OSDN Git Service
Peter Maydell [Thu, 25 Jan 2018 17:04:47 +0000 (17:04 +0000)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-
20180125' into staging
target-arm queue:
* target/arm: Fix address truncation in 64-bit pagetable walks
* i.MX: Fix FEC/ENET receive functions
* target/arm: preparatory refactoring for SVE emulation
* hw/intc/arm_gic: Prevent the GIC from signaling an IRQ when it's "active and pending"
* hw/intc/arm_gic: Fix C_RPR value on idle priority
* hw/intc/arm_gic: Fix group priority computation for group 1 IRQs
* hw/intc/arm_gic: Fix the NS view of C_BPR when C_CTRL.CBPR is 1
* hw/arm/virt: Check that the CPU realize method succeeded
* sdhci: fix a NULL pointer dereference due to uninitialized AddressSpace object
* xilinx_spips: Correct usage of an uninitialized local variable
* pl110: Implement vertical compare/next base interrupts
# gpg: Signature made Thu 25 Jan 2018 12:59:25 GMT
# gpg: using RSA key 0x3C2525ED14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg: aka "Peter Maydell <pmaydell@gmail.com>"
# gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE
* remotes/pmaydell/tags/pull-target-arm-
20180125: (21 commits)
pl110: Implement vertical compare/next base interrupts
xilinx_spips: Correct usage of an uninitialized local variable
sdhci: fix a NULL pointer dereference due to uninitialized AddresSpace object
hw/arm/virt: Check that the CPU realize method succeeded
hw/intc/arm_gic: Fix the NS view of C_BPR when C_CTRL.CBPR is 1
hw/intc/arm_gic: Fix group priority computation for group 1 IRQs
hw/intc/arm_gic: Fix C_RPR value on idle priority
hw/intc/arm_gic: Prevent the GIC from signaling an IRQ when it's "active and pending"
target/arm: Simplify fp_exception_el for user-only
target/arm: Hoist store to flags output in cpu_get_tb_cpu_state
target/arm: Move cpu_get_tb_cpu_state out of line
target/arm: Add ARM_FEATURE_SVE
vmstate: Add VMSTATE_UINT64_SUB_ARRAY
target/arm: Add aa{32, 64}_vfp_{dreg, qreg} helpers
target/arm: Change the type of vfp.regs
target/arm: Use pointers in neon tbl helper
target/arm: Use pointers in neon zip/uzp helpers
target/arm: Use pointers in crypto helpers
target/arm: Mark disas_set_insn_syndrome inline
i.MX: Fix FEC/ENET receive funtions
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Thu, 25 Jan 2018 16:24:55 +0000 (16:24 +0000)]
Merge remote-tracking branch 'remotes/mcayland/tags/qemu-sparc-signed' into staging
qemu-sparc update
# gpg: Signature made Thu 25 Jan 2018 13:44:58 GMT
# gpg: using RSA key 0x5BC2C56FAE0F321F
# gpg: Good signature from "Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>"
# Primary key fingerprint: CC62 1AB9 8E82 200D 915C C9C4 5BC2 C56F AE0F 321F
* remotes/mcayland/tags/qemu-sparc-signed:
sun4u: implement power device
sparc64: convert hw/sparc64/sparc64.c from DPRINTF macros to trace events
sabre: convert from SABRE_DPRINTF macro to trace-events
apb: rename apb.c to sabre.c
sun4u: rename apb variables and constants
apb: rename QOM type from TYPE_APB to TYPE_SABRE
apb: QOMify sabre PCI host bridge
apb: change pbm_pci_host prefix functions to use sabre_pci prefix
apb: rename APB functions to use sabre prefix
simba: rename PBMPCIBridge and QOM types to reflect simba naming
apb: split simba PCI bridge into hw/pci-bridge/simba.c
sparc/leon3 irqmp: fix IRQ software ack
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Thu, 25 Jan 2018 15:28:56 +0000 (15:28 +0000)]
Merge remote-tracking branch 'remotes/kraxel/tags/vga-
20180125-pull-request' into staging
vga: fix for CVE-2018-5683
# gpg: Signature made Thu 25 Jan 2018 09:33:23 GMT
# gpg: using RSA key 0x4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg: aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138
* remotes/kraxel/tags/vga-
20180125-pull-request:
vga: check the validation of memory addr when draw text
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Mark Cave-Ayland [Wed, 24 Jan 2018 19:19:58 +0000 (19:19 +0000)]
sun4u: implement power device
This inbuilt device contains a single 4-byte register, of which bit 24 is used
to power down the machine on a real Ultra 5.
The power device exists at offset 0x724000 on a real machine, but due to the
current configuration of the BARs in QEMU it must be located lower in PCI IO
space.
For the moment we place the power device at offset 0x7240 as a reminder of its
original location and raise the base PCI IO address from 0x4000 to 0x8000.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Artyom Tarasenko <atar4qemu@gmail.com>
Mark Cave-Ayland [Sun, 21 Jan 2018 08:59:45 +0000 (08:59 +0000)]
sparc64: convert hw/sparc64/sparc64.c from DPRINTF macros to trace events
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: Artyom Tarasenko <atar4qemu@gmail.com>
Linus Walleij [Thu, 25 Jan 2018 11:45:30 +0000 (11:45 +0000)]
pl110: Implement vertical compare/next base interrupts
This implements rudimentary support for interrupt generation on the
PL110. I am working on a new DRI/KMS driver for Linux and since that
uses the blanking interrupt, we need something to fire here. Without
any interrupt support Linux waits for a while and then gives ugly
messages about the vblank not working in the console (it does not
hang perpetually or anything though, DRI is pretty forgiving).
I solved it for now by setting up a timer to fire at 60Hz and pull
the interrupts for "vertical compare" and "next memory base"
at this interval. This works fine and fires roughly the same number
of IRQs on QEMU as on the hardware and leaves the console clean
and nice.
People who want to create more accurate emulation can probably work
on top of this if need be. It is certainly closer to the hardware
behaviour than what we have today anyway.
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Message-id:
20180123225654.5764-1-linus.walleij@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: folded long lines]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Francisco Iglesias [Thu, 25 Jan 2018 11:45:30 +0000 (11:45 +0000)]
xilinx_spips: Correct usage of an uninitialized local variable
Coverity found that the variable tx_rx in the function
xilinx_spips_flush_txfifo was being used uninitialized (CID
1383841). This
patch corrects this by always initializing tx_rx to zeros.
Signed-off-by: Francisco Iglesias <frasse.iglesias@gmail.com>
Message-id:
20180124215708.30400-1-frasse.iglesias@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Philippe Mathieu-Daudé [Thu, 25 Jan 2018 11:45:30 +0000 (11:45 +0000)]
sdhci: fix a NULL pointer dereference due to uninitialized AddresSpace object
missed in
60765b6ceeb4.
