Commit Graph

12341 Commits

Author SHA1 Message Date
Gerd Hoffmann
503b3b33fe qxl-render: add more sanity checks
Damn, the dirty rectangle values are signed integers.  So the checks
added by commit 788fbf042f are not good
enough, we also have to make sure they are not negative.

[ Note: There must be something broken in spice-server so we get
  negative values in the first place.  Bug opened:
  https://bugzilla.redhat.com/show_bug.cgi?id=1135372 ]

Cc: qemu-stable@nongnu.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2014-09-01 10:19:03 +02:00
Matthew Rosato
1def6656b6 sclp-s390: Add memory hotplug SCLPs
Add memory information to read SCP info and add handlers for
Read Storage Element Information, Attach Storage Element,
Assign Storage and Unassign Storage.

Signed-off-by: Matthew Rosato <mjrosato@linux.vnet.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2014-09-01 09:25:32 +02:00
Matthew Rosato
e7f1314f97 s390-virtio: Apply same memory boundaries as virtio-ccw
Although s390-virtio won't support memory hotplug, it should
enforce the same memory boundaries so that it can use shared codepaths
(like read_SCP_info).

Signed-off-by: Matthew Rosato <mjrosato@linux.vnet.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2014-09-01 09:25:32 +02:00
Matthew Rosato
b6fe01248e virtio-ccw: Include standby memory when calculating storage increment
When determining the memory increment size, use the maxmem size if
it was specified.

Signed-off-by: Matthew Rosato <mjrosato@linux.vnet.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2014-09-01 09:25:32 +02:00
Matthew Rosato
0844df77fd sclp-s390: Add device to manage s390 memory hotplug
Add sclpMemoryHotplugDev to contain associated data structures, etc.

Signed-off-by: Matthew Rosato <mjrosato@linux.vnet.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2014-09-01 09:25:32 +02:00
Peter Maydell
988f463614 Block pull request
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJUAKmWAAoJEJykq7OBq3PIryQIAI95aVunM1Z+bqEQiL9zE9kg
 FNyfFo90w38yJjbizHi38XcjLGoTfvAks3gXdE6qhp7k+HQdp6yVdKJK3cFYzGTs
 1OKrUrO+eSe7Qv+OHXtG8Fu7+WI8CzwsJZxUuQrgGcuYvryUdW2X6n/SQhoRDeyx
 6iYo7uBSo7f+TUMlvqsEz+NAi6EQ86iE75WDOO5/86TLBQruJXSkyyiWVwZxTT3P
 WCSuCWRLAKvlTgBZtX6n74r5GNoyM0ytvDc3+yzYXYVbjjdvoBqxxq/qXrPy0gs8
 BoKztYNTge2pL4SVvycyM9GOkaTa1N+rog6sKdhYWTXe3wd4QFNJ5axxWJiNNFU=
 =b0Vy
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

Block pull request

# gpg: Signature made Fri 29 Aug 2014 17:25:58 BST using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"

* remotes/stefanha/tags/block-pull-request: (35 commits)
  quorum: Fix leak of opts in quorum_open
  blkverify: Fix leak of opts in blkverify_open
  nfs: Fix leak of opts in nfs_file_open
  curl: Don't deref NULL pointer in call to aio_poll.
  curl: Allow a cookie or cookies to be sent with http/https requests.
  virtio-blk: allow drive_del with dataplane
  block: acquire AioContext in do_drive_del()
  linux-aio: avoid deadlock in nested aio_poll() calls
  qemu-iotests: add multiwrite test cases
  block: fix overlapping multiwrite requests
  nbd: Follow the BDS' AIO context
  block: Add AIO context notifiers
  nbd: Drop nbd_can_read()
  sheepdog: fix a core dump while do auto-reconnecting
  aio-win32: add support for sockets
  qemu-coroutine-io: fix for Win32
  AioContext: introduce aio_prepare
  aio-win32: add aio_set_dispatching optimization
  test-aio: test timers on Windows too
  AioContext: export and use aio_dispatch
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-29 18:40:04 +01:00
Stefan Hajnoczi
3255d1c21f virtio-blk: allow drive_del with dataplane
Now that drive_del acquires the AioContext we can safely allow deleting
the drive.  As with non-dataplane mode, all I/Os submitted by the guest
after drive_del will return EIO.

This patch makes hot unplug work with virtio-blk dataplane.  Previously
drive_del reported an error because the device was busy.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-29 16:01:48 +01:00
Sergey Fedorov
b52b81e44f hw/intc/arm_gic: honor target mask in gic_update()
Take IRQ target mask into account when determining the highest priority
pending interrupt.

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Message-id: 1407947471-26981-1-git-send-email-serge.fdrv@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-29 15:00:29 +01:00
Joel Schopp
d3579f362f aarch64: raise max_cpus to 8
I'm running on a system with 8 cpus and it would be nice to have qemu
support all of them.  The attached patch does that and has been tested.

That said, I'm not sure if 8 is enough or if we want to bump this even higher
now before systems with many more cpus come along. 255 anyone?

Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Joel Schopp <joel.schopp@amd.com>
Message-id: 20140819213304.19537.2834.stgit@joelaarch64.amd.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-29 15:00:29 +01:00
Adam Lackorzynski
93b5f6f1a6 arm_gic: Use GIC_NR_SGIS constant
Use constant rather than a plain number.

Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Adam Lackorzynski <adam@os.inf.tu-dresden.de>
Message-id: 1408372255-12358-5-git-send-email-adam@os.inf.tu-dresden.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-29 15:00:29 +01:00
Adam Lackorzynski
de7a900f0c arm_gic: Do not force PPIs to edge-triggered mode
Only SGIs must be WI, done by forcing them to their default
(edge-triggered).

Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Adam Lackorzynski <adam@os.inf.tu-dresden.de>
Message-id: 1408372255-12358-4-git-send-email-adam@os.inf.tu-dresden.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-29 15:00:28 +01:00
Adam Lackorzynski
24b790df43 arm_gic: GICD_ICFGR: Write model only for pre v1 GICs
Setting the model is only available in pre-v1 GIC models.

Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Adam Lackorzynski <adam@os.inf.tu-dresden.de>
Message-id: 1408372255-12358-3-git-send-email-adam@os.inf.tu-dresden.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-29 15:00:28 +01:00
Adam Lackorzynski
71a62046ae arm_gic: Fix read of GICD_ICFGR
The GICD_ICFGR register covers 4 interrupts per byte.

Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Adam Lackorzynski <adam@os.inf.tu-dresden.de>
Message-id: 1408372255-12358-2-git-send-email-adam@os.inf.tu-dresden.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-29 15:00:28 +01:00
Peter Maydell
d9aa688557 usb: bugfix collection.
usb: add cleanup functions for host adapters,
      in preparation for hotplug support.
 usb: add simple qtests for uhci,ohci,xhci.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJUAGpkAAoJEEy22O7T6HE4yrgP/0KoSBWFeBaNmHjsNiZfhn4L
 U88yj3k4Kn5DEXAzy4FG+dKuCcoV1nImvQMWvcY/f4gz+ZJtsIZ/zBfpjVJF9Yhc
 u9hS++oWQqxffxuxqmInnEN9DdybVqeLUlv410k6SR3YTbDY0PeaCMkfgkkI/Gio
 lesobOZxJHhY1jpLTTmeCru1SMGhSP2rUoJs07WAW358V96euhzxIio3CWaX65e9
 VoLd9svMFW1txOoxApMtlydgPUclULNgyytlX2D9QhvOCcBm55YRk2GKfwfmIl94
 3g/kXbu9OmL0NDBeJORRDpjc43p2aWWB+WFTyKOj0/g1poVCiBZta7Qaseap2UJw
 FhD9eeTOh7QrPkqjCvfjQVO4f/V8VfnkDjzhMZWaPIks4/Ja9r/rOA52iG8GVRW6
 i5s69SUXqEmJRTh0jfnOrLoZRWaZAMvxkCPmQ2ktgUy8Kp7gjvhD3QCuj7gmlHP4
 5Itjnxa6gS2YPmB+a+nn/3XLSg/BtpgYc78GvPDRjUGyOrakcDukKQ+woBOJ2pM1
 nZxTT5VDH6FlQalAUNjmcIpq+yV1KWCdD47Ud+Ph2RVlgqE0ODO0m6j9o+zDFi5i
 +fJhhS6o8Zg4FL3QyqSSrD6w/T47ArjwwROhYUPk7+zZxtZ/RcCM6I6ewx2Xcy9M
 PjoifPFx80SK/7Bjyd7p
 =9/+s
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20140829-1' into staging

usb: bugfix collection.
usb: add cleanup functions for host adapters,
     in preparation for hotplug support.
usb: add simple qtests for uhci,ohci,xhci.

# gpg: Signature made Fri 29 Aug 2014 12:56:20 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-usb-20140829-1:
  tests: add xHCI qtest
  tests: add UHCI qtest
  tests: add OHCI qtest
  usb: add usb host adapters exit trace
  usb-xhci: add exit function
  usb-ehci: add ehci-pci device exit function
  usb-ehci: add ehci unrealize funciton
  usb-ehci: add vmstate properity for EHCIState
  usb-uhci: clean up uhci resource when pci-uhci exit
  usb-ohci: add exit function
  usb-ohci: Fix memory leak for ohci timer
  usb: add usb_bus_release function
  Revert "xhci: Fix number of streams allocated when using streams"
  xhci: use (1u << i)
  Fix OHCI ISO TD state never being written back.
  xhci: fix debug print compiling error
  usb: Fix bootindex for portnr > 9

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-29 13:08:04 +01:00
Gonglei
d733f74c33 usb: add usb host adapters exit trace
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:52:14 +02:00
Gonglei
53c30545fb usb-xhci: add exit function
clean up xhci resource when xhci pci device exit.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:52:14 +02:00
Gonglei
96e14926c6 usb-ehci: add ehci-pci device exit function
clean up ehci resource when ehci pci device exit.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:52:14 +02:00
Gonglei
4e130cf6a8 usb-ehci: add ehci unrealize funciton
cleanup ehci controller resource, both pci and sysbus
if they're necessary.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:52:14 +02:00
Gonglei
05a36991c5 usb-ehci: add vmstate properity for EHCIState
since hotunplug the ehci host adapter, we should
delete vm_change_state_handler also, so the
VMChangeStateEntry should be saved in EHCIState.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:52:14 +02:00
Gonglei
3a3464b000 usb-uhci: clean up uhci resource when pci-uhci exit
clean up uhci resource when uhci pci device exit.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:52:13 +02:00
Gonglei
07832c38d3 usb-ohci: add exit function
clean up ohci resource when ohci pci device exit.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:52:13 +02:00
Gonglei
80be63df5a usb-ohci: Fix memory leak for ohci timer
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:51:44 +02:00
Gonglei
e5a9bece9b usb: add usb_bus_release function
add global variables releasing logic when the usb buses
were removed or hot-unpluged.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:51:44 +02:00
Gerd Hoffmann
f90e160b50 Revert "xhci: Fix number of streams allocated when using streams"
This reverts commit d063c3112c.

"2 << x" is the same as "2 ^ (x + 1)", so the old code is correct.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:51:44 +02:00
Gerd Hoffmann
3d80365b55 xhci: use (1u << i)
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-29 12:51:43 +02:00
Jack Un
cae7f29c47 Fix OHCI ISO TD state never being written back.
There appears to be typo in OHCI with isochronous transfers
resulting in isoch. transfer descriptor state never being written back.
The'put_words' function is in a OR statement hence it is never called.

Signed-off-by: Jack Un <jack.un@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:51:43 +02:00
Gonglei
8c244210d8 xhci: fix debug print compiling error
after commit 003e15a180
the DPRINTF will broke compiling, adjust its location.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:51:43 +02:00
Markus Armbruster
830cd54fca usb: Fix bootindex for portnr > 9
We identify devices by their Open Firmware device paths.  The encoding
of the host controller and hub port numbers is incorrect:
usb_get_fw_dev_path() formats them in decimal, while SeaBIOS uses
hexadecimal.  When some port number > 9, SeaBIOS will miss the
bootindex (lucky case), or apply it to another device (unlucky case).

The relevant spec[*] agrees with SeaBIOS (and OVMF, for that matter).
Change %d to %x.

Bug can bite only with host controllers or hubs sporting more than ten
ports.  I'm not aware of any.

[*] Open Firmware Recommended Practice: Universal Serial Bus,
Version 1, Section 3.2.1 Device Node Address Representation
http://www.openfirmware.org/1275/bindings/usb/usb-1_0.ps

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

Note: xhci can be configured with up to 15 ports (default is 4 ports).

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29 12:51:43 +02:00
Markus Armbruster
28fa7133b8 ide: Fix bootindex for bus_id > 9
We identify devices by their Open Firmware device paths.  The encoding
of bus numbers is incorrect: idebus_get_fw_dev_path() formats them in
decimal, while SeaBIOS uses hexadecimal.  With bus number > 9, SeaBIOS
will miss the bootindex (lucky case), or apply it to another device
(unlucky case).

Bug can't bite right now: ich9-ahci has six ports, and the sysbus-ahci
created by Calxeda Highbank has just one.

Fix it anyway, by changing %d to %x.

I couldn't find an Open Firmware spec covering this.  For what it's
worth, OVMF agrees with SeaBIOS.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-29 10:46:57 +01:00
Le Tan
b5a280c008 intel-iommu: add IOTLB using hash table
Add IOTLB to cache information about the translation of input-addresses. IOTLB
use a GHashTable as cache. The key of the hash table is the logical-OR of gfn
and source id after left-shifting.

Signed-off-by: Le Tan <tamlokveer@gmail.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-28 23:10:22 +02:00
Le Tan
d92fa2dc6e intel-iommu: add context-cache to cache context-entry
Add context-cache to cache context-entry encountered on a page-walk. Each
VTDAddressSpace has a member of VTDContextCacheEntry which represents an entry
in the context-cache. Since devices with different bus_num and devfn have their
respective VTDAddressSpace, this will be a good way to reference the cached
entries.
Each VTDContextCacheEntry will have a context_cache_gen and the cached entry
is valid only when context_cache_gen equals IntelIOMMUState.context_cache_gen.

Signed-off-by: Le Tan <tamlokveer@gmail.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-28 23:10:22 +02:00
Le Tan
ed7b8fbcfb intel-iommu: add supports for queued invalidation interface
Add supports for queued invalidation interface, an expended invalidation
interface with extended capabilities.

Signed-off-by: Le Tan <tamlokveer@gmail.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-28 23:10:22 +02:00
Le Tan
ac40aa1540 intel-iommu: fix coding style issues around in q35.c and machine.c
Fix coding style issues around in hw/pci-host/q35.c and hw/core/machine.c.

