Commit Graph

15951 Commits

Author SHA1 Message Date
Amit Shah
73428a8ed5 balloon: Fix header comment; add Copyright
Signed-off-by: Amit Shah <amit.shah@redhat.com>
2011-08-04 16:43:09 -05:00
Amit Shah
30fb2ca603 balloon: Separate out stat and balloon handling
Passing on '0' as ballooning target to indicate retrieval of stats is
bad API.  It also makes 'balloon 0' in the monitor cause a segfault.
Have two different functions handle the different functionality instead.

Detailed explanation from Markus's review:

1. do_info_balloon() is an info_async() method.  It receives a callback
   with argument, to be called exactly once (callback frees the
   argument).  It passes the callback via qemu_balloon_status() and
   indirectly through qemu_balloon_event to virtio_balloon_to_target().

   virtio_balloon_to_target() executes its balloon stats half.  It
   stores the callback in the device state.

   If it can't send a stats request, it resets stats and calls the
   callback right away.

   Else, it sends a stats request.  The device model runs the callback
   when it receives the answer.

   Works.

2. do_balloon() is a cmd_async() method.  It receives a callback with
   argument, to be called when the command completes.  do_balloon()
   calls it right before it succeeds.  Odd, but should work.

   Nevertheless, it passes the callback on via qemu_ballon() and
   indirectly through qemu_balloon_event to virtio_balloon_to_target().

   a. If the argument is non-zero, virtio_balloon_to_target() executes
      its balloon half, which doesn't use the callback in any way.

      Odd, but works.

   b. If the argument is zero, virtio_balloon_to_target() executes its
      balloon stats half, just like in 1.  It either calls the callback
      right away, or arranges for it to be called later.

      Thus, the callback runs twice: use after free and double free.

Test case: start with -S -device virtio-balloon, execute "balloon 0" in
human monitor.  Runs the callback first from virtio_balloon_to_target(),
then again from do_balloon().

Reported-by: Mike Cao <bcao@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
2011-08-04 16:43:09 -05:00
Amit Shah
dce911c753 virtio-balloon: Separate status handling into separate function
Separate out the code to retrieve balloon info from the code that sets
balloon values.

This will be used to separate the two callbacks from balloon.c and help
cope with 'balloon 0' on the monitor.  Currently, 'balloon 0' causes a
segfault in monitor_resume().

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
2011-08-04 16:43:09 -05:00
Amit Shah
182b9203f8 balloon: Simplify code flow
Replace:
  if (foo) {
    ...
  } else {
    return 0;
  }

by

  if (!foo) {
    return 0;
  }
  ...

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
2011-08-04 16:43:09 -05:00
Amit Shah
b80bc1ddb2 balloon: Add braces around if statements
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
2011-08-04 16:43:08 -05:00
Amit Shah
0a2a30d5ad balloon: Make functions, local vars static
balloon.h had function declarations for a couple of functions that are
local to balloon.c.  Make them static.

Drop the 'qemu_' prefix for balloon.c-local variables, and make them
static.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
2011-08-04 16:43:08 -05:00
Gerd Hoffmann
fb8f4ceeb8 bluetooth: kill dummy usb device, use hid code directly.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-08-04 15:51:51 +02:00
Gerd Hoffmann
b069d3488f hid: move idle+protocol from usb-hid to hid too.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-08-04 15:51:51 +02:00
Gerd Hoffmann
dcfda67310 usb-hid: split hid code to hw/hid.[ch]
Almost pure code motion.  Unstatic hid interface functions and add
them to the header file.  Some renames.  Some code style cleanups.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-08-04 15:51:51 +02:00
Gerd Hoffmann
38931fa8cf usb-hid: add hid_has_events()
Add hid_has_events function, use it to figure whenever there are pending
events instead of checking and updating USBHIDState->changed.

Setting ->changed to 1 on init is removed, that should have absolutely
no effect as the initial state of ->idle is 0 so we report hid state
anyway until the guest configures some idle time.  Also should clear
->idle on reset.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-08-04 15:51:51 +02:00
Gerd Hoffmann
8bde680541 usb-hid: add event callback
Add callback for event notification, which allows to un-usbify more
functions.  Also split separate hid_* functions for reset and release.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-08-04 15:51:51 +02:00
Gerd Hoffmann
0d878eec1e usb-hid: create & use HIDState
First step in separating out the HID emulation code from usb-hid, so it
can be reused without creating a dummy usb device like bluetooth does.

