Re: [Qemu-devel] [RFC][PATCH 0/2] uq/master: Basic MSI support for in-kernel irqchip mode
On 2012-03-22 00:17, Jan Kiszka wrote: > Some half a year ago when I posted my first attempt to refactor MSI > for KVM support, we came to the conclusion that it might suffice to do > transparent dynamic routing for user-space injected MSI messages. These > two patches now implement such an approach for upstream. > > As QEMU does not yet include irqfd support (for vhost) or pci device > assignment, this is already enough to enable MSI over the in-kernel > irqchip. Still, this is only RFC as it is just lightly tested and should > primarily collect feedback regarding the direction. If it's fine, I'd > like to base further qemu-kvm refactorings and upstream preparations on > top of such a series. > > Also, I'd like to reanimate my KVM patch to provide direct MSI injection > in future kernels so that we do not need to take this long path here > forever. > > Jan Kiszka (2): > kvm: Introduce basic MSI support in-kernel irqchips > KVM: x86: Wire up MSI support for in-kernel irqchip > > hw/apic.c |3 + > hw/kvm/apic.c | 33 ++- > hw/pc.c |5 -- > kvm-all.c | 171 > - > kvm.h |1 + > 5 files changed, 205 insertions(+), 8 deletions(-) > Anyone any comments? I think this series could open the door for kernel_irqchip=on as default in QEMU 1.1. Jan signature.asc Description: OpenPGP digital signature
Re: [Qemu-devel] [V6 PATCH 1/4] net: announce self after vm start
Il 28/03/2012 07:40, Jason Wang ha scritto:
> qemu_announce_self() were moved to vm_start(). This is because we may
> want to let guest to send the gratuitous packets. A global variable
> need_announce were introduced to record the pending announcement, and
> vm_start() would send gratuitous packet depends on this value.
>
> Signed-off-by: Jason Wang
> ---
> migration.c |2 +-
> migration.h |2 ++
> vl.c|5 +
> 3 files changed, 8 insertions(+), 1 deletions(-)
>
> diff --git a/migration.c b/migration.c
> index 00fa1e3..861cce9 100644
> --- a/migration.c
> +++ b/migration.c
> @@ -88,7 +88,7 @@ void process_incoming_migration(QEMUFile *f)
> fprintf(stderr, "load of migration failed\n");
> exit(0);
> }
> -qemu_announce_self();
> +need_announce = true;
> DPRINTF("successfully loaded vm state\n");
>
> /* Make sure all file formats flush their mutable metadata */
> diff --git a/migration.h b/migration.h
> index 372b066..0a31463 100644
> --- a/migration.h
> +++ b/migration.h
> @@ -95,4 +95,6 @@ void migrate_add_blocker(Error *reason);
> */
> void migrate_del_blocker(Error *reason);
>
> +extern bool need_announce;
> +
> #endif
> diff --git a/vl.c b/vl.c
> index 65f11f2..05ebf57 100644
> --- a/vl.c
> +++ b/vl.c
> @@ -231,6 +231,7 @@ int boot_menu;
> uint8_t *boot_splash_filedata;
> int boot_splash_filedata_size;
> uint8_t qemu_extra_params_fw[2];
> +bool need_announce = false;
>
> typedef struct FWBootEntry FWBootEntry;
>
> @@ -1266,6 +1267,10 @@ void vm_start(void)
> vm_state_notify(1, RUN_STATE_RUNNING);
> resume_all_vcpus();
> monitor_protocol_event(QEVENT_RESUME, NULL);
> +if (need_announce) {
> +need_announce = false;
> +qemu_announce_self();
> +}
> }
> }
>
>
Reviewed-by: Paolo Bonzini
Paolo
Re: [Qemu-devel] [V6 PATCH 2/4] net: model specific announcing support
Il 28/03/2012 07:40, Jason Wang ha scritto:
> This patch introduces a function pointer in NetClientInfo which is
> called during self announcement. With this, each kind of card can
> announce the link with a specific way. The old method is still kept
> for cards that have not implemented this or old guest. The first user
> would be virtio-net.
>
> Signed-off-by: Jason Wang
> ---
> net.h|2 ++
> savevm.c |8 +---
> 2 files changed, 7 insertions(+), 3 deletions(-)
>
> diff --git a/net.h b/net.h
> index 75a8c15..7195bfc 100644
> --- a/net.h
> +++ b/net.h
> @@ -48,6 +48,7 @@ typedef ssize_t (NetReceive)(VLANClientState *, const
> uint8_t *, size_t);
> typedef ssize_t (NetReceiveIOV)(VLANClientState *, const struct iovec *,
> int);
> typedef void (NetCleanup) (VLANClientState *);
> typedef void (LinkStatusChanged)(VLANClientState *);
> +typedef int (NetAnnounce)(VLANClientState *);
>
> typedef struct NetClientInfo {
> net_client_type type;
> @@ -59,6 +60,7 @@ typedef struct NetClientInfo {
> NetCleanup *cleanup;
> LinkStatusChanged *link_status_changed;
> NetPoll *poll;
> +NetAnnounce *announce;
> } NetClientInfo;
>
> struct VLANClientState {
> diff --git a/savevm.c b/savevm.c
> index 80be1ff..7558c1d 100644
> --- a/savevm.c
> +++ b/savevm.c
> @@ -123,10 +123,12 @@ static void qemu_announce_self_iter(NICState *nic, void
> *opaque)
> {
> uint8_t buf[60];
> int len;
> +NetAnnounce *func = nic->nc.info->announce;
>
> -len = announce_self_create(buf, nic->conf->macaddr.a);
> -
> -qemu_send_packet_raw(&nic->nc, buf, len);
> +if (!func || func(&nic->nc) != 0) {
> +len = announce_self_create(buf, nic->conf->macaddr.a);
> +qemu_send_packet_raw(&nic->nc, buf, len);
> +}
> }
>
>
>
Reviewed-by: Paolo Bonzini
Paolo
Re: [Qemu-devel] [RFC 1/9] hostdev: introduce the infrastructure for host device model
On Wed, Mar 28, 2012 at 2:41 PM, Paolo Bonzini wrote: > Il 27/03/2012 23:21, Zhi Yong Wu ha scritto: >>> Yes, that's correct. Everything that uses PROP_PTR needs to become a >> But i didn't see that that stuff which uses PROP_PTR become a link in >> current QEMU code. > > Yes, that's why I wrote "needs to become". In order to use links, you > need two things: > > * the target needs to have a canonical path (more on this below); > > * the target needs to be QOMified. > > Most PTR properties are pointers to devices, but devices so far don't > always have a canonical path so the conversion could not happen. Others > are to CPUs, which are not yet QOMified. nice, got it. link is next step for PROP_PTR, thanks > >>> link. We cannot do that yet because devices do not yet have a canonical >>> path. >> Cannonical path means that it is one absolute path or partial path? > > Canonical path means it consists exclusively of child<> properties. > Unlike the links, which form a graph, children form a tree so it's easy > to define a canonical naming of all objects. > >> Moreover, -device has exposed network card info. > > ... this is extremely confused. Each NIC device has a NIC-type > NetClientState. If NetClientState is converted to QOM, all of its The original idea about -netdev QOM is to convert NetClientState to QOM, but now this idea seems to be changed. >>> >>> I cannot parse this at all. You have not converted all of >>> NetClientState to QOM, have you? >> No. I am not sure if we need to convert all and we need to know what >> the benefit is. > > We do. You just cannot convert the same object half to QOM and half > not. It leads to insanity. OK, i will convert all. > >> We hope that -netdev options info can be configurated or changed >> purely via QOM, not command line. > > Yes, but does it buy anything or it is just a nice exercise? buy anything? sorry, i don't understand this. >>> >>> What's the advantage? Converting chardev would give hotplug. What can >>> we do with a QOMified netdev that we cannot do now? >> It can be configurated or changed purely via QOM, this is one of the >> advantages by itself. > > Sure, but what does it do better than netdev_add? If -netdev QOM is supported, libvirt can use non-root account to get some service from QEMU. this will enforce security, right? > > Note that the same holds for devices. Anthony converted them as the > proof that QOM could deal with them, and that conversions could be done > in small steps. But strictly speaking it was not necessary to convert > them to QOM; so far, conversion brought no substantial improvement. > >> And I think that it should also give hotplug. > > Hotplug of -netdev is already supported. ah? IHMO, i have limited knowledge about QOM, and don't know why you said that chardev QOM can provide hotplug, how to play with it? > > Paolo -- Regards, Zhi Yong Wu
Re: [Qemu-devel] [RFC 1/9] hostdev: introduce the infrastructure for host device model
By the way, why have we not add one QOM cookbook to docs? It is very useful for us newbiew to learn. On Wed, Mar 28, 2012 at 2:41 PM, Paolo Bonzini wrote: > Il 27/03/2012 23:21, Zhi Yong Wu ha scritto: >>> Yes, that's correct. Everything that uses PROP_PTR needs to become a >> But i didn't see that that stuff which uses PROP_PTR become a link in >> current QEMU code. > > Yes, that's why I wrote "needs to become". In order to use links, you > need two things: > > * the target needs to have a canonical path (more on this below); > > * the target needs to be QOMified. > > Most PTR properties are pointers to devices, but devices so far don't > always have a canonical path so the conversion could not happen. Others > are to CPUs, which are not yet QOMified. > >>> link. We cannot do that yet because devices do not yet have a canonical >>> path. >> Cannonical path means that it is one absolute path or partial path? > > Canonical path means it consists exclusively of child<> properties. > Unlike the links, which form a graph, children form a tree so it's easy > to define a canonical naming of all objects. > >> Moreover, -device has exposed network card info. > > ... this is extremely confused. Each NIC device has a NIC-type > NetClientState. If NetClientState is converted to QOM, all of its The original idea about -netdev QOM is to convert NetClientState to QOM, but now this idea seems to be changed. >>> >>> I cannot parse this at all. You have not converted all of >>> NetClientState to QOM, have you? >> No. I am not sure if we need to convert all and we need to know what >> the benefit is. > > We do. You just cannot convert the same object half to QOM and half > not. It leads to insanity. > >> We hope that -netdev options info can be configurated or changed >> purely via QOM, not command line. > > Yes, but does it buy anything or it is just a nice exercise? buy anything? sorry, i don't understand this. >>> >>> What's the advantage? Converting chardev would give hotplug. What can >>> we do with a QOMified netdev that we cannot do now? >> It can be configurated or changed purely via QOM, this is one of the >> advantages by itself. > > Sure, but what does it do better than netdev_add? > > Note that the same holds for devices. Anthony converted them as the > proof that QOM could deal with them, and that conversions could be done > in small steps. But strictly speaking it was not necessary to convert > them to QOM; so far, conversion brought no substantial improvement. > >> And I think that it should also give hotplug. > > Hotplug of -netdev is already supported. > > Paolo -- Regards, Zhi Yong Wu
[Qemu-devel] [PATCH trivial] trace-events: don't use dtrace reserved words in and next
--- trace-events |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/trace-events b/trace-events index 70f059d..0924666 100644 --- a/trace-events +++ b/trace-events @@ -313,7 +313,7 @@ usb_host_set_interface(int bus, int addr, int interface, int alt) "dev %d:%d, in usb_host_claim_interfaces(int bus, int addr, int config, int nif) "dev %d:%d, config %d, nif %d" usb_host_release_interfaces(int bus, int addr) "dev %d:%d" usb_host_req_control(int bus, int addr, int req, int value, int index) "dev %d:%d, req 0x%x, value %d, index %d" -usb_host_req_data(int bus, int addr, int in, int ep, int size) "dev %d:%d, in %d, ep %d, size %d" +usb_host_req_data(int bus, int addr, int _in, int ep, int size) "dev %d:%d, in %d, ep %d, size %d" usb_host_req_complete(int bus, int addr, int status) "dev %d:%d, status %d" usb_host_urb_submit(int bus, int addr, void *aurb, int length, int more) "dev %d:%d, aurb %p, length %d, more %d" usb_host_urb_complete(int bus, int addr, void *aurb, int status, int length, int more) "dev %d:%d, aurb %p, status %d, length %d, more %d" @@ -562,7 +562,7 @@ qemu_coroutine_terminate(void *co) "self %p" # qemu-coroutine-lock.c qemu_co_queue_next_bh(void) "" -qemu_co_queue_next(void *next) "next %p" +qemu_co_queue_next(void *_next) "next %p" qemu_co_mutex_lock_entry(void *mutex, void *self) "mutex %p self %p" qemu_co_mutex_lock_return(void *mutex, void *self) "mutex %p self %p" qemu_co_mutex_unlock_entry(void *mutex, void *self) "mutex %p self %p" -- 1.7.9.3
[Qemu-devel] [Bug 966471] Re: qemu-i386-user fails on powerpc host (bash: fork: Invalid argument)
*** This bug is a duplicate of bug 739785 *** https://bugs.launchpad.net/bugs/739785 This looks to me like the same issue as bug 739785 (where it was reported on ARM and MIPS hosts). Basically user mode i386 guests have a number of problems relating to threading support. ** This bug has been marked a duplicate of bug 739785 qemu-i386 user mode on ARMv5 host fails (bash: fork: Invalid argument) -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/966471 Title: qemu-i386-user fails on powerpc host (bash: fork: Invalid argument) Status in QEMU: New Bug description: I'm using Debian testing powerpc on PowerMac G5. I've tried to install i386 target and after a boostsrap it tries to chroot there and continue installing. But it fails with fork: Invalid argument. Manual chroot there fails on ls the same. To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/966471/+subscriptions
Re: [Qemu-devel] [RFC 1/9] hostdev: introduce the infrastructure for host device model
Il 28/03/2012 09:53, Zhi Yong Wu ha scritto: > By the way, why have we not add one QOM cookbook to docs? It is very > useful for us newbiew to learn. Yes, that would be useful. It takes time to write docs unfortunately. :( Paolo
Re: [Qemu-devel] [RFC 1/9] hostdev: introduce the infrastructure for host device model
On Wed, Mar 28, 2012 at 4:05 PM, 陳韋任 wrote: >> Il 28/03/2012 09:53, Zhi Yong Wu ha scritto: >> > By the way, why have we not add one QOM cookbook to docs? It is very >> > useful for us newbiew to learn. > > You can write what you learn during this work. This should be a good > start! :) You know, i need to get enough skills now. :) > > Regards, > chenwj > > -- > Wei-Ren Chen (陳韋任) > Computer Systems Lab, Institute of Information Science, > Academia Sinica, Taiwan (R.O.C.) > Tel:886-2-2788-3799 #1667 > Homepage: http://people.cs.nctu.edu.tw/~chenwj -- Regards, Zhi Yong Wu
Re: [Qemu-devel] [PATCH] pci: Factor out bounds checking on config space accesses
On Wed, Mar 28, 2012 at 12:11:52PM +1100, David Gibson wrote:
> Michael,
>
> Any chance of an ack or nack on this one?
>
> On Mon, Mar 19, 2012 at 03:58:11PM +1100, David Gibson wrote:
> > There are several paths into the code to emulate PCI config space accesses:
> > one for MMIO to a plain old PCI bridge one for MMIO to a PCIe bridge and
> > one for the pseries machine which provides para-virtualized access to PCI
> > config space. Each of these functions does their own bounds checking
> > against the size of config space to check for addresses outside the
> > size of config space. The pci_host_config_{read,write}_common() (sort
> > of) checks for partial overruns, that is where the address is within
> > the size of config space, but address + length is not, it takes a
> > limit parameter for this purpose.
> >
> > As well as being a small code duplication, and it being weird to
> > separate the checks for partial and total overruns, this checking
> > currently has a few buglets:
> >
> > * For non PCI-Express we assume that the size of config space is
> > PCI_CONFIG_SPACE_SIZE. That's true for everything we emulate
> > now, but is not necessarily true (e.g. PCI-X devices can have
> > extended config space)
> >
> > * The limit parameter is not necessary, since the size of config
> > space can be obtained using pci_config_size()
> >
> > * Partial overruns could only occur with a misaligned access,
> > which should have already been dealt with by this point
> >
> > * Partial overruns are handled as a partial read or write, which
> > is very unlikely behaviour for real hardware
> >
> > * Furthermore, partial reads are 0x0 padded, whereas returning
> > 0xff for unimplemented addresses us much more common.
> >
> > * The partial reads/writes only work correctly by assuming
> > little-endian byte layout. While that is always true for PCI
> > config space, it's an awfully subtle thing to rely on without
> > comment.
This last point can be addressed by adding a comment?
Patch welcome.
> > This patch, therefore, moves the bounds checking wholly into
> > pci_host_config_{read,write}_common(). No partial reads or writes are
> > performed, instead any out-of-bounds write is simply ignored and an
> > out-of-bounds read returns 0xff.
> >
> > This simplifies all the callers, and makes the overall semantics saner
> > for edge cases.
> >
> > Cc: Michael S. Tsirkin
> >
> > Signed-off-by: David Gibson
Sorry, I didn't reply because I have no idea whether this patch is correct.
Couldn't figure out from the description
whether there's a test case where we differ
from real hardware in our behaviour.
The change affects lots of platforms and
there's no mention of which ones were tested.
> > ---
> > hw/pci_host.c | 26 ++
> > hw/pci_host.h |4 ++--
> > hw/pcie_host.c | 18 ++
> > hw/spapr_pci.c | 27 ---
> > 4 files changed, 22 insertions(+), 53 deletions(-)
> >
> > diff --git a/hw/pci_host.c b/hw/pci_host.c
> > index 44c6c20..829d797 100644
> > --- a/hw/pci_host.c
> > +++ b/hw/pci_host.c
> > @@ -48,48 +48,50 @@ static inline PCIDevice *pci_dev_find_by_addr(PCIBus
> > *bus, uint32_t addr)
> > }
> >
> > void pci_host_config_write_common(PCIDevice *pci_dev, uint32_t addr,
> > - uint32_t limit, uint32_t val, uint32_t
> > len)
> > + uint32_t val, uint32_t len)
> > {
> > assert(len <= 4);
> > -pci_dev->config_write(pci_dev, addr, val, MIN(len, limit - addr));
> > +if ((addr + len) <= pci_config_size(pci_dev)) {
> > +pci_dev->config_write(pci_dev, addr, val, len);
> > +}
> > }
> >
> > uint32_t pci_host_config_read_common(PCIDevice *pci_dev, uint32_t addr,
> > - uint32_t limit, uint32_t len)
> > + uint32_t len)
> > {
> > assert(len <= 4);
> > -return pci_dev->config_read(pci_dev, addr, MIN(len, limit - addr));
> > +if ((addr + len) <= pci_config_size(pci_dev)) {
> > +return pci_dev->config_read(pci_dev, addr, len);
> > +} else {
> > +return ~0x0;
> > +}
> > }
> >
> > void pci_data_write(PCIBus *s, uint32_t addr, uint32_t val, int len)
> > {
> > PCIDevice *pci_dev = pci_dev_find_by_addr(s, addr);
> > -uint32_t config_addr = addr & (PCI_CONFIG_SPACE_SIZE - 1);
> >
> > if (!pci_dev) {
> > return;
> > }
> >
> > PCI_DPRINTF("%s: %s: addr=%02" PRIx32 " val=%08" PRIx32 " len=%d\n",
> > -__func__, pci_dev->name, config_addr, val, len);
> > -pci_host_config_write_common(pci_dev, config_addr,
> > PCI_CONFIG_SPACE_SIZE,
> > - val, len);
> > +__func__, pci_dev->name, addr, val, len);
> > +pci_host_config_write_common(pci_dev, addr, val, len);
> >
Re: [Qemu-devel] [PATCH] tracetool.py: always pass --binary, --target-arch, --target-type
On Tue, Mar 27, 2012 at 08:01:54PM +0200, Lluís Vilanova wrote: > Alon Levy writes: > > > Signed-off-by: Alon Levy > > --- > > Makefile.objs | 25 ++--- > > 1 file changed, 22 insertions(+), 3 deletions(-) > > > diff --git a/Makefile.objs b/Makefile.objs > > index 8e56f48..0e33f4b 100644 > > --- a/Makefile.objs > > +++ b/Makefile.objs > > @@ -373,12 +373,25 @@ else > > trace.h: trace.h-timestamp > > endif > > trace.h-timestamp: $(SRC_PATH)/trace-events $(BUILD_DIR)/config-host.mak > > - $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/tracetool.py > > --format=h --backend=$(TRACE_BACKEND) < $< > $@," GEN trace.h") > > + $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/tracetool.py \ > > + --format=h \ > > + --backend=$(TRACE_BACKEND) \ > > + --binary=$(bindir)/$(QEMU_PROG) \ > > + --target-arch=$(TARGET_ARCH) \ > > + --target-type=$(TARGET_TYPE) \ > > + --target-type=$(TARGET_TYPE) < $< > $@, \ > > + " GEN trace.h") > > @cmp -s $@ trace.h || cp $@ trace.h > > > trace.c: trace.c-timestamp > > trace.c-timestamp: $(SRC_PATH)/trace-events $(BUILD_DIR)/config-host.mak > > - $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/tracetool.py > > --format=c --backend=$(TRACE_BACKEND) < $< > $@," GEN trace.c") > > + $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/tracetool.py \ > > + --format=c \ > > + --backend=$(TRACE_BACKEND) \ > > + --binary=$(bindir)/$(QEMU_PROG) \ > > + --target-arch=$(TARGET_ARCH) \ > > + --target-type=$(TARGET_TYPE) < $< > $@, \ > > + " GEN trace.c") > > @cmp -s $@ trace.c || cp $@ trace.c > > > trace.o: trace.c $(GENERATED_HEADERS) > > @@ -391,7 +404,13 @@ trace-dtrace.h: trace-dtrace.dtrace > > # rule file. So we use '.dtrace' instead > > trace-dtrace.dtrace: trace-dtrace.dtrace-timestamp > > trace-dtrace.dtrace-timestamp: $(SRC_PATH)/trace-events > > $(BUILD_DIR)/config-host.mak > > - $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/tracetool.py > > --format=d --backend=$(TRACE_BACKEND) < $< > $@," GEN > > trace-dtrace.dtrace") > > + $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/tracetool.py \ > > + --format=d \ > > + --backend=$(TRACE_BACKEND) \ > > + --binary=$(bindir)/$(QEMU_PROG) \ > > + --target-arch=$(TARGET_ARCH) \ > > + --target-type=$(TARGET_TYPE) < $< > $@, \ > > + " GEN trace-dtrace.dtrace") > > @cmp -s $@ trace-dtrace.dtrace || cp $@ trace-dtrace.dtrace > > > trace-dtrace.o: trace-dtrace.dtrace $(GENERATED_HEADERS) > > -- > > 1.7.9.3 > > I don't see the reason for such a change, as in the current bash code it's not > used except when generating files in the 'stap' format. Have you tried building with trace backend dtrace? without those changed it breaks because tracetool.py requires both target_arch and target_type for dtrace backend. Either change the source or change the invocation. I thought the later is better, hence this patch. > > Same applies to your change in tracetool.py when checking the binary/probe/etc > options. > > > Lluis > > -- > "And it's much the same thing with knowledge, for whenever you learn > something new, the whole world becomes that much richer." > -- The Princess of Pure Reason, as told by Norton Juster in The Phantom > Tollbooth
Re: [Qemu-devel] [RFC 1/9] hostdev: introduce the infrastructure for host device model
> Il 28/03/2012 09:53, Zhi Yong Wu ha scritto: > > By the way, why have we not add one QOM cookbook to docs? It is very > > useful for us newbiew to learn. You can write what you learn during this work. This should be a good start! :) Regards, chenwj -- Wei-Ren Chen (陳韋任) Computer Systems Lab, Institute of Information Science, Academia Sinica, Taiwan (R.O.C.) Tel:886-2-2788-3799 #1667 Homepage: http://people.cs.nctu.edu.tw/~chenwj
Re: [Qemu-devel] [RFC 1/9] hostdev: introduce the infrastructure for host device model
On Wed, Mar 28, 2012 at 04:25:54PM +0800, Zhi Yong Wu wrote: > On Wed, Mar 28, 2012 at 4:05 PM, 陳韋任 wrote: > >> Il 28/03/2012 09:53, Zhi Yong Wu ha scritto: > >> > By the way, why have we not add one QOM cookbook to docs? It is very > >> > useful for us newbiew to learn. > > > > You can write what you learn during this work. This should be a good > > start! :) > You know, i need to get enough skills now. :) I mean make some notes during the work. Good luck! Regards, chenwj -- Wei-Ren Chen (陳韋任) Computer Systems Lab, Institute of Information Science, Academia Sinica, Taiwan (R.O.C.) Tel:886-2-2788-3799 #1667 Homepage: http://people.cs.nctu.edu.tw/~chenwj
Re: [Qemu-devel] [RFC][PATCH 0/2] uq/master: Basic MSI support for in-kernel irqchip mode
On Wed, Mar 28, 2012 at 09:13:22AM +0200, Jan Kiszka wrote: > On 2012-03-22 00:17, Jan Kiszka wrote: > > Some half a year ago when I posted my first attempt to refactor MSI > > for KVM support, we came to the conclusion that it might suffice to do > > transparent dynamic routing for user-space injected MSI messages. These > > two patches now implement such an approach for upstream. > > > > As QEMU does not yet include irqfd support (for vhost) or pci device > > assignment, this is already enough to enable MSI over the in-kernel > > irqchip. Still, this is only RFC as it is just lightly tested and should > > primarily collect feedback regarding the direction. If it's fine, I'd > > like to base further qemu-kvm refactorings and upstream preparations on > > top of such a series. > > > > Also, I'd like to reanimate my KVM patch to provide direct MSI injection > > in future kernels so that we do not need to take this long path here > > forever. > > > > Jan Kiszka (2): > > kvm: Introduce basic MSI support in-kernel irqchips > > KVM: x86: Wire up MSI support for in-kernel irqchip > > > > hw/apic.c |3 + > > hw/kvm/apic.c | 33 ++- > > hw/pc.c |5 -- > > kvm-all.c | 171 > > - > > kvm.h |1 + > > 5 files changed, 205 insertions(+), 8 deletions(-) > > > > Anyone any comments? I think this series could open the door for > kernel_irqchip=on as default in QEMU 1.1. > > Jan > For what this patch is trying to do, would adding a simple ioctl for injecting a given message into guest be cleaner? Also, how would this support irqfd in the future? Will we have to rip it all out and replace with per-device tracking that we have today? -- MST
Re: [Qemu-devel] [RFC][PATCH 0/2] uq/master: Basic MSI support for in-kernel irqchip mode
On 2012-03-28 11:45, Michael S. Tsirkin wrote: > On Wed, Mar 28, 2012 at 09:13:22AM +0200, Jan Kiszka wrote: >> On 2012-03-22 00:17, Jan Kiszka wrote: >>> Some half a year ago when I posted my first attempt to refactor MSI >>> for KVM support, we came to the conclusion that it might suffice to do >>> transparent dynamic routing for user-space injected MSI messages. These >>> two patches now implement such an approach for upstream. >>> >>> As QEMU does not yet include irqfd support (for vhost) or pci device >>> assignment, this is already enough to enable MSI over the in-kernel >>> irqchip. Still, this is only RFC as it is just lightly tested and should >>> primarily collect feedback regarding the direction. If it's fine, I'd >>> like to base further qemu-kvm refactorings and upstream preparations on >>> top of such a series. >>> >>> Also, I'd like to reanimate my KVM patch to provide direct MSI injection >>> in future kernels so that we do not need to take this long path here >>> forever. >>> >>> Jan Kiszka (2): >>> kvm: Introduce basic MSI support in-kernel irqchips >>> KVM: x86: Wire up MSI support for in-kernel irqchip >>> >>> hw/apic.c |3 + >>> hw/kvm/apic.c | 33 ++- >>> hw/pc.c |5 -- >>> kvm-all.c | 171 >>> - >>> kvm.h |1 + >>> 5 files changed, 205 insertions(+), 8 deletions(-) >>> >> >> Anyone any comments? I think this series could open the door for >> kernel_irqchip=on as default in QEMU 1.1. >> >> Jan >> > > For what this patch is trying to do, would adding a simple ioctl for > injecting a given message into guest be cleaner? For sure, and I already proposed this in the past. I think we were only discussing the extensibility of such an IOCTL. Anyway, that won't help with existing kernels. That's why I'm proposing this userspace approach as an interim solution. > Also, how would this support irqfd in the future? Will we have to > rip it all out and replace with per-device tracking that we > have today? Irqfd and kvm device assignment will require additional interfaces (of the kvm core in QEMU) via which you will be able to request stable routes from such sources to specified MSIs. That will be widely orthogonal to what is done in these patches here. Upstream is not affected yet as it neither supports device assignment nor irqfds up to now. Jan -- Siemens AG, Corporate Technology, CT T DE IT 1 Corporate Competence Center Embedded Linux
Re: [Qemu-devel] [libvirt] Modern CPU models cannot be used with libvirt
On 03/26/2012 09:03 PM, Anthony Liguori wrote: > > I think what we want to move toward is a -no-machine option which > allows a user to explicitly build a machine from scratch. That is: > > qemu -no-machine -device i440fx,id=host -device isa-serial,chr=chr0 ... > I'd call it -M bare-1.1, so that it can be used to override driver properties in 1.2+. So we'd have # default machine for this version qemu / qemu -M pc # an older version's pc qemu -M pc-1.1 # just a chassis, bring your own screwdriver qemu -M bare # previous generation chassis, beige qemu -M bare-1.1 That is because -M not only specifies the components that go into the machine, it also alters other devices you add to it. This also helps preserve the planet's dwindling supply of command line options. -- error compiling committee.c: too many arguments to function