Signed-off-by: Le Tan <tamlokveer@gmail.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-28 23:10:22 +02:00
Le Tan
a52a7fdfa7 intel-iommu: add Intel IOMMU emulation to q35 and add a machine option "iommu" as a switch
Add Intel IOMMU emulation to q35 chipset and expose it to the guest.
1. Add a machine option. Users can use "-machine iommu=on|off" in the command
line to enable/disable Intel IOMMU. The default is off.
2. Accroding to the machine option, q35 will initialize the Intel IOMMU and
use pci_setup_iommu() to setup q35_host_dma_iommu() as the IOMMU function for
the pci bus.
3. q35_host_dma_iommu() will return different address space according to the
bus_num and devfn of the device.

Signed-off-by: Le Tan <tamlokveer@gmail.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-28 23:10:22 +02:00
Le Tan
d4eb911935 intel-iommu: add DMAR table to ACPI tables
Expose Intel IOMMU to the BIOS. If object of TYPE_INTEL_IOMMU_DEVICE exists,
add DMAR table to ACPI RSDT table. For now the DMAR table indicates that there
is only one hardware unit without INTR_REMAP capability on the platform.

Signed-off-by: Le Tan <tamlokveer@gmail.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-28 23:10:22 +02:00
Le Tan
1da12ec4c8 intel-iommu: introduce Intel IOMMU (VT-d) emulation
Add support for emulating Intel IOMMU according to the VT-d specification for
the q35 chipset machine. Implement the logics for DMAR (DMA remapping) without
PASID support. The emulation supports register-based invalidation and primary
fault logging.

Signed-off-by: Le Tan <tamlokveer@gmail.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-28 23:10:22 +02:00
Le Tan
8d7b8cb9c2 iommu: add is_write as a parameter to the translate function of MemoryRegionIOMMUOps
Add a bool variable is_write as a parameter to the translate function of
MemoryRegionIOMMUOps to indicate the operation of the access. It can be
used for correct fault reporting from within the callback.
Change the interface of related functions.

Signed-off-by: Le Tan <tamlokveer@gmail.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-28 23:10:22 +02:00
Peter Maydell
a6aebb38ba SCSI patches include bug fixes from Fam and Peter, improved error
reporting from Fam and a fix for DPRINTF bitrot.  Memory patches try
 again to initialize name from the QOM name.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJT/zhXAAoJEBvWZb6bTYby/UMP/jyhrHAaCgPgrvM4bXzMXBoZ
 l4UQXSTAmhlpr/OUI9pgT/392IGNTkDZ3mJi0sqgG6p6egWUT6a4+lzJjlhExTJy
 K5GRkbgfj83nVI1Jr0uxs58dwM527IFc5RD2Fzz0QXJIMA+HDseLfSYfa3gxbdTU
 iU8fK4PG1usb8FMR+Rd7SzGgGbGhgs6KOar98izH9C+SsPtCIGEu86KW9EkCh2dZ
 t7RI9PAJZUA1Ci2GuFISAuxl08ZkfKo29fXfM0DsovbaQda2dph7j1y6sYqXYQBA
 jZW0BEedpC1PfbWEODU81PG5t4AH5AUNmrNIsG04NiDwcRzWQckA5/x6qHsdA/33
 N/GGzqfmLknvIPecuzmwmgRBVMzf+K0xXd+StSFJWR9dwP09Y0UfhdkuBsiqdd1a
 H+xtsDyBl9pR9VgqtetIq8uQf3fpiHSRUnh++YYU8V/uK2C8ZyTmYYBJNwk2FK6l
 2PBTD1Jsl0WYCZBScM0IK+BnDNDwrygdfAa2CF1KcfNHQSiHvjHIQwsVo6Lwev7i
 1eE6/0zQ7Yumi3LOSyUx3v6JwdKH1zsN3uIjlrg4SxpmgzK/vhwrtuJti4W7HpLd
 eHLHfszCWAmNO6zx0/bH44lPZNDBBFZeaZ+NVjW0nv7y3pAeLP3qyuY3pUsr+Suh
 0xRPwhfmoSz9CZ+5mAIX
 =iLTP
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

SCSI patches include bug fixes from Fam and Peter, improved error
reporting from Fam and a fix for DPRINTF bitrot.  Memory patches try
again to initialize name from the QOM name.

# gpg: Signature made Thu 28 Aug 2014 15:10:31 BST using RSA key ID 9B4D86F2
# gpg: Good signature from "Paolo Bonzini <pbonzini@redhat.com>"
# gpg:                 aka "Paolo Bonzini <bonzini@gnu.org>"

* remotes/bonzini/tags/for-upstream:
  memory: Lazy init name from QOM name as needed
  xen: hvm: Abstract away memory region name ref
  xen-hvm: Constify string
  virtio-scsi: Report error if num_queues is 0 or too large
  scsi-generic: remove superfluous DPRINTF avoid to break compiling
  block/iscsi: fix memory corruption on iscsi resize
  scsi-bus: Convert DeviceClass init to realize
  block: Pass errp in blkconf_geometry

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-28 17:08:13 +01:00
Peter Maydell
38a01e55d2 Mostly bugfixes + Alexey's interface-based implementation
of the NMI monitor command.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJT/zeaAAoJEBvWZb6bTYby/QQP/0QjyI70Jri2/CyFQOVOEzau
 W79N1k7IjHaGQQau0Vu3GjhI0P7rhJ/xL789otr8f1oeBbM6c9n78mKf3sTXJ5RS
 u+7aVRyJtDYyzIc7FWigUiMUqaIXELHkv8FdA59F1eq0tvszjBi2xPf5RlRwq/9d
 vGD10ZubM/dY61lWUqxmgXp9gg/2Ewdm9vCZ7rBbzvAFg6ASreUXJ0/PUUU/lA6L
 5JmfgQJg8ZtbEViTaVtEhpUlkOS6d0c6jnb8T1USLErwH/GUGS9AJba+/3WD+fKr
 Z37rZeB6Wl6bc0ZNjEliDSmcr+tetfz4A3j+mCUEksgnvL6o83bHkcIHPMDO9cvf
 lZ5csWiZaD7wqNUjI1pI4hpbKPPrsu+inypJnjmrd29roQ7tHsGzEIatN8922M3k
 PjnGL5VwQuFfKyndRJF8TfKKA465k+id2t6XSbEdU2m08thFDG2HZnGSCoDLs6Mz
 rEm4RK42AtdFdybrsirVofdKEJU5XmYRy612ZUSRd5Ki4PWk9UESMVvBrs0MZfep
 mVCak7tYKWHmll628xS+WM3qU8VyDpsQD5o8FuW6c1R9Rhs0VxJBcve4oapkm53P
 DXIYnFPImpmoEHltCOxx+07rf4g1O5O4r8gTdsE8xEjDBWelOUQWIuws25X+6tvW
 OZ7UglgB5bf0e3EIi0Ms
 =tbi2
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kvm/tags/for-upstream' into staging

Mostly bugfixes + Alexey's interface-based implementation
of the NMI monitor command.

# gpg: Signature made Thu 28 Aug 2014 15:07:22 BST using RSA key ID 9B4D86F2
# gpg: Good signature from "Paolo Bonzini <pbonzini@redhat.com>"
# gpg:                 aka "Paolo Bonzini <bonzini@gnu.org>"

* remotes/kvm/tags/for-upstream:
  mc146818rtc: reinitialize irq_reinject_on_ack_count on reset
  target-i386: Add "tsc_adjust" CPU feature name
  target-i386: Add "mpx" CPU feature name
  vl: process -object after other backend options
  checkpatch.pl: adjust typedef definition to QEMU coding style
  x86: Clear MTRRs on vCPU reset
  x86: kvm: Add MTRR support for kvm_get|put_msrs()
  x86: Use common variable range MTRR counts
  target-i386: Don't forbid NX bit on PAE PDEs and PTEs
  spapr: Add support for new NMI interface
  s390x: Migrate to new NMI interface
  s390x: Convert QEMUMachine to MachineClass
  cpus: Define callback for QEMU "nmi" command
  kvm: run cpu state synchronization on target vcpu thread

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-28 16:07:23 +01:00
Paolo Bonzini
172dbc52b3 mc146818rtc: reinitialize irq_reinject_on_ack_count on reset
This field was forgotten, and it makes the state after reset
non-deterministic.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-27 17:54:52 +02:00
Fam Zheng
c9f6552803 virtio-scsi: Report error if num_queues is 0 or too large
No cmd vq surprises guest (Linux panics in virtscsi_probe), too many
queues abort qemu (in the following virtio_add_queue).

Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-26 13:20:44 +02:00
Gonglei
f93d2c15d6 scsi-generic: remove superfluous DPRINTF avoid to break compiling
variables lun and tag had been eliminated, break compiling
when enable debug switch. Meanwhile traces provide the same
information with this DPRINTF, so remove it.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-26 13:20:44 +02:00
Fam Zheng
a818a4b69d scsi-bus: Convert DeviceClass init to realize
Replace "init/destroy" with "realize/unrealize" in SCSIDeviceClass,
which has errp as a parameter. So all the implementations now use
error_setg instead of error_report for reporting error.

Also in scsi_bus_legacy_handle_cmdline, report the error when
initializing the if=scsi devices, before returning it, because in the
callee, error_report is changed to error_setg. And the callers don't
have the right locations (e.g. "-drive if=scsi").

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-26 13:20:44 +02:00
Fam Zheng
5ff5efb46c block: Pass errp in blkconf_geometry
This allows us to pass error information to caller.

Reviewed-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-26 13:20:44 +02:00
Peter Maydell
c47c61be8d VFIO: Enable primary NVIDIA quirk regardless of VGA support
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJT+46hAAoJECObm247sIsiUSEQAK51PswOcAoRoxLQfxXWLACh
 AG9n0cGxa8mMvAGSwzCxeAwQTOux9/i12HYal6xLviod0/rpf7FFJu48r/lGBgFV
 zbl81rcbxgLbkHhmR3rPW7u7q3NscBRInaGYgHiKQ7Iibb97NzjrLIMfezuh5ZNy
 ub5Q19r4DDBRskOb+y89qYs0QA2J1ZaLy6Q25lqqQWbMUSoOsgNGkdAfmKss6fBc
 VYHPkXKooN4xKNCOiIbkokyrzv8/2CgyciY2bk4YWqWTuJw4RHgUxXI+kMhV0sTx
 pCHJtp+wlOVSawyDNl9pp9rC0A0SsR4X4olNSJCQjyIx50NNPulAQDfzUbqyD69u
 99eF0tpay3C5e5+OyXEOI6n64ha8xtQcgbFG+Fxchm+XmvHLNZurdmunTK7agq6H
 ZS1N6veogyLu0SnvQ24vg65Hf7kzY6B8Kl+jds6a031lhTnEJkGXGQ+IpovqHmxr
 Ys2wc8qjsU3syqFyZhqQPkObmqriaU1kZ8nUPFU8Pb0HlwZCZeM7zOosVE+/5Jpm
 KPheoSXCcbx3yWnG975SE9912rj2aFQ5C4Fok6mLHqSrpUxykaBzuDneWhYyL5Qe
 JUL986U1U+hZns2gvRBINNOYXasubuu/lQt2fKYNS4jU+J8iomwFvOLhZwTynz67
 3RVsn/j0s2zsvW04Z8/+
 =uRfm
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/awilliam/tags/vfio-pci-for-qemu-20140825.0' into staging

VFIO: Enable primary NVIDIA quirk regardless of VGA support

# gpg: Signature made Mon 25 Aug 2014 20:29:37 BST using RSA key ID 3BB08B22
# gpg: Can't check signature: public key not found

* remotes/awilliam/tags/vfio-pci-for-qemu-20140825.0:
  vfio: Enable NVIDIA 88000 region quirk regardless of VGA

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-26 10:42:06 +01:00
Alex Williamson
fe08275db9 vfio: Enable NVIDIA 88000 region quirk regardless of VGA
If we make use of OVMF for the BIOS then we can use GPUs without VGA
space access, but we still need this quirk.  Disassociate it from the
x-vga option and enable it on all NVIDIA VGA display class devices.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-08-25 12:10:15 -06:00
Peter Maydell
a44a12b78a pci, pc fixes, features
A bunch of bugfixes - these will make sense for 2.1.1
 
 ACPI support for TPM and partial ARI support for PCIE.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJT+mRDAAoJECgfDbjSjVRpNisIAIU4TriYRVG6gQBGIatvdJdg
 +2ZAiJEAiUQlCIfBvyofwmpiVjkrnFlinmbBeuoSOxTFtuHjFxW+N8uAD93/OiNj
 wHsruVz5ReHov3l3SWQBYkJAEFCYw0yKXPqMkqFj9Y5Dq2uWv+IcceJsBwCn+LQI
 WtEoYtJMhcmAove27tioT7yhEL7x7pF3StMDX9gjRpml4KxA2himgPcrkyq6wjDk
 Qg3zNEQNpehLkHJLFHEGzwrYUgY2xSfAl7dUCQ+pVXttaEion49/KclBz0aWkt0U
 QUQCELCfeRf9Od3Gh4IDUIjTJyBhBtNnJo5+YcK6yYu/JsaVJ1hTSnDtqCq7udo=
 =FjrT
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

pci, pc fixes, features

A bunch of bugfixes - these will make sense for 2.1.1

ACPI support for TPM and partial ARI support for PCIE.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Sun 24 Aug 2014 23:16:35 BST using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"

* remotes/mst/tags/for_upstream:
  pcie: fix trailing whitespace
  ioh3420: Enable ARI forwarding
  ioh3420: Remove obsoleted, unused ioh3420_init function
  pcie: Rename the pcie_cap_ari_* functions to pcie_cap_arifwd_*
  pcie: Fix incorrect write to the ari capability next function field
  ssdt-tpm: add generated hex file to git
  Add ACPI tables for TPM
  pc: reserve more memory for ACPI for new machine types
  pcihp: fix possible array out of bounds
  pci_bridge: manually destroy memory regions within PCIBridgeWindows
  hostmem: set MPOL_MF_MOVE

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-25 18:49:25 +01:00
Alexey Kardashevskiy
3431648272 spapr: Add support for new NMI interface
This implements an NMI interface POWERPC SPAPR machine.
This enables an "nmi" HMP/QMP command supported on SPAPR.

This calls POWERPC_EXCP_RESET (vector 0x100) in the guest to deliver NMI
to every CPU. The expected result is XMON (in-kernel debugger) invocation.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-25 13:25:16 +02:00
Alexey Kardashevskiy
3dd7852f19 s390x: Migrate to new NMI interface
This implements an NMI interface for s390 and s390-ccw machines.

This removes #ifdef s390 branch in qmp_inject_nmi so new s390's
nmi_monitor_handler() callback is going to be used for NMI.

Since nmi_monitor_handler()-calling code is platform independent,
CPUState::cpu_index is used instead of S390CPU::env.cpu_num.
There should not be any change in behaviour as both @cpu_index and
@cpu_num are global CPU numbers.