This creates a HIDState struct, moves the non-usbish fields from
USBHIDStruct there.  Renames non-usbish structs, defines and functions
from usb* to hid*.  Adapts the code to that.

Also cleans up a bunch of code style issues along the way.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-08-04 15:51:51 +02:00
Gerd Hoffmann
0ce668bc52 ehci: iovec support, remove buffer
Map guest memory and pass on a direct pointer instead of copying
the bits to a indirect buffer.  EHCI transfer descriptors can
reference multiple (physical guest) pages so we'll actually start
seeing usb packets wich carry iovec with more than one element.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-08-04 15:51:30 +02:00
Gerd Hoffmann
df5e66eefb uhci: remove buffer
Map guest memory and pass on a direct pointer instead of copying
the bits to a indirect buffer.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-08-04 15:51:30 +02:00
Gerd Hoffmann
29c74f762b usb-storage: iovec support
Add full iovec support to usb-storage.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-08-04 15:51:30 +02:00
Gerd Hoffmann
b621bab436 usb-host: iovec support
Add full support for iovecs to usb-host.  The code can split large
transfers into smaller ones already, we are using this to also split
requests at iovec borders.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-08-04 15:51:29 +02:00
Gerd Hoffmann
9440b7e555 usb-serial: iovec support
Add full support for iovecs to usb-serial.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-08-04 15:51:29 +02:00
Gerd Hoffmann
4f4321c11f usb: use iovecs in USBPacket
Zap data pointer from USBPacket, add a QEMUIOVector instead.
Add a bunch of helper functions to manage USBPacket data.
Switch over users to the new interface.

Note that USBPacket->len was used for two purposes:  First to
pass in the buffer size and second to return the number of
transfered bytes or the status code on async transfers.  There
is a new result variable for the latter.  A new status code
was added to catch uninitialized result.

Nobody creates iovecs with more than one element (yet).
Some users are (temporarely) limited to iovecs with a single
element to keep the patch size as small as possible.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-08-04 15:51:22 +02:00
Gerd Hoffmann
d35bf9ade5 move QEMUSGList typedef
Move the QEMUSGList typedef to qemu-common so it can easily be used.
The actual struct definition stays in dma.h.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-08-04 15:51:22 +02:00
Gerd Hoffmann
8d15028ec0 Add iov_clear()
Fill the spefified area with zeros.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-08-04 15:51:22 +02:00
Gerd Hoffmann
3a1dca94d6 Add iov_hexdump()
Useful for debugging purposes.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-08-04 15:51:22 +02:00
Gerd Hoffmann
fa57ee8ed2 re-activate usb-host for bsd
A bunch of code was disabled via #if 0, for a quite long time (since
Sept 2009).  Surprisingly the code builds just fine when they are
removed (tested on OpenBSD).  /me wonders nevertheless whenever there
are any users of those bits when this went unnoticed for almost two
years ...

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-08-04 15:47:51 +02:00
Kevin Wolf
e7a8a7837a block: Use bdrv_co_* instead of synchronous versions in coroutines
If we're already in a coroutine, there is no reason to use the synchronous
version of block layer functions when a coroutine one exists. This makes
bdrv_read/write/flush use bdrv_co_* when used inside a coroutine.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-08-04 11:27:15 +02:00
Michael Walle
a6f4e09d90 lm32: softusb: claim to support full speed
The QEMU keyboard and mouse reports themselves as full speed devices,
though they are actually low speed devices. Until this is fixed, claim that
we are supporting full speed devices.

Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2011-08-04 01:14:22 +02:00
Michael S. Tsirkin
cb4b4fde82 vhost: remove an incorrect assert
The 'to' can go negative when the first region gets removed
(it gets incremented by to 0 immediately afterward), which
makes the assertion fail. Nothing breaks if
to < 0 here so just remove the assert.