Thread 1 "qemu-system-aarch64" received signal SIGSEGV, Segmentation fault.
address_space_init (as=0x0, root=0x55555726e410, name=name@entry=0x555555e3f0a7 "sdhci-dma") at memory.c:3050
3050 as->root = root;
(gdb) bt
#0 address_space_init (as=0x0, root=0x55555726e410, name=name@entry=0x555555e3f0a7 "sdhci-dma") at memory.c:3050
#1 0x0000555555af62c3 in sdhci_sysbus_realize (dev=<optimized out>, errp=0x7fff7f931150) at hw/sd/sdhci.c:1564
#2 0x00005555558b25e5 in zynqmp_sdhci_realize (dev=0x555557051520, errp=0x7fff7f931150) at hw/sd/zynqmp-sdhci.c:151
#3 0x0000555555a2e7f3 in device_set_realized (obj=0x555557051520, value=<optimized out>, errp=0x7fff7f931270) at hw/core/qdev.c:966
#4 0x0000555555ba3f74 in property_set_bool (obj=0x555557051520, v=<optimized out>, name=<optimized out>, opaque=0x555556e04a20,
errp=0x7fff7f931270) at qom/object.c:1906
#5 0x0000555555ba51f4 in object_property_set (obj=obj@entry=0x555557051520, v=v@entry=0x5555576dbd60,
name=name@entry=0x555555dd6306 "realized", errp=errp@entry=0x7fff7f931270) at qom/object.c:1102
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id:
20180123132051.24448-1-f4bug@amsat.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Thu, 25 Jan 2018 11:45:30 +0000 (11:45 +0000)]
hw/arm/virt: Check that the CPU realize method succeeded
We were passing a NULL error pointer to the object_property_set_bool()
call that realizes the CPU object. This meant that we wouldn't detect
failure, and would plough blindly on to crash later trying to use a
NULL CPU object pointer. Detect errors and fail instead.
In particular, this will be necessary to detect the user error
of using "-cpu host" without "-enable-kvm" once we make the host
CPU type be registered unconditionally rather than only in
kvm_arch_init().
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Luc MICHEL [Thu, 25 Jan 2018 11:45:30 +0000 (11:45 +0000)]
hw/intc/arm_gic: Fix the NS view of C_BPR when C_CTRL.CBPR is 1
When C_CTRL.CBPR is 1, the Non-Secure view of C_BPR is altered:
- A Non-Secure read of C_BPR should return the BPR value plus 1,
saturated to 7,
- A Non-Secure write should be ignored.
Signed-off-by: Luc MICHEL <luc.michel@git.antfield.fr>
Message-id:
20180119145756.7629-6-luc.michel@greensocs.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: fixed comment typo]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Luc MICHEL [Thu, 25 Jan 2018 11:45:30 +0000 (11:45 +0000)]
hw/intc/arm_gic: Fix group priority computation for group 1 IRQs
When determining the group priority of a group 1 IRQ, if C_CTRL.CBPR is
0, the non-secure BPR value is used. However, this value must be
incremented by one so that it matches the secure world number of
implemented priority bits (NS world has one less priority bit compared
to the Secure world).
Signed-off-by: Luc MICHEL <luc.michel@git.antfield.fr>
Message-id:
20180119145756.7629-5-luc.michel@greensocs.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: add assert, as the gicv3 code has]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Luc MICHEL [Thu, 25 Jan 2018 11:45:30 +0000 (11:45 +0000)]
hw/intc/arm_gic: Fix C_RPR value on idle priority
When there is no active interrupts in the GIC, a read to the C_RPR
register should return the value of the "Idle priority", which is either
the maximum value an IRQ priority field can be set to, or 0xff.
Since the QEMU GIC model implements all the 8 priority bits, the Idle
priority is 0xff.
Internally, when there is no active interrupt, the running priority
value is 0x100. The gic_get_running_priority function returns an uint8_t
and thus, truncate this value to 0x00 when returning it. This is wrong since
a value of 0x00 correspond to the maximum possible priority.
This commit fixes the returned value when the internal value is 0x100.
Note that it is correct for the Non-Secure view to return 0xff even
though from the NS world point of view, only 7 priority bits are
implemented. The specification states that the Idle priority can be 0xff
even when not all the 8 priority bits are implemented. This has been
verified against a real GICv2 hardware on a Xilinx ZynqMP based board.
Regarding the ARM11MPCore version of the GIC, the specification is not
clear on that point, so this commit does not alter its behavior.
Signed-off-by: Luc MICHEL <luc.michel@git.antfield.fr>
Message-id:
20180119145756.7629-4-luc.michel@greensocs.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Luc MICHEL [Thu, 25 Jan 2018 11:45:29 +0000 (11:45 +0000)]
hw/intc/arm_gic: Prevent the GIC from signaling an IRQ when it's "active and pending"
In the GIC, when an IRQ is acknowledged, its state goes from "pending"
to:
- "active" if the corresponding IRQ pin has been de-asserted
- "active and pending" otherwise.
The GICv2 manual states that when a IRQ becomes active (or active and
pending), the GIC should either signal another (higher priority) IRQ to
the CPU if there is one, or de-assert the CPU IRQ pin.
The current implementation of the GIC in QEMU does not check if the
IRQ is already active when looking for pending interrupts with
sufficient priority in gic_update(). This can lead to signaling an
interrupt that is already active.
This usually happens when splitting priority drop and interrupt
deactivation. On priority drop, the IRQ stays active until deactivation.
If it becomes pending again, chances are that it will be incorrectly
selected as best_irq in gic_update().
This commit fixes this by checking if the IRQ is not already active when
looking for best_irq in gic_update().
Note that regarding the ARM11MPCore GIC version, the corresponding
manual is not clear on that point, but it has has no priority
drop/interrupt deactivation separation, so this case should not happen.
Signed-off-by: Luc MICHEL <luc.michel@git.antfield.fr>
Message-id:
20180119145756.7629-3-luc.michel@greensocs.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Richard Henderson [Thu, 25 Jan 2018 11:45:29 +0000 (11:45 +0000)]
target/arm: Simplify fp_exception_el for user-only
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id:
20180119045438.28582-16-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Richard Henderson [Thu, 25 Jan 2018 11:45:29 +0000 (11:45 +0000)]
target/arm: Hoist store to flags output in cpu_get_tb_cpu_state
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id:
20180119045438.28582-15-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Richard Henderson [Thu, 25 Jan 2018 11:45:29 +0000 (11:45 +0000)]
target/arm: Move cpu_get_tb_cpu_state out of line
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id:
20180119045438.28582-14-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Richard Henderson [Thu, 25 Jan 2018 11:45:29 +0000 (11:45 +0000)]
target/arm: Add ARM_FEATURE_SVE
Not enabled anywhere so far.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id:
20180119045438.28582-11-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Richard Henderson [Thu, 25 Jan 2018 11:45:29 +0000 (11:45 +0000)]
vmstate: Add VMSTATE_UINT64_SUB_ARRAY
At the same time, move VMSTATE_UINT32_SUB_ARRAY
beside the other UINT32 definitions.
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id:
20180119045438.28582-8-richard.henderson@linaro.org
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Richard Henderson [Thu, 25 Jan 2018 11:45:29 +0000 (11:45 +0000)]
target/arm: Add aa{32, 64}_vfp_{dreg, qreg} helpers
Helpers that return a pointer into env->vfp.regs so that we isolate
the logic of how to index the regs array for different cpu modes.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id:
20180119045438.28582-7-richard.henderson@linaro.org
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Richard Henderson [Thu, 25 Jan 2018 11:45:28 +0000 (11:45 +0000)]
target/arm: Change the type of vfp.regs
All direct users of this field want an integral value. Drop all
of the extra casting between uint64_t and float64.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id:
20180119045438.28582-6-richard.henderson@linaro.org
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Richard Henderson [Thu, 25 Jan 2018 11:45:28 +0000 (11:45 +0000)]
target/arm: Use pointers in neon tbl helper
Rather than passing a regno to the helper, pass pointers to the
vector register directly. This eliminates the need to pass in
the environment pointer and reduces the number of places that
directly access env->vfp.regs[].