Note that s390_cpu_restart() already takes care of the specified cpu,
so we don't need to schedule via async_run_on_cpu().

Since the only error s390_cpu_restart() can return is ENOSYS, convert
it to QERR_UNSUPPORTED.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-25 13:25:16 +02:00
Alexey Kardashevskiy
d07aa7c7bb s390x: Convert QEMUMachine to MachineClass
This converts s390-virtio and s390-ccw-virtio machines to QOM MachineClass.
This brings ability to add interfaces to the machine classes. The first
interface for addition will be NMI.

The patch is mechanical so no change in behavior is expected.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-25 13:25:16 +02:00
Alexey Kardashevskiy
9cb805fd26 cpus: Define callback for QEMU "nmi" command
This introduces an NMI (Non Maskable Interrupt) interface with
a single nmi_monitor_handler() method. A machine or a device can
implement it. This searches for an QOM object with this interface
and if it is implemented, calls it. The callback implements an action
required to cause debug crash dump on in-kernel debugger invocation.
The callback returns Error**.

This adds a nmi_monitor_handle() helper which walks through
all objects to find the interface. The interface method is called
for all found instances.

This adds support for it in qmp_inject_nmi(). Since no architecture
supports it at the moment, there is no change in behaviour.

This changes inject-nmi command description for HMP and QMP.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-25 13:25:16 +02:00
Michael S. Tsirkin
187de915e8 pcie: fix trailing whitespace
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-25 00:16:07 +02:00
Knut Omang
a74b870270 ioh3420: Enable ARI forwarding
Signed-off-by: Knut Omang <knut.omang@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-25 00:16:06 +02:00
Knut Omang
0f9b1771cc ioh3420: Remove obsoleted, unused ioh3420_init function
Signed-off-by: Knut Omang <knut.omang@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-25 00:16:06 +02:00
Knut Omang
821be9dbb2 pcie: Rename the pcie_cap_ari_* functions to pcie_cap_arifwd_*
Rename helper functions to make a clearer distinction between
the PCIe capability/control register feature ARI forwarding and a
device that supports the ARI feature via an ARI extended PCIe capability.

Signed-off-by: Knut Omang <knut.omang@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-25 00:16:06 +02:00
Knut Omang
ec70b46bab pcie: Fix incorrect write to the ari capability next function field
PCI_ARI_CAP_NFN, a macro for reading next function was used instead of
the intended write.

Signed-off-by: Knut Omang <knut.omang@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-25 00:16:06 +02:00
Michael S. Tsirkin
cec391d752 ssdt-tpm: add generated hex file to git
Needed for systems without IASL.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-25 00:16:06 +02:00
Stefan Berger
711b20b479 Add ACPI tables for TPM
Add an SSDT ACPI table for the TPM device.
Add a TCPA table for BIOS logging area when a TPM is being used.

The latter follows this spec here:

http://www.trustedcomputinggroup.org/files/static_page_files/DCD4188E-1A4B-B294-D050A155FB6F7385/TCG_ACPIGeneralSpecification_PublicReview.pdf

This patch has Michael Tsirkin's patches folded in.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-25 00:16:06 +02:00
Michael S. Tsirkin
927766c7d3 pc: reserve more memory for ACPI for new machine types
commit 868270f23d
    acpi-build: tweak acpi migration limits
broke kernel loading with -kernel/-initrd: it doubled
the size of ACPI tables but did not reserve
enough memory.

As a result, issues on boot and halt are observed.

Fix this up by doubling reserved memory for new machine types.

Cc: qemu-stable@nongnu.org
Reported-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-25 00:16:06 +02:00
Gonglei
fa365d7cd1 pcihp: fix possible array out of bounds
Prevent out-of-bounds array access on
acpi_pcihp_pci_status.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Cc: qemu-stable@nongnu.org
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
2014-08-25 00:16:06 +02:00
Paolo Bonzini
9f6b2f1c64 pci_bridge: manually destroy memory regions within PCIBridgeWindows
The regions are destroyed and recreated on configuration space accesses.
We need to destroy them before the containing PCIBridgeWindows object
is freed.

Reported-by: Gonglei <arei.gonglei@huawei.com>
Reported-by: Knut Omang <knut.omang@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-25 00:16:06 +02:00
Ben Draper
40a87c6c9b vmxnet3: Pad short frames to minimum size (60 bytes)
When running VMware ESXi under qemu-kvm the guest discards frames
that are too short. Short ARP Requests will be dropped, this prevents
guests on the same bridge as VMware ESXi from communicating. This patch
simply adds the padding on the network device itself.

Signed-off-by: Ben Draper <ben@xrsa.net>
Reviewed-by: Dmitry Fleytman <dmitry@daynix.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-08-24 17:11:08 +04:00
Peter Crosthwaite
6a07a695b0 dma: axidma: Variablise repeated s->streams[i] sub-expr
This have 6 inline usages. Make it a bit more readable by using a local
variable.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-08-24 13:16:32 +04:00
Peter Crosthwaite
f55f885267 microblaze: ml605: Get rid of ddr_base variable
It's a constant based on a macro. Just use the macro in place.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-08-24 13:16:32 +04:00
Peter Maydell
33886ebeec Block patches
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJT90oJAAoJEH8JsnLIjy/Wc5MP/igS9+mf96x2t6a3ayi6XPNN
 AiQDuZWhpRMWvxD7jWj0nUTvrRjMpsWDFXAU95SnhxznVVCqgfTsDr/fPLQt/aan
 S2yNTdSPmAmR1+e3WuK4uFPLwGcWSbemfpPPYd2e6+pEw8DN/zQ0+GXnXrPIKo3m
 SEmAGcwuvdKJCVhYxlJBS6lQtZwzV+JmtaR16ouCwdkctR/Y/SLyb7lOAqEcOBDP
 NY/ORgLtbz+qjOgvGIIT5nW68ALAFKx6tWaqnNm8QeEg2QLPJrtAkb9n1rSDl7F1
 AiTFTSgNjbLkhkap5sTvKy1e/yeIDM5wynfeqscQDd81QFPmIfQITUeD+cL+fgh2
 8EUWIgUpYCnzYCcO+DNL6ofEOGSF0hl8YULsGJv+KOLAqsTVTPQv6VNj5ltSKtGJ
 vlCkjRiAIqgQyXXSaJIn1pKLiLPJfrmaA4gJRccPnZycztc23/jumpfDNPipw4u9
 9hulLXQ2HkpGuqkBxsWS4rxv57gFle2Pdi+kyz+jmR17EHHwfyZHvXi0Grwsn6v1
 gDfGMCeLLzy0CNB4e+JaY3vLhw1p3P0yPH5ON875fSuorSnc6hxge7A28bBJCySU
 inCIDBalNXiQQlQGLV/48ZaF7kxbC6ywHs2ZBXwRU8377AnCIFOlGs0Obx/TWo8K
 Yq7RPwUipOOnrOoijIGn
 =tfGn
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block patches

# gpg: Signature made Fri 22 Aug 2014 14:47:53 BST using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"

* remotes/kevin/tags/for-upstream: (29 commits)
  qemu-img: Allow cache mode specification for amend
  qemu-img: Allow source cache mode specification
  vmdk: Use bdrv_nb_sectors() where sectors, not bytes are wanted
  blkdebug: Delete BH in bdrv_aio_cancel
  qemu-iotests: add test case 101 for short file I/O
  raw-posix: fix O_DIRECT short reads
  block/iscsi: fix memory corruption on iscsi resize
  block/vvfat.c: remove debugging code to reinit stderr if NULL
  iotests: Add test for image filename construction
  quorum: Implement bdrv_refresh_filename()
  nbd: Implement bdrv_refresh_filename()
  blkverify: Implement bdrv_refresh_filename()
  blkdebug: Implement bdrv_refresh_filename()
  block: Add bdrv_refresh_filename()
  virtio-blk: fix reference a pointer which might be freed
  virtio-blk: allow block_resize with dataplane
  block: acquire AioContext in qmp_block_resize()
  qemu-iotests: Fix 028 reference output for qed
  test-coroutine: test cost introduced by coroutine
  iotests: Add test for qcow2's cache options
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-22 16:12:51 +01:00
zhanghailiang
1bdb176ac5 virtio-blk: fix reference a pointer which might be freed
In function virtio_blk_handle_request, it may freed memory pointed by req,
So do not access member of req after calling this function.

Cc: qemu-stable@nongnu.org
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-08-20 11:57:05 +02:00
Stefan Hajnoczi
466560b9fc virtio-blk: allow block_resize with dataplane
Now that block_resize acquires the AioContext we can safely allow
resizing the disk.

Reported-by: Andrey Korolyov <andrey@xdel.ru>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-08-20 11:53:52 +02:00
Markus Armbruster
d4df3dbc02 block: Drop some superfluous casts from void *
They clutter the code.  Unfortunately, I can't figure out how to make
Coccinelle drop all of them, so I have to settle for common special
cases:

    @@
    type T;
    T *pt;
    void *pv;
    @@
    - pt = (T *)pv;
    + pt = pv;
    @@
    type T;
    @@
    - (T *)
      (\(g_malloc\|g_malloc0\|g_realloc\|g_new\|g_new0\|g_renew\|
	 g_try_malloc\|g_try_malloc0\|g_try_realloc\|
	 g_try_new\|g_try_new0\|g_try_renew\)(...))

Topped off with minor manual style cleanups.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-08-20 11:51:28 +02:00
Markus Armbruster
02c4f26b15 block: Use g_new() & friends to avoid multiplying sizes
g_new(T, n) is safer than g_malloc(sizeof(*v) * n) for two reasons.
One, it catches multiplication overflowing size_t.  Two, it returns
T * rather than void *, which lets the compiler catch more type
errors.

Perhaps a conversion to g_malloc_n() would be neater in places, but
that's merely four years old, and we can't use such newfangled stuff.

This commit only touches allocations with size arguments of the form
sizeof(T), plus two that use 4 instead of sizeof(uint32_t).  We can
make the others safe by converting to g_malloc_n() when it becomes
available to us in a couple of years.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-08-20 11:51:28 +02:00
Markus Armbruster
5839e53bbc block: Use g_new() & friends where that makes obvious sense
g_new(T, n) is neater than g_malloc(sizeof(T) * n).  It's also safer,
for two reasons.  One, it catches multiplication overflowing size_t.
Two, it returns T * rather than void *, which lets the compiler catch
more type errors.

Patch created with Coccinelle, with two manual changes on top:

* Add const to bdrv_iterate_format() to keep the types straight

* Convert the allocation in bdrv_drop_intermediate(), which Coccinelle
  inexplicably misses

Coccinelle semantic patch:

    @@
    type T;
    @@
    -g_malloc(sizeof(T))
    +g_new(T, 1)
    @@
    type T;
    @@
    -g_try_malloc(sizeof(T))
    +g_try_new(T, 1)
    @@
    type T;
    @@
    -g_malloc0(sizeof(T))
    +g_new0(T, 1)
    @@
    type T;
    @@
    -g_try_malloc0(sizeof(T))
    +g_try_new0(T, 1)
    @@
    type T;
    expression n;
    @@
    -g_malloc(sizeof(T) * (n))
    +g_new(T, n)
    @@
    type T;
    expression n;
    @@
    -g_try_malloc(sizeof(T) * (n))
    +g_try_new(T, n)
    @@
    type T;
    expression n;
    @@
    -g_malloc0(sizeof(T) * (n))
    +g_new0(T, n)
    @@
    type T;
    expression n;
    @@
    -g_try_malloc0(sizeof(T) * (n))
    +g_try_new0(T, n)
    @@
    type T;
    expression p, n;
    @@
    -g_realloc(p, sizeof(T) * (n))
    +g_renew(T, p, n)
    @@
    type T;
    expression p, n;
    @@
    -g_try_realloc(p, sizeof(T) * (n))
    +g_try_renew(T, p, n)

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-08-20 11:51:28 +02:00
Peter Crosthwaite
14a906f755 arm: stellaris: Remove misleading address_space_mem var
It's a MemoryRegion and not an AddressSpace. But since it's single use,
just inline the get_system_memory() call to the only usage to remove it.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: d6914047e10b956514cfaa5f391ef56c7d851b34.1408347860.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-19 19:02:40 +01:00
Peter Crosthwaite
6e9322dea3 arm: armv7m: Rename address_space_mem -> system_memory
This argument is a MemoryRegion and not an AddressSpace.

"Address space" means something quite different to "memory region"
in QEMU parlance so rename the variable to reduce confusion.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: f666cf7f2318d9b461b1e320a45bf0d82da9b7dd.1408347860.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-19 19:02:40 +01:00
Richard W.M. Jones
6f5d3cbe88 aarch64: Allow -kernel option to take a gzip-compressed kernel.
On aarch64 it is the bootloader's job to uncompress the kernel.  UEFI
and u-boot bootloaders do this automatically when the kernel is
gzip-compressed.

However the qemu -kernel option does not do this.  The following
command does not work:

  qemu-system-aarch64 [...] -kernel /boot/vmlinuz

because it tries to execute the gzip-compressed data.

This commit lets gzip-compressed kernels be uncompressed
transparently.

Currently this is only done when emulating aarch64.

Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1407831259-2115-3-git-send-email-rjones@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-19 19:02:40 +01:00
Richard W.M. Jones
235e74afcb loader: Add load_image_gzipped function.
As the name suggests this lets you load a ROM/disk image that is
gzipped.  It is uncompressed before storing it in guest memory.

Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1407831259-2115-2-git-send-email-rjones@redhat.com
[PMM: removed stray space before ')']
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-19 19:02:40 +01:00
Christoffer Dall
863714ba6c arm/virt: Use PSCI v0.2 function IDs in the DT when KVM uses PSCI v0.2
The current code supplies the PSCI v0.1 function IDs in the DT even when
KVM uses PSCI v0.2.

This will break guest kernels that only support PSCI v0.1 as they will
use the IDs provided in the DT.  Guest kernels with PSCI v0.2 support
are not affected by this patch, because they ignore the function IDs in
the device tree and rely on the architecture definition.

Define QEMU versions of the constants and check that they correspond to
the Linux defines on Linux build hosts.  After this patch, both guest
kernels with PSCI v0.1 support and guest kernels with PSCI v0.2 should
work.

Tested on TC2 for 32-bit and APM Mustang for 64-bit (aarch64 guest
only).  Both cases tested with 3.14 and linus/master and verified I
could bring up 2 cpus with both guest kernels.  Also tested 32-bit with
a 3.14 host kernel with only PSCI v0.1 and both guests booted here as
well.

Cc: qemu-stable@nongnu.org
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-19 19:02:25 +01:00
Christoffer Dall
a65c9c17ce target-arm: Rename QEMU PSCI v0.1 definitions
The function IDs for PSCI v0.1 are exported by KVM and defined as
KVM_PSCI_FN_<something>.  To build using these defines in non-KVM code,
QEMU defines these IDs locally and check their correctness against the
KVM headers when those are available.