Tested-by: David Ahern <daahern@cisco.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2011-08-03 18:00:53 +03:00
Fabien Chouteau
1ab74cea06 Delayed IP packets
In the current implementation, if Slirp tries to send an IP packet to a client
with an unknown hardware address, the packet is simply dropped and an ARP
request is sent (if_encap in slirp/slirp.c).

With this patch, Slirp will send the ARP request, re-queue the packet and try
to send it later. The packet is dropped after one second if the ARP reply is
not received.

Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2011-08-03 12:57:11 +02:00
Fabien Chouteau
1a0ca1e1f6 Simple ARP table
This patch adds a simple ARP table in Slirp and also adds handling of
gratuitous ARP requests.

Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2011-08-03 12:57:06 +02:00
Alexandre Raymond
793553acb3 Makefile: delete config.log in distclean
Distclean should remove anything created by the configure script.

Signed-off-by: Alexandre Raymond <cerbere@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2011-08-03 11:17:36 +01:00
Zhi Yong Wu
0f1b583ee7 HMP: Remove the duplicated info "info kvm" in hmp-commands.hx.
Signed-off-by: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2011-08-03 11:17:36 +01:00
Brad
d41a75a20f configure: display "no" for disabled kvm/vhost-net
Fix configure display for non-Linux OS's and the KVM /
vhost-net features to show "no" output instead of nothing
at the end of the line.

Signed-off-by: Brad Smith <brad@comstyle.com>
Acked-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2011-08-03 11:17:36 +01:00
Gerd Hoffmann
9197a7c8af qxl: bump pci rev
Inform guest drivers about the new features I/O commands we have
now (async commands, S3 support) if building with newer spice, i.e.
if SPICE_INTERFACE_QXL_MINOR >= 1.

sneaked in some 81+ column line spliting.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Alon Levy <alevy@redhat.com>
2011-08-03 12:03:06 +02:00
Alon Levy
3e16b9c534 qxl: add QXL_IO_FLUSH_{SURFACES,RELEASE} for guest S3&S4 support
Add two new IOs.
 QXL_IO_FLUSH_SURFACES - equivalent to update area for all surfaces, used
  to reduce vmexits from NumSurfaces to 1 on guest S3, S4 and resolution change (windows
  driver implementation is such that this is done on each of those occasions).
 QXL_IO_FLUSH_RELEASE - used to ensure anything on last_release is put on the release ring
  for the client to free.

Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-08-03 12:03:06 +02:00
Alon Levy
5ff4e36c80 qxl: async io support using new spice api
Some of the QXL port i/o commands are waiting for the spice server to
complete certain actions.  Add async versions for these commands, so we
don't block the vcpu while the spice server processses the command.
Instead the qxl device will raise an IRQ when done.

The async command processing relies on an added QXLInterface::async_complete
and added QXLWorker::*_async additions, in spice server qxl >= 3.1

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Alon Levy     <alevy@redhat.com>
2011-08-03 12:03:01 +02:00
Jan Kiszka
bafc72ab01 slirp: Take maintainer token
Anthony asked me to pick up the maintenance of this subsystem, and I
agreed.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2011-08-03 10:49:29 +02:00
Kevin Wolf
ba1d1afdfe posix-aio-compat: Allow read after EOF
In order to be able to transparently replace bdrv_read calls by bdrv_co_read,
reading beyond EOF must produce zeros instead of short reads for AIO, too.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-08-02 15:53:41 +02:00
Kevin Wolf
e680cfa7e2 coroutines: Use one global bottom half for CoQueue
Now that AsyncContexts don't exist any more, we can use one global bottom half
for restarting coroutines instead of allocating a new one every time (before
removing AsyncContexts, the problem with having a global BH was that it had to
belong to a single AsyncContexts and wouldn't be executed in a different one -
which leads to deadlocks)

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-08-02 15:53:41 +02:00
Kevin Wolf
384acbf46b async: Remove AsyncContext
The purpose of AsyncContexts was to protect qcow and qcow2 against reentrancy
during an emulated bdrv_read/write (which includes a qemu_aio_wait() call and
can run AIO callbacks of different requests if it weren't for AsyncContexts).