Re: [Qemu-devel] [libvirt] Modern CPU models cannot be used with libvirt
On 03/26/2012 09:00 PM, Anthony Liguori wrote: >>> Yes, that's one reason. But maybe a user wants to have a whole >>> different set of machine types and doesn't care to have the ones we >>> provide. Why prevent a user from doing this? >> >> How are we preventing a user from doing it? In what way is -nodefconfig >> helping it? > > > Let me explain it in a different way, perhaps. > > We launch smbd in QEMU in order to do file sharing over slirp. One of > the historic problems we've had is that we don't assume root > privileges, yet want to be able to run smbd without using any of the > system configuration files. > > You can do this by specify -s with the config file, and then in the > config file you can overload the various default paths (like private > dir, lock dir, etc.). In some cases, earlier versions of smbd didn't > allow you to change private dir. > > You should be able to tell a well behaved tool not to read any > configuration/data files and explicitly tell it where/how to read > them. We cannot exhaustively anticipate every future use case of QEMU. 100% agree. But that says nothing about a text file that defines "westmere" as a set of cpu flags, as long as we allow the user to define "mywestmere" as a different set. That is because target-x86_64.cfg does not configure anything, it just defines a macro, which qemu doesn't force you to use. > > But beyond the justification for -nodefconfig, the fact is that it > exists today, and has a specific semantic. If we want to have a > different semantic, we should introduce a new option (-no-user-config). Sure. -- error compiling committee.c: too many arguments to function
Re: [Qemu-devel] [PATCH] tracetool.py: always pass --binary, --target-arch, --target-type
Alon Levy writes: [...] >> I don't see the reason for such a change, as in the current bash code it's >> not >> used except when generating files in the 'stap' format. > Have you tried building with trace backend dtrace? without those changed > it breaks because tracetool.py requires both target_arch and target_type > for dtrace backend. Either change the source or change the invocation. I > thought the later is better, hence this patch. If you're referring to your changes in tracetool.py related to this (when checking binary/prefix/etc), it should be fixed in v3 without resorting to your changes: - if format == "stap": + if arg_format == "stap": Instead of your proposal: - if format == "stap": + if arg_backend == "dtrace": I didn't try to compile the resulting dtrace files (they should be the same), but tracetool does not fail with the aforementioned changes. Thanks, Lluis -- "And it's much the same thing with knowledge, for whenever you learn something new, the whole world becomes that much richer." -- The Princess of Pure Reason, as told by Norton Juster in The Phantom Tollbooth
Re: [Qemu-devel] [PATCH 1/2] qemu-iotests: Fix call syntax for qemu-img
On Tue, Mar 27, 2012 at 9:56 PM, Stefan Weil wrote: > Am 14.03.2012 21:48, schrieb Stefan Weil: > >> Am 14.03.2012 20:08, schrieb Eric Blake: >>> >>> On 03/14/2012 12:57 PM, Stefan Weil wrote: qemu-img requires first options, then file name, then size. GNU getopt also allows options at the end, but POSIX getopt doesn't. Try "export POSIXLY_CORRECT=y" to get the POSIX behaviour with GNU getopt, too. >>> >>> >>> That's a heavy sledgehammer, that has the potential to affect a lot of >>> other programs called alongside qemu-img. Simpler would be to just pass >>> -- in the command line at the point where you want to force qemu to >>> treat all further arguments without getopt reordering them, as in: >> >> >> I did not want to suggest that POSIXLY_CORRECT should always >> be set. It's just a way how maintainers can test that there is >> a problem with the current code, and that this problem is >> fixed by my patch. >> >> Passing -- in the command line will not only stop argument >> reordering, it also stops argument parsing which is not >> what we need here. >> >> Regards, >> >> Stefan W. > > > Ping? These two patches for qemu-iotests are still missing > in QEMU git master. Are there any open questions, or can > they be committed? Should they go through qemu-trivial? Kevin on IRC yesterday: Last week was rather busy, and I'll be on vacation from tomorrow until Friday, so don't expect feedback from me before some time next week Stefan
Re: [Qemu-devel] [RFC][PATCH 0/2] uq/master: Basic MSI support for in-kernel irqchip mode
On Wed, Mar 28, 2012 at 11:50:27AM +0200, Jan Kiszka wrote: > On 2012-03-28 11:45, Michael S. Tsirkin wrote: > > On Wed, Mar 28, 2012 at 09:13:22AM +0200, Jan Kiszka wrote: > >> On 2012-03-22 00:17, Jan Kiszka wrote: > >>> Some half a year ago when I posted my first attempt to refactor MSI > >>> for KVM support, we came to the conclusion that it might suffice to do > >>> transparent dynamic routing for user-space injected MSI messages. These > >>> two patches now implement such an approach for upstream. > >>> > >>> As QEMU does not yet include irqfd support (for vhost) or pci device > >>> assignment, this is already enough to enable MSI over the in-kernel > >>> irqchip. Still, this is only RFC as it is just lightly tested and should > >>> primarily collect feedback regarding the direction. If it's fine, I'd > >>> like to base further qemu-kvm refactorings and upstream preparations on > >>> top of such a series. > >>> > >>> Also, I'd like to reanimate my KVM patch to provide direct MSI injection > >>> in future kernels so that we do not need to take this long path here > >>> forever. > >>> > >>> Jan Kiszka (2): > >>> kvm: Introduce basic MSI support in-kernel irqchips > >>> KVM: x86: Wire up MSI support for in-kernel irqchip > >>> > >>> hw/apic.c |3 + > >>> hw/kvm/apic.c | 33 ++- > >>> hw/pc.c |5 -- > >>> kvm-all.c | 171 > >>> - > >>> kvm.h |1 + > >>> 5 files changed, 205 insertions(+), 8 deletions(-) > >>> > >> > >> Anyone any comments? I think this series could open the door for > >> kernel_irqchip=on as default in QEMU 1.1. > >> > >> Jan > >> > > > > For what this patch is trying to do, would adding a simple ioctl for > > injecting a given message into guest be cleaner? > > For sure, and I already proposed this in the past. I think we were only > discussing the extensibility of such an IOCTL. Yes. And the conclusion I think was that it's not very extensible but a very good fit for what we want to do, right? See Message-ID: <4ea66b99.3010...@redhat.com> > Anyway, that won't help with existing kernels. That's why I'm proposing > this userspace approach as an interim solution. I guess we can just keep the userspace irqchip around? > > Also, how would this support irqfd in the future? Will we have to > > rip it all out and replace with per-device tracking that we > > have today? > > Irqfd and kvm device assignment will require additional interfaces (of > the kvm core in QEMU) via which you will be able to request stable > routes from such sources to specified MSIs. That will be widely > orthogonal to what is done in these patches here. Yes but not exactly as they will conflict for resources, right? How do you plan to solve this? > Upstream is not > affected yet as it neither supports device assignment nor irqfds up to now. > > Jan Just to clarify: so in the end, we will need to basically do what qemu-kvm does, as well? > -- > Siemens AG, Corporate Technology, CT T DE IT 1 > Corporate Competence Center Embedded Linux
Re: [Qemu-devel] [RFC][PATCH 0/2] uq/master: Basic MSI support for in-kernel irqchip mode
On 2012-03-28 12:47, Michael S. Tsirkin wrote: > On Wed, Mar 28, 2012 at 11:50:27AM +0200, Jan Kiszka wrote: >> On 2012-03-28 11:45, Michael S. Tsirkin wrote: >>> On Wed, Mar 28, 2012 at 09:13:22AM +0200, Jan Kiszka wrote: On 2012-03-22 00:17, Jan Kiszka wrote: > Some half a year ago when I posted my first attempt to refactor MSI > for KVM support, we came to the conclusion that it might suffice to do > transparent dynamic routing for user-space injected MSI messages. These > two patches now implement such an approach for upstream. > > As QEMU does not yet include irqfd support (for vhost) or pci device > assignment, this is already enough to enable MSI over the in-kernel > irqchip. Still, this is only RFC as it is just lightly tested and should > primarily collect feedback regarding the direction. If it's fine, I'd > like to base further qemu-kvm refactorings and upstream preparations on > top of such a series. > > Also, I'd like to reanimate my KVM patch to provide direct MSI injection > in future kernels so that we do not need to take this long path here > forever. > > Jan Kiszka (2): > kvm: Introduce basic MSI support in-kernel irqchips > KVM: x86: Wire up MSI support for in-kernel irqchip > > hw/apic.c |3 + > hw/kvm/apic.c | 33 ++- > hw/pc.c |5 -- > kvm-all.c | 171 > - > kvm.h |1 + > 5 files changed, 205 insertions(+), 8 deletions(-) > Anyone any comments? I think this series could open the door for kernel_irqchip=on as default in QEMU 1.1. Jan >>> >>> For what this patch is trying to do, would adding a simple ioctl for >>> injecting a given message into guest be cleaner? >> >> For sure, and I already proposed this in the past. I think we were only >> discussing the extensibility of such an IOCTL. > > Yes. And the conclusion I think was that it's not very extensible > but a very good fit for what we want to do, right? > See Message-ID: <4ea66b99.3010...@redhat.com> Cannot match this ID, but I guess the best is now to just leave a flags and some padding fields in the struct for whatever may or may not come in the future. > >> Anyway, that won't help with existing kernels. That's why I'm proposing >> this userspace approach as an interim solution. > > I guess we can just keep the userspace irqchip around? This is about the kernel IRQ chip support. We want to support it over current kernels, not only 3.4 or even later. > >>> Also, how would this support irqfd in the future? Will we have to >>> rip it all out and replace with per-device tracking that we >>> have today? >> >> Irqfd and kvm device assignment will require additional interfaces (of >> the kvm core in QEMU) via which you will be able to request stable >> routes from such sources to specified MSIs. That will be widely >> orthogonal to what is done in these patches here. > > Yes but not exactly as they will conflict for resources, right? > How do you plan to solve this? As done in my original series: If a static route requires a pseudo GSI and there are none free, we simply flush the dynamic MSI routes. > >> Upstream is not >> affected yet as it neither supports device assignment nor irqfds up to now. >> >> Jan > > Just to clarify: so in the end, we will need > to basically do what qemu-kvm does, as well? Basically yes, but with refactored interfaces. E.g. all pseudo GSI management will be privatized in the KVM layer. And MSI[-X] interfaces will be refactored to reduce the code you need in virtio and pci-assign for propagating vector changes to the routing subsystem. Details regarding this aren't settled yet, but it will be just an add-on to the MSI injection path for fully emulated devices, ie. the topic of this series. Jan -- Siemens AG, Corporate Technology, CT T DE IT 1 Corporate Competence Center Embedded Linux
Re: [Qemu-devel] [RFC][PATCH 1/2] kvm: Introduce basic MSI support in-kernel irqchips
On 03/22/2012 01:17 AM, Jan Kiszka wrote: > From: Jan Kiszka > > This patch basically adds kvm_irqchip_send_msi, a service for sending > arbitrary MSI messages to KVM's in-kernel irqchip models. > > As the current KVI API requires us to establish a static route from a s/KVI/KVM/ > pseudo GSI to the target MSI message and inject the MSI via toggling > that GSI, we need to play some tricks to make this unfortunately s/unfortunately/unfortunate/ > interface transparent. We create those routes on demand and keep them > in a hash table. Succeeding messages can then search for an existing > route in the table first and reuse it whenever possible. If we should > run out of limited GSIs, we simply flush the table and rebuild it as > messages are sent. > > This approach is rather simple and could be optimized further. However, > it is more efficient to enhance the KVM API so that we do not need this > clumsy dynamic routing over futures kernels. Two APIs are clumsier than one. wet the patch itself, suggest replacing the home grown hash with http://developer.gnome.org/glib/2.30/glib-Caches.html. -- error compiling committee.c: too many arguments to function
Re: [Qemu-devel] [RFC][PATCH 0/2] uq/master: Basic MSI support for in-kernel irqchip mode
On Wed, Mar 28, 2012 at 01:07:42PM +0200, Jan Kiszka wrote: > On 2012-03-28 12:47, Michael S. Tsirkin wrote: > > On Wed, Mar 28, 2012 at 11:50:27AM +0200, Jan Kiszka wrote: > >> On 2012-03-28 11:45, Michael S. Tsirkin wrote: > >>> On Wed, Mar 28, 2012 at 09:13:22AM +0200, Jan Kiszka wrote: > On 2012-03-22 00:17, Jan Kiszka wrote: > > Some half a year ago when I posted my first attempt to refactor MSI > > for KVM support, we came to the conclusion that it might suffice to do > > transparent dynamic routing for user-space injected MSI messages. These > > two patches now implement such an approach for upstream. > > > > As QEMU does not yet include irqfd support (for vhost) or pci device > > assignment, this is already enough to enable MSI over the in-kernel > > irqchip. Still, this is only RFC as it is just lightly tested and should > > primarily collect feedback regarding the direction. If it's fine, I'd > > like to base further qemu-kvm refactorings and upstream preparations on > > top of such a series. > > > > Also, I'd like to reanimate my KVM patch to provide direct MSI injection > > in future kernels so that we do not need to take this long path here > > forever. > > > > Jan Kiszka (2): > > kvm: Introduce basic MSI support in-kernel irqchips > > KVM: x86: Wire up MSI support for in-kernel irqchip > > > > hw/apic.c |3 + > > hw/kvm/apic.c | 33 ++- > > hw/pc.c |5 -- > > kvm-all.c | 171 > > - > > kvm.h |1 + > > 5 files changed, 205 insertions(+), 8 deletions(-) > > > > Anyone any comments? I think this series could open the door for > kernel_irqchip=on as default in QEMU 1.1. > > Jan > > >>> > >>> For what this patch is trying to do, would adding a simple ioctl for > >>> injecting a given message into guest be cleaner? > >> > >> For sure, and I already proposed this in the past. I think we were only > >> discussing the extensibility of such an IOCTL. > > > > Yes. And the conclusion I think was that it's not very extensible > > but a very good fit for what we want to do, right? > > See Message-ID: <4ea66b99.3010...@redhat.com> > > Cannot match this ID, but I guess the best is now to just leave a flags > and some padding fields in the struct for whatever may or may not come > in the future. > > > > >> Anyway, that won't help with existing kernels. That's why I'm proposing > >> this userspace approach as an interim solution. > > > > I guess we can just keep the userspace irqchip around? > > This is about the kernel IRQ chip support. We want to support it over > current kernels, not only 3.4 or even later. > > > > >>> Also, how would this support irqfd in the future? Will we have to > >>> rip it all out and replace with per-device tracking that we > >>> have today? > >> > >> Irqfd and kvm device assignment will require additional interfaces (of > >> the kvm core in QEMU) via which you will be able to request stable > >> routes from such sources to specified MSIs. That will be widely > >> orthogonal to what is done in these patches here. > > > > Yes but not exactly as they will conflict for resources, right? > > How do you plan to solve this? > > As done in my original series: If a static route requires a pseudo GSI > and there are none free, we simply flush the dynamic MSI routes. Right. So static routes take precedence. This means that in effect we will have two APIs in qemu: for fast MSIs and for slow ones, the advantage of the slow APIs being that they are easier to use, right? > > > >> Upstream is not > >> affected yet as it neither supports device assignment nor irqfds up to now. > >> > >> Jan > > > > Just to clarify: so in the end, we will need > > to basically do what qemu-kvm does, as well? > > Basically yes, but with refactored interfaces. E.g. all pseudo GSI > management will be privatized in the KVM layer. And MSI[-X] interfaces > will be refactored to reduce the code you need in virtio and pci-assign > for propagating vector changes to the routing subsystem. Details > regarding this aren't settled yet, but it will be just an add-on to the > MSI injection path for fully emulated devices, ie. the topic of this series. > > Jan > > -- > Siemens AG, Corporate Technology, CT T DE IT 1 > Corporate Competence Center Embedded Linux
Re: [Qemu-devel] [RFC][PATCH 1/2] kvm: Introduce basic MSI support in-kernel irqchips
On 2012-03-28 13:09, Avi Kivity wrote: > On 03/22/2012 01:17 AM, Jan Kiszka wrote: >> From: Jan Kiszka >> >> This patch basically adds kvm_irqchip_send_msi, a service for sending >> arbitrary MSI messages to KVM's in-kernel irqchip models. >> >> As the current KVI API requires us to establish a static route from a > > s/KVI/KVM/ > >> pseudo GSI to the target MSI message and inject the MSI via toggling >> that GSI, we need to play some tricks to make this unfortunately > > s/unfortunately/unfortunate/ Will fix these. > >> interface transparent. We create those routes on demand and keep them >> in a hash table. Succeeding messages can then search for an existing >> route in the table first and reuse it whenever possible. If we should >> run out of limited GSIs, we simply flush the table and rebuild it as >> messages are sent. >> >> This approach is rather simple and could be optimized further. However, >> it is more efficient to enhance the KVM API so that we do not need this >> clumsy dynamic routing over futures kernels. > > Two APIs are clumsier than one. The current one is very clumsy for user-injected MSIs while the new one won't be. It will also be very simple it implement if you recall the patch. I think that is worth it. > > wet the patch itself, suggest replacing the home grown hash with > http://developer.gnome.org/glib/2.30/glib-Caches.html. Let's keep it simple :). We have no need for many of those features, and it would not be possible to implement the logic as compact as it is right now. Jan -- Siemens AG, Corporate Technology, CT T DE IT 1 Corporate Competence Center Embedded Linux
Re: [Qemu-devel] [RFC][PATCH 0/2] uq/master: Basic MSI support for in-kernel irqchip mode
On 2012-03-28 13:31, Michael S. Tsirkin wrote: > Also, how would this support irqfd in the future? Will we have to > rip it all out and replace with per-device tracking that we > have today? Irqfd and kvm device assignment will require additional interfaces (of the kvm core in QEMU) via which you will be able to request stable routes from such sources to specified MSIs. That will be widely orthogonal to what is done in these patches here. >>> >>> Yes but not exactly as they will conflict for resources, right? >>> How do you plan to solve this? >> >> As done in my original series: If a static route requires a pseudo GSI >> and there are none free, we simply flush the dynamic MSI routes. > > Right. So static routes take precedence. This means that in effect > we will have two APIs in qemu: for fast MSIs and for slow ones, > the advantage of the slow APIs being that they are easier to use, > right? We will have two APIs depending on the source of the MSI. Special sources are the exception while emulated ones are the majority. And for the latter we should try very hard to keep things simple and clean. Jan -- Siemens AG, Corporate Technology, CT T DE IT 1 Corporate Competence Center Embedded Linux
[Qemu-devel] [PATCH V10 1/8] pci_ids: Add INTEL_82599_SFP_VF id.
Signed-off-by: Anthony PERARD Acked-by: Stefano Stabellini --- hw/pci_ids.h |1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/hw/pci_ids.h b/hw/pci_ids.h index e8235a7..649e6b3 100644 --- a/hw/pci_ids.h +++ b/hw/pci_ids.h @@ -118,6 +118,7 @@ #define PCI_DEVICE_ID_INTEL_82801I_UHCI6 0x2939 #define PCI_DEVICE_ID_INTEL_82801I_EHCI1 0x293a #define PCI_DEVICE_ID_INTEL_82801I_EHCI2 0x293c +#define PCI_DEVICE_ID_INTEL_82599_SFP_VF 0x10ed #define PCI_VENDOR_ID_XEN 0x5853 #define PCI_DEVICE_ID_XEN_PLATFORM 0x0001 -- Anthony PERARD
[Qemu-devel] [PATCH V10 7/8] Introduce apic-msidef.h
This patch move the msi definition from apic.c to apic-msidef.h. So it can be used also by other .c files. Signed-off-by: Anthony PERARD Acked-by: Stefano Stabellini --- hw/apic-msidef.h | 30 ++ hw/apic.c| 11 +-- 2 files changed, 31 insertions(+), 10 deletions(-) create mode 100644 hw/apic-msidef.h diff --git a/hw/apic-msidef.h b/hw/apic-msidef.h new file mode 100644 index 000..6e2eb71 --- /dev/null +++ b/hw/apic-msidef.h @@ -0,0 +1,30 @@ +#ifndef HW_APIC_MSIDEF_H +#define HW_APIC_MSIDEF_H + +/* + * Intel APIC constants: from include/asm/msidef.h + */ + +/* + * Shifts for MSI data + */ + +#define MSI_DATA_VECTOR_SHIFT 0 +#define MSI_DATA_VECTOR_MASK 0x00ff + +#define MSI_DATA_DELIVERY_MODE_SHIFT8 +#define MSI_DATA_LEVEL_SHIFT14 +#define MSI_DATA_TRIGGER_SHIFT 15 + +/* + * Shift/mask fields for msi address + */ + +#define MSI_ADDR_DEST_MODE_SHIFT2 + +#define MSI_ADDR_REDIRECTION_SHIFT 3 + +#define MSI_ADDR_DEST_ID_SHIFT 12 +#define MSI_ADDR_DEST_ID_MASK 0x000 + +#endif /* HW_APIC_MSIDEF_H */ diff --git a/hw/apic.c b/hw/apic.c index 4eeaf88..a8da2f1 100644 --- a/hw/apic.c +++ b/hw/apic.c @@ -22,19 +22,10 @@ #include "host-utils.h" #include "trace.h" #include "pc.h" +#include "apic-msidef.h" #define MAX_APIC_WORDS 8 -/* Intel APIC constants: from include/asm/msidef.h */ -#define MSI_DATA_VECTOR_SHIFT 0 -#define MSI_DATA_VECTOR_MASK 0x00ff -#define MSI_DATA_DELIVERY_MODE_SHIFT 8 -#define MSI_DATA_TRIGGER_SHIFT 15 -#define MSI_DATA_LEVEL_SHIFT 14 -#define MSI_ADDR_DEST_MODE_SHIFT 2 -#define MSI_ADDR_DEST_ID_SHIFT 12 -#defineMSI_ADDR_DEST_ID_MASK 0x000 - #define SYNC_FROM_VAPIC 0x1 #define SYNC_TO_VAPIC 0x2 #define SYNC_ISR_IRR_TO_VAPIC 0x4 -- Anthony PERARD
[Qemu-devel] [PATCH V10 4/8] pci.c: Add opaque argument to pci_for_each_device.
Signed-off-by: Anthony PERARD
Acked-by: Stefano Stabellini
---
hw/pci.c | 11 +++
hw/pci.h |4 +++-
hw/xen_platform.c |8
3 files changed, 14 insertions(+), 9 deletions(-)
diff --git a/hw/pci.c b/hw/pci.c
index 77001fa..49f1bf0 100644
--- a/hw/pci.c
+++ b/hw/pci.c
@@ -1123,7 +1123,9 @@ static const pci_class_desc pci_class_descriptions[] =
};
static void pci_for_each_device_under_bus(PCIBus *bus,
- void (*fn)(PCIBus *b, PCIDevice *d))
+ void (*fn)(PCIBus *b, PCIDevice *d,
+ void *opaque),
+ void *opaque)
{
PCIDevice *d;
int devfn;
@@ -1131,18 +1133,19 @@ static void pci_for_each_device_under_bus(PCIBus *bus,
for(devfn = 0; devfn < ARRAY_SIZE(bus->devices); devfn++) {
d = bus->devices[devfn];
if (d) {
-fn(bus, d);
+fn(bus, d, opaque);
}
}
}
void pci_for_each_device(PCIBus *bus, int bus_num,
- void (*fn)(PCIBus *b, PCIDevice *d))
+ void (*fn)(PCIBus *b, PCIDevice *d, void *opaque),
+ void *opaque)
{
bus = pci_find_bus(bus, bus_num);
if (bus) {
-pci_for_each_device_under_bus(bus, fn);
+pci_for_each_device_under_bus(bus, fn, opaque);
}
}
diff --git a/hw/pci.h b/hw/pci.h
index 4f19fdb..2827fd1 100644
--- a/hw/pci.h
+++ b/hw/pci.h
@@ -296,7 +296,9 @@ PCIDevice *pci_nic_init(NICInfo *nd, const char
*default_model,
PCIDevice *pci_nic_init_nofail(NICInfo *nd, const char *default_model,
const char *default_devaddr);
int pci_bus_num(PCIBus *s);
-void pci_for_each_device(PCIBus *bus, int bus_num, void (*fn)(PCIBus *bus,
PCIDevice *d));
+void pci_for_each_device(PCIBus *bus, int bus_num,
+ void (*fn)(PCIBus *bus, PCIDevice *d, void *opaque),
+ void *opaque);
PCIBus *pci_find_root_bus(int domain);
int pci_find_domain(const PCIBus *bus);
PCIBus *pci_find_bus(PCIBus *bus, int bus_num);
diff --git a/hw/xen_platform.c b/hw/xen_platform.c
index 5a7c4cc..88ff5e8 100644
--- a/hw/xen_platform.c
+++ b/hw/xen_platform.c
@@ -83,7 +83,7 @@ static void log_writeb(PCIXenPlatformState *s, char val)
#define UNPLUG_ALL_NICS 2
#define UNPLUG_AUX_IDE_DISKS 4
-static void unplug_nic(PCIBus *b, PCIDevice *d)
+static void unplug_nic(PCIBus *b, PCIDevice *d, void *o)
{
if (pci_get_word(d->config + PCI_CLASS_DEVICE) ==
PCI_CLASS_NETWORK_ETHERNET) {
@@ -93,10 +93,10 @@ static void unplug_nic(PCIBus *b, PCIDevice *d)
static void pci_unplug_nics(PCIBus *bus)
{
-pci_for_each_device(bus, 0, unplug_nic);
+pci_for_each_device(bus, 0, unplug_nic, NULL);
}
-static void unplug_disks(PCIBus *b, PCIDevice *d)
+static void unplug_disks(PCIBus *b, PCIDevice *d, void *o)
{
if (pci_get_word(d->config + PCI_CLASS_DEVICE) ==
PCI_CLASS_STORAGE_IDE) {
@@ -106,7 +106,7 @@ static void unplug_disks(PCIBus *b, PCIDevice *d)
static void pci_unplug_disks(PCIBus *bus)
{
-pci_for_each_device(bus, 0, unplug_disks);
+pci_for_each_device(bus, 0, unplug_disks, NULL);
}
static void platform_fixed_ioport_writew(void *opaque, uint32_t addr, uint32_t
val)
--
Anthony PERARD
[Qemu-devel] [PATCH V10 6/8] Introduce Xen PCI Passthrough, PCI config space helpers (2/3)
From: Allen Kay
A more complete history can be found here:
git://xenbits.xensource.com/qemu-xen-unstable.git
Signed-off-by: Allen Kay
Signed-off-by: Guy Zana
Signed-off-by: Anthony PERARD
Acked-by: Stefano Stabellini
---
hw/xen_pt.c | 10 +
hw/xen_pt.h |2 +
hw/xen_pt_config_init.c | 1386 +++
3 files changed, 1398 insertions(+), 0 deletions(-)
diff --git a/hw/xen_pt.c b/hw/xen_pt.c
index dc762bb..760679c 100644
--- a/hw/xen_pt.c
+++ b/hw/xen_pt.c
@@ -676,6 +676,13 @@ static int xen_pt_initfn(PCIDevice *d)
/* Handle real device's MMIO/PIO BARs */
xen_pt_register_regions(s);
+/* reinitialize each config register to be emulated */
+if (xen_pt_config_init(s)) {
+XEN_PT_ERR(d, "PCI Config space initialisation failed.\n");
+xen_host_pci_device_put(&s->real_device);
+return -1;
+}
+
/* Bind interrupt */
if (!s->dev.config[PCI_INTERRUPT_PIN]) {
XEN_PT_LOG(d, "no pin interrupt\n");
@@ -774,6 +781,9 @@ static int xen_pt_unregister_device(PCIDevice *d)
}
}
+/* delete all emulated config registers */
+xen_pt_config_delete(s);
+
xen_pt_unregister_regions(s);
memory_listener_unregister(&s->memory_listener);
diff --git a/hw/xen_pt.h b/hw/xen_pt.h
index b7c080c..3766f07 100644
--- a/hw/xen_pt.h
+++ b/hw/xen_pt.h
@@ -62,6 +62,8 @@ typedef int (*xen_pt_conf_byte_read)
#define XEN_PT_BAR_ALLF 0x
#define XEN_PT_BAR_UNMAPPED (-1)
+#define PCI_CAP_MAX 48
+
typedef enum {
XEN_PT_GRP_TYPE_HARDWIRED = 0, /* 0 Hardwired reg group */
diff --git a/hw/xen_pt_config_init.c b/hw/xen_pt_config_init.c
index 64d22e8..13e3f0d 100644
--- a/hw/xen_pt_config_init.c
+++ b/hw/xen_pt_config_init.c
@@ -1,11 +1,1397 @@
+/*
+ * Copyright (c) 2007, Neocleus Corporation.
+ * Copyright (c) 2007, Intel Corporation.
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2. See
+ * the COPYING file in the top-level directory.
+ *
+ * Alex Novik
+ * Allen Kay
+ * Guy Zana
+ *
+ * This file implements direct PCI assignment to a HVM guest
+ */
+
+#include "qemu-timer.h"
+#include "xen_backend.h"
#include "xen_pt.h"
+#define XEN_PT_MERGE_VALUE(value, data, val_mask) \
+(((value) & (val_mask)) | ((data) & ~(val_mask)))
+
+#define XEN_PT_INVALID_REG 0x /* invalid register value
*/
+
+/* prototype */
+
+static int xen_pt_ptr_reg_init(XenPCIPassthroughState *s, XenPTRegInfo *reg,
+ uint32_t real_offset, uint32_t *data);
+
+
+/* helper */
+
+/* A return value of 1 means the capability should NOT be exposed to guest. */
+static int xen_pt_hide_dev_cap(const XenHostPCIDevice *d, uint8_t grp_id)
+{
+switch (grp_id) {
+case PCI_CAP_ID_EXP:
+/* The PCI Express Capability Structure of the VF of Intel 82599 10GbE
+ * Controller looks trivial, e.g., the PCI Express Capabilities
+ * Register is 0. We should not try to expose it to guest.
+ *
+ * The datasheet is available at
+ *
http://download.intel.com/design/network/datashts/82599_datasheet.pdf
+ *
+ * See 'Table 9.7. VF PCIe Configuration Space' of the datasheet, the
+ * PCI Express Capability Structure of the VF of Intel 82599 10GbE
+ * Controller looks trivial, e.g., the PCI Express Capabilities
+ * Register is 0, so the Capability Version is 0 and
+ * xen_pt_pcie_size_init() would fail.