However, the naming scheme used for QEMU (almost) clashes with the PSCI
v0.2 definitions from Linux so to avoid unfortunate naming when we
introduce local PSCI v0.2 defines, rename the current local defines with
QEMU_ prependend and clearly identify the PSCI version as v0.1 in the
defines.

Cc: qemu-stable@nongnu.org
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-19 19:02:03 +01:00
Peter Maydell
0e4a773705 SCSI changes that enable sending vendor-specific commands via virtio-scsi.
Memory changes for QOMification and automatic tracking of MR lifetime.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJT8et9AAoJEBvWZb6bTYbyIJAQAI3AlLSe27xWoUGfQUgWH30z
 Rt/pShHz3BJMfQpD79JfTH8u6uBpkQmKtflerNT7FhXN9ULDzNq+b/jRtke8nkuy
 ctCt05FhhK00rfWpUoRue4XiCuvbizBU7MK0DI3yCyNdXQyYnFvgnvsJtlqox8Zh
 J5HZcBJEmdCiWBxq7UPk0qBitp4PqNoy7jlD/Ex3m7fJN5WK2cyspQIT9zmhehVn
 B8Nwp+RitDDbXbwm0r18col5rFr/6Nj6+dW1gr+7sVJDLNsmJEqC2l3Kgk0wbPkG
 Uqwbih29me9PC9/L1VLGHY0ApKDQ8JGE0GrYgEg162hbhoxEHkjjoHMhDUfV6Pj8
 NkqcjjWl11UUhgkNqrGafayXbBVnOiEglxy8uXCeq14y9Xd/gjK9Fz6MQvRSOjms
 PFmaKknhdmpxh0DuZmTix7WBmKim8zOiCE0/vrAPvwx5L+d1bn5xh6yQvtVjBMpU
 Sru3Mhdm9bL9dUDBgOM/G6WCxSTVLBlExOblcYkQh03MfabD7bfplcrKYPXt5ull
 Y8YLjqkoIfoy5t0ErvtlpdBJjeEz99JXU+wLQ6NYHnzwzTV+oUtSaEph14mAFOcY
 XkFKdoPDI9PnyEfvy4193du8z/dSbhu7sWgHWbTCQyrcaNnSaVhlH43NUC+p23YN
 8vfEsVLd1X7MFkDBUmWp
 =M+/m
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

SCSI changes that enable sending vendor-specific commands via virtio-scsi.

Memory changes for QOMification and automatic tracking of MR lifetime.

# gpg: Signature made Mon 18 Aug 2014 13:03:09 BST using RSA key ID 9B4D86F2
# gpg: Good signature from "Paolo Bonzini <pbonzini@redhat.com>"
# gpg:                 aka "Paolo Bonzini <bonzini@gnu.org>"

* remotes/bonzini/tags/for-upstream:
  mtree: remove write-only field
  memory: Use canonical path component as the name
  memory: Use memory_region_name for name access
  memory: constify memory_region_name
  exec: Abstract away ref to memory region names
  loader: Abstract away ref to memory region names
  tpm_tis: remove instance_finalize callback
  memory: remove memory_region_destroy
  memory: convert memory_region_destroy to object_unparent
  ioport: split deletion and destruction
  nic: do not destroy memory regions in cleanup functions
  vga: do not dynamically allocate chain4_alias
  sysbus: remove unused function sysbus_del_io
  qom: object: move unparenting to the child property's release callback
  qom: object: delete properties before calling instance_finalize
  virtio-scsi: implement parse_cdb
  scsi-block, scsi-generic: implement parse_cdb
  scsi-block: extract scsi_block_is_passthrough
  scsi-bus: introduce parse_cdb in SCSIDeviceClass and SCSIBusInfo
  scsi-bus: prepare scsi_req_new for introduction of parse_cdb

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-19 13:00:57 +01:00
Amit Shah
d0a0bfe672 virtio-serial: search for duplicate port names before adding new ports
Before adding new ports to VirtIOSerial devices, check if there's a
conflict in the 'name' parameter.  This ensures two virtserialports with
identical names are not initialized.

Reported-by: <mazhang@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
2014-08-18 22:42:49 +05:30
Amit Shah
a1857ad1ac virtio-serial: create a linked list of all active devices
To ensure two virtserialports don't get added to the system with the
same 'name' parameter, we need to access all the ports on all the
devices added, and compare the names.

We currently don't have a list of all VirtIOSerial devices added to the
system.  This commit adds a simple linked list in which devices are put
when they're initialized, and removed when they go away.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
2014-08-18 22:42:37 +05:30
Peter Maydell
08ab59770d Merge remote-tracking branch 'remotes/mcayland/qemu-sparc' into staging
* remotes/mcayland/qemu-sparc:
  target-sparc64: implement Short Floating-Point Store Instructions
  apb: add IOMMU flush register implementation
  sun4u: switch second PCI-ebus bridge BAR over to PCI IO space

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-18 12:55:02 +01:00
Peter Maydell
da398fcc25 Block pull request
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJT7j2XAAoJEJykq7OBq3PIUL4H/11PwoUewF5hXqbsaTVbxLWK
 RdufFsy+31+FjM2JaGbJnGyuzRFOevx3SLllnASkltsC7AV+MlQw0qDfQ9MSvsT4
 wotQKEfwApleq7u4wp/zTCyNCDRyPTvIDboG2NB/BqHMjsaar2EX3yacSZ+Bv+WJ
 cj2OOK9OlHHy0fycx9POgx3RB+OSNvzPcJ2DaNMuDY/0/ss5i6r2aQOT5bgHFTNU
 JCAGYB1MJ1dMBqHnfWdsBHXTliPnYoGyYGTLcE2lHO9VBj1hOw867Iemz9mNLWg5
 LTWHLnYZLiUZIzGWlBrtnv4lgLsu2xtZCBuiMgDfl6zZtFhIR36SA1M8pdS2yMA=
 =3PII
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

Block pull request

# gpg: Signature made Fri 15 Aug 2014 18:04:23 BST using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"

* remotes/stefanha/tags/block-pull-request: (55 commits)
  qcow2: fix new_blocks double-free in alloc_refcount_block()
  image-fuzzer: Reduce number of generator functions in __init__
  image-fuzzer: Add generators of L1/L2 tables
  image-fuzzer: Add fuzzing functions for L1/L2 table entries
  docs: Expand the list of supported image elements with L1/L2 tables
  image-fuzzer: Public API for image-fuzzer/runner/runner.py
  image-fuzzer: Generator of fuzzed qcow2 images
  image-fuzzer: Fuzzing functions for qcow2 images
  image-fuzzer: Tool for fuzz tests execution
  docs: Specification for the image fuzzer
  ide: only constrain read/write requests to drive size, not other types
  virtio-blk: Correct bug in support for flexible descriptor layout
  libqos: Change free function called in malloc
  libqos: Correct mask to align size to PAGE_SIZE in malloc-pc
  libqtest: add QTEST_LOG for debugging qtest testcases
  ide: Fix segfault when flushing a device that doesn't exist
  qemu-options: add missing -drive discard option to cmdline help
  parallels: 2TB+ parallels images support
  parallels: split check for parallels format in parallels_open
  parallels: replace tabs with spaces in block/parallels.c
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-18 11:59:27 +01:00
Peter Crosthwaite
401cf7fdc4 loader: Abstract away ref to memory region names
Use the function provided rather than spying on the struct.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-18 12:06:21 +02:00
Paolo Bonzini
c54779f962 tpm_tis: remove instance_finalize callback
It is never used, since ISA device are not hot-unpluggable.

Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-18 12:06:21 +02:00
Paolo Bonzini
469b046ead memory: remove memory_region_destroy
The function is empty after the previous patch, so remove it.

Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-18 12:06:21 +02:00
Paolo Bonzini
d8d9581460 memory: convert memory_region_destroy to object_unparent
Explicitly call object_unparent in the few places where we
will re-create the memory region.  If the memory region is
simply being destroyed as part of device teardown, let QOM
handle it.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-18 12:06:20 +02:00
Paolo Bonzini
eed7930950 nic: do not destroy memory regions in cleanup functions
The memory regions should be destroyed in the unrealize function;
since these NICs are not even qdev-ified, they cannot be unplugged
and they do not have to do anything to destroy their memory regions.

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-17 23:25:24 +02:00
Paolo Bonzini
ad37168cbd vga: do not dynamically allocate chain4_alias
Instead, add a boolean variable to indicate the presence of the region.
This avoids a repeated malloc/free (later we can also avoid the
add_child/unparent by changing the offset/size of the alias).

Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-17 23:25:24 +02:00
Paolo Bonzini
1dd79a237e sysbus: remove unused function sysbus_del_io
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-17 23:25:24 +02:00
Mark Cave-Ayland
b87b0644bc apb: add IOMMU flush register implementation
The IOMMU flush register is a write-only register used to remove entries from the
hardware TLB. Allow guest writes to this register as a no-op, and return a value
of 0 for reads.

This fixes IOMMU DMA operations under NetBSD SPARC64.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
2014-08-17 13:13:01 +01:00
Mark Cave-Ayland
a1cf8be550 sun4u: switch second PCI-ebus bridge BAR over to PCI IO space
The ebus is the sun4u equivalent of the old ISA bus which is already mapped at
the beginning of PCI IO space within QEMU. NetBSD attempts to find the physical
addresses of devices connected to the ebus by parsing the BARs of the PCI-ebus
bridge and using the base address found by matching both the address space
type and range for a particular ebus address.

Since the second PCI-ebus bridge BAR is already aliased onto IO space, switch
the BAR over to match and reduce the size to 0x1000 which is enough to cover
all the legacy ioport devices whilst leaving the remaining IO space for other
PCI devices. This allows NetBSD SPARC64 to correctly detect and access devices
on the ebus.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
2014-08-17 13:12:52 +01:00
Peter Maydell
142f4ac5d5 trivial patches for 2014-08-15
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iQEcBAABAgAGBQJT7iN/AAoJEL7lnXSkw9fbgVcH/20bga0KUQ+FDMg7pr0jBK3J
 6d7DLwsmypEiKN8D7mQz/xDX4uwtWQu4PXERn8UEfE0xVrnNDGOYpYtj2kb7z3/T
 F33oosGHz9XKdhGg6x4ZLirhjJdVsj90SJ37D4haxFP5CeRjs8c3RFOekI0qwyXm
 /t+mDdWsADYaZ1WaFOo0kcNCROYudaRV2isubQFUqKgjWmIx+Y+2xSXtTWU3UAVx
 dDcEvTYdDNucor2kV1/F2iULHMXNOPjvvV59ARBkzTyaSday4waGptAOL9eQInSA
 DcJuRZwY2lpm1YuJN4b5UzZ849R3X9zA1vIW6aP+NcktLoKV/bu3qVwo0v5+LMs=
 =wZLU
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mjt/tags/trivial-patches-2014-08-15' into staging

trivial patches for 2014-08-15

# gpg: Signature made Fri 15 Aug 2014 16:13:03 BST using RSA key ID A4C3D7DB
# gpg: Good signature from "Michael Tokarev <mjt@tls.msk.ru>"
# gpg:                 aka "Michael Tokarev <mjt@corpit.ru>"
# gpg:                 aka "Michael Tokarev <mjt@debian.org>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 6EE1 95D1 886E 8FFB 810D  4324 457C E0A0 8044 65C5
#      Subkey fingerprint: 6F67 E18E 7C91 C5B1 5514  66A7 BEE5 9D74 A4C3 D7DB

* remotes/mjt/tags/trivial-patches-2014-08-15:
  ivshmem: check the value returned by fstat()
  l2cap: fix access to freed memory
  intc: i8259: Convert Array allocation to g_new0
  ppc: convert g_new(qemu_irq usages to g_new0
  ssi: xilinx_spi: Initialise CS GPIOs as NULL
  vl: free err
  qemu-options.hx: fix typo about l2tpv3
  vmxnet3: don't use 'Yoda conditions'
  vl: don't use 'Yoda conditions'
  spice: don't use 'Yoda conditions'
  don't use 'Yoda conditions'
  isa-bus: don't use 'Yoda conditions'
  audio: don't use 'Yoda conditions'
  usb: don't use 'Yoda conditions'
  CODING_STYLE: Section about conditional statement
  pci-host: update uncorresponding description
  pci-host: update obsolete reference about piix_pci.c
  qemu-options.hx: fix a typo of chardev
  memory: Update obsolete comment about AddrRange field type
  apic: Fix reported DFR content

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-15 18:44:48 +01:00
Michael Tokarev
d66168ed68 ide: only constrain read/write requests to drive size, not other types
Commit 58ac321135 introduced a check to ide dma processing which
constrains all requests to drive size.  However, apparently, some
valid requests (like TRIM) does not fit in this constraint, and
fails in 2.1.  So check the range only for reads and writes.

Cc: qemu-stable@nongnu.org
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:14 +01:00
Marc Marí
a83ceea8ff virtio-blk: Correct bug in support for flexible descriptor layout
Without this correction, only a three descriptor layout is accepted, and
requests with just two descriptors are not completed and no error message is
displayed.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Marc Marí <marc.mari.barcelo@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:14 +01:00
Kevin Wolf
f7f3ff1da0 ide: Fix segfault when flushing a device that doesn't exist
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:13 +01:00
Cornelia Huck
2f5f70fa5f dataplane: stop trying on notifier error
If we fail to set up guest or host notifiers, there's no use trying again
every time the guest kicks, so disable dataplane in that case.

Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:13 +01:00
Cornelia Huck
f9907ebc4c dataplane: fail notifier setting gracefully
The dataplane code is currently doing a hard exit if it fails to set
up either guest or host notifiers. In practice, this may mean that a
guest suddenly dies after a dataplane device failed to come up (e.g.,
when a file descriptor limit is hit for tne nth device).

Let's just try to unwind the setup instead and return.

Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:13 +01:00
Cornelia Huck
267e1a204c dataplane: print why starting failed
Setting up guest or host notifiers may fail, but the user will have
no idea why: Let's print the error returned by the callback.

Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:13 +01:00
Mark Cave-Ayland
271dddd133 cmd646: synchronise UDMA interrupt status with DMA interrupt status
Make sure that both registers are synchronised when being accessed through
PCI configuration space.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:13 +01:00
Mark Cave-Ayland
1d113ef874 cmd646: allow MRDMODE interrupt status bits clearing from PCI config space
Make sure that we also update the normal DMA interrupt status bits at the
same time, and alter the IRQ if being cleared accordingly.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:13 +01:00
Mark Cave-Ayland
dab91a1e13 cmd646: switch cmd646_update_irq() to accept PCIDevice instead of PCIIDEState
This is in preparation for adding configuration space accessors which accept
PCIDevice as a parameter.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:13 +01:00
Mark Cave-Ayland
5bbc0a703d cmd646: synchronise DMA interrupt status with UDMA interrupt status
Make sure that the standard DMA interrupt status bits reflect any changes made
to the UDMA interrupt status bits. The CMD646U2 datasheet claims that these
bits are equivalent, and they must be synchronised for guests that manipulate
both registers.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:13 +01:00
Mark Cave-Ayland
58f16a7b47 cmd646: add constants for CNTRL register access
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:13 +01:00
John Snow
552b48f44d q35: Enable the ioapic device to be seen by qtest.
Currently, the ioapic device can not be found in a qtest environment
when requesting "irq_interrupt_in ioapic" via the qtest socket.

