed.
Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Cc: Jason Wang <jasowang@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
|
|
We want "buf, sizeof(buf)" here. sizeof(buffer) is the size of a
pointer, which is wrong.
Thanks to Paolo for pointing it out.
Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Cc: Jason Wang <jasowang@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
|
|
When responding to a query-rx-filter command on a multiqueue
netdev, qemu reports the data for each queue. The data, however,
is not per-queue, but per device and the same data is reported
multiple times. This causes confusion and may also cause extra
unnecessary processing when looking at the data.
Commit 638fb14169 (net: Make qmp_query_rx_filter() with name argument
more obvious) partially addresses this issue, by limiting the output
when the name is specified. However, when the name is not specified,
the issue still persists.
Signed-off-by: Vladislav Yasevich <vyasevic@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
|
|
Guest OS may issue VMXNET3_CMD_GET_STATS even before device was
activated (for example in linux, after insmod but prior net-dev open).
Accessing shared descriptors prior device activation is illegal as the
VMXNET3State structures have not been fully initialized.
As a result, guest memory gets corrupted and may lead to guest OS
crashes.
Fix, by not filling the stats descriptors if device is inactive.
Reported-by: Leonid Shatz <leonid.shatz@ravellosystems.com>
Acked-by: Dmitry Fleytman <dmitry@daynix.com>
Signed-off-by: Dana Rubin <dana.rubin@ravellosystems.com>
Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
|
|
Add a short description for the filter-dump command line options.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
|
|
Use the net-filter infrastructure to provide the dumping
functions for netdev devices, too.
Reviewed-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
|
|
With the upcoming dumping-via-netfilter patch, the DumpState
should not be related to NetClientState anymore, so move the
related information to a new struct called DumpNetClient.
Reviewed-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
|
|
Move the creation of the dump client from net_dump_init() into
net_init_dump(), so we can later use the former function for
dump via netfilter, too. Also rename net_dump_init() to
net_dump_state_init() to make it easier distinguishable from
net_init_dump().
Reviewed-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
|
|
Adding a proper receive_iov function to the net dump module.
This will make it easier to support the dump filter feature for
the -netdev option in later patches.
Reviewed-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
|
|
Set initial MAC address to the one specified by the command line.
Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
Reviewed-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
|
|
staging
Xen 2015-10-26
# gpg: Signature made Mon 26 Oct 2015 11:32:50 GMT using RSA key ID 70E1AE90
# gpg: Good signature from "Stefano Stabellini <stefano.stabellini@eu.citrix.com>"
* remotes/sstabellini/tags/xen-2015-10-26:
xen-platform: Replace assert() with appropriate error reporting
xen_platform: switch to realize
Qemu/Xen: Fix early freeing MSIX MMIO memory region
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Commit dbb7405d8caad0814ceddd568cb49f163a847561 made it possible to
trigger an assert using "-device xen-platform". Replace it with
appropriate error reporting.
Before:
$ qemu-system-x86_64 -device xen-platform
qemu-system-x86_64: hw/i386/xen/xen_platform.c:391: xen_platform_initfn: Assertion `xen_enabled()' failed.
Aborted (core dumped)
$
After:
$ qemu-system-x86_64 -device xen-platform
qemu-system-x86_64: -device xen-platform: xen-platform device requires the Xen accelerator
$
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
|
|
Use realize to initialize the xen_platform device
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
into staging
ivshmem series
# gpg: Signature made Mon 26 Oct 2015 09:27:46 GMT using RSA key ID 75969CE5
# gpg: Good signature from "Marc-André Lureau <marcandre.lureau@redhat.com>"
# gpg: aka "Marc-André Lureau <marcandre.lureau@gmail.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 87A9 BD93 3F87 C606 D276 F62D DAE8 E109 7596 9CE5
* remotes/elmarco/tags/ivshmem-pull-request: (51 commits)
doc: document ivshmem & hugepages
ivshmem: use little-endian int64_t for the protocol
ivshmem: use kvm irqfd for msi notifications
ivshmem: rename MSI eventfd_table
ivshmem: remove EventfdEntry.vector
ivshmem: add hostmem backend
ivshmem: use qemu_strtosz()
ivshmem: do not keep shm_fd open
tests: add ivshmem qtest
qtest: add qtest_add_abrt_handler()
msix: implement pba write (but read-only)
contrib: remove unnecessary strdup()
ivshmem: add check on protocol version in QEMU
docs: update ivshmem device spec
ivshmem-server: fix hugetlbfs support
ivshmem-server: use a uint16 for client ID
ivshmem-client: check the number of vectors
contrib: add ivshmem client and server
util: const event_notifier_get_fd() argument
ivshmem: reset mask on device reset
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
msix->mmio is added to XenPCIPassthroughState's object as property.
object_finalize_child_property is called for XenPCIPassthroughState's
object, which calls object_property_del_all, which is going to try to
delete msix->mmio. object_finalize_child_property() will access
msix->mmio's obj. But the whole msix struct has already been freed
by xen_pt_msix_delete. This will cause segment fault when msix->mmio
has been overwritten.
This patch is to fix the issue.
Signed-off-by: Lan Tianyu <tianyu.lan@intel.com>
Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
|
