- 25 6月, 2012 19 次提交
-
-
由 Jan Kiszka 提交于
Call msi_reset on device reset as still required by the core. CC: Gerd Hoffmann <kraxel@redhat.com> CC: qemu-stable@nongnu.org Signed-off-by: NJan Kiszka <jan.kiszka@siemens.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com> (cherry picked from commit 8e729e3b) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Jan Kiszka 提交于
Call msi_reset on device reset as still required by the core. CC: Alexander Graf <agraf@suse.de> CC: qemu-stable@nongnu.org Signed-off-by: NJan Kiszka <jan.kiszka@siemens.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com> (cherry picked from commit 868a1a52) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
Some drivers (Linux' 8139too among them) rely on the NIC injecting an interrupt in the event of a receive buffer overflow and, accordingly, set the RxOverflow bit in the interrupt mask. Unfortunately rtl8139's can_receive method ignores the RxOverflow flag, which may lead to a situation where rtl8139 stops receiving packets (can_receive returns 0) when the receive buffer becomes full. If the driver eventually read from the receive buffer or reset the card the emulator could recover from this situation. However some implementations only do this upon receiving an interrupt with either RxOK or RxOverflow set in the ISR; interrupt that will never come because QEMU's flow control mechanisms would prevent rtl8139 from receiving any packet. Letting packets go through when the overflow interrupt is enabled makes the QEMU emulator compliant to the spec and solves the problem. This patch should fix a relatively common (in our experience) network stall observed when running enterprise distros with rtl8139 as the NIC; in some cases the 8139too device driver gets loaded and when under heavy load the network eventually stops working. Reported-by: NHayato Kakuta <kakuta.hayato@oss.ntt.co.jp> Tested-by: NHayato Kakuta <kakuta.hayato@oss.ntt.co.jp> Acked-by: NIgor Kovalenko <igor.v.kovalenko@gmail.com> Signed-off-by: NFernando Luis Vazquez Cao <fernando@oss.ntt.co.jp> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com> (cherry picked from commit fee9d348) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Stefan Weil 提交于
Some versions declare open_by_handle_at, but don't define AT_EMPTY_PATH. Extend the check in configure to test both preconditions. Signed-off-by: NStefan Weil <sw@weilnetz.de> Acked-by: NStefano Stabellini <stefano.stabellini@eu.citrix.com> Acked-by: NSerge Hallyn <serge.hallyn@ubuntu.com> (cherry picked from commit acc55ba8) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Stefan Weil 提交于
Each string which is shown during readline completion in the QEMU monitor is allocated dynamically but currently never deallocated. Add the missing loop which calls g_free for the allocated strings. Signed-off-by: NStefan Weil <sw@weilnetz.de> Reviewed-by: NStefan Hajnoczi <stefanha@linux.vnet.ibm.com> (cherry picked from commit fc9fa4bd) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Kevin Wolf 提交于
Some gcc versions seem not to be able to figure out that the switch statement covers all possible values and that c is therefore always initialised. Add a default branch for them. Reported-by: Nmalc <av1474@comtv.ru> Signed-off-by: NKevin Wolf <kwolf@redhat.com> Signed-off-by: Nmalc <av1474@comtv.ru> (cherry picked from commit 1417d7e4) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Jan Kiszka 提交于
Due to a offset between the clock used to generate the in-kernel count_load_time (CLOCK_MONOTONIC) and the clock used for processing this in userspace (vm_clock), reading back the output of PIT channel 2 via port 0x61 was broken. One use cases that suffered from it was the CPU frequency calibration of SeaBIOS, which also affected IDE/AHCI timeouts. This fixes it by calibrating the offset between both clocks on kvm_pit_get and adjusting the kernel value before saving it in the userspace state. As the calibration only works while the vm_clock is running, we cache the in-kernel state across stopped phases. Signed-off-by: NJan Kiszka <jan.kiszka@siemens.com> Signed-off-by: NAvi Kivity <avi@redhat.com> (cherry picked from commit 0cdd3d14) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Jim Meyering 提交于
kvm_put_apic_state's attempt to clear *kapic before setting its bits cleared sizeof(void*) bytes (no more than 8) rather than the intended 1024 (KVM_APIC_REG_SIZE) bytes. Spotted by coverity. Signed-off-by: NJim Meyering <meyering@redhat.com> Signed-off-by: NAvi Kivity <avi@redhat.com> (cherry picked from commit 0614cb82) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Harsh Prateek Bora 提交于