By mirroring how the ioapic is added in i44ofx (hw/i440/pc_piix.c),
as a child of "q35," the device is able to be seen by qtest.

Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:12 +01:00
Paolo Bonzini
088415202b ahci: construct PIO Setup FIS for PIO commands
PIO commands should put a PIO Setup FIS in the receive area when data
transfer ends.  Currently QEMU does not do this and only places the
D2H FIS at the end of the operation.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:12 +01:00
Paolo Bonzini
c7e73adb48 ide: make all commands go through cmd_done
AHCI has code to fill in the D2H FIS trigger the IRQ all over the place.
Centralize this in a single cmd_done callback by generalizing the existing
async_cmd_done callback.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:12 +01:00
Paolo Bonzini
08ee9e3368 ide: stop PIO transfer on errors
This will provide a hook for sending the result of the command via the
FIS receive area.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:12 +01:00
Paolo Bonzini
1f88f77348 ahci: remove duplicate PORT_IRQ_* constants
These are defined twice, just use one set consistently.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:12 +01:00
Paolo Bonzini
fd648f10af ide: move retry constants out of BM_STATUS_* namespace
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:12 +01:00
Paolo Bonzini
7e2648df86 ide: move BM_STATUS bits to pci.[ch]
They are not used by AHCI, and should not be even available there.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:12 +01:00
Paolo Bonzini
0e7ce54cf5 ide: fold add_status callback into set_inactive
It is now called only after the set_inactive callback.  Put the two together.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:12 +01:00
Paolo Bonzini
0def37baf9 ide: remove wrong setting of BM_STATUS_INT
Similar to the case removed in commit 69c38b8 (ide/core: Remove explicit
setting of BM_STATUS_INT, 2011-05-19), the only remaining use of
add_status(..., BM_STATUS_INT) is for short PRDs.  The flag should
not be raised in this case.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:12 +01:00
Paolo Bonzini
4855b57639 ide: wrap start_dma callback
Make it optional and prepare for the next patches.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:12 +01:00
Paolo Bonzini
446351236b ide: simplify start_transfer callbacks
Drop the unused return value and make the callback optional.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:12 +01:00
Paolo Bonzini
c039cb1e5a ide: simplify async_cmd_done callbacks
Drop the unused return value.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:12 +01:00
Paolo Bonzini
829b933b70 ide: simplify set_inactive callbacks
Drop the unused return value and make the callback optional.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:12 +01:00
Paolo Bonzini
1374bec063 ide: simplify reset callbacks
Drop the unused return value and make the callback optional.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:12 +01:00
Paolo Bonzini
69f72a2221 ide: stash aiocb for flushes
This ensures that operations are completed after a reset

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 18:03:12 +01:00
Peter Maydell
f2c85a2f36 post-2.1 bugfixes
A bunch of fixes that missed 2.1 by a small margin.
 If we do 2.1.1, some of these would be good candidates,
 added Cc qemu-stable as appropriate.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJT7N69AAoJECgfDbjSjVRpiZMIALHrrgP2J4hNdX1xFQLCIDfL
 eOTks/UTf4GVnz7RxymkuXZS2A0LYkKJSqtcY2M4Q8F3rUWu2DHJVBwWuwYLODDQ
 uIzR4e+gAYtIyURziy0G9DSwfa9iBgvyQQ3BpCW3UNM1LWGlNWfQMTq+z+j1Wf87
 G60GV54hC21N0gTPh4TZPnzff9SKWsbA5NpHQcgTT+RJHtrT9K1P4W7t73rILKgV
 lO62prPrIT+O7mbv+/oR7k+xqy1WQSv8nC5xwOAdDDPOUp+DbjlHbGS1pG+E91Qn
 ZsEqzBtgw/ZelEUAQMwyONxR26CPAXiN9YdAx23s6nWZnnmy3SU9LZ4k2SniS60=
 =1242
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

post-2.1 bugfixes

A bunch of fixes that missed 2.1 by a small margin.
If we do 2.1.1, some of these would be good candidates,
added Cc qemu-stable as appropriate.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Thu 14 Aug 2014 17:07:25 BST using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"

* remotes/mst/tags/for_upstream:
  pc: Get rid of pci-info leftovers
  e1000: use symbolic constants to init phy ctrl & status registers
  e1000: correctly handle phy_ctrl reserved & self-clearing bits
  ivshmem: fix building when debug mode is enabled
  acpi: align RSDP
  numa: show hex number in error message for consistency and prefix them with 0x
  pc-dimm: fix up error message
  pc-dimm: validate node property
  hw:i386: typo fix: MEMORY_HOPTLUG_DEVICE -> MEMORY_HOTPLUG_DEVICE
  hw/audio/intel-hda: Fix MSI capability address
  pc: Create 2.2 machine type
  pci: Use bus master address space for delivering MSI/MSI-X messages

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-15 17:43:51 +01:00
Peter Maydell
5c6b3c50cc Tracing pull request
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJT6hhYAAoJEJykq7OBq3PIH44IAIC42HoYJFgE1RkLl/77PhpV
 WNNDJ/SIh/084PS6XKvHja0aUGjmQM/QmlCuV17MLp7ub1XeMDoncP9AnVhiWTyL
 a3c5TJw8OasBadffSFLXh5ZmW/fgkie+TjXIWud4dB+hZmd28uV46tLLRrJFJA6O
 uCpAKUUCVyN78LDhsGVUzZAYjXzeFQQ9Eq5z4dysfCO5x4y5rvcTs6MJ6X5vxUBP
 rF3RTKb5DmcFZvuOYJxVx9WiDOe6RiMS72sitQCszvGspmBtVP0CvJQnHu7nMOVf
 Ljti0XVui3t3Jto+DJSH4ki0i025MSetgAMhk1bYcVnK4XQ2t03DrQExOM+VjjM=
 =+ba+
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stefanha/tags/tracing-pull-request' into staging

Tracing pull request

* remotes/stefanha/tags/tracing-pull-request:
  virtio-rng: add some trace events
  trace: add some tcg tracing support
  trace: teach lttng backend to use format strings
  trace: [tcg] Include TCG-tracing header on all targets
  trace: [tcg] Include event definitions in "trace.h"
  trace: [tcg] Generate TCG tracing routines
  trace: [tcg] Include TCG-tracing helpers
  trace: [tcg] Define TCG tracing helper routine wrappers
  trace: [tcg] Define TCG tracing helper routines
  trace: [tcg] Declare TCG tracing helper routines
  trace: [tcg] Add 'tcg' event property
  trace: [tcg] Argument type transformation machinery
  trace: [tcg] Argument type transformation rules
  trace: [tcg] Add documentation
  trace: install simpletrace SystemTap tapset
  simpletrace: add simpletrace.py --no-header option
  trace: add tracetool simpletrace_stap format
  trace: extract stap_escape() function for reuse

Conflicts:
	Makefile.objs
2014-08-15 16:37:17 +01:00
zhanghailiang
5edbdbcdf8 ivshmem: check the value returned by fstat()
The function fstat() may fail, so check its return value.

Acked-by: Levente Kurusa <lkurusa@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-08-15 19:12:58 +04:00
zhanghailiang
2c145d7a73 l2cap: fix access to freed memory
Pointer 'ch' will be used in function 'l2cap_channel_open_req_msg' after
it was previously freed in 'l2cap_channel_open'.
Assigned it to NULL after it is freed.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-08-15 19:12:48 +04:00
Peter Crosthwaite
8945c7f754 intc: i8259: Convert Array allocation to g_new0
To be more array friendly and to indicate the IRQs are initially
disconnected.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-08-15 18:54:55 +04:00
Peter Crosthwaite
aa2ac1dac3 ppc: convert g_new(qemu_irq usages to g_new0
To indicate the IRQs are initially disconnected.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-08-15 18:54:50 +04:00
Peter Crosthwaite
c75f3c041a ssi: xilinx_spi: Initialise CS GPIOs as NULL
To properly indicate they are unconnected.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-08-15 18:54:40 +04:00
Gonglei
f7472ca405 vmxnet3: don't use 'Yoda conditions'
imitate nearby code about using '!value' or 'value == NULL'

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-08-15 18:54:07 +04:00
Gonglei
337a3e5c7d isa-bus: don't use 'Yoda conditions'
imitate nearby code about using '!value' or 'value == NULL'

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-08-15 18:54:06 +04:00
Gonglei
2ab5bf67b7 audio: don't use 'Yoda conditions'
imitate nearby code about using '!value' or 'value == NULL'

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-08-15 18:54:06 +04:00
Gonglei
d0657b2aab usb: don't use 'Yoda conditions'
imitate nearby code about using '!value' or 'value == NULL'

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-08-15 18:54:06 +04:00
Gonglei
30dc600bbf pci-host: update uncorresponding description
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-08-15 18:54:06 +04:00
Gonglei
ef9f7b587d pci-host: update obsolete reference about piix_pci.c
piix_pci.c has been renamed into piix.c at commit
c0907c9e64

update the obsolete reference.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-08-15 18:54:06 +04:00
Jan Kiszka
d6c140a771 apic: Fix reported DFR content
IA-32 SDM, Figure 10-14: Bits 27:0 are reserved as 1.

Fixes Jailhouse hypervisor start with in-kernel irqchips off.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-08-15 18:54:06 +04:00
Peter Maydell
f2fb1da941 Block patches
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJT7gYeAAoJEH8JsnLIjy/WWhoQAIcD8jfk/pl5tFXpayMLzDis
 ihaqYc9IJV29L+cIF0YFAclLkCKrmfJg49vhxomIq2WxxAZ9qX6lfi2V602qg51e
 wzxLcTA1eq15w1yTGDORPMStP8lAsxbMhd+37s33teMxukvLsEfiT0Tbd9GbfzYk
 jmQ4QYjw8nd/C1NEzR4TTcHmwXvbP0TjGTDhbcBzChB71zxe5q827y2J+I/ki+0A
 4MBvf6OCMSAbY5sQo01csXxNABkM/fw9BmNgml8G2a24eFRWg9VU4WuBYVlVys0S
 ZZAcc2KiUNs1Zp7SxrTpI8hR0+SsuabVMvAdW8oct/6BRaR4t6toIsoQs1qQuHRD
 l18ErqulJpCTP+eMbGNgXKAAYvmb9ylQGOX+mnz9fnNXF3dyLyu77fFtL3FxXedE
 KkcQyfFf1l5ENMw/DArzjqwdrHJgm9kcOE2lyAmbq2+Ad6kJqVTTWNR6hojIRx7G
 lo2Rn+VLpjnmX8XNTiQokNeMsqKbTAF2M8KwEyYNPEz6WkpRTVWJcy3Cp4fDF65L
 TaYsB7M1b30D7CFAZTBx76MLQirhzNq1XxJZlMafXSymfDryZVMrMWSjmlb2bmlX
 Fer7iFWpfA8BHI46sZ0NqoGcljKr811dTxAqvsoek5lP6Kn+xnSqjeHSRzqNUl4l
 EfQW7ZR1vlRoKtrGqNBQ
 =5w3j
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block patches

# gpg: Signature made Fri 15 Aug 2014 14:07:42 BST using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"

* remotes/kevin/tags/for-upstream: (59 commits)
  block: Catch !bs->drv in bdrv_check()
  iotests: Add test for image header overlap
  qcow2: Catch !*host_offset for data allocation
  qcow2: Return useful error code in refcount_init()
  mirror: Handle failure for potentially large allocations
  vpc: Handle failure for potentially large allocations
  vmdk: Handle failure for potentially large allocations
  vhdx: Handle failure for potentially large allocations
  vdi: Handle failure for potentially large allocations
  rbd: Handle failure for potentially large allocations
  raw-win32: Handle failure for potentially large allocations
  raw-posix: Handle failure for potentially large allocations
  qed: Handle failure for potentially large allocations
  qcow2: Handle failure for potentially large allocations
  qcow1: Handle failure for potentially large allocations
  parallels: Handle failure for potentially large allocations
  nfs: Handle failure for potentially large allocations
  iscsi: Handle failure for potentially large allocations
  dmg: Handle failure for potentially large allocations
  curl: Handle failure for potentially large allocations
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-15 14:49:50 +01:00
Gonglei (Arei)
8cced12143 xen_disk: fix possible null-ptr dereference
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-15 15:07:13 +02:00
Markus Armbruster
260cb1c409 pc: Get rid of pci-info leftovers
pc_fw_cfg_guest_info() never does anything, because has_pci_info is
always false.

Introduced in commit f8c457b "pc: pass PCI hole ranges to Guests",
disabled in commit 9604f70 "pc: disable pci-info for 1.6", and hasn't
been enabled since.  Obviously a dead end.  Get of it.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-14 13:22:25 +02:00
Gabriel L. Somlo
9616c29045 e1000: use symbolic constants to init phy ctrl & status registers
Signed-off-by: Gabriel Somlo <somlo@cmu.edu>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-14 13:22:25 +02:00
Gabriel L. Somlo
1195fed9e6 e1000: correctly handle phy_ctrl reserved & self-clearing bits
Make phyreg_writeops responsible for actually writing their
respective phy registers, rather than rely on set_mdic() to
do it on their behalf.

The only current instance of phyreg_writeops is set_phy_ctrl();
modify it to write the register on its own, while also correctly
handling reserved and self-clearing bits.

have_autoneg() does not need to check for MII_CR_RESTART_AUTO_NEG,
since the only time the flag comes into play is during set_phy_ctrl(),
and, following this patch, never actually gets written to the phy
control register.

Signed-off-by: Gabriel Somlo <somlo@cmu.edu>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-14 13:22:25 +02:00
Levente Kurusa
7f9efb6b80 ivshmem: fix building when debug mode is enabled
ivsmem_offset was removed, however this debug statement was not updated.
Modify the statement to fit the new mechanic.

Signed-off-by: Levente Kurusa <lkurusa@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-14 13:22:25 +02:00
Michael S. Tsirkin
d67aadccfa acpi: align RSDP
RSDP should be aligned at a 16-byte boundary.
This would by chance at the moment, fix up acpi build
to make it robust.

