Commit Graph

497 Commits

Author SHA1 Message Date
Prasad J Pandit
d6c3768b32 hw/display/tc6393xb: limit irq handler index to TC6393XB_GPIOS
The ctz32() routine could return a value greater than
TC6393XB_GPIOS=16, because the device has 24 GPIO level
bits but we only implement 16 outgoing lines. This could
lead to an OOB array access. Mask 'level' to avoid it.

Reported-by: Moguofang <moguofang@huawei.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-id: 20171212041539.25700-1-ppandit@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-12-13 17:59:26 +00:00
Peter Maydell
4e8a737c09 vga: bugfixes for 2.11
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJaBakGAAoJEEy22O7T6HE4BvAQAKyFKukXChjmiM1+DLI/k1L2
 sVlu1yFECNnXfm5oSHF9SWIoZliD7PG3KbAoiwaba8bPKXN8oaCajptyWwTciWrD
 jj1ZUrq13Uz2oVMPciLT4UuEwrBogCMAiCn+QJdBoQZsK85O1mKmdUhH8kyYejtB
 NrmBJKy6xGTeFd2DJGB2MTqdLv9tx+BSxo/X9quWjxZCVE1pXsEez90ECjTqL6pt
 JEJLVhQgmoZ+F+P48tmGtIq4vdnqFNSIn8aMSemOxHixabtEO+YJTRwuZfh0+pnR
 UxKfabYuInG9YArva4p6dvlCFx8f1tKNkIi96BX0UQ+HPeAzgcZG1ygF7PJqqDla
 whOLRdv/+IwtZxbcbaEh/tkcNzXhNFF18meglG9ncnkRUPNupaWBxbuT3KDLPiSW
 3DXqBYZMBht29UukU0tyB6tBAJm48NIJX0+S6PhjtpM5CDB9bgAIOycFTQxYTBCf
 M24PPM8mMoG5jJo2NRcAbkwI63XQwPJuPToWxfCNPWQSncDutD2/IH753Rt3CTAV
 JQjgBHE90gTl99a03tGZ6R8jtYBd2Eahkpvrix9b16YduqyP7t8uhuw9VRFmsAaE
 guhIFV/BA0yOueo1PapKuATN4QowMclQVw/ZGXirDkZ7/HRRFxp8Dpck2vO1eX4S
 gTaiMDTMjuLyIDw6VfuJ
 =VUIS
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/vga-20171110-pull-request' into staging

vga: bugfixes for 2.11

# gpg: Signature made Fri 10 Nov 2017 13:26:30 GMT
# gpg:                using RSA key 0x4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/vga-20171110-pull-request:
  vmsvga: use ARRAY_SIZE macro
  vga: fix region checks in wraparound case
  virtio-gpu: fix bug in host memory calculation.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-11-13 14:33:29 +00:00
Philippe Mathieu-Daudé
cf7040e284 vmsvga: use ARRAY_SIZE macro
Applied using the Coccinelle semantic patch scripts/coccinelle/use_osdep.cocci

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20170718061005.29518-23-f4bug@amsat.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-11-10 14:25:56 +01:00
Gerd Hoffmann
115788d7a7 vga: fix region checks in wraparound case
Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-id: 20171030102830.4469-1-kraxel@redhat.com
2017-11-10 11:26:55 +01:00
Tao Wu
c53f5b89f1 virtio-gpu: fix bug in host memory calculation.
The old code treats bits as bytes when calculating host memory usage.
Change it to be consistent with allocation logic in pixman library.

Signed-off-by: Tao Wu <lepton@google.com>
Message-Id: <20171109181741.31318-1-lepton@google.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-11-10 11:05:19 +01:00
Thomas Huth
79b217dedb hw/display/sm501: Fix comment in sm501_sysbus_class_init()
The "cannot_instantiate_with_device_add_yet" flag has been renamed
to "user_creatable" a while ago.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-11-08 13:21:37 +11:00
Gerd Hoffmann
eb38e1bc37 cirrus: fix oob access in mode4and5 write functions
Move dst calculation into the loop, so we apply the mask on each
interation and will not overflow vga memory.