+ */
+if (d->vendor_id == PCI_VENDOR_ID_INTEL &&
+d->device_id == PCI_DEVICE_ID_INTEL_82599_SFP_VF) {
+return 1;
+}
+break;
+}
+return 0;
+}
+
+/* find emulate register group entry */
XenPTRegGroup *xen_pt_find_reg_grp(XenPCIPassthroughState *s, uint32_t address)
{
+XenPTRegGroup *entry = NULL;
+
+/* find register group entry */
+QLIST_FOREACH(entry, &s->reg_grps, entries) {
+/* check address */
+if ((entry->base_offset <= address)
+&& ((entry->base_offset + entry->size) > address)) {
+return entry;
+}
+}
+
+/* group entry not found */
return NULL;
}
+/* find emulate register entry */
XenPTReg *xen_pt_find_reg(XenPTRegGroup *reg_grp, uint32_t address)
{
+XenPTReg *reg_entry = NULL;
+XenPTRegInfo *reg = NULL;
+uint32_t real_offset = 0;
+
+/* find register entry */
+QLIST_FOREACH(reg_entry, ®_grp->reg_tbl_list, entries) {
+reg = reg_entry->reg;
+real_offset = reg_grp->base_offset + reg->offset;
+/* check address */
+if ((real_offset <= address)
+&& ((real_offset + reg->size) > address)) {
+return reg_entry;
+}
+}
+
return NULL;
}
+
+
+/
+ * general register functions
+ */
+
+/* register initialization function */
+
+static int xen_pt_common_reg_init(XenPCIPassthroughState *s,
+
Re: [Qemu-devel] [RFC][PATCH 1/2] kvm: Introduce basic MSI support in-kernel irqchips
On 03/28/2012 01:33 PM, Jan Kiszka wrote: > On 2012-03-28 13:09, Avi Kivity wrote: > > On 03/22/2012 01:17 AM, Jan Kiszka wrote: > >> From: Jan Kiszka > >> > >> This patch basically adds kvm_irqchip_send_msi, a service for sending > >> arbitrary MSI messages to KVM's in-kernel irqchip models. > >> > >> As the current KVI API requires us to establish a static route from a > > > > s/KVI/KVM/ > > > >> pseudo GSI to the target MSI message and inject the MSI via toggling > >> that GSI, we need to play some tricks to make this unfortunately > > > > s/unfortunately/unfortunate/ > > Will fix these. Only needed if you end up reposting. > > > >> interface transparent. We create those routes on demand and keep them > >> in a hash table. Succeeding messages can then search for an existing > >> route in the table first and reuse it whenever possible. If we should > >> run out of limited GSIs, we simply flush the table and rebuild it as > >> messages are sent. > >> > >> This approach is rather simple and could be optimized further. However, > >> it is more efficient to enhance the KVM API so that we do not need this > >> clumsy dynamic routing over futures kernels. > > > > Two APIs are clumsier than one. > > The current one is very clumsy for user-injected MSIs while the new one > won't be. It will also be very simple it implement if you recall the > patch. I think that is worth it. Don't see why. The clumsiness will be retained. The cpu doesn't care how clumsy the API is, only the reader. > > > > > wet the patch itself, suggest replacing the home grown hash with > > http://developer.gnome.org/glib/2.30/glib-Caches.html. > > Let's keep it simple :). We have no need for many of those features, and > it would not be possible to implement the logic as compact as it is > right now. Due to the callbacks? What if the code grows? -- error compiling committee.c: too many arguments to function
Re: [Qemu-devel] [RFC][PATCH 1/2] kvm: Introduce basic MSI support in-kernel irqchips
On 2012-03-28 13:44, Avi Kivity wrote: > On 03/28/2012 01:33 PM, Jan Kiszka wrote: >> On 2012-03-28 13:09, Avi Kivity wrote: >>> On 03/22/2012 01:17 AM, Jan Kiszka wrote: From: Jan Kiszka This patch basically adds kvm_irqchip_send_msi, a service for sending arbitrary MSI messages to KVM's in-kernel irqchip models. As the current KVI API requires us to establish a static route from a >>> >>> s/KVI/KVM/ >>> pseudo GSI to the target MSI message and inject the MSI via toggling that GSI, we need to play some tricks to make this unfortunately >>> >>> s/unfortunately/unfortunate/ >> >> Will fix these. > > Only needed if you end up reposting. I will have to, I spotted a memory leak. > >>> interface transparent. We create those routes on demand and keep them in a hash table. Succeeding messages can then search for an existing route in the table first and reuse it whenever possible. If we should run out of limited GSIs, we simply flush the table and rebuild it as messages are sent. This approach is rather simple and could be optimized further. However, it is more efficient to enhance the KVM API so that we do not need this clumsy dynamic routing over futures kernels. >>> >>> Two APIs are clumsier than one. >> >> The current one is very clumsy for user-injected MSIs while the new one >> won't be. It will also be very simple it implement if you recall the >> patch. I think that is worth it. > > Don't see why. The clumsiness will be retained. The cpu doesn't care > how clumsy the API is, only the reader. We won't have to do any hashing/caching over the new API, just a plain "deliver this MSI" IOCTL. Specifically all our upcoming archs like Power and ARM will be able to take the shiny highway instead of the winding countryside road. > >> >>> >>> wet the patch itself, suggest replacing the home grown hash with >>> http://developer.gnome.org/glib/2.30/glib-Caches.html. >> >> Let's keep it simple :). We have no need for many of those features, and >> it would not be possible to implement the logic as compact as it is >> right now. > > Due to the callbacks? Yep. That API pays of if you have more iterations and insertions/removals. > > What if the code grows? It won't as it only has to emulate direct MSI injection over the existing API. That's a static feature. Jan -- Siemens AG, Corporate Technology, CT T DE IT 1 Corporate Competence Center Embedded Linux
[Qemu-devel] [PATCH V10 0/8] Xen PCI Passthrough
Hi all, This patch series introduces the PCI passthrough for Xen. Please review patches number 1, 2, 3, 4 and 7. First, we have XenHostPCIDevice that help to access one PCI device of the host. Then, the PCI passthrough device himself. Cut in 3 parts (or file), there is one to take care of the initialisation of a passthrough device. The second one handle everything about the config address space, there are specifics functions for every config register. The third one is to handle MSI. There is a patch series on xen-devel (applied to xen-unstable) that add the support of setting a PCI passthrough device through QMP from libxl (xen tool stack). It is just a call to device_add, with the driver parametter hostaddr=":07:00.1". Change v9-v10: host-pci-device: - rename to xen-host-pci-device. - suppress usage of scanf and use strtol instead. - add irq field - no more goto loop xen_pt: - take machine_irq value from XenHostPCIDevice instead of reading it from the pci config space - rename xen_pci_device to xen_pt - use xen_pt as prefix # this should fix namespace issue Change v8-v9: - rename PCI_DEVICE_ID_INTEL_82599_VF to PCI_DEVICE_ID_INTEL_82599_SFP_VF to be consistant with Linux. - remove the patch about checking bar overlaps, the function is now in xen_pci_passthrough.c and uses pci_for_each_device. - Introduce an opaque argument to the function pci_for_each_device. - Fix the usage of memory listener: declare a stub function for every callback in the MemoryListener. Change v7-v8: - rework of the memory mapping of BARs. We now use a memory_listener to update a xen memory_mapping when a memory_region is updated. - address few comment from Michael in the pci_check_overlap function. - fix the handling of the ROM slot. Change v6-v7: - few fix and rebased on master - remove of the power management capability, keep the minimum like if it is always desactivated. - new patch: port of patch from the qemu-xen fork. Change v5-v6: - msitraslate code have been removed. - code for the power management capability is removed, but will be re-added for the next version of the patch series as a separate patch. - new patch to remove a check in pci_parse_devaddr. - use pci_default_config_write, so no more hack to handle the BAR mapping in QEMU. - improve the code in general (a bit more comprehensible). - update to QOM. Change v4-v5: - return -errno if there is an error in host_pci_get_* - rename internal function get_value to get_hex_value (and return the same error value has get_resource) Change v3-v4: - host_pci_get_* can now return an error, and take an extra parameter, a pointer to store the wanted value. - The memory_region for the PCI BAR are handled "manualy" because calling pci_default_write_config was not possible, because the XenPT handle the PCIIORegion it self. This make possible to do a device_remove. - Introduction of PT_ERR and PT_WARN macro to print debug and error messages. Also, these macro as well as PT_LOG will always print the short BDF of the device in the guest point of view. - PT_ERR is print by default (for all error messages). - Some debug/error message have been improve and should be a bit more useful. - hw_error have been removed from the code, and have been replaced by either a call to qemu_system_shudown_request() (that lead to a domain destroy) or a failed in the initialisation of the device. - Now, every patchs should compile with no error. Change v2-v3; - in host-pci-device.c: - Return more usefull error code in get_ressource(). - Use macro in host_pci_find_ext_cap_offset instead of raw number. But I still not sure if PCI_MAX_EXT_CAP is right, it's result is 480 like it was before, so it's maybe ok. - All use of MSI stuff in two first pci passthrough patch have been removed and move to the last patch. Change v1-v2: - fix style issue (checkpatch.pl) - set the original authors, add some missing copyright headers - HostPCIDevice: - introduce HostPCIIORegions (with base_addr, size, flags) - save all flags from ./resource and store it in a separate field. - fix endianess on write - new host_pci_dev_put function - use pci.c like interface host_pci_get/set_byte/word/long (instead of host_pci_read/write_) - compile HostPCIDevice only on linux (as well as xen_pci_passthrough) - introduce apic-msidef.h file. - no more run_one_timer, if a pci device is in the middle of a power transition, just "return an error" in config read/write - use a global var mapped_machine_irq (local to xen_pci_passthrough.c) - add msitranslate and power-mgmt ad qdev property Allen Kay (2): Introduce Xen PCI Passthrough, qdevice (1/3) Introduce Xen PCI Passthrough, PCI config space helpers (2/3) Anthony PERARD (5): pci_ids: Add INTEL_82599_SFP_VF id. configure: Introduce --en
Re: [Qemu-devel] [RFC][PATCH 1/2] kvm: Introduce basic MSI support in-kernel irqchips
On Wed, Mar 28, 2012 at 01:09:25PM +0200, Avi Kivity wrote: > On 03/22/2012 01:17 AM, Jan Kiszka wrote: > > From: Jan Kiszka > > > > This patch basically adds kvm_irqchip_send_msi, a service for sending > > arbitrary MSI messages to KVM's in-kernel irqchip models. > > > > As the current KVI API requires us to establish a static route from a > > s/KVI/KVM/ > > > pseudo GSI to the target MSI message and inject the MSI via toggling > > that GSI, we need to play some tricks to make this unfortunately > > s/unfortunately/unfortunate/ > > > interface transparent. We create those routes on demand and keep them > > in a hash table. Succeeding messages can then search for an existing > > route in the table first and reuse it whenever possible. If we should > > run out of limited GSIs, we simply flush the table and rebuild it as > > messages are sent. > > > > This approach is rather simple and could be optimized further. However, > > it is more efficient to enhance the KVM API so that we do not need this > > clumsy dynamic routing over futures kernels. > > Two APIs are clumsier than one. > > wet the patch itself, suggest replacing the home grown hash with > http://developer.gnome.org/glib/2.30/glib-Caches.html. I'd claim that the existing API is really not fit for what this patch wants to do, specifically support a huge number of MSI vectors. GSI routing was supposed to be mostly static. We do things like RCU slow path when they are changed, so routing changes during injection will be bad for real time guests. So either we want to support unlimited number of MSI vectors, in which case it makes sense to me to add kernel support to do this efficiently, or not in which case we don't need it in userspace either. No? > -- > error compiling committee.c: too many arguments to function
[Qemu-devel] [PATCH V10 8/8] Introduce Xen PCI Passthrough, MSI (3/3)
From: Jiang Yunhong
A more complete history can be found here:
git://xenbits.xensource.com/qemu-xen-unstable.git
Signed-off-by: Jiang Yunhong
Signed-off-by: Shan Haitao
Signed-off-by: Anthony PERARD
Acked-by: Stefano Stabellini
---
Makefile.target |1 +
hw/xen_pt.c | 31 +++-
hw/xen_pt.h | 51
hw/xen_pt_config_init.c | 471 +++
hw/xen_pt_msi.c | 620 +++
5 files changed, 1173 insertions(+), 1 deletions(-)
create mode 100644 hw/xen_pt_msi.c
diff --git a/Makefile.target b/Makefile.target
index fb9f63b..7f3c80f 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -239,6 +239,7 @@ obj-i386-$(CONFIG_XEN) += xen_platform.o
obj-i386-$(CONFIG_XEN_PCI_PASSTHROUGH) += xen-host-pci-device.o
obj-i386-$(CONFIG_XEN_PCI_PASSTHROUGH) += xen_pt.o
obj-i386-$(CONFIG_XEN_PCI_PASSTHROUGH) += xen_pt_config_init.o
+obj-i386-$(CONFIG_XEN_PCI_PASSTHROUGH) += xen_pt_msi.o
# Inter-VM PCI shared memory
CONFIG_IVSHMEM =
diff --git a/hw/xen_pt.c b/hw/xen_pt.c
index 760679c..0c3a961 100644
--- a/hw/xen_pt.c
+++ b/hw/xen_pt.c
@@ -36,6 +36,20 @@
*
* Write '1'
* - Set real bit to '1'.
+ *
+ * MSI interrupt:
+ * Initialize MSI register(xen_pt_msi_setup, xen_pt_msi_update)
+ * Bind MSI(xc_domain_update_msi_irq)
+ *
+ * - Unmap MSI.
+ * - Set dev->msi->pirq to '-1'.
+ *
+ * MSI-X interrupt:
+ * Initialize MSI-X register(xen_pt_msix_update_one)
+ * Bind MSI-X(xc_domain_update_msi_irq)
+ *
+ * - Unmap MSI-X.
+ * - Set entry->pirq to '-1'.
*/
#include
@@ -534,7 +548,15 @@ static void xen_pt_region_update(XenPCIPassthroughState *s,
};
bar = xen_pt_bar_from_region(s, mr);
-if (bar == -1) {
+if (bar == -1 && (!s->msix || &s->msix->mmio != mr)) {
+return;
+}
+
+if (s->msix && &s->msix->mmio == mr) {
+if (adding) {
+s->msix->mmio_base_addr = sec->offset_within_address_space;
+rc = xen_pt_msix_update_remap(s, s->msix->bar_index);
+}
return;
}
@@ -767,6 +789,13 @@ static int xen_pt_unregister_device(PCIDevice *d)
}
}
+if (s->msi) {
+xen_pt_msi_disable(s);
+}
+if (s->msix) {
+xen_pt_msix_disable(s);
+}
+
if (machine_irq) {
xen_pt_mapped_machine_irq[machine_irq]--;
diff --git a/hw/xen_pt.h b/hw/xen_pt.h
index 3766f07..9a51d1e 100644
--- a/hw/xen_pt.h
+++ b/hw/xen_pt.h
@@ -160,6 +160,36 @@ typedef struct XenPTRegGroup {
#define XEN_PT_UNASSIGNED_PIRQ (-1)
+typedef struct XenPTMSI {
+uint16_t flags;
+uint32_t addr_lo; /* guest message address */
+uint32_t addr_hi; /* guest message upper address */
+uint16_t data; /* guest message data */
+uint32_t ctrl_offset; /* saved control offset */
+int pirq; /* guest pirq corresponding */
+bool initialized; /* when guest MSI is initialized */
+bool mapped; /* when pirq is mapped */
+} XenPTMSI;
+
+typedef struct XenPTMSIXEntry {
+int pirq;
+uint64_t addr;
+uint32_t data;
+uint32_t vector_ctrl;
+bool updated; /* indicate whether MSI ADDR or DATA is updated */
+} XenPTMSIXEntry;
+typedef struct XenPTMSIX {
+uint32_t ctrl_offset;
+bool enabled;
+int total_entries;
+int bar_index;
+uint64_t table_base;
+uint32_t table_offset_adjust; /* page align mmap */
+uint64_t mmio_base_addr;
+MemoryRegion mmio;
+void *phys_iomem_base;
+XenPTMSIXEntry msix_entry[0];
+} XenPTMSIX;
struct XenPCIPassthroughState {
PCIDevice dev;
@@ -172,6 +202,9 @@ struct XenPCIPassthroughState {
uint32_t machine_irq;
+XenPTMSI *msi;
+XenPTMSIX *msix;
+
MemoryRegion bar[PCI_NUM_REGIONS - 1];
MemoryRegion rom;
@@ -247,4 +280,22 @@ static inline uint8_t
xen_pt_pci_intx(XenPCIPassthroughState *s)
return r_val;
}
+/* MSI/MSI-X */
+int xen_pt_msi_set_enable(XenPCIPassthroughState *s, bool en);
+int xen_pt_msi_setup(XenPCIPassthroughState *s);
+int xen_pt_msi_update(XenPCIPassthroughState *d);
+void xen_pt_msi_disable(XenPCIPassthroughState *s);
+
+int xen_pt_msix_init(XenPCIPassthroughState *s, uint32_t base);
+void xen_pt_msix_delete(XenPCIPassthroughState *s);
+int xen_pt_msix_update(XenPCIPassthroughState *s);
+int xen_pt_msix_update_remap(XenPCIPassthroughState *s, int bar_index);
+void xen_pt_msix_disable(XenPCIPassthroughState *s);
+
+static inline bool xen_pt_has_msix_mapping(XenPCIPassthroughState *s, int bar)
+{
+return s->msix && s->msix->bar_index == bar;
+}
+
+
#endif /* !XEN_PT_H */
diff --git a/hw/xen_pt_config_init.c b/hw/xen_pt_config_init.c
index 13e3f0d..1e50802 100644
--- a/hw/xen_pt_config_init.c
+++ b/hw/xen_pt_config_init.c
@@ -1021,6 +1021,410 @@ static XenPTRegInfo xen_pt_emu_reg_pm[] = {
};
+/
+ * MSI Capability
+ */
+
+/* Helper */
+static bool xen_pt_
[Qemu-devel] [PATCH V10 2/8] configure: Introduce --enable-xen-pci-passthrough.
Signed-off-by: Anthony PERARD Acked-by: Stefano Stabellini --- configure | 25 + 1 files changed, 25 insertions(+), 0 deletions(-) diff --git a/configure b/configure index 14ef738..cb7bc75 100755 --- a/configure +++ b/configure @@ -136,6 +136,7 @@ vnc_png="" vnc_thread="no" xen="" xen_ctrl_version="" +xen_pci_passthrough="" linux_aio="" cap_ng="" attr="" @@ -682,6 +683,10 @@ for opt do ;; --enable-xen) xen="yes" ;; + --disable-xen-pci-passthrough) xen_pci_passthrough="no" + ;; + --enable-xen-pci-passthrough) xen_pci_passthrough="yes" + ;; --disable-brlapi) brlapi="no" ;; --enable-brlapi) brlapi="yes" @@ -1034,6 +1039,8 @@ echo " (affects only QEMU, not qemu-img)" echo " --enable-mixemu enable mixer emulation" echo " --disable-xendisable xen backend driver support" echo " --enable-xen enable xen backend driver support" +echo " --disable-xen-pci-passthrough" +echo " --enable-xen-pci-passthrough" echo " --disable-brlapi disable BrlAPI" echo " --enable-brlapi enable BrlAPI" echo " --disable-vnc-tlsdisable TLS encryption for VNC server" @@ -1478,6 +1485,21 @@ EOF fi fi +if test "$xen_pci_passthrough" != "no"; then + if test "$xen" = "yes" && test "$linux" = "yes"; then +xen_pci_passthrough=yes + else +if test "$xen_pci_passthrough" = "yes"; then + echo "ERROR" + echo "ERROR: User requested feature Xen PCI Passthrough" + echo "ERROR: but this feature require /sys from Linux" + echo "ERROR" + exit 1; +fi +xen_pci_passthrough=no + fi +fi + ## # pkg-config probe @@ -3635,6 +3657,9 @@ case "$target_arch2" in if test "$xen" = "yes" -a "$target_softmmu" = "yes" ; then target_phys_bits=64 echo "CONFIG_XEN=y" >> $config_target_mak + if test "$xen_pci_passthrough" = yes; then +echo "CONFIG_XEN_PCI_PASSTHROUGH=y" >> "$config_target_mak" + fi else echo "CONFIG_NO_XEN=y" >> $config_target_mak fi -- Anthony PERARD
[Qemu-devel] [PATCH V10 5/8] Introduce Xen PCI Passthrough, qdevice (1/3)
From: Allen Kay
A more complete history can be found here:
git://xenbits.xensource.com/qemu-xen-unstable.git
Signed-off-by: Allen Kay
Signed-off-by: Guy Zana
Signed-off-by: Anthony PERARD
Acked-by: Stefano Stabellini
---
Makefile.target |2 +
hw/xen_common.h |3 +
hw/xen_pt.c | 815 +++
hw/xen_pt.h | 248 ++
hw/xen_pt_config_init.c | 11 +
xen-all.c | 12 +
6 files changed, 1091 insertions(+), 0 deletions(-)
create mode 100644 hw/xen_pt.c
create mode 100644 hw/xen_pt.h
create mode 100644 hw/xen_pt_config_init.c
diff --git a/Makefile.target b/Makefile.target
index 70386a7..fb9f63b 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -237,6 +237,8 @@ obj-i386-$(CONFIG_XEN) += xen_platform.o
# Xen PCI Passthrough
obj-i386-$(CONFIG_XEN_PCI_PASSTHROUGH) += xen-host-pci-device.o
+obj-i386-$(CONFIG_XEN_PCI_PASSTHROUGH) += xen_pt.o
+obj-i386-$(CONFIG_XEN_PCI_PASSTHROUGH) += xen_pt_config_init.o
# Inter-VM PCI shared memory
CONFIG_IVSHMEM =
diff --git a/hw/xen_common.h b/hw/xen_common.h
index 0409ac7..48916fd 100644
--- a/hw/xen_common.h
+++ b/hw/xen_common.h
@@ -135,4 +135,7 @@ static inline int xc_fd(xc_interface *xen_xc)
void destroy_hvm_domain(void);
+/* shutdown/destroy current domain because of an error */
+void xen_shutdown_fatal_error(const char *fmt, ...) GCC_FMT_ATTR(1, 2);
+
#endif /* QEMU_HW_XEN_COMMON_H */
diff --git a/hw/xen_pt.c b/hw/xen_pt.c
new file mode 100644
index 000..dc762bb
--- /dev/null
+++ b/hw/xen_pt.c
@@ -0,0 +1,815 @@
+/*
+ * Copyright (c) 2007, Neocleus Corporation.
+ * Copyright (c) 2007, Intel Corporation.
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2. See
+ * the COPYING file in the top-level directory.
+ *
+ * Alex Novik
+ * Allen Kay
+ * Guy Zana
+ *
+ * This file implements direct PCI assignment to a HVM guest
+ */
+
+/*
+ * Interrupt Disable policy:
+ *
+ * INTx interrupt:
+ * Initialize(register_real_device)
+ * Map INTx(xc_physdev_map_pirq):
+ *
+ * - Set real Interrupt Disable bit to '1'.
+ * - Set machine_irq and assigned_device->machine_irq to '0'.
+ * * Don't bind INTx.
+ *
+ * Bind INTx(xc_domain_bind_pt_pci_irq):
+ *
+ * - Set real Interrupt Disable bit to '1'.
+ * - Unmap INTx.
+ * - Decrement xen_pt_mapped_machine_irq[machine_irq]
+ * - Set assigned_device->machine_irq to '0'.
+ *
+ * Write to Interrupt Disable bit by guest software(xen_pt_cmd_reg_write)
+ * Write '0'
+ * - Set real bit to '0' if assigned_device->machine_irq isn't '0'.
+ *
+ * Write '1'
+ * - Set real bit to '1'.
+ */
+
+#include
+
+#include "pci.h"
+#include "xen.h"
+#include "xen_backend.h"
+#include "xen_pt.h"
+#include "range.h"
+
+#define XEN_PT_NR_IRQS (256)
+static uint8_t xen_pt_mapped_machine_irq[XEN_PT_NR_IRQS] = {0};
+
+void xen_pt_log(const PCIDevice *d, const char *f, ...)
+{
+va_list ap;
+
+va_start(ap, f);
+if (d) {
+fprintf(stderr, "[%02x:%02x.%x] ", pci_bus_num(d->bus),
+PCI_SLOT(d->devfn), PCI_FUNC(d->devfn));
+}
+vfprintf(stderr, f, ap);
+va_end(ap);
+}
+
+/* Config Space */
+
+static int xen_pt_pci_config_access_check(PCIDevice *d, uint32_t addr, int len)
+{
+/* check offset range */
+if (addr >= 0xFF) {
+XEN_PT_ERR(d, "Failed to access register with offset exceeding 0xFF. "
+ "(addr: 0x%02x, len: %d)\n", addr, len);
+return -1;
+}
+
+/* check read size */
+if ((len != 1) && (len != 2) && (len != 4)) {
+XEN_PT_ERR(d, "Failed to access register with invalid access length. "
+ "(addr: 0x%02x, len: %d)\n", addr, len);
+return -1;
+}
+
+/* check offset alignment */
+if (addr & (len - 1)) {
+XEN_PT_ERR(d, "Failed to access register with invalid access size "
+ "alignment. (addr: 0x%02x, len: %d)\n", addr, len);
+return -1;
+}
+
+return 0;
+}
+
+int xen_pt_bar_offset_to_index(uint32_t offset)
+{
+int index = 0;
+
+/* check Exp ROM BAR */
+if (offset == PCI_ROM_ADDRESS) {
+return PCI_ROM_SLOT;
+}
+
+/* calculate BAR index */
+index = (offset - PCI_BASE_ADDRESS_0) >> 2;
+if (index >= PCI_NUM_REGIONS) {
+return -1;
+}
+
+return index;
+}
+
+static uint32_t xen_pt_pci_read_config(PCIDevice *d, uint32_t addr, int len)
+{
+XenPCIPassthroughState *s = DO_UPCAST(XenPCIPassthroughState, dev, d);
+uint32_t val = 0;
+XenPTRegGroup *reg_grp_entry = NULL;
+XenPTReg *reg_entry = NULL;
+int rc = 0;
+int emul_len = 0;
+uint32_t find_addr = addr;
+
+if (xen_pt_pci_config_access_check(d, addr, len)) {
+goto exit;
+}
+
+/* find register group entry */
+reg_grp_entry = xen_pt_find_reg_grp(s, addr);
+if (reg_grp_entry) {
+/* ch
[Qemu-devel] [PATCH V10 3/8] Introduce XenHostPCIDevice to access a pci device on the host.
Signed-off-by: Anthony PERARD
---
Makefile.target |3 +
hw/xen-host-pci-device.c | 354 ++
hw/xen-host-pci-device.h | 78 ++
3 files changed, 435 insertions(+), 0 deletions(-)
create mode 100644 hw/xen-host-pci-device.c
create mode 100644 hw/xen-host-pci-device.h
diff --git a/Makefile.target b/Makefile.target
index 44b2e83..70386a7 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -235,6 +235,9 @@ obj-$(CONFIG_NO_XEN) += xen-stub.o
obj-i386-$(CONFIG_XEN) += xen_platform.o
+# Xen PCI Passthrough
+obj-i386-$(CONFIG_XEN_PCI_PASSTHROUGH) += xen-host-pci-device.o
+
# Inter-VM PCI shared memory
CONFIG_IVSHMEM =
ifeq ($(CONFIG_KVM), y)
diff --git a/hw/xen-host-pci-device.c b/hw/xen-host-pci-device.c
new file mode 100644
index 000..a1932d9
--- /dev/null
+++ b/hw/xen-host-pci-device.c
@@ -0,0 +1,354 @@
+/*
+ * Copyright (C) 2011 Citrix Ltd.
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2. See
+ * the COPYING file in the top-level directory.