Cc: qemu-stable@nongnu.org
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2014-08-14 13:22:16 +02:00
Michael S. Tsirkin
988eba0f68 pc-dimm: fix up error message
- int should be printed using %d
- print actual wrong value for property

Cc: qemu-stable@nongnu.org
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-14 13:22:00 +02:00
Hu Tao
cfe0ffd027 pc-dimm: validate node property
If user specifies a node number that exceeds the available numa nodes in
emulated system for pc-dimm device, the device will report an invalid _PXM
to OSPM. Fix this by checking the node property value.

Cc: qemu-stable@nongnu.org
Signed-off-by: Hu Tao <hutao@cn.fujitsu.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-14 13:20:59 +02:00
Hu Tao
41d2f71376 hw:i386: typo fix: MEMORY_HOPTLUG_DEVICE -> MEMORY_HOTPLUG_DEVICE
Cc: qemu-stable@nongnu.org
Signed-off-by: Hu Tao <hutao@cn.fujitsu.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-14 13:20:49 +02:00
Jan Kiszka
d209c7440a hw/audio/intel-hda: Fix MSI capability address
According to ICH9 spec, the MSI capability is located at 0x60. This is
important for guest drivers that do not parse the capability chain and
use absolute addresses instead.

CC: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-14 13:20:49 +02:00
Jan Kiszka
f9f218730c pc: Create 2.2 machine type
Yet identical to 2.1.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-14 13:20:49 +02:00
Jan Kiszka
cc943c36fa pci: Use bus master address space for delivering MSI/MSI-X messages
The spec says (and real HW confirms this) that, if the bus master bit
is 0, the device will not generate any PCI accesses. MSI and MSI-X
messages fall among these, so we should use the corresponding address
space to deliver them. This will prevent delivery if bus master support
is disabled.

Cc: qemu-stable@nongnu.org
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-14 13:20:33 +02:00
Amit Shah
4ac4458076 virtio-rng: add some trace events
Add some trace events to virtio-rng for easier debugging

Signed-off-by: Amit Shah <amit.shah@redhat.com>

Reviewed-by: Amos Kong <akong@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-12 14:29:55 +01:00
Stefan Weil
f13bef9592 hw/timer: Move extern declaration from .c to .h file
This fixes a warning from smatch (static code analyser).

Fix also the comment with the renamed source file name.

Signed-off-by: Stefan Weil <sw@weilnetz.de>

 hw/timer/tusb6010.c |    3 ---
 include/hw/usb.h    |    7 ++++++-
 2 files changed, 6 insertions(+), 4 deletions(-)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-08-09 00:06:32 +04:00
Stefan Weil
0f03fb6094 virtio: Move extern declaration to header file
This fixes a warning from smatch (static code analyser).

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-08-09 00:06:32 +04:00
Michael Tokarev
203d65a470 hw/timer/imx_*: fix TIMER_MAX clash with system symbol
The symbol TIMER_MAX used in imx_epit.c and imx_gpt.c
clashes with system symbol with the same name.  Because
all qemu source files includes qemu-common.h which, in
turn, includes limits.h, which is not unusual to define
it.  Rename local symbol to have a reasonable prefix.

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-08-09 00:06:32 +04:00
Alex Williamson
9b3af4c0e4 vfio: Don't cache MSIMessage
Commit 40509f7f added a test to avoid updating KVM MSI routes when the
MSIMessage is unchanged and f4d45d47 switched to relying on this
rather than doing our own comparison.  Our cached msg is effectively
unused now.  Remove it.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-08-05 13:05:57 -06:00
Alex Williamson
c048be5cc9 vfio: Fix MSI-X vector expansion
When new MSI-X vectors are enabled we need to disable MSI-X and
re-enable it with the correct number of vectors.  That means we need
to reprogram the eventfd triggers for each vector.  Prior to f4d45d47
vector->use tracked whether a vector was masked or unmasked and we
could always pick the KVM path when available for unmasked vectors.
Now vfio doesn't track mask state itself and vector->use and virq
remains configured even for masked vectors.  Therefore we need to ask
the MSI-X code whether a vector is masked in order to select the
correct signaling path.  As noted in the comment, MSI relies on
hardware to handle masking.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Cc: qemu-stable@nongnu.org # QEMU 2.1
2014-08-05 13:05:52 -06:00
Peter Crosthwaite
9db11cef8c sd: sdhci: Fix ADMA dma_memory_read access
This dma_memory_read was giving too big a size when begin was non-zero.
This could cause segfaults in some circumstances. Fix.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-04 14:41:54 +01:00
Andrew Jones
fab4693239 hw/arm/virt: formatting: memory map
Add some spacing and zeros to make it easier to read and
modify the map. This patch has no functional changes. The
review looks ugly, but it's actually pretty easy to confirm
all the addresses are as they should be - thanks to the new
formatting ;-)

Signed-off-by: Andrew Jones <drjones@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-04 14:41:53 +01:00
Peter Maydell
a9047ec3f6 hw/arm/boot: Set PC correctly when loading AArch64 ELF files
The code in do_cpu_reset() correctly handled AArch64 CPUs
when running Linux kernels, but was missing code in the
branch of the if() that deals with loading ELF files.
Correctly jump to the ELF entry point on reset rather than
leaving the reset PC at zero.

Reported-by: Christopher Covington <cov@codeaurora.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Christopher Covington <cov@codeaurora.org>
Cc: qemu-stable@nongnu.org
2014-08-04 14:41:53 +01:00
Peter Maydell
924c09db51 Merge remote-tracking branch 'remotes/amit-virtio-rng/for-2.2' into staging
* remotes/amit-virtio-rng/for-2.2:
  virtio-rng: replace error_set calls with error_setg
  virtio-rng: Move error-checking forward to prevent memory leak

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-04 13:07:02 +01:00
John Snow
c617dd3b7e virtio-rng: replace error_set calls with error_setg
Under recommendation from Luiz Capitulino, we are changing
the error_set calls to error_setg while we are fixing up
the error handling pathways of virtio-rng.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
2014-08-04 14:50:11 +05:30
John Snow
1efd6e072c virtio-rng: Move error-checking forward to prevent memory leak
This patch pushes the error-checking forward and the virtio
initialization backward in the device realization function
in order to prevent memory leaks for hot plug scenarios.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
2014-08-04 14:49:53 +05:30
Chunyan Liu
b33a5bbfba qemu: support xen hvm direct kernel boot
qemu side patch to support xen HVM direct kernel boot:
if -kernel exists, calls xen_load_linux(), which will read kernel/initrd
and add a linuxboot.bin or multiboot.bin option rom. The
linuxboot.bin/multiboot.bin will load kernel/initrd and jump to execute
kernel directly. It's working when xen uses seabios.

During this work, found the 'kvmvapic' is in option_rom list, it should
not be there in xen case. Set s->vapic_control = 0 in xen_apic_realize()
to handle that.

Signed-off-by: Chunyan Liu <cyliu@suse.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-01 15:58:12 +00:00
Andrew Jones
1373e140f0 hw/arm/virt: fix pl031 addr typo
pl031's base address should be 0x9010000, not 0x90010000, otherwise
it sits in ram when configuring a guest with greater than 1G.

Signed-off-by: Andrew Jones <drjones@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-07-29 17:40:42 +01:00
Paolo Bonzini
33cbb2c546 virtio-scsi: implement parse_cdb
Enable passthrough of vendor-specific commands.

Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-07-29 17:36:38 +02:00
Paolo Bonzini
3e7e180ab3 scsi-block, scsi-generic: implement parse_cdb
The callback lets the bus provide the direction and transfer count
for passthrough commands, enabling passthrough of vendor-specific
commands.

Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-07-29 17:36:33 +02:00
Paolo Bonzini
592c3b289f scsi-block: extract scsi_block_is_passthrough
This will be used for both scsi_block_new_request and the scsi-block
implementation of parse_cdb.

Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-07-29 17:36:29 +02:00
Paolo Bonzini
ff34c32ccc scsi-bus: introduce parse_cdb in SCSIDeviceClass and SCSIBusInfo
These callbacks will let devices do their own request parsing, or
defer it to the bus.  If the bus does not provide an implementation,
in turn, fall back to the default parsing routine.

Swap the first two arguments to scsi_req_parse, and rename it to
scsi_req_parse_cdb, for consistency.

Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-07-29 17:36:25 +02:00
Paolo Bonzini
769998a1db scsi-bus: prepare scsi_req_new for introduction of parse_cdb
The per-SCSIDevice parse_cdb callback must not be called if the
request will go through special SCSIReqOps, so detect the special
cases early enough.

Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-07-29 17:36:09 +02:00
Michael S. Tsirkin
f47337cb91 piix: set legacy table size for 1.7
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-07-29 12:26:12 +02:00
Michael S. Tsirkin
868270f23d acpi-build: tweak acpi migration limits
- Tweak error message for legacy machine type:
  Basically if table size exceeds the limits we set all
  bets are off for migration: e.g. it can start failing even
  within given qemu minor version simply because of a bugfix.
- Increase table size to 128k.
- Make sure we notice it long before we start getting close to the
  128k limit: warn at 64k.
- Don't fail if we exceed the limit: most people don't care about
  migration, even less people care about cross version miration.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2014-07-29 12:26:12 +02:00
Paolo Bonzini
18045fb9f4 pc: future-proof migration-compatibility of ACPI tables
This patch avoids that similar changes break QEMU again in the future.
QEMU will now hard-code 64k as the maximum ACPI table size, which
(despite being an order of magnitude smaller than 640k) should be enough
for everyone.

Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-07-29 12:26:12 +02:00
Michael S. Tsirkin
093a35e5fc acpi-build: minor code cleanup
Fix up and add  comments to clarify code, plus a trivial
code change for clarity.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-07-29 12:26:12 +02:00
Igor Mammedov
133a2da488 pc: acpi: generate AML only for PCI0 devices if PCI bridge hotplug is disabled
Fixes migration regression from QEMU-1.7 to a newer QEMUs.
SSDT table size in QEMU-1.7 doesn't change regardless of
a number of PCI bridge devices present at startup.

However in QEMU-2.0 since addition of hotplug on PCI bridges,
each PCI bridge adds ~1875 bytes to SSDT table, including
pc-i440fx-1.7 machine type where PCI bridge hotplug disabled
via compat property.
It breaks migration from "QEMU-1.7" to "QEMU-2.[01] -M pc-i440fx-1.7"
since RAMBlock size of ACPI tables on target becomes larger
then on source and migration fails with:

"Length mismatch: /rom@etc/acpi/tables: 2000 in != 3000"

error.

Fix this by generating AML only for PCI0 bus if
hotplug on PCI bridges is disabled and preserves PCI brigde
description in AML as it was done in QEMU-1.7 for pc-i440fx-1.7.

It will help to maintain size of SSDT static regardless of
number of PCI bridges on startup for pc-i440fx-1.7 machine type.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-07-29 12:26:12 +02:00
Paolo Bonzini
07fb61760c pc: hack for migration compatibility from QEMU 2.0
Changing the ACPI table size causes migration to break, and the memory
hotplug work opened our eyes on how horribly we were breaking things in
2.0 already.

The ACPI table size is rounded to the next 4k, which one would think
gives some headroom.  In practice this is not the case, because the user
can control the ACPI table size (each CPU adds 97 bytes to the SSDT and
8 to the MADT) and so some "-smp" values will break the 4k boundary and
fail to migrate.  Similarly, PCI bridges add ~1870 bytes to the SSDT.

This patch concerns itself with fixing migration from QEMU 2.0.  It
computes the payload size of QEMU 2.0 and always uses that one.
The previous patch shrunk the ACPI tables enough that the QEMU 2.0 size
should always be enough; non-AML tables can change depending on the
configuration (especially MADT, SRAT, HPET) but they remain the same
between QEMU 2.0 and 2.1, so we only compute our padding based on the
sizes of the SSDT and DSDT.

Migration from QEMU 1.7 should work for guests that have a number of CPUs
other than 12, 13, 14, 54, 55, 56, 97, 98, 139, 140.  It was already
broken from QEMU 1.7 to QEMU 2.0 in the same way, though.

Even with this patch, QEMU 1.7 and 2.0 have two different ideas of
"-M pc-i440fx-2.0" when there are PCI bridges.  Igor sent a patch to
adopt the QEMU 1.7 definition.  I think distributions should apply
it if they move directly from QEMU 1.7 to 2.1+ without ever packaging
version 2.0.

Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-07-28 23:02:39 +02:00
Paolo Bonzini
acd727e7cb acpi-dsdt: procedurally generate _PRT
This replaces the _PRT constant with a method that computes it.

The problem is that the DSDT+SSDT have grown from 2.0 to 2.1,
enough to cross the 8k barrier (we align the ACPI tables to 4k
before putting them in fw_cfg).  This causes problems with
migration and the pc-i440fx-2.0 machine type.

The solution to the problem is to hardcode 64k as the limit,
but this doesn't solve the bug with pc-i440fx-2.0.  The fix will be
for QEMU 2.1 to use exactly the same size as QEMU 2.0 for the
ACPI tables.  First, however, we must make the actual AML
equal or smaller; to do this, rewrite _PRT in a way that saves
over 1k of bytecode.

Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-07-28 23:02:39 +02:00
Gerd Hoffmann
cf679caf91 usb: mtp: tag root property as experimental
Reason: we don't want commit to that interface yet.  Possibly
the implementation will be switched over to use fsdev.

Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-07-23 08:55:40 +02:00
Peter Maydell
ef493d5c29 hw/misc/imx_ccm.c: Add missing VMState list terminator
The VMStateDescription for the imx_ccm device was missing its
terminator. Found by static search of the codebase using
a regex based on one suggested by Ian Jackson:
  pcregrep -rMi '(?s)VMStateField(?:(?!END_OF_LIST).)*?;' $(git grep -l 'VMStateField\[\]')

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Cc: qemu-stable@nongnu.org
2014-07-22 17:53:36 +01:00
Laszlo Ersek
3afca1d6d4 vmstate_xhci_event: fix unterminated field list
"vmstate_xhci_event" was introduced in commit 37352df3 ("xhci: add live
migration support"), and first released in v1.6.0. The field list in this
VMSD is not terminated with the VMSTATE_END_OF_LIST() macro.

During normal use (ie. migration), the issue is practically invisible,
because the "vmstate_xhci_event" object (with the unterminated field list)
is only ever referenced -- via "vmstate_xhci_intr" -- if xhci_er_full()
returns true, for the "ev_buffer" test. Since that field_exists() check
(apparently) almost always returns false, we almost never traverse
"vmstate_xhci_event" during migration, which hides the bug.

However, Amit's vmstate checker forces recursion into this VMSD as well,
and the lack of VMSTATE_END_OF_LIST() breaks the field list terminator
check (field->name != NULL) in dump_vmstate_vmsd(). The result is
undefined behavior, which in my case translates to infinite recursion
(because the loop happens to overflow into "vmstate_xhci_intr", which then
links back to "vmstate_xhci_event").

Add the missing terminator.

