aboutsummaryrefslogtreecommitdiff
path: root/hw
AgeCommit message (Collapse)Author
2017-01-12Merge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20170111-1' into ↵Peter Maydell
staging vga: fixes for virtio-gpu and cirrus. # gpg: Signature made Wed 11 Jan 2017 10:24:24 GMT # gpg: using RSA key 0x4CB6D8EED3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" # Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138 * remotes/kraxel/tags/pull-vga-20170111-1: virtio-gpu: tag as not hotpluggable virtio-gpu: Fix memory leak in virtio_gpu_load() virtio-gpu: Recalculate VirtIOGPU::hostmem on VM load display: cirrus: ignore source pitch value as needed in blit_is_unsafe virtio-gpu: fix information leak in capset get dispatch Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-01-11virtio-gpu: tag as not hotpluggableGerd Hoffmann
qemu can't hotplug display devices. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Message-id: 1483970138-20360-1-git-send-email-kraxel@redhat.com
2017-01-11virtio-gpu: Fix memory leak in virtio_gpu_load()Peter Maydell
Coverity points out that if we fail in the "creating resources" loop in virtio_gpu_load() we will leak various resources (CID 1356431). Failing a VM load is going to leave the simulation in a complete mess, but we can tidy up to the point that a full system reset should get us back to sanity. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1483969123-14839-3-git-send-email-peter.maydell@linaro.org Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-01-11virtio-gpu: Recalculate VirtIOGPU::hostmem on VM loadPeter Maydell
The 'hostmem' field in VirtIOGPU is used to track the total memory used in pixmaps so that we can impose a maximum limit on it. However this field is neither migrated nor recalculated on VM load, which means that after a migration it will be incorrectly too low, which can allow the guest to use more pixmap memory than it should. The per-resource hostmem fields are not filled in either as we reallocate them in the load function. Recalculate the memory used for each pixmap and the total memory used as we reallocate the pixmaps in virtio_gpu_load(). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1483969123-14839-2-git-send-email-peter.maydell@linaro.org Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-01-11display: cirrus: ignore source pitch value as needed in blit_is_unsafeBruce Rogers
Commit 4299b90 added a check which is too broad, given that the source pitch value is not required to be initialized for solid fill operations. This patch refines the blit_is_unsafe() check to ignore source pitch in that case. After applying the above commit as a security patch, we noticed the SLES 11 SP4 guest gui failed to initialize properly. Signed-off-by: Bruce Rogers <brogers@suse.com> Message-id: 20170109203520.5619-1-brogers@suse.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-01-11virtio-gpu: fix information leak in capset get dispatchLi Qiang
In virgl_cmd_get_capset function, it uses g_malloc to allocate a response struct to the guest. As the 'resp'struct hasn't been full initialized it will lead the 'resp->padding' field to the guest. Use g_malloc0 to avoid this. Signed-off-by: Li Qiang <liqiang6-s@360.cn> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-id: 58188cae.4a6ec20a.3d2d1.aff2@mx.google.com [ kraxel: resolved conflict ] Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-01-11es1370: wire up reset via DeviceClassGerd Hoffmann
Instead of using qemu_register_reset(). That way we get proper cleanup for free. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 1484054281-26139-1-git-send-email-kraxel@redhat.com
2017-01-11audio: ac97: add exit functionLi Qiang
Currently the ac97 device emulation doesn't have a exit function, hot unplug this device will leak some memory. Add a exit function to avoid this. Signed-off-by: Li Qiang <liqiang6-s@360.cn> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-id: 58520052.4825ed0a.27a71.6cae@mx.google.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-01-11audio: es1370: add exit functionLi Qiang
Currently the es1370 device emulation doesn't have a exit function, hot unplug this device will leak some memory. Add a exit function to avoid this. Signed-off-by: Li Qiang <liqiang6-s@360.cn> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-id: 585200c9.a968ca0a.1ab80.4c98@mx.google.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-01-11hw/audio: QOM'ify pl041.cxiaoqiang zhao
split the old SysBus init function into an instance_init and Device realize function Signed-off-by: xiaoqiang zhao <zxq_yx_007@163.com> Message-id: 20161231011720.3965-3-zxq_yx_007@163.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-01-11hw/audio: QOM'ify marvell_88w8618.cxiaoqiang zhao
split the old SysBus init function into an instance_init and Device realize function Signed-off-by: xiaoqiang zhao <zxq_yx_007@163.com> Message-id: 20161231011720.3965-2-zxq_yx_007@163.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-01-10Merge remote-tracking branch 'remotes/kraxel/tags/pull-ui-20170110-1' into ↵Peter Maydell