Now both qcow and qcow2 are protected by CoMutexes and AsyncContexts can be
removed.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-08-02 15:53:41 +02:00
Kevin Wolf
52b8eb6013 qcow: Use coroutines
The old qcow format is another user of the AsyncContext infrastructure.
Converting it to coroutines (and therefore CoMutexes) allows to remove
AsyncContexts.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-08-02 15:53:41 +02:00
Kevin Wolf
68d100e905 qcow2: Use coroutines
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-08-02 15:53:41 +02:00
Kevin Wolf
b96e92470a coroutines: Locks
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-08-02 15:53:40 +02:00
Kevin Wolf
f9f05dc58c block: Add bdrv_co_readv/writev emulation
In order to be able to call bdrv_co_readv/writev for drivers that don't
implement the functions natively, add an emulation that uses the AIO functions
to implement them.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-08-02 15:53:40 +02:00
Kevin Wolf
6848542018 block: Emulate AIO functions with bdrv_co_readv/writev
Use the bdrv_co_readv/writev callbacks to implement bdrv_aio_readv/writev and
bdrv_read/write if a driver provides the coroutine version instead of the
synchronous or AIO version.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-08-02 15:53:40 +02:00
Kevin Wolf
da1fa91d6c block: Add bdrv_co_readv/writev
Add new block driver callbacks bdrv_co_readv/writev, which work on a
QEMUIOVector like bdrv_aio_*, but don't need a callback. The function may only
be called inside a coroutine, so a block driver implementing this interface can
yield instead of blocking during I/O.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-08-02 15:53:40 +02:00
Stefan Hajnoczi
5e3840ce24 coroutine: add test-coroutine --benchmark-lifecycle
Add a microbenchmark for coroutine create, enter, and return (aka
lifecycle).  This is a useful benchmark because users are expected to
create many coroutines, one per I/O request for example, and we
therefore need to provide good performance in that scenario.

To run:

  make test-coroutine
  ./test-coroutine --benchmark-lifecycle 20000000

This will do 20,000,000 coroutine create, enter, return iterations and
print the resulting time.

Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2011-08-02 15:53:40 +02:00
Stefan Hajnoczi
aa7ee42ed3 coroutine: add test-coroutine automated tests
To run automated tests for coroutines:

  make test-coroutine
  ./test-coroutine

On success the program terminates with exit status 0.  On failure an
error message is written to stderr and the program exits with exit
status 1.

Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2011-08-02 15:53:40 +02:00
Alon Levy
4995f0d621 libcacard: use INSTALL_DATA for data
Signed-off-by: Alon Levy <alevy@redhat.com>
2011-08-02 14:57:25 +03:00
Blue Swirl
67494323f2 Sparc: fix non-faulting unassigned memory accesses
Commit b14ef7c9ab
introduced cpu_unassigned_access() function. On Sparc,
the function does not restore AREG0 used for global CPUState
on function exit, causing bugs with non-faulting unassigned
memory accesses. Alpha, Microblaze and MIPS are not affected.

Fix by restoring AREG0 on exit. Remove excess saving by
do_unassigned_access() functions.

Also ignore unassigned accesses outside of CPU context.

Reported-by: Bob Breuer <breuerr@mc.net>
Tested-by: Bob Breuer <breuerr@mc.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-08-01 21:26:03 +00:00
Alon Levy
e21a298a7b qxl: only disallow specific io's in vga mode
Since the driver is still in operation even after moving to UNDEFINED, i.e.
by destroying primary in any way.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-08-01 12:43:49 +02:00
Alon Levy
7635392ce6 qxl: make qxl_guest_bug take variable arguments
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-08-01 12:43:49 +02:00
Gerd Hoffmann
2bce040057 qxl: error handling fixes and cleanups.
Add qxl_guest_bug() function which is supposed to be called in case
sanity checks of guest requests fail.  It raises an error IRQ and
logs a message in case guest debugging is enabled.

Make PANIC_ON() abort instead of exit.  That macro should be used
for qemu bugs only, any guest-triggerable stuff should use the new
qxl_guest_bug() function instead.

Convert a few easy cases from PANIC_ON() to qxl_guest_bug() to
show intended usage.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-08-01 12:43:49 +02:00