Commit Graph

1425 Commits

Author SHA1 Message Date
blueswir1
6d0c293dc3 Halt the CPU using a qemu_irq
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5601 c046a42c-6fe2-441c-8c8c-71466251a162
2008-11-02 10:51:05 +00:00
aurel32
65d35a0997 CVE-2008-4539: fix a heap overflow in Cirrus emulation
The code in hw/cirrus_vga.c has changed a lot between CVE-2007-1320 has
been announced and the patch has been applied. As a consequence it has
wrongly applied and QEMU is still vulnerable to this bug if using VNC.

(noticed by Jan Niehusmann)

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5587 c046a42c-6fe2-441c-8c8c-71466251a162
2008-11-01 00:53:39 +00:00
aurel32
7cc0dd20e1 Malta & OMAP: add a name to char devices
(fixes regression introduced by r5575)

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5585 c046a42c-6fe2-441c-8c8c-71466251a162
2008-11-01 00:53:19 +00:00
aliguori
5ccfae10a7 Implement "info chardev" command. (Gerd Hoffmann)
This patch makes qemu keep track of the character devices in use and
implements a "info chardev" monitor command to print a list.

qemu_chr_open() sticks the devices into a linked list now.  It got a new
argument (label), so there is a name for each device.  It also assigns a
filename to each character device.  By default it just copyes the
filename passed in.  Individual drivers can fill in something else
though.  qemu_chr_open_pty() sets the filename to name of the pseudo tty
allocated.

Output looks like this:

  (qemu) info chardev
  monitor: filename=unix:/tmp/run.sh-26827/monitor,server,nowait
  serial0: filename=unix:/tmp/run.sh-26827/console,server
  serial1: filename=pty:/dev/pts/5
  parallel0: filename=vc:640x480

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>



git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5575 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-31 17:31:29 +00:00
aliguori
492c30af25 Make DMA bottom-half driven (v2)
The current DMA routines are driven by a call in main_loop_wait() after every
select.

This patch converts the DMA code to be driven by a constantly rescheduled
bottom half.  The advantage of using a scheduled bottom half is that we can
stop scheduling the bottom half when there no DMA channels are runnable.  This
means we can potentially detect this case and sleep longer in the main loop.

The only two architectures implementing DMA_run() are cris and i386.  For cris,
I converted it to a simple repeating bottom half.  I've only compile tested
this as cris does not seem to work on a 64-bit host.  It should be functionally
identical to the previous implementation so I expect it to work.

For x86, I've made sure to only fire the DMA bottom half if there is a DMA
channel that is runnable.  The effect of this is that unless you're using sb16
or a floppy disk, the DMA bottom half never fires.

You probably should test this malc.  My own benchmarks actually show slight
improvement by it's possible the change in timing could affect your demos.

Since v1, I've changed the code to use a BH instead of a timer.  cris at least
seems to depend on faster than 10ms polling.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>



git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5573 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-31 17:25:56 +00:00
blueswir1
1572a18cc6 Sun4c cleanups (Robert Reif)
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5568 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-28 17:55:32 +00:00
balrog
3d878caab9 Set default max_cpus to one.
Clean-up machine definitions.


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5566 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-28 10:59:59 +00:00
edgar_igl
c968ef8df5 ETRAX-FS: Process outgoing DMA channels until EOL.
For outgoing DMA channels, keep processing descriptors until hitting end
of list.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5553 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-27 20:44:27 +00:00
blueswir1
8137cde8f9 Move sun4c to its own hwdef (Robert Reif)
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5549 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-27 15:56:56 +00:00
blueswir1
b1d8e52e63 Fix undeclared symbol warnings from sparse
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5539 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-26 13:43:07 +00:00
blueswir1
653a07b222 Change freeing method because the allocation function was changed in r5532
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5536 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-25 13:48:59 +00:00
blueswir1
2bd7318c1a Replace uses of strndup (a GNU extension) with Qemu pstrdup
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5532 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-25 11:23:27 +00:00
blueswir1
be15b141e0 Replace uses of strncpy (a GNU extension) with Qemu pstrcpy
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5531 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-25 11:21:28 +00:00
balrog
fbc190d82a Fix a bad memcpy length (Bruce Rogers).
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5528 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-25 00:10:20 +00:00
aliguori
c1d3666532 Live migration for Win32 (Hervé Poussineau)
This patch fixes migration so that it works on Win32.  This requires using
socket specific calls since sockets cannot be treated like file descriptors
on win32.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>



git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5525 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-24 21:55:17 +00:00
aurel32
7d0adcd6d5 hw/pc: don't register the memory hole as unassigned twice
Since revision 5228, we don't register the memory hole (0xa00000 to
0xfffff) anymore. As a consequence, we don't need to register it again
as unassigned.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5522 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-24 13:12:42 +00:00
edgar_igl
aa25cf4694 ETRAX-FS: Drop DMA polling for ethernet.
* Drop DMA poll mode. Instead immediately push rx frames straight into the DMA
  without waiting for DMA_run to poll them of the fifo.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>



git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5520 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-24 09:18:39 +00:00
edgar_igl
f5a5cca35b ETRAX-FS: Add support for passing kernel command lines
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5516 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-22 19:58:32 +00:00
edgar_igl
8ab944444a ETRAX-FS: Correct booting of elf linux images from ram.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5515 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-22 19:35:08 +00:00
aurel32
89c0f6438d scsi-generic: correct error management
this patch allows to fully use a tape device connected to qemu through
the scsi-generic interface.