staging gtk,vnc: misc bugfixes. kbd: add jp keys, fix ps2 regressions. sdl: export window id for baum, remove sdl hooks from baum. egl: egl-helpers.c license change. # gpg: Signature made Tue 10 Jan 2017 07:16:05 GMT # gpg: using RSA key 0x4CB6D8EED3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" # Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138 * remotes/kraxel/tags/pull-ui-20170110-1: ps2: Fix lost scancodes by recent changes curses: Fix compiler warnings (Mingw-w64 redefinition of macro KEY_EVENT) ui/vnc: Fix problem with sending too many bytes as server name gtk: avoid oob array access egl-helpers: Change file licensing to LGPLv2 sdl2: set window ID console: move window ID code from baum to sdl console: add API to get underlying gui window ID ui: use evdev keymap when running under wayland ui/gtk: fix crash at startup when no console is available Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-01-10ps2: Fix lost scancodes by recent changesOGAWA Hirofumi
With "ps2: use QEMU qcodes instead of scancodes", key handling was changed to qcode base. But all scancodes are not converted to new one. This adds some missing qcodes/scancodes what I found in using. [set1 and set3 are from <hpoussin@reactos.org>] Signed-off-by: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp> Reviewed-by: Hervé Poussineau <hpoussin@reactos.org> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-01-10memhp: move DIMM devices into dedicated scope with related common methodsIgor Mammedov
Move DIMM devices from global _SB scope to a new \_SB.MHPC container along with common methods used by DIMMs: MCRS, MRST, MPXM, MOST, MEJ00, MSCN, MTFY this reduces AML size on 12 * #slots bytes, i.e. up to 3072 bytes for 265 slots. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
2017-01-10memhp: don't generate memory hotplug AML if it's not enabled/supportedIgor Mammedov
That reduces DSDT by 910 bytes when memory hotplug isn't enabled. While doing so drop intermediate variables/arguments passing around ACPI_MEMORY_HOTPLUG_IO_LEN and making it local to memory_hotplug.c, hardcoding it there as it can't change. Also don't pass around ACPI_MEMORY_HOTPLUG_BASE through intermediate variables/arguments where it's not needed. Instead initialize in module static variable when MMIO region is mapped and use that within memory_hotplug.c whenever it's required. That way MMIO base specified only at one place and AML with MMIO would always use the same value. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
2017-01-10memhp: move memory hotplug only defines to memory_hotplug.cIgor Mammedov
Move defines used locally only by memory_hotplug.c into it from header files. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
2017-01-10memhp: move GPE handler_E03 into build_memory_hotplug_aml()Igor Mammedov
>From this patch all the memory hotplug related AML bits are consolidated in one place within DSTD. Follow up patches will utilize that to simplify memory hotplug related C/AML code. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
2017-01-10memhp: merge build_memory_devices() into build_memory_hotplug_aml()Igor Mammedov
It consolidates memory hotplug AML in one place within DSDT Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10memhp: consolidate scattered MHPD device declarationIgor Mammedov
since static and dynamic parts of memory MHPD device are now in the same table (DSDT), there is no point keeping them scattered across the table, so consolidate it in one place. There aren't any functional change, only AML text movement from externally refferenced MHPD scope directly into MHPD device declaration. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
2017-01-10memhp: move build_memory_devices() into memory_hotplug.cIgor Mammedov
Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
2017-01-10memhp: move build_memory_hotplug_aml() into memory_hotplug.cIgor Mammedov
Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
2017-01-10virtio-net: Add MTU feature supportMaxime Coquelin
This patch allows advising guest with host MTU's by setting host_mtu parameter. If VIRTIO_NET_F_MTU has been successfully negotiated, MTU value is passed to the backend. Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Aaron Conole <aconole@redhat.com Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10vhost-net: Notify the backend about the host MTUMaxime Coquelin
This patch provides a way for virtio-net to notify the backend about the host MTU set by the user. Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Aaron Conole <aconole@redhat.com> Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10vhost-user: Add MTU protocol feature and opMaxime Coquelin
This patch implements VHOST_USER_PROTOCOL_F_NET_MTU protocol feature and VHOST_USER_NET_SET_MTU request so that the backend gets notified of the user defined host MTU. If backend supports VHOST_USER_PROTOCOL_F_REPLY_ACK, QEMU assumes MTU is valid if success is returned. Vhost-net driver sends this request through a new vhost_net_set_mtu vhost_ops entry. Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Aaron Conole <aconole@redhat.com> Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10net: virtio-net discards TX data after link downYuri Benditovich
https://bugzilla.redhat.com/show_bug.cgi?id=1295637 Upon set_link monitor command or upon netdev deletion virtio-net sends link down indication to the guest and stops vhost if one is used. Guest driver can still submit data for TX until it recognizes link loss. If these packets not returned by the host, the Windows guest will never be able to finish disable/removal/shutdown. Now each packet sent by guest after NIC indicated link down will be completed immediately. Signed-off-by: Yuri Benditovich <yuri.benditovich@daynix.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10virtio: Introduce virtqueue_drop_all procedureYuri Benditovich