+ *
+ */
+
+#include "qemu-common.h"
+#include "xen-host-pci-device.h"
+
+#define XEN_HOST_PCI_MAX_EXT_CAP \
+((PCIE_CONFIG_SPACE_SIZE - PCI_CONFIG_SPACE_SIZE) / (PCI_CAP_SIZEOF + 4))
+
+#ifdef XEN_HOST_PCI_DEVICE_DEBUG
+# define XEN_HOST_PCI_LOG(f, a...) fprintf(stderr, "%s: " f, __func__, ##a)
+#else
+# define XEN_HOST_PCI_LOG(f, a...) (void)0
+#endif
+
+static int xen_host_pci_sysfs_path(const XenHostPCIDevice *d,
+ const char *name, char *buf, ssize_t size)
+{
+int rc;
+
+rc = snprintf(buf, size, "/sys/bus/pci/devices/%04x:%02x:%02x.%x/%s",
+ d->domain, d->bus, d->dev, d->func, name);
+
+if (rc >= size || rc < 0) {
+/* The ouput is truncated or an other error is encountered */
+return -1;
+}
+return 0;
+}
+
+static int xen_host_pci_get_resource(XenHostPCIDevice *d)
+{
+int i, rc, fd;
+char path[PATH_MAX];
+char buf[512];
+unsigned long long start, end, flags, size;
+char *endptr, *s;
+
+if (xen_host_pci_sysfs_path(d, "resource", path, sizeof (path))) {
+return -1;
+}
+fd = open(path, O_RDONLY);
+if (fd == -1) {
+XEN_HOST_PCI_LOG("Error: Can't open %s: %s\n", path, strerror(errno));
+return -errno;
+}
+
+do {
+rc = read(fd, &buf, sizeof (buf));
+if (rc < 0 && errno != EINTR) {
+rc = -errno;
+goto out;
+}
+} while (rc < 0);
+buf[rc] = 0;
+rc = 0;
+
+s = buf;
+for (i = 0; i < PCI_NUM_REGIONS; i++) {
+start = strtoll(s, &endptr, 16);
+if (*endptr != ' ' || s == endptr) {
+break;
+}
+s = endptr + 1;
+end = strtoll(s, &endptr, 16);
+if (*endptr != ' ' || s == endptr) {
+break;
+}
+s = endptr + 1;
+flags = strtoll(s, &endptr, 16);
+if (*endptr != '\n' || s == endptr) {
+break;
+}
+s = endptr + 1;
+
+if (start) {
+size = end - start + 1;
+} else {
+size = 0;
+}
+
+if (i < PCI_ROM_SLOT) {
+d->io_regions[i].base_addr = start;
+d->io_regions[i].size = size;
+d->io_regions[i].flags = flags;
+} else {
+d->rom.base_addr = start;
+d->rom.size = size;
+d->rom.flags = flags;
+}
+}
+if (i != PCI_NUM_REGIONS) {
+rc = -1;
+}
+
+out:
+close(fd);
+return rc;
+}
+
+static int xen_host_pci_get_value(XenHostPCIDevice *d, const char *name,
+ unsigned int *pvalue, int base)
+{
+char path[PATH_MAX];
+char buf[42];
+int fd, rc;
+unsigned long value;
+char *endptr;
+
+if (xen_host_pci_sysfs_path(d, name, path, sizeof (path))) {
+return -1;
+}
+fd = open(path, O_RDONLY);
+if (fd == -1) {
+XEN_HOST_PCI_LOG("Error: Can't open %s: %s\n", path, strerror(errno));
+return -errno;
+}
+do {
+rc = read(fd, &buf, sizeof (buf) - 1);
+if (rc < 0 && errno != EINTR) {
+rc = -errno;
+goto out;
+}
+} while (rc < 0);
+buf[rc] = 0;
+value = strtol(buf, &endptr, base);
+if (endptr == buf || *endptr != '\n') {
+rc = -1;
+} else if ((value == LONG_MIN || value == LONG_MAX) && errno == ERANGE) {
+rc = -errno;
+} else {
+rc = 0;
+*pvalue = value;
+}
+out:
+close(fd);
+return rc;
+}
+
+static inline int xen_host_pci_get_hex_value(XenHostPCIDevice *d,
+ const char *name,
+ unsigned int *pvalue)
+{
+return xen_host_pci_get_value(d, name, pvalue, 16);
+}
+
+static inline int xen_host_pci_get_dec_value(XenHostPCIDevice *d,
+ const char *name,
+
Re: [Qemu-devel] [RFC][PATCH 1/2] kvm: Introduce basic MSI support in-kernel irqchips
On 03/28/2012 01:54 PM, Jan Kiszka wrote: > > > >>> > interface transparent. We create those routes on demand and keep them > in a hash table. Succeeding messages can then search for an existing > route in the table first and reuse it whenever possible. If we should > run out of limited GSIs, we simply flush the table and rebuild it as > messages are sent. > > This approach is rather simple and could be optimized further. However, > it is more efficient to enhance the KVM API so that we do not need this > clumsy dynamic routing over futures kernels. > >>> > >>> Two APIs are clumsier than one. > >> > >> The current one is very clumsy for user-injected MSIs while the new one > >> won't be. It will also be very simple it implement if you recall the > >> patch. I think that is worth it. > > > > Don't see why. The clumsiness will be retained. The cpu doesn't care > > how clumsy the API is, only the reader. > > We won't have to do any hashing/caching over the new API, just a plain > "deliver this MSI" IOCTL. Specifically all our upcoming archs like Power > and ARM will be able to take the shiny highway instead of the winding > countryside road. Upcoming archs are a good card to play. However that code will remain for x86, and there's nothing arch specific about it, is there? > > > >>> wet the patch itself, suggest replacing the home grown hash with > >>> http://developer.gnome.org/glib/2.30/glib-Caches.html. > >> > >> Let's keep it simple :). We have no need for many of those features, and > >> it would not be possible to implement the logic as compact as it is > >> right now. > > > > Due to the callbacks? > > Yep. That API pays of if you have more iterations and insertions/removals. Okay, will wait for std::unordered_map<>. -- error compiling committee.c: too many arguments to function
Re: [Qemu-devel] Bug report for kvm-kmod-3.3!
Hi Jan, Now I wanna to locate the instruction in the guest OS that causes this problem. However, I dont know how to make it as the guest OS has not yet started up. I would be much appreicated if you can provide some suggestions. Katrina On Fri, Mar 23, 2012 at 8:13 PM, Jan Kiszka wrote: > On 2012-03-23 12:45, Katrina Austin wrote: > > Hi Jan, > > > >The host version is: linux-2.6.33.3. I removed the kvm incorporated > in the linux kernel and rebuilt the kvm-kmod-3.3.tar.bz2. I have tried from > kvm-kmod-2.6.33.3 to kvm-kmod.3.3. Unfortunately, no one worked. The tested > guest image is vxworks downloaded from > http://people.freebsd.org/~wpaul/qemu/. You can download the vxworks.img > and run the commandline: kvm -fda vxworks.img. The qemu will report: KVM > internel error: suberror:1. However, it works well if 'no-kvm' is set, > namely "kvm -fda vxworks.img -no-kvm". > > QEMU uses an AMD-derived CPU type by default. Does the image work when > you specify, e.g., -cpu Nehalem? > > Jan > > -- > Siemens AG, Corporate Technology, CT T DE IT 1 > Corporate Competence Center Embedded Linux >
Re: [Qemu-devel] [RFC][PATCH 1/2] kvm: Introduce basic MSI support in-kernel irqchips
On 2012-03-28 14:32, Avi Kivity wrote: > On 03/28/2012 01:54 PM, Jan Kiszka wrote: >>> > >> interface transparent. We create those routes on demand and keep them >> in a hash table. Succeeding messages can then search for an existing >> route in the table first and reuse it whenever possible. If we should >> run out of limited GSIs, we simply flush the table and rebuild it as >> messages are sent. >> >> This approach is rather simple and could be optimized further. However, >> it is more efficient to enhance the KVM API so that we do not need this >> clumsy dynamic routing over futures kernels. > > Two APIs are clumsier than one. The current one is very clumsy for user-injected MSIs while the new one won't be. It will also be very simple it implement if you recall the patch. I think that is worth it. >>> >>> Don't see why. The clumsiness will be retained. The cpu doesn't care >>> how clumsy the API is, only the reader. >> >> We won't have to do any hashing/caching over the new API, just a plain >> "deliver this MSI" IOCTL. Specifically all our upcoming archs like Power >> and ARM will be able to take the shiny highway instead of the winding >> countryside road. > > Upcoming archs are a good card to play. However that code will remain > for x86, and there's nothing arch specific about it, is there? Other archs that support MSI will then always come with something like KVM_CAP_SET_MSI, our signal to take the fast lane. x86 with be the only arch to potentially miss this cap. So, yes, we will always need the code for old x86 (as long as we support it), but we should not enforce this logic on anyone else. Jan -- Siemens AG, Corporate Technology, CT T DE IT 1 Corporate Competence Center Embedded Linux
Re: [Qemu-devel] Bug report for kvm-kmod-3.3!
On 2012-03-28 14:44, Katrina Austin wrote: > Hi Jan, > Now I wanna to locate the instruction in the guest OS that causes this > problem. However, I dont know how to make it as the guest OS has not yet > started up. I would be much appreicated if you can provide some suggestions. Not sure if we discussed this already, but getting kvm-kmod from the list of suspects would be good, ie. testing original kvm over a recent kernel (3.3 or kvm.git). There is always the risk that some wrapping is broken and causes such an error. Jan -- Siemens AG, Corporate Technology, CT T DE IT 1 Corporate Competence Center Embedded Linux
[Qemu-devel] [PATCH stable-0.15 01/36] ccid: Fix buffer overrun in handling of VSC_ATR message
From: Markus Armbruster
ATR size exceeding the limit is diagnosed, but then we merrily use it
anyway, overrunning card->atr[].
The message is read from a character device. Obvious security
implications unless the other end of the character device is trusted.
Spotted by Coverity. CVE-2011-4111.
Signed-off-by: Markus Armbruster
Signed-off-by: Anthony Liguori
(cherry picked from commit 7e62255a4b3e0e2ab84a3ec7398640e8ed58620a)
Signed-off-by: Bruce Rogers
[AF: Fixes BNC#731086.]
Signed-off-by: Andreas Färber
---
hw/ccid-card-passthru.c |1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/hw/ccid-card-passthru.c b/hw/ccid-card-passthru.c
index 28eb9d1..0505663 100644
--- a/hw/ccid-card-passthru.c
+++ b/hw/ccid-card-passthru.c
@@ -150,6 +150,7 @@ static void ccid_card_vscard_handle_message(PassthruState
*card,
error_report("ATR size exceeds spec, ignoring");
ccid_card_vscard_send_error(card, scr_msg_header->reader_id,
VSC_GENERAL_ERROR);
+break;
}
memcpy(card->atr, data, scr_msg_header->length);
card->atr_length = scr_msg_header->length;
--
1.7.7
[Qemu-devel] [PATCH stable-0.15 26/36] qcow: Fix bdrv_write_compressed error handling
From: Kevin Wolf
Signed-off-by: Kevin Wolf
Reviewed-by: Paolo Bonzini
(cherry picked from commit 64ebe71aa0e498d24e8c02b133192142fce3a0d0)
Signed-off-by: Bruce Rogers
[AF: backported]
Signed-off-by: Andreas Färber
---
block/qcow.c | 30 +++---
1 files changed, 19 insertions(+), 11 deletions(-)
diff --git a/block/qcow.c b/block/qcow.c
index 227b104..115b820 100644
--- a/block/qcow.c
+++ b/block/qcow.c
@@ -926,8 +926,6 @@ static int qcow_write_compressed(BlockDriverState *bs,
int64_t sector_num,
return -EINVAL;
out_buf = qemu_malloc(s->cluster_size + (s->cluster_size / 1000) + 128);
-if (!out_buf)
-return -1;
/* best compression, small window, no zlib header */
memset(&strm, 0, sizeof(strm));
@@ -935,8 +933,8 @@ static int qcow_write_compressed(BlockDriverState *bs,
int64_t sector_num,
Z_DEFLATED, -12,
9, Z_DEFAULT_STRATEGY);
if (ret != 0) {
-qemu_free(out_buf);
-return -1;
+ret = -EINVAL;
+goto fail;
}
strm.avail_in = s->cluster_size;
@@ -946,9 +944,9 @@ static int qcow_write_compressed(BlockDriverState *bs,
int64_t sector_num,
ret = deflate(&strm, Z_FINISH);
if (ret != Z_STREAM_END && ret != Z_OK) {
-qemu_free(out_buf);
deflateEnd(&strm);
-return -1;
+ret = -EINVAL;
+goto fail;
}
out_len = strm.next_out - out_buf;
@@ -956,19 +954,29 @@ static int qcow_write_compressed(BlockDriverState *bs,
int64_t sector_num,
if (ret != Z_STREAM_END || out_len >= s->cluster_size) {
/* could not compress: write normal cluster */
-bdrv_write(bs, sector_num, buf, s->cluster_sectors);
+ret = bdrv_write(bs, sector_num, buf, s->cluster_sectors);
+if (ret < 0) {
+goto fail;
+}
} else {
cluster_offset = get_cluster_offset(bs, sector_num << 9, 2,
out_len, 0, 0);
+if (cluster_offset == 0) {
+ret = -EIO;
+goto fail;
+}
+
cluster_offset &= s->cluster_offset_mask;
-if (bdrv_pwrite(bs->file, cluster_offset, out_buf, out_len) !=
out_len) {
-qemu_free(out_buf);
-return -1;
+ret = bdrv_pwrite(bs->file, cluster_offset, out_buf, out_len);
+if (ret < 0) {
+goto fail;
}
}
+ret = 0;
+fail:
qemu_free(out_buf);
-return 0;
+return ret;
}
static int qcow_flush(BlockDriverState *bs)
--
1.7.7
[Qemu-devel] [PATCH stable-0.15 31/36] cpu-common: Have a ram_addr_t of uint64 with Xen.
From: Anthony PERARD
In Xen case, memory can be bigger than the host memory. that mean a
32bits host (and QEMU) should be able to handle a RAM address of 64bits.
Signed-off-by: Anthony PERARD
Signed-off-by: Alexander Graf
(cherry picked from commit f15fbc4bd1a24bd1477a846e63e62c6d435912f8)
Signed-off-by: Andreas Färber
---
cpu-common.h |8
exec.c |9 +
xen-all.c|2 +-
3 files changed, 14 insertions(+), 5 deletions(-)
diff --git a/cpu-common.h b/cpu-common.h
index 44b04b3..0700101 100644
--- a/cpu-common.h
+++ b/cpu-common.h
@@ -27,7 +27,15 @@ enum device_endian {
};
/* address in the RAM (different from a physical address) */
+#if defined(CONFIG_XEN_BACKEND) && TARGET_PHYS_ADDR_BITS == 64
+typedef uint64_t ram_addr_t;
+# define RAM_ADDR_MAX UINT64_MAX
+# define RAM_ADDR_FMT "%" PRIx64
+#else
typedef unsigned long ram_addr_t;
+# define RAM_ADDR_MAX ULONG_MAX
+# define RAM_ADDR_FMT "%lx"
+#endif
/* memory API */
diff --git a/exec.c b/exec.c
index 2160ded..6fb589b 100644
--- a/exec.c
+++ b/exec.c
@@ -2863,13 +2863,13 @@ static void *file_ram_alloc(RAMBlock *block,
static ram_addr_t find_ram_offset(ram_addr_t size)
{
RAMBlock *block, *next_block;
-ram_addr_t offset = 0, mingap = ULONG_MAX;
+ram_addr_t offset = 0, mingap = RAM_ADDR_MAX;
if (QLIST_EMPTY(&ram_list.blocks))
return 0;
QLIST_FOREACH(block, &ram_list.blocks, next) {
-ram_addr_t end, next = ULONG_MAX;
+ram_addr_t end, next = RAM_ADDR_MAX;
end = block->offset + block->length;
@@ -3081,7 +3081,8 @@ void qemu_ram_remap(ram_addr_t addr, ram_addr_t length)
#endif
}
if (area != vaddr) {
-fprintf(stderr, "Could not remap addr: %lx@%lx\n",
+fprintf(stderr, "Could not remap addr: "
+RAM_ADDR_FMT "@" RAM_ADDR_FMT "\n",
length, addr);
exit(1);
}
@@ -4052,7 +4053,7 @@ void *cpu_physical_memory_map(target_phys_addr_t addr,
target_phys_addr_t page;
unsigned long pd;
PhysPageDesc *p;
-ram_addr_t raddr = ULONG_MAX;
+ram_addr_t raddr = RAM_ADDR_MAX;
ram_addr_t rlen;
void *ret;
diff --git a/xen-all.c b/xen-all.c
index 167bed6..8f2556a 100644
--- a/xen-all.c
+++ b/xen-all.c
@@ -184,7 +184,7 @@ void xen_ram_alloc(ram_addr_t ram_addr, ram_addr_t size)
}
if (xc_domain_populate_physmap_exact(xen_xc, xen_domid, nr_pfn, 0, 0,
pfn_list)) {
-hw_error("xen: failed to populate ram at %lx", ram_addr);
+hw_error("xen: failed to populate ram at " RAM_ADDR_FMT, ram_addr);
}
qemu_free(pfn_list);
--
1.7.7
[Qemu-devel] [PATCH stable-0.15 24/36] console: Fix rendering of VGA underline
From: Markus Armbruster
vga_putcharxy()'s underline code sets font_data to 0x instead of
0xff. vga_putcharxy() then reads dmask16[0x >> 4] and
dmask4[0x >> 6]. In practice, these out-of-bounds subscripts
"only" put a few crap bits into the display surface.
For 32 bit pixels, there's no array access. font_data's extra bits go
straight into the display surface.
Broken when commit 6d6f7c28 implemented underline.
Spotted by Coverity.
Signed-off-by: Markus Armbruster
Signed-off-by: Anthony Liguori
(cherry picked from commit 439229c7cb97f6c4cddd3965c3e9d2b8319fe83c)
Signed-off-by: Bruce Rogers
Signed-off-by: Andreas Färber
---
console.c |6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/console.c b/console.c
index 242086c..07c82b8 100644
--- a/console.c
+++ b/console.c
@@ -461,7 +461,7 @@ static void vga_putcharxy(DisplayState *ds, int x, int y,
int ch,
font_data = *font_ptr++;
if (t_attrib->uline
&& ((i == FONT_HEIGHT - 2) || (i == FONT_HEIGHT - 3))) {
-font_data = 0x;
+font_data = 0xFF;
}
((uint32_t *)d)[0] = (dmask16[(font_data >> 4)] & xorcol) ^ bgcol;
((uint32_t *)d)[1] = (dmask16[(font_data >> 0) & 0xf] & xorcol) ^
bgcol;
@@ -474,7 +474,7 @@ static void vga_putcharxy(DisplayState *ds, int x, int y,
int ch,
font_data = *font_ptr++;
if (t_attrib->uline
&& ((i == FONT_HEIGHT - 2) || (i == FONT_HEIGHT - 3))) {
-font_data = 0x;
+font_data = 0xFF;
}
((uint32_t *)d)[0] = (dmask4[(font_data >> 6)] & xorcol) ^ bgcol;
((uint32_t *)d)[1] = (dmask4[(font_data >> 4) & 3] & xorcol) ^
bgcol;
@@ -487,7 +487,7 @@ static void vga_putcharxy(DisplayState *ds, int x, int y,
int ch,
for(i = 0; i < FONT_HEIGHT; i++) {
font_data = *font_ptr++;
if (t_attrib->uline && ((i == FONT_HEIGHT - 2) || (i ==
FONT_HEIGHT - 3))) {
-font_data = 0x;
+font_data = 0xFF;
}
((uint32_t *)d)[0] = (-((font_data >> 7)) & xorcol) ^ bgcol;
((uint32_t *)d)[1] = (-((font_data >> 6) & 1) & xorcol) ^ bgcol;
--
1.7.7
Re: [Qemu-devel] [PATCH trivial] trace-events: don't use dtrace reserved words in and next
On Wed, Mar 28, 2012 at 8:55 AM, Alon Levy wrote: > --- > trace-events | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) We're always going to struggle with new trace events that add reserved keywords. Fixing up trace-events is going to be an ongoing task so I'd like to also see tracetool automatically modify keywords 'next' -> 'next_'. Do you want to send a patch to do that instead? Stefan
[Qemu-devel] [PATCH stable-0.15 09/36] block: Fix bdrv_open use after free
From: Kevin Wolf
tmp_filename was used outside the block it was defined in, i.e. after it went
out of scope. Move its declaration to the top level.
Signed-off-by: Kevin Wolf
(cherry picked from commit 2b5728164fcf5211bbae8d3c2fc6df62dd6b2295)
Signed-off-by: Bruce Rogers
Signed-off-by: Andreas Färber
---
block.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/block.c b/block.c
index 9549b9e..4ebb18b 100644
--- a/block.c
+++ b/block.c
@@ -526,6 +526,7 @@ int bdrv_open(BlockDriverState *bs, const char *filename,
int flags,
BlockDriver *drv)
{
int ret;
+char tmp_filename[PATH_MAX];
if (flags & BDRV_O_SNAPSHOT) {
BlockDriverState *bs1;
@@ -533,7 +534,6 @@ int bdrv_open(BlockDriverState *bs, const char *filename,
int flags,
int is_protocol = 0;
BlockDriver *bdrv_qcow2;
QEMUOptionParameter *options;
-char tmp_filename[PATH_MAX];
char backing_filename[PATH_MAX];
/* if snapshot, we create a temporary backing file and open it
--
1.7.7
[Qemu-devel] [PATCH stable-0.15 23/36] block: set bs->read_only before .bdrv_open()
From: Stefan Hajnoczi
Several block drivers set bs->read_only in .bdrv_open() but
block.c:bdrv_open_common() clobbers its value. Additionally, QED uses
bdrv_is_read_only() in .bdrv_open() to decide whether to perform
consistency checks.
The correct ordering is to initialize bs->read_only from the open flags
before calling .bdrv_open(). This way block drivers can override it if
necessary and can use bdrv_is_read_only() in .bdrv_open().
Signed-off-by: Stefan Hajnoczi
Signed-off-by: Kevin Wolf
(cherry picked from commit e7c637967e6aad195b5f30cfd995913c9e0b4666)
Signed-off-by: Bruce Rogers
Signed-off-by: Andreas Färber
---
block.c |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/block.c b/block.c
index 4ebb18b..8d77746 100644
--- a/block.c
+++ b/block.c
@@ -455,6 +455,8 @@ static int bdrv_open_common(BlockDriverState *bs, const
char *filename,
open_flags |= BDRV_O_RDWR;
}
+bs->keep_read_only = bs->read_only = !(open_flags & BDRV_O_RDWR);
+
/* Open the image, either directly or using a protocol */
if (drv->bdrv_file_open) {
ret = drv->bdrv_file_open(bs, filename, open_flags);
@@ -469,8 +471,6 @@ static int bdrv_open_common(BlockDriverState *bs, const
char *filename,
goto free_and_fail;
}
-bs->keep_read_only = bs->read_only = !(open_flags & BDRV_O_RDWR);
-
ret = refresh_total_sectors(bs, bs->total_sectors);
if (ret < 0) {
goto free_and_fail;
--
1.7.7
Re: [Qemu-devel] [PATCH trivial] trace-events: don't use dtrace reserved words in and next
On Wed, Mar 28, 2012 at 01:55:49PM +0100, Stefan Hajnoczi wrote: > On Wed, Mar 28, 2012 at 8:55 AM, Alon Levy wrote: > > --- > > trace-events | 4 ++-- > > 1 file changed, 2 insertions(+), 2 deletions(-) > > We're always going to struggle with new trace events that add reserved > keywords. Fixing up trace-events is going to be an ongoing task so > I'd like to also see tracetool automatically modify keywords 'next' -> > 'next_'. Do you want to send a patch to do that instead? sure. For the new tracetool.py too ? :) > > Stefan >
[Qemu-devel] [PATCH stable-0.15 11/36] acl: Fix use after free in qemu_acl_reset()
From: Markus Armbruster
Reproducer:
$ MALLOC_PERTURB_=234 qemu-system-x86_64 -vnc :0,acl,sasl [...]
QEMU 0.15.50 monitor - type 'help' for more information
(qemu) acl_add vnc.username fred allow
acl: added rule at position 1
(qemu) acl_reset vnc.username
Segmentation fault (core dumped)
Spotted by Coverity.
Signed-off-by: Markus Armbruster
Signed-off-by: Stefan Hajnoczi
(cherry picked from commit 0ce6a434176e274a7e86bcaa268542c5cc402696)
Signed-off-by: Bruce Rogers
Signed-off-by: Andreas Färber
---
acl.c |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/acl.c b/acl.c
index 82c2704..cae059f 100644
--- a/acl.c
+++ b/acl.c
@@ -95,13 +95,13 @@ int qemu_acl_party_is_allowed(qemu_acl *acl,
void qemu_acl_reset(qemu_acl *acl)
{
-qemu_acl_entry *entry;
+qemu_acl_entry *entry, *next_entry;
/* Put back to deny by default, so there is no window
* of "open access" while the user re-initializes the
* access control list */
acl->defaultDeny = 1;
-QTAILQ_FOREACH(entry, &acl->entries, next) {
+QTAILQ_FOREACH_SAFE(entry, &acl->entries, next, next_entry) {
QTAILQ_REMOVE(&acl->entries, entry, next);
free(entry->match);
free(entry);
--
1.7.7
[Qemu-devel] [PATCH stable-0.15 17/36] vns/tls: don't use depricated gnutls functions
From: Gerd Hoffmann
Avoid using deprecated gnutls functions with recent gnutls versions.
Fixes build failure on Fedora 16. Keep the old way for compatibility
with old installations such as RHEL-5 (gnutls 1.4.x).
Based on a patch from Raghavendra D Prabhu
Signed-off-by: Gerd Hoffmann
Signed-off-by: Anthony Liguori
(cherry picked from commit f40d55081667a716312b9a8b6e13835c4074f56b)
Signed-off-by: Bruce Rogers
Signed-off-by: Andreas Färber
---
ui/vnc-tls.c | 68 +
1 files changed, 49 insertions(+), 19 deletions(-)
diff --git a/ui/vnc-tls.c b/ui/vnc-tls.c
index 31f1467..f5ed306 100644
--- a/ui/vnc-tls.c
+++ b/ui/vnc-tls.c
@@ -283,13 +283,57 @@ int vnc_tls_validate_certificate(struct VncState *vs)
return 0;
}
+#if defined(GNUTLS_VERSION_NUMBER) && \
+GNUTLS_VERSION_NUMBER >= 0x020200 /* 2.2.0 */
+
+static int vnc_set_gnutls_priority(gnutls_session_t s, int x509)
+{
+const char *priority = x509 ? "NORMAL" : "NORMAL:+ANON-DH";
+int rc;
+
+rc = gnutls_priority_set_direct(s, priority, NULL);
+if (rc != GNUTLS_E_SUCCESS) {
+return -1;
+}
+return 0;
+}
+
+#else
+
+static int vnc_set_gnutls_priority(gnutls_session_t s, int x509)
+{
+static const int cert_types[] = { GNUTLS_CRT_X509, 0 };
+static const int protocols[] = {
+GNUTLS_TLS1_1, GNUTLS_TLS1_0, GNUTLS_SSL3, 0
+};
+static const int kx_anon[] = { GNUTLS_KX_ANON_DH, 0 };
+static const int kx_x509[] = {
+GNUTLS_KX_DHE_DSS, GNUTLS_KX_RSA,
+GNUTLS_KX_DHE_RSA, GNUTLS_KX_SRP, 0
+};
+int rc;
+
+rc = gnutls_kx_set_priority(s, x509 ? kx_x509 : kx_anon);
+if (rc != GNUTLS_E_SUCCESS) {
+return -1;
+}
+
+rc = gnutls_certificate_type_set_priority(s, cert_types);
+if (rc != GNUTLS_E_SUCCESS) {
+return -1;
+}
+
+rc = gnutls_protocol_set_priority(s, protocols);
+if (rc != GNUTLS_E_SUCCESS) {
+return -1;
+}
+return 0;
+}
+
+#endif
int vnc_tls_client_setup(struct VncState *vs,
int needX509Creds) {
-static const int cert_type_priority[] = { GNUTLS_CRT_X509, 0 };
-static const int protocol_priority[]= { GNUTLS_TLS1_1, GNUTLS_TLS1_0,
GNUTLS_SSL3, 0 };
-static const int kx_anon[] = {GNUTLS_KX_ANON_DH, 0};
-static const int kx_x509[] = {GNUTLS_KX_DHE_DSS, GNUTLS_KX_RSA,
GNUTLS_KX_DHE_RSA, GNUTLS_KX_SRP, 0};
VNC_DEBUG("Do TLS setup\n");
if (vnc_tls_initialize() < 0) {
@@ -310,21 +354,7 @@ int vnc_tls_client_setup(struct VncState *vs,
return -1;
}
-if (gnutls_kx_set_priority(vs->tls.session, needX509Creds ? kx_x509 :
kx_anon) < 0) {
-gnutls_deinit(vs->tls.session);
-vs->tls.session = NULL;
-vnc_client_error(vs);
-return -1;
-}
-
-if (gnutls_certificate_type_set_priority(vs->tls.session,
cert_type_priority) < 0) {
-gnutls_deinit(vs->tls.session);
-vs->tls.session = NULL;
-vnc_client_error(vs);
-return -1;
-}
-
-if (gnutls_protocol_set_priority(vs->tls.session, protocol_priority) <
0) {
+if (vnc_set_gnutls_priority(vs->tls.session, needX509Creds) < 0) {
gnutls_deinit(vs->tls.session);
vs->tls.session = NULL;
vnc_client_error(vs);
--
1.7.7
[Qemu-devel] [PATCH stable-0.15 21/36] Teach block/vdi about "discarded" (no longer allocated) blocks
From: Eric Sunshine
An entry in the VDI block map will hold an offset to the actual block if
the block is allocated, or one of two specially-interpreted values if
not allocated. Using VirtualBox terminology, value VDI_IMAGE_BLOCK_FREE
(0x) represents a never-allocated block (semantically arbitrary
content). VDI_IMAGE_BLOCK_ZERO (0xfffe) represents a "discarded"
block (semantically zero-filled). block/vdi knows only about
VDI_IMAGE_BLOCK_FREE. Teach it about VDI_IMAGE_BLOCK_ZERO.