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id:
20180119045438.28582-5-richard.henderson@linaro.org
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Richard Henderson [Thu, 25 Jan 2018 11:45:28 +0000 (11:45 +0000)]
target/arm: Use pointers in neon zip/uzp helpers
Rather than passing regnos to the helpers, pass pointers to the
vector registers directly. This eliminates the need to pass in
the environment pointer and reduces the number of places that
directly access env->vfp.regs[].
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id:
20180119045438.28582-4-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Richard Henderson [Thu, 25 Jan 2018 11:45:28 +0000 (11:45 +0000)]
target/arm: Use pointers in crypto helpers
Rather than passing regnos to the helpers, pass pointers to the
vector registers directly. This eliminates the need to pass in
the environment pointer and reduces the number of places that
directly access env->vfp.regs[].
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id:
20180119045438.28582-3-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Richard Henderson [Thu, 25 Jan 2018 11:45:28 +0000 (11:45 +0000)]
target/arm: Mark disas_set_insn_syndrome inline
If it isn't used when translate.h is included,
we'll get a compiler Werror.
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id:
20180119045438.28582-2-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Jean-Christophe Dubois [Thu, 25 Jan 2018 11:45:28 +0000 (11:45 +0000)]
i.MX: Fix FEC/ENET receive funtions
The actual imx_eth_enable_rx() function is buggy.
It updates s->regs[ENET_RDAR] after calling qemu_flush_queued_packets().
qemu_flush_queued_packets() is going to call imx_XXX_receive() which itself
is going to call imx_eth_enable_rx().
By updating s->regs[ENET_RDAR] after calling qemu_flush_queued_packets()
we end up updating the register with an outdated value which might
lead to disabling the receive function in the i.MX FEC/ENET device.
This patch change the place where the register update is done so that the
register value stays up to date and the receive function can keep
running.
Reported-by: Fyleo <fyleo45@gmail.com>
Tested-by: Fyleo <fyleo45@gmail.com>
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Message-id:
20180113113445.2705-1-jcd@tribudubois.net
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Tested-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Ard Biesheuvel [Thu, 25 Jan 2018 11:45:28 +0000 (11:45 +0000)]
target/arm: Fix 32-bit address truncation
Commit ("
3b39d734141a target/arm: Handle page table walk load failures
correctly") modified both versions of the page table walking code (i.e.,
arm_ldl_ptw and arm_ldq_ptw) to record the result of the translation in
a temporary 'data' variable so that it can be inspected before being
returned. However, arm_ldq_ptw() returns an uint64_t, and using a
temporary uint32_t variable truncates the upper bits, corrupting the
result. This causes problems when using more than 4 GB of memory in
a TCG guest. So use a uint64_t instead.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Message-id:
20180119194648.25501-1-ard.biesheuvel@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Thu, 25 Jan 2018 09:53:53 +0000 (09:53 +0000)]
Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-2.12-pull-request' into staging
# gpg: Signature made Tue 23 Jan 2018 14:47:41 GMT
# gpg: using RSA key 0xF30C38BD3F2FBE3C
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>"
# gpg: aka "Laurent Vivier <laurent@vivier.eu>"
# gpg: aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>"
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F 5173 F30C 38BD 3F2F BE3C
* remotes/vivier2/tags/linux-user-for-2.12-pull-request:
linux-user: implement renameat2
page_unprotect(): handle calls to pages that are PAGE_WRITE
linux-user: Propagate siginfo_t through to handle_cpu_signal()
linux-user: remove nmi.c and fw-path-provider.c
linux-user: Add getcpu() support
linux-user: Add AT_SECURE auxval
linux-user: Fix sched_get/setaffinity conversion
linux-user/mmap.c: Avoid choosing NULL as start address
linux-user: Translate flags argument to dup3 syscall
linux-user: Don't use CMSG_ALIGN(sizeof struct cmsghdr)
linux-user: Fix length calculations in host_to_target_cmsg()
linux-user: wrap fork() in a start/end exclusive section
linux-user: Fix locking order in fork_start()
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
linzhecheng [Thu, 11 Jan 2018 13:27:24 +0000 (21:27 +0800)]
vga: check the validation of memory addr when draw text
Start a vm with qemu-kvm -enable-kvm -vnc :66 -smp 1 -m 1024 -hda
redhat_5.11.qcow2 -device pcnet -vga cirrus,
then use VNC client to connect to VM, and excute the code below in guest
OS will lead to qemu crash:
int main()
{
iopl(3);
srand(time(NULL));
int a,b;
while(1){
a = rand()%0x100;
b = 0x3c0 + (rand()%0x20);
outb(a,b);
}
return 0;
}
The above code is writing the registers of VGA randomly.
We can write VGA CRT controller registers index 0x0C or 0x0D
(which is the start address register) to modify the
the display memory address of the upper left pixel
or character of the screen. The address may be out of the
range of vga ram. So we should check the validation of memory address
when reading or writing it to avoid segfault.
Signed-off-by: linzhecheng <linzhecheng@huawei.com>
Message-id:
20180111132724.13744-1-linzhecheng@huawei.com
Fixes: CVE-2018-5683
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Peter Maydell [Wed, 24 Jan 2018 22:55:57 +0000 (22:55 +0000)]
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging
Block layer patches
# gpg: Signature made Tue 23 Jan 2018 12:38:36 GMT
# gpg: using RSA key 0x7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74 56FE 7F09 B272 C88F 2FD6
* remotes/kevin/tags/for-upstream: (29 commits)
iotests: Disable some tests for compat=0.10
iotests: Split 177 into two parts for compat=0.10
iotests: Make 059 pass on machines with little RAM
iotests: Filter compat-dependent info in 198
iotests: Make 191 work with qcow2 options
iotests: Make 184 image-less
iotests: Make 089 compatible with compat=0.10
iotests: Fix 067 for compat=0.10
iotests: Fix 059's reference output
iotests: Fix 051 for compat=0.10
iotests: Fix 020 for vmdk
iotests: Skip 103 for refcount_bits=1
iotests: Forbid 020 for non-file protocols
iotests: Drop format-specific in _filter_img_info
iotests: Fix _img_info for backslashes
block/vmdk: Add blkdebug events
block/qcow: Add blkdebug events
qcow2: No persistent dirty bitmaps for compat=0.10
block/vmdk: Fix , instead of ; at end of line
qemu-iotests: Fix locking issue in 102
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Wed, 24 Jan 2018 19:24:26 +0000 (19:24 +0000)]
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
virtio: quick fix
Fixes a regression in virtio that's causing issues
for many people.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Wed 24 Jan 2018 17:20:24 GMT
# gpg: using RSA key 0x281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg: aka "Michael S. Tsirkin <mst@redhat.com>"
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67
# Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469
* remotes/mst/tags/for_upstream:
Revert "qemu: add a cleanup callback function to EventNotifier"
Revert "virtio: postpone the execution of event_notifier_cleanup function"
Revert "virtio: improve virtio devices initialization time"
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Mark Cave-Ayland [Sun, 21 Jan 2018 08:59:45 +0000 (08:59 +0000)]
sabre: convert from SABRE_DPRINTF macro to trace-events
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
CC: Michael S. Tsirkin <mst@redhat.com>
CC: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: Artyom Tarasenko <atar4qemu@gmail.com>
[for addition of trace-events to hw/pci-host]
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Mark Cave-Ayland [Sun, 21 Jan 2018 08:59:45 +0000 (08:59 +0000)]
apb: rename apb.c to sabre.c
This is the final stage in correcting the naming convention with respect to
sabre, APB and PBM. It is effectively a file rename from apb.c to sabre.c
along with touching up a few constants to remove the remaining references
to APB.