Add procedure for fast drop of queued packets, acting like pop and push without mapping the buffers into memory. Signed-off-by: Yuri Benditovich <yuri.benditovich@daynix.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10net: vhost stop updates virtio queue stateYuri Benditovich
Make virtio queue suitable for push operation from qemu after vhost was stopped. Signed-off-by: Yuri Benditovich <yuri.benditovich@daynix.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10net: Add virtio queue interface to update used index from vring stateYuri Benditovich
Bring virtio queue to correct internal state for host-to-guest operations when vhost is temporary stopped. Signed-off-by: Yuri Benditovich <yuri.benditovich@daynix.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10balloon: Don't balloon romsDr. David Alan Gilbert
A broken guest can specify physical addresses that correspond to any memory region, but it shouldn't be able to change ROM. Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Cc: qemu-stable@nongnu.org Acked-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10virtio: fix vq->inuse recalc after migrHalil Pasic
Correct recalculation of vq->inuse after migration for the corner case where the avail_idx has already wrapped but used_idx not yet. Also change the type of the VirtQueue.inuse to unsigned int. This is done to be consistent with other members representing sizes (VRing.num), and because C99 guarantees max ring size < UINT_MAX but does not guarantee max ring size < INT_MAX. Signed-off-by: Halil Pasic <pasic@linux.vnet.ibm.com> Fixes: bccdef6b ("virtio: recalculate vq->inuse after migration") CC: qemu-stable@nongnu.org Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-01-10pcie_aer: support configurable AER capa versionDou Liyang
Now, AER capa version is fixed to v2, if assigned device isn't v2, then this value will be inconsistent between guest and host Signed-off-by: Dou Liyang <douly.fnst@cn.fujitsu.com> Signed-off-by: Cao jin <caoj.fnst@cn.fujitsu.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10pcie_aer: Convert pcie_aer_init to ErrorCao jin
When user specify invalid value for property aer_log_max, device should fail to create, and report appropriate message. Signed-off-by: Cao jin <caoj.fnst@cn.fujitsu.com> Reviewed-by: Marcel Apfelbaum <marcel@redhat.com> Acked-by: Dmitry Fleytman <dmitry@daynix.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10virtio-crypto: zeroize the key material before freeGonglei
Common practice with sensitive information (key material, passwords, etc). Prevents sensitive information from being exposed by accident later in coredumps, memory disclosure bugs when heap memory is reused, etc. Sensitive information is sometimes also held in mlocked pages to prevent it being swapped to disk but that's not being done here. Let's zeroize the memory of CryptoDevBackendSymOpInfo structure pointed for key material security. [Thanks to Stefan for help with crafting the commit message] Signed-off-by: Gonglei <arei.gonglei@huawei.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10virtio-crypto-pci: tag virtio-crypto device hot pluggableGonglei
After resolving the relationship with cryptodev backend, the virtio crypto device supports hotplug now. Signed-off-by: Gonglei <arei.gonglei@huawei.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10virtio-crypto: avoid one cryptodev device is used by multiple virtio crypto ↵Gonglei
devices Add the check condition for cryptodev device in order to avoid one cryptodev device is used by multiple virtio crypto devices. Signed-off-by: Gonglei <arei.gonglei@huawei.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10virtio-crypto-pci: add check for cryptodev objectGonglei
We must assure each virtio crypto pci device has an vaild cryptodev backend object. Signed-off-by: Gonglei <arei.gonglei@huawei.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10cryptodev: wrap the ready flagGonglei
The ready flag should be set by the children of cryptodev backend interface. Warp the setter/getter functions for it. Signed-off-by: Gonglei <arei.gonglei@huawei.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10cryptodev: introduce a new is_used propertyGonglei
This property is used to Tag the cryptodev backend is used by virtio-crypto or not. Making cryptodev can't be hot unplugged when it's in use. Cleanup resources when cryptodev is finalized. Signed-off-by: Gonglei <arei.gonglei@huawei.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10virtio-crypto: use the correct length for cipher operationGonglei
In some modes of cipher algorithms, the length of destination data maybe larger then source data, such as ciphertext stealing (CTS). For symmetric algorithms, the length of ciphertext is definitly equal to the plaintext for each crypto operation. So we should use the src_len instead of dst_len avoid to pass the incorrect cryptographical results to the frontend driver. Signed-off-by: Gonglei <arei.gonglei@huawei.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10acpi: add ATSR for q35Jason Wang
This patch provides ATSR which was a requirement for software that wants to enable ATS on endpoint devices behind a Root Port. This is done simply by setting ALL_PORTS which indicates all PCI-Express Root Ports support ATS transactions. Signed-off-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10virtio-pci: address space translation service (ATS) supportJason Wang