Signed-off-by: Eric Sunshine
Signed-off-by: Kevin Wolf
(cherry picked from commit c794b4e0fd9ef8d72b068614dcdb2418c105d5cc)
Signed-off-by: Bruce Rogers
Signed-off-by: Andreas Färber
---
block/vdi.c | 23 ++-
1 files changed, 14 insertions(+), 9 deletions(-)
diff --git a/block/vdi.c b/block/vdi.c
index 261cf9b..1be0cdc 100644
--- a/block/vdi.c
+++ b/block/vdi.c
@@ -114,8 +114,13 @@ void uuid_unparse(const uuid_t uu, char *out);
*/
#define VDI_TEXT "<<< QEMU VM Virtual Disk Image >>>\n"
-/* Unallocated blocks use this index (no need to convert endianness). */
-#define VDI_UNALLOCATED UINT32_MAX
+/* A never-allocated block; semantically arbitrary content. */
+#define VDI_UNALLOCATED 0xU
+
+/* A discarded (no longer allocated) block; semantically zero-filled. */
+#define VDI_DISCARDED 0xfffeU
+
+#define VDI_IS_ALLOCATED(X) ((X) < VDI_DISCARDED)
#if !defined(CONFIG_UUID)
void uuid_generate(uuid_t out)
@@ -307,10 +312,10 @@ static int vdi_check(BlockDriverState *bs,
BdrvCheckResult *res)
/* Check block map and value of blocks_allocated. */
for (block = 0; block < s->header.blocks_in_image; block++) {
uint32_t bmap_entry = le32_to_cpu(s->bmap[block]);
-if (bmap_entry != VDI_UNALLOCATED) {
+if (VDI_IS_ALLOCATED(bmap_entry)) {
if (bmap_entry < s->header.blocks_in_image) {
blocks_allocated++;
-if (bmap[bmap_entry] == VDI_UNALLOCATED) {
+if (!VDI_IS_ALLOCATED(bmap[bmap_entry])) {
bmap[bmap_entry] = bmap_entry;
} else {
fprintf(stderr, "ERROR: block index %" PRIu32
@@ -472,7 +477,7 @@ static int vdi_is_allocated(BlockDriverState *bs, int64_t
sector_num,
n_sectors = nb_sectors;
}
*pnum = n_sectors;
-return bmap_entry != VDI_UNALLOCATED;
+return VDI_IS_ALLOCATED(bmap_entry);
}
static void vdi_aio_cancel(BlockDriverAIOCB *blockacb)
@@ -603,7 +608,7 @@ static void vdi_aio_read_cb(void *opaque, int ret)
/* prepare next AIO request */
acb->n_sectors = n_sectors;
bmap_entry = le32_to_cpu(s->bmap[block_index]);
-if (bmap_entry == VDI_UNALLOCATED) {
+if (!VDI_IS_ALLOCATED(bmap_entry)) {
/* Block not allocated, return zeros, no need to wait. */
memset(acb->buf, 0, n_sectors * SECTOR_SIZE);
ret = vdi_schedule_bh(vdi_aio_rw_bh, acb);
@@ -685,7 +690,7 @@ static void vdi_aio_write_cb(void *opaque, int ret)
if (acb->header_modified) {
VdiHeader *header = acb->block_buffer;
logout("now writing modified header\n");
-assert(acb->bmap_first != VDI_UNALLOCATED);
+assert(VDI_IS_ALLOCATED(acb->bmap_first));
*header = s->header;
vdi_header_to_le(header);
acb->header_modified = 0;
@@ -699,7 +704,7 @@ static void vdi_aio_write_cb(void *opaque, int ret)
goto done;
}
return;
-} else if (acb->bmap_first != VDI_UNALLOCATED) {
+} else if (VDI_IS_ALLOCATED(acb->bmap_first)) {
/* One or more new blocks were allocated. */
uint64_t offset;
uint32_t bmap_first;
@@ -749,7 +754,7 @@ static void vdi_aio_write_cb(void *opaque, int ret)
/* prepare next AIO request */
acb->n_sectors = n_sectors;
bmap_entry = le32_to_cpu(s->bmap[block_index]);
-if (bmap_entry == VDI_UNALLOCATED) {
+if (!VDI_IS_ALLOCATED(bmap_entry)) {
/* Allocate new block and write to it. */
uint64_t offset;
uint8_t *block;
--
1.7.7
Re: [Qemu-devel] [PATCH trivial] trace-events: don't use dtrace reserved words in and next
On Wed, Mar 28, 2012 at 03:16:34PM +0200, Alon Levy wrote: > On Wed, Mar 28, 2012 at 01:55:49PM +0100, Stefan Hajnoczi wrote: > > On Wed, Mar 28, 2012 at 8:55 AM, Alon Levy wrote: > > > --- > > > trace-events | 4 ++-- > > > 1 file changed, 2 insertions(+), 2 deletions(-) > > > > We're always going to struggle with new trace events that add reserved > > keywords. Fixing up trace-events is going to be an ongoing task so > > I'd like to also see tracetool automatically modify keywords 'next' -> > > 'next_'. Do you want to send a patch to do that instead? > hmm, I changed to _next, not next_, if you'd like to change that and commit I don't mind. > sure. For the new tracetool.py too ? :) > > > > > Stefan > > >
Re: [Qemu-devel] [PATCH trivial] trace-events: don't use dtrace reserved words in and next
On Wed, Mar 28, 2012 at 2:33 PM, Alon Levy wrote: > On Wed, Mar 28, 2012 at 03:16:34PM +0200, Alon Levy wrote: >> On Wed, Mar 28, 2012 at 01:55:49PM +0100, Stefan Hajnoczi wrote: >> > On Wed, Mar 28, 2012 at 8:55 AM, Alon Levy wrote: >> > > --- >> > > trace-events | 4 ++-- >> > > 1 file changed, 2 insertions(+), 2 deletions(-) >> > >> > We're always going to struggle with new trace events that add reserved >> > keywords. Fixing up trace-events is going to be an ongoing task so >> > I'd like to also see tracetool automatically modify keywords 'next' -> >> > 'next_'. Do you want to send a patch to do that instead? >> > > hmm, I changed to _next, not next_, if you'd like to change that and > commit I don't mind. Thanks. next_ can be a little safer when languages reserve identifiers starting with '_'. I can tweak it. Stefan
[Qemu-devel] [PATCH stable-0.15 15/36] ac97: don't override the pci subsystem id
From: Gerd Hoffmann
This patch removes the code lines which set the subsystem id for the
emulated ac97 card to 8086:. Due to the device id being zero the
subsystem id isn't vaild anyway. With the patch applied the sound card
gets the default qemu subsystem id (1af4:1100) instead.
[ v2: old & broken id is maintained for -M pc-$oldqemuversion ]
Cc: Takashi Iwai
Signed-off-by: Gerd Hoffmann
Signed-off-by: Anthony Liguori
(cherry picked from commit 25a21c94c0055e078acb7f7455e66c8a15f32385)
Signed-off-by: Bruce Rogers
Signed-off-by: Andreas Färber
---
hw/ac97.c| 16 +++-
hw/pc_piix.c | 16
2 files changed, 27 insertions(+), 5 deletions(-)
diff --git a/hw/ac97.c b/hw/ac97.c
index 0b59896..a039481 100644
--- a/hw/ac97.c
+++ b/hw/ac97.c
@@ -149,6 +149,7 @@ typedef struct AC97BusMasterRegs {
typedef struct AC97LinkState {
PCIDevice dev;
QEMUSoundCard card;
+uint32_t use_broken_id;
uint32_t glob_cnt;
uint32_t glob_sta;
uint32_t cas;
@@ -1301,11 +1302,12 @@ static int ac97_initfn (PCIDevice *dev)
c[PCI_BASE_ADDRESS_0 + 6] = 0x00;
c[PCI_BASE_ADDRESS_0 + 7] = 0x00;
-c[PCI_SUBSYSTEM_VENDOR_ID] = 0x86; /* svid subsystem vendor id rwo */
-c[PCI_SUBSYSTEM_VENDOR_ID + 1] = 0x80;
-
-c[PCI_SUBSYSTEM_ID] = 0x00; /* sid subsystem id rwo */
-c[PCI_SUBSYSTEM_ID + 1] = 0x00;
+if (s->use_broken_id) {
+c[PCI_SUBSYSTEM_VENDOR_ID] = 0x86;
+c[PCI_SUBSYSTEM_VENDOR_ID + 1] = 0x80;
+c[PCI_SUBSYSTEM_ID] = 0x00;
+c[PCI_SUBSYSTEM_ID + 1] = 0x00;
+}
c[PCI_INTERRUPT_LINE] = 0x00; /* intr_ln interrupt line rw */
/* TODO: RST# value should be 0. */
@@ -1336,6 +1338,10 @@ static PCIDeviceInfo ac97_info = {
.device_id= PCI_DEVICE_ID_INTEL_82801AA_5,
.revision = 0x01,
.class_id = PCI_CLASS_MULTIMEDIA_AUDIO,
+.qdev.props = (Property[]) {
+DEFINE_PROP_UINT32("use_broken_id", AC97LinkState, use_broken_id, 0),
+DEFINE_PROP_END_OF_LIST(),
+}
};
static void ac97_register (void)
diff --git a/hw/pc_piix.c b/hw/pc_piix.c
index c5c16b4..31552fd 100644
--- a/hw/pc_piix.c
+++ b/hw/pc_piix.c
@@ -300,6 +300,10 @@ static QEMUMachine pc_machine_v0_13 = {
.driver = "virtio-net-pci",
.property = "event_idx",
.value= "off",
+},{
+.driver = "AC97",
+.property = "use_broken_id",
+.value= stringify(1),
},
{ /* end of list */ }
},
@@ -343,6 +347,10 @@ static QEMUMachine pc_machine_v0_12 = {
.driver = "virtio-net-pci",
.property = "event_idx",
.value= "off",
+},{
+.driver = "AC97",
+.property = "use_broken_id",
+.value= stringify(1),
},
{ /* end of list */ }
}
@@ -394,6 +402,10 @@ static QEMUMachine pc_machine_v0_11 = {
.driver = "virtio-net-pci",
.property = "event_idx",
.value= "off",
+},{
+.driver = "AC97",
+.property = "use_broken_id",
+.value= stringify(1),
},
{ /* end of list */ }
}
@@ -457,6 +469,10 @@ static QEMUMachine pc_machine_v0_10 = {
.driver = "virtio-net-pci",
.property = "event_idx",
.value= "off",
+},{
+.driver = "AC97",
+.property = "use_broken_id",
+.value= stringify(1),
},
{ /* end of list */ }
},
--
1.7.7
Re: [Qemu-devel] [PATCH v6 2/2] target-arm: Minimalistic CPU QOM'ification
On 26 March 2012 18:28, Andreas Färber wrote:
> +static void arm_cpu_reset(CPUState *c)
> +{
> + ARMCPU *cpu = ARM_CPU(c);
> + ARMCPUClass *class = ARM_CPU_GET_CLASS(cpu);
> +
> + class->parent_reset(c);
I thought we were avoiding 'class' in favour of 'klass'?
> +static const TypeInfo arm_cpu_type_info = {
> + .name = TYPE_ARM_CPU,
> + .parent = TYPE_CPU,
> + .instance_size = sizeof(ARMCPU),
> + .abstract = false, /* TODO Reconsider once cp15 reworked. */
As it happens I'm planning to create the per-implementation
subclasses first and do the cp15 rework second.
-- PMM
[Qemu-devel] [PATCH stable-0.15 36/36] qemu_vmalloc: align properly for transparent hugepages and KVM
From: Avi Kivity
To make good use of transparent hugepages, KVM requires that guest-physical
and host-virtual addresses share the low 21 bits (as opposed to just the low
12 bits normally required).
Adjust qemu_vmalloc() to honor that requirement. Ignore it for small regions
to avoid fragmentation.
Signed-off-by: Avi Kivity
Signed-off-by: Anthony Liguori
(cherry picked from commit 36b586284e678da28df3af9fd0907d2b16f9311c)
Signed-off-by: Bruce Rogers
Signed-off-by: Andreas Färber
---
oslib-posix.c | 14 +-
1 files changed, 13 insertions(+), 1 deletions(-)
diff --git a/oslib-posix.c b/oslib-posix.c
index 196099c..a304fb0 100644
--- a/oslib-posix.c
+++ b/oslib-posix.c
@@ -35,6 +35,13 @@
extern int daemon(int, int);
#endif
+#if defined(__linux__) && defined(__x86_64__)
+ /* Use 2MB alignment so transparent hugepages can be used by KVM */
+# define QEMU_VMALLOC_ALIGN (512 * 4096)
+#else
+# define QEMU_VMALLOC_ALIGN getpagesize()
+#endif
+
#include "config-host.h"
#include "sysemu.h"
#include "trace.h"
@@ -80,7 +87,12 @@ void *qemu_memalign(size_t alignment, size_t size)
void *qemu_vmalloc(size_t size)
{
void *ptr;
-ptr = qemu_memalign(getpagesize(), size);
+size_t align = QEMU_VMALLOC_ALIGN;
+
+if (size < align) {
+align = getpagesize();
+}
+ptr = qemu_memalign(align, size);
trace_qemu_vmalloc(size, ptr);
return ptr;
}
--
1.7.7
[Qemu-devel] [PATCH v4 1/7] test makefile overhaul
This introduces new test reporting infrastructure based on gtester and gtester-report. Also, all existing tests are moved to tests/, and tests/Makefile is reorganized to factor out the commonalities in the rules. Signed-off-by: Anthony Liguori Signed-off-by: Paolo Bonzini --- rules.mak |2 +- scripts/gtester-cat| 26 tests/Makefile | 140 +-- check-qdict.c => tests/check-qdict.c |0 check-qfloat.c => tests/check-qfloat.c |0 check-qint.c => tests/check-qint.c |0 check-qjson.c => tests/check-qjson.c |0 check-qlist.c => tests/check-qlist.c |0 check-qstring.c => tests/check-qstring.c |0 test-coroutine.c => tests/test-coroutine.c |0 test-qmp-commands.c => tests/test-qmp-commands.c |0 .../test-qmp-input-strict.c|0 .../test-qmp-input-visitor.c |0 .../test-qmp-output-visitor.c |0 .../test-string-input-visitor.c|0 .../test-string-output-visitor.c |0 16 files changed, 123 insertions(+), 45 deletions(-) create mode 100755 scripts/gtester-cat rename check-qdict.c => tests/check-qdict.c (100%) rename check-qfloat.c => tests/check-qfloat.c (100%) rename check-qint.c => tests/check-qint.c (100%) rename check-qjson.c => tests/check-qjson.c (100%) rename check-qlist.c => tests/check-qlist.c (100%) rename check-qstring.c => tests/check-qstring.c (100%) rename test-coroutine.c => tests/test-coroutine.c (100%) rename test-qmp-commands.c => tests/test-qmp-commands.c (100%) rename test-qmp-input-strict.c => tests/test-qmp-input-strict.c (100%) rename test-qmp-input-visitor.c => tests/test-qmp-input-visitor.c (100%) rename test-qmp-output-visitor.c => tests/test-qmp-output-visitor.c (100%) rename test-string-input-visitor.c => tests/test-string-input-visitor.c (100%) rename test-string-output-visitor.c => tests/test-string-output-visitor.c (100%) diff --git a/rules.mak b/rules.mak index 04a9198..c30093c 100644 --- a/rules.mak +++ b/rules.mak @@ -47,7 +47,7 @@ quiet-command = $(if $(V),$1,$(if $(2),@echo $2 && $1, @$1)) cc-option = $(if $(shell $(CC) $1 $2 -S -o /dev/null -xc /dev/null \ >/dev/null 2>&1 && echo OK), $2, $3) -VPATH_SUFFIXES = %.c %.h %.S %.m %.mak %.texi +VPATH_SUFFIXES = %.c %.h %.S %.m %.mak %.texi %.sh set-vpath = $(if $1,$(foreach PATTERN,$(VPATH_SUFFIXES),$(eval vpath $(PATTERN) $1))) # find-in-path diff --git a/scripts/gtester-cat b/scripts/gtester-cat new file mode 100755 index 000..5bcce50 --- /dev/null +++ b/scripts/gtester-cat @@ -0,0 +1,26 @@ +#!/bin/sh +# +# Copyright IBM, Corp. 2012 +# +# Authors: +# Anthony Liguori +# +# This work is licensed under the terms of the GNU GPLv2 or later. +# See the COPYING file in the top-level directory. + +cat < + + + qemu + 0.0 + rev + +EOF + +sed \ + -e '/$/d' \ + -e '//,/<\/info>/d' \ + -e '$b' \ + -e '/^<\/gtester>$/d' "$@" diff --git a/tests/Makefile b/tests/Makefile index 2a2fff7..249f972 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -1,61 +1,113 @@ export SRC_PATH -CHECKS = check-qdict check-qfloat check-qint check-qstring check-qlist -CHECKS += check-qjson test-qmp-output-visitor test-qmp-input-visitor -CHECKS += test-string-input-visitor test-string-output-visitor test-coroutine -CHECKS += test-qmp-commands -CHECKS += $(SRC_PATH)/tests/qemu-iotests-quick.sh - -check-qint.o check-qstring.o check-qdict.o check-qlist.o check-qfloat.o check-qjson.o test-coroutine.o: $(GENERATED_HEADERS) - -check-qint: check-qint.o qint.o $(tools-obj-y) -check-qstring: check-qstring.o qstring.o $(tools-obj-y) -check-qdict: check-qdict.o qdict.o qfloat.o qint.o qstring.o qbool.o qlist.o $(tools-obj-y) -check-qlist: check-qlist.o qlist.o qint.o $(tools-obj-y) -check-qfloat: check-qfloat.o qfloat.o $(tools-obj-y) -check-qjson: check-qjson.o $(qobject-obj-y) $(tools-obj-y) -test-coroutine: test-coroutine.o qemu-timer-common.o async.o $(coroutine-obj-y) $(tools-obj-y) - -test-qmp-input-visitor.o test-qmp-output-visitor.o test-qmp-input-strict.o \ -test-string-input-visitor.o test-string-output-visitor.o \ - test-qmp-commands.o: QEMU_CFLAGS += -I $(qapi-dir) - -$(qapi-dir)/test-qapi-types.c $(qapi-dir)/test-qapi-types.h :\ +check-unit-y = tests/check-qdict$(EXESUF) +check-unit-y += tests/check-qfloat$(EXESUF) +check-unit-y += tests/check-qint$(EXESUF) +check-unit-y += tests/check-qstring$(EXESUF) +check-unit-y += tests/check-qlist$(EXESUF) +check-unit-y += tests/check-qjson$(EXESUF) +check-unit-y += tests/test-qmp-output-visitor$(EXESUF) +check-unit-y += tests/test-qmp-input-visitor$(EXESUF) +check-unit-y += tests/test-qmp-input-strict$(EXESUF) +check-unit-y += tests/test-qmp-commands$(EXESUF) +check-unit-y += tests/test-s
[Qemu-devel] [PATCH v4 0/7] new test infrastructure + qtest
This is a rebase of qtest. I split the gtester infrastructure into its own patch, and reorganized the tests by moving everything into tests/. Also, libqtest now has bindings for the clock management commands, and I am using them in rtc-test. Finally, the accept is moved from qemu to libqtest; tests need not sleep anymore until QEMU connects. This is on top of Luiz's recent pull request. Anthony Liguori (4): qtest: add test framework qtest: add C version of test infrastructure rtc: split out macros into a header file and use in test case qtest: add rtc-test test-case Paolo Bonzini (3): test makefile overhaul qtest: IRQ interception infrastructure qtest: add clock management Makefile.objs |2 + cpu-exec.c |1 + cpus.c | 82 - cpus.h |2 + hw/irq.c | 17 + hw/irq.h |5 + hw/mc146818rtc.c | 33 -- hw/mc146818rtc.h |3 +- hw/mc146818rtc_regs.h | 62 +++ hw/pc_piix.c |5 +- osdep.h|2 + qemu-common.h |1 - qemu-options.hx|8 + qemu-timer.c |2 +- qemu-timer.h |1 + qtest.c| 443 qtest.h| 35 ++ rules.mak |2 +- scripts/gtester-cat| 26 ++ scripts/qtest |5 + tests/Makefile | 165 ++-- check-qdict.c => tests/check-qdict.c |0 check-qfloat.c => tests/check-qfloat.c |0 check-qint.c => tests/check-qint.c |0 check-qjson.c => tests/check-qjson.c |0 check-qlist.c => tests/check-qlist.c |0 check-qstring.c => tests/check-qstring.c |0 tests/libqtest.c | 385 + tests/libqtest.h | 333 +++ tests/rtc-test.c | 263 test-coroutine.c => tests/test-coroutine.c |0 test-qmp-commands.c => tests/test-qmp-commands.c |0 .../test-qmp-input-strict.c|0 .../test-qmp-input-visitor.c |0 .../test-qmp-output-visitor.c |0 .../test-string-input-visitor.c|0 .../test-string-output-visitor.c |0 vl.c | 10 +- 38 files changed, 1806 insertions(+), 87 deletions(-) create mode 100644 hw/mc146818rtc_regs.h create mode 100644 qtest.c create mode 100644 qtest.h create mode 100755 scripts/gtester-cat create mode 100755 scripts/qtest rename check-qdict.c => tests/check-qdict.c (100%) rename check-qfloat.c => tests/check-qfloat.c (100%) rename check-qint.c => tests/check-qint.c (100%) rename check-qjson.c => tests/check-qjson.c (100%) rename check-qlist.c => tests/check-qlist.c (100%) rename check-qstring.c => tests/check-qstring.c (100%) create mode 100644 tests/libqtest.c create mode 100644 tests/libqtest.h create mode 100644 tests/rtc-test.c rename test-coroutine.c => tests/test-coroutine.c (100%) rename test-qmp-commands.c => tests/test-qmp-commands.c (100%) rename test-qmp-input-strict.c => tests/test-qmp-input-strict.c (100%) rename test-qmp-input-visitor.c => tests/test-qmp-input-visitor.c (100%) rename test-qmp-output-visitor.c => tests/test-qmp-output-visitor.c (100%) rename test-string-input-visitor.c => tests/test-string-input-visitor.c (100%) rename test-string-output-visitor.c => tests/test-string-output-visitor.c (100%) -- 1.7.9.1
[Qemu-devel] [PATCH stable-0.15 27/36] block: reinitialize across bdrv_close()/bdrv_open()
From: Stefan Hajnoczi
Several BlockDriverState fields are not being reinitialized across
bdrv_close()/bdrv_open(). Make sure they are reset to their default
values.
Signed-off-by: Stefan Hajnoczi
Signed-off-by: Kevin Wolf
(cherry picked from commit 03f541bd6eacdc6c2893f72b975257c89cab2b74)
Signed-off-by: Bruce Rogers
[AF: backported]
Signed-off-by: Andreas Färber
---
block.c |6 --
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/block.c b/block.c
index 8d77746..1d6d26b 100644
--- a/block.c
+++ b/block.c
@@ -426,11 +426,14 @@ static int bdrv_open_common(BlockDriverState *bs, const
char *filename,
bs->total_sectors = 0;
bs->encrypted = 0;
bs->valid_key = 0;
+bs->sg = 0;
bs->open_flags = flags;
+bs->growable = 0;
/* buffer_alignment defaulted to 512, drivers can change this value */
bs->buffer_alignment = 512;
pstrcpy(bs->filename, sizeof(bs->filename), filename);
+bs->backing_file[0] = '\0';
if (use_bdrv_whitelist && !bdrv_is_whitelisted(drv)) {
return -ENOTSUP;
@@ -439,8 +442,7 @@ static int bdrv_open_common(BlockDriverState *bs, const
char *filename,
bs->drv = drv;
bs->opaque = qemu_mallocz(drv->instance_size);
-if (flags & BDRV_O_CACHE_WB)
-bs->enable_write_cache = 1;
+bs->enable_write_cache = !!(flags & BDRV_O_CACHE_WB);
/*
* Clear flags that are internal to the block layer before opening the
--
1.7.7
[Qemu-devel] [PATCH v4 7/7] qtest: add rtc-test test-case
From: Anthony Liguori
Signed-off-by: Anthony Liguori
Signed-off-by: Paolo Bonzini
---
tests/Makefile |5 +
tests/rtc-test.c | 263 ++
2 files changed, 268 insertions(+), 0 deletions(-)
create mode 100644 tests/rtc-test.c
diff --git a/tests/Makefile b/tests/Makefile
index 99ca308..42ce2d7 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -16,6 +16,11 @@ check-unit-y += tests/test-coroutine$(EXESUF)
check-block-$(CONFIG_POSIX) += tests/qemu-iotests-quick.sh
+# All QTests for now are POSIX-only, but the dependencies are
+# really in libqtest, not in the testcases themselves.
+check-qtest-i386-y = tests/rtc-test
+check-qtest-x86_64-y = $(check-qtest-i386-y)
+
GENERATED_HEADERS += tests/test-qapi-types.h tests/test-qapi-visit.h
tests/test-qmp-commands.h
test-obj-y = tests/check-qint.o tests/check-qstring.o tests/check-qdict.o \
diff --git a/tests/rtc-test.c b/tests/rtc-test.c
new file mode 100644
index 000..22f807c
--- /dev/null
+++ b/tests/rtc-test.c
@@ -0,0 +1,263 @@
+/*
+ * QTest testcase for the MC146818 real-time clock
+ *
+ * Copyright IBM, Corp. 2012
+ *
+ * Authors:
+ * Anthony Liguori
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+#include "libqtest.h"
+#include "hw/mc146818rtc_regs.h"
+
+#include
+#include
+#include
+#include
+#include
+
+static uint8_t base = 0x70;
+
+static int bcd2dec(int value)
+{
+return (((value >> 4) & 0x0F) * 10) + (value & 0x0F);
+}
+
+static int dec2bcd(int value)
+{
+return ((value / 10) << 4) | (value % 10);
+}
+
+static uint8_t cmos_read(uint8_t reg)
+{
+outb(base + 0, reg);
+return inb(base + 1);
+}
+
+static void cmos_write(uint8_t reg, uint8_t val)
+{
+outb(base + 0, reg);
+outb(base + 1, val);
+}
+
+static int tm_cmp(struct tm *lhs, struct tm *rhs)
+{
+time_t a, b;
+struct tm d1, d2;
+
+memcpy(&d1, lhs, sizeof(d1));
+memcpy(&d2, rhs, sizeof(d2));
+
+a = mktime(&d1);
+b = mktime(&d2);
+
+if (a < b) {
+return -1;
+} else if (a > b) {
+return 1;
+}
+
+return 0;
+}
+
+#if 0
+static void print_tm(struct tm *tm)
+{
+printf("%04d-%02d-%02d %02d:%02d:%02d\n",
+ tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday,
+ tm->tm_hour, tm->tm_min, tm->tm_sec, tm->tm_gmtoff);
+}
+#endif
+
+static void cmos_get_date_time(struct tm *date)
+{
+int base_year = 2000, hour_offset;
+int sec, min, hour, mday, mon, year;
+time_t ts;
+struct tm dummy;
+
+sec = cmos_read(RTC_SECONDS);
+min = cmos_read(RTC_MINUTES);
+hour = cmos_read(RTC_HOURS);
+mday = cmos_read(RTC_DAY_OF_MONTH);
+mon = cmos_read(RTC_MONTH);
+year = cmos_read(RTC_YEAR);
+
+if ((cmos_read(RTC_REG_B) & REG_B_DM) == 0) {
+sec = bcd2dec(sec);
+min = bcd2dec(min);
+hour = bcd2dec(hour);
+mday = bcd2dec(mday);
+mon = bcd2dec(mon);
+year = bcd2dec(year);
+hour_offset = 80;
+} else {
+hour_offset = 0x80;
+}
+
+if ((cmos_read(0x0B) & REG_B_24H) == 0) {
+if (hour >= hour_offset) {
+hour -= hour_offset;
+hour += 12;
+}
+}
+
+ts = time(NULL);
+localtime_r(&ts, &dummy);
+
+date->tm_isdst = dummy.tm_isdst;
+date->tm_sec = sec;
+date->tm_min = min;
+date->tm_hour = hour;
+date->tm_mday = mday;
+date->tm_mon = mon - 1;
+date->tm_year = base_year + year - 1900;
+date->tm_gmtoff = 0;
+
+ts = mktime(date);
+}
+
+static void check_time(int wiggle)
+{
+struct tm start, date[4], end;
+struct tm *datep;
+time_t ts;
+
+/*
+ * This check assumes a few things. First, we cannot guarantee that we get
+ * a consistent reading from the wall clock because we may hit an edge of
+ * the clock while reading. To work around this, we read four clock
readings
+ * such that at least two of them should match. We need to assume that one
+ * reading is corrupt so we need four readings to ensure that we have at
+ * least two consecutive identical readings
+ *
+ * It's also possible that we'll cross an edge reading the host clock so
+ * simply check to make sure that the clock reading is within the period of
+ * when we expect it to be.
+ */
+
+ts = time(NULL);
+gmtime_r(&ts, &start);
+
+cmos_get_date_time(&date[0]);
+cmos_get_date_time(&date[1]);
+cmos_get_date_time(&date[2]);
+cmos_get_date_time(&date[3]);
+
+ts = time(NULL);
+gmtime_r(&ts, &end);
+
+if (tm_cmp(&date[0], &date[1]) == 0) {
+datep = &date[0];
+} else if (tm_cmp(&date[1], &date[2]) == 0) {
+datep = &date[1];
+} else if (tm_cmp(&date[2], &date[3]) == 0) {
+datep = &date[2];
+} else {
+g_assert_not_reached();
+}
+
+if (!(tm_cmp(&start, datep) <= 0 && tm_cmp(datep, &end)
Re: [Qemu-devel] [PATCH v6 2/2] target-arm: Minimalistic CPU QOM'ification
>> +static void arm_cpu_reset(CPUState *c)
>> +{
>> + ARMCPU *cpu = ARM_CPU(c);
>> + ARMCPUClass *class = ARM_CPU_GET_CLASS(cpu);
>> +
>> + class->parent_reset(c);
>
> I thought we were avoiding 'class' in favour of 'klass'?
I have suggested it once and I can only say it again,
please, call it 'cpu_class'. It is the least surprising name.
--
Thanks.
-- Max
Re: [Qemu-devel] [PATCH v6 2/2] target-arm: Minimalistic CPU QOM'ification
Am 28.03.2012 15:40, schrieb Peter Maydell:
> On 26 March 2012 18:28, Andreas Färber wrote:
>
>> +static void arm_cpu_reset(CPUState *c)
>> +{
>> +ARMCPU *cpu = ARM_CPU(c);
>> +ARMCPUClass *class = ARM_CPU_GET_CLASS(cpu);
>> +
>> +class->parent_reset(c);
>
> I thought we were avoiding 'class' in favour of 'klass'?
Max complained about that and no one argued against him, so I avoided it
in the .c file where it's not strictly necessary. It's really only
necessary in the headers. But I don't mind either way.
For me, the convention is cpu_class => CPUClass, so it would be unwise
here, thus one of class, clazz, klass.
>> +static const TypeInfo arm_cpu_type_info = {
>> +.name = TYPE_ARM_CPU,
>> +.parent = TYPE_CPU,
>> +.instance_size = sizeof(ARMCPU),
>> +.abstract = false, /* TODO Reconsider once cp15 reworked. */
>
> As it happens I'm planning to create the per-implementation
> subclasses first and do the cp15 rework second.