Note that as part of the rename process the configuration variable
CONFIG_PCI_APB is changed to CONFIG_PCI_SABRE.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: Artyom Tarasenko <atar4qemu@gmail.com>
Mark Cave-Ayland [Sun, 21 Jan 2018 08:59:45 +0000 (08:59 +0000)]
sun4u: rename apb variables and constants
In order to reflect the previous change of TYPE_APB to TYPE_SABRE, update
the corresponding variable names to keep the terminology consistent.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: Artyom Tarasenko <atar4qemu@gmail.com>
Mark Cave-Ayland [Sun, 21 Jan 2018 08:59:45 +0000 (08:59 +0000)]
apb: rename QOM type from TYPE_APB to TYPE_SABRE
Similarly rename the corresponding APBState typedef to SabreState.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: Artyom Tarasenko <atar4qemu@gmail.com>
Mark Cave-Ayland [Sun, 21 Jan 2018 08:59:45 +0000 (08:59 +0000)]
apb: QOMify sabre PCI host bridge
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: Artyom Tarasenko <atar4qemu@gmail.com>
Mark Cave-Ayland [Sun, 21 Jan 2018 08:59:45 +0000 (08:59 +0000)]
apb: change pbm_pci_host prefix functions to use sabre_pci prefix
This is the proper name for the PBM host bridge as referenced in the Sun
documentation.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: Artyom Tarasenko <atar4qemu@gmail.com>
Mark Cave-Ayland [Sun, 21 Jan 2018 08:59:45 +0000 (08:59 +0000)]
apb: rename APB functions to use sabre prefix
As hinted in the comment at the top of the file, the naming convention for the
APB types/QOM functions isn't correct. As a starting point we can at least
rename the APB type and related functions to improve the readability of apb.c.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: Artyom Tarasenko <atar4qemu@gmail.com>
Mark Cave-Ayland [Sun, 21 Jan 2018 08:59:45 +0000 (08:59 +0000)]
simba: rename PBMPCIBridge and QOM types to reflect simba naming
Here we rename PBMPCIBridge to SimbaPCIBridge and the QOM type from
TYPE_PBM_PCI_BRIDGE to TYPE_SIMBA_PCI_BRIDGE in improve the clarity
of the device name.
Also touch up the relevant spots in apb.c and various other function
names as appropriate.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: Artyom Tarasenko <atar4qemu@gmail.com>
Mark Cave-Ayland [Sun, 21 Jan 2018 08:59:45 +0000 (08:59 +0000)]
apb: split simba PCI bridge into hw/pci-bridge/simba.c
Move the QOM type and macros into a new include/hw/pci-bridge/simba.h
file, and add a new CONFIG_SIMBA Makefile.objs variable which is enabled
for sparc64-softmmu builds only.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
CC: Michael S. Tsirkin <mst@redhat.com>
CC: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: Artyom Tarasenko <atar4qemu@gmail.com>
Jean-Christophe Dubois [Wed, 10 Jan 2018 20:43:27 +0000 (21:43 +0100)]
sparc/leon3 irqmp: fix IRQ software ack
With the LEON3 IRQ controller IRQs can be acknowledged 2 ways:
* Explicitly by software writing to the CLEAR_OFFSET register
* Implicitly when the procesor is done running the trap handler attached
to the IRQ.
The actual IRQMP code only allows the implicit processor triggered IRQ ack.
If software write explicitly to the CLEAR_OFFSET register, this will clear
the pending bit in the register value but this will not lower the ongoing
raised IRQ with the processor. The IRQ will be kept raised to the LEON
processor until the related trap handler is run and the processor implicitly
ack the interrupt. So with the actual IRQMP code trap handler have to be run
even if the software has already done its job by clearing the pending bit.
This feature has been tested on another LEON3 simulator (tsim_leon3 from
Gaisler) and it turns out that the Qemu implementation is not equivalent to
the tsim one. In tsim, if software does clear a pending interrupt before
the related interrupt handler is triggered the said interrupt handler will
not be called.
This patch brings the Qemu IRQMP implementation in line with the tsim
implementation by allowing IRQ to be acknowledged by software only.
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Reviewed-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Michael S. Tsirkin [Wed, 24 Jan 2018 17:11:47 +0000 (19:11 +0200)]
Revert "qemu: add a cleanup callback function to EventNotifier"
This reverts commit
f87d72f5c5bff0837d409a56bd34f439a90119ca as that is
part of a patchset reported to break cleanup and migration.
Cc: Gal Hammer <ghammer@redhat.com>
Cc: Sitong Liu <siliu@redhat.com>
Cc: Xiaoling Gao <xiagao@redhat.com>
Suggested-by: Greg Kurz <groug@kaod.org>
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Reported-by: Jose Ricardo Ziviani <joserz@linux.vnet.ibm.com>
Reported-by: Daniel Henrique Barboza <danielhb@linux.vnet.ibm.com>
Michael S. Tsirkin [Wed, 24 Jan 2018 17:09:13 +0000 (19:09 +0200)]
Revert "virtio: postpone the execution of event_notifier_cleanup function"
This reverts commit
4fe6d78b2e241f41208dfb07605aace4becfc747 as it is
reported to break cleanup and migration.
Cc: Gal Hammer <ghammer@redhat.com>
Cc: Sitong Liu <siliu@redhat.com>
Cc: Xiaoling Gao <xiagao@redhat.com>
Suggested-by: Greg Kurz <groug@kaod.org>
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Reported-by: Jose Ricardo Ziviani <joserz@linux.vnet.ibm.com>
Reported-by: Daniel Henrique Barboza <danielhb@linux.vnet.ibm.com>
Michael S. Tsirkin [Wed, 24 Jan 2018 17:19:41 +0000 (19:19 +0200)]
Revert "virtio: improve virtio devices initialization time"
This reverts commit
6f0bb230722931d17fb284eee8efd40b9d653822.
This reverts commit
f87d72f5c5bff0837d409a56bd34f439a90119ca as that is
reported to break cleanup and migration.
Cc: Gal Hammer <ghammer@redhat.com>
Cc: Sitong Liu <siliu@redhat.com>
Cc: Xiaoling Gao <xiagao@redhat.com>
Suggested-by: Greg Kurz <groug@kaod.org>
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Reported-by: Jose Ricardo Ziviani <joserz@linux.vnet.ibm.com>
Reported-by: Daniel Henrique Barboza <danielhb@linux.vnet.ibm.com>
Peter Maydell [Wed, 24 Jan 2018 16:59:36 +0000 (16:59 +0000)]
Merge remote-tracking branch 'remotes/xtensa/tags/
20180122-xtensa' into staging
target/xtensa updates:
- make mini-bootloader independent of the initial CPU state;
- add noMMU XTFPGA variants;
- add two noMMU cores: de212 and sample_controller;
- fix issues reported by coverity against xtensa translator and disassembler.