Cc: Prasad J Pandit <pjp@fedoraproject.org>
Reported-by: Niu Guoxiang <niuguoxiang@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20171011084314.21752-1-kraxel@redhat.com
2017-10-17 09:59:00 +02:00
Gerd Hoffmann
b0898b42ef vga: add ram_addr_t cast
Reported by Coverity.

Fixes: CID 1381409
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20171010141323.14049-4-kraxel@redhat.com
2017-10-17 09:59:00 +02:00
Gerd Hoffmann
28f77de26a vga: handle cirrus vbe mode wraparounds.
Commit "3d90c62548 vga: stop passing pointers to vga_draw_line*
functions" is incomplete.  It doesn't handle the case that the vga
rendering code tries to create a shared surface, i.e. a pixman image
backed by vga video memory.  That can not work in case the guest display
wraps from end of video memory to the start.  So force shadowing in that
case.  Also adjust the snapshot region calculation.

Can trigger with cirrus only, when programming vbe modes using the bochs
api (stdvga, also qxl and virtio-vga in vga compat mode) wrap arounds
can't happen.

Fixes: CVE-2017-13672
Fixes: 3d90c62548
Cc: P J P <ppandit@redhat.com>
Reported-by: David Buchanan <d@vidbuchanan.co.uk>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20171010141323.14049-3-kraxel@redhat.com
2017-10-17 09:59:00 +02:00
Gerd Hoffmann
362f811793 vga: drop line_offset variable
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-10-17 09:58:37 +02:00
Eduardo Habkost
fd3b02c889 pci: Add INTERFACE_CONVENTIONAL_PCI_DEVICE to Conventional PCI devices
Add INTERFACE_CONVENTIONAL_PCI_DEVICE to all direct subtypes of
TYPE_PCI_DEVICE, except:

1) The ones that already have INTERFACE_PCIE_DEVICE set:

* base-xhci
* e1000e
* nvme
* pvscsi
* vfio-pci
* virtio-pci
* vmxnet3

2) base-pci-bridge

Not all PCI bridges are Conventional PCI devices, so
INTERFACE_CONVENTIONAL_PCI_DEVICE is added only to the subtypes
that are actually Conventional PCI:

* dec-21154-p2p-bridge
* i82801b11-bridge
* pbm-bridge
* pci-bridge

The direct subtypes of base-pci-bridge not touched by this patch
are:

* xilinx-pcie-root: Already marked as PCIe-only.
* pcie-pci-bridge: Already marked as PCIe-only.
* pcie-port: all non-abstract subtypes of pcie-port are already
  marked as PCIe-only devices.

3) megasas-base

Not all megasas devices are Conventional PCI devices, so the
interface names are added to the subclasses registered by
megasas_register_types(), according to information in the
megasas_devices[] array.

"megasas-gen2" already implements INTERFACE_PCIE_DEVICE, so add
INTERFACE_CONVENTIONAL_PCI_DEVICE only to "megasas".

Acked-by: Alberto Garcia <berto@igalia.com>
Acked-by: John Snow <jsnow@redhat.com>
Acked-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:43 +03:00
Dr. David Alan Gilbert
2f168d0708 migration: Route more error paths
vmstate_save_state is called in lots of places.
Route error returns from the easier cases back up;  there are lots
of more complex cases where their own error paths need fixing.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20170925112917.21340-7-dgilbert@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
  Commit message fix up as Peter's review
2017-09-27 11:44:18 +01:00
Dr. David Alan Gilbert
44b1ff319c migration: pre_save return int
Modify the pre_save method on VMStateDescription to return an int
rather than void so that it potentially can fail.

Changed zillions of devices to make them return 0; the only
case I've made it return non-0 is hw/intc/s390_flic_kvm.c that already
had an error_report/return case.