This patches enable the Address Translation Service support for virtio pci devices. This is needed for a guest visible Device IOTLB implementation and will be required by vhost device IOTLB API implementation for intel IOMMU. Cc: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10intel_iommu: support device iotlb descriptorJason Wang
This patch enables device IOTLB support for intel iommu. The major work is to implement QI device IOTLB descriptor processing and notify the device through iommu notifier. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Cc: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Peter Xu <peterx@redhat.com>
2017-01-10intel_iommu: allocate new key when creating new address spaceJason Wang
We use the pointer to stack for key for new address space, this will break hash table searching, fixing by g_malloc() a new key instead. Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Acked-by: Peter Xu <peterx@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10intel_iommu: name vtd address space with devfnJason Wang
To avoid duplicated name and ease debugging. Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Acked-by: Peter Xu <peterx@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10virtio: convert to use DMA apiJason Wang
Currently, all virtio devices bypass IOMMU completely. This is because address_space_memory is assumed and used during DMA emulation. This patch converts the virtio core API to use DMA API. This idea is - introducing a new transport specific helper to query the dma address space. (only pci version is implemented). - query and use this address space during virtio device guest memory accessing when iommu platform (VIRTIO_F_IOMMU_PLATFORM) was enabled for this device. Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Stefan Hajnoczi <stefanha@redhat.com> Cc: Kevin Wolf <kwolf@redhat.com> Cc: Amit Shah <amit.shah@redhat.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: qemu-block@nongnu.org Signed-off-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10virtio-crypto: fix possible integer and heap overflowGonglei
Because the 'size_t' type is 4 bytes in 32-bit platform, which is the same with 'int'. It's easy to make 'max_len' to zero when integer overflow and then cause heap overflow if 'max_len' is zero. Using uint_64 instead of size_t to avoid the integer overflow. Cc: qemu-stable@nongnu.org Reported-by: Li Qiang <liqiang6-s@360.cn> Signed-off-by: Gonglei <arei.gonglei@huawei.com> Tested-by: Li Qiang <liqiang6-s@360.cn> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-10intel_iommu: allow migrationPeter Xu
IOMMU needs to be migrated before all the PCI devices (in case there are devices that will request for address translation). So marking it with a priority higher than the default (which PCI devices and other belong). Migration framework handled the rest. Signed-off-by: Peter Xu <peterx@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-01-09Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into stagingPeter Maydell
virtio, vhost, pc: fixes Here are some bugfixes that didn't make 2.8. Signed-off-by: Michael S. Tsirkin <mst@redhat.com> # gpg: Signature made Fri 16 Dec 2016 21:13:43 GMT # gpg: using RSA key 0x281F0DB8D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" # gpg: aka "Michael S. Tsirkin <mst@redhat.com>" # Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67 # Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469 * remotes/mst/tags/for_upstream: virtio: avoid using guest_notifier_mask in vhost-user mode pci: fix error message for express slots i386: amd_iommu: fix MMIO register count and access tests/vhost-user-bridge: use contrib/libvhost-user contrib: add libvhost-user tests/vhost-user-bridge: do not accept more than one connection tests/vhost-user-bridge: indicate peer disconnected tests/vhost-user-bridge: remove unnecessary dispatcher_remove tests/vhost-user-bridge: remove false comment Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-01-09hw/ssi/imx_spi.c: Remove MSGDATA register supportJean-Christophe Dubois
From the documentation it is not clear what this SPI register is about. Moreover, neither linux driver nor xvisor driver are using this SPI register. For now we just remove it and issue a log on register write access. Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net> Message-id: 20170107122047.26300-1-jcd@tribudubois.net Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-01-09m25p80: don't let rogue SPI controllers cause buffer overrunsJean-Christophe Dubois
In normal operation we should never attempt to put more data into the data[] array than it can hold. However if the SPI controller connected to us misbehaves then it can send us a sequence of commands that attempt this. Since the controller might be in the guest (if the hardware does SPI via bit-banging), catch the possible overrun conditions and reset the flash internal state, logging them as guest errors. Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net> Message-id: 20170107111631.24444-1-jcd@tribudubois.net Reviewed-by: Peter Maydell <peter.maydell@linaro.org> [PMM: rewrote commit message to be more exact about when this can happen] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>