Signed-off-by: NHarsh Prateek Bora <harsh@linux.vnet.ibm.com> Signed-off-by: NStefan Hajnoczi <stefanha@linux.vnet.ibm.com> (cherry picked from commit 263ddcc8) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Harsh Prateek Bora 提交于
Signed-off-by: NHarsh Prateek Bora <harsh@linux.vnet.ibm.com> Signed-off-by: NStefan Hajnoczi <stefanha@linux.vnet.ibm.com> (cherry picked from commit 0d665005) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Max Filippov 提交于
Taken conditional branches fail to update CCOUNT register because accumulated ccount_delta is reset during translation of non-taken branch. To fix it only update CCOUNT once per conditional branch instruction translation. This fixes guest linux freeze on LTP waitpid06 test. Signed-off-by: NMax Filippov <jcmvbkbc@gmail.com> Signed-off-by: NBlue Swirl <blauwirbel@gmail.com> (cherry picked from commit d865f307) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Max Filippov 提交于
tb_invalidate_phys_addr has to be called with the exact physical address of the breakpoint we add/remove, not just the page's base address. Otherwise we easily fail to flush the right TB. This breakage was introduced by the commit f3705d53 "memory: make phys_page_find() return an unadjusted". This appeared to work for some guest architectures because their cpu_get_phys_page_debug implementation returns full translated physical address, not just the base of the TARGET_PAGE_SIZE-sized page. Reported-by: NTeLeMan <geleman@gmail.com> Signed-off-by: NJan Kiszka <jan.kiszka@siemens.com> Signed-off-by: NMax Filippov <jcmvbkbc@gmail.com> Signed-off-by: NBlue Swirl <blauwirbel@gmail.com> (cherry picked from commit 9d70c4b7) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Max Filippov 提交于
Signed-off-by: NMax Filippov <jcmvbkbc@gmail.com> Signed-off-by: NBlue Swirl <blauwirbel@gmail.com> (cherry picked from commit c305e32f) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Max Filippov 提交于
Hardware pagetable walking may not be nested. Stop guessing and pass explicit flag to the get_physical_addr_mmu function that controls page table lookup. Signed-off-by: NMax Filippov <jcmvbkbc@gmail.com> Signed-off-by: NBlue Swirl <blauwirbel@gmail.com> (cherry picked from commit 57705a67) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Max Filippov 提交于
This is to avoid interference of internal QEMU helpers (cpu_get_phys_page_debug, tb_invalidate_virtual_addr) with guest-visible TLB state. Signed-off-by: NMax Filippov <jcmvbkbc@gmail.com> Signed-off-by: NBlue Swirl <blauwirbel@gmail.com> (cherry picked from commit ae4e7982) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Max Filippov 提交于
Signed-off-by: NMax Filippov <jcmvbkbc@gmail.com> Signed-off-by: NBlue Swirl <blauwirbel@gmail.com> (cherry picked from commit 16bde77a) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Max Filippov 提交于
According to ISA, 4.4.2.6, EXCVADDR may be changed by any TLB miss, even if the miss is handled entirely by processor hardware. Signed-off-by: NMax Filippov <jcmvbkbc@gmail.com> Signed-off-by: NBlue Swirl <blauwirbel@gmail.com> (cherry picked from commit 39e7d37f) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Max Filippov 提交于
Both old and new mappings need flushing because their VPN may be different in MMU case. Signed-off-by: NMax Filippov <jcmvbkbc@gmail.com> Signed-off-by: NBlue Swirl <blauwirbel@gmail.com> (cherry picked from commit e323bdef) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Christian Borntraeger 提交于
Currently the sector value for the geometry is masked, even if the user usesa command line parameter that explicitely gives a number. This breaks dasd devices on s390. A dasd device can have a physical block size of 4096 (== same for logical block size) and a typcial geometry of 15 heads and 12 sectors per cyl. The ibm partition detection relies on a correct geometry reported by the device. Unfortunately the current code changes 12 to 8. This would be necessary if the total size is not a multiple of logical sector size, but for dasd this is not the case. This patch checks the device size and only applies sector mask if necessary. Signed-off-by: NChristian Borntraeger <borntraeger@de.ibm.com> CC: Christoph Hellwig <hch@lst.de> Reviewed-by: NPaolo Bonzini <pbonzini@redhat.com> Signed-off-by: NKevin Wolf <kwolf@redhat.com> (cherry picked from commit 136be99e) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