# gpg: Signature made Mon 22 Jan 2018 20:00:01 GMT
# gpg: using RSA key 0x51F9CC91F83FA044
# gpg: Good signature from "Max Filippov <filippov@cadence.com>"
# gpg: aka "Max Filippov <max.filippov@cogentembedded.com>"
# gpg: aka "Max Filippov <jcmvbkbc@gmail.com>"
# Primary key fingerprint: 2B67 854B 98E5 327D CDEB 17D8 51F9 CC91 F83F A044
* remotes/xtensa/tags/
20180122-xtensa:
target/xtensa: disas/xtensa: fix coverity warnings
target/xtensa: add sample_controller core
target/xtensa: allow different default CPU for MMU/noMMU
target/xtensa: add de212 core
hw/xtensa/xtfpga: support noMMU cores
hw/xtensa/xtfpga: extract flash configuration
hw/xtensa: extract xtensa_create_memory_regions
target/xtensa: fix default sysrom/sysram addresses
hw/xtensa/xtfpga: clean up function/structure names
hw/xtensa/xtfpga: rewrite mini bootloader
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Wed, 24 Jan 2018 15:28:36 +0000 (15:28 +0000)]
Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging
Pull request
v2:
* Drop merge failure from a previous pull request that broke virtio-blk on ARM
guests
* Add Parallels XML patch series
# gpg: Signature made Mon 22 Jan 2018 16:00:40 GMT
# gpg: using RSA key 0x9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>"
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35 775A 9CA4 ABB3 81AB 73C8
* remotes/stefanha/tags/block-pull-request:
block/parallels: add backing support to readv/writev
block/parallels: replace some magic numbers
block/parallels: move some structures into header
configure: add dependency
docs/interop/prl-xml: description of Parallels Disk format
block: add block_set_io_throttle virtio-blk-pci QMP example
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Andreas Schwab [Tue, 23 Jan 2018 10:53:31 +0000 (11:53 +0100)]
linux-user: implement renameat2
This is needed for new architectures like RISC-V which do not provide any
other rename-like syscall.
Signed-off-by: Andreas Schwab <schwab@suse.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <mvm607su9qs.fsf@suse.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Peter Maydell [Tue, 28 Nov 2017 14:35:25 +0000 (14:35 +0000)]
page_unprotect(): handle calls to pages that are PAGE_WRITE
If multiple guest threads in user-mode emulation write to a
page which QEMU has marked read-only because of cached TCG
translations, the threads can race in page_unprotect:
* threads A & B both try to do a write to a page with code in it at
the same time (ie which we've made non-writeable, so SEGV)
* they race into the signal handler with this faulting address
* thread A happens to get to page_unprotect() first and takes the
mmap lock, so thread B sits waiting for it to be done
* A then finds the page, marks it PAGE_WRITE and mprotect()s it writable
* A can then continue OK (returns from signal handler to retry the
memory access)
* ...but when B gets the mmap lock it finds that the page is already
PAGE_WRITE, and so it exits page_unprotect() via the "not due to
protected translation" code path, and wrongly delivers the signal
to the guest rather than just retrying the access
In particular, this meant that trying to run 'javac' in user-mode
emulation would fail with a spurious guest SIGSEGV.
Handle this by making page_unprotect() assume that a call for a page
which is already PAGE_WRITE is due to a race of this sort and return
a "fault handled" indication.
Since this would cause an infinite loop if we ever called
page_unprotect() for some other kind of fault than "write failed due
to bad access permissions", tighten the condition in
handle_cpu_signal() to check the signal number and si_code, and add a
comment so that if somebody does ever find themselves debugging an
infinite loop of faults they have some clue about why.
(The trick for identifying the correct setting for
current_tb_invalidated for thread B (needed to handle the precise-SMC
case) is due to Richard Henderson. Paolo Bonzini suggested just
relying on si_code rather than trying anything more complicated.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <
1511879725-9576-3-git-send-email-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Peter Maydell [Tue, 28 Nov 2017 14:35:24 +0000 (14:35 +0000)]
linux-user: Propagate siginfo_t through to handle_cpu_signal()
Currently all the architecture/OS specific cpu_signal_handler()
functions call handle_cpu_signal() without passing it the
siginfo_t. We're going to want that so we can look at the si_code
to determine whether this is a SEGV_ACCERR access violation or
some other kind of fault, so change the functions to pass through
the pointer to the siginfo_t rather than just the si_addr value.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <
1511879725-9576-2-git-send-email-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Laurent Vivier [Fri, 3 Nov 2017 19:38:02 +0000 (20:38 +0100)]
linux-user: remove nmi.c and fw-path-provider.c
linux-user binaries don't need firmware and NMI,
so don't add them in this case, move QDEV
firmware functions to qdev-fw.c
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <
20171103193802.11876-1-laurent@vivier.eu>
Samuel Thibault [Fri, 12 Jan 2018 08:14:35 +0000 (09:14 +0100)]
linux-user: Add getcpu() support
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <
20180112081435.21299-1-samuel.thibault@ens-lyon.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Marco A L Barbosa [Thu, 11 Jan 2018 18:37:14 +0000 (16:37 -0200)]
linux-user: Add AT_SECURE auxval
Signed-off-by: Marco A L Barbosa <malbarbo@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <
20180111183714.22834-2-malbarbo@gmail.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Samuel Thibault [Tue, 9 Jan 2018 20:16:43 +0000 (21:16 +0100)]
linux-user: Fix sched_get/setaffinity conversion
sched_get/setaffinity linux-user syscalls were missing conversions for
little/big endian, which is hairy since longs may not be the same size
either.
For simplicity, this just introduces loops to convert bit by bit like is
done for select.
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <
20180109201643.1479-1-samuel.thibault@ens-lyon.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Maximilian Riemensberger [Sun, 7 Jan 2018 01:01:44 +0000 (01:01 +0000)]
linux-user/mmap.c: Avoid choosing NULL as start address
mmap() is required by the linux kernel ABI and POSIX to return a
non-NULL address when the implementation chooses a start address for the
mapping.
The current implementation of mmap_find_vma_reserved() can return NULL
as start address of a mapping which leads to subsequent crashes inside
the guests glibc, e.g. output of qemu-arm-static --strace executing a
test binary stx_test:
1879 mmap2(NULL,
8388608,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS|0x20000,-1,0) = 0x00000000
1879 write(2,0xf6fd39d0,79) stx_test: allocatestack.c:514: allocate_stack: Assertion `mem != NULL' failed.
This patch fixes mmap_find_vma_reserved() by skipping NULL as start
address while searching for a suitable mapping start address.
CC: Riku Voipio <riku.voipio@iki.fi>
CC: Laurent Vivier <laurent@vivier.eu>
CC: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Maximilian Riemensberger <riemensberger@cadami.net>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <
1515286904-86418-1-git-send-email-riemensberger@cadami.net>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Peter Maydell [Fri, 15 Dec 2017 15:18:00 +0000 (15:18 +0000)]
linux-user: Translate flags argument to dup3 syscall
The third argument to dup3() is a flags word which may be
O_CLOEXEC. We weren't translating this flag from target to
host value, which meant that if the target used a different
value from the host (eg sparc guest and x86 host) the dup3()
call would fail EINVAL. Do the correct translation.
Fixes: https://bugs.launchpad.net/qemu/+bug/
1704658
Reported-by: Bruno Haible <bruno@clisp.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <
1513351080-25917-1-git-send-email-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Peter Maydell [Fri, 15 Dec 2017 13:52:56 +0000 (13:52 +0000)]
linux-user: Don't use CMSG_ALIGN(sizeof struct cmsghdr)
The Linux struct cmsghdr is already guaranteed to be sufficiently
aligned that CMSG_ALIGN(sizeof struct cmsghdr) is always equal
to sizeof struct cmsghdr. Stop doing the unnecessary alignment
arithmetic for host and target cmsghdr.