Suggest a rephrase? :)
Andreas
--
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg
[Qemu-devel] [PATCH stable-0.15 22/36] vmdk: Improve error handling
From: Kevin Wolf
Return the right error values in some more places.
Signed-off-by: Kevin Wolf
(cherry picked from commit 99f1835d9bc744f98370254600530e66f32e6d81)
Signed-off-by: Bruce Rogers
Signed-off-by: Andreas Färber
---
block/vmdk.c | 21 +++--
1 files changed, 15 insertions(+), 6 deletions(-)
diff --git a/block/vmdk.c b/block/vmdk.c
index b5caa40..8284747 100644
--- a/block/vmdk.c
+++ b/block/vmdk.c
@@ -181,8 +181,10 @@ static uint32_t vmdk_read_cid(BlockDriverState *bs, int
parent)
const char *p_name, *cid_str;
size_t cid_str_size;
BDRVVmdkState *s = bs->opaque;
+int ret;
-if (bdrv_pread(bs->file, s->desc_offset, desc, DESC_SIZE) != DESC_SIZE) {
+ret = bdrv_pread(bs->file, s->desc_offset, desc, DESC_SIZE);
+if (ret < 0) {
return 0;
}
@@ -208,10 +210,12 @@ static int vmdk_write_cid(BlockDriverState *bs, uint32_t
cid)
char desc[DESC_SIZE], tmp_desc[DESC_SIZE];
char *p_name, *tmp_str;
BDRVVmdkState *s = bs->opaque;
+int ret;
memset(desc, 0, sizeof(desc));
-if (bdrv_pread(bs->file, s->desc_offset, desc, DESC_SIZE) != DESC_SIZE) {
-return -EIO;
+ret = bdrv_pread(bs->file, s->desc_offset, desc, DESC_SIZE);
+if (ret < 0) {
+return ret;
}
tmp_str = strstr(desc, "parentCID");
@@ -223,9 +227,11 @@ static int vmdk_write_cid(BlockDriverState *bs, uint32_t
cid)
pstrcat(desc, sizeof(desc), tmp_desc);
}
-if (bdrv_pwrite_sync(bs->file, s->desc_offset, desc, DESC_SIZE) < 0) {
-return -EIO;
+ret = bdrv_pwrite_sync(bs->file, s->desc_offset, desc, DESC_SIZE);
+if (ret < 0) {
+return ret;
}
+
return 0;
}
@@ -906,7 +912,10 @@ static int vmdk_write(BlockDriverState *bs, int64_t
sector_num,
/* update CID on the first write every time the virtual disk is
* opened */
if (!s->cid_updated) {
-vmdk_write_cid(bs, time(NULL));
+ret = vmdk_write_cid(bs, time(NULL));
+if (ret < 0) {
+return ret;
+}
s->cid_updated = true;
}
}
--
1.7.7
Re: [Qemu-devel] [PATCH v6 2/2] target-arm: Minimalistic CPU QOM'ification
Am 28.03.2012 15:46, schrieb Max Filippov:
>>> +static void arm_cpu_reset(CPUState *c)
>>> +{
>>> +ARMCPU *cpu = ARM_CPU(c);
>>> +ARMCPUClass *class = ARM_CPU_GET_CLASS(cpu);
>>> +
>>> +class->parent_reset(c);
>>
>> I thought we were avoiding 'class' in favour of 'klass'?
>
> I have suggested it once and I can only say it again,
> please, call it 'cpu_class'. It is the least surprising name.
No, cpu_class is being used for a different class, CPUClass, when
twiddling with reset handlers of the parent class, for instance.
We could call it arm_cpu_class, but is that any better?
Andreas
--
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg
Re: [Qemu-devel] [PATCH] allow to load android binary
matthieu castet free.fr> writes: > > Android binary start with a weird elf program header : the first > one is of size 0 pointing to NULL addr. > > Ignore LOAD program where MemSiz is 0. > ... > > Attachment (0001-allow-to-load-android-binary.patch): text/x-diff, 2172 bytes This old patch (not mine) is required to run Android binaries with QEMU user-mode but it was integrated yet, there was no reply indeed. Do you want me to resend it with a more detailed description?
Re: [Qemu-devel] [PATCH v6 2/2] target-arm: Minimalistic CPU QOM'ification
+static void arm_cpu_reset(CPUState *c)
+{
+ ARMCPU *cpu = ARM_CPU(c);
+ ARMCPUClass *class = ARM_CPU_GET_CLASS(cpu);
+
+ class->parent_reset(c);
>>>
>>> I thought we were avoiding 'class' in favour of 'klass'?
>>
>> I have suggested it once and I can only say it again,
>> please, call it 'cpu_class'. It is the least surprising name.
>
> No, cpu_class is being used for a different class, CPUClass, when
> twiddling with reset handlers of the parent class, for instance.
>
> We could call it arm_cpu_class, but is that any better?
There's no other class in this context, so why more specific name than
would be enough?
It's only a matter of long enough suffix, isn't it?
--
Thanks.
-- Max
[Qemu-devel] [PATCH stable-0.15 16/36] vvfat: Fix potential buffer overflow
From: Kevin Wolf path2[PATH_MAX] can be used for the null termination, so make the array big enough to allow this. Signed-off-by: Kevin Wolf (cherry picked from commit 0d460d6f414e02805cbc348404db03b2b7907360) Signed-off-by: Bruce Rogers Signed-off-by: Andreas Färber --- block/vvfat.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/block/vvfat.c b/block/vvfat.c index fe568fe..98b58f0 100644 --- a/block/vvfat.c +++ b/block/vvfat.c @@ -1741,7 +1741,7 @@ static int check_directory_consistency(BDRVVVFATState *s, long_file_name lfn; int path_len = strlen(path); -char path2[PATH_MAX]; +char path2[PATH_MAX + 1]; assert(path_len < PATH_MAX); /* len was tested before! */ pstrcpy(path2, sizeof(path2), path); -- 1.7.7
Re: [Qemu-devel] [PATCH 4/4] qdev: put all devices under /machine
Am 27.03.2012 23:11, schrieb Anthony Liguori:
> On 03/27/2012 11:38 AM, Paolo Bonzini wrote:
>> Avoid cluttering too much the QOM root.
>>
>> Signed-off-by: Paolo Bonzini
>
> Reviewed-by: Anthony Liguori
Not terribly convinced, but no better suggestion.
Could you please not hardcode this everywhere but supply a machine_get()
helper? My idea would be that what is now just a container gets replaced
by the future QOM machine object.
I.e. object_get_root() -> machine_get() or whatever we want to call it,
calling container_get("/machine").
Andreas
>
> Regards,
>
> Anthony Liguori
>
>> ---
>> hw/piix_pci.c |2 +-
>> hw/ppc_prep.c |2 +-
>> hw/qdev-monitor.c |4 ++--
>> hw/qdev.c |2 +-
>> 4 files changed, 5 insertions(+), 5 deletions(-)
>>
>> diff --git a/hw/piix_pci.c b/hw/piix_pci.c
>> index 9017565..bd20a16 100644
>> --- a/hw/piix_pci.c
>> +++ b/hw/piix_pci.c
>> @@ -276,7 +276,7 @@ static PCIBus *i440fx_common_init(const char
>> *device_name,
>> b = pci_bus_new(&s->busdev.qdev, NULL, pci_address_space,
>> address_space_io, 0);
>> s->bus = b;
>> -object_property_add_child(object_get_root(), "i440fx",
>> OBJECT(dev), NULL);
>> +object_property_add_child(container_get("/machine"), "i440fx",
>> OBJECT(dev), NULL);
>> qdev_init_nofail(dev);
>>
>> d = pci_create_simple(b, 0, device_name);
>> diff --git a/hw/ppc_prep.c b/hw/ppc_prep.c
>> index 86c9336..d06fc5e 100644
>> --- a/hw/ppc_prep.c
>> +++ b/hw/ppc_prep.c
>> @@ -615,7 +615,7 @@ static void ppc_prep_init (ram_addr_t ram_size,
>> sys = sysbus_from_qdev(dev);
>> pcihost = DO_UPCAST(PCIHostState, busdev, sys);
>> pcihost->address_space = get_system_memory();
>> -object_property_add_child(object_get_root(), "raven",
>> OBJECT(dev), NULL);
>> +object_property_add_child(container_get("/machine", "raven",
>> OBJECT(dev), NULL);
>> qdev_init_nofail(dev);
>> pci_bus = (PCIBus *)qdev_get_child_bus(dev, "pci.0");
>> if (pci_bus == NULL) {
>> diff --git a/hw/qdev-monitor.c b/hw/qdev-monitor.c
>> index 031cb83..4783366 100644
>> --- a/hw/qdev-monitor.c
>> +++ b/hw/qdev-monitor.c
>> @@ -180,7 +180,7 @@ static Object *qdev_get_peripheral(void)
>> static Object *dev;
>>
>> if (dev == NULL) {
>> -dev = container_get("/peripheral");
>> +dev = container_get("/machine/peripheral");
>> }
>>
>> return dev;
>> @@ -191,7 +191,7 @@ static Object *qdev_get_peripheral_anon(void)
>> static Object *dev;
>>
>> if (dev == NULL) {
>> -dev = container_get("/peripheral-anon");
>> +dev = container_get("/machine/peripheral-anon");
>> }
>>
>> return dev;
>> diff --git a/hw/qdev.c b/hw/qdev.c
>> index f5c716e..60e5081 100644
>> --- a/hw/qdev.c
>> +++ b/hw/qdev.c
>> @@ -157,7 +157,7 @@ int qdev_init(DeviceState *dev)
>> static int unattached_count = 0;
>> gchar *name = g_strdup_printf("device[%d]",
>> unattached_count++);
>>
>> -object_property_add_child(container_get("/unattached"), name,
>> +
>> object_property_add_child(container_get("/machine/unattached"), name,
>> OBJECT(dev), NULL);
>> g_free(name);
>> }
>
--
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg
[Qemu-devel] [PATCH stable-0.15 29/36] vmdk: Fix possible segfaults
From: Kevin Wolf
Data we read from the disk isn't necessarily null terminated and may not
contain the string we're looking for. The code needs to be a bit more careful
here.
Signed-off-by: Kevin Wolf
(cherry picked from commit 93897b9fd43548e9c15cf8bece2d9e5174b01fc7)
Signed-off-by: Bruce Rogers
Signed-off-by: Andreas Färber
---
block/vmdk.c |7 ++-
1 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/block/vmdk.c b/block/vmdk.c
index 8284747..f4fce08 100644
--- a/block/vmdk.c
+++ b/block/vmdk.c
@@ -196,6 +196,7 @@ static uint32_t vmdk_read_cid(BlockDriverState *bs, int
parent)
cid_str_size = sizeof("CID");
}
+desc[DESC_SIZE - 1] = '\0';
p_name = strstr(desc, cid_str);
if (p_name != NULL) {
p_name += cid_str_size;
@@ -212,13 +213,17 @@ static int vmdk_write_cid(BlockDriverState *bs, uint32_t
cid)
BDRVVmdkState *s = bs->opaque;
int ret;
-memset(desc, 0, sizeof(desc));
ret = bdrv_pread(bs->file, s->desc_offset, desc, DESC_SIZE);
if (ret < 0) {
return ret;
}
+desc[DESC_SIZE - 1] = '\0';
tmp_str = strstr(desc, "parentCID");
+if (tmp_str == NULL) {
+return -EINVAL;
+}
+
pstrcpy(tmp_desc, sizeof(tmp_desc), tmp_str);
p_name = strstr(desc, "CID");
if (p_name != NULL) {
--
1.7.7
[Qemu-devel] [PATCH stable-0.15 10/36] ide: Fix off-by-one error in array index check
From: Kevin Wolf
Signed-off-by: Kevin Wolf
Reviewed-by: Paolo Bonzini
(cherry picked from commit fb60105d4942a26f571b1be92a8b9e7528d0c4d8)
Signed-off-by: Bruce Rogers
Signed-off-by: Andreas Färber
---
hw/ide/core.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/hw/ide/core.c b/hw/ide/core.c
index d145b19..9bc446e 100644
--- a/hw/ide/core.c
+++ b/hw/ide/core.c
@@ -1933,7 +1933,7 @@ static int ide_drive_pio_post_load(void *opaque, int
version_id)
{
IDEState *s = opaque;
-if (s->end_transfer_fn_idx > ARRAY_SIZE(transfer_end_table)) {
+if (s->end_transfer_fn_idx >= ARRAY_SIZE(transfer_end_table)) {
return -EINVAL;
}
s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx];
--
1.7.7
Re: [Qemu-devel] [PATCH v6 2/2] target-arm: Minimalistic CPU QOM'ification
Am 28.03.2012 16:00, schrieb Max Filippov:
> +static void arm_cpu_reset(CPUState *c)
> +{
> +ARMCPU *cpu = ARM_CPU(c);
> +ARMCPUClass *class = ARM_CPU_GET_CLASS(cpu);
> +
> +class->parent_reset(c);
I thought we were avoiding 'class' in favour of 'klass'?
>>>
>>> I have suggested it once and I can only say it again,
>>> please, call it 'cpu_class'. It is the least surprising name.
>>
>> No, cpu_class is being used for a different class, CPUClass, when
>> twiddling with reset handlers of the parent class, for instance.
>>
>> We could call it arm_cpu_class, but is that any better?
>
> There's no other class in this context, so why more specific name than
> would be enough?
> It's only a matter of long enough suffix, isn't it?
My point was that using cpu_class for two very different things is not
"least surprising" when reading patches containing minimal context. You
don't always see the declaration, so I'd like to keep it consistent
across functions.
Andreas
--
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg
[Qemu-devel] [PATCH v4 5/7] qtest: add C version of test infrastructure
From: Anthony Liguori
This also includes a qtest wrapper script to make it easier to launch qtest
tests directly.
Signed-off-by: Anthony Liguori
Signed-off-by: Paolo Bonzini
---
osdep.h |2 +
qemu-common.h|1 -
tests/Makefile | 26 -
tests/libqtest.c | 385 ++
tests/libqtest.h | 333 ++
5 files changed, 743 insertions(+), 4 deletions(-)
create mode 100644 tests/libqtest.c
create mode 100644 tests/libqtest.h
diff --git a/osdep.h b/osdep.h
index 15e..428285c 100644
--- a/osdep.h
+++ b/osdep.h
@@ -140,4 +140,6 @@ static inline void qemu_timersub(const struct timeval *val1,
#define qemu_timersub timersub
#endif
+void qemu_set_cloexec(int fd);
+
#endif
diff --git a/qemu-common.h b/qemu-common.h
index c9e96a8..4647dd9 100644
--- a/qemu-common.h
+++ b/qemu-common.h
@@ -190,7 +190,6 @@ ssize_t qemu_send_full(int fd, const void *buf, size_t
count, int flags)
QEMU_WARN_UNUSED_RESULT;
ssize_t qemu_recv_full(int fd, void *buf, size_t count, int flags)
QEMU_WARN_UNUSED_RESULT;
-void qemu_set_cloexec(int fd);
#ifndef _WIN32
int qemu_eventfd(int pipefd[2]);
diff --git a/tests/Makefile b/tests/Makefile
index 249f972..99ca308 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -58,11 +58,22 @@ tests/test-qmp-input-visitor$(EXESUF):
tests/test-qmp-input-visitor.o $(test-qap
tests/test-qmp-input-strict$(EXESUF): tests/test-qmp-input-strict.o
$(test-qapi-obj-y)
tests/test-qmp-commands$(EXESUF): tests/test-qmp-commands.o
tests/test-qmp-marshal.o $(test-qapi-obj-y)
+# QTest rules
+
+TARGETS=$(patsubst %-softmmu,%, $(filter %-softmmu,$(TARGET_DIRS)))
+QTEST_TARGETS=$(foreach TARGET,$(TARGETS), $(if $(check-qtest-$(TARGET)-y),
$(TARGET),))
+check-qtest-$(CONFIG_POSIX)=$(foreach TARGET,$(TARGETS),
$(check-qtest-$(TARGET)-y))
+
+qtest-obj-y = tests/libqtest.o $(oslib-obj-y)
+$(check-qtest-y): $(qtest-obj-y)
+
.PHONY: check-help
check-help:
@echo "Regression testing targets:"
@echo
@echo " make checkRun all tests"
+ @echo " make check-qtest-TARGET Run qtest tests for given target"
+ @echo " make check-qtest Run qtest tests"
@echo " make check-unit Run qobject tests"
@echo " make check-block Run block tests"
@echo " make check-report.htmlGenerates an HTML test report"
@@ -81,18 +91,27 @@ GTESTER_OPTIONS = -k $(if $(V),--verbose,-q)
# gtester tests, possibly with verbose output
+.PHONY: $(patsubst %, check-qtest-%, $(QTEST_TARGETS))
+$(patsubst %, check-qtest-%, $(QTEST_TARGETS)): check-qtest-%: $(check-qtest-y)
+ $(call quiet-command,QTEST_QEMU_BINARY=$*-softmmu/qemu-system-$* \
+ gtester $(GTESTER_OPTIONS) -m=$(SPEED)
$(check-qtest-$*-y),"GTESTER $@")
+
.PHONY: $(patsubst %, check-%, $(check-unit-y))
$(patsubst %, check-%, $(check-unit-y)): check-%: %
$(call quiet-command,gtester $(GTESTER_OPTIONS) -m=$(SPEED) $*,"GTESTER
$*")
# gtester tests with XML output
+$(patsubst %, check-report-qtest-%.xml, $(QTEST_TARGETS)):
check-report-qtest-%.xml: $(check-qtest-y)
+ $(call quiet-command,QTEST_QEMU_BINARY=$*-softmmu/qemu-system-$* \
+ gtester -q $(GTESTER_OPTIONS) -o $@ -m=$(SPEED)
$(check-qtest-$*-y),"GTESTER $@")
+
check-report-unit.xml: $(check-unit-y)
$(call quiet-command,gtester -q $(GTESTER_OPTIONS) -o $@ -m=$(SPEED)
$^, "GTESTER $@")
# Reports and overall runs
-check-report.xml: check-report-unit.xml
+check-report.xml: $(patsubst %,check-report-qtest-%.xml, $(QTEST_TARGETS))
check-report-unit.xml
$(call quiet-command,$(SRC_PATH)/scripts/gtester-cat $^ > $@, " GEN
$@")
check-report.html: check-report.xml
@@ -107,7 +126,8 @@ check-tests/qemu-iotests-quick.sh:
tests/qemu-iotests-quick.sh qemu-img$(EXESUF)
# Consolidated targets
-.PHONY: check-unit check
+.PHONY: check-qtest check-unit check
+check-qtest: $(patsubst %,check-qtest-%, $(QTEST_TARGETS))
check-unit: $(patsubst %,check-%, $(check-unit-y))
check-block: $(patsubst %,check-%, $(check-block-y))
-check: check-unit
+check: check-unit check-qtest
diff --git a/tests/libqtest.c b/tests/libqtest.c
new file mode 100644
index 000..2e2b9de
--- /dev/null
+++ b/tests/libqtest.c
@@ -0,0 +1,387 @@
+/*
+ * QTest
+ *
+ * Copyright IBM, Corp. 2012
+ * Copyright Red Hat, Inc. 2012
+ *
+ * Authors:
+ * Anthony Liguori
+ * Paolo Bonzini
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+#include "libqtest.h"
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+
+#include "osdep.h"
+
+#define MAX_IRQ 256
+
+QTestState *global_qtest;
+
+struct QTestState
+{
+int fd;
+bool irq_level[MAX_IRQ];
+GString *rx;
+gchar *pid_file;
+};
+
+#def
[Qemu-devel] [PATCH stable-0.15 12/36] migration: flush migration data to disk.
From: Gerd Hoffmann
This patch increases robustness when migrating to a file with
two little changes:
(1) Before closing the migration file handle checks if it happens to be
a regular file and if so it issues a fsync. This way the data is
flushed to disk before qemu sends the migration completed event.
(2) It adds error checking. In case either fsync or close syscall
fails pass up the error (and fail migration).
[ v2: return -errno instead of -1 ]
Cc: Juan Quintela
Cc: Jiri Denemark
Signed-off-by: Gerd Hoffmann
Signed-off-by: Anthony Liguori
(cherry picked from commit aab2293687ee54a409f3fb53a1ab3595b595e0fb)
Signed-off-by: Bruce Rogers
Signed-off-by: Andreas Färber
---
migration-fd.c | 23 ++-
1 files changed, 22 insertions(+), 1 deletions(-)
diff --git a/migration-fd.c b/migration-fd.c
index 66d51c1..f986bdf 100644
--- a/migration-fd.c
+++ b/migration-fd.c
@@ -42,10 +42,31 @@ static int fd_write(FdMigrationState *s, const void * buf,
size_t size)
static int fd_close(FdMigrationState *s)
{
+struct stat st;
+int ret;
+
DPRINTF("fd_close\n");
if (s->fd != -1) {
-close(s->fd);
+ret = fstat(s->fd, &st);
+if (ret == 0 && S_ISREG(st.st_mode)) {
+/*
+ * If the file handle is a regular file make sure the
+ * data is flushed to disk before signaling success.
+ */
+ret = fsync(s->fd);
+if (ret != 0) {
+ret = -errno;
+perror("migration-fd: fsync");
+return ret;
+}
+}
+ret = close(s->fd);
s->fd = -1;
+if (ret != 0) {
+ret = -errno;
+perror("migration-fd: close");
+return ret;
+}
}
return 0;
}
--
1.7.7
Re: [Qemu-devel] [PATCH] allow to load android binary
2012/3/28 Cédric VINCENT : > matthieu castet free.fr> writes: >> >> Android binary start with a weird elf program header : the first >> one is of size 0 pointing to NULL addr. >> >> Ignore LOAD program where MemSiz is 0. > This old patch (not mine) is required to run Android binaries with > QEMU user-mode but it was integrated yet, there was no reply indeed. > Do you want me to resend it with a more detailed description? There was also this thread: http://lists.gnu.org/archive/html/qemu-devel/2012-02/msg02810.html about a different patch attempting to fix the same issue. I'm not sure which patch is better, haven't looked closely... -- PMM
[Qemu-devel] [PATCH stable-0.15 00/36] Preparing 0.15.2
Hello Anthony and Justin, As announced last year, SUSE is shipping a patched qemu-kvm 0.15.1 with our recently released SLES 11 SP2. We are therefore very interested in cutting 0.15.2 releases for QEMU and later on qemu-kvm. This series contains only bugfix cherry-picks from qemu.git master, conflict resolutions or bug numbers are annotated. I started with recent CVEs and bugs that I had worked on and then worked through a list of candidates supplied by Bruce, who has been maintaining our downstream patch queue, with me inserting two prerequisite patches to avoid manual conflict resolution. In addition to this series there's one candidate patch that might not be a cherry-pick as well as two cherry-picks against KVM-only pci-assign that we'll submit separately. Please let me know how we are supposed to handle applying this batch to qemu-stable-0.15.git. Thanks! Regards, Andreas Cc: Anthony Liguori Cc: Justin M. Forbes Cc: Bruce Rogers Cc: Bo Yang Cc: Alexander Graf Cc: Charles Arnold Cc: Avi Kivity Cc: Marcelo Tosatti Alex Williamson (1): Error check find_ram_offset Anthony Liguori (3): e1000: bounds packet size against buffer size pc: add pc-0.15 pc: fix event_idx compatibility for virtio devices Anthony PERARD (1): cpu-common: Have a ram_addr_t of uint64 with Xen. Avi Kivity (2): kvm: avoid reentring kvm_flush_coalesced_mmio_buffer() qemu_vmalloc: align properly for transparent hugepages and KVM Bharata B Rao (1): Fix X86 CPU topology in KVM mode Bjørn Mork (1): e1000: use MII status register for link up/down Charles Arnold (1): block: Fix vpc initialization of the Dynamic Disk Header Eric Sunshine (1): Teach block/vdi about "discarded" (no longer allocated) blocks Gerd Hoffmann (4): migration: flush migration data to disk. ac97: don't override the pci subsystem id vns/tls: don't use depricated gnutls functions qxl: stride fixup Jan Kiszka (1): qdev: Reset hot-plugged devices Jes Sorensen (1): Add missing trace call to oslib-posix.c:qemu_vmalloc() Kevin Wolf (7): block: Fix bdrv_open use after free ide: Fix off-by-one error in array index check vvfat: Fix potential buffer overflow vmdk: Improve error handling qcow: Fix bdrv_write_compressed error handling vmdk: Fix possible segfaults pc: Fix floppy drives with if=none Marc-André Lureau (2): hda: do not mix output and input streams, RHBZ #740493 hda: do not mix output and input stream states, RHBZ #740493 Markus Armbruster (3): ccid: Fix buffer overrun in handling of VSC_ATR message acl: Fix use after free in qemu_acl_reset() console: Fix rendering of VGA underline Nick Thomas (1): block/curl: Implement a flush function on the fd handlers Pavel Borzenkov (1): vmdk: vmdk_read_cid returns garbage if p_name is NULL Peter Maydell (2): compatfd.c: Don't pass NULL pointer to SYS_signalfd hw/lan9118.c: Add missing 'break' to fix buffer overrun Stefan Hajnoczi (2): block: set bs->read_only before .bdrv_open() block: reinitialize across bdrv_close()/bdrv_open() dann frazier (1): e1000: Don't set the Capabilities List bit acl.c |4 +- block.c | 12 --- block/curl.c| 26 +-- block/qcow.c| 30 +++-- block/vdi.c | 23 - block/vmdk.c| 30 +- block/vpc.c |6 +++- block/vvfat.c |2 +- compatfd.c | 12 ++- console.c |6 ++-- cpu-common.h|8 + exec.c | 18 --- hw/ac97.c | 16 ++--- hw/ccid-card-passthru.c |1 + hw/e1000.c | 12 +-- hw/e1000_hw.h | 17 ++ hw/fdc.c| 12 +++ hw/fdc.h|9 - hw/hda-audio.c | 26 +++ hw/ide/core.c |2 +- hw/intel-hda.c | 18 ++- hw/intel-hda.h |2 +- hw/lan9118.c|1 + hw/pc.c | 26 --- hw/pc.h |3 +- hw/pc_piix.c| 79 --- hw/qdev.c |3 ++ hw/qxl-render.c | 23 +++-- hw/qxl.h|3 +- kvm-all.c | 10 ++ migration-fd.c | 23 +- oslib-posix.c | 17 +- target-i386/helper.c|1 + ui/vnc-tls.c| 68 +--- xen-all.c |2 +- 35 files changed, 420 insertions(+), 131 deletions(-) -- 1.7.7
[Qemu-devel] [PATCH stable-0.15 32/36] Error check find_ram_offset
From: Alex Williamson
Spotted via code review, we initialize offset to 0 to avoid a
compiler warning, but in the unlikely case that offset is
never set to something else, we should abort instead of return
a value that will almost certainly cause problems.
Signed-off-by: Alex Williamson
Signed-off-by: Anthony Liguori
(cherry picked from commit 3e837b2c05bc63fe2226baf3c29923d5a688593f)
Signed-off-by: Bruce Rogers
Signed-off-by: Andreas Färber
---
exec.c | 11 +--
1 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/exec.c b/exec.c
index 6fb589b..537a49f 100644
--- a/exec.c
+++ b/exec.c
@@ -2863,7 +2863,7 @@ static void *file_ram_alloc(RAMBlock *block,
static ram_addr_t find_ram_offset(ram_addr_t size)
{
RAMBlock *block, *next_block;
-ram_addr_t offset = 0, mingap = RAM_ADDR_MAX;
+ram_addr_t offset = RAM_ADDR_MAX, mingap = RAM_ADDR_MAX;
if (QLIST_EMPTY(&ram_list.blocks))
return 0;
@@ -2879,10 +2879,17 @@ static ram_addr_t find_ram_offset(ram_addr_t size)
}
}
if (next - end >= size && next - end < mingap) {
-offset = end;
+offset = end;
mingap = next - end;
}
}
+
+if (offset == RAM_ADDR_MAX) {
+fprintf(stderr, "Failed to find gap of requested size: %" PRIu64 "\n",
+(uint64_t)size);
+abort();
+}
+
return offset;
}
--
1.7.7
[Qemu-devel] [PATCH v4 4/7] qtest: add clock management
This patch combines qtest and -icount together to turn the vm_clock
into a source that can be fully managed by the client. To this end new
commands clock_step and clock_set are added. Hooking them with libqtest
is left as an exercise to the reader.
