- 15 6月, 2017 37 次提交
-
-
由 Thomas Huth 提交于
These are defined in config-target.h and thus should never be used in common code. Signed-off-by: NThomas Huth <thuth@redhat.com> Message-Id: <1497468113-2874-3-git-send-email-thuth@redhat.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Thomas Huth 提交于
Since we've got some new CPU targets in QEMU during the last months and years, we've got some new TARGET_xxx defines now which should be marked as poisoned for common code. Signed-off-by: NThomas Huth <thuth@redhat.com> Message-Id: <1497468113-2874-2-git-send-email-thuth@redhat.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
- do not use 'goto error_reply' outside a switch to jump into the middle of the switch's default case label - reduce code duplication Signed-off-by: NVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: NEric Blake <eblake@redhat.com> Message-Id: <20170602150150.258222-13-vsementsov@virtuozzo.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
For consistency use 'ret' name for saving return code everywhere in the file. Signed-off-by: NVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: NEric Blake <eblake@redhat.com> Message-Id: <20170602150150.258222-12-vsementsov@virtuozzo.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
"goto fail" error handling scheme is not needed for just returning error code. Better is return it immediately. Signed-off-by: NVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: NEric Blake <eblake@redhat.com> Message-Id: <20170602150150.258222-11-vsementsov@virtuozzo.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
Current code will return 0 on this nbd_write fail, as rc is 0 after successful nbd_negotiate_options. Fix this. Signed-off-by: NVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: NEric Blake <eblake@redhat.com> Message-Id: <20170602150150.258222-10-vsementsov@virtuozzo.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
"co" field of NBDClientNewData has never been used, all the way back to its declaration in commit 1a6245a5. So let's just use client pointer instead of extra structure. Signed-off-by: NVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: NEric Blake <eblake@redhat.com> Message-Id: <20170602150150.258222-9-vsementsov@virtuozzo.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
Move function tail, about receiving next request out of the function. Error path is simplified and nbd_co_receive_request becomes more corresponding to its name. Signed-off-by: NVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: NEric Blake <eblake@redhat.com> Message-Id: <20170602150150.258222-8-vsementsov@virtuozzo.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
For now nbd_read never returns EAGAIN. So, don't handle it. Signed-off-by: NVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: NEric Blake <eblake@redhat.com> Message-Id: <20170602150150.258222-7-vsementsov@virtuozzo.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
As nbd_write never returns value > 0, we can get rid of extra ret. Signed-off-by: NVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: NEric Blake <eblake@redhat.com> Message-Id: <20170602150150.258222-6-vsementsov@virtuozzo.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
Now nbd_read and friends return int, so get rid of ssize_t. Signed-off-by: NVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: NEric Blake <eblake@redhat.com> Message-Id: <20170602150150.258222-5-vsementsov@virtuozzo.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
Functions nbd_negotiate_{read,write,drop_sync} were introduced in 1a6245a5, when nbd_rwv (was nbd_wr_sync) was working through qemu_co_sendv_recvv (the path is nbd_wr_sync -> qemu_co_{recv/send} -> qemu_co_send_recv -> qemu_co_sendv_recvv), which just yields, without setting any handlers. But starting from ff82911c nbd_rwv (was nbd_wr_syncv) works through qio_channel_yield() which sets handlers, so watchers are redundant in nbd_negotiate_{read,write,drop_sync}, then, let's just use nbd_{read,write,drop} functions. Functions nbd_{read,write,drop} has errp parameter, which is unused in this patch. This will be fixed later. Signed-off-by: NVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: NEric Blake <eblake@redhat.com> Message-Id: <20170602150150.258222-4-vsementsov@virtuozzo.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
Following commit will reuse it for nbd server too. Reviewed-by: NEric Blake <eblake@redhat.com> Signed-off-by: NVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Message-Id: <20170602150150.258222-3-vsementsov@virtuozzo.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
Rename nbd_wr_syncv -> nbd_rwv read_sync -> nbd_read read_sync_eof -> nbd_read_eof write_sync -> nbd_write drop_sync -> nbd_drop 1. nbd_ prefix read_sync and write_sync are already shared, so it is good to have a namespace prefix. drop_sync will be shared, and read_sync_eof is related to read_sync, so let's rename them all. 2. _sync suffix _sync is related to the fact that nbd_wr_syncv doesn't return if a write to socket returns EAGAIN. The first implementation of nbd_wr_syncv (was wr_sync in 7a5ca864) just loops while getting EAGAIN, the current implementation yields in this case. Why we want to get rid of it: - it is normal for r/w functions to be synchronous, so having an additional suffix for it looks redundant (contrariwise, we have _aio suffix for async functions) - _sync suffix in block layer is used when function does flush (so using it for other thing is confusing a bit) - keep function names short after adding nbd_ prefix 3. for nbd_wr_syncv let's use more common notation 'rw' Reviewed-by: NEric Blake <eblake@redhat.com> Signed-off-by: NVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Message-Id: <20170602150150.258222-2-vsementsov@virtuozzo.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Yang Zhong 提交于