This follows kernel commit
1ff8cebf49ed9e9ca2 and brings our
TARGET_CMSG_* macros back into line with the kernel ones,
as well as making them easier to understand.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <
1513345976-22958-3-git-send-email-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Peter Maydell [Fri, 15 Dec 2017 13:52:55 +0000 (13:52 +0000)]
linux-user: Fix length calculations in host_to_target_cmsg()
The handling of length calculations in host_to_target_cmsg()
was rather confused:
* when checking for whether the target cmsg header fit in
the remaining buffer, we were using the host struct size,
not the target size
* we were setting tgt_len to "target payload + header length"
but then using it as if it were the target payload length alone
* in various message type cases we weren't handling the possibility
that host or target buffers were truncated
Fix these problems. The second one in particular is liable
to result in us overrunning the guest provided buffer,
since we will try to convert more data than is actually
present.
Fixes: https://bugs.launchpad.net/qemu/+bug/
1701808
Reported-by: Bruno Haible <bruno@clisp.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <
1513345976-22958-2-git-send-email-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Peter Maydell [Thu, 7 Dec 2017 12:41:21 +0000 (12:41 +0000)]
linux-user: wrap fork() in a start/end exclusive section
When we do a fork() in usermode emulation, we need to be in
a start/end exclusive section, so that we can ensure that no
other thread is in an RCU section. Otherwise you can get this
deadlock:
- fork thread: has mmap_lock, waits for rcu_sync_lock
(because rcu_init_lock() is registered as a pthread_atfork() hook)
- RCU thread: has rcu_sync_lock, waits for rcu_read_(un)lock
- another CPU thread: in RCU critical section, waits for mmap_lock
This can show up if you have a heavily multithreaded guest program
that does a fork().
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reported-by: Stuart Monteith <stuart.monteith@linaro.org>
Message-Id: <
1512650481-1723-1-git-send-email-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Peter Maydell [Mon, 4 Dec 2017 14:22:11 +0000 (14:22 +0000)]
linux-user: Fix locking order in fork_start()
Our locking order is that the tb lock should be taken
inside the mmap_lock, but fork_start() grabs locks the
other way around. This means that if a heavily multithreaded
guest process (such as Java) calls fork() it can deadlock,
with the thread that called fork() stuck in fork_start()
with the tb lock and waiting for the mmap lock, but some
other thread in tb_find() with the mmap lock and waiting
for the tb lock. The cpu_list_lock() should also always be
taken last, not first.
Fix this by making fork_start() grab the locks in the
right order. The order in which we drop locks doesn't
matter, so we leave fork_end() the way it is.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Cc: qemu-stable@nongnu.org
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <
1512397331-15238-1-git-send-email-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Peter Maydell [Tue, 23 Jan 2018 13:10:24 +0000 (13:10 +0000)]
Merge remote-tracking branch 'remotes/cohuck/tags/s390x-
20180122' into staging
Various fixes/improvements, and support for the new 81/82
facility bits.
# gpg: Signature made Mon 22 Jan 2018 11:54:46 GMT
# gpg: using RSA key 0xDECF6B93C6F02FAF
# gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>"
# gpg: aka "Cornelia Huck <huckc@linux.vnet.ibm.com>"
# gpg: aka "Cornelia Huck <cornelia.huck@de.ibm.com>"
# gpg: aka "Cornelia Huck <cohuck@kernel.org>"
# gpg: aka "Cornelia Huck <cohuck@redhat.com>"
# Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0 18CE DECF 6B93 C6F0 2FAF
* remotes/cohuck/tags/s390x-
20180122:
s390x/kvm: provide stfle.81
s390x/kvm: Handle bpb feature
linux-headers: update
s390x/tcg: fixup TEST PROTECTION
s390x: fix storage attributes migration for non-small guests
hw/s390x: Replace fprintf(stderr, "*\n" with qemu_log_mask()
s390x/sclp: fix missing be conversion
s390x/tcg: implement TEST PROTECTION
s390x/sclp: fixup highest CPU address
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Kevin Wolf [Tue, 23 Jan 2018 11:40:45 +0000 (12:40 +0100)]
Merge remote-tracking branch 'mreitz/tags/pull-block-2018-01-23' into queue-block
Block patches
# gpg: Signature made Tue Jan 23 12:35:11 2018 CET
# gpg: using RSA key
F407DB0061D5CF40
# gpg: Good signature from "Max Reitz <mreitz@redhat.com>"
# Primary key fingerprint: 91BE B60A 30DB 3E88 57D1 1829 F407 DB00 61D5 CF40
* mreitz/tags/pull-block-2018-01-23: (25 commits)
iotests: Disable some tests for compat=0.10
iotests: Split 177 into two parts for compat=0.10
iotests: Make 059 pass on machines with little RAM
iotests: Filter compat-dependent info in 198
iotests: Make 191 work with qcow2 options
iotests: Make 184 image-less
iotests: Make 089 compatible with compat=0.10
iotests: Fix 067 for compat=0.10
iotests: Fix 059's reference output
iotests: Fix 051 for compat=0.10
iotests: Fix 020 for vmdk
iotests: Skip 103 for refcount_bits=1
iotests: Forbid 020 for non-file protocols
iotests: Drop format-specific in _filter_img_info
iotests: Fix _img_info for backslashes
block/vmdk: Add blkdebug events
block/qcow: Add blkdebug events
qcow2: No persistent dirty bitmaps for compat=0.10
block/vmdk: Fix , instead of ; at end of line
qemu-iotests: Fix locking issue in 102
...
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Max Reitz [Wed, 17 Jan 2018 16:54:20 +0000 (10:54 -0600)]
iotests: Disable some tests for compat=0.10
Tests 080, 130, 137, and 176 simply do not work with compat=0.10 for the
reasons stated there.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <
20171123020832.8165-10-mreitz@redhat.com>
[eblake: fix 177 in a separate commit]
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-id:
20180117165420.15946-3-eblake@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
Eric Blake [Wed, 17 Jan 2018 16:54:19 +0000 (10:54 -0600)]
iotests: Split 177 into two parts for compat=0.10
When originally written, test 177 explicitly took care to run
with compat=0.10. Then I botched my own test in commit
81c219ac and
f0a9c18f, by adding additional actions that require
v3 images. Split out the new code into a new v3-only test, 204,
and revert 177 back to its original state other than a new comment.
Reported-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-id:
20180117165420.15946-2-eblake@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Wed, 29 Nov 2017 19:24:11 +0000 (20:24 +0100)]
iotests: Make 059 pass on machines with little RAM
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171129192411.6637-1-mreitz@redhat.com
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Thu, 23 Nov 2017 02:08:32 +0000 (03:08 +0100)]
iotests: Filter compat-dependent info in 198
There is a bit of image-specific information which depends on the qcow2
compat level. Filter it so that 198 works with compat=0.10 (and any
refcount_bits value).