- 01 6月, 2012 1 次提交
-
-
由 Anthony Liguori 提交于
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
-
- 31 5月, 2012 3 次提交
-
-
由 Anthony Liguori 提交于
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
-
由 Anthony Liguori 提交于
* origin/master: pc-bios: Update OpenBIOS images
-
由 Blue Swirl 提交于
Update OpenBIOS images to r1060 built from submodule. Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>
-
- 30 5月, 2012 10 次提交
-
-
由 Anthony Liguori 提交于
* mdroth/qga-pull-5-29-12-v2: qemu-ga: avoid blocking on atime update when reading /etc/mtab qemu-ga: Fix use of environ on Darwin
-
由 Jim Meyering 提交于
In snapshot mode, bdrv_open creates an empty temporary file without checking for mkstemp or close failure, and ignoring the possibility of a buffer overrun given a surprisingly long $TMPDIR. Change the get_tmp_filename function to return int (not void), so that it can inform its two callers of those failures. Also avoid the risk of buffer overrun and do not ignore mkstemp or close failure. Update both callers (in block.c and vvfat.c) to propagate temp-file-creation failure to their callers. get_tmp_filename creates and closes an empty file, while its callers later open that presumed-existing file with O_CREAT. The problem was that a malicious user could provoke mkstemp failure and race to create a symlink with the selected temporary file name, thus causing the qemu process (usually root owned) to open through the symlink, overwriting an attacker-chosen file. This addresses CVE-2012-2652. http://bugzilla.redhat.com/CVE-2012-2652Reviewed-by: NStefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: NJim Meyering <meyering@redhat.com> Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
-
由 Gerd Hoffmann 提交于
Signed-off-by: NGerd Hoffmann <kraxel@redhat.com> Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
-
由 Gerd Hoffmann 提交于
NULL pointer dereference in case no vnc server is configured. Catch this and return -EINVAL like vnc_display_password() does. Signed-off-by: NGerd Hoffmann <kraxel@redhat.com> Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
-
由 Eduardo Habkost 提交于
Changes v2 -> v3; - Check for kvm_enabled() before setting cpuid_7_0_ebx_features Changes v1 -> v2: - Use kvm_arch_get_supported_cpuid() instead of host_cpuid() on cpu_x86_fill_host(). We should use GET_SUPPORTED_CPUID for all bits on "-cpu host" eventually, but I am not changing all the other CPUID leaves because we may not be able to test such an intrusive change in time for 1.1. Description of the bug: Since QEMU 0.15, the CPUID information on CPUID[EAX=7,ECX=0] is being returned unfiltered to the guest, directly from the GET_SUPPORTED_CPUID return value. The problem is that this makes the resulting CPU feature flags unpredictable and dependent on the host CPU and kernel version. This breaks live-migration badly if migrating from a host CPU that supports some features on that CPUID leaf (running a recent kernel) to a kernel or host CPU that doesn't support it. Migration also is incorrect (the virtual CPU changes under the guest's feet) if you migrate in the opposite direction (from an old CPU/kernel to a new CPU/kernel), but with less serious consequences (guests normally query CPUID information only once on boot). Fortunately, the bug affects only users using cpudefs with level >= 7. The right behavior should be to explicitly enable those features on [cpudef] config sections or on the "-cpu" command-line arguments. Right now there is no predefined CPU model on QEMU that has those features: the latest Intel model we have is Sandy Bridge. I would like to get this fixed on 1.1, so I am submitting this patch, that enables those features only if "-cpu host" is being used (as we don't have any pre-defined CPU model that actually have those features). After 1.1 is released, we can make those features properly configurable on [cpudef] and -cpu configuration. One problem is: with this patch, users with the following setup: - Running QEMU 1.0; - Using a cpudef having level >= 7; - Running a kernel that supports the features on CPUID leaf 7; and - Running on a CPU that supports some features on CPUID leaf 7 won't be able to live-migrate to QEMU 1.1. But for these users live-migration is already broken (they can't live-migrate to hosts with older CPUs or older kernels, already), I don't see how to avoid this problem. Signed-off-by: NEduardo Habkost <ehabkost@redhat.com> Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
