Current code silently changes the authentication settings
in case you try to set a password without password authentication
turned on. This is bad. Return an error instead.
If we want allow changing auth settings at runtime this should
be done explicitly using a separate monitor command, not as
side effect of set_passwd.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
We can pick the usb port speed in generic code, by looking at the port
and device speed masks and looking for the fastest match. So add a
function to do exactly that, and drop the speed setting code from
usb_desc_attach as it isn't needed any more.
This way we can set the device speed before calling port->ops->attach,
which fixes some xhci hotplug issues.
https://bugzilla.redhat.com/show_bug.cgi?id=1046873
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Extend compatibility test function to also figure whenever usb3
devices can be supported on ehci. Tweak ep0 maxpacketsize field
due to usb2 <-> usb3 difference.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
* Attach usb devices to the bus.
* Check initial port status register state.
* Flip ehci initialization bit.
* Check port status register state again to
see whenever device handover to ehci worked.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This reverts commit 1fba509527.
That commit converted various fprintf(stderr, ...) calls to
use error_report(); however none of these bsd-user files include
a header which gives a prototype for error_report, so this
causes compiler warnings. Since these are just straightforward
reporting of command line errors, we should handle these in the
obvious way by printing to stderr, as we do for linux-user.
There's no need to drag in the error-handling framework for this,
especially since user-mode doesn't have the "maybe we need to
send this to the monitor" issues system emulation does.
Acked-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
img_check() should report that the format of the given image does not
support checks even if JSON output is desired. JSON data is output to
stdout, as opposed to error messages, which are (in the case of
qemu-img) printed to stderr. Therefore, it is easy to distinguish
between the two.
Also, img_info() does already use error_report() for human-readable
messages even though JSON output is desired (through
collect_image_info_list()).
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
We need to ensure ret < 0 when going through the error path, or QEMU may
try to run the half-initialized VM and crash.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This patch uses the new IOMMU notifiers to allow VFIO pass through devices
to work with guest side IOMMUs, as long as the host-side VFIO iommu has
sufficient capability and granularity to match the guest side. This works
by tracking all map and unmap operations on the guest IOMMU using the
notifiers, and mirroring them into VFIO.
There are a number of FIXMEs, and the scheme involves rather more notifier
structures than I'd like, but it should make for a reasonable proof of
concept.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
So far, VFIO has a notion of different logical DMA address spaces, but
only ever uses one (system memory). This patch extends this, creating
new VFIOAddressSpace objects as necessary, according to the AddressSpace
reported by the PCI subsystem for this device's DMAs.
This isn't enough yet to support guest side IOMMUs with VFIO, but it does
mean we could now support VFIO devices on, for example, a guest side PCI
host bridge which maps system memory at somewhere other than 0 in PCI
space.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
The only model so far supported for VFIO passthrough devices is the model
usually used on x86, where all of the guest's RAM is mapped into the
(host) IOMMU and there is no IOMMU visible in the guest.
This patch begins to relax this model, introducing the notion of a
VFIOAddressSpace. This represents a logical DMA address space which will
be visible to one or more VFIO devices by appropriate mapping in the (host)
IOMMU. Thus the currently global list of containers becomes local to
a VFIOAddressSpace, and we verify that we don't attempt to add a VFIO
group to multiple address spaces.
For now, only one VFIOAddressSpace is created and used, corresponding to
main system memory, that will change in future patches.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
This reworks vfio_connect_container() and vfio_get_group() to have
common exit path at the end of the function bodies.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Upcoming VFIO on SPAPR PPC64 support will initialize the IOMMU
memory region with UINT64_MAX (2^64 bytes) size so int128_get64()
will assert.
The patch takes care of this check. The existing type1 IOMMU code
is not expected to map all 64 bits of RAM so the patch does not
touch that part.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
This adds macro to extend signed 64bit value to signed 128bit value.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
At the moment, most AddressSpace objects last as long as the guest system
in practice, but that could well change in future. In addition, for VFIO
we will be introducing some private per-AdressSpace information, which must
be disposed of before the AddressSpace itself is destroyed.
To reduce the chances of subtle bugs in this area, this patch adds
asssertions to ensure that when an AddressSpace is destroyed, there are no
remaining MemoryListeners using that AS as a filter.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
This device is ridiculous. It has two MMIO BARs, BAR4 and BAR2. BAR4
hosts the MSI-X table, so oviously it would be too easy to access it
directly, instead it creates a window register in BAR2 that, among
other things, provides access to the MSI-X table. This means MSI-X
doesn't work in the guest because the driver actually manages to
program the physical table. When interrupt remapping is present, the
device MSI will be blocked. The Linux driver doesn't make use of this
window, so apparently it's not required to make use of MSI-X. This
quirk makes the device work with the Windows driver that does use this
window for MSI-X, but I certainly cannot recommend this device for
assignment (the Windows 7 driver also constantly pokes PCI config
space).
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
In vmdk_create and vmdk_create_extent, initialize local_err before using
it, and don't leak it on error.
Reported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
In the MacOSX specific code in raw-posix.c we use the define
LONG_LONG_MAX. This is actually a non-standard pre-C99 define;
switch to using the standard LLONG_MAX instead.
This apparently fixes a compilation failure with certain
compiler/OS versions (though it is unclear which).