move kvm related accelerator files into accel/ subdirectory, also create one stub subdirectory, which will include accelerator's stub files. Signed-off-by: NYang Zhong <yang.zhong@intel.com> Message-Id: <1496383606-18060-5-git-send-email-yang.zhong@intel.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Yang Zhong 提交于
move tcg-runtime.c, translate-all.(ch) and translate-common.c into accel/tcg/ subdirectory and updated related trace-events file. Signed-off-by: NYang Zhong <yang.zhong@intel.com> Message-Id: <1496383606-18060-4-git-send-email-yang.zhong@intel.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Yang Zhong 提交于
move cputlb.c, cpu-exec-common.c and cpu-exec.c related tcg exec file into accel/tcg/ subdirectory. Signed-off-by: NYang Zhong <yang.zhong@intel.com> Message-Id: <1496383606-18060-3-git-send-email-yang.zhong@intel.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Yang Zhong 提交于
there are some types of accelerators in qemu, and all accelerators have their own file except tcg. tcg accelerator is also defined in accel.c file. tcg accelerator file will be splited from accel.c and re-name to tcg-all.c. accel/ directory will be created to include kvm and tcg related files. Signed-off-by: NYang Zhong <yang.zhong@intel.com> Message-Id: <1496383606-18060-2-git-send-email-yang.zhong@intel.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Max Reitz 提交于
qemu proper has done so for 13 years (8a7ddc38), qemu-img and qemu-io have done so for four years (526eda14). Ignoring this signal is especially important in qemu-nbd because otherwise a client can easily take down the qemu-nbd server by dropping the connection when the server wants to send something, for example: $ qemu-nbd -x foo -f raw -t null-co:// & [1] 12726 $ qemu-io -c quit nbd://localhost/bar can't open device nbd://localhost/bar: No export with name 'bar' available [1] + 12726 broken pipe qemu-nbd -x foo -f raw -t null-co:// In this case, the client sends an NBD_OPT_ABORT and closes the connection (because it is not required to wait for a reply), but the server replies with an NBD_REP_ACK (because it is required to reply). Signed-off-by: NMax Reitz <mreitz@redhat.com> Message-Id: <20170611123714.31292-1-mreitz@redhat.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Eric Blake 提交于
Back in qemu 2.5, qemu-nbd was immune to port probes (a transient server would not quit, regardless of how many probe connections came and went, until a connection actually negotiated). But we broke that in commit ee7d7aab when removing the return value to nbd_client_new(), although that patch also introduced a bug causing an assertion failure on a client that fails negotiation. We then made it worse during refactoring in commit 1a6245a5 (a segfault before we could even assert); the (masked) assertion was cleaned up in d3780c2d (still in 2.6), and just recently we finally fixed the segfault ("nbd: Fully intialize client in case of failed negotiation"). But that still means that ever since we added TLS support to qemu-nbd, we have been vulnerable to an ill-timed port-scan being able to cause a denial of service by taking down qemu-nbd before a real client has a chance to connect. Since negotiation is now handled asynchronously via coroutines, we no longer have a synchronous point of return by re-adding a return value to nbd_client_new(). So this patch instead wires things up to pass the negotiation status through the close_fn callback function. Simple test across two terminals: $ qemu-nbd -f raw -p 30001 file $ nmap 127.0.0.1 -p 30001 && \ qemu-io -c 'r 0 512' -f raw nbd://localhost:30001 Note that this patch does not change what constitutes successful negotiation (thus, a client must enter transmission phase before that client can be considered as a reason to terminate the server when the connection ends). Perhaps we may want to tweak things in a later patch to also treat a client that uses NBD_OPT_ABORT as being a 'successful' negotiation (the client correctly talked the NBD protocol, and informed us it was not going to use our export after all), but that's a discussion for another day. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1451614Signed-off-by: NEric Blake <eblake@redhat.com> Message-Id: <20170608222617.20376-1-eblake@redhat.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
While at it, drop the current_cpu assignment since this is a per-thread variable on modern QEMU. Cc: Vincent Palatin <vpalatin@chromium.org> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Roman Kagan 提交于
Wrap the bulk of kvm_cpu_exec with cpu_exec_start/end, so that kvm version can also enjoy performing certain operations while all vCPUs are quiescent. Signed-off-by: NRoman Kagan <rkagan@virtuozzo.com> Message-Id: <20170606181948.16238-15-rkagan@virtuozzo.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Thomas Huth 提交于
Commit bde4d920 ("Fix the -accel parameter and the documentation for 'hax'") introduced a regression by adding a new local accel_opts variable which shadows the variable with the same name that is declared at the beginning of the main() scope. This causes the qemu_tcg_configure() call later to be always called with NULL, so that the thread=xxx option gets ignored. Fix it by removing the local accel_opts variable and use "opts" instead, which is meant for storing temporary QemuOpts values. And while we're at it, also change the exit(1) here to exit(0) since asking for help is not an error. Fixes: bde4d920Reported-by: NMarkus Armbruster <armbru@redhat.com> Reported-by: NEmilio G. Cota <cota@braap.org> Signed-off-by: NThomas Huth <thuth@redhat.com> Message-Id: <1496899257-25800-1-git-send-email-thuth@redhat.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Thomas Huth 提交于