-
由 Michael Roth 提交于
Currently we re-read/re-process /etc/mtab to get an updated list of mounts when guest-fsfreeze-thaw is called. This can cause an atime update on /etc/mtab, which will block if we're in a frozen state. Instead, use /proc's version of mtab, which may not be up-to-date with options passed via -o remount, but is compatible for our use cases since we only care about the filesystem type. Reported-by: NMatsuda, Daiki <matsudadik@intellilink.co.jp> Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Andreas Färber 提交于
Use _NSGetEnviron() helper to access the environment. Signed-off-by: NAndreas Färber <andreas.faerber@web.de> Cc: Charlie Somerville <charlie@charliesomerville.com> Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Amos_沧海桑田 提交于
Start VM with 8 multiple-function block devs, hot-removing those block devs by 'device_del ...' would cause qemu abort. | (qemu) device_del virti0-0-0 | (qemu) ** |ERROR:qom/object.c:389:object_delete: assertion failed: (obj->ref == 0) It's a regression introduced by commit 57c9fafe The whole PCI slot should be removed once. Currently only one func is cleaned in pci_unplug_device(), if you try to remove a single func by monitor cmd. free_qdev() are called for all functions in slot, but unparent_delete() is only called for one function. Signed-off-by: XXXX Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
-
由 Scott Moser 提交于
The previous multiboot load code did not treat the case where load_end_addr was 0 specially. The multiboot specification says the following: * load_end_addr Contains the physical address of the end of the data segment. (load_end_addr - load_addr) specifies how much data to load. This implies that the text and data segments must be consecutive in the OS image; this is true for existing a.out executable formats. If this field is zero, the boot loader assumes that the text and data segments occupy the whole OS image file. Signed-off-by: NScott Moser <smoser@ubuntu.com> Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
-
由 Avi Kivity 提交于
With pc-0.12, we map the video RAM both through the PCI BAR (the guest does this) and through a fixed mapping at 0xe0000000. The memory API doesn't allow this double map, and aborts. Fix by using an alias. Reported-by: NMichael Tokarev <mjt@tls.msk.ru> Signed-off-by: NAvi Kivity <avi@redhat.com> Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
-
- 29 5月, 2012 7 次提交
-
-
由 Anthony Liguori 提交于
* afaerber-or/cocoa-for-upstream: cocoa: Suppress Cocoa frontend for -qtest arch_init: Fix AltiVec build on Darwin/ppc
-
由 Andreas Färber 提交于
Signed-off-by: NAndreas Färber <andreas.faerber@web.de>
-
由 Andreas Färber 提交于
Commit f29a5614 (implement -no-user-config command-line option (v3)) introduced uses of bool in arch_init.c. Shortly before that usage is support code for AltiVec (conditional to __ALTIVEC__). GCC's altivec.h may in a !__APPLE_ALTIVEC__ code path redefine bool, leading to type mismatches. altivec.h recommends to #undef for C++ compatibility, but doing so in C leads to bool remaining undefined. Fix by redefining bool to _Bool as mandated for stdbool.h by POSIX. Signed-off-by: NAndreas Färber <andreas.faerber@web.de> Reviewed-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Anthony Liguori 提交于
* sstabellini/for_1.1_rc3: Call xc_domain_shutdown with the reboot flag when the guest requests a reboot. xen: Fix PV-on-HVM xen_disk: properly update stats in ioreq_release() xen_disk: use bdrv_aio_flush instead of bdrv_flush xen_disk: remove syncwrite option xen: disable rtc_clock xen: do not initialize the interval timer and PCSPK emulator
-
由 Anthony Liguori 提交于
* mdroth/qga-pull-5-24-12: qemu-ga: Fix missing environ declaration configure: check if environ is declared
-
由 Anthony Liguori 提交于
* kwolf/for-anthony: fdc-test: introduced qtest no_media_on_start and cmos qtest for floppy fdc: fix media detection fdc: floppy drive should be visible after start without media qemu-iotests: mark 035 qcow2-only qcow2: Check qcow2_alloc_clusters_at() return value sheepdog: use heap instead of stack for BDRVSheepdogState sheepdog: return -errno on error sheepdog: mark image as snapshot when tag is specified qemu-img: Explain how rebase operation can be used to perform a 'diff' operation. qcow2: don't leak buffer for unexpected qcow_version in header
-
由 Anthony Liguori 提交于
* kiszka/queues/slirp: slirp: Avoid redefining MAX_TCPOPTLEN slirp: Avoid statements without effect on Big Endian host slirp: Untangle TCPOLEN_* from TCPOPT_*
-