Previous patch introduced tape SCSI commands management, this one
improve error case management:

- the SCSI controller command completion must be called with the status
value, not the sense value. In the case of scsi-generic, the SCSI status
is given by the field status of sg_io_hdr_t (the value is left shifted
by one regarding status codes defined in /usr/include/scsi/scsi.h)

- when a read is aborted due to a mark/EOF/EOD/EOM, the len reported to
controller can be 0. LSI controller emulation doesn't know how to manage
this. A workaround found is to call the completion routine with
SCSI_REASON_DONE just after calling it with SCSI_REASON_DATA with len=0.

This patch also manages correctly the block size of the tape device.

This patch has been tested with a real tape device "HP C5683A", linux
guest (debian etch) and tools like "mt", "tar" and "btape".

Windows guest is not better supported than before...

Signed-off-by: Laurent Vivier <Laurent.Vivier@bull.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5497 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-17 08:08:56 +00:00
aliguori
871d2f0796 Fix some issues with QEMUFile
This patch allows QEMUFile's read and write operations to return 
negative error codes.  This is necessary to detect things like closed 
streams during live migration.

It also removes unused code for QEMUFileFD write path.  Finally, it 
makes sure to avoid attempting to flush an output buffer if the file
is only being used for input.  This was spotted by Uri Lublin.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>



git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5474 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-13 03:07:56 +00:00
aurel32
bb7e729397 hw/apic.c: use functions from host-utils.h
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5469 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-12 20:16:03 +00:00
aurel32
bad5b1ec8e Define macro QEMU_GNUC_PREREQ and use it
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5467 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-12 16:15:04 +00:00
aurel32
5b7ada46e5 Only use __builtin_* with GCC >= 3.4
Fix gcc 3.3 builds, broken in revision 5465.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5466 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-12 11:44:36 +00:00
aurel32
e95f5491bc hw/apic.c: use __builtin funtions instead of assembly code
Suggested by malc.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5465 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-12 00:53:17 +00:00
malc
1792f2867c Fix some debugging mistakes/leftovers
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5458 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-11 17:37:25 +00:00
blueswir1
22864256db Correct SCSI error reporting (Laurent Vivier)
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5455 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-11 09:33:03 +00:00
balrog
71fb234866 Increase write buffer size in pflash emulation (Thomas Petazzoni).
The current flash emulation code advertises a write buffer size of 16
bytes (1 << 4, according to offset 0x2A of the CFI table). This is
very small compared to normal write buffer sizes, and makes the
process of writing to the flash very slow (at least from U-Boot).

This patch increases this size to 2048 bytes. Except the modification
of the CFI table, the only other required modification is to use
"value" instead of "cmd" to set pfl->counter, because cmd is truncated
to the 8 lower bits of value, while the number of bytes for a write
can now be greater than 255 bytes.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5454 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-11 09:19:57 +00:00
aliguori
33256a25b3 Fix IDE DIAGNOSE for packet devices (Vincent Sanders)
The DIAGNOSE command in the qemu IDE implementation has an error when
use dfor packet devices. 

The status register value is dependant on the drive being a packet
device or not, this patch corrects the returned status.

From the ATA/PI specification (V6 draft):

"If the device implements the PACKET command feature set, the device
SHALL clear bits 6,5,4,3,2 and 0 in the Status register to zero."

A selection of physical devices have been checked and do conform to
the specifications behaviour.

Signed-off-by: Vincent Sanders <vince@simtec.co.uk>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>



git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5452 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-09 14:19:34 +00:00
aliguori
b2097003ec machine struct - specify max_cpus at the per machine level (Jes Sorensen)
Introduce a max_cpus per-machine variable, allowing individual boards
to limit it's number of CPUs. Check requested number of CPUs in setup
code and exit if it exceeds the supported number for the machine.
This also renders the static MAX_CPUS check obsolete, so remove this
from vl.c.

Signed-off-by: Jes Sorensen <jes@sgi.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>



git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5443 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-07 20:39:39 +00:00
aliguori
4b32e16880 machine struct - use C99 initializers (Jes Sorensen)
Modify all the machine struct declarations to use C99 initializers.
This patch has no functional changes.