Signed-off-by: Paolo Bonzini
Signed-off-by: Anthony Liguori
---
cpus.c | 20
cpus.h |2 ++
qemu-timer.c |2 +-
qemu-timer.h |1 +
qtest.c | 45 +
5 files changed, 69 insertions(+), 1 deletions(-)
diff --git a/cpus.c b/cpus.c
index 010047e..107b2ca 100644
--- a/cpus.c
+++ b/cpus.c
@@ -34,6 +34,7 @@
#include "qemu-thread.h"
#include "cpus.h"
+#include "qtest.h"
#include "main-loop.h"
#ifndef _WIN32
@@ -238,6 +239,20 @@ static void icount_warp_rt(void *opaque)
vm_clock_warp_start = -1;
}
+void qtest_clock_warp(int64_t dest)
+{
+int64_t clock = qemu_get_clock_ns(vm_clock);
+assert(qtest_enabled());
+while (clock < dest) {
+int64_t deadline = qemu_clock_deadline(vm_clock);
+int64_t warp = MIN(dest - clock, deadline);
+qemu_icount_bias += warp;
+qemu_run_timers(vm_clock);
+clock = qemu_get_clock_ns(vm_clock);
+}
+qemu_notify_event();
+}
+
void qemu_clock_warp(QEMUClock *clock)
{
int64_t deadline;
@@ -264,6 +279,11 @@ void qemu_clock_warp(QEMUClock *clock)
return;
}
+if (qtest_enabled()) {
+/* When testing, qtest commands advance icount. */
+ return;
+}
+
vm_clock_warp_start = qemu_get_clock_ns(rt_clock);
deadline = qemu_clock_deadline(vm_clock);
if (deadline > 0) {
diff --git a/cpus.h b/cpus.h
index 4ea2fe2..81bd817 100644
--- a/cpus.h
+++ b/cpus.h
@@ -11,6 +11,8 @@ void cpu_synchronize_all_states(void);
void cpu_synchronize_all_post_reset(void);
void cpu_synchronize_all_post_init(void);
+void qtest_clock_warp(int64_t dest);
+
/* vl.c */
extern int smp_cores;
extern int smp_threads;
diff --git a/qemu-timer.c b/qemu-timer.c
index d7f56e5..80bcc56 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -397,7 +397,7 @@ int qemu_timer_expired(QEMUTimer *timer_head, int64_t
current_time)
return qemu_timer_expired_ns(timer_head, current_time * timer_head->scale);
}
-static void qemu_run_timers(QEMUClock *clock)
+void qemu_run_timers(QEMUClock *clock)
{
QEMUTimer **ptimer_head, *ts;
int64_t current_time;
diff --git a/qemu-timer.h b/qemu-timer.h
index de17f3b..661bbe7 100644
--- a/qemu-timer.h
+++ b/qemu-timer.h
@@ -59,6 +59,7 @@ int qemu_timer_pending(QEMUTimer *ts);
int qemu_timer_expired(QEMUTimer *timer_head, int64_t current_time);
uint64_t qemu_timer_expire_time_ns(QEMUTimer *ts);
+void qemu_run_timers(QEMUClock *clock);
void qemu_run_all_timers(void);
int qemu_alarm_pending(void);
void configure_alarms(char const *opt);
diff --git a/qtest.c b/qtest.c
index a1eca49..53e2b79 100644
--- a/qtest.c
+++ b/qtest.c
@@ -18,6 +18,7 @@
#include "memory.h"
#include "hw/irq.h"
#include "sysemu.h"
+#include "cpus.h"
#define MAX_IRQ 256
@@ -44,6 +45,30 @@ static bool qtest_opened;
*
* Valid requests
*
+ * Clock management:
+ *
+ * The qtest client is completely in charge of the vm_clock. qtest commands
+ * let you adjust the value of the clock (monotonically). All the commands
+ * return the current value of the clock in nanoseconds.
+ *
+ * > clock_step
+ * < OK VALUE
+ *
+ * Advance the clock to the next deadline. Useful when waiting for
+ * asynchronous events.
+ *
+ * > clock_step NS
+ * < OK VALUE
+ *
+ * Advance the clock by NS nanoseconds.
+ *
+ * > clock_set NS
+ * < OK VALUE
+ *
+ * Advance the clock to NS nanoseconds (do nothing if it's already past).
+ *
+ * PIO and memory access:
+ *
* > outb ADDR VALUE
* < OK
*
@@ -299,6 +324,25 @@ static void qtest_process_command(CharDriverState *chr,
gchar **words)
qtest_send_prefix(chr);
qtest_send(chr, "OK\n");
+} else if (strcmp(words[0], "clock_step") == 0) {
+int64_t ns;
+
+if (words[1]) {
+ns = strtoll(words[1], NULL, 0);
+} else {
+ns = qemu_clock_deadline(vm_clock);
+}
+qtest_clock_warp(qemu_get_clock_ns(vm_clock) + ns);
+qtest_send_prefix(chr);
+qtest_send(chr, "OK %"PRIi64"\n",
(int64_t)qemu_get_clock_ns(vm_clock));
+} else if (strcmp(words[0], "clock_set") == 0) {
+int64_t ns;
+
+g_assert(words[1]);
+ns = strtoll(words[1], NULL, 0);
+qtest_clock_warp(ns);
+qtest_send_prefix(chr);
+qtest_send(chr, "OK %"PRIi64"\n",
(int64_t)qemu_get_clock_ns(vm_clock));
} else {
qtest_send_prefix(chr);
qtest_send(chr, "FAIL Unknown command `%s'\n", words[0]);
@@ -377,6 +421,7 @@ int qtest_init(void)
g_assert(qtest_chrdev != NULL);
+configure_icount("0");
chr = qemu_chr_new("qtest", qtest_chrdev, NULL);
qemu_chr_add_handlers(chr,
Re: [Qemu-devel] [PATCH v6 2/2] target-arm: Minimalistic CPU QOM'ification
On 26 March 2012 18:28, Andreas Färber wrote:
> +static void arm_cpu_reset(CPUState *c)
> +{
> + ARMCPU *cpu = ARM_CPU(c);
> + ARMCPUClass *class = ARM_CPU_GET_CLASS(cpu);
> +
> + class->parent_reset(c);
> +
> + /* TODO Drop this in favor of cpu_arm_reset() calling cpu_reset()
> + * once cpu_reset_model_id() is gone. */
> + cpu_state_reset(&cpu->env);
> +}
...there is no cpu_arm_reset(), do you mean arm_cpu_reset()
in this comment?
-- PMM
[Qemu-devel] [PATCH 1/2] tracetool: dtrace: handle in and next reserved words
Signed-off-by: Alon Levy --- scripts/tracetool |6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/tracetool b/scripts/tracetool index 65bd0a1..e7cebf3 100755 --- a/scripts/tracetool +++ b/scripts/tracetool @@ -494,9 +494,9 @@ EOF i=1 for arg in $arglist do -# 'limit' is a reserved keyword -if [ "$arg" = "limit" ]; then - arg="_limit" +# 'limit', 'in' and 'next' are reserved keywords +if [ "$arg" = "limit" -o "$arg" = "in" -o "$arg" = "next" ]; then + arg="_$arg" fi cat <
[Qemu-devel] [PATCH 2/2] tracetool: dtrace: warn on reserved word usage
Signed-off-by: Alon Levy --- scripts/tracetool |1 + 1 file changed, 1 insertion(+) diff --git a/scripts/tracetool b/scripts/tracetool index e7cebf3..d011bb7 100755 --- a/scripts/tracetool +++ b/scripts/tracetool @@ -496,6 +496,7 @@ EOF do # 'limit', 'in' and 'next' are reserved keywords if [ "$arg" = "limit" -o "$arg" = "in" -o "$arg" = "next" ]; then + echo "reserved word used in line: $1" 1>&2 arg="_$arg" fi cat <
[Qemu-devel] [PATCH v4 2/7] qtest: add test framework
From: Anthony Liguori
The idea behind qtest is pretty simple. Instead of executing a CPU via TCG or
KVM, rely on an external process to send events to the device model that the CPU
would normally generate.
qtest presents itself as an accelerator. In addition, a new option is added to
establish a qtest server (-qtest) that takes a character device. This is what
allows the external process to send CPU events to the device model.
qtest uses a simple line based protocol to send the events. Documentation of
that protocol is in qtest.c.
I considered reusing the monitor for this job. Adding interrupts would be a bit
difficult. In addition, logging would also be difficult.
qtest has extensive logging support. All protocol commands are logged with
time stamps using a new command line option (-qtest-log). Logging is important
since ultimately, this is a feature for debugging.
Signed-off-by: Anthony Liguori
Signed-off-by: Paolo Bonzini
---
Makefile.objs |2 +
cpu-exec.c |1 +
cpus.c | 62 +-
qemu-options.hx |8 ++
qtest.c | 354 +++
qtest.h | 35 ++
scripts/qtest |5 +
vl.c| 10 ++-
8 files changed, 473 insertions(+), 4 deletions(-)
create mode 100644 qtest.c
create mode 100644 qtest.h
create mode 100755 scripts/qtest
diff --git a/Makefile.objs b/Makefile.objs
index 226b01d..e9842b0 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -322,6 +322,8 @@ hw-obj-$(CONFIG_DP8393X) += dp8393x.o
hw-obj-$(CONFIG_DS1225Y) += ds1225y.o
hw-obj-$(CONFIG_MIPSNET) += mipsnet.o
+hw-obj-y += qtest.o
+
# Sound
sound-obj-y =
sound-obj-$(CONFIG_SB16) += sb16.o
diff --git a/cpu-exec.c b/cpu-exec.c
index 0fa8325..d153f97 100644
--- a/cpu-exec.c
+++ b/cpu-exec.c
@@ -21,6 +21,7 @@
#include "disas.h"
#include "tcg.h"
#include "qemu-barrier.h"
+#include "qtest.h"
int tb_invalidated_flag;
diff --git a/cpus.c b/cpus.c
index 25ba621..010047e 100644
--- a/cpus.c
+++ b/cpus.c
@@ -741,6 +741,48 @@ static void *qemu_kvm_cpu_thread_fn(void *arg)
return NULL;
}
+static void *qemu_dummy_cpu_thread_fn(void *arg)
+{
+#ifdef _WIN32
+fprintf(stderr, "qtest is not supported under Windows\n");
+exit(1);
+#else
+CPUArchState *env = arg;
+sigset_t waitset;
+int r;
+
+qemu_mutex_lock_iothread();
+qemu_thread_get_self(env->thread);
+env->thread_id = qemu_get_thread_id();
+
+sigemptyset(&waitset);
+sigaddset(&waitset, SIG_IPI);
+
+/* signal CPU creation */
+env->created = 1;
+qemu_cond_signal(&qemu_cpu_cond);
+
+cpu_single_env = env;
+while (1) {
+cpu_single_env = NULL;
+qemu_mutex_unlock_iothread();
+do {
+int sig;
+r = sigwait(&waitset, &sig);
+} while (r == -1 && (errno == EAGAIN || errno == EINTR));
+if (r == -1) {
+perror("sigwait");
+exit(1);
+}
+qemu_mutex_lock_iothread();
+cpu_single_env = env;
+qemu_wait_io_event_common(env);
+}
+
+return NULL;
+#endif
+}
+
static void tcg_exec_all(void);
static void *qemu_tcg_cpu_thread_fn(void *arg)
@@ -803,7 +845,7 @@ void qemu_cpu_kick(void *_env)
CPUArchState *env = _env;
qemu_cond_broadcast(env->halt_cond);
-if (kvm_enabled() && !env->thread_kicked) {
+if (!tcg_enabled() && !env->thread_kicked) {
qemu_cpu_kick_thread(env);
env->thread_kicked = true;
}
@@ -832,7 +874,7 @@ int qemu_cpu_is_self(void *_env)
void qemu_mutex_lock_iothread(void)
{
-if (kvm_enabled()) {
+if (!tcg_enabled()) {
qemu_mutex_lock(&qemu_global_mutex);
} else {
iothread_requesting_mutex = true;
@@ -947,6 +989,18 @@ static void qemu_kvm_start_vcpu(CPUArchState *env)
}
}
+static void qemu_dummy_start_vcpu(CPUArchState *env)
+{
+env->thread = g_malloc0(sizeof(QemuThread));
+env->halt_cond = g_malloc0(sizeof(QemuCond));
+qemu_cond_init(env->halt_cond);
+qemu_thread_create(env->thread, qemu_dummy_cpu_thread_fn, env,
+ QEMU_THREAD_JOINABLE);
+while (env->created == 0) {
+qemu_cond_wait(&qemu_cpu_cond, &qemu_global_mutex);
+}
+}
+
void qemu_init_vcpu(void *_env)
{
CPUArchState *env = _env;
@@ -956,8 +1010,10 @@ void qemu_init_vcpu(void *_env)
env->stopped = 1;
if (kvm_enabled()) {
qemu_kvm_start_vcpu(env);
-} else {
+} else if (tcg_enabled()) {
qemu_tcg_init_vcpu(env);
+} else {
+qemu_dummy_start_vcpu(env);
}
}
diff --git a/qemu-options.hx b/qemu-options.hx
index 662f571..fe88939 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -2715,6 +2715,14 @@ the @var{simple} tracing backend.
@end table
ETEXI
+DEF("qtest", HAS_ARG, QEMU_OPTION_qtest,
+"-qtest CHR specify tracing options\n",
+QEMU_ARCH_ALL)
+
+DEF("qtest-log", HAS_ARG, QEMU_OPTION_qtest_log,
+"-qtest-log LOG spec
[Qemu-devel] [PATCH stable-0.15 14/36] hw/lan9118.c: Add missing 'break' to fix buffer overrun
From: Peter Maydell
Add a missing 'break' statement to fix a buffer overrun when
executing the EEPROM write-all command. Spotted by Coverity
(see bug 887883).
Signed-off-by: Peter Maydell
Signed-off-by: Stefan Hajnoczi
(cherry picked from commit 0e3b800e71cb7759d099eabbd8ad4c4fe848e381)
Signed-off-by: Bruce Rogers
Signed-off-by: Andreas Färber
---
hw/lan9118.c |1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/hw/lan9118.c b/hw/lan9118.c
index 73a8661..494b11d 100644
--- a/hw/lan9118.c
+++ b/hw/lan9118.c
@@ -863,6 +863,7 @@ static void lan9118_eeprom_cmd(lan9118_state *s, int cmd,
int addr)
} else {
DPRINTF("EEPROM Write All (ignored)\n");
}
+break;
case 5: /* ERASE */
if (s->eeprom_writable) {
s->eeprom[addr] = 0xff;
--
1.7.7
Re: [Qemu-devel] [PATCH v6 2/2] target-arm: Minimalistic CPU QOM'ification
On 28 March 2012 14:46, Andreas Färber wrote:
> Am 28.03.2012 15:40, schrieb Peter Maydell:
>> On 26 March 2012 18:28, Andreas Färber wrote:
>>
>>> +static void arm_cpu_reset(CPUState *c)
>>> +{
>>> + ARMCPU *cpu = ARM_CPU(c);
>>> + ARMCPUClass *class = ARM_CPU_GET_CLASS(cpu);
>>> +
>>> + class->parent_reset(c);
>>
>> I thought we were avoiding 'class' in favour of 'klass'?
>
> Max complained about that and no one argued against him, so I avoided it
> in the .c file where it's not strictly necessary. It's really only
> necessary in the headers. But I don't mind either way.
>
> For me, the convention is cpu_class => CPUClass, so it would be unwise
> here, thus one of class, clazz, klass.
I don't particularly care but I'd rather we were consistent.
Mostly the devices seem to go for short variable names, like:
sc = I2C_SLAVE_GET_CLASS(dev);
IDEDeviceClass *dc = IDE_DEVICE_GET_CLASS(dev);
cdc = HDA_CODEC_DEVICE_GET_CLASS(codec);
DeviceClass *dc = DEVICE_GET_CLASS(dev);
VirtIOSerialPortClass *k = VIRTIO_SERIAL_PORT_GET_CLASS(port);
and more rarely 'klass':
ISADeviceClass *klass = ISA_DEVICE_GET_CLASS(dev);
and never 'class' or 'foo_class'. (all examples obtained via
'git grep _GET_CLASS'.)
That would suggest 'k' or 'acc' here.
>>> +static const TypeInfo arm_cpu_type_info = {
>>> + .name = TYPE_ARM_CPU,
>>> + .parent = TYPE_CPU,
>>> + .instance_size = sizeof(ARMCPU),
>>> + .abstract = false, /* TODO Reconsider once cp15 reworked. */
>>
>> As it happens I'm planning to create the per-implementation
>> subclasses first and do the cp15 rework second.
>
> Suggest a rephrase? :)
Dunno. /* TODO Replace with per-implementation subclasses later */ ?
-- PMM
[Qemu-devel] [PATCH stable-0.15 08/36] vmdk: vmdk_read_cid returns garbage if p_name is NULL
From: Pavel Borzenkov
Spotted by Clang Analyzer
Signed-off-by: Pavel Borzenkov
Signed-off-by: Stefan Hajnoczi
(cherry picked from commit 8379e46d1fd681b8aa4714382e2cdab05e5d0575)
Signed-off-by: Bruce Rogers
Signed-off-by: Andreas Färber
---
block/vmdk.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/block/vmdk.c b/block/vmdk.c
index 37478d2..b5caa40 100644
--- a/block/vmdk.c
+++ b/block/vmdk.c
@@ -177,7 +177,7 @@ static void vmdk_free_extents(BlockDriverState *bs)
static uint32_t vmdk_read_cid(BlockDriverState *bs, int parent)
{
char desc[DESC_SIZE];
-uint32_t cid;
+uint32_t cid = 0x;
const char *p_name, *cid_str;
size_t cid_str_size;
BDRVVmdkState *s = bs->opaque;
--
1.7.7
[Qemu-devel] [PATCH v2 4/4] qdev: put all devices under /machine
Avoid cluttering too much the QOM root.
Signed-off-by: Paolo Bonzini
---
v1->v2: add qdev_get_machine() and use it.
hw/piix_pci.c |2 +-
hw/ppc_prep.c |2 +-
hw/qdev-monitor.c |4 ++--
hw/qdev.c | 13 -
hw/qdev.h |2 ++
5 files changed, 18 insertions(+), 5 deletions(-)
diff --git a/hw/piix_pci.c b/hw/piix_pci.c
index 9017565..179d9a6 100644
--- a/hw/piix_pci.c
+++ b/hw/piix_pci.c
@@ -276,7 +276,7 @@ static PCIBus *i440fx_common_init(const char *device_name,
b = pci_bus_new(&s->busdev.qdev, NULL, pci_address_space,
address_space_io, 0);
s->bus = b;
-object_property_add_child(object_get_root(), "i440fx", OBJECT(dev), NULL);
+object_property_add_child(qdev_get_machine(), "i440fx", OBJECT(dev), NULL);
qdev_init_nofail(dev);
d = pci_create_simple(b, 0, device_name);
diff --git a/hw/ppc_prep.c b/hw/ppc_prep.c
index 86c9336..9d8e659 100644
--- a/hw/ppc_prep.c
+++ b/hw/ppc_prep.c
@@ -615,7 +615,7 @@ static void ppc_prep_init (ram_addr_t ram_size,
sys = sysbus_from_qdev(dev);
pcihost = DO_UPCAST(PCIHostState, busdev, sys);
pcihost->address_space = get_system_memory();
-object_property_add_child(object_get_root(), "raven", OBJECT(dev), NULL);
+object_property_add_child(qdev_get_machine(), "raven", OBJECT(dev), NULL);
qdev_init_nofail(dev);
pci_bus = (PCIBus *)qdev_get_child_bus(dev, "pci.0");
if (pci_bus == NULL) {
diff --git a/hw/qdev-monitor.c b/hw/qdev-monitor.c
index 031cb83..4783366 100644
--- a/hw/qdev-monitor.c
+++ b/hw/qdev-monitor.c
@@ -180,7 +180,7 @@ static Object *qdev_get_peripheral(void)
static Object *dev;
if (dev == NULL) {
-dev = container_get("/peripheral");
+dev = container_get("/machine/peripheral");
}
return dev;
@@ -191,7 +191,7 @@ static Object *qdev_get_peripheral_anon(void)
static Object *dev;
if (dev == NULL) {
-dev = container_get("/peripheral-anon");
+dev = container_get("/machine/peripheral-anon");
}
return dev;
diff --git a/hw/qdev.c b/hw/qdev.c
index f5c716e..0d3c0fc 100644
--- a/hw/qdev.c
+++ b/hw/qdev.c
@@ -157,7 +157,7 @@ int qdev_init(DeviceState *dev)
static int unattached_count = 0;
gchar *name = g_strdup_printf("device[%d]", unattached_count++);
-object_property_add_child(container_get("/unattached"), name,
+object_property_add_child(container_get("/machine/unattached"), name,
OBJECT(dev), NULL);
g_free(name);
}
@@ -668,6 +668,17 @@ void device_reset(DeviceState *dev)
}
}
+Object *qdev_get_machine(void)
+{
+static Object *dev;
+
+if (dev == NULL) {
+dev = container_get("/machine");
+}
+
+return dev;
+}
+
static TypeInfo device_type_info = {
.name = TYPE_DEVICE,
.parent = TYPE_OBJECT,
diff --git a/hw/qdev.h b/hw/qdev.h
index 9cc3f98..a8df42f 100644
--- a/hw/qdev.h
+++ b/hw/qdev.h
@@ -349,6 +349,8 @@ BusInfo *qdev_get_bus_info(DeviceState *dev);
Property *qdev_get_props(DeviceState *dev);
+Object *qdev_get_machine(void);
+
/* FIXME: make this a link<> */
void qdev_set_parent_bus(DeviceState *dev, BusState *bus);
--
1.7.9.1
[Qemu-devel] [PATCH stable-0.15 20/36] hda: do not mix output and input stream states, RHBZ #740493
From: Marc-André Lureau
Windows 7 may use the same stream number for input and output.
Current code will confuse streams.
Changes since v1:
- keep running_compat[] for migration version 1
- add running_real[] for migration version 2
Signed-off-by: Marc-Andr? Lureau
Signed-off-by: malc
(cherry picked from commit ba43d28916c4f51c19bd7366089155ce81bee058)
Signed-off-by: Bruce Rogers
Signed-off-by: Andreas Färber
---
hw/hda-audio.c | 26 +++---
hw/intel-hda.c |9 +
hw/intel-hda.h |2 +-
3 files changed, 25 insertions(+), 12 deletions(-)
diff --git a/hw/hda-audio.c b/hw/hda-audio.c
index c699d6f..9b089e6 100644
--- a/hw/hda-audio.c
+++ b/hw/hda-audio.c
@@ -466,7 +466,8 @@ struct HDAAudioState {
QEMUSoundCard card;
const desc_codec *desc;
HDAAudioStream st[4];
-bool running[16];
+bool running_compat[16];
+bool running_real[2 * 16];
/* properties */
uint32_t debug;
@@ -663,7 +664,7 @@ static void hda_audio_command(HDACodecDevice *hda, uint32_t
nid, uint32_t data)
st->channel = payload & 0x0f;
dprint(a, 2, "%s: stream %d, channel %d\n",
st->node->name, st->stream, st->channel);
-hda_audio_set_running(st, a->running[st->stream]);
+hda_audio_set_running(st, a->running_real[st->output * 16 +
st->stream]);
hda_codec_response(hda, true, 0);
break;
case AC_VERB_GET_CONV:
@@ -746,16 +747,20 @@ fail:
hda_codec_response(hda, true, 0);
}
-static void hda_audio_stream(HDACodecDevice *hda, uint32_t stnr, bool running)
+static void hda_audio_stream(HDACodecDevice *hda, uint32_t stnr, bool running,
bool output)
{
HDAAudioState *a = DO_UPCAST(HDAAudioState, hda, hda);
int s;
-a->running[stnr] = running;
+a->running_compat[stnr] = running;
+a->running_real[output * 16 + stnr] = running;
for (s = 0; s < ARRAY_SIZE(a->st); s++) {
if (a->st[s].node == NULL) {
continue;
}
+if (a->st[s].output != output) {
+continue;
+}
if (a->st[s].stream != stnr) {
continue;
}
@@ -837,6 +842,12 @@ static int hda_audio_post_load(void *opaque, int version)
int i;
dprint(a, 1, "%s\n", __FUNCTION__);
+if (version == 1) {
+/* assume running_compat[] is for output streams */
+for (i = 0; i < ARRAY_SIZE(a->running_compat); i++)
+a->running_real[16 + i] = a->running_compat[i];
+}
+
for (i = 0; i < ARRAY_SIZE(a->st); i++) {
st = a->st + i;
if (st->node == NULL)
@@ -844,7 +855,7 @@ static int hda_audio_post_load(void *opaque, int version)
hda_codec_parse_fmt(st->format, &st->as);
hda_audio_setup(st);
hda_audio_set_amp(st);
-hda_audio_set_running(st, a->running[st->stream]);
+hda_audio_set_running(st, a->running_real[st->output * 16 +
st->stream]);
}
return 0;
}
@@ -868,13 +879,14 @@ static const VMStateDescription vmstate_hda_audio_stream
= {
static const VMStateDescription vmstate_hda_audio = {
.name = "hda-audio",
-.version_id = 1,
+.version_id = 2,
.post_load = hda_audio_post_load,
.fields = (VMStateField []) {
VMSTATE_STRUCT_ARRAY(st, HDAAudioState, 4, 0,
vmstate_hda_audio_stream,
HDAAudioStream),
-VMSTATE_BOOL_ARRAY(running, HDAAudioState, 16),
+VMSTATE_BOOL_ARRAY(running_compat, HDAAudioState, 16),
+VMSTATE_BOOL_ARRAY_V(running_real, HDAAudioState, 2 * 16, 2),
VMSTATE_END_OF_LIST()
}
};
diff --git a/hw/intel-hda.c b/hw/intel-hda.c
index 7d02558..904e4fc 100644
--- a/hw/intel-hda.c
+++ b/hw/intel-hda.c
@@ -485,7 +485,7 @@ static void intel_hda_parse_bdl(IntelHDAState *d,
IntelHDAStream *st)
st->bp= 0;
}
-static void intel_hda_notify_codecs(IntelHDAState *d, uint32_t stream, bool
running)
+static void intel_hda_notify_codecs(IntelHDAState *d, uint32_t stream, bool
running, bool output)
{
DeviceState *qdev;
HDACodecDevice *cdev;
@@ -493,7 +493,7 @@ static void intel_hda_notify_codecs(IntelHDAState *d,
uint32_t stream, bool runn
QLIST_FOREACH(qdev, &d->codecs.qbus.children, sibling) {
cdev = DO_UPCAST(HDACodecDevice, qdev, qdev);
if (cdev->info->stream) {
-cdev->info->stream(cdev, stream, running);
+cdev->info->stream(cdev, stream, running, output);
}
}
}
@@ -567,6 +567,7 @@ static void intel_hda_set_ics(IntelHDAState *d, const
IntelHDAReg *reg, uint32_t
static void intel_hda_set_st_ctl(IntelHDAState *d, const IntelHDAReg *reg,
uint32_t old)
{
+bool output = reg->stream >= 4;
IntelHDAStream *st = d->st + reg->stream;
if (st->ctl & 0x01) {
@@ -582,11 +583,11 @@ static void intel_hda_set_st_ctl(IntelHDAState *d, const
IntelHDAReg *reg, uint3
dprint(d, 1, "st #%d: start %d (ring buf %d bytes)\n"
[Qemu-devel] [PATCH stable-0.15 03/36] e1000: use MII status register for link up/down
From: Bjørn Mork
Some guests will use the standard MII status register
to verify link state. They will not notice link changes
unless this register is updated.
Verified with Linux 3.0 and Windows XP guests.
Without this patch, ethtool will report speed and duplex as
unknown when the link is down, but still report the link as
up. This is because the Linux e1000 driver checks the
mac_reg[STATUS] register link state before it checks speed
and duplex, but uses the phy_reg[PHY_STATUS] register for
the actual link state check. Fix by updating both registers
on link state changes.
Linux guest before:
(qemu) set_link e1000.0 off
kvm-sid:~# ethtool eth0
Settings for eth0:
Supported ports: [ TP ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Supports auto-negotiation: Yes
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Advertised pause frame use: No
Advertised auto-negotiation: Yes
Speed: Unknown!
Duplex: Unknown! (255)
Port: Twisted Pair
PHYAD: 0
Transceiver: internal
Auto-negotiation: on
MDI-X: Unknown
Supports Wake-on: umbg
Wake-on: d
Current message level: 0x0007 (7)
drv probe link
Link detected: yes
(qemu) set_link e1000.0 on
Linux guest after:
(qemu) set_link e1000.0 off
[ 63.384221] e1000: eth0 NIC Link is Down
kvm-sid:~# ethtool eth0
Settings for eth0:
Supported ports: [ TP ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Supports auto-negotiation: Yes
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Advertised pause frame use: No
Advertised auto-negotiation: Yes
Speed: Unknown!