Note: If you add an error exit in your pre_save you must emit
an error_report to say why.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20170925112917.21340-2-dgilbert@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2017-09-27 11:35:59 +01:00
Thomas Huth
e837acfda1 hw/display/virtio-gpu: Put the virtio-gpu-device into the display category
The virtio-gpu-pci device is already in the display category, so the
virtio-gpu-device should be there, too.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2017-09-26 09:11:22 +03:00
Liang Yan
6ec83befe1 hw/display/xenfb.c: Add trace_xenfb_key_event
It may be better to add a trace event to monitor the last moment of
a key event from QEMU to guest VM

Signed-off-by: Liang Yan <lyan@suse.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2017-09-26 09:06:02 +03:00
Farhan Ali
1715d6b59c virtio-gpu: Handle endian conversion
Virtio GPU code currently only supports litte endian format,
and so using the Virtio GPU device on a big endian machine
does not work.

Let's fix it by supporting the correct host cpu byte order.

Signed-off-by: Farhan Ali <alifm@linux.vnet.ibm.com>
Message-Id: <dc748e15f36db808f90b4f2393bc29ba7556a9f6.1505485574.git.alifm@linux.vnet.ibm.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2017-09-19 18:31:32 +02:00
Gerd Hoffmann
79d16c21a5 virtio-gpu: don't clear QemuUIInfo information on reset
Don't reset window layout information (passed via virtio_gpu_ui_info) on
device reset, so the user interface window layout will be kept intact
over reboots.  The head size and position was commented out already, so
this patch just drops the dead code.  Additionally the enabled head mask
must be kept so multihead setups work properly too.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1460595
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 20170906142058.2460-1-kraxel@redhat.com
2017-09-13 09:39:32 +02:00
Dr. David Alan Gilbert
138bc2df84 vga/migration: Update memory map in post_load
After migration the chain4 alias mapping added by 80763888 (in 2011)
might be missing, since there's no call to vga_update_memory_access
in the post_load after the registers are updated.  Add it back.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Message-id: 20170804113329.13609-1-dgilbert@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-09-01 13:52:43 +02:00
Gerd Hoffmann
b21330b513 qxl: add support for chunked cursors.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20170828123933.30323-3-kraxel@redhat.com
2017-09-01 13:52:43 +02:00
Gerd Hoffmann
79c5a10cdd qxl: drop mono cursor support
The chunk size sanity check in qxl_render_cursor works for
SPICE_CURSOR_TYPE_ALPHA cursors only.  So support for
SPICE_CURSOR_TYPE_MONO cursors must be broken for ages without anyone
noticing.  Most likely it simply isn't used any more by guest drivers.
Drop the dead code.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20170828123933.30323-2-kraxel@redhat.com
2017-09-01 13:52:43 +02:00
Gerd Hoffmann
3d90c62548 vga: stop passing pointers to vga_draw_line* functions
Instead pass around the address (aka offset into vga memory).
Add vga_read_* helper functions which apply vbe_size_mask to
the address, to make sure the address stays within the valid
range, similar to the cirrus blitter fixes (commits ffaf857778
and 026aeffcb4).

Impact:  DoS for privileged guest users.  qemu crashes with
a segfault, when hitting the guard page after vga memory
allocation, while reading vga memory for display updates.

Fixes: CVE-2017-13672
Cc: P J P <ppandit@redhat.com>
Reported-by: David Buchanan <d@vidbuchanan.co.uk>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20170828122906.18993-1-kraxel@redhat.com
2017-09-01 13:52:43 +02:00
Gerd Hoffmann
e65294157d vga: fix display update region calculation (split screen)
vga display update mis-calculated the region for the dirty bitmap
snapshot in case split screen mode is used.  This can trigger an
assert in cpu_physical_memory_snapshot_get_dirty().

Impact:  DoS for privileged guest users.