Reported-by: Peter Bartoli <peter@bartoli.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Introduced in commit 661a0f7. Spotted by Coverity.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Has always been leaky. Spotted by Coverity.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Has always been leaky. Spotted by Coverity.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
On error path. Introduced in commit a046433a. Spotted by Coverity.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Introduced in commit a8d8ecb. Spotted by Coverity.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
bs_opts is leaked on all paths from its qdev_new() that don't got
through blockdev_init(). Add the missing QDECREF(), and zap bs_opts
after blockdev_init(), so the new QDECREF() does nothing when we go
through blockdev_init().
Leak introduced in commit f298d07. Spotted by Coverity.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
blockdev_init() leaks bs_opts when qemu_opts_create() fails, i.e. when
the ID is bad. Missed in commit ec9c10d.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Instead of ignoring all option values but the last one, multiple -o
options now have the same meaning as having a single option with all
settings in the order of their respective -o options.
Same as commit 2dc8328 for qemu-img convert, except here we do it with
QemuOpts rather than QEMUOptionParameter.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Introduced in commit da557a. Spotted by Coverity.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Introduced in commit 5a8a30d. Spotted by Coverity.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
I figure the leak originated in bdrv_create2(), and was duplicated
into callers when commit 91a073a dropped that function. Looks like
the other places have since been fixed.
Spotted by Coverity.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Introduced in commit a283cb6; mostly harmless. Spotted by Coverity.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
* qom-test extension
* QEMUMachineInitArgs conversion to MachineState
* -machine options turned into /machine properties
* Named GPIO IRQs for devices
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAABAgAGBQJThhu0AAoJEPou0S0+fgE/tokP/i3xzx9zYMPSVkymwKsozTsV
j7+aW6/XhRom7V3pmGGSeG8OrRjH4rC9tiS3610+gks/tfE5RtqvNVotJ1Py7EVW
BoBNOHG9Lsx8UZVarO+aiQnqDJgKpEzkTb5cD5hopQ4c0jTrXWa0JCRGG0nxLSU/
vVnIkOs2FgzyJio5j9IX+ULyA6MYA0iZDBKCfuk0S7RiIRm0VopXftcREbiA8rXN
1pJXVY7ciLdJLOk+m7o7BD/b9KcRVKFkWkS2BhcF4HbdTbKmannDCxuyYTJ+y9vn
Lxo/sDzIZl4bknKmTM2lVQ50QpVWvNOoS6nwmvx2fVeiLIt+URoYmQh61O9xYO3H
Lb+I68X4NYIz59nzgQPFMUjzbqI3xriO9A7/SSZt5GO0ylCwcELpzSFYZyYorVDQ
KxVpJG+o4ZYuDw4oOySKitVtmPyR7/uXjlhJOYWs8w0pwX3ffj2lHCFFQDWwAIwG
1lT+whTCSyonpAGbn6WM5Cn7cuKWyD9swHEgxTVAcR9wwT9WYkZYGiQQRuVzIfg7
KJoJJcS7CDvci6vKlpzGuxi0bF8AxLMcvEfHfdQUu1vKEbOno2dDpsksWxPhvwSn
n4E+LZYgtAjDvib+otrVM+dPZRSPVyWh/bvK+Cu4BHT/uTbW/SA+Hq1wzgxOUArF
e1aoE6qUtGfh7elgK5W3
=JVpT
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/afaerber/tags/qom-devices-for-peter' into staging
QOM/QTest infrastructure fixes and device conversions
* qom-test extension
* QEMUMachineInitArgs conversion to MachineState
* -machine options turned into /machine properties
* Named GPIO IRQs for devices
# gpg: Signature made Wed 28 May 2014 18:24:04 BST using RSA key ID 3E7E013F
# gpg: Can't check signature: public key not found
* remotes/afaerber/tags/qom-devices-for-peter:
ssi: Name the CS GPIO
qdev: Implement named GPIOs
machine: Make -machine opts properties of MachineState
tests: Check empty QMP output visitor
qapi: Avoid output visitor crashing if it encounters a NULL value
vl.c: Do not set 'type' property in obj_set_property()
machine: Conversion of QEMUMachineInitArgs to MachineState
qom-test: Test qom-list on link<> properties
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* remotes/rth/tcg-next:
tcg/optimize: Remember garbage high bits for 32-bit ops
tcg/optimize: Move updating of gen_opc_buf into tcg_opt_gen_mov*
tcg-sparc: Make debug_frame const
tcg-s390: Make debug_frame const
tcg-arm: Make debug_frame const
tcg-aarch64: Make debug_frame const
tcg-i386: Make debug_frame const
tcg: Allow the debug_frame data structure to be constant
tcg: Move size effects out of dh_arg
tcg: Remove sizemask and flags arguments to tcg_gen_callN
tcg: Save flags and computed sizemask in TCGHelperInfo
tcg: Register the helper info struct rather than the name
tcg: Move side effects out of dh_sizemask
tcg: Inline tcg_gen_helperN
tcg: Use helper-gen.h in tcg-op.h
tcg: Push tcg-runtime routines into exec/helper-*
tcg: Invert the inclusion of helper.h
tcg: Optimize brcond2 and setcond2 ne/eq
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
For a 64-bit host, the high bits of a register after a 32-bit operation
are undefined. Adjust the temps mask for all 32-bit ops to reflect that.
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>