When doing a "make -j10" in the vanilla QEMU source tree (without running "configure" first), the Makefile currently generates two files already, qemu-version.h and qemu-options.def. This should not happen, so let's only build the generated files if config-host.mak is available (i.e. "configure" has been run already). Signed-off-by: NThomas Huth <thuth@redhat.com> Message-Id: <1496926799-13040-1-git-send-email-thuth@redhat.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
This ensures that the request is unref'ed properly, and avoids a segmentation fault in the new qtest testcase that is added. This is CVE-2017-9503. Reported-by: NZhangyanyu <zyy4013@stu.ouc.edu.cn> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
Avoid TOC-TOU bugs by passing the frame_cmd down, and checking cmd->dcmd_opcode instead of cmd->frame->header.frame_cmd. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
Avoid TOC-TOU bugs by storing the DCMD opcode in the MegasasCmd Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
Avoid TOC-TOU bugs depending on how the compiler behaves. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
Avoid TOC-TOU bugs depending on how the compiler behaves. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Marc-André Lureau 提交于
Now unnecessary since ivshmem uses memory_region_init_ram_from_fd. Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20170602141229.15326-7-marcandre.lureau@redhat.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Marc-André Lureau 提交于
Instead of having its own mmap handling code, reuse the code from exec.c. Note: memory_region_init_ram_from_fd() adds some restrictions (check for xen, kvm sync-mmu, etc) and changes (such as size alignment). This may actually be more correct. Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20170602141229.15326-6-marcandre.lureau@redhat.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Marc-André Lureau 提交于
Add a new function to initialize a RAM memory region with a file descriptor to be mmap-ed. Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20170602141229.15326-5-marcandre.lureau@redhat.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Marc-André Lureau 提交于
Add qemu_ram_alloc_from_fd(), which can be use to allocate ramblock from fd only. Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20170602141229.15326-4-marcandre.lureau@redhat.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Marc-André Lureau 提交于
Move file opening part in a seperate function, file_ram_open(). This allows for reuse of file_ram_alloc() with a given fd. Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20170602141229.15326-3-marcandre.lureau@redhat.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Marc-André Lureau 提交于
Move kvm mmu notifiers check before calling file_ram_alloc(), with the other xen precondition. (file_ram_alloc() will be reused in other cases than -mem-path). Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20170602141229.15326-2-marcandre.lureau@redhat.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
- 13 6月, 2017 3 次提交
-
-
由 Peter Maydell 提交于
target-arm queue: * vITS: Support save/restore * timer/aspeed: Fix timer enablement when reload is not set * aspped: add temperature sensor device * timer.h: Provide better monotonic time on ARM hosts * exynos4210: various cleanups * exynos4210: support system poweroff # gpg: Signature made Tue 13 Jun 2017 15:05:49 BST # gpg: using RSA key 0x3C2525ED14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" # gpg: aka "Peter Maydell <pmaydell@gmail.com>" # gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" # Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE * remotes/pmaydell/tags/pull-target-arm-20170613: hw/intc/arm_gicv3_its: Allow save/restore hw/intc/arm_gicv3_kvm: Implement pending table save hw/intc/arm_gicv3_its: Implement state save/restore kvm-all: Pass an error object to kvm_device_access timer/aspeed: fix timer enablement when a reload is not set aspeed: add a temp sensor device on I2C bus 3 hw/misc: add a TMP42{1, 2, 3} device model timer.h: Provide better monotonic time hw/misc/exynos4210_pmu: Add support for system poweroff hw/intc/exynos4210_gic: Constify array of combiner interrupts hw/arm/exynos: Use type define instead of hard-coded a9mpcore_priv string hw/arm/exynos: Declare local variables in some order hw/arm/exynos: Move DRAM initialization next boards hw/timer/exynos4210_mct: Remove unused defines hw/timer/exynos4210_mct: Cleanup indentation and empty new lines hw/timer/exynos4210_mct: Fix checkpatch style errors hw/intc/exynos4210_gic: Use more meaningful name for local variable Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Eric Auger 提交于
We change the restoration priority of both the GICv3 and ITS. The GICv3 must be restored before the ITS and the ITS needs to be restored before PCIe devices since it translates their MSI transactions. Signed-off-by: NEric Auger <eric.auger@redhat.com> Reviewed-by: NJuan Quintela <quintela@redhat.com> Message-id: 1497023553-18411-5-git-send-email-eric.auger@redhat.com Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Eric Auger 提交于
This patch adds the flush of the LPI pending bits into the redistributor pending tables. This happens on VM stop. There is no explicit restore as the tables are implicitly sync'ed on ITS table restore and on LPI enable at redistributor level. Signed-off-by: NEric Auger <eric.auger@redhat.com> Message-id: 1497023553-18411-4-git-send-email-eric.auger@redhat.com Reviewed-by: NPeter Maydell <peter.maydell@linaro.org> Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-