Fixes: CVE-2017-13673
Fixes: fec5e8c92b
Cc: P J P <ppandit@redhat.com>
Reported-by: David Buchanan <d@vidbuchanan.co.uk>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20170828123307.15392-1-kraxel@redhat.com
2017-09-01 13:52:43 +02:00
Marc-André Lureau
e5f9903748 virtio-gpu: use DIV_ROUND_UP
I used the clang-tidy qemu-round check to generate the fix:
https://github.com/elmarco/clang-tools-extra

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
2017-08-31 12:29:07 +02:00
Marc-André Lureau
2c23ce22c6 vga: use DIV_ROUND_UP
I used the clang-tidy qemu-round check to generate the fix:
https://github.com/elmarco/clang-tools-extra

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
2017-08-31 12:29:07 +02:00
Paolo Bonzini
47025a0193 qxl: call qemu_spice_display_init_common for secondary devices
Fixes this 2.10 regression:

  $ qemu-system-x86_64  -cpu host -m 6144 -vga qxl -device qxl
  qemu-system-x86_64: util/qemu-thread-posix.c:64: qemu_mutex_lock: Assertion `mutex->initialized' failed.

Reported-by: ademaria@redhat.com
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20170814231552.24593-1-pbonzini@redhat.com
Cc: kraxel@redhat.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-08-15 15:04:51 +01:00
Vladimir Sementsov-Ogievskiy
8908eb1a4a trace-events: fix code style: print 0x before hex numbers
The only exception are groups of numers separated by symbols
'.', ' ', ':', '/', like 'ab.09.7d'.

This patch is made by the following:

> find . -name trace-events | xargs python script.py

where script.py is the following python script:
=========================
 #!/usr/bin/env python

import sys
import re
import fileinput

rhex = '%[-+ *.0-9]*(?:[hljztL]|ll|hh)?(?:x|X|"\s*PRI[xX][^"]*"?)'
rgroup = re.compile('((?:' + rhex + '[.:/ ])+' + rhex + ')')
rbad = re.compile('(?<!0x)' + rhex)

files = sys.argv[1:]

for fname in files:
    for line in fileinput.input(fname, inplace=True):
        arr = re.split(rgroup, line)
        for i in range(0, len(arr), 2):
            arr[i] = re.sub(rbad, '0x\g<0>', arr[i])

        sys.stdout.write(''.join(arr))
=========================

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Acked-by: Cornelia Huck <cohuck@redhat.com>
Message-id: 20170731160135.12101-5-vsementsov@virtuozzo.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-08-01 12:13:07 +01:00
Vladimir Sementsov-Ogievskiy
db73ee4bc8 trace-events: fix code style: %# -> 0x%
In trace format '#' flag of printf is forbidden. Fix it to '0x%'.

This patch is created by the following:

check that we have a problem
> find . -name trace-events | xargs grep '%#' | wc -l
56

check that there are no cases with additional printf flags before '#'
> find . -name trace-events | xargs grep "%[-+ 0'I]+#" | wc -l
0

check that there are no wrong usage of '#' and '0x' together
> find . -name trace-events | xargs grep '0x%#' | wc -l
0

fix the problem
> find . -name trace-events | xargs sed -i 's/%#/0x%/g'

[Eric Blake noted that xargs grep '%[-+ 0'I]+#' should be xargs grep
"%[-+ 0'I]+#" instead so the shell quoting is correct.
--Stefan]

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 20170731160135.12101-3-vsementsov@virtuozzo.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-08-01 12:13:07 +01:00
Philippe Mathieu-Daudé
87e0331c5a docs: fix broken paths to docs/devel/tracing.txt
With the move of some docs/ to docs/devel/ on ac06724a71,
no references were updated.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2017-07-31 13:12:53 +03:00
Peter Maydell
4c4414a438 hw/display/sm501: Don't use vmstate_register_ram_global()
The sm501 device uses vmstate_register_ram_global() to register its
memory region for migration.  This means it gets a name that is
assumed to be global to the whole system, which in turn means that if
you create two of the device we assert because of the duplication:

qemu-system-ppc -device sm501 -device sm501
RAMBlock "sm501.local" already registered, abort!
Aborted (core dumped)