Duplex: Unknown! (255)
Port: Twisted Pair
PHYAD: 0
Transceiver: internal
Auto-negotiation: on
MDI-X: Unknown
Supports Wake-on: umbg
Wake-on: d
Current message level: 0x0007 (7)
drv probe link
Link detected: no
(qemu) set_link e1000.0 on
[ 84.304582] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control:
RX
Signed-off-by: Bjørn Mork
Signed-off-by: Anthony Liguori
(cherry picked from commit d4044c2a6b9ba4a00dd653f515a4b0ebfcb7e125)
Signed-off-by: Andreas Färber
---
hw/e1000.c|7 +--
hw/e1000_hw.h | 17 +
2 files changed, 22 insertions(+), 2 deletions(-)
diff --git a/hw/e1000.c b/hw/e1000.c
index 96d84f9..e4d9ab5 100644
--- a/hw/e1000.c
+++ b/hw/e1000.c
@@ -624,10 +624,13 @@ e1000_set_link_status(VLANClientState *nc)
E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
uint32_t old_status = s->mac_reg[STATUS];
-if (nc->link_down)
+if (nc->link_down) {
s->mac_reg[STATUS] &= ~E1000_STATUS_LU;
-else
+s->phy_reg[PHY_STATUS] &= ~MII_SR_LINK_STATUS;
+} else {
s->mac_reg[STATUS] |= E1000_STATUS_LU;
+s->phy_reg[PHY_STATUS] |= MII_SR_LINK_STATUS;
+}
if (s->mac_reg[STATUS] != old_status)
set_ics(s, 0, E1000_ICR_LSC);
diff --git a/hw/e1000_hw.h b/hw/e1000_hw.h
index 9bd8a4b..2e341ac 100644
--- a/hw/e1000_hw.h
+++ b/hw/e1000_hw.h
@@ -349,6 +349,23 @@
#define M88E1000_PHY_VCO_REG_BIT8 0x100 /* Bits 8 & 11 are adjusted for */
#define M88E1000_PHY_VCO_REG_BIT11 0x800/* improved BER performance */
+/* PHY Status Register */
+#define MII_SR_EXTENDED_CAPS 0x0001/* Extended register
capabilities */
+#define MII_SR_JABBER_DETECT 0x0002/* Jabber Detected */
+#define MII_SR_LINK_STATUS 0x0004/* Link Status 1 = link */
+#define MII_SR_AUTONEG_CAPS 0x0008/* Auto Neg Capable */
+#define MII_SR_REMOTE_FAULT 0x0010/* Remote Fault Detect */
+#define MII_SR_AUTONEG_COMPLETE 0x0020/* Auto Neg Complete */
+#define MII_SR_PREAMBLE_SUPPRESS 0x0040/* Preamble may be suppressed */
+#define MII_SR_EXTENDED_STATUS 0x0100/* Ext. status info in Reg 0x0F
*/
+#define MII_SR_100T2_HD_CAPS 0x0200/* 100T2 Half Duplex Capable */
+#define MII_SR_100T2_FD_CAPS 0x0400/* 100T2 Full Duplex Capable */
+#define MII_SR_10T_HD_CAPS 0x0800/* 10T Half Duplex Capable */
+#define MII_SR_10T_FD_CAPS 0x1000/* 10T Full Duplex Capable */
+#define MII_SR_100X_HD_CAPS 0x2000/* 100X Half Duplex Capable */
+#define MII_SR_100X_FD_CAPS 0x4000/* 100X Full Duplex Capable */
+#define MII_SR_100T4_CAPS
Re: [Qemu-devel] [SeaBIOS] [PATCH 1/4] Add basic linked list operations
On 03/28/12 06:28, Alexey Korolev wrote: > This linked list implementation is partially based on kernel code. So it > should be quite stable How about just copying the file? I've used the linux kernel list implementation elsewhere too and it worked just fine with only minor tweaks (remove some likely()/unlikely() macros IIRC). cheers, Gerd
[Qemu-devel] [PATCH stable-0.15 33/36] pc: add pc-0.15
From: Anthony Liguori
Signed-off-by: Anthony Liguori
(cherry picked from commit ce01a508e8053350544c88ba68a3f90c44b6bb93)
[BR: bnc#741460]
Signed-off-by: Bruce Rogers
[AF: backported]
Signed-off-by: Andreas Färber
---
hw/pc_piix.c | 26 +++---
1 files changed, 23 insertions(+), 3 deletions(-)
diff --git a/hw/pc_piix.c b/hw/pc_piix.c
index b8e0841..20bac9d 100644
--- a/hw/pc_piix.c
+++ b/hw/pc_piix.c
@@ -258,8 +258,8 @@ static void pc_xen_hvm_init(ram_addr_t ram_size,
}
#endif
-static QEMUMachine pc_machine = {
-.name = "pc-0.14",
+static QEMUMachine pc_machine_v0_15 = {
+.name = "pc-0.15",
.alias = "pc",
.desc = "Standard PC",
.init = pc_init_pci,
@@ -267,6 +267,25 @@ static QEMUMachine pc_machine = {
.is_default = 1,
};
+static QEMUMachine pc_machine_v0_14 = {
+.name = "pc-0.14",
+.desc = "Standard PC",
+.init = pc_init_pci,
+.max_cpus = 255,
+.compat_props = (GlobalProperty[]) {
+{
+.driver = "qxl",
+.property = "revision",
+.value= stringify(2),
+},{
+.driver = "qxl-vga",
+.property = "revision",
+.value= stringify(2),
+},
+{ /* end of list */ }
+},
+};
+
static QEMUMachine pc_machine_v0_13 = {
.name = "pc-0.13",
.desc = "Standard PC",
@@ -498,7 +517,8 @@ static QEMUMachine xenfv_machine = {
static void pc_machine_init(void)
{
-qemu_register_machine(&pc_machine);
+qemu_register_machine(&pc_machine_v0_15);
+qemu_register_machine(&pc_machine_v0_14);
qemu_register_machine(&pc_machine_v0_13);
qemu_register_machine(&pc_machine_v0_12);
qemu_register_machine(&pc_machine_v0_11);
--
1.7.7
[Qemu-devel] [PATCH stable-0.15 18/36] block/curl: Implement a flush function on the fd handlers
From: Nick Thomas
Signed-off-by: Nick Thomas
Signed-off-by: Kevin Wolf
(cherry picked from commit c84dcdc1d6583ebe5841907c99d95deb8c40a6e0)
Signed-off-by: Bruce Rogers
Signed-off-by: Andreas Färber
---
block/curl.c | 26 ++
1 files changed, 22 insertions(+), 4 deletions(-)
diff --git a/block/curl.c b/block/curl.c
index 407f095..6cf6a70 100644
--- a/block/curl.c
+++ b/block/curl.c
@@ -76,6 +76,7 @@ typedef struct BDRVCURLState {
static void curl_clean_state(CURLState *s);
static void curl_multi_do(void *arg);
+static int curl_aio_flush(void *opaque);
static int curl_sock_cb(CURL *curl, curl_socket_t fd, int action,
void *s, void *sp)
@@ -83,14 +84,16 @@ static int curl_sock_cb(CURL *curl, curl_socket_t fd, int
action,
DPRINTF("CURL (AIO): Sock action %d on fd %d\n", action, fd);
switch (action) {
case CURL_POLL_IN:
-qemu_aio_set_fd_handler(fd, curl_multi_do, NULL, NULL, NULL, s);
+qemu_aio_set_fd_handler(fd, curl_multi_do, NULL, curl_aio_flush,
+NULL, s);
break;
case CURL_POLL_OUT:
-qemu_aio_set_fd_handler(fd, NULL, curl_multi_do, NULL, NULL, s);
+qemu_aio_set_fd_handler(fd, NULL, curl_multi_do, curl_aio_flush,
+NULL, s);
break;
case CURL_POLL_INOUT:
-qemu_aio_set_fd_handler(fd, curl_multi_do,
-curl_multi_do, NULL, NULL, s);
+qemu_aio_set_fd_handler(fd, curl_multi_do, curl_multi_do,
+curl_aio_flush, NULL, s);
break;
case CURL_POLL_REMOVE:
qemu_aio_set_fd_handler(fd, NULL, NULL, NULL, NULL, NULL);
@@ -394,6 +397,21 @@ out_noclean:
return -EINVAL;
}
+static int curl_aio_flush(void *opaque)
+{
+BDRVCURLState *s = opaque;
+int i, j;
+
+for (i=0; i < CURL_NUM_STATES; i++) {
+for(j=0; j < CURL_NUM_ACB; j++) {
+if (s->states[i].acb[j]) {
+return 1;
+}
+}
+}
+return 0;
+}
+
static void curl_aio_cancel(BlockDriverAIOCB *blockacb)
{
// Do we have to implement canceling? Seems to work without...
--
1.7.7
[Qemu-devel] [PATCH stable-0.15 34/36] pc: fix event_idx compatibility for virtio devices
From: Anthony Liguori
event_idx was introduced in 0.15 and must be disabled for all virtio-pci devices
(including virtio-balloon-pci).
Signed-off-by: Anthony Liguori
(cherry picked from commit ea830ebb74461c5ad6d199857fb000d2e0284c69)
[BR: bnc#741460]
Signed-off-by: Bruce Rogers
Signed-off-by: Andreas Färber
---
hw/pc_piix.c | 32
1 files changed, 32 insertions(+), 0 deletions(-)
diff --git a/hw/pc_piix.c b/hw/pc_piix.c
index 20bac9d..b179465 100644
--- a/hw/pc_piix.c
+++ b/hw/pc_piix.c
@@ -281,6 +281,22 @@ static QEMUMachine pc_machine_v0_14 = {
.driver = "qxl-vga",
.property = "revision",
.value= stringify(2),
+},{
+.driver = "virtio-blk-pci",
+.property = "event_idx",
+.value= "off",
+},{
+.driver = "virtio-serial-pci",
+.property = "event_idx",
+.value= "off",
+},{
+.driver = "virtio-net-pci",
+.property = "event_idx",
+.value= "off",
+},{
+.driver = "virtio-balloon-pci",
+.property = "event_idx",
+.value= "off",
},
{ /* end of list */ }
},
@@ -321,6 +337,10 @@ static QEMUMachine pc_machine_v0_13 = {
.property = "event_idx",
.value= "off",
},{
+.driver = "virtio-balloon-pci",
+.property = "event_idx",
+.value= "off",
+},{
.driver = "AC97",
.property = "use_broken_id",
.value= stringify(1),
@@ -368,6 +388,10 @@ static QEMUMachine pc_machine_v0_12 = {
.property = "event_idx",
.value= "off",
},{
+.driver = "virtio-balloon-pci",
+.property = "event_idx",
+.value= "off",
+},{
.driver = "AC97",
.property = "use_broken_id",
.value= stringify(1),
@@ -423,6 +447,10 @@ static QEMUMachine pc_machine_v0_11 = {
.property = "event_idx",
.value= "off",
},{
+.driver = "virtio-balloon-pci",
+.property = "event_idx",
+.value= "off",
+},{
.driver = "AC97",
.property = "use_broken_id",
.value= stringify(1),
@@ -490,6 +518,10 @@ static QEMUMachine pc_machine_v0_10 = {
.property = "event_idx",
.value= "off",
},{
+.driver = "virtio-balloon-pci",
+.property = "event_idx",
+.value= "off",
+},{
.driver = "AC97",
.property = "use_broken_id",
.value= stringify(1),
--
1.7.7
[Qemu-devel] [PATCH stable-0.15 13/36] Fix X86 CPU topology in KVM mode
From: Bharata B Rao
apic id returned to guest kernel in ebx for cpuid(function=1) depends on
CPUX86State->cpuid_apic_id which gets populated after the cpuid information
is cached in the host kernel. This results in broken CPU topology in guest.
Fix this by setting cpuid_apic_id before cpuid information is passed to
the host kernel. This is done by moving the setting of cpuid_apic_id
to cpu_x86_init() where it will work for both KVM as well as TCG modes.
Acked-by: Jan Kiszka
Signed-off-by: Bharata B Rao
Signed-off-by: Anthony Liguori
(cherry picked from commit f2209eb854a016eabc444b45f6d6b1636949141f)
Signed-off-by: Bruce Rogers
Signed-off-by: Andreas Färber
---
hw/pc.c |1 -
target-i386/helper.c |1 +
2 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/hw/pc.c b/hw/pc.c
index a3e8539..14ce684 100644
--- a/hw/pc.c
+++ b/hw/pc.c
@@ -931,7 +931,6 @@ static CPUState *pc_new_cpu(const char *cpu_model)
exit(1);
}
if ((env->cpuid_features & CPUID_APIC) || smp_cpus > 1) {
-env->cpuid_apic_id = env->cpu_index;
env->apic_state = apic_init(env, env->cpuid_apic_id);
}
qemu_register_reset(pc_cpu_reset, env);
diff --git a/target-i386/helper.c b/target-i386/helper.c
index e9be104..829c1da 100644
--- a/target-i386/helper.c
+++ b/target-i386/helper.c
@@ -1258,6 +1258,7 @@ CPUX86State *cpu_x86_init(const char *cpu_model)
cpu_x86_close(env);
return NULL;
}
+env->cpuid_apic_id = env->cpu_index;
mce_init(env);
qemu_init_vcpu(env);
--
1.7.7
[Qemu-devel] [PATCH v4 3/7] qtest: IRQ interception infrastructure
Since /i440fx/piix3 is being removed from the composition tree, the
IO-APIC is placed under /i440fx. This is wrong and should be changed
as soon as the /i440fx/piix3 path is put back.
Signed-off-by: Paolo Bonzini
Signed-off-by: Anthony Liguori
---
hw/irq.c | 17 +++
hw/irq.h |5 +++
hw/pc_piix.c |5 ++-
qtest.c | 92 ++---
4 files changed, 94 insertions(+), 25 deletions(-)
diff --git a/hw/irq.c b/hw/irq.c
index 62f766e..d413a0b 100644
--- a/hw/irq.c
+++ b/hw/irq.c
@@ -104,3 +104,20 @@ qemu_irq *qemu_irq_proxy(qemu_irq **target, int n)
{
return qemu_allocate_irqs(proxy_irq_handler, target, n);
}
+
+void qemu_irq_intercept_in(qemu_irq *gpio_in, qemu_irq_handler handler, int n)
+{
+int i;
+qemu_irq *old_irqs = qemu_allocate_irqs(NULL, NULL, n);
+for (i = 0; i < n; i++) {
+*old_irqs[i] = *gpio_in[i];
+gpio_in[i]->handler = handler;
+gpio_in[i]->opaque = old_irqs;
+}
+}
+
+void qemu_irq_intercept_out(qemu_irq **gpio_out, qemu_irq_handler handler, int
n)
+{
+qemu_irq *old_irqs = *gpio_out;
+*gpio_out = qemu_allocate_irqs(handler, old_irqs, n);
+}
diff --git a/hw/irq.h b/hw/irq.h
index 64da2fd..56c55f0 100644
--- a/hw/irq.h
+++ b/hw/irq.h
@@ -38,4 +38,9 @@ qemu_irq qemu_irq_split(qemu_irq irq1, qemu_irq irq2);
*/
qemu_irq *qemu_irq_proxy(qemu_irq **target, int n);
+/* For internal use in qtest. Similar to qemu_irq_split, but operating
+ on an existing vector of qemu_irq. */
+void qemu_irq_intercept_in(qemu_irq *gpio_in, qemu_irq_handler handler, int n);
+void qemu_irq_intercept_out(qemu_irq **gpio_out, qemu_irq_handler handler, int
n);
+
#endif
diff --git a/hw/pc_piix.c b/hw/pc_piix.c
index 3f99f9a..a5f9551 100644
--- a/hw/pc_piix.c
+++ b/hw/pc_piix.c
@@ -107,6 +107,9 @@ static void ioapic_init(GSIState *gsi_state)
} else {
dev = qdev_create(NULL, "ioapic");
}
+/* FIXME: this should be under the piix3. */
+object_property_add_child(object_resolve_path("i440fx", NULL),
+ "ioapic", OBJECT(dev), NULL);
qdev_init_nofail(dev);
d = sysbus_from_qdev(dev);
sysbus_mmio_map(d, 0, 0xfec0);
diff --git a/qtest.c b/qtest.c
index 46ebda1..a1eca49 100644
--- a/qtest.c
+++ b/qtest.c
@@ -12,6 +12,7 @@
*/
#include "qtest.h"
+#include "hw/qdev.h"
#include "qemu-char.h"
#include "ioport.h"
#include "memory.h"
@@ -24,6 +25,7 @@ const char *qtest_chrdev;
const char *qtest_log;
int qtest_allowed = 0;
+static DeviceState *irq_intercept_dev;
static FILE *qtest_log_fp;
static CharDriverState *qtest_chr;
static GString *inbuf;
@@ -66,18 +68,30 @@ static bool qtest_opened;
* > write ADDR SIZE DATA
* < OK
*
- * Valid async messages:
- *
- * IRQ raise NUM
- * IRQ lower NUM
- *
* ADDR, SIZE, VALUE are all integers parsed with strtoul() with a base of 0.
*
* DATA is an arbitrarily long hex number prefixed with '0x'. If it's smaller
* than the expected size, the value will be zero filled at the end of the data
* sequence.
*
- * NUM is an IRQ number.
+ * IRQ management:
+ *
+ * > irq_intercept_in QOM-PATH
+ * < OK
+ *
+ * > irq_intercept_out QOM-PATH
+ * < OK
+ *
+ * Attach to the gpio-in (resp. gpio-out) pins exported by the device at
+ * QOM-PATH. When the pin is triggered, one of the following async messages
+ * will be printed to the qtest stream:
+ *
+ * IRQ raise NUM
+ * IRQ lower NUM
+ *
+ * where NUM is an IRQ number. For the PC, interrupts can be intercepted
+ * simply with "irq_intercept_in ioapic" (note that IRQ0 comes out with
+ * NUM=0 even though it is remapped to GSI 2).
*/
static int hex2nib(char ch)
@@ -133,6 +147,20 @@ static void qtest_send(CharDriverState *chr, const char
*fmt, ...)
}
}
+static void qtest_irq_handler(void *opaque, int n, int level)
+{
+qemu_irq *old_irqs = opaque;
+qemu_set_irq(old_irqs[n], level);
+
+if (irq_levels[n] != level) {
+CharDriverState *chr = qtest_chr;
+irq_levels[n] = level;
+qtest_send_prefix(chr);
+qtest_send(chr, "IRQ %s %d\n",
+ level ? "raise" : "lower", n);
+}
+}
+
static void qtest_process_command(CharDriverState *chr, gchar **words)
{
const gchar *command;
@@ -155,9 +183,40 @@ static void qtest_process_command(CharDriverState *chr,
gchar **words)
}
g_assert(command);
-if (strcmp(words[0], "outb") == 0 ||
-strcmp(words[0], "outw") == 0 ||
-strcmp(words[0], "outl") == 0) {
+if (strcmp(words[0], "irq_intercept_out") == 0
+|| strcmp(words[0], "irq_intercept_in") == 0) {
+ DeviceState *dev;
+
+g_assert(words[1]);
+dev = DEVICE(object_resolve_path(words[1], NULL));
+if (!dev) {
+qtest_send_prefix(chr);
+qtest_send(chr, "FAIL Unknown device\n");
+ return;
+}
+
+if (irq_intercept_dev) {
+qtest_send_pref
[Qemu-devel] [PATCH stable-0.15 05/36] e1000: bounds packet size against buffer size
From: Anthony Liguori
Otherwise we can write beyond the buffer and corrupt memory. This is tracked
as CVE-2012-0029.
Signed-off-by: Anthony Liguori
(cherry picked from commit 65f82df0d7a71ce1b10cd4c5ab0d176ac840)
Signed-off-by: Bruce Rogers
[AF: stable-0.15 does not have pci_dma_read(). Fixes BNC#740165.]
Signed-off-by: Andreas Färber
---
hw/e1000.c |3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/hw/e1000.c b/hw/e1000.c
index 7971457..c91790b 100644
--- a/hw/e1000.c
+++ b/hw/e1000.c
@@ -472,6 +472,8 @@ process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
bytes = split_size;
if (tp->size + bytes > msh)
bytes = msh - tp->size;
+
+bytes = MIN(sizeof(tp->data) - tp->size, bytes);
cpu_physical_memory_read(addr, tp->data + tp->size, bytes);
if ((sz = tp->size + bytes) >= hdr && tp->size < hdr)
memmove(tp->header, tp->data, hdr);
@@ -487,6 +489,7 @@ process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
// context descriptor TSE is not set, while data descriptor TSE is set
DBGOUT(TXERR, "TCP segmentaion Error\n");
} else {
+split_size = MIN(sizeof(tp->data) - tp->size, split_size);
cpu_physical_memory_read(addr, tp->data + tp->size, split_size);
tp->size += split_size;
}
--
1.7.7
[Qemu-devel] [PATCH] ARM: Permit any ARMv6K CPU to read the MVFR0 and MVFR1 VFP registers.
From: Andrew Towers Replaces the ARM_FEATURE_VFP3 check when reading MVFR0/1 with a check for ARM_FEATURE_V6K. Rationale: MVFR0/1 were introduced in the ARM1136 at the same time as ARMv6K, and a survey of TRMs indicates support in later models. According to reference documentation on arm.com, MVFR0 and MVFR1 were introduced in ARM1136JF-S r1p1 (ARMv6K, VFPv2). They are also present in ARM1156T2F-S and ARM1176JZF-S, which contain VFP11 r5, and in ARM11 MPCore r1 which contains VFP11 r4. Reference (ARM DDI 0211H, 0290G, 0301H, 0360E) http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0211h/Ffbefjag.html Without this change, the linux kernel will not boot with VFP support enabled under ARM1176 system emulation, due to the unconditional use of MVFR1 at the end of vfp_init() in arch/arm/vfp/vfpmodule.c in the kernel: VFP support v0.3: implemetor 41 architecture 1 part 20 variant b rev 5 Internal error: Oops - undefined instruction: 0 [#1] Yes, I am slightly abusing the versatilepb hw emulation, but then so is everyone else in the world who is still waiting for their Raspberry Pi ;) Signed-off-by: Andrew Towers --- target-arm/translate.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/target-arm/translate.c b/target-arm/translate.c index 81725d1..b5861c8 100644 --- a/target-arm/translate.c +++ b/target-arm/translate.c @@ -2906,7 +2906,7 @@ static int disas_vfp_insn(CPUARMState * env, DisasContext *s, uint32_t insn) case ARM_VFP_MVFR0: case ARM_VFP_MVFR1: if (IS_USER(s) -|| !arm_feature(env, ARM_FEATURE_VFP3)) +|| !arm_feature(env, ARM_FEATURE_V6K)) return 1; tmp = load_cpu_field(vfp.xregs[rn]); break; -- 1.7.5.4
Re: [Qemu-devel] [Bug 954099] Re: Assertion failed arp_table.c line 41 on raspberry pi fedora image boot up
Hi Peter, many thanks for the update, I'll give it another shot with later binaries and a more accurate CPU :-) Thanks again, Joe > Date: Fri, 16 Mar 2012 15:51:24 + > From: peter.mayd...@linaro.org > To: joedel...@live.co.uk > Subject: [Bug 954099] Re: Assertion failed arp_table.c line 41 on raspberry > pifedora image boot up > > It's probably also fixed in upstream qemu master since I haven't > deliberately put anything in to qemu-linaro to fix it -- we've almost > certainly just picked up the fix from upstream. > > Incidentally "-M versatilepb -cpu arm1136-r2" is veering slightly into > "unsupported" territory, since there's no such thing as a VersatilePB > board with an 1136 CPU in the real world. And did you really want > arm1136-r2? That's an r0p2, whereas "arm1136" is the newer r1pX which is > probably what the RPi is actually using. (Yes, qemu's names for these > two CPU types are hopelessly confusing. Sorry.) > > -- > You received this bug notification because you are subscribed to the bug > report. > https://bugs.launchpad.net/bugs/954099 > > Title: > Assertion failed arp_table.c line 41 on raspberry pi fedora image boot > up > > Status in QEMU: > New > > Bug description: > OS Win XP pro, 32 bit SP3 > Intel Core Duo, 4G RAM. > > Qemu 1.0.1 > > Launch command: > qemu-system-arm.exe -M versatilepb -cpu arm1136-r2 -hda > raspberrypi-fedora-remix-14-r1.img -kernel zImage-devtmpfs -m 192 -append > "root=/dev/sda2" -vga std -net nic -net user -localtime > > Starting HAL daemon: eth0: link up > Assert fires : > File : slirp\arp_table.c line 41 > Expression (ip_addr & htonl(~0xf << 28))) 1=0 > > To manage notifications about this bug go to: > https://bugs.launchpad.net/qemu/+bug/954099/+subscriptions -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/954099 Title: Assertion failed arp_table.c line 41 on raspberry pi fedora image boot up Status in QEMU: New Bug description: OS Win XP pro, 32 bit SP3 Intel Core Duo, 4G RAM. Qemu 1.0.1 Launch command: qemu-system-arm.exe -M versatilepb -cpu arm1136-r2 -hda raspberrypi-fedora-remix-14-r1.img -kernel zImage-devtmpfs -m 192 -append "root=/dev/sda2" -vga std -net nic -net user -localtime Starting HAL daemon: eth0: link up Assert fires : File : slirp\arp_table.c line 41 Expression (ip_addr & htonl(~0xf << 28))) 1=0 To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/954099/+subscriptions
[Qemu-devel] [PATCH stable-0.15 35/36] Add missing trace call to oslib-posix.c:qemu_vmalloc()
From: Jes Sorensen
Acked-by: Stefan Hajnoczi
Signed-off-by: Jes Sorensen
Signed-off-by: Anthony Liguori
(cherry picked from commit c7f4111a06208b46c6d05934d2a1e5cfbebc0180)
Signed-off-by: Andreas Färber
---
oslib-posix.c |5 -
1 files changed, 4 insertions(+), 1 deletions(-)
diff --git a/oslib-posix.c b/oslib-posix.c
index 3a18e86..196099c 100644
--- a/oslib-posix.c
+++ b/oslib-posix.c
@@ -79,7 +79,10 @@ void *qemu_memalign(size_t alignment, size_t size)
/* alloc shared memory pages */
void *qemu_vmalloc(size_t size)
{
-return qemu_memalign(getpagesize(), size);
+void *ptr;
+ptr = qemu_memalign(getpagesize(), size);
+trace_qemu_vmalloc(size, ptr);
+return ptr;
}
void qemu_vfree(void *ptr)
--
1.7.7
[Qemu-devel] [PATCH stable-0.15 28/36] qxl: stride fixup
From: Gerd Hoffmann
spice uses negative stride value to signal the bitmap is upside down.
The qxl renderer (used for scl, vnc and screenshots) wants a positive
value because it is easier to work with. The positive value is then
stored in the very same variable, which has the drawback that the
upside-down test works only once. Fix by using two variables.
Signed-off-by: Gerd Hoffmann
(cherry picked from commit 0e2487bd6f56445b43307536a465ee2ba810aed9)
Signed-off-by: Bruce Rogers
[AF: backported]
Signed-off-by: Andreas Färber
---
hw/qxl-render.c | 23 ---
hw/qxl.h|3 ++-
2 files changed, 14 insertions(+), 12 deletions(-)
diff --git a/hw/qxl-render.c b/hw/qxl-render.c
index 1316066..104d79b 100644
--- a/hw/qxl-render.c
+++ b/hw/qxl-render.c
@@ -28,16 +28,16 @@ static void qxl_flip(PCIQXLDevice *qxl, QXLRect *rect)
int len, i;
src += (qxl->guest_primary.surface.height - rect->top - 1) *
-qxl->guest_primary.stride;
-dst += rect->top * qxl->guest_primary.stride;
+qxl->guest_primary.abs_stride;
+dst += rect->top * qxl->guest_primary.abs_stride;
src += rect->left * qxl->guest_primary.bytes_pp;
dst += rect->left * qxl->guest_primary.bytes_pp;
len = (rect->right - rect->left) * qxl->guest_primary.bytes_pp;
for (i = rect->top; i < rect->bottom; i++) {
memcpy(dst, src, len);
-dst += qxl->guest_primary.stride;
-src -= qxl->guest_primary.stride;
+dst += qxl->guest_primary.abs_stride;
+src -= qxl->guest_primary.abs_stride;
}
}
@@ -45,7 +45,8 @@ void qxl_render_resize(PCIQXLDevice *qxl)
{
QXLSurfaceCreate *sc = &qxl->guest_primary.surface;
-qxl->guest_primary.stride = sc->stride;
+qxl->guest_primary.qxl_stride = sc->stride;
+qxl->guest_primary.abs_stride = abs(sc->stride);
qxl->guest_primary.resized++;
switch (sc->format) {
case SPICE_SURFACE_FMT_16_555:
@@ -87,11 +88,11 @@ void qxl_render_update(PCIQXLDevice *qxl)
qemu_free_displaysurface(vga->ds);
qxl->guest_primary.data = qemu_get_ram_ptr(qxl->vga.vram_offset);
-if (qxl->guest_primary.stride < 0) {
+if (qxl->guest_primary.qxl_stride < 0) {
/* spice surface is upside down -> need extra buffer to flip */
-qxl->guest_primary.stride = -qxl->guest_primary.stride;
-qxl->guest_primary.flipped =
qemu_malloc(qxl->guest_primary.surface.width *
-
qxl->guest_primary.stride);
+qxl->guest_primary.flipped =
+qemu_malloc(qxl->guest_primary.surface.width *
+qxl->guest_primary.abs_stride);
ptr = qxl->guest_primary.flipped;
} else {
ptr = qxl->guest_primary.data;
@@ -100,7 +101,7 @@ void qxl_render_update(PCIQXLDevice *qxl)
__FUNCTION__,
qxl->guest_primary.surface.width,
qxl->guest_primary.surface.height,
- qxl->guest_primary.stride,
+ qxl->guest_primary.qxl_stride,
qxl->guest_primary.bytes_pp,
qxl->guest_primary.bits_pp,
qxl->guest_primary.flipped ? "yes" : "no");
@@ -108,7 +109,7 @@ void qxl_render_update(PCIQXLDevice *qxl)
qemu_create_displaysurface_from(qxl->guest_primary.surface.width,
qxl->guest_primary.surface.height,
qxl->guest_primary.bits_pp,
-qxl->guest_primary.stride,
+qxl->guest_primary.abs_stride,
ptr);
dpy_resize(vga->ds);
}
diff --git a/hw/qxl.h b/hw/qxl.h
index f6c450d..c05998a 100644
--- a/hw/qxl.h
+++ b/hw/qxl.h
@@ -42,7 +42,8 @@ typedef struct PCIQXLDevice {
QXLSurfaceCreate surface;
uint32_t commands;
uint32_t resized;
-int32_tstride;
+int32_tqxl_stride;
+uint32_t abs_stride;
uint32_t bits_pp;
uint32_t bytes_pp;
uint8_t*data, *flipped;
--
1.7.7
[Qemu-devel] [PATCH stable-0.15 19/36] hda: do not mix output and input streams, RHBZ #740493
From: Marc-André Lureau
Windows 7 may use the same stream number for input and output.
That will result in lot of garbage on playback.
The hardcoded value of 4 needs to be in sync with GCAP streams
description and IN/OUT registers.
Signed-off-by: Marc-Andr? Lureau
Signed-off-by: malc
(cherry picked from commit 36ac4ad3d054a7b4962a6393630a73591cfa9558)
Signed-off-by: Bruce Rogers
Signed-off-by: Andreas Färber
---
hw/intel-hda.c |9 +
1 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/hw/intel-hda.c b/hw/intel-hda.c
index 5a2bc3a..7d02558 100644
--- a/hw/intel-hda.c
+++ b/hw/intel-hda.c
@@ -389,14 +389,15 @@ static bool intel_hda_xfer(HDACodecDevice *dev, uint32_t
stnr, bool output,
{
HDACodecBus *bus = DO_UPCAST(HDACodecBus, qbus, dev->qdev.parent_bus);
IntelHDAState *d = container_of(bus, IntelHDAState, codecs);
-IntelHDAStream *st = NULL;
target_phys_addr_t addr;
uint32_t s, copy, left;
+IntelHDAStream *st;
bool irq = false;
-for (s = 0; s < ARRAY_SIZE(d->st); s++) {
-if (stnr == ((d->st[s].ctl >> 20) & 0x0f)) {
-st = d->st + s;
+st = output ? d->st + 4 : d->st;
+for (s = 0; s < 4; s++) {
+if (stnr == ((st[s].ctl >> 20) & 0x0f)) {
+st = st + s;
break;
}
}
--
1.7.7