Signed-off-by: Jes Sorensen <jes@sgi.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>



git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5442 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-07 20:34:35 +00:00
aliguori
9366f41860 Introduce v3 of savevm protocol
The current savevm/loadvm protocol has some draw backs.  It does not support
the ability to do progressive saving which means it cannot be used for live
checkpointing or migration.  The sections sizes are 32-bit integers which
means that it will not function when using more than 4GB of memory for a guest.
It attempts to seek within the output file which means it cannot be streamed.
The current protocol also is pretty lax about how it supports forward
compatibility.  If a saved section version is greater than what the restore
code support, the restore code generally treats the saved data as being in
whatever version it supports.  This means that restoring a saved VM on an older
version of QEMU will likely result in silent guest failure.

This patch introduces a new version of the savevm protocol.  It has the
following features:

 * Support for progressive save of sections (for live checkpoint/migration)
 * An asynchronous API for doing save
 * Support for interleaving multiple progressive save sections
   (for future support of memory hot-add/storage migration)
 * Fully streaming format
 * Strong section version checking

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>



git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5434 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-06 14:53:52 +00:00
blueswir1
2bfdab638a Move nographic export to sysemu.h
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5414 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-04 07:22:29 +00:00
blueswir1
3b3fb32229 Use qemu-log.h
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5413 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-04 07:20:07 +00:00
balrog
06adb549e6 Improve pflash cfi01 debug messages (Thomas Petazzoni).
This patches slightly improves the debugging messages in pflash_read()
and pflash_write().

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5410 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-03 23:09:08 +00:00
balrog
3656744cdd Reset CFI01 flash wcycle after erase confirm (Thomas Petazzoni).
pfl->wcycle was set to 1 when the erase confirm command was set, which
lead to the next command being misinterpreted by Qemu:

pflash_write: Unimplemented flash cmd sequence (offset 00000000,
wcycle 0x1 cmd 0x20 value 0x70)

This patch fixes this issue by resetting pfl->wcycle to 0 on erase
confirm so that the next command is considered as a new one.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5409 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-03 23:00:09 +00:00
blueswir1
f4b1a842d7 Rearrange tick functions
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5408 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-03 19:04:42 +00:00
blueswir1
b6c4f71f50 Resurrect the safe part of r5274
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5401 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-02 19:14:17 +00:00
blueswir1
09bc878a13 Make PCI class description tables const
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5400 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-02 18:33:50 +00:00
blueswir1
88b4e9dbe2 Make some tables const
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5395 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-02 18:24:21 +00:00
blueswir1
daa41b0010 Sun ss20 OBP does 32bit register access to esp (Robert Reif)
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5394 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-02 18:07:56 +00:00
aurel32
3003b8bbf9 Reset CPU on INIT IPI
INIT IPI should reset CPU. Also non boot CPU should be halted. It will
be un-halted by SIPI.

Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5390 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-01 22:01:28 +00:00
aurel32
f0f72ffe64 qemu: improve scsi dma speed by increasing the dma buffer size
taken from Xen 17267:f4a92f0db20f, original patch by Samuel Thibault.

Signed-off-by: Avi Kivity <avi@qumranet.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5385 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-01 21:46:23 +00:00
aurel32
5a964d93dc hw/apic.c: use bsr and bsf on x86_64
(C.W. Betts)

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5382 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-01 21:45:59 +00:00
balrog
5604e090cb Check that asynchronous (DMA) submission succeeds (Ian Jackson).
If it does not, abort the command immediately rather than dropping
it on the floor.

Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5369 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-01 01:43:16 +00:00
balrog
e162cfb07b Actually check read/write errors in IDE (Ian Jackson).
This patch makes the ide emulation actually take notice of
error returns from bdrv_write and bdrv_aio_{read,write}.

(Cherry picked from qemu-xen e0e7a0afe0e324a1f7d64c240f567b15dbe454cf,
 first posted to qemu-devel Wed, 20 Feb 2008 15:26:41 +0000)

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5368 c046a42c-6fe2-441c-8c8c-71466251a162
2008-10-01 01:13:37 +00:00
blueswir1
674bb26172 Add some missing static qualifiers
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5363 c046a42c-6fe2-441c-8c8c-71466251a162
2008-09-30 18:18:27 +00:00
balrog
e820e3f459 Make sure bluez programs (cross-)compile, add missing statics.
Spotted by Blue Swirl.


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5358 c046a42c-6fe2-441c-8c8c-71466251a162
2008-09-30 02:27:44 +00:00
blueswir1
ada24f8466 Fix SS-2 crash
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5357 c046a42c-6fe2-441c-8c8c-71466251a162
2008-09-29 18:24:38 +00:00
aliguori
5dafc53f1f Refactor QEMUFile for live migration
To support live migration, we override QEMUFile so that instead of writing to
disk, the save/restore state happens over a network connection.

This patch makes QEMUFile read/write operations function pointers so that we
can override them for live migration.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>



git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5352 c046a42c-6fe2-441c-8c8c-71466251a162
2008-09-29 16:25:16 +00:00