Changing this to just use memory_region_init_ram()'s automatic
registration of the memory region with a device-local name fixes
this.  The downside is that it breaks migration compatibility, but
luckily we only added migration support to this device in the 2.10
release cycle so we haven't released a QEMU version with the broken
implementation.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-id: 1500309462-12792-1-git-send-email-peter.maydell@linaro.org
2017-07-25 13:04:28 +01:00
Peter Maydell
df55c7e8c8 virtio-gpu migration fix for 2.10
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJZbIZdAAoJEEy22O7T6HE4legP/3V4lFzuVQquaJZcMG6EFiUx
 bpvQ63hFNRdpB/TglgqR66ijut1TwoC7N9AzeTTDYaze2sywNq32ySmqSQWLZUiN
 oKHl6Oo7s5YVLNj2qtCRHtJIaqurWjWun7ayGei9Q8hTpsbD7DeZiUHMWBusNc6y
 xhhttuzZnAhywm2vuQjXDs/gpqDTDp8eNF/9oQwAF8mV8g2L8TTD2QzWIgB277pO
 sjfvlNs6F5wWh2yawhFznMzXzCBr6k01TlzPHVlZfdgaasrbXW9iHPJIoWIo9R+R
 BAAAlbu7t4lrwOc9DKd6NfP3VpblqvoQuTo9mhhQvVRXYf1vxaKK1HMaFygibiaO
 qnkYXt/Ofk5lsRgTVvFbKiAPmJ1WmInwwwzDiycA2tvXbJSxi8lsYzuQ+Me7diqY
 rvd2OxKQEG0XqpQKUG104i4NDJxXV+xRMh7wgENa02cylcrpjs48BokGSybGfw7D
 C/DcONQfghwGhsqiPXsoYPke/yFH/DMq3UyCBpy4c2W4LzFoDiUah1G2eB3s9DB9
 tobc7yuCcCiM/kGX3T1teqy83T4ssHogaVwbYyhFSNq7mwspDyVDYB8XKnH+E3k0
 znws1MOpiRQE49u9iJ4CW8FU67lI90+5C/SMoVqLFx/hVl6iDe4u2PmnSMLdFm3v
 GxIcTezItHsqYIPxmHti
 =PwkY
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/vga-20170717-pull-request' into staging

virtio-gpu migration fix for 2.10

# gpg: Signature made Mon 17 Jul 2017 10:41:49 BST
# gpg:                using RSA key 0x4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/vga-20170717-pull-request:
  virtio-gpu: skip update cursor in post_load if we don't have one

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-07-17 17:12:41 +01:00
Gerd Hoffmann
10750ee0d6 virtio-gpu: skip update cursor in post_load if we don't have one
If the cursor resource id isn't set the guest didn't define a cursor.
Skip the cursor update in post_load in that that case.

Reported-by: wanghaibin <wanghaibin.wang@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: wanghaibin <wanghaibin.wang@huawei.com>
Message-id: 20170710070432.856-1-kraxel@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-07-17 11:41:23 +02:00
Peter Maydell
ce66d778cd hw/display/qxl.c Use memory_region_init_ram()
Switch to memory_region_init_ram(), since we pass the same DeviceState
to both memory_region_init_ram_nomigrate() and vmstate_register_ram().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 1499438577-7674-11-git-send-email-peter.maydell@linaro.org
2017-07-14 17:59:42 +01:00
Peter Maydell
98a99ce084 hw: Use new memory_region_init_{ram, rom, rom_device}() functions
Use the new functions memory_region_init_{ram,rom,rom_device}()
instead of manually calling the _nomigrate() version and then
vmstate_register_ram_global().

Patch automatically created using coccinelle script:
 spatch --in-place -sp_file scripts/coccinelle/memory-region-init-ram.cocci -dir hw

(As it turns out, there are no instances of the rom and
rom_device functions that are caught by this script.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 1499438577-7674-8-git-send-email-peter.maydell@linaro.org
2017-07-14 17:59:42 +01:00
Peter Maydell
1cfe48c1ce memory: Rename memory_region_init_ram() to memory_region_init_ram_nomigrate()
Rename memory_region_init_ram() to memory_region_init_ram_nomigrate().
This leaves the way clear for us to provide a memory_region_init_ram()
which does handle migration.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 1499438577-7674-4-git-send-email-peter.maydell@linaro.org
2017-07-14 17:59:42 +01:00
Igor Mammedov
8f5d58ef2c qom: enforce readonly nature of link's check callback
link's check callback is supposed to verify/permit setting it,
however currently nothing restricts it from misusing it
and modifying target object from within.
Make sure that readonly semantics are checked by compiler
to prevent callback's misuse.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
Message-Id: <20170714021509.23681-2-famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-07-14 12:04:42 +02:00
Stefano Stabellini
9f2130f58d xenfb: remove xen_init_display "temporary" hack
Initialize xenfb properly, as all other backends, from its own
"initialise" function.