Note that we cannot simply drop the --format-specific switch because we
do need the "encrypt" information.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171123020832.8165-18-mreitz@redhat.com
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Thu, 23 Nov 2017 02:08:31 +0000 (03:08 +0100)]
iotests: Make 191 work with qcow2 options
In order for 191 to work with an explicit refcount_bits or compat=0.10,
we should strip format-specific information from the output--and we can
do so by using _filter_img_info.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171123020832.8165-17-mreitz@redhat.com
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Thu, 23 Nov 2017 02:08:30 +0000 (03:08 +0100)]
iotests: Make 184 image-less
184 does not need an image, so don't use one.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171123020832.8165-16-mreitz@redhat.com
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Thu, 23 Nov 2017 02:08:29 +0000 (03:08 +0100)]
iotests: Make 089 compatible with compat=0.10
The only thing that is missing is a _filter_img_info after the
"$QEMU_IO -c info" invocations.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171123020832.8165-15-mreitz@redhat.com
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Thu, 23 Nov 2017 02:08:28 +0000 (03:08 +0100)]
iotests: Fix 067 for compat=0.10
067 works very well with compat=0.10 once you remove format-specific
information from the QMP output.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171123020832.8165-14-mreitz@redhat.com
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Thu, 23 Nov 2017 02:08:27 +0000 (03:08 +0100)]
iotests: Fix 059's reference output
As of commit
9877860e7bd1e26ee70ab9bb5ebc34c92bf23bf5, vmdk fails
differently when opening the sample image.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171123020832.8165-13-mreitz@redhat.com
Reviewed-by: John Snow <jsnow@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Thu, 23 Nov 2017 02:08:26 +0000 (03:08 +0100)]
iotests: Fix 051 for compat=0.10
051 has both compat=1.1 and compat=0.10 tests (once it uses
lazy_refcounts, once it tests that setting them does not work).
For the compat=0.10 tests, it already explicitly creates a suitable
image. So let's just ignore the user-specified compat level for the
lazy_refcounts test and explicitly create a compat=1.1 image there, too.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171123020832.8165-12-mreitz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Thu, 23 Nov 2017 02:08:25 +0000 (03:08 +0100)]
iotests: Fix 020 for vmdk
vmdk cannot work with anything but vmdk backing files, so make the
backing file be the same format as the overlay.
Reported-by: John Snow <jsnow@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171123020832.8165-11-mreitz@redhat.com
Reviewed-by: John Snow <jsnow@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Thu, 23 Nov 2017 02:08:23 +0000 (03:08 +0100)]
iotests: Skip 103 for refcount_bits=1
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171123020832.8165-9-mreitz@redhat.com
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Thu, 23 Nov 2017 02:08:22 +0000 (03:08 +0100)]
iotests: Forbid 020 for non-file protocols
This test does funny things like TEST_IMG="TEST_IMG.base" _make_test_img
that usually only work with the file protocol. More specifically, they
do not work with the most interesting non-file protocols, so we might as
well skip this for anything but file.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171123020832.8165-8-mreitz@redhat.com
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Thu, 23 Nov 2017 02:08:21 +0000 (03:08 +0100)]
iotests: Drop format-specific in _filter_img_info
_filter_img_info should remove format-specific information, too. We
already have such a filter in _img_info, and it is very useful for
query-block-named-block-nodes (etc.), too.
However, in 198 we need that information (but we still want the rest of
the filter), so make that filtering optional. Note that "the rest of
the filter" includes filtering of the test directory, so we can drop the
_filter_testdir from 198 at the same time.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171123020832.8165-7-mreitz@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Thu, 23 Nov 2017 02:08:20 +0000 (03:08 +0100)]
iotests: Fix _img_info for backslashes
read without -r eats backslashes.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171123020832.8165-6-mreitz@redhat.com
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Thu, 23 Nov 2017 02:08:19 +0000 (03:08 +0100)]
block/vmdk: Add blkdebug events
This is certainly not complete, but it includes at least write_aio and
read_aio.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171123020832.8165-5-mreitz@redhat.com
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Thu, 23 Nov 2017 02:08:18 +0000 (03:08 +0100)]
block/qcow: Add blkdebug events
This is not necessarily complete, but it should include the most
important places.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171123020832.8165-4-mreitz@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Thu, 23 Nov 2017 02:08:17 +0000 (03:08 +0100)]
qcow2: No persistent dirty bitmaps for compat=0.10
Persistent dirty bitmaps require a properly functioning
autoclear_features field, or we cannot track when an unsupporting
program might overwrite them. Therefore, we cannot support them for
compat=0.10 images.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171123020832.8165-3-mreitz@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Thu, 23 Nov 2017 02:08:16 +0000 (03:08 +0100)]
block/vmdk: Fix , instead of ; at end of line
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171123020832.8165-2-mreitz@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Wed, 29 Nov 2017 18:51:02 +0000 (19:51 +0100)]
qemu-iotests: Fix locking issue in 102
102 truncates a qcow2 file (the raw file) on purpose while a VM is
running. However, image locking will usually prevent exactly this.
The fact that most people have not noticed until now (I suppose you may
have seen sporadic failures, but not taken them too seriously, like me)
further shows that this truncation is actually not really done
concurrently, but that the VM is still starting up by this point and has
not yet opened the image. Remedy this by waiting for the monitor shell
to appear before the qemu-img invocation so we know the VM is up.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171129185102.29390-1-mreitz@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Fri, 10 Nov 2017 22:43:02 +0000 (23:43 +0100)]
blockdev: Mark BD-{remove,insert}-medium stable
Now that iotest 093 test proves that the throttling configuration
survives a blockdev-remove-medium/blockdev-insert-medium pair, the
original reason for declaring these commands experimental is gone
(see commit
6e0abc251dd4f8eba1f53656dfede12e5840e83b).
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171110224302.14424-5-mreitz@redhat.com
Reviewed-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Fri, 10 Nov 2017 22:43:01 +0000 (23:43 +0100)]
blockdev: Drop BD-{remove,insert}-medium's @device
This is an incompatible change, which is fine as the commands are
experimental.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171110224302.14424-4-mreitz@redhat.com
Reviewed-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Fri, 10 Nov 2017 22:43:00 +0000 (23:43 +0100)]
tests/ahci: Switch tray and medium commands to @id
Currently, the tray and medium commands in the AHCI test use the
deprecated @device parameter. This patch switches all invocations over
to use @id.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171110224302.14424-3-mreitz@redhat.com
Reviewed-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Fri, 10 Nov 2017 22:42:59 +0000 (23:42 +0100)]
iotests: Make BD-{remove,insert}-medium use @id
In some cases, these commands still use the deprecated @device
parameter. Fix that so we can later drop that parameter from their
interface.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171110224302.14424-2-mreitz@redhat.com
Reviewed-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Max Reitz [Fri, 10 Nov 2017 20:37:59 +0000 (21:37 +0100)]
qcow2: Repair unaligned preallocated zero clusters
We can easily repair unaligned preallocated zero clusters by discarding
them, so why not do it?
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id:
20171110203759.14018-2-mreitz@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Daniel Henrique Barboza [Tue, 5 Dec 2017 13:35:08 +0000 (11:35 -0200)]
tests/qemu-iotests: adding savevm/loadvm with postcopy flag test
This patch implements a test case for the scenario that was failing
prior to the patch "migration/ram.c: do not set 'postcopy_running' in
POSTCOPY_INCOMING_END", commit
acab30b85d.
This new test file 201 was derived from the test file 181 authored
by Kevin Wolf.
CC: Kevin Wolf <kwolf@redhat.com>
CC: Max Reitz <mreitz@redhat.com>
CC: Cleber Rosa <crosa@redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Kevin Wolf [Mon, 8 Jan 2018 15:30:24 +0000 (16:30 +0100)]
tests/.gitignore: Add test-bdrv-drain
Commit
881cfd17 added a new test binary, include it in .gitignore.