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-07-22 17:34:24 +01:00
Peter Maydell
3a18d44983 Patch queue for ppc - 2014-07-22
Only a single bug fix to make -mem-path only affect RAM regions.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.19 (GNU/Linux)
 
 iQIcBAABAgAGBQJTzoVcAAoJECszeR4D/txg1HwP/1BuC1J4fNL+YeyToVQeG6iu
 KJGoFooQF1HFNm6U0m+U4Cx+0Z4g4MgVPLNL/VZZuOw3+rN5cc0ouyHli0n/6Q0o
 vcS7CdUKoFWfk5J/gZd0rNmJES3x0dtAkVz+pabrxpLmHEzqsT6vC7obZCXtaZU+
 saedouLPnDOX1hVV5jgh8205ctb8uoa7fE7x+ampgq4K27r0P0siQD/KAnZ6sgLJ
 Ve/fizdVXc5b0SrAN1N+Ybc/vYe+3qPIe24hauafA3V5otT5pAiXm300TLWFsO0G
 NWAGivaod3UlfdRcFF0iETQI7dIH7d6w9HmhzalFvdKSuPcjeZxZNYgEzCpjgvky
 mxuarXXRRoBE3WKUET8yF1t/04P2g0z3/JWoCh9+Q5ZfjRwQn3qhGN8k2uosayB4
 YvbgylGdwXNcNmbFdN69xV/J85ZFLz5YSUyzpa7pLSMS1zMn3AaI5wMsOaj0rSLs
 h0eDyuQSEggjSxXyJwWgysliZIAoxyjTXJtyyHjV5C3oQO++s20ZkW00Zs1ZN/VS
 yaOC16Au9Uvrd1P4kQwNwe2uJi7TC08l6g4tmI5dMhXK9rq+HHb0wVnF9wYJy1F7
 9GRvH6Zx0l0yKUxcOF/p2WJVbJqOWr4bWWL0jn86Mo/QuP7u90Dj7hQ/6P9hEa/S
 kUdPudapRSzvxk1mBp0D
 =KL8S
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/agraf/tags/signed-ppc-for-upstream' into staging

Patch queue for ppc - 2014-07-22

Only a single bug fix to make -mem-path only affect RAM regions.

# gpg: Signature made Tue 22 Jul 2014 16:38:04 BST using RSA key ID 03FEDC60
# gpg: Can't check signature: public key not found

* remotes/agraf/tags/signed-ppc-for-upstream:
  ppc: fix -mem-path failure

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-07-22 16:40:34 +01:00
Hu Tao
e206ad4833 ppc: fix -mem-path failure
commit e938ba0c tried to enable -mem-path for ppc but breaked some ppc
boards.

The problems are:

1. it fails when allocating memory for rom, sram whose sizes are less
   than huge page size:

   ./ppc-softmmu/qemu-system-ppc  -m 512 -mem-path /hugepages/ \
   -kernel /home/hutao/Downloads/vmlinux-ppc -initrd \
   /home/hutao/Downloads/initrd-ppc.gz
   qemu-system-ppc: /mnt/data/projects/qemu/exec.c:1184: qemu_ram_set_idstr: Assertion `new_block' failed.

2. if there is a numa node backed by memory backend object, qemu fails
   with message:

   ./ppc-softmmu/qemu-system-ppc  -m 512 \
   -object memory-backend-file,size=512M,mem-path=/hugepages,id=f0 \
   -numa node,nodeid=0,memdev=f0 \
   -kernel /home/hutao/Downloads/vmlinux-ppc \
   -initrd /home/hutao/Downloads/initrd-ppc.gz
   qemu-system-ppc: memory backend f0 is used multiple times. Each -numa option must use a different memdev value.

This patch does following:

1. replaces memory_region_allocate_system_memory() with
   memory_region_init_ram() for rom, sram. Then only system memory
   is backed by hugepages when specifying mem-path.

2. for memory banks, allocates all ram with
   one memory_region_allocate_system_memory(), and use
   memory_region_init_alias() to initialize memory banks.

Tested machines: default(g3beige), mac99, taihu, bamboo, ref405ep.

Signed-off-by: Hu Tao <hutao@cn.fujitsu.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-07-22 17:37:25 +02:00
John Snow
713e8a1022 virtio-rng: Add human-readable error message for negative max-bytes parameter
If a negative integer is used for the max_bytes parameter, QEMU currently
calls abort() and leaves behind a core dump. This patch replaces the
abort with a simple error message to make the reason for the termination
clearer. This also ensures device-hotplug with invalid input doesn't
cause qemu to quit.

There is an underlying insufficiency in the parameter parsing code of QEMU
that renders it unable to reject negative values for unsigned properties,
thus the error message "a non-negative integer below 2^63" is the most
user-friendly and correct message we can give until the underlying
insufficiency is corrected.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
2014-07-22 17:18:55 +05:30
Marcel Apfelbaum
b0ddb8bf6b machine: Replace underscores in machine's property names
Replaced '_' with '-' to comply with QOM guidelines.
Made the conversion from command line to QMP in vl.c.

Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-07-21 18:58:36 +02:00
Peter Maydell
147fc41973 trivial patches for 2014-07-18
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iQEcBAABAgAGBQJTySl7AAoJEL7lnXSkw9fbXvIH/3RUtN6m1rjYjnZOdmFQmSE9
 YkD+IviRH336whytrsaGCh+UVB8VwBR8FXz7QK/+N2WjFiK2jDKjQ8VirJkbdcDJ
 O6nJw9jSoYRksPslpQTQV3bqNqSny6KDIDGvEJZ7iwhxCcUxhV5v/O5LTd3iy9L0
 t0KTuGIOnPE7GtzsT01RLaMe34BUlac5QpN7jqY6uBbH+1JpAIE5xl36+6rQyT0y
 RHkhbEW3wHju5usTJojioA+S7sUJfRdzoJZZY9f1FgM4lZXQGsnKeYoDt+PEpunW
 0fFXCRJfKrFfHgNCJ0zWDwJDlq55lpDoyp5OBW0gD71Zo0xv3DMtCFlKDUiKth0=
 =RCw3
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mjt/tags/trivial-patches-2014-07-18' into staging

trivial patches for 2014-07-18

# gpg: Signature made Fri 18 Jul 2014 15:04:43 BST using RSA key ID A4C3D7DB
# gpg: Good signature from "Michael Tokarev <mjt@tls.msk.ru>"
# gpg:                 aka "Michael Tokarev <mjt@corpit.ru>"
# gpg:                 aka "Michael Tokarev <mjt@debian.org>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 6EE1 95D1 886E 8FFB 810D  4324 457C E0A0 8044 65C5
#      Subkey fingerprint: 6F67 E18E 7C91 C5B1 5514  66A7 BEE5 9D74 A4C3 D7DB

* remotes/mjt/tags/trivial-patches-2014-07-18:
  tests: Add missing 'static' attributes (fix warnings from smatch)
  migration: Add missing 'static' attribute
  qga: Add missing 'static' attribute
  hw/usb: Add missing 'static' attribute
  doc: slirp supports ICMP echo if enabled in Linux
  qemu-img: Remove redundancy "ret = -1"
  Fix new typos in comments (found by codespell)
  slirp: Give error message if hostfwd_add/remove for unrecognized vlan/stack

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-07-18 16:59:29 +01:00
Peter Maydell
50a2c45da9 Andreas's fixes to --enable-modules, two 2.1 regression fixes, and a
new qtest.  Michael sent a pull request of his own, so I dropped
 the vhost changes.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQIcBAABAgAGBQJTySF6AAoJEBvWZb6bTYbyA2UQAJRezh6xrYLZ2PYTTkYXSpsB
 a9egMAHcOQTKJG4bm6PyUTsLtAm6lS/RJkqVzTBszj2/e2ieDZyp2CAmtQ720rmf
 OC7Zy5+y39tadKxVLZknsB/jDWlpTlYAc+xyIgtFV6Eh8b98QKHMzks9vdJDCgdO
 ZEe8pTP5UZpNd0qco0pliX7OFHlOaCT+aNoI0ECkBEh2hBUQ0HkF4N6ZCei6wADq
 PYcZ//djeZb9n9hQs9ikwQnLEriv01d9qXDDqcVPPK6SJ0YkcbHwF/lItxz9Tb8K
 lFRAFrvkY7wF0E6dMpsUy4rpYcCGBgv9wu6trLsHZyXPX1jy7ezyfa6t/9hE8Kaz
 l7D1ROQeDW+oIaAlvQM3huG5A1FEBy5SNyjllXcD4JK8AWyD816gl5hgMVsuX7RT
 oSOXt5kDliGu9cTZaqzm7+Ij0gfAoncGPSqHxcN4Q4cAwe7+fAuLkQP0hmJVf4Tr
 IFBWvfyler0ziCK91rmxNYt4p2tV7w259YqyJfNMqC1c48dWWve2qzhkhES7K/A7
 V276d+6fwXKqW76JdWQLEvrLz8QI2SKu4Kihwh/UGJACuL9rwfZfhKy5+PqrhY/V
 cESREbpJQnAH2RyoA7D/ut4+VyJNWRZSH7g569srNgGStfnefmrusJCb5bPAF9O+
 RyW92wsHzEv5Nezci+4i
 =4qtI
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

Andreas's fixes to --enable-modules, two 2.1 regression fixes, and a
new qtest.  Michael sent a pull request of his own, so I dropped
the vhost changes.

# gpg: Signature made Fri 18 Jul 2014 14:30:34 BST using RSA key ID 9B4D86F2
# gpg: Can't check signature: public key not found

* remotes/bonzini/tags/for-upstream:
  Revert "kvmclock: Ensure time in migration never goes backward"
  Revert "kvmclock: Ensure proper env->tsc value for kvmclock_current_nsec calculation"
  module: Don't complain when a module is absent
  module: Simplify module_load()
  qtest: new test for wdt_ib700
  target-i386: Allow execute from user mode when SMEP is enabled.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-07-18 14:46:53 +01:00
Stefan Weil
b9b45b4a88 hw/usb: Add missing 'static' attribute
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-07-18 17:45:37 +04:00
Stefan Weil
a9dd38db68 Fix new typos in comments (found by codespell)
arbitary -> arbitrary
basicly -> basically

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-07-18 17:45:36 +04:00
Paolo Bonzini
fa666c10f2 Revert "kvmclock: Ensure time in migration never goes backward"
This reverts commit a096b3a673.

This patch caused a hang that was fixed by commit 9b17868 (kvmclock:
Ensure proper env->tsc value for kvmclock_current_nsec calculation,
2014-06-03), and we just had to revert that commit.  Drop this one
too.

Cc: agraf@suse.de
Cc: mtosatti@redhat.com
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-07-18 15:28:03 +02:00
Paolo Bonzini
108e4c3871 Revert "kvmclock: Ensure proper env->tsc value for kvmclock_current_nsec calculation"
This reverts commit 9b1786829a.

This patch fixed a hang introduced by commit a096b3a (kvmclock: Ensure
time in migration never goes backward, 2014-05-16), but it causes
a regression in migration whose cause is not quite clear.

Because of this, I'm choosing to revert both patches.  This trades a
2.1 regression for a bug that's been there forever.

Cc: agraf@suse.de
Cc: mtosatti@redhat.com
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-07-18 15:15:14 +02:00
Peter Maydell
4d121a5498 pc,vhost,test fixes
Minor bugfixes all over the place.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJTyF+IAAoJECgfDbjSjVRpB/AIAJUJLrdwwkZQymAb62e0Xe4L
 EYXhWr6R3J/yipgm7oko8e95fR7R40cUNrUHeH4w34Gp3vTMWyIxflYbyvSpd6KG
 jQDZEwJG1oIGRU6cL72cN8QuF6XUXk8QPSN6kfWL0OgxeS7hP6KgL/wJRuzDOCm9
 jsK3mE4+acFvGMKw36q0SCYJJFUxOrXj78vo1T5szizX1OKidMuQkByL96XNV3VQ
 X5RlP7IRpSyQ1JM9n97gwywjaCM/7SlgdO3YRKzGdClFWNgZ8XqO4K6Loi8x2RWC
 LrzID/i36M7veAoHAIvgs7AcUKbCyFoDYpL3mdAZB0y/XNIzKecIqrMm9IMtBLM=
 =AoMw
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

pc,vhost,test fixes

Minor bugfixes all over the place.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Fri 18 Jul 2014 00:43:04 BST using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"

* remotes/mst/tags/for_upstream:
  vhost-user: minor cleanups
  qtest: Adapt vhost-user-test to latest vhost-user changes
  vhost-user: Fix VHOST_SET_MEM_TABLE processing
  qtest: fix vhost-user-test compilation with old GLib
  fix typo: apci -> acpi
  pc_piix: Reuse pc_compat_1_2() for pc-0.1[0123]
  pc: fix qemu exiting with error when -m X < 128 with old machines types

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-07-18 09:35:51 +01:00
Michael S. Tsirkin
cd98639f67 vhost-user: minor cleanups
assert to verify cast does not discard information
minor style fixup.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-07-18 02:22:24 +03:00
Nikolay Nikolaev
f69a28051f vhost-user: Fix VHOST_SET_MEM_TABLE processing
qemu_get_ram_fd doesn't accept a guest physical address. ram_addr_t are
opaque values that are assigned in qemu_ram_alloc.

Find the ram_addr_t corresponding to the userspace_addr using qemu_ram_addr_from_host,
and then call qemu_get_ram_fd on it.

Thanks to Paolo Bonzini <pbonzini@redhat.com>

Signed-off-by: Nikolay Nikolaev <n.nikolaev@virtualopensystems.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2014-07-18 02:14:15 +03:00
KONRAD Frederic
af52fe862f cadence_uart: check for serial backend before using it.
This checks that s->chr is not NULL before using it.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-07-17 16:36:17 +01:00
Amit Shah
57d84cf353 virtio-serial-bus: keep port 0 reserved for virtconsole even on unplug
We keep port 0 reserved for compat with older guests, where only
virtio-console was expected.  Even if a system is started without a
virtio-console port, port #0 is kept aside.  However, after a
virtconsole port is unplugged, port id 0 became available, and the next
hotplug of a virtserialport caused failure due to it not being a console
port.