Remove the dependency of vkbd on vfb: use qemu_console_lookup_by_index
to find the principal console (to get the size of the screen) instead of
relying on a vfb backend to be available (which adds a dependency
between the two).

Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Reviewed-by: Paul Durrant <paul.durrant@citrix.com>
2017-07-07 11:10:03 -07:00
Edgar E. Iglesias
31cf950ea2 xilinx-dp: Add support for the yuy2 video format
Add support for the yuy2 video format.

Reviewed-by: KONRAD Frederic <frederic.konrad@adacore.com>
Acked-by: Sai Pavan Boddu <saipava@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2017-07-04 09:22:20 +02:00
Halil Pasic
d2164ad35c vmstate: error hint for failed equal checks
In some cases a failing VMSTATE_*_EQUAL does not mean we detected a bug,
but it's actually the best we can do. Especially in these cases a verbose
error message is required.

Let's introduce infrastructure for specifying a error hint to be used if
equal check fails. Let's do this by adding a parameter to the _EQUAL
macros called _err_hint. Also change all current users to pass NULL as
last parameter so nothing changes for them.

Signed-off-by: Halil Pasic <pasic@linux.vnet.ibm.com>

Message-Id: <20170623144823.42936-1-pasic@linux.vnet.ibm.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
2017-06-28 11:18:44 +02:00
Marc-André Lureau
f664b88247 Remove/replace sysemu/char.h inclusion
Those are apparently unnecessary includes.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2017-06-02 11:33:52 +04:00
Juan Quintela
795c40b8bd migration: Create migration/blocker.h
This allows us to remove lots of includes of migration/migration.h

Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2017-05-17 12:04:59 +02:00
Stefan Hajnoczi
384d9d554a ui: add egl-headless
ui: some vnc cleanups
 ui: absolute events for input-linux
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJZFaFvAAoJEEy22O7T6HE4TqgP/1bwf3/W6Xmg51A93URWK4uq
 RWGc9nCtIPh+CieqUByHGwDdV88p/6UBuLsXosHG3DM4olRgynAUOjTMBCe9Mq8Q
 nF2LSPW273Ir/H5bzrDP+3m6roxoMQQbSeXRuA5vQ8u4HpD+Y17T7NOeiwCLFg49
 96zSKlucIWHFkGHO4n6fwWR+sIVhsPXwOykFO7EScGav5Ir9SuFJDUx+JeBQ7wot
 eOKiYEKaJKKnjFHFUYQnyUq+6cZBbuR9B3FRHaCNTxGuWjCXxPO8O1Pz4B2oIZH9
 +pcvg+2f12Zw+dm0pMZHO5sH5hkIY7xzRMkFH0ifpscmGNuJT6oJ9xA4x+sJkAiX
 FrcunzAH939LtcgNloZq07PXhA8O+LqHiTKIPr1ZXomnW3jSmfuNvW1TwADJsL2E
 1Pnateibdiz7Xyb4b7hcvgYvjXA3iKbMgfpvu4n7x2P5orHaylmadXFfBjiOJ+u+
 z5n1ip3v417javuIAKwYepvHYjvkbcMPtUrkKwja6F+C3jvTH6wc+wMRrKPQxnOJ
 ZTPrlcEJOqSCYdzxI/fqg8B/HSDr1bcMX+odrCeJWC2O8deAld1aVXaFXz+JW483
 zi2vIBh+kHh6VHDtJynv7Sv7mUCY7jWEiBY6AidnMLR6zomKtwrn7wWqxBbCvI5g
 IVWjoRqul6sTNl3ywMhc
 =FimK
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'kraxel/tags/pull-ui-20170512-1' into staging