Reported-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Hikaru Nishida [Mon, 18 Dec 2017 05:00:43 +0000 (14:00 +0900)]
hw/block: Fix pin-based interrupt behaviour of NVMe
Pin-based interrupt of NVMe controller did not work properly
because using an obsolated function pci_irq_pulse().
To fix this, change to use pci_irq_assert() / pci_irq_deassert()
instead of pci_irq_pulse().
Signed-off-by: Hikaru Nishida <hikarupsp@gmail.com>
Reviewed-by: Keith Busch <keith.busch@intel.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Fam Zheng [Tue, 26 Dec 2017 06:53:00 +0000 (14:53 +0800)]
osdep: Retry SETLK upon EINTR
We could hit lock failure if there is a signal that makes fcntl return
-1 and errno set to EINTR. In this case we should retry.
Cc: qemu-stable@nongnu.org
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Peter Maydell [Tue, 23 Jan 2018 10:15:09 +0000 (10:15 +0000)]
Merge remote-tracking branch 'remotes/huth/tags/pull-request-2018-01-22' into staging
Pull request for various patches that have been reviewed and
laying on the mailing list for a while, but apparently no
maintainer feels really responsible for picking up.
# gpg: Signature made Mon 22 Jan 2018 11:10:16 GMT
# gpg: using RSA key 0x2ED9D774FE702DB5
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>"
# gpg: aka "Thomas Huth <thuth@redhat.com>"
# gpg: aka "Thomas Huth <huth@tuxfamily.org>"
# gpg: aka "Thomas Huth <th.huth@posteo.de>"
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3 EAB9 2ED9 D774 FE70 2DB5
* remotes/huth/tags/pull-request-2018-01-22:
hw/isa: Replace fprintf(stderr, "*\n" with error_report()
hw/ipmi: Replace fprintf(stderr, "*\n" with error_report()
hw/bt: Replace fprintf(stderr, "*\n" with error_report()
Fixes after renaming __FUNCTION__ to __func__
Replace all occurances of __FUNCTION__ with __func__
tests/cpu-plug-test: Test CPU hot-plugging on s390x
tests/cpu-plug-test: Check CPU hot-plugging on ppc64, too
tests/cpu-plug-test: Check the CPU hot-plugging with device_add, too
tests: Rename pc-cpu-test.c to cpu-plug-test.c
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Mon, 22 Jan 2018 13:20:14 +0000 (13:20 +0000)]
migration: Revert postcopy-blocktime commit set
This reverts commits
ca6011c migration: add postcopy total blocktime into query-migrate
5f32dc8 migration: add blocktime calculation into migration-test
2f7dae9 migration: postcopy_blocktime documentation
3be98be migration: calculate vCPU blocktime on dst side
01a87f0 migration: add postcopy blocktime ctx into MigrationIncomingState
31bf06a migration: introduce postcopy-blocktime capability
as they don't build on ppc32 due to trying to do atomic accesses
on types that are larger than the host pointer type.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Max Filippov [Thu, 18 Jan 2018 18:08:49 +0000 (10:08 -0800)]
target/xtensa: disas/xtensa: fix coverity warnings
Coverity warnings CID
1385146,
1385148 1385149 and
1385150 point that
xtensa_opcode_num_operands and xtensa_format_num_slots may return -1
even when xtensa_opcode_decode and xtensa_format_decode succeed. In that
case unsigned counters used to iterate through operands/slots will not
do the right thing.
Make counters and loop bounds signed to fix the warnings.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Max Filippov [Thu, 11 Jan 2018 19:13:01 +0000 (11:13 -0800)]
target/xtensa: add sample_controller core
The sample_controller core is a simple noMMU general purpose core, modern
analog of de212. It is used as a default core in the xtensa port of
Zephyr.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Max Filippov [Thu, 11 Jan 2018 20:56:45 +0000 (12:56 -0800)]
target/xtensa: allow different default CPU for MMU/noMMU
Define default core for noMMU configurations and use that core as
machine default with noMMU XTFPGA machines.
This is done to avoid offering non-working configuration (MMU core on a
noMMU machine) as a default.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Edgar Kaziakhmedov [Fri, 12 Jan 2018 09:01:22 +0000 (12:01 +0300)]
block/parallels: add backing support to readv/writev
Since parallels format supports backing files, refine
readv/writev (allocate_clusters) to redirect read/write requests
to a backing file (if cluster is not available in the current bs).
Signed-off-by: Edgar Kaziakhmedov <edgar.kaziakhmedov@virtuozzo.com>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Klim Kireev <klim.kireev@virtuozzo.com>
Message-id:
20180112090122.1702-6-klim.kireev@virtuozzo.com
CC: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Klim Kireev [Fri, 12 Jan 2018 09:01:21 +0000 (12:01 +0300)]
block/parallels: replace some magic numbers
Signed-off-by: Klim Kireev <klim.kireev@virtuozzo.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Edgar Kaziakhmedov <edgar.kaziakhmedov@virtuozzo.com>
Message-id:
20180112090122.1702-5-klim.kireev@virtuozzo.com
CC: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Klim Kireev [Fri, 12 Jan 2018 09:01:20 +0000 (12:01 +0300)]
block/parallels: move some structures into header
To implement xml format, some defines and structures
from parallels.c are required.
Signed-off-by: Klim Kireev <klim.kireev@virtuozzo.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Edgar Kaziakhmedov <edgar.kaziakhmedov@virtuozzo.com>
Message-id:
20180112090122.1702-4-klim.kireev@virtuozzo.com
CC: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Klim Kireev [Fri, 12 Jan 2018 09:01:19 +0000 (12:01 +0300)]
configure: add dependency
This dependency is required for adequate Parallels images support.
Typically the disk consists of several images which are glued by
XML disk descriptor. Also XML hides inside several important parameters
which are not available in the image header.
The patch also adds clause to checkpatch.pl to understand libxml2 types.
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Klim Kireev <klim.kireev@virtuozzo.com>
Signed-off-by: Edgar Kaziakhmedov <edgar.kaziakhmedov@virtuozzo.com>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-id:
20180112090122.1702-3-klim.kireev@virtuozzo.com
CC: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Klim Kireev [Fri, 12 Jan 2018 09:01:18 +0000 (12:01 +0300)]
docs/interop/prl-xml: description of Parallels Disk format
This patch adds main information about Parallels Disk
format, which consists of DiskDescriptor.xml and other files.
Signed-off-by: Edgar Kaziakhmedov <edgar.kaziakhmedov@virtuozzo.com>
Signed-off-by: Klim Kireev <klim.kireev@virtuozzo.com>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
Message-id:
20180112090122.1702-2-klim.kireev@virtuozzo.com
CC: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Stefan Hajnoczi [Wed, 17 Jan 2018 09:07:00 +0000 (09:07 +0000)]
block: add block_set_io_throttle virtio-blk-pci QMP example
The block_set_io_throttle command can look up BlockBackends by the
attached qdev device ID. virtio-blk-pci is a special case because the
actual VirtIOBlock device is the "/virtio-backend" child of the PCI
adapter device.
Add a QMP schema example so clients will know how to use
block_set_io_throttle on the virtio-blk-pci device.
The alternative is to implement some sort of aliasing for qmp_get_blk()
but that is likely to cause confusion and could break future use cases.
Let's not go there.
Cc: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Message-id:
20180117090700.25811-1-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
OSDN Git Service