Steps to reproduce:

$ ./x86_64-softmmu/qemu-system-x86_64 -m 512 -cpu host -enable-kvm -device virtio-serial-pci -monitor stdio  -vnc :1
QEMU 2.0.91 monitor - type 'help' for more information
(qemu) device_add virtconsole,id=p1
(qemu) device_del p1
(qemu) device_add virtserialport,id=p1
Port number 0 on virtio-serial devices reserved for virtconsole devices for backward compatibility.
Device 'virtserialport' could not be initialized
(qemu) quit

Reported-by: dengmin <mdeng@redhat.com>
Reviewed-by: Amos Kong <akong@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
2014-07-16 14:32:40 +05:30
Peter Maydell
146ae00192 Patch queue for ppc - 2014-07-15
Some more bug fixes during the RC phase:
 
   - Fix huge page mapping regressions
   - Fix Book3S thread number enumeration
   - Fix Book3S VFIO permission issue
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.19 (GNU/Linux)
 
 iQIcBAABAgAGBQJTxTciAAoJECszeR4D/txgfisQAIOmsTsc0dL5DCu+blE1paMV
 VB4kJP3HbKwP2NKsT/JrzZ+0x2kzAa4g70SqhaskEFr3NnABW3dIQttfY/3I1hPY
 AS6Ph3JZy2O23v2RLKgKIi3THrasiP4UtyNdNqVcNBrgp6HxmEcpxdy/6o7smPwQ
 lkBp/oUXaUeleCUZnBao1aH0pZlPamyRhd/9xQaWNHMFpNQhhmebUR+TQbOoxogS
 H8pLRGERyeLRfmDFfjZ7VHerHWZ0O9Z+fDm+z6YTtH5VYVev4nHNIZM8O/qE+lHF
 U7Pr70WIj/8QCuLDjv/+c++pF0o469hdrGYvqeJD+LJNfEBve0TMnefYu7n7r/yk
 zkyvlQ/vsRGQLFiFg3klLAPAC2j+gtsxinisfZohDjrCfs04NhKjZtDzphEWAopL
 K7IC70l0cfJYLt6r3+JsNhPKnYy3JnmP/4hkAfL66RHizLVEvzVjCBU0y/FBxaqV
 DtCkRqKa4MWwer1A+8T0UChJY0zs8Q5KMfmPKoKbrmJYIphh26m6O9EUpqx2dw/d
 SrNqgtZrILbnYZh12O/wsWY9apIPBhE3Pe4yZFgpNwbKb2gEiqxVIGz8lLIkqbzg
 t/703p95kO3xeqSrSKfAZcJoZbds5DNtoljB2brEsslisIxmyeDbw/61TgNWtGGJ
 N8WNGvE0IdOZBDsx3Nn0
 =5fAV
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/agraf/tags/signed-ppc-for-upstream' into staging

Patch queue for ppc - 2014-07-15

Some more bug fixes during the RC phase:

  - Fix huge page mapping regressions
  - Fix Book3S thread number enumeration
  - Fix Book3S VFIO permission issue

# gpg: Signature made Tue 15 Jul 2014 15:13:54 BST using RSA key ID 03FEDC60
# gpg: Can't check signature: public key not found

* remotes/agraf/tags/signed-ppc-for-upstream:
  sPAPR/IOMMU: Fix TCE entry permission
  spapr: Enable use of huge pages
  spapr: Move RMA memory region registration code
  ppc: memory: Replace memory_region_init_ram with memory_region_allocate_system_memory
  target-ppc: Fix number of threads per core limit

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-07-15 15:51:12 +01:00
Gavin Shan
27e27782f7 sPAPR/IOMMU: Fix TCE entry permission
The permission of TCE entry should exclude physical base address.
Otherwise, unmapping TCE entry can be interpreted to mapping TCE
entry wrongly for VFIO devices.

Signed-off-by: Gavin Shan <gwshan@linux.vnet.ibm.com>
Acked-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-07-15 16:11:59 +02:00
Alexey Kardashevskiy
f92f5da108 spapr: Enable use of huge pages
0b183fc87 "memory: move mem_path handling to
memory_region_allocate_system_memory" disabled -mempath use for all
machines that do not use memory_region_allocate_system_memory() to
register RAM. Since SPAPR uses memory_region_init_ram(), the huge pages
support was disabled for it.

This replaces memory_region_init_ram()+vmstate_register_ram_global() with
memory_region_allocate_system_memory() to get huge pages back.

This changes RAM size from (ram_limit - rma_alloc_size) to ram_limit as
the previous patch moved RMA memory region allocation after RAM allocation
and therefore this change does not have immediate effect but simplifies
the code.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-07-15 16:11:59 +02:00
Alexey Kardashevskiy
658fa66b81 spapr: Move RMA memory region registration code
PPC970 does not support VRMA (virtual RMA) so real memory required
for SLOF to execute must be allocated by the KVM_ALLOCATE_RMA ioctl.
Later this memory is used as a part of the guest RAM area.
The RMA allocating code also registers a memory region for this piece
of RAM.

We are going to simplify memory regions layout: RMA memory region
will be a subregion in the RAM memory region, both starting from zero.
This way we will not have to take care of start address alignment for
the piece of RAM next to the RMA.

This moves memory region business closer to the RAM memory region
creation/allocation code.

As this is a mechanical patch, no change in behaviour is expected.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
[agraf: fix compilation on non-kvm systems]
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-07-15 16:11:59 +02:00
Shreyas B. Prabhu
e938ba0c35 ppc: memory: Replace memory_region_init_ram with memory_region_allocate_system_memory
Commit 0b183fc871:"memory: move mem_path handling to
memory_region_allocate_system_memory" split memory_region_init_ram and
memory_region_init_ram_from_file. Also it moved mem-path handling a step
up from memory_region_init_ram to memory_region_allocate_system_memory.

Therefore for any board that uses memory_region_init_ram directly,
-mem-path is not supported.

Fix this by replacing memory_region_init_ram with
memory_region_allocate_system_memory.

Signed-off-by: Shreyas B. Prabhu <shreyas@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-07-15 16:11:58 +02:00
Peter Maydell
2c65ebe646 Block pull request
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJTxTFNAAoJEJykq7OBq3PIti0IALlbGEfEjysUSmKbmnhJg5pH
 MoEkGJ8FZ7nIaaLfKPfVIzc5oeZVTWrtyckJLuLdxGOA1BYGXMQ/41Qs64UyT6NA
 TIFE9nZX6h5hQrLXt9u0O6smpkq7wt7M9a3RhVxUZ27Rujf8q+8V2KmgdEy8tchq
 vesyeDXBBx/G6tDGQey7WoRq1s6NafdNm9V0V8pkhonQ3uVErqhz5ZAaTV0zDZIr
 7CreUitr0XPsMx+FIAwEsRcFxw1uD5c5LQVWzBtNJUTMIjcmhauXH8YkreDYCJVY
 4Q555XvMGbEe/4OTqfhq5LI065uTpwYC1cvM16rVksa7KN25salupUn2MBVTbOI=
 =dnaT
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

Block pull request

# gpg: Signature made Tue 15 Jul 2014 14:49:01 BST using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"

* remotes/stefanha/tags/block-pull-request:
  virtio-blk: dataplane: notify guest as a batch
  virtio-blk: data-plane: fix save/set .complete_request in start
  linux-aio: Fix laio resource leak

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-07-15 15:06:17 +01:00
Ming Lei
5b2ffbe4d9 virtio-blk: dataplane: notify guest as a batch
Now requests are submitted as a batch, so it is natural
to notify guest as a batch too.

This may suppress interrupt notification to VM a lot:

        - in my test, decreased by ~13K/sec

Signed-off-by: Ming Lei <ming.lei@canonical.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-07-15 15:34:13 +02:00
Ming Lei
e926d9b8c5 virtio-blk: data-plane: fix save/set .complete_request in start
The callback has to be saved and reset in virtio_blk_data_plane_start(),
otherwise dataplane's requests will be completed in qemu aio context.

Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Ming Lei <ming.lei@canonical.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-07-15 15:34:13 +02:00
Peter Maydell
0a9934eef1 Misc 2.1 fixes regarding character/serial devices and SCSI.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQIcBAABAgAGBQJTw/aQAAoJEBvWZb6bTYbyQFkQAJ1/P6aG5EOd8dBQ2rNZ72Zp
 tWLnCQNZFIRLu1PGwiiqKihRk3N+YSMh0xERe1H8ZPwv1xIpia5zfcZ+fwEizyb2
 62zaTSSbUssWvt/p/mnb8K4H3HhBnEfEcQsFJi9GiML8G7rFwq5pUYTPfu0DQkq0
 +j1sk/sfzaKfdzDuxpz1cxPkFw7BjDTPDJPsKJCSok25sS7EhfN00auc33r8427k
 k5p/1xz7K/edUhZ86XhCIOs5bHIGxEnpK4bjV5F4MXCMC5vgp1VFFrK8GRG7rncO
 rB0rYCzpgxLA8DYpSGOIl6VNfZfHfvtrAdPbQwPfh1FzEya2PL/WorfwFcibKU3V
 3aa07rVOunIxVsCET49Q36RnSCX9COKww9BJxcsLu7C/G8id4tu67OS0/FMI/EaJ
 1oy7miUJuWhZEA115zyBfWBrv88PgNdlYVP8NtekBoHaL5m+Tk6ZAVmmxz5AxDZs
 zXrzUgotQ+cQZdeHJ/UVvjk4J1RUsolOEIwASgxBFph4fwAT/kRtlkZCpX/2xfDA
 VSTxKqoiQkdepQzBcNBOJvhQ38kU5qQ3AZb871T+y4WwP6jKj8kqZ7yiFf6yYz4a
 AqzSpichWVan99HuTLfiexHyq4r2D75To6ZQFVduYhQg8YX5byDcjtiQRFyy1uKv
 FwkEa/mpZdB1p0fSc7i3
 =8zIe
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

Misc 2.1 fixes regarding character/serial devices and SCSI.

# gpg: Signature made Mon 14 Jul 2014 16:26:08 BST using RSA key ID 9B4D86F2
# gpg: Can't check signature: public key not found

* remotes/bonzini/tags/for-upstream:
  serial-pci: remove memory regions from BAR before destroying them
  virtio-scsi: fix with -M pc-i440fx-2.0
  serial: change retry logic to avoid concurrency
  qemu-char: fix deadlock with "-monitor pty"
  scsi: Report error when lun number is in use

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-07-14 17:01:45 +01:00
Paolo Bonzini
7497bce6c2 serial-pci: remove memory regions from BAR before destroying them
Otherwise, hot-unplug of pci-serial-2x trips the assertion
in memory_region_destroy:

    (qemu) device_del gg
    (qemu) qemu-system-x86_64: /work/armbru/tmp/qemu/memory.c:1021: memory_region_destroy: Assertion `((&mr->subregions)->tqh_first == ((void *)0))' failed.
    Aborted (core dumped)

Reported-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-07-14 16:14:15 +02:00
Kirill Batuzov
f702e62a19 serial: change retry logic to avoid concurrency
Whenever serial_xmit fails to transmit a byte it adds a watch that would
call it again when the "line" becomes ready. This results in a retry
chain:
  serial_xmit -> add_watch -> serial_xmit
Each chain is able to transmit one character, and for every character
passed to serial by the guest driver a new chain is spawned.

The problem lays with the fact that a new chain is spawned even when
there is one already waiting on the watch. So there can be several retry
chains waiting concurrently on one "line". Every chain tries to transmit
current character, so character order is not messed up. But also every
chain increases retry counter (tsr_retry). If there are enough
concurrent chains this counter will hit MAX_XMIT_RETRY value and
the character will be dropped.

To reproduce this bug you need to feed serial output to some program
consuming it slowly enough. A python script from bug #1335444
description is an example of such program.

This commit changes retry logic in the following way to avoid
concurrency: instead of spawning a new chain for each character being
transmitted spawn only one and make it transmit characters until FIFO is
empty.

The change consists of two parts:
 - add a do {} while () loop in serial_xmit (diff is a bit erratic
   for this part, diff -w will show actual change),
 - do not call serial_xmit from serial_ioport_write if there is one
   waiting on the watch already.

This should fix another issue causing bug #1335444.

Signed-off-by: Kirill Batuzov <batuzovk@ispras.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-07-14 16:14:14 +02:00
Peter Maydell
7a6d04e73f Block patches for 2.1.0-rc2 (v2)
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJTw6scAAoJEH8JsnLIjy/WWk8QAMmThVQhJqajBbriVJWfB5w4
 A4ZaRpk+NsDUZhzbsVBJ06ZdlQSX76JOT17V1hDFe7wcu1Aq8XL2b0PzV4iDNRgJ
 QPjW7vKAfFq/ANziGfgfAhpeQkq8o5+R8OepmdqJXzIDCjg+nDtJVdsc7G8DIWOx
 1ssEqW8zaRuZMck61mo3hpdCCA+m+3HTHhcDEf/lzS69XHi2+BZ6ATVh3zShJqxy
 +68hDHdPNMTWESkN5MBQAo82flbdmNjqpD5SYYuJsoCOV+Tb5jLUGbED/VM1LqCf
 8ukXlu4TO0u3ZmO+3XeQJiNsBSQEGOp9/9gOYj8J7AaZcZzC4cON3RmiYLZLgapj
 zdKIvgCxuFzyFheJYPCwpr3483w6/mh4uMzasZ+jHETqieAyvy1L860FNdWQaXoX
 K96m/1yIaQ2NOogcWrxZZ4Jt/diKh+NWynBFm8MZON6MK46FLiCcma2ZedoX6dNc
 R+Ul0qiYMo5B9fX05uhf15dU8cmVQuVFRo2ftIIqxZDY9IPjJjrJPw9EjHajGIJb
 MpU25NRHCdf0BscgYufuf1W9llasl0fbAd3SIA4FccTFdAeDwu5SQXHTodhu64hh
 7gf23N7Let/Gnucxx7gOTi1Jz3uR8V7MbIYRgBBvyRqhNRRRjYDwpg2c8guCzM2F
 VObGeTRdNa9QhTXqBPdQ
 =YxHy
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block patches for 2.1.0-rc2 (v2)

# gpg: Signature made Mon 14 Jul 2014 11:04:12 BST using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"

* remotes/kevin/tags/for-upstream: (22 commits)
  ide: Treat read/write beyond end as invalid
  virtio-blk: Treat read/write beyond end as invalid
  virtio-blk: Bypass error action and I/O accounting on invalid r/w
  virtio-blk: Factor common checks out of virtio_blk_handle_read/write()
  dma-helpers: Fix too long qiov
  qtest: fix vhost-user-test compilation with old GLib
  tests: Fix unterminated string output visitor enum human string
  AioContext: do not rely on aio_poll(ctx, true) result to end a loop
  virtio-blk: embed VirtQueueElement in VirtIOBlockReq
  virtio-blk: avoid g_slice_new0() for VirtIOBlockReq and VirtQueueElement
  dataplane: do not free VirtQueueElement in vring_push()
  virtio-blk: avoid dataplane VirtIOBlockReq early free
  block: Assert qiov length matches request length
  qed: Make qiov match request size until backing file EOF
  qcow2: Make qiov match request size until backing file EOF
  block: Make qiov match the request size until EOF
  AioContext: speed up aio_notify
  test-aio: fix GSource-based timer test
  block: drop aio functions that operate on the main AioContext
  block: prefer aio_poll to qemu_aio_wait
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-07-14 13:09:29 +01:00