ui: add egl-headless
ui: some vnc cleanups
ui: absolute events for input-linux

# gpg: Signature made Fri 12 May 2017 12:50:07 PM BST
# gpg:                using RSA key 0x4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* kraxel/tags/pull-ui-20170512-1:
  vnc: replace hweight_long() with ctpopl()
  vnc: simple clean up
  opengl: add egl-headless display
  egl: explicitly ask for core context
  egl-helpers: add missing error check
  egl-helpers: fix display init for x11
  egl-helpers: drop support for gles and debug logging
  virtio-gpu: move virtio_gpu_gl_block
  ui: input-linux: Add absolute event support
  ui: Support non-zero minimum values for absolute input axes

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-05-15 14:26:47 +01:00
Stefan Hajnoczi
43ad494c04 make display updates thread safe, batch #2
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJZFHgvAAoJEEy22O7T6HE4744P/jzTCZRV40/lQ//NVKW05HGN
 OlrvTt3gLG20TAgZqNR4jgocrTi0fBkvCnret1Q1rwgp2dBRZ1mTmxpxVH9HJL7A
 kHvSNmOT2qfpxQGKxe+ZucLOWvLsJAL9SjzdHJ7A5+09KfKBtLNL93avYqw5erPt
 la6Nf9j6Dhi/OCD6AU+aTyBWEn1awrhNrRGMO9Z+pzF2VaVQ5V5lejGU1jvWmXiE
 Tq+xCa/oOe/tmLYsZw9CiWM44WMMC5fOTksY/wGs53HMayAkoFHJoba4MMyArmOv
 xFw/iR2IesjJXRfTda8cdp+GbqZTBZYgdaABl3trMl4TR36CrNxcXehGsU+eiCOG
 pdJ6QOTNJ/QJ3fWssC9X5tT+DbqjFc934ewXAHbVIDQ63dac3AaazeOeEzD8CF6R
 TzWd/nS79GRwo67HOeJTTGeQCGWBe/Ca8MUd2HItQyUUDIe1dllXf2cUHd5Ml9Pf
 4SoH7EEaKC9ZXfpN50duOaSI3UflcyAN2EWXeV5XxtwPPdvXXEm3LO/Uzjh5QgYH
 +V5FFsNmGnEn/vMp4nfuCiuZhScIH3BOVXFGAHuxuXnVw0F1cy9GLKpLKHxfQuZC
 gC03p0GcMkmyPmoXIiNc8ASyXBar6tMdz0PjRfKi2r4UTp1ZTjzM9EaF29KE2AXT
 WsEHAb++2mfb8gNH6J7Y
 =78eq
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'kraxel/tags/pull-vga-20170511-1' into staging

make display updates thread safe, batch #2

# gpg: Signature made Thu 11 May 2017 03:41:51 PM BST
# gpg:                using RSA key 0x4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* kraxel/tags/pull-vga-20170511-1:
  vga: fix display update region calculation
  sm501: make display updates thread safe
  tcx: make display updates thread safe
  cg3: make display updates thread safe

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-05-15 14:07:07 +01:00
Gerd Hoffmann
c19f4fbce1 virtio-gpu: move virtio_gpu_gl_block
Move to virtio-gpu-3d.c where all the other virgl code lives too.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20170505104101.30589-2-kraxel@redhat.com
2017-05-12 12:02:48 +02:00
Gerd Hoffmann
bfc56535f7 vga: fix display update region calculation
vga display update mis-calculated the region for the dirty bitmap
snapshot in case the scanlines are padded.  This can triggere an
assert in cpu_physical_memory_snapshot_get_dirty().

Fixes: fec5e8c92b
Reported-by: Kevin Wolf <kwolf@redhat.com>
Reported-by: 李强 <liqiang6-s@360.cn>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20170509104839.19415-1-kraxel@redhat.com
2017-05-11 09:50:32 +02:00
Gerd Hoffmann
ca7f544123 sm501: make display updates thread safe
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20170509111928.30935-1-kraxel@redhat.com
2017-05-11 09:50:29 +02:00
Mark Cave-Ayland
2dd285b5f3 tcx: make display updates thread safe
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-id: 1494449551-20227-3-git-send-email-mark.cave-ayland@ilande.co.uk
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-05-11 09:49:27 +02:00
Mark Cave-Ayland
344a68bf9d cg3: make display updates thread safe
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-id: 1494449551-20227-2-git-send-email-mark.cave-ayland@ilande.co.uk
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-05-11 09:49:27 +02:00
Stefan Hajnoczi
f465706e59 trivial patches for 2017-05-10
-----BEGIN PGP SIGNATURE-----
 
 iQFDBAABCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAlkSvwIPHG1qdEB0bHMu
 bXNrLnJ1AAoJEHAbT2saaT5Zys4IAMZLWicv1c7O3m1ajmmg7iGfRbsajcx9FSBi
 NxdrqG3zgV10gz8/R7goMYGkeFs8MAoDfagbBkXgwFgA31M+ecOe93XyoOQLpe9/
 43fx2u8exVdruIb60F5yDEd51RLwK2C4Iz7SVNRoVWMqDcMOCuC+WBog+AbTB0V+
 19RjhKStMyXMXPYVO0bLhQIcH+ixFLUljbpwDvz5FKor5NqGG+FzHjmwYciiTbr3
 o7Z3OIMWT7rDr9V5/553miiNP9ufG3fJreMyXDrTkFRVmDZaqRBp+tvdrYcb77ed
 /DDxC5vafgCRzwsrmCIsIQXV0janFGDQiqbR+hzBMBG1RTRoBiM=
 =AAfU
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'mjt/tags/trivial-patches-fetch' into staging

trivial patches for 2017-05-10

# gpg: Signature made Wed 10 May 2017 03:19:30 AM EDT
# gpg:                using RSA key 0x701B4F6B1A693E59
# gpg: Good signature from "Michael Tokarev <mjt@tls.msk.ru>"
# gpg:                 aka "Michael Tokarev <mjt@corpit.ru>"
# gpg:                 aka "Michael Tokarev <mjt@debian.org>"
# Primary key fingerprint: 6EE1 95D1 886E 8FFB 810D  4324 457C E0A0 8044 65C5
#      Subkey fingerprint: 7B73 BAD6 8BE7 A2C2 8931  4B22 701B 4F6B 1A69 3E59

* mjt/tags/trivial-patches-fetch: (23 commits)
  tests: Remove redundant assignment
  MAINTAINERS: Update paths for AioContext implementation
  MAINTAINERS: Update paths for main loop
  jazz_led: fix bad snprintf
  tests: Ignore another built executable (test-hmp)
  scripts: Switch to more portable Perl shebang
  scripts/qemu-binfmt-conf.sh: Fix shell portability issue
  virtfs: allow a device id to be specified in the -virtfs option
  hw/core/generic-loader: Fix crash when running without CPU
  virtio-blk: Remove useless condition around g_free()
  qemu-doc: Fix broken URLs of amnhltm.zip and dosidle210.zip
  use _Static_assert in QEMU_BUILD_BUG_ON
  channel-file: fix wrong parameter comments
  block: Make 'replication_state' an enum
  util: Use g_malloc/g_free in envlist.c
  qga: fix compiler warnings (clang 5)
  device_tree: fix compiler warnings (clang 5)
  usb-ccid: make ccid_write_data_block() cope with null buffers
  tests: Ignore more test executables
  Add 'none' as type for drive's if option
  ...

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-05-10 12:31:19 -04:00
Paolo Bonzini
e9c6ab62c7 jazz_led: fix bad snprintf
Detected by GCC 7's -Wformat-truncation.  snprintf writes at most
2 bytes here including the terminating NUL, so the result is
truncated.  In addition, the newline at the end is pointless.
Fix the buffer size and the format string.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2017-05-10 10:19:24 +03:00
Mark Cave-Ayland
8eb57ae3f9 cg3: add explicit ram_addr_t cast to scanline page variable
Coverity warns that multiplying two 32-bit values gives a 32-bit result which
is assigned to a 64-bit variable. Add an explicit ram_addr_t cast to silence
the warning.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2017-05-05 09:49:00 +01:00